summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Birchinger <joker@gentoo.org>2005-01-08 00:16:02 +0000
committerChristian Birchinger <joker@gentoo.org>2005-01-08 00:16:02 +0000
commitc7442377e2f519dd22cd64bf4b9add5ef65e2252 (patch)
tree66dc88891b9d85f121d3332f6c3a33ae05b1f170 /sys-kernel/sparc-sources
parentstabilize and add arm/mips (Manifest recommit) (diff)
downloadgentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.tar.gz
gentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.tar.bz2
gentoo-2-c7442377e2f519dd22cd64bf4b9add5ef65e2252.zip
Added a security fix for bug #77025
Diffstat (limited to 'sys-kernel/sparc-sources')
-rw-r--r--sys-kernel/sparc-sources/ChangeLog10
-rw-r--r--sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch247
-rw-r--r--sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r42
-rw-r--r--sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild4
-rw-r--r--sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild4
-rw-r--r--sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild4
-rw-r--r--sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild68
7 files changed, 331 insertions, 8 deletions
diff --git a/sys-kernel/sparc-sources/ChangeLog b/sys-kernel/sparc-sources/ChangeLog
index e13edc21b5b9..65940feecc35 100644
--- a/sys-kernel/sparc-sources/ChangeLog
+++ b/sys-kernel/sparc-sources/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-kernel/sparc-sources
-# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.73 2004/12/25 02:56:50 joker Exp $
+# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.74 2005/01/08 00:16:02 joker Exp $
+
+*sparc-sources-2.4.28-r4 (08 Jan 2005)
+
+ 08 Jan 2005; Christian Birchinger <joker@gentoo.org>
+ +files/2.4-brk-locked-plasmaroo.patch, +sparc-sources-2.4.28-r4.ebuild:
+ Added a security fix for bug #77025
*sparc-sources-2.4.28-r3 (25 Dec 2004)
diff --git a/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch b/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch
new file mode 100644
index 000000000000..f61024494364
--- /dev/null
+++ b/sys-kernel/sparc-sources/files/2.4-brk-locked-plasmaroo.patch
@@ -0,0 +1,247 @@
+diff -ur linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c
+--- linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c 2005-01-07 20:20:32.000000000 +0000
+@@ -130,7 +130,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+
+@@ -379,7 +379,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > len) {
+- do_brk(len, (last_bss - len));
++ do_brk_locked(len, (last_bss - len));
+ }
+ kfree(elf_phdata);
+
+@@ -567,7 +567,7 @@
+ unsigned long v;
+ struct prda *pp;
+
+- v = do_brk (PRDA_ADDRESS, PAGE_SIZE);
++ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
+
+ if (v < 0)
+ return;
+@@ -859,7 +859,7 @@
+ len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss-len);
++ do_brk_locked(len, bss-len);
+ kfree(elf_phdata);
+ return 0;
+ }
+diff -ur linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c
+--- linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:20:32.000000000 +0000
+@@ -49,7 +49,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+ /*
+@@ -246,10 +246,10 @@
+ if (N_MAGIC(ex) == NMAGIC) {
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -257,7 +257,7 @@
+
+ if (N_MAGIC(ex) == OMAGIC) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex) & PAGE_MASK,
++ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
+ ex.a_text+ex.a_data + PAGE_SIZE - 1);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+@@ -272,7 +272,7 @@
+
+ if (!bprm->file->f_op->mmap) {
+ loff_t pos = fd_offset;
+- do_brk(0, ex.a_text+ex.a_data);
++ do_brk_locked(0, ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+ goto beyond_if;
+@@ -388,7 +388,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_aout.c linux-2.4.28-gentoo-r5/fs/binfmt_aout.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_aout.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_aout.c 2005-01-07 20:20:32.000000000 +0000
+@@ -46,7 +46,7 @@
+ start = PAGE_ALIGN(start);
+ end = PAGE_ALIGN(end);
+ if (end > start) {
+- unsigned long addr = do_brk(start, end - start);
++ unsigned long addr = do_brk_locked(start, end - start);
+ if (BAD_ADDR(addr))
+ return addr;
+ }
+@@ -341,10 +341,10 @@
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+ /* <AOL></AOL> */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -365,7 +365,7 @@
+ map_size = ex.a_text+ex.a_data;
+ #endif
+
+- error = do_brk(text_addr & PAGE_MASK, map_size);
++ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
+ if (error != (text_addr & PAGE_MASK)) {
+ send_sig(SIGKILL, current, 0);
+ return error;
+@@ -399,7 +399,7 @@
+
+ if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
++ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+ flush_icache_range((unsigned long) N_TXTADDR(ex),
+@@ -500,7 +500,7 @@
+ error_time = jiffies;
+ }
+
+- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
++ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+
+ file->f_op->read(file, (char *)start_addr,
+ ex.a_text + ex.a_data, &pos);
+@@ -524,7 +524,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_elf.c linux-2.4.28-gentoo-r5/fs/binfmt_elf.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_elf.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_elf.c 2005-01-07 20:20:46.000000000 +0000
+@@ -88,7 +88,7 @@
+ end = ELF_PAGEALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+
+ #ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
+ if (current->flags & PF_PAX_RANDEXEC)
+@@ -370,7 +370,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > elf_bss)
+- do_brk(elf_bss, last_bss - elf_bss);
++ do_brk_locked(elf_bss, last_bss - elf_bss);
+
+ *interp_load_addr = load_addr;
+ error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
+@@ -407,7 +407,7 @@
+ goto out;
+ }
+
+- do_brk(0, text_data);
++ do_brk_locked(0, text_data);
+ if (!interpreter->f_op || !interpreter->f_op->read)
+ goto out;
+ if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
+@@ -415,7 +415,7 @@
+ flush_icache_range((unsigned long)addr,
+ (unsigned long)addr + text_data);
+
+- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
++ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
+ interp_ex->a_bss);
+ elf_entry = interp_ex->a_entry;
+
+@@ -1271,7 +1271,7 @@
+ len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss - len);
++ do_brk_locked(len, bss - len);
+ error = 0;
+
+ out_free_ph:
+diff -ur linux-2.4.28-gentoo-r4/include/linux/mm.h linux-2.4.28-gentoo-r5/include/linux/mm.h
+--- linux-2.4.28-gentoo-r4/include/linux/mm.h 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/include/linux/mm.h 2005-01-07 20:20:32.000000000 +0000
+@@ -601,6 +601,7 @@
+ extern int do_munmap(struct mm_struct *, unsigned long, size_t);
+
+ extern unsigned long do_brk(unsigned long, unsigned long);
++extern unsigned long do_brk_locked(unsigned long, unsigned long);
+
+ static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
+ {
+diff -ur linux-2.4.28-gentoo-r4/kernel/ksyms.c linux-2.4.28-gentoo-r5/kernel/ksyms.c
+--- linux-2.4.28-gentoo-r4/kernel/ksyms.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/kernel/ksyms.c 2005-01-07 20:20:32.000000000 +0000
+@@ -90,6 +90,7 @@
+ EXPORT_SYMBOL(__do_mmap_pgoff);
+ EXPORT_SYMBOL(do_munmap);
+ EXPORT_SYMBOL(do_brk);
++EXPORT_SYMBOL(do_brk_locked);
+ EXPORT_SYMBOL(exit_mm);
+ EXPORT_SYMBOL(exit_files);
+ EXPORT_SYMBOL(exit_fs);
+diff -ur linux-2.4.28-gentoo-r4/mm/mmap.c linux-2.4.28-gentoo-r5/mm/mmap.c
+--- linux-2.4.28-gentoo-r4/mm/mmap.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/mm/mmap.c 2005-01-07 20:20:32.000000000 +0000
+@@ -1401,6 +1401,21 @@
+ return addr;
+ }
+
++/* locking version of do_brk. */
++unsigned long do_brk_locked(unsigned long addr, unsigned long len)
++{
++ unsigned long ret;
++
++ down_write(&current->mm->mmap_sem);
++ ret = do_brk(addr, len);
++ up_write(&current->mm->mmap_sem);
++
++ return ret;
++}
++
++
++
++
+ /* Build the RB tree corresponding to the VMA list. */
+ void build_mmap_rb(struct mm_struct * mm)
+ {
diff --git a/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4 b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4
new file mode 100644
index 000000000000..793d42303c26
--- /dev/null
+++ b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.28-r4
@@ -0,0 +1,2 @@
+MD5 ac7735000d185bc7778c08288760a8a3 linux-2.4.28.tar.bz2 31064046
+MD5 05e09ac56cf3f1f8133dd1ed69909819 patches-2.4.28-sparc-r2.tar.bz2 181346
diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild
index e1b82c3bc0dd..cfe13b861b04 100644
--- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild
+++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild,v 1.1 2004/12/03 02:11:12 joker Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r1.ebuild,v 1.2 2005/01/08 00:16:02 joker Exp $
IUSE="ultra1"
diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild
index efe3ca036801..348eeab0987c 100644
--- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild
+++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild,v 1.2 2004/12/19 15:13:14 joker Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r2.ebuild,v 1.3 2005/01/08 00:16:02 joker Exp $
IUSE="ultra1"
diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild
index 89990104d70d..5c1b2341a980 100644
--- a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild
+++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild,v 1.1 2004/12/25 02:56:50 joker Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r3.ebuild,v 1.2 2005/01/08 00:16:02 joker Exp $
IUSE="ultra1"
diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild
new file mode 100644
index 000000000000..cae1ec1924dc
--- /dev/null
+++ b/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.28-r4.ebuild,v 1.1 2005/01/08 00:16:02 joker Exp $
+
+IUSE="ultra1"
+
+# Kernel ebuilds using the kernel.eclass can remove any patch that you
+# do not want to apply by simply setting the KERNEL_EXCLUDE shell
+# variable to the string you want to exclude (for instance
+# KERNEL_EXCLUDE="grsecurity" would not patch any patches whose names match
+# *grsecurity*). Kernels are only tested in the default configuration, but
+# this may be useful if you know that a particular patch is causing a
+# conflict with a patch you personally want to apply, or some other
+# similar situation.
+
+ETYPE="sources"
+inherit kernel eutils
+
+# OKV=original kernel version, KV=patched kernel version. They can be the same.
+[ "$OKV" == "" ] && OKV="${PV}"
+
+EXTRAVERSION="-${PN/-*/}"
+[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}"
+KV="${OKV}${EXTRAVERSION}"
+
+PATCH_VERSION="2.4.28-sparc-r2"
+
+# Documentation on the patches contained in this kernel will be installed
+# to /usr/share/doc/sparc-sources-${PV}/patches.txt.gz
+
+DESCRIPTION="Full sources for the Gentoo Sparc Linux kernel"
+SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2
+ mirror://gentoo/patches-${PATCH_VERSION}.tar.bz2"
+
+S=${WORKDIR}/linux-${KV}
+KEYWORDS="~x86 -ppc sparc"
+SLOT="${KV}"
+
+src_unpack() {
+ unpack ${A}
+ mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}"
+ cd ${PATCH_VERSION} || die "Unable to cd into ${PATCH_VERSION}"
+
+ kernel_src_unpack
+
+ # Security fix for #72452, #74464 and #77025
+ epatch ${FILESDIR}/2.4.28-vma-PaX.patch
+ epatch ${FILESDIR}/linux-2.4.28-CAN-2004-1056.patch
+ epatch ${FILESDIR}/2.4-brk-locked-plasmaroo.patch
+
+ # Patch the HME driver only on Ultra1 machines.
+ use ultra1 && epatch ${FILESDIR}/U1-hme-lockup.patch
+}
+
+pkg_postinst() {
+
+ kernel_pkg_postinst
+
+ # Display SUN Ultra 1 HME warning if it can be detected or if the machinetype is unknown.
+ if [ ! -r "/proc/openprom/name" -o "`cat /proc/openprom/name 2>/dev/null`" = "'SUNW,Ultra-1'" ]; then
+ einfo
+ einfo "For users with an Enterprise model Ultra 1 using the HME network interface,"
+ einfo "please emerge the kernel using the following command:"
+ einfo
+ einfo "USE=ultra1 emerge sparc-sources"
+ einfo
+ fi
+}