diff options
199 files changed, 1218 insertions, 533 deletions
diff --git a/Makefile.inc1 b/Makefile.inc1 index d366be09f497..010f5ac2bb55 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -2130,11 +2130,10 @@ create-source-src-package: _pkgbootstrap .PHONY PKGNAME "src" \ PKGGENNAME "src" \ VERSION "${PKG_VERSION}" \ - DESC "FreeBSD Kernel Sources" \ - COMMENT "FreeBSD Userland Sources" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ PKG_WWW "${PKG_WWW}" \ + UCLFILES "${SRCDIR}/release/packages/ucl" \ ${SRCDIR}/release/packages/template.ucl \ ${SSTAGEDIR}/src.ucl ${PKG_CMD} -o ABI=${PKG_ABI} \ @@ -2155,13 +2154,12 @@ create-source-src-sys-package: _pkgbootstrap .PHONY > ${SSTAGEDIR}/src-sys.plist ${SRCDIR}/release/packages/generate-ucl.lua \ PKGNAME "src-sys" \ - PKGGENNAME "src" \ + PKGGENNAME "src-sys" \ VERSION "${PKG_VERSION}" \ - DESC "FreeBSD Kernel Sources" \ - COMMENT "FreeBSD Kernel Sources" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ PKG_WWW "${PKG_WWW}" \ + UCLFILES "${SRCDIR}/release/packages/ucl" \ ${SRCDIR}/release/packages/template.ucl \ ${SSTAGEDIR}/src-sys.ucl ${PKG_CMD} -o ABI=${PKG_ABI} \ @@ -2226,12 +2224,12 @@ create-dtb-package: @if [ -f ${KSTAGEDIR}/${DISTDIR}/dtb.plist ]; then \ ${SRCDIR}/release/packages/generate-ucl.lua \ PKGNAME "dtb" \ + PKGGENNAME "dtb" \ VERSION "${PKG_VERSION}" \ - COMMENT "FreeBSD Devicetree Blobs" \ - DESC "FreeBSD Devicetree Blobs" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ PKG_WWW "${PKG_WWW}" \ + UCLFILES "${SRCDIR}/release/packages/ucl" \ ${SRCDIR}/release/packages/template.ucl \ ${KSTAGEDIR}/${DISTDIR}/dtb.ucl ; \ awk -F\" ' \ @@ -2257,13 +2255,15 @@ create-kernel-packages-flavor${flavor:C,^""$,${_default_flavor},}: _pkgbootstrap -v kernel=yes -v _kernconf=${INSTALLKERNEL} ; \ ${SRCDIR}/release/packages/generate-ucl.lua \ PKGNAME "kernel-${INSTALLKERNEL:tl}${flavor}" \ + PKGGENNAME "kernel" \ VERSION "${PKG_VERSION}" \ KERNELDIR "kernel" \ - COMMENT "FreeBSD ${INSTALLKERNEL} kernel ${flavor}" \ - DESC "FreeBSD ${INSTALLKERNEL} kernel ${flavor}" \ + KERNEL_NAME "${INSTALLKERNEL}" \ + KERNEL_FLAVOR "${flavor}" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ PKG_WWW "${PKG_WWW}" \ + UCLFILES "${SRCDIR}/release/packages/ucl" \ ${SRCDIR}/release/packages/template.ucl \ ${KSTAGEDIR}/${DISTDIR}/kernel.${INSTALLKERNEL}${flavor}.ucl ; \ awk -F\" ' \ @@ -2296,14 +2296,14 @@ create-kernel-packages-extra-flavor${flavor:C,^""$,${_default_flavor},}-${_kerne PKGNAME "kernel-${_kernel:tl}${flavor}" \ PKGGENNAME "kernel" \ FORCEINCLUDE "kernel${flavor}" \ - UCLFILES "${SRCDIR}/release/packages/" \ VERSION "${PKG_VERSION}" \ + KERNEL_NAME "${_kernel:tl}" \ + KERNEL_FLAVOR "${flavor}" \ KERNELDIR "kernel.${_kernel}" \ - DESC "FreeBSD ${_kernel} kernel ${flavor}" \ - COMMENT "FreeBSD ${_kernel} kernel ${flavor}" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ PKG_WWW "${PKG_WWW}" \ + UCLFILES "${SRCDIR}/release/packages/ucl" \ ${SRCDIR}/release/packages/template.ucl \ ${KSTAGEDIR}/kernel.${_kernel}/kernel.${_kernel}${flavor}.ucl ; \ awk -F\" ' \ diff --git a/libexec/rc/rc.d/pf b/libexec/rc/rc.d/pf index 0b4c086db22b..46fb085e5175 100755 --- a/libexec/rc/rc.d/pf +++ b/libexec/rc/rc.d/pf @@ -38,7 +38,7 @@ pf_fallback() $pf_program -f "$pf_fallback_rules_file" $pf_flags else warn "Loading fallback rules: $pf_fallback_rules" - echo $pf_fallback_rules | $pf_program -f - $pf_flags + echo "$pf_fallback_rules" | $pf_program -f - $pf_flags fi } diff --git a/release/packages/Makefile.package b/release/packages/Makefile.package deleted file mode 100644 index c2427aa16945..000000000000 --- a/release/packages/Makefile.package +++ /dev/null @@ -1,193 +0,0 @@ -# -# - -acct_COMMENT= System Accounting Utilities -acct_DESC= System Accounting Utilities -acpi_COMMENT= ACPI Utilities -acpi_DESC= ACPI Utilities -amd_COMMENT= AMD Utilities -amd_DESC= AMD Utilities -apm_COMMENT= APM Utilities -apm_DESC= APM Utilities -at_COMMENT= AT Utilities -at_DESC= AT Utilities -audit_COMMENT= OpenBSM auditing utilities -audit_DESC= OpenBSM auditing utilities -autofs_COMMENT= Autofs Utilities -autofs_DESC= Autofs Utilities -bhyve_COMMENT= Bhyve Utilities -bhyve_DESC= Bhyve Utilities -blocklist_COMMENT= Blocklist Utilities -blocklist_DESC= Blocklist Utilities -bluetooth_COMMENT= Bluetooth Utilities -bluetooth_DESC= Bluetooth Utilities -bootloader_COMMENT= Bootloader -bootloader_DESC= Bootloader and configuration files -bsdinstall_COMMENT= BSDInstall Utilities -bsdinstall_DESC= BSDInstall Utilities -bsnmp_COMMENT= BSNMP Utilities -bsnmp_DESC= BSNMP Utilities -caroot_COMMENT= SSL Certificates -caroot_DESC= SSL Certificates -clang_COMMENT= Clang Utilities -clang_DESC= Clang Utilities -clibs_COMMENT= Core C Libraries -clibs_DESC= Core C Libraries -certctl_COMMENT= SSL Certificate Utility -certctl_DESC= SSL Certificate Utility -console-tools_COMMENT= Console Utilities -console-tools_DESC= Console Utilities -cron_COMMENT= cron(8) and crontab(1) -cron_DESC= cron(8) and crontab(1) -csh_COMMENT= C Shell -csh_DESC= C Shell -ctf-tools_COMMENT= CTF Utilities -ctf-tools_DESC= CTF Utilities -cxgbe-tools_COMMENT= Chelsio cxbge Utilities -cxgbe-tools_DESC= Chelsio cxbge Utilities -devd_COMMENT= Devd Utility and scripts -devd_DESC= Devd Utility and scripts -devmatch_COMMENT= Devmatch Utility -devmatch_DESC= Devmatch Utility -dhclient_COMMENT= DHCP Client -dhclient_DESC= DHCP Client -dma_COMMENT= DMA Mail Agent Utilities -dma_DESC= DMA Mail Agent Utilities -docs_COMMENT= Documentation -docs_DESC= Documentation -dtrace_COMMENT= Dtrace Utilities -dtrace_DESC= Dtrace Utilities -dwatch_COMMENT= Dwatch Utilities -dwatch_DESC= Dwatch Utilities -ee_COMMENT= Easy Editor Utilities -ee_DESC= Easy Editor Utilities -efi-tools_COMMENT= UEFI Utilities -efi-tools_DESC= UEFI Utilities -examples_COMMENT= Examples in /usr/share/examples -examples_DESC= Examples in /usr/share/examples -fd_COMMENT= Floppy disk support -fd_DESC= Floppy disk support -fetch_COMMENT= Fetch Utility -fetch_DESC= Fetch Utility -firmware-iwm_DESC= iwm(4) firmwares -firmware-iwm_COMMENT= iwm(4) firmwares -ftp_COMMENT= FTP Utilities -ftp_DESC= FTP Utilities -ftpd_COMMENT= FTP Daemon -ftpd_DESC= FTP Daemon -fwget_COMMENT= FWGET Utility -fwget_DESC= FWGET Utility -games_COMMENT= Games -games_DESC= Games -geom_COMMENT= GEOM Utilitites -geom_DESC= GEOM Utilitites -ggate_COMMENT= GEOM Gate Utilities -ggate_DESC= GEOM Gate Utilities -hast_COMMENT= Highly Available Storage daemon -hast_DESC= Highly Available Storage daemon -hostapd_COMMENT= 802.11 Access Point Daemon an Utilities -hostapd_DESC= 802.11 Access Point Daemon an Utilities -hyperv-tools_COMMENT= Microsoft HyperV Utilities -hyperv-tools_DESC= Microsoft HyperV Utilities -inetd_COMMENT= Internet super-server -inetd_DESC= Internet super-server -jail_COMMENT= Jail Utilities -jail_DESC= Jail Utilities -jail-debug_DESCR= Debugging Symbols -jail-development_DESCR=Development Files -jail-profile_DESCR= Profiling Libraries -jail-lib32_DESCR= 32-bit Libraries -jail-lib32-debug_DESCR=32-bit Debugging Symbols -jail-lib32-development_DESCR=32-bit Development Files -jail-lib32-profile_DESCR=32-bit Profiling Libraries -kerberos_COMMENT= Kerberos Utilities -kerberos_DESC= Kerberos Utilities -kerberos-lib_COMMENT= Kerberos Libraries -kerberos-lib_DESC= Kerberos Libraries -kernel_COMMENT= FreeBSD Kernel -kernel_DESC= FreeBSD Kernel -lp_COMMENT= Printer subsystem -lp_DESC= Printer subsystem -manuals_COMMENT= Manual Pages -manuals_DESC= Manual Pages -mlx-tools_COMMENT= Mellanox Utilities -mlx-tools_DESC= Mellanox Utilities -mtree_COMMENT= MTREE Files -mtree_DESC= MTREE Files -netmap_COMMENT= Netmap Library and Utilities -netmap_DESC= Netmap Library and Utilities -newsyslog_COMMENT= Newsyslog Utility -newsyslog_DESC= Newsyslog Utility -nfs_COMMENT= NFS Utilities -nfs_DESC= NFS Utilities -ntp_COMMENT= Network Time Protocol server and client -ntp_DESC= Network Time Protocol server and client -nuageinit_COMMENT= CloudInit support scripts -nuageinit_DESC= CloudInit support scripts -nvme-tools_COMMENT= NVME Utilities -nvme-tools_DESC= NVME Utilities -openssl_COMMENT= OpenSSL Utility -openssl_DESC= OpenSSL Utility -openssl-lib_COMMENT= OpenSSL Libraries -openssl-lib_DESC= OpenSSL Libraries -pkg-bootstrap_COMMENT= pkg bootstrap Utility -pkg-bootstrap_DESC= pkg bootstrap Utility -periodic_COMMENT= Periodic Utility -periodic_DESC= Periodic Utility -rc_COMMENT= RC Scripts -rc_DESC= RC Scripts -rcmds_COMMENT= BSD/SunOS remote status commands -rcmds_DESC=\ -The BSD/SunOS remote status commands, which can be used to query or interact\ -with remote hosts over the network. This includes the command-line utilities\ -rwho, ruptime, rup, rusers and rwall and the daemons rwhod, rpc.rstatd,\ -rpc.rusersd, and rpc.rwalld. -rdma_COMMENT= RDMA Utilities -rdma_DESC= RDMA Utilities -rescue_COMMENT= Rescue Utilities -rescue_DESC= Rescue Utilities -resolvconf_COMMENT= Resolvconf Utility and scripts -resolvconf_DESC= Resolvconf Utility and scripts -runtime_COMMENT= FreeBSD Base System -runtime_DESC= FreeBSD Base System -runtime-debug_DESCR= Debugging Symbols -runtime-development_DESCR=Development Files -runtime-profile_DESCR= Profiling Libraries -runtime-lib32_DESCR= 32-bit Libraries -runtime-lib32-debug_DESCR=32-bit Debugging Symbols -runtime-lib32-development_DESCR=32-bit Development Files -runtime-lib32-profile_DESCR=32-bit Profiling Libraries -sendmail_COMMENT= Sendmail Utilities -sendmail_DESC= Sendmail Utilities -smbutils_COMMENT= SMB Utilities -smbutils_DESC= SMB Utilities -ssh_COMMENT= Secure Shell Utilities -ssh_DESC= Secure Shell Utilities -syscons_COMMENT= Syscons Console -syscons_DESC= Syscons Console -syslogd_COMMENT= Syslog Daemon -syslogd_DESC= Syslog Daemon -tcpd_COMMENT= TCP Wrapper utilities -tcpd_DESC= TCP Wrapper utilities -telnet_COMMENT= Telnet client -telnet_DESC= Telnet client -tests_COMMENT= Test Suite -tests_DESC= Test Suite -toolchain_COMMENT= Utilities for program development -toolchain_DESC= Utilities for program development -ufs_COMMENT= UFS Libraries and Utilities -ufs_DESC= UFS Libraries and Utilities -unbound_COMMENT= Unbound DNS Resolver -unbound_DESC= Unbound DNS Resolver -utilities_COMMENT= Non-vital programs and libraries -utilities_DESC= Non-vital programs and libraries -vi_COMMENT= Vi Editor -vi_DESC= Vi Editor -vt_COMMENT= VT fonts and keyboard files -vt_DESC= VT fonts and keyboard files -wpa_COMMENT= 802.11 Supplicant -wpa_DESC= 802.11 Supplicant -yp_COMMENT= Yellow Pages programs -yp_DESC= Yellow Pages programs -zfs_COMMENT= ZFS Libraries and Utilities -zfs_DESC= ZFS Libraries and Utilities diff --git a/release/packages/clang-all.ucl b/release/packages/clang-all.ucl deleted file mode 100644 index 41a697ebe53d..000000000000 --- a/release/packages/clang-all.ucl +++ /dev/null @@ -1 +0,0 @@ -licenses = [ NCSA ] diff --git a/release/packages/generate-ucl.lua b/release/packages/generate-ucl.lua index ae6ee58dd84a..3d91d11bc42f 100755 --- a/release/packages/generate-ucl.lua +++ b/release/packages/generate-ucl.lua @@ -3,33 +3,174 @@ --[[ usage: generare-ucl.lua [<variablename> <variablevalue>]... <sourceucl> <destucl> -In the <destucl> files the variable <variablename> (in the form ${variablename} -in the <sourceucl>) will be expanded to <variablevalue>. - -The undefined variables will reamin unmofifier "${variablename}" +Build a package's UCL configuration by loading the template UCL file +<sourceucl>, replacing any $VARIABLES in the UCL based on the provided +variables, then writing the result to <destucl>. ]]-- local ucl = require("ucl") +-- Give subpackages a special comment and description suffix to indicate what +-- they contain, so e.g. "foo-man" has " (manual pages)" appended to its +-- comment. This avoids having to create a separate ucl files for every +-- subpackage just to set this. +-- +-- Note that this is not a key table because the order of the pattern matches +-- is important. +pkg_suffixes = { + { + "%-dev%-lib32$", "(32-bit development files)", + "This package contains development files for compiling ".. + "32-bit applications on a 64-bit host." + }, + { + "%-dbg%-lib32$", "(32-bit debugging symbols)", + "This package contains 32-bit external debugging symbols ".. + "for use with a source-level debugger.", + }, + { + "%-man%-lib32$", "(32-bit manual pages)", + "This package contains the online manual pages for 32-bit ".. + "components on a 64-bit host.", + }, + { + "%-lib32$", "(32-bit libraries)", + "This package contains 32-bit libraries for running 32-bit ".. + "applications on a 64-bit host.", + }, + { + "%-dev$", "(development files)", + "This package contains development files for ".. + "compiling applications." + }, + { + "%-man$", "(manual pages)", + "This package contains the online manual pages." + }, + { + "%-dbg$", "(debugging symbols)", + "This package contains external debugging symbols for use ".. + "with a source-level debugger.", + }, +} + +function add_suffixes(obj) + local pkgname = obj["name"] + for _,pattern in pairs(pkg_suffixes) do + if pkgname:match(pattern[1]) ~= nil then + obj["comment"] = obj["comment"] .. " " .. pattern[2] + obj["desc"] = obj["desc"] .. "\n\n" .. pattern[3] + return + end + end +end + +-- Hardcode a list of packages which don't get the automatic pkggenname +-- dependency because the base package doesn't exist. We should have a better +-- way to handle this. +local no_gen_deps = { + ["libcompat-dev"] = true, + ["libcompat-dev-lib32"] = true, + ["libcompat-man"] = true, + ["libcompiler_rt-dev"] = true, + ["libcompiler_rt-dev-lib32"] = true, + ["liby-dev"] = true, + ["liby-dev-lib32"] = true, +} + +-- Return true if the package 'pkgname' should have a dependency on the package +-- pkggenname. +function add_gen_dep(pkgname, pkggenname) + if pkgname == pkggenname then + return false + end + if pkgname == nil or pkggenname == nil then + return false + end + if no_gen_deps[pkgname] ~= nil then + return false + end + if pkggenname == "kernel" then + return false + end + + return true +end + +local pkgname = nil +local pkggenname = nil +local pkgprefix = nil +local pkgversion = nil + +-- This parser is the output UCL we want to build. +local parser = ucl.parser() + +-- Set any $VARIABLES from the command line in the parser. This causes ucl to +-- automatically replace them when we load the source ucl. if #arg < 2 or #arg % 2 ~= 0 then io.stderr:write(arg[0] .. ": expected an even number of arguments, got " .. #arg) os.exit(1) end -local parser = ucl.parser() for i = 2, #arg - 2, 2 do - parser:register_variable(arg[i - 1], arg[i]) + local varname = arg[i - 1] + local varvalue = arg[i] + + if varname == "PKGNAME" and #varvalue > 0 then + pkgname = varvalue + elseif varname == "PKGGENNAME" and #varvalue > 0 then + pkggenname = varvalue + elseif varname == "VERSION" and #varvalue > 0 then + pkgversion = varvalue + elseif varname == "PKG_NAME_PREFIX" and #varvalue > 0 then + pkgprefix = varvalue + end + + parser:register_variable(varname, varvalue) end + +-- Load the source ucl file. local res,err = parser:parse_file(arg[#arg - 1]) if not res then io.stderr:write(arg[0] .. ": fail to parse("..arg[#arg - 1].."): "..err) os.exit(1) end + +local obj = parser:get_object() + +-- If pkgname is different from pkggenname, add a dependency on pkggenname. +-- This means that e.g. -dev packages depend on their respective base package. +if add_gen_dep(pkgname, pkggenname) then + if obj["deps"] == nil then + obj["deps"] = {} + end + obj["deps"][pkggenname] = { + ["version"] = pkgversion, + ["origin"] = "base" + } +end + +-- If PKG_NAME_PREFIX is provided, rewrite the names of dependency packages. +-- We can't do this in UCL since variable substitution doesn't work in array +-- keys. +if pkgprefix ~= nil and obj["deps"] ~= nil then + newdeps = {} + for dep, opts in pairs(obj["deps"]) do + local newdep = pkgprefix .. "-" .. dep + newdeps[newdep] = opts + end + obj["deps"] = newdeps +end + +-- Add comment and desc suffix. +add_suffixes(obj) + +-- Write the output file. local f,err = io.open(arg[#arg], "w") if not f then io.stderr:write(arg[0] .. ": fail to open("..arg[#arg].."): ".. err) os.exit(1) end -local obj = parser:get_object() + f:write(ucl.to_format(obj, 'ucl', true)) f:close() diff --git a/release/packages/generate-ucl.sh b/release/packages/generate-ucl.sh index b7d7bad35023..3078185a3c4e 100755 --- a/release/packages/generate-ucl.sh +++ b/release/packages/generate-ucl.sh @@ -3,8 +3,8 @@ # main() { - desc= - comment= + outname="" + origname="" debug= uclsource= while getopts "do:s:u:" arg; do @@ -31,73 +31,26 @@ main() { shift $(( ${OPTIND} - 1 )) case "${outname}" in - bootloader) - pkgdeps="" - ;; - certctl) - pkgdeps="caroot openssl" - ;; - clang) - pkgdeps="lld libcompiler_rt-dev" - ;; - periodic) - pkgdeps="cron" - ;; - rcmds) - # the RPC daemons require rpcbind - pkgdeps="utilities" - ;; - - # -dev packages that have no corresponding non-dev package - # as a dependency. - libcompat-dev|libcompiler_rt-dev|liby-dev) - outname=${outname%%-dev} - _descr="Development Files" - ;; - libcompat-lib32_dev|libcompiler_rt-lib32_dev|liby-lib32_dev) - outname=${outname%%-lib32_dev} - _descr="32-bit Libraries, Development Files" - ;; - libcompat-man|libelftc-man) - outname=${outname%%-man} - _descr="Manual Pages" + *-dev) + outname="${outname%%-dev}" ;; - utilities) - uclfile="${uclfile}" + *-dbg) + outname="${outname%%-dbg}" ;; - runtime) - outname="runtime" - _descr="$(make -C ${srctree}/release/packages -f Makefile.package -V ${outname}_DESCR)" + *-dev-lib32) + outname="${outname%%-dev-lib32}" ;; - *-lib32_dev) - outname="${outname%%-lib32_dev}" - _descr="32-bit Libraries, Development Files" - pkgdeps="${outname}" + *-dbg-lib32) + outname="${outname%%-dbg-lib32}" ;; - *-lib32_dbg) - outname="${outname%%-lib32_dbg}" - _descr="32-bit Libraries, Debugging Symbols" - pkgdeps="${outname}" + *-man-lib32) + outname="${outname%%-man-lib32}" ;; *-lib32) outname="${outname%%-lib32}" - _descr="32-bit Libraries" - pkgdeps="${outname}" - ;; - *-dev) - outname="${outname%%-dev}" - _descr="Development Files" - pkgdeps="${outname}" - ;; - *-dbg) - outname="${outname%%-dbg}" - _descr="Debugging Symbols" - pkgdeps="${outname}" ;; *-man) outname="${outname%%-man}" - _descr="Manual Pages" - pkgdeps="${outname}" ;; ${origname}) ;; @@ -107,22 +60,16 @@ main() { ;; esac - desc="$(make -C ${srctree}/release/packages -f Makefile.package -V ${outname}_DESC)" - comment="$(make -C ${srctree}/release/packages -f Makefile.package -V ${outname}_COMMENT)" - uclsource="${srctree}/release/packages/template.ucl" if [ -n "${debug}" ]; then echo "" echo "===============================================================" echo "DEBUG:" - echo "_descr=${_descr}" echo "outname=${outname}" echo "origname=${origname}" echo "srctree=${srctree}" echo "uclfile=${uclfile}" - echo "desc=${desc}" - echo "comment=${comment}" echo "vital=${vital}" echo "cp ${uclsource} -> ${uclfile}" echo "===============================================================" @@ -131,38 +78,17 @@ main() { echo "" fi - [ -z "${comment}" ] && comment="${outname} package" - [ -n "${_descr}" ] && comment="${comment} (${_descr})" - [ -z "${desc}" ] && desc="${outname} package" - - cp "${uclsource}" "${uclfile}" - if [ -n "${pkgdeps}" ]; then - echo 'deps: {' >> ${uclfile} - for dep in ${pkgdeps}; do - cat <<EOF >> ${uclfile} - ${PKG_NAME_PREFIX}-${dep}: { - origin: "base", - version: "${PKG_VERSION}" - } -EOF - done - echo '}' >> ${uclfile} - fi cap_arg="$( make -f ${srctree}/share/mk/bsd.endian.mk -VCAP_MKDB_ENDIAN )" ${srctree}/release/packages/generate-ucl.lua \ VERSION "${PKG_VERSION}" \ PKGNAME "${origname}" \ PKGGENNAME "${outname}" \ PKG_NAME_PREFIX "${PKG_NAME_PREFIX}" \ - COMMENT "${comment}" \ - DESC "${desc}" \ CAP_MKDB_ENDIAN "${cap_arg}" \ PKG_WWW "${PKG_WWW}" \ PKG_MAINTAINER "${PKG_MAINTAINER}" \ - UCLFILES "${srctree}/release/packages/" \ - ${uclfile} ${uclfile} - - return 0 + UCLFILES "${srctree}/release/packages/ucl" \ + ${uclsource} ${uclfile} } main "${@}" diff --git a/release/packages/lld-all.ucl b/release/packages/lld-all.ucl deleted file mode 100644 index 41a697ebe53d..000000000000 --- a/release/packages/lld-all.ucl +++ /dev/null @@ -1 +0,0 @@ -licenses = [ NCSA ] diff --git a/release/packages/lldb-all.ucl b/release/packages/lldb-all.ucl deleted file mode 100644 index 41a697ebe53d..000000000000 --- a/release/packages/lldb-all.ucl +++ /dev/null @@ -1 +0,0 @@ -licenses = [ NCSA ] diff --git a/release/packages/ssh-all.ucl b/release/packages/ssh-all.ucl deleted file mode 100644 index 4f78d80fa68e..000000000000 --- a/release/packages/ssh-all.ucl +++ /dev/null @@ -1 +0,0 @@ -licenses = [ ISCL ] diff --git a/release/packages/template.ucl b/release/packages/template.ucl index a65f58868118..faa48effe1ad 100644 --- a/release/packages/template.ucl +++ b/release/packages/template.ucl @@ -4,7 +4,7 @@ name = "${PKG_NAME_PREFIX}-${PKGNAME}" origin = "base" version = "${VERSION}" -comment = "${COMMENT}" +comment = "${PKGNAME} package" categories = [ base ] maintainer = "${PKG_MAINTAINER}" www = "${PKG_WWW}" @@ -12,8 +12,8 @@ prefix = "/" licenselogic = "single" licenses = [ BSD2CLAUSE ] desc = <<EOD -${DESC} +${PKGNAME} package EOD -.include(try=true,duplicate=rewrite) "${UCLFILES}/${PKGGENNAME}-all.ucl" +.include(try=false,duplicate=rewrite) "${UCLFILES}/${PKGGENNAME}-all.ucl" .include(try=true,duplicate=rewrite) "${UCLFILES}/${PKGNAME}.ucl" .include(try=true,duplicate=rewrite) "${UCLFILES}/${FORCEINCLUDE}.ucl" diff --git a/release/packages/ucl/acct-all.ucl b/release/packages/ucl/acct-all.ucl new file mode 100644 index 000000000000..ac4bd8868511 --- /dev/null +++ b/release/packages/ucl/acct-all.ucl @@ -0,0 +1,4 @@ +comment = "System Accounting Utilities" +desc = <<EOD +System Accounting Utilities +EOD diff --git a/release/packages/ucl/acpi-all.ucl b/release/packages/ucl/acpi-all.ucl new file mode 100644 index 000000000000..70ea39fc3862 --- /dev/null +++ b/release/packages/ucl/acpi-all.ucl @@ -0,0 +1,4 @@ +comment = "ACPI Utilities" +desc = <<EOD +ACPI Utilities +EOD diff --git a/release/packages/ucl/amd-all.ucl b/release/packages/ucl/amd-all.ucl new file mode 100644 index 000000000000..e2bc7cfc1b2a --- /dev/null +++ b/release/packages/ucl/amd-all.ucl @@ -0,0 +1,4 @@ +comment = "AMD Utilities" +desc = <<EOD +AMD Utilities +EOD diff --git a/release/packages/ucl/apm-all.ucl b/release/packages/ucl/apm-all.ucl new file mode 100644 index 000000000000..bf1b40000805 --- /dev/null +++ b/release/packages/ucl/apm-all.ucl @@ -0,0 +1,4 @@ +comment = "APM Utilities" +desc = <<EOD +APM Utilities +EOD diff --git a/release/packages/ucl/at-all.ucl b/release/packages/ucl/at-all.ucl new file mode 100644 index 000000000000..c15642737b36 --- /dev/null +++ b/release/packages/ucl/at-all.ucl @@ -0,0 +1,4 @@ +comment = "AT Utilities" +desc = <<EOD +AT Utilities +EOD diff --git a/release/packages/ucl/audit-all.ucl b/release/packages/ucl/audit-all.ucl new file mode 100644 index 000000000000..e0f3d4bf1675 --- /dev/null +++ b/release/packages/ucl/audit-all.ucl @@ -0,0 +1,4 @@ +comment = "OpenBSM auditing utilities" +desc = <<EOD +OpenBSM auditing utilities +EOD diff --git a/release/packages/ucl/autofs-all.ucl b/release/packages/ucl/autofs-all.ucl new file mode 100644 index 000000000000..0e3e8d2336ca --- /dev/null +++ b/release/packages/ucl/autofs-all.ucl @@ -0,0 +1,4 @@ +comment = "Autofs Utilities" +desc = <<EOD +Autofs Utilities +EOD diff --git a/release/packages/ucl/bhyve-all.ucl b/release/packages/ucl/bhyve-all.ucl new file mode 100644 index 000000000000..2b20ca9a716f --- /dev/null +++ b/release/packages/ucl/bhyve-all.ucl @@ -0,0 +1,4 @@ +comment = "Bhyve Utilities" +desc = <<EOD +Bhyve Utilities +EOD diff --git a/release/packages/ucl/blocklist-all.ucl b/release/packages/ucl/blocklist-all.ucl new file mode 100644 index 000000000000..03330a417af9 --- /dev/null +++ b/release/packages/ucl/blocklist-all.ucl @@ -0,0 +1,4 @@ +comment = "Blocklist Utilities" +desc = <<EOD +Blocklist Utilities +EOD diff --git a/release/packages/ucl/bluetooth-all.ucl b/release/packages/ucl/bluetooth-all.ucl new file mode 100644 index 000000000000..c139d9056a14 --- /dev/null +++ b/release/packages/ucl/bluetooth-all.ucl @@ -0,0 +1,4 @@ +comment = "Bluetooth Utilities" +desc = <<EOD +Bluetooth Utilities +EOD diff --git a/release/packages/ucl/bootloader-all.ucl b/release/packages/ucl/bootloader-all.ucl new file mode 100644 index 000000000000..c5690e85c7ba --- /dev/null +++ b/release/packages/ucl/bootloader-all.ucl @@ -0,0 +1,4 @@ +comment = "Bootloader" +desc = <<EOD +Bootloader and configuration files +EOD diff --git a/release/packages/ucl/bsdinstall-all.ucl b/release/packages/ucl/bsdinstall-all.ucl new file mode 100644 index 000000000000..4c4586dcc702 --- /dev/null +++ b/release/packages/ucl/bsdinstall-all.ucl @@ -0,0 +1,4 @@ +comment = "BSDInstall Utilities" +desc = <<EOD +BSDInstall Utilities +EOD diff --git a/release/packages/ucl/bsnmp-all.ucl b/release/packages/ucl/bsnmp-all.ucl new file mode 100644 index 000000000000..9b80310c0617 --- /dev/null +++ b/release/packages/ucl/bsnmp-all.ucl @@ -0,0 +1,4 @@ +comment = "BSNMP Utilities" +desc = <<EOD +BSNMP Utilities +EOD diff --git a/release/packages/ucl/caroot-all.ucl b/release/packages/ucl/caroot-all.ucl new file mode 100644 index 000000000000..151c1f18ae39 --- /dev/null +++ b/release/packages/ucl/caroot-all.ucl @@ -0,0 +1,4 @@ +comment = "SSL Certificates" +desc = <<EOD +SSL Certificates +EOD diff --git a/release/packages/ucl/ccdconfig-all.ucl b/release/packages/ucl/ccdconfig-all.ucl new file mode 100644 index 000000000000..76ba9d64db61 --- /dev/null +++ b/release/packages/ucl/ccdconfig-all.ucl @@ -0,0 +1,5 @@ +comment = "Concatenated disk driver (ccd) configuration utility" +desc = <<EOD +ccdconfig(8) is used to configure the concatenated disk driver, ccd(4). +ccdconfig(8) may also be started on boot using the "ccd" rc(8) service. +EOD diff --git a/release/packages/ucl/certctl-all.ucl b/release/packages/ucl/certctl-all.ucl new file mode 100644 index 000000000000..b4bc5ae261c5 --- /dev/null +++ b/release/packages/ucl/certctl-all.ucl @@ -0,0 +1,4 @@ +comment = "SSL Certificate Utility" +desc = <<EOD +SSL Certificate Utility +EOD diff --git a/release/packages/certctl.ucl b/release/packages/ucl/certctl.ucl index 664a6d139585..300aa55fabda 100644 --- a/release/packages/certctl.ucl +++ b/release/packages/ucl/certctl.ucl @@ -1,3 +1,15 @@ +deps { + "caroot": { + version = "${VERSION}" + origin = "base" + } + + "openssl": { + version = "${VERSION}" + origin = "base" + } +} + scripts: { # XXX If pkg picks up a mechanism to detect in the post-install script # files being added or removed, we should use it instead to gate the diff --git a/release/packages/ucl/clang-all.ucl b/release/packages/ucl/clang-all.ucl new file mode 100644 index 000000000000..3f79f0acb229 --- /dev/null +++ b/release/packages/ucl/clang-all.ucl @@ -0,0 +1,5 @@ +comment = "Clang Utilities" +desc = <<EOD +Clang Utilities +EOD +licenses = [ NCSA ] diff --git a/release/packages/ucl/clang.ucl b/release/packages/ucl/clang.ucl new file mode 100644 index 000000000000..956b769a1ee7 --- /dev/null +++ b/release/packages/ucl/clang.ucl @@ -0,0 +1,11 @@ +deps { + "lld" { + version = "${VERSION}" + origin = "base" + } + + "libcompiler_rt-dev" { + version = "${VERSION}" + origin = "base" + } +} diff --git a/release/packages/ucl/clibs-all.ucl b/release/packages/ucl/clibs-all.ucl new file mode 100644 index 000000000000..69ae018d4d1f --- /dev/null +++ b/release/packages/ucl/clibs-all.ucl @@ -0,0 +1,4 @@ +comment = "Core C Libraries" +desc = <<EOD +Core C Libraries +EOD diff --git a/release/packages/clibs.ucl b/release/packages/ucl/clibs.ucl index 093fbb60248a..093fbb60248a 100644 --- a/release/packages/clibs.ucl +++ b/release/packages/ucl/clibs.ucl diff --git a/release/packages/ucl/console-tools-all.ucl b/release/packages/ucl/console-tools-all.ucl new file mode 100644 index 000000000000..53f31b2a9937 --- /dev/null +++ b/release/packages/ucl/console-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "Console Utilities" +desc = <<EOD +Console Utilities +EOD diff --git a/release/packages/ucl/cron-all.ucl b/release/packages/ucl/cron-all.ucl new file mode 100644 index 000000000000..d9edf6bfde52 --- /dev/null +++ b/release/packages/ucl/cron-all.ucl @@ -0,0 +1,4 @@ +comment = "cron(8) and crontab(1)" +desc = <<EOD +cron(8) and crontab(1) +EOD diff --git a/release/packages/ucl/csh-all.ucl b/release/packages/ucl/csh-all.ucl new file mode 100644 index 000000000000..df4dc71f8dd5 --- /dev/null +++ b/release/packages/ucl/csh-all.ucl @@ -0,0 +1,4 @@ +comment = "C Shell" +desc = <<EOD +C Shell +EOD diff --git a/release/packages/ucl/ctf-tools-all.ucl b/release/packages/ucl/ctf-tools-all.ucl new file mode 100644 index 000000000000..38ca769f6109 --- /dev/null +++ b/release/packages/ucl/ctf-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "CTF Utilities" +desc = <<EOD +CTF Utilities +EOD diff --git a/release/packages/ucl/ctl-all.ucl b/release/packages/ucl/ctl-all.ucl new file mode 100644 index 000000000000..d24ffabea1a0 --- /dev/null +++ b/release/packages/ucl/ctl-all.ucl @@ -0,0 +1,4 @@ +comment = "CAM Target Layer" +desc = <<EOD +The CAM Target Layer allows CAM to export storage targets, e.g. via iSCSI. +EOD diff --git a/release/packages/ucl/cxgbe-tools-all.ucl b/release/packages/ucl/cxgbe-tools-all.ucl new file mode 100644 index 000000000000..e2f6132f7ef9 --- /dev/null +++ b/release/packages/ucl/cxgbe-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "Chelsio cxbge Utilities" +desc = <<EOD +Chelsio cxbge Utilities +EOD diff --git a/release/packages/ucl/devd-all.ucl b/release/packages/ucl/devd-all.ucl new file mode 100644 index 000000000000..dc7d162a1930 --- /dev/null +++ b/release/packages/ucl/devd-all.ucl @@ -0,0 +1,4 @@ +comment = "Devd Utility and scripts" +desc = <<EOD +Devd Utility and scripts +EOD diff --git a/release/packages/ucl/devmatch-all.ucl b/release/packages/ucl/devmatch-all.ucl new file mode 100644 index 000000000000..02dc903fd422 --- /dev/null +++ b/release/packages/ucl/devmatch-all.ucl @@ -0,0 +1,4 @@ +comment = "Devmatch Utility" +desc = <<EOD +Devmatch Utility +EOD diff --git a/release/packages/ucl/dhclient-all.ucl b/release/packages/ucl/dhclient-all.ucl new file mode 100644 index 000000000000..6785366aea5e --- /dev/null +++ b/release/packages/ucl/dhclient-all.ucl @@ -0,0 +1,4 @@ +comment = "DHCP Client" +desc = <<EOD +DHCP Client +EOD diff --git a/release/packages/ucl/dma-all.ucl b/release/packages/ucl/dma-all.ucl new file mode 100644 index 000000000000..e8824acf7a36 --- /dev/null +++ b/release/packages/ucl/dma-all.ucl @@ -0,0 +1,4 @@ +comment = "DMA Mail Agent Utilities" +desc = <<EOD +DMA Mail Agent Utilities +EOD diff --git a/release/packages/ucl/docs-all.ucl b/release/packages/ucl/docs-all.ucl new file mode 100644 index 000000000000..7159d3f8f4ec --- /dev/null +++ b/release/packages/ucl/docs-all.ucl @@ -0,0 +1,4 @@ +comment = "Documentation" +desc = <<EOD +Documentation +EOD diff --git a/release/packages/ucl/dtb-all.ucl b/release/packages/ucl/dtb-all.ucl new file mode 100644 index 000000000000..cc5c1c60f062 --- /dev/null +++ b/release/packages/ucl/dtb-all.ucl @@ -0,0 +1,4 @@ +comment = "FreeBSD Devicetree Blobs" +desc = <<EOD +FreeBSD Devicetree Blobs +EOD diff --git a/release/packages/ucl/dtrace-all.ucl b/release/packages/ucl/dtrace-all.ucl new file mode 100644 index 000000000000..fb36816123c5 --- /dev/null +++ b/release/packages/ucl/dtrace-all.ucl @@ -0,0 +1,4 @@ +comment = "Dtrace Utilities" +desc = <<EOD +Dtrace Utilities +EOD diff --git a/release/packages/ucl/dwatch-all.ucl b/release/packages/ucl/dwatch-all.ucl new file mode 100644 index 000000000000..5f7e0fb764ce --- /dev/null +++ b/release/packages/ucl/dwatch-all.ucl @@ -0,0 +1,4 @@ +comment = "Dwatch Utilities" +desc = <<EOD +Dwatch Utilities +EOD diff --git a/release/packages/ucl/ee-all.ucl b/release/packages/ucl/ee-all.ucl new file mode 100644 index 000000000000..c003942ad3a9 --- /dev/null +++ b/release/packages/ucl/ee-all.ucl @@ -0,0 +1,4 @@ +comment = "Easy Editor Utilities" +desc = <<EOD +Easy Editor Utilities +EOD diff --git a/release/packages/ucl/efi-tools-all.ucl b/release/packages/ucl/efi-tools-all.ucl new file mode 100644 index 000000000000..51d5e12189dd --- /dev/null +++ b/release/packages/ucl/efi-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "UEFI Utilities" +desc = <<EOD +UEFI Utilities +EOD diff --git a/release/packages/ucl/examples-all.ucl b/release/packages/ucl/examples-all.ucl new file mode 100644 index 000000000000..93f0aee16187 --- /dev/null +++ b/release/packages/ucl/examples-all.ucl @@ -0,0 +1,4 @@ +comment = "Examples in /usr/share/examples" +desc = <<EOD +Examples in /usr/share/examples +EOD diff --git a/release/packages/ucl/fd-all.ucl b/release/packages/ucl/fd-all.ucl new file mode 100644 index 000000000000..7092449174e3 --- /dev/null +++ b/release/packages/ucl/fd-all.ucl @@ -0,0 +1,4 @@ +comment = "Floppy disk support" +desc = <<EOD +Utilities for formatting and managing floppy disks supported by fdc(4). +EOD diff --git a/release/packages/ucl/fetch-all.ucl b/release/packages/ucl/fetch-all.ucl new file mode 100644 index 000000000000..f9a3e03e6fa4 --- /dev/null +++ b/release/packages/ucl/fetch-all.ucl @@ -0,0 +1,4 @@ +comment = "Fetch Utility" +desc = <<EOD +Fetch Utility +EOD diff --git a/release/packages/ucl/firmware-iwm-all.ucl b/release/packages/ucl/firmware-iwm-all.ucl new file mode 100644 index 000000000000..6fec27c15351 --- /dev/null +++ b/release/packages/ucl/firmware-iwm-all.ucl @@ -0,0 +1,4 @@ +comment = "iwm(4) firmwares" +desc = <<EOD +iwm(4) firmwares +EOD diff --git a/release/packages/ucl/ftp-all.ucl b/release/packages/ucl/ftp-all.ucl new file mode 100644 index 000000000000..6275bc46e657 --- /dev/null +++ b/release/packages/ucl/ftp-all.ucl @@ -0,0 +1,4 @@ +comment = "FTP Utilities" +desc = <<EOD +FTP Utilities +EOD diff --git a/release/packages/ucl/ftpd-all.ucl b/release/packages/ucl/ftpd-all.ucl new file mode 100644 index 000000000000..cbaa078123d5 --- /dev/null +++ b/release/packages/ucl/ftpd-all.ucl @@ -0,0 +1,4 @@ +comment = "FTP Daemon" +desc = <<EOD +FTP Daemon +EOD diff --git a/release/packages/ucl/fwget-all.ucl b/release/packages/ucl/fwget-all.ucl new file mode 100644 index 000000000000..7a6f9dff5cc9 --- /dev/null +++ b/release/packages/ucl/fwget-all.ucl @@ -0,0 +1,4 @@ +comment = "FWGET Utility" +desc = <<EOD +FWGET Utility +EOD diff --git a/release/packages/ucl/games-all.ucl b/release/packages/ucl/games-all.ucl new file mode 100644 index 000000000000..747638fe6a8f --- /dev/null +++ b/release/packages/ucl/games-all.ucl @@ -0,0 +1,4 @@ +comment = "Games" +desc = <<EOD +Games +EOD diff --git a/release/packages/ucl/geom-all.ucl b/release/packages/ucl/geom-all.ucl new file mode 100644 index 000000000000..6d80b4458f64 --- /dev/null +++ b/release/packages/ucl/geom-all.ucl @@ -0,0 +1,4 @@ +comment = "GEOM Utilitites" +desc = <<EOD +GEOM Utilitites +EOD diff --git a/release/packages/ucl/ggate-all.ucl b/release/packages/ucl/ggate-all.ucl new file mode 100644 index 000000000000..0d0b984b440e --- /dev/null +++ b/release/packages/ucl/ggate-all.ucl @@ -0,0 +1,4 @@ +comment = "GEOM Gate Utilities" +desc = <<EOD +GEOM Gate Utilities +EOD diff --git a/release/packages/ucl/hast-all.ucl b/release/packages/ucl/hast-all.ucl new file mode 100644 index 000000000000..b2441ddb6866 --- /dev/null +++ b/release/packages/ucl/hast-all.ucl @@ -0,0 +1,4 @@ +comment = "Highly Available Storage daemon" +desc = <<EOD +Highly Available Storage daemon +EOD diff --git a/release/packages/ucl/hostapd-all.ucl b/release/packages/ucl/hostapd-all.ucl new file mode 100644 index 000000000000..c2e0d0c0bd11 --- /dev/null +++ b/release/packages/ucl/hostapd-all.ucl @@ -0,0 +1,4 @@ +comment = "802.11 Access Point Daemon an Utilities" +desc = <<EOD +802.11 Access Point Daemon an Utilities +EOD diff --git a/release/packages/ucl/hyperv-tools-all.ucl b/release/packages/ucl/hyperv-tools-all.ucl new file mode 100644 index 000000000000..e16fd5b4b053 --- /dev/null +++ b/release/packages/ucl/hyperv-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "Microsoft HyperV Utilities" +desc = <<EOD +Microsoft HyperV Utilities +EOD diff --git a/release/packages/ucl/inetd-all.ucl b/release/packages/ucl/inetd-all.ucl new file mode 100644 index 000000000000..731769bdc399 --- /dev/null +++ b/release/packages/ucl/inetd-all.ucl @@ -0,0 +1,4 @@ +comment = "Internet super-server" +desc = <<EOD +Internet super-server +EOD diff --git a/release/packages/ucl/ipf-all.ucl b/release/packages/ucl/ipf-all.ucl new file mode 100644 index 000000000000..bd1bec5232de --- /dev/null +++ b/release/packages/ucl/ipf-all.ucl @@ -0,0 +1,4 @@ +comment = "IP Filter (ipf) packet filter management tools" +desc = <<EOD +IP Filter (ipf) is a stateful packet filter for IPv4 and IPv6 networks. +EOD diff --git a/release/packages/ucl/ipfw-all.ucl b/release/packages/ucl/ipfw-all.ucl new file mode 100644 index 000000000000..0884d48aa071 --- /dev/null +++ b/release/packages/ucl/ipfw-all.ucl @@ -0,0 +1,4 @@ +comment = "ipfw (IP firewall) management utilities" +desc = <<EOD +ipfw provides stateful packet filtering, NAT and traffic shaping for IP traffic. +EOD diff --git a/release/packages/ucl/iscsi-all.ucl b/release/packages/ucl/iscsi-all.ucl new file mode 100644 index 000000000000..e81961cb40a5 --- /dev/null +++ b/release/packages/ucl/iscsi-all.ucl @@ -0,0 +1,6 @@ +comment = "iSCSI target, initiator, and management tools" +desc = <<EOD +iSCSI allows a block device to be exported from one system to another over a +network. This package provides the iSCSI target and initiator and associated +management tools. +EOD diff --git a/release/packages/ucl/jail-all.ucl b/release/packages/ucl/jail-all.ucl new file mode 100644 index 000000000000..da844b500ad5 --- /dev/null +++ b/release/packages/ucl/jail-all.ucl @@ -0,0 +1,4 @@ +comment = "Jail Utilities" +desc = <<EOD +Jail Utilities +EOD diff --git a/release/packages/ucl/kerberos-all.ucl b/release/packages/ucl/kerberos-all.ucl new file mode 100644 index 000000000000..6fb7f059296b --- /dev/null +++ b/release/packages/ucl/kerberos-all.ucl @@ -0,0 +1,4 @@ +comment = "Kerberos Utilities" +desc = <<EOD +Kerberos Utilities +EOD diff --git a/release/packages/ucl/kerberos-lib-all.ucl b/release/packages/ucl/kerberos-lib-all.ucl new file mode 100644 index 000000000000..ab769ee16f96 --- /dev/null +++ b/release/packages/ucl/kerberos-lib-all.ucl @@ -0,0 +1,4 @@ +comment = "Kerberos Libraries" +desc = <<EOD +Kerberos Libraries +EOD diff --git a/release/packages/ucl/kernel-all.ucl b/release/packages/ucl/kernel-all.ucl new file mode 100644 index 000000000000..31671602a947 --- /dev/null +++ b/release/packages/ucl/kernel-all.ucl @@ -0,0 +1,4 @@ +comment = "FreeBSD ${KERNEL_NAME} Kernel ${KERNEL_FLAVOR}" +desc = <<EOD +FreeBSD ${KERNEL_NAME} Kernel ${KERNEL_FLAVOR} +EOD diff --git a/release/packages/ucl/lib9p-all.ucl b/release/packages/ucl/lib9p-all.ucl new file mode 100644 index 000000000000..76a5b8de4596 --- /dev/null +++ b/release/packages/ucl/lib9p-all.ucl @@ -0,0 +1,5 @@ +comment = "9P network protocol library" +desc = <<EOD +lib9p implements the server side of the 9p2000, 9p2000.u and 9p2000.L revisions +of the 9P protocol +EOD diff --git a/release/packages/ucl/libarchive-all.ucl b/release/packages/ucl/libarchive-all.ucl new file mode 100644 index 000000000000..9b98404b3235 --- /dev/null +++ b/release/packages/ucl/libarchive-all.ucl @@ -0,0 +1,4 @@ +comment = "Archive handling library" +desc = <<EOD +libarchive allows applications to read and write archive files of various types. +EOD diff --git a/release/packages/ucl/libbegemot-all.ucl b/release/packages/ucl/libbegemot-all.ucl new file mode 100644 index 000000000000..7a2f19df8e0e --- /dev/null +++ b/release/packages/ucl/libbegemot-all.ucl @@ -0,0 +1,5 @@ +comment = "rpoll(3) interface for event-driven I/O" +desc = <<EOD +libbegemot provides rpoll(3), a simplified interface for handling event-driven +I/O programming. +EOD diff --git a/release/packages/ucl/libblocksruntime-all.ucl b/release/packages/ucl/libblocksruntime-all.ucl new file mode 100644 index 000000000000..818c32174a6c --- /dev/null +++ b/release/packages/ucl/libblocksruntime-all.ucl @@ -0,0 +1,4 @@ +comment = "LLVM BlocksRuntime library" +desc = <<EOD +The LLVM libBlocksRuntime library. +EOD diff --git a/release/packages/ucl/libbsdstat-all.ucl b/release/packages/ucl/libbsdstat-all.ucl new file mode 100644 index 000000000000..4db0059827a0 --- /dev/null +++ b/release/packages/ucl/libbsdstat-all.ucl @@ -0,0 +1,5 @@ +comment = "Periodic statistics library" +desc = <<EOD +libbsdstat is a library for managing and display periodically collected +statistics. +EOD diff --git a/release/packages/ucl/libbsm-all.ucl b/release/packages/ucl/libbsm-all.ucl new file mode 100644 index 000000000000..0a60ada09075 --- /dev/null +++ b/release/packages/ucl/libbsm-all.ucl @@ -0,0 +1,6 @@ +comment = "Basic Security Module (BSM) audit library" +desc = <<EOD +The libbsm library routines provide an interface to BSM audit record streams, +allowing both the parsing of existing audit streams, as well as the creation of +new audit records and streams. +EOD diff --git a/release/packages/ucl/libbz2-all.ucl b/release/packages/ucl/libbz2-all.ucl new file mode 100644 index 000000000000..c8141bcb1d11 --- /dev/null +++ b/release/packages/ucl/libbz2-all.ucl @@ -0,0 +1,5 @@ +comment = "bzip2 compression library" +desc = <<EOD +libbz2 allows applications to compress and decompress data using the bzip2 +compression algorithm. +EOD diff --git a/release/packages/ucl/libcasper-all.ucl b/release/packages/ucl/libcasper-all.ucl new file mode 100644 index 000000000000..b25a82a32050 --- /dev/null +++ b/release/packages/ucl/libcasper-all.ucl @@ -0,0 +1,5 @@ +comment = "Casper library" +desc = <<EOD +The libcasper library provides for the control of application capabilities +through the casper process. +EOD diff --git a/release/packages/ucl/libcompat-all.ucl b/release/packages/ucl/libcompat-all.ucl new file mode 100644 index 000000000000..a562f155dc5f --- /dev/null +++ b/release/packages/ucl/libcompat-all.ucl @@ -0,0 +1,4 @@ +comment = "Compatibility library" +desc = <<EOD +libcompat provides implementations of some obsolete library functions. +EOD diff --git a/release/packages/ucl/libcompiler_rt-all.ucl b/release/packages/ucl/libcompiler_rt-all.ucl new file mode 100644 index 000000000000..f21e629ac88c --- /dev/null +++ b/release/packages/ucl/libcompiler_rt-all.ucl @@ -0,0 +1,4 @@ +comment = "LLVM compiler_rt library" +desc = <<EOD +The libcompiler_rt library from LLVM. +EOD diff --git a/release/packages/ucl/libcuse-all.ucl b/release/packages/ucl/libcuse-all.ucl new file mode 100644 index 000000000000..de972d4b8d3a --- /dev/null +++ b/release/packages/ucl/libcuse-all.ucl @@ -0,0 +1,5 @@ +comment = "Userland character device library" +desc = <<EOD +The libcuse library contains functions to create a character device in +userspace. +EOD diff --git a/release/packages/ucl/libdwarf-all.ucl b/release/packages/ucl/libdwarf-all.ucl new file mode 100644 index 000000000000..4226dbfee592 --- /dev/null +++ b/release/packages/ucl/libdwarf-all.ucl @@ -0,0 +1,6 @@ +comment = "DWARF access library" +desc = <<EOD +The DWARF Access Library provides functions that allow an application to read +and write debugging information in object files. The format of debugging +information accessible through this API is defined by the DWARF standard. +EOD diff --git a/release/packages/ucl/libevent1-all.ucl b/release/packages/ucl/libevent1-all.ucl new file mode 100644 index 000000000000..511e077233d2 --- /dev/null +++ b/release/packages/ucl/libevent1-all.ucl @@ -0,0 +1,4 @@ +comment = "Private libevent1 library" +desc = <<EOD +A private library used by applications in the base system. +EOD diff --git a/release/packages/ucl/libexecinfo-all.ucl b/release/packages/ucl/libexecinfo-all.ucl new file mode 100644 index 000000000000..8a0c110381be --- /dev/null +++ b/release/packages/ucl/libexecinfo-all.ucl @@ -0,0 +1,5 @@ +comment = "NetBSD stack backtrace library" +desc = <<EOD +libexecinfo provides the backtrace(3) interface to allow an application to +examine its current call stack. +EOD diff --git a/release/packages/ucl/libipt-all.ucl b/release/packages/ucl/libipt-all.ucl new file mode 100644 index 000000000000..eb0ef6a32d40 --- /dev/null +++ b/release/packages/ucl/libipt-all.ucl @@ -0,0 +1,6 @@ +comment = "Intel(R) Processor Trace decoder library" +desc = <<EOD +The Intel Processor Trace (Intel PT) Decoder Library is Intel's reference +implementation for decoding Intel PT. It can be used as a standalone library +or it can be partially or fully integrated into your tool. +EOD diff --git a/release/packages/ucl/libldns-all.ucl b/release/packages/ucl/libldns-all.ucl new file mode 100644 index 000000000000..55de2701bbb8 --- /dev/null +++ b/release/packages/ucl/libldns-all.ucl @@ -0,0 +1,6 @@ +comment="NLnet Labs LDNS library" +desc = <<EOD +The goal of ldns is to simplify DNS programming in C. ldns supports all +low-level DNS and DNSSEC operations. It also defines a higher level API which +allows a programmer to for instance create or sign packets. +EOD diff --git a/release/packages/ucl/liblzma-all.ucl b/release/packages/ucl/liblzma-all.ucl new file mode 100644 index 000000000000..0b1bfcbcecc6 --- /dev/null +++ b/release/packages/ucl/liblzma-all.ucl @@ -0,0 +1,5 @@ +comment = "XZ LZMA library" +desc = <<EOD +liblzma allows applications to compress and decompress data using the XZ +compression algorithm. +EOD diff --git a/release/packages/ucl/libmagic-all.ucl b/release/packages/ucl/libmagic-all.ucl new file mode 100644 index 000000000000..2a29aacb260d --- /dev/null +++ b/release/packages/ucl/libmagic-all.ucl @@ -0,0 +1,5 @@ +comment = "Magic number recognition library" +desc = <<EOD +libmagic allows an application to identity data using the magic(5) magic number +database. +EOD diff --git a/release/packages/ucl/libpathconv-all.ucl b/release/packages/ucl/libpathconv-all.ucl new file mode 100644 index 000000000000..872d34a24e6a --- /dev/null +++ b/release/packages/ucl/libpathconv-all.ucl @@ -0,0 +1,5 @@ +comment = "Library for handling relative and absolute pathnames" +desc = <<EOD +libpathconv provides the abs2rel() and rel2abs() functions to convert between +absolute and relative pathnames. +EOD diff --git a/release/packages/ucl/librpcsec_gss-all.ucl b/release/packages/ucl/librpcsec_gss-all.ucl new file mode 100644 index 000000000000..67f481e9e9b5 --- /dev/null +++ b/release/packages/ucl/librpcsec_gss-all.ucl @@ -0,0 +1,5 @@ +comment = "RPC GSS-API authentication library" +desc = <<EOD +librpcsec_gss provides an API to allow applications to interact with the +RPCSEC_GSS security mechanism. +EOD diff --git a/release/packages/ucl/librss-all.ucl b/release/packages/ucl/librss-all.ucl new file mode 100644 index 000000000000..3c09025356a8 --- /dev/null +++ b/release/packages/ucl/librss-all.ucl @@ -0,0 +1,5 @@ +comment = "Receive-side scaling library" +desc = <<EOD +The librss library and the functions it provides are used for both fetching the +system RSS configuration and interacting with RSS aware sockets. +EOD diff --git a/release/packages/ucl/libsdp-all.ucl b/release/packages/ucl/libsdp-all.ucl new file mode 100644 index 000000000000..31f04e089470 --- /dev/null +++ b/release/packages/ucl/libsdp-all.ucl @@ -0,0 +1,5 @@ +comment = "Bluetooth Service Discovery Protocol library" +desc = <<EOD +libsdp allows applications to interact with the Bluetooth Service Discovery +Protocol. +EOD diff --git a/release/packages/ucl/libsqlite3-all.ucl b/release/packages/ucl/libsqlite3-all.ucl new file mode 100644 index 000000000000..55ac00863bf1 --- /dev/null +++ b/release/packages/ucl/libsqlite3-all.ucl @@ -0,0 +1,4 @@ +comment = "Private SQLite library" +desc = <<EOD +A private version of SQLite for use by applications in the base system. +EOD diff --git a/release/packages/ucl/libstdbuf-all.ucl b/release/packages/ucl/libstdbuf-all.ucl new file mode 100644 index 000000000000..d85f2d3b70f2 --- /dev/null +++ b/release/packages/ucl/libstdbuf-all.ucl @@ -0,0 +1,6 @@ +comment = "Preloaded library to change standard streams initial buffering" +desc = <<EOD +The libstdbuf library is meant to be preloaded with the LD_PRELOAD environment +variable to as to change the initial buffering of standard input, standard +output and standard error streams. +EOD diff --git a/release/packages/ucl/libstdthreads-all.ucl b/release/packages/ucl/libstdthreads-all.ucl new file mode 100644 index 000000000000..5af147ea5ca7 --- /dev/null +++ b/release/packages/ucl/libstdthreads-all.ucl @@ -0,0 +1,4 @@ +comment = "C11 threading library" +desc = <<EOD +libstdthreads provides the thread-control interface defined in the C99 standard. +EOD diff --git a/release/packages/ucl/libthread_db-all.ucl b/release/packages/ucl/libthread_db-all.ucl new file mode 100644 index 000000000000..ba2164a3f211 --- /dev/null +++ b/release/packages/ucl/libthread_db-all.ucl @@ -0,0 +1,5 @@ +comment = "Library for interacting with threaded processes" +desc = <<EOD +libthread_db is used by the debugger to examine and interact with a +multithreaded process being debugger. +EOD diff --git a/release/packages/ucl/libucl-all.ucl b/release/packages/ucl/libucl-all.ucl new file mode 100644 index 000000000000..d04c2109df06 --- /dev/null +++ b/release/packages/ucl/libucl-all.ucl @@ -0,0 +1,5 @@ +comment = "Private Universal Configuration Library (UCL) library" +desc = <<EOD +A private library for reading and writing UCL files, for used by applications +in the base system. +EOD diff --git a/release/packages/ucl/libufs-all.ucl b/release/packages/ucl/libufs-all.ucl new file mode 100644 index 000000000000..d86a84bbd637 --- /dev/null +++ b/release/packages/ucl/libufs-all.ucl @@ -0,0 +1,8 @@ +comment = "Low-level access to UFS filesystems" +desc = <<EOD +The libufs library and the functions it provides are used for implementing +utilities which need to access a UFS file system at a low level from userland. +Facilities provided are used to implement utilities such as newfs(8) and +dumpfs(8). The libufs library is designed to be simple, and to provide +functions that are traditionally useful to have. +EOD diff --git a/release/packages/ucl/libvgl-all.ucl b/release/packages/ucl/libvgl-all.ucl new file mode 100644 index 000000000000..fea63d807de0 --- /dev/null +++ b/release/packages/ucl/libvgl-all.ucl @@ -0,0 +1,13 @@ +comment = "Video Graphics Library" +desc = <<EOD +libvgl is a library that enables the programmer access to the graphics modes +supported by the console driver (syscons). The library takes care of +programming the actual video hardware, and provides a number of simple +functions to do various graphic operations. There is also support for a mouse +via the standard mouse system in FreeBSD, including the ability to +transparently have a mouse pointer superimposed on the graphic image currently +being worked on. The library takes care of screen switching by storing the +current image in memory before switching to another virtual console, and +restoring when the user switches back. This allows several graphic +applications at once, but on different virtual consoles. +EOD diff --git a/release/packages/ucl/libvmmapi-all.ucl b/release/packages/ucl/libvmmapi-all.ucl new file mode 100644 index 000000000000..976fb1bfce47 --- /dev/null +++ b/release/packages/ucl/libvmmapi-all.ucl @@ -0,0 +1,4 @@ +comment = "Front-end to vmm(4) virtualization driver" +desc = <<EOD +libvmmapi provides an interface for applications to access the vmm(4) driver. +EOD diff --git a/release/packages/ucl/liby-all.ucl b/release/packages/ucl/liby-all.ucl new file mode 100644 index 000000000000..575aeda0a1ef --- /dev/null +++ b/release/packages/ucl/liby-all.ucl @@ -0,0 +1,5 @@ +comment = "YACC library" +desc = <<EOD +liby provides default implementations of main() and yyerror() for use with +applications which use yacc(1). +EOD diff --git a/release/packages/ucl/libyaml-all.ucl b/release/packages/ucl/libyaml-all.ucl new file mode 100644 index 000000000000..f98a5a39362f --- /dev/null +++ b/release/packages/ucl/libyaml-all.ucl @@ -0,0 +1,5 @@ +comment = "Private YAML library" +desc = <<EOD +The libprivateyaml library is used by the FreeBSD base system to parse YAML +files. This library is not intended for use outside of the base system. +EOD diff --git a/release/packages/ucl/libzfs-all.ucl b/release/packages/ucl/libzfs-all.ucl new file mode 100644 index 000000000000..bd53521f3aa0 --- /dev/null +++ b/release/packages/ucl/libzfs-all.ucl @@ -0,0 +1,5 @@ +comment = "ZFS filesystem library" +desc = <<EOD +libzfs allows applications to manage ZFS pools and filesystems. Several +libraries which libzfs requires are also provided. +EOD diff --git a/release/packages/ucl/lld-all.ucl b/release/packages/ucl/lld-all.ucl new file mode 100644 index 000000000000..03daf1b235e6 --- /dev/null +++ b/release/packages/ucl/lld-all.ucl @@ -0,0 +1,6 @@ +comment = "ELF linker from the LLVM project" +desc = <<EOD +ld.lld is the ELF linker provided by LLVM. +EOD + +licenses = [ NCSA ] diff --git a/release/packages/ucl/lldb-all.ucl b/release/packages/ucl/lldb-all.ucl new file mode 100644 index 000000000000..da481c026981 --- /dev/null +++ b/release/packages/ucl/lldb-all.ucl @@ -0,0 +1,6 @@ +comment = "LLVM debugger" +desc = <<EOD +lldb is a source-level debugger from the LLVM project. +EOD + +licenses = [ NCSA ] diff --git a/release/packages/ucl/locales-all.ucl b/release/packages/ucl/locales-all.ucl new file mode 100644 index 000000000000..6fc53ab10fca --- /dev/null +++ b/release/packages/ucl/locales-all.ucl @@ -0,0 +1,4 @@ +comment = "Locale definitions" +desc = <<EOD +Provides the locale definitions (LC_*) for supported locales. +EOD diff --git a/release/packages/ucl/lp-all.ucl b/release/packages/ucl/lp-all.ucl new file mode 100644 index 000000000000..c400038458d0 --- /dev/null +++ b/release/packages/ucl/lp-all.ucl @@ -0,0 +1,4 @@ +comment = "Printer subsystem" +desc = <<EOD +Printer subsystem +EOD diff --git a/release/packages/ucl/manuals-all.ucl b/release/packages/ucl/manuals-all.ucl new file mode 100644 index 000000000000..9acfd90159ae --- /dev/null +++ b/release/packages/ucl/manuals-all.ucl @@ -0,0 +1,4 @@ +comment = "Manual Pages" +desc = <<EOD +Manual Pages +EOD diff --git a/release/packages/ucl/mlx-tools-all.ucl b/release/packages/ucl/mlx-tools-all.ucl new file mode 100644 index 000000000000..4af47252c71d --- /dev/null +++ b/release/packages/ucl/mlx-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "Mellanox Utilities" +desc = <<EOD +Mellanox Utilities +EOD diff --git a/release/packages/ucl/mtree-all.ucl b/release/packages/ucl/mtree-all.ucl new file mode 100644 index 000000000000..b921c51a6afb --- /dev/null +++ b/release/packages/ucl/mtree-all.ucl @@ -0,0 +1,4 @@ +comment = "MTREE Files" +desc = <<EOD +MTREE Files +EOD diff --git a/release/packages/ucl/natd-all.ucl b/release/packages/ucl/natd-all.ucl new file mode 100644 index 000000000000..db5103c1d591 --- /dev/null +++ b/release/packages/ucl/natd-all.ucl @@ -0,0 +1,4 @@ +comment = "Network Address Translation (NAT) daemon for ipfw" +desc = <<EOD +natd provides userland NAT support for ipfw using divert(4) sockets. +EOD diff --git a/release/packages/ucl/netmap-all.ucl b/release/packages/ucl/netmap-all.ucl new file mode 100644 index 000000000000..e0c0c65b8fb8 --- /dev/null +++ b/release/packages/ucl/netmap-all.ucl @@ -0,0 +1,4 @@ +comment = "Netmap Library and Utilities" +desc = <<EOD +Netmap Library and Utilities +EOD diff --git a/release/packages/ucl/newsyslog-all.ucl b/release/packages/ucl/newsyslog-all.ucl new file mode 100644 index 000000000000..e52b34dbdcba --- /dev/null +++ b/release/packages/ucl/newsyslog-all.ucl @@ -0,0 +1,4 @@ +comment = "Newsyslog Utility" +desc = <<EOD +Newsyslog Utility +EOD diff --git a/release/packages/ucl/nfs-all.ucl b/release/packages/ucl/nfs-all.ucl new file mode 100644 index 000000000000..a53d2f028975 --- /dev/null +++ b/release/packages/ucl/nfs-all.ucl @@ -0,0 +1,4 @@ +comment = "NFS Utilities" +desc = <<EOD +NFS Utilities +EOD diff --git a/release/packages/ucl/ntp-all.ucl b/release/packages/ucl/ntp-all.ucl new file mode 100644 index 000000000000..c01ae91c31cf --- /dev/null +++ b/release/packages/ucl/ntp-all.ucl @@ -0,0 +1,4 @@ +comment = "Network Time Protocol server and client" +desc = <<EOD +Network Time Protocol server and client +EOD diff --git a/release/packages/ucl/nuageinit-all.ucl b/release/packages/ucl/nuageinit-all.ucl new file mode 100644 index 000000000000..4d510b799fa7 --- /dev/null +++ b/release/packages/ucl/nuageinit-all.ucl @@ -0,0 +1,4 @@ +comment = "CloudInit support scripts" +desc = <<EOD +CloudInit support scripts +EOD diff --git a/release/packages/ucl/nvme-tools-all.ucl b/release/packages/ucl/nvme-tools-all.ucl new file mode 100644 index 000000000000..5863af2d5e34 --- /dev/null +++ b/release/packages/ucl/nvme-tools-all.ucl @@ -0,0 +1,4 @@ +comment = "NVME Utilities" +desc = <<EOD +NVME Utilities +EOD diff --git a/release/packages/ucl/openssl-all.ucl b/release/packages/ucl/openssl-all.ucl new file mode 100644 index 000000000000..8dd2da021f0a --- /dev/null +++ b/release/packages/ucl/openssl-all.ucl @@ -0,0 +1,4 @@ +comment = "OpenSSL Utility" +desc = <<EOD +OpenSSL Utility +EOD diff --git a/release/packages/ucl/openssl-lib-all.ucl b/release/packages/ucl/openssl-lib-all.ucl new file mode 100644 index 000000000000..c81dd44855cd --- /dev/null +++ b/release/packages/ucl/openssl-lib-all.ucl @@ -0,0 +1,4 @@ +comment = "OpenSSL Libraries" +desc = <<EOD +OpenSSL Libraries +EOD diff --git a/release/packages/ucl/periodic-all.ucl b/release/packages/ucl/periodic-all.ucl new file mode 100644 index 000000000000..569bf8d829c4 --- /dev/null +++ b/release/packages/ucl/periodic-all.ucl @@ -0,0 +1,4 @@ +comment = "Periodic Utility" +desc = <<EOD +Periodic Utility +EOD diff --git a/release/packages/ucl/periodic.ucl b/release/packages/ucl/periodic.ucl new file mode 100644 index 000000000000..6f85d2ab744b --- /dev/null +++ b/release/packages/ucl/periodic.ucl @@ -0,0 +1,6 @@ +deps { + "cron" { + version = "${VERSION}" + origin = "base" + } +} diff --git a/release/packages/ucl/pf-all.ucl b/release/packages/ucl/pf-all.ucl new file mode 100644 index 000000000000..4b58fa4f6364 --- /dev/null +++ b/release/packages/ucl/pf-all.ucl @@ -0,0 +1,4 @@ +comment = "OpenBSD packet filter" +desc = <<EOD +pf is an advanced stateful packet filter developed by the OpenBSD project. +EOD diff --git a/release/packages/ucl/pkg-bootstrap-all.ucl b/release/packages/ucl/pkg-bootstrap-all.ucl new file mode 100644 index 000000000000..9ca6ccd2af58 --- /dev/null +++ b/release/packages/ucl/pkg-bootstrap-all.ucl @@ -0,0 +1,4 @@ +comment = "pkg bootstrap Utility" +desc = <<EOD +pkg bootstrap Utility +EOD diff --git a/release/packages/ucl/ppp-all.ucl b/release/packages/ucl/ppp-all.ucl new file mode 100644 index 000000000000..454e54b7b872 --- /dev/null +++ b/release/packages/ucl/ppp-all.ucl @@ -0,0 +1,5 @@ +comment = "Userland PPP implementation" +desc = <<EOD +ppp(8) is a userland implementations of the Point to Point Protocol for serial +lines and Ethernet (PPPoE). +EOD diff --git a/release/packages/ucl/quotacheck-all.ucl b/release/packages/ucl/quotacheck-all.ucl new file mode 100644 index 000000000000..18b2c3d9bd5c --- /dev/null +++ b/release/packages/ucl/quotacheck-all.ucl @@ -0,0 +1,8 @@ +comment = "Filesystem quota consistency checker" +desc = <<EOD +The quotacheck utility examines each file system, builds a table of current +disk usage, and compares this table against that recorded in the disk quota +file for the file system. If any inconsistencies are detected, both the quota +file and the current system copy of the incorrect quotas are updated (the +latter only occurs if an active file system is checked). +EOD diff --git a/release/packages/ucl/rc-all.ucl b/release/packages/ucl/rc-all.ucl new file mode 100644 index 000000000000..04ed0dafacf0 --- /dev/null +++ b/release/packages/ucl/rc-all.ucl @@ -0,0 +1,4 @@ +comment = "RC Scripts" +desc = <<EOD +RC Scripts +EOD diff --git a/release/packages/ucl/rcmds-all.ucl b/release/packages/ucl/rcmds-all.ucl new file mode 100644 index 000000000000..db51d52ed246 --- /dev/null +++ b/release/packages/ucl/rcmds-all.ucl @@ -0,0 +1,7 @@ +comment = "BSD/SunOS remote status commands" +desc = <<EOD +The BSD/SunOS remote status commands, which can be used to query or interact +with remote hosts over the network. This includes the command-line utilities +rwho, ruptime, rup, rusers and rwall and the daemons rwhod, rpc.rstatd, +rpc.rusersd, and rpc.rwalld. +EOD diff --git a/release/packages/ucl/rcmds.ucl b/release/packages/ucl/rcmds.ucl new file mode 100644 index 000000000000..88a4916675dc --- /dev/null +++ b/release/packages/ucl/rcmds.ucl @@ -0,0 +1,8 @@ +deps { + # The RPC daemons require rpcbind. + "utilities" { + version = "${VERSION}" + origin = "base" + } +} + diff --git a/release/packages/ucl/rdma-all.ucl b/release/packages/ucl/rdma-all.ucl new file mode 100644 index 000000000000..313c2b7d17e0 --- /dev/null +++ b/release/packages/ucl/rdma-all.ucl @@ -0,0 +1 @@ +comment = "RDMA Utilities" diff --git a/release/packages/ucl/rescue-all.ucl b/release/packages/ucl/rescue-all.ucl new file mode 100644 index 000000000000..da870079bbb7 --- /dev/null +++ b/release/packages/ucl/rescue-all.ucl @@ -0,0 +1,4 @@ +comment = "Rescue Utilities" +desc = <<EOD +Rescue Utilities +EOD diff --git a/release/packages/ucl/resolvconf-all.ucl b/release/packages/ucl/resolvconf-all.ucl new file mode 100644 index 000000000000..a2d2e0debfa1 --- /dev/null +++ b/release/packages/ucl/resolvconf-all.ucl @@ -0,0 +1,4 @@ +comment = "Resolvconf Utility and scripts" +desc = <<EOD +Resolvconf Utility and scripts +EOD diff --git a/release/packages/ucl/runtime-all.ucl b/release/packages/ucl/runtime-all.ucl new file mode 100644 index 000000000000..f614a3ef3d43 --- /dev/null +++ b/release/packages/ucl/runtime-all.ucl @@ -0,0 +1,4 @@ +comment = "FreeBSD Base System" +desc = <<EOD +FreeBSD Base System +EOD diff --git a/release/packages/runtime.ucl b/release/packages/ucl/runtime.ucl index b04bc32f33cc..b04bc32f33cc 100644 --- a/release/packages/runtime.ucl +++ b/release/packages/ucl/runtime.ucl diff --git a/release/packages/ucl/sendmail-all.ucl b/release/packages/ucl/sendmail-all.ucl new file mode 100644 index 000000000000..2711e33a31a8 --- /dev/null +++ b/release/packages/ucl/sendmail-all.ucl @@ -0,0 +1,4 @@ +comment = "Sendmail Utilities" +desc = <<EOD +Sendmail Utilities +EOD diff --git a/release/packages/ucl/smbutils-all.ucl b/release/packages/ucl/smbutils-all.ucl new file mode 100644 index 000000000000..779179ca3875 --- /dev/null +++ b/release/packages/ucl/smbutils-all.ucl @@ -0,0 +1,4 @@ +comment = "SMB Utilities" +desc = <<EOD +SMB Utilities +EOD diff --git a/release/packages/ucl/src-all.ucl b/release/packages/ucl/src-all.ucl new file mode 100644 index 000000000000..15b2b7d5b29d --- /dev/null +++ b/release/packages/ucl/src-all.ucl @@ -0,0 +1,5 @@ +comment = "System userland source code" +desc = <<EOD +The source code used to rebuild the system, located in /usr/src. +This package includes everything except the kernel source code. +EOD diff --git a/release/packages/ucl/src-sys-all.ucl b/release/packages/ucl/src-sys-all.ucl new file mode 100644 index 000000000000..9b1c5b64bfbb --- /dev/null +++ b/release/packages/ucl/src-sys-all.ucl @@ -0,0 +1,5 @@ +comment = "System kernel source code" +desc = <<EOD +The source code used to rebuild the system, located in /usr/src. +This package includes the kernel source code. +EOD diff --git a/release/packages/ucl/ssh-all.ucl b/release/packages/ucl/ssh-all.ucl new file mode 100644 index 000000000000..8159391eab08 --- /dev/null +++ b/release/packages/ucl/ssh-all.ucl @@ -0,0 +1,5 @@ +comment = "Secure Shell Utilities" +desc = <<EOD +Secure Shell Utilities +EOD +licenses = [ ISCL ] diff --git a/release/packages/ucl/syscons-data-all.ucl b/release/packages/ucl/syscons-data-all.ucl new file mode 100644 index 000000000000..9f59bfd60588 --- /dev/null +++ b/release/packages/ucl/syscons-data-all.ucl @@ -0,0 +1,4 @@ +comment = "syscons(4) fonts and keymaps" +desc = <<EOD +Fonts and keymaps for use with the legacy syscons(4) video console driver. +EOD diff --git a/release/packages/ucl/syslogd-all.ucl b/release/packages/ucl/syslogd-all.ucl new file mode 100644 index 000000000000..0f82c31fdf0f --- /dev/null +++ b/release/packages/ucl/syslogd-all.ucl @@ -0,0 +1,4 @@ +comment = "Syslog Daemon" +desc = <<EOD +Syslog Daemon +EOD diff --git a/release/packages/ucl/tcpd-all.ucl b/release/packages/ucl/tcpd-all.ucl new file mode 100644 index 000000000000..13b7449af267 --- /dev/null +++ b/release/packages/ucl/tcpd-all.ucl @@ -0,0 +1,4 @@ +comment = "TCP Wrapper utilities" +desc = <<EOD +TCP Wrapper utilities +EOD diff --git a/release/packages/ucl/telnet-all.ucl b/release/packages/ucl/telnet-all.ucl new file mode 100644 index 000000000000..e235b0d776eb --- /dev/null +++ b/release/packages/ucl/telnet-all.ucl @@ -0,0 +1,4 @@ +comment = "Telnet client" +desc = <<EOD +Telnet client +EOD diff --git a/release/packages/ucl/tests-all.ucl b/release/packages/ucl/tests-all.ucl new file mode 100644 index 000000000000..39bd365bee5b --- /dev/null +++ b/release/packages/ucl/tests-all.ucl @@ -0,0 +1,4 @@ +comment = "Test Suite" +desc = <<EOD +Test Suite +EOD diff --git a/release/packages/ucl/toolchain-all.ucl b/release/packages/ucl/toolchain-all.ucl new file mode 100644 index 000000000000..dd6517745722 --- /dev/null +++ b/release/packages/ucl/toolchain-all.ucl @@ -0,0 +1,4 @@ +comment = "Utilities for program development" +desc = <<EOD +Utilities for program development. +EOD diff --git a/release/packages/ucl/ufs-all.ucl b/release/packages/ucl/ufs-all.ucl new file mode 100644 index 000000000000..48f9975e0dbd --- /dev/null +++ b/release/packages/ucl/ufs-all.ucl @@ -0,0 +1,4 @@ +comment = "UFS Libraries and Utilities" +desc = <<EOD +UFS Libraries and Utilities +EOD diff --git a/release/packages/ucl/unbound-all.ucl b/release/packages/ucl/unbound-all.ucl new file mode 100644 index 000000000000..700c9e4cf9d0 --- /dev/null +++ b/release/packages/ucl/unbound-all.ucl @@ -0,0 +1,5 @@ +comment = "Unbound DNS Resolver" +desc = <<EOD +Unbound DNS Resolver +EOD +licenses = [ BSD4CLAUSE ] diff --git a/release/packages/ucl/utilities-all.ucl b/release/packages/ucl/utilities-all.ucl new file mode 100644 index 000000000000..aeb82b0cfed5 --- /dev/null +++ b/release/packages/ucl/utilities-all.ucl @@ -0,0 +1,4 @@ +comment = "Non-vital programs and libraries" +desc = <<EOD +Non-vital programs and libraries +EOD diff --git a/release/packages/utilities.ucl b/release/packages/ucl/utilities.ucl index 4eb98cae292a..4eb98cae292a 100644 --- a/release/packages/utilities.ucl +++ b/release/packages/ucl/utilities.ucl diff --git a/release/packages/ucl/vi-all.ucl b/release/packages/ucl/vi-all.ucl new file mode 100644 index 000000000000..c2ad2f8e95eb --- /dev/null +++ b/release/packages/ucl/vi-all.ucl @@ -0,0 +1,4 @@ +comment = "Vi Editor" +desc = <<EOD +Vi Editor +EOD diff --git a/release/packages/ucl/vt-data-all.ucl b/release/packages/ucl/vt-data-all.ucl new file mode 100644 index 000000000000..4142b2eeae70 --- /dev/null +++ b/release/packages/ucl/vt-data-all.ucl @@ -0,0 +1,4 @@ +comment = "vt(4) fonts and keymaps" +desc = <<EOD +Fonts and keymaps for use with the vt(4) video console driver. +EOD diff --git a/release/packages/ucl/wpa-all.ucl b/release/packages/ucl/wpa-all.ucl new file mode 100644 index 000000000000..e5ad7f36db95 --- /dev/null +++ b/release/packages/ucl/wpa-all.ucl @@ -0,0 +1,4 @@ +comment = "802.11 Supplicant" +desc = <<EOD +802.11 Supplicant +EOD diff --git a/release/packages/ucl/yp-all.ucl b/release/packages/ucl/yp-all.ucl new file mode 100644 index 000000000000..9e17cd108d84 --- /dev/null +++ b/release/packages/ucl/yp-all.ucl @@ -0,0 +1,7 @@ +comment = "Yellow Pages (YP) / Network Information Service (NIS)" +desc = <<EOD +YP, also called NIS, is a network protocol for sharing name service +information across machines on a network. This packages contains the YP +server, YP management utilities, the YP-LDAP gateway (ypldap), YP client +utilities and a sample Makefile for building the YP database. +EOD diff --git a/release/packages/ucl/zfs-all.ucl b/release/packages/ucl/zfs-all.ucl new file mode 100644 index 000000000000..f4178acc481c --- /dev/null +++ b/release/packages/ucl/zfs-all.ucl @@ -0,0 +1,4 @@ +comment = "ZFS Libraries and Utilities" +desc = <<EOD +ZFS Libraries and Utilities +EOD diff --git a/release/packages/ucl/zoneinfo-all.ucl b/release/packages/ucl/zoneinfo-all.ucl new file mode 100644 index 000000000000..39991bf144e6 --- /dev/null +++ b/release/packages/ucl/zoneinfo-all.ucl @@ -0,0 +1,5 @@ +comment = "Timezone database" +desc = <<EOD +The timezone database allows applications to convert dates and times between +UTC and local timezones. +EOD diff --git a/release/packages/unbound-all.ucl b/release/packages/unbound-all.ucl deleted file mode 100644 index 78bb1f284ff2..000000000000 --- a/release/packages/unbound-all.ucl +++ /dev/null @@ -1 +0,0 @@ -licenses = [ BSD4CLAUSE ] diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 9a917d1d8464..358fa909fc50 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -367,6 +367,7 @@ static struct node_fairq_opts fairq_opts; static struct node_state_opt *keep_state_defaults = NULL; static struct pfctl_watermarks syncookie_opts; +int validate_range(uint8_t, uint16_t, uint16_t); int disallow_table(struct node_host *, const char *); int disallow_urpf_failed(struct node_host *, const char *); int disallow_alias(struct node_host *, const char *); @@ -3231,8 +3232,7 @@ logopts : logopt { $$ = $1; } logopt : ALL { $$.log = PF_LOG_ALL; $$.logif = 0; } | MATCHES { $$.log = PF_LOG_MATCHES; $$.logif = 0; } - | USER { $$.log = PF_LOG_SOCKET_LOOKUP; $$.logif = 0; } - | GROUP { $$.log = PF_LOG_SOCKET_LOOKUP; $$.logif = 0; } + | USER { $$.log = PF_LOG_USER; $$.logif = 0; } | TO string { const char *errstr; u_int i; @@ -3825,9 +3825,14 @@ port_item : portrange { err(1, "port_item: calloc"); $$->port[0] = $1.a; $$->port[1] = $1.b; - if ($1.t) + if ($1.t) { $$->op = PF_OP_RRG; - else + if (validate_range($$->op, $$->port[0], + $$->port[1])) { + yyerror("invalid port range"); + YYERROR; + } + } else $$->op = PF_OP_EQ; $$->next = NULL; $$->tail = $$; @@ -3844,6 +3849,10 @@ port_item : portrange { $$->port[0] = $2.a; $$->port[1] = $2.b; $$->op = $1; + if (validate_range($$->op, $$->port[0], $$->port[1])) { + yyerror("invalid port range"); + YYERROR; + } $$->next = NULL; $$->tail = $$; } @@ -3859,6 +3868,10 @@ port_item : portrange { $$->port[0] = $1.a; $$->port[1] = $3.a; $$->op = $2; + if (validate_range($$->op, $$->port[0], $$->port[1])) { + yyerror("invalid port range"); + YYERROR; + } $$->next = NULL; $$->tail = $$; } @@ -5197,6 +5210,19 @@ yyerror(const char *fmt, ...) } int +validate_range(uint8_t op, uint16_t p1, uint16_t p2) +{ + uint16_t a = ntohs(p1); + uint16_t b = ntohs(p2); + + if ((op == PF_OP_RRG && a > b) || /* 34:12, i.e. none */ + (op == PF_OP_IRG && a >= b) || /* 34><12, i.e. none */ + (op == PF_OP_XRG && a > b)) /* 34<>22, i.e. all */ + return 1; + return 0; +} + +int disallow_table(struct node_host *h, const char *fmt) { for (; h != NULL; h = h->next) @@ -5324,6 +5350,10 @@ filter_consistent(struct pfctl_rule *r, int anchor_call) "synproxy state or modulate state"); problems++; } + if ((r->keep_state == PF_STATE_SYNPROXY) && (r->direction != PF_IN)) + fprintf(stderr, "%s:%d: warning: " + "synproxy used for inbound rules only, " + "ignored for outbound\n", file->name, yylval.lineno); if (r->rule_flag & PFRULE_AFTO && r->rt) { if (r->rt != PF_ROUTETO && r->rt != PF_REPLYTO) { yyerror("dup-to " @@ -6014,8 +6044,14 @@ apply_rdr_ports(struct pfctl_rule *r, struct pfctl_pool *rpool, struct redirspec if (!rs->rport.b && rs->rport.t) { rpool->proxy_port[1] = ntohs(rs->rport.a) + (ntohs(r->dst.port[1]) - ntohs(r->dst.port[0])); - } else + } else { + if (validate_range(rs->rport.t, rs->rport.a, + rs->rport.b)) { + yyerror("invalid rdr-to port range"); + return (1); + } r->rdr.proxy_port[1] = ntohs(rs->rport.b); + } if (rs->pool_opts.staticport) { yyerror("the 'static-port' option is only valid with nat rules"); diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 271286deeda7..2015e0a09549 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -131,8 +131,8 @@ int pfctl_walk_get(int, struct pfioc_ruleset *, void *); int pfctl_walk_anchors(int, int, const char *, int(*)(int, struct pfioc_ruleset *, void *), void *); struct pfr_anchors * - pfctl_get_anchors(int, char *, int); -int pfctl_recurse(int, int, char *, + pfctl_get_anchors(int, const char *, int); +int pfctl_recurse(int, int, const char *, int(*)(int, int, struct pfr_anchoritem *)); int pfctl_call_clearrules(int, int, struct pfr_anchoritem *); int pfctl_call_cleartables(int, int, struct pfr_anchoritem *); @@ -2988,20 +2988,23 @@ pfctl_show_anchors(int dev, int opts, char *anchor) } struct pfr_anchors * -pfctl_get_anchors(int dev, char *anchor, int opts) +pfctl_get_anchors(int dev, const char *anchor, int opts) { struct pfioc_ruleset pr; static struct pfr_anchors anchors; + char anchorbuf[PATH_MAX]; char *n; SLIST_INIT(&anchors); memset(&pr, 0, sizeof(pr)); if (*anchor != '\0') { - n = dirname(anchor); + strlcpy(anchorbuf, anchor, sizeof(anchorbuf)); + n = dirname(anchorbuf); if (n[0] != '.' && n[1] != '\0') strlcpy(pr.path, n, sizeof(pr.path)); - n = basename(anchor); + strlcpy(anchorbuf, anchor, sizeof(anchorbuf)); + n = basename(anchorbuf); if (n != NULL) strlcpy(pr.name, n, sizeof(pr.name)); } @@ -3051,7 +3054,7 @@ pfctl_call_clearanchors(int dev, int opts, struct pfr_anchoritem *pfra) } int -pfctl_recurse(int dev, int opts, char *anchorname, +pfctl_recurse(int dev, int opts, const char *anchorname, int(*walkf)(int, int, struct pfr_anchoritem *)) { int rv = 0; diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index bd2c10c8080f..f2eb75135609 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -928,7 +928,7 @@ print_rule(struct pfctl_rule *r, const char *anchor_call, int verbose, int numer printf("%sall", count++ ? ", " : ""); if (r->log & PF_LOG_MATCHES) printf("%smatches", count++ ? ", " : ""); - if (r->log & PF_LOG_SOCKET_LOOKUP) + if (r->log & PF_LOG_USER) printf("%suser", count++ ? ", " : ""); if (r->logif) printf("%sto pflog%u", count++ ? ", " : "", @@ -1483,7 +1483,8 @@ ifa_load(void) err(1, "getifaddrs"); for (ifa = ifap; ifa; ifa = ifa->ifa_next) { - if (!(ifa->ifa_addr->sa_family == AF_INET || + if (ifa->ifa_addr == NULL || + !(ifa->ifa_addr->sa_family == AF_INET || ifa->ifa_addr->sa_family == AF_INET6 || ifa->ifa_addr->sa_family == AF_LINK)) continue; diff --git a/sbin/pfctl/tests/files/pf0088.in b/sbin/pfctl/tests/files/pf0088.in index 4700b6916b7e..a85aa84a30bb 100644 --- a/sbin/pfctl/tests/files/pf0088.in +++ b/sbin/pfctl/tests/files/pf0088.in @@ -16,7 +16,7 @@ pass to 10.0.0.2 keep state block from 10.0.0.3 to 10.0.0.2 pass to 10.0.0.2 modulate state block from 10.0.0.3 to 10.0.0.2 -pass to 10.0.0.2 synproxy state +pass in to 10.0.0.2 synproxy state pass out proto tcp from 10.0.0.4 to 10.0.0.5 keep state diff --git a/sbin/pfctl/tests/files/pf0088.ok b/sbin/pfctl/tests/files/pf0088.ok index 47251a4503dd..801056a4ab46 100644 --- a/sbin/pfctl/tests/files/pf0088.ok +++ b/sbin/pfctl/tests/files/pf0088.ok @@ -11,7 +11,7 @@ pass inet from any to 10.0.0.2 flags S/SA keep state block drop inet from 10.0.0.3 to 10.0.0.2 pass inet from any to 10.0.0.2 flags S/SA modulate state block drop inet from 10.0.0.3 to 10.0.0.2 -pass inet from any to 10.0.0.2 flags S/SA synproxy state +pass in inet from any to 10.0.0.2 flags S/SA synproxy state pass out inet proto tcp from 10.0.0.4 to 10.0.0.5 flags S/SA keep state pass out inet proto tcp from 10.0.0.4 to 10.0.0.5 port = http flags S/SA keep state pass out all flags S/SA keep state diff --git a/sbin/pfctl/tests/files/pf1072.fail b/sbin/pfctl/tests/files/pf1072.fail new file mode 100644 index 000000000000..06ef5ae457e5 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1072.fail @@ -0,0 +1 @@ +invalid port range diff --git a/sbin/pfctl/tests/files/pf1072.in b/sbin/pfctl/tests/files/pf1072.in new file mode 100644 index 000000000000..e09e92388ce1 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1072.in @@ -0,0 +1 @@ +pass in proto tcp from any port 500:100 to any diff --git a/sbin/pfctl/tests/pfctl_test_list.inc b/sbin/pfctl/tests/pfctl_test_list.inc index 51729bc9adad..3a68cc06ec74 100644 --- a/sbin/pfctl/tests/pfctl_test_list.inc +++ b/sbin/pfctl/tests/pfctl_test_list.inc @@ -180,3 +180,4 @@ PFCTL_TEST(1068, "max-pkt-rate") PFCTL_TEST(1069, "max-pkt-size") PFCTL_TEST_FAIL(1070, "include line number") PFCTL_TEST(1071, "mask length on (lo0)") +PFCTL_TEST_FAIL(1072, "Invalid port range") diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index b5843d67e106..11e22ebc78bf 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -27,7 +27,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd July 7, 2025 +.Dd July 9, 2025 .Dt PF.CONF 5 .Os .Sh NAME @@ -2122,10 +2122,10 @@ options, or scrubbed with will also not be recoverable from intermediate packets. Such connections will stall and time out. .It Xo Ar icmp-type Aq Ar type -.Ar code Aq Ar code +.Ar Op code Aq Ar code .Xc .It Xo Ar icmp6-type Aq Ar type -.Ar code Aq Ar code +.Ar Op code Aq Ar code .Xc This rule only applies to ICMP or ICMPv6 packets with the specified type and code. @@ -2574,6 +2574,7 @@ will not work if .Xr pf 4 operates on a .Xr bridge 4 . +Also they act on incoming SYN packets only. .Pp Example: .Bd -literal -offset indent diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 2fd63e4f743d..de2181d638d1 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 21, 2025 +.Dd July 15, 2025 .Dt RC.CONF 5 .Os .Sh NAME @@ -1164,8 +1164,8 @@ and is not found. Multiple rules can be set as follows: .Bd -literal -pf_fallback_rules="\\ - block drop log all\\ +pf_fallback_rules=" + block drop log all pass in quick on em0" .Pp .Ed diff --git a/share/man/man5/style.Makefile.5 b/share/man/man5/style.Makefile.5 index cc5d2f6bb28a..fe8754924575 100644 --- a/share/man/man5/style.Makefile.5 +++ b/share/man/man5/style.Makefile.5 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-3-Clause +.\" .\" Copyright (c) 2002-2003, 2023 David O'Brien <obrien@FreeBSD.org> .\" All rights reserved. .\" @@ -30,10 +33,7 @@ .Os .Sh NAME .Nm style.Makefile -.Nd -.Fx -.Pa Makefile -file style guide +.Nd FreeBSD Makefile style guide .Sh DESCRIPTION This file specifies the preferred style for makefiles in the .Fx diff --git a/share/man/man7/arch.7 b/share/man/man7/arch.7 index 918f9058c7aa..fe4e8055a8b1 100644 --- a/share/man/man7/arch.7 +++ b/share/man/man7/arch.7 @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 12, 2025 +.Dd July 14, 2025 .Dt ARCH 7 .Os .Sh NAME diff --git a/share/man/man7/d.7 b/share/man/man7/d.7 index 30efb0249a77..f4686d98b1d1 100644 --- a/share/man/man7/d.7 +++ b/share/man/man7/d.7 @@ -3,7 +3,7 @@ .\" .\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org> .\" -.Dd July 14, 2025 +.Dd June 14, 2025 .Dt D 7 .Os .Sh NAME diff --git a/share/man/man8/nanobsd.8 b/share/man/man8/nanobsd.8 index 2ba072541ada..838f9ddc9afa 100644 --- a/share/man/man8/nanobsd.8 +++ b/share/man/man8/nanobsd.8 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" .\" Copyright (c) 2006 Daniel Gerzo <danger@FreeBSD.org> .\" All rights reserved. .\" @@ -22,13 +25,12 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd November 10, 2024 +.Dd July 14, 2025 .Dt NANOBSD 8 .Os .Sh NAME .Nm nanobsd.sh -.Nd utility used to create a FreeBSD system image suitable for embedded -applications +.Nd create an embedded FreeBSD system image .Sh SYNOPSIS .Nm .Op Fl BbfhIiKknqvWwX diff --git a/share/man/man9/vnode.9 b/share/man/man9/vnode.9 index 5dd087725e92..d17492668298 100644 --- a/share/man/man9/vnode.9 +++ b/share/man/man9/vnode.9 @@ -24,7 +24,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd October 9, 2024 +.Dd July 15, 2025 .Dt VNODE 9 .Os .Sh NAME @@ -113,7 +113,7 @@ The function declarations and definitions are generated from .Pa sys/kern/vnode_if.src by the -.Pa sys/tools/vndoe_if.awk +.Pa sys/tools/vnode_if.awk script. The interfaces are documented in their respective manual pages like .Xr VOP_READ 9 diff --git a/sys/amd64/amd64/mem.c b/sys/amd64/amd64/mem.c index 413b7c74890e..851f2df0e6e1 100644 --- a/sys/amd64/amd64/mem.c +++ b/sys/amd64/amd64/mem.c @@ -105,8 +105,8 @@ memrw(struct cdev *dev, struct uio *uio, int flags) * PAGE_SIZE, the uiomove() call does not * access past the end of the direct map. */ - if (v >= DMAP_MIN_ADDRESS && - v < DMAP_MIN_ADDRESS + dmaplimit) { + if (v >= kva_layout.dmap_low && + v < kva_layout.dmap_high) { error = uiomove((void *)v, c, uio); break; } diff --git a/sys/amd64/amd64/minidump_machdep.c b/sys/amd64/amd64/minidump_machdep.c index 6d0917e16099..43bf81a991bf 100644 --- a/sys/amd64/amd64/minidump_machdep.c +++ b/sys/amd64/amd64/minidump_machdep.c @@ -186,7 +186,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) * tables, so care must be taken to read each entry only once. */ pmapsize = 0; - for (va = VM_MIN_KERNEL_ADDRESS; va < kva_end; ) { + for (va = kva_layout.km_low; va < kva_end; ) { /* * We always write a page, even if it is zero. Each * page written corresponds to 1GB of space @@ -279,9 +279,9 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) mdhdr.msgbufsize = mbp->msg_size; mdhdr.bitmapsize = round_page(BITSET_SIZE(vm_page_dump_pages)); mdhdr.pmapsize = pmapsize; - mdhdr.kernbase = VM_MIN_KERNEL_ADDRESS; - mdhdr.dmapbase = DMAP_MIN_ADDRESS; - mdhdr.dmapend = DMAP_MAX_ADDRESS; + mdhdr.kernbase = kva_layout.km_low; + mdhdr.dmapbase = kva_layout.dmap_low; + mdhdr.dmapend = kva_layout.dmap_high; mdhdr.dumpavailsize = round_page(sizeof(dump_avail)); dump_init_header(di, &kdh, KERNELDUMPMAGIC, KERNELDUMP_AMD64_VERSION, @@ -323,7 +323,7 @@ cpu_minidumpsys(struct dumperinfo *di, const struct minidumpstate *state) /* Dump kernel page directory pages */ bzero(fakepd, sizeof(fakepd)); - for (va = VM_MIN_KERNEL_ADDRESS; va < kva_end; va += NBPDP) { + for (va = kva_layout.km_low; va < kva_end; va += NBPDP) { ii = pmap_pml4e_index(va); pml4 = (uint64_t *)PHYS_TO_DMAP(KPML4phys) + ii; pdp = (uint64_t *)PHYS_TO_DMAP(*pml4 & PG_FRAME); diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c index c3e3a91b20ec..2c7777e608b9 100644 --- a/sys/amd64/amd64/pmap.c +++ b/sys/amd64/amd64/pmap.c @@ -415,7 +415,7 @@ SYSCTL_INT(_machdep, OID_AUTO, nkpt, CTLFLAG_RD, &nkpt, 0, static int ndmpdp; vm_paddr_t dmaplimit; -vm_offset_t kernel_vm_end = VM_MIN_KERNEL_ADDRESS; +vm_offset_t kernel_vm_end = VM_MIN_KERNEL_ADDRESS_LA48; pt_entry_t pg_nx; static SYSCTL_NODE(_vm, OID_AUTO, pmap, CTLFLAG_RD | CTLFLAG_MPSAFE, 0, @@ -475,11 +475,36 @@ _Static_assert(DMPML4I + NDMPML4E <= KMSANSHADPML4I, "direct map overflow"); static pml4_entry_t *kernel_pml4; static u_int64_t DMPDphys; /* phys addr of direct mapped level 2 */ static u_int64_t DMPDPphys; /* phys addr of direct mapped level 3 */ +static u_int64_t DMPML4phys; /* ... level 4, for la57 */ static int ndmpdpphys; /* number of DMPDPphys pages */ vm_paddr_t kernphys; /* phys addr of start of bootstrap data */ vm_paddr_t KERNend; /* and the end */ +struct kva_layout_s kva_layout = { + .kva_min = KV4ADDR(PML4PML4I, 0, 0, 0), + .dmap_low = KV4ADDR(DMPML4I, 0, 0, 0), + .dmap_high = KV4ADDR(DMPML4I + NDMPML4E, 0, 0, 0), + .lm_low = KV4ADDR(LMSPML4I, 0, 0, 0), + .lm_high = KV4ADDR(LMEPML4I + 1, 0, 0, 0), + .km_low = KV4ADDR(KPML4BASE, 0, 0, 0), + .km_high = KV4ADDR(KPML4BASE + NKPML4E - 1, NPDPEPG - 1, + NPDEPG - 1, NPTEPG - 1), + .rec_pt = KV4ADDR(PML4PML4I, 0, 0, 0), +}; + +struct kva_layout_s kva_layout_la57 = { + .kva_min = KV5ADDR(NPML5EPG / 2, 0, 0, 0, 0), /* == rec_pt */ + .dmap_low = KV5ADDR(DMPML5I, 0, 0, 0, 0), + .dmap_high = KV5ADDR(DMPML5I + NDMPML5E, 0, 0, 0, 0), + .lm_low = KV4ADDR(LMSPML4I, 0, 0, 0), + .lm_high = KV4ADDR(LMEPML4I + 1, 0, 0, 0), + .km_low = KV4ADDR(KPML4BASE, 0, 0, 0), + .km_high = KV4ADDR(KPML4BASE + NKPML4E - 1, NPDPEPG - 1, + NPDEPG - 1, NPTEPG - 1), + .rec_pt = KV5ADDR(PML5PML5I, 0, 0, 0, 0), +}; + /* * pmap_mapdev support pre initialization (i.e. console) */ @@ -549,8 +574,8 @@ static int pmap_flags = PMAP_PDE_SUPERPAGE; /* flags for x86 pmaps */ static vmem_t *large_vmem; static u_int lm_ents; -#define PMAP_ADDRESS_IN_LARGEMAP(va) ((va) >= LARGEMAP_MIN_ADDRESS && \ - (va) < LARGEMAP_MIN_ADDRESS + NBPML4 * (u_long)lm_ents) +#define PMAP_ADDRESS_IN_LARGEMAP(va) ((va) >= kva_layout.lm_low && \ + (va) < kva_layout.lm_high) int pmap_pcid_enabled = 1; SYSCTL_INT(_vm_pmap, OID_AUTO, pcid_enabled, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, @@ -1722,7 +1747,7 @@ create_pagetables(vm_paddr_t *firstaddr) { pd_entry_t *pd_p; pdp_entry_t *pdp_p; - pml4_entry_t *p4_p; + pml4_entry_t *p4_p, *p4d_p; pml5_entry_t *p5_p; uint64_t DMPDkernphys; vm_paddr_t pax; @@ -1732,7 +1757,7 @@ create_pagetables(vm_paddr_t *firstaddr) vm_offset_t kasankernbase; int kasankpdpi, kasankpdi, nkasanpte; #endif - int i, j, ndm1g, nkpdpe, nkdmpde; + int i, j, ndm1g, nkpdpe, nkdmpde, ndmpml4phys; TSENTER(); /* Allocate page table pages for the direct map */ @@ -1740,15 +1765,30 @@ create_pagetables(vm_paddr_t *firstaddr) if (ndmpdp < 4) /* Minimum 4GB of dirmap */ ndmpdp = 4; ndmpdpphys = howmany(ndmpdp, NPDPEPG); - if (ndmpdpphys > NDMPML4E) { - /* - * Each NDMPML4E allows 512 GB, so limit to that, - * and then readjust ndmpdp and ndmpdpphys. - */ - printf("NDMPML4E limits system to %d GB\n", NDMPML4E * 512); - Maxmem = atop(NDMPML4E * NBPML4); - ndmpdpphys = NDMPML4E; - ndmpdp = NDMPML4E * NPDEPG; + if (la57) { + ndmpml4phys = howmany(ndmpdpphys, NPML4EPG); + if (ndmpml4phys > NDMPML5E) { + printf("NDMPML5E limits system to %ld GB\n", + (u_long)NDMPML5E * NBPML5 / 1024 / 1024 / 1024); + Maxmem = atop(NDMPML5E * NBPML5); + ndmpml4phys = NDMPML5E; + ndmpdpphys = ndmpml4phys * NPML4EPG; + ndmpdp = ndmpdpphys * NPDEPG; + } + DMPML4phys = allocpages(firstaddr, ndmpml4phys); + } else { + if (ndmpdpphys > NDMPML4E) { + /* + * Each NDMPML4E allows 512 GB, so limit to + * that, and then readjust ndmpdp and + * ndmpdpphys. + */ + printf("NDMPML4E limits system to %d GB\n", + NDMPML4E * 512); + Maxmem = atop(NDMPML4E * NBPML4); + ndmpdpphys = NDMPML4E; + ndmpdp = NDMPML4E * NPDEPG; + } } DMPDPphys = allocpages(firstaddr, ndmpdpphys); ndm1g = 0; @@ -1773,7 +1813,13 @@ create_pagetables(vm_paddr_t *firstaddr) dmaplimit = (vm_paddr_t)ndmpdp << PDPSHIFT; /* Allocate pages. */ + if (la57) { + KPML5phys = allocpages(firstaddr, 1); + p5_p = (pml5_entry_t *)KPML5phys; + } KPML4phys = allocpages(firstaddr, 1); + p4_p = (pml4_entry_t *)KPML4phys; + KPDPphys = allocpages(firstaddr, NKPML4E); #ifdef KASAN KASANPDPphys = allocpages(firstaddr, NKASANPML4E); @@ -1893,6 +1939,16 @@ create_pagetables(vm_paddr_t *firstaddr) } /* + * Connect the Direct Map slots up to the PML4. + * pml5 entries for DMAP are handled below in global pml5 loop. + */ + p4d_p = la57 ? (pml4_entry_t *)DMPML4phys : &p4_p[DMPML4I]; + for (i = 0; i < ndmpdpphys; i++) { + p4d_p[i] = (DMPDPphys + ptoa(i)) | X86_PG_RW | X86_PG_V | + pg_nx; + } + + /* * Instead of using a 1G page for the memory containing the kernel, * use 2M pages with read-only and no-execute permissions. (If using 1G * pages, this will partially overwrite the PDPEs above.) @@ -1911,11 +1967,6 @@ create_pagetables(vm_paddr_t *firstaddr) } } - /* And recursively map PML4 to itself in order to get PTmap */ - p4_p = (pml4_entry_t *)KPML4phys; - p4_p[PML4PML4I] = KPML4phys; - p4_p[PML4PML4I] |= X86_PG_RW | X86_PG_V | pg_nx; - #ifdef KASAN /* Connect the KASAN shadow map slots up to the PML4. */ for (i = 0; i < NKASANPML4E; i++) { @@ -1938,25 +1989,15 @@ create_pagetables(vm_paddr_t *firstaddr) } #endif - /* Connect the Direct Map slots up to the PML4. */ - for (i = 0; i < ndmpdpphys; i++) { - p4_p[DMPML4I + i] = DMPDPphys + ptoa(i); - p4_p[DMPML4I + i] |= X86_PG_RW | X86_PG_V | pg_nx; - } - /* Connect the KVA slots up to the PML4 */ for (i = 0; i < NKPML4E; i++) { p4_p[KPML4BASE + i] = KPDPphys + ptoa(i); p4_p[KPML4BASE + i] |= X86_PG_RW | X86_PG_V; } - kernel_pml4 = (pml4_entry_t *)PHYS_TO_DMAP(KPML4phys); - if (la57) { /* XXXKIB bootstrap KPML5phys page is lost */ - KPML5phys = allocpages(firstaddr, 1); - for (i = 0, p5_p = (pml5_entry_t *)KPML5phys; i < NPML5EPG; - i++) { + for (i = 0; i < NPML5EPG; i++) { if (i == PML5PML5I) { /* * Recursively map PML5 to itself in @@ -1964,6 +2005,10 @@ create_pagetables(vm_paddr_t *firstaddr) */ p5_p[i] = KPML5phys | X86_PG_RW | X86_PG_A | X86_PG_M | X86_PG_V | pg_nx; + } else if (i >= DMPML5I && i < DMPML5I + NDMPML5E) { + /* Connect DMAP pml4 pages to PML5. */ + p5_p[i] = (DMPML4phys + ptoa(i - DMPML5I)) | + X86_PG_RW | X86_PG_V | pg_nx; } else if (i == pmap_pml5e_index(UPT_MAX_ADDRESS)) { p5_p[i] = KPML4phys | X86_PG_RW | X86_PG_A | X86_PG_M | X86_PG_V; @@ -1971,6 +2016,10 @@ create_pagetables(vm_paddr_t *firstaddr) p5_p[i] = 0; } } + } else { + /* Recursively map PML4 to itself in order to get PTmap */ + p4_p[PML4PML4I] = KPML4phys; + p4_p[PML4PML4I] |= X86_PG_RW | X86_PG_V | pg_nx; } TSEXIT(); } @@ -2024,7 +2073,7 @@ pmap_bootstrap(vm_paddr_t *firstaddr) */ virtual_avail = (vm_offset_t)KERNSTART + round_2mpage(KERNend - (vm_paddr_t)kernphys); - virtual_end = VM_MAX_KERNEL_ADDRESS; + virtual_end = kva_layout.km_high; /* * Enable PG_G global pages, then switch to the kernel page @@ -2046,9 +2095,13 @@ pmap_bootstrap(vm_paddr_t *firstaddr) * Initialize the kernel pmap (which is statically allocated). * Count bootstrap data as being resident in case any of this data is * later unmapped (using pmap_remove()) and freed. + * + * DMAP_TO_PHYS()/PHYS_TO_DMAP() are functional only after + * kva_layout is fixed. */ PMAP_LOCK_INIT(kernel_pmap); if (la57) { + kva_layout = kva_layout_la57; vtoptem = ((1ul << (NPTEPGSHIFT + NPDEPGSHIFT + NPDPEPGSHIFT + NPML4EPGSHIFT + NPML5EPGSHIFT)) - 1) << 3; PTmap = (vm_offset_t)P5Tmap; @@ -2059,6 +2112,7 @@ pmap_bootstrap(vm_paddr_t *firstaddr) kernel_pmap->pm_cr3 = KPML5phys; pmap_pt_page_count_adj(kernel_pmap, 1); /* top-level page */ } else { + kernel_pml4 = (pml4_entry_t *)PHYS_TO_DMAP(KPML4phys); kernel_pmap->pm_pmltop = kernel_pml4; kernel_pmap->pm_cr3 = KPML4phys; } @@ -2420,6 +2474,7 @@ pmap_init(void) { struct pmap_preinit_mapping *ppim; vm_page_t m, mpte; + pml4_entry_t *pml4e; int error, i, ret, skz63; /* L1TF, reserve page @0 unconditionally */ @@ -2559,18 +2614,19 @@ pmap_init(void) printf("pmap: large map %u PML4 slots (%lu GB)\n", lm_ents, (u_long)lm_ents * (NBPML4 / 1024 / 1024 / 1024)); if (lm_ents != 0) { - large_vmem = vmem_create("large", LARGEMAP_MIN_ADDRESS, - (vmem_size_t)lm_ents * NBPML4, PAGE_SIZE, 0, M_WAITOK); + large_vmem = vmem_create("large", kva_layout.lm_low, + (vmem_size_t)kva_layout.lm_high - kva_layout.lm_low, + PAGE_SIZE, 0, M_WAITOK); if (large_vmem == NULL) { printf("pmap: cannot create large map\n"); lm_ents = 0; } for (i = 0; i < lm_ents; i++) { m = pmap_large_map_getptp_unlocked(); - /* XXXKIB la57 */ - kernel_pml4[LMSPML4I + i] = X86_PG_V | - X86_PG_RW | X86_PG_A | X86_PG_M | pg_nx | - VM_PAGE_TO_PHYS(m); + pml4e = pmap_pml4e(kernel_pmap, kva_layout.lm_low + + (u_long)i * NBPML4); + *pml4e = X86_PG_V | X86_PG_RW | X86_PG_A | X86_PG_M | + pg_nx | VM_PAGE_TO_PHYS(m); } } } @@ -3899,7 +3955,7 @@ pmap_kextract(vm_offset_t va) pd_entry_t pde; vm_paddr_t pa; - if (va >= DMAP_MIN_ADDRESS && va < DMAP_MAX_ADDRESS) { + if (va >= kva_layout.dmap_low && va < kva_layout.dmap_high) { pa = DMAP_TO_PHYS(va); } else if (PMAP_ADDRESS_IN_LARGEMAP(va)) { pa = pmap_large_map_kextract(va); @@ -4040,7 +4096,7 @@ pmap_qremove(vm_offset_t sva, int count) * enough to one of those pmap_enter() calls for it to * be caught up in a promotion. */ - KASSERT(va >= VM_MIN_KERNEL_ADDRESS, ("usermode va %lx", va)); + KASSERT(va >= kva_layout.km_low, ("usermode va %lx", va)); KASSERT((*vtopde(va) & X86_PG_PS) == 0, ("pmap_qremove on promoted va %#lx", va)); @@ -4328,21 +4384,13 @@ void pmap_pinit_pml5(vm_page_t pml5pg) { pml5_entry_t *pm_pml5; + int i; pm_pml5 = (pml5_entry_t *)PHYS_TO_DMAP(VM_PAGE_TO_PHYS(pml5pg)); - - /* - * Add pml5 entry at top of KVA pointing to existing pml4 table, - * entering all existing kernel mappings into level 5 table. - */ - pm_pml5[pmap_pml5e_index(UPT_MAX_ADDRESS)] = KPML4phys | X86_PG_V | - X86_PG_RW | X86_PG_A | X86_PG_M; - - /* - * Install self-referential address mapping entry. - */ - pm_pml5[PML5PML5I] = VM_PAGE_TO_PHYS(pml5pg) | - X86_PG_RW | X86_PG_V | X86_PG_M | X86_PG_A; + for (i = 0; i < NPML5EPG / 2; i++) + pm_pml5[i] = 0; + for (; i < NPML5EPG; i++) + pm_pml5[i] = kernel_pmap->pm_pmltop[i]; } static void @@ -4899,8 +4947,8 @@ pmap_release(pmap_t pmap) m = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pmap->pm_pmltop)); if (pmap_is_la57(pmap)) { - pmap->pm_pmltop[pmap_pml5e_index(UPT_MAX_ADDRESS)] = 0; - pmap->pm_pmltop[PML5PML5I] = 0; + for (i = NPML5EPG / 2; i < NPML5EPG; i++) + pmap->pm_pmltop[i] = 0; } else { for (i = 0; i < NKPML4E; i++) /* KVA */ pmap->pm_pmltop[KPML4BASE + i] = 0; @@ -4942,7 +4990,7 @@ pmap_release(pmap_t pmap) static int kvm_size(SYSCTL_HANDLER_ARGS) { - unsigned long ksize = VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS; + unsigned long ksize = kva_layout.km_high - kva_layout.km_low; return sysctl_handle_long(oidp, &ksize, 0, req); } @@ -4953,7 +5001,7 @@ SYSCTL_PROC(_vm, OID_AUTO, kvm_size, CTLTYPE_LONG | CTLFLAG_RD | CTLFLAG_MPSAFE, static int kvm_free(SYSCTL_HANDLER_ARGS) { - unsigned long kfree = VM_MAX_KERNEL_ADDRESS - kernel_vm_end; + unsigned long kfree = kva_layout.km_high - kernel_vm_end; return sysctl_handle_long(oidp, &kfree, 0, req); } @@ -5031,7 +5079,7 @@ pmap_page_array_startup(long pages) vm_page_array_size = pages; - start = VM_MIN_KERNEL_ADDRESS; + start = kva_layout.km_low; end = start + pages * sizeof(struct vm_page); for (va = start; va < end; va += NBPDR) { pfn = first_page + (va - start) / sizeof(struct vm_page); @@ -6067,8 +6115,8 @@ pmap_demote_pde_mpte(pmap_t pmap, pd_entry_t *pde, vm_offset_t va, * so the direct map region is the only part of the * kernel address space that must be handled here. */ - KASSERT(!in_kernel || (va >= DMAP_MIN_ADDRESS && - va < DMAP_MAX_ADDRESS), + KASSERT(!in_kernel || (va >= kva_layout.dmap_low && + va < kva_layout.dmap_high), ("pmap_demote_pde: No saved mpte for va %#lx", va)); /* @@ -7184,7 +7232,7 @@ pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot, PG_RW = pmap_rw_bit(pmap); va = trunc_page(va); - KASSERT(va <= VM_MAX_KERNEL_ADDRESS, ("pmap_enter: toobig")); + KASSERT(va <= kva_layout.km_high, ("pmap_enter: toobig")); KASSERT(va < UPT_MIN_ADDRESS || va >= UPT_MAX_ADDRESS, ("pmap_enter: invalid to pmap_enter page table pages (va: 0x%lx)", va)); @@ -9550,7 +9598,7 @@ pmap_unmapdev(void *p, vm_size_t size) va = (vm_offset_t)p; /* If we gave a direct map region in pmap_mapdev, do nothing */ - if (va >= DMAP_MIN_ADDRESS && va < DMAP_MAX_ADDRESS) + if (va >= kva_layout.dmap_low && va < kva_layout.dmap_high) return; offset = va & PAGE_MASK; size = round_page(offset + size); @@ -9729,7 +9777,7 @@ pmap_change_prot(vm_offset_t va, vm_size_t size, vm_prot_t prot) int error; /* Only supported within the kernel map. */ - if (va < VM_MIN_KERNEL_ADDRESS) + if (va < kva_layout.km_low) return (EINVAL); PMAP_LOCK(kernel_pmap); @@ -9760,7 +9808,7 @@ pmap_change_props_locked(vm_offset_t va, vm_size_t size, vm_prot_t prot, * Only supported on kernel virtual addresses, including the direct * map but excluding the recursive map. */ - if (base < DMAP_MIN_ADDRESS) + if (base < kva_layout.dmap_low) return (EINVAL); /* @@ -9783,7 +9831,7 @@ pmap_change_props_locked(vm_offset_t va, vm_size_t size, vm_prot_t prot, pte_bits |= X86_PG_RW; } if ((prot & VM_PROT_EXECUTE) == 0 || - va < VM_MIN_KERNEL_ADDRESS) { + va < kva_layout.km_low) { pde_bits |= pg_nx; pte_bits |= pg_nx; } @@ -9879,7 +9927,7 @@ pmap_change_props_locked(vm_offset_t va, vm_size_t size, vm_prot_t prot, pmap_pte_props(pdpe, pde_bits, pde_mask); changed = true; } - if (tmpva >= VM_MIN_KERNEL_ADDRESS && + if (tmpva >= kva_layout.km_low && (*pdpe & PG_PS_FRAME) < dmaplimit) { if (pa_start == pa_end) { /* Start physical address run. */ @@ -9909,7 +9957,7 @@ pmap_change_props_locked(vm_offset_t va, vm_size_t size, vm_prot_t prot, pmap_pte_props(pde, pde_bits, pde_mask); changed = true; } - if (tmpva >= VM_MIN_KERNEL_ADDRESS && + if (tmpva >= kva_layout.km_low && (*pde & PG_PS_FRAME) < dmaplimit) { if (pa_start == pa_end) { /* Start physical address run. */ @@ -9937,7 +9985,7 @@ pmap_change_props_locked(vm_offset_t va, vm_size_t size, vm_prot_t prot, pmap_pte_props(pte, pte_bits, pte_mask); changed = true; } - if (tmpva >= VM_MIN_KERNEL_ADDRESS && + if (tmpva >= kva_layout.km_low && (*pte & PG_FRAME) < dmaplimit) { if (pa_start == pa_end) { /* Start physical address run. */ @@ -10909,8 +10957,8 @@ pmap_large_unmap(void *svaa, vm_size_t len) struct spglist spgf; sva = (vm_offset_t)svaa; - if (len == 0 || sva + len < sva || (sva >= DMAP_MIN_ADDRESS && - sva + len <= DMAP_MIN_ADDRESS + dmaplimit)) + if (len == 0 || sva + len < sva || (sva >= kva_layout.dmap_low && + sva + len < kva_layout.dmap_high)) return; SLIST_INIT(&spgf); @@ -11156,11 +11204,10 @@ pmap_large_map_wb(void *svap, vm_size_t len) sva = (vm_offset_t)svap; eva = sva + len; pmap_large_map_wb_fence(); - if (sva >= DMAP_MIN_ADDRESS && eva <= DMAP_MIN_ADDRESS + dmaplimit) { + if (sva >= kva_layout.dmap_low && eva < kva_layout.dmap_high) { pmap_large_map_flush_range(sva, len); } else { - KASSERT(sva >= LARGEMAP_MIN_ADDRESS && - eva <= LARGEMAP_MIN_ADDRESS + lm_ents * NBPML4, + KASSERT(sva >= kva_layout.lm_low && eva < kva_layout.lm_high, ("pmap_large_map_wb: not largemap %#lx %#lx", sva, len)); pmap_large_map_wb_large(sva, eva); } @@ -11201,8 +11248,8 @@ pmap_pti_init(void) VM_OBJECT_WLOCK(pti_obj); pml4_pg = pmap_pti_alloc_page(); pti_pml4 = (pml4_entry_t *)PHYS_TO_DMAP(VM_PAGE_TO_PHYS(pml4_pg)); - for (va = VM_MIN_KERNEL_ADDRESS; va <= VM_MAX_KERNEL_ADDRESS && - va >= VM_MIN_KERNEL_ADDRESS && va > NBPML4; va += NBPML4) { + for (va = kva_layout.km_low; va <= kva_layout.km_high && + va >= kva_layout.km_low && va > NBPML4; va += NBPML4) { pdpe = pmap_pti_pdpe(va); pmap_pti_wire_pte(pdpe); } diff --git a/sys/amd64/amd64/trap.c b/sys/amd64/amd64/trap.c index 09ac0a67dbef..eefddad2f142 100644 --- a/sys/amd64/amd64/trap.c +++ b/sys/amd64/amd64/trap.c @@ -769,7 +769,7 @@ trap_pfault(struct trapframe *frame, bool usermode, int *signo, int *ucode) return (-1); } } - if (eva >= VM_MIN_KERNEL_ADDRESS) { + if (eva >= kva_layout.km_low) { /* * Don't allow user-mode faults in kernel address space. */ diff --git a/sys/amd64/include/param.h b/sys/amd64/include/param.h index 8db314fa034d..1bbb302259d6 100644 --- a/sys/amd64/include/param.h +++ b/sys/amd64/include/param.h @@ -146,8 +146,9 @@ #define amd64_btop(x) ((unsigned long)(x) >> PAGE_SHIFT) #define amd64_ptob(x) ((unsigned long)(x) << PAGE_SHIFT) -#define INKERNEL(va) (((va) >= DMAP_MIN_ADDRESS && (va) < DMAP_MAX_ADDRESS) \ - || ((va) >= VM_MIN_KERNEL_ADDRESS && (va) < VM_MAX_KERNEL_ADDRESS)) +#define INKERNEL(va) \ + (((va) >= kva_layout.dmap_low && (va) < kva_layout.dmap_high) || \ + ((va) >= kva_layout.km_low && (va) < kva_layout.km_high)) #ifdef SMP #define SC_TABLESIZE 1024 /* Must be power of 2. */ diff --git a/sys/amd64/include/pmap.h b/sys/amd64/include/pmap.h index 7d3e91bcd9b9..08e96027a5ed 100644 --- a/sys/amd64/include/pmap.h +++ b/sys/amd64/include/pmap.h @@ -169,11 +169,12 @@ * the recursive page table map. */ #define NDMPML4E 8 +#define NDMPML5E 32 /* - * These values control the layout of virtual memory. The starting address - * of the direct map, which is controlled by DMPML4I, must be a multiple of - * its size. (See the PHYS_TO_DMAP() and DMAP_TO_PHYS() macros.) + * These values control the layout of virtual memory. The starting + * address of the direct map is controlled by DMPML4I on LA48 and + * DMPML5I on LA57. * * Note: KPML4I is the index of the (single) level 4 page that maps * the KVA that holds KERNBASE, while KPML4BASE is the index of the @@ -191,6 +192,7 @@ #define KPML4BASE (NPML4EPG-NKPML4E) /* KVM at highest addresses */ #define DMPML4I rounddown(KPML4BASE-NDMPML4E, NDMPML4E) /* Below KVM */ +#define DMPML5I (NPML5EPG / 2 + 1) #define KPML4I (NPML4EPG-1) #define KPDPI (NPDPEPG-2) /* kernbase at -2GB */ @@ -548,6 +550,18 @@ pmap_pml5e_index(vm_offset_t va) return ((va >> PML5SHIFT) & ((1ul << NPML5EPGSHIFT) - 1)); } +struct kva_layout_s { + vm_offset_t kva_min; + vm_offset_t dmap_low; /* DMAP_MIN_ADDRESS */ + vm_offset_t dmap_high; /* DMAP_MAX_ADDRESS */ + vm_offset_t lm_low; /* LARGEMAP_MIN_ADDRESS */ + vm_offset_t lm_high; /* LARGEMAP_MAX_ADDRESS */ + vm_offset_t km_low; /* VM_MIN_KERNEL_ADDRESS */ + vm_offset_t km_high; /* VM_MAX_KERNEL_ADDRESS */ + vm_offset_t rec_pt; +}; +extern struct kva_layout_s kva_layout; + #endif /* !LOCORE */ #endif /* !_MACHINE_PMAP_H_ */ diff --git a/sys/amd64/include/vmparam.h b/sys/amd64/include/vmparam.h index 0cd9bb4fa7a4..59053665dc40 100644 --- a/sys/amd64/include/vmparam.h +++ b/sys/amd64/include/vmparam.h @@ -163,6 +163,7 @@ * Virtual addresses of things. Derived from the page directory and * page table indexes from pmap.h for precision. * + * LA48: * 0x0000000000000000 - 0x00007fffffffffff user map * 0x0000800000000000 - 0xffff7fffffffffff does not exist (hole) * 0xffff800000000000 - 0xffff804020100fff recursive page table (512GB slot) @@ -175,18 +176,29 @@ * 0xfffffc0000000000 - 0xfffffdffffffffff 2TB KMSAN shadow map, optional * 0xfffffe0000000000 - 0xffffffffffffffff 2TB kernel map * + * LA57: + * 0x0000000000000000 - 0x00ffffffffffffff user map + * 0x0100000000000000 - 0xf0ffffffffffffff does not exist (hole) + * 0xff00000000000000 - 0xff00ffffffffffff recursive page table (2048TB slot) + * 0xff01000000000000 - 0xff20ffffffffffff direct map (32 x 2048TB slots) + * 0xff21000000000000 - 0xffff807fffffffff unused + * 0xffff808000000000 - 0xffff847fffffffff large map (can be tuned up) + * 0xffff848000000000 - 0xfffff77fffffffff unused (large map extends there) + * 0xfffff60000000000 - 0xfffff7ffffffffff 2TB KMSAN origin map, optional + * 0xfffff78000000000 - 0xfffff7bfffffffff 512GB KASAN shadow map, optional + * 0xfffff80000000000 - 0xfffffbffffffffff 4TB unused + * 0xfffffc0000000000 - 0xfffffdffffffffff 2TB KMSAN shadow map, optional + * 0xfffffe0000000000 - 0xffffffffffffffff 2TB kernel map + * * Within the kernel map: * * 0xfffffe0000000000 vm_page_array * 0xffffffff80000000 KERNBASE */ -#define VM_MIN_KERNEL_ADDRESS KV4ADDR(KPML4BASE, 0, 0, 0) -#define VM_MAX_KERNEL_ADDRESS KV4ADDR(KPML4BASE + NKPML4E - 1, \ - NPDPEPG-1, NPDEPG-1, NPTEPG-1) - -#define DMAP_MIN_ADDRESS KV4ADDR(DMPML4I, 0, 0, 0) -#define DMAP_MAX_ADDRESS KV4ADDR(DMPML4I + NDMPML4E, 0, 0, 0) +#define VM_MIN_KERNEL_ADDRESS_LA48 KV4ADDR(KPML4BASE, 0, 0, 0) +#define VM_MIN_KERNEL_ADDRESS kva_layout.km_low +#define VM_MAX_KERNEL_ADDRESS kva_layout.km_high #define KASAN_MIN_ADDRESS KV4ADDR(KASANPML4I, 0, 0, 0) #define KASAN_MAX_ADDRESS KV4ADDR(KASANPML4I + NKASANPML4E, 0, 0, 0) @@ -199,9 +211,6 @@ #define KMSAN_ORIG_MAX_ADDRESS KV4ADDR(KMSANORIGPML4I + NKMSANORIGPML4E, \ 0, 0, 0) -#define LARGEMAP_MIN_ADDRESS KV4ADDR(LMSPML4I, 0, 0, 0) -#define LARGEMAP_MAX_ADDRESS KV4ADDR(LMEPML4I + 1, 0, 0, 0) - /* * Formally kernel mapping starts at KERNBASE, but kernel linker * script leaves first PDE reserved. For legacy BIOS boot, kernel is @@ -239,21 +248,21 @@ * vt fb startup needs to be reworked. */ #define PHYS_IN_DMAP(pa) (dmaplimit == 0 || (pa) < dmaplimit) -#define VIRT_IN_DMAP(va) ((va) >= DMAP_MIN_ADDRESS && \ - (va) < (DMAP_MIN_ADDRESS + dmaplimit)) +#define VIRT_IN_DMAP(va) \ + ((va) >= kva_layout.dmap_low && (va) < kva_layout.dmap_high) #define PMAP_HAS_DMAP 1 -#define PHYS_TO_DMAP(x) ({ \ +#define PHYS_TO_DMAP(x) __extension__ ({ \ KASSERT(PHYS_IN_DMAP(x), \ ("physical address %#jx not covered by the DMAP", \ (uintmax_t)x)); \ - (x) | DMAP_MIN_ADDRESS; }) + (x) + kva_layout.dmap_low; }) -#define DMAP_TO_PHYS(x) ({ \ +#define DMAP_TO_PHYS(x) __extension__ ({ \ KASSERT(VIRT_IN_DMAP(x), \ ("virtual address %#jx not covered by the DMAP", \ (uintmax_t)x)); \ - (x) & ~DMAP_MIN_ADDRESS; }) + (x) - kva_layout.dmap_low; }) /* * amd64 maps the page array into KVA so that it can be more easily @@ -274,7 +283,7 @@ */ #ifndef VM_KMEM_SIZE_MAX #define VM_KMEM_SIZE_MAX ((VM_MAX_KERNEL_ADDRESS - \ - VM_MIN_KERNEL_ADDRESS + 1) * 3 / 5) + kva_layout.km_low + 1) * 3 / 5) #endif /* initial pagein size of beginning of executable file */ diff --git a/sys/fs/fdescfs/fdesc_vnops.c b/sys/fs/fdescfs/fdesc_vnops.c index 676ea5de12b8..58a22b8bdc50 100644 --- a/sys/fs/fdescfs/fdesc_vnops.c +++ b/sys/fs/fdescfs/fdesc_vnops.c @@ -547,6 +547,8 @@ fdesc_readdir(struct vop_readdir_args *ap) fmp = VFSTOFDESC(ap->a_vp->v_mount); if (ap->a_ncookies != NULL) *ap->a_ncookies = 0; + if (ap->a_eofflag != NULL) + *ap->a_eofflag = 0; off = (int)uio->uio_offset; if (off != uio->uio_offset || off < 0 || (u_int)off % UIO_MX != 0 || @@ -559,7 +561,12 @@ fdesc_readdir(struct vop_readdir_args *ap) fcnt = i - 2; /* The first two nodes are `.' and `..' */ FILEDESC_SLOCK(fdp); - while (i < fdp->fd_nfiles + 2 && uio->uio_resid >= UIO_MX) { + while (uio->uio_resid >= UIO_MX) { + if (i >= fdp->fd_nfiles + 2) { + if (ap->a_eofflag != NULL) + *ap->a_eofflag = 1; + break; + } bzero((caddr_t)dp, UIO_MX); switch (i) { case 0: /* `.' */ diff --git a/sys/fs/p9fs/p9fs_vnops.c b/sys/fs/p9fs/p9fs_vnops.c index 56bf766ef801..227e2b93883e 100644 --- a/sys/fs/p9fs/p9fs_vnops.c +++ b/sys/fs/p9fs/p9fs_vnops.c @@ -1784,6 +1784,9 @@ p9fs_readdir(struct vop_readdir_args *ap) return (EBADF); } + if (ap->a_eofflag != NULL) + *ap->a_eofflag = 0; + io_buffer = uma_zalloc(p9fs_io_buffer_zone, M_WAITOK); /* We haven't reached the end yet. read more. */ @@ -1801,8 +1804,11 @@ p9fs_readdir(struct vop_readdir_args *ap) count = p9_client_readdir(vofid, (char *)io_buffer, diroffset, count); - if (count == 0) + if (count == 0) { + if (ap->a_eofflag != NULL) + *ap->a_eofflag = 1; break; + } if (count < 0) { error = EIO; diff --git a/sys/i386/i386/pmap.c b/sys/i386/i386/pmap.c index 5065b7e61ee8..b44f5e08bbcf 100644 --- a/sys/i386/i386/pmap.c +++ b/sys/i386/i386/pmap.c @@ -876,14 +876,16 @@ __CONCAT(PMTYPE, init_pat)(void) #ifdef PMAP_PAE_COMP static void * -pmap_pdpt_allocf(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *flags, - int wait) +pmap_pdpt_allocf(uma_zone_t zone, vm_size_t bytes, int domain, uint8_t *sflagsp, + int flags) { /* Inform UMA that this allocator uses kernel_map/object. */ - *flags = UMA_SLAB_KERNEL; + *sflagsp = UMA_SLAB_KERNEL; + /* contig allocations cannot be NEVERFREED */ + flags &= ~M_NEVERFREED; return ((void *)kmem_alloc_contig_domainset(DOMAINSET_FIXED(domain), - bytes, wait, 0x0ULL, 0xffffffffULL, 1, 0, VM_MEMATTR_DEFAULT)); + bytes, flags, 0x0ULL, 0xffffffffULL, 1, 0, VM_MEMATTR_DEFAULT)); } #endif diff --git a/sys/kern/subr_asan.c b/sys/kern/subr_asan.c index 0edb631d1475..464efda1e91a 100644 --- a/sys/kern/subr_asan.c +++ b/sys/kern/subr_asan.c @@ -263,8 +263,7 @@ kasan_mark(const void *addr, size_t size, size_t redzsize, uint8_t code) if (__predict_false(!kasan_enabled)) return; - if ((vm_offset_t)addr >= DMAP_MIN_ADDRESS && - (vm_offset_t)addr < DMAP_MAX_ADDRESS) + if (kasan_md_unsupported((vm_offset_t)addr)) return; KASSERT((vm_offset_t)addr >= VM_MIN_KERNEL_ADDRESS && diff --git a/sys/kern/subr_trap.c b/sys/kern/subr_trap.c index 18388ae5f232..bac7d0080c71 100644 --- a/sys/kern/subr_trap.c +++ b/sys/kern/subr_trap.c @@ -338,8 +338,9 @@ ast_handler(struct thread *td, struct trapframe *framep, bool dtor) td->td_ast = 0; } - CTR3(KTR_SYSC, "ast: thread %p (pid %d, %s)", td, td->td_proc->p_pid, - td->td_proc->p_comm); + CTR3(KTR_SYSC, "ast: thread %p (pid %d, %s)", td, + td->td_proc == NULL ? -1 : td->td_proc->p_pid, + td->td_proc == NULL ? "" : td->td_proc->p_comm); KASSERT(framep == NULL || TRAPF_USERMODE(framep), ("ast in kernel mode")); diff --git a/sys/net/ethernet.h b/sys/net/ethernet.h index cf4f75bd0b6c..01485cf26e06 100644 --- a/sys/net/ethernet.h +++ b/sys/net/ethernet.h @@ -62,6 +62,8 @@ struct ether_header { u_char ether_shost[ETHER_ADDR_LEN]; u_short ether_type; } __packed; +_Static_assert(sizeof(struct ether_header) == ETHER_HDR_LEN, + "size of struct ether_header is wrong"); /* * Structure of a 48-bit Ethernet address. @@ -69,6 +71,8 @@ struct ether_header { struct ether_addr { u_char octet[ETHER_ADDR_LEN]; } __packed; +_Static_assert(sizeof(struct ether_addr) == ETHER_ADDR_LEN, + "size of struct ether_addr is wrong"); #define ETHER_IS_MULTICAST(addr) (*(addr) & 0x01) /* is address mcast/bcast? */ #define ETHER_IS_IPV6_MULTICAST(addr) \ @@ -112,6 +116,8 @@ struct ether_vlan_header { uint16_t evl_tag; uint16_t evl_proto; } __packed; +_Static_assert(sizeof(struct ether_vlan_header) == ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN, + "size of struct ether_vlan_header is wrong"); #define EVL_VLID_MASK 0x0FFF #define EVL_PRI_MASK 0xE000 diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 7be4dfac23e7..3ae0c01c0efc 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -92,11 +92,6 @@ #include <crypto/sha1.h> -#ifdef CTASSERT -CTASSERT(sizeof (struct ether_header) == ETHER_ADDR_LEN * 2 + 2); -CTASSERT(sizeof (struct ether_addr) == ETHER_ADDR_LEN); -#endif - VNET_DEFINE(pfil_head_t, link_pfil_head); /* Packet filter hooks */ /* netgraph node hooks for ng_ether(4) */ diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 1f2011634695..452a8eb4024b 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1370,7 +1370,6 @@ struct pf_kruleset { struct pf_krulequeue queues[2]; struct { struct pf_krulequeue *ptr; - struct pf_krule **ptr_array; u_int32_t rcount; u_int32_t ticket; int open; diff --git a/sys/netinet6/raw_ip6.c b/sys/netinet6/raw_ip6.c index 0379ef7c789a..c90a1213bd66 100644 --- a/sys/netinet6/raw_ip6.c +++ b/sys/netinet6/raw_ip6.c @@ -765,8 +765,7 @@ rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) } if (ifa != NULL && ((struct in6_ifaddr *)ifa)->ia6_flags & - (IN6_IFF_ANYCAST|IN6_IFF_NOTREADY| - IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { + (IN6_IFF_NOTREADY|IN6_IFF_DETACHED|IN6_IFF_DEPRECATED)) { NET_EPOCH_EXIT(et); return (EADDRNOTAVAIL); } diff --git a/sys/netlink/netlink_message_parser.h b/sys/netlink/netlink_message_parser.h index 8492ecb3021b..720317ed74f3 100644 --- a/sys/netlink/netlink_message_parser.h +++ b/sys/netlink/netlink_message_parser.h @@ -209,7 +209,8 @@ int nlattr_get_nested(struct nlattr *nla, struct nl_pstate *npt, int nlattr_get_nested_ptr(struct nlattr *nla, struct nl_pstate *npt, const void *arg, void *target); -bool nlmsg_report_err_msg(struct nl_pstate *npt, const char *fmt, ...); +bool nlmsg_report_err_msg(struct nl_pstate *npt, const char *fmt, ...) + __printflike(2, 3); #define NLMSG_REPORT_ERR_MSG(_npt, _fmt, ...) { \ nlmsg_report_err_msg(_npt, _fmt, ## __VA_ARGS__); \ diff --git a/sys/netpfil/pf/if_pflog.c b/sys/netpfil/pf/if_pflog.c index 0a84f9d680ac..cb96d2fcc44c 100644 --- a/sys/netpfil/pf/if_pflog.c +++ b/sys/netpfil/pf/if_pflog.c @@ -284,9 +284,9 @@ pflog_packet(uint8_t action, u_int8_t reason, * state lock, since this leads to unsafe LOR. * These conditions are very very rare, however. */ - if (trigger->log & PF_LOG_SOCKET_LOOKUP && !pd->lookup.done && lookupsafe) + if (trigger->log & PF_LOG_USER && !pd->lookup.done && lookupsafe) pd->lookup.done = pf_socket_lookup(pd); - if (pd->lookup.done > 0) + if (trigger->log & PF_LOG_USER && pd->lookup.done > 0) hdr.uid = pd->lookup.uid; else hdr.uid = -1; diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index 2391edaf1a5a..4e03584b8f85 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -532,6 +532,7 @@ pfsync_state_import(union pfsync_state_union *sp, int flags, int msg_version) struct pf_kpooladdr *rpool_first; int error; uint8_t rt = 0; + int n = 0; PF_RULES_RASSERT(); @@ -557,10 +558,12 @@ pfsync_state_import(union pfsync_state_union *sp, int flags, int msg_version) */ if (sp->pfs_1301.rule != htonl(-1) && sp->pfs_1301.anchor == htonl(-1) && (flags & (PFSYNC_SI_IOCTL | PFSYNC_SI_CKSUM)) && ntohl(sp->pfs_1301.rule) < - pf_main_ruleset.rules[PF_RULESET_FILTER].active.rcount) - r = pf_main_ruleset.rules[ - PF_RULESET_FILTER].active.ptr_array[ntohl(sp->pfs_1301.rule)]; - else + pf_main_ruleset.rules[PF_RULESET_FILTER].active.rcount) { + TAILQ_FOREACH(r, pf_main_ruleset.rules[ + PF_RULESET_FILTER].active.ptr, entries) + if (ntohl(sp->pfs_1301.rule) == n++) + break; + } else r = &V_pf_default_rule; /* diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index a410fe570c39..63d513fb1956 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6219,7 +6219,7 @@ pf_create_state(struct pf_krule *r, struct pf_test_ctx *ctx, if (ctx->tag > 0) s->tag = ctx->tag; if (pd->proto == IPPROTO_TCP && (tcp_get_flags(th) & (TH_SYN|TH_ACK)) == - TH_SYN && r->keep_state == PF_STATE_SYNPROXY) { + TH_SYN && r->keep_state == PF_STATE_SYNPROXY && pd->dir == PF_IN) { pf_set_protostate(s, PF_PEER_SRC, PF_TCPS_PROXY_SRC); pf_undo_nat(ctx->nr, pd, bip_sum); s->src.seqhi = arc4random(); @@ -9068,6 +9068,9 @@ pf_route(struct pf_krule *r, struct ifnet *oifp, goto bad; } + if (r->rt == PF_DUPTO) + skip_test = true; + if (pd->dir == PF_IN && !skip_test) { if (pf_test(AF_INET, PF_OUT, PFIL_FWD, ifp, &m0, inp, &pd->act) != PF_PASS) { @@ -9370,6 +9373,9 @@ pf_route6(struct pf_krule *r, struct ifnet *oifp, goto bad; } + if (r->rt == PF_DUPTO) + skip_test = true; + if (pd->dir == PF_IN && !skip_test) { if (pf_test(AF_INET6, PF_OUT, PFIL_FWD | PF_PFIL_NOREFRAGMENT, ifp, &m0, inp, &pd->act) != PF_PASS) { diff --git a/sys/netpfil/pf/pf.h b/sys/netpfil/pf/pf.h index db353d185368..cfff58064922 100644 --- a/sys/netpfil/pf/pf.h +++ b/sys/netpfil/pf/pf.h @@ -140,7 +140,7 @@ enum { PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL, #define PF_LOG 0x01 #define PF_LOG_ALL 0x02 -#define PF_LOG_SOCKET_LOOKUP 0x04 +#define PF_LOG_USER 0x04 #define PF_LOG_FORCE 0x08 #define PF_LOG_MATCHES 0x10 diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index c14211edf10f..3caa0d2e3b11 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1359,7 +1359,7 @@ static int pf_commit_rules(u_int32_t ticket, int rs_num, char *anchor) { struct pf_kruleset *rs; - struct pf_krule *rule, **old_array, *old_rule; + struct pf_krule *rule, *old_rule; struct pf_krulequeue *old_rules; struct pf_krule_global *old_tree; int error; @@ -1384,13 +1384,10 @@ pf_commit_rules(u_int32_t ticket, int rs_num, char *anchor) /* Swap rules, keep the old. */ old_rules = rs->rules[rs_num].active.ptr; old_rcount = rs->rules[rs_num].active.rcount; - old_array = rs->rules[rs_num].active.ptr_array; old_tree = rs->rules[rs_num].active.tree; rs->rules[rs_num].active.ptr = rs->rules[rs_num].inactive.ptr; - rs->rules[rs_num].active.ptr_array = - rs->rules[rs_num].inactive.ptr_array; rs->rules[rs_num].active.tree = rs->rules[rs_num].inactive.tree; rs->rules[rs_num].active.rcount = @@ -1420,7 +1417,6 @@ pf_commit_rules(u_int32_t ticket, int rs_num, char *anchor) } rs->rules[rs_num].inactive.ptr = old_rules; - rs->rules[rs_num].inactive.ptr_array = old_array; rs->rules[rs_num].inactive.tree = NULL; /* important for pf_ioctl_addrule */ rs->rules[rs_num].inactive.rcount = old_rcount; @@ -1433,9 +1429,6 @@ pf_commit_rules(u_int32_t ticket, int rs_num, char *anchor) while ((rule = TAILQ_FIRST(old_rules)) != NULL) pf_unlink_rule_locked(old_rules, rule); PF_UNLNKDRULES_UNLOCK(); - if (rs->rules[rs_num].inactive.ptr_array) - free(rs->rules[rs_num].inactive.ptr_array, M_TEMP); - rs->rules[rs_num].inactive.ptr_array = NULL; rs->rules[rs_num].inactive.rcount = 0; rs->rules[rs_num].inactive.open = 0; pf_remove_if_empty_kruleset(rs); @@ -1458,24 +1451,11 @@ pf_setup_pfsync_matching(struct pf_kruleset *rs) if (rs_cnt == PF_RULESET_SCRUB) continue; - if (rs->rules[rs_cnt].inactive.ptr_array) - free(rs->rules[rs_cnt].inactive.ptr_array, M_TEMP); - rs->rules[rs_cnt].inactive.ptr_array = NULL; - if (rs->rules[rs_cnt].inactive.rcount) { - rs->rules[rs_cnt].inactive.ptr_array = - mallocarray(rs->rules[rs_cnt].inactive.rcount, - sizeof(struct pf_rule **), - M_TEMP, M_NOWAIT); - - if (!rs->rules[rs_cnt].inactive.ptr_array) - return (ENOMEM); - } - - TAILQ_FOREACH(rule, rs->rules[rs_cnt].inactive.ptr, - entries) { - pf_hash_rule_rolling(&ctx, rule); - (rs->rules[rs_cnt].inactive.ptr_array)[rule->nr] = rule; + TAILQ_FOREACH(rule, rs->rules[rs_cnt].inactive.ptr, + entries) { + pf_hash_rule_rolling(&ctx, rule); + } } } @@ -2061,6 +2041,19 @@ pf_ioctl_getrules(struct pfioc_rule *pr) return (0); } +static int +pf_validate_range(uint8_t op, uint16_t port[2]) +{ + uint16_t a = ntohs(port[0]); + uint16_t b = ntohs(port[1]); + + if ((op == PF_OP_RRG && a > b) || /* 34:12, i.e. none */ + (op == PF_OP_IRG && a >= b) || /* 34><12, i.e. none */ + (op == PF_OP_XRG && a > b)) /* 34<>22, i.e. all */ + return 1; + return 0; +} + int pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket, uint32_t pool_ticket, const char *anchor, const char *anchor_call, @@ -2080,6 +2073,11 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket, #define ERROUT(x) ERROUT_FUNCTION(errout, x) + if (pf_validate_range(rule->src.port_op, rule->src.port)) + ERROUT(EINVAL); + if (pf_validate_range(rule->dst.port_op, rule->dst.port)) + ERROUT(EINVAL); + if (rule->ifname[0]) kif = pf_kkif_create(M_WAITOK); if (rule->rcv_ifname[0]) diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c index e3f3ab9025f7..9c0151b7da2b 100644 --- a/sys/netpfil/pf/pf_table.c +++ b/sys/netpfil/pf/pf_table.c @@ -819,10 +819,10 @@ pfr_create_kentry(struct pfr_addr *ad, bool counters) static void pfr_destroy_kentries(struct pfr_kentryworkq *workq) { - struct pfr_kentry *p, *q; + struct pfr_kentry *p; - for (p = SLIST_FIRST(workq); p != NULL; p = q) { - q = SLIST_NEXT(p, pfrke_workq); + while ((p = SLIST_FIRST(workq)) != NULL) { + SLIST_REMOVE_HEAD(workq, pfrke_workq); pfr_destroy_kentry(p); } } @@ -1680,8 +1680,7 @@ pfr_ina_commit(struct pfr_table *trs, u_int32_t ticket, int *nadd, } if (!(flags & PFR_FLAG_DUMMY)) { - for (p = SLIST_FIRST(&workq); p != NULL; p = q) { - q = SLIST_NEXT(p, pfrkt_workq); + SLIST_FOREACH_SAFE(p, &workq, pfrkt_workq, q) { pfr_commit_ktable(p, tzero); } rs->topen = 0; @@ -1710,7 +1709,7 @@ pfr_commit_ktable(struct pfr_ktable *kt, time_t tzero) } else if (kt->pfrkt_flags & PFR_TFLAG_ACTIVE) { /* kt might contain addresses */ struct pfr_kentryworkq addrq, addq, changeq, delq, garbageq; - struct pfr_kentry *p, *q, *next; + struct pfr_kentry *p, *q; struct pfr_addr ad; pfr_enqueue_addrs(shadow, &addrq, NULL, 0); @@ -1720,7 +1719,8 @@ pfr_commit_ktable(struct pfr_ktable *kt, time_t tzero) SLIST_INIT(&delq); SLIST_INIT(&garbageq); pfr_clean_node_mask(shadow, &addrq); - SLIST_FOREACH_SAFE(p, &addrq, pfrke_workq, next) { + while ((p = SLIST_FIRST(&addrq)) != NULL) { + SLIST_REMOVE_HEAD(&addrq, pfrke_workq); pfr_copyout_addr(&ad, p); q = pfr_lookup_addr(kt, &ad, 1); if (q != NULL) { @@ -1864,8 +1864,7 @@ pfr_setflags_ktables(struct pfr_ktableworkq *workq) { struct pfr_ktable *p, *q; - for (p = SLIST_FIRST(workq); p; p = q) { - q = SLIST_NEXT(p, pfrkt_workq); + SLIST_FOREACH_SAFE(p, workq, pfrkt_workq, q) { pfr_setflags_ktable(p, p->pfrkt_nflags); } } @@ -2015,10 +2014,10 @@ pfr_create_ktable(struct pfr_table *tbl, time_t tzero, int attachruleset) static void pfr_destroy_ktables(struct pfr_ktableworkq *workq, int flushaddr) { - struct pfr_ktable *p, *q; + struct pfr_ktable *p; - for (p = SLIST_FIRST(workq); p; p = q) { - q = SLIST_NEXT(p, pfrkt_workq); + while ((p = SLIST_FIRST(workq)) != NULL) { + SLIST_REMOVE_HEAD(workq, pfrkt_workq); pfr_destroy_ktable(p, flushaddr); } } diff --git a/sys/vm/swap_pager.c b/sys/vm/swap_pager.c index 86b75a2d7989..d6bd06226d04 100644 --- a/sys/vm/swap_pager.c +++ b/sys/vm/swap_pager.c @@ -384,8 +384,8 @@ swap_release_by_cred(vm_ooffset_t decr, struct ucred *cred) #endif } -static int swap_pager_full = 2; /* swap space exhaustion (task killing) */ -static int swap_pager_almost_full = 1; /* swap space exhaustion (w/hysteresis)*/ +static bool swap_pager_full = true; /* swap space exhaustion (task killing) */ +static bool swap_pager_almost_full = true; /* swap space exhaustion (w/hysteresis) */ static struct mtx swbuf_mtx; /* to sync nsw_wcount_async */ static int nsw_wcount_async; /* limit async write buffers */ static int nsw_wcount_async_max;/* assigned maximum */ @@ -642,14 +642,14 @@ swp_sizecheck(void) { if (swap_pager_avail < nswap_lowat) { - if (swap_pager_almost_full == 0) { + if (!swap_pager_almost_full) { printf("swap_pager: out of swap space\n"); - swap_pager_almost_full = 1; + swap_pager_almost_full = true; } } else { - swap_pager_full = 0; + swap_pager_full = false; if (swap_pager_avail > nswap_hiwat) - swap_pager_almost_full = 0; + swap_pager_almost_full = false; } } @@ -958,11 +958,10 @@ swp_pager_getswapspace(int *io_npages) swp_sizecheck(); swdevhd = TAILQ_NEXT(sp, sw_list); } else { - if (swap_pager_full != 2) { + if (!swap_pager_full) { printf("swp_pager_getswapspace(%d): failed\n", *io_npages); - swap_pager_full = 2; - swap_pager_almost_full = 1; + swap_pager_full = swap_pager_almost_full = true; } swdevhd = NULL; } @@ -2863,10 +2862,8 @@ swapoff_one(struct swdevt *sp, struct ucred *cred, u_int flags) sp->sw_id = NULL; TAILQ_REMOVE(&swtailq, sp, sw_list); nswapdev--; - if (nswapdev == 0) { - swap_pager_full = 2; - swap_pager_almost_full = 1; - } + if (nswapdev == 0) + swap_pager_full = swap_pager_almost_full = true; if (swdevhd == sp) swdevhd = NULL; mtx_unlock(&sw_dev_mtx); diff --git a/sys/vm/vm_kern.c b/sys/vm/vm_kern.c index 875c22d27628..e7d7b6726d2c 100644 --- a/sys/vm/vm_kern.c +++ b/sys/vm/vm_kern.c @@ -110,11 +110,18 @@ u_int exec_map_entry_size; u_int exec_map_entries; SYSCTL_ULONG(_vm, OID_AUTO, min_kernel_address, CTLFLAG_RD, - SYSCTL_NULL_ULONG_PTR, VM_MIN_KERNEL_ADDRESS, "Min kernel address"); +#if defined(__amd64__) + &kva_layout.km_low, 0, +#else + SYSCTL_NULL_ULONG_PTR, VM_MIN_KERNEL_ADDRESS, +#endif + "Min kernel address"); SYSCTL_ULONG(_vm, OID_AUTO, max_kernel_address, CTLFLAG_RD, #if defined(__arm__) &vm_max_kernel_address, 0, +#elif defined(__amd64__) + &kva_layout.km_high, 0, #else SYSCTL_NULL_ULONG_PTR, VM_MAX_KERNEL_ADDRESS, #endif diff --git a/sys/vm/vm_pagequeue.h b/sys/vm/vm_pagequeue.h index cbbd27389662..9bd3b389fb60 100644 --- a/sys/vm/vm_pagequeue.h +++ b/sys/vm/vm_pagequeue.h @@ -260,9 +260,9 @@ struct vm_domain { u_int vmd_inactive_shortage; /* Per-thread shortage. */ blockcount_t vmd_inactive_running; /* Number of inactive threads. */ blockcount_t vmd_inactive_starting; /* Number of threads started. */ - volatile u_int vmd_addl_shortage; /* Shortage accumulator. */ - volatile u_int vmd_inactive_freed; /* Successful inactive frees. */ - volatile u_int vmd_inactive_us; /* Microseconds for above. */ + u_int vmd_addl_shortage; /* (a) Shortage accumulator. */ + u_int vmd_inactive_freed; /* (a) Successful inactive frees. */ + u_int vmd_inactive_us; /* (a) Microseconds for above. */ u_int vmd_inactive_pps; /* Exponential decay frees/second. */ int vmd_oom_seq; int vmd_last_active_scan; diff --git a/tests/sys/netinet6/addr6.sh b/tests/sys/netinet6/addr6.sh index 38e4bb152240..6fd66d5aa0c7 100755 --- a/tests/sys/netinet6/addr6.sh +++ b/tests/sys/netinet6/addr6.sh @@ -39,7 +39,32 @@ addr6_invalid_addr_cleanup() vnet_cleanup } +atf_test_case "anycast_raw_addr" "cleanup" +anycast_raw_addr_head() +{ + atf_set descr "a raw socket can bind to an anycast address" + atf_set require.user root +} + +anycast_raw_addr_body() +{ + # lo0 needs to be up in the test jail for this test to work + ifconfig lo0 up + + netif=$(ifconfig lo create) + echo $netif >netif + atf_check -s exit:0 ifconfig $netif inet6 2001:db8::1/128 up + atf_check -s exit:0 ifconfig $netif inet6 2001:db8::2/128 anycast + atf_check -s exit:0 -o ignore ping -c1 -S 2001:db8::2 2001:db8::1 +} + +anycast_raw_addr_cleanup() +{ + ifconfig $(cat netif) destroy +} + atf_init_test_cases() { atf_add_test_case "addr6_invalid_addr" + atf_add_test_case "anycast_raw_addr" } diff --git a/usr.bin/sed/sed.1 b/usr.bin/sed/sed.1 index 345f673310d8..5fd894eaf78b 100644 --- a/usr.bin/sed/sed.1 +++ b/usr.bin/sed/sed.1 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-3-Clause +.\" .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -28,7 +31,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd December 17, 2024 +.Dd June 14, 2025 .Dt SED 1 .Os .Sh NAME @@ -597,17 +600,17 @@ with .Ql baz when piped from another command: .Bd -literal -offset indent -echo "An alternate word, like bar, is sometimes used in examples." | sed 's/bar/baz/' +echo "use bar in examples" | sed 's/bar/baz/' .Ed .Pp Using backlashes can sometimes be hard to read and follow: .Bd -literal -offset indent -echo "/home/example" | sed 's/\\/home\\/example/\\/usr\\/local\\/example/' +echo "/bin/bash" | sed 's/\\/bin\\/bash/\\/bin\\/sh/' .Ed .Pp Using a different separator can be handy when working with paths: .Bd -literal -offset indent -echo "/home/example" | sed 's#/home/example#/usr/local/example#' +echo "/bin/bash" | sed 's#/bin/bash#/bin/sh#' .Ed .Pp Replace all occurrences of diff --git a/usr.bin/top/top.1 b/usr.bin/top/top.1 index d8ef763e7a34..53b078839526 100644 --- a/usr.bin/top/top.1 +++ b/usr.bin/top/top.1 @@ -1,4 +1,4 @@ -.Dd April 1, 2025 +.Dd June 9, 2025 .Dt TOP 1 .Os .Sh NAME @@ -398,6 +398,7 @@ ID corresponding to the process, USERNAME is the name of the process's owner (if .Fl u is specified, a UID column will be substituted for USERNAME), +THR is the thread count, showing the number of threads a process has, PRI is the current priority of the process, NICE is the .Xr nice 1 diff --git a/usr.sbin/bsdinstall/scripts/wlanconfig b/usr.sbin/bsdinstall/scripts/wlanconfig index 8ac64858eaba..33d94a933f45 100755 --- a/usr.sbin/bsdinstall/scripts/wlanconfig +++ b/usr.sbin/bsdinstall/scripts/wlanconfig @@ -92,7 +92,7 @@ dialog_country_select() sub(/.*domains:/, ""), /[^[:alnum:][[:space:]]/ { n = split($0, domains) for (i = 1; i <= n; i++) - printf "'\''%s'\'' '\'\''", domains[i] + printf "'\''%s'\'' '\'\''\n", domains[i] } ' | sort ) countries=$( echo "$input" | awk ' @@ -200,6 +200,12 @@ fi while :; do SCANSSID=0 + # While wpa_supplicant may IFF_UP the interface, we do not want to rely + # in this. In case the script is run manually (outside the installer, + # e.g., for testing) wpa_supplicant may be running and the wlanN + # interface may be down (especially if dialog_country_select is not + # run successfully either) and scanning will not work. + f_eval_catch -d wlanconfig ifconfig "ifconfig $WLAN_IFACE up" f_eval_catch -d wlanconfig wpa_cli "wpa_cli scan" f_dialog_title "Scanning" f_dialog_pause "Waiting 5 seconds to scan for wireless networks..." 5 || diff --git a/usr.sbin/inetd/inetd.conf b/usr.sbin/inetd/inetd.conf index 40f1e1285af6..a8359ea793f5 100644 --- a/usr.sbin/inetd/inetd.conf +++ b/usr.sbin/inetd/inetd.conf @@ -7,8 +7,8 @@ # #ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l #ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l -#ssh stream tcp nowait root /usr/sbin/sshd sshd -i -4 -#ssh stream tcp6 nowait root /usr/sbin/sshd sshd -i -6 +#ssh stream tcp nowait root /usr/sbin/sshd sshd -i +#ssh stream tcp6 nowait root /usr/sbin/sshd sshd -i #telnet stream tcp nowait root /usr/local/libexec/telnetd telnetd #telnet stream tcp6 nowait root /usr/local/libexec/telnetd telnetd #shell stream tcp nowait root /usr/local/sbin/rshd rshd |