diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
| commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
| tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /sys-freebsd/freebsd-sources/files | |
| download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip | |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'sys-freebsd/freebsd-sources/files')
33 files changed, 1079 insertions, 0 deletions
diff --git a/sys-freebsd/freebsd-sources/files/config-GENTOO b/sys-freebsd/freebsd-sources/files/config-GENTOO new file mode 100644 index 000000000000..7c7eb26cccc2 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/config-GENTOO @@ -0,0 +1,4 @@ +# Kernel configuration for Gentoo/FreeBSD. +include GENERIC +ident GENTOO + diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-10.0-gentoo.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.0-gentoo.patch new file mode 100644 index 000000000000..c7e12bdf8a4e --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.0-gentoo.patch @@ -0,0 +1,22 @@ +diff --git a/sys/conf/kern.mk b/sys/conf/kern.mk +index 2939a59..124ef6f 100644 +--- a/sys/conf/kern.mk ++++ b/sys/conf/kern.mk +@@ -5,7 +5,7 @@ + # + CWARNFLAGS?= -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes \ + -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual \ +- -Wundef -Wno-pointer-sign ${FORMAT_EXTENSIONS} \ ++ -Wundef -Wno-pointer-sign \ + -Wmissing-include-dirs -fdiagnostics-show-option \ + ${CWARNEXTRA} + # +@@ -61,7 +61,7 @@ FORMAT_EXTENSIONS= -fformat-extensions + # + .if ${MACHINE_CPUARCH} == "i386" + .if ${COMPILER_TYPE} != "clang" +-CFLAGS+= -mno-align-long-strings -mpreferred-stack-boundary=2 ++CFLAGS+= -mpreferred-stack-boundary=2 + .else + CFLAGS+= -mno-aes -mno-avx + .endif diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-gcc48.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-gcc48.patch new file mode 100644 index 000000000000..5cb4cf809b12 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-gcc48.patch @@ -0,0 +1,18 @@ +https://svnweb.freebsd.org/base?view=revision&revision=281606 + +diff --git a/sys/crypto/aesni/aesencdec.h b/sys/crypto/aesni/aesencdec.h +index d4ed8b3..79847ee 100644 +--- a/sys/crypto/aesni/aesencdec.h ++++ b/sys/crypto/aesni/aesencdec.h +@@ -27,6 +27,11 @@ + * + */ + ++#if defined(__GNUC__) && defined(_KERNEL) ++/* Suppress inclusion of gcc's mm_malloc.h header */ ++#define _MM_MALLOC_H_INCLUDED 1 ++#endif ++ + #include <wmmintrin.h> + + static inline void diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.0-flex-2.5.31.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.0-flex-2.5.31.patch new file mode 100644 index 000000000000..88710cf69dd8 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.0-flex-2.5.31.patch @@ -0,0 +1,22 @@ +Index: fbsd-6/sys/dev/aic7xxx/aicasm/aicasm_scan.l +=================================================================== +--- fbsd-6.orig/sys/dev/aic7xxx/aicasm/aicasm_scan.l ++++ fbsd-6/sys/dev/aic7xxx/aicasm/aicasm_scan.l +@@ -528,7 +528,7 @@ expand_macro(struct symbol *macro_symbol + + /* Put back everything up until the replacement. */ + while (body_pos > next_match) +- unput(*--body_pos); ++ yyunput(*--body_pos, body_head); + + /* Perform the replacement. */ + if (match_marg != NULL) { +@@ -537,7 +537,7 @@ expand_macro(struct symbol *macro_symbol + next_match = match_marg->replacement_text; + strp = next_match + strlen(next_match); + while (strp > next_match) +- unput(*--strp); ++ yyunput(*--strp, next_match); + + /* Skip past the unexpanded macro arg. */ + body_pos -= match.rm_eo - match.rm_so; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-6.1-ntfs.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.1-ntfs.patch new file mode 100644 index 000000000000..e74fcd3f9b88 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-6.1-ntfs.patch @@ -0,0 +1,32 @@ +--- sys/fs/ntfs/ntfs_vnops.c.orig 2006-10-17 17:31:36 -0300 ++++ sys/fs/ntfs/ntfs_vnops.c 2006-10-17 17:30:24 -0300 +@@ -507,8 +507,12 @@ + + /* Simulate . in every dir except ROOT */ + if( ip->i_number != NTFS_ROOTINO ) { +- struct dirent dot = { NTFS_ROOTINO, +- sizeof(struct dirent), DT_DIR, 1, "." }; ++ struct dirent dot; ++ dot.d_fileno = NTFS_ROOTINO; ++ dot.d_reclen = sizeof(struct dirent); ++ dot.d_type = DT_DIR; ++ dot.d_namlen = 1; ++ bcopy(".", dot.d_name, 1); + + if( uio->uio_offset < sizeof(struct dirent) ) { + dot.d_fileno = ip->i_number; +@@ -522,8 +526,12 @@ + + /* Simulate .. in every dir including ROOT */ + if( uio->uio_offset < 2 * sizeof(struct dirent) ) { +- struct dirent dotdot = { NTFS_ROOTINO, +- sizeof(struct dirent), DT_DIR, 2, ".." }; ++ struct dirent dotdot; ++ dotdot.d_fileno = NTFS_ROOTINO; ++ dotdot.d_reclen = sizeof(struct dirent); ++ dotdot.d_type = DT_DIR; ++ dotdot.d_namlen = 2; ++ bcopy("..", dotdot.d_name, 2); + + error = uiomove((char *)&dotdot,sizeof(struct dirent),uio); + if(error) diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-tmpfs_whiteout_stub.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-tmpfs_whiteout_stub.patch new file mode 100644 index 000000000000..13524efa6e00 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.0-tmpfs_whiteout_stub.patch @@ -0,0 +1,44 @@ +diff -ur sys/fs/tmpfs.orig/tmpfs_vnops.c sys/fs/tmpfs/tmpfs_vnops.c +--- sys/fs/tmpfs.orig/tmpfs_vnops.c 2008-06-22 12:17:48 -0300 ++++ sys/fs/tmpfs/tmpfs_vnops.c 2008-06-28 12:05:10 -0300 +@@ -1459,6 +1459,30 @@ + return (0); + } + ++ ++/* --------------------------------------------------------------------- */ ++/* This does absolutely nothing */ ++#ifdef GENTOO_LIVECD ++static int ++tmpfs_whiteout(struct vop_whiteout_args *ap) ++{ ++ switch (ap->a_flags) { ++ case LOOKUP: ++ return (0); ++ break; ++ case CREATE: ++ return(EOPNOTSUPP); ++ break; ++ case DELETE: ++ return (0); ++ break; ++ default: ++ return(EOPNOTSUPP); ++ } ++ return(0); ++} ++#endif ++ + /* --------------------------------------------------------------------- */ + + /* +@@ -1484,6 +1508,9 @@ + .vop_mkdir = tmpfs_mkdir, + .vop_rmdir = tmpfs_rmdir, + .vop_symlink = tmpfs_symlink, ++#ifdef GENTOO_LIVECD ++ .vop_whiteout = tmpfs_whiteout, ++#endif + .vop_readdir = tmpfs_readdir, + .vop_readlink = tmpfs_readlink, + .vop_inactive = tmpfs_inactive, diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-binutils_link.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-binutils_link.patch new file mode 100644 index 000000000000..43d01baef347 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-binutils_link.patch @@ -0,0 +1,37 @@ +diff -ruN sys.orig/conf/kern.post.mk sys/conf/kern.post.mk +--- sys.orig/conf/kern.post.mk 2007-03-23 18:55:59 -0300 ++++ sys/conf/kern.post.mk 2008-06-18 19:51:13 -0300 +@@ -85,7 +85,9 @@ + ${FULLKERNEL}: ${SYSTEM_DEP} vers.o + @rm -f ${.TARGET} + @echo linking ${.TARGET} +- ${SYSTEM_LD} ++ ${SYSTEM_LD} -o ${.TARGET}.tmp ++ @sh $S/tools/gen-ld-u-options ${.TARGET}.tmp > ${.TARGET}.lopt ++ ${SYSTEM_LD} "@${.TARGET}.lopt" + .if defined(CTFMERGE) + ${SYSTEM_CTFMERGE} + .endif +diff -ruN sys.orig/conf/kmod.mk sys/conf/kmod.mk +--- sys.orig/conf/kmod.mk 2008-06-18 09:11:53 -0300 ++++ sys/conf/kmod.mk 2008-06-18 19:50:01 -0300 +@@ -176,7 +176,8 @@ + + .if ${MACHINE_ARCH} != amd64 + ${FULLPROG}: ${KMOD}.kld +- ${LD} -Bshareable ${LDFLAGS} -o ${.TARGET} ${KMOD}.kld ++ sh ./@/tools/gen-ld-u-options ${KMOD}.kld > ${KMOD}.lopt ++ ${LD} -Bshareable ${LDFLAGS} -o ${.TARGET} ${KMOD}.kld "@${KMOD}.lopt" + .if !defined(DEBUG_FLAGS) + ${OBJCOPY} --strip-debug ${.TARGET} + .endif +diff -ruN sys.orig/tools/gen-ld-u-options sys/tools/gen-ld-u-options +--- sys.orig/tools/gen-ld-u-options 1969-12-31 21:00:00 -0300 ++++ sys/tools/gen-ld-u-options 2008-06-18 19:47:56 -0300 +@@ -0,0 +1,6 @@ ++#!/bin/sh ++ ++for i in `objdump -h -w $1 | grep set_ | cut -c5- | cut -f1 -d " "` ++do ++ echo -n " -u __start_$i -u __stop_$i " ++done diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-includes.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-includes.patch new file mode 100644 index 000000000000..3db46fa1d7e3 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-includes.patch @@ -0,0 +1,13 @@ +Make headers usable alone, include the headers they need. +There are probably much more missing. + +--- sys/net/if.h.old 2009-05-15 10:51:50 +0000 ++++ sys/net/if.h 2009-05-15 10:52:05 +0000 +@@ -34,6 +34,7 @@ + #define _NET_IF_H_ + + #include <sys/cdefs.h> ++#include <sys/socket.h> + + #ifdef _KERNEL + #include <sys/queue.h> diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-types.h-fix.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-types.h-fix.patch new file mode 100644 index 000000000000..8de5df2d16a6 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.1-types.h-fix.patch @@ -0,0 +1,15 @@ +Fixes a compile error if XOPEN_SOURCE 600 is defined. + +See: http://www.mailinglistarchive.com/freebsd-current@freebsd.org/msg15011.html + +--- sys/sys/types.h.orig ++++ sys/sys/types.h +@@ -46,7 +46,7 @@ + + #include <sys/_pthreadtypes.h> + +-#if __BSD_VISIBLE ++#ifndef _POSIX_SOURCE + typedef unsigned char u_char; + typedef unsigned short u_short; + typedef unsigned int u_int; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-debug-O2.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-debug-O2.patch new file mode 100644 index 000000000000..4fa3565207ec --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-7.2-debug-O2.patch @@ -0,0 +1,27 @@ +My UltraSPARC U5 panics on boot about a memory alignment error when compiled +with gcc4 and -O. Compiling with -O2 fixes this, and it should not adversly +affect debugging. + +NOTE: This does not fix the memory alignment panic when loading kernel modules. + +Roy Marples (uberlord@gentoo.org) + +--- sys/conf/kern.pre.mk.old 2009-05-22 10:09:46 +0000 ++++ sys/conf/kern.pre.mk 2009-05-22 10:10:27 +0000 +@@ -22,15 +22,13 @@ + COPTFLAGS?= -O + .else + . if defined(DEBUG) +-_MINUS_O= -O + CTFFLAGS+= -g + . else +-_MINUS_O= -O2 + . endif + . if ${MACHINE_ARCH} == "amd64" + COPTFLAGS?=-O2 -frename-registers -pipe + . else +-COPTFLAGS?=${_MINUS_O} -pipe ++COPTFLAGS?=-O2 -pipe + . endif + . if !empty(COPTFLAGS:M-O[23s]) && empty(COPTFLAGS:M-fno-strict-aliasing) + COPTFLAGS+= -fno-strict-aliasing diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-gentoo.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-gentoo.patch new file mode 100644 index 000000000000..0f8d070e9a31 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-gentoo.patch @@ -0,0 +1,33 @@ +--- sys/conf/kern.mk.old 2007-05-24 23:53:42.000000000 +0200 ++++ sys/conf/kern.mk 2008-03-14 14:37:47.216420518 +0100 +@@ -12,7 +12,7 @@ + .else + CWARNFLAGS?= -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes \ + -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual \ +- ${_wundef} ${_Wno_pointer_sign} -fformat-extensions ++ ${_wundef} ${_Wno_pointer_sign} + .if !defined(WITH_GCC3) + _Wno_pointer_sign=-Wno-pointer-sign + .endif +@@ -36,7 +36,7 @@ + # reserved for user applications. + # + .if ${MACHINE_ARCH} == "i386" && ${CC} != "icc" +-CFLAGS+= -mno-align-long-strings -mpreferred-stack-boundary=2 \ ++CFLAGS+= -mpreferred-stack-boundary=2 \ + -mno-mmx -mno-3dnow -mno-sse -mno-sse2 -mno-sse3 + INLINE_LIMIT?= 8000 + .endif +Only in ./sys/conf: kern.mk.rej +Only in ./sys/conf: kern.mk~ +--- sys/dev/aic7xxx/aicasm/Makefile.old 2010-03-10 14:01:50 +0100 ++++ sys/dev/aic7xxx/aicasm/Makefile 2010-03-10 14:01:56 +0100 +@@ -14,7 +14,7 @@ + SRCS= ${GENHDRS} ${CSRCS} ${YSRCS} ${LSRCS} + CLEANFILES+= ${GENHDRS} ${YSRCS:R:C/(.*)/\1.output/g} + DPADD= ${LIBL} +-LDADD= -ll ++LDADD= -lfl + WARNS?= 6 + + # Correct path for kernel builds diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-subnet-route-pr40133.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-subnet-route-pr40133.patch new file mode 100644 index 000000000000..a7335f6d427f --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.0-subnet-route-pr40133.patch @@ -0,0 +1,21 @@ +Fixes changing the default subnet route after removing an ip address. + +See: http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=40133 +and http://mail-index.netbsd.org/tech-net/2008/12/03/msg000896.html + +Thanks to Roy Marples. +--- sys/netinet/in.c.orig ++++ sys/netinet/in.c +@@ -858,6 +858,12 @@ + error = rtinit(&target->ia_ifa, (int)RTM_ADD, flags); + if (!error) + target->ia_flags |= IFA_ROUTE; ++ else if (error == EEXIST) { ++ /* ++ * the fact that the route already exists is not an error. ++ */ ++ error = 0; ++ } + return (error); + } + diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-8.2-unix2.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.2-unix2.patch new file mode 100644 index 000000000000..50dacd0e5a49 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-8.2-unix2.patch @@ -0,0 +1,55 @@ +Index: sys/kern/uipc_usrreq.c +=================================================================== +--- sys/kern/uipc_usrreq.c (revision 225745) ++++ sys/kern/uipc_usrreq.c (working copy) +@@ -462,6 +462,8 @@ + unp = sotounpcb(so); + KASSERT(unp != NULL, ("uipc_bind: unp == NULL")); + ++ if (soun->sun_len > sizeof(struct sockaddr_un)) ++ return (EINVAL); + namelen = soun->sun_len - offsetof(struct sockaddr_un, sun_path); + if (namelen <= 0) + return (EINVAL); +@@ -1252,6 +1254,8 @@ + unp = sotounpcb(so); + KASSERT(unp != NULL, ("unp_connect: unp == NULL")); + ++ if (nam->sa_len > sizeof(struct sockaddr_un)) ++ return (EINVAL); + len = nam->sa_len - offsetof(struct sockaddr_un, sun_path); + if (len <= 0) + return (EINVAL); +Index: sys/compat/linux/linux_socket.c +=================================================================== +--- sys/compat/linux/linux_socket.c (revision 225919) ++++ sys/compat/linux/linux_socket.c (working copy) +@@ -104,6 +104,7 @@ + int oldv6size; + struct sockaddr_in6 *sin6; + #endif ++ int namelen; + + if (*osalen < 2 || *osalen > UCHAR_MAX || !osa) + return (EINVAL); +@@ -166,6 +167,20 @@ + } + } + ++ if ((bdom == AF_LOCAL) && (*osalen > sizeof(struct sockaddr_un))) { ++ for (namelen = 0; ++ namelen < *osalen - offsetof(struct sockaddr_un, sun_path); ++ namelen++) ++ if (!((struct sockaddr_un *)kosa)->sun_path[namelen]) ++ break; ++ if (namelen + offsetof(struct sockaddr_un, sun_path) > ++ sizeof(struct sockaddr_un)) { ++ error = EINVAL; ++ goto out; ++ } ++ alloclen = sizeof(struct sockaddr_un); ++ } ++ + sa = (struct sockaddr *) kosa; + sa->sa_family = bdom; + sa->sa_len = alloclen; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-disable-optimization.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-disable-optimization.patch new file mode 100644 index 000000000000..4824ff6e1a09 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-disable-optimization.patch @@ -0,0 +1,32 @@ +Taken from debian GNU/kFreeBSD. + +Regretably, with GCC 4.4 or later this is the only flag combination +I could find that doesn't cause kernel panics CPU triple-faults or +other kind of severe breakage. This is Gentoo Bug #410945. + +Clang can use -O2, so we do not force -O1 on it + +--- a/sys/conf/kern.pre.mk ++++ b/sys/conf/kern.pre.mk +@@ -41,6 +41,9 @@ + .if !empty(COPTFLAGS:M-O[23s]) && empty(COPTFLAGS:M-fno-strict-aliasing) + COPTFLAGS+= -fno-strict-aliasing + .endif ++.if ${CC:T:Mclang} != "clang" && !empty(COPTFLAGS:M-O[23s]) ++COPTFLAGS+= -O1 ++.endif + .if !defined(NO_CPU_COPTFLAGS) + COPTFLAGS+= ${_CPUCFLAGS} + .endif +--- a/sys/conf/kmod.mk ++++ b/sys/conf/kmod.mk +@@ -91,6 +91,9 @@ + .if !empty(CFLAGS:M-O[23s]) && empty(CFLAGS:M-fno-strict-aliasing) + CFLAGS+= -fno-strict-aliasing + .endif ++.if ${CC:T:Mclang} != "clang" && !empty(CFLAGS:M-O[23s]) ++CFLAGS+= -O1 ++.endif + WERROR?= -Werror + CFLAGS+= ${WERROR} + CFLAGS+= -D_KERNEL diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch new file mode 100644 index 000000000000..f0984f6776c8 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-ipv6refcount.patch @@ -0,0 +1,128 @@ +Index: sys/netinet6/in6.c +=================================================================== +--- sys/netinet6/in6.c.orig ++++ sys/netinet6/in6.c +@@ -1369,6 +1369,8 @@ in6_purgeaddr(struct ifaddr *ifa) + } + + cleanup: ++ if (ifa0 != NULL) ++ ifa_free(ifa0); + + plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ + if ((ia->ia_flags & IFA_ROUTE) && plen == 128) { +@@ -1393,8 +1395,6 @@ cleanup: + return; + ia->ia_flags &= ~IFA_ROUTE; + } +- if (ifa0 != NULL) +- ifa_free(ifa0); + + in6_unlink_ifa(ia, ifp); + } +@@ -1667,14 +1667,19 @@ in6_lifaddr_ioctl(struct socket *so, u_long cmd, c + hostid = IFA_IN6(ifa); + + /* prefixlen must be <= 64. */ +- if (64 < iflr->prefixlen) ++ if (64 < iflr->prefixlen) { ++ if (ifa != NULL) ++ ifa_free(ifa); + return EINVAL; ++ } + prefixlen = iflr->prefixlen; + + /* hostid part must be zero. */ + sin6 = (struct sockaddr_in6 *)&iflr->addr; + if (sin6->sin6_addr.s6_addr32[2] != 0 || + sin6->sin6_addr.s6_addr32[3] != 0) { ++ if (ifa != NULL) ++ ifa_free(ifa); + return EINVAL; + } + } else +@@ -2265,14 +2265,20 @@ in6_ifawithifp(struct ifnet *ifp, struct in6_addr + IN6_IFADDR_RUNLOCK(); + return (struct in6_ifaddr *)ifa; + } +- IN6_IFADDR_RUNLOCK(); + + /* use the last-resort values, that are, deprecated addresses */ +- if (dep[0]) ++ if (dep[0]) { ++ ifa_ref((struct ifaddr *)dep[0]); ++ IN6_IFADDR_RUNLOCK(); + return dep[0]; +- if (dep[1]) ++ } ++ if (dep[1]) { ++ ifa_ref((struct ifaddr *)dep[1]); ++ IN6_IFADDR_RUNLOCK(); + return dep[1]; ++ } + ++ IN6_IFADDR_RUNLOCK(); + return NULL; + } + +Index: sys/netinet6/ip6_input.c +=================================================================== +--- sys/netinet6/ip6_input.c.orig ++++ sys/netinet6/ip6_input.c +@@ -879,19 +879,23 @@ passin: + * as our interface address (e.g. multicast addresses, addresses + * within FAITH prefixes and such). + */ +- if (deliverifp && !ip6_getdstifaddr(m)) { ++ if (deliverifp) { + struct in6_ifaddr *ia6; + +- ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); +- if (ia6) { +- if (!ip6_setdstifaddr(m, ia6)) { +- /* +- * XXX maybe we should drop the packet here, +- * as we could not provide enough information +- * to the upper layers. +- */ ++ if ((ia6 = ip6_getdstifaddr(m)) != NULL) { ++ ifa_free(&ia6->ia_ifa); ++ } else { ++ ia6 = in6_ifawithifp(deliverifp, &ip6->ip6_dst); ++ if (ia6) { ++ if (!ip6_setdstifaddr(m, ia6)) { ++ /* ++ * XXX maybe we should drop the packet here, ++ * as we could not provide enough information ++ * to the upper layers. ++ */ ++ } ++ ifa_free(&ia6->ia_ifa); + } +- ifa_free(&ia6->ia_ifa); + } + } + +Index: sys/netinet/tcp_input.c +=================================================================== +--- sys/netinet/tcp_input.c.orig ++++ sys/netinet/tcp_input.c +@@ -512,6 +512,8 @@ tcp6_input(struct mbuf **mp, int *offp, int proto) + (caddr_t)&ip6->ip6_dst - (caddr_t)ip6); + return IPPROTO_DONE; + } ++ if (ia6) ++ ifa_free(&ia6->ia_ifa); + + tcp_input(m, *offp); + return IPPROTO_DONE; +@@ -1240,7 +1242,8 @@ relocked: + rstreason = BANDLIM_RST_OPENPORT; + goto dropwithreset; + } +- ifa_free(&ia6->ia_ifa); ++ if (ia6) ++ ifa_free(&ia6->ia_ifa); + } + #endif /* INET6 */ + /* diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-sysctluint.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-sysctluint.patch new file mode 100644 index 000000000000..751a77c843bb --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.0-sysctluint.patch @@ -0,0 +1,13 @@ +u_int is defined in sys/types.h +makes header usable alone. + +--- sys/sys/sysctl.h.old 2012-05-25 11:08:53.000000000 -0400 ++++ sys/sys/sysctl.h 2012-05-25 11:09:16.000000000 -0400 +@@ -788,6 +788,7 @@ + struct sysctl_req *); + #else /* !_KERNEL */ + #include <sys/cdefs.h> ++#include <sys/types.h> /* for u_int */ + + __BEGIN_DECLS + int sysctl(const int *, u_int, void *, size_t *, const void *, size_t); diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ciss.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ciss.patch new file mode 100644 index 000000000000..697984b92e74 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ciss.patch @@ -0,0 +1,65 @@ +Index: sys/dev/ciss/ciss.c +=================================================================== +--- sys/dev/ciss/ciss.c (revision 264510) ++++ sys/dev/ciss/ciss.c (revision 264511) +@@ -180,8 +180,6 @@ + static void ciss_cam_poll(struct cam_sim *sim); + static void ciss_cam_complete(struct ciss_request *cr); + static void ciss_cam_complete_fixup(struct ciss_softc *sc, struct ccb_scsiio *csio); +-static struct cam_periph *ciss_find_periph(struct ciss_softc *sc, +- int bus, int target); + static int ciss_name_device(struct ciss_softc *sc, int bus, int target); + + /* periodic status monitoring */ +@@ -3398,27 +3396,6 @@ + + + /******************************************************************************** +- * Find a peripheral attached at (target) +- */ +-static struct cam_periph * +-ciss_find_periph(struct ciss_softc *sc, int bus, int target) +-{ +- struct cam_periph *periph; +- struct cam_path *path; +- int status; +- +- status = xpt_create_path(&path, NULL, cam_sim_path(sc->ciss_cam_sim[bus]), +- target, 0); +- if (status == CAM_REQ_CMP) { +- periph = cam_periph_find(path, NULL); +- xpt_free_path(path); +- } else { +- periph = NULL; +- } +- return(periph); +-} +- +-/******************************************************************************** + * Name the device at (target) + * + * XXX is this strictly correct? +@@ -3427,12 +3404,22 @@ + ciss_name_device(struct ciss_softc *sc, int bus, int target) + { + struct cam_periph *periph; ++ struct cam_path *path; ++ int status; + + if (CISS_IS_PHYSICAL(bus)) + return (0); +- if ((periph = ciss_find_periph(sc, bus, target)) != NULL) { ++ ++ status = xpt_create_path(&path, NULL, cam_sim_path(sc->ciss_cam_sim[bus]), ++ target, 0); ++ ++ if (status == CAM_REQ_CMP) { ++ mtx_lock(&sc->ciss_mtx); ++ periph = cam_periph_find(path, NULL); + sprintf(sc->ciss_logical[bus][target].cl_name, "%s%d", + periph->periph_name, periph->unit_number); ++ mtx_unlock(&sc->ciss_mtx); ++ xpt_free_path(path); + return(0); + } + sc->ciss_logical[bus][target].cl_name[0] = 0; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3077.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3077.patch new file mode 100644 index 000000000000..23f68ed9c3db --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3077.patch @@ -0,0 +1,26 @@ +Index: sys/netinet/in_mcast.c +=================================================================== +--- sys/netinet/in_mcast.c (revision 254252) ++++ sys/netinet/in_mcast.c (working copy) +@@ -1648,6 +1648,8 @@ + * has asked for, but we always tell userland how big the + * buffer really needs to be. + */ ++ if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) ++ msfr.msfr_nsrcs = in_mcast_maxsocksrc; + tss = NULL; + if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) { + tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, +Index: sys/netinet6/in6_mcast.c +=================================================================== +--- sys/netinet6/in6_mcast.c (revision 254252) ++++ sys/netinet6/in6_mcast.c (working copy) +@@ -1625,6 +1625,8 @@ + * has asked for, but we always tell userland how big the + * buffer really needs to be. + */ ++ if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) ++ msfr.msfr_nsrcs = in6_mcast_maxsocksrc; + tss = NULL; + if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) { + tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3266.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3266.patch new file mode 100644 index 000000000000..0d1a89419e5f --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-3266.patch @@ -0,0 +1,13 @@ +Index: sys/fs/nfsserver/nfs_nfsdport.c +=================================================================== +--- sys/fs/nfsserver/nfs_nfsdport.c (revision 249651) ++++ sys/fs/nfsserver/nfs_nfsdport.c (working copy) +@@ -1568,6 +1568,8 @@ nfsrvd_readdir(struct nfsrv_descript *nd, int isdg + nd->nd_repstat = NFSERR_BAD_COOKIE; + #endif + } ++ if (!nd->nd_repstat && vp->v_type != VDIR) ++ nd->nd_repstat = NFSERR_NOTDIR; + if (nd->nd_repstat == 0 && cnt == 0) { + if (nd->nd_flag & ND_NFSV2) + /* NFSv2 does not have NFSERR_TOOSMALL */ diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5209.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5209.patch new file mode 100644 index 000000000000..e6710e3bcb8b --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5209.patch @@ -0,0 +1,19 @@ +Index: sys/netinet/sctp_output.c +=================================================================== +--- sys/netinet/sctp_output.c (revision 254337) ++++ sys/netinet/sctp_output.c (revision 254338) +@@ -5406,6 +5406,14 @@ + } + SCTP_BUF_LEN(m) = sizeof(struct sctp_init_chunk); + ++ /* ++ * We might not overwrite the identification[] completely and on ++ * some platforms time_entered will contain some padding. Therefore ++ * zero out the cookie to avoid putting uninitialized memory on the ++ * wire. ++ */ ++ memset(&stc, 0, sizeof(struct sctp_state_cookie)); ++ + /* the time I built cookie */ + (void)SCTP_GETTIME_TIMEVAL(&stc.time_entered); + diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5691.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5691.patch new file mode 100644 index 000000000000..9aef1503f770 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5691.patch @@ -0,0 +1,89 @@ +Index: sys/net/if.c +=================================================================== +--- sys/net/if.c (revision 254941) ++++ sys/net/if.c (working copy) +@@ -2553,11 +2553,23 @@ + CURVNET_RESTORE(); + return (EOPNOTSUPP); + } ++ ++ /* ++ * Pass the request on to the socket control method, and if the ++ * latter returns EOPNOTSUPP, directly to the interface. ++ * ++ * Make an exception for the legacy SIOCSIF* requests. Drivers ++ * trust SIOCSIFADDR et al to come from an already privileged ++ * layer, and do not perform any credentials checks or input ++ * validation. ++ */ + #ifndef COMPAT_43 + error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd, + data, + ifp, td)); +- if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL) ++ if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL && ++ cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR && ++ cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK) + error = (*ifp->if_ioctl)(ifp, cmd, data); + #else + { +@@ -2601,7 +2613,9 @@ + data, + ifp, td)); + if (error == EOPNOTSUPP && ifp != NULL && +- ifp->if_ioctl != NULL) ++ ifp->if_ioctl != NULL && ++ cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR && ++ cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK) + error = (*ifp->if_ioctl)(ifp, cmd, data); + switch (ocmd) { + +Index: sys/netinet6/in6.c +=================================================================== +--- sys/netinet6/in6.c (revision 254941) ++++ sys/netinet6/in6.c (working copy) +@@ -431,6 +431,18 @@ + case SIOCGIFSTAT_ICMP6: + sa6 = &ifr->ifr_addr; + break; ++ case SIOCSIFADDR: ++ case SIOCSIFBRDADDR: ++ case SIOCSIFDSTADDR: ++ case SIOCSIFNETMASK: ++ /* ++ * Although we should pass any non-INET6 ioctl requests ++ * down to driver, we filter some legacy INET requests. ++ * Drivers trust SIOCSIFADDR et al to come from an already ++ * privileged layer, and do not perform any credentials ++ * checks or input validation. ++ */ ++ return (EINVAL); + default: + sa6 = NULL; + break; +Index: sys/netnatm/natm.c +=================================================================== +--- sys/netnatm/natm.c (revision 254941) ++++ sys/netnatm/natm.c (working copy) +@@ -339,6 +339,21 @@ + npcb = (struct natmpcb *)so->so_pcb; + KASSERT(npcb != NULL, ("natm_usr_control: npcb == NULL")); + ++ switch (cmd) { ++ case SIOCSIFADDR: ++ case SIOCSIFBRDADDR: ++ case SIOCSIFDSTADDR: ++ case SIOCSIFNETMASK: ++ /* ++ * Although we should pass any non-ATM ioctl requests ++ * down to driver, we filter some legacy INET requests. ++ * Drivers trust SIOCSIFADDR et al to come from an already ++ * privileged layer, and do not perform any credentials ++ * checks or input validation. ++ */ ++ return (EINVAL); ++ } ++ + if (ifp == NULL || ifp->if_ioctl == NULL) + return (EOPNOTSUPP); + return ((*ifp->if_ioctl)(ifp, cmd, arg)); diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5710.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5710.patch new file mode 100644 index 000000000000..83f30e84fe9e --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2013-5710.patch @@ -0,0 +1,28 @@ +Index: sys/fs/nullfs/null_vnops.c +=================================================================== +--- sys/fs/nullfs/null_vnops.c (revision 254941) ++++ sys/fs/nullfs/null_vnops.c (working copy) +@@ -858,6 +858,15 @@ + return (error); + } + ++static int ++null_link(struct vop_link_args *ap) ++{ ++ ++ if (ap->a_tdvp->v_mount != ap->a_vp->v_mount) ++ return (EXDEV); ++ return (null_bypass((struct vop_generic_args *)ap)); ++} ++ + /* + * Global vfs data structures + */ +@@ -871,6 +880,7 @@ + .vop_getwritemount = null_getwritemount, + .vop_inactive = null_inactive, + .vop_islocked = vop_stdislocked, ++ .vop_link = null_link, + .vop_lock1 = null_lock, + .vop_lookup = null_lookup, + .vop_open = null_open, diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2014-1453.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2014-1453.patch new file mode 100644 index 000000000000..fe9e97efd298 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-cve-2014-1453.patch @@ -0,0 +1,70 @@ +Index: sys/fs/nfsserver/nfs_nfsdserv.c +=================================================================== +--- sys/fs/nfsserver/nfs_nfsdserv.c (revision 264251) ++++ sys/fs/nfsserver/nfs_nfsdserv.c (working copy) +@@ -1457,10 +1457,23 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + nfsvno_relpathbuf(&fromnd); + goto out; + } ++ /* ++ * Unlock dp in this code section, so it is unlocked before ++ * tdp gets locked. This avoids a potential LOR if tdp is the ++ * parent directory of dp. ++ */ + if (nd->nd_flag & ND_NFSV4) { + tdp = todp; + tnes = *toexp; +- tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, p, 0); ++ if (dp != tdp) { ++ NFSVOPUNLOCK(dp, 0); ++ tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, ++ p, 0); /* Might lock tdp. */ ++ } else { ++ tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, ++ p, 1); ++ NFSVOPUNLOCK(dp, 0); ++ } + } else { + tfh.nfsrvfh_len = 0; + error = nfsrv_mtofh(nd, &tfh); +@@ -1481,10 +1494,12 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + tnes = *exp; + tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, nd->nd_cred, + p, 1); ++ NFSVOPUNLOCK(dp, 0); + } else { ++ NFSVOPUNLOCK(dp, 0); + nd->nd_cred->cr_uid = nd->nd_saveduid; + nfsd_fhtovp(nd, &tfh, LK_EXCLUSIVE, &tdp, &tnes, NULL, +- 0, p); ++ 0, p); /* Locks tdp. */ + if (tdp) { + tdirfor_ret = nfsvno_getattr(tdp, &tdirfor, + nd->nd_cred, p, 1); +@@ -1499,7 +1514,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + if (error) { + if (tdp) + vrele(tdp); +- vput(dp); ++ vrele(dp); + nfsvno_relpathbuf(&fromnd); + nfsvno_relpathbuf(&tond); + goto out; +@@ -1514,7 +1529,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + } + if (tdp) + vrele(tdp); +- vput(dp); ++ vrele(dp); + nfsvno_relpathbuf(&fromnd); + nfsvno_relpathbuf(&tond); + goto out; +@@ -1523,7 +1538,7 @@ nfsrvd_rename(struct nfsrv_descript *nd, int isdgr + /* + * Done parsing, now down to business. + */ +- nd->nd_repstat = nfsvno_namei(nd, &fromnd, dp, 1, exp, p, &fdirp); ++ nd->nd_repstat = nfsvno_namei(nd, &fromnd, dp, 0, exp, p, &fdirp); + if (nd->nd_repstat) { + if (nd->nd_flag & ND_NFSV3) { + nfsrv_wcc(nd, fdirfor_ret, &fdirfor, fdiraft_ret, diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch new file mode 100644 index 000000000000..c36bed59b39e --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-exec.patch @@ -0,0 +1,66 @@ +Index: sys/kern/kern_exec.c +=================================================================== +--- sys/kern/kern_exec.c (revision 266979) ++++ sys/kern/kern_exec.c (working copy) +@@ -280,6 +280,7 @@ kern_execve(td, args, mac_p) + struct mac *mac_p; + { + struct proc *p = td->td_proc; ++ struct vmspace *oldvmspace; + int error; + + AUDIT_ARG_ARGV(args->begin_argv, args->argc, +@@ -296,6 +297,8 @@ kern_execve(td, args, mac_p) + PROC_UNLOCK(p); + } + ++ KASSERT((td->td_pflags & TDP_EXECVMSPC) == 0, ("nested execve")); ++ oldvmspace = td->td_proc->p_vmspace; + error = do_execve(td, args, mac_p); + + if (p->p_flag & P_HADTHREADS) { +@@ -310,6 +313,12 @@ kern_execve(td, args, mac_p) + thread_single_end(); + PROC_UNLOCK(p); + } ++ if ((td->td_pflags & TDP_EXECVMSPC) != 0) { ++ KASSERT(td->td_proc->p_vmspace != oldvmspace, ++ ("oldvmspace still used")); ++ vmspace_free(oldvmspace); ++ td->td_pflags &= ~TDP_EXECVMSPC; ++ } + + return (error); + } +Index: sys/sys/proc.h +=================================================================== +--- sys/sys/proc.h (revision 266979) ++++ sys/sys/proc.h (working copy) +@@ -968,4 +968,5 @@ curthread_pflags_restore(int save) + + #endif /* _KERNEL */ + ++#define TDP_EXECVMSPC 0x40000000 /* Execve destroyed old vmspace */ + #endif /* !_SYS_PROC_H_ */ +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 266979) ++++ sys/vm/vm_map.c (working copy) +@@ -3631,6 +3631,8 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + struct vmspace *oldvmspace = p->p_vmspace; + struct vmspace *newvmspace; + ++ KASSERT((curthread->td_pflags & TDP_EXECVMSPC) == 0, ++ ("vmspace_exec recursed")); + newvmspace = vmspace_alloc(minuser, maxuser); + if (newvmspace == NULL) + return (ENOMEM); +@@ -3647,7 +3649,7 @@ vmspace_exec(struct proc *p, vm_offset_t minuser, + PROC_VMSPACE_UNLOCK(p); + if (p == curthread->td_proc) + pmap_activate(curthread); +- vmspace_free(oldvmspace); ++ curthread->td_pflags |= TDP_EXECVMSPC; + return (0); + } + diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-gentoo.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-gentoo.patch new file mode 100644 index 000000000000..b02d8b68870c --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-gentoo.patch @@ -0,0 +1,21 @@ +diff -Nur sys.orig/conf/kern.mk sys/conf/kern.mk +--- sys.orig/conf/kern.mk 2012-07-12 13:26:37.000000000 +0900 ++++ sys/conf/kern.mk 2012-07-16 02:32:19.000000000 +0900 +@@ -5,7 +5,7 @@ + # + CWARNFLAGS?= -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes \ + -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual \ +- -Wundef -Wno-pointer-sign -fformat-extensions \ ++ -Wundef -Wno-pointer-sign \ + -Wmissing-include-dirs -fdiagnostics-show-option \ + ${CWARNEXTRA} + # +@@ -52,7 +52,7 @@ + # + .if ${MACHINE_CPUARCH} == "i386" + .if ${MK_CLANG_IS_CC} == "no" && ${CC:T:Mclang} != "clang" +-CFLAGS+= -mno-align-long-strings -mpreferred-stack-boundary=2 ++CFLAGS+= -mpreferred-stack-boundary=2 + .else + CFLAGS+= -mno-aes -mno-avx + .endif diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch new file mode 100644 index 000000000000..0fb6df7600ef --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-ktrace.patch @@ -0,0 +1,12 @@ +Index: sys/kern/kern_ktrace.c +=================================================================== +--- sys/kern/kern_ktrace.c (revision 266771) ++++ sys/kern/kern_ktrace.c (working copy) +@@ -119,6 +119,7 @@ static int data_lengths[] = { + 0, /* KTR_SYSCTL */ + sizeof(struct ktr_proc_ctor), /* KTR_PROCCTOR */ + 0, /* KTR_PROCDTOR */ ++ 0, /* unused */ + sizeof(struct ktr_fault), /* KTR_FAULT */ + sizeof(struct ktr_faultend), /* KTR_FAULTEND */ + }; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap-2014.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap-2014.patch new file mode 100644 index 000000000000..fd4040a88166 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap-2014.patch @@ -0,0 +1,20 @@ +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 259950) ++++ sys/vm/vm_map.c (revision 259951) +@@ -1207,6 +1207,7 @@ charged: + } + else if ((prev_entry != &map->header) && + (prev_entry->eflags == protoeflags) && ++ (cow & (MAP_ENTRY_GROWS_DOWN | MAP_ENTRY_GROWS_UP)) == 0 && + (prev_entry->end == start) && + (prev_entry->wired_count == 0) && + (prev_entry->cred == cred || +@@ -3339,7 +3340,6 @@ vm_map_stack(vm_map_t map, vm_offset_t addrbos, vm + * NOTE: We explicitly allow bi-directional stacks. + */ + orient = cow & (MAP_STACK_GROWS_DOWN|MAP_STACK_GROWS_UP); +- cow &= ~orient; + KASSERT(orient != 0, ("No stack grow direction")); + + if (addrbos < vm_map_min(map) || diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch new file mode 100644 index 000000000000..ef2d0a78206b --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-mmap.patch @@ -0,0 +1,20 @@ +http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc +https://bugs.gentoo.org/show_bug.cgi?id=473688 + +Index: sys/vm/vm_map.c +=================================================================== +--- sys/vm/vm_map.c (revision 251636) ++++ sys/vm/vm_map.c (working copy) +@@ -3761,6 +3761,12 @@ RetryLookup:; + vm_map_unlock_read(map); + return (KERN_PROTECTION_FAILURE); + } ++ if ((fault_typea & VM_PROT_COPY) != 0 && ++ (entry->max_protection & VM_PROT_WRITE) == 0 && ++ (entry->eflags & MAP_ENTRY_COW) == 0) { ++ vm_map_unlock_read(map); ++ return (KERN_PROTECTION_FAILURE); ++ } + + /* + * If this page is not pageable, we have to get it for all possible diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-nfsserver.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-nfsserver.patch new file mode 100644 index 000000000000..767588fc86f6 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-nfsserver.patch @@ -0,0 +1,16 @@ +http://www.freebsd.org/security/advisories/FreeBSD-SA-13:08.nfsserver.asc +https://bugs.gentoo.org/show_bug.cgi?id=478314 + +Index: sys/kern/vfs_export.c +=================================================================== +--- sys/kern/vfs_export.c (revision 253367) ++++ sys/kern/vfs_export.c (working copy) +@@ -208,7 +208,7 @@ + np->netc_anon = crget(); + np->netc_anon->cr_uid = argp->ex_anon.cr_uid; + crsetgroups(np->netc_anon, argp->ex_anon.cr_ngroups, +- np->netc_anon->cr_groups); ++ argp->ex_anon.cr_groups); + np->netc_anon->cr_prison = &prison0; + prison_hold(np->netc_anon->cr_prison); + np->netc_numsecflavors = argp->ex_numsecflavors; diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-random.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-random.patch new file mode 100644 index 000000000000..bb3caba00137 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-random.patch @@ -0,0 +1,27 @@ +Index: sys/dev/random/probe.c +=================================================================== +--- sys/dev/random/probe.c (revision 260523) ++++ sys/dev/random/probe.c (working copy) +@@ -30,6 +30,8 @@ __FBSDID("$FreeBSD$"); + + #include <sys/types.h> + #include <sys/param.h> ++#include <sys/systm.h> ++#include <sys/kernel.h> + #include <sys/malloc.h> + #include <sys/random.h> + #include <sys/selinfo.h> +@@ -57,7 +59,12 @@ random_ident_hardware(struct random_systat *systat + /* Then go looking for hardware */ + #if defined(__amd64__) || (defined(__i386__) && !defined(PC98)) + if (via_feature_rng & VIA_HAS_RNG) { +- *systat = random_nehemiah; ++ int enable; ++ ++ enable = 0; ++ TUNABLE_INT_FETCH("hw.nehemiah_rng_enable", &enable); ++ if (enable) ++ *systat = random_nehemiah; + } + #endif + } diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-tcp.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-tcp.patch new file mode 100644 index 000000000000..2f82a5f98a58 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.1-tcp.patch @@ -0,0 +1,32 @@ +Index: sys/netinet/tcp_reass.c +=================================================================== +--- sys/netinet/tcp_reass.c (revision 264836) ++++ sys/netinet/tcp_reass.c (working copy) +@@ -211,7 +211,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + * Investigate why and re-evaluate the below limit after the behaviour + * is understood. + */ +- if (th->th_seq != tp->rcv_nxt && ++ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && + tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { + V_tcp_reass_overflows++; + TCPSTAT_INC(tcps_rcvmemdrop); +@@ -234,7 +234,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + */ + te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); + if (te == NULL) { +- if (th->th_seq != tp->rcv_nxt) { ++ if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { + TCPSTAT_INC(tcps_rcvmemdrop); + m_freem(m); + *tlenp = 0; +@@ -282,7 +282,8 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int + TCPSTAT_INC(tcps_rcvduppack); + TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); + m_freem(m); +- uma_zfree(V_tcp_reass_zone, te); ++ if (te != &tqs) ++ uma_zfree(V_tcp_reass_zone, te); + tp->t_segqlen--; + /* + * Try to present any queued data diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-9.2-gentoo-gcc.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.2-gentoo-gcc.patch new file mode 100644 index 000000000000..9076fd2b595d --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-9.2-gentoo-gcc.patch @@ -0,0 +1,13 @@ +diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh +index e504f75..7aa63df 100644 +--- a/sys/conf/newvers.sh ++++ b/sys/conf/newvers.sh +@@ -86,7 +86,7 @@ fi + touch version + v=`cat version` u=${USER:-root} d=`pwd` h=${HOSTNAME:-`hostname`} t=`date` + i=`${MAKE:-make} -V KERN_IDENT` +-compiler_v=$($(${MAKE:-make} -V CC) -v 2>&1 | grep 'version') ++compiler_v=$($(${MAKE:-make} -V CC) -v 2>&1 | grep 'version' | tail -n 1) + + for dir in /bin /usr/bin /usr/local/bin; do + if [ -x "${dir}/svnversion" ] ; then diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch new file mode 100644 index 000000000000..0bf1b611a091 --- /dev/null +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-cve-2012-0217.patch @@ -0,0 +1,26 @@ +Index: sys/amd64/amd64/trap.c +=================================================================== +--- sys/amd64/amd64/trap.c.orig ++++ sys/amd64/amd64/trap.c (working copy) +@@ -972,4 +972,21 @@ + syscallname(td->td_proc, sa.code))); + + syscallret(td, error, &sa); ++ ++ /* ++ * If the user-supplied value of %rip is not a canonical ++ * address, then some CPUs will trigger a ring 0 #GP during ++ * the sysret instruction. However, the fault handler would ++ * execute with the user's %gs and %rsp in ring 0 which would ++ * not be safe. Instead, preemptively kill the thread with a ++ * SIGBUS. ++ */ ++ if (td->td_frame->tf_rip >= VM_MAXUSER_ADDRESS) { ++ ksiginfo_init_trap(&ksi); ++ ksi.ksi_signo = SIGBUS; ++ ksi.ksi_code = BUS_OBJERR; ++ ksi.ksi_trapno = T_PROTFLT; ++ ksi.ksi_addr = (void *)td->td_frame->tf_rip; ++ trapsignal(td, &ksi); ++ } + } |