Update the RaspberryPI firmware to the version from
https://github.com/raspberrypi/rpi-firmware
commit fdb9eafae4b83e553593937eae8e77b0193903c3
Author: Dom Cobley <popcornmix@gmail.com>
Date: Tue Oct 17 15:59:45 2023 +0100
kernel: Bump to 6.1.58
...
firmware: config: Add [pi5] to config.txt on 2711 and earlier platforms
Network devices can be found as Hardware or Messaging Device Paths,
see Sec 10.4.4 of UEFI Spec 2.10.
In addition to Hardware Device Path, try Messaging Device Path also.
This fixes PXE boot on implementations with the latter choice, e.g.,
Raspberry Pi 4 UEFI firmware.
Once boot device is exclusively opened for Simple Network Protocol,
further access via device path (efi_bootdp) is illegal.
For some implementations, boot device path gets corrupted by
exclusive open, and subsequent access by efi_device_path_depth(),
e.g., causes infinite recursion.
Fix PXE boot for QEMU/aarch64 with EDK2 on some Linux distributions.
Thanks yamaguchi@ for comments and tests.
Translation Control register, and also get rid of "#if PGSHIFT == ..."
where those magic numbers are used.
Instead, define new macros: MMU51_SRP_BITS, MMU51_CRP_BITS, MMU51_TCR_BITS,
and MMU40_TCR_BITS, in terms of the definitions in mmu_{40,51}.h. These
automagically adapt to 8K and 4K pages based on the machine-specific value
of PGSHIFT.
68040 (and 68060) MMU structures using names that more closely
align with Motorola's documentation.
The definitions here automagically adapt to 4K or 8K pages, based
on the value of PGSHIFT, which must be a compile-time constant.
- In pmap_activate(), rather than checking for an idle LWP and skipping
the loadustp() in that case, just check if the pmap being activate is
the kernel pmap. Also, KASSERT() that the specified lwp is the current
lwp.
Ensure that make's output is correctly ordered with the output of the
target's commands, even when the output does not go to a terminal.
Reviewed by: rillig
it's just tempting someone to try it. Leave the files around
in case someone wants to pursue making this work.
Should address kern/57793
XXX Related modules from the same legacy era should probably be
XXX removed, too, but so far only radeondrm has been reported
XXX as an issue. Kep an eye out for sisdrm, savagedrm, tdfxdrm,
XXX and r128drm.
Rather than converting the level 1 table address to a page number before
calling loadustp() only to have loadustp() convert it back to an address
for the '851, '030, '040, and '060, instead pass the address and convert
to a page number only in the case of the HP MMU.
This is a wash on HP MMU machines (9000/320 and 9000/350), and saves at
least 4 instructions (2x moveq + 2x lsXl) on every context switch on
everything else.
and sh's && instead of test's obsolete -a.
Minor formatting cleanups, including removing unneeded \ line continuations.
The somewhat bizarre way that named_migrate() was made to work in a
subshell (which of itself is fine, and looks needed) has been made more
rational. Because of that, the need to use local vars is no longer there,
(subshells can't affect the parent) and "local" in that func could be deleted
(but hasn't been).
Take the opportunity to do a little sh formatting cleanups, the \
line continuation can ususually be avoided by placing sh operators at
the appropriate places.
Note the [ x"$var" = x"$other" ] usage no longer needs the 'x',
avoiding that kind of nonsense is partly why test was much more
precisely specified, and a lot of the unnecessary stuff made obsolete.
Those however I did not remove (they're harmless).
This one was particularly bad:
if [ -z ${dev} -o ${junk} ]; then
was supposed to be validating an entry read from a config file,
dev should be not empty, and junk should be empty (ie: correct
number of fields present). If that test succeeds, the line is
bad, and we error out.
But if dev was empty, and junk was also empty, that turned into
if [ -z -o ]; then
which tests if "-o" is the empty string, which it isn't, so instead
of succeeding, and considering the entry invalid (no dev specified)
the code would just carry on as if all was good.
Because of this, a bunch of quoting fixes were also made (there might
perhaps be more needed).
While here a couple of minor formatting improvements - in general it
is always a good idea to surround sh operator chars (like '>' '(' ...)
with white space, to guard against thet possibility that some other (or
later enhanced) sh might have additional operators which happen to be
the character string used.
I don't understand while the final part of the condition for not doing
anything needs to run in a subshell, but that can stay for now.
Fix a bug reported by Jarle Fredrik Greipsland in PR bin/57773,
where a substring expansion where the substring to be removed from
a variable expansion is itself a var expansion where the value
contains one (or more) of sh's CTLxxx chars - the pattern had
CTLESC inserted, the string to be matched against did not. Fail.
We fix that by always inserting CTLESC in var assign expansions.
See the PR for all the gory details.
Thanks for the PR.
XXX pullup to everything.
Since .SHELL is potentially used in compat mode as well,
the man page description should not imply it is only used in jobs mode.
Remove path="sh" from shell-sh unit-test - and it would have detected
this bug.
Reviewed by: rillig
Remove the non-MP-safe scaffolding and pass MP safe flags for callout
and interrupt handlers.
Where we had #ifndef EQOS_MPSAFE splnet(), we also had EQOS_LOCK,
which implies splnet, so just remove the conditional splnet.
of the database and update the read-write copy with the new firewall ids.
Before we did not update the state file so it contained the old firewall ids.
localtime.c no longer mishandles TZif files that contain a single
transition into a DST regime. Previously, it incorrectly assumed
DST was in effect before the transition too. (Thanks to Alois
Treindl for debugging help.)
localtime.c's timeoff no longer collides with OpenBSD 7.4.
The C code now uses _Generic only if __STDC_VERSION__ says the
compiler is C11 or later.
tzselect now optionally reads zonenow.tab, to simplify when
configuring only for timestamps dated from now on.
tzselect no longer creates temporary files.
tzselect no longer mishandles the following:
Spaces and most other special characters in BUGEMAIL, PACKAGE,
TZDIR, and VERSION.
TZ strings when using mawk 1.4.3, which mishandles regular
expressions of the form /X{2,}/.
ISO 6709 coordinates when using an awk that lacks the GNU
extension of newlines in -v option-arguments.
Non UTF-8 locales when using an iconv command that lacks the GNU
//TRANSLIT extension.
zic no longer mishandles data for Palestine after the year 2075.
Previously, it incorrectly omitted post-2075 transitions that are
predicted for just before and just after Ramadan. (Thanks to Ken
Murchison for debugging help.)
zic now works again on Linux 2.6.16 and 2.6.17 (2006).
December 22, 2023: 3.8.4/3.7.9
==============================
Security: this release adds support to defend against an email
spoofing attack (SMTP smuggling) on recipients at a Postfix server.
For background, see https://www.postfix.org/smtp-smuggling.html.
Sites concerned about SMTP smuggling attacks should enable this
feature on Internet-facing Postfix servers. For compatibility with
non-standard clients, Postfix by default excludes clients in
mynetworks from this countermeasure.
The recommended settings are:
# Optionally disconnect remote SMTP clients that send bare newlines,
# but allow local clients with non-standard SMTP implementations
# such as netcat, fax machines, or load balancer health checks.
#
smtpd_forbid_bare_newline = yes
smtpd_forbid_bare_newline_exclusions = $mynetworks
The smtpd_forbid_bare_newline feature is disabled by default.
November 1, 2023: 3.8.3/3.7.8
=============================
Bugfix (defect introduced Postfix 2.5, date 20080104): the Postfix
SMTP server was waiting for a client command instead of replying
immediately, after a client certificate verification error in TLS
wrappermode. Reported by Andreas Kinzler.
Usability: the Postfix SMTP server (finally) attempts to log the
SASL username after authentication failure. In Postfix logging,
this appends ", sasl_username=xxx" after the reason for SASL
authentication failure. The logging replaces an unavailable reason
with "(reason unavailable)", and replaces an unavailable sasl_username
with "(unavailable)". Based on code by Jozsef Kadlecsik.
Compatibility bugfix (defect introduced: Postfix 2.11, date 20130405):
in forward_path, the expression ${recipient_delimiter} would expand
to an empty string when a recipient address had no recipient
delimiter. The compatibility fix is to use a configured recipient
delimiter value instead. Reported by Tod A. Sandman.
September 1, 2023: 3.8.2/3.7.7
==============================
Bugfix (defect introduced: Postfix alpha, 19980207): the valid_hostname()
check in the Postfix DNS client library was blocking unusual but
legitimate wildcard names (*.name) in some DNS lookup results and
lookup requests. Examples:
name class/type result
*.one.example IN CNAME *.other.example
*.other.example IN A 10.0.0.1
*.other.example IN TLSA ..certificate info...
Such syntax is blesed in RFC 1034 section 4.3.3.
Bugfix (defect introduced: Postfix 3.0, 20140218): when an address
verification probe fails during or after an opportunistic TLS
handshake, don't enforce a minimum time-in-queue before falling
back to plaintext. Problem reported by Serg.
June 5, 2023: 3.8.1/3.7.6
=========================
Optional: harden a Postfix SMTP server against remote SMTP clients
that violate RFC 2920 (or 5321) command pipelining constraints.
With "smtpd_forbid_unauth_pipelining = yes", the server disconnects
a client immediately, after responding with "554 5.5.0 Error: SMTP
protocol synchronization" and after logging "improper command
pipelining" with the unexpected remote SMTP client input. This
feature is disabled by default in Postfix 3.5-3.8 to avoid breaking
home-grown utilities, but it is enabled by default in Postfix 3.9.
A similar feature is enabled by default in the Exim SMTP server.
Optional: some OS distributions crank up TLS security to 11, and
in doing so increase the number of plaintext email deliveries. This
introduces basic OpenSSL configuration file support that may be
used to override OS-level settings. Details are in the postconf(5)
manpage under tls_config_file and tls_config_name.
Bugfix (defect introduced: Postfix 1.0): the command "postconf ..
name=v1 .. name=v2 .." (multiple instances of the same parameter
name) created multiple main.cf name=value entries with the same
parameter name. It now logs a warning and skips the earlier name(s)
and value(s). Found during code maintenance.
Bugfix (defect introduced: Postfix 3.3): the command "postconf -M
name1/type1='name2 type2 ...'" died with a segmentation violation
when the request matched multiple master.cf entries. The master.cf
file was not damaged. Problem reported by SATOH Fumiyasu.
Bugfix (defect introduced: Postfix 2.11): the command "postconf -M
name1/type1='name2 type2 ...'" could add a service definition to
master.cf that conflicted with an already existing service definition.
It now replaces all existing service definitions that match the
service pattern 'name1/type1' or the service name and type in 'name2
type2 ...' with a single service definition 'name2 type2 ...'.
Problem reported by SATOH Fumiyasu.
Bugfix (defect introduced: Postfix 3.8) the posttls-finger command
could access uninitialized memory when reconnecting. This also
fixes a malformed warning message when a destination contains
":service" information. Reported by Thomas Korbar.
Bugfix (defect introduced: Postfix 3.2): the MySQL client could
return "not found" instead of "error" (for example, resulting in
a 5XX SMTP status instead of 4XX) during the time that all MySQL
server connections were turned down after error. Found during code
maintenance. File: global/dict_mysql.c. This was already fixed in
Postfix 3.4-3.7.
April 18, 2023: 3.7.5
=====================
Bugfix (problem introduced in Postfix 3.5): check_ccert_access did
not handle inline map specifications. Report and fix by Sean
Gallagher.
Bugfix (problem introduced in Postfix 3.4): the posttls-finger
command failed to detect that a connection was resumed in the case
that a server did not return a certificate. Fix by Viktor Dukhovni.
Workaround: OpenSSL 3.x EVP_get_cipherbyname() can return lazily-bound
handles. Postfix now checks that the expected functionality will
be available instead of failing later. Fix by Viktor Dukhovni.
Safety: the long form "{ name = value }" in import_environment or
export_environment is not documented (with spaces around the '='),
but it was silently accepted, and it was stored in the process
environment as the invalid form "name = value", thus not setting
or overriding an entry for "name". This form is now stored as the
expected "name=value". Found during code maintenance.
Bugfix (problem introduced in Postfix 3.2): the MySQL client could
return "not found" instead of "error" (for example, resulting in
a 5XX SMTP status instead of 4XX) during the time that all MySQL
server connections were turned down after error. Found during code
maintenance.
April 17, 2023: 3.8.0
=====================
Support to look up DNS SRV records in the Postfix SMTP/LMTP client,
Based on code by Tomas Korbar (Red Hat). For example, with
"use_srv_lookup = submission" and "relayhost = example.com:submission",
the Postfix SMTP client will look up DNS SRV records for
_submission._tcp.example.com, and will relay email through the
hosts and ports that are specified with those records.
TLS obsolescence: Postfix now treats the "export" and "low" cipher
grade settings as "medium". The "export" and "low" grades are no
longer supported in OpenSSL 1.1.1, the minimum version required in
Postfix 3.6.0 and later. Also, Postfix default settings now exclude
deprecated or unused ciphers (SEED, IDEA, 3DES, RC2, RC4, RC5),
digest (MD5), key exchange algorithms (DH, ECDH), and public key
algorithm (DSS).
Attack resistance: the Postfix SMTP server can now aggregate
smtpd_client_*_rate and smtpd_client_*_count statistics by network
block instead of by IP address, to raise the bar against a memory
exhaustion attack in the anvil(8) server; Postfix TLS support
unconditionally disables TLS renegotiation in the middle of an SMTP
connection, to avoid a CPU exhaustion attack.
The PostgreSQL client encoding is now configurable with the "encoding"
Postfix configuration file attribute. The default is "UTF8".
Previously the encoding was hard-coded as "LATIN1", which is not
useful in the context of SMTP.
The postconf command now warns for #comment in or after a Postfix
parameter value. Postfix programs do not support #comment after
other text, and treat that as input.
January 12, 2023: 3.7.4
=======================
Workaround: with OpenSSL 3 and later always turn on
SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages and missed
opportunities for TLS session reuse. This is safe because the SMTP
protocol implements application-level framing, and is therefore
not affected by TLS truncation attacks. Fix by Viktor Dukhovni.
Workaround: OpenSSL 3.x EVP_get_digestbyname() can return lazily-bound
handles for digest implementations. In sufficiently hostile
configurations, Postfix could mistakenly believe that a digest
algorithm is available, and fail when it is not. A similar workaround
may be needed for EVP_get_cipherbyname(). Fix by Viktor Dukhovni.
Bugfix (bug introduced in Postfix 2.11): the checkok() macro in
tls/tls_fprint.c evaluated its argument unconditionally; it should
evaluate the argument only if there was no prior error. Found during
code review.
Bugfix (bug introduced in Postfix 2.8): postscreen died with a
segmentation violation when postscreen_dnsbl_threshold < 1. It
should reject such input with a fatal error instead. Discovered by
Benny Pedersen.
Bitrot: fixes for linker warnings from newer Darwin (MacOS) versions.
Viktor Dukhovni.
Portability: Linux 6 support.
Added missing documentation that cidr:, pcre: and regexp: tables
support inline specification only in Postfix 3.7 and later.
skrll