Fixed security issue, bug 209460. Straight to stable.

(Portage version: 2.1.3.19, RepoMan options: --force)

3 files changed, 63 insertions, 1 deletions

diff --git a/sys-kernel/openvz-sources/ChangeLog b/sys-kernel/openvz-sources/ChangeLog
index daac549d7199..276d42e46d5b 100644
--- a/sys-kernel/openvz-sources/ChangeLog
+++ b/sys-kernel/openvz-sources/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-kernel/openvz-sources
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/ChangeLog,v 1.83 2008/01/30 08:09:29 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/ChangeLog,v 1.84 2008/02/13 08:41:15 pva Exp $
+
+*openvz-sources-2.6.18.028.053-r1 (13 Feb 2008)
+
+  13 Feb 2008; <pva@gentoo.org>
+  +files/openvz-sources-2.6.18-ms-splice-access.patch,
+  +openvz-sources-2.6.18.028.053-r1.ebuild:
+  Fixed security issue, bug 209460. Straight to stable.
 
   30 Jan 2008; <pva@gentoo.org> -openvz-sources-2.6.18.028.051.ebuild:
   clean old, vulneralble.
diff --git a/sys-kernel/openvz-sources/files/openvz-sources-2.6.18-ms-splice-access.patch b/sys-kernel/openvz-sources/files/openvz-sources-2.6.18-ms-splice-access.patch
new file mode 100644
index 000000000000..d323f0cc28cf
--- /dev/null
+++ b/sys-kernel/openvz-sources/files/openvz-sources-2.6.18-ms-splice-access.patch
@@ -0,0 +1,25 @@
+https://bugs.gentoo.org/show_bug.cgi?id=209460
+http://bugzilla.openvz.org/show_bug.cgi?id=814
+
+--- ./fs/splice.c.pipe	2008-01-28 18:56:37.000000000 +0300
++++ ./fs/splice.c	2008-02-11 14:00:53.000000000 +0300
+@@ -1138,6 +1138,10 @@ static int get_iovec_page_array(const st
+ 		/*
+ 		 * Get user address base and length for this iovec.
+ 		 */
++		error = -EFAULT;
++        	if (!access_ok(VERIFY_READ, iov, sizeof(*iov)))
++			break;
++
+ 		error = get_user(base, &iov->iov_base);
+ 		if (unlikely(error))
+ 			break;
+@@ -1151,7 +1155,7 @@ static int get_iovec_page_array(const st
+ 		if (unlikely(!len))
+ 			break;
+ 		error = -EFAULT;
+-		if (unlikely(!base))
++		if (!access_ok(VERIFY_READ, base, len))
+ 			break;
+ 
+ 		/*
diff --git a/sys-kernel/openvz-sources/openvz-sources-2.6.18.028.053-r1.ebuild b/sys-kernel/openvz-sources/openvz-sources-2.6.18.028.053-r1.ebuild
new file mode 100644
index 000000000000..c440159a02f9
--- /dev/null
+++ b/sys-kernel/openvz-sources/openvz-sources-2.6.18.028.053-r1.ebuild
@@ -0,0 +1,30 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/openvz-sources-2.6.18.028.053-r1.ebuild,v 1.1 2008/02/13 08:41:15 pva Exp $
+
+inherit versionator
+
+ETYPE="sources"
+
+CKV=$(get_version_component_range 1-3)
+OKV=${OKV:-${CKV}}
+KV_FULL=${CKV}-${PN/-*}-$(get_version_component_range 4).$(get_version_component_range 5)
+OVZ_KERNEL="$(get_version_component_range 4)stab$(get_version_component_range 5)"
+OVZ_REV="4"
+EXTRAVERSION=-${OVZ_KERNEL}
+KERNEL_URI="mirror://kernel/linux/kernel/v${KV_MAJOR}.${KV_MINOR}/linux-${OKV}.tar.bz2"
+
+inherit kernel-2
+detect_version
+
+KEYWORDS="amd64 ~ia64 ~ppc64 ~sparc x86"
+IUSE=""
+
+DESCRIPTION="Full sources including OpenVZ patchset for the ${KV_MAJOR}.${KV_MINOR} kernel tree"
+HOMEPAGE="http://www.openvz.org"
+SRC_URI="${KERNEL_URI} ${ARCH_URI}
+	http://download.openvz.org/kernel/branches/${CKV}/${OVZ_KERNEL}.${OVZ_REV}/patches/patch-ovz${OVZ_KERNEL}.${OVZ_REV}-combined.gz"
+
+UNIPATCH_STRICTORDER=1
+UNIPATCH_LIST="${DISTDIR}/patch-ovz${OVZ_KERNEL}.${OVZ_REV}-combined.gz
+${FILESDIR}/openvz-sources-2.6.18-ms-splice-access.patch"