commit 2e70fcbb154359d7eb5cebfa0c895887f3400ae0 Author: Glen Barber Date: Sun Mar 28 19:51:40 2021 -0400 13.0: update to RC4 Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC ("Netgate") commit 411cbdb1f298880a0100a633cd0508b70ac4c924 Author: Alexander V. Chernikov Date: Wed Mar 24 23:51:45 2021 +0000 Plug nexthop group refcount leak. In case with batch route delete via rib_walk_del(), when some paths from the multipath route gets deleted, old multipath group were not freed. PR: 254496 Reported by: Zhenlei Huang Approved by: re (gjb) (cherry picked from commit 47c00a9835926e96e562c67fa28e4432e99d9c56) commit 3765afa4dacf5850de984fede7f9b26760efac73 Author: Alexander V. Chernikov Date: Tue Mar 23 22:00:04 2021 +0000 Fix panic when destroying interface with ECMP routes. Reported by: Zhenlei Huang PR: 254496 Approved by: re (gjb) (cherry picked from commit af85312e8a6f34ea7c8af77b9841fab6b5559e25) commit 589d5d28a8119dac166346f890fa450e1b7b489c Author: Alexander V. Chernikov Date: Sun Mar 21 18:15:29 2021 +0000 Fix kassert panic when inserting multipath routes from multiple threads. Reported by: Marco Zec Approved by: re (gjb) (cherry picked from commit 42f997d9b721ce5b64c37958f21fa81630f5a224) commit 6f4f8a441aaab2e23a8e70ed0689daa05cec3ef4 Author: Alexander V. Chernikov Date: Mon Mar 8 21:35:41 2021 +0000 Flush remaining routes from the routing table during VNET shutdown. Summary: This fixes rtentry leak for the cloned interfaces created inside the VNET. Loopback teardown order is `SI_SUB_INIT_IF`, which happens after `SI_SUB_PROTO_DOMAIN` (route table teardown). Thus, any route table operations are too late to schedule. As the intent of the vnet teardown procedures to minimise the amount of effort by doing global cleanups instead of per-interface ones, address this by adding a relatively light-weight routing table cleanup function, `rib_flush_routes()`. It removes all remaining routes from the routing table and schedules the deletion, which will happen later, when `rtables_destroy()` waits for the current epoch to finish. Test Plan: ``` set_skip:set_skip_group_lo -> passed [0.053s] tail -n 200 /var/log/messages | grep rtentry ``` PR: 253998 Reported by: rashey at superbox.pl Reviewed By: kp Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D29116 (cherry picked from commit 8aafa7a0276302a0dcc3d0bd78b4d3842dfd1640) commit 367fcd5bce34bcd9aff540443a0d2e7fa5dbe90a Author: Alexander V. Chernikov Date: Mon Feb 8 23:29:05 2021 +0000 Fix blackhole/reject routes. Traditionally *BSD routing stack required to supply some interface data for blackhole/reject routes. This lead to varieties of hacks in routing daemons when inserting such routes. With the recent routeing stack changes, gateway sockaddr without RTF_GATEWAY started to be treated differently, purely as link identifier. This change broke net/bird, which installs blackhole routes with 127.0.0.1 gateway without RTF_GATEWAY flags. Fix this by automatically constructing necessary gateway data at rtsock level if RTF_REJECT/RTF_BLACKHOLE is set. Reported by: Marek Zarychta Reviewed by: donner Approved by: re (gjb) (cherry picked from commit 3489286a5f368e7fcf11a9691f9bb5df77abe9a3) commit d6616e3dbaeeb0cf336dda3eec1c5fa7faf8a5c5 Author: Emmanuel Vadot Date: Sat Mar 27 12:04:51 2021 +0100 release: amd64: Fix ISO/USB hybrid image Recent mkimg changes forces to have partitions given in explicit order. This is so we can have the first partition starting at a specific offset and the next ones starting after without having to specify an offset. Switch the partition in the mkisoimage.sh script so the first one created is the isoboot one. Approved by: re(gjb) PR: 254490 Reported by: Michael Dexter MFC after: Right now (cherry picked from commit 90d2f7c413f9fc4ac479fa5e91ba1de6d4ea8d45) (cherry picked from commit 08639983e0384556a37d19814f55417f604964a1) commit b56440b34356282a9b659366341d81e620e515e5 Author: Glen Barber Date: Tue Mar 23 20:47:14 2021 -0400 Makefile.inc1: unbreak bootstrap when kbdcontrol does not exist Approved by: re (cperciva) Submitted by: Evgeniy Khramtsov Reviewed by: arichardson Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 50179c5ec7d09d7b02497caf95dca5d33f93bcd9) (cherry picked from commit 1048c56784c0e1d044b6828b030f326e48eaba28) commit af6611e5adc69d791fc1441a1078ffb6c2ea12f0 Author: Mark Johnston Date: Thu Mar 25 17:55:20 2021 -0400 accept_filter: Fix filter parameter handling For filters which implement accf_create, the setsockopt(2) handler caches the filter name in the socket, but it also incorrectly frees the buffer containing the copy, leaving a dangling pointer. Note that no accept filters provided in the base system are susceptible to this, as they don't implement accf_create. Approved by: re (gjb) Reported by: Alexey Kulaev Discussed with: emaste Security: kernel use-after-free Sponsored by: The FreeBSD Foundation (cherry picked from commit 653a437c04440495cd8e7712c7cf39444f26f1ee) (cherry picked from commit c7d10e7ec872070a40bbddc3158b1997c1df09af) commit fa6d101e5f67246a6804577a9532676eae64c049 Author: Mark Johnston Date: Tue Mar 23 09:38:59 2021 -0400 pf: Handle unmapped mbufs when computing checksums Approved by: re (cperciva) PR: 254419 Reviewed by: gallatin, kp Tested by: Igor A. Valkov Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29378 (cherry picked from commit b93a796b06ec013a75a08ac43d8acf6aa94aa970) (cherry picked from commit 5fcab6fbcf8b99d1420e681731a07670c38defe3) commit c9b4e5e9ae398f3bb8ba85507d9710d8a73a1a04 Author: Gordon Tetlow Date: Thu Mar 25 23:38:52 2021 +0000 Add UPDATING entry for OpenSSL advisory and bump version number. Approved by: re (implicit) Approved by: so commit 72280d7e5734946e2592cfd8be6895c2b3fdf46b Author: Mark Johnston Date: Sun Mar 21 14:18:10 2021 -0400 rtsold: Fix validation of RDNSS options The header specifies the size of the option in multiples of eight bytes. The option consists of an eight-byte header followed by one or more IPv6 addresses, so the option is invalid if the size is not equal to 1+2n for some n>0. Check this. The bug can cause random stack data to be formatted as an IPv6 address and passed to resolvconf(8), but a host able to trigger the bug may also specify arbitrary addresses this way. Approved by: re (cperciva) Reported by: Q C Sponsored by: The FreeBSD Foundation (cherry picked from commit 1af332a7d8f86b6fcc1f0f575fe5b06021b54f4c) (cherry picked from commit e4bdf7ac2a32ba1f2402e06360e476ec804210e7) commit 1f84105d7abadc53a7671f83e44607788276406d Author: Jung-uk Kim Date: Thu Mar 25 12:17:52 2021 -0400 OpenSSL: Regen manual pages for 1.1.1k (cherry picked from commit 7595394130a163b7ff53d9ef3f28fcb87f629d17) Approved by: re (implicit) commit 7d3f5a19f455e0e3fb17ac3f9af288e8c7fffc15 Author: Jung-uk Kim Date: Thu Mar 25 11:45:19 2021 -0400 OpenSSL: Merge OpenSSL 1.1.1k Merge commit '94fa08a4bcdfbb3434b025d67d014af3b18e5380' (cherry picked from commit b6c1fdcdf5033d20c61cc77d66f58f31cc65e2ba) Approved by: re (implicit) commit 2a878f01f22fd7a238078305813e48597bbcbba0 Author: Lawrence Stewart Date: Wed Mar 24 15:25:49 2021 +1100 random(9): Restore historical [0,2^31-1] output range and related man documention. Commit SVN r364219 / Git 8a0edc914ffd changed random(9) to be a shim around prng32(9) and inadvertently caused random(9) to begin returning numbers in the range [0,2^32-1] instead of [0,2^31-1], where the latter has been the documented range for decades. The increased output range has been identified as the source of numerous bugs in code written against the historical output range e.g. ipfw "prob" rules and stats(3) are known to be affected, and a non-exhaustive audit of the tree identified other random(9) consumers which are also likely affected. As random(9) is deprecated and slated for eventual removal in 14.0, consumers should gradually be audited and migrated to prng(9). Submitted by: Loic Prylli Obtained from: Netflix Reviewed by: cem, delphij, imp MFC after: 1 day MFC to: stable/13, releng/13.0 Differential Revision: https://reviews.freebsd.org/D29385 Approved by: re (delphij) (cherry picked from commit dbbf3e3f37d67d3eae0931855f8b62b9b299b80a) commit 4f5b454509ab4f1b56a2c9456097ba18baff6609 Author: Dag-Erling Smørgrav Date: Wed Mar 10 14:18:59 2021 +0000 MFC: Fix post-start check when unbound.conf has moved. On behalf of: des Reported by: phk@ Sponsored by: Rubicon Communications, LLC ("Netgate") Approved by: re (cperciva) (cherry picked from commit 409388cfac49a312034e9397c870e3f81ff90734) (cherry picked from commit c6aa83342e5deccc51f627fcb92ca083fe798a3b) commit e011488bae5ae688a839e77b77e15f2231a5c148 Author: Dag-Erling Smørgrav Date: Wed Mar 10 14:01:38 2021 +0000 MFC: Fix local-unbound setup for some IPv6 deployments. On behalf of: des PR: 250984 Sponsored by: Rubicon Communications, LLC ("Netgate") Approved by: re (cperciva) (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f) (cherry picked from commit 34e12e9a177a1d2386a855eb5a497f6f8a680180) commit f979a90f4209418a26d858ca97b1497985bda0a7 Author: Alex Richardson Date: Mon Mar 1 14:27:30 2021 +0000 AArch64: Don't set flush-subnormals-to-zero flag on startup This flag has been set on startup since 65618fdda0f272a823e6701966421bdca0efa301. However, This causes some of the math-related tests to fail as they report zero instead of a tiny number. This fixes at least /usr/tests/lib/msun/ldexp_test and possibly others. Additionally, setting this flag prevents printf() from printing subnormal numbers in decimal form. See also https://www.openwall.com/lists/musl/2021/02/26/1 PR: 253847 Reviewed By: mmel Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D28938 (cherry picked from commit 0e4ff0acbe80c547988bede738af2e227c7eb47c) (cherry picked from commit d37fb0e37814db8f76462b3b9f1fb0e6dfca6324) commit 4ec92bce4ecea5fbd21757f1938ec1fd00d7de98 Author: Vincenzo Maffione Date: Sat Mar 20 17:15:50 2021 +0000 netmap: fix issues in nm_os_extmem_create() - Call vm_object_reference() before vm_map_lookup_done(). - Use vm_mmap_to_errno() to convert vm_map_* return values to errno. - Fix memory leak of e->obj. Approved by: re (gjb) Reported by: markj Reviewed by: markj MFC after: 1 week (cherry picked from commit ee7ffaa2e6e08b63efb4673610875d40964d5058) (cherry picked from commit 3e4127f8f2933029034ac618a0013f434cb4a420) commit f7e3976ed0336b338ae83cfaef68ef5094532040 Author: Vincenzo Maffione Date: Mon Mar 15 17:39:18 2021 +0000 netmap: fix memory leak in NETMAP_REQ_PORT_INFO_GET The netmap_ioctl() function has a reference counting bug in case of NETMAP_REQ_PORT_INFO_GET command. When `hdr->nr_name[0] == '\0'`, the function does not decrease the refcount of "nmd", which is increased by netmap_mem_find(), causing a refcount leak. Approved by: re (gjb) Reported by: Xiyu Yang Submitted by: Carl Smith MFC after: 3 days PR: 254311 (cherry picked from commit 0ab5902e8ad93d0a9341dcce386b6c571ee02173) (cherry picked from commit 120a4bd4e9d05147a9774a2ca4b4eff48e062442) commit a9c7d90862ef1214f5d9c4455d4519eec3a34570 Author: Brandon Bergren Date: Sun Feb 28 21:06:59 2021 -0600 [PowerPC] [PowerPCSPE] Fix multiple issues in fpsetmask(). Building R on powerpc64 exposed a problem in fpsetmask() whereby we were not properly clamping the provided mask to the valid range. This same issue affects powerpc and powerpcspe. Properly limit the range of bits that can be set via fpsetmask(). While here, use the correct fp_except_t type instead of fp_rnd_t. Reported by: pkubaj, jhibbits (in IRC) Sponsored by: Tag1 Consulting, Inc. Approved by: re (gjb) (Post-RC3 outstanding request approved for RC4) (cherry picked from commit 384ee7cc6e9e4ddc91a6e9e623fcbbe5826bce38) (cherry picked from commit 8b96d6ac04e7e761ec6b9eff47c801a2b89fbd6d) commit 064f09616c6745e96321313a6bebe0872f242eac Author: Brandon Bergren Date: Sun Feb 28 20:35:53 2021 -0600 [PowerPC64] Fix multiple issues in fpsetmask(). Building R exposed a problem in fpsetmask() whereby we were not properly clamping the provided mask to the valid range. R initilizes the mask by calling fpsetmask(~0) on FreeBSD. Since we recently enabled precise exceptions, this was causing an immediate SIGFPE because we were attempting to set invalid bits in the fpscr. Properly limit the range of bits that can be set via fpsetmask(). While here, use the correct fp_except_t type instead of fp_rnd_t. Reported by: pkubaj (in IRC) Sponsored by: Tag1 Consulting, Inc. Approved by: re (gjb) (Post-RC3 outstanding request approved for RC4) (cherry picked from commit dd95b39235dd81c890aa3cce02a5bb7f91f23803) (cherry picked from commit a79735386c46298274d71577ab6b4dd00be261cc) commit 3ef46634cd5a6ba0e156d5da095bbee5f63ec1cd Author: Nathan Whitehorn Date: Tue Mar 23 09:19:42 2021 -0400 Fix scripted installs on EFI systems after default mounting of the ESP. Because the ESP mount point (/boot/efi) is in mtree, tar will attempt to extract a directory at that point post-mount when the system is installed. Normally, this is fine, since tar can happily set whatever properties it wants. For FAT32 file systems, however, like the ESP, tar will attempt to set mtime on the root directory, which FAT does not support, and tar will interpret this as a fatal error, breaking the install (see https://github.com/libarchive/libarchive/issues/1516). This issue would also break scripted installs on bare-metal POWER8, POWER9, and PS3 systems, as well as some ARM systems. This patch solves the problem in two ways: - If stdout is a TTY, use the distextract stage instead of tar, as in interactive installs. distextract solves this problem internally and provides a nicer UI to boot, but requires a TTY. - If stdout is not a TTY, use tar but, as a stopgap for 13.0, exclude boot/efi from tarball extraction and then add it by hand. This is a hack, and better solutions (as in the libarchive ticket above) will obsolete it, but it solves the most common case, leaving only unattended TTY-less installs on a few tier-2 platforms broken. In addition, fix a bug with fstab generation uncovered once the tar issue is fixed that umount(8) can depend on the ordering of lines in fstab in a way that mount(8) does not. The partition editor now writes out fstab in mount order, making sure umount (run at the end of scripted, but not interactive, installs) succeeds. PR: 254395 Approved by: re (gjb) Reviewed by: gjb, imp MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D29380 (cherry picked from commit c2f16c595eb51c6e0cb6ece3f6f078d738019059) (cherry picked from commit 4601382e1362352f17a33e4ed38db5dcfe3f6be5)