347a8ed1 emaste Jan. 21, 2019, 5:12 p.m.
Most siginfo_to_lsiginfo callers already zeroed the l_siginfo_t before
callit it, but linux_waitid did not.  Instead of zeroing in the called
function to address linux_waitid (as in commit 2e6ebe70), just do it in
linux_waitid.

admbugs:	765
Reported by:	Vlad Tsyrklevich <vlad@tsyrklevich.net>
Reviewed by:	Andrew
MFC after:	1 day
Security:	Kernel stack memory disclosure
Sponsored by:	The FreeBSD Foundation
cgit ViewVC
1b1f24b9 emaste Jan. 21, 2019, 4:25 p.m.
admbugs:	765
Reported by:	Vlad Tsyrklevich <vlad@tsyrklevich.net>
Reviewed by:	andrew
MFC after:	1 day
Security:	Kernel memory disclosure
Sponsored by:   The FreeBSD Foundation
cgit ViewVC
9866e7bb emaste Jan. 21, 2019, 4:21 p.m.
admbugs:	765
Reported by:	Vlad Tsyrklevich <vlad@tsyrklevich.net>
Reviewed by:	andrew
MFC after:	1 day
Security:	Kernel stack memory disclosure
Sponsored by:	The FreeBSD Foundation
cgit ViewVC
4308a374 emaste Jan. 21, 2019, 4:19 p.m.
admbugs:	765
Reported by:	Vlad Tsyrklevich <vlad@tsyrklevich.net>
Reviewed by:	andrew
MFC after:	1 day
Security:	Kernel stack memory disclosure
Sponsored by:	The FreeBSD Foundation
cgit ViewVC
6b27f978 gjb Jan. 21, 2019, 3:27 p.m.
Submitted by:	Larry Hynes
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
cgit ViewVC
649a5cd5 kevans Jan. 21, 2019, 2:35 p.m.
U-Boot will leave the ephy reset de-asserted and the MAC soft reset will
fail on these boards with internal PHY and no link established. Toggle reset
again before proceeding to attach/init.

MFC after:	1 week
cgit ViewVC
5e86819c dim Jan. 21, 2019, 6:52 a.m.
clang executable (with all options except targets off) build.
cgit ViewVC
51a3cc6c avos Jan. 21, 2019, 4:50 a.m.
Do not invoke 'wlan_up' function from devd(8) on interface
creation event (an example to create such event:
'ifconfig wlan0 create wlandev rtwn0');
they're typically produced during 'service netif (re)start'
and result in duplicate interface initialization.

From the user side if WPA option is used, this result in messages like:
- /etc/rc.d/wpa_supplicant: WARNING: failed to start wpa_supplicant
or
- wpa_supplicant already running?  (pid=xxxx).
(for HOSTAP interfaces this race may result in startup failure).

As a side effect, wpa_supplicant(8) / hostapd(8) will not be
invoked when new wlan(4) interface is created manually and
corresponding configuration for it is present in rc.conf(5).

This change does not affect device attach / removal events.

MFC after:	5 days
cgit ViewVC
109b5c10 markj Jan. 21, 2019, 3:57 a.m.
Test failures don't seem to propagate up if atf_check is run in
a pipeline.  Thus, the tests continued to pass despite the bug reverted
in r343245.

MFC after:	1 week
cgit ViewVC
33a28349 markj Jan. 21, 2019, 3:47 a.m.
It breaks the special mode specified by passing "-" as one of the
input files.  Revert for now while we discuss a fix.

PR:		234885
Reported by:	delphij
MFC after:	now
cgit ViewVC
271b714d avos Jan. 21, 2019, 3:38 a.m.
MFC after:	5 days
cgit ViewVC
afbc939b kevans Jan. 21, 2019, 1:45 a.m.
Obtained from:	DragonFlyBSD (obtained from Haiku)
MFC after:	1 week
cgit ViewVC
c15f336d avos Jan. 21, 2019, 12:53 a.m.
- Check if buffer can contain Rx descriptor before accessing it.
- Verify upper / lower bounds for frame length.
- Do not pass too short frames into ieee80211_find_rxnode().

While here:
- Move cleanup to the function end.
- Reuse IEEE80211_IS_DATA() macro.

MFC after:	1 week
cgit ViewVC
d4e1661a avos Jan. 21, 2019, 12:09 a.m.
While here, add missing trace 'end' marker in iwn5000_attach().

MFC after:	1 week
cgit ViewVC
fb10d4ee avos Jan. 21, 2019, 12:03 a.m.
- Discard frames that are bigger than MCLBYTES (to prevent buffer overrun).
- Check buffer length before accessing its contents.
- Fix len <-> dmalen check - the last includes Rx Wireless information
structure size.
- Fix out-of-bounds read during Rx node search for ACK / CTS frames
(monitor mode only).

While here:
- Mark few suspicious places with comments.
- Move common cleanup to the function end.

MFC after:	1 week
cgit ViewVC