netlink: fix LINT-NOVIMAGE build
Include the required header for securelevel_ge()
Fixes: 9933bdcb1264 ("pf: only allow a subset of netlink calls when securelevel is set")
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 3103d39cd99f0a49414f907459d8fd3c11dc36b8)
ctladm tests: Only use allowed chars in IQN
_ isn't part of the allowed IQN format, but - is.
None functional change.
Reviewed by: asomers, ngie
Approved by: asomers (mentor)
Sponsored by: ConnectWise
Differential Revision: https://reviews.freebsd.org/D56557
(cherry picked from commit 51b65c6af2e19f1e944c67aa2b5252cd9dc9e2f7)
Fix memory corruption bugs in BSM record parsing
fetch_newgroups_tok(3): clamp group count to AUDIT_MAX_GROUPS before the
loop to prevent a stack buffer overflow when a crafted record specifies
more than 16 groups.
fetch_execarg_tok(3), fetch_execenv_tok(3): add a bounds check at the
top of the string-walking loop to prevent an out-of-bounds read when the
previous string's nul byte is the last byte of the record buffer.
fetch_sock_unix_tok(3): clamp the memchr search length to the number of
bytes remaining in the buffer to prevent an out-of-bounds read on short
tokens. Also clamp slen to sizeof(path) to prevent a one-byte overflow
when no nul byte is found within the path data.
fetch_socket_tok: fix copy-paste error where the remote address was
written into l_addr instead of r_addr.
Previously reported by: @haginara
[13 lines not shown]
mac_seeotheruids: allow specificgid to be a list of groups
The specificgid functionality has historically allowed only a single
group to be exempt, but in practice one might want a few services to
be exempt for reasons. From a security perspective, we probably don't
want to encourage unrelated users to be grouped together solely for
this purpose, as that creates one point of shared access that could be
used for nefarious purposes.
Normalize the group list as we do cr_groups to allow for linear matching
rather than quadratic, we just need to account for the differences in
FreeBSD 15.0+ where cr_groups is entirely supplementary groups vs.
earlier versions, where cr_groups[0] is the egid and the rest is
sorted.
Reviewed by: csjp, des (earlier version)
Sponsored by: Klara, Inc.
(cherry picked from commit b675ff8eedc9ac93cdf1cfe33185b7a1a027df37)
mac_seeotheruids: allow specificgid to be a list of groups
The specificgid functionality has historically allowed only a single
group to be exempt, but in practice one might want a few services to
be exempt for reasons. From a security perspective, we probably don't
want to encourage unrelated users to be grouped together solely for
this purpose, as that creates one point of shared access that could be
used for nefarious purposes.
Normalize the group list as we do cr_groups to allow for linear matching
rather than quadratic, we just need to account for the differences in
FreeBSD 15.0+ where cr_groups is entirely supplementary groups vs.
earlier versions, where cr_groups[0] is the egid and the rest is
sorted.
Reviewed by: csjp, des (earlier version)
Sponsored by: Klara, Inc.
(cherry picked from commit b675ff8eedc9ac93cdf1cfe33185b7a1a027df37)
Fix memory corruption bugs in BSM record parsing
fetch_newgroups_tok(3): clamp group count to AUDIT_MAX_GROUPS before the
loop to prevent a stack buffer overflow when a crafted record specifies
more than 16 groups.
fetch_execarg_tok(3), fetch_execenv_tok(3): add a bounds check at the
top of the string-walking loop to prevent an out-of-bounds read when the
previous string's nul byte is the last byte of the record buffer.
fetch_sock_unix_tok(3): clamp the memchr search length to the number of
bytes remaining in the buffer to prevent an out-of-bounds read on short
tokens. Also clamp slen to sizeof(path) to prevent a one-byte overflow
when no nul byte is found within the path data.
fetch_socket_tok: fix copy-paste error where the remote address was
written into l_addr instead of r_addr.
Previously reported by: @haginara
[13 lines not shown]
cron: log when a crontab path is too long
Log via syslog when snprintf truncates the crontab path, instead of
silently skipping the entry.
Signed-off-by: Christos Longros <chris.longros at gmail.com>
Reviewed by: bcr, kevans
Differential Revision: https://reviews.freebsd.org/D56235
tests/sys/arch/amd64: add a program to check INT $0x80 behavior on amd64
Requested and reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56654
libifconfig: Skip bridge VLAN config for span members
bridge(4) doesn't support BRDGGIFVLANSET for span members, which
means if a span interface is configured, libifconfig will fail to
fetch bridge members. Skip this for IFBIF_SPAN members.
PR: 292634
MFC after: 3 days
Reported by: Emrion <kmachine at free.fr>
Reviewed by: pouria, zlei
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D56694
news/inn{-current}: Modernize the port
Update to modern ports practices while retaining same functionality.
- Option helpers
- GNU_CONFIGURE with overrides for existing filesystem layout
- USES gssapi for krb5, clean up ac_cv_ hacks
- Fix setuid for SETGID_INEWS and UUCP_RNEWS
- Add newer config files as @sample: inn-radius.conf, inn-secrets.conf
- Install all filter scripts as @sample
- Remove ex script and install empty history as @sample
- Use find to run bin/.so strip list instead of manual list
- Clean up inn-current slave port
- portclippy
news/cleanfeed: Clean up the port
- Use plist to handle ownerships and installation to filter_innd.pl
- Install bad_ files as sample so the admin can edit them
efibootmgr: Show attributes, category and optional data when verbose
Also rework a bit the way device path are displayed for consistency.
Signed-off-by: stephane.rochoy at stormshield.eu
Reviewed by: imp
Sponsored by: Stormshield
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2167
efivar: Move dump functions into libefivar
To allow their use by efibootmgr.
Signed-off-by: stephane.rochoy at stormshield.eu
Reviewed by: imp
Sponsored by: Stormshield
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2167
ctld: kernel-sourced portal groups are not dummies
The current and historical versions of ctld would flag our initial set
of kernel ports as dummies, because their portal groups were empty since
portals come from the configuration on-disk.
As a result, we would never try to remove a kernel port at startup that
didn't exist in the configuration (possibly a feature if you wanted
concurrent ctld(8)), and we would always try to port->kernel_add() on
ports in the configuration (even if they actually did have an existing
kernel port).
Flag these portal groups as kernel groups so that we avoid trying to add
ports that already exist. It may be the case that the kernel_remove()
loop in conf::apply() needs to do something other than the current
`oldport->is_dummy()` to avoid removing ports that it isn't supposed to
be managing, but that wuld also seem to apply to LUNs that would be
removed today.
[2 lines not shown]
libiscsiutil: preserve errno across warning logs
Various calls in the implementation can clobber errno; preserve it for
the caller since none of these will bubble up pass/fail to simplify
some future error handling in ctld.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D56539
