HardenedBSD/src f4cd5cecddl/lib/libzfs Makefile, sys/dev/irdma irdma_hw.c irdma_cm.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+108-24sys/dev/irdma/irdma_hw.c
+18-41sys/kern/kern_prot.c
+2-36sys/dev/irdma/irdma_cm.c
+16-16cddl/lib/libzfs/Makefile
+1-29sys/dev/mlx5/mlx5_en/mlx5_en_main.c
+16-11sys/netlink/netlink_snl.h
+161-15760 files not shown
+392-42766 files

HardenedBSD/ports fc0bc88devel/cargo-deny distinfo Makefile, math/lean4 pkg-plist Makefile

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+1,525-288math/lean4/pkg-plist
+1,139-0multimedia/vlc/files/vlc-3.0.21-fedora_ffmpeg7-1.patch
+365-381devel/cargo-deny/distinfo
+393-0multimedia/vlc/files/vlc-3.0.21-ffmpeg8-1.patch
+183-192devel/cargo-deny/Makefile
+15-4math/lean4/Makefile
+3,620-86543 files not shown
+3,770-96649 files

HardenedBSD/src 7b6644esys/dev/irdma irdma_hw.c irdma_cm.c

irdma(4): fix potential memory leak on qhash cqp operation

It was found that in some circumstances when launching
non-waiting create qhash cqp operation the refcount on
the cqp_request may be not properly decremented leading to a memory
leak.

Signed-off-by: Bartosz Sobczak <bartosz.sobczak at intel.com>

Reviewed by:    anzhu_netapp.com
Tested by:      mateusz.moga_intel.com
Approved by:    kbowling (mentor)
MFC after:      1 week
Sponsored by:   Intel Corporation
Differential Revision:  https://reviews.freebsd.org/D53732
DeltaFile
+108-24sys/dev/irdma/irdma_hw.c
+2-36sys/dev/irdma/irdma_cm.c
+2-2sys/dev/irdma/icrdma.c
+2-1sys/dev/irdma/irdma_main.h
+114-634 files

HardenedBSD/src d78231esys/dev/cxgbe/common t4_msg.h

cxgbe: Fix the RSS build

When "options RSS" is configured, opt_rss.h defines the "RSS" token.

PR:     291068
Fixes:  17b4a0acfaf5 ("cxgbe(4): T7 related updates to shared code")
DeltaFile
+1-1sys/dev/cxgbe/common/t4_msg.h
+1-11 files

HardenedBSD/ports 744fe5edevel/elfutils Makefile

HBSD: Disable HARDCFLAGS for devel/elfutils

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+1-1devel/elfutils/Makefile
+1-11 files

HardenedBSD/ports 1d2e67fdevel/cargo-deny distinfo Makefile

devel/cargo-deny: update 0.18.5 → 0.18.6
DeltaFile
+365-381devel/cargo-deny/distinfo
+183-192devel/cargo-deny/Makefile
+548-5732 files

HardenedBSD/ports e6e1219misc/claude-code distinfo Makefile

misc/claude-code: update 2.0.42 → 2.0.50
DeltaFile
+3-3misc/claude-code/distinfo
+1-1misc/claude-code/Makefile
+4-42 files

HardenedBSD/ports 2b14653net/fb303 distinfo Makefile

net/fb303: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3net/fb303/distinfo
+1-1net/fb303/Makefile
+4-42 files

HardenedBSD/ports d7692d2net/mvfst pkg-plist distinfo

net/mvfst: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+0-12net/mvfst/pkg-plist
+3-3net/mvfst/distinfo
+1-1net/mvfst/Makefile
+4-163 files

HardenedBSD/ports 8938892www/proxygen distinfo Makefile

www/proxygen: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3www/proxygen/distinfo
+1-1www/proxygen/Makefile
+4-42 files

HardenedBSD/ports 77ed2c4devel/folly distinfo Makefile

devel/folly: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3devel/folly/distinfo
+1-1devel/folly/Makefile
+1-0devel/folly/pkg-plist
+5-43 files

HardenedBSD/ports ecfba18math/lean4 pkg-plist Makefile, math/lean4/files patch-src_CMakeLists.txt patch-stage0_src_CMakeLists.txt

math/lean4: update 4.23.0 → 4.25.1
DeltaFile
+1,525-288math/lean4/pkg-plist
+15-4math/lean4/Makefile
+14-3math/lean4/files/patch-src_CMakeLists.txt
+14-3math/lean4/files/patch-stage0_src_CMakeLists.txt
+11-0math/lean4/files/patch-stage0_src_shell_CMakeLists.txt
+11-0math/lean4/files/patch-src_shell_CMakeLists.txt
+1,590-2983 files not shown
+1,603-3099 files

HardenedBSD/ports a046ef6devel/fatal distinfo Makefile

devel/fatal: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3devel/fatal/distinfo
+1-1devel/fatal/Makefile
+4-42 files

HardenedBSD/ports 0ec94f8devel/fbthrift distinfo pkg-plist

devel/fbthrift: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3devel/fbthrift/distinfo
+6-0devel/fbthrift/pkg-plist
+1-1devel/fbthrift/Makefile
+10-43 files

HardenedBSD/ports ea455d5net/wangle distinfo Makefile

net/wangle: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3net/wangle/distinfo
+1-1net/wangle/Makefile
+4-42 files

HardenedBSD/ports 8895794security/fizz distinfo Makefile

security/fizz: update 2025.11.17.00 → 2025.11.24.00
DeltaFile
+3-3security/fizz/distinfo
+1-1security/fizz/Makefile
+4-42 files

HardenedBSD/ports 69c8a95devel/gitleaks distinfo Makefile

devel/gitleaks: update 8.29.0 → 8.29.1
DeltaFile
+7-7devel/gitleaks/distinfo
+2-2devel/gitleaks/Makefile
+9-92 files

HardenedBSD/src 72a447dsys/vm vm_object.c

vm_object_page_remove(): clear pager even if there is no resident pages

Swap pager might still carry the data.

Debugging help from:    mmel
Reviewed by:    alc
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D53891
DeltaFile
+2-1sys/vm/vm_object.c
+2-11 files

HardenedBSD/ports 603c652multimedia/smpeg/files patch-plaympeg.c

HBSD: Fix HARDCFLAGS for multimedia/smpeg

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+11-0multimedia/smpeg/files/patch-plaympeg.c
+11-01 files

HardenedBSD/ports c3eb8b8databases/cego distinfo Makefile, devel/lfcbase distinfo Makefile

devel/lfcbase: 1.22.3 -> 1.22.4, databases/cego: 2.52.43 -> 2.52.44

- Warning elimination for G++ based compiles
DeltaFile
+3-3databases/cego/distinfo
+3-3devel/lfcbase/distinfo
+1-1devel/lfcbase/Makefile
+1-1databases/cego/Makefile
+8-84 files

HardenedBSD/ports 2353e6cmultimedia/vlc Makefile, multimedia/vlc/files vlc-3.0.21-fedora_ffmpeg7-1.patch vlc-3.0.21-ffmpeg8-1.patch

multimedia/vlc: fix build with ffmpeg8

Incorporate patches to fix build with ffmpeg 7 and 8

PR:             289056
Obtained from:  Linux From Scatch
DeltaFile
+1,139-0multimedia/vlc/files/vlc-3.0.21-fedora_ffmpeg7-1.patch
+393-0multimedia/vlc/files/vlc-3.0.21-ffmpeg8-1.patch
+3-0multimedia/vlc/Makefile
+1,535-03 files

HardenedBSD/src 8a766c9sys/dev/nvme nvme.h

nvme: Fix some comments

Tweak a couple of comments and fix a spelling error.

Sponsored by:           Netflix
DeltaFile
+2-3sys/dev/nvme/nvme.h
+2-31 files

HardenedBSD/ports 2da281csecurity/R-cran-digest distinfo Makefile

security/R-cran-digest: Update to 0.6.39

Change WWW to canonical form.

Changelog: https://cran.r-project.org/web/packages/digest/ChangeLog
DeltaFile
+3-3security/R-cran-digest/distinfo
+2-2security/R-cran-digest/Makefile
+5-52 files

HardenedBSD/ports b609de2lang/gcc16-devel Makefile

HBSD: Disable HardenedBSD features for lang/gcc16-devel

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+2-0lang/gcc16-devel/Makefile
+2-01 files

HardenedBSD/ports 6645dbclang/gcc15 Makefile

HBSD: Disable HardenedBSD features for lang/gcc15

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+2-0lang/gcc15/Makefile
+2-01 files

HardenedBSD/ports fad0a32lang/gcc14 Makefile

HBSD: Disable HardenedBSD features for lang/gcc14

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+2-0lang/gcc14/Makefile
+2-01 files

HardenedBSD/ports 045c4dflang/gcc12 Makefile

HBSD: Disable HARDCFLAGS for lang/gcc12

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+1-1lang/gcc12/Makefile
+1-11 files

HardenedBSD/src 828df4dsys/netlink netlink_snl.h

netlink: Fix overallocation of netlink message buffers

Prior to commit 0c511bafdd5b309505c13c8dc7c6816686d1e103, each time
snl_realloc_msg_buffer was called, it called snl_allocz to request a
new buffer.  If an existing linear buffer was used, then after the
call, the linear buffer effectively contained the old buffer contents
followed by the new buffer (so there was definitely wasted memory),
but the linear buffer state was consistent (lb->offset correctly
accounted for both copies).  For example, if the initial linear buffer
was 256 bytes in size, lb->size would be 256.  Using 16 bytes followed
by 32 bytes would first set lb->offset to 16, then the second realloc
would allocate 48 bytes (16 + 32) setting lb->offset to 64 (16 + 48).

Commit 0c511bafdd5b309505c13c8dc7c6816686d1e103 aimed to avoid this
memory waste by resetting the base pointer to the start of the
existing linear buffer if the new allocation was later in the same
linear buffer.  This avoided some of the waste, but broke the
accounting.  Using the same example above, the second realloc would
reuse the pointer at an offset of 0, but the linear buffer would still

    [20 lines not shown]
DeltaFile
+16-11sys/netlink/netlink_snl.h
+16-111 files

HardenedBSD/ports 701ffe1multimedia/webcamd/files patch-contrib_v4l2loopback_v4l2loopback.c

HBSD: Fix HARDCFLAGS for multimedia/webcamd

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+20-0multimedia/webcamd/files/patch-contrib_v4l2loopback_v4l2loopback.c
+20-01 files

HardenedBSD/src f7ab908sys/compat/freebsd32 freebsd32_misc.c, sys/sys ucred.h

freebsd32_setcred: Copy all of the setcred fields individually

This is the more typical style used in compat syscalls.  Modern
compilers are smart enough to coalesce multiple member assignments
into a bulk copy.

Reviewed by:    olce, brooks
Obtained from:  CheriBSD
Sponsored by:   AFRL, DARPA
Differential Revision:  https://reviews.freebsd.org/D53757
DeltaFile
+8-4sys/compat/freebsd32/freebsd32_misc.c
+0-2sys/sys/ucred.h
+8-62 files