security/vuxml: Add Mozilla vulnerability
CVE-2026-7323
NIST: NVD Base Score: N/A
ADP: CISA-ADP
Base Score: 7.3 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
www/gohugo: Update to 0.161.0
ChangeLog: https://github.com/gohugoio/hugo/releases/tag/v0.161.0
Bug fixes
* langs/i18n: Fix translation lookup when using language variants
* create: Fix non-deterministic conflict detection in hugo new content
* commands: Fix environment isolation for configuration settings
* Fix filename dimension identifiers (role_X, version_X) to replace mount config
* Fix it so we never auto-fallback to page resources in other roles/versions
Improvements
* css: Support nested hugo:vars/ imports
* github: Update GitHub actions versions
* hugolib: Do not render aliases if the page is not rendered
* langs/i18n: Improve default content language fallback
* helpers: Remove unused code
[17 lines not shown]
lockf: Avoid spinning when operating on an fd
When operating on a file descriptor, acquire_lock() would ignore the
flags argument and always operate in non-blocking mode, resulting in
unnecessary busy-looping.
PR: 294832
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56722
stat: Drop unused code and conditionals
We haven't pulled from upstream in over 15 years, and the codebases
have diverged so far it is unlikely that we ever will.
* Drop NetBSD and OpenBSD version control information.
* Drop support for building on non-BSD / non-POSIX platforms.
* Fix a few minor style issues.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56771
vt_core: don't draw the splash if a panic occurred
The shutdown splash draws over all the useful info if ddb(4) is
disabled. Don't draw the splash screen if we're rebooting because of a
panic.
MFC after: 3 days
netbsd-tests: Fix the mmap_truncate_signal test
Add a volatile qualifier in the loop which triggers SIGBUS, as otherwise
the compiler is smart enough to elide it, replacing it with a check for
page != 0.
MFC after: 1 week
(cherry picked from commit e3b8e55e710bf355f371d798aa943281007a7ea9)
tests/ipfw: Make tests run more reliably in parallel
- Don't use /dev/null as the pidfile for inetd, that doesn't work
properly. Create a pidfile in the per-test scratch directory.
- Use atf_check to validate results from setup commands.
MFC after: 1 week
(cherry picked from commit bea17411473bc58608badd425c223ee59d40a465)
vm_swapout: Remove a special case from vm_swapout_map_deactivate_pages()
John points out that this probably should have been removed in commit
472888018ce, which removed a special case where we'd set desired=0 if
the target process has P_INMEM clear. It's not obvious to me that the
desired=0 case can't arise by setting an RSS limit to 0, but I'm not
sure why we'd try to go the extra mile in that case anyway.
Reported by: jhb
Reviewed by: kib
MFC after: 2 weeks
Fixes: 472888018ce1 ("proc: Remove kernel stack swapping support, part 6")
Differential Revision: https://reviews.freebsd.org/D56140
(cherry picked from commit b6b0afefec4739923897d984448704ce34a21e6b)
tests/socket_afinet: Fix the bind_connected_port test
The test verifies that a socket can bind to a local address assigned by
connect(2) to a different socket. It was however trying to bind to the
wrong address, and the check of the result was inverted, so this went
unnoticed. It also needs to set SO_REUSEADDR for this to succeed.
Reported by: glebius
MFC after: 1 week
(cherry picked from commit d3d0466cae546254c50c80cf3e0c060bbbbba53c)
nullfs: Clear inotify flags during reclaim
The inotify flags are copied from the lower vnode into the nullfs vnode
so that the INOTIFY() macro will invoke VOP_INOTIFY on the nullfs vnode;
this is then bypassed to the lower vnode. However, when a nullfs vnode
is reclaimed we should clear these flags, as the vnode is now doomed and
no longer forwards VOPs to the lower vnode.
Add regression tests. Remove a test in vn_inotify_revoke() which is no
longer needed after this change.
PR: 292495
Reviewed by: kib
Reported by: Jed Laundry <jlaundry at jlaundry.com>
Fixes: f1f230439fa4 ("vfs: Initial revision of inotify")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56639
(cherry picked from commit a02d794f5acd12ba3cf1de5c204a8dd56af47edd)
tests/posixshm: Check for hardware support in largepage_pkru
MFC after: 3 days
Fixes: ca87c0b8e396 ("pkru: Fix handling of 1GB largepage mappings")
(cherry picked from commit 75c66218401c00f4728d5312e2b933b8d3aefde1)
routing: Use a better error number in sysctl_fibs()
ENOTCAPABLE is for capsicum and its use here is inappropriate. In
particular, note that syscallret() treats this value specially.
Reviewed by: glebius, pouria, zlei
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56481
(cherry picked from commit 8de0fc10a1c2d65bdb39eff862266ab1f87902c8)
epoch: Don't idle CPUs when there's pending epoch work
The epoch(9) subsystem implements per-CPU queues of object destructors
which get invoked once it is safe to do so. These queues are polled via
hardclock().
When a CPU is about to go idle, we reduce the hardclock frequency to 1Hz
by default, to avoid unneeded wakeups. This means that if there is any
garbage in these destructor queues, it won't be cleared for at least 1s
(and possibly longer) even if it would otherwise be safe to do so.
epoch_drain_callbacks() is used in some places to provide a barrier,
ensuring that all garbage present in the destructor queues is cleaned up
before returning. It's implemented by adding a fake destructor in the
queues and blocking until it gets run on all CPUs. The above-described
phenomenon means that it can take a long time for these calls to return,
even (especially) when some CPUs are idle. This causes long delays when
destroying VNET jails, for instance, as epoch_drain_callbacks() is
invoked each time a network interface is destroyed.
[13 lines not shown]
in_mcast: Avoid calling sysctl_wire_old_buffer() in an epoch section
Wiring a virtual address range may require the thread to sleep, and this
is not permitted in an epoch section.
MFC after: 1 week
(cherry picked from commit c1b514c88c76a4de906775d47b06388e62ab6845)
routing: Initialize V_rt_numfibs earlier during boot
V_rt_numfibs can be set at compile time (with the ROUTETABLES kernel
config option) or boot time (with the net.fibs tunable).
vnet_rtables_init(), running during SI_PROTO_DOMAIN, was checking the
tunable and updating V_rt_numfibs accordingly, but that means that
earlier SYSINITs, such as vnet_mroute_init(), see the compile-time value
for V_rt_numfibs before it gets corrected in vnet_rtables_init().
Fix this by initializing V_rt_numfibs earlier, so that SYSINITs are less
likely to use the wrong value.
Add a comment describing the weird, preexisting semantic of resetting
rt_numfibs to 1 in VNET jails.
PR: 294510
Reviewed by: glebius, zlei, pouria
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56473
[2 lines not shown]
pkru.3: Remove a qualifier
Now that i386 kernels are deprecated, we don't really need to mention
this limitation. It's also a bit dated since PKRU is supported with
5-level paging as well.
Reviewed by: alc, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56415
(cherry picked from commit fe6bf738aaeb3d5fd74aabfcbf01eba827df6594)
pkru.3: Note that the kernel may not respect PKRU protections
There are cases where the kernel will be able to access memory covered
by a PKRU key which nomially prohibits accesses. I believe regular
copyin()/copyout() are subject to the contents of PKRU, but memory
accesses via uiomove_fromphys() will not be. This can arise when
performing fault I/O, for instance. I didn't test, but I suspect AIO is
another case.
Update the man page to acknowledge this.
Reviewed by: alc, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56416
(cherry picked from commit fa77fecb0e06ec697e3d7a9ed899e568f1d2090c)
tests/socket_afinet: Remove a conditional skip
The test runs without any unexpected results when mac_portacl is loaded.
PR: 238781
MFC after: 1 week
(cherry picked from commit 9f6041fb579106aa6fa358071a14eddabd581998)
geom: Make g_waitidle() wait for orphaned providers
This is motivated by the following race in the ZFS zvol code.
When a zvol is created, we create a GEOM-backed zvol, which results in a
/dev/zvol/<zvol path> device file, created by GEOM::dev. If volmode=dev
is specified, zvol_set_volmode_impl() will wither the GEOM, then create
a device file with the same name. This sometimes fails because
g_wither_geom() is asynchronous, so we end up trying to create a device
file while the old one still exists. I want to fix this by adding a
g_waitidle() call to zvol_os_remove_minor().
g_waitidle() is not sufficient: GEOM::dev does not destroy the device
until g_dev_orphan() is called. (In fact the device destruction is
asynchronous too, but the delist_dev() call is sufficient to address
this race.) So, I propose modifying g_waitidle() to block until
orphaned providers are processed.
PR: 258766
[5 lines not shown]
