Add patch for CVE-2012-0217 and EN-12:02 #422993 #422995

Package-Manager: portage-2.2.0_alpha110/cvs/Linux x86_64
author: Naohiro Aota <naota@gentoo.org> 2012-06-27 10:29:23 +0000
committer: Naohiro Aota <naota@gentoo.org> 2012-06-27 10:29:23 +0000
commit: 14243eeb9a80ae3ca3f7a586ad5f672d01cab662 (patch)
tree: b5ea4b36f7eec49befc08d4915ac80afd5757001 /sys-freebsd
parent: old (diff)
download: historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.tar.gz
historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.tar.bz2
historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.zip
6 files changed, 198 insertions, 6 deletions
diff --git a/sys-freebsd/freebsd-sources/ChangeLog b/sys-freebsd/freebsd-sources/ChangeLog
index f1641910e4c3..e6f6364744dd 100644
--- a/sys-freebsd/freebsd-sources/ChangeLog
+++ b/sys-freebsd/freebsd-sources/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for sys-freebsd/freebsd-sources
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.72 2012/05/27 13:06:03 ryao Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/ChangeLog,v 1.73 2012/06/27 10:29:23 naota Exp $
+
+*freebsd-sources-8.2-r2 (27 Jun 2012)
+*freebsd-sources-9.0-r4 (27 Jun 2012)
+
+  27 Jun 2012; Naohiro Aota <naota@gentoo.org>
+  +files/freebsd-sources-9.0-ipv6refcount.patch,
+  +files/freebsd-sources-cve-2012-0217.patch, +freebsd-sources-8.2-r2.ebuild,
+  +freebsd-sources-9.0-r4.ebuild, -freebsd-sources-8.2-r1.ebuild,
+  -freebsd-sources-9.0-r3.ebuild:
+  Add patch for CVE-2012-0217 and EN-12:02 #422993 #422995
 
 *freebsd-sources-9.0-r3 (27 May 2012)
 
diff --git a/sys-freebsd/freebsd-sources/Manifest b/sys-freebsd/freebsd-sources/Manifest
index d032530c4c7c..ecc3818c242f 100644
--- a/sys-freebsd/freebsd-sources/Manifest
+++ b/sys-freebsd/freebsd-sources/Manifest
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
 AUX freebsd-sources-6.0-flex-2.5.31.patch 826 RMD160 a93341cfba5ddbd8df777273591ce21164f3ed41 SHA1 9f991b64b237a397e7aa0bad79a9a28c0de69339 SHA256 8aaf240a344106fc5434fd098eb6555a554d16513b71c95f93a93388021c3d99
 AUX freebsd-sources-6.1-ntfs.patch 1043 RMD160 0389ef971934db5b239d81ec016d94a21398c226 SHA1 03d8c702bbd6bd79f7b3cbe64f720487b87fa442 SHA256 2eb0e22bea267d7ac41c3dec81682d3cc1f1744316ea39342e2aaae1f2dca469
 AUX freebsd-sources-7.0-gentoo.patch 1346 RMD160 9182f84f08fa8edb68e505c1ec274c93678cab2c SHA1 277d7f7a6c24c37ec30d051b775ab6c3eea96996 SHA256 c5930673345572ab3466c862ecb2aefa410931e541cf58b1ca4464827bb1646e
@@ -26,16 +29,35 @@ AUX freebsd-sources-8.2-unix2.patch 1642 RMD160 0ddbf08159fe3d99fde9d07ac624a07a
 AUX freebsd-sources-9.0-disable-optimization.patch 927 RMD160 77f8b87f57d4cd3df163fc971567afc4374ca078 SHA1 ae2ac9608ff808c5e1ee52c9294aa66ae0d15ccc SHA256 e8ad8d8ed1f729b7b22839a7af93b3dd667f257b05db95f408c48b270003a486
 AUX freebsd-sources-9.0-disable-optimizations.patch 792 RMD160 4cd19f9cb5c119eabb3700da25d1f25fd1fc2750 SHA1 3a799bec3310d928cb11c45873faec002d88a732 SHA256 4d04d158c118ec218eae51db8e522efa16467b554df8d1e8f1a882617d36a555
 AUX freebsd-sources-9.0-gentoo.patch 1194 RMD160 1933e7ca85b65d8f81622c01d1b3374fa9072319 SHA1 30992a38173c1732ec1f05fe6c19ac961717917c SHA256 251178d014e62fbc3f20c26dd0e78401cc6691a848facd3ff2c7418ed7a43f22
+AUX freebsd-sources-9.0-ipv6refcount.patch 3259 RMD160 e9f53cf11931e900ab881748f9fb617a4ecfc0f2 SHA1 5ad1a4a47099772d2655244443fd4d2dbdad06e2 SHA256 18186ef2f9fc020c0da053953b9e8c8629c2302082e0ee172dd7e84a7104bdd5
 AUX freebsd-sources-9.0-sysctluint.patch 403 RMD160 46bb18c424ea7011db86341e427fd095495c4bcc SHA1 9d3c1606c886d96a88c89283bc18a2717c87fc76 SHA256 884fbc5d6d3766ea3d4609946f56072f36f95368dc13ee316c330a46d42f0c9e
+AUX freebsd-sources-cve-2012-0217.patch 856 RMD160 38cd459f900671f0f39df40353da6a0a1894b4b8 SHA1 3f96d861602f6b0442b2a412cd6b18437a3cfa55 SHA256 9b752e65a29b2b9a4a1412765d69d00310c05508af1cfa6d8d3c16d545bb3ffe
 DIST freebsd-sys-7.2.tar.bz2 23005928 RMD160 0ecdff9fbefe9e16325e09a76310ca2b4a7751b8 SHA1 1c2d6894371a8650288ebf1a4831a4b08c2e4f09 SHA256 38e1fc670b8438be42947b1512ca7d10b0f8c62c58d3234afd8ce2e55b6cae11
 DIST freebsd-sys-8.0.tar.bz2 22552771 RMD160 08f5b09dc0b4353658a309e9e1198dbab1f5ab83 SHA1 9c5e4bdc7af2b9947c55751325880c27f80df225 SHA256 2d822bdeecbbea660aea06ba147a23878cbae7f0640b0b822552d6fa1836d8c9
 DIST freebsd-sys-8.2.tar.bz2 25835329 RMD160 e8fe34f792c1102fe237af7c87ba9c259cd46d22 SHA1 f2a52be8011126a3882d8df2907a22293ad1c581 SHA256 0c6c7b61aae94db2931f985d5899f3bca78fc8ffab6b598fbaa158142d676f16
 DIST freebsd-sys-9.0.tar.bz2 30369960 RMD160 137ac728d78767eae184ac0bf00014d1bfeffc37 SHA1 cc09df384bd519ddf39254605a5ad80f702f3d68 SHA256 1c5e2181db9e92209933b1de9488109d88f0b2f15d07ee37aa491920e1990a54
 EBUILD freebsd-sources-7.2-r3.ebuild 3943 RMD160 3ac41528e8eb22a186114f2b767b33a6f25372ba SHA1 0b0df74007a6cf813292a1a056e4433676e4d2c7 SHA256 f6b279fd482a0b156924fc23fbb7a110b156d7c61a583e25817c1afa3f48b3a8
 EBUILD freebsd-sources-8.0.ebuild 3671 RMD160 6655f21db26ee64b50ce019816667bfe18ee4017 SHA1 00c9a13a48c92554ae49adebd725fde59a3da704 SHA256 4b9c2b8f9a800697543e942138914a7784f3e111dc33db7dfe8daa31c37b3262
-EBUILD freebsd-sources-8.2-r1.ebuild 3701 RMD160 8a12d0abc7d37a19b7cc0447ff2b3bcebdb84a75 SHA1 69d144943d701f2a852324ddbbea1c0705c9fbc0 SHA256 6a5414a83ca2a406b92ba1a3f96467d311469a86c40fdfbf41a8810526e21d43
+EBUILD freebsd-sources-8.2-r2.ebuild 3801 RMD160 2cb144a019f5bbcb9e5d6763c6a1ed198ec43709 SHA1 304b416f89ef6a80c6c95436f4d66a2d9308a70f SHA256 1766a68e4f3191690a805d89280250a549fdbe0ef08ca9962c0aa46256ff0762
 EBUILD freebsd-sources-9.0-r1.ebuild 3356 RMD160 8735dd8b8efbc9e2b251c533cf310c88589e95cc SHA1 d5df1dbd0064fe42c02dc96e0578b7b1f76cf222 SHA256 1b00c7c08286f1122eed01d211bf93e86ab63ff20475f35d030df23d806eb155
-EBUILD freebsd-sources-9.0-r3.ebuild 3351 RMD160 8b85b8bc8e1cdf3cac7bfab82e53403c3825d855 SHA1 7d67ae50e175216d9b6a5ae7b5ff783db1912e0c SHA256 be1591cee7248bed9725872a4b5753e9c06c6a20f7ebd21923738496875116bb
+EBUILD freebsd-sources-9.0-r4.ebuild 3452 RMD160 fe933eb819cd0548c6a2f9fa3e1d3b125c20fb5b SHA1 92fc2fd226cd4ec68d298ade4743d8ca1221eac1 SHA256 b69418e11c38e8a9e547421b570ec38c541d60d820795dd01c7a3d0e46ecc606
 EBUILD freebsd-sources-9.0.ebuild 3322 RMD160 e5efb0abd0ab553a88ef60fddfed4a31c62173c6 SHA1 9963952e4f7c28f7d3ee1256552903ccd7f2479e SHA256 5a07f9680abe4f39dee7cf3d307e6f45006da275e426cdab29997ba6659062fd
-MISC ChangeLog 19304 RMD160 a7d6a8dba36f0a6bc335ddc1516021c790c5260c SHA1 480247cd3f9373e982a3ed7412d87d6d5f491907 SHA256 937769d1c53b9e0f4814952c14f60442f6fd88e62908fb2de774af4f719f5956
+MISC ChangeLog 19716 RMD160 a188c8b29c55f93774ec9845f1efae7220c49bae SHA1 71cf9d0f7af8c8c5a2f0a9ad643452308c0078a9 SHA256 fd4f83a0c017744cac3bef63f7c2a7937fd51741223462210f15b7292f636c4e
 MISC metadata.xml 156 RMD160 60b5820a08275f307e5bd936d78f5afd1f141086 SHA1 d9d9d4f2b5afc58339ea3e562fca490156935f1f SHA256 30ab515d6ac492d3d6c36ac3c675511742c2149e56a6b3228c8d22ab8edb3ff7
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+
+iQIcBAEBCAAGBQJP6uCNAAoJEDYO1FT4VRUU6cMP/2VP43btBayinSPJ6e9HHkf4
+FkR+Fxy5k9TAvCsZDrKXAJcWfHUJuzSpf++bWrk0+7Ca7CMJMeEEuUHIYBiuicp3
+RUb9rxliuXs9GrtBDMAd4vmY4t9OZnuaxr5xQ7OZ0gvGyFhXqjhrvuX0k9sOusal
+39ozfb6CnZXkkFVs+lbziqn7xegR15AY8Dm3OZ2puMYg69SGJFtYYd6FyoCGhU8R
++HhqL6QkTBStwl24ag/WQRiPMHUG+TD3qgAnpqnYVaGn0JhtPZh3aTNWxJHxWdmY
+lzKEKS8PdyXSQoRlk+73FPnYwU6YCIUa+Z9Oe8C6XIqHwIZaHtYny9gscacsJjwu
+2IiRgL6Gj2y/3iB/8exzlmgY+nt4M8mefzjK0MyeTW5Md060S/+Ae1tDDVCxQh/s
+XHWN8dYRNZl9XF6KFsXaMKYwDuvTkUx06TLi55FpOWvYpP4Laa00O63PdxEWLtn3
+y+mpBvkgN3YKSmRODYW42e9s7FMPgN8SPc5DarLk0MBCY5nrhEZA4IXrQz3Fl8aK
+O7u5xlwPUCEU/xGs7C6uOQ8ncj0hmnR/GTGiPgp7jGniPCjjMl+m953OQ0ClHHJR
+0QXYDqEYgkI1Iv1/mhtHtq57XkHzJAWTRBbwJ0CMWwPNmTTBp+sKcNOcoQnctX37
+2QuQDoGHCRjPsdTXsmb8
+=Mliu
+-----END PGP SIGNATURE-----
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch
new file mode 100644
index 000000000000..f0984f6776c8
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch
@@ -0,0 +1,128 @@
+Index: sys/netinet6/in6.c
+===================================================================
+--- sys/netinet6/in6.c.orig
++++ sys/netinet6/in6.c
+@@ -1369,6 +1369,8 @@ in6_purgeaddr(struct ifaddr *ifa)
+ 	}
+ 
+ cleanup:
++	if (ifa0 != NULL)
++		ifa_free(ifa0);
+ 
+ 	plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
+ 	if ((ia->ia_flags & IFA_ROUTE) && plen == 128) {
+@@ -1393,8 +1395,6 @@ cleanup:
+ 			return;
+ 		ia->ia_flags &= ~IFA_ROUTE;
+ 	}
+-	if (ifa0 != NULL)
+-		ifa_free(ifa0);
+ 
+ 	in6_unlink_ifa(ia, ifp);
+ }
+@@ -1667,14 +1667,19 @@ in6_lifaddr_ioctl(struct socket *so, u_long cmd, c
+ 			hostid = IFA_IN6(ifa);
+ 
+ 			/* prefixlen must be <= 64. */
+-			if (64 < iflr->prefixlen)
++			if (64 < iflr->prefixlen) {
++				if (ifa != NULL)
++					ifa_free(ifa);
+ 				return EINVAL;
++			}
+ 			prefixlen = iflr->prefixlen;
+ 
+ 			/* hostid part must be zero. */
+ 			sin6 = (struct sockaddr_in6 *)&iflr->addr;
+ 			if (sin6->sin6_addr.s6_addr32[2] != 0 ||
+ 			    sin6->sin6_addr.s6_addr32[3] != 0) {
++				if (ifa != NULL)
++					ifa_free(ifa);
+ 				return EINVAL;
+ 			}
+ 		} else
+@@ -2265,14 +2265,20 @@ in6_ifawithifp(struct ifnet *ifp, struct in6_addr
+ 		IN6_IFADDR_RUNLOCK();
+ 		return (struct in6_ifaddr *)ifa;
+ 	}
+-	IN6_IFADDR_RUNLOCK();
+ 
+ 	/* use the last-resort values, that are, deprecated addresses */
+-	if (dep[0])
++	if (dep[0]) {
++		ifa_ref((struct ifaddr *)dep[0]);
++		IN6_IFADDR_RUNLOCK();
+ 		return dep[0];
+-	if (dep[1])
++	}
++	if (dep[1]) {
++		ifa_ref((struct ifaddr *)dep[1]);
++		IN6_IFADDR_RUNLOCK();
+ 		return dep[1];
++	}
+ 
++	IN6_IFADDR_RUNLOCK();
+ 	return NULL;
+ }
+ 
+Index: sys/netinet6/ip6_input.c
+===================================================================
+--- sys/netinet6/ip6_input.c.orig
++++ sys/netinet6/ip6_input.c
+@@ -879,19 +879,23 @@ passin:
+ 	 * as our interface address (e.g. multicast addresses, addresses
+ 	 * within FAITH prefixes and such).
+ 	 */
+-	if (deliverifp && !ip6_getdstifaddr(m)) {
++	if (deliverifp) {
+ 		struct in6_ifaddr *ia6;
+ 
+-		ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
+-		if (ia6) {
+-			if (!ip6_setdstifaddr(m, ia6)) {
+-				/*
+-				 * XXX maybe we should drop the packet here,
+-				 * as we could not provide enough information
+-				 * to the upper layers.
+-				 */
++ 		if ((ia6 = ip6_getdstifaddr(m)) != NULL) {
++			ifa_free(&ia6->ia_ifa);
++		} else {
++			ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst);
++			if (ia6) {
++				if (!ip6_setdstifaddr(m, ia6)) {
++					/*
++					 * XXX maybe we should drop the packet here,
++					 * as we could not provide enough information
++					 * to the upper layers.
++					 */
++				}
++				ifa_free(&ia6->ia_ifa);
+ 			}
+-			ifa_free(&ia6->ia_ifa);
+ 		}
+ 	}
+ 
+Index: sys/netinet/tcp_input.c
+===================================================================
+--- sys/netinet/tcp_input.c.orig
++++ sys/netinet/tcp_input.c
+@@ -512,6 +512,8 @@ tcp6_input(struct mbuf **mp, int *offp, int proto)
+ 			    (caddr_t)&ip6->ip6_dst - (caddr_t)ip6);
+ 		return IPPROTO_DONE;
+ 	}
++	if (ia6)
++		ifa_free(&ia6->ia_ifa);
+ 
+ 	tcp_input(m, *offp);
+ 	return IPPROTO_DONE;
+@@ -1240,7 +1242,8 @@ relocked:
+ 				rstreason = BANDLIM_RST_OPENPORT;
+ 				goto dropwithreset;
+ 			}
+-			ifa_free(&ia6->ia_ifa);
++			if (ia6)
++				ifa_free(&ia6->ia_ifa);
+ 		}
+ #endif /* INET6 */
+ 		/*
diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch
new file mode 100644
index 000000000000..0bf1b611a091
--- /dev/null
+++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch
@@ -0,0 +1,26 @@
+Index: sys/amd64/amd64/trap.c
+===================================================================
+--- sys/amd64/amd64/trap.c.orig
++++ sys/amd64/amd64/trap.c	(working copy)
+@@ -972,4 +972,21 @@
+ 	     syscallname(td->td_proc, sa.code)));
+ 
+ 	syscallret(td, error, &sa);
++
++	/*
++	 * If the user-supplied value of %rip is not a canonical
++	 * address, then some CPUs will trigger a ring 0 #GP during
++	 * the sysret instruction.  However, the fault handler would
++	 * execute with the user's %gs and %rsp in ring 0 which would
++	 * not be safe.  Instead, preemptively kill the thread with a
++	 * SIGBUS.
++	 */
++	if (td->td_frame->tf_rip >= VM_MAXUSER_ADDRESS) {
++		ksiginfo_init_trap(&ksi);
++		ksi.ksi_signo = SIGBUS;
++		ksi.ksi_code = BUS_OBJERR;
++		ksi.ksi_trapno = T_PROTFLT;
++		ksi.ksi_addr = (void *)td->td_frame->tf_rip;
++		trapsignal(td, &ksi);
++	}
+ }
diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r1.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r2.ebuild
index 0ffa86a25486..833d9c314240 100644
--- a/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r1.ebuild
+++ b/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r1.ebuild,v 1.1 2012/04/02 10:13:19 naota Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-8.2-r2.ebuild,v 1.1 2012/06/27 10:29:23 naota Exp $
 
 inherit bsdmk freebsd flag-o-matic
 
@@ -67,6 +67,9 @@ src_unpack() {
 	# as undefined references to ld's commandline to get them.
 	# Without this kernel modules will not load.
 	epatch "${FILESDIR}/${PN}-7.1-binutils_link.patch"
+
+	epatch "${FILESDIR}/${PN}-cve-2012-0217.patch"
+	epatch "${FILESDIR}/${PN}-9.0-ipv6refcount.patch"
 }
 
 src_compile() {
diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r3.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r4.ebuild
index 2274bfb771c5..1198b304ee30 100644
--- a/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r3.ebuild
+++ b/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r4.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r3.ebuild,v 1.1 2012/05/27 13:06:03 ryao Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-sources/freebsd-sources-9.0-r4.ebuild,v 1.1 2012/06/27 10:29:23 naota Exp $
 
 inherit bsdmk freebsd flag-o-matic
 
@@ -60,6 +60,9 @@ src_unpack() {
 	# vop_whiteout to tmpfs, so it can be used as an overlay
 	# unionfs filesystem over the cd9660 readonly filesystem.
 	epatch "${FILESDIR}/${PN}-7.0-tmpfs_whiteout_stub.patch"
+
+	epatch "${FILESDIR}/${PN}-cve-2012-0217.patch"
+	epatch "${FILESDIR}/${PN}-9.0-ipv6refcount.patch"
 }
 
 src_compile() {
author	Naohiro Aota <naota@gentoo.org>	2012-06-27 10:29:23 +0000
committer	Naohiro Aota <naota@gentoo.org>	2012-06-27 10:29:23 +0000
commit	14243eeb9a80ae3ca3f7a586ad5f672d01cab662 (patch)
tree	b5ea4b36f7eec49befc08d4915ac80afd5757001 /sys-freebsd
parent	old (diff)
download	historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.tar.gz historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.tar.bz2 historical-14243eeb9a80ae3ca3f7a586ad5f672d01cab662.zip