diff options
| author |   Alexis Ballier <aballier@gentoo.org> | 2009-06-26 05:50:20 +0000 |
|---|---|---|
| committer | Alexis Ballier <aballier@gentoo.org> | 2009-06-26 05:50:20 +0000 |
| commit | 250e76d0f46d4e3dc2660cf2af7e6bd4535fb631 (patch) | |
| tree | 2ea82f3aad3486eb654643c05b5ed8b53cf74f9a /sys-freebsd/freebsd-sources | |
| parent | Automated update of use.local.desc (diff) | |
| download | gentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.tar.gz gentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.tar.bz2 gentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.zip | |
Add patches for the two latest security advisories for FreeBSD kernel.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'sys-freebsd/freebsd-sources')
4 files changed, 158 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog index e9694d8382c0..35ddfeb03269 100644 --- a/sys-freebsd/freebsd-sources/ChangeLog +++ b/sys-freebsd/freebsd-sources/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-freebsd/freebsd-sources # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.49 2009/05/22 13:50:44 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.50 2009/06/26 05:50:20 aballier Exp $ + +*freebsd-sources-7.2-r1 (26 Jun 2009) + + 26 Jun 2009; Alexis Ballier <aballier@gentoo.org> + +freebsd-sources-7.2-r1.ebuild, +files/freebsd-sources-7.2-ipv6.patch, + +files/freebsd-sources-7.2-pipe.patch: + Add patches for the two latest security advisories for FreeBSD kernel. *freebsd-sources-7.2 (22 May 2009) diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch new file mode 100644 index 000000000000..de8e0ac27c9b --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch @@ -0,0 +1,25 @@ +http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc + +Index: sys/netinet6/in6.c +=================================================================== +RCS file: /home/ncvs/src/sys/netinet6/in6.c,v +retrieving revision 1.109 +diff -p -u -I__FBSDID -I$FreeBSD -u -r1.109 in6.c +--- sys/netinet6/in6.c 27 May 2009 14:11:23 -0000 1.109 ++++ sys/netinet6/in6.c 8 Jun 2009 18:02:59 -0000 +@@ -215,6 +215,7 @@ in6_control(struct socket *so, u_long cm + case SIOCSRTRFLUSH_IN6: + case SIOCSDEFIFACE_IN6: + case SIOCSIFINFO_FLAGS: ++ case SIOCSIFINFO_IN6: + if (td != NULL) { + error = priv_check(td, PRIV_NETINET_ND6); + if (error) +@@ -223,7 +224,6 @@ in6_control(struct socket *so, u_long cm + /* FALLTHROUGH */ + case OSIOCGIFINFO_IN6: + case SIOCGIFINFO_IN6: +- case SIOCSIFINFO_IN6: + case SIOCGDRLST_IN6: + case SIOCGPRLST_IN6: + case SIOCGNBRINFO_IN6: diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch new file mode 100644 index 000000000000..4b7db0298a20 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch @@ -0,0 +1,18 @@ +http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc + +Index: sys/kern/sys_pipe.c +=================================================================== +RCS file: /home/ncvs/src/sys/kern/sys_pipe.c,v +retrieving revision 1.201 +diff -p -u -I__FBSDID -I$FreeBSD -r1.201 sys_pipe.c +--- sys/kern/sys_pipe.c 10 Mar 2009 21:28:43 -0000 1.201 ++++ sys/kern/sys_pipe.c 5 Jun 2009 07:53:01 -0000 +@@ -761,6 +761,8 @@ pipe_build_write_buffer(wpipe, uio) + pmap = vmspace_pmap(curproc->p_vmspace); + endaddr = round_page((vm_offset_t)uio->uio_iov->iov_base + size); + addr = trunc_page((vm_offset_t)uio->uio_iov->iov_base); ++ if (endaddr < addr) ++ return (EFAULT); + for (i = 0; addr < endaddr; addr += PAGE_SIZE, i++) { + /* + * vm_fault_quick() can sleep. Consequently, diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild new file mode 100644 index 000000000000..15e20f642626 --- /dev/null +++ b/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild,v 1.1 2009/06/26 05:50:20 aballier Exp $ + +inherit bsdmk freebsd flag-o-matic + +DESCRIPTION="FreeBSD kernel sources" +SLOT="${PVR}" +KEYWORDS="~sparc-fbsd ~x86-fbsd" + +IUSE="symlink" + +SRC_URI="mirror://gentoo/${SYS}.tar.bz2" + +RDEPEND=">=sys-freebsd/freebsd-mk-defs-7.0" +DEPEND="" + +RESTRICT="strip binchecks" + +S="${WORKDIR}/sys" + +MY_PVR="${PVR}" + +[[ ${MY_PVR} == "${RV}" ]] && MY_PVR="${MY_PVR}-r0" + +src_unpack() { + unpack ${A} + cd "${S}" + + # This replaces the gentoover patch, it doesn't need reapply every time. + sed -i -e 's:^REVISION=.*:REVISION="'${PVR}'":' \ + -e 's:^BRANCH=.*:BRANCH="Gentoo":' \ + -e 's:^VERSION=.*:VERSION="${TYPE} ${BRANCH} ${REVISION}":' \ + "${S}/conf/newvers.sh" + + # __FreeBSD_cc_version comes from FreeBSD's gcc. + # on 7.0-RELEASE it's 700003. + sed -e "s:-D_KERNEL:-D_KERNEL -D__FreeBSD_cc_version=700004:g" \ + -i "${S}/conf/kern.pre.mk" \ + -i "${S}/conf/kmod.mk" || die "Couldn't set __FreeBSD_cc_version" + + epatch "${FILESDIR}/${PN}-7.0-gentoo.patch" + epatch "${FILESDIR}/${PN}-6.0-flex-2.5.31.patch" + epatch "${FILESDIR}/${PN}-7.1-asm.patch" + epatch "${FILESDIR}/${PN}-7.0-werror.patch" + epatch "${FILESDIR}/${PN}-7.2-sparc64.patch" + epatch "${FILESDIR}/${PN}-6.1-ntfs.patch" + epatch "${FILESDIR}/${PN}-7.2-debug-O2.patch" + epatch "${FILESDIR}/${PN}-7.1-types.h-fix.patch" + epatch "${FILESDIR}/${PN}-7.1-subnet-route-pr40133.patch" + epatch "${FILESDIR}/${PN}-7.1-includes.patch" + epatch "${FILESDIR}/${PN}-7.2-pipe.patch" + epatch "${FILESDIR}/${PN}-7.2-ipv6.patch" + + # Disable SSP for the kernel + grep -Zlr -- -ffreestanding "${S}" | xargs -0 sed -i -e \ + "s:-ffreestanding:-ffreestanding $(test-flags -fno-stack-protector -fno-stack-protector-all):g" + + # By adding -DGENTOO_LIVECD to CFLAGS activate this stub + # vop_whiteout to tmpfs, so it can be used as an overlay + # unionfs filesystem over the cd9660 readonly filesystem. + epatch "${FILESDIR}/${PN}-7.0-tmpfs_whiteout_stub.patch" + + # See http://sourceware.org/bugzilla/show_bug.cgi?id=5391 + # ld doesn't provide symbols constructed as the __start_set_(s) ones + # are on FreeBSD modules. + # This patch adds code to generate a list of these and adds them + # as undefined references to ld's commandline to get them. + # Without this kernel modules will not load. + epatch "${FILESDIR}/${PN}-7.1-binutils_link.patch" +} + +src_compile() { + einfo "Nothing to compile.." +} + +src_install() { + insinto "/usr/src/sys-${MY_PVR}" + doins -r "${S}/"* +} + +pkg_postinst() { + if [[ ! -L "${ROOT}/usr/src/sys" ]]; then + einfo "/usr/src/sys symlink doesn't exist; creating symlink to sys-${MY_PVR}..." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + # just in case... + [[ -L ""${ROOT}/usr/src/sys-${RV}"" ]] && rm "${ROOT}/usr/src/sys-${RV}" + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink." + elif use symlink; then + einfo "Updating /usr/src/sys symlink to sys-${MY_PVR}..." + rm "${ROOT}/usr/src/sys" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't remove previous symlinks, please fix manually." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink." + fi + + if use sparc-fbsd ; then + ewarn "WARNING: kldload currently causes kernel panics" + ewarn "on sparc64. This is probably a gcc-4.1 issue, but" + ewarn "we need gcc-4.1 to compile the kernel correctly :/" + ewarn "Please compile all modules you need into the kernel" + fi +} |