Added the fix for the ptrace vulnerability for AMD64 platforms.

4 files changed, 69 insertions, 2 deletions

diff --git a/sys-kernel/vanilla-sources/ChangeLog b/sys-kernel/vanilla-sources/ChangeLog
index ee54dd634feb..576c2573f167 100644
--- a/sys-kernel/vanilla-sources/ChangeLog
+++ b/sys-kernel/vanilla-sources/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-kernel/vanilla-sources
-# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/ChangeLog,v 1.21 2004/01/05 19:03:56 scox Exp $
+# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/ChangeLog,v 1.22 2004/02/16 17:53:59 plasmaroo Exp $
+
+*vanilla-sources-2.4.24-r1 (16 Feb 2004)
+
+  16 Feb 2004; <plasmaroo@gentoo.org> vanilla-sources-2.4.24-r1.ebuild,
+  files/vanilla-sources-2.4.24.CAN-2004-0001.patch:
+  Added the fix for the ptrace vulnerability for AMD64 platforms.
 
 *vanilla-sources-2.4.24 (05 Jan 2004)
 
diff --git a/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1 b/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1
new file mode 100644
index 000000000000..c53c09ff6087
--- /dev/null
+++ b/sys-kernel/vanilla-sources/files/digest-vanilla-sources-2.4.24-r1
@@ -0,0 +1 @@
+MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818
diff --git a/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch b/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch
new file mode 100644
index 000000000000..bb51f9aa9a62
--- /dev/null
+++ b/sys-kernel/vanilla-sources/files/vanilla-sources-2.4.24.CAN-2004-0001.patch
@@ -0,0 +1,29 @@
+diff -u linux/arch/x86_64/ia32/ptrace32.c-PTRACE linux/arch/x86_64/ia32/ptrace32.c
+--- linux/arch/x86_64/ia32/ptrace32.c-PTRACE	2003-06-16 13:03:58.000000000 +0200
++++ linux/arch/x86_64/ia32/ptrace32.c	2004-01-07 18:04:43.000000000 +0100
+@@ -25,6 +25,10 @@
+ #include <asm/fpu32.h>
+ #include <linux/mm.h>
+ 
++/* determines which flags the user has access to. */
++/* 1 = access 0 = no access */
++#define FLAG_MASK 0x44dd5UL
++
+ #define R32(l,q) \
+ 	case offsetof(struct user32, regs.l): stack[offsetof(struct pt_regs, q)/8] = val; break
+ 
+@@ -69,9 +73,12 @@
+ 	R32(eip, rip);
+ 	R32(esp, rsp);
+ 
+-	case offsetof(struct user32, regs.eflags): 
+-		stack[offsetof(struct pt_regs, eflags)/8] = val & 0x44dd5; 
++	case offsetof(struct user32, regs.eflags): { 
++		__u64 *flags = &stack[offsetof(struct pt_regs, eflags)/8];
++		val &= FLAG_MASK;
++		*flags = val | (*flags & ~FLAG_MASK);
+ 		break;
++	}
+ 
+ 	case offsetof(struct user32, u_debugreg[4]): 
+ 	case offsetof(struct user32, u_debugreg[5]):
diff --git a/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild b/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild
new file mode 100644
index 000000000000..b877045ee47b
--- /dev/null
+++ b/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/vanilla-sources/vanilla-sources-2.4.24-r1.ebuild,v 1.1 2004/02/16 17:53:59 plasmaroo Exp $
+#OKV=original kernel version, KV=patched kernel version.  They can be the same.
+
+ETYPE="sources"
+inherit kernel
+
+OKV=2.4.24
+KV=2.4.24
+EXTRAVERSION=" "
+S=${WORKDIR}/linux-${KV}
+
+# What's in this kernel?
+
+# INCLUDED:
+# stock 2.4.24 kernel sources
+
+DESCRIPTION="Full sources for the Linux kernel"
+SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2"
+HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/"
+KEYWORDS="amd64 -*"
+SLOT="${KV}"
+
+src_unpack() {
+	unpack linux-${OKV}.tar.bz2
+
+	cd ${S}
+	epatch ${FILESDIR}/${P}.CAN-2004-0001.patch || die "Failed to apply AMD64 ptrace patch!"
+	kernel_universal_unpack
+}