diff options
author | Naohiro Aota <naota@gentoo.org> | 2014-06-05 02:33:45 +0000 |
---|---|---|
committer | Naohiro Aota <naota@gentoo.org> | 2014-06-05 02:33:45 +0000 |
commit | 12ace5412e1dfd01597eceb46e3d334c44ce0d87 (patch) | |
tree | f28cb847dadc24f59c61bf59ce18f04136e1d6e9 | |
parent | Add upstream patch #512248 (diff) | |
download | gentoo-2-12ace5412e1dfd01597eceb46e3d334c44ce0d87.tar.gz gentoo-2-12ace5412e1dfd01597eceb46e3d334c44ce0d87.tar.bz2 gentoo-2-12ace5412e1dfd01597eceb46e3d334c44ce0d87.zip |
Apply security patches #512376 #512374
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key F8551514)
-rw-r--r-- | sys-freebsd/freebsd-sources/ChangeLog | 10 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch | 66 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch | 12 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild (renamed from sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild) | 6 |
4 files changed, 91 insertions, 3 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog index 16b958c8a9c5..f7b6409b69aa 100644 --- a/sys-freebsd/freebsd-sources/ChangeLog +++ b/sys-freebsd/freebsd-sources/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for sys-freebsd/freebsd-sources # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.105 2014/05/19 02:22:37 naota Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.106 2014/06/05 02:33:45 naota Exp $ + +*freebsd-sources-9.1-r9 (05 Jun 2014) + + 05 Jun 2014; Naohiro Aota <naota@gentoo.org> + +files/freebsd-sources-9.1-exec.patch, + +files/freebsd-sources-9.1-ktrace.patch, +freebsd-sources-9.1-r9.ebuild, + -freebsd-sources-9.1-r8.ebuild: + Apply security patches #512376 #512374 *freebsd-sources-9.1-r8 (19 May 2014) diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch new file mode 100644 index 000000000000..c36bed59b39e --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch @@ -0,0 +1,66 @@ +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266979) ++++ sys/kern/kern_exec.c (working copy) +@@ -280,6 +280,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -296,6 +297,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -310,6 +313,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266979) ++++ sys/sys/proc.h (working copy) +@@ -968,4 +968,5 @@ curthread_pflags_restore(int save) + + #endif /* _KERNEL */ + ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + #endif /* !_SYS_PROC_H_ */ +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266979) ++++ sys/vm/vm_map.c (working copy) +@@ -3631,6 +3631,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3647,7 +3649,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch new file mode 100644 index 000000000000..0fb6df7600ef --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch @@ -0,0 +1,12 @@ +Index: sys/kern/kern_ktrace.c +=================================================================== +--- sys/kern/kern_ktrace.c (revision 266771) ++++ sys/kern/kern_ktrace.c (working copy) +@@ -119,6 +119,7 @@ static int data_lengths[] = { + 0, /* KTR_SYSCTL */ + sizeof(struct ktr_proc_ctor), /* KTR_PROCCTOR */ + 0, /* KTR_PROCDTOR */ ++ 0, /* unused */ + sizeof(struct ktr_fault), /* KTR_FAULT */ + sizeof(struct ktr_faultend), /* KTR_FAULTEND */ + }; diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild index 7eccf479de4a..2d55f75ab5ac 100644 --- a/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild +++ b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild,v 1.1 2014/05/19 02:22:37 naota Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild,v 1.1 2014/06/05 02:33:45 naota Exp $ inherit bsdmk freebsd flag-o-matic @@ -41,7 +41,9 @@ PATCHES=( "${FILESDIR}/${PN}-9.0-disable-optimization.patch" "${FILESDIR}/${PN}-9.1-random.patch" "${FILESDIR}/${PN}-9.1-mmap-2014.patch" "${FILESDIR}/${PN}-9.1-tcp.patch" - "${FILESDIR}/${PN}-9.1-ciss.patch" ) + "${FILESDIR}/${PN}-9.1-ciss.patch" + "${FILESDIR}/${PN}-9.1-exec.patch" + "${FILESDIR}/${PN}-9.1-ktrace.patch" ) src_unpack() { freebsd_src_unpack |