mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-10 11:05:54 +02:00
ac8da780aa
- Update from 5.14 to 5.17
- Update of rootfile not required
- Changelog
Noteworthy changes in release 5.17 (2022-03-26)
* Improvements
* Added 64-bit LoongArch architecture support.
* Extended personality designation syntax of syscall specification expressions
to support all@pers and %class@pers.
* Enhanced rejection of invalid syscall numbers in syscall specification
expressions.
* Implemented decoding of set_mempolicy_home_node syscall, introduced
in Linux 5.17.
* Implemented decoding of IFLA_GRO_MAX_SIZE and TCA_ACT_IN_HW_COUNT netlink
attributes.
* Implemented decoding of PR_SET_VMA operation of prctl syscall.
* Implemented decoding of siginfo_t.si_pkey field.
* Implemented decoding of LIRC ioctl commands.
* Updated lists of FAN_*, IORING_*, IOSQE_*, KEY_*, KVM_*, MODULE_INIT_*,
TCA_ACT_*, and *_MAGIC constants.
* Updated lists of ioctl commands from Linux 5.17.
Noteworthy changes in release 5.16 (2022-01-10)
* Improvements
* Implemented --secontext=mismatch option to find mismatches in SELinux
contexts.
* Implemented decoding of futex_waitv syscall introduced in Linux 5.16.
* Implemented decoding of BPF_LINK_GET_NEXT_ID and BPF_LINK_GET_FD_BY_ID bpf
syscall commands.
* Enhanced decoding of BPF_MAP_CREATE, BPF_PROG_TEST_RUN, and BPF_PROG_LOAD
bpf syscall commands.
* Enhanced decoding of BTRFS_IOC_FS_INFO ioctl command.
* Updated lists of AUDIT_*, BPF_*, BTRFS_*, DEVCONF_*, FAN_*, ETH_P_*,
IPV4_DEVCONF_*, KVM_*, NDA_*, SO_*, and V4L2_* constants.
* Updated lists of ioctl commands from Linux 5.16.
* Bug fixes
* Fixed build for older Android.
Noteworthy changes in release 5.15 (2021-12-01)
* Improvements
* Implemented --strings-in-hex=non-ascii-chars option for using hexadecimal
numbers instead of octal ones in escape sequences in the output strings.
* Implemented --decode-pids=comm option (and its alias -Y) for printing
command names for PIDs.
* Implemented --decode-pids=pidns as an alias to --pidns-translation option.
* Implemented printing of current working directory when AT_FDCWD constant
is used with --decode-fds=path option enabled.
* Improved printing of syscall names in places where the associated
AUDIT_ARCH_* value is present (ptrace PTRACE_GET_SYSCALL_INFO request,
SIGSYS siginfo_t).
* Implemented decoding of process_mrelease syscall, introduced in Linux 5.15.
* Implemented decoding of SECCOMP_GET_NOTIF_SIZES operation of seccomp
syscall.
* Implemented decoding of HDIO_*, KD*, and SECCOMP_* ioctl commands.
* Implemented decoding of RTM_NEWCACHEREPORT, RTM_{NEW,DEL,GET}NEXTHOP,
and RTM_{NEW,GET}STATS NETLINK_ROUTE netlink messages.
* Implemented decoding of AF_ALG, AF_IEEE802154, AF_MCTP, AF_NFC, AF_QIPCRTR,
AF_RRPC, AF_VSOCK, and AF_XDP socket addresses.
* Implemented decoding of AF_BRIDGE and AF_MCTP protocols for IFLA_AF_SPEC
netlink attribute.
* Implemented decoding of IFLA_BR_MCAST_QUERIER_STATE, IFLA_BR_MULTI_BOOLOPT,
IFLA_INET6_RA_MTU, IFLA_INFO_SLAVE_DATA, and IFLA_VFINFO_LIST netlink
attributes.
* Enhanced decoding of io_uring_register and times syscalls.
* Enhanced IFLA_BR_FORWARD_DELAY, IFLA_BR_MAX_AGE, IFLA_EXT_MASK,
IFLA_PROTINFO, *_INTVL, and *_TIMER netlink attribute decoding.
* Enhanced decoding of AF_IPX and AF_NETLINK socket addresses.
* Updated lists o AF_*, ARPHRD_*, BTRFS_*, DEVCONF_*, DM_*, ETH_P_*,
FAN_REPORT_*, IORING_*, MOVE_MOUNT_*, MPOL_*, PACKET_*, RTM_*, SO_*,
and XFRM_MSG_* constants.
* Updated lists of ioctl commands from Linux 5.15.
* Bug fixes
* Fixed printing of struct bpf_prog_info.map_ids array.
* Fixed behaviour of "dev", "pidfd", and "socket" arguments of the --print-fds
option to no longer imply the "path" argument.
* Fixed insufficient buffer size used for network interface name printing,
that previously led to assertions on attempts of printing interface names
that require quoting, for example, names longer than 4 characters in -xx
mode (addresses RHBZ bug #2028146).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
IPFire 2.x - The Open Source Firewall
What is IPFire?
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario and extensibility make it usable for everyone. For a full list of features have a look here.
This repository contains the source code of IPFire 2.x which is used to build the whole distribution from scratch, since IPFire is not based on any other distribution.
Where can I get IPFire?
Just head over to https://www.ipfire.org/download
How do I use this software?
We have a long and detailed wiki located here which should answers most of your questions.
But I have some questions left. Where can I get support?
You can ask your question at our community located here. A complete list of our support channels can be found here.
How can I contribute?
We have another document for this. Please look here.