diff options
Diffstat (limited to 'share')
28 files changed, 323 insertions, 98 deletions
diff --git a/share/examples/bhyve/vmrun.sh b/share/examples/bhyve/vmrun.sh index 52935363023a..e0052e781dc0 100755 --- a/share/examples/bhyve/vmrun.sh +++ b/share/examples/bhyve/vmrun.sh @@ -268,8 +268,10 @@ fi if [ -z "$firmware" ]; then case ${platform} in amd64) - firmware="${efi_firmware}" - firmware_pkg="edk2-bhyve" + if [ ${efi_mode} -ne 0 ]; then + firmware="${efi_firmware}" + firmware_pkg="edk2-bhyve" + fi ;; arm64) firmware="${uboot_firmware}" diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index 6e076722c786..e94e832a3f94 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -69,6 +69,12 @@ MAN= aac.4 \ audit.4 \ auditpipe.4 \ aue.4 \ + ${_aw_gpio.4} \ + ${_aw_mmc.4} \ + ${_aw_rtc.4} \ + ${_aw_sid.4} \ + ${_aw_spi.4} \ + ${_aw_syscon.4} \ axe.4 \ axge.4 \ axp.4 \ @@ -962,6 +968,12 @@ _vmx.4= vmx.4 .if ${MACHINE_CPUARCH} == "arm" || ${MACHINE_CPUARCH} == "aarch64" || \ ${MACHINE_CPUARCH} == "riscv" +_aw_gpio.4= aw_gpio.4 +_aw_mmc.4= aw_mmc.4 +_aw_rtc.4= aw_rtc.4 +_aw_sid.4= aw_sid.4 +_aw_spi.4= aw_spi.4 +_aw_syscon.4= aw_syscon.4 _cgem.4= cgem.4 MLINKS+=cgem.4 if_cgem.4 .endif diff --git a/share/man/man4/man4.arm/aw_gpio.4 b/share/man/man4/aw_gpio.4 index ef9fc1fe2733..5cbc7562d9bd 100644 --- a/share/man/man4/man4.arm/aw_gpio.4 +++ b/share/man/man4/aw_gpio.4 @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .Dd October 8, 2024 -.Dt AW_GPIO 4 arm +.Dt AW_GPIO 4 .Os .Sh NAME .Nm aw_gpio diff --git a/share/man/man4/man4.arm/aw_mmc.4 b/share/man/man4/aw_mmc.4 index e3f961fa5067..072835cce7c0 100644 --- a/share/man/man4/man4.arm/aw_mmc.4 +++ b/share/man/man4/aw_mmc.4 @@ -22,8 +22,8 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd Dec 25, 2017 -.Dt AW_MMC 4 arm +.Dd October 20, 2025 +.Dt AW_MMC 4 .Os .Sh NAME .Nm aw_mmc @@ -48,6 +48,8 @@ allwinner,sun5i-a13-mmc allwinner,sun7i-a20-mmc .It allwinner,sun50i-a64-mmc +.It +allwinner,sun20i-d1-mmc .El .Sh SYSCTL VARIABLES The following read-only variables are available via diff --git a/share/man/man4/man4.arm/aw_rtc.4 b/share/man/man4/aw_rtc.4 index 87212d85116c..1296cd41da68 100644 --- a/share/man/man4/man4.arm/aw_rtc.4 +++ b/share/man/man4/aw_rtc.4 @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .Dd December 10, 2024 -.Dt AW_RTC 4 arm +.Dt AW_RTC 4 .Os .Sh NAME .Nm aw_rtc diff --git a/share/man/man4/man4.arm/aw_sid.4 b/share/man/man4/aw_sid.4 index 8b3691259f22..5cd2f3d5e072 100644 --- a/share/man/man4/man4.arm/aw_sid.4 +++ b/share/man/man4/aw_sid.4 @@ -25,7 +25,7 @@ .\" SUCH DAMAGE. .\" .Dd October 8, 2024 -.Dt AW_SID 4 arm +.Dt AW_SID 4 .Os .Sh NAME .Nm aw_sid diff --git a/share/man/man4/man4.arm/aw_spi.4 b/share/man/man4/aw_spi.4 index d0566a45b54b..f8985e1c16bb 100644 --- a/share/man/man4/man4.arm/aw_spi.4 +++ b/share/man/man4/aw_spi.4 @@ -23,7 +23,7 @@ .\" SUCH DAMAGE. .\" .Dd May 17, 2018 -.Dt AW_SPI 4 arm +.Dt AW_SPI 4 .Os .Sh NAME .Nm aw_spi diff --git a/share/man/man4/man4.arm/aw_syscon.4 b/share/man/man4/aw_syscon.4 index 97f01196a8a6..e32f329e489a 100644 --- a/share/man/man4/man4.arm/aw_syscon.4 +++ b/share/man/man4/aw_syscon.4 @@ -25,7 +25,7 @@ .\" SUCH DAMAGE. .\" .Dd November 11, 2024 -.Dt AW_SYSCON 4 arm +.Dt AW_SYSCON 4 .Os .Sh NAME .Nm aw_syscon diff --git a/share/man/man4/bridge.4 b/share/man/man4/bridge.4 index 7048df4593bf..3af952256d3a 100644 --- a/share/man/man4/bridge.4 +++ b/share/man/man4/bridge.4 @@ -36,7 +36,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd July 28, 2025 +.Dd October 13, 2025 .Dt IF_BRIDGE 4 .Os .Sh NAME @@ -272,53 +272,149 @@ by setting the node using .Xr sysctl 8 . .Sh VLAN SUPPORT -The +Virtual LANs (VLANs), defined in the IEEE 802.1Q standard, allow traffic +on a bridge to be segregated into separate logical networks which cannot +communicate with each other. +For example, two interfaces in VLAN 10 would be able to communicate +with each other, but not with another interface in VLAN 20. +.Pp +Each VLAN is identified by a number between 1 and 4094 inclusive. +By default, all traffic on the bridge is assigned to "VLAN 0", +a pseudo-VLAN used for historical compatibility. +When VLANs are in use on a bridge, it is recommended to explicitly +assign all traffic to a VLAN rather than using VLAN 0. +.Pp +The bridge implements Independent VLAN Learning (IVL), meaning that +host addresses are learned separately for each VLAN, and the same host +address may exist on several different ports in different VLANs. +.Pp +If a +.Xr vlan 4 +interface is configured on an interface which is also an .Nm -driver has full support for virtual LANs (VLANs). -The bridge implements independent VLAN learning, i.e. MAC addresses are -learned on a per-VLAN basis, and the same MAC address may be learned on -multiple interfaces on different VLANs. -Incoming frames with an 802.1Q tag will be assigned to the appropriate -VLAN. -.Pp -Traffic sent to or from the host is not assigned to a VLAN by default. -To allow the host to communicate on a VLAN, configure a +member interface, all tagged frames will be processed by the .Xr vlan 4 -interface on the bridge and (if necessary) assign IP addresses there. -.Pp -By default no access control is enabled, so any interface may -participate in any VLAN. -.Pp -VLAN filtering may be enabled on a bridge using the +interface and will not be visible to the bridge. +This configuration is not recommended and may be unsupported in a +future release. +.Ss Tagged and untagged traffic +Incoming frames on a member interface may be either tagged or untagged. +Tagged frames contain an 802.1Q header indicating which VLAN the +frame belongs to, while untagged frames do not. +When a tagged frame is received, the frame is automatically assigned to +the VLAN in the tag (subject to any configured VLAN access list), +while untagged frames are assigned to the interface's configured +Port VLAN ID (PVID), or to VLAN 0 if no PVID is configured. +.Ss Assigning interfaces to VLANs +An interface's PVID may be configured using the .Xr ifconfig 8 -.Cm vlanfilter -option. -When VLAN filtering is enabled, an interface may only send and receive -frames based on its configured VLAN access list. +.Cm ifuntagged +command: +.Bd -literal -offset indent +ifconfig bridge0 ifuntagged ix0 10 +.Ed .Pp -The interface's untagged VLAN ID may be configured using the -.Xr ifconfig 8 +Or by using the .Cm untagged -option. -If an untagged VLAN ID is configured, incoming frames will be assigned -to that VLAN, and the interface may receive outgoing untagged frames -in that VLAN. -.Pp -The tagged VLAN access list may be configured using the -.Cm tagged , -.Cm +tagged -and -.Cm -tagged -options to -.Xr ifconfig 8 . -An interface may send and receive tagged frames for any VLAN in its -access list. +option to +.Cm addm : +.Bd -literal -offset indent +ifconfig bridge0 addm ix0 untagged 10 +.Ed .Pp -The bridge will automatically insert or remove 802.1q tags as needed, -based on the interface configuration, when forwarding frames between -interfaces. -This tag processing is only done for interfaces with VLAN filtering -enabled. +This will assign all untagged traffic received on the interface to the +specified VLAN, and any traffic transmitted on the interface in this +VLAN will have its VLAN tag (if present) removed. +Conversely, any traffic transmitted on the interface in a different +VLAN will have a tag added, to allow the remote system to assign the +traffic to the appropriate VLAN. +.Ss Host communication in a VLAN +Sometimes it is useful to allow the host itself to communicate in a VLAN, +for example to provide routing to other hosts in the VLAN. +To do this, create a +.Xr vlan 4 +interface on top of the +.Nm +interface with the appropriate VLAN tag. +For example, to allow the host to communicate in VLAN 10: +.Bd -literal -offset indent +ifconfig bridge0.10 create inet6 2001:db8::1/64 +.Ed +.Ss Configuring the VLAN access list (VLAN filtering) +For historical reasons, the default +.Nm +configuration allows all interfaces to send tagged traffic for any VLAN, +meaning that VLANs do not provide security separation. +To restrict which interfaces may communicate in which VLANs, +enable VLAN filtering on the bridge: +.Bd -literal -offset indent +ifconfig bridge0 vlanfilter +.Ed +.Pp +This has the following effects on bridge members: +.Bl -bullet -offset indent +.It +No untagged frames will be accepted from a member interface unless +the interface has a PVID configured. +.It +No tagged frames will be accepted from a member interface unless +the VLAN identifier is present in the interface's VLAN access list. +.It +Frames with stacked tags (Q-in-Q) will not be accepted from a +member interface unless the +.Cm qinq +option (see below) has been configured for that member. +.El +.Pp +To configure the VLAN access list, use the +.Xr ifconfig 8 +.Cm iftagged , +.Cm +iftagged +or +.Cm -iftagged +commands. +For example, to allow an interface to communicate in VLANs 10, 20, +and any VLAN from 100 to 199: +.Bd -literal -offset indent +ifconfig bridge0 iftagged ix0 10,20,100-199 +.Ed +.Ss IEEE 802.1ad (Q-in-Q) configuration +IEEE 802.1ad, also called Q-in-Q or +.Dq tag stacking , +allows a single Ethernet frame to contain multiple tags. +This allows one Ethernet network to transport traffic between endpoints +using its own VLAN tags without interfering with any pre-existing tags, +and is often used in service provider networks to provide +.Dq virtual wire +Ethernet services. +.Pp +When VLAN filtering is enabled, +.Nm +does not permit member interfaces to send Q-in-Q frames, because in +certain configuration this allows +.Dq VLAN-hopping +attacks on the bridge. +For example, consider a bridge with port ix0 configured as a tagged +port in VLAN 10, and port ix1 configured as untagged in VLAN 10 and +tagged in VLAN 20. +If ix0 is allowed to send Q-in-Q frames, then it can send a frame with +two tags: one for VLAN 10, followed by one for VLAN 20. +When the bridge forwards the frame to ix1, it will strip the VLAN tag +for VLAN 10, then forward the frame to ix1 with the tag for VLAN 20 +intact, effectively allowing ix1 to send traffic on VLAN 20 even +though the bridge configuration should not permit that. +.Pp +To permit an interface to send Q-in-Q frames, set the +.Xr ifconfig 8 +.Cm qinq +flag on the interface. +This is only required on the interface which will send Q-in-Q frames, +not the interface receiving the frames. +.Pp +Alternatively, set the +.Cm defqinq +flag on the bridge itself to enable Q-in-Q for all newly-added +interfaces by default. .Sh PACKET FILTERING Packet filtering can be used with any firewall package that hooks in via the .Xr pfil 9 @@ -537,6 +633,36 @@ ifconfig_wlan0="up ssid my_ap mode 11g" ifconfig_fxp0="up" .Ed .Pp +The following will cause a bridge to be created with two VLANs, +10 and 20, where the +.Dq Li em +interfaces can only communicate in their assigned VLANs, +while +.Dq Li ix0 +is a trunk port which can communicate in either VLAN: +.Bd -literal -offset indent +cloned_interfaces="bridge0" +ifconfig_bridge0="vlanfilter \e + addm em0 untagged 10 \e + addm em1 untagged 10 \e + addm em2 untagged 20 \e + addm em3 untagged 20 \e + addm ix0 tagged 10,20" +ifconfig_em0="up" +ifconfig_em1="up" +ifconfig_em2="up" +ifconfig_em3="up" +ifconfig_ix0="up" +.Ed +.Pp +The previous example could be extended to allow the host to +communicate in VLANs 10 and 20: +.Bd -literal -offset indent +vlans_bridge0="10 20" +ifconfig_bridge0_10_ipv6="inet6 2001:db8:0:10::1/64" +ifconfig_bridge0_20_ipv6="inet6 2001:db8:0:20::1/64" +.Ed +.Pp Consider a system with two 4-port Ethernet boards. The following will cause a bridge consisting of all 8 ports with Rapid Spanning Tree enabled to be created: diff --git a/share/man/man4/linprocfs.4 b/share/man/man4/linprocfs.4 index 53940d7c02b0..dcd1c642b409 100644 --- a/share/man/man4/linprocfs.4 +++ b/share/man/man4/linprocfs.4 @@ -9,7 +9,7 @@ .Nd Linux process file system .Sh SYNOPSIS .Bd -literal -linproc /compat/linux/proc linprocfs rw 0 0 +linprocfs /compat/linux/proc linprocfs rw 0 0 .Ed .Sh DESCRIPTION The Linux process file system, or @@ -138,7 +138,7 @@ To mount a file system on .Pa /compat/linux/proc : .Pp -.Dl "mount -t linprocfs linproc /compat/linux/proc" +.Dl "mount -t linprocfs linprocfs /compat/linux/proc" .Sh SEE ALSO .Xr mount 2 , .Xr unmount 2 , diff --git a/share/man/man4/linsysfs.4 b/share/man/man4/linsysfs.4 index 12729a814085..045e1af89173 100644 --- a/share/man/man4/linsysfs.4 +++ b/share/man/man4/linsysfs.4 @@ -9,7 +9,7 @@ .Nd Linux kernel objects file system .Sh SYNOPSIS .Bd -literal -linsys /compat/linux/sys linsysfs rw 0 0 +linsysfs /compat/linux/sys linsysfs rw 0 0 .Ed .Sh DESCRIPTION The @@ -66,7 +66,7 @@ The PCI device hierarchy node. .Sh EXAMPLES The most common usage follows: .Pp -.Dl "mount -t linsysfs linsys /compat/linux/sys" +.Dl "mount -t linsysfs linsysfs /compat/linux/sys" .Pp where .Pa /compat/linux/sys diff --git a/share/man/man4/man4.aarch64/Makefile b/share/man/man4/man4.aarch64/Makefile index 0e85aab8b770..f35558d69a33 100644 --- a/share/man/man4/man4.aarch64/Makefile +++ b/share/man/man4/man4.aarch64/Makefile @@ -14,12 +14,6 @@ MAN= \ # for all architectures, otherwise arm takes care of installing them. .if !empty(MAN_ARCH) && ${MAN_ARCH} != "all" MAN+= \ - aw_gpio.4 \ - aw_mmc.4 \ - aw_rtc.4 \ - aw_sid.4 \ - aw_spi.4 \ - aw_syscon.4 \ bcm283x_pwm.4 \ .endif diff --git a/share/man/man4/man4.arm/Makefile b/share/man/man4/man4.arm/Makefile index 6b046a1002a2..2be255ad913f 100644 --- a/share/man/man4/man4.arm/Makefile +++ b/share/man/man4/man4.arm/Makefile @@ -1,11 +1,5 @@ MAN= \ ar40xx.4 \ - aw_gpio.4 \ - aw_mmc.4 \ - aw_rtc.4 \ - aw_sid.4 \ - aw_spi.4 \ - aw_syscon.4 \ bcm283x_pwm.4 \ devcfg.4 \ imx6_ahci.4 \ diff --git a/share/man/man4/nvd.4 b/share/man/man4/nvd.4 index d5145939e409..1861fabc91d0 100644 --- a/share/man/man4/nvd.4 +++ b/share/man/man4/nvd.4 @@ -31,7 +31,7 @@ .\" .\" Author: Jim Harris <jimharris@FreeBSD.org> .\" -.Dd May 18, 2019 +.Dd October 2, 2025 .Dt NVD 4 .Os .Sh NAME @@ -72,6 +72,10 @@ Note that device nodes from the driver are not .Xr GEOM 4 disks and cannot be partitioned. +.Sh HARDWARE +The +.Nm +driver supports NVMe storage devices using NVMe namespaces. .Sh CONFIGURATION The .Nm diff --git a/share/man/man4/snd_dummy.4 b/share/man/man4/snd_dummy.4 index 2b9d26d318ef..172b8ed70729 100644 --- a/share/man/man4/snd_dummy.4 +++ b/share/man/man4/snd_dummy.4 @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd July 15, 2024 +.Dd October 22, 2025 .Dt SND_DUMMY 4 .Os .Sh NAME @@ -47,11 +47,22 @@ physical sound card. It is intended for testing, so that test programs do not need to rely on hardware being present in the machine in order to run. .Pp -The driver attaches as a regular PCM device, with two channels (one playback -and one recording), as well as a mixer. +The driver attaches as a regular +.Xr sound 4 +device, with two channels (one playback and one recording), as well as a mixer. .Pp Playback works by discarding all input, and recording by returning silence (zeros). +.Sh FILES +.Bl -tag -width "/dev/dsp.dummy" -compact +.It Pa /dev/dsp.dummy +Alias to the device's +.Pa /dev/dsp%d +file created by +.Xr sound 4 . +This makes it easy for tests to open the dummy devic when there are more +devices present in the system. +.El .Sh SEE ALSO .Xr sound 4 , .Xr loader.conf 5 , diff --git a/share/man/man5/periodic.conf.5 b/share/man/man5/periodic.conf.5 index a2ed2b09d772..8910895d9b89 100644 --- a/share/man/man5/periodic.conf.5 +++ b/share/man/man5/periodic.conf.5 @@ -981,7 +981,7 @@ since yesterday's check. Space-separated list of additional anchors whose denied packets log entries to show. The main ruleset (i.e., the empty-string anchor) and any -.Xr blacklistd 8 +.Xr blocklistd 8 anchors, if present, are always shown. .It Va security_status_pfdenied_period .Pq Vt str diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5 index 5c8ae5b83e5f..bab2c3d84abf 100644 --- a/share/man/man5/src.conf.5 +++ b/share/man/man5/src.conf.5 @@ -1,5 +1,5 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. -.Dd September 25, 2025 +.Dd October 22, 2025 .Dt SRC.CONF 5 .Os .Sh NAME @@ -226,10 +226,15 @@ options provide "full" Relocation Read-Only (RELRO) support. With full RELRO the entire GOT is made read-only after performing relocation at startup, avoiding GOT overwrite attacks. .It Va WITHOUT_BLACKLIST -Set this if you do not want to build -.Xr blacklistd 8 -and -.Xr blacklistctl 8 . +This option has been renamed to +.Va WITHOUT_BLOCKLIST . +When set, it enforces these options: +.Pp +.Bl -item -compact +.It +.Va WITHOUT_BLOCKLIST +.El +.Pp When set, these options are also in effect: .Pp .Bl -inset -compact @@ -237,10 +242,36 @@ When set, these options are also in effect: (unless .Va WITH_BLACKLIST_SUPPORT is set explicitly) +.It Va WITHOUT_BLOCKLIST_SUPPORT +(unless +.Va WITH_BLOCKLIST_SUPPORT +is set explicitly) .El .It Va WITHOUT_BLACKLIST_SUPPORT +This option has been renamed to +.Va WITHOUT_BLOCKLIST_SUPPORT . +When set, it enforces these options: +.Pp +.Bl -item -compact +.It +.Va WITHOUT_BLOCKLIST_SUPPORT +.El +.It Va WITHOUT_BLOCKLIST +Set this if you do not want to build +.Xr blocklistd 8 +and +.Xr blocklistctl 8 . +When set, these options are also in effect: +.Pp +.Bl -inset -compact +.It Va WITHOUT_BLOCKLIST_SUPPORT +(unless +.Va WITH_BLOCKLIST_SUPPORT +is set explicitly) +.El +.It Va WITHOUT_BLOCKLIST_SUPPORT Build some programs without -.Xr libblacklist 3 +.Xr libblocklist 3 support, like .Xr fingerd 8 and @@ -925,12 +956,12 @@ Do not build LLVM's lld linker. Do not build the LLDB debugger. .Pp This is a default setting on -arm/armv7 and riscv/riscv64. +riscv/riscv64. .It Va WITH_LLDB Build the LLDB debugger. .Pp This is a default setting on -amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. +amd64/amd64, arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le. .It Va WITHOUT_LLD_BOOTSTRAP Do not build the LLD linker during the bootstrap phase of the build. diff --git a/share/man/man7/release.7 b/share/man/man7/release.7 index 05f80374926f..2493a34721bc 100644 --- a/share/man/man7/release.7 +++ b/share/man/man7/release.7 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" .\" Copyright (c) 2002 Murray Stokely <murray@FreeBSD.org> .\" All rights reserved. .\" @@ -22,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd September 11, 2025 +.Dd October 13, 2025 .Dt RELEASE 7 .Os .Sh NAME @@ -136,6 +139,8 @@ configuration file supports the following variables: .Bl -tag -width Ev .It Va CHROOTDIR The directory within which the release will be built. +Defaults to +.Pa /scratch . .It Va CHROOT_MAKEENV Additional .Xr make 1 @@ -636,6 +641,7 @@ Typically, one only needs to set .El .Sh FILES .Bl -tag -compact -width Pa +.It Pa /scratch .It Pa /usr/doc/Makefile .It Pa /usr/doc/share/mk/doc.project.mk .It Pa /usr/ports/Mk/bsd.port.mk @@ -688,16 +694,10 @@ the Raspberry Pi, exist in the directory corresponding to the .Va TARGET .Xr make 1 variable. -For example, to build an image for the Raspberry Pi: -.Bd -literal -offset indent -cd /usr/src/release -sh release.sh -c arm/RPI-B.conf -.Ed -.Pp -To build an image for the Raspberry Pi 3: +For example, to build an image for 64-bit Raspberry Pis: .Bd -literal -offset indent cd /usr/src/release -sh release.sh -c arm64/RPI3.conf +sh release.sh -c arm64/RPI.conf .Ed .Pp After running these commands, all prepared release files are available in the diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile index 3bccc92572d6..52ec9be3ae02 100644 --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -2207,6 +2207,7 @@ MLINKS+=syscall_helper_register.9 syscall_helper_unregister.9 \ syscall_helper_register.9 SYSCALL_INIT_HELPER_COMPAT_F.9 \ syscall_helper_register.9 SYSCALL_INIT_HELPER_F.9 MLINKS+=sysctl.9 SYSCTL_DECL.9 \ + sysctl.9 SYSCTL_ADD_BOOL.9 \ sysctl.9 SYSCTL_ADD_CONST_STRING.9 \ sysctl.9 SYSCTL_ADD_INT.9 \ sysctl.9 SYSCTL_ADD_LONG.9 \ @@ -2233,6 +2234,7 @@ MLINKS+=sysctl.9 SYSCTL_DECL.9 \ sysctl.9 SYSCTL_ADD_UMA_CUR.9 \ sysctl.9 SYSCTL_ADD_UMA_MAX.9 \ sysctl.9 SYSCTL_ADD_UQUAD.9 \ + sysctl.9 SYSCTL_BOOL.9 \ sysctl.9 SYSCTL_CHILDREN.9 \ sysctl.9 SYSCTL_STATIC_CHILDREN.9 \ sysctl.9 SYSCTL_NODE_CHILDREN.9 \ diff --git a/share/man/man9/VOP_OPENCLOSE.9 b/share/man/man9/VOP_OPENCLOSE.9 index 9a4f7069962d..672f9faa92f5 100644 --- a/share/man/man9/VOP_OPENCLOSE.9 +++ b/share/man/man9/VOP_OPENCLOSE.9 @@ -26,7 +26,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd December 2, 2009 +.Dd October 17, 2025 .Dt VOP_OPEN 9 .Os .Sh NAME @@ -78,6 +78,17 @@ The access mode is a set of flags, including .Dv FWRITE , .Dv O_NONBLOCK , .Dv O_APPEND . +.Pp +The thread +.Fa td +passed to +.Fn VOP_CLOSE +may be +.Ql NULL +if the last reference to the open file is released from a kernel context, e.g., +the destruction of a socket buffer containing the file reference in a +.Dv SCM_RIGHTS +message. .Sh LOCKS .Fn VOP_OPEN expects diff --git a/share/man/man9/uio.9 b/share/man/man9/uio.9 index e6240c4e51d3..b143eb6e8e62 100644 --- a/share/man/man9/uio.9 +++ b/share/man/man9/uio.9 @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd March 11, 2017 +.Dd October 22, 2025 .Dt UIO 9 .Os .Sh NAME @@ -107,10 +107,14 @@ The I/O vector points into the kernel address space. Do not copy, already in object. .El .It Va uio_rw -The direction of the desired transfer, either -.Dv UIO_READ -or -.Dv UIO_WRITE . +The direction of the desired transfer. +The supported flags are: +.Bl -tag -width "UIO_WRITE" +.It Dv UIO_READ +Transfer data from the buffers into the I/O vectors. +.It Dv UIO_WRITE +Transfer data from the I/O vectors into the buffers. +.El .It Va uio_td The pointer to a .Vt "struct thread" diff --git a/share/misc/bsd-family-tree b/share/misc/bsd-family-tree index b1614c7eb409..b0502dfc7925 100644 --- a/share/misc/bsd-family-tree +++ b/share/misc/bsd-family-tree @@ -479,7 +479,7 @@ FreeBSD 5.2 | | | | | | | | | DragonFly 6.4.1 | | | | | DragonFly 6.4.2 | FreeBSD | | | | - | 14.3 | | | | + | 14.3 | | OpenBSD 7.8 | | | | | | FreeBSD 16 -current | NetBSD -current OpenBSD -current DragonFly -current | | | | | @@ -925,6 +925,7 @@ OpenBSD 7.7 2025-04-28 [OBD] DragonFly 6.4.1 2025-04-30 [DFB] DragonFly 6.4.2 2025-05-09 [DFB] FreeBSD 14.3 2025-06-10 [FBD] +OpenBSD 7.8 2025-10-22 [OBD] Bibliography ------------------------ diff --git a/share/misc/committers-src.dot b/share/misc/committers-src.dot index 6035dd031216..3f3e39635c55 100644 --- a/share/misc/committers-src.dot +++ b/share/misc/committers-src.dot @@ -188,6 +188,7 @@ fjoe [label="Max Khon\nfjoe@FreeBSD.org\n2001/08/06"] flz [label="Florent Thoumie\nflz@FreeBSD.org\n2006/03/30"] freqlabs [label="Ryan Moeller\nfreqlabs@FreeBSD.org\n2020/02/10"] fsu [label="Fedor Uporov\nfsu@FreeBSD.org\n2017/08/28"] +fuz [label="Robert Clausecker\nfuz@FreeBSD.org\n2025/10/21"] gabor [label="Gabor Kovesdan\ngabor@FreeBSD.org\n2010/02/02"] gad [label="Garance A. Drosehn\ngad@FreeBSD.org\n2000/10/27"] gallatin [label="Andrew Gallatin\ngallatin@FreeBSD.org\n1999/01/15"] @@ -789,6 +790,7 @@ markj -> bnovkov markj -> cem markj -> christos markj -> dougm +markj -> fuz markj -> igoro markj -> jfree markj -> lwhsu diff --git a/share/mk/bsd.libnames.mk b/share/mk/bsd.libnames.mk index 3ff4c4e90a1b..2f099e0579b2 100644 --- a/share/mk/bsd.libnames.mk +++ b/share/mk/bsd.libnames.mk @@ -27,6 +27,7 @@ LIBAVL?= ${LIBDESTDIR}${LIBDIR_BASE}/libavl.a LIBBE?= ${LIBDESTDIR}${LIBDIR_BASE}/libbe.a LIBBEGEMOT?= ${LIBDESTDIR}${LIBDIR_BASE}/libbegemot.a LIBBLACKLIST?= ${LIBDESTDIR}${LIBDIR_BASE}/libblacklist.a +LIBBLOCKLIST?= ${LIBDESTDIR}${LIBDIR_BASE}/libblocklist.a LIBBLOCKSRUNTIME?= ${LIBDESTDIR}${LIBDIR_BASE}/libBlocksRuntime.a LIBBLUETOOTH?= ${LIBDESTDIR}${LIBDIR_BASE}/libbluetooth.a LIBBSDXML?= ${LIBDESTDIR}${LIBDIR_BASE}/libbsdxml.a diff --git a/share/mk/bsd.man.mk b/share/mk/bsd.man.mk index 0a3594e05d94..1591a3e0905e 100644 --- a/share/mk/bsd.man.mk +++ b/share/mk/bsd.man.mk @@ -97,6 +97,14 @@ manlinksinstall: .PHONY all-man: +# Take groups from both MANGROUPS and MANGROUPS.yes, to allow syntax like +# MANGROUPS.${MK_FOO}=FOO. Sort and uniq the list of groups in case of +# duplicates. +.if defined(MANGROUPS) || defined(MANGROUPS.yes) +MANGROUPS:=${MANGROUPS} ${MANGROUPS.yes} +MANGROUPS:=${MANGROUPS:O:u} +.endif + .for __group in ${MANGROUPS} realmaninstall: realmaninstall-${__group} diff --git a/share/mk/local.dirdeps-options.mk b/share/mk/local.dirdeps-options.mk index 4eef5311375e..5773c4979e56 100644 --- a/share/mk/local.dirdeps-options.mk +++ b/share/mk/local.dirdeps-options.mk @@ -2,6 +2,7 @@ # avoid duplication DIRDEPS.AUDIT.yes= lib/libbsm DIRDEPS.BLACKLIST_SUPPORT.yes+= lib/libblacklist +DIRDEPS.BLOCKLIST_SUPPORT.yes+= lib/libblocklist DIRDEPS.CASPER.yes+= lib/libcasper/libcasper DIRDEPS.GSSAPI.yes+= lib/libgssapi DIRDEPS.JAIL.yes+= lib/libjail diff --git a/share/mk/src.libnames.mk b/share/mk/src.libnames.mk index 3e108591251a..fd0424a96d9b 100644 --- a/share/mk/src.libnames.mk +++ b/share/mk/src.libnames.mk @@ -29,6 +29,7 @@ _PRIVATELIBS= \ heimipcs \ kldelf \ ldns \ + opencsd \ samplerate \ sqlite3 \ ssh \ @@ -264,8 +265,12 @@ _LIBRARIES+= \ .if ${MK_BLACKLIST} != "no" _LIBRARIES+= \ - blacklist \ + blacklist +.endif +.if ${MK_BLOCKLIST} != "no" +_LIBRARIES+= \ + blocklist .endif .if ${MK_OFED} != "no" @@ -319,6 +324,9 @@ _DP_zstd= pthread .if ${MK_BLACKLIST} != "no" _DP_blacklist+= pthread .endif +.if ${MK_BLOCKLIST} != "no" +_DP_blocklist+= pthread +.endif _DP_crypto= pthread # See comment by _DP_archive above .if ${.MAKE.OS} == "FreeBSD" || !defined(BOOTSTRAPPING) @@ -865,6 +873,7 @@ LIBGTESTDIR= ${_LIB_OBJTOP}/lib/googletest/gtest LIBGTEST_MAINDIR= ${_LIB_OBJTOP}/lib/googletest/gtest_main LIBALIASDIR= ${_LIB_OBJTOP}/lib/libalias/libalias LIBBLACKLISTDIR= ${_LIB_OBJTOP}/lib/libblacklist +LIBBLOCKLISTDIR= ${_LIB_OBJTOP}/lib/libblocklist LIBBLOCKSRUNTIMEDIR= ${_LIB_OBJTOP}/lib/libblocksruntime LIBBSNMPDIR= ${_LIB_OBJTOP}/lib/libbsnmp/libbsnmp LIBCASPERDIR= ${_LIB_OBJTOP}/lib/libcasper/libcasper diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk index 9bd4e6a1842f..e10455cd4e82 100644 --- a/share/mk/src.opts.mk +++ b/share/mk/src.opts.mk @@ -66,6 +66,7 @@ __DEFAULT_YES_OPTIONS = \ AUTOFS \ BHYVE \ BLACKLIST \ + BLOCKLIST \ BLUETOOTH \ BOOT \ BOOTPARAMD \ @@ -242,6 +243,7 @@ __LIBC_MALLOC_DEFAULT= jemalloc # .for var in \ BLACKLIST \ + BLOCKLIST \ BZIP2 \ INET \ INET6 \ @@ -300,7 +302,7 @@ __DEFAULT_NO_OPTIONS+=FDT __DEFAULT_YES_OPTIONS+=FDT .endif -.if ${__T:Marm*} == "" && ${__T:Mriscv64*} == "" +.if ${__T:Mriscv64*} == "" __DEFAULT_YES_OPTIONS+=LLDB .else __DEFAULT_NO_OPTIONS+=LLDB @@ -391,6 +393,14 @@ MK_SOURCELESS_HOST:= no MK_SOURCELESS_UCODE:= no .endif +.if ${MK_BLACKLIST} == "no" +MK_BLOCKLIST:= no +.endif + +.if ${MK_BLACKLIST_SUPPORT} == "no" +MK_BLOCKLIST_SUPPORT:= no +.endif + .if ${MK_CDDL} == "no" MK_CTF:= no MK_DTRACE:= no |