HardenedBSD/src 3926ae9contrib/googletest/googletest/src gtest.cc

by Enji Cooper (ngie) on ⎇
gtest.cc: declare fail_if_no_test_linked flag

Clang's -Wmissing-variable-declarations flags this as an issue since the
flag is only used in `gtest.cc`. Declare the flag beforehand to ensure
that the variable scope is properly limited to `gtest.cc`.

MFC after:      1 week
MFC with:       46333229c6a0187ebf231805682ee0bceed704d1
Ref:            https://github.com/google/googletest/pull/4898
DeltaFile
+1-0contrib/googletest/googletest/src/gtest.cc
+1-01 files

HardenedBSD/src 4633322contrib/googletest/googlemock/include/gmock gmock-matchers.h, contrib/googletest/googlemock/test gmock-matchers-containers_test.cc gmock-matchers-arithmetic_test.cc

by Enji Cooper (ngie) on ⎇
GoogleTest: import 1.17.0

The changes between the two versions can be found in this diff of the
two release tags:
https://github.com/google/googletest/compare/v1.15.2...v1.17.0

One notable change is that GoogleTest 1.17.0 now requires C++-17 to
build.

MFC after:      1 week
Merge commit '3a4c29b5bed4ea20266ad9371fbfdc6bca088f92'
DeltaFile
+347-80contrib/googletest/googlemock/include/gmock/gmock-matchers.h
+317-19contrib/googletest/googlemock/test/gmock-matchers-containers_test.cc
+210-27contrib/googletest/googlemock/test/gmock-matchers-arithmetic_test.cc
+157-34contrib/googletest/googletest/src/gtest.cc
+131-5contrib/googletest/googlemock/test/gmock-matchers-comparisons_test.cc
+95-39contrib/googletest/googletest/include/gtest/gtest-param-test.h
+1,257-20455 files not shown
+2,688-92061 files

HardenedBSD/src 150bfd8sbin/pfctl parse.y, sbin/pfctl/tests/files pf1078.in pf1078.ok

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+32-0sys/net/if_ovpn.c
+25-0tests/sys/net/if_ovpn/if_ovpn.sh
+3-0sbin/pfctl/tests/files/pf1078.in
+1-1sbin/pfctl/parse.y
+1-1tools/build/mk/OptionalObsoleteFiles.inc
+2-0sbin/pfctl/tests/files/pf1078.ok
+64-21 files not shown
+65-27 files

HardenedBSD/src 48c3a93tools/build/mk OptionalObsoleteFiles.inc

by John Baldwin (jhb) on ⎇
OptionalObsoleteFiles.inc: Treat compat runtime loaders as libraries

Binaries require the runtime loader to use shared libraries, and
removing the runtime loader in `make delete-old` while leaving the
libraries around makes it impossible to use those shared libraries.
Treat rtld as a de facto dependency of shared libraries to ensure it
is not removed until the corresponding shared libraries are removed.

Differential Revision:  https://reviews.freebsd.org/D52210

(cherry picked from commit 8e1c85f03260ff9d214fcd99c7ad1a848e3ac23b)
DeltaFile
+1-1tools/build/mk/OptionalObsoleteFiles.inc
+1-11 files

HardenedBSD/src c59a47dshare/mk src.opts.mk

by Ed Maste (emaste) on ⎇
src.opts.mk: Enable LLDB by default globally

Previously it was enabled for all architectures except but RISC-V.
Upstream made significant progress on RISC-V support over the last
year[1], and although there's still some FreeBSD-specific work to do we
can start building it now.

[1] https://jonasdevlieghere.com/post/lldb-2025/

Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-5share/mk/src.opts.mk
+1-51 files

HardenedBSD/src 79b05e7sys/compat/linuxkpi/common/include/linux radix-tree.h, sys/compat/linuxkpi/common/src linux_radix.c linux_xarray.c

by Jean-Sébastien Pédron (dumbbell) on ⎇
linuxkpi: Add tag support to radix tree

The tag is used to perform lookup in a different way.

New functions were introduced:
* to set, check and clear a tag
* to walk through a radix tree based on a given tag

Furthermore, the `radix_tree_delete()` function was modified to clear
tags on deletion.

The amdgpu DRM driver started to use this in Linux 6.10.

While here, the `radix_tree_gang_lookup()` function was added because it
is very close to `radix_tree_gang_lookup_tag()`, but it is not used by
the DRM drivers as of this commit.

Reviewed by:    emaste
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54503
DeltaFile
+215-4sys/compat/linuxkpi/common/src/linux_radix.c
+25-4sys/compat/linuxkpi/common/include/linux/radix-tree.h
+2-2sys/compat/linuxkpi/common/src/linux_xarray.c
+242-103 files

HardenedBSD/src 20285casys/dev/virtio/network if_vtnet.c

by Cheng Cui (cc) on ⎇
vtnet: remove M_HASHTYPE when there is only one pair of rx/tx queue

Summary:
Doing so will let the upper layer know how to deal with software hash,
with benefits like inp_flowid can be set and m_pkthdr.flowid can be set
in output path.

Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D54929
DeltaFile
+10-2sys/dev/virtio/network/if_vtnet.c
+10-21 files

HardenedBSD/src 670b568contrib/capsicum-test linux.cc capability-fd.cc, tests/sys/capsicum linux.cc capability-fd.cc

by Ed Maste (emaste) on ⎇
capsicum-test: Move out of contrib

Google developed the Capsicum unit test suite[1] as part of the
Capsicum-Linux[2] project, based on unit tests that existed in FreeBSD
and unit tests developed as part of the initial Capsicum-Linux port.

Capsicum-Linux was archived as of October 31, 2022 and is no longer
being maintained.  FreeBSD is currently the only consumer of and
contributor to the test suite.  Move the src into tests/sys/capsicum to
simplify ongoing maintenance.

The makefiles were deleted as we (continue to) use the existing bespoke
FreeBSD Makefile, and CONTRIBUTING.md was removed as the Google CLA is
no longer applicable.

[1] https://github.com/google/capsicum-test
[2] https://github.com/google/capsicum-linux

Reviewed by:    asomers, oshogbo

    [2 lines not shown]
DeltaFile
+0-1,500contrib/capsicum-test/linux.cc
+1,500-0tests/sys/capsicum/linux.cc
+1,359-0tests/sys/capsicum/capability-fd.cc
+0-1,359contrib/capsicum-test/capability-fd.cc
+1,097-0tests/sys/capsicum/procdesc.cc
+0-1,097contrib/capsicum-test/procdesc.cc
+3,956-3,95662 files not shown
+8,915-9,07468 files

HardenedBSD/src 975c58alibexec/flua Makefile, libexec/flua/modules lposix.c

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+32-0sbin/ifconfig/tests/ifconfig.sh
+21-4usr.sbin/cpucontrol/cpucontrol.c
+6-10sbin/ifconfig/iffib.c
+8-4libexec/flua/modules/lposix.c
+2-1sbin/ifconfig/tests/Makefile
+0-1libexec/flua/Makefile
+69-206 files

HardenedBSD/src 768d2f2libexec/flua Makefile, libexec/flua/modules lposix.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+32-0sbin/ifconfig/tests/ifconfig.sh
+21-4usr.sbin/cpucontrol/cpucontrol.c
+6-10sbin/ifconfig/iffib.c
+8-4libexec/flua/modules/lposix.c
+2-1sbin/ifconfig/tests/Makefile
+0-1libexec/flua/Makefile
+69-206 files

HardenedBSD/src 59bbb62usr.sbin/cpucontrol cpucontrol.c

by Mark Johnston (markj) on ⎇
cpucontrol: Be more strict with input validation

Avoid truncating 32-bit values.  This would have saved me a bit of time
when I was looking at a cpuid leaf on my system and typed 0x80000001f
instead of 0x8000001f.

Reviewed by:    kib
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D54919
DeltaFile
+21-4usr.sbin/cpucontrol/cpucontrol.c
+21-41 files

HardenedBSD/src 2ea85a6sbin/ifconfig iffib.c, sbin/ifconfig/tests ifconfig.sh Makefile

by Mark Johnston (markj) on ⎇
ifconfig: Exit with a non-zero status when SIOCSIFFIB fails

Previously, setting an interface FIB to some invalid value would result
in a warning being printed, but the ifconfig command would exit with
status 0, but this is wrong.

Add a little regression test.

Reviewed by:    pouria, zlei, melifaro
MFC after:      2 weeks
Sponsored by:   Stormshield
Sponsored by:   Klara, Inc.
Differential Revision:  https://reviews.freebsd.org/D54918
DeltaFile
+32-0sbin/ifconfig/tests/ifconfig.sh
+6-10sbin/ifconfig/iffib.c
+2-1sbin/ifconfig/tests/Makefile
+40-113 files

HardenedBSD/src b41b6fdlibexec/flua Makefile, libexec/flua/modules lposix.c

by Kyle Evans (kevans) on ⎇
flua: lposix: fix WARNS=6 issues

lposix is the last holdout of modules built into flua until we can fix
the module design to have the right parts require()able.  Address a
valid bug in lua_read() found at a higher WARNS and drop the override
entirely.  Some of the modules could possibly be re-evaluated.

Fixes:  c2caf3b3313 ("flua: lposix: add more useful functions [...]")
Reported by:    des
Reviewed by:    des
Sponsored by:   Klara, Inc.
Sponsored by:   NetApp, Inc.
DeltaFile
+8-4libexec/flua/modules/lposix.c
+0-1libexec/flua/Makefile
+8-52 files

HardenedBSD/src 0734e0astand/common nvstore.c, stand/defaults loader.conf

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+5-7sys/dev/acpica/acpi.c
+4-1sys/dev/acpica/acpi_spmc.c
+1-1stand/libsa/zfs/zfs.c
+1-1stand/common/nvstore.c
+1-1stand/defaults/loader.conf
+1-1sys/dev/aic7xxx/ahc_pci.c
+13-121 files not shown
+14-127 files

HardenedBSD/src bd8af70stand/common nvstore.c, stand/defaults loader.conf

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+5-7sys/dev/acpica/acpi.c
+4-1sys/dev/acpica/acpi_spmc.c
+1-1stand/defaults/loader.conf
+1-1stand/common/nvstore.c
+1-1stand/libsa/zfs/zfs.c
+1-1sys/dev/aic7xxx/ahc_pci.c
+13-121 files not shown
+14-127 files

HardenedBSD/src 0cca627sys/dev/acpica acpi.c

by Olivier Certner (olce) on ⎇
acpi: Use AcpiGbl_FACS even on ACPI_REDUCED_HARDWARE

This has been possible since ACPICA 20240827, and is actually
a requirement to get out of S3 on ACPI_REDUCED_HARDWARE (that said, we
don't implement S3 on arm64 yet).

Relevant ACPICA commit:
https://github.com/acpica/acpica/commit/79cd933e7b370e8d3fb490bf36ca5d111a12f96a.

Reviewed by:    obiwac
MFC after:      2 weeks
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D54625
DeltaFile
+0-2sys/dev/acpica/acpi.c
+0-21 files

HardenedBSD/src 149e6c6sys/dev/acpica acpi_spmc.c

by Olivier Certner (olce) on ⎇
acpi_spmc(4): Fix compilation on 32-bit platforms

Fixes:          c5daa5a4c32c ("acpi_spmc: Add system power management controller driver")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+4-1sys/dev/acpica/acpi_spmc.c
+4-11 files

HardenedBSD/src 526c09asys/dev/acpica acpi.c

by Olivier Certner (olce) on ⎇
acpi: Use only AcpiGetSleepTypeData() to determine Sx support

Previously, we would first call AcpiEvaluateObject() to execute \_Sx
before calling AcpiGetSleepTypeData().  This was unnecessary, as
AcpiGetSleepTypeData() performs the same call itself.  While doing so,
the latter function logs any other error than AE_NOT_FOUND (which
indicates that a particular sleep state is not supported), which most
probably is an added benefit of this change.

Reviewed by:    obiwac
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D54624
DeltaFile
+5-5sys/dev/acpica/acpi.c
+5-51 files

HardenedBSD/src a9f7074sys/dev/aic7xxx ahc_pci.c

by Olivier Certner (olce) on ⎇
ahc(4): Fix a warning on i386 compilation

Fixes:          cd036e891a35 ("ahc_pci.c: If bus_dma...")
MFC after:      3 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-1sys/dev/aic7xxx/ahc_pci.c
+1-11 files

HardenedBSD/src 1b7a44fsys/net if_ovpn.c, tests/sys/net/if_ovpn if_ovpn.sh

by Kristof Provost (kp) on ⎇
if_ovpn: add interface counters

Count input/output packets and bytes on the interface as well, not just
in openvpn-specific counters.

PR:             292464
MFC after:      2 weeks
Sponsored by:   Rubicon Communications, LLC ("Netgate")

(cherry picked from commit 21d666a19331f31fb6dfa1e370de5a84a1a5cb46)
DeltaFile
+32-0sys/net/if_ovpn.c
+25-0tests/sys/net/if_ovpn/if_ovpn.sh
+57-02 files

HardenedBSD/src 19709a0sbin/pfctl parse.y, sbin/pfctl/tests pfctl_test_list.inc

by Kristof Provost (kp) on ⎇
pfctl: allow new page character (^L) in pf.conf

PF configuration files can contains many things.

Using the new page characters (i.e. ^L, \014) to mark the beginning
of parts is useful because many editors such as emacs and vim has
facilities to jump next/previous ones.

PR:             86635
MFC after:      2 weeks
Submitted by:   MOROHOSHI Akihiko <moro at remus.dti.ne.jp>
Submitted by:   Simon Wollwage <rootnode+freebsd at wollwage.com>
Sponsored by:   Rubicon Communications, LLC ("Netgate")

(cherry picked from commit fc353e5e61fadd6ef618948f417f96381c08239c)
DeltaFile
+3-0sbin/pfctl/tests/files/pf1078.in
+2-0sbin/pfctl/tests/files/pf1078.ok
+1-1sbin/pfctl/parse.y
+1-0sbin/pfctl/tests/pfctl_test_list.inc
+7-14 files

HardenedBSD/src 240c614stand/defaults loader.conf loader.conf.5

by Michael Osipov (michaelo) on ⎇
loader.conf.5: "console" setting does not document multi-value possiblity

PR:             292595
Approved by:    ziaee, dab, imp, tsoome
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D54843
DeltaFile
+1-1stand/defaults/loader.conf
+1-0stand/defaults/loader.conf.5
+2-12 files

HardenedBSD/src da33caestand/common nvstore.c

by Toomas Soome (tsoome) on ⎇
stand: fix typo in common/nvstore.c

Some out of order chars.
DeltaFile
+1-1stand/common/nvstore.c
+1-11 files

HardenedBSD/src ab5f29astand/libsa/zfs zfs.c

by Toomas Soome (tsoome) on ⎇
stand/zfs: fix path setup in zfs_mount()

Need to check argument 'path', not just allocated struct member.
DeltaFile
+1-1stand/libsa/zfs/zfs.c
+1-11 files

HardenedBSD/src c460d3bcrypto/openssl/apps pkeyutl.c, crypto/openssl/apps/lib apps.c

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+28-27crypto/openssl/apps/lib/apps.c
+40-0lib/libsys/rfork_thread_gen.c
+18-21lib/libc/gen/posix_spawn.c
+18-18crypto/openssl/apps/pkeyutl.c
+34-0lib/libsys/pdrfork_thread_gen.c
+26-6crypto/openssl/crypto/bio/bf_lbuf.c
+164-7228 files not shown
+308-12334 files

HardenedBSD/src b8dd119lib/libc/gen posix_spawn.c, lib/libsys rfork_thread_gen.c pdrfork_thread_gen.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+40-0lib/libsys/rfork_thread_gen.c
+18-21lib/libc/gen/posix_spawn.c
+34-0lib/libsys/pdrfork_thread_gen.c
+0-5lib/libsys/i386/Symbol.sys.map
+0-5lib/libsys/amd64/Symbol.sys.map
+2-0lib/libsys/aarch64/Makefile.sys
+94-315 files not shown
+104-3111 files

HardenedBSD/src 9fb8ffausr.sbin/cron/cron cron.8

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+6-5usr.sbin/cron/cron/cron.8
+6-51 files

HardenedBSD/src d2fb6b8usr.sbin/cron/cron cron.8

by Xin LI (delphij) on ⎇
cron.8: clarify system crontab format

PR:             234504

(cherry picked from commit 53d6b23765ca27ac7eca4096b2a83e84631c4ec8)
DeltaFile
+6-5usr.sbin/cron/cron/cron.8
+6-51 files

HardenedBSD/src 4daf2d3lib/libc/gen posix_spawn.c

by Konstantin Belousov (kib) on ⎇
posix_spawn: use rfork_thread on all arches

Do not allocate or switch to the custom stack on non-x86.

Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D54898
DeltaFile
+18-21lib/libc/gen/posix_spawn.c
+18-211 files

HardenedBSD/src c1be185lib/libsys rfork_thread_gen.c pdrfork_thread_gen.c, lib/libsys/amd64 Symbol.sys.map

by Konstantin Belousov (kib) on ⎇
libsys, libc: provide rfork_thread() and pdrfork_thread() on all arches

Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D54898
DeltaFile
+40-0lib/libsys/rfork_thread_gen.c
+34-0lib/libsys/pdrfork_thread_gen.c
+0-5lib/libsys/i386/Symbol.sys.map
+0-5lib/libsys/amd64/Symbol.sys.map
+2-0lib/libsys/Symbol.sys.map
+2-0lib/libsys/arm/Makefile.sys
+78-104 files not shown
+86-1010 files