BSD Commit Log Search

CREDITS: Add -next to Stephen Rothwell's entry

Stephen retired and stepped back from -next maintainership, update his
entry in CREDITS to recognise his 18 years of hard work making it what
it is today and all the impact it's had on our development process.

Also update to his current GnuPG key while we're here.

Acked-by: Stephen Rothwell <sfr at canb.auug.org.au>
Acked-by: SeongJae Park <sj at kernel.org>
Reviewed-by: Randy Dunlap <rdunlap at infradead.org>
Signed-off-by: Mark Brown <broonie at kernel.org>
Acked-by: Krzysztof Kozlowski <krzk at kernel.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>

x509: select CONFIG_CRYPTO_LIB_SHA256

The x509 public key code gained a dependency on the sha256 hash
implementation, causing a rare link time failure in randconfig
builds:

  arm-linux-gnueabi-ld: crypto/asymmetric_keys/x509_public_key.o: in function `x509_get_sig_params':
  x509_public_key.c:(.text.x509_get_sig_params+0x12): undefined reference to `sha256'
  arm-linux-gnueabi-ld: (sha256): Unknown destination type (ARM/Thumb) in crypto/asymmetric_keys/x509_public_key.o
  x509_public_key.c:(.text.x509_get_sig_params+0x12): dangerous relocation: unsupported relocation

Select the necessary library code from Kconfig.

Fixes: 2c62068ac86b ("x509: Separately calculate sha256 for blacklist")
Signed-off-by: Arnd Bergmann <arnd at arndb.de>
Signed-off-by: David Howells <dhowells at redhat.com>
Reviewed-by: Eric Biggers <ebiggers at kernel.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>

xz: fix arm fdt compile error for kmalloc replacement

Align to the commit bf4afc53b77a ("Convert 'alloc_obj' family to use the
new default GFP_KERNEL argument") update the 'kmalloc_obj' declaration
for userspace to fix below compile error:

  In file included from arch/arm/boot/compressed/../../../../lib/decompress_unxz.c:241,
                   from arch/arm/boot/compressed/decompress.c:56:
  arch/arm/boot/compressed/../../../../lib/xz/xz_dec_stream.c: In function 'xz_dec_init':
  arch/arm/boot/compressed/../../../../lib/xz/xz_dec_stream.c:787:28: error: implicit declaration of function 'kmalloc_obj'; did you mean 'kmalloc'? [-Wimplicit-function-declaration]
     787 |         struct xz_dec *s = kmalloc_obj(*s);
         |                            ^~~~~~~~~~~
         |                            kmalloc

Signed-off-by: Haiyue Wang <haiyuewa at 163.com>
Fixes: 69050f8d6d07 ("treewide: Replace kmalloc with kmalloc_obj for non-scalar types")
Fixes: bf4afc53b77a ("Convert 'alloc_obj' family to use the new default GFP_KERNEL argument")
Reviewed-by: Kees Cook <kees at kernel.org>
Acked-by: Lasse Collin <lasse.collin at tukaani.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>

[clang-format] Add C language support for IntegerLiteralSeparator (#182296)

C23 language standard has added support for the C++ tick mark as a
numeric separator. Add support to clang-format so that when formatting
configured for LK_C this code path is enabled.

Fixes #179686

   Updated net/haproxy, security/libgcrypt

   libgcrypt: updated to 1.12.1

   Noteworthy changes in version 1.12.1 (2026-02-20)

    * Bug fixes:

      - Fix for aSmartOS (Solaris) build problem due to AVX2 changes.

      - Fix a regression in gcry_mpi_ec_curve_point.

      - Make sure to have MPI limbs pre-allocated in ECC and fix
        Weierstrass curve use with PUBKEY_FLAG_PARAM.

    * Other:

       - Add MPI configuration for NetBSD m68k.

ttys: Correct comment about required statuses

The status field also accepts onifconsole and onifexists,
so it looks crusty saying that it only accepts on and off.

Reviewed by:    imp
Closes:         https://github.com/freebsd/freebsd-src/pull/2042

ttys: Align comment whitespace and wrapping

This doesn't lengthen or shorten any configuration,
only comments, so merging the configuration will be safe.

Reviewed by:    imp
Closes:         https://github.com/freebsd/freebsd-src/pull/2042

[IVDescriptors] Identify min/max recurrences in single pass. (#163460)

This patch ties to extend the approach from
https://github.com/llvm/llvm-project/pull/141431 to all min/max
recurrence kinds.

This patch adds a new getMinMaxRecurrence that identifies all min/max
recurrences in a single pass. It starts at the backedge value of a phi
and tries to identify the kind of the min/max recurrences.

It then walks from the backedge value to its operands recursively until
it reaches out-of-loop values or the phi.

Then users of both the backedge value and all instructions in the chain
from backedge value to phi are checked.

This consolidates all logic to identify min/max recurrences to a single
function, and avoids the need to try to identify each min/max reduction
kind individually.

PR: https://github.com/llvm/llvm-project/pull/163460

sysutils/podman: Allow setting ownership on auto-created socket

The podman daemon auto-creates a socket on startup, along with parent
directory, and is always run as root. It is often useful to have another
proxy like haproxy or nginx provide more sophisticed security, and these
daemons do not need root privileges.

Differential Revision:  https://reviews.freebsd.org/D55339

Reviewed by:    arrowd
Approved by:    dfr

   haproxy: updated to 3.3.4

   3.3.4
   - DOC: internals: addd mworker V3 internals
   - DOC: proxy-proto: underline the packed attribute for struct pp2_tlv_ssl
   - BUG/MINOR: deviceatlas: add missing return on error in config parsers
   - BUG/MINOR: deviceatlas: add NULL checks on strdup() results in config parsers
   - BUG/MEDIUM: deviceatlas: fix resource leaks on init error paths
   - BUG/MINOR: deviceatlas: fix off-by-one in da_haproxy_conv()
   - BUG/MINOR: deviceatlas: fix cookie vlen using wrong length after extraction
   - BUG/MINOR: deviceatlas: fix double-checked locking race in checkinst
   - BUG/MINOR: deviceatlas: fix resource leak on hot-reload compile failure
   - BUG/MINOR: deviceatlas: fix deinit to only finalize when initialized
   - BUG/MINOR: deviceatlas: set cache_size on hot-reloaded atlas instance
   - BUG/MINOR: ssl: lack crtlist_dup_ssl_conf() declaration
   - BUG/MINOR: ssl: double-free on error path w/ ssl-f-use parser
   - BUG/MINOR: ssl: fix leak in ssl-f-use parser upon error
   - BUG/MINOR: ssl: clarify ssl-f-use errors in post-section parsing
   - BUG/MINOR: ssl: error with ssl-f-use when no "crt"

    [16 lines not shown]

Move range_tree, btree, highbit64 to common code

Break out the range_tree, btree, and highbit64/lowbit64 code from kernel
space into shared kernel and userspace code.  This is needed for the
updated `zpool status -vv` error byte range reporting that will be
coming in a future commit.  That commit needs the range_tree code in
kernel and userspace.

Reviewed-by: Rob Norris <robn at despairlabs.com>
Reviewed-by: Brian Behlendorf <behlendorf1 at llnl.gov>
Signed-off-by: Tony Hutter <hutter2 at llnl.gov>
Closes #18133

Linux 7.0: explicitly set setlease handler to kernel implementation

The upcoming 7.0 kernel will no longer fall back to generic_setlease(),
instead returning EINVAL if .setlease is NULL. So, we set it explicitly.

To ensure that we catch any future kernel change, adds a sanity test for
F_SETLEASE and F_GETLEASE too. Since this is a Linux-specific test,
also a small adjustment to the test runner to allow OS-specific helper
programs.

Sponsored-by: TrueNAS
Reviewed-by: Tony Hutter <hutter2 at llnl.gov>
Reviewed-by: Brian Behlendorf <behlendorf1 at llnl.gov>
Signed-off-by: Rob Norris <rob.norris at truenas.com>
Closes #18215

Rebase

Created using spr 1.3.7

www/mod_http2: Update to 2.0.39

buf: Relax an assertion in BUF_UNLOCK

The BUF_UNLOCK macro asserts that B_REMFREE is not set, as it is up to
the lock owner to complete the dequeue from the free list before
releasing the lock.  However, if the thread has acquired the lock
multiple times, then releasing the recursive lock should be ok.  Modify
the assertion to reflect this.

This was triggered by an out-of-tree filesystem.

Reviewed by:    kib
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D55418

Move ntp namespace to be typesafe

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

Merge branch 'freebsd/main' into hardenedbsd/main

graphics/cloudcompare: Slightly improve port

* Use ${DESKTOPDIR} instead of ${PREFIX}/share/applications.

Reported by:            vvd@
Approved by:            db@, yuri@ (Mentors, implicit)
Differential Revision:  https://reviews.freebsd.org/D55434

emulators/wine-devel: Update 11.2 => 11.3

Changelog:
- Bundled vkd3d upgraded to version 1.19.
- Improved FIR filter in DirectSound.
- More optimizations in PDB loading.
- Light theme renamed to Aero for compatibility.
- Various bug fixes.
https://gitlab.winehq.org/wine/wine/-/releases/wine-11.3

PR:     293340

emulators/wine-devel: Update 11.2 => 11.3

Changelog:
- Bundled vkd3d upgraded to version 1.19.
- Improved FIR filter in DirectSound.
- More optimizations in PDB loading.
- Light theme renamed to Aero for compatibility.
- Various bug fixes.
https://gitlab.winehq.org/wine/wine/-/releases/wine-11.3

PR:     293340

asmc: unbreak build: add missing curly brace

Fixes:  d76bb14e022 ("chore: asmc: additional style(9) cleanup")
(cherry picked from commit 9ccdf3f36e014f0060ea192ffed91a7679003355)

asmc: unbreak build: add missing curly brace

Fixes:  d76bb14e022 ("chore: asmc: additional style(9) cleanup")
(cherry picked from commit 9ccdf3f36e014f0060ea192ffed91a7679003355)

asmc: unbreak build: add missing curly brace

Fixes:  d76bb14e022 ("chore: asmc: additional style(9) cleanup")
(cherry picked from commit 9ccdf3f36e014f0060ea192ffed91a7679003355)

   Make bse(4) interrupts mp-safe. The code has nothing to do, so only
   establish interrupt handlers with IPL_MPSAFE bit.

   ok jmatthew

Updating ghostbsd-gershwin-settings to use ghostbsd repo

   ignore for PORTROACH