summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexis Ballier <aballier@gentoo.org>2009-06-26 05:50:20 +0000
committerAlexis Ballier <aballier@gentoo.org>2009-06-26 05:50:20 +0000
commit250e76d0f46d4e3dc2660cf2af7e6bd4535fb631 (patch)
tree2ea82f3aad3486eb654643c05b5ed8b53cf74f9a /sys-freebsd
parentAutomated update of use.local.desc (diff)
downloadgentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.tar.gz
gentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.tar.bz2
gentoo-2-250e76d0f46d4e3dc2660cf2af7e6bd4535fb631.zip
Add patches for the two latest security advisories for FreeBSD kernel.
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'sys-freebsd')
-rw-r--r--sys-freebsd/freebsd-sources/ChangeLog9
-rw-r--r--sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch25
-rw-r--r--sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch18
-rw-r--r--sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild107
4 files changed, 158 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog
index e9694d8382c0..35ddfeb03269 100644
--- a/sys-freebsd/freebsd-sources/ChangeLog
+++ b/sys-freebsd/freebsd-sources/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for sys-freebsd/freebsd-sources
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.49 2009/05/22 13:50:44 aballier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.50 2009/06/26 05:50:20 aballier Exp $
+
+*freebsd-sources-7.2-r1 (26 Jun 2009)
+
+ 26 Jun 2009; Alexis Ballier <aballier@gentoo.org>
+ +freebsd-sources-7.2-r1.ebuild, +files/freebsd-sources-7.2-ipv6.patch,
+ +files/freebsd-sources-7.2-pipe.patch:
+ Add patches for the two latest security advisories for FreeBSD kernel.
*freebsd-sources-7.2 (22 May 2009)
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch
new file mode 100644
index 000000000000..de8e0ac27c9b
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-ipv6.patch
@@ -0,0 +1,25 @@
+http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
+
+Index: sys/netinet6/in6.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/in6.c,v
+retrieving revision 1.109
+diff -p -u -I__FBSDID -I$FreeBSD -u -r1.109 in6.c
+--- sys/netinet6/in6.c 27 May 2009 14:11:23 -0000 1.109
++++ sys/netinet6/in6.c 8 Jun 2009 18:02:59 -0000
+@@ -215,6 +215,7 @@ in6_control(struct socket *so, u_long cm
+ case SIOCSRTRFLUSH_IN6:
+ case SIOCSDEFIFACE_IN6:
+ case SIOCSIFINFO_FLAGS:
++ case SIOCSIFINFO_IN6:
+ if (td != NULL) {
+ error = priv_check(td, PRIV_NETINET_ND6);
+ if (error)
+@@ -223,7 +224,6 @@ in6_control(struct socket *so, u_long cm
+ /* FALLTHROUGH */
+ case OSIOCGIFINFO_IN6:
+ case SIOCGIFINFO_IN6:
+- case SIOCSIFINFO_IN6:
+ case SIOCGDRLST_IN6:
+ case SIOCGPRLST_IN6:
+ case SIOCGNBRINFO_IN6:
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch
new file mode 100644
index 000000000000..4b7db0298a20
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-pipe.patch
@@ -0,0 +1,18 @@
+http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc
+
+Index: sys/kern/sys_pipe.c
+===================================================================
+RCS file: /home/ncvs/src/sys/kern/sys_pipe.c,v
+retrieving revision 1.201
+diff -p -u -I__FBSDID -I$FreeBSD -r1.201 sys_pipe.c
+--- sys/kern/sys_pipe.c 10 Mar 2009 21:28:43 -0000 1.201
++++ sys/kern/sys_pipe.c 5 Jun 2009 07:53:01 -0000
+@@ -761,6 +761,8 @@ pipe_build_write_buffer(wpipe, uio)
+ pmap = vmspace_pmap(curproc->p_vmspace);
+ endaddr = round_page((vm_offset_t)uio->uio_iov->iov_base + size);
+ addr = trunc_page((vm_offset_t)uio->uio_iov->iov_base);
++ if (endaddr < addr)
++ return (EFAULT);
+ for (i = 0; addr < endaddr; addr += PAGE_SIZE, i++) {
+ /*
+ * vm_fault_quick() can sleep. Consequently,
diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild
new file mode 100644
index 000000000000..15e20f642626
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild
@@ -0,0 +1,107 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-7.2-r1.ebuild,v 1.1 2009/06/26 05:50:20 aballier Exp $
+
+inherit bsdmk freebsd flag-o-matic
+
+DESCRIPTION="FreeBSD kernel sources"
+SLOT="${PVR}"
+KEYWORDS="~sparc-fbsd ~x86-fbsd"
+
+IUSE="symlink"
+
+SRC_URI="mirror://gentoo/${SYS}.tar.bz2"
+
+RDEPEND=">=sys-freebsd/freebsd-mk-defs-7.0"
+DEPEND=""
+
+RESTRICT="strip binchecks"
+
+S="${WORKDIR}/sys"
+
+MY_PVR="${PVR}"
+
+[[ ${MY_PVR} == "${RV}" ]] && MY_PVR="${MY_PVR}-r0"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # This replaces the gentoover patch, it doesn't need reapply every time.
+ sed -i -e 's:^REVISION=.*:REVISION="'${PVR}'":' \
+ -e 's:^BRANCH=.*:BRANCH="Gentoo":' \
+ -e 's:^VERSION=.*:VERSION="${TYPE} ${BRANCH} ${REVISION}":' \
+ "${S}/conf/newvers.sh"
+
+ # __FreeBSD_cc_version comes from FreeBSD's gcc.
+ # on 7.0-RELEASE it's 700003.
+ sed -e "s:-D_KERNEL:-D_KERNEL -D__FreeBSD_cc_version=700004:g" \
+ -i "${S}/conf/kern.pre.mk" \
+ -i "${S}/conf/kmod.mk" || die "Couldn't set __FreeBSD_cc_version"
+
+ epatch "${FILESDIR}/${PN}-7.0-gentoo.patch"
+ epatch "${FILESDIR}/${PN}-6.0-flex-2.5.31.patch"
+ epatch "${FILESDIR}/${PN}-7.1-asm.patch"
+ epatch "${FILESDIR}/${PN}-7.0-werror.patch"
+ epatch "${FILESDIR}/${PN}-7.2-sparc64.patch"
+ epatch "${FILESDIR}/${PN}-6.1-ntfs.patch"
+ epatch "${FILESDIR}/${PN}-7.2-debug-O2.patch"
+ epatch "${FILESDIR}/${PN}-7.1-types.h-fix.patch"
+ epatch "${FILESDIR}/${PN}-7.1-subnet-route-pr40133.patch"
+ epatch "${FILESDIR}/${PN}-7.1-includes.patch"
+ epatch "${FILESDIR}/${PN}-7.2-pipe.patch"
+ epatch "${FILESDIR}/${PN}-7.2-ipv6.patch"
+
+ # Disable SSP for the kernel
+ grep -Zlr -- -ffreestanding "${S}" | xargs -0 sed -i -e \
+ "s:-ffreestanding:-ffreestanding $(test-flags -fno-stack-protector -fno-stack-protector-all):g"
+
+ # By adding -DGENTOO_LIVECD to CFLAGS activate this stub
+ # vop_whiteout to tmpfs, so it can be used as an overlay
+ # unionfs filesystem over the cd9660 readonly filesystem.
+ epatch "${FILESDIR}/${PN}-7.0-tmpfs_whiteout_stub.patch"
+
+ # See http://sourceware.org/bugzilla/show_bug.cgi?id=5391
+ # ld doesn't provide symbols constructed as the __start_set_(s) ones
+ # are on FreeBSD modules.
+ # This patch adds code to generate a list of these and adds them
+ # as undefined references to ld's commandline to get them.
+ # Without this kernel modules will not load.
+ epatch "${FILESDIR}/${PN}-7.1-binutils_link.patch"
+}
+
+src_compile() {
+ einfo "Nothing to compile.."
+}
+
+src_install() {
+ insinto "/usr/src/sys-${MY_PVR}"
+ doins -r "${S}/"*
+}
+
+pkg_postinst() {
+ if [[ ! -L "${ROOT}/usr/src/sys" ]]; then
+ einfo "/usr/src/sys symlink doesn't exist; creating symlink to sys-${MY_PVR}..."
+ ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \
+ eerror "Couldn't create ${ROOT}/usr/src/sys symlink."
+ # just in case...
+ [[ -L ""${ROOT}/usr/src/sys-${RV}"" ]] && rm "${ROOT}/usr/src/sys-${RV}"
+ ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \
+ eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink."
+ elif use symlink; then
+ einfo "Updating /usr/src/sys symlink to sys-${MY_PVR}..."
+ rm "${ROOT}/usr/src/sys" "${ROOT}/usr/src/sys-${RV}" || \
+ eerror "Couldn't remove previous symlinks, please fix manually."
+ ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \
+ eerror "Couldn't create ${ROOT}/usr/src/sys symlink."
+ ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \
+ eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink."
+ fi
+
+ if use sparc-fbsd ; then
+ ewarn "WARNING: kldload currently causes kernel panics"
+ ewarn "on sparc64. This is probably a gcc-4.1 issue, but"
+ ewarn "we need gcc-4.1 to compile the kernel correctly :/"
+ ewarn "Please compile all modules you need into the kernel"
+ fi
+}