From owner-freebsd-security@FreeBSD.ORG Mon Jan 20 15:30:38 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4DC07E; Mon, 20 Jan 2014 15:30:38 +0000 (UTC) Received: from pi.nmdps.net (pi.nmdps.net [109.61.102.5]) by mx1.freebsd.org (Postfix) with ESMTP id 0B4851A84; Mon, 20 Jan 2014 15:30:37 +0000 (UTC) Received: from pi.nmdps.net (localhost [127.0.0.1]) (Authenticated sender: krichy@cflinux.hu) by pi.nmdps.net (Postfix) with ESMTPSA id C467611EF; Mon, 20 Jan 2014 16:30:36 +0100 (CET) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_e29d732e9be4cf639842cb9d8de74c22" Date: Mon, 20 Jan 2014 16:30:34 +0100 From: krichy@cflinux.hu To: Richard Kojedzinszky Subject: Re: ZFS .zfs DoS In-Reply-To: References: Message-ID: X-Sender: krichy@cflinux.hu User-Agent: Roundcube Webmail/0.9.5 X-Mailman-Approved-At: Mon, 20 Jan 2014 15:56:33 +0000 Cc: freebsd-fs@freebsd.org, freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jan 2014 15:30:38 -0000 --=_e29d732e9be4cf639842cb9d8de74c22 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8; format=flowed Dear users, I've worked out a patch for my known issues, please somebody test them, and give recommendations, fixes. Regards, 2014-01-17 03:11 időpontban Richard Kojedzinszky ezt írta: > Dear users, > > For a long time now I've been investigating problems relating FreeBSD > ZFS .zfs handling, and found that I am not enough to fix issues. Until > fixes arrive, unfortunately a regular user can DoS a FreeBSD system > which has ZFS filesystems with the attached script. While the script > expects a snapshot argument to be given, actually the first test case > does not need that, only a mounted zfs filesystem is enough. For more > of the tests a snapshot may be needed, and later ones need root > account also. > > I would recommend that until this gets rewritten or fixed at all, one > should disable access to .zfs at all with someting like I've attached. > > Regards, > Kojedzinszky Richard --=_e29d732e9be4cf639842cb9d8de74c22 Content-Transfer-Encoding: base64 Content-Type: text/x-diff; name=gfs-4.patch Content-Disposition: attachment; filename=gfs-4.patch; size=11842 Y29tbWl0IGY1NmQ2NTk2Yjc5YzliYTc2ODUxZWU2YmVhMjI1ZjIyY2M5ZjBhMjYKQXV0aG9yOiBS aWNoYXJkIEtvamVkemluc3preSA8a3JpY2h5QGNmbGludXguaHU+CkRhdGU6ICAgRnJpIEphbiAx NyAyMjo1NzozMyAyMDE0ICswMTAwCgogICAgWkZTL0dGUyBoYW5kbGluZyBmaXhlcwoKZGlmZiAt LWdpdCBhL3N5cy9jZGRsL2NvbXBhdC9vcGVuc29sYXJpcy9rZXJuL29wZW5zb2xhcmlzX2xvb2t1 cC5jIGIvc3lzL2NkZGwvY29tcGF0L29wZW5zb2xhcmlzL2tlcm4vb3BlbnNvbGFyaXNfbG9va3Vw LmMKaW5kZXggOTQzODNkNi4uNGNhYzA1MyAxMDA2NDQKLS0tIGEvc3lzL2NkZGwvY29tcGF0L29w ZW5zb2xhcmlzL2tlcm4vb3BlbnNvbGFyaXNfbG9va3VwLmMKKysrIGIvc3lzL2NkZGwvY29tcGF0 L29wZW5zb2xhcmlzL2tlcm4vb3BlbnNvbGFyaXNfbG9va3VwLmMKQEAgLTgxLDYgKzgxLDggQEAg dHJhdmVyc2Uodm5vZGVfdCAqKmN2cHAsIGludCBsa3R5cGUpCiAJICogcHJvZ3Jlc3Mgb24gdGhp cyB2bm9kZS4KIAkgKi8KIAorCXZuX2xvY2soY3ZwLCBsa3R5cGUpOworCiAJZm9yICg7Oykgewog CQkvKgogCQkgKiBSZWFjaGVkIHRoZSBlbmQgb2YgdGhlIG1vdW50IGNoYWluPwpAQCAtODksMTMg KzkxLDcgQEAgdHJhdmVyc2Uodm5vZGVfdCAqKmN2cHAsIGludCBsa3R5cGUpCiAJCWlmICh2ZnNw ID09IE5VTEwpCiAJCQlicmVhazsKIAkJZXJyb3IgPSB2ZnNfYnVzeSh2ZnNwLCAwKTsKLQkJLyoK LQkJICogdHZwIGlzIE5VTEwgZm9yICpjdnBwIHZub2RlLCB3aGljaCB3ZSBjYW4ndCB1bmxvY2su Ci0JCSAqLwotCQlpZiAodHZwICE9IE5VTEwpCi0JCQl2cHV0KGN2cCk7Ci0JCWVsc2UKLQkJCXZy ZWxlKGN2cCk7CisJCVZPUF9VTkxPQ0soY3ZwLCAwKTsKIAkJaWYgKGVycm9yKQogCQkJcmV0dXJu IChlcnJvcik7CiAKQEAgLTEwNyw2ICsxMDMsOSBAQCB0cmF2ZXJzZSh2bm9kZV90ICoqY3ZwcCwg aW50IGxrdHlwZSkKIAkJdmZzX3VuYnVzeSh2ZnNwKTsKIAkJaWYgKGVycm9yICE9IDApCiAJCQly ZXR1cm4gKGVycm9yKTsKKworCQlWTl9SRUxFKGN2cCk7CisKIAkJY3ZwID0gdHZwOwogCX0KIApk aWZmIC0tZ2l0IGEvc3lzL2NkZGwvY29tcGF0L29wZW5zb2xhcmlzL2tlcm4vb3BlbnNvbGFyaXNf dmZzLmMgYi9zeXMvY2RkbC9jb21wYXQvb3BlbnNvbGFyaXMva2Vybi9vcGVuc29sYXJpc192ZnMu YwppbmRleCBhMjUzMmY4Li5jMzAyYTU0IDEwMDY0NAotLS0gYS9zeXMvY2RkbC9jb21wYXQvb3Bl bnNvbGFyaXMva2Vybi9vcGVuc29sYXJpc192ZnMuYworKysgYi9zeXMvY2RkbC9jb21wYXQvb3Bl bnNvbGFyaXMva2Vybi9vcGVuc29sYXJpc192ZnMuYwpAQCAtMTk0LDEwICsxOTQsOCBAQCBtb3Vu dF9zbmFwc2hvdChrdGhyZWFkX3QgKnRkLCB2bm9kZV90ICoqdnBwLCBjb25zdCBjaGFyICpmc3R5 cGUsIGNoYXIgKmZzcGF0aCwKIAkJVklfTE9DSyh2cCk7CiAJCXZwLT52X2lmbGFnICY9IH5WSV9N T1VOVDsKIAkJVklfVU5MT0NLKHZwKTsKLQkJdnJlbGUodnApOwogCQl2ZnNfdW5idXN5KG1wKTsK IAkJdmZzX21vdW50X2Rlc3Ryb3kobXApOwotCQkqdnBwID0gTlVMTDsKIAkJcmV0dXJuIChlcnJv cik7CiAJfQogCkBAIC0yMjgsNyArMjI2LDcgQEAgbW91bnRfc25hcHNob3Qoa3RocmVhZF90ICp0 ZCwgdm5vZGVfdCAqKnZwcCwgY29uc3QgY2hhciAqZnN0eXBlLCBjaGFyICpmc3BhdGgsCiAJdmZz X2V2ZW50X3NpZ25hbChOVUxMLCBWUV9NT1VOVCwgMCk7CiAJaWYgKFZGU19ST09UKG1wLCBMS19F WENMVVNJVkUsICZtdnApKQogCQlwYW5pYygibW91bnQ6IGxvc3QgbW91bnQiKTsKLQl2cHV0KHZw KTsKKwlWT1BfVU5MT0NLKHZwLCAwKTsKIAl2ZnNfdW5idXN5KG1wKTsKIAkqdnBwID0gbXZwOwog CXJldHVybiAoMCk7CmRpZmYgLS1naXQgYS9zeXMvY2RkbC9jb250cmliL29wZW5zb2xhcmlzL3V0 cy9jb21tb24vZnMvZ2ZzLmMgYi9zeXMvY2RkbC9jb250cmliL29wZW5zb2xhcmlzL3V0cy9jb21t b24vZnMvZ2ZzLmMKaW5kZXggNTk5NDRhMS4uMjllYzQ1NCAxMDA2NDQKLS0tIGEvc3lzL2NkZGwv Y29udHJpYi9vcGVuc29sYXJpcy91dHMvY29tbW9uL2ZzL2dmcy5jCisrKyBiL3N5cy9jZGRsL2Nv bnRyaWIvb3BlbnNvbGFyaXMvdXRzL2NvbW1vbi9mcy9nZnMuYwpAQCAtNDQ4LDcgKzQ0OCw2IEBA IGdmc19sb29rdXBfZG90KHZub2RlX3QgKip2cHAsIHZub2RlX3QgKmR2cCwgdm5vZGVfdCAqcHZw LCBjb25zdCBjaGFyICpubSkKIAkJCVZOX0hPTEQocHZwKTsKIAkJCSp2cHAgPSBwdnA7CiAJCX0K LQkJdm5fbG9jaygqdnBwLCBMS19FWENMVVNJVkUgfCBMS19SRVRSWSk7CiAJCXJldHVybiAoMCk7 CiAJfQogCkBAIC00ODUsNiArNDg0LDcgQEAgZ2ZzX2ZpbGVfY3JlYXRlKHNpemVfdCBzaXplLCB2 bm9kZV90ICpwdnAsIHZmc190ICp2ZnNwLCB2bm9kZW9wc190ICpvcHMpCiAJZnAgPSBrbWVtX3ph bGxvYyhzaXplLCBLTV9TTEVFUCk7CiAJZXJyb3IgPSBnZXRuZXd2bm9kZSgiemZzIiwgdmZzcCwg b3BzLCAmdnApOwogCUFTU0VSVChlcnJvciA9PSAwKTsKKwlWTl9MT0NLX0FTSEFSRSh2cCk7CiAJ dm5fbG9jayh2cCwgTEtfRVhDTFVTSVZFIHwgTEtfUkVUUlkpOwogCXZwLT52X2RhdGEgPSAoY2Fk ZHJfdClmcDsKIApAQCAtNDk2LDkgKzQ5Niw5IEBAIGdmc19maWxlX2NyZWF0ZShzaXplX3Qgc2l6 ZSwgdm5vZGVfdCAqcHZwLCB2ZnNfdCAqdmZzcCwgdm5vZGVvcHNfdCAqb3BzKQogCWZwLT5nZnNf c2l6ZSA9IHNpemU7CiAJZnAtPmdmc190eXBlID0gR0ZTX0ZJTEU7CiAKLQl2cC0+dl92ZmxhZyB8 PSBWVl9GT1JDRUlOU01ROworCXZwLT52X3ZmbGFnIHw9IFZWX0ZPUkNFSU5TTVEgfCBWVl9JTlNN UUhFQUQ7CiAJZXJyb3IgPSBpbnNtbnRxdWUodnAsIHZmc3ApOwotCXZwLT52X3ZmbGFnICY9IH5W Vl9GT1JDRUlOU01ROworCXZwLT52X3ZmbGFnICY9IH4oVlZfRk9SQ0VJTlNNUSB8IFZWX0lOU01R SEVBRCk7CiAJS0FTU0VSVChlcnJvciA9PSAwLCAoImluc21udHF1ZSgpIGZhaWxlZDogZXJyb3Ig JWQiLCBlcnJvcikpOwogCiAJLyoKQEAgLTYzNywxMiArNjM3LDcgQEAgZ2ZzX2ZpbGVfaW5hY3Rp dmUodm5vZGVfdCAqdnApCiAJaWYgKGZwLT5nZnNfcGFyZW50ID09IE5VTEwgfHwgKHZwLT52X2Zs YWcgJiBWX1hBVFRSRElSKSkKIAkJZ290byBmb3VuZDsKIAotCS8qCi0JICogWFhYIGNvcGUgd2l0 aCBhIEZyZWVCU0Qtc3BlY2lmaWMgcmFjZSB3aGVyZWluIHRoZSBwYXJlbnQncwotCSAqIHNuYXBz aG90IGRhdGEgY2FuIGJlIGZyZWVkIGJlZm9yZSB0aGUgcGFyZW50IGlzCi0JICovCi0JaWYgKChk cCA9IGZwLT5nZnNfcGFyZW50LT52X2RhdGEpID09IE5VTEwpCi0JCXJldHVybiAoTlVMTCk7CisJ ZHAgPSBmcC0+Z2ZzX3BhcmVudC0+dl9kYXRhOwogCiAJLyoKIAkgKiBGaXJzdCwgc2VlIGlmIHRo aXMgdm5vZGUgaXMgY2FjaGVkIGluIHRoZSBwYXJlbnQuCkBAIC02NjksMzcgKzY2NCw0NCBAQCBm b3VuZDoKIAlpZiAodnAtPnZfZmxhZyAmIFZfWEFUVFJESVIpCiAJCVZJX0xPQ0soZnAtPmdmc19w YXJlbnQpOwogI2VuZGlmCi0JVklfTE9DSyh2cCk7Ci0JLyoKLQkgKiBSZWFsbHkgcmVtb3ZlIHRo aXMgdm5vZGUKLQkgKi8KLQlkYXRhID0gdnAtPnZfZGF0YTsKLQlpZiAoZ2UgIT0gTlVMTCkgewor CWlmICh2cC0+dl9jb3VudCA9PSAwIHx8IHZwLT52X2lmbGFnICYgVklfRE9PTUVEKSB7CiAJCS8q Ci0JCSAqIElmIHRoaXMgd2FzIGEgc3RhdGljYWxseSBjYWNoZWQgZW50cnksIHNpbXBseSBzZXQg dGhlCi0JCSAqIGNhY2hlZCB2bm9kZSB0byBOVUxMLgorCQkgKiBSZWFsbHkgcmVtb3ZlIHRoaXMg dm5vZGUKIAkJICovCi0JCWdlLT5nZnNlX3Zub2RlID0gTlVMTDsKLQl9Ci0JVklfVU5MT0NLKHZw KTsKKwkJZGF0YSA9IHZwLT52X2RhdGE7CisJCWlmIChnZSAhPSBOVUxMKSB7CisJCQkvKgorCQkJ ICogSWYgdGhpcyB3YXMgYSBzdGF0aWNhbGx5IGNhY2hlZCBlbnRyeSwgc2ltcGx5IHNldCB0aGUK KwkJCSAqIGNhY2hlZCB2bm9kZSB0byBOVUxMLgorCQkJICovCisJCQlnZS0+Z2ZzZV92bm9kZSA9 IE5VTEw7CisJCX0KKyNpZmRlZiBUT0RPCisJCWlmICh2cC0+dl9mbGFnICYgVl9YQVRUUkRJUikK KwkJCVZJX1VOTE9DSyhmcC0+Z2ZzX3BhcmVudCk7CisjZW5kaWYKIAotCS8qCi0JICogRnJlZSB2 bm9kZSBhbmQgcmVsZWFzZSBwYXJlbnQKLQkgKi8KLQlpZiAoZnAtPmdmc19wYXJlbnQpIHsKLQkJ aWYgKGRwKQotCQkJZ2ZzX2Rpcl91bmxvY2soZHApOwotCQlWT1BfVU5MT0NLKHZwLCAwKTsKLQkJ Vk5fUkVMRShmcC0+Z2ZzX3BhcmVudCk7Ci0JCXZuX2xvY2sodnAsIExLX0VYQ0xVU0lWRSB8IExL X1JFVFJZKTsKKwkJLyoKKwkJICogRnJlZSB2bm9kZSBhbmQgcmVsZWFzZSBwYXJlbnQKKwkJICov CisJCWlmIChmcC0+Z2ZzX3BhcmVudCkgeworCQkJaWYgKGRwKQorCQkJCWdmc19kaXJfdW5sb2Nr KGRwKTsKKwkJCVZOX1JFTEUoZnAtPmdmc19wYXJlbnQpOworCQl9IGVsc2UgeworCQkJQVNTRVJU KHZwLT52X3Zmc3AgIT0gTlVMTCk7CisJCQlWRlNfUkVMRSh2cC0+dl92ZnNwKTsKKwkJfQogCX0g ZWxzZSB7Ci0JCUFTU0VSVCh2cC0+dl92ZnNwICE9IE5VTEwpOwotCQlWRlNfUkVMRSh2cC0+dl92 ZnNwKTsKLQl9CisJCWRhdGEgPSBOVUxMOwogI2lmZGVmIFRPRE8KLQlpZiAodnAtPnZfZmxhZyAm IFZfWEFUVFJESVIpCi0JCVZJX1VOTE9DSyhmcC0+Z2ZzX3BhcmVudCk7CisJCWlmICh2cC0+dl9m bGFnICYgVl9YQVRUUkRJUikKKwkJCVZJX1VOTE9DSyhmcC0+Z2ZzX3BhcmVudCk7CiAjZW5kaWYK KwkJaWYgKGRwKQorCQkJZ2ZzX2Rpcl91bmxvY2soZHApOworCX0KKwogCXJldHVybiAoZGF0YSk7 CiB9CiAKQEAgLTEyMzAsMTYgKzEyMzIsMTUgQEAgZ2ZzX3ZvcF9pbmFjdGl2ZShhcCkKIHsKIAl2 bm9kZV90ICp2cCA9IGFwLT5hX3ZwOwogCWdmc19maWxlX3QgKmZwID0gdnAtPnZfZGF0YTsKKwl2 b2lkICpkYXRhOwogCiAJaWYgKGZwLT5nZnNfdHlwZSA9PSBHRlNfRElSKQotCQlnZnNfZGlyX2lu YWN0aXZlKHZwKTsKKwkJZGF0YSA9IGdmc19kaXJfaW5hY3RpdmUodnApOwogCWVsc2UKLQkJZ2Zz X2ZpbGVfaW5hY3RpdmUodnApOworCQlkYXRhID0gZ2ZzX2ZpbGVfaW5hY3RpdmUodnApOwogCi0J VklfTE9DSyh2cCk7Ci0JdnAtPnZfZGF0YSA9IE5VTEw7Ci0JVklfVU5MT0NLKHZwKTsKLQlrbWVt X2ZyZWUoZnAsIGZwLT5nZnNfc2l6ZSk7CisJaWYgKGRhdGEgIT0gTlVMTCkKKwkJa21lbV9mcmVl KGRhdGEsIGZwLT5nZnNfc2l6ZSk7CiAKIAlyZXR1cm4gKDApOwogfQpkaWZmIC0tZ2l0IGEvc3lz L2NkZGwvY29udHJpYi9vcGVuc29sYXJpcy91dHMvY29tbW9uL2ZzL3pmcy96ZnNfY3RsZGlyLmMg Yi9zeXMvY2RkbC9jb250cmliL29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc19jdGxk aXIuYwppbmRleCAyOGFiMWZhLi4xNWE1NWQyIDEwMDY0NAotLS0gYS9zeXMvY2RkbC9jb250cmli L29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc19jdGxkaXIuYworKysgYi9zeXMvY2Rk bC9jb250cmliL29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc19jdGxkaXIuYwpAQCAt NjEyLDcgKzYxMiw3IEBAIHpmc2N0bF9mcmVlYnNkX3Jvb3RfbG9va3VwKGFwKQogCiAJZXJyID0g emZzY3RsX3Jvb3RfbG9va3VwKGR2cCwgbm0sIHZwcCwgTlVMTCwgMCwgTlVMTCwgY3IsIE5VTEws IE5VTEwsIE5VTEwpOwogCWlmIChlcnIgPT0gMCAmJiAobm1bMF0gIT0gJy4nIHx8IG5tWzFdICE9 ICdcMCcpKQotCQl2bl9sb2NrKCp2cHAsIExLX0VYQ0xVU0lWRSB8IExLX1JFVFJZKTsKKwkJZXJy ID0gdm5fbG9jaygqdnBwLCBhcC0+YV9jbnAtPmNuX2xrZmxhZ3MpOwogCXJldHVybiAoZXJyKTsK IH0KIApAQCAtOTc1LDggKzk3NSwxMSBAQCB6ZnNjdGxfc25hcGRpcl9sb29rdXAoYXApCiAJWkZT X0VOVEVSKHpmc3Zmcyk7CiAKIAlpZiAoZ2ZzX2xvb2t1cF9kb3QodnBwLCBkdnAsIHpmc3Zmcy0+ el9jdGxkaXIsIG5tKSA9PSAwKSB7CisJCWVyciA9IDA7CisJCWlmIChubVswXSAhPSAnLicgfHwg bm1bMV0gIT0gJ1wwJykKKwkJCWVyciA9IHZuX2xvY2soKnZwcCwgYXAtPmFfY25wLT5jbl9sa2Zs YWdzKTsKIAkJWkZTX0VYSVQoemZzdmZzKTsKLQkJcmV0dXJuICgwKTsKKwkJcmV0dXJuIChlcnIp OwogCX0KIAogCWlmIChmbGFncyAmIEZJR05PUkVDQVNFKSB7CkBAIC0xMDA0LDcgKzEwMDcsNyBA QCB6ZnNjdGxfc25hcGRpcl9sb29rdXAoYXApCiAJaWYgKChzZXAgPSBhdmxfZmluZCgmc2RwLT5z ZF9zbmFwcywgJnNlYXJjaCwgJndoZXJlKSkgIT0gTlVMTCkgewogCQkqdnBwID0gc2VwLT5zZV9y b290OwogCQlWTl9IT0xEKCp2cHApOwotCQllcnIgPSB0cmF2ZXJzZSh2cHAsIExLX0VYQ0xVU0lW RSB8IExLX1JFVFJZKTsKKwkJZXJyID0gdHJhdmVyc2UodnBwLCBhcC0+YV9jbnAtPmNuX2xrZmxh Z3MpOwogCQlpZiAoZXJyICE9IDApIHsKIAkJCVZOX1JFTEUoKnZwcCk7CiAJCQkqdnBwID0gTlVM TDsKQEAgLTEwMTMsNiArMTAxNiw4IEBAIHpmc2N0bF9zbmFwZGlyX2xvb2t1cChhcCkKIAkJCSAq IFRoZSBzbmFwc2hvdCB3YXMgdW5tb3VudGVkIGJlaGluZCBvdXIgYmFja3MsCiAJCQkgKiB0cnkg dG8gcmVtb3VudCBpdC4KIAkJCSAqLworCQkJVk5fSE9MRCgqdnBwKTsKKwkJCVZPUF9VTkxPQ0so KnZwcCwgMCk7CiAJCQlWRVJJRlkoemZzY3RsX3NuYXBzaG90X3puYW1lKGR2cCwgbm0sIE1BWE5B TUVMRU4sIHNuYXBuYW1lKSA9PSAwKTsKIAkJCWdvdG8gZG9tb3VudDsKIAkJfSBlbHNlIHsKQEAg LTEwNjQsNyArMTA2OSw2IEBAIHpmc2N0bF9zbmFwZGlyX2xvb2t1cChhcCkKIAlzZXAtPnNlX25h bWUgPSBrbWVtX2FsbG9jKHN0cmxlbihubSkgKyAxLCBLTV9TTEVFUCk7CiAJKHZvaWQpIHN0cmNw eShzZXAtPnNlX25hbWUsIG5tKTsKIAkqdnBwID0gc2VwLT5zZV9yb290ID0gemZzY3RsX3NuYXBz aG90X21rbm9kZShkdnAsIGRtdV9vYmpzZXRfaWQoc25hcCkpOwotCVZOX0hPTEQoKnZwcCk7CiAJ YXZsX2luc2VydCgmc2RwLT5zZF9zbmFwcywgc2VwLCB3aGVyZSk7CiAKIAlkbXVfb2Jqc2V0X3Jl bGUoc25hcCwgRlRBRyk7CkBAIC0xMDkxLDcgKzEwOTUsNiBAQCBkb21vdW50OgogCW11dGV4X2V4 aXQoJnNkcC0+c2RfbG9jayk7CiAJWkZTX0VYSVQoemZzdmZzKTsKIAotI2lmZGVmIGlsbHVtb3MK IAkvKgogCSAqIElmIHdlIGhhZCBhbiBlcnJvciwgZHJvcCBvdXIgaG9sZCBvbiB0aGUgdm5vZGUg YW5kCiAJICogemZzY3RsX3NuYXBzaG90X2luYWN0aXZlKCkgd2lsbCBjbGVhbiB1cC4KQEAgLTEx MDAsMTAgKzExMDMsNiBAQCBkb21vdW50OgogCQlWTl9SRUxFKCp2cHApOwogCQkqdnBwID0gTlVM TDsKIAl9Ci0jZWxzZQotCWlmIChlcnIgIT0gMCkKLQkJKnZwcCA9IE5VTEw7Ci0jZW5kaWYKIAly ZXR1cm4gKGVycik7CiB9CiAKQEAgLTExMzAsOCArMTEyOSwxMSBAQCB6ZnNjdGxfc2hhcmVzX2xv b2t1cChhcCkKIAlzdHJsY3B5KG5tLCBjbnAtPmNuX25hbWVwdHIsIGNucC0+Y25fbmFtZWxlbiAr IDEpOwogCiAJaWYgKGdmc19sb29rdXBfZG90KHZwcCwgZHZwLCB6ZnN2ZnMtPnpfY3RsZGlyLCBu bSkgPT0gMCkgeworCQllcnJvciA9IDA7CisJCWlmIChubVswXSAhPSAnLicgfHwgbm1bMV0gIT0g J1wwJykKKwkJCWVycm9yID0gdm5fbG9jaygqdnBwLCBhcC0+YV9jbnAtPmNuX2xrZmxhZ3MpOwog CQlaRlNfRVhJVCh6ZnN2ZnMpOwotCQlyZXR1cm4gKDApOworCQlyZXR1cm4gKGVycm9yKTsKIAl9 CiAKIAlpZiAoemZzdmZzLT56X3NoYXJlc19kaXIgPT0gMCkgewpAQCAtMTM0NCwyMiArMTM0Niwx NSBAQCB6ZnNjdGxfc25hcGRpcl9pbmFjdGl2ZShhcCkKIAl2bm9kZV90ICp2cCA9IGFwLT5hX3Zw OwogCXpmc2N0bF9zbmFwZGlyX3QgKnNkcCA9IHZwLT52X2RhdGE7CiAJemZzX3NuYXBlbnRyeV90 ICpzZXA7Ci0KLQkvKgotCSAqIE9uIGZvcmNlZCB1bm1vdW50IHdlIGhhdmUgdG8gZnJlZSBzbmFw c2hvdHMgZnJvbSBoZXJlLgotCSAqLwotCW11dGV4X2VudGVyKCZzZHAtPnNkX2xvY2spOwotCXdo aWxlICgoc2VwID0gYXZsX2ZpcnN0KCZzZHAtPnNkX3NuYXBzKSkgIT0gTlVMTCkgewotCQlhdmxf cmVtb3ZlKCZzZHAtPnNkX3NuYXBzLCBzZXApOwotCQlrbWVtX2ZyZWUoc2VwLT5zZV9uYW1lLCBz dHJsZW4oc2VwLT5zZV9uYW1lKSArIDEpOwotCQlrbWVtX2ZyZWUoc2VwLCBzaXplb2YgKHpmc19z bmFwZW50cnlfdCkpOworCXZvaWQgKnByaXZhdGU7CisKKwlwcml2YXRlID0gZ2ZzX2Rpcl9pbmFj dGl2ZSh2cCk7CisJaWYgKHByaXZhdGUgIT0gTlVMTCkgeworCQlBU1NFUlQoYXZsX251bW5vZGVz KCZzZHAtPnNkX3NuYXBzKSA9PSAwKTsKKwkJbXV0ZXhfZGVzdHJveSgmc2RwLT5zZF9sb2NrKTsK KwkJYXZsX2Rlc3Ryb3koJnNkcC0+c2Rfc25hcHMpOworCQlrbWVtX2ZyZWUocHJpdmF0ZSwgc2l6 ZW9mICh6ZnNjdGxfc25hcGRpcl90KSk7CiAJfQotCW11dGV4X2V4aXQoJnNkcC0+c2RfbG9jayk7 Ci0JZ2ZzX2Rpcl9pbmFjdGl2ZSh2cCk7Ci0JQVNTRVJUKGF2bF9udW1ub2Rlcygmc2RwLT5zZF9z bmFwcykgPT0gMCk7Ci0JbXV0ZXhfZGVzdHJveSgmc2RwLT5zZF9sb2NrKTsKLQlhdmxfZGVzdHJv eSgmc2RwLT5zZF9zbmFwcyk7Ci0Ja21lbV9mcmVlKHNkcCwgc2l6ZW9mICh6ZnNjdGxfc25hcGRp cl90KSk7CiAKIAlyZXR1cm4gKDApOwogfQpAQCAtMTQ0MSw3ICsxNDM2LDYgQEAgemZzY3RsX3Nu YXBzaG90X21rbm9kZSh2bm9kZV90ICpwdnAsIHVpbnQ2NF90IG9ianNldCkKIAogCXZwID0gZ2Zz X2Rpcl9jcmVhdGUoc2l6ZW9mICh6ZnNjdGxfbm9kZV90KSwgcHZwLCBwdnAtPnZfdmZzcCwKIAkg ICAgJnpmc2N0bF9vcHNfc25hcHNob3QsIE5VTEwsIE5VTEwsIE1BWE5BTUVMRU4sIE5VTEwsIE5V TEwpOwotCVZOX0hPTEQodnApOwogCXpjcCA9IHZwLT52X2RhdGE7CiAJemNwLT56Y19pZCA9IG9i anNldDsKIAlWT1BfVU5MT0NLKHZwLCAwKTsKQEAgLTE0NjIsMTggKzE0NTYsMjUgQEAgemZzY3Rs X3NuYXBzaG90X2luYWN0aXZlKGFwKQogCXpmc2N0bF9zbmFwZGlyX3QgKnNkcDsKIAl6ZnNfc25h cGVudHJ5X3QgKnNlcCwgKm5leHQ7CiAJaW50IGxvY2tlZDsKLQl2bm9kZV90ICpkdnA7CisJZ2Zz X2Rpcl90ICpkcCA9IHZwLT52X2RhdGE7CisJdm5vZGVfdCAqZHZwID0gZHAtPmdmc2RfZmlsZS5n ZnNfcGFyZW50OwogCi0JaWYgKHZwLT52X2NvdW50ID4gMCkKLQkJZ290byBlbmQ7Ci0KLQlWRVJJ RlkoZ2ZzX2Rpcl9sb29rdXAodnAsICIuLiIsICZkdnAsIGNyLCAwLCBOVUxMLCBOVUxMKSA9PSAw KTsKKwlWTl9IT0xEKGR2cCk7CisJVk9QX1VOTE9DSyh2cCwgMCk7CiAJc2RwID0gZHZwLT52X2Rh dGE7Ci0JVk9QX1VOTE9DSyhkdnAsIDApOwogCiAJaWYgKCEobG9ja2VkID0gTVVURVhfSEVMRCgm c2RwLT5zZF9sb2NrKSkpCiAJCW11dGV4X2VudGVyKCZzZHAtPnNkX2xvY2spOwogCisJdm5fbG9j ayh2cCwgTEtfRVhDTFVTSVZFIHwgTEtfUkVUUlkpOworCisJaWYgKHZwLT52X2NvdW50ID4gMCkg eworCQlpZiAoIWxvY2tlZCkKKwkJCW11dGV4X2V4aXQoJnNkcC0+c2RfbG9jayk7CisJCVZOX1JF TEUoZHZwKTsKKwkJcmV0dXJuKDApOworCX0KKwogCUFTU0VSVCghdm5faXNtbnRwdCh2cCkpOwog CiAJc2VwID0gYXZsX2ZpcnN0KCZzZHAtPnNkX3NuYXBzKTsKQEAgLTE0OTQsNyArMTQ5NSw2IEBA IHpmc2N0bF9zbmFwc2hvdF9pbmFjdGl2ZShhcCkKIAkJbXV0ZXhfZXhpdCgmc2RwLT5zZF9sb2Nr KTsKIAlWTl9SRUxFKGR2cCk7CiAKLWVuZDoKIAkvKgogCSAqIERpc3Bvc2Ugb2YgdGhlIHZub2Rl IGZvciB0aGUgc25hcHNob3QgbW91bnQgcG9pbnQuCiAJICogVGhpcyBpcyBzYWZlIHRvIGRvIGJl Y2F1c2Ugb25jZSB0aGlzIGVudHJ5IGhhcyBiZWVuIHJlbW92ZWQKQEAgLTE1ODgsNyArMTU4OCw3 IEBAIHpmc2N0bF9zbmFwc2hvdF9sb29rdXAoYXApCiAJZXJyb3IgPSB6ZnNjdGxfcm9vdF9sb29r dXAoemZzdmZzLT56X2N0bGRpciwgInNuYXBzaG90IiwgdnBwLAogCSAgICBOVUxMLCAwLCBOVUxM LCBjciwgTlVMTCwgTlVMTCwgTlVMTCk7CiAJaWYgKGVycm9yID09IDApCi0JCXZuX2xvY2soKnZw cCwgTEtfRVhDTFVTSVZFIHwgTEtfUkVUUlkpOworCQllcnJvciA9IHZuX2xvY2soKnZwcCwgYXAt PmFfY25wLT5jbl9sa2ZsYWdzKTsKIAlyZXR1cm4gKGVycm9yKTsKIH0KIApkaWZmIC0tZ2l0IGEv c3lzL2NkZGwvY29udHJpYi9vcGVuc29sYXJpcy91dHMvY29tbW9uL2ZzL3pmcy96ZnNfdmZzb3Bz LmMgYi9zeXMvY2RkbC9jb250cmliL29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc192 ZnNvcHMuYwppbmRleCA4ZWI4OTUzLi44ZWE3NjYxIDEwMDY0NAotLS0gYS9zeXMvY2RkbC9jb250 cmliL29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc192ZnNvcHMuYworKysgYi9zeXMv Y2RkbC9jb250cmliL29wZW5zb2xhcmlzL3V0cy9jb21tb24vZnMvemZzL3pmc192ZnNvcHMuYwpA QCAtMjAzNiwxMiArMjAzNiw3IEBAIHpmc191bW91bnQodmZzX3QgKnZmc3AsIGludCBmZmxhZykK IAkgKi8KIAlpZiAoemZzdmZzLT56X2N0bGRpciAhPSBOVUxMKQogCQl6ZnNjdGxfZGVzdHJveSh6 ZnN2ZnMpOwotCWlmICh6ZnN2ZnMtPnpfaXNzbmFwKSB7Ci0JCXZub2RlX3QgKnN2cCA9IHZmc3At Pm1udF92bm9kZWNvdmVyZWQ7CiAKLQkJaWYgKHN2cC0+dl9jb3VudCA+PSAyKQotCQkJVk5fUkVM RShzdnApOwotCX0KIAl6ZnNfZnJlZXZmcyh2ZnNwKTsKIAogCXJldHVybiAoMCk7CmRpZmYgLS1n aXQgYS9zeXMva2Vybi92ZnNfc3Vici5jIGIvc3lzL2tlcm4vdmZzX3N1YnIuYwppbmRleCA5MWM2 NGEzLi4yOWI2Mzk1IDEwMDY0NAotLS0gYS9zeXMva2Vybi92ZnNfc3Vici5jCisrKyBiL3N5cy9r ZXJuL3Zmc19zdWJyLmMKQEAgLTExOTgsNyArMTE5OCwxMCBAQCBpbnNtbnRxdWUxKHN0cnVjdCB2 bm9kZSAqdnAsIHN0cnVjdCBtb3VudCAqbXAsCiAJfQogCXZwLT52X21vdW50ID0gbXA7CiAJTU5U X1JFRihtcCk7Ci0JVEFJTFFfSU5TRVJUX1RBSUwoJm1wLT5tbnRfbnZub2RlbGlzdCwgdnAsIHZf bm1udHZub2Rlcyk7CisJaWYgKHZwLT52X3ZmbGFnICYgVlZfSU5TTVFIRUFEKQorCQlUQUlMUV9J TlNFUlRfSEVBRCgmbXAtPm1udF9udm5vZGVsaXN0LCB2cCwgdl9ubW50dm5vZGVzKTsKKwllbHNl CisJCVRBSUxRX0lOU0VSVF9UQUlMKCZtcC0+bW50X252bm9kZWxpc3QsIHZwLCB2X25tbnR2bm9k ZXMpOwogCVZOQVNTRVJUKG1wLT5tbnRfbnZub2RlbGlzdHNpemUgPj0gMCwgdnAsCiAJCSgibmVn IG1vdW50IHBvaW50IHZub2RlIGxpc3Qgc2l6ZSIpKTsKIAltcC0+bW50X252bm9kZWxpc3RzaXpl Kys7CmRpZmYgLS1naXQgYS9zeXMvc3lzL3Zub2RlLmggYi9zeXMvc3lzL3Zub2RlLmgKaW5kZXgg YjBjYmNjMC4uOGRmYWUzYSAxMDA2NDQKLS0tIGEvc3lzL3N5cy92bm9kZS5oCisrKyBiL3N5cy9z eXMvdm5vZGUuaApAQCAtMjUzLDYgKzI1Myw3IEBAIHN0cnVjdCB4dm5vZGUgewogI2RlZmluZQlW Vl9ERUxFVEVECTB4MDQwMAkvKiBzaG91bGQgYmUgcmVtb3ZlZCAqLwogI2RlZmluZQlWVl9NRAkJ MHgwODAwCS8qIHZub2RlIGJhY2tzIHRoZSBtZCBkZXZpY2UgKi8KICNkZWZpbmUJVlZfRk9SQ0VJ TlNNUQkweDEwMDAJLyogZm9yY2UgdGhlIGluc21udHF1ZSB0byBzdWNjZWVkICovCisjZGVmaW5l CVZWX0lOU01RSEVBRAkweDIwMDAJLyogaW5zZXJ0IGluc3RlYWQgb2YgYXBwZW5kaW5nIHRvIG1u dF9udm5vZGVsaXN0ICovCiAKIC8qCiAgKiBWbm9kZSBhdHRyaWJ1dGVzLiAgQSBmaWVsZCB2YWx1 ZSBvZiBWTk9WQUwgcmVwcmVzZW50cyBhIGZpZWxkIHdob3NlIHZhbHVlCg== --=_e29d732e9be4cf639842cb9d8de74c22--