MFV: openssl 3.5.7
This change is a security release which resolves several issues with OpenSSL 3.5,
the highest severity issue being ranked "High". Users are strongly encouraged to
update to this release.
More information about the release (from a high level) can be found in
the release notes [1].
1. https://github.com/openssl/openssl/blob/openssl-3.5.7/NEWS.md
All conflicts were resolved with `--theirs`, taking the release diff
over the local diff; the conflicts occurred due to preemptive security
fixes applied by so@ in e508c343.
MFC after: 3 days (the important security issues have been
preemptively addressed)
Merge commit '3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43'
[6 lines not shown]
powerpc/booke: Add watchdog driver
The Book-E watchdog is effectively a state machine based around an AND
mask of the timebase register. A single bit (0-63) is watched in the
timebase register, and when it transitions (by counting *or* by
programmatically setting) an exception is triggered. The first
exception triggers a core interrupt. The second is programmable.
In our case, we panic on the first and reset on second.
watchdog: Fix a couple type issues
* Force the type of the literal `1` passed to nstosbt() to ensure it's a
64-bit type (or larger). Otherwise it gets inconveniently typed to
int, resulting in truncation.
* Use `flsll()` when converting sbt to power-of-2-nanoseconds to fix
32-bit compatibility.
PR: 292616
Obtained from: Hewlett Packard Enterprise
Fixes: 26d6617f3 ("watchdog: Convert to using sbintime_t format")
MFC after: 3 days
ppp: Permit CHAP challenges up to 255 bytes
RFC 1994 does not place any limit on the length of the value field in
challenge messages except that the length is a single octet which
bounds the maximum length to 255.
NB: I'm not sure why the local[] and peer[] arrays contain room for an
authentication name (AUTHLEN) in addition to a challenge value/response,
but I've just left that in place.
PR: 271955
Reported by: Robert Morris <rtm at lcs.mit.edu>
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D57138
ppp: Don't fetch a non-existent variadic argument
Only fetch the optional mode argument to ID0open to pass to open(2) if
O_CREAT is present in the flags argument. It is UB to fetch an
argument that doesn't exist. On CHERI this UB results in a fault.
Reviewed by: brooks
Obtained from: CheriBSD
Sponsored by: AFRL, DARPA
Differential Revision: https://reviews.freebsd.org/D57137
mii: Fix SMSC name
The LAN8700 / LAN8710 PHYs were Standard Microsystems Corporation (SMSC)
parts. I presume SMC was chosen as an abbreviation, but the company
always used SMSC as its short name.
SMSC was acquired by Microchip in 2012. I kept the pre-acquisition
name, as NetBSD (from where we obtained miidevs) uses SMSC.
Reviewed by: adrian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D56819
(cherry picked from commit 89c883c09ab5e0fdca7ac5dfe74fcc46b7669eb5)
linuxkpi: Make pm_qos.h self-contained
Include <linux/types.h> for `false`. This is needed by amdgpu somewhere
between Linux 6.12 and 6.15.
Reviewed by: Minsoo Choo <minsoo at minsoo.io>, bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57415
(cherry picked from commit 67df313015906d84d90df8e37795885e81cf8da5)
hcreate(3): fix incorrect claim that hdestroy frees keys
The man page incorrectly stated that hdestroy() calls free(3) for
each comparison key. The implementation (hdestroy_r.c) only frees
the internal table structure, not the user-provided keys or data.
This matches POSIX, which says hdestroy "shall dispose of the
search table" without mentioning key deallocation.
Update the description to clarify that the caller is responsible
for freeing any memory associated with table entries.
PR: 291240
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2095
etherswitchcfg(8): document atu commands
Add documentation for the ATU (Address Translation Unit) commands
that were implemented but not documented in the man page:
- atu dump: display the MAC address table
- atu flush all: clear all dynamic ATU entries
- atu flush port <n>: clear ATU entries for a specific port
Also add atu to the SYNOPSIS section.
PR: 275413
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2096
re(4): document jumbo frame support for 8168/8111 chips
The man page only mentioned jumbo frame support for the 8169, 8169S,
and 8110S chips. The 8168 and 8111 family also support jumbo frames,
with varying MTU limits depending on the chip revision (6K for C
variants, 9K for D and later). Update the documentation to reflect
the actual driver capabilities.
PR: 160399
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2097
bsdconfig(8): add missing vt(4) console commands
Add documentation for the vt_font, vt_keymap, vt_repeat, vt_saver,
vt_screenmap, and vt_ttys commands which are available at runtime
but were not listed in the man page.
Also clarify that the existing syscons_* commands are for the
syscons(4) console driver and remove stale commented-out entries.
PR: 291051
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2100
diskless(8): remove references to deleted clone_root script
The clone_root script was removed from the tree in commit
7736786b08e8 but the diskless(8) man page still referenced it
in two places. Remove both references.
PR: 292231
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2101
cp(1): fix -P documentation to reflect it works without -R
Since commit 97e13037915c, the -P flag works without -R as
required by POSIX. Update the man page to state that only -H
and -L are ignored without -R, while -P can be used independently.
PR: 289959
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2102
du(1): document --si option
The --si option (human-readable output with SI units based on
powers of 1000) was implemented but missing from both the SYNOPSIS
and the options list.
PR: 265199
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2104
improve renice user error messages
Improve error handling for invalid user names and UIDs in renice:
- Use warnx() and err() for consistent error reporting
- Set errno = EINVAL for invalid input
- Provide clearer error messages for invalid user names and UIDs
- Add test cases for invalid user input
Signed-off-by: androvonx95 <androvonx95 at tutamail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1768
