[ViewVC] Contents of: src/trunk/UPDATING

Updating Information for MidnightBSD users.

20160114:
        Fix security on bsnmpd configuration file during installation.

        TCP MD5 signature denial of service

        A programming error in processing a TCP connection with both TCP_MD5SIG
        and TCP_NOOPT socket options may lead to kernel crash.

20160102:
        Happy New Year

20151101:
        Increase kern.ipc.somaxconn default to 256.

20151017:
        Add initial statistics api to libmport and a driver to print
        it in mport(1).

20151002:
        Revised rpcbind(8) patch to fix issues with NIS

20150930:
        In rpcbind(8), netbuf structures are copied directly, which would result in
        two netbuf structures that reference to one shared address buffer.  When one
        of the two netbuf structures is freed, access to the other netbuf structure
        would result in an undefined result that may crash the rpcbind(8) daemon.

20150926:
        libmport now supports @preexec, @postexec, @preunexec and @postunexec
        to replace @exec and @unexec.  

        pre exec runs afer pre-install scripts but before actual installation

        post exec runs after install but before post install scripts and
        pkg message.

        pre unexec runs before pre uninstall scripts

        post unexec runs before de-install scripts and after file removal.

20150917:
        Fix kqueue write events for files > 2GB

20150825:
        kernel:
        fix a security issue on amd64 where the GS segment CPU register can be changed via
        userland value in kernel mode by using an IRET with #SS or #NP exceptions.

        openssh:
        A programming error in the privileged monitor process of the sshd(8)
        service may allow the username of an already-authenticated user to be
        overwritten by the unprivileged child process.

        A use-after-free error in the privileged monitor process of he sshd(8)
        service may be deterministically triggered by the actions of a
        compromised unprivileged child process.

        A use-after-free error in the session multiplexing code in the sshd(8)
        service may result in unintended termination of the connection.

20150818:
        expat security fix

20150815:
        libc changes:
        setmode(3) now returns errno consistently on error.
        libc will compile without error using clang

20150814:
        wait6 system call added.

        date(1) now handles non numeric numbers passed to -r 
        like GNU coreutils for improved compatibility.

20150811:
        ata(4) AMD Hudson2 SATA controller support.
        Intel lynxpoint SATA.

        Fix some const warnings when building several device drivers
        with llvm/clang.

        Sync cas(4) with FreeBSD 9-stable.

        Fix some minor issues with ath(4).

20150809:
        xz 5.0.8

20150808:
        libmport now logs installation and removal of packages to syslog.

20150805:
        routed - fix a potential security issue where traffic from outside
        the network can disrupt routing.

        bsd patch - fix a bug with ed(1) scripts allowing unsanitized input
        to run.

20150802:
        jansson 2.7 library added. (libjansson is a JSON library in C)

20150728:
        Heimdal 1.5.2 (kerberos implementation)

        OpenSSL 1.0.1o

        cpucontrol(8) now supports VIA CPUs. Synced with FreeBSD 9.2.

        TCP Resassemly resource exhaustion bug:
        There is a mistake with the introduction of VNET, which converted the
        global limit on the number of segments that could belong to reassembly
        queues into a per-VNET limit.  Because mbufs are allocated from a
        global pool, in the presence of a sufficient number of VNETs, the
        total number of mbufs attached to reassembly queues can grow to the
        total number of mbufs in the system, at which point all network
        traffic would cease.
        Obtained from: FreeBSD 8

        OpenSSH

        Fix two security vulnerabilities:
        OpenSSH clients does not correctly verify DNS SSHFP records when a server
        offers a certificate. [CVE-2014-2653]

        OpenSSH servers which are configured to allow password authentication
        using PAM (default) would allow many password attempts. A bug allows
        MaxAuthTries to be bypassed. [CVE-2015-5600]


        Switch to bsdpatch (from FreeBSD & OpenBSD)

20150726:
        BSD Sort updated

        sqlite 3.8.10.2

20150725:
        Import reallocarray from OpenBSD's libc.  

        The reallocarray() function is similar to realloc() except it operates on 
        nmemb members of size size and checks for integer overflow in the 
        calculation nmemb * size.

20150722:
        Fix a bug where TCP connections transitioning to LAST_ACK
        state can get stuck. This can result in a denial of service.

20150715:
        libmport now supports @shell and @sample in plists. This means that
        a shell port can automatically add an entry to /etc/shells and remove
        it upon uninstallation. For sample files, a copy is made without the 
        .sample extension if one does not exist and it is removed automatically
        only if the md5 hash of the two files is the same. 

20150709:
        flex 2.5.39

20150702:
        ZFS in MidnightBSD now supports lz4 compression. You can enable it
        with zfs set compression=lz4 pool/path.

        Verify it's working with 
        zfs get compressratio pool/path
        du -h -s *

        Note you must write new data when turning on compression to see
        changes. Existing files are not compressed.

        Note: While we used the same basic implementation of lz4 that
        FreeBSD and OpenZFS uses, we did not yet implement features support
        and the zfs version still reports 28. This may come in a future update
        to ZFS.

20150621:
        libmport now automatically stops services when deleting packages.

        The package must have installed an rc.d script in /usr/local/etc
        for this to work. This is equivalent to running service <name> onestop

20150618:
        Sendmail

        With the recent changes to OpenSSL to block 512 bit certificates,
        sendmail can't connect with TLS to some servers.

        Increase the default size to 1024 bit for client connections to
        match the server configuration.

        ZFS

        Added ZFS TRIM support which is enabled by default. To disable
        ZFS TRIM support set vfs.zfs.trim.enabled=0 in loader.conf.

        Creating new ZFS pools and adding new devices to existing pools
        first performs a full device level TRIM which can take a significant
        amount of time. The sysctl vfs.zfs.vdev.trim_on_init can be set to 0
        to disable this behaviour.

        ZFS TRIM requires the underlying device support BIO_DELETE which
        is currently provided by methods such as ATA TRIM and SCSI UNMAP
        via CAM, which are typically supported by SSD's.

        Stats for ZFS TRIM can be monitored by looking at the sysctl's
        under kstat.zfs.misc.zio_trim.

        rc.d

        Reworked handling of cleanvar and FILESYSTEMS so that FILESYSTEMS
        implies everything is mounted and ready to go.

        Changed how ip6addressctl maps IPv6 on startup.

20150613:
        tzdata 2015d

20150612:
        OpenSSL 0.9.8zg

20150419:
        MidnightBSD 0.6 stable branch created. Continue 0.7 
        development.

20150418:
        sqlite 3.8.9

20150407:
        Fix two security vulnerabilities:

        The previous fix for IGMP had an overflow issue. This has been corrected.

        ipv6: The Neighbor Discover Protocol allows a local router to advertise a
        suggested Current Hop Limit value of a link, which will replace
        Current Hop Limit on an interface connected to the link on the MidnightBSD
        system.

20150319:
        OpenSSL 0.9.8.zf

        mksh R50e

        Apple mDNSResponder 561.1.1

20150306:
        Upgrade OpenSSL to 0.9.8ze

20150225:
        Fix two security vulnerabilities.

        1. BIND servers which are configured to perform DNSSEC validation and which
        are using managed keys (which occurs implicitly when using
        "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit
        unpredictable behavior due to the use of an improperly initialized
        variable.

        CVE-2015-1349

        2. An integer overflow in computing the size of IGMPv3 data buffer can result
        in a buffer which is too small for the requested operation.

        This can result in a DOS attack.

20141211:
        Fix a security issue with file and libmagic that can allow
        an attacker to create a denial of service attack on any
        program that uses libmagic.

20141109:
        Fix building perl during buildworld when the GDBM port is installed.

20141106:
        tzdata 2014i

20141102:
        serf 1.3.8

20141031:
        tnftp 20141031 fixes a security vulnerability with tnftp,
        CVE-2014-8517. 

20141028:
        OpenSSL 0.9.8zc

20141021:
        Fix several security vulnerabilities in routed, rtsold,
        and namei with respect to Capsicum sandboxes looking up
        nonexistent path names and leaking memory.

        The input path in routed(8) will accept queries from any source and
        attempt to answer them.  However, the output path assumes that the
        destination address for the response is on a directly connected
        network.

        Due to a missing length check in the code that handles DNS parameters,
        a malformed router advertisement message can result in a stack buffer
        overflow in rtsold(8).

20141011:
        mksh R50d - fix field splitting regression and null 
        pointer dereference

        xz 5.0.7

        OpenSSH 6.6p1

20141004:
        mksh R50c - security update for environment var bug with 
        foo vs foo+     

20141002:
        sqlite 3.8.6

        sudo 1.7.8 - some issues with the current version, but we're slowly
        getting up to date.

20141001:
        mksh R50b

        libmport now supports plist commands @dir, @owner, @group, @mode.

        sudo 1.7.6p2

20140916:
        Fix a security issue with TCP SYN.

        When a segment with the SYN flag for an already existing connection arrives,
        the TCP stack tears down the connection, bypassing a check that the
        sequence number in the segment is in the expected window.

20140909:
        Fixed a bug with our clearenv(3) implementation that caused segfaults
        with some programs including Dovecot.

        OpenSSL security patch: 

        The receipt of a specifically crafted DTLS handshake message may cause OpenSSL
        to consume large amounts of memory. [CVE-2014-3506]

        The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak
        memory. [CVE-2014-3507]

        A flaw in OBJ_obj2txt may cause pretty printing functions such as
        X509_name_oneline, X509_name_print_ex et al. to leak some information from
        the stack. [CVE-2014-3508]

        OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to
        a denial of service attack. [CVE-2014-3510]

20140902:
        We're now 0.6-CURRENT

        Update USB quirks to support K70 Corsair keyboard, and several
        other devices.

20140827:
        Perl 5.18.2

20140728:
        Jails now run shutdown scripts.

20140710:
        Fix a vulnerability in the control message API. A buffer is not properly cleared
        before sharing with userland.

20140701:
        MKSH R50

20140630:
        File 5.19

20140605:
        Fix four security issues with OpenSSL

20140604:
        Sendmail failed to properly set close-on-exec for open file descriptors.

        ktrace page fault kernel trace entries were set to an incorrect size which resulted
        in a leak of information.

20140430:
        Fix a TCP reassembly bug that could result in a DOS attack
        of the system. It may be possible to obtain portions
        of kernel memory as well.

20140411:
        Update zlib to 1.2.7

20140122:
        Support for username with length 32. Previous limit was 16

20140114:
        Fix two security vulnerabilities.

        bsnmpd contains a stack overflow when sent certain queries.

        bind 9.8 when using NSEC3-signed zones zones, will crash with special
        crafted packets.

20131228:
        Imported FreeBSD 9.2 usb stack (plus z87 patches from stable)

        Updated em(4), igb(4) and ixgbe(4)

        MidnightBSD now works with Z87 Intel chipsets.

20131207:
        Remove sparc64 architecture. It hasn't been working for awhile
        and it's not useful for desktops anymore.

20131205:
        OpenSSH 6.4p1

20131203:
        Perl 5.18.1 imported.

        Update less to v458

20131130:
        Remove named from base. We still include the client utilities for
        now until replacements can be found.

20131004:
        rarpd supports vlan(4) and has a pid flag. (from FreeBSD)

20130917:
        Support for 65,536 routing tables was added.  A new fib specific
        field has been added to mbuf.  This is an increase from 16.

20130910:
        Security updates: (kern.osreldate 5001)

        nullfs(5)

        The nullfs(5) implementation of the VOP_LINK(9) VFS operation does not
        check whether the source and target of the link are both in the same
        nullfs instance.  It is therefore possible to create a hardlink from a
        location in one nullfs instance to a file in another, as long as the
        underlying (source) filesystem is the same.

        ifioctl

        As is commonly the case, the IPv6 and ATM network layer ioctl request
        handlers are written in such a way that an unrecognized request is
        passed on unmodified to the link layer, which will either handle it or
        return an error code.

        Network interface drivers, however, assume that the SIOCSIFADDR,
        SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK requests have been
        handled at the network layer, and therefore do not perform input
        validation or verify the caller's credentials.  Typical link-layer
        actions for these requests may include marking the interface as "up"
        and resetting the underlying hardware.

20130824:
        Fix a bug in sendmail 8.14.7 that interferes with how it
        handles AAAA records interoperating with Microsoft DNS servers.
        FreeBSD has already reported this to Sendmail and a fix
        will be included in the next release.

        Subversion 1.8.1 is now in the base system as a static
        binary.  It has limited functionality, but can be used to
        checkout/commit code.  It is named svnlite.

20130822:
        Fix two security vulnerabilities.

        Fix an integer overflow in IP_MSFILTER (IP MULTICAST). 
        This could be exploited to read memory by a user process.

        When initializing the SCTP state cookie being sent in INIT-ACK chunks,
        a buffer allocated from the kernel stack is not completely initialized.

        Import xz 5.0.4

        Import sqlite 3.7.17

        Import BIND 9.8.5-P2

20130814:
        mksh R48 imported.

        Sendmail 8.14.7 imported.

20130717:
        libmport bug was fixed causing hash verification to fail.

        virtio(4) imported from FreeBSD 9-stable. SCSI support not
        included.

20130612:
        RELENG_0_4 created for 0.4. Development continues on 0.5.

20130402:
        Update BIND and OpenSSL to resolve security advisories.

20130305:
        MKSH R44 imported.

20130213:
        MKSH R42b imported

20130211:
        MKSH R42 imported

20130125:
        MKSH R41 imported

20130122:
        OpenSSH 5.8p2 imported

        SQLite 3.7.15.2 imported

        Fixed a longstanding bug in libmport extrating new index files.

20120710:
        BSD licensed sort imported from FreeBSD-CURRENT

        For now, GNU sort is installed as gnusort, but it will
        go away in time.

20120708:
        tcsh 6.18.01 imported.

        NetBSD's iconv imported.

        libc gains strnlen(3), memrchr(3), stpncpy(3).

20120612:
        BIND security update related to CVE-2012-1667.

        Zero length resource records can cause BIND to crash resulting
        in a DOS attack or information disclosure.

20120407:
        mksh R40f (fixes regression)

20120328:
        mksh R40e

        Perl 5.14.2

20120229:
        cpucontrol(8) and cpuctl(4) added from FreeBSD 7-stable.

20120209:
        mDNSResponder 333.10 imported

20111227:
        import raid5 module for GEOM, graid5(8)

        This is experimental and known to use a lot of kernel
        memory. 

20111223:
        telnetd: fix a root exploit from a fixed buffer that was not checked

        pam: don't allow escape from policy path.  Exploitable in KDE, etc.

        Fix pam_ssh module:

        If the pam_ssh module is enabled, attackers may be able to gain access
        to user accounts which have unencrypted SSH private keys.

        This has to due with the way that openssl works.  It ignores unencrpted data.

        Fix security issue with chroot and ftpd.

        nsdispatch(3) doesn't know it's working in a chroot and some 
        operations can cause files to get reloaded causing a security
        hole in things like ftpd.

20111217:
        libdialog/dialog upgraded to an lgpl version. As it's not
        backwardly compatable, include the old libdialog as libodialog

20111212:
        mksh r40d imported

20111210:
        re(4) and rl(4) updated to support new chips.

        GEOM synced with FreeBSD 7-stable.

        MidnightBSD GPT partition types created in sys/gpt.h and
        setup in boot loader and GEOM.

        amdsbwd(4) (amd watchdog for south bridge) updated to support
        8xx series chipset.

20111207:
        import bsd grep from FreeBSD/OpenBSD.

        MK_BSD_GREP controls which grep is installed
        as grep with the other as bsdgrep or gnugrep.

20111122:
        mksh vR40c imported.

20111117:
        BIND 9.6 ESV R5 P1

20111107:
        tzdata 2011n

20111026:
        mDNSResponder v320

        BIND 9.6 ESV R5

20111022:
        cflow 0.0.6 imported

20111020:
        less v436 imported

        amdsbwd(4) AMD southbridge watchdog 

20111019:
        awk 20110810 imported

        et(4) Agere Gigabit Ethernet/Fast Ethernet driver added, but
        not included in GENERIC kernel.  The kernel module needs
        testing before we can include it in GENERIC.

        intr_bind code ported to allow an IRQ to be bound to one
        specific CPU core.

20111017:
        Time Zone Data v. 2011l (Released 10 October 2011)

        Updated list of countries (iso3166) to work with new timezone data.

20111015:
        Introduce CPU Affinity in MidnightBSD. cpuset(1) can be used
        to control which core or group of cores can be used for a given
        process. Several new system calls were added to support this
        functionality in the running kernel and for 32bit binary
        compatibility on amd64. 

        The scheduler default has been changed to ULE in i386 and
        amd64.  Changes were made to both schedulers (4BSD AND ULE)
        for this feature. 

        This work is based on Jeff Roberson's FreeBSD 7.1 patches.

20111004:
        Fix a problem with unix socket handling caused by the recent
        patch to unix socket path handling. This allows network
        apps to work under the linuxolator again.

20111001:
        Import libfetch & fetch(1) from FreeBSD 9. Passive FTP is 
        now default and an environment variable must be set to use
        active.

20110930:
        Introduce quirks handling for several umass devices including
        USB cameras.  Add workaround for Cyberpower UPS devices.

        Bring in further bug fixes from FreeBSD and NetBSD for alc(4).
        Stale ip/tcp header pointers are no longer used, lockups fixed
        when network cable is unplugged on bootup, enable TX checksum
        offloading.

        Add a new man page for gcache(8), a useful geom class when
        working with large raid3 sets.

        Restore previous workaround for Cypress pata storage controller.

20110929:
        Sync ath(4) with FreeBSD 7.3.

        The following modules are no longer available, and should be
        removed from loader.conf:
        ath_hal ath_rate_amrr ath_rate_onoe ath_rate_sample

        alc(4) would hibernate when a cable was unplugged and often
        required bring the interface down and up to "wake up" so that
        a connection could be established.  Disable hibernation.

20110928:
        Fix security issues with gzip and compress related to .Z
        files that are corrupted.

        Fix path validation with unix domain sockets.

20110917:
        Remove dependance on mports perl for generating releases as
        it's in the base system.

20110914:
        Import xz 5.0.3 with liblzma 5.0.3

20110813:
        synced the sparc64 GENERIC kernel configuration with amd64.

20110806:
        sqlite 3.7.7.1 imported

        msearch(1), libmsearch and msearch.import added.  msearch(1) provides
        a full text search command line tool.  libmsearch can also be used
        to build a graphical based search in the future. You can enable
        index building for msearch in periodic.conf or manually run the
        /usr/libexec/msearch.index tool.  Full text indexes take considerable
        space in /var.  I'm using approximately 500MB currently.

        Fix a long standing bug with the periodic script to check package
        versions.  This will be obsolete with mport though.

20110710:
        kdb_enter_why added to MidnightBSD to allow the kernel debugger to 
        know why it's in use and thus script can be run.

        Yet another problem with the perl manifest was fixed

20110709:
        cpufreq(1) is a new utility to monitor CPU frequency which may change
        with use of powerd(8) and cpufreq(4).

20110612:
        Update mksh to R40

        Catch up ObsoleteFiles.inc to remove Perl 5.10.x.  Good to run when
        updating current (cd /usr/src && make check-old)

20110528:
        Fix CVE-2011-1910 in BIND 9.6.x.  This affects caching resolvers.

20110526:
        newfs:
        Raised the default blocksize for UFS/FFS filesystems from
        16K to 32K and the default fragment size from 2K to 4K.

        This should slightly imporve performance on "advanced format"
        hard drives such as the WD EARS drives. Drives of this type
        have emulation modes that slow down with lower sizes.  Of course
        the drive must still be aligned properly when using fdisk.

20110521:
        mport tool now has a deleteall command.  This can be used to remove
        all packages from a system.

        A few bugs with the perl 5.14 import have been fixed.

20110518:
        Perl 5.14.0

20110517:
        Sendmail 8.14.5

20110314:
        DRM/DRI code updated to support newer video cards. (FreeBSD 7.1)

        cdevpriv wrappers added

        nss_mdns hack introduced to work around linking problem.

        dnsextd fixed after update to mDNSResponder code.

20110308:
        Introduce liblzma & xz 5.0.1 to the base system

        Patch for OpenSSL security issue CVE-2011-0014.

        "OSREVISION 4004"

        nsswitch module for multicast dns (nss_mdns) added.

        tzdata2011c

20110220:
        cam(4) syncronized with FreeBSD 7.3.

20110219:
        amdtemp(4) updated to support sensors framework.

20110217:
        Perl 5.10.1 imported

20110216:
        Introduce igb(4) and split Intel Gigabit Ethernet adapters between
        igb(4) and em(4).  Newer devices use igb(4).  The code has moved
        to sys/dev/e1000 for both devices in the kernel. igb(4) has
        been placed in GENERIC on i386 and amd64.

        Update bfe(4) to support newer devices and WOL.

20110215:
        age(4) added.

20110208:
        BIND 9.6.3 which fixes a bug with DNSSEC records getting added.

20110206:
        eeemon(4) added to monitor Asus Eee PC.

20110205:
        OpenSSH 5.7p1

        GNU sort 6.9 (coreutils)

20110203:
        one true awk 20100523 imported

        sqlite 3.7.5

        OpenSSL 0.9.8q

20110202:
        tcsh 6.17.00

        file 5.05

20110122:
        Import it(4) and lm(4), with support for Super I/O hardware monitors. This
        uses the sensors framework ported by Constantine A. Murenin (GSOC2007)

20110120:
        BIND 9.6.2-P3

        sudo 1.7.4-p6

20110115:
        Add experimental jme(4) for Jmicron ethernet devices.

20101130:
        A double free exists in the SSL client ECDH handling code, when
        processing specially crafted public keys with invalid prime
        numbers. [CVE-2010-2939]

20101120:
        Several portions of the kernel and userland code related to UFS file 
        systems (and UFS2) cannot properly handle inode counts above 2^31 due
        to use of int types.  Based on a patch from FreeBSD, I've modified
        our UFS2 implementation to handle unsigned values for inode counts
        which should allow for file systems greater than 16TB.

        newfs and growfs was also modified.

20101110:
        Fix a security issue with pseudofs which could result in running code in kernel
        context or a kernel panic depending on system configuration.  This affects file
        systems such as procfs for instance.

20101021:
        sysrc is a utility to print and modify name/value pairs in /etc/rc.conf easily.
        This is similar to functions present in many linux distros. The utility was
        written by Devin Teske for FreeBSD.

20100920:
        bzip2 security patch for integer overflow.

20100905:
        MidnightBSD RELENG_0_3 branch created.  Aggressive development continues here
        for 0.4.

20100902:
        Fix a security issue with libutil that allows users to bypass cpu limits in
        login.conf in some cases.  This combined with OpenSSH for example can allow
        the user to get more resources than they're allowed.

20100822:
        Import Apple's mDNSResponder (mdnsd).

20100814:
        libdispatch added to MidnightBSD.  This provides functionality found in
        Mac OS X's GCD.  We do not have blocks support yet.  As this code is
        licensed under Apache 2, we create a new MK_APACHE option so that
        it's not required for all users to run code under a license they
        may not like.

20100713:
        mbuf readonly fix related to sendfile(2) data corruption.

20100704:
        brainfuck(1) imported from MirBSD.

20100505:
        zlib 1.2.5

20100430:
        Sudo 1.7.2p6 imported

20100321:
        Update zlib to 1.2.4

20100319:
        Removed i586 from default i386 generic kernel.

20100317:
        Update to tzdata2010e (time zones).  This includes changes in
        Mexico.

        Add support for several newer sound cards via hda including
        ATI and Realtek chipsets.

20100313:
        CPU detection has been changed.  VIA Padlock detection added.

20100312:
        Fix a number of bugs and compiler warnings in libmport. Handle
        plus signs in paths for mport.check-fake

20100311:
        mksh R39c

20100309:
        Sudo 1.7.2p5

        sqlite3 3.6.23

        mksh R39b

        libffi (ffi) 3.0.9

20100206:
        WITHOUT_LIB32 is no longer needed on AMD64.  GCC was fixed to
        properly pass arguments to ld.

        re(4) and rl(4) have been updated to support several new
        realtek chipsets.  Performance has been improved on re(4).

20100204:
        Fix a bug cropping up on AMD64 MidnightBSD with sftp
        segfaulting.  

20100116:
        Import ash changes from FreeBSD (bin/sh) 8-Stable.

        BIND 9.6.1-P2

20100110:
        Import Sendmail 8.14.4. Fix for SSL vulnerability.

        posix_spawn(3) added to MidnightBSD libc.  Users may need to build and
        install libc before doing a full buildworld when upating from 0.2 or
        older current systems.

        kqueue(2) was modified to support portions of libdispatch functionality.

20100106:
        Bind security update.  Fix a bug with DNSSEC that causes negative
        cache entries and thus a possible DNS cache poisoning attack.

        Fix a bug in ZFS that can reset permissions on system crashes.

20091228:
        amdtemp(4) was added.  It allows one to monitor to the temperature
        of an AMD CPU such as a Phenom.

20091205:
        OpenSSL security fix

        The SSL version 3 and TLS protocols support session renegotiation without
        cryptographically tying the new session parameters to the old parameters.

20091128:
        OpenBSD sensors framework imported including sensorsd(8)

20091126:
        OpenNTPD 4.4 import

        Update OpenSSH to 5.3p1

        mksh R39

20091124:
        cpdup updated from DragonFly to 1.15

        tzdata2009s updated with latest timezone data for November 2009.

20091010:
        amd64 users should use WITHOUT_LIB32=yes in /etc/make.conf for now
        to test current.

        Revert unicode filename fixes from ntfs code.  This was causing chaos
        on amd64 systems.

20091006:
        Update timezone data with tzdata2009n with the Pakistan and
        Argentina changes.

        Sync several userland utilities with versions from FreeBSD 7.0 in
        sbin and usr.sbin.

20090919:
        Update timezone data with tzdate2009m from September 2009.

20090729:
        Patch for Bind 9 security vulnerability. a dynmaic update packet 
        can trigger an assertion and cause named to exit

20090606:
        Remove PCC from the base system.  This compiler will not work
        as a system compiler for us as we've got some userland investment
        in C++ code and may have Objective-C in the future.  We're stuck
        with a solution that supports these three languages at a minimum.

        I had wanted to keep it as an optional compiler because it is
        fast, however too many users want to try to use it for the base
        system which makes no sense.

        A hack was added for Cypress based usb hard drive enclosures to
        the kernel.  This should cut down on commands it claims to support
        but does not (at the cam layer).  Found while testing ZFS on
        an external device.

20090520:
        The powerd daemon no longer starts automatically to improve
        compatibility with many systems.  However, there is a new
        installer option in the startup section to enable it. This
        makes it easier to enable for users that have working systems. I                thought it was only a problem on older hardware, but it freaks
        out my new Phenom too.

20090502:
        OpenSSH 5.2p1 import

        ale(4) connected to the build. (kernel module only)

20090501:
        Imported makefs utility from NetBSD/FreeBSD

20090422:
        OpenSSL security update

        The function ASN1_STRING_print_ex does not properly validate the lengths
of BMPString or UniversalString objects before attempting to print them.

20090415:
        Created a Symbol.map for libc/ohash symbols

        Updated several usr/bin usr/sbin utilities.

        Corrected a bug with Makefile.inc1 causing the bootstrap
        tools to fail.

20090405:
        xorg 7.4 wants to configure its input devices via hald which does not
        yet work with USB. If the keyboard/mouse does not work in xorg then
        add
                Option "AllowEmptyInput" "off"
        to your ServerLayout section.  This will cause X to use the configured
        kbd and mouse sections from your xorg.conf

20090403:
        mksh was disconnected a few day ago do to bugs with
        buildworld and mports.  Now, connect it back 
        for use as /bin/sh with a conditional called
        MK_ASH.  By default, ash is the standard /bin/sh
        but we may change this later.  This will allow further
        testing by users and developers of mksh without
        causing an unpleasant default experience.  In the
        long run, we need to fix mksh compatibility.

20090328:
        Bring in mksh R37 from CVS. The dot.mkshrc files for root 
        and skel were changed.  mksh(1) now replaces ash aka sh(1)
        as the default /bin/sh.  Please report bugs with
        ports, etc. The ash code will remain in the repo for awhile
        as I decide if we'll add something like MK_SHELL_ASH as
        an optional build parameter.  

        ahd was disconnected from the lint environment until
        the compiler bug is sorted (by updating gcc?)

        Remove freebsd-tips from fortune files and change the
        default for login and profile.

20090327:
        Update libarchive to 2.5.5, tar, and add bsdcpio.

        Also previously, ctriv has been connecting Perl 5.10
        to the build (part of os).  This will have an impact
        on mports.

20090325:
        Update Bind to 9.4.3-P1

        Update mksh to R36b

        Update tcpdump to 3.9.8, fix libpcap to work with current.

        Update pnpinfo, sync with FreeBSD.

20090115:
        Fix a problem with DNSSEC and BIND.

20090110:
        For applications using OpenSSL for SSL connections, an invalid SSL
        certificate may be interpreted as valid.  This could for example be
        used by an attacker to perform a man-in-the-middle attack.

        Other applications which use the OpenSSL EVP API may similarly be
        affected.

        Stop cross site request forgery attacks in lukemftpd

20090104:
        Import GNU libreadline 5.2

20090101:
        Update time zone data to 2008i.

20081231:
        Correct a problem where bluetooth and netgraph sockets are not
        properly initialized.

        Happy 2009.

20081206:
        Due to the massive change in the underlying system under way,
        we're naming the next release 1.0.  The sys/sys/param.h was
        changed accordingly.  ipfilter and ncurses were corrected
        using __MidnightBSD__ tests in the code.  

        The GENERIC kernel config was caught up on i386 today.  Consider
        i386 still broken, but amd64 is running again. 

        mdoc.local was updated with the new MidnightBSD version info.

        batt(1) was rewritten in C.  It now supports several flags and
        runs about 8 times faster on my laptop.  The default output
        shows the number of minutes of battery life remaining and the
        percentage.  You can use -u to display the number of batteries or
        -c to get script friendly output.  Consult the man page for more.

20081204:
        Work has completed on importing ZFS, jemalloc, several
        new devices, SCTP, updated pf, a new tempfs, linuxolator 2.6 kernel
        support, improved locking for file desc., audit (openbsm), 
        openssl .98e, nfe, imporved intel high def audio, midi, updated
        intel gigabit (em), support for several wifi cards (intel), ...

        Renamed 0.3-CURRENT officially. Switched to using MidnightBSD version
        data from param.h instead of the FreeBSD version.  This means
        testing is now possible in the ports tree for the version
        and that any ports or code relying on the FreeBSD version from
        sys/sys/param.h will need to be fixed.

20080905:
        update nve(4) to support new hardware.

20080801:
        Import OpenBSM 1.0

        Modify src/release to create 3 isos instead of 2 for packages.

        etc/rc.d/firstboot now enables kdm, gnustep + slim and bsdstats.

        Many ia64, alpha, powerpc items were removed. 

        The recent diffutils 2.8.7 import was fixed.

20080703:
        pcc was not installed properly when setting DESTDIR for live cds, 
        or posibly jails. 

20080627:
        Add firmware(9), WEP, CCMP, TKIP to GENERIC.

        Add glabel to GENERIC.

        Intel ICH8 mobile chipset used on some iMacs included with ata.

        pcc connected to the build on i386. (alternative compiler)

        ath added to GENERIC.  (Atheros wireless NICs) on amd64/i386

20080528:
        Sendmail 8.14.3

20080516:
        ssh-vulnkey allows you to look for vulnerable ssh keys that
        were generated on Debian and Ubuntu hosts over the last
        few years.  sshd can block offending keys with a configuration
        option.

        The elf note on binaries is now set to MidnightBSD.

20080514:
        Fixed a number of problems with pcc.  It is not yet connected
        to the build, but usable on i386 hosts.  You may use it 
        by make; make install in /usr/src/usr.bin/pcc.  It will
        install in /usr/local as some of the files conflict with
        GCC versions. __MidnightBSD__ is defined in PCC as well.

        System headers were fixed to allow pcc to compile many binaries
        on MidnightBSD.  bin/cp will work now for instance.

20080430:
        __MidnightBSD__ is now defined via gcc.  This can be tested
        to determine we're running on MidnightBSD in the preprocessor.

20080429:
        Import bind 9.4.2 with threading

        libpthread (KSE) and libthr are built earlier
        
        pcvt(4) removed!

        Alias added for core2 cpus.

        Alpha and PC98 only utilities removed from usr/sbin

        syslogd, adduser, rmuser, mergemaster and mailwrapper have been
        improved.  See the man pages for info.

        periodic scripts will not send emails with empty message bodies.
        See mailwrapper fix.

20080410:
        Sync cpdup with DragonFly.  Add parallel transaction support and
        -l flag to line-buffer stdout and stderr.

20080406:
        Import bzip2 1.05
        Import OpenSSH 4.9p1

20080322:
        The default umask was changed to 022.
        
        /usr/X11R6 paths were removed from several config files.

        .mkshrc files are now installed for root.

20080316:
        FIx a problem with gif0 tunnels and neighbors with IPV6.

20080312:
        Add lndir from X.org.  This aides in the porting of MirPorts.

        New OS versions were added to the mapage code (groff)

20080310:
        Correct a buffer overflow in ppp.

20080308:
        Remove /usr/X11R6 from manpath config.

20080307:
        Atheros driver no longer has several options set
        which corrects building in tinderbox on all three platforms.

        Added a new macro to sx.h which returns true if the current
        thread holds an exclusive lock on a specifix sx.

        Removed OS/2's HPFS file system.   It's not maintained and
        I don't know anyone using OS/2 or ecomstation these days.
        My copy is in the closet collecting dust.

20080306:
        Synced tinderbox with FreeBSD.  Modified it for MidnightBSD.
        Developers can now use it to check src builds.

20080303:
        Add mksh to /etc/shells, made some adjustments to options
        for mksh builds per suggestion upstream.

        USB HID table updated with modern hardware list.

        Updated BSD family true (we're not in there yet)

        iso3166 file updated and import of tzdata2007k for 
        new time zones.

        Updated mksh to latest version R33.

20080228:
        Remplaced the random IP id generation code with a new
        version by Amit Klein.

20080221:
        Sendfile write only permissions fix.

        Removed some HPFS and PC98 code.

        iso639 file sycned with DragonFly.

20080128:
        Changed NTP configuration so that ips aren't cached
        so multiple servers are used.

        Fix an issue with fork() in libpthread.

20080121:
        Add virtualization detection to set the HZ rate
        according to a VM present.  VMWare and Parallels
        should work better like this.

        Change to full x11 install in sysinstall.  Add
        xorg 7 support.

20080115:
        Fix the handling of PTY's.  CVE-2008-0216

20080105:
        mport delete code added, USE_MPORT_TOOLS knob aded.

20080101:
        Happy New Year

20071123:
        Update sendmail to 8.14.2

20071120:
        Update system compiler to gcc 3.4.6.

20071023:
        Updated mksh to R31d.

20070911:
        Updated mksh to version R31b.

        Fixed stderr output in libpthread.  Previously it was
        written to stdout.

20070831:
        Added dot.mkshrc file to support the recent change to 
        mksh from OpenBSD's ksh derived from pdksh.  

        Added new firewall configuration.  ipfw is enabled by default
        with a "desktop" configuration.  Consult /etc/rc.firewall
        or ipfw show to see the ruleset used.  You can disable
        ipfw by setting firewall_enable="NO" in /etc/rc.conf This
        change only effects IPv4.  IPv6 does not have a firewall
        enabled by default.

20070814:
        Removed GNU tar source.  We've been using BSD tar 
        for awhile.

20070806:
        Finished removing umapfs and autofs from the tree.

20070804:
        BIND and Tcpdump have been patched for recent vulnerabilities.

        We switched to BSD cpio (pax).

20070719:
        Imported cpdup from DragonFly as /bin/cpdup

20070716:
        Update GNU cpio to 2.8. 

20070410:
        cvs was updated to 1.12.13.  cvsbug was removed.
        cvs now behaves similarly to DragonFly's cvs with
        most of their local changes.  

20070409:
        RELENG_0_1 was created. More aggresive changes will
        continue here.

20070406:
        Back out propolice.  propolice caused several problems
        with our threading libraries libthr and libpthread.  
        curthread was often NULL after the patch and many
        multithreaded applications would crash.  We plan to 
        work on either bringing in gcc 4.1 or developing a new
        patch which also corrects our threading issues later.

        It is more important to have a stable system for our
        mport work and other projects at this time.

        This is not a clean removal.  It is recommended that you
        have a recently SNAP CD handy.  You can either reinstall
        or perform a make buildworld and make buildkernel and 
        make installkernel.  Reboot on the cd and copy the contents
        of /bin, /sbin, /lib, /libexec, and /usr/bin, /usr/sbin,
        /usr/lib, and /usr/libexec to the respective directories on
        your disk.  Then you should be able to boot into single user
        mode and run make installworld.  You will need to run
        chflags noschg on some of the files if you can't overwrite
        them. 

        You will get __guard missing errors since we had to remove
        this from libc.

        You will need to rebuild any ports built while propolice was
        installed.

20070401:
        Importing propolice into MidnightBSD. Propolice is going to
        provide us with much greater security and stability in the
        long run. If upgrading from a pre-propolice system, please
        follow the these instructions:

        cd /usr/src/lib/libc && make obj && make && make install
        cd /usr/src/gnu/usr.bin/cc && make obj && make && make install
        cd /usr/src/lib/libpthread && make obj && make && make install
        cd /usr/src/lib/libthr && make obj && make && make install
        buildworld and kernel

        It is adviced that any mports which were installed and/or built
        prior to the propolice update also be updated. If any errors
        or issue are encounted, please contact security@midnightbsd.org
        and we will be sure to investigate and come up with an expeditious
        fix.

20070314:
        Remove send-pr from src.

        Switch to NetBSD's gzip.

        Bump MBSD minor revision.

20070313:
        Imported OpenSSH 4.6p1.

        Imported FreeBSD's libarchive and updated tar to work with it.

        Disabled debug statements cluttering up /var/log/messages for
        the tcp autobuf patch applied previously.

20070312:
        Synced several audio changes from FreeBSD 6.1. Removed the 
        BSD Daemon files from src/share.  

20070308:
        Added mfi which supports LSI Logic MegaRAID SAS devices including
        the Dell perc5i.

20070206:
        Imported OpenBSD's sudo into source. Please install
        /usr/src/usr.bin/sudo/lib first before building.

        Those who install from a snapshot after this date
        will not be effected.

20070119:
        Added audit group.  Be sure to add audit to your /etc/group file
        before installing world.

        hostapd was updated to 0.4.8.

        An accidental commit in usr.sbin/bluetooth/hccontrol was fixed to
        unbreak world.

        wpa_supplicant was updated.

        For stability and compatibility reasons, it was decided that MidnightBSD
        sync with FreeBSD 6.1 Release.  Nearly every change between the original
        fork date of February 24, 2006 and the release of FreeBSD 6.1 in May
        2006 will be merged.  Beyond this, MidnightBSD will be a "real" fork and
        will not sync every little change with FreeBSD.

20061231:
        Updated COPYRIGHT for 2007.

        Updated and bumped libutil after importing NetBSD efun(3) functions.

        Added MidnightBSD_version and bumped the FreeBSD version as we've
        synced all commits between the fork and that version.  It is now safe
        to assume MidnightBSD is compatible with FreeBSD RELENG_6 from
        Feb 26, 2006.

        Added spell(1) and deroff(1) from NetBSD.  Also added additional
        dict files to work with it. /usr/share/dict/american, 
        /usr/share/dict/british and /usr/share/dict/special/math

        Numerous man page and bug fixes.

20061226:
        Setup /usr/share/examples/cvsup SUPfiles for the new
        MidnightBSD CVSup server. 

        Fix a bug in burncd where it would continue forever while
        erasing CDRW media.

        Add csup to /usr/bin.  csup is a CVSup replacement written
        in C. 

        Fixed a bug with bsnmpd build from Oct 30.  

        Corrected some race conditions and fixed a few bugs in
        geom.  Imported changes from FreeBSD RELENG_6.

20061225:
        Fixed a typo in src/lib/libc/sparc64/fpu/fpu_implode.c
        that caused long double to long and long long 
        conversion of negative numbers to always result in -1.

20061221:
        Fixed acpi_battery.c to not report an ERROR if no
        batteries are present.

        Performed some minor updates on the RL and RE NIC drivers.
        RL should no longer panic when trying to print errors.

        Corrected a bug with TTY.

20061218:
        Corrected a bug with libpthread where newly created suspended
        threads don't get scheduled.

20061206:
        Fixed a typo with the firewire security patch.

20061129:
        Minor cleanups to utilities in bin.

        Fixed msdos file system short file name behavior to match
        FreeBSD.

20061031:
        Updated man pages in section 7.

20061030:
        Updated sys/dev/drm to support intel 915 and radeon 
        r300 cards properly.  

        Synced snmpd with FreeBSD-stable.

        Fixed a bug in rm which could cause data loss.  

20061027:
        Added Intel ICH8 and nForce 5 support to ATA. cam, mpt,
        random, kbdmux, atkbd, and usb were updated.  Changes
        to clearing registers on SSE enabled processors (i386)
        commited.  

        lukemftpd updated.  

        openssh rc script was altered which effects initial
        seeding.  

20061014:
        Workaround for em driver problem on shared IRQ.

        Started removal of alpha support.

20061013:
        ATA driver was updated.  USB/USB1/USB2 types added.

20061010: 
        OpenSSH was updated to 4.4p1.   

20060909:
        OpenNTPD was added to MidnightBSD.  Run make delete-old to remove
        the old ntpd daemon.

        cat has a new option -D which allows you to timestamp output
        on a per line basis.

        The kernel has a keyboard mux which allows you to have multiple
        keyboard connected simultaneously.  USB keyboard support was also
        improved with this patch.

        The Intel em driver was updated.  Network performance was greatly
        increased on many systems.  Additional models are supported.

        The ATA driver was patched to fix a potential deadlock.

        Bind was patched to fix a potential denial of service condition.

20060817:
        ksh has been added to the base system.  If you previously had
        the port installed, it will be overwritten on the next buildworld.


        To build a kernel
        -----------------
        If you are updating from a prior version of MidnightBSD (even one just
        a few days old), you should follow this procedure. With a
        /usr/obj tree with a fresh buildworld,
        make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=YOUR_KERNEL_HERE
        make -DALWAYS_CHECK_MAKE installkernel KERNCONF=YOUR_KERNEL_HERE

        To test a kernel once
        ---------------------
        If you just want to boot a kernel once (because you are not sure
        if it works, or if you want to boot a known bad kernel to provide
        debugging information) run
        make installkernel KERNCONF=YOUR_KERNEL_HERE KODIR=/boot/testkernel
        nextboot -k testkernel

        To just build a kernel when you know that it won't mess you up
        --------------------------------------------------------------
        This assumes you are already running a 6.X system.  Replace
        ${arch} with the architecture of your machine (e.g. "i386",
        "amd64", "ia64", "pc98", "sparc64", etc).

        cd src/sys/${arch}/conf
        config KERNEL_NAME_HERE
        cd ../compile/KERNEL_NAME_HERE
        make depend
        make
        make install

        If this fails, go to the "To build a kernel" section.

        To rebuild everything and install it on the current system.
        -----------------------------------------------------------
        # Note: sometimes if you are running current you gotta do more than
        # is listed here if you are upgrading from a really old current.

        <make sure you have good level 0 dumps>
        make buildworld
        make kernel KERNCONF=YOUR_KERNEL_HERE
                                                        [1]
        <reboot in single user>                         [3]
        mergemaster -p                                  [5]
        make installworld
        make delete-old
        mergemaster                                     [4]
        <reboot>


        To cross-install current onto a separate partition
        --------------------------------------------------
        # In this approach we use a separate partition to hold
        # current's root, 'usr', and 'var' directories.   A partition
        # holding "/", "/usr" and "/var" should be about 2GB in
        # size.

        <make sure you have good level 0 dumps>
        <boot into -stable>
        make buildworld
        make buildkernel KERNCONF=YOUR_KERNEL_HERE
        <maybe newfs current's root partition>
        <mount current's root partition on directory ${CURRENT_ROOT}>
        make installworld DESTDIR=${CURRENT_ROOT}
        cd src/etc; make distribution DESTDIR=${CURRENT_ROOT} # if newfs'd
        make installkernel KERNCONF=YOUR_KERNEL_HERE DESTDIR=${CURRENT_ROOT}
        cp /etc/fstab ${CURRENT_ROOT}/etc/fstab                    # if newfs'd
        <edit ${CURRENT_ROOT}/etc/fstab to mount "/" from the correct partition>
        <reboot into current>
        <do a "native" rebuild/install as described in the previous section>
        <maybe install compatibility libraries from src/lib/compat>
        <reboot>


        To upgrade in-place from 5.x-stable or higher to 6.x-stable
        -----------------------------------------------------------
        <make sure you have good level 0 dumps>
        make buildworld                                 [9]
        make kernel KERNCONF=YOUR_KERNEL_HERE           [8]
                                                        [1]
        <reboot in single user>                         [3]
        mergemaster -p                                  [5]
        make installworld
        make delete-old
        mergemaster -i                                  [4]
        <reboot>

        Make sure that you've read the UPDATING file to understand the
        tweaks to various things you need.  At this point in the life
        cycle of current, things change often and you are on your own
        to cope.  The defaults can also change, so please read ALL of
        the UPDATING entries.

        Also, if you are tracking -current, you must be subscribed to
        freebsd-current@freebsd.org.  Make sure that before you update
        your sources that you have read and understood all the recent
        messages there.  If in doubt, please track -stable which has
        much fewer pitfalls.

        [1] If you have third party modules, such as vmware, you
        should disable them at this point so they don't crash your
        system on reboot.

        [3] From the bootblocks, boot -s, and then do
                fsck -p
                mount -u /
                mount -a
                cd src
                adjkerntz -i            # if CMOS is wall time
        Also, when doing a major release upgrade, it is required that
        you boot into single user mode to do the installworld.

        [4] Note: This step is non-optional.  Failure to do this step
        can result in a significant reduction in the functionality of the
        system.  Attempting to do it by hand is not recommended and those
        that pursue this avenue should read this file carefully, as well
        as the archives of freebsd-current and freebsd-hackers mailing lists
        for potential gotchas.

        [5] Usually this step is a noop.  However, from time to time
        you may need to do this if you get unknown user in the following
        step.  It never hurts to do it all the time.

        [8] In order to have a kernel that can run the 5.x binaries
        needed to do an installworld, you must include the COMPAT_FREEBSD5
        option in your kernel.  Failure to do so may leave you with a system
        that is hard to boot to recover. A similar kernel option COMPAT_FREEBSD5
        is required to run the 5.x binaries on more recent kernels.

        Make sure that you merge any new devices from GENERIC since the
        last time you updated your kernel config file.

        [9] When checking out sources, you must include the -P flag to have
        cvs prune empty directories.

        If CPUTYPE is defined in your /etc/make.conf, make sure to use the
        "?=" instead of the "=" assignment operator, so that buildworld can
        override the CPUTYPE if it needs to.

        MAKEOBJDIRPREFIX must be defined in an environment variable, and
        not on the command line, or in /etc/make.conf.  buildworld will
        warn if it is improperly defined.

Copyright information:

Copyright 1998-2005 M. Warner Losh.  All Rights Reserved.

Redistribution, publication, translation and use, with or without
modification, in full or in part, in any form or format of this
document are permitted without further permission from the author.

THIS DOCUMENT IS PROVIDED BY WARNER LOSH ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED.  IN NO EVENT SHALL WARNER LOSH BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

If you find this document useful, and you want to, you may buy the
author a beer.

Contact Warner Losh if you have any questions about your use of
this document.

$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $
$MidnightBSD$
Revision:	7419
Committed:	Thu Jan 14 13:14:41 2016 UTC (8 years, 4 months ago) by laffer1
File size:	49568 byte(s)
Log Message:	TCP MD5 signature denial of service A programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash.