From nobody Sat Jun 17 09:29:09 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QjrMJ0ls6z4dk45; Sat, 17 Jun 2023 09:29:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QjrMH6GJGz3hx0; Sat, 17 Jun 2023 09:29:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1686994155; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mnmcweZNVAcwXpnazSlWJQwVmT6ugk+0iS0WTNss4EM=; b=MguOTWl6vZxyYr5KTBL/pjm2YCmY596ZhrOGGsbbVto6YZfa7F1LTmoQc8/6xwnXWdIfgI M+bpDJ4gs7m/KN2YwOAGaH6wJ9kEhLc/izA62cZVNPpxkw56W0am64vNFbA61A8X30XUvR cW3aFw/A1ZbOjo410rw/WmBVOi8cziCGYR2iVI7YfwswlNLJBSsUcOObOQd0+PNw1z8pgV 4DC0wC/W4KLlhQn93hBQQYJZ5srgCNlAhRB+2OM/JmayDkmHmsUmSvpnaYYZK9YG/TT1Zb aP5o3n/l6W62zurg4vKUlCJniE0qmWNGLEPCwVZ0yzebUW+qlK7fEuQlrUp/8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1686994155; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mnmcweZNVAcwXpnazSlWJQwVmT6ugk+0iS0WTNss4EM=; b=XyM39gkJW4xvtvlyvWgeOkFVNlfnu3Ui1Lvp/2tRRVG38Fi8DwEQg6lDFC1nUODfPuhYkq ZsW6gzn+1Ynhuh4yxOdtz01k3Ht0lmAT82yAAKXign7zaR6frp9Von/Kn04tVJfuT/kbdF FbbSSf5WdI8MjJegwCPqI1iTfXVo52YjpanNyyT9J/6UiG4QJ+RF7UI/VEs3GinORV71X9 vfsIoxuwcU56wbtzFWmzMuZj7n+ILXxjiiH0UP3SgUgwgDWvFdnbBJgIlULw7LqyYM0/5V ynNFpx5TvJClzh4g/pXJozQ+QWg6eLS29A1GcawoLB/q7LxuTlYtYvgPqbtWRw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1686994155; a=rsa-sha256; cv=none; b=JeBjARKgO0DmGMWJjQ9pxdaqpHt/N3PTbL7HHmKUN/og6rtHHBqAV7vIsPjnJgJ9AxogNS my4oqYpVlqDlJ4jiMZcnPU5Jl/QlNKK1csh+IJ1LNQ/MjD0noOwx344J+3W+ualk/F7oGO 93kvkiFbXeuvD/42N9IaEyUjsgGC3lnbl2hoWf3ubGBFMrjQpgL+eUr791UA2BZY7n+69s wYI/DM8lUhTsbe5MIc8n+pNE9s0k9ETNy1wqhnGnUlOEy1R42/Xc7mtkRXmOasQl6d8eMd HC750j8hQQ2olT+EJvgD/8u6nRBcV0fJim2Yy2OijZGWHUPxyRLwBj43nVliYQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QjrMH5HLgz14Y6; Sat, 17 Jun 2023 09:29:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35H9TFDA024955; Sat, 17 Jun 2023 09:29:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35H9T9Bw024937; Sat, 17 Jun 2023 09:29:09 GMT (envelope-from git) Date: Sat, 17 Jun 2023 09:29:09 GMT Message-Id: <202306170929.35H9T9Bw024937@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Martin Matuska Subject: git: e6c1e181ba7f - stable/13 - zfs: merge openzfs/zfs@86783d7d9 (zfs-2.1-release) into stable/13 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mm X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e6c1e181ba7f666e02b073be104eb3e241097d83 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by mm: URL: https://cgit.FreeBSD.org/src/commit/?id=e6c1e181ba7f666e02b073be104eb3e241097d83 commit e6c1e181ba7f666e02b073be104eb3e241097d83 Merge: ded54059fddd 86783d7d92cf Author: Martin Matuska AuthorDate: 2023-06-17 07:14:08 +0000 Commit: Martin Matuska CommitDate: 2023-06-17 07:14:08 +0000 zfs: merge openzfs/zfs@86783d7d9 (zfs-2.1-release) into stable/13 OpenZFS release 2.1.12 Notable upstream pull requeset merges: #14145 Storage device expansion "silently" fails on degraded vdev #14358 Wait for txg sync if the last DRR_FREEOBJECTS might result in a hole #14410 Improve resilver ETAs #14428 Resilver performance tuning #14501 FreeBSD: don't verify recycled vnode for zfs control directory #14524 Ignore too large stack in case of dsl_deadlist_merge #14659 Allow MMP to bypass waiting for other threads #14722 Fix "Detach spare vdev in case if resilvering does not happen" #14774 FreeBSD .zfs fixups #14776 FreeBSD: make zfs_vfs_held() definition consistent with declaration #14788 FreeBSD: add missing vop_fplookup assignments #14794 zpool import -m also removing spare and cache when log device is missing #14795 Fix positive ABD size assertion in abd_verify() #14798 Mark TX_COMMIT transaction with TXG_NOTHROTTLE #14811 Refine special_small_blocks property validation #14816 Fix two abd_gang_add_gang() issues #14819 Add dmu_tx_hold_append() interface #14823 Remove single parent assertion from zio_nowait() #14853 zil: Don't expect zio_shrink() to succeed #14861 Probe vdevs before marking removed #14873 Add the ability to uninitialize a zpool #14892 Fix concurrent resilvers initiated at same time #14903 Fix NULL pointer dereference when doing concurrent 'send' operations #14910 ZIL: Allow to replay blocks of any size Obtained from: OpenZFS OpenZFS tag: zfs-2.1.12 OpenZFS commit: 86783d7d92cf7a859464719a917fdff845b9a9e1 Relnotes: yes sys/contrib/openzfs/META | 4 +- sys/contrib/openzfs/cmd/zdb/zdb.c | 11 +- sys/contrib/openzfs/cmd/zed/agents/zfs_retire.c | 8 +- sys/contrib/openzfs/cmd/zpool/zpool_main.c | 77 +++++-- .../openzfs/config/always-compiler-options.m4 | 31 +++ sys/contrib/openzfs/config/kernel-acl.m4 | 34 +++- .../openzfs/config/kernel-cpu_has_feature.m4 | 29 +++ sys/contrib/openzfs/config/kernel-filemap.m4 | 26 +++ .../openzfs/config/kernel-flush_dcache_page.m4 | 26 +++ .../openzfs/config/kernel-generic_fillattr.m4 | 33 ++- sys/contrib/openzfs/config/kernel-inode-create.m4 | 41 +++- sys/contrib/openzfs/config/kernel-inode-getattr.m4 | 63 ++++-- sys/contrib/openzfs/config/kernel-inode-setattr.m4 | 87 ++++++++ .../openzfs/config/kernel-is_owner_or_cap.m4 | 25 ++- sys/contrib/openzfs/config/kernel-mkdir.m4 | 55 +++-- sys/contrib/openzfs/config/kernel-mknod.m4 | 34 +++- sys/contrib/openzfs/config/kernel-reclaim_state.m4 | 26 +++ sys/contrib/openzfs/config/kernel-rename.m4 | 40 +++- .../openzfs/config/kernel-setattr-prepare.m4 | 44 +++- sys/contrib/openzfs/config/kernel-symlink.m4 | 33 ++- sys/contrib/openzfs/config/kernel-tmpfile.m4 | 33 ++- sys/contrib/openzfs/config/kernel-writepage_t.m4 | 26 +++ sys/contrib/openzfs/config/kernel-xattr-handler.m4 | 91 ++++++--- sys/contrib/openzfs/config/kernel.m4 | 24 ++- sys/contrib/openzfs/config/zfs-build.m4 | 3 +- sys/contrib/openzfs/configure.ac | 1 + sys/contrib/openzfs/contrib/initramfs/scripts/zfs | 6 +- .../openzfs/contrib/pam_zfs_key/pam_zfs_key.c | 13 +- .../include/os/freebsd/zfs/sys/zfs_znode_impl.h | 3 +- .../include/os/linux/kernel/linux/dcache_compat.h | 15 ++ .../include/os/linux/kernel/linux/simd_powerpc.h | 11 + .../include/os/linux/kernel/linux/vfs_compat.h | 21 +- .../include/os/linux/kernel/linux/xattr_compat.h | 27 ++- .../openzfs/include/os/linux/spl/sys/cred.h | 2 + .../openzfs/include/os/linux/spl/sys/types.h | 14 ++ .../openzfs/include/os/linux/zfs/sys/trace_acl.h | 20 +- .../include/os/linux/zfs/sys/zfs_vnops_os.h | 7 +- .../include/os/linux/zfs/sys/zfs_znode_impl.h | 16 +- sys/contrib/openzfs/include/os/linux/zfs/sys/zpl.h | 11 +- sys/contrib/openzfs/include/sys/dmu.h | 3 + sys/contrib/openzfs/include/sys/dmu_objset.h | 7 + sys/contrib/openzfs/include/sys/dmu_tx.h | 1 + sys/contrib/openzfs/include/sys/dnode.h | 10 +- sys/contrib/openzfs/include/sys/fs/zfs.h | 1 + sys/contrib/openzfs/include/sys/spa.h | 3 + sys/contrib/openzfs/include/sys/vdev_initialize.h | 1 + sys/contrib/openzfs/include/sys/zfs_znode.h | 3 +- sys/contrib/openzfs/lib/libzfs/libzfs.abi | 3 +- sys/contrib/openzfs/lib/libzfs/libzfs_dataset.c | 8 +- sys/contrib/openzfs/lib/libzfs/libzfs_pool.c | 15 +- .../openzfs/lib/libzfs_core/libzfs_core.abi | 3 +- sys/contrib/openzfs/man/man4/zfs.4 | 11 +- sys/contrib/openzfs/man/man8/zpool-initialize.8 | 10 +- sys/contrib/openzfs/module/Kbuild.in | 1 + sys/contrib/openzfs/module/icp/algs/edonr/edonr.c | 4 +- .../openzfs/module/icp/algs/skein/skein_block.c | 2 + sys/contrib/openzfs/module/lua/ldo.c | 3 +- .../openzfs/module/os/freebsd/zfs/zfs_ctldir.c | 19 +- .../openzfs/module/os/freebsd/zfs/zfs_znode.c | 8 + sys/contrib/openzfs/module/os/linux/spl/spl-cred.c | 12 ++ .../openzfs/module/os/linux/spl/spl-generic.c | 4 + .../openzfs/module/os/linux/spl/spl-kmem-cache.c | 5 +- sys/contrib/openzfs/module/os/linux/zfs/arc_os.c | 4 + sys/contrib/openzfs/module/os/linux/zfs/policy.c | 2 +- .../openzfs/module/os/linux/zfs/zfs_ctldir.c | 4 + .../openzfs/module/os/linux/zfs/zfs_ioctl_os.c | 4 + .../openzfs/module/os/linux/zfs/zfs_vfsops.c | 4 +- .../openzfs/module/os/linux/zfs/zfs_vnops_os.c | 225 ++++++++++++--------- .../openzfs/module/os/linux/zfs/zfs_znode.c | 18 +- .../openzfs/module/os/linux/zfs/zpl_ctldir.c | 57 +++++- sys/contrib/openzfs/module/os/linux/zfs/zpl_file.c | 100 ++++++--- .../openzfs/module/os/linux/zfs/zpl_inode.c | 52 ++++- .../openzfs/module/os/linux/zfs/zpl_xattr.c | 41 +++- sys/contrib/openzfs/module/zcommon/Makefile.in | 4 + sys/contrib/openzfs/module/zfs/Makefile.in | 5 + sys/contrib/openzfs/module/zfs/abd.c | 17 +- sys/contrib/openzfs/module/zfs/dmu_recv.c | 26 +++ sys/contrib/openzfs/module/zfs/dmu_send.c | 8 +- sys/contrib/openzfs/module/zfs/dmu_tx.c | 105 ++++++++++ sys/contrib/openzfs/module/zfs/dsl_deadlist.c | 26 ++- sys/contrib/openzfs/module/zfs/dsl_scan.c | 56 +++-- sys/contrib/openzfs/module/zfs/mmp.c | 2 +- sys/contrib/openzfs/module/zfs/spa.c | 27 ++- sys/contrib/openzfs/module/zfs/spa_misc.c | 30 ++- sys/contrib/openzfs/module/zfs/vdev.c | 36 +++- sys/contrib/openzfs/module/zfs/vdev_initialize.c | 66 +++++- sys/contrib/openzfs/module/zfs/vdev_rebuild.c | 27 ++- sys/contrib/openzfs/module/zfs/zfs_ioctl.c | 3 +- sys/contrib/openzfs/module/zfs/zfs_vnops.c | 10 +- sys/contrib/openzfs/module/zfs/zil.c | 52 ++--- sys/contrib/openzfs/module/zfs/zio.c | 2 +- sys/contrib/openzfs/tests/runfiles/common.run | 17 +- sys/contrib/openzfs/tests/runfiles/sanity.run | 1 + .../tests/test-runner/bin/test-runner.py.in | 4 +- .../openzfs/tests/test-runner/bin/zts-report.py.in | 17 +- .../openzfs/tests/zfs-tests/cmd/Makefile.am | 1 + .../tests/zfs-tests/cmd/mmap_sync/.gitignore | 1 + .../tests/zfs-tests/cmd/mmap_sync/Makefile.am | 6 + .../tests/zfs-tests/cmd/mmap_sync/mmap_sync.c | 152 ++++++++++++++ .../openzfs/tests/zfs-tests/include/commands.cfg | 1 + .../tests/functional/alloc_class/Makefile.am | 4 +- .../functional/alloc_class/alloc_class_013_pos.ksh | 3 +- .../functional/alloc_class/alloc_class_014_neg.ksh | 38 ++++ .../functional/alloc_class/alloc_class_015_pos.ksh | 45 +++++ .../functional/cli_root/zpool_import/Makefile.am | 1 + .../cli_root/zpool_import/import_log_missing.ksh | 75 +++++++ .../cli_root/zpool_initialize/Makefile.am | 1 + .../zpool_initialize/zpool_initialize_uninit.ksh | 141 +++++++++++++ .../functional/cli_root/zpool_resilver/Makefile.am | 3 +- .../zpool_resilver/zpool_resilver_concurrent.ksh | 101 +++++++++ .../zpool_trim/zpool_trim_start_and_cancel_pos.ksh | 2 +- .../zfs-tests/tests/functional/mmap/Makefile.am | 4 +- .../zfs-tests/tests/functional/mmap/mmap_mixed.ksh | 86 ++++++++ .../tests/functional/mmap/mmap_sync_001_pos.ksh | 63 ++++++ .../zfs-tests/tests/functional/rsend/Makefile.am | 1 + .../tests/functional/rsend/send-c_volume.ksh | 9 +- .../rsend/send_encrypted_freeobjects.ksh | 87 ++++++++ sys/modules/zfs/zfs_config.h | 73 ++++++- sys/modules/zfs/zfs_gitrev.h | 2 +- 119 files changed, 2707 insertions(+), 453 deletions(-) diff --cc sys/contrib/openzfs/config/kernel-cpu_has_feature.m4 index 000000000000,608faf0f89fe..608faf0f89fe mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-cpu_has_feature.m4 +++ b/sys/contrib/openzfs/config/kernel-cpu_has_feature.m4 diff --cc sys/contrib/openzfs/config/kernel-filemap.m4 index 000000000000,745928168f92..745928168f92 mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-filemap.m4 +++ b/sys/contrib/openzfs/config/kernel-filemap.m4 diff --cc sys/contrib/openzfs/config/kernel-flush_dcache_page.m4 index 000000000000,2340c386ef57..2340c386ef57 mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-flush_dcache_page.m4 +++ b/sys/contrib/openzfs/config/kernel-flush_dcache_page.m4 diff --cc sys/contrib/openzfs/config/kernel-inode-setattr.m4 index 000000000000,45755b4eb273..45755b4eb273 mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-inode-setattr.m4 +++ b/sys/contrib/openzfs/config/kernel-inode-setattr.m4 diff --cc sys/contrib/openzfs/config/kernel-reclaim_state.m4 index 000000000000,9936b3c1001f..9936b3c1001f mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-reclaim_state.m4 +++ b/sys/contrib/openzfs/config/kernel-reclaim_state.m4 diff --cc sys/contrib/openzfs/config/kernel-writepage_t.m4 index 000000000000,3a0cffd98570..3a0cffd98570 mode 000000,100644..100644 --- a/sys/contrib/openzfs/config/kernel-writepage_t.m4 +++ b/sys/contrib/openzfs/config/kernel-writepage_t.m4 diff --cc sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/.gitignore index 000000000000,c721f472ba44..c721f472ba44 mode 000000,100644..100644 --- a/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/.gitignore +++ b/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/.gitignore diff --cc sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/Makefile.am index 000000000000,313e8db5c0f4..313e8db5c0f4 mode 000000,100644..100644 --- a/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/Makefile.am +++ b/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/Makefile.am diff --cc sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/mmap_sync.c index 000000000000,226e71be2f57..226e71be2f57 mode 000000,100644..100644 --- a/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/mmap_sync.c +++ b/sys/contrib/openzfs/tests/zfs-tests/cmd/mmap_sync/mmap_sync.c diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_014_neg.ksh index 000000000000,1b52014fd2d9..1b52014fd2d9 mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_014_neg.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_014_neg.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_015_pos.ksh index 000000000000,49c468af6702..49c468af6702 mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_015_pos.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/alloc_class/alloc_class_015_pos.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_import/import_log_missing.ksh index 000000000000,f12cac78540f..f12cac78540f mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_import/import_log_missing.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_import/import_log_missing.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_initialize/zpool_initialize_uninit.ksh index 000000000000,17f776cfbc20..17f776cfbc20 mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_initialize/zpool_initialize_uninit.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_initialize/zpool_initialize_uninit.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_resilver/zpool_resilver_concurrent.ksh index 000000000000,4c3b09796869..4c3b09796869 mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_resilver/zpool_resilver_concurrent.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/cli_root/zpool_resilver/zpool_resilver_concurrent.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_mixed.ksh index 000000000000,6c8246d48acf..6c8246d48acf mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_mixed.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_mixed.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_sync_001_pos.ksh index 000000000000,b764d6607ba6..b764d6607ba6 mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_sync_001_pos.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/mmap/mmap_sync_001_pos.ksh diff --cc sys/contrib/openzfs/tests/zfs-tests/tests/functional/rsend/send_encrypted_freeobjects.ksh index 000000000000,92451bd1ab6f..92451bd1ab6f mode 000000,100755..100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/rsend/send_encrypted_freeobjects.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/rsend/send_encrypted_freeobjects.ksh diff --cc sys/modules/zfs/zfs_config.h index 36a8a00a1d44,000000000000..cc4b81a2cb8a mode 100644,000000..100644 --- a/sys/modules/zfs/zfs_config.h +++ b/sys/modules/zfs/zfs_config.h @@@ -1,993 -1,0 +1,1056 @@@ +/* + * $FreeBSD$ + */ + +/* zfs_config.h. Generated from zfs_config.h.in by configure. */ +/* zfs_config.h.in. Generated from configure.ac by autoheader. */ + +/* Define to 1 if translation of program messages to the user's native + language is requested. */ +/* #undef ENABLE_NLS */ + +/* bio_end_io_t wants 1 arg */ +/* #undef HAVE_1ARG_BIO_END_IO_T */ + +/* lookup_bdev() wants 1 arg */ +/* #undef HAVE_1ARG_LOOKUP_BDEV */ + +/* submit_bio() wants 1 arg */ +/* #undef HAVE_1ARG_SUBMIT_BIO */ + +/* bdi_setup_and_register() wants 2 args */ +/* #undef HAVE_2ARGS_BDI_SETUP_AND_REGISTER */ + +/* vfs_getattr wants 2 args */ +/* #undef HAVE_2ARGS_VFS_GETATTR */ + +/* zlib_deflate_workspacesize() wants 2 args */ +/* #undef HAVE_2ARGS_ZLIB_DEFLATE_WORKSPACESIZE */ + +/* bdi_setup_and_register() wants 3 args */ +/* #undef HAVE_3ARGS_BDI_SETUP_AND_REGISTER */ + +/* vfs_getattr wants 3 args */ +/* #undef HAVE_3ARGS_VFS_GETATTR */ + +/* vfs_getattr wants 4 args */ +/* #undef HAVE_4ARGS_VFS_GETATTR */ + +/* kernel has access_ok with 'type' parameter */ +/* #undef HAVE_ACCESS_OK_TYPE */ + +/* posix_acl has refcount_t */ +/* #undef HAVE_ACL_REFCOUNT */ + +/* add_disk() returns int */ +/* #undef HAVE_ADD_DISK_RET */ + +/* Define if host toolchain supports AES */ +#define HAVE_AES 1 + +#ifdef __amd64__ +#ifndef RESCUE +/* Define if host toolchain supports AVX */ +#define HAVE_AVX 1 +#endif + +/* Define if host toolchain supports AVX2 */ +#define HAVE_AVX2 1 + +/* Define if host toolchain supports AVX512BW */ +#define HAVE_AVX512BW 1 + +/* Define if host toolchain supports AVX512CD */ +#define HAVE_AVX512CD 1 + +/* Define if host toolchain supports AVX512DQ */ +#define HAVE_AVX512DQ 1 + +/* Define if host toolchain supports AVX512ER */ +#define HAVE_AVX512ER 1 + +/* Define if host toolchain supports AVX512F */ +#define HAVE_AVX512F 1 + +/* Define if host toolchain supports AVX512IFMA */ +#define HAVE_AVX512IFMA 1 + +/* Define if host toolchain supports AVX512PF */ +#define HAVE_AVX512PF 1 + +/* Define if host toolchain supports AVX512VBMI */ +#define HAVE_AVX512VBMI 1 + +/* Define if host toolchain supports AVX512VL */ +#define HAVE_AVX512VL 1 +#endif + +/* bdevname() is available */ +/* #undef HAVE_BDEVNAME */ + +/* bdev_check_media_change() exists */ +/* #undef HAVE_BDEV_CHECK_MEDIA_CHANGE */ + +/* bdev_*_io_acct() available */ +/* #undef HAVE_BDEV_IO_ACCT_63 */ + +/* bdev_*_io_acct() available */ +/* #undef HAVE_BDEV_IO_ACCT_OLD */ + +/* bdev_kobj() exists */ +/* #undef HAVE_BDEV_KOBJ */ + +/* bdev_max_discard_sectors() is available */ +/* #undef HAVE_BDEV_MAX_DISCARD_SECTORS */ + +/* bdev_max_secure_erase_sectors() is available */ +/* #undef HAVE_BDEV_MAX_SECURE_ERASE_SECTORS */ + +/* block_device_operations->submit_bio() returns void */ +/* #undef HAVE_BDEV_SUBMIT_BIO_RETURNS_VOID */ + +/* bdev_whole() is available */ +/* #undef HAVE_BDEV_WHOLE */ + +/* bio_alloc() takes 4 arguments */ +/* #undef HAVE_BIO_ALLOC_4ARG */ + +/* bio->bi_bdev->bd_disk exists */ +/* #undef HAVE_BIO_BDEV_DISK */ + +/* bio->bi_opf is defined */ +/* #undef HAVE_BIO_BI_OPF */ + +/* bio->bi_status exists */ +/* #undef HAVE_BIO_BI_STATUS */ + +/* bio has bi_iter */ +/* #undef HAVE_BIO_BVEC_ITER */ + +/* bio_*_io_acct() available */ +/* #undef HAVE_BIO_IO_ACCT */ + +/* bio_max_segs() is implemented */ +/* #undef HAVE_BIO_MAX_SEGS */ + +/* bio_set_dev() is available */ +/* #undef HAVE_BIO_SET_DEV */ + +/* bio_set_dev() GPL-only */ +/* #undef HAVE_BIO_SET_DEV_GPL_ONLY */ + +/* bio_set_dev() is a macro */ +/* #undef HAVE_BIO_SET_DEV_MACRO */ + +/* bio_set_op_attrs is available */ +/* #undef HAVE_BIO_SET_OP_ATTRS */ + +/* blkdev_get_by_path() handles ERESTARTSYS */ +/* #undef HAVE_BLKDEV_GET_ERESTARTSYS */ + +/* blkdev_issue_discard() is available */ +/* #undef HAVE_BLKDEV_ISSUE_DISCARD */ + +/* blkdev_issue_secure_erase() is available */ +/* #undef HAVE_BLKDEV_ISSUE_SECURE_ERASE */ + +/* blkdev_reread_part() exists */ +/* #undef HAVE_BLKDEV_REREAD_PART */ + +/* blkg_tryget() is available */ +/* #undef HAVE_BLKG_TRYGET */ + +/* blkg_tryget() GPL-only */ +/* #undef HAVE_BLKG_TRYGET_GPL_ONLY */ + +/* blk_alloc_disk() exists */ +/* #undef HAVE_BLK_ALLOC_DISK */ + +/* blk_alloc_queue() expects request function */ +/* #undef HAVE_BLK_ALLOC_QUEUE_REQUEST_FN */ + +/* blk_alloc_queue_rh() expects request function */ +/* #undef HAVE_BLK_ALLOC_QUEUE_REQUEST_FN_RH */ + +/* blk_cleanup_disk() exists */ +/* #undef HAVE_BLK_CLEANUP_DISK */ + +/* blk queue backing_dev_info is dynamic */ +/* #undef HAVE_BLK_QUEUE_BDI_DYNAMIC */ + +/* blk_queue_discard() is available */ +/* #undef HAVE_BLK_QUEUE_DISCARD */ + +/* blk_queue_flag_clear() exists */ +/* #undef HAVE_BLK_QUEUE_FLAG_CLEAR */ + +/* blk_queue_flag_set() exists */ +/* #undef HAVE_BLK_QUEUE_FLAG_SET */ + +/* blk_queue_flush() is available */ +/* #undef HAVE_BLK_QUEUE_FLUSH */ + +/* blk_queue_flush() is GPL-only */ +/* #undef HAVE_BLK_QUEUE_FLUSH_GPL_ONLY */ + +/* blk_queue_secdiscard() is available */ +/* #undef HAVE_BLK_QUEUE_SECDISCARD */ + +/* blk_queue_secure_erase() is available */ +/* #undef HAVE_BLK_QUEUE_SECURE_ERASE */ + +/* blk_queue_update_readahead() exists */ +/* #undef HAVE_BLK_QUEUE_UPDATE_READAHEAD */ + +/* blk_queue_write_cache() exists */ +/* #undef HAVE_BLK_QUEUE_WRITE_CACHE */ + +/* blk_queue_write_cache() is GPL-only */ +/* #undef HAVE_BLK_QUEUE_WRITE_CACHE_GPL_ONLY */ + +/* Define if revalidate_disk() in block_device_operations */ +/* #undef HAVE_BLOCK_DEVICE_OPERATIONS_REVALIDATE_DISK */ + +/* Define to 1 if you have the Mac OS X function CFLocaleCopyCurrent in the + CoreFoundation framework. */ +/* #undef HAVE_CFLOCALECOPYCURRENT */ + +/* Define to 1 if you have the Mac OS X function + CFLocaleCopyPreferredLanguages in the CoreFoundation framework. */ +/* #undef HAVE_CFLOCALECOPYPREFERREDLANGUAGES */ + +/* Define to 1 if you have the Mac OS X function CFPreferencesCopyAppValue in + the CoreFoundation framework. */ +/* #undef HAVE_CFPREFERENCESCOPYAPPVALUE */ + +/* check_disk_change() exists */ +/* #undef HAVE_CHECK_DISK_CHANGE */ + +/* clear_inode() is available */ +/* #undef HAVE_CLEAR_INODE */ + +/* dentry uses const struct dentry_operations */ +/* #undef HAVE_CONST_DENTRY_OPERATIONS */ + +/* copy_from_iter() is available */ +/* #undef HAVE_COPY_FROM_ITER */ + +/* copy_to_iter() is available */ +/* #undef HAVE_COPY_TO_ITER */ + ++/* cpu_has_feature() is GPL-only */ ++/* #undef HAVE_CPU_HAS_FEATURE_GPL_ONLY */ ++ +/* yes */ +/* #undef HAVE_CPU_HOTPLUG */ + +/* current_time() exists */ +/* #undef HAVE_CURRENT_TIME */ + +/* Define if the GNU dcgettext() function is already present or preinstalled. + */ +/* #undef HAVE_DCGETTEXT */ + +/* DECLARE_EVENT_CLASS() is available */ +/* #undef HAVE_DECLARE_EVENT_CLASS */ + +/* dentry aliases are in d_u member */ +/* #undef HAVE_DENTRY_D_U_ALIASES */ + +/* dequeue_signal() takes 4 arguments */ +/* #undef HAVE_DEQUEUE_SIGNAL_4ARG */ + +/* lookup_bdev() wants dev_t arg */ +/* #undef HAVE_DEVT_LOOKUP_BDEV */ + +/* sops->dirty_inode() wants flags */ +/* #undef HAVE_DIRTY_INODE_WITH_FLAGS */ + +/* disk_*_io_acct() available */ +/* #undef HAVE_DISK_IO_ACCT */ + +/* disk_update_readahead() exists */ +/* #undef HAVE_DISK_UPDATE_READAHEAD */ + +/* Define to 1 if you have the header file. */ +#define HAVE_DLFCN_H 1 + +/* d_make_root() is available */ +/* #undef HAVE_D_MAKE_ROOT */ + +/* d_prune_aliases() is available */ +/* #undef HAVE_D_PRUNE_ALIASES */ + +/* dops->d_revalidate() operation takes nameidata */ +/* #undef HAVE_D_REVALIDATE_NAMEIDATA */ + +/* eops->encode_fh() wants child and parent inodes */ +/* #undef HAVE_ENCODE_FH_WITH_INODE */ + +/* sops->evict_inode() exists */ +/* #undef HAVE_EVICT_INODE */ + +/* FALLOC_FL_ZERO_RANGE is defined */ +/* #undef HAVE_FALLOC_FL_ZERO_RANGE */ + +/* fault_in_iov_iter_readable() is available */ +/* #undef HAVE_FAULT_IN_IOV_ITER_READABLE */ + ++/* filemap_range_has_page() is available */ ++/* #undef HAVE_FILEMAP_RANGE_HAS_PAGE */ ++ +/* fops->aio_fsync() exists */ +/* #undef HAVE_FILE_AIO_FSYNC */ + +/* file_dentry() is available */ +/* #undef HAVE_FILE_DENTRY */ + +/* file_inode() is available */ +/* #undef HAVE_FILE_INODE */ + ++/* flush_dcache_page() is GPL-only */ ++/* #undef HAVE_FLUSH_DCACHE_PAGE_GPL_ONLY */ ++ +/* iops->follow_link() cookie */ +/* #undef HAVE_FOLLOW_LINK_COOKIE */ + +/* iops->follow_link() nameidata */ +/* #undef HAVE_FOLLOW_LINK_NAMEIDATA */ + +/* fops->fsync() with range */ +/* #undef HAVE_FSYNC_RANGE */ + +/* fops->fsync() without dentry */ +/* #undef HAVE_FSYNC_WITHOUT_DENTRY */ + ++/* generic_fillattr requires struct mnt_idmap* */ ++/* #undef HAVE_GENERIC_FILLATTR_IDMAP */ ++ +/* generic_fillattr requires struct user_namespace* */ +/* #undef HAVE_GENERIC_FILLATTR_USERNS */ + +/* generic_*_io_acct() 3 arg available */ +/* #undef HAVE_GENERIC_IO_ACCT_3ARG */ + +/* generic_*_io_acct() 4 arg available */ +/* #undef HAVE_GENERIC_IO_ACCT_4ARG */ + +/* generic_readlink is global */ +/* #undef HAVE_GENERIC_READLINK */ + +/* generic_setxattr() exists */ +/* #undef HAVE_GENERIC_SETXATTR */ + +/* generic_write_checks() takes kiocb */ +/* #undef HAVE_GENERIC_WRITE_CHECKS_KIOCB */ + +/* Define if the GNU gettext() function is already present or preinstalled. */ +/* #undef HAVE_GETTEXT */ + +/* iops->get_acl() exists */ +/* #undef HAVE_GET_ACL */ + +/* iops->get_acl() takes rcu */ +/* #undef HAVE_GET_ACL_RCU */ + +/* has iops->get_inode_acl() */ +/* #undef HAVE_GET_INODE_ACL */ + +/* iops->get_link() cookie */ +/* #undef HAVE_GET_LINK_COOKIE */ + +/* iops->get_link() delayed */ +/* #undef HAVE_GET_LINK_DELAYED */ + +/* group_info->gid exists */ +/* #undef HAVE_GROUP_INFO_GID */ + +/* has_capability() is available */ +/* #undef HAVE_HAS_CAPABILITY */ + +/* Define if you have the iconv() function and it works. */ +#define HAVE_ICONV 1 + ++/* iops->getattr() takes struct mnt_idmap* */ ++/* #undef HAVE_IDMAP_IOPS_GETATTR */ ++ ++/* iops->setattr() takes struct mnt_idmap* */ ++/* #undef HAVE_IDMAP_IOPS_SETATTR */ ++ ++/* Define if compiler supports -Wimplicit-fallthrough */ ++/* #define HAVE_IMPLICIT_FALLTHROUGH 1 */ ++ +/* Define if compiler supports -Winfinite-recursion */ +/* #undef HAVE_INFINITE_RECURSION */ + +/* yes */ +/* #undef HAVE_INODE_LOCK_SHARED */ + +/* inode_owner_or_capable() exists */ +/* #undef HAVE_INODE_OWNER_OR_CAPABLE */ + ++/* inode_owner_or_capable() takes mnt_idmap */ ++/* #undef HAVE_INODE_OWNER_OR_CAPABLE_IDMAP */ ++ +/* inode_owner_or_capable() takes user_ns */ - /* #undef HAVE_INODE_OWNER_OR_CAPABLE_IDMAPPED */ ++/* #undef HAVE_INODE_OWNER_OR_CAPABLE_USERNS */ + +/* inode_set_flags() exists */ +/* #undef HAVE_INODE_SET_FLAGS */ + +/* inode_set_iversion() exists */ +/* #undef HAVE_INODE_SET_IVERSION */ + +/* inode->i_*time's are timespec64 */ +/* #undef HAVE_INODE_TIMESPEC64_TIMES */ + +/* timestamp_truncate() exists */ +/* #undef HAVE_INODE_TIMESTAMP_TRUNCATE */ + +/* Define to 1 if you have the header file. */ +#define HAVE_INTTYPES_H 1 + +/* in_compat_syscall() is available */ +/* #undef HAVE_IN_COMPAT_SYSCALL */ + ++/* iops->create() takes struct mnt_idmap* */ ++/* #undef HAVE_IOPS_CREATE_IDMAP */ ++ +/* iops->create() takes struct user_namespace* */ +/* #undef HAVE_IOPS_CREATE_USERNS */ + ++/* iops->mkdir() takes struct mnt_idmap* */ ++/* #undef HAVE_IOPS_MKDIR_IDMAP */ ++ +/* iops->mkdir() takes struct user_namespace* */ +/* #undef HAVE_IOPS_MKDIR_USERNS */ + ++/* iops->mknod() takes struct mnt_idmap* */ ++/* #undef HAVE_IOPS_MKNOD_IDMAP */ ++ +/* iops->mknod() takes struct user_namespace* */ +/* #undef HAVE_IOPS_MKNOD_USERNS */ + ++/* iops->rename() takes struct mnt_idmap* */ ++/* #undef HAVE_IOPS_RENAME_IDMAP */ ++ +/* iops->rename() takes struct user_namespace* */ +/* #undef HAVE_IOPS_RENAME_USERNS */ + ++/* iops->setattr() exists */ ++/* #undef HAVE_IOPS_SETATTR */ ++ ++/* iops->symlink() takes struct mnt_idmap* */ ++/* #undef HAVE_IOPS_SYMLINK_IDMAP */ ++ +/* iops->symlink() takes struct user_namespace* */ +/* #undef HAVE_IOPS_SYMLINK_USERNS */ + +/* iov_iter_advance() is available */ +/* #undef HAVE_IOV_ITER_ADVANCE */ + +/* iov_iter_count() is available */ +/* #undef HAVE_IOV_ITER_COUNT */ + +/* iov_iter_fault_in_readable() is available */ +/* #undef HAVE_IOV_ITER_FAULT_IN_READABLE */ + +/* iov_iter_revert() is available */ +/* #undef HAVE_IOV_ITER_REVERT */ + +/* iov_iter_type() is available */ +/* #undef HAVE_IOV_ITER_TYPE */ + +/* iov_iter types are available */ +/* #undef HAVE_IOV_ITER_TYPES */ + +/* yes */ +/* #undef HAVE_IO_SCHEDULE_TIMEOUT */ + +/* Define to 1 if you have the `issetugid' function. */ +#define HAVE_ISSETUGID 1 + +/* kernel has kernel_fpu_* functions */ +/* #undef HAVE_KERNEL_FPU */ + +/* kernel has asm/fpu/api.h */ +/* #undef HAVE_KERNEL_FPU_API_HEADER */ + +/* kernel fpu internal */ +/* #undef HAVE_KERNEL_FPU_INTERNAL */ + +/* kernel has asm/fpu/internal.h */ +/* #undef HAVE_KERNEL_FPU_INTERNAL_HEADER */ + +/* kernel has asm/fpu/xcr.h */ +/* #undef HAVE_KERNEL_FPU_XCR_HEADER */ + +/* kernel fpu and XSAVE internal */ +/* #undef HAVE_KERNEL_FPU_XSAVE_INTERNAL */ + +/* uncached_acl_sentinel() exists */ +/* #undef HAVE_KERNEL_GET_ACL_HANDLE_CACHE */ + +/* kernel does stack verification */ +/* #undef HAVE_KERNEL_OBJTOOL */ + +/* kernel has linux/objtool.h */ +/* #undef HAVE_KERNEL_OBJTOOL_HEADER */ + +/* kernel_read() take loff_t pointer */ +/* #undef HAVE_KERNEL_READ_PPOS */ + +/* timer_list.function gets a timer_list */ +/* #undef HAVE_KERNEL_TIMER_FUNCTION_TIMER_LIST */ + +/* struct timer_list has a flags member */ +/* #undef HAVE_KERNEL_TIMER_LIST_FLAGS */ + +/* timer_setup() is available */ +/* #undef HAVE_KERNEL_TIMER_SETUP */ + +/* kernel_write() take loff_t pointer */ +/* #undef HAVE_KERNEL_WRITE_PPOS */ + +/* kmem_cache_create_usercopy() exists */ +/* #undef HAVE_KMEM_CACHE_CREATE_USERCOPY */ + +/* kstrtoul() exists */ +/* #undef HAVE_KSTRTOUL */ + +/* ktime_get_coarse_real_ts64() exists */ +/* #undef HAVE_KTIME_GET_COARSE_REAL_TS64 */ + +/* ktime_get_raw_ts64() exists */ +/* #undef HAVE_KTIME_GET_RAW_TS64 */ + +/* kvmalloc exists */ +/* #undef HAVE_KVMALLOC */ + +/* Define if you have [aio] */ +/* #undef HAVE_LIBAIO */ + +/* Define if you have [blkid] */ +/* #undef HAVE_LIBBLKID */ + +/* Define if you have [crypto] */ +#define HAVE_LIBCRYPTO 1 + +/* Define if you have [tirpc] */ +/* #undef HAVE_LIBTIRPC */ + +/* Define if you have [udev] */ +/* #undef HAVE_LIBUDEV */ + +/* Define if you have [uuid] */ +/* #undef HAVE_LIBUUID */ + +/* linux/blk-cgroup.h exists */ +/* #undef HAVE_LINUX_BLK_CGROUP_HEADER */ + +/* lseek_execute() is available */ +/* #undef HAVE_LSEEK_EXECUTE */ + +/* makedev() is declared in sys/mkdev.h */ +/* #undef HAVE_MAKEDEV_IN_MKDEV */ + +/* makedev() is declared in sys/sysmacros.h */ +/* #undef HAVE_MAKEDEV_IN_SYSMACROS */ + +/* Noting that make_request_fn() returns blk_qc_t */ +/* #undef HAVE_MAKE_REQUEST_FN_RET_QC */ + +/* Noting that make_request_fn() returns void */ +/* #undef HAVE_MAKE_REQUEST_FN_RET_VOID */ + +/* iops->mkdir() takes umode_t */ +/* #undef HAVE_MKDIR_UMODE_T */ + +/* Define to 1 if you have the `mlockall' function. */ +#define HAVE_MLOCKALL 1 + +/* lookup_bdev() wants mode arg */ +/* #undef HAVE_MODE_LOOKUP_BDEV */ + +/* Define if host toolchain supports MOVBE */ +#define HAVE_MOVBE 1 + +/* new_sync_read()/new_sync_write() are available */ +/* #undef HAVE_NEW_SYNC_READ */ + +/* folio_wait_bit() exists */ +/* #undef HAVE_PAGEMAP_FOLIO_WAIT_BIT */ + +/* part_to_dev() exists */ +/* #undef HAVE_PART_TO_DEV */ + +/* iops->getattr() takes a path */ +/* #undef HAVE_PATH_IOPS_GETATTR */ + +/* Define if host toolchain supports PCLMULQDQ */ +#define HAVE_PCLMULQDQ 1 + +/* percpu_counter_add_batch() is defined */ +/* #undef HAVE_PERCPU_COUNTER_ADD_BATCH */ + +/* percpu_counter_init() wants gfp_t */ +/* #undef HAVE_PERCPU_COUNTER_INIT_WITH_GFP */ + +/* posix_acl_chmod() exists */ +/* #undef HAVE_POSIX_ACL_CHMOD */ + +/* posix_acl_from_xattr() needs user_ns */ +/* #undef HAVE_POSIX_ACL_FROM_XATTR_USERNS */ + +/* posix_acl_release() is available */ +/* #undef HAVE_POSIX_ACL_RELEASE */ + +/* posix_acl_release() is GPL-only */ +/* #undef HAVE_POSIX_ACL_RELEASE_GPL_ONLY */ + +/* posix_acl_valid() wants user namespace */ +/* #undef HAVE_POSIX_ACL_VALID_WITH_NS */ + +/* proc_ops structure exists */ +/* #undef HAVE_PROC_OPS_STRUCT */ + +/* iops->put_link() cookie */ +/* #undef HAVE_PUT_LINK_COOKIE */ + +/* iops->put_link() delayed */ +/* #undef HAVE_PUT_LINK_DELAYED */ + +/* iops->put_link() nameidata */ +/* #undef HAVE_PUT_LINK_NAMEIDATA */ + +/* If available, contains the Python version number currently in use. */ +#define HAVE_PYTHON "3.7" + +/* qat is enabled and existed */ +/* #undef HAVE_QAT */ + ++/* struct reclaim_state has reclaimed */ ++/* #undef HAVE_RECLAIM_STATE_RECLAIMED */ ++ +/* register_shrinker is vararg */ +/* #undef HAVE_REGISTER_SHRINKER_VARARG */ + +/* iops->rename() wants flags */ +/* #undef HAVE_RENAME_WANTS_FLAGS */ + +/* REQ_DISCARD is defined */ +/* #undef HAVE_REQ_DISCARD */ + +/* REQ_FLUSH is defined */ +/* #undef HAVE_REQ_FLUSH */ + +/* REQ_OP_DISCARD is defined */ +/* #undef HAVE_REQ_OP_DISCARD */ + +/* REQ_OP_FLUSH is defined */ +/* #undef HAVE_REQ_OP_FLUSH */ + +/* REQ_OP_SECURE_ERASE is defined */ +/* #undef HAVE_REQ_OP_SECURE_ERASE */ + +/* REQ_PREFLUSH is defined */ +/* #undef HAVE_REQ_PREFLUSH */ + +/* revalidate_disk() is available */ +/* #undef HAVE_REVALIDATE_DISK */ + +/* revalidate_disk_size() is available */ +/* #undef HAVE_REVALIDATE_DISK_SIZE */ + +/* struct rw_semaphore has member activity */ +/* #undef HAVE_RWSEM_ACTIVITY */ + +/* struct rw_semaphore has atomic_long_t member count */ +/* #undef HAVE_RWSEM_ATOMIC_LONG_COUNT */ + +/* linux/sched/signal.h exists */ +/* #undef HAVE_SCHED_SIGNAL_HEADER */ + +/* Define to 1 if you have the header file. */ +#define HAVE_SECURITY_PAM_MODULES_H 1 + ++/* setattr_prepare() accepts mnt_idmap */ ++/* #undef HAVE_SETATTR_PREPARE_IDMAP */ ++ +/* setattr_prepare() is available, doesn't accept user_namespace */ +/* #undef HAVE_SETATTR_PREPARE_NO_USERNS */ + +/* setattr_prepare() accepts user_namespace */ +/* #undef HAVE_SETATTR_PREPARE_USERNS */ + +/* iops->set_acl() exists, takes 3 args */ +/* #undef HAVE_SET_ACL */ + ++/* iops->set_acl() takes 4 args, arg1 is struct mnt_idmap * */ ++/* #undef HAVE_SET_ACL_IDMAP_DENTRY */ ++ +/* iops->set_acl() takes 4 args */ +/* #undef HAVE_SET_ACL_USERNS */ + +/* iops->set_acl() takes 4 args, arg2 is struct dentry * */ +/* #undef HAVE_SET_ACL_USERNS_DENTRY_ARG2 */ + +/* set_cached_acl() is usable */ +/* #undef HAVE_SET_CACHED_ACL_USABLE */ + +/* set_special_state() exists */ +/* #undef HAVE_SET_SPECIAL_STATE */ + +/* struct shrink_control exists */ +/* #undef HAVE_SHRINK_CONTROL_STRUCT */ + +/* kernel_siginfo_t exists */ +/* #undef HAVE_SIGINFO */ + +/* signal_stop() exists */ +/* #undef HAVE_SIGNAL_STOP */ + +/* new shrinker callback wants 2 args */ +/* #undef HAVE_SINGLE_SHRINKER_CALLBACK */ + +/* cs->count_objects exists */ +/* #undef HAVE_SPLIT_SHRINKER_CALLBACK */ + +#if defined(__amd64__) || defined(__i386__) +/* Define if host toolchain supports SSE */ +#define HAVE_SSE 1 + +/* Define if host toolchain supports SSE2 */ +#define HAVE_SSE2 1 *** 344 LINES SKIPPED *** From nobody Mon Jun 19 13:08:36 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ql97T1prbz4g5n7; Mon, 19 Jun 2023 13:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ql97T1K49z3r0x; Mon, 19 Jun 2023 13:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GzCLftKSJB7tQasc4Vu6RK0u/QPcyCqDhf9Abv8Eb6A=; b=xdlxBKXz6iO9x8PejJbUJMwFCerCZjUOSNto4PFVmZuUWSi6QK+7txOJQRLdwOrT4BNaYb nZbXLwKoghzz4NUEnG1xN8yqVB9pqu0VyuU+EDnmOHq0fqb97+9EcGTUqXphFHZf/QY7dn uiUz9bHZ45wPm3jbvRAHAWosxQ6XfnGbD85aS+tyb5K5ylMX6CfWvV0S4JGEYdYsX8eaj5 BxgHH+zeX2S/YJPnM7tYyPYJRcoyk8AO/PTZ2ZGa0ZSHZToVK9a6cgVnEobnMgmim90py6 VM+FvT5u+n9kEW5rgcgMpWs9p0ARz8SmTnlq+K/lwXeUdIcM4T4UiYyx/W2JAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GzCLftKSJB7tQasc4Vu6RK0u/QPcyCqDhf9Abv8Eb6A=; b=ocwm+PFgYabGc+mCN7sEau96wtx+XKpb1PF2SvtCnDyIzP1nFlh3nZMOFJvutfMQxrijam +AMBNSIdTMqiRaVi9YmrpeuEDJBfqTrvyLMVB9gQ5w82yTadxtYUiVZK5bLkkkSNhPO8rN sufUzfZ0FSVcE9jif1lEbv7FloNGijb6jh9IrtROzbzyipD0bIbgg8HH9MYJlQx6EQrGs0 tTGHdkX3/9z0k7Mv81Q5Gz5T8jsZyMqJqH8sxwn+z+6a0PuCrZVK+CPOtcuu15t8lnwwhE rEvGR/d1EtomyvAHS/zLIqVzL1h3Z0UoyviRmnx9Y2WYhvPZ5/zpMvSsRQiqGg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687180117; a=rsa-sha256; cv=none; b=wSzUCNDoCeU9j9AEbt0jPC8E0wlbjUXdFM4vS/B4+mSPs9iqkfRIe04TGoexi0UAXfNGQd pkTex0pgEgQ/RJXXs0+6uAZjiRw21+UpnNACiZiaMYBxn9p62ZyxVFYwGmxYwfYNzMrSOc E50Qu49ZF/30shZoHhn43/wdh4LpRXwKhntne1nUd2/1Y2epMNXduWVxdY8prEg3JD35nM zlE2Ckdmi8nqmI0lAVQ6F9B7quN8tjVAHCt/Lp8+MABIyxN4PGzEqIVZxXU4yXTYj2cHhT L2MLrRfBuj+UTk1THQu/yFI8LYh/2kNVUCOxt3uf/ILCBihh8bcB0N2nRiTpkA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ql97T0NWPzJ6t; Mon, 19 Jun 2023 13:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35JD8aXQ035485; Mon, 19 Jun 2023 13:08:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35JD8a9v035484; Mon, 19 Jun 2023 13:08:36 GMT (envelope-from git) Date: Mon, 19 Jun 2023 13:08:36 GMT Message-Id: <202306191308.35JD8a9v035484@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 232bd8e8d896 - stable/13 - vm_phys: Change the return type of vm_phys_unfree_page() to bool List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 232bd8e8d8961f4c937ea67c5e83184661447c4a Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=232bd8e8d8961f4c937ea67c5e83184661447c4a commit 232bd8e8d8961f4c937ea67c5e83184661447c4a Author: Mark Johnston AuthorDate: 2023-06-05 14:40:15 +0000 Commit: Mark Johnston CommitDate: 2023-06-19 12:56:42 +0000 vm_phys: Change the return type of vm_phys_unfree_page() to bool This is in keeping with the trend of removing uses of boolean_t, and the sole caller was implicitly converting it to a "bool". No functional change intended. Reviewed by: dougm, alc, imp, kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D40401 (cherry picked from commit 6062d9faf23f11e0655f3a222c204725e3111fe8) --- sys/vm/vm_page.c | 8 ++++---- sys/vm/vm_phys.c | 14 +++++++------- sys/vm/vm_phys.h | 2 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/sys/vm/vm_page.c b/sys/vm/vm_page.c index ecabd6c4798e..6e3913517bb5 100644 --- a/sys/vm/vm_page.c +++ b/sys/vm/vm_page.c @@ -327,7 +327,7 @@ vm_page_blacklist_add(vm_paddr_t pa, bool verbose) { struct vm_domain *vmd; vm_page_t m; - int ret; + bool found; m = vm_phys_paddr_to_vm_page(pa); if (m == NULL) @@ -335,15 +335,15 @@ vm_page_blacklist_add(vm_paddr_t pa, bool verbose) vmd = vm_pagequeue_domain(m); vm_domain_free_lock(vmd); - ret = vm_phys_unfree_page(m); + found = vm_phys_unfree_page(m); vm_domain_free_unlock(vmd); - if (ret != 0) { + if (found) { vm_domain_freecnt_inc(vmd, -1); TAILQ_INSERT_TAIL(&blacklist_head, m, listq); if (verbose) printf("Skipping page with pa 0x%jx\n", (uintmax_t)pa); } - return (ret); + return (found); } /* diff --git a/sys/vm/vm_phys.c b/sys/vm/vm_phys.c index 6798c55cc91c..2b5a792fce6d 100644 --- a/sys/vm/vm_phys.c +++ b/sys/vm/vm_phys.c @@ -1288,12 +1288,12 @@ vm_phys_scan_contig(int domain, u_long npages, vm_paddr_t low, vm_paddr_t high, /* * Search for the given physical page "m" in the free lists. If the search - * succeeds, remove "m" from the free lists and return TRUE. Otherwise, return - * FALSE, indicating that "m" is not in the free lists. + * succeeds, remove "m" from the free lists and return true. Otherwise, return + * false, indicating that "m" is not in the free lists. * * The free page queues must be locked. */ -boolean_t +bool vm_phys_unfree_page(vm_page_t m) { struct vm_freelist *fl; @@ -1316,12 +1316,12 @@ vm_phys_unfree_page(vm_page_t m) if (pa >= seg->start) m_set = &seg->first_page[atop(pa - seg->start)]; else - return (FALSE); + return (false); } if (m_set->order < order) - return (FALSE); + return (false); if (m_set->order == VM_NFREEORDER) - return (FALSE); + return (false); KASSERT(m_set->order < VM_NFREEORDER, ("vm_phys_unfree_page: page %p has unexpected order %d", m_set, m_set->order)); @@ -1347,7 +1347,7 @@ vm_phys_unfree_page(vm_page_t m) vm_freelist_add(fl, m_tmp, order, 0); } KASSERT(m_set == m, ("vm_phys_unfree_page: fatal inconsistency")); - return (TRUE); + return (true); } /* diff --git a/sys/vm/vm_phys.h b/sys/vm/vm_phys.h index 86785fd7579d..76c933d97914 100644 --- a/sys/vm/vm_phys.h +++ b/sys/vm/vm_phys.h @@ -79,7 +79,7 @@ void vm_phys_register_domains(int ndomains, struct mem_affinity *affinity, int *locality); vm_page_t vm_phys_scan_contig(int domain, u_long npages, vm_paddr_t low, vm_paddr_t high, u_long alignment, vm_paddr_t boundary, int options); -boolean_t vm_phys_unfree_page(vm_page_t m); +bool vm_phys_unfree_page(vm_page_t m); int vm_phys_mem_affinity(int f, int t); void vm_phys_early_add_seg(vm_paddr_t start, vm_paddr_t end); vm_paddr_t vm_phys_early_alloc(int domain, size_t alloc_size); From nobody Mon Jun 19 13:08:38 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ql97V5Wg1z4g5ky; Mon, 19 Jun 2023 13:08:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ql97V2B9kz3r7c; Mon, 19 Jun 2023 13:08:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180118; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nPcWEGTFcxrpQMIxezv7yszBOqJaJMgooRDQPWRjjNI=; b=nrYLTRYXIEx+0exk12ruOaSBeIi1iYchf3+HPMb52086kyJcy6prhjwqvTl3361cpW6z6N I6zalkIUzGFVf7Wf90QO5dnCakE1XUHFwJCyg7olem4+uxWBMsm7f+IQMkSK+e/d28JLQH eNRB5Ol7k0CYzcV/txsLPpUl6nCquaidh+sMHAbdLj3KxGiB6iVKLj1EUuLifUIwaMpBeL DJUvKVSfj8aZVlhwNhO24nrTAYby4GzUteVm1yxZgtox5NWpESEUE4uQuFdsd0B1NqwIxS AlMPDciiH0AxVIV3uKkoBiKlTgT7/08MMKh8OfkvlxaMqQl0Opby+/sn0T0UQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180118; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nPcWEGTFcxrpQMIxezv7yszBOqJaJMgooRDQPWRjjNI=; b=IJvRd28eyFi1Nn7j6Ny/3X0KJR+oRXtYbgbyS3G2p9sjUwvCSaneZAWFIDNSaAf7ftxnQ3 t/tA6NGC3L8YDrvr/95AZjFRlEIhQXf0XBYnetQPzdn5gaAHpi5DrMA2vcxmaooE5PFOax LS3TpnXmAMUDno6SLuag35UEXQ4Z75zx97HUhn9zYar/sBVmyh4s/YCjjtOn52ccFoFQU/ f3bayz9BFpDpHFPnVG8IktdHJxsuWuehRkiwENex6vTZ2lrHnGiEQ2ol4OmJPfoaVnIB24 q84sXPwg1RcaV53KrvLWmAeo/RB9p1PrZmRoykxfG0b1TnzWN8ojBOfpuvFpmQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687180118; a=rsa-sha256; cv=none; b=Pz6xn1Mn7C4X1mIljMHUGhPTb5x/9zViA8OXjqCar28WhDuNggLaKe4i9RhpUuzK7HMuhv ZUg1VZ2aWLdF3sW4rA/sGdO5FSyJxZrQzKCX9XbII0rA3YoaxN1BnSqmNuP2BWvxGJ/jKF g9YsPzqs7eiHqKCAkRITUpraLeIkaKHR07feqiT+QPYTIAVOkuECooLTyuVTaofCryaVNs syDzTs0FnFW6KVKC1DKP7K69uAFEebqjDTD95jzfa5cwzsTLwmNH4DoMZPAKpJZLFJVYpC cXw/soe3vZ29fpUagTbWUjhA6ztao6A9boV9KYgWLxyrNegrwV1dz20He/HuMw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ql97V1HQdzHxv; Mon, 19 Jun 2023 13:08:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35JD8cc7035514; Mon, 19 Jun 2023 13:08:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35JD8ctr035513; Mon, 19 Jun 2023 13:08:38 GMT (envelope-from git) Date: Mon, 19 Jun 2023 13:08:38 GMT Message-Id: <202306191308.35JD8ctr035513@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 299a7961f47d - stable/13 - opencrypto: Handle end-of-cursor conditions in crypto_cursor_segment() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 299a7961f47d84f4bcb19ca6756ae61cc2d5d756 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=299a7961f47d84f4bcb19ca6756ae61cc2d5d756 commit 299a7961f47d84f4bcb19ca6756ae61cc2d5d756 Author: Mark Johnston AuthorDate: 2023-06-12 16:09:34 +0000 Commit: Mark Johnston CommitDate: 2023-06-19 12:56:56 +0000 opencrypto: Handle end-of-cursor conditions in crypto_cursor_segment() Some consumers, e.g., swcr_encdec(), may call crypto_cursor_segment() after having advanced the cursor to the end of the buffer. In this case I believe the right behaviour is to return NULL and a length of 0. When this occurs with a CRYPTO_BUF_VMPAGE buffer, the cc_vmpage pointer will point past the end of the page pointer array, so crypto_cursor_segment() ends up dereferencing a random pointer before the function returns a length of 0. The uio-backed cursor has a similar problem. Address this by keeping track of the residual buffer length and returning immediately once the length is zero. PR: 271766 Reported by: Andrew "RhodiumToad" Gierth Reviewed by: jhb MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40428 (cherry picked from commit 718d4a1d5643c2faf409001320c3fd64aae57638) --- sys/opencrypto/criov.c | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/sys/opencrypto/criov.c b/sys/opencrypto/criov.c index e54d31388133..2c3bc6b37cb9 100644 --- a/sys/opencrypto/criov.c +++ b/sys/opencrypto/criov.c @@ -320,6 +320,7 @@ crypto_cursor_init(struct crypto_buffer_cursor *cc, break; case CRYPTO_BUF_UIO: cc->cc_iov = cb->cb_uio->uio_iov; + cc->cc_buf_len = cb->cb_uio->uio_resid; break; default: #ifdef INVARIANTS @@ -385,6 +386,7 @@ crypto_cursor_advance(struct crypto_buffer_cursor *cc, size_t amount) cc->cc_offset += amount; break; } + cc->cc_buf_len -= remain; amount -= remain; cc->cc_iov++; cc->cc_offset = 0; @@ -405,14 +407,34 @@ crypto_cursor_segment(struct crypto_buffer_cursor *cc, size_t *len) { switch (cc->cc_type) { case CRYPTO_BUF_CONTIG: - *len = cc->cc_buf_len; - return (cc->cc_buf); + case CRYPTO_BUF_UIO: + case CRYPTO_BUF_VMPAGE: + if (cc->cc_buf_len == 0) { + *len = 0; + return (NULL); + } + break; case CRYPTO_BUF_MBUF: case CRYPTO_BUF_SINGLE_MBUF: if (cc->cc_mbuf == NULL) { *len = 0; return (NULL); } + break; + default: +#ifdef INVARIANTS + panic("%s: invalid buffer type %d", __func__, cc->cc_type); +#endif + *len = 0; + return (NULL); + } + + switch (cc->cc_type) { + case CRYPTO_BUF_CONTIG: + *len = cc->cc_buf_len; + return (cc->cc_buf); + case CRYPTO_BUF_MBUF: + case CRYPTO_BUF_SINGLE_MBUF: if (cc->cc_mbuf->m_flags & M_EXTPG) return (m_epg_segment(cc->cc_mbuf, cc->cc_offset, len)); *len = cc->cc_mbuf->m_len - cc->cc_offset; @@ -425,11 +447,7 @@ crypto_cursor_segment(struct crypto_buffer_cursor *cc, size_t *len) *len = cc->cc_iov->iov_len - cc->cc_offset; return ((char *)cc->cc_iov->iov_base + cc->cc_offset); default: -#ifdef INVARIANTS - panic("%s: invalid buffer type %d", __func__, cc->cc_type); -#endif - *len = 0; - return (NULL); + __assert_unreachable(); } } @@ -520,6 +538,7 @@ crypto_cursor_copyback(struct crypto_buffer_cursor *cc, int size, todo = MIN(remain, size); memcpy(dst, src, todo); src += todo; + cc->cc_buf_len -= todo; if (todo < remain) { cc->cc_offset += todo; break; @@ -609,6 +628,7 @@ crypto_cursor_copydata(struct crypto_buffer_cursor *cc, int size, void *vdst) todo = MIN(remain, size); memcpy(dst, src, todo); dst += todo; + cc->cc_buf_len -= todo; if (todo < remain) { cc->cc_offset += todo; break; From nobody Mon Jun 19 13:08:39 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ql97W47FXz4g5fs; Mon, 19 Jun 2023 13:08:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ql97W35VXz3qvQ; Mon, 19 Jun 2023 13:08:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zygSNDpKOfB3HLzn9fssvSpcEYXA3QWjLy1g9NsGAqU=; b=cYz7+zn1Rb3WO6w5YUFkCWNS9u1/c5ypQHvyZSPI/m/lgRxFsQvH7sGVOZH9Vvjmm9VKk8 +rG1cNSoe26bngtuZFYwvUp3A5eWayDm+NxAqK8w4F11KuyNkzTNFak0sQ9oNqFebewk7T 0xKtUiY58/fJba1FrFp75vbzvt26MTUL1DazAob+StEk+BxNGQhOwmCSiB19TYE/rUsrb6 Ttc4VME5f6FuUamCoFktwH6ig3atejzhWCWWuzgD+Nf/5f/eRyetp1VuY3sBL4COOcFZue +Q/1I8njazzKaF0iTrFgPLyXo+Ukhf3Keq+t0fnsbAv6vulFyyHOrUptARN1HQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zygSNDpKOfB3HLzn9fssvSpcEYXA3QWjLy1g9NsGAqU=; b=AvgRQWIyjn3/zmVRVjzw07Alx38GVFQL2RxJ8ss3XAKe7D0opJD02E4Jq2UnV81TzaAe/4 ym/VtyrrPyQMuJZQDa/hP2aNDwqayoctmPKhnDKeEU/Sa7h4JxSHuzbB0vR+A28aY9yJgh XRoMfnBkAw+4BxXu6M3mssoNN1o/erTh/2uOcKkLZHXyCXJKfFsZBap8gonIrG2hFiJ1Dm wsnOGB0ZDZyCE+zQx+hkGxKoErAHkX120nc8/Hb7kZl0fgTs0XDpHO+mN/tL9TiREfCD/M qam4ctuhwwFqmUoPSUgo3G8iwQLyvnswbaYG2JVh+4Ihq7S7g2YynN0+BSwNqA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687180119; a=rsa-sha256; cv=none; b=e2d4ZbDAvAtYxtNgYgntdZJqbcEwgBFEVN+twn2Ix0RvmE7e7TkSxuzyvaaYAEZ24Q6nlt TmnKlPpxSW+cW93C+XIV1ceSoarVkCxFK+BK23kXhaCTPKJbTbrr1PQCp8RCNZZoiPOlhp H+FSsFw+DdSaSmviPHsKhVLSSKvduga3egLxnsOmZy7/lkmaNOsUsZyIdICsaV54zuO0j1 41BTc4DHLFnKdViQ5GBsMClk6kiJ/wCP5mruvoJtDPOnZm7FlfvqdEybyE+ExBs/WP3gy6 s4M1e9QmGiHrA6DaXHROt9OgAyOwF0SH2V9sPMvLtxsTBNuDaL6odd9H1/s+8A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ql97W2CFhzJW6; Mon, 19 Jun 2023 13:08:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35JD8dSI035533; Mon, 19 Jun 2023 13:08:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35JD8dkQ035532; Mon, 19 Jun 2023 13:08:39 GMT (envelope-from git) Date: Mon, 19 Jun 2023 13:08:39 GMT Message-Id: <202306191308.35JD8dkQ035532@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 0d2318bbb4cc - stable/13 - crypto: Advance the correct pointer in crypto_cursor_copydata() List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 0d2318bbb4ccd89f1e698b93dc06448b1fdffb74 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0d2318bbb4ccd89f1e698b93dc06448b1fdffb74 commit 0d2318bbb4ccd89f1e698b93dc06448b1fdffb74 Author: Mark Johnston AuthorDate: 2023-06-12 16:09:54 +0000 Commit: Mark Johnston CommitDate: 2023-06-19 12:57:08 +0000 crypto: Advance the correct pointer in crypto_cursor_copydata() PR: 271766 Reported by: Michael Laß MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40468 (cherry picked from commit 9f7fdd8c1ab153104275e59b49b2d567cec95256) --- sys/opencrypto/criov.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/opencrypto/criov.c b/sys/opencrypto/criov.c index 2c3bc6b37cb9..ded1d8bd1df3 100644 --- a/sys/opencrypto/criov.c +++ b/sys/opencrypto/criov.c @@ -607,7 +607,7 @@ crypto_cursor_copydata(struct crypto_buffer_cursor *cc, int size, void *vdst) remain = MIN(PAGE_SIZE - cc->cc_offset, cc->cc_buf_len); todo = MIN(remain, size); memcpy(dst, src, todo); - src += todo; + dst += todo; cc->cc_buf_len -= todo; if (todo < remain) { cc->cc_offset += todo; From nobody Mon Jun 19 13:08:40 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ql97X46xKz4g5g2; Mon, 19 Jun 2023 13:08:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ql97X3cpcz3rBm; Mon, 19 Jun 2023 13:08:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180120; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=thyBsR6+t03fx49mAtXgKBdkdHt2A4sD0pfscojiAEk=; b=k5ko8J2pSjagZsFONfW69+7sTJ7ZtfsPJyXOt1K8eUXAlTRS9V3pf7KnzmxiPkTO+nR+VO KNjq30lIDrPM31Wqo/TlGS4Gq90OrpZXmDgaTS0/rRx71cTKloMeo9hcE7/6YFOTQ+dMC2 rcpWWSwVt3pFONahUKR59H6aw4XRZAtN3wA4sVXLk9lK0m+uNZbrtzBqaQHL8/IHJ+bvAu 8+Nnzo40hVCn78qh1uccgon9x1DxhOdQ9Myk84E/J7ctn23VijbWbv3P60sH78yKGUAAju 4yGWnX6c+p91Z3nnWfCRlSZR1CQXQCQbhMBtQiH3xQJuC1P7uqXWTPWqyzRP8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687180120; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=thyBsR6+t03fx49mAtXgKBdkdHt2A4sD0pfscojiAEk=; b=liTjp1ZmlWO+qhWR+lqeUr0asc+qV35fo7w0EedRsIbuitDAW9kkDZiFppwoMMs97C9m10 HgTXoW5HKnNOVPGnYdipyRwr8BnYgHJFR1A7MFIo2nIi7bBDN97i06ITsnYw7an8UYsuVu kMJWeRwSaC7ICXLuOyrJ1o0uxtdizZv1NFyCw5mwjNWgHUzxW0pm+o5FQtf2mp6+eSZZRa kvcS/5FKh9RJbMdjnTZjgqg6LpxBh+SOhagYK324fH7lgXBe5NFVqtCiIP2oGBj647gMSS Ub7Ogm43N4QVAIM75xv1DIcTPG9Is/YC7HV6i3eHJ3ZNQsjyqI98MqPOvM7aGg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687180120; a=rsa-sha256; cv=none; b=cbeyKXzXYcLwlPydvsRC7fweQ1JmAZtyuImOpI2zadtM5R0zVoJxMEJJmCgIHnXSV+2z3W DwLYBmCqVryEuqDgePZP8xNRqu8gKQZtiTwazL31zBB778HFdlSGy5iiYGkgf5LWm6oOie pxJ4dkVvlyBO3qjjKmI1fWEel36ozULYAiuFJzQIz7hIqtbZqjo5nx5qIzd+Y9bVGD2wCZ MxmAsizp9pW8SEy06HvAFTn2gfuG/gqcm6vijzOmJbfcxEdO0VRYo706mXzZ5lNgND3zxQ WQTAFWiuc4B0PwqThZxy+V9QJjsZbrb7nQLeJ8Edeb4BBKML9tYeBsWx7fgB3Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ql97X2bSNzHxw; Mon, 19 Jun 2023 13:08:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35JD8eDH035554; Mon, 19 Jun 2023 13:08:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35JD8eSs035553; Mon, 19 Jun 2023 13:08:40 GMT (envelope-from git) Date: Mon, 19 Jun 2023 13:08:40 GMT Message-Id: <202306191308.35JD8eSs035553@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: c4aae5668c69 - stable/13 - geli tests: Add a regression test for PR 271766 List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: c4aae5668c69df4205ab3df382056a71a0e23bb7 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=c4aae5668c69df4205ab3df382056a71a0e23bb7 commit c4aae5668c69df4205ab3df382056a71a0e23bb7 Author: Mark Johnston AuthorDate: 2023-06-12 16:11:20 +0000 Commit: Mark Johnston CommitDate: 2023-06-19 12:57:17 +0000 geli tests: Add a regression test for PR 271766 This test case catches both of the bugs reported there. PR: 271766 Reviewed by: imp MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40469 (cherry picked from commit 9c0467929abaab97f45fc07507b6f30c80211239) --- tests/sys/geom/class/eli/Makefile | 3 + tests/sys/geom/class/eli/misc_test.sh | 38 ++++++++- tests/sys/geom/class/eli/unaligned_io.c | 131 ++++++++++++++++++++++++++++++++ 3 files changed, 170 insertions(+), 2 deletions(-) diff --git a/tests/sys/geom/class/eli/Makefile b/tests/sys/geom/class/eli/Makefile index c7f1342f45ae..bdb1101ef059 100644 --- a/tests/sys/geom/class/eli/Makefile +++ b/tests/sys/geom/class/eli/Makefile @@ -37,6 +37,9 @@ SRCS.pbkdf2_test= \ LIBADD.pbkdf2_test= crypto +PROGS+= unaligned_io +BINDIR?= ${TESTSDIR} + testvect.h: python gentestvect.py > ${.TARGET} diff --git a/tests/sys/geom/class/eli/misc_test.sh b/tests/sys/geom/class/eli/misc_test.sh index 4dc7cb9bf367..420f47f786e6 100644 --- a/tests/sys/geom/class/eli/misc_test.sh +++ b/tests/sys/geom/class/eli/misc_test.sh @@ -135,17 +135,51 @@ physpath_cleanup() true } +unaligned_io_test() +{ + cipher=$1 + secsize=$2 + ealgo=${cipher%%:*} + keylen=${cipher##*:} + + atf_check -s exit:0 -e ignore \ + geli init -B none -e $ealgo -l $keylen -P -K keyfile \ + -s $secsize ${md} + atf_check geli attach -p -k keyfile ${md} + + atf_check $(atf_get_srcdir)/unaligned_io /dev/${md}.eli +} + +atf_test_case unaligned_io cleanup +unaligned_io_head() +{ + atf_set "descr" "regression test for PR 271766" + atf_set "require.user" "root" +} +unaligned_io_body() +{ + geli_test_setup + + sectors=4 + + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + for_each_geli_config_nointegrity unaligned_io_test +} +unaligned_io_cleanup() +{ + geli_test_cleanup +} + atf_init_test_cases() { atf_add_test_case physpath atf_add_test_case preserve_props atf_add_test_case preserve_disk_props + atf_add_test_case unaligned_io } - common_cleanup() { - if [ -f "$MD_DEVS" ]; then while read test_md; do gnop destroy -f ${test_md}.nop 2>/dev/null diff --git a/tests/sys/geom/class/eli/unaligned_io.c b/tests/sys/geom/class/eli/unaligned_io.c new file mode 100644 index 000000000000..707d15f40be4 --- /dev/null +++ b/tests/sys/geom/class/eli/unaligned_io.c @@ -0,0 +1,131 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2023 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Idea from a test case by Andrew "RhodiumToad" Gierth in Bugzilla PR 271766. + */ + +#include +#include +#include + +#include + +#include +#include +#include +#include +#include + +int +main(int argc, char **argv) +{ + const char *disk; + char *buf1, *buf2; + off_t disksz; + size_t bufsz, iosz; + ssize_t n; + unsigned int offsets, secsz; + int fd; + + if (argc != 2) + errx(1, "Usage: %s ", argv[0]); + disk = argv[1]; + + fd = open(disk, O_RDWR); + if (fd < 0) + err(1, "open(%s)", disk); + + if (ioctl(fd, DIOCGSECTORSIZE, &secsz) != 0) + err(1, "ioctl(DIOCGSECTORSIZE)"); + if (secsz == 0) + errx(1, "ioctl(DIOCGSECTORSIZE) returned 0"); + if (ioctl(fd, DIOCGMEDIASIZE, &disksz) != 0) + err(1, "ioctl(DIOCGMEDIASIZE)"); + if (disksz / secsz < 2) + errx(1, "disk needs to be at least 2 sectors in size"); + iosz = 2 * secsz; + + bufsz = iosz + secsz; + buf1 = mmap(NULL, bufsz, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, + -1, 0); + if (buf1 == MAP_FAILED) + err(1, "mmap"); + buf2 = mmap(NULL, bufsz, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, + -1, 0); + if (buf2 == MAP_FAILED) + err(1, "mmap"); + + arc4random_buf(buf1, bufsz); + n = pwrite(fd, buf1, bufsz, 0); + if (n < 0 || (size_t)n != bufsz) + err(1, "pwrite"); + + /* + * Limit the number of offsets we test with, to avoid spending too much + * time when the sector size is large. + */ + offsets = MAX(EALG_MAX_BLOCK_LEN, HMAC_MAX_BLOCK_LEN) + 1; + + /* + * Read test: read the first 2 sectors into buf1, then do the same with + * buf2, except at varying offsets into buf2. After each read, compare + * the buffers and make sure they're identical. This exercises corner + * cases in the crypto layer's buffer handling. + */ + n = pread(fd, buf1, iosz, 0); + if (n < 0 || (size_t)n != iosz) + err(1, "pread"); + for (unsigned int i = 0; i < offsets; i++) { + n = pread(fd, buf2 + i, iosz, 0); + if (n < 0 || (size_t)n != iosz) + err(1, "pread"); + if (memcmp(buf1, buf2 + i, iosz) != 0) + errx(1, "read mismatch at offset %u/%u", i, secsz); + } + + /* + * Write test. Try writing buffers at various alignments, and verify + * that we read back what we wrote. + */ + arc4random_buf(buf1, bufsz); + for (unsigned int i = 0; i < offsets; i++) { + n = pwrite(fd, buf1 + i, iosz, 0); + if (n < 0 || (size_t)n != iosz) + err(1, "pwrite"); + n = pread(fd, buf2, iosz, 0); + if (n < 0 || (size_t)n != iosz) + err(1, "pread"); + if (memcmp(buf1 + i, buf2, iosz) != 0) + errx(1, "write mismatch at offset %u/%u", i, secsz); + } + + return (0); +} From nobody Tue Jun 20 04:00:42 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QlXwq14cyz4fRYX; Tue, 20 Jun 2023 04:00:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QlXwq0bzsz43b3; Tue, 20 Jun 2023 04:00:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233643; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=olGcZnFaxc1yvW9txkFO45uiqeiofueZJk4INM6skZM=; b=J6zuMfMe6Mm5jZ7Yot6ak0Ina0DKxrTajmIfsT0Gxo4cO3AbYyW/ZUGmUU82gAuDfdpXDP mmu6s4VvyfXDGnWRwQSeqwvq/dcH/4UdZIO+CkRGueJFOCEXkhn24xQr+pQzqPShY3+/qu E0z2xo3i9nxfxUErUTPbZtWR6V6RZwoQUFUhxnBwL6iFzBW2NLbwbyqv6hDglfEufxPBAs 8q5vN/7NOq+NbpKhZpYZ13i7wTinpTHb+VXRP1YLGOQpkoGEnf6eB/47X3VyKLl6A7JkPS 6yLqix9n2IwDmtEHtSZKGprFgJA0pyrjJXF73gDD4d/Txjs2FcFQtfEDbTLO6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233643; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=olGcZnFaxc1yvW9txkFO45uiqeiofueZJk4INM6skZM=; b=xG9tgDw9uE/4ZubM2KXzBPlFhamG+5HXAKs8su++/Iks74nG8TUXwQsa9v6TQEy+1BRsmp nEtsQyeK6Ky+fqMgqzsPBs+jZ/tYaF0xddHI/zy7DMo5x3TVAuS3gafU/cejJKsNIKAWpa kKxgS2fz/Nr0eze2PJC3Y4fJC4eYNwTeRx13rr+zOMDJHeLA6gOFGZD0PSOUN3J3/xThNi kyJ9hVSm6tL36yOR+VwC7T2NKsarbLtTrBUqJ32jsL6HvqH5sLtWEh+ynXcFlTGjjybcbh r1Exs++4Fh3iS+55Q+QB4/nJXoL1OV9vlc/zXGDj1LdF6w/pJIAbj4WkyZWRiA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687233643; a=rsa-sha256; cv=none; b=bdm1BXikZ0cNN6p+JezcytGyPehMU67roK5QHf0uPSLli0NxOW9NixlXoPmhAYnzxGopGr WpOshsDHrCY/tNHgshVUXvwRKUQu2ETeT9YQXLLqsoMijQUoJ8oDf4Jrt1czzmKYiIcoLQ 7Ot7IqR2okI0APEDbjFWaIkYpQ8c2sLzkF+TH4xAfq701qwjJVnwI1Swn3MGjFSuO6/5WB iT2F0UVRI+vTf7cQCFmwCXMZK1omWx4IGHMKzkCw36rja0O2m4rALShtfafNQcyiWw2np0 +DTTxIeZ6MnXXbUkabaVgEofFxbsIJ7XrilXEwXzM+wArH4D3rrKvwzhn9Whnw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QlXwp6ndszklT; Tue, 20 Jun 2023 04:00:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35K40gij014471; Tue, 20 Jun 2023 04:00:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35K40gAh014470; Tue, 20 Jun 2023 04:00:42 GMT (envelope-from git) Date: Tue, 20 Jun 2023 04:00:42 GMT Message-Id: <202306200400.35K40gAh014470@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Bergling Subject: git: 7cf49aa2c1fc - stable/13 - xdr(3): Fix a typo in a source code comment List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gbe X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7cf49aa2c1fce98c202c2d24ac644c4d30948319 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by gbe: URL: https://cgit.FreeBSD.org/src/commit/?id=7cf49aa2c1fce98c202c2d24ac644c4d30948319 commit 7cf49aa2c1fce98c202c2d24ac644c4d30948319 Author: Gordon Bergling AuthorDate: 2023-06-17 08:49:40 +0000 Commit: Gordon Bergling CommitDate: 2023-06-20 04:00:15 +0000 xdr(3): Fix a typo in a source code comment - s/curren/current/ (cherry picked from commit 85604f7008ee7c963bb6dc8417582f9c31bb4ad3) --- lib/libc/xdr/xdr_rec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/xdr/xdr_rec.c b/lib/libc/xdr/xdr_rec.c index 3ecae9a1ab44..30980c378f51 100644 --- a/lib/libc/xdr/xdr_rec.c +++ b/lib/libc/xdr/xdr_rec.c @@ -119,7 +119,7 @@ typedef struct rec_strm { char *out_base; /* output buffer (points to frag header) */ char *out_finger; /* next output position */ char *out_boundry; /* data cannot up to this address */ - u_int32_t *frag_header; /* beginning of curren fragment */ + u_int32_t *frag_header; /* beginning of current fragment */ bool_t frag_sent; /* true if buffer sent in middle of record */ /* * in-coming bits From nobody Tue Jun 20 04:00:43 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QlXwr2v72z4fRP7; Tue, 20 Jun 2023 04:00:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QlXwr1ZLjz43h2; Tue, 20 Jun 2023 04:00:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=W1j7dVlmSb7UAzWNr2xtPXMlwHKCDO9ZlylfApAZOyM=; b=PEbMFGZhQztLjTVh3wcM2jl9IMMiJTluV+SlXP7uHPgrrh1Ut2TcGSm73uitjrrGm0aHUB gsdu9ZpsSK4gubwqrT4sy8YQMRfOUCw13e6Pf7c+K9EHZSodhyxJtzD15r2nM7irtUhVVN vk0I8LMj1F2zxH+NcYlNNXlhzqn6wq85YwgiwSYGImxeauj7OOLa3XNtFkNfbCrZYe2/I8 lUifxpbhK031Z7ATmgrP3710WNHBUF7hpetBANP1lRUu1nRgUXm50jyjkFiWTjZ/Tb2vsR fokigvSH5k5yarNmCFpPAelZroyYbC1hSSfv5cV+eQPWWTCXZ73McQYwjr6d3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233644; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=W1j7dVlmSb7UAzWNr2xtPXMlwHKCDO9ZlylfApAZOyM=; b=EgrhdU2YmKUtDsPFLIbBCyAXr6Hn2kgW1us+V2VRRaFhcNgy/uaZNRv8b8iVDK32qxI/5X oe+Q1A3IkLD4jqbvTyskoaH1s9xf39xNyNfZRAOmsF8jH+z8UUMF2fXmSwxQ7YdT8lbwTS LLTEpXboAYQ/BMeVo14DamUZx62miEaDjdgPNGU7bHuXbFgF0+yzUW4D5z6zBgT2453iMl Knd5pUzD6g3R/qfcewokONGVv9b51//ywEO/YUaslGNQ4MPXye1J7oHTFBXrrWIa8gR52x I7By/Xj+p485ZSvtU7WLqDtZVugXV7/6nQ9e8dtsL35DdCsGe2toIu2c5TQffA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687233644; a=rsa-sha256; cv=none; b=UraqfoIOgWk06p8N4vqhJEnNHN0/8u4EoR4YBDAtzDp72S0x2/EmV5qNY183EpZdjH7NbN 2U7A+51O0hXMvgOWjtmxMjizFc7By2cE/dT2rSwEA9o0KVWFU3JcO0WXyLq4JZWznbmiM8 eAnl+UXLFMyuGRpWsvgNVPVzgG+MkB8YqDx8clah77nVMZdtShIw6HBJq0c48Lqw4CrBa+ R9nd5yE95v3Eyh01QHb/1+OKZ0tY7wbQf6pfMwMVQTcRt+0JkSfdNVfrfk5QkUDFSPabNE T32Nx+PCq6f8qOBtv1m6tPdMO7pdw7qDlDyNLthX5Y/vi6HGfmp3cFI7OcSO8w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QlXwr0LCYzkJ4; Tue, 20 Jun 2023 04:00:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35K40h79014490; Tue, 20 Jun 2023 04:00:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35K40h21014489; Tue, 20 Jun 2023 04:00:43 GMT (envelope-from git) Date: Tue, 20 Jun 2023 04:00:43 GMT Message-Id: <202306200400.35K40h21014489@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Bergling Subject: git: dcf9fe633733 - stable/13 - hifn(4): Fix a typo in a source code comment List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gbe X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: dcf9fe633733be8689f753944811f93e03b22cd7 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by gbe: URL: https://cgit.FreeBSD.org/src/commit/?id=dcf9fe633733be8689f753944811f93e03b22cd7 commit dcf9fe633733be8689f753944811f93e03b22cd7 Author: Gordon Bergling AuthorDate: 2023-06-17 08:51:23 +0000 Commit: Gordon Bergling CommitDate: 2023-06-20 04:00:32 +0000 hifn(4): Fix a typo in a source code comment - s/regesters/registers/ (cherry picked from commit 85b3169b78f763aa7102621c349485cd5509efd3) --- sys/dev/hifn/hifn7751.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/hifn/hifn7751.c b/sys/dev/hifn/hifn7751.c index 240d801e5b12..ec249d02294c 100644 --- a/sys/dev/hifn/hifn7751.c +++ b/sys/dev/hifn/hifn7751.c @@ -880,7 +880,7 @@ hifn_set_retry(struct hifn_softc *sc) } /* - * Resets the board. Values in the regesters are left as is + * Resets the board. Values in the registers are left as is * from the reset (i.e. initial values are assigned elsewhere). */ static void From nobody Tue Jun 20 04:01:00 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QlXx90zQKz4fRgy; Tue, 20 Jun 2023 04:01:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QlXx90HNpz44N7; Tue, 20 Jun 2023 04:01:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233661; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Ae31caaq7N7RvYnFk2PTYQRdsVIK+3cHdaaaLb9UOk=; b=in0ggpxkpm4odyTNGYnMrt3uV416r9Pp1Z5ToUkDCjwNlMQGU07Bc+31+h7h27LjicHasY QvKqKyrFFJY+LH2fw218JUDZiHcMn7/wzf1Wdt3VsnzDTY3CgKszeTvuuIkwZ2zWk8Vk7a 0sBIU8AifqBR7wf1vxH/NN/SO9BSmj0PMHQh7wpxcETvpkJ8AW3WYalzu5yzI1pjUsSh7m HG3Bz4KrtVk2acOpxase9+L0T66KhdOeEPBDkf1MlHQrBxeu84GYvP2CvjQJ7EVapIjoVa ZQ28E93QSw2rAXmCQ7COy3+jt7V27OKQh+a2qwFzPU6mZIJRl1WK/NXil9V2ig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687233661; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Ae31caaq7N7RvYnFk2PTYQRdsVIK+3cHdaaaLb9UOk=; b=BKPMW9dAmZ0p+qThR51N0t23l0wIoooXhck1RgADaY3vTPAvFomnbTa/4yjFIPNFxMsyGf I6R0pUNrFTjqc6WcTgHljkepH8w3tQiPmMVsXjNnlR/joYksk5nr8O5suwzbhl6povhsWk MhL5DfoJox60OhX8jpDJY5eusQBp1an6FWYAEKxGFSqVU4nhbGkOgZ2LDDushSD2cM09f+ rGN8IrJ5J++j/9Vu4aD9SUgW1HBw/1yt/B14VB09GcVA/2jvrSHstNYL8m9mQ2MVABPh8Z L+HPkjuH+5JFZ4OgAxdliWR3K0NgSW+dtFQQM0/wpauQd/CoB5lpId2rHd/GJg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687233661; a=rsa-sha256; cv=none; b=GToWob1tlWfurW+Z7dB7x7KxcaHIIboRX8YZovv3EtKCiWfcMOwxSi4ZQOfQFk4rqTPdFQ HwQV7JWHuNYPnQakdHrrEI2AHHWR61hMxdK9ywkI3gcQwTMc4reHjvmtJ5TO552hu3Pxvc JauSw/kAHqPtRlhXjlqcaKGjowhXSJrBeiecAjeTDl74Zk671appd7O/WbyL4ENz0fVXsN xK4QCl5pqPId2eCqa+XinX7VStd2ZCFHDJfReMFMxLr4arTtq1+Lo2FMowCsgXJFghrYqX lB0ZNRVXzVvTQomNL0gVjNnZvjuqMFbN7Llko9U4Us7CL1wYp5i5tff/4p2Cpg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QlXx86RZJzkld; Tue, 20 Jun 2023 04:01:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35K410OR017748; Tue, 20 Jun 2023 04:01:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35K410px017747; Tue, 20 Jun 2023 04:01:00 GMT (envelope-from git) Date: Tue, 20 Jun 2023 04:01:00 GMT Message-Id: <202306200401.35K410px017747@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Bergling Subject: git: f7d696685337 - stable/12 - xdr(3): Fix a typo in a source code comment List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gbe X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: f7d6966853375be0efcafd795d5b2a639cf47508 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by gbe: URL: https://cgit.FreeBSD.org/src/commit/?id=f7d6966853375be0efcafd795d5b2a639cf47508 commit f7d6966853375be0efcafd795d5b2a639cf47508 Author: Gordon Bergling AuthorDate: 2023-06-17 08:49:40 +0000 Commit: Gordon Bergling CommitDate: 2023-06-20 04:00:53 +0000 xdr(3): Fix a typo in a source code comment - s/curren/current/ (cherry picked from commit 85604f7008ee7c963bb6dc8417582f9c31bb4ad3) --- lib/libc/xdr/xdr_rec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/xdr/xdr_rec.c b/lib/libc/xdr/xdr_rec.c index 3ecae9a1ab44..30980c378f51 100644 --- a/lib/libc/xdr/xdr_rec.c +++ b/lib/libc/xdr/xdr_rec.c @@ -119,7 +119,7 @@ typedef struct rec_strm { char *out_base; /* output buffer (points to frag header) */ char *out_finger; /* next output position */ char *out_boundry; /* data cannot up to this address */ - u_int32_t *frag_header; /* beginning of curren fragment */ + u_int32_t *frag_header; /* beginning of current fragment */ bool_t frag_sent; /* true if buffer sent in middle of record */ /* * in-coming bits From nobody Wed Jun 21 02:39:33 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qm74j37vZz4gJP2; Wed, 21 Jun 2023 02:39:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qm74j2k2Pz3CfC; Wed, 21 Jun 2023 02:39:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315173; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+oGBg3ZdLmaLv1n9aYoZbdfYfXo3jZEva5IgomWiVGY=; b=jEklJrMbclj1ZasZ3QAiwV6ca7nDwegLJHg2zByG+6LErbvh1mIq7OIx3BDnk8h3eGpjkT xTZw0uh98QNjquPzgIC62BnSORh1gvJ3co/GLx06oHl9rA8Hg9baVncq8sV85LhqazGg8t tmJ1e/CLfdOv1XhjFSLp6FV9l/yMt012qJzoFIAoQlSFCyec0VlsAw7Bq7yROeswXydx3/ CosVcLKxwjCMmFg8JTgsfUbfTsIF5uPCL6QhH6GUjBQ9rIi4JcsblJscL+lEm6V9HjclO7 v8mAXJSrNxmGP7Jv7FpWIcEo3XX7P0EbeN2N/slztxTBNlxZQwf5BvllGG5MPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315173; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+oGBg3ZdLmaLv1n9aYoZbdfYfXo3jZEva5IgomWiVGY=; b=WJH1It5334hA5aY+f4TcZkmzJ34CbkdJIcGOmjbPSqd+cY05PFhDDWMo/Hdw20BY1QbNK4 yT9qKYMTd7Zz2GpHgcsKY0qGNKWtaczP891WImM5S0NFKuTd3YyM8C9YK+epX29l1MLCN/ ZsoU59HHHXaOSuxyPivy+e0n8Tw5KBxEepV/qzI9mW0BBPBWQT8r0f8VEANGsj/ouplwPq ao+AjPL0tfq1j5kgN5TgdNFQmfCjy+8xmMisoQzshDKOE5ZGLtT0oWH/CxhTF+dJDAmcHY qFzVBX1fZ6m+7Gl+I+8amRivHDYPHL45q7oFBhdoKKQrXNHPSoYoWxnkmN34ng== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687315173; a=rsa-sha256; cv=none; b=OBIMGI/3NQc1Yo60LmlrIMgpQA8fbdBa2R9QBa1qCtcnw0loIE6UHMYb7DuJHrA2agCpIV 0yywyiIbOxdYTxSzb1JCXGPvNtz9Uts9pfC4GmMxp7stS/0MAL8jR9XPYnLTliVJtCQ5+Q C1ng2K86yQj5QCMz9y7K6ZaxsWJuVRAzILSQBCgm7M3qR4CsYWhBSA8fQSlruV7UJ3KL0v v0NVosJdLUwxuuRMHIzt+qzvgYyts//sE958R+hczjiCKkfJIcBwI/mRTP+adxNLskllHe Rf3eKJkXTOZxuQkR8TF/IGw6cbK4dVnQXYN0BJg9zeuYGW1CO+gZZh4nNtnD4Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qm74j1NBjzP28; Wed, 21 Jun 2023 02:39:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L2dXT0049279; Wed, 21 Jun 2023 02:39:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L2dXuU049278; Wed, 21 Jun 2023 02:39:33 GMT (envelope-from git) Date: Wed, 21 Jun 2023 02:39:33 GMT Message-Id: <202306210239.35L2dXuU049278@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 92876ef4900b - stable/13 - acl(3): improve discoverability of acl_get_perm_np(3) List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 92876ef4900b0165eb4098db12f2dafa8974e37d Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=92876ef4900b0165eb4098db12f2dafa8974e37d commit 92876ef4900b0165eb4098db12f2dafa8974e37d Author: Kyle Evans AuthorDate: 2023-05-09 03:45:12 +0000 Commit: Kyle Evans CommitDate: 2023-06-20 19:03:48 +0000 acl(3): improve discoverability of acl_get_perm_np(3) - Mention it in acl(3) as an available function, xref - Mention it in acl_get_permset(3), as acl_get_perm_np(3) is a natural follow-up to acl_get_permset(3) Sponsored by: Klara, Inc. (cherry picked from commit 20c61a7c518b9c2f451118913e10a1525ad0b578) --- lib/libc/posix1e/acl.3 | 7 ++++++- lib/libc/posix1e/acl_get_permset.3 | 3 ++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/libc/posix1e/acl.3 b/lib/libc/posix1e/acl.3 index 2c7ebd63ad4e..33b4ad0f7620 100644 --- a/lib/libc/posix1e/acl.3 +++ b/lib/libc/posix1e/acl.3 @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 30, 2014 +.Dd May 8, 2023 .Dt ACL 3 .Os .Sh NAME @@ -158,6 +158,10 @@ and may be used to retrieve an ACL type from an ACL entry. This function is described in .Xr acl_get_flagset_np 3 , and may be used to retrieve a flagset from an ACL entry. +.It Fn acl_get_perm_np +This function is described in +.Xr acl_get_perm_np 3 , +and may be used to check if a permission is set in a permset. .It Fn acl_get_permset This function is described in .Xr acl_get_permset 3 , @@ -257,6 +261,7 @@ library. .Xr acl_get_brand_np 3 , .Xr acl_get_entry_type_np 3 , .Xr acl_get_flagset_np 3 , +.Xr acl_get_perm_np 3 , .Xr acl_get_permset 3 , .Xr acl_get_qualifier 3 , .Xr acl_get_tag_type 3 , diff --git a/lib/libc/posix1e/acl_get_permset.3 b/lib/libc/posix1e/acl_get_permset.3 index 064f71ce45bc..5971583b28fc 100644 --- a/lib/libc/posix1e/acl_get_permset.3 +++ b/lib/libc/posix1e/acl_get_permset.3 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 10, 2001 +.Dd May 8, 2023 .Dt ACL_GET_PERMSET 3 .Os .Sh NAME @@ -65,6 +65,7 @@ is not a valid descriptor for an ACL entry. .Xr acl_add_perm 3 , .Xr acl_clear_perms 3 , .Xr acl_delete_perm 3 , +.Xr acl_get_perm_np 3 , .Xr acl_set_permset 3 , .Xr posix1e 3 .Sh STANDARDS From nobody Wed Jun 21 02:39:34 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qm74k4QgDz4gJZW; Wed, 21 Jun 2023 02:39:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qm74k3S5Jz3CRJ; Wed, 21 Jun 2023 02:39:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315174; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Axfp+g/Is4Oz4BcBd0dTN3yQhi1dQcNK7D/i6EazLIg=; b=lTmDdTF0rRlnz9ZZEeuF4O268SaUGts/NGQ4rcnpR37mdi9sDkNQ2JNwibeR7bCMsqyOls hzTduLrlA8SqbfZkvsTI1bK8F5cxZvZwLQw7j7p3clieVicNJa2DExIl6kx4IQAr0uZbFf wlJ5+Mp6cXwHPvVdGFPq9PD40wZCpEL2mJgQzjQb8EBWd5CoojHfImXxGGypZg/suoZBzx CYhoCdVRbOI+4a//jYysU2vFZ/P4dipqDFpVt2mpVq2kq5n4cZnw4Ekm7aKds5jcJj2ueC sfWcMKIXZldHcnCjeBtlr4+kaAC7BlEpi0304Kndhgu5jWeGcMKVOHRMCXPTbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315174; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Axfp+g/Is4Oz4BcBd0dTN3yQhi1dQcNK7D/i6EazLIg=; b=j3W46eYerjr55Htn+Du6Z980rFUxfsqRwFw1RVwjW0rIkf0xeCfvZoeHSNuSmO05Ziz+b+ ECjO+YgfdYjixq4hBS/wD25lr9l8yuZb6ldJBwen9P3G2w/pBg3za38AvnZG5lN9JSeRaC V053WvhggPxkjyY+qXNEm9zgITD3+k1boPXCHc6lM9BbW2y3355TpImpUZ4KGsQGPpokM2 T9WulSyaXurpLv00s59GI7O4fZk/VuiZT6TiPSQ+oCTfIjFP325oxIbBcWgNFry6tjLlTe KQ4U1Pw0iFIB9/aewDtxpTFESxnMSj8jCd3Eo3pTX5N8QaH6JTxtSgjanC67uA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687315174; a=rsa-sha256; cv=none; b=GyfBLujPsmYB7v5TxsFlWS3c1+fAddpUjsEwWZdgMjvMppDWJ6DtZKy8k/dNgYXDkQgi/n 4UMlVpUGEEu5ZEXK/D41rA8+87gYY4MyQ5Ri1rC1pVzV2lnDo9qFUYIzHqnDgrl+ls7wHH /haVBXBrCRnwILowg2Yq8y+KVReCr9n5vu/l5yJz0SPbB2HcOpDR5Z4yhnEDXDN/gyt/Ei hBDqTcqG4AvcyuwuyMNWgAR1Dgbabt/VZFCpWtUwd90irB1c2gJQg6B+ZMLBzbPFzokwXV QdyGISfrdw/gTZ6n17qr0wYn/+GQprGNpO+97KpGu4gBcEsI82MbktahavZM8Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qm74k1v4KzPbn; Wed, 21 Jun 2023 02:39:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L2dYYH049298; Wed, 21 Jun 2023 02:39:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L2dYmi049297; Wed, 21 Jun 2023 02:39:34 GMT (envelope-from git) Date: Wed, 21 Jun 2023 02:39:34 GMT Message-Id: <202306210239.35L2dYmi049297@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 72cf63a259b5 - stable/13 - arm64: gicv3: setup PPIs on all APs after they're online List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 72cf63a259b5038560bd039b9ec3bcb11e0b3d5d Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=72cf63a259b5038560bd039b9ec3bcb11e0b3d5d commit 72cf63a259b5038560bd039b9ec3bcb11e0b3d5d Author: Kyle Evans AuthorDate: 2023-05-15 17:21:45 +0000 Commit: Kyle Evans CommitDate: 2023-06-20 20:11:43 +0000 arm64: gicv3: setup PPIs on all APs after they're online For all PPIs setup earlier than SI_SUB_SMP, PIC_INIT_SECONDARY ends up cleaning these up for each AP as it comes online. Once they're online, we don't currently do anything to make sure they're configured for other APs. Fix it by using smp_rendezvous for the meaty bits of configuring a PPI, which will just do single-thread behavior before APs are online but do the right thing for other CPUs after. While we're here, make sure redistributor config is correct for other APs as they come online in gic_v3_init_secondary. Reported/Tested by: Souradeep Chakrabarti (Microsoft/Hyper-V) Reviewed by: andrew (before slight refactor) (cherry picked from commit 172af24449cd8d34339172d125832b7ecd274213) --- sys/arm64/arm64/gic_v3.c | 157 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 109 insertions(+), 48 deletions(-) diff --git a/sys/arm64/arm64/gic_v3.c b/sys/arm64/arm64/gic_v3.c index 9a65bdd9d585..653fd6e8d748 100644 --- a/sys/arm64/arm64/gic_v3.c +++ b/sys/arm64/arm64/gic_v3.c @@ -712,15 +712,66 @@ gic_v3_map_intr(device_t dev, struct intr_map_data *data, return (error); } +struct gic_v3_setup_periph_args { + device_t dev; + struct intr_irqsrc *isrc; +}; + +static void +gic_v3_setup_intr_periph(void *argp) +{ + struct gic_v3_setup_periph_args *args = argp; + struct intr_irqsrc *isrc = args->isrc; + struct gic_v3_irqsrc *gi = (struct gic_v3_irqsrc *)isrc; + device_t dev = args->dev; + u_int irq = gi->gi_irq; + struct gic_v3_softc *sc = device_get_softc(dev); + uint32_t reg; + + MPASS(irq <= GIC_LAST_SPI); + + /* + * We need the lock for both SGIs and PPIs for an atomic CPU_SET() at a + * minimum, but we also need it below for SPIs. + */ + mtx_lock_spin(&sc->gic_mtx); + + if (isrc->isrc_flags & INTR_ISRCF_PPI) + CPU_SET(PCPU_GET(cpuid), &isrc->isrc_cpu); + + if (irq >= GIC_FIRST_PPI && irq <= GIC_LAST_SPI) { + /* Set the trigger and polarity */ + if (irq <= GIC_LAST_PPI) + reg = gic_r_read(sc, 4, + GICR_SGI_BASE_SIZE + GICD_ICFGR(irq)); + else + reg = gic_d_read(sc, 4, GICD_ICFGR(irq)); + if (gi->gi_trig == INTR_TRIGGER_LEVEL) + reg &= ~(2 << ((irq % 16) * 2)); + else + reg |= 2 << ((irq % 16) * 2); + + if (irq <= GIC_LAST_PPI) { + gic_r_write(sc, 4, + GICR_SGI_BASE_SIZE + GICD_ICFGR(irq), reg); + gic_v3_wait_for_rwp(sc, REDIST); + } else { + gic_d_write(sc, 4, GICD_ICFGR(irq), reg); + gic_v3_wait_for_rwp(sc, DIST); + } + } + + mtx_unlock_spin(&sc->gic_mtx); +} + static int gic_v3_setup_intr(device_t dev, struct intr_irqsrc *isrc, struct resource *res, struct intr_map_data *data) { - struct gic_v3_softc *sc = device_get_softc(dev); struct gic_v3_irqsrc *gi = (struct gic_v3_irqsrc *)isrc; + struct gic_v3_setup_periph_args pargs; enum intr_trigger trig; enum intr_polarity pol; - uint32_t reg; u_int irq; int error; @@ -749,41 +800,18 @@ gic_v3_setup_intr(device_t dev, struct intr_irqsrc *isrc, gi->gi_trig = trig; } - /* - * XXX - In case that per CPU interrupt is going to be enabled in time - * when SMP is already started, we need some IPI call which - * enables it on others CPUs. Further, it's more complicated as - * pic_enable_source() and pic_disable_source() should act on - * per CPU basis only. Thus, it should be solved here somehow. - */ - if (isrc->isrc_flags & INTR_ISRCF_PPI) - CPU_SET(PCPU_GET(cpuid), &isrc->isrc_cpu); - - if (irq >= GIC_FIRST_PPI && irq <= GIC_LAST_SPI) { - mtx_lock_spin(&sc->gic_mtx); - - /* Set the trigger and polarity */ - if (irq <= GIC_LAST_PPI) - reg = gic_r_read(sc, 4, - GICR_SGI_BASE_SIZE + GICD_ICFGR(irq)); - else - reg = gic_d_read(sc, 4, GICD_ICFGR(irq)); - if (trig == INTR_TRIGGER_LEVEL) - reg &= ~(2 << ((irq % 16) * 2)); - else - reg |= 2 << ((irq % 16) * 2); - - if (irq <= GIC_LAST_PPI) { - gic_r_write(sc, 4, - GICR_SGI_BASE_SIZE + GICD_ICFGR(irq), reg); - gic_v3_wait_for_rwp(sc, REDIST); - } else { - gic_d_write(sc, 4, GICD_ICFGR(irq), reg); - gic_v3_wait_for_rwp(sc, DIST); - } - - mtx_unlock_spin(&sc->gic_mtx); + pargs.dev = dev; + pargs.isrc = isrc; + if (isrc->isrc_flags & INTR_ISRCF_PPI) { + /* + * If APs haven't been fired up yet, smp_rendezvous() will just + * execute it on the single CPU and gic_v3_init_secondary() will + * clean up afterwards. + */ + smp_rendezvous(NULL, gic_v3_setup_intr_periph, NULL, &pargs); + } else if (irq >= GIC_FIRST_SPI && irq <= GIC_LAST_SPI) { + gic_v3_setup_intr_periph(&pargs); gic_v3_bind_intr(dev, isrc); } @@ -828,23 +856,50 @@ gic_v3_disable_intr(device_t dev, struct intr_irqsrc *isrc) panic("%s: Unsupported IRQ %u", __func__, irq); } +static void +gic_v3_enable_intr_periph(void *argp) +{ + struct gic_v3_setup_periph_args *args = argp; + struct gic_v3_irqsrc *gi = (struct gic_v3_irqsrc *)args->isrc; + device_t dev = args->dev; + struct gic_v3_softc *sc = device_get_softc(dev); + u_int irq = gi->gi_irq; + + /* SGIs and PPIs in corresponding Re-Distributor */ + gic_r_write(sc, 4, GICR_SGI_BASE_SIZE + GICD_ISENABLER(irq), + GICD_I_MASK(irq)); + gic_v3_wait_for_rwp(sc, REDIST); +} + static void gic_v3_enable_intr(device_t dev, struct intr_irqsrc *isrc) { + struct gic_v3_setup_periph_args pargs; struct gic_v3_softc *sc; struct gic_v3_irqsrc *gi; u_int irq; - sc = device_get_softc(dev); gi = (struct gic_v3_irqsrc *)isrc; irq = gi->gi_irq; + pargs.isrc = isrc; + pargs.dev = dev; if (irq <= GIC_LAST_PPI) { - /* SGIs and PPIs in corresponding Re-Distributor */ - gic_r_write(sc, 4, GICR_SGI_BASE_SIZE + GICD_ISENABLER(irq), - GICD_I_MASK(irq)); - gic_v3_wait_for_rwp(sc, REDIST); - } else if (irq >= GIC_FIRST_SPI && irq <= GIC_LAST_SPI) { + /* + * SGIs only need configured on the current AP. We'll setup and + * enable IPIs as APs come online. + */ + if (irq <= GIC_LAST_SGI) + gic_v3_enable_intr_periph(&pargs); + else + smp_rendezvous(NULL, gic_v3_enable_intr_periph, NULL, + &pargs); + return; + } + + sc = device_get_softc(dev); + + if (irq >= GIC_FIRST_SPI && irq <= GIC_LAST_SPI) { /* SPIs in distributor */ gic_d_write(sc, 4, GICD_ISENABLER(irq), GICD_I_MASK(irq)); gic_v3_wait_for_rwp(sc, DIST); @@ -887,8 +942,6 @@ gic_v3_bind_intr(device_t dev, struct intr_irqsrc *isrc) int cpu; gi = (struct gic_v3_irqsrc *)isrc; - if (gi->gi_irq <= GIC_LAST_PPI) - return (EINVAL); KASSERT(gi->gi_irq >= GIC_FIRST_SPI && gi->gi_irq <= GIC_LAST_SPI, ("%s: Attempting to bind an invalid IRQ", __func__)); @@ -916,6 +969,7 @@ gic_v3_bind_intr(device_t dev, struct intr_irqsrc *isrc) static void gic_v3_init_secondary(device_t dev) { + struct gic_v3_setup_periph_args pargs; device_t child; struct gic_v3_softc *sc; gic_v3_initseq_t *init_func; @@ -937,18 +991,25 @@ gic_v3_init_secondary(device_t dev) } } + pargs.dev = dev; + /* Unmask attached SGI interrupts. */ for (irq = GIC_FIRST_SGI; irq <= GIC_LAST_SGI; irq++) { isrc = GIC_INTR_ISRC(sc, irq); - if (intr_isrc_init_on_cpu(isrc, cpu)) - gic_v3_enable_intr(dev, isrc); + if (intr_isrc_init_on_cpu(isrc, cpu)) { + pargs.isrc = isrc; + gic_v3_enable_intr_periph(&pargs); + } } /* Unmask attached PPI interrupts. */ for (irq = GIC_FIRST_PPI; irq <= GIC_LAST_PPI; irq++) { isrc = GIC_INTR_ISRC(sc, irq); - if (intr_isrc_init_on_cpu(isrc, cpu)) - gic_v3_enable_intr(dev, isrc); + if (intr_isrc_init_on_cpu(isrc, cpu)) { + pargs.isrc = isrc; + gic_v3_setup_intr_periph(&pargs); + gic_v3_enable_intr_periph(&pargs); + } } for (i = 0; i < sc->gic_nchildren; i++) { From nobody Wed Jun 21 02:39:35 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qm74l441Yz4gJXG; Wed, 21 Jun 2023 02:39:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qm74l3QNNz3CZP; Wed, 21 Jun 2023 02:39:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315175; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9rYNgBOzZABSc7Vv5AC4C/vDkI8XdQQpEA1pXMfzoUM=; b=Rn4FQQetFNOB7fJhLo3xR3hmRFmpBfvY7Uaafui+9bdl4Qqbk67XAvBbwa8UvWN9NWl8zs 6g3XH/r1Nkcx6t0NQnsdbIWPqpHk4jwLaQgAT8zhbVEyuk31n8e4tRpwVVNm3Ta5Q7Bq0O 3+Wsl3bH7kTIKgjrsfhTnWolFDRZWracyE670dYw6LfBYjdJVlH+lO8yR7G5yjQaBoUrf8 ezyt5HeT9xAA81Kvs7yCYAaItAYeINOzAmwKQp8D6ctQ7nMbemoJj3ADJSlW8tk2SOq1tW 0nMk0gCyl8kOhb23WllM2DWqC4qUu89VdwaWQ7oyBeiAszugjZxlGmft5US2ZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315175; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9rYNgBOzZABSc7Vv5AC4C/vDkI8XdQQpEA1pXMfzoUM=; b=evAquVZylJApVs9tkX2i+FLf8+3122tNFtYkwydcgUIzIg/cKl8YXVWzNkIxREeq97eRx8 XDyviAZqUuiEd+FI2z0jbQblyClYpok8cTCIwZIwrqHiZo8uDVZJBSvKgQtVw2aHSdCY4u 9aIl0N145QHy1sZdl7p25SnoipAC3d335AwtpDI4OEoveKsFfQs4InBKIMZ0x9b8H++FbP n+bf+2KF6PMdmOOt1MHDjzSRnNWhDbd5burJYXGJxFftwczODWrS7L62MqjX8yy7VJ7MXI o4VpJBk6kIzXnsyveoPQhXSJTCzbnFxa/KMUFGJxFwbNiufQVryPg/Z7WE4Brw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687315175; a=rsa-sha256; cv=none; b=c77jUnmc/LBHrwzGXrf54ITMgG0wiy8J+jL6fYvzKPScg5L66RTGuob82QQIHBTRMmmAKV HFVHFreNon2J1cIC7890g3yl2dTvlSSQOJS+lU9A0j+bffYEqFZtwDtSP8Qv+XKapKplwx ku/h5JuWKf9o1ADPqcwnFmf+UeVknLZT+laADw/R9AMA+xGci97aS/n2uHN21KwHXmkDW9 0d3EBQ4NrPlFXRo8+errdWrN267varNcKUTzhOUQl5WlxKTG1XliR3/ANYzHW0wZFs+35q cl/7yymjI9fQLgRyceCnbhI64XiicwsF9VuZs1/Xg4qGDJhw8JnFK8dU2et+aA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qm74l2WKCzPS6; Wed, 21 Jun 2023 02:39:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L2dZel049325; Wed, 21 Jun 2023 02:39:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L2dZwK049323; Wed, 21 Jun 2023 02:39:35 GMT (envelope-from git) Date: Wed, 21 Jun 2023 02:39:35 GMT Message-Id: <202306210239.35L2dZwK049323@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: a977fb7c841a - stable/13 - libc: locale: fix collation file size validation List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: a977fb7c841a4e4b87ab8c94d48d0e342aa47014 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=a977fb7c841a4e4b87ab8c94d48d0e342aa47014 commit a977fb7c841a4e4b87ab8c94d48d0e342aa47014 Author: Kyle Evans AuthorDate: 2023-05-28 17:52:51 +0000 Commit: Kyle Evans CommitDate: 2023-06-20 20:11:48 +0000 libc: locale: fix collation file size validation At a minimum, we need enough for the colllation format version string + locale definition version string and a full collate_info definition, rather than just the first two and a pointer. Sponsored by: Klara, Inc. (cherry picked from commit e15da6b10a4971f43aa604fca3ea43effa096f4c) --- lib/libc/locale/collate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/locale/collate.c b/lib/libc/locale/collate.c index 2f0e2003aa45..c3b66e1f0534 100644 --- a/lib/libc/locale/collate.c +++ b/lib/libc/locale/collate.c @@ -148,7 +148,7 @@ __collate_load_tables_l(const char *encoding, struct xlocale_collate *table) } if (sbuf.st_size < (COLLATE_FMT_VERSION_LEN + XLOCALE_DEF_VERSION_LEN + - sizeof (info))) { + sizeof (*info))) { (void) _close(fd); errno = EINVAL; return (_LDP_ERROR); From nobody Wed Jun 21 02:39:36 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qm74m4MF4z4gJLQ; Wed, 21 Jun 2023 02:39:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qm74m413xz3Cjv; Wed, 21 Jun 2023 02:39:36 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315176; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b0Gr9oy7VRHxXz4c7VydpYfcywzKuqOWX7SIlnvul9s=; b=qo9UkHqMVAuJqBU4Tg9ns+EZOX7Ngxu3PFuwdNSk3n17IOdEhIzmG0b535cJ7jsEwlTsSr PIluafglXcQ1BUSxJXsAdWMv1hxlAyqWdJxFGNsC+R5ta6NTIl+EGOWpOBZ/KeIHaZXT7W ia+QdVoJsqaAZ6lWZpSmMQzolfttAzH1AOaW8MN0ljHo5SBPJBDtsvLtYru9xpzV7X5X18 Dt8JxVbBINY5RCROWn7tPFjR+ttwhaDpqfuZRdky/e2jsLLRz5KESHiFLWDDCN0aylH8CI Gfy0edpv9hZamNHbtDhwMYetISjz1QA1g6hvGGxEdeAk5QchbBElzFdgeqXg0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687315176; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b0Gr9oy7VRHxXz4c7VydpYfcywzKuqOWX7SIlnvul9s=; b=YR1a6EhSeBSaATazHv9GuLQGZFKhQHBMSZ+5D2sjgiRgaLFCPM1RW2Mz7MLlOvqfIgBvjW kPuePF0qZQCI2apOY92CBydVataimYzz2ojNEsyDoioFTdaVyyf3OfaPQBjlihCjkF8m+W S54DgP+StcpxqY4unHGkvcb94g+TF016yNztFloxDyVnD4gQqELzkiGLOcsd8VZ6Dqf1GX t2K2/RDGfy6KX6ULi7qJh38V4vLQw5RrK63nBlVdyt9ji+iE6kk8lGTBz6arBVlCmIepVU s0XeE4c4mVecKoFIOlRDe07TxAHfdVBqhcYtmVUJoAMHT+JkuzeCL0WPkZpc7g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687315176; a=rsa-sha256; cv=none; b=iJD+5UjZ6hTusIyymB0Ita9q+t5TSilqYe/Q/CiD8sU3YnhnmsF2iafLKfm6Dy7O9MlHXP lBhRV5nJwDU3OMGGTCBNTbOsy/LTsM7Wcrflly7Bs2fS+G3aG4i4i7eRT/9DBTA8sBUuVL c3H5dvTq3uLymtJ6dPeGtkSTXlrLN1pnYf7O6+J11gIZ0dSCLd/uK+4naEG3D0usqmc6T8 js3oZE+YaFz8dfz861PDRNePdQTN3VGK0+5X4Pck9TR35XqA/0vptmR4QLrwB7edlMhmAw ODF4oZpOLiWIcPUNrvOVBVJ9YezCNrS5bswWSiUUthhoM5qs6p1O0yrP2dH6qQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qm74m35WHzPdg; Wed, 21 Jun 2023 02:39:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L2daL3049346; Wed, 21 Jun 2023 02:39:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L2da1M049345; Wed, 21 Jun 2023 02:39:36 GMT (envelope-from git) Date: Wed, 21 Jun 2023 02:39:36 GMT Message-Id: <202306210239.35L2da1M049345@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 4bbfb6c48b00 - stable/13 - caroot: update the root bundle List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 4bbfb6c48b002ef16504eb0e1a4cc2454d5ac307 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=4bbfb6c48b002ef16504eb0e1a4cc2454d5ac307 commit 4bbfb6c48b002ef16504eb0e1a4cc2454d5ac307 Author: Kyle Evans AuthorDate: 2023-06-15 04:26:23 +0000 Commit: Kyle Evans CommitDate: 2023-06-20 20:11:49 +0000 caroot: update the root bundle Summary: - Zero (0) newly trusted - Five (5) modified - Nine (9) distrusted (cherry picked from commit f5e5dcdbeb699bda5a43c5600b522108cc612ac8) --- ObsoleteFiles.inc | 11 ++ .../Cybertrust_Global_Root.pem | 0 .../{trusted => blacklisted}/DST_Root_CA_X3.pem | 0 .../GlobalSign_Root_CA_-_R2.pem | 0 ...demic_and_Research_Institutions_RootCA_2011.pem | 0 .../Network_Solutions_Certificate_Authority.pem | 0 .../Staat_der_Nederlanden_EV_Root_CA.pem | 0 .../{trusted => blacklisted}/TrustCor_ECA-1.pem | 0 .../TrustCor_RootCert_CA-1.pem | 0 .../TrustCor_RootCert_CA-2.pem | 0 secure/caroot/trusted/GTS_Root_R1.pem | 122 ++++++++++----------- secure/caroot/trusted/GTS_Root_R2.pem | 122 ++++++++++----------- secure/caroot/trusted/GTS_Root_R3.pem | 40 +++---- secure/caroot/trusted/GTS_Root_R4.pem | 40 +++---- .../caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem | 35 +++--- 15 files changed, 190 insertions(+), 180 deletions(-) diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index 115ddff93fe9..185349f3ec74 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -52,6 +52,17 @@ # xargs -n1 | sort | uniq -d; # done +# 20230614: caroot bundle updated +OLD_FILES+=usr/share/certs/trusted/Cybertrust_Global_Root.pem +OLD_FILES+=usr/share/certs/trusted/DST_Root_CA_X3.pem +OLD_FILES+=usr/share/certs/trusted/GlobalSign_Root_CA_-_R2.pem +OLD_FILES+=usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem +OLD_FILES+=usr/share/certs/trusted/Network_Solutions_Certificate_Authority.pem +OLD_FILES+=usr/share/certs/trusted/Staat_der_Nederlanden_EV_Root_CA.pem +OLD_FILES+=usr/share/certs/trusted/TrustCor_ECA-1.pem +OLD_FILES+=usr/share/certs/trusted/TrustCor_RootCert_CA-1.pem +OLD_FILES+=usr/share/certs/trusted/TrustCor_RootCert_CA-2.pem + # 20230420: case-sensitive conflicts removed OLD_FILES+=usr/tests/bin/pkill/pgrep-F_test OLD_FILES+=usr/tests/bin/pkill/pgrep-LF_test diff --git a/secure/caroot/trusted/Cybertrust_Global_Root.pem b/secure/caroot/blacklisted/Cybertrust_Global_Root.pem similarity index 100% rename from secure/caroot/trusted/Cybertrust_Global_Root.pem rename to secure/caroot/blacklisted/Cybertrust_Global_Root.pem diff --git a/secure/caroot/trusted/DST_Root_CA_X3.pem b/secure/caroot/blacklisted/DST_Root_CA_X3.pem similarity index 100% rename from secure/caroot/trusted/DST_Root_CA_X3.pem rename to secure/caroot/blacklisted/DST_Root_CA_X3.pem diff --git a/secure/caroot/trusted/GlobalSign_Root_CA_-_R2.pem b/secure/caroot/blacklisted/GlobalSign_Root_CA_-_R2.pem similarity index 100% rename from secure/caroot/trusted/GlobalSign_Root_CA_-_R2.pem rename to secure/caroot/blacklisted/GlobalSign_Root_CA_-_R2.pem diff --git a/secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem b/secure/caroot/blacklisted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem similarity index 100% rename from secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem rename to secure/caroot/blacklisted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem diff --git a/secure/caroot/trusted/Network_Solutions_Certificate_Authority.pem b/secure/caroot/blacklisted/Network_Solutions_Certificate_Authority.pem similarity index 100% rename from secure/caroot/trusted/Network_Solutions_Certificate_Authority.pem rename to secure/caroot/blacklisted/Network_Solutions_Certificate_Authority.pem diff --git a/secure/caroot/trusted/Staat_der_Nederlanden_EV_Root_CA.pem b/secure/caroot/blacklisted/Staat_der_Nederlanden_EV_Root_CA.pem similarity index 100% rename from secure/caroot/trusted/Staat_der_Nederlanden_EV_Root_CA.pem rename to secure/caroot/blacklisted/Staat_der_Nederlanden_EV_Root_CA.pem diff --git a/secure/caroot/trusted/TrustCor_ECA-1.pem b/secure/caroot/blacklisted/TrustCor_ECA-1.pem similarity index 100% rename from secure/caroot/trusted/TrustCor_ECA-1.pem rename to secure/caroot/blacklisted/TrustCor_ECA-1.pem diff --git a/secure/caroot/trusted/TrustCor_RootCert_CA-1.pem b/secure/caroot/blacklisted/TrustCor_RootCert_CA-1.pem similarity index 100% rename from secure/caroot/trusted/TrustCor_RootCert_CA-1.pem rename to secure/caroot/blacklisted/TrustCor_RootCert_CA-1.pem diff --git a/secure/caroot/trusted/TrustCor_RootCert_CA-2.pem b/secure/caroot/blacklisted/TrustCor_RootCert_CA-2.pem similarity index 100% rename from secure/caroot/trusted/TrustCor_RootCert_CA-2.pem rename to secure/caroot/blacklisted/TrustCor_RootCert_CA-2.pem diff --git a/secure/caroot/trusted/GTS_Root_R1.pem b/secure/caroot/trusted/GTS_Root_R1.pem index deb77731627f..4def2f4c2b7f 100644 --- a/secure/caroot/trusted/GTS_Root_R1.pem +++ b/secure/caroot/trusted/GTS_Root_R1.pem @@ -16,7 +16,7 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 6e:47:a9:c5:4b:47:0c:0d:ec:33:d0:89:b9:1c:f4:e1 + 02:03:e5:93:6f:31:b0:13:49:88:6b:a2:17 Signature Algorithm: sha384WithRSAEncryption Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R1 Validity @@ -65,70 +65,70 @@ Certificate: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical - Certificate Sign, CRL Sign + Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E Signature Algorithm: sha384WithRSAEncryption - 38:96:0a:ee:3d:b4:96:1e:5f:ef:9d:9c:0b:33:9f:2b:e0:ca: - fd:d2:8e:0a:1f:41:74:a5:7c:aa:84:d4:e5:f2:1e:e6:37:52: - 32:9c:0b:d1:61:1d:bf:28:c1:b6:44:29:35:75:77:98:b2:7c: - d9:bd:74:ac:8a:68:e3:a9:31:09:29:01:60:73:e3:47:7c:53: - a8:90:4a:27:ef:4b:d7:9f:93:e7:82:36:ce:9a:68:0c:82:e7: - cf:d4:10:16:6f:5f:0e:99:5c:f6:1f:71:7d:ef:ef:7b:2f:7e: - ea:36:d6:97:70:0b:15:ee:d7:5c:56:6a:33:a5:e3:49:38:0c: - b8:7d:fb:8d:85:a4:b1:59:5e:f4:6a:e1:dd:a1:f6:64:44:ae: - e6:51:83:21:66:c6:11:3e:f3:ce:47:ee:9c:28:1f:25:da:ff: - ac:66:95:dd:35:0f:5c:ef:20:2c:62:fd:91:ba:a9:cc:fc:5a: - 9c:93:81:83:29:97:4a:7c:5a:72:b4:39:d0:b7:77:cb:79:fd: - 69:3a:92:37:ed:6e:38:65:46:7e:e9:60:bd:79:88:97:5f:38: - 12:f4:ee:af:5b:82:c8:86:d5:e1:99:6d:8c:04:f2:76:ba:49: - f6:6e:e9:6d:1e:5f:a0:ef:27:82:76:40:f8:a6:d3:58:5c:0f: - 2c:42:da:42:c6:7b:88:34:c7:c1:d8:45:9b:c1:3e:c5:61:1d: - d9:63:50:49:f6:34:85:6a:e0:18:c5:6e:47:ab:41:42:29:9b: - f6:60:0d:d2:31:d3:63:98:23:93:5a:00:81:48:b4:ef:cd:8a: - cd:c9:cf:99:ee:d9:9e:aa:36:e1:68:4b:71:49:14:36:28:3a: - 3d:1d:ce:9a:8f:25:e6:80:71:61:2b:b5:7b:cc:f9:25:16:81: - e1:31:5f:a1:a3:7e:16:a4:9c:16:6a:97:18:bd:76:72:a5:0b: - 9e:1d:36:e6:2f:a1:2f:be:70:91:0f:a8:e6:da:f8:c4:92:40: - 6c:25:7e:7b:b3:09:dc:b2:17:ad:80:44:f0:68:a5:8f:94:75: - ff:74:5a:e8:a8:02:7c:0c:09:e2:a9:4b:0b:a0:85:0b:62:b9: - ef:a1:31:92:fb:ef:f6:51:04:89:6c:e8:a9:74:a1:bb:17:b3: - b5:fd:49:0f:7c:3c:ec:83:18:20:43:4e:d5:93:ba:b4:34:b1: - 1f:16:36:1f:0c:e6:64:39:16:4c:dc:e0:fe:1d:c8:a9:62:3d: - 40:ea:ca:c5:34:02:b4:ae:89:88:33:35:dc:2c:13:73:d8:27: - f1:d0:72:ee:75:3b:22:de:98:68:66:5b:f1:c6:63:47:55:1c: - ba:a5:08:51:75:a6:48:25 -SHA1 Fingerprint=E1:C9:50:E6:EF:22:F8:4C:56:45:72:8B:92:20:60:D7:D5:A7:A3:E8 + 9f:aa:42:26:db:0b:9b:be:ff:1e:96:92:2e:3e:a2:65:4a:6a: + 98:ba:22:cb:7d:c1:3a:d8:82:0a:06:c6:f6:a5:de:c0:4e:87: + 66:79:a1:f9:a6:58:9c:aa:f9:b5:e6:60:e7:e0:e8:b1:1e:42: + 41:33:0b:37:3d:ce:89:70:15:ca:b5:24:a8:cf:6b:b5:d2:40: + 21:98:cf:22:34:cf:3b:c5:22:84:e0:c5:0e:8a:7c:5d:88:e4: + 35:24:ce:9b:3e:1a:54:1e:6e:db:b2:87:a7:fc:f3:fa:81:55: + 14:62:0a:59:a9:22:05:31:3e:82:d6:ee:db:57:34:bc:33:95: + d3:17:1b:e8:27:a2:8b:7b:4e:26:1a:7a:5a:64:b6:d1:ac:37: + f1:fd:a0:f3:38:ec:72:f0:11:75:9d:cb:34:52:8d:e6:76:6b: + 17:c6:df:86:ab:27:8e:49:2b:75:66:81:10:21:a6:ea:3e:f4: + ae:25:ff:7c:15:de:ce:8c:25:3f:ca:62:70:0a:f7:2f:09:66: + 07:c8:3f:1c:fc:f0:db:45:30:df:62:88:c1:b5:0f:9d:c3:9f: + 4a:de:59:59:47:c5:87:22:36:e6:82:a7:ed:0a:b9:e2:07:a0: + 8d:7b:7a:4a:3c:71:d2:e2:03:a1:1f:32:07:dd:1b:e4:42:ce: + 0c:00:45:61:80:b5:0b:20:59:29:78:bd:f9:55:cb:63:c5:3c: + 4c:f4:b6:ff:db:6a:5f:31:6b:99:9e:2c:c1:6b:50:a4:d7:e6: + 18:14:bd:85:3f:67:ab:46:9f:a0:ff:42:a7:3a:7f:5c:cb:5d: + b0:70:1d:2b:34:f5:d4:76:09:0c:eb:78:4c:59:05:f3:33:42: + c3:61:15:10:1b:77:4d:ce:22:8c:d4:85:f2:45:7d:b7:53:ea: + ef:40:5a:94:0a:5c:20:5f:4e:40:5d:62:22:76:df:ff:ce:61: + bd:8c:23:78:d2:37:02:e0:8e:de:d1:11:37:89:f6:bf:ed:49: + 07:62:ae:92:ec:40:1a:af:14:09:d9:d0:4e:b2:a2:f7:be:ee: + ee:d8:ff:dc:1a:2d:de:b8:36:71:e2:fc:79:b7:94:25:d1:48: + 73:5b:a1:35:e7:b3:99:67:75:c1:19:3a:2b:47:4e:d3:42:8e: + fd:31:c8:16:66:da:d2:0c:3c:db:b3:8e:c9:a1:0d:80:0f:7b: + 16:77:14:bf:ff:db:09:94:b2:93:bc:20:58:15:e9:db:71:43: + f3:de:10:c3:00:dc:a8:2a:95:b6:c2:d6:3f:90:6b:76:db:6c: + fe:8c:bc:f2:70:35:0c:dc:99:19:35:dc:d7:c8:46:63:d5:36: + 71:ae:57:fb:b7:82:6d:dc +SHA1 Fingerprint=E5:8C:1C:C4:91:3B:38:63:4B:E9:10:6E:E3:AD:8E:6B:9D:D9:81:4A -----BEGIN CERTIFICATE----- -MIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH -MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM -QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy -MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl -cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM -f/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX -mX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7 -zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P -fyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc -vfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4 -Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp -zBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO -Rc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW -k70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+ -DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF -lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW -Cu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1 -d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z -XPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR -gyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3 -d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv -J4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg -DdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM -+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy -F62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9 -SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws -E3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl +MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo +27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w +Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw +TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl +qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH +szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8 +Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk +MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92 +wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p +aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN +VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID +AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb +C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe +QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy +h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4 +7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J +ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef +MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/ +Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT +6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ +0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm +2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb +bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c -----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GTS_Root_R2.pem b/secure/caroot/trusted/GTS_Root_R2.pem index 8660b40deb91..4bc8cff4c812 100644 --- a/secure/caroot/trusted/GTS_Root_R2.pem +++ b/secure/caroot/trusted/GTS_Root_R2.pem @@ -16,7 +16,7 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 6e:47:a9:c6:5a:b3:e7:20:c5:30:9a:3f:68:52:f2:6f + 02:03:e5:ae:c5:8d:04:25:1a:ab:11:25:aa Signature Algorithm: sha384WithRSAEncryption Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R2 Validity @@ -65,70 +65,70 @@ Certificate: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical - Certificate Sign, CRL Sign + Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BB:FF:CA:8E:23:9F:4F:99:CA:DB:E2:68:A6:A5:15:27:17:1E:D9:0E Signature Algorithm: sha384WithRSAEncryption - b6:69:f0:a6:77:fe:9e:ee:0b:81:ad:e1:c0:a9:c7:f9:35:1d: - 40:82:ab:e6:04:b4:df:cb:f7:1d:0f:83:f0:7e:13:4d:8d:8c: - ee:e3:33:22:c3:39:fc:40:df:6e:41:4b:42:53:be:16:88:f1: - d2:38:5e:c4:68:99:1c:98:52:93:8c:e7:68:ed:1b:6a:73:7a: - 05:40:4d:7f:65:3b:d6:58:f1:ce:83:47:60:e3:ff:97:a9:9c: - 60:77:18:55:b5:7e:08:93:cf:d0:f6:3c:67:03:15:61:09:f9: - 81:79:f5:ec:53:a4:9f:c9:8f:01:8b:73:c4:77:76:dc:83:a2: - f5:0c:49:1a:a8:76:de:92:9b:64:f8:b3:2c:c5:27:d3:07:c0: - 08:80:a4:98:92:e3:01:96:02:aa:02:ee:8f:3b:c5:d1:6d:0a: - 33:30:73:78:b9:4f:54:16:bf:0b:07:a1:a4:5c:e6:cb:c9:5c: - 84:8f:0f:e0:15:77:2c:7e:26:7e:da:c4:4b:db:a7:16:77:07: - b0:cd:75:e8:72:42:d6:95:84:9d:86:83:f2:e4:90:cd:09:47: - d4:8b:03:70:da:5a:c6:03:42:f4:ed:37:a2:f0:1b:50:54:4b: - 0e:d8:84:de:19:28:99:81:47:ae:09:1b:3f:48:d1:c3:6f:e2: - b0:60:17:f5:ee:23:02:a5:da:00:5b:6d:90:ab:ee:a2:e9:1b: - 3b:e9:c7:44:27:45:8e:6b:9f:f5:a4:84:bc:77:f9:6b:97:ac: - 3e:51:45:a2:11:a6:cc:85:ee:0a:68:f2:3e:50:38:7a:24:62: - 1e:17:20:37:6d:6a:4d:b7:09:9b:c9:fc:a4:58:f5:b6:fb:9c: - 4e:18:bb:95:02:e7:a1:ad:9b:07:ee:36:6b:24:d2:39:86:c1: - 93:83:50:d2:81:46:a8:5f:62:57:2c:bb:6c:64:88:08:6e:ef: - 13:54:5f:dd:2d:c4:67:63:d3:cf:89:37:bf:9d:20:f4:fb:7a: - 83:9b:a0:1e:81:00:50:c2:e4:0c:22:59:52:10:ed:43:56:87: - 00:f8:14:52:a7:1d:8b:93:8c:a2:4d:46:7f:27:c6:71:9b:24: - de:e4:da:86:8b:0d:7e:6b:20:c1:c0:9e:e1:65:d8:6a:a3:a6: - e8:85:8b:3a:07:08:1c:ba:f5:8f:55:9a:18:75:7e:e5:ec:81: - 66:d1:21:73:a1:35:44:0b:80:3d:5b:9c:5e:6f:2a:17:96:d1: - 83:23:88:66:6d:e6:86:e2:70:32:2f:52:22:e7:c8:e7:7f:c4: - 2c:60:5d:2f:c3:af:9e:45:05:c3:84:02:b7:fd:2c:08:52:4f: - 82:dd:a3:f0:d4:86:09:02 -SHA1 Fingerprint=D2:73:96:2A:2A:5E:39:9F:73:3F:E1:C7:1E:64:3F:03:38:34:FC:4D + 1f:ca:ce:dd:c7:be:a1:9f:d9:27:4c:0b:dc:17:98:11:6a:88: + de:3d:e6:71:56:72:b2:9e:1a:4e:9c:d5:2b:98:24:5d:9b:6b: + 7b:b0:33:82:09:bd:df:25:46:ea:98:9e:b6:1b:fe:83:3c:d2: + 62:61:c1:04:ed:ce:e0:c5:c9:c8:13:13:55:e7:a8:63:ad:8c: + 7b:01:fe:77:30:e1:ce:68:9b:05:f8:12:ee:79:31:a0:41:45: + 35:28:0a:71:a4:24:4f:8c:dc:3c:82:07:5f:66:dc:7d:10:fe: + 0c:61:b3:05:95:ee:e1:ae:81:0f:a8:f8:c7:8f:4d:a8:23:02: + 26:6b:1d:83:52:55:ce:b5:2f:00:ca:80:40:e0:e1:74:ac:60: + f5:87:80:9d:ae:36:64:91:5d:b0:68:18:ea:8a:61:c9:77:a8: + 97:c4:c9:c7:a5:fc:55:4b:f3:f0:7f:b9:65:3d:27:68:d0:cc: + 6b:fa:53:9d:e1:91:1a:c9:5d:1a:96:6d:32:87:ed:03:20:c8: + 02:ce:5a:be:d9:ea:fd:b2:4d:c4:2f:1b:df:5f:7a:f5:f8:8b: + c6:ee:31:3a:25:51:55:67:8d:64:32:7b:e9:9e:c3:82:ba:2a: + 2d:e9:1e:b4:e0:48:06:a2:fc:67:af:1f:22:02:73:fb:20:0a: + af:9d:54:4b:a1:cd:ff:60:47:b0:3f:5d:ef:1b:56:bd:97:21: + 96:2d:0a:d1:5e:9d:38:02:47:6c:b9:f4:f6:23:25:b8:a0:6a: + 9a:2b:77:08:fa:c4:b1:28:90:26:58:08:3c:e2:7e:aa:d7:3d: + 6f:ba:31:88:0a:05:eb:27:b5:a1:49:ee:a0:45:54:7b:e6:27: + 65:99:20:21:a8:a3:bc:fb:18:96:bb:52:6f:0c:ed:83:51:4c: + e9:59:e2:20:60:c5:c2:65:92:82:8c:f3:10:1f:0e:8a:97:be: + 77:82:6d:3f:8f:1d:5d:bc:49:27:bd:cc:4f:0f:e1:ce:76:86: + 04:23:c5:c0:8c:12:5b:fd:db:84:a0:24:f1:48:ff:64:7c:d0: + be:5c:16:d1:ef:99:ad:c0:1f:fb:cb:ae:bc:38:22:06:26:64: + da:da:97:0e:3f:28:15:44:a8:4f:00:ca:f0:9a:cc:cf:74:6a: + b4:3e:3c:eb:95:ec:b5:d3:5a:d8:81:99:e9:43:18:37:eb:b3: + bb:d1:58:62:41:f3:66:d2:8f:aa:78:95:54:20:c3:5a:2e:74: + 2b:d5:d1:be:18:69:c0:ac:d5:a4:cf:39:ba:51:84:03:65:e9: + 62:c0:62:fe:d8:4d:55:96:e2:d0:11:fa:48:34:11:ec:9e:ed: + 05:1d:e4:c8:d6:1d:86:cb +SHA1 Fingerprint=9A:44:49:76:32:DB:DE:FA:D0:BC:FB:5A:7B:17:BD:9E:56:09:24:94 -----BEGIN CERTIFICATE----- -MIIFWjCCA0KgAwIBAgIQbkepxlqz5yDFMJo/aFLybzANBgkqhkiG9w0BAQwFADBH -MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM -QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy -MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl -cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3Lv -CvptnfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3Kg -GjSY6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9Bu -XvAuMC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOd -re7kRXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXu -PuWgf9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1 -mKPV+3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K -8YzodDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqj -x5RWIr9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsR -nTKaG73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0 -kzCqgc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9Ok -twIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBALZp -8KZ3/p7uC4Gt4cCpx/k1HUCCq+YEtN/L9x0Pg/B+E02NjO7jMyLDOfxA325BS0JT -vhaI8dI4XsRomRyYUpOM52jtG2pzegVATX9lO9ZY8c6DR2Dj/5epnGB3GFW1fgiT -z9D2PGcDFWEJ+YF59exTpJ/JjwGLc8R3dtyDovUMSRqodt6Sm2T4syzFJ9MHwAiA -pJiS4wGWAqoC7o87xdFtCjMwc3i5T1QWvwsHoaRc5svJXISPD+AVdyx+Jn7axEvb -pxZ3B7DNdehyQtaVhJ2Gg/LkkM0JR9SLA3DaWsYDQvTtN6LwG1BUSw7YhN4ZKJmB -R64JGz9I0cNv4rBgF/XuIwKl2gBbbZCr7qLpGzvpx0QnRY5rn/WkhLx3+WuXrD5R -RaIRpsyF7gpo8j5QOHokYh4XIDdtak23CZvJ/KRY9bb7nE4Yu5UC56GtmwfuNmsk -0jmGwZODUNKBRqhfYlcsu2xkiAhu7xNUX90txGdj08+JN7+dIPT7eoOboB6BAFDC -5AwiWVIQ7UNWhwD4FFKnHYuTjKJNRn8nxnGbJN7k2oaLDX5rIMHAnuFl2GqjpuiF -izoHCBy69Y9Vmhh1fuXsgWbRIXOhNUQLgD1bnF5vKheW0YMjiGZt5obicDIvUiLn -yOd/xCxgXS/Dr55FBcOEArf9LAhST4Ldo/DUhgkC +MIIFVzCCAz+gAwIBAgINAgPlrsWNBCUaqxElqjANBgkqhkiG9w0BAQwFADBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3LvCvpt +nfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3KgGjSY +6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9BuXvAu +MC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOdre7k +RXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXuPuWg +f9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1mKPV ++3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K8Yzo +dDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqjx5RW +Ir9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsRnTKa +G73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0kzCq +gc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9OktwID +AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBAB/Kzt3H +vqGf2SdMC9wXmBFqiN495nFWcrKeGk6c1SuYJF2ba3uwM4IJvd8lRuqYnrYb/oM8 +0mJhwQTtzuDFycgTE1XnqGOtjHsB/ncw4c5omwX4Eu55MaBBRTUoCnGkJE+M3DyC +B19m3H0Q/gxhswWV7uGugQ+o+MePTagjAiZrHYNSVc61LwDKgEDg4XSsYPWHgJ2u +NmSRXbBoGOqKYcl3qJfEycel/FVL8/B/uWU9J2jQzGv6U53hkRrJXRqWbTKH7QMg +yALOWr7Z6v2yTcQvG99fevX4i8buMTolUVVnjWQye+mew4K6Ki3pHrTgSAai/Gev +HyICc/sgCq+dVEuhzf9gR7A/Xe8bVr2XIZYtCtFenTgCR2y59PYjJbigapordwj6 +xLEokCZYCDzifqrXPW+6MYgKBesntaFJ7qBFVHvmJ2WZICGoo7z7GJa7Um8M7YNR +TOlZ4iBgxcJlkoKM8xAfDoqXvneCbT+PHV28SSe9zE8P4c52hgQjxcCMElv924Sg +JPFI/2R80L5cFtHvma3AH/vLrrw4IgYmZNralw4/KBVEqE8AyvCazM90arQ+POuV +7LXTWtiBmelDGDfrs7vRWGJB82bSj6p4lVQgw1oudCvV0b4YacCs1aTPObpRhANl +6WLAYv7YTVWW4tAR+kg0Eeye7QUd5MjWHYbL -----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GTS_Root_R3.pem b/secure/caroot/trusted/GTS_Root_R3.pem index 82c9a6ea5ab0..ca17a9220f72 100644 --- a/secure/caroot/trusted/GTS_Root_R3.pem +++ b/secure/caroot/trusted/GTS_Root_R3.pem @@ -16,7 +16,7 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 6e:47:a9:c7:6c:a9:73:24:40:89:0f:03:55:dd:8d:1d + 02:03:e5:b8:82:eb:20:f8:25:27:6d:3d:66 Signature Algorithm: ecdsa-with-SHA384 Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R3 Validity @@ -38,29 +38,29 @@ Certificate: NIST CURVE: P-384 X509v3 extensions: X509v3 Key Usage: critical - Certificate Sign, CRL Sign + Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C1:F1:26:BA:A0:2D:AE:85:81:CF:D3:F1:2A:12:BD:B8:0A:67:FD:BC Signature Algorithm: ecdsa-with-SHA384 - 30:66:02:31:00:80:5b:a4:7c:23:c0:95:a5:2c:dc:be:89:6f: - 23:b9:a3:dd:65:00:52:5e:91:ac:c8:9d:72:74:82:53:0b:7d: - a9:40:bd:68:60:c5:e1:b8:54:3b:c1:36:17:25:d8:c1:bd:02: - 31:00:9e:35:92:74:85:25:51:f5:24:ec:64:52:24:50:a5:1f: - db:e8:cb:c9:76:ec:ec:82:6e:f5:85:18:53:e8:b8:e3:9a:29: - aa:96:d3:83:23:c9:a4:7b:61:b3:cc:02:e8:5d -SHA1 Fingerprint=30:D4:24:6F:07:FF:DB:91:89:8A:0B:E9:49:66:11:EB:8C:5E:46:E5 + 30:66:02:31:00:f6:e1:20:95:14:7b:54:a3:90:16:11:bf:84: + c8:ea:6f:6b:17:9e:1e:46:98:20:9b:9f:d3:0d:d9:ac:d3:2f: + cd:7c:f8:5b:2e:55:bb:bf:dd:92:f7:a4:0c:dc:31:e1:a2:02: + 31:00:fc:97:66:66:e5:43:16:13:83:dd:c7:df:2f:be:14:38: + ed:01:ce:b1:17:1a:11:75:e9:bd:03:8f:26:7e:84:e5:c9:60: + a6:95:d7:54:59:b7:e7:11:2c:89:d4:b9:ee:17 +SHA1 Fingerprint=ED:E5:71:80:2B:C8:92:B9:5B:83:3C:D2:32:68:3F:09:CD:A0:1E:46 -----BEGIN CERTIFICATE----- -MIICDDCCAZGgAwIBAgIQbkepx2ypcyRAiQ8DVd2NHTAKBggqhkjOPQQDAzBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw -MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQA -IgNiAAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout -736GjOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2A -DDL24CejQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEAgFuk -fCPAlaUs3L6JbyO5o91lAFJekazInXJ0glMLfalAvWhgxeG4VDvBNhcl2MG9AjEA -njWSdIUlUfUk7GRSJFClH9voy8l27OyCbvWFGFPouOOaKaqW04MjyaR7YbPMAuhd +MIICCTCCAY6gAwIBAgINAgPluILrIPglJ209ZjAKBggqhkjOPQQDAzBHMQswCQYD +VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG +A1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw +WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz +IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout736G +jOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2ADDL2 +4CejQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW +BBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEA9uEglRR7 +VKOQFhG/hMjqb2sXnh5GmCCbn9MN2azTL818+FsuVbu/3ZL3pAzcMeGiAjEA/Jdm +ZuVDFhOD3cffL74UOO0BzrEXGhF16b0DjyZ+hOXJYKaV11RZt+cRLInUue4X -----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GTS_Root_R4.pem b/secure/caroot/trusted/GTS_Root_R4.pem index 6986518db309..d8c21bf91bdc 100644 --- a/secure/caroot/trusted/GTS_Root_R4.pem +++ b/secure/caroot/trusted/GTS_Root_R4.pem @@ -16,7 +16,7 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 6e:47:a9:c8:8b:94:b6:e8:bb:3b:2a:d8:a2:b2:c1:99 + 02:03:e5:c0:68:ef:63:1a:9c:72:90:50:52 Signature Algorithm: ecdsa-with-SHA384 Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R4 Validity @@ -38,29 +38,29 @@ Certificate: NIST CURVE: P-384 X509v3 extensions: X509v3 Key Usage: critical - Certificate Sign, CRL Sign + Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C Signature Algorithm: ecdsa-with-SHA384 - 30:64:02:30:6a:50:52:74:08:c4:70:dc:9e:50:74:21:e8:8d: - 7a:21:c3:4f:96:6e:15:d1:22:35:61:2d:fa:08:37:ee:19:6d: - ad:db:b2:cc:7d:07:34:f5:60:19:2c:b5:34:d9:6f:20:02:30: - 03:71:b1:ba:a3:60:0b:86:ed:9a:08:6a:95:68:9f:e2:b3:e1: - 93:64:7c:5e:93:a6:df:79:2d:8d:85:e3:94:cf:23:5d:71:cc: - f2:b0:4d:d6:fe:99:c8:94:a9:75:a2:e3 -SHA1 Fingerprint=2A:1D:60:27:D9:4A:B1:0A:1C:4D:91:5C:CD:33:A0:CB:3E:2D:54:CB + 30:66:02:31:00:e8:40:ff:83:de:03:f4:9f:ae:1d:7a:a7:2e: + b9:af:4f:f6:83:1d:0e:2d:85:01:1d:d1:d9:6a:ec:0f:c2:af: + c7:5e:56:5e:5c:d5:1c:58:22:28:0b:f7:30:b6:2f:b1:7c:02: + 31:00:f0:61:3c:a7:f4:a0:82:e3:21:d5:84:1d:73:86:9c:2d: + af:ca:34:9b:f1:9f:b9:23:36:e2:bc:60:03:9d:80:b3:9a:56: + c8:e1:e2:bb:14:79:ca:cd:21:d4:94:b5:49:43 +SHA1 Fingerprint=77:D3:03:67:B5:E0:0C:15:F6:0C:38:61:DF:7C:E1:3B:92:46:4D:47 -----BEGIN CERTIFICATE----- -MIICCjCCAZGgAwIBAgIQbkepyIuUtui7OyrYorLBmTAKBggqhkjOPQQDAzBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw -MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQA -IgNiAATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzu -hXyiQHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/l -xKvRHYqjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNnADBkAjBqUFJ0 -CMRw3J5QdCHojXohw0+WbhXRIjVhLfoIN+4Zba3bssx9BzT1YBkstTTZbyACMANx -sbqjYAuG7ZoIapVon+Kz4ZNkfF6Tpt95LY2F45TPI11xzPKwTdb+mciUqXWi4w== +MIICCTCCAY6gAwIBAgINAgPlwGjvYxqccpBQUjAKBggqhkjOPQQDAzBHMQswCQYD +VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG +A1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw +WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz +IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzuhXyi +QHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/lxKvR +HYqjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW +BBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNpADBmAjEA6ED/g94D +9J+uHXqnLrmvT/aDHQ4thQEd0dlq7A/Cr8deVl5c1RxYIigL9zC2L7F8AjEA8GE8 +p/SgguMh1YQdc4acLa/KNJvxn7kjNuK8YAOdgLOaVsjh4rsUecrNIdSUtUlD -----END CERTIFICATE----- diff --git a/secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem b/secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem index 6263dcb9435e..0b773b02b88c 100644 --- a/secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem +++ b/secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem @@ -16,7 +16,7 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 2a:38:a4:1c:96:0a:04:de:42:b2:28:a5:0b:e8:34:98:02 + 02:03:e5:7e:f5:3f:93:fd:a5:09:21:b2:a6 Signature Algorithm: ecdsa-with-SHA256 Issuer: OU = GlobalSign ECC Root CA - R4, O = GlobalSign, CN = GlobalSign Validity @@ -36,27 +36,26 @@ Certificate: NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical - Certificate Sign, CRL Sign + Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 54:B0:7B:AD:45:B8:E2:40:7F:FB:0A:6E:FB:BE:33:C9:3C:A3:84:D5 Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:21:00:dc:92:a1:a0:13:a6:cf:03:b0:e6:c4:21:97: - 90:fa:14:57:2d:03:ec:ee:3c:d3:6e:ca:a8:6c:76:bc:a2:de: - bb:02:20:27:a8:85:27:35:9b:56:c6:a3:f2:47:d2:b7:6e:1b: - 02:00:17:aa:67:a6:15:91:de:fa:94:ec:7b:0b:f8:9f:84 -SHA1 Fingerprint=69:69:56:2E:40:80:F4:24:A1:E7:19:9F:14:BA:F3:EE:58:AB:6A:BB + 30:44:02:20:22:4f:74:72:b9:60:af:f1:e6:9c:a0:16:05:50: + 5f:c3:5e:3b:6e:61:74:ef:be:01:c4:be:18:48:59:61:82:32: + 02:20:26:9d:54:63:40:de:37:60:50:cf:c8:d8:ed:9d:82:ae: + 37:98:bc:a3:8f:4c:4c:a9:34:2b:6c:ef:fb:95:9b:26 +SHA1 Fingerprint=6B:A0:B0:98:E1:71:EF:5A:AD:FE:48:15:80:77:10:F4:BD:6F:0B:28 -----BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= +MIIB3DCCAYOgAwIBAgINAgPlfvU/k/2lCSGypjAKBggqhkjOPQQDAjBQMSQwIgYD +VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2Jh +bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTIxMTEzMDAwMDAwWhcNMzgw +MTE5MDMxNDA3WjBQMSQwIgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0g +UjQxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wWTAT +BgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4xnnTj2wlDp8uORkcA6SumuU5BwkWymOx +uYb4ilfBV85C+nOh92VC/x7BALJucw7/xyHlGKSq2XE/qNS5zowdo0IwQDAOBgNV +HQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVLB7rUW44kB/ ++wpu+74zyTyjhNUwCgYIKoZIzj0EAwIDRwAwRAIgIk90crlgr/HmnKAWBVBfw147 +bmF0774BxL4YSFlhgjICICadVGNA3jdgUM/I2O2dgq43mLyjj0xMqTQrbO/7lZsm -----END CERTIFICATE----- From nobody Wed Jun 21 05:25:51 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmBmb6LmLz4fxRM; Wed, 21 Jun 2023 05:25:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmBmb2Frmz3NLb; Wed, 21 Jun 2023 05:25:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687325151; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=joONVKH7OpFh+AQTI5TlOsyFsKv7Qrq1l29ivPDvbAM=; b=oEXARH/iHKvMyOIG/HjQjju2EwDWJGSu/rA4GOPoqLXo4nnuQSa5Bpp5O60AWx7WQP8Wdz GNwwXOLVXjdIyI3RIehtrUXnS3q4TZuetX1W3t5QPZd+R/ZI52kPAGDm1N0rSlbz9FtTdM 9PbuvBMxQR1dokEDr5McxpI3hNVIdJ9fBvvp/RIAKxpp8Ya2x02KEINzv4oYF2EerSf6L3 KRj0MgMO9Fh4svTcc1/dl9zQ+c8PIF/OT5Cl+3Ku0qMDSXYgPkL/NpaZ5l4sJaHZtIFTrw MGeS68rOrjP2mj9rcPTP8IrqQaO52wznpEUXqdXw/HZdFtfVcRgQTmZ2pp488A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687325151; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=joONVKH7OpFh+AQTI5TlOsyFsKv7Qrq1l29ivPDvbAM=; b=l1hjn5IrlpPT2mq/bd+xM88HmTefqRoNQb+z1MUOXkRlz5DhHn8VesD5s1L65Pp0FxcV1r 7/aHmP1Q47agAi4hPOxeO19mU8PR7L+cuu9uqyIE9PkgDfZOC3J+uzhjHDM4GQU2ghiNsg HQ3E5pEuLvWefnINqxGcThzv9pbf6JpfEuU28ZQg3ipTaAHkLB1NO+LMDtortRv8S4zZtr CSgeJvvNcJqiPgK0JOuO4UVc62Aw145RMtshGhhC4LygtfPH5pt0HX3BGbXR/kkgGyOGTe x5wl1/BSODU8qqEpbVMtuhnWZmAxwO/C0x8c9fZuB6crvIqKwA1eNLt2cOgOzQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687325151; a=rsa-sha256; cv=none; b=b/A4ZL/eO4w77tqAky/pppu6JTeHpmmhdtJGITz9CsACrN30+/m3wyJL9dotUg2UCrTIGf 3lL3W05cFqOkINEfb0/UDCt5Z5jyVZzauNmecoV9GlJGCJZpDadWw/xTEH0TZC1wORKG3d OQ3NNUEGgBXpaIiRvu7OfinreNgCtbnTyF6WRj33fFTM+bmRSZGSVs9wo/wE1yD5OWTpcm w/WetoJIJt2ZA+ZueVuPGOVSmiAgLZOPhZiABj+l4SigKU0TrKulF241PUFUDv37AL/TNg nq6GsWVRQJ2rxUb7htNY7I9dS7Cecs3UBPeaHNR/v6vD0kKNETMuaabY5mlvng== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmBmb1LX1zTr9; Wed, 21 Jun 2023 05:25:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5PpZl031264; Wed, 21 Jun 2023 05:25:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5PpBr031263; Wed, 21 Jun 2023 05:25:51 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:25:51 GMT Message-Id: <202306210525.35L5PpBr031263@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 6322a6c9daaa - stable/13 - pam_krb5: Fix spoofing vulnerability List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 6322a6c9daaabbf0b5d17c5d5a4f245f474a7e30 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=6322a6c9daaabbf0b5d17c5d5a4f245f474a7e30 commit 6322a6c9daaabbf0b5d17c5d5a4f245f474a7e30 Author: Cy Schubert AuthorDate: 2023-05-31 19:20:27 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:25:18 +0000 pam_krb5: Fix spoofing vulnerability An adversary on the network can log in via ssh as any user by spoofing the KDC. When the machine has a keytab installed the keytab is used to verify the service ticket. However, without a keytab there is no way for pam_krb5 to verify the KDC's response and get a TGT with the password. If both the password _and_ the KDC are controlled by an adversary, the adversary can provide a password that the adversary's spoofed KDC will return a valid tgt for. Currently, without a keytab, pam_krb5 is vulnerable to this attack. Reported by: Taylor R Campbell via emaste@ Reviewed by: so Approved by: so Security: FreeBSD-SA-23:04.pam_krb5 Security: CVE-2023-3326 (cherry picked from commit 813847e49e35439ba5d7bf16034b0691312068a4) --- lib/libpam/modules/pam_krb5/pam_krb5.8 | 15 +++++ lib/libpam/modules/pam_krb5/pam_krb5.c | 104 +++++++++++++++++++++++++++------ 2 files changed, 102 insertions(+), 17 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.8 b/lib/libpam/modules/pam_krb5/pam_krb5.8 index bd7ac5b9ca0c..bdd91c54fce6 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.8 +++ b/lib/libpam/modules/pam_krb5/pam_krb5.8 @@ -108,6 +108,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .It Cm no_user_check Do not verify if a user exists on the local system. This option implies the .Cm no_ccache diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 810573bed47e..3972479a581f 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -76,7 +76,12 @@ __FBSDID("$FreeBSD$"); #define COMPAT_HEIMDAL /* #define COMPAT_MIT */ -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, + const char **, krb5_principal *, char[static BUFSIZ]); +static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int, + const char *, krb5_principal, char[static BUFSIZ]); +static void verify_krb_v5_tgt_cleanup(krb5_context, int, + const char *, krb5_principal, char[static BUFSIZ]); static void cleanup_cache(pam_handle_t *, void *, int); static const char *compat_princ_component(krb5_context, krb5_principal, int); static void compat_free_data_contents(krb5_context, krb5_data *); @@ -92,6 +97,7 @@ static void compat_free_data_contents(krb5_context, krb5_data *); #define PAM_OPT_NO_USER_CHECK "no_user_check" #define PAM_OPT_REUSE_CCACHE "reuse_ccache" #define PAM_OPT_NO_USER_CHECK "no_user_check" +#define PAM_OPT_ALLOW_KDC_SPOOF "allow_kdc_spoof" #define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ do { \ @@ -109,6 +115,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, { krb5_error_code krbret; krb5_context pam_context; + int debug; + const char *auth_service; + krb5_principal auth_princ; + char auth_phost[BUFSIZ]; krb5_creds creds; krb5_principal princ; krb5_ccache ccache; @@ -139,14 +149,37 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got service: %s", (const char *)service); + if ((srvdup = strdup(service)) == NULL) { + retval = PAM_BUF_ERR; + goto cleanup6; + } + krbret = krb5_init_context(&pam_context); if (krbret != 0) { PAM_VERBOSE_ERROR("Kerberos 5 error"); - return (PAM_SERVICE_ERR); + retval = PAM_SERVICE_ERR; + goto cleanup5; } PAM_LOG("Context initialised"); + debug = openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0; + krbret = verify_krb_v5_tgt_begin(pam_context, srvdup, debug, + &auth_service, &auth_princ, auth_phost); + if (krbret != 0) { /* failed to find key */ + /* Keytab or service key does not exist */ + /* + * Give up now because we can't authenticate the KDC + * with a keytab, unless the administrator asked to + * have the traditional behaviour of being vulnerable + * to spoofed KDCs. + */ + if (!openpam_get_option(pamh, PAM_OPT_ALLOW_KDC_SPOOF)) { + retval = PAM_SERVICE_ERR; + goto cleanup4; + } + } + krbret = krb5_cc_register(pam_context, &krb5_mcc_ops, FALSE); if (krbret != 0 && krbret != KRB5_CC_TYPE_EXISTS) { PAM_VERBOSE_ERROR("Kerberos 5 error"); @@ -292,13 +325,11 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Credentials stashed"); /* Verify them */ - if ((srvdup = strdup(service)) == NULL) { - retval = PAM_BUF_ERR; - goto cleanup; - } krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup, - openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0); + debug, + auth_service, auth_princ, auth_phost); free(srvdup); + srvdup = NULL; if (krbret == -1) { PAM_VERBOSE_ERROR("Kerberos 5 error"); krb5_cc_destroy(pam_context, ccache); @@ -349,8 +380,20 @@ cleanup3: PAM_LOG("Done cleanup3"); +cleanup4: + verify_krb_v5_tgt_cleanup(pam_context, debug, + auth_service, auth_princ, auth_phost); + PAM_LOG("Done cleanup4"); + +cleanup5: + if (srvdup != NULL) + free(srvdup); + PAM_LOG("Done cleanup5"); + +cleanup6: if (retval != PAM_SUCCESS) PAM_VERBOSE_ERROR("Kerberos 5 refuses you"); + PAM_LOG("Done cleanup6"); return (retval); } @@ -837,18 +880,18 @@ PAM_MODULE_ENTRY("pam_krb5"); */ /* ARGSUSED */ static int -verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, - char *pam_service, int debug) +verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, + const char **servicep, krb5_principal *princp __unused, char phost[static BUFSIZ]) { krb5_error_code retval; krb5_principal princ; krb5_keyblock *keyblock; - krb5_data packet; - krb5_auth_context auth_context; - char phost[BUFSIZ]; const char *services[3], **service; - packet.data = 0; + *servicep = NULL; + + if (debug) + openlog("pam_krb5", LOG_PID, LOG_AUTHPRIV); /* If possible we want to try and verify the ticket we have * received against a keytab. We will try multiple service @@ -906,14 +949,30 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, krb5_free_error_message(context, msg); } retval = 0; - goto cleanup; } if (keyblock) krb5_free_keyblock(context, keyblock); + return (retval); +} + +static int +verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, + char *pam_service __unused, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ]) +{ + krb5_error_code retval; + krb5_auth_context auth_context = NULL; + krb5_data packet; + + if (service == NULL) + return (0); /* uncertain, can't authenticate KDC */ + + packet.data = 0; + /* Talk to the kdc and construct the ticket. */ auth_context = NULL; - retval = krb5_mk_req(context, &auth_context, 0, *service, phost, + retval = krb5_mk_req(context, &auth_context, 0, service, phost, NULL, ccache, &packet); if (auth_context) { krb5_auth_con_free(context, auth_context); @@ -952,8 +1011,19 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, cleanup: if (packet.data) compat_free_data_contents(context, &packet); - krb5_free_principal(context, princ); - return retval; + return (retval); +} + +static void +verify_krb_v5_tgt_cleanup(krb5_context context, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ] __unused) +{ + + if (service) + krb5_free_principal(context, princ); + if (debug) + closelog(); + } /* Free the memory for cache_name. Called by pam_end() */ From nobody Wed Jun 21 05:26:20 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmBn83tY6z4fxWn; Wed, 21 Jun 2023 05:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmBn83Pn6z3Njg; Wed, 21 Jun 2023 05:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687325180; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gw+sYwR6qZh6dA6zdJvRNfBZbukljoulaNUJ3bCr5MQ=; b=vFwxoAQiawivtZ2JDjUpMcFy8K620JIn19dg0aECX1rr5hHlA+8Y+ZfuB+XOvWnk39KWcn yJ6RElBIBOzRTsPRtZD2rxQfIk1BtbOw5axFvUeu9XY0WjeivyZvobvGDbOz8Gjwd5L5bz ssW4uPvdRPznpnmSKcUvWGBRRxhiIOXFB/TiNPNepkVosUdTlRJShFOO3BFHkPslQUZatr 1gZmjeKMeV+zjyOrhGoyo5kSIDCyUoRcfosQJZNzrkU/8Kfx9EwRXZFZpaZYHd6vvNhiBl S1TNIAojMYzOPz+qsoIbctjfNFIB6buIhJb8fXt99qsDfdt/O4qZOf90EufKMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687325180; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gw+sYwR6qZh6dA6zdJvRNfBZbukljoulaNUJ3bCr5MQ=; b=PNFrwspd3ileos0y8ryA/dvn5QjUpFhyHJIT0DKNsZwqcN+dUR21QIJU5dhBUzEJkMPfaj yxITiCKvRL9rbhnLIrgr3yM6QfVU99S3RmkpRWsTY0MM+IT6d/VP4eaaauEohe5fmipuWj pa8tu6FColew2tSuWvGeKSgyOI56XycrbDOH+DSLp3wMiiaJ9mktxdPGmP27nNIVL2KhCX BVTL44R0ax2O1KOPpLWT84TB24SzxmwTHNWbvZbNoga6c5MvNXjGTLBfHbR9GleNfh9RdY CPr+xQobcyDc9aEBs8wCecmoYyQnPMcYVlRGiQ7xcmqXt+oRO4HjnfRUdCiUoA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687325180; a=rsa-sha256; cv=none; b=gCYbx0Ty4cWmEX8opCnQQdUcxYGRWKrSEmaU6Jfth2W3rqOYaatO/sh+yDF7Gh0KiMWnjk nI4JgtiRpOYhHDMdhEGU+Ev4pGEHhjzopW1PAWNCzssHBpUVYnWIO7r4NfqzUs4COgMGFT CqUHKZ8vWNCZWzV5ZkKI8uK4f7aROHVUae+sWfDgU34LNqsy8XDhHgTPGQ/be4s3MTy+Fu pqLngLLduCbzjdyL7aedNTznwdp5aYdUOUUyxHx0M/KphdrNBTe/foVMxq9iRRJfaVphkQ rdU8QO+9IG8tYAK6VMjhsRN6CHPKhNV2+gLEvgFQ5tDd7djyCpMl83WOKW9Icw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmBn82VshzV9R; Wed, 21 Jun 2023 05:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5QKgB031438; Wed, 21 Jun 2023 05:26:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5QKqf031436; Wed, 21 Jun 2023 05:26:20 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:26:20 GMT Message-Id: <202306210526.35L5QKqf031436@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 5018f551ece2 - stable/12 - pam_krb5: Fix spoofing vulnerability List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 5018f551ece209a32b06e5225d34fe248d14e479 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=5018f551ece209a32b06e5225d34fe248d14e479 commit 5018f551ece209a32b06e5225d34fe248d14e479 Author: Cy Schubert AuthorDate: 2023-05-31 19:20:27 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:26:03 +0000 pam_krb5: Fix spoofing vulnerability An adversary on the network can log in via ssh as any user by spoofing the KDC. When the machine has a keytab installed the keytab is used to verify the service ticket. However, without a keytab there is no way for pam_krb5 to verify the KDC's response and get a TGT with the password. If both the password _and_ the KDC are controlled by an adversary, the adversary can provide a password that the adversary's spoofed KDC will return a valid tgt for. Currently, without a keytab, pam_krb5 is vulnerable to this attack. Reported by: Taylor R Campbell via emaste@ Reviewed by: so Approved by: so Security: FreeBSD-SA-23:04.pam_krb5 Security: CVE-2023-3326 (cherry picked from commit 813847e49e35439ba5d7bf16034b0691312068a4) --- lib/libpam/modules/pam_krb5/pam_krb5.8 | 15 +++++ lib/libpam/modules/pam_krb5/pam_krb5.c | 104 +++++++++++++++++++++++++++------ 2 files changed, 102 insertions(+), 17 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.8 b/lib/libpam/modules/pam_krb5/pam_krb5.8 index bd7ac5b9ca0c..bdd91c54fce6 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.8 +++ b/lib/libpam/modules/pam_krb5/pam_krb5.8 @@ -108,6 +108,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .It Cm no_user_check Do not verify if a user exists on the local system. This option implies the .Cm no_ccache diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 810573bed47e..3972479a581f 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -76,7 +76,12 @@ __FBSDID("$FreeBSD$"); #define COMPAT_HEIMDAL /* #define COMPAT_MIT */ -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, + const char **, krb5_principal *, char[static BUFSIZ]); +static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int, + const char *, krb5_principal, char[static BUFSIZ]); +static void verify_krb_v5_tgt_cleanup(krb5_context, int, + const char *, krb5_principal, char[static BUFSIZ]); static void cleanup_cache(pam_handle_t *, void *, int); static const char *compat_princ_component(krb5_context, krb5_principal, int); static void compat_free_data_contents(krb5_context, krb5_data *); @@ -92,6 +97,7 @@ static void compat_free_data_contents(krb5_context, krb5_data *); #define PAM_OPT_NO_USER_CHECK "no_user_check" #define PAM_OPT_REUSE_CCACHE "reuse_ccache" #define PAM_OPT_NO_USER_CHECK "no_user_check" +#define PAM_OPT_ALLOW_KDC_SPOOF "allow_kdc_spoof" #define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ do { \ @@ -109,6 +115,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, { krb5_error_code krbret; krb5_context pam_context; + int debug; + const char *auth_service; + krb5_principal auth_princ; + char auth_phost[BUFSIZ]; krb5_creds creds; krb5_principal princ; krb5_ccache ccache; @@ -139,14 +149,37 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got service: %s", (const char *)service); + if ((srvdup = strdup(service)) == NULL) { + retval = PAM_BUF_ERR; + goto cleanup6; + } + krbret = krb5_init_context(&pam_context); if (krbret != 0) { PAM_VERBOSE_ERROR("Kerberos 5 error"); - return (PAM_SERVICE_ERR); + retval = PAM_SERVICE_ERR; + goto cleanup5; } PAM_LOG("Context initialised"); + debug = openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0; + krbret = verify_krb_v5_tgt_begin(pam_context, srvdup, debug, + &auth_service, &auth_princ, auth_phost); + if (krbret != 0) { /* failed to find key */ + /* Keytab or service key does not exist */ + /* + * Give up now because we can't authenticate the KDC + * with a keytab, unless the administrator asked to + * have the traditional behaviour of being vulnerable + * to spoofed KDCs. + */ + if (!openpam_get_option(pamh, PAM_OPT_ALLOW_KDC_SPOOF)) { + retval = PAM_SERVICE_ERR; + goto cleanup4; + } + } + krbret = krb5_cc_register(pam_context, &krb5_mcc_ops, FALSE); if (krbret != 0 && krbret != KRB5_CC_TYPE_EXISTS) { PAM_VERBOSE_ERROR("Kerberos 5 error"); @@ -292,13 +325,11 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Credentials stashed"); /* Verify them */ - if ((srvdup = strdup(service)) == NULL) { - retval = PAM_BUF_ERR; - goto cleanup; - } krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup, - openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0); + debug, + auth_service, auth_princ, auth_phost); free(srvdup); + srvdup = NULL; if (krbret == -1) { PAM_VERBOSE_ERROR("Kerberos 5 error"); krb5_cc_destroy(pam_context, ccache); @@ -349,8 +380,20 @@ cleanup3: PAM_LOG("Done cleanup3"); +cleanup4: + verify_krb_v5_tgt_cleanup(pam_context, debug, + auth_service, auth_princ, auth_phost); + PAM_LOG("Done cleanup4"); + +cleanup5: + if (srvdup != NULL) + free(srvdup); + PAM_LOG("Done cleanup5"); + +cleanup6: if (retval != PAM_SUCCESS) PAM_VERBOSE_ERROR("Kerberos 5 refuses you"); + PAM_LOG("Done cleanup6"); return (retval); } @@ -837,18 +880,18 @@ PAM_MODULE_ENTRY("pam_krb5"); */ /* ARGSUSED */ static int -verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, - char *pam_service, int debug) +verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, + const char **servicep, krb5_principal *princp __unused, char phost[static BUFSIZ]) { krb5_error_code retval; krb5_principal princ; krb5_keyblock *keyblock; - krb5_data packet; - krb5_auth_context auth_context; - char phost[BUFSIZ]; const char *services[3], **service; - packet.data = 0; + *servicep = NULL; + + if (debug) + openlog("pam_krb5", LOG_PID, LOG_AUTHPRIV); /* If possible we want to try and verify the ticket we have * received against a keytab. We will try multiple service @@ -906,14 +949,30 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, krb5_free_error_message(context, msg); } retval = 0; - goto cleanup; } if (keyblock) krb5_free_keyblock(context, keyblock); + return (retval); +} + +static int +verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, + char *pam_service __unused, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ]) +{ + krb5_error_code retval; + krb5_auth_context auth_context = NULL; + krb5_data packet; + + if (service == NULL) + return (0); /* uncertain, can't authenticate KDC */ + + packet.data = 0; + /* Talk to the kdc and construct the ticket. */ auth_context = NULL; - retval = krb5_mk_req(context, &auth_context, 0, *service, phost, + retval = krb5_mk_req(context, &auth_context, 0, service, phost, NULL, ccache, &packet); if (auth_context) { krb5_auth_con_free(context, auth_context); @@ -952,8 +1011,19 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, cleanup: if (packet.data) compat_free_data_contents(context, &packet); - krb5_free_principal(context, princ); - return retval; + return (retval); +} + +static void +verify_krb_v5_tgt_cleanup(krb5_context context, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ] __unused) +{ + + if (service) + krb5_free_principal(context, princ); + if (debug) + closelog(); + } /* Free the memory for cache_name. Called by pam_end() */ From nobody Wed Jun 21 05:41:46 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC6y5Wnmz4g27r; Wed, 21 Jun 2023 05:41:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC6y56Csz3j87; Wed, 21 Jun 2023 05:41:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326106; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=i89FtpqLgP7myt5JZMJH/TaDwzbXr32B8651ZahS7FQ=; b=VMQOQIqpJkA7yPlyYFys3NccfggqLy16XGkqZ+6GI0y3Vpl/EWHJbx68uN0uHsh1qpmuyO w7ZtFx3uZS9A1EXEbDzLjjF3f/Pb5nPMrmHAQk6S4E+n6yje3XrNKt5Ul6aVEKdg7+Mg8C YmXCk/cNtHyDpx1QI+UvetwP9LkY1/eyIy+qEtqa8swIBoHs/SMJ7E9QkFxfjiUGGu5xAz FECrWJpxDqgfnEIL/fEWHtAy+UG9HkUAFvMoTkGlLjM7/uNyQ1kWlUnRd/GwWmRivNHaiS 0ln8DxUiaZc7fpXgOjJFNGoXany27byRvz7sa4+swlcixP5ChJ6GdEL5rcyhiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326106; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=i89FtpqLgP7myt5JZMJH/TaDwzbXr32B8651ZahS7FQ=; b=x8sxzxZztS/yZ5zLmgz0c8YwPRBsuPhDHnKyS7y7gn1N1gXqIHtR4/Oi5f6zjsjqyMkZd+ Ex+t81FesQr0pGHK/jlxDPSkbQFPPgMj3cQxIY0aacbZhnnpa2Kv9ketg8bm2+BLrDRtNI HcGn6oCn1kCb+K1ixunnZRpbcDHTeu/m/cXm05co7KA8nF3aEnx9SxomnvZy7EMmfZyslU s5MdPRQu0LFdo0AP6CAxV5BLbRlGpDEDYNyjlJi9vWCCMc8HuJxiGB7ZteQ4Jh86Fu/SUa uEeZfMp2U7d8gbOIitQp54RgKgxFWdRiMyAwMHN1uR60qpGj7ldkIl1HAJ/f8g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326106; a=rsa-sha256; cv=none; b=R+R8fkumS2N23wJsxyMqKc9LCTWL/Jv7i+bmg6Cyl09aBclqb9nb+oC08NYjPNX6aXIH8+ eL8NaNWlJ9NFY49gHcTQCT7/vmGBJ9dv6grPh95bIWyYdV7EzMK688nJvcQhQ2ePTWVC4j 9XSuI+IHAvugiKiIencdQ/VAE2hq1bEjpKqPNg84DnSQ4ffvgRt7PCw4uTJII/nX9fI/k9 ZkuzQiF6h1Vb1eUBsJAscSmv2VaPsNRlif2H+aE5WKiNDFjy97Sd30xZ09gzOvaQW1qhRe jnnm6KXp8deNoRKuSGRCPT84P7+DQW2RKKq8Hl4i1JvSjU/qHwiyz44bRstfbQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC6y49t1zV5W; Wed, 21 Jun 2023 05:41:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5fkNE062685; Wed, 21 Jun 2023 05:41:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5fkTK062684; Wed, 21 Jun 2023 05:41:46 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:41:46 GMT Message-Id: <202306210541.35L5fkTK062684@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 525ac1948af8 - releng/13.2 - loader: comconsole: don't unconditionally wipe out hw.uart.console List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.2 X-Git-Reftype: branch X-Git-Commit: 525ac1948af8fb7253f15e3645f4041cb0e2b107 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.2 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=525ac1948af8fb7253f15e3645f4041cb0e2b107 commit 525ac1948af8fb7253f15e3645f4041cb0e2b107 Author: Kyle Evans AuthorDate: 2023-04-14 04:41:22 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:05:15 +0000 loader: comconsole: don't unconditionally wipe out hw.uart.console It may be the case that we need to set hw.uart.console manually in some scenarios that comconsole can't necessarily support. Avoid clobbering hw.uart.console unless we've actually selected comconsole so that one could at least get kernel console output.. Discussed with: imp Sponsored by: Zenith Electronics LLC Sponsored by: Klara, Inc. (cherry picked from commit ec671f4980437008b0119c6367816083e15fa503) (cherry picked from commit 362677cae8e9ac4c6f7ff4d74a4378ea11d47797) Approved by: so Security: FreeBSD-EN-23:06.loader --- stand/i386/libi386/comconsole.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/stand/i386/libi386/comconsole.c b/stand/i386/libi386/comconsole.c index ed1f1aa08ed7..6d48e876fa37 100644 --- a/stand/i386/libi386/comconsole.c +++ b/stand/i386/libi386/comconsole.c @@ -324,12 +324,13 @@ comc_setup(int speed, int port) char intbuf[64]; int tries; - unsetenv("hw.uart.console"); comc_curspeed = speed; comc_port = port; if ((comconsole.c_flags & (C_ACTIVEIN | C_ACTIVEOUT)) == 0) return; + unsetenv("hw.uart.console"); + #define COMC_TEST 0xbb /* * Write byte to scratch register and read it out. From nobody Wed Jun 21 05:41:47 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC6z6l89z4g1js; Wed, 21 Jun 2023 05:41:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC6z6FH8z3jF7; Wed, 21 Jun 2023 05:41:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326107; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TMwXjOpmk8nQbeEuWV/IC/jPxBtUoNmUilUjtIpf7Qg=; b=OE3PgvjzFewuCf1cRYZK3zmdw1odAVzZK/jrCk8kfcIiOorQS9IRCCaJu0zKTYYNIg3GSU qPfIUlimydJ4NeLxttyX5amOi/eDvO8VEBzOOKYFv3En0oXVvFIZHMbEZmhJlOdoO3Z19i 1tjzMdEn35KxBeZetRXgGrFLaFZ+SjJNzPNV9lHigKtEzr0LiqtL4EA/swIVKJagEoAOAc qa5ZtrVYzx03huQB+XhrxZijifvkMghEOpM6DYRVtSNuSfqGKlnk6cG7jLU14Nt6hZ/iqb Uap957SdI6dm2lVmyHpi6poqHrAc6JyCX5FZZRDqc+PZpDPbJi26D8o9eeurlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326107; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TMwXjOpmk8nQbeEuWV/IC/jPxBtUoNmUilUjtIpf7Qg=; b=uEMw1EauWW/dtHysI/9spfS478aaTDjq72IexyKTVfY6iG0wjt8iYGyY9dct8/m91s2lex EbPmcdGGu/+gtc+IdW1ESpkNzueiSKkMFjQfHdNOdfijrEsNYhUGbbQn9K3DAVEfnzNIut mSx1K4m05JL92ezS+dApaFUfbkhWuDd9biXsfZhlqZ/xfSm2IouS6fhU3jyx4f80LN/jyr TBGfAImIFbFtqi0yqdLo4VjCf0/0h8YIcwkd94IN5Zy6c/60lQPYG1Ly6lbcYPvDcRF4QO EOuYh46xW8jRFdpjXzRg3P+1TR0PRp9xZ0VS075AsXmjK8vDkbPB0DVJkK6ekg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326107; a=rsa-sha256; cv=none; b=wHsn2XKzoT6aVHWAGOrG5uE6kWClwqt3DKwL1k3K91lwGiB3lmhPTkKduWAMou/jup9kII hn/8UrrG6wNYaGUNhSccnDXcswssieiaMSbxb/1pIXXEdphzpeHIngTvpS5WNyGlJCdf0B Gs6/azhWdaYmx4EjM1Eg0HKScHwy65y3VSKRxbyvZEy1Xv5ln1j59RY7OcDBolgJmIr3UT qBI+eWpBeb1MWHK7QFuz0hes0dJkhSuANVXURkufQmJmkM5Edhh9gOE0F5U2BQcjDoph5x 13OwrsOZmYryF98Z6DQ9ZZ5PAypF+zL5OQgAyEj35mP6fwx8eXemQ6kTTBVw/g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC6z581qzV5X; Wed, 21 Jun 2023 05:41:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5flni062704; Wed, 21 Jun 2023 05:41:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5flPa062703; Wed, 21 Jun 2023 05:41:47 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:41:47 GMT Message-Id: <202306210541.35L5flPa062703@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: e63d8b8fa6d9 - releng/13.2 - mpr: fix copying of event_mask List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.2 X-Git-Reftype: branch X-Git-Commit: e63d8b8fa6d98386cce58586d0184cbdf8928a85 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.2 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=e63d8b8fa6d98386cce58586d0184cbdf8928a85 commit e63d8b8fa6d98386cce58586d0184cbdf8928a85 Author: Mariusz Zaborski AuthorDate: 2023-04-21 07:50:16 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:06:39 +0000 mpr: fix copying of event_mask Before the commit 6cc44223cb6717795afdac4348bbe7e2a968a07d the field event_mask was fully copied to the EventMasks field. After this commit the event_mask (uint8_t) is 4 times casted to EventMask (uint32_t). Because of that 24 bits of each event_mask array is lost. This commits brings back simple copying of field, and after words converting 32 bits field to the requested endian. I don't think we need more sophisticated method, as the array is of size 4 (for 32 bits version). Reviewed by: imp MFC after: 1 week Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D39562 (cherry picked from commit ea6597c38c77c7bfaae71259d8636cbb89add6a3) (cherry picked from commit e7a3a08febd01c95b74185bb971ec29cca64b8e1) Approved by: so Security: FreeBSD-EN-23:07.mpr --- sys/dev/mpr/mpr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c index 6f54b1f57950..c105174b0e21 100644 --- a/sys/dev/mpr/mpr.c +++ b/sys/dev/mpr/mpr.c @@ -2764,8 +2764,9 @@ mpr_update_events(struct mpr_softc *sc, struct mpr_event_handle *handle, bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; @@ -2819,8 +2820,9 @@ mpr_reregister_events(struct mpr_softc *sc) bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; From nobody Wed Jun 21 05:41:48 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC71028wz4g27v; Wed, 21 Jun 2023 05:41:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC706gs4z3jFg; Wed, 21 Jun 2023 05:41:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326108; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jbuB/Spw5CoyDvwz+oojwdQzEc3nheNH7u3eWIGCs/I=; b=DWRUwukblH7t701SAmQVkI9XzBsvIMp1DMP0MlXUwi9917mFvJbPVcKWsy1/jX0izWwIJJ k6HK9Bm746Sm2mp120zGLkjIat0JCRVa0uGXkU4dOSotbz/bqY/ZVjOVT63tOH4oAtY2Cp diyzV+O0PZ6hlH/nfHqORhhx55ZhtwD5v1p73v6wsK7v1nCsZyFskdifcLcp1ODw4kEZbc DSkDu72eR0tUO6tSpnRLyee5YVqgsBHod2SUqlO26u7IelBnJrUy0Md8ZwFY7bT+DgxwdO xAKzRF8EbT5XbFCbw6HVrQzh3RuM/KH21ED04DC2ZR1qmQqtnqtbt8bgWbmRPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326108; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jbuB/Spw5CoyDvwz+oojwdQzEc3nheNH7u3eWIGCs/I=; b=w1dST4KthaH0117ryC/Wmn8Mgc0v0LApB2ZZLbkqqllmP1tf617Igzunjj31L0H7yYSh+Y QK/n5vOmpIm3L4avsRZzZfpNBAmPupnQkm9l8/QHOHcFcs9svlUIJHu2zeNRyAQbVsTkfi JOrtePvrP3SKVCmznISlmEjRHgQWLtvzKr9rPi7TNOkIUj+CT6Qfd6mtd1e5aHTfL82r6h F2kY9qRVmgkAgPuBiNCB5BbbegMWU7fmfFlc1ZJcr4RVscOqCgRBarmxWt/feLuZIS24Pz fmZaQQAagSaalF+wIZxsRluVQQY8m1dNa++VSI6oKYAAswM+j6Koxkv2NAhzrQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326108; a=rsa-sha256; cv=none; b=RDXmVZIU9VPv/tLUGqRbrLcz1InjEbST085xwnC+YHOKcIN81R7ALIHbkTZ/DRmEWLWBlW 3i1wRjmwHj+rgF6jIkRbDx0oxBlrTecTG02WgM+MMXYc1EzqYvbqiqH15yv+CTfQUTL1j1 DcwbIyP06Grt1k47Emiun5X4cVYd1ED5r2u9w9ZGDb0eO0zf7kxQwL8xVFD1G8peOjZMfG sqTaQpI/BuA9XVEora7MzGBsSNlNedXg2UpwOb4TOp7kRIS4RodMJ+YiiekW3NFv3ru+lZ 8nTU/kyRwIh5WGNwph8IUi+t+cKJnnRKohZu/8zrjLW4sOvmsrnZyEkiWpp40w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC705mnfzVDs; Wed, 21 Jun 2023 05:41:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5fmbn062723; Wed, 21 Jun 2023 05:41:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5fmQC062722; Wed, 21 Jun 2023 05:41:48 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:41:48 GMT Message-Id: <202306210541.35L5fmQC062722@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 58d21e3e8e56 - releng/13.2 - pam_krb5: Fix spoofing vulnerability List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.2 X-Git-Reftype: branch X-Git-Commit: 58d21e3e8e56c1eae22bffb490899b74aa187e75 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.2 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=58d21e3e8e56c1eae22bffb490899b74aa187e75 commit 58d21e3e8e56c1eae22bffb490899b74aa187e75 Author: Cy Schubert AuthorDate: 2023-05-31 19:20:27 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:27:12 +0000 pam_krb5: Fix spoofing vulnerability An adversary on the network can log in via ssh as any user by spoofing the KDC. When the machine has a keytab installed the keytab is used to verify the service ticket. However, without a keytab there is no way for pam_krb5 to verify the KDC's response and get a TGT with the password. If both the password _and_ the KDC are controlled by an adversary, the adversary can provide a password that the adversary's spoofed KDC will return a valid tgt for. Currently, without a keytab, pam_krb5 is vulnerable to this attack. Reported by: Taylor R Campbell via emaste@ Reviewed by: so Approved by: so Security: FreeBSD-SA-23:04.pam_krb5 Security: CVE-2023-3326 (cherry picked from commit 813847e49e35439ba5d7bf16034b0691312068a4) (cherry picked from commit 6322a6c9daaabbf0b5d17c5d5a4f245f474a7e30) --- lib/libpam/modules/pam_krb5/pam_krb5.8 | 15 +++++ lib/libpam/modules/pam_krb5/pam_krb5.c | 104 +++++++++++++++++++++++++++------ 2 files changed, 102 insertions(+), 17 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.8 b/lib/libpam/modules/pam_krb5/pam_krb5.8 index bd7ac5b9ca0c..bdd91c54fce6 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.8 +++ b/lib/libpam/modules/pam_krb5/pam_krb5.8 @@ -108,6 +108,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .It Cm no_user_check Do not verify if a user exists on the local system. This option implies the .Cm no_ccache diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 810573bed47e..3972479a581f 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -76,7 +76,12 @@ __FBSDID("$FreeBSD$"); #define COMPAT_HEIMDAL /* #define COMPAT_MIT */ -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, + const char **, krb5_principal *, char[static BUFSIZ]); +static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int, + const char *, krb5_principal, char[static BUFSIZ]); +static void verify_krb_v5_tgt_cleanup(krb5_context, int, + const char *, krb5_principal, char[static BUFSIZ]); static void cleanup_cache(pam_handle_t *, void *, int); static const char *compat_princ_component(krb5_context, krb5_principal, int); static void compat_free_data_contents(krb5_context, krb5_data *); @@ -92,6 +97,7 @@ static void compat_free_data_contents(krb5_context, krb5_data *); #define PAM_OPT_NO_USER_CHECK "no_user_check" #define PAM_OPT_REUSE_CCACHE "reuse_ccache" #define PAM_OPT_NO_USER_CHECK "no_user_check" +#define PAM_OPT_ALLOW_KDC_SPOOF "allow_kdc_spoof" #define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ do { \ @@ -109,6 +115,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, { krb5_error_code krbret; krb5_context pam_context; + int debug; + const char *auth_service; + krb5_principal auth_princ; + char auth_phost[BUFSIZ]; krb5_creds creds; krb5_principal princ; krb5_ccache ccache; @@ -139,14 +149,37 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got service: %s", (const char *)service); + if ((srvdup = strdup(service)) == NULL) { + retval = PAM_BUF_ERR; + goto cleanup6; + } + krbret = krb5_init_context(&pam_context); if (krbret != 0) { PAM_VERBOSE_ERROR("Kerberos 5 error"); - return (PAM_SERVICE_ERR); + retval = PAM_SERVICE_ERR; + goto cleanup5; } PAM_LOG("Context initialised"); + debug = openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0; + krbret = verify_krb_v5_tgt_begin(pam_context, srvdup, debug, + &auth_service, &auth_princ, auth_phost); + if (krbret != 0) { /* failed to find key */ + /* Keytab or service key does not exist */ + /* + * Give up now because we can't authenticate the KDC + * with a keytab, unless the administrator asked to + * have the traditional behaviour of being vulnerable + * to spoofed KDCs. + */ + if (!openpam_get_option(pamh, PAM_OPT_ALLOW_KDC_SPOOF)) { + retval = PAM_SERVICE_ERR; + goto cleanup4; + } + } + krbret = krb5_cc_register(pam_context, &krb5_mcc_ops, FALSE); if (krbret != 0 && krbret != KRB5_CC_TYPE_EXISTS) { PAM_VERBOSE_ERROR("Kerberos 5 error"); @@ -292,13 +325,11 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Credentials stashed"); /* Verify them */ - if ((srvdup = strdup(service)) == NULL) { - retval = PAM_BUF_ERR; - goto cleanup; - } krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup, - openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0); + debug, + auth_service, auth_princ, auth_phost); free(srvdup); + srvdup = NULL; if (krbret == -1) { PAM_VERBOSE_ERROR("Kerberos 5 error"); krb5_cc_destroy(pam_context, ccache); @@ -349,8 +380,20 @@ cleanup3: PAM_LOG("Done cleanup3"); +cleanup4: + verify_krb_v5_tgt_cleanup(pam_context, debug, + auth_service, auth_princ, auth_phost); + PAM_LOG("Done cleanup4"); + +cleanup5: + if (srvdup != NULL) + free(srvdup); + PAM_LOG("Done cleanup5"); + +cleanup6: if (retval != PAM_SUCCESS) PAM_VERBOSE_ERROR("Kerberos 5 refuses you"); + PAM_LOG("Done cleanup6"); return (retval); } @@ -837,18 +880,18 @@ PAM_MODULE_ENTRY("pam_krb5"); */ /* ARGSUSED */ static int -verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, - char *pam_service, int debug) +verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, + const char **servicep, krb5_principal *princp __unused, char phost[static BUFSIZ]) { krb5_error_code retval; krb5_principal princ; krb5_keyblock *keyblock; - krb5_data packet; - krb5_auth_context auth_context; - char phost[BUFSIZ]; const char *services[3], **service; - packet.data = 0; + *servicep = NULL; + + if (debug) + openlog("pam_krb5", LOG_PID, LOG_AUTHPRIV); /* If possible we want to try and verify the ticket we have * received against a keytab. We will try multiple service @@ -906,14 +949,30 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, krb5_free_error_message(context, msg); } retval = 0; - goto cleanup; } if (keyblock) krb5_free_keyblock(context, keyblock); + return (retval); +} + +static int +verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, + char *pam_service __unused, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ]) +{ + krb5_error_code retval; + krb5_auth_context auth_context = NULL; + krb5_data packet; + + if (service == NULL) + return (0); /* uncertain, can't authenticate KDC */ + + packet.data = 0; + /* Talk to the kdc and construct the ticket. */ auth_context = NULL; - retval = krb5_mk_req(context, &auth_context, 0, *service, phost, + retval = krb5_mk_req(context, &auth_context, 0, service, phost, NULL, ccache, &packet); if (auth_context) { krb5_auth_con_free(context, auth_context); @@ -952,8 +1011,19 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, cleanup: if (packet.data) compat_free_data_contents(context, &packet); - krb5_free_principal(context, princ); - return retval; + return (retval); +} + +static void +verify_krb_v5_tgt_cleanup(krb5_context context, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ] __unused) +{ + + if (service) + krb5_free_principal(context, princ); + if (debug) + closelog(); + } /* Free the memory for cache_name. Called by pam_end() */ From nobody Wed Jun 21 05:41:49 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC724Hz9z4g2BT; Wed, 21 Jun 2023 05:41:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC720msyz3hwT; Wed, 21 Jun 2023 05:41:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326110; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=B+xNXW/LpFZCNZShQqBHi28PQp+RDw141Ri/sZx5cO8=; b=SbntQnLj2UYM1S12Z3a1KJByrCLXCsIZi761xlz1elYv8TaenVaOTAsZQFyQ7u7E4HaLFM hkCE3TGzHMYnZQvvZlSa0aTsAfSN6LW+JE8S98zyTmB3h02z+gLj3bTbJBC7M8uOh3Q7nw hSHhtafmpJkp0oBAO+V2b9nNE5ylYgoVF3oVNpO2pc9R9Alzuj62U3RYWtCPARkxcFL0gX WkCTpPo9XrsEA2W1AY7ineXfVudFyFflf/4hTykbVX4sPYtySF2BpIwuBsvwEqiGvNXIWB 7WtdyYw2fb9TGZ5kGmg2kg0s63yIymSCjk3WLw66l55PGdFPQNTmy5vJ1NsqEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326110; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=B+xNXW/LpFZCNZShQqBHi28PQp+RDw141Ri/sZx5cO8=; b=BsuZX8xftQfyB1pzpCpCly9YbOhjKffRAiYE1Y+520G926HmG15R4n9fnRhJ5W0XaaaoIB RIOn7YkZnuF13LUpljET7BodQ26KSQQuHVJz1oQUsooNpZHZrVLr4oCmnPr3dTj8MB4IRV vVmnsEMVI9qbfZZ1Uxf7w52nOdSZoJ9YOpPAPfRi4qzyTaTFUWbhqyTXCZgoH/jF0Ozl6U V3BepuP3K6V5Y72B5twcvqYbQXcQ2tyfnOt1SN6FQ/5vAMsXtHUxk1ijHnwcBWFZLEZDbO c/67vhPPnpMFALMg2tBLiG2kWJXl7OdmQebQAHMDer8kipJcirAz0jy8tFhqxg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326110; a=rsa-sha256; cv=none; b=DTYk6JkH7HaKogT8Zfz1E2yVIwDEhMcLf+jS/glrLj69fAvL05lDx3AZFKXGg+SJeM7FD2 ANXS3BguhBxR3EvWueIFEiKnnz+hcoQtvpYmKtLDI9qkq5pSbFuHNufbIxaQGvnEQADV2l egFhrL0uDUWlx4qua3QBhU2tGdSyGe29ZwBGWZ4CUR8t/36czEZpAhtjnBZSANAeC18Y16 FBYpfeHJA6YQPQaGDvysajVQchnVkIPgcxZjsPSDzdpxNUyHSE4LeXh/ipiBUl8ynSXhXz y4VN58JJnPxoFPJc4aJkcMcbXBENhIrqh7awJdumWzW67LMBfIa0nawCSjctfQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7170vzzVHC; Wed, 21 Jun 2023 05:41:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5fnvt062742; Wed, 21 Jun 2023 05:41:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5fnnL062741; Wed, 21 Jun 2023 05:41:49 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:41:49 GMT Message-Id: <202306210541.35L5fnnL062741@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 08b87f63a046 - releng/13.2 - Add UPDATING entries and bump version. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.2 X-Git-Reftype: branch X-Git-Commit: 08b87f63a046bd966bd0ed548211ae98ff50e638 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.2 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=08b87f63a046bd966bd0ed548211ae98ff50e638 commit 08b87f63a046bd966bd0ed548211ae98ff50e638 Author: Gordon Tetlow AuthorDate: 2023-06-21 05:40:02 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:40:02 +0000 Add UPDATING entries and bump version. Approved by: so --- UPDATING | 11 +++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index a3063ae3c4d2..a19fcc6cf780 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,17 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20230621: + 13.2-RELEASE-p1 FreeBSD-EN-23:06.loader + FreeBSD-EN-23:07.mpr + FreeBSD-SA-23:04.pam_krb5 + + x86 kernel console configuration [EN-23:06.loader] + + Fix mpr(4) failure to initialize devices [EN-23:07.mpr] + + Fix network authentication attack via pam_krb5 [SA-23:04.pam_krb5] + 20230411: 13.2-RELEASE. diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 52d4ea1070df..e2d05fc79aeb 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -54,7 +54,7 @@ TYPE="FreeBSD" REVISION="13.2" -BRANCH="RELEASE" +BRANCH="RELEASE-p1" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Wed Jun 21 05:42:07 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7N0K6Qz4g25t; Wed, 21 Jun 2023 05:42:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7N04nGz3k5x; Wed, 21 Jun 2023 05:42:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326128; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=blfXuCbR3Uc/RfB66I24yF1fx0w2sEYP2htkozQB4QM=; b=o8BKUy1nadhwVcN6WBrGP93qcxIHoJGTyMyMahDi/q/AfPYg1YGWSNArJKN+Jz/PIMZBKO OCS+N3sf8nUFMwlRAPz/a5zpQTdU2Vp2M2bUEcZUXVSyXR08FsStFOX/1pRlnS8DvCCKSy Cj1L86MB/CvqnW0In/zUhKJ6e3RzZ05xn5q49sN1NB2EQ5iODu1ZlMLA02QhLmcUCH3PQr tvlU7bzFQAJJGtsMZ2Mb23+CmRWJSyqed0ZRwesXNN16MIoHfTvbrHpjZweAYXMrco1IMC 9mii7/4Irv3qAHL4ZkoXwfKDzL+rvYLg2QdENsC6nIBCLlfmULmfVQPt6CJz0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326128; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=blfXuCbR3Uc/RfB66I24yF1fx0w2sEYP2htkozQB4QM=; b=vIXhMh8g3CwLWMvTmnN7ihQiZc3LFlYnFtPfIVhKmaoFec/kxHTq1Tg9tmXdpZoLEOnsG+ Er2XszFeVQkoHRDaSJp5tHxtGK3mTLnWGyTMl00uv2EegTJrZ7MtU3tPm0O2hry9J/s2v6 FtdHbyW01qC5AIjYDDM+m6F30RVa6bzmT32KHD0zJ3r5+7vGVIXkLBRBgnYFnih8B5B2j5 wigh1eZ17ZzSc3ctedXGr5sWZ34SxPMenLVLH4hkCLqNnfK4iMPKPsvxVegLd+CMKvu1/8 R7JgQlU2t2SEVuIVkj0IleELxm/HregcKRxHgN8ul80mwhWPkAixq50EEtS0jw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326128; a=rsa-sha256; cv=none; b=DEUO6scknLYkZjqN/vlAlOXNXQOt1/oBDZye6Mgfx84L2pA5ZZS4m5RNZSe0UfEG97L2rn n8du0oQwrSXCaaY7dKMqmcNsfCRNoc77lPrHtLd3SD857hgNtcc0r5K4JmOEwAzdF3qb+b qOtSdi93iRN5kaZzfvG7L9+DdLzFOTRESn2KMirXj/741GkKVEa4pNcRNPW+9YDSmhPC7B WniY5T73aZpvg4rsKE3+KXgXz/2Zp0QjC5wsJuYTH3xuIaOvVipHVYB4RqptJSpXp/2Y30 FNj0UdOLcBvx2TXdk1RPOnQt2dukE2uE3P/99fVZcVY0nX5hYcU94SGn8aJiHg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7M6H4wzVWx; Wed, 21 Jun 2023 05:42:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5g7kh062931; Wed, 21 Jun 2023 05:42:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5g75Y062930; Wed, 21 Jun 2023 05:42:07 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:07 GMT Message-Id: <202306210542.35L5g75Y062930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 0e577c42f61c - releng/13.1 - contrib/tzdata: import tzdata 2023c List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.1 X-Git-Reftype: branch X-Git-Commit: 0e577c42f61c808a379d82119d1cae8f2046d2bf Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.1 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=0e577c42f61c808a379d82119d1cae8f2046d2bf commit 0e577c42f61c808a379d82119d1cae8f2046d2bf Author: Gordon Tetlow AuthorDate: 2023-06-21 05:03:18 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:03:18 +0000 contrib/tzdata: import tzdata 2023c Changes: https://github.com/eggert/tz/blob/2023c/NEWS The tzdata 2023c release reverts all changes made in 2023b other than commentary, as that appears to be the best of a bad set of short-notice choices for modeling this week's daylight saving chaos in Lebanon. (cherry picked from commit 9fbeeb6e38310b4f42a14c4b043bbee82c5e4752) Cumulative commit including the following cherry-picks: 9cb5b954606ec8a49b6127d2f58f7ee37ca0bb9c 38e0d28fa4e2f98ebb060441f0aeb0536d6fd202 bb7b15831531a85b1d29e80358e3b80cc799094a Approved by: so Security: FreeBSD-EN-23:05.tzdata --- contrib/tzdata/CONTRIBUTING | 2 +- contrib/tzdata/Makefile | 53 ++++++------- contrib/tzdata/NEWS | 143 +++++++++++++++++++++++++++++---- contrib/tzdata/africa | 71 ++++++++++------- contrib/tzdata/antarctica | 2 +- contrib/tzdata/asia | 166 ++++++++++++++++++++++++++++++++++++--- contrib/tzdata/australasia | 44 +++++------ contrib/tzdata/backward | 1 + contrib/tzdata/backzone | 11 ++- contrib/tzdata/checktab.awk | 5 +- contrib/tzdata/europe | 59 +++++++------- contrib/tzdata/leap-seconds.list | 8 +- contrib/tzdata/leapseconds | 8 +- contrib/tzdata/leapseconds.awk | 50 +++++++----- contrib/tzdata/northamerica | 31 ++++---- contrib/tzdata/southamerica | 2 +- contrib/tzdata/theory.html | 66 ++++++++++------ contrib/tzdata/version | 2 +- contrib/tzdata/zone.tab | 29 ++++--- contrib/tzdata/zone1970.tab | 58 +++++++------- 20 files changed, 558 insertions(+), 253 deletions(-) diff --git a/contrib/tzdata/CONTRIBUTING b/contrib/tzdata/CONTRIBUTING index 4c0f56a50265..6d800e4c03a3 100644 --- a/contrib/tzdata/CONTRIBUTING +++ b/contrib/tzdata/CONTRIBUTING @@ -18,7 +18,7 @@ To email small changes, please run a POSIX shell command like 'diff -u old/europe new/europe >myfix.patch', and attach 'myfix.patch' to the email. -For more-elaborate or possibly-controversial changes, +For more-elaborate or possibly controversial changes, such as renaming, adding or removing zones, please read "Theory and pragmatics of the tz code and data" . diff --git a/contrib/tzdata/Makefile b/contrib/tzdata/Makefile index afb9d538a203..6edc73cc6ffb 100644 --- a/contrib/tzdata/Makefile +++ b/contrib/tzdata/Makefile @@ -35,22 +35,14 @@ DATAFORM= main LOCALTIME= Factory -# The POSIXRULES macro controls interpretation of nonstandard and obsolete -# POSIX-like TZ settings like TZ='EET-2EEST' that lack DST transition rules. -# Such a setting uses the rules in a template file to determine -# "spring forward" and "fall back" days and times; the environment -# variable itself specifies UT offsets of standard and daylight saving time. -# +# The POSIXRULES macro controls interpretation of POSIX-like TZ +# settings like TZ='EET-2EEST' that lack DST transition rules. # If POSIXRULES is '-', no template is installed; this is the default. -# # Any other value for POSIXRULES is obsolete and should not be relied on, as: # * It does not work correctly in popular implementations such as GNU/Linux. # * It does not work even in tzcode, except for historical timestamps # that precede the last explicit transition in the POSIXRULES file. # Hence it typically does not work for current and future timestamps. -# In short, software should avoid ruleless settings like TZ='EET-2EEST' -# and so should not depend on the value of POSIXRULES. -# # If, despite the above, you want a template for handling these settings, # you can change the line below (after finding the timezone you want in the # one of the $(TDATA) source files, or adding it to a source file). @@ -63,7 +55,7 @@ LOCALTIME= Factory POSIXRULES= - # Also see TZDEFRULESTRING below, which takes effect only -# if the time zone files cannot be accessed. +# if POSIXRULES is '-' or if the template file cannot be accessed. # Installation locations. @@ -211,7 +203,7 @@ LDLIBS= # -DHAVE_DECL_ENVIRON if declares 'environ' # -DHAVE_DECL_TIMEGM=0 if does not declare timegm # -DHAVE_DIRECT_H if mkdir needs (MS-Windows) -# -DHAVE_GENERIC=0 if _Generic does not work* +# -DHAVE__GENERIC=0 if _Generic does not work* # -DHAVE_GETRANDOM if getrandom works (e.g., GNU/Linux), # -DHAVE_GETRANDOM=0 to avoid using getrandom # -DHAVE_GETTEXT if gettext works (e.g., GNU/Linux, FreeBSD, Solaris), @@ -220,7 +212,7 @@ LDLIBS= # -DHAVE_INCOMPATIBLE_CTIME_R if your system's time.h declares # ctime_r and asctime_r incompatibly with the POSIX standard # (Solaris when _POSIX_PTHREAD_SEMANTICS is not defined). -# -DHAVE_INTTYPES_H=0 if does not work* +# -DHAVE_INTTYPES_H=0 if does not work*+ # -DHAVE_LINK=0 if your system lacks a link function # -DHAVE_LOCALTIME_R=0 if your system lacks a localtime_r function # -DHAVE_LOCALTIME_RZ=0 if you do not want zdump to use localtime_rz @@ -229,22 +221,24 @@ LDLIBS= # -DHAVE_POSIX_DECLS=0 if your system's include files do not declare # functions like 'link' or variables like 'tzname' required by POSIX # -DHAVE_SETENV=0 if your system lacks the setenv function -# -DHAVE_SNPRINTF=0 if your system lacks the snprintf function +# -DHAVE_SNPRINTF=0 if your system lacks the snprintf function+ # -DHAVE_STDCKDINT_H=0 if neither nor substitutes like # __builtin_add_overflow work* -# -DHAVE_STDINT_H=0 if does not work* +# -DHAVE_STDINT_H=0 if does not work*+ # -DHAVE_STRFTIME_L if declares locale_t and strftime_l # -DHAVE_STRDUP=0 if your system lacks the strdup function -# -DHAVE_STRTOLL=0 if your system lacks the strtoll function +# -DHAVE_STRTOLL=0 if your system lacks the strtoll function+ # -DHAVE_SYMLINK=0 if your system lacks the symlink function # -DHAVE_SYS_STAT_H=0 if does not work* # -DHAVE_TZSET=0 if your system lacks a tzset function # -DHAVE_UNISTD_H=0 if does not work* # -DHAVE_UTMPX_H=0 if does not work* # -Dlocale_t=XXX if your system uses XXX instead of locale_t +# -DPORT_TO_C89 if tzcode should also run on C89 platforms+ # -DRESERVE_STD_EXT_IDS if your platform reserves standard identifiers # with external linkage, e.g., applications cannot define 'localtime'. # -Dssize_t=long on hosts like MS-Windows that lack ssize_t +# -DSUPPORT_C89 if the tzcode library should support C89 callers+ # -DSUPPRESS_TZDIR to not prepend TZDIR to file names; this has # security implications and is not recommended for general use # -DTHREAD_SAFE to make localtime.c thread-safe, as POSIX requires; @@ -256,7 +250,13 @@ LDLIBS= # -DTZ_DOMAINDIR=\"/path\" to use "/path" for gettext directory; # the default is system-supplied, typically "/usr/lib/locale" # -DTZDEFRULESTRING=\",date/time,date/time\" to default to the specified -# DST transitions if the time zone files cannot be accessed +# DST transitions for POSIX-style TZ strings lacking them, +# in the usual case where POSIXRULES is '-'. If not specified, +# TZDEFRULESTRING defaults to US rules for future DST transitions. +# This mishandles some past timestamps, as US DST rules have changed. +# It also mishandles settings like TZ='EET-2EEST' for eastern Europe, +# as Europe and US DST rules differ. +# -DTZNAME_MAXIMUM=N to limit time zone abbreviations to N bytes (default 255) # -DUNINIT_TRAP if reading uninitialized storage can cause problems # other than simply getting garbage data # -DUSE_LTZ=0 to build zdump with the system time zone library @@ -273,6 +273,8 @@ LDLIBS= # $(GCC_DEBUG_FLAGS) if you are using recent GCC and want lots of checking # # * Options marked "*" can be omitted if your compiler is C23 compatible. +# * Options marked "+" are obsolescent and are planned to be removed +# once the code assumes C99 or later. # # Select instrumentation via "make GCC_INSTRUMENT='whatever'". GCC_INSTRUMENT = \ @@ -363,7 +365,7 @@ GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ # -DNETBSD_INSPIRED=0 # to the end of the "CFLAGS=" line. Otherwise, the functions # "localtime_rz", "mktime_z", "tzalloc", and "tzfree" are added to the -# time library, and if STD_INSPIRED is also defined the functions +# time library, and if STD_INSPIRED is also defined to nonzero the functions # "posix2time_z" and "time2posix_z" are added as well. # The functions ending in "_z" (or "_rz") are like their unsuffixed # (or suffixed-by-"_r") counterparts, except with an extra first @@ -455,16 +457,13 @@ SAFE_CHARSET3= 'abcdefghijklmnopqrstuvwxyz{|}~' SAFE_CHARSET= $(SAFE_CHARSET1)$(SAFE_CHARSET2)$(SAFE_CHARSET3) SAFE_CHAR= '[]'$(SAFE_CHARSET)'-]' -# These characters are Latin-1, and so are likely to be displayable -# even in editors with limited character sets. -UNUSUAL_OK_LATIN_1 = «°±»½¾× -# This IPA symbol is represented in Unicode as the composition of -# U+0075 and U+032F, and U+032F is not considered alphabetic by some -# grep implementations that do not grok composition. -UNUSUAL_OK_IPA = u̯ +# These non-alphabetic, non-ASCII printable characters are Latin-1, +# and so are likely displayable even in editors like XEmacs 21 +# that have limited display capabilities. +UNUSUAL_OK_LATIN_1 = ¡¢£¤¥¦§¨©«¬®¯°±²³´¶·¸¹»¼½¾¿×÷ # Non-ASCII non-letters that OK_CHAR allows, as these characters are # useful in commentary. -UNUSUAL_OK_CHARSET= $(UNUSUAL_OK_LATIN_1)$(UNUSUAL_OK_IPA) +UNUSUAL_OK_CHARSET= $(UNUSUAL_OK_LATIN_1) # Put this in a bracket expression to match spaces. s = [:space:] @@ -833,7 +832,7 @@ check_slashed_abbrs: $(TDATA_TO_CHECK) CHECK_CC_LIST = { n = split($$1,a,/,/); for (i=2; i<=n; i++) print a[1], a[i]; } -check_sorted: backward backzone iso3166.tab zone.tab zone1970.tab +check_sorted: backward backzone $(AWK) '/^Link/ {printf "%.5d %s\n", g, $$3} !/./ {g++}' \ backward | LC_ALL=C sort -cu $(AWK) '/^Zone/ {print $$2}' backzone | LC_ALL=C sort -cu diff --git a/contrib/tzdata/NEWS b/contrib/tzdata/NEWS index 701e490e4834..b54538aa4a82 100644 --- a/contrib/tzdata/NEWS +++ b/contrib/tzdata/NEWS @@ -1,5 +1,116 @@ News for the tz database +Release 2023c - 2023-03-28 12:42:14 -0700 + + Changes to past and future timestamps + + Model Lebanon's DST chaos by reverting data to tzdb 2023a. + (Thanks to Rany Hany for the heads-up.) + + +Release 2023b - 2023-03-23 19:50:38 -0700 + + Changes to future timestamps + + This year Lebanon springs forward April 20/21 not March 25/26. + (Thanks to Saadallah Itani.) [This was reverted in 2023c.] + + +Release 2023a - 2023-03-22 12:39:33 -0700 + + Briefly: + Egypt now uses DST again, from April through October. + This year Morocco springs forward April 23, not April 30. + Palestine delays the start of DST this year. + Much of Greenland still uses DST from 2024 on. + America/Yellowknife now links to America/Edmonton. + tzselect can now use current time to help infer timezone. + The code now defaults to C99 or later. + Fix use of C23 attributes. + + Changes to future timestamps + + Starting in 2023, Egypt will observe DST from April's last Friday + through October's last Thursday. (Thanks to Ahmad ElDardiry.) + Assume the transition times are 00:00 and 24:00, respectively. + + In 2023 Morocco's spring-forward transition after Ramadan + will occur April 23, not April 30. (Thanks to Milamber.) + Adjust predictions for future years accordingly. This affects + predictions for 2023, 2031, 2038, and later years. + + This year Palestine will delay its spring forward from + March 25 to April 29 due to Ramadan. (Thanks to Heba Hamad.) + Make guesses for future Ramadans too. + + Much of Greenland, represented by America/Nuuk, will continue to + observe DST using European Union rules. When combined with + Greenland's decision not to change the clocks in fall 2023, + America/Nuuk therefore changes from -03/-02 to -02/-01 effective + 2023-10-29 at 01:00 UTC. (Thanks to Thomas M. Steenholdt.) + This change from 2022g doesn't affect timestamps until 2024-03-30, + and doesn't affect tm_isdst until 2023-03-25. + + Changes to past timestamps + + America/Yellowknife has changed from a Zone to a backward + compatibility Link, as it no longer differs from America/Edmonton + since 1970. (Thanks to Almaz Mingaleev.) This affects some + pre-1948 timestamps. The old data are now in 'backzone'. + + Changes to past time zone abbreviations + + When observing Moscow time, Europe/Kirov and Europe/Volgograd now + use the abbreviations MSK/MSD instead of numeric abbreviations, + for consistency with other timezones observing Moscow time. + + Changes to code + + You can now tell tzselect local time, to simplify later choices. + Select the 'time' option in its first prompt. + + You can now compile with -DTZNAME_MAXIMUM=N to limit time zone + abbreviations to N bytes (default 255). The reference runtime + library now rejects POSIX-style TZ strings that contain longer + abbreviations, treating them as UTC. Previously the limit was + platform dependent and abbreviations were silently truncated to + 16 bytes even when the limit was greater than 16. + + The code by default is now designed for C99 or later. To build in + a C89 environment, compile with -DPORT_TO_C89. To support C89 + callers of the tzcode library, compile with -DSUPPORT_C89. The + two new macros are transitional aids planned to be removed in a + future version, when C99 or later will be required. + + The code now builds again on pre-C99 platforms, if you compile + with -DPORT_TO_C89. This fixes a bug introduced in 2022f. + + On C23-compatible platforms tzcode no longer uses syntax like + 'static [[noreturn]] void usage(void);'. Instead, it uses + '[[noreturn]] static void usage(void);' as strict C23 requires. + (Problem reported by Houge Langley.) + + The code's functions now constrain their arguments with the C + 'restrict' keyword consistently with their documentation. + This may allow future optimizations. + + zdump again builds standalone with ckdadd and without setenv, + fixing a bug introduced in 2022g. (Problem reported by panic.) + + leapseconds.awk can now process a leap seconds file that never + expires; this might be useful if leap seconds are discontinued. + + Changes to commentary + + tz-link.html has a new section "Coordinating with governments and + distributors". (Thanks to Neil Fuller for some of the text.) + + To improve tzselect diagnostics, zone1970.tab's comments column is + now limited to countries that have multiple timezones. + + Note that leap seconds are planned to be discontinued by 2035. + + Release 2022g - 2022-11-29 08:58:31 -0800 Briefly: @@ -596,7 +707,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 Starting with 2020a, zic -L truncated its output according to the "Expires" directive or "#expires" comment in the leapseconds file. The resulting TZif files omitted daylight saving transitions after - the leap second table expired, which led to far less-accurate + the leap second table expired, which led to far less accurate predictions of times after the expiry. Although future timestamps cannot be converted accurately in the presence of leap seconds, it is more accurate to convert near-future timestamps with a few @@ -616,7 +727,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 zic -L LEAPFILE -r @LO no longer generates an invalid TZif file that omits leap second information for the range LO..B when LO falls between two leap seconds A and B. Instead, it generates a - TZif version 4 file that represents the previously-missing + TZif version 4 file that represents the previously missing information. The TZif reader now allows the leap second table to begin with a @@ -670,7 +781,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 Fix a bug with 'zic -r @X' when X is a negative leap second that has a nonnegative correction. Without the fix, the output file was truncated so that X appeared to be a positive leap second. - Fix a similar, even-less-likely bug when truncating at a positive + Fix a similar, even less likely bug when truncating at a positive leap second that has a nonpositive correction. zic -r now reports an error if given rolling leap seconds, as this @@ -691,7 +802,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 fixing a bug introduced in 2014g. zdump -v now outputs timestamps at boundaries of what localtime - and gmtime can represent, instead of the less-useful timestamps + and gmtime can represent, instead of the less useful timestamps one day after the minimum and one day before the maximum. (Thanks to Arthur David Olson for prototype code, and to Manuela Friedrich for debugging help.) @@ -2311,7 +2422,7 @@ Release 2016g - 2016-09-13 08:56:38 -0700 names internally. zdump has a new -i option to generate transitions in a - more-compact but still human-readable format. This option is + smaller but still human-readable format. This option is experimental, and the output format may change in future versions. (Thanks to Jon Skeet for suggesting that an option was needed, and thanks to Tim Parenti and Chris Rovick for further comments.) @@ -2333,7 +2444,7 @@ Release 2016g - 2016-09-13 08:56:38 -0700 release 2016g, the version number is now something like '2016g-23-g50556e3-dirty' instead of the misleading '2016g'. Tagged releases use the same version number format as before, - e.g., '2016g'. To support the more-accurate version number, its + e.g., '2016g'. To support the more accurate version number, its specification has moved from a line in the Makefile to a new source file 'version'. @@ -2964,7 +3075,7 @@ Release 2014i - 2014-10-21 22:04:57 -0700 Since Belarus is not changing its clocks even though Moscow is, the time zone abbreviation in Europe/Minsk is changing from FET - to its more-traditional value MSK on 2014-10-26 at 01:00. + to its more traditional value MSK on 2014-10-26 at 01:00. (Thanks to Alexander Bokovoy for the heads-up about Belarus.) The new abbreviation IDT stands for the pre-1976 use of UT +08 in @@ -3056,7 +3167,7 @@ Release 2014h - 2014-09-25 18:59:03 -0700 Changes affecting build procedure - 'make check' now checks better for properly-sorted data. + 'make check' now checks better for properly sorted data. Changes affecting documentation and commentary @@ -3557,7 +3668,7 @@ Release 2014a - 2014-03-07 23:30:29 -0800 Changes affecting past timestamps - Fiji ended DST on 2014-01-19 at 02:00, not the previously-scheduled 03:00. + Fiji ended DST on 2014-01-19 at 02:00, not the previously scheduled 03:00. (Thanks to Steffen Thorsen.) Ukraine switched from Moscow to Eastern European time on 1990-07-01 @@ -3811,7 +3922,7 @@ Release 2013e - 2013-09-19 23:50:04 -0700 Allow POSIX-like TZ strings where the transition time's hour can range from -167 through 167, instead of the POSIX-required 0 through 24. E.g., TZ='FJT-12FJST,M10.3.1/146,M1.3.4/75' for the - new Fiji rules. This is a more-compact way to represent + new Fiji rules. This is a more compact way to represent far-future timestamps for America/Godthab, America/Santiago, Antarctica/Palmer, Asia/Gaza, Asia/Hebron, Asia/Jerusalem, Pacific/Easter, and Pacific/Fiji. Other zones are unaffected by @@ -3819,7 +3930,7 @@ Release 2013e - 2013-09-19 23:50:04 -0700 Allow POSIX-like TZ strings where daylight saving time is in effect all year. E.g., TZ='WART4WARST,J1/0,J365/25' for Western - Argentina Summer Time all year. This supports a more-compact way + Argentina Summer Time all year. This supports a more compact way to represent the 2013d data for America/Argentina/San_Luis. Because of the change for San Luis noted above this change does not affect the current data. (Thanks to Andrew Main (Zefram) for @@ -3908,13 +4019,13 @@ Release 2013e - 2013-09-19 23:50:04 -0700 zdump now outputs "UT" when referring to Universal Time, not "UTC". "UTC" does not make sense for timestamps that predate the introduction - of UTC, whereas "UT", a more-generic term, does. (Thanks to Steve Allen + of UTC, whereas "UT", a more generic term, does. (Thanks to Steve Allen for clarifying UT vs UTC.) Data changes affecting behavior of tzselect and similar programs - Country code BQ is now called the more-common name "Caribbean Netherlands" - rather than the more-official "Bonaire, St Eustatius & Saba". + Country code BQ is now called the more common name "Caribbean Netherlands" + rather than the more official "Bonaire, St Eustatius & Saba". Remove from zone.tab the names America/Montreal, America/Shiprock, and Antarctica/South_Pole, as they are equivalent to existing @@ -4098,7 +4209,7 @@ Release 2013c - 2013-04-19 16:17:40 -0700 Macquarie Island is politically part of Australia, not Antarctica. (Thanks to Tobias Conradi.) - Sort Macquarie more-consistently with other parts of Australia. + Sort Macquarie more consistently with other parts of Australia. (Thanks to Tim Parenti.) @@ -5322,7 +5433,7 @@ Release data1998g - 1998-08-11 03:28:35 -0000 Release data1998f - 1998-07-20 13:50:00 -0000 [tzdata1998f.tar.gz is missing!] - Update the "leapseconds" file to include the newly-announced + Update the "leapseconds" file to include the newly announced insertion at the end of 1998. diff --git a/contrib/tzdata/africa b/contrib/tzdata/africa index cfb9283c045d..6cf4e39c8c45 100644 --- a/contrib/tzdata/africa +++ b/contrib/tzdata/africa @@ -321,6 +321,14 @@ Rule Egypt 2007 only - Sep Thu>=1 24:00 0 - # From Mina Samuel (2016-07-04): # Egyptian government took the decision to cancel the DST, +# From Ahmad ElDardiry (2023-03-01): +# Egypt officially announced today that daylight savings will be +# applied from last Friday of April to last Thursday of October. +# From Paul Eggert (2023-03-01): +# Assume transitions are at 00:00 and 24:00 respectively. +# From Amir Adib (2023-03-07): +# https://www.facebook.com/EgyptianCabinet/posts/638829614954129/ + Rule Egypt 2008 only - Aug lastThu 24:00 0 - Rule Egypt 2009 only - Aug 20 24:00 0 - Rule Egypt 2010 only - Aug 10 24:00 0 - @@ -330,6 +338,8 @@ Rule Egypt 2014 only - May 15 24:00 1:00 S Rule Egypt 2014 only - Jun 26 24:00 0 - Rule Egypt 2014 only - Jul 31 24:00 1:00 S Rule Egypt 2014 only - Sep lastThu 24:00 0 - +Rule Egypt 2023 max - Apr lastFri 0:00 1:00 S +Rule Egypt 2023 max - Oct lastThu 24:00 0 - # Zone NAME STDOFF RULES FORMAT [UNTIL] #STDOFF 2:05:08.9 @@ -429,7 +439,7 @@ Zone Africa/Nairobi 2:27:16 - LMT 1908 May # President William R. Tolbert, Jr., July 23, 1971-July 31, 1972. # Monrovia: Executive Mansion. # -# Use the abbreviation "MMT" before 1972, as the more-accurate numeric +# Use the abbreviation "MMT" before 1972, as the more accurate numeric # abbreviation "-004430" would be one byte over the POSIX limit. # # Zone NAME STDOFF RULES FORMAT [UNTIL] @@ -566,8 +576,8 @@ Zone Africa/Tripoli 0:52:44 - LMT 1920 # DST the coming summer... # # Some sources, in French: -# http://www.defimedia.info/news/946/Rashid-Beebeejaun-:-%C2%AB-L%E2%80%99heure-d%E2%80%99%C3%A9t%C3%A9-ne-sera-pas-appliqu%C3%A9e-cette-ann%C3%A9e-%C2%BB -# http://lexpress.mu/Story/3398~Beebeejaun---Les-objectifs-d-%C3%A9conomie-d-%C3%A9nergie-de-l-heure-d-%C3%A9t%C3%A9-ont-%C3%A9t%C3%A9-atteints- +# http://www.defimedia.info/news/946/Rashid-Beebeejaun-:-«-L%E2%80%99heure-d%E2%80%99été-ne-sera-pas-appliquée-cette-année-» +# http://lexpress.mu/Story/3398~Beebeejaun---Les-objectifs-d-économie-d-énergie-de-l-heure-d-été-ont-été-atteints- # # Our wrap-up: # https://www.timeanddate.com/news/time/mauritius-dst-will-not-repeat.html @@ -698,7 +708,7 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # More articles in the press # https://www.yabiladi.com/articles/details/5058/secret-l-heure-d-ete-maroc-leve.html # http://www.lematin.ma/Actualite/Express/Article.asp?id=148923 -# http://www.lavieeco.com/actualite/Le-Maroc-passe-sur-GMT%2B1-a-partir-de-dim +# http://www.lavieeco.com/actualite/Le-Maroc-passe-sur-GMT+1-a-partir-de-dim # From Petr Machata (2011-03-30): # They have it written in English here: @@ -713,7 +723,7 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # According to Infomédiaire web site from Morocco (infomediaire.ma), # on March 9, 2012, (in French) Heure légale: # Le Maroc adopte officiellement l'heure d'été -# http://www.infomediaire.ma/news/maroc/heure-l%C3%A9gale-le-maroc-adopte-officiellement-lheure-d%C3%A9t%C3%A9 +# http://www.infomediaire.ma/news/maroc/heure-légale-le-maroc-adopte-officiellement-lheure-dété # Governing Council adopted draft decree, that Morocco DST starts on # the last Sunday of March (March 25, 2012) and ends on # last Sunday of September (September 30, 2012) @@ -837,19 +847,28 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # Friday or Saturday (and so the 2 days off are on a weekend), the next time # shift will be the next weekend. # -# From Paul Eggert (2020-05-31): +# From Milamber (2021-03-31, 2022-03-10): +# https://www.mmsp.gov.ma/fr/actualites.aspx?id=2076 +# https://www.ecoactu.ma/horaires-administration-ramadan-gmtheure-gmt-a-partir-de-dimanche-27-mars/ +# +# From Milamber (2023-03-14, 2023-03-15): +# The return to legal GMT time will take place this Sunday, March 19 at 3 a.m. +# ... the return to GMT+1 will be made on Sunday April 23, 2023 at 2 a.m. +# https://www.mmsp.gov.ma/fr/actualites/passage-à-l%E2%80%99heure-gmt-à-partir-du-dimanche-19-mars-2023 +# +# From Paul Eggert (2023-03-14): # For now, guess that in the future Morocco will fall back at 03:00 # the last Sunday before Ramadan, and spring forward at 02:00 the -# first Sunday after two days after Ramadan. To implement this, +# first Sunday after one day after Ramadan. To implement this, # transition dates and times for 2019 through 2087 were determined by -# running the following program under GNU Emacs 26.3. (This algorithm +# running the following program under GNU Emacs 28.2. (This algorithm # also produces the correct transition dates for 2016 through 2018, # though the times differ due to Morocco's time zone change in 2018.) # (let ((islamic-year 1440)) # (require 'cal-islam) # (while (< islamic-year 1511) # (let ((a (calendar-islamic-to-absolute (list 9 1 islamic-year))) -# (b (+ 2 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) +# (b (+ 1 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) # (sunday 0)) # (while (/= sunday (mod (setq a (1- a)) 7))) # (while (/= sunday (mod b 7)) @@ -863,10 +882,6 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # (car (cdr (cdr a))) (calendar-month-name (car a) t) (car (cdr a)) # (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b))))) # (setq islamic-year (+ 1 islamic-year)))) -# -# From Milamber (2021-03-31, 2022-03-10), confirming these predictions: -# https://www.mmsp.gov.ma/fr/actualites.aspx?id=2076 -# https://www.ecoactu.ma/horaires-administration-ramadan-gmtheure-gmt-a-partir-de-dimanche-27-mars/ # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule Morocco 1939 only - Sep 12 0:00 1:00 - @@ -919,7 +934,7 @@ Rule Morocco 2021 only - May 16 2:00 0 - Rule Morocco 2022 only - Mar 27 3:00 -1:00 - Rule Morocco 2022 only - May 8 2:00 0 - Rule Morocco 2023 only - Mar 19 3:00 -1:00 - -Rule Morocco 2023 only - Apr 30 2:00 0 - +Rule Morocco 2023 only - Apr 23 2:00 0 - Rule Morocco 2024 only - Mar 10 3:00 -1:00 - Rule Morocco 2024 only - Apr 14 2:00 0 - Rule Morocco 2025 only - Feb 23 3:00 -1:00 - @@ -935,7 +950,7 @@ Rule Morocco 2029 only - Feb 18 2:00 0 - Rule Morocco 2029 only - Dec 30 3:00 -1:00 - Rule Morocco 2030 only - Feb 10 2:00 0 - Rule Morocco 2030 only - Dec 22 3:00 -1:00 - -Rule Morocco 2031 only - Feb 2 2:00 0 - +Rule Morocco 2031 only - Jan 26 2:00 0 - Rule Morocco 2031 only - Dec 14 3:00 -1:00 - Rule Morocco 2032 only - Jan 18 2:00 0 - Rule Morocco 2032 only - Nov 28 3:00 -1:00 - @@ -951,7 +966,7 @@ Rule Morocco 2036 only - Nov 23 2:00 0 - Rule Morocco 2037 only - Oct 4 3:00 -1:00 - Rule Morocco 2037 only - Nov 15 2:00 0 - Rule Morocco 2038 only - Sep 26 3:00 -1:00 - -Rule Morocco 2038 only - Nov 7 2:00 0 - +Rule Morocco 2038 only - Oct 31 2:00 0 - Rule Morocco 2039 only - Sep 18 3:00 -1:00 - Rule Morocco 2039 only - Oct 23 2:00 0 - Rule Morocco 2040 only - Sep 2 3:00 -1:00 - @@ -967,7 +982,7 @@ Rule Morocco 2044 only - Aug 28 2:00 0 - Rule Morocco 2045 only - Jul 9 3:00 -1:00 - Rule Morocco 2045 only - Aug 20 2:00 0 - Rule Morocco 2046 only - Jul 1 3:00 -1:00 - -Rule Morocco 2046 only - Aug 12 2:00 0 - +Rule Morocco 2046 only - Aug 5 2:00 0 - Rule Morocco 2047 only - Jun 23 3:00 -1:00 - Rule Morocco 2047 only - Jul 28 2:00 0 - Rule Morocco 2048 only - Jun 7 3:00 -1:00 - @@ -983,7 +998,7 @@ Rule Morocco 2052 only - Jun 2 2:00 0 - Rule Morocco 2053 only - Apr 13 3:00 -1:00 - Rule Morocco 2053 only - May 25 2:00 0 - Rule Morocco 2054 only - Apr 5 3:00 -1:00 - -Rule Morocco 2054 only - May 17 2:00 0 - +Rule Morocco 2054 only - May 10 2:00 0 - Rule Morocco 2055 only - Mar 28 3:00 -1:00 - Rule Morocco 2055 only - May 2 2:00 0 - Rule Morocco 2056 only - Mar 12 3:00 -1:00 - @@ -999,7 +1014,7 @@ Rule Morocco 2060 only - Mar 7 2:00 0 - Rule Morocco 2061 only - Jan 16 3:00 -1:00 - Rule Morocco 2061 only - Feb 27 2:00 0 - Rule Morocco 2062 only - Jan 8 3:00 -1:00 - -Rule Morocco 2062 only - Feb 19 2:00 0 - +Rule Morocco 2062 only - Feb 12 2:00 0 - Rule Morocco 2062 only - Dec 31 3:00 -1:00 - Rule Morocco 2063 only - Feb 4 2:00 0 - Rule Morocco 2063 only - Dec 16 3:00 -1:00 - @@ -1015,7 +1030,7 @@ Rule Morocco 2067 only - Dec 11 2:00 0 - Rule Morocco 2068 only - Oct 21 3:00 -1:00 - Rule Morocco 2068 only - Dec 2 2:00 0 - Rule Morocco 2069 only - Oct 13 3:00 -1:00 - -Rule Morocco 2069 only - Nov 24 2:00 0 - +Rule Morocco 2069 only - Nov 17 2:00 0 - Rule Morocco 2070 only - Oct 5 3:00 -1:00 - Rule Morocco 2070 only - Nov 9 2:00 0 - Rule Morocco 2071 only - Sep 20 3:00 -1:00 - @@ -1031,7 +1046,7 @@ Rule Morocco 2075 only - Sep 15 2:00 0 - Rule Morocco 2076 only - Jul 26 3:00 -1:00 - Rule Morocco 2076 only - Sep 6 2:00 0 - Rule Morocco 2077 only - Jul 18 3:00 -1:00 - -Rule Morocco 2077 only - Aug 29 2:00 0 - +Rule Morocco 2077 only - Aug 22 2:00 0 - Rule Morocco 2078 only - Jul 10 3:00 -1:00 - Rule Morocco 2078 only - Aug 14 2:00 0 - Rule Morocco 2079 only - Jun 25 3:00 -1:00 - @@ -1041,13 +1056,13 @@ Rule Morocco 2080 only - Jul 21 2:00 0 - Rule Morocco 2081 only - Jun 1 3:00 -1:00 - Rule Morocco 2081 only - Jul 13 2:00 0 - Rule Morocco 2082 only - May 24 3:00 -1:00 - -Rule Morocco 2082 only - Jul 5 2:00 0 - +Rule Morocco 2082 only - Jun 28 2:00 0 - Rule Morocco 2083 only - May 16 3:00 -1:00 - Rule Morocco 2083 only - Jun 20 2:00 0 - Rule Morocco 2084 only - Apr 30 3:00 -1:00 - Rule Morocco 2084 only - Jun 11 2:00 0 - Rule Morocco 2085 only - Apr 22 3:00 -1:00 - -Rule Morocco 2085 only - Jun 3 2:00 0 - +Rule Morocco 2085 only - May 27 2:00 0 - Rule Morocco 2086 only - Apr 14 3:00 -1:00 - Rule Morocco 2086 only - May 19 2:00 0 - Rule Morocco 2087 only - Mar 30 3:00 -1:00 - @@ -1190,15 +1205,15 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # From P Chan (2020-12-03): # GMT was adopted as the standard time of Lagos on 1905-07-01. # Lagos Weekly Record, 1905-06-24, p 3 -# http://ddsnext.crl.edu/titles/31558#?c=0&m=668&s=0&cv=2&r=0&xywh=1446%2C5221%2C1931%2C1235 +# http://ddsnext.crl.edu/titles/31558#?c=0&m=668&s=0&cv=2&r=0&xywh=1446,5221,1931,1235 # says "It is officially notified that on and after the 1st of July 1905 -# Greenwich Mean Solar Time will be adopted thought the Colony and +# Greenwich Mean Solar Time will be adopted throughout the Colony and # Protectorate, and that it will be necessary to put all clocks 13 minutes and # 35 seconds back, recording local mean time." # # It seemed that Lagos returned to LMT on 1908-07-01. # [The Lagos Standard], 1908-07-01, p 5 -# http://ddsnext.crl.edu/titles/31556#?c=0&m=78&s=0&cv=4&r=0&xywh=-92%2C3590%2C3944%2C2523 +# http://ddsnext.crl.edu/titles/31556#?c=0&m=78&s=0&cv=4&r=0&xywh=-92,3590,3944,2523 # says "Scarcely have the people become accustomed to this new time, when # another official notice has now appeared announcing that from and after the # 1st July next, return will be made to local mean time." @@ -1210,7 +1225,7 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # https://libsysdigi.library.illinois.edu/ilharvest/Africana/Books2011-05/3064634/3064634_1914/3064634_1914_opt.pdf#page=27 # "On January 1st [1914], a universal standard time for Nigeria was adopted, # viz., half an hour fast on Greenwich mean time, corresponding to the meridian -# 7 [degrees] 30' E. long." +# 7° 30' E. long." # Lloyd's Register of Shipping (1915) says "Hitherto the time observed in Lagos # was the local mean time. On 1st January, 1914, standard time for the whole of # Nigeria was introduced ... Lagos time has been advanced about 16 minutes @@ -1228,7 +1243,7 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # The Lagos Weekly Record, 1919-09-20, p 3 details discussion on the first # reading of this Bill by the Legislative Council of the Colony of Nigeria on # Thursday 1919-08-28: -# http://ddsnext.crl.edu/titles/31558?terms&item_id=303484#?m=1118&c=1&s=0&cv=2&r=0&xywh=1261%2C3408%2C2994%2C1915 +# http://ddsnext.crl.edu/titles/31558?terms&item_id=303484#?m=1118&c=1&s=0&cv=2&r=0&xywh=1261,3408,2994,1915 # "The proposal is that the Globe should be divided into twelve zones East and # West of Greenwich, of one hour each, Nigeria falling into the zone with a # standard of one hour fast on Greenwich Mean Time. Nigeria standard time is diff --git a/contrib/tzdata/antarctica b/contrib/tzdata/antarctica index f02755ae856f..fc603e9996de 100644 --- a/contrib/tzdata/antarctica +++ b/contrib/tzdata/antarctica @@ -292,7 +292,7 @@ Zone Antarctica/Rothera 0 - -00 1976 Dec 1 # but that he found it more convenient to keep GMT+12 # as supplies for the station were coming from McMurdo Sound, # which was on GMT+12 because New Zealand was on GMT+12 all year -# at that time (1957). (Source: Siple's book 90 Degrees South.) +# at that time (1957). (Source: Siple's book 90° South.) # # From Susan Smith # http://www.cybertours.com/whs/pole10.html diff --git a/contrib/tzdata/asia b/contrib/tzdata/asia index 199e6ad6adc3..a29a4dc0c4de 100644 --- a/contrib/tzdata/asia +++ b/contrib/tzdata/asia @@ -2691,6 +2691,40 @@ Zone Asia/Pyongyang 8:23:00 - LMT 1908 Apr 1 # Lebanon +# +# From Saadallah Itani (2023-03-23): +# Lebanon ... announced today delay of Spring forward from March 25 to April 20. +# +# From Paul Eggert (2023-03-27): +# This announcement was by the Lebanese caretaker prime minister Najib Mikati. +# https://www.mtv.com.lb/en/News/Local/1352516/lebanon-postpones-daylight-saving-time-adoption +# A video was later leaked to the media of parliament speaker Nabih Berri +# asking Mikati to postpone DST to aid observance of Ramadan, Mikati objecting +# that this would cause problems such as scheduling airline flights, to which +# Berri interjected, "What flights?" +# +# The change was controversial and led to a partly-sectarian divide. +# Many Lebanese institutions, including the education ministry, the Maronite +# church, and two news channels LCBI and MTV, ignored the announcement and +# went ahead with the long-scheduled spring-forward on March 25/26, some +# arguing that the prime minister had not followed the law because the change +# had not been approved by the cabinet. Google went with the announcement; +# Apple ignored it. At least one bank followed the announcement for its doors, +# but ignored the announcement in internal computer systems. +# Beirut international airport listed two times for each departure. +# Dan Azzi wrote "My view is that this whole thing is a Dumb and Dumber movie." +# Eventually the prime minister backed down, said the cabinet had decided to +# stick with its 1998 decision, and that DST would begin midnight March 29/30. +# https://www.nna-leb.gov.lb/en/miscellaneous/604093/lebanon-has-two-times-of-day-amid-daylight-savings +# https://www.cnbc.com/2023/03/27/lebanon-in-two-different-time-zones-as-government-disagrees-on-daylight-savings.html +# +# Although we could model the chaos with two Zones, that would likely cause +# more trouble than it would cure. Since so many manual clocks and +# computer-based timestamps ignored the announcement, stick with official +# cabinet resolutions in the data while recording the prime minister's +# announcement as a comment. This is how we treated a similar situation in +# Rio de Janeiro in spring 1993. +# # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule Lebanon 1920 only - Mar 28 0:00 1:00 S Rule Lebanon 1920 only - Oct 25 0:00 0 - @@ -2716,6 +2750,10 @@ Rule Lebanon 1992 only - Oct 4 0:00 0 - Rule Lebanon 1993 max - Mar lastSun 0:00 1:00 S Rule Lebanon 1993 1998 - Sep lastSun 0:00 0 - Rule Lebanon 1999 max - Oct lastSun 0:00 0 - +# This one-time rule, announced by the prime minister first for April 21 +# then for March 30, is commented out for reasons described above. +#Rule Lebanon 2023 only - Mar 30 0:00 1:00 S + # Zone NAME STDOFF RULES FORMAT [UNTIL] Zone Asia/Beirut 2:22:00 - LMT 1880 2:00 Lebanon EE%sT @@ -2954,7 +2992,7 @@ Zone Asia/Kathmandu 5:41:16 - LMT 1920 # 9pm and moving clocks forward by one hour for the next three months. ...." # # http://www.worldtimezone.com/dst_news/dst_news_pakistan01.html -# http://www.dailytimes.com.pk/default.asp?page=2008%5C05%5C15%5Cstory_15-5-2008_pg1_4 +# http://www.dailytimes.com.pk/default.asp?page=2008\05\15\story_15-5-2008_pg1_4 # From Arthur David Olson (2008-05-19): # XXX--midnight transitions is a guess; 2008 only is a guess. @@ -3277,7 +3315,7 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # Some of many sources in Arabic: # http://www.samanews.com/index.php?act=Show&id=122638 # -# http://safa.ps/details/news/74352/%D8%A8%D8%AF%D8%A1-%D8%A7%D9%84%D8%AA%D9%88%D9%82%D9%8A%D8%AA-%D8%A7%D9%84%D8%B5%D9%8A%D9%81%D9%8A-%D8%A8%D8%A7%D9%84%D8%B6%D9%81%D8%A9-%D9%88%D8%BA%D8%B2%D8%A9-%D9%84%D9%8A%D9%84%D8%A9-%D8%A7%D9%84%D8%AC%D9%85%D8%B9%D8%A9.html +# http://safa.ps/details/news/74352/بدء-التوقيت-الصيفي-بالضفة-وغزة-ليلة-الجمعة.html # # Our brief summary: # https://www.timeanddate.com/news/time/gaza-west-bank-dst-2012.html @@ -3287,7 +3325,7 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # time from midnight on Friday, March 29, 2013" (translated). # [These are in Arabic and are for Gaza and for Ramallah, respectively.] # http://www.samanews.com/index.php?act=Show&id=154120 -# http://safa.ps/details/news/99844/%D8%B1%D8%A7%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A8%D8%AF%D8%A1-%D8%A7%D9%84%D8%AA%D9%88%D9%82%D9%8A%D8%AA-%D8%A7%D9%84%D8%B5%D9%8A%D9%81%D9%8A-29-%D8%A7%D9%84%D8%AC%D8%A7%D8%B1%D9%8A.html +# http://safa.ps/details/news/99844/رام-الله-بدء-التوقيت-الصيفي-29-الجاري.html # From Steffen Thorsen (2013-09-24): # The Gaza and West Bank are ending DST Thursday at midnight @@ -3385,9 +3423,41 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # (2022-08-31): ... the Saturday before the last Sunday in March and October # at 2:00 AM ,for the years from 2023 to 2026. # (2022-09-05): https://mtit.pna.ps/Site/New/1453 -# -# From Paul Eggert (2022-08-31): -# For now, assume that this rule will also be used after 2026. + +# From Heba Hamad (2023-03-22): +# ... summer time will begin in Palestine from Saturday 04-29-2023, +# 02:00 AM by 60 minutes forward. +# +# From Paul Eggert (2023-03-22): +# For now, guess that spring and fall transitions will normally +# continue to use 2022's rules, that during DST Palestine will switch +# to standard time at 02:00 the last Saturday before Ramadan and back +# to DST at 02:00 the first Saturday after Ramadan, and that +# if the normal spring-forward or fall-back transition occurs during +# Ramadan the former is delayed and the latter advanced. +# To implement this, I predicted Ramadan-oriented transition dates for +# 2023 through 2086 by running the following program under GNU Emacs 28.2, +# with the results integrated by hand into the table below. +# Predictions after 2086 are approximated without Ramadan. +# +# (let ((islamic-year 1444)) +# (require 'cal-islam) +# (while (< islamic-year 1510) +# (let ((a (calendar-islamic-to-absolute (list 9 1 islamic-year))) +# (b (+ 1 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) +# (saturday 6)) +# (while (/= saturday (mod (setq a (1- a)) 7))) +# (while (/= saturday (mod b 7)) +# (setq b (1+ b))) +# (setq a (calendar-gregorian-from-absolute a)) +# (setq b (calendar-gregorian-from-absolute b)) +# (insert +# (format +# (concat "Rule Palestine\t%d\tonly\t-\t%s\t%2d\t2:00\t0\t-\n" +# "Rule Palestine\t%d\tonly\t-\t%s\t%2d\t2:00\t1:00\tS\n") +# (car (cdr (cdr a))) (calendar-month-name (car a) t) (car (cdr a)) +# (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b))))) +# (setq islamic-year (+ 1 islamic-year)))) # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule EgyptAsia 1957 only - May 10 0:00 1:00 S @@ -3427,8 +3497,86 @@ Rule Palestine 2020 2021 - Mar Sat<=30 0:00 1:00 S Rule Palestine 2020 only - Oct 24 1:00 0 - Rule Palestine 2021 only - Oct 29 1:00 0 - Rule Palestine 2022 only - Mar 27 0:00 1:00 S -Rule Palestine 2022 max - Oct Sat<=30 2:00 0 - -Rule Palestine 2023 max - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2022 2035 - Oct Sat<=30 2:00 0 - +Rule Palestine 2023 only - Apr 29 2:00 1:00 S +Rule Palestine 2024 only - Apr 13 2:00 1:00 S +Rule Palestine 2025 only - Apr 5 2:00 1:00 S +Rule Palestine 2026 2054 - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2036 only - Oct 18 2:00 0 - +Rule Palestine 2037 only - Oct 10 2:00 0 - +Rule Palestine 2038 only - Sep 25 2:00 0 - +Rule Palestine 2039 only - Sep 17 2:00 0 - +Rule Palestine 2039 only - Oct 22 2:00 1:00 S +Rule Palestine 2039 2067 - Oct Sat<=30 2:00 0 - +Rule Palestine 2040 only - Sep 1 2:00 0 - +Rule Palestine 2040 only - Oct 13 2:00 1:00 S +Rule Palestine 2041 only - Aug 24 2:00 0 - +Rule Palestine 2041 only - Sep 28 2:00 1:00 S +Rule Palestine 2042 only - Aug 16 2:00 0 - +Rule Palestine 2042 only - Sep 20 2:00 1:00 S +Rule Palestine 2043 only - Aug 1 2:00 0 - +Rule Palestine 2043 only - Sep 12 2:00 1:00 S +Rule Palestine 2044 only - Jul 23 2:00 0 - +Rule Palestine 2044 only - Aug 27 2:00 1:00 S +Rule Palestine 2045 only - Jul 15 2:00 0 - +Rule Palestine 2045 only - Aug 19 2:00 1:00 S +Rule Palestine 2046 only - Jun 30 2:00 0 - +Rule Palestine 2046 only - Aug 11 2:00 1:00 S +Rule Palestine 2047 only - Jun 22 2:00 0 - +Rule Palestine 2047 only - Jul 27 2:00 1:00 S +Rule Palestine 2048 only - Jun 6 2:00 0 - +Rule Palestine 2048 only - Jul 18 2:00 1:00 S +Rule Palestine 2049 only - May 29 2:00 0 - +Rule Palestine 2049 only - Jul 3 2:00 1:00 S +Rule Palestine 2050 only - May 21 2:00 0 - +Rule Palestine 2050 only - Jun 25 2:00 1:00 S +Rule Palestine 2051 only - May 6 2:00 0 - +Rule Palestine 2051 only - Jun 17 2:00 1:00 S +Rule Palestine 2052 only - Apr 27 2:00 0 - +Rule Palestine 2052 only - Jun 1 2:00 1:00 S +Rule Palestine 2053 only - Apr 12 2:00 0 - +Rule Palestine 2053 only - May 24 2:00 1:00 S +Rule Palestine 2054 only - Apr 4 2:00 0 - +Rule Palestine 2054 only - May 16 2:00 1:00 S +Rule Palestine 2055 only - May 1 2:00 1:00 S +Rule Palestine 2056 only - Apr 22 2:00 1:00 S +Rule Palestine 2057 only - Apr 7 2:00 1:00 S +Rule Palestine 2058 max - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2068 only - Oct 20 2:00 0 - +Rule Palestine 2069 only - Oct 12 2:00 0 - +Rule Palestine 2070 only - Oct 4 2:00 0 - +Rule Palestine 2071 only - Sep 19 2:00 0 - +Rule Palestine 2072 only - Sep 10 2:00 0 - +Rule Palestine 2072 only - Oct 15 2:00 1:00 S +Rule Palestine 2073 only - Sep 2 2:00 0 - +Rule Palestine 2073 only - Oct 7 2:00 1:00 S +Rule Palestine 2074 only - Aug 18 2:00 0 - +Rule Palestine 2074 only - Sep 29 2:00 1:00 S +Rule Palestine 2075 only - Aug 10 2:00 0 - +Rule Palestine 2075 only - Sep 14 2:00 1:00 S +Rule Palestine 2075 max - Oct Sat<=30 2:00 0 - +Rule Palestine 2076 only - Jul 25 2:00 0 - +Rule Palestine 2076 only - Sep 5 2:00 1:00 S +Rule Palestine 2077 only - Jul 17 2:00 0 - +Rule Palestine 2077 only - Aug 28 2:00 1:00 S +Rule Palestine 2078 only - Jul 9 2:00 0 - +Rule Palestine 2078 only - Aug 13 2:00 1:00 S +Rule Palestine 2079 only - Jun 24 2:00 0 - +Rule Palestine 2079 only - Aug 5 2:00 1:00 S +Rule Palestine 2080 only - Jun 15 2:00 0 - +Rule Palestine 2080 only - Jul 20 2:00 1:00 S +Rule Palestine 2081 only - Jun 7 2:00 0 - +Rule Palestine 2081 only - Jul 12 2:00 1:00 S +Rule Palestine 2082 only - May 23 2:00 0 - +Rule Palestine 2082 only - Jul 4 2:00 1:00 S +Rule Palestine 2083 only - May 15 2:00 0 - +Rule Palestine 2083 only - Jun 19 2:00 1:00 S +Rule Palestine 2084 only - Apr 29 2:00 0 - +Rule Palestine 2084 only - Jun 10 2:00 1:00 S +Rule Palestine 2085 only - Apr 21 2:00 0 - +Rule Palestine 2085 only - Jun 2 2:00 1:00 S +Rule Palestine 2086 only - Apr 13 2:00 0 - +Rule Palestine 2086 only - May 18 2:00 1:00 S # Zone NAME STDOFF RULES FORMAT [UNTIL] Zone Asia/Gaza 2:17:52 - LMT 1900 Oct @@ -3632,7 +3780,7 @@ Zone Asia/Singapore 6:55:25 - LMT 1901 Jan 1 # standard time is SLST. # # From Paul Eggert (2016-10-18): -# "SLST" seems to be reasonably recent and rarely-used outside time +# "SLST" seems to be reasonably recent and rarely used outside time # zone nerd sources. I searched Google News and found three uses of # it in the International Business Times of India in February and # March of this year when discussing cricket match times, but nothing diff --git a/contrib/tzdata/australasia b/contrib/tzdata/australasia index af0410ab9035..0633a30efd8b 100644 --- a/contrib/tzdata/australasia +++ b/contrib/tzdata/australasia @@ -323,7 +323,7 @@ Zone Antarctica/Macquarie 0 - -00 1899 Nov # From Steffen Thorsen (2013-01-10): # Fiji will end DST on 2014-01-19 02:00: -# http://www.fiji.gov.fj/Media-Center/Press-Releases/DAYLIGHT-SAVINGS-TO-END-THIS-MONTH-%281%29.aspx +# http://www.fiji.gov.fj/Media-Center/Press-Releases/DAYLIGHT-SAVINGS-TO-END-THIS-MONTH-(1).aspx # From Ken Rylander (2014-10-20): # DST will start Nov. 2 this year. @@ -723,7 +723,7 @@ Zone Pacific/Pago_Pago 12:37:12 - LMT 1892 Jul 5 # # Samoa's Daylight Saving Time Act 2009 is available here, but does not # contain any dates: -# http://www.parliament.gov.ws/documents/acts/Daylight%20Saving%20Act%20%202009%20%28English%29%20-%20Final%207-7-091.pdf +# http://www.parliament.gov.ws/documents/acts/Daylight%20Saving%20Act%20%202009%20(English)%20-%20Final%207-7-091.pdf # From Laupue Raymond Hughes (2010-10-07): # Please see @@ -1808,7 +1808,7 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # period. It would probably be reasonable to assume Guam use GMT+9 during # that period of time like the surrounding area. -# From Paul Eggert (2018-11-18): +# From Paul Eggert (2023-01-23): # Howse writes (p 153) "The Spaniards, on the other hand, reached the # Philippines and the Ladrones from America," and implies that the Ladrones # (now called the Marianas) kept American date for quite some time. @@ -1821,7 +1821,7 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # they did as that avoids the need for a separate zone due to our 1970 cutoff. # # US Public Law 106-564 (2000-12-23) made UT +10 the official standard time, -# under the name "Chamorro Standard Time". There is no official abbreviation, +# under the name "Chamorro standard time". There is no official abbreviation, # but Congressman Robert A. Underwood, author of the bill that became law, # wrote in a press release (2000-12-27) that he will seek the use of "ChST". @@ -2199,24 +2199,18 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # an international standard, there are some places on the high seas where the # correct date is ambiguous. -# From Wikipedia (2005-08-31): -# Before 1920, all ships kept local apparent time on the high seas by setting -# their clocks at night or at the morning sight so that, given the ship's *** 999 LINES SKIPPED *** From nobody Wed Jun 21 05:42:08 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7P3TZLz4g1pk; Wed, 21 Jun 2023 05:42:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7P29phz3k3q; Wed, 21 Jun 2023 05:42:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326129; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Clj+xIVDIrjA4Xv0CaEFmf9aiTXs26a3vQ//h2Tx3k=; b=mcQm3f5cRT0kLIfdYM/FnNUu2VSyfjeS+VIAm0ViWiJye1CGKhRoV0135VrHUhSLPp3Qq6 LQF1MFfKRkcr/8AmdsMfZyC/kgXjIN3G6U3O/N4jJqdueTTKSUYWM8IwyZwlBJY+8kvXJT TmJeBZhK8YDHdfms+SOL2lCh+RuKEpktKkpx94VwK6tDNMBXkLfQy0d2Sho35xUMb3eP4t 0EbcFAjcBFnoXc00Zfm+7GUMppV1tRdiQN2AkdZTd+I6EOoHYB2P7a6PvZoqnGsAJ+DwKq FzO+OP+4aOj6nxAdGI8zFF+Mc8IMUW/JhHsR/KI61WlUMW08lWaPBJ+OvfiyUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326129; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Clj+xIVDIrjA4Xv0CaEFmf9aiTXs26a3vQ//h2Tx3k=; b=EjRyhdGqBnEqQoQUxyJ1Z5ijvN7VJ1KV6uYkjDr5T68nZHkBFzbkh+WB2IzwSVvVTUbOAs wtdlXSV4NJJ4WK5NigTpxo6UpJ4WKXnjaMEntNgZsnLWaXdvWOtIbwsDx0CoDP7hVpoQU6 4VDU/8uhOS8v+Dmck1gm6fNlwnT/d0G5ui5SPqg9+Y7m6roE6FpJPvLexww6qQMwi2aucs w2Dq5pPnEjHjUxe2ow3TkgGAHMp7HED/sRhnec8Oyj5KxOA2ujN4ms+a77a3y7NU0APLum 7VDkrjnVCbA4xaK8Jzkd57V0O+Xinn2b2WNPx6oVObwIFRR3nd2knhYijukEnw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326129; a=rsa-sha256; cv=none; b=tpnSSTguEfyzIbKPM+ZYqXw69xO0C0jiRFwwBTRCQS4y3XKAdSBzdZ0dCafIwsfNBFNzy/ gHINccnOBQI9P8+xwX9IhP3L+uyXbQKPchAXRjDfMytttSlL6KqKJFjTfwOfiPIDx6NVaj WniipTMl/ixHqhudUcJnkWzWQIdaB4fvDB3LwiPBpS+JnzyXUywziGReLD58kiHFwxm/Gd DDy5i2pjrRzQSAy34J8pNYQMWtCL9gTaflw7FXSawqNirSZSM35w7H8ypOw/20hR+OTos3 QjRrPVHjXiCTAzBZFp0Ghyh6L5dIQqNyL+M+FiZQ/f4zKysblbkaeMBApD3Ypw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7P09dPzVHF; Wed, 21 Jun 2023 05:42:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5g8HH062955; Wed, 21 Jun 2023 05:42:08 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5g8dR062954; Wed, 21 Jun 2023 05:42:08 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:08 GMT Message-Id: <202306210542.35L5g8dR062954@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 5d2bbb9db2d2 - releng/13.1 - loader: comconsole: don't unconditionally wipe out hw.uart.console List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.1 X-Git-Reftype: branch X-Git-Commit: 5d2bbb9db2d2c61629dcaee17cb269593e75d267 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.1 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=5d2bbb9db2d2c61629dcaee17cb269593e75d267 commit 5d2bbb9db2d2c61629dcaee17cb269593e75d267 Author: Kyle Evans AuthorDate: 2023-04-14 04:41:22 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:05:51 +0000 loader: comconsole: don't unconditionally wipe out hw.uart.console It may be the case that we need to set hw.uart.console manually in some scenarios that comconsole can't necessarily support. Avoid clobbering hw.uart.console unless we've actually selected comconsole so that one could at least get kernel console output.. Discussed with: imp Sponsored by: Zenith Electronics LLC Sponsored by: Klara, Inc. (cherry picked from commit ec671f4980437008b0119c6367816083e15fa503) (cherry picked from commit 362677cae8e9ac4c6f7ff4d74a4378ea11d47797) Approved by: so Security: FreeBSD-EN-23:06.loader --- stand/i386/libi386/comconsole.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/stand/i386/libi386/comconsole.c b/stand/i386/libi386/comconsole.c index ed1f1aa08ed7..6d48e876fa37 100644 --- a/stand/i386/libi386/comconsole.c +++ b/stand/i386/libi386/comconsole.c @@ -324,12 +324,13 @@ comc_setup(int speed, int port) char intbuf[64]; int tries; - unsetenv("hw.uart.console"); comc_curspeed = speed; comc_port = port; if ((comconsole.c_flags & (C_ACTIVEIN | C_ACTIVEOUT)) == 0) return; + unsetenv("hw.uart.console"); + #define COMC_TEST 0xbb /* * Write byte to scratch register and read it out. From nobody Wed Jun 21 05:42:10 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7Q4s4tz4g1vW; Wed, 21 Jun 2023 05:42:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7Q37l7z3k45; Wed, 21 Jun 2023 05:42:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HHQlfJvkbOnjFXBIFRP6aawrky4BClMCff3N+nFHjGc=; b=TGtQy+PXgU8Swk98sOD5rwu20DIK+gr4sq4UWXkNJvz/8weoJP+FTqUIbTmEB1sK64VdqB UORpcgf2/sX8YWOPt+oyLiZdNpFa4extvC+HMHu3OJSd+h0R2PpKQGwmUzOZHt6hC7EsIT aQYN81HbXajK3Pj3hCKJ/KgAbazVbvjPcsxdKgFoKDPH7hm2a81UB4oEohWeavPSq0yBY8 dF/4bOpft+eBhJQk4kdU/5LbT8h74xaAWcfbSMvoi/E0thw334eb5rVJ6NkhcdATB9Greg 15Ao3sOHsQilAS0ndrGZ9eAL8WYsNt2c26xH5Ooz/4o53pMidd9ww7DJfh60+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HHQlfJvkbOnjFXBIFRP6aawrky4BClMCff3N+nFHjGc=; b=fT0y3VwLKEWE4EfSTcSLGtdMtbNEOwt/iP4CzhHH0PMUG7eBEUOEkgj6Vw+g4usgJdaAqD yJdwnvsSO6Q0644CpK8+q2QAp9kZpU42++SfP3GoKMaFKP5oTdRsjWQ4agRkVc7dp5B2zO /q5e51i7HvLLFg5kf9Qbhjc+hpQLxv7xIDHXI5NRTBX6TR/guXB1C5j9tem+bu3CVwhNxm Yo/RUCT7lNSZDJ6cViquoRVPWS1ctM9gh+Do8LyY6dFlZJBEqjdOicE8mmwQh+R6Ep4cWp OC/hqLGrNEUfu43ITT4ABdtkgCDLBXf6Reufs/QVuWfNgK1QUxuNf9/EKDbDFg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326130; a=rsa-sha256; cv=none; b=Kj/6I4fPUMYRKlo6GPrgr3JLaAosSGcfnn66RsNPnUbQYjId6lW4skSAreon1/auTRhKwD 0fTMXoy4p/d68LeOBmzTdk9XnTKnkCro1F35mhPOs10qm3WTMCklScjJ0i+Foycnx1CU88 zYOyfzE/p7gBBAWgSGjtvfVe/2Rot05X6A9mNs3cyaAvvhLBHpJCiC1ah9ldJUizBJU3Qj iP2rFRPYujTP0qExkqnZtQzWNPxTs2srcocGunjT4sjycDPEYVfGJvM2hmqY9E/2pa5YNT biAqedfYyRPRlc4lawvY4KISPIJ2LRalgmvFp4nW0Wtc9Jfpk6/QEk0CFRQhEA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7Q150SzVc9; Wed, 21 Jun 2023 05:42:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gA3D062974; Wed, 21 Jun 2023 05:42:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gAnY062973; Wed, 21 Jun 2023 05:42:10 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:10 GMT Message-Id: <202306210542.35L5gAnY062973@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: bc61a15ededc - releng/13.1 - mpr: fix copying of event_mask List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.1 X-Git-Reftype: branch X-Git-Commit: bc61a15ededc1b49ea183b1d23b8bcdbee64d99f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.1 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=bc61a15ededc1b49ea183b1d23b8bcdbee64d99f commit bc61a15ededc1b49ea183b1d23b8bcdbee64d99f Author: Mariusz Zaborski AuthorDate: 2023-04-21 07:50:16 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:07:50 +0000 mpr: fix copying of event_mask Before the commit 6cc44223cb6717795afdac4348bbe7e2a968a07d the field event_mask was fully copied to the EventMasks field. After this commit the event_mask (uint8_t) is 4 times casted to EventMask (uint32_t). Because of that 24 bits of each event_mask array is lost. This commits brings back simple copying of field, and after words converting 32 bits field to the requested endian. I don't think we need more sophisticated method, as the array is of size 4 (for 32 bits version). Reviewed by: imp MFC after: 1 week Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D39562 (cherry picked from commit ea6597c38c77c7bfaae71259d8636cbb89add6a3) (cherry picked from commit e7a3a08febd01c95b74185bb971ec29cca64b8e1) Approved by: so Security: FreeBSD-EN-23:07.mpr --- sys/dev/mpr/mpr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c index 0f4c5c906216..fe8ca620b7c8 100644 --- a/sys/dev/mpr/mpr.c +++ b/sys/dev/mpr/mpr.c @@ -2764,8 +2764,9 @@ mpr_update_events(struct mpr_softc *sc, struct mpr_event_handle *handle, bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; @@ -2819,8 +2820,9 @@ mpr_reregister_events(struct mpr_softc *sc) bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; From nobody Wed Jun 21 05:42:11 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7R5wlBz4g1pp; Wed, 21 Jun 2023 05:42:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7R4B47z3k6n; Wed, 21 Jun 2023 05:42:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326131; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UCsgcWeLu7Mt3atmE4/pq4ZBHvSLJkNlEWKPM76ric4=; b=WHtths7xBcpJUX3kmIqXvAu4OgSg62TK2qkWh8x6d81QQqdoBQZYYFWdjLIdS7OnrF23po b5MtF17err1458eKEvTq6mnIRxM2FUmGx7V8MdMIBfur3YCwSsjwoNAF+3u4Pb0Ws+oqGi o2e+l1z06VgRyyzWseWtHMX4QGB8zn0E7dM+PlquFl/6DVSw0hGPeG6wDy9x92pJEnh8aj Iy6IPpK4A6Hf1wQ1xLNTk7IVEjgTxdLMaFyO8qqBK2S0ycLl/LApWbrz0uL5uQW8JuD9qx FkeIdOE/7X5R7MWgiY5a5OhCpVOxBha7hyI8gO9ZGvyXJ4OkHtlJw1j3lpa1Rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326131; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UCsgcWeLu7Mt3atmE4/pq4ZBHvSLJkNlEWKPM76ric4=; b=D37mPRs2eKEnSn1iAKPbLpY42WAHuHvTygbGGqhziyf0QBYbr9VJIDOW8WWeClEyVridi5 5vln+Qn0JnFCyeaYWq+jmvOhfzc6xw4U9WeiL4zU4VZUjyDXJUiorr0bFIipQLMH1AoYy8 HZz28pvhh2lHtCB6SkR6EKXS38B5qXTnbAAXQw6f5ae5FbSwqPYNUVpyIzPeokD78lR8Fd i6ZqTiEnMB6NqH9bL0p8Oy8r/TAi2Pp69aZyeJVLAJdap/XYMlGCDur0zo6nYNf/NkIMzT dYKajnPZHf685iYX0TnUd6F56wsyRQ8NB+OiO7GX1NouOPz2CQ0wlEo+ofhVKA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326131; a=rsa-sha256; cv=none; b=UTdAzAH+SUlVQdbKyfuhKWKZEUJCNXlNVwmfNX4roAZ9KrU1jaDJOgFamDqP56AleGX2GV YXl4lgxGq7IFcrMh/VnHYcoEaNQ6hb9YUbKiOGwb9kdfVmvRIVwyzLtYSY/aGmUDaWj7SS kiJxza9WvBCS5YvlfZRABqZFNf0Do/3N4On9rxfHk9AKZvLh6BUCBM9YUF+E8QB73nPhv0 yl6eN4OPuyGo2Vg/A8GeP/yp9MwqTeL1tO1CxEdoip8v1IaYZgvW8saHbm1p5k35i7d7lG 6Jk17B7Z1UOOkxHOiY8Mhqr0QzOs6MkVv8T6Twx0m+yzeygahPmKZX20ywr3yw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7R1zvSzVBQ; Wed, 21 Jun 2023 05:42:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gBYA062993; Wed, 21 Jun 2023 05:42:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gBAc062992; Wed, 21 Jun 2023 05:42:11 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:11 GMT Message-Id: <202306210542.35L5gBAc062992@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 07e3f54f2ea1 - releng/13.1 - pam_krb5: Fix spoofing vulnerability List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.1 X-Git-Reftype: branch X-Git-Commit: 07e3f54f2ea1a9c5c5e643155994eeec912d16d7 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.1 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=07e3f54f2ea1a9c5c5e643155994eeec912d16d7 commit 07e3f54f2ea1a9c5c5e643155994eeec912d16d7 Author: Cy Schubert AuthorDate: 2023-05-31 19:20:27 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:27:22 +0000 pam_krb5: Fix spoofing vulnerability An adversary on the network can log in via ssh as any user by spoofing the KDC. When the machine has a keytab installed the keytab is used to verify the service ticket. However, without a keytab there is no way for pam_krb5 to verify the KDC's response and get a TGT with the password. If both the password _and_ the KDC are controlled by an adversary, the adversary can provide a password that the adversary's spoofed KDC will return a valid tgt for. Currently, without a keytab, pam_krb5 is vulnerable to this attack. Reported by: Taylor R Campbell via emaste@ Reviewed by: so Approved by: so Security: FreeBSD-SA-23:04.pam_krb5 Security: CVE-2023-3326 (cherry picked from commit 813847e49e35439ba5d7bf16034b0691312068a4) (cherry picked from commit 6322a6c9daaabbf0b5d17c5d5a4f245f474a7e30) --- lib/libpam/modules/pam_krb5/pam_krb5.8 | 15 +++++ lib/libpam/modules/pam_krb5/pam_krb5.c | 104 +++++++++++++++++++++++++++------ 2 files changed, 102 insertions(+), 17 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.8 b/lib/libpam/modules/pam_krb5/pam_krb5.8 index bd7ac5b9ca0c..bdd91c54fce6 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.8 +++ b/lib/libpam/modules/pam_krb5/pam_krb5.8 @@ -108,6 +108,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .It Cm no_user_check Do not verify if a user exists on the local system. This option implies the .Cm no_ccache diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 810573bed47e..3972479a581f 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -76,7 +76,12 @@ __FBSDID("$FreeBSD$"); #define COMPAT_HEIMDAL /* #define COMPAT_MIT */ -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, + const char **, krb5_principal *, char[static BUFSIZ]); +static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int, + const char *, krb5_principal, char[static BUFSIZ]); +static void verify_krb_v5_tgt_cleanup(krb5_context, int, + const char *, krb5_principal, char[static BUFSIZ]); static void cleanup_cache(pam_handle_t *, void *, int); static const char *compat_princ_component(krb5_context, krb5_principal, int); static void compat_free_data_contents(krb5_context, krb5_data *); @@ -92,6 +97,7 @@ static void compat_free_data_contents(krb5_context, krb5_data *); #define PAM_OPT_NO_USER_CHECK "no_user_check" #define PAM_OPT_REUSE_CCACHE "reuse_ccache" #define PAM_OPT_NO_USER_CHECK "no_user_check" +#define PAM_OPT_ALLOW_KDC_SPOOF "allow_kdc_spoof" #define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ do { \ @@ -109,6 +115,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, { krb5_error_code krbret; krb5_context pam_context; + int debug; + const char *auth_service; + krb5_principal auth_princ; + char auth_phost[BUFSIZ]; krb5_creds creds; krb5_principal princ; krb5_ccache ccache; @@ -139,14 +149,37 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got service: %s", (const char *)service); + if ((srvdup = strdup(service)) == NULL) { + retval = PAM_BUF_ERR; + goto cleanup6; + } + krbret = krb5_init_context(&pam_context); if (krbret != 0) { PAM_VERBOSE_ERROR("Kerberos 5 error"); - return (PAM_SERVICE_ERR); + retval = PAM_SERVICE_ERR; + goto cleanup5; } PAM_LOG("Context initialised"); + debug = openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0; + krbret = verify_krb_v5_tgt_begin(pam_context, srvdup, debug, + &auth_service, &auth_princ, auth_phost); + if (krbret != 0) { /* failed to find key */ + /* Keytab or service key does not exist */ + /* + * Give up now because we can't authenticate the KDC + * with a keytab, unless the administrator asked to + * have the traditional behaviour of being vulnerable + * to spoofed KDCs. + */ + if (!openpam_get_option(pamh, PAM_OPT_ALLOW_KDC_SPOOF)) { + retval = PAM_SERVICE_ERR; + goto cleanup4; + } + } + krbret = krb5_cc_register(pam_context, &krb5_mcc_ops, FALSE); if (krbret != 0 && krbret != KRB5_CC_TYPE_EXISTS) { PAM_VERBOSE_ERROR("Kerberos 5 error"); @@ -292,13 +325,11 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Credentials stashed"); /* Verify them */ - if ((srvdup = strdup(service)) == NULL) { - retval = PAM_BUF_ERR; - goto cleanup; - } krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup, - openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0); + debug, + auth_service, auth_princ, auth_phost); free(srvdup); + srvdup = NULL; if (krbret == -1) { PAM_VERBOSE_ERROR("Kerberos 5 error"); krb5_cc_destroy(pam_context, ccache); @@ -349,8 +380,20 @@ cleanup3: PAM_LOG("Done cleanup3"); +cleanup4: + verify_krb_v5_tgt_cleanup(pam_context, debug, + auth_service, auth_princ, auth_phost); + PAM_LOG("Done cleanup4"); + +cleanup5: + if (srvdup != NULL) + free(srvdup); + PAM_LOG("Done cleanup5"); + +cleanup6: if (retval != PAM_SUCCESS) PAM_VERBOSE_ERROR("Kerberos 5 refuses you"); + PAM_LOG("Done cleanup6"); return (retval); } @@ -837,18 +880,18 @@ PAM_MODULE_ENTRY("pam_krb5"); */ /* ARGSUSED */ static int -verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, - char *pam_service, int debug) +verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, + const char **servicep, krb5_principal *princp __unused, char phost[static BUFSIZ]) { krb5_error_code retval; krb5_principal princ; krb5_keyblock *keyblock; - krb5_data packet; - krb5_auth_context auth_context; - char phost[BUFSIZ]; const char *services[3], **service; - packet.data = 0; + *servicep = NULL; + + if (debug) + openlog("pam_krb5", LOG_PID, LOG_AUTHPRIV); /* If possible we want to try and verify the ticket we have * received against a keytab. We will try multiple service @@ -906,14 +949,30 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, krb5_free_error_message(context, msg); } retval = 0; - goto cleanup; } if (keyblock) krb5_free_keyblock(context, keyblock); + return (retval); +} + +static int +verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, + char *pam_service __unused, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ]) +{ + krb5_error_code retval; + krb5_auth_context auth_context = NULL; + krb5_data packet; + + if (service == NULL) + return (0); /* uncertain, can't authenticate KDC */ + + packet.data = 0; + /* Talk to the kdc and construct the ticket. */ auth_context = NULL; - retval = krb5_mk_req(context, &auth_context, 0, *service, phost, + retval = krb5_mk_req(context, &auth_context, 0, service, phost, NULL, ccache, &packet); if (auth_context) { krb5_auth_con_free(context, auth_context); @@ -952,8 +1011,19 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, cleanup: if (packet.data) compat_free_data_contents(context, &packet); - krb5_free_principal(context, princ); - return retval; + return (retval); +} + +static void +verify_krb_v5_tgt_cleanup(krb5_context context, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ] __unused) +{ + + if (service) + krb5_free_principal(context, princ); + if (debug) + closelog(); + } /* Free the memory for cache_name. Called by pam_end() */ From nobody Wed Jun 21 05:42:12 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7S7575z4g1kD; Wed, 21 Jun 2023 05:42:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7S4VpQz3jyT; Wed, 21 Jun 2023 05:42:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=J/Ze2MQbjjCLO5FMZghGJIw+c6AhVD/6Ae72Wh1ThA4=; b=ESxmrT/kL2qbRVCT/f2K99S2rfkzsLb0G5jUhE+5kuKVnjTO/koyYPqzB1zAl2gfFHQxEW 2i6HpPSDPnZ+yM6iKu+EKET/GXW82OmftnNZos8BuwPXEMY1NPxsirAD7MQ+ZckKVmT0A+ NOaiTTDMAUcscMQti/3wVYdCw8m9bgZIsEv1ehjgDpSnLB2v88VrUD+R/ajKe4q1tzwoEl lcrJds6jBDjobNspxrxrw9VrGY9A7mLCgpMJx6JsXMrYny46IxkZsGPt1vk9lo0834jdbV geCOmEgdNq4nDN5lDk0OsztPebgcLbC5vL5mivl1kucLxuWqBHppc7Rb5TNjCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=J/Ze2MQbjjCLO5FMZghGJIw+c6AhVD/6Ae72Wh1ThA4=; b=H8ZbDixBecBkfmIjs4wm877v6t73c4atk0Rgs+LXqnw4fKbgbPfSccC0GbuCQWOhCOi2Ox uZ4GjkRoZLzYRi3v4GmJUligDKlONYhfjeiIE/xyNllx61wlhw/DGmx+4HmcGxigyrAk9P zA3udrygKSQfL/RTSXpHrnssR5MSqhkZw0NhkaX6PIamSjnQnW/v8pkoaw4Qeueta0N944 odRyGK0hMNa9y681BBTt+a+c+z6NndyjZTcPdLqSeXS1qW5iBthRXNt1gHFD2qXAPhDTXa 3qKVNklG3Tvde9g3/4fkTkCwghdyAnhh94Rp6QYHN6NK2wXxJ94K+F0WIlTeog== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326132; a=rsa-sha256; cv=none; b=t1V6x2j7d9X1GKLfE3aVuagedeB8xedkYV9T0kegei7YD2ekxbFUYDjte4HaGb2AvNfPGm DrdAIxLf9Il17uGtzdy3ctGh7YaPVTiIVszUXFgdN4TxvPVA4gj7OhLDCk3sBwXq/w5uA9 lmDDF0iHC197Mmb+qKDY/jXEKasYVq2P2LvegLCW0KLrxoAUczwSf+L8WKkLcEsl6dFl6i x9osLgbOwBjxEwSGbkgndd++hd63wOz5U/XsaturqVnlKAh7EuvvuytlaZwgxj49x5tPne GwPq5rqW42ILkcti8sAv16hXpPWfDIW2OxbVNJDpaplSrlRWnQfN8ytEgx+fBA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7S2yM2zVWy; Wed, 21 Jun 2023 05:42:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gCdK063012; Wed, 21 Jun 2023 05:42:12 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gCMw063011; Wed, 21 Jun 2023 05:42:12 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:12 GMT Message-Id: <202306210542.35L5gCMw063011@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: df74c1165cd0 - releng/13.1 - Add UPDATING entries and bump version. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.1 X-Git-Reftype: branch X-Git-Commit: df74c1165cd03c839627c6ebe6477a72dd980542 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.1 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=df74c1165cd03c839627c6ebe6477a72dd980542 commit df74c1165cd03c839627c6ebe6477a72dd980542 Author: Gordon Tetlow AuthorDate: 2023-06-21 05:38:21 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:38:21 +0000 Add UPDATING entries and bump version. Approved by: so --- UPDATING | 14 ++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index b534080a5317..48ee282da9d6 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,20 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20230621: + 13.1-RELEASE-p8 FreeBSD-EN-23:05.tzdata + FreeBSD-EN-23:06.loader + FreeBSD-EN-23:07.mpr + FreeBSD-SA-23:04.pam_krb5 + + Timezone database information update [EN-23:05.tzdata] + + x86 kernel console configuration [EN-23:06.loader] + + Fix mpr(4) failure to initialize devices [EN-23:07.mpr] + + Fix network authentication attack via pam_krb5 [SA-23:04.pam_krb5] + 20230216: 13.1-RELEASE-p7 FreeBSD-SA-23:03.openssl diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index bcacbcebb5ac..bf8af719c539 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -54,7 +54,7 @@ TYPE="FreeBSD" REVISION="13.1" -BRANCH="RELEASE-p7" +BRANCH="RELEASE-p8" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Wed Jun 21 05:42:23 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7g72Vwz4g1t7; Wed, 21 Jun 2023 05:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7g69bHz3kmS; Wed, 21 Jun 2023 05:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326143; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hj1+0V1VTe/ESdiQPKBW32dks94lqblshGOhhZaUrXI=; b=leohEmPYmBcFp8EcvbDpFll2rSpST/XfjZdTLJzGT2vijZVQgq5jzvx5vj0Qk/o0EeeFCP +CL/dc/IVFk0RsuzxKXs+MwwkAmK58QzJpnn0gNBpAiGx0zKDVdtUjjCAUlbWjSC0c4toF YwE249p14+0A1F5aLQ2WutX58D66RXp67dfUI2xcoOrIbajLjOjMq6bI+0WHz4RR0+ifoA 6Jit4bTIM2vItgtBY8J6K/A5XY3bsIZNLKu2i0cOjY+q8E77e9dKaXeWm42D6OY/wVk4sT psLMlWbqt9mpqi+HYJPcEeaCkt0SMb3YEA/lb8+EEPnX+rRi5NOiEDiC0HdBwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326143; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hj1+0V1VTe/ESdiQPKBW32dks94lqblshGOhhZaUrXI=; b=R/bkB1IfrBR5EV7IGbacwqOVVGgfmyLlm8C2YbXXkhWu+k3PFnCA1TpnM9Sm2rUW+asy+r /OJaoIE2TaAnQLZnU944rX/NR0B6PwBLsy4js2jecsqZQdbt1g8hNVnbalH49u8yqYR8LL b1wgdGhVk3tWB/DbWuetz8QeS0rRFNYUNlRqqfxQIxdGtLqDgLkS06sezYnzV2todSC9A8 VIXOEJy47sIB4llq0paQ5+vzFnJX/pb/3gAiB79r+z7cTcufiZX/sdq87UmdcWtrG6SvqR RaQ5I84Y0BFi7PX91pE801SPO95Bek89K48HLuOcYLLk6YqHaMWeElkuyvvlZw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326143; a=rsa-sha256; cv=none; b=ywI7vdLIkDe9VgwUuYqMQHBUPPlkcG+tEzaRJPL2F1EH62FZlkeC7BckS0lTlh90RZO0hT EfLDu7v3AmFwG/pHiybsl2BMGAjNT8MGHnn+5gSKPS0IKcqpkx5n7wn9rvW+CnIKVLmCnM IUVdpRCKVVo1r4C40QH13Tw64JSIrO0Zfg4X1FleqyQ6d2U2y2e2nGSPtvDVigKsyhHzEE Pe7LMZGLGO6C4L7VIi/AxGt1Cpip1HkGcRO3eMTKTt2TYKlqAtHoLpiuIY+vxb2f/gv53R cF3QCEYsFWc4CQ8I4QSUU0++3p0vX7Hzry/jpW4eEfeO9/H6xsGgFuMEsdpcnA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7g5FjfzVlB; Wed, 21 Jun 2023 05:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gN5I064185; Wed, 21 Jun 2023 05:42:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gNPx064184; Wed, 21 Jun 2023 05:42:23 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:23 GMT Message-Id: <202306210542.35L5gNPx064184@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 548ece23b51c - releng/12.4 - contrib/tzdata: import tzdata 2023c List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: 548ece23b51c10ec67b82cac3232eeaf6931b48d Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/12.4 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=548ece23b51c10ec67b82cac3232eeaf6931b48d commit 548ece23b51c10ec67b82cac3232eeaf6931b48d Author: Gordon Tetlow AuthorDate: 2023-06-21 04:59:04 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:04:21 +0000 contrib/tzdata: import tzdata 2023c Changes: https://github.com/eggert/tz/blob/2023c/NEWS The tzdata 2023c release reverts all changes made in 2023b other than commentary, as that appears to be the best of a bad set of short-notice choices for modeling this week's daylight saving chaos in Lebanon. (cherry picked from commit 9fbeeb6e38310b4f42a14c4b043bbee82c5e4752) Cumulative commit including the following cherry-picks: 9845906f02fea5a4f573a97a85d376acadef8769 f0cea48cb780522234370e122fdb837388b97a06 7da23e6521d171845311817bac904f252a3b4478 Approved by: so Security: FreeBSD-EN-23:05.tzdata --- contrib/tzdata/CONTRIBUTING | 2 +- contrib/tzdata/Makefile | 53 ++++++------- contrib/tzdata/NEWS | 143 +++++++++++++++++++++++++++++---- contrib/tzdata/africa | 71 ++++++++++------- contrib/tzdata/antarctica | 2 +- contrib/tzdata/asia | 166 ++++++++++++++++++++++++++++++++++++--- contrib/tzdata/australasia | 44 +++++------ contrib/tzdata/backward | 1 + contrib/tzdata/backzone | 11 ++- contrib/tzdata/checktab.awk | 5 +- contrib/tzdata/europe | 59 +++++++------- contrib/tzdata/leap-seconds.list | 8 +- contrib/tzdata/leapseconds | 8 +- contrib/tzdata/leapseconds.awk | 50 +++++++----- contrib/tzdata/northamerica | 31 ++++---- contrib/tzdata/southamerica | 2 +- contrib/tzdata/theory.html | 66 ++++++++++------ contrib/tzdata/version | 2 +- contrib/tzdata/zone.tab | 29 ++++--- contrib/tzdata/zone1970.tab | 58 +++++++------- 20 files changed, 558 insertions(+), 253 deletions(-) diff --git a/contrib/tzdata/CONTRIBUTING b/contrib/tzdata/CONTRIBUTING index 4c0f56a50265..6d800e4c03a3 100644 --- a/contrib/tzdata/CONTRIBUTING +++ b/contrib/tzdata/CONTRIBUTING @@ -18,7 +18,7 @@ To email small changes, please run a POSIX shell command like 'diff -u old/europe new/europe >myfix.patch', and attach 'myfix.patch' to the email. -For more-elaborate or possibly-controversial changes, +For more-elaborate or possibly controversial changes, such as renaming, adding or removing zones, please read "Theory and pragmatics of the tz code and data" . diff --git a/contrib/tzdata/Makefile b/contrib/tzdata/Makefile index afb9d538a203..6edc73cc6ffb 100644 --- a/contrib/tzdata/Makefile +++ b/contrib/tzdata/Makefile @@ -35,22 +35,14 @@ DATAFORM= main LOCALTIME= Factory -# The POSIXRULES macro controls interpretation of nonstandard and obsolete -# POSIX-like TZ settings like TZ='EET-2EEST' that lack DST transition rules. -# Such a setting uses the rules in a template file to determine -# "spring forward" and "fall back" days and times; the environment -# variable itself specifies UT offsets of standard and daylight saving time. -# +# The POSIXRULES macro controls interpretation of POSIX-like TZ +# settings like TZ='EET-2EEST' that lack DST transition rules. # If POSIXRULES is '-', no template is installed; this is the default. -# # Any other value for POSIXRULES is obsolete and should not be relied on, as: # * It does not work correctly in popular implementations such as GNU/Linux. # * It does not work even in tzcode, except for historical timestamps # that precede the last explicit transition in the POSIXRULES file. # Hence it typically does not work for current and future timestamps. -# In short, software should avoid ruleless settings like TZ='EET-2EEST' -# and so should not depend on the value of POSIXRULES. -# # If, despite the above, you want a template for handling these settings, # you can change the line below (after finding the timezone you want in the # one of the $(TDATA) source files, or adding it to a source file). @@ -63,7 +55,7 @@ LOCALTIME= Factory POSIXRULES= - # Also see TZDEFRULESTRING below, which takes effect only -# if the time zone files cannot be accessed. +# if POSIXRULES is '-' or if the template file cannot be accessed. # Installation locations. @@ -211,7 +203,7 @@ LDLIBS= # -DHAVE_DECL_ENVIRON if declares 'environ' # -DHAVE_DECL_TIMEGM=0 if does not declare timegm # -DHAVE_DIRECT_H if mkdir needs (MS-Windows) -# -DHAVE_GENERIC=0 if _Generic does not work* +# -DHAVE__GENERIC=0 if _Generic does not work* # -DHAVE_GETRANDOM if getrandom works (e.g., GNU/Linux), # -DHAVE_GETRANDOM=0 to avoid using getrandom # -DHAVE_GETTEXT if gettext works (e.g., GNU/Linux, FreeBSD, Solaris), @@ -220,7 +212,7 @@ LDLIBS= # -DHAVE_INCOMPATIBLE_CTIME_R if your system's time.h declares # ctime_r and asctime_r incompatibly with the POSIX standard # (Solaris when _POSIX_PTHREAD_SEMANTICS is not defined). -# -DHAVE_INTTYPES_H=0 if does not work* +# -DHAVE_INTTYPES_H=0 if does not work*+ # -DHAVE_LINK=0 if your system lacks a link function # -DHAVE_LOCALTIME_R=0 if your system lacks a localtime_r function # -DHAVE_LOCALTIME_RZ=0 if you do not want zdump to use localtime_rz @@ -229,22 +221,24 @@ LDLIBS= # -DHAVE_POSIX_DECLS=0 if your system's include files do not declare # functions like 'link' or variables like 'tzname' required by POSIX # -DHAVE_SETENV=0 if your system lacks the setenv function -# -DHAVE_SNPRINTF=0 if your system lacks the snprintf function +# -DHAVE_SNPRINTF=0 if your system lacks the snprintf function+ # -DHAVE_STDCKDINT_H=0 if neither nor substitutes like # __builtin_add_overflow work* -# -DHAVE_STDINT_H=0 if does not work* +# -DHAVE_STDINT_H=0 if does not work*+ # -DHAVE_STRFTIME_L if declares locale_t and strftime_l # -DHAVE_STRDUP=0 if your system lacks the strdup function -# -DHAVE_STRTOLL=0 if your system lacks the strtoll function +# -DHAVE_STRTOLL=0 if your system lacks the strtoll function+ # -DHAVE_SYMLINK=0 if your system lacks the symlink function # -DHAVE_SYS_STAT_H=0 if does not work* # -DHAVE_TZSET=0 if your system lacks a tzset function # -DHAVE_UNISTD_H=0 if does not work* # -DHAVE_UTMPX_H=0 if does not work* # -Dlocale_t=XXX if your system uses XXX instead of locale_t +# -DPORT_TO_C89 if tzcode should also run on C89 platforms+ # -DRESERVE_STD_EXT_IDS if your platform reserves standard identifiers # with external linkage, e.g., applications cannot define 'localtime'. # -Dssize_t=long on hosts like MS-Windows that lack ssize_t +# -DSUPPORT_C89 if the tzcode library should support C89 callers+ # -DSUPPRESS_TZDIR to not prepend TZDIR to file names; this has # security implications and is not recommended for general use # -DTHREAD_SAFE to make localtime.c thread-safe, as POSIX requires; @@ -256,7 +250,13 @@ LDLIBS= # -DTZ_DOMAINDIR=\"/path\" to use "/path" for gettext directory; # the default is system-supplied, typically "/usr/lib/locale" # -DTZDEFRULESTRING=\",date/time,date/time\" to default to the specified -# DST transitions if the time zone files cannot be accessed +# DST transitions for POSIX-style TZ strings lacking them, +# in the usual case where POSIXRULES is '-'. If not specified, +# TZDEFRULESTRING defaults to US rules for future DST transitions. +# This mishandles some past timestamps, as US DST rules have changed. +# It also mishandles settings like TZ='EET-2EEST' for eastern Europe, +# as Europe and US DST rules differ. +# -DTZNAME_MAXIMUM=N to limit time zone abbreviations to N bytes (default 255) # -DUNINIT_TRAP if reading uninitialized storage can cause problems # other than simply getting garbage data # -DUSE_LTZ=0 to build zdump with the system time zone library @@ -273,6 +273,8 @@ LDLIBS= # $(GCC_DEBUG_FLAGS) if you are using recent GCC and want lots of checking # # * Options marked "*" can be omitted if your compiler is C23 compatible. +# * Options marked "+" are obsolescent and are planned to be removed +# once the code assumes C99 or later. # # Select instrumentation via "make GCC_INSTRUMENT='whatever'". GCC_INSTRUMENT = \ @@ -363,7 +365,7 @@ GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ # -DNETBSD_INSPIRED=0 # to the end of the "CFLAGS=" line. Otherwise, the functions # "localtime_rz", "mktime_z", "tzalloc", and "tzfree" are added to the -# time library, and if STD_INSPIRED is also defined the functions +# time library, and if STD_INSPIRED is also defined to nonzero the functions # "posix2time_z" and "time2posix_z" are added as well. # The functions ending in "_z" (or "_rz") are like their unsuffixed # (or suffixed-by-"_r") counterparts, except with an extra first @@ -455,16 +457,13 @@ SAFE_CHARSET3= 'abcdefghijklmnopqrstuvwxyz{|}~' SAFE_CHARSET= $(SAFE_CHARSET1)$(SAFE_CHARSET2)$(SAFE_CHARSET3) SAFE_CHAR= '[]'$(SAFE_CHARSET)'-]' -# These characters are Latin-1, and so are likely to be displayable -# even in editors with limited character sets. -UNUSUAL_OK_LATIN_1 = «°±»½¾× -# This IPA symbol is represented in Unicode as the composition of -# U+0075 and U+032F, and U+032F is not considered alphabetic by some -# grep implementations that do not grok composition. -UNUSUAL_OK_IPA = u̯ +# These non-alphabetic, non-ASCII printable characters are Latin-1, +# and so are likely displayable even in editors like XEmacs 21 +# that have limited display capabilities. +UNUSUAL_OK_LATIN_1 = ¡¢£¤¥¦§¨©«¬®¯°±²³´¶·¸¹»¼½¾¿×÷ # Non-ASCII non-letters that OK_CHAR allows, as these characters are # useful in commentary. -UNUSUAL_OK_CHARSET= $(UNUSUAL_OK_LATIN_1)$(UNUSUAL_OK_IPA) +UNUSUAL_OK_CHARSET= $(UNUSUAL_OK_LATIN_1) # Put this in a bracket expression to match spaces. s = [:space:] @@ -833,7 +832,7 @@ check_slashed_abbrs: $(TDATA_TO_CHECK) CHECK_CC_LIST = { n = split($$1,a,/,/); for (i=2; i<=n; i++) print a[1], a[i]; } -check_sorted: backward backzone iso3166.tab zone.tab zone1970.tab +check_sorted: backward backzone $(AWK) '/^Link/ {printf "%.5d %s\n", g, $$3} !/./ {g++}' \ backward | LC_ALL=C sort -cu $(AWK) '/^Zone/ {print $$2}' backzone | LC_ALL=C sort -cu diff --git a/contrib/tzdata/NEWS b/contrib/tzdata/NEWS index 701e490e4834..b54538aa4a82 100644 --- a/contrib/tzdata/NEWS +++ b/contrib/tzdata/NEWS @@ -1,5 +1,116 @@ News for the tz database +Release 2023c - 2023-03-28 12:42:14 -0700 + + Changes to past and future timestamps + + Model Lebanon's DST chaos by reverting data to tzdb 2023a. + (Thanks to Rany Hany for the heads-up.) + + +Release 2023b - 2023-03-23 19:50:38 -0700 + + Changes to future timestamps + + This year Lebanon springs forward April 20/21 not March 25/26. + (Thanks to Saadallah Itani.) [This was reverted in 2023c.] + + +Release 2023a - 2023-03-22 12:39:33 -0700 + + Briefly: + Egypt now uses DST again, from April through October. + This year Morocco springs forward April 23, not April 30. + Palestine delays the start of DST this year. + Much of Greenland still uses DST from 2024 on. + America/Yellowknife now links to America/Edmonton. + tzselect can now use current time to help infer timezone. + The code now defaults to C99 or later. + Fix use of C23 attributes. + + Changes to future timestamps + + Starting in 2023, Egypt will observe DST from April's last Friday + through October's last Thursday. (Thanks to Ahmad ElDardiry.) + Assume the transition times are 00:00 and 24:00, respectively. + + In 2023 Morocco's spring-forward transition after Ramadan + will occur April 23, not April 30. (Thanks to Milamber.) + Adjust predictions for future years accordingly. This affects + predictions for 2023, 2031, 2038, and later years. + + This year Palestine will delay its spring forward from + March 25 to April 29 due to Ramadan. (Thanks to Heba Hamad.) + Make guesses for future Ramadans too. + + Much of Greenland, represented by America/Nuuk, will continue to + observe DST using European Union rules. When combined with + Greenland's decision not to change the clocks in fall 2023, + America/Nuuk therefore changes from -03/-02 to -02/-01 effective + 2023-10-29 at 01:00 UTC. (Thanks to Thomas M. Steenholdt.) + This change from 2022g doesn't affect timestamps until 2024-03-30, + and doesn't affect tm_isdst until 2023-03-25. + + Changes to past timestamps + + America/Yellowknife has changed from a Zone to a backward + compatibility Link, as it no longer differs from America/Edmonton + since 1970. (Thanks to Almaz Mingaleev.) This affects some + pre-1948 timestamps. The old data are now in 'backzone'. + + Changes to past time zone abbreviations + + When observing Moscow time, Europe/Kirov and Europe/Volgograd now + use the abbreviations MSK/MSD instead of numeric abbreviations, + for consistency with other timezones observing Moscow time. + + Changes to code + + You can now tell tzselect local time, to simplify later choices. + Select the 'time' option in its first prompt. + + You can now compile with -DTZNAME_MAXIMUM=N to limit time zone + abbreviations to N bytes (default 255). The reference runtime + library now rejects POSIX-style TZ strings that contain longer + abbreviations, treating them as UTC. Previously the limit was + platform dependent and abbreviations were silently truncated to + 16 bytes even when the limit was greater than 16. + + The code by default is now designed for C99 or later. To build in + a C89 environment, compile with -DPORT_TO_C89. To support C89 + callers of the tzcode library, compile with -DSUPPORT_C89. The + two new macros are transitional aids planned to be removed in a + future version, when C99 or later will be required. + + The code now builds again on pre-C99 platforms, if you compile + with -DPORT_TO_C89. This fixes a bug introduced in 2022f. + + On C23-compatible platforms tzcode no longer uses syntax like + 'static [[noreturn]] void usage(void);'. Instead, it uses + '[[noreturn]] static void usage(void);' as strict C23 requires. + (Problem reported by Houge Langley.) + + The code's functions now constrain their arguments with the C + 'restrict' keyword consistently with their documentation. + This may allow future optimizations. + + zdump again builds standalone with ckdadd and without setenv, + fixing a bug introduced in 2022g. (Problem reported by panic.) + + leapseconds.awk can now process a leap seconds file that never + expires; this might be useful if leap seconds are discontinued. + + Changes to commentary + + tz-link.html has a new section "Coordinating with governments and + distributors". (Thanks to Neil Fuller for some of the text.) + + To improve tzselect diagnostics, zone1970.tab's comments column is + now limited to countries that have multiple timezones. + + Note that leap seconds are planned to be discontinued by 2035. + + Release 2022g - 2022-11-29 08:58:31 -0800 Briefly: @@ -596,7 +707,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 Starting with 2020a, zic -L truncated its output according to the "Expires" directive or "#expires" comment in the leapseconds file. The resulting TZif files omitted daylight saving transitions after - the leap second table expired, which led to far less-accurate + the leap second table expired, which led to far less accurate predictions of times after the expiry. Although future timestamps cannot be converted accurately in the presence of leap seconds, it is more accurate to convert near-future timestamps with a few @@ -616,7 +727,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 zic -L LEAPFILE -r @LO no longer generates an invalid TZif file that omits leap second information for the range LO..B when LO falls between two leap seconds A and B. Instead, it generates a - TZif version 4 file that represents the previously-missing + TZif version 4 file that represents the previously missing information. The TZif reader now allows the leap second table to begin with a @@ -670,7 +781,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 Fix a bug with 'zic -r @X' when X is a negative leap second that has a nonnegative correction. Without the fix, the output file was truncated so that X appeared to be a positive leap second. - Fix a similar, even-less-likely bug when truncating at a positive + Fix a similar, even less likely bug when truncating at a positive leap second that has a nonpositive correction. zic -r now reports an error if given rolling leap seconds, as this @@ -691,7 +802,7 @@ Release 2021b - 2021-09-24 16:23:00 -0700 fixing a bug introduced in 2014g. zdump -v now outputs timestamps at boundaries of what localtime - and gmtime can represent, instead of the less-useful timestamps + and gmtime can represent, instead of the less useful timestamps one day after the minimum and one day before the maximum. (Thanks to Arthur David Olson for prototype code, and to Manuela Friedrich for debugging help.) @@ -2311,7 +2422,7 @@ Release 2016g - 2016-09-13 08:56:38 -0700 names internally. zdump has a new -i option to generate transitions in a - more-compact but still human-readable format. This option is + smaller but still human-readable format. This option is experimental, and the output format may change in future versions. (Thanks to Jon Skeet for suggesting that an option was needed, and thanks to Tim Parenti and Chris Rovick for further comments.) @@ -2333,7 +2444,7 @@ Release 2016g - 2016-09-13 08:56:38 -0700 release 2016g, the version number is now something like '2016g-23-g50556e3-dirty' instead of the misleading '2016g'. Tagged releases use the same version number format as before, - e.g., '2016g'. To support the more-accurate version number, its + e.g., '2016g'. To support the more accurate version number, its specification has moved from a line in the Makefile to a new source file 'version'. @@ -2964,7 +3075,7 @@ Release 2014i - 2014-10-21 22:04:57 -0700 Since Belarus is not changing its clocks even though Moscow is, the time zone abbreviation in Europe/Minsk is changing from FET - to its more-traditional value MSK on 2014-10-26 at 01:00. + to its more traditional value MSK on 2014-10-26 at 01:00. (Thanks to Alexander Bokovoy for the heads-up about Belarus.) The new abbreviation IDT stands for the pre-1976 use of UT +08 in @@ -3056,7 +3167,7 @@ Release 2014h - 2014-09-25 18:59:03 -0700 Changes affecting build procedure - 'make check' now checks better for properly-sorted data. + 'make check' now checks better for properly sorted data. Changes affecting documentation and commentary @@ -3557,7 +3668,7 @@ Release 2014a - 2014-03-07 23:30:29 -0800 Changes affecting past timestamps - Fiji ended DST on 2014-01-19 at 02:00, not the previously-scheduled 03:00. + Fiji ended DST on 2014-01-19 at 02:00, not the previously scheduled 03:00. (Thanks to Steffen Thorsen.) Ukraine switched from Moscow to Eastern European time on 1990-07-01 @@ -3811,7 +3922,7 @@ Release 2013e - 2013-09-19 23:50:04 -0700 Allow POSIX-like TZ strings where the transition time's hour can range from -167 through 167, instead of the POSIX-required 0 through 24. E.g., TZ='FJT-12FJST,M10.3.1/146,M1.3.4/75' for the - new Fiji rules. This is a more-compact way to represent + new Fiji rules. This is a more compact way to represent far-future timestamps for America/Godthab, America/Santiago, Antarctica/Palmer, Asia/Gaza, Asia/Hebron, Asia/Jerusalem, Pacific/Easter, and Pacific/Fiji. Other zones are unaffected by @@ -3819,7 +3930,7 @@ Release 2013e - 2013-09-19 23:50:04 -0700 Allow POSIX-like TZ strings where daylight saving time is in effect all year. E.g., TZ='WART4WARST,J1/0,J365/25' for Western - Argentina Summer Time all year. This supports a more-compact way + Argentina Summer Time all year. This supports a more compact way to represent the 2013d data for America/Argentina/San_Luis. Because of the change for San Luis noted above this change does not affect the current data. (Thanks to Andrew Main (Zefram) for @@ -3908,13 +4019,13 @@ Release 2013e - 2013-09-19 23:50:04 -0700 zdump now outputs "UT" when referring to Universal Time, not "UTC". "UTC" does not make sense for timestamps that predate the introduction - of UTC, whereas "UT", a more-generic term, does. (Thanks to Steve Allen + of UTC, whereas "UT", a more generic term, does. (Thanks to Steve Allen for clarifying UT vs UTC.) Data changes affecting behavior of tzselect and similar programs - Country code BQ is now called the more-common name "Caribbean Netherlands" - rather than the more-official "Bonaire, St Eustatius & Saba". + Country code BQ is now called the more common name "Caribbean Netherlands" + rather than the more official "Bonaire, St Eustatius & Saba". Remove from zone.tab the names America/Montreal, America/Shiprock, and Antarctica/South_Pole, as they are equivalent to existing @@ -4098,7 +4209,7 @@ Release 2013c - 2013-04-19 16:17:40 -0700 Macquarie Island is politically part of Australia, not Antarctica. (Thanks to Tobias Conradi.) - Sort Macquarie more-consistently with other parts of Australia. + Sort Macquarie more consistently with other parts of Australia. (Thanks to Tim Parenti.) @@ -5322,7 +5433,7 @@ Release data1998g - 1998-08-11 03:28:35 -0000 Release data1998f - 1998-07-20 13:50:00 -0000 [tzdata1998f.tar.gz is missing!] - Update the "leapseconds" file to include the newly-announced + Update the "leapseconds" file to include the newly announced insertion at the end of 1998. diff --git a/contrib/tzdata/africa b/contrib/tzdata/africa index cfb9283c045d..6cf4e39c8c45 100644 --- a/contrib/tzdata/africa +++ b/contrib/tzdata/africa @@ -321,6 +321,14 @@ Rule Egypt 2007 only - Sep Thu>=1 24:00 0 - # From Mina Samuel (2016-07-04): # Egyptian government took the decision to cancel the DST, +# From Ahmad ElDardiry (2023-03-01): +# Egypt officially announced today that daylight savings will be +# applied from last Friday of April to last Thursday of October. +# From Paul Eggert (2023-03-01): +# Assume transitions are at 00:00 and 24:00 respectively. +# From Amir Adib (2023-03-07): +# https://www.facebook.com/EgyptianCabinet/posts/638829614954129/ + Rule Egypt 2008 only - Aug lastThu 24:00 0 - Rule Egypt 2009 only - Aug 20 24:00 0 - Rule Egypt 2010 only - Aug 10 24:00 0 - @@ -330,6 +338,8 @@ Rule Egypt 2014 only - May 15 24:00 1:00 S Rule Egypt 2014 only - Jun 26 24:00 0 - Rule Egypt 2014 only - Jul 31 24:00 1:00 S Rule Egypt 2014 only - Sep lastThu 24:00 0 - +Rule Egypt 2023 max - Apr lastFri 0:00 1:00 S +Rule Egypt 2023 max - Oct lastThu 24:00 0 - # Zone NAME STDOFF RULES FORMAT [UNTIL] #STDOFF 2:05:08.9 @@ -429,7 +439,7 @@ Zone Africa/Nairobi 2:27:16 - LMT 1908 May # President William R. Tolbert, Jr., July 23, 1971-July 31, 1972. # Monrovia: Executive Mansion. # -# Use the abbreviation "MMT" before 1972, as the more-accurate numeric +# Use the abbreviation "MMT" before 1972, as the more accurate numeric # abbreviation "-004430" would be one byte over the POSIX limit. # # Zone NAME STDOFF RULES FORMAT [UNTIL] @@ -566,8 +576,8 @@ Zone Africa/Tripoli 0:52:44 - LMT 1920 # DST the coming summer... # # Some sources, in French: -# http://www.defimedia.info/news/946/Rashid-Beebeejaun-:-%C2%AB-L%E2%80%99heure-d%E2%80%99%C3%A9t%C3%A9-ne-sera-pas-appliqu%C3%A9e-cette-ann%C3%A9e-%C2%BB -# http://lexpress.mu/Story/3398~Beebeejaun---Les-objectifs-d-%C3%A9conomie-d-%C3%A9nergie-de-l-heure-d-%C3%A9t%C3%A9-ont-%C3%A9t%C3%A9-atteints- +# http://www.defimedia.info/news/946/Rashid-Beebeejaun-:-«-L%E2%80%99heure-d%E2%80%99été-ne-sera-pas-appliquée-cette-année-» +# http://lexpress.mu/Story/3398~Beebeejaun---Les-objectifs-d-économie-d-énergie-de-l-heure-d-été-ont-été-atteints- # # Our wrap-up: # https://www.timeanddate.com/news/time/mauritius-dst-will-not-repeat.html @@ -698,7 +708,7 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # More articles in the press # https://www.yabiladi.com/articles/details/5058/secret-l-heure-d-ete-maroc-leve.html # http://www.lematin.ma/Actualite/Express/Article.asp?id=148923 -# http://www.lavieeco.com/actualite/Le-Maroc-passe-sur-GMT%2B1-a-partir-de-dim +# http://www.lavieeco.com/actualite/Le-Maroc-passe-sur-GMT+1-a-partir-de-dim # From Petr Machata (2011-03-30): # They have it written in English here: @@ -713,7 +723,7 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # According to Infomédiaire web site from Morocco (infomediaire.ma), # on March 9, 2012, (in French) Heure légale: # Le Maroc adopte officiellement l'heure d'été -# http://www.infomediaire.ma/news/maroc/heure-l%C3%A9gale-le-maroc-adopte-officiellement-lheure-d%C3%A9t%C3%A9 +# http://www.infomediaire.ma/news/maroc/heure-légale-le-maroc-adopte-officiellement-lheure-dété # Governing Council adopted draft decree, that Morocco DST starts on # the last Sunday of March (March 25, 2012) and ends on # last Sunday of September (September 30, 2012) @@ -837,19 +847,28 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # Friday or Saturday (and so the 2 days off are on a weekend), the next time # shift will be the next weekend. # -# From Paul Eggert (2020-05-31): +# From Milamber (2021-03-31, 2022-03-10): +# https://www.mmsp.gov.ma/fr/actualites.aspx?id=2076 +# https://www.ecoactu.ma/horaires-administration-ramadan-gmtheure-gmt-a-partir-de-dimanche-27-mars/ +# +# From Milamber (2023-03-14, 2023-03-15): +# The return to legal GMT time will take place this Sunday, March 19 at 3 a.m. +# ... the return to GMT+1 will be made on Sunday April 23, 2023 at 2 a.m. +# https://www.mmsp.gov.ma/fr/actualites/passage-à-l%E2%80%99heure-gmt-à-partir-du-dimanche-19-mars-2023 +# +# From Paul Eggert (2023-03-14): # For now, guess that in the future Morocco will fall back at 03:00 # the last Sunday before Ramadan, and spring forward at 02:00 the -# first Sunday after two days after Ramadan. To implement this, +# first Sunday after one day after Ramadan. To implement this, # transition dates and times for 2019 through 2087 were determined by -# running the following program under GNU Emacs 26.3. (This algorithm +# running the following program under GNU Emacs 28.2. (This algorithm # also produces the correct transition dates for 2016 through 2018, # though the times differ due to Morocco's time zone change in 2018.) # (let ((islamic-year 1440)) # (require 'cal-islam) # (while (< islamic-year 1511) # (let ((a (calendar-islamic-to-absolute (list 9 1 islamic-year))) -# (b (+ 2 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) +# (b (+ 1 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) # (sunday 0)) # (while (/= sunday (mod (setq a (1- a)) 7))) # (while (/= sunday (mod b 7)) @@ -863,10 +882,6 @@ Zone Indian/Mauritius 3:50:00 - LMT 1907 # Port Louis # (car (cdr (cdr a))) (calendar-month-name (car a) t) (car (cdr a)) # (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b))))) # (setq islamic-year (+ 1 islamic-year)))) -# -# From Milamber (2021-03-31, 2022-03-10), confirming these predictions: -# https://www.mmsp.gov.ma/fr/actualites.aspx?id=2076 -# https://www.ecoactu.ma/horaires-administration-ramadan-gmtheure-gmt-a-partir-de-dimanche-27-mars/ # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule Morocco 1939 only - Sep 12 0:00 1:00 - @@ -919,7 +934,7 @@ Rule Morocco 2021 only - May 16 2:00 0 - Rule Morocco 2022 only - Mar 27 3:00 -1:00 - Rule Morocco 2022 only - May 8 2:00 0 - Rule Morocco 2023 only - Mar 19 3:00 -1:00 - -Rule Morocco 2023 only - Apr 30 2:00 0 - +Rule Morocco 2023 only - Apr 23 2:00 0 - Rule Morocco 2024 only - Mar 10 3:00 -1:00 - Rule Morocco 2024 only - Apr 14 2:00 0 - Rule Morocco 2025 only - Feb 23 3:00 -1:00 - @@ -935,7 +950,7 @@ Rule Morocco 2029 only - Feb 18 2:00 0 - Rule Morocco 2029 only - Dec 30 3:00 -1:00 - Rule Morocco 2030 only - Feb 10 2:00 0 - Rule Morocco 2030 only - Dec 22 3:00 -1:00 - -Rule Morocco 2031 only - Feb 2 2:00 0 - +Rule Morocco 2031 only - Jan 26 2:00 0 - Rule Morocco 2031 only - Dec 14 3:00 -1:00 - Rule Morocco 2032 only - Jan 18 2:00 0 - Rule Morocco 2032 only - Nov 28 3:00 -1:00 - @@ -951,7 +966,7 @@ Rule Morocco 2036 only - Nov 23 2:00 0 - Rule Morocco 2037 only - Oct 4 3:00 -1:00 - Rule Morocco 2037 only - Nov 15 2:00 0 - Rule Morocco 2038 only - Sep 26 3:00 -1:00 - -Rule Morocco 2038 only - Nov 7 2:00 0 - +Rule Morocco 2038 only - Oct 31 2:00 0 - Rule Morocco 2039 only - Sep 18 3:00 -1:00 - Rule Morocco 2039 only - Oct 23 2:00 0 - Rule Morocco 2040 only - Sep 2 3:00 -1:00 - @@ -967,7 +982,7 @@ Rule Morocco 2044 only - Aug 28 2:00 0 - Rule Morocco 2045 only - Jul 9 3:00 -1:00 - Rule Morocco 2045 only - Aug 20 2:00 0 - Rule Morocco 2046 only - Jul 1 3:00 -1:00 - -Rule Morocco 2046 only - Aug 12 2:00 0 - +Rule Morocco 2046 only - Aug 5 2:00 0 - Rule Morocco 2047 only - Jun 23 3:00 -1:00 - Rule Morocco 2047 only - Jul 28 2:00 0 - Rule Morocco 2048 only - Jun 7 3:00 -1:00 - @@ -983,7 +998,7 @@ Rule Morocco 2052 only - Jun 2 2:00 0 - Rule Morocco 2053 only - Apr 13 3:00 -1:00 - Rule Morocco 2053 only - May 25 2:00 0 - Rule Morocco 2054 only - Apr 5 3:00 -1:00 - -Rule Morocco 2054 only - May 17 2:00 0 - +Rule Morocco 2054 only - May 10 2:00 0 - Rule Morocco 2055 only - Mar 28 3:00 -1:00 - Rule Morocco 2055 only - May 2 2:00 0 - Rule Morocco 2056 only - Mar 12 3:00 -1:00 - @@ -999,7 +1014,7 @@ Rule Morocco 2060 only - Mar 7 2:00 0 - Rule Morocco 2061 only - Jan 16 3:00 -1:00 - Rule Morocco 2061 only - Feb 27 2:00 0 - Rule Morocco 2062 only - Jan 8 3:00 -1:00 - -Rule Morocco 2062 only - Feb 19 2:00 0 - +Rule Morocco 2062 only - Feb 12 2:00 0 - Rule Morocco 2062 only - Dec 31 3:00 -1:00 - Rule Morocco 2063 only - Feb 4 2:00 0 - Rule Morocco 2063 only - Dec 16 3:00 -1:00 - @@ -1015,7 +1030,7 @@ Rule Morocco 2067 only - Dec 11 2:00 0 - Rule Morocco 2068 only - Oct 21 3:00 -1:00 - Rule Morocco 2068 only - Dec 2 2:00 0 - Rule Morocco 2069 only - Oct 13 3:00 -1:00 - -Rule Morocco 2069 only - Nov 24 2:00 0 - +Rule Morocco 2069 only - Nov 17 2:00 0 - Rule Morocco 2070 only - Oct 5 3:00 -1:00 - Rule Morocco 2070 only - Nov 9 2:00 0 - Rule Morocco 2071 only - Sep 20 3:00 -1:00 - @@ -1031,7 +1046,7 @@ Rule Morocco 2075 only - Sep 15 2:00 0 - Rule Morocco 2076 only - Jul 26 3:00 -1:00 - Rule Morocco 2076 only - Sep 6 2:00 0 - Rule Morocco 2077 only - Jul 18 3:00 -1:00 - -Rule Morocco 2077 only - Aug 29 2:00 0 - +Rule Morocco 2077 only - Aug 22 2:00 0 - Rule Morocco 2078 only - Jul 10 3:00 -1:00 - Rule Morocco 2078 only - Aug 14 2:00 0 - Rule Morocco 2079 only - Jun 25 3:00 -1:00 - @@ -1041,13 +1056,13 @@ Rule Morocco 2080 only - Jul 21 2:00 0 - Rule Morocco 2081 only - Jun 1 3:00 -1:00 - Rule Morocco 2081 only - Jul 13 2:00 0 - Rule Morocco 2082 only - May 24 3:00 -1:00 - -Rule Morocco 2082 only - Jul 5 2:00 0 - +Rule Morocco 2082 only - Jun 28 2:00 0 - Rule Morocco 2083 only - May 16 3:00 -1:00 - Rule Morocco 2083 only - Jun 20 2:00 0 - Rule Morocco 2084 only - Apr 30 3:00 -1:00 - Rule Morocco 2084 only - Jun 11 2:00 0 - Rule Morocco 2085 only - Apr 22 3:00 -1:00 - -Rule Morocco 2085 only - Jun 3 2:00 0 - +Rule Morocco 2085 only - May 27 2:00 0 - Rule Morocco 2086 only - Apr 14 3:00 -1:00 - Rule Morocco 2086 only - May 19 2:00 0 - Rule Morocco 2087 only - Mar 30 3:00 -1:00 - @@ -1190,15 +1205,15 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # From P Chan (2020-12-03): # GMT was adopted as the standard time of Lagos on 1905-07-01. # Lagos Weekly Record, 1905-06-24, p 3 -# http://ddsnext.crl.edu/titles/31558#?c=0&m=668&s=0&cv=2&r=0&xywh=1446%2C5221%2C1931%2C1235 +# http://ddsnext.crl.edu/titles/31558#?c=0&m=668&s=0&cv=2&r=0&xywh=1446,5221,1931,1235 # says "It is officially notified that on and after the 1st of July 1905 -# Greenwich Mean Solar Time will be adopted thought the Colony and +# Greenwich Mean Solar Time will be adopted throughout the Colony and # Protectorate, and that it will be necessary to put all clocks 13 minutes and # 35 seconds back, recording local mean time." # # It seemed that Lagos returned to LMT on 1908-07-01. # [The Lagos Standard], 1908-07-01, p 5 -# http://ddsnext.crl.edu/titles/31556#?c=0&m=78&s=0&cv=4&r=0&xywh=-92%2C3590%2C3944%2C2523 +# http://ddsnext.crl.edu/titles/31556#?c=0&m=78&s=0&cv=4&r=0&xywh=-92,3590,3944,2523 # says "Scarcely have the people become accustomed to this new time, when # another official notice has now appeared announcing that from and after the # 1st July next, return will be made to local mean time." @@ -1210,7 +1225,7 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # https://libsysdigi.library.illinois.edu/ilharvest/Africana/Books2011-05/3064634/3064634_1914/3064634_1914_opt.pdf#page=27 # "On January 1st [1914], a universal standard time for Nigeria was adopted, # viz., half an hour fast on Greenwich mean time, corresponding to the meridian -# 7 [degrees] 30' E. long." +# 7° 30' E. long." # Lloyd's Register of Shipping (1915) says "Hitherto the time observed in Lagos # was the local mean time. On 1st January, 1914, standard time for the whole of # Nigeria was introduced ... Lagos time has been advanced about 16 minutes @@ -1228,7 +1243,7 @@ Zone Africa/Windhoek 1:08:24 - LMT 1892 Feb 8 # The Lagos Weekly Record, 1919-09-20, p 3 details discussion on the first # reading of this Bill by the Legislative Council of the Colony of Nigeria on # Thursday 1919-08-28: -# http://ddsnext.crl.edu/titles/31558?terms&item_id=303484#?m=1118&c=1&s=0&cv=2&r=0&xywh=1261%2C3408%2C2994%2C1915 +# http://ddsnext.crl.edu/titles/31558?terms&item_id=303484#?m=1118&c=1&s=0&cv=2&r=0&xywh=1261,3408,2994,1915 # "The proposal is that the Globe should be divided into twelve zones East and # West of Greenwich, of one hour each, Nigeria falling into the zone with a # standard of one hour fast on Greenwich Mean Time. Nigeria standard time is diff --git a/contrib/tzdata/antarctica b/contrib/tzdata/antarctica index f02755ae856f..fc603e9996de 100644 --- a/contrib/tzdata/antarctica +++ b/contrib/tzdata/antarctica @@ -292,7 +292,7 @@ Zone Antarctica/Rothera 0 - -00 1976 Dec 1 # but that he found it more convenient to keep GMT+12 # as supplies for the station were coming from McMurdo Sound, # which was on GMT+12 because New Zealand was on GMT+12 all year -# at that time (1957). (Source: Siple's book 90 Degrees South.) +# at that time (1957). (Source: Siple's book 90° South.) # # From Susan Smith # http://www.cybertours.com/whs/pole10.html diff --git a/contrib/tzdata/asia b/contrib/tzdata/asia index 199e6ad6adc3..a29a4dc0c4de 100644 --- a/contrib/tzdata/asia +++ b/contrib/tzdata/asia @@ -2691,6 +2691,40 @@ Zone Asia/Pyongyang 8:23:00 - LMT 1908 Apr 1 # Lebanon +# +# From Saadallah Itani (2023-03-23): +# Lebanon ... announced today delay of Spring forward from March 25 to April 20. +# +# From Paul Eggert (2023-03-27): +# This announcement was by the Lebanese caretaker prime minister Najib Mikati. +# https://www.mtv.com.lb/en/News/Local/1352516/lebanon-postpones-daylight-saving-time-adoption +# A video was later leaked to the media of parliament speaker Nabih Berri +# asking Mikati to postpone DST to aid observance of Ramadan, Mikati objecting +# that this would cause problems such as scheduling airline flights, to which +# Berri interjected, "What flights?" +# +# The change was controversial and led to a partly-sectarian divide. +# Many Lebanese institutions, including the education ministry, the Maronite +# church, and two news channels LCBI and MTV, ignored the announcement and +# went ahead with the long-scheduled spring-forward on March 25/26, some +# arguing that the prime minister had not followed the law because the change +# had not been approved by the cabinet. Google went with the announcement; +# Apple ignored it. At least one bank followed the announcement for its doors, +# but ignored the announcement in internal computer systems. +# Beirut international airport listed two times for each departure. +# Dan Azzi wrote "My view is that this whole thing is a Dumb and Dumber movie." +# Eventually the prime minister backed down, said the cabinet had decided to +# stick with its 1998 decision, and that DST would begin midnight March 29/30. +# https://www.nna-leb.gov.lb/en/miscellaneous/604093/lebanon-has-two-times-of-day-amid-daylight-savings +# https://www.cnbc.com/2023/03/27/lebanon-in-two-different-time-zones-as-government-disagrees-on-daylight-savings.html +# +# Although we could model the chaos with two Zones, that would likely cause +# more trouble than it would cure. Since so many manual clocks and +# computer-based timestamps ignored the announcement, stick with official +# cabinet resolutions in the data while recording the prime minister's +# announcement as a comment. This is how we treated a similar situation in +# Rio de Janeiro in spring 1993. +# # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule Lebanon 1920 only - Mar 28 0:00 1:00 S Rule Lebanon 1920 only - Oct 25 0:00 0 - @@ -2716,6 +2750,10 @@ Rule Lebanon 1992 only - Oct 4 0:00 0 - Rule Lebanon 1993 max - Mar lastSun 0:00 1:00 S Rule Lebanon 1993 1998 - Sep lastSun 0:00 0 - Rule Lebanon 1999 max - Oct lastSun 0:00 0 - +# This one-time rule, announced by the prime minister first for April 21 +# then for March 30, is commented out for reasons described above. +#Rule Lebanon 2023 only - Mar 30 0:00 1:00 S + # Zone NAME STDOFF RULES FORMAT [UNTIL] Zone Asia/Beirut 2:22:00 - LMT 1880 2:00 Lebanon EE%sT @@ -2954,7 +2992,7 @@ Zone Asia/Kathmandu 5:41:16 - LMT 1920 # 9pm and moving clocks forward by one hour for the next three months. ...." # # http://www.worldtimezone.com/dst_news/dst_news_pakistan01.html -# http://www.dailytimes.com.pk/default.asp?page=2008%5C05%5C15%5Cstory_15-5-2008_pg1_4 +# http://www.dailytimes.com.pk/default.asp?page=2008\05\15\story_15-5-2008_pg1_4 # From Arthur David Olson (2008-05-19): # XXX--midnight transitions is a guess; 2008 only is a guess. @@ -3277,7 +3315,7 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # Some of many sources in Arabic: # http://www.samanews.com/index.php?act=Show&id=122638 # -# http://safa.ps/details/news/74352/%D8%A8%D8%AF%D8%A1-%D8%A7%D9%84%D8%AA%D9%88%D9%82%D9%8A%D8%AA-%D8%A7%D9%84%D8%B5%D9%8A%D9%81%D9%8A-%D8%A8%D8%A7%D9%84%D8%B6%D9%81%D8%A9-%D9%88%D8%BA%D8%B2%D8%A9-%D9%84%D9%8A%D9%84%D8%A9-%D8%A7%D9%84%D8%AC%D9%85%D8%B9%D8%A9.html +# http://safa.ps/details/news/74352/بدء-التوقيت-الصيفي-بالضفة-وغزة-ليلة-الجمعة.html # # Our brief summary: # https://www.timeanddate.com/news/time/gaza-west-bank-dst-2012.html @@ -3287,7 +3325,7 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # time from midnight on Friday, March 29, 2013" (translated). # [These are in Arabic and are for Gaza and for Ramallah, respectively.] # http://www.samanews.com/index.php?act=Show&id=154120 -# http://safa.ps/details/news/99844/%D8%B1%D8%A7%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A8%D8%AF%D8%A1-%D8%A7%D9%84%D8%AA%D9%88%D9%82%D9%8A%D8%AA-%D8%A7%D9%84%D8%B5%D9%8A%D9%81%D9%8A-29-%D8%A7%D9%84%D8%AC%D8%A7%D8%B1%D9%8A.html +# http://safa.ps/details/news/99844/رام-الله-بدء-التوقيت-الصيفي-29-الجاري.html # From Steffen Thorsen (2013-09-24): # The Gaza and West Bank are ending DST Thursday at midnight @@ -3385,9 +3423,41 @@ Zone Asia/Karachi 4:28:12 - LMT 1907 # (2022-08-31): ... the Saturday before the last Sunday in March and October # at 2:00 AM ,for the years from 2023 to 2026. # (2022-09-05): https://mtit.pna.ps/Site/New/1453 -# -# From Paul Eggert (2022-08-31): -# For now, assume that this rule will also be used after 2026. + +# From Heba Hamad (2023-03-22): +# ... summer time will begin in Palestine from Saturday 04-29-2023, +# 02:00 AM by 60 minutes forward. +# +# From Paul Eggert (2023-03-22): +# For now, guess that spring and fall transitions will normally +# continue to use 2022's rules, that during DST Palestine will switch +# to standard time at 02:00 the last Saturday before Ramadan and back +# to DST at 02:00 the first Saturday after Ramadan, and that +# if the normal spring-forward or fall-back transition occurs during +# Ramadan the former is delayed and the latter advanced. +# To implement this, I predicted Ramadan-oriented transition dates for +# 2023 through 2086 by running the following program under GNU Emacs 28.2, +# with the results integrated by hand into the table below. +# Predictions after 2086 are approximated without Ramadan. +# +# (let ((islamic-year 1444)) +# (require 'cal-islam) +# (while (< islamic-year 1510) +# (let ((a (calendar-islamic-to-absolute (list 9 1 islamic-year))) +# (b (+ 1 (calendar-islamic-to-absolute (list 10 1 islamic-year)))) +# (saturday 6)) +# (while (/= saturday (mod (setq a (1- a)) 7))) +# (while (/= saturday (mod b 7)) +# (setq b (1+ b))) +# (setq a (calendar-gregorian-from-absolute a)) +# (setq b (calendar-gregorian-from-absolute b)) +# (insert +# (format +# (concat "Rule Palestine\t%d\tonly\t-\t%s\t%2d\t2:00\t0\t-\n" +# "Rule Palestine\t%d\tonly\t-\t%s\t%2d\t2:00\t1:00\tS\n") +# (car (cdr (cdr a))) (calendar-month-name (car a) t) (car (cdr a)) +# (car (cdr (cdr b))) (calendar-month-name (car b) t) (car (cdr b))))) +# (setq islamic-year (+ 1 islamic-year)))) # Rule NAME FROM TO - IN ON AT SAVE LETTER/S Rule EgyptAsia 1957 only - May 10 0:00 1:00 S @@ -3427,8 +3497,86 @@ Rule Palestine 2020 2021 - Mar Sat<=30 0:00 1:00 S Rule Palestine 2020 only - Oct 24 1:00 0 - Rule Palestine 2021 only - Oct 29 1:00 0 - Rule Palestine 2022 only - Mar 27 0:00 1:00 S -Rule Palestine 2022 max - Oct Sat<=30 2:00 0 - -Rule Palestine 2023 max - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2022 2035 - Oct Sat<=30 2:00 0 - +Rule Palestine 2023 only - Apr 29 2:00 1:00 S +Rule Palestine 2024 only - Apr 13 2:00 1:00 S +Rule Palestine 2025 only - Apr 5 2:00 1:00 S +Rule Palestine 2026 2054 - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2036 only - Oct 18 2:00 0 - +Rule Palestine 2037 only - Oct 10 2:00 0 - +Rule Palestine 2038 only - Sep 25 2:00 0 - +Rule Palestine 2039 only - Sep 17 2:00 0 - +Rule Palestine 2039 only - Oct 22 2:00 1:00 S +Rule Palestine 2039 2067 - Oct Sat<=30 2:00 0 - +Rule Palestine 2040 only - Sep 1 2:00 0 - +Rule Palestine 2040 only - Oct 13 2:00 1:00 S +Rule Palestine 2041 only - Aug 24 2:00 0 - +Rule Palestine 2041 only - Sep 28 2:00 1:00 S +Rule Palestine 2042 only - Aug 16 2:00 0 - +Rule Palestine 2042 only - Sep 20 2:00 1:00 S +Rule Palestine 2043 only - Aug 1 2:00 0 - +Rule Palestine 2043 only - Sep 12 2:00 1:00 S +Rule Palestine 2044 only - Jul 23 2:00 0 - +Rule Palestine 2044 only - Aug 27 2:00 1:00 S +Rule Palestine 2045 only - Jul 15 2:00 0 - +Rule Palestine 2045 only - Aug 19 2:00 1:00 S +Rule Palestine 2046 only - Jun 30 2:00 0 - +Rule Palestine 2046 only - Aug 11 2:00 1:00 S +Rule Palestine 2047 only - Jun 22 2:00 0 - +Rule Palestine 2047 only - Jul 27 2:00 1:00 S +Rule Palestine 2048 only - Jun 6 2:00 0 - +Rule Palestine 2048 only - Jul 18 2:00 1:00 S +Rule Palestine 2049 only - May 29 2:00 0 - +Rule Palestine 2049 only - Jul 3 2:00 1:00 S +Rule Palestine 2050 only - May 21 2:00 0 - +Rule Palestine 2050 only - Jun 25 2:00 1:00 S +Rule Palestine 2051 only - May 6 2:00 0 - +Rule Palestine 2051 only - Jun 17 2:00 1:00 S +Rule Palestine 2052 only - Apr 27 2:00 0 - +Rule Palestine 2052 only - Jun 1 2:00 1:00 S +Rule Palestine 2053 only - Apr 12 2:00 0 - +Rule Palestine 2053 only - May 24 2:00 1:00 S +Rule Palestine 2054 only - Apr 4 2:00 0 - +Rule Palestine 2054 only - May 16 2:00 1:00 S +Rule Palestine 2055 only - May 1 2:00 1:00 S +Rule Palestine 2056 only - Apr 22 2:00 1:00 S +Rule Palestine 2057 only - Apr 7 2:00 1:00 S +Rule Palestine 2058 max - Mar Sat<=30 2:00 1:00 S +Rule Palestine 2068 only - Oct 20 2:00 0 - +Rule Palestine 2069 only - Oct 12 2:00 0 - +Rule Palestine 2070 only - Oct 4 2:00 0 - +Rule Palestine 2071 only - Sep 19 2:00 0 - +Rule Palestine 2072 only - Sep 10 2:00 0 - +Rule Palestine 2072 only - Oct 15 2:00 1:00 S +Rule Palestine 2073 only - Sep 2 2:00 0 - +Rule Palestine 2073 only - Oct 7 2:00 1:00 S +Rule Palestine 2074 only - Aug 18 2:00 0 - +Rule Palestine 2074 only - Sep 29 2:00 1:00 S +Rule Palestine 2075 only - Aug 10 2:00 0 - +Rule Palestine 2075 only - Sep 14 2:00 1:00 S +Rule Palestine 2075 max - Oct Sat<=30 2:00 0 - +Rule Palestine 2076 only - Jul 25 2:00 0 - +Rule Palestine 2076 only - Sep 5 2:00 1:00 S +Rule Palestine 2077 only - Jul 17 2:00 0 - +Rule Palestine 2077 only - Aug 28 2:00 1:00 S +Rule Palestine 2078 only - Jul 9 2:00 0 - +Rule Palestine 2078 only - Aug 13 2:00 1:00 S +Rule Palestine 2079 only - Jun 24 2:00 0 - +Rule Palestine 2079 only - Aug 5 2:00 1:00 S +Rule Palestine 2080 only - Jun 15 2:00 0 - +Rule Palestine 2080 only - Jul 20 2:00 1:00 S +Rule Palestine 2081 only - Jun 7 2:00 0 - +Rule Palestine 2081 only - Jul 12 2:00 1:00 S +Rule Palestine 2082 only - May 23 2:00 0 - +Rule Palestine 2082 only - Jul 4 2:00 1:00 S +Rule Palestine 2083 only - May 15 2:00 0 - +Rule Palestine 2083 only - Jun 19 2:00 1:00 S +Rule Palestine 2084 only - Apr 29 2:00 0 - +Rule Palestine 2084 only - Jun 10 2:00 1:00 S +Rule Palestine 2085 only - Apr 21 2:00 0 - +Rule Palestine 2085 only - Jun 2 2:00 1:00 S +Rule Palestine 2086 only - Apr 13 2:00 0 - +Rule Palestine 2086 only - May 18 2:00 1:00 S # Zone NAME STDOFF RULES FORMAT [UNTIL] Zone Asia/Gaza 2:17:52 - LMT 1900 Oct @@ -3632,7 +3780,7 @@ Zone Asia/Singapore 6:55:25 - LMT 1901 Jan 1 # standard time is SLST. # # From Paul Eggert (2016-10-18): -# "SLST" seems to be reasonably recent and rarely-used outside time +# "SLST" seems to be reasonably recent and rarely used outside time # zone nerd sources. I searched Google News and found three uses of # it in the International Business Times of India in February and # March of this year when discussing cricket match times, but nothing diff --git a/contrib/tzdata/australasia b/contrib/tzdata/australasia index af0410ab9035..0633a30efd8b 100644 --- a/contrib/tzdata/australasia +++ b/contrib/tzdata/australasia @@ -323,7 +323,7 @@ Zone Antarctica/Macquarie 0 - -00 1899 Nov # From Steffen Thorsen (2013-01-10): # Fiji will end DST on 2014-01-19 02:00: -# http://www.fiji.gov.fj/Media-Center/Press-Releases/DAYLIGHT-SAVINGS-TO-END-THIS-MONTH-%281%29.aspx +# http://www.fiji.gov.fj/Media-Center/Press-Releases/DAYLIGHT-SAVINGS-TO-END-THIS-MONTH-(1).aspx # From Ken Rylander (2014-10-20): # DST will start Nov. 2 this year. @@ -723,7 +723,7 @@ Zone Pacific/Pago_Pago 12:37:12 - LMT 1892 Jul 5 # # Samoa's Daylight Saving Time Act 2009 is available here, but does not # contain any dates: -# http://www.parliament.gov.ws/documents/acts/Daylight%20Saving%20Act%20%202009%20%28English%29%20-%20Final%207-7-091.pdf +# http://www.parliament.gov.ws/documents/acts/Daylight%20Saving%20Act%20%202009%20(English)%20-%20Final%207-7-091.pdf # From Laupue Raymond Hughes (2010-10-07): # Please see @@ -1808,7 +1808,7 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # period. It would probably be reasonable to assume Guam use GMT+9 during # that period of time like the surrounding area. -# From Paul Eggert (2018-11-18): +# From Paul Eggert (2023-01-23): # Howse writes (p 153) "The Spaniards, on the other hand, reached the # Philippines and the Ladrones from America," and implies that the Ladrones # (now called the Marianas) kept American date for quite some time. @@ -1821,7 +1821,7 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # they did as that avoids the need for a separate zone due to our 1970 cutoff. # # US Public Law 106-564 (2000-12-23) made UT +10 the official standard time, -# under the name "Chamorro Standard Time". There is no official abbreviation, +# under the name "Chamorro standard time". There is no official abbreviation, # but Congressman Robert A. Underwood, author of the bill that became law, # wrote in a press release (2000-12-27) that he will seek the use of "ChST". @@ -2199,24 +2199,18 @@ Zone Pacific/Efate 11:13:16 - LMT 1912 Jan 13 # Vila # an international standard, there are some places on the high seas where the # correct date is ambiguous. -# From Wikipedia (2005-08-31): -# Before 1920, all ships kept local apparent time on the high seas by setting -# their clocks at night or at the morning sight so that, given the ship's *** 999 LINES SKIPPED *** From nobody Wed Jun 21 05:42:24 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7j1vbxz4g2C0; Wed, 21 Jun 2023 05:42:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7j0J95z3kmv; Wed, 21 Jun 2023 05:42:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326145; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6bqdPaH48iNi4HuQdgDcT29MJi0GOjmZxt3CDqSr/zA=; b=sTQsFixtFy8lfR0zxNMY6yQc41TVZPcQpuOvrovXSIw4GO11GZVy6+ZLWuKJg+nULWXKi4 oWI8164NKYg+4xYRR8J9UyLMmDiX4dRcG7h8ctnMhY2eCWXskoruOZtp1S/x/x+4IAHhv4 1N14UKQ4L1EuNpD8z0x6Jd+3RJRGR4dFZXesdP5gqsNdJbXlXCnR/6Y5jQRecrLzeD5dr7 niiGcdJ/kPACWUcGA5de1uuJHXnAJwoL6AmioA6y8Y8q7dq9Rgw3zI8ZfO/ixpMjaKPJ1l n3nMer8IMt6Bc0/uUgKo9cX0fNuW8LAUL4PFckypMB3/K+OkJZolUd3qZTws+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326145; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6bqdPaH48iNi4HuQdgDcT29MJi0GOjmZxt3CDqSr/zA=; b=ApTv6tX3BW8V2uu4CcULn+gAcbaW64mJLXLa061QHu2gZrppHhteNglxHitwVXPLgZNVIe wB16EW/t3ix4Th5abzCnHAztM+WvD+J9w9koAr/lcDiIKNdJ2sgXPVJxAzGyXhH96EfayV IVmdm+UWdwcQonbOE8n76rwiadJlX1QauKrq3Gjer9roHFhARGX37zUHOsgztFdXgmPY3n MEh5SGA4fbVmX3doyMZZ0A478uWHn3pfsQGG2NIldqEh5pM0KPiPEuJo4BJwZT4EruEbeM UaFErXt26649hCqzevmEHple+OD3kAvdI0C1q1eVsRbxuHpupChghZvjOebE+Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326145; a=rsa-sha256; cv=none; b=S1BkhSQpUCa/dQ6kmmUSSE8uk1mRcavQpbzB9KfIStz5cptjQ5NdMllIYQT6koZF03X4Yr EYsI4F1tTl86BoxOGXtmGDY0iX+b3Jk8MxNYigzXeOZMAIgoWz17fL/w1j7ue8ukmMvT3d UALCjzHfttg2Rwr0dI12xXCn43rsi04/a2bbE3TfIQg+oaemI3qR8ti3eeo9Y7jXKjRNVR vxlmsJWHcSQj41OLu4IW0q+i7VaXqjiDvq4vEa+yVu96/bD8PGUkdG/ROoO0MPj08WYNNI RJEbWpLVRiSScJvXc+Sju/HZFvZXyqOkYGyT0RUawEkUZw25wTF9q93VqklRwQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7h6RfMzV5m; Wed, 21 Jun 2023 05:42:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gO2B064205; Wed, 21 Jun 2023 05:42:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gOpX064204; Wed, 21 Jun 2023 05:42:24 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:24 GMT Message-Id: <202306210542.35L5gOpX064204@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: c7b05da29795 - releng/12.4 - mpr: fix copying of event_mask List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: c7b05da29795f263c0b511d8ef4755a784439dc4 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/12.4 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=c7b05da29795f263c0b511d8ef4755a784439dc4 commit c7b05da29795f263c0b511d8ef4755a784439dc4 Author: Mariusz Zaborski AuthorDate: 2023-04-21 07:50:16 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:08:39 +0000 mpr: fix copying of event_mask Before the commit 6cc44223cb6717795afdac4348bbe7e2a968a07d the field event_mask was fully copied to the EventMasks field. After this commit the event_mask (uint8_t) is 4 times casted to EventMask (uint32_t). Because of that 24 bits of each event_mask array is lost. This commits brings back simple copying of field, and after words converting 32 bits field to the requested endian. I don't think we need more sophisticated method, as the array is of size 4 (for 32 bits version). Reviewed by: imp MFC after: 1 week Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D39562 (cherry picked from commit ea6597c38c77c7bfaae71259d8636cbb89add6a3) (cherry picked from commit 2de69df6f398987cecbc5ac02b2183c561e0f220) Approved by: so Security: FreeBSD-EN-23:07.mpr --- sys/dev/mpr/mpr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c index 308c88112168..33afb7adf852 100644 --- a/sys/dev/mpr/mpr.c +++ b/sys/dev/mpr/mpr.c @@ -2795,8 +2795,9 @@ mpr_update_events(struct mpr_softc *sc, struct mpr_event_handle *handle, bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; @@ -2850,8 +2851,9 @@ mpr_reregister_events(struct mpr_softc *sc) bcopy(fullmask, (uint8_t *)&evtreq->EventMasks, 16); } #else + bcopy(sc->event_mask, (uint8_t *)&evtreq->EventMasks, sizeof(sc->event_mask)); for (i = 0; i < MPI2_EVENT_NOTIFY_EVENTMASK_WORDS; i++) - evtreq->EventMasks[i] = htole32(sc->event_mask[i]); + evtreq->EventMasks[i] = htole32(evtreq->EventMasks[i]); #endif cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; cm->cm_data = NULL; From nobody Wed Jun 21 05:42:25 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7k4BtGz4g26L; Wed, 21 Jun 2023 05:42:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7k1DDWz3klX; Wed, 21 Jun 2023 05:42:26 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326146; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GVPJ15LIgyYHJRXWfJjq55fREJUCcB/tcFI7EIMUWuk=; b=cCSjnL1Mez0elDEi09TuXhopZcE1xmt8QChfKCAdQgQ4fzaP++rtIRjF1fNePRWaMjJ4Cr RvVgTMEXMvsUOM9MZtEWQ4rRJcgg9yPpfQxq9ndRBtm4B3XIYewxicqXVW8fZ5wtzif8kr kcWepBvw1q7ugkGRTQXz2uk9vVb6Qhg3gbtEGzf9gsKP21r82t+6Ove6x4UYlIOVm0TCl5 J567OhMAM9bgydW1CKLZKPrCv8/edkjH5JehcoVp0cN00wPdlOCThERnywIaTw6y5vzugn 0OrEVEo42827KPTK1BOZyeObE2lLWtJdPv1ibEKhg5mQV5iYjppfy3LJUdjy3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326146; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GVPJ15LIgyYHJRXWfJjq55fREJUCcB/tcFI7EIMUWuk=; b=CedE0YwRiR1SDGgaR2Q4DQv/lyULffCblxAVzTBx4hyOtX6Sku6rtMpM0fvJfP9xGZH7Cf RYMKOLuQICAUOmHF3vfcqGYzKbOBXqI66dO0nbh+95vn5vxl3ndhSdQ8MdFvKEYhxlQBhy +KDKY3p7Bom71fWMHgaO4c9Mg/jG7alEsnLWL2kQuPkJiqgpZq5Gllcrn88y3c4B+tWZk5 LDQ3C5kBJYybhXpH+vwFWJ4luf3oB3tSi2ODAMWH3aIPwbipnF+ctwpUOfm08rCpLktayk CIJ2QwmuQVWOminFBl+2VK0B1wGi6apXejjGH9hLaTKfmdS1HO7bXcWrHP1w+w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326146; a=rsa-sha256; cv=none; b=E0GLzX0i7cmFrbvtZSIa4p5Mp5ak1Aoi8DrKeXVcbHRDE2L1NOCobqQBq53BYPZ+aBWlpS 1PbVPDc4jGTyp2c7w43eQhuYvglWhbk5H3oDBPffuZxN399NneO9533HQIwa8AajOJWOlK N5rlh6owAJ1d26mbtm2bXtKV7/nzemu9sfVZdasPMe74zMmsSJ/j7nRQVP0RjLnOo9msZz BjHTPyxHNk3m/CagWpBI4SCo9zJdjMdrU6pnY30+6rn8XiDm3LbpjprzWRtvDsNJYtrVM+ yaBw121TlsVO+l9mv+8u0E/3RXGHIO2kFkT1m3WnWP2Wz1XRtOnPh90n01ZuKA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7k0H3DzVHM; Wed, 21 Jun 2023 05:42:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gPAp064231; Wed, 21 Jun 2023 05:42:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gPt4064230; Wed, 21 Jun 2023 05:42:25 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:25 GMT Message-Id: <202306210542.35L5gPt4064230@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 0453667c492c - releng/12.4 - pam_krb5: Fix spoofing vulnerability List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: 0453667c492c33f01e76d5e67696c23b8ee9122b Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/12.4 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=0453667c492c33f01e76d5e67696c23b8ee9122b commit 0453667c492c33f01e76d5e67696c23b8ee9122b Author: Cy Schubert AuthorDate: 2023-05-31 19:20:27 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:27:36 +0000 pam_krb5: Fix spoofing vulnerability An adversary on the network can log in via ssh as any user by spoofing the KDC. When the machine has a keytab installed the keytab is used to verify the service ticket. However, without a keytab there is no way for pam_krb5 to verify the KDC's response and get a TGT with the password. If both the password _and_ the KDC are controlled by an adversary, the adversary can provide a password that the adversary's spoofed KDC will return a valid tgt for. Currently, without a keytab, pam_krb5 is vulnerable to this attack. Reported by: Taylor R Campbell via emaste@ Reviewed by: so Approved by: so Security: FreeBSD-SA-23:04.pam_krb5 Security: CVE-2023-3326 (cherry picked from commit 813847e49e35439ba5d7bf16034b0691312068a4) (cherry picked from commit 5018f551ece209a32b06e5225d34fe248d14e479) --- lib/libpam/modules/pam_krb5/pam_krb5.8 | 15 +++++ lib/libpam/modules/pam_krb5/pam_krb5.c | 104 +++++++++++++++++++++++++++------ 2 files changed, 102 insertions(+), 17 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.8 b/lib/libpam/modules/pam_krb5/pam_krb5.8 index bd7ac5b9ca0c..bdd91c54fce6 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.8 +++ b/lib/libpam/modules/pam_krb5/pam_krb5.8 @@ -108,6 +108,21 @@ and .Ql %p , to designate the current process ID; can be used in .Ar name . +.It Cm allow_kdc_spoof +Allow +.Nm +to succeed even if there is no host or service key available in a +keytab to authenticate the Kerberos KDC's ticket. +If there is no such key, for example on a host with no keytabs, +.Nm +will fail immediately without prompting the user. +.Pp +.Sy Warning : +If the host has not been configured with a keytab from the KDC, setting +this option makes it vulnerable to malicious KDCs, e.g. via DNS +flooding, because +.Nm +has no way to distinguish the legitimate KDC from a spoofed KDC. .It Cm no_user_check Do not verify if a user exists on the local system. This option implies the .Cm no_ccache diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 810573bed47e..3972479a581f 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -76,7 +76,12 @@ __FBSDID("$FreeBSD$"); #define COMPAT_HEIMDAL /* #define COMPAT_MIT */ -static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int); +static int verify_krb_v5_tgt_begin(krb5_context, char *, int, + const char **, krb5_principal *, char[static BUFSIZ]); +static int verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int, + const char *, krb5_principal, char[static BUFSIZ]); +static void verify_krb_v5_tgt_cleanup(krb5_context, int, + const char *, krb5_principal, char[static BUFSIZ]); static void cleanup_cache(pam_handle_t *, void *, int); static const char *compat_princ_component(krb5_context, krb5_principal, int); static void compat_free_data_contents(krb5_context, krb5_data *); @@ -92,6 +97,7 @@ static void compat_free_data_contents(krb5_context, krb5_data *); #define PAM_OPT_NO_USER_CHECK "no_user_check" #define PAM_OPT_REUSE_CCACHE "reuse_ccache" #define PAM_OPT_NO_USER_CHECK "no_user_check" +#define PAM_OPT_ALLOW_KDC_SPOOF "allow_kdc_spoof" #define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ do { \ @@ -109,6 +115,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, { krb5_error_code krbret; krb5_context pam_context; + int debug; + const char *auth_service; + krb5_principal auth_princ; + char auth_phost[BUFSIZ]; krb5_creds creds; krb5_principal princ; krb5_ccache ccache; @@ -139,14 +149,37 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Got service: %s", (const char *)service); + if ((srvdup = strdup(service)) == NULL) { + retval = PAM_BUF_ERR; + goto cleanup6; + } + krbret = krb5_init_context(&pam_context); if (krbret != 0) { PAM_VERBOSE_ERROR("Kerberos 5 error"); - return (PAM_SERVICE_ERR); + retval = PAM_SERVICE_ERR; + goto cleanup5; } PAM_LOG("Context initialised"); + debug = openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0; + krbret = verify_krb_v5_tgt_begin(pam_context, srvdup, debug, + &auth_service, &auth_princ, auth_phost); + if (krbret != 0) { /* failed to find key */ + /* Keytab or service key does not exist */ + /* + * Give up now because we can't authenticate the KDC + * with a keytab, unless the administrator asked to + * have the traditional behaviour of being vulnerable + * to spoofed KDCs. + */ + if (!openpam_get_option(pamh, PAM_OPT_ALLOW_KDC_SPOOF)) { + retval = PAM_SERVICE_ERR; + goto cleanup4; + } + } + krbret = krb5_cc_register(pam_context, &krb5_mcc_ops, FALSE); if (krbret != 0 && krbret != KRB5_CC_TYPE_EXISTS) { PAM_VERBOSE_ERROR("Kerberos 5 error"); @@ -292,13 +325,11 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, PAM_LOG("Credentials stashed"); /* Verify them */ - if ((srvdup = strdup(service)) == NULL) { - retval = PAM_BUF_ERR; - goto cleanup; - } krbret = verify_krb_v5_tgt(pam_context, ccache, srvdup, - openpam_get_option(pamh, PAM_OPT_DEBUG) ? 1 : 0); + debug, + auth_service, auth_princ, auth_phost); free(srvdup); + srvdup = NULL; if (krbret == -1) { PAM_VERBOSE_ERROR("Kerberos 5 error"); krb5_cc_destroy(pam_context, ccache); @@ -349,8 +380,20 @@ cleanup3: PAM_LOG("Done cleanup3"); +cleanup4: + verify_krb_v5_tgt_cleanup(pam_context, debug, + auth_service, auth_princ, auth_phost); + PAM_LOG("Done cleanup4"); + +cleanup5: + if (srvdup != NULL) + free(srvdup); + PAM_LOG("Done cleanup5"); + +cleanup6: if (retval != PAM_SUCCESS) PAM_VERBOSE_ERROR("Kerberos 5 refuses you"); + PAM_LOG("Done cleanup6"); return (retval); } @@ -837,18 +880,18 @@ PAM_MODULE_ENTRY("pam_krb5"); */ /* ARGSUSED */ static int -verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, - char *pam_service, int debug) +verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, + const char **servicep, krb5_principal *princp __unused, char phost[static BUFSIZ]) { krb5_error_code retval; krb5_principal princ; krb5_keyblock *keyblock; - krb5_data packet; - krb5_auth_context auth_context; - char phost[BUFSIZ]; const char *services[3], **service; - packet.data = 0; + *servicep = NULL; + + if (debug) + openlog("pam_krb5", LOG_PID, LOG_AUTHPRIV); /* If possible we want to try and verify the ticket we have * received against a keytab. We will try multiple service @@ -906,14 +949,30 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, krb5_free_error_message(context, msg); } retval = 0; - goto cleanup; } if (keyblock) krb5_free_keyblock(context, keyblock); + return (retval); +} + +static int +verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, + char *pam_service __unused, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ]) +{ + krb5_error_code retval; + krb5_auth_context auth_context = NULL; + krb5_data packet; + + if (service == NULL) + return (0); /* uncertain, can't authenticate KDC */ + + packet.data = 0; + /* Talk to the kdc and construct the ticket. */ auth_context = NULL; - retval = krb5_mk_req(context, &auth_context, 0, *service, phost, + retval = krb5_mk_req(context, &auth_context, 0, service, phost, NULL, ccache, &packet); if (auth_context) { krb5_auth_con_free(context, auth_context); @@ -952,8 +1011,19 @@ verify_krb_v5_tgt(krb5_context context, krb5_ccache ccache, cleanup: if (packet.data) compat_free_data_contents(context, &packet); - krb5_free_principal(context, princ); - return retval; + return (retval); +} + +static void +verify_krb_v5_tgt_cleanup(krb5_context context, int debug, + const char *service, krb5_principal princ, char phost[static BUFSIZ] __unused) +{ + + if (service) + krb5_free_principal(context, princ); + if (debug) + closelog(); + } /* Free the memory for cache_name. Called by pam_end() */ From nobody Wed Jun 21 05:42:27 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7l57tNz4g2Dy; Wed, 21 Jun 2023 05:42:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7l2Hzvz3knX; Wed, 21 Jun 2023 05:42:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326147; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E3wH7dwY93O3hKqSejiNi8ymbKuwTc4DnSk7SGvLnXA=; b=J++EZrUVBNr/uc46N/39aM117b+3NnBDqiWHTuDROHKCH3Vpf7/aF4HF2HYleCEZ2if2XE Jzsof9t/nFSq3SD1DN1VkO9faLpqAx/HLsJioJL6izGcEWIX78XjtsfgDByBNzQjXED0sy y+j/oIBATprph+rf61Rc41OmHMPaUHVSwfAL8XM7eqXHCVTe9Ph9muoW9aPUTaPsVl0mn+ MQT6wEWdN8fag9liC6QqmQeOlcA7EiE0UhNxOn1YUG5xg7wirNGPyvtDtsG9RKUr40UaCl jq1WUwM3dybWFDokuwRiifn9ZdfjFIfGU61KNPD559pH0LYOOADoO4Bf4kmJgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326147; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E3wH7dwY93O3hKqSejiNi8ymbKuwTc4DnSk7SGvLnXA=; b=Sp2wug4tnIuycszMuiVQj/nZfFMW1OqkUoZu4OTDBxmR06tQ2lbqD76RuEyih7QcslRPJw AFMAvLaZ2nOeCKX6PiaxxFGm8L7NULrcRQ7fbwXWyp2uj5xgiMACvTfSwriWTwadUOV+a0 X1uB18bTKGOdBBuTPvYn7PuvOyuYbkY6d/Vym8NFyAESiMo3YHXGQka/yInoojygDrAJqj /XIo+T8mfOjpeMGI2bcto5oFagtmKK75vibwwcVtffK7kaHZpUikHrsru8cgh455PuymDR 8ec5abEZKxRs9qsdRZzDcKM/NQZXFb895tnyuafEQujtQOFYgQgiV5dtNSRstQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326147; a=rsa-sha256; cv=none; b=s5N9RKAzVB2z5gKenPcXEkVE2vfeR//YRRTixQoduQjnJOpNSG5T5cyY9aOWSUTP+TWAzT DxS7epLYBgOYljnqX0whR6pMZccmsMUWPwe4fiYcTl3WTR3so6opMkDkyvEZ1bYMkPgky3 OEmgqix+Z1U+kIDR0oxbMdjRuGsLP3SMVTdPqrMIyyRAig/tK8ddjjegd4p38086bf0zDp xYJl6KN2lc2J9KDvqdv6jDbvZ8e0m8JyFcZ7PuJS8jLNYAGJc1h4YwHdAEePOAmVfjq1lB 0T+JxSnplWwXIBtUFDNdN7PH105sX2XpEtLThqQUe/1t01L1vOS9Hr4jUYlZtw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7l1DMJzV5n; Wed, 21 Jun 2023 05:42:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gRBT064257; Wed, 21 Jun 2023 05:42:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gRYj064256; Wed, 21 Jun 2023 05:42:27 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:27 GMT Message-Id: <202306210542.35L5gRYj064256@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: e374f1ec937f - releng/12.4 - openssh: include destination constraints for smartcard keys List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: e374f1ec937f70ab2c89e0b392b45a67752c4172 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/12.4 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=e374f1ec937f70ab2c89e0b392b45a67752c4172 commit e374f1ec937f70ab2c89e0b392b45a67752c4172 Author: Ed Maste AuthorDate: 2023-06-05 14:49:53 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:29:49 +0000 openssh: include destination constraints for smartcard keys From openssh-portable 54ac4ab2b53ce9fcb66b8250dee91c070e4167ed, OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f PR: 271839 Sponsored by: The FreeBSD Foundation Approved by: so Security: FreeBSD-SA-23:05.openssh Security: CVE-2023-28531 (cherry picked from commit 2b4fb1350ceea0f2a0f04b1b8f5bfd3c32329ae4) --- crypto/openssh/authfd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index b633e35eaf8b..b9ae505ad7b2 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -666,7 +666,7 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin, struct dest_constraint **dest_constraints, size_t ndest_constraints) { struct sshbuf *msg; - int r, constrained = (life || confirm); + int r, constrained = (life || confirm || dest_constraints); u_char type; if (add) { From nobody Wed Jun 21 05:42:28 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmC7m4mSsz4g1qK; Wed, 21 Jun 2023 05:42:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmC7m36dhz3knp; Wed, 21 Jun 2023 05:42:28 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326148; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=H7CPmLrHBmdlkMM56p6zxVuFkAUsnT+pYzozmFqv2pM=; b=nR5jbAB22dTwf0yNy3xxFgzQP9tf0HvGRCg2W3I6ukxFHJ2Lqkl0f5y9yb7KLWF8PwR2Uf +EmLL0fWket7sqNNPLAKPQN/JMW2jhBDOL6X2egYMcE7wxDDoNbT6AeqmT/MnojPsmAdyA VrpteQ6FuwXqHOLYs6Ov/tEtbD5UQUi2JifTt7y6BS8xiGi44GBaBxv8Y9C7+ozjzQsXzu XxFkaT61mwwl9ZEsyUumhOXC/sHzhcLAV4N/B6v/8MDu6edYrhOlwWNkavDBZHrPAUSMJw +HEG63FmmOPrbvpxYUGMWhH+C1iPm2WGVcS61/oAyYNOoimlqrVJFLHUx1VyzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687326148; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=H7CPmLrHBmdlkMM56p6zxVuFkAUsnT+pYzozmFqv2pM=; b=ZLx0CwkNdEcFa1xexbwQU26VyR7tr2r/HUSkFFijWIkAL40lRUl9Mu4NN9aQdGdbImPw/I mfFvRWjD6ghxf5PzafEK6lFyD/ksqIuejmqDsi6u5RkQCPQvYh2quRjzYUqJVFd3JoNXib l02rgkRwyd0l1ZeisKudxOdhNTdjvQFit38vwgS/vwcczfXulOvj+kbN2kHmiz+4Qh/HIx aJMiURCf2pfVHcg3Glk9lZrFwa5dKr4Diqxs8s7MAZt55JG0J0+DDYClesSZqbviIrM4S5 A5BtwJfU9J1+QmT42a4ryiTw0Rwndi2ICCFC5sTwyMt0Eu6pwuyNg9tk5imARw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687326148; a=rsa-sha256; cv=none; b=GEyIysKmcPJGeykrqsz0a23vnDWgWeuPI8xBL8J7yeO8rH0D+4hVE29J/PiaC4heUP/L9x iH7YcT7p9KT35IMC1+fmtDEA+exsrZPUEe/+i5uSPpFC0tQJNniUE+Dr74JaaYA+UDix3Z B05ZkU9ksRGX/uIZltT0hKT264j1iovIetkydm0GGK68aFbn3A+jzzkuicgHqHUG+IkBIu nfX7ZMaX/mXv7tV4+xGaG5+dQjotfTUlpXgHeZrkX/ibOs9a8nQiFM/NMJizzjWEC2Cq+j Bgc688Vm1liNvnryyIy0/2tidpWnPpqQ0VfDJ4RRGNeJsNOBDHltLJAH7v13Kg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmC7m2CC3zVcD; Wed, 21 Jun 2023 05:42:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35L5gSxD064276; Wed, 21 Jun 2023 05:42:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35L5gSHx064275; Wed, 21 Jun 2023 05:42:28 GMT (envelope-from git) Date: Wed, 21 Jun 2023 05:42:28 GMT Message-Id: <202306210542.35L5gSHx064275@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: 27340c75ee9f - releng/12.4 - Add UPDATING entries and bump version. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.4 X-Git-Reftype: branch X-Git-Commit: 27340c75ee9ff81f12559cffc368a63a056098f4 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch releng/12.4 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=27340c75ee9ff81f12559cffc368a63a056098f4 commit 27340c75ee9ff81f12559cffc368a63a056098f4 Author: Gordon Tetlow AuthorDate: 2023-06-21 05:35:32 +0000 Commit: Gordon Tetlow CommitDate: 2023-06-21 05:35:32 +0000 Add UPDATING entries and bump version. Approved by: so --- UPDATING | 14 ++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 307aca283230..819f3692b232 100644 --- a/UPDATING +++ b/UPDATING @@ -17,6 +17,20 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20230621: + 12.4-RELEASE-p3 FreeBSD-EN-23:05.tzdata + FreeBSD-EN-23:07.mpr + FreeBSD-SA-23:04.pam_krb5 + FreeBSD-SA-23:05.openssh + + Timezone database information update [EN-23:05.tzdata] + + Fix mpr(4) failure to initialize devices [EN-23:07.mpr] + + Fix network authentication attack via pam_krb5 [SA-23:04.pam_krb5] + + Fix ssh-add not honoring per-hop destination constraints [SA-23:05.openssh] + 20230216: 12.4-RELEASE-p2 FreeBSD-SA-23:02.openssh FreeBSD-SA-23:03.openssl diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 36498714214a..6216e480dc51 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -49,7 +49,7 @@ TYPE="FreeBSD" REVISION="12.4" -BRANCH="RELEASE-p2" +BRANCH="RELEASE-p3" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Wed Jun 21 12:52:54 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmNhQ594hz4fs6G; Wed, 21 Jun 2023 12:52:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmNhQ4dvwz4GLJ; Wed, 21 Jun 2023 12:52:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687351974; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qYXn+MLuF441qWdFanoRhjj6KllpDXLZPwRl37bwE3w=; b=NgXRlljMpzNS5yiN8iukfOzeQCtB+j9jiNA3k2a2dMp4MhvEAADF8DM0/fQUZHe7M9yWkK TA40L8dJCnupMuSukUpJsZ+4B9chV9/xSQgH+Di4WKl34WnAijbqtreIE2fDnweUFIfs7B RGRxoXY3NrymnH84c5DNT93lhx6zmKGcxrSRCN3KY4tl32UMk/p4J8U7DbuGxd4yaAYaVt jLliWslyrfd9tnaNJdRBE+jA4WnGBtCTSj4X49ZaB+NKE8Anb4BRxbj27y98mS5tuKlqQ+ grBUdR5cBEsZuw5c6nWr62+1kKMogvpwJrQl2f/6ymQuzF6KwNvB/p0HxSLaWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687351974; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qYXn+MLuF441qWdFanoRhjj6KllpDXLZPwRl37bwE3w=; b=dve9+LcNvcVtV9BTtE+BwtZyXyTiXFIJ2q+7Qw378v+t7fvYuWpqgPFiB1uKQ58S0K888V vajg9ZmI40Vx9UFiKxOXpFv5+a4URkIjbDkvoP1IE1P2tdD3+1yquP2Eio9UQDvPdbeVhH mt3cCbvGTsNgs+OmgXX3VFm9t23W+Yy+GfXL0PsU4iUi0aXEFNGvY0QdFLnAiLRP9m2VJQ xruc22/ZeH/ipUxi7vH5Md6d0Sh9rg8GFtc3nqPEdAdf9RmfJgwLgDkXcqr2zvSkQE8Fjy hL2wW9xhOwlB1xVVefU2w8dt9DKLmB9sKJw3chkei0qqHMbwuU3M+hRJNSuR8Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687351974; a=rsa-sha256; cv=none; b=fGDmkc7Y/1XchdBSxL4t3wQ06krub2a1a7oljDeDj2BW+sVy2z1MeL+1RsRIxFiIfq+T3M 8Gg0l38n04qy6nIaDyKKwNsUjpwzVMFBuStEM71ArKWJsi5a31b+vgbgAJPmyKcx+Sv8T3 35cX/Pi1RMoz+tFFCCXgdEZIP0rvovhWnN0XpXel5DpWkJ90qM0D2Y5+/N9jsT7ioJrW+v Q3wpRKR/CNvbBUpH6NBCMOL0pos/E/qyg6cYxFF1/Ku7sF4T7EpHLfcM5IWTSyxPHZQjnC 6A9QPoV/dOh1sRhdyyqQHI+CfPTLw3owe82XUuVSjWYztev/wchBCf02st/dxg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmNhQ3VDczhTS; Wed, 21 Jun 2023 12:52:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LCqsML075244; Wed, 21 Jun 2023 12:52:54 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LCqs03075243; Wed, 21 Jun 2023 12:52:54 GMT (envelope-from git) Date: Wed, 21 Jun 2023 12:52:54 GMT Message-Id: <202306211252.35LCqs03075243@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: c6d3829c09f7 - stable/13 - freebsd-update: Mention 13.2-RELEASE in usage. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: c6d3829c09f77aea9407e15caf02adbb9867fd65 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=c6d3829c09f77aea9407e15caf02adbb9867fd65 commit c6d3829c09f77aea9407e15caf02adbb9867fd65 Author: Poul-Henning Kamp AuthorDate: 2023-04-30 05:06:56 +0000 Commit: Ed Maste CommitDate: 2023-06-21 12:52:32 +0000 freebsd-update: Mention 13.2-RELEASE in usage. (cherry picked from commit e0e5bf4d62831090a23dd0e0ac374baa0a00ef98) --- usr.sbin/freebsd-update/freebsd-update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 4f779270926d..cbc153fc1af2 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -49,7 +49,7 @@ Options: case of an unfinished upgrade -j jail -- Operate on the given jail specified by jid or name -k KEY -- Trust an RSA key with SHA256 hash of KEY - -r release -- Target for upgrade (e.g., 11.1-RELEASE) + -r release -- Target for upgrade (e.g., 13.2-RELEASE) -s server -- Server from which to fetch updates (default: update.FreeBSD.org) -t address -- Mail output of cron command, if any, to address From nobody Wed Jun 21 12:58:35 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmNq05gSHz4g2FW; Wed, 21 Jun 2023 12:58:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmNq01Zzwz4K8H; Wed, 21 Jun 2023 12:58:36 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1bcwqVDvudMMEcM1n8ixrQ5aBudvZo+QTojjS+J9LSM=; b=xmAXXu83Dtvcl3lv6t1b58KcbcQ5Y7QhXKWMoqiazm6IfV2oYNitIzw6nwxQeEcEipNsc2 /z4JatGS2pymL6n0fOwl44SGdAvc7HdOQO8l5Fqnx5/WrDD9G8s/Vgo+kcMRpQwMAqK3Zv H2BkCxoY8U7GLES3cZeIciFa8hdePZ6PmauhFxUF/i6X8nbVNVAppl/l1ziu//0EsHiufo 0NVfp5JKeq4ehnTewnB1hOkWZ4yORhcmi0PJadETTS+ykreJonqkZlwifNcVlswIKZQrre u+8JgiJtuQilrXfUeQuAaSLEIQxYbOq5kr10IOXEUY/j3MXjRNCNfkQ9fH4Vzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1bcwqVDvudMMEcM1n8ixrQ5aBudvZo+QTojjS+J9LSM=; b=Itlhn5US6EvdFXbsSuZvHyhBcNJtmrPUusAbfmzJE4ZuIjbXtApqnTJA9ttybzACZZ85jU FLP7nyhkyC8k9Yzi73Q2Imp3JenvzXRSBq7bGjJFMBwo+nFLtEjLpbnl3NChBR+dxtjNKM ZeG2d0uKC0qiV/8Ssj7rmpinDT44FyBLljF7ycf0X9YaA7VaeoHJX6TLRSByLPtS555N7z BnOpsGLRptEaMH4i1ZD4Y04tUNJeqG4/dDpwrMAEj8o7Y+yTEPhXKwqbXlc+F1c7pRQ5vQ obdSi/hTYa+deuaUJ/bapfNLc9NuDbSCnnovY7A9TtN5EMft0xx6wmERFIOX7g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687352316; a=rsa-sha256; cv=none; b=vcfXTVMIuomrqjxWhCbH4HcNa77tkc0uvqT7/2ARyH42HK6pKk+l1/gpytDc6Y/GCfKCBr v8HEK8ChuFmQTk7IetAN59phDMb2SQl0IjwkeuRl9bEElpEV3Nh3K00mUyrQsRqX1tNtkg t3ltOWb2I7ywbm2R/O8OcPf6xH5NUWWCuPTbnPlLTikWnAp+gBeGzSLiUD5YVlUyZP3VaJ 6jTMU7Kj6wdm+k/UgnGWl2sae8FWuIwHVrGGY57Ga/KfuR5Ed6LOFD6P+2n8NxhqAMEvy4 LlZRcAhGU2sFo3lYAoPGxcb0bDVw/aHCOOD66RfkO1aSJttI2Z1PiULqE1+slA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmNq00RRDzhTT; Wed, 21 Jun 2023 12:58:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LCwZro076046; Wed, 21 Jun 2023 12:58:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LCwZAb076045; Wed, 21 Jun 2023 12:58:35 GMT (envelope-from git) Date: Wed, 21 Jun 2023 12:58:35 GMT Message-Id: <202306211258.35LCwZAb076045@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 2004a768e44c - stable/12 - freebsd-update: avoid effects of user's environment on grep List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 2004a768e44c37a3d0d9602fa66bf139e86da1c4 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=2004a768e44c37a3d0d9602fa66bf139e86da1c4 commit 2004a768e44c37a3d0d9602fa66bf139e86da1c4 Author: Ed Maste AuthorDate: 2022-12-14 17:13:19 +0000 Commit: Ed Maste CommitDate: 2023-06-21 12:54:37 +0000 freebsd-update: avoid effects of user's environment on grep A user had GREP_OPTIONS containing --color=always, which broke grep use in freebsd-update. Unset this environment variable. PR: 255990 Reviewed by: kevans Approved by: re (cperciva, expedited MFC) Sponsored by: The FreeBSD Foundation (cherry picked from commit e093c61b2d69e9cca54a2332096c0e36f97bffc0) (cherry picked from commit 24fe8a518324e291b9ea3fe4e60f2e0fb4f857c5) --- usr.sbin/freebsd-update/freebsd-update.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 9743cd652d16..cad1b9d617fd 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -3484,6 +3484,9 @@ fi # Set LC_ALL in order to avoid problems with character ranges like [A-Z]. export LC_ALL=C +# Clear environment variables that may affect operation of tools that we use. +unset GREP_OPTIONS + get_params $@ for COMMAND in ${COMMANDS}; do cmd_${COMMAND} From nobody Wed Jun 21 12:58:37 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmNq15m3Sz4g2NX; Wed, 21 Jun 2023 12:58:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmNq129fxz4K3T; Wed, 21 Jun 2023 12:58:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352317; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rXHoQQ+F+jcXdiXlS6J9wmtCYXmwH9OGgkdZrNZMfX8=; b=cqXBZoB/XXJGtA3rtZ6xiR5Z4cvlm96Kae8FzlVp0Wb92E6+w2iXwRSLCJx6ts+UPTceyg wNHQuS++gcujjW0Ae21241YhZAeYpSjDceAgtrWaC3535P741perYnQZvBt1xmerRD1ymi priN+anPbDpgNnUKTl6BFeczxl7DcL65UcwjL3AYxIVJHysxCQvER9Kr7byiR0jVspTfYZ lNaRA/BiaEjwl8qpm6yCdwYz0g4Ob3+5vZiNMSazAO6krguv4oseMvn/mklU+cA+tTJ5Y0 UsWaxbYlUyQnVD9A6KTo+Brc7dIKxSlcs73X5rquPoQa7nwRGP0GvLEGKKumpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352317; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rXHoQQ+F+jcXdiXlS6J9wmtCYXmwH9OGgkdZrNZMfX8=; b=RuHsqjNvjvmHfRdViamOUBPoDd0xfdmU55e/fOMl3suwmuImk1QyVzBPcPOwHyTf/SN0Or iSnru7BBcJc1Rg53LJ2zsLALdAhZtANTZzRF24damux93PKjUKWswHTsoy/TcP52aHwObC 7zoyuW+RTss94vfvFffleO9GfIZvKHqDqpLS0ynLDP/3FPxTMR/gLj6hT4OpY46nVtiMpN fS+PP0ZbmV47KMrtlG8ak3MCz1IiSPwWUY+hJDf2CcXCvGdD69iZ02o0SngWuoH12cC2NU tYrEpH/5heEXQOwmkOKMdMr+Z3RiAEaJho6KVH4c3ALMltayn2DWjAWlh1IR9A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687352317; a=rsa-sha256; cv=none; b=iW585dtbSHogTzTbV6RjvjYQHMtlqABVs3mFOUDf9hzFiztUaLtuuZA5n349kxIIaRT95B a2AqDVD3Puauvuxwet7DoyYSbBSQj5YMW/7gaO2livVuOREw1MJXx8DjYWyFU/xaXi9Cpb x6DetTvadR77r+KJ3gvIr+N9e8HIObSxMU27WYud1C1qagJIfdokSR2XFbyWEusOz5dIS0 RzNbyaxVhx4F0p7KzpvvwupZmOKxtycd6VBi0SHnJSl5IG2LIxEd3vJUlxghM1njGwwByd DxnwEWeXD+5iDEa3W+sB9APP36qB735sCxCLE+/LWoIrsIBJstLp+6UTvk+FLQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmNq114BtzjBM; Wed, 21 Jun 2023 12:58:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LCwbNG076066; Wed, 21 Jun 2023 12:58:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LCwb9G076065; Wed, 21 Jun 2023 12:58:37 GMT (envelope-from git) Date: Wed, 21 Jun 2023 12:58:37 GMT Message-Id: <202306211258.35LCwb9G076065@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: bb727917364f - stable/12 - freebsd-update: re-edit files if merge conflict markers remain List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: bb727917364f7ded1d24f599389288c63b23d862 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bb727917364f7ded1d24f599389288c63b23d862 commit bb727917364f7ded1d24f599389288c63b23d862 Author: Ed Maste AuthorDate: 2022-12-14 17:34:59 +0000 Commit: Ed Maste CommitDate: 2023-06-21 12:58:01 +0000 freebsd-update: re-edit files if merge conflict markers remain freebsd-update will open ${EDITOR} if conflicts occur while merging updates to config files. Inform the user if they've left conflict markers behind, and go back to editing the file. PR: 185546 PR: 229689 Reviewed by: delphij Approved by: re (cperciva, expedited MFC) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D37703 (cherry picked from commit ceb5f28ba5fcfa69de7410d2327d4a5abf2a421f) (cherry picked from commit c7e3703352037a5afacdc4126725f351fe7da72b) (cherry picked from commit e27ded83c76a609687a3d9e82b80fe7e1b782bf6) (cherry picked from commit b562307b70346030f59fe6a05d125814c74da47b) --- usr.sbin/freebsd-update/freebsd-update.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index cad1b9d617fd..56a7ac422cd9 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -2543,8 +2543,21 @@ The following file could not be merged automatically: ${F} Press Enter to edit this file in ${EDITOR} and resolve the conflicts manually... EOF - read dummy >>>>>>)([[:space:]].*)?$' $(pwd)/merge/new/${F} ; then + break + fi + cat <<-EOF + +Merge conflict markers remain in: ${F} +These must be resolved for the system to be functional. + +Press Enter to return to editing this file. + EOF + done done < failed.merges rm failed.merges From nobody Wed Jun 21 13:00:03 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmNrg5GMJz4g3l5; Wed, 21 Jun 2023 13:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmNrg4mTnz4LSD; Wed, 21 Jun 2023 13:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cdZMnXHSlSu0+oYhx42pubb2PO3NaDgeMN8ROInYNu8=; b=kiebBDIr4lTHf8MC/eWrxKaEPV5ARe9BldFaEZgdxmOQ0C+6iEaQtg5xW3MdgFREAOQt1S qD3it5gKmoiN0LXwfT/CxxmNkS/UbcmL1RpsvpeMpRjj6i/Sik/bw0zgLyPjF7pXct4TZt WGABmXFmqz+naV8L6JdkMOiJr6bM8bofCA2v3r/0TdbrgHWqPHLCNOyBCp43Vqe6rYLYyC zY1veLIG7ceM6x62QLRzLr3eogOiAM+3EkR5h4UhzjdixiXDLL2xj84SdaQqgt41UubxVo 4yMwJFSaHUsoNssadDfQnBvATvxXfg6EGclilmZeph+vqoN0KlNC2Pp3Tnirdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687352403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cdZMnXHSlSu0+oYhx42pubb2PO3NaDgeMN8ROInYNu8=; b=rGZbzF2izP1tan+jLhNSBbDgfPCdORMx6anhMc17ZS/vk1ipC7r1tOUuZzgEYUCdBzkQtn Oh/i0wXfd+JmW0K+GUM/PEFvoJfQH4rj8SSvSCSQ5BuM1VOUc4ZBaHCDR1N7qkel9ATx48 sWjX44gapQZae2Ftj+jfZPC+Cr0EywcvA/F1cuCp6DycoCwhDyTPY4EAJ7PD+lk6tlGiV7 G/3sfdcWscJ132mGw/4X1BPODcYNqinVKFh2B6ucK91pOb37g0x8tj73F3rpGtlWenSiBz xBCsyw9erv4HdNgw75aK3drCdXVlXy309DajHyV8tdut30JwahROQ/4NQsCDhA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687352403; a=rsa-sha256; cv=none; b=rjh8Sg9EjsXbxonmwQJ2J4/qq4f10N4TGDws5x/b0DFVVbn8nr+tYADWs24v3v31KoU/2o kK2qV38xuitBDFIxWFdlPQiPsfEsBBF1Fk0NMPrY7pYiLznqaKrE3LgRVJAGVJkGaGvPb/ VN+AsS04V2W+PD6X1knIQxgFsociWHcm7DZvZf47IVz77BIqjJGZGvLYczXuv+S52ttnHm wWNwzDN5EnbdCCsBYgJjGCNNLZJGP6SbxBok4fL8gdAnqfObcUx4k2ch8PcPzo0kC9Vkdl CN8iY7Wpk8fUfYf7kbASna633s9CEGjOZ5HeWuaNRS1xNmU70/hK4Nqc7lF00Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmNrg3sygzjBS; Wed, 21 Jun 2023 13:00:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LD03xU079661; Wed, 21 Jun 2023 13:00:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LD03tq079656; Wed, 21 Jun 2023 13:00:03 GMT (envelope-from git) Date: Wed, 21 Jun 2023 13:00:03 GMT Message-Id: <202306211300.35LD03tq079656@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 917f8b67814c - stable/12 - freebsd-update: Mention 13.2-RELEASE in usage. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 917f8b67814c9c8112b1342995476155ad1f4413 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=917f8b67814c9c8112b1342995476155ad1f4413 commit 917f8b67814c9c8112b1342995476155ad1f4413 Author: Poul-Henning Kamp AuthorDate: 2023-04-30 05:06:56 +0000 Commit: Ed Maste CommitDate: 2023-06-21 12:59:47 +0000 freebsd-update: Mention 13.2-RELEASE in usage. (cherry picked from commit e0e5bf4d62831090a23dd0e0ac374baa0a00ef98) (cherry picked from commit c6d3829c09f77aea9407e15caf02adbb9867fd65) --- usr.sbin/freebsd-update/freebsd-update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 56a7ac422cd9..b0e7ea1ce538 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -49,7 +49,7 @@ Options: case of an unfinished upgrade -j jail -- Operate on the given jail specified by jid or name -k KEY -- Trust an RSA key with SHA256 hash of KEY - -r release -- Target for upgrade (e.g., 11.1-RELEASE) + -r release -- Target for upgrade (e.g., 13.2-RELEASE) -s server -- Server from which to fetch updates (default: update.FreeBSD.org) -t address -- Mail output of cron command, if any, to address From nobody Wed Jun 21 14:33:21 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmQwK2lvyz4g9l7; Wed, 21 Jun 2023 14:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmQwK29V6z3DlW; Wed, 21 Jun 2023 14:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687358001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6AbPU1JrO5z6z7oU5RjLdTYs55mjnfoVqm4LQoXJX58=; b=IajsV3J+1jyM7GdLw1W6qVY2xzhBPnZ4jv+av21K16vgl2eWF5tHVQyZbg74E7KmEPsq9M YqYeN1yI/vnes3KsQiTDArMydbJ/ClRuzkj5pCp+xg/t3EQMTtvt89Otxw1MTFG//17XkR 4PygJcRmuKTjhQilmjIY8iZbtyX8G2mToGrwllHY/rJARvu2fi7bm1CMiIbsJleAaBHmhx ExbMmDKnnlliWVK/5xebD9d/0d9RhRAYFRQYO5EVJdHcYjU+jZs2bQ/a5sfgkkyHLmYRtH GSE58vj4H7fmYOJDVJ2lwcPl23DGLyRZGnTxT0TD8pVeYb8An9RzCgWZSC4HJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687358001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6AbPU1JrO5z6z7oU5RjLdTYs55mjnfoVqm4LQoXJX58=; b=OXz1jElsduNTwY6C5ZJy3r7xji4AheqiL90+jOhheXBvJs3wpQbeNfOwUS6lEd94+TSeqF GJtGQScHh73CuAoirzpHA82A44HVs1CG/yvmoehlK8iQWUIy2lqUOOwoQCf2PzMM3nRfko CkQNz179Mi8H3fj5pQz8Zt154dtLevslEgmATHFNdDvnR9KUffiYo6f18g2WEipg4v9YF+ q0agyOpi2ysbvwxaUqBtGF7tyV3YEL6cSX/hKI8MKq5h6qifWXen2OckXd3KiUcTfSCbYu 6rC/3f8yzVMtb1qQt+x9WWdBI4YfiZD/XsAI3MByua1gX4RgKIlouLSHmMxJ2g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687358001; a=rsa-sha256; cv=none; b=Ur2lvCDjOqPD40HCDKNleNGESkcb1d5H/aguB0dUF0BpBRV1EITBpfVuilqa49XRshUmNv M4LvBGD5BjU6lBMkcSVmUtUa1EOqisP0Sa3yGqqCFImfeWNfYQCmVj/5sl4IYKnrPOkgzC aIOD3tZGUM6QAkc5IYplyQNRgHeSkyvwe+Ck+rv/SLv9zd4Ar7s2I5Jo/EWbSUX4zo/X88 7bbnQRYp6a/AOsbYNknfb9LbHz1NauiByVhCBVIZiJWYGuX439OoNJslfX7bd6OpOhVFKt nVJsBW6N1jqmW+z3V2AFJc08tEBL2vgd7a5C1+DGqPsJ0RaV0NEteEEzya5yYw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmQwK1GHqzlQL; Wed, 21 Jun 2023 14:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LEXL7P040339; Wed, 21 Jun 2023 14:33:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LEXLmV040338; Wed, 21 Jun 2023 14:33:21 GMT (envelope-from git) Date: Wed, 21 Jun 2023 14:33:21 GMT Message-Id: <202306211433.35LEXLmV040338@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 12b3082aa072 - stable/13 - pf: fix pf_nv##_array() size check List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 12b3082aa072084d381720cf8af1ed9503d906f2 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=12b3082aa072084d381720cf8af1ed9503d906f2 commit 12b3082aa072084d381720cf8af1ed9503d906f2 Author: Kristof Provost AuthorDate: 2023-05-15 17:40:32 +0000 Commit: Kristof Provost CommitDate: 2023-06-21 14:29:01 +0000 pf: fix pf_nv##_array() size check We want to set the maximum number of elements we'll accept, not the exact number we need. MFC after: 3 weeks Sponsored by: Orange Business Services (cherry picked from commit 76c8f202a4f6a3190e102a0bc1589bbfc179abf6) --- sys/netpfil/pf/pf_nv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c index e2af55af86e5..11f99ce23fac 100644 --- a/sys/netpfil/pf/pf_nv.c +++ b/sys/netpfil/pf/pf_nv.c @@ -77,7 +77,7 @@ __FBSDID("$FreeBSD$"); if (! nvlist_exists_number_array(nvl, name)) \ return (EINVAL); \ n = nvlist_get_number_array(nvl, name, &nitems); \ - if (nitems != maxelems) \ + if (nitems > maxelems) \ return (E2BIG); \ if (nelems != NULL) \ *nelems = nitems; \ From nobody Wed Jun 21 14:33:21 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmQwL0d6Yz4g9bR; Wed, 21 Jun 2023 14:33:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmQwK6B5qz3Dnn; Wed, 21 Jun 2023 14:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687358001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oOSZ/zrXj8OzbNyhQLv8PIvaG+u9Wk1fIiJ0gqFa+YE=; b=SHj1OwPOPr6SPGJqCMB3pjfkgrvfccyrgMvQUKm1KSVgHBDdGq/AcZAgUwIpGJZEddcTo5 1ngFboDO5vcrITW1J+y/bc7EmZT3kd1G5vFz9JhMIO/1q/MXPTNL6J9Xb0J5LvcI50d2oP 1gJxSR+6YROFfLxoQQKyupEt8JPxuR/ljriZswqcCM+tZJh6NCoVVy4E1LPxqR3ViNQNCH dweTaDd1HfCMSo9XicVIEbBsV2jzaWFqVRyuZr5sI96WH9EgTcLB3/58QtDtlRhIED4l83 m1n6F3Y1gYKCtxvbkTsAD/Xo+JtdnYU2GV5eyVpgA7Hs03A5woPRr37CmypfxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687358001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oOSZ/zrXj8OzbNyhQLv8PIvaG+u9Wk1fIiJ0gqFa+YE=; b=FFHbgnzSKdEIba5IiOJJcW8iV67uX0P6nJDV7RGg5jvL2TH0aFPEW7VOZX5GaSLHgOAXU5 1tL+lp3JZ42eAGenOQ2AAY53SluqtG1bFbJqvShUN2MGKl8GhOCRIwiMmvaXHblIi2VKJV /wJt8FWfi0rgxfawg0XKXCm8ZqPKGx/qjkcYz+5eAZgU//o1tTrmalsD5JFKiRduz226wL Eu7bMwvVdDNBVGTXsxkljUaK43cvtnimvy9YSbS4rQQlE6IUZ9wUZ1NLTxD8NJQG78SLGC +3Bvi0C2LuFCwK4LiaDrrpLbTNi4gJArrpnLRibwXjKd33V4lr0y2g2LqxDbnA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687358001; a=rsa-sha256; cv=none; b=WXFZyZzSfpJw8iq3yVwh3yP4yTMTmINhekB6SuReao2+VMk6lRf4Kntt0dBaWlHMHqcige pFlF+9rEQa+wkHr5K3jCtPOsfoCd6+MaFCbDFLsT/ofYhUyy0lCIxSfjgD1FbRkBuvj40c yC50d9wByGYNwmwDvJAuX7OZd+Zg+lynZzvNF2f13IFodjX92jgc59JF75oh/m3zboZzrs tycb1ju++2vj5COfFABts4fAA5hWXVVS0/sD9muWqCZWpOmcakVAsQ24Xy6gXb1I1RCatg m+fqTBvRWdjWkyYBmVkDe6jIt4zW05/PA9aIK44O+2ZUSZ1+/gE6ptSs/oXGBg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmQwK5F9Lzl8W; Wed, 21 Jun 2023 14:33:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LEXLib040414; Wed, 21 Jun 2023 14:33:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LEXL11040413; Wed, 21 Jun 2023 14:33:21 GMT (envelope-from git) Date: Wed, 21 Jun 2023 14:33:21 GMT Message-Id: <202306211433.35LEXL11040413@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 48bb8ea97e22 - stable/12 - pf: fix pf_nv##_array() size check List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 48bb8ea97e22ebfdd7acf5ce95d82ccc38a800e4 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=48bb8ea97e22ebfdd7acf5ce95d82ccc38a800e4 commit 48bb8ea97e22ebfdd7acf5ce95d82ccc38a800e4 Author: Kristof Provost AuthorDate: 2023-05-15 17:40:32 +0000 Commit: Kristof Provost CommitDate: 2023-06-21 14:29:18 +0000 pf: fix pf_nv##_array() size check We want to set the maximum number of elements we'll accept, not the exact number we need. MFC after: 3 weeks Sponsored by: Orange Business Services (cherry picked from commit 76c8f202a4f6a3190e102a0bc1589bbfc179abf6) --- sys/netpfil/pf/pf_nv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c index e2af55af86e5..11f99ce23fac 100644 --- a/sys/netpfil/pf/pf_nv.c +++ b/sys/netpfil/pf/pf_nv.c @@ -77,7 +77,7 @@ __FBSDID("$FreeBSD$"); if (! nvlist_exists_number_array(nvl, name)) \ return (EINVAL); \ n = nvlist_get_number_array(nvl, name, &nitems); \ - if (nitems != maxelems) \ + if (nitems > maxelems) \ return (E2BIG); \ if (nelems != NULL) \ *nelems = nitems; \ From nobody Wed Jun 21 19:26:33 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmYQf1knBz4gNns; Wed, 21 Jun 2023 19:26:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmYQd71ZYz46x5; Wed, 21 Jun 2023 19:26:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687375594; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n5e0Fp2Njap4iITt4SkgbI9YXMJa86Gl+GszTrZW/PY=; b=OFwttgHYU0ijQ/AoUOS3bncqo3+DPqfwkQpvoEcpwXEtZoh0fOXAgnroTB5Ft+9Qm8JpED 2JT+p6aIsx9eF0/XIe4yDyt5JwOS+rCGvMHNVyD34zHFt8dwVE1VFgpNvnGZbg5yNmQ4kF rd/EI7bzzE3mdyG0qdscpcWuj9PymElh5+qxQNrWETtvX0fO7gj8QHxZy/hYMMYlmjE3fi WX1pWQMXX2jJMy+hGST8UdThrXBD1PHIrtNKSbw+QVxSR18mnbg6E0vXRARzWZIPoBEH2D F2u5e/eBo1YQMETGNzclsLtDVHUPorIrp+kbKENoVnGjP2EChAlcXLhyfCF1Hg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687375594; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n5e0Fp2Njap4iITt4SkgbI9YXMJa86Gl+GszTrZW/PY=; b=O0PY7gJ6Jg+L0pzGMuA901tCTJqWdd0GQq2LnRhm61dHPWf0n3Xy9cLwPH5/WqDDEhuPb4 CtLYL7dpgDcmccktmDJ44fLu92sIqiugBWQ8kCcPI1oKZcMgQtHW6MV1WNYmQGm2JNu3hb V90zfpV/TQYw9qht7BguKs0PmCPzmo07IVWHHvCyNW7lkTAn2rAEQJFTDVmdtzsUKpohzW K/UJJ6hf5CeQPAsel6yGbI0uWH2z4p20FrnCJjoqglrPp1292WuxRjJL/QnwhV4CFHGcZ4 Ty0Pl4Xes8QNRTxn8NXiVa68PpVV+ZdOhFJ3rNWNM+ervDKr1D7/9slnwVFFig== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687375594; a=rsa-sha256; cv=none; b=sZUxRyusr1yvJ7rIuqUVDPrbWu6X6YYSLVhIQkZ45qaAimd2gNMzqCVa7mh5CNeyO2vjna /sEl/RUwXmtD1hneGFShAMIRnXp87tzOD18tvTzWV1BtmwuptsUknIaBLPLxhuAPhK+c3A AnMWQxtWb990GvJIdIO8LW3trQowhWLvRTrbbQF4YYwdKMP646Y/AqRlgbqcC5eAiwOxc8 2odhi1piM1GC7LBNtCnvVQJ2Sgu0BHUncvmaIDsQta845IVwthMB8OnxyWuKFzFArSQ16r YUTkXt/4xGyYVLjTjnDnvT+3680e2Xv9sedt6Dgc2ThnQ4iT87QN2hqyL2PwXg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmYQd64wVzt82; Wed, 21 Jun 2023 19:26:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35LJQXPw019312; Wed, 21 Jun 2023 19:26:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35LJQXFh019311; Wed, 21 Jun 2023 19:26:33 GMT (envelope-from git) Date: Wed, 21 Jun 2023 19:26:33 GMT Message-Id: <202306211926.35LJQXFh019311@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Colin Percival Subject: git: 1178acf46604 - stable/13 - EC2: Default to "uefi-preferred" boot mode List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cperciva X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 1178acf46604c54e2661284af17452c4db6b2f6f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=1178acf46604c54e2661284af17452c4db6b2f6f commit 1178acf46604c54e2661284af17452c4db6b2f6f Author: Colin Percival AuthorDate: 2023-06-07 22:17:12 +0000 Commit: Colin Percival CommitDate: 2023-06-21 19:26:00 +0000 EC2: Default to "uefi-preferred" boot mode In EC2, UEFI boots faster than BIOS, but not all amd64 instance types support UEFI. AMIs need to have their boot mode designated, which created a dilemma: Faster boots, or wider compatibility? The recently added "uefi-preferred" option solves this: AMIs can be marked to use UEFI where it's available, but fall back to BIOS on instance types which do not support UEFI. This uses bsdec2-image-upload 1.4.6, which recently landed in the ports tree. PR: 265697 Reviewed by: delphij, imp MFC after: 1 week Sponsored by: https://www.patreon.com/cperciva Differential Revision: https://reviews.freebsd.org/D40470 (cherry picked from commit bcf9147144f3499976a623f92712ecd0aca71912) --- release/Makefile.ec2 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/release/Makefile.ec2 b/release/Makefile.ec2 index 3a3f6232333d..035137e61d53 100644 --- a/release/Makefile.ec2 +++ b/release/Makefile.ec2 @@ -25,11 +25,14 @@ SSMOPTS= --ssm-name ${SSMPREFIX}/${TARGET_ARCH:S/aarch64/arm64/}/base/ufs/${REVI EC2ARCH= --${TARGET_ARCH:S/aarch64/arm64/} .endif .if !defined(AMIBOOTMETHOD) -AMIBOOTMETHOD= UEFI +AMIBOOTMETHOD= UEFI-PREFERRED .endif .if ${AMIBOOTMETHOD} == "UEFI" && ${TARGET_ARCH} == "amd64" BOOTMODEOPT= --uefi .endif +.if ${AMIBOOTMETHOD} == "UEFI-PREFERRED" && ${TARGET_ARCH} == "amd64" +BOOTMODEOPT= --uefi-preferred +.endif CLEANFILES+= ec2ami From nobody Thu Jun 22 04:32:05 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmnX56vpcz4gPNT; Thu, 22 Jun 2023 04:32:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmnX56WbVz4LB7; Thu, 22 Jun 2023 04:32:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687408325; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qjraIdLeJI9DcG7RuXWTuBvqXoCKiNFpMN2p4ao1l4o=; b=bz8+qmsTmfdjDi/e7gdJwnfyRyafp5RE0+HOwyBuuDTeLq+l4psVARjtI2FxhPznVs8kCA ifgp468WwQuYnDgR6L5y/oy9Myf9qGxhcKRb07toJpgxWvEw6hJ9wd68OHmbD9T8kPsTHd RAbERsDvr599ibCFqbFyehek5Ks7t6SCyrVra8uK1JpYKYFy16oqMZqGgq6EIz7cPdrpyJ sNufSUl2bQL/TQEfBff3N7qA6uz7R4/WJiMR795n3Hl3LYMG0q3PrNShOvPAk8ZTm1B+89 c4hqxlpJjZgvhG7YmxJeazeUZmS+OAt0ZFJYecCe91qotw/J4eikWjyVL0pvnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687408325; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qjraIdLeJI9DcG7RuXWTuBvqXoCKiNFpMN2p4ao1l4o=; b=TBtx25D8a+dNkdIIjlkJP7LacFWsovGyMCoQttFfWnCsFM9aKAyZDetmfDZS4wh7Sy0icl xPt40fk39mJFpr+12pQwvQdPspgG53UFNY+f65M3smspmJBaScDi9oDXV0wZNmwO3ZT1UI e4HqbBUdTIfNyJEkTPiJK6z8Iv4FGCY/VpbEsbj+zWcVTR1Y1difJ28SRIoiFIvc7E3AJi yYhNYK/7KCM9RF4yjoGRHNziAW11fZm+0sI4aA2DzCaJaC57wLrG9RaDrS2223KsmKOaGu B7JL8aR8iEvcGXuT14JB4iamRL8r0FzZeb3uf+f8SJAczK/ukoHtPNKIQmbhag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687408325; a=rsa-sha256; cv=none; b=GqAIzbHPn7f8/458oes9AhQIvF96k1ejiAdVZe+c3nJ5Tw3NFBSA4xMntc8AfO6WPFqICu J5St36i5iSolyj/Vn5sY3Pu3t0/kJqIIg/2UJXLKd6eSVGPnYJvQTcKPXdZPmKMzdkqL1s /FBNorUC6nbehwvM81C+r9HyrVw9ET3rAA4v0rWQ1NJFSI8ohTkv9MYMKh4ZCOXGYbACbY bbJfioVVhU357VN9lmLL9LZNxajPDRm2n7V+7z8WriW+xGfklczUHYyg8SMdn6NJl5qiP3 zef6W59TYF+0exHzLrS16GguafWvkeFocOwDHzLqSYYlJkC3eTaoju1hB/snXg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmnX55bqKz18h6; Thu, 22 Jun 2023 04:32:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35M4W5sP023762; Thu, 22 Jun 2023 04:32:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35M4W5CZ023761; Thu, 22 Jun 2023 04:32:05 GMT (envelope-from git) Date: Thu, 22 Jun 2023 04:32:05 GMT Message-Id: <202306220432.35M4W5CZ023761@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Bergling Subject: git: c27befba6040 - stable/13 - nameser: Fix a typo in a source code comment List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gbe X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: c27befba60402b080a254906dea04d00298c49fd Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by gbe: URL: https://cgit.FreeBSD.org/src/commit/?id=c27befba60402b080a254906dea04d00298c49fd commit c27befba60402b080a254906dea04d00298c49fd Author: Gordon Bergling AuthorDate: 2023-06-19 11:49:23 +0000 Commit: Gordon Bergling CommitDate: 2023-06-22 04:31:55 +0000 nameser: Fix a typo in a source code comment -s /unknwon/unknown/ (cherry picked from commit 8f79b07564df4deccf63478c2a87dafabeac95c3) --- lib/libc/nameser/ns_name.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/nameser/ns_name.c b/lib/libc/nameser/ns_name.c index f45278b989b1..9ff3d3f9da7b 100644 --- a/lib/libc/nameser/ns_name.c +++ b/lib/libc/nameser/ns_name.c @@ -1150,7 +1150,7 @@ labellen(const u_char *lp) bitlen = 256; return ((bitlen + 7 ) / 8 + 1); } - return (-1); /*%< unknwon ELT */ + return (-1); /*%< unknown ELT */ } return (l); } From nobody Thu Jun 22 04:32:20 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QmnXN6C2pz4gPW1; Thu, 22 Jun 2023 04:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QmnXN5mKyz4LMW; Thu, 22 Jun 2023 04:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687408340; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uVezl+GSMvQjhIAYy+7PJn2fB30exKnG8AcdiBp3MNs=; b=qwi/7MabTFpeq1sB93ACGfJGv3+nJyANkOUNal2bRTUcGPml1fH3MblwPdzCg0MlWVNHM6 WnIMxoO0Db0aLPSglAwOzDkTOaJO1TJXOFh/xU/66aIf79mgR3qZmJkzdCTLBP3bx5x9Lh frx27iGfIfM3VFjttIWXdtO1sSqJbQXkH8iP+7WAkTyUqTiKmo19lBOilFJCThURp8AHWc dQZ4tQUzuit8CzM4D3yi76SlA+x64TqR0MVjhUVGrDURBIvTuEBl1niiw7i6vK6wIMyKiI 5W9CH2+J5TUSPZbehMkRMSknpP/p4+AgxzMGD/8swZef+9TbrTPPa0h+s0yINQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687408340; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uVezl+GSMvQjhIAYy+7PJn2fB30exKnG8AcdiBp3MNs=; b=Xuah+znyV/1IaiCXcfL2S3yP2VhkIeJpngrVDN1OMl5B46pGFtQb8ZhOsnx/dAEFViOg/5 RDpKKVHPOQkBgnkePo9YmGuLOoRzJEwWbRn0UJKUEM3LkpdqXigtQAEibfr7rEryXZvQw/ O/bKcZQa3GPjxcuu2xpJIlthd5p7lpFldwSLEoUuP6HXqcRlLVbMUdexkKeMFWGTb9hQtK JjX6ZE6mTcl+uYhJeRSftLAdysrD8vhLaWqZIshb1KgEzgW61qmetbZhQ4A35zlierVtYI ZvQwO+YUinpYbLnPRmDcfuXTydbwxyfRCbPBBsaJTvV8V/WULwdCAs+U5zJBAA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687408340; a=rsa-sha256; cv=none; b=ItXQbbk1uPSwXhfUijPieimY0Ci1/FDO+AeMBzQDCrBbhxNWcR5LJpN/ukynpv9klps9Xr ElfK0bjzll0SZbKAqVLkfPdfUVDrxpvPRpgHP0fUV9zxzbkVIXcFC9srl7jIoDT+ra4jXq XYSDQHH5JJ9HOtmqx+TsA9iqv4XGN1BElzQYiWwwMLlRhoeg3xXQxWphEDDFYxiT2FLDfD LrSZ5RtB7Wpz6tGuK8H3G/RRRmeablzfM4fGF5Ee2f/vgRXAQ7A9qgqOkPMyojtriZY60U o8Xa6dfG5hlXf0lRdiuGmG9BDEBUrhhyJiVQjX4U3ydVQNARF8y2/y5uBbSzhA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QmnXN4sDtz18Wd; Thu, 22 Jun 2023 04:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35M4WKuG025115; Thu, 22 Jun 2023 04:32:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35M4WKHY025114; Thu, 22 Jun 2023 04:32:20 GMT (envelope-from git) Date: Thu, 22 Jun 2023 04:32:20 GMT Message-Id: <202306220432.35M4WKHY025114@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Bergling Subject: git: 3d4102fad438 - stable/12 - nameser: Fix a typo in a source code comment List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gbe X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 3d4102fad4382531503208054bb982825341909f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by gbe: URL: https://cgit.FreeBSD.org/src/commit/?id=3d4102fad4382531503208054bb982825341909f commit 3d4102fad4382531503208054bb982825341909f Author: Gordon Bergling AuthorDate: 2023-06-19 11:49:23 +0000 Commit: Gordon Bergling CommitDate: 2023-06-22 04:32:12 +0000 nameser: Fix a typo in a source code comment -s /unknwon/unknown/ (cherry picked from commit 8f79b07564df4deccf63478c2a87dafabeac95c3) --- lib/libc/nameser/ns_name.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libc/nameser/ns_name.c b/lib/libc/nameser/ns_name.c index f45278b989b1..9ff3d3f9da7b 100644 --- a/lib/libc/nameser/ns_name.c +++ b/lib/libc/nameser/ns_name.c @@ -1150,7 +1150,7 @@ labellen(const u_char *lp) bitlen = 256; return ((bitlen + 7 ) / 8 + 1); } - return (-1); /*%< unknwon ELT */ + return (-1); /*%< unknown ELT */ } return (l); } From nobody Thu Jun 22 22:03:35 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QnDsN04s8z4g7Ry; Thu, 22 Jun 2023 22:03:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QnDsM5c0kz3NVl; Thu, 22 Jun 2023 22:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687471415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EK65ODxprY6SbrIdixGOx9OOFBJltzS1FLWdoGDyqDA=; b=w6PuTx3MTk0f/JKnSDSEPGjDljeKcstp2Mzj7u4G1TcXwEQgjQqBhVhM6K/x9md2ig1Hpo YeUC50aYTqfljsOQcW6Q/8BhMLAT8gsiSPOq22Hr7XSOABvpBOk5g+2Q62jfmOL+iAzxtO xPseE0+eDdvtBXksrnOkxeL26/wexe+t4Gm+GqRDLPorZcAREo4Ycfhgq/HAGEHWPySjPE RvFJgh8g8ffXBxPHxoxsx3B5gKfZjj9HCyX+2EM0ktR2y/lNEutWK4GCj1xMQg2TeCSAus Rb16eYJLd1KNGyZ8vDHnkfdftNJjeo8tbWBEyHfM9eHecZLtVUaEhK/aTaNpRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687471415; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EK65ODxprY6SbrIdixGOx9OOFBJltzS1FLWdoGDyqDA=; b=dBX4lgwtRBaBWqD22Bqucz8fcvmT/tEJlvE2/m9AoSmo0eHpgKX0JodPiFwHxCdhLSrsnz tMcwIKmVAfXQlIXIA1C40ZAzxh1phpupMrAFuLHaiCv2Yps2ik8zNG0giSgpJKow4AoXyn EHlWJvvfqag3F0ilfxAdFyQA8CWrL6i6KkIgMUopqaMYUsRs7ifz3dMr8+NZXt2sbVvHK9 5WHT9RsUOc71iy+jUl7yYBCAmLsFO83J0t9WF545TiS+Et+OwV4VTnq2LZCP49yx3c2kgF OP1CxsAGhGSwViknsMkLQdUtqgbkTVJy9MLDfPdQbmyQZ/1G9OgntVa1/3iX+Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687471415; a=rsa-sha256; cv=none; b=acKiKy2d4e9kpouA8A7fczipqmajlqa8BorYJzRj35BDD79qbNA9ZSq/Aw7pBxyE0R42sw 9A805Dju7U/t7Gd88PaIJdYyIZnhsCffBJUa43pHgzFzNiQpdDEv30Vjiyi5+WABjALFSg h7ssgV7lOYrJxgc9X6JRkz89jMGZB5+aZD2EVsJ2mDZKnLWbbjbZtqptXB+BD6OAtDc0dW ixq5znKfLgpYh1EEl72yBTczi/hwhTuIPjjtsGzGmLEvVeOZgXdxCCOpFNfomPMkbldL+C 03GZ17m1UlLKQA1TgFi1VWgV4CnsW8TQQpxN2e7BhuqeymUsRdJHFYYUq7v4Hg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QnDsM4h6pzg37; Thu, 22 Jun 2023 22:03:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35MM3ZMQ055503; Thu, 22 Jun 2023 22:03:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35MM3ZJq055502; Thu, 22 Jun 2023 22:03:35 GMT (envelope-from git) Date: Thu, 22 Jun 2023 22:03:35 GMT Message-Id: <202306222203.35MM3ZJq055502@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dimitry Andric Subject: git: 0c5dc32aed2a - stable/13 - msun: Correct FreeBSD version in sincos() man page List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: dim X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 0c5dc32aed2af34b00c3b14f97041d29d6ad484f Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by dim: URL: https://cgit.FreeBSD.org/src/commit/?id=0c5dc32aed2af34b00c3b14f97041d29d6ad484f commit 0c5dc32aed2af34b00c3b14f97041d29d6ad484f Author: Brad Smith AuthorDate: 2023-06-09 20:01:35 +0000 Commit: Dimitry Andric CommitDate: 2023-06-22 22:02:46 +0000 msun: Correct FreeBSD version in sincos() man page The sincos() man page notes the function was added to msun in FreeBSD 9.0 which must have been an oversight in the review as it was commited to 12.0 and then backported to the 11 branch. So I have provided a diff to correct this to the first FreeBSD version it did ship with which was 11.2. Reviewed by: dim, imp MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D40308 (cherry picked from commit 2c01176a2802cb261d56a09c9faf9bff9dfb3536) --- lib/msun/man/sincos.3 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msun/man/sincos.3 b/lib/msun/man/sincos.3 index eecccf3cf37a..95e9c4c75623 100644 --- a/lib/msun/man/sincos.3 +++ b/lib/msun/man/sincos.3 @@ -76,7 +76,7 @@ are assigned the values of sine and cosine, respectively. .Xr sin 3 .Sh HISTORY These functions were added to -.Fx 9.0 +.Fx 11.2 to aid in writing various complex function contained in .St -isoC-99 . From nobody Thu Jun 22 22:04:27 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QnDtM6GNKz4g844; Thu, 22 Jun 2023 22:04:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QnDtM5l7jz3P5h; Thu, 22 Jun 2023 22:04:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687471467; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oi/3s62rbmv9FWzhFNosS8AQqqZC9fQTPFp2ocr0A8o=; b=Tc1IzQnPRGYY844UW6DXYAzKLDbrzIEOfEBWRxO0SQ5fuovKjI/HRBbAqfNPkUFfsrvi/8 Hp+2oQf4Ldier/YCN4JIPA3IGwSzQNpB1L3c40GwQl4i7UDPeae66Ukw3GCnKQqnDRWiug k3znaH+NAfLp01VQG03so+GlPMO5LQU43PmRSkkxJlq0cRa3ZreBUtt1cVDlDzG4wIWFJz aGdn/pEoqQRXjetgc5w3PSCz/5GA5MjTvRZIcClGHyx9dgu6O1Mfr+FohHE4HH8cmkpTJm KbnNHVQoelk3PgxxvTtb+jDkEkzvvAQG4B7ECztHS/lIM3PHIyRmNEjeYPpV5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687471467; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oi/3s62rbmv9FWzhFNosS8AQqqZC9fQTPFp2ocr0A8o=; b=phocXZvKjykSlilscBA9leaO4wt2YFuh/12RzjRTwpLrie+YgrL5T5n5+DPstkzyQ30r4e nbqilFR168hue7R850iW10DnamILVD3JTGSZv6Qz2gmkU1Yga1KPz/EE3lQBHE91Rz3wNY OgOTQDh4uwvqWBedf7OPCy1kBVe1SoAjY+lVJa3QdmJj0BSs/LE7t9TN0O9dJmGjFCuDmN Nz6kijzXRgH/Xxm6bpDkpTCMfWzpzY20o2TR/ODXXNBxVpNnOqG9WxV3V8I3Fs5v5fDK7p k8VB5Qc3GNLWLLWd32ORwEnN7oRsrpNbhI+PDJ70j9mn0LVLzWb159cZmf+FvQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687471467; a=rsa-sha256; cv=none; b=SNZGtIyaYAqdMzUU9tp5rmCw3Bl+9qYBIJnGTV3gl8R1eT5d/cRU640tEdLrJE5Z/OkqSj ypjqPYTwhLovCgzTZykq56Ghq494OIUDkx7bH1UE2sbIDmquGrDbOb4hGJz5WBmhsePnNL ajAWv3i6IoaWjgM1UjrSdGcMmW2bxz6EnW5PsHcmJggj8MEkBVboPF08AOjRQTyplsElFI W0j0akSb+2vAbi7aMGnEU3gSEkqMk8IV8vOmEzw8pUkXuYljA9LushVT90py104LsyRlVZ v3uGS2Wn9TMcGW1EJnnS1N4f7qu1slDH1LExhhAmdsVfaLgfwwfp58roSd5LxQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QnDtM4mgCzg4m; Thu, 22 Jun 2023 22:04:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35MM4RIZ055725; Thu, 22 Jun 2023 22:04:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35MM4RuW055724; Thu, 22 Jun 2023 22:04:27 GMT (envelope-from git) Date: Thu, 22 Jun 2023 22:04:27 GMT Message-Id: <202306222204.35MM4RuW055724@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dimitry Andric Subject: git: f651a3f8ff0b - stable/12 - msun: Correct FreeBSD version in sincos() man page List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: dim X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: f651a3f8ff0b37bb18855c6331620deedfafcccb Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by dim: URL: https://cgit.FreeBSD.org/src/commit/?id=f651a3f8ff0b37bb18855c6331620deedfafcccb commit f651a3f8ff0b37bb18855c6331620deedfafcccb Author: Brad Smith AuthorDate: 2023-06-09 20:01:35 +0000 Commit: Dimitry Andric CommitDate: 2023-06-22 22:02:27 +0000 msun: Correct FreeBSD version in sincos() man page The sincos() man page notes the function was added to msun in FreeBSD 9.0 which must have been an oversight in the review as it was commited to 12.0 and then backported to the 11 branch. So I have provided a diff to correct this to the first FreeBSD version it did ship with which was 11.2. Reviewed by: dim, imp MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D40308 (cherry picked from commit 2c01176a2802cb261d56a09c9faf9bff9dfb3536) --- lib/msun/man/sincos.3 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/msun/man/sincos.3 b/lib/msun/man/sincos.3 index 9c42a9605710..6e1d5973ac9a 100644 --- a/lib/msun/man/sincos.3 +++ b/lib/msun/man/sincos.3 @@ -75,8 +75,8 @@ are assigned the values of sine and cosine, respectively. .Xr cos 3 , .Xr sin 3 , .Sh HISTORY -These functions were added to -.Fx 9.0 -to aid in writing various complex function contained in +These functions were added to +.Fx 11.2 +to aid in writing various complex function contained in .St -isoC-99 . From nobody Fri Jun 23 04:35:37 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QnPYj6p58z4gP2D; Fri, 23 Jun 2023 04:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QnPYj58CXz4P6D; Fri, 23 Jun 2023 04:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687494937; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uDaPD0DdRUCZnFrMXmpaEDXej0vCnLh8tn/CiIxjcEg=; b=BqxZJqcwkjAnYL+8IKgVHnZNZ3cIZrxlkQmdVUnEdATnkA2XtZWWkkqP2c94TJGatcMqr0 Km9qPpZmUjfLBHUv4K1d2uqC/mUcI1/WEw4+1fXmnPrVkb7MyRJ2Qh9McwqnJrVoItLfmM +iHpzANTI2/DmRkNnaZ9mBSw0C0N+8R0yXHU0gkC1VqqCJk07MlHOVShRQViPDsBslzCqQ 1kpGNWrquqC/+gjgr4lv1qsH1/KwuB6LdtIfVwDZtysEUP3b0SGgXiQ/auouJa0j6H3rPF Xfh8M3z1nIY/QN8nWqJqS05H8gc9njGSnO38x1FJtFwibuLY8L6Q/qvCrCiFTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687494937; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uDaPD0DdRUCZnFrMXmpaEDXej0vCnLh8tn/CiIxjcEg=; b=R4nQ804mTT8syYLs22Drfqny+nWBcRzfis0ciJRCmd42t3B/CEPZ4Z7QEhgY+ZtyxgUnak 43Jir2s5yfk/hpPxEGXtXdj2zU0oEhy3It8fT13X8RiZ5Zr5PF/A4qM35SZC0EWxxZtJEP wXyjjrUIiGAfgOwmzq1t8WNNGb9QnPY6wCIW0/AxPg9nDnh8WVJ2C91CZba42Tgx+tnrV2 LeD9d6RGktJUwwg2thm/KGAlHyrrGMnjxRx6yjw7IavEZF/6AKEPx2c2iE33Fka3FeifG4 w8OJtjWGeh/UKscb1FBaF7G4Df6LCfNkTdiww2whruC51ldb72i9UedXaisBIw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687494937; a=rsa-sha256; cv=none; b=DKb/ydB2LODHOgcHyCGp9cMKbPjGTOZywD0xUOkEIDkiCYfXtYe9j1/u/h1oF+IIaLdit0 xElxiMhwt2YMA0/cAne9si0kLS2S9rjqVcbuMLvRnbTNZvNndKD8+FKJmrBXa5SnGHRCCq LIS6aX0+wme3CEmxGK7CJp2IeJ7yOclTJ06gf6H8+61w5+1EMIV82LTA7DnQOLszffdLls beciI8BuD5z796VPnfLM3yN0ntPYj5OHfcOYQEAISpw/jdWZYWepUlmqNvqqacxiF8V/Fh 2UJ8qx/dQ5vmqCBflrmq/3B4Cos/F4Xzf36/0//WkWeUcYAoY4SU2NRrxpVxgg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QnPYj4D59zrWR; Fri, 23 Jun 2023 04:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35N4ZbY7099238; Fri, 23 Jun 2023 04:35:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35N4ZbRf099237; Fri, 23 Jun 2023 04:35:37 GMT (envelope-from git) Date: Fri, 23 Jun 2023 04:35:37 GMT Message-Id: <202306230435.35N4ZbRf099237@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 8711fd2103d2 - stable/13 - kern_ntptime: Fix undefined behavior of the shift operator List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 8711fd2103d2a580bd4671f3f1c7da0fc791e5db Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=8711fd2103d2a580bd4671f3f1c7da0fc791e5db commit 8711fd2103d2a580bd4671f3f1c7da0fc791e5db Author: Dmitriy Alexandrov AuthorDate: 2023-06-08 09:08:46 +0000 Commit: Cy Schubert CommitDate: 2023-06-23 04:34:11 +0000 kern_ntptime: Fix undefined behavior of the shift operator L_LINT macro is used with negative numbers [i.e. L_LINT(time_freq, -MAXFREQ)], it could cause undefined behavior. It should be similar to the L_RSHIFT(v, n) macro. MFC after: 2 weeks Reviewed by: cy Pull Request: https://github.com/freebsd/freebsd-src/pull/769 Signed-off-by: Dmitriy Alexandrov (cherry picked from commit af9ce4e9bb7d717279e02d46455e85ef6fb828f7) --- sys/kern/kern_ntptime.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_ntptime.c b/sys/kern/kern_ntptime.c index a8418248abd7..7e0595c4b643 100644 --- a/sys/kern/kern_ntptime.c +++ b/sys/kern/kern_ntptime.c @@ -73,7 +73,13 @@ typedef int64_t l_fp; #define L_MPY(v, a) ((v) *= (a)) #define L_CLR(v) ((v) = 0) #define L_ISNEG(v) ((v) < 0) -#define L_LINT(v, a) ((v) = (int64_t)(a) << 32) +#define L_LINT(v, a) \ + do { \ + if ((a) < 0) \ + ((v) = -((int64_t)(-(a)) << 32)); \ + else \ + ((v) = (int64_t)(a) << 32); \ + } while (0) #define L_GINT(v) ((v) < 0 ? -(-(v) >> 32) : (v) >> 32) /* From nobody Fri Jun 23 04:35:44 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QnPYr5SXVz4gP7G; Fri, 23 Jun 2023 04:35:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QnPYr4Ymnz4PZQ; Fri, 23 Jun 2023 04:35:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687494944; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yrsfLeKMhD+iSnBQYIAnkp3urAEFPcIFA4alhGzTK68=; b=hX/7dTCNj7i4Q4heCs874Npr0m0GOHDUY7v/KicIxgnpNptmoEmQYu28HZ99FHMY7FF0ms uO2h7w8EwBNAGZtJ2sQ5xhWLvoNlCEvIBLPAHAG7WYnNFTuNiVy9Q5QBGYN73oRCJowBut 7Etmr4uVS3Yo7+zpYhdmpbZyYBSwLLn3pNXhoRLJJzck5l4B+Y5ve9thstAN7Ni7JM01hi 08c6P5UIHmHZHdgIi7BCd80rtxG7C6b8h08tqMYm5aIqckusAWaIWNnv9F6MorCgFDof5f oESdpfpUrNJnHxKrPfqo9dzD4nglITdS3AYagPOuVv2jRRgXjnViVETQaWRu1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687494944; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yrsfLeKMhD+iSnBQYIAnkp3urAEFPcIFA4alhGzTK68=; b=DG0RGkAg6m4Ja+OwtJTx25AeuZ3pG1Yt2rPNrDp+/Ps/LLXr+RDMlf3t6+Qc2+3cO4X0mp Mza2rfLBD6LAx/euIVjEx3yY6GRQoQot+QvQbc6uEsmBQ+T5dLt1G3Ljc6Ki2Bd+cFBFIv uCfRSVJCIHRjni0Q4v+Q1Py1Z3a2v4CpqX/MnZp+Vsa37yHsK1Mzw/l0eER3cKjpDJMXmR 4Yg1czfji0PAqLHWoGeDRSV8vhH61cRkO8oVc7NBPF90z6q//EVqD6geA6p2ku8WRb4QlR KqmzFWotCYH57b5c63TK0BlCwbmoCHuOkwhhuo9Hox1kmopmkWN87uFHyP58xg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687494944; a=rsa-sha256; cv=none; b=rbA7c+UzE5BIWvE3kiZdgTvP00S1VntMJrMM9QAxavokVZcuuZqUwNpl3ylO1n0kNuOr+g y6TRNbXrlgFNZfEyGWl/4YLJVlwSgx9vLUUt2HPRKgBGMRDKQ45AYfmIsO8wzCONnfh5RA LHzAd47ncB0qxYchCE4paO4QwVxW+dRM7Vu70NftWCKcDrHuU/EaudDpIKM/DNBTQHJG9P J0a8pX0STAmy3Lgou3OGdbGg929HrqihO5tS5LuCpiOjrrow8XTj1cw12lleWl85fpeV7T RPVdwWExrwAljkfNogSdvjxt/lNgzoYQhkTZqPrgt7Epin3m2LIe4pO8bLCv9Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QnPYr3dwlzrYw; Fri, 23 Jun 2023 04:35:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35N4ZiwX099358; Fri, 23 Jun 2023 04:35:44 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35N4Zidb099357; Fri, 23 Jun 2023 04:35:44 GMT (envelope-from git) Date: Fri, 23 Jun 2023 04:35:44 GMT Message-Id: <202306230435.35N4Zidb099357@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: e66b677c9745 - stable/12 - kern_ntptime: Fix undefined behavior of the shift operator List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: e66b677c974540ccf55d7a73a3ce220721f4d0ea Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=e66b677c974540ccf55d7a73a3ce220721f4d0ea commit e66b677c974540ccf55d7a73a3ce220721f4d0ea Author: Dmitriy Alexandrov AuthorDate: 2023-06-08 09:08:46 +0000 Commit: Cy Schubert CommitDate: 2023-06-23 04:35:04 +0000 kern_ntptime: Fix undefined behavior of the shift operator L_LINT macro is used with negative numbers [i.e. L_LINT(time_freq, -MAXFREQ)], it could cause undefined behavior. It should be similar to the L_RSHIFT(v, n) macro. MFC after: 2 weeks Reviewed by: cy Pull Request: https://github.com/freebsd/freebsd-src/pull/769 Signed-off-by: Dmitriy Alexandrov (cherry picked from commit af9ce4e9bb7d717279e02d46455e85ef6fb828f7) --- sys/kern/kern_ntptime.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_ntptime.c b/sys/kern/kern_ntptime.c index bc35cdee0d71..2817d2f20d5a 100644 --- a/sys/kern/kern_ntptime.c +++ b/sys/kern/kern_ntptime.c @@ -73,7 +73,13 @@ typedef int64_t l_fp; #define L_MPY(v, a) ((v) *= (a)) #define L_CLR(v) ((v) = 0) #define L_ISNEG(v) ((v) < 0) -#define L_LINT(v, a) ((v) = (int64_t)(a) << 32) +#define L_LINT(v, a) \ + do { \ + if ((a) < 0) \ + ((v) = -((int64_t)(-(a)) << 32)); \ + else \ + ((v) = (int64_t)(a) << 32); \ + } while (0) #define L_GINT(v) ((v) < 0 ? -(-(v) >> 32) : (v) >> 32) /* From nobody Fri Jun 23 13:53:38 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QndxZ3Gffz4gJNV; Fri, 23 Jun 2023 13:53:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QndxZ2XJcz4gwW; Fri, 23 Jun 2023 13:53:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528418; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=olUsH9qi71iqyI42fSanSp/ioKYEZLdgPb2/ID1SDw4=; b=AYJ7QPv9gKBQhe+c6HHa+7oPCyiqvl/jHwrj/thWbVrp3sWTjDvRoxkY4wmhddTbRwZHu9 CEIydKvpGg2qsfeSrBIKI11+xt1np5TtFaDi7v5YCvdELAnPkoAaxIIe5Pt9ZXD0/F9h5e ULLt6ownvsJ/JV7l8XXy6bVHMwaQeAFG2fMzxI1DbUjiJ3kbACKHPio0M/68AWn3saNGux cgr2Yju6zXJ6dyB2IpbReRzGO/w4h+ujCAoow1o9gVYxjcetXjlGITT+FBUSu6JO5FHmNT kRH+m7HMLkh1YcDfxXw2vhywepVfR2jc3vK2CcrEnklZ8hVhltYFNzoFisxJkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528418; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=olUsH9qi71iqyI42fSanSp/ioKYEZLdgPb2/ID1SDw4=; b=RFHCsq3ZSzYTGnW3UAwwiBV+EuPhG2Z1U/VCZCnJZz9t6qNArtmUV1MNfBA+eqaFthMINx Dn3SHel2rS8piKJZEUqAIfaMLpEqAeJAqjuk+0DZx+NZ6jPh3QmFuceLusNkfPg8BbEzjC ZzzmUzdTnbCyR52oR4H25GP2HiNiQYPcyDcGrb9/KFLn/yJ8bjyJxW7RUr0fi8d+nZQFcM YBRuW9fg8Z38KeUDGAdbA889NpwcBLm1iQDPbrgOXIXnaBRsIHYgkCn+usdE4l7r2xBdza VMFSfIbaQch6ZREjSwfx6T9a3bUoL9+XaPIDxAB2puSDS05ouDGlyTqRZ642kg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687528418; a=rsa-sha256; cv=none; b=xs+AajePcEbY44SEMUr59tOJPHTO10Ckqp+PnBZfxryQALgvuE7I1gOPpN5uc1y1Ljtvip w6wnAjij1N5K0BKl4q6/kT8dUftd4jx82biJZrAaUBozn+/p9xcnHFyxfsIbVJPxodGhXj Fnt6xa802/pxiJM/S6IA2jfnnp/Z8D8AzxQIsaVaIySM8DV1MZHx27UzAXPaE05IU28ghv CP2lgZBCn/TdQvC6ZSHf1y+GO7efU+3omC8HQNI6Nc3xaT0ThBlOBklLxPY/KaO6/ptCvn Ipl+1F0ZUXFJ9Kcfd0cIbswj3sbBSDVbvD11QXk6YW5XyD+DrJmUybGugSOeSQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QndxZ1cHpz15yF; Fri, 23 Jun 2023 13:53:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35NDrchf020830; Fri, 23 Jun 2023 13:53:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35NDrcwN020829; Fri, 23 Jun 2023 13:53:38 GMT (envelope-from git) Date: Fri, 23 Jun 2023 13:53:38 GMT Message-Id: <202306231353.35NDrcwN020829@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 987fca954dc8 - stable/13 - md: Get rid of the pbuf zone List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 987fca954dc805e5135c13b6efa28a8174d35377 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=987fca954dc805e5135c13b6efa28a8174d35377 commit 987fca954dc805e5135c13b6efa28a8174d35377 Author: Mark Johnston AuthorDate: 2023-05-23 14:14:06 +0000 Commit: Mark Johnston CommitDate: 2023-06-23 13:33:49 +0000 md: Get rid of the pbuf zone The zone is used solely to provide KVA for mapping BIOs so that we can pass mapped buffers to VOP_READ and VOP_WRITE. Currently we preallocate nswbuf/10 bufs for this purpose during boot. The intent was to limit KVA usage on 32-bit systems, but the preallocation means that we in fact consumed more KVA than needed unless one has more than nswbuf/10 (typically 25) vnode-backed MD devices in existence, which I would argue is the uncommon case. Meanwhile, all I/O to an MD is handled by a dedicated thread, so we can instead simply preallocate the KVA region at MD device creation time. Event: BSDCan 2023 Reviewed by: kib MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D40215 (cherry picked from commit 30038a8b4efc6d0b9f8f295e28bc205fe9728310) --- sys/dev/md/md.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/sys/dev/md/md.c b/sys/dev/md/md.c index 2e941c991ddb..52d64d6721cd 100644 --- a/sys/dev/md/md.c +++ b/sys/dev/md/md.c @@ -97,6 +97,7 @@ #include #include +#include #include #include #include @@ -231,8 +232,6 @@ static LIST_HEAD(, md_s) md_softc_list = LIST_HEAD_INITIALIZER(md_softc_list); #define NMASK (NINDIR-1) static int nshift; -static uma_zone_t md_pbuf_zone; - struct indir { uintptr_t *array; u_int total; @@ -274,6 +273,7 @@ struct md_s { char file[PATH_MAX]; char label[PATH_MAX]; struct ucred *cred; + vm_offset_t kva; /* MD_SWAP related fields */ vm_object_t object; @@ -875,11 +875,11 @@ mdstart_vnode(struct md_s *sc, struct bio *bp) struct iovec *piov; struct mount *mp; struct vnode *vp; - struct buf *pb; bus_dma_segment_t *vlist; struct thread *td; off_t iolen, iostart, len, zerosize; int ma_offs, npages; + bool mapped; switch (bp->bio_cmd) { case BIO_READ: @@ -897,10 +897,10 @@ mdstart_vnode(struct md_s *sc, struct bio *bp) td = curthread; vp = sc->vnode; - pb = NULL; piov = NULL; ma_offs = bp->bio_ma_offset; len = bp->bio_length; + mapped = false; /* * VNODE I/O @@ -962,22 +962,21 @@ mdstart_vnode(struct md_s *sc, struct bio *bp) auio.uio_iovcnt = piov - auio.uio_iov; piov = auio.uio_iov; } else if ((bp->bio_flags & BIO_UNMAPPED) != 0) { - pb = uma_zalloc(md_pbuf_zone, M_WAITOK); - MPASS((pb->b_flags & B_MAXPHYS) != 0); bp->bio_resid = len; unmapped_step: npages = atop(min(maxphys, round_page(len + (ma_offs & PAGE_MASK)))); iolen = min(ptoa(npages) - (ma_offs & PAGE_MASK), len); KASSERT(iolen > 0, ("zero iolen")); - pmap_qenter((vm_offset_t)pb->b_data, - &bp->bio_ma[atop(ma_offs)], npages); - aiov.iov_base = (void *)((vm_offset_t)pb->b_data + - (ma_offs & PAGE_MASK)); + KASSERT(npages <= atop(MAXPHYS + PAGE_SIZE), + ("npages %d too large", npages)); + pmap_qenter(sc->kva, &bp->bio_ma[atop(ma_offs)], npages); + aiov.iov_base = (void *)(sc->kva + (ma_offs & PAGE_MASK)); aiov.iov_len = iolen; auio.uio_iov = &aiov; auio.uio_iovcnt = 1; auio.uio_resid = iolen; + mapped = true; } else { aiov.iov_base = bp->bio_data; aiov.iov_len = bp->bio_length; @@ -1005,8 +1004,8 @@ unmapped_step: VOP_ADVISE(vp, iostart, auio.uio_offset - 1, POSIX_FADV_DONTNEED); - if (pb != NULL) { - pmap_qremove((vm_offset_t)pb->b_data, npages); + if (mapped) { + pmap_qremove(sc->kva, npages); if (error == 0) { len -= iolen; bp->bio_resid -= iolen; @@ -1014,7 +1013,6 @@ unmapped_step: if (len > 0) goto unmapped_step; } - uma_zfree(md_pbuf_zone, pb); } else { bp->bio_resid = auio.uio_resid; } @@ -1283,7 +1281,7 @@ mdnew(int unit, int *errp, enum md_types type) return (NULL); } - sc = (struct md_s *)malloc(sizeof *sc, M_MD, M_WAITOK | M_ZERO); + sc = malloc(sizeof(*sc), M_MD, M_WAITOK | M_ZERO); sc->type = type; bioq_init(&sc->bio_queue); mtx_init(&sc->queue_mtx, "md bio queue", NULL, MTX_DEF); @@ -1483,6 +1481,8 @@ mdcreate_vnode(struct md_s *sc, struct md_req *mdr, struct thread *td) nd.ni_vp->v_vflag &= ~VV_MD; goto bad; } + + sc->kva = kva_alloc(MAXPHYS + PAGE_SIZE); return (0); bad: VOP_UNLOCK(nd.ni_vp); @@ -1541,6 +1541,8 @@ mddestroy(struct md_s *sc, struct thread *td) destroy_indir(sc, sc->indir); if (sc->uma) uma_zdestroy(sc->uma); + if (sc->kva) + kva_free(sc->kva, MAXPHYS + PAGE_SIZE); LIST_REMOVE(sc, list); free_unr(md_uh, sc->unit); @@ -2074,7 +2076,6 @@ g_md_init(struct g_class *mp __unused) sx_xunlock(&md_sx); } } - md_pbuf_zone = pbuf_zsecond_create("mdpbuf", nswbuf / 10); status_dev = make_dev(&mdctl_cdevsw, INT_MAX, UID_ROOT, GID_WHEEL, 0600, MDCTL_NAME); g_topology_lock(); @@ -2170,6 +2171,5 @@ g_md_fini(struct g_class *mp __unused) sx_destroy(&md_sx); if (status_dev != NULL) destroy_dev(status_dev); - uma_zdestroy(md_pbuf_zone); delete_unrhdr(md_uh); } From nobody Fri Jun 23 13:53:39 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qndxb4wPYz4gJLV; Fri, 23 Jun 2023 13:53:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qndxb3SR2z4ksT; Fri, 23 Jun 2023 13:53:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528419; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jrdZgIm8pI4QCe0CRIPYdiAfuHT/xJ/9eLFc0MUyDAw=; b=Py9l157sxXFbCVSUaorG7iv4tfqcVe1lUq/kXh+IJu6ykUOhKd6Ajst0wusiITgej7tmRr 6kO6Cb597HEJ3FiL+5ahy4rDxoijzyRDI28R4Z75GqsWRb5W0lKETYOlBWR7IMLsllbXeQ DavT6Bkk+g+HrRa7rJWS1fPrj9+zaMFx423x1lWGyImmk8KVHtyZ+METvP7jOjnVNbjG8k mER+Zc1E9aqVeIvmJvgMi0scC5VVuDyY8G48FEIJVxNg6EiF4amps8DfrqlKA169gLAfUr H9CoMbyx+vy77kH/LTqaUyUWDReOKeTHDvK0ypjIDt0cmODbKI9WlKzrLpDhmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528419; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jrdZgIm8pI4QCe0CRIPYdiAfuHT/xJ/9eLFc0MUyDAw=; b=sWKbdKd6QhN5mX1RoyDXXOoOS6yA843dQpEHstNr2evXrL1zHfC3ftwwkvr7GvJF9vK4HQ dkNRAhGKW9OfsizfXQYuBOXAKzIeNnQ+Gj2/8qDK8On6qA9/ilcfUa45bxdw1wUqGwJY// NCElg2UPFc7iVYryNQ4IGkig+soVVXcoS9zIR5YbuZs4F4wRzl2mz5fQvQmvBeqMV1Qyai HLz8cVtmE2ApzRxFb/E0cVzNHM7s4zEn/GDETT8ajltFk4evtM0MeqSiukTzQvSK2eGPWS jONxRqy4K1HrdLgjcAdbo6bsel3aCXVGPXQ0uG9j317uwNynSCrNie1RPAJPTg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687528419; a=rsa-sha256; cv=none; b=DcSVT1tHAo4ttemWPNnAxNDZlvOs6u8iBNUbiXP8CDCwtb2ieF+7abh9821AqDbocy/HT4 1huEtgnaU8m4reBsRoBXXAEzPfENCEY3HXcLwqOg7mNBtkpnm4TQ9sgZI5w7IUI6am6s/7 ih5J7GwqEOgzwKfH6iizmvGIc6bJZyv0ngIv7L8zE84YmfireBSUdhUrk+2lw7m7tKU+I8 uO7g3bTDfoHuLPMEeqLmgbrSuhJhvh9jUz/5Ykp/LcPLB6Q1von/a2fHnnwAaDdqFUjU56 HmRu1ddHYmpguowYfw//+1vNk2w0o9xYZb0gud24AtJ3L/hV5rAfU+wJ4Gt2XA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qndxb2W4Fz16jD; Fri, 23 Jun 2023 13:53:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35NDrdkK020853; Fri, 23 Jun 2023 13:53:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35NDrdjN020852; Fri, 23 Jun 2023 13:53:39 GMT (envelope-from git) Date: Fri, 23 Jun 2023 13:53:39 GMT Message-Id: <202306231353.35NDrdjN020852@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 8bea7e28ef1b - stable/13 - arm64: Make a debug print conditional on bootverbose List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 8bea7e28ef1b9180daeefeeee21fe840920606e2 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8bea7e28ef1b9180daeefeeee21fe840920606e2 commit 8bea7e28ef1b9180daeefeeee21fe840920606e2 Author: Mark Johnston AuthorDate: 2023-06-15 16:13:05 +0000 Commit: Mark Johnston CommitDate: 2023-06-23 13:34:02 +0000 arm64: Make a debug print conditional on bootverbose It doesn't seem particularly useful to have it enabled by default, and it spits several dozen lines into the dmesg on a test system. Reviewed by: andrew MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D40499 (cherry picked from commit 50e1cc94a138f8886588eabe0b849b487d9925a3) --- sys/arm64/arm64/efirt_machdep.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sys/arm64/arm64/efirt_machdep.c b/sys/arm64/arm64/efirt_machdep.c index 343235a7d255..c07eb3339c54 100644 --- a/sys/arm64/arm64/efirt_machdep.c +++ b/sys/arm64/arm64/efirt_machdep.c @@ -220,7 +220,10 @@ efi_create_1t1_map(struct efi_md *map, int ndesc, int descsz) else mode = VM_MEMATTR_DEVICE; - printf("MAP %lx mode %x pages %lu\n", p->md_phys, mode, p->md_pages); + if (bootverbose) { + printf("MAP %lx mode %x pages %lu\n", + p->md_phys, mode, p->md_pages); + } l3_attr = ATTR_DEFAULT | ATTR_S1_IDX(mode) | ATTR_S1_AP(ATTR_S1_AP_RW) | ATTR_S1_nG | L3_PAGE; From nobody Fri Jun 23 13:53:40 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qndxc5Vzvz4gJT2; Fri, 23 Jun 2023 13:53:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qndxc4cyDz4lD9; Fri, 23 Jun 2023 13:53:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528420; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JO2GfbH66/eAqEVCpbuVbWNE/52AShDvy9VpGwYMUAk=; b=VnInCuDM7Li5wZagk6WDMBQCaiwn11oOeDJVGmVN6GsLJyrkrcmqGj0XxMfguMwdSJt22q 5k/biAB4glpt6KzIPqZJEsPjgyBMIHqiY5mMJLu18Qs4yRMHk65vzHnCiwlHjuFjLRC/pY kETy7hdKHmJOW1/g68WAzsrT9tDQ/rdVZdjaKCalcwrib+jeVQAjSjFy7RH2Q0RfegAd6s VS0snt63f0NgxMiCD97H0WW7+WTHDz7Ls+ypFJU3WHGZl+zqyqUCRS0O8QDWFcsYeth7Ws f4yOqkCJiN339RsK9iMpKh++8MgyCG3e33xVsFefhNpR+bKQisI3cfnWJKscLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528420; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JO2GfbH66/eAqEVCpbuVbWNE/52AShDvy9VpGwYMUAk=; b=puQgzZg5jBGp4XbgORTPxXqGr3IRuu+AWmZd0sLfwAciMpfatohM2AftFLqskoJ2ovIlMs voIUYuY5OGKQmrse6A1KYDOhK2ZD9+1mPSO8Z/YaZL/7hZhocPesxIb1QSNw1pl5J09rJb EeK8qF4+cRATMKlM6SoXmux3aI0hLvemURNB2O0ZgBeLJF2DenRaYZtK4fAG/6omy00WMK 3s/1628HMC+58hBAPyUKzsqTp4xRDFF374FXiUTPQRC5a/nUS86z6iYxoIPHTEzoKg7W9V SHaZpk2Fma6NYSsu1VgyQo2jokvsCQw1xmhb9cqf4rhYnWJIYqHz7HDB2r+DGg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687528420; a=rsa-sha256; cv=none; b=c69n4VGJj5Kf1lyMJZGBMEBkEQvWtPh3i4uBbVmKBFUNG8I9dXS/Fc2+jPTlG+PlqUmN0I Qcw2F65/p9cYR64Sj4Z62OR8R4sw5zvjNS8PxZccV5wMwUasN/6x4aZv9bQh2ZoURh6RSm oRERK3rpkJfHMQTg5NyERm7UWNfoA6YnUGRCsTvIXVFEPICYIrPTcAd13AH2p62lK7WPkp Yy4pNZtMl+fK59H1rp6W0+xJmm755j5DhQBzUeToD5FnsTQF/+ls1xX/N6WKMUe8n724xd iQvcrpDTPB5zmOQ63XBqegpkBneuK738A/bMAGlCV1X/tv6vrXYoUuErRwPlNw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qndxc3S6wz16Rx; Fri, 23 Jun 2023 13:53:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35NDre20020875; Fri, 23 Jun 2023 13:53:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35NDrepV020874; Fri, 23 Jun 2023 13:53:40 GMT (envelope-from git) Date: Fri, 23 Jun 2023 13:53:40 GMT Message-Id: <202306231353.35NDrepV020874@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 7d86d8ed848e - stable/13 - dtrace/arm64: Fix user memory access routines List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7d86d8ed848e06bdc6c2d352564d7b78818b023e Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7d86d8ed848e06bdc6c2d352564d7b78818b023e commit 7d86d8ed848e06bdc6c2d352564d7b78818b023e Author: Mark Johnston AuthorDate: 2023-06-15 16:39:21 +0000 Commit: Mark Johnston CommitDate: 2023-06-23 13:34:17 +0000 dtrace/arm64: Fix user memory access routines Use unprivileged loads to access user memory. Without this, the accesses trap and various dtrace actions such as ustack() fail. Reviewed by: andrew MFC after: 1 week Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D40540 (cherry picked from commit 6281147a963b02bb5d7b4db15ee295d6d65d0fff) --- sys/cddl/dev/dtrace/aarch64/dtrace_asm.S | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S b/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S index 710232a0d428..913429865421 100644 --- a/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S +++ b/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S @@ -72,7 +72,7 @@ uint8_t dtrace_fuword8_nocheck(void *addr) */ ENTRY(dtrace_fuword8_nocheck) - ldrb w0, [x0] + ldtrb w0, [x0] RET END(dtrace_fuword8_nocheck) @@ -81,7 +81,7 @@ uint16_t dtrace_fuword16_nocheck(void *addr) */ ENTRY(dtrace_fuword16_nocheck) - ldrh w0, [x0] + ldtrh w0, [x0] RET END(dtrace_fuword16_nocheck) @@ -90,7 +90,7 @@ uint32_t dtrace_fuword32_nocheck(void *addr) */ ENTRY(dtrace_fuword32_nocheck) - ldr w0, [x0] + ldtr w0, [x0] RET END(dtrace_fuword32_nocheck) @@ -99,7 +99,7 @@ uint64_t dtrace_fuword64_nocheck(void *addr) */ ENTRY(dtrace_fuword64_nocheck) - ldr x0, [x0] + ldtr x0, [x0] RET END(dtrace_fuword64_nocheck) @@ -110,7 +110,8 @@ dtrace_copy(uintptr_t uaddr, uintptr_t kaddr, size_t size) ENTRY(dtrace_copy) cbz x2, 2f /* If len == 0 then skip loop */ 1: - ldrb w4, [x0], #1 /* Load from uaddr */ + ldtrb w4, [x0] /* Load from uaddr */ + add x0, x0, #1 strb w4, [x1], #1 /* Store in kaddr */ sub x2, x2, #1 /* len-- */ cbnz x2, 1b @@ -126,8 +127,9 @@ XXX: Check for flags? */ ENTRY(dtrace_copystr) cbz x2, 2f /* If len == 0 then skip loop */ - -1: ldrb w4, [x0], #1 /* Load from uaddr */ +1: + ldtrb w4, [x0] /* Load from uaddr */ + add x0, x0, #1 strb w4, [x1], #1 /* Store in kaddr */ cbz w4, 2f /* If == 0 then break */ sub x2, x2, #1 /* len-- */ From nobody Fri Jun 23 13:53:41 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Qndxd61Hwz4gJYL; Fri, 23 Jun 2023 13:53:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Qndxd5Jd8z4lM9; Fri, 23 Jun 2023 13:53:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3zvlhes1V/2tFM2j1D1iDEASSnhhocHHttFpxGt3V/Y=; b=YMi3jmbeS0plW3xmCdDYWjP2ed578of89jzwFnjqUaxFzvlzh32OFCvwpSXt+KIvuErIli 7ZAXsuQEHY49bZ9ZU7MPnFsietpJLn64hwSH2LCAVdWLdNpv6rvOx81x1LOX9tA5aSYOPp ufWvJVBvoD5ly8IfueORZ7theGleyF7RXslp5cVRATE3ggBBK6Hx2J4BtHC/JTiyuLZwFn bWykhIhRi0Mxo4y/26vDU2r2518z2GEV9xt2O3OvUvkOgjDHPUsg/DILxSNXtk9iuRvYOe JXtcGlOyrTm23VqVRKnTkRMFdh2y8GjxexMZr9Fpj/h4qlIm0GKW+XisuQu7eQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1687528421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3zvlhes1V/2tFM2j1D1iDEASSnhhocHHttFpxGt3V/Y=; b=j+xAnxVOPhBf8qutCzQq5V8iBxBbUYPW1sFEx6mFtF3na8Axse2Ul+bqnmfHKKuWRjNb5X HQlb7opitBly4F0ROoi+gO4b6T9AxEc5rpm6diQIXLHWTcfbMh/TPp5MmHtD0aH4PUjRoB Vpz2QfKCRZAE1R7CxDwd3MBvUYG+0s1AJiqqPKPd7fm2BWalEsgR7S6tNlbs8L8xOOwrEC 4O44o/YhdxzvTo1Vad3MZ0hE8NjW3MoVgxNCSUQ5YeEuAHK7UR86lUvUnKCl9d7o8VYnK7 m/KYUhf8FF7oTMp5RfpT1j73zCucBDzJwWX3dcgTPHzIrUBPu8JSHFtJ+LZU5A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1687528421; a=rsa-sha256; cv=none; b=mrSc09U3pqHw0QiNMhHqnlR57Qcv140q9uJNLEVZBa1zhn3KdiCW5TYy5/lID21/egq+Lp EINuMreOrD5Fp313/xeLGiG5HMu0XTzzVdnml9TJD2+ISc9xk1KtfJ4/Gt2uayDu5vj0SK hYArW7cqTvJNmo0ETmlyYbFl143v2fJ65mL/Dx4MnmScw9HhaRe/zUJFarQe9SZywyHT1H AcqHdkE+U4E5poPUO7bwLuWA31RLoIj2xLvkRs+x30hcji6jtAglh6zH1OHOdZ2kIsbfdu gIi8x6PTEQV46w586BKOotg8HI9orzLi3mxs880+ADtACXW9xhC6MSc+4avakw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Qndxd4Mqdz16Ry; Fri, 23 Jun 2023 13:53:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 35NDrfD7020894; Fri, 23 Jun 2023 13:53:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 35NDrfYc020893; Fri, 23 Jun 2023 13:53:41 GMT (envelope-from git) Date: Fri, 23 Jun 2023 13:53:41 GMT Message-Id: <202306231353.35NDrfYc020893@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 13a31c43bf2c - stable/13 - arm64: Remove struct arm64_frame List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 13a31c43bf2cdd39d4be5aeff84b307ac42cfa03 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=13a31c43bf2cdd39d4be5aeff84b307ac42cfa03 commit 13a31c43bf2cdd39d4be5aeff84b307ac42cfa03 Author: Mark Johnston AuthorDate: 2023-06-15 16:10:44 +0000 Commit: Mark Johnston CommitDate: 2023-06-23 13:34:25 +0000 arm64: Remove struct arm64_frame It was used in one place and was added specifically to support dtrace stack unwinding code. Write an equivalent expression using struct unwind_state instead. No functional change intended. Reviewed by: andrew MFC after: 1 week Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D40538 (cherry picked from commit d3251842321e7a5ac8bbb2aec128328cd10f3a84) --- sys/arm64/include/frame.h | 5 ----- sys/cddl/dev/dtrace/aarch64/dtrace_isa.c | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/sys/arm64/include/frame.h b/sys/arm64/include/frame.h index 0a8b53ebb01e..5033e887a094 100644 --- a/sys/arm64/include/frame.h +++ b/sys/arm64/include/frame.h @@ -50,11 +50,6 @@ struct trapframe { uint64_t tf_x[30]; }; -struct arm64_frame { - struct arm64_frame *f_frame; - u_long f_retaddr; -}; - /* * Signal frame, pushed onto the user stack. */ diff --git a/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c b/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c index 8e184591b916..79d035d10972 100644 --- a/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c +++ b/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c @@ -137,7 +137,7 @@ dtrace_getustack_common(uint64_t *pcstack, int pcstack_limit, uintptr_t pc, break; pc = dtrace_fuword64((void *)(fp + - offsetof(struct arm64_frame, f_retaddr))); + offsetof(struct unwind_state, pc))); fp = dtrace_fuword64((void *)fp); if (fp == oldfp) {