Skip to content

HardenedBSD-11-STABLE-v1100056.8

Compare
Choose a tag to compare
@opntr opntr released this 06 Nov 23:18
· 715 commits to hardened/11-stable/master since this release
HardenedBSD-11-STABLE-v1100056.8
c37a9e3

Highlights:

  • HBSD MFC r340077: m_pulldown() may reallocate n. Update the oip pointer after the m_pulldown() call. (fec14b2) [FreeBSD-SA-Candidate, CVE-2018-4407]
  • MFC 338360,338415,338624,338630,338631,338725: Dynamic x86 IRQ layout. (160aee5)
  • MFC r339681: Allow the bhyve VNC server to listen on IPv6 for incoming connections. (5e060e6)
  • MFC 338408: Don't directly dereference a user pointer in the VPD ioctl. (b035f90)
  • hwpmc: Enable hwpmc support for AMD Family 17H devices (1235e4a)
  • MFC r339582: Drop sequencer mutex around uiomove() and make sure we don't move more bytes than is available, else a panic might happen. (4b87554) [FreeBSD-EN-Candidate, DoS]
  • MFC r339581: Fix off-by-one which can lead to panics. [FreeBSD-SA-Candidate]
  • elfcopy: avoid stripping relocations from static binaries (8e4b644)
  • MFC r339509: Fix loader.conf(5) "password" feature (9a6d835)
  • MFC r339547: vlan: Fix panic with lagg and vlan (1fda506)
  • MFC r339331: bhyve: emulate CLFLUSH and CLFLUSHOPT. (9e85f7a)
  • LLD updates
  • ZFS updates
  • LinuxKPI updates
  • VNET fixes
  • libsysdecode fixes

Changelog

Oliver Pinter (2):
      HBSD MFC r340077: m_pulldown() may reallocate n. Update the oip pointer after the m_pulldown() call.
      HBSD: explicitly initialize unprivileged_read_msgbuf to a known value

Oliver Pinter + (22):
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

Shawn Webb (6):
      HBSD: Delete the mtree temporary directory before creating it
      HBSD: Support bectl for HardenedBSD 12 users
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict
      Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
      HBSD: Resolve merge conflict

ae (2):
      MFC r339357:   Add extra parentheses to fix "versrcreach" opcode, (oif != NULL) should   not be used as condition for ternary operator.
      MFC r339740:   Use correct format specificator to print setdscp action.

avg (4):
      MFC r334189: Import CK as of commit 0f017230ccc86929f56bf44ef2dca93d7df8076b
      MFC r336634: MFV CK@r336629: Import CK as of commit 1c1f9901c2dea7a883342cd03d3906a1bc482583
      MFC r303648: Fix ddb "show proc" to show full arguments
      MFC r337528: add an option for ddb ps command to print process arguments

bz (7):
      MFC r339586:
      MFC r339930:
      MFC r339407:
      MFC r339431:
      MFC r339931,r339933
      MFC r330795:
      MFC r337904:

cy (1):
      Follow up on r331936. gets_s(3) will also fail in the same way that gets(3) does. This was missed in r331936.

davidcs (2):
      MFC r338734
      MFC r339366 Add support for Error Recovery

des (1):
      MFH (r305124): fix case where fd_lastfile is -1.

dim (1):
      MFC r339013:

dteske (1):
      MFC r339509: Fix loader.conf(5) "password" feature

emaste (1):
      elfcopy: avoid stripping relocations from static binaries

eugen (1):
      MFC r339462: make upgrade from previous FreeBSD versions less painful and make previously working configuration like this work again:

gjb (2):
      Document the krpc module requirement in 11.x that was not present in 10.x if the system has a custom kernel configuration that excludes NFS and, for example, uses MODULES_OVERRIDE="zfs opensolaris".
      MFC r339684:  Reduce the GCE image size to 27G to be lower than the free  quota limit.

glebius (1):
      MFhead r339643:

hselasky (8):
      MFC r339388: Fix for reception of large full speed isochronous frames via the transaction translator, when using the DWC OTG USB controller driver. Make sure to re-try getting the complete split packets until a DATA0 packet is received. Larger isochronous frames may be split into multiple MDATA packets terminated by a single DATA0 packet.
      MFC r339581: Fix off-by-one which can lead to panics.
      MFC r339582: Drop sequencer mutex around uiomove() and make sure we don't move more bytes than is available, else a panic might happen.
      MFC r339587: Added support for formula-based arbitrary baud rates, in contrast to the current fixed values, which enables use of rates above 1 Mbps. Improved the detection of HXD chips, and the status flag handling as well.
      MFC r339600: Make sure returned value is checked and assert a valid refcount. While at it fix a print: Unsigned types cannot be negative.
      MFC r339868: Implement dma_pool_zalloc() in the LinuxKPI.
      MFC r339923: Implement __KERNEL_DIV_ROUND_UP() function macro in the LinuxKPI.
      MFC r339924: Implement the dump_stack() function in the LinuxKPI.

jamie (1):
      MFC r339409, r339420:

jhb (6):
      MFC 338094: Fully retire the unimplemented -t option from vmstat(8).
      MFC 338101: Merge amd64 and i386 <machine/intr_machdep.h> headers.
      MFC 338148: Remove 'imen' global variable from atpic(4).
      MFC 338408: Don't directly dereference a user pointer in the VPD ioctl.
      MFC 338360,338415,338624,338630,338631,338725: Dynamic x86 IRQ layout.
      MFC 338813: Clear all of the VFP state in fill_fpregs().

kib (2):
      MFC r339384: Add clwb().
      MFC r339331: bhyve: emulate CLFLUSH and CLFLUSHOPT.

kp (3):
      MFC r334375, r334379:
      MFC r338698:
      MFC r339547:

markj (2):
      MFC r339365: Typo.
      MFC r313557 (by bz): Allow Dtrace to be compiled into the kernel again after r313177.

mav (3):
      MFC r339335: Avoid zero-sized kmem_alloc() in vdev_compact_children().
      MFC r339329: Add ZIO_TYPE_FREE support for indirect vdevs.
      MFC r339372: Skip VDEV_IO_DONE stage only for ZIO_TYPE_FREE.

mmacy (3):
      hwpmc: Enable hwpmc support for AMD Family 17H devices
      fix i386 breakage caused by r339767
      fix up more issues introduced by failing to have run TB before r339767

philip (2):
      MFC r339503: Import tzdata 2018f
      MFC r339848: Import tzdata 2018g

slavash (1):
      MFC r339584 : mlx5: Notify user that the ConnectX-6 shutdown its port due to power limitation

tijl (1):
      MFC r339618:

whu (1):
      MFC: 339585

Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100056.8/

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v1100056.8-amd64-bootonly.iso) = e9b4dc37c3914f14573222c3bec8303ba2516783a7daadbba42d9c42cfd1b68c6ed55a9f50c8ff394038ed5885880adaa230e3f89ea335be2e728d09331eac70
SHA512 (HardenedBSD-11-STABLE-v1100056.8-amd64-disc1.iso) = 3a9d91a4b9ffb0c69cde6639bd39896c31e3d140f024b0f66fe113799daa8cf19622b7b06564dbe455481327cb4bf44e8763903f57e01ea2bd460a040b4e3b24
SHA512 (HardenedBSD-11-STABLE-v1100056.8-amd64-memstick.img) = aa7101825ff05262dc1eac97ac8fd34614f82263dc2825a2087c1faf1094cc708f7703e39503ba4469d78db385bb642a6899ee30d6c832c80dc8b267ace88a9a
SHA512 (HardenedBSD-11-STABLE-v1100056.8-amd64-mini-memstick.img) = 633bb097e6bacfe0c1fb6d6de8e8175fb3be91af1632e240aa6a96c237bd7aabae9157cf0d3ec41d1aebbdb40da53a0c2b5fa497e0f564f2670ee6b60a227a42

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlvfps8ACgkQgZsRom/9
GI2AJQ//Z30QApEHelaPy7fcej9N5cJv1rFKxzfqVmt8pvEAA+tGRFoUNMz+7xG6
92u5sGHkfyGV761XqVK7gJXk6eMj2Sl5ITy4c1L3zjGRXutfB/F77eKzsQtA+1cA
Moxz9pwJrFvyL3HouT5CaOysXwlYmJVIqF/P8sHulHImshWnlBg8khHvPesCD7wi
0tb9xdyE3+xAmkqwJMgW1U92TaPOzfwTK5BLbXelw5eWT/qiB2OR9HcFmdfAh/MG
LlvFAeBZh6k298KYjYE0aR7qo35Cu3kD0PfUDmVaZNZpORbFBz1ZcLSMt8sZBHOx
HVPSWTnRbJpuh0SJphvSvnbY++nsT0PbhxVnPiSG/naXKTTYOw1hyPYrJaBXL8n2
gClDR7DRxhUi0F4MqMzqLg05kwwaSu3lwuBwjdS9YjcHV+IyVgA9YK11BbdOecpE
vEpPTjtQpjYFydwQFqUy8FbYhEnBpiJCBB9StM04w4gOOWS/RzMO+GQ+ysjoatlg
C0CxgQ/yuwmlvw8VpKKWYwS5UxTN+XbBX8GCz/8IpBgSajfbrKIGf8wMdptYKdjY
bSy9HgR4XQNBiXeHzXTCra8Z5kive7VlhQsLqfjah8pLcKsHTGzpS7LSlobxTqyh
n+At7jjhYiwgXKKrkcxY4IxqwvY5rtLpb9fcByoGlSpWDgHhoV8=
=lzsa
-----END PGP SIGNATURE-----

shortlog-HardenedBSD-11-STABLE-v1100056.8.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt

Assets 2