Revision tags: vendor/tzcode/tzcode2022g, vendor/tzcode/tzcode2022f, vendor/tzcode/tzcode2022e, vendor/tzcode/tzcode2022d, vendor/xz/5.2.9, vendor/llvm-project/llvmorg-15.0.6-0-g088f33605d8a, vendor/tzdata/tzdata2022g, release/12.4.0, vendor/sqlite3/sqlite-3400000, vendor/expat/2.5.0, vendor/xz/5.2.8, vendor/device-tree/6.0, vendor/device-tree/5.19, vendor/openssl/1.1.1s, vendor/wireguard-tools/v1.0.20210914, vendor/tzdata/tzdata2022f |
|
#
744bfb21 |
| 28-Oct-2022 |
John Baldwin <jhb@FreeBSD.org> |
Import the WireGuard driver from zx2c4.com.
This commit brings back the driver from FreeBSD commit f187d6dfbf633665ba6740fe22742aec60ce02a2 plus subsequent fixes from upstream.
Relative to upstream
Import the WireGuard driver from zx2c4.com.
This commit brings back the driver from FreeBSD commit f187d6dfbf633665ba6740fe22742aec60ce02a2 plus subsequent fixes from upstream.
Relative to upstream this commit includes a few other small fixes such as additional INET and INET6 #ifdef's, #include cleanups, and updates for recent API changes in main.
Reviewed by: pauamma, gbe, kevans, emaste Obtained from: git@git.zx2c4.com:wireguard-freebsd @ 3cc22b2 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D36909
show more ...
|
Revision tags: vendor/acpica/20221020, vendor/unbound/1.17.0, vendor/llvm-project/llvmorg-15.0.2-10-gf3c5289e7846, vendor/llvm-project/llvmorg-15.0.2-0-g4bd3f3759259, vendor/llvm-project/llvmorg-15.0.1-0-gb73d2c8c720a |
|
#
43f8c763 |
| 15-Oct-2022 |
Zhenlei Huang <zlei.huang@gmail.com> |
if_me: Use dedicated network privilege
Separate if_me privileges from if_gif.
Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D36691
|
Revision tags: vendor/tzdata/tzdata2022e, vendor/openssh/9.1p1, vendor/unbound/1.16.3, vendor/bsddialog/0.4, vendor/tzdata/tzdata2022d, vendor/file/5.43, vendor/expat/2.4.9, vendor/sqlite3/sqlite-3390300 |
|
#
4771011b |
| 15-Sep-2022 |
Gordon Bergling <gbe@FreeBSD.org> |
kern_jail: Fix a typo in a source code comment
- s/paramter/parameter/
MFC after: 3 days
|
Revision tags: vendor/llvm-project/llvmorg-15.0.0-9-g1c73596d3454, vendor/llvm-project/llvmorg-15.0.0-0-g4ba6a9c9f65b, vendor/less/v608, vendor/bsddialog/0.3, vendor/lua/5.4.4, vendor/lua/5.4.3, vendor/sqlite3/sqlite-3390200, vendor/bc/6.0.2, verndor/bc/6.0.2, vendor/dhcpcd/9.4.1, vendor/tzcode/tzcode2022c, vendor/tzcode/unsplit, vendor/tzdata/tzdata2022c, vendor/llvm-project/llvmorg-15.0.0-rc2-40-gfbd2950d8d0d, vendor/tzdata/tzdata2022b, vendor/arm-optimized-routines/20220210-89ca9c3, vendor/device-tree/5.18, vendor/device-tree/5.17, vendor/device-tree/5.16, vendor/device-tree/5.15, vendor/device-tree/5.14, vendor/unbound/1.16.2, vendor/llvm-project/llvmorg-15-init-17826-g1f8ae9d7e7e4, vendor/llvm-project/llvmorg-15-init-17827-gd77882e66779, vendor/NetBSD/bmake/20220726, vendor/NetBSD/bmake/20220724, vendor/llvm-project/llvmorg-15-init-17485-ga3e38b4a206b, vendor/llvm-project/llvmorg-15-init-16436-g18a6ab5b8d1f, vendor/unbound/1.16.1, vendor/sqlite3/sqlite-3390000, vendor/openssl/1.1.1q, vendor/file/5.42, vendor/llvm-project/llvmorg-15-init-15358-g53dc0f107877, vendor/openssl/1.1.1p, vendor/bc/5.3.3, vendor/bc/5.3.2, vendor/llvm-project/llvmorg-14.0.5-0-gc12386ae247c, vendor/bc/5.3.1, vendor/bc/5.3.0, vendor/unbound/1.16.0, vendor/llvm-project/llvmorg-14.0.4-0-g29f1039a7285, vendor/sqlite3/sqlite-3380500, release/13.1.0, upstream/13.1.0, vendor/bc/5.2.5, vendor/openssl/1.1.1o, vendor/llvm-project/llvmorg-14.0.2-0-g0e27d08cdeb3, vendor/llvm-project/llvmorg-14.0.3-0-g1f9140064dfb, vendor/NetBSD/bmake/20220418, vendor/bearssl/20220418, vendor/bc/5.2.4, vendor/NetBSD/libedit/2022-04-11, vendor/openssh/9.0p1, vendor/NetBSD/bmake/20220330, vendor/acpica/20220331, vendor/zlib/1.2.12, vendor/llvm-project/llvmorg-14.0.0-2-g3f43d803382d, vendor/heimdal/7.7.0, vendor/expat/2.4.7, vendor/llvm-project/llvmorg-14.0.0-rc4-2-gadd3ab7f4c8a, vendor/tzdata/tzdata2022a, vendor/openssl/1.1.1n, vendor/bsddialog/0.2 |
|
#
5ecb5444 |
| 10-Mar-2022 |
Mateusz Guzik <mjg@FreeBSD.org> |
jail: add process linkage
It allows iteration over processes belonging to given jail instead of having to walk the entire allproc list.
Note the iteration can miss processes which remains bug-compa
jail: add process linkage
It allows iteration over processes belonging to given jail instead of having to walk the entire allproc list.
Note the iteration can miss processes which remains bug-compatible with previous code.
Reviewed by: jamie (previous version), markj (previous version) Differential Revision: https://reviews.freebsd.org/D34522
show more ...
|
#
49a033d8 |
| 04-Sep-2022 |
Gordon Bergling <gbe@FreeBSD.org> |
kern: Correct some typos in source code comments
- s/occured/occurred/ - s/the the/the/
MFC after: 3 days
|
#
7060da62 |
| 29-Jun-2022 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: Remove a prison's shared memory when it dies
Add shm_remove_prison(), that removes all POSIX shared memory segments belonging to a prison. Call it from prison_cleanup() so a prison won't be s
jail: Remove a prison's shared memory when it dies
Add shm_remove_prison(), that removes all POSIX shared memory segments belonging to a prison. Call it from prison_cleanup() so a prison won't be stuck in a dying state due to the resources still held.
PR: 257555 Reported by: grembo
show more ...
|
#
a9f7455c |
| 29-Jun-2022 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: add prison_cleanup() to release resources held by a dying jail
Currently, when a jail starts dying, either by losing its last user reference or by being explicitly killed, osd_jail_call(...PR_
jail: add prison_cleanup() to release resources held by a dying jail
Currently, when a jail starts dying, either by losing its last user reference or by being explicitly killed, osd_jail_call(...PR_METHOD_REMOVE...) is called. Encapsulate this into a function prison_cleanup() that can then do other cleanup.
show more ...
|
Revision tags: vendor/libcxxrt/2022-03-09-fd484be8d1e94a1fcf6bc5c67e5c07b65ada19b6, vendor/bc/5.2.3, vendor/llvm-project/llvmorg-14.0.0-rc2-12-g09546e1b5103, vendor/expat/2.4.6, vendor/openssh/8.9p1 |
|
#
ab91feab |
| 22-Feb-2022 |
Kristof Provost <kp@FreeBSD.org> |
ovpn: Introduce OpenVPN DCO support
OpenVPN Data Channel Offload (DCO) moves OpenVPN data plane processing (i.e. tunneling and cryptography) into the kernel, rather than using tap devices. This avoi
ovpn: Introduce OpenVPN DCO support
OpenVPN Data Channel Offload (DCO) moves OpenVPN data plane processing (i.e. tunneling and cryptography) into the kernel, rather than using tap devices. This avoids significant copying and context switching overhead between kernel and user space and improves OpenVPN throughput.
In my test setup throughput improved from around 660Mbit/s to around 2Gbit/s.
Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D34340
show more ...
|
#
f171938c |
| 09-Apr-2022 |
Gordon Bergling <gbe@FreeBSD.org> |
jail: Remove a double word in a source code comment
- s/a a/a/
MFC after: 3 days
|
#
bb92cd7b |
| 24-Mar-2022 |
Mateusz Guzik <mjg@FreeBSD.org> |
vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd)
|
Revision tags: vendor/llvm-project/llvmorg-13.0.1-0-g75e33f71c2da, vendor/llvm-project/llvmorg-14.0.0-rc1-74-g4dc3cb8e3255, vendor/unbound/1.15.0, vendor/NetBSD/bmake/20220208, vendor/bc/5.2.2, vendor/NetBSD/bmake/20220204, vendor/llvm-project/llvmorg-14-init-18315-g190be5457c90, vendor/llvm-project/llvmorg-14-init-18294-gdb01b123d012, vendor/terminus/terminus-font-4.49.1, vendor/bsddialog/0.1, vendor/llvm-project/llvmorg-14-init-17616-g024a1fab5c35, vendor/dma/2022-01-27, vendor/ena-com/2.5.0, vendor/wpa/2.10, vendor/expat/2.4.3, vendor/sqlite3/sqlite-3370200, vendor/wpa/gb26f5c0fe, vendor/sqlite3/sqlite-3370100, vendor/file/5.41 |
|
#
eb8dcdea |
| 26-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
jail: network epoch protection for IP address lists
Now struct prison has two pointers (IPv4 and IPv6) of struct prison_ip type. Each points into epoch context, address count and variable size arra
jail: network epoch protection for IP address lists
Now struct prison has two pointers (IPv4 and IPv6) of struct prison_ip type. Each points into epoch context, address count and variable size array of addresses. These structures are freed with network epoch deferred free and are not edited in place, instead a new structure is allocated and set.
While here, the change also generalizes a lot (but not enough) of IPv4 and IPv6 processing. E.g. address family agnostic helpers for kern_jail_set() are provided, that reduce v4-v6 copy-paste.
The fast-path prison_check_ip[46]_locked() is also generalized into prison_ip_check() that can be executed with network epoch protection only.
Reviewed by: jamie Differential revision: https://reviews.freebsd.org/D33339
show more ...
|
Revision tags: vendor/llvm-project/llvmorg-14-init-13186-g0c553cc1af2e |
|
#
d2ef3774 |
| 22-Dec-2021 |
Jessica Clarke <jrtc27@FreeBSD.org> |
Fix buffer overread in preloaded hostuuid parsing
Commit b6be9566d236 stopped prison0_init writing outside of the preloaded hostuuid's bounds. However, the preloaded data will not (normally) have a
Fix buffer overread in preloaded hostuuid parsing
Commit b6be9566d236 stopped prison0_init writing outside of the preloaded hostuuid's bounds. However, the preloaded data will not (normally) have a NUL in it, and so validate_uuid will walk off the end of the buffer in its call to sscanf. Previously if there was any whitespace in the string we'd at least know there's a NUL one past the end due to the off-by-one error, but now no such byte is guaranteed.
Fix this by copying to a temporary buffer and explicitly adding a NUL.
Whilst here, change the strlcpy call to use a far less suspicious argument for dstsize; in practice it's fine, but it's an unusual pattern and not necessary.
Found by: CHERI Reviewed by: emaste, kevans, jhb MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D33616
show more ...
|
Revision tags: vendor/bsddialog/0.0.2, vendor/NetBSD/bmake/20211212, vendor/openssl/1.1.1m, vendor/unbound/1.14.0, vendor/bsddialog/0.0.1, vendor/unbound/1.14.0rc1, vendor/llvm-project/llvmorg-14-init-11187-g222442ec2d71, release/12.3.0, upstream/12.3.0, vendor/wpa/g14ab4a816, vendor/bc/5.2.1, vendor/bc/5.2.0 |
|
#
7e1d3eef |
| 25-Nov-2021 |
Mateusz Guzik <mjg@FreeBSD.org> |
vfs: remove the unused thread argument from NDINIT*
See b4a58fbf640409a1 ("vfs: remove cn_thread")
Bump __FreeBSD_version to 1400043.
|
Revision tags: vendor/bsddialog/2021-11-24, vendor/llvm-project/llvmorg-14-init-10223-g401b76fdf2b3, vendor/llvm-project/llvmorg-14-init-10186-gff7f2cfa959b, vendor/mandoc/1.14.6, vendor/openssh/8.8p1, vendor/ck/2021029 |
|
#
70de1003 |
| 27-Oct-2021 |
Gordon Bergling <gbe@FreeBSD.org> |
jail(8): Fix a few common typos in source code comments
- s/phyiscal/physical/
MFC after: 3 days
|
Revision tags: vendor/tzdata/tzdata2021e, vendor/tzdata/tzdata2021d, vendor/bc/5.1.1, vendor/bc/5.1.0, vendor/tzdata/tzdata2021c, vendor/libfido2/1.8.0, vendor/libcbor/0.8.0, vendor/acpica/20210930 |
|
#
8771ff75 |
| 26-Sep-2021 |
Gordon Bergling <gbe@FreeBSD.org> |
jail(9): Fix a typo in a comment
- s/erorr/error/
MFC after: 3 days
|
Revision tags: vendor/llvm-project/llvmorg-13.0.0-0-gd7b669b3a303, vendor/llvm-project/llvmorg-13.0.0-rc4-0-gd7b669b3a303, vendor/tzdata/tzdata2021b, vendor/dma/2021-07-10, vendor/NetBSD/libedit/2021-09-10, vendor/bc/5.0.2, vendor/llvm-project/llvmorg-13.0.0-rc3-8-g08642a395f23, vendor/llvm-project/llvmorg-13.0.0-rc2-43-gf56129fe78d5, vendor/openssl/1.1.1l, vendor/openssh/8.7p1, vendor/llvm-project/llvmorg-13.0.0-rc1-97-g23ba3732246a, vendor/llvm-project/llvmorg-13.0.0-rc1-0-gd6974c010878, vendor/unbound/1.13.2, vendor/one-true-awk/0592de4a, vendor/acpica/20210730, vendor/llvm-project/llvmorg-13-init-16854-g6b2e4c5a58d7, vendor/llvm-project/llvmorg-12.0.1-0-gfed41342a82f, vendor/llvm-project/llvmorg-12.0.1-rc2-0-ge7dac564cd0e, vendor/llvm-project/llvmorg-13-init-16847-g88e66fa60ae5, vendor/less/v590, llvmorg-12.0.1-0-gfed41342a82f, vendor/one-true-awk/1e4bc42c53a1, vendor/device-tree/5.13, vendor/device-tree/5.12, vendor/NetBSD/bmake/20210621, vendor/ena-com/2.4.0, vendor/NetBSD/vis/20210621, llvmorg-12.0.1-rc2-0-ge7dac564cd0e, vendor/acpica/20210604, vendor/nvi/2.2.0-3bbdfe4, vendor/tcsh/6.22.04, vendor/bc/4.0.2, vendor/sqlite3/sqlite-3350500, vendor/less/v581.2, vendor/bc/4.0.1, vendor/openssh/8.6p1, vendor/openssh/8.5p1, vendor/llvm-project/llvmorg-12.0.0-0-gd28af7c654d8, vendor/less/v581 |
|
#
2d741f33 |
| 16-Apr-2021 |
Kyle Evans <kevans@FreeBSD.org> |
kern: ether_gen_addr: randomize on default hostuuid, too
Currently, this will still hash the default (all zero) hostuuid and potentially arrive at a MAC address that has a high chance of collision i
kern: ether_gen_addr: randomize on default hostuuid, too
Currently, this will still hash the default (all zero) hostuuid and potentially arrive at a MAC address that has a high chance of collision if another interface of the same name appears in the same broadcast domain on another host without a hostuuid, e.g., some virtual machine setups.
Instead of using the default hostuuid, just treat it as a failure and generate a random LA unicast MAC address.
Reviewed by: bz, gbe, imp, kbowling, kp MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D29788
show more ...
|
#
b6be9566 |
| 14-May-2021 |
Colin Percival <cperciva@FreeBSD.org> |
Fix buffer overflow in preloaded hostuuid cleaning
When a module of type "hostuuid" is provided by the loader, prison0_init strips any trailing whitespace and ASCII control characters by (a) adjusti
Fix buffer overflow in preloaded hostuuid cleaning
When a module of type "hostuuid" is provided by the loader, prison0_init strips any trailing whitespace and ASCII control characters by (a) adjusting the buffer length, and (b) zeroing out the characters in question, before storing it as the system's hostuuid.
The buffer length adjustment was correct, but the zeroing overwrote one byte higher in memory than intended -- in the typical case, zeroing one byte past the end of the hostuuid buffer. Due to the layout of buffers passed by the boot loader to the kernel, this will be the first byte of a subsequent buffer.
This was *probably* harmless; prison0_init runs after preloaded kernel modules have been linked and after the preloaded /boot/entropy cache has been processed, so in both cases having the first byte overwritten will not cause problems. We cannot however rule out the possibility that other objects which are preloaded by the loader could suffer from having the first byte overwritten.
Since the zeroing does not in fact serve any purpose, remove it and trim trailing whitespace and ASCII control characters by adjusting the buffer length alone.
Fixes: c3188289 Preload hostuuid for early-boot use Reviewed by: kevans, markj MFC after: 3 days
show more ...
|
#
330f110b |
| 15-May-2021 |
Colin Percival <cperciva@FreeBSD.org> |
Fix 'hostuuid: preload data malformed' warning
If the preloaded hostuuid value is invalid and verbose booting is enabled, a warning is printed. This printf had two bugs:
1. It was missing a traili
Fix 'hostuuid: preload data malformed' warning
If the preloaded hostuuid value is invalid and verbose booting is enabled, a warning is printed. This printf had two bugs:
1. It was missing a trailing \n character. 2. The malformed UUID is printed with %s even though it is not known to be NUL-terminated.
This commit adds the missing \n and uses %.*s with the (already known) length of the preloaded UUID to ensure that we don't read past the end of the buffer.
Reported by: kevans Fixes: c3188289 Preload hostuuid for early-boot use MFC after: 3 days
show more ...
|
Revision tags: vendor/google/capsicum-test/ea66424d921bb393539b298c108a46edee5c3051, release/13.0.0, upstream/13.0.0, vendor/bc/4.0.0, vendor/acpica/20210331, vendor/NetBSD/libedit/2021-03-28, vendor/openssl/1.1.1k, vendor/device-tree/5.11, vendor/NetBSD/libedit/2020-07-10, vendor/libucl/20210314, vendor/bc/3.3.4, vendor/wpa/g9d9b42306541 |
|
#
f187d6df |
| 16-Mar-2021 |
Kyle Evans <kevans@FreeBSD.org> |
base: remove if_wg(4) and associated utilities, manpage
After length decisions, we've decided that the if_wg(4) driver and related work is not yet ready to live in the tree. This driver has larger
base: remove if_wg(4) and associated utilities, manpage
After length decisions, we've decided that the if_wg(4) driver and related work is not yet ready to live in the tree. This driver has larger security implications than many, and thus will be held to more scrutiny than other drivers.
Please also see the related message sent to the freebsd-hackers@ and freebsd-arch@ lists by Kyle Evans <kevans@FreeBSD.org> on 2021/03/16, with the subject line "Removing WireGuard Support From Base" for additional context.
show more ...
|
#
74ae3f3e |
| 15-Mar-2021 |
Kyle Evans <kevans@FreeBSD.org> |
if_wg: import latest fixup work from the wireguard-freebsd project
This is the culmination of about a week of work from three developers to fix a number of functional and security issues. This patc
if_wg: import latest fixup work from the wireguard-freebsd project
This is the culmination of about a week of work from three developers to fix a number of functional and security issues. This patch consists of work done by the following folks:
- Jason A. Donenfeld <Jason@zx2c4.com> - Matt Dunwoodie <ncon@noconroy.net> - Kyle Evans <kevans@FreeBSD.org>
Notable changes include: - Packets are now correctly staged for processing once the handshake has completed, resulting in less packet loss in the interim. - Various race conditions have been resolved, particularly w.r.t. socket and packet lifetime (panics) - Various tests have been added to assure correct functionality and tooling conformance - Many security issues have been addressed - if_wg now maintains jail-friendly semantics: sockets are created in the interface's home vnet so that it can act as the sole network connection for a jail - if_wg no longer fails to remove peer allowed-ips of 0.0.0.0/0 - if_wg now exports via ioctl a format that is future proof and complete. It is additionally supported by the upstream wireguard-tools (which we plan to merge in to base soon) - if_wg now conforms to the WireGuard protocol and is more closely aligned with security auditing guidelines
Note that the driver has been rebased away from using iflib. iflib poses a number of challenges for a cloned device trying to operate in a vnet that are non-trivial to solve and adds complexity to the implementation for little gain.
The crypto implementation that was previously added to the tree was a super complex integration of what previously appeared in an old out of tree Linux module, which has been reduced to crypto.c containing simple boring reference implementations. This is part of a near-to-mid term goal to work with FreeBSD kernel crypto folks and take advantage of or improve accelerated crypto already offered elsewhere.
There's additional test suite effort underway out-of-tree taking advantage of the aforementioned jail-friendly semantics to test a number of real-world topologies, based on netns.sh.
Also note that this is still a work in progress; work going further will be much smaller in nature.
MFC after: 1 month (maybe)
show more ...
|
Revision tags: vendor/tcsh/6.22.03-ceccc7f, bc/3.3.3, vendor/google/capsicum-test/20210302, vendor/dialog/1.3-20210117 |
|
#
589e4c1d |
| 26-Feb-2021 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: Add safety around prison_deref() flags.
do_jail_attach() now only uses the PD_XXX flags that refer to lock status, so make sure that something else like PD_KILL doesn't slip through.
Add a KA
jail: Add safety around prison_deref() flags.
do_jail_attach() now only uses the PD_XXX flags that refer to lock status, so make sure that something else like PD_KILL doesn't slip through.
Add a KASSERT() in prison_deref() to catch any further PD_KILL misuse.
show more ...
|
#
108a9384 |
| 26-Feb-2021 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: Fix locking on an early jail_set error.
I had locked allprison_lock without immediately setting PD_LIST_LOCKED.
|
Revision tags: vendor/ncurses/6.2-20210220 |
|
#
c861373b |
| 25-Feb-2021 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: re-commit 811e27fa3c44 with fixes
Make sure PD_KILL isn't passed to do_jail_attach, where it might end up trying to kill the caller's prison (even prison0).
Fix the child jail loop in prison_
jail: re-commit 811e27fa3c44 with fixes
Make sure PD_KILL isn't passed to do_jail_attach, where it might end up trying to kill the caller's prison (even prison0).
Fix the child jail loop in prison_deref_kill, which was doing the post-order part during the pre-order part. That's not a system- killer, but make jails not always die correctly.
show more ...
|
#
ddfffb41 |
| 25-Feb-2021 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: back out 811e27fa3c44 until it doesn't break Jenkins
Reported by: arichardson
|
#
0a2a96f3 |
| 23-Feb-2021 |
Jamie Gritton <jamie@FreeBSD.org> |
jail: Don't allow jails under dying parents
If a jail is created with jail_set(...JAIL_DYING), and it has a parent currently in a dying state, that will bring the parent jail back to life. Restrict
jail: Don't allow jails under dying parents
If a jail is created with jail_set(...JAIL_DYING), and it has a parent currently in a dying state, that will bring the parent jail back to life. Restrict that to require that the parent itself be explicitly brought back first, and not implicitly created along with the new child jail.
Differential Revision: https://reviews.freebsd.org/D28515
show more ...
|