[Midnightbsd-cvs] [MidnightBSD/src] 30d27a: libpfctl: Don't pass stack garbage to free.
Lucas Holt
noreply at github.com
Tue Sep 19 10:28:08 EDT 2023
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 30d27a900158a432c87dc8d1e929cc44cef738a0
https://github.com/MidnightBSD/src/commit/30d27a900158a432c87dc8d1e929cc44cef738a0
Author: John Baldwin <jhb at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M lib/libpfctl/libpfctl.c
Log Message:
-----------
libpfctl: Don't pass stack garbage to free.
GCC 9 on stable/12 reports a -Wmaybe-uninitialized error for the call
to free in _pfctl_clear_states.
Reviewed by: mjg
Differential Revision: https://reviews.freebsd.org/D39198
(cherry picked from commit 48c519be0e8005aedc817b1bc1101ad32b67a67a)
Commit: 52a1c12961e0ce01fad5a819d42b6a54adc7cd22
https://github.com/MidnightBSD/src/commit/52a1c12961e0ce01fad5a819d42b6a54adc7cd22
Author: John Baldwin <jhb at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/udf/udf.h
M sys/fs/udf/udf_vfsops.c
Log Message:
-----------
udf: Reject read requests with an invalid length
- If the size is negative or if rounding it up to a multiple of
the block size overflows, fail the read request with ERANGE.
- While here, add a sanity check that the ICB length for the root
directory is at least as long as a minimum-sized file entry.
PR: 257768
Reported by: Robert Morris <rtm at lcs.mit.edu>
MFC after: 1 week
Sponsored by: FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41220
(cherry picked from commit c70e615051b00671d54651d99af5cdec4b091d92)
Commit: e0def179499e8b8121f1c792e79fbeb99e5039c9
https://github.com/MidnightBSD/src/commit/e0def179499e8b8121f1c792e79fbeb99e5039c9
Author: John Baldwin <jhb at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/geom/raid/tr_concat.c
Log Message:
-----------
g_raid concat: Fail requests to read beyond the end of the volume
Previously a debug kernel would trigger an assertion failure if an I/O
request attempted to read off the end of a concat volume, but a
non-debug kernel would use an invalid sub-disk to try to complete the
request eventually resulting in some sort of fault in the kernel.
Instead, turn the assertions into explicit checks that fail requests
beyond the end of the volume with EIO. For requests which run over
the end of the volume, return a short request.
PR: 257838
Reported by: Robert Morris <rtm at lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41222
(cherry picked from commit 4c89c0127dcadaa0d337c23d028f3fea5e76317a)
Commit: 460c85f93567ece6d2e4592487f3fb3c8ba207d1
https://github.com/MidnightBSD/src/commit/460c85f93567ece6d2e4592487f3fb3c8ba207d1
Author: John Baldwin <jhb at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/cd9660/cd9660_vfsops.c
Log Message:
-----------
cd9660: Reject volumes with small logical block sizes
ISO9660 permits specifying a logical block size that is any power of 2
greater than or equal to 512. The geom disk layer requires requests
to be aligned on sector boundaries of the provider. With a volume
that uses a logical block size smaller than the underlying disk sector
size (e.g. a logical block size of 512 or 1024 on a CD which uses 2048
byte sectors), the current cd9660 vfs can issue requests for partial
sectors, or on non-sector boundaries.
Fixing this properly would require wrapping all of the calls to
bread*/bwrite* in cd9660 vfs to roundup requests to be on sector
boundaries which can include both the length, but also the starting
sector number (and thus requiring use of an offset relative to b_data
in the resulting buf).
These images do not seem to be common however given that no one has
fixed this in cd9660's vfs in the past few decades, so just reject
them during mount with an error. If such images are found to be used
in the wild in practice, then the larger fix can be applied.
PR: 258063
Reported by: Robert Morris <rtm at lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41228
(cherry picked from commit 4af849d71f69306432941d91fa46c3c303059d63)
Commit: 34171d90c8891b3d40924b9a66224697058c94ac
https://github.com/MidnightBSD/src/commit/34171d90c8891b3d40924b9a66224697058c94ac
Author: John Baldwin <jhb at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/netsmb/smb_rq.c
Log Message:
-----------
netsmb: Add bounds checking to smb_t2_placedata
Verify that the requested region of the mbuf chain is not beyond the
end of the chain before trimming it from the end. If it is out of
bounds, fail with an error (EPROTO).
While here, properly handle the case that the amount of data at the
end of the chain might span more than one mbuf by using m_adj to drop
the extra bytes rather than assuming m_len of the last mbuf can be
adjusted directly.
PR: 258504
Reported by: Robert Morris <rtm at lcs.mit.edu>
Co-authored-by: Robert Morris <rtm at lcs.mit.edu>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41229
(cherry picked from commit aca3d65fedffbbe71399a88d33ea8ecf550177eb)
Commit: 4f1803108b285f8242be56198e2549f19d39056d
https://github.com/MidnightBSD/src/commit/4f1803108b285f8242be56198e2549f19d39056d
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/dev/acpi_support/acpi_wmi.c
Log Message:
-----------
wmistat: don't restrict reading to the pid that opened the fd.
PR: 273405
MFC after: 1 week
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D41621
(cherry picked from commit 28977cb9bc15a7f1fb7d28e14cd03f8dafd4e155)
Commit: df106f6c056d7f35efea25e6363847a4c9390a77
https://github.com/MidnightBSD/src/commit/df106f6c056d7f35efea25e6363847a4c9390a77
Author: Dag-Erling Smørgrav <des at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M lib/libc/stdio/fopen.3
Log Message:
-----------
libc: Fix fmemopen(3) prototype in fopen(3) man page.
While here, also update a mention of ANSI C.
Sponsored by: Klara, Inc.
Reviewed by: kevans, markj
Differential Revision: https://reviews.freebsd.org/D41686
(cherry picked from commit 5a57401e7106132b61b16e34365cebf52b773007)
libc: Further nit in fopen(3) man page.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D41687
(cherry picked from commit c9f5889d05b5854be033849a4ff9985699071548)
Commit: 1f1b42b7661ce0c31dda989c5356d5cf5eb396df
https://github.com/MidnightBSD/src/commit/1f1b42b7661ce0c31dda989c5356d5cf5eb396df
Author: Kyle Evans <kevans at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M ObsoleteFiles.inc
M secure/caroot/blacklisted/AddTrust_External_Root.pem
M secure/caroot/blacklisted/AddTrust_Low-Value_Services_Root.pem
M secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem
M secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem
M secure/caroot/blacklisted/Certum_Root_CA.pem
M secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem
A secure/caroot/blacklisted/Cybertrust_Global_Root.pem
M secure/caroot/blacklisted/D-TRUST_Root_CA_3_2013.pem
A secure/caroot/blacklisted/DST_Root_CA_X3.pem
A secure/caroot/blacklisted/E-Tugra_Certification_Authority.pem
A secure/caroot/blacklisted/E-Tugra_Global_Root_CA_ECC_v3.pem
A secure/caroot/blacklisted/E-Tugra_Global_Root_CA_RSA_v3.pem
M secure/caroot/blacklisted/EC-ACC.pem
M secure/caroot/blacklisted/EE_Certification_Centre_Root_CA.pem
M secure/caroot/blacklisted/GeoTrust_Global_CA.pem
M secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority.pem
M secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem
M secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G3.pem
M secure/caroot/blacklisted/GeoTrust_Universal_CA.pem
M secure/caroot/blacklisted/GeoTrust_Universal_CA_2.pem
A secure/caroot/blacklisted/GlobalSign_Root_CA_-_R2.pem
M secure/caroot/blacklisted/Global_Chambersign_Root_-_2008.pem
A secure/caroot/blacklisted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
A secure/caroot/blacklisted/Hongkong_Post_Root_CA_1.pem
M secure/caroot/blacklisted/LuxTrust_Global_Root_2.pem
A secure/caroot/blacklisted/Network_Solutions_Certificate_Authority.pem
M secure/caroot/blacklisted/OISTE_WISeKey_Global_Root_GA_CA.pem
M secure/caroot/blacklisted/QuoVadis_Root_CA.pem
M secure/caroot/blacklisted/Sonera_Class_2_Root_CA.pem
A secure/caroot/blacklisted/Staat_der_Nederlanden_EV_Root_CA.pem
M secure/caroot/blacklisted/Staat_der_Nederlanden_Root_CA_-_G2.pem
M secure/caroot/blacklisted/Staat_der_Nederlanden_Root_CA_-_G3.pem
M secure/caroot/blacklisted/SwissSign_Platinum_CA_-_G2.pem
M secure/caroot/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G4.pem
M secure/caroot/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
M secure/caroot/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G4.pem
M secure/caroot/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
M secure/caroot/blacklisted/Taiwan_GRCA.pem
A secure/caroot/blacklisted/TrustCor_ECA-1.pem
A secure/caroot/blacklisted/TrustCor_RootCert_CA-1.pem
A secure/caroot/blacklisted/TrustCor_RootCert_CA-2.pem
M secure/caroot/blacklisted/Trustis_FPS_Root_CA.pem
M secure/caroot/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
M secure/caroot/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
M secure/caroot/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem
M secure/caroot/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/blacklisted/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
M secure/caroot/blacklisted/thawte_Primary_Root_CA.pem
M secure/caroot/blacklisted/thawte_Primary_Root_CA_-_G2.pem
M secure/caroot/blacklisted/thawte_Primary_Root_CA_-_G3.pem
M secure/caroot/trusted/ACCVRAIZ1.pem
M secure/caroot/trusted/AC_RAIZ_FNMT-RCM.pem
M secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
M secure/caroot/trusted/ANF_Secure_Server_Root_CA.pem
M secure/caroot/trusted/Actalis_Authentication_Root_CA.pem
M secure/caroot/trusted/AffirmTrust_Commercial.pem
M secure/caroot/trusted/AffirmTrust_Networking.pem
M secure/caroot/trusted/AffirmTrust_Premium.pem
M secure/caroot/trusted/AffirmTrust_Premium_ECC.pem
M secure/caroot/trusted/Amazon_Root_CA_1.pem
M secure/caroot/trusted/Amazon_Root_CA_2.pem
M secure/caroot/trusted/Amazon_Root_CA_3.pem
M secure/caroot/trusted/Amazon_Root_CA_4.pem
M secure/caroot/trusted/Atos_TrustedRoot_2011.pem
A secure/caroot/trusted/Atos_TrustedRoot_Root_CA_ECC_TLS_2021.pem
A secure/caroot/trusted/Atos_TrustedRoot_Root_CA_RSA_TLS_2021.pem
M secure/caroot/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
A secure/caroot/trusted/BJCA_Global_Root_CA1.pem
A secure/caroot/trusted/BJCA_Global_Root_CA2.pem
M secure/caroot/trusted/Baltimore_CyberTrust_Root.pem
M secure/caroot/trusted/Buypass_Class_2_Root_CA.pem
M secure/caroot/trusted/Buypass_Class_3_Root_CA.pem
M secure/caroot/trusted/CA_Disig_Root_R2.pem
M secure/caroot/trusted/CFCA_EV_ROOT.pem
M secure/caroot/trusted/COMODO_Certification_Authority.pem
M secure/caroot/trusted/COMODO_ECC_Certification_Authority.pem
M secure/caroot/trusted/COMODO_RSA_Certification_Authority.pem
A secure/caroot/trusted/Certainly_Root_E1.pem
A secure/caroot/trusted/Certainly_Root_R1.pem
M secure/caroot/trusted/Certigna.pem
M secure/caroot/trusted/Certigna_Root_CA.pem
M secure/caroot/trusted/Certum_EC-384_CA.pem
M secure/caroot/trusted/Certum_Trusted_Network_CA.pem
M secure/caroot/trusted/Certum_Trusted_Network_CA_2.pem
M secure/caroot/trusted/Certum_Trusted_Root_CA.pem
M secure/caroot/trusted/Comodo_AAA_Services_root.pem
R secure/caroot/trusted/Cybertrust_Global_Root.pem
A secure/caroot/trusted/D-TRUST_BR_Root_CA_1_2020.pem
A secure/caroot/trusted/D-TRUST_EV_Root_CA_1_2020.pem
M secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem
M secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
R secure/caroot/trusted/DST_Root_CA_X3.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_CA.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_G2.pem
M secure/caroot/trusted/DigiCert_Assured_ID_Root_G3.pem
M secure/caroot/trusted/DigiCert_Global_Root_CA.pem
M secure/caroot/trusted/DigiCert_Global_Root_G2.pem
M secure/caroot/trusted/DigiCert_Global_Root_G3.pem
M secure/caroot/trusted/DigiCert_High_Assurance_EV_Root_CA.pem
A secure/caroot/trusted/DigiCert_TLS_ECC_P384_Root_G5.pem
A secure/caroot/trusted/DigiCert_TLS_RSA4096_Root_G5.pem
M secure/caroot/trusted/DigiCert_Trusted_Root_G4.pem
R secure/caroot/trusted/E-Tugra_Certification_Authority.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_EC1.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G2.pem
M secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G4.pem
M secure/caroot/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem
M secure/caroot/trusted/GDCA_TrustAUTH_R5_ROOT.pem
M secure/caroot/trusted/GLOBALTRUST_2020.pem
M secure/caroot/trusted/GTS_Root_R1.pem
M secure/caroot/trusted/GTS_Root_R2.pem
M secure/caroot/trusted/GTS_Root_R3.pem
M secure/caroot/trusted/GTS_Root_R4.pem
M secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem
M secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R5.pem
M secure/caroot/trusted/GlobalSign_Root_CA.pem
R secure/caroot/trusted/GlobalSign_Root_CA_-_R2.pem
M secure/caroot/trusted/GlobalSign_Root_CA_-_R3.pem
M secure/caroot/trusted/GlobalSign_Root_CA_-_R6.pem
M secure/caroot/trusted/GlobalSign_Root_E46.pem
M secure/caroot/trusted/GlobalSign_Root_R46.pem
M secure/caroot/trusted/Go_Daddy_Class_2_CA.pem
M secure/caroot/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem
A secure/caroot/trusted/HARICA_TLS_ECC_Root_CA_2021.pem
A secure/caroot/trusted/HARICA_TLS_RSA_Root_CA_2021.pem
M secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
R secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
M secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
A secure/caroot/trusted/HiPKI_Root_CA_-_G1.pem
R secure/caroot/trusted/Hongkong_Post_Root_CA_1.pem
M secure/caroot/trusted/Hongkong_Post_Root_CA_3.pem
M secure/caroot/trusted/ISRG_Root_X1.pem
A secure/caroot/trusted/ISRG_Root_X2.pem
M secure/caroot/trusted/IdenTrust_Commercial_Root_CA_1.pem
M secure/caroot/trusted/IdenTrust_Public_Sector_Root_CA_1.pem
M secure/caroot/trusted/Izenpe_com.pem
M secure/caroot/trusted/Microsec_e-Szigno_Root_CA_2009.pem
M secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
M secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
M secure/caroot/trusted/NAVER_Global_Root_Certification_Authority.pem
M secure/caroot/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem
R secure/caroot/trusted/Network_Solutions_Certificate_Authority.pem
M secure/caroot/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem
M secure/caroot/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem
M secure/caroot/trusted/QuoVadis_Root_CA_1_G3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_2.pem
M secure/caroot/trusted/QuoVadis_Root_CA_2_G3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_3.pem
M secure/caroot/trusted/QuoVadis_Root_CA_3_G3.pem
M secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem
M secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem
M secure/caroot/trusted/SSL_com_Root_Certification_Authority_ECC.pem
M secure/caroot/trusted/SSL_com_Root_Certification_Authority_RSA.pem
A secure/caroot/trusted/SSL_com_TLS_ECC_Root_CA_2022.pem
A secure/caroot/trusted/SSL_com_TLS_RSA_Root_CA_2022.pem
M secure/caroot/trusted/SZAFIR_ROOT_CA2.pem
A secure/caroot/trusted/Sectigo_Public_Server_Authentication_Root_E46.pem
A secure/caroot/trusted/Sectigo_Public_Server_Authentication_Root_R46.pem
M secure/caroot/trusted/SecureSign_RootCA11.pem
M secure/caroot/trusted/SecureTrust_CA.pem
M secure/caroot/trusted/Secure_Global_CA.pem
A secure/caroot/trusted/Security_Communication_ECC_RootCA1.pem
M secure/caroot/trusted/Security_Communication_RootCA2.pem
A secure/caroot/trusted/Security_Communication_RootCA3.pem
M secure/caroot/trusted/Security_Communication_Root_CA.pem
R secure/caroot/trusted/Staat_der_Nederlanden_EV_Root_CA.pem
M secure/caroot/trusted/Starfield_Class_2_CA.pem
M secure/caroot/trusted/Starfield_Root_Certificate_Authority_-_G2.pem
M secure/caroot/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem
M secure/caroot/trusted/SwissSign_Gold_CA_-_G2.pem
M secure/caroot/trusted/SwissSign_Silver_CA_-_G2.pem
M secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_2.pem
M secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_3.pem
M secure/caroot/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
M secure/caroot/trusted/TWCA_Global_Root_CA.pem
M secure/caroot/trusted/TWCA_Root_Certification_Authority.pem
M secure/caroot/trusted/TeliaSonera_Root_CA_v1.pem
A secure/caroot/trusted/Telia_Root_CA_v2.pem
R secure/caroot/trusted/TrustCor_ECA-1.pem
R secure/caroot/trusted/TrustCor_RootCert_CA-1.pem
R secure/caroot/trusted/TrustCor_RootCert_CA-2.pem
M secure/caroot/trusted/Trustwave_Global_Certification_Authority.pem
M secure/caroot/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem
M secure/caroot/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem
A secure/caroot/trusted/TunTrust_Root_CA.pem
M secure/caroot/trusted/UCA_Extended_Validation_Root.pem
M secure/caroot/trusted/UCA_Global_G2_Root.pem
M secure/caroot/trusted/USERTrust_ECC_Certification_Authority.pem
M secure/caroot/trusted/USERTrust_RSA_Certification_Authority.pem
M secure/caroot/trusted/XRamp_Global_CA_Root.pem
M secure/caroot/trusted/certSIGN_ROOT_CA.pem
M secure/caroot/trusted/certSIGN_Root_CA_G2.pem
M secure/caroot/trusted/e-Szigno_Root_CA_2017.pem
M secure/caroot/trusted/ePKI_Root_Certification_Authority.pem
M secure/caroot/trusted/emSign_ECC_Root_CA_-_C3.pem
M secure/caroot/trusted/emSign_ECC_Root_CA_-_G3.pem
M secure/caroot/trusted/emSign_Root_CA_-_C1.pem
M secure/caroot/trusted/emSign_Root_CA_-_G1.pem
A secure/caroot/trusted/vTrus_ECC_Root_CA.pem
A secure/caroot/trusted/vTrus_Root_CA.pem
Log Message:
-----------
caroot: update the root bundle and regenerate with OpenSSL 3
Summary:
- Twenty six (26) newly trusted
- Thirteen (13) distrusted
Commit: 19059906c7393c3e04d4d447ee168c070511f9ae
https://github.com/MidnightBSD/src/commit/19059906c7393c3e04d4d447ee168c070511f9ae
Author: Kyle Evans <kevans at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
A secure/caroot/stamp-certs.sh
Log Message:
-----------
caroot: add a primitive script to re-stamp certs
The tooling in main isn't stamping output with $FreeBSD$ strings going
forward, so we need to remember to do that in this branch with each
update. Add a stupid simple script that we can just run every time we
MFC an update without having to put much thought into it.
Direct commit to stable/12 because we don't need this in stable/13 or
stable/14.
Commit: c901f63dd08f1628a0589fde8e090f007af256e6
https://github.com/MidnightBSD/src/commit/c901f63dd08f1628a0589fde8e090f007af256e6
Author: Ed Maste <emaste at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M release/tools/gce.conf
Log Message:
-----------
release: remove inet blackhole sysctls from GCE config
Other cloud images do not do this, and it can produce confusing results.
Reviewed by: Jose Luis Duran, delphij
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41751
(cherry picked from commit b7528b16c6039a9f0af28f8f3ccdd6ea4eb7e604)
(cherry picked from commit 5623352ec00532193e9cd44332814f8d482422e4)
(cherry picked from commit 413687812ba7e6d25692fa6a75475c006111a788)
Commit: 3a39a069db1fca2a595515bd579f4248150fe220
https://github.com/MidnightBSD/src/commit/3a39a069db1fca2a595515bd579f4248150fe220
Author: Ed Maste <emaste at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/dev/iir/iir.c
Log Message:
-----------
iir: prevent negative offsets in ioctl
MFS of direct commit to stable/13 as this driver has been removed from
main in commit 399188a2c60c ("iir: Remove").
PR: 273328
Reported by: ChenHao Lu
Sponsored by: The FreeBSD Foundation
(cherry picked from commit b5a5a06fc012d27c6937776bff8469ea465c3873)
Commit: 3e2a44df9b7f1b3d3f320137c1d5324b0e885106
https://github.com/MidnightBSD/src/commit/3e2a44df9b7f1b3d3f320137c1d5324b0e885106
Author: Konstantin Belousov <kib at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/msdosfs/msdosfs_denode.c
Log Message:
-----------
msdosfs: correct handling of vnode pager size on file extension error
(cherry picked from commit e59180ea09a1d1d1463f2a269e94efa0f0b677c5)
(cherry picked from commit 64152225022bea784ca1948a67e7c040a8bb040a)
Commit: a3e46c46f55230a79840b85de5ef35756d141736
https://github.com/MidnightBSD/src/commit/a3e46c46f55230a79840b85de5ef35756d141736
Author: Konstantin Belousov <kib at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/msdosfs/msdosfs_denode.c
Log Message:
-----------
msdosfs deextend(): memoize DETOV(dep)
(cherry picked from commit 67dc1e7b0457ec014a1291c5874decdefe7bffdd)
(cherry picked from commit 03562adbefb80ba94bebe602fc051bbc4292cb37)
Commit: 154e3d9434678bb5ac76d33238aca8c543506949
https://github.com/MidnightBSD/src/commit/154e3d9434678bb5ac76d33238aca8c543506949
Author: Konstantin Belousov <kib at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/msdosfs/msdosfs_denode.c
Log Message:
-----------
msdosfs deextend: validate pages of the partial buffer
PR: 269341
(cherry picked from commit 0152d453a08fa2bad694dc04a8184fce2b7faa10)
(cherry picked from commit c2ee668306bbe3edf4a05246ed3a88f52dfc94ae)
Commit: ae805fecfba813702f14bed18e4a9067cdd8b268
https://github.com/MidnightBSD/src/commit/ae805fecfba813702f14bed18e4a9067cdd8b268
Author: Konstantin Belousov <kib at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/fs/msdosfs/msdosfs_denode.c
Log Message:
-----------
msdosfs: zero partially valid extended cluster
(cherry picked from commit 7e4c6b2163fbed6be92b1e19f0eec4da973cfaec)
(cherry picked from commit 868f3eadc5e0b50863c13457074ac1a0b03958dd)
Commit: 0f72ff1fa3e3e056d3b82b0051f94f77f98dfc2c
https://github.com/MidnightBSD/src/commit/0f72ff1fa3e3e056d3b82b0051f94f77f98dfc2c
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M lib/libc/sys/getdirentries.2
Log Message:
-----------
getdirentries.2: Reference directory(3)
MFC after: 3 days
(cherry picked from commit 3a02df5e27d2eeabffd761ff5cb79496a6d796ea)
Commit: 8321fa3fbd97ed547e8eaa83874fad3ef88cd862
https://github.com/MidnightBSD/src/commit/8321fa3fbd97ed547e8eaa83874fad3ef88cd862
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M lib/libc/sys/getdirentries.2
Log Message:
-----------
getdirentries.2: Improve readability of dirent members
MFC after: 3 days
(cherry picked from commit 52d374a067002fc42409b32059ec8b8506a70429)
Commit: 41c1c44902bcd51f767e55806e37a194d1b9ddca
https://github.com/MidnightBSD/src/commit/41c1c44902bcd51f767e55806e37a194d1b9ddca
Author: Mateusz Piotrowski <0mp at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M lib/libc/sys/getdirentries.2
Log Message:
-----------
getdirentries.2: Reference dir(5)
As a note, parts of manual pages getdirentries(2) and dir(5) should
probably be consolidated.
MFC after: 3 days
(cherry picked from commit 5b7a776f481891f10820a0b4838d0e0feb60b8ad)
Commit: be1c20513a7eaac3773303047ba10e260d39b2e3
https://github.com/MidnightBSD/src/commit/be1c20513a7eaac3773303047ba10e260d39b2e3
Author: Andrey V. Elsukov <ae at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M sys/dev/ahci/ahci_pci.c
Log Message:
-----------
ahci: add AMD device id in RAID mode
Found on Asus ROX Strix X570-F Gaming.
MFC after: 1 week
(cherry picked from commit 3afe6b525386af1dda7791ea2a9d718fa634d4fd)
Commit: c866fa9e93b0cfac1c090dab95f22fd2e94ed946
https://github.com/MidnightBSD/src/commit/c866fa9e93b0cfac1c090dab95f22fd2e94ed946
Author: Ed Maste <emaste at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M libexec/ftpd/ftpd.8
Log Message:
-----------
ftpd: add deprecation notice
Approved by: gordon
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26447
(cherry picked from commit 98b98ec1bc7e961c3d3468b0e481080580c902cf)
(cherry picked from commit cc9347cc79d320cac00ccf5d5f23971de2c887a1)
(cherry picked from commit 01d82151022cb1383e83c331708a787f1907b00f)
(cherry picked from commit 3ea83e94cdfa34745641dfa5f43debfdcd79e229)
(cherry picked from commit 0e383bb3cd1856515c4b67cbced76952280b4fb2)
Commit: 385dfacb830459bc7af5c6511bef9f4bda9a18d7
https://github.com/MidnightBSD/src/commit/385dfacb830459bc7af5c6511bef9f4bda9a18d7
Author: Eugene Grosbein <eugen at FreeBSD.org>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt
Log Message:
-----------
MFC: unbreak BEGEMOT-LM75-MIB.txt
The MIB has several bugs making it unusable. Fix it.
Reported-by: Eugene M. Zheganin <eugene at zhegan.in>
(cherry picked from commit 872e89405684eac984e9004bdfeeb540e818ed74)
Commit: a7b2bbc20b3c3483abf0a0a266604fdaec0a3876
https://github.com/MidnightBSD/src/commit/a7b2bbc20b3c3483abf0a0a266604fdaec0a3876
Author: Lucas Holt <luke at foolishgames.com>
Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths:
M libexec/ftpd/ftpd.8
Log Message:
-----------
revise message
Compare: https://github.com/MidnightBSD/src/compare/7bccc5394453...a7b2bbc20b3c
More information about the Midnightbsd-cvs
mailing list