11.1/releng-p1.diff - freebsd-patches - Rivoreo Source Code Repositories

 Index: UPDATING
 ===================================================================
 --- UPDATING	(版本 321309)
 +++ UPDATING	(版本 322342)
 @@ -16,6 +16,16 @@
  the tip of head, and then rebuild without this option. The bootstrap process
  from older version of current across the gcc/clang cutover is a bit fragile.

 +20170810	p1	FreeBSD-SA-17:06.openssh
 +			FreeBSD-EN-17:07.vnet
 +			FreeBSD-EN-17:08.pf
 +
 +	Fix OpenSSH Denial of Service vulnerability. [SA-17:06]
 +
 +	Fix VNET kernel panic with asynchronous I/O. [EN-17:07]
 +
 +	Fix pf(4) housekeeping thread causes kernel panic. [EN-17:08]
 +
  20170725:
  	11.1-RELEASE.

 Index: crypto/openssh/auth-passwd.c
 ===================================================================
 --- crypto/openssh/auth-passwd.c	(版本 321309)
 +++ crypto/openssh/auth-passwd.c	(版本 322342)
 @@ -66,6 +66,8 @@
  #define DAY		(24L * 60 * 60) /* 1 day in seconds */
  #define TWO_WEEKS	(2L * 7 * DAY)	/* 2 weeks in seconds */

 +#define MAX_PASSWORD_LEN	1024
 +
  void
  disable_forwarding(void)
  {
 @@ -87,6 +89,9 @@
  	static int expire_checked = 0;
  #endif

 +	if (strlen(password) > MAX_PASSWORD_LEN)
 +		return 0;
 +
  #ifndef HAVE_CYGWIN
  	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
  		ok = 0;
 Index: sys/conf/newvers.sh
 ===================================================================
 --- sys/conf/newvers.sh	(版本 321309)
 +++ sys/conf/newvers.sh	(版本 322342)
 @@ -44,7 +44,7 @@

  TYPE="FreeBSD"
  REVISION="11.1"
 -BRANCH="RELEASE"
 +BRANCH="RELEASE-p1"
  if [ -n "${BRANCH_OVERRIDE}" ]; then
  	BRANCH=${BRANCH_OVERRIDE}
  fi
 Index: sys/kern/sys_socket.c
 ===================================================================
 --- sys/kern/sys_socket.c	(版本 321309)
 +++ sys/kern/sys_socket.c	(版本 322342)
 @@ -675,6 +675,7 @@
  {
  	struct kaiocb *job;

 +	CURVNET_SET(so->so_vnet);
  	SOCKBUF_LOCK(sb);
  	while (!TAILQ_EMPTY(&sb->sb_aiojobq) && soaio_ready(so, sb)) {
  		job = TAILQ_FIRST(&sb->sb_aiojobq);
 @@ -698,6 +699,7 @@
  	ACCEPT_LOCK();
  	SOCK_LOCK(so);
  	sorele(so);
 +	CURVNET_RESTORE();
  }

  void
 Index: sys/netpfil/pf/pf.c
 ===================================================================
 --- sys/netpfil/pf/pf.c	(版本 321309)
 +++ sys/netpfil/pf/pf.c	(版本 322342)
 @@ -129,6 +129,8 @@
  #define	V_pf_tcp_secret_init		 VNET(pf_tcp_secret_init)
  VNET_DEFINE(int,			 pf_tcp_iss_off);
  #define	V_pf_tcp_iss_off		 VNET(pf_tcp_iss_off)
 +VNET_DECLARE(int,			 pf_vnet_active);
 +#define	V_pf_vnet_active		 VNET(pf_vnet_active)

  /*
   * Queue for pf_intr() sends.
 @@ -1441,6 +1443,12 @@
  			kproc_exit(0);
  		}

 +		/* Wait while V_pf_default_rule.timeout is initialized. */
 +		if (V_pf_vnet_active == 0) {
 +			CURVNET_RESTORE();
 +			continue;
 +		}
 +
  		/* Process 1/interval fraction of the state table every run. */
  		idx = pf_purge_expired_states(idx, pf_hashmask /
  			    (V_pf_default_rule.timeout[PFTM_INTERVAL] * 10));
	Index: UPDATING
	===================================================================
	--- UPDATING (版本 321309)
	+++ UPDATING (版本 322342)
	@@ -16,6 +16,16 @@
	the tip of head, and then rebuild without this option. The bootstrap process
	from older version of current across the gcc/clang cutover is a bit fragile.

	+20170810 p1 FreeBSD-SA-17:06.openssh
	+ FreeBSD-EN-17:07.vnet
	+ FreeBSD-EN-17:08.pf
	+
	+ Fix OpenSSH Denial of Service vulnerability. [SA-17:06]
	+
	+ Fix VNET kernel panic with asynchronous I/O. [EN-17:07]
	+
	+ Fix pf(4) housekeeping thread causes kernel panic. [EN-17:08]
	+
	20170725:
	11.1-RELEASE.

	Index: crypto/openssh/auth-passwd.c
	===================================================================
	--- crypto/openssh/auth-passwd.c (版本 321309)
	+++ crypto/openssh/auth-passwd.c (版本 322342)
	@@ -66,6 +66,8 @@
	#define DAY (24L * 60 * 60) /* 1 day in seconds */
	#define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */

	+#define MAX_PASSWORD_LEN 1024
	+
	void
	disable_forwarding(void)
	{
	@@ -87,6 +89,9 @@
	static int expire_checked = 0;
	#endif

	+ if (strlen(password) > MAX_PASSWORD_LEN)
	+ return 0;
	+
	#ifndef HAVE_CYGWIN
	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
	ok = 0;
	Index: sys/conf/newvers.sh
	===================================================================
	--- sys/conf/newvers.sh (版本 321309)
	+++ sys/conf/newvers.sh (版本 322342)
	@@ -44,7 +44,7 @@

	TYPE="FreeBSD"
	REVISION="11.1"
	-BRANCH="RELEASE"
	+BRANCH="RELEASE-p1"
	if [ -n "${BRANCH_OVERRIDE}" ]; then
	BRANCH=${BRANCH_OVERRIDE}
	fi
	Index: sys/kern/sys_socket.c
	===================================================================
	--- sys/kern/sys_socket.c (版本 321309)
	+++ sys/kern/sys_socket.c (版本 322342)
	@@ -675,6 +675,7 @@
	{
	struct kaiocb *job;

	+ CURVNET_SET(so->so_vnet);
	SOCKBUF_LOCK(sb);
	while (!TAILQ_EMPTY(&sb->sb_aiojobq) && soaio_ready(so, sb)) {
	job = TAILQ_FIRST(&sb->sb_aiojobq);
	@@ -698,6 +699,7 @@
	ACCEPT_LOCK();
	SOCK_LOCK(so);
	sorele(so);
	+ CURVNET_RESTORE();
	}

	void
	Index: sys/netpfil/pf/pf.c
	===================================================================
	--- sys/netpfil/pf/pf.c (版本 321309)
	+++ sys/netpfil/pf/pf.c (版本 322342)
	@@ -129,6 +129,8 @@
	#define V_pf_tcp_secret_init VNET(pf_tcp_secret_init)
	VNET_DEFINE(int, pf_tcp_iss_off);
	#define V_pf_tcp_iss_off VNET(pf_tcp_iss_off)
	+VNET_DECLARE(int, pf_vnet_active);
	+#define V_pf_vnet_active VNET(pf_vnet_active)

	/*
	* Queue for pf_intr() sends.
	@@ -1441,6 +1443,12 @@
	kproc_exit(0);
	}

	+ /* Wait while V_pf_default_rule.timeout is initialized. */
	+ if (V_pf_vnet_active == 0) {
	+ CURVNET_RESTORE();
	+ continue;
	+ }
	+
	/* Process 1/interval fraction of the state table every run. */
	idx = pf_purge_expired_states(idx, pf_hashmask /
	(V_pf_default_rule.timeout[PFTM_INTERVAL] * 10));