diff options
Diffstat (limited to 'sys-freebsd/freebsd-sources')
-rw-r--r-- | sys-freebsd/freebsd-sources/ChangeLog | 8 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch | 20 | ||||
-rw-r--r-- | sys-freebsd/freebsd-sources/freebsd-sources-9.1-r2.ebuild | 83 |
3 files changed, 110 insertions, 1 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog index 4a9348ce0251..653d7ff862c3 100644 --- a/sys-freebsd/freebsd-sources/ChangeLog +++ b/sys-freebsd/freebsd-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-freebsd/freebsd-sources # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.84 2013/06/18 23:32:01 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.85 2013/06/19 02:09:24 aballier Exp $ + +*freebsd-sources-9.1-r2 (19 Jun 2013) + + 19 Jun 2013; Alexis Ballier <aballier@gentoo.org> + +freebsd-sources-9.1-r2.ebuild, +files/freebsd-sources-9.1-mmap.patch: + Fix CVE-2013-2171, bug #473688 by Yuta SATOH 18 Jun 2013; Alexis Ballier <aballier@gentoo.org> -freebsd-sources-7.2-r3.ebuild, -freebsd-sources-8.0.ebuild, diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch new file mode 100644 index 000000000000..ef2d0a78206b --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch @@ -0,0 +1,20 @@ +http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc +https://bugs.gentoo.org/show_bug.cgi?id=473688 + +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 251636) ++++ sys/vm/vm_map.c (working copy) +@@ -3761,6 +3761,12 @@ RetryLookup:; + vm_map_unlock_read(map); + return (KERN_PROTECTION_FAILURE); + } ++ if ((fault_typea & VM_PROT_COPY) != 0 && ++ (entry->max_protection & VM_PROT_WRITE) == 0 && ++ (entry->eflags & MAP_ENTRY_COW) == 0) { ++ vm_map_unlock_read(map); ++ return (KERN_PROTECTION_FAILURE); ++ } + + /* + * If this page is not pageable, we have to get it for all possible diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r2.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r2.ebuild new file mode 100644 index 000000000000..117856744e46 --- /dev/null +++ b/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r2.ebuild @@ -0,0 +1,83 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.1-r2.ebuild,v 1.1 2013/06/19 02:09:24 aballier Exp $ + +inherit bsdmk freebsd flag-o-matic + +DESCRIPTION="FreeBSD kernel sources" +SLOT="${RV}" +KEYWORDS="~amd64-fbsd ~sparc-fbsd ~x86-fbsd" + +IUSE="symlink" + +SRC_URI="mirror://gentoo/${SYS}.tar.bz2" + +RDEPEND=">=sys-freebsd/freebsd-mk-defs-8.0" +DEPEND="" + +RESTRICT="strip binchecks" + +S="${WORKDIR}/sys" + +PATCHES=( "${FILESDIR}/${PN}-9.0-disable-optimization.patch" + "${FILESDIR}/${PN}-9.1-gentoo.patch" + "${FILESDIR}/${PN}-6.0-flex-2.5.31.patch" + "${FILESDIR}/${PN}-6.1-ntfs.patch" + "${FILESDIR}/${PN}-7.1-types.h-fix.patch" + "${FILESDIR}/${PN}-8.0-subnet-route-pr40133.patch" + "${FILESDIR}/${PN}-7.1-includes.patch" + "${FILESDIR}/${PN}-9.0-sysctluint.patch" + "${FILESDIR}/${PN}-7.0-tmpfs_whiteout_stub.patch" + "${FILESDIR}/${PN}-9.1-cve-2013-3266.patch" + "${FILESDIR}/${PN}-9.1-mmap.patch" ) + +src_unpack() { + freebsd_src_unpack + + # This replaces the gentoover patch, it doesn't need reapply every time. + sed -i -e 's:^REVISION=.*:REVISION="'${PVR}'":' \ + -e 's:^BRANCH=.*:BRANCH="Gentoo":' \ + -e 's:^VERSION=.*:VERSION="${TYPE} ${BRANCH} ${REVISION}":' \ + "${S}/conf/newvers.sh" + + # __FreeBSD_cc_version comes from FreeBSD's gcc. + # on 9.0-RELEASE it's 900001. + sed -e "s:-D_KERNEL:-D_KERNEL -D__FreeBSD_cc_version=900001:g" \ + -i "${S}/conf/kern.pre.mk" \ + -i "${S}/conf/kmod.mk" || die "Couldn't set __FreeBSD_cc_version" + + # Remove -Werror + sed -e "s:-Werror:-Wno-error:g" \ + -i "${S}/conf/kern.pre.mk" \ + -i "${S}/conf/kmod.mk" || die +} + +src_compile() { + einfo "Nothing to compile.." +} + +src_install() { + insinto "/usr/src/sys-${RV}" + doins -r "${S}/"* +} + +pkg_postinst() { + if [[ ! -L "${ROOT}/usr/src/sys" ]]; then + einfo "/usr/src/sys symlink doesn't exist; creating symlink to sys-${RV}..." + ln -sf "sys-${RV}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + elif use symlink; then + einfo "Updating /usr/src/sys symlink to sys-${MY_PVR}..." + rm "${ROOT}/usr/src/sys" || \ + eerror "Couldn't remove previous symlinks, please fix manually." + ln -sf "sys-${RV}" "${ROOT}/usr/src/sys" || \ + eerror "Couldn't create ${ROOT}/usr/src/sys symlink." + fi + + if use sparc-fbsd ; then + ewarn "WARNING: kldload currently causes kernel panics" + ewarn "on sparc64. This is probably a gcc-4.1 issue, but" + ewarn "we need gcc-4.1 to compile the kernel correctly :/" + ewarn "Please compile all modules you need into the kernel" + fi +} |