Stable release: HardenedBSD-stable 10-STABLE v46.22

Submitted by op on

HardenedBSD-10-STABLE-v46.22 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Highlights:

  • Updated amd from am-utils 6.1.5 to 6.2. (78047153f3f320f60a8264a8a33abb8636dbfc7c)
  • Updated hbsd-update-build to cross-build (99496b88337ff9bc63e69f8128011d3bf5ccfb31)
  • Updated segvguard
  • Updated libarchive [FreeBSD-SA-Candidate]
  • Updated file to 5.29 (884efc61f7391700d81bb717ea62d897524b2184)
  • Fixed integer truncation in uipc_accf (0be920e8edf4ba492677df6ab6f14d3b9b2b6245) [FreeBSD-SA-Candidate]
  • Lot of various MFCs, see the git log for them

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-bootonly.iso) = 15af65eaa70174c06a8f22ff455b76bc1007ed6548d8b399ba6195b5df000797a3cbeca76adfc85a28befe4257c7ec3b012a35bd5b756d6170b9d53079aa9cae
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-disc1.iso) = e4f5b8ebc9633aaf0d5ea8d57a9f7834271abd457515c595fab40b2dc8dcb80438e9d30f6ef8f1dee658164e7ebfa20d63546157a2502985a06d24be8b6ccabc
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-memstick.img) = d61deb3e9aeac9a719acbef190701621414b1bbffeae398e5775fb4e9368547b543a2fa13a6003b598b10034a6255871c59ebdaab92acb9a987bed51008ca284
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-mini-memstick.img) = 13ce2d0bd82f2112e658deb363fa08587f4016c37bac91ea8668d308924129545733a8b7b68bef5b5f0a675287934059665e94686fe47e844b3992a652daf68b
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-bootonly.iso) = be43f99c0ad6edea347e011c2c8e72b9a2d70caaff7d48a8416dd2e53877fa6f3558047edb8df930d9beed76a354002bd3cbc3a2b5cb90f26b9b4fb6e45a902b
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-disc1.iso) = f9dbc1180c07661578141844d0151c82e5912121a0457959d1a28d2874a06b897d19390f03bcb43be6f57e8dd6b2a3bf8b4f6b756efa54e15fc925cba9e0b618
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-memstick.img) = f65e83999aaa7f3c347b53a83f34b49d5e413a1a9c7d4a7c87e5086b600051ed668e94c759fcf4e8ca113ac138f782236cf275c256ebabb5c29b264e2b08fc1a
SHA512 (HardenedBSD-10-STABLE-v46.22-amd64-uefi-mini-memstick.img) = 1464759ebdaa767f5a9d44d6cf04975e30bb6ae92a8e32f1e8e4545892a2983cbdf3ac05a7a944e0a49440d1fdb720903376055f84c01787356aa9cbb1c50f5e

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlhegzEACgkQgZsRom/9
GI1H/g/8CGGXdeW2PEA3OUd6uhiHOLJraPMma0ABbQ2PwJ7xjRF3+i1AdwXqr8kE
GRHFXFF0elZIPq2bQ6AxwrYEehkP8PpMwSd4xe06CV87ZG0MNYTq401REyyPAKU1
/sJdn8Ms1XcGiaaT2R7tdE+ETpymYy8NCHpnSHw0ploWBgDYLoIWHoyyGMalqSrM
3ZQ2GDH/gMRFc0rlcFOGHRxNk+CQSp4bCyic24pqhZw/Rrjo4d0KnOSAOla+5thZ
/s48MGopkLwcRdxFq0GGfo4ls6QZezkp7JCHZfCXPsIzbOdrnBdO/zFYD6En/JOy
Abaw7PYG1mOWp5COWbYdImS5R7yCblRBPgQBnrNAWnyRNRqBq4kIOJA2HX8xrIIE
EzqH/L+kVgCtHFaeZwy7Oz+TiDw+mY39tOKRDDVIuaMAbutMWJodXuAM3bL5V1Zu
d+awV9eojp2PrDFb/2dhfnFLwG++OOS5mp/jqaqkTwzgyjNeY4dTSfWfRP5aZ2DH
hF9Wu6Fa/+S71wY6r/Ai+P2kvrmo+FWkYA3i8Pqf+lVSGxlOesOSkcYiDViSWgGD
lb0uFSbx0vzSQnBl8yjLfkblvuxFlTPOTgmE0LcE130RqsFumU4LVXeaKYv9zw6v
2Jyl9GJLjuUwb6xNWP1jvMBHzqrUgYQSa0oeL4Kxw8RbGSZuD80=
=mECJ
-----END PGP SIGNATURE-----


Changelog:

Oliver Pinter (95):

  • HBSD MFC: Update pci ids database to 2016.11.21
  • HBSD MFC: Add Genesys Logic USB hub.
  • HBSD MFC: Fix pw groupshow
  • HBSD MFC: Update local variable 'block' after calling capacity_resize() in mkimg
  • HBSD MFC: libm: fix some unused variable (rcsid) and dangling else warnings
  • HBSD MFC: Provide kern.maxphys sysctl, which returns MAXPHYS. Naming matches NetBSD.
  • HBSD MFC: cd9660_open should check for padding
  • HBSD MFC: cstyle fix of cd9660_open in libstand
  • HBSD MFC: Fix remaining cstyle issues in libstand/cd9660.c
  • HBSD MFC: Fix remaining bugs in libstancd/cd9660.c reported by Bruce Evans.
  • HBSD MFC: libc arc4_stir: use only kern.arandom sysctl
  • HBSD MFC: ANSIfy inflate.c
  • HBSD MFC: abort in srandomdev if kern.arandom sysctl fails
  • HBSD MFC: CAM ccbq sanity: checks on insert and remove
  • HBSD MFC r306529: cam_periph_ccbwait could return while ccb in progress
  • HBSD MFC: gmirror: Use bool instead of boolean_t.
  • HBSD MFC: gmirror: Bump the syncid if broken disks are found during startup.
  • HBSD MFC: gmirror: Write an updated syncid before queuing writes.
  • HBSD MFC: gmirror: Release pending regular requests when synchronization stops.
  • HBSD MFC: gmirror: Add a subroutine to free synchronization BIOs.
  • HBSD MFC: Add test for a musl libc memmem bug
  • HBSD MFC: Just remove freeing memory in pmcstat_cleanup, since we only clean up when we are exiting anyway.
  • HBSD MFC: chown: use NULL instead of 0 for null pointer
  • HBSD MFC: Use correct size type in do_setopt_accept_filter
  • HBSD MFC: Add comment on use of abort() in libc
  • HBSD MFC: kern_linker: Handle module-loading failures in preloaded .ko files
  • HBSD MFC: Skip :uchg on FreeBSD (kyua test)
  • HBSD MFC: Port contrib/netbsd-tests/fs/tmpfs/h_tools.c to FreeBSD
  • HBSD MFC: Expect :large to fail on FreeBSD
  • HBSD MFC: Change atf_skip call to atf_expect_fail to make it clear that a failure is expected
  • HBSD MFC: Fix panic() message reporting ufs instead of nandfs
  • HBSD MFC: Guard against bad service name argument(s) to load_rc_config()
  • HBSD MFC: Increase timeout so low-end platforms have a chance to complete test procedures.
  • HBSD MFC: Increase timeouts so tests have more chances to succeed on MIPS64EB in QEMU.
  • HBSD MFC: Chase a cornercase in printenv and sync its behaviour with builtin's
  • HBSD MFC: Remove a sentence about putting initialization in init_proc.c or kern_proc.c and useless comment.
  • HBSD MFC: Remove register keyword from init_main.
  • HBSD MFC: Add some tools to simplify the use of git
  • HBSD MFC: Set the executable bit on arcgit and importgit
  • HBSD MFC: For CCBs allocated on the stack, we need to clear the entire CCB,
  • HBSD MFC: Only build lib/libc/tests/iconv if MK_ICONV != no
  • HBSD MFC: Expect tests/sys/fs/tmpfs/link_test:kqueue to fail
  • HBSD MFC: Integrate contrib/netbsd-tests/fs/tmpfs into the FreeBSD test suite as tests/sys/fs
  • HBSD MFC: Fix a problem in camcontrol(8) that cropped up with r307684.
  • HBSD MFC: Fix libusb20_dev_get_desc(3) to use the "vendor product" order, not "product vendor".
  • HBSD MFC: Fix a regression introduced in SVN r256678 that breaks USM header parsing
  • HBSD MFC: Make the USB attach strings in dmesg include product name.
  • HBSD MFC: Check m_getcl() return value.
  • HBSD MFC: uhso(4): Fix a null pointer dereference
  • HBSD MFC: Fix WITNESS hints for pagequeue locks.
  • HBSD MFC: Detect integer overflow and limit the number of positional arguments in the string format.
  • HBSD MFC: ANSIfy ffs_subr.c
  • HBSD MFC: Check for lengths being <= 0.
  • HBSD MFC: vidcontrol: improve error handling in vt(4) font loading
  • HBSD MFC: vidcontrol: use calloc where appropriate
  • HBSD MFC: MFV r308392: file 5.29.
  • HBSD MFC: Add -d flag that prints domain only.
  • HBSD MFC: Fix missing '-' for the flags -s and -d on both manpage and usage.
  • HBSD MFC: Add flag -B which does the same like batch mode but without exiting after print.
  • HBSD MFC: pfctl: fix nested inline anchors
  • HBSD MFC: Reply to a snmpEngineID discovery PDU with a Report PDU as per the requirements of RFC 3414 section 4.
  • HBSD MFC: Correct spelling in syslog: getttimeofday -> gettimeofday
  • HBSD MFC: Fix git tools when run against a worktree
  • HBSD MFC: Fix "camcontrol rescan" with SATA drives behind a SAS controller
  • HBSD MFC: On error, bread(9) zeroes buffer pointer, do not dereference it.
  • HBSD MFC: Pass the correct size argument to ioctl(DIOCGSECTORSIZE)
  • HBSD MFC: Fix null dereference when running out of nodes during rename.
  • HBSD MFC: If the kenv variable rc_debug is set, turn on rc_debug.
  • HBSD MFC: Finish incomplete comments in prior revision. I was going to fix this after I tested it, but didn't.
  • HBSD MFC: Fix setrlimit_test:setrlimit_memlock when the system has exceeded vm.max_wired.
  • HBSD MFC: Fix use-after-free bugs in pfsync(4)
  • HBSD MFC: Recognize RealTek ALC1150 7.1 channel HD audio codec.
  • HBSD MFC: Fix too low volume on MSI H170 GAMING M3 board by poking vendor specific COEF.
  • HBSD MFC: pflog: Correctly initialise subrulenr
  • HBSD MFC: Add rcorder-visualize.sh, which generates graphviz from rc.d scripts
  • HBSD MFC: Treat R_X86_64_PLT32 relocs as R_X86_64_PC32.
  • HBSD MFC: Increase output amp on ASUS UX31A by +5dB.
  • HBSD MFC: Improve upon r309394 (pfsync)
  • HBSD MFC: partially MFC tmpfs related kyua changes from a9c431c44f2214e3e855caf9f33584038a840027
  • HBSD MFC: Port vnode_leak_test:main to FreeBSD
  • HBSD MFC: Port sizes_test and statvfs_test to FreeBSD
  • HBSD MFC: Port to mknod_test and readdir_test to FreeBSD
  • HBSD MFC: Port vnd_test to FreeBSD
  • HBSD MFC: Only run mdconfig -d -u 3 if /dev/md3 exists on the system
  • HBSD MFC: Make test_unmount usable in cleanup subroutines
  • HBSD MFC: ignore errors from unmount and use wrappers
  • HBSD MFC: avoid false positive checks in tmpfs test
  • HBSD: fix tmpfs kyua tests on 10-STABLE
  • HBSD MFC: Port contrib/netbsd-tests/fs/h_funcs.subr to FreeBSD
  • HBSD MFC: MFV r309299: Sync libarchive with vendor.
  • HBSD MFC: MFC r309362: Sync libarchive with vendor.
  • HBSD MFC: MFV r309403: Sync libarchive with vendor.
  • HBSD MFC: MFV r309587: Sync libarchive with vendor.
  • HBSD MFC: Merge changes from vendor to address several Coverity issues with contrib/libarchive's tests
  • HBSD MFC: MFV r310115,310184: Sync libarchive with vendor.


Oliver Pinter + (37):

  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master
  • Merge branch 'freebsd/10-stable/master' into hardened/10-stable/master


Shawn Webb (6):

  • HBSD: Check for failed acl_dup
  • HBSD: Use VOP_GETATTR instead of vn_stat in SEGVGUARD
  • HBSD SEGVGUARD: Check if SEGVGUARD is active before doing any work
  • HBSD: Whitespace change for hbsd-update-build
  • HBSD: Only care about the last TXT record
  • HBSD: Teach hbsd-update-build to cross-build


asomers (1):

  • MFC r308806


avg (10):

  • make smbus_get_addr() an ivar accessor
  • MFC r308480: pmc_process_csw_out: ignore deleted counters
  • MFC r308887,309090: fix unsafe modification of zfs_vnodeops when DIAGNOSTIC is enabled
  • MFC r308985: revert r304520, set canmount=on is not supposed to mount the filesystem
  • MFC r306589: Implement iicbus_write_ivar and impelemnt the NOSTOP ivar in both read and write.
  • MFC r309092: fwohci: report whether PhysicalUpperBound register is implemented
  • MFC r308529: intpm: clean up intsmb_bread and intsmb_pcall
  • MFC r309093: firewire: initialize tag label to -1 in fw_xfer_alloc()
  • MFC r309119: virtio_pci: fix announcement of MSI-X interrupts for queues
  • MFC r277511: Fix remote DMA based firewire debugging when targeting systems with more than 4GB of physical memory.


bapt (4):

  • MFC r309544:
  • MFC r309795:
  • MFC r309796:
  • MFC r309803:


brooks (2):

  • MFC r310092:
  • MFC r310088, r310090, r310095


brueffer (1):

  • MFC: r309060


cperciva (1):

  • MFC r308708: Reduce verbosity of warnings about truncating NFS fileids to 32-bit inode numbers.


cy (1):

  • MFC r308493, r308619: Update amd from am-utils 6.1.5 to 6.2.


delphij (5):

  • MFC r309184:
  • MFC r308420: MFV r308392: file 5.29.
  • MFC r309232-309234:
  • MFC r309238,309239:
  • MFC r309241,309243:


des (4):

  • MFH (r296659): the IPv6 address of the L root changed earlier this year
  • MFH (r308297): use what(1) instead of strings(1).
  • MFH (r308996, r309051, r309738): refactor, avoid repeating DNS requests
  • MFH (r309269): use malloc()ed buffers instead of stack buffers


dim (3):

  • MFC r309722:
  • Merge r309860 from stable/9, as this also applies to stable/10:
  • MFC r310013 (by cperciva):


dteske (1):

  • MFC r307402: Guard against bad service name argument(s) to load_rc_config()


ed (1):

  • MFC r309650:


emaste (1):

  • MFC r309298: libm: remove duplicate version script entries


gjb (1):

  • Document EN-16:19, EN-16:20, EN-16:21, SA-16:36, SA-16:37, SA-16:38.


glebius (1):

  • Merge rr309688: address regressions in SA-16:37.libc.


hselasky (3):

  • MFC r309406: Remove useless NULL checks.
  • MFC r309404: Fix return value from ng_uncallout().
  • MFC r309400: Fix for endless recursion in the ACPI GPE handler during boot.


jhb (5):

  • MFC 309613: cxgbe(4): Update firmwares from version 1.16.12.0 to 1.16.22.0.
  • MFC 308690: Sync instruction cache's after writing user breakpoints on MIPS.
  • MFC 309274: Use the correct name for the GCC macro indicating max_align_t is defined.
  • MFC 308820,308821: Fixes for fatal page faults on x86.
  • MFC 309588: Don't attach to Host-PCI bridges with a bad bus number.


kadesai (1):

  • MFC r309284-r309294


ken (2):

  • MFC r307684, r307747 ------------------------------------------------------------------------ r307684 | ken | 2016-10-20 13:42:26 -0600 (Thu, 20 Oct 2016) | 13 lines
  • MFC, r310338: ------------------------------------------------------------------------ r310338 | ken | 2016-12-20 14:17:07 -0700 (Tue, 20 Dec 2016) | 37 lines


kib (8):

  • MFC r309708: Style.
  • MFC r309709: Move map_generation snapshot value into struct faultstate.
  • MFC r296775 (by gibbs): Provide high precision conversion from ns,us,ms -> sbintime in kevent.
  • MFC r310155: Fix typo.
  • MFC r310098: Provide introductory description of the default pager.
  • MFC r310205: Fix typo.
  • MFC r310159: Switch from stdatomic.h to atomic.h for kernel.
  • MFC r310182: In swp_pager_meta_free_all(), fix type of the index variable. Style.


kp (1):

  • MFC r309563: pflog: Correctly initialise subrulenr


lifanov (1):

  • MFC r310160


markj (1):

  • MFC r308350: Fix WITNESS hints for pagequeue locks.


mav (1):

  • MFC 309714: Fix spa_alloc_tree sorting by offset in r305331.


mm (1):

  • Partial MFC r309300:


ngie (1):

  • MFstable/11 r310126:


pfg (1):

  • MFC r310132: libbfd: make sure variables are initialized before using them.


rmacklem (1):

  • MFC: r309566 Fix the NFSv4.1 server for Open reclaim after a reboot.


rpokala (1):

  • MFC r309491: Build smbios.ko as a module for amd64 and i386


trasz (2):

  • MFC r307774:
  • MFC r307902:


vangyzen (4):

  • MFC r309364 r309367 r309624
  • MFC r309625
  • MFC r309460
  • MFC r309676