Added the fix for the ptrace vulnerability for AMD64 platforms.

1 files changed, 29 insertions, 0 deletions

diff --git a/sys-kernel/ck-sources/files/ck-sources-2.4.24.CAN-2004-0001.patch b/sys-kernel/ck-sources/files/ck-sources-2.4.24.CAN-2004-0001.patch
new file mode 100644
index 000000000000..bb51f9aa9a62
--- /dev/null
+++ b/sys-kernel/ck-sources/files/ck-sources-2.4.24.CAN-2004-0001.patch
@@ -0,0 +1,29 @@
+diff -u linux/arch/x86_64/ia32/ptrace32.c-PTRACE linux/arch/x86_64/ia32/ptrace32.c
+--- linux/arch/x86_64/ia32/ptrace32.c-PTRACE	2003-06-16 13:03:58.000000000 +0200
++++ linux/arch/x86_64/ia32/ptrace32.c	2004-01-07 18:04:43.000000000 +0100
+@@ -25,6 +25,10 @@
+ #include <asm/fpu32.h>
+ #include <linux/mm.h>
+ 
++/* determines which flags the user has access to. */
++/* 1 = access 0 = no access */
++#define FLAG_MASK 0x44dd5UL
++
+ #define R32(l,q) \
+ 	case offsetof(struct user32, regs.l): stack[offsetof(struct pt_regs, q)/8] = val; break
+ 
+@@ -69,9 +73,12 @@
+ 	R32(eip, rip);
+ 	R32(esp, rsp);
+ 
+-	case offsetof(struct user32, regs.eflags): 
+-		stack[offsetof(struct pt_regs, eflags)/8] = val & 0x44dd5; 
++	case offsetof(struct user32, regs.eflags): { 
++		__u64 *flags = &stack[offsetof(struct pt_regs, eflags)/8];
++		val &= FLAG_MASK;
++		*flags = val | (*flags & ~FLAG_MASK);
+ 		break;
++	}
+ 
+ 	case offsetof(struct user32, u_debugreg[4]): 
+ 	case offsetof(struct user32, u_debugreg[5]):