shells/xonsh: Update to 0.23.4
- Update from 0.22.8 to 0.23.4
- Fix short and long descriptions (Reported by: Andy Kipp, makc)
- Move prompt-toolkit to RUN_DEPENDS as it is required for the interactive shell
- Combined backport from main
(Cherry picked from commits:
4af2752617fa, cb1add6ce17a, 4e15accd4c4c, 171de8a60868,
20eabb3ff3c3, 8d46b1cef06d, b2bc7a430fb3)
man: Kill off MANSUBDIRs
Three architecture dependent manuals are installed to MANSUBDIRs,
creating at least two empty manual page directories on everyone's
boxxen. Move those manuals to their canonical area, enhancing clarity,
grepability, removing useless inodes, and increasing consistency with
the rest of the architecture dependent manuals which are unconditionally
installed, and noted at the top of the rendered manual.
MFC after: 3 days
ports.7/FILES: Expand and refactor into 3 tables
Add make.conf, CHANGES, CONTRIBUTING.Md, UPDATING, and Tools/scripts.
Refactor the FILES section of the ports reference manual into a bigger
table with three sections separated by root directory. Remove preceeding
article from all but "the big Kahuna", and root dirs where reasonable.
MFC after: 3 days
Relnotes: yes
Reported by: adamw, arrowd, linimon
Differential Revision: https://reviews.freebsd.org/D55441
security/vuxml: Add Mozilla vulnerability
CVE-2026-7323
NIST: NVD Base Score: N/A
ADP: CISA-ADP
Base Score: 7.3 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
www/gohugo: Update to 0.161.0
ChangeLog: https://github.com/gohugoio/hugo/releases/tag/v0.161.0
Bug fixes
* langs/i18n: Fix translation lookup when using language variants
* create: Fix non-deterministic conflict detection in hugo new content
* commands: Fix environment isolation for configuration settings
* Fix filename dimension identifiers (role_X, version_X) to replace mount config
* Fix it so we never auto-fallback to page resources in other roles/versions
Improvements
* css: Support nested hugo:vars/ imports
* github: Update GitHub actions versions
* hugolib: Do not render aliases if the page is not rendered
* langs/i18n: Improve default content language fallback
* helpers: Remove unused code
[17 lines not shown]
lockf: Avoid spinning when operating on an fd
When operating on a file descriptor, acquire_lock() would ignore the
flags argument and always operate in non-blocking mode, resulting in
unnecessary busy-looping.
PR: 294832
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56722
stat: Drop unused code and conditionals
We haven't pulled from upstream in over 15 years, and the codebases
have diverged so far it is unlikely that we ever will.
* Drop NetBSD and OpenBSD version control information.
* Drop support for building on non-BSD / non-POSIX platforms.
* Fix a few minor style issues.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56771
vt_core: don't draw the splash if a panic occurred
The shutdown splash draws over all the useful info if ddb(4) is
disabled. Don't draw the splash screen if we're rebooting because of a
panic.
MFC after: 3 days
netbsd-tests: Fix the mmap_truncate_signal test
Add a volatile qualifier in the loop which triggers SIGBUS, as otherwise
the compiler is smart enough to elide it, replacing it with a check for
page != 0.
MFC after: 1 week
(cherry picked from commit e3b8e55e710bf355f371d798aa943281007a7ea9)
tests/ipfw: Make tests run more reliably in parallel
- Don't use /dev/null as the pidfile for inetd, that doesn't work
properly. Create a pidfile in the per-test scratch directory.
- Use atf_check to validate results from setup commands.
MFC after: 1 week
(cherry picked from commit bea17411473bc58608badd425c223ee59d40a465)
vm_swapout: Remove a special case from vm_swapout_map_deactivate_pages()
John points out that this probably should have been removed in commit
472888018ce, which removed a special case where we'd set desired=0 if
the target process has P_INMEM clear. It's not obvious to me that the
desired=0 case can't arise by setting an RSS limit to 0, but I'm not
sure why we'd try to go the extra mile in that case anyway.
Reported by: jhb
Reviewed by: kib
MFC after: 2 weeks
Fixes: 472888018ce1 ("proc: Remove kernel stack swapping support, part 6")
Differential Revision: https://reviews.freebsd.org/D56140
(cherry picked from commit b6b0afefec4739923897d984448704ce34a21e6b)
tests/socket_afinet: Fix the bind_connected_port test
The test verifies that a socket can bind to a local address assigned by
connect(2) to a different socket. It was however trying to bind to the
wrong address, and the check of the result was inverted, so this went
unnoticed. It also needs to set SO_REUSEADDR for this to succeed.
Reported by: glebius
MFC after: 1 week
(cherry picked from commit d3d0466cae546254c50c80cf3e0c060bbbbba53c)
nullfs: Clear inotify flags during reclaim
The inotify flags are copied from the lower vnode into the nullfs vnode
so that the INOTIFY() macro will invoke VOP_INOTIFY on the nullfs vnode;
this is then bypassed to the lower vnode. However, when a nullfs vnode
is reclaimed we should clear these flags, as the vnode is now doomed and
no longer forwards VOPs to the lower vnode.
Add regression tests. Remove a test in vn_inotify_revoke() which is no
longer needed after this change.
PR: 292495
Reviewed by: kib
Reported by: Jed Laundry <jlaundry at jlaundry.com>
Fixes: f1f230439fa4 ("vfs: Initial revision of inotify")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56639
(cherry picked from commit a02d794f5acd12ba3cf1de5c204a8dd56af47edd)
tests/posixshm: Check for hardware support in largepage_pkru
MFC after: 3 days
Fixes: ca87c0b8e396 ("pkru: Fix handling of 1GB largepage mappings")
(cherry picked from commit 75c66218401c00f4728d5312e2b933b8d3aefde1)
routing: Use a better error number in sysctl_fibs()
ENOTCAPABLE is for capsicum and its use here is inappropriate. In
particular, note that syscallret() treats this value specially.
Reviewed by: glebius, pouria, zlei
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56481
(cherry picked from commit 8de0fc10a1c2d65bdb39eff862266ab1f87902c8)
epoch: Don't idle CPUs when there's pending epoch work
The epoch(9) subsystem implements per-CPU queues of object destructors
which get invoked once it is safe to do so. These queues are polled via
hardclock().
When a CPU is about to go idle, we reduce the hardclock frequency to 1Hz
by default, to avoid unneeded wakeups. This means that if there is any
garbage in these destructor queues, it won't be cleared for at least 1s
(and possibly longer) even if it would otherwise be safe to do so.
epoch_drain_callbacks() is used in some places to provide a barrier,
ensuring that all garbage present in the destructor queues is cleaned up
before returning. It's implemented by adding a fake destructor in the
queues and blocking until it gets run on all CPUs. The above-described
phenomenon means that it can take a long time for these calls to return,
even (especially) when some CPUs are idle. This causes long delays when
destroying VNET jails, for instance, as epoch_drain_callbacks() is
invoked each time a network interface is destroyed.
[13 lines not shown]
