diff options
| author |   Alexis Ballier <aballier@gentoo.org> | 2009-05-12 09:05:51 +0000 |
|---|---|---|
| committer | Alexis Ballier <aballier@gentoo.org> | 2009-05-12 09:05:51 +0000 |
| commit | d5ce8939386d43d167c2cd3e16b6d30f896e5562 (patch) | |
| tree | 9e3be815a84d3f409216aa870aa91f97dbbe7821 /sys-freebsd/freebsd-sources | |
| parent | x11-libs/libXCalibrate: add missing deps, small clean up (fixes bug #269380) (diff) | |
| download | gentoo-2-d5ce8939386d43d167c2cd3e16b6d30f896e5562.tar.gz gentoo-2-d5ce8939386d43d167c2cd3e16b6d30f896e5562.tar.bz2 gentoo-2-d5ce8939386d43d167c2cd3e16b6d30f896e5562.zip | |
Add patch for ktimer security issue, bug #263844 and http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'sys-freebsd/freebsd-sources')
| -rw-r--r-- | sys-freebsd/freebsd-sources/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-ktimer.patch | 18 | ||||
| -rw-r--r-- | sys-freebsd/freebsd-sources/freebsd-sources-7.1-r1.ebuild | 105 |
3 files changed, 131 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog index f40e13ee531a..e49e0a59212b 100644 --- a/sys-freebsd/freebsd-sources/ChangeLog +++ b/sys-freebsd/freebsd-sources/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-freebsd/freebsd-sources # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.45 2009/01/22 21:05:47 the_paya Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.46 2009/05/12 09:05:50 aballier Exp $ + +*freebsd-sources-7.1-r1 (12 May 2009) + + 12 May 2009; Alexis Ballier <aballier@gentoo.org> + +freebsd-sources-7.1-r1.ebuild, +files/freebsd-sources-7.1-ktimer.patch: + Add patch for ktimer security issue, bug #263844 and + http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc *freebsd-sources-7.1 (22 Jan 2009) diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-ktimer.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-ktimer.patch new file mode 100644 index 000000000000..5778738771f2 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-ktimer.patch @@ -0,0 +1,18 @@ +http://security.freebsd.org/advisories/FreeBSD-SA-09:06.ktimer.asc +https://bugs.gentoo.org/show_bug.cgi?id=263844 +CVE-2009-1041 + +Index: sys/kern/kern_time.c +=================================================================== +--- sys/kern/kern_time.c (revision 190192) ++++ sys/kern/kern_time.c (working copy) +@@ -1085,7 +1085,8 @@ + struct itimer *it; + + PROC_LOCK_ASSERT(p, MA_OWNED); +- if ((p->p_itimers == NULL) || (timerid >= TIMER_MAX) || ++ if ((p->p_itimers == NULL) || ++ (timerid < 0) || (timerid >= TIMER_MAX) || + (it = p->p_itimers->its_timers[timerid]) == NULL) { + return (NULL); + } diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-7.1-r1.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-7.1-r1.ebuild new file mode 100644 index 000000000000..b902a1a31271 --- /dev/null +++ b/sys-freebsd/freebsd-sources/freebsd-sources-7.1-r1.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-7.1-r1.ebuild,v 1.1 2009/05/12 09:05:50 aballier Exp $ + +inherit bsdmk freebsd flag-o-matic + +DESCRIPTION="FreeBSD kernel sources" +SLOT="${PVR}" +KEYWORDS="~sparc-fbsd ~x86-fbsd" + +IUSE="symlink" + +SRC_URI="mirror://gentoo/${SYS}.tar.bz2" + +RDEPEND=">=sys-freebsd/freebsd-mk-defs-7.0" +DEPEND="" + +RESTRICT="strip binchecks" + +S="${WORKDIR}/sys" + +MY_PVR="${PVR}" + +[[ ${MY_PVR} == "${RV}" ]] && MY_PVR="${MY_PVR}-r0" + +src_unpack() { + unpack ${A} + cd "${S}" + + # This replaces the gentoover patch, it doesn't need reapply every time. + sed -i -e 's:^REVISION=.*:REVISION="'${PVR}'":' \ + -e 's:^BRANCH=.*:BRANCH="Gentoo":' \ + -e 's:^VERSION=.*:VERSION="${TYPE} ${BRANCH} ${REVISION}":' \ + "${S}/conf/newvers.sh" + + # __FreeBSD_cc_version comes from FreeBSD's gcc. + # on 7.0-RELEASE it's 700003. + sed -e "s:-D_KERNEL:-D_KERNEL -D__FreeBSD_cc_version=700004:g" \ + -i "${S}/conf/kern.pre.mk" \ + -i "${S}/conf/kmod.mk" || die "Couldn't set __FreeBSD_cc_version" + + epatch "${FILESDIR}/${PN}-7.0-gentoo.patch" + epatch "${FILESDIR}/${PN}-6.0-flex-2.5.31.patch" + epatch "${FILESDIR}/${PN}-7.1-asm.patch" + epatch "${FILESDIR}/${PN}-7.0-werror.patch" + epatch "${FILESDIR}/${PN}-7.1-sparc64.patch" + epatch "${FILESDIR}/${PN}-6.1-ntfs.patch" + epatch "${FILESDIR}/${PN}-6.2-debug-O2.patch" + epatch "${FILESDIR}/${PN}-7.1-types.h-fix.patch" + epatch "${FILESDIR}/${PN}-7.1-subnet-route-pr40133.patch" + epatch "${FILESDIR}/${PN}-7.1-ktimer.patch" + + # Disable SSP for the kernel + grep -Zlr -- -ffreestanding "${S}" | xargs -0 sed -i -e \ + "s:-ffreestanding:-ffreestanding $(test-flags -fno-stack-protector -fno-stack-protector-all):g" + + # By adding -DGENTOO_LIVECD to CFLAGS activate this stub + # vop_whiteout to tmpfs, so it can be used as an overlay + # unionfs filesystem over the cd9660 readonly filesystem. + epatch "${FILESDIR}/${PN}-7.0-tmpfs_whiteout_stub.patch" + + # See http://sourceware.org/bugzilla/show_bug.cgi?id=5391 + # ld doesn't provide symbols constructed as the __start_set_(s) ones + # are on FreeBSD modules. + # This patch adds code to generate a list of these and adds them + # as undefined references to ld's commandline to get them. + # Without this kernel modules will not load. + epatch "${FILESDIR}/${PN}-7.1-binutils_link.patch" +} + +src_compile() { + einfo "Nothing to compile.." +} + +src_install() { + insinto "/usr/src/sys-${MY_PVR}" + doins -r "${S}/"* +} + +pkg_postinst() { + if [[ ! -L "${ROOT}/usr/src/sys" ]]; then + einfo "/usr/src/sys symlink doesn't exist; creating symlink to sys-${MY_PVR}..." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + # just in case... + [[ -L ""${ROOT}/usr/src/sys-${RV}"" ]] && rm "${ROOT}/usr/src/sys-${RV}" + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink." + elif use symlink; then + einfo "Updating /usr/src/sys symlink to sys-${MY_PVR}..." + rm "${ROOT}/usr/src/sys" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't remove previous symlinks, please fix manually." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + ln -sf "sys-${MY_PVR}" "${ROOT}/usr/src/sys-${RV}" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys-${RV} symlink." + fi + + if use sparc-fbsd ; then + ewarn "WARNING: kldload currently causes kernel panics" + ewarn "on sparc64. This is probably a gcc-4.1 issue, but" + ewarn "we need gcc-4.1 to compile the kernel correctly :/" + ewarn "Please compile all modules you need into the kernel" + fi +} |