Merge branch 'freebsd/current/main' into hardened/current/master

lib/libc/gen/sysctl.3

@@ -325,6 +325,7 @@ information.
 .Bl -column "KERNXMAXFILESPERPROCXXX" "struct clockrateXXX" -offset indent
 .It Sy Second Level Name Ta Sy Type Ta Sy Changeable
 .It Dv KERN_ARGMAX Ta integer Ta no
+.It Dv KERN_ARND Ta integer Ta no
 .It Dv KERN_BOOTFILE Ta string Ta yes
 .It Dv KERN_BOOTTIME Ta struct timeval Ta no
 .It Dv KERN_CLOCKRATE Ta struct clockinfo Ta no
@@ -332,9 +333,13 @@ information.
 .It Dv KERN_HOSTID Ta integer Ta yes
 .It Dv KERN_HOSTUUID Ta string Ta yes
 .It Dv KERN_HOSTNAME Ta string Ta yes
+.It Dv KERN_IOV_MAX Ta integer Ta yes
 .It Dv KERN_JOB_CONTROL Ta integer Ta no
+.It Dv KERN_LOCKF Ta struct kinfo_lockf Ta no
+.It Dv KERN_LOGSIGEXIT Ta integer Ta yes
 .It Dv KERN_MAXFILES Ta integer Ta yes
 .It Dv KERN_MAXFILESPERPROC Ta integer Ta yes
+.It Dv KERN_MAXPHYS Ta integer Ta no
 .It Dv KERN_MAXPROC Ta integer Ta no
 .It Dv KERN_MAXPROCPERUID Ta integer Ta yes
 .It Dv KERN_MAXVNODES Ta integer Ta yes
@@ -346,16 +351,28 @@ information.
 .It Dv KERN_OSTYPE Ta string Ta no
 .It Dv KERN_POSIX1 Ta integer Ta no
 .It Dv KERN_PROC Ta node Ta not applicable
-.It Dv KERN_QUANTUM Ta integer Ta yes
+.It Dv KERN_PS_STRINGS Ta integer Ta no
 .It Dv KERN_SAVED_IDS Ta integer Ta no
 .It Dv KERN_SECURELVL Ta integer Ta raise only
 .It Dv KERN_UPDATEINTERVAL Ta integer Ta no
+.It Dv KERN_USRSTACK Ta integer Ta no
 .It Dv KERN_VERSION Ta string Ta no
 .El
 .Bl -tag -width 6n
 .It Li KERN_ARGMAX
 The maximum bytes of argument to
 .Xr execve 2 .
+.It Li KERN_ARND
+.Xr arc4rand 9
+Fills the buffer with random bytes from in-kernel random data generator.
+This is an alternative interface for
+.Xr read 2
+of
+.Xr random 4
+device, which does not depend on accessibility and correct mounting options
+of the
+.Xr devfs 4
+node.
 .It Li KERN_BOOTFILE
 The full pathname of the file from which the kernel was loaded.
 .It Li KERN_BOOTTIME
@@ -380,8 +397,18 @@ Get or set the host ID.
 Get or set the host's universally unique identifier (UUID).
 .It Li KERN_HOSTNAME
 Get or set the hostname.
+.It Li KERN_IOV_MAX
+The maximum accepted number of elements in an input-output vector (iovec),
+see
+.Xr readv 2
+and
+.Xr writev 2 .
 .It Li KERN_JOB_CONTROL
 Return 1 if job control is available on this system, otherwise 0.
+.It Li KERN_LOCKF
+Returns the list of the file advisory locks currently known to kernel.
+.It Li KERN_LOGSIGEXIT
+Controls logging of process exit due to untrapped signals.
 .It Li KERN_MAXFILES
 The maximum number of files that may be open in the system.
 .It Li KERN_MAXFILESPERPROC
@@ -390,6 +417,10 @@ This limit only applies to processes with an effective uid of nonzero
 at the time of the open request.
 Files that have already been opened are not affected if the limit
 or the effective uid is changed.
+.It Li KERN_MAXPHYS
+Specifies the maximum block I/O size.
+Can be changed by the tunable
+.Ev kern.maxphys .
 .It Li KERN_MAXPROC
 The maximum number of concurrent processes the system will allow.
 .It Li KERN_MAXPROCPERUID
@@ -446,41 +477,126 @@ whose size depends on the current number of such objects in the system.
 .It Dv KERN_PROC_ALL Ta None
 .It Dv KERN_PROC_PID Ta A process ID
 .It Dv KERN_PROC_PGRP Ta A process group
+.It Dv KERN_PROC_SESSION Ta A session
 .It Dv KERN_PROC_TTY Ta A tty device
-.It Dv KERN_PROC_UID Ta A user ID
+.It Dv KERN_PROC_UID Ta An effective user ID
 .It Dv KERN_PROC_RUID Ta A real user ID
+.It Dv KERN_PROC_GID Ta An effective group ID
+.It Dv KERN_PROC_RGID Ta A real group ID
 .El
 .Pp
-If the third level name is
-.Dv KERN_PROC_ARGS
-then the command line argument
+For the following names, the miscellaneous information about the target
+process, which is specified by the fourth level of the oid name,
+is returned.
+A process ID of
+.Li \-1
+specifies the current process.
+.Bl -column "Third Level NameXXXXXX" "TypeXXXXXX" -offset indent
+.It Sy Third Level Name Ta Sy Fourth Level
+.It Dv KERN_PROC_ARGS Ta "Set of strings"
+.It Dv KERN_PROC_PATHNAME Ta "String"
+.It Dv KERN_PROC_KSTACK Ta "struct kinfo_stack []"
+.It Dv KERN_PROC_VMMAP Ta "struct kinfo_vmentry []"
+.It Dv KERN_PROC_FILEDESC Ta "struct kinfo_file []"
+.It Dv KERN_PROC_GROUPS Ta "gid_t []"
+.It Dv KERN_PROC_ENV Ta "Set of strings"
+.It Dv KERN_PROC_AUXV Ta "Elf_Auxinfo []"
+.It Dv KERN_PROC_RLIMIT Ta "Integer"
+.It Dv KERN_PROC_RLIMIT_USAGE Ta "rlim_t []"
+.It Dv KERN_PROC_PS_STRINGS Ta "Integer"
+.It Dv KERN_PROC_UMASK Ta "Integer/short"
+.It Dv KERN_PROC_OSREL Ta "Integer"
+.It Dv KERN_PROC_SIGTRAMP Ta "Integer"
+.It Dv KERN_PROC_CWD Ta "String"
+.It Dv KERN_PROC_NFDS Ta "Integer"
+.It Dv KERN_PROC_SIGFASTBLK Ta "Integer"
+.It Dv KERN_PROC_VM_LAYOUT Ta "struct kinfo_vm_layout"
+.El
+.Pp
+.Bl -tag -compact
+.It Dv KERN_PROC_ARGS
+The command line argument
 array is returned in a flattened form, i.e., zero-terminated arguments
 follow each other.
 The total size of array is returned.
 It is also possible for a process to set its own process title this way.
-If the third level name is
-.Dv KERN_PROC_PATHNAME ,
-the path of the
-process' text file is stored.
-For
-.Dv KERN_PROC_PATHNAME ,
-a process ID of
+.It Dv KERN_PROC_PATHNAME
+The path of the process' text file is returned.
+.It Dv KERN_PROC_KSTACK
+The in-kernel call stacks for the threads of the specified process.
+.It Dv KERN_PROC_VMMAP
+The description of the map entries for the process.
+.It Dv KERN_PROC_FILEDESC
+The file descriptors for files opened in the specified process.
+.It Dv KERN_PROC_GROUPS
+Groups associated with the process.
+.It Dv KERN_PROC_ENV
+The set of strings representing the environment of the specified process.
+.Pp
+Note that from the kernel point of view, environment exists only at the
+time of
+.Xr execve 2
+system call.
+This node method tries to reconstruct the environment from the known
+breadcrumbs left in the process address space, but it is not guaranteed
+to succeed or to represent the current value as maintained by the program.
+.It Dv KERN_PROC_AUXV
+The set of ELF auxv entries.
+See the note above about environment, which is also applicable to auxv.
+.It Dv KERN_PROC_RLIMIT
+Additinal OID name element must be supplied, specifiing the resource name
+as in
+.Xr getrlimit 2 .
+The call returns the given resource limit for the process.
+.It Dv KERN_PROC_RLIMIT_USAGE
+Like
+.Dv KERN_PROC_RLIMIT ,
+but instead of the limit, returns the accounted resource usage.
+For resources which do not have a meaningful current value,
 .Li \-1
-implies the current process.
-.Bl -column "Third Level NameXXXXXX" "Fourth LevelXXXXXX" -offset indent
-.It Sy Third Level Name Ta Sy Fourth Level
-.It Dv KERN_PROC_ARGS Ta "A process ID"
-.It Dv KERN_PROC_PATHNAME Ta "A process ID"
+is returned.
+.It Dv KERN_PROC_PS_STRINGS
+Returns the location of the
+.Vt ps_strings
+structure at the time of the last call to
+.Xr execve 2
+in the specified process.
+.It Dv KERN_PROC_UMASK
+The current umask value, see
+.Xr umask 2 .
+.It Dv KERN_PROC_OSREL
+The value of osrel for the process, that is the osrel the currently executed
+image was compiled for.
+Read from the note of the elf executable at
+.Xr execve 2
+time.
+Might be modified by the process.
+.It Dv KERN_PROC_SIGTRAMP
+Address of the signal trampoline in the process address space,
+where, simplifying, the kernel passes control for signal delivery.
+.It Dv KERN_PROC_CWD
+Returns the current working directory for the process.
+.It Dv KERN_PROC_NFDS
+Returns the total number of opened file descriptors for the process.
+.It Dv KERN_PROC_SIGFASTBLK
+Returns the address of the
+.Xr sigfastblock 2
+location, if active.
+.It Dv KERN_PROC_VM_LAYOUT
+Fills a structure describing process virtual address space layout.
 .El
-.It Li KERN_QUANTUM
-The maximum period of time, in microseconds, for which a process is allowed
-to run without being preempted if other processes are in the run queue.
+.It Li KERN_PS_STRINGS
+Reports the location of the process
+.Vt ps_strings
+structure after exec, for the ABI of the querying process.
 .It Li KERN_SAVED_IDS
 Returns 1 if saved set-group and saved set-user ID is available.
 .It Li KERN_SECURELVL
 The system security level.
 This level may be raised by processes with appropriate privilege.
 It may not be lowered.
+.It Li KERN_USRSTACK
+Reports the top of the main thread user stack for the current process.
 .It Li KERN_VERSION
 The system version string.
 .El

lib/libsys/Makefile.sys

@@ -218,6 +218,7 @@ MAN+=	abort2.2 \
 	getpriority.2 \
 	getrandom.2 \
 	getrlimit.2 \
+	getrlimitusage.2 \
 	getrusage.2 \
 	getsid.2 \
 	getsockname.2 \

lib/libsys/getrlimitusage.2

@@ -0,0 +1,100 @@
+.\" Copyright (c) 2024 The FreeBSD Foundation, Inc.
+.\"
+.\" This documentation was written by
+.\" Konstantin Belousov <kib@FreeBSD.org> under sponsorship
+.\" from the FreeBSD Foundation.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd September 27, 2024
+.Dt GETRLIMITUSAGE 2
+.Os
+.Sh NAME
+.Nm getrlimitusage
+.Nd Query usage of the current process' limited resources
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In sys/resource.h
+.Ft int
+.Fn getrlimitusage "unsigned which" "int flags" "rlim_t *res"
+.Sh DESCRIPTION
+The
+.Nm
+system call allows the process to query current consumption of the resources
+limited by the
+.Xr setrlimit 2
+call.
+.Pp
+The
+.Fa which
+argument specifies the resource, same as for
+.Xr getrlimit 2
+and
+.Xr setrlimit 2
+calls, see their man page for the list of enforced resource types.
+.Pp
+The
+.Fa flags
+argument modifies the behavior of the call in the following ways:
+.Bl -tag -width GETRLIMITUSAGE_XXXXXX
+.It Va GETRLIMITUSAGE_EUID
+Query the resource usage for user identified by effective UID of the process,
+instead of the real UID (which is default for accounting).
+.El
+.Sh RETURN VALUES
+.Rv -std
+.Sh ERRORS
+The
+.Fn getrlimitusage
+system call will fail if:
+.Bl -tag -width Er
+.It Bq Er EFAULT
+The address specified for
+.Fa res
+is invalid.
+.It Bq Er EINVAL
+The resource specified to
+.Fn getrlimitusage
+in the
+.Fa which
+argument is unknown.
+.It Bq Er ENXIO
+The resource specified to
+.Fn getrlimitusage
+in the
+.Fa which
+argument is not accounted, but only enforced in specific situations.
+Examples of such resources are
+.Va RLIMIT_FSIZE
+and
+.Va RLIMIT_CORE .
+.El
+.Sh SEE ALSO
+.Xr procstat 1 ,
+.Xr getrlimit 2 ,
+.Xr setrlimit 2 .
+.Sh HISTORY
+The
+.Fn getrlimitusage
+system call appeared in
+.Bx 15.0 .

sys/kern/kern_proc.c

@@ -42,6 +42,7 @@
 #include <sys/eventhandler.h>
 #include <sys/exec.h>
 #include <sys/fcntl.h>
+#include <sys/ipc.h>
 #include <sys/jail.h>
 #include <sys/kernel.h>
 #include <sys/limits.h>
@@ -60,6 +61,7 @@
 #include <sys/sbuf.h>
 #include <sys/sysent.h>
 #include <sys/sched.h>
+#include <sys/shm.h>
 #include <sys/smp.h>
 #include <sys/stack.h>
 #include <sys/stat.h>
@@ -2615,6 +2617,8 @@ kern_proc_vmmap_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, int flags)
 	vm_offset_t addr;
 	unsigned int last_timestamp;
 	int error;
+	key_t key;
+	unsigned short seq;
 	bool guard, super;
 
 	PROC_LOCK_ASSERT(p, MA_OWNED);
@@ -2705,6 +2709,12 @@ kern_proc_vmmap_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, int flags)
 			kve->kve_ref_count = obj->ref_count;
 			kve->kve_shadow_count = obj->shadow_count;
 			VM_OBJECT_RUNLOCK(obj);
+			if ((lobj->flags & OBJ_SYSVSHM) != 0) {
+				kve->kve_flags |= KVME_FLAG_SYSVSHM;
+				shmobjinfo(lobj, &key, &seq);
+				kve->kve_vn_fileid = key;
+				kve->kve_vn_fsid_freebsd11 = seq;
+			}
 			if (vp != NULL) {
 				vn_fullpath(vp, &fullpath, &freepath);
 				kve->kve_vn_type = vntype_to_kinfo(vp->v_type);

sys/kern/sysv_ipc.c

@@ -36,7 +36,6 @@
  * $NetBSD: sysv_ipc.c,v 1.9 1995/06/02 19:04:22 mycroft Exp $
  */
 
-#include <sys/cdefs.h>
 #include "opt_sysvipc.h"
 
 #include <sys/param.h>
@@ -51,6 +50,8 @@
 #ifndef SYSVSHM
 void (*shmfork_hook)(struct proc *, struct proc *) = NULL;
 void (*shmexit_hook)(struct vmspace *) = NULL;
+void (*shmobjinfo_hook)(struct vm_object *, key_t *key,
+    unsigned short *seq) = NULL;
 
 /* called from kern_fork.c */
 void
@@ -67,6 +68,15 @@ shmexit(struct vmspace *vm)
 	if (shmexit_hook != NULL)
 		shmexit_hook(vm);
 }
+
+void
+shmobjinfo(struct vm_object *obj, key_t *key, unsigned short *seq)
+{
+	*key = 0;	/* For non-present sysvshm.ko */
+	*seq = 0;
+	if (shmobjinfo_hook != NULL)
+		shmobjinfo_hook(obj, key, seq);
+}
 #endif
 
 /*

sys/kern/sysv_msg.c

@@ -55,7 +55,6 @@
  * SUCH DAMAGE.
  */
 
-#include <sys/cdefs.h>
 #include "opt_sysvipc.h"
 
 #include <sys/param.h>

sys/kern/sysv_sem.c

@@ -44,7 +44,6 @@
  * SUCH DAMAGE.
  */
 
-#include <sys/cdefs.h>
 #include "opt_sysvipc.h"
 
 #include <sys/param.h>

sys/kern/sysv_shm.c

@@ -68,7 +68,6 @@
  * SUCH DAMAGE.
  */
 
-#include <sys/cdefs.h>
 #include "opt_sysvipc.h"
 
 #include <sys/param.h>
@@ -134,6 +133,8 @@ static int shmunload(void);
 #ifndef SYSVSHM
 static void shmexit_myhook(struct vmspace *vm);
 static void shmfork_myhook(struct proc *p1, struct proc *p2);
+static void shmobjinfo_myhook(vm_object_t obj, key_t *key,
+    unsigned short *seq);
 #endif
 static int sysctl_shmsegs(SYSCTL_HANDLER_ARGS);
 static void shm_remove(struct shmid_kernel *, int);
@@ -743,6 +744,10 @@ shmget_allocate_segment(struct thread *td, key_t key, size_t size, int mode)
 		return (ENOMEM);
 	}
 
+	VM_OBJECT_WLOCK(shm_object);
+	vm_object_set_flag(shm_object, OBJ_SYSVSHM);
+	VM_OBJECT_WUNLOCK(shm_object);
+
 	shmseg->object = shm_object;
 	shmseg->u.shm_perm.cuid = shmseg->u.shm_perm.uid = cred->cr_uid;
 	shmseg->u.shm_perm.cgid = shmseg->u.shm_perm.gid = cred->cr_gid;
@@ -853,6 +858,29 @@ shmexit_myhook(struct vmspace *vm)
 	}
 }
 
+#ifdef SYSVSHM
+void
+shmobjinfo(vm_object_t obj, key_t *key, unsigned short *seq)
+#else
+static void
+shmobjinfo_myhook(vm_object_t obj, key_t *key, unsigned short *seq)
+#endif
+{
+	int i;
+
+	*key = 0;	/* For statically compiled-in sysv_shm.c */
+	*seq = 0;
+	SYSVSHM_LOCK();
+	for (i = 0; i < shmalloced; i++) {
+		if (shmsegs[i].object == obj) {
+			*key = shmsegs[i].u.shm_perm.key;
+			*seq = shmsegs[i].u.shm_perm.seq;
+			break;
+		}
+	}
+	SYSVSHM_UNLOCK();
+}
+
 static void
 shmrealloc(void)
 {
@@ -959,6 +987,7 @@ shminit(void)
 #ifndef SYSVSHM
 	shmexit_hook = &shmexit_myhook;
 	shmfork_hook = &shmfork_myhook;
+	shmobjinfo_hook = &shmobjinfo_myhook;
 #endif
 
 	/* Set current prisons according to their allow.sysvipc. */
@@ -1026,6 +1055,7 @@ shmunload(void)
 #ifndef SYSVSHM
 	shmexit_hook = NULL;
 	shmfork_hook = NULL;
+	shmobjinfo_hook = NULL;
 #endif
 	sx_destroy(&sysvshmsx);
 	return (0);

sys/net/dummymbuf.c

@@ -223,6 +223,7 @@ read_rule(const char **cur, struct rule *rule, bool *eof)
 	while (**cur == ' ')
 		(*cur)++;
 	rule->syntax_begin = *cur;
+	rule->syntax_len = strlen(rule->syntax_begin);
 
 	/* syntax_len */
 	char *delim = strchr(*cur, ';');

sys/sys/ipc.h

@@ -127,6 +127,7 @@ struct ipc_perm {
 struct thread;
 struct proc;
 struct vmspace;
+struct vm_object;
 
 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \
     defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7)
@@ -137,6 +138,8 @@ void	ipcperm_new2old(struct ipc_perm *, struct ipc_perm_old *);
 int	ipcperm(struct thread *, struct ipc_perm *, int);
 extern void (*shmfork_hook)(struct proc *, struct proc *);
 extern void (*shmexit_hook)(struct vmspace *);
+extern void (*shmobjinfo_hook)(struct vm_object *obj, key_t *key,
+    unsigned short *seq);
 
 #else /* ! _KERNEL */
 

sys/sys/shm.h

@@ -149,6 +149,7 @@ struct shm_info {
 #ifdef _KERNEL
 struct proc;
 struct vmspace;
+struct vm_object;
 
 extern struct shminfo	shminfo;
 
@@ -158,6 +159,7 @@ extern struct shminfo	shminfo;
 
 void	shmexit(struct vmspace *);
 void	shmfork(struct proc *, struct proc *);
+void	shmobjinfo(struct vm_object *obj, key_t *key, unsigned short *seq);
 int	kern_get_shmsegs(struct thread *td, struct shmid_kernel **res,
 	    size_t *sz);
 

sys/sys/user.h

@@ -514,6 +514,7 @@ struct kinfo_lockf {
 #define	KVME_FLAG_GROWS_UP	0x00000010
 #define	KVME_FLAG_GROWS_DOWN	0x00000020
 #define	KVME_FLAG_USER_WIRED	0x00000040
+#define	KVME_FLAG_SYSVSHM	0x00000080
 
 #if defined(__amd64__)
 #define	KINFO_OVMENTRY_SIZE	1168
@@ -576,6 +577,8 @@ struct kinfo_vmentry {
 #define	kve_vn_fsid	kve_type_spec._kve_vn_fsid
 #define	kve_obj		kve_type_spec._kve_obj
 
+#define	KVMO_FLAG_SYSVSHM	0x0001
+
 /*
  * The "vm.objects" sysctl provides a list of all VM objects in the system
  * via an array of these entries.
@@ -599,7 +602,8 @@ struct kinfo_vmobject {
 	uint64_t kvo_me;			/* Uniq handle for anon obj */
 	uint64_t _kvo_qspare[6];
 	uint32_t kvo_swapped;			/* Number of swapped pages */
-	uint32_t _kvo_ispare[7];
+	uint32_t kvo_flags;
+	uint32_t _kvo_ispare[6];
 	char	kvo_path[PATH_MAX];		/* Pathname, if any. */
 };
 #define	kvo_vn_fsid	kvo_type_spec._kvo_vn_fsid

sys/vm/vm_object.c

@@ -67,6 +67,7 @@
 #include <sys/systm.h>
 #include <sys/blockcount.h>
 #include <sys/cpuset.h>
+#include <sys/ipc.h>
 #include <sys/jail.h>
 #include <sys/limits.h>
 #include <sys/lock.h>
@@ -77,6 +78,7 @@
 #include <sys/pctrie.h>
 #include <sys/proc.h>
 #include <sys/refcount.h>
+#include <sys/shm.h>
 #include <sys/sx.h>
 #include <sys/sysctl.h>
 #include <sys/resourcevar.h>
@@ -2506,6 +2508,8 @@ vm_object_list_handler(struct sysctl_req *req, bool swap_only)
 	vm_page_t m;
 	u_long sp;
 	int count, error;
+	key_t key;
+	unsigned short seq;
 	bool want_path;
 
 	if (req->oldptr == NULL) {
@@ -2553,6 +2557,7 @@ vm_object_list_handler(struct sysctl_req *req, bool swap_only)
 		kvo->kvo_memattr = obj->memattr;
 		kvo->kvo_active = 0;
 		kvo->kvo_inactive = 0;
+		kvo->kvo_flags = 0;
 		if (!swap_only) {
 			TAILQ_FOREACH(m, &obj->memq, listq) {
 				/*
@@ -2590,6 +2595,12 @@ vm_object_list_handler(struct sysctl_req *req, bool swap_only)
 			kvo->kvo_swapped = sp > UINT32_MAX ? UINT32_MAX : sp;
 		}
 		VM_OBJECT_RUNLOCK(obj);
+		if ((obj->flags & OBJ_SYSVSHM) != 0) {
+			kvo->kvo_flags |= KVMO_FLAG_SYSVSHM;
+			shmobjinfo(obj, &key, &seq);
+			kvo->kvo_vn_fileid = key;
+			kvo->kvo_vn_fsid_freebsd11 = seq;
+		}
 		if (vp != NULL) {
 			vn_fullpath(vp, &fullpath, &freepath);
 			vn_lock(vp, LK_SHARED | LK_RETRY);

sys/vm/vm_object.h

@@ -182,23 +182,26 @@ struct vm_object {
 /*
  * Flags
  */
-#define	OBJ_FICTITIOUS	0x0001		/* (c) contains fictitious pages */
-#define	OBJ_UNMANAGED	0x0002		/* (c) contains unmanaged pages */
-#define	OBJ_POPULATE	0x0004		/* pager implements populate() */
-#define	OBJ_DEAD	0x0008		/* dead objects (during rundown) */
-#define	OBJ_ANON	0x0010		/* (c) contains anonymous memory */
-#define	OBJ_UMTXDEAD	0x0020		/* umtx pshared was terminated */
-#define	OBJ_SIZEVNLOCK	0x0040		/* lock vnode to check obj size */
-#define	OBJ_PG_DTOR	0x0080		/* dont reset object, leave that for dtor */
-#define	OBJ_SHADOWLIST	0x0100		/* Object is on the shadow list. */
-#define	OBJ_SWAP	0x0200		/* object swaps, type will be OBJT_SWAP
+#define	OBJ_FICTITIOUS	0x00000001	/* (c) contains fictitious pages */
+#define	OBJ_UNMANAGED	0x00000002	/* (c) contains unmanaged pages */
+#define	OBJ_POPULATE	0x00000004	/* pager implements populate() */
+#define	OBJ_DEAD	0x00000008	/* dead objects (during rundown) */
+#define	OBJ_ANON	0x00000010	/* (c) contains anonymous memory */
+#define	OBJ_UMTXDEAD	0x00000020	/* umtx pshared was terminated */
+#define	OBJ_SIZEVNLOCK	0x00000040	/* lock vnode to check obj size */
+#define	OBJ_PG_DTOR	0x00000080	/* do not reset object, leave that
+					   for dtor */
+#define	OBJ_SHADOWLIST	0x00000100	/* Object is on the shadow list. */
+#define	OBJ_SWAP	0x00000200	/* object swaps, type will be OBJT_SWAP
 					   or dynamically registered */
-#define	OBJ_SPLIT	0x0400		/* object is being split */
-#define	OBJ_COLLAPSING	0x0800		/* Parent of collapse. */
-#define	OBJ_COLORED	0x1000		/* pg_color is defined */
-#define	OBJ_ONEMAPPING	0x2000		/* One USE (a single, non-forked) mapping flag */
-#define	OBJ_PAGERPRIV1	0x4000		/* Pager private */
-#define	OBJ_PAGERPRIV2	0x8000		/* Pager private */
+#define	OBJ_SPLIT	0x00000400	/* object is being split */
+#define	OBJ_COLLAPSING	0x00000800	/* Parent of collapse. */
+#define	OBJ_COLORED	0x00001000	/* pg_color is defined */
+#define	OBJ_ONEMAPPING	0x00002000	/* One USE (a single, non-forked)
+					   mapping flag */
+#define	OBJ_PAGERPRIV1	0x00004000	/* Pager private */
+#define	OBJ_PAGERPRIV2	0x00008000	/* Pager private */
+#define	OBJ_SYSVSHM	0x00010000	/* SysV SHM */
 
 /*
  * Helpers to perform conversion between vm_object page indexes and offsets.

usr.bin/calendar/calendars/calendar.freebsd

@@ -210,6 +210,7 @@
 05/16	Johann Kois <jkois@FreeBSD.org> born in Wolfsberg, Austria, 1975
 05/16	Marcus Alves Grando <mnag@FreeBSD.org> born in Florianopolis, Santa Catarina, Brazil, 1979
 05/17	Thomas Abthorpe <tabthorpe@FreeBSD.org> born in Port Arthur, Ontario, Canada, 1968
+05/18	Zsolt Udvari <uzsolt@FreeBSD.org> born in Hodmezovasarhely, Hungary, 1981
 05/19	Philippe Charnier <charnier@FreeBSD.org> born in Fontainebleau, France, 1966
 05/19	Ian Dowse <iedowse@FreeBSD.org> born in Dublin, Ireland, 1975
 05/19	Sofian Brabez <sbz@FreeBSD.org> born in Toulouse, France, 1984

usr.bin/fetch/fetch.c

@@ -1059,7 +1059,7 @@ main(int argc, char *argv[])
 			setenv("SSL_CLIENT_KEY_FILE", optarg, 1);
 			break;
 		case OPTION_SSL_CRL_FILE:
-			setenv("SSL_CLIENT_CRL_FILE", optarg, 1);
+			setenv("SSL_CRL_FILE", optarg, 1);
 			break;
 		case OPTION_SSL_NO_SSL3:
 			setenv("SSL_NO_SSL3", "", 1);

usr.bin/genl/genl.1

@@ -24,7 +24,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd Oct 5, 2023
+.Dd Oct 5, 2024
 .Dt GENL 1
 .Os
 .Sh NAME
@@ -35,7 +35,8 @@
 .Pp
 .Nm Cm list
 .Pp
-.Nm Cm monitor Ao family Ac Ao multicast group Ac
+.Nm Cm monitor Ao family Ac
+.Op multicast group
 .Sh DESCRIPTION
 The
 .Nm
@@ -50,9 +51,9 @@ Lists all available generic netlink protocols, and presents its details:
 .It operations
 Id of the operation if any and associated capabilities
 .It multicast groups
-If of the available multicast group if any and it associated name
+Id of the available multicast group if any and it associated name
 .El
-.It Cm monitor Ao family Ac Ao multicast group Ac
+.It Cm monitor Ao family Ac Oo multicast group Oc
 Connect to the
 .Ar family
 protocol and subscribe to the
@@ -60,7 +61,11 @@ protocol and subscribe to the
 then print the received messages in a readable format if the protocol is known.
 So far only
 .Qq nlctrl
-is known.
+and
+.Qq nlsysevent
+are known. If no
+.Ar multicast group
+are provided then all the groups are subsribed to.
 .El
 .Sh SEE ALSO
 .Xr genetlink 4 ,

usr.bin/genl/genl.c

@@ -40,10 +40,12 @@
 #include <netlink/netlink_generic.h>
 #include <netlink/netlink_snl.h>
 #include <netlink/netlink_snl_generic.h>
+#include <netlink/netlink_sysevent.h>
 
 static int monitor_mcast(int argc, char **argv);
 static int list_families(int argc, char **argv);
 static void parser_nlctrl_notify(struct snl_state *ss, struct nlmsghdr *hdr);
+static void parser_nlsysevent(struct snl_state *ss, struct nlmsghdr *hdr);
 static void parser_fallback(struct snl_state *ss, struct nlmsghdr *hdr);
 
 static struct commands {
@@ -51,7 +53,7 @@ static struct commands {
 	const char *usage;
 	int (*cmd)(int argc, char **argv);
 } cmds[] = {
-	{ "monitor", "monitor <family> <multicast group>", monitor_mcast },
+	{ "monitor", "monitor <family> [multicast group]", monitor_mcast },
 	{ "list", "list", list_families },
 };
 
@@ -60,8 +62,25 @@ static struct mcast_parsers {
 	void (*parser)(struct snl_state *ss, struct nlmsghdr *hdr);
 } mcast_parsers [] = {
 	{ "nlctrl", parser_nlctrl_notify },
+	{ "nlsysevent", parser_nlsysevent },
 };
 
+struct nlevent {
+	const char *name;
+	const char *subsystem;
+	const char *type;
+	const char *data;
+};
+#define _OUT(_field) offsetof(struct nlevent, _field)
+static struct snl_attr_parser ap_nlevent_get[] = {
+	{ .type = NLSE_ATTR_SYSTEM, .off = _OUT(name), .cb = snl_attr_get_string },
+	{ .type = NLSE_ATTR_SUBSYSTEM, .off = _OUT(subsystem), .cb = snl_attr_get_string },
+	{ .type = NLSE_ATTR_TYPE, .off = _OUT(type), .cb = snl_attr_get_string },
+	{ .type = NLSE_ATTR_DATA, .off = _OUT(data), .cb = snl_attr_get_string },
+};
+#undef _OUT
+SNL_DECLARE_GENL_PARSER(nlevent_get_parser, ap_nlevent_get);
+
 struct genl_ctrl_op {
 	uint32_t id;
 	uint32_t flags;
@@ -183,6 +202,20 @@ parser_nlctrl_notify(struct snl_state *ss, struct nlmsghdr *hdr)
 		dump_family(&family);
 }
 
+void
+parser_nlsysevent(struct snl_state *ss, struct nlmsghdr *hdr)
+{
+	struct nlevent ne = {};
+	if (snl_parse_nlmsg(ss, hdr, &nlevent_get_parser, &ne)) {
+		printf("system=%s subsystem=%s type=%s", ne.name, ne.subsystem, ne.type);
+		if (ne.data) {
+			printf(" %s", ne.data);
+			if (ne.data[strlen(ne.data) -1] != '\n')
+				printf("\n");
+		}
+	}
+}
+
 void
 parser_fallback(struct snl_state *ss __unused, struct nlmsghdr *hdr __unused)
 {
@@ -197,6 +230,7 @@ monitor_mcast(int argc __unused, char **argv)
 	struct _getfamily_attrs attrs;
 	struct pollfd pfd;
 	bool found = false;
+	bool all = false;
 	void (*parser)(struct snl_state *ss, struct nlmsghdr *hdr);
 
 	parser = parser_fallback;
@@ -204,14 +238,17 @@ monitor_mcast(int argc __unused, char **argv)
 	if (!snl_init(&ss, NETLINK_GENERIC))
 		err(EXIT_FAILURE, "snl_init()");
 
-	if (argc != 2) {
+	if (argc < 1 || argc > 2) {
 		usage();
 		return (EXIT_FAILURE);
 	}
+
 	if (!snl_get_genl_family_info(&ss, argv[0], &attrs))
 		errx(EXIT_FAILURE, "Unknown family '%s'", argv[0]);
+	if (argc == 1)
+		all = true;
 	for (uint32_t i = 0; i < attrs.mcast_groups.num_groups; i++) {
-		if (strcmp(attrs.mcast_groups.groups[i]->mcast_grp_name,
+		if (all || strcmp(attrs.mcast_groups.groups[i]->mcast_grp_name,
 		    argv[1]) == 0) {
 			found = true;
 			if (setsockopt(ss.fd, SOL_NETLINK,
@@ -221,7 +258,8 @@ monitor_mcast(int argc __unused, char **argv)
 			    == -1)
 				err(EXIT_FAILURE, "Cannot subscribe to command "
 				    "notify");
-			break;
+			if (!all)
+				break;
 		}
 	}
 	if (!found)

usr.bin/procstat/procstat_vm.c

@@ -114,6 +114,8 @@ procstat_vm(struct procstat *procstat, struct kinfo_proc *kipp)
 		    KVME_FLAG_GROWS_DOWN ? "true" : "false");
 		xo_emit("{en:wired/%s}", kve->kve_flags &
 		    KVME_FLAG_USER_WIRED ? "true" : "false");
+		xo_emit("{en:sysvshm/%s}", kve->kve_flags &
+		    KVME_FLAG_SYSVSHM ? "true" : "false");
 		xo_close_container("kve_flags");
 		switch (kve->kve_type) {
 		case KVME_TYPE_NONE:
@@ -164,6 +166,10 @@ procstat_vm(struct procstat *procstat, struct kinfo_proc *kipp)
 		}
 		xo_emit("{d:kve_type/%-2s} ", str);
 		xo_emit("{e:kve_type/%s}", lstr);
+		if ((kve->kve_flags & KVME_FLAG_SYSVSHM) != 0)
+			xo_emit(" {:sysvipc:/sysvshm(%ju:%u)/%ju:%u}",
+			    (uintmax_t)kve->kve_vn_fileid,
+			    kve->kve_vn_fsid_freebsd11);
 		xo_emit("{:kve_path/%-s/%s}\n", kve->kve_path);
 		xo_close_instance("vm");
 	}

usr.bin/vmstat/vmstat.c

@@ -1539,6 +1539,9 @@ display_object(struct kinfo_vmobject *kvo)
 		break;
 	}
 	xo_emit("{:type/%-2s} ", str);
+	if ((kvo->kvo_flags & KVMO_FLAG_SYSVSHM) != 0)
+		xo_emit("{:sysvshm/sysvshm(%ju:%u)} ",
+		    (uintmax_t)kvo->kvo_vn_fileid, kvo->kvo_vn_fsid_freebsd11);
 	xo_emit("{:path/%-s}\n", kvo->kvo_path);
 	xo_close_instance("object");
 }