non port: net/ntp/files/patch-ntpd_ntpd.c |
Number of commits found: 12 |
Friday, 18 Feb 2022
|
21:01 Cy Schubert (cy)
net/ntp: Restore previous behaviour
Restore ntp to prior to the ASLR mitigations applied.
When ASLR and subsequently PIE were committed to the FreeBSD kernel, ntpd
would segfault due to insufficient stack. This was because stack gap was
not taken into account by applications requesting stack and/or memory
limits. (BTW, this problem also affected firefox and thunderbird.)
This subsequently caused disabling of rlimit memlock, which could not be
avoided under the previous implementation of ASLR:
Cannot set RLIMIT_MEMLOCK: Operation not permitted
Since then a number of improvments to ASLR stack gap implementation have
rendered the mitigations unnecessary. The mitigations initially developed
here at FreeBSD were subsequently upstreamed (noticed by the folks at
nwtime.org and automatically upstreamed). The mitigations have been
reversed in the base system. This patch reverses the ASLR mitigations in
the port as well.
PR: 262031
Reported by: p5B2E9A8F@t-online.de
c2a26c7 |
Wednesday, 26 Jan 2022
|
22:29 Cy Schubert (cy)
net/ntp: Fix build on older FreeBSD
Fix stackgap build on older FreeBSD.
PR: 261491
Reported by: tomasz.sowinski@nucleus.malbork.pl
MFH: 2022Q1
646499b |
Thursday, 20 Jan 2022
|
04:43 Cy Schubert (cy)
net/ntp: Fix stable/12 build
There should be no minimum to 1300524.
Reported by: Scott Allendorf <scott-allendorf@uiowa.edu>
Fixes: a6e356e8f50f92acbdec6156c068e768d1835591
MFH: 2022Q1
d4607d3 |
Wednesday, 19 Jan 2022
|
14:26 Cy Schubert (cy)
net/ntp: Reverse "Disable ntpd stack gap" for stable/13
As stack gap mitigations have been MFCed to stable/13, reverse
"Disable ntpd stack gap" for __FreeBSD_version < 1300524 too.
MFH: 2022Q1
a6e356e |
Monday, 18 Oct 2021
|
17:14 Cy Schubert (cy)
net/ntp: Use __FreeBSD_version < 1400038
__FreeBSD_version < 1400038 is more appropriate as it follows the
commit to resolve setrlimit(2) segfaults.
MFH: 2021Q4
f424bca |
Saturday, 16 Oct 2021
|
15:08 Cy Schubert (cy)
net/ntp: Implement 8dc43f07dc6 only for 14-CURRENT for now
Only Reverse "Disable ntpd stack gap" for __FreeBSD_version < 1400037
for now until the next __FreeBSD_version bump.
Reported by: kevans
MFH: 2021Q4
ad1f51b |
03:59 Cy Schubert (cy)
net/ntp: Reverse "Disable ntpd stack gap"
120137c822c9697c19cf94461f436f8ccc372d24 (svn r517694) disabled ntpd
ASLR stack gap, which caused ntpd to segfault. (The patch in
120137c822c9697c19cf94461f436f8ccc372d24 was subsequently submitted
to nwtime.org for inclusion into upstream ntp.) src commit
889b56c8cd84c9a9f2d9e3b019c154d6f14d9021 addressed the underlying cause
for the setrlimit segfault negating the need for this workaround. This
commit removes the workaround.
MFH: 2021Q4 (after a month)
8dc43f0 |
Wednesday, 4 Mar 2020
|
21:48 cy
Update ntp-4.2.8p13 --> 4.2.8p14.
The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet.
MFH: 2020Q2
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592
|
Friday, 15 Nov 2019
|
16:34 cy
Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV.
PR: 241421, 241960
Reported by: Vladimir Zakharov <zakharov.vv@gmail.com>,
dewayne@heuristicsystems.com.au
Reviewed by: kib, imp (previous version), ian (suggestion)
MFH: 2019Q4
Differential Revision: https://reviews.freebsd.org/D22358
|
Monday, 28 Oct 2019
|
20:19 cy
patch-ntpd_ntp.c should really be named patch-ntpd_ntpd.c as it patches
ntpd/ntpd.c.
|
Tuesday, 21 Aug 2018
|
05:07 cy
Update 4.2.8p11 --> 4.2.8p12
MFH: 2018Q3
|
Monday, 23 Jul 2018
|
00:32 ian
Add TrustedBSD MAC(4) support to ntpd.
These changes add support for running ntpd as non-root, and improve support
for the --jaildir (chroot) option when running on freebsd. These correspond
to the changes made in the base system with r336525.
The new patches in this change are exactly what was submitted upstream in
https://bugs.ntp.org/show_bug.cgi?id=3509
Approved by: cy@
Differential Revision: https://reviews.freebsd.org/D16396
|
Number of commits found: 12 |