From nobody Thu Jul 27 17:38:09 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RBdK01MMkz4prYZ for ; Thu, 27 Jul 2023 17:38:10 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RBdJx6DL8z3l8f; Thu, 27 Jul 2023 17:38:09 +0000 (UTC) (envelope-from jkim@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690479489; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eSOvIYB1DqFeWk9eEF+M4CFutipHRRhjt0qy1Kz/tf8=; b=n0m0VLrUBMsAK9MgpYnlww6sdoswzLIIiUoKSNojNlKdunm8DX9novRvfEedm0Z+rFtiax +gEHK5Sc7nBVw9jqdkZizrWb8WqXqmFHZit7GnLfaDx8Hd8zKlz7Pcnymzif9lJAPd/ozx Gj2cDcflBKfX3G7nD6l0QrXHu6vCtqA4CJLuCmaLy0H5mJDvT9TH8X+UkE2LIE+5vahpLb K5JVFbU/vPibc2leOxmsEyJH8qHZgu7ZKFPyV64KPO5AfFYJwWjXNjtx/bbv/X34E1BzRS BzVAoHU+txOyg35Ps6zjUXNEEZasXr0b+9dFh5c/Ierq0ZL/epj0JTgSnLZrqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690479489; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eSOvIYB1DqFeWk9eEF+M4CFutipHRRhjt0qy1Kz/tf8=; b=ia23lMq2f9pZr6q6Tjoo4G0G8i2HDVkHrNiuaBS7TdROGi92DniD1F920ymNae47IRXOzk oeMgrOP0nYmZxxScu42/Dj6RiwlhkXNJ4s3hM9VV4Tzgy0pTqvVlzemo+C55pK7+JxQBbY NJ558eZaJLWYpgREfWTasyRqIO8369yE+bzACs3sBpkFYUuYfmQw0jsRVSXhqRto9Cfvzr m7r8YMdK58b6z/QFOKx/PEn60H4cJlSB5VgIajhY7HrPeSEFVAE1xEFoIJPfmZMbMXFeR3 nRO3a/+OiT8fTMyuRLc3XhkqwSYXBu/b2mTuVoa31KLXCzmEf/aIx/ykYi2C1A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690479489; a=rsa-sha256; cv=none; b=TAZvBX8eTKjj6+y5mIVSpZpQaK9aGCNoxhZPiRLrKaOfe9lnjfeM3C/8ws7bxN527foHx4 QlRe2WSYnQif5udzkaWO+KBX72O7CliJIajb44n17QAyyDb+P3/kILJusM65sFO1yN+wEj JINUIbILy1IH1uR/3qJIePLLaQkfYj5njoeciPZXzB09Upvy8zjyQ+17rif01tcmKk7PmH +3clGquqjb3Kx3HknMqt3trySQaDrjaFSXC7xnUEYk7Wq/BenLf+tszaslSMWYA4eZTPZQ HmXySEXaohEyFie6FobAyFvbI516TBysVt+uGPZeiDG4Fmoi4Myq7wvZobHL+g== Received: from freefall.freebsd.org (pool-108-53-224-100.nwrknj.fios.verizon.net [108.53.224.100]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) (Authenticated sender: jkim/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4RBdJx3YgZzgrq; Thu, 27 Jul 2023 17:38:09 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Message-ID: Date: Thu, 27 Jul 2023 13:38:09 -0400 List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.13.1 Subject: Re: Zenbleed Content-Language: en-US From: Jung-uk Kim To: mike tancsa , Shawn Webb , 0x1eef <0x1eef@protonmail.com> Cc: "freebsd-security@freebsd.org" References: <20230726214636.yblem2s4sgapb6cw@mutt-hbsd> Organization: FreeBSD.org In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------3morKbgXGTpjagAj7b10qvS9" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------3morKbgXGTpjagAj7b10qvS9 Content-Type: multipart/mixed; boundary="------------afeJj5BGlcDcsb6Z9ywAKHMV"; protected-headers="v1" From: Jung-uk Kim To: mike tancsa , Shawn Webb , 0x1eef <0x1eef@protonmail.com> Cc: "freebsd-security@freebsd.org" Message-ID: Subject: Re: Zenbleed References: <20230726214636.yblem2s4sgapb6cw@mutt-hbsd> In-Reply-To: --------------afeJj5BGlcDcsb6Z9ywAKHMV Content-Type: multipart/mixed; boundary="------------op2XDHzBL0FslIs7AzFjVHN0" --------------op2XDHzBL0FslIs7AzFjVHN0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 T24gMjMuIDcuIDI3LiwgSnVuZy11ayBLaW0gd3JvdGU6DQo+IE9uIDIzLiA3LiAyNy4sIG1p a2UgdGFuY3NhIHdyb3RlOg0KPj4gT24gNy8yNi8yMDIzIDU6NDYgUE0sIFNoYXduIFdlYmIg d3JvdGU6DQo+Pj4gT24gV2VkLCBKdWwgMjYsIDIwMjMgYXQgMDg6MzQ6NTZQTSArMDAwMCwg MHgxZWVmIHdyb3RlOg0KPj4+PiBIZWxsbywNCj4+Pj4NCj4+Pj4gSSB3YXMgY3VyaW91cyBp ZiB0aGVyZSBhcmUgcGxhbnMgdG8gYXBwbHkgdGhlICJjaGlja2VuIGJpdCINCj4+Pj4gd29y a2Fyb3VuZCBmb3IgdGhlIFJ5emVuIGxpbmUgb2YgcHJvY2Vzc29ycy4gQSBmaXJtd2FyZQ0K Pj4+PiB1cGRhdGUgaXMgbm90IHNjaGVkdWxlZCB0byBiZSByZWxlYXNlZCB1bnRpbCBOb3Yg b3IgRGVjDQo+Pj4+IGF0IHRoZSBlYXJsaWVzdC4gVGhhbmtzLg0KPj4+IEZvciB0aG9zZSB0 aGF0IHdvdWxkIGxpa2UgdG8gdGVzdCBpZiB0aGVpciBzeXN0ZW1zIGFyZSBhZmZlY3RlZCwg dGhpcw0KPj4+IHByb29mLW9mLWNvbmNlcHQgd2FzIHJlcG9ydGVkIHRvIHdvcmsgb24gYXQg bGVhc3Qgb25lIHN5c3RlbToNCj4+Pg0KPj4+IGh0dHBzOi8vZ2l0LmhhcmRlbmVkYnNkLm9y Zy9zaGF3bi53ZWJiL3plbmJsZWVkLy0vdHJlZS9zaGF3bi53ZWJiL2JzZC9tYWluDQo+Pj4N Cj4+PiBCdWlsZGluZyBpdCBkZXBlbmRzIG9uIGdtYWtlIGFuZCBuYXNtLiBZb3UnbGwgd2Fu dCB0byBiZSBvbiB0aGUNCj4+PiBzaGF3bi53ZWJiL2JzZC9tYWluIGJyYW5jaC4NCj4+DQo+ PiBUaGFua3MgZm9yIHRoYXQuIElzIHRoZXJlIGEgd2F5IHRvIGNvbXBpbGUgb24gUkVMRU5H XzEyIG9yIGlzIGl0IDEzIA0KPj4gb25seSA/DQo+Pg0KPj4gJSBnbWFrZQ0KPj4gY2MgLU8w IC1nZ2RiMyAtbWFyY2g9em52ZXIywqDCoCAtYyAtbyBwYXR0ZXJuLm8gcGF0dGVybi5jDQo+ PiBwYXR0ZXJuLmM6MTU6MTA6IGZhdGFsIGVycm9yOiAnc3lzL3N5c2luZm8uaCcgZmlsZSBu b3QgZm91bmQNCj4+ICNpbmNsdWRlIDxzeXMvc3lzaW5mby5oPg0KPj4gwqDCoMKgwqDCoMKg wqDCoMKgIF5+fn5+fn5+fn5+fn5+fg0KPj4gMSBlcnJvciBnZW5lcmF0ZWQuDQo+PiBnbWFr ZTogKioqIFs8YnVpbHRpbj46IHBhdHRlcm4ub10gRXJyb3IgMQ0KPiANCj4gSSBndWVzcyB5 b3UgY2hlY2tlZCBvdXQgYSB3cm9uZyBicmFuY2guwqAgUGxlYXNlIHNlZSB0aGUgYXR0YWNo ZWQgbWluaW1hbCANCj4gcGF0Y2ggSSBtYWRlIGZvciBGcmVlQlNELsKgIEkgdGhpbmsgaXQg d2lsbCB3b3JrIG9uIGFueSBzdXBwb3J0ZWQgRnJlZUJTRCANCj4gYnJhbmNoZXMuwqAgTm90 ZSB0aGUgb3JpZ2luYWwgZXhwbG9pdCBpcyBhdmFpbGFibGUgZnJvbSBoZXJlOg0KPiANCj4g aHR0cHM6Ly9sb2NrLmNtcHhjaGc4Yi5jb20vZmlsZXMvemVuYmxlZWQtdjUudGFyLmd6DQoN CldpdGggdGhlIGZvcmdvdHRlbiBhdHRhY2htZW50Lg0KDQpKdW5nLXVrIEtpbQ0K --------------op2XDHzBL0FslIs7AzFjVHN0 Content-Type: text/x-patch; charset=UTF-8; name="zenbleed.diff" Content-Disposition: attachment; filename="zenbleed.diff" Content-Transfer-Encoding: base64 LS0tIHplbmJsZWVkL3BhdHRlcm4uYy5vcmlnCTIwMjMtMDctMjMgMTA6NDU6MzIuMDAwMDAw MDAwIC0wNDAwCisrKyB6ZW5ibGVlZC9wYXR0ZXJuLmMJMjAyMy0wNy0yNyAxMjoyNjoyOC4z MjQzNDYwMDAgLTA0MDAKQEAgLTYsMTMgKzYsMTQgQEAKICNpbmNsdWRlIDxzdGRib29sLmg+ CiAjaW5jbHVkZSA8eDg2aW50cmluLmg+CiAjaW5jbHVkZSA8c2NoZWQuaD4KKyNpZmRlZiBf X2xpbnV4X18KICNpbmNsdWRlIDxzeXNjYWxsLmg+CisjZW5kaWYKICNpbmNsdWRlIDxlcnIu aD4KICNpbmNsdWRlIDxwdGhyZWFkLmg+CiAjaW5jbHVkZSA8YXNzZXJ0Lmg+CiAjaW5jbHVk ZSA8Y3R5cGUuaD4KICNpbmNsdWRlIDxzaWduYWwuaD4KLSNpbmNsdWRlIDxzeXMvc3lzaW5m by5oPgogCiAjaW5jbHVkZSAiemVuYmxlZWQuaCIKIApAQCAtODIsNyArODMsNyBAQCB2b2lk ICogcGF0dGVybl9sZWFrX2NvbnN1bWVyKHZvaWQgKnBhcmFtKQogICAgICAgICAgICAgfQog ICAgICAgICB9CiAKLSAgICAgICAgZnByaW50ZihzdGRvdXQsICIlLipzIiwgbWF0Y2hsZW4s IG1hdGNocHRyKTsKKyAgICAgICAgZnByaW50ZihzdGRvdXQsICIlLipzIiwgKGludCltYXRj aGxlbiwgbWF0Y2hwdHIpOwogCiAgICAgICAgIC8vIElmIHRoZSBtYXRjaCBpcyBiaWdnZXIg dGhhbiBvdXIgcGF0dGVybiBzaXplLCB3ZSBza2lwIHRvIHRoZSBlbmQgb2YgaXQuCiAgICAg ICAgIGlmIChtYXRjaGxlbiA+IHBhdGxlbikgewotLS0gemVuYmxlZWQvdXRpbC5jLm9yaWcJ MjAyMy0wNy0yMyAxMDo0NTozMi4wMDAwMDAwMDAgLTA0MDAKKysrIHplbmJsZWVkL3V0aWwu YwkyMDIzLTA3LTI3IDEzOjI2OjA5LjUwOTU4ODAwMCAtMDQwMApAQCAtNDYsNiArNDYsOSBA QCBib29sIG51bV9pbnJhbmdlKGNoYXIgKnJhbmdlLCBpbnQgbnVtKQogYm9vbCBudW1faW5y YW5nZShjaGFyICpyYW5nZSwgaW50IG51bSkKIHsKICAgICBjaGFyICpyLCAqcywgKmU7Cisj aWZuZGVmIF9fbGludXhfXworICAgIHNpemVfdCBsZW47CisjZW5kaWYKIAogICAgIC8vIEV4 YW1wbGU6CiAgICAgLy8gMSwyLDMsNC04LDIKQEAgLTUzLDcgKzU2LDE0IEBAIGJvb2wgbnVt X2lucmFuZ2UoY2hhciAqcmFuZ2UsIGludCBudW0pCiAgICAgaWYgKHJhbmdlID09IE5VTEwp CiAgICAgICAgIHJldHVybiBmYWxzZTsKIAotICAgIHMgPSBzdHJ0b2tfcihzdHJkdXBhKHJh bmdlKSwgIiwiLCAmcik7CisjaWZuZGVmIF9fbGludXhfXworICAgIGxlbiA9IHN0cmxlbihy YW5nZSkgKyAxOworICAgIHMgPSBhbGxvY2EobGVuKTsKKyAgICBtZW1jcHkocywgcmFuZ2Us IGxlbik7CisjZWxzZQorICAgIHMgPSBzdHJkdXBhKHJhbmdlKTsKKyNlbmRpZgorICAgIHMg PSBzdHJ0b2tfcihzLCAiLCIsICZyKTsKIAogICAgIHdoaWxlIChzKSB7CiAgICAgICAgIGlu dCBzdGFydDsKLS0tIHplbmJsZWVkL3plbmJsZWVkLmMub3JpZwkyMDIzLTA3LTIzIDEwOjQ1 OjMyLjAwMDAwMDAwMCAtMDQwMAorKysgemVuYmxlZWQvemVuYmxlZWQuYwkyMDIzLTA3LTI3 IDEzOjA3OjI3LjUwMjc4MDAwMCAtMDQwMApAQCAtNiwxMyArNiwxNiBAQAogI2luY2x1ZGUg PHN0ZGJvb2wuaD4KICNpbmNsdWRlIDx4ODZpbnRyaW4uaD4KICNpbmNsdWRlIDxzY2hlZC5o PgorI2lmZGVmIF9fRnJlZUJTRF9fCisjaW5jbHVkZSA8cHRocmVhZF9ucC5oPgorI2Vsc2UK ICNpbmNsdWRlIDxzeXNjYWxsLmg+CisjZW5kaWYKICNpbmNsdWRlIDxlcnIuaD4KICNpbmNs dWRlIDxwdGhyZWFkLmg+CiAjaW5jbHVkZSA8YXNzZXJ0Lmg+CiAjaW5jbHVkZSA8Y3R5cGUu aD4KICNpbmNsdWRlIDxzaWduYWwuaD4KLSNpbmNsdWRlIDxzeXMvc3lzaW5mby5oPgogCiAj aW5jbHVkZSAiemVuYmxlZWQuaCIKIApAQCAtMjk4LDcgKzMwMSw3IEBAIGludCBtYWluKGlu dCBhcmdjLCBjaGFyICoqYXJndikgewogICAgIH0KIAogICAgIC8vIFdlIHNwYXduIGEgdGhy ZWFkIG9uIGV2ZXJ5IGV2YWlsYWJsZSBjb3JlIGFuZCBzdGFydCBsZWFraW5nIHRvIHNlZSB3 aGF0IHdlIGdldC4KLSAgICBuY3B1cyAgID0gZ2V0X25wcm9jcygpOworICAgIG5jcHVzID0g c3lzY29uZihfU0NfTlBST0NFU1NPUlNfT05MTik7CiAgICAgdGhyZWFkX2FyZ190KiBhcmdz ID0gY2FsbG9jKHNpemVvZih0aHJlYWRfYXJnX3QpLCBuY3B1cyk7CiAgICAgdGhyZWFkcyA9 IGNhbGxvYyhzaXplb2YocHRocmVhZF90KSwgbmNwdXMpOwogCg== --------------op2XDHzBL0FslIs7AzFjVHN0-- --------------afeJj5BGlcDcsb6Z9ywAKHMV-- --------------3morKbgXGTpjagAj7b10qvS9 Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAmTCq4EFAwAAAAAACgkQfJ+WJvzb8UbD dQf+J7TY/G3La8Iz/AQTBdWnF/T4A23TNITomZc1+5kDm6cdac98nRnUqQq2X5sv4lN8GwULIcPy ZTVh2fJG3Ex5IqOG5PWSpiXqRL59q3bvg2PU8z+s7b5DbTEZlC5XPGwlCq/hiWvDvX3qdbbK7rg/ w++j3N0/wiD6sCus5RlVohaSkvV8nRbsQCcuaAOlr9Giiys6drstF2B2x6HxdrZ5vT3vb/QqosJK T9tVSUFNOTe06YRsjskfMwl2G4L65ZSHwaaRyAOfm4JkCAGPSnddYOqVMZT+NMIq8Q+6fg23f97e dTcq53aVspLIAQXpuuY8VKXTgM13iksloKlOGgaWhw== =uZde -----END PGP SIGNATURE----- --------------3morKbgXGTpjagAj7b10qvS9--