[Midnightbsd-cvs] [MidnightBSD/src] b2c92f: pf: fix ICMP ECHO handling of ID conflicts
Dag-Erling Smørgrav
noreply at github.com
Tue Dec 16 15:15:12 EST 2025
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: b2c92f42f54f142b426aadf0bc7566990c7d1ff7
https://github.com/MidnightBSD/src/commit/b2c92f42f54f142b426aadf0bc7566990c7d1ff7
Author: Damir Bikmuhametov <boco at ufanet.ru>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/netpfil/pf/pf_lb.c
Log Message:
-----------
pf: fix ICMP ECHO handling of ID conflicts
After applying FreeBSD-SA-24:05.pf, a problem with ICMP ECHO passing
through PF NAT was raised: two or more Windows workstations cannot ping
the same destination address at the same time. More precisely, only one
workstation pings normally, while the pings of the others are rejected
by the packet filter.
The thing is that Windows always uses the same ICMP ID (1). Therefore,
the state is created only for the workstation that started pinging
earlier.
In the pf_get_sport() function, we compare *nport with the ICMP_ECHO constant,
while icmptype (virtual_type actually) is passed in the pd->ndport parameter.
MFC after: 2 weeks
Reviewed by: kp
(cherry picked from commit e7abf8829d8d496a8753946f67fb2016851b4f7c)
Commit: 7c56107af8317771926c27ef3d128e4fd29b01ca
https://github.com/MidnightBSD/src/commit/7c56107af8317771926c27ef3d128e4fd29b01ca
Author: Eugene Grosbein <eugen at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M libexec/rc/network.subr
M libexec/rc/pccard_ether
Log Message:
-----------
libexec/rc: MFC: improve performance of pccard_ether script
Replace "ifconfig -ul" with "ifconfig -n" because netlink-enabled
/sbin/ifconfig utility has sub-optimal performance for listing.
Combined with the commit b1b17432aa1be670564161232d110461a5dde4ce,
these changes mostly eliminate performance regression of the command
"service devd start" for a system having hundreds of network interfaces
created before devd starts, after FreeBSD 14+ switched
/sbin/ifconfig to netlink(4)
PR: 287872
(cherry picked from commit 6d3bc576abbd84f736d917f5bfec4e3fe7e6c125)
(cherry picked from commit 24e8ed535ff673b9ea751c3d3b2a68ef0a29b0e2)
Commit: 5e69d8ea9fe047f5f46be3ed35556bd1017736b0
https://github.com/MidnightBSD/src/commit/5e69d8ea9fe047f5f46be3ed35556bd1017736b0
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M libexec/rc/rc.subr
Log Message:
-----------
rc.subr: Fix a typo in check_jail()'s description
MFC after: 3 days
Event: Berlin Hackathon 202507
(cherry picked from commit 5d5258653ba4b37c38e48443f265ee4dcedf9a50)
Commit: 18887d9d7e2ecf97c685f865a9178a47c2b2cdc9
https://github.com/MidnightBSD/src/commit/18887d9d7e2ecf97c685f865a9178a47c2b2cdc9
Author: Koichiro Iwao <meta at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sbin/ifconfig/ifconfig.8
Log Message:
-----------
ifconfig.8: remove accept_rev_ethip_ver and send_rev_ethip_ver
It is removed long ago [1] and unavailable on FreeBSD 11 and later,
but the corresponding entries in the man page were not removed
accordingly.
[1] https://cgit.freebsd.org/src/commit/?id=b1c250ff3ff6af36e95f5cf910973133c3445704
MFH after: 3 days
Reviewed by: mhorne
Approved by: mhorne
Differential Revision: https://reviews.freebsd.org/D51261
(cherry picked from commit cca6a72d7f7131685a082c123aff17208aa1693f)
Commit: d821b37e761570548d2addb09f845181066f57e7
https://github.com/MidnightBSD/src/commit/d821b37e761570548d2addb09f845181066f57e7
Author: Lucas Holt <luke at foolishgames.com>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/sys/param.h
Log Message:
-----------
bump for recent changes.
Commit: 38761f1965f5ae0746391f2cdf64a16006c32ef9
https://github.com/MidnightBSD/src/commit/38761f1965f5ae0746391f2cdf64a16006c32ef9
Author: Lexi Winter <ivy at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/netlink/netlink_message_parser.h
Log Message:
-----------
nlmsg_report_err_msg: add __printflike annotation
Reviewed by: kevans, kp
Approved by: kevans (mentor)
Differential Revision: https://reviews.freebsd.org/D51234
(cherry picked from commit db55cc8110ceea084c6f52a1ecfd6ab87e0aac2b)
Commit: 290cfee9347d23f10ce825676b1fdae4d0b82ad3
https://github.com/MidnightBSD/src/commit/290cfee9347d23f10ce825676b1fdae4d0b82ad3
Author: Dirk Engling <erdgeist at erdgeist.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M usr.sbin/bluetooth/bluetooth-config/bluetooth-config.sh
Log Message:
-----------
bluetooth-config: Fix command line parsing
This addresses the problems encountered when parsing options in bluetooth-config.
- the optional parameters were not properly shifted after consumption
- the command line parameter count was checked before getopts and not after
Reported by: sjg
Approved by: kp
MFC after: 7 days
Event: Berlin Hackathon 202507
Differential Revision: <https://reviews.freebsd.org/D51281>
(cherry picked from commit 5031da20599bb1163f0e8d1c4b415ab3bbebce00)
Commit: 00e3a0f0a306b17ef3aeec2e9bc8af59d0525919
https://github.com/MidnightBSD/src/commit/00e3a0f0a306b17ef3aeec2e9bc8af59d0525919
Author: Zhenlei Huang <zlei at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/dev/qlnx/qlnxe/qlnx_os.c
Log Message:
-----------
qlnxe: Fix error handling of SIOCGI2C ioctl
The error -1 is actually ERESTART in the context of syscall. It is for
kernel mode only and will not be passed to user mode. When the kernel
sees this error it will restart the syscall.
When the the SFP module data is not available, e.g. the SFP module is
not present, the ioctl handler returns ERESTART and kernel will retry
infinitely, hence the userland `ifconfig -v ql0` will hang forever until
get interrupted. That is apparently wrong.
Fix that by returning error ENODEV to indicate the SFP module data is
not available.
As for the case that ecore_ptt_acquire() fails, it appears to be quite
safe to restart, so keep returning ERESTART.
Reported by: Steve Wheeler
See also: https://redmine.pfsense.org/issues/16248
Reviewed by: kbowling
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D51351
(cherry picked from commit 12fea464070a9061fda874038614ed55011ad59d)
(cherry picked from commit f40f6374f3d2cfc1a99781acd5c3252e1edfe612)
Commit: 9a5bb43068ccf7230657a5e2878061494f349f3d
https://github.com/MidnightBSD/src/commit/9a5bb43068ccf7230657a5e2878061494f349f3d
Author: Dimitry Andric <dim at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M contrib/llvm-project/clang/include/clang/Sema/Sema.h
M contrib/llvm-project/clang/lib/Sema/SemaTemplateInstantiate.cpp
M contrib/llvm-project/clang/lib/Sema/SemaTemplateInstantiateDecl.cpp
Log Message:
-----------
Merge commit 8ac140f39084 from llvm git (by Younan Zhang):
[Clang][NFCI] Cleanup the fix for default function argument substitution (#104911)
(This is one step towards tweaking `getTemplateInstantiationArgs()` as
discussed in https://github.com/llvm/llvm-project/pull/102922)
We don't always substitute into default arguments while transforming a
function parameter. In that case, we would preserve the uninstantiated
expression until after, e.g. building up a CXXDefaultArgExpr and
instantiate the expression there.
For member function instantiation, this algorithm used to cause a
problem in that the default argument of an out-of-line member function
specialization couldn't get properly instantiated. This is because, in
`getTemplateInstantiationArgs()`, we would give up visiting a function's
declaration context if the function is a specialization of a member
template. For example,
```cpp
template <class T>
struct S {
template <class U>
void f(T = sizeof(T));
};
template <> template <class U>
void S<int>::f(int) {}
```
The default argument `sizeof(U)` that lexically appears inside the
declaration would be copied to the function declaration in the class
template specialization `S<int>`, as well as to the function's
out-of-line definition. We use template arguments collected from the
out-of-line function definition when substituting into the default
arguments. We would therefore give up the traversal after the function,
resulting in a single-level template argument of the `f` itself. However
the default argument here could still reference the template parameters
of the primary template, hence the error.
In fact, this is similar to constraint checking in some respects: we
actually want the "whole" template arguments relative to the primary
template, not those relative to the function definition. So this patch
adds another flag to indicate `getTemplateInstantiationArgs()` for that.
This patch also consolidates the tests for default arguments and removes
some unnecessary tests.
This fixes a crash or assertion failure while building tests for the
devel/hpx port.
PR: 288352
MFC after: 3 days
(cherry picked from commit ffc5ee0f57d56459df93f4107b9835ae78a546b5)
Commit: 89aaa0d2a63578975e1f61cda54655289c490648
https://github.com/MidnightBSD/src/commit/89aaa0d2a63578975e1f61cda54655289c490648
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M contrib/kyua/utils/fs/operations.cpp
M contrib/kyua/utils/fs/operations_test.cpp
Log Message:
-----------
kyua: Try harder to delete directories.
When recursing into a directory to delete it, start by chmod'ing it to
0700. This fixes an issue where kyua is able to run, but not debug, a
test case that creates unwriteable directories, because when debugging
it tries (and fails) to delete the directory after the test completes.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: igoro
Differential Revision: https://reviews.freebsd.org/D51229
(cherry picked from commit 9bf14f2a475e221c48488984dc5a02a4608bb877)
Commit: fa5f4176aef503acdca4a30a196238886d2bcd0f
https://github.com/MidnightBSD/src/commit/fa5f4176aef503acdca4a30a196238886d2bcd0f
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/fs/udf/ecma167-udf.h
M sys/fs/udf/udf_vfsops.c
M sys/fs/udf/udf_vnops.c
Log Message:
-----------
udf: Improve input validation.
The existing code frequently assigns unsigned 64-bit values to variables
that are signed and / or shorter without checking for overflow. Try to
deal with these cases.
While here, fix two structs that used single-element arrays in place of
flexible array members.
PR: 287896
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51339
(cherry picked from commit 55f80afa17e8926f69660f19631194bcf7fa66f4)
Commit: 11977fd8fd3853b17d907c03981e75283ec277cd
https://github.com/MidnightBSD/src/commit/11977fd8fd3853b17d907c03981e75283ec277cd
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M contrib/tzcode/localtime.c
Log Message:
-----------
tzcode: Fix time zone change detection.
Prior to the 2022g import, tzloadbody() returned -1 on error. Now it
returns an errno code. When I updated the time zone change detection
logic to match, I improperly returned errno in all cases, which means
that if the time zone file has not changed since we last loaded it,
tzloadbody() returns a random errno value instead of 0.
Fixes: bc42155199b5
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51405
(cherry picked from commit d63ffdd1ef6368407b35d415237b95cc739d8073)
tzcode: Add an explicit "the timezone file has changed" case
This is required for the WITHOUT_DETECT_TZ_CHANGES case, since there the
value being tested is a numeric literal.
Fixes: d63ffdd1ef63 ("tzcode: Fix time zone change detection.")
(cherry picked from commit 0bf113e9041fe20e8c671fe6b2cca8612dc77b77)
Commit: 3537175fe931ea3c38345cabb286aaa3414fc405
https://github.com/MidnightBSD/src/commit/3537175fe931ea3c38345cabb286aaa3414fc405
Author: Eric Joyner <erj at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/conf/files.amd64
M sys/conf/files.arm64
M sys/conf/files.powerpc
M sys/modules/ice_ddp/Makefile
Log Message:
-----------
ice_ddp: Update to 1.3.41.0
Primarily adds support for E830 devices, unlocking all of their
functionality.
As well, update the README and remove the non-FreeBSD sections
from it.
Signed-off-by: Eric Joyner <erj at FreeBSD.org>
Sponsored by: Intel Corporation
(cherry picked from commit f68513e7a446b4b0598b7f3d1b3e13f592b85d92)
Commit: f6d018aa5404b1309a71afcb10747960f34915a4
https://github.com/MidnightBSD/src/commit/f6d018aa5404b1309a71afcb10747960f34915a4
Author: Eugene Grosbein <eugen at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sbin/devd/hyperv.conf
Log Message:
-----------
devd.conf(5): call hyperv_vfattach in a Hyper-V guest only
Limit calls to /usr/libexec/hyperv/hyperv_vfattach to Hyper-V guests.
PR: 287873
MFC after: 3 days
(cherry picked from commit d4a0e749cc66cd5d019d8fb8f43427109aef4c9f)
Commit: 4c0f97f6fd9a6c0487c10e6b427a764c49a69310
https://github.com/MidnightBSD/src/commit/4c0f97f6fd9a6c0487c10e6b427a764c49a69310
Author: Warner Losh <imp at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sbin/devd/devd.cc
Log Message:
-----------
devd: Add vm_guest variable
Fetch vm_guest on startup in case we're running under a hypervisor.
Co-authored-by: eugen@
PR: 287873
Sponsored by: Netflix
(cherry picked from commit bd4a4e46ceacd8dfc5a5469ec6edd8c92c53605a)
Commit: 6f1c37c1d4878863de873650ee1e95ce8f6a0b19
https://github.com/MidnightBSD/src/commit/6f1c37c1d4878863de873650ee1e95ce8f6a0b19
Author: Eugene Grosbein <eugen at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sbin/devd/devd.cc
Log Message:
-----------
devd(8): correct error logging
Fix a mistake in a log message that leaked from my preliminary patch.
PR: 287873
MFC after: 3 days
X-MFC-with: bd4a4e46ceacd8dfc5a5469ec6edd8c92c53605a
(cherry picked from commit 044febb24a26d92066b2849eb583f57e37acdbfd)
Commit: 89df6ef9db20dee16737549ef29d1631508bffc2
https://github.com/MidnightBSD/src/commit/89df6ef9db20dee16737549ef29d1631508bffc2
Author: Michael Proto <mike at jellydonut.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M libexec/rc/rc.d/pf
M share/man/man5/rc.conf.5
Log Message:
-----------
/etc/rc.d/pf: Fix for multi-line pf_fallback_rules
Setting multiple pf_fallback_rules in /etc/rc.conf as per the
documentation produces invalid pf syntax due to the lack of echo
quoting $pf_fallback_rules in /etc/rc.d/pf. Adding quotes around
the $pf_fallback_rules echo maintains newlines needed for valid
pfctl syntax. Provided patch resolves the issue
Also updating rc.conf(5) to reflect that multi-line pf_fallback_rules
should not include a trailing backslash (\) as line breaks are
needed when passing rules to pfctl via stdin.
PR: 288197
Reviewed by: kp
MFC after: 2 weeks
(cherry picked from commit 9e8c1f9576e75fcd34007c6e8a4a6da0b1b2f1e2)
Commit: 0554cdaf029842d74d5ab68c564c60367743f39e
https://github.com/MidnightBSD/src/commit/0554cdaf029842d74d5ab68c564c60367743f39e
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M cddl/contrib/opensolaris/cmd/dtrace/dtrace.1
Log Message:
-----------
dtrace.1: Mention providers in SEE ALSO
Reviewed by: bnovkov, christos, markj
Approved by: bnovkov (mentor), christos (mentor), markj (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D50852
(cherry picked from commit 177471148a6111537e84912fb9a033b6ac5ecb17)
Commit: cd7086d3f63c4c3c37f0c13648759cb74b5b3686
https://github.com/MidnightBSD/src/commit/cd7086d3f63c4c3c37f0c13648759cb74b5b3686
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M libexec/rc/rc
M libexec/rc/rc.d/hostname
M libexec/rc/rc.d/routing
M libexec/rc/rc.d/zfs
M libexec/rc/rc.d/zfsbe
M libexec/rc/rc.shutdown
M libexec/rc/rc.subr
Log Message:
-----------
rc: Use check_jail to check values of security.jail MIBs
PR: 282404
Reviewed by: markj, netchild
Approved by: markj (mentor)
MFC after: 2 weeks
Event: Berlin Hackathon 202507
Differential Revision: https://reviews.freebsd.org/D47329
(cherry picked from commit 46f18ecf8d3cdda1cd433841c44a4c1268ab9721)
Commit: dbd8685d244c76b020c67c73f111a5abecedacb0
https://github.com/MidnightBSD/src/commit/dbd8685d244c76b020c67c73f111a5abecedacb0
Author: Lexi Winter <ivy at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M share/man/man8/crash.8
Log Message:
-----------
crash.8: update a little
Replace "cannot mount root" (which is no longer a panic) with a brief
description of the mountroot> prompt, and recommend using "system
install media" rather than the fixit floppy.
Remove "timeout table full" entirely since this panic no longer exists.
MFC after: 3 days
Reviewed by: ziaee
Differential Revision: https://reviews.freebsd.org/D51512
(cherry picked from commit c9868af774ec24bcf6914fc971378e9723eb44ab)
Commit: fd6aeb823b2d83bdd07dc0abe0452aacabddb091
https://github.com/MidnightBSD/src/commit/fd6aeb823b2d83bdd07dc0abe0452aacabddb091
Author: Zhenlei Huang <zlei at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/arm64/broadcom/genet/if_genet.c
Log Message:
-----------
if_genet: Consistently use the boolean form
The variable eaddr_found is declared as bool. This change improves
readability a little.
No functional change intended.
MFC after: 3 days
(cherry picked from commit 2fc051d090933203e1af6a8452cdd87a4c76ad5b)
(cherry picked from commit 97d5f16c6966e2ae261ddabe1f16a9675dedf43a)
Commit: 11cbd960449baa2201a38dfff9662c618fa3a659
https://github.com/MidnightBSD/src/commit/11cbd960449baa2201a38dfff9662c618fa3a659
Author: Zhenlei Huang <zlei at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/arm64/broadcom/genet/if_genet.c
Log Message:
-----------
if_genet: Plug memory leaks
The rx_buf_tag should be checked when destroying rx dma mappings.
PR: 288309
Reviewed by: zlei
Submitted by: Mike Belanger <mibelanger at qnx.com>
MFC after: 3 days
(cherry picked from commit f46e95ae3addc9f7b975c187f71125825a38ffb1)
(cherry picked from commit 337c3e9859e7b5d971e84bf546a51c2cf9a9e44f)
Commit: 0f0f3eee1a537289dab5cf100135097bd177e7a9
https://github.com/MidnightBSD/src/commit/0f0f3eee1a537289dab5cf100135097bd177e7a9
Author: Romain Tartière <romain at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/vm/vm_page.c
Log Message:
-----------
vm_page: Fix loading bad memory addresses from file
When loading bad memory addresses from a file, we are passed an end
pointer that points on the first byte after the buffer. We want the
buffer to be null-terminated (by changing the last byte to \0 if it is
reasonable to do so), so adjust the end pointer to be on that byte.
Approved by: kib, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D51433
(cherry picked from commit 202f8bde836dc86627be2b5b98174d9a0fb2eaba)
Commit: f6a2ea4e84adaa5e9d930436612c8a08d3595fb4
https://github.com/MidnightBSD/src/commit/f6a2ea4e84adaa5e9d930436612c8a08d3595fb4
Author: Dmitry Morozovsky <marck at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M sys/netpfil/ipfw/ip_fw2.c
Log Message:
-----------
extend description of net.inet.ip.fw.one_pass
Description of net.inet.ip.fw.one_pass tunable refers only to dummynet(4),
while in reality is applicable on any divert-like packet action like
in-kernel nat, netgraph, reass, or similar.
Reviewed by: ae
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51436
Commit: 6194bc8dafed95203dd37d666bf03794728a94c1
https://github.com/MidnightBSD/src/commit/6194bc8dafed95203dd37d666bf03794728a94c1
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2025-12-16 (Tue, 16 Dec 2025)
Changed paths:
M libexec/rc/rc.d/mountd
Log Message:
-----------
rc.d: Fix mountd service script.
This script references variables beloning to the nfsd and zfs services,
therefore it needs to load their configurations.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D51473
(cherry picked from commit aa183bc7f96fdd51c4a6ead5586a1cb1ecec6bb2)
Compare: https://github.com/MidnightBSD/src/compare/6f9dc9700d47...6194bc8dafed
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list