pfdenied: fix checking root anchor
pfctl doesn't like empty anchors (-a ''), but we can specify the root
anchor as '/' too, so do that instead.
PR: 295324
Tested by: Paweł Krawczyk
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 3d9cd10b2857ee7a9ec1b04457d9ec44f614d32c)
pfdenied: fix checking root anchor
pfctl doesn't like empty anchors (-a ''), but we can specify the root
anchor as '/' too, so do that instead.
PR: 295324
Tested by: Paweł Krawczyk
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 3d9cd10b2857ee7a9ec1b04457d9ec44f614d32c)
[RISCV][P-ext] Merge paired pli/plui in RISCVMoveMerger (#202566)
64-bit packed-splat constants are returned as i64, which SelectionDAG
splits into two i32 halves materialized as single-reg
pli.b/pli.h/plui.h. Merge matching pairs writing the two halves of a
GPRPair into the paired pli.db/pli.dh/plui.dh form.
[orc-rt] Fix off-by-one error in d20eca15e88 (SPS CI for calls). (#202872)
The main-function shaped caller in d20eca15e88 had an off-by-one error
that I missed as I was looking at a stale build folder. This commit
fixes the error, and makes some changes to related unit test variable
names for consistency.
[IR] Avoid unnecessary canBeFreed() calls (NFC) (#202685)
Do not call canBeFreed() if the value can't ever be freed (e.g. for
globals) or if there are no known dereferenceable bytes. The check is
relatively expensive.
(The compile-time impact is only visible when enabling deref-at-point
semantics.)
yt-dlp: updated to 2026.6.9
yt-dlp 2026.06.09
Important changes
The minimum supported versions of Deno, Node, and Bun have been raised.
The minimum required version of Deno is now v2.3.0; supported Node versions are v22 and up; Bun support has been deprecated and limited to versions 1.2.11 through 1.3.14.
Security
Usage of vulnerable conversions (e.g. %()s) with the --exec option is an all-too-common pitfall. To remedy this, --exec now only allows safe conversions in its command templates.
Most users can simply replace %(...)s with %(...)q in their --exec argument(s). Numeric conversions are unaffected by this change. Using unsafe conversions with --exec poses a significant security risk. Read more
[CVE-2026-50019] File Downloader cookie leak with curl
Impact is limited to users of --downloader curl; cookies are now properly passed to curl so that it respects their scope
[CVE-2026-50023] Dangerous file type creation via insufficient filename sanitization
Writing files with the extensions .desktop, .url, or .webloc is now only allowed in the context of --write-link functionality
[CVE-2026-50574] Arbitrary code execution via manifest downloads with aria2c
Impact is limited to users of --downloader aria2c
Support for downloading HLS and DASH formats with aria2c has been removed. Users affected by this change should migrate to use -N for concurrent fragment downloads via the native downloader
[X86] LowerRESET_FPENV - use MOLoad for the constant-pool FLDENVm MMO (#201832)
LowerRESET_FPENV builds a MachineMemOperand with the MOStore flag and
attaches it to X86ISD::FLDENVm, which is mayLoad = 1. The direction
contradicts the SDNode, and SelectionDAGISel's memref filter (in
SelectCodeCommon) silently drops the MMO, leaving the final MachineInstr
without any memrefs - no miscompile, but no useful load-side metadata
either.
Sister path LowerGET_FPENV_MEM already flips MOStore -> MOLoad before
attaching its MMO to FLDENVm. Match that here so the MMO survives ISel.
Adds a MIR-trailer regression test asserting FLDENVm carries the
expected `:: (load (s224) from constant-pool, align 4)` memref.
This was found as part of @jlebar's X86 LLVM bug hunt / FuzzX effort:
https://github.com/SemiAnalysisAI/FuzzX/tree/master/x86 :
x86/bugs/014-resetfpenv-mmo-flagged-as-store-on-load
cc @jlebar
axgbe: gracefully handle i2c bus failures
In (unknown) situations it seems the i2c bus can have trouble,
while nothing about the current link state has changed, the driver
would react by going into a link down state, and start busylooping
on up to 4 cores. Even if there was a valid link, such spinning
on a cpu by a kernel thread would wreak havoc to existing and
new connections.
This patch does the following:
1. If such a bus failure occurs, we keep the last known link state.
2. Prevent busy looping by implementing the lockmgr() facility to
be able to sleep while the i2c code waits on the i2c ISR. We cap
this with a timeout.
3. Pin the admin queues to the last CPU in the system, to prevent
other scenarios where busy looping might occur from landing on CPU
0, which especially seems to cause a lot of issues.
Given the design constraints both in hardware and in software,
[9 lines not shown]
pf|ipfw|netinet6?: shared IP forwarding
This removes the if_output calls in the pf(4) code that escape further
processing by defering the forwarding execution to the network stack
using on/off style sysctls for both IPv4 and IPv6.
Also see: https://reviews.freebsd.org/D8877
stand: add EFI support for mmio serial consoles
When no legacy serial is found, we may be looking at a non-legacy mmio
serial device mapping, in which case the efi_devpath_name() for name
ConOutDev looks like this:
VenHw(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,0090DCFE00000000)/Uart(115200,8,N,1)/VenVt100()
Which should tell the kernel to attach a console to 0xfedc9000
(little endian 64 bit value). The value is stored behind the
VENDOR_DEVICE_PATH struct as a byte stream hence we need to check
if said address is appended behind the node. Also enforce use for
uart by requiring the console speed read from the same device.
There is no scientific process for "rs:2" derivation, but evidence would
indicate that this is the correct setting for existing MMIO EFI consoles.
See also: http://bsdimp.blogspot.com/2018/07/how-to-get-memory-mapped-serial-console.html
axgbe: XXX leftovers to figure out
axgbe: several patches from 22.1 not yet present in FreeBSD
axgbe: remove old annotations and a bit of whitespace cleanup
This is a stub from applying f45a2d1e5a + b9eca9d898 on top of
the upstreamed changes. The enable_rss remove is correct and
looks like an oversight in the upstreaming. About the others
I'm not sure but since we have them on file here we can discuss
and rearrange.
axgbe: LED control for A30 platform
Since the I/O expander chip does not do a reset when soft power
cycling, the driver will first turn off all LEDs when initializing,
although no specific routine seems to be called when powering down.
This means that the LEDs will stay on until the driver has booted up,
after which the driver will be in a consistent state.
dummynet: passin after dispatch
Based on a patch originally found in m0n0wall, expanded
to IPv6 and aligned with FreeBSD's IP input path.
The limit may not be correctly accounted for on the WAN
interface due to dummynet counting the packet again even
though it was already processed.
The problem here is that there's no proper way to reinject
the packet at the point where it was previously removed
from so we make the assumption that ip input was already
done (including pfil) and more or less directly move to
packet output processing.
While here move the passin label up to take the extra check
but avoiding a second label. Also remove the spurious tag
read for forward check since we don't use it and we should
really trust the mbuf flag.
rss: add sysctl enable toggle
This commit also includes the original refactoring changes
This change allows the kernel to operate with the default netisr cpu-affinity settings while having RSS compiled in. Normally, RSS changes quite a bit of the behaviour of the kernel dispatch service - this change allows for reducing impact on incompatible hardware while preserving the option to boost throughput speeds based on packet flow CPU affinity.
Make sure to compile the following options in the kernel:
options RSS
As well as setting the following sysctls:
net.inet.rss.enabled: 1
net.isr.bindthreads: 1
net.isr.maxthreads: -1 (automatically sets it to the number of CPUs)
And optionally (to force a 1:1 mapping between CPUs and buckets):
net.inet.rss.bits: 3 (for 8 CPUs)
[5 lines not shown]
