Added security fixes (see #57826, #59378 and #59905). Fix firmware.c.

author: Guy Martin <gmsoft@gentoo.org> 2004-08-09 23:32:52 +0000
committer: Guy Martin <gmsoft@gentoo.org> 2004-08-09 23:32:52 +0000
commit: b350485b60ab21efaa1abfc79f6a7554cd0c5947 (patch)
tree: 1fac7c7b539f1bbc30f5c1a02c3b3034712260e4 /sys-kernel/hppa-dev-sources
parent: ~x86, ~hppa (Manifest recommit) (diff)
download: gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.tar.gz
gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.tar.bz2
gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.zip
7 files changed, 195 insertions, 14 deletions
diff --git a/sys-kernel/hppa-dev-sources/ChangeLog b/sys-kernel/hppa-dev-sources/ChangeLog
index 4b5540fcca5b..c6b1c57b5a84 100644
--- a/sys-kernel/hppa-dev-sources/ChangeLog
+++ b/sys-kernel/hppa-dev-sources/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-kernel/hppa-dev-sources
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-dev-sources/ChangeLog,v 1.19 2004/07/24 07:08:29 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-dev-sources/ChangeLog,v 1.20 2004/08/09 23:32:52 gmsoft Exp $
+
+*hppa-dev-sources-2.6.7_p14-r1 (09 Aug 2004)
+
+  09 Aug 2004; Guy Martin <gmsoft@gentoo.org> +files/CAN-2004-0596.patch,
+  +files/firmware.c.patch, +files/security-proc-cmdline.patch,
+  +hppa-dev-sources-2.6.7_p14-r1.ebuild:
+  Added security fixes (see #57826, #59378 and #59905). Fix firmware.c.
 
 *hppa-dev-sources-2.6.7_p14 (24 Jul 2004)
 
diff --git a/sys-kernel/hppa-dev-sources/Manifest b/sys-kernel/hppa-dev-sources/Manifest
index 36dfba7f9bcf..a10aa5933da8 100644
--- a/sys-kernel/hppa-dev-sources/Manifest
+++ b/sys-kernel/hppa-dev-sources/Manifest
@@ -1,19 +1,12 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
+MD5 f1b3ae515c1f32812ecbf25193148a90 metadata.xml 223
 MD5 c014960f5f6a624e5bf3a3fe7c172867 ChangeLog 3591
 MD5 ae5609d9bd55ed7d9792b7b86da4df6b hppa-dev-sources-2.6.7_p1-r2.ebuild 1180
 MD5 05bef7ac2c9a5cdf016c4be6f71d034b hppa-dev-sources-2.6.7_p14.ebuild 1176
-MD5 f1b3ae515c1f32812ecbf25193148a90 metadata.xml 223
-MD5 ce5fc85224c09cf512dc725ee88945e4 files/digest-hppa-dev-sources-2.6.7_p1-r2 129
+MD5 b10ced318f80222dcdf4564eeacb37f9 hppa-dev-sources-2.6.7_p14-r1.ebuild 1361
 MD5 c857b174f7e6a6b0ab2e26f9306ad0a0 files/ncr53c8xx.diff 3701
-MD5 b6e38b41c8a79943df2ab2642149d06f files/CAN-2004-0497.patch 2214
 MD5 c91330cc5b4044b6f59696095c2dc0fb files/CAN-2004-0626-death_packet.patch 423
+MD5 b6e38b41c8a79943df2ab2642149d06f files/CAN-2004-0497.patch 2214
+MD5 ce5fc85224c09cf512dc725ee88945e4 files/digest-hppa-dev-sources-2.6.7_p1-r2 129
 MD5 2dfffb2597dfa71f526d15fdb55ce4f8 files/digest-hppa-dev-sources-2.6.7_p14 130
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.9.8 (GNU/Linux)
-
-iD8DBQFBAgr0HTu7gpaalycRAmgYAJ4qKLB3ZRuTPjOO5QF6HNvqjYrpGACfU/L8
-6ET3XNiocID9UgmUKjp9JoE=
-=BqzK
------END PGP SIGNATURE-----
+MD5 f0e12ba218f53c2694a91259bdc2fdc7 files/CAN-2004-0596.patch 494
+MD5 2c3b568f5f12b140ab983b53543bca15 files/digest-hppa-dev-sources-2.6.7_p14-r1 206
diff --git a/sys-kernel/hppa-dev-sources/files/CAN-2004-0596.patch b/sys-kernel/hppa-dev-sources/files/CAN-2004-0596.patch
new file mode 100644
index 000000000000..8ea0f0488310
--- /dev/null
+++ b/sys-kernel/hppa-dev-sources/files/CAN-2004-0596.patch
@@ -0,0 +1,20 @@
+--- drivers/net/eql.c.ori	2004-07-22 12:46:56.103576048 +0200
++++ drivers/net/eql.c	2004-07-22 12:46:59.068125368 +0200
+@@ -497,6 +497,8 @@
+ 	slave_dev = dev_get_by_name(sc.slave_name);
+ 
+ 	ret = -EINVAL;
++	if (!slave_dev)
++		return ret;
+ 
+ 	spin_lock_bh(&eql->queue.lock);
+ 	if (eql_is_slave(slave_dev)) {
+@@ -531,6 +533,8 @@
+ 	slave_dev = dev_get_by_name(sc.slave_name);
+ 
+ 	ret = -EINVAL;
++	if (!slave_dev)
++		return ret;
+ 
+ 	spin_lock_bh(&eql->queue.lock);
+ 	if (eql_is_slave(slave_dev)) {
diff --git a/sys-kernel/hppa-dev-sources/files/digest-hppa-dev-sources-2.6.7_p14-r1 b/sys-kernel/hppa-dev-sources/files/digest-hppa-dev-sources-2.6.7_p14-r1
new file mode 100644
index 000000000000..eae74def394b
--- /dev/null
+++ b/sys-kernel/hppa-dev-sources/files/digest-hppa-dev-sources-2.6.7_p14-r1
@@ -0,0 +1,3 @@
+MD5 a74671ea68b0e3c609e8785ed8497c14 linux-2.6.7.tar.bz2 35092228
+MD5 d25a37371b5e4c89d4013a17986dc8a8 patch-2.6.7-pa14.gz 151607
+MD5 52996b643afbd6ed9ba38b9483c2cac3 linux-2.6.7-CAN-2004-0415.patch 112612
diff --git a/sys-kernel/hppa-dev-sources/files/firmware.c.patch b/sys-kernel/hppa-dev-sources/files/firmware.c.patch
new file mode 100644
index 000000000000..861afed7b4a3
--- /dev/null
+++ b/sys-kernel/hppa-dev-sources/files/firmware.c.patch
@@ -0,0 +1,96 @@
+diff -urN --exclude-from=/tmp/dont11503.12372 ../.#prev/linux-2.6/arch/parisc/kernel/firmware.c linux-2.6/arch/parisc/kernel/firmware.c
+--- ../.#prev/linux-2.6/arch/parisc/kernel/firmware.c	Sun Aug  8 21:22:53 2004
++++ linux-2.6/arch/parisc/kernel/firmware.c	Sun Aug  8 21:20:08 2004
+@@ -237,11 +237,11 @@
+ #ifdef __LP64__
+ int pdc_pat_chassis_send_log(unsigned long state, unsigned long data)
+ {
++	int retval = 0;
++        
+ 	if (!is_pdc_pat())
+ 		return -1;
+ 
+-	int retval = 0;
+-
+ 	spin_lock_irq(&pdc_lock);
+ 	retval = mem_pdc_call(PDC_PAT_CHASSIS_LOG, PDC_PAT_CHASSIS_WRITE_LOG, __pa(&state), __pa(&data));
+ 	spin_unlock_irq(&pdc_lock);
+@@ -1276,29 +1276,29 @@
+ long real64_call(unsigned long fn, ...)
+ {
+ 	va_list args;
+-	extern struct wide_stack real_stack;
++	extern struct wide_stack real64_stack __attribute__ ((alias ("real_stack")));
+ 	extern unsigned long real64_call_asm(unsigned long *,
+ 					     unsigned long *, 
+ 					     unsigned long);
+     
+ 	va_start(args, fn);
+-	real_stack.arg0 = va_arg(args, unsigned long);
+-	real_stack.arg1 = va_arg(args, unsigned long);
+-	real_stack.arg2 = va_arg(args, unsigned long);
+-	real_stack.arg3 = va_arg(args, unsigned long);
+-	real_stack.arg4 = va_arg(args, unsigned long);
+-	real_stack.arg5 = va_arg(args, unsigned long);
+-	real_stack.arg6 = va_arg(args, unsigned long);
+-	real_stack.arg7 = va_arg(args, unsigned long);
+-	real_stack.arg8 = va_arg(args, unsigned long);
+-	real_stack.arg9 = va_arg(args, unsigned long);
+-	real_stack.arg10 = va_arg(args, unsigned long);
+-	real_stack.arg11 = va_arg(args, unsigned long);
+-	real_stack.arg12 = va_arg(args, unsigned long);
+-	real_stack.arg13 = va_arg(args, unsigned long);
++	real64_stack.arg0 = va_arg(args, unsigned long);
++	real64_stack.arg1 = va_arg(args, unsigned long);
++	real64_stack.arg2 = va_arg(args, unsigned long);
++	real64_stack.arg3 = va_arg(args, unsigned long);
++	real64_stack.arg4 = va_arg(args, unsigned long);
++	real64_stack.arg5 = va_arg(args, unsigned long);
++	real64_stack.arg6 = va_arg(args, unsigned long);
++	real64_stack.arg7 = va_arg(args, unsigned long);
++	real64_stack.arg8 = va_arg(args, unsigned long);
++	real64_stack.arg9 = va_arg(args, unsigned long);
++	real64_stack.arg10 = va_arg(args, unsigned long);
++	real64_stack.arg11 = va_arg(args, unsigned long);
++	real64_stack.arg12 = va_arg(args, unsigned long);
++	real64_stack.arg13 = va_arg(args, unsigned long);
+ 	va_end(args);
+ 	
+-	return real64_call_asm(&real_stack.sp, &real_stack.arg0, fn);
++	return real64_call_asm(&real64_stack.sp, &real64_stack.arg0, fn);
+ }
+ 
+ #endif /* __LP64__ */
+diff -urN --exclude-from=/tmp/dont11503.12372 ../.#prev/linux-2.6/arch/parisc/kernel/real2.S linux-2.6/arch/parisc/kernel/real2.S
+--- ../.#prev/linux-2.6/arch/parisc/kernel/real2.S	Sun May 23 18:02:45 2004
++++ linux-2.6/arch/parisc/kernel/real2.S	Sun Aug  8 21:20:08 2004
+@@ -12,8 +12,12 @@
+ 
+ 	.section	.bss
+ 	.export real_stack
++	.export real32_stack
++	.export real64_stack
+ 	.align	64
+ real_stack:
++real32_stack:
++real64_stack:
+ 	.block	8192
+ 
+ #ifdef __LP64__
+diff -urN --exclude-from=/tmp/dont11503.12372 ../.#prev/linux-2.6/arch/parisc/kernel/sys_parisc32.c linux-2.6/arch/parisc/kernel/sys_parisc32.c
+--- ../.#prev/linux-2.6/arch/parisc/kernel/sys_parisc32.c	Sun Aug  8 21:22:53 2004
++++ linux-2.6/arch/parisc/kernel/sys_parisc32.c	Sun Aug  8 21:20:08 2004
+@@ -205,10 +205,11 @@
+ 
+ asmlinkage long sys32_time(compat_time_t *tloc)
+ {
+-    struct timeval tv;
++	struct timeval tv;
++	compat_time_t now32;
+ 
+ 	do_gettimeofday(&tv);
+-	compat_time_t now32 = tv.tv_sec;
++	now32 = tv.tv_sec;
+ 
+ 	if (tloc)
+ 		if (put_user(now32, tloc))
diff --git a/sys-kernel/hppa-dev-sources/files/security-proc-cmdline.patch b/sys-kernel/hppa-dev-sources/files/security-proc-cmdline.patch
new file mode 100644
index 000000000000..bb80884c394e
--- /dev/null
+++ b/sys-kernel/hppa-dev-sources/files/security-proc-cmdline.patch
@@ -0,0 +1,24 @@
+
+From: Roger Luethi <rl@hellgate.ch>
+
+If you win the race with a starting process, you can read its environment.
+
+Signed-off-by: Andrew Morton <akpm@osdl.org>
+---
+
+ 25-akpm/fs/proc/base.c |    2 ++
+ 1 files changed, 2 insertions(+)
+
+diff -puN fs/proc/base.c~proc_pid_cmdline-race-fix fs/proc/base.c
+--- 25/fs/proc/base.c~proc_pid_cmdline-race-fix	2004-08-05 11:28:21.915442360 -0700
++++ 25-akpm/fs/proc/base.c	2004-08-05 11:28:21.919441752 -0700
+@@ -340,6 +340,8 @@ static int proc_pid_cmdline(struct task_
+ 	struct mm_struct *mm = get_task_mm(task);
+ 	if (!mm)
+ 		goto out;
++	if (!mm->arg_end)
++		goto out;	/* Shh! No looking before we're done */
+ 
+  	len = mm->arg_end - mm->arg_start;
+  
+_
diff --git a/sys-kernel/hppa-dev-sources/hppa-dev-sources-2.6.7_p14-r1.ebuild b/sys-kernel/hppa-dev-sources/hppa-dev-sources-2.6.7_p14-r1.ebuild
new file mode 100644
index 000000000000..bda6d2a709e8
--- /dev/null
+++ b/sys-kernel/hppa-dev-sources/hppa-dev-sources-2.6.7_p14-r1.ebuild
@@ -0,0 +1,38 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-dev-sources/hppa-dev-sources-2.6.7_p14-r1.ebuild,v 1.1 2004/08/09 23:32:52 gmsoft Exp $
+#OKV=original kernel version, KV=patched kernel version.  They can be the same.
+
+ETYPE="sources"
+inherit kernel-2 eutils
+OKV="${PV/_p*/}"
+PATCH_LEVEL="${PV/${OKV}_p/}"
+EXTRAVERSION="-pa${PATCH_LEVEL}"
+[ ! "${PR}" = "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}"
+KV=${OKV}${EXTRAVERSION}
+S=${WORKDIR}/linux-${KV}
+
+
+DESCRIPTION="Full sources for the Linux kernel with patch for hppa"
+SRC_URI="mirror://kernel/linux/kernel/v2.6/linux-${OKV}.tar.bz2 http://ftp.parisc-linux.org/cvs/linux-2.6/patch-${OKV}-pa${PATCH_LEVEL}.gz http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.6.7-CAN-2004-0415.patch"
+HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/ http://parisc-linux.org"
+KEYWORDS="hppa -*"
+IUSE=""
+SLOT="${KV}"
+
+
+src_unpack() {
+	unpack linux-${OKV}.tar.bz2
+	mv ${WORKDIR}/linux-${OKV} ${WORKDIR}/linux-${KV}
+	cd ${S}
+
+	epatch ${DISTDIR}/patch-${OKV}-pa${PATCH_LEVEL}.gz
+	epatch ${FILESDIR}/ncr53c8xx.diff
+	epatch ${FILESDIR}/firmware.c.patch
+	epatch ${DISTDIR}/linux-2.6.7-CAN-2004-0415.patch
+	epatch ${FILESDIR}/CAN-2004-0626-death_packet.patch
+	epatch ${FILESDIR}/CAN-2004-0497.patch
+	epatch ${FILESDIR}/CAN-2004-0596.patch
+	epatch ${FILESDIR}/security-proc-cmdline.patch
+
+}
author	Guy Martin <gmsoft@gentoo.org>	2004-08-09 23:32:52 +0000
committer	Guy Martin <gmsoft@gentoo.org>	2004-08-09 23:32:52 +0000
commit	b350485b60ab21efaa1abfc79f6a7554cd0c5947 (patch)
tree	1fac7c7b539f1bbc30f5c1a02c3b3034712260e4 /sys-kernel/hppa-dev-sources
parent	~x86, ~hppa (Manifest recommit) (diff)
download	gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.tar.gz gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.tar.bz2 gentoo-2-b350485b60ab21efaa1abfc79f6a7554cd0c5947.zip