From nobody Tue Jan 6 16:08:45 2026 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dlx1H0qVHz6MKTJ for ; Tue, 06 Jan 2026 16:08:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dlx1G6RyHz3vC0 for ; Tue, 06 Jan 2026 16:08:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1767715731; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bZo9/nr7GwamInV34QtupuDIlXSfrqLhFa69W6ldtO4=; b=a4BkL/YDQR1kkxIh3FWe6Uj59xhwbOwxljWw08gePxdMMA/FrvoBrhoLt0BJvRuSvFJ0TO b81KLGxgxrWtLumfVp84wj3Ar9RgeIgCQgEoP8CyTCoNBxOBX4z5CZMs4RZMbircoKlQXV +LzF9NqZpulTKq2XXwppCGczHFGbeMGDHhRg1iy0PEdOfa3KXEx/LXEMDSJrZCay0bQGty XGEx93uAMpP98squUTDOLSCih0LX4zBYEH6JsQDFZ2n8Eyxb62dDclH8ezv4Hx84BxTLHx TO+uRTlyT9nq6joC6DhNSlsKV1xwmy0wtu17dUyNF7oNElFzqun23CNo63oLzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1767715731; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bZo9/nr7GwamInV34QtupuDIlXSfrqLhFa69W6ldtO4=; b=a488QeA9HKunL7UNs8JQExRGGiSvZJqFtHSNlvXvRdtpFtRxJo0pOJLxR0zACe9ycelOIX 7ZOgHYgocXyGw5F+O/YoS56PahXH7ipXAyXon717G4N+3wvH9/D913QWnhkxd4eHPFblTP Vqzq8TkK2VyGmcIoV0Nja+wPKQN16LI758uTsT+nMMd41nb8DA+cxMtYqeQc0abf5+oqHj C9P8Xx0Wr93Gi8JMrwx5zN3SJ0dzK2SwEZldAj4itvGnd1fzRAWQpa7mVL0Yi9ONJAsMJf hXUfXbSqvrgwfkGTZorHATpdXzR3x0xwMM7gvVSPRbV7GY5SWVcBB6uCUmTWmA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1767715731; a=rsa-sha256; cv=none; b=hQ/ofTvJMgXN8kknuXuGgolFqxBem9vp23dZIV/qRqnHm08EbMmWfnOcHmH4LIeKac/6bp s4kuNa3MLwufWWN2907KDbFFNg/72czXEXDDRoyCe2sutyq+uiY4VJcjzljz9udgqUNZXP zkw/cSDY+AKzE9pb+LKOB2d39Xz4E07X2RiNz8LsvO0QPPk+JtGpE+kKIZjouDn9YNaw6G vVWT/wehftqtul410uv7H5BfXJCJU6PpXgtflf7BbZNCF7OU3FO+RrbweXXSi0qQnUzN+H 2Oivobmqeg0LeC8NqrYRbzhqKg2MojvraRQPr3nTV7CuGKGbuAwFeX/4i6S1bQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dlx1G60Z3z1Cv6 for ; Tue, 06 Jan 2026 16:08:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 266de by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 06 Jan 2026 16:08:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Alexander Ziaee Subject: git: 75866d71e8d9 - main - manuals: Correct some sysctl markup List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ziaee X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 75866d71e8d93fe1a1ff469b8a9c6c6c9908a6c8 Auto-Submitted: auto-generated Date: Tue, 06 Jan 2026 16:08:45 +0000 Message-Id: <695d338d.266de.1642a022@gitrepo.freebsd.org> The branch main has been updated by ziaee: URL: https://cgit.FreeBSD.org/src/commit/?id=75866d71e8d93fe1a1ff469b8a9c6c6c9908a6c8 commit 75866d71e8d93fe1a1ff469b8a9c6c6c9908a6c8 Author: Alexander Ziaee AuthorDate: 2026-01-06 16:02:24 +0000 Commit: Alexander Ziaee CommitDate: 2026-01-06 16:08:21 +0000 manuals: Correct some sysctl markup This enables additional searching the manual by sysctl variable. This syntax is standardized in style.mdoc(5). Reported by: bapt MFC after: 3 days --- lib/libsys/chroot.2 | 6 ++--- lib/libsys/ptrace.2 | 10 ++++---- share/man/man7/security.7 | 58 +++++++++++++++++++++++------------------------ usr.sbin/chroot/chroot.8 | 2 +- 4 files changed, 38 insertions(+), 38 deletions(-) diff --git a/lib/libsys/chroot.2 b/lib/libsys/chroot.2 index 3347df5cceee..809dbaad2f65 100644 --- a/lib/libsys/chroot.2 +++ b/lib/libsys/chroot.2 @@ -62,7 +62,7 @@ It should be noted that has no effect on the process's current directory. .Pp This call is restricted to the super-user, unless the -.Ql security.bsd.unprivileged_chroot +.Ql Va security.bsd.unprivileged_chroot sysctl variable is set to 1 and the process has enabled the .Dv PROC_NO_NEW_PRIVS_CTL @@ -118,7 +118,7 @@ will fail and the root directory will be unchanged if: .Bl -tag -width Er .It Bq Er EPERM The effective user ID is not the super-user and the -.Ql security.bsd.unprivileged_chroot +.Ql Va security.bsd.unprivileged_chroot sysctl is 0. .It Bq Er EPERM The effective user ID is not the super-user and the @@ -127,7 +127,7 @@ process has not enabled the .Xr procctl 2 . .It Bq Er EPERM One or more filedescriptors are open directories and the -.Ql kern.chroot_allow_open_directories +.Ql Va kern.chroot_allow_open_directories sysctl is not set to permit this. .It Bq Er EIO An I/O error occurred while reading from or writing to the file system. diff --git a/lib/libsys/ptrace.2 b/lib/libsys/ptrace.2 index 7aa24a3f820b..a6798bb22b27 100644 --- a/lib/libsys/ptrace.2 +++ b/lib/libsys/ptrace.2 @@ -148,31 +148,31 @@ Sometimes it may be desirable to disallow it either completely, or limit its scope. The following controls are provided for this: .Bl -tag -width security.bsd.unprivileged_proc_debug -.It Dv security.bsd.allow_ptrace +.It Va security.bsd.allow_ptrace Setting this sysctl to zero makes .Nm return .Er ENOSYS always as if the syscall is not implemented by the kernel. -.It Dv security.bsd.unprivileged_proc_debug +.It Va security.bsd.unprivileged_proc_debug Setting this sysctl to zero disallows the use of .Fn ptrace by unprivileged processes. -.It Dv security.bsd.see_other_uids +.It Va security.bsd.see_other_uids Setting this sysctl to zero prevents .Fn ptrace requests from targeting processes with a real user identifier different from the caller's. These requests will fail with error .Er ESRCH . -.It Dv security.bsd.see_other_gids +.It Va security.bsd.see_other_gids Setting this sysctl to zero disallows .Fn ptrace requests from processes that have no groups in common with the target process, considering their sets of real and supplementary groups. These requests will fail with error .Er ESRCH . -.It Dv security.bsd.see_jail_proc +.It Va security.bsd.see_jail_proc Setting this sysctl to zero disallows .Fn ptrace requests from processes belonging to a different jail than that of the target diff --git a/share/man/man7/security.7 b/share/man/man7/security.7 index f1035fd093d5..0685da5db437 100644 --- a/share/man/man7/security.7 +++ b/share/man/man7/security.7 @@ -955,7 +955,7 @@ briefly listed there, together with controls which enable some mitigations of the hardware state leaks. .Pp Hardware mitigation sysctl knobs described below have been moved under -.Pa machdep.mitigations , +.Va machdep.mitigations , with backwards-compatibility shims to accept the existing names. A future change will rationalize the sense of the individual sysctls (so that enabled / true always indicates that the mitigation is active). @@ -965,20 +965,20 @@ Backwards compatibility shims for the interim sysctls under .Pa machdep.mitigations will not be added. .Bl -tag -width security.bsd.unprivileged_proc_debug -.It Dv security.bsd.see_other_uids +.It Va security.bsd.see_other_uids Controls visibility and reachability of subjects (e.g., processes) and objects (e.g., sockets) owned by a different uid. The knob directly affects the -.Dv kern.proc +.Va kern.proc sysctls filtering of data, which results in restricted output from utilities like .Xr ps 1 . -.It Dv security.bsd.see_other_gids +.It Va security.bsd.see_other_gids Same, for subjects and objects owned by a different gid. -.It Dv security.bsd.see_jail_proc +.It Va security.bsd.see_jail_proc Same, for subjects and objects belonging to a different jail, including sub-jails. -.It Dv security.bsd.conservative_signals +.It Va security.bsd.conservative_signals When enabled, unprivileged users are only allowed to send job control and usual termination signals like .Dv SIGKILL , @@ -986,13 +986,13 @@ and usual termination signals like and .Dv SIGTERM , to the processes executing programs with changed uids. -.It Dv security.bsd.unprivileged_proc_debug +.It Va security.bsd.unprivileged_proc_debug Controls availability of the process debugging facilities to non-root users. See also .Xr proccontrol 1 mode .Dv trace . -.It Dv vm.pmap.pti +.It Va vm.pmap.pti Tunable, amd64-only. Enables mode of operation of virtual memory system where usermode page tables are sanitized to prevent so-called Meltdown information leak on @@ -1003,25 +1003,25 @@ See also .Xr proccontrol 1 mode .Dv kpti . -.It Dv machdep.mitigations.flush_rsb_ctxsw +.It Va machdep.mitigations.flush_rsb_ctxsw amd64. Controls Return Stack Buffer flush on context switch, to prevent cross-process ret2spec attacks. Only needed, and only enabled by default, if the machine supports SMEP, otherwise IBRS would do necessary flushing on kernel entry anyway. -.It Dv hw.mds_disable +.It Va hw.mds_disable amd64 and i386. Controls Microarchitectural Data Sampling hardware information leak mitigation. -.It Dv hw.spec_store_bypass_disable +.It Va hw.spec_store_bypass_disable amd64 and i386. Controls Speculative Store Bypass hardware information leak mitigation. -.It Dv hw.ibrs_disable +.It Va hw.ibrs_disable amd64 and i386. Controls Indirect Branch Restricted Speculation hardware information leak mitigation. -.It Dv machdep.syscall_ret_flush_l1d +.It Va machdep.syscall_ret_flush_l1d amd64. Controls force-flush of L1D cache on return from syscalls which report errors other than @@ -1036,62 +1036,62 @@ This is mostly a paranoid setting added to prevent hypothetical exploitation of unknown gadgets for unknown hardware issues. The error codes exclusion list is composed of the most common errors which typically occurs on normal system operation. -.It Dv machdep.nmi_flush_l1d_sw +.It Va machdep.nmi_flush_l1d_sw amd64. Controls force-flush of L1D cache on NMI; this provides software assist for bhyve mitigation of L1 terminal fault hardware information leak. -.It Dv hw.vmm.vmx.l1d_flush +.It Va hw.vmm.vmx.l1d_flush amd64. Controls the mitigation of L1 Terminal Fault in bhyve hypervisor. -.It Dv vm.pmap.allow_2m_x_ept +.It Va vm.pmap.allow_2m_x_ept amd64. Allows the use of superpages for executable mappings under the EPT page table format used by hypervisors on Intel CPUs to map the guest physical address space to machine physical memory. May be disabled to work around a CPU Erratum called Machine Check Error Avoidance on Page Size Change. -.It Dv machdep.mitigations.rngds.enable +.It Va machdep.mitigations.rngds.enable amd64 and i386. Controls mitigation of Special Register Buffer Data Sampling versus optimization of the MCU access. When set to zero, the mitigation is disabled, and the RDSEED and RDRAND instructions do not incur serialization overhead for shared buffer accesses, and do not serialize off-core memory accesses. -.It Dv kern.elf32.aslr.enable +.It Va kern.elf32.aslr.enable Controls system-global Address Space Layout Randomization (ASLR) for normal non-PIE (Position Independent Executable) 32-bit ELF binaries. See also the .Xr proccontrol 1 .Dv aslr mode, also affected by the per-image control note flag. -.It Dv kern.elf32.aslr.pie_enable +.It Va kern.elf32.aslr.pie_enable Controls system-global Address Space Layout Randomization for position-independent (PIE) 32-bit binaries. -.It Dv kern.elf32.aslr.honor_sbrk +.It Va kern.elf32.aslr.honor_sbrk Makes ASLR less aggressive and more compatible with old binaries relying on the sbrk area. -.It Dv kern.elf32.aslr.stack +.It Va kern.elf32.aslr.stack Enable randomization of the stack for 32-bit binaries. Otherwise, the stack is mapped at a fixed location determined by the process ABI. -.It Dv kern.elf64.aslr.enable +.It Va kern.elf64.aslr.enable ASLR control for 64-bit ELF binaries. -.It Dv kern.elf64.aslr.pie_enable +.It Va kern.elf64.aslr.pie_enable ASLR control for 64-bit ELF PIEs. -.It Dv kern.elf64.aslr.honor_sbrk +.It Va kern.elf64.aslr.honor_sbrk ASLR sbrk compatibility control for 64-bit binaries. -.It Dv kern.elf64.aslr.stack +.It Va kern.elf64.aslr.stack Controls stack address randomization for 64-bit binaries. -.It Dv kern.elf32.nxstack +.It Va kern.elf32.nxstack Enables non-executable stack for 32-bit processes. Enabled by default if supported by hardware and corresponding binary. -.It Dv kern.elf64.nxstack +.It Va kern.elf64.nxstack Enables non-executable stack for 64-bit processes. -.It Dv kern.elf32.allow_wx +.It Va kern.elf32.allow_wx Enables mapping of simultaneously writable and executable pages for 32-bit processes. -.It Dv kern.elf64.allow_wx +.It Va kern.elf64.allow_wx Enables mapping of simultaneously writable and executable pages for 64-bit processes. .El diff --git a/usr.sbin/chroot/chroot.8 b/usr.sbin/chroot/chroot.8 index 4a1a5a396631..58d5ec8f1a5b 100644 --- a/usr.sbin/chroot/chroot.8 +++ b/usr.sbin/chroot/chroot.8 @@ -68,7 +68,7 @@ Use the command before chrooting, effectively disabling SUID/SGID bits for the calling process and its descendants. If -.Dv security.bsd.unprivileged_chroot +.Va security.bsd.unprivileged_chroot sysctl is set to 1, it will make it possible to chroot without superuser privileges. .El