svn commit: r304134 - in head/x11: nvidia-driver nvidia-driver-173 nvidia-driver-71 nvidia-driver-96 nvidia-driver/files
Alexey Dokuchaev
danfe at FreeBSD.org
Wed Sep 12 07:14:35 UTC 2012
Author: danfe
Date: Wed Sep 12 07:14:34 2012
New Revision: 304134
URL: http://svn.freebsd.org/changeset/ports/304134
Log:
- Update legacy 173.14.xx series driver to version 173.14.35 and provide a
patch for CVE-2012-4225 for this version
- Augment security patch for CVE-2012-0946 to cover CVE-2012-4225 as well
for the benefit of really old legacy drivers
Added:
head/x11/nvidia-driver/files/security-patch-CVE-2012-4225 (contents, props changed)
Modified:
head/x11/nvidia-driver-173/Makefile
head/x11/nvidia-driver-71/Makefile
head/x11/nvidia-driver-96/Makefile
head/x11/nvidia-driver/Makefile
head/x11/nvidia-driver/distinfo
head/x11/nvidia-driver/files/security-patch-CVE-2012-0946
Modified: head/x11/nvidia-driver-173/Makefile
==============================================================================
--- head/x11/nvidia-driver-173/Makefile Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver-173/Makefile Wed Sep 12 07:14:34 2012 (r304134)
@@ -5,8 +5,7 @@
# $FreeBSD$
#
-DISTVERSION= 173.14.31
-PORTREVISION= 2
+DISTVERSION= 173.14.35
MASTERDIR= ${.CURDIR}/../nvidia-driver
NO_LATEST_LINK= yes
Modified: head/x11/nvidia-driver-71/Makefile
==============================================================================
--- head/x11/nvidia-driver-71/Makefile Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver-71/Makefile Wed Sep 12 07:14:34 2012 (r304134)
@@ -6,7 +6,7 @@
#
DISTVERSION= 71.86.15
-PORTREVISION= 1
+PORTREVISION= 2
MASTERDIR= ${.CURDIR}/../nvidia-driver
NO_LATEST_LINK= yes
Modified: head/x11/nvidia-driver-96/Makefile
==============================================================================
--- head/x11/nvidia-driver-96/Makefile Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver-96/Makefile Wed Sep 12 07:14:34 2012 (r304134)
@@ -6,7 +6,7 @@
#
DISTVERSION= 96.43.20
-PORTREVISION= 1
+PORTREVISION= 2
MASTERDIR= ${.CURDIR}/../nvidia-driver
NO_LATEST_LINK= yes
Modified: head/x11/nvidia-driver/Makefile
==============================================================================
--- head/x11/nvidia-driver/Makefile Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver/Makefile Wed Sep 12 07:14:34 2012 (r304134)
@@ -64,7 +64,11 @@ EXTRA_PATCHES= ${FILESDIR}/legacy-patch-
# Fix recent arbitrary memory access vulnerability in legacy drivers
.if ${NVVERSION} <= 1905300
+. if ${NVVERSION} == 1731435
+EXTRA_PATCHES+= ${FILESDIR}/security-patch-CVE-2012-4225
+. else
EXTRA_PATCHES+= ${FILESDIR}/security-patch-CVE-2012-0946
+. endif
.endif
OPTIONS= FREEBSD_AGP "Use FreeBSD AGP GART driver" off \
Modified: head/x11/nvidia-driver/distinfo
==============================================================================
--- head/x11/nvidia-driver/distinfo Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver/distinfo Wed Sep 12 07:14:34 2012 (r304134)
@@ -2,8 +2,8 @@ SHA256 (NVIDIA-FreeBSD-x86_64-295.71.tar
SIZE (NVIDIA-FreeBSD-x86_64-295.71.tar.gz) = 33058244
SHA256 (NVIDIA-FreeBSD-x86-295.71.tar.gz) = 6cc7f25c3b49d3ac2d2cdc2d84e4f0417d51115110bee159de2cc53d7f9ef049
SIZE (NVIDIA-FreeBSD-x86-295.71.tar.gz) = 32098813
-SHA256 (NVIDIA-FreeBSD-x86-173.14.31.tar.gz) = 98699bc8dc1dad86cebc2ed067b4fc5cd37b8540e897bb218f38ac80c4b4d875
-SIZE (NVIDIA-FreeBSD-x86-173.14.31.tar.gz) = 17991684
+SHA256 (NVIDIA-FreeBSD-x86-173.14.35.tar.gz) = 51e82a12db81b5af4ae5ee59612875c0dbef52cb641d61a44c72f2e1cd7f4c78
+SIZE (NVIDIA-FreeBSD-x86-173.14.35.tar.gz) = 18748428
SHA256 (NVIDIA-FreeBSD-x86-96.43.20.tar.gz) = e75fce272e72644d53e6ad3c0957fe173735a4b621726ce227ba8ecf9bd9c5cf
SIZE (NVIDIA-FreeBSD-x86-96.43.20.tar.gz) = 14060884
SHA256 (NVIDIA-FreeBSD-x86-71.86.15.tar.gz) = 7be5ba641eabaa96a068e147a1dd5d75aadc10575bb1d2c6e8529cd423438168
Modified: head/x11/nvidia-driver/files/security-patch-CVE-2012-0946
==============================================================================
--- head/x11/nvidia-driver/files/security-patch-CVE-2012-0946 Wed Sep 12 05:40:36 2012 (r304133)
+++ head/x11/nvidia-driver/files/security-patch-CVE-2012-0946 Wed Sep 12 07:14:34 2012 (r304134)
@@ -1,6 +1,6 @@
--- src/nv.h.orig 2011-07-14 02:51:53.000000000 +0800
+++ src/nv.h 2012-05-10 18:15:51.000000000 +0800
-@@ -364,6 +364,14 @@
+@@ -364,6 +364,27 @@
((offset) >= (nv)->agp.address) && \
(((offset) + ((length)-1)) <= (nv)->agp.address + ((nv)->agp.size-1)))
@@ -10,7 +10,20 @@
+
+#define IS_BLACKLISTED_REG_OFFSET(nv, offset, length) \
+ ((IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1000, 0x1000, offset, length)) ||\
-+ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x700000, 0x100000, offset, length)))
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x84000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x85000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x86000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x87000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x89000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0xa0000, 0x20000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x104000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x105000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x10a000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1c2000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1c3000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x618000, 0x2000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x627000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x700000, 0x100000, offset, length)))
+
/* duplicated from nvos.h for external builds */
#ifndef NVOS_AGP_CONFIG_DISABLE_AGP
Added: head/x11/nvidia-driver/files/security-patch-CVE-2012-4225
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/x11/nvidia-driver/files/security-patch-CVE-2012-4225 Wed Sep 12 07:14:34 2012 (r304134)
@@ -0,0 +1,24 @@
+--- src/nv.h.orig 2012-08-02 18:19:37.000000000 -0700
++++ src/nv.h 2012-08-02 18:19:37.000000000 -0700
+@@ -436,7 +436,20 @@
+
+ #define IS_BLACKLISTED_REG_OFFSET(nv, offset, length) \
+ ((IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1000, 0x1000, offset, length)) ||\
+- (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x700000, 0x100000, offset, length)))
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x84000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x85000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x86000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x87000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x89000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0xa0000, 0x20000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x104000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x105000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x10a000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1c2000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x1c3000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x618000, 0x2000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x627000, 0x1000, offset, length)) ||\
++ (IS_REG_RANGE_WITHIN_MAPPING(nv, 0x700000, 0x100000, offset, length)))
+
+ /* duplicated from nvos.h for external builds */
+ #ifndef NVOS_AGP_CONFIG_DISABLE_AGP
More information about the svn-ports-all
mailing list