CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: sborrill Date: Thu May 7 12:03:47 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1731 To generate a diff of this commit: cvs rdiff -u -r1.1.2.162 -r1.1.2.163 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.162 src/doc/CHANGES-7.0.3:1.1.2.163 --- src/doc/CHANGES-7.0.3:1.1.2.162 Thu Apr 30 16:25:15 2020 +++ src/doc/CHANGES-7.0.3 Thu May 7 12:03:47 2020 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.162 2020/04/30 16:25:15 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.163 2020/05/07 12:03:47 sborrill Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5957,3 +5957,10 @@ games/fortune/unstr/unstr.c 1.15 Fix potential buffer overflows in fortune tools. [nia, ticket #1729] +bin/rcp/rcp.c 1.50 + + In sink(), upon error, avoid multiple replies to the source + as this would lead to a desynchronization of the protocol and + further files or directories to be ignored or corrupted. + [aymeric, ticket #1731] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: sborrill Date: Thu May 7 12:03:47 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1731 To generate a diff of this commit: cvs rdiff -u -r1.1.2.162 -r1.1.2.163 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/bin/rcp
Module Name:src Committed By: sborrill Date: Thu May 7 12:02:24 UTC 2020 Modified Files: src/bin/rcp [netbsd-7-0]: rcp.c Log Message: Pull up the following revisions(s) (requested by aymeric in ticket #1731): bin/rcp/rcp.c: revision 1.50 In sink(), upon error, avoid multiple replies to the source as this would lead to a desynchronization of the protocol and further files or directories to be ignored or corrupted. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.49.14.1 src/bin/rcp/rcp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/bin/rcp
Module Name:src
Committed By: sborrill
Date: Thu May 7 12:02:24 UTC 2020
Modified Files:
src/bin/rcp [netbsd-7-0]: rcp.c
Log Message:
Pull up the following revisions(s) (requested by aymeric in ticket #1731):
bin/rcp/rcp.c: revision 1.50
In sink(), upon error, avoid multiple replies to the source as this
would lead to a desynchronization of the protocol and further files or
directories to be ignored or corrupted.
To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.49.14.1 src/bin/rcp/rcp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/bin/rcp/rcp.c
diff -u src/bin/rcp/rcp.c:1.49 src/bin/rcp/rcp.c:1.49.14.1
--- src/bin/rcp/rcp.c:1.49 Mon May 7 15:22:54 2012
+++ src/bin/rcp/rcp.c Thu May 7 12:02:24 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: rcp.c,v 1.49 2012/05/07 15:22:54 chs Exp $ */
+/* $NetBSD: rcp.c,v 1.49.14.1 2020/05/07 12:02:24 sborrill Exp $ */
/*
* Copyright (c) 1983, 1990, 1992, 1993
@@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 19
#if 0
static char sccsid[] = "@(#)rcp.c 8.2 (Berkeley) 4/2/94";
#else
-__RCSID("$NetBSD: rcp.c,v 1.49 2012/05/07 15:22:54 chs Exp $");
+__RCSID("$NetBSD: rcp.c,v 1.49.14.1 2020/05/07 12:02:24 sborrill Exp $");
#endif
#endif /* not lint */
@@ -470,7 +470,6 @@ sink(int argc, char *argv[])
static BUF buffer;
struct stat stb;
struct timeval tv[2];
- enum { YES, NO, DISPLAYED } wrerr;
BUF *bp;
ssize_t j;
off_t i;
@@ -480,8 +479,9 @@ sink(int argc, char *argv[])
mode_t mask;
mode_t mode;
mode_t omode;
- int setimes, targisdir;
+ int setimes, targisdir, wrerr;
int wrerrno = 0; /* pacify gcc */
+ const char *wrcontext = NULL;
char ch, *cp, *np, *targ, *vect[1], buf[BUFSIZ];
const char *why;
off_t size;
@@ -624,9 +624,7 @@ sink(int argc, char *argv[])
sink(1, vect);
if (setimes) {
setimes = 0;
-if (utimes(np, tv) < 0)
-run_err("%s: set times: %s",
- np, strerror(errno));
+(void) utimes(np, tv);
}
if (mod_flag)
(void)chmod(np, mode);
@@ -644,7 +642,20 @@ bad: run_err("%s: %s", np, strerror(er
continue;
}
cp = bp->buf;
- wrerr = NO;
+ wrerr = 0;
+
+/*
+ * Like run_err(), but don't send any message to the remote end.
+ * Instead, record the first error and send that in the end.
+ */
+#define RUN_ERR(w_context) do { \
+ if (!wrerr) { \
+ wrerrno = errno; \
+ wrcontext = w_context; \
+ wrerr = 1; \
+ }\
+} while(0)
+
count = 0;
for (i = 0; i < size; i += BUFSIZ) {
amt = BUFSIZ;
@@ -663,69 +674,56 @@ bad: run_err("%s: %s", np, strerror(er
} while (amt > 0);
if (count == bp->cnt) {
/* Keep reading so we stay sync'd up. */
-if (wrerr == NO) {
+if (!wrerr) {
j = write(ofd, bp->buf, (size_t)count);
if (j != count) {
- wrerr = YES;
- wrerrno = j >= 0 ? EIO : errno;
+ if (j >= 0)
+ errno = EIO;
+ RUN_ERR("write");
}
}
count = 0;
cp = bp->buf;
}
}
- if (count != 0 && wrerr == NO &&
+ if (count != 0 && !wrerr &&
(j = write(ofd, bp->buf, (size_t)count)) != count) {
- wrerr = YES;
- wrerrno = j >= 0 ? EIO : errno;
- }
- if (ftruncate(ofd, size)) {
- run_err("%s: truncate: %s", np, strerror(errno));
- wrerr = DISPLAYED;
+ if (j >= 0)
+errno = EIO;
+ RUN_ERR("write");
}
+ if (ftruncate(ofd, size))
+ RUN_ERR("truncate");
+
if (pflag) {
if (exists || omode != mode)
if (fchmod(ofd, omode))
- run_err("%s: set mode: %s",
- np, strerror(errno));
+ RUN_ERR("set mode");
} else {
if (!exists && omode != mode)
if (fchmod(ofd, omode & ~mask))
- run_err("%s: set mode: %s",
- np, strerror(errno));
+ RUN_ERR("set mode");
}
#ifndef __SVR4
- if (setimes && wrerr == NO) {
+ if (setimes && !wrerr) {
setimes = 0;
- if (futimes(ofd, tv) < 0) {
-run_err("%s: set times: %s",
-np, strerror(errno));
-wrerr = DISPLAYED;
- }
+ if (futimes(ofd, tv) < 0)
+RUN_ERR("set times");
}
#endif
(void)close(ofd);
#ifdef __SVR4
- if (setimes && wrerr == NO) {
+ if (setimes && !wrerr) {
setimes = 0;
- if (utimes(np, tv) < 0) {
-run_err("%s: set times: %s",
-np, strerror(errno));
-wrerr = DISPLAYED;
- }
+ if (utimes(np, tv) < 0)
+RUN_ERR("set times");
}
#endif
(void)response();
- switch(wrerr) {
- case YES:
- run_err("%s: write: %s", np, strerror(wrerrno));
- break;
- case NO:
+ if (wrerr)
+ run_err("%s: %s: %s", np, wrcontext, strerror(wrerrno));
+ else
(void)write(rem, "", 1);
- break;
- case DISPLAYED:
- break;
- }
}
out:
CVS commit: [netbsd-7-0] src/games/fortune
Module Name:src Committed By: martin Date: Thu Apr 30 21:24:25 UTC 2020 Modified Files: src/games/fortune/strfile [netbsd-7-0]: strfile.c src/games/fortune/unstr [netbsd-7-0]: unstr.c Log Message: Pull up following revision(s) (requested by nia in ticket #1729): games/fortune/strfile/strfile.c: revision 1.39 games/fortune/unstr/unstr.c: revision 1.15 strfile: Check that input/output filenames don't exceed the buffer size unstr: Check that the input filename fits in the buffer. To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.38.6.1 src/games/fortune/strfile/strfile.c cvs rdiff -u -r1.14 -r1.14.12.1 src/games/fortune/unstr/unstr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/games/fortune
Module Name:src
Committed By: martin
Date: Thu Apr 30 21:24:25 UTC 2020
Modified Files:
src/games/fortune/strfile [netbsd-7-0]: strfile.c
src/games/fortune/unstr [netbsd-7-0]: unstr.c
Log Message:
Pull up following revision(s) (requested by nia in ticket #1729):
games/fortune/strfile/strfile.c: revision 1.39
games/fortune/unstr/unstr.c: revision 1.15
strfile: Check that input/output filenames don't exceed the buffer size
unstr: Check that the input filename fits in the buffer.
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.6.1 src/games/fortune/strfile/strfile.c
cvs rdiff -u -r1.14 -r1.14.12.1 src/games/fortune/unstr/unstr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/games/fortune/strfile/strfile.c
diff -u src/games/fortune/strfile/strfile.c:1.38 src/games/fortune/strfile/strfile.c:1.38.6.1
--- src/games/fortune/strfile/strfile.c:1.38 Thu Sep 19 00:34:00 2013
+++ src/games/fortune/strfile/strfile.c Thu Apr 30 21:24:25 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: strfile.c,v 1.38 2013/09/19 00:34:00 uwe Exp $ */
+/* $NetBSD: strfile.c,v 1.38.6.1 2020/04/30 21:24:25 martin Exp $ */
/*-
* Copyright (c) 1989, 1993
@@ -47,7 +47,7 @@ __COPYRIGHT("@(#) Copyright (c) 1989, 19
#if 0
static char sccsid[] = "@(#)strfile.c 8.1 (Berkeley) 5/31/93";
#else
-__RCSID("$NetBSD: strfile.c,v 1.38 2013/09/19 00:34:00 uwe Exp $");
+__RCSID("$NetBSD: strfile.c,v 1.38.6.1 2020/04/30 21:24:25 martin Exp $");
#endif
#endif /* not lint */
#endif /* __NetBSD__ */
@@ -267,6 +267,7 @@ getargs(int argc, char **argv)
int ch;
extern int optind;
extern char *optarg;
+ size_t len;
while ((ch = getopt(argc, argv, "c:iorsx")) != -1)
switch(ch) {
@@ -300,14 +301,25 @@ getargs(int argc, char **argv)
if (*argv) {
Infile = *argv;
- if (*++argv)
- (void) strcpy(Outfile, *argv);
+ if (*++argv) {
+ len = strlen(*argv);
+ if (len >= sizeof(Outfile)) {
+puts("Bad output filename");
+usage();
+ }
+ (void) memcpy(Outfile, *argv, len + 1);
+ }
}
if (!Infile) {
puts("No input file name");
usage();
}
if (*Outfile == '\0') {
+ len = strlen(Infile) + sizeof(".dat");
+ if (len > sizeof(Outfile)) {
+ puts("Bad input filename");
+ usage();
+ }
(void) strcpy(Outfile, Infile);
(void) strcat(Outfile, ".dat");
}
Index: src/games/fortune/unstr/unstr.c
diff -u src/games/fortune/unstr/unstr.c:1.14 src/games/fortune/unstr/unstr.c:1.14.12.1
--- src/games/fortune/unstr/unstr.c:1.14 Tue Jun 19 05:46:08 2012
+++ src/games/fortune/unstr/unstr.c Thu Apr 30 21:24:25 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: unstr.c,v 1.14 2012/06/19 05:46:08 dholland Exp $ */
+/* $NetBSD: unstr.c,v 1.14.12.1 2020/04/30 21:24:25 martin Exp $ */
/*-
* Copyright (c) 1991, 1993
@@ -42,7 +42,7 @@ __COPYRIGHT("@(#) Copyright (c) 1991, 19
#if 0
static char sccsid[] = "@(#)unstr.c 8.1 (Berkeley) 5/31/93";
#else
-__RCSID("$NetBSD: unstr.c,v 1.14 2012/06/19 05:46:08 dholland Exp $");
+__RCSID("$NetBSD: unstr.c,v 1.14.12.1 2020/04/30 21:24:25 martin Exp $");
#endif
#endif /* not lint */
@@ -114,7 +114,7 @@ main(int ac __unused, char **av)
void
getargs(char *av[])
{
- if (!*++av) {
+ if (!*++av || (strlen(*av) + sizeof(".dat")) > sizeof(Datafile)) {
(void) fprintf(stderr, "usage: unstr datafile\n");
exit(1);
}
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Apr 30 16:25:16 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1729 To generate a diff of this commit: cvs rdiff -u -r1.1.2.161 -r1.1.2.162 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Apr 30 16:25:16 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1729 To generate a diff of this commit: cvs rdiff -u -r1.1.2.161 -r1.1.2.162 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.161 src/doc/CHANGES-7.0.3:1.1.2.162 --- src/doc/CHANGES-7.0.3:1.1.2.161 Wed Apr 15 14:59:54 2020 +++ src/doc/CHANGES-7.0.3 Thu Apr 30 16:25:15 2020 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.161 2020/04/15 14:59:54 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.162 2020/04/30 16:25:15 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5951,3 +5951,9 @@ sys/netinet6/nd6_rtr.c1.148 (via pat PR kern/55091 and PR bin/54997: fix default route selection. [kim, ticket #1727] +games/fortune/strfile/strfile.c 1.39 +games/fortune/unstr/unstr.c 1.15 + + Fix potential buffer overflows in fortune tools. + [nia, ticket #1729] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed Apr 15 14:59:54 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1727 To generate a diff of this commit: cvs rdiff -u -r1.1.2.160 -r1.1.2.161 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.160 src/doc/CHANGES-7.0.3:1.1.2.161 --- src/doc/CHANGES-7.0.3:1.1.2.160 Wed Feb 12 20:24:07 2020 +++ src/doc/CHANGES-7.0.3 Wed Apr 15 14:59:54 2020 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.160 2020/02/12 20:24:07 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.161 2020/04/15 14:59:54 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5946,3 +5946,8 @@ external/bsd/ppp/dist/pppd/eap.c 1.5 pppd: Fix bounds check in EAP code [christos, ticket #1722] +sys/netinet6/nd6_rtr.c1.148 (via patch) + + PR kern/55091 and PR bin/54997: fix default route selection. + [kim, ticket #1727] +
CVS commit: [netbsd-7-0] src/sys/netinet6
Module Name:src
Committed By: martin
Date: Wed Apr 15 14:59:33 UTC 2020
Modified Files:
src/sys/netinet6 [netbsd-7-0]: nd6_rtr.c
Log Message:
Pull up following revision(s) (requested by kim in ticket #1727):
sys/netinet6/nd6_rtr.c: revision 1.148 (via patch)
Fix default route selection
The primary issue was that in revision 1.79 a check was added in the
nd6_defrouter_select() search loop to ignore the entry if RA processing
is enabled on its interface. In practice this results in all entries
being ignored.
This fix reverses the condition, so that an entry is ignored when RA
processing is NOT enabled on its interface. Further, the entry is
only ignored for being selected as the default router. The currently
installed router must be identified regardless of the (current) status
of its interface, so that we can delete the route before installing a
new one.
I also added error logging when adding or deleting a route fails. This
should help the administrator (or kernel developer) in noticing possible
problems.
Finally, if deleting a route fails, the corresponding default route
entry no longer has its "installed" flag cleared, so that deletion will
be retried. At a minimum, this will cause repeated messages about the
failed deletion as opposed to only getting repeated messages about the
installation of a new default route failing.
Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour
observed with ndp(8).
To generate a diff of this commit:
cvs rdiff -u -r1.93.2.3 -r1.93.2.3.2.1 src/sys/netinet6/nd6_rtr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/nd6_rtr.c
diff -u src/sys/netinet6/nd6_rtr.c:1.93.2.3 src/sys/netinet6/nd6_rtr.c:1.93.2.3.2.1
--- src/sys/netinet6/nd6_rtr.c:1.93.2.3 Sat May 2 18:23:25 2015
+++ src/sys/netinet6/nd6_rtr.c Wed Apr 15 14:59:33 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: nd6_rtr.c,v 1.93.2.3 2015/05/02 18:23:25 martin Exp $ */
+/* $NetBSD: nd6_rtr.c,v 1.93.2.3.2.1 2020/04/15 14:59:33 martin Exp $ */
/* $KAME: nd6_rtr.c,v 1.95 2001/02/07 08:09:47 itojun Exp $ */
/*
@@ -31,7 +31,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.93.2.3 2015/05/02 18:23:25 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_rtr.c,v 1.93.2.3.2.1 2020/04/15 14:59:33 martin Exp $");
#include
#include
@@ -472,6 +472,10 @@ defrouter_addreq(struct nd_defrouter *ne
}
if (error == 0)
new->installed = 1;
+ else
+ log(LOG_ERR, "defrouter_addreq: "
+ "error %d adding default router %s on %s\n",
+ error, ip6_sprintf(>rtaddr), new->ifp->if_xname);
splx(s);
return;
}
@@ -559,6 +563,7 @@ defrouter_delreq(struct nd_defrouter *dr
struct sockaddr sa;
} def, mask, gw;
struct rtentry *oldrt = NULL;
+ int error;
#ifdef DIAGNOSTIC
if (dr == NULL)
@@ -577,7 +582,7 @@ defrouter_delreq(struct nd_defrouter *dr
gw.sin6.sin6_scope_id = 0; /* XXX */
#endif
- rtrequest(RTM_DELETE, , , , RTF_GATEWAY, );
+ error = rtrequest(RTM_DELETE, , , , RTF_GATEWAY, );
if (oldrt) {
nd6_rtmsg(RTM_DELETE, oldrt);
if (oldrt->rt_refcnt <= 0) {
@@ -591,7 +596,12 @@ defrouter_delreq(struct nd_defrouter *dr
}
}
- dr->installed = 0;
+ if (error == 0)
+ dr->installed = 0;
+ else
+ log(LOG_ERR, "defrouter_delreq: "
+ "error %d deleting default router %s on %s\n",
+ error, ip6_sprintf(>rtaddr), dr->ifp->if_xname);
}
/*
@@ -672,8 +682,16 @@ defrouter_select(void)
*/
for (dr = TAILQ_FIRST(_defrouter); dr;
dr = TAILQ_NEXT(dr, dr_entry)) {
+ if (dr->installed && !installed_dr)
+ installed_dr = dr;
+ else if (dr->installed && installed_dr) {
+ /* this should not happen. warn for diagnosis. */
+ log(LOG_ERR, "defrouter_select: more than one router"
+ " is installed\n");
+ }
+
ndi = ND_IFINFO(dr->ifp);
- if (nd6_accepts_rtadv(ndi))
+ if (!nd6_accepts_rtadv(ndi))
continue;
if (selected_dr == NULL &&
@@ -682,14 +700,6 @@ defrouter_select(void)
ND6_IS_LLINFO_PROBREACH(ln)) {
selected_dr = dr;
}
-
- if (dr->installed && !installed_dr)
- installed_dr = dr;
- else if (dr->installed && installed_dr) {
- /* this should not happen. warn for diagnosis. */
- log(LOG_ERR, "defrouter_select: more than one router"
- " is installed\n");
- }
}
/*
* If none of the default routers was found to be reachable,
CVS commit: [netbsd-7-0] src/sys/netinet6
Module Name:src Committed By: martin Date: Wed Apr 15 14:59:33 UTC 2020 Modified Files: src/sys/netinet6 [netbsd-7-0]: nd6_rtr.c Log Message: Pull up following revision(s) (requested by kim in ticket #1727): sys/netinet6/nd6_rtr.c: revision 1.148 (via patch) Fix default route selection The primary issue was that in revision 1.79 a check was added in the nd6_defrouter_select() search loop to ignore the entry if RA processing is enabled on its interface. In practice this results in all entries being ignored. This fix reverses the condition, so that an entry is ignored when RA processing is NOT enabled on its interface. Further, the entry is only ignored for being selected as the default router. The currently installed router must be identified regardless of the (current) status of its interface, so that we can delete the route before installing a new one. I also added error logging when adding or deleting a route fails. This should help the administrator (or kernel developer) in noticing possible problems. Finally, if deleting a route fails, the corresponding default route entry no longer has its "installed" flag cleared, so that deletion will be retried. At a minimum, this will cause repeated messages about the failed deletion as opposed to only getting repeated messages about the installation of a new default route failing. Fixes PR kern/55091 and also PR bin/54997 as far as the behaviour observed with ndp(8). To generate a diff of this commit: cvs rdiff -u -r1.93.2.3 -r1.93.2.3.2.1 src/sys/netinet6/nd6_rtr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed Apr 15 14:59:54 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1727 To generate a diff of this commit: cvs rdiff -u -r1.1.2.160 -r1.1.2.161 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed Feb 12 20:24:07 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1722 To generate a diff of this commit: cvs rdiff -u -r1.1.2.159 -r1.1.2.160 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed Feb 12 20:24:07 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1722 To generate a diff of this commit: cvs rdiff -u -r1.1.2.159 -r1.1.2.160 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.159 src/doc/CHANGES-7.0.3:1.1.2.160 --- src/doc/CHANGES-7.0.3:1.1.2.159 Thu Jan 2 09:58:20 2020 +++ src/doc/CHANGES-7.0.3 Wed Feb 12 20:24:07 2020 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.159 2020/01/02 09:58:20 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.160 2020/02/12 20:24:07 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5941,3 +5941,8 @@ sys/conf/copyright1.18 Welcome to 2020. [mlelstv, ticket #1719] +external/bsd/ppp/dist/pppd/eap.c 1.5 + + pppd: Fix bounds check in EAP code + [christos, ticket #1722] +
CVS commit: [netbsd-7-0] src/external/bsd/ppp/dist/pppd
Module Name:src Committed By: martin Date: Wed Feb 12 20:23:39 UTC 2020 Modified Files: src/external/bsd/ppp/dist/pppd [netbsd-7-0]: eap.c Log Message: Pull up following revision(s) (requested by christos in ticket #1722): external/bsd/ppp/dist/pppd/eap.c: revision 1.5 pppd: Fix bounds check in EAP code Given that we have just checked vallen < len, it can never be the case that vallen >= len + sizeof(rhostname). This fixes the check so we actually avoid overflowing the rhostname array. Reported-by: Ilja Van Sprundel Signed-off-by: Paul Mackerras From: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.2.10.1 src/external/bsd/ppp/dist/pppd/eap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/external/bsd/ppp/dist/pppd
Module Name:src
Committed By: martin
Date: Wed Feb 12 20:23:39 UTC 2020
Modified Files:
src/external/bsd/ppp/dist/pppd [netbsd-7-0]: eap.c
Log Message:
Pull up following revision(s) (requested by christos in ticket #1722):
external/bsd/ppp/dist/pppd/eap.c: revision 1.5
pppd: Fix bounds check in EAP code
Given that we have just checked vallen < len, it can never be the case
that vallen >= len + sizeof(rhostname). This fixes the check so we
actually avoid overflowing the rhostname array.
Reported-by: Ilja Van Sprundel
Signed-off-by: Paul Mackerras
From:
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.2.10.1 src/external/bsd/ppp/dist/pppd/eap.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/ppp/dist/pppd/eap.c
diff -u src/external/bsd/ppp/dist/pppd/eap.c:1.2 src/external/bsd/ppp/dist/pppd/eap.c:1.2.10.1
--- src/external/bsd/ppp/dist/pppd/eap.c:1.2 Thu Nov 28 22:33:42 2013
+++ src/external/bsd/ppp/dist/pppd/eap.c Wed Feb 12 20:23:39 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: eap.c,v 1.2 2013/11/28 22:33:42 christos Exp $ */
+/* $NetBSD: eap.c,v 1.2.10.1 2020/02/12 20:23:39 martin Exp $ */
/*
* eap.c - Extensible Authentication Protocol for PPP (RFC 2284)
*
@@ -49,7 +49,7 @@
#define RCSID "Id: eap.c,v 1.4 2004/11/09 22:39:25 paulus Exp "
static const char rcsid[] = RCSID;
#else
-__RCSID("$NetBSD: eap.c,v 1.2 2013/11/28 22:33:42 christos Exp $");
+__RCSID("$NetBSD: eap.c,v 1.2.10.1 2020/02/12 20:23:39 martin Exp $");
#endif
/*
@@ -1433,7 +1433,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
@@ -1859,7 +1859,7 @@ int len;
}
/* Not so likely to happen. */
- if (vallen >= len + sizeof (rhostname)) {
+ if (len - vallen >= sizeof (rhostname)) {
dbglog("EAP: trimming really long peer name down");
BCOPY(inp + vallen, rhostname, sizeof (rhostname) - 1);
rhostname[sizeof (rhostname) - 1] = '\0';
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Jan 2 09:58:20 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1719 To generate a diff of this commit: cvs rdiff -u -r1.1.2.158 -r1.1.2.159 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.158 src/doc/CHANGES-7.0.3:1.1.2.159 --- src/doc/CHANGES-7.0.3:1.1.2.158 Tue Dec 17 16:35:52 2019 +++ src/doc/CHANGES-7.0.3 Thu Jan 2 09:58:20 2020 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.158 2019/12/17 16:35:52 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.159 2020/01/02 09:58:20 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5936,3 +5936,8 @@ sys/dev/ic/ath.c1.129 Protect network ioctls from non-authorized users. [christos, ticket #1718] +sys/conf/copyright1.18 + + Welcome to 2020. + [mlelstv, ticket #1719] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Jan 2 09:58:20 UTC 2020 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1719 To generate a diff of this commit: cvs rdiff -u -r1.1.2.158 -r1.1.2.159 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/conf
Module Name:src Committed By: martin Date: Thu Jan 2 09:57:59 UTC 2020 Modified Files: src/sys/conf [netbsd-7-0]: copyright Log Message: Pull up following revision(s) (requested by mlelstv in ticket #1719): sys/conf/copyright: revision 1.18 Welcome to 2020. To generate a diff of this commit: cvs rdiff -u -r1.12.4.1.2.3 -r1.12.4.1.2.4 src/sys/conf/copyright Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/copyright diff -u src/sys/conf/copyright:1.12.4.1.2.3 src/sys/conf/copyright:1.12.4.1.2.4 --- src/sys/conf/copyright:1.12.4.1.2.3 Wed Jan 2 15:29:22 2019 +++ src/sys/conf/copyright Thu Jan 2 09:57:59 2020 @@ -1,5 +1,5 @@ Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, -2018, 2019 The NetBSD Foundation, Inc. All rights reserved. +2018, 2019, 2020 The NetBSD Foundation, Inc. All rights reserved. Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved.
CVS commit: [netbsd-7-0] src/sys/conf
Module Name:src Committed By: martin Date: Thu Jan 2 09:57:59 UTC 2020 Modified Files: src/sys/conf [netbsd-7-0]: copyright Log Message: Pull up following revision(s) (requested by mlelstv in ticket #1719): sys/conf/copyright: revision 1.18 Welcome to 2020. To generate a diff of this commit: cvs rdiff -u -r1.12.4.1.2.3 -r1.12.4.1.2.4 src/sys/conf/copyright Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Dec 17 16:35:52 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1718 To generate a diff of this commit: cvs rdiff -u -r1.1.2.157 -r1.1.2.158 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.157 src/doc/CHANGES-7.0.3:1.1.2.158 --- src/doc/CHANGES-7.0.3:1.1.2.157 Sun Dec 8 10:27:54 2019 +++ src/doc/CHANGES-7.0.3 Tue Dec 17 16:35:52 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.157 2019/12/08 10:27:54 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.158 2019/12/17 16:35:52 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5931,3 +5931,8 @@ sys/dev/cons.c 1.76,1.77 Fix reference count leak in cons(4). [riastradh, ticket #1717] +sys/dev/ic/ath.c1.129 + + Protect network ioctls from non-authorized users. + [christos, ticket #1718] +
CVS commit: [netbsd-7-0] src/sys/dev/ic
Module Name:src
Committed By: martin
Date: Tue Dec 17 16:35:28 UTC 2019
Modified Files:
src/sys/dev/ic [netbsd-7-0]: ath.c
Log Message:
Pull up following revision(s) (requested by christos in ticket #1718):
sys/dev/ic/ath.c: revision 1.129
Protect network ioctls from non-authorized users. (Ilja Van Sprundel)
To generate a diff of this commit:
cvs rdiff -u -r1.116 -r1.116.6.1 src/sys/dev/ic/ath.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/ic/ath.c
diff -u src/sys/dev/ic/ath.c:1.116 src/sys/dev/ic/ath.c:1.116.6.1
--- src/sys/dev/ic/ath.c:1.116 Thu Sep 12 12:17:53 2013
+++ src/sys/dev/ic/ath.c Tue Dec 17 16:35:28 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ath.c,v 1.116 2013/09/12 12:17:53 martin Exp $ */
+/* $NetBSD: ath.c,v 1.116.6.1 2019/12/17 16:35:28 martin Exp $ */
/*-
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
@@ -41,7 +41,7 @@
__FBSDID("$FreeBSD: src/sys/dev/ath/if_ath.c,v 1.104 2005/09/16 10:09:23 ru Exp $");
#endif
#ifdef __NetBSD__
-__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.116 2013/09/12 12:17:53 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.116.6.1 2019/12/17 16:35:28 martin Exp $");
#endif
/*
@@ -69,6 +69,7 @@ __KERNEL_RCSID(0, "$NetBSD: ath.c,v 1.11
#include
#include
#include
+#include
#include
#include
@@ -5362,6 +5363,12 @@ ath_ioctl(struct ifnet *ifp, u_long cmd,
return copyout(>sc_stats,
ifr->ifr_data, sizeof (sc->sc_stats));
case SIOCGATHDIAG:
+ error = kauth_authorize_network(curlwp->l_cred,
+ KAUTH_NETWORK_INTERFACE,
+ KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, KAUTH_ARG(cmd),
+ NULL);
+ if (error)
+ break;
error = ath_ioctl_diag(sc, (struct ath_diag *) ifr);
break;
default:
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Dec 17 16:35:52 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1718 To generate a diff of this commit: cvs rdiff -u -r1.1.2.157 -r1.1.2.158 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/dev/ic
Module Name:src Committed By: martin Date: Tue Dec 17 16:35:28 UTC 2019 Modified Files: src/sys/dev/ic [netbsd-7-0]: ath.c Log Message: Pull up following revision(s) (requested by christos in ticket #1718): sys/dev/ic/ath.c: revision 1.129 Protect network ioctls from non-authorized users. (Ilja Van Sprundel) To generate a diff of this commit: cvs rdiff -u -r1.116 -r1.116.6.1 src/sys/dev/ic/ath.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sun Dec 8 10:27:54 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1717 To generate a diff of this commit: cvs rdiff -u -r1.1.2.156 -r1.1.2.157 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.156 src/doc/CHANGES-7.0.3:1.1.2.157 --- src/doc/CHANGES-7.0.3:1.1.2.156 Thu Dec 5 16:23:51 2019 +++ src/doc/CHANGES-7.0.3 Sun Dec 8 10:27:54 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.156 2019/12/05 16:23:51 bouyer Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.157 2019/12/08 10:27:54 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5926,3 +5926,8 @@ share/man/man4/rnd.41.25 - 1.28 Update NIST SP800-90A reference. [riastradh, ticket #1715] +sys/dev/cons.c 1.76,1.77 + + Fix reference count leak in cons(4). + [riastradh, ticket #1717] +
CVS commit: [netbsd-7-0] src/sys/dev
Module Name:src
Committed By: martin
Date: Sun Dec 8 10:27:32 UTC 2019
Modified Files:
src/sys/dev [netbsd-7-0]: cons.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1717):
sys/dev/cons.c: revision 1.76
sys/dev/cons.c: revision 1.77
Fix reference count leak in cons(4).
Don't forget to vrele after you're done, folks!
Restore historical $Hdr$ tag after git cvsexportcommit nixed it.
To generate a diff of this commit:
cvs rdiff -u -r1.72.2.1 -r1.72.2.1.2.1 src/sys/dev/cons.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/cons.c
diff -u src/sys/dev/cons.c:1.72.2.1 src/sys/dev/cons.c:1.72.2.1.2.1
--- src/sys/dev/cons.c:1.72.2.1 Mon Mar 9 08:00:46 2015
+++ src/sys/dev/cons.c Sun Dec 8 10:27:32 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: cons.c,v 1.72.2.1 2015/03/09 08:00:46 snj Exp $ */
+/* $NetBSD: cons.c,v 1.72.2.1.2.1 2019/12/08 10:27:32 martin Exp $ */
/*
* Copyright (c) 1988 University of Utah.
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: cons.c,v 1.72.2.1 2015/03/09 08:00:46 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cons.c,v 1.72.2.1.2.1 2019/12/08 10:27:32 martin Exp $");
#include
#include
@@ -150,6 +150,7 @@ cnclose(dev_t dev, int flag, int mode, s
if (error == 0) {
error = VOP_CLOSE(vp, flag, kauth_cred_get());
VOP_UNLOCK(vp);
+ vrele(vp);
}
return error;
}
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sun Dec 8 10:27:54 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1717 To generate a diff of this commit: cvs rdiff -u -r1.1.2.156 -r1.1.2.157 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/dev
Module Name:src Committed By: martin Date: Sun Dec 8 10:27:32 UTC 2019 Modified Files: src/sys/dev [netbsd-7-0]: cons.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1717): sys/dev/cons.c: revision 1.76 sys/dev/cons.c: revision 1.77 Fix reference count leak in cons(4). Don't forget to vrele after you're done, folks! Restore historical $Hdr$ tag after git cvsexportcommit nixed it. To generate a diff of this commit: cvs rdiff -u -r1.72.2.1 -r1.72.2.1.2.1 src/sys/dev/cons.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/share/man/man4
Module Name:src Committed By: bouyer Date: Thu Dec 5 16:23:23 UTC 2019 Modified Files: src/share/man/man4 [netbsd-7-0]: rnd.4 Log Message: Pull up following revision(s) (requested by riastradh in ticket #1715): share/man/man4/rnd.4: revision 1.26 share/man/man4/rnd.4: revision 1.27 share/man/man4/rnd.4: revision 1.28 share/man/man4/rnd.4: revision 1.25 Update man page to reflect switch from CTR_DRBG to Hash_DRBG. Replace slightly wrong rant by shorter and slightly less long rant. (If X and Y in Z/2Z are independent, then so are X and X+Y. What was I thinking.) Update NIST SP800-90A reference. New sentence, new line. Use \(em. To generate a diff of this commit: cvs rdiff -u -r1.20.10.1 -r1.20.10.1.2.1 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: bouyer Date: Thu Dec 5 16:23:51 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: ticket 1715 To generate a diff of this commit: cvs rdiff -u -r1.1.2.155 -r1.1.2.156 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: bouyer Date: Thu Dec 5 16:23:51 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: ticket 1715 To generate a diff of this commit: cvs rdiff -u -r1.1.2.155 -r1.1.2.156 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.155 src/doc/CHANGES-7.0.3:1.1.2.156 --- src/doc/CHANGES-7.0.3:1.1.2.155 Mon Nov 25 15:49:05 2019 +++ src/doc/CHANGES-7.0.3 Thu Dec 5 16:23:51 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.155 2019/11/25 15:49:05 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.156 2019/12/05 16:23:51 bouyer Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5920,3 +5920,9 @@ sys/kern/subr_cprng.c1.33 Use cprng_strong, not cprng_fast, for sysctl kern.arnd. [riastradh, ticket #1714] +share/man/man4/rnd.41.25 - 1.28 + + Update man page to reflect switch from CTR_DRBG to Hash_DRBG. + Update NIST SP800-90A reference. + [riastradh, ticket #1715] +
CVS commit: [netbsd-7-0] src/share/man/man4
Module Name:src Committed By: bouyer Date: Thu Dec 5 16:23:23 UTC 2019 Modified Files: src/share/man/man4 [netbsd-7-0]: rnd.4 Log Message: Pull up following revision(s) (requested by riastradh in ticket #1715): share/man/man4/rnd.4: revision 1.26 share/man/man4/rnd.4: revision 1.27 share/man/man4/rnd.4: revision 1.28 share/man/man4/rnd.4: revision 1.25 Update man page to reflect switch from CTR_DRBG to Hash_DRBG. Replace slightly wrong rant by shorter and slightly less long rant. (If X and Y in Z/2Z are independent, then so are X and X+Y. What was I thinking.) Update NIST SP800-90A reference. New sentence, new line. Use \(em. To generate a diff of this commit: cvs rdiff -u -r1.20.10.1 -r1.20.10.1.2.1 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/rnd.4 diff -u src/share/man/man4/rnd.4:1.20.10.1 src/share/man/man4/rnd.4:1.20.10.1.2.1 --- src/share/man/man4/rnd.4:1.20.10.1 Wed Mar 18 07:54:26 2015 +++ src/share/man/man4/rnd.4 Thu Dec 5 16:23:22 2019 @@ -1,4 +1,4 @@ -.\" $NetBSD: rnd.4,v 1.20.10.1 2015/03/18 07:54:26 snj Exp $ +.\" $NetBSD: rnd.4,v 1.20.10.1.2.1 2019/12/05 16:23:22 bouyer Exp $ .\" .\" Copyright (c) 2014 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 16, 2014 +.Dd September 3, 2019 .Dt RND 4 .Os .Sh NAME @@ -187,8 +187,8 @@ quantum computers. Systems with nonvolatile storage should store a secret from .Pa /dev/urandom on disk during installation or shutdown, and feed it back during boot, -so that the work the operating system has done to gather entropy -- -including the work its operator may have done to flip a coin! -- can be +so that the work the operating system has done to gather entropy \(em +including the work its operator may have done to flip a coin! \(em can be saved from one boot to the next, and so that newly installed systems are not vulnerable to generating cryptographic keys predictably. .Pp @@ -205,7 +205,7 @@ in see .Xr rc.conf 5 . .Sh LIMITATIONS -Some people worry about recovery from state compromise -- that is, +Some people worry about recovery from state compromise \(em that is, ensuring that even if an attacker sees the entire state of the operating system, then the attacker will be unable to predict any new future outputs as long as the operating system gathers fresh entropy @@ -404,9 +404,9 @@ When a user process opens or .Pa /dev/urandom and first reads from it, the kernel draws from the entropy pool to seed -a cryptographic pseudorandom number generator, the NIST CTR_DRBG -(counter-mode deterministic random bit generator) with AES-128 as the -block cipher, and uses that to generate data. +a cryptographic pseudorandom number generator, the NIST Hash_DRBG +(hash-based deterministic random bit generator) with SHA-256 as the +hash function, and uses that to generate data. .Pp To draw a seed from the entropy pool, the kernel .Bl -bullet -offset abcd -compact @@ -489,10 +489,10 @@ Never blocks. .%A Elaine Barker .%A John Kelsey .%T Recommendation for Random Number Generation Using Deterministic Random Bit Generators -.%D January 2012 +.%D June 2015 .%I National Institute of Standards and Technology -.%O NIST Special Publication 800-90A -.%U http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf +.%O NIST Special Publication 800-90A, Revision 1 +.%U https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final .Re .Rs .%A Daniel J. Bernstein @@ -551,59 +551,33 @@ Unfortunately, no amount of software eng .Sh ENTROPY ACCOUNTING The entropy accounting described here is not grounded in any cryptography theory. -It is done because it was always done, and because it gives people a -warm fuzzy feeling about information theory. +.Sq Entropy estimation +doesn't mean much: the kernel hypothesizes an extremely simple-minded +parametric model for all entropy sources which bears little relation to +any physical processes, implicitly fits parameters from data, and +accounts for the entropy of the fitted model. .Pp -The folklore is that every -.Fa n Ns -bit -output of -.Fa /dev/random -is not merely indistinguishable from uniform random to a -computationally bounded attacker, but information-theoretically is -independent and has -.Fa n -bits of entropy even to a computationally -.Em unbounded -attacker -- that is, an attacker who can recover AES keys, compute -SHA-1 preimages, etc. -This property is not provided, nor was it ever provided in any -implementation of -.Fa /dev/random -known to the author. -.Pp -This property would require that, after each read, the system discard -all measurements from hardware in the entropy pool and begin anew. -All work done to make the system unpredictable would
CVS commit: [netbsd-7-0] src/sys/kern
Module Name:src Committed By: martin Date: Mon Nov 25 15:48:40 UTC 2019 Modified Files: src/sys/kern [netbsd-7-0]: subr_cprng.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1714): sys/kern/subr_cprng.c: revision 1.33 Use cprng_strong, not cprng_fast, for sysctl kern.arnd. To generate a diff of this commit: cvs rdiff -u -r1.24.2.1.2.1 -r1.24.2.1.2.2 src/sys/kern/subr_cprng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Mon Nov 25 15:49:05 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1714 To generate a diff of this commit: cvs rdiff -u -r1.1.2.154 -r1.1.2.155 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/kern
Module Name:src
Committed By: martin
Date: Mon Nov 25 15:48:40 UTC 2019
Modified Files:
src/sys/kern [netbsd-7-0]: subr_cprng.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1714):
sys/kern/subr_cprng.c: revision 1.33
Use cprng_strong, not cprng_fast, for sysctl kern.arnd.
To generate a diff of this commit:
cvs rdiff -u -r1.24.2.1.2.1 -r1.24.2.1.2.2 src/sys/kern/subr_cprng.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/subr_cprng.c
diff -u src/sys/kern/subr_cprng.c:1.24.2.1.2.1 src/sys/kern/subr_cprng.c:1.24.2.1.2.2
--- src/sys/kern/subr_cprng.c:1.24.2.1.2.1 Tue Sep 3 12:30:46 2019
+++ src/sys/kern/subr_cprng.c Mon Nov 25 15:48:40 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_cprng.c,v 1.24.2.1.2.1 2019/09/03 12:30:46 martin Exp $ */
+/* $NetBSD: subr_cprng.c,v 1.24.2.1.2.2 2019/11/25 15:48:40 martin Exp $ */
/*-
* Copyright (c) 2011-2013 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.24.2.1.2.1 2019/09/03 12:30:46 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.24.2.1.2.2 2019/11/25 15:48:40 martin Exp $");
#include
#include
@@ -508,6 +508,7 @@ cprng_strong_rndsink_callback(void *cont
mutex_exit(>cs_lock);
}
+static ONCE_DECL(sysctl_prng_once);
static cprng_strong_t *sysctl_prng;
static int
@@ -527,10 +528,9 @@ makeprng(void)
static int
sysctl_kern_urnd(SYSCTLFN_ARGS)
{
- static ONCE_DECL(control);
int v, rv;
- RUN_ONCE(, makeprng);
+ RUN_ONCE(_prng_once, makeprng);
rv = cprng_strong(sysctl_prng, , sizeof(v), 0);
if (rv == sizeof(v)) {
struct sysctlnode node = *rnode;
@@ -559,6 +559,7 @@ sysctl_kern_arnd(SYSCTLFN_ARGS)
int error;
void *v;
struct sysctlnode node = *rnode;
+ size_t n __diagused;
switch (*oldlenp) {
case 0:
@@ -567,8 +568,10 @@ sysctl_kern_arnd(SYSCTLFN_ARGS)
if (*oldlenp > 256) {
return E2BIG;
}
+ RUN_ONCE(_prng_once, makeprng);
v = kmem_alloc(*oldlenp, KM_SLEEP);
- cprng_fast(v, *oldlenp);
+ n = cprng_strong(sysctl_prng, v, *oldlenp, 0);
+ KASSERT(n == *oldlenp);
node.sysctl_data = v;
node.sysctl_size = *oldlenp;
error = sysctl_lookup(SYSCTLFN_CALL());
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Mon Nov 25 15:49:05 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1714 To generate a diff of this commit: cvs rdiff -u -r1.1.2.154 -r1.1.2.155 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.154 src/doc/CHANGES-7.0.3:1.1.2.155 --- src/doc/CHANGES-7.0.3:1.1.2.154 Thu Oct 31 01:55:22 2019 +++ src/doc/CHANGES-7.0.3 Mon Nov 25 15:49:05 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.154 2019/10/31 01:55:22 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.155 2019/11/25 15:49:05 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5915,3 +5915,8 @@ sys/modules/filemon/Makefile 1.4 (manu Do not install the filemon module. [maya, ticket #1710] +sys/kern/subr_cprng.c1.33 + + Use cprng_strong, not cprng_fast, for sysctl kern.arnd. + [riastradh, ticket #1714] +
CVS commit: [netbsd-7-0] src
Module Name:src Committed By: martin Date: Thu Oct 31 01:55:23 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-0]: md.amd64 md.evbppc.powerpc md.i386 src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Fix set lists for ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.41.2.3 -r1.41.2.3.2.1 \ src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.3.4.1 -r1.3.4.1.2.1 \ src/distrib/sets/lists/modules/md.evbppc.powerpc cvs rdiff -u -r1.46.2.2 -r1.46.2.2.2.1 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.1.2.153 -r1.1.2.154 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/modules/md.amd64 diff -u src/distrib/sets/lists/modules/md.amd64:1.41.2.3 src/distrib/sets/lists/modules/md.amd64:1.41.2.3.2.1 --- src/distrib/sets/lists/modules/md.amd64:1.41.2.3 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/md.amd64 Thu Oct 31 01:55:22 2019 @@ -1,4 +1,4 @@ -# $NetBSD: md.amd64,v 1.41.2.3 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: md.amd64,v 1.41.2.3.2.1 2019/10/31 01:55:22 martin Exp $ # # NOTE that there are two sets of files here: # @MODULEDIR@ and amd64-xen @@ -292,8 +292,8 @@ ./stand/amd64-xen/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/filecorebase-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/amd64-xen/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/amd64-xen/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/amd64-xen/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/amd64-xen/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/amd64-xen/@OSRELEASE@/modules/finsiobase-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/finsio/finsio.kmod base-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules Index: src/distrib/sets/lists/modules/md.evbppc.powerpc diff -u src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1 src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1.2.1 --- src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/md.evbppc.powerpc Thu Oct 31 01:55:22 2019 @@ -1,4 +1,4 @@ -# $NetBSD: md.evbppc.powerpc,v 1.3.4.1 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: md.evbppc.powerpc,v 1.3.4.1.2.1 2019/10/31 01:55:22 martin Exp $ ./stand/powerpc-4xx base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@ base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules base-kernel-modules kmod,compatmodules @@ -70,8 +70,8 @@ ./stand/powerpc-4xx/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/filecore base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/powerpc-4xx/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/powerpc-4xx/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/powerpc-4xx/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/powerpc-4xx/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/powerpc-4xx/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/flash/flash.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/fssbase-kernel-modules kmod,compatmodules @@ -307,8 +307,8 @@ ./stand/powerpc-booke/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/filecorebase-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/powerpc-booke/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/powerpc-booke/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/powerpc-booke/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/powerpc-booke/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/powerpc-booke/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/flash/flash.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/fssbase-kernel-modules kmod,compatmodules Index: src/distrib/sets/lists/modules/md.i386 diff -u src/distrib/sets/lists/modules/md.i386:1.46.2.2
CVS commit: [netbsd-7-0] src
Module Name:src Committed By: martin Date: Thu Oct 31 01:55:23 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-0]: md.amd64 md.evbppc.powerpc md.i386 src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Fix set lists for ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.41.2.3 -r1.41.2.3.2.1 \ src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.3.4.1 -r1.3.4.1.2.1 \ src/distrib/sets/lists/modules/md.evbppc.powerpc cvs rdiff -u -r1.46.2.2 -r1.46.2.2.2.1 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.1.2.153 -r1.1.2.154 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Mon Oct 28 18:06:42 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.1.2.152 -r1.1.2.153 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src
Module Name:src Committed By: martin Date: Mon Oct 28 18:06:13 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-0]: mi src/sys/modules/filemon [netbsd-7-0]: Makefile Log Message: Pull up following revision(s) (requested by maya in ticket #1710): distrib/sets/lists/modules/mi: revision 1.127 sys/modules/Makefile: revision 1.230 sys/modules/filemon/Makefile: revision 1.4 (manually adjusted) sys/modules/Makefile: revision 1.229 Disable filemon. It isn't suited for general use (that is, it poses security risks), but the existence of the module means it is auto-loaded when /dev/filemon is opened, which can be done by any user. Thanks Ilja van Sprundel for the heads up. - Continue to build the filemon module, but don't install it. Hopefully this will help us detect any additional bit-rot that might occur. XXX It might be a good idea to modify the file permissions on /dev/filemon XXX to prevent auto-loading of the driver module by non-privileged users. To generate a diff of this commit: cvs rdiff -u -r1.69.2.1 -r1.69.2.1.2.1 src/distrib/sets/lists/modules/mi cvs rdiff -u -r1.1 -r1.1.44.1 src/sys/modules/filemon/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/modules/mi diff -u src/distrib/sets/lists/modules/mi:1.69.2.1 src/distrib/sets/lists/modules/mi:1.69.2.1.2.1 --- src/distrib/sets/lists/modules/mi:1.69.2.1 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/mi Mon Oct 28 18:06:13 2019 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.69.2.1 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: mi,v 1.69.2.1.2.1 2019/10/28 18:06:13 martin Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -76,8 +76,8 @@ ./@MODULEDIR@/ffs/ffs.kmod base-kernel-modules kmod ./@MODULEDIR@/filecorebase-kernel-modules kmod ./@MODULEDIR@/filecore/filecore.kmod base-kernel-modules kmod -./@MODULEDIR@/filemonbase-kernel-modules kmod -./@MODULEDIR@/filemon/filemon.kmod base-kernel-modules kmod +./@MODULEDIR@/filemonbase-obsolete obsolete +./@MODULEDIR@/filemon/filemon.kmod base-obsolete obsolete ./@MODULEDIR@/flashbase-kernel-modules kmod ./@MODULEDIR@/flash/flash.kmod base-kernel-modules kmod ./@MODULEDIR@/fssbase-kernel-modules kmod Index: src/sys/modules/filemon/Makefile diff -u src/sys/modules/filemon/Makefile:1.1 src/sys/modules/filemon/Makefile:1.1.44.1 --- src/sys/modules/filemon/Makefile:1.1 Thu Sep 9 00:10:16 2010 +++ src/sys/modules/filemon/Makefile Mon Oct 28 18:06:13 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1 2010/09/09 00:10:16 sjg Exp $ +# $NetBSD: Makefile,v 1.1.44.1 2019/10/28 18:06:13 martin Exp $ .include "../Makefile.inc" @@ -8,4 +8,10 @@ KMOD = filemon SRCS = filemon.c filemon_wrapper.c NOMAN = no +# Due to security concerns, we don't install the filemon module. We +# do, however, want to keep building it to prevent bit-rot. Define +# an empty install target for this. + +kmodinstall: + .include
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Mon Oct 28 18:06:42 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.1.2.152 -r1.1.2.153 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.152 src/doc/CHANGES-7.0.3:1.1.2.153 --- src/doc/CHANGES-7.0.3:1.1.2.152 Sat Sep 28 07:52:18 2019 +++ src/doc/CHANGES-7.0.3 Mon Oct 28 18:06:42 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.152 2019/09/28 07:52:18 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.153 2019/10/28 18:06:42 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5905,3 +5905,10 @@ sys/netbt/hci_event.c1.26 CVE-2019-9506. [plunky, ticket #1709] +distrib/sets/lists/modules/mi 1.127 +sys/modules/Makefile1.229,1.230 +sys/modules/filemon/Makefile 1.4 (manually adjusted) + + Do not install the filemon module. + [maya, ticket #1710] +
CVS commit: [netbsd-7-0] src
Module Name:src Committed By: martin Date: Mon Oct 28 18:06:13 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-0]: mi src/sys/modules/filemon [netbsd-7-0]: Makefile Log Message: Pull up following revision(s) (requested by maya in ticket #1710): distrib/sets/lists/modules/mi: revision 1.127 sys/modules/Makefile: revision 1.230 sys/modules/filemon/Makefile: revision 1.4 (manually adjusted) sys/modules/Makefile: revision 1.229 Disable filemon. It isn't suited for general use (that is, it poses security risks), but the existence of the module means it is auto-loaded when /dev/filemon is opened, which can be done by any user. Thanks Ilja van Sprundel for the heads up. - Continue to build the filemon module, but don't install it. Hopefully this will help us detect any additional bit-rot that might occur. XXX It might be a good idea to modify the file permissions on /dev/filemon XXX to prevent auto-loading of the driver module by non-privileged users. To generate a diff of this commit: cvs rdiff -u -r1.69.2.1 -r1.69.2.1.2.1 src/distrib/sets/lists/modules/mi cvs rdiff -u -r1.1 -r1.1.44.1 src/sys/modules/filemon/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Sep 28 07:52:18 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1709 To generate a diff of this commit: cvs rdiff -u -r1.1.2.151 -r1.1.2.152 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.151 src/doc/CHANGES-7.0.3:1.1.2.152 --- src/doc/CHANGES-7.0.3:1.1.2.151 Tue Sep 17 18:10:00 2019 +++ src/doc/CHANGES-7.0.3 Sat Sep 28 07:52:18 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.151 2019/09/17 18:10:00 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.152 2019/09/28 07:52:18 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5896,3 +5896,12 @@ sys/netinet6/ip6_input.c 1.209 (patch) m_pullup() when needed. [bouyer, ticket #1708] +sys/netbt/hci.h 1.46 +sys/netbt/hci_event.c1.26 + + When encrypted connections are configured, verify that the encryption + key length has a minimum size when the adaptor supports that. + This addresses the 'Key Negotiation of Bluetooth' attack, + CVE-2019-9506. + [plunky, ticket #1709] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Sep 28 07:52:18 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1709 To generate a diff of this commit: cvs rdiff -u -r1.1.2.151 -r1.1.2.152 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/netbt
Module Name:src
Committed By: martin
Date: Sat Sep 28 07:51:58 UTC 2019
Modified Files:
src/sys/netbt [netbsd-7-0]: hci.h hci_event.c
Log Message:
Pull up following revision(s) (requested by plunky in ticket #1709):
sys/netbt/hci_event.c: revision 1.26
sys/netbt/hci.h: revision 1.46
When encrypted connections are configured, verify that the encryption
key length has a minimum size when the adaptor supports that.
This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
To generate a diff of this commit:
cvs rdiff -u -r1.39 -r1.39.6.1 src/sys/netbt/hci.h
cvs rdiff -u -r1.23 -r1.23.32.1 src/sys/netbt/hci_event.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netbt/hci.h
diff -u src/sys/netbt/hci.h:1.39 src/sys/netbt/hci.h:1.39.6.1
--- src/sys/netbt/hci.h:1.39 Tue Jul 1 05:49:18 2014
+++ src/sys/netbt/hci.h Sat Sep 28 07:51:57 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: hci.h,v 1.39 2014/07/01 05:49:18 rtr Exp $ */
+/* $NetBSD: hci.h,v 1.39.6.1 2019/09/28 07:51:57 martin Exp $ */
/*-
* Copyright (c) 2005 Iain Hibbert.
@@ -54,7 +54,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: hci.h,v 1.39 2014/07/01 05:49:18 rtr Exp $
+ * $Id: hci.h,v 1.39.6.1 2019/09/28 07:51:57 martin Exp $
* $FreeBSD: src/sys/netgraph/bluetooth/include/ng_hci.h,v 1.6 2005/01/07 01:45:43 imp Exp $
*/
@@ -1786,6 +1786,17 @@ typedef struct {
uint16_t accuracy; /* clock accuracy */
} __packed hci_read_clock_rp;
+#define HCI_OCF_READ_ENCRYPTION_KEY_SIZE 0x0008
+#define HCI_CMD_READ_ENCRYPTION_KEY_SIZE 0x1408
+typedef struct {
+ uint16_t con_handle; /* connection handle */
+} __packed hci_read_encryption_key_size_cp;
+
+typedef struct {
+ uint8_t status; /* 0x00 - success */
+ uint16_t con_handle; /* connection handle */
+ uint8_t size; /* key size */
+} __packed hci_read_encryption_key_size_rp;
/**
**
Index: src/sys/netbt/hci_event.c
diff -u src/sys/netbt/hci_event.c:1.23 src/sys/netbt/hci_event.c:1.23.32.1
--- src/sys/netbt/hci_event.c:1.23 Wed Jul 27 10:25:09 2011
+++ src/sys/netbt/hci_event.c Sat Sep 28 07:51:57 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: hci_event.c,v 1.23 2011/07/27 10:25:09 plunky Exp $ */
+/* $NetBSD: hci_event.c,v 1.23.32.1 2019/09/28 07:51:57 martin Exp $ */
/*-
* Copyright (c) 2005 Iain Hibbert.
@@ -31,7 +31,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.23 2011/07/27 10:25:09 plunky Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.23.32.1 2019/09/28 07:51:57 martin Exp $");
#include
#include
@@ -63,6 +63,7 @@ static void hci_cmd_read_local_features(
static void hci_cmd_read_local_extended_features(struct hci_unit *, struct mbuf *);
static void hci_cmd_read_local_ver(struct hci_unit *, struct mbuf *);
static void hci_cmd_read_local_commands(struct hci_unit *, struct mbuf *);
+static void hci_cmd_read_encryption_key_size(struct hci_unit *, struct mbuf *);
static void hci_cmd_reset(struct hci_unit *, struct mbuf *);
static void hci_cmd_create_con(struct hci_unit *unit, uint8_t status);
@@ -351,6 +352,10 @@ hci_event_command_compl(struct hci_unit
hci_cmd_read_local_commands(unit, m);
break;
+ case HCI_CMD_READ_ENCRYPTION_KEY_SIZE:
+ hci_cmd_read_encryption_key_size(unit, m);
+ break;
+
case HCI_CMD_RESET:
hci_cmd_reset(unit, m);
break;
@@ -618,10 +623,11 @@ hci_event_con_compl(struct hci_unit *uni
return;
}
- /* XXX could check auth_enable here */
-
- if (ep.encryption_mode)
- link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_ENCRYPT);
+ /*
+ * We purposefully ignore ep.encryption_mode here - if that is set then
+ * the link will be authenticated and encrypted, but we still want to
+ * verify the key size and setmode sets the right flags
+ */
link->hl_state = HCI_LINK_OPEN;
link->hl_handle = HCI_CON_HANDLE(le16toh(ep.con_handle));
@@ -772,17 +778,16 @@ hci_event_auth_compl(struct hci_unit *un
/*
* Encryption Change
*
- * The encryption status has changed. Basically, we note the change
- * then notify the upper layer protocol unless further mode changes
- * are pending.
- * Note that if encryption gets disabled when it has been requested,
- * we will attempt to enable it again.. (its a feature not a bug :)
+ * The encryption status has changed. Make a note if disabled, or
+ * check the key size if possible before allowing it is enabled.
+ * (checking of key size was enabled in 3.0 spec)
*/
static void
hci_event_encryption_change(struct hci_unit *unit, struct mbuf *m)
{
hci_encryption_change_ep ep;
struct hci_link *link;
+ uint16_t con_handle;
int err;
if (m->m_pkthdr.len < sizeof(ep))
CVS commit: [netbsd-7-0] src/sys/netbt
Module Name:src Committed By: martin Date: Sat Sep 28 07:51:58 UTC 2019 Modified Files: src/sys/netbt [netbsd-7-0]: hci.h hci_event.c Log Message: Pull up following revision(s) (requested by plunky in ticket #1709): sys/netbt/hci_event.c: revision 1.26 sys/netbt/hci.h: revision 1.46 When encrypted connections are configured, verify that the encryption key length has a minimum size when the adaptor supports that. This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506 https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/ To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.39.6.1 src/sys/netbt/hci.h cvs rdiff -u -r1.23 -r1.23.32.1 src/sys/netbt/hci_event.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys
Module Name:src
Committed By: martin
Date: Tue Sep 17 18:09:37 UTC 2019
Modified Files:
src/sys/netinet [netbsd-7-0]: ip_input.c
src/sys/netinet6 [netbsd-7-0]: ip6_input.c
Log Message:
Pull up following revision(s) (requested by bouyer in ticket #1708):
sys/netinet6/ip6_input.c: revision 1.209 via patch
sys/netinet/ip_input.c: revision 1.390 via patch
Packet filters can return an mbuf chain with fragmented headers, so
m_pullup() it if needed and remove the KASSERT()s.
To generate a diff of this commit:
cvs rdiff -u -r1.319.6.1 -r1.319.6.2 src/sys/netinet/ip_input.c
cvs rdiff -u -r1.149.2.1.2.2 -r1.149.2.1.2.3 src/sys/netinet6/ip6_input.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/ip_input.c
diff -u src/sys/netinet/ip_input.c:1.319.6.1 src/sys/netinet/ip_input.c:1.319.6.2
--- src/sys/netinet/ip_input.c:1.319.6.1 Fri Feb 9 14:06:25 2018
+++ src/sys/netinet/ip_input.c Tue Sep 17 18:09:37 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_input.c,v 1.319.6.1 2018/02/09 14:06:25 martin Exp $ */
+/* $NetBSD: ip_input.c,v 1.319.6.2 2019/09/17 18:09:37 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.319.6.1 2018/02/09 14:06:25 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.319.6.2 2019/09/17 18:09:37 martin Exp $");
#include "opt_inet.h"
#include "opt_compat_netbsd.h"
@@ -526,8 +526,25 @@ ip_input(struct mbuf *m)
if (freed || m == NULL) {
return;
}
+ if (__predict_false(m->m_len < sizeof (struct ip))) {
+ if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {
+IP_STATINC(IP_STAT_TOOSMALL);
+return;
+ }
+ }
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
+ if (hlen < sizeof(struct ip)) { /* minimum header length */
+ IP_STATINC(IP_STAT_BADHLEN);
+ goto bad;
+ }
+ if (hlen > m->m_len) {
+ if ((m = m_pullup(m, hlen)) == NULL) {
+IP_STATINC(IP_STAT_BADHLEN);
+return;
+ }
+ ip = mtod(m, struct ip *);
+ }
/*
* XXX The setting of "srcrt" here is to prevent ip_forward()
Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.149.2.1.2.2 src/sys/netinet6/ip6_input.c:1.149.2.1.2.3
--- src/sys/netinet6/ip6_input.c:1.149.2.1.2.2 Sun Feb 25 23:17:22 2018
+++ src/sys/netinet6/ip6_input.c Tue Sep 17 18:09:37 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_input.c,v 1.149.2.1.2.2 2018/02/25 23:17:22 snj Exp $ */
+/* $NetBSD: ip6_input.c,v 1.149.2.1.2.3 2019/09/17 18:09:37 martin Exp $ */
/* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.149.2.1.2.2 2018/02/25 23:17:22 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.149.2.1.2.3 2019/09/17 18:09:37 martin Exp $");
#include "opt_gateway.h"
#include "opt_inet.h"
@@ -352,6 +352,14 @@ ip6_input(struct mbuf *m)
return;
if (m == NULL)
return;
+ if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) {
+ struct ifnet *inifp = m->m_pkthdr.rcvif;
+ if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
+IP6_STATINC(IP6_STAT_TOOSMALL);
+in6_ifstat_inc(inifp, ifs6_in_hdrerr);
+return;
+ }
+ }
ip6 = mtod(m, struct ip6_hdr *);
srcrt = !IN6_ARE_ADDR_EQUAL(, >ip6_dst);
}
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Sep 17 18:10:00 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1708 To generate a diff of this commit: cvs rdiff -u -r1.1.2.150 -r1.1.2.151 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.150 src/doc/CHANGES-7.0.3:1.1.2.151 --- src/doc/CHANGES-7.0.3:1.1.2.150 Tue Sep 17 17:36:58 2019 +++ src/doc/CHANGES-7.0.3 Tue Sep 17 18:10:00 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.150 2019/09/17 17:36:58 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.151 2019/09/17 18:10:00 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5889,3 +5889,10 @@ lib/libc/nameser/ns_name.c 1.12 Fix buffer overrun. [maya, ticket #1706] +sys/netinet/ip_input.c1.390 (patch) +sys/netinet6/ip6_input.c 1.209 (patch) + + Packet filters can return an mbuf chain with fragmented headers, so + m_pullup() when needed. + [bouyer, ticket #1708] +
CVS commit: [netbsd-7-0] src/sys
Module Name:src Committed By: martin Date: Tue Sep 17 18:09:37 UTC 2019 Modified Files: src/sys/netinet [netbsd-7-0]: ip_input.c src/sys/netinet6 [netbsd-7-0]: ip6_input.c Log Message: Pull up following revision(s) (requested by bouyer in ticket #1708): sys/netinet6/ip6_input.c: revision 1.209 via patch sys/netinet/ip_input.c: revision 1.390 via patch Packet filters can return an mbuf chain with fragmented headers, so m_pullup() it if needed and remove the KASSERT()s. To generate a diff of this commit: cvs rdiff -u -r1.319.6.1 -r1.319.6.2 src/sys/netinet/ip_input.c cvs rdiff -u -r1.149.2.1.2.2 -r1.149.2.1.2.3 src/sys/netinet6/ip6_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Sep 17 18:10:00 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1708 To generate a diff of this commit: cvs rdiff -u -r1.1.2.150 -r1.1.2.151 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Sep 17 17:36:59 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1706 To generate a diff of this commit: cvs rdiff -u -r1.1.2.149 -r1.1.2.150 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.149 src/doc/CHANGES-7.0.3:1.1.2.150 --- src/doc/CHANGES-7.0.3:1.1.2.149 Tue Sep 3 12:31:11 2019 +++ src/doc/CHANGES-7.0.3 Tue Sep 17 17:36:58 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.149 2019/09/03 12:31:11 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.150 2019/09/17 17:36:58 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5884,3 +5884,8 @@ sys/sys/cprng.h 1.13-1.15 Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. [riastradh, ticket #1705] +lib/libc/nameser/ns_name.c 1.12 + + Fix buffer overrun. + [maya, ticket #1706] +
CVS commit: [netbsd-7-0] src/lib/libc/nameser
Module Name:src
Committed By: martin
Date: Fri Sep 6 13:53:31 UTC 2019
Modified Files:
src/lib/libc/nameser [netbsd-7-0]: ns_name.c
Log Message:
Pull up following revision(s) (requested by maya in ticket #1706):
lib/libc/nameser/ns_name.c: revision 1.12
Since we advance cp after the bounds check, we need to test for bounds
again before using it. Discovered via fuzzing, reported by enh at google, via:
https://android-review.googlesource.com/c/platform/bionic/+/1093130
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.11.6.1 src/lib/libc/nameser/ns_name.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libc/nameser/ns_name.c
diff -u src/lib/libc/nameser/ns_name.c:1.11 src/lib/libc/nameser/ns_name.c:1.11.6.1
--- src/lib/libc/nameser/ns_name.c:1.11 Fri Mar 7 01:07:01 2014
+++ src/lib/libc/nameser/ns_name.c Fri Sep 6 13:53:31 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ns_name.c,v 1.11 2014/03/07 01:07:01 christos Exp $ */
+/* $NetBSD: ns_name.c,v 1.11.6.1 2019/09/06 13:53:31 martin Exp $ */
/*
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
@@ -22,7 +22,7 @@
#ifdef notdef
static const char rcsid[] = "Id: ns_name.c,v 1.11 2009/01/23 19:59:16 each Exp";
#else
-__RCSID("$NetBSD: ns_name.c,v 1.11 2014/03/07 01:07:01 christos Exp $");
+__RCSID("$NetBSD: ns_name.c,v 1.11.6.1 2019/09/06 13:53:31 martin Exp $");
#endif
#endif
@@ -696,7 +696,7 @@ ns_name_skip(const u_char **ptrptr, cons
{
const u_char *cp;
u_int n;
- int l;
+ int l = 0;
cp = *ptrptr;
while (cp < eom && (n = *cp++) != 0) {
@@ -706,7 +706,7 @@ ns_name_skip(const u_char **ptrptr, cons
cp += n;
continue;
case NS_TYPE_ELT: /*%< EDNS0 extended label */
- if ((l = labellen(cp - 1)) < 0) {
+ if (cp < eom && (l = labellen(cp - 1)) < 0) {
errno = EMSGSIZE; /*%< XXX */
return (-1);
}
CVS commit: [netbsd-7-0] src/lib/libc/nameser
Module Name:src Committed By: martin Date: Fri Sep 6 13:53:31 UTC 2019 Modified Files: src/lib/libc/nameser [netbsd-7-0]: ns_name.c Log Message: Pull up following revision(s) (requested by maya in ticket #1706): lib/libc/nameser/ns_name.c: revision 1.12 Since we advance cp after the bounds check, we need to test for bounds again before using it. Discovered via fuzzing, reported by enh at google, via: https://android-review.googlesource.com/c/platform/bionic/+/1093130 To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.11.6.1 src/lib/libc/nameser/ns_name.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Sep 3 12:31:11 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1705 To generate a diff of this commit: cvs rdiff -u -r1.1.2.148 -r1.1.2.149 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.148 src/doc/CHANGES-7.0.3:1.1.2.149 --- src/doc/CHANGES-7.0.3:1.1.2.148 Thu Aug 29 16:17:08 2019 +++ src/doc/CHANGES-7.0.3 Tue Sep 3 12:31:11 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.148 2019/08/29 16:17:08 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.149 2019/09/03 12:31:11 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5861,3 +5861,26 @@ sys/miscfs/procfs/procfs_vnops.c 1.207 Add missing operation VOP_GETPAGES() returning EFAULT. [hannken, ticket #1703] +sys/conf/files 1.1238 +sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg delete +sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h delete +sys/crypto/nist_hash_drbg/files.nist_hash_drbg 1.1 +sys/crypto/nist_hash_drbg/nist_hash_drbg.c 1.1 +sys/crypto/nist_hash_drbg/nist_hash_drbg.h 1.1 +sys/dev/rndpseudo.c1.38 +sys/kern/subr_cprng.c1.31 +sys/rump/kern/lib/libcrypto/Makefile 1.5 +sys/rump/librump/rumpkern/Makefile.rumpkern 1.176 +sys/sys/cprng.h 1.13-1.15 + + cprng.h: use static __inline for consistency with other include + headers and remove an unused function. + + Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. + [riastradh, ticket #1705] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue Sep 3 12:31:11 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1705 To generate a diff of this commit: cvs rdiff -u -r1.1.2.148 -r1.1.2.149 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys
Module Name:src Committed By: martin Date: Tue Sep 3 12:30:46 UTC 2019 Modified Files: src/sys/conf [netbsd-7-0]: files src/sys/dev [netbsd-7-0]: rndpseudo.c src/sys/kern [netbsd-7-0]: subr_cprng.c src/sys/rump/kern/lib/libcrypto [netbsd-7-0]: Makefile src/sys/rump/librump/rumpkern [netbsd-7-0]: Makefile.rumpkern src/sys/sys [netbsd-7-0]: cprng.h Added Files: src/sys/crypto/nist_hash_drbg [netbsd-7-0]: files.nist_hash_drbg nist_hash_drbg.c nist_hash_drbg.h Removed Files: src/sys/crypto/nist_ctr_drbg [netbsd-7-0]: files.nist_ctr_drbg nist_ctr_aes_rijndael.h nist_ctr_drbg.c nist_ctr_drbg.h nist_ctr_drbg_aes128.h nist_ctr_drbg_aes256.h nist_ctr_drbg_config.h Log Message: Pull up following revision(s) (requested by riastradh in ticket #1705): sys/crypto/nist_hash_drbg/nist_hash_drbg.c: revision 1.1 sys/crypto/nist_hash_drbg/nist_hash_drbg.h: revision 1.1 sys/rump/kern/lib/libcrypto/Makefile: revision 1.5 sys/crypto/nist_hash_drbg/files.nist_hash_drbg: revision 1.1 sys/rump/librump/rumpkern/Makefile.rumpkern: revision 1.176 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h: file removal sys/conf/files: revision 1.1238 sys/dev/rndpseudo.c: revision 1.38 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c: file removal sys/sys/cprng.h: revision 1.13 - 1.15 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h: file removal sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg: file removal sys/kern/subr_cprng.c: revision 1.31 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h: file removal cprng.h: use static __inline for consistency with other include headers and remove an unused function. - Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. Benefits: - larger seeds -- a 128-bit key alone is not enough for `128-bit security' - better resistance to timing side channels than AES - a better-understood security story (https://eprint.iacr.org/2018/349;>https://eprint.iacr.org/2018/349) - no loss in compliance with US government standards that nobody ever got fired for choosing, at least in the US-dominated western world - no dirty endianness tricks - self-tests Drawbacks: - performance hit: throughput is reduced to about 1/3 in naive measurements => possible to mitigate by using hardware SHA-256 instructions => all you really need is 32 bytes to seed a userland PRNG anyway => if we just used ChaCha this would go away... To generate a diff of this commit: cvs rdiff -u -r1.1096.2.6 -r1.1096.2.6.2.1 src/sys/conf/files cvs rdiff -u -r1.1 -r0 src/sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg \ src/sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h cvs rdiff -u -r1.2 -r0 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h cvs rdiff -u -r0 -r1.1.10.2 \ src/sys/crypto/nist_hash_drbg/files.nist_hash_drbg \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.c \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.h cvs rdiff -u -r1.21.2.1 -r1.21.2.1.2.1 src/sys/dev/rndpseudo.c cvs rdiff -u -r1.24.2.1 -r1.24.2.1.2.1 src/sys/kern/subr_cprng.c cvs rdiff -u -r1.3 -r1.3.8.1 src/sys/rump/kern/lib/libcrypto/Makefile cvs rdiff -u -r1.148 -r1.148.4.1 \ src/sys/rump/librump/rumpkern/Makefile.rumpkern cvs rdiff -u -r1.10 -r1.10.6.1 src/sys/sys/cprng.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/files diff -u src/sys/conf/files:1.1096.2.6 src/sys/conf/files:1.1096.2.6.2.1 --- src/sys/conf/files:1.1096.2.6 Tue May 19 04:42:31 2015 +++ src/sys/conf/files Tue Sep 3 12:30:46 2019 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1096.2.6 2015/05/19 04:42:31 snj Exp $ +# $NetBSD: files,v 1.1096.2.6.2.1 2019/09/03 12:30:46 martin Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20100430 @@ -167,8 +167,8 @@ include "crypto/camellia/files.camellia" # General-purpose crypto processing framework. include "opencrypto/files.opencrypto" -# NIST SP800.90 CTR DRBG -include "crypto/nist_ctr_drbg/files.nist_ctr_drbg" +# NIST SP800-90A Hash_DRBG +include "crypto/nist_hash_drbg/files.nist_hash_drbg" # ChaCha-based fast PRNG include "crypto/cprng_fast/files.cprng_fast" Index: src/sys/dev/rndpseudo.c diff -u src/sys/dev/rndpseudo.c:1.21.2.1 src/sys/dev/rndpseudo.c:1.21.2.1.2.1 --- src/sys/dev/rndpseudo.c:1.21.2.1 Sun Nov 2 09:47:04 2014 +++ src/sys/dev/rndpseudo.c Tue Sep 3 12:30:46 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rndpseudo.c,v 1.21.2.1 2014/11/02
CVS commit: [netbsd-7-0] src/sys
Module Name:src Committed By: martin Date: Tue Sep 3 12:30:46 UTC 2019 Modified Files: src/sys/conf [netbsd-7-0]: files src/sys/dev [netbsd-7-0]: rndpseudo.c src/sys/kern [netbsd-7-0]: subr_cprng.c src/sys/rump/kern/lib/libcrypto [netbsd-7-0]: Makefile src/sys/rump/librump/rumpkern [netbsd-7-0]: Makefile.rumpkern src/sys/sys [netbsd-7-0]: cprng.h Added Files: src/sys/crypto/nist_hash_drbg [netbsd-7-0]: files.nist_hash_drbg nist_hash_drbg.c nist_hash_drbg.h Removed Files: src/sys/crypto/nist_ctr_drbg [netbsd-7-0]: files.nist_ctr_drbg nist_ctr_aes_rijndael.h nist_ctr_drbg.c nist_ctr_drbg.h nist_ctr_drbg_aes128.h nist_ctr_drbg_aes256.h nist_ctr_drbg_config.h Log Message: Pull up following revision(s) (requested by riastradh in ticket #1705): sys/crypto/nist_hash_drbg/nist_hash_drbg.c: revision 1.1 sys/crypto/nist_hash_drbg/nist_hash_drbg.h: revision 1.1 sys/rump/kern/lib/libcrypto/Makefile: revision 1.5 sys/crypto/nist_hash_drbg/files.nist_hash_drbg: revision 1.1 sys/rump/librump/rumpkern/Makefile.rumpkern: revision 1.176 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h: file removal sys/conf/files: revision 1.1238 sys/dev/rndpseudo.c: revision 1.38 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c: file removal sys/sys/cprng.h: revision 1.13 - 1.15 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h: file removal sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg: file removal sys/kern/subr_cprng.c: revision 1.31 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h: file removal cprng.h: use static __inline for consistency with other include headers and remove an unused function. - Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. Benefits: - larger seeds -- a 128-bit key alone is not enough for `128-bit security' - better resistance to timing side channels than AES - a better-understood security story (https://eprint.iacr.org/2018/349;>https://eprint.iacr.org/2018/349) - no loss in compliance with US government standards that nobody ever got fired for choosing, at least in the US-dominated western world - no dirty endianness tricks - self-tests Drawbacks: - performance hit: throughput is reduced to about 1/3 in naive measurements => possible to mitigate by using hardware SHA-256 instructions => all you really need is 32 bytes to seed a userland PRNG anyway => if we just used ChaCha this would go away... To generate a diff of this commit: cvs rdiff -u -r1.1096.2.6 -r1.1096.2.6.2.1 src/sys/conf/files cvs rdiff -u -r1.1 -r0 src/sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg \ src/sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h cvs rdiff -u -r1.2 -r0 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h cvs rdiff -u -r0 -r1.1.10.2 \ src/sys/crypto/nist_hash_drbg/files.nist_hash_drbg \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.c \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.h cvs rdiff -u -r1.21.2.1 -r1.21.2.1.2.1 src/sys/dev/rndpseudo.c cvs rdiff -u -r1.24.2.1 -r1.24.2.1.2.1 src/sys/kern/subr_cprng.c cvs rdiff -u -r1.3 -r1.3.8.1 src/sys/rump/kern/lib/libcrypto/Makefile cvs rdiff -u -r1.148 -r1.148.4.1 \ src/sys/rump/librump/rumpkern/Makefile.rumpkern cvs rdiff -u -r1.10 -r1.10.6.1 src/sys/sys/cprng.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Aug 29 16:17:08 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1703 To generate a diff of this commit: cvs rdiff -u -r1.1.2.147 -r1.1.2.148 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.147 src/doc/CHANGES-7.0.3:1.1.2.148 --- src/doc/CHANGES-7.0.3:1.1.2.147 Sat Jun 15 15:59:33 2019 +++ src/doc/CHANGES-7.0.3 Thu Aug 29 16:17:08 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.147 2019/06/15 15:59:33 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.148 2019/08/29 16:17:08 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5855,3 +5855,9 @@ libexec/httpd/testsuite/test-simple 1.6 Avoid an assertion failure when using cgihandler (-C option). [mrg, ticket #1699] +sys/miscfs/kernfs/kernfs_vnops.c 1.161 +sys/miscfs/procfs/procfs_vnops.c 1.207 + + Add missing operation VOP_GETPAGES() returning EFAULT. + [hannken, ticket #1703] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Thu Aug 29 16:17:08 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1703 To generate a diff of this commit: cvs rdiff -u -r1.1.2.147 -r1.1.2.148 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/miscfs
Module Name:src Committed By: martin Date: Thu Aug 29 16:15:36 UTC 2019 Modified Files: src/sys/miscfs/kernfs [netbsd-7-0]: kernfs_vnops.c src/sys/miscfs/procfs [netbsd-7-0]: procfs_vnops.c Log Message: Pull up following revision(s) (requested by hannken in ticket #1703): sys/miscfs/kernfs/kernfs_vnops.c: revision 1.161 sys/miscfs/procfs/procfs_vnops.c: revision 1.207 Add missing operation VOP_GETPAGES() returning EFAULT. Without this operation posix_fadvise(..., POSIX_FADV_WILLNEED) would leave the v_interlock held. Observed by maxv@ To generate a diff of this commit: cvs rdiff -u -r1.154 -r1.154.6.1 src/sys/miscfs/kernfs/kernfs_vnops.c cvs rdiff -u -r1.191 -r1.191.4.1 src/sys/miscfs/procfs/procfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/miscfs
Module Name:src
Committed By: martin
Date: Thu Aug 29 16:15:36 UTC 2019
Modified Files:
src/sys/miscfs/kernfs [netbsd-7-0]: kernfs_vnops.c
src/sys/miscfs/procfs [netbsd-7-0]: procfs_vnops.c
Log Message:
Pull up following revision(s) (requested by hannken in ticket #1703):
sys/miscfs/kernfs/kernfs_vnops.c: revision 1.161
sys/miscfs/procfs/procfs_vnops.c: revision 1.207
Add missing operation VOP_GETPAGES() returning EFAULT.
Without this operation posix_fadvise(..., POSIX_FADV_WILLNEED)
would leave the v_interlock held.
Observed by maxv@
To generate a diff of this commit:
cvs rdiff -u -r1.154 -r1.154.6.1 src/sys/miscfs/kernfs/kernfs_vnops.c
cvs rdiff -u -r1.191 -r1.191.4.1 src/sys/miscfs/procfs/procfs_vnops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/miscfs/kernfs/kernfs_vnops.c
diff -u src/sys/miscfs/kernfs/kernfs_vnops.c:1.154 src/sys/miscfs/kernfs/kernfs_vnops.c:1.154.6.1
--- src/sys/miscfs/kernfs/kernfs_vnops.c:1.154 Fri Jul 25 08:20:52 2014
+++ src/sys/miscfs/kernfs/kernfs_vnops.c Thu Aug 29 16:15:35 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: kernfs_vnops.c,v 1.154 2014/07/25 08:20:52 dholland Exp $ */
+/* $NetBSD: kernfs_vnops.c,v 1.154.6.1 2019/08/29 16:15:35 martin Exp $ */
/*
* Copyright (c) 1992, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.154 2014/07/25 08:20:52 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.154.6.1 2019/08/29 16:15:35 martin Exp $");
#include
#include
@@ -172,6 +172,7 @@ int kernfs_print(void *);
int kernfs_pathconf(void *);
#define kernfs_advlock genfs_einval
#define kernfs_bwrite genfs_eopnotsupp
+int kernfs_getpages(void *);
#define kernfs_putpages genfs_putpages
static int kernfs_xread(struct kernfs_node *, int, char **,
@@ -219,6 +220,7 @@ const struct vnodeopv_entry_desc kernfs_
{ _pathconf_desc, kernfs_pathconf }, /* pathconf */
{ _advlock_desc, kernfs_advlock }, /* advlock */
{ _bwrite_desc, kernfs_bwrite }, /* bwrite */
+ { _getpages_desc, kernfs_getpages }, /* getpages */
{ _putpages_desc, kernfs_putpages }, /* putpages */
{ NULL, NULL }
};
@@ -1171,3 +1173,23 @@ kernfs_symlink(void *v)
VOP_ABORTOP(ap->a_dvp, ap->a_cnp);
return (EROFS);
}
+
+int
+kernfs_getpages(void *v)
+{
+ struct vop_getpages_args /* {
+ struct vnode *a_vp;
+ voff_t a_offset;
+ struct vm_page **a_m;
+ int *a_count;
+ int a_centeridx;
+ vm_prot_t a_access_type;
+ int a_advice;
+ int a_flags;
+ } */ *ap = v;
+
+ if ((ap->a_flags & PGO_LOCKED) == 0)
+ mutex_exit(ap->a_vp->v_interlock);
+
+ return (EFAULT);
+}
Index: src/sys/miscfs/procfs/procfs_vnops.c
diff -u src/sys/miscfs/procfs/procfs_vnops.c:1.191 src/sys/miscfs/procfs/procfs_vnops.c:1.191.4.1
--- src/sys/miscfs/procfs/procfs_vnops.c:1.191 Sun Jul 27 16:47:26 2014
+++ src/sys/miscfs/procfs/procfs_vnops.c Thu Aug 29 16:15:35 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: procfs_vnops.c,v 1.191 2014/07/27 16:47:26 hannken Exp $ */
+/* $NetBSD: procfs_vnops.c,v 1.191.4.1 2019/08/29 16:15:35 martin Exp $ */
/*-
* Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -105,7 +105,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.191 2014/07/27 16:47:26 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.191.4.1 2019/08/29 16:15:35 martin Exp $");
#include
#include
@@ -239,6 +239,7 @@ int procfs_pathconf(void *);
#define procfs_islocked genfs_islocked
#define procfs_advlock genfs_einval
#define procfs_bwrite genfs_eopnotsupp
+int procfs_getpages(void *);
#define procfs_putpages genfs_null_putpages
static int atoi(const char *, size_t);
@@ -286,6 +287,7 @@ const struct vnodeopv_entry_desc procfs_
{ _islocked_desc, procfs_islocked }, /* islocked */
{ _pathconf_desc, procfs_pathconf }, /* pathconf */
{ _advlock_desc, procfs_advlock }, /* advlock */
+ { _getpages_desc, procfs_getpages }, /* getpages */
{ _putpages_desc, procfs_putpages }, /* putpages */
{ NULL, NULL }
};
@@ -1709,6 +1711,26 @@ procfs_readlink(void *v)
return error;
}
+int
+procfs_getpages(void *v)
+{
+ struct vop_getpages_args /* {
+ struct vnode *a_vp;
+ voff_t a_offset;
+ struct vm_page **a_m;
+ int *a_count;
+ int a_centeridx;
+ vm_prot_t a_access_type;
+ int a_advice;
+ int a_flags;
+ } */ *ap = v;
+
+ if ((ap->a_flags & PGO_LOCKED) == 0)
+ mutex_exit(ap->a_vp->v_interlock);
+
+ return (EFAULT);
+}
+
/*
* convert decimal ascii to int
*/
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:59:33 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Fix typo in last entry To generate a diff of this commit: cvs rdiff -u -r1.1.2.146 -r1.1.2.147 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:59:33 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Fix typo in last entry To generate a diff of this commit: cvs rdiff -u -r1.1.2.146 -r1.1.2.147 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.146 src/doc/CHANGES-7.0.3:1.1.2.147 --- src/doc/CHANGES-7.0.3:1.1.2.146 Sat Jun 15 15:58:02 2019 +++ src/doc/CHANGES-7.0.3 Sat Jun 15 15:59:33 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.146 2019/06/15 15:58:02 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.147 2019/06/15 15:59:33 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5853,5 +5853,5 @@ libexec/httpd/testsuite/test-simple 1.6 in the slashdir too. Avoid possible NULL dereference when sending a big request that timeout. Avoid an assertion failure when using cgihandler (-C option). - [mrg, ticket #1699} + [mrg, ticket #1699]
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:58:02 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1699 To generate a diff of this commit: cvs rdiff -u -r1.1.2.145 -r1.1.2.146 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.145 src/doc/CHANGES-7.0.3:1.1.2.146 --- src/doc/CHANGES-7.0.3:1.1.2.145 Fri May 31 08:15:50 2019 +++ src/doc/CHANGES-7.0.3 Sat Jun 15 15:58:02 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.145 2019/05/31 08:15:50 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.146 2019/06/15 15:58:02 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5825,3 +5825,33 @@ sys/dev/scsipi/scsipi_ioctl.c 1.72 (pa Use correct size when copying outgoing sense data. [mlelstv, ticket #1698] +libexec/httpd/CHANGES1.31-1.40 +libexec/httpd/Makefile1.28 +libexec/httpd/auth-bozo.c 1.23-1.24 +libexec/httpd/bozohttpd.8 1.75-1.79 +libexec/httpd/bozohttpd.c 1.100-1.113 +libexec/httpd/bozohttpd.h 1.58-1.60 +libexec/httpd/cgi-bozo.c 1.46-1.48 +libexec/httpd/daemon-bozo.c 1.20-1.21 +libexec/httpd/dir-index-bozo.c 1.29-1.32 +libexec/httpd/ssl-bozo.c 1.26 +libexec/httpd/testsuite/Makefile 1.12-1.13 +libexec/httpd/testsuite/t11.out 1.2 +libexec/httpd/testsuite/test-bigfile 1.6 +libexec/httpd/testsuite/test-simple 1.6 + + Don't display special files in the directory index. + Use html tables for directory index. + Don't include "index.html" in html headers. + Fix CGI '+' param and error handling. + Remove unused parameter to daemon_poll_err(). + Avoid sign extension in % handling + Fix a few problems pointed out by clang static analyzer. + Add ssl specific timeout value (30s).--- + Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing). + Avoid .htpasswd exposure to authenticated users when .htpasswd is + in the slashdir too. + Avoid possible NULL dereference when sending a big request that timeout. + Avoid an assertion failure when using cgihandler (-C option). + [mrg, ticket #1699} +
CVS commit: [netbsd-7-0] src/libexec/httpd
Module Name:src Committed By: martin Date: Sat Jun 15 15:57:32 UTC 2019 Modified Files: src/libexec/httpd [netbsd-7-0]: CHANGES Makefile auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c daemon-bozo.c dir-index-bozo.c ssl-bozo.c src/libexec/httpd/testsuite [netbsd-7-0]: Makefile t11.out test-bigfile test-simple Log Message: Pull up the following revisions (via patch) requested by mrg in ticket #1699: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c1.26 libexec/httpd/testsuite/Makefile1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" : - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later. To generate a diff of this commit: cvs rdiff -u -r1.19.2.1.2.5 -r1.19.2.1.2.6 src/libexec/httpd/CHANGES cvs rdiff -u -r1.22.2.1.2.2 -r1.22.2.1.2.3 src/libexec/httpd/Makefile cvs rdiff -u -r1.13.2.1.2.2 -r1.13.2.1.2.3 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.46.4.4.2.4 -r1.46.4.4.2.5 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.56.2.4.2.5 -r1.56.2.4.2.6 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.33.2.2.2.5 -r1.33.2.2.2.6 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.25.2.2.2.7 -r1.25.2.2.2.8 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.16.6.2 -r1.16.6.3 src/libexec/httpd/daemon-bozo.c cvs rdiff -u -r1.19.4.1.2.2 -r1.19.4.1.2.3 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.18.4.2 -r1.18.4.3 src/libexec/httpd/ssl-bozo.c cvs rdiff -u -r1.4.26.4 -r1.4.26.5 src/libexec/httpd/testsuite/Makefile cvs rdiff -u -r1.1.2.2 -r1.1.2.3 src/libexec/httpd/testsuite/t11.out cvs rdiff -u -r1.1.1.1.32.4 -r1.1.1.1.32.5 \ src/libexec/httpd/testsuite/test-bigfile cvs rdiff -u -r1.2.6.4 -r1.2.6.5 src/libexec/httpd/testsuite/test-simple Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:58:02 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1699 To generate a diff of this commit: cvs rdiff -u -r1.1.2.145 -r1.1.2.146 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/libexec/httpd
Module Name:src Committed By: martin Date: Sat Jun 15 15:57:32 UTC 2019 Modified Files: src/libexec/httpd [netbsd-7-0]: CHANGES Makefile auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c daemon-bozo.c dir-index-bozo.c ssl-bozo.c src/libexec/httpd/testsuite [netbsd-7-0]: Makefile t11.out test-bigfile test-simple Log Message: Pull up the following revisions (via patch) requested by mrg in ticket #1699: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c1.26 libexec/httpd/testsuite/Makefile1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" : - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later. To generate a diff of this commit: cvs rdiff -u -r1.19.2.1.2.5 -r1.19.2.1.2.6 src/libexec/httpd/CHANGES cvs rdiff -u -r1.22.2.1.2.2 -r1.22.2.1.2.3 src/libexec/httpd/Makefile cvs rdiff -u -r1.13.2.1.2.2 -r1.13.2.1.2.3 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.46.4.4.2.4 -r1.46.4.4.2.5 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.56.2.4.2.5 -r1.56.2.4.2.6 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.33.2.2.2.5 -r1.33.2.2.2.6 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.25.2.2.2.7 -r1.25.2.2.2.8 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.16.6.2 -r1.16.6.3 src/libexec/httpd/daemon-bozo.c cvs rdiff -u -r1.19.4.1.2.2 -r1.19.4.1.2.3 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.18.4.2 -r1.18.4.3 src/libexec/httpd/ssl-bozo.c cvs rdiff -u -r1.4.26.4 -r1.4.26.5 src/libexec/httpd/testsuite/Makefile cvs rdiff -u -r1.1.2.2 -r1.1.2.3 src/libexec/httpd/testsuite/t11.out cvs rdiff -u -r1.1.1.1.32.4 -r1.1.1.1.32.5 \ src/libexec/httpd/testsuite/test-bigfile cvs rdiff -u -r1.2.6.4 -r1.2.6.5 src/libexec/httpd/testsuite/test-simple Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/CHANGES diff -u src/libexec/httpd/CHANGES:1.19.2.1.2.5 src/libexec/httpd/CHANGES:1.19.2.1.2.6 --- src/libexec/httpd/CHANGES:1.19.2.1.2.5 Wed Nov 28 19:57:50 2018 +++ src/libexec/httpd/CHANGES Sat Jun 15 15:57:32 2019 @@ -1,4 +1,24 @@ -$NetBSD: CHANGES,v 1.19.2.1.2.5 2018/11/28 19:57:50 martin Exp $ +$NetBSD: CHANGES,v 1.19.2.1.2.6 2019/06/15 15:57:32 martin Exp $ + +changes in bozohttpd 20190228: + o extend timeout facility to ssl and stop servers hanging forever + if the client never sends anything. reported by Steffen in netbsd + PR#50655. + o don't display special files in the directory index. they aren't + served, but links to them are generated. + o fix CGI '+' parameter handling, some error checking, and a double + free. from rajeev_v_pil...@yahoo.com + o more directory indexing clean up. from rajeev_v_pil...@yahoo.com + +changes in bozohttpd 20181215: + o fix .htpasswd bypass for authenticated users. reported by JP, + from l...@netbsd.org + o avoid possible
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Fri May 31 08:15:50 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1698 To generate a diff of this commit: cvs rdiff -u -r1.1.2.144 -r1.1.2.145 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Fri May 31 08:15:50 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1698 To generate a diff of this commit: cvs rdiff -u -r1.1.2.144 -r1.1.2.145 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.144 src/doc/CHANGES-7.0.3:1.1.2.145 --- src/doc/CHANGES-7.0.3:1.1.2.144 Wed May 29 15:55:41 2019 +++ src/doc/CHANGES-7.0.3 Fri May 31 08:15:50 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.144 2019/05/29 15:55:41 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.145 2019/05/31 08:15:50 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5820,3 +5820,8 @@ sys/ufs/ffs/ffs_alloc.c1.164 Fix rare allocation botch in ffs_nodealloccg(). [kardel, ticket #1697] +sys/dev/scsipi/scsipi_ioctl.c 1.72 (patch) + + Use correct size when copying outgoing sense data. + [mlelstv, ticket #1698] +
CVS commit: [netbsd-7-0] src/sys/dev/scsipi
Module Name:src Committed By: martin Date: Fri May 31 08:15:24 UTC 2019 Modified Files: src/sys/dev/scsipi [netbsd-7-0]: scsipi_ioctl.c Log Message: Pull up following revision(s) (requested by mlelstv in ticket #1698): sys/dev/scsipi/scsipi_ioctl.c: revision 1.72 (via patch) use correct size when copying outgoing sense data. To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.67.18.1 src/sys/dev/scsipi/scsipi_ioctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/dev/scsipi
Module Name:src
Committed By: martin
Date: Fri May 31 08:15:24 UTC 2019
Modified Files:
src/sys/dev/scsipi [netbsd-7-0]: scsipi_ioctl.c
Log Message:
Pull up following revision(s) (requested by mlelstv in ticket #1698):
sys/dev/scsipi/scsipi_ioctl.c: revision 1.72 (via patch)
use correct size when copying outgoing sense data.
To generate a diff of this commit:
cvs rdiff -u -r1.67 -r1.67.18.1 src/sys/dev/scsipi/scsipi_ioctl.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/scsipi/scsipi_ioctl.c
diff -u src/sys/dev/scsipi/scsipi_ioctl.c:1.67 src/sys/dev/scsipi/scsipi_ioctl.c:1.67.18.1
--- src/sys/dev/scsipi/scsipi_ioctl.c:1.67 Thu Apr 19 17:45:20 2012
+++ src/sys/dev/scsipi/scsipi_ioctl.c Fri May 31 08:15:24 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: scsipi_ioctl.c,v 1.67 2012/04/19 17:45:20 bouyer Exp $ */
+/* $NetBSD: scsipi_ioctl.c,v 1.67.18.1 2019/05/31 08:15:24 martin Exp $ */
/*-
* Copyright (c) 1998, 2004 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: scsipi_ioctl.c,v 1.67 2012/04/19 17:45:20 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: scsipi_ioctl.c,v 1.67.18.1 2019/05/31 08:15:24 martin Exp $");
#include "opt_compat_freebsd.h"
#include "opt_compat_netbsd.h"
@@ -162,14 +162,16 @@ scsipi_user_done(struct scsipi_xfer *xs)
SC_DEBUG(periph, SCSIPI_DB3, ("have sense\n"));
screq->senselen_used = min(sizeof(xs->sense.scsi_sense),
SENSEBUFLEN);
- memcpy(screq->sense, >sense.scsi_sense, screq->senselen);
+ memcpy(screq->sense, >sense.scsi_sense,
+ screq->senselen_used);
screq->retsts = SCCMD_SENSE;
break;
case XS_SHORTSENSE:
SC_DEBUG(periph, SCSIPI_DB3, ("have short sense\n"));
screq->senselen_used = min(sizeof(xs->sense.atapi_sense),
SENSEBUFLEN);
- memcpy(screq->sense, >sense.scsi_sense, screq->senselen);
+ memcpy(screq->sense, >sense.atapi_sense,
+ screq->senselen_used);
screq->retsts = SCCMD_UNKNOWN; /* XXX need a shortsense here */
break;
case XS_DRIVER_STUFFUP:
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed May 29 15:55:42 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1697 To generate a diff of this commit: cvs rdiff -u -r1.1.2.143 -r1.1.2.144 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed May 29 15:55:42 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1697 To generate a diff of this commit: cvs rdiff -u -r1.1.2.143 -r1.1.2.144 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.143 src/doc/CHANGES-7.0.3:1.1.2.144 --- src/doc/CHANGES-7.0.3:1.1.2.143 Tue May 7 18:56:53 2019 +++ src/doc/CHANGES-7.0.3 Wed May 29 15:55:41 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.143 2019/05/07 18:56:53 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.144 2019/05/29 15:55:41 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5814,3 +5814,9 @@ sys/netsmb/smb_conn.c1.30 defined. [christos, ticket #1696] +sys/ufs/ffs/ffs_alloc.c1.164 + + PR 53990, PR 52380, PR 52102: + Fix rare allocation botch in ffs_nodealloccg(). + [kardel, ticket #1697] +
CVS commit: [netbsd-7-0] src/sys/ufs/ffs
Module Name:src Committed By: martin Date: Wed May 29 15:55:18 UTC 2019 Modified Files: src/sys/ufs/ffs [netbsd-7-0]: ffs_alloc.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1697): sys/ufs/ffs/ffs_alloc.c: revision 1.164 PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch Fix rare allocation botch in ffs_nodealloccg(). Conditions: a) less than #_of_initialized_inodes(cg->cg_initediblk) - inodes_per_filesystem_block are allocated in the cylinder group b) cg->cg_irotor points to a uninterupted run of allocated inodes in the inode bitmap up to the end of dynamically initialized inodes (cg->cg_initediblk) In this case the next inode after this run was returned without initializing the respective inode block. As the block is not initialized these inodes could trigger panics on inode consistency due to old (uninitialized) disk data. In very rare cases data loss could occur when the uninitialized inode block is initialized via the normal mechanism. Further conditions to occur after the above: c) no panic d) no (forced) fsck e) and more than cg->cg_initediblk - inodes_per_filesystem_block allocated inodes. Fix: Always insure allocation always in initialized inode range extending the initialized inode range as needed. Add KASSERTMSG() safeguards. ok hannken@ To generate a diff of this commit: cvs rdiff -u -r1.146.2.1 -r1.146.2.1.2.1 src/sys/ufs/ffs/ffs_alloc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/ufs/ffs
Module Name:src
Committed By: martin
Date: Wed May 29 15:55:18 UTC 2019
Modified Files:
src/sys/ufs/ffs [netbsd-7-0]: ffs_alloc.c
Log Message:
Pull up following revision(s) (requested by kardel in ticket #1697):
sys/ufs/ffs/ffs_alloc.c: revision 1.164
PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch
Fix rare allocation botch in ffs_nodealloccg().
Conditions:
a) less than
#_of_initialized_inodes(cg->cg_initediblk)
- inodes_per_filesystem_block
are allocated in the cylinder group
b) cg->cg_irotor points to a uninterupted run of
allocated inodes in the inode bitmap up to the
end of dynamically initialized inodes
(cg->cg_initediblk)
In this case the next inode after this run was returned
without initializing the respective inode block. As the
block is not initialized these inodes could trigger panics
on inode consistency due to old (uninitialized) disk data.
In very rare cases data loss could occur when
the uninitialized inode block is initialized via the
normal mechanism.
Further conditions to occur after the above:
c) no panic
d) no (forced) fsck
e) and more than cg->cg_initediblk - inodes_per_filesystem_block
allocated inodes.
Fix:
Always insure allocation always in initialized inode range
extending the initialized inode range as needed.
Add KASSERTMSG() safeguards.
ok hannken@
To generate a diff of this commit:
cvs rdiff -u -r1.146.2.1 -r1.146.2.1.2.1 src/sys/ufs/ffs/ffs_alloc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/ufs/ffs/ffs_alloc.c
diff -u src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1 src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1.2.1
--- src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1 Fri Aug 14 05:29:14 2015
+++ src/sys/ufs/ffs/ffs_alloc.c Wed May 29 15:55:18 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ffs_alloc.c,v 1.146.2.1 2015/08/14 05:29:14 msaitoh Exp $ */
+/* $NetBSD: ffs_alloc.c,v 1.146.2.1.2.1 2019/05/29 15:55:18 martin Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.146.2.1 2015/08/14 05:29:14 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.146.2.1.2.1 2019/05/29 15:55:18 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ffs.h"
@@ -1283,7 +1283,7 @@ ffs_nodealloccg(struct inode *ip, int cg
struct buf *bp, *ibp;
u_int8_t *inosused;
int error, start, len, loc, map, i;
- int32_t initediblk;
+ int32_t initediblk, maxiblk, irotor;
daddr_t nalloc;
struct ufs2_dinode *dp2;
const int needswap = UFS_FSNEEDSWAP(fs);
@@ -1295,7 +1295,13 @@ ffs_nodealloccg(struct inode *ip, int cg
return (0);
mutex_exit(>um_lock);
ibp = NULL;
- initediblk = -1;
+ if (fs->fs_magic == FS_UFS2_MAGIC) {
+ initediblk = -1;
+ } else {
+ initediblk = fs->fs_ipg;
+ }
+ maxiblk = initediblk;
+
retry:
error = bread(ip->i_devvp, FFS_FSBTODB(fs, cgtod(fs, cg)),
(int)fs->fs_cgsize, NOCRED, B_MODIFY, );
@@ -1315,7 +1321,8 @@ retry:
* Check to see if we need to initialize more inodes.
*/
if (fs->fs_magic == FS_UFS2_MAGIC && ibp == NULL) {
- initediblk = ufs_rw32(cgp->cg_initediblk, needswap);
+ initediblk = ufs_rw32(cgp->cg_initediblk, needswap);
+ maxiblk = initediblk;
nalloc = fs->fs_ipg - ufs_rw32(cgp->cg_cs.cs_nifree, needswap);
if (nalloc + FFS_INOPB(fs) > initediblk &&
initediblk < ufs_rw32(cgp->cg_niblk, needswap)) {
@@ -1331,6 +1338,9 @@ retry:
FFS_NOBLK, fs->fs_bsize, false, );
if (error)
goto fail;
+
+ maxiblk += FFS_INOPB(fs);
+
goto retry;
}
}
@@ -1340,14 +1350,22 @@ retry:
(fs->fs_old_flags & FS_FLAGS_UPDATED))
cgp->cg_time = ufs_rw64(time_second, needswap);
inosused = cg_inosused(cgp, needswap);
+
if (ipref) {
ipref %= fs->fs_ipg;
- if (isclr(inosused, ipref))
+ /* safeguard to stay in (to be) allocated range */
+ if (ipref < maxiblk && isclr(inosused, ipref))
goto gotit;
}
- start = ufs_rw32(cgp->cg_irotor, needswap) / NBBY;
- len = howmany(fs->fs_ipg - ufs_rw32(cgp->cg_irotor, needswap),
- NBBY);
+
+ irotor = ufs_rw32(cgp->cg_irotor, needswap);
+
+ KASSERTMSG(irotor < initediblk, "%s: allocation botch: cg=%d, irotor %d"
+ " out of bounds, initediblk=%d",
+ __func__, cg, irotor, initediblk);
+
+ start = irotor / NBBY;
+ len = howmany(maxiblk - irotor, NBBY);
loc = skpc(0xff, len, [start]);
if (loc == 0) {
len = start + 1;
@@ -1367,9 +1385,17 @@ retry:
printf("fs = %s\n", fs->fs_fsmnt);
panic("ffs_nodealloccg: block not in map");
}
+
ipref = i * NBBY + ffs(map) - 1;
+
cgp->cg_irotor = ufs_rw32(ipref, needswap);
+
gotit:
+ KASSERTMSG(ipref < maxiblk, "%s: allocation botch: cg=%d attempt to "
+ "allocate inode index %d beyond max allocated index %d"
+ " of %d inodes/cg",
+ __func__, cg, (int)ipref, maxiblk, cgp->cg_niblk);
+
CVS commit: [netbsd-7-0] src/sys/netsmb
Module Name:src Committed By: martin Date: Tue May 7 18:55:48 UTC 2019 Modified Files: src/sys/netsmb [netbsd-7-0]: smb_conn.c Log Message: Pull up following revision(s) (requested by christos in ticket #1696): sys/netsmb/smb_conn.c: revision 1.30 Prevent a NULL pointer dereference when the local endpoint is not defined. >From Andy Nguyen, many thanks. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.29.18.1 src/sys/netsmb/smb_conn.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netsmb/smb_conn.c diff -u src/sys/netsmb/smb_conn.c:1.29 src/sys/netsmb/smb_conn.c:1.29.18.1 --- src/sys/netsmb/smb_conn.c:1.29 Sun Apr 29 20:27:31 2012 +++ src/sys/netsmb/smb_conn.c Tue May 7 18:55:48 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: smb_conn.c,v 1.29 2012/04/29 20:27:31 dsl Exp $ */ +/* $NetBSD: smb_conn.c,v 1.29.18.1 2019/05/07 18:55:48 martin Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: smb_conn.c,v 1.29 2012/04/29 20:27:31 dsl Exp $"); +__KERNEL_RCSID(0, "$NetBSD: smb_conn.c,v 1.29.18.1 2019/05/07 18:55:48 martin Exp $"); /* * Connection engine. @@ -553,7 +553,8 @@ smb_vc_create(struct smb_vcspec *vcspec, if ((vcp->vc_paddr = dup_sockaddr(vcspec->sap, 1)) == NULL) goto fail; - if ((vcp->vc_laddr = dup_sockaddr(vcspec->lap, 1)) == NULL) + if (vcspec->lap && + (vcp->vc_laddr = dup_sockaddr(vcspec->lap, 1)) == NULL) goto fail; if ((vcp->vc_pass = smb_strdup(vcspec->pass)) == NULL)
CVS commit: [netbsd-7-0] src/sys/netsmb
Module Name:src Committed By: martin Date: Tue May 7 18:55:48 UTC 2019 Modified Files: src/sys/netsmb [netbsd-7-0]: smb_conn.c Log Message: Pull up following revision(s) (requested by christos in ticket #1696): sys/netsmb/smb_conn.c: revision 1.30 Prevent a NULL pointer dereference when the local endpoint is not defined. >From Andy Nguyen, many thanks. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.29.18.1 src/sys/netsmb/smb_conn.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue May 7 18:56:53 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1696 To generate a diff of this commit: cvs rdiff -u -r1.1.2.142 -r1.1.2.143 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.142 src/doc/CHANGES-7.0.3:1.1.2.143 --- src/doc/CHANGES-7.0.3:1.1.2.142 Sun May 5 09:12:01 2019 +++ src/doc/CHANGES-7.0.3 Tue May 7 18:56:53 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.142 2019/05/05 09:12:01 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.143 2019/05/07 18:56:53 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5808,4 +5808,9 @@ external/bsd/dhcpcd/dist/src/dhcp6.c (a DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE. [roy, ticket #1694] +sys/netsmb/smb_conn.c1.30 + + Prevent a NULL pointer dereference when the local endpoint is not + defined. + [christos, ticket #1696]
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Tue May 7 18:56:53 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1696 To generate a diff of this commit: cvs rdiff -u -r1.1.2.142 -r1.1.2.143 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sun May 5 09:12:01 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Tickets #1693 and #1694 To generate a diff of this commit: cvs rdiff -u -r1.1.2.141 -r1.1.2.142 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Sun May 5 09:12:01 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Tickets #1693 and #1694 To generate a diff of this commit: cvs rdiff -u -r1.1.2.141 -r1.1.2.142 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.141 src/doc/CHANGES-7.0.3:1.1.2.142 --- src/doc/CHANGES-7.0.3:1.1.2.141 Wed May 1 09:43:37 2019 +++ src/doc/CHANGES-7.0.3 Sun May 5 09:12:01 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.141 2019/05/01 09:43:37 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.142 2019/05/05 09:12:01 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5797,3 +5797,15 @@ external/bsd/dhcpcd/dist/src/dhcpcd.h Use consttime_memequal(3) to compare hashes. [roy, ticket #1690] +sys/arch/amd64/amd64/copy.S 1.33 +sys/arch/i386/i386/copy.S 1.31 + + Don't forget to clear the direction flag if kcopy fails. + [maxv, ticket #1693] + +external/bsd/dhcpcd/dist/src/dhcp6.c (apply patch) + + DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE. + [roy, ticket #1694] + +
CVS commit: [netbsd-7-0] src/external/bsd/dhcpcd/dist
Module Name:src
Committed By: martin
Date: Sun May 5 09:09:51 UTC 2019
Modified Files:
src/external/bsd/dhcpcd/dist [netbsd-7-0]: dhcp6.c
Log Message:
Apply patch, requested by roy in ticket #1695:
external/bsd/dhcpcd/dist/src/dhcp6.c
DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.13.2.2 -r1.1.1.13.2.2.2.1 \
src/external/bsd/dhcpcd/dist/dhcp6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/dhcpcd/dist/dhcp6.c
diff -u src/external/bsd/dhcpcd/dist/dhcp6.c:1.1.1.13.2.2 src/external/bsd/dhcpcd/dist/dhcp6.c:1.1.1.13.2.2.2.1
--- src/external/bsd/dhcpcd/dist/dhcp6.c:1.1.1.13.2.2 Thu Feb 5 15:13:12 2015
+++ src/external/bsd/dhcpcd/dist/dhcp6.c Sun May 5 09:09:50 2019
@@ -1,5 +1,5 @@
#include
- __RCSID("$NetBSD: dhcp6.c,v 1.1.1.13.2.2 2015/02/05 15:13:12 martin Exp $");
+ __RCSID("$NetBSD: dhcp6.c,v 1.1.1.13.2.2.2.1 2019/05/05 09:09:50 martin Exp $");
/*
* dhcpcd - DHCP client daemon
@@ -1856,38 +1856,39 @@ dhcp6_findpd(struct interface *ifp, cons
ex = dhcp6_findoption(D6_OPTION_PD_EXCLUDE, p, ol);
a->prefix_exclude_len = 0;
memset(>prefix_exclude, 0, sizeof(a->prefix_exclude));
-#if 0
- if (ex == NULL) {
- struct dhcp6_option *w;
- uint8_t *wp;
-
- w = calloc(1, 128);
- w->len = htons(2);
- wp = D6_OPTION_DATA(w);
- *wp++ = 64;
- *wp++ = 0x78;
- ex = w;
- }
-#endif
if (ex == NULL)
continue;
+
ol = ntohs(ex->len);
- if (ol < 2) {
- syslog(LOG_ERR, "%s: truncated PD Exclude",
- ifp->name);
+
+ /* RFC 6603 4.2 says option length MUST be between 2 and 17.
+ * This allows 1 octet for prefix length and 16 for the
+ * subnet ID. */
+ if (ol < 2 || ol > 17) {
+ syslog(LOG_ERR,
+ "%s: invalid PD Exclude option", ifp->name);
continue;
}
+
op = D6_COPTION_DATA(ex);
- a->prefix_exclude_len = *op++;
+ /* RFC 6603 4.2 says prefix length MUST be between the
+ * length of the IAPREFIX prefix length + 1 and 128. */
+ if (*op < a->prefix_len + 1 || *op > 128) {
+ syslog(LOG_ERR,
+ "%s: invalid PD Exclude length", ifp->name);
+ continue;
+ }
+
+ /* Check option length matches prefix length. */
ol--;
- if (((a->prefix_exclude_len - a->prefix_len - 1) / NBBY) + 1
- != ol)
- {
- syslog(LOG_ERR, "%s: PD Exclude length mismatch",
- ifp->name);
+ if (((*op - a->prefix_len - 1) / NBBY) + 1 != ol) {
+ syslog(LOG_ERR,
+ "%s: PD Exclude length mismatch", ifp->name);
a->prefix_exclude_len = 0;
continue;
}
+ a->prefix_exclude_len = *op++;
+
u8 = a->prefix_len % NBBY;
memcpy(>prefix_exclude, >prefix,
sizeof(a->prefix_exclude));
CVS commit: [netbsd-7-0] src/external/bsd/dhcpcd/dist
Module Name:src Committed By: martin Date: Sun May 5 09:09:51 UTC 2019 Modified Files: src/external/bsd/dhcpcd/dist [netbsd-7-0]: dhcp6.c Log Message: Apply patch, requested by roy in ticket #1695: external/bsd/dhcpcd/dist/src/dhcp6.c DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE To generate a diff of this commit: cvs rdiff -u -r1.1.1.13.2.2 -r1.1.1.13.2.2.2.1 \ src/external/bsd/dhcpcd/dist/dhcp6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/sys/arch
Module Name:src Committed By: martin Date: Sun May 5 08:49:19 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-7-0]: copy.S src/sys/arch/i386/i386 [netbsd-7-0]: copy.S Log Message: Pull up following revision(s) (requested by maxv in ticket #1693): sys/arch/amd64/amd64/copy.S: revision 1.33 sys/arch/i386/i386/copy.S: revision 1.31 Hum. Fix a potentially catastrophic bug: kcopy() sets DF=1 if the areas overlap, but doesn't clear it if the copy faults. If this happens, we return to the caller with DF=1, and each future memory copy will be backwards. I wonder if there really are places where kcopy() is called with overlapping areas. To generate a diff of this commit: cvs rdiff -u -r1.18.38.1 -r1.18.38.2 src/sys/arch/amd64/amd64/copy.S cvs rdiff -u -r1.23 -r1.23.8.1 src/sys/arch/i386/i386/copy.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/copy.S diff -u src/sys/arch/amd64/amd64/copy.S:1.18.38.1 src/sys/arch/amd64/amd64/copy.S:1.18.38.2 --- src/sys/arch/amd64/amd64/copy.S:1.18.38.1 Sat Dec 24 04:07:00 2016 +++ src/sys/arch/amd64/amd64/copy.S Sun May 5 08:49:18 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: copy.S,v 1.18.38.1 2016/12/24 04:07:00 snj Exp $ */ +/* $NetBSD: copy.S,v 1.18.38.2 2019/05/05 08:49:18 martin Exp $ */ /* * Copyright (c) 2001 Wasabi Systems, Inc. @@ -233,6 +233,7 @@ NENTRY(copy_efault) */ NENTRY(kcopy_fault) + cld ret NENTRY(copy_fault) Index: src/sys/arch/i386/i386/copy.S diff -u src/sys/arch/i386/i386/copy.S:1.23 src/sys/arch/i386/i386/copy.S:1.23.8.1 --- src/sys/arch/i386/i386/copy.S:1.23 Fri Jan 10 16:47:07 2014 +++ src/sys/arch/i386/i386/copy.S Sun May 5 08:49:18 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: copy.S,v 1.23 2014/01/10 16:47:07 pedro Exp $ */ +/* $NetBSD: copy.S,v 1.23.8.1 2019/05/05 08:49:18 martin Exp $ */ /* NetBSD: locore.S,v 1.34 2005/04/01 11:59:31 yamt Exp $ */ /*- @@ -65,7 +65,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: copy.S,v 1.23 2014/01/10 16:47:07 pedro Exp $"); +__KERNEL_RCSID(0, "$NetBSD: copy.S,v 1.23.8.1 2019/05/05 08:49:18 martin Exp $"); #include "assym.h" @@ -308,6 +308,7 @@ NENTRY(copy_efault) */ /* LINTSTUB: Ignore */ NENTRY(kcopy_fault) + cld popl %edi popl %esi ret
CVS commit: [netbsd-7-0] src/sys/arch
Module Name:src Committed By: martin Date: Sun May 5 08:49:19 UTC 2019 Modified Files: src/sys/arch/amd64/amd64 [netbsd-7-0]: copy.S src/sys/arch/i386/i386 [netbsd-7-0]: copy.S Log Message: Pull up following revision(s) (requested by maxv in ticket #1693): sys/arch/amd64/amd64/copy.S: revision 1.33 sys/arch/i386/i386/copy.S: revision 1.31 Hum. Fix a potentially catastrophic bug: kcopy() sets DF=1 if the areas overlap, but doesn't clear it if the copy faults. If this happens, we return to the caller with DF=1, and each future memory copy will be backwards. I wonder if there really are places where kcopy() is called with overlapping areas. To generate a diff of this commit: cvs rdiff -u -r1.18.38.1 -r1.18.38.2 src/sys/arch/amd64/amd64/copy.S cvs rdiff -u -r1.23 -r1.23.8.1 src/sys/arch/i386/i386/copy.S Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed May 1 09:43:37 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1690 To generate a diff of this commit: cvs rdiff -u -r1.1.2.140 -r1.1.2.141 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.140 src/doc/CHANGES-7.0.3:1.1.2.141 --- src/doc/CHANGES-7.0.3:1.1.2.140 Fri Apr 19 16:05:05 2019 +++ src/doc/CHANGES-7.0.3 Wed May 1 09:43:37 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.140 2019/04/19 16:05:05 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.141 2019/05/01 09:43:37 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5788,3 +5788,12 @@ sys/net/if.c 1.449 (patch) of stack disclosure. [christos, ticket #1689] +external/bsd/dhcpcd/dist/src/auth.c (apply patch) +external/bsd/dhcpcd/dist/src/dhcp.c (apply patch) +external/bsd/dhcpcd/dist/src/dhcpcd.h (apply patch) + + Security fixes for dhcpcd: + Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED. + Use consttime_memequal(3) to compare hashes. + [roy, ticket #1690] +
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Wed May 1 09:43:37 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1690 To generate a diff of this commit: cvs rdiff -u -r1.1.2.140 -r1.1.2.141 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/external/bsd/dhcpcd/dist
Module Name:src
Committed By: martin
Date: Wed May 1 09:26:23 UTC 2019
Modified Files:
src/external/bsd/dhcpcd/dist [netbsd-7-0]: auth.c dhcp.c dhcpcd.h
Log Message:
Apply patch, requested by roy in ticket #1690:
external/bsd/dhcpcd/dist/configure
external/bsd/dhcpcd/dist/src/auth.c
external/bsd/dhcpcd/dist/src/dhcp.c
external/bsd/dhcpcd/dist/src/dhcp6.c
external/bsd/dhcpcd/dist/compat/consttime_memequal.h
Security fixes for dhcpcd:
Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED.
Use consttime_memequal(3) to compare hashes.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.4.2.2 -r1.1.1.4.2.2.2.1 \
src/external/bsd/dhcpcd/dist/auth.c
cvs rdiff -u -r1.15.2.2 -r1.15.2.2.2.1 src/external/bsd/dhcpcd/dist/dhcp.c
cvs rdiff -u -r1.1.1.19.2.2 -r1.1.1.19.2.2.2.1 \
src/external/bsd/dhcpcd/dist/dhcpcd.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/dhcpcd/dist/auth.c
diff -u src/external/bsd/dhcpcd/dist/auth.c:1.1.1.4.2.2 src/external/bsd/dhcpcd/dist/auth.c:1.1.1.4.2.2.2.1
--- src/external/bsd/dhcpcd/dist/auth.c:1.1.1.4.2.2 Thu Feb 5 15:13:12 2015
+++ src/external/bsd/dhcpcd/dist/auth.c Wed May 1 09:26:23 2019
@@ -1,5 +1,5 @@
#include
- __RCSID("$NetBSD: auth.c,v 1.1.1.4.2.2 2015/02/05 15:13:12 martin Exp $");
+ __RCSID("$NetBSD: auth.c,v 1.1.1.4.2.2.2.1 2019/05/01 09:26:23 martin Exp $");
/*
* dhcpcd - DHCP client daemon
@@ -340,7 +340,7 @@ gottoken:
}
free(mm);
- if (memcmp(d, , dlen)) {
+ if (!consttime_memequal(d, , dlen)) {
errno = EPERM;
return NULL;
}
Index: src/external/bsd/dhcpcd/dist/dhcp.c
diff -u src/external/bsd/dhcpcd/dist/dhcp.c:1.15.2.2 src/external/bsd/dhcpcd/dist/dhcp.c:1.15.2.2.2.1
--- src/external/bsd/dhcpcd/dist/dhcp.c:1.15.2.2 Thu Feb 5 15:13:12 2015
+++ src/external/bsd/dhcpcd/dist/dhcp.c Wed May 1 09:26:23 2019
@@ -1,5 +1,5 @@
#include
- __RCSID("$NetBSD: dhcp.c,v 1.15.2.2 2015/02/05 15:13:12 martin Exp $");
+ __RCSID("$NetBSD: dhcp.c,v 1.15.2.2.2.1 2019/05/01 09:26:23 martin Exp $");
/*
* dhcpcd - DHCP client daemon
@@ -166,28 +166,6 @@ get_option(struct dhcpcd_ctx *ctx,
while (p < e) {
o = *p++;
- if (o == opt) {
- if (op) {
-if (!ctx->opt_buffer) {
- ctx->opt_buffer =
- malloc(DHCP_OPTION_LEN +
- BOOTFILE_LEN + SERVERNAME_LEN);
- if (ctx->opt_buffer == NULL)
- return NULL;
-}
-if (!bp)
- bp = ctx->opt_buffer;
-memcpy(bp, op, ol);
-bp += ol;
- }
- ol = *p;
- if (p + ol > e) {
-errno = EINVAL;
-return NULL;
- }
- op = p + 1;
- bl += ol;
- }
switch (o) {
case DHO_PAD:
continue;
@@ -205,16 +183,58 @@ get_option(struct dhcpcd_ctx *ctx,
} else
goto exit;
break;
- case DHO_OPTIONSOVERLOADED:
+ }
+
+ /* Check we can read the length */
+ if (p == e) {
+ errno = EINVAL;
+ return NULL;
+ }
+ l = *p++;
+
+ /* Check we can read the option data, if present */
+ if (p + l > e) {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ if (o == DHO_OPTIONSOVERLOADED) {
/* Ensure we only get this option once by setting
* the last bit as well as the value.
* This is valid because only the first two bits
* actually mean anything in RFC2132 Section 9.3 */
- if (!overl)
-overl = 0x80 | p[1];
- break;
+ if (l == 1 && !overl)
+overl = 0x80 | p[0];
+ }
+
+ if (o == opt) {
+ if (op) {
+/* We must concatonate the options. */
+if (bl + l > ctx->opt_buffer_len) {
+ size_t pos;
+ uint8_t *nb;
+
+ if (bp)
+ pos = (size_t)
+ (bp - ctx->opt_buffer);
+ else
+ pos = 0;
+ nb = realloc(ctx->opt_buffer, bl + l);
+ if (nb == NULL)
+ return NULL;
+ ctx->opt_buffer = nb;
+ ctx->opt_buffer_len = bl + l;
+ bp = ctx->opt_buffer + pos;
+}
+if (bp == NULL)
+ bp = ctx->opt_buffer;
+memcpy(bp, op, ol);
+bp += ol;
+ }
+ ol = l;
+ op = p;
+ bl += ol;
}
- l = *p++;
p += l;
}
Index: src/external/bsd/dhcpcd/dist/dhcpcd.h
diff -u src/external/bsd/dhcpcd/dist/dhcpcd.h:1.1.1.19.2.2 src/external/bsd/dhcpcd/dist/dhcpcd.h:1.1.1.19.2.2.2.1
--- src/external/bsd/dhcpcd/dist/dhcpcd.h:1.1.1.19.2.2 Thu Feb 5 15:13:12 2015
+++ src/external/bsd/dhcpcd/dist/dhcpcd.h Wed May 1 09:26:23 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: dhcpcd.h,v 1.1.1.19.2.2 2015/02/05 15:13:12 martin Exp $ */
+/* $NetBSD: dhcpcd.h,v 1.1.1.19.2.2.2.1 2019/05/01 09:26:23 martin Exp $ */
/*
* dhcpcd - DHCP client daemon
@@ -131,6 +131,7 @@ struct dhcpcd_ctx {
* We ONLY use this when options are split, which for most purposes is
* practically never. See RFC3396 for details. */
uint8_t *opt_buffer;
+ size_t opt_buffer_len;
#endif
#ifdef INET6
unsigned char secret[SECRET_LEN];
CVS commit: [netbsd-7-0] src/external/bsd/dhcpcd/dist
Module Name:src Committed By: martin Date: Wed May 1 09:26:23 UTC 2019 Modified Files: src/external/bsd/dhcpcd/dist [netbsd-7-0]: auth.c dhcp.c dhcpcd.h Log Message: Apply patch, requested by roy in ticket #1690: external/bsd/dhcpcd/dist/configure external/bsd/dhcpcd/dist/src/auth.c external/bsd/dhcpcd/dist/src/dhcp.c external/bsd/dhcpcd/dist/src/dhcp6.c external/bsd/dhcpcd/dist/compat/consttime_memequal.h Security fixes for dhcpcd: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED. Use consttime_memequal(3) to compare hashes. To generate a diff of this commit: cvs rdiff -u -r1.1.1.4.2.2 -r1.1.1.4.2.2.2.1 \ src/external/bsd/dhcpcd/dist/auth.c cvs rdiff -u -r1.15.2.2 -r1.15.2.2.2.1 src/external/bsd/dhcpcd/dist/dhcp.c cvs rdiff -u -r1.1.1.19.2.2 -r1.1.1.19.2.2.2.1 \ src/external/bsd/dhcpcd/dist/dhcpcd.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Fri Apr 19 16:05:05 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1689 To generate a diff of this commit: cvs rdiff -u -r1.1.2.139 -r1.1.2.140 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: martin Date: Fri Apr 19 16:05:05 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1689 To generate a diff of this commit: cvs rdiff -u -r1.1.2.139 -r1.1.2.140 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.139 src/doc/CHANGES-7.0.3:1.1.2.140 --- src/doc/CHANGES-7.0.3:1.1.2.139 Tue Apr 16 03:57:12 2019 +++ src/doc/CHANGES-7.0.3 Fri Apr 19 16:05:05 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.139 2019/04/16 03:57:12 msaitoh Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.140 2019/04/19 16:05:05 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5778,3 +5778,13 @@ sys/kern/sys_mqueue.c1.44 mq_send1: fix argument validation and reject too large lengths early. Discovered by Andy Nguyen. [martin, ticket #1688] + +sys/compat/common/uipc_syscalls_40.c 1.19 (patch) +sys/compat/linux/common/linux_socket.c 1.145 (patch) +sys/compat/linux32/common/linux32_socket.c 1.30 (patch) +sys/net/if.c 1.449 (patch) + + Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes + of stack disclosure. + [christos, ticket #1689] +
CVS commit: [netbsd-7-0] src/sys
Module Name:src Committed By: martin Date: Fri Apr 19 16:03:09 UTC 2019 Modified Files: src/sys/compat/common [netbsd-7-0]: uipc_syscalls_40.c src/sys/compat/linux/common [netbsd-7-0]: linux_socket.c src/sys/compat/linux32/common [netbsd-7-0]: linux32_socket.c src/sys/net [netbsd-7-0]: if.c Log Message: Pull up following revision(s) via patch (requested by christos in ticket #1689): sys/compat/linux/common/linux_socket.c: revision 1.145 sys/net/if.c: revision 1.449 sys/compat/linux32/common/linux32_socket.c: revision 1.30 sys/compat/common/uipc_syscalls_40.c: revision 1.19 Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack disclosure. From Andy Nguyen, many thanks! - Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack disclosure. From Andy Nguyen, many thanks! This is the compat code part pointed out by ozaki-r@ To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.34.1 src/sys/compat/common/uipc_syscalls_40.c cvs rdiff -u -r1.119.2.1 -r1.119.2.1.2.1 \ src/sys/compat/linux/common/linux_socket.c cvs rdiff -u -r1.18 -r1.18.4.1 src/sys/compat/linux32/common/linux32_socket.c cvs rdiff -u -r1.290.2.1 -r1.290.2.1.2.1 src/sys/net/if.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/common/uipc_syscalls_40.c diff -u src/sys/compat/common/uipc_syscalls_40.c:1.7 src/sys/compat/common/uipc_syscalls_40.c:1.7.34.1 --- src/sys/compat/common/uipc_syscalls_40.c:1.7 Wed Jan 19 10:21:16 2011 +++ src/sys/compat/common/uipc_syscalls_40.c Fri Apr 19 16:03:09 2019 @@ -1,9 +1,9 @@ -/* $NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $ */ +/* $NetBSD: uipc_syscalls_40.c,v 1.7.34.1 2019/04/19 16:03:09 martin Exp $ */ /* written by Pavel Cahyna, 2006. Public domain. */ #include -__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7.34.1 2019/04/19 16:03:09 martin Exp $"); /* * System call interface to the socket abstraction. @@ -39,6 +39,7 @@ compat_ifconf(u_long cmd, void *data) int space, error = 0; const int sz = (int)sizeof(ifr); + memset(, 0, sizeof(ifr)); if ((ifrp = ifc->ifc_req) == NULL) space = 0; else Index: src/sys/compat/linux/common/linux_socket.c diff -u src/sys/compat/linux/common/linux_socket.c:1.119.2.1 src/sys/compat/linux/common/linux_socket.c:1.119.2.1.2.1 --- src/sys/compat/linux/common/linux_socket.c:1.119.2.1 Sat Jan 17 12:10:54 2015 +++ src/sys/compat/linux/common/linux_socket.c Fri Apr 19 16:03:08 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $ */ +/* $NetBSD: linux_socket.c,v 1.119.2.1.2.1 2019/04/19 16:03:08 martin Exp $ */ /*- * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc. @@ -35,7 +35,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1.2.1 2019/04/19 16:03:08 martin Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" @@ -1124,6 +1124,7 @@ linux_getifconf(struct lwp *l, register_ if (error) return error; + memset(, 0, sizeof(ifr)); ifrp = ifc.ifc_req; if (ifrp == NULL) space = 0; Index: src/sys/compat/linux32/common/linux32_socket.c diff -u src/sys/compat/linux32/common/linux32_socket.c:1.18 src/sys/compat/linux32/common/linux32_socket.c:1.18.4.1 --- src/sys/compat/linux32/common/linux32_socket.c:1.18 Sat May 17 21:26:20 2014 +++ src/sys/compat/linux32/common/linux32_socket.c Fri Apr 19 16:03:09 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $ */ +/* $NetBSD: linux32_socket.c,v 1.18.4.1 2019/04/19 16:03:09 martin Exp $ */ /*- * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved. @@ -33,7 +33,7 @@ #include -__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $"); +__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18.4.1 2019/04/19 16:03:09 martin Exp $"); #include #include @@ -423,6 +423,7 @@ linux32_getifconf(struct lwp *l, registe if (error) return error; + memset(, 0, sizeof(ifr)); ifrp = NETBSD32PTR64(ifc.ifc_req); if (ifrp == NULL) space = 0; Index: src/sys/net/if.c diff -u src/sys/net/if.c:1.290.2.1 src/sys/net/if.c:1.290.2.1.2.1 --- src/sys/net/if.c:1.290.2.1 Tue Nov 11 12:20:28 2014 +++ src/sys/net/if.c Fri Apr 19 16:03:08 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $ */ +/* $NetBSD: if.c,v 1.290.2.1.2.1 2019/04/19 16:03:08 martin Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc. @@ -90,7 +90,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if.c,v
CVS commit: [netbsd-7-0] src/sys
Module Name:src Committed By: martin Date: Fri Apr 19 16:03:09 UTC 2019 Modified Files: src/sys/compat/common [netbsd-7-0]: uipc_syscalls_40.c src/sys/compat/linux/common [netbsd-7-0]: linux_socket.c src/sys/compat/linux32/common [netbsd-7-0]: linux32_socket.c src/sys/net [netbsd-7-0]: if.c Log Message: Pull up following revision(s) via patch (requested by christos in ticket #1689): sys/compat/linux/common/linux_socket.c: revision 1.145 sys/net/if.c: revision 1.449 sys/compat/linux32/common/linux32_socket.c: revision 1.30 sys/compat/common/uipc_syscalls_40.c: revision 1.19 Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack disclosure. From Andy Nguyen, many thanks! - Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack disclosure. From Andy Nguyen, many thanks! This is the compat code part pointed out by ozaki-r@ To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.34.1 src/sys/compat/common/uipc_syscalls_40.c cvs rdiff -u -r1.119.2.1 -r1.119.2.1.2.1 \ src/sys/compat/linux/common/linux_socket.c cvs rdiff -u -r1.18 -r1.18.4.1 src/sys/compat/linux32/common/linux32_socket.c cvs rdiff -u -r1.290.2.1 -r1.290.2.1.2.1 src/sys/net/if.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: msaitoh Date: Tue Apr 16 03:57:13 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1688. To generate a diff of this commit: cvs rdiff -u -r1.1.2.138 -r1.1.2.139 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: msaitoh Date: Tue Apr 16 03:57:13 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1688. To generate a diff of this commit: cvs rdiff -u -r1.1.2.138 -r1.1.2.139 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.138 src/doc/CHANGES-7.0.3:1.1.2.139 --- src/doc/CHANGES-7.0.3:1.1.2.138 Wed Mar 13 12:36:14 2019 +++ src/doc/CHANGES-7.0.3 Tue Apr 16 03:57:12 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.138 2019/03/13 12:36:14 msaitoh Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.139 2019/04/16 03:57:12 msaitoh Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5772,3 +5772,9 @@ external/bsd/bzip2/dist/bzip2recover.c Apply fix for CVE-2016-3189 bzip2: heap use after free in bzip2recover [martin, ticket #1684] + +sys/kern/sys_mqueue.c1.44 + + mq_send1: fix argument validation and reject too large lengths early. + Discovered by Andy Nguyen. + [martin, ticket #1688]
CVS commit: [netbsd-7-0] src/sys/kern
Module Name:src Committed By: msaitoh Date: Tue Apr 16 03:53:26 UTC 2019 Modified Files: src/sys/kern [netbsd-7-0]: sys_mqueue.c Log Message: Pull up following revision(s) (requested by martin in ticket #1688): sys/kern/sys_mqueue.c: revision 1.44 mq_send1: fix argument validation and reject too large lengths early. Discovered by Andy Nguyen. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.36.6.1 src/sys/kern/sys_mqueue.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/sys_mqueue.c diff -u src/sys/kern/sys_mqueue.c:1.36 src/sys/kern/sys_mqueue.c:1.36.6.1 --- src/sys/kern/sys_mqueue.c:1.36 Tue Feb 25 18:30:11 2014 +++ src/sys/kern/sys_mqueue.c Tue Apr 16 03:53:25 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_mqueue.c,v 1.36 2014/02/25 18:30:11 pooka Exp $ */ +/* $NetBSD: sys_mqueue.c,v 1.36.6.1 2019/04/16 03:53:25 msaitoh Exp $ */ /* * Copyright (c) 2007-2011 Mindaugas Rasiukevicius @@ -43,7 +43,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sys_mqueue.c,v 1.36 2014/02/25 18:30:11 pooka Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sys_mqueue.c,v 1.36.6.1 2019/04/16 03:53:25 msaitoh Exp $"); #include #include @@ -794,6 +794,8 @@ mq_send1(mqd_t mqdes, const char *msg_pt return EINVAL; /* Allocate a new message */ + if (msg_len > mq_max_msgsize) + return EMSGSIZE; size = sizeof(struct mq_msg) + msg_len; if (size > mq_max_msgsize) return EMSGSIZE;
CVS commit: [netbsd-7-0] src/sys/kern
Module Name:src Committed By: msaitoh Date: Tue Apr 16 03:53:26 UTC 2019 Modified Files: src/sys/kern [netbsd-7-0]: sys_mqueue.c Log Message: Pull up following revision(s) (requested by martin in ticket #1688): sys/kern/sys_mqueue.c: revision 1.44 mq_send1: fix argument validation and reject too large lengths early. Discovered by Andy Nguyen. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.36.6.1 src/sys/kern/sys_mqueue.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: msaitoh Date: Wed Mar 13 12:36:14 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1684. To generate a diff of this commit: cvs rdiff -u -r1.1.2.137 -r1.1.2.138 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-0] src/doc
Module Name:src Committed By: msaitoh Date: Wed Mar 13 12:36:14 UTC 2019 Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1684. To generate a diff of this commit: cvs rdiff -u -r1.1.2.137 -r1.1.2.138 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.137 src/doc/CHANGES-7.0.3:1.1.2.138 --- src/doc/CHANGES-7.0.3:1.1.2.137 Thu Mar 7 16:52:15 2019 +++ src/doc/CHANGES-7.0.3 Wed Mar 13 12:36:14 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.137 2019/03/07 16:52:15 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.138 2019/03/13 12:36:14 msaitoh Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -5768,3 +5768,7 @@ sys/dev/scsipi/st.c1.236 (patch), 1. st(4): Fix (but disable by default) SUN compatibility mode. [kardel, ticket #1682] +external/bsd/bzip2/dist/bzip2recover.c 1.4 + + Apply fix for CVE-2016-3189 bzip2: heap use after free in bzip2recover + [martin, ticket #1684]
CVS commit: [netbsd-7-0] src/external/bsd/bzip2/dist
Module Name:src Committed By: msaitoh Date: Wed Mar 13 11:30:23 UTC 2019 Modified Files: src/external/bsd/bzip2/dist [netbsd-7-0]: bzip2recover.c Log Message: Pull up following revision(s) (requested by martin in ticket #1684): external/bsd/bzip2/dist/bzip2recover.c: revision 1.4 Apply fix for CVE-2016-3189 bzip2: heap use after free in bzip2recover To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.3.16.1 src/external/bsd/bzip2/dist/bzip2recover.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
