BSD Commit Log Search

[LoopInterchange] Reject if inner loop IV has outer-variant step

[mlir] Don't use shared_ptr reference. (#202703)

`const std::share_ptr<...>&` doesn't increase ref count which can easily
cause downstream user bugs with maintaining the life time of the object.
Remove `&` to kick in ref count.

OpenSSL: update MAINTAINERS/CODEOWNERS

I've been the quasi-defacto component maintainer for OpenSSL since
14.0-RELEASE. Make it official via CODEOWNERS/MAINTAINERS.

The goal is to help guide those interested in making changes in this
space to solicit my input with the new vendor import process and
coordinate fixes with upstream until things are at a point where most of
this is automated a system of automated checks and balances to confirm
that the updates being made to the component help maintain a security
supply chain for this given component.

Thank you benl and jkim for your past efforts in this component area.
Hopefully I can do my part to help improve this critical space further
as you both did in your respective tenures.

MFC after:      3 days

remove service configuration page for daap

www/py-yubal-api: New port: Self-hosted YouTube Music downloader (API)

yubal is a self-hosted YouTube Music downloader. Paste a link, get
a tagged, organized library.

Scheduled sync. Smart deduplication. Media server ready. Browser
extension included.

WWW: https://github.com/guillevc/yubal/

devel/py-ytmusicapi: New port: Unofficial API for YouTube Music

ytmusicapi is a Python 3 library to send requests to the YouTube
Music API. It emulates YouTube Music web client requests using the
user's cookie data for authentication.

WWW: https://github.com/sigma67/ytmusicapi

www/py-yubal: New port: Self-hosted YouTube Music downloader

yubal is a self-hosted YouTube Music downloader. Paste a link, get
a tagged, organized library.

Scheduled sync. Smart deduplication. Media server ready. Browser
extension included.

WWW: https://github.com/guillevc/yubal/

cleanup firefly port

remove daap from license information

remove daap from menu

remove service daap

[test][Support] Disable CFI-icall for DynamicLibrary Overload test (#202446) (#202684)

The test performs manual symbol lookup and calls, which triggers
Control Flow Integrity indirect call checks.

Reland of #202446 reverted with #202550.

Here we are going to use LLVM_NO_SANITIZE.

brush-shell: Bug submit to upstream

net/ipv6calc-4.4.0: Trying to make it working

remove section daap from default config.xml

[InstCombine] Move nonnull assumptions to the base of a gep (#195650)

Alive2 proof: https://alive2.llvm.org/ce/z/2TkRyt

   New OpenSSL

openssl: import 3.5.7

This change adds OpenSSL 3.5.7 from upstream [1].

The 3.5.7 artifact was been verified via PGP key [2] and by SHA256 checksum [3].

This change is a security release which resolves several issues with OpenSSL 3.5,
the highest severity issue being ranked "High". Users are strongly encouraged to
update to this release.

More information about the release (from a high level) can be found in
the release notes [4].

Updated via [5] with `update_openssl.sh 3.5.7`.

Approved by:    so (gordon; implicit)

1. https://github.com/openssl/openssl/releases/download/openssl-3.5.7/openssl-3.5.7.tar.gz
2. https://github.com/openssl/openssl/releases/download/openssl-3.5.7/openssl-3.5.7.tar.gz.asc

    [3 lines not shown]

   new OpenSSL man page

   merge changes between OpenSSL 3.5.6 and 3.5.7

[JumpThreading] Fix lifetime markers when alloca requires SSA renaming (#188147)

JumpThreading can create PHI nodes for alloca values when threading
across blocks. This violates the requirement introduced in #149310 that
lifetime.start/end intrinsics must operate directly on allocas.

After SSA reconstruction, check if any lifetime marker for an alloca now
points to a PHI node. If so, drop all lifetime markers for that alloca.

Fixes #167733

[FIR] add a fir.shape_extents operation (#199361)

Add fir.shape_extents op. This takes a !fir.shape<n> and unpacks it into
n integer SSA values (one per dimension, row-to-column order). This
supports lowering when extent values are needed but the defining
fir.shape is not visible.

FIRToMemRef now inserts fir.shape_extents when recovering extents from a
shape operand that is not a direct fir.shape / fir.shape_shift /
existing fir.shape_extents result (e.g. block arguments from
fir.select_case).

Also allow live fir.shape values at fir-to-llvm lowering: !fir.shape<n>
maps to an n-field i64 LLVM struct, and live fir.shape ops lower via
llvm.undef + llvm.insertvalue. fir.shape_extents lowers via
llvm.extractvalue (+ cast to index).

In the original path, cg-rewrite still fuses shape-bearing fir.embox /
fir.array_coor into fircg.* forms and shapes remain dead before LLVM

    [10 lines not shown]

[lldb] Extract Mach-O export trie parsing into MachOTrie.{h,cpp} (NFC) (#202735)

ParseTrieEntries and its TrieEntry helpers were file-local statics in
ObjectFileMachO.cpp, unreachable from tests. Move them into a
self-contained translation unit (depending only on lldbUtility) so the
parser can be exercised in isolation.

[clang][Darwin] Canonicalize DriverKit platform between DriverKit 26<->27 (#202690)

* Canonicalize driverkit26 to 27 in availability & deployment
versioning.
* Make darwin27 and later map 1:1 to the same macOS major version.

Resolves: rdar://178548081

Reapply "[Clang] Set default LTO mode for AMDGCN/SPIR-V targets to full" (#202714) (#202736)

This reverts commit 655462209f3444ecaf526de6e1df2a84d5e54e4b.

ldns: Fix query response validation

Approved by:    so
Security:       FreeBSD-SA-26:36.ldns
Security:       CVE-2026-10846

openssl: Fix multiple vulnerabilities

This is a rollup commit from upstream to fix:
  Reject oversized inputs in ASN1_mbstring_ncopy()
  cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation
  cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation
  Avoid length truncation in ASN1_STRING_set
  pkcs12: verify that the pbmac1 key length is safe
  Reject potentially forged encrypted CMS AuthEnvelopedData messages
  QUIC stack must limit the number of PATH_CHALLENGE frames processed in RX
  Fix NULL dereference in QUIC address validation
  Fix potential NULL dereference processing CMS PasswordRecipientInfo
  Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt()
  Enforce implicit rejection for CMS/PKCS#7 decryption
  Use the correct issuer when validating rootCAKeyUpdate
  Match the local q DHX parameter against the peer's q
  Apply the buffered IV on the AES-OCB EVP_Cipher() path
  Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV
  Fix possible use-after-free in OpenSSL PKCS7_verify()

    [19 lines not shown]

imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images

Otherwise an unprivileged user can disable randomization of the base
address for PIEs even if they are setugid.

Add a regression test.

Approved by:    so
Security:       FreeBSD-SA-26:32.elf
Security:       CVE-2026-49414
Reported by:    David Berard
Reviewed by:    kib
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D57397

linux: Correct the issetugid check in copyout_auxargs

The runtime linker in glibc relies on the AT_SECURE auxv entry to know
whether the executable is set-ugid, if so then various dangerous
functionality such as LD_PRELOAD is disabled.

The check added in commit 669414e4fb74 failed to take into account the
fact that during execve, P_SUGID may not yet be set for a set-ugid
process.  Correct the test.

Approved by:    so
Security:       FreeBSD-SA-26:30.linux
Security:       CVE-2026-49413
Reported by:    Minseong Kim
Fixes:          669414e4fb74 ("Implement AT_SECURE properly.")
Reviewed by:    kib
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D57350

sound: Fix software buffer lifetime issues

The channel buffer mapped by dsp_mmap_single() may be freed when the
device handle is closed, but the mapping persists beyond that, allowing
userspace to read or write memory owned by a different consumer.

Fix the problem by adding a reference counter to the sound buffer.
Define pager ops for the VM object returned by dsp_mmap_single() and use
them to manage the extra reference.

Add a regression test.

Approved by:    so
Security:       FreeBSD-SA-26:27.sound
Security:       CVE-2026-49417
Reported by:    Lexpl0it, 75Acol, Liyw979, Rob1n
Reviewed by     kib
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D57393