hwpmc: Avoid panic on AMD cpus where IBS is not available
The recent IBS work intruduced a bug on older CPUs where the
IBS handler will be called on NMIs even when IBS is not initialized.
Work around this in the IBS handler by checking to see if ibs_pcpu
is NULL before accessing it.
acl_id_to_name.c: Fix printing of uids and gids
uid_t and gid_t are uint32_t (unsigned 32bit integers).
They are printed as signed integers when calling getfacl
(and other tools using the acl_to_text() libc function).
This causes uid/gids larger than 2G (214783648) to print
as negative numbers
- which causes problem with setfacl since the acl_from_text()
libc function fails on negative numbers.
Reviewed by: rmacklem
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57179
nfs: Fix argument typo to avoid a crash
A typo resulted in the wrong argument for a bytewise
comparison that could result in a crash if
the incorrect argument was not a valid pointer.
This patch fixes the argument.
While investigating this, I noticed that the
correct argument was not being filled in as
required, so this patch fixes that, as well.
Somehow, recovery from a NFSv4.1/4.2 server
crash worked during testing, so this was not
detected. The bug/patch only affects NFS
client mounts using NFSv4.1/4.2.
PR: 294925
Reported by: Jov <amutu at amutu.com>
MFC after: 3 days
Revert "sh/tests: Cut down builtins/read12.0 by 2 seconds"
Dag-Erling Smørgrav does not like this, but I do not understand why.
This reverts commit 1df431576f99c3cc26dd4ceb1a6eda864cc9f196.
audio/mate-media: switch to GitHub source
Switch from MATE mirror to GitHub tarball using USE_GITHUB and
GH_ACCOUNT=mate-desktop, add autoreconf, and bump PORTREVISION.
security/py-privleap: New port: Limited Privilege Escalation Framework
privleap is a privilege escalation framework similar in purpose to
sudo and doas, but very different conceptually. It is designed to
allow user-level applications to run very specific operations as
root without allowing full root control of the machine. Unlike
directly executable privilege escalation frameworks like sudo,
privleap runs as a background service that listens for signals from
other applications. Each signal can request a particular, pre-configured
action to be taken. Signals are authenticated, and each action is
taken only if the signal passes authentication. Any console output
from the action is then returned to the caller. This system allows
privleap to function without being SUID-root, and avoids a lot of
the potential pitfalls of sudo, doas, run0, etc.
WWW: https://www.kicksecure.com/wiki/Privleap
security/py-PAM: new port: Python interface to the PAM library
This module makes the PAM (Pluggable Authentication Modules) functions
available in Python 3. With this module you can write Python 3
applications that implement authentication services using PAM.
WWW: https://packages.debian.org/sid/python3-pam
net/wifi-firmware-iwlwifi-kmod: update script to generate fw list
Starting recently newer iwlwifi firmware now uses a different file
name scheme ending in -cNNN for the core version.
Deal with the fact that we can have -NNN and -cNNN now; even in parallel.
Make sure the few .pnvm files are staying correctly where needed.
Given there is firmware newer than the driver can handle, implement
a max version array, so we can limit certain files to a specific
version. While this is needed for Linux v7.0 based iwlwifi it looks
like for 7.1 it will also be needed.
Sponsored by: The FreeBSD Foundation
Reviewed by: jrm
Differential Revision: https://reviews.freebsd.org/D57047
wifi-firmware-*: update to 20260410
Update firmware to 20260410. This includes new firmware files
for iwlwifi and rtw89.
Bump the main firmware version as well.
Sponsored by: The FreeBSD Foundation
Reviewed by: jrm
Differential Revision: https://reviews.freebsd.org/D57050
net/wifi-firmware-kmod: deal with '?' in file names as sha256 broke it
md5 (sha256) as of 70fde0ed6bbbb1f84c440190ba1e5435f8c90e13 in base
started quoting ? as \? which then goes into the distinfo file and
as a result we fail to find that file later using Mk/Scripts/.
Using the dummy=/ option is not as straight forward with a dynamic list
of distfiles as one would wish.
We now build a full matrix of MASTER_SITE x DISTFILES; that is for
each "DISTFILE" we generate a :group with a full download URL on each
"MASTER_SITE". That way each file is still possibly downloadable from
each of the various master sites.
The difference now is that the files stored in distfiles no longer
contain the ?h=<tag> extension as we strip that for the distfile having
it encoded in the master_site URLs.
Building that matrix needs to happen after bsd.port.pre.mk is included
as otherwise FLAVOR is not set correctly and we do not build the
[19 lines not shown]
www/{nginx,nginx-devel,freenginx}: use lua-stream-nginx-module port
Replace the embedded LUASTREAM GH_TUPLE handling with a
BUILD_DEPENDS on www/lua-stream-nginx-module and use the
module sources from the dedicated port during the build.
Add freenginx compatibility patches for lua-stream-nginx-module.
Also update lua-stream-nginx-module to version 0.0.17.
PR: 294426
Sponsored by: Netzkommune GmbH
