[Glibc-bsd-commits] r5776 - in branches/jessie/kfreebsd-10/debian: . patches

stevenc-guest at alioth.debian.org stevenc-guest at alioth.debian.org
Wed Sep 16 16:14:19 UTC 2015 

Author: stevenc-guest
Date: 2015-09-16 16:14:19 +0000 (Wed, 16 Sep 2015)
New Revision: 5776

Added:
   branches/jessie/kfreebsd-10/debian/patches/EN-15_14.ixgbe.patch
   branches/jessie/kfreebsd-10/debian/patches/SA-15_21.amd64.patch
Modified:
   branches/jessie/kfreebsd-10/debian/changelog
   branches/jessie/kfreebsd-10/debian/patches/series
Log:
Pick SVN r287146 from FreeBSD 10.1-RELEASE:
- SA-15:21: Fix local privilege escalation in IRET handler.
  (CVE-2015-5675) (Closes: #796996)
- EN-15:14: Disabled ixgbe(4) flow-director support, due to an 
  implementation bug.


Modified: branches/jessie/kfreebsd-10/debian/changelog
===================================================================
--- branches/jessie/kfreebsd-10/debian/changelog	2015-09-16 15:45:46 UTC (rev 5775)
+++ branches/jessie/kfreebsd-10/debian/changelog	2015-09-16 16:14:19 UTC (rev 5776)
@@ -1,4 +1,4 @@
-kfreebsd-10 (10.1~svn274115-4+kbsd8u1) UNRELEASED; urgency=medium
+kfreebsd-10 (10.1~svn274115-4+kbsd8u1) UNRELEASED; urgency=high
 
   * Create tarballs of upstream source, and of the kfreebsd-source
     binary-indep package, using a reproducible stable file order.
@@ -6,9 +6,14 @@
   * In the kfreebsd-source binary-indep package, clamp timestamps
     to be no later than the last debian/changelog entry.
     (Closes: #788238)
-  * Pick SVN r282873 from FreeBSD 10.1-RELEASE to fix:
+  * Pick SVN r282873 from FreeBSD 10.1-RELEASE:
     - EN-15:05: Fix deadlock on reboot with UFS tuned with SU+J.
       (Closes: #786619)
+  * Pick SVN r287146 from FreeBSD 10.1-RELEASE:
+    - SA-15:21: Fix local privilege escalation in IRET handler.
+      (CVE-2015-5675) (Closes: #796996)
+    - EN-15:14: Disabled ixgbe(4) flow-director support, due to an 
+      implementation bug.
 
  -- Steven Chamberlain <steven at pyro.eu.org>  Sat, 23 May 2015 14:57:14 +0100
 

Added: branches/jessie/kfreebsd-10/debian/patches/EN-15_14.ixgbe.patch
===================================================================
--- branches/jessie/kfreebsd-10/debian/patches/EN-15_14.ixgbe.patch	                        (rev 0)
+++ branches/jessie/kfreebsd-10/debian/patches/EN-15_14.ixgbe.patch	2015-09-16 16:14:19 UTC (rev 5776)
@@ -0,0 +1,28 @@
+Description:
+ Disabled ixgbe(4) flow-director support. [EN-15:14]
+Origin: vendor
+Bug: https://www.freebsd.org/security/advisories/FreeBSD-EN-15:14.ixgbe.asc
+Applied-Upstream: https://svnweb.freebsd.org/base?view=revision&revision=287146
+
+--- a/sys/conf/files
++++ b/sys/conf/files
+@@ -1704,7 +1704,7 @@
+ dev/ixgb/ixgb_ee.c		optional ixgb
+ dev/ixgb/ixgb_hw.c		optional ixgb
+ dev/ixgbe/ixgbe.c		optional ixgbe inet \
+-	compile-with "${NORMAL_C} -I$S/dev/ixgbe -DSMP -DIXGBE_FDIR"
++	compile-with "${NORMAL_C} -I$S/dev/ixgbe -DSMP"
+ dev/ixgbe/ixv.c			optional ixgbe inet \
+ 	compile-with "${NORMAL_C} -I$S/dev/ixgbe"
+ dev/ixgbe/ixgbe_phy.c		optional ixgbe inet \
+--- a/sys/modules/ixgbe/Makefile
++++ b/sys/modules/ixgbe/Makefile
+@@ -12,7 +12,7 @@
+ SRCS    += ixgbe_common.c ixgbe_api.c ixgbe_phy.c ixgbe_mbx.c ixgbe_vf.c
+ SRCS    += ixgbe_dcb.c ixgbe_dcb_82598.c ixgbe_dcb_82599.c
+ SRCS    += ixgbe_82599.c ixgbe_82598.c ixgbe_x540.c
+-CFLAGS+= -I${.CURDIR}/../../dev/ixgbe -DSMP -DIXGBE_FDIR
++CFLAGS+= -I${.CURDIR}/../../dev/ixgbe -DSMP
+ 
+ .if !defined(KERNBUILDDIR)
+ .if ${MK_INET_SUPPORT} != "no"

Added: branches/jessie/kfreebsd-10/debian/patches/SA-15_21.amd64.patch
===================================================================
--- branches/jessie/kfreebsd-10/debian/patches/SA-15_21.amd64.patch	                        (rev 0)
+++ branches/jessie/kfreebsd-10/debian/patches/SA-15_21.amd64.patch	2015-09-16 16:14:19 UTC (rev 5776)
@@ -0,0 +1,56 @@
+Description:
+ Fix local privilege escalation in IRET handler. [SA-15:21]
+ (CVE-2015-5675)
+Origin: vendor, https://security.FreeBSD.org/patches/SA-15:21/amd64.patch
+Bug: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:21.amd64.asc
+Bug-Debian: https://bugs.debian.org/796996
+Applied-Upstream: https://svnweb.freebsd.org/base?view=revision&revision=287146
+
+--- a/sys/amd64/amd64/exception.S
++++ b/sys/amd64/amd64/exception.S
+@@ -154,9 +154,13 @@
+ IDTVEC(tss)
+ 	TRAP_ERR(T_TSSFLT)
+ IDTVEC(missing)
+-	TRAP_ERR(T_SEGNPFLT)
++	subq	$TF_ERR,%rsp
++	movl	$T_SEGNPFLT,TF_TRAPNO(%rsp)
++	jmp	prot_addrf
+ IDTVEC(stk)
+-	TRAP_ERR(T_STKFLT)
++	subq	$TF_ERR,%rsp
++	movl	$T_STKFLT,TF_TRAPNO(%rsp)
++	jmp	prot_addrf
+ IDTVEC(align)
+ 	TRAP_ERR(T_ALIGNFLT)
+ 
+@@ -319,6 +323,7 @@
+ IDTVEC(prot)
+ 	subq	$TF_ERR,%rsp
+ 	movl	$T_PROTFLT,TF_TRAPNO(%rsp)
++prot_addrf:
+ 	movq	$0,TF_ADDR(%rsp)
+ 	movq	%rdi,TF_RDI(%rsp)	/* free up a GP register */
+ 	leaq	doreti_iret(%rip),%rdi
+--- a/sys/amd64/amd64/machdep.c
++++ b/sys/amd64/amd64/machdep.c
+@@ -433,6 +433,7 @@
+ 	regs->tf_rflags &= ~(PSL_T | PSL_D);
+ 	regs->tf_cs = _ucodesel;
+ 	regs->tf_ds = _udatasel;
++	regs->tf_ss = _udatasel;
+ 	regs->tf_es = _udatasel;
+ 	regs->tf_fs = _ufssel;
+ 	regs->tf_gs = _ugssel;
+--- a/sys/amd64/amd64/trap.c
++++ b/sys/amd64/amd64/trap.c
+@@ -457,8 +457,6 @@
+ 			goto out;
+ 
+ 		case T_STKFLT:		/* stack fault */
+-			break;
+-
+ 		case T_PROTFLT:		/* general protection fault */
+ 		case T_SEGNPFLT:	/* segment not present fault */
+ 			if (td->td_intr_nesting_level != 0)
+

Modified: branches/jessie/kfreebsd-10/debian/patches/series
===================================================================
--- branches/jessie/kfreebsd-10/debian/patches/series	2015-09-16 15:45:46 UTC (rev 5775)
+++ branches/jessie/kfreebsd-10/debian/patches/series	2015-09-16 16:14:19 UTC (rev 5776)
@@ -44,3 +44,5 @@
 EN-15_01.vt.patch
 SA-15_09.ipv6.patch
 EN-15_05.ufs.patch
+EN-15_14.ixgbe.patch
+SA-15_21.amd64.patch

More information about the Glibc-bsd-commits mailing list