secure: hook up libecc as libpkgecc

libecc is not intended to be general use, other applications should
really be using openssl. pkg(7) uses libecc to align with the pkg(8)
project and its goals.

secure: hook up libecc as libpkgecc

libecc is not intended to be general use, other applications should
really be using openssl. pkg(7) uses libecc to align with the pkg(8)
project and its goals. This will be used in the upcoming support for
ECC in pkg(7).

Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D48117

show more ...

lib: hook libder up to the build

libder will be used in upcoming ECC support in the pkg(7) bootstrap to
read DER-encoded keys and signatures.

Differential Revision: https://reviews.freebsd.org/D481

lib: hook libder up to the build

libder will be used in upcoming ECC support in the pkg(7) bootstrap to
read DER-encoded keys and signatures.

Differential Revision: https://reviews.freebsd.org/D48116

show more ...

nvmf: Switch several ioctls to using nvlists

For requests that handoff queues from userspace to the kernel as well
as the request to fetch reconnect parameters from the kernel, switch
from using fla

nvmf: Switch several ioctls to using nvlists

For requests that handoff queues from userspace to the kernel as well
as the request to fetch reconnect parameters from the kernel, switch
from using flat structures to nvlists. In particular, this will
permit adding support for additional transports in the future without
breaking the ABI of the structures.

Note that this is an ABI break for the ioctls used by nvmf(4) and
nvmft(4). Since this is only present in main I did not bother
implementing compatability shims.

Inspired by: imp (suggestion on a different review)
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48230

show more ...

lib/libcrypt: unbundle hash functions

libcrypt bundles the various hash functions it needs,
duplicating code that is also found in libmd.
Unbundle the hash functions and apply the same hack used
for

lib/libcrypt: unbundle hash functions

libcrypt bundles the various hash functions it needs,
duplicating code that is also found in libmd.
Unbundle the hash functions and apply the same hack used
for libncursesw so static consumers link -lmd in addition
to -lcrypt.

Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D47062

show more ...

libkldelf: add a private library for kernel/kld-related ELF parsing

The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kern

libkldelf: add a private library for kernel/kld-related ELF parsing

The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kernel
executable. The library can be used to read metadata such as linker_set,
mod_depend, mod_version and PNP match info, and raw data from the ELF.

To promote the reuse of the facilities the ELF parsing code is separated
from kldxref(8) into a new private library.

For now, libkldelf's source files will be compiled into kldxref(8)
directly if kldxref is built during bootstrapping phase. The reason is
linking kldxref(8) against the libkldelf static library has an unwanted
side effect which renders the linker sets inside the libkldelf
implementation empty if the static library is not build by ld -r all the
.o files into a single .o before producing the static library.

Sponsored by: Juniper Networks, Inc.
Reviewed by: markj
Suggested by: jrtc27, markj
Differential Revision: https://reviews.freebsd.org/D46719

show more ...

Revert "libkldelf: add a private library for kernel/kld-related ELF parsing"

This reverts commit 0a2cfd653e86ac41c4e6e32a449d133c0ee6d677.

libkldelf: add a private library for kernel/kld-related ELF parsing

The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kern

libkldelf: add a private library for kernel/kld-related ELF parsing

The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kernel
executable. The library can be used to read metadata such as linker_set,
mod_depend, mod_version and PNP match info, and raw data from the ELF.

To promote the reuse of the facilities the ELF parsing code is separated
from kldxref(8) into a new private library.

kldxref(8) is modified to link against the libkldelf library.

Sponsored by: Juniper Networks, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D46719

show more ...

wpa: Import 2.11

Following is a changelog of new features and fixes to wpa:

hostapd:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during c

wpa: Import 2.11

Following is a changelog of new features and fixes to wpa:

hostapd:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
- use Secure=1 in message 3 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* extend PASN support for secure ranging
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
- this is based on additional details being added in the IEEE 802.11
standard
- the new implementation is not backwards compatible
* improved ACS to cover additional channel types/bandwidths
* extended Multiple BSSID support
* fix beacon protection with FT protocol (incorrect BIGTK was provided)
* support unsynchronized service discovery (USD)
* add preliminary support for RADIUS/TLS
* add support for explicit SSID protection in 4-way handshake
(a mitigation for CVE-2023-52424; disabled by default for now, can be
enabled with ssid_protection=1)
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions

wpa_supplicant:
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* MACsec
- add support for GCM-AES-256 cipher suite
- remove incorrect EAP Session-Id length constraint
- add hardware offload support for additional drivers
* HE/IEEE 802.11ax/Wi-Fi 6
- support BSS color updates
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* support OpenSSL 3.0 API changes
* improve EAP-TLS support for TLSv1.3
* EAP-SIM/AKA: support IMSI privacy
* improve mitigation against DoS attacks when PMF is used
* improve 4-way handshake operations
- discard unencrypted EAPOL frames in additional cases
- use Secure=1 in message 2 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* improve cross-AKM roaming with driver-based SME/BSS selection
* PASN
- extend support for secure ranging
- allow PASN implementation to be used with external programs for
Wi-Fi Aware
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
- this is based on additional details being added in the IEEE 802.11
standard
- the new implementation is not backwards compatible, but PMKSA
caching with FT-EAP was, and still is, disabled by default
* support a pregenerated MAC (mac_addr=3) as an alternative mechanism
for using per-network random MAC addresses
* EAP-PEAP: require Phase 2 authentication by default (phase2_auth=1)
to improve security for still unfortunately common invalid
configurations that do not set ca_cert
* extend SCS support for QoS Characteristics
* extend MSCS support
* support unsynchronized service discovery (USD)
* add support for explicit SSID protection in 4-way handshake
(a mitigation for CVE-2023-52424; disabled by default for now, can be
enabled with ssid_protection=1)
- in addition, verify SSID after key setup when beacon protection is
used
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* a large number of other fixes, cleanup, and extensions

MFC after: 2 months

Merge commit '6377230b3cf4f238dcd0dc2d76ff25943d3040e5'

show more ...

libnvmf: Add internal library to support NVMe over Fabrics

libnvmf provides APIs for transmitting and receiving Command and
Response capsules along with data associated with NVMe commands.
Capsules

libnvmf: Add internal library to support NVMe over Fabrics

libnvmf provides APIs for transmitting and receiving Command and
Response capsules along with data associated with NVMe commands.
Capsules are represented by 'struct nvmf_capsule' objects.

Capsules are transmitted and received on queue pairs represented by
'struct nvmf_qpair' objects.

Queue pairs belong to an association represented by a 'struct
nvmf_association' object.

libnvmf provides additional helper APIs to assist with constructing
command capsules for a host, response capsules for a controller,
connecting queue pairs to a remote controller and optionally
offloading connected queues to an in-kernel host, accepting queue pair
connections from remote hosts and optionally offloading connected
queues to an in-kernel controller, constructing controller data
structures for local controllers, etc.

libnvmf also includes an internal transport abstraction as well as an
implementation of a userspace TCP transport.

libnvmf is primarily intended for ease of use and low-traffic use cases
such as establishing connections that are handed off to the kernel.
As such, it uses a simple API built on blocking I/O.

For a host, a consumer first populates an 'struct
nvmf_association_params' with a set of parameters shared by all queue
pairs for a single association such as whether or not to use SQ flow
control and header and data digests and creates a 'struct
nvmf_association' object. The consumer is responsible for
establishing a TCP socket for each queue pair. This socket is
included in the 'struct nvmf_qpair_params' passed to 'nvmf_connect' to
complete transport-specific negotiation, send a Fabrics Connect
command, and wait for the Connect reply. Upon success, a new 'struct
nvmf_qpair' object is returned. This queue pair can then be used to
send and receive capsules. A command capsule is allocated, populated
with an SQE and optional data buffer, and transmitted via
nvmf_host_transmit_command. The consumer can then wait for a reply
via nvmf_host_wait_for_response. The library also provides some
wrapper functions such as nvmf_read_property and nvmf_write_property
which send a command and wait for a response synchronously.

For a controller, a consumer uses a single association for a set of
incoming connections. A consumer can choose to use multiple
associations (e.g. a separate association for connections to a
discovery controller listening on a different port than I/O
controllers). The consumer is responsible for accepting TCP sockets
directly, but once a socket has been accepted it is passed to
nvmf_accept to perform transport-specific negotiation and wait for the
Connect command. Similar to nvmf_connect, nvmf_accept returns a newly
construct nvmf_qpair. However, in contrast to nvmf_connect,
nvmf_accept does not complete the Fabrics negotiation. The consumer
must explicitly send a response capsule before waiting for additional
command capsules to arrive. In particular, in the kernel offload
case, the Connect command and data are provided to the kernel
controller and the Connect response capsule is sent by the kernel once
it is ready to handle the new queue pair.

For userspace controller command handling, the consumer uses
nvmf_controller_receive_capsule to wait for a command capsule.
nvmf_receive_controller_data is used to retrieve any data from a
command (e.g. the data for a WRITE command). It can be called
multiple times to split the data transfer into smaller sizes.
nvmf_send_controller_data is used to send data to a remote host in
response to a command. It also sends a response capsule indicating
success, or an error if an internal error occurs. nvmf_send_response
is used to send a response without associated data. There are also
several convenience wrappers such as nvmf_send_success and
nvmf_send_generic_error.

Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D44710

show more ...

src.libnames.mk: fix LIBPFCTL definition

Following the convention used in the rest of this file, ${LIBPFCTLDIR}
should refer to the directory, and ${LIBPFCTL} to the library itself.

Instead, both v

src.libnames.mk: fix LIBPFCTL definition

Following the convention used in the rest of this file, ${LIBPFCTLDIR}
should refer to the directory, and ${LIBPFCTL} to the library itself.

Instead, both values were assigned to ${LIBPFCTL}, and ${LIBPFCTLDIR} was
not set at all.

This appears to be a simple typo and not a deliberate choice, so fix it
by assigning the directory name to ${LIBPFCTLDIR} instead.

show more ...

diff: Integrate libdiff from OpenBSD GoT.

This adds support for two new diff algorithms, Myers diff and Patience
diff.

These algorithms perform a different form of search compared to the
classic St

diff: Integrate libdiff from OpenBSD GoT.

This adds support for two new diff algorithms, Myers diff and Patience
diff.

These algorithms perform a different form of search compared to the
classic Stone algorithm and support escapes when worst case scenarios
are encountered.

Add the -A flag to allow selection of the algorithm, but default to
using the new Myers diff implementation.

The libdiff implementation currently only supports a subset of input and
output options supported by diff. When these options are used, but the
algorithm is not selected, automatically fallback to the classic Stone
algorithm until support for these modes can be added.

Based on work originally done by thj@ with contributions from kevans@.

Sponsored by: Klara, Inc.
Reviewed by: thj
Differential Revision: https://reviews.freebsd.org/D44302

show more ...

libfdt: Make an internal FDT library available

This will be used by bhyve to build a device tree when booting arm64
guests.

Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: Innovate UK
Dif

libfdt: Make an internal FDT library available

This will be used by bhyve to build a device tree when booting arm64
guests.

Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40994

show more ...

lib{c,sys}: move auxargs more firmly into libsys

Continue to filter the public interface (elf_aux_info()), but entierly
relocate the private interfaces (_elf_aux_info(),
__init_elf_aux_vector(), and

lib{c,sys}: move auxargs more firmly into libsys

Continue to filter the public interface (elf_aux_info()), but entierly
relocate the private interfaces (_elf_aux_info(),
__init_elf_aux_vector(), and __elf_aux_vector) to libsys.

This ensures that rtld updates the correct (only) copy of
__elf_aux_vector. After 968a18975adc9c2a619bb52aa2f009de99fc9e24
updates were confused and __getosreldate was failing, causing
the system to fall back to compat compat12 syscalls in some cases.

Return to explicitly linking libc to libsys and link libthr with libc
and libsys (in that order).

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43910

show more ...

zfs: merge openzfs/zfs@229b9f4ed

Notable upstream pull request merges:
#15769 082338875 Add 'zpool status -e' flag to see unhealthy vdevs
#15804 a0d3fe72b libzdb: Initial breakout of libzdb
#1584

zfs: merge openzfs/zfs@229b9f4ed

Notable upstream pull request merges:
#15769 082338875 Add 'zpool status -e' flag to see unhealthy vdevs
#15804 a0d3fe72b libzdb: Initial breakout of libzdb
#15847 229b9f4ed LUA: Backport CVE-2020-24370's patch

Obtained from: OpenZFS
OpenZFS commit: 229b9f4ed05e6d14fb4d73fa04a71e99b01bb534

show more ...

libc: don't directly link libsys

It is sufficent to add it as a filter.

Reported by: kib
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43781

libc: link libsys as a auxiliary filter library

At runtime, when rtld loads libc it will also load libsys. For each
symbol that is present in both, the libsys one will override the libc
one. It co

libc: link libsys as a auxiliary filter library

At runtime, when rtld loads libc it will also load libsys. For each
symbol that is present in both, the libsys one will override the libc
one. It continues to be the case that program need only link against
libc (usually implicitly). The linkage to libsys is automatic.

Reviewed by: kib, emaste, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/908

show more ...

libsys: plumb in to build

libsys provides the FreeBSD kernel interface (auxargs, system calls,
vdso). It can be linked directly for programs using a non-standard
libc and will later be linked as a

libsys: plumb in to build

libsys provides the FreeBSD kernel interface (auxargs, system calls,
vdso). It can be linked directly for programs using a non-standard
libc and will later be linked as a filter library to libc providing
the actual system call implementation.

Reviewed by: kib, emaste, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/908

show more ...

Revert "kerberos: Fix numerous segfaults when using weak crypto"

This revision breaks Linux and MacOS cross builds because
TARGET_ENDIANNESS is not define during bootstrapping on these
platforms.

I

Revert "kerberos: Fix numerous segfaults when using weak crypto"

This revision breaks Linux and MacOS cross builds because
TARGET_ENDIANNESS is not define during bootstrapping on these
platforms.

I think the correct approach would be to separate the new
fbsd_ossl_provider_load() and unload functions into their own
library (instead of libroken). This avoids the less desirable
option of including bsd.cpu.mk in secure/lib/Makefile.common,
which does build but could complicate future work.

Reported by: jrtc27

This reverts commit cb350ba7bf7ca7c4cb97ed2c20ab45af60382cfb.

show more ...

kerberos: Fix numerous segfaults when using weak crypto

Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy pro

kerberos: Fix numerous segfaults when using weak crypto

Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.

When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().

PR: 272835
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D43009
Tested by: netchild, Joerg Pulz <Joerg.Pulz@frm2.tum.de>

show more ...

dtrace: Add the 'oformat' libdtrace option

This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace ou

dtrace: Add the 'oformat' libdtrace option

This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)

This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:

- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.

This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.

Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745

show more ...

libbsddialog: delete formw dependency

libbsddialog >= 0.3 has a built-in form implementation so delete
formw dependency.

Approved by: bapt (share/mk maintainer)
Differential Revision: https://revi

libbsddialog: delete formw dependency

libbsddialog >= 0.3 has a built-in form implementation so delete
formw dependency.

Approved by: bapt (share/mk maintainer)
Differential Revision: https://reviews.freebsd.org/D42167

show more ...

zfs: merge openzfs/zfs@804414aad

Notable upstream pull request merges:
#15024 Add missed DMU_PROJECTUSED_OBJECT prefetch
#15029 Do not request data L1 buffers on scan prefetch
#15036 FreeBSD:

zfs: merge openzfs/zfs@804414aad

Notable upstream pull request merges:
#15024 Add missed DMU_PROJECTUSED_OBJECT prefetch
#15029 Do not request data L1 buffers on scan prefetch
#15036 FreeBSD: catch up to __FreeBSD_version 1400093
#15039 Fix raw receive with different indirect block size
#15047 FreeBSD: Fix build on stable/13 after 1302506
#15049 Fix the ZFS checksum error histograms with larger record sizes
#15052 Reduce bloat in ereport.fs.zfs.checksum events
#15056 Avoid extra snprintf() in dsl_deadlist_merge()
#15061 Ignore pool ashift property during vdev attachment
#15063 Don't panic if setting vdev properties is unsupported for this vdev type
#15067 spa_min_alloc should be GCD, not min
#15071 Add explicit prefetches to bpobj_iterate()
#15072 Adjust prefetch parameters
#15076 Refactor dmu_prefetch()
#15079 set autotrim default to 'off' everywhere
#15080 ZIL: Fix config lock deadlock
#15088 metaslab: tuneable to better control force ganging
#15096 Avoid waiting in dmu_sync_late_arrival()
#15097 BRT should return EOPNOTSUPP
#15103 Remove zl_issuer_lock from zil_suspend()
#15107 Remove fastwrite mechanism
#15113 libzfs: sendrecv: send_progress_thread: handle SIGINFO/SIGUSR1
#15122 ZIL: Second attempt to reduce scope of zl_issuer_lock
#15129 zpool_vdev_remove() should handle EALREADY error return
#15132 ZIL: Replay blocks without next block pointer
#15148 zfs_clone_range should return descriptive error codes
#15153 ZIL: Avoid dbuf_read() before dmu_sync()
#15172 copy_file_range: fix fallback when source create on same txg
#15180 Update outdated assertion from zio_write_compress

Obtained from: OpenZFS
OpenZFS commit: 804414aad224b432590afe3f9ec114ffb49e0f13

show more ...

Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

libtacplus: Allow additional AV pairs to be configured.

* Replace hand-rolled input tokenizer with openpam_readlinev() which supports line continuations and has better quoting and escaping.
* Simpli

libtacplus: Allow additional AV pairs to be configured.

* Replace hand-rolled input tokenizer with openpam_readlinev() which supports line continuations and has better quoting and escaping.
* Simplify string handling by merging struct clnt_str and struct srvr_str into just struct tac_str.
* Each server entry in the configuration file can now have up to 255 AV pairs which will be appended to the ones returned by the server in response to a successful authorization request.

This allows nss_tacplus(8) to be used with servers which do not provide identity information beyond confirming the existence of the user.

This adds a dependency on libpam, however libtacplus is currently only used by pam_tacplus(8) (which is already always used with libpam) and the very recently added nss_tacplus(8) (which is extremely niche). In the longer term it might be a good idea to split this out into a separate library.

MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: pauamma_gundo.com, markj
Differential Revision: https://reviews.freebsd.org/D40285
Relnotes: yes

show more ...

bhyve: Move libcasper dependecy to lib9p

libcasper(3) is not used in bhyve. So move dependency to the appropriate
place.

Reviewed by: markj
MFC after: 1 week
Sponsored by: vStack
Differential Revis

bhyve: Move libcasper dependecy to lib9p

libcasper(3) is not used in bhyve. So move dependency to the appropriate
place.

Reviewed by: markj
MFC after: 1 week
Sponsored by: vStack
Differential Revision: https://reviews.freebsd.org/D38905

show more ...