Releases: HardenedBSD/hardenedBSD-stable
Releases · HardenedBSD/hardenedBSD-stable
HardenedBSD-12-STABLE-v1200059.3
Highlights:
- MFC r350645: Correct ICMPv6/MLDv2 out-of-bounds memory access (6d7f541) [CVE-2019-5608 FreeBSD-SA-19:19.mldv2]
- MFC r350635: bsnmp: add asn1 message length validation (be804d75b90865776e2d1174d40b6286a0679b950 [CVE-2019-5610 FreeBSD-SA-19:20.bsnmp]
- MFC 350618: Validate guest-supplied length of headers for TSO transmit requests. (34ae5e4) [CVE-2019-5609 FreeBSD-SA-19:21.bhyve]
- MFC of 349589, 350070, 350071, 350096, and 350187: Make filesystem-full messages limited per filesystem rather than systemwide; Add "untrusted" option to mount command (7b0bf49)
- MFC r350362 r367068: stack protector fixes for LLVM generated codes (ad1889b) [FreeBSD-SA-Candidate]
- HBSD: set LC_COLLATE to C by default (1ec32fd)
- MFC r350310: Fix the turnstile_lock() KPI. (5a909d9) [FreeBSD-EN-19:14.epoch FreeBSD-SA-Candidate]
Changelog
Oliver Pinter (2):
HBSD: fix mismerge in src.conf.5 regarding the state of lld
HBSD: set LC_COLLATE to C by default
Oliver Pinter + (20):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
ae (1):
MFC r350417: Add ipfw_get_action() function to get the pointer to action opcode.
arybchik (3):
MFC r350369
MFC r350370
MFC r350371
bapt (1):
MFC r350358:
brooks (7):
MFC r350143, r350148
MFC r350157:
MFC r350158:
MFC r350159:
MFC r350160:
MFC r350218:
MFC r350228:
cy (4):
MFC r350064:
MFC r350548:
MFC r350567:
MFC r350568:
dim (2):
MFC r350360:
MFC r350362:
dougm (1):
MFC r350183, r350359
emaste (5):
MFC r350215: mptutil: emit a warning on big-endian architectures
objdump: update deprecation notice
MFC r350518: as: add deprecation notice to the man page
MFC r350635: bsnmp: add asn1 message length validation
MFC r350645: Correct ICMPv6/MLDv2 out-of-bounds memory access
gallatin (1):
MFC r350245
ganbold (1):
MFC r346993 Add a hw.model sysctl oid for arm64 which reports the CPU model similar to armv6/7.
jhb (1):
MFC 350618: Validate guest-supplied length of headers for TSO transmit requests.
jilles (1):
MFC r350425: printf(1): Note that \c only works in %b strings
kevans (1):
MFC r350336: if_tun(4): Add TUNGIFNAME
kp (1):
MFC r350416:
manu (16):
MFC r340845-r340848, r340971, r340981, r342076
MFC r340987, r340989, r341254, r341269, r341333
MFC r342936, r343873
MFC r342924, r343749-r343750, r343874, r344893-r344895, r345711
MFC r345948, r345951
MFC r346092, r346271-r346272
MFC r346293:
MFC r342008, r342010-r342020
MFC r344633-r344634, r344638
MFC r346305, r346691-r346694, r346696-r346697
MFC r346295, r346297
MFC r346298:
MFC r346334, r346787-r346789, r347017
MFC r347362:
MFC r347489-r347491, r347512
MFC r348179-r348182
markj (4):
MFC r350513: Fix formatting.
MFC r350514: Add an MLINK for daemonfd(3).
MFC r350432: Merge r3778 and r3779 from ELFToolchain.
MFC r350544: Add bzip2recover.1.
mckusick (1):
MFC of 349589, 350070, 350071, 350096, and 350187
rmacklem (1):
MFC: r350367 Lock the vnode before calling ufs_bmap_seekdata().
Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-12-STABLE-v1200059.3/
CHECKSUM.SHA512:
SHA512 (HardenedBSD-12-STABLE-v1200059.3-amd64-bootonly.iso) = 5557676ae6108964f2da47d28803da1912fd70cfa0a9d388e066f78a0e9bad58f7c5a2abad247116f11c7f399f79de2f74bc60c89823c14d6a9ddc8a3597d338
SHA512 (HardenedBSD-12-STABLE-v1200059.3-amd64-disc1.iso) = d49899b7f8b9922da3212c937e1b9ddd29c127002b6c257209694d24b0bc58758c8c785b906bdfe45c3fb8071f3d3bd127ace6d06a4eed3ddc15e3796eb669af
SHA512 (HardenedBSD-12-STABLE-v1200059.3-amd64-memstick.img) = abb3d156c423a55c23070b01a64f705eed33dc833fe56090c00cb6de69d63be2d880f3a4350ae860eaeb5e0b25eb02cddadb154c6d3b31d489f4ab28e8322da0
SHA512 (HardenedBSD-12-STABLE-v1200059.3-amd64-mini-memstick.img) = 1d812808356714e0df7048740e7d7d1e7b6b62de0fb5e0551bbb8e950a40a8f9f241b3c14d26fc9269bb1d00febe027ad65b7f6e60cb3c171d616c965e27e2f7
CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAl1Ln+8ACgkQgZsRom/9
GI3ETw/+KH7pzMhOV5/FB1WO5mG76QQQdCOZ6kyBKvq2unOHYl/iWz2vXD098v56
R5yVsofVNameLhSrJUt9ZdavWaXfsUoz+IqNX7oO8n8iwdRhQj2hhq1sKbImOSms
3dfRXxBkuL7uKkf6API7qXU8bkwYsEQ8sIIfD2/ZwU8DwTrILeJK0OHf++SPD2F9
/055Ed+5TEO1eHuKkntT3L1vm80WBHHtKP9U68t87U1FRdwiNmNt8cvgQULEBBri
ZthR5w+QXjOHO1Dp9WQniyelqU9I2AdDYWS01Cc7LC4hhZfMElUJHyv9XjVvpGuM
2saKT5c6siPNrcCzbrSuWzHLbCiMmav/S81eKFMG7DkCPx7KqfKkEC7xZYELM1LA
E3a+SSKz3VQ4tGsgaxKsI3PHDe6XtsqPY0gT13V6okKS8w4XSYq3I+O8MOeh9ruH
WsbfkaZfesLncHEtLomKS+d3W0pCI6I0tfVgOfyfQJIEPdXTYsQUlAoADZse7fOB
sjxPDJU9NInwjFCt+dgr/4P7unKDPPhBTOsm/ideIAXLMhjXG7cvk3FfbfeWx8Yc
9TJsBXzaWiHZdaVagL8dLaUYKPVxQvUrN4bmomqzosxrsbcIv4t7tHIr7MIRbJDM
h0Em3oDmYJmi9zS38nLbd2yMUwja/U6gyXv+Cs1VRL2eXJvVJu8=
=Lquj
-----END PGP SIGNATURE-----
shortlog-HardenedBSD-12-STABLE-v1200059.3.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt
HardenedBSD-12-STABLE-v1200059.2
Highlights:
- MFC r349800,r349801: Fix misc fs fuzzing issues. (abeb80b) [FreeBSD-SA-Candidate]
- MFC r349802 (from fsu@): Add additional check for 'blocks per group' and 'fragments per group' superblock fields. (fcbcaeb) [FreeBSD-SA-Candidate]
- MFC r347695, r347696, r347697, r347957, r349326: Lockless delayed invalidation for amd64 pmap. (388f0c1)
- MFC r349880: Let linuxulator mprotect mask unsupported bits before calling kern_mprotect. (bc326df)
- MFC r350260: mqueuefs: fix struct file leak (bcc8624) [FreeBSD-SA-19:15.mqueuefs CVE-2019-5603]
- MFC r350244: bhyve: correct out-of-bounds read in XHCI device emulation (04ce7e7) [FreeBSD-SA-19:16.bhyve CVE-2019-5604]
- MFC r350156: Fix leak of memory and file refs with sendmsg(2) over unix domain sockets. (19e53c5) [FreeBSD-SA-19:17.fd CVE-2019-5607]
- nand: create device with 0640 permission (88f580f)
- MFC r349890: telnet: fix a couple of snprintf() buffer overflows (7e735c9) [FreeBSD-SA-19:12.telnet CVE-2019-0053]
- MFC r349733: Defer funsetown() calls for a TTY to tty_rel_free(). (4c06d4c) [FreeBSD-SA-19:13.pts CVE-2019-5606]
- MFC r349834 Ignore kern.vt.splash_cpu without graphics (b9fd720)
- MFC r349581 netmap: fix two panics with emulated adapter (2672ab3)
- MFC r349913: Ensure that mds_handler always points to a valid method. (c411b32) [FreeBSD-EN-19:13.mds]
- MFC r349876: Apply a workaround to be able to build clang 8.0.0 headers with clang 3.4.1, which is still in the stable/10 branch. (4453d14)
- MFC 347238: vmm(4): Pass through RDSEED feature bit to guests (e64222c)
- MFC 339911,339936,343075,343166,348592: Various AMD CPU-specific fixes. (2c0a81a)
- MFC r349753 netmap: Remove pointer leakage in netmap_mem2.c (b158d71)
- MFC r349527,349538: Sync libarchive with vendor. (2767b0a) [FreeBSD-SA-Candidate]
- cxgbe updates
- libbe updates
- bhyve updates
- LLVM and Clang updates
Changelog
Oliver Pinter (5):
HBSD: add libclang_rt.cfi-x86_64.a to ObsoleteFiles.inc
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: fix merge conflict in src.conf.5 man page
HBSD: fix merge conflict in amd64's pmap.c, it conflicted on opt_pax.h
HBSD: fix clang related merge conflict and add missing cfi entry to ObsoleteFiles.inc
Oliver Pinter + (14):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
ae (1):
MFC r349940: Correctly truncate the rule in case when it has several action opcodes.
asomers (4):
MFC r349009:
MFC r349041:
MFC r349230, r349234, r349477
MFC r349237:
avg (7):
MFC r348355: revert r273728 and parts of r306589, iicbus no-stop by default feature
MFC r348688: first step towards enforcing must-succeed semantics for bus accessors
MFC r349406: owc.4: document how to set up the 1-wire bus on a device.hints system
MFC r349408: gpio.4: document device hints common to all devices on gpiobus
MFC r349428,r349433: owc_gpiobus: clean / fix up the driver module things
MFC r349460: gpiobus: provide a new hint, pin_list
MFC r349579: nctgpio: change default pin names to those used by the datasheet(s)
brooks (6):
MFC r350098, r350100-r350101
MFC r350102:
MFC r350049:
MFC r350067:
MFC r350116:
MFC r350117:
chuck (4):
MFC r345957
MFC r345956
MFC r348781
MFC r349969
cy (11):
MFC r349842:
MFC 349843:
MFC r348986:
MFC r348987, r348989:
MFC r349929:
MFC r349978:
MFC r349898, r349916:
MFC r349917:
MFC r349979:
MFC r349980:
MFC r350063:
dim (5):
MFC r349583:
MFC r349876:
MFC r349971:
MFC r348504 (by kevans):
MFC r348689 (by emaste):
dougm (1):
MFC r349286, r349293
emaste (7):
nand: create device with 0640 permission
MFC r350244: bhyve: correct out-of-bounds read in XHCI device emulation
MFC r349915 (seanc): usr.sbin/bhyve: initialize return value ...
bhyve: Fix resource leak when using strdup
MFC r350260: mqueuefs: fix struct file leak
MFC r343606: Enable lld as the system linker on i386
src.conf.5: regenerate after r350297 (lld for i386 MFC)
eugen (1):
MFC r345632 by lwhsu: Fix `make` in sys/modules
fsu (1):
MFC r349800,r349801:
hselasky (1):
MFC r349645: Remove dead code added after r348743 in the LinuxKPI. The LINUXKPI_VERSION macro is not defined for any compiled LinuxKPI code which basically means __GFP_NOTWIRED is never checked when allocating pages. This should work fine with the existing external DRM code as long as the page wiring and unwiring is balanced.
jhb (4):
MFC 348210: Add a constant for the LS config MSR on AMD CPUs.
MFC 339911,339936,343075,343166,348592: Various AMD CPU-specific fixes.
MFC 343068: Use capsicum_helpers(3) that allow us to simplify the code and its functions will return success when the kernel is built without support of the capability mode.
MFC 347238: vmm(4): Pass through RDSEED feature bit to guests
jhibbits (2):
MFC r346771
MFC r349874
johalun (2):
MFC r349277: LinuxKPI: Additions to rcu list.
MFC r349276: LinuxKPI: Add atomic_long_sub macro.
kevans (4):
MFC r348328: bectl(8): Address Coverity complaints
MFC r344226, r344234: stand: zfs memory corruption bug
MFC r348471: stand: zfs: Free bouncebuf on error path in vdev_read
MFC r349380, r349383, r349455: bectl(8)/libbe(3) fixes
kib (9):
MFC r349794: Document atomicity for read(2) and write(2).
MFC r349912: Restore ability to pass NULL name argument to pthread_set_name_np(3) to clear the thread name.
MFC r349913: Ensure that mds_handler always points to a valid method.
MFC r349950: Style: avoid long lines by using .Fo instead of .Fn.
MFC r349988: In dmar_find(), refuse to search for DMAR unit for non-PCI device.
MFC r350156: Fix leak of memory and file refs with sendmsg(2) over unix domain sockets.
MFC r350091: bsearch.3: Improve the example
MFC r344120: Unify i386 and amd64 getcontextx.c, and use ifuncs while there.
MFC r347695, r347696, r347697, r347957, r349326: Lockless delayed invalidation for amd64 pmap.
kp (1):
MFC r350095:
lwhsu (6):
MFC r349539
MFC r349472:
MFC r349872:
MFC r349543
MFC r350219
MFC r350221
markj (13):
MFC r349612: Mark pages allocated from the per-CPU cache.
MFC r349711: iwm: Drain callouts after stopping the device during detach.
MFC r344629: rtsol: Use vwarnx(3) to log messages to standard error.
MFC r349910: Fix some ISS bit definitions for data aborts.
MFC r350054: Use a platform-independent constant for PKG_MAX_SIZE.
MFC r350037: Fix the arm64 page table entry attribute mask.
MFC r350048: Chase r350037.
MFC r350086: Remove obsolete compatibility code from rtadvd.
MFC r350082: Reference stdint.h types in ctf.5.
MFC r350310: Fix the turnstile_lock() KPI.
MFC r349840: Add a per-CPU page cache per VM free pool.
MFC r349841: Elide the vm_reserv_free_page() call when PG_PCPU_CACHE is set.
MFC r350182: Rename vm_page_{import,release}() to vm_page_zone_{import,release}().
mav (2):
MFC r349418: Fix qlxgbe(4) static build.
MFC r340093 (by imp): Document disbale_phy in ahcich sysctls.
mm (1):
MFC r349527,349538: Sync libarchive with vendor.
np (4):
MFC r349865:
MFC r349956:
MFC r349870:
MFC r340173 (by jhb@):
pfg (1):
MFC r349802 (from fsu@):
philip (1):
MFC r349890: telnet: fix a couple of snprintf() buffer overflows
sjg (2):
libsecureboot: allow OpenPGP support to be dormant
loader: ignore some variable settings if input unverified
tijl (3):
MFC r349640, r349706:
MFC r349641:
MFC r349880:
vangyzen (1):
MFC r349834
vmaffione (10):
MFC r349752
MFC r349753
MFC r349966
MFC r349581
MFC r349869
MFC r349803
MFC r349867
MFC r349868
MFC r349935
MFC r349952
~~...
HardenedBSD-12-STABLE-v1200059.1
Highlights:
- MFC: r348590, r348591 Modify mountd so that it incrementally updates the kernel exports upon a reload. (8fc34de)
- MFC r349098: Add macOS-like three finger drag trackpad gesture to psm(4) (59d69e8)
- MFC r349505: Upgrade to Bzip2 version 1.0.7. (1ab7a3c) [CVE-2016-3189 CVE-2019-12900]
- MFC r349320, r349324: coredump: avoid writing to core files not owned by the effective user. (a6fa17e)
- MFC r349268: nandsim: correct test to avoid out-of-bounds access (331c7e4) [FreeBSD-SA-Candidate]
- MFC r349627: Remove the CDIOCREADSUBCHANNEL_SYSSPACE ioctl. (38642b5) [FreeBSD-SA-19:11.cd_ioctl CVE-2019-5602]
- MFC r349619: libc: correct iconv buffer overflow (cb54f67) [FreeBSD-SA-19:09.iconv CVE-2019-5600)
- MFC r349592: Import tzdata 2019b (13738a6)
- MFC r346455-r346458, r348520, r348529, r348817, r348818 psm driver update (da6caf7)
- MFC r348993,349135: Sync libarchive with vendor including security fixes (1859a7c)
- MFC r348802: Remove lazy FPU switch support from amd64. (6fc5e4f)
- MFC r348764: Allow UMA hash tables to expand faster then 2x in 20 seconds. (2a2c9ba)
- MFC r349192: Add the ability to limit how much the code will fragment the RACK send map in response to SACKs. (92a5c7e) [FreeBSD-SA-19:08.rack CVE-2019-5599]
- MFC r347949, r347955: Implement the M_NEXTFIT allocation strategy for vmem(9). (fc11b18)
- MFC r348742: Fix a race between fasttrap and the user breakpoint handler. (932a7c4)
- MFC r348539: amd64 ef_rt_arch_call: Preserve %rflags around call into EFI RT service. (16f0086)
- MFC r348235: Add
missingandor-flushoptions to "ipfw table create" command to simplify firewall reloading. (07cb67b) - MFC r348065: Correct the way remaining battery life is calculated (e520b68)
- MFC r348059: vt efifb: add suspend/resume calls (52c1462)
- AHCI and CAM updates
- RISC-V updates
- ZFS updates
- bhyve updates
- cuse updates
- cxgbe updates
- dhclient updates
- epoch updates
- iflib updates
- mountd updates
- CVE-2019-5601 for UFS is already fixed in our previous release, but you may need to do additional steps, for more information please see FreeBSD's SA: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:10.ufs.asc
Changelog
Oliver Pinter (4):
HBSD: add device tpm to OP-HBSD kernel config
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
HBSD: resolve merge conflict in kern_mmap after 8f8856facd684bfebec514f6a258622e1ff93f2f
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
Oliver Pinter + (41):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Shawn Webb (7):
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts
Merge remote-tracking branch 'freebsd/stable/12' into hardened/12-stable/master
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflicts
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
ae (8):
MFC r348236: Restore IPV6_NEXTHOP option support that seem was partially broken since r286195.
MFC r348235: Add `missing` and `or-flush` options to "ipfw table <NAME> create" command to simplify firewall reloading.
MFC r348682: Initialize V_nat64out methods explicitly.
MFC r348774: Use underscores for internal variable name to avoid conflicts.
MFC r349267: Add "tcpmss" opcode to match the TCP MSS value.
MFC r349364: Restore ipfw(8)'s compact output support broken after r331668.
MFC r349365: Mark default rule with IPFW_RULE_NOOPT flag, so it can be showed in compact form.
MFC r349366: Follow the RFC 3128 and drop short TCP fragments with offset = 1.
allanjude (4):
MFC r347953:
MFC r348068, r348071
MFC r348065:
MFC r348714:
asomers (12):
MFC r345034:
MFC r345202:
MFC r345677:
MFC r346078:
MFC r346750:
MFC r346847:
MFC r347032:
MFC r348077:
MFC r348113:
MFC r348251:
MFC r348316:
MFC r348737:
avg (11):
MFC r344359: fix userland illumos taskq code to pass relative timeout to cv_timedwait
MFC r344360: zpool.8: document -D flag for zpool status
MFC r344361: zpool.8: sort zpool status flags in the same order as in illumos manual
MFC r345411: intpm: change translation of HBA error status to smbus(4) errors
MFC r348153-r348155: gpioled: add a new hint for initial state
MFC r348152: Add USB ID for CP2112
MFC r348159: add mrsas_shutdown method
MFC r348227: amdgpio: remove new line symbols from pin names
MFC r348228: amdgpio: fix reading status of input pins
MFC r348772: Restore ARC MFU/MRU pressure
drm2/intel_iic: stop using iicbus_set_nostop
bapt (1):
MFC r346149:
br (17):
MFC 339774:
MFC r344252:
MFC r345581:
MFC r345796:
MFC r346633:
MFC r346634:
MFC r346896:
MFC r346994:
MFC r347225:
MFC r347226:
MFC r347337:
MFC r347342:
MFC r347344:
MFC r347351:
MFC r347427:
MFC r347514:
MFC r348364:
cperciva (2):
MFC r347370: Bump EC2 AMI filesystem size up to 4000 MB.
MFC r348681: Only respond to the PCIe Attention Button if a device is already plugged in.
cy (20):
MFC r348310:
MFC r348311:
MFC r348312:
MFC r348320:
MFC r348718:
MFC r348575:
MFC r348666:
MFC r348667:
MFC r348985:
MFC r349152:
MFC r342972:
MFC r349153:
MFC r349331:
MFC r349362:
MFC r349399-349400,349567-349568:
MFC r349401:
MFC r349448:
MFC r349449, r349452:
MFC r349450-349451:
MFC r349503-349504:
delphij (1):
MFC r349505: Upgrade to Bzip2 version 1.0.7.
dim (1):
MFC r348500:
emaste (8):
MFC r348059: vt efifb: add ...
HardenedBSD-12-STABLE-v1200059
Highlights:
- MFC r348167, r348168, r348359, r348361: Add posixshmcontrol(1) utility. (a6d485c)
- MFC 347033: Increase the VirtIO segment count to support modern Windows guests. (8fb552d)
- MFC r348052: NDFREE(): Fix unlocking for LOCKPARENT|LOCKLEAF and ndp->ni_dvp == ndp->ni_vp. (7b981e8)
- MFC: r348340 Merge OpenSSL 1.1.1c. (c7f23c3) [CVE-2019-1543]
- MFC r346630: Add GRE-in-UDP encapsulation support as defined in RFC8086. (fdaf572)
- MFC 346649: Don't panic for empty CCM requests. (71cf38a) [FreeBSD-SA-candidate]
- MFC: r347960: bhyve virtio needs barriers (7532fd5)
- MFC r347698: amd64 pmap: sysctl vm.pmap.pcid_save_cnt should be read-only. (330c653)
- MFC r347216: amd64: fix BUS_SPACE_MAXSIZE to 64bit max value. (489fe9b)
- MFC r347570: Specify -z notext when building with -z ifunc-noplt. (3d54d87)
- MFC r343985, r344133, r345273 (by bde): Prevent overflow for usertime/systime in caclru1(). (6fc6ab1)
- MFC r346647: [acpi_ibm] Add support for newer Thinkpad models (28e53eb)
- MFC r347368: x86: Put other CPUs into tight loop when updating Intel microcode from loaded OS. (743eb89)
- MFC r347566: Mitigations for Microarchitectural Data Sampling. (9127874) [FreeBSD-SA-19:07.mds CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091]
- MFC r347133: arm64: Properly restore PAN when done with userspace access in casueword. (e939702)
- MFC of 347064, 347066, and 347130 Avoid leaking kernel stack when creating directory names. (0775f68) [FreeBSD-SA-candidate]
- MFC r346594: Add ATA power mode support to camcontrol (fb397ee)
- MFC r346602, r346670-r346671, r347183: tun/tap race fixes (e42a63a)
- HBSD: Add userland plumbing for SpectreV1 mitigation (0eda835)
- MFC r347139: MFV r347136: Update sqlite3-3.27.2 (3270200) --> sqlite3-3.28.0 (3280000) (937edc9) [CVE-2019-9937 CVE-2019-9936]
- MFC r346990: Fix another race between vm_map_protect() and vm_map_wire(). (b306eea)
- MFC r345576: Merge r345574 from vendor-crypto: upstream: when checking that filenames sent by the server side - ssh (4594eb5)
- Zero out the file directory entry metadata to reduce disk scavenging disclosure. (f9cd4e1) [FreeBSD-SA-candidate]
- HBSD MFC: This update eliminates a kernel stack disclosure bug in UFS/FFS directory entries (81b3a31)
- MFC r345525: Fix a double free of an SCTP association in an error path. (4350926) [FreeBSD-SA-candidate]
- MFC r345461: Limit the size of messages sent on 1-to-many style SCTP sockets with the SCTP_SENDALL flag. (b1fb067)
- MFC r345797: Add IPv6 transport for bsnmp. (ceaff70)
- MFC r341759, r341796, r341839, r341989, r346591: The following five MFCs update wpa 2.6 --> 2.8. (7494a81) [FreeBSD-SA-candidate CVE-2019-9494 VU#871675 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499]
- MFC r345830: Create kernel module to parse Veriexec manifest based on envs (d4e7b8a)
- MFC r345438,r345842,r346259,r346261: TPM as possible entropy source (12443d5)
- MFC r342084,r342251,r342271,r342285: Introduce TPM2.0 driver (f036b47)
- MFC r344840: Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation (d0a2db0)
- MFC r345966, r345968: Implement devctl(8) command 'reset', using DEV_RESET /dev/devctl2 ioctl. (3992f8a)
- After r346168, also merge build infrastructure for LLVM libomp. (3f18402)
- MFC r345425, r345514, r345799, r345800, r345803, r346157: Enable tmpfs rw->ro remounts. (98f1fb4)
- MFC r345293: Update NAT64LSN implementation (cab22fc)
- Revert r344898 (by kib), now that clang 8 has been merged (6168808)
- Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp 8.0.0 final release r356365. (37e0a32)
- Add support for loader veriexec (69d2666)
- MFC r343065, r343373-r343390, r343477 if_iwm driver update (f370d6a)
- MFC r344569, r344618, r344621 r344569: Implement parallel mounting for ZFS filesystem (b0578f7)
- MFC r344502: sh: Add set -o pipefail (038c461)
- NFS updates
- ZFS updates
- bhyve updates
- big LinuxKPI updates to catch up Linux v5.0 KPI
- cxgbe updates
- elftoolchain updates
- iflib updates
- libarchive updates
- libbe updates
- llvm updates
- loader updates
- lot of SCTP related bugfixes found by syzkaller
- mlx5 driver updates
- nvme updates
- secureboot related updates
Changelog
Oliver Pinter (1):
HBSD: bump __HardenedBSD_version to 1200059
Oliver Pinter + (104):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Mer...
HardenedBSD-12-STABLE-v1200058.4
Highlights:
- MFC r345078: hwpmc/core: Adopt to upcoming Skylake TSX errata. (4252e66)
- MFC: r344757: Fix double free in case of mount error. (6b0855e)
- MFC: r344754: Do not panic if inode bitmap is corrupted. (d58ea76)
- MFC: r344755: Fix integer overflow possibility. (66bedc8)
- MFC r344670: Allow FIONBIO and FIOASYNC ioctls on POSIX shm descriptors. (aaa017b)
- MFC r344562: FFS: allow sendfile(2) to work with block sizes greater than the page size (a32149b)
- HBSD: Revert "MFC r343964, r344121, r344128, r344593, r344594:" Revert of FreeBSD's ASR implementation. (9729cbe)
- MFC r344140,r344141,r344142,r344143,r344388,r344547: Add CBC-MAC authentication. Add AES-CCM encryption, and plumb into OCF. (9b2dd6c)
- HBSD: same shit like with librt, move libexecinfo's so to /lib (4403bef)
- MFC r344494,r344495: evdev: export event device properties through sysctl interface (dd53f13)
- Disable WITH_RETPOLINE on stable/12. (4e79588)
- MFC r344449: scp: validate filenames provided by server against wildcard (531e908)
- MFC r344883: nptd 4.2.8p12 --> 4.2.8p13 [FreeBSD-SA-Candidate CVE-2019-8936]
- MFC r344063,r344088: Sync libarchive with vendor. [FreeBSD-SA-Candidate CVE-2019-1000019 CVE-2019-1000020]
- MFC: r344602 Merge OpenSSL 1.1.1b. (bd8357d)
- HBSD: Disable cfi-icall for usr.sbin/ppp (c9056e1)
- Merge clang 7.0.1 and several follow-up changes (a39fc2a)
- MFC r343850: contigmalloc: handle M_EXEC. (bcfd287)
- ZFS updates
- ipfw updates
- pf updates
- ipfilter cleanups
- em, igbe updates
- net80211 updates
- iflib updates
Changelog
Oliver Pinter (5):
HBSD MFC r343827: r341692 changed cap_syslog(3) to preserve the stdio descriptors
HBSD: sync HARDENEDBSD kernel config with GENERIC
HBSD: sync OP-HBSD kernel config with recent HARDENEDBSD and GENERIC
HBSD: add HardenedBSD's CFI related clang lib to ObsoleteFiles
HBSD: same shit like with librt, move libexecinfo's so to /lib
Oliver Pinter + (96):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable...
HardenedBSD-12-STABLE-v1200058.3
Highlights:
- MFC r343784: Avoid leaking fp references when truncating SCM_RIGHTS control messages. (0526a0c) [CVE-2019-5596 FreeBSD-SA-19:02.fd]
- MFC r343780: amd64: clear callee-preserved registers on syscall exit. (bd0cbe8 CVE-2019-5595 FreeBSD-SA-19:01.syscall]
- MFC r343587: Add a simple port filter to SIFTR. (ab2d372)
- MFC r343060: [drm] Fix off-by-one error when accessing driver-specific ioctl handlers array (c53a074)
- MFC r341472: Add ability to request listing and deleting only for dynamic states. (caad386)
- MFC r343499: rc(8): do not stop dhclient(8) when wpa_supplicant(8) / hostapd(8) is used (0441c4f)
- MFC r343418: pf: Fix use-after-free of counters (824b38d)
- MFC r343395: Fix refcounting leaks in IPv6 MLD code leading to loss of IPv6 connectivity. (69483a2)
- HBSD: Add EFIRT to the HARDENEDBSD amd64 kernel (23220bd)
- HBSD: Disable cfi-icall for mount_nfs and showmount (924afb0)
- MFC of 343449 and 343483 Update tunefs to allow '_' in label names. (3df8523)
- MFC r343363, r343364: Fix an LLE lookup race. (4b6ead6) [FreeBSD-EN-19:07.lle]
- MFC r343089: Limit the user-controllable amount of memory the kernel allocates via IPPROTO_SCTP level socket options. (1d3e563)
- MFC r342857: Avoid overfow in vtruncbuf() (5dafae6)
- HBSD: Disable cfi-icall for NFS RPC utilities (d09bc59)
- MFC r343082: Implement shmat(2) flag SHM_REMAP. (58501d9)
- MFC r343286: nfs: Zero the buffers exported by NFSSVC_DUMPCLIENTS and DUMPLOCKS. (0e46cd7)
- MFC r343265: hwpmc: Plug memory disclosures from PMC_OP_{GETPMCINFO,GETCPUINFO}. (d5dd66e)
- MFC linuxulator stack memory disclosure fixes (c69e471)
- MFC r343017: Handle overflow in calculating max kmem size. (ef32d9a)
- nvdimm updates
- pf updates
- ipfilter updates
- ipfw updates
- netmap updates
- net80211 updates
Changelog
Oliver Pinter (1):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Oliver Pinter + (50):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Shawn Webb (3):
HBSD: Disable cfi-icall for NFS RPC utilities
HBSD: Disable cfi-icall for mount_nfs and showmount
HBSD: Add EFIRT to the HARDENEDBSD amd64 kernel
ae (2):
MFC r341471: Reimplement how net.inet.ip.fw.dyn_keep_states works.
MFC r341472: Add ability to request listing and deleting only for dynamic states.
araujo (1):
MFC r343077:
avg (1):
MFC r342170: add support for marking interrupt handlers as suspended
avos (24):
MFC r343088: rtwn_usb(4): add new USB id for RTL8821AU
MFC r342991: net80211: provide rate validation for injected frames.
MFC r343092: rtwn(4): clear 'basic' rate bit before calculating RTS/CTS rate.
MFC r343190: net80211: drop m_pullup call from ieee80211_crypto_decap.
MFC r343244: devd.conf(5): add otus(4) into wifi-driver-regex
MFC r343249: Fix duplicate wpa_supplicant(8) / hostapd(8) startup with devd(8)
MFC r343213: net80211: resolve ioctl <-> detach race for ieee80211com structure
MFC r343341: ifconfig: drop unused macros from ifieee80211.c
MFC r343235: iwn(4): drop return code from iwn_*attach functions (they cannot fail)
MFC r343340: net80211: fix channel list construction for non-auto operating mode.
MFC r343342: net80211: turn channel mode check into assertion.
MFC r343234: run(4): add more length checks in Rx path.
MFC r343238: urtw(4): add length checks in Rx path.
MFC r343472: otus(4): fix a typo in man page (802.11 -> 802.11n)
MFC r343473: geom_uzip(4): move NULL pointer KASSERT check before it is dereferenced
MFC r343495: wlan.4: improve wording
MFC r343497: Unbreak devd.conf(5) regex after r343249
MFC r343496: pcf(4): fix parentheses in if condition
MFC r343499: rc(8): do not stop dhclient(8) when wpa_supplicant(8) / hostapd(8) is used
MFC r343518: rtwn_usb(4): add new USB id.
MFC r343502: Remove RADIUS-related files when WITHOUT_RADIUS_SUPPORT=true is set in src.conf(5)
MFC r343576: ndiscvt(8): abort if no IDs were found during conversion.
MFC r343524: rsu(4): do not ignore mgmtrate / mcastrate / ucastrate.
MFC r343541: Drop some unneeded includes from wireless USB drivers.
bapt (1):
MFC: 343546
bcr (2):
Add ZFS usage tips to freebsd-tips.
MFC r343532: A few corrections and clarifications to r343406.
brooks (7):
MFC r343162:
MFC r343305:
MFC r343366:
MFC r340242:
MFC r340129, r340195, r340198
Regen after r343596: enable ppoll in capability mode.
MFC r343587:
cy (5):
MFC r343073:
MFC r343103:
MFC r343486:
MFC r343600:
MFC r342815:
delphij (4):
MFC r342845,342846: Port NetBSD improvements:
MFC r342856: Added support for the SIOCGI2C ioctl.
MFC r343038: Use TD_IS_IDLETHREAD instead of unrolled version.
MFC r342813: Remove unneeded headers.
emaste (3):
MFC r343153: freebsd-update.8: mandoc -Tlint fixes
MFC linuxulator stack memory disclosure fixes
MFC r339960 (cem): freebsd-update: add a progress report
gallatin (2):
MFC r341095:
MFC r343430
gjb (1):
MFC r343259: Correct a typo: was -> way.
gonzo (18):
MFC r343450:
MFC r343443, r343446, r343448, r343452
MFC r343028, r343104
MFC r343009, r343109-...
HardenedBSD-11-STABLE-v1100056.13
Highlights:
- MFC r343784: Avoid leaking fp references when truncating SCM_RIGHTS control messages. (70e1efc) [CVE-2019-5596 FreeBSD-SA-19:02.fd]
- MFC r343780: amd64: clear callee-preserved registers on syscall exit. (7ecad8e) [CVE-2019-5595 FreeBSD-SA-19:01.syscall]
- MFC r343499: rc(8): do not stop dhclient(8) when wpa_supplicant(8) / hostapd(8) is used (15afe7b)
- MFC r343418: pf: Fix use-after-free of counters (a1b2616)
- MFC of 343449 and 343483 Update tunefs to allow '_' in label names. (627115f)
- MFC r343249: Fix duplicate wpa_supplicant(8) / hostapd(8) startup with devd(8) (396ce84)
- MFC r343089: Limit the user-controllable amount of memory the kernel allocates via IPPROTO_SCTP level socket options. (58e6efc)
- MFC r343082: Implement shmat(2) flag SHM_REMAP. (5e5aec1)
- MFC r343286: nfs: Zero the buffers exported by NFSSVC_DUMPCLIENTS and DUMPLOCKS. (676ce69)
- MFC r343265: hwpmc: Plug memory disclosures from PMC_OP_{GETPMCINFO,GETCPUINFO}. (99c280e)
- MFC linuxulator stack memory disclosure fixes (8139f0a)
- MFC r343043: scp: disallow empty or current directory (ae0b64f) [CVE-2018-20685]
- llvm updates
- ena updates
- ipfilter updates
- pf updates
- net80211 updates
Changelog
Oliver Pinter (1):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Oliver Pinter + (48):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
ae (1):
MFC 342925: Relax requirement to packet size of CARP protocol and remove version check.
avos (20):
MFC r343190: net80211: drop m_pullup call from ieee80211_crypto_decap.
MFC r343244: devd.conf(5): add otus(4) into wifi-driver-regex
MFC r343249: Fix duplicate wpa_supplicant(8) / hostapd(8) startup with devd(8)
MFC r343213: net80211: resolve ioctl <-> detach race for ieee80211com structure
MFC r306323: [ath_hal] Add FCC6_FCCA regulatory domain (0x0014).
MFC r343341: ifconfig: drop unused macros from ifieee80211.c
MFC r343235: iwn(4): drop return code from iwn_*attach functions (they cannot fail)
MFC r343340: net80211: fix channel list construction for non-auto operating mode.
MFC r343342: net80211: turn channel mode check into assertion.
MFC r343234: run(4): add more length checks in Rx path.
MFC r343238: urtw(4): add length checks in Rx path.
MFC r343472: otus(4): fix a typo in man page (802.11 -> 802.11n)
MFC r343473: geom_uzip(4): move NULL pointer KASSERT check before it is dereferenced
MFC r343495: wlan.4: improve wording
MFC r343497: Unbreak devd.conf(5) regex after r343249
MFC r343496: pcf(4): fix parentheses in if condition
MFC r343499: rc(8): do not stop dhclient(8) when wpa_supplicant(8) / hostapd(8) is used
MFC r343502: Remove RADIUS-related files when WITHOUT_RADIUS_SUPPORT=true is set in src.conf(5)
MFC r343576: ndiscvt(8): abort if no IDs were found during conversion.
MFC r343541: Drop some unneeded includes from wireless USB drivers.
bapt (2):
MFC r340933:
MFC: 332990,337892,343546
brooks (3):
MFC r343162:
MFC r343366:
MFC r340242:
cy (5):
MFC r343073:
MFC r343103:
MFC r343486:
MFC r343600:
MFC r342815:
dab (2):
MFC r342770:
MFC r342822:
delphij (3):
MFC r342845,342846: Port NetBSD improvements:
MFC r342856: Added support for the SIOCGI2C ioctl.
MFC r343038: Use TD_IS_IDLETHREAD instead of unrolled version.
dim (1):
Pull in r337861 from upstream llvm trunk (by Hideki Saito):
emaste (3):
MFC r343043: scp: disallow empty or current directory
MFC r343153: freebsd-update.8: mandoc -Tlint fixes
MFC linuxulator stack memory disclosure fixes
gjb (1):
MFC r343259: Correct a typo: was -> way.
gonzo (2):
MFC r335675:
MFC r339523:
hselasky (5):
MFC r342730: Improve USB generic debug messages. Print process ID and name when opening and closing usb/ugenX.Y character device nodes.
MFC r342778: Reduce timeout for reading the USB HUB port status to 1000ms and try to filter out dead USB HUB devices by implementing an error counter, so that the USB enumeration thread does not spend all its time reading from non-responding devices, blocking user-space access in the end.
MFC r342884: Fix loopback traffic when using non-lo0 link local IPv6 addresses.
MFC r343451: Add full support for PCI_ANY_ID when matching PCI IDs in the LinuxKPI.
MFC r343453: Add new USB quirk.
jhb (1):
MFC 340206: Treat the memory lengths for CHELSIO_T4_GET_MEM as unsigned.
jilles (1):
MFC r343105: libedit: Avoid out of bounds read in 'bind' command
joerg (1):
MFC r342791: fix a typo in chio(4) (which propagates into chio(1))
kib (9):
MFC r343108: Trim whitespace at EoL, use tabs instead of spaces for indent.
MFC r343081: Trim spaces at the end of lines.
MFC r343086: Remove unused prototype.
MFC r343302: Remove unused *_sysinit_flags() declarations.
MFC r328433: EMFILE errno documented.
MFC r343082: Implement shmat(2) flag SHM_REMAP.
MFC r343484: Remove now redundand ifunc relocation code which should have been removed as part of r341441.
MFC r343607: Reserve a bit in the FreeBSD feature control note for marking the image as not compatible with ASLR.
MFC r343780: amd64: clear callee-preserved registers on syscall exit.
kp (6):
MFC r342591,342599:
MFC r342989
MFC r343130
MFC r343041
MFC r343295:
MFC r343418:
marius (2):
MFC: r333745, r333764, r337533, r339375, r341041
MFC: r342634 (partial)
markj (6):
MFC r342887: Stop setting if_linkmib in vlan(4) ifnets.
MFC r342864: Specify the correct...
HardenedBSD-12-STABLE-v1200058.2
Highlights:
- MFC r343043: scp: disallow empty or current directory (40c2d4e) [CVE-2018-20685 FreeBSD-SA-candidate]
- MFC r342887: Stop setting if_linkmib in vlan(4) ifnets. (9752824) [FreeBSD-SA-candidate]
- MFC r342849: libbe(3): Don't allow bootfs to be destroyed (43c0259)
- MFC r342792, r342805: Provide rc_service variable for rc service scripts (43d929c)
- MFC r342966: net80211: fix possible panic for some drivers after r342463 (afe64a5)
- MFC r342883: net80211: fix panic when device is removed during initialization (86c8489)
- MFC r342787: Add a bounds check to the tws(4) passthrough ioctl handler. (09c4a5a) [FreeBSD-SA-candidate]
- MFC r342575, r342580: ar: detect and error out on 32-bit symbol table overflow (932f2a3)
- MFC r342686: Avoid setting PG_U unconditionally in pmap_enter_quick_locked(). (6a79026)
- MFC of 342135 and 342290 Properly respond to error from VFS_ROOT() during mount. (3d8c983)
- MFC r342362-r342363: config(8) duplicate option handling (b436018)
- MFC r341101-r341103, r341148, r341391, r341422-r341423, r341454, r341780-r341781, r341805, r342026 Make powerpc booke kernels boot from ubldr. (5f1960a)
- MFC 339899: Make battery emptying rate available as sysctl variable. (fcad6d3)
- MFC 339620: Add a "live" mode to ktrdump. (9eec96e)
- MFC 340460: Convert the number of MSI IRQs on x86 from a constant to a tunable. (38147ce)
- MFC: r342286 Fix the NFSv4 server to obey vfs.nfsd.nfs_privport. (9e714b0)
- MFC r341998: pf: Fix endless loop on NAT exhaustion with sticky-address (8df6e4a) [FreeBSD-SA-candidate]
- MFC r342211: net80211: fix out-of-bounds read in ieee80211_amrr(9) (d8b9265)
- MFC r341833: pf: Prevent integer overflow in PF when calculating the adaptive timeout. (4e14cef)
- MFC r339746,339751,339794,340866,340939,342042: Sync libarchive with vendor. (7e7a6e6)
- MFC r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000) (5f41f06)
- HBSD: log pkg changes to /var/log/pkg.log (9135625)
- MFC r342030: Plug memory leak for AES_*_NIST_GMAC algorithms. (1f3faa4)
- amd64 string primitive optimizations
- asmc updates
- cxgbe updates
- ichwd updates
- loader updates
- mrsas updates
- netmap updates
- riscv updates
- rtwn updates
- sfxge updates
- tzdata updates
- zfs updates
Changelog
Oliver Pinter (7):
HBSD: update OP-HBSD kernel config
HBSD: add back radeon to OP-HBSD
HBSD: log pkg changes to /var/log/pkg.log
HBSD: bump copyright year to 2019
HBSD: update OP-HBSD kernel config
HBSD: disable DEADLKRES from OP-HBSD
HBSD: remove urtwn and urtwnfw from OP-HBSD
Oliver Pinter + (66):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Shawn Webb (2):
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: Resolve merge conflict
ae (3):
MFC r342030: Plug memory leak for AES_*_NIST_GMAC algorithms.
MFC r342298: Allow use underscores and dots in service names without escaping.
MFC r342925: Relax requirement to packet size of CARP protocol and remove version check.
arybchik (49):
MFC r340767
MFC r340826
MFC r340797
MFC r340805
MFC r340806
MFC r340799
MFC r340822
r340798
MFC r340800
r340796
MFC r340814
MFC r340875
MFC r340883
MFC r340884
MFC r340885
MFC r340886
MFC r340801
MFC r340802
MFC r340803
MFC r340804
MFC r340887
MFC r340888
MFC r340889
MFC r340890
MFC r340891
MFC r340892
MFC r340894
MFC r340895
MFC r340896
MFC r341197
MFC r341213
MFC r341214
MFC r341215
MFC r341290
MFC r341295
MFC r341301
MFC r341302
MFC r341309
MFC r341311
MFC r341326
MFC r341327
MFC r341297
MFC r341782
MFC r340831
MFC r340833
MFC r341038
MFC r341783
MFC r341784
MFC r341785
avg (9):
MFC r341632: acpi_{Device...
HardenedBSD-11-STABLE-v1100056.12
Highlights:
- MFC r305074-r305075, r327275, r327570: newfs_msdos updates (5c2dc49)
- MFC r342640: Ensure buffer is nul-terminated. (a5529f8)
- MFC r342966: net80211: fix possible panic for some drivers after r342464 (d72ddcc)
- MFC r342883: net80211: fix panic when device is removed during initialization (7f8b81b)
- MFC r342810: powerd(8): allow to force a method of battery state query (48d38e3)
- MFC r342787: Add a bounds check to the tws(4) passthrough ioctl handler. (5a40494)
- MFC r342686: Avoid setting PG_U unconditionally in pmap_enter_quick_locked(). (6b926a8)
- MFC r342362-r342363: config(8) duplicate option handling (0368474)
- MFC 339899: Make battery emptying rate available as sysctl variable. (6bb1449)
- MFC: r342286 Fix the NFSv4 server to obey vfs.nfsd.nfs_privport (4b90988)
- MFC r341998: pf: Fix endless loop on NAT exhaustion with sticky-address (955c6a3)
- MFC r342211: net80211: fix out-of-bounds read in ieee80211_amrr(9) (a94de32)
- MFC r339746,339751,339794,340866,340939,342042: Sync libarchive with vendor. (250ab27)
- MFC r333352 & r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)
- ZFS updates
- sfxge updates
- mrsas updates
- netmap updates
Changelog
Oliver Pinter (1):
HBSD: bump copyright year to 2019
Oliver Pinter + (46):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
ae (1):
MFC r342298: Allow use underscores and dots in service names without escaping.
arybchik (55):
MFC r312866
MFC r312867
MFC r312868
MFC r312883
MFC r312884
MFC r312885
MFC r340767
MFC r340797
MFC r340798
MFC r340800
MFC r340796
MFC r340800
MFC r340801
MFC r340802
MFC r340803
MFC r340804
MFC r340805
MFC r340806
MFC r340814
MFC r340822
MFC r340826
MFC r340831
MFC r340833
MFC r340875
MFC r340883
MFC r340884
MFC r340885
MFC r340886
MFC r340887
MFC r340888
MFC r340889
MFC r340890
MFC r340891
MFC r340892
MFC r340894
MFC r340895
MFC r340896
MFC r341038
MFC r341197
MFC r341213
MFC r341214
MFC r341215
MFC r341290
MFC r341295
MFC r341297
MFC r341301
MFC r341302
MFC r341309
MFC r341311
MFC r341326
MFC r341327
MFC r341782
MFC r341783
MFC r341784
MFC r341785
avg (8):
MFC r341681: daprobedone: announce if a disk is write-protected
MFC r342204: cyapa.4, isl.4: cross-reference and document use of chromebook_platform(4)
MFC r342072: ichwd: add support for clearing No Reboot bit in TCOv4
MFC r342073: ichwd: add Sunrise Point-LP ID
MFC r342193: ichwd: add a few assertions about tco_version
MFC r342169: add a knob that disables detection of write protected disks
MFC r342541: MFV r342532: 5882 Temporary pool names
MFC r342525: MFV r342469: 9630 add lzc_rename and lzc_destroy to libzfs_core
avos (5):
MFC r342185: iwi(4): do not leak node reference when IWI_FLAG_ASSOCIATED flag is set.
MFC r342211: net80211: fix out-of-bounds read in ieee80211_amrr(9)
MFC r342810: powerd(8): allow to force a method of battery state query
MFC r342883: net80211: fix panic when device is removed during initialization
MFC r342966: net80211: fix possible panic for some drivers after r342464
cy (8):
MFC r333352 & r342183:
MFC r342374:
MFC r341279:
MFC r342377:
MFC r342547:
MFC r342385:
MFC r342596:
MFC r342605:
dab (2):
MFC r342171:
MFC r342218:
delphij (4):
MFC r333391 (imp): Remove 'All Rights Reserved' from the collection copyright and templates.
MFC r342661: Happy New Year 2019!
MFC r342614, r342633
MFC r342640: Ensure buffer is nul-terminated.
dim (1):
Pull in r329671 from upstream clang trunk (by Akira Hatanaka):
emaste (1):
MFC r342575, r342580: ar: detect and error out on 32-bit symbol table overflow
eugen (3):
MFC r342141: periodic/weekly/340.noid: do not use sysrc(8) that depends on bsdinstall(8) and may be non-functional for system built WITHOUT_BSDINSTALL. (*)
MFC r342367: ifconfig.8, lagg.4: fix documentation bug: -use_flowid needs to be used to force local hash computation and disable usage of RSS hash provided by driver.
MFC r340617,341006: unbreak ng_source(4) for 64-bit platforms
fsu (1):
MFC r342933: Fix errno values returned from DUMMY_XATTR linuxulator calls
gjb (2):
Document SA-18:15, EN-18:16, EN-18:17, EN-18:18.
Document EN-19:03-05.
hselasky (2):
MFC r342456: Fix reading of USB sample rate descriptor for SPL Crimson Rev 1.
MFC r342549: Add USB quirk for SPL Crimson Rev 1.
jhb (10):
MFC 340304: Use tcp_state_change() in the cxgbe(4) TOE module.
MFC 340441: Revert r332735 and fix MSI-X to properly fail allocations when full.
MFC 340460: Convert the number of MSI IRQs on x86 from a constant to a tunable.
MFC 341800: Don't report stale signal information in ptrace_lwpinfo.
MFC 339620: Add a "live" mode to ktrdump.
MFC 341802: Validate the string size parameter passed to -s.
MFC 339894: Teach procstat -x about the AT_EHDRFLAGS ELF auxiliary vector.
MFC 339899: Make battery emptying rate available as sysctl variable.
MFC 340021: Assert that reclaim_tx_descs() is always making forward progress.
MFC 340022: Add support for port unit wiring to cxgbe(4).
jilles (2):
MFC r342816: thr_wake(2): Minor mdoc fixes
MFC r342817: getconf(1): Minor mdoc fix
kadesai (3):
MFC r342059-r342069
MFC r342079 Compilation failure on ppc and mips due to Revision 342066. Adding extra memset on chain frame.
MFC r342537...
HardenedBSD-11-STABLE-v1100056.11
Highlights:
- MFC r342030: Plug memory leak for AES_*_NIST_GMAC algorithms. (1ab95dc)
- MFC r342227: bootpd: validate hardware type (dc1918c) [FreeBSD-SA-18:15.bootpd]
- MFC r339909: Allow changing lagg(4) MTU (d055422)
- Partial MFC of r342125: Fix bugs in plugable CC algorithm and siftr sysctls. (f445d2a) [CVE-candidate]
- MFC r341990: Fix a possible mbuf double free in bwn_dma_tx_start(). (84fc627) [CVE-candidate]
- MFC r341441: Some fixes for LD_BIND_NOW + ifuncs. (65520f2)
- MFC r340046, r340050 Add support ps/2 scancodes for NumLock, ScrollLock and numerical keypad keys (c321d53)
- MFC r341375: Allow to create swap zone larger than v_page_count / 2. (61710bb)
- MFC r341008: Fix possible panic during ifnet detach in rtsock. (7a2718d)
- netmap updates
- mlx5* security and feature updates
- infiniband security and feature updates
- linuxkpi updates
Changelog
Oliver Pinter (1):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Oliver Pinter + (36):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
ae (4):
MFC r341008: Fix possible panic during ifnet detach in rtsock.
MFC r341469: Add assertion to check that named object has correct type.
MFC r341798: Use correct size for IPv4 address in gethostbyaddr(). When u_long is 8 bytes, it returns EINVAL and 'ipfw -N show' doesn't work.
MFC r342030: Plug memory leak for AES_*_NIST_GMAC algorithms.
allanjude (1):
MFC: r339289: Resolve a hang in ZFS during vnode reclaimation
araujo (1):
MFC r340046, r340050
avos (2):
MFC r316939: [lib80211] fix a missing cleanup path.
MFC r306173: Add TP-Link Archer T4U (and TPLINK vendor record in usbdevs).
bapt (1):
MFC r340111:
brooks (1):
Partial MFC of r342125:
cy (7):
MFC r341265:
MFC r341280:
MFC r341384:
MFC r341377, r341388 (fixup):
As part of the general cleanup of the ipfilter code, special cases are committed separately to document fixing them separately from the general cleanup. In this case we don't want to hide the utter brokenness of what is being fixed.
MFC r341650:
MFC r342150:
dab (3):
MFC r341820:
MFC r341806:
MFC r341988
emaste (1):
MFC r342227: bootpd: validate hardware type
eugen (7):
MFC r340245: ping(8): improve diagnostics in case of wrong arguments.
MFC r340319: jail(8): introduce new command option -e to exhibit a list of configured non-wildcard jails with their parameters, no matter running or not.
MFC r340321: Move definition of $jail_conf variable to /etc/defaults/rc.conf from jail startup script so it can be successfully queried with the command "sysrc jail_conf".
MFC r340322-r340324,r340327: periodic/etc/weekly/340.noid
MFC r340394: ipfw.8: Fix part of the SYNOPSIS documenting LIST OF RULES AND PREPROCESSING that is still referred as last section of the SYNOPSIS later but was erroneously situated in the section IN-KERNEL NAT.
MFC r341768,r341795: ping(8): remove needless comparision with LONG_MAX after unsigned long ultmp changed to long ltmp in r340245.
MFC r342071: ng_bpf.4: fix EXAMPLES: do not activate promiscuous mode
gjb (2):
Document SA-18:14.
MFC r339873:
hselasky (72):
MFC r341517 and r341592: linuxkpi: implement idr_is_empty() and ida_is_empty().
MFC r341591: Fix build of the atomic long LinuxKPI header file on some platforms.
MFC r341518: linuxkpi: Fix for use-after-free when tearing down character devices.
MFC r341519: linuxkpi: properly implement netif_carrier_ok().
MFC r341520: linuxkpi: Really check if PCI is offline
MFC r341521: ibcore: Make sure GID index variable gets initialized.
MFC r341522: ibcore: Discard unused error codes.
MFC r341523: ibcore: Don't access invalid port.
MFC r341524: ibcore: Add support for IB_SPEED_HDR in sysfs rate printout.
MFC r341525: ibcore: Check ib_find_pkey() return value.
MFC r341526: ibcore: Fix an array index check
MFC r341527: ibcore: Add missing check for failure.
MFC r341528: ibcore: Always check return value from ib_init_ah_from_wc().
MFC r341529: ibcore: Make sure all VNETs are scanned for VLAN interfaces.
MFC r341530: ibcore: Fix loopback with rdma-cm.
MFC r341531: ibcore: Add missing unref of netdevice.
MFC r341532: ibcore: Fix sleeping in atomic when RoCE is used
MFC r341533: ibcore: ip6_dev_find() needs to know the scope ID.
MFC r341534: ibcore: Fix clearing of bound device interface.
MFC r339012: For changing the MTU on tun/tap devices, it should not matter whether it is done via using ifconfig, which uses a SIOCSIFMTU ioctl() command, or doing it using a TUNSIFINFO/TAPSIFINFO ioctl() command. Without this patch, for IPv6 the new MTU is not used when creating routes. Especially, when initiating TCP connections after increasing the MTU, the old MTU is still used to compute the MSS. Thanks to ae@ and bz@ for helping to improve the patch.
MFC r341535: ipoib: correct setting MTU from inside ipoib(4).
MFC r341536: ipoib: Don't do a light flush when MTU is unchanged.
MFC r341537: ipoib: increase the non-cm queue length
MFC r341538: ipoib: Notify on modify QP failure only when relevant
MFC r341539: krping: Fix for memory leak in error case.
MFC r341540: libibverbs: Fix memory leak in ibv_read_sysfs_file().
MFC r341541: opensm: Use precision specifier for scanf
MFC r341542: mlx4core: Avoid multiplication overflow by casting multiplication.
MFC r341543: mlx4: Zero initialize device capabilities to avoid use of uninitialized fields.
MFC r341544: mlx4core: Add checks for invalid port numbers.
MFC r341545: mlx4: Add board identifier and firmware version to sysctl
MFC r341546: mlx4en: Add driver version to sysctl desc
MFC r341547: mlx4en: Remove the DRBR and associated logic in the transmit path.
MFC r341549: mlx4en: Add support for receiving all data using one or more MCLBYTES sized mbufs. Also when the MTU is greater than MCLBYTES.
MFC r341550: mlx4en: Remove duplicate statistics variable assignment.
MFC r341551: mlx4: Make sure default VNET is set when adding a new interface.
MFC r341552: mlx4en: Optimise reception of small packets.
MFC r341553: mlx5: Fix integer overflow while resizing CQ
MFC r341554: mlx5: Raise fatal IB event when sys error occurs
MFC r341555: mlx5: Discard unused return values.
MFC r341556: mlx5: Fix for potential memory leaks.
MFC r341557: mlx5: Add SRQ fixes from Linux
MFC r341558: mlx5: Convert some spaces into tabs and use device_printf() instead of printf().
MFC r341559 and r341645: mlx5: Move hw.mlx5 node defi...