HardenedBSD-11-STABLE-v1100051
·
14291 commits
to hardened/10-stable/master
since this release
Warning: this is a security and feature update!
Highlights:
- HyperV fixes
- ZFS updates
- libarchive update (CVE-2017-14166, CVE-2017-14502) (aea515e) [FreeBSD-SA-Candidate]
- lot of hbsd-update improvements
- Zero segment registers which contained invalid usermode selectors, when returning to kernel. (6a720c6, 2c707ee) [FreeBSD-SA-Candidate]
- make fsck_y_enable more agressive (8430527)
- HBSD MFC: Correct sense of crypt(3) NULL checks in init(8) and lock(1) (954bfe0) [FreeBSD-SA-Candidate]
- HBSD MFC: netsmb: Fix buggy/racy smb_strdupin() (145ca72) [FreeBSD-SA-Candidate]
- hbsdcontrol's kernel side implementation for more information please consult with https://github.com/HardenedBSD-stable/hardenedBSD/blob/hardened/11-stable/master/UPDATING-HardenedBSD
- LLVM, clang, lldb, lld, compiler-rt and libc++ update to 5.0.0 (12cd91c)
Changelog
Oliver Pinter (12):
HBSD: fix a possible "time of check to time of use" attack
HBSD: allow to override hbsdcontrol settings with ACLs
HBSD: add kernel side of hbsdcontrol
HBSD: after the recent changes, bump by copyright years
HBSD: add hbsdcontrol.sh as demonstration tool to examples directory
HBSD: bump __HardenedBSD_version to 1100051 after hbsdcontrol merge
HBSD: extend the UPDATING-HardenedBSD about the new kernel knobs
HBSD: log PREFER_ACL (EXPLICIT_ACL) in pax_logs
HBSD: improve log message in execve
HBSD MFC: netsmb: Fix buggy/racy smb_strdupin()
HBSD MFC: Correct sense of crypt(3) NULL checks in init(8) and lock(1)
HBSD MFC r324225: ppp(8): Fix various bugs in NOPAM section of auth_CheckPasswd
Oliver Pinter + (33):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Shawn Webb (8):
HBSD: Teach hbsd-update to populate chroots.
HBSD: Use the local resolver by default
HBSD: Teach hbsd-update to not download updates
HBSD: Partially backport llvm toolchain commit
HBSD: Teach hbsd-update to not update base
HBSD: Do not default to using the local resolver
Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
HBSD: Resolve merge conflict
ae (3):
MFC r323836: Do not acquire IPFW_WLOCK when a named object is created and destroyed.
MFC r323839: Use in_localip() function instead of unlocked access to addresses hash to determine that an address is our local.
MFC r324098: Some mbuf related fixes in icmp_error()
alc (15):
MFC r323785 Sync with amd64/arm/arm64/i386/mips pmap change r288256:
MFC r323786 In r288122, we changed vm_page_unwire() so that it returns a Boolean indicating whether the page's wire count transitioned to zero. Use that return value in zbuf_page_free() rather than checking the wire count.
MFC r323868 Modernize calls to vm_page_unwire(). As of r288122, vm_page_unwire() accepts PQ_NONE as the specified queue and returns a Boolean indicating whether the page's wire count transitioned to zero. Use these features in dev/drm2.
MFC r322459,322897 The *_meta_* functions include a radix parameter, a blk parameter, and another parameter that identifies a starting point in the memory address block. Radix is a power of two, blk is a multiple of radix, and the starting point is in the range [blk, blk+radix), so that blk can always be computed from the other two. This change drops the blk parameter from the meta functions and computes it instead. (On amd64, for example, this change reduces subr_blist.o's text size by 7%.)
MFC r323391 To analyze the allocation of swap blocks by blist functions, add a method for analyzing the radix tree structures and reporting on the number, and sizes, of maximal intervals of free blocks. The report includes the number of maximal intervals, and also the number of them in each of several size ranges, from small (size 1, or 3 to 4) to large (28657 to 46367) with size boundaries defined by Fibonacci numbers. The report is written in the test tool with the 's' command, or in a running kernel by sysctl.
MFC r323981 Modernize the use of vm_page_unwire(). Since r288122, vm_page_unwire() has returned TRUE when the wire count transitions to zero, eliminating the need for callers to inspect the page's wire count.
MFC r323961 Since the page "frame" doesn't belong to a vm object, it can't be paged out. Since it can't be paged out, it is never actually enqueued in a paging queue. Nonetheless, passing PQ_INACTIVE to vm_page_unwire() creates the appearance that the page "frame" is being enqueued in the inactive queue. As of r288122, we can avoid this false impression by passing PQ_NONE.
MFC r323656 Modify blst_leaf_alloc to take only the cursor argument.
MFC r323973,324087 Optimize vm_page_try_to_free(). Specifically, the call to pmap_remove_all() can be avoided when the page's containing object has a reference count of zero. (If the object has a reference count of zero, then none of its pages can possibly be mapped.)
MFC r321015 Style-only change: Consistently use the variable name "pdpg" throughout this file. Previously, half of the pointers to a vm_page being used as a page directory page were named "pdpg" and the rest were named "mpde".
MFC r320980,321377 Generalize vm_page_ps_is_valid() to support testing other predicates on the (super)page, renaming the function to vm_page_ps_test().
MFC r319542,321003,321378 Eliminate duplication of the pmap and pv list unlock operations in pmap_enter() by implementing a single return path. Otherwise, the duplication will only increase with the upcoming support for psind == 1.
MFC r321386,321393 Utilize pmap_enter(..., psind=1) in vm_fault_soft_fast() on amd64. (The Differential Revision discusses the benefits of this change.)
MFC r305685 Various changes to pmap_ts_referenced()
MFC r324173 When an I/O error occurs on page out, there is no need to dirty the page, because it is already dirty. Instead, assert that the page is dirty.
asomers (4):
MFC r322868:
MFC r323193:
MFC r323194:
MFC r323813:
avg (16):
MFC r323479,r323491: zfs: tighten debug versions of ZTOV and VTOZ
MFC r323480: zfs_get_vfs: reference a requested filesystem instead of vfs_busy-ing it
MFC r323355: MFV r323107: 8414 Implemented zpool scrub pause/resume
MFC r323522: slightly simplify zfs_vptocnp
MFC r323797: add vfs_zfs.abd_chunk_size tunable
MFV r323796: fix memory leak in g_bio zone introduced in r320452
MFC r323918: MFV r323917: 8648 Fix range locking in ZIL commit codepath
MFC r323433,r323793,r323915: MFV r323110: 8558 lwp_create() returns EAGAIN on system with more than 80K ZFS filesystems, and followups
MFC r323481: zfsvfs_hold: assert that the busied filesystem can not be unmounted
MFC r323483: zfsctl_snapdir_lookup should be able to handle an uncovered vnode
MFC r323791: MFV r323790: 8567 Inconsistent return value in zpool_read_label
MFC r323578,r323769: dounmount: do not release the mount point's reference on the covered vnode
MFC r323524: MFV r316932: 6280 libzfs: unshare_one() could fail with EZFS_SHARENFSFAILED
MFC r323525: MFV r323523: 8331 zfs_unshare returns wrong error code for smb unshare failure
MFC r323528: MFV r323527: 5815 libzpool's panic function doesn't set global panicstr
MFC r323612: gmirror: treat ENXIO as disk disconnect, not media error
bapt (2):
MFC r324100:
MFC: r324362
cy (2):
MFC r323945 and 323962
MFC r324249, 324260, and 324277
dab (3):
MFC r313107 (by danfe): Try to fix the old "he capability is stupid" bug in gettytab(5)/getty(8)
MFC r317801 (by trasz):
MFC r323252:
davidcs (5):
MFC r323782 Add sysctl "enable_minidump" to turn on/off automatic minidump retrieval
MFC r323781 Update minidump template for version 5.4.66
MFC r323824 1. ql_hw.c: In ql_hw_send() return EINVAL when TSO framelength exceeds max supported length by HW.(davidcs) 2. ql_os.c: In qla_send() call bus_dmamap_unload before freeing mbuf or recreating dmmamap.(davidcs) In qla_fp_taskqueue() Add additional checks for IFF_DRV_RUNNING Fix qla_clear_tx_buf() call bus_dmamap_sync() before freeing mbuf.
MFC r324026 Fix delete all multicast addresses
MFC r324065 Tx Ring Shadow Consumer Index Register needs to be cleared prior to passing it's physical address to the FW during Tx Create Context.
dim (3):
Synchronize most of libm with head as of r323004. This excludes a few arch-specific updates for powerpcspe, mips and riscv, for which support has not been merged yet.
Merge clang, llvm, lld, lldb, compiler-rt and libc++ 5.0.0 release.
Belatedely fill in the dates for clang 5.0.0 update in UPDATING and ObsoleteFiles.inc.
ed (2):
MFC r322965:
MFC r321514, r322885, r323015, r323177
emaste (5):
MFC r323438: make-memstick.sh: use UFSv2
MFC r323394: newvers.sh: accept "git-svn-id:" at the start of a line only
MFC r323405: newvers.sh: speed up failing git-svn revision search
MFC r323675: libsysdecode: report invalid cap_rights_t
MFC r309151: Use explicit 0x200000 for the amd64 kernel physaddr
eugen (1):
MFC r323873, r324081: Unprotected modification of ng_iface(4) private data leads to kernel panic. Fix a race with per-node read-mostly lock and refcounting for a hook.
gordon (1):
MFC r323709: Revert tcpdump to using the source manpage instead of having a copy here.
hselasky (4):
MFC r324202: Make sure the doorbell lock is valid for the i386 version of the mlx5en(4) driver.
MFC r315405, r323351 and r323364: Add helper function similar to ip_dev_find() to the LinuxKPI to lookup a network device by its IPv6 address in the given VNET.
MFC r315404: Add basic support for VIMAGE to the LinuxKPI and ibcore.
MFC r324320: Add support for new cuse(3) error code, CUSE_ERR_NO_DEVICE. This error code is useful when emulating Linux input event devices from userspace.
jhb (2):
MFC 323631: Add an -a flag to getconf.
MFC 323994: Log signal number passed to PT_STEP requests in KTR_PTRACE traces.
jkim (1):
MFC: r323840
kib (7):
MFC r323768: For unlinked files, do not msync(2) or sync on the vnode deactivation.
MFC r324079: Do not return from interrupt using the POP_FRAME;iret instruction sequence, always jump to doreti.
MFC r324080: Zero segment registers which contained invalid usermode selectors, when returning to kernel.
MFC r324113: Allow to disable default microcode updates search path with the new '-n' option.
MFC r324114: Update cpucontrol(8).
MFC r324174: FIx include guard name.
MFC r324301: Update comment.
kp (1):
MFC r323864
manu (1):
MFC r324007, r324012, r324014
markj (6):
MFC r323564: Widen uk_pgoff, the slab header offset field.
MFC r323544: Fix a logic error in the item size calculation for internal UMA zones.
MFC r323880: Simplify i915_gem_wire_page() and avoid unneeded page-busying.
MFC r323290: Speed up vm_page_array initialization.
MFC r323613: Include _bitset.h to get BITSET_DEFINE, used to define struct slabbits.
MFC r324066: Use C99 initializers for DTrace provider methods.
mav (4):
MFC r324086: Alike to ZFS disable cache flush after first ENOTSUP error.
MFC r324123: Add sysctl/tunable for maximal request time.
MFC r324155: Add initial support for Address Lookup Table (A-LUT).
MFC r324172: Align test I/O buffer to page boundary.
mm (1):
MFH r324148: Sync libarchive with vendor.
n_hibma (1):
MFC 324088:
ngie (8):
MFC r322951:
MFC r322441:
MFC r321444,r321446:
MFC r324143:
MFC r306743,r317712:
MFC r305508: r305508 (by markj):
MFC r317713: r317713 (by markj):
MFC note: tests/sys/kern/coredump_phnum_test.sh changes omitted
rmacklem (3):
MFC: r323689 Fix bogus FREAD with NFSV4OPEN_ACCESSREAD. No functional change.
MFC: r323978 Change a panic to an error return.
MFC: r324074 Fix a memory leak that occurred in the pNFS client.
sephe (12):
MFC 323170
MFC 323175
MFC 323176
MFC 323727,324316
MFC 323728,323729
MFC 324048
MFC 324049,324077
MFC 324050
MFC 324487
MFC 324488
MFC 324489,324516
MFC 324517
trasz (13):
MFC r320360:
MFC r320363:
MFC r320741:
MFC r320733:
MFC r320740:
MFC r320734:
MFC r323183:
MFC r321422:
MFC r323225:
MFC r323228:
MFC r323263:
MFC r320803:
MFC r320892:
Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100051/
CHECKSUM.SHA512:
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-bootonly.iso) = 2a7a0644c4f6539a0763fee344f3ac7a51df62a358a394fc884d51147ca2479cfb6aea600d900dbcf551e5e4331685d8380038849636005f51fd1ff4a391d710
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-disc1.iso) = 840b8f12b33e4e9328187719af152c14f383e0a5b2749953f84e634bead200ff8794559b63faa6a9ed9b0675ef44be9d6d055f457f514c0107e8b480f2a46159
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-memstick.img) = 11ce832ec9256846e3eff4d5d661a9ef38d05b7c4857d1975cfec438e38de5d3e804f8401a943753672e469c0bcde6184f3b99bb22e3174b8a1c5e59da5ae9cd
SHA512 (HardenedBSD-11-STABLE-v1100051-amd64-mini-memstick.img) = 5189aeccb1823edde5681c6e5d7276cf2c1777981bb818ed3a3c838a5fe6f5035248da5094161b76ac9f7b574d957d833a19a3641a08f03b6fd74c468ba5140a
CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlnhbH0ACgkQgZsRom/9
GI1bfg/+JvEFmHPiEM6m8696no95d3LDv+hInSTMXzDmrKYh47eejtJI0vQcq06Y
GqFkVJr8sMfApKF5dMQJ6f4JsbTnFx4hQONwDIdM3lPhTnxUNfvtT5Vb2TrmOpU6
8hPQ2RRNYkTJVgbP84XhHlQwi3xNnpNKnjJasZiNUBcbooWpprjtkQPx7hGIVXEe
ubTX+na5Ry6i/NPcOYFr7YKPiqWNu/zSKFFeERjW4YnB6RyXsMUIr9nsEs7kjcRi
mIIVu/VMlXhkjGg1IwUPy9V8gA+YHutQ5/V80vVCUUUaFXoUS8t+isofywoCgD92
VX/icmEoK6T1PyVz47pzH+62fwVOn1Ypbz/1329LfNMY1CyNesLPore7bhNEpaBh
wovZH5Y9aJAlIrd53oiSHUGwlF0RROvpoWLC51loMp5IPdJR+6aoU6TinnAyMARd
0QRlLLtal7TO7cXfQE5OYDyVNHiVZgLIDQbNJG8G+pGmYyWQR8LZV/zsk56ti5tK
Lg8ABYEOvoTzG9WaJX27pFnMbzpiHyf5MzPHvA+KoEQibtFZWu8jyz4iHKLq7jB9
OfkSaWV9s87gSKzA0BP7m+Uh1bY1Ka9kTIPXd0n8ym75hGeovr0r52s48i4CpJPo
APTtWgrbgvD6P/uSnSV9hFAw4C9/LBJceEMPpjioctdKNA52wvY=
=pl3g
-----END PGP SIGNATURE-----
shortlog-HardenedBSD-11-STABLE-v1100051.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt