summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys-freebsd/freebsd-sources/ChangeLog10
-rw-r--r--sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch66
-rw-r--r--sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch12
-rw-r--r--sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild (renamed from sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild)6
4 files changed, 91 insertions, 3 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog
index 16b958c8a9c5..f7b6409b69aa 100644
--- a/sys-freebsd/freebsd-sources/ChangeLog
+++ b/sys-freebsd/freebsd-sources/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for sys-freebsd/freebsd-sources
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.105 2014/05/19 02:22:37 naota Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.106 2014/06/05 02:33:45 naota Exp $
+
+*freebsd-sources-9.1-r9 (05 Jun 2014)
+
+ 05 Jun 2014; Naohiro Aota <naota@gentoo.org>
+ +files/freebsd-sources-9.1-exec.patch,
+ +files/freebsd-sources-9.1-ktrace.patch, +freebsd-sources-9.1-r9.ebuild,
+ -freebsd-sources-9.1-r8.ebuild:
+ Apply security patches #512376 #512374
*freebsd-sources-9.1-r8 (19 May 2014)
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch
new file mode 100644
index 000000000000..c36bed59b39e
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch
@@ -0,0 +1,66 @@
+Index: sys/kern/kern_exec.c
+===================================================================
+--- sys/kern/kern_exec.c (revision 266979)
++++ sys/kern/kern_exec.c (working copy)
+@@ -280,6 +280,7 @@ kern_execve(td, args, mac_p)
+ struct mac *mac_p;
+ {
+ struct proc *p = td->td_proc;
++ struct vmspace *oldvmspace;
+ int error;
+
+ AUDIT_ARG_ARGV(args->begin_argv, args->argc,
+@@ -296,6 +297,8 @@ kern_execve(td, args, mac_p)
+ PROC_UNLOCK(p);
+ }
+
++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve"));
++ oldvmspace = td->td_proc->p_vmspace;
+ error = do_execve(td, args, mac_p);
+
+ if (p->p_flag & P_HADTHREADS) {
+@@ -310,6 +313,12 @@ kern_execve(td, args, mac_p)
+ thread_single_end();
+ PROC_UNLOCK(p);
+ }
++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) {
++ KASSERT(td->td_proc->p_vmspace != oldvmspace,
++ ("oldvmspace still used"));
++ vmspace_free(oldvmspace);
++ td->td_pflags &= ~TDP_EXECVMSPC;
++ }
+
+ return (error);
+ }
+Index: sys/sys/proc.h
+===================================================================
+--- sys/sys/proc.h (revision 266979)
++++ sys/sys/proc.h (working copy)
+@@ -968,4 +968,5 @@ curthread_pflags_restore(int save)
+
+ #endif /* _KERNEL */
+
++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */
+ #endif /* !_SYS_PROC_H_ */
+Index: sys/vm/vm_map.c
+===================================================================
+--- sys/vm/vm_map.c (revision 266979)
++++ sys/vm/vm_map.c (working copy)
+@@ -3631,6 +3631,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,
+ struct vmspace *oldvmspace = p->p_vmspace;
+ struct vmspace *newvmspace;
+
++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0,
++ ("vmspace_exec recursed"));
+ newvmspace = vmspace_alloc(minuser, maxuser);
+ if (newvmspace == NULL)
+ return (ENOMEM);
+@@ -3647,7 +3649,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser,
+ PROC_VMSPACE_UNLOCK(p);
+ if (p == curthread->td_proc)
+ pmap_activate(curthread);
+- vmspace_free(oldvmspace);
++ curthread->td_pflags |= TDP_EXECVMSPC;
+ return (0);
+ }
+
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch
new file mode 100644
index 000000000000..0fb6df7600ef
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch
@@ -0,0 +1,12 @@
+Index: sys/kern/kern_ktrace.c
+===================================================================
+--- sys/kern/kern_ktrace.c (revision 266771)
++++ sys/kern/kern_ktrace.c (working copy)
+@@ -119,6 +119,7 @@ static int data_lengths[] = {
+ 0, /* KTR_SYSCTL */
+ sizeof(struct ktr_proc_ctor), /* KTR_PROCCTOR */
+ 0, /* KTR_PROCDTOR */
++ 0, /* unused */
+ sizeof(struct ktr_fault), /* KTR_FAULT */
+ sizeof(struct ktr_faultend), /* KTR_FAULTEND */
+ };
diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild
index 7eccf479de4a..2d55f75ab5ac 100644
--- a/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild
+++ b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r8.ebuild,v 1.1 2014/05/19 02:22:37 naota Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r9.ebuild,v 1.1 2014/06/05 02:33:45 naota Exp $
inherit bsdmk freebsd flag-o-matic
@@ -41,7 +41,9 @@ PATCHES=( "${FILESDIR}/${PN}-9.0-disable-optimization.patch"
"${FILESDIR}/${PN}-9.1-random.patch"
"${FILESDIR}/${PN}-9.1-mmap-2014.patch"
"${FILESDIR}/${PN}-9.1-tcp.patch"
- "${FILESDIR}/${PN}-9.1-ciss.patch" )
+ "${FILESDIR}/${PN}-9.1-ciss.patch"
+ "${FILESDIR}/${PN}-9.1-exec.patch"
+ "${FILESDIR}/${PN}-9.1-ktrace.patch" )
src_unpack() {
freebsd_src_unpack