MT_DMASHDL_SW_CONTROL is accessed via remapping. Define it with
the explicit address 0x7c026004 as Linux does to avoid confusion.
While here, remove duplicate definitions of MT_PCIE_MAC_BASE and
MT_PCIE_MAC_INT_ENABLE.
ok claudio@
Avoid recursive cleanup in getrrsetbyname()
Instead of freeing struct dns_query and struct dns_rr by walking the
linked lists recursively, use a simple loop. This avoids a possible
stack exhaustion unlikely to be reachable with the limits modern
resolvers impose.
From Dhiraj Mishra
ok djm
avoid leaking memory when mbuf chain allocations fail in tun_dev_write()
the mbufs built by tun_dev_write used to be limited to a single
mbuf and cluster, but has grown in complexity now that it supports
tun_hdr and tso, which required building mbuf chains. some of the
error handling when allocating mbuf bits wasnt adapted to free the
preceding chain when later allocaitons failed, resulting in a memory
leak.
reported by frank denis
rpki-client: fix ip_addr_check_overlap()
There is an off-by-one in the ip_addr_check_overlap() logic which allows
a newly added interval to overlap in a common end point with an interval
already in the list. Disallow equality in the two memcmp to avoid this.
This bug dates back to the initial import of rpki-client where malformed
certificates would be accepted. In modern rpki-client, the impact of this
has been minimal ever since we started requiring that libcrypto support
the RFC 3779 extensions in early 2022 by disallowing unknown critical
extensions (rpki-client 7.6):
For certificates this duplicates a check in the X.509 verifier (where it
is correct). For TA constraints we have a canonicalization procedure that
ensures the absence of overlaps. For ROAs no such check can be made since
standards historically haven't required that addresses are canonical and
still don't. The only remaining use of this API is from rsc.c where the
overlap condition is indeed a small problem.
[3 lines not shown]
rpki-client: fix shortlist and skiplist checks
Ensure that each le->fqdn is fully matched. If the the host in the SIA
is short and matches a prefix of an FQDN in the shortlist or skiplist,
the current checks in queue_add_from_cert() will incorrectly trigger.
Compute the host length once and by checking it against the length of
each le->fqdn ensure that it is an exact case sensitive match, rather
than only a prefix.
Found by Frank Denis
ok claudio job
detect out of bound reads from an int overflow in the bpf_mem backends.
frank denis reported a problem in bpf_mem_ldw where a large indirect
load offset could have the end of buffer calculation land at UINT_MAX
and wrap, allowing a read of memory outside the buffer.
this change tweaks the buffer checks by checking if the load offset
is in range, taking that away from the buffer length, and then
checking if the size of the load is in the remaining buffer length.
this is the pattern that the bpf_mbuf_ops backend uses.
this problem also exists in bpf_mem_ldh, so this code is factored
out and used in all the bpf_mem_ops load backends.
note that this issue is specific to the bpf_mem_ops backend used
for running bpf filters against a vanilla memory buffer. this backend
is largely unused in the kernel, which almost always uses the
bpf_mbuf_ops backend to run filters against network packets in
mbufs. the bpf_mem_ops are only used by ppp(4) for the "active-filter"
[8 lines not shown]
Do sleeping malloc() and copyin() before checks within sys_semop().
Otherwise the semaphore id referenced by `semaptr' could be destroyed
or replaced during context switch.
ok cludwig
Do not cache format for status line because it stores various pointers
that might be stale, instead cache the cmd_find_state and rebuild the
formats every time they are needed. Reported by Marcel Partap in GitHub
isue 5065.
x509_purp: fix doc comment for check_ca()
This comment has gotten out of sync with reality. The "I don't know..."
fallback was removed and a special case for netscape CAs was added.
Sync from the manual and add some more details.
Pointed out by Maximilian Radoy in
https://github.com/libressl/portable/issues/1274
ok kenjiro
asr regress: workaround due to removal of . from the path
Since . is no longer part of the default path, . regress.subr no longer
works. Use ${PWD}.
With this, the regress appears to mostly work except for what looks like
ordering issues and of course it isn't using bsd.regress.mk. I leave the
former to the DNS experts and the latter to the regress experts if they're
interested.
make ifconfig build without trunklacp.h
The only used part of trunklacp.h in ifconfig is LACP_STATE_BITS.
Add it to if_trunk.h so trunklacp.h can be removed.
ok dlg@
Use unsigned int for the length variable when traversing the others array.
Doing this in all places now after fixing an overflow in attr_optadd().
OK tb@ deraadt@
