HardenedBSD/src 2ee4aa9sbin/init ttys, sys/conf options

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+39-3sys/dev/uart/uart_dev_ns8250.c
+14-14sbin/init/ttys
+4-0sys/conf/options
+1-1sys/sys/buf.h
+1-0sys/net/if_vlan.c
+59-185 files

HardenedBSD/src 35d7753sbin/init ttys, sys/conf options

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+39-3sys/dev/uart/uart_dev_ns8250.c
+14-14sbin/init/ttys
+4-0sys/conf/options
+1-1sys/sys/buf.h
+1-0sys/net/if_vlan.c
+59-185 files

HardenedBSD/src af26c2asys/kern kern_syscalls.c

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+8-2sys/kern/kern_syscalls.c
+8-21 files

HardenedBSD/ports a93db25net-p2p/transmission-components Makefile, net-p2p/transmission-components/files patch-CMakeLists.txt patch-cmake_TrMacros.cmake

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+296-18net-p2p/transmission-components/files/patch-CMakeLists.txt
+85-144net-p2p/transmission-components/Makefile
+146-0net-p2p/transmission-components/files/patch-cmake_TrMacros.cmake
+97-0net-p2p/transmission-components/files/patch-cmake_Findlibutp.cmake
+92-0net-p2p/transmission-components/files/patch-cmake_FindLibevent.cmake
+76-0net-p2p/transmission-components/files/patch-cmake_Findlibdeflate.cmake
+792-162112 files not shown
+1,741-589118 files

LLVM/project 686acf6mlir/include/mlir/Dialect/MemRef/IR MemRefOps.td, mlir/include/mlir/Dialect/Tensor/IR TensorOps.td

[mlir] Make [tensor|memref]::ExpandShapeOp verifier stricter. (#181020)

The number of dynamic dims in output_shape is expected to be as the same
as the result type.

The revision also trims double whitespaces from the doc, because it also
updates the op description.

---------

Signed-off-by: hanhanW <hanhan0912 at gmail.com>
DeltaFile
+13-0mlir/lib/Dialect/Tensor/IR/TensorOps.cpp
+6-5mlir/include/mlir/Dialect/Tensor/IR/TensorOps.td
+5-4mlir/include/mlir/Dialect/MemRef/IR/MemRefOps.td
+8-0mlir/test/Dialect/MemRef/invalid.mlir
+7-0mlir/test/Dialect/Tensor/invalid.mlir
+6-0mlir/lib/Dialect/MemRef/IR/MemRefOps.cpp
+45-93 files not shown
+49-139 files

OpenBSD/src LTkc1wQsys/dev/pci/drm/amd/amdgpu amdgpu_ras.c

   don't return an error when skipping sysfs bits in amdgpu_ras_sysfs_create()

   should avoid fatal init error on Radeon VII reported by Justin Roberts
VersionDeltaFile
1.17+2-4sys/dev/pci/drm/amd/amdgpu/amdgpu_ras.c
+2-41 files

FreeBSD/ports 6b50d38graphics/openexr Makefile distinfo, graphics/openexr-website-docs distinfo Makefile

graphics/openexr*: Security update to v3.4.5 and i386 fix

"Patch release that fixes an incorrect size check in
istream_nonparallel_read that could lead to a buffer overflow on invalid
input data."

Also fix i386 self-tests by adding -msse2: i386 builds require SSE2, but
the upstream cmake stuff does not enable this, so use CFLAGS_i386.

To prevent people seeing SIGILL crashes down late at run-time,
check if the CPU is sse2-capable by querying the clang compiler from
the pre-install script (pkg-plist's @preexec). Suggested by diizzy@.
  Other than that we could use the cpuid or the lscpu port instead, but
let's for now assume everything that wants to run OpenEXR also has a
working cc that is clang and has -march=native and gives us CPU details).
(GCC also gives us this but will use a different output format.)

While here, make failed tests verbose through ctest's environment so we
can see what's up from the build log already. (We need to go through

    [6 lines not shown]
DeltaFile
+15-2graphics/openexr/Makefile
+3-3graphics/openexr/distinfo
+3-3graphics/openexr-website-docs/distinfo
+1-1graphics/openexr-website-docs/Makefile
+1-0graphics/openexr/pkg-plist
+23-95 files

HardenedBSD/ports 7e50eb8net/cloud-init-devel Makefile

net/cloud-init-devel: Deprecate and set expiration date to 2026-03-31

Currently unmaintained and years behind net/cloud-init

Reference: https://reviews.freebsd.org/D48959
DeltaFile
+3-0net/cloud-init-devel/Makefile
+3-01 files

FreeBSD/ports 56907a7www/restinio/files patch-restinio_CMakeLists.txt

www/restinio: Fix detection of llhttp's shared library

Upstream refers to it as llhttp_shared not llhttp_dynamic

Reference:
https://github.com/nodejs/llhttp/blob/release/v9.3.0/CMakeLists.txt#L96

Approved by:    blanket (just fix it)
DeltaFile
+15-0www/restinio/files/patch-restinio_CMakeLists.txt
+15-01 files

HardenedBSD/ports 7838592security/vuxml/vuln 2026.xml

security/vuxml: Add openexr < 3.4.5

Security:       716d25a6-0fdc-11f1-bfdf-ff9355aecb00
DeltaFile
+27-0security/vuxml/vuln/2026.xml
+27-01 files

FreeBSD/ports 7e50eb8net/cloud-init-devel Makefile

net/cloud-init-devel: Deprecate and set expiration date to 2026-03-31

Currently unmaintained and years behind net/cloud-init

Reference: https://reviews.freebsd.org/D48959
DeltaFile
+3-0net/cloud-init-devel/Makefile
+3-01 files

HardenedBSD/ports 56907a7www/restinio/files patch-restinio_CMakeLists.txt

www/restinio: Fix detection of llhttp's shared library

Upstream refers to it as llhttp_shared not llhttp_dynamic

Reference:
https://github.com/nodejs/llhttp/blob/release/v9.3.0/CMakeLists.txt#L96

Approved by:    blanket (just fix it)
DeltaFile
+15-0www/restinio/files/patch-restinio_CMakeLists.txt
+15-01 files

HardenedBSD/ports 6b50d38graphics/openexr Makefile distinfo, graphics/openexr-website-docs distinfo Makefile

graphics/openexr*: Security update to v3.4.5 and i386 fix

"Patch release that fixes an incorrect size check in
istream_nonparallel_read that could lead to a buffer overflow on invalid
input data."

Also fix i386 self-tests by adding -msse2: i386 builds require SSE2, but
the upstream cmake stuff does not enable this, so use CFLAGS_i386.

To prevent people seeing SIGILL crashes down late at run-time,
check if the CPU is sse2-capable by querying the clang compiler from
the pre-install script (pkg-plist's @preexec). Suggested by diizzy@.
  Other than that we could use the cpuid or the lscpu port instead, but
let's for now assume everything that wants to run OpenEXR also has a
working cc that is clang and has -march=native and gives us CPU details).
(GCC also gives us this but will use a different output format.)

While here, make failed tests verbose through ctest's environment so we
can see what's up from the build log already. (We need to go through

    [6 lines not shown]
DeltaFile
+15-2graphics/openexr/Makefile
+3-3graphics/openexr/distinfo
+3-3graphics/openexr-website-docs/distinfo
+1-1graphics/openexr-website-docs/Makefile
+1-0graphics/openexr/pkg-plist
+23-95 files

HardenedBSD/ports 13ac3b3multimedia/mediamtx distinfo Makefile

multimedia/mediamtx: Update to 1.16.2

Changelog: https://github.com/bluenviron/mediamtx/releases/tag/v1.16.2
DeltaFile
+7-7multimedia/mediamtx/distinfo
+2-2multimedia/mediamtx/Makefile
+9-92 files

FreeBSD/ports 7838592security/vuxml/vuln 2026.xml

security/vuxml: Add openexr < 3.4.5

Security:       716d25a6-0fdc-11f1-bfdf-ff9355aecb00
DeltaFile
+27-0security/vuxml/vuln/2026.xml
+27-01 files

FreeBSD/ports 13ac3b3multimedia/mediamtx distinfo Makefile

multimedia/mediamtx: Update to 1.16.2

Changelog: https://github.com/bluenviron/mediamtx/releases/tag/v1.16.2
DeltaFile
+7-7multimedia/mediamtx/distinfo
+2-2multimedia/mediamtx/Makefile
+9-92 files

LLVM/project 5b1a023libclc/cmake/modules AddLibclc.cmake

[libclc][CMake] Add COMPONENT ${ARG_PARENT_TARGET} to install (#182716)

Toolchain can specify the component to selectively install libclc to a
deploy folder. E.g. our downstream SYCL toolchain deploy:
https://github.com/intel/llvm/blob/e7b423fd517d/sycl/CMakeLists.txt#L531

Also check ARG_PARENT_TARGET is defined and non-empty.

Co-authored-by: Jinsong Ji <jinsong.ji at intel.com>
DeltaFile
+6-0libclc/cmake/modules/AddLibclc.cmake
+6-01 files

HardenedBSD/ports bbc5bc5databases/sqlcipher Makefile

databases/sqlcipher: Bump PORTREVISION after fix consumers

PR:     292688
DeltaFile
+1-0databases/sqlcipher/Makefile
+1-01 files

FreeBSD/ports bbc5bc5databases/sqlcipher Makefile

databases/sqlcipher: Bump PORTREVISION after fix consumers

PR:     292688
DeltaFile
+1-0databases/sqlcipher/Makefile
+1-01 files

LLVM/project 8e8974epolly/lib/External/isl isl_ast_codegen.c isl_test2.cc, polly/lib/External/isl/test_inputs/codegen shift2.c

[Polly] Update isl to isl-0.27-82-g38cf72a4 (#182786)

Update isl to include
https://repo.or.cz/isl.git/commit/38cf72a41b708475fc22dc9fc62c7caae1ac29f6
which fixes #179993. This changes some string representations of ISL
objects in tests which are updated.

Fixes #179993

Thanks @skimo-openhub for the fix and @thapgua for the bugreport.
DeltaFile
+240-7polly/lib/External/isl/isl_ast_codegen.c
+62-33polly/lib/External/isl/test_inputs/codegen/shift2.c
+22-22polly/lib/External/isl/test_inputs/codegen/omega/wak2-0.c
+19-19polly/lib/External/isl/test_inputs/codegen/omega/wak2-1.c
+18-18polly/lib/External/isl/test_inputs/codegen/omega/wak1-0.c
+20-0polly/lib/External/isl/isl_test2.cc
+381-9913 files not shown
+408-12319 files

HardenedBSD/ports 0ddb967databases/sqlcipher Makefile pkg-plist, databases/sqlcipher/files patch-autosetup_sqlite-config.tcl

databases/sqlcipher: Fix consumers

Rename installed files from *sqlite3* back to *sqlcipher*.
Unbreak consumers:
- finance/kmymoney
- finance/skrooge
- net-im/gurk-rs
- net-im/qTox
- net-p2p/retroshare
- databases/py-sqlcipher3

While here improve port:
- Use USES=localbase instead of CFLAGS+=-I${LOCALBASE}/include and
  LDFLAGS+=-L${LOCALBASE}/lib.
- Split long lines.
- Fix warnings from portclippy.
- Sort CONFIGURE_ARGS and CPPFLAGS.

PR:             292688

    [2 lines not shown]
DeltaFile
+28-11databases/sqlcipher/Makefile
+9-9databases/sqlcipher/pkg-plist
+17-0databases/sqlcipher/files/patch-autosetup_sqlite-config.tcl
+54-203 files

FreeBSD/ports 0ddb967databases/sqlcipher Makefile pkg-plist, databases/sqlcipher/files patch-autosetup_sqlite-config.tcl

databases/sqlcipher: Fix consumers

Rename installed files from *sqlite3* back to *sqlcipher*.
Unbreak consumers:
- finance/kmymoney
- finance/skrooge
- net-im/gurk-rs
- net-im/qTox
- net-p2p/retroshare
- databases/py-sqlcipher3

While here improve port:
- Use USES=localbase instead of CFLAGS+=-I${LOCALBASE}/include and
  LDFLAGS+=-L${LOCALBASE}/lib.
- Split long lines.
- Fix warnings from portclippy.
- Sort CONFIGURE_ARGS and CPPFLAGS.

PR:             292688

    [2 lines not shown]
DeltaFile
+28-11databases/sqlcipher/Makefile
+9-9databases/sqlcipher/pkg-plist
+17-0databases/sqlcipher/files/patch-autosetup_sqlite-config.tcl
+54-203 files

GhostBSD/build 56e1699common_config setuser.sh, packages gershwin

Add gbi shortcut and settings pkg (#264)

DeltaFile
+3-0common_config/setuser.sh
+1-0packages/gershwin
+4-02 files

HardenedBSD/ports 9ede2adnet-im/nchat distinfo Makefile

net-im/nchat: update: 5.12.21 ->  5.13.17

ChangeLog:      https://github.com/d99kris/nchat/compare/v5.12.21...v5.13.17

Sponsored by:   tipi.work
DeltaFile
+3-3net-im/nchat/distinfo
+1-1net-im/nchat/Makefile
+4-42 files

FreeBSD/ports 9ede2adnet-im/nchat distinfo Makefile

net-im/nchat: update: 5.12.21 ->  5.13.17

ChangeLog:      https://github.com/d99kris/nchat/compare/v5.12.21...v5.13.17

Sponsored by:   tipi.work
DeltaFile
+3-3net-im/nchat/distinfo
+1-1net-im/nchat/Makefile
+4-42 files

FreeNAS/freenas 66a9085src/middlewared/middlewared/api/v26_0_0 cronjob.py, src/middlewared/middlewared/etc_files/cron.d middlewared.mako

Move cronjob namespace to be typesafe
DeltaFile
+0-258src/middlewared/middlewared/plugins/cron.py
+95-0src/middlewared/middlewared/plugins/cron/crud.py
+93-0src/middlewared/middlewared/plugins/cron/execute.py
+87-0src/middlewared/middlewared/plugins/cron/__init__.py
+2-1src/middlewared/middlewared/api/v26_0_0/cronjob.py
+1-1src/middlewared/middlewared/etc_files/cron.d/middlewared.mako
+278-2602 files not shown
+281-2608 files

FreeNAS/freenas 5b48b89src/middlewared/middlewared/api/v26_0_0 cronjob.py, src/middlewared/middlewared/etc_files/cron.d middlewared.mako

Move cronjob namespace to be typesafe
DeltaFile
+0-258src/middlewared/middlewared/plugins/cron.py
+93-0src/middlewared/middlewared/plugins/cron/crud.py
+93-0src/middlewared/middlewared/plugins/cron/execute.py
+87-0src/middlewared/middlewared/plugins/cron/__init__.py
+2-1src/middlewared/middlewared/api/v26_0_0/cronjob.py
+1-1src/middlewared/middlewared/etc_files/cron.d/middlewared.mako
+276-2602 files not shown
+279-2608 files

LLVM/project 648193emlir/include/mlir/Dialect/Linalg/IR LinalgInterfaces.h, mlir/lib/Dialect/Linalg/IR LinalgInterfaces.cpp

Reapply "[mlir][linalg] Make conv dim inference return pairing (outputImage, filterLoop)" (#182740)

The original method sorts all the dimensions which loses the information
about pairing. It makes other transformation that works on generic op
form harder. The revision ensures the pairing, so callers have more
useful information when they work on transformations.

The revision was reverted because of memory leak. The fix is using
OwningOpRef to wrap ModuleOp, so the nested operations are destroyed at
the end, which is similar to other MLIR unittests.

---------

Signed-off-by: hanhanW <hanhan0912 at gmail.com>
DeltaFile
+179-0mlir/unittests/Dialect/Linalg/InferConvolutionDimsTest.cpp
+26-10mlir/lib/Dialect/Linalg/IR/LinalgInterfaces.cpp
+11-0mlir/unittests/Dialect/Linalg/CMakeLists.txt
+6-2mlir/include/mlir/Dialect/Linalg/IR/LinalgInterfaces.h
+1-0mlir/unittests/Dialect/CMakeLists.txt
+223-125 files

HardenedBSD/ports 3862afaemulators/virtualbox-ose Makefile, emulators/virtualbox-ose-70 Makefile

emulators/virtualbox-ose{,-70,-71,-72,-legacy}: Improve port (non-functional)

- Replace ${PREFIX}/share/applications with ${DESKTOPDIR}.
- Replace "*" with . in COPYTREE_SHARE.
DeltaFile
+3-3emulators/virtualbox-ose-legacy/Makefile
+3-3emulators/virtualbox-ose-72/Makefile
+3-3emulators/virtualbox-ose-70/Makefile
+3-3emulators/virtualbox-ose-71/Makefile
+3-3emulators/virtualbox-ose/Makefile
+15-155 files

FreeBSD/ports 3862afaemulators/virtualbox-ose Makefile, emulators/virtualbox-ose-70 Makefile

emulators/virtualbox-ose{,-70,-71,-72,-legacy}: Improve port (non-functional)

- Replace ${PREFIX}/share/applications with ${DESKTOPDIR}.
- Replace "*" with . in COPYTREE_SHARE.
DeltaFile
+3-3emulators/virtualbox-ose-legacy/Makefile
+3-3emulators/virtualbox-ose-70/Makefile
+3-3emulators/virtualbox-ose/Makefile
+3-3emulators/virtualbox-ose-71/Makefile
+3-3emulators/virtualbox-ose-72/Makefile
+15-155 files