From nobody Mon Aug  5 00:32:39 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wccpc11s0z5S8V8;
	Mon, 05 Aug 2024 00:32:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wccpc0T0Nz4Cs3;
	Mon,  5 Aug 2024 00:32:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722817960;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DRBpGOlqvtZe1NtjaXr5FSfz2M08OCLstahvWaiamTk=;
	b=AxlDv0vjSUJX7k6G0AlZG/Um0SfBddbsfeAxj0vl3H+3dcwM2GpIi6sKpvKA3uGKNxsX7g
	Rs2bPh41CgggBaKeki10ssiuw166vZdEa2Fxn+0YxYOka5TSJS9APcrEjArIkeJD6/iwl3
	M5XXXTh7qAP7fc+6ZJrpOOcEKqUhYXABrfALdEfr8O7UVFh3asv2EaSEc/uE5k0RUb7676
	0mPyMQLhQWMlozGt4aRCYqBDYc0S/HoEL3oytVHm8k9vUuxOYaGChycHGwW4195t719dLj
	pa5Viz1T41H7u2aXIyqcIeoHq2Ojq0fB3SUvrJeXcBJwHQw3bVfqHU2zvs+9vA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722817960; a=rsa-sha256; cv=none;
	b=T32VS3m3KNll5JBfi4pH+i8Gur3PWdzs5lBMggV8HDyr7uAcRiWLwGCDhxBRljTeX3FVlm
	BAt21cFI3tpTf6UfWpJXFCY/0EiJnRPE8SrEzNsYHRVX37xjrVxxzAI82eIUCJyNVbjkTH
	l4wQ5qYrE5PDEswJOqjcJSNZfGBPlAsOXN98nAhoGFfLCkiUUsldIX9Y7tCm4U6giXNn1x
	3+ZjZuxl3Aw8wuK0chePwjpRSZfyvROShOXRPOLv1/7mY5bNJKtFvWGzjIAlFLgmyoOx2j
	eBYN0fb5DAui0hNy1CRGHaPak2qBdobK0+ezPr09qNkeb5MbNYJcAzxt74zHlg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722817960;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DRBpGOlqvtZe1NtjaXr5FSfz2M08OCLstahvWaiamTk=;
	b=iyFKY05th+VoXYN4KkqgZ2gSowAQLAC8RqaPpIK2n0g7hQWcWIE9Aj5yPfWrMw/FEkW3m6
	UtFdAhjS5Kk4Aa1Ss1cWS2eyXXyWss4MbS2xVrGva+wsm8m6gH7USzU1RQHZIb77PuGPwe
	zApCkbjybU540upN4LHiSKBMLCL3lZ4TccWVgUIVdvtRTWpqQXHOpiNGysoxC4Vkvjm7sE
	QQGNcQlQDYhE3/giifpzk7MRXyqiNRX/q6q2XsiAoKgOm+HwzKKTjcUkIW9Ejb773l56r5
	/SNbVzXCm9ZdmjttCqNjAFl1Eaa0Iz/GyQMF/Fiz1tr/wF/n8bTVTLCmnbLC1w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wccpc04HYz1G9j;
	Mon,  5 Aug 2024 00:32:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4750WdbL003055;
	Mon, 5 Aug 2024 00:32:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4750WdtB003052;
	Mon, 5 Aug 2024 00:32:39 GMT
	(envelope-from git)
Date: Mon, 5 Aug 2024 00:32:39 GMT
Message-Id: <202408050032.4750WdtB003052@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: f0d4329dc213 - stable/14 - rtld(1): Spell value as
  VALUE, not NAME
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: f0d4329dc213c7ef336d1bc3282b4f861f8ea8b3
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=f0d4329dc213c7ef336d1bc3282b4f861f8ea8b3

commit f0d4329dc213c7ef336d1bc3282b4f861f8ea8b3
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-07-25 11:50:01 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-08-05 00:32:11 +0000

    rtld(1): Spell value as VALUE, not NAME
    
    (cherry picked from commit bc25bc6850e512c4c45effdff6178d20b5eca558)
---
 libexec/rtld-elf/rtld.1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rtld-elf/rtld.1 b/libexec/rtld-elf/rtld.1
index 4cc5b639c89a..992138b1ffc0 100644
--- a/libexec/rtld-elf/rtld.1
+++ b/libexec/rtld-elf/rtld.1
@@ -352,7 +352,7 @@ The syntax of the direct invocation is
 .Op Fl b Ar exe
 .Op Fl d
 .Op Fl f Ar fd
-.Op Fl o Ar OPT=NAME
+.Op Fl o Ar OPT=VALUE
 .Op Fl p
 .Op Fl u
 .Op Fl v

From nobody Mon Aug  5 00:32:41 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wccpd37wYz5S8bB;
	Mon, 05 Aug 2024 00:32:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wccpd1l7xz4DF1;
	Mon,  5 Aug 2024 00:32:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722817961;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=g4Pe8Xd6xEsyS40JCaeqdd23qoS0EYdOgKaq96C+iXQ=;
	b=psBSj4YJpOElRlvV0HG1m/4CaVS9TJRc7KgxvmmAwvT76Wl2brxjQiMMZ5lifkyqVMbx8K
	0ecJHZJnUHFRuf+gip+sRO+TDbt1G0eJmgYoVZO/Qmmn8oWEP0cwe2mRSrQFNaTylzKZ/s
	qWR+KjLboBz5yuBFT9hpOYWnBlqc3yzrpjJLryRzAdYAT2OUhw8EzmS3B+CIRjeWZcLmM6
	ajg9SAKrPbKU27ciIqLY19rgYhS2tEpnSiiQLxCrWU+CebAxvdfQoS7vyx3bH64ladja+W
	jsagFtDPb73yUHYUWzmktVK+IwKtTis6ZyA+5j9qYIiwTUtrFPXvGJAK3d+hSQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722817961; a=rsa-sha256; cv=none;
	b=ntBW9V9FhGC/Yp25/b31Y/m+SB9igvLV6u3hFCYzGyM1XZ+81/KjCD5x1AS+ZtyvHxpQjg
	ulwTQTho6BIclJbgHC15Z/X39uimKrTOzyhVSWWrJ452pw4fOu2iEV7QVtLnYeEUgRj5g6
	MwPsXWcHBhvksIqx9l9AxnUJggfEzfpUoVqb28v+cL1LrZBIo975FJqluMsYn5v5uqLDUX
	uPlemF5wfBEwIci9I75etMu2y8pBEZY5iFypAHF16FgIoyzDXs1rynVh4fH8o9xu4wcFH+
	3O/F7nI423SjKD9Vv3D5ucHnZ90OcEZq87xgc4su9ykfn0CRxnXdtKzXrg118w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722817961;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=g4Pe8Xd6xEsyS40JCaeqdd23qoS0EYdOgKaq96C+iXQ=;
	b=Gxr5rTv3SGtPb6ST2IYB7T97UU98mZyMnuFirKR3dEuw6DcAxsS04aZF6Zz9/a7r33pZWG
	w7zAyMaO4TRsYdw6IedmXhddUpyhwdqxTq9Xnwq5aG7+NPjkUREHlq4ifXrI+O+o0lwFxF
	xGQM5MIE5mUfwKZQS0EgfXvHfTa8T5ffSNnmM+hHCmBnx2v9H/kn0I+KsX23faP8nibm6D
	ylfiDxErB59plx1GDeYfBI7T4IL+TKzphAlPO8IlaUQTKPaLr6N/RCk70rBLAB5dGB8pMY
	LFzPLtjvAicGk6xKH2wBDQGwBZXpF1JLLGe0Sd2tDbQmwD8gbDy2iSVhI8do+g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wccpd12tQz1Ghp;
	Mon,  5 Aug 2024 00:32:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4750WfFM003109;
	Mon, 5 Aug 2024 00:32:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4750Wfld003106;
	Mon, 5 Aug 2024 00:32:41 GMT
	(envelope-from git)
Date: Mon, 5 Aug 2024 00:32:41 GMT
Message-Id: <202408050032.4750Wfld003106@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: da32a0616bdc - stable/14 - rtld: make ld_get_env_var()
  usable for all rtld source files
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: da32a0616bdc84e12791e280d9d92acc34f5dd70
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=da32a0616bdc84e12791e280d9d92acc34f5dd70

commit da32a0616bdc84e12791e280d9d92acc34f5dd70
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-07-17 03:59:24 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-08-05 00:32:11 +0000

    rtld: make ld_get_env_var() usable for all rtld source files
    
    (cherry picked from commit 47315d6d3562111883142bb09320d35f05d34a58)
---
 libexec/rtld-elf/rtld.c | 28 +---------------------------
 libexec/rtld-elf/rtld.h | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 27 deletions(-)

diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 96042f7b5af3..411fe7956873 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -344,32 +344,6 @@ ld_utrace_log(int event, void *handle, void *mapbase, size_t mapsize,
 	utrace(&ut, sizeof(ut));
 }
 
-enum {
-	LD_BIND_NOW = 0,
-	LD_PRELOAD,
-	LD_LIBMAP,
-	LD_LIBRARY_PATH,
-	LD_LIBRARY_PATH_FDS,
-	LD_LIBMAP_DISABLE,
-	LD_BIND_NOT,
-	LD_DEBUG,
-	LD_ELF_HINTS_PATH,
-	LD_LOADFLTR,
-	LD_LIBRARY_PATH_RPATH,
-	LD_PRELOAD_FDS,
-	LD_DYNAMIC_WEAK,
-	LD_TRACE_LOADED_OBJECTS,
-	LD_UTRACE,
-	LD_DUMP_REL_PRE,
-	LD_DUMP_REL_POST,
-	LD_TRACE_LOADED_OBJECTS_PROGNAME,
-	LD_TRACE_LOADED_OBJECTS_FMT1,
-	LD_TRACE_LOADED_OBJECTS_FMT2,
-	LD_TRACE_LOADED_OBJECTS_ALL,
-	LD_SHOW_AUXV,
-	LD_STATIC_TLS_EXTRA,
-};
-
 struct ld_env_var_desc {
 	const char * const n;
 	const char *val;
@@ -404,7 +378,7 @@ static struct ld_env_var_desc ld_env_vars[] = {
 	LD_ENV_DESC(STATIC_TLS_EXTRA, false),
 };
 
-static const char *
+const char *
 ld_get_env_var(int idx)
 {
 	return (ld_env_vars[idx].val);
diff --git a/libexec/rtld-elf/rtld.h b/libexec/rtld-elf/rtld.h
index a4f2c35cc03f..96a9da3c4ea3 100644
--- a/libexec/rtld-elf/rtld.h
+++ b/libexec/rtld-elf/rtld.h
@@ -359,6 +359,32 @@ typedef struct Struct_SymLook {
     struct Struct_RtldLockState *lockstate;
 } SymLook;
 
+enum {
+	LD_BIND_NOW = 0,
+	LD_PRELOAD,
+	LD_LIBMAP,
+	LD_LIBRARY_PATH,
+	LD_LIBRARY_PATH_FDS,
+	LD_LIBMAP_DISABLE,
+	LD_BIND_NOT,
+	LD_DEBUG,
+	LD_ELF_HINTS_PATH,
+	LD_LOADFLTR,
+	LD_LIBRARY_PATH_RPATH,
+	LD_PRELOAD_FDS,
+	LD_DYNAMIC_WEAK,
+	LD_TRACE_LOADED_OBJECTS,
+	LD_UTRACE,
+	LD_DUMP_REL_PRE,
+	LD_DUMP_REL_POST,
+	LD_TRACE_LOADED_OBJECTS_PROGNAME,
+	LD_TRACE_LOADED_OBJECTS_FMT1,
+	LD_TRACE_LOADED_OBJECTS_FMT2,
+	LD_TRACE_LOADED_OBJECTS_ALL,
+	LD_SHOW_AUXV,
+	LD_STATIC_TLS_EXTRA,
+};
+
 void _rtld_error(const char *, ...) __printflike(1, 2) __exported;
 void rtld_die(void) __dead2;
 const char *rtld_strerror(int);
@@ -380,6 +406,7 @@ void dump_Elf_Rela(Obj_Entry *, const Elf_Rela *, u_long);
 /*
  * Function declarations.
  */
+const char *ld_get_env_var(int idx);
 uintptr_t rtld_round_page(uintptr_t);
 uintptr_t rtld_trunc_page(uintptr_t);
 Elf32_Word elf_hash(const char *);

From nobody Mon Aug  5 00:32:42 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wccpf45dCz5S8SJ;
	Mon, 05 Aug 2024 00:32:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wccpf2Rfjz4DHH;
	Mon,  5 Aug 2024 00:32:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722817962;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P0BtX8PzPZqXtpcrGNck/esyisMx4DrGfzKjvTp3wbk=;
	b=YwBfWS4W2IgR4ECKgq4XJR9k+WCFplDP/gYdzFK1IOGImjaUplPcxqiTnhcIlQjPCJ6wna
	L/K7NCCilO/aguJuWMfJSzrd4WJBfbX6tUhssjwg8/a5BsefmJK6u9gX8kGX/ReIhZS3wU
	SNtcOGFt1ZjFbUDeRqfWSH0cnDT5IvXWTY8xeLfaiWvUeLpiPcrgMSHK7pTRJ2q9GmDI9/
	DdJmhUlDWtHC1BymmSQp7KuuAmKqvFxUmUoyA1sgT11D2uYkaxejxq7O/zeVSevDQHlQIq
	eyKE2wubmQhxsoWYL6e24VQG4nOCSuj9lsgj4/vqPq5t+go/kx0OFB24fsLCVw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722817962; a=rsa-sha256; cv=none;
	b=nZTA64e2oUX+jq2c2SlIf5dMN2Uj29t1m3Tn6a6mXbrayM2hPVhg5m2tVHmOIeDI3CCD3X
	ddtIbCRpR5RXezNn1sIL/MKRDr198O8o+8WTYXzwfYzhkO3e9NWxdb34T8raybOYaCEnAR
	H4x1d9tAOOmNFt0L/fRrj7m3OIBkUR2AZaZ6+BMckHJMvrCDGmMDvDEk6ETBBJWidpZxzR
	o0y59G8bQm2i7GTlrV/FBEtfB+nrc3jhMzIdjekGsUuu0S+MEWCwywP3TYtckGnzp9Zx+c
	0G8jgHBVh0DtFKN3fGh+Pryl39WGb0DfiQQ7Hea3iDCCF5WGlWkXX85K2gmXbQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722817962;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P0BtX8PzPZqXtpcrGNck/esyisMx4DrGfzKjvTp3wbk=;
	b=nvzCeRlLzW1Nbc87froh7JpowGFHZH7guuNOjae8buaawlm9cIPNu+rrgTf1jgifnDSyBS
	zKnK17bGRuPWGFqJ7Db2Bbkdx1Ph6UqOwRRCuCjH41JjJBaKwx4gUaFwlnj1g87X0l8bIp
	+yUcP5jR86sK3VgnOSqgVzzAOfAGikRmgqFsuV3KrICHpq8+Z2PzclRDworMK071h4dxtp
	3LQvzQn8tds8kfbvIh/0+1/YaCMwrEyeVHBKlBrUP9suiZtAceeN6OhLgNE1Tct6yOc1HY
	YfhAMW+ec0u4butmxLRY99JLiu2PsPcMfh+n+YjPdYBoxXCOwyygqc8mOlxYuQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wccpf23P7z1Ghq;
	Mon,  5 Aug 2024 00:32:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4750WgYB003158;
	Mon, 5 Aug 2024 00:32:42 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4750WgOb003155;
	Mon, 5 Aug 2024 00:32:42 GMT
	(envelope-from git)
Date: Mon, 5 Aug 2024 00:32:42 GMT
Message-Id: <202408050032.4750WgOb003155@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 279e543dc707 - stable/14 - rtld: add
  LD_NO_DL_ITERATE_PHDR_AFTER_FORK env var
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 279e543dc707ee19b28cee8a00deafea1f8b8d8e
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=279e543dc707ee19b28cee8a00deafea1f8b8d8e

commit 279e543dc707ee19b28cee8a00deafea1f8b8d8e
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-07-17 04:05:33 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-08-05 00:32:11 +0000

    rtld: add LD_NO_DL_ITERATE_PHDR_AFTER_FORK env var
    
    PR:     280318
    
    (cherry picked from commit 860c4d94ac46cee35a678cf3c9cdbd437dfed75e)
---
 libexec/rtld-elf/rtld.1      | 10 +++++++++-
 libexec/rtld-elf/rtld.c      |  1 +
 libexec/rtld-elf/rtld.h      |  1 +
 libexec/rtld-elf/rtld_lock.c |  7 +++++--
 4 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/libexec/rtld-elf/rtld.1 b/libexec/rtld-elf/rtld.1
index 992138b1ffc0..31e046a5cdc4 100644
--- a/libexec/rtld-elf/rtld.1
+++ b/libexec/rtld-elf/rtld.1
@@ -26,7 +26,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd April 28, 2024
+.Dd July 24, 2025
 .Dt RTLD 1
 .Os
 .Sh NAME
@@ -329,6 +329,14 @@ The static TLS extra space is used when loading objects compiled for
 initial-exec TLS code model with
 .Xr dlopen 3 .
 The minimum value that can be specified is \'128\'.
+.It Ev LD_NO_DL_ITERATE_PHDR_AFTER_FORK
+Allow
+.Xr dl_iterate_phdr 3
+to block in callback, without causing deadlock with the
+.Xr fork 2 .
+The drawback is that the image started in this mode cannot use
+.Xr dl_iterate_phdr 3
+after fork.
 .El
 .Sh DIRECT EXECUTION MODE
 .Nm
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 411fe7956873..e7fcfde8f474 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -376,6 +376,7 @@ static struct ld_env_var_desc ld_env_vars[] = {
 	LD_ENV_DESC(TRACE_LOADED_OBJECTS_ALL, false),
 	LD_ENV_DESC(SHOW_AUXV, false),
 	LD_ENV_DESC(STATIC_TLS_EXTRA, false),
+	LD_ENV_DESC(NO_DL_ITERATE_PHDR_AFTER_FORK, false),
 };
 
 const char *
diff --git a/libexec/rtld-elf/rtld.h b/libexec/rtld-elf/rtld.h
index 96a9da3c4ea3..97187b24ce84 100644
--- a/libexec/rtld-elf/rtld.h
+++ b/libexec/rtld-elf/rtld.h
@@ -383,6 +383,7 @@ enum {
 	LD_TRACE_LOADED_OBJECTS_ALL,
 	LD_SHOW_AUXV,
 	LD_STATIC_TLS_EXTRA,
+	LD_NO_DL_ITERATE_PHDR_AFTER_FORK,
 };
 
 void _rtld_error(const char *, ...) __printflike(1, 2) __exported;
diff --git a/libexec/rtld-elf/rtld_lock.c b/libexec/rtld-elf/rtld_lock.c
index 0c790450dcec..323bb7494c32 100644
--- a/libexec/rtld-elf/rtld_lock.c
+++ b/libexec/rtld-elf/rtld_lock.c
@@ -463,6 +463,7 @@ _rtld_atfork_pre(int *locks)
 
 	if (locks == NULL)
 		return;
+	bzero(ls, sizeof(ls));
 
 	/*
 	 * Warning: this did not worked well with the rtld compat
@@ -472,7 +473,8 @@ _rtld_atfork_pre(int *locks)
 	 * _rtld_atfork_pre() must provide the working implementation
 	 * of the locks anyway, and libthr locks are fine.
 	 */
-	wlock_acquire(rtld_phdr_lock, &ls[0]);
+	if (ld_get_env_var(LD_NO_DL_ITERATE_PHDR_AFTER_FORK) == NULL)
+		wlock_acquire(rtld_phdr_lock, &ls[0]);
 	wlock_acquire(rtld_bind_lock, &ls[1]);
 
 	/* XXXKIB: I am really sorry for this. */
@@ -492,5 +494,6 @@ _rtld_atfork_post(int *locks)
 	ls[0].lockstate = locks[2];
 	ls[1].lockstate = locks[0];
 	lock_release(rtld_bind_lock, &ls[1]);
-	lock_release(rtld_phdr_lock, &ls[0]);
+	if (ld_get_env_var(LD_NO_DL_ITERATE_PHDR_AFTER_FORK) == NULL)
+		lock_release(rtld_phdr_lock, &ls[0]);
 }

From nobody Mon Aug  5 00:32:43 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wccpg4rQ3z5S8XT;
	Mon, 05 Aug 2024 00:32:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wccpg3ZKKz4D3P;
	Mon,  5 Aug 2024 00:32:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722817963;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OmVPCHmN+/5OB+UZLfAlOzRLEcO14QbMXGul3MCHHBQ=;
	b=KoVUMXK/NKx17lTZq6yoN/uLFHMgje9oM3IdAIkN/38hdpFFZt32QVvixHldi5wful95u0
	6Fdy/shq42y7sqzd4m8u7hnDFGcVlFaLtIQWKYs0YpOJbpbnTBdpevSJNCfst4qaxhLf3e
	mnxR1oKudBbTJ9Rddf6QIXeQRlhTrv0XX/hdKGLLqqZQjUG4we8kKIIfCXV2LbIYWVvJfH
	3T7JjJ0Id7QI01aW7+qlf+mgYfOnyo0aCFdDeRXIk0UBozg0u0nRcS0cedoZc4mj4z+nqx
	tPupSGwZ4T7aLC43enRsvXTAbQxiseEcLsEmoODR/+yA1J4EvgxBfNCPNCM6WA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722817963; a=rsa-sha256; cv=none;
	b=tVnsV208XyFBUpLHUHo4kTmVH2ksHHdeK4SZup73YCezE9FMd/IpkulEF14fd87TeGmBgH
	eqx11gTc3VhDGvVo8cvZa/aULBgKIqH6iYPGBqhKaL+At93vtvrU/r+XZj78VR2w9D1YAt
	6JRkakRz2EkntwcEya/NQj6WdJD3gCVk24CSkGVGiam9nIHN7kxQD/EZwQfp0M1mDATCy/
	FVvd1oTX2uzijaxvXxy6evnh/GDHrDSAoKtB/AujNNDeF7PZpLMw9V1Yj95dsCTlztPZvh
	ZjMsOMTDW4OhTAViQKBwYjOWvGCfcP2Ljz5n2ga9qdNg2hfmp1SmrtJKJyWT6w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722817963;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OmVPCHmN+/5OB+UZLfAlOzRLEcO14QbMXGul3MCHHBQ=;
	b=LnxWVVUJq7SXUmcz9eLNH/FqNPM9Zk52J6HxlJ/hlaJ1nqBqiSNtN7hlQwz2DqLthmyz9Y
	TMeZCHL8eFJEI8MrBCijmNXPrlcNK6pcYLSaO1USmiiCYI4GFEW2RCdXvpVW+fK/uog1wK
	gWzuGmXI6HpQbiGqzXovKnShQhQ7aPTK9vDo5IUTkei+sCOTOxAzwQlgbJa2nsH3+5jAEL
	YM1Suda+oEGal2TLTRpKY0WxnyLdfW2xXncOLB1RWRh+jaWIL2srN+gDAJ6WxCGeD/Lt3l
	LJAmprkfAwcAcoKekvitvgYvMF/wVWSX3j/xpBYEQJFUtwQfyFNZX/n24hB/eg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wccpg33lYz1Gfr;
	Mon,  5 Aug 2024 00:32:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4750Whjh003200;
	Mon, 5 Aug 2024 00:32:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4750WhA6003197;
	Mon, 5 Aug 2024 00:32:43 GMT
	(envelope-from git)
Date: Mon, 5 Aug 2024 00:32:43 GMT
Message-Id: <202408050032.4750WhA6003197@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 15ee14d0f7d0 - stable/14 - rtld: avoid division in
  __thr_map_stacks_exec()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 15ee14d0f7d0d8af7e12f16be7fe5b3fa5b2e5de
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=15ee14d0f7d0d8af7e12f16be7fe5b3fa5b2e5de

commit 15ee14d0f7d0d8af7e12f16be7fe5b3fa5b2e5de
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-07-24 10:17:55 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-08-05 00:32:11 +0000

    rtld: avoid division in __thr_map_stacks_exec()
    
    (cherry picked from commit 31f688a26d82ce00d1ec7ca9ed17b9914bf5176f)
---
 lib/libthr/thread/thr_stack.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/lib/libthr/thread/thr_stack.c b/lib/libthr/thread/thr_stack.c
index 5e888bbfe9b6..68a658a1ddfd 100644
--- a/lib/libthr/thread/thr_stack.c
+++ b/lib/libthr/thread/thr_stack.c
@@ -127,10 +127,7 @@ static char *last_stack = NULL;
 static inline size_t
 round_up(size_t size)
 {
-	if (size % _thr_page_size != 0)
-		size = ((size / _thr_page_size) + 1) *
-		    _thr_page_size;
-	return size;
+	return (roundup2(size, _thr_page_size));
 }
 
 void

From nobody Tue Aug  6 01:23:58 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdFvL2R3Hz5SLZk;
	Tue, 06 Aug 2024 01:23:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdFvL1q1jz4Src;
	Tue,  6 Aug 2024 01:23:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722907438;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=48XauAdPE5Vwod+6akqJYB0XqkPYRaYKvX188yO1UnE=;
	b=cP4gX7lSMctzOmw0b6MA19g75RRlGXOrIWvGJ/qLNNqijVs2CJSjryvQbQnPYENvnP1r2k
	g4E+hLmD/3P6w14um75dcs6W/8xyWiSoVSGCGZWuNaoKH9tQtvumkPdM1Uz+cDQKgvCUe9
	0cl0outIAu6ONLlHBu0eIZ0+xLuuI9pdizTmC9MNy9Y3wOpJc0LH1QKgSjrwbwOkrATvCT
	XI+zaMtlN3sPasQvJV9j3fxuOKe4aUCwuOuOdtbB7FYz5z/Tk2wx7/nO23Qi1S3Soavub4
	tlkln1BZdIHRu13U5O1BqtGaaWh7xcP9ewAqvzb/R9wbzP0LZajPewbZXkp0cg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722907438; a=rsa-sha256; cv=none;
	b=M4JFBPDfMgq5dwDqw1vw+Cfb3Mkb2C+8O40ZOIYJeDGwZChsZkNEw/iORcFYMTmTW0Cnzh
	3AgAuLhu6yH9mIM4hIgqP1Hag8rdWdghcUyKujoBBf8UU3SsEq+02tCxwtVFUhrRkuwoSm
	AzJoe4Juln3Lkm04h8rhQhg0UFKuyas76MFtOsDcXC1csY/WfUm7TBkzNB1A4a8QmHak0a
	Dt/beJBDAVJC4UfrVILCOfgXexL9GMor1f9rYCMl6rc+8QFEKtl5OZNQA3Rmd0Tgk8S3u8
	jNY62bTbXkKuKnB3Pb1YWk78XucrGUvr6tmBmaLFO+0Y2LXtTVUuiQBY5K6UoQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722907438;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=48XauAdPE5Vwod+6akqJYB0XqkPYRaYKvX188yO1UnE=;
	b=iFrQaN6jPIBZVZaFOIvSU+QdjJ0jE9jbJl4kqTNbNRmfQROVvsMwWSiai7Aoz5lwv1q8qn
	YIps1OpDtkL5jVUi1uGKQvM286IVnX6q7KZNxMMljXBW/9nG1xr77sMjKEZ7dQhXZC/X7i
	20OQtZ7Yir6Ed74piRsbNeMQhWDOBnQexgWU6bH7EwDh7E49AOFgG4vjsMsyVc86JJLdCG
	Mp9Su0EcLwY9gfttub+Z6wE7WO6a3j5BNAdiS5ijuOXx5mvaHD9JUBQYNUA/KSynD9u4CB
	dMcTdt9TNTK/PL5HAKsPfyWFvr02ckbtbmSmxKWXNcKT/dWW/D5Bv1lAsbH2BA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdFvL0nK4zmT6;
	Tue,  6 Aug 2024 01:23:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761Nw8e030694;
	Tue, 6 Aug 2024 01:23:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761Nw0L030691;
	Tue, 6 Aug 2024 01:23:58 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:23:58 GMT
Message-Id: <202408060123.4761Nw0L030691@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: d5eb39c8b732 - stable/14 - bsd-family-tree: add FreeBSD
  14.1
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: d5eb39c8b732b2a9f2dbd84ecc9c2a1ab90bc992
Auto-Submitted: auto-generated

The branch stable/14 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=d5eb39c8b732b2a9f2dbd84ecc9c2a1ab90bc992

commit d5eb39c8b732b2a9f2dbd84ecc9c2a1ab90bc992
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2024-08-03 15:48:55 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:23:43 +0000

    bsd-family-tree: add FreeBSD 14.1
    
    MFC after:      3 days
    
    (cherry picked from commit 2b4aa2816cd2988d0e20cee9035d8ab9712d6708)
---
 share/misc/bsd-family-tree | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index ed18b96cb39a..a664be3161a5 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -453,13 +453,15 @@ FreeBSD 5.2           |      |                 |                       |
  |            |       |      |                OpenBSD 7.4              |
  *--FreeBSD   |       |      |                    |                    |
  |   14.0     |       |      |                    |                    |
- |            |       |      |                    |                    |
- |         FreeBSD    |      |                    |                    |
- |           13.3     |      |                    |                    |
- |                    |      *--NetBSD            |                    |
- |                    |      |   10.0             |                    |
- |                    |      |                    |                    |
- |                    |      |                OpenBSD 7.5              |
+ |     |      |       |      |                    |                    |
+ |     |   FreeBSD    |      |                    |                    |
+ |     |     13.3     |      |                    |                    |
+ |     |              |      *--NetBSD            |                    |
+ |     |              |      |   10.0             |                    |
+ |     |              |      |                    |                    |
+ |     |              |      |                OpenBSD 7.5              |
+ |  FreeBSD           |      |                    |                    |
+ |   14.1             |      |                    |                    |
  |                    |      |                    |                    |
 FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -current
  |                    |      |                    |                    |
@@ -893,6 +895,7 @@ FreeBSD 14.0		2023-11-20 [FBD]
 FreeBSD 13.3		2024-03-05 [FBD]
 NetBSD 10.0		2024-03-28 [NBD]
 OpenBSD 7.5             2024-04-05 [OBD]
+FreeBSD 14.1		2024-06-04 [FBD]
 
 Bibliography
 ------------------------

From nobody Tue Aug  6 01:48:45 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGRy0Bb5z5SP20;
	Tue, 06 Aug 2024 01:48:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGRx6kS1z4Vd1;
	Tue,  6 Aug 2024 01:48:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908925;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3l67NLiy0rf8BV054APViw4/kD7JsJw/SdNkSVc1ph0=;
	b=Ild2nqS+9K2d49CmzDHu7WzN3pnXPtKTbuHop8zNE0DeheCRfa1llMGUD4W5EnG7GkF9Uy
	xW3mhrMGGZoCju9ZppBg+GmjmzXuawtciPLYcJJksf618rAJU8/EM8ztAmu0wrUvuqHHYL
	xImfax86loXu1VInALJLbQJMdCKOcbM9/d5iEPCZlGkKEAT54HdOJgpAsPDwNaZC+OMdaJ
	g3JJXDpB3fsmjmBF9zWqjQQ16LvourDzYjL6W5jb6iuLssj6+MYXPnpDOLnh6IhdCeWwDg
	oiNS7wEAs9gCvEkcLzPrNGZ11WeQfPc0WebumaLI3q06I85wfnPgmGCszJAgbQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908925; a=rsa-sha256; cv=none;
	b=KtZXV6nQerP1AAHMGE1ur96GBrNJgiNjsr9axtoAfgUcQ7cRau8v1dacMs3oyh3Zm7zrs3
	xWFap8HGo7vElioctIbSSa9qRMNwf/SDy5wJ3Cdp4GMRzLWJkmN8mnLoEkNrXKGjoF/T4r
	iX5WNMhUioCJIgDGvurSnuQf5d8Hsf1fh32dS80uIKd/Ke2sddx8yYenlntcHpuWkti4a8
	RglIHZxhkqGje606uqKbo9b0xWB5wqycmYasHawvARCY6KwkS8qYmMcZS4duMmDEF3G3UQ
	iLH4v2VEhQ6QaC0BW4Dc/x/R+3V8tOUnTblYf6VOK7I+XxWzTjiG4gAVndWXqg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908925;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3l67NLiy0rf8BV054APViw4/kD7JsJw/SdNkSVc1ph0=;
	b=sqDiHE6wO01bDhOfnGguDkd0AQ0+XKGxqK8pB8LRG1I3XY3niagffnYWY0AsvNaUlshfZv
	gXnqAsjdGNPWrl57OqEXCzbfkp7mFgEUq9KRrKc8pn/YvBVnH92sEHMku9y8hdcMf9KM6w
	cDW29hpCDcaoCWUZvR/HXf4Vf7XeGmIQNX1Q/ebJmqaLLx9zydR9KDyaFIFM0l4PM99/Ac
	x8fzZ2UyXs5qYBhvFbjyBzdXA3b8ZEWu3dyVy6xmImwIxeTW62zMTIWvcYmFnYiby/BfG7
	ftqHmWvSYHnwW3nJB90xDtNuEiQvFAWIgdoLh9oYC2V2liXm2Vh/lsqnuz0PgQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGRx6LXTzmvw;
	Tue,  6 Aug 2024 01:48:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mjqk064440;
	Tue, 6 Aug 2024 01:48:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mjcJ064437;
	Tue, 6 Aug 2024 01:48:45 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:45 GMT
Message-Id: <202408060148.4761mjcJ064437@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: 7424d5cbf6f1 - stable/13 - bsd-family-tree: QCU: ISBN
  and EAN numbers
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7424d5cbf6f1032f91a3c107e7cd4f89b3095f69
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=7424d5cbf6f1032f91a3c107e7cd4f89b3095f69

commit 7424d5cbf6f1032f91a3c107e7cd4f89b3095f69
Author:     Graham Perrin <grahamperrin@gmail.com>
AuthorDate: 2023-12-27 23:36:25 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:29:37 +0000

    bsd-family-tree: QCU: ISBN and EAN numbers
    
    ISBN 0201547775 and International Article Number (EAN) 9780201547771 for
    'A Quarter Century of UNIX' by Peter H. Salus.
    
    Reviewed by: imp
    Pull Request: https://github.com/freebsd/freebsd-src/pull/812
    
    (cherry picked from commit 3dfb39ef1d66e8370c302b158173ed8065887c2a)
---
 share/misc/bsd-family-tree | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index d81c8829f4e8..46f271342346 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -479,7 +479,8 @@ was the announcement in Usenet or if it was available as tape.
 	Distribution UNIX Version 2.9, July, 1983.
 [NBD] NetBSD Project, The.
 [OBD] OpenBSD Project, The.
-[QCU] Salus, Peter H. A quarter century of UNIX.
+[QCU] Salus, Peter H. A quarter century of UNIX. ISBN 0201547775,
+        EAN 9780201547771
 [SMS] Steven M. Schultz. 2.11BSD, UNIX for the PDP-11.
 [TUHS] The Unix Historical Society.  https://minnie.tuhs.org/Unix_History/.
 [USE] Usenet announcement.

From nobody Tue Aug  6 01:48:46 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGRz14vkz5SNj7;
	Tue, 06 Aug 2024 01:48:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGRz0P5Qz4Vt4;
	Tue,  6 Aug 2024 01:48:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908927;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=e+V1pKZgSczOMqUuiTJQH0FU95f4q1l5VqGsbULYIss=;
	b=QHsms0NEnfgGIKI0hiSAn9yOsxAYCo6nzmu2WKxL/L5OrUd8a0+2NeUVsdPfAET3aqoQfV
	Q5qMxfHCZQGeG1awWZU91BpM8j4jSOm2d49TmglIzLMhWqcUfvT6qLDPWyYiwY+Mk88MJY
	QD8UHyp1KN0ta0fUKz8iHKu05SGMNYlXljF54DYpr/6OEi0HvR5y91t6pGKbJkYzicOODC
	XLfvCu+IOqEaOL02b6IpFSk5DgFl9xn/5/AeL/SUprLshGq3CmaxtqFQMIftR6HWp6Xq78
	MTFog8hVNdaU61/K6F7IWLRDAmgwx0TIAn1bhdXQP5jVxlNztRq7fysUY343Jw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908927; a=rsa-sha256; cv=none;
	b=AnOMchcplgW7xkQ6ctyebes/vFwPUZOShaj5c3uQBe+hBtbr7MKMrxlAospeDeo9CbOVxs
	tKDC6ZuFN8m44PyAx+3KZLp7mewdLOt5qUvTfc093/Xvxsi9Gr/+uFHTkAM4W8V7TQqq+b
	aTymxdFieTMNJb9nBtlda/ynLIQFMAvt2X7fOdzNy0boql/aXbV/lIrgApkBFxlU1GPNBJ
	UZa9tkhNCddjCWAXJZWqgwbdRz6dcbAAzALhXifa5yNR/Yfy2TkwrNUtud1kdxvNd+WqH9
	aBCOFlviXWpPCkLRwqxmSfCv8YXjykrZi1RJtmymhphjhqz3tVBPWpCfa0kxOg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908927;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=e+V1pKZgSczOMqUuiTJQH0FU95f4q1l5VqGsbULYIss=;
	b=Sl+LokGeRsypYp4NvPlLpY3nlGViTM/HtquXBccQtkNV9/NwBzKjhrWv7spm7FFal9WXpU
	9pc+21rTvvNHbIjeoXTt62CI42u7p+2fg0pkq7PN4PO5dZPZaz/oX5JJUzfCYa9PVloMtJ
	NpzGq5QOMbHf7J3cRTPFBjk5JF9xDd+BDEwM2wlnNFlszqK7OFyHG17/A1k/m+LUWFCxAJ
	CxGBeOO46wltqKHi61EAWpWbC2dwYUvBzJ4vyQbhr+ijW4O8JYgHRR938d16Sv4daO2qPB
	bImLuGwZd3FklNOspMgumciaeupf4f4TKvC5TRO9rsrP8vikhii0ntmlQBUDtw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGRz00DtznLM;
	Tue,  6 Aug 2024 01:48:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mkDE064482;
	Tue, 6 Aug 2024 01:48:46 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mkws064479;
	Tue, 6 Aug 2024 01:48:46 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:46 GMT
Message-Id: <202408060148.4761mkws064479@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: 2d31963f2a5a - stable/13 - bsd-family-tree: tidiness,
  width
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2d31963f2a5a8ab111b1dfbc9c73c2e5967962e5
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=2d31963f2a5a8ab111b1dfbc9c73c2e5967962e5

commit 2d31963f2a5a8ab111b1dfbc9c73c2e5967962e5
Author:     Graham Perrin <grahamperrin@gmail.com>
AuthorDate: 2023-12-27 23:36:26 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:45:56 +0000

    bsd-family-tree: tidiness, width
    
    Tidy the raggedness in the section that begins [44B]. As the line that begins
    [KB] was previously tidied, now tidy the section to accommodate [BSDI] and
    [TUHS]. Rewrap the section to fit the same number of columns.
    
    Reviewed by: imp
    Pull Request: https://github.com/freebsd/freebsd-src/pull/812
    
    (cherry picked from commit db348fdba461519d4ea7be45f96719b1bd76485d)
---
 share/misc/bsd-family-tree | 51 +++++++++++++++++++++++-----------------------
 1 file changed, 25 insertions(+), 26 deletions(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index 46f271342346..82b245079486 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -459,33 +459,32 @@ FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -curren
 Time
 ----------------
 
-Time tolerance +/- 6 months, depending on which book/article you read; if it
-was the announcement in Usenet or if it was available as tape.
+Time tolerance +/- 6 months, depending on which book/article you read; if it was
+the announcement in Usenet or if it was available as tape.
 
-[44B] McKusick, Marshall Kirk, Keith Bostic, Michael J Karels,
-	and John Quarterman. The Design and Implementation of
-	the 4.4BSD Operating System.
-[APL] Apple website [https://www.apple.com/macosx/]
+[44B]  McKusick, Marshall Kirk, Keith Bostic, Michael J Karels, and John
+	Quarterman. The Design and Implementation of the 4.4BSD Operating System.
+[APL]  Apple website [https://www.apple.com/macosx/]
 [BSDI] Berkeley Software Design, Inc.
-[DFB] DragonFlyBSD Project, The.
-[DOC] README, COPYRIGHT on tape.
-[FBD] FreeBSD Project, The.
-[KB]  Keith Bostic. BSD2.10 available from Usenix. comp.unix.sources,
-	Volume 11, Info 4, April, 1987.
-[KKK] Mike Karels, Kirk McKusick, and Keith Bostic. tahoe announcement.
+[DFB]  DragonFlyBSD Project, The.
+[DOC]  README, COPYRIGHT on tape.
+[FBD]  FreeBSD Project, The.
+[KB]   Keith Bostic. BSD2.10 available from Usenix. comp.unix.sources, Volume 11,
+	Info 4, April, 1987.
+[KKK]  Mike Karels, Kirk McKusick, and Keith Bostic. tahoe announcement.
 	comp.bugs.4bsd.ucb-fixes, June 15, 1988.
-[KSJ] Michael J. Karels, Carl F. Smith, and William F. Jolitz.
-	Changes in the Kernel in 2.9BSD. Second Berkeley Software
-	Distribution UNIX Version 2.9, July, 1983.
-[NBD] NetBSD Project, The.
-[OBD] OpenBSD Project, The.
-[QCU] Salus, Peter H. A quarter century of UNIX. ISBN 0201547775,
-        EAN 9780201547771
-[SMS] Steven M. Schultz. 2.11BSD, UNIX for the PDP-11.
-[TUHS] The Unix Historical Society.  https://minnie.tuhs.org/Unix_History/.
-[USE] Usenet announcement.
-[WRS] Wind River Systems, Inc.
-[dmr] Dennis Ritchie, via E-Mail
+[KSJ]  Michael J. Karels, Carl F. Smith, and William F. Jolitz. Changes in the
+	Kernel in 2.9BSD. Second Berkeley Software Distribution UNIX Version 2.9,
+	July, 1983.
+[NBD]  NetBSD Project, The.
+[OBD]  OpenBSD Project, The.
+[QCU]  Salus, Peter H. A quarter century of UNIX. ISBN 0201547775, EAN
+	9780201547771
+[SMS]  Steven M. Schultz. 2.11BSD, UNIX for the PDP-11.
+[TUHS] The Unix Historical Society. https://minnie.tuhs.org/Unix_History/.
+[USE]  Usenet announcement.
+[WRS]  Wind River Systems, Inc.
+[dmr]  Dennis Ritchie, via E-Mail
 
 Multics                 1965
 UNIX                    Summer 1969
@@ -916,10 +915,10 @@ URL: https://web.archive.org/web/20081230094857/http://www.byte.com/art/9410/sec
 Andreas Klemm, Lars Köller. If you're going to San Francisco ...
 Die freien BSD-Varianten von Unix. c't April 1997, page 368ff.
 
-BSD Release Announcements collection.
+FreeBSD Release Information 
 URL: https://www.FreeBSD.org/releases/
 
-BSD Hypertext Man Pages
+Manual pages for FreeBSD and ports
 URL: https://www.FreeBSD.org/cgi/man.cgi
 
 UNIX history graphing project

From nobody Tue Aug  6 01:48:48 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGS03KHYz5SP3y;
	Tue, 06 Aug 2024 01:48:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGS01YNjz4VtB;
	Tue,  6 Aug 2024 01:48:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908928;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=bmFPnu5EcuBv6n6iHvOw7jA9sJaULMa3430B3Wj8zlU=;
	b=pZ3v+hfRca7WjpDuhT4dZdbDkEFIuSV6VQevTfjh1kctkNXEemW+f1oEMUT1RdBpdisyVv
	7m8Eza9A2Y8OcAcDeDTQxJ28E1CwFWvO5FrtjBrQ2Kr8bgg2K5HBqw/EAsANR9Nn5UTb9a
	dmGGkLGu2YMqDXZEkNAwWFhzLh0Pabzx6SKVAsuuGcTNOcg71alI5MnMJUvhgUzLxJDRku
	hAUqXL7PC9EhMqOzYE8vauuSBKoarOxBPoGqCnP0CMkRAgLljeoQRRMj4UavBTDOkOQ3Mc
	G8I+8pPpaTTbgL+QInqBYaEDxasmKH2veAcexIbSCr1iV3NDBcTqDgHbKTBIhQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908928; a=rsa-sha256; cv=none;
	b=AX6xG8lV6yrw4haTNjSFY5Jc7kDvbljvY+EV6bM99GAKivPVecYpXVq89naWPM/4PzAdSl
	HFVvrwZkXQck6k3o4cq7rvGekwXlJgK9wwLU/R9fpOzINf2i1l1/UB1TPBaXz0pAEo/KpO
	P8+xWj712TgBQ8/kqzEA2CX5yvZxQn4AmYI1ztoIjcoCiwqXg6KkJhxYV/Y3U/xOL0Qsvs
	jS0U5d2ybE6LRdDHVWmIbOrIWVrosWkd34Jpk7aMp7LKynKpc2nYemSZW2ExLgV675fMS1
	30Qewvx/jLzciaTNcCdXeKMgc0d3H2CBIm6LldO1PDr92j8s3m2U+dttUyKAmA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908928;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=bmFPnu5EcuBv6n6iHvOw7jA9sJaULMa3430B3Wj8zlU=;
	b=uklqTAOSCnp2ajaXwwW+Qq9fBsI6NXoIlohnEpTuO8L23QUQF1JumcVO2SOfZ06rFaVskY
	SkTNHfn/YKL8eM/UeMJPBNywkWO6/rXI2LdieVYrARI5bux3UB7qkhsHD5pNENx60mIZwK
	fynD99znQ78qhbTy68esxc+sAIThlI6L7VrW6fzjakd3UWtScjZ6W+PnRu4An59MPwuRZS
	sh/DwEoLmvKtdCsbtgPKTLduv6KRlWIraf8ZNBVB0JbrVXUu2SSkRjbhzAZAJn2V7wfeDc
	fZUIpaa0mQYpPNlVKpfjPAlx2m9zaRdgwtU7KaYcxYGWIxKek1SxxFzhlCG61A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGS00y3fzn6Y;
	Tue,  6 Aug 2024 01:48:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mmPS064533;
	Tue, 6 Aug 2024 01:48:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mmZQ064530;
	Tue, 6 Aug 2024 01:48:48 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:48 GMT
Message-Id: <202408060148.4761mmZQ064530@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: ce50faabafef - stable/13 - bsd-family-tree: add FreeBSD
  13.3
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ce50faabafef5dc0b9483b3e986cdd962edd9fe0
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=ce50faabafef5dc0b9483b3e986cdd962edd9fe0

commit ce50faabafef5dc0b9483b3e986cdd962edd9fe0
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2024-03-05 13:38:09 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:46:53 +0000

    bsd-family-tree: add FreeBSD 13.3
    
    MFC after:      3 days
    
    (cherry picked from commit 885590b4f1ad218995df0fc127601e0f59bcc57f)
---
 share/misc/bsd-family-tree | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index 82b245079486..f72b0befbb1a 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -446,11 +446,16 @@ FreeBSD 5.2           |      |                 |                       |
  |     |              |      |                OpenBSD 7.3              |
  |  FreeBSD           |      |                    |                    |
  |   13.2             |      |                    |                    |
- |                  macOS    |                    |                    |
- |                   14      |                    |                    |
- |                    |      |                OpenBSD 7.4              |
- *--FreeBSD           |      |                    |                    |
- |   14.0             |      |                    |                    |
+ |     |              |      |                    |                    |
+ |     `------.       |      |                    |                    |
+ |            |     macOS    |                    |                    |
+ |            |      14      |                    |                    |
+ |            |       |      |                OpenBSD 7.4              |
+ *--FreeBSD   |       |      |                    |                    |
+ |   14.0     |       |      |                    |                    |
+ |            |       |      |                    |                    |
+ |         FreeBSD    |      |                    |                    |
+ |           13.3     |      |                    |                    |
  |                    |      |                    |                    |
 FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -current
  |                    |      |                    |                    |
@@ -880,6 +885,7 @@ FreeBSD 13.2		2023-04-11 [FBD]
 macOS 14		2023-09-26 [APL]
 OpenBSD 7.4		2023-10-16 [OBD]
 FreeBSD 14.0		2023-11-20 [FBD]
+FreeBSD 13.3		2024-03-05 [FBD]
 
 Bibliography
 ------------------------

From nobody Tue Aug  6 01:48:50 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGS25qs9z5SP6g;
	Tue, 06 Aug 2024 01:48:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGS23LF2z4W2m;
	Tue,  6 Aug 2024 01:48:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908930;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=5aHAj2QhWctxIsNdqyWSJDmlYAr/zzjG8XZS6XVJW8g=;
	b=pEml/05QPkmDIyLoRSzC8sWTQGhzkjY0sEh8LqGZGOnq6D2Syt6UgpTaBJXTdo3Vji+hbr
	wF4ZlCReGuA7FKjcJTwQnyE9WEcrIzchmX3KH+wz4NSLSWMG6IyBO25DRT1BYluxOX+7Lx
	m0hw55paC8GZS2Xgb6q2X8AeG3hXwpZOCPKd311vFVZx+4JrcY7jFFm70aKprFDGT/UJOd
	60eXTUIXHfZcep9qEIim1cLkfKq7IoCwwtDOhDeCb4luxeBtPxWjuh84cHoZziEyQBnPSx
	wy3v4D3HVxk3zsXQRQpZEuZqbl6oOSSDKZIWJz6YMOY5Hr/LEKTpP1GqyHjvOw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908930; a=rsa-sha256; cv=none;
	b=ZQPyO9BS14ynyn5Od722duas6VLABrlo8dOJONbmw0ZrIdcbhWB3YQycxVgLJpR1Mb4fcw
	JsoPqV7TQQpv0oUhiuQhV4U2DzXFAfoKuSzHyc3qFSo+Ini+lCXJrQPr0vc3rGbSMfHcld
	Ol4O7ZQBu1SQfSWODAOm8wPl2VZvD8VZ1bC0PDwCJYQ8Nxbm7CQd7C1iefZDy3QSGZyeK3
	8l06rfeXsQUNpMKn7UQl7K0GOWF1+y88FtsDBUs/pWkBvXgdc6Lpi2VDQcDE9I81o6bjbP
	V+8pwhO2wpTU2gInhcg8vSWwGXqb+Dz6lKa573s68b2DSO4q2Shoq4VgQj/vIg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908930;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=5aHAj2QhWctxIsNdqyWSJDmlYAr/zzjG8XZS6XVJW8g=;
	b=IFIVmPZuKjPOy96VbHIPeK+EAoxbOm2ckfpgCGEO41RHrv/jtrJPR3BSif979ZfXnCoT+Z
	KeXDS8OE0k3svOj0b/bdkA3hYZLp77gaPAGVfSMOj4PaUjsDFq/MbazXMy9aHSH8D0aQ50
	UsuZLQhyFWAiz4wiQCcZm/qtnn0N6I/DHDtbsMLyMWWhLKSmYL0EgNOV1lDGSZ/jD6V3F3
	8fzkHMqQoj72gjNbvRrUvmOdnwef1Pd08QrB50dCRRikHyaRgvp2rXhcY31bIWPEFTtvJZ
	wwdBeQZBusglI9uy9pzBnLqAUjolpdNGaUKvjQQ/4dv4PqW+jWOOIjQAhWQt+A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGS22xsjzn6Z;
	Tue,  6 Aug 2024 01:48:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mopj064622;
	Tue, 6 Aug 2024 01:48:50 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761moOG064619;
	Tue, 6 Aug 2024 01:48:50 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:50 GMT
Message-Id: <202408060148.4761moOG064619@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: dcfa8b67184f - stable/13 - bsd-family-tree: remove
  EoL whitespace
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: dcfa8b67184ff54759aa15822f5bf4e2a9d94d87
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=dcfa8b67184ff54759aa15822f5bf4e2a9d94d87

commit dcfa8b67184ff54759aa15822f5bf4e2a9d94d87
Author:     Maxim Konovalov <maxim@FreeBSD.org>
AuthorDate: 2024-03-31 18:36:03 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:47:36 +0000

    bsd-family-tree: remove EoL whitespace
    
    (cherry picked from commit ad5ec5136ba3aa7d2863db23dc97fd875213f7ad)
---
 share/misc/bsd-family-tree | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index 2cb894059acd..0f99d6d946cc 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -924,7 +924,7 @@ URL: https://web.archive.org/web/20081230094857/http://www.byte.com/art/9410/sec
 Andreas Klemm, Lars Köller. If you're going to San Francisco ...
 Die freien BSD-Varianten von Unix. c't April 1997, page 368ff.
 
-FreeBSD Release Information 
+FreeBSD Release Information
 URL: https://www.FreeBSD.org/releases/
 
 Manual pages for FreeBSD and ports

From nobody Tue Aug  6 01:48:49 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGS14158z5SNj8;
	Tue, 06 Aug 2024 01:48:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGS12Qn1z4Vm9;
	Tue,  6 Aug 2024 01:48:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908929;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=A0i1C7f274hKrFxK106AogkyjQkBaLRw0myXaJ9LTbc=;
	b=X9FriRrmdEsHsC9KqjRwOky+eAlUBQSvSF3CAjat0vrL31NecYIDeD75bDP9g89rpSV2lu
	UT7ZY4nGlUH6InUnX2eGKHuuAIacPTPEIyGSFvxr5V2ZFvjbGrT3Q/dXjuqPRMb0/eENS8
	wE6Tet7Rk87RX7w2mZQj3UHRj1yg/Je5PCG8A+UnSTGv14uMm7+v+AnTACunYSG68uwF5v
	zbAjf/5T46yfZhcHSFs8GVbhQcTB1OxZ6fD8FWNp9vzEA9vA66EGm7/q/BTmpCG56UddTp
	gXvaxdqRuZeoSiG9PtSKZcZuMDdQvQ3An4/gRf7lwLWgC1q8h1mN5e5sP0NqNg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908929; a=rsa-sha256; cv=none;
	b=udVO1pMGm1uE4T4g+49Xg6pfq4gN+r3SfsiFQhCm1SYJUqxjlSWsCvABf/hrijjfss3bs8
	mQm0gErH0AAch3X/HcaTjmqB8M4e9wr6p7oZj06dyYIZU/W5B/ewOzTof2OWS4IjlgKEFC
	CPlktRBoMLd40TFaNruSoQJw/EoZXD6Y6t/GyrOBt28uAimhcfbaoB8ZPHnwRlf/ME4ULR
	mNRlIjaxFDzpfwzNZKjYRQpgPWHIa5unPMkwEiC3SWmIJ0NABgh3uG+nyomFNAGfTu7sIV
	kNDfUnLTSZ2ByupeudCHKoFleRFNrkyxUej11A+Yt019LOGhlmRo+hb2hAYStw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908929;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=A0i1C7f274hKrFxK106AogkyjQkBaLRw0myXaJ9LTbc=;
	b=vwgnBhZ3puEzekg2oF8McEfCi2oXXKqJCzkRBimyJFxCG+GBDlMYybnsjGoepNgrnYxwwp
	IW+ZOpZSSj2yhxBOh5iCLxPjWkkgoWjNTLrOcuoxNzNE8OVXZb5N/q1llFRZQwdNVrn3Gg
	wXlIV9F9aegj6/9zMprN4Dwfhu1bf4z0szSgESB/GqYo947w20edZQ2Uwh2b8ciSfCOFQU
	5lstPaAng2b8f+KYTw+8fJDTlaEBg5viNQukuT4DoHnNWxLPZbW/ZMOvNduSAXCVXamzZW
	4SvU13dHVdJdV6VjLKSgpsB2nrjlbyshtx3FWQGc7V41EXp0wAAx3mCOJXpeHQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGS1208rzmrk;
	Tue,  6 Aug 2024 01:48:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mnuX064580;
	Tue, 6 Aug 2024 01:48:49 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mnA6064577;
	Tue, 6 Aug 2024 01:48:49 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:49 GMT
Message-Id: <202408060148.4761mnA6064577@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: a5661f5d9020 - stable/13 - bsd-family-tree: add NetBSD
  10.0
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: a5661f5d9020e4acab23318671cb6f7341369bc1
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=a5661f5d9020e4acab23318671cb6f7341369bc1

commit a5661f5d9020e4acab23318671cb6f7341369bc1
Author:     Maxim Konovalov <maxim@FreeBSD.org>
AuthorDate: 2024-03-31 18:35:02 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:47:14 +0000

    bsd-family-tree: add NetBSD 10.0
    
    (cherry picked from commit 07b17a1692a3c067e8f3e2dad31441ae441c5387)
---
 share/misc/bsd-family-tree | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index f72b0befbb1a..2cb894059acd 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -456,6 +456,8 @@ FreeBSD 5.2           |      |                 |                       |
  |            |       |      |                    |                    |
  |         FreeBSD    |      |                    |                    |
  |           13.3     |      |                    |                    |
+ |                    |      *--NetBSD            |                    |
+ |                    |      |   10.0             |                    |
  |                    |      |                    |                    |
 FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -current
  |                    |      |                    |                    |
@@ -886,6 +888,7 @@ macOS 14		2023-09-26 [APL]
 OpenBSD 7.4		2023-10-16 [OBD]
 FreeBSD 14.0		2023-11-20 [FBD]
 FreeBSD 13.3		2024-03-05 [FBD]
+NetBSD 10.0		2024-03-28 [NBD]
 
 Bibliography
 ------------------------

From nobody Tue Aug  6 01:48:51 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGS41RT6z5SNrn;
	Tue, 06 Aug 2024 01:48:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGS36RGfz4W0d;
	Tue,  6 Aug 2024 01:48:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908931;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=+RCFjzR4qtcIPf+mPU4HWHLUAadA8JmhJQjClm0DpGU=;
	b=OJTv7JApFC4dvc22Srop4qYMhz3C5mqyivofy4bhCr84EvxBaq8UDRCogrrjPos+lNHhED
	WGcsEXBf5iviTnte1oeZCGxWqKe37BJx+JVUkyeOqjlKUdTJQRepG3+rJtX84lSxcnJ9Dx
	Bw7yDNZzJ7iLRGURL45OVQllzMb2e6OspYwrzpKeSQ3uHOUZJAiy45RXcC57+IFokoIqG4
	wrTvUSE9VdImOkzuNoIukO7Tz7w+FJ1Te9EDN6nYfMdTKkiBbTROn5lgjYjbAx0Ul+2wQo
	dDtXhIr2mLaeCv26YfN3Tj31NI8gvp6yXpbEKuFqLYNLTFZ2ReKDLiScvBcJLg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908931; a=rsa-sha256; cv=none;
	b=u7JaQ6ASrcZGg186MBVJEhG8ulvnAlfvj6deO0p3SzUBmCU2Ezto6B9NNAJz9Am4FJW7hu
	qi2ouVA8H9kflYzOx5MA945Vd6qQwULr64NkHRZmLAuBycuzi4sy4wWjptkqI8WTduR2qc
	LzzmkuMOIDoQzYIRzwHWsMa/CdEH6co0Q+gI5WHuu8qpf5NMfonLsFSeWrIuQ9oFaaNTpa
	VbbVGBQzPgUyrOz1UU24QLtQcOzprPZejxZqEXEEOXt53LbIdWLRJhm1vR5MddEJ20dLx5
	qFp9l9DLCF7Btamx3mMZVyknzbjfnscODgvEEnTfIDY5r3SrjvCocobHTLJjjw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908931;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=+RCFjzR4qtcIPf+mPU4HWHLUAadA8JmhJQjClm0DpGU=;
	b=oL5lPMiDw+j+Cfa1Xwcqu1cCmmw07isaig8IsY2aste8N9gag45KnTJmaNEjI76Q20MsHC
	9k3QVNDFZUzCSdJ0AY7IOIC2EW/CUHuZcq0Cdol/l8cCVcOjlR8Ab21hAU1VeU+i3rDWC7
	GHrDjVe3bAF7ufxmp1WD4kluasCW3qbUy+KLYWCz5LlcTq4pzp1dLD9nrOHPCKEgbyfqnX
	d4GCWqIRJfSKOCftxYfFhKvYxxrbTJGlwcnxbXjavW4sfzShAIkCYHH8wze+E2sXaCQKFk
	mcUmYndQ7cxlhpiYCPei9okwoHgZb2+fQ29I5stXRZkxBLZDqZxG/4d1YcQu/A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGS33zJTznLN;
	Tue,  6 Aug 2024 01:48:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mpvw064672;
	Tue, 6 Aug 2024 01:48:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mpMA064667;
	Tue, 6 Aug 2024 01:48:51 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:51 GMT
Message-Id: <202408060148.4761mpMA064667@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: ac00a7e1d42a - stable/13 - Add OpenBSD 7.5 to
  bsd-family-tree
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ac00a7e1d42a8703bf724de726bd19891359552d
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=ac00a7e1d42a8703bf724de726bd19891359552d

commit ac00a7e1d42a8703bf724de726bd19891359552d
Author:     Juraj Lutter <otis@FreeBSD.org>
AuthorDate: 2024-04-05 06:27:12 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:47:57 +0000

    Add OpenBSD 7.5 to bsd-family-tree
    
    Summary: Add OpenBSD 7.5 to bsd-family-tree
    
    Subscribers: imp
    
    Differential Revision: https://reviews.freebsd.org/D44643
    
    (cherry picked from commit bb4e55242ecb03b3f6876114b0708b0efa85044a)
---
 share/misc/bsd-family-tree | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index 0f99d6d946cc..bbeb054c1c59 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -459,6 +459,8 @@ FreeBSD 5.2           |      |                 |                       |
  |                    |      *--NetBSD            |                    |
  |                    |      |   10.0             |                    |
  |                    |      |                    |                    |
+ |                    |      |                OpenBSD 7.5              |
+ |                    |      |                    |                    |
 FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -current
  |                    |      |                    |                    |
  v                    v      v                    v                    v
@@ -889,6 +891,7 @@ OpenBSD 7.4		2023-10-16 [OBD]
 FreeBSD 14.0		2023-11-20 [FBD]
 FreeBSD 13.3		2024-03-05 [FBD]
 NetBSD 10.0		2024-03-28 [NBD]
+OpenBSD 7.5             2024-04-05 [OBD]
 
 Bibliography
 ------------------------

From nobody Tue Aug  6 01:48:52 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdGS54L33z5SNj9;
	Tue, 06 Aug 2024 01:48:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdGS45zLGz4W0p;
	Tue,  6 Aug 2024 01:48:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722908932;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hkRQl94sSIe3ntfwWOwXjhBDdjNg+tliirWhlOeHNiQ=;
	b=LSTTcGTW/JuBje5YoXRAC20kvQlRHNQeleDPmbPBFmzAInfU69OnREtEPcMaSUTLf2lJsM
	4YcXpBu7zqMzhi0w2wF/48v8n6qyMAEgX3WZNlJ0455VX9ULmQ3Przjy1eCPx4fTknKPj7
	o4bw4i+UBPebKKbBVHGtuh5vxmosMfD19kbaB8P+hBX8kSMikoUxEdMPOUo1JRlij4IvNf
	ZuU0m5A7OlQ4aBtICaU0fv2QtpWKQLi4WGZrFAPock0P+3VYmCi7ywLTjq42ovcgB3u1qX
	B9u3QSMLAX9c2wGUmJvHbgqEicquIIs7JgRxPs+LHrxYE7PCzZHnOnixgZULsA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722908932; a=rsa-sha256; cv=none;
	b=M2ZTxXcpwptADoujhIzIvjbdFMWKXmxMNvw+m4+PVtjuEbqTyoEyTzxoar3MkoHVBKg7JL
	z/ju6UO+J3kbtvz26g7hfT4/UCWyiX3tCAw9913ktpJpxkbNDdpvlEhPHxw9nf95EVfqV/
	59qiZtiJrDB/CDgVARk7vSbu0QDN+NTOR25UMkh6NP9+N8Eus1SGtmgGdtigaffMp+zZxm
	vC7TXrPjKVtIbAPfrorq9XmdVSbjJUtweaJjoBaRBfTecvHNnNgT+u+5Rmna+l5qOliYjO
	gKRG7qxqwzRGUhq0KP6Bt0K4JX+029jUxNjmHLZLLDeIBP/BTX4ZtkaIbhRjJA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722908932;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hkRQl94sSIe3ntfwWOwXjhBDdjNg+tliirWhlOeHNiQ=;
	b=G6kLo5e/fxDeDBRpy9tb8D+IeZa3cxkSfGXQS5zSQ8qxm9ZlX7kReP6RGdQkVHQPeLzj93
	M0nfKcU3PLUWLFhjwAZ+Hzm+p83W9fDuElsNUl9cigqLscG/h7ZJN3R5MqVSqGbsZXAhqU
	RrR2ZRJl4KfOmlIoWpiHl7LAwBcOD5Psxqq1cg/hR/YRmGiYWP6zp7y9fNTIkdNlWTm1J2
	nsb79Fe1LN5twqit1MOygzN6QGDYZptXoK5EJqhGnvTU9Byr0l5UxTFonLAAsdvVCuArTH
	mU2LXlorA5DX9le/BwghJnlA/ZjbsX7k8WNe/7HeVhlLxioJDVY13DzYbH/8cw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdGS44fNzzn6b;
	Tue,  6 Aug 2024 01:48:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4761mqEG064716;
	Tue, 6 Aug 2024 01:48:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4761mqSN064713;
	Tue, 6 Aug 2024 01:48:52 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 01:48:52 GMT
Message-Id: <202408060148.4761mqSN064713@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Sergey A. Osokin" <osa@FreeBSD.org>
Subject: git: 38e43c905725 - stable/13 - bsd-family-tree: add FreeBSD
  14.1
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: osa
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 38e43c90572511498fbad9e717870eec954cffed
Auto-Submitted: auto-generated

The branch stable/13 has been updated by osa:

URL: https://cgit.FreeBSD.org/src/commit/?id=38e43c90572511498fbad9e717870eec954cffed

commit 38e43c90572511498fbad9e717870eec954cffed
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2024-08-03 15:48:55 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2024-08-06 01:48:15 +0000

    bsd-family-tree: add FreeBSD 14.1
    
    MFC after:      3 days
    
    (cherry picked from commit 2b4aa2816cd2988d0e20cee9035d8ab9712d6708)
---
 share/misc/bsd-family-tree | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree
index bbeb054c1c59..a30ad2835676 100644
--- a/share/misc/bsd-family-tree
+++ b/share/misc/bsd-family-tree
@@ -453,13 +453,15 @@ FreeBSD 5.2           |      |                 |                       |
  |            |       |      |                OpenBSD 7.4              |
  *--FreeBSD   |       |      |                    |                    |
  |   14.0     |       |      |                    |                    |
- |            |       |      |                    |                    |
- |         FreeBSD    |      |                    |                    |
- |           13.3     |      |                    |                    |
- |                    |      *--NetBSD            |                    |
- |                    |      |   10.0             |                    |
- |                    |      |                    |                    |
- |                    |      |                OpenBSD 7.5              |
+ |     |      |       |      |                    |                    |
+ |     |   FreeBSD    |      |                    |                    |
+ |     |     13.3     |      |                    |                    |
+ |     |              |      *--NetBSD            |                    |
+ |     |              |      |   10.0             |                    |
+ |     |              |      |                    |                    |
+ |     |              |      |                OpenBSD 7.5              |
+ |  FreeBSD           |      |                    |                    |
+ |   14.1             |      |                    |                    |
  |                    |      |                    |                    |
 FreeBSD 15 -current   |  NetBSD -current   OpenBSD -current    DragonFly -current
  |                    |      |                    |                    |
@@ -892,6 +894,7 @@ FreeBSD 14.0		2023-11-20 [FBD]
 FreeBSD 13.3		2024-03-05 [FBD]
 NetBSD 10.0		2024-03-28 [NBD]
 OpenBSD 7.5             2024-04-05 [OBD]
+FreeBSD 14.1		2024-06-04 [FBD]
 
 Bibliography
 ------------------------

From nobody Tue Aug  6 02:46:47 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdHkv4Mxlz5STRd;
	Tue, 06 Aug 2024 02:46:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdHkv3sDsz4brV;
	Tue,  6 Aug 2024 02:46:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722912407;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kIHA1s3r7tYfABU09V7E0m9fZJAwJBZoXmYwpsrVH1Q=;
	b=GmZY+TvgCoOxnlYoRKn+bbMj5kX5frsAu0O+/QYPZhXNAeWvVTn46Lsf9PLY+7KWFrzaxf
	xTl5nJ9tMwx3AKYlDsVLt/M4cVvMwyZhIE+PvFb3bt4vEK05s942NGmOir98sw8h9/TsaN
	AWgHZs2sCnf7j6/VQBswAv1xvLCZYqJvTrqAPNd+RVlpJiDv/ZFM9wOc5o8HzE9Um9xtxD
	xdUjMz2pU+LTOZILgFhtBJOo1Z0CPqtYN+2IC4WM1pNzFqFKspRJ3Qccu+fJixdSX8xTZV
	ssRcy/r3NnR6OuhuCFx8XcBNpWa1+Gv4DVDPudCqHZ4krlE//EY7wXKAudNDlg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722912407; a=rsa-sha256; cv=none;
	b=CKhC3ZCPsNBxAJ1gfEIMMnPPbuv+zBUOflvBtHFAeN6Xp4yfD7xUMZV9iJR9gqAan8prLb
	z2rMaDDvge2ZX/qdLE1CRyD1Myuu/meyQAp0OhwVUV1A1rR74XotqwCxVCi0qxl9wB5+5/
	ezfOZbjNe3f/lMz1TypFBYmpGmocj6M2VQXPJqytA0Z4bN1/QWA08tn9Rw8HKXBKfrS35K
	tGO7igitih/y9PWsl5Ln5xULpOHNCjBAtzyCuTkywqeCR1hHew4h/Ga3su2Ndh1+03FWAT
	DL8wWuW+2HBfRMv8T2zvAfZM14shCND/LUn+ICxdeTQj844fCZF9liMskSpCeg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722912407;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kIHA1s3r7tYfABU09V7E0m9fZJAwJBZoXmYwpsrVH1Q=;
	b=d/54j6ih1uk9S4kEXvbR7MFkGXVcgzaU8uWaH1u0kWPCAQBQszHafOney/hWHuTGLj3irv
	1tsk8G9K25s8WyZAOzMuH8QdrIhUDzvcuvV21EFywQQnJuKbAWk6808ORZmgfeWFJHgxvF
	aXdWZ6qj6ZLjsHj0DqLnTCbIv6cktzJizfOCo0kRZRqZfJxBYKcc7OItWPFzY46QqvchTz
	xMf5X6pJFVMhXd4pSsMCBnzdRL0foSlMl8vqCm7Ulsza78aAKZ2n/qVdaUFM/TEh9b+1eu
	0exyPoQQaI7GYV8ORGF46YSsx+HXioFPbwMHGjFr2NYGtIBmeAO/DsRqhzM45w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdHkv3KfczpZf;
	Tue,  6 Aug 2024 02:46:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4762klwo066111;
	Tue, 6 Aug 2024 02:46:47 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4762kltZ066108;
	Tue, 6 Aug 2024 02:46:47 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 02:46:47 GMT
Message-Id: <202408060246.4762kltZ066108@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 5b1211bb358f - stable/14 - mlx5en: limit reporting
  eeprom read failure due to unplugged module to verboseboot
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 5b1211bb358f649b36375361395359541b3ed5d7
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=5b1211bb358f649b36375361395359541b3ed5d7

commit 5b1211bb358f649b36375361395359541b3ed5d7
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2024-07-26 21:09:58 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2024-08-06 02:46:26 +0000

    mlx5en: limit reporting eeprom read failure due to unplugged module to verboseboot
    
    (cherry picked from commit 2204a4829083bf2a40304ea873d287a5498973d7)
---
 sys/dev/mlx5/mlx5_en/mlx5_en_main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/sys/dev/mlx5/mlx5_en/mlx5_en_main.c b/sys/dev/mlx5/mlx5_en/mlx5_en_main.c
index 97ec1b4420a8..55a4bc3cec79 100644
--- a/sys/dev/mlx5/mlx5_en/mlx5_en_main.c
+++ b/sys/dev/mlx5/mlx5_en/mlx5_en_main.c
@@ -3674,9 +3674,11 @@ out:
 		/* Check if module is present before doing an access */
 		module_status = mlx5_query_module_status(priv->mdev, module_num);
 		if (module_status != MLX5_MODULE_STATUS_PLUGGED_ENABLED) {
-			mlx5_en_err(ifp,
-			    "Query module %d status: not plugged (%d), eeprom reading is not supported\n",
-			    module_num, module_status);
+			if (bootverbose)
+				mlx5_en_err(ifp,
+				    "Query module %d status: not plugged (%d), "
+				    "eeprom reading is not supported\n",
+				    module_num, module_status);
 			error = EINVAL;
 			goto err_i2c;
 		}

From nobody Tue Aug  6 16:40:59 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdfFR1vplz5SFys;
	Tue, 06 Aug 2024 16:40:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdfFR1TnDz42N5;
	Tue,  6 Aug 2024 16:40:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722962459;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=KvZ1AjuqiGxKmYlx0vMHlqlUalSuEJWdBj1Xdhq8+wU=;
	b=dBEn/TMnYnACmZCFedoIhjKZzJhIsJP4lW/3iTO3tYX2PUnb6V4l9KtZPMLPGqVw+/gVZ+
	0DW46tttUWVs2TJnHkubPZi3uyWewdO4ykoXfIUfSl0+faKkHyP5jukypCIE7XfsaECLP1
	KJDVKgb1N1EV4ljpX0sC1SxyZqbxuP/hRBlz5/A0n5UjvyftY/73zyUyAtVWxRd7l+j1xI
	yCPjOSzzM6RKci7TsgcYq3JNZR4hP3o3De0T1MQjKiuUaG1XXKykDlw8/HjcZZnNa9LAOK
	YPrxlK4MF2EPMNF8Neh+PN+mu7XBf462sP1coKVAgjCXQb7K37TE2umamquasA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722962459; a=rsa-sha256; cv=none;
	b=UbuddeN68wDUm8/1tH5z+hmgNCgVGHN+Q8XIxOfXHsPenEUDPUN1H4sSsYz9RVv4MOC/Xi
	vlfGNEk9QlGet+w3HQM4DxPX1OI08jI+SdKeVAGnpgN49JybupgACBRpNKSwvFDmlrEr3m
	4GiImNYQYireN9WdrUDK9ZW4XA2ED1UT2B96qwmRDEQAyoVC7FkyuZUSCSAjV9W4X3TbZf
	gCwlQDyDFXZ+hyyMyD/NKH0XenfHRgo2qEoRojlGGea7mqj0zxHVxWN4oUcgxi3WR6TITI
	2qS4vbapTbU6jHtDTzY3r95024FqfB92gO/RKfS3lPmOjrnVREyvb5NzehBG2Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722962459;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=KvZ1AjuqiGxKmYlx0vMHlqlUalSuEJWdBj1Xdhq8+wU=;
	b=ymkSRwptqKm8PsIslaCrPIXoGtpq/FDbpvP+0BFX2USL40SPl1xP2t5j/t7p7Xc1RCpyO9
	pBfebuVfEgOZJTEYoAlWlJAD04YLy/SUbOjJaZADhYbgL8OagWAh5Z0bEZb6tDwd1hQld+
	VNRsTZLox1Hb+lBzTweLKa3QLQOuyYkBeRhqeLg4pQrN/tlgvW5gC0z+GzE/elaGrA5Au6
	98Xlx5r24MdK2GLj+pJ7A+O8BUeo1hehPh8wuF+j9wKFjcpeg02ICSqB14uVx9r6NQb1K/
	JZCTOI6kdebVcUShIKXhs5uYidovNwgjOJuLElSBrkmlpiDDRkRImkzGizPXUQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdfFR15lVzFHq;
	Tue,  6 Aug 2024 16:40:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476GexXX083975;
	Tue, 6 Aug 2024 16:40:59 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476Gex60083972;
	Tue, 6 Aug 2024 16:40:59 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 16:40:59 GMT
Message-Id: <202408061640.476Gex60083972@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 067adbb4beac - stable/14 - malloc: Handle large malloc
  sizes in malloc_size()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 067adbb4beace0c5554926012ae1b782748bc660
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=067adbb4beace0c5554926012ae1b782748bc660

commit 067adbb4beace0c5554926012ae1b782748bc660
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-24 20:16:20 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-06 16:40:51 +0000

    malloc: Handle large malloc sizes in malloc_size()
    
    Reviewed by:    kib, emaste
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D45661
    
    (cherry picked from commit 1c30cf95098e999ee24b2396763b4f65d021cdf0)
---
 sys/kern/kern_malloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_malloc.c b/sys/kern/kern_malloc.c
index 6e0d12983a2b..08530b2a8930 100644
--- a/sys/kern/kern_malloc.c
+++ b/sys/kern/kern_malloc.c
@@ -1068,7 +1068,7 @@ malloc_size(size_t size)
 	int indx;
 
 	if (size > kmem_zmax)
-		return (0);
+		return (round_page(size));
 	if (size & KMEM_ZMASK)
 		size = (size & ~KMEM_ZMASK) + KMEM_ZBASE;
 	indx = kmemsize[size >> KMEM_ZSHIFT];

From nobody Tue Aug  6 16:41:00 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdfFS5nB3z5SFsH;
	Tue, 06 Aug 2024 16:41:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdfFS49Dbz42l3;
	Tue,  6 Aug 2024 16:41:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722962460;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Nz7hM2uIbImfOsmpJ25J6wNTSK1BXjwpu9ZSb66mtFA=;
	b=KrZkiYhOMkgiYMDznJSw5iWi+vS7jiIKFKgXExDiuxdc0HKSCwED3VGFmlTw1PBWVv2Njd
	5azM8GpqMObPTrmg1rFVNaMt7kZkAaFFFFVULodQsAghkkCf/n4q2LZ8GJl6nUriV4golt
	fxxP6Pw/KXWzW76BZCZmdJ/b2rf7RXIDvMDMkt/Cdw1625GkK5n4RKO4qOpdz+UsklFta4
	6F/VQwIrXknMddRBzu0cksek8eKUdr0xuOsveQFgNHd59aGYTUoBgxOvh24aWnC5YUFzc5
	cFR9rJSBMsYxekdaVzc81NTQe0MY1hSYahz3AfJLcgWBLHfg8ACTS/LEfEKbYg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722962460; a=rsa-sha256; cv=none;
	b=aDXZBCanrru2r976YYPKPyWUoGA3CNhndTer9xvp+dc08QfQx6Azo0rgT/RXTQAztPK5uu
	cuqENe4Sa0keWKlkFCYwKN++wsGhp1U/eCKaneqWWuenTcCPbwjwHzYSTL7MsrDZN7mq+B
	jGeriag/mfAI/0igdA7+cUfp4LJI80M7iwKNEMJYzd3+CAx+IwLBB+k5WbaNDtUAn/tj1Z
	6m5/n0WR6ZJYEtrHW+Rpnrr3vmBhL2LlCdiM/muUJRzNpxdkfO9UibceLIO0Ay+6pKmeEf
	aEYdzJXxSsXHrmyn0xC2rC8Nf2sfxFyCSbOPJu2S2sP/t98xfMBk9ITmEUaLlg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722962460;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Nz7hM2uIbImfOsmpJ25J6wNTSK1BXjwpu9ZSb66mtFA=;
	b=iE1vL7qRUdZhD7tvuugxsDKncqdF+Qez1BwbOKt/UAg5ITt/Tu5StpQ8uky58rKsxW7f8w
	cGOw1PwkgbS3gXZHNkOVVm2ISeKz9D3//vqfEcfna28NNwJOHmo8ErW3j+KPG0IkOWPdox
	aLgYQSd1bQ2uVYsrqDtEbzrqJgb7P81a5JwI0vknGAqdazO9QB6myHN8TCF1DNNVitiWE1
	nwn5bbOPqBaQDyRoHZsL/LGCuUb/Q8UkDPBGloouCM/1OSweslTd6ru6+oFiFwjA6PuNHq
	KNNVRvnWbQ1Tjt9dp3whPctTy8PnO/LyP7yK9k/UkQJIi0s7zcemcEcxHfZJOw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdfFS24KdzFQH;
	Tue,  6 Aug 2024 16:41:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476Gf0cG084033;
	Tue, 6 Aug 2024 16:41:00 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476Gf0BM084030;
	Tue, 6 Aug 2024 16:41:00 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 16:41:00 GMT
Message-Id: <202408061641.476Gf0BM084030@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 014b6c341d9c - stable/14 - ktrace tests: Add a missing
  mode in open(O_CREAT)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 014b6c341d9cfec30ec28cea9f304abbc156e625
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=014b6c341d9cfec30ec28cea9f304abbc156e625

commit 014b6c341d9cfec30ec28cea9f304abbc156e625
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-28 15:31:40 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-06 16:40:51 +0000

    ktrace tests: Add a missing mode in open(O_CREAT)
    
    MFC after:      1 week
    
    (cherry picked from commit 9cc67e43610e34a692398a65adcc5e8846e84250)
---
 tests/sys/kern/ktrace_test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/sys/kern/ktrace_test.c b/tests/sys/kern/ktrace_test.c
index 21868441c687..9d4c2dbdcd74 100644
--- a/tests/sys/kern/ktrace_test.c
+++ b/tests/sys/kern/ktrace_test.c
@@ -116,7 +116,7 @@ cap_trace_child(int cpid, struct ktr_cap_fail *v, int numv)
 	int error, fd, i;
 
 	ATF_REQUIRE((fd = open("ktrace.out",
-	    O_RDONLY | O_CREAT | O_TRUNC)) != -1);
+	    O_RDONLY | O_CREAT | O_TRUNC, 0600)) != -1);
 	ATF_REQUIRE(ktrace("ktrace.out", KTROP_SET,
 	    KTRFAC_CAPFAIL, cpid) != -1);
 	/* Notify child that we've starting tracing. */

From nobody Tue Aug  6 19:43:54 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdkJV3CfVz5SXTy;
	Tue, 06 Aug 2024 19:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdkJV2Nfkz4M5L;
	Tue,  6 Aug 2024 19:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722973434;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6EK/gXhUpjZpkpHfubqX804N/y4N7d9k+JkyoJ6WINI=;
	b=cBIu35WL+9UDa4C4s2aVuQjAURt7avFdKNQ+lVE8OZEXx88Diy85RsCaBUU5Q61Lrh262H
	dCbRZ4Ls9GoSEqU/aMotIFuQ0tnyXJdxv3L2V325ikULDIqJK8YS07I/DpkAMGGBrus+a+
	Scv6+K0cYlSXLkY6zstpcorKF74WPk0knKqcroZlnXxbZcYAAW5r3jTb74nva4vT7NQ1KL
	jBTTVVdLsghgUpmfsTfeZx/+VcBAmqOVz/YYmttiVGAaoksXOrCbsdAGvLhrBaXLYbfBUe
	l4zk9QtgTl2in4bjf4ReNCjgW1aSPSHLv17Pb3uym5yDjsySoClvOV8Rw+emsg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722973434; a=rsa-sha256; cv=none;
	b=Xj94FwieUHcW//j0PYLsxhneHpJn5Cj0pVbQTZqC5ZBnyWvzlD+Q5gqbPxUkadtGH25GG6
	N604Y/3ta6YkXc9H8rGgwcmn8O0DgpclbsZqso7v+k0gmLKE2zqb44GCgi/I10T8uDEa0o
	+RPeOM2dTh9b4I+YgaL7SmIwoyUN4XAc13Isr7t6GRCqQyCUM05nNaoYUeLeBa1aHvKFcC
	seV+don8R/wxo9ZHBJLZGtSQmtn6QTLWAAL0htz474WooJ2fvNV8xuxFXYHzAW/hycHZOX
	4mXuQ0JYIkIHCVzCpUNkvgyi6f9J/SPKkuguNlfqi7FQFSbx0vGx5h9x51S0iQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722973434;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6EK/gXhUpjZpkpHfubqX804N/y4N7d9k+JkyoJ6WINI=;
	b=rY8x9CnbIs0wrIbxPciCoZMHIt/DVEogHQYsBcDtVgvWQqvV2Po8P/LDP226OZw1pDmTzo
	AKJkZwHqEl3bqRNfgfLT1YpNJVQ5LRF9OvWjjfDon+AQdXSMikGLc1JS0mPpcuYCVj6g/w
	DlUiX6y1qkyQXPGBw7YVAGPfwOX6wH0i8sYXaI2C5d8zYD5Xc18smjrG5ayz2N/zsfCbMS
	qmN9CsjHFcqz4jF3Aypj32U1yYFVwDYr6S9vfK1Ob2v5sHVKBMEfLeS0PnDWd3+sGESina
	W5YP1qFY82tlkfJpRKRON94cOKIo/73gFuyBDH4VQv7it8sRpdVSf+6PdkKZOQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdkJV1dnyzKvS;
	Tue,  6 Aug 2024 19:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476JhsEG095770;
	Tue, 6 Aug 2024 19:43:54 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476JhsNs095767;
	Tue, 6 Aug 2024 19:43:54 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 19:43:54 GMT
Message-Id: <202408061943.476JhsNs095767@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 73466449a9bf - stable/14 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 73466449a9bf1888147c53d622236cebc0aa591b
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=73466449a9bf1888147c53d622236cebc0aa591b

commit 73466449a9bf1888147c53d622236cebc0aa591b
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:40 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    
    Approved by:    so
---
 crypto/openssh/sshd.c        | 2 --
 crypto/openssh/sshd_config   | 2 +-
 crypto/openssh/sshd_config.5 | 2 +-
 crypto/openssh/version.h     | 2 +-
 4 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 0c83e0ea468e..889f2056bc75 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index a06f8fcc13d1..7f559775e3b3 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -105,7 +105,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20240318
+#VersionAddendum FreeBSD-20240806
 
 # no default banner path
 #Banner none
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 0715b1f9d581..4de510ac8795 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -1944,7 +1944,7 @@ The default is
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
 The default is
-.Qq FreeBSD-20240318 .
+.Qq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 836b5650b247..82be0be8498f 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Tue Aug  6 19:46:19 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdkMJ29bVz5SXbX;
	Tue, 06 Aug 2024 19:46:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdkMJ1fzbz4MV0;
	Tue,  6 Aug 2024 19:46:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722973580;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=1k2QIiakN19gveCBQxpiG0TGijUsgrXvlRqLq9z6m6g=;
	b=bd/EsCoU3P0N8tx55eCnJH3CjFIHD8D74YGfL+uEK4iRI3S9ToDO7ck4FgA2Ez4T6eG5T0
	U0ZkN6qXmDT7fAIhnP5EHyRs38d7jXyX0ItKSSTcKkbGLqukGx9axqz8sGmq+f1g5oYcCF
	P1XYFmOtZZZSrWZ7XzmBC9e1GNC7azfXs758V7U0d9Sq8AnsTGz4XQxAmGgm4ZrPhNL8tC
	+PS6VHJ1dPn//Mk+xk6Ttkf6SO1eDXTY/46U/4/FUKs40RwITpGCEDRtYzzDWI5GmWxo+g
	MlJefgdFmf3Jetd+ob/2vC5earJ5F0Vh6OCOmGs5bZhVV2vQfJRyPtwCb5vMew==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722973580; a=rsa-sha256; cv=none;
	b=NVdZx7goKctn5KEB9CqddSzmNh1m1xN2jCheLAwVfuHNoNq3BnyHgUFhWE5fRY0+hYRkKr
	NPu7EhKkR1oowYESClH99yVU7zxNmX+ZfsiexIriuXa3pR7qGQbTKqus6b5LIOMNFei/WS
	zgioIMJjhyAjaOIT76uPLfiWVX3XVbtlIygilmH1OqTAa+Fm9EnTaQgCMdHNUHecTkUggr
	uNFPRet37/Gt4jVvD/YzzfekVyew6bhwqEzpfIOb39D7ThsD+u18xlCSig+TmDDW+InFe4
	UUckeZnydFHf3irIvy+27TwfFirvDvY6tpSI7FXtiNK5LMEEpCS3iF49oo+crg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722973580;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=1k2QIiakN19gveCBQxpiG0TGijUsgrXvlRqLq9z6m6g=;
	b=Sm/VhZ5Z4vhSqNo3Rn0vcAZ/VZ2OKy22VLs9UXYPa2KBqvPtm8JrvZAqbRK20VpWrgcqqR
	AvgaiFsX69JNZUIV/AUDSwcz8mTUcByeCDm5WE+Ye5H/KExN5JDerLkdJk2fyAjyN3L3+B
	vFp5wMzNdlO5GwGKunUvIosOup9TvghSxGZwqLAm7TBhLD2ZgfZAK2MoIeEDwWSlcfy5ED
	hoNPGGhMpDsKV2WCrhb2wvIlXHak4mYryvUYcgjvJNWUV4njomEDJz6/kNzg4RYjGjewpR
	lZUq7H4qyZIHL/nBcvDbJzusxirw859g0KreQS3EBmqWGVxMhO17ZfPsD45+Ag==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdkMJ0zxTzKrq;
	Tue,  6 Aug 2024 19:46:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476JkJTr096224;
	Tue, 6 Aug 2024 19:46:19 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476JkJCb096221;
	Tue, 6 Aug 2024 19:46:19 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 19:46:19 GMT
Message-Id: <202408061946.476JkJCb096221@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: d5f16ef6463d - stable/13 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: d5f16ef6463d73270e4380f3498410c8ad91f495
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=d5f16ef6463d73270e4380f3498410c8ad91f495

commit d5f16ef6463d73270e4380f3498410c8ad91f495
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:46:01 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    (cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)
    
    Approved by:    so
---
 crypto/openssh/ssh_config    | 2 +-
 crypto/openssh/ssh_config.5  | 2 +-
 crypto/openssh/sshd.c        | 2 --
 crypto/openssh/sshd_config   | 2 +-
 crypto/openssh/sshd_config.5 | 2 +-
 crypto/openssh/version.h     | 2 +-
 6 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config
index 36c6c7785fd2..a047ce2deb93 100644
--- a/crypto/openssh/ssh_config
+++ b/crypto/openssh/ssh_config
@@ -44,4 +44,4 @@
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 #   RekeyLimit 1G 1h
 #   UserKnownHostsFile ~/.ssh/known_hosts.d/%k
-#   VersionAddendum FreeBSD-20240318
+#   VersionAddendum FreeBSD-20240806
diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
index 020d254f7f0d..de1903ba43a2 100644
--- a/crypto/openssh/ssh_config.5
+++ b/crypto/openssh/ssh_config.5
@@ -2137,7 +2137,7 @@ in
 Specifies a string to append to the regular version string to identify
 OS- or site-specific modifications.
 The default is
-.Dq FreeBSD-20240318 .
+.Dq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 0c83e0ea468e..889f2056bc75 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index 54a1d9d486d0..866e905d9515 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -105,7 +105,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20240318
+#VersionAddendum FreeBSD-20240806
 
 # no default banner path
 #Banner none
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 1c3de78d1cf0..a354c1ef2b0a 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -1947,7 +1947,7 @@ The default is
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
 The default is
-.Qq FreeBSD-20240318 .
+.Qq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 836b5650b247..82be0be8498f 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Tue Aug  6 20:43:35 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdldM33s5z5Sd5V;
	Tue, 06 Aug 2024 20:43:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdldM2XLCz4ThZ;
	Tue,  6 Aug 2024 20:43:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722977015;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RTk5BX/wY+TZsuPy5reFE4ZE1eiLBX4CnxhatW6oOpI=;
	b=g1go5RwzGf7ScM7u26Wdaqtdd6x0Lwfir9Tazd5igFuyUL1QVzSikDN3xI07NSo0Dsmg8x
	9y+6FM0W6KrZrx9LTXAsPdrfI9//MnMCRATOqZrwedUTu/LaXlibpSj5fOUucLozwlzOfe
	69Hf1CJ654Mn1HtGV1LsE8qvOjXJ345WkiO4iN9v9vZ9mCVGTVjcSybWWuV3sh3qms3mbj
	NAgNteGU1fbvdbcXwMzF1yNZpIbqjN1TqLiMhpzDvCTi7NxA6pXgWYDy+vihWM8shRmS7h
	jd6VX6tS5iDbtye5rZY9bpuyjEmKXiW8HeRIF4pMhu3Ck2F0lNe7QRcMDKOxWA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722977015; a=rsa-sha256; cv=none;
	b=kWO3MeFuy6MjZ0t+q88hdOqnIoLkVZ7QH3tvA97am35Uqi08wFPperQ+T8FW4/k0ym9b9+
	VUMMFwzDQBPOtUv3t90pwb3OVTPAT3YVf+Q+EoFUD47mnAIy6p28djnGq9e2fOpcbjTDJl
	+vJkL6e54zDQyLrGYdS8CEcWHMfGHroPsnSbCtzFlQv9UkaVgdOAi6DIbQYVWMQq78F2Cw
	DBEAgxDAiYmYsTuMFVVTf1Q2teFjBboOeo3sC0M7u2EVr31080Zi/ia1S/k1djouqgoG48
	KQegcRsmnsqQKDCQRXAiQpHX0BTXhtsWQSYFd7a1wQIWtwFp9cbs/GH26EbTBQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722977015;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RTk5BX/wY+TZsuPy5reFE4ZE1eiLBX4CnxhatW6oOpI=;
	b=k5eUthutBHOqf1odC9j09Kd8KFoBG5jtuZBwz+t2InvNpF6+EGb+8K5ZnwHft78a074rMa
	/XrJUnl8WtSJVZmgp0Ws32LIC4yXbnnv7vPhlfruoKN9KtvKAnYzob82rDYCQZ+kgRl4DA
	NRcelt0OVa2crHZTa+0Sc0ugr+whuNNHuqHmvHhDtq12niBdF/yo/NlxFtuVW+9YXvlbmF
	3YCfrFKBNVUFuzmmCPnlvft9K4wvFVNNHXARXevRAM/apM/SQqWdDDfSnsEIFRoU9H3Ha1
	ps2Ujv0T2CvddWYlMn+bhpqllYWv2yZROQ37i3FWXqnPO5uwK5mNApJdMhlftQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdldM27Y1zMPN;
	Tue,  6 Aug 2024 20:43:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476KhZEo097610;
	Tue, 6 Aug 2024 20:43:35 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476KhZG3097607;
	Tue, 6 Aug 2024 20:43:35 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 20:43:35 GMT
Message-Id: <202408062043.476KhZG3097607@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 6cd4450c6c9a - stable/14 - msun: update Clang bug
  reference in fma test
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 6cd4450c6c9a83a0fd9430df7ec02c4c3203ad25
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=6cd4450c6c9a83a0fd9430df7ec02c4c3203ad25

commit 6cd4450c6c9a83a0fd9430df7ec02c4c3203ad25
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-06-12 00:23:44 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:52 +0000

    msun: update Clang bug reference in fma test
    
    LLVM bugzilla bug 8100 became issue #8472 with the migration to GitHub.
    
    https://github.com/llvm/llvm-project/issues/8472
    (cherry picked from commit 92927b8bcf51dcbcf99d633c1b3cab3cab2373ac)
---
 lib/msun/src/s_fma.c  | 4 ++--
 lib/msun/src/s_fmal.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/msun/src/s_fma.c b/lib/msun/src/s_fma.c
index b8a342646d85..16902d321290 100644
--- a/lib/msun/src/s_fma.c
+++ b/lib/msun/src/s_fma.c
@@ -244,7 +244,7 @@ fma(double x, double y, double z)
 		zs = copysign(DBL_MIN, zs);
 
 	fesetround(FE_TONEAREST);
-	/* work around clang bug 8100 */
+	/* work around clang issue #8472 */
 	volatile double vxs = xs;
 
 	/*
@@ -276,7 +276,7 @@ fma(double x, double y, double z)
 		 * rounding modes.
 		 */
 		fesetround(oround);
-		/* work around clang bug 8100 */
+		/* work around clang issue #8472 */
 		volatile double vrlo = r.lo;
 		adj = vrlo + xy.lo;
 		return (ldexp(r.hi + adj, spread));
diff --git a/lib/msun/src/s_fmal.c b/lib/msun/src/s_fmal.c
index 3d333632127c..9d08bc72e12e 100644
--- a/lib/msun/src/s_fmal.c
+++ b/lib/msun/src/s_fmal.c
@@ -225,7 +225,7 @@ fmal(long double x, long double y, long double z)
 		zs = copysignl(LDBL_MIN, zs);
 
 	fesetround(FE_TONEAREST);
-	/* work around clang bug 8100 */
+	/* work around clang issue #8472 */
 	volatile long double vxs = xs;
 
 	/*
@@ -257,7 +257,7 @@ fmal(long double x, long double y, long double z)
 		 * rounding modes.
 		 */
 		fesetround(oround);
-		/* work around clang bug 8100 */
+		/* work around clang issue #8472 */
 		volatile long double vrlo = r.lo;
 		adj = vrlo + xy.lo;
 		return (ldexpl(r.hi + adj, spread));

From nobody Tue Aug  6 20:44:09 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdlf12YCXz5SdBN;
	Tue, 06 Aug 2024 20:44:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdlf121Y1z4VCj;
	Tue,  6 Aug 2024 20:44:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722977049;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=+YD1y9wyhLvXWjO4HCXy2mRoolUfC28XzNzEyMuBtt0=;
	b=rgFShhBcscUBgHB0M2BIUbSOvDWDgThKNXf83c6Z6lUrsi8sj1/NQgVWcu1YvNT1BALmdg
	2FtjuQq/Oz823VubNOWsoN76wLfMxfxHT/O8d98NzXmU8i/T9MM8MqDnLaobIAp4FOXqey
	UgkGH3b75mH+HoFjNFZwLWLa8ecr8OLSJF1Ja5z2ceCTwgt/1hm1BeI88UVqGYBW3m1gQE
	7XlfXVKon2U3J99IC52IamwHdKpnxMkLI2iZP+4sSYzXy2cQb/L+Wf5pupTFbQ/aAagZ6g
	w0I//y49eTQ9sZgcORXjRdZxDH8gPEn7xDrTm0XoLaMS+N4sZq+TSw3CNhr4HQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722977049; a=rsa-sha256; cv=none;
	b=Al0Po1WE8dRBR9ygDjQmm/hRnPSVe7Qr67V0leFq1JygpE8suERXP9bWiRBmdKUwRfGTHW
	b2hm/Ur6pdsiKjvt33rL1Tl43XFMy7XFLPDHUcMbcM3923q5G6AT7xFKBmakR6oBBij7TM
	1wfWz591/N52phZ2K0KXFUk++vco4iiMd1xPijZxp1H4Z7qJq7W2DhMh2RPkN9uomagE2I
	vwarD7+b3OTItCit8CugWtd0f32qOU1x0c6AKdkW9/wztIGokht1EZsGWruTQKF+SbkJnw
	fxO/dcHm+A1jBIRnCPAiPjpgwq2v64I/jSkEu7DF+9bcW8AvQ05s9Y4uw0EOcQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722977049;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=+YD1y9wyhLvXWjO4HCXy2mRoolUfC28XzNzEyMuBtt0=;
	b=GEKyq7949F0NBSV8Efu5LExJJlvMB5war0gCAICgj5jM6YlYz2VwVVfcTe7W+WXHuexp5A
	FojTUqs6M+QKCgWcEQSXfuT/+ejIvZ7jVSYYbuM+thLVd9j2PlMLJKso1Glsw9p0hCH0ny
	j3GEsbcEa7pyrNqhLSEzXc7NIdyZmlqA49bTGQPxXHFiHgVILoiaqkjJkNlqGI5aj9TITj
	us05v6yECRbzQc+skfhQ/+czKNBVQqEdNpHQzdf00LCaPNTWZoj7zHrnFY2EOX8eJ+4j2x
	EWEJYQiyxD/XYoNgDJaIL4srpV3/zGNOMehksYu+sVsSyPfBGez5kunEF1ZBDw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdlf11cPJzMTb;
	Tue,  6 Aug 2024 20:44:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476Ki9xk097857;
	Tue, 6 Aug 2024 20:44:09 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476Ki9L1097854;
	Tue, 6 Aug 2024 20:44:09 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 20:44:09 GMT
Message-Id: <202408062044.476Ki9L1097854@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: d1d8c9114751 - stable/14 - libm: add parens to clarify
  expressions in fma, fmal
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: d1d8c9114751ee481aa6ff980caa2640f8d6848d
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=d1d8c9114751ee481aa6ff980caa2640f8d6848d

commit d1d8c9114751ee481aa6ff980caa2640f8d6848d
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-06-18 01:30:44 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:52 +0000

    libm: add parens to clarify expressions in fma, fmal
    
    Obtained from:  NetBSD
    
    (cherry picked from commit 001606523a48ca2aa440c985db47327a00671358)
---
 lib/msun/src/s_fma.c  | 6 +++---
 lib/msun/src/s_fmal.c | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/msun/src/s_fma.c b/lib/msun/src/s_fma.c
index 16902d321290..6c889a6a46ca 100644
--- a/lib/msun/src/s_fma.c
+++ b/lib/msun/src/s_fma.c
@@ -222,17 +222,17 @@ fma(double x, double y, double z)
 		case FE_TONEAREST:
 			return (z);
 		case FE_TOWARDZERO:
-			if (x > 0.0 ^ y < 0.0 ^ z < 0.0)
+			if ((x > 0.0) ^ (y < 0.0) ^ (z < 0.0))
 				return (z);
 			else
 				return (nextafter(z, 0));
 		case FE_DOWNWARD:
-			if (x > 0.0 ^ y < 0.0)
+			if ((x > 0.0) ^ (y < 0.0))
 				return (z);
 			else
 				return (nextafter(z, -INFINITY));
 		default:	/* FE_UPWARD */
-			if (x > 0.0 ^ y < 0.0)
+			if ((x > 0.0) ^ (y < 0.0))
 				return (nextafter(z, INFINITY));
 			else
 				return (z);
diff --git a/lib/msun/src/s_fmal.c b/lib/msun/src/s_fmal.c
index 9d08bc72e12e..80c835d09c2b 100644
--- a/lib/msun/src/s_fmal.c
+++ b/lib/msun/src/s_fmal.c
@@ -203,17 +203,17 @@ fmal(long double x, long double y, long double z)
 		case FE_TONEAREST:
 			return (z);
 		case FE_TOWARDZERO:
-			if (x > 0.0 ^ y < 0.0 ^ z < 0.0)
+			if ((x > 0.0) ^ (y < 0.0) ^ (z < 0.0))
 				return (z);
 			else
 				return (nextafterl(z, 0));
 		case FE_DOWNWARD:
-			if (x > 0.0 ^ y < 0.0)
+			if ((x > 0.0) ^ (y < 0.0))
 				return (z);
 			else
 				return (nextafterl(z, -INFINITY));
 		default:	/* FE_UPWARD */
-			if (x > 0.0 ^ y < 0.0)
+			if ((x > 0.0) ^ (y < 0.0))
 				return (nextafterl(z, INFINITY));
 			else
 				return (z);

From nobody Tue Aug  6 21:10:12 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdmD51gsjz5Sfvj;
	Tue, 06 Aug 2024 21:10:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdmD518hRz4X6H;
	Tue,  6 Aug 2024 21:10:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722978613;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=pHAjSCohOTCDt7rJRT/zLmKNsHdwfq4eZ4o9oDEXn7M=;
	b=EXUeyZSGX72aS+oLMWJob3JHBQshbXocOnpWSFXXXXeluhlKqvnzu/wiVVyjqg8z0kKlek
	mvMFnLsY5AEhzl8o1pbY7IlyBbxLUKHV/j/O3YkokyOgGMlizm3WkA6L1NZJWDGAzv2eWl
	AezV7K4q5QnbV8JPthQHUiPrMqLxYl1VcN+Yl9YwG49FnlcBQF7q/q65GqLpqNRRcETfO1
	wQtoKAf5eFPyaB8sivHuAoxZoZm9rHiKclEA4LQZAfb8SsgEFUeJeMmgxmk3udBkjNS23X
	60YyQi6ZQq8kqsitdfPMB6v6AwmkPplME+14/kCbnZpsiXX5wOzUeCUPi3xScw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722978613; a=rsa-sha256; cv=none;
	b=uP4qfvmq0rqDbG749FOVdP2mbeLsRmkI1s4TRLL+Kokdhlu6uEOQRBjAVNJtEHwXWk7+eP
	NImqAOtag7cQWSwfezZomo/pZtebfULtA245AtQaauieW+8rVlyGQhcQR1IL8s31v8oAPE
	n6XekrHggOgC+6RWriaD4mj5vWTBZKs+CHQpjdWGRwNzNSSfyZp//VB4mULzRg4s8PX/pJ
	5XGq8rWMwFpEOStO6e6f1SV8baTgDXNqvFDEnbqoi05lh0rnzSgJ04ju64WBBTXRTntsLq
	TTtTm6pQK2mZte/Sfv3s4Y25e8erPW+CpeSrpYOpN/X0Ks+ADV97FYSdjkb1iQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722978613;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=pHAjSCohOTCDt7rJRT/zLmKNsHdwfq4eZ4o9oDEXn7M=;
	b=XIFw/jUeOI04s/EhyrIfuZI0tkZpDt4IXoUoDmskCAkSjamA8LSI/lidg4oLspDiktrBUo
	VF5/Uyvyo4rEDfT3xxaF71XbiDQ7IBw38HIJ3Wf/0OivsyCQDrUCB1/U+Igi5651D+45Xz
	v8IeH3BD0G4O/o6kPMs0ujRvbYwHTaiTWIo3TZYEq1lB3s7StHTvNZROekzbhogB25Eh7y
	HlrhXG17VDyqAoNm2pjhm9YL+FyL8Yd3IEhB7fSY4Gaf2n64Ox6xqHvgiWfRyBOjjpHpGM
	jluNcwOEAQaMO/n+/VsyVojkjQaHQ4p4Ywt+di10lKL7Ys+XyZmAV9CBrkcrFQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdmD50lyPzMYm;
	Tue,  6 Aug 2024 21:10:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LADwq040102;
	Tue, 6 Aug 2024 21:10:13 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LACcE040093;
	Tue, 6 Aug 2024 21:10:12 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:10:12 GMT
Message-Id: <202408062110.476LACcE040093@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: ed4fbdda588d - stable/14 - tools/build/make.py: Minor
  typo fix
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: ed4fbdda588d711d9dc5cb318f01dffa7b0c58b2
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=ed4fbdda588d711d9dc5cb318f01dffa7b0c58b2

commit ed4fbdda588d711d9dc5cb318f01dffa7b0c58b2
Author:     Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2024-07-25 04:32:33 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:52 +0000

    tools/build/make.py: Minor typo fix
    
    If the object directory prefix does not exist, make.py previously exited
    with a message indicating that the chosen prefix does not exit.
    
    Reviewed by:    emaste
    Pull request:   https://github.com/freebsd/freebsd-src/pull/1348
    
    (cherry picked from commit d55de30efd09ee011bf4604be1c15ce4155775c1)
---
 tools/build/make.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/build/make.py b/tools/build/make.py
index 5c483e8b45be..5ac99ddb2ee5 100755
--- a/tools/build/make.py
+++ b/tools/build/make.py
@@ -242,7 +242,7 @@ if __name__ == "__main__":
         sys.exit("MAKEOBJDIRPREFIX is not set, cannot continue!")
     if not Path(MAKEOBJDIRPREFIX).is_dir():
         sys.exit(
-            "Chosen MAKEOBJDIRPREFIX=" + MAKEOBJDIRPREFIX + " doesn't exit!")
+            "Chosen MAKEOBJDIRPREFIX=" + MAKEOBJDIRPREFIX + " doesn't exist!")
     objdir_prefix = Path(MAKEOBJDIRPREFIX).absolute()
     source_root = Path(__file__).absolute().parent.parent.parent
 

From nobody Tue Aug  6 21:22:04 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdmTm3X0qz5Sgcc;
	Tue, 06 Aug 2024 21:22:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdmTm339hz4Y5b;
	Tue,  6 Aug 2024 21:22:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722979324;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vpCLzBFgeQc9vOUB+cm5C4dcDYh40rUEqzXhzdkKPBI=;
	b=ZKptIIpWoGD9tziJVisnWN/y0Hl+LTatRVtib/Iypr/7FCkJa9kAdqIsordmodg9I1cn3p
	qJGsCO9KcmKiCfiTndRjVF9ccryZYZOnSywXAyKu82jh59lNcOE1PwjIuIT8Fe++1cfGww
	Pn5cFMI8FJFCqeD2iy4Q0oQEgmseNU4EaPMWjbE6mM6xb9UirxXYYDGrhE/Use/oOjTJVj
	L5Mf451TxbLR1s0JRYrRMbZiYtl8nhF6rDtGUBc/jzkQs72JZUmoJ/XYp41+lFAE6Ki+s/
	aAAV5KuwKfoCMSzTZ0YNbuX2w3URHvSH3XhjbtMuA+q5LcitT1f5rV6Mmd9bqA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722979324; a=rsa-sha256; cv=none;
	b=TfBGc6gxVV0060H5r/MU3Mcbv5uxgbMW5dQ0sxQTi+FzZ9wp3T3DSviFXoPV9UxqCrbqw+
	IBHugi29exmXk5jQPEteDI97J40un3VQY/uKFbIENbtvMEdIwPdYgS3WPc07wB2hZaTPTU
	eSvyXkz6m/hULVn5KA9GIa5YQR7mAJuBNVZQxi/P0Xm2Dg/TL7vPrI2yXxXwgdJCyMZhrk
	D0dCSeLBRxbG2+RCzqYVHZo+lTWHNvPbM7Lwk63yZ4HbcMJTjR4iyd+wtnaBXhL6x1hVXn
	oLy5RVsHZOdZ7+Jzwnmre2rfgGt7MzLJhjBuzCBfItclO4AtNgxzPGj/W973nw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722979324;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vpCLzBFgeQc9vOUB+cm5C4dcDYh40rUEqzXhzdkKPBI=;
	b=bhxRdvYRrIdqA4pTb5WfoxN8vS51bj0JHtRFdgzMga8Ck4aRKYg0jy1iE+2gvxR9TBbzkD
	SjJIWb/Pvtfqy6FQIWADwpEWKL1+dCmDifYwwZZY0StQqCQuisLEPJkRY8ETHlQbdFob//
	iLfaILL+XfALfMHaTPfFvOCn6g2RdoS0Yd+NUh7qSvspf4OKGR7373SnEXCEl/+PQyyqh/
	QVn/DlJvZ90YR7czjESpMmVVVnZsaFksleXh7MkIoU56OBDFne9oElo8YP28ws9upu7lEl
	kw0Bu1d7Qas45QTgEXJVnZ+qCeE3BwcVBPi9ZE7M6VN8duyrYcFI2GeyIeJuog==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdmTm1nDMzNGm;
	Tue,  6 Aug 2024 21:22:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LM4FL064030;
	Tue, 6 Aug 2024 21:22:04 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LM4M1064027;
	Tue, 6 Aug 2024 21:22:04 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:22:04 GMT
Message-Id: <202408062122.476LM4M1064027@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 5daa7f5bef21 - stable/14 - depend-cleanup: remove
  entries from 2020 and 2021
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 5daa7f5bef2162889b0eb43bcd4adf0cfa74a2f0
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=5daa7f5bef2162889b0eb43bcd4adf0cfa74a2f0

commit 5daa7f5bef2162889b0eb43bcd4adf0cfa74a2f0
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-07-29 17:06:48 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:52 +0000

    depend-cleanup: remove entries from 2020 and 2021
    
    > These tests increase the build time (albeit by a small amount), so
    > they should be removed once enough time has passed and it is extremely
    > unlikely anyone would try a NO_CLEAN build against an object tree from
    > before the related change.
    
    The comment suggests a year is a reasonable period but we'll be somewhat
    more conservative for now, in part so that we retain different examples
    of special cases.
    
    Reviewed by:    brooks, imp
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46178
    
    (cherry picked from commit 4a06d149371c16287e1dd5a8fa51e92346a0c3f4)
---
 tools/build/depend-cleanup.sh | 51 -------------------------------------------
 1 file changed, 51 deletions(-)

diff --git a/tools/build/depend-cleanup.sh b/tools/build/depend-cleanup.sh
index bed654cfb4bb..2627b19d4607 100755
--- a/tools/build/depend-cleanup.sh
+++ b/tools/build/depend-cleanup.sh
@@ -103,57 +103,6 @@ clean_dep()
 }
 
 # Date      Rev      Description
-# 20200310  r358851  rename of openmp's ittnotify_static.c to .cpp
-clean_dep lib/libomp ittnotify_static c
-# 20200414  r359930  closefrom
-clean_dep lib/libc   closefrom S
-
-# 20200826  r364746  OpenZFS merge, apply a big hammer (remove whole tree)
-if [ -e "$OBJTOP"/cddl/lib/libzfs/.depend.libzfs_changelist.o ] && \
-    egrep -qw "cddl/contrib/opensolaris/lib/libzfs/common/libzfs_changelist.c" \
-    "$OBJTOP"/cddl/lib/libzfs/.depend.libzfs_changelist.o; then
-	echo "Removing old ZFS tree"
-	for libcompat in "" $ALL_libcompats; do
-		dirprfx=${libcompat:+obj-lib${libcompat}/}
-		run rm -rf "$OBJTOP"/${dirprfx}cddl
-	done
-fi
-
-# 20200916  WARNS bumped, need bootstrapped crunchgen stubs
-if [ -e "$OBJTOP"/rescue/rescue/rescue.c ] && \
-    ! grep -q 'crunched_stub_t' "$OBJTOP"/rescue/rescue/rescue.c; then
-	echo "Removing old rescue(8) tree"
-	run rm -rf "$OBJTOP"/rescue/rescue
-fi
-
-# 20210105  fda7daf06301   pfctl gained its own version of pf_ruleset.c
-if [ -e "$OBJTOP"/sbin/pfctl/.depend.pf_ruleset.o ] && \
-    egrep -qw "sys/netpfil/pf/pf_ruleset.c" \
-    "$OBJTOP"/sbin/pfctl/.depend.pf_ruleset.o; then
-	echo "Removing old pf_ruleset dependecy file"
-	run rm -rf "$OBJTOP"/sbin/pfctl/.depend.pf_ruleset.o
-fi
-
-# 20210108  821aa63a0940   non-widechar version of ncurses removed
-if [ -e "$OBJTOP"/lib/ncurses/ncursesw ]; then
-	echo "Removing stale ncurses objects"
-	for libcompat in "" $ALL_libcompats; do
-		dirprfx=${libcompat:+obj-lib${libcompat}/}
-		run rm -rf "$OBJTOP"/${dirprfx}lib/ncurses
-	done
-fi
-
-# 20210608  f20893853e8e    move from atomic.S to atomic.c
-clean_dep   cddl/lib/libspl atomic S
-# 20211207  cbdec8db18b5    switch to libthr-friendly pdfork
-clean_dep   lib/libc        pdfork S
-
-# 20211230  5e6a2d6eb220    libc++.so.1 path changed in ldscript
-if [ -e "$OBJTOP"/lib/libc++/libc++.ld ] && \
-    fgrep -q "/usr/lib/libc++.so" "$OBJTOP"/lib/libc++/libc++.ld; then
-	echo "Removing old libc++ linker script"
-	run rm -f "$OBJTOP"/lib/libc++/libc++.ld
-fi
 
 # 20220326  fbc002cb72d2    move from bcmp.c to bcmp.S
 if [ "$MACHINE_ARCH" = "amd64" ]; then

From nobody Tue Aug  6 21:22:51 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdmVg3ckjz5Sgw6;
	Tue, 06 Aug 2024 21:22:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdmVg3JxHz4YTJ;
	Tue,  6 Aug 2024 21:22:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722979371;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ozf+hvAiGkp8ZzSDF4z01nQ1HlKPw5TQf4ll0gzVD7o=;
	b=AFQi2YF4s155GmHd/4/qhB6r3g8832MdZSmmNrC4fUz1y0XBATReSb7VM9DcFBISABpTxU
	Nc4k+tDGYFj7KCTg5PFZHPlW3xKIj0KoY4y4KDuhlHugV3gAsLYyU9lFxdEqWIIHBfAAqu
	1c9ZUiexNmMzRH5KrT8spjE5yac13x6Rt7cUw95ufWqKnPrCaIaNdn3nwlFJHJxZvhot4x
	tlPiXCEvWJGRS/0zmZoV+Fu2ZF2Cgm9EDscO0e1LHP8Zvc69eu8ovX8WFI0YFgC24NjrMJ
	ztA2HsiUKgAB7t20VsIt8QklzdrMG+JwbwHq+sRC/gAmzD37DXns4GInVhlN3g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722979371; a=rsa-sha256; cv=none;
	b=xCv3qR4PVJ+EWhicjW7NFgpWXFVs0AKQh7rSXPw/mVw15AybUka77BFxO29zOub76xveiW
	qeV2x0PWeO3LQ6id3WC0BCDbkOnTnKCltk0UJu9K7unRto3iXfGdKw6FdJZVREYoTjhlJp
	HMRO1pmcDUiHLZNpwphPaCVEW0QYPQCZa77C/FQQtPPPxUgRWYKaahjBt/kPgJB8bNF+/F
	ENwF6syONGMs0CjdUWp3AqEVnIUZgD1I3YNOq8TWCWnzgkPy6SDyucAsj1z2JNjn47aRFn
	WHyUHkP9HZrSzdQPy1aqvXxzCP+elpM8ycbtncpQy2zei1CmA19ekPQ2qOKGOA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722979371;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ozf+hvAiGkp8ZzSDF4z01nQ1HlKPw5TQf4ll0gzVD7o=;
	b=kxhKCn0E+q9pd3mYNJvFoEeyF4frEP5fFVb1KvPMEOcBfKLiwF0iw9oT2C0rdg5VMz0aXs
	I54cMg8cMYK36nZoGWI2riGIEMZir0wlBV4oTur3gm778vbn+CVdaXpBQS4do5sORi4tZ3
	tgm0Mn62y6IBLeayAxTXrvEdVLVPMv6GIqnbD0vW+RwQxcgzh1FtfGY96wz/YR3U4h19yB
	Dp8HfnS/UnrV5HIJADqnd5+zVpaIKyU0Ldrd8XijJryNmaR+3yvsKRkmUahYYu0O0jgXkY
	gVjzbr5NOhCvavupdr1fsXEHSQjIddxjaNRkLNBJmf6fEmdEIZtGauL/aGPTcw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdmVg2vf9zNGr;
	Tue,  6 Aug 2024 21:22:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LMpb6066855;
	Tue, 6 Aug 2024 21:22:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LMpBs066852;
	Tue, 6 Aug 2024 21:22:51 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:22:51 GMT
Message-Id: <202408062122.476LMpBs066852@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: f06d322e9d92 - stable/14 - Remove "All Rights Reserved"
  from FreeBSD Foundation copyrights
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: f06d322e9d925ab56a4aa8210a67637d4d341ab6
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=f06d322e9d925ab56a4aa8210a67637d4d341ab6

commit f06d322e9d925ab56a4aa8210a67637d4d341ab6
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-07-30 16:02:17 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 19:39:53 +0000

    Remove "All Rights Reserved" from FreeBSD Foundation copyrights
    
    These ones were unambiguous cases where the Foundation was the only
    listed copyright holder.
    
    Sponsored by:   The FreeBSD Foundation
    
    (cherry picked from commit 5c2bc3db201a4fe8d7911cf816bea104d5dc2138)
---
 include/xlocale.h                                     | 1 -
 lib/libcasper/services/cap_dns/cap_dns.c              | 1 -
 lib/libcasper/services/cap_dns/cap_dns.h              | 1 -
 lib/libcasper/services/cap_dns/tests/dns_test.c       | 1 -
 lib/libcasper/services/cap_grp/cap_grp.c              | 1 -
 lib/libcasper/services/cap_grp/cap_grp.h              | 1 -
 lib/libcasper/services/cap_grp/tests/grp_test.c       | 1 -
 lib/libcasper/services/cap_pwd/cap_pwd.c              | 1 -
 lib/libcasper/services/cap_pwd/cap_pwd.h              | 1 -
 lib/libcasper/services/cap_pwd/tests/pwd_test.c       | 1 -
 lib/libcasper/services/cap_sysctl/cap_sysctl.c        | 1 -
 lib/libcasper/services/cap_sysctl/cap_sysctl.h        | 1 -
 lib/libcasper/services/cap_sysctl/tests/sysctl_test.c | 1 -
 lib/libnv/common_impl.h                               | 1 -
 lib/libnv/tests/nvlist_add_test.c                     | 1 -
 lib/libnv/tests/nvlist_exists_test.c                  | 1 -
 lib/libnv/tests/nvlist_free_test.c                    | 1 -
 lib/libnv/tests/nvlist_get_test.c                     | 1 -
 lib/libnv/tests/nvlist_move_test.c                    | 1 -
 lib/libnv/tests/nvlist_send_recv_test.c               | 1 -
 lib/libproc/proc_bkpt.c                               | 1 -
 lib/libproc/proc_regs.c                               | 1 -
 lib/libproc/proc_rtld.c                               | 1 -
 lib/librtld_db/librtld_db.3                           | 1 -
 lib/librtld_db/rtld_db.c                              | 1 -
 lib/librtld_db/rtld_db.h                              | 1 -
 lib/libthr/plockstat.d                                | 1 -
 lib/libthr/thread/thr_malloc.c                        | 1 -
 lib/libthread_db/arch/aarch64/libpthread_md.c         | 1 -
 libexec/ftpd/blacklist.c                              | 1 -
 libexec/ftpd/blacklist_client.h                       | 1 -
 libexec/rc/rc.d/blacklistd                            | 1 -
 libexec/rtld-elf/aarch64/reloc.c                      | 1 -
 libexec/rtld-elf/aarch64/rtld_start.S                 | 1 -
 libexec/rtld-elf/rtld_malloc.h                        | 1 -
 sbin/hastctl/hastctl.8                                | 1 -
 sbin/hastctl/hastctl.c                                | 1 -
 sbin/hastd/activemap.c                                | 1 -
 sbin/hastd/activemap.h                                | 1 -
 sbin/hastd/control.c                                  | 1 -
 sbin/hastd/control.h                                  | 1 -
 sbin/hastd/ebuf.c                                     | 1 -
 sbin/hastd/ebuf.h                                     | 1 -
 sbin/hastd/hast_proto.h                               | 1 -
 sbin/hastd/hastd.8                                    | 1 -
 sbin/hastd/hastd.h                                    | 1 -
 sbin/hastd/metadata.c                                 | 1 -
 sbin/hastd/metadata.h                                 | 1 -
 sbin/hastd/nv.c                                       | 1 -
 sbin/hastd/nv.h                                       | 1 -
 sbin/hastd/proto.c                                    | 1 -
 sbin/hastd/proto.h                                    | 1 -
 sbin/hastd/proto_impl.h                               | 1 -
 sbin/hastd/proto_socketpair.c                         | 1 -
 sbin/hastd/proto_uds.c                                | 1 -
 sbin/hastd/rangelock.c                                | 1 -
 sbin/hastd/rangelock.h                                | 1 -
 sbin/hastd/synch.h                                    | 1 -
 share/examples/hast/ucarp.sh                          | 1 -
 share/examples/hast/ucarp_down.sh                     | 1 -
 share/examples/hast/ucarp_up.sh                       | 1 -
 share/examples/kld/khelp/h_example.c                  | 1 -
 tests/sys/fs/fusefs/unlink.cc                         | 1 -
 tests/sys/kern/kern_copyin.c                          | 1 -
 tools/regression/capsicum/syscalls/cap_fcntls_limit.c | 1 -
 tools/regression/capsicum/syscalls/cap_getmode.c      | 1 -
 tools/regression/capsicum/syscalls/cap_ioctls_limit.c | 1 -
 tools/regression/capsicum/syscalls/misc.c             | 1 -
 tools/regression/capsicum/syscalls/misc.h             | 1 -
 tools/test/popss/popss.c                              | 1 -
 tools/test/vm86/vm86_test.c                           | 1 -
 tools/test/vm86/vm86_test_asm.s                       | 1 -
 tools/tools/vt/mkkfont/mkkfont.c                      | 1 -
 usr.bin/proccontrol/proccontrol.1                     | 1 -
 usr.bin/proccontrol/proccontrol.c                     | 1 -
 75 files changed, 75 deletions(-)

diff --git a/include/xlocale.h b/include/xlocale.h
index f39000d6b373..cc2fc0839593 100644
--- a/include/xlocale.h
+++ b/include/xlocale.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2011, 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by David Chisnall under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_dns/cap_dns.c b/lib/libcasper/services/cap_dns/cap_dns.c
index 8548715a6978..84b49e1d2081 100644
--- a/lib/libcasper/services/cap_dns/cap_dns.c
+++ b/lib/libcasper/services/cap_dns/cap_dns.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2012-2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_dns/cap_dns.h b/lib/libcasper/services/cap_dns/cap_dns.h
index 4bf8e3648a2d..556cac1158d2 100644
--- a/lib/libcasper/services/cap_dns/cap_dns.h
+++ b/lib/libcasper/services/cap_dns/cap_dns.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_dns/tests/dns_test.c b/lib/libcasper/services/cap_dns/tests/dns_test.c
index 3786414053ad..fda2dcf44062 100644
--- a/lib/libcasper/services/cap_dns/tests/dns_test.c
+++ b/lib/libcasper/services/cap_dns/tests/dns_test.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_grp/cap_grp.c b/lib/libcasper/services/cap_grp/cap_grp.c
index 6a5ad84fcd22..025ce00adf56 100644
--- a/lib/libcasper/services/cap_grp/cap_grp.c
+++ b/lib/libcasper/services/cap_grp/cap_grp.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_grp/cap_grp.h b/lib/libcasper/services/cap_grp/cap_grp.h
index a478a91cf760..9be2e7a78dd5 100644
--- a/lib/libcasper/services/cap_grp/cap_grp.h
+++ b/lib/libcasper/services/cap_grp/cap_grp.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_grp/tests/grp_test.c b/lib/libcasper/services/cap_grp/tests/grp_test.c
index c120c61e0cf1..18c11746d3a4 100644
--- a/lib/libcasper/services/cap_grp/tests/grp_test.c
+++ b/lib/libcasper/services/cap_grp/tests/grp_test.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_pwd/cap_pwd.c b/lib/libcasper/services/cap_pwd/cap_pwd.c
index 263bc4cfd582..6550c35d1592 100644
--- a/lib/libcasper/services/cap_pwd/cap_pwd.c
+++ b/lib/libcasper/services/cap_pwd/cap_pwd.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_pwd/cap_pwd.h b/lib/libcasper/services/cap_pwd/cap_pwd.h
index 35e0e177bc62..496beea26392 100644
--- a/lib/libcasper/services/cap_pwd/cap_pwd.h
+++ b/lib/libcasper/services/cap_pwd/cap_pwd.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_pwd/tests/pwd_test.c b/lib/libcasper/services/cap_pwd/tests/pwd_test.c
index e56c037536e2..20c76102847a 100644
--- a/lib/libcasper/services/cap_pwd/tests/pwd_test.c
+++ b/lib/libcasper/services/cap_pwd/tests/pwd_test.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_sysctl/cap_sysctl.c b/lib/libcasper/services/cap_sysctl/cap_sysctl.c
index 7d7f280fd00b..25793bd3c41d 100644
--- a/lib/libcasper/services/cap_sysctl/cap_sysctl.c
+++ b/lib/libcasper/services/cap_sysctl/cap_sysctl.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013, 2018 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_sysctl/cap_sysctl.h b/lib/libcasper/services/cap_sysctl/cap_sysctl.h
index fd7d051f21c8..51243128a683 100644
--- a/lib/libcasper/services/cap_sysctl/cap_sysctl.h
+++ b/lib/libcasper/services/cap_sysctl/cap_sysctl.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libcasper/services/cap_sysctl/tests/sysctl_test.c b/lib/libcasper/services/cap_sysctl/tests/sysctl_test.c
index 2e5ec83e1c82..41c49bdbeba2 100644
--- a/lib/libcasper/services/cap_sysctl/tests/sysctl_test.c
+++ b/lib/libcasper/services/cap_sysctl/tests/sysctl_test.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013, 2018 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/common_impl.h b/lib/libnv/common_impl.h
index 03de9749aaf6..27af1710540a 100644
--- a/lib/libnv/common_impl.h
+++ b/lib/libnv/common_impl.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_add_test.c b/lib/libnv/tests/nvlist_add_test.c
index 4478efadf4e0..28f2b6f45446 100644
--- a/lib/libnv/tests/nvlist_add_test.c
+++ b/lib/libnv/tests/nvlist_add_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_exists_test.c b/lib/libnv/tests/nvlist_exists_test.c
index 7450256ab760..808692feb85b 100644
--- a/lib/libnv/tests/nvlist_exists_test.c
+++ b/lib/libnv/tests/nvlist_exists_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_free_test.c b/lib/libnv/tests/nvlist_free_test.c
index c715aef6657b..bb5eeaf7d04c 100644
--- a/lib/libnv/tests/nvlist_free_test.c
+++ b/lib/libnv/tests/nvlist_free_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_get_test.c b/lib/libnv/tests/nvlist_get_test.c
index d6e4a9b4d65a..f06be569c90d 100644
--- a/lib/libnv/tests/nvlist_get_test.c
+++ b/lib/libnv/tests/nvlist_get_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_move_test.c b/lib/libnv/tests/nvlist_move_test.c
index 3c99f4582c5e..2ef7ca4de384 100644
--- a/lib/libnv/tests/nvlist_move_test.c
+++ b/lib/libnv/tests/nvlist_move_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libnv/tests/nvlist_send_recv_test.c b/lib/libnv/tests/nvlist_send_recv_test.c
index 25edaa5c3c10..5d4f392ed49c 100644
--- a/lib/libnv/tests/nvlist_send_recv_test.c
+++ b/lib/libnv/tests/nvlist_send_recv_test.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/lib/libproc/proc_bkpt.c b/lib/libproc/proc_bkpt.c
index 25ff3a86291d..d7b1a58019a5 100644
--- a/lib/libproc/proc_bkpt.c
+++ b/lib/libproc/proc_bkpt.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation.
diff --git a/lib/libproc/proc_regs.c b/lib/libproc/proc_regs.c
index 492fbf712ef5..bd991630ad07 100644
--- a/lib/libproc/proc_regs.c
+++ b/lib/libproc/proc_regs.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation.
diff --git a/lib/libproc/proc_rtld.c b/lib/libproc/proc_rtld.c
index db17c2b02b95..1d6fc732933a 100644
--- a/lib/libproc/proc_rtld.c
+++ b/lib/libproc/proc_rtld.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation.
diff --git a/lib/librtld_db/librtld_db.3 b/lib/librtld_db/librtld_db.3
index 041cc2cfa67b..07e1b67c096b 100644
--- a/lib/librtld_db/librtld_db.3
+++ b/lib/librtld_db/librtld_db.3
@@ -1,6 +1,5 @@
 .\"-
 .\" Copyright (c) 2010 The FreeBSD Foundation
-.\" All rights reserved.
 .\"
 .\" This software was developed by Rui Paulo under sponsorship from
 .\" the FreeBSD Foundation.
diff --git a/lib/librtld_db/rtld_db.c b/lib/librtld_db/rtld_db.c
index 2546f572780d..5d88089289bf 100644
--- a/lib/librtld_db/rtld_db.c
+++ b/lib/librtld_db/rtld_db.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation.
diff --git a/lib/librtld_db/rtld_db.h b/lib/librtld_db/rtld_db.h
index 24dc18a9a0ba..41aa7409fbf3 100644
--- a/lib/librtld_db/rtld_db.h
+++ b/lib/librtld_db/rtld_db.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation.
diff --git a/lib/libthr/plockstat.d b/lib/libthr/plockstat.d
index de620d893651..39d8946f33d3 100644
--- a/lib/libthr/plockstat.d
+++ b/lib/libthr/plockstat.d
@@ -1,6 +1,5 @@
 /*
  * Copyright (c) 2010 The FreeBSD Foundation 
- * All rights reserved. 
  * 
  * This software was developed by Rui Paulo under sponsorship from the
  * FreeBSD Foundation. 
diff --git a/lib/libthr/thread/thr_malloc.c b/lib/libthr/thread/thr_malloc.c
index d60fbc1b1fe8..dbc9e39e3c28 100644
--- a/lib/libthr/thread/thr_malloc.c
+++ b/lib/libthr/thread/thr_malloc.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2019 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/lib/libthread_db/arch/aarch64/libpthread_md.c b/lib/libthread_db/arch/aarch64/libpthread_md.c
index 17f8345e596b..93c7330baa1a 100644
--- a/lib/libthread_db/arch/aarch64/libpthread_md.c
+++ b/lib/libthread_db/arch/aarch64/libpthread_md.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2014-2015 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Andrew Turner under
  * sponsorship from the FreeBSD Foundation.
diff --git a/libexec/ftpd/blacklist.c b/libexec/ftpd/blacklist.c
index e8954f11bbe7..0a45f9369074 100644
--- a/libexec/ftpd/blacklist.c
+++ b/libexec/ftpd/blacklist.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2016 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Kurt Lidl under sponsorship from the
  * FreeBSD Foundation.
diff --git a/libexec/ftpd/blacklist_client.h b/libexec/ftpd/blacklist_client.h
index 94ecc66c17ce..0b6805dc218e 100644
--- a/libexec/ftpd/blacklist_client.h
+++ b/libexec/ftpd/blacklist_client.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2016 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Kurt Lidl under sponsorship from the
  * FreeBSD Foundation.
diff --git a/libexec/rc/rc.d/blacklistd b/libexec/rc/rc.d/blacklistd
index b58c7c8a76b6..44a97ad4b3b0 100755
--- a/libexec/rc/rc.d/blacklistd
+++ b/libexec/rc/rc.d/blacklistd
@@ -1,7 +1,6 @@
 #!/bin/sh
 #
 # Copyright (c) 2016 The FreeBSD Foundation
-# All rights reserved.
 #
 # This software was developed by Kurt Lidl under sponsorship from the
 # FreeBSD Foundation.
diff --git a/libexec/rtld-elf/aarch64/reloc.c b/libexec/rtld-elf/aarch64/reloc.c
index 907377f2619a..828686af8b98 100644
--- a/libexec/rtld-elf/aarch64/reloc.c
+++ b/libexec/rtld-elf/aarch64/reloc.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2014-2015 The FreeBSD Foundation
- * All rights reserved.
  *
  * Portions of this software were developed by Andrew Turner
  * under sponsorship from the FreeBSD Foundation.
diff --git a/libexec/rtld-elf/aarch64/rtld_start.S b/libexec/rtld-elf/aarch64/rtld_start.S
index 8de3e021d567..53a7463e2634 100644
--- a/libexec/rtld-elf/aarch64/rtld_start.S
+++ b/libexec/rtld-elf/aarch64/rtld_start.S
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2014 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Andrew Turner under
  * sponsorship from the FreeBSD Foundation.
diff --git a/libexec/rtld-elf/rtld_malloc.h b/libexec/rtld-elf/rtld_malloc.h
index 247726b9f470..408cdc84d45e 100644
--- a/libexec/rtld-elf/rtld_malloc.h
+++ b/libexec/rtld-elf/rtld_malloc.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2019 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/sbin/hastctl/hastctl.8 b/sbin/hastctl/hastctl.8
index a0a1e1f22634..f696858a8071 100644
--- a/sbin/hastctl/hastctl.8
+++ b/sbin/hastctl/hastctl.8
@@ -1,5 +1,4 @@
 .\" Copyright (c) 2010 The FreeBSD Foundation
-.\" All rights reserved.
 .\"
 .\" This software was developed by Pawel Jakub Dawidek under sponsorship from
 .\" the FreeBSD Foundation.
diff --git a/sbin/hastctl/hastctl.c b/sbin/hastctl/hastctl.c
index ab2d618c698c..3375723b40fd 100644
--- a/sbin/hastctl/hastctl.c
+++ b/sbin/hastctl/hastctl.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/activemap.c b/sbin/hastd/activemap.c
index f5e3c60fd0a0..58fad137e5ae 100644
--- a/sbin/hastd/activemap.c
+++ b/sbin/hastd/activemap.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/activemap.h b/sbin/hastd/activemap.h
index a1dbf70e51af..ff598f841909 100644
--- a/sbin/hastd/activemap.h
+++ b/sbin/hastd/activemap.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/control.c b/sbin/hastd/control.c
index f6f937d3b180..48171fde9053 100644
--- a/sbin/hastd/control.c
+++ b/sbin/hastd/control.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/control.h b/sbin/hastd/control.h
index 4e16334dc824..ad7fb7978597 100644
--- a/sbin/hastd/control.h
+++ b/sbin/hastd/control.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/ebuf.c b/sbin/hastd/ebuf.c
index 522e4e821b11..8f58493270af 100644
--- a/sbin/hastd/ebuf.c
+++ b/sbin/hastd/ebuf.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/ebuf.h b/sbin/hastd/ebuf.h
index a79821735539..a4a2b30f4cb4 100644
--- a/sbin/hastd/ebuf.h
+++ b/sbin/hastd/ebuf.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/hast_proto.h b/sbin/hastd/hast_proto.h
index ab0a46494b45..0158aa4ccee6 100644
--- a/sbin/hastd/hast_proto.h
+++ b/sbin/hastd/hast_proto.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/hastd.8 b/sbin/hastd/hastd.8
index fefd03f7dbe0..05a2d9b5e4e9 100644
--- a/sbin/hastd/hastd.8
+++ b/sbin/hastd/hastd.8
@@ -1,5 +1,4 @@
 .\" Copyright (c) 2010 The FreeBSD Foundation
-.\" All rights reserved.
 .\"
 .\" This software was developed by Pawel Jakub Dawidek under sponsorship from
 .\" the FreeBSD Foundation.
diff --git a/sbin/hastd/hastd.h b/sbin/hastd/hastd.h
index 15ad243adf7c..a54ef316f37a 100644
--- a/sbin/hastd/hastd.h
+++ b/sbin/hastd/hastd.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/metadata.c b/sbin/hastd/metadata.c
index 2f9cbc5e0971..5318d9f6aee5 100644
--- a/sbin/hastd/metadata.c
+++ b/sbin/hastd/metadata.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/metadata.h b/sbin/hastd/metadata.h
index b5215c1a85c9..6d8c593f0a46 100644
--- a/sbin/hastd/metadata.h
+++ b/sbin/hastd/metadata.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/nv.c b/sbin/hastd/nv.c
index 5f50ae349023..fd6b56c1148d 100644
--- a/sbin/hastd/nv.c
+++ b/sbin/hastd/nv.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/nv.h b/sbin/hastd/nv.h
index d1214f2b29ec..657a66fe38eb 100644
--- a/sbin/hastd/nv.h
+++ b/sbin/hastd/nv.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/proto.c b/sbin/hastd/proto.c
index 56ff4933c9b8..35f73bb8d0bf 100644
--- a/sbin/hastd/proto.c
+++ b/sbin/hastd/proto.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/proto.h b/sbin/hastd/proto.h
index a7cecbe67479..729daa518d9d 100644
--- a/sbin/hastd/proto.h
+++ b/sbin/hastd/proto.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/proto_impl.h b/sbin/hastd/proto_impl.h
index 4f84f90c6f23..0a0074545f38 100644
--- a/sbin/hastd/proto_impl.h
+++ b/sbin/hastd/proto_impl.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/proto_socketpair.c b/sbin/hastd/proto_socketpair.c
index ab30a6a27263..9608eb13afff 100644
--- a/sbin/hastd/proto_socketpair.c
+++ b/sbin/hastd/proto_socketpair.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/proto_uds.c b/sbin/hastd/proto_uds.c
index 5bf4c64fe5f6..acb61a360180 100644
--- a/sbin/hastd/proto_uds.c
+++ b/sbin/hastd/proto_uds.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/rangelock.c b/sbin/hastd/rangelock.c
index 33aee39651a4..26025d1169ac 100644
--- a/sbin/hastd/rangelock.c
+++ b/sbin/hastd/rangelock.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/rangelock.h b/sbin/hastd/rangelock.h
index d01dbd755b40..4847887b6b7a 100644
--- a/sbin/hastd/rangelock.h
+++ b/sbin/hastd/rangelock.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/sbin/hastd/synch.h b/sbin/hastd/synch.h
index 9e03fcb8ca74..32463f836bd0 100644
--- a/sbin/hastd/synch.h
+++ b/sbin/hastd/synch.h
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2009-2010 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/share/examples/hast/ucarp.sh b/share/examples/hast/ucarp.sh
index 73253a295f53..67c7aecea44f 100755
--- a/share/examples/hast/ucarp.sh
+++ b/share/examples/hast/ucarp.sh
@@ -3,7 +3,6 @@
 # SPDX-License-Identifier: BSD-2-Clause
 #
 # Copyright (c) 2010 The FreeBSD Foundation
-# All rights reserved.
 #
 # This software was developed by Pawel Jakub Dawidek under sponsorship from
 # the FreeBSD Foundation.
diff --git a/share/examples/hast/ucarp_down.sh b/share/examples/hast/ucarp_down.sh
index 133d35c59d5b..df78de156b1e 100755
--- a/share/examples/hast/ucarp_down.sh
+++ b/share/examples/hast/ucarp_down.sh
@@ -3,7 +3,6 @@
 # SPDX-License-Identifier: BSD-2-Clause
 #
 # Copyright (c) 2010 The FreeBSD Foundation
-# All rights reserved.
 #
 # This software was developed by Pawel Jakub Dawidek under sponsorship from
 # the FreeBSD Foundation.
diff --git a/share/examples/hast/ucarp_up.sh b/share/examples/hast/ucarp_up.sh
index 9f22b4205909..62dee23c12c7 100755
--- a/share/examples/hast/ucarp_up.sh
+++ b/share/examples/hast/ucarp_up.sh
@@ -3,7 +3,6 @@
 # SPDX-License-Identifier: BSD-2-Clause
 #
 # Copyright (c) 2010 The FreeBSD Foundation
-# All rights reserved.
 #
 # This software was developed by Pawel Jakub Dawidek under sponsorship from
 # the FreeBSD Foundation.
diff --git a/share/examples/kld/khelp/h_example.c b/share/examples/kld/khelp/h_example.c
index 5bca2b36af50..431ed5a090b4 100644
--- a/share/examples/kld/khelp/h_example.c
+++ b/share/examples/kld/khelp/h_example.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2010-2011 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed at the Centre for Advanced Internet
  * Architectures, Swinburne University of Technology, Melbourne, Australia by
diff --git a/tests/sys/fs/fusefs/unlink.cc b/tests/sys/fs/fusefs/unlink.cc
index db54e286d85d..1d8a371649ee 100644
--- a/tests/sys/fs/fusefs/unlink.cc
+++ b/tests/sys/fs/fusefs/unlink.cc
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2019 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by BFF Storage Systems, LLC under sponsorship
  * from the FreeBSD Foundation.
diff --git a/tests/sys/kern/kern_copyin.c b/tests/sys/kern/kern_copyin.c
index 25c9eda96541..a7da6c03f226 100644
--- a/tests/sys/kern/kern_copyin.c
+++ b/tests/sys/kern/kern_copyin.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2015, 2020 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/tools/regression/capsicum/syscalls/cap_fcntls_limit.c b/tools/regression/capsicum/syscalls/cap_fcntls_limit.c
index 55627579963b..48b7968b959e 100644
--- a/tools/regression/capsicum/syscalls/cap_fcntls_limit.c
+++ b/tools/regression/capsicum/syscalls/cap_fcntls_limit.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/tools/regression/capsicum/syscalls/cap_getmode.c b/tools/regression/capsicum/syscalls/cap_getmode.c
index a2584895b179..3818e7b32caf 100644
--- a/tools/regression/capsicum/syscalls/cap_getmode.c
+++ b/tools/regression/capsicum/syscalls/cap_getmode.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/tools/regression/capsicum/syscalls/cap_ioctls_limit.c b/tools/regression/capsicum/syscalls/cap_ioctls_limit.c
index b0d392c8f0c0..01bc60a71514 100644
--- a/tools/regression/capsicum/syscalls/cap_ioctls_limit.c
+++ b/tools/regression/capsicum/syscalls/cap_ioctls_limit.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/tools/regression/capsicum/syscalls/misc.c b/tools/regression/capsicum/syscalls/misc.c
index 914c606ac904..c88f2f625c97 100644
--- a/tools/regression/capsicum/syscalls/misc.c
+++ b/tools/regression/capsicum/syscalls/misc.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/tools/regression/capsicum/syscalls/misc.h b/tools/regression/capsicum/syscalls/misc.h
index 842500aff14d..22a0ab8094db 100644
--- a/tools/regression/capsicum/syscalls/misc.h
+++ b/tools/regression/capsicum/syscalls/misc.h
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
diff --git a/tools/test/popss/popss.c b/tools/test/popss/popss.c
index 004ccb29c546..bb66f050beb1 100644
--- a/tools/test/popss/popss.c
+++ b/tools/test/popss/popss.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2018 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/tools/test/vm86/vm86_test.c b/tools/test/vm86/vm86_test.c
index 1057fc5c83d6..cbdb2c68a6df 100644
--- a/tools/test/vm86/vm86_test.c
+++ b/tools/test/vm86/vm86_test.c
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2018 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/tools/test/vm86/vm86_test_asm.s b/tools/test/vm86/vm86_test_asm.s
index 22e5cf70b7f7..0d76d2e77b1e 100644
--- a/tools/test/vm86/vm86_test_asm.s
+++ b/tools/test/vm86/vm86_test_asm.s
@@ -2,7 +2,6 @@
  * SPDX-License-Identifier: BSD-2-Clause
  *
  * Copyright (c) 2018 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
diff --git a/tools/tools/vt/mkkfont/mkkfont.c b/tools/tools/vt/mkkfont/mkkfont.c
index 3f92f926c029..ec4675cfcf1b 100644
--- a/tools/tools/vt/mkkfont/mkkfont.c
+++ b/tools/tools/vt/mkkfont/mkkfont.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2009 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Ed Schouten under sponsorship from the
  * FreeBSD Foundation.
diff --git a/usr.bin/proccontrol/proccontrol.1 b/usr.bin/proccontrol/proccontrol.1
index 5cb5d584f480..7ab917e4a61f 100644
--- a/usr.bin/proccontrol/proccontrol.1
+++ b/usr.bin/proccontrol/proccontrol.1
@@ -1,5 +1,4 @@
 .\" Copyright (c) 2019 The FreeBSD Foundation, Inc.
-.\" All rights reserved.
 .\"
 .\" This documentation was written by
 .\" Konstantin Belousov <kib@FreeBSD.org> under sponsorship
diff --git a/usr.bin/proccontrol/proccontrol.c b/usr.bin/proccontrol/proccontrol.c
index 5b48ef2916f8..4b7543d63793 100644
--- a/usr.bin/proccontrol/proccontrol.c
+++ b/usr.bin/proccontrol/proccontrol.c
@@ -1,6 +1,5 @@
 /*-
  * Copyright (c) 2016 The FreeBSD Foundation
- * All rights reserved.
  *
  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.

From nobody Tue Aug  6 21:25:52 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdmZ90BNLz5ShHK;
	Tue, 06 Aug 2024 21:25:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdmZ86cGMz4Z5X;
	Tue,  6 Aug 2024 21:25:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722979552;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P0/1fciIm4qWJIcJE36xW1dpYkkmmmzbqIGZF7+9MqY=;
	b=RK0DqCktDXJoNV58cTXKF1zm9itXtJR7ME5c3ueMmcSUOan7aUyHe0knTQ0w75Sh8cWuQ5
	jKBG2ucL7UJbbe6AeR0rkQyj7fYvMx5+ScjBw+Yt2u1kjtBLVfkZG4cg6QhxEABQ6qAoF/
	WfTGE6MXzY5KbUf5LvRfxXhmLVx0KTbIrYtgUOTcub+e4E8vkbHNf8Uxp3o7t7XG0ZgLqQ
	/r+DwJW1V5+Nd+5zVaL+9IlVGkVd9fgs5UOdlEwzNE3MRf4rdnxW4KTd54y3/LPM9c0KMC
	keT8j65fz2Vs4CEcjodxAOcEMWqAq+FMDKEYeb4xhIGO51c2/8DfsVajcICmag==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722979552; a=rsa-sha256; cv=none;
	b=rPT0sOWIFNO1hozuKKb9Jm5M1NTzexI0JjRU5KvMV3vIkDla2if43B18OVVI627zSAZ7tN
	G6HZU4osn0uN4QX7wqVx+KvNVMwYedNCWPCMdotg5Hqy++fBa4/ySxRMHpb9sGKH79eFv5
	3AS5qSZcR3EFTDS3eXhSkEk3L1d/5Pb2ltWgWRvFXyN1E6686XFEz0LkTJ3jUgA5t3VbL7
	aNyCs6dvDTMolKxLZ7Ptv7ds908WZ4xkdwBniX/hBCdHfb2HZrgy9GrrqzR/yiXRx3k6Iu
	6dTSpPl8uK1S/L62P7BexeGLGtOQll+7FCP6jNasO4S05Dn+XHGEHtkj+0or8g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722979552;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P0/1fciIm4qWJIcJE36xW1dpYkkmmmzbqIGZF7+9MqY=;
	b=h7r3aJxipqYeshoRVXruGkBZ3nYXQENhAqFrUqXoUGlB+eh+nrmpvxzl4JqpO6KAg8P922
	PKHJMrgBs86GoiKxqdlLPKff2j5y8G+NgcmhbHgSIXcC5+v+JUJozQ9s+KY5ChMlWXR52q
	N7awG9wGk/aDMr1BScypBGgIhNlt2HU6Nu4doGE3oCOMogxgL7B9S5qJC79d3pTBlsgFSm
	qW4G/u9LsR5iUTTHNdSIxZEy9Zr7LX88skUUIt9aCK72ItZ2fGt6dLGTE4cbkKwfN4ZNMw
	iNt0mvL7RUagaRQXmtOyh47+bJXBFc5swd94vlNUHCvU9mkBuSbez0gkFjLs+g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdmZ869G1zNGt;
	Tue,  6 Aug 2024 21:25:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LPq1J067375;
	Tue, 6 Aug 2024 21:25:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LPqi6067372;
	Tue, 6 Aug 2024 21:25:52 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:25:52 GMT
Message-Id: <202408062125.476LPqi6067372@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: dc39004bc670 - stable/14 - libm: fma: correct zero
  sign with small inputs
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: dc39004bc670fe33ae6759816380c93a37268dd6
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=dc39004bc670fe33ae6759816380c93a37268dd6

commit dc39004bc670fe33ae6759816380c93a37268dd6
Author:     Steve Kargl <kargl@FreeBSD.org>
AuthorDate: 2024-06-16 23:41:38 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 21:25:10 +0000

    libm: fma: correct zero sign with small inputs
    
    This is a fixed version of 888796ade284.
    
    PR:             277783
    Reported by:    Victor Stinner
    Reviewed by:    emaste
    MFC after:      1 week
    
    (cherry picked from commit 888796ade2842486d3167067e8034254c38aadd3)
    (cherry picked from commit e77ad954bb825983b4346b9cc646c9c910b1be24)
    (cherry picked from commit 34f746cc7f8a8dd261027a8b392b76e70adc8438)
---
 lib/msun/src/s_fma.c  | 4 ++--
 lib/msun/src/s_fmal.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/msun/src/s_fma.c b/lib/msun/src/s_fma.c
index 6c889a6a46ca..23a84491dd2a 100644
--- a/lib/msun/src/s_fma.c
+++ b/lib/msun/src/s_fma.c
@@ -260,14 +260,14 @@ fma(double x, double y, double z)
 
 	spread = ex + ey;
 
-	if (r.hi == 0.0) {
+	if (r.hi == 0.0 && xy.lo == 0) {
 		/*
 		 * When the addends cancel to 0, ensure that the result has
 		 * the correct sign.
 		 */
 		fesetround(oround);
 		volatile double vzs = zs; /* XXX gcc CSE bug workaround */
-		return (xy.hi + vzs + ldexp(xy.lo, spread));
+		return (xy.hi + vzs);
 	}
 
 	if (oround != FE_TONEAREST) {
diff --git a/lib/msun/src/s_fmal.c b/lib/msun/src/s_fmal.c
index 80c835d09c2b..2fca20610157 100644
--- a/lib/msun/src/s_fmal.c
+++ b/lib/msun/src/s_fmal.c
@@ -241,14 +241,14 @@ fmal(long double x, long double y, long double z)
 
 	spread = ex + ey;
 
-	if (r.hi == 0.0) {
+	if (r.hi == 0.0 && xy.lo == 0) {
 		/*
 		 * When the addends cancel to 0, ensure that the result has
 		 * the correct sign.
 		 */
 		fesetround(oround);
 		volatile long double vzs = zs; /* XXX gcc CSE bug workaround */
-		return (xy.hi + vzs + ldexpl(xy.lo, spread));
+		return (xy.hi + vzs);
 	}
 
 	if (oround != FE_TONEAREST) {

From nobody Tue Aug  6 21:26:01 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WdmZL0Zvcz5ShNy;
	Tue, 06 Aug 2024 21:26:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WdmZK6Nh9z4ZHK;
	Tue,  6 Aug 2024 21:26:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722979561;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9Btqzmr7pRrLuhGIEEQet91wzILj0q0FTIlIIUwzRqo=;
	b=Erc6nx9+Qrz9IguRknKHppoCTZ4zwo0Grv8O5ngdB3/FXyp8WXmfUB+gvPKVpXg+w1MrcC
	1WVLLQ2SDmjc3I2I/7wbenvB67Uzd8mkzBGxW4yg2B58p7iAlsVAEqQukNXmR2DftXMuM9
	YgG8ijmg+imSFeMgaszu5j1xu+YLfBOUxpJkHAP8agWBUPLdSeIeGxWAR43KPqKkl7jgdP
	c7p43vGMq5sPr54jYktCYHjib+zmXM8ySrRL6Q6IJw0ICvBBlYVvL9M1DQBRkhnd2Z/Nh2
	zwD39Lg0nU4L2lxIXENan8iDbyYYfaAGnvD5wMVxgDRY+NA00REcgMa1WeLvzw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722979561; a=rsa-sha256; cv=none;
	b=EqqH+1o5NaNeOhgcTTyIs71CJvou3iLhdJQ4OT/RCZx48R5h1vmiY2v1PpQbglbA4DIZA/
	zi/8mjcqctsyFux5G+UlEIC3r1uhPLsOWJE9EeNJTzsnmTG+Q3LHRbyyfNKbUd4suVs3qd
	fbJxDJOe7h+tAbrpFgHT3vw6fhAQwAvaZ8BWZdbAshhBIsKSzTvntxa8p148wbsqmytuE8
	prU/9eDh6zp6x6X5OnEcGs8K3UhC1oh5Pol/NSW7nKhQWIuiDeTOpUYNcBLgTZ8QezBeTv
	1gIpQmPFFBfJQDxWAd9nbp5YlD7gsYBYEYkRefWRc305ZM94qLzW+DCXU0kCZg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722979561;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9Btqzmr7pRrLuhGIEEQet91wzILj0q0FTIlIIUwzRqo=;
	b=yp48Dc3wc9F7WG8+mkoWRQ8oG+7c4NDrJ4nRiCGEK8zhcg4NMK33qpI6s73eeIVXkWiRfK
	A7IcS9OajeDbIOF8m18tXwZSvEqaYujIAr8rHJmRUuYnBKwdZ9+/AlCypbw4xL8pQXrOzm
	ofdBu8t7IU53n27XuXWH4uhqF0SCbN2lu2lkIg8CyivtEQUvrmPGz27MHwANd58smakyVA
	4yZyH7K4ZQJ6T8Spv+9IHtS23W7Si/vByjEWuJu4BnvUcL+Q/56bDp3LyXLc5N6jrjpbcl
	4Rm/f/wlo/sccAUkbuzaI7fVZlesriMPfxWCFQG1WAoXg0NM9L3O8oQHhokvJw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WdmZK60t6zNF4;
	Tue,  6 Aug 2024 21:26:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LQ1s1067545;
	Tue, 6 Aug 2024 21:26:01 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LQ1SI067542;
	Tue, 6 Aug 2024 21:26:01 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:26:01 GMT
Message-Id: <202408062126.476LQ1SI067542@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 5bd6e6c1ddff - stable/14 - libusb: claim to be version
  1.0.16
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 5bd6e6c1ddff7f10e8b86703536d81af8ce0532b
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=5bd6e6c1ddff7f10e8b86703536d81af8ce0532b

commit 5bd6e6c1ddff7f10e8b86703536d81af8ce0532b
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-06-06 13:33:44 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 21:25:21 +0000

    libusb: claim to be version 1.0.16
    
    We are not 100% compatible with 1.0.16, but implement some
    functionality from that version that is required by certain ports.
    
    PR:             277799
    PR:             279555 (exp-run)
    Event:          Kitchener-Waterloo Hackathon 202406
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D45514
    
    (cherry picked from commit 5654b42142e1f689b26d405c90379b85f22349a0)
---
 lib/libusb/libusb-1.0.pc.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/libusb/libusb-1.0.pc.in b/lib/libusb/libusb-1.0.pc.in
index 7dbf746e773e..3a2f27cc52b8 100644
--- a/lib/libusb/libusb-1.0.pc.in
+++ b/lib/libusb/libusb-1.0.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
 
 Name: libusb-1.0
 Description: Library that abstracts ways to access USB devices (v1.0)
-Version: 1.0.13
+Version: 1.0.16
 Libs: -L${libdir} -lusb
 Cflags: -I${includedir}

From nobody Tue Aug  6 21:32:36 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdmjx0m0rz5ShP6;
	Tue, 06 Aug 2024 21:32:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdmjx0BmJz4bYk;
	Tue,  6 Aug 2024 21:32:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722979957;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mxLh7ARsE2DPtttEYMaQosPtzg0eKRZQlmIHNF5n96o=;
	b=BqKMDadXq8JERrLE1qScN1sPAcvtc3ajB/V98vDHqDAyPceZk3BaWSWhbaiwabmbueJ9+m
	MdxQhB/NrcN0EDI63XC48EK9MQ0ybSD2rGh/8dWtw5GdgUlSdx9foTXA0113T7eK4/naP2
	sPwuIjlHAmWnYhFNOkWMauqFlkUCoUpKD/WFPmFHhMaF8nhlS+KyqNTxkWCN3ovIDEAvZ7
	aj7CONCsOTOohtdKJrNZA3Un22vbb/64bzsHAs3rIIY0e2SurBOFZ9075eKa227w5ef7yy
	5n6qGf69fz6b//3lgOM207sve7u64EiwxCApUbCqDS5CbtLM8we9JzA+Z5EzSg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722979957; a=rsa-sha256; cv=none;
	b=T9AhtRbtjCh+g4NNoo6HcKLTbx52k3bwB0JeBHznxjZvsl7nCH2z3DJKn70SFIWLW4kQZX
	1eVgBgcOdoDwMQpVv2KkRx5NO2QZFVkWhVvThWDIdl94SIMmY12Mm96m7vWzyKPPH2jWA1
	q7OyQNiIc8YfAhzZwcvtq6ULw7T5qHMPMvPkw57UJeHuc14/DxDDhN/0cPVAu14y1ImlFZ
	XjRhExz+k8+nPWYWCMlS68rSYQQrdTHb4QfyXipltAKBZAFrIonIckUAep3j2Ho0lh9qdI
	RqnImMc8LXBejfpmhTWaGkjVUdnv5wdCCWk+MlrdxRxa4HmBaz6/CJdFPoGXTg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722979957;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mxLh7ARsE2DPtttEYMaQosPtzg0eKRZQlmIHNF5n96o=;
	b=YtBYn3nmevF+tuWuCuqbsM2Ik6bLlVOpUPzhTCgMLnnpP9S3wtEbJSN2KLAQLdL/2GSQxX
	axf86Ge0o+OrylkaY2apVUYZS4YgLZew5VE/G7do7YEka/OKm/CEFw+XTgUhD7QfddUTNm
	ELYE9E7oLUpHHmwV7fz5L2M7ApBkS2P87jtcgOnlzDMGUmyP1s9gYggtph7wb/UNOKUEHz
	nGZZ6nPvhRdtXrlLY2GoMn6hVDXw9B3VGn2iD8NA7Urk/yR9evCHPdmv0o+i18eYMuXiaO
	KuSBmAUpY6saN9omIh+OeiP7EIrbRUKzGRwKlh3Zp8EqSGBBb2grbhzsBcchDg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdmjw6vpkzNlx;
	Tue,  6 Aug 2024 21:32:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LWacn084059;
	Tue, 6 Aug 2024 21:32:36 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LWanJ084056;
	Tue, 6 Aug 2024 21:32:36 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:32:36 GMT
Message-Id: <202408062132.476LWanJ084056@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: feaaac5e153b - stable/14 - sctp: improve input
  validation for data chunks
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: feaaac5e153babd35b5b29b7e255d52e9b8f1093
Auto-Submitted: auto-generated

The branch stable/14 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=feaaac5e153babd35b5b29b7e255d52e9b8f1093

commit feaaac5e153babd35b5b29b7e255d52e9b8f1093
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 11:27:18 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-06 21:32:06 +0000

    sctp: improve input validation for data chunks
    
    fsn_included should only be considered, if first_frag_seen is true.
    Also, fix the resetting of the control structure, if stream queues
    are flushed.
    This fixes a bug where a legitimate message sequence was incorrectly
    classified as illegitimate.
    Thanks to Victor Boivie for reporting the issue on the userland
    stack.
    
    (cherry picked from commit 101a0f09e8baf8293e1eeb591de18caf15e49e00)
---
 sys/netinet/sctp_indata.c | 35 +++++++++++++++++------------------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/sys/netinet/sctp_indata.c b/sys/netinet/sctp_indata.c
index 4c40e0de4326..693de313b970 100644
--- a/sys/netinet/sctp_indata.c
+++ b/sys/netinet/sctp_indata.c
@@ -746,21 +746,6 @@ sctp_build_readq_entry_from_ctl(struct sctp_queued_to_read *nc, struct sctp_queu
 	nc->do_not_ref_stcb = control->do_not_ref_stcb;
 }
 
-static void
-sctp_reset_a_control(struct sctp_queued_to_read *control,
-    struct sctp_inpcb *inp, uint32_t tsn)
-{
-	control->fsn_included = tsn;
-	if (control->on_read_q) {
-		/*
-		 * We have to purge it from there, hopefully this will work
-		 * :-)
-		 */
-		TAILQ_REMOVE(&inp->read_queue, control, next);
-		control->on_read_q = 0;
-	}
-}
-
 static int
 sctp_handle_old_unordered_data(struct sctp_tcb *stcb,
     struct sctp_association *asoc,
@@ -1922,7 +1907,8 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struct sctp_association *asoc,
 				SCTP_SNPRINTF(msg, sizeof(msg), "Duplicate MID=%8.8x detected.", mid);
 				goto err_out;
 			} else {
-				if ((tsn == control->fsn_included + 1) &&
+				if ((control->first_frag_seen) &&
+				    (tsn == control->fsn_included + 1) &&
 				    (control->end_added == 0)) {
 					SCTP_SNPRINTF(msg, sizeof(msg),
 					    "Illegal message sequence, missing end for MID: %8.8x",
@@ -5430,12 +5416,25 @@ sctp_flush_reassm_for_str_seq(struct sctp_tcb *stcb,
 		sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED);
 	}
 	if (!TAILQ_EMPTY(&control->reasm)) {
-		/* This has to be old data, unordered */
+		KASSERT(!asoc->idata_supported,
+		    ("Reassembly queue not empty for I-DATA"));
+		KASSERT(!ordered,
+		    ("Reassembly queue not empty for ordered data"));
 		if (control->data) {
 			sctp_m_freem(control->data);
 			control->data = NULL;
 		}
-		sctp_reset_a_control(control, stcb->sctp_ep, cumtsn);
+		control->fsn_included = 0xffffffff;
+		control->first_frag_seen = 0;
+		control->last_frag_seen = 0;
+		if (control->on_read_q) {
+			/*
+			 * We have to purge it from there, hopefully this
+			 * will work :-)
+			 */
+			TAILQ_REMOVE(&stcb->sctp_ep->read_queue, control, next);
+			control->on_read_q = 0;
+		}
 		chk = TAILQ_FIRST(&control->reasm);
 		if (chk->rec.data.rcv_flags & SCTP_DATA_FIRST_FRAG) {
 			TAILQ_REMOVE(&control->reasm, chk, sctp_next);

From nobody Tue Aug  6 21:38:40 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdmrx17QRz5Sj4v;
	Tue, 06 Aug 2024 21:38:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdmrx0ZrGz4bxs;
	Tue,  6 Aug 2024 21:38:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722980321;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MRK7KelSXEQmxP7QtbmlorcBx6l7SJU4+D07qjQ8MYY=;
	b=XSAP0AovHEOR9ejdIiw8DvNiVmihouIOfVY+69IcRjXkmVl/tBhZ+Zo0+o4wTxaMmGTxo6
	WkHok4WjSHccQknDUI/oGQ6gB321ks5RHmSnJldstPVPZpdWWtLJhE2AFTZitky7SMrqFh
	AdX06QK7mD+7LF/jaJE2oCzhi8dUcPRVyeCUO7d72BJyoKd74eEklT+UIKAB8AxVTdmrvU
	M2DBtNMWJBfbUPbRtEwCfkYjHfH62mdp9zlZKQcZmVrs8RJyFH/vkuVVNv2fVK+VWAA3Nl
	lfVVMU6qKPIqJpcrHmJCZ2eUz+3l8nmQAOTNS/gdO+ZOlJLGr+lyTD1j9Knw8w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722980321; a=rsa-sha256; cv=none;
	b=FM1i6wM+FUyuAKmXAdAf2QzArUL7PpGFlfhT5Mibo8FxQLDy7gOy3LJFPqPTt0ZcO9dHDs
	2FRrG6RrrvEQMP1VwQzFpJZNUedSopJtNO1rsWp4wKZFXlYPNL0zmDf179jdCNeLUiy2Ju
	cei7mL19nmGx7dGZ9kFfSDN+2BYv86hT7IkYsRhAXqs6bqk2nOuEzCei1qqjAUOpK+zUvI
	99uFsdQM9bQuIu7K2riq67aOrXxpZSY+X7U4cmdMnWhnxoY2dA2SS1+NgkM4inVG43h9zM
	QHvEmMiJvpo5LjfKGgAhKv+rha8P8c6M+ZZJH44LNnJ/cwi1DgwbHB26n432xQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722980321;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MRK7KelSXEQmxP7QtbmlorcBx6l7SJU4+D07qjQ8MYY=;
	b=QnMdQEEnuo/65TPU+168N/Rw3fbo7TRYjDnoXg/eA8fOjd6SmZjvhNfpb9hkA0pElZUsHC
	glqrSkbLDcq8B9EW1n2QQLawnutkZ8mWRIb277zTaoXjf+CUYWmINXFTYG9ac++5OP//wE
	xFE3pyXArZQx9p2YFAel9yL5E4bCkAgf5N6HJxgUVD3MBse5OS/c3AnEm3yKyg4prwASuM
	cdTyhyC864hH1yWMGrxuG91Y66SCskgStE8pL5VBnGrlrx5wy/sJKbTe/R9GvR57/ZDCzV
	nrrjopmuVBN8xQ5dl++78VbgPZ4IevnvYmrp7BiKYP3uE+LuBinbvJVGx93rGQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdmrx09yBzNG1;
	Tue,  6 Aug 2024 21:38:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476Lcetp085000;
	Tue, 6 Aug 2024 21:38:40 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LceaS084997;
	Tue, 6 Aug 2024 21:38:40 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:38:40 GMT
Message-Id: <202408062138.476LceaS084997@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: 18f4b705734e - stable/13 - sctp: improve input
  validation for data chunks
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 18f4b705734e1c76bac441ffe86cb8fbb131a153
Auto-Submitted: auto-generated

The branch stable/13 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=18f4b705734e1c76bac441ffe86cb8fbb131a153

commit 18f4b705734e1c76bac441ffe86cb8fbb131a153
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 11:27:18 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-06 21:38:16 +0000

    sctp: improve input validation for data chunks
    
    fsn_included should only be considered, if first_frag_seen is true.
    Also, fix the resetting of the control structure, if stream queues
    are flushed.
    This fixes a bug where a legitimate message sequence was incorrectly
    classified as illegitimate.
    Thanks to Victor Boivie for reporting the issue on the userland
    stack.
    
    (cherry picked from commit 101a0f09e8baf8293e1eeb591de18caf15e49e00)
---
 sys/netinet/sctp_indata.c | 35 +++++++++++++++++------------------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/sys/netinet/sctp_indata.c b/sys/netinet/sctp_indata.c
index 4c40e0de4326..693de313b970 100644
--- a/sys/netinet/sctp_indata.c
+++ b/sys/netinet/sctp_indata.c
@@ -746,21 +746,6 @@ sctp_build_readq_entry_from_ctl(struct sctp_queued_to_read *nc, struct sctp_queu
 	nc->do_not_ref_stcb = control->do_not_ref_stcb;
 }
 
-static void
-sctp_reset_a_control(struct sctp_queued_to_read *control,
-    struct sctp_inpcb *inp, uint32_t tsn)
-{
-	control->fsn_included = tsn;
-	if (control->on_read_q) {
-		/*
-		 * We have to purge it from there, hopefully this will work
-		 * :-)
-		 */
-		TAILQ_REMOVE(&inp->read_queue, control, next);
-		control->on_read_q = 0;
-	}
-}
-
 static int
 sctp_handle_old_unordered_data(struct sctp_tcb *stcb,
     struct sctp_association *asoc,
@@ -1922,7 +1907,8 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struct sctp_association *asoc,
 				SCTP_SNPRINTF(msg, sizeof(msg), "Duplicate MID=%8.8x detected.", mid);
 				goto err_out;
 			} else {
-				if ((tsn == control->fsn_included + 1) &&
+				if ((control->first_frag_seen) &&
+				    (tsn == control->fsn_included + 1) &&
 				    (control->end_added == 0)) {
 					SCTP_SNPRINTF(msg, sizeof(msg),
 					    "Illegal message sequence, missing end for MID: %8.8x",
@@ -5430,12 +5416,25 @@ sctp_flush_reassm_for_str_seq(struct sctp_tcb *stcb,
 		sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED);
 	}
 	if (!TAILQ_EMPTY(&control->reasm)) {
-		/* This has to be old data, unordered */
+		KASSERT(!asoc->idata_supported,
+		    ("Reassembly queue not empty for I-DATA"));
+		KASSERT(!ordered,
+		    ("Reassembly queue not empty for ordered data"));
 		if (control->data) {
 			sctp_m_freem(control->data);
 			control->data = NULL;
 		}
-		sctp_reset_a_control(control, stcb->sctp_ep, cumtsn);
+		control->fsn_included = 0xffffffff;
+		control->first_frag_seen = 0;
+		control->last_frag_seen = 0;
+		if (control->on_read_q) {
+			/*
+			 * We have to purge it from there, hopefully this
+			 * will work :-)
+			 */
+			TAILQ_REMOVE(&stcb->sctp_ep->read_queue, control, next);
+			control->on_read_q = 0;
+		}
 		chk = TAILQ_FIRST(&control->reasm);
 		if (chk->rec.data.rcv_flags & SCTP_DATA_FIRST_FRAG) {
 			TAILQ_REMOVE(&control->reasm, chk, sctp_next);

From nobody Tue Aug  6 21:52:54 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdn9L3WFJz5SkRg;
	Tue, 06 Aug 2024 21:52:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdn9L32fwz4cwX;
	Tue,  6 Aug 2024 21:52:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722981174;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=h0X/1gDxCgCYrGc+njIqvKMv41GtQPwKDh8Qn15P2a4=;
	b=jN24xz+8ldqepsmHAP8Nz0dg5c3Q562xFACiWqWWIe0K2QNNmATIwnm8d2rh/mD6rxY8wb
	Cu+OSoNyDBgbJTN1ikOv4jfm/MkHdhCRk8FUgkTSTw78tdWgYWpukzVk41zAHJPKYByO33
	VhWsxHA9IoE0gH2L4NP6og936n8raO3IO6mniS4jQ1H0y7NRPDaRwI+pMNl492tGCnX/li
	C9qAJpnVSRfPPuMv0CGMNPLWwHLWeTaCyuvqVXhZ9mBGBJ3SgEMpaPFtu71fQe6z0UQyfp
	QwDfZO2vdBGpB9p4kF9MvrJNNsXGOYfSjgiDypPR96gjrPTlQO3Ac+01x0EbeA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722981174; a=rsa-sha256; cv=none;
	b=yGc/8zSCJWLFqxrpyyVia9CNJnfda/aUGnt0PkisDBnxcpEgYHOwWsuBQmRQgK7oUur2s1
	u6mFAtsE+DWyzadEOqtNUbxJ7roc64addP5qbRZO4IWKtqiCz19Pji5lmxAHOz7KEKAumL
	vws3LDMl8Hc2tVKwV/QoeaB1hjQlzdsvZvI6YX93Kp3YXEqUBxl2hW/cIknmUPIMWXpm8Z
	HIWRehdfOvq/tdjVLCje/uoucD109FO2nSe+hfVBfgX55PJGv3w8vfkmZ5ra/1znt9Flx+
	7BxPkRXtNk2rd7YCpOT47vPdALsyw6iPkpjc1YsGOh+jh+VrTCXaxWzCC2x6Yw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722981174;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=h0X/1gDxCgCYrGc+njIqvKMv41GtQPwKDh8Qn15P2a4=;
	b=VCeIdcPGXet2u9IdcxaiPP5jh/Zp62cVCEPlBY0nS5brg0Fpl49X2Q4TP84x6fLKBPvZYZ
	UevrBZzIZyAku3u6x+LsBkQp5APFzrxWFkEE6qoJ2Mn5HwL9OwV6odp6TngHIBpXl+FRc7
	S9Ns6QwblLNmvWIOjk7XJ0YcMtRKapf2JUFOUsTfE3rN+SGpW01CHJOZ2YlIgweatzOFg/
	7SYPv3QAC8eQejpJpkTYZyGhxBhT5Zsy/Wrtqv9u2GLhWYpVSh8jBOYBRQP/TsHM/6wVEi
	bXMitX1XZKndhMcZpDhKyYazi3Mg64N82p2UiCOWAM+cn4IFqv79k0sEV0KmqA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdn9L2f7CzP0Z;
	Tue,  6 Aug 2024 21:52:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476LqskV017926;
	Tue, 6 Aug 2024 21:52:54 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476LqsMN017923;
	Tue, 6 Aug 2024 21:52:54 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 21:52:54 GMT
Message-Id: <202408062152.476LqsMN017923@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 02ef8e4061ab - stable/13 - libusb: claim to be version
  1.0.16
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 02ef8e4061abc0a0fc148a8e41efde46fde0d5b0
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=02ef8e4061abc0a0fc148a8e41efde46fde0d5b0

commit 02ef8e4061abc0a0fc148a8e41efde46fde0d5b0
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-06-06 13:33:44 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-06 21:52:37 +0000

    libusb: claim to be version 1.0.16
    
    We are not 100% compatible with 1.0.16, but implement some
    functionality from that version that is required by certain ports.
    
    PR:             277799
    PR:             279555 (exp-run)
    Event:          Kitchener-Waterloo Hackathon 202406
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D45514
    
    (cherry picked from commit 5654b42142e1f689b26d405c90379b85f22349a0)
    (cherry picked from commit 5bd6e6c1ddff7f10e8b86703536d81af8ce0532b)
---
 lib/libusb/libusb-1.0.pc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/libusb/libusb-1.0.pc b/lib/libusb/libusb-1.0.pc
index d748439c2257..0815a8eb6e9c 100644
--- a/lib/libusb/libusb-1.0.pc
+++ b/lib/libusb/libusb-1.0.pc
@@ -5,6 +5,6 @@ includedir=${prefix}/include
 
 Name: libusb-1.0
 Description: Library that abstracts ways to access USB devices (v1.0)
-Version: 1.0.13
+Version: 1.0.16
 Libs: -L${libdir} -lusb
 Cflags: -I${includedir}

From nobody Tue Aug  6 22:38:08 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wdp9Y1LhDz5SnQs;
	Tue, 06 Aug 2024 22:38:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wdp9Y0r6Xz4hZB;
	Tue,  6 Aug 2024 22:38:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1722983889;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=NbDRm1pexAhLn4dJnkQNdFVEs8/OaDJHldba/CoU3tM=;
	b=RywBIbyvLnNye97SEkrGh2LqIyS94l5+Xzmc/K93R9C8Mk3bJ4IaKk4woaS5NVpPwaf1px
	b+4ligYeVQNb3V5B/zIGsuQpNqVdukkdc7phTpLLKoVhyed8Vn7Tp7IGoqPHR1mVA5q5zp
	ylarlACZTHksvc/irauTDiNDqx5wStotoDOvqikpPiEO1kHiunzs8OS/7F84/4nKrZtgHZ
	RyYQOpsn91leb6az+MN25D0hO703lxg0c0w24D0OrkG283VmfeceFKrBoxngFczx948eYE
	W0thGOCYes0ZGLCZ0SXOG8UaJCuGpOrbz+ZCVl82stZAw6Gz/OmZSXOiJN4P5Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1722983889; a=rsa-sha256; cv=none;
	b=NwqXl1L0FoQBWGG636BwmYw9mcASlsnSglymTEYgTs0Rgwv+YVOCirEDSJiosavtrE1Hd1
	TMmDKpQIUWkj6HYKEfwGAVtx5XWjG61GiaFZp59T3028f7RtMywKAG1DdGBOjw39Cq4ybf
	VoCvBcgE/hG/56cEEYUmV6chkNDLUQI3MhojEZI/OqvGr23lFC9YgK1srj14bC9wBUPY32
	50uaWZyfoPUaiSddQa5P7kYLrWctvcG76Mhc0gKQYvqkQpABH72GufHM3CbiNWBxWEQnao
	s0shUG68rDFKPAnrqvMfn5i88yU0bkZXxG11GR9su8GZ4jKhNs2s+zyrIbBAkA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1722983889;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=NbDRm1pexAhLn4dJnkQNdFVEs8/OaDJHldba/CoU3tM=;
	b=mWLdpqw77OFZmaNv79L1N/5S/hGfLDuIIXsgjIXKJJxOFNHL5/vTUpEcu2pgk4A9lxoxEJ
	rNckSPNCZU0VWo8TPIWf18vB28ACi8yX6xjasFONzoeI0J3HMuNUtTuOrQ64/ykNWYthnC
	mYaFD5iOIs7kqLIo4xQu8rLNdy78gfDKwiX7I/krY0OKd/Ecix5OMOFHpjGHN7dW7oicto
	uxc28AT1D+4syuO44jiZHuQjzbSMNoeQPf9Eb58seGOxaQH9OE/xYDZ9vP83EnBpaIVGW8
	GBF5CW6U4Ru0jQRLG0zBJo420px9RuSM1qqbeREp41cuR+gPNGjfSdo1IwpS1Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wdp9Y0PdVzQ7G;
	Tue,  6 Aug 2024 22:38:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 476Mc8I3086563;
	Tue, 6 Aug 2024 22:38:08 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 476Mc8RJ086560;
	Tue, 6 Aug 2024 22:38:08 GMT
	(envelope-from git)
Date: Tue, 6 Aug 2024 22:38:08 GMT
Message-Id: <202408062238.476Mc8RJ086560@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: 9badd542e755 - releng/13.4 - sctp: improve input
  validation for data chunks
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: 9badd542e7552f9dfd4b868733a1e67c8f6df2df
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=9badd542e7552f9dfd4b868733a1e67c8f6df2df

commit 9badd542e7552f9dfd4b868733a1e67c8f6df2df
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 11:27:18 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-06 22:36:18 +0000

    sctp: improve input validation for data chunks
    
    fsn_included should only be considered, if first_frag_seen is true.
    Also, fix the resetting of the control structure, if stream queues
    are flushed.
    This fixes a bug where a legitimate message sequence was incorrectly
    classified as illegitimate.
    Thanks to Victor Boivie for reporting the issue on the userland
    stack.
    
    (cherry picked from commit 101a0f09e8baf8293e1eeb591de18caf15e49e00)
    (cherry picked from commit 18f4b705734e1c76bac441ffe86cb8fbb131a153)
    
    Approved by:    re (cperciva)
---
 sys/netinet/sctp_indata.c | 35 +++++++++++++++++------------------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/sys/netinet/sctp_indata.c b/sys/netinet/sctp_indata.c
index 4c40e0de4326..693de313b970 100644
--- a/sys/netinet/sctp_indata.c
+++ b/sys/netinet/sctp_indata.c
@@ -746,21 +746,6 @@ sctp_build_readq_entry_from_ctl(struct sctp_queued_to_read *nc, struct sctp_queu
 	nc->do_not_ref_stcb = control->do_not_ref_stcb;
 }
 
-static void
-sctp_reset_a_control(struct sctp_queued_to_read *control,
-    struct sctp_inpcb *inp, uint32_t tsn)
-{
-	control->fsn_included = tsn;
-	if (control->on_read_q) {
-		/*
-		 * We have to purge it from there, hopefully this will work
-		 * :-)
-		 */
-		TAILQ_REMOVE(&inp->read_queue, control, next);
-		control->on_read_q = 0;
-	}
-}
-
 static int
 sctp_handle_old_unordered_data(struct sctp_tcb *stcb,
     struct sctp_association *asoc,
@@ -1922,7 +1907,8 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struct sctp_association *asoc,
 				SCTP_SNPRINTF(msg, sizeof(msg), "Duplicate MID=%8.8x detected.", mid);
 				goto err_out;
 			} else {
-				if ((tsn == control->fsn_included + 1) &&
+				if ((control->first_frag_seen) &&
+				    (tsn == control->fsn_included + 1) &&
 				    (control->end_added == 0)) {
 					SCTP_SNPRINTF(msg, sizeof(msg),
 					    "Illegal message sequence, missing end for MID: %8.8x",
@@ -5430,12 +5416,25 @@ sctp_flush_reassm_for_str_seq(struct sctp_tcb *stcb,
 		sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED);
 	}
 	if (!TAILQ_EMPTY(&control->reasm)) {
-		/* This has to be old data, unordered */
+		KASSERT(!asoc->idata_supported,
+		    ("Reassembly queue not empty for I-DATA"));
+		KASSERT(!ordered,
+		    ("Reassembly queue not empty for ordered data"));
 		if (control->data) {
 			sctp_m_freem(control->data);
 			control->data = NULL;
 		}
-		sctp_reset_a_control(control, stcb->sctp_ep, cumtsn);
+		control->fsn_included = 0xffffffff;
+		control->first_frag_seen = 0;
+		control->last_frag_seen = 0;
+		if (control->on_read_q) {
+			/*
+			 * We have to purge it from there, hopefully this
+			 * will work :-)
+			 */
+			TAILQ_REMOVE(&stcb->sctp_ep->read_queue, control, next);
+			control->on_read_q = 0;
+		}
 		chk = TAILQ_FIRST(&control->reasm);
 		if (chk->rec.data.rcv_flags & SCTP_DATA_FIRST_FRAG) {
 			TAILQ_REMOVE(&control->reasm, chk, sctp_next);

From nobody Wed Aug  7 13:41:53 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBDL1nNqz5S96p;
	Wed, 07 Aug 2024 13:41:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBDK6795z4hFm;
	Wed,  7 Aug 2024 13:41:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038113;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=k4WjGmOUNi9V5d3kXa5B5ZHvHlrNFDwTRtfIM+LqV7Q=;
	b=WUrMEhwgcPnovwMJZaDUOQeqq/5ractKjuhIBFQcajGP6tvaamip5CTlY8r9y8afJR9+cj
	E1aBZuuENYlv9zuqD3UV2FlvVpS56roWUCTv+gk4RPtQ1jLoMoovcQ5ib1+rZNRESSdZoP
	+0pZYeZBDNrsst5MgrqE1zcF0tfSjaQ3TgdxwnaSjFX2acObssQDeWTZoxVXHiGRNbpORc
	nSFqwlN7YyKBMUOxh6ZzMlRh8WuwwVEuafo6ahMlp932VfIIJy2uWSVRZk+btI2ma5vvnr
	27fE285D8i4VVd9UMF3OQK/HrAqsth0RF86AjhE/EbFX3w5ZPIqq3IJpw4ThsQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038113; a=rsa-sha256; cv=none;
	b=yuBvuo/7U4Gu5VvqaiOqtlZ2fLozlgRxflQdt+ZRtdmj4vI9OSU8btvd8LtxSqqTDK3bUR
	rBBFKGIcFSc2dOaOdoOdJkIVr7N8XTnUi1iuA/kmdDV7EO7clK8/lL94xSLZCr/fZFMTIV
	rAZ2uglvrjc1oyRKNlsubattAY6Pb7LqT0m1WP03SdsfADCe4pOkxfFvYF73ppZWVzzrps
	lQ/ELhNazq5aKTeUIpBmcT7pbFQozWOujmwbW6EZhZ6C5K25/TOL8puqyXXfpsPfS5HGWv
	EwRFKNmhvzU7lV3vV0/XX4OX7GTGtlW7wI4j2ClzkOLk0qQtSOD42TNYksZYSQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038113;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=k4WjGmOUNi9V5d3kXa5B5ZHvHlrNFDwTRtfIM+LqV7Q=;
	b=KFfOwTjUZR87L3zAxwKPPQ5m/jLfK5COVuktSPVK7gl8F5AQMt9evyYcxHyyRX2XnxLg5h
	UpwHbdoyWufgG9yn90IGJON9W1zf9TaC6JRz5OGIB6QndhYG9CvCG1QSVdfXv3OhS9+xkm
	eFu+CjkRTcWOp4SmVyxqqwMs2O0ATzMblHRIYMT7kPvfpNOTec8A5AfZX0h1UCJA4QtUnf
	vFMqk1rfn7rzEXHidVt5RF62hr6OpVfY9IhJzdQNmZU++OcCBBC5BYFiJnQMrxNqp+rRKx
	m8gm1xrsG8OSpzt9S4GYA6JnKExPEF/8o45AVI7FKBpNyAdl1A5YJhtpF/PGcw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBDK5kkrzsdR;
	Wed,  7 Aug 2024 13:41:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Dfr6Z030727;
	Wed, 7 Aug 2024 13:41:53 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dfrgi030724;
	Wed, 7 Aug 2024 13:41:53 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:41:53 GMT
Message-Id: <202408071341.477Dfrgi030724@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 8b400c8488f0 - stable/14 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 8b400c8488f0b9e67ae269f6d8e5022a3bc7d854
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=8b400c8488f0b9e67ae269f6d8e5022a3bc7d854

commit 8b400c8488f0b9e67ae269f6d8e5022a3bc7d854
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:41:42 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Security:       FreeBSD-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 555762185411..1c6a2ae01f3d 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -593,7 +593,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Wed Aug  7 13:42:10 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBDf1xVTz5S9KX;
	Wed, 07 Aug 2024 13:42:10 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBDf1TwKz4hQ7;
	Wed,  7 Aug 2024 13:42:10 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038130;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Tata4MkNvVXgPfLPelJSchqBwD3pVkeRszcXdu1bBVI=;
	b=ABW6TKC5Ej+qQCdLdNcvBEzHNTwtvzEB/g/HSAr/rvToc899e0j13ZyapcbCZxHzoW1Xg1
	v8zUWbdQpNtu7KQRr9E49k0WIZRuHBBCZ4zSETXf0WQtzKpzOn4VrQxJ5xfStzkQNGXIaM
	XgH58wMEURihu+ZOjaBEBjbw5+4z6+0fZy0jjJwSYIzRSOyaF1Kknt2Vq5EMZ+U/AR64VR
	eFxXMWjc6/dc3z4hwlqs4uVWV0cvY/RM5SWypz3gjyns/dfw6VLvbLvfh1BDtwZ/WWC7c/
	kR4yfNpN0K4yk/vRaoSrd8liSoYvmd2XD543fAe8azU1B1LfeuXYZ5Sv3SkysQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038130; a=rsa-sha256; cv=none;
	b=oKV61M7yzCnMbFiT7VTuhwZnjIxNAQQLovX2Gr3TrXr2pv7nmlm3kuZDp2PGJlOdHvhlBI
	tEzHQnZ02uAaIpiFMn0JTuvk0sc3nMTajR60IXVUq2zsa0ofbg13gXihuNVlFh6wm+zgqF
	j0+zeuD+fF/0kMbLDMLAGtlQ/JtyjgVkRlhRyNRc7D8K+woMvJH0dz4nyrpDhcKTT2tLnA
	LJLh1ip8p0LSzLV/R1LxYjWGfRjmXFNPWas4OGEL10ca9AqSpsM1sQfpm6KNzCls1lYsM1
	ie6LL8vfgzfd5Ze0PCkRwgVl5YPPhbxgCgVriaaMWy0xpGqkmNVjjqTFbprMDQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038130;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Tata4MkNvVXgPfLPelJSchqBwD3pVkeRszcXdu1bBVI=;
	b=c+ym7wU1HbEa+rOWNmNx2WaRZxn9Rhw2hvPEIf013JSQAwGUk/KXX/9WYb81WSEJ9tCt91
	VkJkiyWxpFD3Bt7obLmhbImkhEIQXI2rMqKBKxy7JKmTieXp0O8VtJLO4LqZw3bstK+q8h
	/as2JFgUy53bYXtJWU9pYj46XlH4kYGF088TRdCv8Kkw9XkJVbZSJ6Q+X0Qr5UsLxL0Gss
	YLRk0P8D08DpFpMWzuNoyL/mmrRgD8G8bvp/OwSIieh9qxvjA6XODcKQyU5750zO25DJZP
	0ywwdWd0X7COExhdwVi/NiwW7IBe4Y/afZf/16+lTF5Evkm2sGImLN+h7ufjxg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBDf14jRzsmG;
	Wed,  7 Aug 2024 13:42:10 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DgAgY032866;
	Wed, 7 Aug 2024 13:42:10 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DgAJT032863;
	Wed, 7 Aug 2024 13:42:10 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:42:10 GMT
Message-Id: <202408071342.477DgAJT032863@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: f702110bc4bc - stable/13 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f702110bc4bcc593b38674ec6e4fadf6c4626432
Auto-Submitted: auto-generated

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=f702110bc4bcc593b38674ec6e4fadf6c4626432

commit f702110bc4bcc593b38674ec6e4fadf6c4626432
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:42:02 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Security:       FreeBSD-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 2729d0880b31..cc51dbae46f7 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -585,7 +585,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Wed Aug  7 13:44:21 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBH94J1Cz5S8r2;
	Wed, 07 Aug 2024 13:44:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBH93hBCz4hWr;
	Wed,  7 Aug 2024 13:44:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038261;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rcFa05g/quTSmsQac8GoTI+wAFqajW5Wo9WxRGL/oxQ=;
	b=Ru7+7/lymlsABSabyeaBTjdTuEx5sVy4TyCpQo9Kxe799QJDvo37gLpPM0QGqDYM9pTXLL
	RRVTwlPAojzS/T7OGe/uRip5TPcpp8j02MaX8BHOCNO6dMsHROCwe5dc6JTxm0gmJ1of3G
	qNAy4Ww9QWEDgkSMfXFlKlToMymaK7FsbI8eMZYJ4gHNK/A29y0KE6tLpk/FVMibAzbxfN
	z3gIUgR4bn6pUQCcu+QuNNzwM5kL8SjcgeDsdVX4rnI9GdwdA1rOsqkNQlzt+mOMkidIZ2
	XFZWpCHX0ci+2Cl4LBO7hUOCAIhQlH+YGQNWqWKozXwr8BacYOHfkbNaiVKyBQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038261; a=rsa-sha256; cv=none;
	b=wJd4mQPRY0n45MhiOcNmXyquj6xGo+ytiNgckjzflBJRs496et2z+kRby0ydzhwqKq0hgx
	efxbUFCgM1SUcjGUziixNc7cOH/M+jVw4Md1JNjX2UVS2THRmbjPgHNvX0JgJ/94odhcf5
	hz0+2nshK4DH/lXKUizbY/F02hm98DlVE3W1xwBdclaQrdhrXJE4k6jYVEN3YW5jombiEv
	o5RMmNSSAdiCMCd0rco5lOjmI7bXfw5mzpTIgcDOHOd+77p1VD5yku4joo9NuunhlkAiX+
	eyQEGDWQQEajIe5GgJLxmT1vakch/3ch/2bddwVwbNX/1rwnBdYcTPJmwXWU/A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038261;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rcFa05g/quTSmsQac8GoTI+wAFqajW5Wo9WxRGL/oxQ=;
	b=cDbkTPQv49bNZ3/BxfBzODWVRPzEIyUpDQZJFbXgbFH6pbXfPxDxaXpfOipmp6YVtQYhyV
	kFh3MqjmsoyoOYBYd6+EoEpNAwLGy9dZPH+FipGxmvMVvxdRh3AnQa/+MrnJfzlgufYaBB
	hYJGsiX7Ko4NcfzgMI6GEk14rcEquyy8L7SVRccmUDctXxpxCR9v9f6SZcgnUv6d2euNO+
	tRO8ICQMYinM83fsVTnAch5n2E4HD7VRghpmim3AW6j5I04EAYba9kcDZxwoqf3Mk6GatN
	SNSASLmZ2THxag2tfArd86BtFj1WCZd8fnHpDtoyYh71Y6rDl9KOJIBgbevqgg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBH939L8zsjP;
	Wed,  7 Aug 2024 13:44:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiLtl033353;
	Wed, 7 Aug 2024 13:44:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiLSL033350;
	Wed, 7 Aug 2024 13:44:21 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:21 GMT
Message-Id: <202408071344.477DiLSL033350@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 8533e927afc1 - releng/14.1 - nfscl: Scan readdir reply
  filenames for invalid characters
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 8533e927afc1847fb8ff6b650a69999ec6612df3
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=8533e927afc1847fb8ff6b650a69999ec6612df3

commit 8533e927afc1847fb8ff6b650a69999ec6612df3
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2024-07-21 22:56:16 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:30:29 +0000

    nfscl: Scan readdir reply filenames for invalid characters
    
    The NFS RFCs are pretty loose with respect to what characters
    can be in a filename returned by a Readdir.  However, FreeBSD,
    as a POSIX system will not handle imbedded '/' or nul characters
    in file names.  Also, for NFSv4, the file names "." and ".."
    are handcrafted on the client and should not be returned by a
    NFSv4 server.
    
    This patch scans for the above in filenames returned by Readdir and
    ignores any entry returned by Readdir which has them in it.
    Because an imbedded nul would be a string terminator, it was
    not possible to code this check efficiently using string(3)
    functions.
    
    Approved by:    so
    Security:       FreeBSD-SA-24:07.nfsclient
    Security:       CVE-2024-6759
    Reported by:    Apple Security Engineering and Architecture (SEAR)
    
    (cherry picked from commit 026cdaa3b3a92574d9ac3155216e5cc0b0bd4c51)
    (cherry picked from commit 9328ded386d570c8455b9021e047520ef72e0e79)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 137 ++++++++++++++++++++++++++++++++--------
 1 file changed, 110 insertions(+), 27 deletions(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 8c5532268287..c5c0ee9fa74f 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -142,6 +142,7 @@ static int nfsrpc_createv4(vnode_t , char *, int, struct vattr *,
     nfsquad_t, int, struct nfsclowner *, struct nfscldeleg **, struct ucred *,
     NFSPROC_T *, struct nfsvattr *, struct nfsvattr *, struct nfsfh **, int *,
     int *, int *);
+static bool nfscl_invalidfname(bool, char *, int);
 static int nfsrpc_locku(struct nfsrv_descript *, struct nfsmount *,
     struct nfscllockowner *, u_int64_t, u_int64_t,
     u_int32_t, struct ucred *, NFSPROC_T *, int);
@@ -3279,6 +3280,31 @@ nfsrpc_rmdir(vnode_t dvp, char *name, int namelen, struct ucred *cred,
 	return (error);
 }
 
+/*
+ * Check to make sure the file name in a Readdir reply is valid.
+ */
+static bool
+nfscl_invalidfname(bool is_v4, char *name, int len)
+{
+	int i;
+	char *cp;
+
+	if (is_v4 && ((len == 1 && name[0] == '.') ||
+	    (len == 2 && name[0] == '.' && name[1] == '.'))) {
+		printf("Readdir NFSv4 reply has dot or dotdot in it\n");
+		return (true);
+	}
+	cp = name;
+	for (i = 0; i < len; i++, cp++) {
+		if (*cp == '/' || *cp == '\0') {
+			printf("Readdir reply file name had imbedded / or nul"
+			    " byte\n");
+			return (true);
+		}
+	}
+	return (false);
+}
+
 /*
  * Readdir rpc.
  * Always returns with either uio_resid unchanged, if you are at the
@@ -3331,6 +3357,8 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdir: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	/*
 	 * There is no point in reading a lot more than uio_resid, however
@@ -3588,6 +3616,17 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -3603,20 +3642,35 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				uiop->uio_iov->iov_base =
 				    (char *)uiop->uio_iov->iov_base + DIRHDSIZ;
 				uiop->uio_iov->iov_len -= DIRHDSIZ;
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)
@@ -3782,6 +3836,8 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirplusrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdirplus: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	timespecclear(&dctime);
 	*attrflagp = 0;
@@ -4017,6 +4073,17 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -4035,25 +4102,41 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				cnp->cn_nameptr = uiop->uio_iov->iov_base;
 				cnp->cn_namelen = len;
 				NFSCNHASHZERO(cnp);
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				if (len == 2 && cnp->cn_nameptr[0] == '.' &&
-				    cnp->cn_nameptr[1] == '.')
-					isdotdot = 1;
-				else
-					isdotdot = 0;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					if (len == 2 &&
+					    cnp->cn_nameptr[0] == '.' &&
+					    cnp->cn_nameptr[1] == '.')
+						isdotdot = 1;
+					else
+						isdotdot = 0;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)

From nobody Wed Aug  7 13:44:22 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHB408mz5S8tf;
	Wed, 07 Aug 2024 13:44:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHB3hYxz4hWs;
	Wed,  7 Aug 2024 13:44:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038262;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6Z9MTMZri7Q+DnNx3pYDjWvPXMwX8CF1ox+hwomupZE=;
	b=tQ6To2afXueebXjecvGJtisV5RPUcwEF6xuZwThd5bhZIeoS0E/nphvFpgsDcg0QNerFbd
	cOYg5pAnuj33Nc7jqP0AvWr+rDlITg5VL3Et14/lYJ9jwQo9gtv7kdcDdC/Dn7Ltt8vUKO
	pfFEjNSKdmdqMZG9oFfLtbIfjaAzo+yQQQG0+EE5XGZ6SU76pmUSQLQUYzEIDWX7CbvIPC
	NvEKDB4zad+eMo/tjCGYRVierT/NUid6ItyX5wVg1WXGqIRBYSOquHiMOXNXOlKVTe0tCj
	XyBly16SHxFYY9XLVToZxyLfWhxOmerpa8VGtmQ6lSgkEsBVBbJL6Q/IKrOoBQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038262; a=rsa-sha256; cv=none;
	b=lEOnSbwgIIItA9MI8ruyge66CJ65DtJOu4LAbfqSgbzu7wcxhk0mrOXmgCHq/nm7G9MTRE
	1cZS9k5gqZb64YtsYsH+q7nMNXNtFN5a1SPCVYbBb0x0GUEUF9QI4T8zG3ASeA8X3Su5Ec
	NEEJCAewgOFGLPR0UbNnSIOyGyQ7LLyHSan9OpQi5F8I880BQe0m6tjqx8PShFDT0aYvDW
	BPUB+wx98hFLpt0uUOkwnl2Rf2X5IxrjOIZmiKjkBerV7OxF3ztgoEez0vHeSeO40Hgi7X
	IYD2d+4+K846gGWv+30zaC1ziP8/vWElP+nBW+4wXn0VNq3Uh0sQ8Y9dTrjVRw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038262;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6Z9MTMZri7Q+DnNx3pYDjWvPXMwX8CF1ox+hwomupZE=;
	b=HKJTwFILVm2TrF0ZbPLU9PG4Zh08Fi7E6TOPkBlK35dF0Z4YSzgKhMuIockR6u+JHWQ/xj
	j4s1aQtBXPbTcsR1FSvKqvZKcUOs7WokcggBN+d1b23ZAZXI1yZqWyqza4dyo1N4PBXWoR
	3RwMyTF5W5i/NLvJ7p3OhonGIEumqRoOPqAG4RLuH2NVkwgcE8PRn+wVMcUdwcIbn2yGWz
	yexCSbyl/fgS5DL3IZH6bTqzYbyQa24Di3iAKrTrw71vuEFaxgX3ZQ8zDQayhbrUSxdwWt
	LGG0SkDJVfEWF35VLYCChr7AzzD5BZBMEY/UZ83NWPVr9D9f1+pXkM1b91omKg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHB3HnjzsmL;
	Wed,  7 Aug 2024 13:44:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiMtw033413;
	Wed, 7 Aug 2024 13:44:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiMad033410;
	Wed, 7 Aug 2024 13:44:22 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:22 GMT
Message-Id: <202408071344.477DiMad033410@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 370e196bae46 - releng/14.1 - pf: stricter state
  checking for ICMP and ICMPv6 packets
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 370e196bae469f776bb95b9733fe6a6481e189f6
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=370e196bae469f776bb95b9733fe6a6481e189f6

commit 370e196bae469f776bb95b9733fe6a6481e189f6
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-09 13:59:33 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:39 +0000

    pf: stricter state checking for ICMP and ICMPv6 packets
    
    Include
    the ICMP type in one port of the state key, using the type to determine which
    side should be the id, and which should be the type.
    
    Also:
    - Handle ICMP6 messages which are typically sent to multicast addresses but
     recieve unicast replies, by doing fallthrough lookups against the correct
     multicast address.
    - Clear up some mistaken assumptions in the PF code:
      - Not all ICMP packets have an icmp_id, so simulate one based on other
        data if we can, otherwise set it to 0.
     - Don't modify the icmp id field in NAT unless it's echo
     - Use the full range of possible id's when NATing icmp6 echoy
    
    ok henning marco
    testing matthieu todd
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 70bf7555ef4c
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 534ee17e61ee094ec175703bc50e88ff6587703e)
    (cherry picked from commit 2f6b4611b5b847aee1ff8d5017a0f8a657f4101d)
---
 sys/netpfil/pf/pf.c    | 381 ++++++++++++++++++++++++++++++++++++++-----------
 sys/netpfil/pf/pf_lb.c |  19 ++-
 2 files changed, 317 insertions(+), 83 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 5fc234c5aca9..3212a1443f63 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -291,6 +291,8 @@ static void		 pf_change_ap(struct mbuf *, struct pf_addr *, u_int16_t *,
 			    u_int16_t, u_int8_t, sa_family_t);
 static int		 pf_modulate_sack(struct mbuf *, int, struct pf_pdesc *,
 			    struct tcphdr *, struct pf_state_peer *);
+int			 pf_icmp_mapping(struct pf_pdesc *, u_int8_t, int *,
+			    int *, u_int16_t *, u_int16_t *);
 static void		 pf_change_icmp(struct pf_addr *, u_int16_t *,
 			    struct pf_addr *, struct pf_addr *, u_int16_t,
 			    u_int16_t *, u_int16_t *, u_int16_t *,
@@ -337,6 +339,10 @@ static int		 pf_test_state_tcp(struct pf_kstate **,
 static int		 pf_test_state_udp(struct pf_kstate **,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *);
+int			 pf_icmp_state_lookup(struct pf_state_key_cmp *,
+			    struct pf_pdesc *, struct pf_kstate **, struct mbuf *,
+			    int, struct pfi_kkif *, u_int16_t, u_int16_t,
+			    int, int *, int);
 static int		 pf_test_state_icmp(struct pf_kstate **,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *, u_short *);
@@ -389,6 +395,8 @@ extern struct proc *pf_purge_proc;
 
 VNET_DEFINE(struct pf_limit, pf_limits[PF_LIMIT_MAX]);
 
+enum { PF_ICMP_MULTI_NONE, PF_ICMP_MULTI_SOLICITED, PF_ICMP_MULTI_LINK };
+
 #define	PACKET_UNDO_NAT(_m, _pd, _off, _s)		\
 	do {								\
 		struct pf_state_key *nk;				\
@@ -1734,6 +1742,142 @@ pf_isforlocal(struct mbuf *m, int af)
 	return (false);
 }
 
+int
+pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
+    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+{
+	/*
+	 * ICMP types marked with PF_OUT are typically responses to
+	 * PF_IN, and will match states in the opposite direction.
+	 * PF_IN ICMP types need to match a state with that type.
+	 */
+	*icmp_dir = PF_OUT;
+	*multi = PF_ICMP_MULTI_LINK;
+	/* Queries (and responses) */
+	switch (type) {
+	case ICMP_ECHO:
+		*icmp_dir = PF_IN;
+	case ICMP_ECHOREPLY:
+		*icmptype = ICMP_ECHO;
+		*icmpid = pd->hdr.icmp.icmp_id;
+		break;
+
+	case ICMP_TSTAMP:
+		*icmp_dir = PF_IN;
+	case ICMP_TSTAMPREPLY:
+		*icmptype = ICMP_TSTAMP;
+		*icmpid = 0; /* Time is not a secret. */
+		break;
+
+	case ICMP_IREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_IREQREPLY:
+		*icmptype = ICMP_IREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MASKREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_MASKREPLY:
+		*icmptype = ICMP_MASKREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_IPV6_WHEREAREYOU:
+		*icmp_dir = PF_IN;
+	case ICMP_IPV6_IAMHERE:
+		*icmptype = ICMP_IPV6_WHEREAREYOU;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MOBILE_REGREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP_MOBILE_REGREPLY:
+		*icmptype = ICMP_MOBILE_REGREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_ROUTERSOLICIT:
+		*icmp_dir = PF_IN;
+	case ICMP_ROUTERADVERT:
+		*icmptype = ICMP_ROUTERSOLICIT;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+#ifdef INET6
+	case ICMP6_ECHO_REQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_ECHO_REPLY:
+		*icmptype = ICMP6_ECHO_REQUEST;
+		*icmpid = pd->hdr.icmp6.icmp6_id;
+		break;
+
+	case MLD_LISTENER_QUERY:
+		*icmp_dir = PF_IN;
+	case MLD_LISTENER_REPORT: {
+		*icmptype = MLD_LISTENER_QUERY;
+		*icmpid = 0;
+		break;
+	}
+
+	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
+	case ICMP6_WRUREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_WRUREPLY:
+		*icmptype = ICMP6_WRUREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case MLD_MTRACE:
+		*icmp_dir = PF_IN;
+	case MLD_MTRACE_RESP:
+		*icmptype = MLD_MTRACE;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ND_NEIGHBOR_SOLICIT:
+		*icmp_dir = PF_IN;
+	case ND_NEIGHBOR_ADVERT: {
+		*icmptype = ND_NEIGHBOR_SOLICIT;
+		*multi = PF_ICMP_MULTI_SOLICITED;
+		*icmpid = 0;
+		break;
+	}
+
+#endif /* INET6 */
+	/* These ICMP types map to other connections */
+	case ICMP_UNREACH:
+	case ICMP_SOURCEQUENCH:
+	case ICMP_REDIRECT:
+	case ICMP_TIMXCEED:
+	case ICMP_PARAMPROB:
+#ifdef INET6
+	/*
+	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
+	 * ND_REDIRECT can't be in this list because the triggering packet
+	 * header is optional.
+	 */
+	case ICMP6_PACKET_TOO_BIG:
+#endif /* INET6 */
+		/* These will not be used, but set them anyways */
+		*icmp_dir = PF_IN;
+		*icmptype = htons(type);
+		*icmpid = 0;
+		return (1);	/* These types are matched to other state */
+	/*
+	 * All remaining ICMP types get their own states,
+	 * and will only match in one direction.
+	 */
+	default:
+		*icmp_dir = PF_IN;
+		*icmptype = type;
+		*icmpid = 0;
+		break;
+	}
+	HTONS(*icmptype);
+	return (0);
+}
+
 void
 pf_intr(void *v)
 {
@@ -4397,8 +4541,8 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 	int			 tag = -1;
 	int			 asd = 0;
 	int			 match = 0;
-	int			 state_icmp = 0;
-	u_int16_t		 sport = 0, dport = 0;
+	int			 state_icmp = 0, icmp_dir, multi;
+	u_int16_t		 sport = 0, dport = 0, virtual_type, virtual_id;
 	u_int16_t		 bproto_sum = 0, bip_sum = 0;
 	u_int8_t		 icmptype = 0, icmpcode = 0;
 	struct pf_kanchor_stackframe	anchor_stack[PF_ANCHOR_STACKSIZE];
@@ -4432,33 +4576,37 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 	case IPPROTO_ICMP:
 		if (pd->af != AF_INET)
 			break;
-		sport = dport = pd->hdr.icmp.icmp_id;
 		hdrlen = sizeof(pd->hdr.icmp);
 		icmptype = pd->hdr.icmp.icmp_type;
 		icmpcode = pd->hdr.icmp.icmp_code;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		if (af != AF_INET6)
 			break;
-		sport = dport = pd->hdr.icmp6.icmp6_id;
 		hdrlen = sizeof(pd->hdr.icmp6);
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	default:
@@ -4552,7 +4700,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 		}
 #ifdef INET
 		case IPPROTO_ICMP:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET))
 				pf_change_a(&saddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->sidx].v4.s_addr, 0);
@@ -4561,11 +4708,12 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (nk->port[1] != pd->hdr.icmp.icmp_id) {
+			if (virtual_type == ICMP_ECHO &&
+			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
-				    nk->port[1], 0);
-				pd->hdr.icmp.icmp_id = nk->port[1];
+				    nk->port[pd->sidx], 0);
+				pd->hdr.icmp.icmp_id = nk->port[pd->sidx];
 				pd->sport = &pd->hdr.icmp.icmp_id;
 			}
 			m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
@@ -4573,7 +4721,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 #endif /* INET */
 #ifdef INET6
 		case IPPROTO_ICMPV6:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET6))
 				pf_change_a6(saddr, &pd->hdr.icmp6.icmp6_cksum,
 				    &nk->addr[pd->sidx], 0);
@@ -6402,15 +6549,73 @@ pf_multihome_scan_asconf(struct mbuf *m, int start, int len,
 	return (pf_multihome_scan(m, start, len, pd, kif, SCTP_ADD_IP_ADDRESS));
 }
 
+int
+pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd,
+    struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif,
+    u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi)
+{
+	key->af = pd->af;
+	key->proto = pd->proto;
+	if (icmp_dir == PF_IN) {
+		*iidx = pd->sidx;
+		key->port[pd->sidx] = icmpid;
+		key->port[pd->didx] = type;
+	} else {
+		*iidx = pd->didx;
+		key->port[pd->sidx] = type;
+		key->port[pd->didx] = icmpid;
+	}
+	if (pd->af == AF_INET6 && multi != PF_ICMP_MULTI_NONE) {
+		switch (multi) {
+		case PF_ICMP_MULTI_SOLICITED:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = IPV6_ADDR_INT32_ONE;
+			key->addr[pd->sidx].addr32[3] = pd->src->addr32[3];
+			key->addr[pd->sidx].addr8[12] = 0xff;
+			break;
+		case PF_ICMP_MULTI_LINK:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = 0;
+			key->addr[pd->sidx].addr32[3] = IPV6_ADDR_INT32_ONE;
+			break;
+		}
+	} else
+		PF_ACPY(&key->addr[pd->sidx], pd->src, key->af);
+	PF_ACPY(&key->addr[pd->didx], pd->dst, key->af);
+
+	STATE_LOOKUP(kif, key, *state, pd);
+
+	/* Is this ICMP message flowing in right direction? */
+	if ((*state)->rule.ptr->type &&
+	    (((*state)->direction == direction) ?
+	    PF_IN : PF_OUT) != icmp_dir) {
+		if (V_pf_status.debug >= PF_DEBUG_MISC) {
+			printf("pf: icmp type %d in wrong direction (%d): ",
+			    icmp_dir, pd->dir);
+			pf_print_state(*state);
+			printf("\n");
+		}
+		return (PF_DROP);
+	}
+	return (-1);
+}
+
 static int
 pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
     struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason)
 {
 	struct pf_addr  *saddr = pd->src, *daddr = pd->dst;
-	u_int16_t	 icmpid = 0, *icmpsum;
+	u_int16_t	*icmpsum, virtual_id, virtual_type;
 	u_int8_t	 icmptype, icmpcode;
-	int		 state_icmp = 0;
+	int		 icmp_dir, iidx, ret, multi;
 	struct pf_state_key_cmp key;
+#ifdef INET
+	u_int16_t	 icmpid;
+#endif
+
+	MPASS(*state == NULL);
 
 	bzero(&key, sizeof(key));
 	switch (pd->proto) {
@@ -6420,49 +6625,43 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 		icmpcode = pd->hdr.icmp.icmp_code;
 		icmpid = pd->hdr.icmp.icmp_id;
 		icmpsum = &pd->hdr.icmp.icmp_cksum;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+#ifdef INET
 		icmpid = pd->hdr.icmp6.icmp6_id;
+#endif
 		icmpsum = &pd->hdr.icmp6.icmp6_cksum;
-
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	}
 
-	if (!state_icmp) {
+	if (pf_icmp_mapping(pd, icmptype, &icmp_dir, &multi,
+	    &virtual_id, &virtual_type) == 0) {
 		/*
 		 * ICMP query/reply message not related to a TCP/UDP packet.
 		 * Search for an ICMP state.
 		 */
-		key.af = pd->af;
-		key.proto = pd->proto;
-		key.port[0] = key.port[1] = icmpid;
-		if (pd->dir == PF_IN)	{	/* wire side, straight */
-			PF_ACPY(&key.addr[0], pd->src, key.af);
-			PF_ACPY(&key.addr[1], pd->dst, key.af);
-		} else {			/* stack side, reverse */
-			PF_ACPY(&key.addr[1], pd->src, key.af);
-			PF_ACPY(&key.addr[0], pd->dst, key.af);
+		ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir,
+		    kif, virtual_id, virtual_type, icmp_dir, &iidx,
+		    PF_ICMP_MULTI_NONE);
+		if (ret >= 0) {
+			if (ret == PF_DROP && pd->af == AF_INET6 &&
+			    icmp_dir == PF_OUT) {
+				if (*state != NULL)
+					PF_STATE_UNLOCK((*state));
+				ret = pf_icmp_state_lookup(&key, pd, state, m,
+				    pd->dir, kif, virtual_id, virtual_type,
+				    icmp_dir, &iidx, multi);
+				if (ret >= 0)
+					return (ret);
+			} else
+				return (ret);
 		}
 
-		STATE_LOOKUP(kif, &key, *state, pd);
-
 		(*state)->expire = time_uptime;
 		(*state)->timeout = PFTM_ICMP_ERROR_REPLY;
 
@@ -6485,14 +6684,14 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 					    pd->ip_sum,
 					    nk->addr[pd->didx].v4.s_addr, 0);
 
-				if (nk->port[0] !=
+				if (nk->port[iidx] !=
 				    pd->hdr.icmp.icmp_id) {
 					pd->hdr.icmp.icmp_cksum =
 					    pf_cksum_fixup(
 					    pd->hdr.icmp.icmp_cksum, icmpid,
-					    nk->port[pd->sidx], 0);
+					    nk->port[iidx], 0);
 					pd->hdr.icmp.icmp_id =
-					    nk->port[pd->sidx];
+					    nk->port[iidx];
 				}
 
 				m_copyback(m, off, ICMP_MINLEN,
@@ -6857,13 +7056,15 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMP;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp_id;
+			icmpid = iih.icmp_id;
+			pf_icmp_mapping(&pd2, iih.icmp_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
 
-			STATE_LOOKUP(kif, &key, *state, pd);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0)
+				return (ret);
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6873,21 +7074,23 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp_id)
-					pf_change_icmp(pd2.src, &iih.icmp_id,
+				    (virtual_type == ICMP_ECHO &&
+				    nk->port[iidx] != iih.icmp_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP_ECHO) ?
+					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP_ECHO) ?
+					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp_id)
-					pf_change_icmp(pd2.dst, &iih.icmp_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
-					    pd2.ip_sum, icmpsum,
-					    pd->ip_sum, 0, AF_INET);
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
+					    pd2.ip_sum, icmpsum, pd->ip_sum, 0,
+					    AF_INET);
 
 				m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
 				m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2);
@@ -6909,13 +7112,25 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMPV6;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp6_id;
-
-			STATE_LOOKUP(kif, &key, *state, pd);
+			pf_icmp_mapping(&pd2, iih.icmp6_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0) {
+				if (ret == PF_DROP && pd->af == AF_INET6 &&
+				    icmp_dir == PF_OUT) {
+					if (*state != NULL)
+						PF_STATE_UNLOCK((*state));
+					ret = pf_icmp_state_lookup(&key, pd,
+					    state, m, pd->dir, kif,
+					    virtual_id, virtual_type,
+					    icmp_dir, &iidx, multi);
+					if (ret >= 0)
+						return (ret);
+				} else
+					return (ret);
+			}
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6925,19 +7140,21 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp6_id)
-					pf_change_icmp(pd2.src, &iih.icmp6_id,
+				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    nk->port[pd2.sidx] != iih.icmp6_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp6_id)
-					pf_change_icmp(pd2.dst, &iih.icmp6_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c
index eb3d087e3df6..4fcad7e578a8 100644
--- a/sys/netpfil/pf/pf_lb.c
+++ b/sys/netpfil/pf/pf_lb.c
@@ -225,6 +225,23 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 	if (pf_map_addr(af, r, saddr, naddr, NULL, &init_addr, sn))
 		return (1);
 
+	if (proto == IPPROTO_ICMP) {
+		if (*nport == htons(ICMP_ECHO)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#ifdef INET6
+	if (proto == IPPROTO_ICMPV6) {
+		if (*nport == htons(ICMP6_ECHO_REQUEST)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#endif /* INET6 */
+
 	bzero(&key, sizeof(key));
 	key.af = af;
 	key.proto = proto;
@@ -633,7 +650,7 @@ pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off,
 	switch (r->action) {
 	case PF_NAT:
 		if (pd->proto == IPPROTO_ICMP) {
-			low  = 1;
+			low = 1;
 			high = 65535;
 		} else {
 			low  = r->rpool.proxy_port[0];

From nobody Wed Aug  7 13:44:23 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHC6sWbz5S9Lp;
	Wed, 07 Aug 2024 13:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHC4zBFz4hjG;
	Wed,  7 Aug 2024 13:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038263;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4Hj/Mz6Gf4oOw9OPqEtJhV/sjTGThYOjpADtP976GI0=;
	b=vyvVwdl2t5fS2j+bdtMorKaGDpZgVgsCM3on1c37LJyYWCXg8Nz0EilIhNHrspiR0jUm/x
	xmIjt03+49d5nnXiph4YfhqUS2uvy+EzOWZFx3ak9EkngIZj7HWcBT7DQXiQo9cHOhrI2W
	q/jpev1XAJBFGBbjB2nZj3OmG0dFrdGemDwKs6hyj0podwKRNaYWcvv3r33N3eeqEoomt/
	RoZIqJ3Zh14Uw6LE7NK3FBkJUyvsAbnlgkY0OsuwQP2d5/ngZ0yN8NWhn5sHvbekQZrSjo
	BhyeWzOeZJ1yR35llGwn2l9hcPCOYOpzDLF5BpeaHhD0WXXT1YxoALfPdD2S6A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038263; a=rsa-sha256; cv=none;
	b=vuXDuHDSzUUN+95KIT5psIfiD8PwvoP9+xKZJIvHM+Cu/zTI84WpIRSRTWc0rAwGyYBK3B
	Q+QiFmADB5jqs3/UhW/5LRDmEjGY0JMz6talHFUxawNLSUUOpC7j/8wsw+3+4Qq2sdica+
	JfgOAkgSCpXtmOJyYuncdGBOfMDdJzFPLM09Yj6+ZvhmndyBPPWL1a56Kxjiwo1K7sAdcy
	9x1oNJnn7BWM9PK7cFeCUdhAzKEMR4fPkDHtFHWcvSCFuqhfsP1HAEbdI48Pax0+gaGbVF
	sM8f2ItxtmmM5Ae+tO20fZTtNdfYAVEXA09dSMn6DPgCcX+6kj5+1jZ0KDFAyA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038263;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4Hj/Mz6Gf4oOw9OPqEtJhV/sjTGThYOjpADtP976GI0=;
	b=SsiDNwvoXHKL0YT3GnSbf7URtdvDbt9lBmxhDi32gv14zrqsMFKk0iGMezF3omgirkN9KX
	jFGaQsThs2FDP0hmtZE+4gcIchd3IKkOBix2WrE0tl3w1eWrDNshUMp9iTV3cy38PyXxfb
	Sj3htKA0i/SGwgPyLPKyjwE4VfLql4W0uzLMxR3aWwk3LeICq0wbrQFZWpj8zPjAqdYMzd
	vEnMTz6g4cMOb7QS60YUt132CcgPgtWMSGpttCtPUu8NvXWe/I8YfNoMFGvpZlIMExuN6X
	tEF/KJMZbcSQIWu3iVyX4Z0mudasahcltlq8ugsUp9kTxSpdKKJPgghj+p80HA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHC4NClzsmM;
	Wed,  7 Aug 2024 13:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiNq7033477;
	Wed, 7 Aug 2024 13:44:23 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiNMS033474;
	Wed, 7 Aug 2024 13:44:23 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:23 GMT
Message-Id: <202408071344.477DiNMS033474@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c95f99c0abb3 - releng/14.1 - pf: some ICMP types that
  also have icmp_id, pointed out by markus@
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: c95f99c0abb31b4d68f9672aa85a8e248a159f6f
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c95f99c0abb31b4d68f9672aa85a8e248a159f6f

commit c95f99c0abb31b4d68f9672aa85a8e248a159f6f
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 11:32:03 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:32:00 +0000

    pf: some ICMP types that also have icmp_id, pointed out by markus@
    
    ok henning markus
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 8c0632cd274b
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit e296b0de9e467b8c5eb853f6cf4c6ea28d4119a2)
    (cherry picked from commit c5081b8d3918564c1aba5a5e3f0a5219568e3435)
---
 sys/netpfil/pf/pf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 3212a1443f63..b4c310796cf4 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1766,21 +1766,21 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 		*icmp_dir = PF_IN;
 	case ICMP_TSTAMPREPLY:
 		*icmptype = ICMP_TSTAMP;
-		*icmpid = 0; /* Time is not a secret. */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_IREQREPLY:
 		*icmptype = ICMP_IREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_MASKREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_MASKREPLY:
 		*icmptype = ICMP_MASKREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IPV6_WHEREAREYOU:

From nobody Wed Aug  7 13:44:24 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHF0l5pz5S94g;
	Wed, 07 Aug 2024 13:44:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHD5yfJz4hlh;
	Wed,  7 Aug 2024 13:44:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038264;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kIdNlB+FDyp881eO+osRCZusZm8p41naOOVeu5Frd/M=;
	b=n5A0EHDM0uB2+kceiXJ5ieWyVPD7LA+39vtyKGEBqm+7DFVfp+vCLVevMZuTPwaf3tnGRp
	QtJjgYLybkGST1amAdLwNhscC12HS6kveTXi9Ssyt7KLgyUKSaPIC7YlqmmFTaDefcWpnL
	mNZxpnXYSpiWxJpdYCNOZD2dCoVLEhIXRqhOijGR5cnFQYUCYVxfHS6pqvvpx59cqYAtGr
	vMe2ZPMbVrQZNvePb5AzogrHjnPfTROkfbwpKty3RdOcl/OrRrgmS4PNgj4MOf5LURfET0
	E3uTyCFAHXu2L9f5n87niXORSaxQ48LKZoxGVOcXXhqZfUexYuW06Pq96I6zXQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038264; a=rsa-sha256; cv=none;
	b=GddZEckuSdmEFjJysgIl8jvNOTqvmcfqFVwlYuLZZIHnuTcDaon9PLTLU3TMcaPK61gQ6x
	bVtipFX6I0q2wKM4qRj9okT5Za1EbjLF/X5MXeKz+y5E3vZqilnlV7rjv/XLBFZurRkKlU
	hJma9bjFvKZhXN40vsnjXzKybHj8wka1wImY6fU7FTU5XJNmrmHWVZ0ePkJAcylVyFsONG
	uu2lLs5lMZabAIRnHqOHMZyR459nv1FaihC+65eBMNnPwv+WEwQyXJHmV2u2fX0hfy++M5
	Cxbbd+sV7NAUD3Q6X0DivTC6g1x00CWb7a2iM6VvsqyQDfpM3WoGcJLgn8EU4w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038264;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kIdNlB+FDyp881eO+osRCZusZm8p41naOOVeu5Frd/M=;
	b=EryOw9CoQTltqH1i4Tg5Cu9Uunr5yFr0SxCQQqUs784Yqcg+xwWq7eU6GHjQGylfzBhTru
	lihSUX8cOeaYjFXlqIAaD7W5rS1LU8Jmvsk5NmAz+5b1vrhZHpGqQ9tEg8U2l/4oVlZ2FL
	Y+BwlzujTOxDAQs6CtQ+GCuAiWcrC/qRs/Br3l6iHzLk5q96JbY3Djw3sren5lCSJfHa9p
	zJns5jGloqTQ9lQPzluBFdJjL2W4DHnraQZ19wRLWqmqmDTDYZBD+lLdtTM3H9sDErpeLX
	JEfCzNRs2T0OotWC5MCy4oWSZ+tKD92m8WbGL2YSq74vYYNLuYUCYG3DpyLDDQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHD5LTfzsV7;
	Wed,  7 Aug 2024 13:44:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiOEj033527;
	Wed, 7 Aug 2024 13:44:24 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiOC4033524;
	Wed, 7 Aug 2024 13:44:24 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:24 GMT
Message-Id: <202408071344.477DiOC4033524@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 6979b4db10b8 - releng/14.1 - pf: split ICMP/ICMPv6
  number space in pf_icmp_mapping()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 6979b4db10b8c438e0afdf8b05069e6d3057102a
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=6979b4db10b8c438e0afdf8b05069e6d3057102a

commit 6979b4db10b8c438e0afdf8b05069e6d3057102a
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:10:50 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:32:12 +0000

    pf: split ICMP/ICMPv6 number space in pf_icmp_mapping()
    
    In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same
    number space.  In fact they are independent and must be handled
    separately.  Fix traceroute via pf by splitting pf_icmp_mapping()
    into IPv4 and IPv6 sections.
    ok henning@ mcbride@; tested mcbride@; sure deraadt@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, bluhm <bluhm@openbsd.org> ef4bccd7509e
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 46755f52247bd34a7f013d6844ed0c673ac0defc)
    (cherry picked from commit 7f77305a5ba421f901cf3ac59a6449a70645fda4)
---
 sys/netpfil/pf/pf.c | 247 ++++++++++++++++++++++++++++------------------------
 1 file changed, 135 insertions(+), 112 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index b4c310796cf4..275c29d20fd5 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1744,7 +1744,7 @@ pf_isforlocal(struct mbuf *m, int af)
 
 int
 pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
-    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+    int *icmp_dir, int *multi, u_int16_t *virtual_id, u_int16_t *virtual_type)
 {
 	/*
 	 * ICMP types marked with PF_OUT are typically responses to
@@ -1754,128 +1754,151 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 	*icmp_dir = PF_OUT;
 	*multi = PF_ICMP_MULTI_LINK;
 	/* Queries (and responses) */
-	switch (type) {
-	case ICMP_ECHO:
-		*icmp_dir = PF_IN;
-	case ICMP_ECHOREPLY:
-		*icmptype = ICMP_ECHO;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+	switch (pd->af) {
+#ifdef INET
+	case AF_INET:
+		switch (type) {
+		case ICMP_ECHO:
+			*icmp_dir = PF_IN;
+		case ICMP_ECHOREPLY:
+			*virtual_type = ICMP_ECHO;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_TSTAMP:
-		*icmp_dir = PF_IN;
-	case ICMP_TSTAMPREPLY:
-		*icmptype = ICMP_TSTAMP;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_TSTAMP:
+			*icmp_dir = PF_IN;
+		case ICMP_TSTAMPREPLY:
+			*virtual_type = ICMP_TSTAMP;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_IREQREPLY:
-		*icmptype = ICMP_IREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_IREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_IREQREPLY:
+			*virtual_type = ICMP_IREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_MASKREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_MASKREPLY:
-		*icmptype = ICMP_MASKREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_MASKREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_MASKREPLY:
+			*virtual_type = ICMP_MASKREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IPV6_WHEREAREYOU:
-		*icmp_dir = PF_IN;
-	case ICMP_IPV6_IAMHERE:
-		*icmptype = ICMP_IPV6_WHEREAREYOU;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_IPV6_WHEREAREYOU:
+			*icmp_dir = PF_IN;
+		case ICMP_IPV6_IAMHERE:
+			*virtual_type = ICMP_IPV6_WHEREAREYOU;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_MOBILE_REGREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP_MOBILE_REGREPLY:
-		*icmptype = ICMP_MOBILE_REGREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_MOBILE_REGREQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP_MOBILE_REGREPLY:
+			*virtual_type = ICMP_MOBILE_REGREQUEST;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_ROUTERSOLICIT:
-		*icmp_dir = PF_IN;
-	case ICMP_ROUTERADVERT:
-		*icmptype = ICMP_ROUTERSOLICIT;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_ROUTERSOLICIT:
+			*icmp_dir = PF_IN;
+		case ICMP_ROUTERADVERT:
+			*virtual_type = ICMP_ROUTERSOLICIT;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-#ifdef INET6
-	case ICMP6_ECHO_REQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_ECHO_REPLY:
-		*icmptype = ICMP6_ECHO_REQUEST;
-		*icmpid = pd->hdr.icmp6.icmp6_id;
-		break;
+		/* These ICMP types map to other connections */
+		case ICMP_UNREACH:
+		case ICMP_SOURCEQUENCH:
+		case ICMP_REDIRECT:
+		case ICMP_TIMXCEED:
+		case ICMP_PARAMPROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
 
-	case MLD_LISTENER_QUERY:
-		*icmp_dir = PF_IN;
-	case MLD_LISTENER_REPORT: {
-		*icmptype = MLD_LISTENER_QUERY;
-		*icmpid = 0;
+		/*
+		 * All remaining ICMP types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
+#endif /* INET */
+#ifdef INET6
+	case AF_INET6:
+		switch (type) {
+		case ICMP6_ECHO_REQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP6_ECHO_REPLY:
+			*virtual_type = ICMP6_ECHO_REQUEST;
+			*virtual_id = pd->hdr.icmp6.icmp6_id;
+			break;
 
-	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
-	case ICMP6_WRUREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_WRUREPLY:
-		*icmptype = ICMP6_WRUREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case MLD_LISTENER_QUERY:
+			*icmp_dir = PF_IN;
+		case MLD_LISTENER_REPORT: {
+			*virtual_type = MLD_LISTENER_QUERY;
+			*virtual_id = 0;
+			break;
+		}
+		case MLD_MTRACE:
+			*icmp_dir = PF_IN;
+		case MLD_MTRACE_RESP:
+			*virtual_type = MLD_MTRACE;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case MLD_MTRACE:
-		*icmp_dir = PF_IN;
-	case MLD_MTRACE_RESP:
-		*icmptype = MLD_MTRACE;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ND_NEIGHBOR_SOLICIT:
+			*icmp_dir = PF_IN;
+		case ND_NEIGHBOR_ADVERT: {
+			*virtual_type = ND_NEIGHBOR_SOLICIT;
+			*virtual_id = 0;
+			break;
+		}
 
-	case ND_NEIGHBOR_SOLICIT:
-		*icmp_dir = PF_IN;
-	case ND_NEIGHBOR_ADVERT: {
-		*icmptype = ND_NEIGHBOR_SOLICIT;
-		*multi = PF_ICMP_MULTI_SOLICITED;
-		*icmpid = 0;
+		/*
+		 * These ICMP types map to other connections.
+		 * ND_REDIRECT can't be in this list because the triggering
+		 * packet header is optional.
+		 */
+		case ICMP6_DST_UNREACH:
+		case ICMP6_PACKET_TOO_BIG:
+		case ICMP6_TIME_EXCEEDED:
+		case ICMP6_PARAM_PROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
+		/*
+		 * All remaining ICMP6 types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
-
 #endif /* INET6 */
-	/* These ICMP types map to other connections */
-	case ICMP_UNREACH:
-	case ICMP_SOURCEQUENCH:
-	case ICMP_REDIRECT:
-	case ICMP_TIMXCEED:
-	case ICMP_PARAMPROB:
-#ifdef INET6
-	/*
-	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
-	 * ND_REDIRECT can't be in this list because the triggering packet
-	 * header is optional.
-	 */
-	case ICMP6_PACKET_TOO_BIG:
-#endif /* INET6 */
-		/* These will not be used, but set them anyways */
-		*icmp_dir = PF_IN;
-		*icmptype = htons(type);
-		*icmpid = 0;
-		return (1);	/* These types are matched to other state */
-	/*
-	 * All remaining ICMP types get their own states,
-	 * and will only match in one direction.
-	 */
 	default:
 		*icmp_dir = PF_IN;
-		*icmptype = type;
-		*icmpid = 0;
+		*virtual_type = type;
+		*virtual_id = 0;
 		break;
 	}
-	HTONS(*icmptype);
-	return (0);
+	HTONS(*virtual_type);
+	return (0);  /* These types match to their own state */
 }
 
 void
@@ -4708,7 +4731,7 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (virtual_type == ICMP_ECHO &&
+			if (virtual_type == htons(ICMP_ECHO) &&
 			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
@@ -7074,13 +7097,13 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    (virtual_type == ICMP_ECHO &&
+				    (virtual_type == htons(ICMP_ECHO) &&
 				    nk->port[iidx] != iih.icmp_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
@@ -7140,13 +7163,13 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    ((virtual_type == htons(ICMP6_ECHO_REQUEST)) &&
 				    nk->port[pd2.sidx] != iih.icmp6_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);

From nobody Wed Aug  7 13:44:25 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHG0h9Pz5S99L;
	Wed, 07 Aug 2024 13:44:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHF6bmjz4hpN;
	Wed,  7 Aug 2024 13:44:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038265;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hUsbUhBHNMVDoFafG2JK366kk0uN+9VCNkihdJGuZU4=;
	b=bnsXlTUOSjonsjYiP4X4ef+5PjAO/atKgHB2PwnRGNNHvfmZj9W7dOe+d7/ESQJhdO+boI
	u/T2hBjYcJiKmTDfDkSjOpS67oASL8MlExo/lbceyi4uGhpM/LkJP3d2n0mKF/xZWQmUyi
	/ECO8WIVz4o1ZknIosbq/Uybx3RNEVZWgt2XViGmos0F52v2LV49aN92pPAV5jz0AwzHBq
	F0bhEAMoqHDb5PWRumULDB9tfUFG3Gfqk9NCnr28VVEAHMN9LAjqODAz/NWYt6XUOR3RDg
	DFDdGecJslzJ6vw1vLFqKAKvufm/YJR4nH+fY+oB3fkoIe+h0yXhaym4I/AR2Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038265; a=rsa-sha256; cv=none;
	b=jvJngcToqIARIY9YLE32ma0x6BHzu7sncW1En5WPOf2OoQXLBt+R/cenj3Ou3oVLcFN0/S
	ZB1c+OfLZfQxYa5ofi6GOFy1N1o7FBat2nY2ROGvzKvVtmP3ms+do+QSdQe4mc7fce67q2
	I/hnmN8FHsrR6gUzFJ7si5Q0K1nFfiChDymqWfXyehDxRKz0UjiecyX1sYZhzguzkxBpy1
	5i4lhFvsP/8es2Y7bXvmwg9NLHA6bCUvxLFRSZelWkckT0QmYyu95htKeKXzqv4f6aLT2o
	75OPVHNF9nj0XQ6GFLHha1b3lIG9yCh8W97I/BwQFWgHn9+JVl7RfbcQPRLhcA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038265;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hUsbUhBHNMVDoFafG2JK366kk0uN+9VCNkihdJGuZU4=;
	b=pRUqNTw0xFIh2nKsrXvt80M5IonKb6Pbi9wiN4UUolXmr0ewgD6NOv8EvowP6t5bXxBtZo
	XXWxRw3oa8WlAuTtmI4M+Aoczkw2YqYSqTCr7vCTGHOjIbxIpNN5PrmehbZPEl1qxg+Xzi
	QdeBOmOAIyrmvScexZWVsDOJtkuybSVEjlAigtCx0HwxnML/9lrTsSO+0uzwVI5nMXEA4i
	FteTdqnnamvTFa2C5bRhx7kJ0l/4/NSCUxcv6otmVmDWBgMUfMXWsqyvWv1WETHEk6FGRU
	jdC0Hvx2GOoNDw1nB1i/ddwWUwqHqUhA8WawlsdGdFefyuaQCw0ag/wXxutd2Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHF6676zsV8;
	Wed,  7 Aug 2024 13:44:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiPvt033581;
	Wed, 7 Aug 2024 13:44:25 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiPiY033578;
	Wed, 7 Aug 2024 13:44:25 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:25 GMT
Message-Id: <202408071344.477DiPiY033578@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: a66d33fcf334 - releng/14.1 - pf: allow MLD LR to be
  sent without state
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: a66d33fcf334ec0b8f5a13575f9788b269f4a3fa
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=a66d33fcf334ec0b8f5a13575f9788b269f4a3fa

commit a66d33fcf334ec0b8f5a13575f9788b269f4a3fa
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:36:18 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:32:20 +0000

    pf: allow MLD LR to be sent without state
    
    Change PF behavior to allow MLD Listener Report packets to be sent
    without needing a previously created state by MLD Listener Query. It
    wasn't working because: (1) you might not have a previous MLD Listener
    Query and (2) the addresses of the Query and Report don't match.
    
    ok mikeb@, sashan@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, rzalamena <rzalamena@openbsd.org>, 5c526dbdb0f2
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 1afe4da75d1d2acd33b25eea942af28aa41c82c2)
    (cherry picked from commit 3382c691dc6a0d4e1f39ff67b5507f6542972498)
---
 sys/netpfil/pf/pf.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 275c29d20fd5..1cc85edfe3dc 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1843,8 +1843,15 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 			break;
 
 		case MLD_LISTENER_QUERY:
-			*icmp_dir = PF_IN;
 		case MLD_LISTENER_REPORT: {
+			/*
+			 * Listener Report can be sent by clients
+			 * without an associated Listener Query.
+			 * In addition to that, when Report is sent as a
+			 * reply to a Query its source and destination
+			 * address are different.
+			 */
+			*icmp_dir = PF_IN;
 			*virtual_type = MLD_LISTENER_QUERY;
 			*virtual_id = 0;
 			break;

From nobody Wed Aug  7 13:44:26 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHH27p3z5S97V;
	Wed, 07 Aug 2024 13:44:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHH0hlLz4hm4;
	Wed,  7 Aug 2024 13:44:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038267;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OOKkTYTddnrAE/+9BpzUQI2C2LheFb36kZCwEvrw8Ho=;
	b=FcAbwgZg0WbUVvyg0B6lN0FcFU86eTbO5ci2Z+NsIT+Fkt3x3xiKOToj74Ybq0WquaeDuA
	6cb03TsnWruKfUmnUOWMj/z4D38pmNtWL7xTbY/NY2f29P8erAE89bUi2Qg0/MQTvP/V/T
	D5TGJ+uAZBKxssGzpRV6TBGW2GiLXar5HFUn2El1yID0JiqYZTFlgYsTge5MjibNCOyHjY
	4erOYGs783pdgRI3p1kSMQjn6q4NsgFXsQsGUK1M1xiPycdXhR5s+1sEBUM5SovU97+u2S
	awz8EH0cFh7Hndlh99naGPWM3xH0IyEKDUlkHumYVGSLqGFr2x5SSX7ZDHwFsg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038267; a=rsa-sha256; cv=none;
	b=ALg3A9nL297kXYVewqyb7onwCuZoII1cpMFxujZnlCqqN0wNY201wToOXuMGEMu8pAzgDS
	gujW1K8ooxtCSBqawUm2uR0AbVmilEFIlbqkgZwdjUx2yxR1zqAa1HNm7KDRf0UPhK171P
	LnOIqnXEOOWNVNpnuqAHT6ns0YTPD3F+CQKBnrX7z5Sb3ELMAbBOdRm1EjI7O/eIVH9Yry
	9gBXJ0gVP3qzOGhwT0wTtjZq9LqC1fw+aYamUA1JM98t7s7tHWBtkRNou9WumRbAUwSDJi
	PH19RsISXXViVJPW2XDCAl2c8cA0NB4TIOL6F1m8WTG5hfLJR+4yZOGwwEBoqA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038267;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OOKkTYTddnrAE/+9BpzUQI2C2LheFb36kZCwEvrw8Ho=;
	b=OJ1t2O85snELnDcb/BlMDeoPZnUORK978FfNTrNXXpLuabh4n3Rek1mLOOnEfAWoXSv8/v
	bfk/fUcSX+A5PqdalwnTMYBhkRZQVkdXgVxktJUQuUunLlnh+2uVxAQsjYUwGID2Z8o/hv
	57qjXMuqyEKEBn1UvalzilA5oPmvkeXHMXbgLYCRHGjr7grY/GNyZoP6aXJjMCzJjf6Fp5
	RMwghkxdZb1IrKDLpLjVt3FPncVW/nC4V84OeZtIwS81AoKg0eBABzX3kKhr4g4gfE1y8T
	WGzEOho+JI7qG24OK1QP8dQzfBtnmHib1BAy42Zbure5OZOg7z1F+TsclevpdA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHH0K17zsgf;
	Wed,  7 Aug 2024 13:44:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiQqN033626;
	Wed, 7 Aug 2024 13:44:26 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiQIA033623;
	Wed, 7 Aug 2024 13:44:26 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:26 GMT
Message-Id: <202408071344.477DiQIA033623@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 450425089212 - releng/14.1 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 4504250892124d6282ca931dd5f612afb8b799f6
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=4504250892124d6282ca931dd5f612afb8b799f6

commit 4504250892124d6282ca931dd5f612afb8b799f6
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:32:25 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    
    Approved by:    so
    Security:       FreeBSD-SA-24:08.openssh
    Security:       CVE-2024-7589
    
    (cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)
---
 crypto/openssh/sshd.c        | 2 --
 crypto/openssh/sshd_config   | 2 +-
 crypto/openssh/sshd_config.5 | 2 +-
 crypto/openssh/version.h     | 2 +-
 4 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 0c83e0ea468e..889f2056bc75 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index a06f8fcc13d1..7f559775e3b3 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -105,7 +105,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20240318
+#VersionAddendum FreeBSD-20240806
 
 # no default banner path
 #Banner none
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 0715b1f9d581..4de510ac8795 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -1944,7 +1944,7 @@ The default is
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
 The default is
-.Qq FreeBSD-20240318 .
+.Qq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 836b5650b247..82be0be8498f 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Wed Aug  7 13:44:28 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHJ3HM3z5S9L4;
	Wed, 07 Aug 2024 13:44:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHJ1bH6z4hyv;
	Wed,  7 Aug 2024 13:44:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038268;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rb+M5nWNd3cr3MVEa2z6uLURyPWk4yMVVaXqdwnQ2Yg=;
	b=KkzmTNnSGhcRhJ0irC7ef6FMTZKipfeictUMTMfXkrvhA68HHHjAxd/bFRMO4QQkOcNvWJ
	+WYrkOHZI4kI14nZokHG5ovqXN/exp3FOH8kPxytTktPgXU2qgdRs4O/HnxH8DXw+7GCDB
	TmXX9aHJYvaBVAqnX93RGBlR9xgltK0m5JyS0MuiARV9uchcdLfm7RBcYM2Ht/qiOhO9i4
	Aksfizo3SvrZA89X0RU9rmYEnPx9l1plqZnIYfqhdMP6HoVGDem+clZmijXC7vkwbZjN/S
	BHszF+RijcOZ0nY3wt8rd02SB04jQPndOzCCOYIvQzZn9OG82I6tU6CKjRkZyA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038268; a=rsa-sha256; cv=none;
	b=oTyFBumbldCvyo29p0cdqKulzWLyu+DYW3XFmcJ0be6qSj+symSnlVskdUnY+8HDvasDpN
	PRzu1zu8o8GBvahjUwnf83ccv0kLpyM1zg9T/QexbppIti9i0hRNsZ3B4x2sw3J/gueUMT
	ijvQdEJE2ck24df+5OPGlEz32MUvFZmG6hWgGuebBt2RSpfOOJpeSa0CG89Uet+RRNM1Sp
	fXxgqhcIou/oaXb6q3SxsJtkxHmCQJqkuG4/vbSGbfGe/ylDQqHGC7MoxTP3ifp7NJ4ySA
	wBTMW5vA58is6e4MUYZSW3PL7ooXfdFj4pn+ppe5NSJf+UVdc5I0wZ47ywnz5A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038268;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rb+M5nWNd3cr3MVEa2z6uLURyPWk4yMVVaXqdwnQ2Yg=;
	b=AZujMzNLBBedsABVH0H1ub7E8BevUbt/LTpTRzY5K9Xso8chB9WHh5VZ+Bs3MqlycoamIE
	zgGbgz33UwScCNnPxI+H/kOMENtzubDUUS+tCtva6N9iUrUK4Y/HBmVaTI3/zqqpLXNyhl
	b89of6ey8i/SIszk3GztSEsMsmagQy/qyJX+Xgy85WmWr9FDUpAeW0ijB0011U2yJpyxlZ
	hkNoA3tOZqQNLc/jx3h8kr1qc8i2K5/4EUx+NtrjAPedHN4t9UpaYRTySQ8DwPrNd+26mW
	fkXbltD9CzssdiTj13B0IkcaT5EGXdnJUts2CnEKIkd+bqecDJJ9qWY+hYzn0Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHJ0hzkzsmN;
	Wed,  7 Aug 2024 13:44:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiSDF033672;
	Wed, 7 Aug 2024 13:44:28 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiSlx033669;
	Wed, 7 Aug 2024 13:44:28 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:28 GMT
Message-Id: <202408071344.477DiSlx033669@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: b9115dba07e8 - releng/14.1 - ifconfig: Fix default
  netmask calculation
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: b9115dba07e8e7035cb54a7eb319e7166c59c7a4
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=b9115dba07e8e7035cb54a7eb319e7166c59c7a4

commit b9115dba07e8e7035cb54a7eb319e7166c59c7a4
Author:     Michael Gmelin <grembo@FreeBSD.org>
AuthorDate: 2024-06-12 16:11:52 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:32:56 +0000

    ifconfig: Fix default netmask calculation
    
    Approved by:    so
    Security:       FreeBSD-EN-24:14.ifconfig
    Reported by:    phk
    Reviewed by:    emaste, kp
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D45570
    
    (cherry picked from commit 8a9f0fa42b1c6cffd45459bb552e138083b00369)
    (cherry picked from commit 048ad7a9ef9fe15368ff287db5c705c8163f4e1c)
---
 sbin/ifconfig/af_inet.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sbin/ifconfig/af_inet.c b/sbin/ifconfig/af_inet.c
index 5e3084165b33..e21956cfc4fd 100644
--- a/sbin/ifconfig/af_inet.c
+++ b/sbin/ifconfig/af_inet.c
@@ -440,7 +440,7 @@ in_exec_nl(if_ctx *ctx, unsigned long action, void *data)
 static void
 in_setdefaultmask_nl(void)
 {
-        struct in_px *px = sintab_nl[ADDR];
+	struct in_px *px = sintab_nl[ADDR];
 
 	in_addr_t i = ntohl(px->addr.s_addr);
 
@@ -451,11 +451,11 @@ in_setdefaultmask_nl(void)
 	 * we should return an error rather than warning.
 	 */
 	if (IN_CLASSA(i))
-		px->plen = IN_CLASSA_NSHIFT;
+		px->plen = 32 - IN_CLASSA_NSHIFT;
 	else if (IN_CLASSB(i))
-		px->plen = IN_CLASSB_NSHIFT;
+		px->plen = 32 - IN_CLASSB_NSHIFT;
 	else
-		px->plen = IN_CLASSC_NSHIFT;
+		px->plen = 32 - IN_CLASSC_NSHIFT;
 	px->maskset = true;
 }
 #endif

From nobody Wed Aug  7 13:44:29 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHK4NFvz5S8rD;
	Wed, 07 Aug 2024 13:44:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHK2NkYz4j7P;
	Wed,  7 Aug 2024 13:44:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038269;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Xzh6jFuZZRZSLSQ9oX32EHeZNPMm+nWDIkaQfQl7L5s=;
	b=CLxTu7H0f5RrjwL1n59gbiQw6pkQUOTOApG9KJX/mN+MN3ajS6RKfmwy4cHGn8WDaaUff5
	fHYFobCvQs9Rd0dznDhtW1oCGhAMBJQMHs5NBmRtQ2FwPU/Vuf8Eld85dybZ4PXByP7yrV
	h++1db07U0SesXUokR8JBACC8n/rWXCTIDGgmQSqNAAJgcjPl3y1ltqVCh6Rdk0/io063A
	RKHmv9I4tZgCulDNFdh8SImVpxSxTGK6mjH//Er5ITpbyT/lz8ygu8qOWPXAsDG+wognOm
	798BAL77rtq9IMMATiKd4dwCPEXqZwdgUDnpJmz1TRK1WRp5Yg300f5LqRTZLg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038269; a=rsa-sha256; cv=none;
	b=rgb0rl0n84ReR5Yhz9t0fWr5jJAgsL3oyciPbPs5Z7mw3y3zVNagU+3vs7PGvdP5chTrSo
	4b324v43/kIGKM8CD0MlbCOhRK5cSGB2P/D43DNiNyilsnymraF7I2vFQ8m3rix+x8nCO4
	vgaehzW16szqCX4DTPblxNIxwA0C43zJDfoBiUw6g9anky1rKXzEZPvMHMI/XDkpAFNt7U
	pRbjszlOvSNRyhq3l+VL1lA7iJiImarqiRguhZm8KrneHYC8zuttUWvEIXK9gfmVT90clZ
	+6XRnrcP7xv+PjIur/w6ERLaqr/QPBZTp5KslytiYMa3H4r9qhof3Y0C1rTvLA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038269;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Xzh6jFuZZRZSLSQ9oX32EHeZNPMm+nWDIkaQfQl7L5s=;
	b=UB2aPmuTLf2O5bArgoKZBU8kfYg+XaPpazDEPE46E33ygKlI25N2OuhHfU8js+7dPM/RV2
	VZ9CPW+vMF5tC3JmgSFfgL8CKg6tdBCTmP+kYqRdK+wLyCC/ypZ1EUSfTtrKhfVVtNesdE
	yQAbQ1ubwH13Cg8JdP2Vb9CS/r0yIoQkhFDKKi+pOeaaGixeXD8ruC4Kk5YUtPdbN3hSrX
	fwoFGIKnlaALHSnGWJdizA3XXoQm8Ft4yDJ7js6AgSRmUO31Occim08Hjn7DJvau7Erzmp
	oRgFGclGJcVWjXbAxPy9eaIrCyfp14IlvzhEgU6fm18Gtv3NvWBjCf25gql1gA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHK1xbVzsjQ;
	Wed,  7 Aug 2024 13:44:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiTMf033720;
	Wed, 7 Aug 2024 13:44:29 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiT9U033717;
	Wed, 7 Aug 2024 13:44:29 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:29 GMT
Message-Id: <202408071344.477DiT9U033717@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 22d04990cee5 - releng/14.1 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 22d04990cee5af5455490391ec386e8af3d368e5
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=22d04990cee5af5455490391ec386e8af3d368e5

commit 22d04990cee5af5455490391ec386e8af3d368e5
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:27 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Security:       FreeBSD-SA-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
    (cherry picked from commit 8b400c8488f0b9e67ae269f6d8e5022a3bc7d854)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 4c1936edc301..c7ba8896506d 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -593,7 +593,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Wed Aug  7 13:44:30 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHM0rhfz5S8tm;
	Wed, 07 Aug 2024 13:44:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHL39B7z4j5F;
	Wed,  7 Aug 2024 13:44:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038270;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lxNpP3mlOYhsGNp+2mfsFg43RK43doC+buvYO8zUYSI=;
	b=bXk4+mxcJQnC8cL6zGjbmVOe71nQBbv2ICHGP1hJUQjBGHM+nsjutxptj/WgRS4BPdq+Tg
	7m59o1GJsB9vew5mbrGow4clYvMoNNH+taNufVpsHGqZffLRkNMb9NkLj/wPxQI1IjZRgY
	pZV1ymAuJCMh85Gkn6V1qR2HZqPzIy1kW8t8kNNpoR8wJjHGTLlxV2cssmM1CsE0WLcR0k
	5eJwS9bu9Ne4rRoErTA070BofoNXMFeTlYEz9+w/3Q0ktZjMDlQfc/3VCXsSfUsv1qBsx1
	IGI/PGCFrsCZR7PYmMMOThWcsKC1OM4X+AaWAfCLfOmO+/UHNOyEdN7Y5Ov1PA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038270; a=rsa-sha256; cv=none;
	b=dNVfcHU+Hzhma15+b7nskgpPYZb5Ra2uMJxFS6G9pw1bySa212WkI3fo7rJoBIBxRcj8Pz
	XDUb/uaR4VhsHbX/JBcUmflWqfCA+/tll+undF6fg8A4e6yD7rnDUZq5YxrhkEUPJGn3va
	5tKlh+jD6cbj28ISLKiFvxh2rJQg78E+sTgZJJjJONP/ujnwyBRM7owIwG/oA4HtATjjGQ
	bE/q6Lbc55MwbQdVGsUnqyKvGtCAe1PyvMOyCVvzczc7cYAjMMGF166jgKhYuboszzcy6i
	S1kGhmuTBZDrGKcGwLAvf4L0RMIyDopx6szY17isjuORsZvnU3hJXO7XwXGBAw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038270;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lxNpP3mlOYhsGNp+2mfsFg43RK43doC+buvYO8zUYSI=;
	b=nadChJ7aKaA8fGbXZK2rHcdqrexitfstIeJVhWpdc6L46tYxy9WaM/sJIT9Uw0yWJT2DCk
	/jGS6DjPcfaZDWYjzv9Jh3o/5NKPTgRjH9cUGVU2gKrvMkVwwL1fuTDViPfrK/z38GAWND
	5lXfWuEXXdN06GiWeTWAN1EAClkO3S+KZjf4xsagORKIOTH0QkYBHNG2WOi2gjqXSWatcR
	dBgskcqOk1ozQP2cqpbaNaO+e7oaKYogVHqu6CBi7H3+pZ5gfPnZA8dYitYbNCCGpDmfjV
	h/aNzAosNQi748+KXYW1GAF26lrEr0MalVW3Y8cs+aMf6gRHJSdCUi+sZ6jKKw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHL2n2szsjR;
	Wed,  7 Aug 2024 13:44:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiUnu033771;
	Wed, 7 Aug 2024 13:44:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiUBG033768;
	Wed, 7 Aug 2024 13:44:30 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:30 GMT
Message-Id: <202408071344.477DiUBG033768@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 1a207e5cdf99 - releng/14.1 - Add UPDATING entries and
  bump the branch version
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.1
X-Git-Reftype: branch
X-Git-Commit: 1a207e5cdf997bd5a04e020d26039844a0c1294f
Auto-Submitted: auto-generated

The branch releng/14.1 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=1a207e5cdf997bd5a04e020d26039844a0c1294f

commit 1a207e5cdf997bd5a04e020d26039844a0c1294f
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-06 22:39:32 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:30 +0000

    Add UPDATING entries and bump the branch version
    
    Approved by:    so
---
 UPDATING            | 17 +++++++++++++++++
 sys/conf/newvers.sh |  2 +-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index 34b099e2fe73..abdee5182989 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,23 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20240807:
+	14.1-RELEASE-p3	EN-24:14.ifconfig
+			SA-24:05.pf
+			SA-24:06.ktrace
+			SA-24:07.nfsclient
+			SA-24:08.openssh
+
+	Incorrect ifconfig netmask assignment [EN-24:14.ifconfig]
+
+	pf incorrectly matches different ICMPv6 states in the state table [SA-24:05.pf]
+
+	ktrace(2) fails to detach when executing a setuid binary [SA-24:06.ktrace]
+
+	NFS client accepts file names containing path separators [SA-24:07.nfsclient]
+
+	OpenSSH pre-authentication async signal safety issue [SA-24:08.openssh]
+
 20240701:
 	14.1-RELEASE-p2 SA-24:04.openssh
 
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index ba482a7931d2..ce03fb4fb9fa 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="14.1"
-BRANCH="RELEASE-p2"
+BRANCH="RELEASE-p3"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Wed Aug  7 13:44:39 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHX19TLz5S99d;
	Wed, 07 Aug 2024 13:44:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHW6HlTz4jQY;
	Wed,  7 Aug 2024 13:44:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038279;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=bvsv/o9mhKwWa9RMV8W7LHE+DILHbD58Sk+w373GdkM=;
	b=X0M0mqPYhT7DjC/y5iuM6TnqYNNVrNCInNLRyFkSzA5YkZDSDqZRglgR0BP+9DwOjUducm
	wUR8zP44e69eVw45Nw+9DaRflMMZipPxwGaWBAQptU3ZZD0L8Wa9hVWYcYJurLvzhfSlqV
	lwBlKnTIeBFXKQfoPP9PE9m0WIy/vhOk/k+Vin8OTlXh3nb5oBd0z3Qp0KU/Pbv6J77pw6
	KbKBnmtDEGajyFj7oJM2Kx6rzcdESBLgATZK0k8Pu2IY8K/GqZ4k7U5UOsdbTShewkU5DK
	PD+W1ilK7PtAiKOg8rq+hmRn11UDTgUCL/75DBGzkSFNYutI9D/mFSctN5grOw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038279; a=rsa-sha256; cv=none;
	b=BmHtyOYffrF9YaT2+wDJdp2o6ZZoeEiNZwSIhN3m0asBjR/VcxKUl31z158aX5bkE3jtis
	0zuvsXPPF+0v1zEx4P1FfMSTmSSC6iDqm4eGPFCcq2XWYrspmJzfA8RWvenXF++p8qOB/d
	bPTVUFfvMnU2TdNv9D+2Sd9lkvplcvNtp9ghKYFwcdca7T5yArQYlV1bzmq+IgeC5Taip0
	s9wR81ObnwqMp1bRzcsZvhauwHVwL3cMuW67FsTnP+Kg2TBaVVUpmJYwjdaFpRSqesj/z8
	7KT6jSOA90ObeSwSf4QEDoqvXc2ryBrf7UZVo6XSPRDXyAD4rr+JOsZQkShvKg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038279;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=bvsv/o9mhKwWa9RMV8W7LHE+DILHbD58Sk+w373GdkM=;
	b=bK/0LdO8pNh30RrYLgZeYMAEyWjTH6sO/r85c8cdyIDW9s2p4ZMygF5XwPDYhKCKeEZNdw
	+z+wveG4SvEk1oMonmB9bKCnHClKHhOQqh9vRIH6uU9unXhvjT3b7W65mNcFKySc4bDN9/
	8pFUPXltKvFEDAl9K8ENnYKh+PhCsYYk9t7K0c/RzDuM+GBNbi1Eyuoi8ExtwI3q3HHkKs
	IptKSONw/YmhvcV2aC5Cyrcu0k4OWMvi9X6JNpk0BbrvpPqbDLybTnyfismLgtcHkwXHl/
	BXzjM6muag223u3ysYaYpWiEYXyAvsk0nIizbc2Dh6xy26zsKAaTPR9s69tN8w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHW5vR6zsrY;
	Wed,  7 Aug 2024 13:44:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DidpQ034007;
	Wed, 7 Aug 2024 13:44:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Did6b034004;
	Wed, 7 Aug 2024 13:44:39 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:39 GMT
Message-Id: <202408071344.477Did6b034004@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 4e7bf17e9db8 - releng/14.0 - nfscl: Scan readdir reply
  filenames for invalid characters
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 4e7bf17e9db892ab47ede6c12aa0d2902c5ff795
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=4e7bf17e9db892ab47ede6c12aa0d2902c5ff795

commit 4e7bf17e9db892ab47ede6c12aa0d2902c5ff795
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2024-07-21 22:56:16 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:25:36 +0000

    nfscl: Scan readdir reply filenames for invalid characters
    
    The NFS RFCs are pretty loose with respect to what characters
    can be in a filename returned by a Readdir.  However, FreeBSD,
    as a POSIX system will not handle imbedded '/' or nul characters
    in file names.  Also, for NFSv4, the file names "." and ".."
    are handcrafted on the client and should not be returned by a
    NFSv4 server.
    
    This patch scans for the above in filenames returned by Readdir and
    ignores any entry returned by Readdir which has them in it.
    Because an imbedded nul would be a string terminator, it was
    not possible to code this check efficiently using string(3)
    functions.
    
    Approved by:    so
    Security:       FreeBSD-SA-24:07.nfsclient
    Security:       CVE-2024-6759
    Reported by:    Apple Security Engineering and Architecture (SEAR)
    
    (cherry picked from commit 026cdaa3b3a92574d9ac3155216e5cc0b0bd4c51)
    (cherry picked from commit 9328ded386d570c8455b9021e047520ef72e0e79)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 137 ++++++++++++++++++++++++++++++++--------
 1 file changed, 110 insertions(+), 27 deletions(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 7f886ad286e7..c63bff726c87 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -142,6 +142,7 @@ static int nfsrpc_createv4(vnode_t , char *, int, struct vattr *,
     nfsquad_t, int, struct nfsclowner *, struct nfscldeleg **, struct ucred *,
     NFSPROC_T *, struct nfsvattr *, struct nfsvattr *, struct nfsfh **, int *,
     int *, int *);
+static bool nfscl_invalidfname(bool, char *, int);
 static int nfsrpc_locku(struct nfsrv_descript *, struct nfsmount *,
     struct nfscllockowner *, u_int64_t, u_int64_t,
     u_int32_t, struct ucred *, NFSPROC_T *, int);
@@ -3224,6 +3225,31 @@ nfsrpc_rmdir(vnode_t dvp, char *name, int namelen, struct ucred *cred,
 	return (error);
 }
 
+/*
+ * Check to make sure the file name in a Readdir reply is valid.
+ */
+static bool
+nfscl_invalidfname(bool is_v4, char *name, int len)
+{
+	int i;
+	char *cp;
+
+	if (is_v4 && ((len == 1 && name[0] == '.') ||
+	    (len == 2 && name[0] == '.' && name[1] == '.'))) {
+		printf("Readdir NFSv4 reply has dot or dotdot in it\n");
+		return (true);
+	}
+	cp = name;
+	for (i = 0; i < len; i++, cp++) {
+		if (*cp == '/' || *cp == '\0') {
+			printf("Readdir reply file name had imbedded / or nul"
+			    " byte\n");
+			return (true);
+		}
+	}
+	return (false);
+}
+
 /*
  * Readdir rpc.
  * Always returns with either uio_resid unchanged, if you are at the
@@ -3276,6 +3302,8 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdir: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	/*
 	 * There is no point in reading a lot more than uio_resid, however
@@ -3533,6 +3561,17 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -3548,20 +3587,35 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				uiop->uio_iov->iov_base =
 				    (char *)uiop->uio_iov->iov_base + DIRHDSIZ;
 				uiop->uio_iov->iov_len -= DIRHDSIZ;
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)
@@ -3727,6 +3781,8 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirplusrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdirplus: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	timespecclear(&dctime);
 	*attrflagp = 0;
@@ -3962,6 +4018,17 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -3980,25 +4047,41 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				cnp->cn_nameptr = uiop->uio_iov->iov_base;
 				cnp->cn_namelen = len;
 				NFSCNHASHZERO(cnp);
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				if (len == 2 && cnp->cn_nameptr[0] == '.' &&
-				    cnp->cn_nameptr[1] == '.')
-					isdotdot = 1;
-				else
-					isdotdot = 0;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					if (len == 2 &&
+					    cnp->cn_nameptr[0] == '.' &&
+					    cnp->cn_nameptr[1] == '.')
+						isdotdot = 1;
+					else
+						isdotdot = 0;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)

From nobody Wed Aug  7 13:44:40 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHY15NBz5S9L7;
	Wed, 07 Aug 2024 13:44:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHX6yw1z4jNB;
	Wed,  7 Aug 2024 13:44:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038281;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QNkqo+rlQiIscrkEtDheFl7zQvuyD+2BrXWoNiqIelo=;
	b=oCA2OKjSR5ahnK5fknNyzSCgwSc2yooGTSbCOCmbVELbV9lTYB6efsq2/UyApS8Mtee5mY
	lLUOoG+6ld9tyPIicoeRXgoHC+6Kv/jK0o3dvB7+fyJjU8gaVtKdxbspkH9460TraRx2Q2
	ILpsVEWbkVciBcBwsap7v0BpIeKrX7uby5S5P0g6JNthEIZOBZcPNkwIvZ3dSlEzm8vUMb
	U7qiKM2fIn3mTBDW9MQw4RiaaiJZW683lkxHw04LQiPf7tKWyty2AVTu3zMmUwOokVv8hM
	0s6KgRNsTu02GRjoR7HsCGAK5Xo8uJijTFi9Wp59QAcwrndgYQvmCT9gbJyK7w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038281; a=rsa-sha256; cv=none;
	b=oXdA8SrlMeo7/ok2xaCVdxwyeu8c5UhbRdQQKrgh6TaDq450dhNikq3vOdUe32VfWAaqey
	ydyPCgJaSPetRpiAfXfvSBgjBZs6i4DvApRdSXZ6NCajsUeSf22Ol5iJhQPWgTEDhgX9gV
	zU68j6yzwuNHxOTDlpmsEl4cBXKveWpfdRloJlTOqgt/VUfPHm3jQlwtuZ5vzvGOC2Kl+o
	CTS/OZY/WhwJMSDozBw1QiDDaD8ZLsoOmwGT32YOHu9LgvIGk9158L+apuGsHF1tWg89RM
	NA9X7YI32TxDUOD+BrpgaC7kwXe4SjEQtcOz4f6xvNCs9rzpZAVGyewwcsOAVA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038281;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QNkqo+rlQiIscrkEtDheFl7zQvuyD+2BrXWoNiqIelo=;
	b=WIaSKxWtB2fHWd1Uc2FXBHZD3NPdkB2hsn90nS/0oISTEpiRTwsEK8kz2sLcWOdJ3l21SE
	naXj+J9XSvgbONpZOtnshsYoVYvkLrawNlF1NLROMQSbemawPFPq0ErZyAiMbVQFWyffcv
	wqvXhT3dG6Zr4Qd0tBSakOcHrG4ZTk5qWUkYiqOauCoUyB8Aff7VEpVb8uZUjztfOwElt3
	te2+b/ptBLCPfC7aFID6ISeJdw2ifmh5IrE9hZaWg6LkUcHLWw0Tw2eDeNzJJvC5cVj1ov
	MZPk6bgwICwoK4k1MQzS1pE869Z7oUEH4RCRElZ2m7phlE+LANi4qIL1ZIi5eQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHX6ZzmzsrZ;
	Wed,  7 Aug 2024 13:44:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DieKO034063;
	Wed, 7 Aug 2024 13:44:40 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiesM034060;
	Wed, 7 Aug 2024 13:44:40 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:40 GMT
Message-Id: <202408071344.477DiesM034060@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c4ade13d5498 - releng/14.0 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: c4ade13d5498870de2cae09f5468aca0d73c126f
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c4ade13d5498870de2cae09f5468aca0d73c126f

commit c4ade13d5498870de2cae09f5468aca0d73c126f
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:25:50 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    
    Approved by:    so
    Security:       FreeBSD-SA-24:08.openssh
    Security:       CVE-2024-7589
    
    (cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)
---
 crypto/openssh/sshd.c    | 2 --
 crypto/openssh/version.h | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index cfdd61ec5747..79ec505fcfe7 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 56d02fbe9c86..3dcb560362d3 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Wed Aug  7 13:44:41 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHZ2kNwz5S9MB;
	Wed, 07 Aug 2024 13:44:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHZ0sqZz4jLP;
	Wed,  7 Aug 2024 13:44:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038282;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rn8slkN2SKVqeC3HSg+M5ZIl3DcsPWCixE/dgA7DQ/I=;
	b=C/dc3GZChkgulWvQRjVFPIVhz3drmohHmnlXbg2Zxa8uWSWZzYSgzWjxcRek0uj1R2XeK8
	veESA9E25ynam0gPgrHYa9MyctuR6PQJMhf/xMftSxatitMKyC630grLcOF/hy/jWBhW8r
	DkniDmleRk5KMP7yoSEgHC76Vk4JYa8ZENQBDjg7lU9OOkckm86gINu30J2Wi4ZoQqCjkI
	YpQvPx+/sLY2k0nwGk6N9cOb/Z+D9rYpIKit9RaJ9Axu2Se0ipeYjBi7/ErtgcGkOItWAN
	WbMvDnvaH/0iQ1AlpTfSfQOV1WDSefORHYRsVcj9l1EiZeCq//wQf8rN5GLrUw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038282; a=rsa-sha256; cv=none;
	b=Q8KEkwLV7DERUoaF8RPDGq/8It9EX5edZFLHkX29xhn+uj6QURGKwWQbr6QZEsQUfD3xcU
	GGJXnZdwt52IC1xvWwjisBqXMcjtjGrxOeHoBqgIePL4FD2ej0NYBbp8vFLfF9LSBdIVVI
	eYEo1tKesYcH6lZdR2t/Fb+0oYaLtpJ0JZ6Ghyvgqh1rYtLE6xiZDK3dzpJjv1iVZb750q
	hao8BNnKmQ4VGRzArWSOKVQHfUPr3rJ+vMwLQRDzaODy0INVe5LW/7dlhBtQJGDQOnJ/KH
	8ap1FhqZZJryMoa5TA/oCGtJTpvaewXTP2htvr7sXP2v5kBWLzZ/gLDossSSCg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038282;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rn8slkN2SKVqeC3HSg+M5ZIl3DcsPWCixE/dgA7DQ/I=;
	b=CZYTDyyiNeWnxnljW7Y/JjERd0wgvlSTzf0eq5gs5LIiBaA3kUdA9/nqFgZOzY2ebtb3mE
	LUuTbe74kGpU98/FpqGUkU2u09f1qfm3V4OJCXzB3Iyd9jmUZu3INmCXIWs8f0yKVG+3Vr
	wBIxRtQ+P1NJKC+SvuKNPm6PE1D6CiokHdT9ZiK/s/KVMUDUQPr1DSoSGIR+HGZcjDBPk3
	pIyh3NWPXy1WtyotdmPDQiQtByA9AXOO6ajd9TMQGFOzh03/5M1J9xBmXWPr3Uad6MIVQH
	G3VaQUMOWaKexfF7hX1itrL+K9qQlTq7+Wkg0qASHVAYVD1eCPwTOrEaAeLECw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHZ0Rf3zsV9;
	Wed,  7 Aug 2024 13:44:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Difpv034107;
	Wed, 7 Aug 2024 13:44:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DifVo034104;
	Wed, 7 Aug 2024 13:44:41 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:41 GMT
Message-Id: <202408071344.477DifVo034104@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 01792dd7f27b - releng/14.0 - ifconfig: Fix default
  netmask calculation
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 01792dd7f27b3415e721f43f2d6e98df2346fd1f
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=01792dd7f27b3415e721f43f2d6e98df2346fd1f

commit 01792dd7f27b3415e721f43f2d6e98df2346fd1f
Author:     Michael Gmelin <grembo@FreeBSD.org>
AuthorDate: 2024-06-12 16:11:52 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:10 +0000

    ifconfig: Fix default netmask calculation
    
    Approved by:    so
    Security:       FreeBSD-EN-24:14.ifconfig
    Reported by:    phk
    Reviewed by:    emaste, kp
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D45570
    
    (cherry picked from commit 8a9f0fa42b1c6cffd45459bb552e138083b00369)
    (cherry picked from commit 048ad7a9ef9fe15368ff287db5c705c8163f4e1c)
---
 sbin/ifconfig/af_inet.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sbin/ifconfig/af_inet.c b/sbin/ifconfig/af_inet.c
index 83b605e8c4cb..8032c7035c95 100644
--- a/sbin/ifconfig/af_inet.c
+++ b/sbin/ifconfig/af_inet.c
@@ -445,7 +445,7 @@ in_exec_nl(if_ctx *ctx, unsigned long action, void *data)
 static void
 in_setdefaultmask_nl(void)
 {
-        struct in_px *px = sintab_nl[ADDR];
+	struct in_px *px = sintab_nl[ADDR];
 
 	in_addr_t i = ntohl(px->addr.s_addr);
 
@@ -456,11 +456,11 @@ in_setdefaultmask_nl(void)
 	 * we should return an error rather than warning.
 	 */
 	if (IN_CLASSA(i))
-		px->plen = IN_CLASSA_NSHIFT;
+		px->plen = 32 - IN_CLASSA_NSHIFT;
 	else if (IN_CLASSB(i))
-		px->plen = IN_CLASSB_NSHIFT;
+		px->plen = 32 - IN_CLASSB_NSHIFT;
 	else
-		px->plen = IN_CLASSC_NSHIFT;
+		px->plen = 32 - IN_CLASSC_NSHIFT;
 	px->maskset = true;
 }
 #endif

From nobody Wed Aug  7 13:44:43 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHb3BcQz5S8tw;
	Wed, 07 Aug 2024 13:44:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHb1f6dz4jNk;
	Wed,  7 Aug 2024 13:44:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038283;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=0VpDsVw9sNq/cvQpokIcKpHvYDS6SDwYCRArYfboxfk=;
	b=pytDIp9Y9tm8Cx/Yb3O2TAe8p0loXLvHAktkByHyQ4XpSq6RAhP4M7/cdkvTI6a58Slxux
	m3hsPnKgmqUXN+i1IYoRRiRMkDJl/wuN7hDGGnI7LdH5b3+n+tLeB5Gp/4gIDSx6lvhLyn
	eo49bBKj2t50p1o9T1KA1B/PO79IEKituPQrRzkZgDevbw/PUPIGh+3dpmOCJssiK6LWJ/
	nTCJzyhpqixCN0ICIOku1jfQXrjyYvcIznp7iY8X8wrxizyJBZQTK0lZ3UcOZw4Jsj1jE1
	h323yRJAdHt5I1jbB1NA68lJgnprQV6x4iSDatYdP+OhDgQD6hklzncLxgf2Cg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038283; a=rsa-sha256; cv=none;
	b=Ddt6t3eUkeGCPXcumMyT7x6P187+YCAmqBwMCOudPCB4mJFjQD019MLZsLSJQNU1IDzE4m
	icpW11I6HqGRMy3ZC6iKOzOfYTIn9/nwGBTHHMb7xLAtlaXtI61gHSreesj2E/Zs9juPZX
	Mks0QepOXapJpqVcG3Y3AMI4whlFrDB6P3ZSfWJ33FZK3rrH9HjRhx4vd4R6zVDiZBcyyw
	i+Fuwvp8LXJpJPsTk+gGOyzYzO3zoPnjmJaNL3oOUFduSHhDq4eWwIpXp1pVZvMClnfNBK
	F7r8JHEaOwN9LG06BPCsUXMapN/AVHBL1QBiLASIt9gR7p5afCYP+jO13qVq5Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038283;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=0VpDsVw9sNq/cvQpokIcKpHvYDS6SDwYCRArYfboxfk=;
	b=wxZhTRa39DCOLJ3qyUYQHNzLcU7uYyj3qWz2XH8Rrd5brA41hFSQcpjha9cR8/fmPYLoBi
	GXr+U5qXMjjWF1fsW9XjJyyx1/wdfv3ai8wz799q6GNhNCnoZghPcTU+qA6HN+BIPB2LM4
	FUWKbjZY9kJYRY+F4pfI8/BecZUikOsn3HwKmEKpFnFgwNyET28hyMgClCEWCCUyi+80dV
	H9XWzniio29j1tnEYqCf4Bns5jEM6D0xbfBpMHop/427DRTnZTeZAtLhEqoSA16Lci6iov
	PvC/xNcpkuyDEuNilzGqLsYXQgs0sYBt2Xl7VOirOnzQuzybEC7+s7b21FT/9A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHb1G9rzspK;
	Wed,  7 Aug 2024 13:44:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DihEA034161;
	Wed, 7 Aug 2024 13:44:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dih1k034158;
	Wed, 7 Aug 2024 13:44:43 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:43 GMT
Message-Id: <202408071344.477Dih1k034158@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: aac676988d91 - releng/14.0 - pf: stricter state
  checking for ICMP and ICMPv6 packets
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: aac676988d91aeb89b91fd00d4a5f4e23445fce6
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=aac676988d91aeb89b91fd00d4a5f4e23445fce6

commit aac676988d91aeb89b91fd00d4a5f4e23445fce6
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-09 13:59:33 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:25 +0000

    pf: stricter state checking for ICMP and ICMPv6 packets
    
    Include
    the ICMP type in one port of the state key, using the type to determine which
    side should be the id, and which should be the type.
    
    Also:
    - Handle ICMP6 messages which are typically sent to multicast addresses but
     recieve unicast replies, by doing fallthrough lookups against the correct
     multicast address.
    - Clear up some mistaken assumptions in the PF code:
      - Not all ICMP packets have an icmp_id, so simulate one based on other
        data if we can, otherwise set it to 0.
     - Don't modify the icmp id field in NAT unless it's echo
     - Use the full range of possible id's when NATing icmp6 echoy
    
    ok henning marco
    testing matthieu todd
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 70bf7555ef4c
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 534ee17e61ee094ec175703bc50e88ff6587703e)
    (cherry picked from commit 2f6b4611b5b847aee1ff8d5017a0f8a657f4101d)
---
 sys/netpfil/pf/pf.c    | 381 ++++++++++++++++++++++++++++++++++++++-----------
 sys/netpfil/pf/pf_lb.c |  19 ++-
 2 files changed, 317 insertions(+), 83 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index eab79387e867..0491cd7369f5 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -260,6 +260,8 @@ static void		 pf_change_ap(struct mbuf *, struct pf_addr *, u_int16_t *,
 			    u_int16_t, u_int8_t, sa_family_t);
 static int		 pf_modulate_sack(struct mbuf *, int, struct pf_pdesc *,
 			    struct tcphdr *, struct pf_state_peer *);
+int			 pf_icmp_mapping(struct pf_pdesc *, u_int8_t, int *,
+			    int *, u_int16_t *, u_int16_t *);
 static void		 pf_change_icmp(struct pf_addr *, u_int16_t *,
 			    struct pf_addr *, struct pf_addr *, u_int16_t,
 			    u_int16_t *, u_int16_t *, u_int16_t *,
@@ -304,6 +306,10 @@ static int		 pf_test_state_tcp(struct pf_kstate **,
 static int		 pf_test_state_udp(struct pf_kstate **,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *);
+int			 pf_icmp_state_lookup(struct pf_state_key_cmp *,
+			    struct pf_pdesc *, struct pf_kstate **, struct mbuf *,
+			    int, struct pfi_kkif *, u_int16_t, u_int16_t,
+			    int, int *, int);
 static int		 pf_test_state_icmp(struct pf_kstate **,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *, u_short *);
@@ -353,6 +359,8 @@ extern struct proc *pf_purge_proc;
 
 VNET_DEFINE(struct pf_limit, pf_limits[PF_LIMIT_MAX]);
 
+enum { PF_ICMP_MULTI_NONE, PF_ICMP_MULTI_SOLICITED, PF_ICMP_MULTI_LINK };
+
 #define	PACKET_UNDO_NAT(_m, _pd, _off, _s)		\
 	do {								\
 		struct pf_state_key *nk;				\
@@ -1695,6 +1703,142 @@ pf_isforlocal(struct mbuf *m, int af)
 	return (false);
 }
 
+int
+pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
+    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+{
+	/*
+	 * ICMP types marked with PF_OUT are typically responses to
+	 * PF_IN, and will match states in the opposite direction.
+	 * PF_IN ICMP types need to match a state with that type.
+	 */
+	*icmp_dir = PF_OUT;
+	*multi = PF_ICMP_MULTI_LINK;
+	/* Queries (and responses) */
+	switch (type) {
+	case ICMP_ECHO:
+		*icmp_dir = PF_IN;
+	case ICMP_ECHOREPLY:
+		*icmptype = ICMP_ECHO;
+		*icmpid = pd->hdr.icmp.icmp_id;
+		break;
+
+	case ICMP_TSTAMP:
+		*icmp_dir = PF_IN;
+	case ICMP_TSTAMPREPLY:
+		*icmptype = ICMP_TSTAMP;
+		*icmpid = 0; /* Time is not a secret. */
+		break;
+
+	case ICMP_IREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_IREQREPLY:
+		*icmptype = ICMP_IREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MASKREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_MASKREPLY:
+		*icmptype = ICMP_MASKREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_IPV6_WHEREAREYOU:
+		*icmp_dir = PF_IN;
+	case ICMP_IPV6_IAMHERE:
+		*icmptype = ICMP_IPV6_WHEREAREYOU;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MOBILE_REGREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP_MOBILE_REGREPLY:
+		*icmptype = ICMP_MOBILE_REGREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_ROUTERSOLICIT:
+		*icmp_dir = PF_IN;
+	case ICMP_ROUTERADVERT:
+		*icmptype = ICMP_ROUTERSOLICIT;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+#ifdef INET6
+	case ICMP6_ECHO_REQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_ECHO_REPLY:
+		*icmptype = ICMP6_ECHO_REQUEST;
+		*icmpid = pd->hdr.icmp6.icmp6_id;
+		break;
+
+	case MLD_LISTENER_QUERY:
+		*icmp_dir = PF_IN;
+	case MLD_LISTENER_REPORT: {
+		*icmptype = MLD_LISTENER_QUERY;
+		*icmpid = 0;
+		break;
+	}
+
+	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
+	case ICMP6_WRUREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_WRUREPLY:
+		*icmptype = ICMP6_WRUREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case MLD_MTRACE:
+		*icmp_dir = PF_IN;
+	case MLD_MTRACE_RESP:
+		*icmptype = MLD_MTRACE;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ND_NEIGHBOR_SOLICIT:
+		*icmp_dir = PF_IN;
+	case ND_NEIGHBOR_ADVERT: {
+		*icmptype = ND_NEIGHBOR_SOLICIT;
+		*multi = PF_ICMP_MULTI_SOLICITED;
+		*icmpid = 0;
+		break;
+	}
+
+#endif /* INET6 */
+	/* These ICMP types map to other connections */
+	case ICMP_UNREACH:
+	case ICMP_SOURCEQUENCH:
+	case ICMP_REDIRECT:
+	case ICMP_TIMXCEED:
+	case ICMP_PARAMPROB:
+#ifdef INET6
+	/*
+	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
+	 * ND_REDIRECT can't be in this list because the triggering packet
+	 * header is optional.
+	 */
+	case ICMP6_PACKET_TOO_BIG:
+#endif /* INET6 */
+		/* These will not be used, but set them anyways */
+		*icmp_dir = PF_IN;
+		*icmptype = htons(type);
+		*icmpid = 0;
+		return (1);	/* These types are matched to other state */
+	/*
+	 * All remaining ICMP types get their own states,
+	 * and will only match in one direction.
+	 */
+	default:
+		*icmp_dir = PF_IN;
+		*icmptype = type;
+		*icmpid = 0;
+		break;
+	}
+	HTONS(*icmptype);
+	return (0);
+}
+
 void
 pf_intr(void *v)
 {
@@ -4353,8 +4497,8 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 	int			 tag = -1;
 	int			 asd = 0;
 	int			 match = 0;
-	int			 state_icmp = 0;
-	u_int16_t		 sport = 0, dport = 0;
+	int			 state_icmp = 0, icmp_dir, multi;
+	u_int16_t		 sport = 0, dport = 0, virtual_type, virtual_id;
 	u_int16_t		 bproto_sum = 0, bip_sum = 0;
 	u_int8_t		 icmptype = 0, icmpcode = 0;
 	struct pf_kanchor_stackframe	anchor_stack[PF_ANCHOR_STACKSIZE];
@@ -4388,33 +4532,37 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 	case IPPROTO_ICMP:
 		if (pd->af != AF_INET)
 			break;
-		sport = dport = pd->hdr.icmp.icmp_id;
 		hdrlen = sizeof(pd->hdr.icmp);
 		icmptype = pd->hdr.icmp.icmp_type;
 		icmpcode = pd->hdr.icmp.icmp_code;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		if (af != AF_INET6)
 			break;
-		sport = dport = pd->hdr.icmp6.icmp6_id;
 		hdrlen = sizeof(pd->hdr.icmp6);
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	default:
@@ -4508,7 +4656,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 		}
 #ifdef INET
 		case IPPROTO_ICMP:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET))
 				pf_change_a(&saddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->sidx].v4.s_addr, 0);
@@ -4517,11 +4664,12 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (nk->port[1] != pd->hdr.icmp.icmp_id) {
+			if (virtual_type == ICMP_ECHO &&
+			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
-				    nk->port[1], 0);
-				pd->hdr.icmp.icmp_id = nk->port[1];
+				    nk->port[pd->sidx], 0);
+				pd->hdr.icmp.icmp_id = nk->port[pd->sidx];
 				pd->sport = &pd->hdr.icmp.icmp_id;
 			}
 			m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
@@ -4529,7 +4677,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 #endif /* INET */
 #ifdef INET6
 		case IPPROTO_ICMPV6:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET6))
 				pf_change_a6(saddr, &pd->hdr.icmp6.icmp6_cksum,
 				    &nk->addr[pd->sidx], 0);
@@ -5911,15 +6058,73 @@ pf_test_state_sctp(struct pf_kstate **state, struct pfi_kkif *kif,
 	return (PF_PASS);
 }
 
+int
+pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd,
+    struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif,
+    u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi)
+{
+	key->af = pd->af;
+	key->proto = pd->proto;
+	if (icmp_dir == PF_IN) {
+		*iidx = pd->sidx;
+		key->port[pd->sidx] = icmpid;
+		key->port[pd->didx] = type;
+	} else {
+		*iidx = pd->didx;
+		key->port[pd->sidx] = type;
+		key->port[pd->didx] = icmpid;
+	}
+	if (pd->af == AF_INET6 && multi != PF_ICMP_MULTI_NONE) {
+		switch (multi) {
+		case PF_ICMP_MULTI_SOLICITED:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = IPV6_ADDR_INT32_ONE;
+			key->addr[pd->sidx].addr32[3] = pd->src->addr32[3];
+			key->addr[pd->sidx].addr8[12] = 0xff;
+			break;
+		case PF_ICMP_MULTI_LINK:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = 0;
+			key->addr[pd->sidx].addr32[3] = IPV6_ADDR_INT32_ONE;
+			break;
+		}
+	} else
+		PF_ACPY(&key->addr[pd->sidx], pd->src, key->af);
+	PF_ACPY(&key->addr[pd->didx], pd->dst, key->af);
+
+	STATE_LOOKUP(kif, key, *state, pd);
+
+	/* Is this ICMP message flowing in right direction? */
+	if ((*state)->rule.ptr->type &&
+	    (((*state)->direction == direction) ?
+	    PF_IN : PF_OUT) != icmp_dir) {
+		if (V_pf_status.debug >= PF_DEBUG_MISC) {
+			printf("pf: icmp type %d in wrong direction (%d): ",
+			    icmp_dir, pd->dir);
+			pf_print_state(*state);
+			printf("\n");
+		}
+		return (PF_DROP);
+	}
+	return (-1);
+}
+
 static int
 pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
     struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason)
 {
 	struct pf_addr  *saddr = pd->src, *daddr = pd->dst;
-	u_int16_t	 icmpid = 0, *icmpsum;
+	u_int16_t	*icmpsum, virtual_id, virtual_type;
 	u_int8_t	 icmptype, icmpcode;
-	int		 state_icmp = 0;
+	int		 icmp_dir, iidx, ret, multi;
 	struct pf_state_key_cmp key;
+#ifdef INET
+	u_int16_t	 icmpid;
+#endif
+
+	MPASS(*state == NULL);
 
 	bzero(&key, sizeof(key));
 	switch (pd->proto) {
@@ -5929,49 +6134,43 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 		icmpcode = pd->hdr.icmp.icmp_code;
 		icmpid = pd->hdr.icmp.icmp_id;
 		icmpsum = &pd->hdr.icmp.icmp_cksum;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+#ifdef INET
 		icmpid = pd->hdr.icmp6.icmp6_id;
+#endif
 		icmpsum = &pd->hdr.icmp6.icmp6_cksum;
-
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	}
 
-	if (!state_icmp) {
+	if (pf_icmp_mapping(pd, icmptype, &icmp_dir, &multi,
+	    &virtual_id, &virtual_type) == 0) {
 		/*
 		 * ICMP query/reply message not related to a TCP/UDP packet.
 		 * Search for an ICMP state.
 		 */
-		key.af = pd->af;
-		key.proto = pd->proto;
-		key.port[0] = key.port[1] = icmpid;
-		if (pd->dir == PF_IN)	{	/* wire side, straight */
-			PF_ACPY(&key.addr[0], pd->src, key.af);
-			PF_ACPY(&key.addr[1], pd->dst, key.af);
-		} else {			/* stack side, reverse */
-			PF_ACPY(&key.addr[1], pd->src, key.af);
-			PF_ACPY(&key.addr[0], pd->dst, key.af);
+		ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir,
+		    kif, virtual_id, virtual_type, icmp_dir, &iidx,
+		    PF_ICMP_MULTI_NONE);
+		if (ret >= 0) {
+			if (ret == PF_DROP && pd->af == AF_INET6 &&
+			    icmp_dir == PF_OUT) {
+				if (*state != NULL)
+					PF_STATE_UNLOCK((*state));
+				ret = pf_icmp_state_lookup(&key, pd, state, m,
+				    pd->dir, kif, virtual_id, virtual_type,
+				    icmp_dir, &iidx, multi);
+				if (ret >= 0)
+					return (ret);
+			} else
+				return (ret);
 		}
 
-		STATE_LOOKUP(kif, &key, *state, pd);
-
 		(*state)->expire = time_uptime;
 		(*state)->timeout = PFTM_ICMP_ERROR_REPLY;
 
@@ -5994,14 +6193,14 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 					    pd->ip_sum,
 					    nk->addr[pd->didx].v4.s_addr, 0);
 
-				if (nk->port[0] !=
+				if (nk->port[iidx] !=
 				    pd->hdr.icmp.icmp_id) {
 					pd->hdr.icmp.icmp_cksum =
 					    pf_cksum_fixup(
 					    pd->hdr.icmp.icmp_cksum, icmpid,
-					    nk->port[pd->sidx], 0);
+					    nk->port[iidx], 0);
 					pd->hdr.icmp.icmp_id =
-					    nk->port[pd->sidx];
+					    nk->port[iidx];
 				}
 
 				m_copyback(m, off, ICMP_MINLEN,
@@ -6366,13 +6565,15 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMP;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp_id;
+			icmpid = iih.icmp_id;
+			pf_icmp_mapping(&pd2, iih.icmp_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
 
-			STATE_LOOKUP(kif, &key, *state, pd);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0)
+				return (ret);
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6382,21 +6583,23 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp_id)
-					pf_change_icmp(pd2.src, &iih.icmp_id,
+				    (virtual_type == ICMP_ECHO &&
+				    nk->port[iidx] != iih.icmp_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP_ECHO) ?
+					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP_ECHO) ?
+					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp_id)
-					pf_change_icmp(pd2.dst, &iih.icmp_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
-					    pd2.ip_sum, icmpsum,
-					    pd->ip_sum, 0, AF_INET);
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
+					    pd2.ip_sum, icmpsum, pd->ip_sum, 0,
+					    AF_INET);
 
 				m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
 				m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2);
@@ -6418,13 +6621,25 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMPV6;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp6_id;
-
-			STATE_LOOKUP(kif, &key, *state, pd);
+			pf_icmp_mapping(&pd2, iih.icmp6_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0) {
+				if (ret == PF_DROP && pd->af == AF_INET6 &&
+				    icmp_dir == PF_OUT) {
+					if (*state != NULL)
+						PF_STATE_UNLOCK((*state));
+					ret = pf_icmp_state_lookup(&key, pd,
+					    state, m, pd->dir, kif,
+					    virtual_id, virtual_type,
+					    icmp_dir, &iidx, multi);
+					if (ret >= 0)
+						return (ret);
+				} else
+					return (ret);
+			}
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6434,19 +6649,21 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp6_id)
-					pf_change_icmp(pd2.src, &iih.icmp6_id,
+				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    nk->port[pd2.sidx] != iih.icmp6_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp6_id)
-					pf_change_icmp(pd2.dst, &iih.icmp6_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c
index eb3d087e3df6..4fcad7e578a8 100644
--- a/sys/netpfil/pf/pf_lb.c
+++ b/sys/netpfil/pf/pf_lb.c
@@ -225,6 +225,23 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 	if (pf_map_addr(af, r, saddr, naddr, NULL, &init_addr, sn))
 		return (1);
 
+	if (proto == IPPROTO_ICMP) {
+		if (*nport == htons(ICMP_ECHO)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#ifdef INET6
+	if (proto == IPPROTO_ICMPV6) {
+		if (*nport == htons(ICMP6_ECHO_REQUEST)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#endif /* INET6 */
+
 	bzero(&key, sizeof(key));
 	key.af = af;
 	key.proto = proto;
@@ -633,7 +650,7 @@ pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off,
 	switch (r->action) {
 	case PF_NAT:
 		if (pd->proto == IPPROTO_ICMP) {
-			low  = 1;
+			low = 1;
 			high = 65535;
 		} else {
 			low  = r->rpool.proxy_port[0];

From nobody Wed Aug  7 13:44:44 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHc4bWPz5S97m;
	Wed, 07 Aug 2024 13:44:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHc2YCGz4jX9;
	Wed,  7 Aug 2024 13:44:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038284;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4lL2bGG+L2yqxUWFBvlg5JsF4q29JFzA20CW8M1a0LM=;
	b=gnm11WgzUndFJJ07CDFshI9fzGr5wgVqaHtVnJZjoYZWdMJZFQPjjKHpldqGF4/OZ2h/sI
	Y589kChuts+mFRMnZXKIPEua0WvKnZXhUpAJ/zmxEly50z3Bznz+5xgzBB6my3bNsKWIzE
	I72bVgR1PALVZFbjY+hgNodEOjUcIHZCzl06fW+dAg7oEPom2zxQukrbxA0AHwchxJMKJa
	0GYl4oUoNzeSrJ34TjwIcaK1Il/GfKgnB0HZax+TVLvTW0po7IXr5WmjYH2SflEVcRIR4V
	UnMDTFTJVmMaW9/WGHwuh3944wZ2IiwNAgYVghEeT7YGjIAdI+Ie7jose2tYJA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038284; a=rsa-sha256; cv=none;
	b=x5x4RoNle1oq178hH3xL2YPBMA/8c9rhBv7ixOKs8Wor6l78LpDFm4iqGWRxZJMppvjOW/
	vOCvWvLpjatQAeqXT6aZnPLc6+ibjTK/8qqVwGz+VP5V16F4qe0FFwIvYEGXdfH03+DbA6
	awt6CbIfLiU2oIUU3+OYftTTf7/gxZGA6XBZiOa7lkqueK53iMAPrGqKIKqX0Z3ybm3fAk
	+iRmyKtpTZOHkbfLJTRM0iF837Si2r2/uTbD/celWmtrA7Q4n7PPv5ugVZTgyzszx5jlb2
	y6//87nvrFGyZYb2JINyxoMPKJ8oDNQ31evIoZfZLg+vL8gqYBxYd4L8WVCYJQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038284;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4lL2bGG+L2yqxUWFBvlg5JsF4q29JFzA20CW8M1a0LM=;
	b=YNc6aiaBVgV4paJFRUNIwi/9TF9kvNNtNOn7Hfv+tdMPL8nHyQ9ijhRpEh8eo35QLH86VC
	IoyBztG++4lvbApglEgtQGL0bM2OTCXxvnBouzZcjlsGKnNv4MBkSDrfoJvL7TsL5j0QGW
	8JH0jOPTlQSP1fLVXM5G525pAQhG1Pp9HMoSZ5+T96e6dtSrb2XcchF7YG/p8Jn/DmoNvl
	+iqje+Cp+KVEDZsOmOhaok4mNE6eDRFYTrWfPjCtfvyMlQeakG8DFd8dpxG4ZwZVHA0DNm
	jREWlu+NFgziFsAtPMY6v8pljlpAN8hq2lB0DOJiwpsrPj/VohZOa+EY5Wn74A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHc24KSzspL;
	Wed,  7 Aug 2024 13:44:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiiQc034224;
	Wed, 7 Aug 2024 13:44:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiiZL034221;
	Wed, 7 Aug 2024 13:44:44 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:44 GMT
Message-Id: <202408071344.477DiiZL034221@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 3151802d0316 - releng/14.0 - pf: some ICMP types that
  also have icmp_id, pointed out by markus@
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 3151802d03162e8d287eaaaa41e1d187f5acbc67
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=3151802d03162e8d287eaaaa41e1d187f5acbc67

commit 3151802d03162e8d287eaaaa41e1d187f5acbc67
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 11:32:03 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:30 +0000

    pf: some ICMP types that also have icmp_id, pointed out by markus@
    
    ok henning markus
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 8c0632cd274b
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit e296b0de9e467b8c5eb853f6cf4c6ea28d4119a2)
    (cherry picked from commit c5081b8d3918564c1aba5a5e3f0a5219568e3435)
---
 sys/netpfil/pf/pf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 0491cd7369f5..71611acde2c7 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1727,21 +1727,21 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 		*icmp_dir = PF_IN;
 	case ICMP_TSTAMPREPLY:
 		*icmptype = ICMP_TSTAMP;
-		*icmpid = 0; /* Time is not a secret. */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_IREQREPLY:
 		*icmptype = ICMP_IREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_MASKREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_MASKREPLY:
 		*icmptype = ICMP_MASKREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IPV6_WHEREAREYOU:

From nobody Wed Aug  7 13:44:45 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHd5GzPz5S9MG;
	Wed, 07 Aug 2024 13:44:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHd3Frpz4jRw;
	Wed,  7 Aug 2024 13:44:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038285;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FlxyrXYDtYH1MLdw6wSH10ycWcPQUYkUfjBG8HQd3l4=;
	b=N0+KcR34UtKSJdf3dsw7LZLsyi4sFcHrbAbalTYhCZ/Mr3Q2Sa6D2lbojjWwqL20cB7RLi
	I/cpfEPGUexgn5WPEb1/crImIFBo+VuZJD0XghnbsOczuSUyJBDplaybdIpq7Zm6b7A/6T
	LcPhX0eQjKZDfUz1E0y+I4JvtZARdxLjQEuCv+8NGFaG45wi7TRnvFv5Mhpi1chEkhOtGj
	ppOtYKZx6fV8Ve3Cj837KisWq862TGXmUGZuVp7CtUP9Kq5+/0eNVQZkJt1hp85KXti6Lb
	zb9O9pnVmE4BbfP+HZv+goWL69sZKtPFGO+hZcUx99JswAkqjiwnqaukAIlj7w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038285; a=rsa-sha256; cv=none;
	b=RSV61dkXlMRv7R2JKm5Y0XZI7B0oklUJ8citHphqMiEi57NVTHiEbdYQcZfZnsPl2F7H5t
	6VKPIoOR08ca3kAtnOwl91BLnD0gymgDGVtYguJLceEqtNh6R3RJrVE4LN8zCx2qb+udzf
	9pL6ei5SeTpIMiSsPYM2q9Ilq7yjkSV2RCHM4rFcQz2RkdUDxLqtu2YOSOyC9ymLlIkptL
	LQAn5gohVH90gdVNJclu8EB+0Ux3WS+TRSto/yem/bI0NktsU0TSGwABTECOr/z24j+ONO
	77sTqJ/+MoBEXB6z0CVzOYLS1od25gczKgOjSC6ZC3RYwWrzRxK1dGpfzTPIyA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038285;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FlxyrXYDtYH1MLdw6wSH10ycWcPQUYkUfjBG8HQd3l4=;
	b=cipqLAK2zjYFSN5pvpbwE/dEe2pavgaXazLxdnh7Ok+uIKF+7RtnWd8XH9oe9JM96PpZrV
	8mskeHPijngeARzL0jqjgQGG06cN7TxlQDHEPcOiNLIZ26wbgXnsH1+O0OD1CfuuVhvqR5
	YhadWTroSrgOOdwlWBiOJtQ4INz0xEhYyaA5SeACiAy+ecrCLdxIP1doZgBqbtKBGfkSbh
	2taVjke8wpXzZCfunKpsiLtRjmarQY6bYblajt/OOnPHvDAXLyYl6yxFG5HsofCX0dMQAg
	4COLuLo8MKaMTut+if4HWohVxEP5/4/ZTNujohkWbmFJqan4679T15yztb+qAg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHd2t82zsmP;
	Wed,  7 Aug 2024 13:44:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DijSS034276;
	Wed, 7 Aug 2024 13:44:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DijpO034272;
	Wed, 7 Aug 2024 13:44:45 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:45 GMT
Message-Id: <202408071344.477DijpO034272@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 110142ab3846 - releng/14.0 - pf: split ICMP/ICMPv6
  number space in pf_icmp_mapping()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 110142ab3846fdf2fad18acc06e3d041bf3df0f3
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=110142ab3846fdf2fad18acc06e3d041bf3df0f3

commit 110142ab3846fdf2fad18acc06e3d041bf3df0f3
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:10:50 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:30 +0000

    pf: split ICMP/ICMPv6 number space in pf_icmp_mapping()
    
    In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same
    number space.  In fact they are independent and must be handled
    separately.  Fix traceroute via pf by splitting pf_icmp_mapping()
    into IPv4 and IPv6 sections.
    ok henning@ mcbride@; tested mcbride@; sure deraadt@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, bluhm <bluhm@openbsd.org> ef4bccd7509e
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 46755f52247bd34a7f013d6844ed0c673ac0defc)
    (cherry picked from commit 7f77305a5ba421f901cf3ac59a6449a70645fda4)
---
 sys/netpfil/pf/pf.c | 247 ++++++++++++++++++++++++++++------------------------
 1 file changed, 135 insertions(+), 112 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 71611acde2c7..72814861f35f 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1705,7 +1705,7 @@ pf_isforlocal(struct mbuf *m, int af)
 
 int
 pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
-    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+    int *icmp_dir, int *multi, u_int16_t *virtual_id, u_int16_t *virtual_type)
 {
 	/*
 	 * ICMP types marked with PF_OUT are typically responses to
@@ -1715,128 +1715,151 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 	*icmp_dir = PF_OUT;
 	*multi = PF_ICMP_MULTI_LINK;
 	/* Queries (and responses) */
-	switch (type) {
-	case ICMP_ECHO:
-		*icmp_dir = PF_IN;
-	case ICMP_ECHOREPLY:
-		*icmptype = ICMP_ECHO;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+	switch (pd->af) {
+#ifdef INET
+	case AF_INET:
+		switch (type) {
+		case ICMP_ECHO:
+			*icmp_dir = PF_IN;
+		case ICMP_ECHOREPLY:
+			*virtual_type = ICMP_ECHO;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_TSTAMP:
-		*icmp_dir = PF_IN;
-	case ICMP_TSTAMPREPLY:
-		*icmptype = ICMP_TSTAMP;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_TSTAMP:
+			*icmp_dir = PF_IN;
+		case ICMP_TSTAMPREPLY:
+			*virtual_type = ICMP_TSTAMP;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_IREQREPLY:
-		*icmptype = ICMP_IREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_IREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_IREQREPLY:
+			*virtual_type = ICMP_IREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_MASKREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_MASKREPLY:
-		*icmptype = ICMP_MASKREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_MASKREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_MASKREPLY:
+			*virtual_type = ICMP_MASKREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IPV6_WHEREAREYOU:
-		*icmp_dir = PF_IN;
-	case ICMP_IPV6_IAMHERE:
-		*icmptype = ICMP_IPV6_WHEREAREYOU;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_IPV6_WHEREAREYOU:
+			*icmp_dir = PF_IN;
+		case ICMP_IPV6_IAMHERE:
+			*virtual_type = ICMP_IPV6_WHEREAREYOU;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_MOBILE_REGREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP_MOBILE_REGREPLY:
-		*icmptype = ICMP_MOBILE_REGREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_MOBILE_REGREQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP_MOBILE_REGREPLY:
+			*virtual_type = ICMP_MOBILE_REGREQUEST;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_ROUTERSOLICIT:
-		*icmp_dir = PF_IN;
-	case ICMP_ROUTERADVERT:
-		*icmptype = ICMP_ROUTERSOLICIT;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_ROUTERSOLICIT:
+			*icmp_dir = PF_IN;
+		case ICMP_ROUTERADVERT:
+			*virtual_type = ICMP_ROUTERSOLICIT;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-#ifdef INET6
-	case ICMP6_ECHO_REQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_ECHO_REPLY:
-		*icmptype = ICMP6_ECHO_REQUEST;
-		*icmpid = pd->hdr.icmp6.icmp6_id;
-		break;
+		/* These ICMP types map to other connections */
+		case ICMP_UNREACH:
+		case ICMP_SOURCEQUENCH:
+		case ICMP_REDIRECT:
+		case ICMP_TIMXCEED:
+		case ICMP_PARAMPROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
 
-	case MLD_LISTENER_QUERY:
-		*icmp_dir = PF_IN;
-	case MLD_LISTENER_REPORT: {
-		*icmptype = MLD_LISTENER_QUERY;
-		*icmpid = 0;
+		/*
+		 * All remaining ICMP types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
+#endif /* INET */
+#ifdef INET6
+	case AF_INET6:
+		switch (type) {
+		case ICMP6_ECHO_REQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP6_ECHO_REPLY:
+			*virtual_type = ICMP6_ECHO_REQUEST;
+			*virtual_id = pd->hdr.icmp6.icmp6_id;
+			break;
 
-	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
-	case ICMP6_WRUREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_WRUREPLY:
-		*icmptype = ICMP6_WRUREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case MLD_LISTENER_QUERY:
+			*icmp_dir = PF_IN;
+		case MLD_LISTENER_REPORT: {
+			*virtual_type = MLD_LISTENER_QUERY;
+			*virtual_id = 0;
+			break;
+		}
+		case MLD_MTRACE:
+			*icmp_dir = PF_IN;
+		case MLD_MTRACE_RESP:
+			*virtual_type = MLD_MTRACE;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case MLD_MTRACE:
-		*icmp_dir = PF_IN;
-	case MLD_MTRACE_RESP:
-		*icmptype = MLD_MTRACE;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ND_NEIGHBOR_SOLICIT:
+			*icmp_dir = PF_IN;
+		case ND_NEIGHBOR_ADVERT: {
+			*virtual_type = ND_NEIGHBOR_SOLICIT;
+			*virtual_id = 0;
+			break;
+		}
 
-	case ND_NEIGHBOR_SOLICIT:
-		*icmp_dir = PF_IN;
-	case ND_NEIGHBOR_ADVERT: {
-		*icmptype = ND_NEIGHBOR_SOLICIT;
-		*multi = PF_ICMP_MULTI_SOLICITED;
-		*icmpid = 0;
+		/*
+		 * These ICMP types map to other connections.
+		 * ND_REDIRECT can't be in this list because the triggering
+		 * packet header is optional.
+		 */
+		case ICMP6_DST_UNREACH:
+		case ICMP6_PACKET_TOO_BIG:
+		case ICMP6_TIME_EXCEEDED:
+		case ICMP6_PARAM_PROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
+		/*
+		 * All remaining ICMP6 types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
-
 #endif /* INET6 */
-	/* These ICMP types map to other connections */
-	case ICMP_UNREACH:
-	case ICMP_SOURCEQUENCH:
-	case ICMP_REDIRECT:
-	case ICMP_TIMXCEED:
-	case ICMP_PARAMPROB:
-#ifdef INET6
-	/*
-	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
-	 * ND_REDIRECT can't be in this list because the triggering packet
-	 * header is optional.
-	 */
-	case ICMP6_PACKET_TOO_BIG:
-#endif /* INET6 */
-		/* These will not be used, but set them anyways */
-		*icmp_dir = PF_IN;
-		*icmptype = htons(type);
-		*icmpid = 0;
-		return (1);	/* These types are matched to other state */
-	/*
-	 * All remaining ICMP types get their own states,
-	 * and will only match in one direction.
-	 */
 	default:
 		*icmp_dir = PF_IN;
-		*icmptype = type;
-		*icmpid = 0;
+		*virtual_type = type;
+		*virtual_id = 0;
 		break;
 	}
-	HTONS(*icmptype);
-	return (0);
+	HTONS(*virtual_type);
+	return (0);  /* These types match to their own state */
 }
 
 void
@@ -4664,7 +4687,7 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, struct pfi_kkif *kif,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (virtual_type == ICMP_ECHO &&
+			if (virtual_type == htons(ICMP_ECHO) &&
 			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
@@ -6583,13 +6606,13 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    (virtual_type == ICMP_ECHO &&
+				    (virtual_type == htons(ICMP_ECHO) &&
 				    nk->port[iidx] != iih.icmp_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
@@ -6649,13 +6672,13 @@ pf_test_state_icmp(struct pf_kstate **state, struct pfi_kkif *kif,
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    ((virtual_type == htons(ICMP6_ECHO_REQUEST)) &&
 				    nk->port[pd2.sidx] != iih.icmp6_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);

From nobody Wed Aug  7 13:44:46 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHg1Xh0z5S9LC;
	Wed, 07 Aug 2024 13:44:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHf4GJHz4jS6;
	Wed,  7 Aug 2024 13:44:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038286;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N7RiAqDapYaI216MLrDJDcCVxFmne3BZf1/8Z7bt8s0=;
	b=bwwVK+1C6hKn9/jJ9sl388g8qh304ZAbuskCDcockbbRt2G3SX2mA9YLCDrZrvcU4dKyZ6
	hzacI85fdt/6SHqssD6w9sFlelxhb3I0KVrT6EHmFTPNKovZc3hcUhRnsCOCdUdQTvY2Yf
	OfB7DmGFLpmYMchFD3lkYgPiBLiO5oLTwQZRRUDFJS8233L98d4U72aaL0zhpHadLB9Q53
	dczRvadKYjiO5hgqcCempj7Rki26J/XsYgama3uT3ElVKUgtxL68CgMvpKn8+qcMTI6YlP
	jY4O+dYwJvk7gWvO0WyWSmEb2R66xiswpeF6DffcoXT5rvPoCh0naoKjWlFbMQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038286; a=rsa-sha256; cv=none;
	b=pYB4HD/AkMzCrVHNRo8uION8l9KNxswteL2GhgVcxCfjTuhZuBWkzNWFXzGSbmk72fVrvD
	K9HFj4sV5m3XyiBAKM+X7Sd/sqvuNKJHmKWAANqdChsygukWHU0HyddKYMP+TlHm8lSn6b
	vvRNnsRgTNJLq5j98xHACPbi3EfXVu+FbLP8WHBFbz7LFOo0GNjEoh8YS4Z36bNoZk3uTT
	qQUr9G2/aFD7h2ljXjL55FUfwIMLb4HKLiS6x8Tik4TwDJ5CoU9FrEWp33/8NNqG8gIMQ8
	2soDOU5WXMAHqWzB5kqeHBZixo7xGHupecIvGvniVRrr2esp/I3AKfxCbfJWlA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038286;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N7RiAqDapYaI216MLrDJDcCVxFmne3BZf1/8Z7bt8s0=;
	b=MCnx4PqcfGNYpGCXQnyK191b1lpXUD3lkFdaJdxGCV8b7UyYmY4BnKNLC5frStmx6pSOhc
	Z90ITXCg1bs87/qZzoA+G3dymk888iUDMLtUTyJc3V7CfjoVFCDXDQ2uqhJXiyUv9fPjIS
	V6zZPCnM08DhaG9tODxOGV57a+mOghj8meqx3ejZB2J8c+UBca0qa6aaZ2jbmb41M8dhUA
	Rei3rscUD/9kmbD1Q9AU4Z6MY6ub05epEdve7kb188nPsUCIXp4PLkSXSWv5C1wN3msL4a
	Q+sUe1R3g1cIs+XPzY1okZcYjmAQ2DvckzvFDbgwzF/WEdRBZxJ9BJEsuPP7wA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHf3tmBzsgg;
	Wed,  7 Aug 2024 13:44:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Dikm8034334;
	Wed, 7 Aug 2024 13:44:46 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dikbx034331;
	Wed, 7 Aug 2024 13:44:46 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:46 GMT
Message-Id: <202408071344.477Dikbx034331@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: ca9580967e74 - releng/14.0 - pf: allow MLD LR to be
  sent without state
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: ca9580967e7406bb23aa482f94a3c6a02ecbe6a1
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=ca9580967e7406bb23aa482f94a3c6a02ecbe6a1

commit ca9580967e7406bb23aa482f94a3c6a02ecbe6a1
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:36:18 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:31:30 +0000

    pf: allow MLD LR to be sent without state
    
    Change PF behavior to allow MLD Listener Report packets to be sent
    without needing a previously created state by MLD Listener Query. It
    wasn't working because: (1) you might not have a previous MLD Listener
    Query and (2) the addresses of the Query and Report don't match.
    
    ok mikeb@, sashan@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, rzalamena <rzalamena@openbsd.org>, 5c526dbdb0f2
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 1afe4da75d1d2acd33b25eea942af28aa41c82c2)
    (cherry picked from commit 3382c691dc6a0d4e1f39ff67b5507f6542972498)
---
 sys/netpfil/pf/pf.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 72814861f35f..cf1c83aceff7 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1804,8 +1804,15 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 			break;
 
 		case MLD_LISTENER_QUERY:
-			*icmp_dir = PF_IN;
 		case MLD_LISTENER_REPORT: {
+			/*
+			 * Listener Report can be sent by clients
+			 * without an associated Listener Query.
+			 * In addition to that, when Report is sent as a
+			 * reply to a Query its source and destination
+			 * address are different.
+			 */
+			*icmp_dir = PF_IN;
 			*virtual_type = MLD_LISTENER_QUERY;
 			*virtual_id = 0;
 			break;

From nobody Wed Aug  7 13:44:47 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHg6Bf8z5S93N;
	Wed, 07 Aug 2024 13:44:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHg4kh2z4jcS;
	Wed,  7 Aug 2024 13:44:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038287;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oFmBx1+itiSfFrHkZ2tkzuIgIOOpj3D1rSKY07HiF9I=;
	b=kfAjlML7EoTZd6nTvL50UJJ1g5h9AxdUOlPqqvC8D1DUWH4eGUWOzCk7PwQzzUkjTJumUs
	/Z6tL6xGXLkdx8ipGS1Idfqk8dvXbM1ruIEaqdLr13PQFF7j/ib/il27llbmhQ6+GnUaQG
	1sVl58EDsqmACzCUaKHhJfvBkVITqjD0kGfBZ0w1oB9PAtW/pDsyKdGNi0wWdt8gq1uPsF
	HpO9BMbh2bbozck8m7TBwtXyL38dPJZY0JnQLWjhTKuQta58iqcc8RT06AbBC4sR9hPgYN
	0RSWtWFIwD4C6NuUPoPqve0EPNpGuGrlau/iY8bJwfcSaiDLHtG5m+Y/HA6Zyg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038287; a=rsa-sha256; cv=none;
	b=n/HgVYamnPf3jdGYhcHQJucUZcehHuWszHPl6mph4/Oude6AL4wZzkc5+/ZYJTXfngroQE
	aAbvRjjC8PA8RPdiqEyq/sCWDCOlKoNBcjLLV6VI251H6V22gyu8jxvLfqyn5j1ZH3/Mbm
	wjQ2gxVrTEuTCy+ESgnZt2AwKAe2ogiXRH8EJpA36e+5izXpexSc4aziFgyjzUzpFh0+Dy
	C/IK6kK+h/RxMdwMbg5E7+T78ATQ41IeFOilgjdhB6r3DPj+REehksz1lwALghG1v26n84
	Qq/WJ+1uPIc/iDXgt2MfOeinmB7WyFwVdVJtPINqIM8l+2l+Gi31XM35VeBedQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038287;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oFmBx1+itiSfFrHkZ2tkzuIgIOOpj3D1rSKY07HiF9I=;
	b=JdtXlgGhSfPQt3J2hMZHMjrhXw2buv58fVUei3FbDljNnVDity3N/Tn4Un1v/B6dzx+LUg
	ECzXom+h92xHyeDC3cBSJFijnvw0BRlQuqTpzacITqPknMm7ZOWglWPkBrPpMzW3Wsrpd5
	uvTrJjbjKd2+pQcx1B4uiBSrrd5OqYu83H6oM83pXmFgBjM6DC4yf8qHvpsX3NO+DrRCUU
	ZOzTCRvjnQhgST7Ueeuupm5pv4XSQGRwUA5iawMK2u8nvfdZcWkK3jK9AHpYZ+fPczpOXV
	3qpHWgJ8loUwhv2YxWFzKBBF4hpJ+eWierx4m9xYIY+gMJ+SDay2P9cAWSaeFQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHg4DXfzt3x;
	Wed,  7 Aug 2024 13:44:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DilDx034379;
	Wed, 7 Aug 2024 13:44:47 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiloC034376;
	Wed, 7 Aug 2024 13:44:47 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:47 GMT
Message-Id: <202408071344.477DiloC034376@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c39fb98e4740 - releng/14.0 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: c39fb98e47400b0808a49628d0c57489e8a5a8ee
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c39fb98e47400b0808a49628d0c57489e8a5a8ee

commit c39fb98e47400b0808a49628d0c57489e8a5a8ee
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:35 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Security:       FreeBSD-SA-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
    (cherry picked from commit 8b400c8488f0b9e67ae269f6d8e5022a3bc7d854)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 01158c2c238f..196450af2c84 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -593,7 +593,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Wed Aug  7 13:44:48 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHj22Gjz5S99l;
	Wed, 07 Aug 2024 13:44:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHh5w6vz4jcf;
	Wed,  7 Aug 2024 13:44:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038288;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YKAMAW70giEoU1tDR84ojPYmqnNMl9jFqKtfZiOYxXs=;
	b=wdBBmn0ffI3H28gppY4hxi8nmHPw6qmVKgYZXKPUaeQ4W4H7bvjxzjxYZ5KzjmhqEurdNd
	k475fuPOMpYC1pFB+dxjUfGFSvS8lXtcuYApUVNsHPMsUEPiCA2gHdcdI+jMrYn/miZmYt
	OLUJ4dzG63uBcw4Wz6WQYNk+Uw0M/JZGFqTdB9EcKziZX6IgMaG3BJs4itztyfZaJgqPA9
	P4hIgJzu7cZIFmycI8dxXU7gDHSiJs1Gzvm9c7M7eyhr6OS4iWKUTyljmsW6tWWOf6Npcc
	E5CThTa3aCrTW8RxLqS/l3SUb1jLyan0a+OrYMWiqduYEj/D0y8TyA7d8D1NyQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038288; a=rsa-sha256; cv=none;
	b=Gebt8IHM9lx5E4a2s4KLb/Q8f6Xk8WdRP3UPKDa8QZTxJrFdEnPvxyMnjaJnU+2v944bMv
	QghNQQ69b4ytaff4OZvVE+JTLgAnnNHsyewdT0eCz54j/LB6hlZKRqMoSFtzNIkWWwed1S
	z//274ah/vz+Mvk6UbqaNgFlLfkVZEoBbcxRo2j4WGW9Mxo3OT+f90Juj+fZNugWH8z8Js
	1S/S9GbV9mMv4U9KItd1SB3UTW4agw43qYChBoK+l9nwJOq9RTFMjrDyWxXeLJ64bHmtBR
	uYReSvBxpt8Amd3z+sG2lJ4fz6vie+G0PmuRNLMcyMtZPTFXCzKzKJqv/ehOnw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038288;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YKAMAW70giEoU1tDR84ojPYmqnNMl9jFqKtfZiOYxXs=;
	b=VT9odTZMAa2IY7Aq3DCQNth4eIa4bubxxqT0187+UiukH7Mbz2DwWg9+WJhP1YHMhI+XOn
	xU/Hls2WzlidNs/BI1heemotN9q9Gosr7zB/BPwcOefQj4B6iSNHBXU8NUAmgJUyaGTebY
	S51pDKwgqe9Gnbpn0Sl0r6w7ml9mZjVZfBho3jx35YvSj0CwcD9PPXSfOGw5UgPvaanuLG
	o7oK3mCbbou7ZogzkDFMGkpsSoZCnPOtVQCOgpQHKU9iJu8XqVtGau6Lqgmz66aUIbHUhp
	Hc6khNhxYYIjFIMNHI8GSXWyf1qvQMO2vy8gKoZgZKU7d8Ti2hb6xBbUpNs1gw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHh5WsJzspM;
	Wed,  7 Aug 2024 13:44:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DimKE034430;
	Wed, 7 Aug 2024 13:44:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dimrn034427;
	Wed, 7 Aug 2024 13:44:48 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:48 GMT
Message-Id: <202408071344.477Dimrn034427@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 9020582c32ed - releng/14.0 - Add UPDATING entries and
  bump the branch version
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 9020582c32ed0901385ef706fd96db0ad8f629b0
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=9020582c32ed0901385ef706fd96db0ad8f629b0

commit 9020582c32ed0901385ef706fd96db0ad8f629b0
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-06 23:08:58 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:38 +0000

    Add UPDATING entries and bump the branch version
    
    Approved by:    so
---
 UPDATING            | 17 +++++++++++++++++
 sys/conf/newvers.sh |  2 +-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index c786fe74c829..dda09f1d5226 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,23 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20240807:
+	14.0-RELEASE-p9	EN-24:14.ifconfig
+			SA-24:05.pf
+			SA-24:06.ktrace
+			SA-24:07.nfsclient
+			SA-24:08.openssh
+
+	Incorrect ifconfig netmask assignment [EN-24:14.ifconfig]
+
+	pf incorrectly matches different ICMPv6 states in the state table [SA-24:05.pf]
+
+	ktrace(2) fails to detach when executing a setuid binary [SA-24:06.ktrace]
+
+	NFS client accepts file names containing path separators [SA-24:07.nfsclient]
+
+	OpenSSH pre-authentication async signal safety issue [SA-24:08.openssh]
+
 20240701:
 	14.0-RELEASE-p8 SA-24:04.openssh
 
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index d566b1b8f6c5..b13f7b741ea6 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="14.0"
-BRANCH="RELEASE-p8"
+BRANCH="RELEASE-p9"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Wed Aug  7 13:44:52 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHn11qbz5S9LM;
	Wed, 07 Aug 2024 13:44:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHm5sjxz4jdF;
	Wed,  7 Aug 2024 13:44:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038292;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6ssOh0VlVGLt2Znpe/kY4Z+7jOBABBe/mZnESWordA0=;
	b=BWWj0oU3n/Xz+U+gYLopcywH9XWjzOWioFCfd1x2rHGRCjogH+bafOV9KYVBEFWygCTMR3
	PyK1atf6e0IFF0amwNapZO8UFPoaz3pSO/fv5Ah4Br95NWXKfnbVxnsP9Nyh1ZO4rn35pl
	qskjz8ZJrpqHw8JruwO/mxX02sBPZ1Wb12f/j1pFM/6IZ/hzNxkpzcs//uIbwNniKAmxCg
	d5uCa5G9+6VTrhDQUgs+vGY0VQKbbuvHy6pOORoqUNAMpn9G/bhwwrgezRWzyq6Px+NZmx
	CT8N8evAA11na4fTzn917QATAoQEPGwCSQyqM0jjZoNcWjte+PJcNYsyKOB2zA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038292; a=rsa-sha256; cv=none;
	b=LWqyNBFSQ87kAc3x9KWxPJTlVdd1eZdmkOViF3VXxeTvXzhF5p/kuRS7qZHoJpAvz44gmO
	QT80GmPL9v67HawiFLGe+mtW40E/wHOJ+Z+fu3ex/UkK3gRPoa4dUlo+5xi1xCqmfJBV9a
	FNJPwYas4L0LGRE4Wz7UCnqSSKhxW5Az3nprkCLAXeZYSJUJDz4pLJFbtvSIZl6hMb+TMl
	z2IW7GuK09HV1YO8uHI+U0SGW+FoqaV9fDJ5Rw3Ikl4mAvlDp4qOzgnbmPCn7vKh0/qh6j
	Zt6q+YG0rqGdFCy3pZ4UYlOetvm9Ukelgl46GhjJq4d3R/9+QGA20Ks4PnolqQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038292;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6ssOh0VlVGLt2Znpe/kY4Z+7jOBABBe/mZnESWordA0=;
	b=ahz5q2w/0iF9z6VXe6G2zSlDk5/FDL9ZvSxGRYZ59lmH7l2AzwIxmzs1jpv+BuIAP4oCEp
	MhDqDvXpYE1pcGWDL6XtypVEbIXVdmhBHv5OCWtEKbVOeshduPeYUOtp8iu58OoSy0pgIj
	IYHrMDovHmraV/RKOACpGqlJodIGB1645KzF6zNASwUlJfCi6K7kFe5PSjQbTZMV2O5G2e
	Aa8eiv+zxa3sJ74g6Lg/G0D6x6djXh4JmJCQPr5UkUqPW/NAZKaPPLNxiSdeN+/AMOj/7f
	/16cR6Ly/9/GmHs13wf7Wn7YtbjgmENY07xDu2ooGJf79wOW96VzQjgnBMw1WA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHm5TsYzt3y;
	Wed,  7 Aug 2024 13:44:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Diq8X034647;
	Wed, 7 Aug 2024 13:44:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiquT034644;
	Wed, 7 Aug 2024 13:44:52 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:52 GMT
Message-Id: <202408071344.477DiquT034644@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 3d5cb2b9a97c - releng/13.3 - nfscl: Scan readdir reply
  filenames for invalid characters
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: 3d5cb2b9a97c54ae013568a358f24e8eca51c75f
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=3d5cb2b9a97c54ae013568a358f24e8eca51c75f

commit 3d5cb2b9a97c54ae013568a358f24e8eca51c75f
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2024-07-21 22:56:16 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:00 +0000

    nfscl: Scan readdir reply filenames for invalid characters
    
    The NFS RFCs are pretty loose with respect to what characters
    can be in a filename returned by a Readdir.  However, FreeBSD,
    as a POSIX system will not handle imbedded '/' or nul characters
    in file names.  Also, for NFSv4, the file names "." and ".."
    are handcrafted on the client and should not be returned by a
    NFSv4 server.
    
    This patch scans for the above in filenames returned by Readdir and
    ignores any entry returned by Readdir which has them in it.
    Because an imbedded nul would be a string terminator, it was
    not possible to code this check efficiently using string(3)
    functions.
    
    Approved by:    so
    Security:       FreeBSD-SA-24:07.nfsclient
    Security:       CVE-2024-6759
    Reported by:    Apple Security Engineering and Architecture (SEAR)
    
    (cherry picked from commit 026cdaa3b3a92574d9ac3155216e5cc0b0bd4c51)
    (cherry picked from commit 0172b5145ad9435569978ed4d268b9f65ac59526)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 137 ++++++++++++++++++++++++++++++++--------
 1 file changed, 110 insertions(+), 27 deletions(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 899d81efcf7c..c49f19fb0450 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -140,6 +140,7 @@ static int nfsrpc_createv4(vnode_t , char *, int, struct vattr *,
     nfsquad_t, int, struct nfsclowner *, struct nfscldeleg **, struct ucred *,
     NFSPROC_T *, struct nfsvattr *, struct nfsvattr *, struct nfsfh **, int *,
     int *, void *, int *);
+static bool nfscl_invalidfname(bool, char *, int);
 static int nfsrpc_locku(struct nfsrv_descript *, struct nfsmount *,
     struct nfscllockowner *, u_int64_t, u_int64_t,
     u_int32_t, struct ucred *, NFSPROC_T *, int);
@@ -2997,6 +2998,31 @@ nfsrpc_rmdir(vnode_t dvp, char *name, int namelen, struct ucred *cred,
 	return (error);
 }
 
+/*
+ * Check to make sure the file name in a Readdir reply is valid.
+ */
+static bool
+nfscl_invalidfname(bool is_v4, char *name, int len)
+{
+	int i;
+	char *cp;
+
+	if (is_v4 && ((len == 1 && name[0] == '.') ||
+	    (len == 2 && name[0] == '.' && name[1] == '.'))) {
+		printf("Readdir NFSv4 reply has dot or dotdot in it\n");
+		return (true);
+	}
+	cp = name;
+	for (i = 0; i < len; i++, cp++) {
+		if (*cp == '/' || *cp == '\0') {
+			printf("Readdir reply file name had imbedded / or nul"
+			    " byte\n");
+			return (true);
+		}
+	}
+	return (false);
+}
+
 /*
  * Readdir rpc.
  * Always returns with either uio_resid unchanged, if you are at the
@@ -3049,6 +3075,8 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdir: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	/*
 	 * There is no point in reading a lot more than uio_resid, however
@@ -3307,6 +3335,17 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -3322,20 +3361,35 @@ nfsrpc_readdir(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				uiop->uio_iov->iov_base =
 				    (char *)uiop->uio_iov->iov_base + DIRHDSIZ;
 				uiop->uio_iov->iov_len -= DIRHDSIZ;
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)
@@ -3503,6 +3557,8 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 	KASSERT(uiop->uio_iovcnt == 1 &&
 	    (uiop->uio_resid & (DIRBLKSIZ - 1)) == 0,
 	    ("nfs readdirplusrpc bad uio"));
+	KASSERT(uiop->uio_segflg == UIO_SYSSPACE,
+	    ("nfsrpc_readdirplus: uio userspace"));
 	ncookie.lval[0] = ncookie.lval[1] = 0;
 	timespecclear(&dctime);
 	*attrflagp = 0;
@@ -3738,6 +3794,17 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 			    uiop->uio_resid)
 				bigenough = 0;
 			if (bigenough) {
+				struct iovec saviov;
+				off_t savoff;
+				ssize_t savresid;
+				int savblksiz;
+
+				saviov.iov_base = uiop->uio_iov->iov_base;
+				saviov.iov_len = uiop->uio_iov->iov_len;
+				savoff = uiop->uio_offset;
+				savresid = uiop->uio_resid;
+				savblksiz = blksiz;
+
 				dp = (struct dirent *)uiop->uio_iov->iov_base;
 				dp->d_pad0 = dp->d_pad1 = 0;
 				dp->d_off = 0;
@@ -3756,25 +3823,41 @@ nfsrpc_readdirplus(vnode_t vp, struct uio *uiop, nfsuint64 *cookiep,
 				cnp->cn_nameptr = uiop->uio_iov->iov_base;
 				cnp->cn_namelen = len;
 				NFSCNHASHZERO(cnp);
+				cp = uiop->uio_iov->iov_base;
 				error = nfsm_mbufuio(nd, uiop, len);
 				if (error)
 					goto nfsmout;
-				cp = uiop->uio_iov->iov_base;
-				tlen -= len;
-				NFSBZERO(cp, tlen);
-				cp += tlen;	/* points to cookie storage */
-				tl2 = (u_int32_t *)cp;
-				if (len == 2 && cnp->cn_nameptr[0] == '.' &&
-				    cnp->cn_nameptr[1] == '.')
-					isdotdot = 1;
-				else
-					isdotdot = 0;
-				uiop->uio_iov->iov_base =
-				    (char *)uiop->uio_iov->iov_base + tlen +
-				    NFSX_HYPER;
-				uiop->uio_iov->iov_len -= tlen + NFSX_HYPER;
-				uiop->uio_resid -= tlen + NFSX_HYPER;
-				uiop->uio_offset += (tlen + NFSX_HYPER);
+				/* Check for an invalid file name. */
+				if (nfscl_invalidfname(
+				    (nd->nd_flag & ND_NFSV4) != 0, cp, len)) {
+					/* Skip over this entry. */
+					uiop->uio_iov->iov_base =
+					    saviov.iov_base;
+					uiop->uio_iov->iov_len =
+					    saviov.iov_len;
+					uiop->uio_offset = savoff;
+					uiop->uio_resid = savresid;
+					blksiz = savblksiz;
+				} else {
+					cp = uiop->uio_iov->iov_base;
+					tlen -= len;
+					NFSBZERO(cp, tlen);
+					cp += tlen; /* points to cookie store */
+					tl2 = (u_int32_t *)cp;
+					if (len == 2 &&
+					    cnp->cn_nameptr[0] == '.' &&
+					    cnp->cn_nameptr[1] == '.')
+						isdotdot = 1;
+					else
+						isdotdot = 0;
+					uiop->uio_iov->iov_base =
+					    (char *)uiop->uio_iov->iov_base +
+					    tlen + NFSX_HYPER;
+					uiop->uio_iov->iov_len -= tlen +
+					    NFSX_HYPER;
+					uiop->uio_resid -= tlen + NFSX_HYPER;
+					uiop->uio_offset += (tlen + NFSX_HYPER);
+				}
 			} else {
 				error = nfsm_advance(nd, NFSM_RNDUP(len), -1);
 				if (error)

From nobody Wed Aug  7 13:44:53 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHp1wbWz5S99w;
	Wed, 07 Aug 2024 13:44:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHn6JwKz4jq4;
	Wed,  7 Aug 2024 13:44:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038293;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=12jHmcDb9XXIdgXgVVh/JqG5CUU0rkOd+C7CeNb9qAQ=;
	b=fW3KWwETrErIlgyeqbkdh3nJ/USJks50j5L5hKIxQcE1WbLSj+vDSgHJYEeS8n7WAQQJ7h
	R+NAs5dtnSQt2H8HKEmd4HEudKUFAxxB7JCYmMZidOZ+jpLAqXd5FUu1QazKXRPQ5VpLuo
	huN9v3G0NF5cc+1lMozLt9hy5n5eQAJD6Q/tWXgZ9yirJIUTn7mN1UrZCOYbqc+s7K4fbK
	lHQOcYMG4RHfgMe6be2Y5M/3L5SRB80n+/DYJSOn1wPeahmzrM3HfxjgE3ppLXCpSrGOrD
	W8l4PNcqEQVUIqjfplrmqR8uJGUIcQ7u6+kAOgfnEmEgSd56SYkVHqpkqg1y7w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038293; a=rsa-sha256; cv=none;
	b=ie/WCJNcbml1EHJWRGWOsyTsIDZIyMAIAsw9VTmP3OoSX3GcxHgZe6BwPZjCozi/+1WjNn
	ERrjF6wB9jGUe4nVRlshIee9zZY8BZtW8NEoP7loSvUcrs97RxHF1MqyuKCWy04gx1n87B
	mWdmYvsZf/LkfnXQkUEOY6gSL5or7iRNMcxj9/apjCjd7a+uXQLEUjsRFCZJYlO6+Wj3Ve
	vcAnnPKI1ak7uGMFqJKuvB7HduWhvDh7dkmtcZdYzD5xkNxdY860O8mLPmmPxy0S33GIt7
	8ondJK6/VXSYXpNMWr+haBAcwObonpDrH2zg+ecP3J3zrM4GqEkSr3C1/JJejQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038293;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=12jHmcDb9XXIdgXgVVh/JqG5CUU0rkOd+C7CeNb9qAQ=;
	b=ifh0wdrCQUi3BTOkB/GB4wRw8GjnaVfVZa9LhhGLg4m9TCgfXo3SvishBawr+o9ifYCP+I
	XX4TOUVNQA3hTJn0tYqo7FSRSmKRLHixA4V89bVMYFwtXx/4D84dlMXBI0am+W8P/+wGZl
	/tgillRWa6MjS55+DnI+qPFFank8ebXYovf9ZqJskfKDK/+HXa/dKBRd65VhmKd/QFvUxR
	UyRFgKt4435LC9Xr1z5ryDkGWrg4dTeWMBX1HVrWxIwYTq4SBrsTgtJP4jNE7SzHT8nN3W
	oyGFpVvvfaB6HHucwWyi/JdUuvYp29TKOs/3608Veu3LJz5igRyDBItyPIc47g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHn5wW9zsVB;
	Wed,  7 Aug 2024 13:44:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DirYT034701;
	Wed, 7 Aug 2024 13:44:53 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dir9T034698;
	Wed, 7 Aug 2024 13:44:53 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:53 GMT
Message-Id: <202408071344.477Dir9T034698@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: e576536cbae1 - releng/13.3 - pf: stricter state
  checking for ICMP and ICMPv6 packets
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: e576536cbae157692116df6639e7c7cc643accad
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=e576536cbae157692116df6639e7c7cc643accad

commit e576536cbae157692116df6639e7c7cc643accad
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-09 13:59:33 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:13 +0000

    pf: stricter state checking for ICMP and ICMPv6 packets
    
    Include
    the ICMP type in one port of the state key, using the type to determine which
    side should be the id, and which should be the type.
    
    Also:
    - Handle ICMP6 messages which are typically sent to multicast addresses but
     recieve unicast replies, by doing fallthrough lookups against the correct
     multicast address.
    - Clear up some mistaken assumptions in the PF code:
      - Not all ICMP packets have an icmp_id, so simulate one based on other
        data if we can, otherwise set it to 0.
     - Don't modify the icmp id field in NAT unless it's echo
     - Use the full range of possible id's when NATing icmp6 echoy
    
    ok henning marco
    testing matthieu todd
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 70bf7555ef4c
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 534ee17e61ee094ec175703bc50e88ff6587703e)
---
 sys/netpfil/pf/pf.c    | 380 ++++++++++++++++++++++++++++++++++++++-----------
 sys/netpfil/pf/pf_lb.c |  19 ++-
 2 files changed, 316 insertions(+), 83 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index e03fcbbe37a9..1bdc695f698c 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -276,6 +276,8 @@ static void		 pf_change_ap(struct mbuf *, struct pf_addr *, u_int16_t *,
 			    u_int16_t, u_int8_t, sa_family_t);
 static int		 pf_modulate_sack(struct mbuf *, int, struct pf_pdesc *,
 			    struct tcphdr *, struct pf_state_peer *);
+int			 pf_icmp_mapping(struct pf_pdesc *, u_int8_t, int *,
+			    int *, u_int16_t *, u_int16_t *);
 static void		 pf_change_icmp(struct pf_addr *, u_int16_t *,
 			    struct pf_addr *, struct pf_addr *, u_int16_t,
 			    u_int16_t *, u_int16_t *, u_int16_t *,
@@ -316,6 +318,10 @@ static int		 pf_test_state_tcp(struct pf_kstate **, int,
 static int		 pf_test_state_udp(struct pf_kstate **, int,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *);
+int			 pf_icmp_state_lookup(struct pf_state_key_cmp *,
+			    struct pf_pdesc *, struct pf_kstate **, struct mbuf *,
+			    int, struct pfi_kkif *, u_int16_t, u_int16_t,
+			    int, int *, int);
 static int		 pf_test_state_icmp(struct pf_kstate **, int,
 			    struct pfi_kkif *, struct mbuf *, int,
 			    void *, struct pf_pdesc *, u_short *);
@@ -369,6 +375,7 @@ extern int pf_end_threads;
 extern struct proc *pf_purge_proc;
 
 VNET_DEFINE(struct pf_limit, pf_limits[PF_LIMIT_MAX]);
+enum { PF_ICMP_MULTI_NONE, PF_ICMP_MULTI_SOLICITED, PF_ICMP_MULTI_LINK };
 
 #define	PACKET_UNDO_NAT(_m, _pd, _off, _s, _dir)		\
 	do {								\
@@ -1689,6 +1696,142 @@ pf_isforlocal(struct mbuf *m, int af)
 	return (false);
 }
 
+int
+pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
+    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+{
+	/*
+	 * ICMP types marked with PF_OUT are typically responses to
+	 * PF_IN, and will match states in the opposite direction.
+	 * PF_IN ICMP types need to match a state with that type.
+	 */
+	*icmp_dir = PF_OUT;
+	*multi = PF_ICMP_MULTI_LINK;
+	/* Queries (and responses) */
+	switch (type) {
+	case ICMP_ECHO:
+		*icmp_dir = PF_IN;
+	case ICMP_ECHOREPLY:
+		*icmptype = ICMP_ECHO;
+		*icmpid = pd->hdr.icmp.icmp_id;
+		break;
+
+	case ICMP_TSTAMP:
+		*icmp_dir = PF_IN;
+	case ICMP_TSTAMPREPLY:
+		*icmptype = ICMP_TSTAMP;
+		*icmpid = 0; /* Time is not a secret. */
+		break;
+
+	case ICMP_IREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_IREQREPLY:
+		*icmptype = ICMP_IREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MASKREQ:
+		*icmp_dir = PF_IN;
+	case ICMP_MASKREPLY:
+		*icmptype = ICMP_MASKREQ;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_IPV6_WHEREAREYOU:
+		*icmp_dir = PF_IN;
+	case ICMP_IPV6_IAMHERE:
+		*icmptype = ICMP_IPV6_WHEREAREYOU;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_MOBILE_REGREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP_MOBILE_REGREPLY:
+		*icmptype = ICMP_MOBILE_REGREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ICMP_ROUTERSOLICIT:
+		*icmp_dir = PF_IN;
+	case ICMP_ROUTERADVERT:
+		*icmptype = ICMP_ROUTERSOLICIT;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+#ifdef INET6
+	case ICMP6_ECHO_REQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_ECHO_REPLY:
+		*icmptype = ICMP6_ECHO_REQUEST;
+		*icmpid = pd->hdr.icmp6.icmp6_id;
+		break;
+
+	case MLD_LISTENER_QUERY:
+		*icmp_dir = PF_IN;
+	case MLD_LISTENER_REPORT: {
+		*icmptype = MLD_LISTENER_QUERY;
+		*icmpid = 0;
+		break;
+	}
+
+	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
+	case ICMP6_WRUREQUEST:
+		*icmp_dir = PF_IN;
+	case ICMP6_WRUREPLY:
+		*icmptype = ICMP6_WRUREQUEST;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case MLD_MTRACE:
+		*icmp_dir = PF_IN;
+	case MLD_MTRACE_RESP:
+		*icmptype = MLD_MTRACE;
+		*icmpid = 0; /* Nothing sane to match on! */
+		break;
+
+	case ND_NEIGHBOR_SOLICIT:
+		*icmp_dir = PF_IN;
+	case ND_NEIGHBOR_ADVERT: {
+		*icmptype = ND_NEIGHBOR_SOLICIT;
+		*multi = PF_ICMP_MULTI_SOLICITED;
+		*icmpid = 0;
+		break;
+	}
+
+#endif /* INET6 */
+	/* These ICMP types map to other connections */
+	case ICMP_UNREACH:
+	case ICMP_SOURCEQUENCH:
+	case ICMP_REDIRECT:
+	case ICMP_TIMXCEED:
+	case ICMP_PARAMPROB:
+#ifdef INET6
+	/*
+	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
+	 * ND_REDIRECT can't be in this list because the triggering packet
+	 * header is optional.
+	 */
+	case ICMP6_PACKET_TOO_BIG:
+#endif /* INET6 */
+		/* These will not be used, but set them anyways */
+		*icmp_dir = PF_IN;
+		*icmptype = htons(type);
+		*icmpid = 0;
+		return (1);	/* These types are matched to other state */
+	/*
+	 * All remaining ICMP types get their own states,
+	 * and will only match in one direction.
+	 */
+	default:
+		*icmp_dir = PF_IN;
+		*icmptype = type;
+		*icmpid = 0;
+		break;
+	}
+	HTONS(*icmptype);
+	return (0);
+}
+
 void
 pf_intr(void *v)
 {
@@ -3851,8 +3994,8 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 	int			 tag = -1, rtableid = -1;
 	int			 asd = 0;
 	int			 match = 0;
-	int			 state_icmp = 0;
-	u_int16_t		 sport = 0, dport = 0;
+	int			 state_icmp = 0, icmp_dir, multi;
+	u_int16_t		 sport = 0, dport = 0, virtual_type, virtual_id;
 	u_int16_t		 bproto_sum = 0, bip_sum = 0;
 	u_int8_t		 icmptype = 0, icmpcode = 0;
 	struct pf_kanchor_stackframe	anchor_stack[PF_ANCHOR_STACKSIZE];
@@ -3886,33 +4029,37 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 	case IPPROTO_ICMP:
 		if (pd->af != AF_INET)
 			break;
-		sport = dport = pd->hdr.icmp.icmp_id;
 		hdrlen = sizeof(pd->hdr.icmp);
 		icmptype = pd->hdr.icmp.icmp_type;
 		icmpcode = pd->hdr.icmp.icmp_code;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		if (af != AF_INET6)
 			break;
-		sport = dport = pd->hdr.icmp6.icmp6_id;
 		hdrlen = sizeof(pd->hdr.icmp6);
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+		state_icmp = pf_icmp_mapping(pd, icmptype,
+		    &icmp_dir, &multi, &virtual_id, &virtual_type);
+		if (icmp_dir == PF_IN) {
+			sport = virtual_id;
+			dport = virtual_type;
+		} else {
+			sport = virtual_type;
+			dport = virtual_id;
+		}
 
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	default:
@@ -4001,7 +4148,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 		}
 #ifdef INET
 		case IPPROTO_ICMP:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET))
 				pf_change_a(&saddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->sidx].v4.s_addr, 0);
@@ -4010,11 +4156,12 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (nk->port[1] != pd->hdr.icmp.icmp_id) {
+			if (virtual_type == ICMP_ECHO &&
+			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
-				    nk->port[1], 0);
-				pd->hdr.icmp.icmp_id = nk->port[1];
+				    nk->port[pd->sidx], 0);
+				pd->hdr.icmp.icmp_id = nk->port[pd->sidx];
 				pd->sport = &pd->hdr.icmp.icmp_id;
 			}
 			m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
@@ -4022,7 +4169,6 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 #endif /* INET */
 #ifdef INET6
 		case IPPROTO_ICMPV6:
-			nk->port[0] = nk->port[1];
 			if (PF_ANEQ(saddr, &nk->addr[pd->sidx], AF_INET6))
 				pf_change_a6(saddr, &pd->hdr.icmp6.icmp6_cksum,
 				    &nk->addr[pd->sidx], 0);
@@ -5812,15 +5958,73 @@ pf_multihome_scan_asconf(struct mbuf *m, int start, int len,
 	return (pf_multihome_scan(m, start, len, pd, kif, SCTP_ADD_IP_ADDRESS));
 }
 
+int
+pf_icmp_state_lookup(struct pf_state_key_cmp *key, struct pf_pdesc *pd,
+    struct pf_kstate **state, struct mbuf *m, int direction, struct pfi_kkif *kif,
+    u_int16_t icmpid, u_int16_t type, int icmp_dir, int *iidx, int multi)
+{
+	key->af = pd->af;
+	key->proto = pd->proto;
+	if (icmp_dir == PF_IN) {
+		*iidx = pd->sidx;
+		key->port[pd->sidx] = icmpid;
+		key->port[pd->didx] = type;
+	} else {
+		*iidx = pd->didx;
+		key->port[pd->sidx] = type;
+		key->port[pd->didx] = icmpid;
+	}
+	if (pd->af == AF_INET6 && multi != PF_ICMP_MULTI_NONE) {
+		switch (multi) {
+		case PF_ICMP_MULTI_SOLICITED:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = IPV6_ADDR_INT32_ONE;
+			key->addr[pd->sidx].addr32[3] = pd->src->addr32[3];
+			key->addr[pd->sidx].addr8[12] = 0xff;
+			break;
+		case PF_ICMP_MULTI_LINK:
+			key->addr[pd->sidx].addr32[0] = IPV6_ADDR_INT32_MLL;
+			key->addr[pd->sidx].addr32[1] = 0;
+			key->addr[pd->sidx].addr32[2] = 0;
+			key->addr[pd->sidx].addr32[3] = IPV6_ADDR_INT32_ONE;
+			break;
+		}
+	} else
+		PF_ACPY(&key->addr[pd->sidx], pd->src, key->af);
+	PF_ACPY(&key->addr[pd->didx], pd->dst, key->af);
+
+	STATE_LOOKUP(kif, key, direction, *state, pd);
+
+	/* Is this ICMP message flowing in right direction? */
+	if ((*state)->rule.ptr->type &&
+	    (((*state)->direction == direction) ?
+	    PF_IN : PF_OUT) != icmp_dir) {
+		if (V_pf_status.debug >= PF_DEBUG_MISC) {
+			printf("pf: icmp type %d in wrong direction (%d): ",
+			    icmp_dir, pd->dir);
+			pf_print_state(*state);
+			printf("\n");
+		}
+		return (PF_DROP);
+	}
+	return (-1);
+}
+
 static int
 pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif,
     struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason)
 {
 	struct pf_addr  *saddr = pd->src, *daddr = pd->dst;
-	u_int16_t	 icmpid = 0, *icmpsum;
+	u_int16_t	*icmpsum, virtual_id, virtual_type;
 	u_int8_t	 icmptype, icmpcode;
-	int		 state_icmp = 0;
+	int		 icmp_dir, iidx, ret, multi;
 	struct pf_state_key_cmp key;
+#ifdef INET
+	u_int16_t	 icmpid;
+#endif
+
+	MPASS(*state == NULL);
 
 	bzero(&key, sizeof(key));
 	switch (pd->proto) {
@@ -5830,49 +6034,43 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 		icmpcode = pd->hdr.icmp.icmp_code;
 		icmpid = pd->hdr.icmp.icmp_id;
 		icmpsum = &pd->hdr.icmp.icmp_cksum;
-
-		if (icmptype == ICMP_UNREACH ||
-		    icmptype == ICMP_SOURCEQUENCH ||
-		    icmptype == ICMP_REDIRECT ||
-		    icmptype == ICMP_TIMXCEED ||
-		    icmptype == ICMP_PARAMPROB)
-			state_icmp++;
 		break;
 #endif /* INET */
 #ifdef INET6
 	case IPPROTO_ICMPV6:
 		icmptype = pd->hdr.icmp6.icmp6_type;
 		icmpcode = pd->hdr.icmp6.icmp6_code;
+#ifdef INET
 		icmpid = pd->hdr.icmp6.icmp6_id;
+#endif
 		icmpsum = &pd->hdr.icmp6.icmp6_cksum;
-
-		if (icmptype == ICMP6_DST_UNREACH ||
-		    icmptype == ICMP6_PACKET_TOO_BIG ||
-		    icmptype == ICMP6_TIME_EXCEEDED ||
-		    icmptype == ICMP6_PARAM_PROB)
-			state_icmp++;
 		break;
 #endif /* INET6 */
 	}
 
-	if (!state_icmp) {
+	if (pf_icmp_mapping(pd, icmptype, &icmp_dir, &multi,
+	    &virtual_id, &virtual_type) == 0) {
 		/*
 		 * ICMP query/reply message not related to a TCP/UDP packet.
 		 * Search for an ICMP state.
 		 */
-		key.af = pd->af;
-		key.proto = pd->proto;
-		key.port[0] = key.port[1] = icmpid;
-		if (direction == PF_IN)	{	/* wire side, straight */
-			PF_ACPY(&key.addr[0], pd->src, key.af);
-			PF_ACPY(&key.addr[1], pd->dst, key.af);
-		} else {			/* stack side, reverse */
-			PF_ACPY(&key.addr[1], pd->src, key.af);
-			PF_ACPY(&key.addr[0], pd->dst, key.af);
+		ret = pf_icmp_state_lookup(&key, pd, state, m, pd->dir,
+		    kif, virtual_id, virtual_type, icmp_dir, &iidx,
+		    PF_ICMP_MULTI_NONE);
+		if (ret >= 0) {
+			if (ret == PF_DROP && pd->af == AF_INET6 &&
+			    icmp_dir == PF_OUT) {
+				if (*state != NULL)
+					PF_STATE_UNLOCK((*state));
+				ret = pf_icmp_state_lookup(&key, pd, state, m,
+				    pd->dir, kif, virtual_id, virtual_type,
+				    icmp_dir, &iidx, multi);
+				if (ret >= 0)
+					return (ret);
+			} else
+				return (ret);
 		}
 
-		STATE_LOOKUP(kif, &key, direction, *state, pd);
-
 		(*state)->expire = time_uptime;
 		(*state)->timeout = PFTM_ICMP_ERROR_REPLY;
 
@@ -5895,14 +6093,14 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 					    pd->ip_sum,
 					    nk->addr[pd->didx].v4.s_addr, 0);
 
-				if (nk->port[0] !=
+				if (nk->port[iidx] !=
 				    pd->hdr.icmp.icmp_id) {
 					pd->hdr.icmp.icmp_cksum =
 					    pf_cksum_fixup(
 					    pd->hdr.icmp.icmp_cksum, icmpid,
-					    nk->port[pd->sidx], 0);
+					    nk->port[iidx], 0);
 					pd->hdr.icmp.icmp_id =
-					    nk->port[pd->sidx];
+					    nk->port[iidx];
 				}
 
 				m_copyback(m, off, ICMP_MINLEN,
@@ -6267,13 +6465,15 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMP;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp_id;
+			icmpid = iih.icmp_id;
+			pf_icmp_mapping(&pd2, iih.icmp_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
 
-			STATE_LOOKUP(kif, &key, direction, *state, pd);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0)
+				return (ret);
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6283,21 +6483,23 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp_id)
-					pf_change_icmp(pd2.src, &iih.icmp_id,
+				    (virtual_type == ICMP_ECHO &&
+				    nk->port[iidx] != iih.icmp_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP_ECHO) ?
+					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP_ECHO) ?
+					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp_id)
-					pf_change_icmp(pd2.dst, &iih.icmp_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
-					    pd2.ip_sum, icmpsum,
-					    pd->ip_sum, 0, AF_INET);
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
+					    pd2.ip_sum, icmpsum, pd->ip_sum, 0,
+					    AF_INET);
 
 				m_copyback(m, off, ICMP_MINLEN, (caddr_t)&pd->hdr.icmp);
 				m_copyback(m, ipoff2, sizeof(h2), (caddr_t)&h2);
@@ -6319,13 +6521,25 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 				return (PF_DROP);
 			}
 
-			key.af = pd2.af;
-			key.proto = IPPROTO_ICMPV6;
-			PF_ACPY(&key.addr[pd2.sidx], pd2.src, key.af);
-			PF_ACPY(&key.addr[pd2.didx], pd2.dst, key.af);
-			key.port[0] = key.port[1] = iih.icmp6_id;
-
-			STATE_LOOKUP(kif, &key, direction, *state, pd);
+			pf_icmp_mapping(&pd2, iih.icmp6_type,
+			    &icmp_dir, &multi, &virtual_id, &virtual_type);
+			ret = pf_icmp_state_lookup(&key, &pd2, state, m,
+			    pd->dir, kif, virtual_id, virtual_type,
+			    icmp_dir, &iidx, PF_ICMP_MULTI_NONE);
+			if (ret >= 0) {
+				if (ret == PF_DROP && pd->af == AF_INET6 &&
+				    icmp_dir == PF_OUT) {
+					if (*state != NULL)
+						PF_STATE_UNLOCK((*state));
+					ret = pf_icmp_state_lookup(&key, pd,
+					    state, m, pd->dir, kif,
+					    virtual_id, virtual_type,
+					    icmp_dir, &iidx, multi);
+					if (ret >= 0)
+						return (ret);
+				} else
+					return (ret);
+			}
 
 			/* translate source/destination address, if necessary */
 			if ((*state)->key[PF_SK_WIRE] !=
@@ -6335,19 +6549,21 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    nk->port[pd2.sidx] != iih.icmp6_id)
-					pf_change_icmp(pd2.src, &iih.icmp6_id,
+				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    nk->port[pd2.sidx] != iih.icmp6_id))
+					pf_change_icmp(pd2.src,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    nk->port[pd2.sidx], NULL,
+					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
 				if (PF_ANEQ(pd2.dst,
-				    &nk->addr[pd2.didx], pd2.af) ||
-				    nk->port[pd2.didx] != iih.icmp6_id)
-					pf_change_icmp(pd2.dst, &iih.icmp6_id,
-					    saddr, &nk->addr[pd2.didx],
-					    nk->port[pd2.didx], NULL,
+				    &nk->addr[pd2.didx], pd2.af))
+					pf_change_icmp(pd2.dst, NULL, NULL,
+					    &nk->addr[pd2.didx], 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);
 
diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c
index 30013ab0d8d0..46d3ea8f508d 100644
--- a/sys/netpfil/pf/pf_lb.c
+++ b/sys/netpfil/pf/pf_lb.c
@@ -222,6 +222,23 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 	if (pf_map_addr(af, r, saddr, naddr, &init_addr, sn))
 		return (1);
 
+	if (proto == IPPROTO_ICMP) {
+		if (*nport == htons(ICMP_ECHO)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#ifdef INET6
+	if (proto == IPPROTO_ICMPV6) {
+		if (*nport == htons(ICMP6_ECHO_REQUEST)) {
+			low = 1;
+			high = 65535;
+		} else
+			return (0);	/* Don't try to modify non-echo ICMP */
+	}
+#endif /* INET6 */
+
 	bzero(&key, sizeof(key));
 	key.af = af;
 	key.proto = proto;
@@ -606,7 +623,7 @@ pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off, int direction,
 	switch (r->action) {
 	case PF_NAT:
 		if (pd->proto == IPPROTO_ICMP) {
-			low  = 1;
+			low = 1;
 			high = 65535;
 		} else {
 			low  = r->rpool.proxy_port[0];

From nobody Wed Aug  7 13:44:54 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHq2KM9z5S9PP;
	Wed, 07 Aug 2024 13:44:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHq0H9Fz4jqH;
	Wed,  7 Aug 2024 13:44:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038295;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=H/R9FXYTz/ciFCFBpaouxYr0+voY3o/itVtR5PqxcM8=;
	b=mI9hbgBgVx7t5Qv44l4g0/a8jWx9xHuMAb3TaymX+r3WWEFHY9h/mSG2yXXZG4QL8kn/cl
	/DnRgwFftKce5ZTMXLdk79012Mjrt/VFPAXfv977fAyrVMm70SEN6Umb1UkNZWoLCHl0V6
	iTiI2nwebFEYnlg2Vq0ld0ldhj/x9ZnE5v5iV1nqGqRRjnJIAzzM/E/kArERCUVuzlrnNU
	pyncufm5Dz7IMss9rrGPVgT1J7a+dyrHuS1PFioFWj09woTz0AcKrEyjzTSOa4GkQmB8bf
	km+LtVc8proZtbF5FE43VoYo5qHysIYV9gBYsiFA8gCCh06ocp+yDqaZ4lN2Yw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038295; a=rsa-sha256; cv=none;
	b=aNWYgiZ9mPhMLld5uuF+pl9WaLhFjXM1ULamQ2zVt4pVxKrpmxKzSzHknXEWhn6a9Rqean
	omO6OWqCmCzKzD5HnMlfFcv5lYRwM366KuKxe4oKmMPdkz4gMkN4PBfNk6QAvh1k5Afe7e
	NKR3VFA5/tzlQrT4AJuKyPSUEvO9zXW1klImKbCelOW0EhuVw+/mgu6AU5UeHKs4dniq8h
	J8BZzBr8O1bxamC37nTpVDRbzx12uPzTE+bakYF+4Rb9mv62HoF/vSQQta/ZnSwnAOy8/S
	XvgIb46vUJoh0cdsaBPDUHZe5lC/hMxR6WBN0aS34+uZVZURyE798VXNoypziw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038295;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=H/R9FXYTz/ciFCFBpaouxYr0+voY3o/itVtR5PqxcM8=;
	b=x39164fuaBw4MXpkUP6EX2bvxNt/ScRn3xol6mDgZ4JAvWzfeGf3w2QngM1NXPhm9mGVsc
	E5shbtuVscKlc4PM4kBimdQ5ScCCEW2qiwa6uIhbH9IZeY9ixf4KpfD2OoP6CB1jLzkXOD
	Vn4vph9VhV97jg8C6y7orZD73qw2lNJ7vuZSlTQsCQQOcT5NGMwbjxuW42GNiN5kpYxo0+
	c31hpcUErkTdauzaKe++UQ0NungFEC4ofWanHHPtMBVH/GclVIzLkllhD1MDxf9BskAqyD
	KR7AAEP9X3kIoouxwQHd/K3595LcjQi2o/vznx5ZOQO3D6lOyRr7AbaHud5t+A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHp70MBzsjS;
	Wed,  7 Aug 2024 13:44:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Dis59034764;
	Wed, 7 Aug 2024 13:44:54 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477DiscO034761;
	Wed, 7 Aug 2024 13:44:54 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:54 GMT
Message-Id: <202408071344.477DiscO034761@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: b778bbead38a - releng/13.3 - pf: some ICMP types that
  also have icmp_id, pointed out by markus@
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: b778bbead38ae9efa366a3542441c451e8fb1660
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=b778bbead38ae9efa366a3542441c451e8fb1660

commit b778bbead38ae9efa366a3542441c451e8fb1660
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 11:32:03 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:24 +0000

    pf: some ICMP types that also have icmp_id, pointed out by markus@
    
    ok henning markus
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, mcbride <mcbride@openbsd.org> 8c0632cd274b
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit e296b0de9e467b8c5eb853f6cf4c6ea28d4119a2)
---
 sys/netpfil/pf/pf.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 1bdc695f698c..b0ef27b2e462 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1720,21 +1720,21 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 		*icmp_dir = PF_IN;
 	case ICMP_TSTAMPREPLY:
 		*icmptype = ICMP_TSTAMP;
-		*icmpid = 0; /* Time is not a secret. */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_IREQREPLY:
 		*icmptype = ICMP_IREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_MASKREQ:
 		*icmp_dir = PF_IN;
 	case ICMP_MASKREPLY:
 		*icmptype = ICMP_MASKREQ;
-		*icmpid = 0; /* Nothing sane to match on! */
+		*icmpid = pd->hdr.icmp.icmp_id;
 		break;
 
 	case ICMP_IPV6_WHEREAREYOU:

From nobody Wed Aug  7 13:44:55 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHr35H6z5S99x;
	Wed, 07 Aug 2024 13:44:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHr0zrFz4jmf;
	Wed,  7 Aug 2024 13:44:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038296;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=INPyKKyVFv3dz3DQu3+VKTxNdZuvaLJzKxehY1XZzs4=;
	b=Ugh3nZHFU0gk4B0xLX5XqX3+pR6GEvUQAqT0/OOmcZlUmMJ21+Gd5H+mYiLbbK344s2Ol8
	EW1npeN+wkkFuqK6XzPFSnfO0Clyd0R9RQlXhfWLImjEJsHmNDvPKOVLqadqepq1O6nu+r
	yh4YC+ZXv9PEUwU28jK5Sn1DZe3XeO+oXXYZkjK5GZDTYGw84zTocf5zw1p0bwrgVQwA1L
	DB08Lao2N9H1KBjJYpk2cqXlk+Lax+4NpD8uOjOXIYgJi2qUamKURfC8SANzc2LOFN5Vol
	FdO8GPlENUOIHps6+M9VDzz6PThXTr8Zq6CQ6PyQc3AJfyYbia0IVaesbYNniw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038296; a=rsa-sha256; cv=none;
	b=eoFiiGdwpVkMp55Xcv2UrOqYT5f5GW9O0oUlyqZD0Bo06eWaejBLFf6T2A7WGpPwVGPcnw
	C8YiX02d/GpKR9mfUh+4wyDDpT4ss1ZiWINOp123q5jzy1HzjUVrdoO713CLAMthmTv4Hd
	DHU1nXCX64SnFmGAZCzBHO6GcJrTHmNHWt24Aiwp1h5/cwWW06eIrha9Tmoa1u6Kx6hbnr
	kH3jZ3a1fP6tlL6+7tfIFrX8deT4+avyOnoHoexsEnDsvFVNK+UtudboxmDVxpAIhUbAxK
	tHSkuaa7MBc6wyQfD15ugP8ge2ld7dCe46yS8l/MFByoYl3x15hySDFs2iKJjg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038296;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=INPyKKyVFv3dz3DQu3+VKTxNdZuvaLJzKxehY1XZzs4=;
	b=tt+sSVBPE8nbCt0MyD49JJZ4gh6cGitPJt8pKEEOLoR0HvQZr6tP99dt+d6XafhwoMXpKJ
	TnqSKxiunNBhvpvlFKH9/HneO4BGjNvZEUH1WRexfuWibAYWIZX0KlI12gASz0AYQfy4ox
	rxn6uryAtVVzwToWZkSOvr3DccjoN7fZEqqxT0Nn6/X4VZ0g0m/i2DmPdbb5GF7DuTR7gL
	izmBcKDZAYdrca5OG1HIPj6H9si944wkj4bt7cLrFaneSNH6XD0ai2xbWXcx1w28Ypoby+
	AO0JP6m1d03+z6ks8ukUacLqmFcqIB4YlGI7f5MDtaXxL+mCrk7R5W2ve86JXQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHr0ZdTzspN;
	Wed,  7 Aug 2024 13:44:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DitZ8034815;
	Wed, 7 Aug 2024 13:44:55 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dit82034812;
	Wed, 7 Aug 2024 13:44:55 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:55 GMT
Message-Id: <202408071344.477Dit82034812@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: dcc05aee1495 - releng/13.3 - pf: split ICMP/ICMPv6
  number space in pf_icmp_mapping()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: dcc05aee14951f35e5d66082d82a58298bc79d5b
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=dcc05aee14951f35e5d66082d82a58298bc79d5b

commit dcc05aee14951f35e5d66082d82a58298bc79d5b
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:10:50 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:28 +0000

    pf: split ICMP/ICMPv6 number space in pf_icmp_mapping()
    
    In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same
    number space.  In fact they are independent and must be handled
    separately.  Fix traceroute via pf by splitting pf_icmp_mapping()
    into IPv4 and IPv6 sections.
    ok henning@ mcbride@; tested mcbride@; sure deraadt@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, bluhm <bluhm@openbsd.org> ef4bccd7509e
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 46755f52247bd34a7f013d6844ed0c673ac0defc)
---
 sys/netpfil/pf/pf.c | 247 ++++++++++++++++++++++++++++------------------------
 1 file changed, 135 insertions(+), 112 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index b0ef27b2e462..388d632e8d50 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1698,7 +1698,7 @@ pf_isforlocal(struct mbuf *m, int af)
 
 int
 pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
-    int *icmp_dir, int *multi, u_int16_t *icmpid, u_int16_t *icmptype)
+    int *icmp_dir, int *multi, u_int16_t *virtual_id, u_int16_t *virtual_type)
 {
 	/*
 	 * ICMP types marked with PF_OUT are typically responses to
@@ -1708,128 +1708,151 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 	*icmp_dir = PF_OUT;
 	*multi = PF_ICMP_MULTI_LINK;
 	/* Queries (and responses) */
-	switch (type) {
-	case ICMP_ECHO:
-		*icmp_dir = PF_IN;
-	case ICMP_ECHOREPLY:
-		*icmptype = ICMP_ECHO;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+	switch (pd->af) {
+#ifdef INET
+	case AF_INET:
+		switch (type) {
+		case ICMP_ECHO:
+			*icmp_dir = PF_IN;
+		case ICMP_ECHOREPLY:
+			*virtual_type = ICMP_ECHO;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_TSTAMP:
-		*icmp_dir = PF_IN;
-	case ICMP_TSTAMPREPLY:
-		*icmptype = ICMP_TSTAMP;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_TSTAMP:
+			*icmp_dir = PF_IN;
+		case ICMP_TSTAMPREPLY:
+			*virtual_type = ICMP_TSTAMP;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_IREQREPLY:
-		*icmptype = ICMP_IREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_IREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_IREQREPLY:
+			*virtual_type = ICMP_IREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_MASKREQ:
-		*icmp_dir = PF_IN;
-	case ICMP_MASKREPLY:
-		*icmptype = ICMP_MASKREQ;
-		*icmpid = pd->hdr.icmp.icmp_id;
-		break;
+		case ICMP_MASKREQ:
+			*icmp_dir = PF_IN;
+		case ICMP_MASKREPLY:
+			*virtual_type = ICMP_MASKREQ;
+			*virtual_id = pd->hdr.icmp.icmp_id;
+			break;
 
-	case ICMP_IPV6_WHEREAREYOU:
-		*icmp_dir = PF_IN;
-	case ICMP_IPV6_IAMHERE:
-		*icmptype = ICMP_IPV6_WHEREAREYOU;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_IPV6_WHEREAREYOU:
+			*icmp_dir = PF_IN;
+		case ICMP_IPV6_IAMHERE:
+			*virtual_type = ICMP_IPV6_WHEREAREYOU;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_MOBILE_REGREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP_MOBILE_REGREPLY:
-		*icmptype = ICMP_MOBILE_REGREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_MOBILE_REGREQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP_MOBILE_REGREPLY:
+			*virtual_type = ICMP_MOBILE_REGREQUEST;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case ICMP_ROUTERSOLICIT:
-		*icmp_dir = PF_IN;
-	case ICMP_ROUTERADVERT:
-		*icmptype = ICMP_ROUTERSOLICIT;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ICMP_ROUTERSOLICIT:
+			*icmp_dir = PF_IN;
+		case ICMP_ROUTERADVERT:
+			*virtual_type = ICMP_ROUTERSOLICIT;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-#ifdef INET6
-	case ICMP6_ECHO_REQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_ECHO_REPLY:
-		*icmptype = ICMP6_ECHO_REQUEST;
-		*icmpid = pd->hdr.icmp6.icmp6_id;
-		break;
+		/* These ICMP types map to other connections */
+		case ICMP_UNREACH:
+		case ICMP_SOURCEQUENCH:
+		case ICMP_REDIRECT:
+		case ICMP_TIMXCEED:
+		case ICMP_PARAMPROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
 
-	case MLD_LISTENER_QUERY:
-		*icmp_dir = PF_IN;
-	case MLD_LISTENER_REPORT: {
-		*icmptype = MLD_LISTENER_QUERY;
-		*icmpid = 0;
+		/*
+		 * All remaining ICMP types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
+#endif /* INET */
+#ifdef INET6
+	case AF_INET6:
+		switch (type) {
+		case ICMP6_ECHO_REQUEST:
+			*icmp_dir = PF_IN;
+		case ICMP6_ECHO_REPLY:
+			*virtual_type = ICMP6_ECHO_REQUEST;
+			*virtual_id = pd->hdr.icmp6.icmp6_id;
+			break;
 
-	/* ICMP6_FQDN and ICMP6_NI query/reply are the same type as ICMP6_WRU */
-	case ICMP6_WRUREQUEST:
-		*icmp_dir = PF_IN;
-	case ICMP6_WRUREPLY:
-		*icmptype = ICMP6_WRUREQUEST;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case MLD_LISTENER_QUERY:
+			*icmp_dir = PF_IN;
+		case MLD_LISTENER_REPORT: {
+			*virtual_type = MLD_LISTENER_QUERY;
+			*virtual_id = 0;
+			break;
+		}
+		case MLD_MTRACE:
+			*icmp_dir = PF_IN;
+		case MLD_MTRACE_RESP:
+			*virtual_type = MLD_MTRACE;
+			*virtual_id = 0; /* Nothing sane to match on! */
+			break;
 
-	case MLD_MTRACE:
-		*icmp_dir = PF_IN;
-	case MLD_MTRACE_RESP:
-		*icmptype = MLD_MTRACE;
-		*icmpid = 0; /* Nothing sane to match on! */
-		break;
+		case ND_NEIGHBOR_SOLICIT:
+			*icmp_dir = PF_IN;
+		case ND_NEIGHBOR_ADVERT: {
+			*virtual_type = ND_NEIGHBOR_SOLICIT;
+			*virtual_id = 0;
+			break;
+		}
 
-	case ND_NEIGHBOR_SOLICIT:
-		*icmp_dir = PF_IN;
-	case ND_NEIGHBOR_ADVERT: {
-		*icmptype = ND_NEIGHBOR_SOLICIT;
-		*multi = PF_ICMP_MULTI_SOLICITED;
-		*icmpid = 0;
+		/*
+		 * These ICMP types map to other connections.
+		 * ND_REDIRECT can't be in this list because the triggering
+		 * packet header is optional.
+		 */
+		case ICMP6_DST_UNREACH:
+		case ICMP6_PACKET_TOO_BIG:
+		case ICMP6_TIME_EXCEEDED:
+		case ICMP6_PARAM_PROB:
+			/* These will not be used, but set them anyway */
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			HTONS(*virtual_type);
+			return (1);  /* These types match to another state */
+		/*
+		 * All remaining ICMP6 types get their own states,
+		 * and will only match in one direction.
+		 */
+		default:
+			*icmp_dir = PF_IN;
+			*virtual_type = type;
+			*virtual_id = 0;
+			break;
+		}
 		break;
-	}
-
 #endif /* INET6 */
-	/* These ICMP types map to other connections */
-	case ICMP_UNREACH:
-	case ICMP_SOURCEQUENCH:
-	case ICMP_REDIRECT:
-	case ICMP_TIMXCEED:
-	case ICMP_PARAMPROB:
-#ifdef INET6
-	/*
-	 * ICMP6_TIME_EXCEEDED is the same type as ICMP_UNREACH
-	 * ND_REDIRECT can't be in this list because the triggering packet
-	 * header is optional.
-	 */
-	case ICMP6_PACKET_TOO_BIG:
-#endif /* INET6 */
-		/* These will not be used, but set them anyways */
-		*icmp_dir = PF_IN;
-		*icmptype = htons(type);
-		*icmpid = 0;
-		return (1);	/* These types are matched to other state */
-	/*
-	 * All remaining ICMP types get their own states,
-	 * and will only match in one direction.
-	 */
 	default:
 		*icmp_dir = PF_IN;
-		*icmptype = type;
-		*icmpid = 0;
+		*virtual_type = type;
+		*virtual_id = 0;
 		break;
 	}
-	HTONS(*icmptype);
-	return (0);
+	HTONS(*virtual_type);
+	return (0);  /* These types match to their own state */
 }
 
 void
@@ -4156,7 +4179,7 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction,
 				pf_change_a(&daddr->v4.s_addr, pd->ip_sum,
 				    nk->addr[pd->didx].v4.s_addr, 0);
 
-			if (virtual_type == ICMP_ECHO &&
+			if (virtual_type == htons(ICMP_ECHO) &&
 			     nk->port[pd->sidx] != pd->hdr.icmp.icmp_id) {
 				pd->hdr.icmp.icmp_cksum = pf_cksum_fixup(
 				    pd->hdr.icmp.icmp_cksum, sport,
@@ -6483,13 +6506,13 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    (virtual_type == ICMP_ECHO &&
+				    (virtual_type == htons(ICMP_ECHO) &&
 				    nk->port[iidx] != iih.icmp_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    &iih.icmp_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP_ECHO) ?
+					    (virtual_type == htons(ICMP_ECHO)) ?
 					    nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET);
@@ -6549,13 +6572,13 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif
 
 				if (PF_ANEQ(pd2.src,
 				    &nk->addr[pd2.sidx], pd2.af) ||
-				    ((virtual_type == ICMP6_ECHO_REQUEST) &&
+				    ((virtual_type == htons(ICMP6_ECHO_REQUEST)) &&
 				    nk->port[pd2.sidx] != iih.icmp6_id))
 					pf_change_icmp(pd2.src,
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? &iih.icmp6_id : NULL,
 					    daddr, &nk->addr[pd2.sidx],
-					    (virtual_type == ICMP6_ECHO_REQUEST)
+					    (virtual_type == htons(ICMP6_ECHO_REQUEST))
 					    ? nk->port[iidx] : 0, NULL,
 					    pd2.ip_sum, icmpsum,
 					    pd->ip_sum, 0, AF_INET6);

From nobody Wed Aug  7 13:44:57 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHs3Xlmz5S95V;
	Wed, 07 Aug 2024 13:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHs23KGz4jdw;
	Wed,  7 Aug 2024 13:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038297;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aMaySwb7vq2CuPoJwEa57L1urMSzK2x8zZFr1g5wCLI=;
	b=TSZWISSxkZyb0BjYk+O06aUwWXZ+A4+pCZEoUQpyOkLtwiFyyR3EHfE493pIYYlyt1YByD
	UcBWWVw4R6OmDQzs9ovjc6/fxc6WwGjGm+tZRux6+LjBSTIuJniXTZyPNguFpr0U1CqAVk
	AHSq1XzMA1F7LSOMasW1rTLQsjQTagteb9guTUW1ABpfiln7KbvBT2THyRjf2CZmqrV3Q9
	eGIM/nXVi/VKcKP8tjaPTeFVJUn1tV4ba9N+fU2meaF+2QToe0ud29kohSofMKrngs0baL
	U8tIn0x+r3R8EYtEl+lWJh4g7h5tinz2BSO7Qm/u8Wi3GsLyKfRT+mFNY+qT9Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038297; a=rsa-sha256; cv=none;
	b=FATnPAxikj5HkOnBzoJ92pDgpXpvU12JkR5HMHSSY8Ksk2NxE/IV87Wot4DS4AgfTc/shN
	p0WdB+YlEB/dB6G7HXIJFw8MUpL5z6vmQaP3zSHgFE5vmJNFPi/kmzCUPrnLEksyfuSqBf
	Z+K7+ycu+pBZ58f6rSgvZCrYFHRqU75U9GvBW0lCqj4tSTyiAEOSGEeBQ8w7j3fILn4JyO
	vD4qq4PnKihi8Aa3aX2LgzrxoBBYlqpc5RbvqeN3KLRbaaxcq5OXLBQCr7UQLP17QzZv48
	AUkpaokS1CQ0KB9uuYEowz5kqk53pvAM/qAu+vxiitSPTzGRP5lmDrEgq8YUjg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038297;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aMaySwb7vq2CuPoJwEa57L1urMSzK2x8zZFr1g5wCLI=;
	b=IRTr7s7HyZnRu++yrpQ5CO+/AYD2hytWHaAk0f0Nn/pyPdcF4+iBd1zghsL7vt+p3JzN2/
	aSkynWTu7Yhkx6XIYHZL5SJzQaBCz0Baj6JutQg19aUozgS8OKGoKua20b7ciD3A1rVF78
	8AyaZCEm2jueavJTgaYPbarXm2eHScdjLin/CTjF9xqzQ7zCHh66Ib/JjJYlVOMWZAtwCm
	uebZ9ATgOp13W3OyGlHWtJj3d6ozBN70LZ0Z4XcIELDOdX9Ylf+vEi+J4d4rVYY4iCG2HU
	bY6rXrSIgWGPdJyE9dEY2b3QeruI2ZsYJogWGvoYkpNoo1Sb3dY8Ll/SMenD5A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHs1ghszsrb;
	Wed,  7 Aug 2024 13:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DivCH034875;
	Wed, 7 Aug 2024 13:44:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dives034872;
	Wed, 7 Aug 2024 13:44:57 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:57 GMT
Message-Id: <202408071344.477Dives034872@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 5eb30c313cb0 - releng/13.3 - pf: allow MLD LR to be
  sent without state
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: 5eb30c313cb051385d654f7bba36143ccb7dbf94
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=5eb30c313cb051385d654f7bba36143ccb7dbf94

commit 5eb30c313cb051385d654f7bba36143ccb7dbf94
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-07-10 12:36:18 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:32 +0000

    pf: allow MLD LR to be sent without state
    
    Change PF behavior to allow MLD Listener Report packets to be sent
    without needing a previously created state by MLD Listener Query. It
    wasn't working because: (1) you might not have a previous MLD Listener
    Query and (2) the addresses of the Query and Report don't match.
    
    ok mikeb@, sashan@
    
    Approved by:    so
    Security:       FreeBSD-SA-24:05.pf
    Security:       CVE-2024-6640
    MFC after:      1 day
    Obtained From:  OpenBSD, rzalamena <rzalamena@openbsd.org>, 5c526dbdb0f2
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 1afe4da75d1d2acd33b25eea942af28aa41c82c2)
---
 sys/netpfil/pf/pf.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 388d632e8d50..96d67d906a4e 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1797,8 +1797,15 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
 			break;
 
 		case MLD_LISTENER_QUERY:
-			*icmp_dir = PF_IN;
 		case MLD_LISTENER_REPORT: {
+			/*
+			 * Listener Report can be sent by clients
+			 * without an associated Listener Query.
+			 * In addition to that, when Report is sent as a
+			 * reply to a Query its source and destination
+			 * address are different.
+			 */
+			*icmp_dir = PF_IN;
 			*virtual_type = MLD_LISTENER_QUERY;
 			*virtual_id = 0;
 			break;

From nobody Wed Aug  7 13:44:58 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHv0P18z5S9Rs;
	Wed, 07 Aug 2024 13:44:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHt34SPz4jr5;
	Wed,  7 Aug 2024 13:44:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038298;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iVyfme+LHkQnaTblNv46WId0o8ziTHyql/IW2oIrzl4=;
	b=kFVU0x19aCcT1tPmTFm9pAZKmrXGo+QBSLHjPFc9Unx86Isqc1MjR992g2PwIIaW1Uyi0a
	H+TQ9gbKc8PUUHj+8TSdi6AaQsq3WoooVk8MGXBdbZbT3eYW3/o1CGfHsRYO8i5DbT4GxZ
	gY61pumVArotMS5/JBPQMkPAaizDS2G05iDuXHzUsdZufm68HNQdl5wGICi4ZuPjpCiW+4
	gMd4WZ4utGPwml8pLJG4Ph970BWAUkK4T7c1439kr/Rqjlq87mT7Ix7/5Y2yU02HaoZzz2
	QsI3G1UXCH1Wbsu3zXZvQBiDtAElP4CBSGE22182NmoZWU1F4QwW9jTtZMQocQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038298; a=rsa-sha256; cv=none;
	b=VMpZYfknGtwp4WQwJoXaNiYvTWp9MjYPoL6YQFmSdOH+9o15DsbJMCBEVUqiZAtLUsjlIE
	fQwAtPdVwgPlaGqhR6r+t8W/Siz5wI4VuHwKSnDneoxXWr/whsUQ2rPyo4DrrRw5I0x9X2
	IjcRcRf/zElfS7PapKteLMdiixT9d2FZMUGBtL+Qm1q6vjpC+9DB/6wp9NnCowDtm/cn/l
	18l4YJZ5BLH6oyTGPVNF21qoF1VD9d1qJAtAitLn5y56LoNc9u3WnTaCkG7hCCz4rrQrn1
	8vJFQX65zfutg4p+Ile//7pMm/K8zVswucxKodMgH7p3K2Uh9K4gm4ZOE8/29Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038298;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iVyfme+LHkQnaTblNv46WId0o8ziTHyql/IW2oIrzl4=;
	b=LS8ZXzDkpiBUtt0ooiLUbbaClsIxUbcAEQrSHwrpXKiYC/UhqUttVaGkDw6yOF0CvLeqlD
	DRuc0DTiWMEURp1XR6t8idY9bi3BjpihmpANYQA9dk06SPrAabztiOjLrM4JobfVdg7AFx
	f4oYVn8JGqew7keN3FKIMqOCJT2y6INMV8wVDnDi8oGLCfx6aCtedwH818W+0odTNtKZZ5
	f3fe1sGIdL4Zm8wjoxyEbkj0r5+GYOKlorzU6EPlxls68pezXtmZAlkqRV7vKd+35EPXcF
	fs5nEskGfZSy9sAlTmZUTU08vOWBhPsPz+klfwhsX/vucMNU/cmb2EOtqPPAxQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHt2fPKzsmQ;
	Wed,  7 Aug 2024 13:44:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477DiwRN034921;
	Wed, 7 Aug 2024 13:44:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Diw1v034918;
	Wed, 7 Aug 2024 13:44:58 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:58 GMT
Message-Id: <202408071344.477Diw1v034918@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: f41c11d7f209 - releng/13.3 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: f41c11d7f2090e2628296602f46a0d5926c4b6fb
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=f41c11d7f2090e2628296602f46a0d5926c4b6fb

commit f41c11d7f2090e2628296602f46a0d5926c4b6fb
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:37:37 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    (cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)
    
    Approved by:    so
    Security:       FreeBSD-SA-24:08.openssh
    Security:       CVE-2024-7589
    
    (cherry picked from commit d5f16ef6463d73270e4380f3498410c8ad91f495)
---
 crypto/openssh/sshd.c    | 2 --
 crypto/openssh/version.h | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 6bb0b6c129bb..1ce62ec86e35 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 3e99bca450b1..d6108d00de09 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Wed Aug  7 13:44:59 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHv5Dngz5S9MV;
	Wed, 07 Aug 2024 13:44:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHv3j6Lz4jtV;
	Wed,  7 Aug 2024 13:44:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038299;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=eTlLAgViTIhXlqSuTBT8dANAVQ229Piddl/3g03oVec=;
	b=EoCBDPVTcaifNAqBhWjfBnODjM9E9bfWjrQGZm50HKWQpnc4EyYvBqtcqmZCdCnbc/bzHU
	QGh/zgdobUYb/gNmTgNLoBykqaZmCfugohnivusXcjWLllzmI50Q5s5OjzZ48sqDU2bUUh
	Yh5/rPgsGNBjWPK9N1wEk3DY8kXBwt9v3cue+Tc2Cct0n+RlfoHEIBGMBies1+GK9Ne0ov
	Wp3Vh17JQgtiahXSklEroeL/asGQ0MLxWZZ6fP2spzBMBcOM8ggpEbjnFWCRl2bf1JBerG
	9/baqyz9po5Sds0T722kuMvegqZ9Zrauf4eQDrXnmbKSSFB5bzhJyD/wTB+weQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038299; a=rsa-sha256; cv=none;
	b=YMdHGCBp8QWT6zqidt+amEgOomaqgjogzk4qb78UyQyIG91ErIeTG3iWeJIVuXYEPX/sEz
	PKBdF7Jj8cC7u32+M33ny5NWBLHFPuKm9K1zx59XEee7g2HGefWQ6k9Mfm0/NcYqgE/nU/
	8e8HPoewL+CKbijIC7P3JKdlp/lKei5dSYZR9HQlBGfL4hwGeM3kcKGYXjz0ou3CbS7r8l
	CmTIPqgwAXvlL7a/XLpE7eFaF9XDYzaHkGy7RfNI0Wb6Tl/KJM4BTFsmmrgN0KHZGyxKjz
	XDt8RKkafYGRrS2IV/Ez05uhoRKkD6+bGuK/7coWxYTxeH834I36kHO1nAE4/Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038299;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=eTlLAgViTIhXlqSuTBT8dANAVQ229Piddl/3g03oVec=;
	b=U0MfXqufRiqqhoNOi+udjQNiLElVoHlbB3SIhHYQ0p4/mcgEHa4pet0eP3QCCRC7QQnAgr
	FFHkeYIbf+0wydkC1bvDKmE2X9ui7FRTk2+6JVBduQHH/7nb+MAZE/QvCa17ei/YeVusdZ
	vqt28AFWAmXYEvRlQkkegP1zaOS2pouI8AYWZYfolYuD+kTelGqaqPV1viULfYfnIMJg/Q
	uGN8lUpfkmhfq/SMjzB4fkvYXPyZOw4qiLMJvZTrjUtRFI19pmuNgJVdDel8uEEeT/5B3I
	qFUN4hSWeV77ut1tGjYEdU/Q5rUPGlATSeUadrhkYmSQAlUjjAzlFHy37QDLYQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHv3JVLzsgh;
	Wed,  7 Aug 2024 13:44:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Dixah034967;
	Wed, 7 Aug 2024 13:44:59 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dixbd034964;
	Wed, 7 Aug 2024 13:44:59 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:44:59 GMT
Message-Id: <202408071344.477Dixbd034964@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 769536bcb5c3 - releng/13.3 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: 769536bcb5c334ca551b4dc88cf7486bd960e192
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=769536bcb5c334ca551b4dc88cf7486bd960e192

commit 769536bcb5c334ca551b4dc88cf7486bd960e192
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:45 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Security:       FreeBSD-SA-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
    (cherry picked from commit f702110bc4bcc593b38674ec6e4fadf6c4626432)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 2729d0880b31..cc51dbae46f7 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -585,7 +585,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Wed Aug  7 13:45:00 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfBHx1Jh1z5S9PS;
	Wed, 07 Aug 2024 13:45:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfBHw52tFz4jx1;
	Wed,  7 Aug 2024 13:45:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723038300;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9B/S2y3w05Ma/ybRKcA+uRwdMK4l3XpCPMy4rWhdoQw=;
	b=oxgOzVRzIXxxMeQotU5LJWjffJJFz6PWFbMpPbrH4oI3PXcARyKuR7sb+/2sdCIM/eSszA
	p55jCMEyrModAU9otonNdzI03Huc4imSuwOkw4Dc1SmBKY3k9YG4BHrRhPJnzbY74O55xV
	fkg33iN/fusLVgSA11tfUR9ZWdbQOV1nmsm76KhKVs7DZ2kC+vxdLLw5XlzE378qASmRpz
	nHszllgNDk8GkQOM1xx2DUI4lDZIjfrCxXOSmiz4tLFaqVAnuxBn/JIIp3CaOghsOhXz8X
	/H0nPmoA2B2rFH/Z1adH5kBhJovy2As+pk93JJWwBTMPCVXrrUFydhHhx0cmew==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723038300; a=rsa-sha256; cv=none;
	b=rMOOuVypLlDphjSGGV5t8Z/0zxFRzblN2yq+d3qyN2ysVTHRN1dErdGzFtNFiea0um5iQd
	tr7evJW41Bw2s4ztrbi0wYyos+JEtUNre6tyXpy4OhSmeOj3m90pNDtiMxItFg0sE7cwSO
	O5WOR+gYvJK6EgnqOuuS8Vp2YJcYM1YcFpxaWYYCjFO8OopsqmSXb5BUnVGU6O9uOQjJl+
	DuftnZvDycLkcRbQOwisTfel6oC4UpSF1odC55Dzymg/RJQ0dOXnRp8oLOeVLBk+kiQ1L6
	poqLoDxODgswtCEshW42vtc3FqzQaFAgllSY9peTKJIcDb1EZn+l1YJkp6lJ/Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723038300;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9B/S2y3w05Ma/ybRKcA+uRwdMK4l3XpCPMy4rWhdoQw=;
	b=W+IhjsTUL0E9cJ6gGX5tVBDbGsvF3ZwJOoBN07UkXCUrQo2rho2JHSYO3ozpF76Aw5h/XU
	7SxyB1NsOQvaN/LZ5H+KliAT+eTur0neSBC6kzUXgNGRFVlkoKETip6XOldtkRWjfge2kq
	XkKRO/SIenBNeIlGoRIUeAq6PFmLB1iQTJ/VsQt9osndKa2PkoEVZRwJ5McSDkyTR1fwfT
	5H2SpXF+zKNsusgdb4iu6d/NQACRyD+vu3fEVP9sHXhKRvKYCx1Z6khKlDXkqAzyZnlOcs
	UlzK32QgIdvoY5MahZF0nBTK5jsf9wFjNsBqsC7LksYDGOdN0lAM25QNDfKbTg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfBHw4dBTzt40;
	Wed,  7 Aug 2024 13:45:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477Dj0JD035037;
	Wed, 7 Aug 2024 13:45:00 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Dj07V035034;
	Wed, 7 Aug 2024 13:45:00 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 13:45:00 GMT
Message-Id: <202408071345.477Dj07V035034@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: f5a50714b4c9 - releng/13.3 - Add UPDATING entries and
  bump the branch version
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.3
X-Git-Reftype: branch
X-Git-Commit: f5a50714b4c982c9e122abf5a9e12585addb9584
Auto-Submitted: auto-generated

The branch releng/13.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=f5a50714b4c982c9e122abf5a9e12585addb9584

commit f5a50714b4c982c9e122abf5a9e12585addb9584
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-06 22:29:36 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 13:43:48 +0000

    Add UPDATING entries and bump the branch version
    
    Approved by:    so
---
 UPDATING            | 14 ++++++++++++++
 sys/conf/newvers.sh |  2 +-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index cfeb99794e88..8ec49065a2e0 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,20 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20240806:
+	13.3-RELEASE-p5	SA-24:05.pf
+			SA-24:06.ktrace
+			SA-24:07.nfsclient
+			SA-24:08.openssh
+
+	pf incorrectly matches different ICMPv6 states in the state table [SA-24:05.pf]
+
+	ktrace(2) fails to detach when executing a setuid binary [SA-24:06.ktrace]
+
+	NFS client accepts file names containing path separators [SA-24:07.nfsclient]
+
+	OpenSSH pre-authentication async signal safety issue [SA-24:08.openssh]
+
 20240701:
 	13.3-RELEASE-p4 SA-24:04.openssh
 
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index a98b62ded09e..a1f0f7b0d08e 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="13.3"
-BRANCH="RELEASE-p4"
+BRANCH="RELEASE-p5"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Wed Aug  7 14:18:58 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfC370D3Xz5SD3r;
	Wed, 07 Aug 2024 14:18:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfC366nDBz4tJZ;
	Wed,  7 Aug 2024 14:18:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723040338;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=jOPrFanYjzc21IpoOM5bNo4pFRln7XwP+erPiobmJXI=;
	b=mBRjkizjy/tBOdNCd0sXBPDVinYk1SaiEEeYuiEYjavlk6RKvWeriYM+AT5LN9d5L2KbGy
	s06tiPtc+eQCEp+zKYiNt7WGkTmbGM4WQaCPgVNjYEMlkc45KRCpKNBHmqH4kkQd6/SK4B
	/WEMXQRj1c7wlrzXz8lfnXBDx5sNcHCwhsu6i2rf+OguKHq/WKyILwxbI4ADLpsW10Gu0L
	vDQQlK99zMmbYjszzPRmYPikmXijrfUWGasBWMgNNt6pvNlLn06nCXyfYjshIV4WBBs7h0
	vsp+itdBWJopBKgLftz1tW6S/SX67u/aOltPq6msWSIFxa8Oh0u3d2Vts/HNRQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723040339; a=rsa-sha256; cv=none;
	b=TbDgeRICwDYKLPM0FXaQDUOCsXu8T6NBrSACZzbSe7gXdG5rceS5dqXZmGrAlQeR3r/rLY
	6m398bsTLeEnM8OG1rU+E7T1EySi5JvdoWt5vbjpLISsmFOSxHFvfn8Y8QUpkiYHpNVddb
	kTk7+tDHUc49FmmyEZVu+hrJ01G2a/3LM1Vhwbe9Z+mR/0FfAbLyLNnuwy6aDpMzC8qT8t
	8DlebMrU0F44mdK+Ce+27kgar+/53ny+jK4HqEH2yyXqqPdWGvqSuGj0jES3BG5TzC6m1m
	8SEDrQ7g6Pg5DA2xjR5vvmijbQR6MfQiR/V3X+JujP3O5GBEmbKlpmQraSzmRw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723040338;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=jOPrFanYjzc21IpoOM5bNo4pFRln7XwP+erPiobmJXI=;
	b=SY/72yiIlvsFkxTyTO3vYqSuEz1/4l3kRZrNLZ+RBpFOWLODmIrxqQc0GfiLE/pijUsOWV
	5XuNaABu98Mp8XfMpzmE2Ubn/EJZCZ0M5rOoBBMDU3yN7D/jRZeSQSdY3Xg5l8YmjLuyTE
	WTY3zEopuZLrRJlGA32P3poEfICcvqSDYW7onSDiEKKopwEOHt+8E9Ug2kLSqnMghpDtxB
	Ohtr/t8Q3FRTYsIgxN40OqFI3FlX8DrY7xBJUYd2ZSK2pB/VmHZcNgj3Rq9LkuLcHK84/N
	SitBAsiX3X3ajo9tgUrNZkUOmP/rVtZmmZtdhYVE659+FRG7G3zUpta0TaKFyA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfC366NFQztY2;
	Wed,  7 Aug 2024 14:18:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477EIwRt087287;
	Wed, 7 Aug 2024 14:18:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477EIwFr087284;
	Wed, 7 Aug 2024 14:18:58 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 14:18:58 GMT
Message-Id: <202408071418.477EIwFr087284@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Robert Clausecker <fuz@FreeBSD.org>
Subject: git: 644d81447118 - stable/14 - lib/libc/amd64/string: fix
  overread condition in memccpy
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: fuz
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 644d81447118692ced65bc63829998150a646bec
Auto-Submitted: auto-generated

The branch stable/14 has been updated by fuz:

URL: https://cgit.FreeBSD.org/src/commit/?id=644d81447118692ced65bc63829998150a646bec

commit 644d81447118692ced65bc63829998150a646bec
Author:     Robert Clausecker <fuz@FreeBSD.org>
AuthorDate: 2024-07-20 19:53:04 +0000
Commit:     Robert Clausecker <fuz@FreeBSD.org>
CommitDate: 2024-08-07 14:18:40 +0000

    lib/libc/amd64/string: fix overread condition in memccpy
    
    An overread condition in memccpy(dst, src, c, len) would occur if
    src does not cross a 16 byte boundary and there is no instance of
    c between *src and the next 16 byte boundary.  This could cause a
    read fault if src is just before the end of a page and the next page
    is unmapped or unreadable.
    
    The bug is a consequence of basing memccpy() on the strlcpy() code:
    whereas strlcpy() assumes that src is a nul-terminated string and
    hence a terminator is always present, c may not be present at all in
    the source string.  It was not caught earlier due to insufficient
    unit test design.
    
    As a part of the fix, the function is refactored such that the runt
    case (buffer length from last alignment boundary between 1 and 32 B)
    is handled separately.  This reduces the number of conditional
    branches on all code paths and simplifies the handling of early
    matches in the non-runt case.  Performance is improved slightly.
    
    os: FreeBSD
    arch: amd64
    cpu: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
            │ memccpy.unfixed.out │        memccpy.fixed.out           │
            │       sec/op        │   sec/op     vs base               │
    Short             66.76µ ± 0%   62.45µ ± 1%  -6.44% (p=0.000 n=20)
    Mid               7.938µ ± 0%   7.967µ ± 0%  +0.36% (p=0.001 n=20)
    Long              3.577µ ± 0%   3.577µ ± 0%       ~ (p=0.429 n=20)
    geomean           12.38µ        12.12µ       -2.08%
    
            │ memccpy.unfixed.out │         memccpy.fixed.out           │
            │         B/s         │     B/s       vs base               │
    Short            1.744Gi ± 0%   1.864Gi ± 1%  +6.89% (p=0.000 n=20)
    Mid              14.67Gi ± 0%   14.61Gi ± 0%  -0.36% (p=0.001 n=20)
    Long             32.55Gi ± 0%   32.55Gi ± 0%       ~ (p=0.429 n=20)
    geomean          9.407Gi        9.606Gi       +2.12%
    
    Reported by:    getz
    Reviewed by:    getz
    Approved by:    mjg (blanket, via IRC)
    See also:       D46051
    MFC:            stable/14
    Event:          GSoC 2024
    Differential Revision:  https://reviews.freebsd.org/D46052
---
 lib/libc/amd64/string/memccpy.S | 113 ++++++++++++++++++++--------------------
 1 file changed, 57 insertions(+), 56 deletions(-)

diff --git a/lib/libc/amd64/string/memccpy.S b/lib/libc/amd64/string/memccpy.S
index a2d9e33b3d36..69b650fffc33 100644
--- a/lib/libc/amd64/string/memccpy.S
+++ b/lib/libc/amd64/string/memccpy.S
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 The FreeBSD Foundation
+ * Copyright (c) 2023, 2024 The FreeBSD Foundation
  *
  * This software was developed by Robert Clausecker <fuz@FreeBSD.org>
  * under sponsorship from the FreeBSD Foundation.
@@ -83,34 +83,47 @@ ARCHENTRY(__memccpy, baseline)
 	pshufd		$0, %xmm4, %xmm4	# cccc -> cccccccccccccccc
 	and		$~0xf, %rsi
 	movdqa		%xmm4, %xmm1
-	pcmpeqb		(%rsi), %xmm1		# NUL found in head?
-	mov		$-1, %r8d
+	pcmpeqb		(%rsi), %xmm1		# c found in head?
 	and		$0xf, %ecx
-	shl		%cl, %r8d		# mask of bytes in the string
-	pmovmskb	%xmm1, %eax
+	mov		$-1, %eax
+	pmovmskb	%xmm1, %r8d
+	lea		-32(%rcx), %r11
+	shl		%cl, %eax		# mask of bytes in the string
+	add		%rdx, %r11		# distance from alignment boundary - 32
+	jnc		.Lrunt			# jump if buffer length is 32 or less
+
 	and		%r8d, %eax
-	jnz		.Lhead_nul
+	jz		0f			# match (or induced match) found?
+
+	/* match in first chunk */
+	tzcnt		%eax, %edx		# where is c?
+	sub		%ecx, %edx		# ... from the beginning of the string?
+	lea		1(%rdi, %rdx, 1), %rax	# return value
+	jmp		.L0116
 
-	movdqa		16(%rsi), %xmm3		# load second string chunk
+0:	movdqa		16(%rsi), %xmm3		# load second string chunk
 	movdqu		(%r9), %xmm2		# load unaligned string head
-	mov		$32, %r8d
-	sub		%ecx, %r8d		# head length + length of second chunk
 	movdqa		%xmm4, %xmm1
-	pcmpeqb		%xmm3, %xmm1		# NUL found in second chunk?
-
-	sub		%r8, %rdx		# enough space left for the second chunk?
-	jb		.Lhead_buf_end
+	pcmpeqb		%xmm3, %xmm1		# c found in second chunk?
 
 	/* process second chunk */
 	pmovmskb	%xmm1, %eax
 	test		%eax, %eax
-	jnz		.Lsecond_nul
+	jz		0f
+
+	/* match in second chunk */
+	tzcnt		%eax, %edx		# where is c?
+	sub		$16, %ecx
+	sub		%ecx, %edx		# adjust for alignment offset
+	lea		1(%rdi, %rdx, 1), %rax	# return value
+	jmp		.L0132
 
-	/* string didn't end in second chunk and neither did buffer -- not a runt! */
-	movdqa		32(%rsi), %xmm0		# load next string chunk
+	/* c not found in second chunk: prepare for main loop */
+0:	movdqa		32(%rsi), %xmm0		# load next string chunk
 	movdqa		%xmm4, %xmm1
 	movdqu		%xmm2, (%rdi)		# deposit head into buffer
 	sub		%rcx, %rdi		# adjust RDI to correspond to RSI
+	mov		%r11, %rdx
 	movdqu		%xmm3, 16(%rdi)		# deposit second chunk
 	sub		%rsi, %rdi		# express RDI as distance from RSI
 	add		$32, %rsi		# advance RSI past first two chunks
@@ -119,7 +132,7 @@ ARCHENTRY(__memccpy, baseline)
 
 	/* main loop unrolled twice */
 	ALIGN_TEXT
-0:	pcmpeqb		%xmm0, %xmm1		# NUL byte encountered?
+0:	pcmpeqb		%xmm0, %xmm1		# c encountered?
 	pmovmskb	%xmm1, %eax
 	test		%eax, %eax
 	jnz		3f
@@ -131,7 +144,7 @@ ARCHENTRY(__memccpy, baseline)
 	jb		2f
 
 	add		$32, %rsi		# advance pointers to next chunk
-	pcmpeqb		%xmm0, %xmm1		# NUL byte encountered?
+	pcmpeqb		%xmm0, %xmm1		# c encountered?
 	pmovmskb	%xmm1, %eax
 	test		%eax, %eax
 	jnz		4f
@@ -146,11 +159,10 @@ ARCHENTRY(__memccpy, baseline)
 	add		$16, %edx
 
 	/* 1--16 bytes left in the buffer but string has not ended yet */
-2:	pcmpeqb		%xmm1, %xmm0		# NUL byte encountered?
+2:	pcmpeqb		%xmm1, %xmm0		# c encountered?
 	pmovmskb	%xmm0, %r8d
 	mov		%r8d, %ecx
 	bts		%edx, %r8d		# treat end of buffer as end of string
-	or		$0x10000, %eax		# ensure TZCNT finds a set bit
 	tzcnt		%r8d, %r8d		# find tail length
 	add		%rsi, %rdi		# restore RDI
 	movdqu		1(%rsi, %r8, 1), %xmm0	# load string tail
@@ -162,42 +174,39 @@ ARCHENTRY(__memccpy, baseline)
 	ret
 
 4:	sub		$16, %rsi		# undo second advancement
-	add		$16, %rdx		# restore number of remaining bytes
 
-	/* string has ended but buffer has not */
+	/* terminator found and buffer has not ended yet */
 3:	tzcnt		%eax, %eax		# find length of string tail
-	movdqu		-15(%rsi, %rax, 1), %xmm0 # load string tail (incl. NUL)
+	movdqu		-15(%rsi, %rax, 1), %xmm0 # load string tail (incl. c)
 	add		%rsi, %rdi		# restore destination pointer
-	movdqu		%xmm0, -15(%rdi, %rax, 1) # store string tail (incl. NUL)
+	movdqu		%xmm0, -15(%rdi, %rax, 1) # store string tail (incl. c)
 	lea		1(%rdi, %rax, 1), %rax	# compute return value
 	ret
 
-.Lhead_buf_end:
-	pmovmskb	%xmm1, %r8d
-	add		$32, %edx		# restore edx to (len-1) + ecx
-	shl		$16, %r8d		# place 2nd chunk NUL mask into bits 16--31
-	mov		%r8d, %r10d
-	bts		%rdx, %r8		# treat end of buffer as if terminator present
-	xor		%eax, %eax		# return value if terminator not found
-	tzcnt		%r8, %rdx		# find string/buffer len from alignment boundary
+	/* buffer is 1--32 bytes in size */
+	ALIGN_TEXT
+.Lrunt:	add		$32, %r11d		# undo earlier decrement
+	mov		%r8d, %r10d		# keep a copy of the original match mask
+	bts		%r11d, %r8d		# induce match at buffer end
+	and		%ax, %r8w		# is there a match in the first 16 bytes?
+	jnz		0f			# if yes, skip looking at second chunk
+
+	pcmpeqb		16(%rsi), %xmm4		# check for match in second chunk
+	pmovmskb	%xmm4, %r8d
+	shl		$16, %r8d		# place second chunk matches in bits 16--31
+	mov		%r8d, %r10d		# keep a copy of the original match mask
+	bts		%r11d, %r8d		# induce a match at buffer end
+
+0:	xor		%eax, %eax		# return value if terminator not found
+	tzcnt		%r8d, %edx		# find string/buffer length from alignment boundary
 	lea		1(%rdi, %rdx, 1), %r8	# return value if terminator found + rcx
-	sub		%rcx, %r8		# subtract rcx
-	bt		%rdx, %r10		# was the terminator present?
+	sub		%rcx, %r8
+	bt		%edx, %r10d		# was the terminator present?
 	cmovc		%r8, %rax		# if yes, return pointer, else NULL
-	sub		%ecx, %edx		# find actual string/buffer len
-	jmp		.L0132
+	sub		%ecx, %edx		# find actual string/buffer length
 
-.Lsecond_nul:
-	add		%r8, %rdx		# restore buffer length
-	tzcnt		%eax, %r8d		# where is the NUL byte?
-	lea		-16(%rcx), %eax
-	sub		%eax, %r8d		# string length
-	lea		1(%rdi, %r8, 1), %rax	# return value if NUL before end of buffer
-	xor		%ecx, %ecx		# return value if not
-	cmp		%r8, %rdx		# is the string shorter than the buffer?
-	cmova		%r8, %rdx		# copy only min(buflen, srclen) bytes
-	cmovb		%rcx, %rax		# return NUL if buffer ended before string
-.L0132:	cmp		$16, %rdx		# at least 17 bytes to copy (not incl NUL)?
+	ALIGN_TEXT
+.L0132:	cmp		$16, %rdx		# at least 17 bytes to copy?
 	jb		.L0116
 
 	/* copy 17--32 bytes */
@@ -207,16 +216,8 @@ ARCHENTRY(__memccpy, baseline)
 	movdqu		%xmm1, -15(%rdi, %rdx, 1)
 	ret
 
-.Lhead_nul:
-	tzcnt		%eax, %r8d		# where is the NUL byte?
-	sub		%ecx, %r8d		# ... from the beginning of the string?
-	lea		1(%rdi, %r8, 1), %rax	# return value if NUL before end of buffer
-	xor		%ecx, %ecx		# return value if not
-	cmp		%r8, %rdx		# is the string shorter than the buffer?
-	cmova		%r8, %rdx		# copy only min(buflen, srclen) bytes
-	cmovb		%rcx, %rax		# return NUL if buffer ended before string
-
 	/* process strings of 1--16 bytes (rdx: min(buflen, srclen), rax: srclen) */
+	ALIGN_TEXT
 .L0116:	cmp		$8, %rdx		# at least 9 bytes to copy?
 	jae		.L0916
 

From nobody Wed Aug  7 15:39:38 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfDrB71BYz5STfl;
	Wed, 07 Aug 2024 15:39:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfDrB1gBMz4qQ9;
	Wed,  7 Aug 2024 15:39:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723045178;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hufMV83xBn++6ddYo+vRcVKc98QLGmSdhvLl1THLPI4=;
	b=PiR3twuh7pOkh+T7K1GxNI5IsrlBuEaQqjQPnNqKvrfjvL9euQbDBFrJRcpyY3XWlbEwg6
	TnNTbc6qOIchP/V80hcxzag4Ejw1osW4Oib3lkf4Fe9b+ITVZT+15/X5uDV/uNqxeQLutU
	xt1FV69e8ys1IRxv8hwfjJOEG08FKPP72ZXrHcBo08CR7DI3uYRn6LRDWLi3YwNJ4jlcns
	r7pVmuVu1CoF9yoxwC/jhLA3zO5wXV/PIVuSZfNNgp1YiklZnjYMfoSwx149pTS7aCdVie
	DlfEvym/lH/511hiTX93R67FcA5NxjJY2MmPg+7LB9diEqc8/YX1QmDfUxQlYQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723045178; a=rsa-sha256; cv=none;
	b=OypQ6Vwb6tbQXmDSLz1Zmi3Nt+0rTRQ8cCM/nNVD7AW5RczbaTcJjvgsJdPtA74kSS0/XO
	sAxYGrh/xtfrF7l/EP2XYX5gJyy4WPZYmMZh4uOOD1QkSn1J1UeTRBdjRC/8kag98OX4ds
	TM4mSSIbKfDTvBAY5DHcA2Da2XA/RYcbFkYaGrDhTJOUK8FifH/7ZnCoFqn5G2+ccKBMDv
	sATo58gAyje502+iI3+dvsAa4AI/f2xY9IVOgr+PawqjETSqwPg+99x0sD/HUcFrQcMmHY
	5wawZ2k4T4IiXDzaZuZT9Xs6Tk/VMktpzl+3jcKzpAbGmMgSDbQR+Y7AxKj6Pw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723045178;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hufMV83xBn++6ddYo+vRcVKc98QLGmSdhvLl1THLPI4=;
	b=ou8Df/FngfOHi96PVfQaX86MIWMEha2qZP5xzJcJ4w23ucyDorNhZcaHPJp6mdP8xDYGYL
	RYsqOvRLV5tn+NY8X1nu40xF2vgSvFA+uwZ5HCYSch7z5eW5L9j51gPgYzqPR9SNHtWGG8
	3ndIGKCm3rg4rr8xefziaIVV89XlfDsvV/qW4tE5IU1/MeJiUPj0VvAVCZLHdjV4fam8Tg
	jtsCSetJLs0TuN5kmiQ58GV1Omc6cDF4adCipjV+d/MxjhkwQ0Leq0ZfigyJrdjrxgqm6R
	GTm+MYlXIN/7ElYBIaZB+789Hb2M/QdGkItQg3xCZax6sgSwsznRP6DNLy3aOA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfDrB1GYHzwlC;
	Wed,  7 Aug 2024 15:39:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477FdcK2023624;
	Wed, 7 Aug 2024 15:39:38 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477FdctO023621;
	Wed, 7 Aug 2024 15:39:38 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 15:39:38 GMT
Message-Id: <202408071539.477FdctO023621@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: bd3aa40e0a55 - releng/13.4 - sshd: remove blacklist
  call from grace_alarm_timer
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: bd3aa40e0a55f801abbb880c617f6c5695796d16
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=bd3aa40e0a55f801abbb880c617f6c5695796d16

commit bd3aa40e0a55f801abbb880c617f6c5695796d16
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-01 00:04:46 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-07 15:39:06 +0000

    sshd: remove blacklist call from grace_alarm_timer
    
    Under certain circumstances it may call log(3), which is not async-
    signal-safe.
    
    For now just remove the blacklist integration from this path, which
    means that blacklistd will not detect and firewall hosts that establish
    a connection but do nothing further.
    
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46203
    
    (cherry picked from commit 2739a6845031e69be7c03461a9335d8bbb9f59bd)
    (cherry picked from commit 3d3bae9b95388169d396adc8007585699c5a23e0)
    (cherry picked from commit 73466449a9bf1888147c53d622236cebc0aa591b)
    (cherry picked from commit d5f16ef6463d73270e4380f3498410c8ad91f495)
    
    Approved by:    re (cperciva)
---
 crypto/openssh/ssh_config    | 2 +-
 crypto/openssh/ssh_config.5  | 2 +-
 crypto/openssh/sshd.c        | 2 --
 crypto/openssh/sshd_config   | 2 +-
 crypto/openssh/sshd_config.5 | 2 +-
 crypto/openssh/version.h     | 2 +-
 6 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config
index 36c6c7785fd2..a047ce2deb93 100644
--- a/crypto/openssh/ssh_config
+++ b/crypto/openssh/ssh_config
@@ -44,4 +44,4 @@
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 #   RekeyLimit 1G 1h
 #   UserKnownHostsFile ~/.ssh/known_hosts.d/%k
-#   VersionAddendum FreeBSD-20240318
+#   VersionAddendum FreeBSD-20240806
diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
index 020d254f7f0d..de1903ba43a2 100644
--- a/crypto/openssh/ssh_config.5
+++ b/crypto/openssh/ssh_config.5
@@ -2137,7 +2137,7 @@ in
 Specifies a string to append to the regular version string to identify
 OS- or site-specific modifications.
 The default is
-.Dq FreeBSD-20240318 .
+.Dq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 0c83e0ea468e..889f2056bc75 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -377,8 +377,6 @@ grace_alarm_handler(int sig)
 		kill(0, SIGTERM);
 	}
 
-	BLACKLIST_NOTIFY(the_active_state, BLACKLIST_AUTH_FAIL, "ssh");
-
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s port %d",
 	    ssh_remote_ipaddr(the_active_state),
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index 54a1d9d486d0..866e905d9515 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -105,7 +105,7 @@ AuthorizedKeysFile	.ssh/authorized_keys
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20240318
+#VersionAddendum FreeBSD-20240806
 
 # no default banner path
 #Banner none
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 1c3de78d1cf0..a354c1ef2b0a 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -1947,7 +1947,7 @@ The default is
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
 The default is
-.Qq FreeBSD-20240318 .
+.Qq FreeBSD-20240806 .
 The value
 .Cm none
 may be used to disable this.
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 836b5650b247..82be0be8498f 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240806"

From nobody Wed Aug  7 15:43:51 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfDx40Jp3z5SVHP;
	Wed, 07 Aug 2024 15:43:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfDx36g9sz4rBY;
	Wed,  7 Aug 2024 15:43:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723045431;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rfGoycXEElD9wT94lZtFgQlY5i+frQhwMx2TvJpq4hQ=;
	b=VsW4+YiQRdi4uudaOhJOxBQtk2PIPIpghLtf0e3k+oHdPfyt0CzvHA5MqHwyZ50lrVlOc7
	RIfLjU7XDJLVuMskg++Yt4vVXmJ1zmYemcH1v0ySgm4SG13aq45Bo11iKeSFSGsMcjfnB3
	7sGGEfL9PP1NHAJl2e5WgGgSVwCuDAC+Z2LN3OlOi7MHcymxs9iiAJxuOlyR9uBO7fVKsK
	ONPrhwObWgbdfFkC3JzToHijysshpFRkJ3cU6Zj/ub84qmlYq4jS4I1PrgtFoizORVDmvT
	yW4w3+I/B+KUFmdP8QtSVTzee0ki9PMjJay+UerL6QTfU4Ata/6AWiXQ2aCz6A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723045431; a=rsa-sha256; cv=none;
	b=JULueL+AC0E0JdzN8qCGoPg1XSzOFRI5nhFiKZX5T4yAJhkxwjw4QAxFeXOc4YAtiuBCsQ
	1DtAVz7jf+BQI5sASVgFOpCjGjRqoPLZMZK4zcT8MORBMo2PU+rywI2/MuKjUwYJZ2IWvd
	bT1Tx3oa1g0UcUel6kehxymLufTPjqCZI/ScT0eqBxpAZ0i2XxpWzIx+1hVx9Y5eUwJbBv
	eZrbSMpzbqM7FmK+tp6f3I9PFfFlT805pxM8O+SYAgQ6WrzEjfysxjNajdGoefOGq5aQwZ
	k7GY00iExr621Cex+Bxw2WXHDbVp7IDIkfd0VHM2NE5VDAKaEjGJMr1S2mm6bg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723045431;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rfGoycXEElD9wT94lZtFgQlY5i+frQhwMx2TvJpq4hQ=;
	b=gpQKxxAE3UUVbvDz/S0gXyN1rnY3CUOA23wOZRAzWISYrMtPHebOj9OofQahMyeHIP63WT
	wLZ2VCLaEGPWk6wb6JYzpyDSCHR41hi5gxFKg0eQyz1hSMTSRHUhfCJLx71DAiosN0uMZ/
	iUuzK/ZYn6QmAggoEWeYHo63Lyc/TjSRuCf0NbLMeidNphiW2dz44n7ouIkaTYiLQCqjj+
	cT/nE2xo3oSD/afQN4gABhVeZdZOcAV6y+9dseAoneb79AW40agRefEa5UqetOvKX2UH9k
	k3IPEiNr49LjN47yCPzg3QANoSF3kWc6pgvH0WFtIUPraYbwcP2cP1bdhgDL/Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfDx36GcRzwxQ;
	Wed,  7 Aug 2024 15:43:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 477FhpL6039508;
	Wed, 7 Aug 2024 15:43:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 477Fhpsw039505;
	Wed, 7 Aug 2024 15:43:51 GMT
	(envelope-from git)
Date: Wed, 7 Aug 2024 15:43:51 GMT
Message-Id: <202408071543.477Fhpsw039505@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: a87a5973132b - releng/13.4 - ktrace: Fix an inverted
  privilege check
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: a87a5973132ba396c870068083395761e794ce47
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=a87a5973132ba396c870068083395761e794ce47

commit a87a5973132ba396c870068083395761e794ce47
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-07 13:38:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-07 15:43:39 +0000

    ktrace: Fix an inverted privilege check
    
    Approved by:    so
    Approved by:    re (cperciva)
    Security:       FreeBSD-SA-24:06.ktrace
    Security:       CVE-2024-6760
    Fixes:  1762f674ccb5 ("ktrace: pack all ktrace parameters into allocated structure ktr_io_params")
    
    (cherry picked from commit 166b7573b5220aadf8b02a85933c9651b909b309)
    (cherry picked from commit f702110bc4bcc593b38674ec6e4fadf6c4626432)
---
 sys/kern/kern_ktrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 2729d0880b31..cc51dbae46f7 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -585,7 +585,7 @@ ktrprocexec(struct proc *p)
 	PROC_LOCK_ASSERT(p, MA_OWNED);
 
 	kiop = p->p_ktrioparms;
-	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED))
+	if (kiop == NULL || priv_check_cred(kiop->cr, PRIV_DEBUG_DIFFCRED) == 0)
 		return (NULL);
 
 	mtx_lock(&ktrace_mtx);

From nobody Thu Aug  8 04:35:38 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfZ402trtz5SMJM;
	Thu, 08 Aug 2024 04:36:00 +0000 (UTC)
	(envelope-from scf@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfZ4029bdz4SC3;
	Thu,  8 Aug 2024 04:36:00 +0000 (UTC)
	(envelope-from scf@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723091760;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=8QLDeuuOC3PrYdKUw1ap6B4UvleW2X8JGxRxcZHwO5Y=;
	b=KS3KI/QvPLG7kNnFpjf6AOqWtUUNkj/vtXM8B1Lvw8UppGcaqINZb77GfmH68XbAsZZ1AX
	BMxXJDY+4NlvP10w0v2+yceT73wUbdclyJykjS4mPEC8aHTMhNN8/3TCKQroxUnVA7Kzmc
	jaKqWgm52KKmmY7mPgbekt3wK040r3/AvUeqGcs1vv969vOTEZHVrUbx4gCjvIvyrAmv4U
	TFKZIUs3VTsRw5YngQhKQWlO+8+REQNfQ1AMKA3DMqSeeKBlWhv7GZ623Q/XZsYYrXWBC0
	2aQkHHfxx/NQnEZax3h5lcy8ZuCS/6szorQwgsV1eOxZBBlgqtW0vzvn6OKmBA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723091760; a=rsa-sha256; cv=none;
	b=wRdbZzWd9VzYxoHH6KWhdExDiYxvfi/aBiRu+N6MveTpvcL/eoMaB6tQpGy2+mE/oQNOqa
	EhW0gfSs7CSp7slGiaAxSsj6Na3b6g/6nfGY1EJKGNbnB32Ky+ImGGR8AMlT8cTgp5EPUi
	iIjBdEMe0XD+kfTYcPZq+40BLgWSoum27SZ8Rdz83NDZ6Ui9RpjMhkdWIPv3H2BV8h3ib7
	pFk49Yb/sWbRClrrP5AnB4FKD2O7V8obtH6fXFwE60pO8adgvUuHxUNgluvdsxuPygCkdS
	r+kj/zlb0QZzW5wMI+Gwf1lBWBNwdtSAgAU9AyS+jw9HXPwj0CmWYH3OBaIiNg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723091760;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=8QLDeuuOC3PrYdKUw1ap6B4UvleW2X8JGxRxcZHwO5Y=;
	b=lx4TkiEpohE09ZoSVtWfyMdDHvDhD8Yhw0OgQOxbdEfByXjowTy0LuA5RH9L3NA3CHnfaP
	T5HjMwOKSElqpCW77jSr+m0yToYx8+2v8OBbCVSemh+ZrRAknkCkzDb81rbFBG7Z2zYZvI
	F29c4Bno8zoYXl0qcZglqzK3f5uM0D1VgkrPTyHtZmoEz3IFuZuEhGhuU2eKG6BMyszjOw
	v/z98Grl0FpjngNIZtm4wJ+liiWUYyfduBoj2Sduq4fG7fQ15gkctxJACrREB80EfOQ8Iv
	KBNNIbH31aBLEH7t/NvHIGSppeX4ho/zV5i38Ap6Zh4XufMtTRQiE02caWWaVA==
Received: from thor.farley.org (1609341-v107.1360-static.crmlinaa.metronetinc.net [104.254.222.35])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: scf/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4WfZ3z73JVz11dp;
	Thu,  8 Aug 2024 04:35:59 +0000 (UTC)
	(envelope-from scf@FreeBSD.org)
Date: Thu, 8 Aug 2024 00:35:38 -0400 (EDT)
From: "Sean C. Farley" <scf@FreeBSD.org>
To: Ed Maste <emaste@FreeBSD.org>
cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, 
    dev-commits-src-branches@FreeBSD.org
Subject: Re: git: fc43a1b6842a - stable/14 - tzsetup: symlink /etc/localtime
  instead of copying
In-Reply-To: <202408011538.471FcJDS026885@gitrepo.freebsd.org>
Message-ID: <784ce21d-a604-bb91-c52e-29c78e2bb6e4@FreeBSD.org>
References: <202408011538.471FcJDS026885@gitrepo.freebsd.org>
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII

On Thu, 1 Aug 2024, Ed Maste wrote:

> The branch stable/14 has been updated by emaste:
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=fc43a1b6842afa806dfd7ba48de5bece63d04456
>
> commit fc43a1b6842afa806dfd7ba48de5bece63d04456
> Author:     Ed Maste <emaste@FreeBSD.org>
> AuthorDate: 2022-10-14 16:44:35 +0000
> Commit:     Ed Maste <emaste@FreeBSD.org>
> CommitDate: 2024-08-01 15:11:45 +0000
>
>    tzsetup: symlink /etc/localtime instead of copying
>
>    Using a symlink means that new timezone data (installed by an errata
>    update, say) will be usable without having to be copied again.
>
>    Reviewed by:    bapt, kevans, philip
>    Sponsored by:   The FreeBSD Foundation
>    Differential Revision: https://reviews.freebsd.org/D37005
>
>    (cherry picked from commit 5e16809c953f4cd19fadb1767469dec319de0353)

I ran across an issue with this when using "etcupdate -D" to update a 
jail from the host.  "tzsetup -r -C /tmp/chroot", as called by 
etcupdate, prepends the path of the chroot to the link which breaks 
things inside the jail.

For example, if you run the following:
mkdir -p /tmp/chroot/etc
mkdir -p /tmp/chroot/usr/share
mkdir -p /tmp/chroot/var/db
ln -s /usr/share/misc /tmp/chroot/usr/share/misc
ln -s /usr/share/zoneinfo /tmp/chroot/usr/share/zoneinfo
cp /var/db/zoneinfo /tmp/chroot/var/db/.
tzsetup -C /tmp/chroot -r

The result will be the following:
/tmp/chroot/etc/localtime@ -> /tmp/chroot//usr/share/zoneinfo/America/Indiana/Indianapolis

Sean
-- 
scf@FreeBSD.org

From nobody Thu Aug  8 13:49:19 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfpLR4N1jz5Sqxf;
	Thu, 08 Aug 2024 13:49:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfpLR3p7mz45nP;
	Thu,  8 Aug 2024 13:49:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723124959;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N4oI/VtgaU8H2qNB2rZs7sV2C/5C/LAVrCXOw4pBtlY=;
	b=e3QDy1BjwWfwv3xJLkw5dhsVuLV2nM+W8VhtjQramD4JE7axyQuvOaYMa6WenKjZngDLxh
	TsJCWxTSGNDxmvffrYMnNJ0ymhlZbjn5cLkAMcO2YLhGIKrnIfOJuyslxTERhu4aAm5KvE
	0m6qnCUja7tVjkgovNtRy8X8+5TRr+pV4r5wN4mUWSJ6o+jV9X0QD6Q0h/EQDF9/icvda1
	H/LXxpohUutZcc5CIHfyudMgQzLXIEXxq9I+LR6K3yRbRw1xVPX6tUm6qlYh7e8zEJ8dYh
	ggPPGfB5kTKSFu2ePmQJw8BQMxm+Q68tOrhZT9FGVJ9flRpukA1xCpYjN7Ok+w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723124959; a=rsa-sha256; cv=none;
	b=fuOSIyn0h119zVR6F3jKqCXw4QxpkPhRNoZxAn1Hm6MoqjO1Qq/HrdwAf9zu6BDwjZRth6
	KcCo14zxnSxmPHF+4I3yKxgWdcXKrgff0WslfNlc2iWW9QA5OxepMegtGDBgX6ujSlHqbK
	EJTqJv0qskRVwloZLjsdjnfJ7O+SRo7leLTv8CbcMtpAtz1D2Kd6b6fnsPm3KMgI44le9z
	JqHCUD3M7KFfkEx/OPFTNY6DLjncmfpw/W54zwaQyJYLpSX0+olSrTCGQpG5NwyYbh3oal
	EF7PoxL87F9QobZGNpO5lDPgUmwgWe3J1td3aweNNqfT9gVEG8hVPJ4lEcyDBQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723124959;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N4oI/VtgaU8H2qNB2rZs7sV2C/5C/LAVrCXOw4pBtlY=;
	b=nu+NALkFd8w40gwtE6Wx02oAjz1w073KjpqhDsscsu4M5QEzMZGnSfthujLdXIibKdubEf
	LQRAAZVzRu0gI8Ywb7k9okseP3nRDKNt6/CCZO3nt/3eYA+FmL/5XvVI9hdXcAx5/VzGAL
	ByjrGhLjTGUP5o1xH0oZy3xgweCzdTBiTLqkbXrBDtlsNBTpqdwDWCY9t0wsN+GMYVZU49
	mMfBy9cQwYdh3qcBocbIBnAzgwORk8ux6nBO+5rHf4rZP1LyErW2zPAFMPXVjzesqfBbBm
	swZSm70a9u1rKzkvqiFrqWY0/yscQUBDeCdeMGMdezSoZaamlrnQiJ4pY/7V0w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfpLR3Lg6zbjc;
	Thu,  8 Aug 2024 13:49:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478DnJ0G071963;
	Thu, 8 Aug 2024 13:49:19 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478DnJmd071960;
	Thu, 8 Aug 2024 13:49:19 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 13:49:19 GMT
Message-Id: <202408081349.478DnJmd071960@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Christos Margiolis <christos@FreeBSD.org>
Subject: git: db238c7c52b3 - stable/14 - mixer.3: Fix mixer_get_mode()
  description
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: christos
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: db238c7c52b320e396578eddcabdcf4d515d3896
Auto-Submitted: auto-generated

The branch stable/14 has been updated by christos:

URL: https://cgit.FreeBSD.org/src/commit/?id=db238c7c52b320e396578eddcabdcf4d515d3896

commit db238c7c52b320e396578eddcabdcf4d515d3896
Author:     Christos Margiolis <christos@FreeBSD.org>
AuthorDate: 2024-08-05 11:13:44 +0000
Commit:     Christos Margiolis <christos@FreeBSD.org>
CommitDate: 2024-08-08 13:49:10 +0000

    mixer.3: Fix mixer_get_mode() description
    
    Improve wording and also fix the constants' names.
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      2 days
    Reviewed by:    dev_submerge.ch
    Differential Revision:  https://reviews.freebsd.org/D46220
    
    (cherry picked from commit 6e744de1a3dc5dde8d2ee51e97a1224a01bdfb21)
---
 lib/libmixer/mixer.3 | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/lib/libmixer/mixer.3 b/lib/libmixer/mixer.3
index 4008867ef2fb..04aa3bd1dca7 100644
--- a/lib/libmixer/mixer.3
+++ b/lib/libmixer/mixer.3
@@ -19,7 +19,7 @@
 .\" OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 .\" THE SOFTWARE.
 .\"
-.Dd May 22, 2024
+.Dd August 4, 2024
 .Dt MIXER 3
 .Os
 .Sh NAME
@@ -388,18 +388,15 @@ controls.
 .Pp
 The
 .Fn mixer_get_mode
-function returns the playback/recording mode of the audio device the mixer \
-belongs to.
-The available values are the following:
-.Bl -tag -width "MIX_STATUS_PLAY | MIX_STATUS_REC" -offset indent
-.It Dv MIX_STATUS_NONE
-Neither playback nor recording.
-.It Dv MIX_STATUS_PLAY
-Playback.
-.It Dv MIX_STATUS_REC
-Recording.
-.It Dv MIX_STATUS_PLAY | MIX_STATUS_REC
-Playback and recording.
+function returns the operating mode of the audio device the mixer belongs to.
+The following values can be OR'ed in case more than one mode is supported:
+.Bl -tag -width "MIX_MODE_MIXER" -offset indent
+.It Dv MIX_MODE_MIXER
+The audio device has a mixer.
+.It Dv MIX_MODE_PLAY
+The audio device supports playback.
+.It Dv MIX_MODE_REC
+The audio device supports recording.
 .El
 .Pp
 The

From nobody Thu Aug  8 15:41:05 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfrqQ0H4wz5T5MM;
	Thu, 08 Aug 2024 15:41:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfrqP6xjjz4HK5;
	Thu,  8 Aug 2024 15:41:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723131666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=2L2oBDyql3r5YRmVagE3uGbaFKAsTsNzNo4+tkyaB8U=;
	b=jlyZCuSG6aLIGTRG2YcJkcAkc/VMKYiVXTfluJy0n1L63WoyvS3Oi2LXR+fPmf+a0707T/
	R3mY3Fp89tZ6k9LJEhFn8ti4mFG3JCGp1WEwiH6zuwS88vDpYiuN8QnPC0ZGtB5aYmb8yF
	g0fcoT9aZtCu2LqAokoCfAYtkiwEIiZvhaWDNIpTA/EcBQo8doi8L+H4ctineakWVtHKmh
	UFn+jMkoUK6GXBaCucK1CVJo8HeFBBHpsvvhEdJKwOH22K27nnQNk7Mm1mMaQ/QgMF/L2h
	MBkMmChl2g2MSo5HnzsU+2ZT/8516FzHu7GsVY+Jw56GEW272gHzr1YA+EyCIQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723131666; a=rsa-sha256; cv=none;
	b=RCaXT/hnoRAN4iFNCOGUUNDB8vwQX/c+EcBEAsoz+QGVHUG8hq6trxbRwp6QjclWlgLykB
	jAadh/6zlBTopVTBTrRbFUY4fFHMbMfONxE+M5PgtdNuxxWXZ60QjbaarrsAUsmYTiWuJD
	3qdPnAOcj/6NrF6JZIfTS2799S/ZZ4O0GFWTEFXYPSFkGneDxAbs6Aj3YlfKyW2QxmpIzu
	4Li1zhGnAS3h2ZD/Gm0wycwYq5and2NaYm9wnKzKA4kfyCBUsjxqpY14R1D5j8+lBd+RF4
	1DyI7IoiyoyGAIdlTUChm2khQ21jGChecxjWuK8XEM1vBCs4WxqVIsC01zIZ5g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723131666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=2L2oBDyql3r5YRmVagE3uGbaFKAsTsNzNo4+tkyaB8U=;
	b=HqwMuYylZaLtsv/VVBI2Fgjbf19pa3TaI1iQ7HjR9EflJwoSftRPNHwO0RD1HqvxNlkVaK
	oCu0BOPO87sZEyPI4lbkqCRsFl7CjKYlvEz+om4Db2hHtRVh7GkajbeWmBXwiVu3Yza2vx
	kb2BUGavD8eNygN3XibEOnzTgJWh+Xh/luaIh4ytvE9ofFZ4LaVhrkRRBH8k2KGbHH9PGs
	lBVv3cd3fCqfjO6iW83Rqwu9rJ5BF8QxTPXcHoGQ6fG6i/jkqRGm7ggM8iIJDTv0V7iAqg
	VjIkeLJs4ibRftvGo4kZInOJ54Mv6SpICZPvU8JSGMLg4FxAd+E8d8oSMubWCg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfrqP6YYRzfRG;
	Thu,  8 Aug 2024 15:41:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478Ff5hB070812;
	Thu, 8 Aug 2024 15:41:05 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478Ff5lI070810;
	Thu, 8 Aug 2024 15:41:05 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 15:41:05 GMT
Message-Id: <202408081541.478Ff5lI070810@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 053500aa9301 - stable/13 - pfctl: Allow a semicolon
  (;) as a comment
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 053500aa93017f8d8096a9625491ae1e335a356e
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=053500aa93017f8d8096a9625491ae1e335a356e

commit 053500aa93017f8d8096a9625491ae1e335a356e
Author:     Juraj Lutter <otis@FreeBSD.org>
AuthorDate: 2024-07-25 08:07:50 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-08-08 05:42:58 +0000

    pfctl: Allow a semicolon (;) as a comment
    
    To make parsing of, for example, Spamhaus' drop.txt and similar
    files that contains semicolons as comments, allow them also
    in file-based tables.
    
    Reviewed by:    kp
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D46088
    
    (cherry picked from commit a8a95277363be2c92b3c06bd9cd1a32d1c6c6ecd)
---
 sbin/pfctl/pfctl.8                    | 4 +++-
 sbin/pfctl/pfctl_radix.c              | 4 ++--
 sbin/pfctl/tests/files/pf1020.in      | 3 +++
 sbin/pfctl/tests/files/pf1020.include | 4 ++++
 sbin/pfctl/tests/files/pf1020.ok      | 2 ++
 sbin/pfctl/tests/pfctl_test_list.inc  | 1 +
 6 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index 41a8ec8b4340..196ce0f1766f 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd October 3, 2016
+.Dd July 23, 2024
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -518,6 +518,8 @@ line and/or in an unformatted text file, using the
 flag.
 Comments starting with a
 .Sq #
+or
+.Sq \;
 are allowed in the text file.
 With these commands, the
 .Fl v
diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c
index d33f091d8b69..1e93a8972d9e 100644
--- a/sbin/pfctl/pfctl_radix.c
+++ b/sbin/pfctl/pfctl_radix.c
@@ -535,8 +535,8 @@ pfr_next_token(char buf[BUF_SIZE], FILE *fp)
 		/* skip spaces */
 		while (isspace(next_ch) && !feof(fp))
 			next_ch = fgetc(fp);
-		/* remove from '#' until end of line */
-		if (next_ch == '#')
+		/* remove from '#' or ';' until end of line */
+		if (next_ch == '#' || next_ch == ';')
 			while (!feof(fp)) {
 				next_ch = fgetc(fp);
 				if (next_ch == '\n')
diff --git a/sbin/pfctl/tests/files/pf1020.in b/sbin/pfctl/tests/files/pf1020.in
new file mode 100644
index 000000000000..7f98df69bd04
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.in
@@ -0,0 +1,3 @@
+table <tabl1> file "./pf1020.include"
+
+block from <tabl1>
diff --git a/sbin/pfctl/tests/files/pf1020.include b/sbin/pfctl/tests/files/pf1020.include
new file mode 100644
index 000000000000..3fca07f64bfa
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.include
@@ -0,0 +1,4 @@
+; comment1
+# comment2
+1.0.0.1/32 ; comment1
+2.0.0.2/32 # comment2
diff --git a/sbin/pfctl/tests/files/pf1020.ok b/sbin/pfctl/tests/files/pf1020.ok
new file mode 100644
index 000000000000..16073b3d6987
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.ok
@@ -0,0 +1,2 @@
+table <tabl1> file "./pf1020.include"
+block drop from <tabl1> to any
diff --git a/sbin/pfctl/tests/pfctl_test_list.inc b/sbin/pfctl/tests/pfctl_test_list.inc
index b73bcf2522b7..2565a119cc6a 100644
--- a/sbin/pfctl/tests/pfctl_test_list.inc
+++ b/sbin/pfctl/tests/pfctl_test_list.inc
@@ -117,3 +117,4 @@ PFCTL_TEST(1005, "PR 231323")
 PFCTL_TEST(1006, "pfctl crashes with certain fairq configurations")
 PFCTL_TEST(1010, "POM_STICKYADDRESS test")
 PFCTL_TEST(1018, "Test dynamic address mask")
+PFCTL_TEST(1020, "Test hashmark and semicolon comment")

From nobody Thu Aug  8 15:41:06 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfrqQ4GdCz5T5Pd;
	Thu, 08 Aug 2024 15:41:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfrqQ34nxz4HV0;
	Thu,  8 Aug 2024 15:41:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723131666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tUVfTXfdPYjJC1acwd0C2GOO46OcX9+/M64b2L30XiI=;
	b=gDmgN5Qcl48h2ptv99AuD2kQldP2M37VsyobWwcls1yHO0LuV7+6z0SL/Ebx8oEjD683K3
	4TJQvbRaZSfgpWtOw6aI3kmjL50hOWZ+TCrCzqMkLqXXatnpXYE4YKGm86Sx0Y4FHqy5CL
	LQPFFfzHRfr9UcS4pP3l9umLQOnwZY9wEmBJF97YsllQmeEKJUY8LmQZzcQj7DrEm9NYik
	j6zgS8jSKd+6+/lyVK+XeYWw603Lj6rVi+H0JW82Fc+XnmopWaIEz5yKpriGlk24enqyoD
	vx4PPXkoBKdNxgbFOZQ00qiQYSEmj3iVrp6dS3nIRMHTaq6VBQq9fLp2nIdzGg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723131666; a=rsa-sha256; cv=none;
	b=ViqyaIeCdmDdtHJGMdKLhvg7fLXLMwJKKHgAgGZJVIw9o6FFiUxwIVNloR3lNqZ1CtAyqs
	Y+WOYqhSBP7nvKWBToBaohZyp00fsokyrEdV4HnukFTx6VAwyVZ5G6CwZG17vtx01PVMH4
	ps5tENLJKNjgBZ3ogaCA6lb1FDORd7cEiVL5m+s4OVxmA4GbS5e7NIIGO8rCuB1G5oxPCz
	D7oe+XDLq+FijB5Sj4WitT6kaJKY6hi6wOBW+Sy+/+lGg81r9y77Qr77nH51vQD9kp9wLO
	CgHasxaB567LcI9Y7Uo1xaZutguzvgLBwxBNyK7l8WC8+rzVDh0igYaZfFO3pg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723131666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=tUVfTXfdPYjJC1acwd0C2GOO46OcX9+/M64b2L30XiI=;
	b=ACXi6N0buHXhhNC02HOoNg5/jTVVpuzrrtYTl7k5fEKjfCnyNykLP1mCoPXYc9k9ntrRWY
	ugxpkMbn25EAXU+4niGcY4ILlZO1OjNZd2Cikp+2S7ohnWWhi/dmoXqfNdVe3wt7tq9Ivm
	Nn/ZJdADcqpz1MgwPewqLgdshGyGAtu0GekmZcjozFc51487P/nMxYVfQUHObkdGTuZXw+
	UWntIYSa8ePRN+EYdu+vgSs/egpOUpjNFpRL2/lYeqpeiKbWr4CxSEKyHmyP+EEAUCq+nf
	c4RB+msqclvVPBTRwdTczz7CK3ypVW+x/9QCetLOYipuVM/gtWhRdhw9MdW2Xg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfrqQ2hLszfkM;
	Thu,  8 Aug 2024 15:41:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478Ff67N070918;
	Thu, 8 Aug 2024 15:41:06 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478Ff6lk070915;
	Thu, 8 Aug 2024 15:41:06 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 15:41:06 GMT
Message-Id: <202408081541.478Ff6lk070915@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 36bb714e2592 - stable/14 - pfctl: Allow a semicolon
  (;) as a comment
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 36bb714e2592f1e424dc74f4f0a44f2e87eee84b
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=36bb714e2592f1e424dc74f4f0a44f2e87eee84b

commit 36bb714e2592f1e424dc74f4f0a44f2e87eee84b
Author:     Juraj Lutter <otis@FreeBSD.org>
AuthorDate: 2024-07-25 08:07:50 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-08-08 15:39:59 +0000

    pfctl: Allow a semicolon (;) as a comment
    
    To make parsing of, for example, Spamhaus' drop.txt and similar
    files that contains semicolons as comments, allow them also
    in file-based tables.
    
    Reviewed by:    kp
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D46088
    
    (cherry picked from commit a8a95277363be2c92b3c06bd9cd1a32d1c6c6ecd)
---
 sbin/pfctl/pfctl.8                    | 4 +++-
 sbin/pfctl/pfctl_radix.c              | 4 ++--
 sbin/pfctl/tests/files/pf1020.in      | 3 +++
 sbin/pfctl/tests/files/pf1020.include | 4 ++++
 sbin/pfctl/tests/files/pf1020.ok      | 2 ++
 sbin/pfctl/tests/pfctl_test_list.inc  | 1 +
 6 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index 41eb2bea9f94..ac0106fb560b 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd February 22, 2021
+.Dd July 23, 2024
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -526,6 +526,8 @@ line and/or in an unformatted text file, using the
 flag.
 Comments starting with a
 .Sq #
+or
+.Sq \;
 are allowed in the text file.
 With these commands, the
 .Fl v
diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c
index d33f091d8b69..1e93a8972d9e 100644
--- a/sbin/pfctl/pfctl_radix.c
+++ b/sbin/pfctl/pfctl_radix.c
@@ -535,8 +535,8 @@ pfr_next_token(char buf[BUF_SIZE], FILE *fp)
 		/* skip spaces */
 		while (isspace(next_ch) && !feof(fp))
 			next_ch = fgetc(fp);
-		/* remove from '#' until end of line */
-		if (next_ch == '#')
+		/* remove from '#' or ';' until end of line */
+		if (next_ch == '#' || next_ch == ';')
 			while (!feof(fp)) {
 				next_ch = fgetc(fp);
 				if (next_ch == '\n')
diff --git a/sbin/pfctl/tests/files/pf1020.in b/sbin/pfctl/tests/files/pf1020.in
new file mode 100644
index 000000000000..7f98df69bd04
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.in
@@ -0,0 +1,3 @@
+table <tabl1> file "./pf1020.include"
+
+block from <tabl1>
diff --git a/sbin/pfctl/tests/files/pf1020.include b/sbin/pfctl/tests/files/pf1020.include
new file mode 100644
index 000000000000..3fca07f64bfa
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.include
@@ -0,0 +1,4 @@
+; comment1
+# comment2
+1.0.0.1/32 ; comment1
+2.0.0.2/32 # comment2
diff --git a/sbin/pfctl/tests/files/pf1020.ok b/sbin/pfctl/tests/files/pf1020.ok
new file mode 100644
index 000000000000..16073b3d6987
--- /dev/null
+++ b/sbin/pfctl/tests/files/pf1020.ok
@@ -0,0 +1,2 @@
+table <tabl1> file "./pf1020.include"
+block drop from <tabl1> to any
diff --git a/sbin/pfctl/tests/pfctl_test_list.inc b/sbin/pfctl/tests/pfctl_test_list.inc
index 4a63c0ba48b7..5d5aa0172530 100644
--- a/sbin/pfctl/tests/pfctl_test_list.inc
+++ b/sbin/pfctl/tests/pfctl_test_list.inc
@@ -127,3 +127,4 @@ PFCTL_TEST(1015, "Ethernet rule with several labels")
 PFCTL_TEST(1016, "Ethernet rule with ridentifier and one label")
 PFCTL_TEST(1017, "Ethernet rule with ridentifier and several labels")
 PFCTL_TEST(1018, "Test dynamic address mask")
+PFCTL_TEST(1020, "Test hashmark and semicolon comment")

From nobody Thu Aug  8 15:58:02 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfsBz12wNz5T79S;
	Thu, 08 Aug 2024 15:58:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfsBz0HV7z4Jss;
	Thu,  8 Aug 2024 15:58:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723132683;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vqm4cdICJlk8BOf75lveHQnj/gB9HNBl8p+WC4m4Xk8=;
	b=srXdTMZxIUT5XmCzyIeMY5IHjbmGSvwsRr8hILsn2hOjMdPvgSnjDQ9XVumxXmykNlSVZ0
	HqxcgRIiyNNcTT9Hp2qx1p9Su5JGLExAcbne/CrSJRi+iL88ZSZ7DXkmxFKGnZC3anLrdV
	5f6daKmajU9kUGD1zO6zTbYg+q1NhRi/HtvK+NcXQIlEhjwnYxa+rSyBtcFDC10xEBvw9/
	IajuWAGeldChjTgcNC4JOUW9O3KxXlYbgL9nXDjricBiX5Z0OTkVe78DyNMflqI1YX7RQ6
	7qM/00kK/SpMOr7ueS9FVr4iz6qP1q4R8y1sj7V986+WbIbiuD7MCRw8fTykMw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723132683; a=rsa-sha256; cv=none;
	b=IYZ+Zb+hkqPlUkDEZ1rKBqeiwobkTK8xXjLG5D5nCi4l+cxjvK6LSNe9sx8rW3slM9bXrA
	DsFXjN4UtKThckE22uIWXtTclDkI36upJGvTBC1gGKu7tD+YBAlOqbRte9gwqxCrgaiUUT
	s0/2j2DxT9N5ai6qgad2Ep2llrmMpjJ7mm9JnM9JI1NoNuDT3KFeLK3zqWcGVUstSyXneU
	RD9R12uZs4R9aq4FnlyGiZJRmMNCzMnAiKHvmg6NiyghLcKwZ9iOC0qLagP+LmfByytpgW
	1z6IyXLDQwL++OQ5W6KiJCQR/5n/ZqalnWmhRQBQqo8JSWI+uC2pvMGkbXrzYQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723132683;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vqm4cdICJlk8BOf75lveHQnj/gB9HNBl8p+WC4m4Xk8=;
	b=hX0YaET7y8cT8TaJGHPWQrQImwmGdz3YiS1n+ATEx1ZDvLVDcEu53A8j/BYx4fq5b8+nGU
	8FrLUrafFpEtGCgZnXtRM20ME9h2yAwTEpc20IuZE6YoozySV1vrhGEAY5EslG2Eu4SiTs
	fPB6K1gAYCrFP1Rj5EubytFqBGyCpDS84DeSKv3i5rgmyaOvt9RmpmsOPjGQ7DtohHv07L
	EnCQZUFqMc8ej04wRDqIFfMOJK1KZIEaj1wngn7vIf43E8d+Z9bfCMD9NI14f8Kbmvtr5E
	/v5o/S9AIyu3SIafb5ywlCLj5evzJajMmmhRGeUgIhHvTAz911g/DX+Dn+/1rw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfsBy6tM1zflm;
	Thu,  8 Aug 2024 15:58:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478Fw2ih092457;
	Thu, 8 Aug 2024 15:58:02 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478Fw2op092454;
	Thu, 8 Aug 2024 15:58:02 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 15:58:02 GMT
Message-Id: <202408081558.478Fw2op092454@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 096cb89033a4 - stable/14 - dtrace: Avoid including
  dtrace_isa.c directly into dtrace.c
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 096cb89033a4ee78aa891cfef06d3b48a96537b0
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=096cb89033a4ee78aa891cfef06d3b48a96537b0

commit 096cb89033a4ee78aa891cfef06d3b48a96537b0
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-24 20:10:33 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 15:53:50 +0000

    dtrace: Avoid including dtrace_isa.c directly into dtrace.c
    
    This was done in the original DTrace import, presumably because that
    made it a bit easier to handle includes.  However, this can cause
    dtrace_getpcstack() to be inlined into dtrace_probe(), resulting in a
    missing frame in stack traces since dtrace_getpcstack() takes care to
    bump "aframes" to account for its own stack frame.
    
    To avoid this, compile dtrace_isa.c separately on all platforms.  Add
    requisite includes.
    
    MFC after:      2 weeks
    Sponsored by:   Innovate UK
    
    (cherry picked from commit 82283cad12a417abfb1469d899b2d7cfb1d38f77)
---
 sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c | 1 -
 sys/cddl/dev/dtrace/aarch64/dtrace_isa.c                | 3 +++
 sys/cddl/dev/dtrace/amd64/dtrace_isa.c                  | 3 ++-
 sys/cddl/dev/dtrace/arm/dtrace_isa.c                    | 1 +
 sys/cddl/dev/dtrace/i386/dtrace_isa.c                   | 3 ++-
 sys/cddl/dev/dtrace/powerpc/dtrace_isa.c                | 2 ++
 sys/cddl/dev/dtrace/riscv/dtrace_isa.c                  | 1 +
 sys/cddl/dev/fbt/x86/fbt_isa.c                          | 2 +-
 sys/conf/files.arm                                      | 1 +
 sys/conf/files.riscv                                    | 1 +
 sys/modules/dtrace/dtrace/Makefile                      | 1 +
 11 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c b/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
index ce02676e0dc1..d3e40e96e897 100644
--- a/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+++ b/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
@@ -18446,7 +18446,6 @@ static struct cdevsw helper_cdevsw = {
 #include <dtrace_unload.c>
 #include <dtrace_vtime.c>
 #include <dtrace_hacks.c>
-#include <dtrace_isa.c>
 
 SYSINIT(dtrace_load, SI_SUB_DTRACE, SI_ORDER_FIRST, dtrace_load, NULL);
 SYSUNINIT(dtrace_unload, SI_SUB_DTRACE, SI_ORDER_FIRST, dtrace_unload, NULL);
diff --git a/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c b/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c
index 72944e8a5ae2..ff0e068006bd 100644
--- a/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c
@@ -27,6 +27,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/pcpu.h>
@@ -46,6 +47,8 @@
 #include <ddb/ddb.h>
 #include <sys/kdb.h>
 
+#include <cddl/dev/dtrace/dtrace_cddl.h>
+
 #include "regset.h"
 
 #define	MAX_USTACK_DEPTH  2048
diff --git a/sys/cddl/dev/dtrace/amd64/dtrace_isa.c b/sys/cddl/dev/dtrace/amd64/dtrace_isa.c
index 0b7162998536..9db5a16190db 100644
--- a/sys/cddl/dev/dtrace/amd64/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/amd64/dtrace_isa.c
@@ -27,6 +27,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/pcpu.h>
@@ -368,7 +369,7 @@ dtrace_getarg(int arg, int aframes)
 	for (i = 1; i <= aframes; i++) {
 		fp = fp->f_frame;
 
-		if (P2ROUNDUP(fp->f_retaddr, 16) ==
+		if (roundup2(fp->f_retaddr, 16) ==
 		    (long)dtrace_invop_callsite) {
 			/*
 			 * In the case of amd64, we will use the pointer to the
diff --git a/sys/cddl/dev/dtrace/arm/dtrace_isa.c b/sys/cddl/dev/dtrace/arm/dtrace_isa.c
index c3783b77c2d4..ed03e5ca0006 100644
--- a/sys/cddl/dev/dtrace/arm/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/arm/dtrace_isa.c
@@ -27,6 +27,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/pcpu.h>
diff --git a/sys/cddl/dev/dtrace/i386/dtrace_isa.c b/sys/cddl/dev/dtrace/i386/dtrace_isa.c
index 64c8de2a8d3a..7a30587120ba 100644
--- a/sys/cddl/dev/dtrace/i386/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/i386/dtrace_isa.c
@@ -27,6 +27,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/pcpu.h>
@@ -428,7 +429,7 @@ dtrace_getarg(int arg, int aframes)
 	for (i = 1; i <= aframes; i++) {
 		fp = fp->f_frame;
 
-		if (P2ROUNDUP(fp->f_retaddr, 4) ==
+		if (roundup2(fp->f_retaddr, 4) ==
 		    (long)dtrace_invop_callsite) {
 			/*
 			 * If we pass through the invalid op handler, we will
diff --git a/sys/cddl/dev/dtrace/powerpc/dtrace_isa.c b/sys/cddl/dev/dtrace/powerpc/dtrace_isa.c
index 7185a01c125d..acde4f0aeab2 100644
--- a/sys/cddl/dev/dtrace/powerpc/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/powerpc/dtrace_isa.c
@@ -29,6 +29,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/sysent.h>
@@ -37,6 +38,7 @@
 #include <machine/frame.h>
 #include <machine/md_var.h>
 #include <machine/psl.h>
+#include <machine/reg.h>
 #include <machine/stack.h>
 
 #include <vm/vm.h>
diff --git a/sys/cddl/dev/dtrace/riscv/dtrace_isa.c b/sys/cddl/dev/dtrace/riscv/dtrace_isa.c
index 87f52b809dfa..7a66d93d4ba9 100644
--- a/sys/cddl/dev/dtrace/riscv/dtrace_isa.c
+++ b/sys/cddl/dev/dtrace/riscv/dtrace_isa.c
@@ -29,6 +29,7 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/dtrace_impl.h>
 #include <sys/kernel.h>
 #include <sys/stack.h>
 #include <sys/pcpu.h>
diff --git a/sys/cddl/dev/fbt/x86/fbt_isa.c b/sys/cddl/dev/fbt/x86/fbt_isa.c
index 41e2823a1543..8f8a79ef31ef 100644
--- a/sys/cddl/dev/fbt/x86/fbt_isa.c
+++ b/sys/cddl/dev/fbt/x86/fbt_isa.c
@@ -55,7 +55,7 @@
 #define	FBT_PATCHVAL		0xf0
 #endif
 
-#define FBT_AFRAMES 2
+#define FBT_AFRAMES 3
 
 int
 fbt_invop(uintptr_t addr, struct trapframe *frame, uintptr_t scratch __unused)
diff --git a/sys/conf/files.arm b/sys/conf/files.arm
index fbd294ebdb42..886ffebae28c 100644
--- a/sys/conf/files.arm
+++ b/sys/conf/files.arm
@@ -77,6 +77,7 @@ arm/arm/unwind.c		optional	ddb | kdtrace_hooks | stack
 arm/arm/vm_machdep.c		standard
 arm/arm/vfp.c			optional	vfp
 cddl/dev/dtrace/arm/dtrace_asm.S			optional dtrace compile-with "${DTRACE_S}"
+cddl/dev/dtrace/arm/dtrace_isa.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/dtrace/arm/dtrace_subr.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/fbt/arm/fbt_isa.c				optional dtrace_fbt | dtraceall compile-with "${FBT_C}"
 
diff --git a/sys/conf/files.riscv b/sys/conf/files.riscv
index cf121811ba23..42f1787489ac 100644
--- a/sys/conf/files.riscv
+++ b/sys/conf/files.riscv
@@ -1,4 +1,5 @@
 cddl/dev/dtrace/riscv/dtrace_asm.S			optional dtrace compile-with "${DTRACE_S}"
+cddl/dev/dtrace/riscv/dtrace_isa.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/dtrace/riscv/dtrace_subr.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/dtrace/riscv/instr_size.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/fbt/riscv/fbt_isa.c				optional dtrace_fbt | dtraceall compile-with "${FBT_C}"
diff --git a/sys/modules/dtrace/dtrace/Makefile b/sys/modules/dtrace/dtrace/Makefile
index 53e5f1792ad5..80490952f97e 100644
--- a/sys/modules/dtrace/dtrace/Makefile
+++ b/sys/modules/dtrace/dtrace/Makefile
@@ -13,6 +13,7 @@ KMOD=		dtrace
 SRCS=		dtrace.c \
 		dtrace_xoroshiro128_plus.c \
 		dtrace_asm.S \
+		dtrace_isa.c \
 		dtrace_subr.c
 
 .if ${MACHINE_CPUARCH} == "amd64" || ${MACHINE_CPUARCH} == "i386"

From nobody Thu Aug  8 15:58:03 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfsC01WMNz5T75G;
	Thu, 08 Aug 2024 15:58:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfsC00qDQz4KBY;
	Thu,  8 Aug 2024 15:58:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723132684;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=s7QbtDBeHxivsb78PfKwxeOoXOYC7Xc7WSf0gj7oqw4=;
	b=OGZ5LtxFFZsNea5TgWR48VpnOe9M3oQvE3DfA+rme12XpAAZXsR1TkhlgdabI0bsR/WHTC
	HwhGbCrzi19tnregj/GIZpBnxnvu5w7N/saBAWKxyayv2kADLfIgkKEO4HeAbOC7C77S2n
	8sNnCMZWC9eNM8G6zEXTfO1gfetnHOll1bWc78ZFic20HlYEXcIzYNTAC944mTb68vt041
	7YVIFcREYZw3GHmygClMo+4zv6MCUHmsfYJ1AKkAm6uuL5ljDtFXiDeKtO3u8EeiqjYsfo
	u3S+a2HQpmVVTXOkX49rzyeOsnRIV/Nk5/lUtUiUGyVZX+xjWl5nqVgqej3UrA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723132684; a=rsa-sha256; cv=none;
	b=RXEjpxjkCSEkbMr6OsixwhO+qdKeWPkPpUK8qIjcwG95zgoad/AmEux4SEAhB7VPdVbA3l
	V1XxOWY34+sV+kKZ3nbtNwiXqS+vzq5eVs0qXUTK2Z75aZEukxIb8QYSsuqAzL6R/83yUY
	mwTqtby8EpzgLarJfiXvZ75jLhhRAdEIvLA+WEZyL6V6gUfNri+7TA60AjX0H0iWjyOedb
	X7YCIZupYu6S9hHzDk/Er2K97qBF4e/uaXomMD9QBnlbmq06JIHb2OkUanfPJG7qH9gLrr
	TKiFCRx1ZQ7vH0QHS6v4qqaTkDeZ8qjstNFJPHBgDZpItyGYHfcuWBtZxylIrQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723132684;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=s7QbtDBeHxivsb78PfKwxeOoXOYC7Xc7WSf0gj7oqw4=;
	b=vXXH0pfmiV69ZwbbyKl6or2B/CRVRm3/Epa31+zsLoIV/UjEAEEtp/9oXpiC9ylxaxMK4+
	B+scLBWwGIAHY4HWOqGhHjReF7WrF2iaPjckPHBZyMzqeD2qEhbzGbWOVIs/L4S3NuOVWM
	yjr9ctWeNr4bEgJuKNB9S4cJ2nCrJ59QqS32dzLHqKfvCIcdlxyJlBeXaMr2SZcutfBbQf
	qvMw7yWVOUcUznpHLmo7re7QFnWGx4AhwuosBQkyVgvWk4Mse0Vr0PqQ8tRFYad2MvaWfz
	o5GXV8L8UgG3j4XPF8azxHw/FFrNibEDeauTPEk7OaCwQ8fqHAjIqjWK5X56Tw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfsC00Qn6zfY6;
	Thu,  8 Aug 2024 15:58:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478Fw3LE092517;
	Thu, 8 Aug 2024 15:58:03 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478Fw3wM092514;
	Thu, 8 Aug 2024 15:58:03 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 15:58:03 GMT
Message-Id: <202408081558.478Fw3wM092514@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: aa937aa8c526 - stable/14 - cxgbe: Flush transmitted
  packets more regularly in netmap mode
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: aa937aa8c52646c37a2e1c98303fb581d858af03
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=aa937aa8c52646c37a2e1c98303fb581d858af03

commit aa937aa8c52646c37a2e1c98303fb581d858af03
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-05-21 19:18:32 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 15:55:48 +0000

    cxgbe: Flush transmitted packets more regularly in netmap mode
    
    Previously, when transmitting short runs of packets via cxgbe_nm_tx(),
    we would wait until a large number of packets were buffered before
    scheduling a task to clean transmit buffers.
    
    Obtained from:  np
    
    (cherry picked from commit 6af3d59962449c66688361598163dd174cc5fb2a)
---
 sys/dev/cxgbe/t4_netmap.c | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/sys/dev/cxgbe/t4_netmap.c b/sys/dev/cxgbe/t4_netmap.c
index 0377f65acc3e..e53fb5054316 100644
--- a/sys/dev/cxgbe/t4_netmap.c
+++ b/sys/dev/cxgbe/t4_netmap.c
@@ -1025,29 +1025,28 @@ cxgbe_nm_tx(struct adapter *sc, struct sge_nm_txq *nm_txq,
 			nm_txq->pidx = 0;
 		}
 
-		if (npkt == 0 && npkt_remaining == 0) {
+		if (npkt + npkt_remaining == 0) {
 			/* All done. */
-			if (lazy_tx_credit_flush == 0) {
+			if (lazy_tx_credit_flush == 0 ||
+			    NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
 				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
 				    F_FW_WR_EQUIQ);
 				nm_txq->equeqidx = nm_txq->pidx;
 				nm_txq->equiqidx = nm_txq->pidx;
+			} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
 			}
 			ring_nm_txq_db(sc, nm_txq);
 			return;
 		}
-
-		if (NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
-			    F_FW_WR_EQUIQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-			nm_txq->equiqidx = nm_txq->pidx;
-		} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-		}
-		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC)
+		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC) {
+			if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
+			}
 			ring_nm_txq_db(sc, nm_txq);
+		}
 	}
 
 	/* Will get called again. */

From nobody Thu Aug  8 16:00:55 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfsGH6Ppcz5T7Rb;
	Thu, 08 Aug 2024 16:00:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfsGH5nwtz4Kc9;
	Thu,  8 Aug 2024 16:00:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723132855;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=1Ehhvs4VAoJAYfYxljRLmE3C9cB2f0QUVA4eLFv/QzY=;
	b=eyXCzopfmb5Z+g6cWOoDxQbIm/EcUmN19EXzFwWD5wEXJ5vij5n9gv4hEqScVmutyRC0F7
	+hFX7QDm8BgMrrIF30LC6ARn+lvYkJ8VVLcZPALLP9Ut3iwaWq6Iq7BC5xq2HcaYo7ZgcJ
	44h5kWEc9hmgDjxwT5eHH7QsOKyCMFEVuPDDizg9La6bofj7nUP8fh2o0C4cSRVo+1YZFL
	+As0OKLhtTyUxS77LKGJs5l4jmZfqyGTHNaS9+8nV3D8YnE9pry13TY0rZOrWKEROpW6hx
	HTrVHMEveql7EY+bfXcN+9dZPcP5yO2ge0uREwqLh7WifeC5U7VaRWdci18eqA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723132855; a=rsa-sha256; cv=none;
	b=TCrPqEP6avEY7exrBjdgAcLwI3z0PthoDGxq4eJHZ+zHBXGAEI6u1l6suvcHIRtBduyB3F
	WzJeXD0tRROZxCJhgcmfJk+THm34eE1ey1ueZw3ZVJ4JB68l5MIu869SQer8VX3BSPtDZJ
	Nb+NzQFFUlEqB9ECj1wNOAJ3fLKJvjcbGPAw6yWaupIxwsrjntWdmvPcLNbhnhNcRRzQVE
	Nvzdk1wgPV+H/2iDRSDd0gCUj9AKJhr9yhQJ/MeS7lpJxGLM9WhU+ANdhkUvSJNM5V2h3O
	c/zWQtlNJWakjRDVfYlGBcmdv2kEDpnRERW8qnvIdeW6M4WNVFejdhNCs8+eyw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723132855;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=1Ehhvs4VAoJAYfYxljRLmE3C9cB2f0QUVA4eLFv/QzY=;
	b=HhB63i9ASW37LB8ab/riGoU2JTJ3OxCb/oVUWP3imCHrYVQFb55qUHvFMpZJOg9blr7x9F
	3NiLyZvdO/eMds2SVI/xUjPKq2+C8FBo1QTsVcalUmzCDDmnHuRHYHFeURT+QwvBzJWx+Q
	2YLcBd95Q83p9QQOiU/HbVy8MB/6kmzZmFoJl0aoI7hf/V/PPOLXZisutnnikJEHX47g15
	g1wHp1Wf1NV7tcTCAmCpBOTh7oedVy8fJZNPWIXAazbUQrSR92iDearLsgKjtJNPqElKy2
	WyuJr3+OwZi5RgXOKs9+ITg0ZwXP22Q9bUaLNnHtZjmVvQVgpXKGnp7pd03S2w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfsGH5PH3zflt;
	Thu,  8 Aug 2024 16:00:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478G0tHG005284;
	Thu, 8 Aug 2024 16:00:55 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478G0tBA005281;
	Thu, 8 Aug 2024 16:00:55 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 16:00:55 GMT
Message-Id: <202408081600.478G0tBA005281@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 59a9c20d7736 - stable/13 - cxgbe: Flush transmitted
  packets more regularly in netmap mode
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 59a9c20d7736d41be22791ec9a797cc535734ace
Auto-Submitted: auto-generated

The branch stable/13 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=59a9c20d7736d41be22791ec9a797cc535734ace

commit 59a9c20d7736d41be22791ec9a797cc535734ace
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-05-21 19:18:32 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 15:58:12 +0000

    cxgbe: Flush transmitted packets more regularly in netmap mode
    
    Previously, when transmitting short runs of packets via cxgbe_nm_tx(),
    we would wait until a large number of packets were buffered before
    scheduling a task to clean transmit buffers.
    
    Obtained from:  np
    
    (cherry picked from commit 6af3d59962449c66688361598163dd174cc5fb2a)
---
 sys/dev/cxgbe/t4_netmap.c | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/sys/dev/cxgbe/t4_netmap.c b/sys/dev/cxgbe/t4_netmap.c
index 581094735c36..b60c1a88168c 100644
--- a/sys/dev/cxgbe/t4_netmap.c
+++ b/sys/dev/cxgbe/t4_netmap.c
@@ -1025,29 +1025,28 @@ cxgbe_nm_tx(struct adapter *sc, struct sge_nm_txq *nm_txq,
 			nm_txq->pidx = 0;
 		}
 
-		if (npkt == 0 && npkt_remaining == 0) {
+		if (npkt + npkt_remaining == 0) {
 			/* All done. */
-			if (lazy_tx_credit_flush == 0) {
+			if (lazy_tx_credit_flush == 0 ||
+			    NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
 				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
 				    F_FW_WR_EQUIQ);
 				nm_txq->equeqidx = nm_txq->pidx;
 				nm_txq->equiqidx = nm_txq->pidx;
+			} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
 			}
 			ring_nm_txq_db(sc, nm_txq);
 			return;
 		}
-
-		if (NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
-			    F_FW_WR_EQUIQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-			nm_txq->equiqidx = nm_txq->pidx;
-		} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-		}
-		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC)
+		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC) {
+			if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
+			}
 			ring_nm_txq_db(sc, nm_txq);
+		}
 	}
 
 	/* Will get called again. */

From nobody Thu Aug  8 17:28:20 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfvC832TPz5THqK;
	Thu, 08 Aug 2024 17:28:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfvC82WjCz4TC1;
	Thu,  8 Aug 2024 17:28:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723138100;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=SRWxQbd38XDH7vyO4DbcToc9jotrH5DCFAM8QtMTJlQ=;
	b=iDbHJIzXFFsMVM2llEYI186EwgY5wNkgiHEINrOPwX7tZ9BGJbG44rbzfX3o8tfs6/C6dn
	+UewOVDLjLMpu9RI1e1wnY0wdqHjTemL5DQYLIQuWKExq6Lho6j20dexl7OUM8EVzV9upZ
	PkgQXH1Qxa/9TYod3spMSSZQ/yngLY2FvMgc6aC1dowHSlj32LHVSGMH3x9rFv7rXDsd6d
	iPxqMteNmDvrDAMXeiZ3Ls+puEO7T2oBQppBbsn04w93+jxVv7wknaxfwKwWneZY9/b8Ja
	9iMobXmtfkljXaQVHJSGNosQwkC9opOaCCUTt4FJGPjtvq40ydbo8NmxgscCAw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723138100; a=rsa-sha256; cv=none;
	b=ge3sSWTPWfpqhMCOz50udm+Axzza6utRL7gZ8rmg0lNJwR5g6nImSSXJ0s3eKa6huPqLhv
	82ttuAoBE73uPkGOyzgjoRTmpUrGL4MLm0sDPSXX8u916n+aTVppqqR4f79KOXBCWLxUHB
	Gs+oQsPuBp60/cR4b6RZuOspBSlNkDOjbCrAoIXfWV796p1Fd0byN+PVIyJB+aS1rfB6W1
	LKec+lwRbfYv2a1xc12PSM0rsw8a51QjbXTHrvZ3odZo42oUBjWrprq7dQ+akAEtMIJYtI
	0Ebs1HNH0IebD8U68G5l9fFZp7OS2tKH6oi95N4+5hfd3CjoAKTJfq3WldvKNg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723138100;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=SRWxQbd38XDH7vyO4DbcToc9jotrH5DCFAM8QtMTJlQ=;
	b=lELp5lkqvgBUy3aSkAy5NjKvHEhC30/4uO5rGfPG0sHX7cAZWgUeOamRAao18knIKC1wwd
	7DwDGq8MHuj8SMUSi6WZajBbQGp0X6Z5jCFiAnDnvKYQQTCPGX9Dbwm4GDm1+xNtd4Dxjw
	tXwgWUVW6gD1N+JaSaiD8JAbp3EgsrNqg6C2pL5/C0oyGRMwxlocFtrKkcgnAKOESxexF8
	nnbNh8LsdwsWzbZR9BE9iID08fOomR0LSnvV7H+tEZRaGxRBMO9ooMPEd9G7VD1BotGWns
	LW6hbLY76qmAvh9bx/kbfePqiAgs5Vkq4qdQapdqpRLgvmQHeZ7PUipNaEn5HQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfvC8267rzjFw;
	Thu,  8 Aug 2024 17:28:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478HSK5N046397;
	Thu, 8 Aug 2024 17:28:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478HSKUJ046395;
	Thu, 8 Aug 2024 17:28:20 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 17:28:20 GMT
Message-Id: <202408081728.478HSKUJ046395@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 4bf6ca0e71e2 - releng/13.4 - cxgbe: Flush transmitted
  packets more regularly in netmap mode
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: 4bf6ca0e71e2c726f6e662ea95b5c37d1fabf071
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=4bf6ca0e71e2c726f6e662ea95b5c37d1fabf071

commit 4bf6ca0e71e2c726f6e662ea95b5c37d1fabf071
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-05-21 19:18:32 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 17:13:56 +0000

    cxgbe: Flush transmitted packets more regularly in netmap mode
    
    Previously, when transmitting short runs of packets via cxgbe_nm_tx(),
    we would wait until a large number of packets were buffered before
    scheduling a task to clean transmit buffers.
    
    Approved by:    re (cperciva)
    Obtained from:  np
    
    (cherry picked from commit 6af3d59962449c66688361598163dd174cc5fb2a)
    (cherry picked from commit 59a9c20d7736d41be22791ec9a797cc535734ace)
---
 sys/dev/cxgbe/t4_netmap.c | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/sys/dev/cxgbe/t4_netmap.c b/sys/dev/cxgbe/t4_netmap.c
index 581094735c36..b60c1a88168c 100644
--- a/sys/dev/cxgbe/t4_netmap.c
+++ b/sys/dev/cxgbe/t4_netmap.c
@@ -1025,29 +1025,28 @@ cxgbe_nm_tx(struct adapter *sc, struct sge_nm_txq *nm_txq,
 			nm_txq->pidx = 0;
 		}
 
-		if (npkt == 0 && npkt_remaining == 0) {
+		if (npkt + npkt_remaining == 0) {
 			/* All done. */
-			if (lazy_tx_credit_flush == 0) {
+			if (lazy_tx_credit_flush == 0 ||
+			    NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
 				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
 				    F_FW_WR_EQUIQ);
 				nm_txq->equeqidx = nm_txq->pidx;
 				nm_txq->equiqidx = nm_txq->pidx;
+			} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
 			}
 			ring_nm_txq_db(sc, nm_txq);
 			return;
 		}
-
-		if (NMIDXDIFF(nm_txq, equiqidx) >= nm_txq->sidx / 2) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ |
-			    F_FW_WR_EQUIQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-			nm_txq->equiqidx = nm_txq->pidx;
-		} else if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
-			wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
-			nm_txq->equeqidx = nm_txq->pidx;
-		}
-		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC)
+		if (NMIDXDIFF(nm_txq, dbidx) >= 2 * SGE_MAX_WR_NDESC) {
+			if (NMIDXDIFF(nm_txq, equeqidx) >= 64) {
+				wr->equiq_to_len16 |= htobe32(F_FW_WR_EQUEQ);
+				nm_txq->equeqidx = nm_txq->pidx;
+			}
 			ring_nm_txq_db(sc, nm_txq);
+		}
 	}
 
 	/* Will get called again. */

From nobody Thu Aug  8 19:11:47 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfxVW3xB5z5S2G8;
	Thu, 08 Aug 2024 19:11:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfxVW1NsPz4jX1;
	Thu,  8 Aug 2024 19:11:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723144307;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6o2gWGUij60xvHdv9fNt84e+Yp0ZtJhbIT2Spg8TP20=;
	b=pdhTFqeLDQodh8MXsTXi1IdTRwNryZy6HEu/llmoiVwO10HzmezYsZNRtnARt+YFIOWko/
	B/jRQBtIAOPyObxhaddBT1wU4fp9rSiEJrS99ObTjYyCRFt7hJnt3pTyxdpkTgw1gdFMrd
	Nm8L19yBcDTLtXHiQmNwBIRNnC9Uj60TiPLuDrGQAsUOUAbTEJvnHf/CbOYJ5GyJXWhjMW
	fZpSH4XUYq3/dYzDKUT3FNvz8+Zthm7hjBm4QgE2LjUO4mjagLgrXpmGdNaJPcrdKiK4/w
	bUN/vnvL9MfPBsFuIVswUKkvuBP3J0nGzaF/3ggZdZ2IuL9LXQPbxEBXsEXh5g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723144307; a=rsa-sha256; cv=none;
	b=fmkNT87wMiWbTgO56RldrkGtsIFu8s3FzKA7fiU8kXJMyEHBJMVhXuupFMmHSdqH1qIWqM
	z67kG8EPwbSmOqCeNIfhfn8S/E9ftpHLSEi0H9pWZ95DKqUEZF3r3qBxHwGW1ttiORGi8M
	RtZuhFqry0XtBnPGPwlY7j7nLJxvlsmQMYmndPnsD0EPUJQOhqU5VyEgawoZzqrNHzMH6J
	HKMwy1TENx4gOdjeWcv1ncTxJY9a1cYDWkorkliIaSQF4PqrSZsQ0BC3Ts7J9nhpVvhS9g
	9pzubaSFKXtC43KP/NNERyTZL1lZj1/gAENSvUMzs6Kv10mKGE+12PitgW/jBQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723144307;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6o2gWGUij60xvHdv9fNt84e+Yp0ZtJhbIT2Spg8TP20=;
	b=tfdYPbFcWh5TVr39oxQkBfnzqI+vPR349H07U81oJK7WEKJwEbobgd3Ng2Yt/4Y3H46zOn
	9ywVixIfBRuCVeDNcpBz7nZLrcmgrpnpQFxYfcgFQZ5YTdFflHkkgMPylKCW+lT1eCUi8c
	+OU23KVBNeFBIjvs9x52422KfNod9LtVyEMz0InMPnjf4lHlMkzw6JD4SrkU8ksR1IYS0N
	f2cPWklS3hC5LxvvnIkb6ftEnqHf5KlRuTONkVAsHdCw34PTGIGgWCf7snp8VQV9RYADc5
	JwiKlbF4Pqb8hPn5kg0fN8hfJepRgxCs39CtOxX1FWQmSuDv7wWHu6xyJqfHXw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfxVW0tx1zm35;
	Thu,  8 Aug 2024 19:11:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478JBlkJ026779;
	Thu, 8 Aug 2024 19:11:47 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478JBlP7026776;
	Thu, 8 Aug 2024 19:11:47 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 19:11:47 GMT
Message-Id: <202408081911.478JBlP7026776@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 407ef8669f5a - stable/14 - nd6: Fix the routing table
  subscription
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 407ef8669f5a30b9269d53d65c82ec881d6f7808
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=407ef8669f5a30b9269d53d65c82ec881d6f7808

commit 407ef8669f5a30b9269d53d65c82ec881d6f7808
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-25 14:26:36 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 19:09:26 +0000

    nd6: Fix the routing table subscription
    
    The nd6 code listens for RTM_DELETE events so that it can mark the
    corresponding default router as inactive in the case where the default
    route is deleted.  A subsequent RA from the router may then reinstall
    the default route.
    
    Commit fedeb08b6a58e broke this for non-multipath routes, as
    rib_decompose_notification() only invokes the callback for multipath
    routes.  Restore the old behaviour.  Also ensure that we update the
    router only for RTM_DELETE notifications, lost in commit 2259a03020fe0.
    
    Reviewed by:    bz
    Fixes:  fedeb08b6a58 ("Introduce scalable route multipath.")
    Fixes:  2259a03020fe ("Rework part of routing code to reduce difference to D26449.")
    MFC after:      2 weeks
    Sponsored by:   Klara, Inc.
    Sponsored by:   Bell Tower Integration
    Differential Revision:  https://reviews.freebsd.org/D46020
    
    (cherry picked from commit a48df53e4249499be3e8779dd30888a405aa81ae)
---
 sys/netinet6/nd6.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c
index 3eacb05f88d7..e1fd421060df 100644
--- a/sys/netinet6/nd6.c
+++ b/sys/netinet6/nd6.c
@@ -1614,8 +1614,7 @@ check_release_defrouter(const struct rib_cmd_info *rc, void *_cbdata)
 	struct nhop_object *nh;
 
 	nh = rc->rc_nh_old;
-
-	if ((nh != NULL) && (nh->nh_flags & NHF_DEFAULT)) {
+	if (rc->rc_cmd == RTM_DELETE && (nh->nh_flags & NHF_DEFAULT) != 0) {
 		dr = defrouter_lookup(&nh->gw6_sa.sin6_addr, nh->nh_ifp);
 		if (dr != NULL) {
 			dr->installed = 0;
@@ -1627,9 +1626,10 @@ check_release_defrouter(const struct rib_cmd_info *rc, void *_cbdata)
 void
 nd6_subscription_cb(struct rib_head *rnh, struct rib_cmd_info *rc, void *arg)
 {
-
 #ifdef ROUTE_MPATH
 	rib_decompose_notification(rc, check_release_defrouter, NULL);
+	if (rc->rc_cmd == RTM_DELETE && !NH_IS_NHGRP(rc->rc_nh_old))
+		check_release_defrouter(rc, NULL);
 #else
 	check_release_defrouter(rc, NULL);
 #endif

From nobody Thu Aug  8 19:11:48 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfxVX6XQ4z5S2B0;
	Thu, 08 Aug 2024 19:11:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfxVX3RzNz4jrs;
	Thu,  8 Aug 2024 19:11:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723144308;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nAni+UbHv3VJ5c7iG+IFI9HJD50mSImYLPUNc7kZcbQ=;
	b=dnGZkoxioe3XHsC+UiIAS5jF8hLyOOYaZSooA3cDKjtfyd1BMnrSTV3uEl/3JLvkk53wyP
	W5s0dxj0Nxw5P2T1SBJ8rEKvRpuCauge8eKObKSzNhhrJvjd5bYdgWzbThAVPadmbhYE6l
	NRF1wHMfx7N5S9FUmzXZ/LSB8AF1dG4q0ZipuMuKsMTnZ6GgL5OgEcWxvEz0HBDyjlDQlR
	ajStY32dyqIfKlT42gMLitEQxFe/L4+0zqmY39ACJsVD96dtw2s48RdVtBZmw5JsnV22Oc
	IaWtUyfKpooRs9CTqy3ZEYrsSZ7pTMgAmM/d0mz83yIjrWxahHpE6hWibV5aWg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723144308; a=rsa-sha256; cv=none;
	b=Ks/MC3GUzIz6YafQhphdghIIVRskUfuTlJwVdAyq2HpW0sy+z8jyzcH5aZ3G+w0QtWo/ok
	TR3g/l8CLBcO41NsGE55EvK1C8MXV3cmwprYlVlI1KcP4ZN9OJw6t7vj7+GnFIOQVmr7Lc
	TZpI9DmwqPTwybaiULqHr+bsOwg2K2fHS7K85TqCQXbfaSC2R7YMZrSJ/ZCr3Pb7hzknzp
	SjqYEFPy582ulQSUDGvrNg66RmqF6qcOxJrNrobHwyupC1q0WQpbcEOwWAibFAoK6qgvjU
	aQs8cGawQmVCQUmNEiP2hMChAaxY6GKALH5x9HIyo6JvKUNFjoENZIy27R+C0g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723144308;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nAni+UbHv3VJ5c7iG+IFI9HJD50mSImYLPUNc7kZcbQ=;
	b=eTMIw2gfTxSI2eVVbL2WBOEDpUagNYnC/hvpXFsZO2hpN8Ujk+6ngRWp3Q1rThfBJZWVeE
	DARYru0J6lb5xchvk+qL5WU4POkValny2Oigc6+ZgBsGf+9sz/eyvBLaNOLlArwu5N9kOb
	ISzfI0yfjg6+NVPHhD71ySawJ4fZm1URIuTBX91clcQVn89tlo9o7jNl8C6rwrIpX4e6MZ
	wgwkom4Yu1aMMJInRs4TwaUGDtGF89v04dFQd8JT54guj/5+Y3oiEhrxVA5i4037GlMlN1
	Kli+cuVsG7Y7VEKGqDbz8nhHuUT72gnrkZTBIrWkVP9Lb/yqsHMDh4fCxvPpWw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfxVX1y38zlWp;
	Thu,  8 Aug 2024 19:11:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478JBmT0026841;
	Thu, 8 Aug 2024 19:11:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478JBmKA026838;
	Thu, 8 Aug 2024 19:11:48 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 19:11:48 GMT
Message-Id: <202408081911.478JBmKA026838@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: cb2657c9622a - stable/14 - netinet6 tests: Add a
  regression test for default router handling
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: cb2657c9622abb416ba90239e6f652147e7b62dc
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=cb2657c9622abb416ba90239e6f652147e7b62dc

commit cb2657c9622abb416ba90239e6f652147e7b62dc
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-25 21:01:11 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 19:11:34 +0000

    netinet6 tests: Add a regression test for default router handling
    
    This serves as a regression test for commit a48df53e4249.
    
    Reviewed by:    bz, allanjude
    MFC after:      2 weeks
    Sponsored by:   Klara, Inc.
    Sponsored by:   Bell Tower Integration
    Differential Revision:  https://reviews.freebsd.org/D46136
    
    (cherry picked from commit feda329622bc77ab64ae5f0bf852743f4a037616)
---
 tests/sys/netinet6/Makefile | 34 +++++++++--------
 tests/sys/netinet6/ndp.sh   | 92 ++++++++++++++++++++++++++++++++++++++++++---
 tests/sys/netinet6/ra.py    | 38 +++++++++++++++++++
 3 files changed, 143 insertions(+), 21 deletions(-)

diff --git a/tests/sys/netinet6/Makefile b/tests/sys/netinet6/Makefile
index 82e84859ecbc..46f6f26115fe 100644
--- a/tests/sys/netinet6/Makefile
+++ b/tests/sys/netinet6/Makefile
@@ -5,28 +5,30 @@ TESTSDIR=	${TESTSBASE}/sys/netinet6
 FILESDIR=	${TESTSDIR}
 
 ATF_TESTS_PYTEST=	test_ip6_output.py
-ATF_TESTS_SH=			\
-				exthdr \
-				mld \
-				scapyi386 \
-				redirect \
-				divert \
-				forward6 \
-				output6 \
-				lpm6 \
-				fibs6 \
-				ndp \
-				proxy_ndp
+ATF_TESTS_SH=		exthdr \
+			mld \
+			scapyi386 \
+			redirect \
+			divert \
+			forward6 \
+			output6 \
+			lpm6 \
+			fibs6 \
+			ndp \
+			proxy_ndp
+
 TEST_METADATA.output6+=	required_programs="python"
 
-${PACKAGE}FILES+=		exthdr.py
-${PACKAGE}FILES+=		mld.py
-${PACKAGE}FILES+=		scapyi386.py
-${PACKAGE}FILES+=		redirect.py
+${PACKAGE}FILES+=	exthdr.py \
+			mld.py \
+			scapyi386.py \
+			ra.py \
+			redirect.py
 
 ${PACKAGE}FILESMODE_exthdr.py=	0555
 ${PACKAGE}FILESMODE_mld.py=	0555
 ${PACKAGE}FILESMODE_scapyi386.py=0555
+${PACKAGE}FILESMODE_ra.py=0555
 ${PACKAGE}FILESMODE_redirect.py=0555
 
 TESTS_SUBDIRS+=	frag6
diff --git a/tests/sys/netinet6/ndp.sh b/tests/sys/netinet6/ndp.sh
index eddd49112421..038a640f331e 100755
--- a/tests/sys/netinet6/ndp.sh
+++ b/tests/sys/netinet6/ndp.sh
@@ -25,7 +25,6 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 #
-#
 
 . $(atf_get_srcdir)/../common/vnet.subr
 
@@ -36,6 +35,7 @@ ndp_add_gu_success_head() {
 }
 
 ndp_add_gu_success_body() {
+	local epair0 jname
 
 	vnet_init
 
@@ -74,6 +74,7 @@ ndp_del_gu_success_head() {
 }
 
 ndp_del_gu_success_body() {
+	local epair0 jname
 
 	vnet_init
 
@@ -102,13 +103,94 @@ ndp_del_gu_success_cleanup() {
 	vnet_cleanup
 }
 
+ndp_if_up()
+{
+	local ifname=$1
+	local jname=$2
 
-atf_init_test_cases()
+	if [ -n "$jname" ]; then
+		jname="jexec ${jname}"
+	fi
+	atf_check ${jname} ifconfig ${ifname} up
+	atf_check ${jname} ifconfig ${ifname} inet6 -ifdisabled
+	while ${jname} ifconfig ${ifname} inet6 | grep tentative; do
+		sleep 0.1
+	done
+}
+
+ndp_if_lladdr()
 {
+	local ifname=$1
+	local jname=$2
 
-	atf_add_test_case "ndp_add_gu_success"
-	atf_add_test_case "ndp_del_gu_success"
+	if [ -n "$jname" ]; then
+		jname="jexec ${jname}"
+	fi
+	${jname} ifconfig ${ifname} inet6 | \
+	    awk '/inet6 fe80:/{split($2, addr, "%"); print addr[1]}'
 }
 
-# end
+atf_test_case "ndp_slaac_default_route" "cleanup"
+ndp_slaac_default_route_head() {
+	atf_set descr 'Test default route installation via SLAAC'
+	atf_set require.user root
+	atf_set require.progs "python"
+}
+
+ndp_slaac_default_route_body() {
+	local epair0 jname lladdr
+
+	vnet_init
+
+	jname="v6t-ndp_slaac_default_route"
+
+	epair0=$(vnet_mkepair)
 
+	vnet_mkjail ${jname} ${epair0}a
+
+	ndp_if_up ${epair0}a ${jname}
+	ndp_if_up ${epair0}b
+	atf_check jexec ${jname} ifconfig ${epair0}a inet6 accept_rtadv
+
+        # Send an RA advertising a prefix.
+	atf_check -e ignore python $(atf_get_srcdir)/ra.py \
+	    --sendif ${epair0}b \
+	    --dst $(ndp_if_lladdr ${epair0}a ${jname}) \
+	    --src $(ndp_if_lladdr ${epair0}b) \
+	    --prefix "2001:db8:ffff:1000::" --prefixlen 64
+
+	# Wait for a default router to appear.
+	while [ -z "$(jexec ${jname} ndp -r)" ]; do
+		sleep 0.1
+	done
+	atf_check -o match:"^default[[:space:]]+fe80:" \
+	    jexec ${jname} netstat -rn -6
+
+	# Get rid of the default route.
+	jexec ${jname} route -6 flush
+	atf_check -o not-match:"^default[[:space:]]+fe80:" \
+	    jexec ${jname} netstat -rn -6
+
+	# Send another RA, make sure that the default route is installed again.
+	atf_check -e ignore python $(atf_get_srcdir)/ra.py \
+	    --sendif ${epair0}b \
+	    --dst $(ndp_if_lladdr ${epair0}a ${jname}) \
+	    --src $(ndp_if_lladdr ${epair0}b) \
+	    --prefix "2001:db8:ffff:1000::" --prefixlen 64
+	while [ -z "$(jexec ${jname} ndp -r)" ]; do
+		sleep 0.1
+	done
+	atf_check -o match:"^default[[:space:]]+fe80:" \
+	    jexec ${jname} netstat -rn -6
+}
+
+ndp_slaac_default_route_cleanup() {
+	vnet_cleanup
+}
+
+atf_init_test_cases()
+{
+	atf_add_test_case "ndp_add_gu_success"
+	atf_add_test_case "ndp_del_gu_success"
+	atf_add_test_case "ndp_slaac_default_route"
+}
diff --git a/tests/sys/netinet6/ra.py b/tests/sys/netinet6/ra.py
new file mode 100644
index 000000000000..44814418da48
--- /dev/null
+++ b/tests/sys/netinet6/ra.py
@@ -0,0 +1,38 @@
+#-
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 Klara, Inc.
+#
+
+import argparse
+import scapy.all as sp
+import sys
+
+#
+# Emit a router advertisement with the specified prefix.
+#
+def main():
+    parser = argparse.ArgumentParser("ra.py",
+        description="Emits Router Advertisement packets")
+    parser.add_argument('--sendif', nargs=1, required=True,
+        help='The interface through which the packet will be sent')
+    parser.add_argument('--src', nargs=1, required=True,
+        help='The source IP address')
+    parser.add_argument('--dst', nargs=1, required=True,
+        help='The destination IP address')
+    parser.add_argument('--prefix', nargs=1, required=True,
+        help='The prefix to be advertised')
+    parser.add_argument('--prefixlen', nargs=1, required=True, type=int,
+        help='The prefix length to be advertised')
+
+    args = parser.parse_args()
+    pkt = sp.Ether() / \
+          sp.IPv6(src=args.src, dst=args.dst) / \
+          sp.ICMPv6ND_RA(chlim=64) / \
+          sp.ICMPv6NDOptPrefixInfo(prefix=args.prefix, prefixlen=args.prefixlen)
+
+    sp.sendp(pkt, iface=args.sendif[0], verbose=False)
+    sys.exit(0)
+
+if __name__ == '__main__':
+    main()

From nobody Thu Aug  8 20:07:02 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfykH1cmZz5S8p7;
	Thu, 08 Aug 2024 20:07:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfykH0g4Cz4pdk;
	Thu,  8 Aug 2024 20:07:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723147623;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=shqNHeU4i0TcaccDA0Tol7azt5EhwvoZOENpJvqRpzE=;
	b=Ahu4sTVXIh2wIneUQYwrOgKYF8bZR4EFiBQvtEYECkWHExgr1WpZkKi4N03w/EvQmruDM8
	wsbokvwmp6ZoM9r2llJ8XZPqZXM6fhvraMuj/FA23Bo142Zy9UCFfMiU6ZqrzXws6qKgO3
	edliEPQomZHNfu2oqIbmGEWi8QrILU9WRmzvRu7LClPjRB6jMZ48Cu8VcFHunbKtAIpzZ8
	h0v2g3dpau3LOlZDDk63jXqgAE4wCZC0viJ2OqLl25fanacXpFzzQRXCa/NNUoldAcqerp
	aIHUgFN5PmeKfE3wIMwZVck2U5pMn/4US5pb1kQJodwTqfjinucDkjGZR0Yrrw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723147623; a=rsa-sha256; cv=none;
	b=PAysAhK46nCSh5WqvJ6L/BoZwItkVWxoa1K8UeYdrWlJBlL4pEiqwF7e13cKWFuY/TweZd
	PgDacaMPYqvJ9euevSB/Z54/qsFX9iHJEyZgQvxVx60lBoX0eCFXGs3NjX0UYeOBQIv5um
	7dCYRFCsayNI8Fm21VzrW6WDn9UK3TbeNJwrBkD09c68wqDW1fD22rXQ5x8j1Z7OgcYAcf
	LFNeMMyErzpJGS5A327S5P5pZBDUMqSpeL9l0w85ojHbrF0R9t4EQCQhk/vFgcYFHd1z+y
	lkx4kBiV4TDi9S8Jp+dBdP/ne2AlNJk5uuR2Cpw/zQNvk00AG5ZrqUzlVX1oqA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723147623;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=shqNHeU4i0TcaccDA0Tol7azt5EhwvoZOENpJvqRpzE=;
	b=W8XFOcE0dPKPkwR78pY6ORdssDA2ljE/OLcPJWrSg7uvGfZMoRYsF1H6q1E2y4SI/mwubq
	KKyAtuLOoo/7//p3ld2I9w9dQD9+t5bllrXtlPh+9fSSXHKROmub081m/zmGzyp58fjTod
	lDaUyMRqzZAOeF/SIvAPSzKHNVtBC5mzTUC8NFELKIrRsDYcNcUOonTGahqI2pQIx2XIJX
	lzqaKi/0GlSzsb6WTOdbufjD+5u36b16MifJGOGY3/DJatAxFgbEp89bA+JrSGJX4XZcWq
	vTvAJA67Gj42LjCT9+a9s1cOdY8FgpVVumBhbWL+/fw7B/hCXn9LiFqv/u38sw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfykH0GGpzn1B;
	Thu,  8 Aug 2024 20:07:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478K72ix017109;
	Thu, 8 Aug 2024 20:07:02 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478K72pb017106;
	Thu, 8 Aug 2024 20:07:02 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 20:07:02 GMT
Message-Id: <202408082007.478K72pb017106@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: 40c79e979ea8 - stable/14 - route: avoid overlapping
  strcpy
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 40c79e979ea8dbbf2262297865754910f8d704c0
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=40c79e979ea8dbbf2262297865754910f8d704c0

commit 40c79e979ea8dbbf2262297865754910f8d704c0
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-07-23 20:25:46 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-08-08 19:59:15 +0000

    route: avoid overlapping strcpy
    
    Passing overlapping buffers to strcpy yields an undefined result, so
    let's avoid it. The copy doesn't really need to happen anyways, we can
    just point to the domain part of the hostname.
    
    This was discovered with _FORTIFY_SOURCE.
    
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Reviewed by:    allanjude, emaste, imp, melifaro (all previous version)
    
    (cherry picked from commit 158f319428c10143ce2ffe766416207c75578931)
---
 sbin/route/route.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/sbin/route/route.c b/sbin/route/route.c
index 7cf2bf842559..ad7a906bc142 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -107,8 +107,8 @@ static u_long  rtm_inits;
 static uid_t	uid;
 static int	defaultfib;
 static int	numfibs;
-static char	domain[MAXHOSTNAMELEN + 1];
-static bool	domain_initialized;
+static char	domain_storage[MAXHOSTNAMELEN + 1];
+static const char	*domain;
 static char	rt_line[NI_MAXHOST];
 static char	net_line[MAXHOSTNAMELEN + 1];
 
@@ -594,14 +594,16 @@ routename(struct sockaddr *sa)
 	const char *cp;
 	int n;
 
-	if (!domain_initialized) {
-		domain_initialized = true;
-		if (gethostname(domain, MAXHOSTNAMELEN) == 0 &&
-		    (cp = strchr(domain, '.'))) {
-			domain[MAXHOSTNAMELEN] = '\0';
-			(void)strcpy(domain, cp + 1);
-		} else
-			domain[0] = '\0';
+	if (domain == NULL) {
+		if (gethostname(domain_storage,
+		    sizeof(domain_storage) - 1) == 0 &&
+		    (cp = strchr(domain_storage, '.')) != NULL) {
+			domain_storage[sizeof(domain_storage) - 1] = '\0';
+			domain = cp + 1;
+		} else {
+			domain_storage[0] = '\0';
+			domain = domain_storage;
+		}
 	}
 
 	/* If the address is zero-filled, use "default". */

From nobody Thu Aug  8 20:07:04 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfykJ3CS2z5S8tY;
	Thu, 08 Aug 2024 20:07:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfykJ1Mmrz4pT0;
	Thu,  8 Aug 2024 20:07:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723147624;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BZxqIXBvETdipGyd0k+oOl8CfWBuT3l5Zv0uhzKXRb8=;
	b=trGXni4OFCZcffZeWNhkvjrQJr+GjmH/1FlzUWRt5YsA5PONzeKjnRIec14TLFSAnyeVH9
	53SIoDcTlHzXF+W9aAWQBISLfaGQd9HcAuwpb6KWUxLSFmi950iet1ZFtA4m6+B5HCXBei
	X7AC+3IO2GoGfu8q06HpUwuf17fyIL0oOCuUO1Wbv/8f3Ci/corlm9sR+wUcBAtAJ+MWdn
	E8zH6u3OsSRZCkFGsGtTKGsA/IByBHW/0j6Vh6qkF5m6/tu/1Hy8Kq1j4XIaCUHgmcXE+r
	S+2TZd+aNuQcVED0plPNS5SiiDBzAl6N4ShUIbdT9ip3swo18HELkTz1h1rARQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723147624; a=rsa-sha256; cv=none;
	b=iN27ga/MzPSS+XTs+GJRuhGPJjm/6vBWB0cct4D16CtoDCvjVyd2Dm77dWYpoXAoX17i0R
	ZP+cfht6TTltvIEwTHtcd62Zd5ncIUDMppxMsG8AYcMhryhRhxJSEKO573firw0GZHCVko
	wAEBTrdLP3ZC3ox7xH9Q8K/2HGTGLyfdkvoy0qd46Ud+HzlEtepS48fU22O2RsqkDcRijj
	3Mm4wpYWOKJ+5l2+pZPmbPc2/GGt3pHJIZ5RFGI+kT/hgYLCsGxF6d3ysJdCRMpotjiNtD
	r7OHg9n8gJPhI1NFGVDqEvrIkm/fzKDACNYNL9GeaOL8I1LVaajwDFkBcfyMKQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723147624;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BZxqIXBvETdipGyd0k+oOl8CfWBuT3l5Zv0uhzKXRb8=;
	b=GdfQYR1LjC/NfPKh9O7DMJQmDiNHPw2Sy2W+frZhJU14ALTW1A6wtXUPgLiziDqDCU8G/W
	3uKGdMcvCKCuhICZF8rcn4uNxwRfkP/vme4hFmMVBwzSVXoY52syJyXLacdf8MHHt4rQZY
	QlEVxKFnmfA93goCsdDGc6/WhGJK2gVUywFaj5SwbZxlFB1KOby6yWYC7y/kNclNVHb6ac
	2sm6c183TrLuLm3QlmFIPxjq6yYzp+LB5wueJSZw38ciUPfnj3/mq/49Cy5/j0rZrUp/KP
	v2EHzGsKMoGoy3pSK827sowBSJHoEL3RYjAdtQdpT/sPGy5E3SgkbhDos1ko4A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfykJ0zyTzmyC;
	Thu,  8 Aug 2024 20:07:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478K74pt017161;
	Thu, 8 Aug 2024 20:07:04 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478K74jW017158;
	Thu, 8 Aug 2024 20:07:04 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 20:07:04 GMT
Message-Id: <202408082007.478K74jW017158@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: 33708452aaab - stable/14 - calendar: don't setlogin(2)
  in the -a user handlers
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 33708452aaabca205d81eceb83e0813e5882815c
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=33708452aaabca205d81eceb83e0813e5882815c

commit 33708452aaabca205d81eceb83e0813e5882815c
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-08-05 18:43:56 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-08-08 19:59:21 +0000

    calendar: don't setlogin(2) in the -a user handlers
    
    As of e67975d331 ("Fix 'calendar -a' in several ways."), `calendar -a`
    will now fork off a new process for each user and do all of its own
    processing in the user's own context.
    
    As a side-effect, calendar(1) started calling setlogin(2) in each of the
    forked processes and inadvertently hijacked the login name for the
    session it was running under, which was typically not a fresh session
    but rather that of whatever cron/periodic run spawned it.  Thus, daily
    and security e-mails started coming from completely arbitrary user.
    
    We could create a new session, but it appears that nothing calendar(1)
    does really needs the login name to be clobbered; opt to just avoid the
    setlogin(2) call entirely rather than incur the overhead of a new
    session for each process.
    
    PR:             280418
    Reviewed by:    des, olce
    Fixes:          e67975d331 ("Fix 'calendar -a' in several ways.")
    
    (cherry picked from commit 6cb8b61efe8899ee9194563108d0ae90c1eb89e3)
---
 usr.bin/calendar/calendar.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c
index 476c0495d218..2e3baee7d57f 100644
--- a/usr.bin/calendar/calendar.c
+++ b/usr.bin/calendar/calendar.c
@@ -224,7 +224,7 @@ main(int argc, char *argv[])
 
 				lc = login_getpwclass(pw);
 				if (setusercontext(lc, pw, pw->pw_uid,
-				    LOGIN_SETALL) != 0)
+				    LOGIN_SETALL & ~LOGIN_SETLOGIN) != 0)
 					errx(1, "setusercontext");
 				setenv("HOME", pw->pw_dir, 1);
 				cal();

From nobody Thu Aug  8 20:07:06 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfykL5pKtz5S94p;
	Thu, 08 Aug 2024 20:07:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfykL4rtpz4pmf;
	Thu,  8 Aug 2024 20:07:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723147626;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/Fyb6QDu9yfB0wI8Izj1gfP5F7rs20ERw4iufsbn8gA=;
	b=sYC5fiz74nkC+fV8YNETHuVnJJTJLNEAscqCPQGPLqR/w3LYJnAQFawU5CfMIGWU2b9BOs
	1WQBpJakKDebY8Itl3Fcbb07fLwYoWgqLv5AGtBRGKRS6HZQ5aOG5ZtFDhBV2CD5/5SLwA
	vkyunKMX2NQtm2C1aOoWCWc5abIMpH9tQFi7eCTYt2lktJRVUNZd/mSEfYFyiC7MxjerIK
	5NU7e7nGC86JOhPvyCq6el//hDkJlNX2edFhodEkcU+2oilTZ5YKzkYCUdngsyTQX6nW7s
	2wmhgbqVWsZVjBXUBLRmsObwS0bE7qmWmx1397mzuNVd6COR4magBH1z4177eQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723147626; a=rsa-sha256; cv=none;
	b=B522ZpJdXx9aom9Fv2U5oEDtP8laLcQ9YVWz0ZoGRgnI8e450fG9iuzTKEuftndjossT8U
	5FhjAAICSQE6myQxufT/rPL/DACl/WQukgmfA19H171Jkvu/Vu3Z+NSeJOtpny1dIpwEY3
	WE2Qfvsf2Ocj5URC6UzTXe49NYEPncfwquudsqP9VY4VC5ywbqKhdn+OwFKw17M6yWjIKA
	HQ7PhhPt6Jxe5W7EpHBuS40dmmXbTfhF0/RLgA8P8MV373nMPKS4WYvjzTHyGkmUqJI3aZ
	6mQK54LuLcEObSLExqAcaGZvFA0aGshDEoT5ttOJUOllL14gA/wBW6OXderRow==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723147626;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/Fyb6QDu9yfB0wI8Izj1gfP5F7rs20ERw4iufsbn8gA=;
	b=yqbNbAgzVqDKuIrYxF+qf7U95CaGBcUaiJT3Qk7a5YbwwvxTRj6lV5PxoFNnuAHGIN46FY
	ID5OOEw/RqzRhZ0HEtDLYe3I9zy9c3YdIeUGNTdVzrCTBPC2S+CYMhY6FKA0NBmKa3cCgA
	mFyXLHnE+VPZjRKKGJ4VYGV42Jd+5/lFcyMc08jDczZwBO15u6Dkd+LXizB5bRcwbrGjII
	aHadYbAMfZvWFzWl7vHu21rXL46lbwDM9JsZqVpaUDEe8eTYomqtIRfSP6+yACb3DgCD5h
	hD7hq8c/9fko+2B8APHt9esVKfY58fUkE+c+Tkpznqfbw/uXpNV0SLnfAejfXw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfykL3yd6zn7V;
	Thu,  8 Aug 2024 20:07:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478K767I017317;
	Thu, 8 Aug 2024 20:07:06 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478K76DW017314;
	Thu, 8 Aug 2024 20:07:06 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 20:07:06 GMT
Message-Id: <202408082007.478K76DW017314@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: 781bc1a69fab - stable/13 - route: avoid overlapping
  strcpy
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 781bc1a69fab3ccb93deab611d19be18d093ca26
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=781bc1a69fab3ccb93deab611d19be18d093ca26

commit 781bc1a69fab3ccb93deab611d19be18d093ca26
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-07-23 20:25:46 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-08-08 20:00:37 +0000

    route: avoid overlapping strcpy
    
    Passing overlapping buffers to strcpy yields an undefined result, so
    let's avoid it. The copy doesn't really need to happen anyways, we can
    just point to the domain part of the hostname.
    
    This was discovered with _FORTIFY_SOURCE.
    
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Reviewed by:    allanjude, emaste, imp, melifaro (all previous version)
    
    (cherry picked from commit 158f319428c10143ce2ffe766416207c75578931)
---
 sbin/route/route.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/sbin/route/route.c b/sbin/route/route.c
index c48a39b490dd..d82ab2c054ae 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -108,8 +108,8 @@ static u_long  rtm_inits;
 static uid_t	uid;
 static int	defaultfib;
 static int	numfibs;
-static char	domain[MAXHOSTNAMELEN + 1];
-static bool	domain_initialized;
+static char	domain_storage[MAXHOSTNAMELEN + 1];
+static const char	*domain;
 static int	rtm_seq;
 static char	rt_line[NI_MAXHOST];
 static char	net_line[MAXHOSTNAMELEN + 1];
@@ -563,14 +563,16 @@ routename(struct sockaddr *sa)
 	const char *cp;
 	int n;
 
-	if (!domain_initialized) {
-		domain_initialized = true;
-		if (gethostname(domain, MAXHOSTNAMELEN) == 0 &&
-		    (cp = strchr(domain, '.'))) {
-			domain[MAXHOSTNAMELEN] = '\0';
-			(void)strcpy(domain, cp + 1);
-		} else
-			domain[0] = '\0';
+	if (domain == NULL) {
+		if (gethostname(domain_storage,
+		    sizeof(domain_storage) - 1) == 0 &&
+		    (cp = strchr(domain_storage, '.')) != NULL) {
+			domain_storage[sizeof(domain_storage) - 1] = '\0';
+			domain = cp + 1;
+		} else {
+			domain_storage[0] = '\0';
+			domain = domain_storage;
+		}
 	}
 
 	/* If the address is zero-filled, use "default". */

From nobody Thu Aug  8 20:07:07 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WfykN0Pt6z5S94q;
	Thu, 08 Aug 2024 20:07:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WfykM5R3nz4pKw;
	Thu,  8 Aug 2024 20:07:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723147627;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xdHX+/fohZbBg2uOie0mmaGi+1eY0YhCSdDT7zW4bcc=;
	b=pcTmoAQPaxhkQBOH0beWCFHL8bHdvOnT/hGEbt8GEwy0kaQWszcCAt3LCgo440GZRyjt59
	MsGTSsAjllFKfwIF8mqz6iGyEuGjoEpUlZrpAKU3u2XcI3afXK0pkTHWVZG/724CIazUpl
	XSLsiE98lQSdcRvcuRoRH+q698Oa3rSqpqfasmzrNr3dppWnTtYCgUviaqbeAlazkcTMrw
	nQBzCzQLYI5rzSUalhhOWHpmASd2QZepurFSHqzSYYYv35L3f7pAGWD7rH7I+3euYQ0gtD
	lV0HrXsQVB/mCnVL9IHc/+lQ6VvzZYtx2i4NeUJ7rjBMLd4aDn6YEKwbuvAnUA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723147627; a=rsa-sha256; cv=none;
	b=pDnkalbeCfX/UIo+4A/sPJVAVcBCn5qpNEO1UsBUUrBErvOVpCF8wgXIh0nxNWF4ODdxZb
	w7fXbtLkmOAHqQHop8jou9gNyfeQ9bZwJjcHW+XcqXLJ5SO3iv7ydIUvgHminQvc+BAy2c
	Iien+FoaQQkKxS/KOgUtz83rKGFMNPTl4vrwjKh/vkJrIbr+ERoGE5K7XZoq/Hd2Wzio4n
	kAy3rbct2ougfK9KxUx1usNWWd2XAtVTAQTGkZI+dCnrpqMwl7O9g8a9WaBD2v5WhFm2l5
	o8VowjOCN/rq63QQKERaSBQC+Bjc0efEOjlldqElzOZvkmTPtCeafeTTV5Zx1g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723147627;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xdHX+/fohZbBg2uOie0mmaGi+1eY0YhCSdDT7zW4bcc=;
	b=gDn1K9JS7jBYoDiW452m/SKoOO2RAECHai4KwN7RgZcIpMgJpQcaEjntYKtq3fTEhQ9Cau
	Yaq9WMBQ0EsF8qsjxZ7sVlMDWR4DNEJ3OIQ0oQLri6Le73wvr7/iZo+KeQeDW+OvBuPB1r
	toABHu4LSGxwmG0mcM/9i7C4mVWpv9hf986zrArB+nUWFbc3j/rvcaoDtnmdf3YBeLXZzW
	4ujQJZ9UVb0CZArhvRiQoZ9mVI660ppYm6BksXb8sjlXdzzjFDEIvGNslHyYsYZLT0W50Y
	6w/0MACrxO/+xoH4hO7n1LKb28uGMIERKgmmLnSKN1BMeav9yTs/CRwPaGsQvQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WfykM50NZzn7W;
	Thu,  8 Aug 2024 20:07:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478K77uL017369;
	Thu, 8 Aug 2024 20:07:07 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478K77ls017366;
	Thu, 8 Aug 2024 20:07:07 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 20:07:07 GMT
Message-Id: <202408082007.478K77ls017366@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kyle Evans <kevans@FreeBSD.org>
Subject: git: 3a9010c98b3d - stable/13 - calendar: don't setlogin(2)
  in the -a user handlers
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kevans
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3a9010c98b3d9676307fac20d42cdd3cfd4bc46d
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=3a9010c98b3d9676307fac20d42cdd3cfd4bc46d

commit 3a9010c98b3d9676307fac20d42cdd3cfd4bc46d
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2024-08-05 18:43:56 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2024-08-08 20:00:40 +0000

    calendar: don't setlogin(2) in the -a user handlers
    
    As of e67975d331 ("Fix 'calendar -a' in several ways."), `calendar -a`
    will now fork off a new process for each user and do all of its own
    processing in the user's own context.
    
    As a side-effect, calendar(1) started calling setlogin(2) in each of the
    forked processes and inadvertently hijacked the login name for the
    session it was running under, which was typically not a fresh session
    but rather that of whatever cron/periodic run spawned it.  Thus, daily
    and security e-mails started coming from completely arbitrary user.
    
    We could create a new session, but it appears that nothing calendar(1)
    does really needs the login name to be clobbered; opt to just avoid the
    setlogin(2) call entirely rather than incur the overhead of a new
    session for each process.
    
    PR:             280418
    Reviewed by:    des, olce
    Fixes:          e67975d331 ("Fix 'calendar -a' in several ways.")
    
    (cherry picked from commit 6cb8b61efe8899ee9194563108d0ae90c1eb89e3)
---
 usr.bin/calendar/calendar.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c
index 476c0495d218..2e3baee7d57f 100644
--- a/usr.bin/calendar/calendar.c
+++ b/usr.bin/calendar/calendar.c
@@ -224,7 +224,7 @@ main(int argc, char *argv[])
 
 				lc = login_getpwclass(pw);
 				if (setusercontext(lc, pw, pw->pw_uid,
-				    LOGIN_SETALL) != 0)
+				    LOGIN_SETALL & ~LOGIN_SETLOGIN) != 0)
 					errx(1, "setusercontext");
 				setenv("HOME", pw->pw_dir, 1);
 				cal();

From nobody Thu Aug  8 22:41:45 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wg28n4lyPz5SSgJ;
	Thu, 08 Aug 2024 22:41:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wg28n39pWz45VB;
	Thu,  8 Aug 2024 22:41:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723156905;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Y109/xOqN4Bb4p/b40CMxtwNLE8d5xUf7KR52lWWywk=;
	b=h+VFcoEWgmLJfq58x6aUfPEd5CaqybDbHLtQmb2tRsX9Lag2MFoiqOP0bZdHhDm/gZKj1v
	ava0bOnGp/TJfDkmiTuZ9sKjDoQ3de84mAr0q+U63d3wOz/ot+RB+E/OmlbSQ050fuZEA2
	k7CcF0+347EqzbVPeRhUinHdXW/OCQnz9Q8RHPh2iwhnKD0FoDtkUehUvrDtOU9VPPmfvq
	1nHzG6AOh9zYkIq5ujRvLoSsjqnr4gNod8QyQX+rI5rP9hJGlh7xALBbzyR9vkA577/HFU
	pwF57aTun9OkYvxdFLau4EJ1yBKHZIeCdrJvDrqCN54QBL9QyMMZgmjA0lgI0A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723156905; a=rsa-sha256; cv=none;
	b=HaX0aRHojZTgxcmoFGP7uLkGrU4yStUGNHdLEc54+Vh/KqwtaQu48fqdZ2AHsmsvrbE6Tr
	SBC5FLuk8/PgiseTucuAAELHTsPDkYQVF8b/fBFVa8nVN7ucPXVwiEfo+B9hcGiALXN+7x
	w9nY5N+qtMZ+H3TqSYQ82xYeYvbB7HK8Qgkx+FL7vG8THNyHCS20LZnAMi9/oLnVtERH5a
	nvESvO0rG9mBxjoHQ1fBwQszhCMc52u1gwzgxwmEQRrONtrON6R9+HXjx1uY2HcbvqxqO7
	L1rhgvTHrI74xfiGKznxz/nwgPikgpjDU8NVurWWijHZ3Pt935rpoZdma4e1ww==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723156905;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Y109/xOqN4Bb4p/b40CMxtwNLE8d5xUf7KR52lWWywk=;
	b=cDbeo4T8ACm02b5UlKYPHuaIutzf3Ar1o1AO8WMRm1imW3uR5JKZRAYlP9sh/QNRyS7vEf
	u/zmGmMqVM4JYo1l1R+id/VJSSIyoOm9cx0LvAwLuaVh5z3ny06xNG7lRgOvDwOuq4X71L
	BfLLd/VlsR00vLa6dVswAJ6Q3VJ2LpI8CNRJ4lDlYSf8a1aev2PCKjMf5rpi8gQj/Dp9Vc
	zuKy5uW9XAICm24mtLOg3TLdaq6JMusg+DEgoL2dSZJYxoMV5Z6aFtWRkBgKgMdCbltEoA
	OEyJPaLUirHc0xmV7QBxn3ncpaJNDs7ipUmWAlrbDemJd8mERRjlnOM/WBeFvw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wg28n2ndMzs0Q;
	Thu,  8 Aug 2024 22:41:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 478Mfjta085384;
	Thu, 8 Aug 2024 22:41:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 478Mfjvo085381;
	Thu, 8 Aug 2024 22:41:45 GMT
	(envelope-from git)
Date: Thu, 8 Aug 2024 22:41:45 GMT
Message-Id: <202408082241.478Mfjvo085381@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 751c889691cc - releng/13.4 - nd6: Fix the routing
  table subscription
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: 751c889691cc93087251a5af45b6da796d5d2e85
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=751c889691cc93087251a5af45b6da796d5d2e85

commit 751c889691cc93087251a5af45b6da796d5d2e85
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-07-25 14:26:36 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-08-08 22:41:29 +0000

    nd6: Fix the routing table subscription
    
    The nd6 code listens for RTM_DELETE events so that it can mark the
    corresponding default router as inactive in the case where the default
    route is deleted.  A subsequent RA from the router may then reinstall
    the default route.
    
    Commit fedeb08b6a58e broke this for non-multipath routes, as
    rib_decompose_notification() only invokes the callback for multipath
    routes.  Restore the old behaviour.  Also ensure that we update the
    router only for RTM_DELETE notifications, lost in commit 2259a03020fe0.
    
    Approved by:    re (cperciva)
    Reviewed by:    bz
    Fixes:  fedeb08b6a58 ("Introduce scalable route multipath.")
    Fixes:  2259a03020fe ("Rework part of routing code to reduce difference to D26449.")
    MFC after:      2 weeks
    Sponsored by:   Klara, Inc.
    Sponsored by:   Bell Tower Integration
    Differential Revision:  https://reviews.freebsd.org/D46020
    
    (cherry picked from commit a48df53e4249499be3e8779dd30888a405aa81ae)
    (cherry picked from commit c611f050d0dc01bf1f738300365895da84aa5fef)
---
 sys/netinet6/nd6.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c
index 39c4b498e938..70fb468176a5 100644
--- a/sys/netinet6/nd6.c
+++ b/sys/netinet6/nd6.c
@@ -1595,8 +1595,7 @@ check_release_defrouter(const struct rib_cmd_info *rc, void *_cbdata)
 	struct nhop_object *nh;
 
 	nh = rc->rc_nh_old;
-
-	if ((nh != NULL) && (nh->nh_flags & NHF_DEFAULT)) {
+	if (rc->rc_cmd == RTM_DELETE && (nh->nh_flags & NHF_DEFAULT) != 0) {
 		dr = defrouter_lookup(&nh->gw6_sa.sin6_addr, nh->nh_ifp);
 		if (dr != NULL) {
 			dr->installed = 0;
@@ -1608,9 +1607,10 @@ check_release_defrouter(const struct rib_cmd_info *rc, void *_cbdata)
 void
 nd6_subscription_cb(struct rib_head *rnh, struct rib_cmd_info *rc, void *arg)
 {
-
 #ifdef ROUTE_MPATH
 	rib_decompose_notification(rc, check_release_defrouter, NULL);
+	if (rc->rc_cmd == RTM_DELETE && !NH_IS_NHGRP(rc->rc_nh_old))
+		check_release_defrouter(rc, NULL);
 #else
 	check_release_defrouter(rc, NULL);
 #endif

From nobody Fri Aug  9 00:11:51 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wg48l2qRtz5Sf0L;
	Fri, 09 Aug 2024 00:11:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wg48l23J7z4FkK;
	Fri,  9 Aug 2024 00:11:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723162311;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CQdk4HKxVYh+4gmc31uC7MpsnHUkr0LodOZ0AiW5+Ns=;
	b=fdvMlFaQg6uBXP4V7RU58QLQzwM3wZvUwCp+RTElCLJFfqWPT8a4VfQy3NcwZ/pwPtb0xk
	BlSB3rPmxf8N4rrlbt8rd/7aIV4bS1GU0gwncocHx2T5yb9hHIhickPlV9YVNHrvLGLI2w
	Yh/jGSA6bfh028wjmXQ4N7I64jKMPOJoTTgkOjFC/8G6KIXRHNsyLGHAhRTD8nvKnd5+lB
	zko/hOByP3JSaKY6VyJ78ACoY5Acv1vNdH4dKyi8EnUnC5OMWmkcMW6MyH6f6Tm4d+M5jO
	ZAG4VM/SUaMcBRFyYj4nhPbPLdMnUC976lvMs/VtlclubDn5yH8LDP6hProxqQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723162311; a=rsa-sha256; cv=none;
	b=WT8jbe/3c8/5rzkFwlV71p3CyKb9w+52nTXhqlidY2nkRFvynWRnmw/IiMTb0hk8lPaMqO
	hZ5Zfpwnoycd1zCifD9JRV0lYCV6WCfg4oOu5J9MI+ZD5ct2G2C1GpsQdOeLDT+vE0OERW
	UWN5hFOhDNL1C0w+nXtRaulAFd7t4/ft9JEmggIHKHPJeiN2GOf8h11esV2668WO0MYNpc
	Hfg1bqMg2woL3wE319n5p3vS51M3tPLAbuitv1k0g65bzrZ63uwwgE01INuvHIGSerBOMB
	3v6EDVzQgKMvJ5DpnkimFHyZ0Wx+Fwky/9saLXvtmVknbjuCKfigJJH5w1JQgw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723162311;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CQdk4HKxVYh+4gmc31uC7MpsnHUkr0LodOZ0AiW5+Ns=;
	b=CpHUgRAZyqZwgPcgtMi/4q04BvHnCCVkSutoQAn1mjAr6oTeJwQOKo4ow8UezxCbzLhjk8
	WOBGUH2owRIYlBFh5dtD9RBlrGsdDAZ1fniO1hr8DMwFgSOh/UA/AQiXtCH8tvbUOLh7vA
	wSnLPW1mqnAETADFe6VTgugvpa38CLR9v+RIx0On78ZS8TLtaLSZRCqkzQxqUn5AZXjSw1
	TUAnpFKKTaovKqFEBeQySd9dSxNMU+vzKuXDRpzoBoLqlV2mbyl6MOnYWfASwUrOXqJi0h
	DhzqVEh0rO91opAzZFiNm0t+kDO5nbTobZ0uqtq+Qjy+uzGgzY/cfJuMRLCP6A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wg48l1fHcztT9;
	Fri,  9 Aug 2024 00:11:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4790Bp5l037653;
	Fri, 9 Aug 2024 00:11:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4790BpYK037650;
	Fri, 9 Aug 2024 00:11:51 GMT
	(envelope-from git)
Date: Fri, 9 Aug 2024 00:11:51 GMT
Message-Id: <202408090011.4790BpYK037650@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Colin Percival <cperciva@FreeBSD.org>
Subject: git: 30b27afe3bc5 - releng/13.4 - 13.4: update to BETA2
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cperciva
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.4
X-Git-Reftype: branch
X-Git-Commit: 30b27afe3bc5263fc45eb5cc0389684e8c58f41f
Auto-Submitted: auto-generated

The branch releng/13.4 has been updated by cperciva:

URL: https://cgit.FreeBSD.org/src/commit/?id=30b27afe3bc5263fc45eb5cc0389684e8c58f41f

commit 30b27afe3bc5263fc45eb5cc0389684e8c58f41f
Author:     Colin Percival <cperciva@FreeBSD.org>
AuthorDate: 2024-08-09 00:11:33 +0000
Commit:     Colin Percival <cperciva@FreeBSD.org>
CommitDate: 2024-08-09 00:11:33 +0000

    13.4: update to BETA2
    
    Approved by:    re (implicit)
    Sponsored by:   Amazon
---
 sys/conf/newvers.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 5a0f6c2f3498..b145530cc66a 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="13.4"
-BRANCH="BETA1"
+BRANCH="BETA2"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Fri Aug  9 15:10:52 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WgS672r7Jz5SCbN;
	Fri, 09 Aug 2024 15:10:55 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WgS672P7Vz4lf7;
	Fri,  9 Aug 2024 15:10:55 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723216255;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=E1DnS4Ey2SGef2vZ7mAaXHwJmjwfuDORyUQpsuaqDRM=;
	b=RZW9SaRSrWusgUiUC4K1iUd4TCNJtS0WtgMZ7h5O6Q1qqVdgxJm1PxV8CZ7FqIJk0WqHpX
	oCrzT3l8UV/DLYG6IugzlsS1MtPD1e9RjFPmkfeRiUoycKoZSIbgqg2R4gNXuMYAGTWChH
	cbXmGl5ovcKbCNEAooSTDolTU08OiOEc4jeAunXRK2dJIULJAYtsTbzPYBwH2FMPeTt1+4
	cIXp79ye+o1IsJ/baiyhCJkRw6VeJbDt3j5HLX3UMNyBz4Gqx0RnmGBhMiA3hZ8lozgSYO
	1QWiz+WSM3Etd8u3O7WBt9reZy+YmuAqzEREDM4HsQfcBssMik0eCNOXeKyIeQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723216255; a=rsa-sha256; cv=none;
	b=maHdk2Gk0nwV3PfyHDw+xrfcHVFrivwfP+h63JLA1P4Zya3XOEjxnGAP57hLzjnPjHGVGn
	AgMljLVViYZy7VfuXG/oN7NLklRC/11BiD7SIXiAQH9Au8QWGS/vjZ1xzx942/zvqZ9xnu
	hpavBZ1nq47gDcc6R2bpM4+lUMQoe94PacCPI6bb3lpRnZ7Xgnm82+cMBzG7gX0eU3ggYL
	rtbAdaO1noxgxuUanEzu/Rt+GtJYBoLS8xpZkP/b4C3U5C0TXaLzxu7htiM7hRdYFE8E7G
	/V1HVxcaihVdApmrzd7P4Ez55keB7yq9IG6z7sHtlA+6+rRHsJdrby8m3n9SWQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723216255;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=E1DnS4Ey2SGef2vZ7mAaXHwJmjwfuDORyUQpsuaqDRM=;
	b=LRVBDG/g9/ADWU5Lp+hZ5IrLmL1pfZWhXh9DqrA6PZR2eXU+HL5VU5uAr5LO5JDO5Hcd3t
	xKrZozse6RTTTjKnjJC+HNbBk8i3aUq0NF+7x5RiZSWWjspt7nVGQ+foUVlVpZl51m9pn3
	N7cc6AJMZ5tCfLKNEz6bQL1uBv8tA998PwcDyxaNQAxfIywNU4rKVL+oukU2Tex1Rlko0E
	7AciYFS2dCFA4tNaNQWdE7Mz4oaKltbXt58JreSm4nGR/pXJBCFswACYJpNGpURdJKQHJQ
	Eebm2i0x+LvrUUk7bH+aB15ISnScEcD5qM3PsZxwlZosnN9QZfPnCRlNqEGlTQ==
Received: from [IPV6:2601:5c0:4200:b830:6c9f:1ef9:c118:3e3c] (unknown [IPv6:2601:5c0:4200:b830:6c9f:1ef9:c118:3e3c])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: jhb)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4WgS670QrpzVQt;
	Fri,  9 Aug 2024 15:10:55 +0000 (UTC)
	(envelope-from jhb@FreeBSD.org)
Message-ID: <5779dd3b-7134-4e72-bc8d-efa64cebddf0@FreeBSD.org>
Date: Fri, 9 Aug 2024 11:10:52 -0400
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: git: fc43a1b6842a - stable/14 - tzsetup: symlink /etc/localtime
 instead of copying
Content-Language: en-US
To: "Sean C. Farley" <scf@FreeBSD.org>, Ed Maste <emaste@FreeBSD.org>
Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
References: <202408011538.471FcJDS026885@gitrepo.freebsd.org>
 <784ce21d-a604-bb91-c52e-29c78e2bb6e4@FreeBSD.org>
From: John Baldwin <jhb@FreeBSD.org>
In-Reply-To: <784ce21d-a604-bb91-c52e-29c78e2bb6e4@FreeBSD.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

On 8/8/24 00:35, Sean C. Farley wrote:
> On Thu, 1 Aug 2024, Ed Maste wrote:
> 
>> The branch stable/14 has been updated by emaste:
>>
>> URL: https://cgit.FreeBSD.org/src/commit/?id=fc43a1b6842afa806dfd7ba48de5bece63d04456
>>
>> commit fc43a1b6842afa806dfd7ba48de5bece63d04456
>> Author:     Ed Maste <emaste@FreeBSD.org>
>> AuthorDate: 2022-10-14 16:44:35 +0000
>> Commit:     Ed Maste <emaste@FreeBSD.org>
>> CommitDate: 2024-08-01 15:11:45 +0000
>>
>>     tzsetup: symlink /etc/localtime instead of copying
>>
>>     Using a symlink means that new timezone data (installed by an errata
>>     update, say) will be usable without having to be copied again.
>>
>>     Reviewed by:    bapt, kevans, philip
>>     Sponsored by:   The FreeBSD Foundation
>>     Differential Revision: https://reviews.freebsd.org/D37005
>>
>>     (cherry picked from commit 5e16809c953f4cd19fadb1767469dec319de0353)
> 
> I ran across an issue with this when using "etcupdate -D" to update a
> jail from the host.  "tzsetup -r -C /tmp/chroot", as called by
> etcupdate, prepends the path of the chroot to the link which breaks
> things inside the jail.
> 
> For example, if you run the following:
> mkdir -p /tmp/chroot/etc
> mkdir -p /tmp/chroot/usr/share
> mkdir -p /tmp/chroot/var/db
> ln -s /usr/share/misc /tmp/chroot/usr/share/misc
> ln -s /usr/share/zoneinfo /tmp/chroot/usr/share/zoneinfo
> cp /var/db/zoneinfo /tmp/chroot/var/db/.
> tzsetup -C /tmp/chroot -r
> 
> The result will be the following:
> /tmp/chroot/etc/localtime@ -> /tmp/chroot//usr/share/zoneinfo/America/Indiana/Indianapolis

Hmm, we also intentionally moved away from symlinks to copying many years ago.
We added /var/db/zoneinfo so that tzsetup -r would know which file to copy
into /etc after we moved away from the symlink I thought?

It looks like tzsetup switched to copying by default longer ago than I
remembered though in 1996 (commit c78cc02b89f6f5e562e5cf93d54faaa1bd79dfef),
though that replaced an older change that switched from copying to
symbolic links (2d71a1f121460406695c914b4f35e2e365010855).  Presumably though
-r shouldn't do anything if /etc/localtime is a symlink?  I thought the only
reason it was added was due to using copies:

commit ada5f18a1b161e4fd99966444f85ca51d5a3fd8a
Author: Edwin Groothuis <edwin@FreeBSD.org>
Date:   Tue Oct 20 06:54:31 2009 +0000

     Instead of having to know which timezone was picked last time, you
     now can run "tzsetup -r" which will reinstall the last choice. This
     data is recorded in /var/db/zoneinfo.
     
     MFC after:       1 week

Notes:
     svn path=/head/; revision=198267


-- 
John Baldwin


From nobody Sat Aug 10 10:21:27 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wgxdg4rMqz5SWJm;
	Sat, 10 Aug 2024 10:21:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wgxdg47gbz4q2Q;
	Sat, 10 Aug 2024 10:21:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723285287;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ikpZcMguvqjl0sntgJKvZUW1DE2oFpNOAqOtPLOGc4c=;
	b=RLdVBbn2wq6PbC36o/UTGSaqFecv1TI9khoJV4I9qLcUyrgfGjcozicqLopLSNUEuPHLEb
	tl8uZqMhRyXj0aUfqGQuQMA94yt1aBSrvZ0Dril+9JzzaJ09c2PiIpzmuZb7eNUGYNJemn
	ohovc0lepbkHT682m3ZdJSrw+aSS+Xj+4t2WHntDhQufff6bj07f+tCBbLckWtoJ1VyEgT
	b6uCs/PHkBl4GHq5ggw/f61WRsIkzPzudTABHoDGD/p2kuf9a9nqmfoDXidmKk2/aStO3F
	7F9sYPO12+6cbRAkeOEOVvLsQPG8nw2uyg1+zdHIlUJB9mI6be7O2aTc2l0o0g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723285287; a=rsa-sha256; cv=none;
	b=qqTNlHPEL1nDGqTdp0NFHe+FMrlfGcuazBEUyw29A84XoKw6wykCALkyJY9QKblmNRzZ9c
	z3ybgKCWEmW8SNEJ9qtvm2nTaQiS4MJ2LmeniIlcbz5MjByCqWxjObgjdgRLRmTvPZl5RN
	UP2bKoWPDEgjje1wrPA/nVcnbgEEv880AItML4XH+Aj7pR08Ae56kqXoLYrK0RF910CvK3
	xvwURR2UKNg40UnspyOjXneKQKzHjpRZHRE1cQMJcSiM6r7cLEtmTgZCQf+dQ1bnMh0OaU
	H/QdVsuBRf03ERUnlw9gt8QJV9EW5j7dmK2ILe1WTQXBHmb7sH/DopJCirFi/w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723285287;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ikpZcMguvqjl0sntgJKvZUW1DE2oFpNOAqOtPLOGc4c=;
	b=FCG/XPhgcAbTlwbWPpnfuS+MSjk4jSj7rK7L/csov1cj8uI/c3SBlt8FFnNqpMcFFGxATJ
	KDM8SqQLCUNpVCGA2xTHwCQ1aPkSQ2Btt5ewy4aMTCVzQ3B2pq1ee3R9uyuzcVQ3BEeu1G
	mvjyJKUZjuH9dLLyoXFznJLE+76eGcntPnOBvwk4/i8jz9Uv4bSWENqQYaam4wSm3w5pf5
	AGaIvBBPw6jhs041scDJnTCYxm01WiXU4AUaO7sp5HIRMHlPWt2O4I3s7ECfBuwhbCXu76
	S/X0wxSzwI0eurf6hrqqbKdSXIrh55EXgWUm89fyFA/MzxrPaZ/AXmo0myGdAQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wgxdg3hYxzwnH;
	Sat, 10 Aug 2024 10:21:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47AALRYk009489;
	Sat, 10 Aug 2024 10:21:27 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47AALRUg009486;
	Sat, 10 Aug 2024 10:21:27 GMT
	(envelope-from git)
Date: Sat, 10 Aug 2024 10:21:27 GMT
Message-Id: <202408101021.47AALRUg009486@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: c23c718ed637 - stable/14 - tcpsso: add example to man
  page
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: c23c718ed63763aabad0b5bef828fcd374d2c4d0
Auto-Submitted: auto-generated

The branch stable/14 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=c23c718ed63763aabad0b5bef828fcd374d2c4d0

commit c23c718ed63763aabad0b5bef828fcd374d2c4d0
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 17:59:06 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-10 10:21:08 +0000

    tcpsso: add example to man page
    
    Describe how to switch the TCP stack on all endpoints in the
    LISTEN state.
    
    Reviewed by:            concussious.bugzilla_runbox.com
    Sponsored by:           Netflix, Inc.
    Differential Revision:  https://reviews.freebsd.org/D46218
    
    (cherry picked from commit 5c44e69d2f3d2404f39c552448173a9bd62bd651)
---
 usr.sbin/tcpsso/tcpsso.8 | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/tcpsso/tcpsso.8 b/usr.sbin/tcpsso/tcpsso.8
index 37968c8afa54..9bff621fc516 100644
--- a/usr.sbin/tcpsso/tcpsso.8
+++ b/usr.sbin/tcpsso/tcpsso.8
@@ -24,7 +24,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd January 14, 2024
+.Dd August 3, 2024
 .Dt TCPSSO 8
 .Os
 .Sh NAME
@@ -229,11 +229,17 @@ Then, use the following command to enable Black Box Logging on it:
 # tcpsso -i 435 TCP_LOG 4
 .Ed
 .Pp
-To switch all TCP endpoints from using the freebsd stack to the rack stack use:
+To switch all TCP endpoints from using the freebsd stack to the RACK stack use:
 .Bd -literal -offset indent
 # tcpsso -S freebsd TCP_FUNCTION_BLK rack
 .Ed
 .Pp
+All TCP endpoints in the LISTEN state can be switched to the RACK stack by
+using:
+.Bd -literal -offset indent
+# tcpsso -s LISTEN TCP_FUNCTION_BLK rack
+.Ed
+.Pp
 The following command will set the congestion control module of all TCP
 endpoints currently using cubic as its congestion control algorithm to the
 congestion control algorithm newreno:

From nobody Sat Aug 10 10:22:01 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WgxfL5LP6z5SWfb;
	Sat, 10 Aug 2024 10:22:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WgxfL07dQz4qHr;
	Sat, 10 Aug 2024 10:22:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723285322;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=syaRUSwYMu8Jls8ZS8WuHFxb7gdHqHcru/m3vZ86N7c=;
	b=En0yDcqQq1nTOqvoZFjQH6r83JyOR5wDEtTU7eQHnPm18CFlM3QKwuxj/R2dNQn9jdhtlF
	kTh1/jZ9+SGM1JmeQ/7CMW3bzLBNtL9wKMHlHcoBkbG2gN18qljMAwjoYLdmoTu7dpiZSQ
	2UNfotr4bUFJIh4qDhO79D+Kh3I3BZCipX0o+/ej6PbF+T2H3Ptqcx5AhZA25J3kncgF1s
	biTFBRb2Jnd+e7j3SMbzUzXHP5DpDeGvfxvOjlPte9LGwTLcsBQ4ggQxkvykSJoxCT7Wd6
	MBDajgv5/nHB58UgTRVK1pkvCY7xaprzEBPxdY4mYqGhbI/F6q9HEBOGiV3Deg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723285322; a=rsa-sha256; cv=none;
	b=t+qcsQreDmKhxX0j569+/kqRhF7/x3aKvHpB4ol8L8ehnBGcZo/p6+MkjYGdlzcgsBqgqJ
	QvCQs0HurDvn4C3tRbOfhKSWsRBdU+sNMrjPQHSHGtJliSnW1IYW+4b0Zx5xNFESehl4ef
	24SJfiNDxh8FPyxJHWgz5jVP925ru3GFXlrXWqShqfKsL9vr/Bs+40//LXL/yU7sqfYg0K
	cFJL8N9mBTkzwH3AECZ4wMsPcrPCVQ3EEmL0051azVoZMtcdYzOf3n6Mv1oaMPi9bE54Db
	6/RuoBqjqc0APnjIn7VeRhympWIFEJR3Wh11GLtVTqn/rXoNYMst1nWo0WeBNg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723285322;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=syaRUSwYMu8Jls8ZS8WuHFxb7gdHqHcru/m3vZ86N7c=;
	b=qW9u9jxcueogkFwu1nD04DdzN1kfiDzKj7swlqXAMj3pG/GlMy3EbqbOtmltu0Snjrcmn/
	NCNeXqXwp26j4Kf2lfwBD13RjTASC8IisghntlKaw6wPjc19x2eFpmnbFUBEehbqiaGNEb
	XkooN3hj3rOcK4STdl0dpX0AS2T0iIB3yd2i2fDKyK0MKGctRDZVNwMTZJEi3+EsZnF8Sy
	17rs40QyGlKv3+nc7TqF5eIFKxRSbnGjrCyG4S/nAIpoV238VBEdlZqG3j1ANAOzFbuQro
	vJqujjPgFcynoTzwf2HHhBJMoqGn2E73d4kBskvFIkWCfqU0EF7oNl853BTwvw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WgxfK6sQWzwYv;
	Sat, 10 Aug 2024 10:22:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47AAM1Pw011607;
	Sat, 10 Aug 2024 10:22:01 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47AAM1s0011604;
	Sat, 10 Aug 2024 10:22:01 GMT
	(envelope-from git)
Date: Sat, 10 Aug 2024 10:22:01 GMT
Message-Id: <202408101022.47AAM1s0011604@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: 5c4fd0b523f7 - stable/14 - tcpsso: improve man page
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 5c4fd0b523f7c75b0d331025378ed7df12f0fc87
Auto-Submitted: auto-generated

The branch stable/14 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=5c4fd0b523f7c75b0d331025378ed7df12f0fc87

commit 5c4fd0b523f7c75b0d331025378ed7df12f0fc87
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 18:30:10 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-10 10:21:51 +0000

    tcpsso: improve man page
    
    Address comment provided by bcr.
    
    Sponsored by:           Netflix, Inc.
    
    (cherry picked from commit 2edac5a60a57a2a6ef80c61079d427c4ee31b7a9)
---
 usr.sbin/tcpsso/tcpsso.8 | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/usr.sbin/tcpsso/tcpsso.8 b/usr.sbin/tcpsso/tcpsso.8
index 9bff621fc516..5bbcd0eb873f 100644
--- a/usr.sbin/tcpsso/tcpsso.8
+++ b/usr.sbin/tcpsso/tcpsso.8
@@ -234,8 +234,7 @@ To switch all TCP endpoints from using the freebsd stack to the RACK stack use:
 # tcpsso -S freebsd TCP_FUNCTION_BLK rack
 .Ed
 .Pp
-All TCP endpoints in the LISTEN state can be switched to the RACK stack by
-using:
+Switch all TCP endpoints in the LISTEN state to the RACK stack by using:
 .Bd -literal -offset indent
 # tcpsso -s LISTEN TCP_FUNCTION_BLK rack
 .Ed

From nobody Sat Aug 10 10:28:42 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wgxp31yF0z5SWMV;
	Sat, 10 Aug 2024 10:28:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wgxp319R5z4qmX;
	Sat, 10 Aug 2024 10:28:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723285723;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MzkOW4uYiv9MS5s8+Qc0n5eIcnQenVqzM8vBwWDuvGg=;
	b=qKhkvwS96djLO7Oc5dz+P4UM/+VJeyw0FSoZs/IEwjwfcsZH8uVgcyhK9r0qyqeae0a6d0
	qS+yDlZx19O184i8vmbn6dhUV6L7en22/4Esa5cAl8roVqoXSHTX+qsjA0CVGwI1nplq5T
	N3oV6iDGlpWu4kIF++YHQqAa3HV3hOD0aExF+LqThZUWT0s98CmzzeJ9hSOWQcASqsFE3i
	LM0u3WGdIAP6LaFRuqqVgKWc6c5A2JY4ueSDyeDX+mhhfDc84RGP0JQv4VtgMigUZowVTV
	tiXKnXdvk+xIDyBpXpj207PSEjLCE5q8dd5atQ1M5O9XF9yF8HDPhHBSeO1RwA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723285723; a=rsa-sha256; cv=none;
	b=uB1BMwQ6sBTTcVZXk2wkNJL6g/cw1oPbT6Az2+mBouF02hPjZrv/iGmMGwZhaUJa5v+6RC
	AFX4DKkbUbntenEOQG90MY66YwPJIn2psRvTjInuVgwQoTjsPZTZlGafkzdJfcr+z4gXUr
	1vjZLhNclNnG52dj/6o3vuuh2Vc3NV53iQTwryUB2SjBPAFr+KvZ2QdTMo7ju83IRVVQ76
	ii6Wua3Rg44P2ERy4zwCgCPUS6infSCTN3IBCBLGBGzcrvfpQDy3uqJHo72xEB3vY4lzoH
	7mCJvw9Equwjp7TXVr7B37W/0i9HpxmqNKemZ8hKb/1UE3Qp/QheEqFVXndRXg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723285723;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MzkOW4uYiv9MS5s8+Qc0n5eIcnQenVqzM8vBwWDuvGg=;
	b=X/mY2+pZN2dRgebYpH3TQozVg0lYdIAQA6CuYAToBoitzi7P5f55UAjHEt/InWWLiae1Hv
	9jAU6/WHkFD3w15RQ9OfgYE1iXB6tQhPtQB/YCq6dxh/d8TykNUZ7L3ERJ7OgyazMEMPPQ
	NKRMUxqdvZkWt1CrF3BuMSLDW+IhAhTvWSf917gjtfOA5dEiqeUMFms5cuUl1PoMdEd132
	djHr2BneeZTbxAEaDCQtAxbSrT8vpK4tf9208w2SUlMTtdAko/FDicgEW8CpsUYTLJNGHd
	IbKRi0bFPzXxr+7oy30v/8j4+uEiNONUeBVWQxVmJ0F82CqMwMFbTdr9iMM1bQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wgxp30MCyzwRx;
	Sat, 10 Aug 2024 10:28:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47AASg0T013524;
	Sat, 10 Aug 2024 10:28:42 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47AASgYu013521;
	Sat, 10 Aug 2024 10:28:42 GMT
	(envelope-from git)
Date: Sat, 10 Aug 2024 10:28:42 GMT
Message-Id: <202408101028.47AASgYu013521@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Tuexen <tuexen@FreeBSD.org>
Subject: git: f7425802933f - stable/14 - tcp: fix t_flags2 collision
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: tuexen
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: f7425802933f76c9af62c09a79a87753626281e0
Auto-Submitted: auto-generated

The branch stable/14 has been updated by tuexen:

URL: https://cgit.FreeBSD.org/src/commit/?id=f7425802933f76c9af62c09a79a87753626281e0

commit f7425802933f76c9af62c09a79a87753626281e0
Author:     Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2024-08-03 19:49:18 +0000
Commit:     Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2024-08-10 10:27:53 +0000

    tcp: fix t_flags2 collision
    
    Fix the collision of TF2_IPSEC_TSO and TF2_NO_ISS_CHECK
    
    Fixes:                  646c28ea80cb ("tcp: improve SEG.ACK validation")
    Sponsored by:           Netflix, Inc.
    
    (cherry picked from commit 52eacec95d54205962a3d6902e18e41fce8b4e79)
---
 sys/netinet/tcp_var.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h
index 9ba13b779616..83ea1608abe1 100644
--- a/sys/netinet/tcp_var.h
+++ b/sys/netinet/tcp_var.h
@@ -864,7 +864,7 @@ tcp_packets_this_ack(struct tcpcb *tp, tcp_seq ack)
 #define	TF2_MBUF_QUEUE_READY	0x00020000 /* Inputs can be queued */
 #define	TF2_DONT_SACK_QUEUE	0x00040000 /* Don't wake on sack */
 #define	TF2_CANNOT_DO_ECN	0x00080000 /* The stack does not do ECN */
-#define	TF2_NO_ISS_CHECK	0x00200000 /* Don't check SEG.ACK against ISS */
+#define	TF2_NO_ISS_CHECK	0x00400000 /* Don't check SEG.ACK against ISS */
 
 /*
  * Structure to hold TCP options that are only used during segment

From nobody Sun Aug 11 10:15:23 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhYSD1bymz5SPBR;
	Sun, 11 Aug 2024 10:15:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhYSC6GLfz4bLM;
	Sun, 11 Aug 2024 10:15:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723371323;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iIIH22wJSXRRe/bfLFhNn0VtqEbTx9HJQRCQg3EYmfU=;
	b=M21ClaEfaxGD3cIim/kfNlLc+aW5l91DYecRpPS/US6xu/pbHUCANqDB/67SsYa/wVSXi/
	7/7S77JYcGIz/HoAt8c4k+uIAZyuojs3PU9thx5CArjZIB+cdm4kdURYdNnTaAIf/TEvcy
	xl+UWVPclLHwNbIm8psk79qrOERV6IIDVEgVhBaDSLGDSgjhxne7MSMShbwECeUVlKhISH
	WDy6TWvNKGCUz4v+ufmbceW+I5ZWisbeVPyHf4l/4am9COLceM+Zy4+MsKP/sad9Y2kbOO
	E+Sw2fFqG0lJ3WMC9B4MaOFbuWkVAkNWRFP4N3iyK8kI194hDtjy68SifDJv1Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723371323; a=rsa-sha256; cv=none;
	b=QDUC9sjDOJSiqOo5DYBJT9q1/HfD/PK+pyfgQCoD7v7P+jbC2Qayb6MGSsKWs5It9O+51E
	vBJzCDFdbFUFSC9kCSN26EjFVEy38LGKI2H35NNaVMI+K/eldRCQssHr+YArVfm5+NwhXj
	WDOdS+mu3bVVVd/n8LwrgLlCU6FUH1G5MTAHEtCuInMSF0lnaFRwcwneZ/F+t80DCHKjGL
	ubbp7X0jBccAM4yrgDjJKyzTubjlLfARn7oSAS/jbnv5nyveMF7MbT7XCSp0PKJhHzBMy/
	296d0jw3U/El7IR8lViF8PbU47fDhlYhQPKZvRN+K2Wxe1hL6MYDtpi1hqpG/A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723371323;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iIIH22wJSXRRe/bfLFhNn0VtqEbTx9HJQRCQg3EYmfU=;
	b=e20ND+yajGSgvr5hth8xG0fMwAqsk4vK8zQdidiTL7bj9RH1yOf2mThqPeTn/AnGhmj8Oy
	n1jV13C32m1E/d7zmcdqJCXPaW3dwYr8tP9ZSRFud+eucddQ717iqHwB9VLkpl6Rk0flEO
	i1JRLNYkg/bP6j1M0D9+Wy8bxUV14wpB9KKJ97pr1BAZczTvy+3OuFhM6umMIZktPD5eQ9
	3lpKj7MKNlbtZ4Eh1DAC4A3e11tfVCTnxwWlfeV1Ux1v9WttQk0VotfxZ42ghd8zyBLQLK
	gyJGC6y28PXFyy7+vE8mGUTlnYO/CEr4R7Xwu0y44t0BTxs4a/qB+qQelmx8Tg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhYSC5Sg7zfYW;
	Sun, 11 Aug 2024 10:15:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BAFNMj031621;
	Sun, 11 Aug 2024 10:15:23 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BAFNZY031618;
	Sun, 11 Aug 2024 10:15:23 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 10:15:23 GMT
Message-Id: <202408111015.47BAFNZY031618@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Vladimir Kondratyev <wulf@FreeBSD.org>
Subject: git: 59d36b896992 - stable/14 - LinuxKPI: update linuxkpi_video
  to Linux 6.6
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: wulf
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 59d36b8969925a68f805338c1fd288d1c14bf7d4
Auto-Submitted: auto-generated

The branch stable/14 has been updated by wulf:

URL: https://cgit.FreeBSD.org/src/commit/?id=59d36b8969925a68f805338c1fd288d1c14bf7d4

commit 59d36b8969925a68f805338c1fd288d1c14bf7d4
Author:     Vladimir Kondratyev <wulf@FreeBSD.org>
AuthorDate: 2024-08-07 20:38:38 +0000
Commit:     Vladimir Kondratyev <wulf@FreeBSD.org>
CommitDate: 2024-08-11 10:12:38 +0000

    LinuxKPI: update linuxkpi_video to Linux 6.6
    
    disable hdmi_audio_infoframe_pack_for_dp function for now as it depends
    on not imported yet drm sources and is not used by drm-kmod.
    
    Reviewed by:    manu
    Sponsored by:   Serenity CyberSecurity, LLC
    Differential Revision:  https://reviews.freebsd.org/D46224
    
    (cherry picked from commit c89d94ad5d95fd15e891b2723caae8a6104ee153)
---
 .../linuxkpi/common/include/linux/aperture.h       | 16 ++--
 sys/compat/linuxkpi/common/include/linux/hdmi.h    |  9 ++-
 sys/compat/linuxkpi/common/include/video/cmdline.h | 44 +++++++++++
 sys/compat/linuxkpi/common/src/linux_aperture.c    | 86 ++++++++++++++--------
 sys/compat/linuxkpi/common/src/linux_cmdline.c     | 63 ++++++++++++++++
 sys/compat/linuxkpi/common/src/linux_hdmi.c        | 86 +++++++++++++++++-----
 sys/modules/linuxkpi_video/Makefile                |  1 +
 7 files changed, 248 insertions(+), 57 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/aperture.h b/sys/compat/linuxkpi/common/include/linux/aperture.h
index e0387ed0225d..7eced3cc3cb1 100644
--- a/sys/compat/linuxkpi/common/include/linux/aperture.h
+++ b/sys/compat/linuxkpi/common/include/linux/aperture.h
@@ -16,7 +16,9 @@ int devm_aperture_acquire_for_platform_device(struct platform_device *pdev,
 					      resource_size_t size);
 
 int aperture_remove_conflicting_devices(resource_size_t base, resource_size_t size,
-					bool primary, const char *name);
+					const char *name);
+
+int __aperture_remove_legacy_vga_devices(struct pci_dev *pdev);
 
 int aperture_remove_conflicting_pci_devices(struct pci_dev *pdev, const char *name);
 #else
@@ -28,7 +30,12 @@ static inline int devm_aperture_acquire_for_platform_device(struct platform_devi
 }
 
 static inline int aperture_remove_conflicting_devices(resource_size_t base, resource_size_t size,
-						      bool primary, const char *name)
+						      const char *name)
+{
+	return 0;
+}
+
+static inline int __aperture_remove_legacy_vga_devices(struct pci_dev *pdev)
 {
 	return 0;
 }
@@ -41,7 +48,6 @@ static inline int aperture_remove_conflicting_pci_devices(struct pci_dev *pdev,
 
 /**
  * aperture_remove_all_conflicting_devices - remove all existing framebuffers
- * @primary: also kick vga16fb if present; only relevant for VGA devices
  * @name: a descriptive name of the requesting driver
  *
  * This function removes all graphics device drivers. Use this function on systems
@@ -50,9 +56,9 @@ static inline int aperture_remove_conflicting_pci_devices(struct pci_dev *pdev,
  * Returns:
  * 0 on success, or a negative errno code otherwise
  */
-static inline int aperture_remove_all_conflicting_devices(bool primary, const char *name)
+static inline int aperture_remove_all_conflicting_devices(const char *name)
 {
-	return aperture_remove_conflicting_devices(0, (resource_size_t)-1, primary, name);
+	return aperture_remove_conflicting_devices(0, (resource_size_t)-1, name);
 }
 
 #endif
diff --git a/sys/compat/linuxkpi/common/include/linux/hdmi.h b/sys/compat/linuxkpi/common/include/linux/hdmi.h
index c8ec982ff498..2094dbc84e89 100644
--- a/sys/compat/linuxkpi/common/include/linux/hdmi.h
+++ b/sys/compat/linuxkpi/common/include/linux/hdmi.h
@@ -336,7 +336,14 @@ ssize_t hdmi_audio_infoframe_pack(struct hdmi_audio_infoframe *frame,
 				  void *buffer, size_t size);
 ssize_t hdmi_audio_infoframe_pack_only(const struct hdmi_audio_infoframe *frame,
 				       void *buffer, size_t size);
-int hdmi_audio_infoframe_check(struct hdmi_audio_infoframe *frame);
+int hdmi_audio_infoframe_check(const struct hdmi_audio_infoframe *frame);
+
+#ifdef __linux__
+struct dp_sdp;
+ssize_t
+hdmi_audio_infoframe_pack_for_dp(const struct hdmi_audio_infoframe *frame,
+				 struct dp_sdp *sdp, u8 dp_version);
+#endif
 
 enum hdmi_3d_structure {
 	HDMI_3D_STRUCTURE_INVALID = -1,
diff --git a/sys/compat/linuxkpi/common/include/video/cmdline.h b/sys/compat/linuxkpi/common/include/video/cmdline.h
new file mode 100644
index 000000000000..eaa9a998fda2
--- /dev/null
+++ b/sys/compat/linuxkpi/common/include/video/cmdline.h
@@ -0,0 +1,44 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2023 Serenity Cyber Security, LLC.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef _VIDEO_CMDLINE_H_
+#define _VIDEO_CMDLINE_H_
+
+#include <linux/types.h>
+
+#define CONFIG_VIDEO_CMDLINE
+
+#if defined(CONFIG_VIDEO_CMDLINE)
+const char *video_get_options(const char *name);
+#else
+static inline const char *
+video_get_options(const char *name)
+{
+	return (NULL);
+}
+#endif
+#endif /* _VIDEO_CMDLINE_H_ */
diff --git a/sys/compat/linuxkpi/common/src/linux_aperture.c b/sys/compat/linuxkpi/common/src/linux_aperture.c
index 15a56839fa9c..21c7041fc851 100644
--- a/sys/compat/linuxkpi/common/src/linux_aperture.c
+++ b/sys/compat/linuxkpi/common/src/linux_aperture.c
@@ -20,7 +20,7 @@
  * driver can be active at any given time. Many systems load a generic
  * graphics drivers, such as EFI-GOP or VESA, early during the boot process.
  * During later boot stages, they replace the generic driver with a dedicated,
- * hardware-specific driver. To take over the device the dedicated driver
+ * hardware-specific driver. To take over the device, the dedicated driver
  * first has to remove the generic driver. Aperture functions manage
  * ownership of framebuffer memory and hand-over between drivers.
  *
@@ -43,7 +43,7 @@
  *		base = mem->start;
  *		size = resource_size(mem);
  *
- *		ret = aperture_remove_conflicting_devices(base, size, false, "example");
+ *		ret = aperture_remove_conflicting_devices(base, size, "example");
  *		if (ret)
  *			return ret;
  *
@@ -76,7 +76,7 @@
  * generic EFI or VESA drivers, have to register themselves as owners of their
  * framebuffer apertures. Ownership of the framebuffer memory is achieved
  * by calling devm_aperture_acquire_for_platform_device(). If successful, the
- * driveris the owner of the framebuffer range. The function fails if the
+ * driver is the owner of the framebuffer range. The function fails if the
  * framebuffer is already owned by another driver. See below for an example.
  *
  * .. code-block:: c
@@ -126,7 +126,7 @@
  * et al for the registered framebuffer range, the aperture helpers call
  * platform_device_unregister() and the generic driver unloads itself. The
  * generic driver also has to provide a remove function to make this work.
- * Once hot unplugged fro mhardware, it may not access the device's
+ * Once hot unplugged from hardware, it may not access the device's
  * registers, framebuffer memory, ROM, etc afterwards.
  */
 
@@ -203,7 +203,7 @@ static void aperture_detach_platform_device(struct device *dev)
 
 	/*
 	 * Remove the device from the device hierarchy. This is the right thing
-	 * to do for firmware-based DRM drivers, such as EFI, VESA or VGA. After
+	 * to do for firmware-based fb drivers, such as EFI, VESA or VGA. After
 	 * the new driver takes over the hardware, the firmware device's state
 	 * will be lost.
 	 *
@@ -274,7 +274,6 @@ static void aperture_detach_devices(resource_size_t base, resource_size_t size)
  * aperture_remove_conflicting_devices - remove devices in the given range
  * @base: the aperture's base address in physical memory
  * @size: aperture size in bytes
- * @primary: also kick vga16fb if present; only relevant for VGA devices
  * @name: a descriptive name of the requesting driver
  *
  * This function removes devices that own apertures within @base and @size.
@@ -283,7 +282,7 @@ static void aperture_detach_devices(resource_size_t base, resource_size_t size)
  * 0 on success, or a negative errno code otherwise
  */
 int aperture_remove_conflicting_devices(resource_size_t base, resource_size_t size,
-					bool primary, const char *name)
+					const char *name)
 {
 	/*
 	 * If a driver asked to unregister a platform device registered by
@@ -300,18 +299,45 @@ int aperture_remove_conflicting_devices(resource_size_t base, resource_size_t si
 
 	aperture_detach_devices(base, size);
 
-	/*
-	 * If this is the primary adapter, there could be a VGA device
-	 * that consumes the VGA framebuffer I/O range. Remove this device
-	 * as well.
-	 */
-	if (primary)
-		aperture_detach_devices(VGA_FB_PHYS_BASE, VGA_FB_PHYS_SIZE);
-
 	return 0;
 }
 EXPORT_SYMBOL(aperture_remove_conflicting_devices);
 
+/**
+ * __aperture_remove_legacy_vga_devices - remove legacy VGA devices of a PCI devices
+ * @pdev: PCI device
+ *
+ * This function removes VGA devices provided by @pdev, such as a VGA
+ * framebuffer or a console. This is useful if you have a VGA-compatible
+ * PCI graphics device with framebuffers in non-BAR locations. Drivers
+ * should acquire ownership of those memory areas and afterwards call
+ * this helper to release remaining VGA devices.
+ *
+ * If your hardware has its framebuffers accessible via PCI BARS, use
+ * aperture_remove_conflicting_pci_devices() instead. The function will
+ * release any VGA devices automatically.
+ *
+ * WARNING: Apparently we must remove graphics drivers before calling
+ *          this helper. Otherwise the vga fbdev driver falls over if
+ *          we have vgacon configured.
+ *
+ * Returns:
+ * 0 on success, or a negative errno code otherwise
+ */
+int __aperture_remove_legacy_vga_devices(struct pci_dev *pdev)
+{
+	/* VGA framebuffer */
+	aperture_detach_devices(VGA_FB_PHYS_BASE, VGA_FB_PHYS_SIZE);
+
+	/* VGA textmode console */
+#ifdef __linux__
+	return vga_remove_vgacon(pdev);
+#elif defined(__FreeBSD__)
+	return 0;
+#endif
+}
+EXPORT_SYMBOL(__aperture_remove_legacy_vga_devices);
+
 /**
  * aperture_remove_conflicting_pci_devices - remove existing framebuffers for PCI devices
  * @pdev: PCI device
@@ -328,14 +354,14 @@ int aperture_remove_conflicting_pci_devices(struct pci_dev *pdev, const char *na
 {
 	bool primary = false;
 	resource_size_t base, size;
-	int bar, ret;
+	int bar, ret = 0;
 
-#ifdef CONFIG_X86
 #ifdef __linux__
-	primary = pdev->resource[PCI_ROM_RESOURCE].flags & IORESOURCE_ROM_SHADOW;
-#elif defined(__FreeBSD__)
-	primary = NULL;
-#endif
+	if (pdev == vga_default_device())
+		primary = true;
+
+	if (primary)
+		sysfb_disable();
 #endif
 
 	for (bar = 0; bar < PCI_STD_NUM_BARS; ++bar) {
@@ -344,22 +370,18 @@ int aperture_remove_conflicting_pci_devices(struct pci_dev *pdev, const char *na
 
 		base = pci_resource_start(pdev, bar);
 		size = pci_resource_len(pdev, bar);
-		ret = aperture_remove_conflicting_devices(base, size, primary, name);
-		if (ret)
-			return ret;
+		aperture_detach_devices(base, size);
 	}
 
 	/*
-	 * WARNING: Apparently we must kick fbdev drivers before vgacon,
-	 * otherwise the vga fbdev driver falls over.
+	 * If this is the primary adapter, there could be a VGA device
+	 * that consumes the VGA framebuffer I/O range. Remove this
+	 * device as well.
 	 */
-#ifdef __linux__
-	ret = vga_remove_vgacon(pdev);
-	if (ret)
-		return ret;
-#endif
+	if (primary)
+		ret = __aperture_remove_legacy_vga_devices(pdev);
 
-	return 0;
+	return ret;
 
 }
 EXPORT_SYMBOL(aperture_remove_conflicting_pci_devices);
diff --git a/sys/compat/linuxkpi/common/src/linux_cmdline.c b/sys/compat/linuxkpi/common/src/linux_cmdline.c
new file mode 100644
index 000000000000..0cfa1d56ee6a
--- /dev/null
+++ b/sys/compat/linuxkpi/common/src/linux_cmdline.c
@@ -0,0 +1,63 @@
+/*-
+ * Copyright (c) 2022 Beckhoff Automation GmbH & Co. KG
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+
+#include <video/cmdline.h>
+
+const char *
+video_get_options(const char *connector_name)
+{
+	char tunable[64];
+	const char *options;
+
+	/*
+	 * A user may use loader tunables to set a specific mode for the
+	 * console. Tunables are read in the following order:
+	 *     1. kern.vt.fb.modes.$connector_name
+	 *     2. kern.vt.fb.default_mode
+	 *
+	 * Example of a mode specific to the LVDS connector:
+	 *     kern.vt.fb.modes.LVDS="1024x768"
+	 *
+	 * Example of a mode applied to all connectors not having a
+	 * connector-specific mode:
+	 *     kern.vt.fb.default_mode="640x480"
+	 */
+	snprintf(tunable, sizeof(tunable), "kern.vt.fb.modes.%s",
+	    connector_name);
+	if (bootverbose) {
+		printf("[drm] Connector %s: get mode from tunables:\n", connector_name);
+		printf("[drm]  - %s\n", tunable);
+		printf("[drm]  - kern.vt.fb.default_mode\n");
+	}
+	options = kern_getenv(tunable);
+	if (options == NULL)
+		options = kern_getenv("kern.vt.fb.default_mode");
+
+	return (options);
+}
diff --git a/sys/compat/linuxkpi/common/src/linux_hdmi.c b/sys/compat/linuxkpi/common/src/linux_hdmi.c
index 947be761dfa4..fc47693e913c 100644
--- a/sys/compat/linuxkpi/common/src/linux_hdmi.c
+++ b/sys/compat/linuxkpi/common/src/linux_hdmi.c
@@ -21,6 +21,9 @@
  * DEALINGS IN THE SOFTWARE.
  */
 
+#ifdef __linux__
+#include <drm/display/drm_dp.h>
+#endif
 #include <linux/bitops.h>
 #include <linux/bug.h>
 #include <linux/errno.h>
@@ -381,12 +384,34 @@ static int hdmi_audio_infoframe_check_only(const struct hdmi_audio_infoframe *fr
  *
  * Returns 0 on success or a negative error code on failure.
  */
-int hdmi_audio_infoframe_check(struct hdmi_audio_infoframe *frame)
+int hdmi_audio_infoframe_check(const struct hdmi_audio_infoframe *frame)
 {
 	return hdmi_audio_infoframe_check_only(frame);
 }
 EXPORT_SYMBOL(hdmi_audio_infoframe_check);
 
+static void
+hdmi_audio_infoframe_pack_payload(const struct hdmi_audio_infoframe *frame,
+				  u8 *buffer)
+{
+	u8 channels;
+
+	if (frame->channels >= 2)
+		channels = frame->channels - 1;
+	else
+		channels = 0;
+
+	buffer[0] = ((frame->coding_type & 0xf) << 4) | (channels & 0x7);
+	buffer[1] = ((frame->sample_frequency & 0x7) << 2) |
+		 (frame->sample_size & 0x3);
+	buffer[2] = frame->coding_type_ext & 0x1f;
+	buffer[3] = frame->channel_allocation;
+	buffer[4] = (frame->level_shift_value & 0xf) << 3;
+
+	if (frame->downmix_inhibit)
+		buffer[4] |= BIT(7);
+}
+
 /**
  * hdmi_audio_infoframe_pack_only() - write HDMI audio infoframe to binary buffer
  * @frame: HDMI audio infoframe
@@ -404,7 +429,6 @@ EXPORT_SYMBOL(hdmi_audio_infoframe_check);
 ssize_t hdmi_audio_infoframe_pack_only(const struct hdmi_audio_infoframe *frame,
 				       void *buffer, size_t size)
 {
-	unsigned char channels;
 	u8 *ptr = buffer;
 	size_t length;
 	int ret;
@@ -420,28 +444,13 @@ ssize_t hdmi_audio_infoframe_pack_only(const struct hdmi_audio_infoframe *frame,
 
 	memset(buffer, 0, size);
 
-	if (frame->channels >= 2)
-		channels = frame->channels - 1;
-	else
-		channels = 0;
-
 	ptr[0] = frame->type;
 	ptr[1] = frame->version;
 	ptr[2] = frame->length;
 	ptr[3] = 0; /* checksum */
 
-	/* start infoframe payload */
-	ptr += HDMI_INFOFRAME_HEADER_SIZE;
-
-	ptr[0] = ((frame->coding_type & 0xf) << 4) | (channels & 0x7);
-	ptr[1] = ((frame->sample_frequency & 0x7) << 2) |
-		 (frame->sample_size & 0x3);
-	ptr[2] = frame->coding_type_ext & 0x1f;
-	ptr[3] = frame->channel_allocation;
-	ptr[4] = (frame->level_shift_value & 0xf) << 3;
-
-	if (frame->downmix_inhibit)
-		ptr[4] |= BIT(7);
+	hdmi_audio_infoframe_pack_payload(frame,
+					  ptr + HDMI_INFOFRAME_HEADER_SIZE);
 
 	hdmi_infoframe_set_checksum(buffer, length);
 
@@ -479,6 +488,45 @@ ssize_t hdmi_audio_infoframe_pack(struct hdmi_audio_infoframe *frame,
 }
 EXPORT_SYMBOL(hdmi_audio_infoframe_pack);
 
+#ifdef __linux__
+/**
+ * hdmi_audio_infoframe_pack_for_dp - Pack a HDMI Audio infoframe for DisplayPort
+ *
+ * @frame:      HDMI Audio infoframe
+ * @sdp:        Secondary data packet for DisplayPort.
+ * @dp_version: DisplayPort version to be encoded in the header
+ *
+ * Packs a HDMI Audio Infoframe to be sent over DisplayPort. This function
+ * fills the secondary data packet to be used for DisplayPort.
+ *
+ * Return: Number of total written bytes or a negative errno on failure.
+ */
+ssize_t
+hdmi_audio_infoframe_pack_for_dp(const struct hdmi_audio_infoframe *frame,
+				 struct dp_sdp *sdp, u8 dp_version)
+{
+	int ret;
+
+	ret = hdmi_audio_infoframe_check(frame);
+	if (ret)
+		return ret;
+
+	memset(sdp->db, 0, sizeof(sdp->db));
+
+	/* Secondary-data packet header */
+	sdp->sdp_header.HB0 = 0;
+	sdp->sdp_header.HB1 = frame->type;
+	sdp->sdp_header.HB2 = DP_SDP_AUDIO_INFOFRAME_HB2;
+	sdp->sdp_header.HB3 = (dp_version & 0x3f) << 2;
+
+	hdmi_audio_infoframe_pack_payload(frame, sdp->db);
+
+	/* Return size =  frame length + four HB for sdp_header */
+	return frame->length + 4;
+}
+EXPORT_SYMBOL(hdmi_audio_infoframe_pack_for_dp);
+#endif
+
 /**
  * hdmi_vendor_infoframe_init() - initialize an HDMI vendor infoframe
  * @frame: HDMI vendor infoframe
diff --git a/sys/modules/linuxkpi_video/Makefile b/sys/modules/linuxkpi_video/Makefile
index a9562eaf4735..f2ee3438ac82 100644
--- a/sys/modules/linuxkpi_video/Makefile
+++ b/sys/modules/linuxkpi_video/Makefile
@@ -3,6 +3,7 @@
 KMOD=	linuxkpi_video
 SRCS=	linux_hdmi.c \
 	linux_aperture.c \
+	linux_cmdline.c \
 	linuxkpi_videokmod.c
 
 SRCS+=	${LINUXKPI_GENSRCS}

From nobody Sun Aug 11 12:33:51 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhcWz4jggz5ShFF;
	Sun, 11 Aug 2024 12:33:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhcWz46Llz4wrM;
	Sun, 11 Aug 2024 12:33:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723379631;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=VdoLc2jo6RVfX70CYABvqpVf5fHEkIAjKWysQbFVMhA=;
	b=t3S0kogJGv+Y+vm9HNzZSXAiz7TBh9rdhyQyiGp81u+Rs0rJHHGSQpU8mxkKP5mdx5TNbO
	ziLThqMTTw7di1U5wwPTh40u1eREYIFF2IWC9AGJz9NEM5O3kuv32Gl9vY4yd8eKJ85ecm
	Df4tp3sCMlAsLUDtxlSAEjRgPXQ2Y6TVe3oZjKHCdt1vBWRbWY9x7whDiTPqmX1ouCGf40
	mlbRnNozKSYFhWlKvY8XlL9FDmx3tKISIhs2lOiE0QnSuMQTfHMZ6x0Y7+rzfM943/Yq7r
	PBUa5V+GQpr2uObIaSOKD6GbG2XSx8wrVbOVa+Bda1d40GByyv2vn+O+YgSi8w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723379631; a=rsa-sha256; cv=none;
	b=VxW3jUEEtxiQYYa9jjpll5kmfuucS78CXipHPweytZM2+wTO7PZK5tLwFeJ7E3zr9uWBnt
	8NRSvn4at+PENvRm+Go9pcORVwy+nE4SE2pHTghB7yIJhz9xi8nFCTbUmxPKBIeyUW7FPz
	lobOfWOPwWKw9+Bco+fCOCtvhKLmhvpahwiY3kGprZQD6KEsXSVmlK3nKr430Q97/xLvyY
	LsMfu8DTVohYsJFCAvLTuJ7LYlS7krTDklWRaMozeQVCwo/FvKODGJjgie9heFge0ozx8w
	xjPBww92pQ9zhS7iKCCtS42G2oXIcM5/z+k7R38FwsLsWDgYPeX5jlmuzpB6Lg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723379631;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=VdoLc2jo6RVfX70CYABvqpVf5fHEkIAjKWysQbFVMhA=;
	b=AWVg8ENYrh4p7QqfRxyKZfRksntoDNoHdYgx5G8hnUig0WLyzi6cBgGr1+PPbJv4PBRNTt
	f9XWT5OvlOa0UJAt4hQIT/McGTztNVryURSP/f+aWhJ0D1IMexLZeSqPFE7PcmPFxf6sq5
	ImrSfrkvxooQZap8FPpFqR8njwOkvNXmLQAShGWxALu+k0fOTCBQb7Nz4y/U8ug7yx/jeM
	G+L3BvyfsZeb/IagldZFzVKnIAW85jS03Xm60zleimk09Mwbo2O9b7a2qKoMm7KL/lzOZ2
	pAyfz0kN+eOng65WiwjK9beci1Ciu5P7puBhkOZlS17aR0weLP4MSPLivaPytA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhcWz3hh7zkPj;
	Sun, 11 Aug 2024 12:33:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BCXpug067855;
	Sun, 11 Aug 2024 12:33:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BCXplj067852;
	Sun, 11 Aug 2024 12:33:51 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 12:33:51 GMT
Message-Id: <202408111233.47BCXplj067852@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Dmitry Morozovsky <marck@FreeBSD.org>
Subject: git: 3d2b2d8d02fd - stable/14 - mailer.conf for sendmail:
  remove duplicate word.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: marck
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 3d2b2d8d02fda59ce3a8be6df91ea729970cdbb3
Auto-Submitted: auto-generated

The branch stable/14 has been updated by marck:

URL: https://cgit.FreeBSD.org/src/commit/?id=3d2b2d8d02fda59ce3a8be6df91ea729970cdbb3

commit 3d2b2d8d02fda59ce3a8be6df91ea729970cdbb3
Author:     Dmitry Morozovsky <marck@FreeBSD.org>
AuthorDate: 2024-08-07 14:03:12 +0000
Commit:     Dmitry Morozovsky <marck@FreeBSD.org>
CommitDate: 2024-08-11 12:32:03 +0000

    mailer.conf for sendmail: remove duplicate word.
    
    MFC after:      3 days
    
    (cherry picked from commit 2c2916a3ec3805ff7815633c0bf90c4339016821)
---
 etc/mail/mailer.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/mail/mailer.conf b/etc/mail/mailer.conf
index 7947855fd2f7..f86403a9a68b 100644
--- a/etc/mail/mailer.conf
+++ b/etc/mail/mailer.conf
@@ -1,7 +1,7 @@
 #
 # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
 #
-# If dma(8) is installed, an example mailer.conf that uses dma(8) instead can
+# If dma(8) is installed, an example mailer.conf that uses dma(8) instead
 # can be found in /usr/share/examples/dma.
 #
 sendmail	/usr/libexec/sendmail/sendmail

From nobody Sun Aug 11 12:38:32 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhcdP1LKkz5Shym;
	Sun, 11 Aug 2024 12:38:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhcdP0r6wz4xM3;
	Sun, 11 Aug 2024 12:38:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723379913;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yVMwIZN6vMtASX9MaGPMyAf2+MxZbz7d2QCmfFEJQbE=;
	b=CAWtD1fK6RMtYEDXEqKE0rzF7ubvW/3OhzSusLlA9esSourYFJohuwGqa2NvFjp6qXwjBJ
	aH852/5NIYqjh+FxclDNx7rZLkkOJbWBB4uJtvR42eaFIy0kfwdJ/qTPCD3+ZeAXtJ8Vc6
	MXUBNBemQTiJ8SozpoFr4iZz9s0PG8wqYn4plM9R7NdjUObt5eJEGkHokrHRavSd7DO7Bf
	9KpedIgJ1XDAYl4YOh5hMFOjrr2dnGe4nckJeNX/HNutpDzhdd7eyr94RlHOsPSBtrIsvT
	X9xvawBlT7s4Y4vw1s28CofSoGLbRqOmAEZYBu8ztRGyuzjsyzNEMZe7x3OhNA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723379913; a=rsa-sha256; cv=none;
	b=RZL18HCBDkPJd7aVFQGFTaKMc5UV0sSd2aU/I1JUVps3FFPFzN42npBYW9HvbDq8A8A2ts
	5a+UT540QVM9Qw33gXI8k7rIdWqxSQ37IvGtW0fkQJwXysjDCAKR4Gx1Q2yyB23x7PIXK5
	GjUu6cpp0JUfpd0x/h5nPUjrYwetS+XyMQl5JeAkPLTJEVJ6JH3ycEX+XZ/F1QboC2QD+M
	/gzPo5bqlAgqlqm1R+jYk+mDSyl2eluncp3w9sst9auCdWGSkZIZDrXs9PfpLsDGzqgus0
	Dwfa2Uo/p8sC4CLqOgpXafhrmX2fIwMIXtTZHagKI+OjVdmjjahOiKTHtsA5ww==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723379913;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yVMwIZN6vMtASX9MaGPMyAf2+MxZbz7d2QCmfFEJQbE=;
	b=M0gUhdPAEJzSQjE+6tmqq8ax8yjJPfTkyIjBKZ4fHs9dNPHPYQTvvMo9DNDZZWf2A8i2ta
	0K0lR0BEnG8ODn0WyIijraR9A1oQ2YlkVZsJTyRrvjOCL0vAv4h+GCPhaKkhZMFv2q3raj
	rMpmIqvbtEa2UOM2ayF/QUYC7cftbpEgjzCpbynl0FuIBZrj0zcdkhl0+UoeWq4kJV9vlO
	ct4qI8G+kT3wH0KTG7zvWaVgsf4yJ+/ybd8JVFs3knI7jdgqDmptuliUb8WgkS4AHlChFt
	IdC+3j5gC8EiYFfhH4yv31jzFmUOURQIfyjULRSt3Esu+nnIWDM93KH/qrXS0g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhcdP0JLnzkrv;
	Sun, 11 Aug 2024 12:38:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BCcWA3068593;
	Sun, 11 Aug 2024 12:38:32 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BCcWox068590;
	Sun, 11 Aug 2024 12:38:32 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 12:38:32 GMT
Message-Id: <202408111238.47BCcWox068590@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Dmitry Morozovsky <marck@FreeBSD.org>
Subject: git: c576a4c57d96 - stable/13 - mailer.conf for sendmail:
  remove duplicate word.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: marck
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c576a4c57d961e9c463e6c5946d33ef96a5e8093
Auto-Submitted: auto-generated

The branch stable/13 has been updated by marck:

URL: https://cgit.FreeBSD.org/src/commit/?id=c576a4c57d961e9c463e6c5946d33ef96a5e8093

commit c576a4c57d961e9c463e6c5946d33ef96a5e8093
Author:     Dmitry Morozovsky <marck@FreeBSD.org>
AuthorDate: 2024-08-07 14:03:12 +0000
Commit:     Dmitry Morozovsky <marck@FreeBSD.org>
CommitDate: 2024-08-11 12:36:30 +0000

    mailer.conf for sendmail: remove duplicate word.
    
    MFC after:      3 days
    
    (cherry picked from commit 2c2916a3ec3805ff7815633c0bf90c4339016821)
---
 etc/mail/mailer.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/mail/mailer.conf b/etc/mail/mailer.conf
index 7947855fd2f7..f86403a9a68b 100644
--- a/etc/mail/mailer.conf
+++ b/etc/mail/mailer.conf
@@ -1,7 +1,7 @@
 #
 # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
 #
-# If dma(8) is installed, an example mailer.conf that uses dma(8) instead can
+# If dma(8) is installed, an example mailer.conf that uses dma(8) instead
 # can be found in /usr/share/examples/dma.
 #
 sendmail	/usr/libexec/sendmail/sendmail

From nobody Sun Aug 11 19:29:44 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Whnlr6tWkz5TTpt;
	Sun, 11 Aug 2024 19:29:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Whnlr5jYzz4XGk;
	Sun, 11 Aug 2024 19:29:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723404584;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N/d9GmOjMWne8F7EUreToov7vVUUJKRwhbSpiFxECTo=;
	b=CqHjKnCBIeoavk3PCB8aj6LnZDDOUoA40bW8W+P89C3vJzuv3u90rYeBkwDfdUMhgaCrtw
	pQbEq2f7+wHAQBka0v5VZ7NO+lDC0d6PLOvywdJZGdwtC6bPSerHjjWxUNVmmGWI8ML3Db
	WYNGT+MvL77B/1a6XBaXeXHxMFQdrLNbHMvtQ0yh7qokhki1TcsoDpQs45HWqrpbARgGG/
	gnipJPO+TUZTaly79RZTK5ipa68V87X63HdqghWaW/3l7KJrhA2lIekPYtjq7b2ot8cDnb
	FTB1PtEFESc9uQ2IIfvKEcStNajCB2srHvwDEnxGmF479rI+N8n2l/yXROjQQA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723404584; a=rsa-sha256; cv=none;
	b=niSrRw/o4uUHi2I6zeJPMKd6UD5/55GY6Bsk9qEFOKfZGMzrXxTtBwaKc2ddViA3fkyU++
	6A6u1hh8qkotAG+xUcHoP1tkhVVL28ZvxsL7XMWC7jjfB+Aen4kMWFjdJablsbPHBCBJKo
	N2Wt/LWpuevCQD0OFgz/EicdWfZCr0ODJ1MURPYymn7e1AbpSLv5Ls9TwJjVYzQviobjSq
	xHN2CB9QgILP9ck4ErDqp2QUjNMOYsNRL5K+yyF8bX/DUwuFcv0wZiix6TsOB+F0KHvxua
	/9UkT8zYjYFQli8o9llabbiErQgXzIJKwp+bzLxSfnvwvrpp8+BRP3qN5Tohiw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723404584;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=N/d9GmOjMWne8F7EUreToov7vVUUJKRwhbSpiFxECTo=;
	b=r2Dd/ZHFLo8BVrflXBjIY65CUepuktsSpPXkduImt9tBySb3aOW6xXrvuWImNT3mm1MTwf
	rnsV1SjcdT3KXyR4JnRAmpRYsarKGwO55yNnwIlSA3r5fpC/SxnhS0NkY0bXgMV25CQ99n
	pvHu1r+y89Rcx+btfJ0uDVaMR5xusw2pw68rADQhNX04AoGGq7pRszOwlnWOQqoKG6LrRq
	fVLxD0kwIJ7QTZ8UDC/0kYUpZyKcufl3I7n4xlV1B6i5iBrKkvA6FBfIxn3PSxTH4YBKmL
	QbQiEDhTKGx1qD+FRLrO8uXRio+/ga9I2ZnQYPzE0MQtCE5geM+sQZQJK4rLIQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Whnlr5CgBzwRJ;
	Sun, 11 Aug 2024 19:29:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BJTiR6061534;
	Sun, 11 Aug 2024 19:29:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BJTiCN061531;
	Sun, 11 Aug 2024 19:29:44 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 19:29:44 GMT
Message-Id: <202408111929.47BJTiCN061531@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Zhilin <mizhka@FreeBSD.org>
Subject: git: 6b6eebd39d5a - stable/14 - usr.sbin/gstat: add
  microsecond precision for disk latency
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mizhka
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 6b6eebd39d5a30b43a2d279e029734003688d68b
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mizhka:

URL: https://cgit.FreeBSD.org/src/commit/?id=6b6eebd39d5a30b43a2d279e029734003688d68b

commit 6b6eebd39d5a30b43a2d279e029734003688d68b
Author:     Michael Zhilin <mizhka@FreeBSD.org>
AuthorDate: 2024-08-04 08:31:06 +0000
Commit:     Michael Zhilin <mizhka@FreeBSD.org>
CommitDate: 2024-08-11 19:29:11 +0000

    usr.sbin/gstat: add microsecond precision for disk latency
    
    This patch makes gstat to show latency in microseconds if actual latency
    is less than 1ms. It affects only "ms/r" and "ms/w" columns.
    
    Before patch:
     L(q)  ops/s    r/s   kBps   ms/r    w/s   kBps   ms/w   %busy Name
        0    922      0      0    0.0    922  35809    0.0    2.8| nda0
        0    928      2     34    0.1    926  35809    0.0    3.1| nda1
    
    After patch:
     L(q)  ops/s    r/s   kBps   ms/r    w/s   kBps   ms/w   %busy Name
        0    496      1     31  0.156    495  16020  0.040    1.5| nda0
        0    492      0      0  0.000    492  16020  0.042    1.5| nda1
    
    Reviewed by:    imp
    Sponsored by:   Postgres Professional
    Differential Revision:  https://reviews.freebsd.org/D41999
    
    (cherry picked from commit d471b4f71dd3b09ada5bf58912dfb1266dd47750)
---
 usr.sbin/gstat/gstat.c | 36 ++++++++++++++++++++++++++++--------
 1 file changed, 28 insertions(+), 8 deletions(-)

diff --git a/usr.sbin/gstat/gstat.c b/usr.sbin/gstat/gstat.c
index b99b750eb253..887ae9dbee16 100644
--- a/usr.sbin/gstat/gstat.c
+++ b/usr.sbin/gstat/gstat.c
@@ -406,16 +406,20 @@ main(int argc, char **argv)
 				PRINTMSG(",%.0f", (double)ld[2] * 1024);
 				if (ld[3] > 1e3) 
 					PRINTMSG(",%.0f", (double)ld[3]);
-				else
+				else if (ld[3] > 1e0)
 					PRINTMSG(",%.1f", (double)ld[3]);
+				else
+					PRINTMSG(",%.3f", (double)ld[3]);
 				PRINTMSG(",%.0f", (double)ld[4]);
 				if (flag_s)
 					PRINTMSG(",%.0f", (double)ld[14]);
 				PRINTMSG(",%.0f", (double)ld[5] * 1024);
 				if (ld[6] > 1e3) 
 					PRINTMSG(",%.0f", (double)ld[6]);
-				else
+				else if (ld[6] > 1e0)
 					PRINTMSG(",%.1f", (double)ld[6]);
+				else
+					PRINTMSG(",%.3f", (double)ld[6]);
 
 				if (flag_d) {
 					PRINTMSG(",%.0f", (double)ld[8]);
@@ -426,9 +430,12 @@ main(int argc, char **argv)
 					if (ld[10] > 1e3) 
 						PRINTMSG(",%.0f",
 								(double)ld[10]);
-					else
+					else if (ld[10] > 1e0)
 						PRINTMSG(",%.1f",
 								(double)ld[10]);
+					else
+						PRINTMSG(",%.3f",
+								(double)ld[10]);
 				}
 
 				if (flag_o) {
@@ -436,8 +443,11 @@ main(int argc, char **argv)
 					if (ld[12] > 1e3) 
 						PRINTMSG(",%.0f",
 								(double)ld[12]);
+					else if (ld[12] > 1e0)
+						PRINTMSG(",%.1f",
+								(double)ld[12]);
 					else
-						PRINTMSG(",%.1f", 
+						PRINTMSG(",%.3f",
 								(double)ld[12]);
 				}
 				PRINTMSG(",%.1lf", (double)ld[7]);
@@ -450,16 +460,20 @@ main(int argc, char **argv)
 				PRINTMSG(" %6.0f", (double)ld[2] * 1024);
 				if (ld[3] > 1e3) 
 					PRINTMSG(" %6.0f", (double)ld[3]);
-				else
+				else if (ld[3] > 1e0)
 					PRINTMSG(" %6.1f", (double)ld[3]);
+				else
+					PRINTMSG(" %6.3f", (double)ld[3]);
 				PRINTMSG(" %6.0f", (double)ld[4]);
 				if (flag_s)
 					PRINTMSG(" %6.0f", (double)ld[14]);
 				PRINTMSG(" %6.0f", (double)ld[5] * 1024);
 				if (ld[6] > 1e3) 
 					PRINTMSG(" %6.0f", (double)ld[6]);
-				else
+				else if (ld[6] > 1e0)
 					PRINTMSG(" %6.1f", (double)ld[6]);
+				else
+					PRINTMSG(" %6.3f", (double)ld[6]);
 
 				if (flag_d) {
 					PRINTMSG(" %6.0f", (double)ld[8]);
@@ -471,9 +485,12 @@ main(int argc, char **argv)
 					if (ld[10] > 1e3) 
 						PRINTMSG(" %6.0f",
 								(double)ld[10]);
-					else
+					else if (ld[10] > 1e0)
 						PRINTMSG(" %6.1f",
 								(double)ld[10]);
+					else
+						PRINTMSG(" %6.3f",
+								(double)ld[10]);
 				}
 
 				if (flag_o) {
@@ -481,8 +498,11 @@ main(int argc, char **argv)
 					if (ld[12] > 1e3) 
 						PRINTMSG(" %6.0f",
 								(double)ld[12]);
+					else if (ld[12] > 1e0)
+						PRINTMSG(" %6.1f",
+								(double)ld[12]);
 					else
-						PRINTMSG(" %6.1f", 
+						PRINTMSG(" %6.3f",
 								(double)ld[12]);
 				}
 

From nobody Sun Aug 11 19:31:31 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Whnnw0kMpz5TVLQ;
	Sun, 11 Aug 2024 19:31:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Whnnv3mw2z4Xvh;
	Sun, 11 Aug 2024 19:31:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723404691;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JsyQx3OIQT4+HOnSZkjnYodW92HOZcfO8EutI1Z1ajw=;
	b=efs0u8rY61jGakFyAPV+xiuZ6y6y47Yauh0TzF8GfuZGxrONEe6Oexq6gQuvTNZD3T6mBP
	swsrS+FzcKKCryDGu2LKrgXvOB3TUuzTv/eM+mJUDNnfSInGMMHVqRlq7OgTO7zIBfDQls
	DnyijdbxS4e0CW4lCSgfRkE1XwS/H4M1ImqKSlDR3SV93wifbeAiP/FMju+w46BKsZUYQk
	BDPNmSkXQo7CVIDloCXFL/yAJIl1wn1drj37sunMRJnHgF/2PmOsgkq5cnK6+12RKcM0eI
	Z7Zg/dvZbldqnI2VGFGTSh05sQ3ymtvHks8SeYz4FiNbFiSATkcNJVKTiGY1+w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723404691; a=rsa-sha256; cv=none;
	b=LLPpaUszh96eb/1976L9j0KhqWtvpnK+2ZKQrA0T899Xr8c/dXTF98wl0N/LB0r72aRcr/
	KfApm9HixfKso3zwUu8EFjbh4RM9XrM3bZmWwvf47j1ehI8hD3hlkGi5eCEt/r+oTWubSa
	Dn4OUJPn0MlqcfcvrII+SUBoZLIQseLmhWNpif3410huJAuH6bE+LK/Xhv0Zhlwx0ZsnXZ
	ExJEb6Jm2NK89cfhIJa3MajVXuGRruN9gxvmq2u6aE98Iik1E8xDhvcHC4GxR9nGk+StNa
	IRg7I+wJDRv1GRKeKcQ6VquBLV2ABUbO/fX904aeMJcHEq/rQKD938ZOf6oqWA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723404691;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JsyQx3OIQT4+HOnSZkjnYodW92HOZcfO8EutI1Z1ajw=;
	b=ib9u19utL3pi/z/DiflBG37h4IZwJBTrIUeolA/vqneoALM5WlI6+LNyI6Xdu9u/LR5Szt
	Qb073EvcK+QEs9mFJRgGXQ47MhbrCFZKSmNjBLasCahELww/4KEoPmVexBJyC8/CuSl+f4
	EcdGFjQdflq+C4zbkYFu6UDiTpt7UkYu03Y98Ots8ZcFLwdgkTVnhSA3wj5f/V8Ar5YXQs
	RgAG47wEtKgjwFDqctS5eiBoPtSD96AFavUsU03nwmCYx7bnH05MxqtIL7fYDbavCFLQ5V
	HKSk1IvOXj7yccBYoPhWCcvU4KCIXVBpWZymAnkcgNx9R/+vQAxuS9at5mAc9Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Whnnv3NTHzwZb;
	Sun, 11 Aug 2024 19:31:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BJVVvT072531;
	Sun, 11 Aug 2024 19:31:31 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BJVVT0072528;
	Sun, 11 Aug 2024 19:31:31 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 19:31:31 GMT
Message-Id: <202408111931.47BJVVT0072528@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Michael Zhilin <mizhka@FreeBSD.org>
Subject: git: d81b0f5e43f0 - stable/13 - usr.sbin/gstat: add
  microsecond precision for disk latency
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mizhka
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: d81b0f5e43f0778f8c44a2d5ef2ac211362d8dd0
Auto-Submitted: auto-generated

The branch stable/13 has been updated by mizhka:

URL: https://cgit.FreeBSD.org/src/commit/?id=d81b0f5e43f0778f8c44a2d5ef2ac211362d8dd0

commit d81b0f5e43f0778f8c44a2d5ef2ac211362d8dd0
Author:     Michael Zhilin <mizhka@FreeBSD.org>
AuthorDate: 2024-08-04 08:31:06 +0000
Commit:     Michael Zhilin <mizhka@FreeBSD.org>
CommitDate: 2024-08-11 19:31:13 +0000

    usr.sbin/gstat: add microsecond precision for disk latency
    
    This patch makes gstat to show latency in microseconds if actual latency
    is less than 1ms. It affects only "ms/r" and "ms/w" columns.
    
    Before patch:
     L(q)  ops/s    r/s   kBps   ms/r    w/s   kBps   ms/w   %busy Name
        0    922      0      0    0.0    922  35809    0.0    2.8| nda0
        0    928      2     34    0.1    926  35809    0.0    3.1| nda1
    
    After patch:
     L(q)  ops/s    r/s   kBps   ms/r    w/s   kBps   ms/w   %busy Name
        0    496      1     31  0.156    495  16020  0.040    1.5| nda0
        0    492      0      0  0.000    492  16020  0.042    1.5| nda1
    
    Reviewed by:    imp
    Sponsored by:   Postgres Professional
    Differential Revision:  https://reviews.freebsd.org/D41999
    
    (cherry picked from commit d471b4f71dd3b09ada5bf58912dfb1266dd47750)
---
 usr.sbin/gstat/gstat.c | 36 ++++++++++++++++++++++++++++--------
 1 file changed, 28 insertions(+), 8 deletions(-)

diff --git a/usr.sbin/gstat/gstat.c b/usr.sbin/gstat/gstat.c
index 37ca7b18c373..8aee21c6f4f3 100644
--- a/usr.sbin/gstat/gstat.c
+++ b/usr.sbin/gstat/gstat.c
@@ -406,16 +406,20 @@ main(int argc, char **argv)
 				PRINTMSG(",%.0f", (double)ld[2] * 1024);
 				if (ld[3] > 1e3) 
 					PRINTMSG(",%.0f", (double)ld[3]);
-				else
+				else if (ld[3] > 1e0)
 					PRINTMSG(",%.1f", (double)ld[3]);
+				else
+					PRINTMSG(",%.3f", (double)ld[3]);
 				PRINTMSG(",%.0f", (double)ld[4]);
 				if (flag_s)
 					PRINTMSG(",%.0f", (double)ld[14]);
 				PRINTMSG(",%.0f", (double)ld[5] * 1024);
 				if (ld[6] > 1e3) 
 					PRINTMSG(",%.0f", (double)ld[6]);
-				else
+				else if (ld[6] > 1e0)
 					PRINTMSG(",%.1f", (double)ld[6]);
+				else
+					PRINTMSG(",%.3f", (double)ld[6]);
 
 				if (flag_d) {
 					PRINTMSG(",%.0f", (double)ld[8]);
@@ -426,9 +430,12 @@ main(int argc, char **argv)
 					if (ld[10] > 1e3) 
 						PRINTMSG(",%.0f",
 								(double)ld[10]);
-					else
+					else if (ld[10] > 1e0)
 						PRINTMSG(",%.1f",
 								(double)ld[10]);
+					else
+						PRINTMSG(",%.3f",
+								(double)ld[10]);
 				}
 
 				if (flag_o) {
@@ -436,8 +443,11 @@ main(int argc, char **argv)
 					if (ld[12] > 1e3) 
 						PRINTMSG(",%.0f",
 								(double)ld[12]);
+					else if (ld[12] > 1e0)
+						PRINTMSG(",%.1f",
+								(double)ld[12]);
 					else
-						PRINTMSG(",%.1f", 
+						PRINTMSG(",%.3f",
 								(double)ld[12]);
 				}
 				PRINTMSG(",%.1lf", (double)ld[7]);
@@ -450,16 +460,20 @@ main(int argc, char **argv)
 				PRINTMSG(" %6.0f", (double)ld[2] * 1024);
 				if (ld[3] > 1e3) 
 					PRINTMSG(" %6.0f", (double)ld[3]);
-				else
+				else if (ld[3] > 1e0)
 					PRINTMSG(" %6.1f", (double)ld[3]);
+				else
+					PRINTMSG(" %6.3f", (double)ld[3]);
 				PRINTMSG(" %6.0f", (double)ld[4]);
 				if (flag_s)
 					PRINTMSG(" %6.0f", (double)ld[14]);
 				PRINTMSG(" %6.0f", (double)ld[5] * 1024);
 				if (ld[6] > 1e3) 
 					PRINTMSG(" %6.0f", (double)ld[6]);
-				else
+				else if (ld[6] > 1e0)
 					PRINTMSG(" %6.1f", (double)ld[6]);
+				else
+					PRINTMSG(" %6.3f", (double)ld[6]);
 
 				if (flag_d) {
 					PRINTMSG(" %6.0f", (double)ld[8]);
@@ -471,9 +485,12 @@ main(int argc, char **argv)
 					if (ld[10] > 1e3) 
 						PRINTMSG(" %6.0f",
 								(double)ld[10]);
-					else
+					else if (ld[10] > 1e0)
 						PRINTMSG(" %6.1f",
 								(double)ld[10]);
+					else
+						PRINTMSG(" %6.3f",
+								(double)ld[10]);
 				}
 
 				if (flag_o) {
@@ -481,8 +498,11 @@ main(int argc, char **argv)
 					if (ld[12] > 1e3) 
 						PRINTMSG(" %6.0f",
 								(double)ld[12]);
+					else if (ld[12] > 1e0)
+						PRINTMSG(" %6.1f",
+								(double)ld[12]);
 					else
-						PRINTMSG(" %6.1f", 
+						PRINTMSG(" %6.3f",
 								(double)ld[12]);
 				}
 

From nobody Sun Aug 11 23:03:02 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtTy2YsLz5SR7Y;
	Sun, 11 Aug 2024 23:03:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtTy20C0z442Q;
	Sun, 11 Aug 2024 23:03:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417382;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9GVuwnhLZZjMIN1pNaR0+xyujIgVe44uyetBOAerMcM=;
	b=xbX6KSf22fYOet81FH/A4fw4l6akgPao5SsYLYVMpoJ7ezvyBGGa6FbebBcj7x5A3GDoGJ
	Qo4eG6hBSyRQGfZf1Wt4xLwNCmGL+7VpeMPE4mdBBcdpj4pDtzSAlyUTz5cDc2S7NexTxj
	EL3EEj+jIsvHw1/bTWN/+Sy/M88snH63A0g5TJfTU38jBPCrpkaX3KXQTmG/tQH+Cdjcqh
	Mqu1G1QEVpL05ZlviENC/MlFtxSTv6lK/z7fMHiCrMvvPYSpCgc5EIcgDSiNKs+/2VdTyI
	OBBN7mBHwLK3SkUB33wl4SUOWJq2xVq97b4GlAS3JxT10oYgWFzSRlqjLM+mBA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417382; a=rsa-sha256; cv=none;
	b=kspoUgy8pxfzrHidlxlSm9n4gOwx0MYaawRqKmefOnWHNZR+Ylgs5fXtIfbsHyevxT7XrC
	OXC2DbqeD853tAu27C7d98qanSA/WNRexhheJZE5cqhbd1GC5M2MNjixfH/EAr5ZFjME63
	SB7sUPpfKF2X+aDyEwWHcwVjBos4DuQQlzjxzreTya/E0oa8Ybw2qjrHNw65FSSoIcxL5c
	IqrVeNxlSdbYjiWtUJ2EgdUqb/vSyjwDRqz/b8iqa/Q3dWp6F/hRzNq8U6cBu+PQQseGxU
	om/ZNRhk8Jsl6pnGpgOa7s36F5lnxTptJcQqrn6SXlyOKu0ZT/HI1rL4heoHjA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417382;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9GVuwnhLZZjMIN1pNaR0+xyujIgVe44uyetBOAerMcM=;
	b=U2SpDZmP8dyQs7GR8Q/7qfa47ARN9HPfhB5b/+8HokexHkP0hkzFQy7Xj0htxdbk9hErMx
	hCOa6gJo5yDjk1X3NfatB79dISLM8aIFxlFsstC/vVk9uPToLzJ2OC9MU6aBalIVAjv2PY
	RS3SflLqiwt1q0Ynn8jeS3dF3RrNCnzLrcvqJ8lugvUmQui9mo2OJOY/xJCLxD7fBeTGDD
	iqLA3IsNxn3xdHLTLNp8ZcpmrgqOdE7xT3J5SfuZuugFrOTd/M7tVs81Yi2xjEPOQP4ity
	ZyM5afv0KnjVd2/HTR1pYit4LDrDuF98AvjDI0aeip3XEll2rz5Wug2R6zRfow==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtTy1cJkz133N;
	Sun, 11 Aug 2024 23:03:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN3211032256;
	Sun, 11 Aug 2024 23:03:02 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN32ha032253;
	Sun, 11 Aug 2024 23:03:02 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:03:02 GMT
Message-Id: <202408112303.47BN32ha032253@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 6fb0634bc4ce - stable/14 - linuxkpi: use canonical
  tests for is_{zero,broadcast}_ether_addr
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 6fb0634bc4ce5fe32312a53031e56fe866b0b24d
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=6fb0634bc4ce5fe32312a53031e56fe866b0b24d

commit 6fb0634bc4ce5fe32312a53031e56fe866b0b24d
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-08 00:00:00 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:01:51 +0000

    linuxkpi: use canonical tests for is_{zero,broadcast}_ether_addr
    
    They are functionally equivalent, but the updated form mirrors the tests
    in sys/net/ethernet.h and avoids confusion.
    
    Reviewed by:    kib
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D21037
    
    (cherry picked from commit a1295b24842d209e6bf93a4823193d56ad2db064)
---
 sys/compat/linuxkpi/common/include/linux/etherdevice.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/etherdevice.h b/sys/compat/linuxkpi/common/include/linux/etherdevice.h
index 89cd4c8e0ba0..5d3df744ae0e 100644
--- a/sys/compat/linuxkpi/common/include/linux/etherdevice.h
+++ b/sys/compat/linuxkpi/common/include/linux/etherdevice.h
@@ -53,7 +53,8 @@ struct ethtool_modinfo {
 static inline bool
 is_zero_ether_addr(const u8 * addr)
 {
-	return ((addr[0] + addr[1] + addr[2] + addr[3] + addr[4] + addr[5]) == 0x00);
+	return ((addr[0] | addr[1] | addr[2] | addr[3] | addr[4] | addr[5]) ==
+	    0x00);
 }
 
 static inline bool
@@ -65,7 +66,8 @@ is_multicast_ether_addr(const u8 * addr)
 static inline bool
 is_broadcast_ether_addr(const u8 * addr)
 {
-	return ((addr[0] + addr[1] + addr[2] + addr[3] + addr[4] + addr[5]) == (6 * 0xff));
+	return ((addr[0] & addr[1] & addr[2] & addr[3] & addr[4] & addr[5]) ==
+	    0xff);
 }
 
 static inline bool

From nobody Sun Aug 11 23:03:03 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtTz3qkYz5SR7Z;
	Sun, 11 Aug 2024 23:03:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtTz3JgBz44J2;
	Sun, 11 Aug 2024 23:03:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417383;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9o0Xg7GEOl60DZAyFoHU1IbVicRZHC1JP2n60lMhkFQ=;
	b=uNUMp2CPovXfUwscUyjdIaVxFPmRO797Pt8ZFvhe6JKsgZAHz1Lmt7uy0dNq1CfbeDbGfM
	Xtjmw94opclyE9kYuwVchwbGYV4qu5FGrtBPwqYfLTFLwiA3gJNEZL0FQm2xxfQOd8sOyV
	eYw/RDjxZuhS+cbg8AKLlp0Lr9vcGQvd1wDG7+sGu2rFMjGSxqdQBY5vDc7NZQR4RNZz+7
	JolJqg5RJVp35aDS8olzPGkVXdjLBYCOMy55TPR2Cq+abyjPiabRBbDw4AQSlGyUeCKh9s
	dkTnSsvmjHmDe9IvZtjaqRX4kjAj6hG8BYEFbFjX51IVJHWWGyBaHOCsFiD6yA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417383; a=rsa-sha256; cv=none;
	b=ANpS74Jv6vLkGmgjxO3TEzfE90MnPmHy+WuHhGLh7czNPfzq1ZB3xA8FDc/YUnhji2WIR5
	tI4OfQHweWO6FzLrGEoZ2TGHD5F3+/SsmdBTkR6lSSu4ngILquK/OPe8dAm0UbZxd24ZZ+
	UoWeiZIts3Ips7BwHc+StIavl/iX8YJXUR+tiCPKYfUUUZvwRm/xl0zeomekyrnEkiLAsc
	5OctpnR+rCWPmFw6frNkCt46/ThzAyzVf2lmZn634O46w5x5RhuqYmU6cbbcQSkLm/WL2t
	sB+lZ4tuWPowXVIrHUoJYySuJPlPNxUqETiNQrT9LiDhOH+sLkDQdJJw5DbhqQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417383;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9o0Xg7GEOl60DZAyFoHU1IbVicRZHC1JP2n60lMhkFQ=;
	b=oAM7WttQPL2IcdRboffZu0Wa2lwbYun2JaND4qZmPYm2XyU175HjNgYfs7w9rXtlb4RYh+
	VTudnLix2yv5I8PyM2tyRGqX5uboJUWQv+aFCsL5gLETQ3GP7Ror6qYo+sdHXe64zEm/y6
	odIBZxLBYGYDvbkjaESMnIFwcL8w6nb3eLdfMAqk0caqfjKFql3kJ7SUDGEuVOFwON77TD
	on0I7+BApkdW1ct+xnC54W9kqRp61zNPFH1sza7aRJsAmHZKLO/b2kKgYkPv7OV+qZMw98
	X9Os5kdFKLaofmbItjxGENQwBZvuvMqqq2CEvRIrtyU/KaIRGAGtVTDf9WsoCg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtTz2w7hz133P;
	Sun, 11 Aug 2024 23:03:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN33mA032295;
	Sun, 11 Aug 2024 23:03:03 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN33sO032292;
	Sun, 11 Aug 2024 23:03:03 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:03:03 GMT
Message-Id: <202408112303.47BN33sO032292@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: cbbc8d67301c - stable/14 - pipe: keep uio_iovcnt
  consistent
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: cbbc8d67301c650dd683566d44ff554993556224
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=cbbc8d67301c650dd683566d44ff554993556224

commit cbbc8d67301c650dd683566d44ff554993556224
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-07-17 14:33:53 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:01:52 +0000

    pipe: keep uio_iovcnt consistent
    
    In pipe_build_write_buffer we increment uio_iov but did not update
    uio_iovcnt.  This would not cause an OOB read (thanks to to uio_resid)
    but is inconsistent and could be an issue if other code changes are made
    in the future.
    
    Reported by:    Synacktiv
    Reviewed by:    jhb, markj, brooks
    Sponsored by:   The Alpha-Omega Project
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D45999
    
    (cherry picked from commit d8ff42e816848a0d4a427755b46b8560cb86ebc8)
---
 sys/kern/sys_pipe.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c
index 1c8d72f70a92..4c6f010a03f6 100644
--- a/sys/kern/sys_pipe.c
+++ b/sys/kern/sys_pipe.c
@@ -942,8 +942,10 @@ pipe_build_write_buffer(struct pipe *wpipe, struct uio *uio)
 
 	uio->uio_iov->iov_len -= size;
 	uio->uio_iov->iov_base = (char *)uio->uio_iov->iov_base + size;
-	if (uio->uio_iov->iov_len == 0)
+	if (uio->uio_iov->iov_len == 0) {
 		uio->uio_iov++;
+		uio->uio_iovcnt--;
+	}
 	uio->uio_resid -= size;
 	uio->uio_offset += size;
 	return (0);

From nobody Sun Aug 11 23:03:04 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtV06T0Sz5SQrp;
	Sun, 11 Aug 2024 23:03:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtV05HP3z44GM;
	Sun, 11 Aug 2024 23:03:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417384;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=07Z/dAdKKlx1Ha3FjqbxuPKrJD8QQEENFLbQrgBZFCE=;
	b=vBRQmqUtWjx2HxyUwTWBVr8wK/zSD7Un549rokyfk72jfeGV3mEGdTnSLeTqCqKe/3NIOu
	JzKVY8C0LaABC1ZUN50p5ZxV+Hll2yHC5MGH4tI3dlCDQZhxQXOo3/FK+wn+/iVmwowClx
	X6oidCxducoht1ALTrTHhh5geBTkolXdHjuahkSM5XUB956MXdJ0MxTbtp/ax3ylGXJpen
	1thQbInuBtD985l/oBtkhkN66nTDNidIsTI+urQgnpPUI/wF6RJvjOwV5m8ObJYcdR75g1
	9jpAmlsBLP/KigJoLgJ5HmLX9CeHMvOz13cJwrGReDZu92GV2wf4G3vfIfYjUQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417384; a=rsa-sha256; cv=none;
	b=SEeeW9kbCIM7lIQ+7z36BBbOdsXeOq6Ym4BK06ePrQrOa0bOCk8A6C1H16Al7/GKmGJPik
	K2cZydx/FO1gJ3nKTcYKVFLWs0tNE4fEYeg3qJzCtQjuSg8yziktNcjxHAZc0M6lrf9Dnd
	zkJXH2gS5NgptaqZDxAH8MLnT95jT59Yy3uuTDnLN3YFMnG1C51ASEtp7dcLY7cXhUauYH
	Ka1kLxTErzVLLQKjJ8jfph0nAgPgQQDXKMXhO2jlalcZ927a9edD+OEX7u6ARPizB3B1A3
	zILiWQnbbn6lFOsYZnFzLcURFJfPqLeyUcoXZF7G1yEEF761c7HhuEa52doT+Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417384;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=07Z/dAdKKlx1Ha3FjqbxuPKrJD8QQEENFLbQrgBZFCE=;
	b=b3FSq2t60Pz/z9tqMAhX/skixvP5tRidMB6VK6bFedB0yy6OypvvgN4X8xHSfK5LZGaQcT
	WsV1S/h+FNEiGvlWzbVthYESeVRLTifsh1bfG7YRjTCfIaJw//FNUUFEgUHcRWwBOvKXHh
	F/sSJjvq4yab7JFWY6CsmMbNNEXzfN4U/04zrMdZBLrNfq7kMqXUoJqu7oKfI1XFZHYPi7
	/qSWpRLzDfz3aE55CKWN4XJOzZ9qFWr9Bi0EHBLfXyiqaKNVh/UIFp7mRFJapID1U2NXoP
	Uj266O758BZvFkTopaAmi5x+86IM5/yj9BK7xwmshprWcWizewbTTtQ9mIoDmg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtV03wgBz13Mp;
	Sun, 11 Aug 2024 23:03:04 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN34lo032342;
	Sun, 11 Aug 2024 23:03:04 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN34rf032339;
	Sun, 11 Aug 2024 23:03:04 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:03:04 GMT
Message-Id: <202408112303.47BN34rf032339@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 6bf5c32ad8aa - stable/14 - acl_copyin: avoid returning
  uninitialized memory
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 6bf5c32ad8aa1f1602b3cefb0b5e5918db287335
Auto-Submitted: auto-generated

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=6bf5c32ad8aa1f1602b3cefb0b5e5918db287335

commit 6bf5c32ad8aa1f1602b3cefb0b5e5918db287335
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2024-07-25 12:44:17 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:01:52 +0000

    acl_copyin: avoid returning uninitialized memory
    
    acl_copyin did not validate the return value of acl_copy_oldacl_into_acl
    which could lead to uninitialized acl structure memory reads.
    
    Reported by:    Synacktiv
    Reviewed by:    markj, emaste
    Sponsored by:   The Alpha-Omega Project
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46125
    
    (cherry picked from commit 6ee6c7b146643170602091e8c330314e4ef47b42)
---
 sys/kern/vfs_acl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c
index a0d6fe1f463a..fb1fc27867dd 100644
--- a/sys/kern/vfs_acl.c
+++ b/sys/kern/vfs_acl.c
@@ -146,7 +146,7 @@ acl_copyin(const void *user_acl, struct acl *kernel_acl, acl_type_t type)
 		error = copyin(user_acl, &old, sizeof(old));
 		if (error != 0)
 			break;
-		acl_copy_oldacl_into_acl(&old, kernel_acl);
+		error = acl_copy_oldacl_into_acl(&old, kernel_acl);
 		break;
 
 	default:

From nobody Sun Aug 11 23:04:20 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtWS4ychz5SRV9;
	Sun, 11 Aug 2024 23:04:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtWS4QyCz44mq;
	Sun, 11 Aug 2024 23:04:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417460;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=IwP7RZtcbfX+0RBuLiDe1wYoLzxOUM63dByB30ztcLo=;
	b=tVD/0wqM/ybwsEg+4aIjQwPQ49N67tjdVPyrm2ThC6ZP2TnBLZlIbv4vnlc60h3p+7XD29
	XhZV1Ck0gx94axdyf47foPtW/KWv2CRW6TsOQz8ueZ5zoXogVq34N9qSi6ZVzfbO270k5h
	AItagrwKvyIKOpGr/+PykgVciNGWLcuS0b3xf6zMeXuB4Po0JoM30tyeAOVY8MsEdFdPb6
	rsy3bgkkRwAdEqjMi5p5gL30O9XmESTLpEIbm+U1BgunCHUjwXWK4e3w0PfewSwE2VucsH
	26MttbFgbBOouXddhDg0w7UHGFf4ixRLbDHnEqLQ9MQXja7UmGXukfWZW/VlbQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417460; a=rsa-sha256; cv=none;
	b=WSn+tBS6LgCHKsXdj0Hrtoz35zHVM0RcjfWmt2aiLkHCoGXIjZr/iGHug00Tyo3fQqYR4I
	kXE9OpTMIuZqh070yyOSn2JuRQQBu7csLtkyZhDYOJMokY1GsoBakrbJeDkNCe6UZ6eyq9
	WiGUMVlOcWCZlQ0m2z/JlWkvDyvpv8DRfUrq9kY6o6Ap0FUNDHKedqytzXVHmZWK3+LscD
	9BkzjFDpmhYxcozl0IV01a0UF5+6HtNZf4WSNS1Lx+aPbtuMete1GeQDx0RS6jm45TyTA6
	1gXUZ2PAgBq5DBjtYywL8r0Aq3tYkW1O3GOP6PH/Y/7sg3DdBxYE2cB6nrDMfg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417460;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=IwP7RZtcbfX+0RBuLiDe1wYoLzxOUM63dByB30ztcLo=;
	b=IW4+K7gK/aEx2Rdiv5frnmDS1sK2Dk9DkXC8yb4/r8L6S8oetqsd9PLvccy3lfzx8wgl7l
	gT5If1rb6Ui/eZxPl3bcSM0COuM/YjJXss1HrPKqsv+iL4DXXhs1Ig/48F4e7EFXoYRYpS
	ZL/tPvm/PSIHX6WouEwKPhDDC+FrF5HPC2wvfF1Oef8rpOU5VatfNA5l+ZIgDHjeUmS3fb
	i5unD7fOo1fPX/V2on9A8TOBk3/fT+W4KZCky7ovPY5t8a65SafNbV0xTEoR8GSZ9V3lp+
	rHmBKLNVgUDBmtAs2ndb7Bz5+jT3vauVB2BDcysis90EBQG9vBQYR0mw/htsdg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtWS3zdCz13HB;
	Sun, 11 Aug 2024 23:04:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN4K2Y032627;
	Sun, 11 Aug 2024 23:04:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN4Ka4032624;
	Sun, 11 Aug 2024 23:04:20 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:04:20 GMT
Message-Id: <202408112304.47BN4Ka4032624@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: f8a439c53840 - stable/13 - linuxkpi: use canonical
  tests for is_{zero,broadcast}_ether_addr
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f8a439c538400f6ca67cbff71b98c29320a2ebf6
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=f8a439c538400f6ca67cbff71b98c29320a2ebf6

commit f8a439c538400f6ca67cbff71b98c29320a2ebf6
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-08-08 00:00:00 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:03:42 +0000

    linuxkpi: use canonical tests for is_{zero,broadcast}_ether_addr
    
    They are functionally equivalent, but the updated form mirrors the tests
    in sys/net/ethernet.h and avoids confusion.
    
    Reviewed by:    kib
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D21037
    
    (cherry picked from commit a1295b24842d209e6bf93a4823193d56ad2db064)
    (cherry picked from commit 6fb0634bc4ce5fe32312a53031e56fe866b0b24d)
---
 sys/compat/linuxkpi/common/include/linux/etherdevice.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/etherdevice.h b/sys/compat/linuxkpi/common/include/linux/etherdevice.h
index 89cd4c8e0ba0..5d3df744ae0e 100644
--- a/sys/compat/linuxkpi/common/include/linux/etherdevice.h
+++ b/sys/compat/linuxkpi/common/include/linux/etherdevice.h
@@ -53,7 +53,8 @@ struct ethtool_modinfo {
 static inline bool
 is_zero_ether_addr(const u8 * addr)
 {
-	return ((addr[0] + addr[1] + addr[2] + addr[3] + addr[4] + addr[5]) == 0x00);
+	return ((addr[0] | addr[1] | addr[2] | addr[3] | addr[4] | addr[5]) ==
+	    0x00);
 }
 
 static inline bool
@@ -65,7 +66,8 @@ is_multicast_ether_addr(const u8 * addr)
 static inline bool
 is_broadcast_ether_addr(const u8 * addr)
 {
-	return ((addr[0] + addr[1] + addr[2] + addr[3] + addr[4] + addr[5]) == (6 * 0xff));
+	return ((addr[0] & addr[1] & addr[2] & addr[3] & addr[4] & addr[5]) ==
+	    0xff);
 }
 
 static inline bool

From nobody Sun Aug 11 23:04:21 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtWT5wb6z5SRPy;
	Sun, 11 Aug 2024 23:04:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtWT5N0hz44sR;
	Sun, 11 Aug 2024 23:04:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417461;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fjQDm0jkAHApXFkkuTAb7t31Ztqty8gfvuGS2TJuCHI=;
	b=yheMym7H8fyNtFZa34vcKyOhbdtO8G0mawAO2uhTZq6Vjr5YvRXiNGNkymu0urYvdHzxIF
	hz+5n3kPuBGUN+6IH5mHjIwYpLgPcdLPPQn1fhyqkkKQes6ACKC54HUdzlKBC5hiM5DnHG
	UTc+2w4y5z1Z/BJxbiNVsVc4q3Z1npfkA94WAeGtvTyeGbFOZDluHZp5LKf6xmhwl8std+
	LtKDJgYgPsGu5iqKSzE4fAJXMzShaGAPv4Dj5rD3txsrZYftyqTaz95VEbn26J3vVTKEtS
	IZhJIt0at7S+dZjcbhbVcQCbaWVNErME76QjWqpgQAnHYd2holfHRBhsrIk5Iw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417461; a=rsa-sha256; cv=none;
	b=yQGRRB+bXgJpoSn8q3wR/W9YNP4UQqCK+hCCPcFTf8FgSPjYzwdzpm4H2h/dwbN3PN+Mip
	T8udKWDjkySmYDjQA2D4zjy3pKoGmje1HXRKYNoA9ETzcz87QrwkHEixUbbrTSfKes5Fxy
	f55aqKm0+RLWlhHt2wdIpqpgvSjbCH3nqL4C/t9BTAxbYVuFFRqbJ7rDfgXPjov360TxJs
	520ylNZTrLEaVZN9Ih8UEVFoV8cms+z2VguD2aCNgzT2zSd/W1pp+Lxu85JB74bhdlqo8s
	zAEqdrNDhpcIwgpxeQ1LQUejt/q0nts2cyP9IKLdnIBCy/+xdHMB9YbjnE4OXA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417461;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fjQDm0jkAHApXFkkuTAb7t31Ztqty8gfvuGS2TJuCHI=;
	b=EfJDL/VzyCUA8Lv3vFvasy+MoX9/1rx3Fac3tjHQbvwvSz/bR9Ls4NC2HTxBNT63dfnKy8
	BKEo8v8r12C5vVqE8Kxley9a31hf7KqYrJUaqlxUANG5PEITLAta8sc+Jonv39cs2r3AaO
	N6I4LUtIzKUanH67jlH43BTikwjcjDDwAENJQFAjIjhk/e3a9fMUyrOgY2RLxvl4W+cNeM
	g2AsOD6BLgEvhhIjY6hfQyMTI1XKL8oYg4/51CXw7xp66nH1l2KxyeP8aDiZIOp+kmlYkr
	e8Kh98vvc0InMQ39B+lnzmj4ChmHrAGjfBzpyuUvrSZ4HNVhbbym6Kh2YOZH3A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtWT4wsjz12lk;
	Sun, 11 Aug 2024 23:04:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN4LYU032669;
	Sun, 11 Aug 2024 23:04:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN4LDC032666;
	Sun, 11 Aug 2024 23:04:21 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:04:21 GMT
Message-Id: <202408112304.47BN4LDC032666@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 0fb9da95f7cb - stable/13 - pipe: keep uio_iovcnt
  consistent
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0fb9da95f7cb1730fdf4308f9a12ff8a80c28c87
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=0fb9da95f7cb1730fdf4308f9a12ff8a80c28c87

commit 0fb9da95f7cb1730fdf4308f9a12ff8a80c28c87
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2024-07-17 14:33:53 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:03:42 +0000

    pipe: keep uio_iovcnt consistent
    
    In pipe_build_write_buffer we increment uio_iov but did not update
    uio_iovcnt.  This would not cause an OOB read (thanks to to uio_resid)
    but is inconsistent and could be an issue if other code changes are made
    in the future.
    
    Reported by:    Synacktiv
    Reviewed by:    jhb, markj, brooks
    Sponsored by:   The Alpha-Omega Project
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D45999
    
    (cherry picked from commit d8ff42e816848a0d4a427755b46b8560cb86ebc8)
    (cherry picked from commit cbbc8d67301c650dd683566d44ff554993556224)
---
 sys/kern/sys_pipe.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c
index 19f5f07d7523..dd1fd9b6d2a9 100644
--- a/sys/kern/sys_pipe.c
+++ b/sys/kern/sys_pipe.c
@@ -901,8 +901,10 @@ pipe_build_write_buffer(struct pipe *wpipe, struct uio *uio)
 
 	uio->uio_iov->iov_len -= size;
 	uio->uio_iov->iov_base = (char *)uio->uio_iov->iov_base + size;
-	if (uio->uio_iov->iov_len == 0)
+	if (uio->uio_iov->iov_len == 0) {
 		uio->uio_iov++;
+		uio->uio_iovcnt--;
+	}
 	uio->uio_resid -= size;
 	uio->uio_offset += size;
 	return (0);

From nobody Sun Aug 11 23:04:22 2024
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WhtWW0W5bz5SRVD;
	Sun, 11 Aug 2024 23:04:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WhtWV63m6z455Z;
	Sun, 11 Aug 2024 23:04:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1723417462;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=dct+IiGgiCtcMAiRSvEJ0mhAFFC5NA+pYSU4z9iJasQ=;
	b=V5y+Y8H5eCaLlU8Hlb35LtH6h7aFQqW1iNvpX6cv0YU2tdaHuCh9k6TkrIywIHrUDYNT0g
	ISODHItXHGM9BBomwKxr2CxYPHReUKCGpse5jdEhoVVADjkHOMRElIikJWx01xBHo9VrUq
	HFIO5tXTJqOEUXT91sQKAC7P9m67RA6IPZUfsLYN7tiIyxCOH0Wj7MHhZnRUia4Gwquxt8
	AxF6tzW650hTQfG7AtleYDi8O5BEZvC7runCYJGe9UF9+uNAJ+lfLC84wEpz9qe0G1woKv
	4z5BT2ymr/qGWebhYoC/V8kSJiafF+qwIrA0mEE2uils+mCcQCBgR1GfxCIxYA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723417462; a=rsa-sha256; cv=none;
	b=C7MxcE4rFEhPHKbG6tuX/uRxKlFI8iUKJJt48mOWh0YqQxk486i8XxDzmsGq7XfB/cPiyt
	ZKDxdWdYG37HzLpX/YRzmXZso2RS9E4Tw7XjUiJ1NcQbym29J5hdZyVy25A/o3np4UG8fh
	MAGlEzTnNecGJLUelbqJRB8hcMsAGJ/M38CnnRi7/aTLYlW2u1I3T13Poda+d0Yh4aEiN2
	vQa0leEfrQMW+JePH3u7P2msAteeUE3S900F5W9fnR4umyDdZLssAp5xMfWMzlRP85j5/e
	OiZil7KbRg3Uz5R23CFXhOvXJEwKjMYjnrkYi4d3RRql1+VAfhKraIPi+nuGiA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1723417462;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=dct+IiGgiCtcMAiRSvEJ0mhAFFC5NA+pYSU4z9iJasQ=;
	b=IPSYm0Vs303TjrLRt0z3ap1UzugyoetaDzFoRJxcQr1c5Fkn0+JNvNVLW4trwY3gjyFczl
	fP++26CHPCsR7q0tHVaOh9NYe2COsAXQc4h/vyy/Byhxw+1kp0Iwq72GU0XDlitCAJiauS
	Dg1UzxvMRxNR+nS1pEBcK60lsMiZ9x+Vf7LnrGlLZRmaw55Psz/jWeZd4VtIfRSW2ux/Dy
	ninSuaPBFdjcOEu37sZEV1adsVzSxml3Vt0Ebd47Odcfug2/I5KQxHfFFMDXmP01B7AMh3
	40jJi8mUKAyxe6sGUnrMz5oHCSXKWTDTBEFZs1jtDlzq4Fz6XDlKKoHFgENAzw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WhtWV5dwrz12x3;
	Sun, 11 Aug 2024 23:04:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47BN4M4H032711;
	Sun, 11 Aug 2024 23:04:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47BN4Mdm032708;
	Sun, 11 Aug 2024 23:04:22 GMT
	(envelope-from git)
Date: Sun, 11 Aug 2024 23:04:22 GMT
Message-Id: <202408112304.47BN4Mdm032708@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 8f16d9f7dc8c - stable/13 - acl_copyin: avoid returning
  uninitialized memory
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-branches@freebsd.org
Sender: owner-dev-commits-src-branches@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 8f16d9f7dc8c119f8ba9ff27d4ce9c48d0b56d11
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=8f16d9f7dc8c119f8ba9ff27d4ce9c48d0b56d11

commit 8f16d9f7dc8c119f8ba9ff27d4ce9c48d0b56d11
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2024-07-25 12:44:17 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-08-11 23:03:43 +0000

    acl_copyin: avoid returning uninitialized memory
    
    acl_copyin did not validate the return value of acl_copy_oldacl_into_acl
    which could lead to uninitialized acl structure memory reads.
    
    Reported by:    Synacktiv
    Reviewed by:    markj, emaste
    Sponsored by:   The Alpha-Omega Project
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D46125
    
    (cherry picked from commit 6ee6c7b146643170602091e8c330314e4ef47b42)
    (cherry picked from commit 6bf5c32ad8aa1f1602b3cefb0b5e5918db287335)
---
 sys/kern/vfs_acl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c
index f65f210abe97..ea250104aff4 100644
--- a/sys/kern/vfs_acl.c
+++ b/sys/kern/vfs_acl.c
@@ -146,7 +146,7 @@ acl_copyin(const void *user_acl, struct acl *kernel_acl, acl_type_t type)
 		error = copyin(user_acl, &old, sizeof(old));
 		if (error != 0)
 			break;
-		acl_copy_oldacl_into_acl(&old, kernel_acl);
+		error = acl_copy_oldacl_into_acl(&old, kernel_acl);
 		break;
 
 	default: