Added the fix for the ptrace vulnerability for AMD64 platforms.

5 files changed, 73 insertions, 3 deletions

diff --git a/sys-kernel/vanilla-sources/ChangeLog b/sys-kernel/vanilla-sources/ChangeLog
index ee54dd634feb..576c2573f167 100644
--- a/sys-kernel/vanilla-sources/ChangeLog
+++ b/sys-kernel/vanilla-sources/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-kernel/vanilla-sources
-# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/ChangeLog,v 1.21 2004/01/05 19:03:56 scox Exp $
+# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/ChangeLog,v 1.22 2004/02/16 17:53:59 plasmaroo Exp $
+
+*vanilla-sources-2.4.24-r1 (16 Feb 2004)
+
+  16 Feb 2004; <plasmaroo@gentoo.org> vanilla-sources-2.4.24-r1.ebuild,
+  files/vanilla-sources-2.4.24.CAN-2004-0001.patch:
+  Added the fix for the ptrace vulnerability for AMD64 platforms.
 
 *vanilla-sources-2.4.24 (05 Jan 2004)
 
diff --git a/sys-kernel/vanilla-sources/Manifest b/sys-kernel/vanilla-sources/Manifest
index f69945e8e860..9c17af5060b8 100644
--- a/sys-kernel/vanilla-sources/Manifest
+++ b/sys-kernel/vanilla-sources/Manifest
@@ -1,4 +1,4 @@
-MD5 3a21594c88ea45d901a5acd5f52e1aac ChangeLog 2900
+MD5 e5ab44675a0e723ccd357e2d9714d687 ChangeLog 3138
 MD5 61c9c3c2a836fa2b6f76cad8ea0f7c99 vanilla-sources-2.4.20.ebuild 868
 MD5 856f5ee7c214090528042d8cb05b42e6 vanilla-sources-2.4.24.ebuild 798
 MD5 17ded3e049cc5ea4571a590f031fd463 metadata.xml 449
@@ -6,11 +6,14 @@ MD5 655a04d3d2dcd6fa846930c423383eef vanilla-sources-2.0.39.ebuild 2745
 MD5 084c2bd18f2273954ed6b7324e63dcac vanilla-sources-2.4.21.ebuild 873
 MD5 f63a2340fadc08c305742937a4a03197 vanilla-sources-2.4.23.ebuild 794
 MD5 5098034e57d9326440bc35074358ab32 vanilla-sources-2.2.25.ebuild 2743
+MD5 080e4867826c7f00d257aad75fc01712 vanilla-sources-2.4.24-r1.ebuild 874
 MD5 53cd023d12a4ea9212db0391c7b67eb8 vanilla-sources-2.4.22.ebuild 873
+MD5 d8266c3fd31880277da566681a943098 files/digest-vanilla-sources-2.4.24-r1 67
 MD5 bbc9b6e1761a30c6c7f7a9f8dec1e7e3 files/digest-vanilla-sources-2.4.20 67
 MD5 fa8428c6171dc0e9548f0b722a5db1c2 files/digest-vanilla-sources-2.2.25 67
 MD5 6ef3887ee4018c06c18e8726767189c7 files/digest-vanilla-sources-2.4.22 67
 MD5 9854e47afccae85e887bcb970fc68890 files/digest-vanilla-sources-2.4.21 67
+MD5 bf2b609e8cab6460d220b1267db09826 files/vanilla-sources-2.4.24.CAN-2004-0001.patch 982
 MD5 1d8193a0ded31699ec3b7bf85dd6cbfa files/digest-vanilla-sources-2.0.39 66
 MD5 d8266c3fd31880277da566681a943098 files/digest-vanilla-sources-2.4.24 67
 MD5 79ee1ad9f4629595cd8d0cd20ca56dc1 files/digest-vanilla-sources-2.4.23 67
diff --git a/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1 b/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1
new file mode 100644
index 000000000000..c53c09ff6087
--- /dev/null
+++ b/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1
@@ -0,0 +1 @@
+MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818
diff --git a/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch b/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch
new file mode 100644
index 000000000000..bb51f9aa9a62
--- /dev/null
+++ b/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch
@@ -0,0 +1,29 @@
+diff -u linux/arch/x86_64/ia32/ptrace32.c-PTRACE linux/arch/x86_64/ia32/ptrace32.c
+--- linux/arch/x86_64/ia32/ptrace32.c-PTRACE	2003-06-16 13:03:58.000000000 +0200
++++ linux/arch/x86_64/ia32/ptrace32.c	2004-01-07 18:04:43.000000000 +0100
+@@ -25,6 +25,10 @@
+ #include <asm/fpu32.h>
+ #include <linux/mm.h>
+ 
++/* determines which flags the user has access to. */
++/* 1 = access 0 = no access */
++#define FLAG_MASK 0x44dd5UL
++
+ #define R32(l,q) \
+ 	case offsetof(struct user32, regs.l): stack[offsetof(struct pt_regs, q)/8] = val; break
+ 
+@@ -69,9 +73,12 @@
+ 	R32(eip, rip);
+ 	R32(esp, rsp);
+ 
+-	case offsetof(struct user32, regs.eflags): 
+-		stack[offsetof(struct pt_regs, eflags)/8] = val & 0x44dd5; 
++	case offsetof(struct user32, regs.eflags): { 
++		__u64 *flags = &stack[offsetof(struct pt_regs, eflags)/8];
++		val &= FLAG_MASK;
++		*flags = val | (*flags & ~FLAG_MASK);
+ 		break;
++	}
+ 
+ 	case offsetof(struct user32, u_debugreg[4]): 
+ 	case offsetof(struct user32, u_debugreg[5]):
diff --git a/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild b/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild
new file mode 100644
index 000000000000..b877045ee47b
--- /dev/null
+++ b/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild,v 1.1 2004/02/16 17:53:59 plasmaroo Exp $
+#OKV=original kernel version, KV=patched kernel version.  They can be the same.
+
+ETYPE="sources"
+inherit kernel
+
+OKV=2.4.24
+KV=2.4.24
+EXTRAVERSION=" "
+S=${WORKDIR}/linux-${KV}
+
+# What's in this kernel?
+
+# INCLUDED:
+# stock 2.4.24 kernel sources
+
+DESCRIPTION="Full sources for the Linux kernel"
+SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2"
+HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/"
+KEYWORDS="amd64 -*"
+SLOT="${KV}"
+
+src_unpack() {
+	unpack linux-${OKV}.tar.bz2
+
+	cd ${S}
+	epatch ${FILESDIR}/${P}.CAN-2004-0001.patch || die "Failed to apply AMD64 ptrace patch!"
+	kernel_universal_unpack
+}