diff options
author | Christian Birchinger <joker@gentoo.org> | 2005-01-08 00:16:02 +0000 |
---|---|---|
committer | Christian Birchinger <joker@gentoo.org> | 2005-01-08 00:16:02 +0000 |
commit | c7442377e2f519dd22cd64bf4b9add5ef65e2252 (patch) | |
tree | 66dc88891b9d85f121d3332f6c3a33ae05b1f170 /sys-kernel/sparc-sources | |
parent | stabilize and add arm/mips (Manifest recommit) (diff) | |
download | gentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.tar.gz gentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.tar.bz2 gentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.zip |
Added a security fix for bug #77025
Diffstat (limited to 'sys-kernel/sparc-sources')
7 files changed, 331 insertions, 8 deletions
diff --git a/sys-kernel/sparc-sources/ChangeLog b/sys-kernel/sparc-sources/ChangeLog index e13edc21b5b9..65940feecc35 100644 --- a/sys-kernel/sparc-sources/ChangeLog +++ b/sys-kernel/sparc-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/sparc-sources -# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.73 2004/12/25 02:56:50 joker Exp $ +# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.74 2005/01/08 00:16:02 joker Exp $ + +*sparc-sources-2.4.28-r4 (08 Jan 2005) + + 08 Jan 2005; Christian Birchinger <joker@gentoo.org> + +files/2.4-brk-locked-plasmaroo.patch, +sparc-sources-2.4.28-r4.ebuild: + Added a security fix for bug #77025 *sparc-sources-2.4.28-r3 (25 Dec 2004) diff --git a/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch b/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch new file mode 100644 index 000000000000..f61024494364 --- /dev/null +++ b/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch @@ -0,0 +1,247 @@ +diff -ur linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c +--- linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c 2005-01-07 20:20:32.000000000 +0000 +@@ -130,7 +130,7 @@ + end = PAGE_ALIGN(end); + if (end <= start) + return; +- do_brk(start, end - start); ++ do_brk_locked(start, end - start); + } + + +@@ -379,7 +379,7 @@ + + /* Map the last of the bss segment */ + if (last_bss > len) { +- do_brk(len, (last_bss - len)); ++ do_brk_locked(len, (last_bss - len)); + } + kfree(elf_phdata); + +@@ -567,7 +567,7 @@ + unsigned long v; + struct prda *pp; + +- v = do_brk (PRDA_ADDRESS, PAGE_SIZE); ++ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE); + + if (v < 0) + return; +@@ -859,7 +859,7 @@ + len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000; + bss = elf_phdata->p_memsz + elf_phdata->p_vaddr; + if (bss > len) +- do_brk(len, bss-len); ++ do_brk_locked(len, bss-len); + kfree(elf_phdata); + return 0; + } +diff -ur linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c +--- linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:20:32.000000000 +0000 +@@ -49,7 +49,7 @@ + end = PAGE_ALIGN(end); + if (end <= start) + return; +- do_brk(start, end - start); ++ do_brk_locked(start, end - start); + } + + /* +@@ -246,10 +246,10 @@ + if (N_MAGIC(ex) == NMAGIC) { + loff_t pos = fd_offset; + /* Fuck me plenty... */ +- error = do_brk(N_TXTADDR(ex), ex.a_text); ++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text); + bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex), + ex.a_text, &pos); +- error = do_brk(N_DATADDR(ex), ex.a_data); ++ error = do_brk_locked(N_DATADDR(ex), ex.a_data); + bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex), + ex.a_data, &pos); + goto beyond_if; +@@ -257,7 +257,7 @@ + + if (N_MAGIC(ex) == OMAGIC) { + loff_t pos = fd_offset; +- do_brk(N_TXTADDR(ex) & PAGE_MASK, ++ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK, + ex.a_text+ex.a_data + PAGE_SIZE - 1); + bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex), + ex.a_text+ex.a_data, &pos); +@@ -272,7 +272,7 @@ + + if (!bprm->file->f_op->mmap) { + loff_t pos = fd_offset; +- do_brk(0, ex.a_text+ex.a_data); ++ do_brk_locked(0, ex.a_text+ex.a_data); + bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex), + ex.a_text+ex.a_data, &pos); + goto beyond_if; +@@ -388,7 +388,7 @@ + len = PAGE_ALIGN(ex.a_text + ex.a_data); + bss = ex.a_text + ex.a_data + ex.a_bss; + if (bss > len) { +- error = do_brk(start_addr + len, bss - len); ++ error = do_brk_locked(start_addr + len, bss - len); + retval = error; + if (error != start_addr + len) + goto out; +diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_aout.c linux-2.4.28-gentoo-r5/fs/binfmt_aout.c +--- linux-2.4.28-gentoo-r4/fs/binfmt_aout.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/fs/binfmt_aout.c 2005-01-07 20:20:32.000000000 +0000 +@@ -46,7 +46,7 @@ + start = PAGE_ALIGN(start); + end = PAGE_ALIGN(end); + if (end > start) { +- unsigned long addr = do_brk(start, end - start); ++ unsigned long addr = do_brk_locked(start, end - start); + if (BAD_ADDR(addr)) + return addr; + } +@@ -341,10 +341,10 @@ + loff_t pos = fd_offset; + /* Fuck me plenty... */ + /* <AOL></AOL> */ +- error = do_brk(N_TXTADDR(ex), ex.a_text); ++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text); + bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex), + ex.a_text, &pos); +- error = do_brk(N_DATADDR(ex), ex.a_data); ++ error = do_brk_locked(N_DATADDR(ex), ex.a_data); + bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex), + ex.a_data, &pos); + goto beyond_if; +@@ -365,7 +365,7 @@ + map_size = ex.a_text+ex.a_data; + #endif + +- error = do_brk(text_addr & PAGE_MASK, map_size); ++ error = do_brk_locked(text_addr & PAGE_MASK, map_size); + if (error != (text_addr & PAGE_MASK)) { + send_sig(SIGKILL, current, 0); + return error; +@@ -399,7 +399,7 @@ + + if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) { + loff_t pos = fd_offset; +- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data); ++ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data); + bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex), + ex.a_text+ex.a_data, &pos); + flush_icache_range((unsigned long) N_TXTADDR(ex), +@@ -500,7 +500,7 @@ + error_time = jiffies; + } + +- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss); ++ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss); + + file->f_op->read(file, (char *)start_addr, + ex.a_text + ex.a_data, &pos); +@@ -524,7 +524,7 @@ + len = PAGE_ALIGN(ex.a_text + ex.a_data); + bss = ex.a_text + ex.a_data + ex.a_bss; + if (bss > len) { +- error = do_brk(start_addr + len, bss - len); ++ error = do_brk_locked(start_addr + len, bss - len); + retval = error; + if (error != start_addr + len) + goto out; +diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_elf.c linux-2.4.28-gentoo-r5/fs/binfmt_elf.c +--- linux-2.4.28-gentoo-r4/fs/binfmt_elf.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/fs/binfmt_elf.c 2005-01-07 20:20:46.000000000 +0000 +@@ -88,7 +88,7 @@ + end = ELF_PAGEALIGN(end); + if (end <= start) + return; +- do_brk(start, end - start); ++ do_brk_locked(start, end - start); + + #ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC + if (current->flags & PF_PAX_RANDEXEC) +@@ -370,7 +370,7 @@ + + /* Map the last of the bss segment */ + if (last_bss > elf_bss) +- do_brk(elf_bss, last_bss - elf_bss); ++ do_brk_locked(elf_bss, last_bss - elf_bss); + + *interp_load_addr = load_addr; + error = ((unsigned long) interp_elf_ex->e_entry) + load_addr; +@@ -407,7 +407,7 @@ + goto out; + } + +- do_brk(0, text_data); ++ do_brk_locked(0, text_data); + if (!interpreter->f_op || !interpreter->f_op->read) + goto out; + if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0) +@@ -415,7 +415,7 @@ + flush_icache_range((unsigned long)addr, + (unsigned long)addr + text_data); + +- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1), ++ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1), + interp_ex->a_bss); + elf_entry = interp_ex->a_entry; + +@@ -1271,7 +1271,7 @@ + len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1); + bss = elf_phdata->p_memsz + elf_phdata->p_vaddr; + if (bss > len) +- do_brk(len, bss - len); ++ do_brk_locked(len, bss - len); + error = 0; + + out_free_ph: +diff -ur linux-2.4.28-gentoo-r4/include/linux/mm.h linux-2.4.28-gentoo-r5/include/linux/mm.h +--- linux-2.4.28-gentoo-r4/include/linux/mm.h 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/include/linux/mm.h 2005-01-07 20:20:32.000000000 +0000 +@@ -601,6 +601,7 @@ + extern int do_munmap(struct mm_struct *, unsigned long, size_t); + + extern unsigned long do_brk(unsigned long, unsigned long); ++extern unsigned long do_brk_locked(unsigned long, unsigned long); + + static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev) + { +diff -ur linux-2.4.28-gentoo-r4/kernel/ksyms.c linux-2.4.28-gentoo-r5/kernel/ksyms.c +--- linux-2.4.28-gentoo-r4/kernel/ksyms.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/kernel/ksyms.c 2005-01-07 20:20:32.000000000 +0000 +@@ -90,6 +90,7 @@ + EXPORT_SYMBOL(__do_mmap_pgoff); + EXPORT_SYMBOL(do_munmap); + EXPORT_SYMBOL(do_brk); ++EXPORT_SYMBOL(do_brk_locked); + EXPORT_SYMBOL(exit_mm); + EXPORT_SYMBOL(exit_files); + EXPORT_SYMBOL(exit_fs); +diff -ur linux-2.4.28-gentoo-r4/mm/mmap.c linux-2.4.28-gentoo-r5/mm/mmap.c +--- linux-2.4.28-gentoo-r4/mm/mmap.c 2005-01-07 20:33:12.000000000 +0000 ++++ linux-2.4.28-gentoo-r5/mm/mmap.c 2005-01-07 20:20:32.000000000 +0000 +@@ -1401,6 +1401,21 @@ + return addr; + } + ++/* locking version of do_brk. */ ++unsigned long do_brk_locked(unsigned long addr, unsigned long len) ++{ ++ unsigned long ret; ++ ++ down_write(¤t->mm->mmap_sem); ++ ret = do_brk(addr, len); ++ up_write(¤t->mm->mmap_sem); ++ ++ return ret; ++} ++ ++ ++ ++ + /* Build the RB tree corresponding to the VMA list. */ + void build_mmap_rb(struct mm_struct * mm) + { diff --git a/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4 b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4 new file mode 100644 index 000000000000..793d42303c26 --- /dev/null +++ b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4 @@ -0,0 +1,2 @@ +MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046 +MD5 05e09ac56cf3f1f8133dd1ed69909819 patches-2.4.28-sparc-r2.tar.bz2 181346 diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild index e1b82c3bc0dd..cfe13b861b04 100644 --- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild +++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild,v 1.1 2004/12/03 02:11:12 joker Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild,v 1.2 2005/01/08 00:16:02 joker Exp $ IUSE="ultra1" diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild index efe3ca036801..348eeab0987c 100644 --- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild +++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild,v 1.2 2004/12/19 15:13:14 joker Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild,v 1.3 2005/01/08 00:16:02 joker Exp $ IUSE="ultra1" diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild index 89990104d70d..5c1b2341a980 100644 --- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild +++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild,v 1.1 2004/12/25 02:56:50 joker Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild,v 1.2 2005/01/08 00:16:02 joker Exp $ IUSE="ultra1" diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild new file mode 100644 index 000000000000..cae1ec1924dc --- /dev/null +++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild,v 1.1 2005/01/08 00:16:02 joker Exp $ + +IUSE="ultra1" + +# Kernel ebuilds using the kernel.eclass can remove any patch that you +# do not want to apply by simply setting the KERNEL_EXCLUDE shell +# variable to the string you want to exclude (for instance +# KERNEL_EXCLUDE="grsecurity" would not patch any patches whose names match +# *grsecurity*). Kernels are only tested in the default configuration, but +# this may be useful if you know that a particular patch is causing a +# conflict with a patch you personally want to apply, or some other +# similar situation. + +ETYPE="sources" +inherit kernel eutils + +# OKV=original kernel version, KV=patched kernel version. They can be the same. +[ "$OKV" == "" ] && OKV="${PV}" + +EXTRAVERSION="-${PN/-*/}" +[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}" +KV="${OKV}${EXTRAVERSION}" + +PATCH_VERSION="2.4.28-sparc-r2" + +# Documentation on the patches contained in this kernel will be installed +# to /usr/share/doc/sparc-sources-${PV}/patches.txt.gz + +DESCRIPTION="Full sources for the Gentoo Sparc Linux kernel" +SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 + mirror://gentoo/patches-${PATCH_VERSION}.tar.bz2" + +S=${WORKDIR}/linux-${KV} +KEYWORDS="~x86 -ppc sparc" +SLOT="${KV}" + +src_unpack() { + unpack ${A} + mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" + cd ${PATCH_VERSION} || die "Unable to cd into ${PATCH_VERSION}" + + kernel_src_unpack + + # Security fix for #72452, #74464 and #77025 + epatch ${FILESDIR}/2.4.28-vma-PaX.patch + epatch ${FILESDIR}/linux-2.4.28-CAN-2004-1056.patch + epatch ${FILESDIR}/2.4-brk-locked-plasmaroo.patch + + # Patch the HME driver only on Ultra1 machines. + use ultra1 && epatch ${FILESDIR}/U1-hme-lockup.patch +} + +pkg_postinst() { + + kernel_pkg_postinst + + # Display SUN Ultra 1 HME warning if it can be detected or if the machinetype is unknown. + if [ ! -r "/proc/openprom/name" -o "`cat /proc/openprom/name 2>/dev/null`" = "'SUNW,Ultra-1'" ]; then + einfo + einfo "For users with an Enterprise model Ultra 1 using the HME network interface," + einfo "please emerge the kernel using the following command:" + einfo + einfo "USE=ultra1 emerge sparc-sources" + einfo + fi +} |