9 files changed, 223 insertions, 43 deletions

diff --git a/sbin/hastd/subr.c b/sbin/hastd/subr.c
index 2a26482b3727..284fb0d07647 100644
--- a/sbin/hastd/subr.c
+++ b/sbin/hastd/subr.c
@@ -207,10 +207,8 @@ drop_privs(const struct hast_resource *res)
 		}
 	}
 	PJDLOG_VERIFY(chdir("/") == 0);
-	gidset[0] = pw->pw_gid;
-	if (setgroups(1, gidset) == -1) {
-		pjdlog_errno(LOG_ERR, "Unable to set groups to gid %u",
-		    (unsigned int)pw->pw_gid);
+	if (setgroups(0, NULL) == -1) {
+		pjdlog_errno(LOG_ERR, "Unable to drop supplementary groups");
 		return (-1);
 	}
 	if (setgid(pw->pw_gid) == -1) {
@@ -287,8 +285,7 @@ drop_privs(const struct hast_resource *res)
 	PJDLOG_VERIFY(egid == pw->pw_gid);
 	PJDLOG_VERIFY(sgid == pw->pw_gid);
 	PJDLOG_VERIFY(getgroups(0, NULL) == 1);
-	PJDLOG_VERIFY(getgroups(1, gidset) == 1);
-	PJDLOG_VERIFY(gidset[0] == pw->pw_gid);
+	PJDLOG_VERIFY(getgroups(1, gidset) == 0);
 
 	pjdlog_debug(1,
 	    "Privileges successfully dropped using %s%s+setgid+setuid.",
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index b562f9e4c0c5..b580191383b3 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -28,7 +28,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd August 5, 2025
+.Dd August 10, 2025
 .Dt IFCONFIG 8
 .Os
 .Sh NAME
@@ -2718,30 +2718,17 @@ Set the maximum number of hosts allowed from an interface, packets with unknown
 source addresses are dropped until an existing host cache entry expires or is
 removed.
 Set to 0 to disable.
-.El
-.Ss Bridge VLAN Filtering Parameters
-The behaviour of these options is described in the
-.Dq VLAN SUPPORT
-section of
-.Xr bridge 4 .
-.Bl -tag -width indent
 .It Cm vlanfilter
 Enable VLAN filtering on the bridge.
+Incoming frames on member interfaces will be dropped unless the frame
+is explicitly permitted by the interface's
+.Cm ifuntagged
+or
+.Cm iftagged
+configuration.
 .It Cm -vlanfilter
 Disable VLAN filtering on the bridge.
 This is the default.
-.It Cm ifuntagged Ar interface Ar vlan-id
-Set the untagged VLAN identifier for an interface.
-.It Cm -ifuntagged Ar interface Ar vlan-id
-Clear the untagged VLAN identifier for an interface.
-.It Cm defuntagged Ar vlan-id
-Enable the
-.Cm untagged
-option by default on newly added members.
-.It Cm -defuntagged
-Do not enable the
-.Cm untagged
-option by default on newly added members.
 .It Cm iftagged Ar interface Ar vlan-list
 Set the interface's VLAN access list to the provided list of VLANs.
 The list should be a comma-separated list of one or more VLAN IDs
@@ -2753,24 +2740,61 @@ meaning the empty set,
 or the value
 .Dq all
 meaning all VLANs (1-4094).
+.Pp
+This option is only meaningful if the
+.Cm vlanfilter
+option is enabled for the bridge;
+otherwise, all VLANs will be permitted.
 .It Cm +iftagged Ar interface Ar vlan-list
 Add the provided list of VLAN IDs to the interface's VLAN access list.
 The list should be formatted as described for
 .Cm iftagged .
+.Pp
+This option is only meaningful if the
+.Cm vlanfilter
+option is enabled for the bridge;
+otherwise, all VLANs will be permitted.
 .It Cm -iftagged Ar interface Ar vlan-list
 Remove the provided list of VLAN IDs from the interface's VLAN access
 list.
 The list should be formatted as described for
 .Cm iftagged .
+.Pp
+This option is only meaningful if the
+.Cm vlanfilter
+option is enabled for the bridge;
+otherwise, all VLANs will be permitted.
+.It Cm ifuntagged Ar interface Ar vlan-id
+Set the untagged VLAN identifier for an interface.
+Frames received on this interface without an 802.1Q tag will be assigned
+to this VLAN instead of the default VLAN 0,
+and outgoing frames on this VLAN will have their 802.1Q tag removed.
+.It Cm -ifuntagged Ar interface Ar vlan-id
+Clear the untagged VLAN identifier for an interface.
+.It Cm defuntagged Ar vlan-id
+Enable the
+.Cm untagged
+option by default on newly added members.
+.It Cm -defuntagged
+Do not enable the
+.Cm untagged
+option by default on newly added members.
+This is the default.
 .It Cm qinq Ar interface
 Allow this interface to send 802.1ad
 .Dq Q-in-Q
 frames.
+This option is only meaningful if the
+.Cm vlanfilter
+option is enabled for the bridge;
+otherwise, Q-in-Q frames are always allowed.
 .It Cm -qinq Ar interface
 Do not allow this interface to send 802.1ad
 .Dq Q-in-Q
 frames.
-This is the default behavior.
+This is the default if the
+.Cm vlanfilter
+option is enabled.
 .It Cm defqinq
 Enable the
 .Cm qinq
@@ -2779,7 +2803,7 @@ option by default on newly added members.
 Do not enable the
 .Cm qinq
 option by default on newly added members.
-This is the default behavior.
+This is the default.
 .It Cm ifvlanproto Ar interface Ar proto
 Set the VLAN encapsulation protocol on
 .Ar interface
diff --git a/sbin/nvmecontrol/modules/Makefile b/sbin/nvmecontrol/modules/Makefile
index 70d1ba40a1e2..f3c3572acb34 100644
--- a/sbin/nvmecontrol/modules/Makefile
+++ b/sbin/nvmecontrol/modules/Makefile
@@ -1,3 +1,6 @@
-SUBDIR=	intel wdc samsung
+SUBDIR=	intel
+SUBDIR+=micron
+SUBDIR+=samsung
+SUBDIR+=wdc
 
 .include <bsd.subdir.mk>
diff --git a/sbin/nvmecontrol/modules/intel/intel.c b/sbin/nvmecontrol/modules/intel/intel.c
index 4229a48e4153..6ffe2c4c1563 100644
--- a/sbin/nvmecontrol/modules/intel/intel.c
+++ b/sbin/nvmecontrol/modules/intel/intel.c
@@ -195,6 +195,18 @@ print_intel_add_smart(const struct nvme_controller_data *cdata __unused, void *b
 	}
 }
 
+static void
+print_intel_drive_marketing_name(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused)
+{
+	const char *p = buf;
+
+	printf("Intel Drive Marketing Name Log\n");
+	printf("=======================\n");
+	printf("%.*s\n", 29, p);
+}
+
+#define INTEL_LOG_DRIVE_MARKETING_NAME	0xdd
+
 NVME_LOGPAGE(intel_temp,
     INTEL_LOG_TEMP_STATS,		"intel", "Temperature Stats",
     print_intel_temp_stats,		sizeof(struct intel_log_temp_stats));
@@ -207,3 +219,6 @@ NVME_LOGPAGE(intel_wlat,
 NVME_LOGPAGE(intel_smart,	/* Note: Samsung and Micron also use this */
     INTEL_LOG_ADD_SMART,		"intel", "Extra Health/SMART Data",
     print_intel_add_smart,		DEFAULT_SIZE);
+NVME_LOGPAGE(intel_dmn,
+    INTEL_LOG_DRIVE_MARKETING_NAME,	"intel", "Drive Marketing Name Log",
+    print_intel_drive_marketing_name,	DEFAULT_SIZE);
diff --git a/sbin/nvmecontrol/modules/micron/Makefile b/sbin/nvmecontrol/modules/micron/Makefile
new file mode 100644
index 000000000000..3cefd455f711
--- /dev/null
+++ b/sbin/nvmecontrol/modules/micron/Makefile
@@ -0,0 +1,6 @@
+# $FreeBSD$
+
+LIB=	micron
+SRCS=	micron.c
+
+.include <bsd.lib.mk>
diff --git a/sbin/nvmecontrol/modules/micron/micron.c b/sbin/nvmecontrol/modules/micron/micron.c
new file mode 100644
index 000000000000..2d4731e7da47
--- /dev/null
+++ b/sbin/nvmecontrol/modules/micron/micron.c
@@ -0,0 +1,129 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+ *
+ * Copyright (c) 2022 Wanpeng Qian <wanpengqian@gmail.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/ioccom.h>
+
+#include <ctype.h>
+#include <err.h>
+#include <fcntl.h>
+#include <stdbool.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/endian.h>
+
+#include "nvmecontrol.h"
+
+static void
+print_micron_unique_smart(const struct nvme_controller_data *cdata __unused, void *buf, uint32_t size __unused)
+{
+	uint8_t *walker = buf;
+	uint8_t *end = walker + 150;
+	const char *name;
+	uint64_t raw;
+	uint8_t normalized;
+
+	static struct kv_name kv[] =
+	{
+		{ 0xf9, "NAND Writes 1GiB" },
+		{ 0xfa, "NAND Reads 1GiB" },
+		{ 0xea, "Thermal Throttle Status" },
+		{ 0xe7, "Temperature" },
+		{ 0xe8, "Power Consumption" },
+		{ 0xaf, "Power Loss Protection" },
+	};
+
+	printf("Vendor Unique SMART Information\n");
+	printf("=========================\n");
+	/*
+	 * walker[0] = Key
+	 * walker[1,2] = reserved
+	 * walker[3] = Normalized Value
+	 * walker[4] = reserved
+	 * walker[5..10] = Little Endian Raw value
+	 *	(or other represenations)
+	 * walker[11] = reserved
+	 */
+	while (walker < end) {
+		name = kv_lookup(kv, nitems(kv), *walker);
+		normalized = walker[3];
+		raw = le48dec(walker + 5);
+		switch (*walker){
+		case 0:
+			break;
+		case 0xf9:
+			/* FALLTHOUGH */
+		case 0xfa:
+			printf("%2X %-24s: %ju GiB\n", *walker, name, (uintmax_t)raw);
+			break;
+		case 0xea:
+			printf("%2X %-24s:", *walker, name);
+			if (*(walker + 5) == 0)
+				printf(" inactive\n");
+			if (*(walker + 5) == 1)
+				printf(" active, total throttling time %u mins\n", le32dec(walker + 6));
+			break;
+		case 0xe7:
+			printf("%2X %-24s: max ", *walker, name);
+			print_temp_C(le16dec(walker + 5));
+			printf("                           : min ");
+			print_temp_C(le16dec(walker + 7));
+			printf("                           : cur ");
+			print_temp_C(le16dec(walker + 9));
+			break;
+		case 0xe8:
+			printf("%2X %-24s: max %u W, min %u W, ave %u W\n",
+			    *walker, name, le16dec(walker + 5), le16dec(walker + 7), le16dec(walker + 9));
+			break;
+		case 0xaf:
+			printf("%2X %-24s:", *walker, name);
+			if (normalized == 100)
+				printf(" success");
+			if (normalized == 0)
+				printf(" failed");
+			printf(" %3d\n", normalized);
+			break;
+		default:
+			printf("%2X %-24s: %3d %ju\n",
+			    *walker, name, normalized, (uintmax_t)raw);
+			break;
+		}
+		walker += 12;
+	}
+}
+
+#define MICRON_LOG_UNIQUE_SMART	0xca
+
+NVME_LOGPAGE(micron_smart,
+    MICRON_LOG_UNIQUE_SMART,		"micron", "Vendor Unique SMART Information",
+    print_micron_unique_smart,		DEFAULT_SIZE);
diff --git a/sbin/nvmecontrol/nvmecontrol.8 b/sbin/nvmecontrol/nvmecontrol.8
index 624a0c93719b..dc757bcf90c3 100644
--- a/sbin/nvmecontrol/nvmecontrol.8
+++ b/sbin/nvmecontrol/nvmecontrol.8
@@ -303,7 +303,8 @@ data associated with that drive.
 .El
 .Ss logpage
 The logpage command knows how to print log pages of various types.
-It also knows about vendor specific log pages from hgst/wdc, samsung and intel.
+It also knows about vendor specific log pages from HGST/WDC, Samsung,
+Micron and Intel.
 Note that some vendors use the same log page numbers for different data.
 .Pp
 .Bl -tag -compact -width "Page 0x00"
@@ -328,13 +329,15 @@ Advanced SMART information (WDC/HGST)
 .It Dv Page 0xc1
 Read latency stats (Intel)
 .It Dv Page 0xc2
-Wite latency stats (Intel)
+Write latency stats (Intel)
 .It Dv Page 0xc5
 Temperature stats (Intel)
 .It Dv Page 0xca
 Advanced SMART information (Intel)
 .It Dv Page 0xca
 Extended SMART information (Samsung)
+.It Dv Page 0xca
+Vendor Unique SMART information (Micron)
 .El
 .Pp
 Specifying
diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index f582c6301124..5a74a8fd3444 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd July 7, 2025
+.Dd August 5, 2025
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -410,6 +410,7 @@ This is the default behaviour.
 .It Fl o Cm profile
 Enable basic ruleset optimizations with profiling.
 .El
+.Pp
 For further information on the ruleset optimizer, see
 .Xr pf.conf 5 .
 .It Fl P
@@ -431,7 +432,7 @@ Perform reverse DNS lookups on states and tables when displaying them.
 and
 .Fl r
 are mutually exclusive.
-.It Fl s Ar modifier
+.It Fl s Ar modifier Op Fl R Ar id
 Show the filter parameters specified by
 .Ar modifier
 (may be abbreviated):
@@ -563,19 +564,16 @@ no free ports in translation port range
 .It Fl S
 Do not perform domain name resolution.
 If a name cannot be resolved without DNS, an error will be reported.
-.It Fl T Ar command Op Ar address ...
+.It Fl t Ar table Fl T Ar command Op Ar address ...
 Specify the
 .Ar command
-(may be abbreviated) to apply to the table.
+(may be abbreviated) to apply to
+.Ar table .
 Commands include:
 .Pp
-.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl T Cm kill
-Kill a table.
-.It Fl T Cm flush
-Flush all addresses of a table.
+.Bl -tag -width "-T expire number" -compact
 .It Fl T Cm add
-Add one or more addresses in a table.
+Add one or more addresses to a table.
 Automatically create a persistent table if it does not exist.
 .It Fl T Cm delete
 Delete one or more addresses from a table.
@@ -586,6 +584,10 @@ seconds ago.
 For entries which have never had their statistics cleared,
 .Ar number
 refers to the time they were added to the table.
+.It Fl T Cm flush
+Flush all addresses in a table.
+.It Fl T Cm kill
+Kill a table.
 .It Fl T Cm replace
 Replace the addresses of the table.
 Automatically create a persistent table if it does not exist.
@@ -765,8 +767,6 @@ tables of the same name from anchors attached below it.
 .It C
 This flag is set when per-address counters are enabled on the table.
 .El
-.It Fl t Ar table
-Specify the name of the table.
 .It Fl v
 Produce more verbose output.
 A second use of
diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c
index 0fe9ca8813bb..398c5e998330 100644
--- a/sbin/pfctl/pfctl_radix.c
+++ b/sbin/pfctl/pfctl_radix.c
@@ -122,6 +122,9 @@ pfr_add_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
 {
 	int ret;
 
+	if (*nadd)
+		*nadd = 0;
+
 	ret = pfctl_table_add_addrs_h(pfh, tbl, addr, size, nadd, flags);
 	if (ret) {
 		errno = ret;