diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-02-19 00:31:26 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-02-19 00:31:26 +0000 |
| commit | 39dc3c0d4c665e6e085854b30fb9475438d59b8f (patch) | |
| tree | fb45aaebd759083ce31183ba8c5f1b7ab54e8f87 /sys-kernel/ppc-sources-crypto | |
| parent | fixed SRC_URI (Manifest recommit) (diff) | |
| download | gentoo-2-39dc3c0d4c665e6e085854b30fb9475438d59b8f.tar.gz gentoo-2-39dc3c0d4c665e6e085854b30fb9475438d59b8f.tar.bz2 gentoo-2-39dc3c0d4c665e6e085854b30fb9475438d59b8f.zip | |
Added the patch for the mremap/munmap vulnerability. Bug #42024.
Diffstat (limited to 'sys-kernel/ppc-sources-crypto')
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/ChangeLog | 10 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r1 | 1 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r2 | 1 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r3 (renamed from sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20) | 0 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/files/ppc-sources-crypto.munmap.patch | 27 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r1.ebuild | 115 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r3.ebuild (renamed from sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r2.ebuild) | 3 | ||||
| -rw-r--r-- | sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20.ebuild | 115 |
8 files changed, 37 insertions, 235 deletions
diff --git a/sys-kernel/ppc-sources-crypto/ChangeLog b/sys-kernel/ppc-sources-crypto/ChangeLog index 78199fb6d99c..f4e2bf20bdb4 100644 --- a/sys-kernel/ppc-sources-crypto/ChangeLog +++ b/sys-kernel/ppc-sources-crypto/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/ppc-sources-crypto -# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ChangeLog,v 1.8 2004/01/08 19:57:47 plasmaroo Exp $ +# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ChangeLog,v 1.9 2004/02/19 00:31:26 plasmaroo Exp $ + +*ppc-sources-crypto-2.4.20-r3 (19 Feb 2004) + + 19 Feb 2004; <plasmaroo@gentoo.org> ppc-sources-crypto-2.4.20-r3.ebuild: + Added the patch for the mremap/munmap vulnerability. Bug #42024. Old + versions removed. *ppc-sources-crypto-2.4.20-r2 (08 Jan 2004) diff --git a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r1 b/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r1 deleted file mode 100644 index 3089021840ea..000000000000 --- a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 5c74ec29e69e4eb8b5b5229a26a7a9a5 linux-ppc-crypto-2.4.20.tar.bz2 27628151 diff --git a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r2 b/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r2 deleted file mode 100644 index 3089021840ea..000000000000 --- a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 5c74ec29e69e4eb8b5b5229a26a7a9a5 linux-ppc-crypto-2.4.20.tar.bz2 27628151 diff --git a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20 b/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r3 index 3089021840ea..3089021840ea 100644 --- a/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20 +++ b/sys-kernel/ppc-sources-crypto/files/digest-ppc-sources-crypto-2.4.20-r3 diff --git a/sys-kernel/ppc-sources-crypto/files/ppc-sources-crypto.munmap.patch b/sys-kernel/ppc-sources-crypto/files/ppc-sources-crypto.munmap.patch new file mode 100644 index 000000000000..e120b35b7adb --- /dev/null +++ b/sys-kernel/ppc-sources-crypto/files/ppc-sources-crypto.munmap.patch @@ -0,0 +1,27 @@ +diff -ur linux-2.4.25-rc3/mm/mremap.c linux-2.4.25-rc4/mm/mremap.c +--- linux-2.4.25-rc3/mm/mremap.c 2004-02-18 13:56:01.000000000 +0000 ++++ linux-2.4.25-rc4/mm/mremap.c 2004-02-18 13:49:08.000000000 +0000 +@@ -258,16 +258,20 @@ + if ((addr <= new_addr) && (addr+old_len) > new_addr) + goto out; + +- do_munmap(current->mm, new_addr, new_len); ++ ret = do_munmap(current->mm, new_addr, new_len); ++ if (ret && new_len) ++ goto out; + } + + /* + * Always allow a shrinking remap: that just unmaps + * the unnecessary pages.. + */ +- ret = addr; + if (old_len >= new_len) { +- do_munmap(current->mm, addr+new_len, old_len - new_len); ++ ret = do_munmap(current->mm, addr+new_len, old_len - new_len); ++ if (ret && old_len != new_len) ++ goto out; ++ ret = addr; + if (!(flags & MREMAP_FIXED) || (new_addr == addr)) + goto out; + } diff --git a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r1.ebuild b/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r1.ebuild deleted file mode 100644 index 93a911656246..000000000000 --- a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r1.ebuild +++ /dev/null @@ -1,115 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r1.ebuild,v 1.3 2004/01/08 19:57:47 plasmaroo Exp $ - -IUSE="build crypt" - -# OKV=original kernel version, KV=patched kernel version. They can be the same. -OKV=2.4.20 -KV=2.4.20 -S=${WORKDIR}/linux-ppc-crypto-${KV} - -# Kernel ebuilds using the kernel.eclass can remove any patch that you -# do not want to apply by simply setting the KERNEL_EXCLUDE shell -# variable to the string you want to exclude (for instance -# KERNEL_EXCLUDE="evms" would not patch any patches whose names match -# *evms*). Kernels are only tested in the default configuration, but -# this may be useful if you know that a particular patch is causing a -# conflict with a patch you personally want to apply, or some other -# similar situation. - -ETYPE="sources" - -#inherit kernel - -DESCRIPTION="Full cryptoapi enabled sources for the Gentoo Linux PPC kernel" -SRC_URI="http://perso.wanadoo.fr/olivier.reisch/linux-ppc-crypto/linux-ppc-crypto-${OKV}.tar.bz2" -KEYWORDS="-x86 ppc -sparc -alpha" -PROVIDE="virtual/linux-sources" -HOMEPAGE="http://www.kernel.org/ http://www.kerneli.org/ http://www.gentoo.org/" -LICENSE="GPL-2" -SLOT="${KV}" - -if [ $ETYPE = "sources" ] && [ -z "`use build`" ] -then - #console-tools is needed to solve the loadkeys fiasco; binutils version needed to avoid Athlon/PIII/SSE assembler bugs. - DEPEND=">=sys-devel/binutils-2.11.90.0.31" - RDEPEND=">=sys-libs/ncurses-5.2 dev-lang/perl - virtual/modutils sys-devel/make" -fi - - -src_unpack() { - - cd ${WORKDIR} - unpack linux-ppc-crypto-${OKV}.tar.bz2 - cd ${S} - pwd - - epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" - - #sometimes we have icky kernel symbols; this seems to get rid of them - make mrproper || die - - #this file is required for other things to build properly, so we autogenerate it - make include/linux/version.h || die - - #fix silly permissions in tarball - cd ${WORKDIR} - chown -R 0:0 * - chmod -R a+r-w+X,u+w * - - # Gentoo Linux uses /boot, so fix 'make install' to work properly - cd ${S} - mv Makefile Makefile.orig - sed -e 's:#export\tINSTALL_PATH:export\tINSTALL_PATH:' \ - Makefile.orig >Makefile || die # test, remove me if Makefile ok - rm Makefile.orig - -} - -src_compile() { - if [ "$ETYPE" = "headers" ] - then - yes "" | make oldconfig - echo "Ignore any errors from the yes command above." - fi -} - -src_install() { - if [ "$ETYPE" = "sources" ] - then - dodir /usr/src - cd ${S} - echo ">>> Copying sources..." - mv ${WORKDIR}/* ${D}/usr/src - else - #linux-headers - yes "" | make oldconfig - echo "Ignore any errors from the yes command above." - make dep - dodir /usr/include/linux - cp -ax ${S}/include/linux/* ${D}/usr/include/linux - dodir /usr/include/asm - cp -ax ${S}/include/asm-ppc/* ${D}/usr/include/asm - fi -} - -pkg_preinst() { - if [ "$ETYPE" = "headers" ] - then - [ -L ${ROOT}usr/include/linux ] && rm ${ROOT}usr/include/linux - [ -L ${ROOT}usr/include/asm ] && rm ${ROOT}usr/include/asm - true - fi -} - -pkg_postinst() { - [ "$ETYPE" = "headers" ] && return - if [ ! -e ${ROOT}usr/src/linux ] - then - rm -f ${ROOT}usr/src/linux - ln -sf linux-ppc-crypto-${KV} ${ROOT}/usr/src/linux - fi - [ `use xfs` ] && ewarn "XFS is no longer included!" -} diff --git a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r2.ebuild b/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r3.ebuild index 20b513a9f9e6..1331bb3baf5f 100644 --- a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r2.ebuild +++ b/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r2.ebuild,v 1.1 2004/01/08 19:57:47 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20-r3.ebuild,v 1.1 2004/02/19 00:31:26 plasmaroo Exp $ IUSE="build crypt" @@ -49,6 +49,7 @@ src_unpack() { epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch do_brk() vulnerability!" epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" + epatch ${FILESDIR}/${PN}.munmap.patch || die "Failed to apply munmap patch!" #sometimes we have icky kernel symbols; this seems to get rid of them make mrproper || die diff --git a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20.ebuild b/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20.ebuild deleted file mode 100644 index 3b8509f4b66d..000000000000 --- a/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20.ebuild +++ /dev/null @@ -1,115 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ppc-sources-crypto/ppc-sources-crypto-2.4.20.ebuild,v 1.11 2004/01/08 19:57:47 plasmaroo Exp $ - -IUSE="build crypt" - -# OKV=original kernel version, KV=patched kernel version. They can be the same. -OKV=2.4.20 -KV=2.4.20 -S=${WORKDIR}/linux-ppc-crypto-${KV} - -# Kernel ebuilds using the kernel.eclass can remove any patch that you -# do not want to apply by simply setting the KERNEL_EXCLUDE shell -# variable to the string you want to exclude (for instance -# KERNEL_EXCLUDE="evms" would not patch any patches whose names match -# *evms*). Kernels are only tested in the default configuration, but -# this may be useful if you know that a particular patch is causing a -# conflict with a patch you personally want to apply, or some other -# similar situation. - -ETYPE="sources" - -#inherit kernel - -DESCRIPTION="Full cryptoapi enabled sources for the Gentoo Linux PPC kernel" -SRC_URI="http://perso.wanadoo.fr/olivier.reisch/linux-ppc-crypto/linux-ppc-crypto-${OKV}.tar.bz2" -KEYWORDS="-x86 ppc -sparc -alpha" -PROVIDE="virtual/linux-sources" -HOMEPAGE="http://www.kernel.org/ http://www.kerneli.org/ http://www.gentoo.org/" -LICENSE="GPL-2" -SLOT="${KV}" - -if [ $ETYPE = "sources" ] && [ -z "`use build`" ] -then - #console-tools is needed to solve the loadkeys fiasco; binutils version needed to avoid Athlon/PIII/SSE assembler bugs. - DEPEND=">=sys-devel/binutils-2.11.90.0.31" - RDEPEND=">=sys-libs/ncurses-5.2 dev-lang/perl - virtual/modutils sys-devel/make" -fi - - -src_unpack() { - - cd ${WORKDIR} - unpack linux-ppc-crypto-${OKV}.tar.bz2 - cd ${S} - pwd - - epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" - - #sometimes we have icky kernel symbols; this seems to get rid of them - make mrproper || die - - #this file is required for other things to build properly, so we autogenerate it - make include/linux/version.h || die - - #fix silly permissions in tarball - cd ${WORKDIR} - chown -R 0:0 * - chmod -R a+r-w+X,u+w * - - # Gentoo Linux uses /boot, so fix 'make install' to work properly - cd ${S} - mv Makefile Makefile.orig - sed -e 's:#export\tINSTALL_PATH:export\tINSTALL_PATH:' \ - Makefile.orig >Makefile || die # test, remove me if Makefile ok - rm Makefile.orig - -} - -src_compile() { - if [ "$ETYPE" = "headers" ] - then - yes "" | make oldconfig - echo "Ignore any errors from the yes command above." - fi -} - -src_install() { - if [ "$ETYPE" = "sources" ] - then - dodir /usr/src - cd ${S} - echo ">>> Copying sources..." - mv ${WORKDIR}/* ${D}/usr/src - else - #linux-headers - yes "" | make oldconfig - echo "Ignore any errors from the yes command above." - make dep - dodir /usr/include/linux - cp -ax ${S}/include/linux/* ${D}/usr/include/linux - dodir /usr/include/asm - cp -ax ${S}/include/asm-ppc/* ${D}/usr/include/asm - fi -} - -pkg_preinst() { - if [ "$ETYPE" = "headers" ] - then - [ -L ${ROOT}usr/include/linux ] && rm ${ROOT}usr/include/linux - [ -L ${ROOT}usr/include/asm ] && rm ${ROOT}usr/include/asm - true - fi -} - -pkg_postinst() { - [ "$ETYPE" = "headers" ] && return - if [ ! -e ${ROOT}usr/src/linux ] - then - rm -f ${ROOT}usr/src/linux - ln -sf linux-ppc-crypto-${KV} ${ROOT}/usr/src/linux - fi - [ `use xfs` ] && ewarn "XFS is no longer included!" -} |