HardenedBSD/src 593a6fc. CONTRIBUTING.md, stand/efi/loader/arch/amd64 trap.c

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+6-4stand/efi/loader/arch/amd64/trap.c
+2-2sys/kern/sys_pipe.c
+3-1CONTRIBUTING.md
+2-2sys/kern/kern_sysctl.c
+13-94 files

HardenedBSD/src f24d18a. CONTRIBUTING.md, stand/efi/loader/arch/amd64 trap.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+6-4stand/efi/loader/arch/amd64/trap.c
+3-1CONTRIBUTING.md
+2-2sys/kern/kern_sysctl.c
+2-2sys/kern/sys_pipe.c
+13-94 files

HardenedBSD/src 4fa781csys/compat/linux linux_file.c, sys/kern kern_event.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+110-68sys/compat/linux/linux_file.c
+1-1sys/kern/kern_event.c
+1-1sys/sys/event.h
+112-703 files

HardenedBSD/src 93043c6sys/kern kern_event.c, sys/sys event.h

by Dag-Erling Smørgrav (des) on ⎇
kqueue: Make kn_sfflags unsigned

This is used to hold a copy of the original fflags, which is unsigned.

MFC after:      3 days
Reviewed by:    kib, markj
Differential Revision:  https://reviews.freebsd.org/D55348

(cherry picked from commit d379432808ed286dc051a34138ae250addbc469c)
DeltaFile
+1-1sys/kern/kern_event.c
+1-1sys/sys/event.h
+2-22 files

HardenedBSD/src 86a6407sys/compat/linux linux_file.c

by Rick Macklem (rmacklem) on ⎇
linux_file.c: Fix handling of NFS getdents() emulation

Bugzilla PR#292282 reports a problem, where a Linux
binary running in the Linuxulator gets bogus entries
in a readdir()/getdents() reply when the directory is
an NFS mount.

This appears to be caused by the NFS client including
entries with d_fileno == 0, which are always ignored by
BSD, but are not ignored by Linux.

This patch filters out the "d_fileno == 0" entries and
the reporter of the bugzilla PR notes that it fixes the
problem for him.

It could be argued that the NFS client should filter out
the "d_fileno == 0" entries, but the NFS client readdir
code is "fragile" and any change to it runs a significant
risk of causing regression type problems.

    [7 lines not shown]
DeltaFile
+110-68sys/compat/linux/linux_file.c
+110-681 files

HardenedBSD/src fa77660sys/kern sys_pipe.c

by Mark Johnston (markj) on ⎇
pipe: Avoid unnecessary priv_check() calls in pipespace_new()

Running out of pipe map KVA is a rare case, so reorder checks
accordingly, presuming that calling priv_check() is more expensive than
the calculation.  In particular, priv_check() might not be cheap to
evaluate if MAC hooks are installed.

Reviewed by:    olce, kib
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D55378
DeltaFile
+2-2sys/kern/sys_pipe.c
+2-21 files

HardenedBSD/src 0fa6ce2sys/kern kern_sysctl.c

by Mark Johnston (markj) on ⎇
sysctl: Avoid calling priv_check() unnecessarily

After commit 7d1d9cc440f80 we only serialize large sysctl requests for
non-root users, but we should avoid calling priv_check() unless the
request actually is large, as that's not the common case.  In
particular, priv_check() might not be cheap to evaluate if MAC hooks are
installed.

Reviewed by:    olce, kib
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D55377
DeltaFile
+2-2sys/kern/kern_sysctl.c
+2-21 files

HardenedBSD/src 80950a0. CONTRIBUTING.md

by Warner Losh (imp) on ⎇
CONTRIBUTING.md: Github to Phabricator move adivce

When moving from Github to Phabricator, request that the original github
pull request be closed with the URL of the Phab. This cuts down on
clutter and helps us track things better.

Sponsored by:           Netflix
DeltaFile
+3-1CONTRIBUTING.md
+3-11 files

HardenedBSD/src 23605a8stand/efi/loader/arch/amd64 trap.c

by Toomas Soome (tsoome) on ⎇
loader.efi: efi_redirect_exceptions does use uninitialized pointer

loader_idt.rd_base is not set when we are attempting to bcopy(),
resulting to data stored to page 0 and therefore corrupting it.

Reviewed by:    kib
Differential Revision:  https://reviews.freebsd.org/D55180
DeltaFile
+1-0stand/efi/loader/arch/amd64/trap.c
+1-01 files

HardenedBSD/src f2186bbstand/efi/loader/arch/amd64 trap.c

by Toomas Soome (tsoome) on ⎇
loader.efi: free_tables() appears to free tss_pa twice.

we check and reset loader_gdt_pa, but use FreePages(tss_pa).

Reviewed by:    kib
Differential Revision:  https://reviews.freebsd.org/D55179
DeltaFile
+5-4stand/efi/loader/arch/amd64/trap.c
+5-41 files

HardenedBSD/src 51620bfstand/efi/loader/arch/amd64 trap.c, sys/dev/sound/pcm channel.c

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+64-85sys/kern/kern_procctl.c
+15-1sys/dev/sound/pcm/channel.c
+2-2stand/efi/loader/arch/amd64/trap.c
+81-883 files

HardenedBSD/src a7290bcstand/efi/loader/arch/amd64 trap.c, sys/dev/sound/pcm channel.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+64-85sys/kern/kern_procctl.c
+15-1sys/dev/sound/pcm/channel.c
+2-2stand/efi/loader/arch/amd64/trap.c
+81-883 files

HardenedBSD/src f715995include exterr.h, lib/libc/gen uexterr_gettext.3 err.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+183-0tests/sys/kern/pdrfork.c
+71-0lib/libc/gen/uexterr_gettext.3
+23-3lib/libsys/pdfork.2
+5-0sys/kern/kern_fork.c
+2-2lib/libc/gen/err.c
+1-2include/exterr.h
+285-75 files not shown
+291-911 files

HardenedBSD/src 3deae7bsys/dev/sound/pcm channel.c

by Christos Margiolis (christos) on ⎇
sound: Detect unsupported formats

This way we can avoid edge-cases like
8af6aee96ed609456900c6dd92dafabac5e89c0a ("virtual_oss(8): Remove
floating point formats from preference list").

Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Reviewed by:    emaste
Differential Revision:  https://reviews.freebsd.org/D55403
DeltaFile
+15-1sys/dev/sound/pcm/channel.c
+15-11 files

HardenedBSD/src d5dd331usr.sbin/pw pw.8

by Maxim Konovalov (maxim) via Dmitry Morozovsky (marck) on ⎇
pw.8: spell

(cherry picked from commit 66797b469ee3e303c5e228bea1e244f433e666e1)
DeltaFile
+1-1usr.sbin/pw/pw.8
+1-11 files

HardenedBSD/src 677bbfftests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: should wait for the child to exit

(cherry picked from commit f90ee665d035a5e4aea0bcaa18793e683ea253ed)
DeltaFile
+3-2tests/sys/kern/pdrfork.c
+3-21 files

HardenedBSD/src 558b761tests/sys/kern pdrfork.c Makefile

by Alan Somers (asomers) via Konstantin Belousov (kib) on ⎇
Add tests for pdrfork

(cherry picked from commit d1e6057fa47e842c63461b64b29ac5d3e9fdad76)
DeltaFile
+187-0tests/sys/kern/pdrfork.c
+1-0tests/sys/kern/Makefile
+188-02 files

HardenedBSD/src c2c3881tests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: catch runaway child for EFAULT test

(cherry picked from commit 44843695bc4e36abd15835d627da7d38c06f2219)
DeltaFile
+10-0tests/sys/kern/pdrfork.c
+10-01 files

HardenedBSD/src e3fda88tests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: RFPROCDESC|RFPROC are required

(cherry picked from commit 68ba270f4fc7799929a3d59d710f44e5e9087def)
DeltaFile
+2-44tests/sys/kern/pdrfork.c
+2-441 files

HardenedBSD/src 7a1c336tests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: do not rely on (int *)-1 being invalid address

(cherry picked from commit d6bf2d14a941a88e27a82a3f91790353e134b8f6)
DeltaFile
+8-2tests/sys/kern/pdrfork.c
+8-21 files

HardenedBSD/src b0551b0lib/libc/gen uexterr_gettext.3 Makefile.inc, share/man/man9 exterror.9

by Konstantin Belousov (kib) on ⎇
libc: add man page for uexterr_gettext(3)

(cherry picked from commit a03f285afafae243396c9bc7892cbe717a3ac37d)
DeltaFile
+71-0lib/libc/gen/uexterr_gettext.3
+2-1share/man/man9/exterror.9
+1-0lib/libc/gen/Makefile.inc
+74-13 files

HardenedBSD/src 396d709tests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: enable on x86

(cherry picked from commit 793e891f4ad1ef450f562a241fb0bd3b21d72251)
DeltaFile
+20-9tests/sys/kern/pdrfork.c
+20-91 files

HardenedBSD/src e166a6etests/sys/kern pdrfork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2) tests: split basic_usage

(cherry picked from commit 94e4de77dec809fa5a6975e3495a41d1924c25ad)
DeltaFile
+19-9tests/sys/kern/pdrfork.c
+19-91 files

HardenedBSD/src afe6868lib/libsys pdfork.2

by Konstantin Belousov (kib) on ⎇
pdfork.2: add EFAULT as possible error, explain some consequences of it

(cherry picked from commit db80ea9b88628168d2bb7f17a60b73568a8ea102)
DeltaFile
+18-0lib/libsys/pdfork.2
+18-01 files

HardenedBSD/src fea8849lib/libsys pdfork.2, sys/kern kern_fork.c

by Konstantin Belousov (kib) on ⎇
pdrfork(2): do require RFPROCDESC | RFPROC

(cherry picked from commit b05be03ceea0a95f7783ddc890885f34bb4023d4)
DeltaFile
+5-3lib/libsys/pdfork.2
+5-0sys/kern/kern_fork.c
+10-32 files

HardenedBSD/src fd91b1flib/libc/gen err.c

by Konstantin Belousov (kib) on ⎇
libc: print extended errors from warn(3) and vwarn(3)

(cherry picked from commit ffbf95907039821b69dfe1607d1695b46af82e35)
DeltaFile
+2-2lib/libc/gen/err.c
+2-21 files

HardenedBSD/src 6a263d7include exterr.h, lib/libc/gen uexterr_format.c

by Konstantin Belousov (kib) on ⎇
libc: improve include usage for exterror sources

(cherry picked from commit 1443a455a96e587a7b49608def79495e9d74513f)
DeltaFile
+1-2include/exterr.h
+1-0lib/libc/gen/uexterr_format.c
+2-22 files

HardenedBSD/src 0e67c3fsys/kern kern_procctl.c

by Konstantin Belousov (kib) on ⎇
reap_kill_subtree_once(): reap_kill_proc_work() might drop proctree_lock

Due to this, restart the iteration over the p_reapsiblings if the lock
was dropped.

Reviewed by:    markj
Tested by:      pho
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D55288
DeltaFile
+8-3sys/kern/kern_procctl.c
+8-31 files

HardenedBSD/src be14071sys/kern kern_procctl.c

by Konstantin Belousov (kib) on ⎇
procctl(PROC_REAP_KILL): use pgrp pg_killsx sx to sync with fork

PROC_REAP_KILL must guarantee that all reaper descendants are signalled.
In particular, it must ensure that forked but not yet fully linked
descendants cannot escape killing. Currently, proc_reap() fullfils the
guarantee by single-threading stopping the target process, which moves
the target to the userspace boundary, so the target cannot fork while
the signal is sent.

Single-threading has undesirable effect of sometimes terminating sleeps
with EINTR.

Since the time that the bug with PROC_REAP_KILL was fixed, we grow
the pg_killsx mechanism that is similarly used by the process group
signalling to ensure that no member of the process group escapes.
Reuse pg_killsx for PROC_REAP_KILL as well.

Besides the functional change of no longer causing spurious EINTR, not
single-threading the target means that we no longer need to delegate the

    [9 lines not shown]
DeltaFile
+54-84sys/kern/kern_procctl.c
+54-841 files

HardenedBSD/src 5c8af59sys/kern kern_procctl.c

by Konstantin Belousov (kib) on ⎇
procctl(PROC_REAP_KILL): align error reporting with pgkill(2)

ESRCH from cr_cansignal() means that the target process should be not
visible to the initiator.  So do not report pids with ESRCH result.

Noted by:       markj
Reviewed by:    markj, olce
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D55341
DeltaFile
+5-1sys/kern/kern_procctl.c
+5-11 files