Commit Graph

248625 Commits

Author SHA1 Message Date
christos
ac264ff54b Import OpenBSD's netcat. 2017-02-06 16:00:50 +00:00
nonaka
3595ccfb7d Remove unnecessary flag. 2017-02-06 10:32:35 +00:00
dholland
3e58855b26 Fix misuse of arc4random by using arc4random_uniform.
Noticed by riastradh.
2017-02-06 02:26:44 +00:00
palle
9634b3fd38 sun4v: update TODO list to reflect the current state - TRAP_SETUP() was adapted to handle both sun4u and sun4v systems in version 1.404 of locore.s 2017-02-05 20:08:35 +00:00
skrll
e585f321ff Don't call _sema_init twice on various objects... remote_event_create
will initialise them

Found by LOCKDEBUG
2017-02-05 16:05:20 +00:00
mlelstv
61e95c24aa Destroy callouts when cleaning up. 2017-02-05 12:05:46 +00:00
maxv
6c9d31ed8a Rename ldt->ldtstore and gdt->gdtstore on i386. It reduces the diff with
amd64, and makes it easier to track down these variables on nxr - 'ldt'
and 'gdt' being common keywords.
2017-02-05 10:42:21 +00:00
joerg
3a551b58b2 Be a bit nicer to outdated compilers and use __unreachable(). 2017-02-05 10:13:43 +00:00
joerg
1ca42661a2 Unbreak clang again. 2017-02-05 10:13:18 +00:00
maxv
173e2026e3 Remove misleading comment; these macros should not be used if a user LDT
is active.
2017-02-05 08:58:39 +00:00
maxv
549eebb1a2 Remove #if 0 on USER_LDT. 2017-02-05 08:52:11 +00:00
maxv
d0c8365f2c Missing pmap_ldt_cleanup. 2017-02-05 08:42:49 +00:00
maxv
c4d9b79654 Now that valid_user_selector only checks for LDT selectors, remove it. A
user may legitimately want to have one register in the GDT, and another in
the LDT.

Pass 2/2.
2017-02-05 08:36:08 +00:00
maxv
33f2d3769e In cpu_mcontext_validate, treat %cs differently depending on whether a user
LDT is set; just check the permission without checking the location (which
may change).

In valid_user_selector, don't check the length of the LDT. This is racy
because pm_ldt_len could be updated by another thread, and useless since
the length is already referenced in ldtr (ldt_alloc), which means that any
overflow will fault in userland.

Also, don't check the permission of the segment pointed to; this too is
racy, and we don't care either since the permissions are checked earlier
in x86_set_ldt1.

Pass 1/2.
2017-02-05 08:19:05 +00:00
maya
3445e73ad7 Fix off by one.
ok cherry
2017-02-05 07:25:49 +00:00
maya
dfbac43682 Remove duplicate check. uvm_physseg_valid_p(upm) == false is also
our for loop exit condition, and will never happen. NFC
2017-02-05 06:26:06 +00:00
maya
482c927acf Fix off by one.
Fixes PR port-amd64/51944: sparse core dumps do not work
2017-02-05 06:13:53 +00:00
maya
2675f23497 Match the iterator in sys/uvm/uvm_page.c:1866. NFC.
No matching KASSERT - this case is covered by the above
if (uvm_physseg_valid_p(upm) == false) break;
2017-02-05 06:12:33 +00:00
spz
dc860a366c merge for tcpdump 4.9.0 and document 2017-02-05 04:05:05 +00:00
spz
671dd9fa89 Update of tcpdump to version 4.9.0
This update fixes the following vulnerabilities:
CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926
CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931
CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936
CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973
CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985
CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575
CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341
CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485
CVE-2017-5486 (all buffer overflows in various parts of tcpdump)

Upstream Changelog:
    General updates:
    Improve separation frontend/backend (tcpdump/libnetdissect)
    Don't require IPv6 library support in order to support IPv6 addresses
    Introduce data types to use for integral values in packet structures
    Fix display of timestamps with -tt, -ttt and -ttttt options
    Fix some heap overflows found with American Fuzzy Lop by Hanno Boeck and others
        (More information in the log with CVE-2016-* and CVE-2017-*)
    Change the way protocols print link-layer addresses (Fix heap overflows
        in CALM-FAST and GeoNetworking printers)
    Pass correct caplen value to ether_print() and some other functions
    Fix lookup_nsap() to match what isonsap_string() expects
    Clean up relative time stamp printing (Fix an array overflow)
    Fix some alignment issues with GCC on Solaris 10 SPARC
    Add some ND_TTEST_/ND_TCHECK_ macros to simplify writing bounds checks
    Add a fn_printztn() which returns the number of bytes processed
    Add nd_init() and nd_cleanup() functions. Improve libsmi support
    Add CONTRIBUTING file
    Add a summary comment in all printers
    Compile with more warning options in devel mode if supported (-Wcast-qual, ...)
    Fix some leaks found by Valgrind/Memcheck
    Fix a bunch of de-constifications
    Squelch some Coverity warnings and some compiler warnings
    Update Coverity and Travis-CI setup
    Update Visual Studio files

    Frontend:
    Fix capsicum support to work with zerocopy buffers in bpf
    Try opening interfaces by name first, then by name-as-index
    Work around pcap_create() failures fetching time stamp type lists
    Fix a segmentation fault with 'tcpdump -J'
    Improve addrtostr6() bounds checking
    Add exit_tcpdump() function
    Don't drop CAP_SYS_CHROOT before chrooting
    Fixes issue where statistics not reported when -G and -W options used

    New printers supporting:
    Generic Protocol Extension for VXLAN (VXLAN-GPE)
    Home Networking Control Protocol (HNCP), RFCs 7787 and 7788
    Locator/Identifier Separation Protocol (LISP), type 3 and type 4 packets
    Marvell Extended Distributed Switch Architecture header (MEDSA)
    Network Service Header (NSH)
    REdis Serialization Protocol (RESP)

    Updated printers:
    802.11: Beginnings of 11ac radiotap support
    802.11: Check the Protected bit for management frames
    802.11: Do bounds checking on last_presentp before dereferencing it (Fix a heap overflow)
    802.11: Fix the radiotap printer to handle the special bits correctly
    802.11: If we have the MCS field, it's 11n
    802.11: Only print unknown frame type or subtype messages once
    802.11: Radiotap dBm values get printed as dB; Update a test output accordingly
    802.11: Source and destination addresses were backwards
    AH: Add a bounds check
    AH: Report to our caller that dissection failed if a bounds check fails
    AP1394: Print src > dst, not dst > src
    ARP: Don't assume the target hardware address is <= 6 octets long (Fix a heap overflow)
    ATALK: Add bounds and length checks (Fix heap overflows)
    ATM: Add some bounds checks (Fix a heap overflow)
    ATM: Fix an incorrect bounds check
    BFD: Update specification from draft to RFC 5880
    BFD: Update to print optional authentication field
    BGP: Add decoding of ADD-PATH capability
    BGP: Add support for the AIGP attribute (RFC7311)
    BGP: Print LARGE_COMMUNITY Path Attribute
    BGP: Update BGP numbers from IANA; Print minor values for FSM notification
    BOOTP: Add a bounds check
    Babel: Add decoder for source-specific extension
    CDP: Filter out non-printable characters
    CFM: Fixes to match the IEEE standard, additional bounds and length checks
    CSLIP: Add more bounds checks (Fix a heap overflow)
    ClassicalIPoATM: Add a bounds check on LLC+SNAP header (Fix a heap overflow)
    DHCP: Fix MUDURL and TZ options
    DHCPv6: Process MUDURL and TZ options
    DHCPv6: Update Status Codes with RFCs/IANA names
    DNS: Represent the "DNSSEC OK" bit as "DO" instead of "OK". Add a test case
    DTP: Improve packet integrity checks
    EGP: Fix bounds checks
    ESP: Don't use OpenSSL_add_all_algorithms() in OpenSSL 1.1.0 or later
    ESP: Handle OpenSSL 1.1.x
    Ethernet: Add some bounds checking before calling isoclns_print (Fix a heap overflow)
    Ethernet: Print the Length/Type field as length when needed
    FDDI: Fix -e output for FDDI
    FR: Add some packet-length checks and improve Q.933 printing (Fix heap overflows)
    GRE: Add some bounds checks (Fix heap overflows)
    Geneve: Fix error message with invalid option length; Update list option classes
    HNCP: Fix incorrect time interval format. Fix handling of IPv4 prefixes
    ICMP6: Fetch a 32-bit big-endian quantity with EXTRACT_32BITS()
    ICMP6: dagid is always an IPv6 address, not an opaque 128-bit string
    IGMP: Add a length check
    IP: Add a bounds check (Fix a heap overflow)
    IP: Check before fetching the protocol version (Fix a heap overflow)
    IP: Don't try to dissect if IP version != 4 (Fix a heap overflow)
    IP: Stop processing IPPROTO_ values once we hit IPPROTO_IPCOMP
    IPComp: Check whether we have the CPI before we fetch it (Fix a heap overflow)
    IPoFC: Fix -e output (IP-over-Fibre Channel)
    IPv6: Don't overwrite the destination IPv6 address for routing headers
    IPv6: Fix header printing
    IPv6: Stop processing IPPROTO_ values once we hit IPPROTO_IPCOMP
    ISAKMP: Clean up parsing of IKEv2 Security Associations
    ISOCLNS/IS-IS: Add support for Purge Originator Identifier (RFC6232) and test cases
    ISOCLNS/IS-IS: Don't overwrite packet data when checking the signature
    ISOCLNS/IS-IS: Filter out non-printable characters
    ISOCLNS/IS-IS: Fix segmentation faults
    ISOCLNS/IS-IS: Have signature_verify() do the copying and clearing
    ISOCLNS: Add some bounds checks
    Juniper: Make sure a Juniper header TLV isn't bigger than what's left in the packet (Fix a heap overflow)
    LLC/SNAP: With -e, print the LLC header before the SNAP header; without it, cut the SNAP header
    LLC: Add a bounds check (Fix a heap overflow)
    LLC: Clean up printing of LLC packets
    LLC: Fix the printing of RFC 948-style IP packets
    LLC: Skip the LLC and SNAP headers with -x for 802.11 and some other protocols
    LLDP: Implement IANA OUI and LLDP MUD option
    MPLS LSP ping: Update printing for RFC 4379, bug fixes, more bounds checks
    MPLS: "length" is now the *remaining* packet length
    MPLS: Add bounds and length checks (Fix a heap overflow)
    NFS: Add a test that makes unaligned accesses
    NFS: Don't assume the ONC RPC header is nicely aligned
    NFS: Don't overflow the Opaque_Handle buffer (Fix a segmentation fault)
    NFS: Don't run past the end of an NFSv3 file handle
    OLSR: Add a test to cover a HNA sgw case
    OLSR: Fix 'Advertised networks' count
    OLSR: Fix printing of smart-gateway HNAs in IPv4
    OSPF: Add a bounds check for the Hello packet options
    OSPF: Do more bounds checking
    OSPF: Fix a segmentation fault
    OSPF: Fix printing 'ospf_topology_values' default
    OTV: Add missing bounds checks
    PGM: Print the formatted IP address, not the raw binary address, as a string
    PIM: Add some bounds checking (Fix a heap overflow)
    PIMv2: Fix checksumming of Register messages
    PPI: Pass an adjusted struct pcap_pkthdr to the sub-printer
    PPP: Add some bounds checks (Fix a heap overflow)
    PPP: Report invalid PAP AACK/ANAK packets
    Q.933: Add a missing bounds check
    RADIUS: Add Value 13 "VLAN" to Tunnel-Type attribute
    RADIUS: Filter out non-printable characters
    RADIUS: Translate UDP/1700 as RADIUS
    RESP: Do better checking of RESP packets
    RPKI-RTR: Add a return value check for "fn_printn" call
    RPKI-RTR: Remove printing when truncated condition already detected
    RPL: Fix 'Consistency Check' control code
    RPL: Fix suboption print
    RSVP: An INTEGRITY object in a submessage covers only the submessage
    RSVP: Fix an infinite loop; Add bounds and length checks
    RSVP: Fix some if statements missing brackets
    RSVP: Have signature_verify() do the copying and clearing
    RTCP: Add some bounds checks
    RTP: Add some bounds checks, fix two segmentation faults
    SCTP: Do more bounds checking
    SFLOW: Fix bounds checking
    SLOW: Fix bugs, add checks
    SMB: Before fetching the flags2 field, make sure we have it
    SMB: Do bounds checks on NBNS resource types and resource data lengths
    SNMP: Clean up the "have libsmi but no modules loaded" case
    SNMP: Clean up the object abbreviation list and fix the code to match them
    SNMP: Do bounds checks when printing character and octet strings
    SNMP: Improve ASN.1 bounds checks
    SNMP: More bounds and length checks
    STP: Add a bunch of bounds checks, and fix some printing (Fix heap overflows)
    STP: Filter out non-printable characters
    TCP: Add bounds and length checks for packets with TCP option 20
    TCP: Correct TCP option Kind value for TCP Auth and add SCPS-TP
    TCP: Fix two bounds checks (Fix heap overflows)
    TCP: Make sure we have the data offset field before fetching it (Fix a heap overflow)
    TCP: Put TCP-AO option decoding right
    TFTP: Don't use strchr() to scan packet data (Fix a heap overflow)
    Telnet: Add some bounds checks
    TokenRing: Fix -e output
    UDLD: Fix an infinite loop
    UDP: Add a bounds check (Fix a heap overflow)
    UDP: Check against the packet length first
    UDP: Don't do the DDP-over-UDP heuristic check up front
    VAT: Add some bounds checks
    VTP: Add a test on Mgmt Domain Name length
    VTP: Add bounds checks and filter out non-printable characters
    VXLAN: Add a bound check and a test case
    ZeroMQ: Fix an infinite loop
2017-02-05 03:06:04 +00:00
mrg
002f468d50 uh, this is actually called 20170201 :-) 2017-02-05 01:55:03 +00:00
pgoyette
accf810fc9 Add the *_size() variants to the .Nm list so it will be found by
apropos(1).

While here, reorder the function lists to improve readability.
2017-02-05 00:47:33 +00:00
christos
ec5c127714 remove debugging printf. 2017-02-05 00:24:24 +00:00
wiz
7754e6dee9 Remove trailing space. 2017-02-04 23:35:15 +00:00
wiz
22c6b27a2a Quote - to make it a minus. 2017-02-04 23:33:56 +00:00
wiz
4cb81f1b9d Use just the right amount of commas. 2017-02-04 23:32:43 +00:00
christos
dadbbf044b regen 2017-02-04 18:14:55 +00:00
christos
586a3278a9 fix broken entries that prevented compilation. 2017-02-04 18:14:44 +00:00
mlelstv
6c81d9e1ab tag variables as __unused to appease compiler. 2017-02-04 18:08:29 +00:00
christos
f06f692133 Fix operand width 2017-02-04 16:14:27 +00:00
christos
9afef664aa Don't error out for set but unused variables for now. 2017-02-04 16:14:04 +00:00
roy
84cacd2b7f Mark reboot() and _rtt() as __dead.
Use __builtin_unreachable() to ensure Panic really is marked dead.

Thanks to joerg@
2017-02-04 13:36:07 +00:00
spz
10927b73f6 merge expat-2.2.0 and document 2017-02-04 10:56:10 +00:00
spz
024103ff9f from Changes:
Release 2.2.0 Tue June 21 2016
        Security fixes:
            #537  CVE-2016-0718 -- Fix crash on malformed input
                  CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
                                   CVE-2015-2716 introduced with Expat 2.1.1
            #499  CVE-2016-5300 -- Use more entropy for hash initialization
                                   than the original fix to CVE-2012-0876
            #519  CVE-2012-6702 -- Resolve troublesome internal call to srand
                                   that was introduced with Expat 2.1.0
                                   when addressing CVE-2012-0876 (issue #496)

        Bug fixes:
                  Fix uninitialized reads of size 1
                    (e.g. in little2_updatePosition)
                  Fix detection of UTF-8 character boundaries

        Other changes:
            #532  Fix compilation for Visual Studio 2010 (keyword "C99")
                  Autotools: Resolve use of "$<" to better support bmake
                  Autotools: Add QA script "qa.sh" (and make target "qa")
                  Autotools: Respect CXXFLAGS if given
                  Autotools: Fix "make run-xmltest"
                  Autotools: Have "make run-xmltest" check for expected output
             p90  CMake: Fix static build (BUILD_shared=OFF) on Windows
            #536  CMake: Add soversion, support -DNO_SONAME=yes to bypass
            #323  CMake: Add suffix "d" to differentiate debug from release
                  CMake: Define WIN32 with CMake on Windows
                  Annotate memory allocators for GCC
                  Address all currently known compile warnings
                  Make sure that API symbols remain visible despite
                    -fvisibility=hidden
                  Remove executable flag from source files
                  Resolve COMPILED_FROM_DSP in favor of WIN32
2017-02-04 10:15:47 +00:00
skrll
1ca2f96664 More usb_syncmem tweaks. The main one is sync'ing the entire last TD
returned from ohci_reset_std_chain in control transfers.
2017-02-04 08:03:40 +00:00
mrg
7dd016e517 fix the prototype for bozo_set_pref(). from cfkoch 2017-02-04 01:32:54 +00:00
kre
0ff2aa1043 Fiddle the (new) fdflags implementation:
Remove some unnecessary cuteness that limited error reporting.
Permit just one -s arg to fdflags
Be deterministic in the case of fdflags -s +cloexec,-cloexec 0
	(and similar) - use the last specified, always.
Allow:
	FD_0_FLAGS=$( fdflags -v 0 )
	# do stuff, manipulating the flags
	fdflags -s "FD_0_FLAGS" 0
to save/restore flags for a fd.
Correctly mask result of fcntl(fd, F_GETFD) with FD_CLOEXEC as the
specs require before deciding close on exec is set.

Improve portability as a tool, don't assume strtoi(), nor __arraycount()
and avoid needlessly requiring recent C versions (ie: there's no need to
sprinkle declarations in the middle of the code, it just makes them hard
to find, and benefits nothing.)

Still to do:  As currently implemented, both user, and shell internal fds
are reported, and can be manipulated.  Allowing users to touch the shell's
internal fds is bogus, and providing this easy way to allow users to
discover which values they have is poor.   Fixing this means getting rid
of the use of fcntl(F_MAXFD) and replacing it with a shell maintained
memory of what fds the user (script) has allocated.   The shell's fd
manipulation really still needs major work (including properly fixing
bin/48875)
2017-02-03 23:16:38 +00:00
christos
e22d6e2de6 New versions of linux on arm and others have both socketcall and separate
syscalls...
2017-02-03 22:29:51 +00:00
christos
e18b8724f0 use the netid value because it could be udp6... 2017-02-03 21:56:01 +00:00
abhinav
6b1f1a07e7 Add posix_madvise(2) in the NAME section. 2017-02-03 21:10:22 +00:00
abhinav
0d379b321a Insert comma between two Nm entries.
Remove Pp before Bd
2017-02-03 21:03:05 +00:00
nat
fb16cd1037 Don't check hardware precision in autoconfig as some drivers e.g vs(4) the
hardware precision is 4 bits.

Addresses PR/kern 51879: vs(4) audio attach failed.
2017-02-03 20:13:52 +00:00
macallan
fb788de725 some bugs in chipsfb_putchar_aa():
- fix 64bit padding for scanlines
- clean out latch for every scanline
now fonts with odd widths look right
2017-02-03 20:09:49 +00:00
nat
e4dba3a422 Improved drain function for vc[0].
No need to drain vc[0] for drivers written with start_output.
2017-02-03 20:07:55 +00:00
roy
03db8b97a4 Fix build with clang. 2017-02-03 17:24:43 +00:00
christos
2a4f2d0e56 add sendmmsg and recvmmsg 2017-02-03 16:57:39 +00:00
christos
c16b94cc41 regen 2017-02-03 16:56:55 +00:00
christos
7042ca6ffd add unimple sendmmsg secvmmsg 2017-02-03 16:56:46 +00:00
christos
e0a67653f8 regen 2017-02-03 16:49:19 +00:00
christos
55493546ea add missing unimpl and sendmmsg and recvmmsg 2017-02-03 16:49:08 +00:00