diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-06-15 17:03:18 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-06-15 17:03:18 +0000 |
| commit | 15ec13be41710792962047bb0a847817ba3846f5 (patch) | |
| tree | 6316eb87ccfe6bd4ecb4d11218353e4ea34bc849 /sys-kernel/grsec-sources | |
| parent | added missing ~ppc and ~amd64. (Manifest recommit) (diff) | |
| download | gentoo-2-15ec13be41710792962047bb0a847817ba3846f5.tar.gz gentoo-2-15ec13be41710792962047bb0a847817ba3846f5.tar.bz2 gentoo-2-15ec13be41710792962047bb0a847817ba3846f5.zip | |
revision bump for security bug 53804
Diffstat (limited to 'sys-kernel/grsec-sources')
| -rw-r--r-- | sys-kernel/grsec-sources/ChangeLog | 8 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/Manifest | 15 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/2.4.26-signal-race.patch | 10 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r3 | 2 | ||||
| -rw-r--r-- | sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r3.ebuild | 80 |
5 files changed, 102 insertions, 13 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog index 114b040cd70c..b106a20a71ea 100644 --- a/sys-kernel/grsec-sources/ChangeLog +++ b/sys-kernel/grsec-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/grsec-sources # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.21 2004/06/02 16:40:10 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.22 2004/06/15 17:03:18 solar Exp $ + +*grsec-sources-2.4.26.2.0-r3 (15 Jun 2004) + + 15 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r3.ebuild, + files/2.4.26-signal-race.patch: + revision bump for security bug 53804 *grsec-sources-2.4.26.2.0-r2 (02 Jun 2004) diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest index 5f864da4482e..ac3c14959bfa 100644 --- a/sys-kernel/grsec-sources/Manifest +++ b/sys-kernel/grsec-sources/Manifest @@ -1,18 +1,9 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - MD5 ef9901f47de093f625e405574660c668 ChangeLog 4514 +MD5 9f35928b20ee8ef74c0aa807d3157bde grsec-sources-2.4.26.2.0-r3.ebuild 2833 MD5 29004405785d345e3a269acfa09820b6 grsec-sources-2.4.26.2.0-r2.ebuild 3326 MD5 140d8af1d66f9f6cd030e7d9902f38d9 metadata.xml 478 MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397 MD5 67eb43cb5340a7a671c2d375c0516888 files/digest-grsec-sources-2.4.26.2.0-r2 143 +MD5 c47b7075dd1e065b09bb08936c1901a1 files/2.4.26-signal-race.patch 365 MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.4 (GNU/Linux) - -iQCVAwUBQL4CqJ4WFLgrx1GWAQL9zAQAvmsCp4cUv+dpEzhaCxzciDDhjg+q+40K -RuutU/2o7+i5RX46dnRXf03ZSa5AQ6m4nahzlBAO7ov4R1kzVZWHC59BAkKU//T5 -AUBUm5Xg88uEVe/IzSpuKXbz5aQqNk0OhkncRPOUR1/3IiSAEk3fV7ypjwmXXpkC -wnwQna5QNzg= -=EGWi ------END PGP SIGNATURE----- +MD5 67eb43cb5340a7a671c2d375c0516888 files/digest-grsec-sources-2.4.26.2.0-r3 143 diff --git a/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch b/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch new file mode 100644 index 000000000000..bc2254f455be --- /dev/null +++ b/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch @@ -0,0 +1,10 @@ +--- linux-2.4.26/include/asm-i386/i387.h.signal-race 2004-06-14 09:58:10.000000000 +0200 ++++ linux-2.4.26/include/asm-i386/i387.h 2004-06-14 17:05:32.000000000 +0200 +@@ -35,7 +35,7 @@ + + #define clear_fpu( tsk ) do { \ + if ( tsk->flags & PF_USEDFPU ) { \ +- asm volatile("fwait"); \ ++ asm volatile("fnclex; fwait"); \ + tsk->flags &= ~PF_USEDFPU; \ + stts(); \ diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r3 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r3 new file mode 100644 index 000000000000..6952b0eafedc --- /dev/null +++ b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r3 @@ -0,0 +1,2 @@ +MD5 9a6adfd65720201d600bf05e884cd78a grsecurity-2.0-2.4.26.patch.bz2 104358 +MD5 88d7aefa03c92739cb70298a0b486e2c linux-2.4.26.tar.bz2 30772389 diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r3.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r3.ebuild new file mode 100644 index 000000000000..827c7737c0c5 --- /dev/null +++ b/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r3.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r3.ebuild,v 1.1 2004/06/15 17:03:18 solar Exp $ + +# We control what versions of what we download based on the KEYWORDS we +# are using for the various arches. Thus if we want grsec1 stable we run +# the with "arch" ACCEPT_KEYWORDS or ~arch and we will get the +# grsec-2.0-preX which has alot more features. + +# the only thing that should ever differ in one of these 1.9.x ebuilds +# and 2.x of the same kernel version is the KEYWORDS and header. +# shame cvs symlinks don't exist + +ETYPE="sources" +IUSE="" + +inherit eutils +inherit kernel + +[ "$OKV" == "" ] && OKV="2.4.26" + +PATCH_BASE="${PV/${OKV}./}" +PATCH_BASE="${PATCH_BASE/_/-}" +EXTRAVERSION="-grsec-${PATCH_BASE}" +KV="${OKV}${EXTRAVERSION}" + +PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch.bz2" + +# hppa takes a special patch and usually has play catch up between +# versions of this package. +HPPA_SRC_URI="" +if [ "${ARCH}" == "hppa" ]; then + PARISC_KERNEL_VERSION="pa1" + KV="${OKV}-${PARISC_KERNEL_VERSION}${EXTRAVERSION}" + HPPA_PATCH_SRC_BASE="parisc-linux-${OKV}-${PARISC_KERNEL_VERSION}${EXTRAVERSION}.gz" + HPPA_SRC_URI="mirror://gentoo/${HPPA_PATCH_SRC_BASE} http://dev.gentoo.org/~pappy/gentoo-x86/sys-kernel/grsec-sources/${HPPA_PATCH_SRC_BASE}" + PATCH_SRC_BASE="${HPPA_PATCH_SRC_BASE}" +fi + +DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" + +SRC_URI="mirror://gentoo/grsecurity-${PATCH_BASE}-${OKV}.patch.bz2 \ + http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2" + +HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" + +KEYWORDS="x86 sparc ppc alpha amd64 -hppa" + +SLOT="${KV}" +S="${WORKDIR}/linux-${KV}" + +src_unpack() { + unpack linux-"${OKV}".tar.bz2 || die "unable to unpack the kernel" + mv linux-"${OKV}" linux-"${KV}" || die "unable to move the kernel" + cd linux-"${KV}" || die "unable to cd into the kernel source tree" + + [ -f "${DISTDIR}/${PATCH_SRC_BASE}" ] || die "File does not exist?" + + # users are often confused by what settings should be set. + # so we provide an example of what a P4 desktop would look like. + cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.24-x86.config + + ebegin "Patching the kernel with ${PATCH_SRC_BASE}" + case "${ARCH}" in + hppa) zcat ${DISTDIR}/${PATCH_SRC_BASE} | patch -g0 -p1 --quiet ;; + *) bzcat ${DISTDIR}/${PATCH_SRC_BASE} | patch -g0 -p1 --quiet ;; + esac + [ $? == 0 ] || die "failed patching with ${PATCH_SRC_BASE}" + eend 0 + + # fix format string problem in panic() + epatch ${FILESDIR}/2.4.26-CAN-2004-0394.patch + # Fix local DoS bug #53804 + epatch ${FILESDIR}/2.4.26-signal-race.patch + + mkdir docs + touch docs/patches.txt + kernel_universal_unpack + +} |