upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-12 21:52:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys
History
Ed Maste dc9874eaa0 proto: change device permissions to 0600 
C Turt reports that the driver is not thread safe and may have
exploitable races.

Note that the proto device is intended for prototyping and development,
and is not for use on production systems.  From the man page:

SECURITY CONSIDERATIONS
     Because programs have direct access to the hardware, the proto
     driver is inherently insecure.  It is not advisable to use this
     driver on a production machine.

The proto device is not included in any of FreeBSD's kernel config files
(although the module is built).

The issues in the proto device still need to be fixed, and the device is
inherently (and intentionally) insecure, but it might as well be limited
to root only.

admbugs:	782
Reported by:	C Turt <ecturt@gmail.com>
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2018-11-22 16:55:09 +00:00
..
amd64 Align IA32_ARCH_CAP MSR definitions and use with SDM rev. 068. 2018-11-16 21:27:11 +00:00
arm acpica: rework INTRNG interrupts 2018-11-19 03:02:47 +00:00
arm64 Handle kernel superpage mappings in pmap_remove_l2(). 2018-11-20 15:12:37 +00:00
bsm sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
cam Add cam_iosched_set_latfcn to set a latency callback for high latency. 2018-11-15 16:02:45 +00:00
cddl Revert r340096: 9952 Block size change during zfs receive drops spill block 2018-11-21 18:18:57 +00:00
compat linuxkpi: Use pageproc instead of vmproc 2018-11-21 04:34:18 +00:00
conf cxgbe(4): Update T4/5/6 firmwares to 1.22.0.3. 2018-11-19 21:59:07 +00:00
contrib Ensure that libnv can be used when kern.trap_enotcap=1. 2018-11-13 20:07:55 +00:00
crypto rijndael (AES): Avoid leaking sensitive data on kernel stack 2018-10-26 20:53:01 +00:00
ddb ddb: Enable 'thread <address>' 2018-10-20 20:45:49 +00:00
dev proto: change device permissions to 0600 2018-11-22 16:55:09 +00:00
dts Fix test-dts{,o} targets 2018-11-12 22:18:11 +00:00
fs proc: convert pfind & friends to use pidhash locks and other cleanup 2018-11-21 20:15:56 +00:00
gdb amd64: Protect the kernel text, data, and BSS by setting the RW/NX bits 2018-03-06 14:28:37 +00:00
geom Revert r340187, it breaks EOD (end-of-device) detection logic. Turns out, 2018-11-07 16:28:09 +00:00
gnu Update our devicetree to 4.19 for arm and arm64 2018-11-10 21:02:32 +00:00
i386 Add evdev support to amd64 and i386 kernels 2018-11-12 21:01:28 +00:00
isa Reapply, with minor tweaks, r338025, from the original commit: 2018-09-26 17:12:14 +00:00
kern uipc_usrreq: fix inode number assignment 2018-11-21 22:25:05 +00:00
kgssapi OpenCrypto: Convert sessions to opaque handles instead of integers 2018-07-18 00:56:25 +00:00
libkern mcount: tidy up ANSIfication 2018-10-20 22:39:35 +00:00
mips Fix access to cpu_model[] in mtk_soc_set_cpu_model() 2018-11-19 06:48:48 +00:00
modules cxgbe(4): Update T4/5/6 firmwares to 1.22.0.3. 2018-11-19 21:59:07 +00:00
net Unbreak kernel build with VLAN_ARRAY defined. 2018-11-21 13:34:21 +00:00
net80211 Fix misspellings of transmitter/transmitted 2018-08-10 20:37:32 +00:00
netgraph Unbreak ng_source(4) for 64-bit platforms including amd64. 2018-11-19 07:27:50 +00:00
netinet Improve two KASSERTs in the TCP RACK stack. 2018-11-21 18:19:15 +00:00
netinet6 Add ability to use dynamic external prefix in ipfw_nptv6 module. 2018-11-12 11:20:59 +00:00
netipsec Add sadb_x_sa2 extension to SADB_ACQUIRE requests. 2018-10-21 14:19:16 +00:00
netpfil Add ability to use dynamic external prefix in ipfw_nptv6 module. 2018-11-12 11:20:59 +00:00
netsmb Make timespecadd(3) and friends public 2018-07-30 15:46:40 +00:00
nfs Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9). 2018-06-16 08:26:23 +00:00
nfsclient style: Remove remaining deprecated MALLOC/FREE macros 2018-01-25 22:25:13 +00:00
nfsserver sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
nlm Use syscall_helper_register() to register syscalls and initialize though 2018-02-10 01:09:22 +00:00
ofed Introduce and use sgid_index in CM requests in ibcore. 2018-09-09 07:20:15 +00:00
opencrypto Add sha224 to the authctx union. 2018-10-23 18:07:37 +00:00
powerpc Enable evdev on ppc32 2018-11-20 19:31:02 +00:00
riscv RISC-V: Implement get_cyclecount(9). 2018-11-13 18:20:27 +00:00
rpc Set SO_SNDTIMEO in the client side krpc when CLSET_TIMEOUT is done. 2018-07-20 12:03:16 +00:00
security Add const to input-only char * arguments. 2018-11-02 20:50:22 +00:00
sparc64 Given that the idea of D15374 was to "make memmove a first class citizen", 2018-11-20 00:08:33 +00:00
sys proc: convert pfind & friends to use pidhash locks and other cleanup 2018-11-21 20:15:56 +00:00
teken Implement ECMA-48 "REP", some Linuxen have started emitting them recently. 2018-10-21 08:29:36 +00:00
tests epoch_test: fix compile 2018-07-15 00:31:17 +00:00
tools Use ${ECHO} in dtb/dtbo build, pass in from dtb.mk for -s 2018-11-09 18:56:40 +00:00
ufs Add d_off support for multiple filesystems. 2018-11-14 14:18:35 +00:00
vm linuxkpi: Use pageproc instead of vmproc 2018-11-21 04:34:18 +00:00
x86 Add definitions for Intel Speed Shift 2018-11-21 00:21:58 +00:00
xdr sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
xen xen: legacy PVH fixes for the new interrupt count 2018-09-13 07:14:11 +00:00
Makefile Move sys/boot to stand. Fix all references to new location 2017-11-14 23:02:19 +00:00