| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)
Out-of-bounds read in HTTP client no_proxy handling (CVE-2025-9232)
Obtained from: OpenSSL
Approved by: so
Security: FreeBSD-SA-25:08.openssl
Security: CVE-2025-9230
Security: CVE-2025-9232
(cherry picked from commit 270158508d7c55a0737c2a9915cd4afc8fabdaf0)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrading from 14.x to 15.x with freebsd-update broke because libc
depends on the new libsys library; freebsd-update installed the new
libc before creating libsys, and every step after that failed because
all the tools (including gunzip and install) are dynamically linked
and need a working libc.
Enforce ordering when installing shared objects: First libsys, then
libc, then libthr, and then all the rest of the shared object files.
This is a candidate for an Errata Notice since the issue this fixes
breaks upgrades.
PR: 289769
Reported by: Graham Perrin
Reviewed by: kib
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D52688
Approved by: so
Security: FreeBSD-EN-25:18.freebsd-update
(cherry picked from commit 7ece602e00e85195fc426a2401c49921cd39735e)
(cherry picked from commit e26928669f39c8683aea74040b9e2472e944c43a)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
if the syscall muxes are used, up to two additional arguments
may be required. This means that the 8 required for mmap increases
up to 10 (for __syscall).
Sponsored by: Juniper Networks, Inc.
Approved by: so
Security: FreeBSD-EN-25:15.arm64
(cherry picked from commit 740b879c6ade531adebeba7cd2f261bbe650797f)
(cherry picked from commit 17d87881a363c160e7e8cdb252d0261214c1a50b)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libarchive 3.8.1
New features:
#2088 7-zip reader: improve self-extracting archive detection
#2137 zip writer: added XZ, LZMA, ZSTD and BZIP2 support
#2403 zip writer: added LZMA + RISCV BCJ filter
#2601 bsdtar: support --mtime and --clamp-mtime
#2602 libarchive: mbedtls 3.x compatibility
Security fixes:
#2422 tar reader: Handle truncation in the middle of a GNU long linkname
(CVE-2024-57970)
#2532 tar reader: fix unchecked return value in list_item_verbose()
(CVE-2025-25724)
#2532 unzip: fix null pointer dereference (CVE-2025-1632)
#2568 warc: prevent signed integer overflow (CVE-2025-5916)
#2584 rar: do not skip past EOF while reading (CVE-2025-5918)
#2588 tar: fix overflow in build_ustar_entry (CVE-2025-5917)
#2598 rar: fix double free with over 4 billion nodes (CVE-2025-5914)
#2599 rar: fix heap-buffer-overflow (CVE-2025-5915)
Important bugfixes:
#2399 7-zip reader: add SPARC filter support for non-LZMA compressors
#2405 tar reader: ignore ustar size when pax size is present
#2435 tar writer: fix bug when -s/a/b/ used more than once with b flag
#2459 7-zip reader: add POWERPC filter support for non-LZMA compressors
#2519 libarchive: handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
#2539 libarchive: add missing seeker function to archive_read_open_FILE()
#2544 gzip: allow setting the original filename for gzip compressed files
#2564 libarchive: improve lseek handling
#2582 rar: support large headers on 32 bit systems
#2587 bsdtar: don't hardlink negative inode files together
#2596 rar: support large headers on 32 bit systems
#2606 libarchive: support @-prefixed Unix epoch timestamps as date strings
#2634 tar: Support negative time values with pax
#2637 tar: Keep block alignment after pax error
#2642 libarchive: fix FILE_skip regression
#2643 tar: Handle extra bytes after sparse entries
#2649 compress: Prevent call stack overflow
#2651 iso9660: always check archive_string_ensure return value
CVE: CVE-2024-57970, CVE-2025-1632, CVE-2025-25724,
CVE-2025-5914, CVE-2025-5915, CVE-2025-5916,
CVE-2025-5917, CVE-2025-5918
PR: 286944 (exp-run, main, libarchive 3.8.0)
Approved by: so
Security: FreeBSD-SA-25:07.libarchive
(cherry picked from commit 2e113ef82465598b8c26e0ca415fbe90677fbd47)
(cherry picked from commit 6dad4525a2910496ecf3c41de659aac906f6c1f4)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a small oversight in the transition to netlink; the non-netlink
implementation would explicitly flush its stdout as necessary to avoid
apparent long stalls in output when we end up fully-buffered. Adjust
the netlink implementation to do the same. This was noticed while
trying to triage failures in the wg-quick script.
Commit message by kevans, patch by author.
PR: 278265
Fixes: 091fec1188929 ("route: switch transport protocol [...]")
Approved by: so
Security: FreeBSD-EN-25:14.route
(cherry picked from commit 97b61b22edba74c62adba1d022fb73541aa5ff93)
(cherry picked from commit dd695839efd80fe81143cd6c7a552c30df8448f6)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
| |
Approved by: so
Security: FreeBSD-SA-25:06.xz
Security: CVE-2025-31115
|
| |
|
|
|
|
|
|
| |
Approved by: so
Security: FreeBSD-EN-25:11.ena
(cherry picked from commit 59b30c1a864ee8a22c2e9912301cb88674f714c9)
(cherry picked from commit a1685d25601ee7abfaf6d6a993932ae3318e070e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patch 0a33c047a443 introduced new values to
hw.ena.force_large_llq_header. The default value of 2 means no
preference, while 0 and 1 act as the previous false and true
respectively, which allowed forcefully setting regular or large LLQ.
There are 2 ways to force the driver to select regular LLQ:
1. Setting hw.ena.force_large_llq_header = 0 via sysctl.
2. Turning on ena express, which makes the recommendation by the FW to
be regular LLQ.
When the device supports large LLQ but the driver is forced to
regular LLQ, llq_config->llq_ring_entry_size_value is never initialized
and since it is a variable allocated on the stack, it stays garbage.
Since this variable is involved in calculating max_entries_in_tx_burst,
it could cause the maximum burst size to be zero. This causes the driver
to ignore the real maximum burst size of the device, leading to driver
resets in devices that have a maximum burst size (Nitro v4 and on. see
[1] for more information).
In case the garbage value is 0, the calculation of
max_entries_in_tx_burst divides by 0 and causes kernel panic.
The patch modifies the logic to take into account all use-cases and
ensure that the relevant fields are properly initialized.
[1]: https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html
Fixes: 0a33c047a443 ("ena: Support LLQ entry size recommendation from device")
Sponsored by: Amazon, Inc.
Differential Revision: https://reviews.freebsd.org/D50040
Approved by: so
Security: FreeBSD-EN-25:11.ena
(cherry picked from commit 56c45700f2ae15755358f2da8266247613c564df)
(cherry picked from commit 3f4a674a8ee430dec7c72c45ffe759eabefa7a1f)
|
| |
|
|
|
|
|
|
|
| |
From the upstream pull request merges:
#17340 b144b160b Fix 2 bugs in non-raw send with encryption
Obtained from: OpenZFS
Approved by: so
Security: FreeBSD-EN-25:10.zfs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
science/dlib-cpp reveals an interesting scenario that works fine on
other platforms but not on FreeBSD; notably, it ends up creating a new
global object from some destructor which is called during
__cxa_finalize. This breaks when libdlib is dlopen()ed and then
subsequently dlclose()ed, as we never end up invoking the created
object's dtor until program exit when the shlib is already unmapped.
Fix it by noting when we're in the middle of __cxa_finalize for a dso,
and then restarting the search if __cxa_atexit() was called in the
middle somewhere.
We wait until we've processed the initial set before starting over and
processing the newly added handlers as if it were a complete set of
handlers added during runtime. The alternative is calling them as
they're added to maintain a LIFO in terms of total ordering, but in
theory a constructor could add another global object that also needs to
be destroyed, and that object needs to be destroyed after the one that
constructed it to avoid creating unexpected lifetime issues.
This manifests in the pdlib PHP extension for dlib crashing, see [0].
[0] https://github.com/goodspb/pdlib/issues/39
PR: 285870
Reviewed by: kevans (also supplied commit message)
Approved by: so
Security: FreeBSD-EN-25:09.libc
(cherry picked from commit 23427c8e1fedb9fc68ad0bd27a59c7ffd2b3008c)
(cherry picked from commit c43ae65b4b89be422cdcd399a7abc44f6db4b298)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
- Seven (7) new roots
- Four (4) distrusted roots
- Fifteen (15) removed (expired) roots
Approved by: so
Security: FreeBSD-EN-25:08.caroot
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D49294
(cherry picked from commit 0100da4deb96e15acf72d7655127c6faafa4148f)
(cherry picked from commit 7577dae4d67216c602dc11e2388d190a2c9dc9ff)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release incorporates the following bug fixes and mitigations:
- [CVE-2024-13176](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
- [CVE-2024-9143](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143)
Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html
Approved by: so
Security: FreeBSD-EN-25:07.openssl
Differential Revision: https://reviews.freebsd.org/D49296
Differential Revision: https://reviews.freebsd.org/D49297
(cherry picked from commit 0d0c8621fd181e507f0fb50ffcca606faf66a8c2)
(cherry picked from commit cb29db243bd09d16604435639ae43ef7af0ea254)
(cherry picked from commit d2a55e6a9348bb55038dbc6b727ab041085f22db)
(cherry picked from commit 0d61082e3c64a43f52ec5f1bf3d85671d97d9514)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We populate the kqueue with all of four kevents: three signal handlers and
one for read of the child pipe. Every time we start the child, we rebuild
this kqueue from scratch for the child and tear it down before we exit and
check if we need to restart the child. As a consequence, we effectively
drop any of the signals we're interested in between restarts.
Push the kqueue out into the daemon state to avoid losing any signal events
in the process, and reimplement the restart timer in terms of kqueue timers.
The pipe read event will be automatically deleted upon last close, which
leaves us with only the signal events that really get retained between
restarts of the child.
Approved by: so
Security: FreeBSD-EN-25:06.daemon
PR: 277959
Reviewed by: des, markj
(cherry picked from commit bc1dfc316a2bba97773a14b96f5e976a52524be4)
(cherry picked from commit 7ea2874eadf901b1187772670169b6fc3a44d917)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/libexpat/libexpat/blob/R_2_7_1/expat/Changes
Note that libbsdxml(3) is only intended to used by utilities in the
FreeBSD base system. None of the vulnerabilities addressed by expat
releases 2.6.1 - 2.7.1 is exploitable on FreeBSD as supported by the
security-officer@ team.
Approved by: so
Security: FreeBSD-EN-25:05.expat
Security: CVE-2024-8176
Security: CVE-2024-50602
Security: CVE-2024-45490, CVE-2024-45491, CVE-2024-45492
Security: CVE-2024-28757
(cherry picked from commit ffd294a1f4c23863c3e515d16dce31d5509bcb01)
(cherry picked from commit 7fcc9d60956fc482d14acd579786390b989a5057)
(cherry picked from commit ba23ab2168ffabc2c5e647a1a37ab9a8fb482bb8)
(cherry picked from commit 8c7e4d11fef6ba9d5fc26571f72b8d877b0c1efb)
(cherry picked from commit 908f215e80fa482aa953c39afa6bb516f561fc00)
(cherry picked from commit 78ab4c182b9faa09688a040b252ba111952e5e17)
(cherry picked from commit fe9278888fd4414abe2d922e469cf608005f4c65)
(cherry picked from commit 6f7ee9ac036ebd210d70cb177eba0c3c5bc930e3)
(cherry picked from commit 03a1992591b0ae85b6b250255fe56e17f6d919c6)
(cherry picked from commit 50c58014795c63813c508bce59c97895ae2ca3c7)
(cherry picked from commit 00c8538e87c61f1fd57ccd9e02a6d435b68d9a73)
(cherry picked from commit fd4592006b1306e1d63a542612fd66a8374d181f)
|
| |
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/eggert/tz/blob/2025b/NEWS
Approved by: so
Security: FreeBSD-EN-25:04.tzdata
(cherry picked from commit d2cccdef30376b7de5643caae1ef035f8e6932f0)
(cherry picked from commit 475082194ac811a925bf4a8109ef5e4f4f485dad)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-25:05.openssh
Approved by: so
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 62df41ae0a71e77ccb1e8fae06d82eec5dff441a)
(cherry picked from commit 24ce323f020fb1ee1b463e524a7a6c15f47ec2a4)
|
| |
|
|
|
|
|
|
|
|
|
| |
Obtained from: OpenSSH 38df39ecf278
Security: CVE-2025-26465
Security: FreeBSD-SA-25:05.openssh
Approved by: so
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 170059d6d33cf4e890067097f3c0beb3061cabbd)
(cherry picked from commit 4ad8c195cf54411e3b3fa0bec227eb83ca078404)
|
| |
|
|
|
|
|
|
|
|
|
| |
Obtained from: OpenSSH 5e07dee272c3
Security: CVE-2025-26466
Security: FreeBSD-SA-25:05.openssh
Approved by: so
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 8a16d0831e70530b2fbd682e748bd051de35f192)
(cherry picked from commit 34798cb576bbd2064ab8da372112482bf8e2a7e6)
|
| |
|
|
| |
Approved by: so
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the window during conflict resolution, copies of installed files with
conflicts are added here with the default mode. Restrict access.
Approved by: so
Security: FreeBSD-SA-25:03.etcupdate
PR: 277470
Reviewed by: philip, jhb, emaste
Differential Revision: https://reviews.freebsd.org/D48576
(cherry picked from commit c43ae7ab4bf89c2b274c1cbefe663c456e9211d1)
(cherry picked from commit 93836ff92be84a1d4e7611577ffe116a0e30d008)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File system specific *fid structures are copied into the generic
struct fid defined in sys/mount.h.
As such, they cannot be larger than struct fid.
This patch packs the structure and checks via a __Static_assert().
Approved by: so
Security: FreeBSD-SA-25:02.fs
Reviewed by: markj
MFC after: 2 weeks
(cherry picked from commit 4db1b113b15158c7d134df83e7a7201cf46d459b)
(cherry picked from commit 155987e2019089a5bd2eef77ed7bcc5cc26c362e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File system specific *fid structures are copied into the generic
struct fid defined in sys/mount.h.
As such, they cannot be larger than struct fid.
This patch packed the structure and checks via a __Static_assert().
Approved by: so
Security: FreeBSD-SA-25:02.fs
Reviewed by: markj
MFC after: 2 weeks
(cherry picked from commit bfc8e3308bee23d0f7836d57f32ed8d47da02627)
(cherry picked from commit 7a3a0402aeb626a7379addd344cbfd8900e83baa)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File system specific *fid structures are copied into the generic
struct fid defined in sys/mount.h.
As such, they cannot be larger than struct fid.
This patch packs the structure and checks via a __Static_assert().
Approved by: so
Security: FreeBSD-SA-25:02.fs
Reported by: Kevin Miller <mas@0x194.net>
Reviewed by: olce, imp, kib, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D47879
(cherry picked from commit 205659c43d87bd42c4a0819fde8f81e8ebba068e)
(cherry picked from commit 54974e731f279941ef7aebd7d30ba2e9299a4056)
|
| |
|
|
|
|
|
|
|
|
| |
Changes: https://github.com/eggert/tz/blob/2025a/NEWS
Approved by: so
Security: FreeBSD-EN-25:03.tzdata
(cherry picked from commit 46226b0162ba03986b1de2c790804b37dd8e64d6)
(cherry picked from commit a158d26e89f2e3274ba1064e3fd6b341c6fcb07c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
syscallenter() has a slow path to handle syscall auditing and dtrace
syscall tracing. It uses AUDIT_SYSCALL_ENTER() to check whether to take
the slow path, but this macro also has side effects: it writes the audit
log entry. When systrace (dtrace syscall tracing) is enabled, this
would get short-circuited, and we end up not writing audit log entries.
Introduce a pure macro to check whether auditing is enabled, use it in
syscallenter() instead of AUDIT_SYSCALL_ENTER().
Approved by: so
Security: FreeBSD-EN-25:02.audit
Reviewed by: kib
Reported by: Joe Duin <jd@firexfly.com>
Fixes: 2f7292437d0c ("Merge audit and systrace checks")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48448
(cherry picked from commit f78fe930854cac6eed55859b45e0a7b5d87189d6)
(cherry picked from commit 4b9ba274d736de74676051c8f13e7d3dd536334b)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sockaddr passed to ktrcapfail() may be smaller than
sizeof(struct sockaddr), and the trailing bytes in the sockaddr
structure will be uninitialized, whereupon they get copied out to
userspace.
Approved by: so
Security: FreeBSD-SA-25:04.ktrace
PR: 283673
Reviewed by: jfree, emaste
Reported by: Yichen Chai <yichen.chai@gmail.com>
Reported by: Zhuo Ying Jiang Li <zyj20@cl.cam.ac.uk>
Fixes: 9bec84131215 ("ktrace: Record detailed ECAPMODE violations")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D48499
(cherry picked from commit 5b86888bae651e54ccc0adde0ed897ec1c1e0d45)
(cherry picked from commit 99d5ee8738a354e0d8f12453a82ed87e47bd62f1)
|
| |
|
|
|
|
|
|
|
| |
- Bump BRANCH to RELEASE
- Add the anticipated RELEASE announcement date
- Set a static __FreeBSD_version
Approved by: re (implicit)
Sponsored by: Amazon
|
| |
|
|
|
| |
Approved by: re (implicit)
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The pkg-bootstrap binary depends on fetch.
Approved by: re
Reviewed by: cperciva, emaste, bapt
Differential Revision: https://reviews.freebsd.org/D47661
MFC after: 1 day
(cherry picked from commit ca1f1d2c9419a5d66929ca6880b69901254645a6)
(cherry picked from commit 4a768794b836f781ecf798949b60e5c5d305f136)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
On some platforms (e.g. powerpc) we don't have packages, so we can't
install them onto the ISOs. Proceed with building the images anyway.
Reported by: Weekly snapshot builds
Fixes: 7e2996c1f5b4 ("release: install wireless firmware onto disc1 and dvd")
Approved by: re (cperciva)
(cherry picked from commit e8263ace39c8ecf11233c0a10d0b1839e6813046)
(cherry picked from commit 9431091ee021eca9eb4c768b566e623ba9333b41)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wireless driver firmware is no longer added to the src tree.
In order to have wireless support in the installer for the new drivers
we install the firmware packages onto disc1 (and memstick) and dvd
if built on FreeBSD and NOPKG is not defined (to not break cross-builds
from Linux or OSX and to allow people to opt-out).
Sponsored by: The FreeBSD Foundation
Submitted by: cperciva (the orig. commands and where to place them)
Reviewed by: jrtc27
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47407
(cherry picked from commit 7e2996c1f5b4e684cae40c2418b68061df9997d9)
(cherry picked from commit b62012538e967b22736e8c2214b222f21146bddc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure an interface is back up before (re-)starting wpa_supplicant
in wlanconfig not relying on wpa to UP the interface (though we fixed
that).
Sponsored by: The FreeBSD Foundation
Reviewed by: emaste (in D47491)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47491
(cherry picked from commit 5399052c63a7a3d2f54615d31bfd092ab887a600)
(cherry picked from commit 7d0c12e1f907ddf9be6668449a966703c0f781d1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a menu to the installer to run fwget(8) inside the newly installed
system to install firmware known to be needed.
This requires working netowrking.
This is needed at least for wireless currently for when we entirely
stop shipping new firmware in src.git to have working networking on
the installed system (we already do need this for at least rtw89).
Sponsored by: The FreeBSD Foundation
Tested with: 4 different iwlwifi chipsets in a system (earlier version)
Suggested improvments by: jrtc27
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47491
(cherry picked from commit bbe2a1da2df639c616869aa838244c8094779bd4)
(cherry picked from commit 15f6edf20e4e1542f2385a9cbd6e996e23252858)
|
| |
|
|
|
|
|
|
|
|
| |
Approved by: re (cperciva)
MFC after: 3 days
Reviewed by: ray
Differential Revision: https://reviews.freebsd.org/D47570
(cherry picked from commit 79af8f72b3aff993703778423e83320df0953a37)
(cherry picked from commit 3bcbd391dd7e1376ab7ad37e94f5b746abfc0591)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Release Hardware Notes are generated from hardware sections in the
manual pages. Create or organize these sections in Wi-Fi driver manuals
for information flow, and perform minor maintenance on them while here.
After some testing, we have determined that a compact column list is
the best for a single column listing in the hardware release notes.
This makes very clean subsections and is for some reason denser than
using a tagged list.
This adds the long requested conversion from netmask to cidr examples.
These examples probably shouldn't even be here, but that is a discussion
for another day.
Reported by: bz (relnotes generation, cidr, test-net-1 ip4addr)
Reported by: grahamperrin (HARDWARE order mentioned in fdp-primer)
Reported by: Graham Percival <gperciva@tarsnap.com> (don't prompt)
Reviewed by: bz (anything wrong likely is my polishing fault; incl. iwm.4)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47508
(cherry picked from commit 8f1a2d507e25e77d20a5d7675dc8eee9b83d3570)
(cherry picked from commit 93b30f1b6caec5083efacf3fb5049b72e75cc09e)
(cherry picked from commit 6c140ba1266b7957e1c2861e6ce41d9b88381f8a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce -q to quieten other output (unless -v is also given).
pkg-install(8) currently has no option to allow skipping unavail
packages but it will just fail.
We would realy want to try to install as much firmware found as
possible from the installer.
Work around this by doing one firmware package at a time.
For that it is highly helpful to be able to query (or possibly re-query)
all outstanding fimrware packages.
-q together with -n only shows each package to be installed one by line.
Once https://github.com/freebsd/pkg/issues/2195 will be implemented
we could undo this part of the change and future changes to the installer
and use the new option for pkg-install(8) there.
While here switch to getopts so -qn works and not just -q -n.
Sponsored by: The FreeBSD Foundation
Reviewed by: manu
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47445
(cherry picked from commit 1eb3f15c149b9a2e5b6f5e10aed454fc85945bbd)
(cherry picked from commit 814a49d65ace83b7a955cca32ff243f4abe7cd50)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the flavored port for all the
supported wireless drivers we recently added support for.
Sponsored by: The FreeBSD Foundation
Pointed out by: cperciva (as part of the set of changes)
Reviewed by: cperciva (#releng)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D47406
(cherry picked from commit 2483a2d36803896d27861c03e1f53dd9546b1e73)
(cherry picked from commit f21cb43c91ef5ff54173b15f550e711c9f87eec6)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add sys/sytm.h for __diagused which unbreaks compilation of
drm-kmod 5.10-lts on main.
Sponsored by: The FreeBSD Foundation
Reported by: Evgenii Khramtsov
PR: 282479
Fixes: 5c92f84bb607
Approved by: re (cperciva)
(cherry picked from commit 9b2705121ba230bf71a1509cc928f0481dfbf31c)
(cherry picked from commit 06733ceca677b2d8ea2ae738bbb624d510fc9df8)
|
| |
|
|
|
| |
Approved by: re (implicit)
Sponsored by: Amazon
|
| |
|
|
|
| |
Approved by: re (implicit)
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Author: Mateusz Guzik <mjg@FreeBSD.org>
Date: Thu Sep 14 16:13:01 2023 +0000
vfs: don't provoke recycling non-free vnodes without a good reason
If the total number of free vnodes is at or above target, there is no
point creating more of them.
This commit was done as a performance optimization but ends up
causing slowdowns when doing operations on many files.
Approved by: re (cperciva)
Requested by: re (cperciva)
(cherry picked from commit ab05a1cf321aca0fe632c1ab40f68630b477422c)
(cherry picked from commit 2ca9c96dc0cf0d1f91b37346bce8fd0dd1639ddd)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are installed into /ociimages/ and stage onto the download site
at /OCI-IMAGES/; they don't belong in the same directory as the
"distribution" .txz files.
Approved by: re (cperciva)
Fixes: d03c82c28da8 ("release: add optional OCI images")
MFC after: 1 minute
Sponsored by: Amazon
(cherry picked from commit 976e1d36be688166e140cbaded01d433c61e6d47)
(cherry picked from commit a8bdbdbdba3e7c6e3a330026dcd82e922a4265c8)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use a *.txz glob to get all of the "distributions" which comprise
the FreeBSD release, but we now (optionally) also build container
images which are .txz files. Grep those out from the distribution
lists.
A better long-term fix would probably be to generate an explicit list
of the .txz files we want rather than using an overbroad glob and
filtering out the files we *don't* want.
Approved by: re (cperciva)
Fixes: d03c82c28da8 ("release: add optional OCI images")
MFC after: 1 minute
Sponsored by: Amazon
(cherry picked from commit 47866cdcc7278faa27250dcea16374231c676050)
(cherry picked from commit 012bb7fdafb30032f7a09212ffd6398eb4230b07)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all of the tree is happy for realinstall to be done in parallel. In
particular, Makefile.inc1 uses .WAIT to force etc to be installed after
earlier subdirectories, since etc calls into share/man's makedb to run
makewhatis on the tree and needs all manpages to have been installed.
Also, libexec/Makefile doesn't set SUBDIR_PARALLEL, and the link from
ld-elf32.1 to ld-elf.1 relies on rtld-elf having been installed before
rtld-elf32, otherwise creating the link will fail.
In general, core behavioural differences like this between NO_ROOT and
"normal" builds are also dangerous and confusing.
If this optimisation is deemed important, it should be reintroduced in a
more limited and robust manner that doesn't break the above situations.
Until then value correctness over slight efficiency gains on high core
count machines, the same machines where you're more likely to encounter
issues from this optimisation.
This reverts commits cd19ecdbdc87 ("Similar to r296013 for NO_ROOT,
force SUBDIR_PARALLEL for buildworld WORLDTMP staging.") and
b9c6f3168112 ("Add more STANDALONE_SUBDIR_TARGETS.").
Approved by: re (cperciva)
Found by: CheriBSD Jenkins
Reviewed by: bdrewery, brooks
Fixes: cd19ecdbdc87 ("Similar to r296013 for NO_ROOT, force SUBDIR_PARALLEL for buildworld WORLDTMP staging.")
Fixes: b9c6f3168112 ("Add more STANDALONE_SUBDIR_TARGETS.")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43705
(cherry picked from commit fbae308319b7678cd9d879f60b1efd8d4c99b5eb)
(cherry picked from commit 125ce840bc93f9cd9286c9724bf18f951e17d3fa)
|
