kqueue_fork_copy_knote(): zero kn_knlist for the copy before calling knlist_add()
Reported by: pho, dhw
Fixes: 306c9049c642da6a59a5dc088589605a9aa38b87
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
src.opts.mk: !CROSS_COMPILER implies !LLVM_BINUTILS_BOOTSTRAP
This fixes the build when WITHOUT_CROSS_COMPILER is set.
Reported by: fuz, vishwin
Fixes: 17494c6e6b7d ("build: Boostrap LLVM_BINUTILS for cross-tools")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D56219
tunefs: Don't lower WARNS
Use casts to silence the alignment warnings instead of potentially
suppressing other legitimate warnings.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56033
tzcode: Update to 2026a
Many thanks to Paul Eggert for adopting most of our adaptations as
optional features upstream in the previous release (2025c).
MFC after: 1 week
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D55741
(cherry picked from commit ff2c98b30b57b9763e2a6575f729bab676e6c025)
tzcode: Fix issues when TZ is an absolute path
* If TZ starts with TZDIR, strip any additional slashes so relname
does not end up looking like an absolute path. For instance,
TZ=/usr/share/zoneinfo//UTC should result in UTC, not /UTC.
* In the setugid case, we were incorrectly passing name rather than
relname to fstatat().
* Modify the tz_env and tz_env_setugid test cases to exercise both
of these scenarios.
* Also add test cases for invalid values of TZ, which I wrote
earlier but forgot to include in a5f14e4f9069.
Reported by: Paul Eggert <eggert at cs.ucla.edu>
MFC after: 3 days
Fixes: 967a49a21a27 ("Update tzcode to 2025b")
Fixes: a5f14e4f9069 ("tzcode: Use -00 only for invalid time zones")
[24 lines not shown]
tzcode: Fix early tz change detection
Assume tzdata is not fresh if last_checked is zero, as comparing the
current time to last_checked less than __tz_change_interval after boot
may produce a false negative.
While here, invert the return value from tzdata_is_fresh() to better
match its new name (it was previously called recheck_tzdata(), so zero
for fresh and non-zero for stale made sense, but it doesn't now).
PR: 269207
MFC after: 3 days
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D53502
(cherry picked from commit a38c2f99f81c2fc35c8ca209931c1c46e3e81023)
tzcode: Test escape from TZDIR
Test a value of TZ that temporarily escapes from TZDIR (which is not
permitted when setugid) then reenters it.
MFC after: 3 days
(cherry picked from commit cf76bfbb235116702ea1689bf984f200a72d2790)
tzcode: Expose and document offtime() and offtime_r()
Includes diff reduction to upstream version of this patch.
MFC after: 3 days
Sponsored by: Klara, Inc.
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D39715
(cherry picked from commit 155290b23f0b503b9db675d6a45f85b189ee1926)
tzcode: Add a test case for plain issetugid case
This catches a bug in tzcode which incorrectly considers TZDEFAULT as
unsafe as if it came from the environment.
Also deduplicate some repeated code, and fix a missing mode in an
open(2) call with O_CREAT set.
Event: Oslo Hackathon 202508
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D52241
(cherry picked from commit 016d3ec239b39895cf19aa62552fc316d7d98045)
tzcode: Limit TZ for setugid programs
The zoneinfo parser can be told to read any file the program can access
by setting TZ to either an absolute path, or a path relative to the
zoneinfo directory. For setugid programs, we previously had a hack from
OpenBSD which rejects values of TZ deemed unsafe, but that was rather
arbitrary (anything containing a dot, for instance). Leverage openat()
with AT_RESOLVE_BENEATH instead.
For simplicity, move the TZ change detection code to after we've opened
the file, and stat the file descriptor rather than the name.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D52029
(cherry picked from commit b6ea2513f7769ea9d9e4d342777111add2c903b0)
tzcode: Use -00 only for invalid time zones
As of tzcode 2025a, if we are unable to load a time zone, we set tzname
to "-00" to indicate an error. This penalizes users who simply don't
set TZ or create /etc/localtime as a faster way of setting the time zone
to UTC (pointing /etc/localtime at /usr/share/zoneinfo/UTC forces us to
parse it every time for no real benefit). To rectify this, use "-00"
only if TZ was set or zoneinit() returned something else than ENOENT.
MFC after: 3 days
Fixes: 967a49a21a27 ("Update tzcode to 2025b")
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D52680
(cherry picked from commit a5f14e4f9069a8ffed66d923bb0ecf20d8a0e6af)
tzcode: Don't treat TZDEFAULT as tainted
tzset() calls zoneinit() with the FROMENV flag set unconditionally, so
if TZ is unset and we use TZDEFAULT instead, we were still treating it
as if it came from the environment. Unset the FROMENV flag if name is
null and we switch to TZDEFAULT, or if, after skipping the optional
leading colon, we find that name is identical to TZDEFAULT.
This incorporates upstream change d0e0b00f846c ("Avoid unnecessary
access, stat calls").
Fixes: b6ea2513f776 ("tzcode: Limit TZ for setugid programs")
Event: Oslo Hackathon 202508
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D52240
(cherry picked from commit ca89e15355097e9b57bf4e17a50506e081fe04b3)
tzcode: Fix TZ for non-setugid programs
The previous commit had the desired effect for setugid programs, but
broke TZ for everyone else. I didn't notice because my test cases
swap out /etc/localtime instead of setting TZ, so add a test case
that sets TZ.
Fixes: b6ea2513f776 ("tzcode: Limit TZ for setugid programs")
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D52108
(cherry picked from commit a6b19979bf13055da5f24d1f240f2acddb35eeac)
tzcode: Add a test case for thin jails
Add a test case for a typical thin jail scenario where TZDIR does not
exist and we get our information from /etc/localtime. This is
technically already covered by the detect_tz_changes test case, but
this new test case is independent of the DETECT_TZ_CHANGES option.
(cherry picked from commit b2f394b90062b9f4aee51de4e5fd7513b3db7362)
tzcode: Update to 2026a
Many thanks to Paul Eggert for adopting most of our adaptations as
optional features upstream in the previous release (2025c).
MFC after: 1 week
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D55741
(cherry picked from commit ff2c98b30b57b9763e2a6575f729bab676e6c025)
nd6: Fix delayed NA for proxy addresses
Delayed proxy addresses need special handling, since
they can use link-local ifa as their source address and
have different link-layer data in their response.
Fixes: f37fbe30f559
Reviewed by: glebius, markj
Differential Revision: https://reviews.freebsd.org/D55850
ipfw_nptv6: fix handling the ifaddr removal event
The result of IN6_ARE_MASKED_ADDR_EQUAL() macro is not an integer, so
threat it as a boolean value.
PR: 294114
Reported by: Peter Much <pmc citylink dinoex sub org>
MFC after: 1 week
cross-build: Provide mempcpy when building on macOS
We could patch the tzcode config to not use it, but it's simple to
provide an implementation of it and avoid spreading cross-build
bootstrapping special cases.
Fixes: ff2c98b30b57 ("tzcode: Update to 2026a")
MFC after: 1 week
(cherry picked from commit 47402c9422ec6c9ba76d96414f5a08bd35a9e1fd)
cross-build: Provide mempcpy when building on macOS
We could patch the tzcode config to not use it, but it's simple to
provide an implementation of it and avoid spreading cross-build
bootstrapping special cases.
Fixes: ff2c98b30b57 ("tzcode: Update to 2026a")
MFC after: 1 week
(cherry picked from commit 47402c9422ec6c9ba76d96414f5a08bd35a9e1fd)
cross-build: Provide mempcpy when building on macOS
We could patch the tzcode config to not use it, but it's simple to
provide an implementation of it and avoid spreading cross-build
bootstrapping special cases.
Fixes: ff2c98b30b57 ("tzcode: Update to 2026a")
MFC after: 1 week
(cherry picked from commit 47402c9422ec6c9ba76d96414f5a08bd35a9e1fd)
