FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F12.2 2022-01-10T18:04:06Z 2022-01-10T18:04:06Z Andriy Gapon avg@FreeBSD.org 2021-12-14T14:43:29Z urn:sha1:a165b4591e48cd2adce8215fca73147c016e6cea r368649 fixed a regression in r362031 that was MFC-ed to stable/12 as a part of r362572. That commit reordered IPI send and local TLB flush in TLB invalidations. Without this fix we've been seeing problems with stale memory content where changes done under a mutex were not immediately observed by another thread after taking the same mutex. Those inconsistenices were correlated to copy-on-write faults for pages contaning the data. The change needed some adaptations as I elected to skip two significant intermediate changes: - r363195 / dc43978a, amd64: allow parallel shootdown IPIs - r363311 / 3ec7e169, amd64 pmap: microoptimize local shootdowns for PCID PTI configurations Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D33413 (cherry picked from commit 1820ca2154611d6f27ce5a5fdd561a16ac54fdd8) Approved by: so Errata: FreeBSD-EN-22:04.pcid 2022-01-10T18:04:06Z Konstantin Belousov kib@FreeBSD.org 2021-12-12T02:49:50Z urn:sha1:10fd3f883ad99d7ed999144c93940889e683b971 (cherry picked from commit 73b357be92385cbb70ba19e7023a736af2c6b493) (cherry picked from commit 7e45b72844768d7fd5c3c4d4e29f4e84b4bc0402) Approved by: so Errata: FreeBSD-EN-22:02.xsave 2021-05-26T19:38:41Z Konstantin Belousov kib@FreeBSD.org 2021-05-25T22:19:44Z urn:sha1:bc74f783f9af4ae611abeb79533a18c274b87005 Otherwise asm silently interpret it as the external global symbol. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: bz Sponsored by: The FreeBSD Foundation Fixes: 91aae953cb80 (cherry picked from commit a59f0285377aa3d61cccda64e9ade126ecb3d2d9) (cherry picked from commit b25bb77861640456a77fbf6f34cac4a3b69f0e5f) 2021-05-26T19:38:13Z Konstantin Belousov kib@FreeBSD.org 2021-05-22T19:48:36Z urn:sha1:bb4435255df53118082b3567db6da100962b3822 If copyin family of routines fault, kernel does clear PSL.AC on the fault entry, but the AC flag of the faulted frame is kept intact. Since onfault handler is effectively jump, AC survives until syscall exit. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: m00nbsd, via Sony Reviewed by: markj Sponsored by: The FreeBSD Foundation admbugs: 975 (cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9) (cherry picked from commit 4590f0345956329d414611c6cee300f486732b53) 2020-12-01T19:34:45Z Gordon Tetlow gordon@FreeBSD.org 2020-12-01T19:34:45Z urn:sha1:30710f108d29a61635778e82f300781a097caec4 Approved by: so Security: FreeBSD-EN-20:19.audit 2020-09-15T21:46:39Z Gordon Tetlow gordon@FreeBSD.org 2020-09-15T21:46:39Z urn:sha1:a76dd71a2d142877b19a9b58bbd7d10d8acc253e This actually has a patch to sys/amd64/vmm/amd/svm.c that was accidentally committed as part of r365779. Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:29.bhyve_svm Security: CVE-2020-7467 2020-09-15T21:43:41Z Gordon Tetlow gordon@FreeBSD.org 2020-09-15T21:43:41Z urn:sha1:b96e6772dfc6ee7a704020d8f7e4a0f8b38edbb0 Approved by: so Approved by: re (implicit for releng/12.2) Security: FreeBSD-SA-20:28.bhyve_vmcs Security: CVE-2020-24718 2020-09-14T22:42:17Z Eric Joyner erj@FreeBSD.org 2020-09-14T22:42:17Z urn:sha1:c32f121ec43fbf60be6da1ca87476ace1ed15a85 This also adds the "package" file that's loaded by the device for configuration, used in the included ice_ddp kernel module. MFS of r365612 and r365731. Approved by: re (gjb@) Relnotes: yes Sponsored by: Intel Corporation 2020-09-08T03:55:49Z Peter Grehan grehan@FreeBSD.org 2020-09-08T03:55:49Z urn:sha1:7cfc606e8b0a6da0bb35a71856b2b299dcf04d4a Allow guest device MMIO access from bootmem memory segments. Differential Revision: https://reviews.freebsd.org/D25955 2020-09-01T12:11:59Z Edward Tomasz Napierala trasz@FreeBSD.org 2020-09-01T12:11:59Z urn:sha1:891564a31aa5087bfdc1702f30eede0ce37b004a Regen after r363304. Sponsored by: The FreeBSD Foundation