CVS commit: src/sys/arch/x86/include
Module Name:src Committed By: msaitoh Date: Wed Oct 18 03:38:32 UTC 2017 Modified Files: src/sys/arch/x86/include: specialreg.h Log Message: Add Turbo Boost Max Technology 3.0 bit. To generate a diff of this commit: cvs rdiff -u -r1.103 -r1.104 src/sys/arch/x86/include/specialreg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/include/specialreg.h diff -u src/sys/arch/x86/include/specialreg.h:1.103 src/sys/arch/x86/include/specialreg.h:1.104 --- src/sys/arch/x86/include/specialreg.h:1.103 Fri Oct 13 13:53:54 2017 +++ src/sys/arch/x86/include/specialreg.h Wed Oct 18 03:38:32 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: specialreg.h,v 1.103 2017/10/13 13:53:54 msaitoh Exp $ */ +/* $NetBSD: specialreg.h,v 1.104 2017/10/18 03:38:32 msaitoh Exp $ */ /*- * Copyright (c) 1991 The Regents of the University of California. @@ -299,12 +299,13 @@ #define CPUID_DSPM_HWP_EPP __BIT(10) /* HWP Energy Performance Preference */ #define CPUID_DSPM_HWP_PLR __BIT(11) /* HWP Package Level Request */ #define CPUID_DSPM_HDC __BIT(13) /* Hardware Duty Cycling */ +#define CPUID_DSPM_TBMT3 __BIT(14) /* Turbo Boost Max Technology 3.0 */ #define CPUID_DSPM_FLAGS "\20" \ "\1" "DTS" "\2" "IDA" "\3" "ARAT" \ "\5" "PLN" "\6" "ECMD" "\7" "PTM" "\10" "HWP" \ "\11" "HWP_NOTIFY" "\12" "HWP_ACTWIN" "\13" "HWP_EPP" "\14" "HWP_PLR" \ - "\16" "HDC" + "\16" "HDC" "\17" "TBM3" /* * Intel Digital Thermal Sensor and
CVS commit: src/share/man/man9
Module Name:src Committed By: pgoyette Date: Tue Oct 17 21:11:36 UTC 2017 Modified Files: src/share/man/man9: do_setresuid.9 Log Message: Typo: s/processes/process's/ for possession To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/share/man/man9/do_setresuid.9 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man9/do_setresuid.9 diff -u src/share/man/man9/do_setresuid.9:1.6 src/share/man/man9/do_setresuid.9:1.7 --- src/share/man/man9/do_setresuid.9:1.6 Fri May 19 14:35:01 2017 +++ src/share/man/man9/do_setresuid.9 Tue Oct 17 21:11:36 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: do_setresuid.9,v 1.6 2017/05/19 14:35:01 abhinav Exp $ +.\" $NetBSD: do_setresuid.9,v 1.7 2017/10/17 21:11:36 pgoyette Exp $ .\" .\"- .\" Copyright (c) 2003 The NetBSD Foundation, Inc. @@ -51,7 +51,7 @@ process to change its real, effective, a .Pp The .Nm do_setresuid -function sets the specified processes real user ID to +function sets the specified process's real user ID to .Ar ruid , its effective user ID to .Ar euid ,
CVS commit: src/sys
Module Name:src
Committed By: rjs
Date: Tue Oct 17 19:23:42 UTC 2017
Modified Files:
src/sys/netinet: sctp_pcb.c sctp_usrreq.c
src/sys/netinet6: sctp6_usrreq.c
Log Message:
Make SCTP work when IPSEC is also defined.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/netinet/sctp_pcb.c
cvs rdiff -u -r1.7 -r1.8 src/sys/netinet/sctp_usrreq.c
cvs rdiff -u -r1.13 -r1.14 src/sys/netinet6/sctp6_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.14 src/sys/netinet/sctp_pcb.c:1.15
--- src/sys/netinet/sctp_pcb.c:1.14 Tue Oct 17 19:18:30 2017
+++ src/sys/netinet/sctp_pcb.c Tue Oct 17 19:23:42 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,10 +33,11 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.15 2017/10/17 19:23:42 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
+#include "opt_ipsec.h"
#include "opt_sctp.h"
#endif /* _KERNEL_OPT */
@@ -1302,6 +1303,9 @@ sctp_inpcb_alloc(struct socket *so)
#ifdef DEBUG
struct sctp_inpcb *n_inp;
#endif
+#ifdef IPSEC
+ struct inpcbpolicy *pcb_sp = NULL;
+#endif
struct sctp_pcb *m;
struct timeval time;
@@ -1358,22 +1362,16 @@ sctp_inpcb_alloc(struct socket *so)
inp->ip_inp.inp.inp_socket = so;
inp->sctp_frag_point = SCTP_DEFAULT_MAXSEGMENT;
#ifdef IPSEC
-#if !(defined(__OpenBSD__) || defined(__APPLE__))
- {
- struct inpcbpolicy *pcb_sp = NULL;
+ if (ipsec_enabled) {
error = ipsec_init_pcbpolicy(so, _sp);
+ if (error != 0) {
+ SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_ep, inp);
+ SCTP_INP_INFO_WUNLOCK();
+ return error;
+ }
/* Arrange to share the policy */
inp->ip_inp.inp.inp_sp = pcb_sp;
- ((struct in6pcb *)(>ip_inp.inp))->in6p_sp = pcb_sp;
- }
-#else
- /* not sure what to do for openbsd here */
- error = 0;
-#endif
- if (error != 0) {
- SCTP_ZONE_FREE(sctppcbinfo.ipi_zone_ep, inp);
- SCTP_INP_INFO_WUNLOCK();
- return error;
+ pcb_sp->sp_inph = (struct inpcb_hdr *)inp;
}
#endif /* IPSEC */
sctppcbinfo.ipi_count_ep++;
@@ -1682,6 +1680,9 @@ sctp_inpcb_bind(struct socket *so, struc
if (sin->sin_addr.s_addr != INADDR_ANY) {
bindall = 0;
}
+#ifdef IPSEC
+ inp->ip_inp.inp.inp_af = AF_INET;
+#endif
} else if (addr->sa_family == AF_INET6) {
/* Only for pure IPv6 Address. (No IPv4 Mapped!) */
struct sockaddr_in6 *sin6;
@@ -1703,9 +1704,21 @@ sctp_inpcb_bind(struct socket *so, struc
/* this must be cleared for ifa_ifwithaddr() */
sin6->sin6_scope_id = 0;
#endif /* SCOPEDROUTING */
+#ifdef IPSEC
+ inp->ip_inp.inp.inp_af = AF_INET6;
+#endif
} else {
return (EAFNOSUPPORT);
}
+#ifdef IPSEC
+ if (ipsec_enabled) {
+ inp->ip_inp.inp.inp_socket = so;
+ error = ipsec_init_pcbpolicy(so, >ip_inp.inp.inp_sp);
+ if (error != 0)
+return (error);
+ inp->ip_inp.inp.inp_sp->sp_inph = (struct inpcb_hdr *)inp;
+ }
+#endif
}
SCTP_INP_INFO_WLOCK();
#ifdef SCTP_DEBUG
@@ -2139,7 +2152,8 @@ sctp_inpcb_free(struct sctp_inpcb *inp,
if (so) {
/* First take care of socket level things */
#ifdef IPSEC
- ipsec4_delete_pcbpolicy(ip_pcb);
+ if (ipsec_enabled)
+ ipsec4_delete_pcbpolicy(ip_pcb);
#endif /*IPSEC*/
so->so_pcb = 0;
}
Index: src/sys/netinet/sctp_usrreq.c
diff -u src/sys/netinet/sctp_usrreq.c:1.7 src/sys/netinet/sctp_usrreq.c:1.8
--- src/sys/netinet/sctp_usrreq.c:1.7 Tue Oct 17 16:07:18 2017
+++ src/sys/netinet/sctp_usrreq.c Tue Oct 17 19:23:42 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_usrreq.c,v 1.50 2005/06/16 20:45:29 jinmei Exp $ */
-/* $NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $ */
+/* $NetBSD: sctp_usrreq.c,v 1.8 2017/10/17 19:23:42 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.8 2017/10/17 19:23:42 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -528,6 +528,7 @@ sctp_attach(struct socket *so, int proto
inp->sctp_flags &= ~SCTP_PCB_FLAGS_BOUND_V6; /* I'm not v6! */
#ifdef IPSEC
ip_inp = >ip_inp.inp;
+ ip_inp->inp_af = proto;
#endif
inp->inp_vflag |= INP_IPV4;
inp->inp_ip_ttl = ip_defttl;
Index: src/sys/netinet6/sctp6_usrreq.c
diff -u src/sys/netinet6/sctp6_usrreq.c:1.13 src/sys/netinet6/sctp6_usrreq.c:1.14
--- src/sys/netinet6/sctp6_usrreq.c:1.13 Thu Apr 20 09:19:19 2017
+++ src/sys/netinet6/sctp6_usrreq.c Tue Oct 17 19:23:42 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp6_usrreq.c,v 1.38
CVS commit: src/sys/netinet
Module Name:src
Committed By: rjs
Date: Tue Oct 17 19:18:30 UTC 2017
Modified Files:
src/sys/netinet: sctp_pcb.c
Log Message:
Move call to sofree() to end of sctp_inpcb_free() and re-aquire
softnet_lock.
Logic copied from in_pcb.c.
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/sys/netinet/sctp_pcb.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.13 src/sys/netinet/sctp_pcb.c:1.14
--- src/sys/netinet/sctp_pcb.c:1.13 Tue Oct 17 15:53:01 2017
+++ src/sys/netinet/sctp_pcb.c Tue Oct 17 19:18:30 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.13 2017/10/17 15:53:01 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.13 2017/10/17 15:53:01 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.14 2017/10/17 19:18:30 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -2142,7 +2142,6 @@ sctp_inpcb_free(struct sctp_inpcb *inp,
ipsec4_delete_pcbpolicy(ip_pcb);
#endif /*IPSEC*/
so->so_pcb = 0;
- sofree(so);
}
if (ip_pcb->inp_options) {
@@ -2258,6 +2257,9 @@ sctp_inpcb_free(struct sctp_inpcb *inp,
SCTP_INP_INFO_WUNLOCK();
splx(s);
+
+ sofree(so);
+ mutex_enter(softnet_lock);
}
CVS commit: src/sys/dev
Module Name:src
Committed By: jdolecek
Date: Tue Oct 17 18:52:51 UTC 2017
Modified Files:
src/sys/dev/ata: ata_subr.c ata_wdc.c atavar.h
src/sys/dev/ic: wdc.c
src/sys/dev/pci: pciide_common.c
src/sys/dev/scsipi: atapi_wdc.c
Log Message:
reintroduce ATACH_IRQ_WAIT flag for attachments using wdcintr(), only
process the interrupt when the flag is set - this fixes spurious interrupt
during post-reset drive setup in wdc_ata_bio_start(), and wdc_atapi_start()
while those functions set WDCTL_IDS, this seems to be ignored by certain
(maybe all) PCI-IDE controllers; usually the implicit KERNEL_LOCK() would
prevent the interrupt anyway, but not when the start routine is started
from the atabus thread, which doesn't take it
fixes 'panic: wdc_ata_bio_intr: bad state' reported on current-users
by Chavdar Ivanov
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/sys/dev/ata/ata_subr.c
cvs rdiff -u -r1.108 -r1.109 src/sys/dev/ata/ata_wdc.c
cvs rdiff -u -r1.94 -r1.95 src/sys/dev/ata/atavar.h
cvs rdiff -u -r1.286 -r1.287 src/sys/dev/ic/wdc.c
cvs rdiff -u -r1.63 -r1.64 src/sys/dev/pci/pciide_common.c
cvs rdiff -u -r1.128 -r1.129 src/sys/dev/scsipi/atapi_wdc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/ata/ata_subr.c
diff -u src/sys/dev/ata/ata_subr.c:1.1 src/sys/dev/ata/ata_subr.c:1.2
--- src/sys/dev/ata/ata_subr.c:1.1 Tue Oct 10 17:19:38 2017
+++ src/sys/dev/ata/ata_subr.c Tue Oct 17 18:52:50 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: ata_subr.c,v 1.1 2017/10/10 17:19:38 jdolecek Exp $ */
+/* $NetBSD: ata_subr.c,v 1.2 2017/10/17 18:52:50 jdolecek Exp $ */
/*
* Copyright (c) 1998, 2001 Manuel Bouyer. All rights reserved.
@@ -25,7 +25,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ata_subr.c,v 1.1 2017/10/10 17:19:38 jdolecek Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ata_subr.c,v 1.2 2017/10/17 18:52:50 jdolecek Exp $");
#include "opt_ata.h"
@@ -334,7 +334,7 @@ ata_free_xfer(struct ata_channel *chp, s
/* finish the busmastering PIO */
(*wdc->piobm_done)(wdc->dma_arg,
chp->ch_channel, xfer->c_drive);
- chp->ch_flags &= ~(ATACH_DMA_WAIT | ATACH_PIOBM_WAIT);
+ chp->ch_flags &= ~(ATACH_DMA_WAIT | ATACH_PIOBM_WAIT | ATACH_IRQ_WAIT);
}
#endif
Index: src/sys/dev/ata/ata_wdc.c
diff -u src/sys/dev/ata/ata_wdc.c:1.108 src/sys/dev/ata/ata_wdc.c:1.109
--- src/sys/dev/ata/ata_wdc.c:1.108 Sun Oct 15 11:27:14 2017
+++ src/sys/dev/ata/ata_wdc.c Tue Oct 17 18:52:50 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: ata_wdc.c,v 1.108 2017/10/15 11:27:14 jdolecek Exp $ */
+/* $NetBSD: ata_wdc.c,v 1.109 2017/10/17 18:52:50 jdolecek Exp $ */
/*
* Copyright (c) 1998, 2001, 2003 Manuel Bouyer.
@@ -54,7 +54,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ata_wdc.c,v 1.108 2017/10/15 11:27:14 jdolecek Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ata_wdc.c,v 1.109 2017/10/17 18:52:50 jdolecek Exp $");
#include "opt_ata.h"
#include "opt_wdc.h"
@@ -592,7 +592,12 @@ _wdc_ata_bio_start(struct ata_channel *c
intr:
#endif
/* Wait for IRQ (either real or polled) */
- return (ata_bio->flags & ATA_POLL) ? ATASTART_POLL : ATASTART_STARTED;
+ if ((ata_bio->flags & ATA_POLL) == 0) {
+ chp->ch_flags |= ATACH_IRQ_WAIT;
+ return ATASTART_STARTED;
+ } else {
+ return ATASTART_POLL;
+ }
timeout:
printf("%s:%d:%d: not ready, st=0x%02x, err=0x%02x\n",
Index: src/sys/dev/ata/atavar.h
diff -u src/sys/dev/ata/atavar.h:1.94 src/sys/dev/ata/atavar.h:1.95
--- src/sys/dev/ata/atavar.h:1.94 Tue Oct 10 17:19:38 2017
+++ src/sys/dev/ata/atavar.h Tue Oct 17 18:52:50 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: atavar.h,v 1.94 2017/10/10 17:19:38 jdolecek Exp $ */
+/* $NetBSD: atavar.h,v 1.95 2017/10/17 18:52:50 jdolecek Exp $ */
/*
* Copyright (c) 1998, 2001 Manuel Bouyer.
@@ -399,6 +399,7 @@ struct ata_channel {
/* Our state */
volatile int ch_flags;
#define ATACH_SHUTDOWN 0x02 /* channel is shutting down */
+#define ATACH_IRQ_WAIT 0x10 /* controller is waiting for irq */
#define ATACH_DMA_WAIT 0x20 /* controller is waiting for DMA */
#define ATACH_PIOBM_WAIT 0x40 /* controller is waiting for busmastering PIO */
#define ATACH_DISABLED 0x80 /* channel is disabled */
Index: src/sys/dev/ic/wdc.c
diff -u src/sys/dev/ic/wdc.c:1.286 src/sys/dev/ic/wdc.c:1.287
--- src/sys/dev/ic/wdc.c:1.286 Mon Oct 16 05:52:43 2017
+++ src/sys/dev/ic/wdc.c Tue Oct 17 18:52:50 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: wdc.c,v 1.286 2017/10/16 05:52:43 jdolecek Exp $ */
+/* $NetBSD: wdc.c,v 1.287 2017/10/17 18:52:50 jdolecek Exp $ */
/*
* Copyright (c) 1998, 2001, 2003 Manuel Bouyer. All rights reserved.
@@ -58,7 +58,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: wdc.c,v 1.286 2017/10/16 05:52:43 jdolecek Exp $");
+__KERNEL_RCSID(0, "$NetBSD: wdc.c,v 1.287 2017/10/17 18:52:50 jdolecek Exp $");
#include "opt_ata.h"
#include "opt_wdc.h"
@@ -879,6 +879,11 @@ wdcintr(void *arg)
return (0);
}
+
CVS commit: src/sys/dev/ic
Module Name:src Committed By: jdolecek Date: Tue Oct 17 16:24:14 UTC 2017 Modified Files: src/sys/dev/ic: mvsata.c Log Message: no need to clear DMA WAIT flag in mvsata_edma_handle(), it's not needed by atabus layer To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 src/sys/dev/ic/mvsata.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/ic/mvsata.c diff -u src/sys/dev/ic/mvsata.c:1.38 src/sys/dev/ic/mvsata.c:1.39 --- src/sys/dev/ic/mvsata.c:1.38 Tue Oct 10 16:30:23 2017 +++ src/sys/dev/ic/mvsata.c Tue Oct 17 16:24:14 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: mvsata.c,v 1.38 2017/10/10 16:30:23 jdolecek Exp $ */ +/* $NetBSD: mvsata.c,v 1.39 2017/10/17 16:24:14 jdolecek Exp $ */ /* * Copyright (c) 2008 KIYOHARA Takashi * All rights reserved. @@ -26,7 +26,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: mvsata.c,v 1.38 2017/10/10 16:30:23 jdolecek Exp $"); +__KERNEL_RCSID(0, "$NetBSD: mvsata.c,v 1.39 2017/10/17 16:24:14 jdolecek Exp $"); #include "opt_mvsata.h" @@ -2829,7 +2829,7 @@ mvsata_edma_handle(struct mvsata_port *m struct ata_bio *ata_bio; struct ata_xfer *xfer; uint32_t reg; - int erqqip, erqqop, erpqip, erpqop, prev_erpqop, quetag, handled = 0, n; + int erqqop, erpqip, erpqop, prev_erpqop, quetag, handled = 0, n; int st, dmaerr; /* First, Sync for Request Queue buffer */ @@ -2920,12 +2920,6 @@ mvsata_edma_handle(struct mvsata_port *m mvsata_dma_bufunload(mvport, quetag, ata_bio->flags); -#if 1 /* : flags clears here, because necessary the atabus layer. */ - erqqip = (MVSATA_EDMA_READ_4(mvport, EDMA_REQQIP) & - EDMA_REQQP_ERQQP_MASK) >> EDMA_REQQP_ERQQP_SHIFT; - if (erpqop == erqqip) - chp->ch_flags &= ~(ATACH_DMA_WAIT); -#endif mvsata_bio_intr(chp, xfer, 1); if (xfer1 == NULL) handled++; @@ -2952,13 +2946,6 @@ mvsata_edma_handle(struct mvsata_port *m reg |= (erpqop << EDMA_RESQP_ERPQP_SHIFT); MVSATA_EDMA_WRITE_4(mvport, EDMA_RESQOP, reg); -#if 0 /* already cleared ago? */ - erqqip = (MVSATA_EDMA_READ_4(mvport, EDMA_REQQIP) & - EDMA_REQQP_ERQQP_MASK) >> EDMA_REQQP_ERQQP_SHIFT; - if (erpqop == erqqip) - chp->ch_flags &= ~(ATACH_DMA_WAIT); -#endif - return handled; }
CVS commit: src/sys/arch/arm/arm32
Module Name:src
Committed By: skrll
Date: Tue Oct 17 16:23:50 UTC 2017
Modified Files:
src/sys/arch/arm/arm32: vm_machdep.c
Log Message:
Fix eva argument to pmap_remove and passed prot bits in flags for
pmap_enter, i.e. fix previous.
To generate a diff of this commit:
cvs rdiff -u -r1.71 -r1.72 src/sys/arch/arm/arm32/vm_machdep.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/arm/arm32/vm_machdep.c
diff -u src/sys/arch/arm/arm32/vm_machdep.c:1.71 src/sys/arch/arm/arm32/vm_machdep.c:1.72
--- src/sys/arch/arm/arm32/vm_machdep.c:1.71 Sun Oct 8 12:09:44 2017
+++ src/sys/arch/arm/arm32/vm_machdep.c Tue Oct 17 16:23:50 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: vm_machdep.c,v 1.71 2017/10/08 12:09:44 flxd Exp $ */
+/* $NetBSD: vm_machdep.c,v 1.72 2017/10/17 16:23:50 skrll Exp $ */
/*
* Copyright (c) 1994-1998 Mark Brinicombe.
@@ -44,7 +44,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.71 2017/10/08 12:09:44 flxd Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vm_machdep.c,v 1.72 2017/10/17 16:23:50 skrll Exp $");
#include "opt_armfpe.h"
#include "opt_pmap_debug.h"
@@ -246,7 +246,7 @@ vmapbuf(struct buf *bp, vsize_t len)
while (len) {
(void) pmap_extract(pm, faddr, );
pmap_enter(pmap_kernel(), taddr, fpa, VM_PROT_READ|VM_PROT_WRITE,
- PMAP_WIRED);
+ VM_PROT_READ|VM_PROT_WRITE|PMAP_WIRED);
faddr += PAGE_SIZE;
taddr += PAGE_SIZE;
len -= PAGE_SIZE;
@@ -281,7 +281,7 @@ vunmapbuf(struct buf *bp, vsize_t len)
off = (vaddr_t)bp->b_data - addr;
len = round_page(off + len);
- pmap_remove(pmap_kernel(), addr, len);
+ pmap_remove(pmap_kernel(), addr, addr + len);
pmap_update(pmap_kernel());
uvm_km_free(phys_map, addr, len, UVM_KMF_VAONLY);
bp->b_data = bp->b_saveaddr;
CVS commit: src/sys/netinet
Module Name:src
Committed By: rjs
Date: Tue Oct 17 16:07:18 UTC 2017
Modified Files:
src/sys/netinet: sctp_usrreq.c
Log Message:
Set SPL level to match usage for TCP.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/sys/netinet/sctp_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_usrreq.c
diff -u src/sys/netinet/sctp_usrreq.c:1.6 src/sys/netinet/sctp_usrreq.c:1.7
--- src/sys/netinet/sctp_usrreq.c:1.6 Thu Jul 7 09:32:02 2016
+++ src/sys/netinet/sctp_usrreq.c Tue Oct 17 16:07:18 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_usrreq.c,v 1.50 2005/06/16 20:45:29 jinmei Exp $ */
-/* $NetBSD: sctp_usrreq.c,v 1.6 2016/07/07 09:32:02 ozaki-r Exp $ */
+/* $NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.6 2016/07/07 09:32:02 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_usrreq.c,v 1.7 2017/10/17 16:07:18 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -571,6 +571,7 @@ static int
sctp_detach(struct socket *so)
{
struct sctp_inpcb *inp;
+
inp = (struct sctp_inpcb *)so->so_pcb;
if (inp == 0)
return EINVAL;
@@ -685,16 +686,19 @@ static int
sctp_disconnect(struct socket *so)
{
struct sctp_inpcb *inp;
+ int s;
inp = (struct sctp_inpcb *)so->so_pcb;
if (inp == NULL) {
return (ENOTCONN);
}
+ s = splsoftnet();
SCTP_INP_RLOCK(inp);
if (inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) {
if (LIST_EMPTY(>sctp_asoc_list)) {
/* No connection */
SCTP_INP_RUNLOCK(inp);
+ splx(s);
return (0);
} else {
int some_on_streamwheel = 0;
@@ -704,6 +708,7 @@ sctp_disconnect(struct socket *so)
stcb = LIST_FIRST(>sctp_asoc_list);
if (stcb == NULL) {
SCTP_INP_RUNLOCK(inp);
+splx(s);
return (EINVAL);
}
asoc = >asoc;
@@ -730,6 +735,7 @@ sctp_disconnect(struct socket *so)
SCTP_INP_RUNLOCK(inp);
sctp_free_assoc(inp, stcb);
/* No unlock tcb assoc is gone */
+splx(s);
return (0);
}
if (!TAILQ_EMPTY(>out_wheel)) {
@@ -787,12 +793,14 @@ sctp_disconnect(struct socket *so)
}
SCTP_TCB_UNLOCK(stcb);
SCTP_INP_RUNLOCK(inp);
+ splx(s);
return (0);
}
/* not reached */
} else {
/* UDP model does not support this */
SCTP_INP_RUNLOCK(inp);
+ splx(s);
return EOPNOTSUPP;
}
}
CVS commit: [netbsd-6-0] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 16:03:18 UTC 2017 Modified Files: src/doc [netbsd-6-0]: CHANGES-6.0.7 Log Message: Ticket #1507 To generate a diff of this commit: cvs rdiff -u -r1.1.2.118 -r1.1.2.119 src/doc/CHANGES-6.0.7 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-6.0.7 diff -u src/doc/CHANGES-6.0.7:1.1.2.118 src/doc/CHANGES-6.0.7:1.1.2.119 --- src/doc/CHANGES-6.0.7:1.1.2.118 Fri Oct 13 08:04:27 2017 +++ src/doc/CHANGES-6.0.7 Tue Oct 17 16:03:18 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-6.0.7,v 1.1.2.118 2017/10/13 08:04:27 snj Exp $ +# $NetBSD: CHANGES-6.0.7,v 1.1.2.119 2017/10/17 16:03:18 martin Exp $ A complete list of changes from the NetBSD 6.0.6 release to the NetBSD 6.0.7 release: @@ -15163,3 +15163,20 @@ sys/arch/i386/i386/i386_trap.S 1.12 vi use %ss instead of %ds in trap06 [maxv, ticket #1505] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1507] +
CVS commit: [netbsd-6-0] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 16:02:44 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-6-0]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-6-0]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-6-0]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-6-0]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.10.1 -r1.1.1.2.10.2 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.3.10.1 -r1.3.10.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.5.14.2 -r1.1.1.5.14.3 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.2.10.1 -r1.1.1.2.10.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.1.14.1 -r1.1.1.1.14.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.3.14.2 -r1.3.14.3 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.10.1 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.10.2
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.10.1 Wed Aug 30 05:50:39 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 16:02:43 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int
CVS commit: [netbsd-6-1] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 16:01:23 UTC 2017 Modified Files: src/doc [netbsd-6-1]: CHANGES-6.1.6 Log Message: Ticket #1507 To generate a diff of this commit: cvs rdiff -u -r1.1.2.115 -r1.1.2.116 src/doc/CHANGES-6.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-6.1.6 diff -u src/doc/CHANGES-6.1.6:1.1.2.115 src/doc/CHANGES-6.1.6:1.1.2.116 --- src/doc/CHANGES-6.1.6:1.1.2.115 Fri Oct 13 08:04:37 2017 +++ src/doc/CHANGES-6.1.6 Tue Oct 17 16:01:23 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-6.1.6,v 1.1.2.115 2017/10/13 08:04:37 snj Exp $ +# $NetBSD: CHANGES-6.1.6,v 1.1.2.116 2017/10/17 16:01:23 martin Exp $ A complete list of changes from the NetBSD 6.1.5 release to the NetBSD 6.1.6 release: @@ -14836,3 +14836,20 @@ sys/arch/i386/i386/i386_trap.S 1.12 vi use %ss instead of %ds in trap06 [maxv, ticket #1505] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1507] +
CVS commit: [netbsd-6-1] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 16:00:47 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-6-1]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-6-1]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-6-1]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-6-1]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.12.1 -r1.1.1.2.12.2 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.3.12.1 -r1.3.12.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.1.16.1 -r1.1.1.1.16.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.1.16.1 -r1.1.1.1.16.2 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.5.12.2 -r1.1.1.5.12.3 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.2.12.1 -r1.1.1.2.12.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.1.16.1 -r1.1.1.1.16.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.3.12.2 -r1.3.12.3 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.12.1 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.12.2
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.12.1 Wed Aug 30 05:49:01 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 16:00:46 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int
CVS commit: [netbsd-6] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 15:59:22 UTC 2017 Modified Files: src/doc [netbsd-6]: CHANGES-6.2 Log Message: Ticket #1507 To generate a diff of this commit: cvs rdiff -u -r1.1.2.312 -r1.1.2.313 src/doc/CHANGES-6.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-6.2 diff -u src/doc/CHANGES-6.2:1.1.2.312 src/doc/CHANGES-6.2:1.1.2.313 --- src/doc/CHANGES-6.2:1.1.2.312 Tue Oct 17 15:44:00 2017 +++ src/doc/CHANGES-6.2 Tue Oct 17 15:59:22 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-6.2,v 1.1.2.312 2017/10/17 15:44:00 martin Exp $ +# $NetBSD: CHANGES-6.2,v 1.1.2.313 2017/10/17 15:59:22 martin Exp $ A complete list of changes from the 6.1 release until the 6.2 release: @@ -20942,3 +20942,20 @@ sys/fs/msdosfs/msdosfs_vfsops.c 1.128 for media with sectors >= 32kByte. PR 52485. [mlelstv, ticket #1506] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1507] +
CVS commit: [netbsd-6] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 15:58:49 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-6]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-6]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-6]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-6]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1507):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.3.4.1 -r1.3.4.2 src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.2 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.5.10.2 -r1.1.1.5.10.3 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.2.4.1 -r1.1.1.2.4.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.3.10.2 -r1.3.10.3 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.4.1 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.4.2
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.2.4.1 Wed Aug 30 05:48:09 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 15:58:49 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hos
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 15:53:19 UTC 2017 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1517 To generate a diff of this commit: cvs rdiff -u -r1.1.2.66 -r1.1.2.67 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.66 src/doc/CHANGES-7.0.3:1.1.2.67 --- src/doc/CHANGES-7.0.3:1.1.2.66 Sun Oct 1 17:14:14 2017 +++ src/doc/CHANGES-7.0.3 Tue Oct 17 15:53:19 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.66 2017/10/01 17:14:14 snj Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.67 2017/10/17 15:53:19 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -4980,3 +4980,20 @@ sys/arch/i386/i386/i386_trap.S 1.12 use %ss instead of %ds in trap06 [maxv, ticket #1512] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1517] +
CVS commit: src/sys/netinet
Module Name:src Committed By: rjs Date: Tue Oct 17 15:53:01 UTC 2017 Modified Files: src/sys/netinet: sctp_pcb.c Log Message: Remove duplicate assignment, comment doesn't match it anyway. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/netinet/sctp_pcb.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet/sctp_pcb.c diff -u src/sys/netinet/sctp_pcb.c:1.12 src/sys/netinet/sctp_pcb.c:1.13 --- src/sys/netinet/sctp_pcb.c:1.12 Tue Oct 17 15:49:00 2017 +++ src/sys/netinet/sctp_pcb.c Tue Oct 17 15:53:01 2017 @@ -1,5 +1,5 @@ /* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */ -/* $NetBSD: sctp_pcb.c,v 1.12 2017/10/17 15:49:00 rjs Exp $ */ +/* $NetBSD: sctp_pcb.c,v 1.13 2017/10/17 15:53:01 rjs Exp $ */ /* * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc. @@ -33,7 +33,7 @@ * SUCH DAMAGE. */ #include -__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.12 2017/10/17 15:49:00 rjs Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.13 2017/10/17 15:53:01 rjs Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -1351,9 +1351,6 @@ sctp_inpcb_alloc(struct socket *so) /* zap it */ memset(inp, 0, sizeof(*inp)); - /* bump generations */ - inp->ip_inp.inp.inp_socket = so; - /* setup socket pointers */ inp->sctp_socket = so;
CVS commit: [netbsd-7-0] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 15:52:35 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-7-0]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-7-0]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-7-0]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-7-0]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.4.4.1.2.1 -r1.1.1.4.4.1.2.2 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.6.4.1.2.1 -r1.6.4.1.2.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.3.4.1.2.1 -r1.1.1.3.4.1.2.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.3.4.1.2.1 -r1.1.1.3.4.1.2.2 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.2.4.1.2.1 -r1.1.1.2.4.1.2.2 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.5.4.1.2.1 -r1.1.1.5.4.1.2.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.3.4.1.2.1 -r1.1.1.3.4.1.2.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.1.1.1.6.1.2.1 -r1.1.1.1.6.1.2.2 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.2.1 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.2.2
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.2.1 Sat Aug 12 05:31:32 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 15:52:34 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 15:51:18 UTC 2017 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.1 Log Message: Ticket #1517 To generate a diff of this commit: cvs rdiff -u -r1.1.2.34 -r1.1.2.35 src/doc/CHANGES-7.1.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.1 diff -u src/doc/CHANGES-7.1.1:1.1.2.34 src/doc/CHANGES-7.1.1:1.1.2.35 --- src/doc/CHANGES-7.1.1:1.1.2.34 Sun Oct 1 17:14:24 2017 +++ src/doc/CHANGES-7.1.1 Tue Oct 17 15:51:18 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.1,v 1.1.2.34 2017/10/01 17:14:24 snj Exp $ +# $NetBSD: CHANGES-7.1.1,v 1.1.2.35 2017/10/17 15:51:18 martin Exp $ A complete list of changes from the NetBSD 7.1 release to the NetBSD 7.1.1 release: @@ -3678,3 +3678,20 @@ sys/arch/i386/i386/i386_trap.S 1.12 use %ss instead of %ds in trap06 [maxv, ticket #1512] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1517] +
CVS commit: [netbsd-7-1] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 15:50:36 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-7-1]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-7-1]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-7-1]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-7-1]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.4.4.1.6.1 -r1.1.1.4.4.1.6.2 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.6.4.1.6.1 -r1.6.4.1.6.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.3.4.1.6.1 -r1.1.1.3.4.1.6.2 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.3.4.1.6.1 -r1.1.1.3.4.1.6.2 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.2.4.1.6.1 -r1.1.1.2.4.1.6.2 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.5.4.1.6.1 -r1.1.1.5.4.1.6.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.3.4.1.6.1 -r1.1.1.3.4.1.6.2 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.1.1.1.6.1.6.1 -r1.1.1.1.6.1.6.2 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.6.1 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.6.2
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.1.6.1 Sat Aug 12 05:44:00 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 15:50:35 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if
CVS commit: src/sys/netinet
Module Name:src
Committed By: rjs
Date: Tue Oct 17 15:49:00 UTC 2017
Modified Files:
src/sys/netinet: sctp_pcb.c
Log Message:
Remove some foreign conditional code. NFC intended.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/netinet/sctp_pcb.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.11 src/sys/netinet/sctp_pcb.c:1.12
--- src/sys/netinet/sctp_pcb.c:1.11 Tue Oct 17 15:02:31 2017
+++ src/sys/netinet/sctp_pcb.c Tue Oct 17 15:49:00 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.11 2017/10/17 15:02:31 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.12 2017/10/17 15:49:00 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.11 2017/10/17 15:02:31 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.12 2017/10/17 15:49:00 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -690,15 +690,7 @@ sctp_endpoint_probe(struct sockaddr *nam
/* got it */
if ((nam->sa_family == AF_INET) &&
(inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) &&
-#if defined(__FreeBSD__) || defined(__APPLE__)
- (((struct inpcb *)inp)->inp_flags & IN6P_IPV6_V6ONLY)
-#else
-#if defined(__OpenBSD__)
- (0) /* For open bsd we do dual bind only */
-#else
(((struct in6pcb *)inp)->in6p_flags & IN6P_IPV6_V6ONLY)
-#endif
-#endif
) {
/* IPv4 on a IPv6 socket with ONLY IPv6 set */
SCTP_INP_RUNLOCK(inp);
@@ -1388,13 +1380,8 @@ sctp_inpcb_alloc(struct socket *so)
}
#endif /* IPSEC */
sctppcbinfo.ipi_count_ep++;
-#if defined(__FreeBSD__) || defined(__APPLE__)
- inp->ip_inp.inp.inp_gencnt = ++sctppcbinfo.ipi_gencnt_ep;
- inp->ip_inp.inp.inp_ip_ttl = ip_defttl;
-#else
inp->inp_ip_ttl = ip_defttl;
inp->inp_ip_tos = 0;
-#endif
so->so_pcb = (void *)inp;
@@ -1486,13 +1473,7 @@ sctp_inpcb_alloc(struct socket *so)
/* seed random number generator */
m->random_counter = 1;
m->store_at = SCTP_SIGNATURE_SIZE;
-#if defined(__FreeBSD__) && (__FreeBSD_version < 50)
- read_random_unlimited(m->random_numbers, sizeof(m->random_numbers));
-#elif defined(__APPLE__) || (__FreeBSD_version > 50)
- read_random(m->random_numbers, sizeof(m->random_numbers));
-#elif defined(__OpenBSD__)
- get_random_bytes(m->random_numbers, sizeof(m->random_numbers));
-#elif defined(__NetBSD__) && NRND > 0
+#if NRND > 0
rnd_extract_data(m->random_numbers, sizeof(m->random_numbers),
RND_EXTRACT_ANY);
#else
@@ -1631,16 +1612,7 @@ sctp_isport_inuse(struct sctp_inpcb *inp
/* This one is in use. */
/* check the v6/v4 binding issue */
if ((t_inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) &&
-#if defined(__FreeBSD__)
- (((struct inpcb *)t_inp)->inp_flags & IN6P_IPV6_V6ONLY)
-#else
-#if defined(__OpenBSD__)
- (0) /* For open bsd we do dual bind only */
-#else
- (((struct in6pcb *)t_inp)->in6p_flags & IN6P_IPV6_V6ONLY)
-#endif
-#endif
- ) {
+ (((struct in6pcb *)t_inp)->in6p_flags & IN6P_IPV6_V6ONLY)) {
if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) {
/* collision in V6 space */
return (1);
@@ -1654,15 +1626,7 @@ sctp_isport_inuse(struct sctp_inpcb *inp
} else {
/* t_inp is bound only V4 */
if ((inp->sctp_flags & SCTP_PCB_FLAGS_BOUND_V6) &&
-#if defined(__FreeBSD__)
- (((struct inpcb *)inp)->inp_flags & IN6P_IPV6_V6ONLY)
-#else
-#if defined(__OpenBSD__)
- (0) /* For open bsd we do dual bind only */
-#else
(((struct in6pcb *)inp)->in6p_flags & IN6P_IPV6_V6ONLY)
-#endif
-#endif
) {
/* no conflict */
continue;
@@ -2193,11 +2157,7 @@ sctp_inpcb_free(struct sctp_inpcb *inp,
ip_freemoptions(ip_pcb->inp_moptions);
ip_pcb->inp_moptions = 0;
}
-#if !(defined(__FreeBSD__) || defined(__APPLE__))
inp->inp_vflag = 0;
-#else
- ip_pcb->inp_vflag = 0;
-#endif
/* Now the sctp_pcb things */
/*
@@ -3443,17 +3403,9 @@ sctp_destination_is_reachable(struct sct
}
/* NOTE: all "scope" checks are done when local addresses are added */
if (destaddr->sa_family == AF_INET6) {
-#if !(defined(__FreeBSD__) || defined(__APPLE__))
answer = inp->inp_vflag & INP_IPV6;
-#else
- answer = inp->ip_inp.inp.inp_vflag & INP_IPV6;
-#endif
} else if (destaddr->sa_family == AF_INET) {
-#if !(defined(__FreeBSD__) || defined(__APPLE__))
answer = inp->inp_vflag & INP_IPV4;
-#else
- answer = inp->ip_inp.inp.inp_vflag & INP_IPV4;
-#endif
} else {
/* invalid family, so it's unreachable */
answer = 0;
@@ -3469,11 +3421,8 @@ sctp_update_ep_vflag(struct sctp_inpcb *
struct sctp_laddr *laddr;
/* first clear the flag */
-#if !(defined(__FreeBSD__) || defined(__APPLE__))
inp->inp_vflag = 0;
-#else
- inp->ip_inp.inp.inp_vflag = 0;
-#endif
+
/* set the
CVS commit: [netbsd-7] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 15:48:59 UTC 2017 Modified Files: src/doc [netbsd-7]: CHANGES-7.2 Log Message: Ticket #1517 To generate a diff of this commit: cvs rdiff -u -r1.1.2.50 -r1.1.2.51 src/doc/CHANGES-7.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.2 diff -u src/doc/CHANGES-7.2:1.1.2.50 src/doc/CHANGES-7.2:1.1.2.51 --- src/doc/CHANGES-7.2:1.1.2.50 Fri Oct 13 08:12:44 2017 +++ src/doc/CHANGES-7.2 Tue Oct 17 15:48:59 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.2,v 1.1.2.50 2017/10/13 08:12:44 snj Exp $ +# $NetBSD: CHANGES-7.2,v 1.1.2.51 2017/10/17 15:48:59 martin Exp $ A complete list of changes from the NetBSD 7.1 release to the NetBSD 7.2 release: @@ -4713,3 +4713,21 @@ sys/dev/usb/ukbd.c1.137-1.138 Always try to set USB HID devices into Report Protocol. [jakllsch, ticket #1503] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #1517] + +
CVS commit: [netbsd-7] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 15:48:07 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-7]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-7]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-7]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-7]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1517):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.4.4.2 -r1.1.1.4.4.3 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.6.4.2 -r1.6.4.3 src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.2.4.2 -r1.1.1.2.4.3 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.5.4.2 -r1.1.1.5.4.3 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.3.4.2 -r1.1.1.3.4.3 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.1.1.1.6.2 -r1.1.1.1.6.3 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.2 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.3
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.4.4.2 Sat Aug 12 05:56:15 2017
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 15:48:07 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hos
CVS commit: [netbsd-6] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 15:44:00 UTC 2017 Modified Files: src/doc [netbsd-6]: CHANGES-6.2 Log Message: Ammend #1502 To generate a diff of this commit: cvs rdiff -u -r1.1.2.311 -r1.1.2.312 src/doc/CHANGES-6.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-6.2 diff -u src/doc/CHANGES-6.2:1.1.2.311 src/doc/CHANGES-6.2:1.1.2.312 --- src/doc/CHANGES-6.2:1.1.2.311 Fri Oct 13 08:06:09 2017 +++ src/doc/CHANGES-6.2 Tue Oct 17 15:44:00 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-6.2,v 1.1.2.311 2017/10/13 08:06:09 snj Exp $ +# $NetBSD: CHANGES-6.2,v 1.1.2.312 2017/10/17 15:44:00 martin Exp $ A complete list of changes from the 6.1 release until the 6.2 release: @@ -20936,7 +20936,7 @@ sys/arch/i386/i386/i386_trap.S 1.12 vi use %ss instead of %ds in trap06 [maxv, ticket #1505] -sys/fs/msdosfs/msdosfs_vfsops.c 1.128 +sys/fs/msdosfs/msdosfs_vfsops.c 1.128 via patch Add more sanity checks for BPB parameters. Handle FAT12 format for media with sectors >= 32kByte. PR 52485.
CVS commit: [netbsd-6] src/sys/fs/msdosfs
Module Name:src
Committed By: martin
Date: Tue Oct 17 15:43:09 UTC 2017
Modified Files:
src/sys/fs/msdosfs [netbsd-6]: msdosfs_vfsops.c
Log Message:
Apply patch form mlelstv to fix the build after pullup #1506
To generate a diff of this commit:
cvs rdiff -u -r1.93.6.4 -r1.93.6.5 src/sys/fs/msdosfs/msdosfs_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/fs/msdosfs/msdosfs_vfsops.c
diff -u src/sys/fs/msdosfs/msdosfs_vfsops.c:1.93.6.4 src/sys/fs/msdosfs/msdosfs_vfsops.c:1.93.6.5
--- src/sys/fs/msdosfs/msdosfs_vfsops.c:1.93.6.4 Fri Oct 13 08:05:30 2017
+++ src/sys/fs/msdosfs/msdosfs_vfsops.c Tue Oct 17 15:43:09 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: msdosfs_vfsops.c,v 1.93.6.4 2017/10/13 08:05:30 snj Exp $ */
+/* $NetBSD: msdosfs_vfsops.c,v 1.93.6.5 2017/10/17 15:43:09 martin Exp $ */
/*-
* Copyright (C) 1994, 1995, 1997 Wolfgang Solfrank.
@@ -48,7 +48,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: msdosfs_vfsops.c,v 1.93.6.4 2017/10/13 08:05:30 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: msdosfs_vfsops.c,v 1.93.6.5 2017/10/17 15:43:09 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -712,8 +712,8 @@ msdosfs_mountfs(struct vnode *devvp, str
/* validate cluster count against FAT */
if ((pmp->pm_maxcluster & pmp->pm_fatmask) != pmp->pm_maxcluster) {
- DPRINTF("maxcluster %lu outside of mask %#lx\n",
- pmp->pm_maxcluster, pmp->pm_fatmask);
+ DPRINTF(("maxcluster %lu outside of mask %#lx\n",
+ pmp->pm_maxcluster, pmp->pm_fatmask));
error = EINVAL;
goto error_exit;
}
@@ -723,8 +723,8 @@ msdosfs_mountfs(struct vnode *devvp, str
fatblocksecs = howmany(fatbytes, pmp->pm_BytesPerSec);
if (pmp->pm_FATsecs != fatblocksecs) {
- DPRINTF("FATsecs %lu != real %lu\n", pmp->pm_FATsecs,
- fatblocksecs);
+ DPRINTF(("FATsecs %lu != real %lu\n", pmp->pm_FATsecs,
+ fatblocksecs));
error = EINVAL;
goto error_exit;
}
CVS commit: src/sys/netinet
Module Name:src
Committed By: rjs
Date: Tue Oct 17 15:02:31 UTC 2017
Modified Files:
src/sys/netinet: sctp_pcb.c
Log Message:
Wrap pcb list check with #ifdef DEBUG.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/netinet/sctp_pcb.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.10 src/sys/netinet/sctp_pcb.c:1.11
--- src/sys/netinet/sctp_pcb.c:1.10 Tue Oct 17 14:53:23 2017
+++ src/sys/netinet/sctp_pcb.c Tue Oct 17 15:02:31 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.10 2017/10/17 14:53:23 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.11 2017/10/17 15:02:31 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.10 2017/10/17 14:53:23 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.11 2017/10/17 15:02:31 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1306,7 +1306,10 @@ sctp_inpcb_alloc(struct socket *so)
* the EP.
*/
int i, error;
- struct sctp_inpcb *inp, *n_inp;
+ struct sctp_inpcb *inp;
+#ifdef DEBUG
+ struct sctp_inpcb *n_inp;
+#endif
struct sctp_pcb *m;
struct timeval time;
@@ -1326,7 +1329,7 @@ sctp_inpcb_alloc(struct socket *so)
* Probably we should move this to the invariant
* compile options
*/
-/* #ifdef INVARIANTS*/
+#ifdef DEBUG
SCTP_INP_INFO_RLOCK();
inp = LIST_FIRST();
while (inp) {
@@ -1343,7 +1346,7 @@ sctp_inpcb_alloc(struct socket *so)
inp = n_inp;
}
SCTP_INP_INFO_RUNLOCK();
-/* #endif INVARIANTS*/
+#endif /* DEBUG */
SCTP_INP_INFO_WLOCK();
inp = (struct sctp_inpcb *)SCTP_ZONE_GET(sctppcbinfo.ipi_zone_ep);
CVS commit: src/sys/netinet
Module Name:src
Committed By: rjs
Date: Tue Oct 17 14:53:23 UTC 2017
Modified Files:
src/sys/netinet: sctp_pcb.c
Log Message:
Remove function prototype that is no longer required. NFC
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/sys/netinet/sctp_pcb.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/sctp_pcb.c
diff -u src/sys/netinet/sctp_pcb.c:1.9 src/sys/netinet/sctp_pcb.c:1.10
--- src/sys/netinet/sctp_pcb.c:1.9 Wed Jun 28 13:22:28 2017
+++ src/sys/netinet/sctp_pcb.c Tue Oct 17 14:53:23 2017
@@ -1,5 +1,5 @@
/* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.9 2017/06/28 13:22:28 rjs Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.10 2017/10/17 14:53:23 rjs Exp $ */
/*
* Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.9 2017/06/28 13:22:28 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.10 2017/10/17 14:53:23 rjs Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1671,15 +1671,6 @@ sctp_isport_inuse(struct sctp_inpcb *inp
return (0);
}
-#if !(defined(__FreeBSD__) || defined(__APPLE__))
-/*
- * Don't know why, but without this there is an unknown reference when
- * compiling NetBSD... hmm
- */
-extern void in6_sin6_2_sin (struct sockaddr_in *, struct sockaddr_in6 *sin6);
-#endif
-
-
int
sctp_inpcb_bind(struct socket *so, struct sockaddr *addr, struct lwp *l)
{
CVS commit: src/usr.sbin/cpuctl/arch
Module Name:src
Committed By: msaitoh
Date: Tue Oct 17 14:48:43 UTC 2017
Modified Files:
src/usr.sbin/cpuctl/arch: i386.c
Log Message:
Update from the latest Intel SDM:
0x5c: Atom (Goldmont)
0x5f: Atom (Goldmont, Denverton)
0x7a: Atom (Goldmont Plus)
To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 src/usr.sbin/cpuctl/arch/i386.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/cpuctl/arch/i386.c
diff -u src/usr.sbin/cpuctl/arch/i386.c:1.76 src/usr.sbin/cpuctl/arch/i386.c:1.77
--- src/usr.sbin/cpuctl/arch/i386.c:1.76 Mon Oct 16 10:10:48 2017
+++ src/usr.sbin/cpuctl/arch/i386.c Tue Oct 17 14:48:42 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: i386.c,v 1.76 2017/10/16 10:10:48 msaitoh Exp $ */
+/* $NetBSD: i386.c,v 1.77 2017/10/17 14:48:42 msaitoh Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -57,7 +57,7 @@
#include
#ifndef lint
-__RCSID("$NetBSD: i386.c,v 1.76 2017/10/16 10:10:48 msaitoh Exp $");
+__RCSID("$NetBSD: i386.c,v 1.77 2017/10/17 14:48:42 msaitoh Exp $");
#endif /* not lint */
#include
@@ -375,10 +375,11 @@ const struct cpu_cpuid_nameclass i386_cp
[0x56] = "Xeon D-1500 (Broadwell)",
[0x57] = "Xeon Phi [357]200",
[0x5a] = "Atom E3500",
-[0x5c] = "Next Atom (Goldmont)",
+[0x5c] = "Atom (Goldmont)",
[0x5d] = "Atom X3-C3000 (Silvermont)",
[0x5e] = "6th gen Core, Xeon E3-1[25]00 v5 (Skylake)",
-[0x5f] = "Future Atom (Denverton)",
+[0x5f] = "Atom (Goldmont, Denverton)",
+[0x7a] = "Atom (Goldmont Plus)",
[0x85] = "Future Xeon Phi",
[0x8e] = "7th gen Core (Kaby Lake)",
[0x9e] = "7th gen Core (Kaby Lake)",
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: martin Date: Tue Oct 17 12:44:41 UTC 2017 Modified Files: src/doc [netbsd-8]: CHANGES-8.0 Log Message: Ticket #324 To generate a diff of this commit: cvs rdiff -u -r1.1.2.67 -r1.1.2.68 src/doc/CHANGES-8.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.0 diff -u src/doc/CHANGES-8.0:1.1.2.67 src/doc/CHANGES-8.0:1.1.2.68 --- src/doc/CHANGES-8.0:1.1.2.67 Sun Oct 15 20:19:09 2017 +++ src/doc/CHANGES-8.0 Tue Oct 17 12:44:40 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-8.0,v 1.1.2.67 2017/10/15 20:19:09 snj Exp $ +# $NetBSD: CHANGES-8.0,v 1.1.2.68 2017/10/17 12:44:40 martin Exp $ A complete list of changes from the initial NetBSD 8.0 branch on 2017-06-04 until the 8.0 release: @@ -6250,3 +6250,20 @@ sys/dev/pci/if_wm.c1.539 - Print NVM offset and word count when EERD polling failed. [msaitoh, ticket #306] +external/bsd/wpa/dist/src/ap/ieee802_11.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth.c 1.10 +external/bsd/wpa/dist/src/ap/wpa_auth.h 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_ft.c 1.2 +external/bsd/wpa/dist/src/ap/wpa_auth_i.h 1.2 +external/bsd/wpa/dist/src/common/wpa_common.h 1.3 +external/bsd/wpa/dist/src/rsn_supp/tdls.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c 1.2 +external/bsd/wpa/dist/src/rsn_supp/wpa_i.h 1.2 +external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c 1.4 + + Apply upstream patches for CVE-2017-13077 CVE-2017-13078 + CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 + CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 + [spz, ticket #324] +
CVS commit: [netbsd-8] src/external/bsd/wpa/dist
Module Name:src
Committed By: martin
Date: Tue Oct 17 12:42:06 UTC 2017
Modified Files:
src/external/bsd/wpa/dist/src/ap [netbsd-8]: ieee802_11.c wpa_auth.c
wpa_auth.h wpa_auth_ft.c wpa_auth_i.h
src/external/bsd/wpa/dist/src/common [netbsd-8]: wpa_common.h
src/external/bsd/wpa/dist/src/rsn_supp [netbsd-8]: tdls.c wpa.c
wpa_ft.c wpa_i.h
src/external/bsd/wpa/dist/wpa_supplicant [netbsd-8]: wnm_sta.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #324):
external/bsd/wpa/dist/src/ap/ieee802_11.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth_i.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa.c: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/wpa_i.h: revision 1.2
external/bsd/wpa/dist/src/ap/wpa_auth.h: revision 1.2
external/bsd/wpa/dist/src/rsn_supp/tdls.c: revision 1.2
external/bsd/wpa/dist/src/common/wpa_common.h: revision 1.3
external/bsd/wpa/dist/src/ap/wpa_auth_ft.c: revision 1.2
external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c: revision 1.4
external/bsd/wpa/dist/src/ap/wpa_auth.c: revision 1.10
apply patches from upstream, namely from https://w1.fi/security/2017-1/;>https://w1.fi/security/2017-1/ :
rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
02-Oct-2017 16:19 6.1K
rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
02-Oct-2017 16:19 7.7K
rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
02-Oct-2017 16:19 6.7K
rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
02-Oct-2017 16:19 2.5K
rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
02-Oct-2017 16:19 1.9K
rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
02-Oct-2017 16:19 4.2K
rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
02-Oct-2017 16:19 1.6K
rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
02-Oct-2017 16:19 2.7K
for CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088
(see
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt;>https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
for details)
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.6.1 \
src/external/bsd/wpa/dist/src/ap/ieee802_11.c \
src/external/bsd/wpa/dist/src/ap/wpa_auth_ft.c
cvs rdiff -u -r1.9 -r1.9.6.1 src/external/bsd/wpa/dist/src/ap/wpa_auth.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.6.1 \
src/external/bsd/wpa/dist/src/ap/wpa_auth.h \
src/external/bsd/wpa/dist/src/ap/wpa_auth_i.h
cvs rdiff -u -r1.2 -r1.2.6.1 \
src/external/bsd/wpa/dist/src/common/wpa_common.h
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.6.1 \
src/external/bsd/wpa/dist/src/rsn_supp/tdls.c
cvs rdiff -u -r1.1.1.8 -r1.1.1.8.6.1 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa.c
cvs rdiff -u -r1.1.1.6 -r1.1.1.6.6.1 \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_ft.c \
src/external/bsd/wpa/dist/src/rsn_supp/wpa_i.h
cvs rdiff -u -r1.3 -r1.3.6.1 \
src/external/bsd/wpa/dist/wpa_supplicant/wnm_sta.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/ap/ieee802_11.c
diff -u src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.7 src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.7.6.1
--- src/external/bsd/wpa/dist/src/ap/ieee802_11.c:1.1.1.7 Mon Nov 21 16:42:50 2016
+++ src/external/bsd/wpa/dist/src/ap/ieee802_11.c Tue Oct 17 12:42:05 2017
@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hos
{
struct ieee80211_ht_capabilities ht_cap;
struct ieee80211_vht_capabilities vht_cap;
+ int set = 1;
/*
* Remove the STA entry to ensure the STA PS state gets cleared and
@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hos
* FT-over-the-DS, where a station re-associates back to the same AP but
* skips the authentication flow, or if working with a driver that
* does not support full AP client state.
+ *
+ * Skip this if the STA has already completed FT reassociation and the
+ * TK has been configured since the TX/RX PN must not be reset to 0 for
+ * the same key.
*/
- if (!sta->added_unassoc)
+ if (!sta->added_unassoc &&
+ (!(sta->flags & WLAN_STA_AUTHORIZED) ||
+ !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
hostapd_drv_sta_remove(hapd, sta->addr);
+ wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
+ set = 0;
+ }
#ifdef CONFIG_IEEE80211N
if (sta->flags & WLAN_STA_HT)
@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hos
sta->flags & WLAN_STA_VHT ? _cap : NULL,
CVS commit: src/sys/arch/amd64/amd64
Module Name:src Committed By: maxv Date: Tue Oct 17 07:48:10 UTC 2017 Modified Files: src/sys/arch/amd64/amd64: locore.S machdep.c Log Message: Move %ds and %es into the GDT on 64bit LWPs. To generate a diff of this commit: cvs rdiff -u -r1.132 -r1.133 src/sys/arch/amd64/amd64/locore.S cvs rdiff -u -r1.267 -r1.268 src/sys/arch/amd64/amd64/machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/locore.S diff -u src/sys/arch/amd64/amd64/locore.S:1.132 src/sys/arch/amd64/amd64/locore.S:1.133 --- src/sys/arch/amd64/amd64/locore.S:1.132 Tue Oct 17 07:33:44 2017 +++ src/sys/arch/amd64/amd64/locore.S Tue Oct 17 07:48:10 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: locore.S,v 1.132 2017/10/17 07:33:44 maxv Exp $ */ +/* $NetBSD: locore.S,v 1.133 2017/10/17 07:48:10 maxv Exp $ */ /* * Copyright-o-rama! @@ -1284,7 +1284,7 @@ IDTVEC(syscall) movw %es,TF_ES(%rsp) movw %fs,TF_FS(%rsp) movw %gs,TF_GS(%rsp) - movw $(LSEL(LUDATA_SEL, SEL_UPL)),TF_DS(%rsp) + movw $(GSEL(GUDATA_SEL, SEL_UPL)),TF_DS(%rsp) STI(si) do_syscall: Index: src/sys/arch/amd64/amd64/machdep.c diff -u src/sys/arch/amd64/amd64/machdep.c:1.267 src/sys/arch/amd64/amd64/machdep.c:1.268 --- src/sys/arch/amd64/amd64/machdep.c:1.267 Sun Oct 15 13:34:24 2017 +++ src/sys/arch/amd64/amd64/machdep.c Tue Oct 17 07:48:10 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: machdep.c,v 1.267 2017/10/15 13:34:24 maxv Exp $ */ +/* $NetBSD: machdep.c,v 1.268 2017/10/17 07:48:10 maxv Exp $ */ /* * Copyright (c) 1996, 1997, 1998, 2000, 2006, 2007, 2008, 2011 @@ -110,7 +110,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.267 2017/10/15 13:34:24 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.268 2017/10/17 07:48:10 maxv Exp $"); /* #define XENDEBUG_LOW */ @@ -1331,8 +1331,8 @@ setregs(struct lwp *l, struct exec_packa l->l_md.md_flags = MDL_IRET; tf = l->l_md.md_regs; - tf->tf_ds = LSEL(LUDATA_SEL, SEL_UPL); - tf->tf_es = LSEL(LUDATA_SEL, SEL_UPL); + tf->tf_ds = GSEL(GUDATA_SEL, SEL_UPL); + tf->tf_es = GSEL(GUDATA_SEL, SEL_UPL); cpu_segregs64_zero(l); tf->tf_rdi = 0; tf->tf_rsi = 0;
CVS commit: src/sys/arch
Module Name:src
Committed By: maxv
Date: Tue Oct 17 07:33:44 UTC 2017
Modified Files:
src/sys/arch/amd64/amd64: amd64_trap.S locore.S
src/sys/arch/amd64/include: frameasm.h
src/sys/arch/x86/x86: cpu.c
Log Message:
Have the cpu clear PSL_D automatically when entering the kernel via a
syscall. Then, don't clear PSL_D and PSL_AC in the syscall entry point,
they are now both cleared by the cpu (faster). However they still need to
be manually cleared in the interrupt/trap entry points.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/arch/amd64/amd64/amd64_trap.S
cvs rdiff -u -r1.131 -r1.132 src/sys/arch/amd64/amd64/locore.S
cvs rdiff -u -r1.22 -r1.23 src/sys/arch/amd64/include/frameasm.h
cvs rdiff -u -r1.137 -r1.138 src/sys/arch/x86/x86/cpu.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/amd64/amd64/amd64_trap.S
diff -u src/sys/arch/amd64/amd64/amd64_trap.S:1.11 src/sys/arch/amd64/amd64/amd64_trap.S:1.12
--- src/sys/arch/amd64/amd64/amd64_trap.S:1.11 Fri Sep 15 17:32:12 2017
+++ src/sys/arch/amd64/amd64/amd64_trap.S Tue Oct 17 07:33:44 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: amd64_trap.S,v 1.11 2017/09/15 17:32:12 maxv Exp $ */
+/* $NetBSD: amd64_trap.S,v 1.12 2017/10/17 07:33:44 maxv Exp $ */
/*
* Copyright (c) 1998, 2007, 2008, 2017 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
#if 0
#include
-__KERNEL_RCSID(0, "$NetBSD: amd64_trap.S,v 1.11 2017/09/15 17:32:12 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: amd64_trap.S,v 1.12 2017/10/17 07:33:44 maxv Exp $");
#endif
/*
@@ -122,6 +122,8 @@ IDTVEC(trap02)
pushq $T_NMI
subq $TF_REGSIZE,%rsp
INTR_SAVE_GPRS
+ cld
+ callq smap_enable
movw %gs,TF_GS(%rsp)
movw %fs,TF_FS(%rsp)
movw %es,TF_ES(%rsp)
Index: src/sys/arch/amd64/amd64/locore.S
diff -u src/sys/arch/amd64/amd64/locore.S:1.131 src/sys/arch/amd64/amd64/locore.S:1.132
--- src/sys/arch/amd64/amd64/locore.S:1.131 Sat Sep 30 11:43:57 2017
+++ src/sys/arch/amd64/amd64/locore.S Tue Oct 17 07:33:44 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: locore.S,v 1.131 2017/09/30 11:43:57 maxv Exp $ */
+/* $NetBSD: locore.S,v 1.132 2017/10/17 07:33:44 maxv Exp $ */
/*
* Copyright-o-rama!
@@ -1278,6 +1278,7 @@ IDTVEC(syscall)
pushq $2 /* error code */
pushq $T_ASTFLT
subq $TF_REGSIZE,%rsp
+ cld
#endif
INTR_SAVE_GPRS
movw %es,TF_ES(%rsp)
Index: src/sys/arch/amd64/include/frameasm.h
diff -u src/sys/arch/amd64/include/frameasm.h:1.22 src/sys/arch/amd64/include/frameasm.h:1.23
--- src/sys/arch/amd64/include/frameasm.h:1.22 Tue Oct 17 06:58:15 2017
+++ src/sys/arch/amd64/include/frameasm.h Tue Oct 17 07:33:44 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: frameasm.h,v 1.22 2017/10/17 06:58:15 maxv Exp $ */
+/* $NetBSD: frameasm.h,v 1.23 2017/10/17 07:33:44 maxv Exp $ */
#ifndef _AMD64_MACHINE_FRAMEASM_H
#define _AMD64_MACHINE_FRAMEASM_H
@@ -55,9 +55,7 @@
movq %r15,TF_R15(%rsp) ; \
movq %rbp,TF_RBP(%rsp) ; \
movq %rbx,TF_RBX(%rsp) ; \
- movq %rax,TF_RAX(%rsp) ; \
- cld; \
- callq smap_enable
+ movq %rax,TF_RAX(%rsp)
#define INTR_RESTORE_GPRS \
movq TF_RDI(%rsp),%rdi ; \
@@ -79,6 +77,8 @@
#define INTRENTRY_L(kernel_trap, usertrap) \
subq $TF_REGSIZE,%rsp ; \
INTR_SAVE_GPRS ; \
+ cld; \
+ callq smap_enable ; \
testb $SEL_UPL,TF_CS(%rsp) ; \
je kernel_trap ; \
usertrap; \
Index: src/sys/arch/x86/x86/cpu.c
diff -u src/sys/arch/x86/x86/cpu.c:1.137 src/sys/arch/x86/x86/cpu.c:1.138
--- src/sys/arch/x86/x86/cpu.c:1.137 Tue Oct 17 06:58:15 2017
+++ src/sys/arch/x86/x86/cpu.c Tue Oct 17 07:33:44 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: cpu.c,v 1.137 2017/10/17 06:58:15 maxv Exp $ */
+/* $NetBSD: cpu.c,v 1.138 2017/10/17 07:33:44 maxv Exp $ */
/*
* Copyright (c) 2000-2012 NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: cpu.c,v 1.137 2017/10/17 06:58:15 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cpu.c,v 1.138 2017/10/17 07:33:44 maxv Exp $");
#include "opt_ddb.h"
#include "opt_mpbios.h" /* for MPDEBUG */
@@ -1048,7 +1048,7 @@ cpu_init_msrs(struct cpu_info *ci, bool
((uint64_t)LSEL(LSYSRETBASE_SEL, SEL_UPL) << 48));
wrmsr(MSR_LSTAR, (uint64_t)Xsyscall);
wrmsr(MSR_CSTAR, (uint64_t)Xsyscall32);
- wrmsr(MSR_SFMASK, PSL_NT|PSL_T|PSL_I|PSL_C|PSL_AC);
+ wrmsr(MSR_SFMASK, PSL_NT|PSL_T|PSL_I|PSL_C|PSL_D|PSL_AC);
if (full) {
wrmsr(MSR_FSBASE, 0);
CVS commit: src/sys/netipsec
Module Name:src
Committed By: ozaki-r
Date: Tue Oct 17 07:23:08 UTC 2017
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Fix buffer length for ipsec_logsastr
To generate a diff of this commit:
cvs rdiff -u -r1.121 -r1.122 src/sys/netipsec/ipsec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.121 src/sys/netipsec/ipsec.c:1.122
--- src/sys/netipsec/ipsec.c:1.121 Tue Oct 3 08:25:21 2017
+++ src/sys/netipsec/ipsec.c Tue Oct 17 07:23:08 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.121 2017/10/03 08:25:21 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.122 2017/10/17 07:23:08 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.121 2017/10/03 08:25:21 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.122 2017/10/17 07:23:08 ozaki-r Exp $");
/*
* IPsec controller part.
@@ -2075,7 +2075,6 @@ ipsec_updatereplay(u_int32_t seq, const
int fr;
u_int32_t wsizeb; /* constant: bits of window size */
int frlast; /* constant: last frame */
- char buf[INET6_ADDRSTRLEN];
IPSEC_SPLASSERT_SOFTNET(__func__);
@@ -2143,6 +2142,7 @@ ipsec_updatereplay(u_int32_t seq, const
ok:
if (replay->count == ~0) {
+ char buf[IPSEC_LOGSASTRLEN];
/* set overflow flag */
replay->overflow++;
CVS commit: src/usr.sbin/inetd
Module Name:src
Committed By: ozaki-r
Date: Tue Oct 17 07:13:19 UTC 2017
Modified Files:
src/usr.sbin/inetd: inetd.c
Log Message:
Don't setup SPs if no policy sepecifier is specified
We expect that SPs are set up iff some policy sepecifier(s) are specified.
Found on investigating an issue reported by Robert Swindells
To generate a diff of this commit:
cvs rdiff -u -r1.123 -r1.124 src/usr.sbin/inetd/inetd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/inetd/inetd.c
diff -u src/usr.sbin/inetd/inetd.c:1.123 src/usr.sbin/inetd/inetd.c:1.124
--- src/usr.sbin/inetd/inetd.c:1.123 Wed Feb 15 02:48:31 2017
+++ src/usr.sbin/inetd/inetd.c Tue Oct 17 07:13:19 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: inetd.c,v 1.123 2017/02/15 02:48:31 elric Exp $ */
+/* $NetBSD: inetd.c,v 1.124 2017/10/17 07:13:19 ozaki-r Exp $ */
/*-
* Copyright (c) 1998, 2003 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 19
#if 0
static char sccsid[] = "@(#)inetd.c 8.4 (Berkeley) 4/13/94";
#else
-__RCSID("$NetBSD: inetd.c,v 1.123 2017/02/15 02:48:31 elric Exp $");
+__RCSID("$NetBSD: inetd.c,v 1.124 2017/10/17 07:13:19 ozaki-r Exp $");
#endif
#endif /* not lint */
@@ -1088,13 +1088,16 @@ setsockopt(fd, SOL_SOCKET, opt, , (so
}
#endif
#ifdef IPSEC
- if (ipsecsetup(sep->se_family, sep->se_fd, sep->se_policy) < 0 &&
- sep->se_policy) {
- syslog(LOG_ERR, "%s/%s: ipsec setup failed",
- sep->se_service, sep->se_proto);
- (void)close(sep->se_fd);
- sep->se_fd = -1;
- return;
+ /* Avoid setting a policy if a policy specifier doesn't exist. */
+ if (sep->se_policy != NULL) {
+ int e = ipsecsetup(sep->se_family, sep->se_fd, sep->se_policy);
+ if (e < 0) {
+ syslog(LOG_ERR, "%s/%s: ipsec setup failed",
+ sep->se_service, sep->se_proto);
+ (void)close(sep->se_fd);
+ sep->se_fd = -1;
+ return;
+ }
}
#endif
CVS commit: src/sys/arch/amd64/amd64
Module Name:src Committed By: maxv Date: Tue Oct 17 07:02:50 UTC 2017 Modified Files: src/sys/arch/amd64/amd64: copy.S Log Message: fix comment, rdx, not edx To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/sys/arch/amd64/amd64/copy.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/copy.S diff -u src/sys/arch/amd64/amd64/copy.S:1.25 src/sys/arch/amd64/amd64/copy.S:1.26 --- src/sys/arch/amd64/amd64/copy.S:1.25 Tue Oct 17 06:58:15 2017 +++ src/sys/arch/amd64/amd64/copy.S Tue Oct 17 07:02:50 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: copy.S,v 1.25 2017/10/17 06:58:15 maxv Exp $ */ +/* $NetBSD: copy.S,v 1.26 2017/10/17 07:02:50 maxv Exp $ */ /* * Copyright (c) 2001 Wasabi Systems, Inc. @@ -343,7 +343,7 @@ ENTRY(copyinstr) xorq %rax,%rax jmp copystr_return -2: /* edx is zero -- return EFAULT or ENAMETOOLONG. */ +2: /* rdx is zero -- return EFAULT or ENAMETOOLONG. */ callq smap_enable movq $VM_MAXUSER_ADDRESS,%r11 cmpq %r11,%rsi @@ -384,7 +384,7 @@ ENTRY(copystr) xorl %eax,%eax jmp 6f -4: /* edx is zero -- return ENAMETOOLONG. */ +4: /* rdx is zero -- return ENAMETOOLONG. */ movl $ENAMETOOLONG,%eax 6: /* Set *lencopied and return %eax. */
CVS commit: src/sys/arch
Module Name:src Committed By: maxv Date: Tue Oct 17 06:58:15 UTC 2017 Modified Files: src/sys/arch/amd64/amd64: copy.S trap.c src/sys/arch/amd64/include: frameasm.h src/sys/arch/x86/x86: cpu.c patch.c Log Message: Add support for SMAP on amd64. PSL_AC is cleared from %rflags in each kernel entry point. In the copy sections, a copy window is opened and the kernel can touch userland pages. This window is closed when the kernel is done, either at the end of the copy sections or in the fault-recover functions. This implementation is not optimized yet, due to the fact that INTRENTRY is a macro, and we can't hotpatch macros. Sent on tech-kern@ a month or two ago, tested on a Kabylake. To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/sys/arch/amd64/amd64/copy.S cvs rdiff -u -r1.101 -r1.102 src/sys/arch/amd64/amd64/trap.c cvs rdiff -u -r1.21 -r1.22 src/sys/arch/amd64/include/frameasm.h cvs rdiff -u -r1.136 -r1.137 src/sys/arch/x86/x86/cpu.c cvs rdiff -u -r1.22 -r1.23 src/sys/arch/x86/x86/patch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/copy.S diff -u src/sys/arch/amd64/amd64/copy.S:1.24 src/sys/arch/amd64/amd64/copy.S:1.25 --- src/sys/arch/amd64/amd64/copy.S:1.24 Fri Aug 25 11:35:03 2017 +++ src/sys/arch/amd64/amd64/copy.S Tue Oct 17 06:58:15 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: copy.S,v 1.24 2017/08/25 11:35:03 maxv Exp $ */ +/* $NetBSD: copy.S,v 1.25 2017/10/17 06:58:15 maxv Exp $ */ /* * Copyright (c) 2001 Wasabi Systems, Inc. @@ -107,6 +107,24 @@ ENTRY(do_pmap_load) ret /* + * SMAP functions. ret+int3+int3 is patched dynamically to STAC/CLAC. + */ + +ENTRY(smap_enable) +.Lclacpatch: + ret + int3 + int3 + ret + +ENTRY(smap_disable) +.Lstacpatch: + ret + int3 + int3 + ret + +/* * Copy routines from and to userland, plus a few more. See the * section 9 manpages for info. Some cases can be optimized more. * @@ -185,6 +203,7 @@ ENTRY(copyout) cmpq %r8,%rdx ja _C_LABEL(copy_efault) /* jump if end in kernel space */ + callq smap_disable .Lcopyout_start: movq %rax,%rcx /* length */ shrq $3,%rcx /* count of 8-byte words */ @@ -195,6 +214,7 @@ ENTRY(copyout) rep movsb/* copy remaining bytes */ .Lcopyout_end: + callq smap_enable xorl %eax,%eax ret @@ -212,6 +232,7 @@ ENTRY(copyin) cmpq %r8,%rdx ja _C_LABEL(copy_efault) /* j if end in kernel space */ + callq smap_disable .Lcopyin_start: 3: /* bcopy(%rsi, %rdi, %rax); */ movq %rax,%rcx @@ -223,6 +244,7 @@ ENTRY(copyin) rep movsb .Lcopyin_end: + callq smap_enable xorl %eax,%eax ret @@ -241,6 +263,7 @@ NENTRY(kcopy_fault) ret NENTRY(copy_fault) + callq smap_enable ret ENTRY(copyoutstr) @@ -261,6 +284,7 @@ ENTRY(copyoutstr) movq %rax,%r8 1: incq %rdx + callq smap_disable .Lcopyoutstr_start: 1: decq %rdx jz 2f @@ -269,6 +293,7 @@ ENTRY(copyoutstr) testb %al,%al jnz 1b .Lcopyoutstr_end: + callq smap_enable /* Success -- 0 byte reached. */ decq %rdx @@ -276,6 +301,7 @@ ENTRY(copyoutstr) jmp copystr_return 2: /* rdx is zero -- return EFAULT or ENAMETOOLONG. */ + callq smap_enable movq $VM_MAXUSER_ADDRESS,%r11 cmpq %r11,%rdi jae _C_LABEL(copystr_efault) @@ -301,6 +327,7 @@ ENTRY(copyinstr) movq %rax,%r8 1: incq %rdx + callq smap_disable .Lcopyinstr_start: 1: decq %rdx jz 2f @@ -309,6 +336,7 @@ ENTRY(copyinstr) testb %al,%al jnz 1b .Lcopyinstr_end: + callq smap_enable /* Success -- 0 byte reached. */ decq %rdx @@ -316,6 +344,7 @@ ENTRY(copyinstr) jmp copystr_return 2: /* edx is zero -- return EFAULT or ENAMETOOLONG. */ + callq smap_enable movq $VM_MAXUSER_ADDRESS,%r11 cmpq %r11,%rsi jae _C_LABEL(copystr_efault) @@ -327,6 +356,7 @@ ENTRY(copystr_efault) movl $EFAULT,%eax ENTRY(copystr_fault) + callq smap_enable copystr_return: /* Set *lencopied and return %eax. */ testq %r9,%r9 @@ -376,7 +406,9 @@ ENTRY(fuswintr) leaq _C_LABEL(fusuintrfailure)(%rip),%r11 movq %r11,PCB_ONFAULT(%rcx) + callq smap_disable movzwl (%rdi),%eax + callq smap_enable movq $0,PCB_ONFAULT(%rcx) ret @@ -390,7 +422,9 @@ ENTRY(fubyte) leaq _C_LABEL(fusufailure)(%rip),%r11 movq %r11,PCB_ONFAULT(%rcx) + callq smap_disable movzbl (%rdi),%eax + callq smap_enable movq $0,PCB_ONFAULT(%rcx) ret @@ -406,7 +440,9 @@ ENTRY(suswintr) leaq _C_LABEL(fusuintrfailure)(%rip),%r11 movq %r11,PCB_ONFAULT(%rcx) + callq smap_disable movw %si,(%rdi) + callq smap_enable xorq %rax,%rax movq %rax,PCB_ONFAULT(%rcx) @@ -422,7 +458,9 @@ ENTRY(subyte) leaq _C_LABEL(fusufailure)(%rip),%r11 movq %r11,PCB_ONFAULT(%rcx) + callq smap_disable movb %sil,(%rdi) + callq smap_enable xorq %rax,%rax movq %rax,PCB_ONFAULT(%rcx) @@ -434,11 +472,13 @@ ENTRY(subyte) * because trap.c checks for them. */ ENTRY(fusuintrfailure) + callq smap_enable movq $0,PCB_ONFAULT(%rcx)
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: maya Date: Tue Oct 17 06:50:00 UTC 2017 Modified Files: src/sys/arch/x86/x86: vmt.c vmtreg.h Log Message: Update protocol reverse engineering URL to a working one only mention it once. >From openbsd by Seth Jackson To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/sys/arch/x86/x86/vmt.c cvs rdiff -u -r1.1 -r1.2 src/sys/arch/x86/x86/vmtreg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/vmt.c diff -u src/sys/arch/x86/x86/vmt.c:1.18 src/sys/arch/x86/x86/vmt.c:1.19 --- src/sys/arch/x86/x86/vmt.c:1.18 Tue Oct 17 05:47:09 2017 +++ src/sys/arch/x86/x86/vmt.c Tue Oct 17 06:50:00 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: vmt.c,v 1.18 2017/10/17 05:47:09 maya Exp $ */ +/* $NetBSD: vmt.c,v 1.19 2017/10/17 06:50:00 maya Exp $ */ /* $OpenBSD: vmt.c,v 1.11 2011/01/27 21:29:25 dtucker Exp $ */ /* @@ -20,7 +20,7 @@ /* * Protocol reverse engineered by Ken Kato: - * http://chitchat.at.infoseek.co.jp/vmware/backdoor.html + * https://sites.google.com/site/chitchatvmback/backdoor */ #include Index: src/sys/arch/x86/x86/vmtreg.h diff -u src/sys/arch/x86/x86/vmtreg.h:1.1 src/sys/arch/x86/x86/vmtreg.h:1.2 --- src/sys/arch/x86/x86/vmtreg.h:1.1 Tue May 23 08:48:34 2017 +++ src/sys/arch/x86/x86/vmtreg.h Tue Oct 17 06:50:00 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: vmtreg.h,v 1.1 2017/05/23 08:48:34 nonaka Exp $ */ +/* $NetBSD: vmtreg.h,v 1.2 2017/10/17 06:50:00 maya Exp $ */ /* NetBSD: vmt.c,v 1.15 2016/11/10 03:32:04 ozaki-r Exp */ /* $OpenBSD: vmt.c,v 1.11 2011/01/27 21:29:25 dtucker Exp $ */ @@ -19,11 +19,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* - * Protocol reverse engineered by Ken Kato: - * http://chitchat.at.infoseek.co.jp/vmware/backdoor.html - */ - /* OS name to report to host */ #ifdef __i386__ #define VM_OS_NAME "other"
