syslogd: patch for CVE-2014-3634
Hi, our syslogd is also vulnerable to rsyslog's CVE-2014-3634. The CVE is about parsing the priority from network clients. The priority boundary isn't properly checked, which could lead to out of bounds access later on. sysklogd's commit message is pretty extensive, so have a read here: http://git.infodrom.org/?p=infodrom/sysklogd;a=commitdiff;h=5b156a903326e7d1403c1750f3721b646eaf551c The sysklogd patch (and mine which is based on it) have a change in behavior. If the priority chunk of the string is invalid, the whole line will be logged. Previously, it would log the line somewhere after the initial '' char, which initiates the priority parsing. My proposed diff should be simpler by being less intrusive. From my point of view, there is no need to work with strlen() and adding new variables. The sysklogd fix only handles network code. Same algorithm is used while reading from /dev/klog... Although I doubt that it's a practical attack vector, let's fix it for the sake of completeness. Thoughts? Okays? Tobias Index: syslogd.c === RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.129 diff -u -p -r1.129 syslogd.c --- syslogd.c 6 Oct 2014 19:36:34 - 1.129 +++ syslogd.c 12 Oct 2014 11:03:51 - @@ -104,6 +104,7 @@ const char ctty[] = _PATH_CONSOLE; #define MAXUNAMES 20 /* maximum number of user names */ +#define MAX_PRI191 /* maximum priority per RFC 3164 */ /* * Flags to logmsg(). @@ -684,12 +685,16 @@ printline(char *hname, char *msg) /* test for special codes */ pri = DEFUPRI; p = msg; - if (*p == '') { + if (p[0] == '' p[1] != '') { pri = 0; - while (isdigit((unsigned char)*++p)) + while (isdigit((unsigned char)*++p) pri = MAX_PRI) pri = 10 * pri + (*p - '0'); - if (*p == '') + if (*p == '' pri = MAX_PRI) ++p; + else { + pri = DEFUPRI; + p = msg; + } } if (pri ~ (LOG_FACMASK|LOG_PRIMASK)) pri = DEFUPRI; @@ -720,19 +725,22 @@ void printsys(char *msg) { int c, pri, flags; - char *lp, *p, *q, line[MAXLINE + 1]; + char *lp, *p, *q, *r, line[MAXLINE + 1]; (void)snprintf(line, sizeof line, %s: , _PATH_UNIX); lp = line + strlen(line); for (p = msg; *p != '\0'; ) { flags = SYNC_FILE | ADDDATE;/* fsync file after write */ pri = DEFSPRI; - if (*p == '') { + r = p; + if (r[0] == '' r[1] != '') { pri = 0; - while (isdigit((unsigned char)*++p)) - pri = 10 * pri + (*p - '0'); - if (*p == '') - ++p; + while (isdigit((unsigned char)*++r) pri = MAX_PRI) + pri = 10 * pri + (*r - '0'); + if (*r == '' pri = MAX_PRI) + p = ++r; + else + pri = DEFSPRI; } else { /* kernel printf's come out on console */ flags |= IGN_CONS;
LibreSSL 2.1.0 released.
We have released LibreSSL 2.1.0 - which should be arriving in the LIbreSSL directory of an OpenBSD mirror near you very soon. This release continues on with further work from after OpenBSD 5.6 code freeze. Our intention is to finalize LibreSSL 2.1 with OpenBSD 5.7 As noted before, we welcome feedback from the broader community. Enjoy, -Bob
ps: remove redundant prototype
The findvar() function in keyword.c contains a prototype of the vcmp() function, which is already declared further up in the same file. I'm not even sure that prototype is correct, as it fails to include the 'static' classifier (vcmp() is a static function). cheers, natano Index: keyword.c === RCS file: /cvs/src/bin/ps/keyword.c,v retrieving revision 1.40 diff -u -r1.40 keyword.c --- keyword.c 20 Mar 2014 03:38:33 - 1.40 +++ keyword.c 12 Oct 2014 17:27:55 - @@ -250,7 +250,6 @@ { VAR *v, key; char *hp; - int vcmp(const void *, const void *); key.name = p;
Re: syslogd: patch for CVE-2014-3634
On Sun, Oct 12, 2014 at 4:12 AM, Tobias Stoeckmann tob...@stoeckmann.org wrote: our syslogd is also vulnerable to rsyslog's CVE-2014-3634. The CVE is about parsing the priority from network clients. The priority boundary isn't properly checked, which could lead to out of bounds access later on. Have you actually managed to make it crash? I've already committed a check for this when this first came out, mapping out of bounds pri values to LOG_USER, and at that time no one was able to crash the code without the check... Thoughts? Okays? Meh, seems like overkill. Philip Guenther
Re: syslogd: patch for CVE-2014-3634
On Sun, Oct 12, 2014 at 11:47:36AM -0700, Philip Guenther wrote: Have you actually managed to make it crash? I've already committed a check for this when this first came out, mapping out of bounds pri values to LOG_USER, and at that time no one was able to crash the code without the check... I see your change now in revision 1.126. Yeah, that one is enough. Thanks for clarifying, my diff is useless then. Tobias
Re: syslogd: patch for CVE-2014-3634
On 2014/10/12 11:47, Philip Guenther wrote: On Sun, Oct 12, 2014 at 4:12 AM, Tobias Stoeckmann tob...@stoeckmann.org wrote: our syslogd is also vulnerable to rsyslog's CVE-2014-3634. The CVE is about parsing the priority from network clients. The priority boundary isn't properly checked, which could lead to out of bounds access later on. Have you actually managed to make it crash? I've already committed a check for this when this first came out, mapping out of bounds pri values to LOG_USER, and at that time no one was able to crash the code without the check... The bigger problem with rsyslog and the reason for the crash possibility was that it used the priority as an index to lookup a human-readable string for the priority name (one of the options in the log entry format string is to include the *name* of the priority in log lines). So the bad values caused a read past the end of the array.
em(4) fix for Intel I218 chip
This seems to be enough to help em(4) in modern laptops like the X240 to no longer generate watchdog timeouts on high throughput. This should only affect I218 but tests on different em(4) devices would not hurt. -- :wq Claudio Index: if_em_hw.c === RCS file: /cvs/src/sys/dev/pci/if_em_hw.c,v retrieving revision 1.80 diff -u -p -r1.80 if_em_hw.c --- if_em_hw.c 22 Jul 2014 13:12:11 - 1.80 +++ if_em_hw.c 28 Sep 2014 12:24:45 - @@ -163,6 +163,7 @@ int32_t em_lv_phy_workarounds_ich8lan(s int32_tem_link_stall_workaround_hv(struct em_hw *); int32_tem_k1_gig_workaround_hv(struct em_hw *, boolean_t); int32_tem_k1_workaround_lv(struct em_hw *); +int32_tem_k1_workaround_lpt_lp(struct em_hw *, boolean_t); int32_tem_configure_k1_ich8lan(struct em_hw *, boolean_t); void em_gate_hw_phy_config_ich8lan(struct em_hw *, boolean_t); int32_tem_access_phy_wakeup_reg_bm(struct em_hw *, uint32_t, @@ -3709,6 +3710,16 @@ em_check_for_link(struct em_hw *hw) if (ret_val) return ret_val; } + /* Work-around I218 hang issue */ + if ((hw-device_id == E1000_DEV_ID_PCH_LPTLP_I218_LM) || + (hw-device_id == E1000_DEV_ID_PCH_LPTLP_I218_V) || + (hw-device_id == E1000_DEV_ID_PCH_I218_LM3) || + (hw-device_id == E1000_DEV_ID_PCH_I218_V3)) { + ret_val = em_k1_workaround_lpt_lp(hw, + hw-icp__is_link_up); + if (ret_val) + return ret_val; + } /* * Check if there was DownShift, must be checked @@ -5104,7 +5115,6 @@ em_kumeran_lock_loss_workaround(struct e * Attempting this while link is negotiating fouled up link stability */ ret_val = em_read_phy_reg(hw, PHY_STATUS, phy_data); - ret_val = em_read_phy_reg(hw, PHY_STATUS, phy_data); if (phy_data MII_SR_LINK_STATUS) { for (cnt = 0; cnt 10; cnt++) { @@ -10185,6 +10195,84 @@ em_k1_workaround_lv(struct em_hw *hw) return E1000_SUCCESS; } + +/** + * em_k1_workaround_lpt_lp - K1 workaround on Lynxpoint-LP + * + * When K1 is enabled for 1Gbps, the MAC can miss 2 DMA completion indications + * preventing further DMA write requests. Workaround the issue by disabling + * the de-assertion of the clock request when in 1Gpbs mode. + * Also, set appropriate Tx re-transmission timeouts for 10 and 100Half link + * speeds in order to avoid Tx hangs. + **/ +int32_t +em_k1_workaround_lpt_lp(struct em_hw *hw, boolean_t link) +{ + uint32_t fextnvm6 = E1000_READ_REG(hw, FEXTNVM6); + uint32_t status = E1000_READ_REG(hw, STATUS); + int32_t ret_val = E1000_SUCCESS; + uint16_t reg; + + if (link (status E1000_STATUS_SPEED_1000)) { + ret_val = em_read_kmrn_reg(hw, E1000_KMRNCTRLSTA_K1_CONFIG, + reg); + if (ret_val) + return ret_val; + + ret_val = em_write_kmrn_reg(hw, E1000_KMRNCTRLSTA_K1_CONFIG, + reg ~E1000_KMRNCTRLSTA_K1_ENABLE); + if (ret_val) + return ret_val; + + usec_delay(10); + + E1000_WRITE_REG(hw, FEXTNVM6, + fextnvm6 | E1000_FEXTNVM6_REQ_PLL_CLK); + + ret_val = em_write_kmrn_reg(hw, E1000_KMRNCTRLSTA_K1_CONFIG, + reg); + } else { + /* clear FEXTNVM6 bit 8 on link down or 10/100 */ + fextnvm6 = ~E1000_FEXTNVM6_REQ_PLL_CLK; + + if (!link || ((status E1000_STATUS_SPEED_100) + (status E1000_STATUS_FD))) + goto update_fextnvm6; + + ret_val = em_read_phy_reg(hw, I217_INBAND_CTRL, reg); + if (ret_val) + return ret_val; + + /* Clear link status transmit timeout */ + reg = ~I217_INBAND_CTRL_LINK_STAT_TX_TIMEOUT_MASK; + + if (status E1000_STATUS_SPEED_100) { + /* Set inband Tx timeout to 5x10us for 100Half */ + reg |= 5 I217_INBAND_CTRL_LINK_STAT_TX_TIMEOUT_SHIFT; + + /* Do not extend the K1 entry latency for 100Half */ + fextnvm6 = ~E1000_FEXTNVM6_ENABLE_K1_ENTRY_CONDITION; + } else { + /* Set inband Tx timeout to 50x10us for 10Full/Half */ + reg |= 50 + I217_INBAND_CTRL_LINK_STAT_TX_TIMEOUT_SHIFT; + +
Re: improving OpenBSD's gmac.c...
Here's a cleaned-up diff. Briefly tested on amd64 sparc64. I'll do some more testing tomorrow. This already has mikeb@'s blessing. Index: regress/sys/crypto/gmac/Makefile === RCS file: /cvs/src/regress/sys/crypto/gmac/Makefile,v retrieving revision 1.2 diff -u -p -r1.2 Makefile --- regress/sys/crypto/gmac/Makefile18 Jan 2014 05:54:52 - 1.2 +++ regress/sys/crypto/gmac/Makefile12 Oct 2014 19:05:35 - @@ -3,7 +3,7 @@ DIR=${.CURDIR}/../../../../sys PROG= gmac_test -SRCS+= rijndael.c gmac.c gmac_test.c +SRCS+= rijndael.c gfmult.c gmac.c gmac_test.c CDIAGFLAGS=-Wall CDIAGFLAGS+= -Werror CDIAGFLAGS+= -Wpointer-arith Index: sys/crypto/gfmult.c === RCS file: sys/crypto/gfmult.c diff -N sys/crypto/gfmult.c --- /dev/null 1 Jan 1970 00:00:00 - +++ sys/crypto/gfmult.c 12 Oct 2014 17:28:42 - @@ -0,0 +1,275 @@ +/*- + * Copyright (c) 2014 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by John-Mark Gurney under + * the sponsorship of the FreeBSD Foundation and + * Rubicon Communications, LLC (Netgate). + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + * + */ + +#include crypto/gfmult.h + +#define REV_POLY_REDUCT0xe1/* 0x87 bit reversed */ + +/* reverse the bits of a nibble */ +static const uint8_t nib_rev[] = { + 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, + 0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf, +}; + +/* calulate v * 2 */ +static inline struct gf128 +gf128_mulalpha(struct gf128 v) +{ + uint64_t mask; + + mask = !!(v.v[1] 1); + mask = ~(mask - 1); + v.v[1] = (v.v[1] 1) | ((v.v[0] 1) 63); + v.v[0] = (v.v[0] 1) ^ ((mask REV_POLY_REDUCT) 56); + + return v; +} + +/* + * Generate a table for 0-16 * h. Store the results in the table w/ indexes + * bit reversed, and the words striped across the values. + */ +void +gf128_genmultable(struct gf128 h, struct gf128table *t) +{ + struct gf128 tbl[16]; + int i; + + tbl[0] = MAKE_GF128(0, 0); + tbl[1] = h; + + for (i = 2; i 16; i += 2) { + tbl[i] = gf128_mulalpha(tbl[i / 2]); + tbl[i + 1] = gf128_add(tbl[i], h); + } + + for (i = 0; i 16; i++) { + t-a[nib_rev[i]] = tbl[i].v[0] 32; + t-b[nib_rev[i]] = tbl[i].v[0]; + t-c[nib_rev[i]] = tbl[i].v[1] 32; + t-d[nib_rev[i]] = tbl[i].v[1]; + } +} + +/* + * Generate tables containing h, h^2, h^3 and h^4, starting at 0. + */ +void +gf128_genmultable4(struct gf128 h, struct gf128table4 *t) +{ + struct gf128 h2, h3, h4; + + gf128_genmultable(h, t-tbls[0]); + + h2 = gf128_mul(h, t-tbls[0]); + + gf128_genmultable(h2, t-tbls[1]); + + h3 = gf128_mul(h, t-tbls[1]); + gf128_genmultable(h3, t-tbls[2]); + + h4 = gf128_mul(h2, t-tbls[1]); + gf128_genmultable(h4, t-tbls[3]); +} + +/* + * Read a row from the table. + */ +static inline struct gf128 +readrow(struct gf128table *tbl, unsigned bits) +{ + struct gf128 r; + + bits = bits % 16; + + r.v[0] = ((uint64_t)tbl-a[bits] 32) | tbl-b[bits]; + r.v[1] = ((uint64_t)tbl-c[bits] 32) | tbl-d[bits]; + + return r; +} + +/* + * These are the reduction values. Since we are dealing with bit reversed + * version, the values need to be bit reversed, AND the indexes are also + * bit reversed to make lookups quicker. + */ +static uint16_t reduction[] = { + 0x, 0x1c20, 0x3840, 0x2460, 0x7080, 0x6ca0, 0x48c0, 0x54e0, + 0xe100, 0xfd20, 0xd940, 0xc560, 0x9180, 0x8da0,
Re: improving OpenBSD's gmac.c...
dont you need endian.h to get bemtoh64 and htobem64? On 13 Oct 2014, at 7:57, Christian Weisgerber na...@mips.inka.de wrote: Here's a cleaned-up diff. Briefly tested on amd64 sparc64. I'll do some more testing tomorrow. This already has mikeb@'s blessing. Index: regress/sys/crypto/gmac/Makefile === RCS file: /cvs/src/regress/sys/crypto/gmac/Makefile,v retrieving revision 1.2 diff -u -p -r1.2 Makefile --- regress/sys/crypto/gmac/Makefile 18 Jan 2014 05:54:52 - 1.2 +++ regress/sys/crypto/gmac/Makefile 12 Oct 2014 19:05:35 - @@ -3,7 +3,7 @@ DIR=${.CURDIR}/../../../../sys PROG= gmac_test -SRCS+= rijndael.c gmac.c gmac_test.c +SRCS+= rijndael.c gfmult.c gmac.c gmac_test.c CDIAGFLAGS= -Wall CDIAGFLAGS+= -Werror CDIAGFLAGS+= -Wpointer-arith Index: sys/crypto/gfmult.c === RCS file: sys/crypto/gfmult.c diff -N sys/crypto/gfmult.c --- /dev/null 1 Jan 1970 00:00:00 - +++ sys/crypto/gfmult.c 12 Oct 2014 17:28:42 - @@ -0,0 +1,275 @@ +/*- + * Copyright (c) 2014 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by John-Mark Gurney under + * the sponsorship of the FreeBSD Foundation and + * Rubicon Communications, LLC (Netgate). + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + * + */ + +#include crypto/gfmult.h + +#define REV_POLY_REDUCT 0xe1/* 0x87 bit reversed */ + +/* reverse the bits of a nibble */ +static const uint8_t nib_rev[] = { + 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, + 0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf, +}; + +/* calulate v * 2 */ +static inline struct gf128 +gf128_mulalpha(struct gf128 v) +{ + uint64_t mask; + + mask = !!(v.v[1] 1); + mask = ~(mask - 1); + v.v[1] = (v.v[1] 1) | ((v.v[0] 1) 63); + v.v[0] = (v.v[0] 1) ^ ((mask REV_POLY_REDUCT) 56); + + return v; +} + +/* + * Generate a table for 0-16 * h. Store the results in the table w/ indexes + * bit reversed, and the words striped across the values. + */ +void +gf128_genmultable(struct gf128 h, struct gf128table *t) +{ + struct gf128 tbl[16]; + int i; + + tbl[0] = MAKE_GF128(0, 0); + tbl[1] = h; + + for (i = 2; i 16; i += 2) { + tbl[i] = gf128_mulalpha(tbl[i / 2]); + tbl[i + 1] = gf128_add(tbl[i], h); + } + + for (i = 0; i 16; i++) { + t-a[nib_rev[i]] = tbl[i].v[0] 32; + t-b[nib_rev[i]] = tbl[i].v[0]; + t-c[nib_rev[i]] = tbl[i].v[1] 32; + t-d[nib_rev[i]] = tbl[i].v[1]; + } +} + +/* + * Generate tables containing h, h^2, h^3 and h^4, starting at 0. + */ +void +gf128_genmultable4(struct gf128 h, struct gf128table4 *t) +{ + struct gf128 h2, h3, h4; + + gf128_genmultable(h, t-tbls[0]); + + h2 = gf128_mul(h, t-tbls[0]); + + gf128_genmultable(h2, t-tbls[1]); + + h3 = gf128_mul(h, t-tbls[1]); + gf128_genmultable(h3, t-tbls[2]); + + h4 = gf128_mul(h2, t-tbls[1]); + gf128_genmultable(h4, t-tbls[3]); +} + +/* + * Read a row from the table. + */ +static inline struct gf128 +readrow(struct gf128table *tbl, unsigned bits) +{ + struct gf128 r; + + bits = bits % 16; + + r.v[0] = ((uint64_t)tbl-a[bits] 32) | tbl-b[bits]; + r.v[1] = ((uint64_t)tbl-c[bits] 32) | tbl-d[bits]; + + return r; +} + +/* + * These are the reduction values. Since we are dealing with bit reversed + * version, the values need to be bit reversed, AND the indexes are also + *
Re: LibreSSL 2.1.0 released.
Sun, Oct 12, 2014 at 07:36:02PM CEST, b...@openbsd.org napsal(a): We have released LibreSSL 2.1.0 - which should be arriving in the LIbreSSL directory of an OpenBSD mirror near you very soon. This release continues on with further work from after OpenBSD 5.6 code freeze. Our intention is to finalize LibreSSL 2.1 with OpenBSD 5.7 As noted before, we welcome feedback from the broader community. Enjoy, -Bob I'm willing to help with LibreSSL testing and also with fixes. Where / how I shall start? Thank you, Jiri Navratil