FreshBSD

Enhance the documentation of MKSANITIZER in bsd.README

Note that the list of sanitizer features is just a selection, not a
complete list. Include there LSan and Scudo. Missing: hwmsan, esan,
ubsan_minimal etc.

Explain that USE_SANITIZER is an argument passed to -fsanitize= and it can
contain multiple options.

Mention SANITIZERFLAGS to pass even more sanitizer arguments.

Stop tracking in this file what compiler compiles what features. Just note
that the selection of supported features depends on a compiler version and
target CPU architecture.

mark with XXXSMP all remaining spl*() and tsleep() calls

similar treatment as xennetback_xenbus.c:
- protect instance list with mutex
- mark more local variables static
- mark with XXXSMP what looks suspicious
- in pciback.c use kmem_zalloc() et.al to allocate the device structures

fix panic of DOM0 in xennetback_xenbus_destroy() on xl destroy of
DOMU with created, but non CONNECTED xennet (such as when DOMU
panics during boot); only try to disestablish the intr if it was
actually setup

while here protect xnetback_instances with mutex, and switch to use
kmem_zalloc() + KM_SLEEP / kmem_free() like xbdback_xenbus.c; add XXXSMP
to the other global variables, and at least mark them static

Revert previous, fix iteration loops to be consistent:
All sets that have an id >= SET_LAST have NULL name, so use that like the
loop just below.

typo

Add GDI, NeWS, PRAM, PS, RIP, WDM, WDDM

Reset SANITIZERFLAGS when specified NOSANITIZER / MKSANITIZER=no

This allows passing additional sanitizer specifig flags from the ./build.sh
level, like: -V SANITIZERFLAGS="-fsanitize-memory-track-origins" for MSan.

Fix typo in previous

The -Wno-format-extra-args argument to Clang/LLVM needs trailing 's'.

Noted by <joerg>

fixed a case of gtmr_cntvct_stable_read() is returning the same value as before.

Sync the ld scripts:

 * Force a PAGE_SIZE alignment of .bss on i386. Normally that's not
   required since the bootloader ensures page alignment, but let's be
   safe. Same on Xen-i386.

 * Fill the .text section padding with int3 instructions on Xen kernels,
   to prevent FALLTHROUGHs if a pointer goes crazy, same as native.

follow change in rev. 1.22 of kern.ldscript and apply same fix for xen
ldscript too, but using just regular PAGE_ALIGN alignment:

"""
Fix a pretty dumb mistake I made in r1.22: the alignment needs to be in the
bss, otherwise the bootloader will use memory before __kernel_end and give
a wrong start pa to the kernel.
"""

this got broke by amd64/locore.S rev. 1.141 which removed an unused variable
which forced the alignment

this fixes ps/bt in ddb to be able to find symbols and hence PR port-xen/53056

Since now we are called from cleanup_exit() make sure that we have a state
to work with. Found by ASAN.

add support for kern.intr.list aka intrctl(8) 'list' for xen

event_set_handler() and pirq_establish() now have extra intrname
parameter; shared intr_create_intrid() is used to provide the value

xen drivers were changed to pass the specific driver instance
name as the xname, e.g.  'vcpu0 clock' instead just 'clock', or
'xencons0' instead of 'xencons'

associated evcnt is now changed to use intrname - this matches native x86

fix the previous.  the code was right, just badly formatted before.

should fix infinite loops reported in some cases.

use isa_intr_establish_xname() so this passes the device name

Prevent signed integer left shift UB in FD_SET(), FD_CLR(), FD_ISSET()

Set the type of shifted integer 1 to unsigned int.

Detected with MKSANITIZER/UBSan in sysinst(8).

provide pci_intr_establish_xname() on x86 independantly from MSI,
so it's available on XEN too; change also the stub to use weak
symbol instead #ifdef

Welcome to 8.0 RC2!

Fix a typo

Tickets #898 and #899

Pull up following revision(s) (requested by kamil in ticket #899):

        lib/libutil/passwd.c: revision 1.53

Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c

If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.

Detected with MKSANITIZER/ASan when executing passwd(1).

Pull up following revision(s) (requested by kamil in ticket #898):

        usr.sbin/installboot/arch/i386.c: revision 1.41

Fix integer overflow in installboot(8)
Add a sanity check of the disk_buf first three bytes. The original code on
a disk with nul bytes was causing integer overflow and thus calling the
memcmp(3) functin in is_zero() with enormous length.
Verity that the 0th byte is JMP, 1th a signed byte >= 9 to prevent overflow
and 2th byte NOP.

Add a comment explaining the check.

Detected with MKSANITIZER and ASan.

Fix stack use after scope in libutil/pty

The pt variable's elements are used after the end of the pt scope.
A move of pt to outer scope fixes this.

Detected with MKSANITIZER/ASan with tmux(1), a forkpty(3) user.

Install note changes

Pull up the following changes with minor adjustement:

        distrib/notes/acorn26/contents                        (same as acorn32 1.3)
        distrib/notes/acorn32/contents                        1.3
        distrib/notes/alpha/contents                        1.17
        distrib/notes/amd64/contents                        1.6
        distrib/notes/amiga/contents                        1.21
        distrib/notes/arc/contents                        1.3
        distrib/notes/atari/contents                        1.21
        distrib/notes/bebox/contents                        1.3
        distrib/notes/cats/contents                        1.3
        distrib/notes/common/contents                        1.173
        distrib/notes/common/xfer                        1.75
        distrib/notes/emips/contents                        1.3
        distrib/notes/evbarm/contents                        1.3
        distrib/notes/evbppc/contents                        1.4
        distrib/notes/ews4800mips/contents                1.3
        distrib/notes/hp300/contents                        1.18
        distrib/notes/hpcarm/contents                        1.4
        distrib/notes/hpcmips/contents                        1.11
        distrib/notes/hpcsh/contents                        1.4
        distrib/notes/hppa/contents                        1.3
        distrib/notes/i386/contents                        1.30
        distrib/notes/landisk/contents                        1.4
        distrib/notes/mac68k/contents                        1.21

    [21 lines not shown]

Document debug sets and kernel module directory.

Add temporary hint at manual installation instructions for UEFI setups.

Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c

If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.

Detected with MKSANITIZER/ASan when executing passwd(1).

Enlarge the set_status[] array by a single element

In the get_and_unpack_sets() function there is accessed the
set_status[SET_GROUP_END] element in the array. The array is allocated on
the stack with SET_GROUP_END elements. This means that it is 1 element too
short.

This has been reported with MKSANITIZER=yes with Address Sanitizer.

Specify -Wno-format-extra-args for Clang/LLVM in gpl2/gettext

This is needed with Clang v. 7svn (HEAD) 2018-06-23 snapshot.

Add MDC, MDI, MDI-X, MDIO

remove core list, portmaster list, releng list, and developer list.

...as proposed several times in several places back in 2009/2010.

this info can all be found on the website (where it's more accurate) and
has no place in a document describing the installation of netbsd.

Disable all contemporary mode 1 quirks.

If mode 1 enable check fails, give mode 1 a second chance by trying to
use it to locate a PCI Host Bridge or device from vendor that produced
a chipset lacking a Host Bridge class device.

Should allow us to remove most all the mode 1 quirks added in the last
two decades.

make compile without DDB

PR port-xen/50282

The s in AST is system.
Add RC and common use of IPL, previous entry was from the world of s/360

add a kobj_error() to a recently added error case

Fix integer overflow in installboot(8)

Add a sanity check of the disk_buf first three bytes. The original code on
a disk with nul bytes was causing integer overflow and thus calling the
memcmp(3) functin in is_zero() with enormous length.

Verity that the 0th byte is JMP, 1th a signed byte >=9 to prevent overflow
and 2th byte NOP.

Add a comment explaining the check.

Detected with MKSANITIZER and ASan.

Add acpiecdt* at acpi?.

Fix current version of tzcode for ticket #809.

remove the xen XSAVE entry, needs more work before it can be enabled

Tickets #891, #892, #893, #894, #895, #896 and #897.

Pull up the following, via patch, requested by maxv in ticket #897:

        sys/arch/amd64/amd64/locore.S           1.166 (patch)
        sys/arch/i386/i386/locore.S             1.157 (patch)
        sys/arch/x86/include/cpu.h              1.92 (patch)
        sys/arch/x86/include/fpu.h              1.9 (patch)
        sys/arch/x86/x86/fpu.c                  1.33-1.39 (patch)
        sys/arch/x86/x86/identcpu.c             1.72 (patch)
        sys/arch/x86/x86/vm_machdep.c           1.34 (patch)
        sys/arch/x86/x86/x86_machdep.c          1.116,1.117 (patch)

Support eager fpu switch, to work around INTEL-SA-00145.
Provide a sysctl machdep.fpu_eager, which gets automatically
initialized to 1 on affected CPUs.

Note import of dhcpcd-7.0.6.

Pull up the following, requested by roy in ticket #896:

        external/bsd/dhcpcd/dist/src/common.c           up to 1.1.1.5
        external/bsd/dhcpcd/dist/src/defs.h             up to 1.1.1.14
        external/bsd/dhcpcd/dist/src/dhcpcd.8.in        up to 1.1.1.10
        external/bsd/dhcpcd/dist/src/dhcpcd.c           up to 1.13
        external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in   up to 1.1.1.10
        external/bsd/dhcpcd/dist/src/duid.c             up to 1.1.1.3

Import dhcpcd 7.0.6.

fix intrctl_io_firstline() to properly return NULL if there are no records
to show

Pull up following revision(s) (requested by kamil in ticket #895):

        usr.sbin/sysinst/util.c: revision 1.9

Fix invalid free(3) in sysinst(8)

The path variable is assigned with an allocation on the heap with
strdup(3). Later this pointer is changed with strsep(3) and this caused
invalid free(3).

Store the original pointer in a new helper variable opath and pass it to
free(3). With this change, the problem is going away.

Detected with MKSANITIZER=yes with AddressSanitizer.

Pull up following revision(s) (requested by pgoyette in ticket #894):

        sys/dev/ata/ata_raid.c: revision 1.40

Call config_cfattach_attach() regardless of whether the module is
being built as part of a kernel or as a external module.

Addresses kern/53389 - thanks for the report!

XXX pullup-8

Pull up following revision(s) (requested by maxv in ticket #893):

        sys/netinet6/icmp6.c: revision 1.228,1.230

Remove the RH0 code from ICMPv6. RH0 is deprecated by RFC5095 (2007) for
security reasons. We already removed it in Route6.

In addition there was an mbuf bug here: calling IP6_EXTHDR_GET twice with
the same offset, but still using the pointer from the first call, which
could have been made invalid. By luck, m_pulldown leaves zero-sized mbufs
in place, instead of freeing them.

And in general, using a 'finaldst' pointer on the mbuf, and then modifying
that mbuf with IP6_EXTHDR_GET with a smaller offset, was really error-
prone.

Fix 'icmp6len', it shouldn't be ip6_plen, because we may not be at the
beginning of the packet (off+ip6_plen is beyond the end of the mbuf). By
luck, the IP6_EXTHDR_GET that follows will fail and prevent buffer
overflows in non-jumbogram packets.

For jumbograms we will probably be in trouble here; but it doesn't seem
possible to craft reliably a jumbogram for a non-jumbogram-enabled device.

So I don't think it's a huge problem.