chore: asmc: use designated initializers in macros
This code cleanup makes it easier for human readers to understand what each
of the fields actually represents, as well as makes it easier to modify
what the macros actually do under the covers, without introducing
potential human errors.
No functional change intended.
MFC after: 1 week
asmc: use symbolic names with the MacPro3,1 model
Use `ASMC_LIGHT_FUNCS_DISABLED` and `ASMC_SMS_FUNCS_DISABLED` instead of
the unrolled versions of the macros.
This makes it easier to adjust the underlying macros/fields for
`struct asmc_model`.
No functional change intended.
MFC after: 1 week
asmc: use `ASMC_FAN_FUNCS2` with the Macmini4,1
The Macmini4,1 model does not have "fansafespeed" support. This issue
typically manifests with messages like so:
```
asmc0: asmc_key_read for key F0Sf failed 10 times, giving up
```
Swap out `ASMC_FAN_FUNCS` with `ASMC_FAN_FUNCS2` to explicitly drop
"fansafespeed" checks in the driver for the model as it doesn't support
that hardware feature.
MFC after: 1 week
Reported by: @probonopd
Closes: https://github.com/helloSystem/ISO/issues/357
ipfilter: Interface name must not extend beyond end of buffer
sifpidx (an interface name) cannot extend beyond the end of the
fr_names buffer.
We do the validation for fr_sifpidx here because it is a union that
contains an offset only when fr_sifpidx points to an interface name,
an offset into fr_names. The union is an offset into fr_names in this
case only.
interr_tbl now becomes a static variable outside a function to facilitate
its use by two functions within fil.c
Note that sifpidx is only used in ipf_sync() which implments ipf -y.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after: 1 week
(cherry picked from commit 47fb51847fdea3f1cce841b5f2bbbcd6f8a04ee0)
ipfilter: Fix possible overrun
The destination buffer is FR_GROUPLEN (16 bytes) in length. When
gname is created, the userspace utilities correctly use FR_GROUPLEN
as the buffer length. The kernel should also limit its copy operation to
FR_GROUPLEN bytes to avoid any user written code from exploiting this
vulnerability.
Reported by: Ilja Van Sprundel <ivansprundel at ioactive.com>
(cherry picked from commit e40817302ebdf89df2f3bcd679fb7f2a18c244dc)
bhyve: fix USB mouse requests
USB HCI requests may not include HCI transfer block structures (i.e.,
xfer->data[] == NULL), but in several places, the USB mouse emulation
code assumes one will exist. This can lead to a NULL pointer dereference
and a SEGV in the bhyve process as observed via experiments with an
Ubuntu guest and PyUSB code. Note that many of the cases processing
other request types already checked for data == NULL.
While in the neighborhood, fix a typo in the loop iterating over the
usb_data_xfer_block array which used the wrong variable to check for
valid data (idx vs. i).
Reported by: danmcd at edgecast.io
Obtained from: SmartOS
MFC after: 1 week
Relnotes: yes
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D54661
bhyve: Fix unchecked stream I/O in RFB handler
Convert rfb_send_* helpers to return status codes and check their
results. Add missing checks for stream_read() and stream_write() returns
during the handshake in rfb_handle() to avoid acting on failed I/O.
Signed-off-by: Hayzam Sherif <hayzam at gmail.com>
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55343
OptionalObsoleteFiles: Don't mark /usr/lib/debug/boot directory obsolete
The intent of the currect code is to ignore anything under
/usr/lib/debug/boot/*. But we also should make sure that
/usr/lib/debug/boot directory is also ignored and is not marked
obsolete. If we don't do that, `make DBATCH_DELETE_OLD_FILES
delete-old` will try to rmdir(1) this directory, which will cause an
error, since /usr/lib/debug/boot may have nested directories like
kernel/ and modules/.
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D55077
vmm: Enable unprivileged bhyve
- Add the vmm group.
- Let /dev/vmmctl belong to the vmm group by default, and give group
write permissions.
- When creating a VM's device files, make them owned by the creating
process' effective UID.
Reviewed by: bnovkov
MFC after: 2 months
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54741
vmm: Add privilege checks to vmmctl operations
In preparation for supporting creation of VMs by unprivileged users, add
some restrictions:
- Disallow creation of non-transient VMs by unprivileged users. That
is, if an unprivileged user creates a VM, the VM must be destroyed
automatically once the last fd referencing it is gone.
- Disallow destroying VMs created by a different user, unless the caller
has the PRIV_VMM_DESTROY privilege.
Reviewed by: bnovkov
MFC after: 2 months
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54740
vmm.4: Add information on VM access control
Add a section to vmm.4 explaining how vmm device file ownership works.
MFC after: 2 months
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54742
vmm: Start using exterror
For now, just describe the error where an unprivileged user attempts to
run a VM without DESTROY_ON_CLOSE semantics, i.e., monitor mode.
Reviewed by: bnovkov
MFC after: 2 months
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54743