Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

swap fixes #2269

Merged
merged 3 commits into from
Dec 20, 2024
Merged

swap fixes #2269

merged 3 commits into from
Dec 20, 2024

Conversation

bsdjhb
Copy link
Collaborator

@bsdjhb bsdjhb commented Dec 18, 2024

  • swap_pager: Transfer CHERI tags if the fast pass works
  • swap_pager: Use swblk_lookup in CHERI helper functions

@bsdjhb
Copy link
Collaborator Author

bsdjhb commented Dec 18, 2024

Only compile tested, not runtime tested yet.

bsdjhb
bsdjhb commented Dec 18, 2024
View reviewed changes
sys/vm/swap_pager.c Outdated Show resolved Hide resolved
markjdb
markjdb reviewed Dec 18, 2024
View reviewed changes
sys/vm/swap_pager.c Outdated Show resolved Hide resolved
@bsdjhb bsdjhb merged commit 60fed0d into CTSRD-CHERI:dev Dec 20, 2024
29 checks passed
@bsdjhb bsdjhb deleted the swap_fixes branch December 20, 2024 18:44
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
@mmatuska
Update vendor/libarchive to 3.7.5
2022efa 
Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)

Important bugfixes:
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type

Obtained from:	libarchive
Vendor commit: 	12ecf8418ab3595d66cdea1abadcea8b6a9d288b
CVE:		CVE-2024-20696, CVE-2024-26256
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
@mmatuska
libarchive: merge from vendor branch
bd66c1b 
Libarchive 3.7.7

Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)
 #2330 iso: be more cautious about parsing ISO-9660 timestamps
 #2343 tar: clean up linkpath between entries
 #2364 tar: don't crash on truncated tar archives
 #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip
 #2377 tar: fix two leaks in tar header parsing

Important bugfixes:
 CTSRD-CHERI#2096 rar5: report encrypted entries
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 #2338 tar: fix memory leaks when processing symlinks or parsing pax headers
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type
 #2360 tar: fix truncation of entry pathnames in specific archives

CVE:		CVE-2024-20696, CVE-2024-26256
PR:		282047 (exp-run)
MFC after:	1 week
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
@mmatuska @bsdjhb
libarchive: merge from vendor branch
7e526ad 
Libarchive 3.7.7

Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)
 #2330 iso: be more cautious about parsing ISO-9660 timestamps
 #2343 tar: clean up linkpath between entries
 #2364 tar: don't crash on truncated tar archives
 #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip
 #2377 tar: fix two leaks in tar header parsing

Important bugfixes:
 CTSRD-CHERI#2096 rar5: report encrypted entries
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 #2338 tar: fix memory leaks when processing symlinks or parsing pax headers
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type
 #2360 tar: fix truncation of entry pathnames in specific archives

CVE:		CVE-2024-20696, CVE-2024-26256
PR:		282047 (exp-run)
MFC after:	1 week
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markjdb markjdb markjdb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bsdjhb @markjdb