svn commit: r517694 - in head/net: ntp ntp-devel ntp-devel/files ntp/files

Fri Nov 15 16:34:43 UTC 2019

Author: cy
Date: Fri Nov 15 16:34:41 2019
New Revision: 517694
URL: https://svnweb.freebsd.org/changeset/ports/517694

Log:
  Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV.
  
  PR:		241421, 241960
  Reported by:	Vladimir Zakharov <zakharov.vv at gmail.com>,
  		dewayne at heuristicsystems.com.au
  Reviewed by:	kib, imp (previous version), ian (suggestion)
  MFH:		2019Q4
  Differential Revision:  https://reviews.freebsd.org/D22358

Modified:
  head/net/ntp-devel/Makefile   (contents, props changed)
  head/net/ntp-devel/files/patch-ntpd_ntpd.c   (contents, props changed)
  head/net/ntp/Makefile   (contents, props changed)
  head/net/ntp/files/patch-ntpd_ntpd.c   (contents, props changed)

Modified: head/net/ntp-devel/Makefile
==============================================================================

--- head/net/ntp-devel/Makefile	Fri Nov 15 16:31:21 2019	(r517693)
+++ head/net/ntp-devel/Makefile	Fri Nov 15 16:34:41 2019	(r517694)
@@ -3,7 +3,7 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.3.99
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	net
 MASTER_SITES=	http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ \
 		http://archive.ntp.org/ntp4/ntp-dev/

Modified: head/net/ntp-devel/files/patch-ntpd_ntpd.c
==============================================================================
--- head/net/ntp-devel/files/patch-ntpd_ntpd.c	Fri Nov 15 16:31:21 2019	(r517693)
+++ head/net/ntp-devel/files/patch-ntpd_ntpd.c	Fri Nov 15 16:34:41 2019	(r517694)
@@ -1,6 +1,43 @@
 --- ntpd/ntpd.c.orig	2019-06-07 01:59:15.000000000 -0700
-+++ ntpd/ntpd.c	2019-09-20 12:13:28.810552000 -0700
-@@ -999,7 +999,7 @@
++++ ntpd/ntpd.c	2019-11-15 08:06:37.290504000 -0800
+@@ -138,6 +138,17 @@
+ # include <seccomp.h>
+ #endif /* LIBSECCOMP and KERN_SECCOMP */
+ 
++#ifdef __FreeBSD__
++#include <sys/procctl.h>
++#ifndef PROC_STACKGAP_CTL
++/*
++ * Even if we compile on an older system we can still run on a newer one.
++ */
++#define	PROC_STACKGAP_CTL	17
++#define	PROC_STACKGAP_DISABLE	0x0002
++#endif
++#endif
++
+ #ifdef HAVE_DNSREGISTRATION
+ # include <dns_sd.h>
+ DNSServiceRef mdns;
+@@ -402,6 +413,18 @@
+ 	char *argv[]
+ 	)
+ {
++#ifdef __FreeBSD__
++	{
++		/*
++		 * We Must disable ASLR stack gap on FreeBSD to avoid a
++		 * segfault. See PR/241421 and PR/241960.
++		 */
++		int aslr_var = PROC_STACKGAP_DISABLE;
++
++		pid_t my_pid = getpid();
++		procctl(P_PID, my_pid, PROC_STACKGAP_CTL, &aslr_var); 
++	}
++#endif
+ 	return ntpdmain(argc, argv);
+ }
+ #endif /* !SYS_WINNT */
+@@ -999,7 +1022,7 @@
  # if defined(HAVE_MLOCKALL)
  #  ifdef HAVE_SETRLIMIT
  	ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k");

Modified: head/net/ntp/Makefile
==============================================================================
--- head/net/ntp/Makefile	Fri Nov 15 16:31:21 2019	(r517693)
+++ head/net/ntp/Makefile	Fri Nov 15 16:34:41 2019	(r517694)
@@ -3,7 +3,7 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.2.8p13
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	net
 MASTER_SITES=	http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ \
 		http://archive.ntp.org/ntp4/ntp-4.2/ \

Modified: head/net/ntp/files/patch-ntpd_ntpd.c
==============================================================================
--- head/net/ntp/files/patch-ntpd_ntpd.c	Fri Nov 15 16:31:21 2019	(r517693)
+++ head/net/ntp/files/patch-ntpd_ntpd.c	Fri Nov 15 16:34:41 2019	(r517694)
@@ -1,6 +1,43 @@
 --- ntpd/ntpd.c.orig	2019-02-20 09:21:44.000000000 -0800
-+++ ntpd/ntpd.c	2019-09-20 12:11:54.469651000 -0700
-@@ -999,7 +999,7 @@
++++ ntpd/ntpd.c	2019-11-15 08:03:34.800596000 -0800
+@@ -138,6 +138,17 @@
+ # include <seccomp.h>
+ #endif /* LIBSECCOMP and KERN_SECCOMP */
+ 
++#ifdef __FreeBSD__
++#include <sys/procctl.h>
++#ifndef PROC_STACKGAP_CTL
++/*
++ * Even if we compile on an older system we can still run on a newer one.
++ */
++#define	PROC_STACKGAP_CTL	17
++#define	PROC_STACKGAP_DISABLE	0x0002
++#endif
++#endif
++
+ #ifdef HAVE_DNSREGISTRATION
+ # include <dns_sd.h>
+ DNSServiceRef mdns;
+@@ -402,6 +413,18 @@
+ 	char *argv[]
+ 	)
+ {
++#ifdef __FreeBSD__
++	{
++		/*
++		 * We Must disable ASLR stack gap on FreeBSD to avoid a
++		 * segfault. See PR/241421 and PR/241960.
++		 */
++		int aslr_var = PROC_STACKGAP_DISABLE;
++
++		pid_t my_pid = getpid();
++		procctl(P_PID, my_pid, PROC_STACKGAP_CTL, &aslr_var); 
++	}
++#endif
+ 	return ntpdmain(argc, argv);
+ }
+ #endif /* !SYS_WINNT */
+@@ -999,7 +1022,7 @@
  # if defined(HAVE_MLOCKALL)
  #  ifdef HAVE_SETRLIMIT
  	ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k");
