Cy Schubert [Wed, 31 May 2023 19:20:27 +0000 (12:20 -0700)]
pam_krb5: Fix spoofing vulnerability
An adversary on the network can log in via ssh as any user by spoofing
the KDC. When the machine has a keytab installed the keytab is used to
verify the service ticket. However, without a keytab there is no way
for pam_krb5 to verify the KDC's response and get a TGT with the
password.
If both the password _and_ the KDC are controlled by an adversary, the
adversary can provide a password that the adversary's spoofed KDC will
return a valid tgt for. Currently, without a keytab, pam_krb5 is
vulnerable to this attack.
Reported by: Taylor R Campbell <riastradh@netbsd.org> via emaste@
Reviewed by: so
Approved by: so
Security: FreeBSD-SA-23:04.pam_krb5
Security: CVE-2023-3326
Doug Moore [Wed, 21 Jun 2023 04:52:27 +0000 (23:52 -0500)]
vm_radix: drop unused function; use bool.
Replace boolean_t with bool in vm_radix.c. Drop the unused function
vm_radix_is_singleton, which is unused and has no corresponding
function in subr_pctrie.c.
Reviewed by: alc
Differential Revision: <https://reviews.freebsd.org/D40586>
Ed Maste [Tue, 20 Jun 2023 12:44:22 +0000 (08:44 -0400)]
bfe: add unmaintained / deprecation notice
The bfe (Broadcom BCM4401 10/100 Ethernet) driver has known bugs and no
active maintenance. There have been no changes other than sweeping tree
changes, typo corrections etc. since 2008 a far as I can tell. Add a
note in the man page so that users expectations are correctly set, and
indicate that it may be removed in the future.
I did not add a gone_in() call in the driver itself as there is no
specific target version for removal, and this driver has evidence of
recent use (dmesg, PRs).
PR: 201947, 213751
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40625
John Baldwin [Tue, 20 Jun 2023 19:38:48 +0000 (12:38 -0700)]
rtld-elf: Mark tls_init_align __unused in free_tls for Variant I TLS.
Some architectures (powerpc and RISC-V) always use 0 for the post TLS
size in which case tls_init_align isn't used by
calculate_tls_post_size. Use __unused to quiet the warning for these
platforms.
Doug Moore [Tue, 20 Jun 2023 16:30:29 +0000 (11:30 -0500)]
radix_trie: eliminate iteration in keydiff
Use flsll(), instead of a loop, to find where two keys differ, and
then arithmetic to transform that to a trie level.
Approved by: alc, markj
Differential Revision: https://reviews.freebsd.org/D40585
John Baldwin [Tue, 20 Jun 2023 16:28:59 +0000 (09:28 -0700)]
bluetooth/ath3kfw: Propagate return value from ath3k_load_fwfile.
The caller ignores the return value so this is a no-op, but
ath3k_init_ar3012 returns the return values of its internal functions,
so this is more consistent.
Mitchell Horne [Tue, 20 Jun 2023 14:52:26 +0000 (11:52 -0300)]
riscv: improve KTR_TRAP trace entries
For more informative records of exceptions, include key details such as
the exception code and stval register contents. Remove the curthread
argument as it is redundant (saved with every ktr entry), and the
trapframe as it is somewhat meaningless.
Add a new KTR_TRAP trace record for interrupts.
Reviewed by: markj, jhb
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40584
John Baldwin [Tue, 20 Jun 2023 14:53:50 +0000 (07:53 -0700)]
ossl: Don't try to initialize the cipher for Chacha20+Poly1305.
Chacha20+Poly1305 doesn't use an ossl_cipher instance the way AES-GCM
does, so ossl_lookup_cipher() failed causing ossl_newsession() to
always fail for Chacha20+Poly1305 sessions.
Reported by: gallatin (ktls_test fails with ossl.ko loaded)
Fixes: 9a3444d91c70 ossl: Add a VAES-based AES-GCM implementation for amd64
Tested by: gallatin
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D40580
Doug Rabson [Tue, 20 Jun 2023 13:01:58 +0000 (14:01 +0100)]
pf: Add code to enable filtering for locally delivered packets
This is disabled by default since it potentially changes the behavior of
existing filter rule sets. To enable this extra filter for packets being
delivered locally, use:
Kristof Provost [Mon, 19 Jun 2023 14:41:13 +0000 (16:41 +0200)]
pf tests: make pfsync:defer test more robust
Set the defer timeout to 2.5 seconds, and only make sure that there's at
least a second of delay between the pfsync packet and the ping packet.
The intent is to allow the test to pass even when there's considerable
jitter on the timing measurement (e.g. when the test runs in a VM, such
as during the CI tests).
Kristof Provost [Mon, 19 Jun 2023 14:37:19 +0000 (16:37 +0200)]
pf: allow defer timeout to be configured
Add the net.pfsync.defer_delay sysctl to allow the defer timeout (i.e.
how long pf holds onto packets waiting for the peer to ack the new
state) to be changed.
This is intended to make testing of the defer code more robust, by
allowing longer timeouts to mitigate scheduling/measurement jitter.
Corvin Köhne [Mon, 29 Aug 2022 10:10:44 +0000 (12:10 +0200)]
bhyve/tpm: create crb thread for sending tpm commands
Commands send to a tpm are very slow. They can take up to several
seconds for completion. For that reason, create a thread which issues
the commands to the tpm device.
Corvin Köhne [Thu, 15 Jun 2023 09:12:53 +0000 (11:12 +0200)]
bhyve: maintain RSDT and XSDT by basl
In a subsquent commit the TPM emulation will build it's own TPM2 table.
This needs to be registered to the RSDT and XSDT. Instead of making the
rsdt and xsdt variables global, we can simply add a helper to basl.
Corvin Köhne [Mon, 16 Aug 2021 07:50:15 +0000 (09:50 +0200)]
bhyve: add bootindex option for several devices
The bootindex option creates an entry in the "bootorder" fwcfg file.
This file can be picked up by the guest firmware to determine the
bootorder. Nevertheless, it's not guaranteed that the guest firmware
uses the bootorder. At the moment, our OVMF ignores the bootorder. This
will change in the future.
If guest firmware supports the "bootorder" fwcfg file and no device uses
the bootindex option, the boot order is determined by the firmware
itself. If one or more devices specify a bootindex, the first bootable
device with the lowest bootindex will be booted. It's not garanteed that
devices without a bootindex will be recognized as bootable from the
firmware in that case.
Corvin Köhne [Mon, 16 Aug 2021 07:47:53 +0000 (09:47 +0200)]
bhyve: add helper to create a bootorder
Qemu's fwcfg allows to define a bootorder. Therefore, the hypervisor has
to create a fwcfg item named bootorder, which has a newline seperated
list of boot entries. Qemu's OVMF will pick up the bootorder and applies
it.
Add the moment, bhyve's OVMF doesn't support a custom bootorder by
qemu's fwcfg. However, in the future bhyve will gain support for qemu's
OVMF. Additonally, we can port relevant parts from qemu's to bhyve's
OVMF implementation.
The makeman CI job ensures that all options have description files.
Bring the CI job back to green by adding back WITHOUT_CAPSICUM and
WITHOUT_CASPER description files (that now state the assoicated options
have no effect).
Fixes: c24c117b9644 ("Remove WITHOUT_{CAPSICUM,CASPER} options")
Sponsored by: The FreeBSD Foundation
Colin Percival [Sun, 18 Jun 2023 00:03:56 +0000 (17:03 -0700)]
Remove WITHOUT_{CAPSICUM,CASPER} options
At this point CAPSICUM and CASPER are merely forced on via the newly
added __REQUIRED_OPTIONS list; after stable/14 branches I'll sweep
the tree for MK_{CAPSICUM,CASPER}.
This change will not be MFCed.
Discussed on: freebsd-arch
Differential Revision: https://reviews.freebsd.org/D40592
Colin Percival [Sun, 18 Jun 2023 00:01:52 +0000 (17:01 -0700)]
options/makeman: Handle __REQUIRED_OPTIONS
Teach the code which generates src.conf.5 about __REQUIRED_OPTIONS;
without this change it gets confused and thinks that every option
turns the required options on.
Colin Percival [Sat, 17 Jun 2023 20:08:37 +0000 (13:08 -0700)]
bsd.mkopt.mk: Add REQUIRED_OPTIONS list
Options on this list will be forced to 'yes'. This is intended for use
as a transitional measure when an option is ceasing to be optional,
before all of the associated make logic is removed.
Warner Losh [Mon, 19 Jun 2023 20:52:58 +0000 (14:52 -0600)]
camcontrol: Include stdbool.h rather than relying on namespace pollution
I have several environments, and at least one of them fails to build
because bool is undefined. Since we use bool, always include stdbool.h
rather than relying on any indirect definitions to pull it in.
Warner Losh [Mon, 19 Jun 2023 20:43:37 +0000 (14:43 -0600)]
camcontrol: In defects make -S actually imply 12-byte command
camcontrol(8) says that -S to start at a different offset implies that
we're using the 12 byte command. But really, we're using the 10-byte
command. Fix this by setting use_12byte for -S.
Warner Losh [Mon, 19 Jun 2023 20:43:30 +0000 (14:43 -0600)]
camcontrol: simplify summary logic for defects
We don't need to count the number of lists requested. Instead, use the
more general form of checking to see if any of the non-defect format
bits are set. Also, check summary boolean to control summary reporting
behavior.
Warner Losh [Mon, 19 Jun 2023 20:43:12 +0000 (14:43 -0600)]
camcontrol: No need to set CAM_ARG_[PG]LIST in defects
We can or in the the list_format bits directly if we or in the
list_format when we look it up the first time. Free up CAM_ARG_[PG]LIST
from the CAM_ARG_xxx enum.
Sponsored by: Netflix
Reviewed by: mav (I made his suggested change)
Differential Revision: https://reviews.freebsd.org/D40523
Warner Losh [Mon, 19 Jun 2023 20:43:05 +0000 (14:43 -0600)]
camcontrol: Simplfiy 12-byte retry logic in defects command
We always start out using the 10-byte version of READ DEFECT DATA, and
then switch to 12-byte when necessary due to errors or data length
requirements. We always need to get the length again when we do this,
and we're always going to be using 12-byte commands from that point
forward. Simplify the logic a bit based on this observation.
Mark Johnston [Mon, 19 Jun 2023 19:46:32 +0000 (15:46 -0400)]
bhyve: Refactor vmexit_suspend() a bit
Move some of its logic into fbsdrun_deletecpu(). This makes it easier
to split vmexit handlers into a separate file, which in turn makes
landing arm64 support easier. Also increase the scope of the mutex and
use it to synchronize updates to the vcpu mask. No functional change
intended.
Mark Johnston [Mon, 19 Jun 2023 19:46:02 +0000 (15:46 -0400)]
bhyve: Register hlt and pause vmexit handlers unconditionally
These exit handlers might not be used if the corresponding VM
capabilities are not set, but there is no harm in putting them into the
handler table regardless. Doing so simplifies initialization code,
makes it easier to split vmexit handlers into a separate file, and lets
us declare the handler table as const.
Dimitry Andric [Mon, 19 Jun 2023 18:32:40 +0000 (20:32 +0200)]
Apply llvm fix for hanging gcc builds on 32-bit arm
Merge commit 962c306a11d0 from llvm-project (by Florian Hahn):
[LV] Don't consider pointer as uniform if it is also stored.
Update isVectorizedMemAccessUse to also check if the pointer is stored.
This prevents LV to incorrectly consider a pointer as uniform if it is
used as both pointer and stored by the same StoreInst.
Fixes #61396.
PR: 271992
Reported by: John F. Carr <jfc@mit.edu>
MFC after: 3 days
John Baldwin [Mon, 19 Jun 2023 17:38:18 +0000 (10:38 -0700)]
ifconfig: Pacify a sign comparison warning in regdomain_sort.
Both ic_flags values are unsigned (uint32_t), so cast them to a signed
int to generate a signed result. Both ic_req values are also
unsigned, but since they are uint16_t, they are implicitly promited to
int before the subtraction.
John Baldwin [Mon, 19 Jun 2023 17:37:52 +0000 (10:37 -0700)]
ifconfig: Avoid issues with trying to negate unsigned values.
The if_flags and if_cap fields hold a bitmask of flags. If a flag is
the MSB of the field, then the logic in setifflags and setifcap which
uses a < 0 check does the wrong thing (it tries to clear the flag
rather than setting it). Also, trying to use -<FOO> doesn't actually
work as the result is a nop. To fix, stop overloading setifcap and
setifflags and instead add new dedicated action functions clearifcap
and clearifflags for clearing a flag. The value passed in the
argument to the command is now always the raw flag.
This was reported by a GCC warning after raising WARNS:
sbin/ifconfig/ifconfig.c:2061:33: error: integer overflow in expression '-2147483648' of type 'int' results in '-2147483648' [-Werror=overflow]
2061 | DEF_CMD("-txtlsrtlmt", -IFCAP_TXTLS_RTLMT, setifcap),
| ^
Ed Maste [Mon, 19 Jun 2023 01:37:06 +0000 (21:37 -0400)]
seq: fix check for rounding error/truncation
Based on OpenBSD 30f0fd29ba6c:
> We need to compare the printable version of the last value displayed,
> not the floating point representation. Otherwise, we may print the
> last value twice.
PR: 271964
Reported by: Daniel Kolesa
Reviewed by: yuripv
Obtained from: OpenBSD
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40601
Fix some shell issues by adding quotes and replace backticks with $()
This patch fixes the following issues reported by shellcheck:
- Quote default assignments (SC2223)
- Use $() instead of backticks (SC2006)
- Double quote $@ (SC2068)
- Double quote variables in if-statements and other places (SC2086)
While here, fix a whitespace at one end of line instance in the license
text.
Approved by: manu
Differential Revision: https://reviews.freebsd.org/D40604
The value stored in pf_mtag->tag comes from "tag" and "match tag"
keywords in pf.conf and must not be abused for storing other
information. A ruleset with enough tags could set or remove the bits
responsible for PF_TAG_SYNCOOKIE_RECREATED.
Move this syncookie status to pf_mtag->flags. Rename this and other
related constants in a way that will prevent such mistakes in the
future. Move PF_REASSEMBLED constant to mbuf.h and rename accordingly
because it's not a flag stored in pf_mtag, but an identifier of a
different m_tag. Change the value of the constant to avoid conflicts
with other m_tags using MTAG_ABI_COMPAT.
Rename the variables in pf_build_tcp() and pf_send_tcp() in to reduce
confusion.
Eugene Grosbein [Mon, 19 Jun 2023 07:49:35 +0000 (14:49 +0700)]
motd: unbreak for source upgrade
In case of source upgrade path from 12.x proper merge of new /etc
installs /etc/motd.template. Becase of that, the system in left
without symlink /etc/motd -> /var/run/motd but with stale /etc/motd contents.
Fix it creating symlink despite of presence of /etc/motd.template.
Vitaliy Gusev [Mon, 15 May 2023 14:28:45 +0000 (14:28 +0000)]
bhyve: add bus, slot and func to device name
Each device needs a unique identifier to store and restore snapshots
properly. Adding the pci bsf information to the device name creates a
unique identifier as a bsf can't be occupied twice.
Kyle Evans [Mon, 19 Jun 2023 05:31:16 +0000 (00:31 -0500)]
acl_is_trivial_np(3): minor fixes
- Correct the document title
- This function has an _np suffix
- acl_strip_np has a manpage, xref it
- RETURN VALUES should describe acl_is_trivial_np, not acl_get_tag_type
Rick Macklem [Sun, 18 Jun 2023 20:02:20 +0000 (13:02 -0700)]
mount_nfs.8: Note a case where the "nconnect" option does not work
The "nconnect" NFS mount option will not work
correctly for servers where the TCP connections
might connect to different NFS clusters that do not
share NFSv4.1/4.2 state information, such as file locks.
This patch adds a sentence to the "nconnect" section
of mount_nfs.8 noting this case.
Val Packett [Sat, 17 Jun 2023 16:29:53 +0000 (13:29 -0300)]
amdtemp: Fix missing 49 degree offset on current EPYC CPUs
On an EPYC 7313P, the temperature reported by amdtemp was off, because
the offset was not applied. Turns out it needs to be applied with one
more condition: https://lkml.org/lkml/2023/4/13/1095
Mykola Hohsadze [Sat, 17 Jun 2023 15:31:25 +0000 (12:31 -0300)]
arm64/disassem.c: Add shifted register definitions with ror
Add disassembly support for the following shifted register instructions:
* mvn
* orn
* orr
* and
* ands
* bic
* bics
* eon
* eor
* tst
According to Arm64 documenation, operational pseuducode of shifted
register instruction must return `UNDEFINED` if shift type is `RESERVED`
('11'). Hence, removed "rsv" from `shift_2` array and add "ror". In case
of shift type is 3 and this type is `RESERVED`, we will return
`undefined`.
projects / FreeBSD / FreeBSD.git / log