HardenedBSD-12-STABLE-v1200059.2
opntr
released this
29 Jul 07:16
·
299 commits
to hardened/12-stable/master
since this release
Highlights:
- MFC r349800,r349801: Fix misc fs fuzzing issues. (abeb80b) [FreeBSD-SA-Candidate]
- MFC r349802 (from fsu@): Add additional check for 'blocks per group' and 'fragments per group' superblock fields. (fcbcaeb) [FreeBSD-SA-Candidate]
- MFC r347695, r347696, r347697, r347957, r349326: Lockless delayed invalidation for amd64 pmap. (388f0c1)
- MFC r349880: Let linuxulator mprotect mask unsupported bits before calling kern_mprotect. (bc326df)
- MFC r350260: mqueuefs: fix struct file leak (bcc8624) [FreeBSD-SA-19:15.mqueuefs CVE-2019-5603]
- MFC r350244: bhyve: correct out-of-bounds read in XHCI device emulation (04ce7e7) [FreeBSD-SA-19:16.bhyve CVE-2019-5604]
- MFC r350156: Fix leak of memory and file refs with sendmsg(2) over unix domain sockets. (19e53c5) [FreeBSD-SA-19:17.fd CVE-2019-5607]
- nand: create device with 0640 permission (88f580f)
- MFC r349890: telnet: fix a couple of snprintf() buffer overflows (7e735c9) [FreeBSD-SA-19:12.telnet CVE-2019-0053]
- MFC r349733: Defer funsetown() calls for a TTY to tty_rel_free(). (4c06d4c) [FreeBSD-SA-19:13.pts CVE-2019-5606]
- MFC r349834 Ignore kern.vt.splash_cpu without graphics (b9fd720)
- MFC r349581 netmap: fix two panics with emulated adapter (2672ab3)
- MFC r349913: Ensure that mds_handler always points to a valid method. (c411b32) [FreeBSD-EN-19:13.mds]
- MFC r349876: Apply a workaround to be able to build clang 8.0.0 headers with clang 3.4.1, which is still in the stable/10 branch. (4453d14)
- MFC 347238: vmm(4): Pass through RDSEED feature bit to guests (e64222c)
- MFC 339911,339936,343075,343166,348592: Various AMD CPU-specific fixes. (2c0a81a)
- MFC r349753 netmap: Remove pointer leakage in netmap_mem2.c (b158d71)
- MFC r349527,349538: Sync libarchive with vendor. (2767b0a) [FreeBSD-SA-Candidate]
- cxgbe updates
- libbe updates
- bhyve updates
- LLVM and Clang updates
Changelog
Oliver Pinter (5):
HBSD: add libclang_rt.cfi-x86_64.a to ObsoleteFiles.inc
Merge remote-tracking branch 'origin/freebsd/12-stable/master' into hardened/12-stable/master
HBSD: fix merge conflict in src.conf.5 man page
HBSD: fix merge conflict in amd64's pmap.c, it conflicted on opt_pax.h
HBSD: fix clang related merge conflict and add missing cfi entry to ObsoleteFiles.inc
Oliver Pinter + (14):
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
Merge branch 'freebsd/12-stable/master' into hardened/12-stable/master
ae (1):
MFC r349940: Correctly truncate the rule in case when it has several action opcodes.
asomers (4):
MFC r349009:
MFC r349041:
MFC r349230, r349234, r349477
MFC r349237:
avg (7):
MFC r348355: revert r273728 and parts of r306589, iicbus no-stop by default feature
MFC r348688: first step towards enforcing must-succeed semantics for bus accessors
MFC r349406: owc.4: document how to set up the 1-wire bus on a device.hints system
MFC r349408: gpio.4: document device hints common to all devices on gpiobus
MFC r349428,r349433: owc_gpiobus: clean / fix up the driver module things
MFC r349460: gpiobus: provide a new hint, pin_list
MFC r349579: nctgpio: change default pin names to those used by the datasheet(s)
brooks (6):
MFC r350098, r350100-r350101
MFC r350102:
MFC r350049:
MFC r350067:
MFC r350116:
MFC r350117:
chuck (4):
MFC r345957
MFC r345956
MFC r348781
MFC r349969
cy (11):
MFC r349842:
MFC 349843:
MFC r348986:
MFC r348987, r348989:
MFC r349929:
MFC r349978:
MFC r349898, r349916:
MFC r349917:
MFC r349979:
MFC r349980:
MFC r350063:
dim (5):
MFC r349583:
MFC r349876:
MFC r349971:
MFC r348504 (by kevans):
MFC r348689 (by emaste):
dougm (1):
MFC r349286, r349293
emaste (7):
nand: create device with 0640 permission
MFC r350244: bhyve: correct out-of-bounds read in XHCI device emulation
MFC r349915 (seanc): usr.sbin/bhyve: initialize return value ...
bhyve: Fix resource leak when using strdup
MFC r350260: mqueuefs: fix struct file leak
MFC r343606: Enable lld as the system linker on i386
src.conf.5: regenerate after r350297 (lld for i386 MFC)
eugen (1):
MFC r345632 by lwhsu: Fix `make` in sys/modules
fsu (1):
MFC r349800,r349801:
hselasky (1):
MFC r349645: Remove dead code added after r348743 in the LinuxKPI. The LINUXKPI_VERSION macro is not defined for any compiled LinuxKPI code which basically means __GFP_NOTWIRED is never checked when allocating pages. This should work fine with the existing external DRM code as long as the page wiring and unwiring is balanced.
jhb (4):
MFC 348210: Add a constant for the LS config MSR on AMD CPUs.
MFC 339911,339936,343075,343166,348592: Various AMD CPU-specific fixes.
MFC 343068: Use capsicum_helpers(3) that allow us to simplify the code and its functions will return success when the kernel is built without support of the capability mode.
MFC 347238: vmm(4): Pass through RDSEED feature bit to guests
jhibbits (2):
MFC r346771
MFC r349874
johalun (2):
MFC r349277: LinuxKPI: Additions to rcu list.
MFC r349276: LinuxKPI: Add atomic_long_sub macro.
kevans (4):
MFC r348328: bectl(8): Address Coverity complaints
MFC r344226, r344234: stand: zfs memory corruption bug
MFC r348471: stand: zfs: Free bouncebuf on error path in vdev_read
MFC r349380, r349383, r349455: bectl(8)/libbe(3) fixes
kib (9):
MFC r349794: Document atomicity for read(2) and write(2).
MFC r349912: Restore ability to pass NULL name argument to pthread_set_name_np(3) to clear the thread name.
MFC r349913: Ensure that mds_handler always points to a valid method.
MFC r349950: Style: avoid long lines by using .Fo instead of .Fn.
MFC r349988: In dmar_find(), refuse to search for DMAR unit for non-PCI device.
MFC r350156: Fix leak of memory and file refs with sendmsg(2) over unix domain sockets.
MFC r350091: bsearch.3: Improve the example
MFC r344120: Unify i386 and amd64 getcontextx.c, and use ifuncs while there.
MFC r347695, r347696, r347697, r347957, r349326: Lockless delayed invalidation for amd64 pmap.
kp (1):
MFC r350095:
lwhsu (6):
MFC r349539
MFC r349472:
MFC r349872:
MFC r349543
MFC r350219
MFC r350221
markj (13):
MFC r349612: Mark pages allocated from the per-CPU cache.
MFC r349711: iwm: Drain callouts after stopping the device during detach.
MFC r344629: rtsol: Use vwarnx(3) to log messages to standard error.
MFC r349910: Fix some ISS bit definitions for data aborts.
MFC r350054: Use a platform-independent constant for PKG_MAX_SIZE.
MFC r350037: Fix the arm64 page table entry attribute mask.
MFC r350048: Chase r350037.
MFC r350086: Remove obsolete compatibility code from rtadvd.
MFC r350082: Reference stdint.h types in ctf.5.
MFC r350310: Fix the turnstile_lock() KPI.
MFC r349840: Add a per-CPU page cache per VM free pool.
MFC r349841: Elide the vm_reserv_free_page() call when PG_PCPU_CACHE is set.
MFC r350182: Rename vm_page_{import,release}() to vm_page_zone_{import,release}().
mav (2):
MFC r349418: Fix qlxgbe(4) static build.
MFC r340093 (by imp): Document disbale_phy in ahcich sysctls.
mm (1):
MFC r349527,349538: Sync libarchive with vendor.
np (4):
MFC r349865:
MFC r349956:
MFC r349870:
MFC r340173 (by jhb@):
pfg (1):
MFC r349802 (from fsu@):
philip (1):
MFC r349890: telnet: fix a couple of snprintf() buffer overflows
sjg (2):
libsecureboot: allow OpenPGP support to be dormant
loader: ignore some variable settings if input unverified
tijl (3):
MFC r349640, r349706:
MFC r349641:
MFC r349880:
vangyzen (1):
MFC r349834
vmaffione (10):
MFC r349752
MFC r349753
MFC r349966
MFC r349581
MFC r349869
MFC r349803
MFC r349867
MFC r349868
MFC r349935
MFC r349952
Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-12-STABLE-v1200059.2/
CHECKSUM.SHA512:
SHA512 (HardenedBSD-12-STABLE-v1200059.2-amd64-bootonly.iso) = 825d5f5ac4aae2e7146984d4f267dbb235b72ec4d87037227a44474172d1665976c8cd21a58c2fd5b661a799aee861f3c7e99e25c5a13851fbff76ff9925e1ec
SHA512 (HardenedBSD-12-STABLE-v1200059.2-amd64-disc1.iso) = 517554a50ae942a5689b063188fd2b15fcadd3cf6cd890953072d1e949936a5134fcaee57fbcdac3a2b7f095f90957e9bc62e6962f1e5087218231758c54000f
SHA512 (HardenedBSD-12-STABLE-v1200059.2-amd64-memstick.img) = 6dc3d2b2ffb7d74798b24c5d56cdeea0bad48630a26c5c69ed94f95d9a0e622486d81a44d6fd6823e4944c9b957da2c122f4c741229ded2120200e765213adf9
SHA512 (HardenedBSD-12-STABLE-v1200059.2-amd64-mini-memstick.img) = 1e7c2e6c64d0fcb6687e15fb8f6efe313891a69532f806f8bb1dee333a1b07b8de0d217532c2be41d9459c7b7148efaec469ccf3993385396721c7b4756ee947
CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAl0+XtoACgkQgZsRom/9
GI1fSg//eyKb4hpWHplMFgge6EsKzbpnwDUSmTTQ8jnT2oShRoOPJsveRsG3rmln
XUb2mOYm+xDptKzk+EounQbbz99i/BsPJ6TgPoWImhVfGKgFvzfb39BCLyzIaYC2
EiunpoyqpjVnfAYlE9lxea4gPaCZDQTk66uDQHpw0ccXZBV7rh3iM9AWxoftNGke
t3+KOjtLcuDIBtJY7PrE1LCvaQQF6WHmA9s723fjonzVslKZybJckfa3+ABFBDpk
YNZcpK8dUfM0+GniyjHuXppFzHu11I5hoxEapMsgysg4sqUOyzc11N42L5eN86SO
STqAuwJWJm7SYKI5kJPRKYLQNO0b1xKpv4VuJ1NvjRd936HrCETCRZ82WJIgCx6E
lZPasAdNZjqWBxm6LpJFmujqeVjFfdIqTxg1tlYPWXyqNJFJIlgJMHLj3shfnqbq
d2oodVCwJ4cj++V5Vi9erTWJMI7Q2jXqBIYW0lyTRyXatbs1as9XoXLxC1nI3WML
YB3kxbOIyJUAm67wtp4yrS8dkGRIWbNKitWE0mjl3zrmb7oPM0o3MY6Ej1yvk+bV
XHAafX/QW2xv+HNTrcSnkWZdbqVXFdZ9SqXeo0p6piTtpWyInDuQosj0RZgSxTYZ
YCzQNykEC7adikHafAJc6YfQXfM4Pyv617tS9dpVvR8mxRGgHig=
=Yfhd
-----END PGP SIGNATURE-----
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt
shortlog-HardenedBSD-12-STABLE-v1200059.2.txt