r337813 markj Aug. 14, 2018, 7:21 p.m.
Reported and reviewed by: kib
X-MFC with:	r337715
Sponsored by:	The FreeBSD Foundation
ViewVC
r337812 dab Aug. 14, 2018, 7:12 p.m.
The libkqueue tests have several places that leak memory by using an
idiom like:

puts(kevent_to_str(kevp));

Rework to save the pointer returned from kevent_to_str() and then
free() it after it has been used.

Reported by:	asomers (pointer to Coverity), Coverity
CID:		1296063, 1296064, 1296065, 1296066, 1296067, 1350287, 1394960
Sponsored by:	Dell EMC
ViewVC
r337811 loos Aug. 14, 2018, 6:58 p.m.
Tested on SG-3100 (ARMADA38X) and Espresso.bin (A37x0).  Fixes the network
on espresso.bin.

Sponsored by:	Rubicon Communications, LLC (Netgate)
ViewVC
r337810 kevans Aug. 14, 2018, 6:58 p.m.
Bugfix release, nothing too major.

Tested with:	lualoader via userboot, lualoader live
Differential Revision:	https://reviews.freebsd.org/D16665
ViewVC
r337809 imp Aug. 14, 2018, 6:45 p.m.
directly because they are the same thing.

Reviewed by: kevans@
ViewVC
r337808 imp Aug. 14, 2018, 6:45 p.m.
overflow dance. This avoids compile errors on latter-day gcc compilers
as well as simplifies the generated code.

Reviewed by: kevans@
ViewVC
r337807 imp Aug. 14, 2018, 6:45 p.m.
have INT64 floats and somehow snuck through unused until now.

Reviewed by: kevans@
ViewVC
r337806 imp Aug. 14, 2018, 6:44 p.m.
Create loader_{4th,lua,simp}{,.efi}. All of these are installed by
default. Create LOADER_DEFAULT_INTERP to specify the default
interpreter when no other is specified. LOADER_INTERP is the current
interpreter language building. Turn building of lua on by default to
match 4th. simploader is a simplified loader build w/o any interpreter
language (but with a simple loader).  This is the historic behavir you
got with WITHOUT_FORTH. Make a hard link to the default loader. This
has to be a hard link rather than the more desirable soft link because
older zfsboot blocks don't support symlinks.

RelNotes: Yes
Differential Revision: https://reviews.freebsd.org/D16705
ViewVC
r337805 kevans Aug. 14, 2018, 6:35 p.m.
Previous iteration of this assumed that these won't fail because we've
already setup the jail param to this point, but the allocations could still
fail in pretty bad conditions.

Admit that it's possible and return (ENOENT, EINVAL, ENOMEM, or 0) when
deleting arguments. EINVAL shouldn't happen since we're passing optarg;
which may satisfy *optarg == '\0' but never optarg == NULL.

CID:		1394885, 1394901
ViewVC
r337800 kevans Aug. 14, 2018, 6:11 p.m.
Amongst them:
- Resource leaks
- Logically dead code
- Unused values
- Null termination issues

Reported by:	asomers (pointer to Coverity), Coverity
CID:		1394777, 1394791, 1394830, 1394844, 1394872, 1394894,
CID:		1394900, 1394907, 1394950, 1394965
ViewVC
r337791 jkim Aug. 14, 2018, 5:48 p.m.
r337788 jtl Aug. 14, 2018, 5:36 p.m.
to the reassembly code in r337778, r337780, r337781, r337782, and
r337783.

Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
ViewVC
r337787 jtl Aug. 14, 2018, 5:32 p.m.
Currently, the limits are quite high. On machines with millions of
mbuf clusters, the reassembly queue limits can also run into
the millions. Lower these values.

Also, try to ensure that no bucket will have a reassembly
queue larger than approximately 100 items. This limits the cost to
find the correct reassembly queue when processing an incoming
fragment.

Due to the low limits on each bucket's length, increase the size of
the hash table from 64 to 1024.

Reviewed by:	jhb
Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
ViewVC
r337786 jtl Aug. 14, 2018, 5:30 p.m.
In particular, try to ensure that no bucket will have a reassembly
queue larger than approximately 100 items. This limits the cost to
find the correct reassembly queue when processing an incoming
fragment.

Due to the low limits on each bucket's length, increase the size of
the hash table from 64 to 1024.

Reviewed by:	jhb
Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
ViewVC
r337785 kib Aug. 14, 2018, 5:29 p.m.
On the guest entry in bhyve, flush L1 data cache, using either L1D
flush command MSR if available, or by reading enough uninteresting
data to fill whole cache.

Flush is automatically enabled on CPUs which do not report RDCL_NO,
and can be disabled with the hw.vmm.l1d_flush tunable/kenv.

Security:	CVE-2018-3646
Reviewed by:	emaste. jhb, Tony Luck <tony.luck@intel.com>
Sponsored by:	The FreeBSD Foundation
ViewVC