FreeBSD/src bc59efccontrib/blocklist/bin blacklistd.c

blocklist: blacklist: Chase recent upstream changes

Upstream introduced a fix that avoids blocklistd(8) from running into an
endless loop when it tries to delete an address from the database which
has been added multiple times.

Apply the same fix to blacklistd(8).

Approved by:    re (cperciva)
Upstream PR:    https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=57193
MFC after:      2 days

(cherry picked from commit b502a451cbae6a85636c7b8375f5ee53caca4388)
(cherry picked from commit 528e1d14037af30003b4451ec6f1686ea674621f)
DeltaFile
+4-4contrib/blocklist/bin/blacklistd.c
+4-41 files

FreeBSD/src 4afb96fcontrib/blocklist/bin blocklistd.c state.c

MFV: Import blocklist 2025-10-26 (ff13526)

Merge commit 'df549a80425635d98419f7f742309d66d367e65f'

Changes:

https://github.com/zoulasc/blocklist/compare/156df4f...ff13526

Approved by:    re (cperciva)
MFC after:      2 days

(cherry picked from commit 34ffc7073f1786bae5e77593abd423ed31c10024)
(cherry picked from commit dfc4a7c10cf5923f21699e2217c969181c733be7)
DeltaFile
+4-4contrib/blocklist/bin/blocklistd.c
+3-3contrib/blocklist/bin/state.c
+1-1contrib/blocklist/bin/blocklistctl.8
+8-83 files

FreeBSD/src c4f2ac4contrib/blocklist/bin blacklistd.c blocklistctl.8

blocklist: blacklist: Chase recent upstream changes

Upstream introduced an extra column in blocklistctl(8) to display the
name of the rule associated in the database entry.

It is intended to avoid confusion when seemingly duplicate locations
appear in the output of the blocklistctl dump command.  Especially when
users are transitioning from the old nomenclature to the new one.

The latest patches will not be fully backported to blacklistctl(8), to
avoid breaking current scripts that may be parsing its output.  Also we
are slowly preparing to feature-freeze everything related to blacklist.

Approved by:    re (cperciva)
MFC:    2 days

(cherry picked from commit eae98e28a0e17f625e29f9849a4dc655636d9164)
(cherry picked from commit cd284c1e17eab4884cf4bc9479e8272af527f6b7)
DeltaFile
+8-10contrib/blocklist/bin/blacklistd.c
+5-1contrib/blocklist/bin/blocklistctl.8
+1-2contrib/blocklist/bin/blacklistctl.8
+14-133 files

FreeBSD/src 8ea3c27contrib/blocklist/bin blocklistd.c blocklistctl.c

MFV: Import blocklist 2025-10-25 (156df4f)

Merge commit '1ae0b2f3a242a48af2deef1e88649bf4a3a74e2f'

Changes:

https://github.com/zoulasc/blocklist/compare/8aa81bf...156df4f

Approved by:    re (cperciva)
MFC after:      2 days

(cherry picked from commit bcbe0a3c924e09c4d78514e3d16d493e3da54f83)
(cherry picked from commit cbd8e3a0049aa300e0a92481d4f5a095765269bf)
DeltaFile
+8-10contrib/blocklist/bin/blocklistd.c
+4-4contrib/blocklist/bin/blocklistctl.c
+2-3contrib/blocklist/bin/blocklistctl.8
+14-173 files

FreeBSD/src b39a387lib/libpfctl libpfctl.c, tests/sys/netpfil/pf anchor.sh

libpfctl: Fix displaying deeply nested anchors

Set the number of rulesets (i.e., anchors) directly attached to the
anchor and its path in pfctl_get_ruleset().

While here, add a test to document this behavior.

Approved by:    re (cperciva)
PR:             290478
Reviewed by:    kp
Fixes:          041ce1d690f1 ("pfctl: recursively flush rules and tables")
MFC after:      2 days
Differential Revision:  https://reviews.freebsd.org/D53358

(cherry picked from commit a943a96a50ba7e9d1e1935bdd18df0e11d158acb)
(cherry picked from commit 1c8a554f757de06f64e6fd0d86fc674a215ee314)
DeltaFile
+46-0tests/sys/netpfil/pf/anchor.sh
+3-0lib/libpfctl/libpfctl.c
+49-02 files

FreeBSD/src c37d958sys/kern kern_jail.c

jail: fix a regression that creates zombies when removing dying jails

When adding jail descriptors, I split sys_jail remove in two, and
didn't properly track jail held between them when a jail was dying.
This fixes that as well as cleaning up the logic behind it.

Approved by:    re (cperciva)
PR:             290217
Reported by:    David 'equinox' Lamparter <equinox at diac24.net>
Reviewed by:    markj
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D53200

(cherry picked from commit 78f70d4ff9dd4af2318b25023a7f55be7402ec60)
(cherry picked from commit 2d3c6a06edc3919455d1152f4ffaa60697e2c4f2)
DeltaFile
+10-11sys/kern/kern_jail.c
+10-111 files

FreeBSD/src 9620ee8sys/kern kern_jail.c

jail: fix an error condition that was returned without setting errno.

Approved by:    re (cperciva)
MFC after:      3 days

(cherry picked from commit 5f7d5709e0c242d5a5fa5516d6079433ee06c347)
(cherry picked from commit c6bf733736b505da1c353759a76d17a2ac54475a)
DeltaFile
+2-0sys/kern/kern_jail.c
+2-01 files

FreeBSD/src 87b73c2sbin/ipfw ipfw2.c

ipfw: Remove more unused IP_FW_* cases

All of the do_cmd() calls are in dummynet.c and specify the socket
option at compile time; none of these removed cases are used in ipfw
after the v3 work.

Approved by:    re (cperciva)
Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53378

(cherry picked from commit 0e2e0fb955adf15a217949bc4cc337d53d2c7259)
(cherry picked from commit 6b1e5d4d20a94b5bebd726eb6d1df8dca2738f8e)
DeltaFile
+1-5sbin/ipfw/ipfw2.c
+1-51 files

FreeBSD/src 37580e6sbin/ipfw ipfw2.c

ipfw: Remove IP_DUMMYNET_GET case

IP_DUMMYNET_GET is no longer used in ipfw(1).

Approved by:    re (cperciva)
Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53348

(cherry picked from commit 28e52dea96809c7904e498759ee1f79bda929a82)
(cherry picked from commit 73c105268cc6138015241b080bc7945c6cde0fa6)
DeltaFile
+1-1sbin/ipfw/ipfw2.c
+1-11 files

FreeBSD/src a986bf1sbin/ipfw ipfw2.c

ipfw: Correct error message

The failed allocation in the error pertains to IP_FW_XADD, not
IP_FW_ADD.

Approved by:    re (cperciva)
Reviewed by:    ae
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53359

(cherry picked from commit 498e56142660c8dd864c878e820252358c9a15cf)
(cherry picked from commit c22437c8b574878241a3c897a095ae6939e66743)
DeltaFile
+1-1sbin/ipfw/ipfw2.c
+1-11 files

FreeBSD/src 883230asbin/ipfw dummynet.c

ipfw: Update warning/error setsockopt references

Dummynet v3 switched to IP_DUMMYNET3 but did not update these
warnings/errors.

Approved by:    re (cperciva)
Fixes: cc4d3c30ea28 ("Bring in the most recent version of ipfw and dummynet, developed")
Sponsored by:   The FreeBSD Foundation
Differential Revision: sbin/ipfw/ipfw2.c

(cherry picked from commit 1f95a517880bae5fc0a9fe4463a8f2ec36ed734a)
(cherry picked from commit a5dd21c7dd1f3c8103c2fc6a1caa5635d70671aa)
DeltaFile
+2-2sbin/ipfw/dummynet.c
+2-21 files

FreeBSD/src 6652930lib/libsys closefrom.2

closefrom.2: Add introduction of close_range to HISTORY

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53240

(cherry picked from commit 514fff24b19f69c5f22db380389128eb6bc32ea7)
(cherry picked from commit 243a8860190c1a452c4266cd8e6eda1a222c0912)
DeltaFile
+6-1lib/libsys/closefrom.2
+6-11 files

FreeBSD/src a085b67lib/libsys getrlimitusage.2

getrlimitusage.2: Update HISTORY section

Add 14.2, as this was cherry-picked prior to release.

Approved by:    re (cperciva)
Reported by:    Harald Eilertsen
Reviewed by:    kib
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53320

(cherry picked from commit 2387a51af235e4304c63f95465a569c878f49dcd)
(cherry picked from commit 87795ea45407355de4e36388ed6c02ef70b9241a)
DeltaFile
+2-2lib/libsys/getrlimitusage.2
+2-21 files

FreeBSD/src b17920ashare/man/man4 upgt.4

upgt.4: bump removal to 16.0

It was not actually removed prior to FreeBSD 15.0.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 0cd8754ad52bb8174b8a766708424a4c53b8fc96)
(cherry picked from commit 453766184d3c2d00e5be765a1a198eed2a1992a0)
DeltaFile
+2-2share/man/man4/upgt.4
+2-21 files

FreeBSD/src 392061bshare/man/man4 agp.4

agp.4: Bump deprecation to 16.0

It was not actually removed prior to FreeBSD 15.0.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit cadadd1a0398fdeaebf62ab4d092ada0e3eb68c8)
(cherry picked from commit 92f169fe0f197e4b7bf89583ce3fcfb37c5721ba)
DeltaFile
+2-2share/man/man4/agp.4
+2-21 files

FreeBSD/src 901603asys/cam/ata ata_da.c, sys/cam/scsi scsi_da.c

cam: Bump deprecated sysctl removal to 16

The descriptions for these unmapped_io and rotating sysctls indicated
that they're deprecated and being removed for FreeBSD 15.0.  That did
not happen, so update to FreeBSD 16 instead.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit e93db9abc9a62d662c40d783663d64cdb829a0cc)
(cherry picked from commit 469ab88d107c05ab533a15d4014d1a97b5a13c86)
DeltaFile
+2-2sys/cam/ata/ata_da.c
+2-2sys/cam/scsi/scsi_da.c
+4-42 files

FreeBSD/src c2c8f9dsys/isa isa_common.c

sys: Bump non-ISA PNP removal to 16.0

This may include atkbdc, which is not being removed in 15.0.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 46f982122c0d670ac181b748a5b8c2b221f61517)
(cherry picked from commit db84583a939f3d678a0c3f5e2ec599c7f9964118)
DeltaFile
+1-1sys/isa/isa_common.c
+1-11 files

FreeBSD/src 1dc5e05sys/kern kern_conf.c

sys: Bump GIANT device removal to 16.0

It did not happen prior to FreeBSD 15.0.

Approved by:    re (cperciva)
Reported by:    zlei
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 24adb135c5fe8d5018781d496e0abae914534ce5)
(cherry picked from commit 8e276f22bd5dc43799e3b32e55326aca3fa10a54)
DeltaFile
+1-1sys/kern/kern_conf.c
+1-11 files

FreeBSD/src d67ed83share/man/man4 le.4, sys/dev/le lance.c

le(4): Update depreciation notice

This driver was in fact not removed prior to FreeBSD 15.0.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit e4d6433e9c0379e164ff50ce829b5b1c0716bcb1)
(cherry picked from commit 59ba7278499f0ee20fd9c43a34bb2b72ae57dcbb)
DeltaFile
+2-2share/man/man4/le.4
+1-1sys/dev/le/lance.c
+3-32 files

FreeBSD/src 61d4640sbin/fdisk fdisk.8 fdisk.c

fdisk: Bump removal to FreeBSD 16.0

Removal did not happen prior to 15.0.

Approved by:    re (cperciva)
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit f817f6e7f4a8dc507f3e1b1603dfd2d81093e3bd)
(cherry picked from commit 739750ae7c63c653025ad84cac6ba7cb6756dcf8)
(cherry picked from commit 2be4c64a0d27a9136cc05c9bdf7a45162339aa69)
DeltaFile
+2-2sbin/fdisk/fdisk.8
+1-1sbin/fdisk/fdisk.c
+3-32 files

FreeBSD/src 81a98c3sys/dev/netmap netmap_freebsd.c

netmap: Fix error handling in nm_os_extmem_create()

We bump the object reference count prior to mapping it into the kernel
map, at which point the vm_map_entry owns the reference.  Then, if
vm_map_wire() fails, vm_map_remove() will release the reference, so we
should avoid decrementing it in the error path.

Approved by:    re (cperciva)
Reported by:    Ilja van Sprundel <ivansprundel at ioactive.com>
Reviewed by:    vmaffione
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D53066

(cherry picked from commit dfc1041c08ba32f24b8050b4d635a0bbbfd9b767)
(cherry picked from commit 6e1f47765d3cf425b2b0e56d79f38b94aa107e71)
DeltaFile
+1-0sys/dev/netmap/netmap_freebsd.c
+1-01 files

FreeBSD/src c40e634release/tools vmimage.subr

release: Use PKG_CMD when installing pkgbase packages in vmimage.subr

This defaults to plain "pkg", but being able to override it is useful
when testing pkg itself.

Approved by:    re (cperciva)
Reviewed by:    cperciva
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D53307

(cherry picked from commit bbe65c5e8c0e89ec14cb5d00153691850dadb859)
(cherry picked from commit 79fbc4ccb6c650db5c0d6c72e5e4a682e4600bbc)
DeltaFile
+1-1release/tools/vmimage.subr
+1-11 files

FreeBSD/src a91a62csys/amd64/pt pt.c

pt: Switch to swi(9)

The pt hwt(4) backend uses NMIs to receive updates about the latest t
racing buffer offsets from the tracing hardware. However, it uses
taskqueue(9) to schedule the bottom-half handler. This can lead to
a panic since the taskqueue(9) code isn't aware it's being called
from an NMI context and uses the regular scheduling interfaces.

Fix this by scheduling the bottom-half handler using swi(9) and the
SWI_FROMNMI flag.

Approved by:    re (cperciva)
Fixes:  310162ea218a
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D52491

(cherry picked from commit 96d82d2d133acaf8effa2e3aee546276e39ff9f2)
(cherry picked from commit 56b4719076b654726a9d40144e3fa7917d2a4376)
DeltaFile
+125-100sys/amd64/pt/pt.c
+125-1001 files

FreeBSD/src 3c8ae8bsys/arm/include ieeefp.h

sys/arm: add fp[gs]et* prototypes to <ieeefp.h>

We have provided implementations for hard float of these for
a while now.  Add them to the header to make things official.
This is required for a bunch of legacy programs in ports.

Approved by:    re (cperciva)
Approved by:    markj (mentor)
MFC after:      1 week
Differential Revision: https://reviews.freebsd.org/D53156

(cherry picked from commit a8079d40ae7f3cee17c94e61e43c24780a64a010)
(cherry picked from commit af39e511ee158edc469f2f73aaa5bc5af872c747)
DeltaFile
+10-0sys/arm/include/ieeefp.h
+10-01 files

FreeBSD/src 245d95csys/arm64/arm64 elf32_machdep.c

sys/arm64: fix COMPAT_FREEBSD32 __syscall()

It seems like _QUAD_LOWWORD was incorrectly expanded into 1,
which is correct for big endian but not little endian.  This
means we always grab the padding word for the syscall number,
which is usually 0, causing SIGSYS to be delivered to the caller.
Reintroduce _QUAD_LOWWORD to fix the syscall.

Approved by:    re (cperciva)
PR:             290411
MFC after:      1 week
Discussed with: jrtc27
Reviewed by:    cognet, emaste
Approved by:    markj (mentor)
Fixes:          8c9c3144ccfa3061879b8cec015ee7d1010e4766
Differential Revision:  https://reviews.freebsd.org/D53250

(cherry picked from commit 1ca09538d94273601dac08204c1d0b3ca9115864)
(cherry picked from commit c824960b89af082e5f083c0c4f141965d203eaa1)
DeltaFile
+1-1sys/arm64/arm64/elf32_machdep.c
+1-11 files

FreeBSD/src 71f94c1sys/netinet tcp_syncache.c

tcp: improve credential handling in syncache

When adding a syncache entry, take a reference count of the
credentials while the inp is still locked.
Thanks to markj@ for providing a hint regarding the root cause.

Approved by:    re (cperciva)
Reported by:            David Marker
Reviewed by:            glebius
Tested by:              David Marker
Fixes:                  cbc9438f0505 ("tcp: improve ref count handling when processing SYN")
Sponsored by:           Netflix, Inc.
Differential Revision:  https://reviews.freebsd.org/D53380

(cherry picked from commit 44cb1e857f048d2326bdc1a032ccd2c04d2bcdc9)
(cherry picked from commit 9611bf2fed71ca62161249630f98e7eac06eff6b)
DeltaFile
+9-5sys/netinet/tcp_syncache.c
+9-51 files

FreeBSD/src 54da444sys/netinet udp_usrreq.c

udp: honor IPV6_TCLASS cmsg for UDP/IPv4 packets

Honor the IPPROTO_IPV6-level cmsg of type IPV6_TCLASS when sending
an UDP/IPv4 packet on an AF_INET6 socket.

Approved by:    re (cperciva)
Reviewed by:            bz
Sponsored by:           Netflix, Inc.
Differential Revision:  https://reviews.freebsd.org/D53347

(cherry picked from commit d3a3854fdc6e8da3bc6c1c13aab8d371445d2914)
(cherry picked from commit e31ff080e5d55a0f4864177e9fc7b58e7083b095)
DeltaFile
+17-0sys/netinet/udp_usrreq.c
+17-01 files

FreeBSD/src bdbb235sys/netinet udp_usrreq.c

udp: honor IPV6_TCLASS socket option for UDP/IPv4 packets

Honor the IPPROTO_IPV6-level socket option IPV6_TCLASS when sending
an UDP/IPv4 packet on an AF_INET6 socket.

Approved by:    re (cperciva)
Reviewed by:            bz, glebius
Sponsored by:           Netflix, Inc.
Differential Revision:  https://reviews.freebsd.org/D53346

(cherry picked from commit 3535546a86846ddb0ca5fe4a0689ac635b504459)
(cherry picked from commit 8f5162f6fc1c8ac9abc55028561bb5b855fe61b8)
DeltaFile
+12-0sys/netinet/udp_usrreq.c
+12-01 files

FreeBSD/ports 7e35473www/webtrees21 pkg-plist Makefile

www/webtrees21: Update to 2.1.25

Add flavors option to USES=php.
Sort pkg-plist.
Pet portlint.

PR:             288999
Approved by:    submitter is maintainer
DeltaFile
+160-371www/webtrees21/pkg-plist
+5-4www/webtrees21/Makefile
+3-3www/webtrees21/distinfo
+168-3783 files

FreeBSD/ports 9b0a504multimedia/elementary-videos Makefile distinfo

multimedia/elementary-videos: Update to 8.0.2

While here:
- Fix LICENSE
- Switch to USES=gettext-tools

Changelog: https://github.com/elementary/videos/releases/tag/8.0.2

PR:             290019
Reported by:    Olivier Duchateau <duchateau.olivier at gmail.com>
Approved by:    Miguel Gocobachi <miguel at gocobachi.dev> (maintainer, timeout >3 weeks)
DeltaFile
+4-4multimedia/elementary-videos/Makefile
+3-3multimedia/elementary-videos/distinfo
+7-72 files