security/openvpn-devel: Update 2.7_rc5 => 2.7_rc6
FreeBSD - notable changes for rc5 => rc6 update:
- bugfix on restarting a p2mp server instance with SIGUSR1
(inadvertedly closing fd 0, causing a crash on the next restart),
- prevent NULL pointer crash on suitable combination of --dns-updown
statements in openvpn config file (not pushable),
- prevent inappropriate management interface activity if a password is
set and --management-forget-disconnect or --management-signal are active,
- more conversion warnings fixed,
- remove #ifdefs around socket sendbuf/receive buf handling,
assuming that all platforms that have POSIX sockets have this,
- add mbedTLS 4 support,
- fix check for failed fork() in port-share code.
PR: 292829
Requested by: maintainer
Ping: Make build reproducible
As recently fixed in sockstat (9934558460e4), having tests/Makefile
include files from the parent directory with SRCS= ../foo.c results
in a race condition as the parent build and the tests build try to
produce the same object file but contain different paths.
Use .PATH to tell make to find sockstat.c in the parent directory
but place the object file in the current object directory.
Reviewed by: emaste, jrtc27, kevans
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53075
(cherry picked from commit 3c9a2f383fc25cdffa80c1348cb5388290e0f283)
netstat: Fix whitespace in libxo output for multicast routes
Also fix some bogus libxo format strings in mroute6.c, and close a
couple of lists instead of opening them twice.
Fixes: ade9ccfe211a ("Convert netstat to use libxo.")
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
ktrcsw(): should not be called when the thread is owning interlock or on sleepq
The issue is that for ktrcsw() we lock the ktrace_mtx mutex while owning
the interlock from a subsystem that called msleep(). In particular, the
VM subsystem might call msleep() if page allocation failed. This
establishes order VM locks (e.g. domain free queue lock) -> ktrace_mtx.
Calling free() while owning ktrace_mtx gives the reverse order.
Worse, msleep_spin_sbt() call s ktrcsw() while the thread is put on
sleep queue. Then, since the mutex might be contested, the thread needs
to be put on turnstil, which cannot work.
Move the ktrcsw() call for switch-out after the wakeup, when the thread
does not yet re-obtained any locks. From there, we call a special
version of ktrcsw(), which is passed the actual time when the context
switch occured.
The drawback is that the switch-out record is only written in the
ktrace.out file after the switch-in occurred, but this is probably not
[7 lines not shown]
devel/py-rich-click: Update to 1.9.6
Many enhancements since 1.6.1
Changes: https://github.com/ewels/rich-click/releases
Run-tested under py-multiqc
Pip pkg for py-litestar uses 1.9.6
PR: 292776
Reported by: nivit
release: Ship firmware from kmods repo on DVD
The packages for X.Y-RELEASE are a snapshot of the quarterly branch
for stable/X, i.e. typically built on X.(Y-1)-RELEASE. (The case of
Y=0 is an exception for obvious reasons.) This works for most ports
but not for kernel modules, which may need to be built on the release
in question; this is why we have a separate "kmods" repository.
Make sure that we put the packages from the kmods repository onto the
mini-pkg-repo on the DVD rather than shipping unusable firmware.
Reviewed by: bz
MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D52581
15.0: Update status of devinfo issue
This was fixed in FreeBSD 15.0-RELEASE-p2.
Reviewed by: ziaee
Differential Revision: https://reviews.freebsd.org/D54958
arm64: Fix kernel panic in get_arm64_sve during core dump
The coredump logic calls get_arm64_sve twice: once to get the note size,
and once to get the data. The note size calculation depended on the
volatile `PCB_FP_SVEVALID` flag. If this flag was cleared between the
two calls (e.g., due to a context switch clearing the flag to comply
with the ABI), the second call would expect a smaller buffer size than
the first, triggering a KASSERT panic ("invalid size").
Fix this by ensuring the SVE state is saved to the PCB before we decide
whether to use SVE or VFP.
PR: 292195
Reviewed by: andrew
Differential Revision: https://reviews.freebsd.org/D54532
native-xtools: use static LLVM libraries
Set the MK_LLVM_LINK_STATIC_LIBRARIES knob to "yes" when building the
native-xtools target. This reverts to the behaviour prior to
2e47f35be5dc.
This avoids a build failure that occurs otherwise, where compilation
fails looking for a libllvmprivate.so that was not built.
It is unclear if this addresses the issue in all instances---some
replies in the PRs indicate otherwise. Still, some report success, and
in my own testing this fixed creation of a cross-compiled poudriere
jail. Commit this while we continue to investigate...
PR: 286710, 291409
Tested by: marck, rdunkle at smallcatbrain.com
Reviewed by: emaste
MFC after: 3 days
Fixes: 2e47f35be5dc ("Convert libllvm, libclang and liblldb into private shared libraries").
[4 lines not shown]
src.conf.5: Regen after addition of MK_SOUND
A description for WITHOUT_SOUND is still missing though.
(cherry picked from commit 3f2f3c52e6f192df435bdb5861018402ec1167d0)
Set virtual_oss_enable="NO" in /etc/defaults/rc.conf
This prevents 'service -e' from emitting (/var/log/messages):
/usr/sbin/service: WARNING: $virtual_oss_enable is not set properly - see rc.conf(5)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1987
Reviewed by: christos
Signed-off-by: eborisch at gmail.com
MFC after: 1 week
(cherry picked from commit 1b2d495a24c36d81b14178a2f898025946bff2d8)
