diff options
author | Guillaume Destuynder <kang@gentoo.org> | 2004-06-30 11:42:15 +0000 |
---|---|---|
committer | Guillaume Destuynder <kang@gentoo.org> | 2004-06-30 11:42:15 +0000 |
commit | f95b617901041cce942886f3c9f626dba29a879d (patch) | |
tree | 95268317db6ced1737d561f94a6e2a6d57691bc5 /sys-kernel/rsbac-sources | |
parent | wmpower 0.3.1 stable on x86, wipe out old versions. (diff) | |
download | historical-f95b617901041cce942886f3c9f626dba29a879d.tar.gz historical-f95b617901041cce942886f3c9f626dba29a879d.tar.bz2 historical-f95b617901041cce942886f3c9f626dba29a879d.zip |
Security bump. fixes CAN 495 and 535
Diffstat (limited to 'sys-kernel/rsbac-sources')
6 files changed, 736 insertions, 3 deletions
diff --git a/sys-kernel/rsbac-sources/ChangeLog b/sys-kernel/rsbac-sources/ChangeLog index 60d9d054ace2..342285735a60 100644 --- a/sys-kernel/rsbac-sources/ChangeLog +++ b/sys-kernel/rsbac-sources/ChangeLog @@ -1,9 +1,17 @@ # ChangeLog for sys-kernel/rsbac-sources # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/rsbac-sources/ChangeLog,v 1.8 2004/06/26 20:54:14 kang Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/rsbac-sources/ChangeLog,v 1.9 2004/06/30 11:42:15 kang Exp $ *rsbac-sources-2.4.26 (24 Jun 2004) + 29 Jun 2004; Guillaume Destuynder <kang@gentoo.org>: + -rsbac-sources-2.4.26.ebuild + +rsbac-sources-2.4.26-r1.ebuild + +files/rsbac-sources-2.4.CAN-2004-0495.patch + +files/ rsbac-sources-2.4.CAN-2004-0535.patch + + Security bump with fixes for 2.4.26 + 24 Jun 2004; Guillaume Destuynder <kang@gentoo.org>: Initial import. Ebuild submitted by zhware <zhware@gentoo.org> Added 1.2.3-1 security bugfixe from rsbac.org diff --git a/sys-kernel/rsbac-sources/Manifest b/sys-kernel/rsbac-sources/Manifest index a560ae75d0a0..e5674c46041b 100644 --- a/sys-kernel/rsbac-sources/Manifest +++ b/sys-kernel/rsbac-sources/Manifest @@ -1,4 +1,18 @@ -MD5 9c1200f609cd79b83b0292286d4b0752 rsbac-sources-2.4.26.ebuild 1125 +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + MD5 fee9abc7797fef753c42454679bae9a7 metadata.xml 456 -MD5 b409aac244a5da05184079a4df0f8573 ChangeLog 339 +MD5 0da12f900fa66c34a72182db28a0fa75 rsbac-sources-2.4.26-r1.ebuild 1326 +MD5 6d506c130dcc9ffb170ebc2472c1fbdc rsbac-sources-2.4.26.ebuild 1237 +MD5 90fab63a76abd44a4b325ff68d8061c7 ChangeLog 688 +MD5 0f66013f643c79c97fda489618a4e2fd files/rsbac-sources-2.4.CAN-2004-0535.patch 476 +MD5 dc18e982f8149588a291956481885a8c files/rsbac-sources-2.4.CAN-2004-0495.patch 17549 +MD5 6f7531a1113b6ecc54c506b918d40e95 files/digest-rsbac-sources-2.4.26-r1 207 MD5 6f7531a1113b6ecc54c506b918d40e95 files/digest-rsbac-sources-2.4.26 207 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.2.4 (GNU/Linux) + +iD8DBQFA4qgUJUNS2Y9cV5ERAsIFAJ9xSt/RvEYz2MqTxaJXnE2q1V6CGgCeLN2n +lQK3d/bLMmKuQH1ABuLUSh8= +=vtoG +-----END PGP SIGNATURE----- diff --git a/sys-kernel/rsbac-sources/files/digest-rsbac-sources-2.4.26-r1 b/sys-kernel/rsbac-sources/files/digest-rsbac-sources-2.4.26-r1 new file mode 100644 index 000000000000..2d70a2ab07f6 --- /dev/null +++ b/sys-kernel/rsbac-sources/files/digest-rsbac-sources-2.4.26-r1 @@ -0,0 +1,3 @@ +MD5 88d7aefa03c92739cb70298a0b486e2c linux-2.4.26.tar.bz2 30772389 +MD5 f3759250e9c4bb5ccb773174fafe0ba7 rsbac-v1.2.3.tar.bz2 489127 +MD5 26604fdd9cc696510c65b5db124c7527 rsbac-patches-2.4-26.7.tar.bz2 294589 diff --git a/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0495.patch b/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0495.patch new file mode 100644 index 000000000000..bea80eac69a9 --- /dev/null +++ b/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0495.patch @@ -0,0 +1,655 @@ +--- linux/net/decnet/dn_dev.c.bak Wed Jun 16 14:42:24 2004 ++++ linux/net/decnet/dn_dev.c Wed Jun 16 14:42:34 2004 +@@ -1070,31 +1070,39 @@ int dnet_gifconf(struct net_device *dev, + { + struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; + struct dn_ifaddr *ifa; +- struct ifreq *ifr = (struct ifreq *)buf; ++ char buffer[DN_IFREQ_SIZE]; ++ struct ifreq *ifr = (struct ifreq *)buffer; ++ struct sockaddr_dn *addr = (struct sockaddr_dn *)&ifr->ifr_addr; + int done = 0; + + if ((dn_db == NULL) || ((ifa = dn_db->ifa_list) == NULL)) + return 0; + + for(; ifa; ifa = ifa->ifa_next) { +- if (!ifr) { ++ if (!buf) { + done += sizeof(DN_IFREQ_SIZE); + continue; + } + if (len < DN_IFREQ_SIZE) + return done; +- memset(ifr, 0, DN_IFREQ_SIZE); ++ memset(buffer, 0, DN_IFREQ_SIZE); + + if (ifa->ifa_label) + strcpy(ifr->ifr_name, ifa->ifa_label); + else + strcpy(ifr->ifr_name, dev->name); + +- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_family = AF_DECnet; +- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_len = 2; +- (*(dn_address *)(*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_addr) = ifa->ifa_local; ++ addr->sdn_family = AF_DECnet; ++ addr->sdn_add.a_len = 2; ++ memcpy(addr->sdn_add.a_addr, &ifa->ifa_local, ++ sizeof(dn_address)); + +- ifr = (struct ifreq *)((char *)ifr + DN_IFREQ_SIZE); ++ if (copy_to_user(buf, buffer, DN_IFREQ_SIZE)) { ++ done = -EFAULT; ++ break; ++ } ++ ++ buf += DN_IFREQ_SIZE; + len -= DN_IFREQ_SIZE; + done += DN_IFREQ_SIZE; + } +--- linux-2.4.21/drivers/net/wireless/airo.c 2003-06-13 15:51:35.000000000 +0100 ++++ linux-2.4.21/drivers/net/wireless/airo.c.plasmaroo 2004-06-24 11:09:08.260352168 +0100 +@@ -3012,19 +3012,22 @@ + size_t len, + loff_t *offset ) + { +- int i; +- int pos; ++ loff_t pos = *offset; + struct proc_data *priv = (struct proc_data*)file->private_data; + +- if( !priv->rbuffer ) return -EINVAL; ++ if (!priv->rbuffer) ++ return -EINVAL; + +- pos = *offset; +- for( i = 0; i+pos < priv->readlen && i < len; i++ ) { +- if (put_user( priv->rbuffer[i+pos], buffer+i )) +- return -EFAULT; +- } +- *offset += i; +- return i; ++ if (pos < 0) ++ return -EINVAL; ++ if (pos >= priv->readlen) ++ return 0; ++ if (len > priv->readlen - pos) ++ len = priv->readlen - pos; ++ if (copy_to_user(buffer, priv->rbuffer + pos, len)) ++ return -EFAULT; ++ *offset = pos + len; ++ return len; + } + + /* +@@ -3036,24 +3039,24 @@ + size_t len, + loff_t *offset ) + { +- int i; +- int pos; ++ loff_t pos = *offset; + struct proc_data *priv = (struct proc_data*)file->private_data; + +- if ( !priv->wbuffer ) { ++ if (!priv->wbuffer) + return -EINVAL; +- } +- +- pos = *offset; + +- for( i = 0; i + pos < priv->maxwritelen && +- i < len; i++ ) { +- if (get_user( priv->wbuffer[i+pos], buffer + i )) +- return -EFAULT; +- } +- if ( i+pos > priv->writelen ) priv->writelen = i+file->f_pos; +- *offset += i; +- return i; ++ if (pos < 0) ++ return -EINVAL; ++ if (pos >= priv->maxwritelen) ++ return 0; ++ if (len > priv->maxwritelen - pos) ++ len = priv->maxwritelen - pos; ++ if (copy_from_user(priv->wbuffer + pos, buffer, len)) ++ return -EFAULT; ++ if (pos + len > priv->writelen) ++ priv->writelen = pos + len; ++ *offset = pos + len; ++ return len; + } + + static int proc_status_open( struct inode *inode, struct file *file ) { +--- linux/drivers/sound/mpu401.c.bak Wed Jun 16 14:42:24 2004 ++++ linux/drivers/sound/mpu401.c Wed Jun 16 14:42:34 2004 +@@ -1493,14 +1493,16 @@ static unsigned long mpu_timer_get_time( + static int mpu_timer_ioctl(int dev, unsigned int command, caddr_t arg) + { + int midi_dev = sound_timer_devs[dev]->devlink; ++ int *p = (int *)arg; + + switch (command) + { + case SNDCTL_TMR_SOURCE: + { + int parm; +- +- parm = *(int *) arg; ++ ++ if (get_user(parm, p)) ++ return -EFAULT; + parm &= timer_caps; + + if (parm != 0) +@@ -1512,7 +1514,9 @@ static int mpu_timer_ioctl(int dev, unsi + else if (timer_mode & TMR_MODE_SMPTE) + mpu_cmd(midi_dev, 0x3d, 0); /* Use SMPTE sync */ + } +- return (*(int *) arg = timer_mode); ++ if (put_user(timer_mode, p)) ++ return -EFAULT; ++ return timer_mode; + } + break; + +@@ -1537,10 +1541,13 @@ static int mpu_timer_ioctl(int dev, unsi + { + int val; + +- val = *(int *) arg; ++ if (get_user(val, p)) ++ return -EFAULT; + if (val) + set_timebase(midi_dev, val); +- return (*(int *) arg = curr_timebase); ++ if (put_user(curr_timebase, p)) ++ return -EFAULT; ++ return curr_timebase; + } + break; + +@@ -1549,7 +1556,8 @@ static int mpu_timer_ioctl(int dev, unsi + int val; + int ret; + +- val = *(int *) arg; ++ if (get_user(val, p)) ++ return -EFAULT; + + if (val) + { +@@ -1564,7 +1572,9 @@ static int mpu_timer_ioctl(int dev, unsi + } + curr_tempo = val; + } +- return (*(int *) arg = curr_tempo); ++ if (put_user(curr_tempo, p)) ++ return -EFAULT; ++ return curr_tempo; + } + break; + +@@ -1572,18 +1582,25 @@ static int mpu_timer_ioctl(int dev, unsi + { + int val; + +- val = *(int *) arg; ++ if (get_user(val, p)) ++ return -EFAULT; + if (val != 0) /* Can't change */ + return -EINVAL; +- return (*(int *) arg = ((curr_tempo * curr_timebase) + 30) / 60); ++ val = (curr_tempo * curr_timebase + 30) / 60; ++ if (put_user(val, p)) ++ return -EFAULT; ++ return val; + } + break; + + case SNDCTL_SEQ_GETTIME: +- return (*(int *) arg = curr_ticks); ++ if (put_user(curr_ticks, p)) ++ return -EFAULT; ++ return curr_ticks; + + case SNDCTL_TMR_METRONOME: +- metronome_mode = *(int *) arg; ++ if (get_user(metronome_mode, p)) ++ return -EFAULT; + setup_metronome(midi_dev); + return 0; + +--- linux/drivers/sound/msnd.c.bak Wed Jun 16 14:42:24 2004 ++++ linux/drivers/sound/msnd.c Wed Jun 16 14:42:34 2004 +@@ -155,13 +155,10 @@ void msnd_fifo_make_empty(msnd_fifo *f) + f->len = f->tail = f->head = 0; + } + +-int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user) ++int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len) + { + int count = 0; + +- if (f->len == f->n) +- return 0; +- + while ((count < len) && (f->len != f->n)) { + + int nwritten; +@@ -177,11 +174,7 @@ int msnd_fifo_write(msnd_fifo *f, const + nwritten = len - count; + } + +- if (user) { +- if (copy_from_user(f->data + f->tail, buf, nwritten)) +- return -EFAULT; +- } else +- isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten); ++ isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten); + + count += nwritten; + buf += nwritten; +@@ -193,13 +186,10 @@ int msnd_fifo_write(msnd_fifo *f, const + return count; + } + +-int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user) ++int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len) + { + int count = 0; + +- if (f->len == 0) +- return f->len; +- + while ((count < len) && (f->len > 0)) { + + int nread; +@@ -215,11 +205,7 @@ int msnd_fifo_read(msnd_fifo *f, char *b + nread = len - count; + } + +- if (user) { +- if (copy_to_user(buf, f->data + f->head, nread)) +- return -EFAULT; +- } else +- isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread); ++ isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread); + + count += nread; + buf += nread; +--- linux/drivers/sound/msnd.h.bak Wed Jun 16 14:42:24 2004 ++++ linux/drivers/sound/msnd.h Wed Jun 16 14:42:34 2004 +@@ -266,8 +266,8 @@ void msnd_fifo_init(msnd_fifo *f); + void msnd_fifo_free(msnd_fifo *f); + int msnd_fifo_alloc(msnd_fifo *f, size_t n); + void msnd_fifo_make_empty(msnd_fifo *f); +-int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user); +-int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user); ++int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len); ++int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len); + + int msnd_wait_TXDE(multisound_dev_t *dev); + int msnd_wait_HC0(multisound_dev_t *dev); +--- linux/drivers/sound/msnd_pinnacle.c.bak Wed Jun 16 14:42:24 2004 ++++ linux/drivers/sound/msnd_pinnacle.c Wed Jun 16 14:42:34 2004 +@@ -804,7 +804,7 @@ static int dev_release(struct inode *ino + + static __inline__ int pack_DARQ_to_DARF(register int bank) + { +- register int size, n, timeout = 3; ++ register int size, timeout = 3; + register WORD wTmp; + LPDAQD DAQD; + +@@ -825,13 +825,10 @@ static __inline__ int pack_DARQ_to_DARF( + /* Read data from the head (unprotected bank 1 access okay + since this is only called inside an interrupt) */ + outb(HPBLKSEL_1, dev.io + HP_BLKS); +- if ((n = msnd_fifo_write( ++ msnd_fifo_write( + &dev.DARF, + (char *)(dev.base + bank * DAR_BUFF_SIZE), +- size, 0)) <= 0) { +- outb(HPBLKSEL_0, dev.io + HP_BLKS); +- return n; +- } ++ size); + outb(HPBLKSEL_0, dev.io + HP_BLKS); + + return 1; +@@ -853,21 +850,16 @@ static __inline__ int pack_DAPF_to_DAPQ( + if (protect) { + /* Critical section: protect fifo in non-interrupt */ + spin_lock_irqsave(&dev.lock, flags); +- if ((n = msnd_fifo_read( ++ n = msnd_fifo_read( + &dev.DAPF, + (char *)(dev.base + bank_num * DAP_BUFF_SIZE), +- DAP_BUFF_SIZE, 0)) < 0) { +- spin_unlock_irqrestore(&dev.lock, flags); +- return n; +- } ++ DAP_BUFF_SIZE); + spin_unlock_irqrestore(&dev.lock, flags); + } else { +- if ((n = msnd_fifo_read( ++ n = msnd_fifo_read( + &dev.DAPF, + (char *)(dev.base + bank_num * DAP_BUFF_SIZE), +- DAP_BUFF_SIZE, 0)) < 0) { +- return n; +- } ++ DAP_BUFF_SIZE); + } + if (!n) + break; +@@ -894,30 +886,43 @@ static __inline__ int pack_DAPF_to_DAPQ( + static int dsp_read(char *buf, size_t len) + { + int count = len; ++ char *page = (char *)__get_free_page(PAGE_SIZE); ++ ++ if (!page) ++ return -ENOMEM; + + while (count > 0) { +- int n; ++ int n, k; + unsigned long flags; + ++ k = PAGE_SIZE; ++ if (k > count) ++ k = count; ++ + /* Critical section: protect fifo in non-interrupt */ + spin_lock_irqsave(&dev.lock, flags); +- if ((n = msnd_fifo_read(&dev.DARF, buf, count, 1)) < 0) { +- printk(KERN_WARNING LOGNAME ": FIFO read error\n"); +- spin_unlock_irqrestore(&dev.lock, flags); +- return n; +- } ++ n = msnd_fifo_read(&dev.DARF, page, k); + spin_unlock_irqrestore(&dev.lock, flags); ++ if (copy_to_user(buf, page, n)) { ++ free_page((unsigned long)page); ++ return -EFAULT; ++ } + buf += n; + count -= n; + ++ if (n == k && count) ++ continue; ++ + if (!test_bit(F_READING, &dev.flags) && dev.mode & FMODE_READ) { + dev.last_recbank = -1; + if (chk_send_dsp_cmd(&dev, HDEX_RECORD_START) == 0) + set_bit(F_READING, &dev.flags); + } + +- if (dev.rec_ndelay) ++ if (dev.rec_ndelay) { ++ free_page((unsigned long)page); + return count == len ? -EAGAIN : len - count; ++ } + + if (count > 0) { + set_bit(F_READBLOCK, &dev.flags); +@@ -926,41 +931,57 @@ static int dsp_read(char *buf, size_t le + get_rec_delay_jiffies(DAR_BUFF_SIZE))) + clear_bit(F_READING, &dev.flags); + clear_bit(F_READBLOCK, &dev.flags); +- if (signal_pending(current)) ++ if (signal_pending(current)) { ++ free_page((unsigned long)page); + return -EINTR; ++ } + } + } +- ++ free_page((unsigned long)page); + return len - count; + } + + static int dsp_write(const char *buf, size_t len) + { + int count = len; ++ char *page = (char *)__get_free_page(GFP_KERNEL); ++ ++ if (!page) ++ return -ENOMEM; + + while (count > 0) { +- int n; ++ int n, k; + unsigned long flags; + ++ k = PAGE_SIZE; ++ if (k > count) ++ k = count; ++ ++ if (copy_from_user(page, buf, k)) { ++ free_page((unsigned long)page); ++ return -EFAULT; ++ } ++ + /* Critical section: protect fifo in non-interrupt */ + spin_lock_irqsave(&dev.lock, flags); +- if ((n = msnd_fifo_write(&dev.DAPF, buf, count, 1)) < 0) { +- printk(KERN_WARNING LOGNAME ": FIFO write error\n"); +- spin_unlock_irqrestore(&dev.lock, flags); +- return n; +- } ++ n = msnd_fifo_write(&dev.DAPF, page, k); + spin_unlock_irqrestore(&dev.lock, flags); + buf += n; + count -= n; + ++ if (count && n == k) ++ continue; ++ + if (!test_bit(F_WRITING, &dev.flags) && (dev.mode & FMODE_WRITE)) { + dev.last_playbank = -1; + if (pack_DAPF_to_DAPQ(1) > 0) + set_bit(F_WRITING, &dev.flags); + } + +- if (dev.play_ndelay) ++ if (dev.play_ndelay) { ++ free_page((unsigned long)page); + return count == len ? -EAGAIN : len - count; ++ } + + if (count > 0) { + set_bit(F_WRITEBLOCK, &dev.flags); +@@ -968,11 +989,14 @@ static int dsp_write(const char *buf, si + &dev.writeblock, + get_play_delay_jiffies(DAP_BUFF_SIZE)); + clear_bit(F_WRITEBLOCK, &dev.flags); +- if (signal_pending(current)) ++ if (signal_pending(current)) { ++ free_page((unsigned long)page); + return -EINTR; ++ } + } + } + ++ free_page((unsigned long)page); + return len - count; + } + +--- linux/drivers/sound/pss.c.bak Wed Jun 16 14:42:24 2004 ++++ linux/drivers/sound/pss.c Wed Jun 16 14:42:34 2004 +@@ -450,20 +450,36 @@ static void pss_mixer_reset(pss_confdata + } + } + +-static void arg_to_volume_mono(unsigned int volume, int *aleft) ++static int set_volume_mono(caddr_t p, int *aleft) + { + int left; ++ unsigned volume; ++ if (get_user(volume, (unsigned *)p)) ++ return -EFAULT; + +- left = volume & 0x00ff; ++ left = volume & 0xff; + if (left > 100) + left = 100; + *aleft = left; ++ return 0; + } + +-static void arg_to_volume_stereo(unsigned int volume, int *aleft, int *aright) ++static int set_volume_stereo(caddr_t p, int *aleft, int *aright) + { +- arg_to_volume_mono(volume, aleft); +- arg_to_volume_mono(volume >> 8, aright); ++ int left, right; ++ unsigned volume; ++ if (get_user(volume, (unsigned *)p)) ++ return -EFAULT; ++ ++ left = volume & 0xff; ++ if (left > 100) ++ left = 100; ++ right = (volume >> 8) & 0xff; ++ if (right > 100) ++ right = 100; ++ *aleft = left; ++ *aright = right; ++ return 0; + } + + static int ret_vol_mono(int left) +@@ -510,33 +526,38 @@ static int pss_mixer_ioctl (int dev, uns + return call_ad_mixer(devc, cmd, arg); + else + { +- if (*(int *)arg != 0) ++ int v; ++ if (get_user(v, (int *)arg)) ++ return -EFAULT; ++ if (v != 0) + return -EINVAL; + return 0; + } + case SOUND_MIXER_VOLUME: +- arg_to_volume_stereo(*(unsigned int *)arg, &devc->mixer.volume_l, +- &devc->mixer.volume_r); ++ if (set_volume_stereo(arg, ++ &devc->mixer.volume_l, ++ &devc->mixer.volume_r)) ++ return -EFAULT; + set_master_volume(devc, devc->mixer.volume_l, + devc->mixer.volume_r); + return ret_vol_stereo(devc->mixer.volume_l, + devc->mixer.volume_r); + + case SOUND_MIXER_BASS: +- arg_to_volume_mono(*(unsigned int *)arg, +- &devc->mixer.bass); ++ if (set_volume_mono(arg, &devc->mixer.bass)) ++ return -EFAULT; + set_bass(devc, devc->mixer.bass); + return ret_vol_mono(devc->mixer.bass); + + case SOUND_MIXER_TREBLE: +- arg_to_volume_mono(*(unsigned int *)arg, +- &devc->mixer.treble); ++ if (set_volume_mono(arg, &devc->mixer.treble)) ++ return -EFAULT; + set_treble(devc, devc->mixer.treble); + return ret_vol_mono(devc->mixer.treble); + + case SOUND_MIXER_SYNTH: +- arg_to_volume_mono(*(unsigned int *)arg, +- &devc->mixer.synth); ++ if (set_volume_mono(arg, &devc->mixer.synth)) ++ return -EFAULT; + set_synth_volume(devc, devc->mixer.synth); + return ret_vol_mono(devc->mixer.synth); + +@@ -546,54 +567,67 @@ static int pss_mixer_ioctl (int dev, uns + } + else + { ++ int val, and_mask = 0, or_mask = 0; + /* + * Return parameters + */ + switch (cmdf) + { +- + case SOUND_MIXER_DEVMASK: + if (call_ad_mixer(devc, cmd, arg) == -EINVAL) +- *(int *)arg = 0; /* no mixer devices */ +- return (*(int *)arg |= SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH); ++ break; ++ and_mask = ~0; ++ or_mask = SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH; ++ break; + + case SOUND_MIXER_STEREODEVS: + if (call_ad_mixer(devc, cmd, arg) == -EINVAL) +- *(int *)arg = 0; /* no stereo devices */ +- return (*(int *)arg |= SOUND_MASK_VOLUME); ++ break; ++ and_mask = ~0; ++ or_mask = SOUND_MASK_VOLUME; ++ break; + + case SOUND_MIXER_RECMASK: + if (devc->ad_mixer_dev != NO_WSS_MIXER) + return call_ad_mixer(devc, cmd, arg); +- else +- return (*(int *)arg = 0); /* no record devices */ ++ break; + + case SOUND_MIXER_CAPS: + if (devc->ad_mixer_dev != NO_WSS_MIXER) + return call_ad_mixer(devc, cmd, arg); +- else +- return (*(int *)arg = SOUND_CAP_EXCL_INPUT); ++ or_mask = SOUND_CAP_EXCL_INPUT; ++ break; + + case SOUND_MIXER_RECSRC: + if (devc->ad_mixer_dev != NO_WSS_MIXER) + return call_ad_mixer(devc, cmd, arg); +- else +- return (*(int *)arg = 0); /* no record source */ ++ break; + + case SOUND_MIXER_VOLUME: +- return (*(int *)arg = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r)); ++ or_mask = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r); ++ break; + + case SOUND_MIXER_BASS: +- return (*(int *)arg = ret_vol_mono(devc->mixer.bass)); ++ or_mask = ret_vol_mono(devc->mixer.bass); ++ break; + + case SOUND_MIXER_TREBLE: +- return (*(int *)arg = ret_vol_mono(devc->mixer.treble)); ++ or_mask = ret_vol_mono(devc->mixer.treble); ++ break; + + case SOUND_MIXER_SYNTH: +- return (*(int *)arg = ret_vol_mono(devc->mixer.synth)); ++ or_mask = ret_vol_mono(devc->mixer.synth); ++ break; + default: + return -EINVAL; + } ++ if (get_user(val, (int *)arg)) ++ return -EFAULT; ++ val &= and_mask; ++ val |= or_mask; ++ if (put_user(val, (int *)arg)) ++ return -EFAULT; ++ return val; + } + } + diff --git a/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0535.patch b/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0535.patch new file mode 100644 index 000000000000..669fc5fd32fb --- /dev/null +++ b/sys-kernel/rsbac-sources/files/rsbac-sources-2.4.CAN-2004-0535.patch @@ -0,0 +1,12 @@ +--- drivers/net/e1000/e1000_ethtool.c 2003-06-13 15:51:34.000000000 +0100 ++++ drivers/net/e1000/e1000_ethtool.c.plasmaroo 2004-06-24 11:23:32.524963976 +0100 +@@ -468,6 +468,9 @@ + + if(copy_from_user(®s, addr, sizeof(regs))) + return -EFAULT; ++ memset(regs_buff, 0, sizeof(regs_buff)); ++ if (regs.len > E1000_REGS_LEN) ++ regs.len = E1000_REGS_LEN; + e1000_ethtool_gregs(adapter, ®s, regs_buff); + if(copy_to_user(addr, ®s, sizeof(regs))) + return -EFAULT; diff --git a/sys-kernel/rsbac-sources/rsbac-sources-2.4.26-r1.ebuild b/sys-kernel/rsbac-sources/rsbac-sources-2.4.26-r1.ebuild new file mode 100644 index 000000000000..567915363ab7 --- /dev/null +++ b/sys-kernel/rsbac-sources/rsbac-sources-2.4.26-r1.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/rsbac-sources/rsbac-sources-2.4.26-r1.ebuild,v 1.1 2004/06/30 11:42:15 kang Exp $ + +IUSE="" +ETYPE="sources" +inherit kernel-2 +detect_version + +# rsbac +RSBACV=1.2.3 +RSBAC_SRC="http://rsbac.org/download/code/v${RSBACV}/rsbac-v${RSBACV}.tar.bz2" + +# rsbac kernel patches +RGPV=26.7 +RGPV_SRC="mirror://rsbac-patches-${KV_MAJOR}.${KV_MINOR}-${RGPV}.tar.bz2 http://dev.gentoo.org/~zhware/rsbac/v${RSBACV}/rsbac-patches-${KV_MAJOR}.${KV_MINOR}-${RGPV}.tar.bz2" + +UNIPATCH_STRICTORDER="yes" +UNIPATCH_LIST="${FILESDIR}/${PN}-2.4.CAN-2004-0495.patch + ${FILESDIR}/${PN}-2.4.CAN-2004-0535.patch + ${DISTDIR}/rsbac-patches-${KV_MAJOR}.${KV_MINOR}-${RGPV}.tar.bz2" +UNIPATCH_DOCS="${WORKDIR}/patches/rsbac-patches-${KV_MAJOR}.${KV_MINOR}-${RGPV}/0000_README" + +HOMEPAGE="http://hardened.gentoo.org/rsbac" +DESCRIPTION="RSBAC patched sources for the ${KV_MAJOR}.${KV_MINOR} kernel tree" + +SRC_URI="${KERNEL_URI} ${RSBAC_SRC} ${RGPV_SRC}" +KEYWORDS="~x86" + + +src_unpack() { + universal_unpack + cd ${WORKDIR}/linux-${KV}; unpack rsbac-v${RSBACV}.tar.bz2 + unipatch "${UNIPATCH_LIST}" + [ -z "${K_NOSETEXTRAVERSION}" ] && unpack_set_extraversion + unpack_2_4 +} + +pkg_postinst() { + postinst_sources +} |