CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Mon Nov 25 15:48:04 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1714 To generate a diff of this commit: cvs rdiff -u -r1.1.2.61 -r1.1.2.62 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Mon Nov 25 15:48:04 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1714 To generate a diff of this commit: cvs rdiff -u -r1.1.2.61 -r1.1.2.62 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.61 src/doc/CHANGES-7.1.3:1.1.2.62 --- src/doc/CHANGES-7.1.3:1.1.2.61 Thu Oct 31 01:54:21 2019 +++ src/doc/CHANGES-7.1.3 Mon Nov 25 15:48:04 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.61 2019/10/31 01:54:21 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.62 2019/11/25 15:48:04 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -607,3 +607,8 @@ sys/modules/filemon/Makefile 1.4 (manu Do not install the filemon module. [maya, ticket #1710] +sys/kern/subr_cprng.c1.33 + + Use cprng_strong, not cprng_fast, for sysctl kern.arnd. + [riastradh, ticket #1714] +
CVS commit: [netbsd-7-1] src/sys/kern
Module Name:src Committed By: martin Date: Mon Nov 25 15:47:44 UTC 2019 Modified Files: src/sys/kern [netbsd-7-1]: subr_cprng.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1714): sys/kern/subr_cprng.c: revision 1.33 Use cprng_strong, not cprng_fast, for sysctl kern.arnd. To generate a diff of this commit: cvs rdiff -u -r1.24.2.1.6.1 -r1.24.2.1.6.2 src/sys/kern/subr_cprng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/subr_cprng.c diff -u src/sys/kern/subr_cprng.c:1.24.2.1.6.1 src/sys/kern/subr_cprng.c:1.24.2.1.6.2 --- src/sys/kern/subr_cprng.c:1.24.2.1.6.1 Tue Sep 3 12:28:31 2019 +++ src/sys/kern/subr_cprng.c Mon Nov 25 15:47:44 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_cprng.c,v 1.24.2.1.6.1 2019/09/03 12:28:31 martin Exp $ */ +/* $NetBSD: subr_cprng.c,v 1.24.2.1.6.2 2019/11/25 15:47:44 martin Exp $ */ /*- * Copyright (c) 2011-2013 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.24.2.1.6.1 2019/09/03 12:28:31 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.24.2.1.6.2 2019/11/25 15:47:44 martin Exp $"); #include #include @@ -508,6 +508,7 @@ cprng_strong_rndsink_callback(void *cont mutex_exit(&cprng->cs_lock); } +static ONCE_DECL(sysctl_prng_once); static cprng_strong_t *sysctl_prng; static int @@ -527,10 +528,9 @@ makeprng(void) static int sysctl_kern_urnd(SYSCTLFN_ARGS) { - static ONCE_DECL(control); int v, rv; - RUN_ONCE(&control, makeprng); + RUN_ONCE(&sysctl_prng_once, makeprng); rv = cprng_strong(sysctl_prng, &v, sizeof(v), 0); if (rv == sizeof(v)) { struct sysctlnode node = *rnode; @@ -559,6 +559,7 @@ sysctl_kern_arnd(SYSCTLFN_ARGS) int error; void *v; struct sysctlnode node = *rnode; + size_t n __diagused; switch (*oldlenp) { case 0: @@ -567,8 +568,10 @@ sysctl_kern_arnd(SYSCTLFN_ARGS) if (*oldlenp > 256) { return E2BIG; } + RUN_ONCE(&sysctl_prng_once, makeprng); v = kmem_alloc(*oldlenp, KM_SLEEP); - cprng_fast(v, *oldlenp); + n = cprng_strong(sysctl_prng, v, *oldlenp, 0); + KASSERT(n == *oldlenp); node.sysctl_data = v; node.sysctl_size = *oldlenp; error = sysctl_lookup(SYSCTLFN_CALL(&node));
CVS commit: [netbsd-7-1] src/sys/kern
Module Name:src Committed By: martin Date: Mon Nov 25 15:47:44 UTC 2019 Modified Files: src/sys/kern [netbsd-7-1]: subr_cprng.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1714): sys/kern/subr_cprng.c: revision 1.33 Use cprng_strong, not cprng_fast, for sysctl kern.arnd. To generate a diff of this commit: cvs rdiff -u -r1.24.2.1.6.1 -r1.24.2.1.6.2 src/sys/kern/subr_cprng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src
Module Name:src Committed By: martin Date: Thu Oct 31 01:54:21 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-1]: md.amd64 md.evbppc.powerpc md.i386 src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Fix set lists for ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.41.2.3 -r1.41.2.3.6.1 \ src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.3.4.1 -r1.3.4.1.6.1 \ src/distrib/sets/lists/modules/md.evbppc.powerpc cvs rdiff -u -r1.46.2.2 -r1.46.2.2.6.1 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.1.2.60 -r1.1.2.61 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src
Module Name:src Committed By: martin Date: Thu Oct 31 01:54:21 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-1]: md.amd64 md.evbppc.powerpc md.i386 src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Fix set lists for ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.41.2.3 -r1.41.2.3.6.1 \ src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.3.4.1 -r1.3.4.1.6.1 \ src/distrib/sets/lists/modules/md.evbppc.powerpc cvs rdiff -u -r1.46.2.2 -r1.46.2.2.6.1 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.1.2.60 -r1.1.2.61 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/modules/md.amd64 diff -u src/distrib/sets/lists/modules/md.amd64:1.41.2.3 src/distrib/sets/lists/modules/md.amd64:1.41.2.3.6.1 --- src/distrib/sets/lists/modules/md.amd64:1.41.2.3 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/md.amd64 Thu Oct 31 01:54:21 2019 @@ -1,4 +1,4 @@ -# $NetBSD: md.amd64,v 1.41.2.3 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: md.amd64,v 1.41.2.3.6.1 2019/10/31 01:54:21 martin Exp $ # # NOTE that there are two sets of files here: # @MODULEDIR@ and amd64-xen @@ -292,8 +292,8 @@ ./stand/amd64-xen/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/filecorebase-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/amd64-xen/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/amd64-xen/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/amd64-xen/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/amd64-xen/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/amd64-xen/@OSRELEASE@/modules/finsiobase-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/finsio/finsio.kmod base-kernel-modules kmod,compatmodules ./stand/amd64-xen/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules Index: src/distrib/sets/lists/modules/md.evbppc.powerpc diff -u src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1 src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1.6.1 --- src/distrib/sets/lists/modules/md.evbppc.powerpc:1.3.4.1 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/md.evbppc.powerpc Thu Oct 31 01:54:21 2019 @@ -1,4 +1,4 @@ -# $NetBSD: md.evbppc.powerpc,v 1.3.4.1 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: md.evbppc.powerpc,v 1.3.4.1.6.1 2019/10/31 01:54:21 martin Exp $ ./stand/powerpc-4xx base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@ base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules base-kernel-modules kmod,compatmodules @@ -70,8 +70,8 @@ ./stand/powerpc-4xx/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/filecore base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/powerpc-4xx/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/powerpc-4xx/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/powerpc-4xx/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/powerpc-4xx/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/powerpc-4xx/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/flash/flash.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-4xx/@OSRELEASE@/modules/fssbase-kernel-modules kmod,compatmodules @@ -307,8 +307,8 @@ ./stand/powerpc-booke/@OSRELEASE@/modules/ffs/ffs.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/filecorebase-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/filecore/filecore.kmod base-kernel-modules kmod,compatmodules -./stand/powerpc-booke/@OSRELEASE@/modules/filemonbase-kernel-modules kmod,compatmodules -./stand/powerpc-booke/@OSRELEASE@/modules/filemon/filemon.kmod base-kernel-modules kmod,compatmodules +./stand/powerpc-booke/@OSRELEASE@/modules/filemonbase-obsolete obsolete +./stand/powerpc-booke/@OSRELEASE@/modules/filemon/filemon.kmod base-obsolete obsolete ./stand/powerpc-booke/@OSRELEASE@/modules/flashbase-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/flash/flash.kmod base-kernel-modules kmod,compatmodules ./stand/powerpc-booke/@OSRELEASE@/modules/fssbase-kernel-modules kmod,compatmodules Index: src/distrib/sets/lists/modules/md.i386 diff -u src/distrib/sets/lists/modules/md.i386:1.46.2.2 src/distrib/sets/lists/modules
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Mon Oct 28 18:05:34 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.1.2.59 -r1.1.2.60 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.59 src/doc/CHANGES-7.1.3:1.1.2.60 --- src/doc/CHANGES-7.1.3:1.1.2.59 Sat Sep 28 07:51:31 2019 +++ src/doc/CHANGES-7.1.3 Mon Oct 28 18:05:34 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.59 2019/09/28 07:51:31 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.60 2019/10/28 18:05:34 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -597,3 +597,10 @@ sys/netbt/hci_event.c1.26 CVE-2019-9506. [plunky, ticket #1709] +distrib/sets/lists/modules/mi 1.127 +sys/modules/Makefile1.229,1.230 +sys/modules/filemon/Makefile 1.4 (manually adjusted) + + Do not install the filemon module. + [maya, ticket #1710] +
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Mon Oct 28 18:05:34 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1710 To generate a diff of this commit: cvs rdiff -u -r1.1.2.59 -r1.1.2.60 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src
Module Name:src Committed By: martin Date: Mon Oct 28 18:05:08 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-1]: mi src/sys/modules/filemon [netbsd-7-1]: Makefile Log Message: Pull up following revision(s) (requested by maya in ticket #1710): distrib/sets/lists/modules/mi: revision 1.127 sys/modules/Makefile: revision 1.230 sys/modules/filemon/Makefile: revision 1.4 (manually adjusted) sys/modules/Makefile: revision 1.229 Disable filemon. It isn't suited for general use (that is, it poses security risks), but the existence of the module means it is auto-loaded when /dev/filemon is opened, which can be done by any user. Thanks Ilja van Sprundel for the heads up. - Continue to build the filemon module, but don't install it. Hopefully this will help us detect any additional bit-rot that might occur. XXX It might be a good idea to modify the file permissions on /dev/filemon XXX to prevent auto-loading of the driver module by non-privileged users. To generate a diff of this commit: cvs rdiff -u -r1.69.2.1 -r1.69.2.1.6.1 src/distrib/sets/lists/modules/mi cvs rdiff -u -r1.1 -r1.1.48.1 src/sys/modules/filemon/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/modules/mi diff -u src/distrib/sets/lists/modules/mi:1.69.2.1 src/distrib/sets/lists/modules/mi:1.69.2.1.6.1 --- src/distrib/sets/lists/modules/mi:1.69.2.1 Sat Mar 21 17:11:35 2015 +++ src/distrib/sets/lists/modules/mi Mon Oct 28 18:05:07 2019 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.69.2.1 2015/03/21 17:11:35 snj Exp $ +# $NetBSD: mi,v 1.69.2.1.6.1 2019/10/28 18:05:07 martin Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -76,8 +76,8 @@ ./@MODULEDIR@/ffs/ffs.kmod base-kernel-modules kmod ./@MODULEDIR@/filecorebase-kernel-modules kmod ./@MODULEDIR@/filecore/filecore.kmod base-kernel-modules kmod -./@MODULEDIR@/filemonbase-kernel-modules kmod -./@MODULEDIR@/filemon/filemon.kmod base-kernel-modules kmod +./@MODULEDIR@/filemonbase-obsolete obsolete +./@MODULEDIR@/filemon/filemon.kmod base-obsolete obsolete ./@MODULEDIR@/flashbase-kernel-modules kmod ./@MODULEDIR@/flash/flash.kmod base-kernel-modules kmod ./@MODULEDIR@/fssbase-kernel-modules kmod Index: src/sys/modules/filemon/Makefile diff -u src/sys/modules/filemon/Makefile:1.1 src/sys/modules/filemon/Makefile:1.1.48.1 --- src/sys/modules/filemon/Makefile:1.1 Thu Sep 9 00:10:16 2010 +++ src/sys/modules/filemon/Makefile Mon Oct 28 18:05:07 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1 2010/09/09 00:10:16 sjg Exp $ +# $NetBSD: Makefile,v 1.1.48.1 2019/10/28 18:05:07 martin Exp $ .include "../Makefile.inc" @@ -8,4 +8,10 @@ KMOD = filemon SRCS = filemon.c filemon_wrapper.c NOMAN = no +# Due to security concerns, we don't install the filemon module. We +# do, however, want to keep building it to prevent bit-rot. Define +# an empty install target for this. + +kmodinstall: + .include
CVS commit: [netbsd-7-1] src
Module Name:src Committed By: martin Date: Mon Oct 28 18:05:08 UTC 2019 Modified Files: src/distrib/sets/lists/modules [netbsd-7-1]: mi src/sys/modules/filemon [netbsd-7-1]: Makefile Log Message: Pull up following revision(s) (requested by maya in ticket #1710): distrib/sets/lists/modules/mi: revision 1.127 sys/modules/Makefile: revision 1.230 sys/modules/filemon/Makefile: revision 1.4 (manually adjusted) sys/modules/Makefile: revision 1.229 Disable filemon. It isn't suited for general use (that is, it poses security risks), but the existence of the module means it is auto-loaded when /dev/filemon is opened, which can be done by any user. Thanks Ilja van Sprundel for the heads up. - Continue to build the filemon module, but don't install it. Hopefully this will help us detect any additional bit-rot that might occur. XXX It might be a good idea to modify the file permissions on /dev/filemon XXX to prevent auto-loading of the driver module by non-privileged users. To generate a diff of this commit: cvs rdiff -u -r1.69.2.1 -r1.69.2.1.6.1 src/distrib/sets/lists/modules/mi cvs rdiff -u -r1.1 -r1.1.48.1 src/sys/modules/filemon/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Sep 28 07:51:32 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1709 To generate a diff of this commit: cvs rdiff -u -r1.1.2.58 -r1.1.2.59 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Sep 28 07:51:32 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1709 To generate a diff of this commit: cvs rdiff -u -r1.1.2.58 -r1.1.2.59 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.58 src/doc/CHANGES-7.1.3:1.1.2.59 --- src/doc/CHANGES-7.1.3:1.1.2.58 Tue Sep 17 18:08:59 2019 +++ src/doc/CHANGES-7.1.3 Sat Sep 28 07:51:31 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.58 2019/09/17 18:08:59 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.59 2019/09/28 07:51:31 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -588,3 +588,12 @@ sys/netinet6/ip6_input.c 1.209 (patch) m_pullup() when needed. [bouyer, ticket #1708] +sys/netbt/hci.h 1.46 +sys/netbt/hci_event.c1.26 + + When encrypted connections are configured, verify that the encryption + key length has a minimum size when the adaptor supports that. + This addresses the 'Key Negotiation of Bluetooth' attack, + CVE-2019-9506. + [plunky, ticket #1709] +
CVS commit: [netbsd-7-1] src/sys/netbt
Module Name:src Committed By: martin Date: Sat Sep 28 07:51:11 UTC 2019 Modified Files: src/sys/netbt [netbsd-7-1]: hci.h hci_event.c Log Message: Pull up following revision(s) (requested by plunky in ticket #1709): sys/netbt/hci_event.c: revision 1.26 sys/netbt/hci.h: revision 1.46 When encrypted connections are configured, verify that the encryption key length has a minimum size when the adaptor supports that. This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506 https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/ To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.39.10.1 src/sys/netbt/hci.h cvs rdiff -u -r1.23 -r1.23.36.1 src/sys/netbt/hci_event.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netbt/hci.h diff -u src/sys/netbt/hci.h:1.39 src/sys/netbt/hci.h:1.39.10.1 --- src/sys/netbt/hci.h:1.39 Tue Jul 1 05:49:18 2014 +++ src/sys/netbt/hci.h Sat Sep 28 07:51:11 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: hci.h,v 1.39 2014/07/01 05:49:18 rtr Exp $ */ +/* $NetBSD: hci.h,v 1.39.10.1 2019/09/28 07:51:11 martin Exp $ */ /*- * Copyright (c) 2005 Iain Hibbert. @@ -54,7 +54,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: hci.h,v 1.39 2014/07/01 05:49:18 rtr Exp $ + * $Id: hci.h,v 1.39.10.1 2019/09/28 07:51:11 martin Exp $ * $FreeBSD: src/sys/netgraph/bluetooth/include/ng_hci.h,v 1.6 2005/01/07 01:45:43 imp Exp $ */ @@ -1786,6 +1786,17 @@ typedef struct { uint16_t accuracy; /* clock accuracy */ } __packed hci_read_clock_rp; +#define HCI_OCF_READ_ENCRYPTION_KEY_SIZE 0x0008 +#define HCI_CMD_READ_ENCRYPTION_KEY_SIZE 0x1408 +typedef struct { + uint16_t con_handle; /* connection handle */ +} __packed hci_read_encryption_key_size_cp; + +typedef struct { + uint8_t status; /* 0x00 - success */ + uint16_t con_handle; /* connection handle */ + uint8_t size; /* key size */ +} __packed hci_read_encryption_key_size_rp; /** ** Index: src/sys/netbt/hci_event.c diff -u src/sys/netbt/hci_event.c:1.23 src/sys/netbt/hci_event.c:1.23.36.1 --- src/sys/netbt/hci_event.c:1.23 Wed Jul 27 10:25:09 2011 +++ src/sys/netbt/hci_event.c Sat Sep 28 07:51:11 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: hci_event.c,v 1.23 2011/07/27 10:25:09 plunky Exp $ */ +/* $NetBSD: hci_event.c,v 1.23.36.1 2019/09/28 07:51:11 martin Exp $ */ /*- * Copyright (c) 2005 Iain Hibbert. @@ -31,7 +31,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.23 2011/07/27 10:25:09 plunky Exp $"); +__KERNEL_RCSID(0, "$NetBSD: hci_event.c,v 1.23.36.1 2019/09/28 07:51:11 martin Exp $"); #include #include @@ -63,6 +63,7 @@ static void hci_cmd_read_local_features( static void hci_cmd_read_local_extended_features(struct hci_unit *, struct mbuf *); static void hci_cmd_read_local_ver(struct hci_unit *, struct mbuf *); static void hci_cmd_read_local_commands(struct hci_unit *, struct mbuf *); +static void hci_cmd_read_encryption_key_size(struct hci_unit *, struct mbuf *); static void hci_cmd_reset(struct hci_unit *, struct mbuf *); static void hci_cmd_create_con(struct hci_unit *unit, uint8_t status); @@ -351,6 +352,10 @@ hci_event_command_compl(struct hci_unit hci_cmd_read_local_commands(unit, m); break; + case HCI_CMD_READ_ENCRYPTION_KEY_SIZE: + hci_cmd_read_encryption_key_size(unit, m); + break; + case HCI_CMD_RESET: hci_cmd_reset(unit, m); break; @@ -618,10 +623,11 @@ hci_event_con_compl(struct hci_unit *uni return; } - /* XXX could check auth_enable here */ - - if (ep.encryption_mode) - link->hl_flags |= (HCI_LINK_AUTH | HCI_LINK_ENCRYPT); + /* + * We purposefully ignore ep.encryption_mode here - if that is set then + * the link will be authenticated and encrypted, but we still want to + * verify the key size and setmode sets the right flags + */ link->hl_state = HCI_LINK_OPEN; link->hl_handle = HCI_CON_HANDLE(le16toh(ep.con_handle)); @@ -772,17 +778,16 @@ hci_event_auth_compl(struct hci_unit *un /* * Encryption Change * - * The encryption status has changed. Basically, we note the change - * then notify the upper layer protocol unless further mode changes - * are pending. - * Note that if encryption gets disabled when it has been requested, - * we will attempt to enable it again.. (its a feature not a bug :) + * The encryption status has changed. Make a note if disabled, or + * check the key size if possible before allowing it is enabled. + * (checking of key size was enabled in 3.0 spec) */ static void hci_event_encryption_change(struct hci_unit *unit, struct mbuf *m) { hci_encryption_change_ep ep; struct hci_link *link; + uint16_t con_handle; int err; if (m->m_pkthdr.len < sizeof(ep
CVS commit: [netbsd-7-1] src/sys/netbt
Module Name:src Committed By: martin Date: Sat Sep 28 07:51:11 UTC 2019 Modified Files: src/sys/netbt [netbsd-7-1]: hci.h hci_event.c Log Message: Pull up following revision(s) (requested by plunky in ticket #1709): sys/netbt/hci_event.c: revision 1.26 sys/netbt/hci.h: revision 1.46 When encrypted connections are configured, verify that the encryption key length has a minimum size when the adaptor supports that. This addresses the 'Key Negotiation of Bluetooth' attack, CVE-2019-9506 https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/ To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.39.10.1 src/sys/netbt/hci.h cvs rdiff -u -r1.23 -r1.23.36.1 src/sys/netbt/hci_event.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Tue Sep 17 18:08:59 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1708 To generate a diff of this commit: cvs rdiff -u -r1.1.2.57 -r1.1.2.58 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Tue Sep 17 18:08:59 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1708 To generate a diff of this commit: cvs rdiff -u -r1.1.2.57 -r1.1.2.58 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.57 src/doc/CHANGES-7.1.3:1.1.2.58 --- src/doc/CHANGES-7.1.3:1.1.2.57 Fri Sep 6 13:52:36 2019 +++ src/doc/CHANGES-7.1.3 Tue Sep 17 18:08:59 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.57 2019/09/06 13:52:36 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.58 2019/09/17 18:08:59 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -581,3 +581,10 @@ lib/libc/nameser/ns_name.c 1.12 Fix buffer overrun. [maya, ticket #1706] +sys/netinet/ip_input.c1.390 (patch) +sys/netinet6/ip6_input.c 1.209 (patch) + + Packet filters can return an mbuf chain with fragmented headers, so + m_pullup() when needed. + [bouyer, ticket #1708] +
CVS commit: [netbsd-7-1] src/sys
Module Name:src Committed By: martin Date: Tue Sep 17 18:08:14 UTC 2019 Modified Files: src/sys/netinet [netbsd-7-1]: ip_input.c src/sys/netinet6 [netbsd-7-1]: ip6_input.c Log Message: Pull up following revision(s) (requested by bouyer in ticket #1708): sys/netinet6/ip6_input.c: revision 1.209 via patch sys/netinet/ip_input.c: revision 1.390 via patch Packet filters can return an mbuf chain with fragmented headers, so m_pullup() it if needed and remove the KASSERT()s. To generate a diff of this commit: cvs rdiff -u -r1.319.10.1 -r1.319.10.2 src/sys/netinet/ip_input.c cvs rdiff -u -r1.149.2.1.6.2 -r1.149.2.1.6.3 src/sys/netinet6/ip6_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet/ip_input.c diff -u src/sys/netinet/ip_input.c:1.319.10.1 src/sys/netinet/ip_input.c:1.319.10.2 --- src/sys/netinet/ip_input.c:1.319.10.1 Fri Feb 9 14:05:29 2018 +++ src/sys/netinet/ip_input.c Tue Sep 17 18:08:13 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.319.10.1 2018/02/09 14:05:29 martin Exp $ */ +/* $NetBSD: ip_input.c,v 1.319.10.2 2019/09/17 18:08:13 martin Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -91,7 +91,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.319.10.1 2018/02/09 14:05:29 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.319.10.2 2019/09/17 18:08:13 martin Exp $"); #include "opt_inet.h" #include "opt_compat_netbsd.h" @@ -526,8 +526,25 @@ ip_input(struct mbuf *m) if (freed || m == NULL) { return; } + if (__predict_false(m->m_len < sizeof (struct ip))) { + if ((m = m_pullup(m, sizeof (struct ip))) == NULL) { +IP_STATINC(IP_STAT_TOOSMALL); +return; + } + } ip = mtod(m, struct ip *); hlen = ip->ip_hl << 2; + if (hlen < sizeof(struct ip)) { /* minimum header length */ + IP_STATINC(IP_STAT_BADHLEN); + goto bad; + } + if (hlen > m->m_len) { + if ((m = m_pullup(m, hlen)) == NULL) { +IP_STATINC(IP_STAT_BADHLEN); +return; + } + ip = mtod(m, struct ip *); + } /* * XXX The setting of "srcrt" here is to prevent ip_forward() Index: src/sys/netinet6/ip6_input.c diff -u src/sys/netinet6/ip6_input.c:1.149.2.1.6.2 src/sys/netinet6/ip6_input.c:1.149.2.1.6.3 --- src/sys/netinet6/ip6_input.c:1.149.2.1.6.2 Sun Feb 25 23:17:37 2018 +++ src/sys/netinet6/ip6_input.c Tue Sep 17 18:08:13 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ip6_input.c,v 1.149.2.1.6.2 2018/02/25 23:17:37 snj Exp $ */ +/* $NetBSD: ip6_input.c,v 1.149.2.1.6.3 2019/09/17 18:08:13 martin Exp $ */ /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ /* @@ -62,7 +62,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.149.2.1.6.2 2018/02/25 23:17:37 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.149.2.1.6.3 2019/09/17 18:08:13 martin Exp $"); #include "opt_gateway.h" #include "opt_inet.h" @@ -352,6 +352,14 @@ ip6_input(struct mbuf *m) return; if (m == NULL) return; + if (__predict_false(m->m_len < sizeof(struct ip6_hdr))) { + struct ifnet *inifp = m->m_pkthdr.rcvif; + if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) { +IP6_STATINC(IP6_STAT_TOOSMALL); +in6_ifstat_inc(inifp, ifs6_in_hdrerr); +return; + } + } ip6 = mtod(m, struct ip6_hdr *); srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); }
CVS commit: [netbsd-7-1] src/sys
Module Name:src Committed By: martin Date: Tue Sep 17 18:08:14 UTC 2019 Modified Files: src/sys/netinet [netbsd-7-1]: ip_input.c src/sys/netinet6 [netbsd-7-1]: ip6_input.c Log Message: Pull up following revision(s) (requested by bouyer in ticket #1708): sys/netinet6/ip6_input.c: revision 1.209 via patch sys/netinet/ip_input.c: revision 1.390 via patch Packet filters can return an mbuf chain with fragmented headers, so m_pullup() it if needed and remove the KASSERT()s. To generate a diff of this commit: cvs rdiff -u -r1.319.10.1 -r1.319.10.2 src/sys/netinet/ip_input.c cvs rdiff -u -r1.149.2.1.6.2 -r1.149.2.1.6.3 src/sys/netinet6/ip6_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Fri Sep 6 13:52:36 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1706 To generate a diff of this commit: cvs rdiff -u -r1.1.2.56 -r1.1.2.57 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Fri Sep 6 13:52:36 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1706 To generate a diff of this commit: cvs rdiff -u -r1.1.2.56 -r1.1.2.57 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.56 src/doc/CHANGES-7.1.3:1.1.2.57 --- src/doc/CHANGES-7.1.3:1.1.2.56 Tue Sep 3 12:29:08 2019 +++ src/doc/CHANGES-7.1.3 Fri Sep 6 13:52:36 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.56 2019/09/03 12:29:08 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.57 2019/09/06 13:52:36 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -576,3 +576,8 @@ sys/sys/cprng.h 1.13-1.15 Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. [riastradh, ticket #1705] +lib/libc/nameser/ns_name.c 1.12 + + Fix buffer overrun. + [maya, ticket #1706] +
CVS commit: [netbsd-7-1] src/lib/libc/nameser
Module Name:src Committed By: martin Date: Fri Sep 6 13:51:20 UTC 2019 Modified Files: src/lib/libc/nameser [netbsd-7-1]: ns_name.c Log Message: Pull up following revision(s) (requested by maya in ticket #1706): lib/libc/nameser/ns_name.c: revision 1.12 Since we advance cp after the bounds check, we need to test for bounds again before using it. Discovered via fuzzing, reported by enh at google, via: https://android-review.googlesource.com/c/platform/bionic/+/1093130 To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.11.14.1 src/lib/libc/nameser/ns_name.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/lib/libc/nameser
Module Name:src Committed By: martin Date: Fri Sep 6 13:51:20 UTC 2019 Modified Files: src/lib/libc/nameser [netbsd-7-1]: ns_name.c Log Message: Pull up following revision(s) (requested by maya in ticket #1706): lib/libc/nameser/ns_name.c: revision 1.12 Since we advance cp after the bounds check, we need to test for bounds again before using it. Discovered via fuzzing, reported by enh at google, via: https://android-review.googlesource.com/c/platform/bionic/+/1093130 To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.11.14.1 src/lib/libc/nameser/ns_name.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/nameser/ns_name.c diff -u src/lib/libc/nameser/ns_name.c:1.11 src/lib/libc/nameser/ns_name.c:1.11.14.1 --- src/lib/libc/nameser/ns_name.c:1.11 Fri Mar 7 01:07:01 2014 +++ src/lib/libc/nameser/ns_name.c Fri Sep 6 13:51:20 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ns_name.c,v 1.11 2014/03/07 01:07:01 christos Exp $ */ +/* $NetBSD: ns_name.c,v 1.11.14.1 2019/09/06 13:51:20 martin Exp $ */ /* * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -22,7 +22,7 @@ #ifdef notdef static const char rcsid[] = "Id: ns_name.c,v 1.11 2009/01/23 19:59:16 each Exp"; #else -__RCSID("$NetBSD: ns_name.c,v 1.11 2014/03/07 01:07:01 christos Exp $"); +__RCSID("$NetBSD: ns_name.c,v 1.11.14.1 2019/09/06 13:51:20 martin Exp $"); #endif #endif @@ -696,7 +696,7 @@ ns_name_skip(const u_char **ptrptr, cons { const u_char *cp; u_int n; - int l; + int l = 0; cp = *ptrptr; while (cp < eom && (n = *cp++) != 0) { @@ -706,7 +706,7 @@ ns_name_skip(const u_char **ptrptr, cons cp += n; continue; case NS_TYPE_ELT: /*%< EDNS0 extended label */ - if ((l = labellen(cp - 1)) < 0) { + if (cp < eom && (l = labellen(cp - 1)) < 0) { errno = EMSGSIZE; /*%< XXX */ return (-1); }
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Tue Sep 3 12:29:08 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1705 To generate a diff of this commit: cvs rdiff -u -r1.1.2.55 -r1.1.2.56 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.55 src/doc/CHANGES-7.1.3:1.1.2.56 --- src/doc/CHANGES-7.1.3:1.1.2.55 Thu Aug 29 16:15:06 2019 +++ src/doc/CHANGES-7.1.3 Tue Sep 3 12:29:08 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.55 2019/08/29 16:15:06 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.56 2019/09/03 12:29:08 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -553,3 +553,26 @@ sys/miscfs/procfs/procfs_vnops.c 1.207 Add missing operation VOP_GETPAGES() returning EFAULT. [hannken, ticket #1703] +sys/conf/files 1.1238 +sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg delete +sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h delete +sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h delete +sys/crypto/nist_hash_drbg/files.nist_hash_drbg 1.1 +sys/crypto/nist_hash_drbg/nist_hash_drbg.c 1.1 +sys/crypto/nist_hash_drbg/nist_hash_drbg.h 1.1 +sys/dev/rndpseudo.c1.38 +sys/kern/subr_cprng.c1.31 +sys/rump/kern/lib/libcrypto/Makefile 1.5 +sys/rump/librump/rumpkern/Makefile.rumpkern 1.176 +sys/sys/cprng.h 1.13-1.15 + + cprng.h: use static __inline for consistency with other include + headers and remove an unused function. + + Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. + [riastradh, ticket #1705] +
CVS commit: [netbsd-7-1] src/sys
Module Name:src Committed By: martin Date: Tue Sep 3 12:28:31 UTC 2019 Modified Files: src/sys/conf [netbsd-7-1]: files src/sys/dev [netbsd-7-1]: rndpseudo.c src/sys/kern [netbsd-7-1]: subr_cprng.c src/sys/rump/kern/lib/libcrypto [netbsd-7-1]: Makefile src/sys/rump/librump/rumpkern [netbsd-7-1]: Makefile.rumpkern src/sys/sys [netbsd-7-1]: cprng.h Added Files: src/sys/crypto/nist_hash_drbg [netbsd-7-1]: files.nist_hash_drbg nist_hash_drbg.c nist_hash_drbg.h Removed Files: src/sys/crypto/nist_ctr_drbg [netbsd-7-1]: files.nist_ctr_drbg nist_ctr_aes_rijndael.h nist_ctr_drbg.c nist_ctr_drbg.h nist_ctr_drbg_aes128.h nist_ctr_drbg_aes256.h nist_ctr_drbg_config.h Log Message: Pull up following revision(s) (requested by riastradh in ticket #1705): sys/crypto/nist_hash_drbg/nist_hash_drbg.c: revision 1.1 sys/crypto/nist_hash_drbg/nist_hash_drbg.h: revision 1.1 sys/rump/kern/lib/libcrypto/Makefile: revision 1.5 sys/crypto/nist_hash_drbg/files.nist_hash_drbg: revision 1.1 sys/rump/librump/rumpkern/Makefile.rumpkern: revision 1.176 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h: file removal sys/conf/files: revision 1.1238 sys/dev/rndpseudo.c: revision 1.38 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c: file removal sys/sys/cprng.h: revision 1.13 - 1.15 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h: file removal sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg: file removal sys/kern/subr_cprng.c: revision 1.31 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h: file removal cprng.h: use static __inline for consistency with other include headers and remove an unused function. - Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. Benefits: - larger seeds -- a 128-bit key alone is not enough for `128-bit security' - better resistance to timing side channels than AES - a better-understood security story (https://eprint.iacr.org/2018/349";>https://eprint.iacr.org/2018/349) - no loss in compliance with US government standards that nobody ever got fired for choosing, at least in the US-dominated western world - no dirty endianness tricks - self-tests Drawbacks: - performance hit: throughput is reduced to about 1/3 in naive measurements => possible to mitigate by using hardware SHA-256 instructions => all you really need is 32 bytes to seed a userland PRNG anyway => if we just used ChaCha this would go away... To generate a diff of this commit: cvs rdiff -u -r1.1096.2.8 -r1.1096.2.8.2.1 src/sys/conf/files cvs rdiff -u -r1.1 -r0 src/sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg \ src/sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h cvs rdiff -u -r1.2 -r0 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h cvs rdiff -u -r0 -r1.1.8.2 src/sys/crypto/nist_hash_drbg/files.nist_hash_drbg \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.c \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.h cvs rdiff -u -r1.21.2.1 -r1.21.2.1.6.1 src/sys/dev/rndpseudo.c cvs rdiff -u -r1.24.2.1 -r1.24.2.1.6.1 src/sys/kern/subr_cprng.c cvs rdiff -u -r1.3 -r1.3.12.1 src/sys/rump/kern/lib/libcrypto/Makefile cvs rdiff -u -r1.148 -r1.148.8.1 \ src/sys/rump/librump/rumpkern/Makefile.rumpkern cvs rdiff -u -r1.10 -r1.10.10.1 src/sys/sys/cprng.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/files diff -u src/sys/conf/files:1.1096.2.8 src/sys/conf/files:1.1096.2.8.2.1 --- src/sys/conf/files:1.1096.2.8 Sun Nov 13 07:27:22 2016 +++ src/sys/conf/files Tue Sep 3 12:28:31 2019 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1096.2.8 2016/11/13 07:27:22 snj Exp $ +# $NetBSD: files,v 1.1096.2.8.2.1 2019/09/03 12:28:31 martin Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20100430 @@ -167,8 +167,8 @@ include "crypto/camellia/files.camellia" # General-purpose crypto processing framework. include "opencrypto/files.opencrypto" -# NIST SP800.90 CTR DRBG -include "crypto/nist_ctr_drbg/files.nist_ctr_drbg" +# NIST SP800-90A Hash_DRBG +include "crypto/nist_hash_drbg/files.nist_hash_drbg" # ChaCha-based fast PRNG include "crypto/cprng_fast/files.cprng_fast" Index: src/sys/dev/rndpseudo.c diff -u src/sys/dev/rndpseudo.c:1.21.2.1 src/sys/dev/rndpseudo.c:1.21.2.1.6.1 --- src/sys/dev/rndpseudo.c:1.21.2.1 Sun Nov 2 09:47:04 2014 +++ src/sys/dev/rndpseudo.c Tue Sep 3 12:28:31 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: rndpseudo.c,v 1.21.2.1 2014/11/02 09:47:04
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Tue Sep 3 12:29:08 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1705 To generate a diff of this commit: cvs rdiff -u -r1.1.2.55 -r1.1.2.56 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys
Module Name:src Committed By: martin Date: Tue Sep 3 12:28:31 UTC 2019 Modified Files: src/sys/conf [netbsd-7-1]: files src/sys/dev [netbsd-7-1]: rndpseudo.c src/sys/kern [netbsd-7-1]: subr_cprng.c src/sys/rump/kern/lib/libcrypto [netbsd-7-1]: Makefile src/sys/rump/librump/rumpkern [netbsd-7-1]: Makefile.rumpkern src/sys/sys [netbsd-7-1]: cprng.h Added Files: src/sys/crypto/nist_hash_drbg [netbsd-7-1]: files.nist_hash_drbg nist_hash_drbg.c nist_hash_drbg.h Removed Files: src/sys/crypto/nist_ctr_drbg [netbsd-7-1]: files.nist_ctr_drbg nist_ctr_aes_rijndael.h nist_ctr_drbg.c nist_ctr_drbg.h nist_ctr_drbg_aes128.h nist_ctr_drbg_aes256.h nist_ctr_drbg_config.h Log Message: Pull up following revision(s) (requested by riastradh in ticket #1705): sys/crypto/nist_hash_drbg/nist_hash_drbg.c: revision 1.1 sys/crypto/nist_hash_drbg/nist_hash_drbg.h: revision 1.1 sys/rump/kern/lib/libcrypto/Makefile: revision 1.5 sys/crypto/nist_hash_drbg/files.nist_hash_drbg: revision 1.1 sys/rump/librump/rumpkern/Makefile.rumpkern: revision 1.176 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h: file removal sys/conf/files: revision 1.1238 sys/dev/rndpseudo.c: revision 1.38 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c: file removal sys/sys/cprng.h: revision 1.13 - 1.15 sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h: file removal sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h: file removal sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg: file removal sys/kern/subr_cprng.c: revision 1.31 sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h: file removal cprng.h: use static __inline for consistency with other include headers and remove an unused function. - Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256. Benefits: - larger seeds -- a 128-bit key alone is not enough for `128-bit security' - better resistance to timing side channels than AES - a better-understood security story (https://eprint.iacr.org/2018/349";>https://eprint.iacr.org/2018/349) - no loss in compliance with US government standards that nobody ever got fired for choosing, at least in the US-dominated western world - no dirty endianness tricks - self-tests Drawbacks: - performance hit: throughput is reduced to about 1/3 in naive measurements => possible to mitigate by using hardware SHA-256 instructions => all you really need is 32 bytes to seed a userland PRNG anyway => if we just used ChaCha this would go away... To generate a diff of this commit: cvs rdiff -u -r1.1096.2.8 -r1.1096.2.8.2.1 src/sys/conf/files cvs rdiff -u -r1.1 -r0 src/sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg \ src/sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h cvs rdiff -u -r1.2 -r0 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \ src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h cvs rdiff -u -r0 -r1.1.8.2 src/sys/crypto/nist_hash_drbg/files.nist_hash_drbg \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.c \ src/sys/crypto/nist_hash_drbg/nist_hash_drbg.h cvs rdiff -u -r1.21.2.1 -r1.21.2.1.6.1 src/sys/dev/rndpseudo.c cvs rdiff -u -r1.24.2.1 -r1.24.2.1.6.1 src/sys/kern/subr_cprng.c cvs rdiff -u -r1.3 -r1.3.12.1 src/sys/rump/kern/lib/libcrypto/Makefile cvs rdiff -u -r1.148 -r1.148.8.1 \ src/sys/rump/librump/rumpkern/Makefile.rumpkern cvs rdiff -u -r1.10 -r1.10.10.1 src/sys/sys/cprng.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Thu Aug 29 16:15:06 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1703 To generate a diff of this commit: cvs rdiff -u -r1.1.2.54 -r1.1.2.55 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.54 src/doc/CHANGES-7.1.3:1.1.2.55 --- src/doc/CHANGES-7.1.3:1.1.2.54 Sat Jun 15 15:59:55 2019 +++ src/doc/CHANGES-7.1.3 Thu Aug 29 16:15:06 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.54 2019/06/15 15:59:55 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.55 2019/08/29 16:15:06 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -547,3 +547,9 @@ libexec/httpd/testsuite/test-simple 1.6 Avoid an assertion failure when using cgihandler (-C option). [mrg, ticket #1699] +sys/miscfs/kernfs/kernfs_vnops.c 1.161 +sys/miscfs/procfs/procfs_vnops.c 1.207 + + Add missing operation VOP_GETPAGES() returning EFAULT. + [hannken, ticket #1703] +
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Thu Aug 29 16:15:06 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1703 To generate a diff of this commit: cvs rdiff -u -r1.1.2.54 -r1.1.2.55 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys/miscfs
Module Name:src Committed By: martin Date: Thu Aug 29 16:14:37 UTC 2019 Modified Files: src/sys/miscfs/kernfs [netbsd-7-1]: kernfs_vnops.c src/sys/miscfs/procfs [netbsd-7-1]: procfs_vnops.c Log Message: Pull up following revision(s) (requested by hannken in ticket #1703): sys/miscfs/kernfs/kernfs_vnops.c: revision 1.161 sys/miscfs/procfs/procfs_vnops.c: revision 1.207 Add missing operation VOP_GETPAGES() returning EFAULT. Without this operation posix_fadvise(..., POSIX_FADV_WILLNEED) would leave the v_interlock held. Observed by maxv@ To generate a diff of this commit: cvs rdiff -u -r1.154 -r1.154.10.1 src/sys/miscfs/kernfs/kernfs_vnops.c cvs rdiff -u -r1.191 -r1.191.8.1 src/sys/miscfs/procfs/procfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys/miscfs
Module Name:src Committed By: martin Date: Thu Aug 29 16:14:37 UTC 2019 Modified Files: src/sys/miscfs/kernfs [netbsd-7-1]: kernfs_vnops.c src/sys/miscfs/procfs [netbsd-7-1]: procfs_vnops.c Log Message: Pull up following revision(s) (requested by hannken in ticket #1703): sys/miscfs/kernfs/kernfs_vnops.c: revision 1.161 sys/miscfs/procfs/procfs_vnops.c: revision 1.207 Add missing operation VOP_GETPAGES() returning EFAULT. Without this operation posix_fadvise(..., POSIX_FADV_WILLNEED) would leave the v_interlock held. Observed by maxv@ To generate a diff of this commit: cvs rdiff -u -r1.154 -r1.154.10.1 src/sys/miscfs/kernfs/kernfs_vnops.c cvs rdiff -u -r1.191 -r1.191.8.1 src/sys/miscfs/procfs/procfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/miscfs/kernfs/kernfs_vnops.c diff -u src/sys/miscfs/kernfs/kernfs_vnops.c:1.154 src/sys/miscfs/kernfs/kernfs_vnops.c:1.154.10.1 --- src/sys/miscfs/kernfs/kernfs_vnops.c:1.154 Fri Jul 25 08:20:52 2014 +++ src/sys/miscfs/kernfs/kernfs_vnops.c Thu Aug 29 16:14:37 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: kernfs_vnops.c,v 1.154 2014/07/25 08:20:52 dholland Exp $ */ +/* $NetBSD: kernfs_vnops.c,v 1.154.10.1 2019/08/29 16:14:37 martin Exp $ */ /* * Copyright (c) 1992, 1993 @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.154 2014/07/25 08:20:52 dholland Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.154.10.1 2019/08/29 16:14:37 martin Exp $"); #include #include @@ -172,6 +172,7 @@ int kernfs_print(void *); int kernfs_pathconf(void *); #define kernfs_advlock genfs_einval #define kernfs_bwrite genfs_eopnotsupp +int kernfs_getpages(void *); #define kernfs_putpages genfs_putpages static int kernfs_xread(struct kernfs_node *, int, char **, @@ -219,6 +220,7 @@ const struct vnodeopv_entry_desc kernfs_ { &vop_pathconf_desc, kernfs_pathconf }, /* pathconf */ { &vop_advlock_desc, kernfs_advlock }, /* advlock */ { &vop_bwrite_desc, kernfs_bwrite }, /* bwrite */ + { &vop_getpages_desc, kernfs_getpages }, /* getpages */ { &vop_putpages_desc, kernfs_putpages }, /* putpages */ { NULL, NULL } }; @@ -1171,3 +1173,23 @@ kernfs_symlink(void *v) VOP_ABORTOP(ap->a_dvp, ap->a_cnp); return (EROFS); } + +int +kernfs_getpages(void *v) +{ + struct vop_getpages_args /* { + struct vnode *a_vp; + voff_t a_offset; + struct vm_page **a_m; + int *a_count; + int a_centeridx; + vm_prot_t a_access_type; + int a_advice; + int a_flags; + } */ *ap = v; + + if ((ap->a_flags & PGO_LOCKED) == 0) + mutex_exit(ap->a_vp->v_interlock); + + return (EFAULT); +} Index: src/sys/miscfs/procfs/procfs_vnops.c diff -u src/sys/miscfs/procfs/procfs_vnops.c:1.191 src/sys/miscfs/procfs/procfs_vnops.c:1.191.8.1 --- src/sys/miscfs/procfs/procfs_vnops.c:1.191 Sun Jul 27 16:47:26 2014 +++ src/sys/miscfs/procfs/procfs_vnops.c Thu Aug 29 16:14:37 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: procfs_vnops.c,v 1.191 2014/07/27 16:47:26 hannken Exp $ */ +/* $NetBSD: procfs_vnops.c,v 1.191.8.1 2019/08/29 16:14:37 martin Exp $ */ /*- * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -105,7 +105,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.191 2014/07/27 16:47:26 hannken Exp $"); +__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.191.8.1 2019/08/29 16:14:37 martin Exp $"); #include #include @@ -239,6 +239,7 @@ int procfs_pathconf(void *); #define procfs_islocked genfs_islocked #define procfs_advlock genfs_einval #define procfs_bwrite genfs_eopnotsupp +int procfs_getpages(void *); #define procfs_putpages genfs_null_putpages static int atoi(const char *, size_t); @@ -286,6 +287,7 @@ const struct vnodeopv_entry_desc procfs_ { &vop_islocked_desc, procfs_islocked }, /* islocked */ { &vop_pathconf_desc, procfs_pathconf }, /* pathconf */ { &vop_advlock_desc, procfs_advlock }, /* advlock */ + { &vop_getpages_desc, procfs_getpages }, /* getpages */ { &vop_putpages_desc, procfs_putpages }, /* putpages */ { NULL, NULL } }; @@ -1709,6 +1711,26 @@ procfs_readlink(void *v) return error; } +int +procfs_getpages(void *v) +{ + struct vop_getpages_args /* { + struct vnode *a_vp; + voff_t a_offset; + struct vm_page **a_m; + int *a_count; + int a_centeridx; + vm_prot_t a_access_type; + int a_advice; + int a_flags; + } */ *ap = v; + + if ((ap->a_flags & PGO_LOCKED) == 0) + mutex_exit(ap->a_vp->v_interlock); + + return (EFAULT); +} + /* * convert decimal ascii to int */
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:59:55 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Fix typo in last entry To generate a diff of this commit: cvs rdiff -u -r1.1.2.53 -r1.1.2.54 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:59:55 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Fix typo in last entry To generate a diff of this commit: cvs rdiff -u -r1.1.2.53 -r1.1.2.54 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.53 src/doc/CHANGES-7.1.3:1.1.2.54 --- src/doc/CHANGES-7.1.3:1.1.2.53 Sat Jun 15 15:56:50 2019 +++ src/doc/CHANGES-7.1.3 Sat Jun 15 15:59:55 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.53 2019/06/15 15:56:50 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.54 2019/06/15 15:59:55 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -545,5 +545,5 @@ libexec/httpd/testsuite/test-simple 1.6 in the slashdir too. Avoid possible NULL dereference when sending a big request that timeout. Avoid an assertion failure when using cgihandler (-C option). - [mrg, ticket #1699} + [mrg, ticket #1699]
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:56:50 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1699 To generate a diff of this commit: cvs rdiff -u -r1.1.2.52 -r1.1.2.53 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Sat Jun 15 15:56:50 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1699 To generate a diff of this commit: cvs rdiff -u -r1.1.2.52 -r1.1.2.53 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.52 src/doc/CHANGES-7.1.3:1.1.2.53 --- src/doc/CHANGES-7.1.3:1.1.2.52 Fri May 31 08:15:11 2019 +++ src/doc/CHANGES-7.1.3 Sat Jun 15 15:56:50 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.52 2019/05/31 08:15:11 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.53 2019/06/15 15:56:50 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -517,3 +517,33 @@ sys/dev/scsipi/scsipi_ioctl.c 1.72 (pa Use correct size when copying outgoing sense data. [mlelstv, ticket #1698] +libexec/httpd/CHANGES1.31-1.40 +libexec/httpd/Makefile1.28 +libexec/httpd/auth-bozo.c 1.23-1.24 +libexec/httpd/bozohttpd.8 1.75-1.79 +libexec/httpd/bozohttpd.c 1.100-1.113 +libexec/httpd/bozohttpd.h 1.58-1.60 +libexec/httpd/cgi-bozo.c 1.46-1.48 +libexec/httpd/daemon-bozo.c 1.20-1.21 +libexec/httpd/dir-index-bozo.c 1.29-1.32 +libexec/httpd/ssl-bozo.c 1.26 +libexec/httpd/testsuite/Makefile 1.12-1.13 +libexec/httpd/testsuite/t11.out 1.2 +libexec/httpd/testsuite/test-bigfile 1.6 +libexec/httpd/testsuite/test-simple 1.6 + + Don't display special files in the directory index. + Use html tables for directory index. + Don't include "index.html" in html headers. + Fix CGI '+' param and error handling. + Remove unused parameter to daemon_poll_err(). + Avoid sign extension in % handling + Fix a few problems pointed out by clang static analyzer. + Add ssl specific timeout value (30s).--- + Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing). + Avoid .htpasswd exposure to authenticated users when .htpasswd is + in the slashdir too. + Avoid possible NULL dereference when sending a big request that timeout. + Avoid an assertion failure when using cgihandler (-C option). + [mrg, ticket #1699} +
CVS commit: [netbsd-7-1] src/libexec/httpd
Module Name:src Committed By: martin Date: Sat Jun 15 15:56:22 UTC 2019 Modified Files: src/libexec/httpd [netbsd-7-1]: CHANGES Makefile auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c daemon-bozo.c dir-index-bozo.c ssl-bozo.c src/libexec/httpd/testsuite [netbsd-7-1]: Makefile t11.out test-bigfile test-simple Log Message: Pull up the following revisions (via patch) requested by mrg in ticket #1699: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c1.26 libexec/httpd/testsuite/Makefile1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" : - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later. To generate a diff of this commit: cvs rdiff -u -r1.19.2.5.2.2 -r1.19.2.5.2.3 src/libexec/httpd/CHANGES cvs rdiff -u -r1.22.2.2.4.1 -r1.22.2.2.4.2 src/libexec/httpd/Makefile cvs rdiff -u -r1.13.2.2.4.1 -r1.13.2.2.4.2 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.46.4.8.2.1 -r1.46.4.8.2.2 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.56.2.8.2.2 -r1.56.2.8.2.3 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.33.2.6.2.2 -r1.33.2.6.2.3 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.25.2.7.2.3 -r1.25.2.7.2.4 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.16.4.1.4.1 -r1.16.4.1.4.2 src/libexec/httpd/daemon-bozo.c cvs rdiff -u -r1.19.4.2.4.1 -r1.19.4.2.4.2 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.18.2.1.4.1 -r1.18.2.1.4.2 src/libexec/httpd/ssl-bozo.c cvs rdiff -u -r1.4.24.3.2.1 -r1.4.24.3.2.2 \ src/libexec/httpd/testsuite/Makefile cvs rdiff -u -r1.1.4.2 -r1.1.4.2.2.1 src/libexec/httpd/testsuite/t11.out cvs rdiff -u -r1.1.1.1.30.3.2.1 -r1.1.1.1.30.3.2.2 \ src/libexec/httpd/testsuite/test-bigfile cvs rdiff -u -r1.2.4.3.2.1 -r1.2.4.3.2.2 \ src/libexec/httpd/testsuite/test-simple Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/libexec/httpd
Module Name:src Committed By: martin Date: Sat Jun 15 15:56:22 UTC 2019 Modified Files: src/libexec/httpd [netbsd-7-1]: CHANGES Makefile auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c daemon-bozo.c dir-index-bozo.c ssl-bozo.c src/libexec/httpd/testsuite [netbsd-7-1]: Makefile t11.out test-bigfile test-simple Log Message: Pull up the following revisions (via patch) requested by mrg in ticket #1699: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c1.26 libexec/httpd/testsuite/Makefile1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" : - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later. To generate a diff of this commit: cvs rdiff -u -r1.19.2.5.2.2 -r1.19.2.5.2.3 src/libexec/httpd/CHANGES cvs rdiff -u -r1.22.2.2.4.1 -r1.22.2.2.4.2 src/libexec/httpd/Makefile cvs rdiff -u -r1.13.2.2.4.1 -r1.13.2.2.4.2 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.46.4.8.2.1 -r1.46.4.8.2.2 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.56.2.8.2.2 -r1.56.2.8.2.3 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.33.2.6.2.2 -r1.33.2.6.2.3 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.25.2.7.2.3 -r1.25.2.7.2.4 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.16.4.1.4.1 -r1.16.4.1.4.2 src/libexec/httpd/daemon-bozo.c cvs rdiff -u -r1.19.4.2.4.1 -r1.19.4.2.4.2 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.18.2.1.4.1 -r1.18.2.1.4.2 src/libexec/httpd/ssl-bozo.c cvs rdiff -u -r1.4.24.3.2.1 -r1.4.24.3.2.2 \ src/libexec/httpd/testsuite/Makefile cvs rdiff -u -r1.1.4.2 -r1.1.4.2.2.1 src/libexec/httpd/testsuite/t11.out cvs rdiff -u -r1.1.1.1.30.3.2.1 -r1.1.1.1.30.3.2.2 \ src/libexec/httpd/testsuite/test-bigfile cvs rdiff -u -r1.2.4.3.2.1 -r1.2.4.3.2.2 \ src/libexec/httpd/testsuite/test-simple Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/CHANGES diff -u src/libexec/httpd/CHANGES:1.19.2.5.2.2 src/libexec/httpd/CHANGES:1.19.2.5.2.3 --- src/libexec/httpd/CHANGES:1.19.2.5.2.2 Wed Nov 28 19:56:09 2018 +++ src/libexec/httpd/CHANGES Sat Jun 15 15:56:21 2019 @@ -1,4 +1,24 @@ -$NetBSD: CHANGES,v 1.19.2.5.2.2 2018/11/28 19:56:09 martin Exp $ +$NetBSD: CHANGES,v 1.19.2.5.2.3 2019/06/15 15:56:21 martin Exp $ + +changes in bozohttpd 20190228: + o extend timeout facility to ssl and stop servers hanging forever + if the client never sends anything. reported by Steffen in netbsd + PR#50655. + o don't display special files in the directory index. they aren't + served, but links to them are generated. + o fix CGI '+' parameter handling, some error checking, and a double + free. from rajeev_v_pil...@yahoo.com + o more directory indexing clean up. from rajeev_v_pil...@yahoo.com + +changes in bozohttpd 20181215: + o fix .htpasswd bypass for authenticated users. reported b
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Fri May 31 08:15:11 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1698 To generate a diff of this commit: cvs rdiff -u -r1.1.2.51 -r1.1.2.52 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.51 src/doc/CHANGES-7.1.3:1.1.2.52 --- src/doc/CHANGES-7.1.3:1.1.2.51 Wed May 29 15:54:58 2019 +++ src/doc/CHANGES-7.1.3 Fri May 31 08:15:11 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.51 2019/05/29 15:54:58 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.52 2019/05/31 08:15:11 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -512,3 +512,8 @@ sys/ufs/ffs/ffs_alloc.c1.164 Fix rare allocation botch in ffs_nodealloccg(). [kardel, ticket #1697] +sys/dev/scsipi/scsipi_ioctl.c 1.72 (patch) + + Use correct size when copying outgoing sense data. + [mlelstv, ticket #1698] +
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Fri May 31 08:15:11 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1698 To generate a diff of this commit: cvs rdiff -u -r1.1.2.51 -r1.1.2.52 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys/dev/scsipi
Module Name:src Committed By: martin Date: Fri May 31 08:14:50 UTC 2019 Modified Files: src/sys/dev/scsipi [netbsd-7-1]: scsipi_ioctl.c Log Message: Pull up following revision(s) (requested by mlelstv in ticket #1698): sys/dev/scsipi/scsipi_ioctl.c: revision 1.72 (via patch) use correct size when copying outgoing sense data. To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.67.22.1 src/sys/dev/scsipi/scsipi_ioctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/scsipi/scsipi_ioctl.c diff -u src/sys/dev/scsipi/scsipi_ioctl.c:1.67 src/sys/dev/scsipi/scsipi_ioctl.c:1.67.22.1 --- src/sys/dev/scsipi/scsipi_ioctl.c:1.67 Thu Apr 19 17:45:20 2012 +++ src/sys/dev/scsipi/scsipi_ioctl.c Fri May 31 08:14:50 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: scsipi_ioctl.c,v 1.67 2012/04/19 17:45:20 bouyer Exp $ */ +/* $NetBSD: scsipi_ioctl.c,v 1.67.22.1 2019/05/31 08:14:50 martin Exp $ */ /*- * Copyright (c) 1998, 2004 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: scsipi_ioctl.c,v 1.67 2012/04/19 17:45:20 bouyer Exp $"); +__KERNEL_RCSID(0, "$NetBSD: scsipi_ioctl.c,v 1.67.22.1 2019/05/31 08:14:50 martin Exp $"); #include "opt_compat_freebsd.h" #include "opt_compat_netbsd.h" @@ -162,14 +162,16 @@ scsipi_user_done(struct scsipi_xfer *xs) SC_DEBUG(periph, SCSIPI_DB3, ("have sense\n")); screq->senselen_used = min(sizeof(xs->sense.scsi_sense), SENSEBUFLEN); - memcpy(screq->sense, &xs->sense.scsi_sense, screq->senselen); + memcpy(screq->sense, &xs->sense.scsi_sense, + screq->senselen_used); screq->retsts = SCCMD_SENSE; break; case XS_SHORTSENSE: SC_DEBUG(periph, SCSIPI_DB3, ("have short sense\n")); screq->senselen_used = min(sizeof(xs->sense.atapi_sense), SENSEBUFLEN); - memcpy(screq->sense, &xs->sense.scsi_sense, screq->senselen); + memcpy(screq->sense, &xs->sense.atapi_sense, + screq->senselen_used); screq->retsts = SCCMD_UNKNOWN; /* XXX need a shortsense here */ break; case XS_DRIVER_STUFFUP:
CVS commit: [netbsd-7-1] src/sys/dev/scsipi
Module Name:src Committed By: martin Date: Fri May 31 08:14:50 UTC 2019 Modified Files: src/sys/dev/scsipi [netbsd-7-1]: scsipi_ioctl.c Log Message: Pull up following revision(s) (requested by mlelstv in ticket #1698): sys/dev/scsipi/scsipi_ioctl.c: revision 1.72 (via patch) use correct size when copying outgoing sense data. To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.67.22.1 src/sys/dev/scsipi/scsipi_ioctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Wed May 29 15:54:58 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1697 To generate a diff of this commit: cvs rdiff -u -r1.1.2.50 -r1.1.2.51 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-7.1.3 diff -u src/doc/CHANGES-7.1.3:1.1.2.50 src/doc/CHANGES-7.1.3:1.1.2.51 --- src/doc/CHANGES-7.1.3:1.1.2.50 Tue May 7 18:55:20 2019 +++ src/doc/CHANGES-7.1.3 Wed May 29 15:54:58 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.1.3,v 1.1.2.50 2019/05/07 18:55:20 martin Exp $ +# $NetBSD: CHANGES-7.1.3,v 1.1.2.51 2019/05/29 15:54:58 martin Exp $ A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 release: @@ -506,3 +506,9 @@ sys/netsmb/smb_conn.c1.30 defined. [christos, ticket #1696] +sys/ufs/ffs/ffs_alloc.c1.164 + + PR 53990, PR 52380, PR 52102: + Fix rare allocation botch in ffs_nodealloccg(). + [kardel, ticket #1697] +
CVS commit: [netbsd-7-1] src/doc
Module Name:src Committed By: martin Date: Wed May 29 15:54:58 UTC 2019 Modified Files: src/doc [netbsd-7-1]: CHANGES-7.1.3 Log Message: Ticket #1697 To generate a diff of this commit: cvs rdiff -u -r1.1.2.50 -r1.1.2.51 src/doc/CHANGES-7.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys/ufs/ffs
Module Name:src Committed By: martin Date: Wed May 29 15:54:31 UTC 2019 Modified Files: src/sys/ufs/ffs [netbsd-7-1]: ffs_alloc.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1697): sys/ufs/ffs/ffs_alloc.c: revision 1.164 PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch Fix rare allocation botch in ffs_nodealloccg(). Conditions: a) less than #_of_initialized_inodes(cg->cg_initediblk) - inodes_per_filesystem_block are allocated in the cylinder group b) cg->cg_irotor points to a uninterupted run of allocated inodes in the inode bitmap up to the end of dynamically initialized inodes (cg->cg_initediblk) In this case the next inode after this run was returned without initializing the respective inode block. As the block is not initialized these inodes could trigger panics on inode consistency due to old (uninitialized) disk data. In very rare cases data loss could occur when the uninitialized inode block is initialized via the normal mechanism. Further conditions to occur after the above: c) no panic d) no (forced) fsck e) and more than cg->cg_initediblk - inodes_per_filesystem_block allocated inodes. Fix: Always insure allocation always in initialized inode range extending the initialized inode range as needed. Add KASSERTMSG() safeguards. ok hannken@ To generate a diff of this commit: cvs rdiff -u -r1.146.2.1 -r1.146.2.1.6.1 src/sys/ufs/ffs/ffs_alloc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-7-1] src/sys/ufs/ffs
Module Name:src Committed By: martin Date: Wed May 29 15:54:31 UTC 2019 Modified Files: src/sys/ufs/ffs [netbsd-7-1]: ffs_alloc.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1697): sys/ufs/ffs/ffs_alloc.c: revision 1.164 PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch Fix rare allocation botch in ffs_nodealloccg(). Conditions: a) less than #_of_initialized_inodes(cg->cg_initediblk) - inodes_per_filesystem_block are allocated in the cylinder group b) cg->cg_irotor points to a uninterupted run of allocated inodes in the inode bitmap up to the end of dynamically initialized inodes (cg->cg_initediblk) In this case the next inode after this run was returned without initializing the respective inode block. As the block is not initialized these inodes could trigger panics on inode consistency due to old (uninitialized) disk data. In very rare cases data loss could occur when the uninitialized inode block is initialized via the normal mechanism. Further conditions to occur after the above: c) no panic d) no (forced) fsck e) and more than cg->cg_initediblk - inodes_per_filesystem_block allocated inodes. Fix: Always insure allocation always in initialized inode range extending the initialized inode range as needed. Add KASSERTMSG() safeguards. ok hannken@ To generate a diff of this commit: cvs rdiff -u -r1.146.2.1 -r1.146.2.1.6.1 src/sys/ufs/ffs/ffs_alloc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/ufs/ffs/ffs_alloc.c diff -u src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1 src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1.6.1 --- src/sys/ufs/ffs/ffs_alloc.c:1.146.2.1 Fri Aug 14 05:29:14 2015 +++ src/sys/ufs/ffs/ffs_alloc.c Wed May 29 15:54:30 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_alloc.c,v 1.146.2.1 2015/08/14 05:29:14 msaitoh Exp $ */ +/* $NetBSD: ffs_alloc.c,v 1.146.2.1.6.1 2019/05/29 15:54:30 martin Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -70,7 +70,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.146.2.1 2015/08/14 05:29:14 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.146.2.1.6.1 2019/05/29 15:54:30 martin Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -1283,7 +1283,7 @@ ffs_nodealloccg(struct inode *ip, int cg struct buf *bp, *ibp; u_int8_t *inosused; int error, start, len, loc, map, i; - int32_t initediblk; + int32_t initediblk, maxiblk, irotor; daddr_t nalloc; struct ufs2_dinode *dp2; const int needswap = UFS_FSNEEDSWAP(fs); @@ -1295,7 +1295,13 @@ ffs_nodealloccg(struct inode *ip, int cg return (0); mutex_exit(&ump->um_lock); ibp = NULL; - initediblk = -1; + if (fs->fs_magic == FS_UFS2_MAGIC) { + initediblk = -1; + } else { + initediblk = fs->fs_ipg; + } + maxiblk = initediblk; + retry: error = bread(ip->i_devvp, FFS_FSBTODB(fs, cgtod(fs, cg)), (int)fs->fs_cgsize, NOCRED, B_MODIFY, &bp); @@ -1315,7 +1321,8 @@ retry: * Check to see if we need to initialize more inodes. */ if (fs->fs_magic == FS_UFS2_MAGIC && ibp == NULL) { - initediblk = ufs_rw32(cgp->cg_initediblk, needswap); + initediblk = ufs_rw32(cgp->cg_initediblk, needswap); + maxiblk = initediblk; nalloc = fs->fs_ipg - ufs_rw32(cgp->cg_cs.cs_nifree, needswap); if (nalloc + FFS_INOPB(fs) > initediblk && initediblk < ufs_rw32(cgp->cg_niblk, needswap)) { @@ -1331,6 +1338,9 @@ retry: FFS_NOBLK, fs->fs_bsize, false, &ibp); if (error) goto fail; + + maxiblk += FFS_INOPB(fs); + goto retry; } } @@ -1340,14 +1350,22 @@ retry: (fs->fs_old_flags & FS_FLAGS_UPDATED)) cgp->cg_time = ufs_rw64(time_second, needswap); inosused = cg_inosused(cgp, needswap); + if (ipref) { ipref %= fs->fs_ipg; - if (isclr(inosused, ipref)) + /* safeguard to stay in (to be) allocated range */ + if (ipref < maxiblk && isclr(inosused, ipref)) goto gotit; } - start = ufs_rw32(cgp->cg_irotor, needswap) / NBBY; - len = howmany(fs->fs_ipg - ufs_rw32(cgp->cg_irotor, needswap), - NBBY); + + irotor = ufs_rw32(cgp->cg_irotor, needswap); + + KASSERTMSG(irotor < initediblk, "%s: allocation botch: cg=%d, irotor %d" + " out of bounds, initediblk=%d", + __func__, cg, irotor, initediblk); + + start = irotor / NBBY; + len = howmany(maxiblk - irotor, NBBY); loc = skpc(0xff, len, &inosused[start]); if (loc == 0) { len = start + 1; @@ -1367,9 +1385,17 @@ retry: printf("fs = %s\n", fs->fs_fsmnt); panic("ffs_nodealloccg: block not in map"); } + ipref = i * NBBY + ffs(map) - 1; + cgp->cg_irotor = ufs_rw32(ipref, needswap); + gotit: + KASSERTMSG(ipref < maxiblk, "%s: allocation botch: cg=%d attempt to " + "allocate inode index %d beyond max allocated index %d" + " of %d inodes/cg", + __func__, cg, (int)ipref, maxiblk, cg