@opntr opntr released this Oct 16, 2017 · 14291 commits to hardened/10-stable/master since this release

Assets 2

Warning: this is a security and feature update!

Highlights:

  • HyperV fixes
  • ZFS updates
  • libarchive update (CVE-2017-14166, CVE-2017-14502) (aea515e) [FreeBSD-SA-Candidate]
  • lot of hbsd-update improvements
  • Zero segment registers which contained invalid usermode selectors, when returning to kernel. (6a720c6, 2c707ee) [FreeBSD-SA-Candidate]
  • make fsck_y_enable more agressive (8430527)
  • HBSD MFC: Correct sense of crypt(3) NULL checks in init(8) and lock(1) (954bfe0) [FreeBSD-SA-Candidate]
  • HBSD MFC: netsmb: Fix buggy/racy smb_strdupin() (145ca72) [FreeBSD-SA-Candidate]
  • hbsdcontrol's kernel side implementation for more information please consult with https://github.com/HardenedBSD-stable/hardenedBSD/blob/hardened/11-stable/master/UPDATING-HardenedBSD
  • LLVM, clang, lldb, lld, compiler-rt and libc++ update to 5.0.0 (12cd91c)

Changelog

Oliver Pinter (12):
      HBSD: fix a possible "time of check to time of use" attack
      HBSD: allow to override hbsdcontrol settings with ACLs
      HBSD: add kernel side of hbsdcontrol
      HBSD: after the recent changes, bump by copyright years
      HBSD: add hbsdcontrol.sh as demonstration tool to examples directory
      HBSD: bump __HardenedBSD_version to 1100051 after hbsdcontrol merge
      HBSD: extend the UPDATING-HardenedBSD about the new kernel knobs
      HBSD: log PREFER_ACL (EXPLICIT_ACL) in pax_logs
      HBSD: improve log message in execve
      HBSD MFC: netsmb: Fix buggy/racy smb_strdupin()
      HBSD MFC: Correct sense of crypt(3) NULL checks in init(8) and lock(1)
      HBSD MFC r324225: ppp(8): Fix various bugs in NOPAM section of auth_CheckPasswd

Oliver Pinter + (33):
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

Shawn Webb (8):
      HBSD: Teach hbsd-update to populate chroots.
      HBSD: Use the local resolver by default
      HBSD: Teach hbsd-update to not download updates
      HBSD: Partially backport llvm toolchain commit
      HBSD: Teach hbsd-update to not update base
      HBSD: Do not default to using the local resolver
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict

ae (3):
      MFC r323836:   Do not acquire IPFW_WLOCK when a named object is created and destroyed.
      MFC r323839:   Use in_localip() function instead of unlocked access to addresses hash   to determine that an address is our local.
      MFC r324098:   Some mbuf related fixes in icmp_error()

alc (15):
      MFC r323785   Sync with amd64/arm/arm64/i386/mips pmap change r288256:
      MFC r323786   In r288122, we changed vm_page_unwire() so that it returns a Boolean   indicating whether the page's wire count transitioned to zero.  Use that   return value in zbuf_page_free() rather than checking the wire count.
      MFC r323868   Modernize calls to vm_page_unwire().  As of r288122, vm_page_unwire()   accepts PQ_NONE as the specified queue and returns a Boolean indicating   whether the page's wire count transitioned to zero.  Use these features   in dev/drm2.
      MFC r322459,322897   The *_meta_* functions include a radix parameter, a blk parameter, and   another parameter that identifies a starting point in the memory address   block.  Radix is a power of two, blk is a multiple of radix, and the   starting point is in the range [blk, blk+radix), so that blk can always be   computed from the other two.  This change drops the blk parameter from the   meta functions and computes it instead.  (On amd64, for example, this   change reduces subr_blist.o's text size by 7%.)
      MFC r323391   To analyze the allocation of swap blocks by blist functions, add a method   for analyzing the radix tree structures and reporting on the number, and   sizes, of maximal intervals of free blocks.  The report includes the number   of maximal intervals, and also the number of them in each of several size   ranges, from small (size 1, or 3 to 4) to large (28657 to 46367) with size   boundaries defined by Fibonacci numbers.  The report is written in the test   tool with the 's' command, or in a running kernel by sysctl.
      MFC r323981   Modernize the use of vm_page_unwire().  Since r288122, vm_page_unwire()   has returned TRUE when the wire count transitions to zero, eliminating   the need for callers to inspect the page's wire count.
      MFC r323961   Since the page "frame" doesn't belong to a vm object, it can't be paged   out.  Since it can't be paged out, it is never actually enqueued in a   paging queue.  Nonetheless, passing PQ_INACTIVE to vm_page_unwire()   creates the appearance that the page "frame" is being enqueued in the   inactive queue.  As of r288122, we can avoid this false impression by   passing PQ_NONE.
      MFC r323656   Modify blst_leaf_alloc to take only the cursor argument.
      MFC r323973,324087   Optimize vm_page_try_to_free().  Specifically, the call to pmap_remove_all()   can be avoided when the page's containing object has a reference count of   zero.  (If the object has a reference count of zero, then none of its pages   can possibly be mapped.)
      MFC r321015   Style-only change: Consistently use the variable name "pdpg" throughout   this file.  Previously, half of the pointers to a vm_page being used as   a page directory page were named "pdpg" and the rest were named "mpde".
      MFC r320980,321377   Generalize vm_page_ps_is_valid() to support testing other predicates on   the (super)page, renaming the function to vm_page_ps_test().
      MFC r319542,321003,321378   Eliminate duplication of the pmap and pv list unlock operations in   pmap_enter() by implementing a single return path.  Otherwise, the   duplication will only increase with the upcoming support for psind == 1.
      MFC r321386,321393   Utilize pmap_enter(..., psind=1) in vm_fault_soft_fast() on amd64.  (The   Differential Revision discusses the benefits of this change.)
      MFC r305685   Various changes to pmap_ts_referenced()
      MFC r324173   When an I/O error occurs on page out, there is no need to dirty the page,   because it is already dirty.  Instead, assert that the page is dirty.

asomers (4):
      MFC r322868:
      MFC r323193:
      MFC r323194:
      MFC r323813:

avg (16):
      MFC r323479,r323491: zfs: tighten debug versions of ZTOV and VTOZ
      MFC r323480: zfs_get_vfs: reference a requested filesystem instead of vfs_busy-ing it
      MFC r323355: MFV r323107: 8414 Implemented zpool scrub pause/resume
      MFC r323522: slightly simplify zfs_vptocnp
      MFC r323797: add vfs_zfs.abd_chunk_size tunable
      MFV r323796: fix memory leak in g_bio zone introduced in r320452
      MFC r323918: MFV r323917: 8648 Fix range locking in ZIL commit codepath
      MFC r323433,r323793,r323915: MFV r323110: 8558 lwp_create() returns EAGAIN on system with more than 80K ZFS filesystems, and followups
      MFC r323481: zfsvfs_hold: assert that the busied filesystem can not be unmounted
      MFC r323483: zfsctl_snapdir_lookup should be able to handle an uncovered vnode
      MFC r323791: MFV r323790: 8567 Inconsistent return value in zpool_read_label
      MFC r323578,r323769: dounmount: do not release the mount point's reference on the covered vnode
      MFC r323524: MFV r316932: 6280 libzfs: unshare_one() could fail with EZFS_SHARENFSFAILED
      MFC r323525: MFV r323523: 8331 zfs_unshare returns wrong error code for smb unshare failure
      MFC r323528: MFV r323527: 5815 libzpool's panic function doesn't set global panicstr
      MFC r323612: gmirror: treat ENXIO as disk disconnect, not media error

bapt (2):
      MFC r324100:
      MFC: r324362

cy (2):
      MFC r323945 and 323962
      MFC r324249, 324260, and 324277

dab (3):
      MFC r313107 (by danfe): Try to fix the old "he capability is stupid" bug in gettytab(5)/getty(8)
      MFC r317801 (by trasz):
      MFC r323252:

davidcs (5):
      MFC r323782 Add sysctl "enable_minidump" to turn on/off automatic minidump retrieval
      MFC r323781 Update minidump template for version 5.4.66
      MFC r323824   1. ql_hw.c:   	In ql_hw_send() return EINVAL when TSO framelength exceeds max   	supported length by HW.(davidcs)   2. ql_os.c:   	In qla_send() call bus_dmamap_unload before freeing mbuf or   	recreating dmmamap.(davidcs)   	In qla_fp_taskqueue() Add additional checks for IFF_DRV_RUNNING   	Fix qla_clear_tx_buf() call bus_dmamap_sync() before freeing   	mbuf.
      MFC r324026 Fix delete all multicast addresses
      MFC r324065 Tx Ring Shadow Consumer Index Register needs to be cleared prior to passing it's physical address to the FW during Tx Create Context.

dim (3):
      Synchronize most of libm with head as of r323004.  This excludes a few arch-specific updates for powerpcspe, mips and riscv, for which support has not been merged yet.
      Merge clang, llvm, lld, lldb, compiler-rt and libc++ 5.0.0 release.
      Belatedely fill in the dates for clang 5.0.0 update in UPDATING and ObsoleteFiles.inc.

ed (2):
      MFC r322965:
      MFC r321514, r322885, r323015, r323177

emaste (5):
      MFC r323438: make-memstick.sh: use UFSv2
      MFC r323394: newvers.sh: accept "git-svn-id:" at the start of a line only
      MFC r323405: newvers.sh: speed up failing git-svn revision search
      MFC r323675: libsysdecode: report invalid cap_rights_t
      MFC r309151: Use explicit 0x200000 for the amd64 kernel physaddr

eugen (1):
      MFC r323873, r324081: Unprotected modification of ng_iface(4) private data leads to kernel panic. Fix a race with per-node read-mostly lock and refcounting for a hook.

gordon (1):
      MFC r323709: Revert tcpdump to using the source manpage instead of having a copy here.

hselasky (4):
      MFC r324202: Make sure the doorbell lock is valid for the i386 version of the mlx5en(4) driver.
      MFC r315405, r323351 and r323364: Add helper function similar to ip_dev_find() to the LinuxKPI to lookup a network device by its IPv6 address in the given VNET.
      MFC r315404: Add basic support for VIMAGE to the LinuxKPI and ibcore.
      MFC r324320: Add support for new cuse(3) error code, CUSE_ERR_NO_DEVICE. This error code is useful when emulating Linux input event devices from userspace.

jhb (2):
      MFC 323631: Add an -a flag to getconf.
      MFC 323994: Log signal number passed to PT_STEP requests in KTR_PTRACE traces.

jkim (1):
      MFC:	r323840

kib (7):
      MFC r323768: For unlinked files, do not msync(2) or sync on the vnode deactivation.
      MFC r324079: Do not return from interrupt using the POP_FRAME;iret instruction sequence, always jump to doreti.
      MFC r324080: Zero segment registers which contained invalid usermode selectors, when returning to kernel.
      MFC r324113: Allow to disable default microcode updates search path with the new '-n' option.
      MFC r324114: Update cpucontrol(8).
      MFC r324174: FIx include guard name.
      MFC r324301: Update comment.

kp (1):
      MFC r323864

manu (1):
      MFC r324007, r324012, r324014

markj (6):
      MFC r323564: Widen uk_pgoff, the slab header offset field.
      MFC r323544: Fix a logic error in the item size calculation for internal UMA zones.
      MFC r323880: Simplify i915_gem_wire_page() and avoid unneeded page-busying.
      MFC r323290: Speed up vm_page_array initialization.
      MFC r323613: Include _bitset.h to get BITSET_DEFINE, used to define struct slabbits.
      MFC r324066: Use C99 initializers for DTrace provider methods.

mav (4):
      MFC r324086: Alike to ZFS disable cache flush after first ENOTSUP error.
      MFC r324123: Add sysctl/tunable for maximal request time.
      MFC r324155: Add initial support for Address Lookup Table (A-LUT).
      MFC r324172: Align test I/O buffer to page boundary.

mm (1):
      MFH r324148: Sync libarchive with vendor.

n_hibma (1):
      MFC 324088:

ngie (8):
      MFC r322951:
      MFC r322441:
      MFC r321444,r321446:
      MFC r324143:
      MFC r306743,r317712:
      MFC r305508: r305508 (by markj):
      MFC r317713: r317713 (by markj):
      MFC note:	tests/sys/kern/coredump_phnum_test.sh changes omitted

rmacklem (3):
      MFC: r323689 Fix bogus FREAD with NFSV4OPEN_ACCESSREAD. No functional change.
      MFC: r323978 Change a panic to an error return.
      MFC: r324074 Fix a memory leak that occurred in the pNFS client.

sephe (12):
      MFC 323170
      MFC 323175
      MFC 323176
      MFC 323727,324316
      MFC 323728,323729
      MFC 324048
      MFC 324049,324077
      MFC 324050
      MFC 324487
      MFC 324488
      MFC 324489,324516
      MFC 324517

trasz (13):
      MFC r320360:
      MFC r320363:
      MFC r320741:
      MFC r320733:
      MFC r320740:
      MFC r320734:
      MFC r323183:
      MFC r321422:
      MFC r323225:
      MFC r323228:
      MFC r323263:
      MFC r320803:
      MFC r320892:

Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100051/

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-bootonly.iso) = 2a7a0644c4f6539a0763fee344f3ac7a51df62a358a394fc884d51147ca2479cfb6aea600d900dbcf551e5e4331685d8380038849636005f51fd1ff4a391d710
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-disc1.iso) = 840b8f12b33e4e9328187719af152c14f383e0a5b2749953f84e634bead200ff8794559b63faa6a9ed9b0675ef44be9d6d055f457f514c0107e8b480f2a46159
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-memstick.img) = 11ce832ec9256846e3eff4d5d661a9ef38d05b7c4857d1975cfec438e38de5d3e804f8401a943753672e469c0bcde6184f3b99bb22e3174b8a1c5e59da5ae9cd
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-mini-memstick.img) = 5189aeccb1823edde5681c6e5d7276cf2c1777981bb818ed3a3c838a5fe6f5035248da5094161b76ac9f7b574d957d833a19a3641a08f03b6fd74c468ba5140a

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlnhbH0ACgkQgZsRom/9
GI1bfg/+JvEFmHPiEM6m8696no95d3LDv+hInSTMXzDmrKYh47eejtJI0vQcq06Y
GqFkVJr8sMfApKF5dMQJ6f4JsbTnFx4hQONwDIdM3lPhTnxUNfvtT5Vb2TrmOpU6
8hPQ2RRNYkTJVgbP84XhHlQwi3xNnpNKnjJasZiNUBcbooWpprjtkQPx7hGIVXEe
ubTX+na5Ry6i/NPcOYFr7YKPiqWNu/zSKFFeERjW4YnB6RyXsMUIr9nsEs7kjcRi
mIIVu/VMlXhkjGg1IwUPy9V8gA+YHutQ5/V80vVCUUUaFXoUS8t+isofywoCgD92
VX/icmEoK6T1PyVz47pzH+62fwVOn1Ypbz/1329LfNMY1CyNesLPore7bhNEpaBh
wovZH5Y9aJAlIrd53oiSHUGwlF0RROvpoWLC51loMp5IPdJR+6aoU6TinnAyMARd
0QRlLLtal7TO7cXfQE5OYDyVNHiVZgLIDQbNJG8G+pGmYyWQR8LZV/zsk56ti5tK
Lg8ABYEOvoTzG9WaJX27pFnMbzpiHyf5MzPHvA+KoEQibtFZWu8jyz4iHKLq7jB9
OfkSaWV9s87gSKzA0BP7m+Uh1bY1Ka9kTIPXd0n8ym75hGeovr0r52s48i4CpJPo
APTtWgrbgvD6P/uSnSV9hFAw4C9/LBJceEMPpjioctdKNA52wvY=
=pl3g
-----END PGP SIGNATURE-----

shortlog-HardenedBSD-11-STABLE-v1100051.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt