Commit Graph

8048 Commits

Author SHA1 Message Date
Eugene Grosbein
1a498d2e68 bsnmpd(8): fix and optimize interface description processing
* correctly prepare a buffer to obtain interface description from a kernel and
  truncate long description instead of dropping it altogether and
  spamming logs;
* skip calling strlen() for each description and each SNMP request
  for MIB-II/ifXTable's ifAlias.
* teach bsnmpd to allocate memory dynamically for interface descriptions
  to decrease memory usage for common case and not to break
  if long description occurs;

PR:			217763
Reviewed by:		harti and others
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D16459
2018-08-18 10:58:44 +00:00
Mateusz Piotrowski
e896acd05e Fix a broken "SEE ALSO" section of hlfsd(8).
While here pet mandoc and igor.

Reviewed by:	bcr, eadler, krion, mat
Approved by:	krion (mentor), mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D16376
2018-08-14 20:33:48 +00:00
Cy Schubert
0ec68024a0 MFV r337818:
WPA: Ignore unauthenticated encrypted EAPOL-Key data

Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

Obtained from:  git://w1.fi/hostap.git
MFC after:      1 day
Security:       CVE-2018-14526
Security:       VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317
2018-08-14 20:24:10 +00:00
Kyle Evans
e112e9d255 MFV r337586: lua: Update to 5.3.5
Bugfix release, nothing too major.

Tested with:	lualoader via userboot, lualoader live
Differential Revision:	https://reviews.freebsd.org/D16665
2018-08-14 18:58:01 +00:00
Warner Losh
243ff7d88b When the LUA floating point model is INT64, we don't need to do the
overflow dance. This avoids compile errors on latter-day gcc compilers
as well as simplifies the generated code.

Reviewed by: kevans@
2018-08-14 18:45:20 +00:00
Warner Losh
07d397d746 Prevent a wanring about checkdp being unused. It's not needed when we
have INT64 floats and somehow snuck through unused until now.

Reviewed by: kevans@
2018-08-14 18:45:16 +00:00
Martin Matuska
b6479158e1 MFV r337744:
Sync libarchive with vendor..

Vendor changes:
  PR #1042: validate iso9660 directory record length

MFC after:	3 days
Security:	CVE-2017-14501
2018-08-14 11:42:32 +00:00
Kyle Evans
3f48dbd1cc Merge libbe(3)/bectl(8) from projects/bectl into head
bectl(8) is an administrative interface for working with ZFS boot
environments, intended to provide a superset of the functionality provided
by sysutils/beadm.

libbe(3) is the back-end library that the required functionality has been
pulled out into for later reuse.

These were originally written for GSoC 2017 under the mentorship of
allanjude@.

bectl(8) has proven pretty stable in my testing, with the known bug
documented in the man page.

Relnotes:	yes
2018-08-11 23:50:09 +00:00
Dimitry Andric
fa3c2eba12 Pull in r338481 from upstream llvm trunk (by Chandler Carruth):
[x86] Fix a really subtle miscompile due to a somewhat glaring bug in
  EFLAGS copy lowering.

  If you have a branch of LLVM, you may want to cherrypick this. It is
  extremely unlikely to hit this case empirically, but it will likely
  manifest as an "impossible" branch being taken somewhere, and will be
  ... very hard to debug.

  Hitting this requires complex conditions living across complex
  control flow combined with some interesting memory (non-stack)
  initialized with the results of a comparison. Also, because you have
  to arrange for an EFLAGS copy to be in *just* the right place, almost
  anything you do to the code will hide the bug. I was unable to reduce
  anything remotely resembling a "good" test case from the place where
  I hit it, and so instead I have constructed synthetic MIR testing
  that directly exercises the bug in question (as well as the good
  behavior for completeness).

  The issue is that we would mistakenly assume any SETcc with a valid
  condition and an initial operand that was a register and a virtual
  register at that to be a register *defining* SETcc...

  It isn't though....

  This would in turn cause us to test some other bizarre register,
  typically the base pointer of some memory. Now, testing this register
  and using that to branch on doesn't make any sense. It even fails the
  machine verifier (if you are running it) due to the wrong register
  class. But it will make it through LLVM, assemble, and it *looks*
  fine... But wow do you get a very unsual and surprising branch taken
  in your actual code.

  The fix is to actually check what kind of SETcc instruction we're
  dealing with. Because there are a bunch of them, I just test the
  may-store bit in the instruction. I've also added an assert for
  sanity that ensure we are, in fact, *defining* the register operand.
  =D

Noticed by:	kib
MFC after:	1 week
2018-08-11 10:42:12 +00:00
Kyle Evans
14b841d4a8 MFH @ r337607, in preparation for boarding 2018-08-11 04:26:29 +00:00
Kyle Evans
c3c5a72e4e Add libbe(3) to mdoc 2018-08-11 01:54:45 +00:00
Sevan Janiyan
2bda75506d Fix escaping, otherwise Dx gets translated as the macro for DragonFly.
From 2018 Linuxhotel Hackathon & DevSummit

Approved by:	eadler
Obtained from:	OpenBSD r1.49
Differential Revision:	https://reviews.freebsd.org/D16616
2018-08-11 00:08:59 +00:00
Ed Maste
ce0c6340ec readelf: display NT_GNU_PROPERTY_TYPE_0 note name
NT_GNU_PROPERTY_TYPE_0 in a .note.gnu.property section "contains a
program property note which describes special handling requirements
for linker and run-time loader." (from the System V Application Binary
Interface - Linux Extensions")

Intel CET uses two processor-specific program properties in
NT_GNU_PROPERTY_TYPE_0: GNU_PROPERTY_X86_FEATURE_1_IBT to indicate that
all executable sections are compatible with Indirect Branch Tracking,
and GNU_PROPERTY_X86_FEATURE_1_SHSTK to indicate that sections are
compatible with shadow stack.

A later change should add decoding of the individual properties.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-08-10 10:37:25 +00:00
Brooks Davis
7138c819c4 Terminate filter_create_ext() args with NULL, not 0.
filter_create_ext() is documented to take a NULL terminated set of
arguments.  0 is promoted to an int so this would fail on 64-bit
systems if the value was not passed in a register.  On all currently
supported 64-bit architectures it is.

Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
2018-08-08 22:45:30 +00:00
Alan Somers
47cc9ee1b1 Switch the default pager for most commands to less
Finally, a pager for the nineties.

MFC after:	Never
Relnotes:	Yes
Differential Revision:	https://reviews.freebsd.org/D13465
Poll:		https://reviews.freebsd.org/V7
2018-08-08 19:24:20 +00:00
Eitan Adler
2dc4dbb967 file: update to 5.34
PR:		230141
exp-run by:	antoine
2018-08-08 01:33:36 +00:00
Ruslan Bukin
7db2360401 Increase timeout for timedmutex_test:mutex2, timedmutex_test:mutex3
tests.

Default value is 300. It takes ~310s to complete each of these tests
in QEMU/RISC-V.

Sponsored by:	DARPA, AFRL
2018-08-06 15:55:58 +00:00
Alan Cox
1856c32ef6 Set the default image base on arm64 and i386 to a superpage-aligned
address.

Reviewed by:	emaste, markj
Discussed with:	dim
Differential Revision:	https://reviews.freebsd.org/D16385
2018-08-04 02:30:51 +00:00
Ruslan Bukin
380122186e Replace __riscv__ with __riscv.
__riscv__ is not pre-defined anymore by latest version of GNU compiler.

Sponsored by:	DARPA, AFRL
2018-08-03 12:47:54 +00:00
Ed Maste
bd6313b66e libelf: reload section headers after update with ELF_C_WRITE
These issues (PR 218860 and PR 218861) are still undergoing additional
discussion in the upstream context and there may be additional changes
to come.

PR:		218860
Submitted by:	Eric McCorkle
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D10486
2018-08-01 15:55:14 +00:00
Ed Maste
fd12f2aaeb lld: [ELF][ARM] Implement support for Tag_ABI_VFP_args
The Tag_ABI_VFP_args build attribute controls the procedure call
standard used for floating point parameters on ARM. The values are:

0 - Base AAPCS (FP Parameters passed in Core (Integer) registers
1 - VFP AAPCS (FP Parameters passed in FP registers)
2 - Toolchain specific (Neither Base or VFP)
3 - Compatible with all (No use of floating point parameters)

If the Tag_ABI_VFP_args build attribute is missing it has an implicit
value of 0.

We use the attribute in two ways:

* Detect a clash in calling convention between Base, VFP and Toolchain.

we follow ld.bfd's lead and do not error if there is a clash between an
implicit Base AAPCS caused by a missing attribute. Many projects
including the hard-float (VFP AAPCS) version of glibc contain assembler
files that do not use floating point but do not have Tag_ABI_VFP_args.

* Set the EF_ARM_ABI_FLOAT_SOFT or EF_ARM_ABI_FLOAT_HARD ELF header flag

for Base or VFP AAPCS respectively. This flag is used by some ELF
loaders.

References:
* Addenda to, and Errata in, the ABI for the ARM Architecture for
  Tag_ABI_VFP_args
* Elf for the ARM Architecture for ELF header flags

Fixes LLVM PR36009

PR:		229050
Obtained from:	llvm r338377 by Peter Smith
2018-07-31 15:25:03 +00:00
Ed Maste
97df4fd158 llvm: [ARM] Complete enumeration values for Tag_ABI_VFP_args
The LLD implementation of Tag_ABI_VFP_args needs to check the rarely
seen values of 3 (toolchain specific) and 4 compatible with both Base
and VFP.  Add the missing enumeration values so that LLD can refer to
them without having to use the raw numbers.

Obtained from:	llvm r338373 by Peter Smith
2018-07-31 14:14:41 +00:00
Ed Maste
e1853cf4c5 llvm: [ELF][ARM] Add Arm ABI names for float ABI ELF Header flags
The ELF for the Arm architecture document defines, for EF_ARM_EABI_VER5
and above, the flags EF_ARM_ABI_FLOAT_HARD and EF_ARM_ABI_FLOAT_SOFT.
These have been defined to be compatible with the existing
EF_ARM_VFP_FLOAT and EF_ARM_SOFT_FLOAT used by gcc for
EF_ARM_EABI_UNKNOWN.

This patch adds the flags in addition to the existing ones so that any
code depending on the old names will still work.

Obtained from:	llvm r338370 by Peter Smith
2018-07-31 14:12:09 +00:00
Martin Matuska
f1951fd745 MFV r336851:
Update vendor/libarchive/dist to git 2c8c83b9731ff822fad6cc8c670ea5519c366a14

Important vendor changes:
  PR #993: Chdir to -C directory for metalog processing
  OSS-Fuzz #4969: Check size of the extended time field in zip archives
  PR #973: Record informational compression level in gzip header

MFC after:	1 week
2018-07-29 00:12:16 +00:00
Conrad Meyer
2f4a276414 MFV r336800: libarchive: Cherry-pick upstream 2c8c83b9
Relevant vendor changes:
  Fix issue #948: out-of-bounds read in lha_read_data_none()

admbugs:	877
MFC after:	3 days
Security:	CVE-2017-14503
2018-07-28 00:59:59 +00:00
Ed Maste
33683c3d3c lld: fix addends with partial linking
[ELF] Update addends in non-allocatable sections for REL targets when
creating a relocatable output.

LLVM PR: 37735
LLVM Differential Revision: https://reviews.llvm.org/D48929

PR:		225128
Obtained from:	LLVM r336799 by Igor Kudrin
2018-07-24 11:35:22 +00:00
Li-Wen Hsu
8407faa1b3 Add udma_barrier definitions for RISC-V
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
2018-07-22 22:35:17 +00:00
Alan Somers
6e3b0894a5 auditd(8): Log a better error when no hostname is set in audit_control
Cherry-pick from https://github.com/openbsm/openbsm/commit/01ba03b

Reviewed by:	cem
Obtained from:	OpenBSM
MFC after:	2 weeks
Pull Request:	https://github.com/openbsm/openbsm/pull/38
2018-07-22 18:06:42 +00:00
Alan Somers
46e1f0715d Fix tmpfs detection in the sys/fs/tmpfs tests
This code was originally written for NetBSD.  r306031 tried to adapt it to
FreeBSD, but didn't correctly handle the case that tmpfs was available, but
not already loaded.  Fix the logic to load the module if necessary.  The
tmpfs tests shouldn't be skipped anymore.

Also, fix a comment that was dislocated by r306031.

Reported by:	Jenkins
MFC after:	2 weeks
2018-07-21 23:54:40 +00:00
Cy Schubert
dfbd3c8d91 Remove a redundant declaration.
While at it add a blank line, conforming with the convention
used in this file.

X-MFC-with:	r336203
2018-07-20 02:25:39 +00:00
Cy Schubert
64987377c2 To reduce our diff between our sources and our upline, sync up
with upline. Also making it easier to read.

Obtained from:	diffing base with ports
X-MFC-with:	r336203
2018-07-20 02:17:19 +00:00
Cy Schubert
e581761876 MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0002-Prevent-reinstallation-\
		of-an-already-in-use-group-ke.patch
X-MFC-with:	r336203
2018-07-20 02:04:10 +00:00
Cy Schubert
84c260fb1b Revert r336501. It was a of the wrong rev from the vendor branch. 2018-07-20 01:53:28 +00:00
Ian Lepore
3496c981ac Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.

This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.

Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.

Differential Revision:	https://reviews.freebsd.org/D16281
2018-07-19 23:55:29 +00:00
Cy Schubert
1b911983db MFV r336490:
Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0004-Prevent-installation-\
		of-an-all-zero-TK.patch
X-MFC-with:	r336203
2018-07-19 20:10:34 +00:00
Cy Schubert
e2b89ca9cb MFV: r336486
Prevent reinstallation of an already in-use group key.
Upline git commit cb5132bb35698cc0c743e34fe0e845dfc4c3e410.

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0002-Prevent-reinstallation-\
		of-an-already-in-use-group-ke.patch
X-MFC-with:	r336203
2018-07-19 19:22:26 +00:00
Cy Schubert
8d6dfc9ece MFV: r336485
Address: hostapd: Avoid key reinstallation in FT handshake

Obtained from:	https://w1.fi/security/2017-1/\
		rebased-v2.6-0001-hostapd-Avoid-key-\
		reinstallation-in-FT-handshake.patch
X-MFC-with:	r336203
2018-07-19 19:04:30 +00:00
Andrew Turner
acfbf59013 Stop writing past the end of the buffer in the msgget_limit test. The value
in i is already correct to write to the last item in the buf array.

Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
2018-07-19 17:13:46 +00:00
Hans Petter Selasky
3468ddce67 Use unspecified address family when connecting as a client in
libibverbs example utilities.

This allows connecting to both IPv4 and IPv6 and reverts
some FreeBSD only patches.

MFC after:		1 week
Sponsored by:		Mellanox Technologies
2018-07-18 10:23:30 +00:00
Hans Petter Selasky
7600168453 Add ability to parse sysfs paths under FreeBSD in libibumad.
Add the ability to to parse sysfs paths to sysctl nodes by replacing '/' with '.'

Submitted by:		slavash@
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2018-07-18 10:20:39 +00:00
Dimitry Andric
8c44114a46 Pull in r336008 from upstream clang trunk:
Request init/fini array on FreeBSD 12 and later

  Summary:

  It seems a bad idea to change the default in the middle of a release
  branch due to possible changes in global ctor / dtor ordering between
  .ctors and .init_array. With FreeBSD 11.0's release imminent lets
  change the default now for FreeBSD 12 (the current development
  stream) and later.

  FreeBSD rtld has supported .init_array / .fini_array for many years.
  As of Jan 1 2017 all supported FreeBSD releases and branches will
  have support.

  Reviewers: dim, brooks, arichardson

  Reviewed By: dim, brooks, arichardson

  Subscribers: bsdjhb, krytarowski, emaste, cfe-commits

  Differential Revision: https://reviews.llvm.org/D24867

Requested by:	jhb
MFC after:	3 days
2018-07-12 19:02:59 +00:00
Mark Johnston
b027d6545b Pass the right sizes to malloc() and realloc().
Reported by:	scan-build, via Mark Millard
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D16180
2018-07-12 18:48:53 +00:00
Cy Schubert
780fb4a2fa MFV r324714:
Update wpa 2.5 --> 2.6.

MFC after:	1 month
2018-07-11 18:53:18 +00:00
Alan Somers
fb2cd86a54 auditd(8): register signal handlers interrutibly
auditd_wait_for_events() relies on read(2) being interrupted by signals,
but it registers signal handlers with signal(3), which sets SA_RESTART.
That breaks asynchronous signal handling. It means that signals don't
actually get handled until after an audit(8) trigger is received.
Symptoms include:

* Sending SIGTERM to auditd doesn't kill it right away; you must send
  SIGTERM and then send a trigger with auditon(2).
* Same with SIGHUP
* Zombie child processes don't get reaped until auditd receives a trigger
  sent by auditon. This includes children created by expiring audit trails
  at auditd startup.

Fix by using sigaction(2) instead of signal(3).

Cherry pick https://github.com/openbsm/openbsm/commit/d060887

PR:		229381
Reviewed by:	cem
Obtained from:	OpenBSM
MFC after:	2 weeks
Differential Revision:	https://github.com/openbsm/openbsm/pull/36
2018-07-03 17:37:16 +00:00
Ruslan Bukin
7d729cedcc Revert 335888 ("Ensure va_list is declared by including stdarg.h.")
The issue was caused by header pollution brought by GCC 8.1.

We now have to remove include-fixed headers in the GCC installation
directory.

Sponsored by:	DARPA, AFRL
Pointed out by:	jhb
2018-07-03 15:48:34 +00:00
Ruslan Bukin
ab40f58ccf o Ensure va_list is declared by including stdarg.h.
o Also move printf.h to go after it since it does require declaration
  of va_list.

This fixes build with latest RISC-V GNU Toolchain with GCC 8.1

Sponsored by:	DARPA, AFRL
2018-07-03 13:53:54 +00:00
Hartmut Brandt
8e9b3e7071 Update bsnmp to version 1.13. This does not bring user-visible changes.
For developers gensnmptree can now generate functions for enums to convert
between enums and strings and to check the validity of a value.
The sources in FreeBSD are now in sync with the upstream which allows to
bring in IPv6 modifications.
2018-07-03 08:44:40 +00:00
Dimitry Andric
6ccc06f6cb Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.1 release (upstream r335540).

Relnotes:	yes
MFC after:	2 weeks
2018-06-29 17:51:35 +00:00
John Baldwin
104f6a2dcd Fix GCC 4.2.1 to honor --sysroot for includes.
- Change the C++ directory entries to honor --sysroot if it is set.
- Don't define CROSS_INCLUDE_DIR for the cross compiler.  Instead, set
  TARGET_SYSTEM_ROOT to point to WORLDTMP and always define
  STANDARD_INCLUDE_DIR.
- Change STANDARD_INCLUDE_DIR and the C++ include directories to just
  start with "/usr" always.  The compiler will prepend the sysroot when
  doing cross-builds.  GCC_INCLUDE_DIR (which contains headers that ship
  with the compiler such as intrinsincs rather than OS-supplied headers)
  remains hardcoded to look in TOOLS_PREFIX.

Reviewed by:	bdrewery (older version)
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D15127
2018-06-27 18:14:33 +00:00
Oleksandr Tymoshenko
964219664d Fix file(1) dumpdate reporting for dump(8) files
Magic file for dump(8) had this dump and previous dump dates reversed.
Fix order for all three flavours of the dump(8) format.
This fix was committed to upstream repo as magic/Magdir/dump,v 1.17
and will be merged during next vendor import.

PR:		223155
MFC after:	2 weeks
2018-06-26 18:53:52 +00:00