Commit graph

36 commits

Author SHA1 Message Date
loos
ee7c8aecaa Add the ID for the Huawei ME909S LTE modem.
Submitted by:	svenauhagen at github
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2017-06-27 06:19:26 +02:00
sbruno
0357654fe9 Add Intel Atom Cherryview SOC HSUART support
PR:	207910
Submitted by:	johannes@brilliantservice.co.jp
MFC after:	1 week
2017-06-12 11:52:37 +02:00
delphij
c4839b2532 Fix multiple vulnerabilities of ntp. [SA-17:03]
Xen migration enhancements. [EN-17:05]

Approved by:	so
2017-04-16 11:26:43 +02:00
delphij
de57639d0e Fix multiple vulnerabilities of OpenSSL. [SA-17:02]
Fix system hang when booting when PCI-express HotPlug is enabled.
[EN-17:01]

Fix NIS master updates are not pushed to NIS slave. [EN-17:02]

Fix compatibility with Hyper-V/storage after KB3172614 or
KB3179574. [EN-17:03]

Make makewhatis output reproducible. [EN-17:04]

Approved by:	so
2017-02-23 11:39:29 +01:00
Franco Fichtner
cc26f593af Revert "hyperv: let there be IDE disks"
This reverts commit bdf347ea9d.
Addressed in the the FreeBSD advisoriy coming right up...
2017-02-23 11:39:02 +01:00
Franco Fichtner
c2a8bcd3b1 run: add AE3000 and AE6000; closes #17 2017-02-16 17:33:28 +01:00
Franco Fichtner
48b69b0bd5 re: update to upstream version 1.93, full FreeBSD 11.0 support
Taken from: http://www.realtek.com.tw/Downloads/
2017-02-15 21:44:23 +01:00
Franco Fichtner
59089894ed re: port driver to FreeBSD 11.0 2017-02-12 11:08:31 +01:00
Franco Fichtner
b5e9e2dcc4 re: use the upstream realtek driver 1.92
Taken from: http://www.realtek.com.tw/Downloads/
2017-02-12 11:08:31 +01:00
Franco Fichtner
bdf347ea9d hyperv: let there be IDE disks
Adapted from: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212721
PR:           https://forum.opnsense.org/index.php?topic=4405.0
2017-02-02 15:01:50 +01:00
Franco Fichtner
175886459b netmap: manually backport multiple fixes
o Restore netmap emulation mode to working order, including
  fixing the destructor panics on detach.
o Omit pipe additions to these fixes, likely problematic for
  Suricata to pass traffic like it does on 11.0 without this
  patch.
o Allow to build the module without errors in the tree.

Many thanks to Vincenzo Maffione for assistance and review!  :)

From b497fe34fd275da6b850bf271f510d02b888b8bc Mon Sep 17 00:00:00 2001
From: Giuseppe Lettieri <g.lettieri@iet.unipi.it>
Date: Thu, 2 Jun 2016 00:21:40 +0200
Subject: [PATCH] allocate only the rings requested by the user

From 09936864fa5b67b82ef4a9907819b7018e9a38f2 Mon Sep 17 00:00:00 2001
From: Giuseppe Lettieri <g.lettieri@iet.unipi.it>
Date: Wed, 20 Jul 2016 20:35:12 +0000
Subject: [PATCH] freebsd: fix const-related warning

From ab90c6c10224fefbb6a6c6e0b92e6ba80e5b694d Mon Sep 17 00:00:00 2001
From: Vincenzo Maffione <v.maffione@gmail.com>
Date: Wed, 28 Sep 2016 18:39:55 +0200
Subject: [PATCH] freebsd: generic: change mbuf allocation management

From fe811e11b2c37fc274a1134e1c10b2f6ada1a91c Mon Sep 17 00:00:00 2001
From: Vincenzo Maffione <v.maffione@gmail.com>
Date: Thu, 29 Sep 2016 08:54:52 +0200
Subject: [PATCH] freebsd: generic: call m_extadd() only once for each mbuf
2017-01-16 10:47:49 +01:00
Franco Fichtner
d15d07f11b em: restore link state probing for 82574 chipsets
This matches the Intel 7.6.2 driver code to restore "no carrier"
state transitions in the 82574 chipsets.

PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211219
Also see: https://svnweb.freebsd.org/base?view=revision&revision=286831
2017-01-11 08:47:18 +01:00
sbruno
48f2b91578 Do not initialize the adapter on MTU change when adapter status is down.
This fixes long-standing problems when changing settings of the adapter.

Discussed in:
https://lists.freebsd.org/pipermail/freebsd-net/2016-June/045509.html

Submitted by:	arnaud.ysmal@stormshield.eu
Reviewed by:	erj@freebsd.org
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D7030
2017-01-03 08:15:39 +01:00
sbruno
850e1e9622 The buffer address is always overwritten in the extended descriptor format,
we have to refresh it ... always.  This fixes problems reported in NetMap
with em(4) devices after conversion to extended descriptor format in
svn r293331.

Submitted by:	luigi@
Reported by:	franco@opnsense.org
MFC after:	2 days
2016-10-28 16:06:33 +02:00
Franco Fichtner
ef7057cc39 netmap: ring size limit not enough for multi-queue em(4)
Also mutes a spammy message.  Bravely going where no man
has gone before.  :)
2016-10-03 12:46:32 +02:00
Franco Fichtner
eb99233983 src: clean-cut move to release/11.0.0
Taken from: FreeBSD
Commit ref: d508cb8c8f
2016-10-03 12:28:21 +02:00
glebius
7226352c36 Release 6 errata notices for 10.3-RELEASE, all related to Microsoft Hyper-V.
Submitted by:	Dexuan Cui <decui microsoft.com>, gjb
Approved by:	so
2016-08-15 08:32:38 +02:00
np
fdc22de28e MFC r297298:
Plug leak in m_unshare.

m_unshare passes on the source mbuf's flags as-is to m_getcl and this
results in a leak if the flags include M_NOFREE.  The fix is to clear
the bits not listed in M_COPYALL before calling m_getcl.  M_RDONLY
should probably be filtered out too but that's outside the scope of this
fix.

Add assertions in the zone_mbuf and zone_pack ctors to catch similar
bugs.

Update netmap_get_mbuf to not pass M_NOFREE to m_getcl.  It's not clear
what the original code was trying to do but it's likely incorrect.
Updated code is no different functionally but it avoids the newly added
assertions.

Sponsored by:	Chelsio Communications
2016-08-02 07:18:48 +02:00
Ad Schellevis
11586afbb7 revert extended descr format for intel em(4), breaks netmap for some chipsets 2016-08-01 03:24:16 +02:00
Franco Fichtner
85ffd6780c amdtemp: adds APU2 support
Taken from: http://www.pcengines.info/forums/?page=post&id=6DA3284E-4973-4EC5-921D-A93AB72123DC

(cherry picked from commit 629b0b861c)
2016-05-21 08:48:36 +02:00
Franco Fichtner
f9d373c94a netmap: ring size limit not enough for multi-queue em(4)
Also mutes a spammy message.  Bravely going where no man
has gone before.  :)
2016-05-21 08:42:02 +02:00
glebius
e7dc1fdc96 - Use unsigned version of min() when handling arguments of SETFKEY ioctl.
- Validate that user supplied control message length in sendmsg(2)
  is not negative.

Security:	SA-16:18
Security:	CVE-2016-1886
Security:	SA-16:19
Security:	CVE-2016-1887
Submitted by:	C Turt <cturt hardenedbsd.org>
Approved by:	so
2016-05-21 08:31:30 +02:00
Franco Fichtner
51aeb3f459 src: clean-cut move to release/10.3.0
Taken from: FreeBSD
Commit ref: b62280e683e2
2016-05-21 08:25:57 +02:00
glebius
85d7b35221 - Use unsigned version of min() when handling arguments of SETFKEY ioctl.
- Validate that user supplied control message length in sendmsg(2)
  is not negative.

Security:	SA-16:18
Security:	CVE-2016-1886
Security:	SA-16:19
Security:	CVE-2016-1887
Submitted by:	C Turt <cturt hardenedbsd.org>
Approved by:	so
2016-05-18 06:43:11 +02:00
Franco Fichtner
629b0b861c amdtemp: adds APU2 support
Taken from: http://www.pcengines.info/forums/?page=post&id=6DA3284E-4973-4EC5-921D-A93AB72123DC
2016-03-20 08:08:27 +01:00
royger
ec68d634ca MFC r292258:
hyperv/kvp: wake up the daemon if it's sleeping due to poll()

Submitted by:           Dexuan Cui <decui@microsoft.com>
Sponsored by:		Microsoft OSTC
2016-02-08 20:54:53 +01:00
royger
6a4afb0d2e MFC r291156:
Ignore the inbound checksum flags when doing packet forwarding in netvsc
driver.

Sponsored by:	Microsoft OSTC
PR:		203630

(cherry picked from commit a5f1c95b3c8a3114c0dd550de01326f7c442020a)
2016-02-01 21:39:45 +01:00
Franco Fichtner
3f30d7b3bf netmap: ring size limit not enough for multi-queue em(4)
Bravely going where no man has gone before.  :)
2016-01-28 12:29:34 +01:00
glebius
8d5e66974d o Fix filemon and bmake meta-mode stability issues. [EN-16:01] o Fix invalid TCP checksums with pf(4). [EN-16:02.pf] o Fix YP/NIS client library critical bug. [EN-16:03.yplib] o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp] o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp] o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux] o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux] o Fix TCP MD5 signature denial of service. [SA-16:05.tcp] o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]
Errata:		FreeBSD-EN-16:01.filemon
Errata:		FreeBSD-EN-16:02.pf
Errata:		FreeBSD-EN-16:03.yplib
Security:	FreeBSD-SA-16:01.sctp, CVE-2016-1879
Security:	FreeBSD-SA-16:02.ntp, CVE-2015-5300
Security:	FreeBSD-SA-16:03.linux, CVE-2016-1880
Security:	FreeBSD-SA-16:04.linux, CVE-2016-1881
Security:	FreeBSD-SA-16:05.tcp, CVE-2016-1882
Security:	FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
Approved by:	so
2016-01-14 11:21:11 +01:00
Franco Fichtner
453fe71bf8 netmap: mute a spammy netmap message 2015-11-20 11:48:34 +01:00
hselasky
2bc1d40306 Add new USB ID.
MFC after:	1 month
PR:		202968
2015-10-22 07:35:43 +02:00
Franco Fichtner
cd6ee62847 src: clean-cut move to 10.2-RELEASE
Start fresh on master, only apply needed patches on top now.

Upstream commit:	56279fdef34eb28a4655b489b992c651bd8379fc
Taken from:		FreeBSD
2015-08-14 14:15:00 +02:00
delphij
5aa5ada191 Fix integer overflow in IGMP protocol. [SA-15:04]
Fix vt(4) crash with improper ioctl parameters. [EN-15:01]

Updated base system OpenSSL to 1.0.1l. [EN-15:02]

Fix freebsd-update libraries update ordering issue. [EN-15:03]

Approved by:	so
2015-02-25 07:15:48 +01:00
Franco Fichtner
87f480af48 *: upgrade to 10.1 as a bulk commit
Taken from: freebsd.git@29f4af53a2c8248b634f48923da8eb35f5ed0515
2015-02-10 19:21:02 +01:00
delphij
8b8644aa81 Fix OpenSSL NULL pointer deference vulnerability. [SA-14:09]
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2014-0198

Fix data corruption with ciss(4). [EN-14:05]

Errata:		FreeBSD-EN-14:05.ciss

Approved by:	so
2014-11-09 09:32:29 +01:00
Franco Fichtner
402e7dde73 src: initial commit based on FreeBSD-10.0
Taken from:	https://github.com/freebsd/freebsd.git
Commit id:	d44ce30d3054a38723f89a161c5e003e64d1aaae
2014-11-09 09:30:14 +01:00