diff options
author | Daniel Drake <dsd@gentoo.org> | 2004-11-26 17:10:45 +0000 |
---|---|---|
committer | Daniel Drake <dsd@gentoo.org> | 2004-11-26 17:10:45 +0000 |
commit | f3cb135146244c6a8fc6004f878c377dcab4f3f1 (patch) | |
tree | 23ca824b5ae34bb6a0f56c8ec29f8bcada9378f3 /sys-kernel/grsec-sources | |
parent | Stable on sparc. (Manifest recommit) (diff) | |
download | gentoo-2-f3cb135146244c6a8fc6004f878c377dcab4f3f1.tar.gz gentoo-2-f3cb135146244c6a8fc6004f878c377dcab4f3f1.tar.bz2 gentoo-2-f3cb135146244c6a8fc6004f878c377dcab4f3f1.zip |
Convert to kernel-2. Clean up.
Diffstat (limited to 'sys-kernel/grsec-sources')
8 files changed, 39 insertions, 802 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog index 2dfd4b5086d6..182588a7e1f7 100644 --- a/sys-kernel/grsec-sources/ChangeLog +++ b/sys-kernel/grsec-sources/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for sys-kernel/grsec-sources # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.36 2004/11/24 17:10:35 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.37 2004/11/26 17:10:45 dsd Exp $ + + 26 Nov 2004; Daniel Drake <dsd@gentoo.org> + -files/2.4.26-pax-binfmt_elf-page-size.patch, + -files/2.4.26-signal-race.patch, + -files/gentoo-sources-2.4.CAN-2004-0495.patch, + -files/gentoo-sources-2.4.CAN-2004-0535.patch, + -files/openmosix-sources.CAN-2004-0497.patch, + grsec-sources-2.4.27.2.0.1-r4.ebuild, grsec-sources-2.4.28.2.0.2.ebuild: + Convert to kernel-2. Clean up. 24 Nov 2004; <solar@gentoo.org> : redigest diff --git a/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch b/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch deleted file mode 100644 index 09f39733e90a..000000000000 --- a/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- linux-2.4.26-grsec-2.0/fs/binfmt_elf.c 2004-06-16 16:38:15.000000000 -0400 -+++ linux/fs/binfmt_elf.c 2004-06-17 10:31:21.000000000 -0400 -@@ -1055,7 +1055,7 @@ static int load_elf_binary(struct linux_ - #endif - - if (current->flags & PF_PAX_RANDMMAP) -- elf_brk += pax_delta_mask(get_random_long(), 4, PAGE_SHIFT); -+ elf_brk += PAGE_SIZE + pax_delta_mask(get_random_long(), 4, PAGE_SHIFT); - #undef pax_delta_mask - #endif - diff --git a/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch b/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch deleted file mode 100644 index bc2254f455be..000000000000 --- a/sys-kernel/grsec-sources/files/2.4.26-signal-race.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- linux-2.4.26/include/asm-i386/i387.h.signal-race 2004-06-14 09:58:10.000000000 +0200 -+++ linux-2.4.26/include/asm-i386/i387.h 2004-06-14 17:05:32.000000000 +0200 -@@ -35,7 +35,7 @@ - - #define clear_fpu( tsk ) do { \ - if ( tsk->flags & PF_USEDFPU ) { \ -- asm volatile("fwait"); \ -+ asm volatile("fnclex; fwait"); \ - tsk->flags &= ~PF_USEDFPU; \ - stts(); \ diff --git a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0495.patch b/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0495.patch deleted file mode 100644 index bea80eac69a9..000000000000 --- a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0495.patch +++ /dev/null @@ -1,655 +0,0 @@ ---- linux/net/decnet/dn_dev.c.bak Wed Jun 16 14:42:24 2004 -+++ linux/net/decnet/dn_dev.c Wed Jun 16 14:42:34 2004 -@@ -1070,31 +1070,39 @@ int dnet_gifconf(struct net_device *dev, - { - struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr; - struct dn_ifaddr *ifa; -- struct ifreq *ifr = (struct ifreq *)buf; -+ char buffer[DN_IFREQ_SIZE]; -+ struct ifreq *ifr = (struct ifreq *)buffer; -+ struct sockaddr_dn *addr = (struct sockaddr_dn *)&ifr->ifr_addr; - int done = 0; - - if ((dn_db == NULL) || ((ifa = dn_db->ifa_list) == NULL)) - return 0; - - for(; ifa; ifa = ifa->ifa_next) { -- if (!ifr) { -+ if (!buf) { - done += sizeof(DN_IFREQ_SIZE); - continue; - } - if (len < DN_IFREQ_SIZE) - return done; -- memset(ifr, 0, DN_IFREQ_SIZE); -+ memset(buffer, 0, DN_IFREQ_SIZE); - - if (ifa->ifa_label) - strcpy(ifr->ifr_name, ifa->ifa_label); - else - strcpy(ifr->ifr_name, dev->name); - -- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_family = AF_DECnet; -- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_len = 2; -- (*(dn_address *)(*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_addr) = ifa->ifa_local; -+ addr->sdn_family = AF_DECnet; -+ addr->sdn_add.a_len = 2; -+ memcpy(addr->sdn_add.a_addr, &ifa->ifa_local, -+ sizeof(dn_address)); - -- ifr = (struct ifreq *)((char *)ifr + DN_IFREQ_SIZE); -+ if (copy_to_user(buf, buffer, DN_IFREQ_SIZE)) { -+ done = -EFAULT; -+ break; -+ } -+ -+ buf += DN_IFREQ_SIZE; - len -= DN_IFREQ_SIZE; - done += DN_IFREQ_SIZE; - } ---- linux-2.4.21/drivers/net/wireless/airo.c 2003-06-13 15:51:35.000000000 +0100 -+++ linux-2.4.21/drivers/net/wireless/airo.c.plasmaroo 2004-06-24 11:09:08.260352168 +0100 -@@ -3012,19 +3012,22 @@ - size_t len, - loff_t *offset ) - { -- int i; -- int pos; -+ loff_t pos = *offset; - struct proc_data *priv = (struct proc_data*)file->private_data; - -- if( !priv->rbuffer ) return -EINVAL; -+ if (!priv->rbuffer) -+ return -EINVAL; - -- pos = *offset; -- for( i = 0; i+pos < priv->readlen && i < len; i++ ) { -- if (put_user( priv->rbuffer[i+pos], buffer+i )) -- return -EFAULT; -- } -- *offset += i; -- return i; -+ if (pos < 0) -+ return -EINVAL; -+ if (pos >= priv->readlen) -+ return 0; -+ if (len > priv->readlen - pos) -+ len = priv->readlen - pos; -+ if (copy_to_user(buffer, priv->rbuffer + pos, len)) -+ return -EFAULT; -+ *offset = pos + len; -+ return len; - } - - /* -@@ -3036,24 +3039,24 @@ - size_t len, - loff_t *offset ) - { -- int i; -- int pos; -+ loff_t pos = *offset; - struct proc_data *priv = (struct proc_data*)file->private_data; - -- if ( !priv->wbuffer ) { -+ if (!priv->wbuffer) - return -EINVAL; -- } -- -- pos = *offset; - -- for( i = 0; i + pos < priv->maxwritelen && -- i < len; i++ ) { -- if (get_user( priv->wbuffer[i+pos], buffer + i )) -- return -EFAULT; -- } -- if ( i+pos > priv->writelen ) priv->writelen = i+file->f_pos; -- *offset += i; -- return i; -+ if (pos < 0) -+ return -EINVAL; -+ if (pos >= priv->maxwritelen) -+ return 0; -+ if (len > priv->maxwritelen - pos) -+ len = priv->maxwritelen - pos; -+ if (copy_from_user(priv->wbuffer + pos, buffer, len)) -+ return -EFAULT; -+ if (pos + len > priv->writelen) -+ priv->writelen = pos + len; -+ *offset = pos + len; -+ return len; - } - - static int proc_status_open( struct inode *inode, struct file *file ) { ---- linux/drivers/sound/mpu401.c.bak Wed Jun 16 14:42:24 2004 -+++ linux/drivers/sound/mpu401.c Wed Jun 16 14:42:34 2004 -@@ -1493,14 +1493,16 @@ static unsigned long mpu_timer_get_time( - static int mpu_timer_ioctl(int dev, unsigned int command, caddr_t arg) - { - int midi_dev = sound_timer_devs[dev]->devlink; -+ int *p = (int *)arg; - - switch (command) - { - case SNDCTL_TMR_SOURCE: - { - int parm; -- -- parm = *(int *) arg; -+ -+ if (get_user(parm, p)) -+ return -EFAULT; - parm &= timer_caps; - - if (parm != 0) -@@ -1512,7 +1514,9 @@ static int mpu_timer_ioctl(int dev, unsi - else if (timer_mode & TMR_MODE_SMPTE) - mpu_cmd(midi_dev, 0x3d, 0); /* Use SMPTE sync */ - } -- return (*(int *) arg = timer_mode); -+ if (put_user(timer_mode, p)) -+ return -EFAULT; -+ return timer_mode; - } - break; - -@@ -1537,10 +1541,13 @@ static int mpu_timer_ioctl(int dev, unsi - { - int val; - -- val = *(int *) arg; -+ if (get_user(val, p)) -+ return -EFAULT; - if (val) - set_timebase(midi_dev, val); -- return (*(int *) arg = curr_timebase); -+ if (put_user(curr_timebase, p)) -+ return -EFAULT; -+ return curr_timebase; - } - break; - -@@ -1549,7 +1556,8 @@ static int mpu_timer_ioctl(int dev, unsi - int val; - int ret; - -- val = *(int *) arg; -+ if (get_user(val, p)) -+ return -EFAULT; - - if (val) - { -@@ -1564,7 +1572,9 @@ static int mpu_timer_ioctl(int dev, unsi - } - curr_tempo = val; - } -- return (*(int *) arg = curr_tempo); -+ if (put_user(curr_tempo, p)) -+ return -EFAULT; -+ return curr_tempo; - } - break; - -@@ -1572,18 +1582,25 @@ static int mpu_timer_ioctl(int dev, unsi - { - int val; - -- val = *(int *) arg; -+ if (get_user(val, p)) -+ return -EFAULT; - if (val != 0) /* Can't change */ - return -EINVAL; -- return (*(int *) arg = ((curr_tempo * curr_timebase) + 30) / 60); -+ val = (curr_tempo * curr_timebase + 30) / 60; -+ if (put_user(val, p)) -+ return -EFAULT; -+ return val; - } - break; - - case SNDCTL_SEQ_GETTIME: -- return (*(int *) arg = curr_ticks); -+ if (put_user(curr_ticks, p)) -+ return -EFAULT; -+ return curr_ticks; - - case SNDCTL_TMR_METRONOME: -- metronome_mode = *(int *) arg; -+ if (get_user(metronome_mode, p)) -+ return -EFAULT; - setup_metronome(midi_dev); - return 0; - ---- linux/drivers/sound/msnd.c.bak Wed Jun 16 14:42:24 2004 -+++ linux/drivers/sound/msnd.c Wed Jun 16 14:42:34 2004 -@@ -155,13 +155,10 @@ void msnd_fifo_make_empty(msnd_fifo *f) - f->len = f->tail = f->head = 0; - } - --int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user) -+int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len) - { - int count = 0; - -- if (f->len == f->n) -- return 0; -- - while ((count < len) && (f->len != f->n)) { - - int nwritten; -@@ -177,11 +174,7 @@ int msnd_fifo_write(msnd_fifo *f, const - nwritten = len - count; - } - -- if (user) { -- if (copy_from_user(f->data + f->tail, buf, nwritten)) -- return -EFAULT; -- } else -- isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten); -+ isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten); - - count += nwritten; - buf += nwritten; -@@ -193,13 +186,10 @@ int msnd_fifo_write(msnd_fifo *f, const - return count; - } - --int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user) -+int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len) - { - int count = 0; - -- if (f->len == 0) -- return f->len; -- - while ((count < len) && (f->len > 0)) { - - int nread; -@@ -215,11 +205,7 @@ int msnd_fifo_read(msnd_fifo *f, char *b - nread = len - count; - } - -- if (user) { -- if (copy_to_user(buf, f->data + f->head, nread)) -- return -EFAULT; -- } else -- isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread); -+ isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread); - - count += nread; - buf += nread; ---- linux/drivers/sound/msnd.h.bak Wed Jun 16 14:42:24 2004 -+++ linux/drivers/sound/msnd.h Wed Jun 16 14:42:34 2004 -@@ -266,8 +266,8 @@ void msnd_fifo_init(msnd_fifo *f); - void msnd_fifo_free(msnd_fifo *f); - int msnd_fifo_alloc(msnd_fifo *f, size_t n); - void msnd_fifo_make_empty(msnd_fifo *f); --int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user); --int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user); -+int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len); -+int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len); - - int msnd_wait_TXDE(multisound_dev_t *dev); - int msnd_wait_HC0(multisound_dev_t *dev); ---- linux/drivers/sound/msnd_pinnacle.c.bak Wed Jun 16 14:42:24 2004 -+++ linux/drivers/sound/msnd_pinnacle.c Wed Jun 16 14:42:34 2004 -@@ -804,7 +804,7 @@ static int dev_release(struct inode *ino - - static __inline__ int pack_DARQ_to_DARF(register int bank) - { -- register int size, n, timeout = 3; -+ register int size, timeout = 3; - register WORD wTmp; - LPDAQD DAQD; - -@@ -825,13 +825,10 @@ static __inline__ int pack_DARQ_to_DARF( - /* Read data from the head (unprotected bank 1 access okay - since this is only called inside an interrupt) */ - outb(HPBLKSEL_1, dev.io + HP_BLKS); -- if ((n = msnd_fifo_write( -+ msnd_fifo_write( - &dev.DARF, - (char *)(dev.base + bank * DAR_BUFF_SIZE), -- size, 0)) <= 0) { -- outb(HPBLKSEL_0, dev.io + HP_BLKS); -- return n; -- } -+ size); - outb(HPBLKSEL_0, dev.io + HP_BLKS); - - return 1; -@@ -853,21 +850,16 @@ static __inline__ int pack_DAPF_to_DAPQ( - if (protect) { - /* Critical section: protect fifo in non-interrupt */ - spin_lock_irqsave(&dev.lock, flags); -- if ((n = msnd_fifo_read( -+ n = msnd_fifo_read( - &dev.DAPF, - (char *)(dev.base + bank_num * DAP_BUFF_SIZE), -- DAP_BUFF_SIZE, 0)) < 0) { -- spin_unlock_irqrestore(&dev.lock, flags); -- return n; -- } -+ DAP_BUFF_SIZE); - spin_unlock_irqrestore(&dev.lock, flags); - } else { -- if ((n = msnd_fifo_read( -+ n = msnd_fifo_read( - &dev.DAPF, - (char *)(dev.base + bank_num * DAP_BUFF_SIZE), -- DAP_BUFF_SIZE, 0)) < 0) { -- return n; -- } -+ DAP_BUFF_SIZE); - } - if (!n) - break; -@@ -894,30 +886,43 @@ static __inline__ int pack_DAPF_to_DAPQ( - static int dsp_read(char *buf, size_t len) - { - int count = len; -+ char *page = (char *)__get_free_page(PAGE_SIZE); -+ -+ if (!page) -+ return -ENOMEM; - - while (count > 0) { -- int n; -+ int n, k; - unsigned long flags; - -+ k = PAGE_SIZE; -+ if (k > count) -+ k = count; -+ - /* Critical section: protect fifo in non-interrupt */ - spin_lock_irqsave(&dev.lock, flags); -- if ((n = msnd_fifo_read(&dev.DARF, buf, count, 1)) < 0) { -- printk(KERN_WARNING LOGNAME ": FIFO read error\n"); -- spin_unlock_irqrestore(&dev.lock, flags); -- return n; -- } -+ n = msnd_fifo_read(&dev.DARF, page, k); - spin_unlock_irqrestore(&dev.lock, flags); -+ if (copy_to_user(buf, page, n)) { -+ free_page((unsigned long)page); -+ return -EFAULT; -+ } - buf += n; - count -= n; - -+ if (n == k && count) -+ continue; -+ - if (!test_bit(F_READING, &dev.flags) && dev.mode & FMODE_READ) { - dev.last_recbank = -1; - if (chk_send_dsp_cmd(&dev, HDEX_RECORD_START) == 0) - set_bit(F_READING, &dev.flags); - } - -- if (dev.rec_ndelay) -+ if (dev.rec_ndelay) { -+ free_page((unsigned long)page); - return count == len ? -EAGAIN : len - count; -+ } - - if (count > 0) { - set_bit(F_READBLOCK, &dev.flags); -@@ -926,41 +931,57 @@ static int dsp_read(char *buf, size_t le - get_rec_delay_jiffies(DAR_BUFF_SIZE))) - clear_bit(F_READING, &dev.flags); - clear_bit(F_READBLOCK, &dev.flags); -- if (signal_pending(current)) -+ if (signal_pending(current)) { -+ free_page((unsigned long)page); - return -EINTR; -+ } - } - } -- -+ free_page((unsigned long)page); - return len - count; - } - - static int dsp_write(const char *buf, size_t len) - { - int count = len; -+ char *page = (char *)__get_free_page(GFP_KERNEL); -+ -+ if (!page) -+ return -ENOMEM; - - while (count > 0) { -- int n; -+ int n, k; - unsigned long flags; - -+ k = PAGE_SIZE; -+ if (k > count) -+ k = count; -+ -+ if (copy_from_user(page, buf, k)) { -+ free_page((unsigned long)page); -+ return -EFAULT; -+ } -+ - /* Critical section: protect fifo in non-interrupt */ - spin_lock_irqsave(&dev.lock, flags); -- if ((n = msnd_fifo_write(&dev.DAPF, buf, count, 1)) < 0) { -- printk(KERN_WARNING LOGNAME ": FIFO write error\n"); -- spin_unlock_irqrestore(&dev.lock, flags); -- return n; -- } -+ n = msnd_fifo_write(&dev.DAPF, page, k); - spin_unlock_irqrestore(&dev.lock, flags); - buf += n; - count -= n; - -+ if (count && n == k) -+ continue; -+ - if (!test_bit(F_WRITING, &dev.flags) && (dev.mode & FMODE_WRITE)) { - dev.last_playbank = -1; - if (pack_DAPF_to_DAPQ(1) > 0) - set_bit(F_WRITING, &dev.flags); - } - -- if (dev.play_ndelay) -+ if (dev.play_ndelay) { -+ free_page((unsigned long)page); - return count == len ? -EAGAIN : len - count; -+ } - - if (count > 0) { - set_bit(F_WRITEBLOCK, &dev.flags); -@@ -968,11 +989,14 @@ static int dsp_write(const char *buf, si - &dev.writeblock, - get_play_delay_jiffies(DAP_BUFF_SIZE)); - clear_bit(F_WRITEBLOCK, &dev.flags); -- if (signal_pending(current)) -+ if (signal_pending(current)) { -+ free_page((unsigned long)page); - return -EINTR; -+ } - } - } - -+ free_page((unsigned long)page); - return len - count; - } - ---- linux/drivers/sound/pss.c.bak Wed Jun 16 14:42:24 2004 -+++ linux/drivers/sound/pss.c Wed Jun 16 14:42:34 2004 -@@ -450,20 +450,36 @@ static void pss_mixer_reset(pss_confdata - } - } - --static void arg_to_volume_mono(unsigned int volume, int *aleft) -+static int set_volume_mono(caddr_t p, int *aleft) - { - int left; -+ unsigned volume; -+ if (get_user(volume, (unsigned *)p)) -+ return -EFAULT; - -- left = volume & 0x00ff; -+ left = volume & 0xff; - if (left > 100) - left = 100; - *aleft = left; -+ return 0; - } - --static void arg_to_volume_stereo(unsigned int volume, int *aleft, int *aright) -+static int set_volume_stereo(caddr_t p, int *aleft, int *aright) - { -- arg_to_volume_mono(volume, aleft); -- arg_to_volume_mono(volume >> 8, aright); -+ int left, right; -+ unsigned volume; -+ if (get_user(volume, (unsigned *)p)) -+ return -EFAULT; -+ -+ left = volume & 0xff; -+ if (left > 100) -+ left = 100; -+ right = (volume >> 8) & 0xff; -+ if (right > 100) -+ right = 100; -+ *aleft = left; -+ *aright = right; -+ return 0; - } - - static int ret_vol_mono(int left) -@@ -510,33 +526,38 @@ static int pss_mixer_ioctl (int dev, uns - return call_ad_mixer(devc, cmd, arg); - else - { -- if (*(int *)arg != 0) -+ int v; -+ if (get_user(v, (int *)arg)) -+ return -EFAULT; -+ if (v != 0) - return -EINVAL; - return 0; - } - case SOUND_MIXER_VOLUME: -- arg_to_volume_stereo(*(unsigned int *)arg, &devc->mixer.volume_l, -- &devc->mixer.volume_r); -+ if (set_volume_stereo(arg, -+ &devc->mixer.volume_l, -+ &devc->mixer.volume_r)) -+ return -EFAULT; - set_master_volume(devc, devc->mixer.volume_l, - devc->mixer.volume_r); - return ret_vol_stereo(devc->mixer.volume_l, - devc->mixer.volume_r); - - case SOUND_MIXER_BASS: -- arg_to_volume_mono(*(unsigned int *)arg, -- &devc->mixer.bass); -+ if (set_volume_mono(arg, &devc->mixer.bass)) -+ return -EFAULT; - set_bass(devc, devc->mixer.bass); - return ret_vol_mono(devc->mixer.bass); - - case SOUND_MIXER_TREBLE: -- arg_to_volume_mono(*(unsigned int *)arg, -- &devc->mixer.treble); -+ if (set_volume_mono(arg, &devc->mixer.treble)) -+ return -EFAULT; - set_treble(devc, devc->mixer.treble); - return ret_vol_mono(devc->mixer.treble); - - case SOUND_MIXER_SYNTH: -- arg_to_volume_mono(*(unsigned int *)arg, -- &devc->mixer.synth); -+ if (set_volume_mono(arg, &devc->mixer.synth)) -+ return -EFAULT; - set_synth_volume(devc, devc->mixer.synth); - return ret_vol_mono(devc->mixer.synth); - -@@ -546,54 +567,67 @@ static int pss_mixer_ioctl (int dev, uns - } - else - { -+ int val, and_mask = 0, or_mask = 0; - /* - * Return parameters - */ - switch (cmdf) - { -- - case SOUND_MIXER_DEVMASK: - if (call_ad_mixer(devc, cmd, arg) == -EINVAL) -- *(int *)arg = 0; /* no mixer devices */ -- return (*(int *)arg |= SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH); -+ break; -+ and_mask = ~0; -+ or_mask = SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH; -+ break; - - case SOUND_MIXER_STEREODEVS: - if (call_ad_mixer(devc, cmd, arg) == -EINVAL) -- *(int *)arg = 0; /* no stereo devices */ -- return (*(int *)arg |= SOUND_MASK_VOLUME); -+ break; -+ and_mask = ~0; -+ or_mask = SOUND_MASK_VOLUME; -+ break; - - case SOUND_MIXER_RECMASK: - if (devc->ad_mixer_dev != NO_WSS_MIXER) - return call_ad_mixer(devc, cmd, arg); -- else -- return (*(int *)arg = 0); /* no record devices */ -+ break; - - case SOUND_MIXER_CAPS: - if (devc->ad_mixer_dev != NO_WSS_MIXER) - return call_ad_mixer(devc, cmd, arg); -- else -- return (*(int *)arg = SOUND_CAP_EXCL_INPUT); -+ or_mask = SOUND_CAP_EXCL_INPUT; -+ break; - - case SOUND_MIXER_RECSRC: - if (devc->ad_mixer_dev != NO_WSS_MIXER) - return call_ad_mixer(devc, cmd, arg); -- else -- return (*(int *)arg = 0); /* no record source */ -+ break; - - case SOUND_MIXER_VOLUME: -- return (*(int *)arg = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r)); -+ or_mask = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r); -+ break; - - case SOUND_MIXER_BASS: -- return (*(int *)arg = ret_vol_mono(devc->mixer.bass)); -+ or_mask = ret_vol_mono(devc->mixer.bass); -+ break; - - case SOUND_MIXER_TREBLE: -- return (*(int *)arg = ret_vol_mono(devc->mixer.treble)); -+ or_mask = ret_vol_mono(devc->mixer.treble); -+ break; - - case SOUND_MIXER_SYNTH: -- return (*(int *)arg = ret_vol_mono(devc->mixer.synth)); -+ or_mask = ret_vol_mono(devc->mixer.synth); -+ break; - default: - return -EINVAL; - } -+ if (get_user(val, (int *)arg)) -+ return -EFAULT; -+ val &= and_mask; -+ val |= or_mask; -+ if (put_user(val, (int *)arg)) -+ return -EFAULT; -+ return val; - } - } - diff --git a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0535.patch b/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0535.patch deleted file mode 100644 index 669fc5fd32fb..000000000000 --- a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-0535.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- drivers/net/e1000/e1000_ethtool.c 2003-06-13 15:51:34.000000000 +0100 -+++ drivers/net/e1000/e1000_ethtool.c.plasmaroo 2004-06-24 11:23:32.524963976 +0100 -@@ -468,6 +468,9 @@ - - if(copy_from_user(®s, addr, sizeof(regs))) - return -EFAULT; -+ memset(regs_buff, 0, sizeof(regs_buff)); -+ if (regs.len > E1000_REGS_LEN) -+ regs.len = E1000_REGS_LEN; - e1000_ethtool_gregs(adapter, ®s, regs_buff); - if(copy_to_user(addr, ®s, sizeof(regs))) - return -EFAULT; diff --git a/sys-kernel/grsec-sources/files/openmosix-sources.CAN-2004-0497.patch b/sys-kernel/grsec-sources/files/openmosix-sources.CAN-2004-0497.patch deleted file mode 100644 index 9503e9efe57b..000000000000 --- a/sys-kernel/grsec-sources/files/openmosix-sources.CAN-2004-0497.patch +++ /dev/null @@ -1,23 +0,0 @@ -# ChangeSet -# -# fs/attr.c -# 2004/07/03 18:28:30-03:00 marcelo@logos.cnet +1 -0 -# Thomas Biege: Fix missing DAC check on sys_chown -# -# fs/attr.c -# 2004/07/03 19:28:29-03:00 marcelo@logos.cnet +1 -1 -# Add missing bracket to inode_change_ok() fix -# -diff -Nru a/fs/attr.c b.plasmaroo/fs/attr.c ---- a/fs/attr.c 2004-07-08 17:05:20 -07:00 -+++ b.plasmaroo/fs/attr.c 2004-07-08 17:05:20 -07:00 -@@ -35,7 +35,8 @@ - - /* Make sure caller can chgrp. */ - if ((ia_valid & ATTR_GID) && -- (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) && -+ (current->fsuid != inode->i_uid || -+ (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) && - !capable(CAP_CHOWN)) - goto error; - diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild index dca286e5c957..56c3f1d2279b 100644 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild +++ b/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild @@ -1,27 +1,17 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild,v 1.1 2004/11/17 17:51:37 solar Exp $ - -# We control what versions of what we download based on the KEYWORDS we -# are using for the various arches. Thus if we want grsec1 stable we run -# the with "arch" ACCEPT_KEYWORDS or ~arch and we will get the -# grsec-2.0-preX which has alot more features. - -# the only thing that should ever differ in one of these 1.9.x ebuilds -# and 2.x of the same kernel version is the KEYWORDS and header. -# shame cvs symlinks don't exist +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.27.2.0.1-r4.ebuild,v 1.2 2004/11/26 17:10:45 dsd Exp $ ETYPE="sources" -IUSE="" - -inherit kernel - -[ "$OKV" == "" ] && OKV="2.4.27" +UNIPATCH_STRICTORDER="yes" +inherit kernel-2 +detect_version +OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}" PATCH_BASE="${PV/${OKV}./}" PATCH_BASE="${PATCH_BASE/_/-}" EXTRAVERSION="-grsec-${PATCH_BASE}" -KV="${OKV}${EXTRAVERSION}" +KV_FULL="${OKV}${EXTRAVERSION}" PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch" DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" @@ -36,48 +26,20 @@ SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch \ HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" KEYWORDS="x86 sparc ppc alpha amd64 -hppa" RESTRICT="buildpkg" +IUSE="" -SLOT="${KV}" -S="${WORKDIR}/linux-${KV}" +UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} + ${FILESDIR}/2.4.26-CAN-2004-0394.patch + ${FILESDIR}/2.4.27-cmdline-race.patch + ${DISTDIR}/linux-2.4.27-nfs3-xdr.patch.bz2 + ${DISTDIR}/grsec-sources-2.4.27-CAN-2004-0814.patch.bz2 + ${DISTDIR}/grsec-sources-2.4.27-binfmt_elf.patch.bz2 + ${DISTDIR}/linux-2.4.27-binfmt_aout.patch.bz2" src_unpack() { - unpack linux-"${OKV}".tar.bz2 || die "unable to unpack the kernel" - mv linux-"${OKV}" linux-"${KV}" || die "unable to move the kernel" - cd linux-"${KV}" || die "unable to cd into the kernel source tree" - - patch_grsec_kernel - - mkdir -p docs - touch docs/patches.txt - kernel_universal_unpack -} + kernel-2_src_unpack -patch_grsec_kernel() { # users are often confused by what settings should be set. # so we provide an example of what a P4 desktop would look like. cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config - - [ -f "${DISTDIR}/${PATCH_SRC_BASE}" ] || die "File ${PATCH_SRC_BASE} does not exist?" - ebegin "Patching the kernel with ${PATCH_SRC_BASE}" - cat ${DISTDIR}/${PATCH_SRC_BASE} | patch -g0 -p1 --quiet - [ $? == 0 ] || die "failed patching with ${PATCH_SRC_BASE}" - eend 0 - - # fix format string problem in panic() - epatch ${FILESDIR}/2.4.26-CAN-2004-0394.patch - - # Potential security issue in /proc/cmdline bug 59905 - epatch ${FILESDIR}/2.4.27-cmdline-race.patch - - # remote denial-of-service. bug 62524 - epatch ${DISTDIR}/linux-2.4.27-nfs3-xdr.patch.bz2 - - # tty io fixes. - epatch ${DISTDIR}/grsec-sources-2.4.27-CAN-2004-0814.patch.bz2 - - # binfmt_elf - round #2 - epatch ${DISTDIR}/grsec-sources-2.4.27-binfmt_elf.patch.bz2 - - # binfmt_aout - epatch ${DISTDIR}/linux-2.4.27-binfmt_aout.patch.bz2 } diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild index e476c1383525..37849d4f511f 100644 --- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild +++ b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild @@ -1,57 +1,34 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild,v 1.1 2004/11/23 16:37:15 solar Exp $ - -# We control what versions of what we download based on the KEYWORDS we -# are using for the various arches. Thus if we want grsec1 stable we run -# the with "arch" ACCEPT_KEYWORDS or ~arch and we will get the -# grsec-2.0-preX which has alot more features. - -# the only thing that should ever differ in one of these 1.9.x ebuilds -# and 2.x of the same kernel version is the KEYWORDS and header. -# shame cvs symlinks don't exist +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.0.2.ebuild,v 1.2 2004/11/26 17:10:45 dsd Exp $ ETYPE="sources" -IUSE="" - -inherit kernel - -[ "$OKV" == "" ] && OKV="2.4.28" +UNIPATCH_STRICTORDER="yes" +inherit kernel-2 +detect_version +OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}" PATCH_BASE="${PV/${OKV}./}" PATCH_BASE="${PATCH_BASE/_/-}" EXTRAVERSION="-grsec-${PATCH_BASE}" -KV="${OKV}${EXTRAVERSION}" -PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch.gz" +KV_FULL="${OKV}${EXTRAVERSION}" + +PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch" DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch" -SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch.gz http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2" +SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch \ + http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2" + HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net" KEYWORDS="x86 sparc ppc alpha amd64 -hppa" RESTRICT="buildpkg" +IUSE="" -SLOT="${KV}" -S="${WORKDIR}/linux-${KV}" +UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE}" src_unpack() { - unpack linux-"${OKV}".tar.bz2 || die "unable to unpack the kernel" - mv linux-"${OKV}" linux-"${KV}" || die "unable to move the kernel" - cd linux-"${KV}" || die "unable to cd into the kernel source tree" - - patch_grsec_kernel + kernel-2_src_unpack - mkdir -p docs - touch docs/patches.txt - kernel_universal_unpack -} - -patch_grsec_kernel() { # users are often confused by what settings should be set. # so we provide an example of what a P4 desktop would look like. cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config - - [ -f "${DISTDIR}/${PATCH_SRC_BASE}" ] || die "File ${PATCH_SRC_BASE} does not exist?" - ebegin "Patching the kernel with ${PATCH_SRC_BASE}" - gzcat ${DISTDIR}/${PATCH_SRC_BASE} | patch -g0 -p1 --quiet - [ $? == 0 ] || die "failed patching with ${PATCH_SRC_BASE}" - eend 0 } |