35ce7d40 jhibbits Aug. 6, 2022, 3:42 p.m.
Since the likelihood of new Book-E PowerPC SoCs being produced is near
zero clamp MAXCPU to around the highest number of cores/threads
available currently, for both 64-bit and 32-bit.  Even though the
current highest core/thread count is 24, the cap is set at 32 in case
there is code that assumes power of 2.
cgit
1e73fbd8 kp Aug. 6, 2022, 12:22 p.m.
pass inet proto icmp icmp-type {unreach}
	pass route-to (if0 127.0.0.1/8) sticky-address inet

The wrong struct was being tested. The parser tries to prevent
"sticky-address sticky-address" syntax but was actually cross-rule
enforcing that ICMP filter cannot be before the use of "sticky-address"
in next rule.

MFC after:	2 weeks
Reviewed by:	kp
Differential Revision:	https://reviews.freebsd.org/D36050
cgit
93dd3ada melifaro Aug. 6, 2022, 12:51 p.m.
Reported by:	Konrad Kręciwilk <konrad.kreciwilk@korbank.pl>
MFC after:	2 weeks
cgit
1ffd352b gbe Aug. 6, 2022, 9:32 a.m.
- s/bufferred/buffered/

MFC after:	3 days
cgit
e34667e4 cy Aug. 6, 2022, 8:59 a.m.
Chase 790c6b245151 to update the version to 1.16.2.

Reported by:	"Herbert J. Skuhra" <herbert@gojira.at>
MFC after:	3 days
X-MFC with:	790c6b245151
cgit
4f158a44 cy Aug. 6, 2022, 1:53 a.m.
When printing the current state name and the old state numeric value,
both are always the same. Remove the redundant ostate. It is always
the same as iv_state.

Reviewed by:		bz
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D35849
cgit
790c6b24 cy Aug. 6, 2022, 1:44 a.m.
Security update to unbound.

PR:             265645
Security:       CVE-2022-30698, CVE-2022-30699
Security:       bc43a578-14ec-11ed-856e-d4c9ef517024
MFC after:      3 days

Merge commit '9b76d32f2310b735dbeb896cbf2776cad61f23e8' into main
cgit
220818ac markj Aug. 5, 2022, 8:26 p.m.
BPF might put an interface in promiscuous mode when handling the
BIOCSDLT ioctl.  When this happens, a flag is set in the BPF descriptor
so that the old interface can be restored when the BPF descriptor is
destroyed.

The BIOCPROMISC ioctl can also be used to put a BPF descriptor's
interface into promiscuous mode, but there was nothing synchronizing the
flag.  Fix this by modifying the ioctl handler to acquire the global BPF
mutex, which is used to synchronize ifpromisc() calls elsewhere in BPF.

Reviewed by:	kp, melifaro
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D36045
cgit
e9552d8b markj Aug. 5, 2022, 8:21 p.m.
Upon reset, this register is supposed to have a value of zero.  But when
booting certain v7 CPUs in QEMU, we enter the kernel with several bits
set, including the EAE bit, which enables ARM's PAE extension.  I'm not
sure if QEMU is setting it or if it's the uboot loader.  Because FreeBSD
doesn't implement that extension and uses regular 32-bit page tables,
the kernel hangs immediately after enabling the MMU.

Just clear everything in TTBCR before enabling the MMU, to match the
reset value.  FreeBSD doesn't toggle anything in that register.

PR:		251187
Reviewed by:	imp
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D36041
cgit
52a54b96 mav Aug. 5, 2022, 5:48 p.m.
Setting hw.acpi.apei.log_corrected to 0 will mute corrected errors logging.

MFC after:	1 week
cgit
ac64943c mav Aug. 5, 2022, 5:48 p.m.
Setting hw.mca.log_corrected to 0 will mute corrected errors logging
except ones marked as reaching Yellow threshold by hardware.

MFC after:	1 week
cgit
c39eecd8 markj Aug. 5, 2022, 5:43 p.m.
Sponsored by:	The FreeBSD Foundation
cgit
240afd8c markj Aug. 5, 2022, 5:42 p.m.
This allows one to take a staged directory tree and create a file
consisting of a ZFS pool with one or more datasets that contain the
contents of the directory tree.  This is useful for creating virtual
machine images without using the kernel to create a pool; "zpool create"
requires root privileges and currently is not permitted in jails.
makefs -t zfs also provides reproducible images by using a fixed seed
for pseudo-random number generation, used for generating GUIDs and hash
salts.  makefs -t zfs requires relatively little by way of machine
resources.

The "zpool_reguid" rc.conf setting can be used to ask a FreeBSD guest to
generate a unique pool GUID upon first boot.

A small number of pool and dataset properties are supported.  The pool
is backed by a single disk vdev.  Data is always checksummed using
Fletcher-4, no redundant copies are made, and no compression is used.
The manual page documents supported pool and filesystem properties.

The implementation uses a few pieces of ZFS support from with the boot
loader, especially definitions for various on-disk structures, but is
otherwise standalone and in particular doesn't depend on OpenZFS.

This feature should be treated as experimental for now, i.e., important
data shouldn't be trusted to a makefs-created pool, and the command-line
interface is subject to change.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D35248
cgit
3e1101f2 brd Aug. 5, 2022, 3:10 p.m.
Reviewed by:	0mp, allanjude, asiciliano, dteske, pauamma, rpokala, sef
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D35588
cgit
a69c0964 mav Aug. 5, 2022, 2:58 p.m.
It may help with some issues debugging.

MFC after:	1 week
cgit