Merge FreeBSD 2024-09-06 #2259
Merged
Merge FreeBSD 2024-09-06 #2259
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reviewed by: markj, imp Approved by: imp Differential Revision: https://reviews.freebsd.org/D46558
Suggested by: markj
IFF_ALLMULTI has an associated activation counter and so needs special treatment, like IFF_PROMISC. Introduce IFF_PALLMULTI, akin to IFF_PPROMISC, which indicates that userspace requested allmulti mode, and handle it specially in ifhwioctl(). Reviewed by: zlei, glebius MFC after: 2 weeks Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D46524
Similar to "promisc", this allows the IFF_ALLMULTI flag to be toggled from userspace if it happens to be useful to disable multicast packet filtering. One use-case is when implementing IPv6 neighbour discovery over netmap. Reviewed by: zlei, glebius MFC after: 2 weeks Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D46525
Native Linux implementation sets this as a maximum between 1 and ht/vht/eht rx SS'es, FreeBSD does the same, but uses 0 as a minimum, which leads setting it to 0 if we're not in ht/vht case. This 0 was breaking rtw89 driver, when it was trying to determine SS number by subtracting 1 from rx_nss and passing the value to the hardware. After this patch rtw89 association and simple ping work reliably, but more work is needed to make the driver robust with heavy traffic (iperf3) and being long idle. Reviewed by: bz Approved by: bz Sponsored by: Future Crew LLC Differential Revision: https://reviews.freebsd.org/D46528
For example, printf("%+i", 1) prints "+1". However, kvprintf() did
print just "1" for this example. According to PRINTF(3):
A sign must always be placed before a number produced by a signed
conversion.
For "%+r" radix conversions, keep the "+" handling as it is, since this
is a non-standard conversion. For "%+p" pointer conversions, continue
to ignore the sign modifier to be in line with libc.
This change allows to support the ' conversion modifier in the future.
Reviewed by: imp
Pull Request: freebsd/freebsd-src#1310
10ms seems to be too strict for some configurations, so increase to 20ms. Reviewed by: imp Pull Request: freebsd/freebsd-src#1327
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Closes: 280538 Fixes: cf8a18 (back out logging to /var/log/adduser) MFC after: 3 days Reported by: Herbert Baerschneider <[email protected]> Reviewed by: imp Pull Request: freebsd/freebsd-src#1354
Reviewed by: imp, emaste Pull Request: freebsd/freebsd-src#1356
This provides functionality for a click which is partially unreleased and then allows the user to continue moving the mousepad as if were not invoked as a full click Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
This patch allows scrolling with multiple fingers simultaneously, in line with how wsp trackpads function on MacOS. Two new tunables are added: hw.usb.wsp.max_finger_area and hw.usb.wsp.max_double_tap_distance. max_finger_area defines the maximum size which the driver registered an object on trackpad as a finger. Previously, this value was hardcoded as 1200, which was too low to register thumb-clicks. max_double_tap_distance defines the maximum distance between two fingers which will register as a double-click. Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
Also correctly use tun.max_double_tap_distance for maximum distance of fingers for vertical scrolling. Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
The struct timespec tv_sec member is of type time_t. Make sure that all variables related to this member are of the type time_t. This is important for targets where long is a 32-bit type and time_t a 64-bit type. Reviewed by: imp Pull Request: freebsd/freebsd-src#1373
Commit e695500 updated the policy table to match RFC 6724, which obsoletes RFC 3484. Add a reference to RFC 6724, and mark it up as a technical report (%R). MFC after: 3 days Signed-off-by: Jose Luis Duran <[email protected]> Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
Update the sample ip6addrctl.conf.sample file to match the default policy, currently based on RFC 6724. MFC after: 3 days Signed-off-by: Jose Luis Duran <[email protected]> Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
The error was always returned, even after handling the sysctl, breaking installworld under Linux. Sponsored by: https://www.patreon.com/valpackett Reviewed by: imp Pull Request: freebsd/freebsd-src#1376
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1378
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1379
Fixes: 86c06f (Remove GEOM_SCHED class and gsched) MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1380
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1382
+ consistent document description languague with other USB-BaseT drivers + mention newly added adapters from 6ea4d9 + attempt to mention rgephy(4) phys feed into ure interfaces Fixes: 6ea4d9 (Move RTL8156 from cdce(4) to ure(4)) MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1384
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Add version information to libxo output so that libxo content consumers can track changes. Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1350
Closes: 280538 Fixes: cf8a18 (back out logging to /var/log/adduser) MFC after: 3 days Reported by: Herbert Baerschneider <[email protected]> Reviewed by: imp Pull Request: freebsd/freebsd-src#1354
Reviewed by: imp, emaste Pull Request: freebsd/freebsd-src#1356
This provides functionality for a click which is partially unreleased and then allows the user to continue moving the mousepad as if were not invoked as a full click Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
This patch allows scrolling with multiple fingers simultaneously, in line with how wsp trackpads function on MacOS. Two new tunables are added: hw.usb.wsp.max_finger_area and hw.usb.wsp.max_double_tap_distance. max_finger_area defines the maximum size which the driver registered an object on trackpad as a finger. Previously, this value was hardcoded as 1200, which was too low to register thumb-clicks. max_double_tap_distance defines the maximum distance between two fingers which will register as a double-click. Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
Also correctly use tun.max_double_tap_distance for maximum distance of fingers for vertical scrolling. Signed-off-by: Joshua Rogers <[email protected]> Reviewed by: imp, wulf Pull Request: freebsd/freebsd-src#1365
The struct timespec tv_sec member is of type time_t. Make sure that all variables related to this member are of the type time_t. This is important for targets where long is a 32-bit type and time_t a 64-bit type. Reviewed by: imp Pull Request: freebsd/freebsd-src#1373
Commit e695500 updated the policy table to match RFC 6724, which obsoletes RFC 3484. Add a reference to RFC 6724, and mark it up as a technical report (%R). MFC after: 3 days Signed-off-by: Jose Luis Duran <[email protected]> Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
Update the sample ip6addrctl.conf.sample file to match the default policy, currently based on RFC 6724. MFC after: 3 days Signed-off-by: Jose Luis Duran <[email protected]> Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
Reviewed by: imp, glebius Pull Request: freebsd/freebsd-src#1375
The error was always returned, even after handling the sysctl, breaking installworld under Linux. Sponsored by: https://www.patreon.com/valpackett Reviewed by: imp Pull Request: freebsd/freebsd-src#1376
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1378
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1379
Fixes: 86c06f (Remove GEOM_SCHED class and gsched) MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1380
MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1382
+ consistent document description languague with other USB-BaseT drivers + mention newly added adapters from 6ea4d9 + attempt to mention rgephy(4) phys feed into ure interfaces Fixes: 6ea4d9 (Move RTL8156 from cdce(4) to ure(4)) MFC after: 3 days Reviewed by: imp Pull Request: freebsd/freebsd-src#1384
Signed-off-by: Tom Hukins <[email protected]> Reviewed by: imp Pull Request: freebsd/freebsd-src#1385
Add logic that checks if the code doesn't overflow ACPI_EXTENDED_HID_DEVICE_PATH node when searching for optional strings. If the string is not provided in the device path node default value of "\0" is used. Upstream PR: https://bugzilla.tianocore.org/show_bug.cgi?id=4555 Obtained from: tianocore/edk2@96ed60d Reviewed by: imp Pull Request: freebsd/freebsd-src#1388
Since 26b9e1f codel was fixed but traffic was not flowing for pie too. Apply the same fix. MFC after: 1 week Sponsored by: OPNsense Differential Revision: https://reviews.freebsd.org/D46182 Also see: https://redmine.pfsense.org/issues/13996 Also see: https://forum.opnsense.org/index.php?topic=41827.0 Reviewed by: imp, markj Pull Request: freebsd/freebsd-src#1390
Some exports(5) options take a "=arg" component that provides an argument value for the option. Others do not. Without this patch, if "=arg" was provided for an option that did not take an argument value, the "=arg" was simply ignored. This could result in confusion w.r.t. what was being exported, as noted by the Problem Report. This patch adds a check for "=arg" for the options that do not take an argument value and fails the exports line if one is found. PR: 281003 MFC after: 2 weeks
"fetch -qi" should skip printing "Not Modified" for successful http(s) request. Still print it by default (v_level == 1). MFC after: 1 week
now that the flua ucl module is built the lib directory, it is being build at a moment where it cannot link yet to libucl, push libucl in the _prebuild_libs to ensure it is present in a path to be linked against at the time the lua ucl module is being built. While here, remove libucl from boostrap as a dependence of flua as it is not needed anymore now that flua ucl module is dynamically loadable.
Reported by: Rainer Hurling <[email protected]>
bsdjhb
force-pushed
the
merge-freebsd-20240906
branch
from
7cd4b15 to
876d2ea
Compare
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) Important bugfixes: CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type Obtained from: libarchive Vendor commit: 12ecf8418ab3595d66cdea1abadcea8b6a9d288b CVE: CVE-2024-20696, CVE-2024-26256
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR for CI