Fix module symbols export with latest binutils, grab a bunch of security fixes from security.freebsd.org.

Package-Manager: portage-2.2_rc20/cvs/Linux 2.6.28 x86_64

6 files changed, 275 insertions, 0 deletions

diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-amd64.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-amd64.patch
new file mode 100644
index 000000000000..9e910317cef2
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-amd64.patch
@@ -0,0 +1,25 @@
+Index: sys/amd64/amd64/exception.S
+===================================================================
+RCS file: /home/ncvs/src/sys/amd64/amd64/exception.S,v
+retrieving revision 1.132
+retrieving revision 1.133
+diff -u -d -r1.132 -r1.133
+--- sys/amd64/amd64/exception.S	24 May 2008 06:32:26 -0000	1.132
++++ sys/amd64/amd64/exception.S	18 Aug 2008 08:47:27 -0000	1.133
+@@ -636,13 +636,10 @@
+ 	.globl	doreti_iret_fault
+ doreti_iret_fault:
+ 	subq	$TF_RIP,%rsp		/* space including tf_err, tf_trapno */
+-	testb	$SEL_RPL_MASK,TF_CS(%rsp) /* Did we come from kernel? */
+-	jz	1f			/* already running with kernel GS.base */
+-	swapgs
+-1:	testl	$PSL_I,TF_RFLAGS(%rsp)
+-	jz	2f
++	testl	$PSL_I,TF_RFLAGS(%rsp)
++	jz	1f
+ 	sti
+-2:	movq	%rdi,TF_RDI(%rsp)
++1:	movq	%rdi,TF_RDI(%rsp)
+ 	movq	%rsi,TF_RSI(%rsp)
+ 	movq	%rdx,TF_RDX(%rsp)
+ 	movq	%rcx,TF_RCX(%rsp)
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-arc4random6x.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-arc4random6x.patch
new file mode 100644
index 000000000000..1fda03c8f150
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-arc4random6x.patch
@@ -0,0 +1,81 @@
+Index: sys/dev/random/randomdev.c
+===================================================================
+--- sys/dev/random/randomdev.c	(revision 185214)
++++ sys/dev/random/randomdev.c	(working copy)
+@@ -89,6 +89,7 @@
+ 	    && (securelevel_gt(td->td_ucred, 0) == 0)) {
+ 		(*random_systat.reseed)();
+ 		random_systat.seeded = 1;
++		arc4rand(NULL, 0, 1);	/* Reseed arc4random as well. */
+ 	}
+ 
+ 	return (0);
+Index: sys/dev/random/randomdev_soft.c
+===================================================================
+--- sys/dev/random/randomdev_soft.c	(revision 185214)
++++ sys/dev/random/randomdev_soft.c	(working copy)
+@@ -61,6 +61,7 @@
+     u_int, u_int, enum esource);
+ static int random_yarrow_poll(int event,struct thread *td);
+ static int random_yarrow_block(int flag);
++static void random_yarrow_flush_reseed(void);
+ 
+ struct random_systat random_yarrow = {
+ 	.ident = "Software, Yarrow",
+@@ -70,7 +71,7 @@
+ 	.read = random_yarrow_read,
+ 	.write = random_yarrow_write,
+ 	.poll = random_yarrow_poll,
+-	.reseed = random_yarrow_reseed,
++	.reseed = random_yarrow_flush_reseed,
+ 	.seeded = 1,
+ };
+ 
+@@ -96,7 +97,7 @@
+ /* Harvested entropy */
+ static struct entropyfifo harvestfifo[ENTROPYSOURCE];
+ 
+-/* <0 to end the kthread, 0 to let it run */
++/* <0 to end the kthread, 0 to let it run, 1 to flush the harvest queues */
+ static int random_kthread_control = 0;
+ 
+ static struct proc *random_kthread_proc;
+@@ -247,7 +248,7 @@
+ 	local_count = 0;
+ 
+ 	/* Process until told to stop */
+-	for (; random_kthread_control == 0;) {
++	for (; random_kthread_control >= 0;) {
+ 
+ 		active = 0;
+ 
+@@ -282,6 +283,13 @@
+ 		KASSERT(local_count == 0, ("random_kthread: local_count %d",
+ 		    local_count));
+ 
++		/*
++		 * If a queue flush was commanded, it has now happened,
++		 * and we can mark this by resetting the command.
++		 */
++		if (random_kthread_control == 1)
++			random_kthread_control = 0;
++
+ 		/* Found nothing, so don't belabour the issue */
+ 		if (!active)
+ 			tsleep(&harvestfifo, 0, "-", hz / 10);
+@@ -406,3 +414,15 @@
+ 
+ 	return error;
+ }	
++
++/* Helper routine to perform explicit reseeds */
++static void
++random_yarrow_flush_reseed(void)
++{
++	/* Command a entropy queue flush and wait for it to finish */
++	random_kthread_control = 1;
++	while (random_kthread_control)
++		tsleep(&harvestfifo, 0, "-", hz / 10);
++
++	random_yarrow_reseed();
++}
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-icmp6.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-icmp6.patch
new file mode 100644
index 000000000000..6b97b16b3f97
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-icmp6.patch
@@ -0,0 +1,23 @@
+Index: sys/netinet6/icmp6.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/icmp6.c,v
+retrieving revision 1.80.2.4
+diff -u -p -r1.80.2.4 icmp6.c
+--- sys/netinet6/icmp6.c	31 Aug 2008 21:54:24 -0000	1.80.2.4
++++ sys/netinet6/icmp6.c	1 Sep 2008 23:03:44 -0000
+@@ -1117,6 +1117,15 @@ icmp6_mtudisc_update(struct ip6ctlparam 
+ 	if (!validated)
+ 		return;
+ 
++	/*
++	 * In case the suggested mtu is less than IPV6_MMTU, we
++	 * only need to remember that it was for above mentioned
++	 * "alwaysfrag" case.
++	 * Try to be as close to the spec as possible.
++	 */
++	if (mtu < IPV6_MMTU)
++		mtu = IPV6_MMTU - 8;
++
+ 	bzero(&inc, sizeof(inc));
+ 	inc.inc_flags = 1; /* IPv6 */
+ 	inc.inc6_faddr = *dst;
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-nd6-6.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-nd6-6.patch
new file mode 100644
index 000000000000..dc32f71064f2
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-nd6-6.patch
@@ -0,0 +1,86 @@
+Index: sys/netinet6/in6.h
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/in6.h,v
+retrieving revision 1.36.2.9
+diff -u -p -r1.36.2.9 in6.h
+--- sys/netinet6/in6.h	1 Sep 2008 22:57:56 -0000	1.36.2.9
++++ sys/netinet6/in6.h	28 Sep 2008 21:27:09 -0000
+@@ -575,7 +575,8 @@ struct ip6_mtuinfo {
+ /* to define items, should talk with KAME guys first, for *BSD compatibility */
+ #define IPV6CTL_STEALTH		45
+ #define IPV6CTL_RTHDR0_ALLOWED  46
+-#define IPV6CTL_MAXID		47
++#define	ICMPV6CTL_ND6_ONLINKNSRFC4861	47
++#define IPV6CTL_MAXID		48
+ #endif /* __BSD_VISIBLE */
+ 
+ /*
+Index: sys/netinet6/in6_proto.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/in6_proto.c,v
+retrieving revision 1.32.2.9
+diff -u -p -r1.32.2.9 in6_proto.c
+--- sys/netinet6/in6_proto.c	1 Sep 2008 22:57:56 -0000	1.32.2.9
++++ sys/netinet6/in6_proto.c	28 Sep 2008 21:26:24 -0000
+@@ -354,6 +354,7 @@ DOMAIN_SET(inet6);
+ #ifndef	IPV6_SENDREDIRECTS
+ #define	IPV6_SENDREDIRECTS	1
+ #endif
++int	nd6_onlink_ns_rfc4861 = 0; /* allow 'on-link' nd6 NS (as in RFC 4861) */
+ 
+ int	ip6_forwarding = IPV6FORWARDING;	/* act as router? */
+ int	ip6_sendredirects = IPV6_SENDREDIRECTS;
+@@ -553,3 +554,6 @@ SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_N
+ 	nd6_maxnudhint, CTLFLAG_RW,	&nd6_maxnudhint, 0, "");
+ SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG,
+ 	nd6_debug, CTLFLAG_RW,	&nd6_debug,		0, "");
++SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861,
++	nd6_onlink_ns_rfc4861, CTLFLAG_RW, &nd6_onlink_ns_rfc4861, 0,
++	"Accept 'on-link' nd6 NS in compliance with RFC 4861.");
+Index: sys/netinet6/nd6.h
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/nd6.h,v
+retrieving revision 1.19.2.3
+diff -u -p -r1.19.2.3 nd6.h
+--- sys/netinet6/nd6.h	1 Sep 2008 22:57:56 -0000	1.19.2.3
++++ sys/netinet6/nd6.h	28 Sep 2008 21:26:24 -0000
+@@ -339,6 +339,7 @@ extern struct llinfo_nd6 llinfo_nd6;
+ extern struct nd_drhead nd_defrouter;
+ extern struct nd_prhead nd_prefix;
+ extern int nd6_debug;
++extern int nd6_onlink_ns_rfc4861;
+ 
+ #define nd6log(x)	do { if (nd6_debug) log x; } while (/*CONSTCOND*/ 0)
+ 
+Index: sys/netinet6/nd6_nbr.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/nd6_nbr.c,v
+retrieving revision 1.29.2.10
+diff -u -p -r1.29.2.10 nd6_nbr.c
+--- sys/netinet6/nd6_nbr.c	1 Sep 2008 22:57:56 -0000	1.29.2.10
++++ sys/netinet6/nd6_nbr.c	28 Sep 2008 21:26:24 -0000
+@@ -148,6 +148,24 @@ nd6_ns_input(m, off, icmp6len)
+ 			    "(wrong ip6 dst)\n"));
+ 			goto bad;
+ 		}
++	} else if (!nd6_onlink_ns_rfc4861) {
++		struct sockaddr_in6 src_sa6;
++
++		/*
++		 * According to recent IETF discussions, it is not a good idea
++		 * to accept a NS from an address which would not be deemed
++		 * to be a neighbor otherwise.  This point is expected to be
++		 * clarified in future revisions of the specification.
++		 */
++		bzero(&src_sa6, sizeof(src_sa6));
++		src_sa6.sin6_family = AF_INET6;
++		src_sa6.sin6_len = sizeof(src_sa6);
++		src_sa6.sin6_addr = saddr6;
++		if (!nd6_is_addr_neighbor(&src_sa6, ifp)) {
++			nd6log((LOG_INFO, "nd6_ns_input: "
++				"NS packet from non-neighbor\n"));
++			goto bad;
++		}
+ 	}
+ 
+ 	if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-protosw6x.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-protosw6x.patch
new file mode 100644
index 000000000000..f1a540c3e826
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.2-protosw6x.patch
@@ -0,0 +1,23 @@
+Index: sys/kern/uipc_domain.c
+===================================================================
+--- sys/kern/uipc_domain.c	(revision 186366)
++++ sys/kern/uipc_domain.c	(working copy)
+@@ -112,13 +112,18 @@
+ 
+ #define DEFAULT(foo, bar)	if ((foo) == NULL)  (foo) = (bar)
+ 	DEFAULT(pu->pru_accept, pru_accept_notsupp);
++	DEFAULT(pu->pru_bind, pru_bind_notsupp);
+ 	DEFAULT(pu->pru_connect, pru_connect_notsupp);
+ 	DEFAULT(pu->pru_connect2, pru_connect2_notsupp);
+ 	DEFAULT(pu->pru_control, pru_control_notsupp);
++	DEFAULT(pu->pru_disconnect, pru_disconnect_notsupp);
+ 	DEFAULT(pu->pru_listen, pru_listen_notsupp);
++	DEFAULT(pu->pru_peeraddr, pru_peeraddr_notsupp);
+ 	DEFAULT(pu->pru_rcvd, pru_rcvd_notsupp);
+ 	DEFAULT(pu->pru_rcvoob, pru_rcvoob_notsupp);
+ 	DEFAULT(pu->pru_sense, pru_sense_null);
++	DEFAULT(pu->pru_shutdown, pru_shutdown_notsupp);
++	DEFAULT(pu->pru_sockaddr, pru_sockaddr_notsupp);
+ 	DEFAULT(pu->pru_sosend, sosend);
+ 	DEFAULT(pu->pru_soreceive, soreceive);
+ 	DEFAULT(pu->pru_sopoll, sopoll);
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-binutils_link.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-binutils_link.patch
new file mode 100644
index 000000000000..132db2e42957
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-binutils_link.patch
@@ -0,0 +1,37 @@
+diff -ruN sys.orig/conf/kern.post.mk sys/conf/kern.post.mk
+--- sys.orig/conf/kern.post.mk	2007-03-23 18:55:59 -0300
++++ sys/conf/kern.post.mk	2008-06-18 19:51:13 -0300
+@@ -85,7 +85,9 @@
+ ${FULLKERNEL}: ${SYSTEM_DEP} vers.o
+ 	@rm -f ${.TARGET}
+ 	@echo linking ${.TARGET}
+-	${SYSTEM_LD}
++	${SYSTEM_LD} -o ${.TARGET}.tmp
++	@sh $S/tools/gen-ld-u-options ${.TARGET}.tmp > ${.TARGET}.lopt
++	${SYSTEM_LD} "@${.TARGET}.lopt"
+ .if !defined(DEBUG)
+ 	${OBJCOPY} --strip-debug ${.TARGET}
+ .endif
+diff -ruN sys.orig/conf/kmod.mk sys/conf/kmod.mk
+--- sys.orig/conf/kmod.mk	2008-06-18 09:11:53 -0300
++++ sys/conf/kmod.mk	2008-06-18 19:50:01 -0300
+@@ -176,7 +176,8 @@
+ 
+ .if ${MACHINE_ARCH} != amd64
+ ${FULLPROG}: ${KMOD}.kld
+-	${LD} -Bshareable ${LDFLAGS} -o ${.TARGET} ${KMOD}.kld
++	sh ./@/tools/gen-ld-u-options ${KMOD}.kld > ${KMOD}.lopt
++	${LD} -Bshareable ${LDFLAGS} -o ${.TARGET} ${KMOD}.kld "@${KMOD}.lopt"
+ .if !defined(DEBUG_FLAGS)
+ 	${OBJCOPY} --strip-debug ${.TARGET}
+ .endif
+diff -ruN sys.orig/tools/gen-ld-u-options sys/tools/gen-ld-u-options
+--- sys.orig/tools/gen-ld-u-options	1969-12-31 21:00:00 -0300
++++ sys/tools/gen-ld-u-options	2008-06-18 19:47:56 -0300
+@@ -0,0 +1,6 @@
++#!/bin/sh
++
++for i in `objdump -h -w $1 | grep set_ | cut -c5- | cut -f1 -d " "`
++do
++    echo -n " -u __start_$i -u __stop_$i "
++done