Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:46:56 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: netbsd32_machdep.c
Log Message:
Style and remove dead stuff.
To generate a diff of this commit:
cvs rdiff -u -r1.126 -r1.127 src/sys/arch/amd64/amd64/netbsd32_
Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:46:56 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: netbsd32_machdep.c
Log Message:
Style and remove dead stuff.
To generate a diff of this commit:
cvs rdiff -u -r1.126 -r1.127 src/sys/arch/amd64/amd64/netbsd32_
Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:33:12 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: netbsd32_machdep.c
Log Message:
Don't depend on #ifdef USER_LDT in cpu_mcontext32_validate(), but rather on
whether the proc uses a user-set LDT. Same as check_s
Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:33:12 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: netbsd32_machdep.c
Log Message:
Don't depend on #ifdef USER_LDT in cpu_mcontext32_validate(), but rather on
whether the proc uses a user-set LDT. Same as check_s
Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:16:07 UTC 2019
Modified Files:
src/sys/arch/amd64/conf: XEN3_DOM0 XEN3_DOMU XEN3_PVHVM
src/sys/arch/i386/conf: XEN3PAE_DOM0 XEN3PAE_DOMU XEN3PAE_PVHVM
Log Message:
No USER_LDT on Xen.
To generate a diff of th
Module Name:src
Committed By: maxv
Date: Wed Aug 21 12:16:07 UTC 2019
Modified Files:
src/sys/arch/amd64/conf: XEN3_DOM0 XEN3_DOMU XEN3_PVHVM
src/sys/arch/i386/conf: XEN3PAE_DOM0 XEN3PAE_DOMU XEN3PAE_PVHVM
Log Message:
No USER_LDT on Xen.
To generate a diff of th
Module Name:src
Committed By: maxv
Date: Tue Aug 20 18:43:57 UTC 2019
Modified Files:
src/sys/dev/sysmon: sysmon_power.c
Log Message:
Fix info leak, not all of 'pev' is initialized.
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 src/sys/dev/sysmon/sysmon_p
Module Name:src
Committed By: maxv
Date: Tue Aug 20 18:43:57 UTC 2019
Modified Files:
src/sys/dev/sysmon: sysmon_power.c
Log Message:
Fix info leak, not all of 'pev' is initialized.
To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 src/sys/dev/sysmon/sysmon_p
Le 20/08/2019 à 11:32, Christos Zoulas a écrit :
Module Name:src
Committed By: christos
Date: Tue Aug 20 09:32:21 UTC 2019
Modified Files:
src/sys/compat/netbsd32: files.netbsd32 netbsd32_ioctl.c
netbsd32_ioctl.h
Added Files:
src/sys/compat/netbsd32: n
Module Name:src
Committed By: maxv
Date: Tue Aug 20 12:25:41 UTC 2019
Modified Files:
src/sys/compat/netbsd32: files.netbsd32
src/sys/modules/compat_netbsd32: Makefile
Log Message:
Disable netbsd32_drm.c until it receives proper review.
To generate a diff of this
Module Name:src
Committed By: maxv
Date: Tue Aug 20 12:25:41 UTC 2019
Modified Files:
src/sys/compat/netbsd32: files.netbsd32
src/sys/modules/compat_netbsd32: Makefile
Log Message:
Disable netbsd32_drm.c until it receives proper review.
To generate a diff of this
Module Name:src
Committed By: maxv
Date: Sat Aug 17 12:37:49 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Kernel Heap Hardening: use bitmaps on all off-page pools. This migrates 29
MI pools on amd64 from linked lists to bitmaps, which have higher securit
Module Name:src
Committed By: maxv
Date: Sat Aug 17 12:37:49 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Kernel Heap Hardening: use bitmaps on all off-page pools. This migrates 29
MI pools on amd64 from linked lists to bitmaps, which have higher securit
Module Name:src
Committed By: maxv
Date: Fri Aug 16 10:41:35 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Initialize pp->pr_redzone to false. For some reason with KUBSAN GCC does
not eliminate the unused branch in pr_item_linkedlist_put(), and this
leads
Module Name:src
Committed By: maxv
Date: Fri Aug 16 10:41:35 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Initialize pp->pr_redzone to false. For some reason with KUBSAN GCC does
not eliminate the unused branch in pr_item_linkedlist_put(), and this
leads
Le 16/08/2019 à 00:05, matthew green a écrit :
KMEM_GUARD is useful for platforms that don't have kasan yet.
Verily it was not.
1) The place where diagnostic/debug features should be implemented is pool(9),
not kmem(9). Pools represent all of the dynamic system memory, kmem only a
sma
Module Name:src
Committed By: maxv
Date: Thu Aug 15 12:24:09 UTC 2019
Modified Files:
src/share/man/man9: kmem.9
src/sys/arch/mips/mips: pmap_machdep.c
src/sys/kern: files.kern
Log Message:
Unlink KMEM_GUARD leftovers.
To generate a diff of this commit:
c
Module Name:src
Committed By: maxv
Date: Thu Aug 15 12:24:09 UTC 2019
Modified Files:
src/share/man/man9: kmem.9
src/sys/arch/mips/mips: pmap_machdep.c
src/sys/kern: files.kern
Log Message:
Unlink KMEM_GUARD leftovers.
To generate a diff of this commit:
c
Module Name:src
Committed By: maxv
Date: Thu Aug 15 12:06:42 UTC 2019
Modified Files:
src/sys/kern: subr_kmem.c
Log Message:
Retire KMEM_GUARD. It has been superseded by kASan, which is much more
powerful, has much more coverage - far beyond just kmem(9) -, and also
consum
Module Name:src
Committed By: maxv
Date: Thu Aug 15 12:06:42 UTC 2019
Modified Files:
src/sys/kern: subr_kmem.c
Log Message:
Retire KMEM_GUARD. It has been superseded by kASan, which is much more
powerful, has much more coverage - far beyond just kmem(9) -, and also
consum
Module Name:src
Committed By: maxv
Date: Tue Aug 13 09:48:24 UTC 2019
Modified Files:
src/dist/pf/usr.sbin/ftp-proxy: npf.c
src/usr.sbin/pf/ftp-proxy: Makefile
Log Message:
sync with reality
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/dist/pf/
Module Name:src
Committed By: maxv
Date: Tue Aug 13 09:48:24 UTC 2019
Modified Files:
src/dist/pf/usr.sbin/ftp-proxy: npf.c
src/usr.sbin/pf/ftp-proxy: Makefile
Log Message:
sync with reality
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/dist/pf/
Module Name:src
Committed By: maxv
Date: Wed Aug 7 10:36:19 UTC 2019
Modified Files:
src/sys/dev: fss.c
Log Message:
Check fc_type before fc_cluster, because the latter may not be initialized.
This is harmless because fc_type is always initialized properly, so the
next br
Module Name:src
Committed By: maxv
Date: Wed Aug 7 10:36:19 UTC 2019
Modified Files:
src/sys/dev: fss.c
Log Message:
Check fc_type before fc_cluster, because the latter may not be initialized.
This is harmless because fc_type is always initialized properly, so the
next br
Module Name:src
Committed By: maxv
Date: Wed Aug 7 08:47:09 UTC 2019
Modified Files:
src/sys/dev/usb: usb.h usb_subr.c
Log Message:
Introduce USB_DESCRIPTOR_SIZE (3), and fix two bugs:
1) In usbd_find_idesc(), make sure the tables we're reading fit in the
allocated
Module Name:src
Committed By: maxv
Date: Wed Aug 7 08:47:09 UTC 2019
Modified Files:
src/sys/dev/usb: usb.h usb_subr.c
Log Message:
Introduce USB_DESCRIPTOR_SIZE (3), and fix two bugs:
1) In usbd_find_idesc(), make sure the tables we're reading fit in the
allocated
Module Name:src
Committed By: maxv
Date: Wed Aug 7 06:28:03 UTC 2019
Modified Files:
src/sys/arch/amd64/conf: GENERIC
Log Message:
Sync with reality.
To generate a diff of this commit:
cvs rdiff -u -r1.532 -r1.533 src/sys/arch/amd64/conf/GENERIC
Please note that diffs
Module Name:src
Committed By: maxv
Date: Wed Aug 7 06:28:03 UTC 2019
Modified Files:
src/sys/arch/amd64/conf: GENERIC
Log Message:
Sync with reality.
To generate a diff of this commit:
cvs rdiff -u -r1.532 -r1.533 src/sys/arch/amd64/conf/GENERIC
Please note that diffs
Module Name:src
Committed By: maxv
Date: Wed Aug 7 06:23:48 UTC 2019
Modified Files:
src/sys/arch/amd64/include: pmap.h
src/sys/arch/x86/include: cpu.h pmap.h
src/sys/arch/x86/x86: pmap.c svs.c
Log Message:
Add support for USER_LDT in SVS. This allows us t
Module Name:src
Committed By: maxv
Date: Wed Aug 7 06:23:48 UTC 2019
Modified Files:
src/sys/arch/amd64/include: pmap.h
src/sys/arch/x86/include: cpu.h pmap.h
src/sys/arch/x86/x86: pmap.c svs.c
Log Message:
Add support for USER_LDT in SVS. This allows us t
should understand that rmind is ok with this
change right?
christos
On Aug 6, 2019, at 1:26 PM, Maxime Villard wrote:
Le 06/08/2019 à 12:25, Christos Zoulas a écrit :
Module Name:src
Committed By: christos
Date: Tue Aug 6 10:25:13 UTC 2019
Modified Files:
src/sys/net
Le 06/08/2019 à 12:25, Christos Zoulas a écrit :
Module Name:src
Committed By: christos
Date: Tue Aug 6 10:25:13 UTC 2019
Modified Files:
src/sys/net/npf: npf_conn.c
Log Message:
Introduce an npf_conn_destroy_idx() that can handle partially constructed
conn structures.
Module Name:src
Committed By: maxv
Date: Tue Aug 6 08:10:27 UTC 2019
Modified Files:
src/sys/uvm: uvm_mmap.c
Log Message:
Change 'npgs' from int to size_t. Otherwise the 64bit->32bit conversion
could lead to npgs=0, which is not expected. It later triggers a panic
in uvm_
Module Name:src
Committed By: maxv
Date: Tue Aug 6 08:10:27 UTC 2019
Modified Files:
src/sys/uvm: uvm_mmap.c
Log Message:
Change 'npgs' from int to size_t. Otherwise the 64bit->32bit conversion
could lead to npgs=0, which is not expected. It later triggers a panic
in uvm_
Module Name:src
Committed By: maxv
Date: Sun Aug 4 14:30:36 UTC 2019
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix info leaks.
To generate a diff of this commit:
cvs rdiff -u -r1.265 -r1.266 src/sys/netipsec/key.c
Please note that diffs are not public domain
Module Name:src
Committed By: maxv
Date: Sun Aug 4 14:30:36 UTC 2019
Modified Files:
src/sys/netipsec: key.c
Log Message:
Fix info leaks.
To generate a diff of this commit:
cvs rdiff -u -r1.265 -r1.266 src/sys/netipsec/key.c
Please note that diffs are not public domain
Module Name:src
Committed By: maxv
Date: Sat Aug 3 09:31:07 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Replace || by && in KASAN, to increase the pool coverage.
Strictly speaking, what we want to avoid is poisoning buffers that were
referenced in a g
Module Name:src
Committed By: maxv
Date: Sat Aug 3 09:31:07 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Replace || by && in KASAN, to increase the pool coverage.
Strictly speaking, what we want to avoid is poisoning buffers that were
referenced in a g
Module Name:src
Committed By: maxv
Date: Fri Aug 2 05:22:14 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Kernel Heap Hardening: perform certain sanity checks on the pool caches
directly, to immediately detect certain bugs that would otherwise have
been
Module Name:src
Committed By: maxv
Date: Fri Aug 2 05:22:14 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
Kernel Heap Hardening: perform certain sanity checks on the pool caches
directly, to immediately detect certain bugs that would otherwise have
been
Module Name:src
Committed By: maxv
Date: Wed Jul 31 19:40:59 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c usbdi_util.c
Log Message:
1) Make sure we have a complete endpoint descriptor header, otherwise
small overflow.
2) Make sure the total length of the bos
Module Name:src
Committed By: maxv
Date: Wed Jul 31 19:40:59 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c usbdi_util.c
Log Message:
1) Make sure we have a complete endpoint descriptor header, otherwise
small overflow.
2) Make sure the total length of the bos
Module Name:src
Committed By: maxv
Date: Mon Jul 29 09:42:17 UTC 2019
Modified Files:
src/sys/kern: uipc_usrreq.c
Log Message:
Fix info leak: the padding after the header causes uninitialized heap
memory to be copied to userland in sys_recvmsg().
To generate a diff of th
Module Name:src
Committed By: maxv
Date: Mon Jul 29 09:42:17 UTC 2019
Modified Files:
src/sys/kern: uipc_usrreq.c
Log Message:
Fix info leak: the padding after the header causes uninitialized heap
memory to be copied to userland in sys_recvmsg().
To generate a diff of th
Module Name:src
Committed By: maxv
Date: Tue Jul 23 17:21:33 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
1) If the descriptor length is bigger than the USB string descriptor
itself, error out. Otherwise there is a small overflow (seen on KASAN,
Module Name:src
Committed By: maxv
Date: Tue Jul 23 17:21:33 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
1) If the descriptor length is bigger than the USB string descriptor
itself, error out. Otherwise there is a small overflow (seen on KASAN,
Module Name:src
Committed By: maxv
Date: Sun Jul 14 05:58:44 UTC 2019
Modified Files:
src/sys/fs/tmpfs: tmpfs_rename.c
Log Message:
Fix uninitialized variable: if 'tvp' is NULL, '*tdep' is not initialized.
This could have caused the KASSERT to wrongfully fire.
ok riastrad
Module Name:src
Committed By: maxv
Date: Sun Jul 14 05:58:44 UTC 2019
Modified Files:
src/sys/fs/tmpfs: tmpfs_rename.c
Log Message:
Fix uninitialized variable: if 'tvp' is NULL, '*tdep' is not initialized.
This could have caused the KASSERT to wrongfully fire.
ok riastrad
Module Name:src
Committed By: maxv
Date: Sat Jul 13 14:24:37 UTC 2019
Modified Files:
src/sys/fs/tmpfs: tmpfs_mem.c
Log Message:
Remove the roundups, they are incorrect and cause memcmp to wrongfully fail
because of uninitialized bytes at the end of the buffers.
ok rmind@
Module Name:src
Committed By: maxv
Date: Sat Jul 13 14:24:37 UTC 2019
Modified Files:
src/sys/fs/tmpfs: tmpfs_mem.c
Log Message:
Remove the roundups, they are incorrect and cause memcmp to wrongfully fail
because of uninitialized bytes at the end of the buffers.
ok rmind@
Module Name:src
Committed By: maxv
Date: Fri Jul 12 17:18:30 UTC 2019
Modified Files:
src/sys/fs/cd9660: cd9660_vnops.c
Log Message:
Fix info leak: zero out the buffer, because it is not entirely filled, and
the uninitialized bytes get copied to userland in sys___getdens30
Module Name:src
Committed By: maxv
Date: Fri Jul 12 17:18:30 UTC 2019
Modified Files:
src/sys/fs/cd9660: cd9660_vnops.c
Log Message:
Fix info leak: zero out the buffer, because it is not entirely filled, and
the uninitialized bytes get copied to userland in sys___getdens30
Module Name:src
Committed By: maxv
Date: Thu Jul 11 17:30:44 UTC 2019
Modified Files:
src/sys/kern: uipc_socket2.c
Log Message:
Fix info leaks: the alignment of the structures causes uninitialized heap
memory to be copied to userland in sys_recvmsg().
To generate a diff
Module Name:src
Committed By: maxv
Date: Thu Jul 11 17:30:44 UTC 2019
Modified Files:
src/sys/kern: uipc_socket2.c
Log Message:
Fix info leaks: the alignment of the structures causes uninitialized heap
memory to be copied to userland in sys_recvmsg().
To generate a diff
Module Name:src
Committed By: maxv
Date: Thu Jul 11 17:07:10 UTC 2019
Modified Files:
src/sys/uvm: uvm_map.c
Log Message:
Fix info leak: 'map_attrib' is not used in UVM, and contains uninitialized
heap garbage. Return zero. Maybe we should remove the field completely.
To
Module Name:src
Committed By: maxv
Date: Thu Jul 11 17:07:10 UTC 2019
Modified Files:
src/sys/uvm: uvm_map.c
Log Message:
Fix info leak: 'map_attrib' is not used in UVM, and contains uninitialized
heap garbage. Return zero. Maybe we should remove the field completely.
To
Module Name:src
Committed By: maxv
Date: Thu Jul 11 16:59:14 UTC 2019
Modified Files:
src/sys/miscfs/genfs: genfs_io.c
Log Message:
Fix (harmless) uninitialized variable: 'pg' could be 'endm', in which case
'pg->uobject' would not be initialized. Just invert the two last c
Module Name:src
Committed By: maxv
Date: Thu Jul 11 16:59:14 UTC 2019
Modified Files:
src/sys/miscfs/genfs: genfs_io.c
Log Message:
Fix (harmless) uninitialized variable: 'pg' could be 'endm', in which case
'pg->uobject' would not be initialized. Just invert the two last c
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:55:33 UTC 2019
Modified Files:
src/sys/net: bpf.c
Log Message:
Fix info leak: use kmem_zalloc, because we align the buffers, and the
otherwise uninitialized padding bytes get copied to userland in bpf_read().
To gene
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:55:33 UTC 2019
Modified Files:
src/sys/net: bpf.c
Log Message:
Fix info leak: use kmem_zalloc, because we align the buffers, and the
otherwise uninitialized padding bytes get copied to userland in bpf_read().
To gene
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:52:22 UTC 2019
Modified Files:
src/sys/kern: sys_lwp.c
Log Message:
Fix info leak: instead of using SS_INIT as a literal compound, use a global
variable from rodata. The compound gets pushed on the stack, the padding
o
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:52:22 UTC 2019
Modified Files:
src/sys/kern: sys_lwp.c
Log Message:
Fix info leak: instead of using SS_INIT as a literal compound, use a global
variable from rodata. The compound gets pushed on the stack, the padding
o
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:32:38 UTC 2019
Modified Files:
src/sys/kern: subr_cprng.c
Log Message:
Zero out 'cprng->cs_name' entirely. Otherwise the RND pool gets polluted
by uninitialized bits from the end of the string.
To generate a diff of
Module Name:src
Committed By: maxv
Date: Wed Jul 10 17:32:38 UTC 2019
Modified Files:
src/sys/kern: subr_cprng.c
Log Message:
Zero out 'cprng->cs_name' entirely. Otherwise the RND pool gets polluted
by uninitialized bits from the end of the string.
To generate a diff of
Module Name:src
Committed By: maxv
Date: Tue Jul 9 17:06:46 UTC 2019
Modified Files:
src/sys/dev/dkwedge: dkwedge_apple.c dkwedge_bsdlabel.c dkwedge_gpt.c
dkwedge_mbr.c dkwedge_rdb.c
Log Message:
Fix info leak: always clear 'dkw', because some of its (otherwis
Module Name:src
Committed By: maxv
Date: Tue Jul 9 17:06:46 UTC 2019
Modified Files:
src/sys/dev/dkwedge: dkwedge_apple.c dkwedge_bsdlabel.c dkwedge_gpt.c
dkwedge_mbr.c dkwedge_rdb.c
Log Message:
Fix info leak: always clear 'dkw', because some of its (otherwis
Module Name:src
Committed By: maxv
Date: Tue Jul 9 16:56:24 UTC 2019
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Fix uninitialized variable: in ipsec_checkpcbcache(), spidx.dir is not
initialized, and the padding of the spidx structure is not initialized
either
Module Name:src
Committed By: maxv
Date: Tue Jul 9 16:56:24 UTC 2019
Modified Files:
src/sys/netipsec: ipsec.c
Log Message:
Fix uninitialized variable: in ipsec_checkpcbcache(), spidx.dir is not
initialized, and the padding of the spidx structure is not initialized
either
Module Name:src
Committed By: maxv
Date: Sun Jul 7 15:12:59 UTC 2019
Modified Files:
src/sys/kern: kern_todr.c
Log Message:
The whole 'tv' structure gets added to the RND pool, so clear it first,
otherwise each random buffer gets tainted by uninitialized bytes from the
pa
Module Name:src
Committed By: maxv
Date: Sun Jul 7 15:12:59 UTC 2019
Modified Files:
src/sys/kern: kern_todr.c
Log Message:
The whole 'tv' structure gets added to the RND pool, so clear it first,
otherwise each random buffer gets tainted by uninitialized bytes from the
pa
em, disabling port 1
Thomas
On Sat, Jul 06, 2019 at 05:05:54AM +, Maxime Villard wrote:
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:05:53 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
Fix two length checks, otherwise a malicious USB k
Module Name:src
Committed By: maxv
Date: Sat Jul 6 14:37:24 UTC 2019
Modified Files:
src/sys/kern: vfs_syscalls.c
Log Message:
Fix bug: if seg == UIO_SYSSPACE, tv[] is not initialized. The branches
should depend on tptr[] instead.
To generate a diff of this commit:
cvs
Module Name:src
Committed By: maxv
Date: Sat Jul 6 14:37:24 UTC 2019
Modified Files:
src/sys/kern: vfs_syscalls.c
Log Message:
Fix bug: if seg == UIO_SYSSPACE, tv[] is not initialized. The branches
should depend on tptr[] instead.
To generate a diff of this commit:
cvs
Module Name:src
Committed By: maxv
Date: Sat Jul 6 14:27:39 UTC 2019
Modified Files:
src/sys/kern: vfs_lookup.c
Log Message:
Fix (harmless) uninitialized variable. In the path
namei_tryemulroot -> namei_oneroot-> namei_start
There was a branch where 'ndp->ni_ero
Module Name:src
Committed By: maxv
Date: Sat Jul 6 14:27:39 UTC 2019
Modified Files:
src/sys/kern: vfs_lookup.c
Log Message:
Fix (harmless) uninitialized variable. In the path
namei_tryemulroot -> namei_oneroot-> namei_start
There was a branch where 'ndp->ni_ero
Mmh no I see, the min descriptor length check we should add is 3 bytes, and my
check should be moved below in the idesc branch. I'll re-fix that next week.
Le 06/07/2019 à 10:04, Maxime Villard a écrit :
Can you add printfs in these two functions to dump 'bLength'?
I've
Module Name:src
Committed By: maxv
Date: Sat Jul 6 08:00:19 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
Revert previous, for now.
To generate a diff of this commit:
cvs rdiff -u -r1.231 -r1.232 src/sys/dev/usb/usb_subr.c
Please note that diffs are
Module Name:src
Committed By: maxv
Date: Sat Jul 6 08:00:19 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
Revert previous, for now.
To generate a diff of this commit:
cvs rdiff -u -r1.231 -r1.232 src/sys/dev/usb/usb_subr.c
Please note that diffs are
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:41:23 UTC 2019
Modified Files:
src/sys/dev/dkwedge: dkwedge_apple.c
Log Message:
Add a condition in the loop. Otherwise there could be an infinite loop,
and we could also be wrongfully adding more wedges than necessary
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:41:23 UTC 2019
Modified Files:
src/sys/dev/dkwedge: dkwedge_apple.c
Log Message:
Add a condition in the loop. Otherwise there could be an infinite loop,
and we could also be wrongfully adding more wedges than necessary
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:13:11 UTC 2019
Modified Files:
src/sys/dev/nvmm: nvmm.c nvmm_internal.h
Log Message:
Localify two functions that are no longer used outside. Also return the
error from the *_vcpu_run() functions, now that we commit the
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:13:11 UTC 2019
Modified Files:
src/sys/dev/nvmm: nvmm.c nvmm_internal.h
Log Message:
Localify two functions that are no longer used outside. Also return the
error from the *_vcpu_run() functions, now that we commit the
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:05:53 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
Fix two length checks, otherwise a malicious USB key plugged in the
system could trigger overflows, seen with KASAN.
To generate a diff of this
Module Name:src
Committed By: maxv
Date: Sat Jul 6 05:05:53 UTC 2019
Modified Files:
src/sys/dev/usb: usb_subr.c
Log Message:
Fix two length checks, otherwise a malicious USB key plugged in the
system could trigger overflows, seen with KASAN.
To generate a diff of this
Module Name:src
Committed By: maxv
Date: Fri Jul 5 17:14:48 UTC 2019
Modified Files:
src/sys/kern: kern_exec.c
Log Message:
Fix info leak. The padding of 'sigact' is not initialized, it gets copied
in the proc, and can later be obtained by userland.
To generate a diff o
Module Name:src
Committed By: maxv
Date: Fri Jul 5 17:14:48 UTC 2019
Modified Files:
src/sys/kern: kern_exec.c
Log Message:
Fix info leak. The padding of 'sigact' is not initialized, it gets copied
in the proc, and can later be obtained by userland.
To generate a diff o
Module Name:src
Committed By: maxv
Date: Fri Jul 5 17:08:56 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: cpufunc.S
src/sys/arch/i386/i386: cpufunc.S
src/sys/arch/x86/include: cpufunc.h
src/sys/arch/x86/x86: fpu.c
Log Message:
More inlines, pr
Module Name:src
Committed By: maxv
Date: Fri Jul 5 17:08:56 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: cpufunc.S
src/sys/arch/i386/i386: cpufunc.S
src/sys/arch/x86/include: cpufunc.h
src/sys/arch/x86/x86: fpu.c
Log Message:
More inlines, pr
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:40:30 UTC 2019
Modified Files:
src/sys/dev/mii: makphy.c
Log Message:
Check the return value of PHY_READ(). Because, if it fails, 'reg' is not
initialized. On Qemu, this read systematically fails.
Print an error in th
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:40:30 UTC 2019
Modified Files:
src/sys/dev/mii: makphy.c
Log Message:
Check the return value of PHY_READ(). Because, if it fails, 'reg' is not
initialized. On Qemu, this read systematically fails.
Print an error in th
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:31:32 UTC 2019
Modified Files:
src/sys/kern: kern_sysctl.c
Log Message:
Invert two conditions, to fix uninitialized memory access. If the node is
an immediate, then the 64 bits of nnode.sysctl_data may not all be
initi
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:31:32 UTC 2019
Modified Files:
src/sys/kern: kern_sysctl.c
Log Message:
Invert two conditions, to fix uninitialized memory access. If the node is
an immediate, then the 64 bits of nnode.sysctl_data may not all be
initi
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:24:37 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: cpufunc.S
src/sys/arch/i386/i386: cpufunc.S
src/sys/arch/x86/include: cpufunc.h
Log Message:
Inline x86_cpuid2(), prerequisite for future changes
Module Name:src
Committed By: maxv
Date: Wed Jul 3 17:24:37 UTC 2019
Modified Files:
src/sys/arch/amd64/amd64: cpufunc.S
src/sys/arch/i386/i386: cpufunc.S
src/sys/arch/x86/include: cpufunc.h
Log Message:
Inline x86_cpuid2(), prerequisite for future changes
Module Name:src
Committed By: maxv
Date: Mon Jul 1 17:15:43 UTC 2019
Modified Files:
src/sys/kern: sys_lwp.c
Log Message:
Restrict the size given to copyoutstr. It is safer to do that; even if
there is no actual bug here, since the buffer is guaranteed to be NUL
terminate
Module Name:src
Committed By: maxv
Date: Mon Jul 1 17:15:43 UTC 2019
Modified Files:
src/sys/kern: sys_lwp.c
Log Message:
Restrict the size given to copyoutstr. It is safer to do that; even if
there is no actual bug here, since the buffer is guaranteed to be NUL
terminate
Le 29/06/2019 à 02:12, Hisashi T Fujinaka a écrit :
On Thu, 27 Jun 2019, Maxime Villard wrote:
Le 27/06/2019 ? 20:56, Christos Zoulas a ?crit :
On Jun 27, 8:30pm, m...@m00nbsd.net (Maxime Villard) wrote:
-- Subject: Re: CVS commit: src/sys/kern
| Le 27/06/2019 ? 19:07, Christos Zoulas a
Module Name:src
Committed By: maxv
Date: Sat Jun 29 11:37:17 UTC 2019
Modified Files:
src/sys/kern: sys_ptrace_common.c
Log Message:
Fix bug, don't release the reflock if we didn't take it in the first place.
Looks like there are other locking issues in here.
Reported-by:
Module Name:src
Committed By: maxv
Date: Sat Jun 29 11:37:17 UTC 2019
Modified Files:
src/sys/kern: sys_ptrace_common.c
Log Message:
Fix bug, don't release the reflock if we didn't take it in the first place.
Looks like there are other locking issues in here.
Reported-by:
Module Name:src
Committed By: maxv
Date: Sat Jun 29 11:13:23 UTC 2019
Modified Files:
src/sys/kern: subr_pool.c
Log Message:
The big pool allocators use pool_page_alloc(), which allocates page-aligned
storage. So if we switch to a big pool, set PR_NOALIGN, because the addr
401 - 500 of 812 matches
Mail list logo
