From owner-svn-doc-head@FreeBSD.ORG Wed May 13 23:07:22 2015 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBA89CBE; Wed, 13 May 2015 23:07:22 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B80BF1395; Wed, 13 May 2015 23:07:22 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t4DN7MYY074266; Wed, 13 May 2015 23:07:22 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t4DN7KnY074244; Wed, 13 May 2015 23:07:20 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201505132307.t4DN7KnY074244@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Wed, 13 May 2015 23:07:20 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r46693 - in head/share: security/advisories security/patches/EN-15:04 security/patches/EN-15:05 xml X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 May 2015 23:07:22 -0000 Author: delphij Date: Wed May 13 23:07:20 2015 New Revision: 46693 URL: https://svnweb.freebsd.org/changeset/doc/46693 Log: Add two recent errata notices. Added: head/share/security/advisories/FreeBSD-EN-15:04.freebsd-update.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-15:05.ufs.asc (contents, props changed) head/share/security/patches/EN-15:04/ head/share/security/patches/EN-15:04/freebsd-update-8.patch (contents, props changed) head/share/security/patches/EN-15:04/freebsd-update-8.patch.asc (contents, props changed) head/share/security/patches/EN-15:04/freebsd-update.patch (contents, props changed) head/share/security/patches/EN-15:04/freebsd-update.patch.asc (contents, props changed) head/share/security/patches/EN-15:05/ head/share/security/patches/EN-15:05/ufs.patch (contents, props changed) head/share/security/patches/EN-15:05/ufs.patch.asc (contents, props changed) Modified: head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-15:04.freebsd-update.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-15:04.freebsd-update.asc Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,156 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-15:04.freebsd-update Errata Notice + The FreeBSD Project + +Topic: freebsd-update(8) does not ensure the previous upgrade was + completed + +Category: core +Module: freebsd-update +Announced: 2015-05-13 +Credits: Allan Jude +Affects: All supported versions of FreeBSD. +Corrected: 2015-05-13 22:36:00 UTC (stable/10, 10.1-STABLE) + 2015-05-13 22:52:35 UTC (releng/10.1, 10.1-RELEASE-p10) + 2015-05-13 22:36:52 UTC (stable/9, 9.3-STABLE) + 2015-05-13 22:52:51 UTC (releng/9.3, 9.3-RELEASE-p14) + 2015-05-13 22:39:29 UTC (stable/8, 8.4-STABLE) + 2015-05-13 22:52:51 UTC (releng/8.4, 8.4-RELEASE-p28) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The freebsd-update(8) utility is used to apply binary patches to FreeBSD +systems installed from official release images, as an alternative to +rebuilding from source. A freebsd-update(8) build server generates the +signed update packages, consisting of an index of files and directories +with checksums before the update, a set of binary patches, and an +index of files and directories with checksums after the update. The +client downloads the indexes, verifies the signatures and checksums, +then downloads and applies the required patches. + +II. Problem Description + +Binary upgrades using the freebsd-update(8) utility consist of several +invocations of the freebsd-update(8) utility itself. Each invocation +performs a different task that depends on the previous invocation being +successfully completed. + +If an upgrade is not thoroughly completed, it is possible for the +freebsd-update(8) utility to download a subsequent patchset to a system +with an inconsistent userland and/or kernel. In the case of such an +incomplete upgrade, the freebsd-update(8) utility may incorrectly +evaluate the running userland and/or kernel, which can cause binary +patches to be incorrectly applied. In some situations, it is possible +for patches to be applied for the incorrect FreeBSD version. + +III. Impact + +If incorrect patches are applied to the system as a result of a previous +incomplete upgrade, it is possible that some system services may fail to +start after rebooting the system, such as if the service is started by an +executable that depends on a shared library that has been relocated as +part of the upgrade. + +IV. Workaround + +No workaround is available, but systems that do not use FreeBSD-provided +binary updates to upgrade are not affected. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +3) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 9.3 and 10.1] +# fetch https://security.FreeBSD.org/patches/EN-15:04/freebsd-update.patch +# fetch https://security.FreeBSD.org/patches/EN-15:04/freebsd-update.patch.asc +# gpg --verify freebsd-update.patch.asc + +[FreeBSD 8.4] +# fetch https://security.FreeBSD.org/patches/EN-15:04/freebsd-update-8.patch +# fetch https://security.FreeBSD.org/patches/EN-15:04/freebsd-update-8.patch.asc +# gpg --verify freebsd-update-8.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/8/ r282872 +releng/8.4/ r282874 +stable/9/ r282871 +releng/9.3/ r282874 +stable/10/ r282870 +releng/10.1/ r282873 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this Errata Notice is available at +https://security.FreeBSD.org/advisories/FreeBSD-EN-15:04.freebsd-update.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.2 (FreeBSD) + +iQIcBAEBCgAGBQJVU9dbAAoJEO1n7NZdz2rnCewQAM51TcFY4IZvSJbSe5RLDGRr +4KsAwkgNW45Z+iUjvg5wnnkXZYau1fadMyQilbrKLk9d0MY1dQlJ7lW0Jkk9q+Oq +JhXjanQYvIZKK9eYi0gpVVqp9sN57dpv96ZP+CDiJX9FDow7OPGKmEiJgoavahpb +kg5kOywjDEv/DkttLJgHHmEBK41Gad2Jrz16N6k7mlHFSpFmEGRefaqqPqmLdzs0 +t0liDFI+fIAYOOKgIDG8Gqe3FCqbhnAf3bmkU/gyJKf1o5vPWowo9O5CvGH+mHPl +hmQBD70d+6kkv6ZH5RxMa38Vc3FpZXmaipdObJyoIoOjBw1UqEV6OwS+810xNDCx +bwN5q8QP5l/M7SHDO1n/FyP8BVbk6TXVKJ1R+t1bsKd07synL12gVTe0VVm+w0rh ++TVdF7cFRWB1Rp3JFw7cGz47ZFv08AaZ3CzdoH9qCEKOTnJnkyW3L4hceTWjkF8H +c5gas5Wp3UZeUZ2LT+LcB89W4LSn3Xv3y7AJDsVP9MGHSkjSDGIJKfWiXl/GWHql +M/zT6WeraOZyOwNr4F9QFp1hYSxvR+Izh7C0nFefBNf8YID3/hiKYNjxkf5Dz+fN +4A+RVt3COUteAeF5ikPVUiMfJljubingmN5NvTVmKQN6nRm5Pn6rrOouJqf3W0Mh +QE8Ps/3y/Sw1e/m45snD +=IdxG +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-15:05.ufs.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-15:05.ufs.asc Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,138 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-15:05.ufs Errata Notice + The FreeBSD Project + +Topic: Deadlock on reboot with UFS tuned with SU+J + +Category: core +Module: ufs +Announced: 2015-05-13 +Credits: Konstantin Belousov +Affects: FreeBSD 10.1 +Corrected: 2015-04-10 02:23:44 UTC (stable/10, 10.1-STABLE) + 2015-05-13 22:52:35 UTC (releng/10.1, 10.1-RELEASE-p10) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The Unix File System (UFS) is one of several filesystems available on +FreeBSD. UFS supports several optimization features, such as soft updates +and journaling, both of which keep track of filesystem metadata to ensure +a consistent state in the event of a crash or power failure. + +II. Problem Description + +When the root filesystem is configured with soft updates and journaling +both enabled, which is the default for FreeBSD 10.1-RELEASE installations, +the system may deadlock after a source-based or binary upgrade when the +init(8) binary is replaced. The deadlock occurs when issuing reboot(8) +or shutdown(8), after which the system becomes unresponsive when syncing +the filesystem. + +III. Impact + +When the deadlock occurs, a hard system reset or power cycle may be +required. + +IV. Workaround + +Systems that do not have soft updates and journaling enabled on a UFS root +filesystem are unaffected. + +It is possible to work around the issue by waiting before issuing reboot(8) +or shutdown(8) after upgrading the userland. It has been observed that +deferring the reboot(8) for a period of 60 seconds to be sufficient. It is +encouraged to issue several sync(8) commands during this period, to help +ensure the filesystem writes have completed. + +Additionally, disabling soft update journaling on the root filesystem can +also work around the issue. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +2) To update your present system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +3) To update your present system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-15:05/ufs.patch +# fetch https://security.FreeBSD.org/patches/EN-15:05/ufs.patch.asc +# gpg --verify ufs.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r281350 +releng/10.1/ r282873 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this Errata Notice is available at +https://security.FreeBSD.org/advisories/FreeBSD-EN-15:05.ufs.asc + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.2 (FreeBSD) + +iQIcBAEBCgAGBQJVU9dbAAoJEO1n7NZdz2rn3JYP/2HeyHsGEAwl+1NCVLu/Eimj +wl/jK7Pl2SMWCEAkynkP8Cs5ibCbtzA4SV1RP8OPCF42yQJmk/kzR0Rmuq+LboFC +QGmus/0Q/JCXqabDEzNx7/tHibeJInveGDf4a4/rg38Q+zO7MYZFmGsWoFEC2RKn +lEWb/kh5AxMagaj5lns4WHmo0TFlyOUFaJijGxXhHu3IFZwuZB60a5cXJ8OjBulk +FO7uIcZ7OTP43y4VvvBsFV6bxeFyoMNF8tgB+dsBzatNQhl7yAxWMMEiDUNBEaqV +mfjKZxHRkB+GGjQwv2Cq4463kNQvwknN9vms536fS7HuecFMITbyD37ySR3pSRoi +KVGopfpDr0NWjn1/N7UyAsY+6CAYqpsilYvq2slBu2J/Aj6jCyDhPUTnjHKz1m91 +rdyBjkHod9XkLYqwCkJlWjIxnLxCDlv8vwUjOe2/TjCUFO6FIO6lgvCVkgekIlwG +rPxx+bqfKSarQQSL6a4MWFFYwt79c292A3nodS0sLIL4YRNwQnFvuYVB/qxIWD1x +ecKJmbL0bm3S1T/qWa89Xh55NWFKs0bxVmjQCWu84re/20+oWcaXFg8Oeqnq+xFV +ke4EzbxhoU4KWzvsFbc+U+EZhTVLVlnjbAW073Z6QyykfBs2RhudUGB51T/3XB3I +jAU8LNkMBjZhe7khLFLD +=BTx0 +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-15:04/freebsd-update-8.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-15:04/freebsd-update-8.patch Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,458 @@ +Index: usr.sbin/freebsd-update/freebsd-update.8 +=================================================================== +--- usr.sbin/freebsd-update/freebsd-update.8 (revision 282245) ++++ usr.sbin/freebsd-update/freebsd-update.8 (working copy) +@@ -25,7 +25,7 @@ + .\" + .\" $FreeBSD$ + .\" +-.Dd July 14, 2010 ++.Dd March 2, 2015 + .Dt FREEBSD-UPDATE 8 + .Os FreeBSD + .Sh NAME +@@ -36,10 +36,12 @@ + .Op Fl b Ar basedir + .Op Fl d Ar workdir + .Op Fl f Ar conffile ++.Op Fl F + .Op Fl k Ar KEY + .Op Fl r Ar newrelease + .Op Fl s Ar server + .Op Fl t Ar address ++.Op Fl -not-running-from-cron + .Cm command ... + .Sh DESCRIPTION + The +@@ -49,21 +51,21 @@ updates to the FreeBSD base system. + Note that updates are only available if they are being built for the + FreeBSD release and architecture being used; in particular, the + .Fx +-Security Team only builds updates for releases shipped in binary form ++Security Team only builds updates for releases shipped in binary form + by the + .Fx + Release Engineering Team, e.g., + .Fx +-7.3-RELEASE and ++9.3-RELEASE and + .Fx +-8.0, but not ++10.1-RELEASE, but not + .Fx +-6.3-STABLE or ++9.3-STABLE or + .Fx +-9.0-CURRENT. ++11-CURRENT. + .Sh OPTIONS + The following options are supported: +-.Bl -tag -width "-f conffile" ++.Bl -tag -width "-r newrelease" + .It Fl b Ar basedir + Operate on a system mounted at + .Ar basedir . +@@ -81,6 +83,10 @@ Read configuration options from + .Ar conffile . + (default: + .Pa /etc/freebsd-update.conf ) ++.It Fl F ++Force ++.Nm Cm fetch ++to proceed where it normally would not, such as an unfinished upgrade + .It Fl k Ar KEY + Trust an RSA key with SHA256 of + .Ar KEY . +@@ -98,13 +104,21 @@ Mail output of + command, if any, to + .Ar address . + (default: root, or as given in the configuration file.) ++.It Fl -not-running-from-cron ++Force ++.Nm Cm fetch ++to proceed when there is no controlling tty. ++This is for use by automated scripts and orchestration tools. ++Please do not run ++.Nm Cm fetch ++from crontab or similar using this flag, see: ++.Nm Cm cron + .El + .Sh COMMANDS + The + .Cm command + can be any one of the following: +-.Pp +-.Bl -tag -width "-f conffile" ++.Bl -tag -width "rollback" + .It Cm fetch + Based on the currently installed world and the configuration + options set, fetch all available binary updates. +@@ -128,6 +142,11 @@ Fetch files necessary for upgrading to a + Before using this command, make sure that you read the + announcement and release notes for the new release in + case there are any special steps needed for upgrading. ++Note that this command may require up to 500 MB of space in ++.Ar workdir ++depending on which components of the ++.Fx ++base system are installed. + .It Cm install + Install the most recently fetched updates or upgrade. + .It Cm rollback +@@ -149,7 +168,7 @@ other than 3AM, to avoid overly imposing + on the server(s) hosting the updates. + .It + In spite of its name, +-.Cm ++.Nm + IDS should not be relied upon as an "Intrusion Detection + System", since if the system has been tampered with + it cannot be trusted to operate correctly. +@@ -158,11 +177,11 @@ purposes, make sure you boot from a secu + .El + .Sh FILES + .Bl -tag -width "/etc/freebsd-update.conf" +-.It /etc/freebsd-update.conf ++.It Pa /etc/freebsd-update.conf + Default location of the + .Nm + configuration file. +-.It /var/db/freebsd-update/ ++.It Pa /var/db/freebsd-update/ + Default location where + .Nm + stores temporary files and downloaded updates. +@@ -170,4 +189,4 @@ stores temporary files and downloaded up + .Sh SEE ALSO + .Xr freebsd-update.conf 5 + .Sh AUTHORS +-.An Colin Percival Aq cperciva@FreeBSD.org ++.An Colin Percival Aq Mt cperciva@FreeBSD.org +Index: usr.sbin/freebsd-update/freebsd-update.sh +=================================================================== +--- usr.sbin/freebsd-update/freebsd-update.sh (revision 282245) ++++ usr.sbin/freebsd-update/freebsd-update.sh (working copy) +@@ -43,12 +43,15 @@ Options: + (default: /var/db/freebsd-update/) + -f conffile -- Read configuration options from conffile + (default: /etc/freebsd-update.conf) ++ -F -- Force a fetch operation to proceed + -k KEY -- Trust an RSA key with SHA256 hash of KEY + -r release -- Target for upgrade (e.g., 6.2-RELEASE) + -s server -- Server from which to fetch updates + (default: update.FreeBSD.org) + -t address -- Mail output of cron command, if any, to address + (default: root) ++ --not-running-from-cron ++ -- Run without a tty, for use by automated tools + Commands: + fetch -- Fetch updates from server + cron -- Sleep rand(3600) seconds, fetch updates, and send an +@@ -284,6 +287,9 @@ config_TargetRelease () { + else + return 1 + fi ++ if echo ${TARGETRELEASE} | grep -qE '^[0-9.]+$'; then ++ TARGETRELEASE="${TARGETRELEASE}-RELEASE" ++ fi + } + + # Define what happens to output of utilities +@@ -396,6 +402,12 @@ init_params () { + + # No commands specified yet + COMMANDS="" ++ ++ # Force fetch to proceed ++ FORCEFETCH=0 ++ ++ # Run without a TTY ++ NOTTYOK=0 + } + + # Parse the command line +@@ -408,6 +420,12 @@ parse_cmdline () { + if [ ! -z "${CONFFILE}" ]; then usage; fi + shift; CONFFILE="$1" + ;; ++ -F) ++ FORCEFETCH=1 ++ ;; ++ --not-running-from-cron) ++ NOTTYOK=1 ++ ;; + + # Configuration file equivalents + -b) +@@ -569,7 +587,7 @@ fetch_setup_verboselevel () { + # running *-p[0-9]+, strip off the last part; if the + # user is running -SECURITY, call it -RELEASE. Chdir + # into the working directory. +-fetch_check_params () { ++fetchupgrade_check_params () { + export HTTP_USER_AGENT="freebsd-update (${COMMAND}, `uname -r`)" + + _SERVERNAME_z=\ +@@ -577,6 +595,7 @@ fetch_check_params () { + _KEYPRINT_z="Key must be given via -k option or configuration file." + _KEYPRINT_bad="Invalid key fingerprint: " + _WORKDIR_bad="Directory does not exist or is not writable: " ++ _WORKDIR_bad2="Directory is not on a persistent filesystem: " + + if [ -z "${SERVERNAME}" ]; then + echo -n "`basename $0`: " +@@ -600,6 +619,13 @@ fetch_check_params () { + echo ${WORKDIR} + exit 1 + fi ++ case `df -T ${WORKDIR}` in */dev/md[0-9]* | *tmpfs*) ++ echo -n "`basename $0`: " ++ echo -n "${_WORKDIR_bad2}" ++ echo ${WORKDIR} ++ exit 1 ++ ;; ++ esac + chmod 700 ${WORKDIR} + cd ${WORKDIR} || exit 1 + +@@ -652,9 +678,29 @@ fetch_check_params () { + BDHASH=`echo ${BASEDIR} | sha256 -q` + } + ++# Perform sanity checks etc. before fetching updates. ++fetch_check_params () { ++ fetchupgrade_check_params ++ ++ if ! [ -z "${TARGETRELEASE}" ]; then ++ echo -n "`basename $0`: " ++ echo -n "-r option is meaningless with 'fetch' command. " ++ echo "(Did you mean 'upgrade' instead?)" ++ exit 1 ++ fi ++ ++ # Check that we have updates ready to install ++ if [ -f ${BDHASH}-install/kerneldone -a $FORCEFETCH -eq 0 ]; then ++ echo "You have a partially completed upgrade pending" ++ echo "Run '$0 install' first." ++ echo "Run '$0 fetch -F' to proceed anyway." ++ exit 1 ++ fi ++} ++ + # Perform sanity checks etc. before fetching upgrades. + upgrade_check_params () { +- fetch_check_params ++ fetchupgrade_check_params + + # Unless set otherwise, we're upgrading to the same kernel config. + NKERNCONF=${KERNCONF} +@@ -1185,7 +1231,7 @@ fetch_metadata_sanity () { + # Some aliases to save space later: ${P} is a character which can + # appear in a path; ${M} is the four numeric metadata fields; and + # ${H} is a sha256 hash. +- P="[-+./:=%@_[~[:alnum:]]" ++ P="[-+./:=,%@_[~[:alnum:]]" + M="[0-9]+\|[0-9]+\|[0-9]+\|[0-9]+" + H="[0-9a-f]{64}" + +@@ -1456,7 +1502,7 @@ fetch_inspect_system () { + sort -k 3,3 -t '|' > $2.tmp + rm filelist + +- # Check if an error occured during system inspection ++ # Check if an error occurred during system inspection + if [ -f .err ]; then + return 1 + fi +@@ -2240,6 +2286,19 @@ upgrade_oldall_to_oldnew () { + mv $2 $3 + } + ++# Helper for upgrade_merge: Return zero true iff the two files differ only ++# in the contents of their RCS tags. ++samef () { ++ X=`sed -E 's/\\$FreeBSD.*\\$/\$FreeBSD\$/' < $1 | ${SHA256}` ++ Y=`sed -E 's/\\$FreeBSD.*\\$/\$FreeBSD\$/' < $2 | ${SHA256}` ++ ++ if [ $X = $Y ]; then ++ return 0; ++ else ++ return 1; ++ fi ++} ++ + # From the list of "old" files in $1, merge changes in $2 with those in $3, + # and update $3 to reflect the hashes of merged files. + upgrade_merge () { +@@ -2323,6 +2382,14 @@ upgrade_merge () { + + # Ask the user to handle any files which didn't merge. + while read F; do ++ # If the installed file differs from the version in ++ # the old release only due to RCS tag expansion ++ # then just use the version in the new release. ++ if samef merge/old/${F} merge/${OLDRELNUM}/${F}; then ++ cp merge/${RELNUM}/${F} merge/new/${F} ++ continue ++ fi ++ + cat <<-EOF + + The following file could not be merged automatically: ${F} +@@ -2337,9 +2404,18 @@ manually... + # Ask the user to confirm that he likes how the result + # of merging files. + while read F; do +- # Skip files which haven't changed. +- if [ -f merge/new/${F} ] && +- cmp -s merge/old/${F} merge/new/${F}; then ++ # Skip files which haven't changed except possibly ++ # in their RCS tags. ++ if [ -f merge/old/${F} ] && [ -f merge/new/${F} ] && ++ samef merge/old/${F} merge/new/${F}; then ++ continue ++ fi ++ ++ # Skip files where the installed file differs from ++ # the old file only due to RCS tags. ++ if [ -f merge/old/${F} ] && ++ [ -f merge/${OLDRELNUM}/${F} ] && ++ samef merge/old/${F} merge/${OLDRELNUM}/${F}; then + continue + fi + +@@ -2526,6 +2602,10 @@ upgrade_run () { + # Leave a note behind to tell the "install" command that the kernel + # needs to be installed before the world. + touch ${BDHASH}-install/kernelfirst ++ ++ # Remind the user that they need to run "freebsd-update install" ++ # to install the downloaded bits, in case they didn't RTFM. ++ echo "To install the downloaded upgrades, run \"$0 install\"." + } + + # Make sure that all the file hashes mentioned in $@ have corresponding +@@ -2577,14 +2657,14 @@ backup_kernel_finddir () { + while true ; do + # Pathname does not exist, so it is OK use that name + # for backup directory. +- if [ ! -e $BACKUPKERNELDIR ]; then ++ if [ ! -e $BASEDIR/$BACKUPKERNELDIR ]; then + return 0 + fi + + # If directory do exist, we only use if it has our + # marker file. +- if [ -d $BACKUPKERNELDIR -a \ +- -e $BACKUPKERNELDIR/.freebsd-update ]; then ++ if [ -d $BASEDIR/$BACKUPKERNELDIR -a \ ++ -e $BASEDIR/$BACKUPKERNELDIR/.freebsd-update ]; then + return 0 + fi + +@@ -2592,7 +2672,7 @@ backup_kernel_finddir () { + # the end and try again. + CNT=$((CNT + 1)) + if [ $CNT -gt 9 ]; then +- echo "Could not find valid backup dir ($BACKUPKERNELDIR)" ++ echo "Could not find valid backup dir ($BASEDIR/$BACKUPKERNELDIR)" + exit 1 + fi + BACKUPKERNELDIR="`echo $BACKUPKERNELDIR | sed -Ee 's/[0-9]\$//'`" +@@ -2619,17 +2699,17 @@ backup_kernel () { + # Remove old kernel backup files. If $BACKUPKERNELDIR was + # "not ours", backup_kernel_finddir would have exited, so + # deleting the directory content is as safe as we can make it. +- if [ -d $BACKUPKERNELDIR ]; then +- rm -fr $BACKUPKERNELDIR ++ if [ -d $BASEDIR/$BACKUPKERNELDIR ]; then ++ rm -fr $BASEDIR/$BACKUPKERNELDIR + fi + + # Create directories for backup. +- mkdir -p $BACKUPKERNELDIR +- mtree -cdn -p "${KERNELDIR}" | \ +- mtree -Ue -p "${BACKUPKERNELDIR}" > /dev/null ++ mkdir -p $BASEDIR/$BACKUPKERNELDIR ++ mtree -cdn -p "${BASEDIR}/${KERNELDIR}" | \ ++ mtree -Ue -p "${BASEDIR}/${BACKUPKERNELDIR}" > /dev/null + + # Mark the directory as having been created by freebsd-update. +- touch $BACKUPKERNELDIR/.freebsd-update ++ touch $BASEDIR/$BACKUPKERNELDIR/.freebsd-update + if [ $? -ne 0 ]; then + echo "Could not create kernel backup directory" + exit 1 +@@ -2647,8 +2727,8 @@ backup_kernel () { + fi + + # Backup all the kernel files using hardlinks. +- (cd $KERNELDIR && find . -type f $FINDFILTER -exec \ +- cp -pl '{}' ${BACKUPKERNELDIR}/'{}' \;) ++ (cd ${BASEDIR}/${KERNELDIR} && find . -type f $FINDFILTER -exec \ ++ cp -pl '{}' ${BASEDIR}/${BACKUPKERNELDIR}/'{}' \;) + + # Re-enable patchname expansion. + set +f +@@ -2746,7 +2826,7 @@ install_files () { + + # Update linker.hints if necessary + if [ -s INDEX-OLD -o -s INDEX-NEW ]; then +- kldxref -R /boot/ 2>/dev/null ++ kldxref -R ${BASEDIR}/boot/ 2>/dev/null + fi + + # We've finished updating the kernel. +@@ -2797,14 +2877,14 @@ Kernel updates have been installed. Ple + install_delete INDEX-OLD INDEX-NEW || return 1 + + # Rebuild /etc/spwd.db and /etc/pwd.db if necessary. +- if [ /etc/master.passwd -nt /etc/spwd.db ] || +- [ /etc/master.passwd -nt /etc/pwd.db ]; then +- pwd_mkdb /etc/master.passwd ++ if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] || ++ [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ]; then ++ pwd_mkdb -d ${BASEDIR}/etc ${BASEDIR}/etc/master.passwd + fi + + # Rebuild /etc/login.conf.db if necessary. +- if [ /etc/login.conf -nt /etc/login.conf.db ]; then +- cap_mkdb /etc/login.conf ++ if [ ${BASEDIR}/etc/login.conf -nt ${BASEDIR}/etc/login.conf.db ]; then ++ cap_mkdb ${BASEDIR}/etc/login.conf + fi + + # We've finished installing the world and deleting old files +@@ -3011,21 +3091,8 @@ IDS_compare () { + mv INDEX-NOTMATCHING.tmp INDEX-NOTMATCHING + + # Go through the lines and print warnings. +- while read LINE; do +- FPATH=`echo "${LINE}" | cut -f 1 -d '|'` +- TYPE=`echo "${LINE}" | cut -f 2 -d '|'` +- OWNER=`echo "${LINE}" | cut -f 3 -d '|'` +- GROUP=`echo "${LINE}" | cut -f 4 -d '|'` +- PERM=`echo "${LINE}" | cut -f 5 -d '|'` +- HASH=`echo "${LINE}" | cut -f 6 -d '|'` +- LINK=`echo "${LINE}" | cut -f 7 -d '|'` +- P_TYPE=`echo "${LINE}" | cut -f 8 -d '|'` +- P_OWNER=`echo "${LINE}" | cut -f 9 -d '|'` +- P_GROUP=`echo "${LINE}" | cut -f 10 -d '|'` +- P_PERM=`echo "${LINE}" | cut -f 11 -d '|'` +- P_HASH=`echo "${LINE}" | cut -f 12 -d '|'` +- P_LINK=`echo "${LINE}" | cut -f 13 -d '|'` +- ++ local IFS='|' ++ while read FPATH TYPE OWNER GROUP PERM HASH LINK P_TYPE P_OWNER P_GROUP P_PERM P_HASH P_LINK; do + # Warn about different object types. + if ! [ "${TYPE}" = "${P_TYPE}" ]; then + echo -n "${FPATH} is a " +@@ -3153,7 +3220,7 @@ get_params () { + # Fetch command. Make sure that we're being called + # interactively, then run fetch_check_params and fetch_run + cmd_fetch () { +- if [ ! -t 0 ]; then ++ if [ ! -t 0 -a $NOTTYOK -eq 0 ]; then + echo -n "`basename $0` fetch should not " + echo "be run non-interactively." + echo "Run `basename $0` cron instead." Added: head/share/security/patches/EN-15:04/freebsd-update-8.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-15:04/freebsd-update-8.patch.asc Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.2 (FreeBSD) + +iQIcBAABCgAGBQJVU9dpAAoJEO1n7NZdz2rnLP8QAIxBQd1NKef3YVnFMGuppEoy +Tc9/vhtEZfiI78fvMaLK9uLwKZWLx+JS6HTXNmEWzy6Tg+WX4pYMzGGDxGG2RVSz +C/Ur1bZVqNvcyKPK5+xO94asFVYcrcuYSbxMbjYPUjH5WTrySznPvjCF3E4puGvZ +e+FFTvoQ7bwY/qs5drAYo6nK74/rm4YuESxH/3t056vuhSVj8bM12ADHZ+evOzRE +4DFtxDB+9CdtGmqCfvaF0kJn+6IhwqGsRx1pUvriYdvVYzDa+tJBPDk82P0xphgq +Lsid+fjQl/3q0c8CgNNvDArYQACqZUZtqrDzxIx+UOvCz5FeowIhWypEPy5Je2YK +Qnzj6bd4cwF/WwncXGnZDj4Sybv+EJAF+l4s18B9B4v84/M91Gmq+9JgjJQtWPw7 +mI/G7jD3TrYXzzfyIBJJV/6yH/oOwZXZrhHaHHb6s2PuOhEZw5RzG2qXaWhvVQ3p +3X6+zs2okCrzOm9VYDFJIgVJOo8zVjgX+rqH0A/qjhcZK64sr5gh6F0I4LNwE+AV +9DFC9ysIG+Cay28XnEQy0lHpA6MBFWpDZnm/qX4jhIscPGG/3mhLpn7N+L62pgxu +eCAO8wW11w2fcJ575SADcHmQa8rXR/wIbDIx2tmgOFDmJI6MGKj4tU4SUJCm5Blf +GPWANnnxoBwF2Pe/NLCs +=vvQY +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-15:04/freebsd-update.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-15:04/freebsd-update.patch Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,152 @@ +Index: usr.sbin/freebsd-update/freebsd-update.8 +=================================================================== +--- usr.sbin/freebsd-update/freebsd-update.8 (revision 282245) ++++ usr.sbin/freebsd-update/freebsd-update.8 (working copy) +@@ -25,7 +25,7 @@ + .\" + .\" $FreeBSD$ + .\" +-.Dd July 14, 2010 ++.Dd March 2, 2015 + .Dt FREEBSD-UPDATE 8 + .Os FreeBSD + .Sh NAME +@@ -36,10 +36,12 @@ + .Op Fl b Ar basedir + .Op Fl d Ar workdir + .Op Fl f Ar conffile ++.Op Fl F + .Op Fl k Ar KEY + .Op Fl r Ar newrelease + .Op Fl s Ar server + .Op Fl t Ar address ++.Op Fl -not-running-from-cron + .Cm command ... + .Sh DESCRIPTION + The +@@ -54,16 +56,16 @@ by the + .Fx + Release Engineering Team, e.g., + .Fx +-7.3-RELEASE and ++9.3-RELEASE and + .Fx +-8.0-RELEASE, but not ++10.1-RELEASE, but not + .Fx +-6.3-STABLE or ++9.3-STABLE or + .Fx +-9.0-CURRENT. ++11-CURRENT. + .Sh OPTIONS + The following options are supported: +-.Bl -tag -width "-f conffile" ++.Bl -tag -width "-r newrelease" + .It Fl b Ar basedir + Operate on a system mounted at + .Ar basedir . +@@ -81,6 +83,10 @@ Read configuration options from + .Ar conffile . + (default: + .Pa /etc/freebsd-update.conf ) ++.It Fl F ++Force ++.Nm Cm fetch ++to proceed where it normally would not, such as an unfinished upgrade + .It Fl k Ar KEY + Trust an RSA key with SHA256 of + .Ar KEY . +@@ -98,12 +104,21 @@ Mail output of + command, if any, to + .Ar address . + (default: root, or as given in the configuration file.) ++.It Fl -not-running-from-cron ++Force ++.Nm Cm fetch ++to proceed when there is no controlling tty. ++This is for use by automated scripts and orchestration tools. ++Please do not run ++.Nm Cm fetch ++from crontab or similar using this flag, see: ++.Nm Cm cron + .El + .Sh COMMANDS + The + .Cm command + can be any one of the following: +-.Bl -tag -width "-f conffile" ++.Bl -tag -width "rollback" + .It Cm fetch + Based on the currently installed world and the configuration + options set, fetch all available binary updates. +Index: usr.sbin/freebsd-update/freebsd-update.sh +=================================================================== +--- usr.sbin/freebsd-update/freebsd-update.sh (revision 282245) ++++ usr.sbin/freebsd-update/freebsd-update.sh (working copy) +@@ -43,12 +43,15 @@ Options: + (default: /var/db/freebsd-update/) + -f conffile -- Read configuration options from conffile + (default: /etc/freebsd-update.conf) ++ -F -- Force a fetch operation to proceed + -k KEY -- Trust an RSA key with SHA256 hash of KEY + -r release -- Target for upgrade (e.g., 6.2-RELEASE) + -s server -- Server from which to fetch updates + (default: update.FreeBSD.org) + -t address -- Mail output of cron command, if any, to address + (default: root) ++ --not-running-from-cron ++ -- Run without a tty, for use by automated tools + Commands: + fetch -- Fetch updates from server + cron -- Sleep rand(3600) seconds, fetch updates, and send an +@@ -399,6 +402,12 @@ init_params () { + + # No commands specified yet + COMMANDS="" ++ ++ # Force fetch to proceed ++ FORCEFETCH=0 ++ ++ # Run without a TTY ++ NOTTYOK=0 + } + + # Parse the command line +@@ -411,6 +420,12 @@ parse_cmdline () { + if [ ! -z "${CONFFILE}" ]; then usage; fi + shift; CONFFILE="$1" + ;; ++ -F) ++ FORCEFETCH=1 ++ ;; ++ --not-running-from-cron) ++ NOTTYOK=1 ++ ;; + + # Configuration file equivalents + -b) +@@ -665,6 +680,14 @@ fetch_check_params () { + echo "(Did you mean 'upgrade' instead?)" + exit 1 + fi ++ ++ # Check that we have updates ready to install ++ if [ -f ${BDHASH}-install/kerneldone -a $FORCEFETCH -eq 0 ]; then ++ echo "You have a partially completed upgrade pending" ++ echo "Run '$0 install' first." ++ echo "Run '$0 fetch -F' to proceed anyway." ++ exit 1 ++ fi + } + + # Perform sanity checks etc. before fetching upgrades. +@@ -3202,7 +3225,7 @@ get_params () { + # Fetch command. Make sure that we're being called + # interactively, then run fetch_check_params and fetch_run + cmd_fetch () { +- if [ ! -t 0 ]; then ++ if [ ! -t 0 -a $NOTTYOK -eq 0 ]; then + echo -n "`basename $0` fetch should not " + echo "be run non-interactively." + echo "Run `basename $0` cron instead." Added: head/share/security/patches/EN-15:04/freebsd-update.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-15:04/freebsd-update.patch.asc Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.2 (FreeBSD) + +iQIcBAABCgAGBQJVU9dqAAoJEO1n7NZdz2rnZggQAKiJ0+2WY1gDvdWDkj0BcIcY +OCig1qDeuZLwDEFfqdqwoEJb7XoYI2tRQu4D/edxe5WAGQNOdIe3cOk/hIvC0Ozi +O/EpsZSf1RBrDBXdIDXc8C3BPeqcr5OYdc/XMZAoW14BTKU8K6ZsZyvoFcEInp5y +Qf0MvMB5QwO4e1LSJEVaT3kNLJuEVdoFzYh6h1e5Tlh7tcnrys9eReKO1SsRIEmp +zmCjfxaAjtftJyw+hxDuid0xkyyi8azPnl3U4JeIMsZE/KIrpAiMTjfnUPznIaai +x6SgIkKQaK7+43mZ92UOqWM3ELHaxWx55aNfX49aDWBIw4SpFqZAkfKt0FPd3Ws1 +Qdo06D8861mT9klQUsYNPrLed6cku6T1PA+bY6dBE3HpL0wlzm8PGdbPe3lLTcM9 +SP5SMMg8Jwy8oi7foyWeD2cibU5VzZRQEIwcQoI/d0Cayj85Oz6KDEtgwpUYDVL/ +sjrRr6ViA8b3qoS7+Ek9nksGUHg5DPOV9sllWZi2JWYn5tR0boRe16Ecb92chylS +VIEz0gwCy46VxAXmrTSa4qUM6uIeoMZXx84b/E8R92KvPXdBGMNhCXoEqEFYertd +prk3LlwUyXbuhkgziBJK6b+zN9ZshL/jY4kjjHCpjd7aNruRnUr9qr43dEJuMOPj +DuwqCaCT3VTyEObhW6Io +=bxKG +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-15:05/ufs.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-15:05/ufs.patch Wed May 13 23:07:20 2015 (r46693) @@ -0,0 +1,313 @@ +Index: sys/ufs/ffs/ffs_softdep.c +=================================================================== +--- sys/ufs/ffs/ffs_softdep.c (revision 282245) ++++ sys/ufs/ffs/ffs_softdep.c (working copy) +@@ -735,9 +735,10 @@ static struct malloc_type *memtype[] = { + static void check_clear_deps(struct mount *); + static void softdep_error(char *, int); + static int softdep_process_worklist(struct mount *, int); +-static int softdep_waitidle(struct mount *); ++static int softdep_waitidle(struct mount *, int); + static void drain_output(struct vnode *); + static struct buf *getdirtybuf(struct buf *, struct rwlock *, int); ++static int check_inodedep_free(struct inodedep *); + static void clear_remove(struct mount *); + static void clear_inodedeps(struct mount *); + static void unlinked_inodedep(struct mount *, struct inodedep *); +@@ -1377,6 +1378,10 @@ softdep_flush(addr) + mp = (struct mount *)addr; + ump = VFSTOUFS(mp); + atomic_add_int(&stat_flush_threads, 1); ++ ACQUIRE_LOCK(ump); ++ ump->softdep_flags &= ~FLUSH_STARTING; ++ wakeup(&ump->softdep_flushtd); ++ FREE_LOCK(ump); + if (print_threads) { + if (stat_flush_threads == 1) + printf("Running %s at pid %d\n", bufdaemonproc->p_comm, +@@ -1389,7 +1394,7 @@ softdep_flush(addr) + VFSTOUFS(mp)->softdep_jblocks->jb_suspended)) + kthread_suspend_check(); + ACQUIRE_LOCK(ump); +- if ((ump->softdep_flags & FLUSH_CLEANUP) == 0) ++ if ((ump->softdep_flags & (FLUSH_CLEANUP | FLUSH_EXIT)) == 0) + msleep(&ump->softdep_flushtd, LOCK_PTR(ump), PVM, + "sdflush", hz / 2); + ump->softdep_flags &= ~FLUSH_CLEANUP; +@@ -1419,11 +1424,9 @@ worklist_speedup(mp) + + ump = VFSTOUFS(mp); + LOCK_OWNED(ump); +- if ((ump->softdep_flags & (FLUSH_CLEANUP | FLUSH_EXIT)) == 0) { *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***