HardenedBSD/src 1466806crypto/openssl/doc/man1 openssl-ciphers.pod.in, secure/usr.bin/openssl/man openssl-ciphers.1

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+0-2,323sys/contrib/zstd/doc/educational_decoder/zstd_decompress.c
+0-2,237sys/contrib/zstd/doc/zstd_manual.html
+0-1,771sys/contrib/zstd/doc/zstd_compression_format.md
+0-1,018sys/contrib/zstd/zlibWrapper/examples/zwrapbench.c
+442-346secure/usr.bin/openssl/man/openssl-ciphers.1
+438-329crypto/openssl/doc/man1/openssl-ciphers.pod.in
+880-8,0241,241 files not shown
+6,287-17,6091,247 files

HardenedBSD/src 1f54e7dshare/man/man4 nlsysevent.4, stand/efi/loader/arch/amd64 trap.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+132-0share/man/man4/nlsysevent.4
+54-40sys/dev/virtio/block/virtio_blk.c
+59-29stand/efi/loader/arch/amd64/trap.c
+0-7sys/dev/hwpmc/hwpmc_mod.c
+4-2tests/sys/arch/Makefile
+4-2sys/dev/hwpmc/hwpmc_ibs.c
+253-806 files not shown
+258-8812 files

HardenedBSD/ports d0e7340graphics/embree pkg-plist, mail/postfix-current/files extra-patch-blocklistd

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+149-127graphics/embree/pkg-plist
+164-0mail/postfix-current/files/extra-patch-blocklistd
+163-0mail/postfix/files/extra-patch-blocklistd
+96-0ports-mgmt/appstream-generator/files/patch-backend
+41-0sysutils/nut/files/patch-configure
+0-34sysutils/nut/files/patch-configure.ac
+613-16136 files not shown
+802-29142 files

HardenedBSD/src 72d701eshare/man/man4 nlsysevent.4 Makefile

nlsysevent: add manpage

Reviewed by:    des
DeltaFile
+132-0share/man/man4/nlsysevent.4
+1-0share/man/man4/Makefile
+133-02 files

HardenedBSD/ports f875594security/stunnel distinfo Makefile

security/stunnel: Update to 5.78
DeltaFile
+3-3security/stunnel/distinfo
+1-1security/stunnel/Makefile
+4-42 files

HardenedBSD/ports a32e4absysutils/nut Makefile, sysutils/nut/files patch-configure patch-configure.ac

sysutils/nut: Replace ./configure.ac patch with ./configure

Replace ./configure.ac patch with a ./configure patch. We do not use
autoconf.sh with the non-devel port. Therefore backport configure.ac
to ./configure. This addresses missing nut group configuration on
FreeBSD 13.5.

PR:     294350
Fixes:  64fec1e56b44
DeltaFile
+41-0sysutils/nut/files/patch-configure
+0-34sysutils/nut/files/patch-configure.ac
+1-0sysutils/nut/Makefile
+42-343 files

HardenedBSD/ports 8d37932www/gohugo distinfo Makefile

www/gohugo: Update to 0.161.1

ChangeLog: https://github.com/gohugoio/hugo/releases/tag/v0.160.1

 * Fix panic when passthrough elements are used in headings
 * Fix panic on edit of legacy mapped template names that's also a valid path in the new setup
 * Fix RenderShortcodes leaking context markers when indented
 * Strip nested page context markers from standalone RenderShortcodes
 * Rename deprecated cascade._target to cascade.target in tests
 * Fix auto-creation of root sections in multilingual sites
 * readme: Fix links

Approved by:    doceng@ (implicit)
DeltaFile
+5-5www/gohugo/distinfo
+1-1www/gohugo/Makefile
+6-62 files

HardenedBSD/src c622499sys/compat/freebsd32 freebsd32_misc.c

freebsd32: Fix freebsd11_nstat copyout condition

freebsd11_freebsd32_nstat() invoked copyout(2) when
freebsd11_cvtnstat32() failed and skipped copyout on success. This is
backwards.

Fix this to match freebsd11_freebsd32_nlstat() and freebsd11_nstat(),
and only copy the nstat32 result to userspace when conversion succeeds.

Signed-off-by:  Weixie Cui <cuiweixie at gmail.com>
Reviewed by:    mhorne
MFC after:      1 week
Pull Request:   https://github.com/freebsd/freebsd-src/pull/2109
DeltaFile
+1-1sys/compat/freebsd32/freebsd32_misc.c
+1-11 files

HardenedBSD/ports 51342bbdevel/arduino-irremote distinfo Makefile

devel/arduino-irremote: Update to 4.7.1

Changes since 4.7.0:

 - Changed wrong &Serial to aSerial at 2 places.

Reported by:    github
DeltaFile
+3-3devel/arduino-irremote/distinfo
+1-1devel/arduino-irremote/Makefile
+4-42 files

HardenedBSD/src f86ba3esys/dev/hwpmc hwpmc_ibs.c

hwpmc: prevent IBS fetch from getting stuck

Both fetch and op IBS sampling have the same problem where we need to
rewrite the control MSR to ensure sampling continues at the correct
rate.  I also like this because it resets the counter reducing the
chances that we collect a sample inside the NMI handler.

Reported by:    Aalok Agarwal
Reviewed by:    mhorne
Sponsored by:   Netflix
Fixes:  e51ef8ae490f ("hwpmc: Initial support for AMD IBS")
Pull Request:   https://github.com/freebsd/freebsd-src/pull/2130
DeltaFile
+2-0sys/dev/hwpmc/hwpmc_ibs.c
+2-01 files

HardenedBSD/src 7a1aacasys/dev/hwpmc hwpmc_ibs.c hwpmc_ibs.h

hwpmc: Fix bug when stopping ibs-op

In ibs_stop_pmc I accidently cleared the fetch max count value rather
than the op max count value, when stopping the op counter.  This
mitigates a bug in early pre-zen processors, but breaks using both
counters simultaneously.  I also found that the max op count mask needs
to be extended for recent zen processors.

Reported by:    Andre Fernando da Silva
Reviewed by:    mhorne
Sponsored by:   Netflix
Fixes:  e51ef8ae490f ("hwpmc: Initial support for AMD IBS")
Pull Request:   https://github.com/freebsd/freebsd-src/pull/2120
DeltaFile
+2-2sys/dev/hwpmc/hwpmc_ibs.c
+1-1sys/dev/hwpmc/hwpmc_ibs.h
+3-32 files

HardenedBSD/src 187482busr.sbin/bsdinstall/scripts mirrorselect

HBSD: Resolve merge conflict

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+0-74usr.sbin/bsdinstall/scripts/mirrorselect
+0-741 files

HardenedBSD/src b5dd3e4crypto/openssl/doc/man1 openssl-ciphers.pod.in, secure/usr.bin/openssl/man openssl-ciphers.1

Merge remote-tracking branch 'internal/freebsd/current/main' into hardened/current/master

Conflicts:
        usr.sbin/bsdinstall/scripts/mirrorselect (unresolved)
DeltaFile
+0-2,323sys/contrib/zstd/doc/educational_decoder/zstd_decompress.c
+0-2,237sys/contrib/zstd/doc/zstd_manual.html
+0-1,771sys/contrib/zstd/doc/zstd_compression_format.md
+0-1,018sys/contrib/zstd/zlibWrapper/examples/zwrapbench.c
+442-346secure/usr.bin/openssl/man/openssl-ciphers.1
+438-329crypto/openssl/doc/man1/openssl-ciphers.pod.in
+880-8,0241,229 files not shown
+6,102-17,5201,235 files

HardenedBSD/src 2f3dcbbsys/dev/hwpmc hwpmc_mod.c

hwpmc: Fix compile warning

.../sys/dev/hwpmc/hwpmc_mod.c:4640:1: warning: unused function 'pmc_is_multipart' [-Wunused-function]
 4640 | pmc_is_multipart(struct pmc_sample *ps)
      | ^~~~~~~~~~~~~~~~
1 warning generated.

Reviewed by:    mhorne
Fixes:          e51ef8ae490f - main - hwpmc: Initial support for AMD IBS
Sponsored by:   Chelsio Communications
Differential Revision:  https://reviews.freebsd.org/D56296
DeltaFile
+0-7sys/dev/hwpmc/hwpmc_mod.c
+0-71 files

HardenedBSD/ports 65b43c6ports-mgmt/appstream-generator Makefile pkg-plist, ports-mgmt/appstream-generator/files patch-contrib_setup_build__js.sh

ports-mgmt/appstream-generator: Install JavaScript assets
DeltaFile
+18-2ports-mgmt/appstream-generator/Makefile
+19-0ports-mgmt/appstream-generator/pkg-plist
+16-0ports-mgmt/appstream-generator/files/patch-contrib_setup_build__js.sh
+3-1ports-mgmt/appstream-generator/distinfo
+56-34 files

HardenedBSD/src f916091share/man/man7 tuning.7

tuning.7: Fix suds typo in manual pages

MFC after:              3 days
Fixes:                  fc32c802158f Add two new manual pages
Differential Revision:  https://reviews.freebsd.org/D55814
DeltaFile
+2-2share/man/man7/tuning.7
+2-21 files

HardenedBSD/src 8672683tests/sys/arch Makefile Makefile.inc

test/sys/arch: Fix arch without test/sys/arch/${MACHINE_ARCH}

Fixes:          0ddaa4c86d68 ("arm64: Add arm64 SVE tests")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+4-2tests/sys/arch/Makefile
+0-2tests/sys/arch/Makefile.inc
+4-42 files

HardenedBSD/ports d15be6bnet-im/nchat distinfo Makefile

net-im/nchat: update: 5.13.17 -> 5.14.44

ChangeLog:      https://github.com/d99kris/nchat/compare/v5.13.17...v5.14.44

Sponsored by:   tipi.work
DeltaFile
+3-3net-im/nchat/distinfo
+1-1net-im/nchat/Makefile
+4-42 files

HardenedBSD/ports 82ed253games/openbve distinfo pkg-plist

games/openbve: update OpenBVE to version 1.12.1.3

Reported by:    portscout
DeltaFile
+3-3games/openbve/distinfo
+3-0games/openbve/pkg-plist
+1-1games/openbve/Makefile
+7-43 files

HardenedBSD/ports 547f637ports-mgmt/appstream-generator Makefile, ports-mgmt/appstream-generator/files patch-backend patch-src_backends_freebsd_fbsdpkg.cpp

ports-mgmt/appstream-generator: Pull more patches from upstream
DeltaFile
+96-0ports-mgmt/appstream-generator/files/patch-backend
+0-11ports-mgmt/appstream-generator/files/patch-src_backends_freebsd_fbsdpkg.cpp
+0-11ports-mgmt/appstream-generator/files/patch-src_backends_freebsd_fbsdpkgindex.cpp
+1-1ports-mgmt/appstream-generator/Makefile
+97-234 files

HardenedBSD/ports 12c4babx11-toolkits/gtk40 distinfo Makefile

x11-toolkits/gtk40: update to 4.20.4

PR:             294204
DeltaFile
+3-3x11-toolkits/gtk40/distinfo
+2-3x11-toolkits/gtk40/Makefile
+5-62 files

HardenedBSD/src 0dd9c4atools/build Makefile

tools/build/Makefile: Always add md4.h to SYSINCS

Since libmd was added to the bootstrap, building main on stable/14
fails because of an incompatibility in its old md4.h.  Fix this by
always including md4.h in the bootstrap headers, instead of only
doing so when building on a non-FreeBSD host.

Fixes:          50de0bf50512 ("flua: Always build as a bootstrap tool")
Reported by:    olce
Reviewed by:    olce, kevans
Sponsored by:   https://www.patreon.com/bsdivy
Differential Revision:  https://reviews.freebsd.org/D56327
DeltaFile
+0-2tools/build/Makefile
+0-21 files

HardenedBSD/ports b1d03d5security/boringssl distinfo Makefile, security/boringssl/files patch-CMakeLists.txt

security/boringssl: update to the recent snapshot

Sponsored by:   tipi.work
DeltaFile
+15-17security/boringssl/distinfo
+7-11security/boringssl/Makefile
+3-3security/boringssl/files/patch-CMakeLists.txt
+25-313 files

HardenedBSD/ports 1155482dns/aardvark-dns distinfo Makefile

dns/aardvark-dns: update: 1.17.0 -> 1.17.1

ChangeLog:      https://github.com/containers/aardvark-dns/compare/v1.17.0...v1.17.1

Sponsored by:   tipi.work
DeltaFile
+3-3dns/aardvark-dns/distinfo
+1-2dns/aardvark-dns/Makefile
+4-52 files

HardenedBSD/src f542095sys/dev/virtio/block virtio_blk.c

virtio_blk: Fix initialisation of dump request structure

Commit c8c37141 ("virtio_blk: Use bus_dma for command/ack buffer
allocations") failed to update initialisation of the dedicated dump
request structure. This caused a panic on attempting to dump core to a
virtio_blk device.

Reviewed by:    asomers
Sponsored by:   Arm Ltd
Pull Request:   https://reviews.freebsd.org/D56156
DeltaFile
+54-40sys/dev/virtio/block/virtio_blk.c
+54-401 files

HardenedBSD/ports cee37a2graphics/embree pkg-plist Makefile

graphics/embree: update Intel Embree to version 4.4.1

Manpages were renamed upstream for consistency (section
3 is for library calls, section 4 is for special devices).

Test coverage numbers are the same as were previously:

  Tests passed: 7423
  Tests failed: 1803
  Tests failed and ignored: 48

Reported by:    portscout
DeltaFile
+149-127graphics/embree/pkg-plist
+2-4graphics/embree/Makefile
+3-3graphics/embree/distinfo
+154-1343 files

HardenedBSD/src aacf448stand/efi/loader/arch/amd64 trap.c

loader.efi: panic() should show stack trace

Because panic() does provide mechanism to have architecture specific
panic call, we can instruct it to print out stack trace too
(in hope we actually can print). While there, also implement simple
check to detect loop in trace.

illumos issue: https://www.illumos.org/issues/17887
DeltaFile
+59-29stand/efi/loader/arch/amd64/trap.c
+59-291 files

HardenedBSD/ports c20098cnet/rustconn distinfo Makefile.crates

net/rustconn: Update to 0.10.13

ChangeLog:      https://github.com/totoshko88/RustConn/releases/tag/v0.10.13
Reported by:    "github-actions[bot]" <notifications at github.com>
DeltaFile
+7-7net/rustconn/distinfo
+2-2net/rustconn/Makefile.crates
+1-1net/rustconn/Makefile
+10-103 files

HardenedBSD/ports 11d6404mail/postfix Makefile, mail/postfix/files extra-patch-blocklistd

mail/postfix: Use BLOCKLIST instead of BLACKLIST

- Starting from FreeBSD version 1500000, prefer the new blocklist
  nomenclature.
- Enable TLSRPT by default

PR:             294083
DeltaFile
+163-0mail/postfix/files/extra-patch-blocklistd
+18-7mail/postfix/Makefile
+181-72 files

HardenedBSD/ports 773044amail/postfix-current Makefile distinfo, mail/postfix-current/files extra-patch-blocklistd extra-patch-blacklistd

mail/postfix-current: Update to 3.12-20260403

- Update to 3.12-20260403
- Use BLOCKLIST instead of BLACKLIST
- Enable TLSRPT by default

PR:             294084
DeltaFile
+164-0mail/postfix-current/files/extra-patch-blocklistd
+19-8mail/postfix-current/Makefile
+4-4mail/postfix-current/files/extra-patch-blacklistd
+3-3mail/postfix-current/distinfo
+190-154 files