diff options
-rw-r--r-- | sys-kernel/hppa-sources/ChangeLog | 8 | ||||
-rw-r--r-- | sys-kernel/hppa-sources/Manifest | 3 | ||||
-rw-r--r-- | sys-kernel/hppa-sources/files/CVE-2005-3356.patch | 137 | ||||
-rw-r--r-- | sys-kernel/hppa-sources/files/digest-hppa-sources-2.6.15.1_p4 | 4 | ||||
-rw-r--r-- | sys-kernel/hppa-sources/hppa-sources-2.6.15.1_p4.ebuild | 55 |
5 files changed, 206 insertions, 1 deletions
diff --git a/sys-kernel/hppa-sources/ChangeLog b/sys-kernel/hppa-sources/ChangeLog index e207de54dddf..3e505669c21a 100644 --- a/sys-kernel/hppa-sources/ChangeLog +++ b/sys-kernel/hppa-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/hppa-sources # Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-sources/ChangeLog,v 1.62 2006/01/03 20:40:24 gmsoft Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-sources/ChangeLog,v 1.63 2006/01/16 16:10:19 gmsoft Exp $ + +*hppa-sources-2.6.15.1_p4 (16 Jan 2006) + + 16 Jan 2006; Guy Martin <gmsoft@gentoo.org> +files/CVE-2005-3356.patch, + +hppa-sources-2.6.15.1_p4.ebuild: + Version bump. Fix #119087 and #118693. *hppa-sources-2.6.15_p1 (03 Jan 2006) diff --git a/sys-kernel/hppa-sources/Manifest b/sys-kernel/hppa-sources/Manifest index 95bc5d4b976e..a3d63ef2b5ce 100644 --- a/sys-kernel/hppa-sources/Manifest +++ b/sys-kernel/hppa-sources/Manifest @@ -1,6 +1,7 @@ MD5 a45436d75bb3c04e6dd4a16a6eed6e4f ChangeLog 11228 MD5 001b0a631c9fc28133013a1f8f78f74c files/CAN-2004-1056.patch 8458 MD5 cd0a7533c43364e377348613c6d76bb7 files/CAN-2004-1235.patch 9736 +MD5 9003bddd0b720bc1b027419bd78b95ea files/CVE-2005-3356.patch 3803 MD5 b4f71191d0b9bc4439cdb8645ff474a7 files/LKA-20050107.patch 6122 MD5 655251f31f0bdc85bdd0cd0280af22b7 files/LSM-capability-fix.patch 979 MD5 9d48df2d294a63b45bb9159d718000a2 files/digest-hppa-sources-2.6.10_p1 131 @@ -15,6 +16,7 @@ MD5 fde206859ab9582a5c727d7ccea34305 files/digest-hppa-sources-2.6.12.4_p2 263 MD5 25fcc554ea19ef82392e5f920ec83539 files/digest-hppa-sources-2.6.13_p1 201 MD5 8a0a82472bf0759088942e4203633946 files/digest-hppa-sources-2.6.14.2_p0 263 MD5 5045d497eb971d4951bc71b5757db05c files/digest-hppa-sources-2.6.14.3_p0 264 +MD5 634295dab55744bfa1f95881bb77acd3 files/digest-hppa-sources-2.6.15.1_p4 262 MD5 f58dfc4f2c986723ea95fa9fcdff98c2 files/digest-hppa-sources-2.6.15_p1 201 MD5 7b46dd1f32324db5bdffc2b0b822c546 files/ide-cdrom-fix.patch 480 MD5 ff248bdc7134617427d8a239643e26d5 files/nbd-no-panic.diff 710 @@ -30,5 +32,6 @@ MD5 67d537d90ccdb5149d39cf9c90d9283b hppa-sources-2.6.12.4_p2.ebuild 1339 MD5 977a9ee8ce7aa71db60103b17b323e99 hppa-sources-2.6.13_p1.ebuild 1411 MD5 a77ee0efb03702047e015e1bb3bb3b86 hppa-sources-2.6.14.2_p0.ebuild 1412 MD5 5cf0512c173e95178039ef3adba7808a hppa-sources-2.6.14.3_p0.ebuild 1442 +MD5 fd4d128339578928ea715dd23505b4f0 hppa-sources-2.6.15.1_p4.ebuild 1442 MD5 74bdf5e30038d4da2c499ef24c65107c hppa-sources-2.6.15_p1.ebuild 1410 MD5 05ed5731534e9423f109cbec1aa7e993 metadata.xml 223 diff --git a/sys-kernel/hppa-sources/files/CVE-2005-3356.patch b/sys-kernel/hppa-sources/files/CVE-2005-3356.patch new file mode 100644 index 000000000000..ed121ea173f9 --- /dev/null +++ b/sys-kernel/hppa-sources/files/CVE-2005-3356.patch @@ -0,0 +1,137 @@ +From: Alexander Viro <aviro@redhat.com> +Date: Sat, 14 Jan 2006 20:29:55 +0000 (-0500) +Subject: [PATCH] Fix double decrement of mqueue_mnt->mnt_count in sys_mq_open +X-Git-Url: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7c7dce9209161eb260cdf9e9172f72c3a02379e6 + +[PATCH] Fix double decrement of mqueue_mnt->mnt_count in sys_mq_open + +Fixed the refcounting on failure exits in sys_mq_open() and +cleaned the logics up. Rules are actually pretty simple - dentry_open() +expects vfsmount and dentry to be pinned down and it either transfers +them into created struct file or drops them. Old code had been very +confused in that area - if dentry_open() had failed either in do_open() +or do_create(), we ended up dentry and mqueue_mnt dropped twice, once +by dentry_open() cleanup and then by sys_mq_open(). + +Fix consists of making the rules for do_create() and do_open() +same as for dentry_open() and updating the sys_mq_open() accordingly; +that actually leads to more straightforward code and less work on +normal path. + +Signed-off-by: Al Viro <aviro@redhat.com> +Signed-off-by: Linus Torvalds <torvalds@osdl.org> +--- + +--- linux-2.6.14.orig/ipc/mqueue.c.orig 2006-01-16 04:24:50.000000000 +0000 ++++ linux-2.6.14/ipc/mqueue.c 2006-01-16 04:25:15.000000000 +0000 +@@ -599,15 +599,16 @@ + static struct file *do_create(struct dentry *dir, struct dentry *dentry, + int oflag, mode_t mode, struct mq_attr __user *u_attr) + { +- struct file *filp; + struct mq_attr attr; + int ret; + +- if (u_attr != NULL) { ++ if (u_attr) { ++ ret = -EFAULT; + if (copy_from_user(&attr, u_attr, sizeof(attr))) +- return ERR_PTR(-EFAULT); ++ goto out; ++ ret = -EINVAL; + if (!mq_attr_ok(&attr)) +- return ERR_PTR(-EINVAL); ++ goto out; + /* store for use during create */ + dentry->d_fsdata = &attr; + } +@@ -616,13 +617,14 @@ + ret = vfs_create(dir->d_inode, dentry, mode, NULL); + dentry->d_fsdata = NULL; + if (ret) +- return ERR_PTR(ret); ++ goto out; + +- filp = dentry_open(dentry, mqueue_mnt, oflag); +- if (!IS_ERR(filp)) +- dget(dentry); ++ return dentry_open(dentry, mqueue_mnt, oflag); + +- return filp; ++out: ++ dput(dentry); ++ mntput(mqueue_mnt); ++ return ERR_PTR(ret); + } + + /* Opens existing queue */ +@@ -630,20 +632,20 @@ + { + static int oflag2acc[O_ACCMODE] = { MAY_READ, MAY_WRITE, + MAY_READ | MAY_WRITE }; +- struct file *filp; + +- if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) ++ if ((oflag & O_ACCMODE) == (O_RDWR | O_WRONLY)) { ++ dput(dentry); ++ mntput(mqueue_mnt); + return ERR_PTR(-EINVAL); ++ } + +- if (permission(dentry->d_inode, oflag2acc[oflag & O_ACCMODE], NULL)) ++ if (permission(dentry->d_inode, oflag2acc[oflag & O_ACCMODE], NULL)) { ++ dput(dentry); ++ mntput(mqueue_mnt); + return ERR_PTR(-EACCES); ++ } + +- filp = dentry_open(dentry, mqueue_mnt, oflag); +- +- if (!IS_ERR(filp)) +- dget(dentry); +- +- return filp; ++ return dentry_open(dentry, mqueue_mnt, oflag); + } + + asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode, +@@ -671,17 +673,20 @@ + + if (oflag & O_CREAT) { + if (dentry->d_inode) { /* entry already exists */ +- filp = (oflag & O_EXCL) ? ERR_PTR(-EEXIST) : +- do_open(dentry, oflag); ++ error = -EEXIST; ++ if (oflag & O_EXCL) ++ goto out; ++ filp = do_open(dentry, oflag); + } else { + filp = do_create(mqueue_mnt->mnt_root, dentry, + oflag, mode, u_attr); + } +- } else +- filp = (dentry->d_inode) ? do_open(dentry, oflag) : +- ERR_PTR(-ENOENT); +- +- dput(dentry); ++ } else { ++ error = -ENOENT; ++ if (!dentry->d_inode) ++ goto out; ++ filp = do_open(dentry, oflag); ++ } + + if (IS_ERR(filp)) { + error = PTR_ERR(filp); +@@ -692,8 +697,10 @@ + fd_install(fd, filp); + goto out_upsem; + +-out_putfd: ++out: ++ dput(dentry); + mntput(mqueue_mnt); ++out_putfd: + put_unused_fd(fd); + out_err: + fd = error; diff --git a/sys-kernel/hppa-sources/files/digest-hppa-sources-2.6.15.1_p4 b/sys-kernel/hppa-sources/files/digest-hppa-sources-2.6.15.1_p4 new file mode 100644 index 000000000000..07228c6c2ca6 --- /dev/null +++ b/sys-kernel/hppa-sources/files/digest-hppa-sources-2.6.15.1_p4 @@ -0,0 +1,4 @@ +MD5 33af93f8f34ec2437fb41091176f7b14 4705_squashfs-2.1.patch.bz2 14357 +MD5 cdf95e00f5111e31f78e1d97304d9522 linux-2.6.15.tar.bz2 39832836 +MD5 06d171878119ea44fe68b43371cd11f2 patch-2.6.15-pa4.gz 88319 +MD5 b1cddab58d9ab34cca4742e9b050478f patch-2.6.15.1.bz2 6738 diff --git a/sys-kernel/hppa-sources/hppa-sources-2.6.15.1_p4.ebuild b/sys-kernel/hppa-sources/hppa-sources-2.6.15.1_p4.ebuild new file mode 100644 index 000000000000..b5dad0da7b32 --- /dev/null +++ b/sys-kernel/hppa-sources/hppa-sources-2.6.15.1_p4.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hppa-sources/hppa-sources-2.6.15.1_p4.ebuild,v 1.1 2006/01/16 16:10:19 gmsoft Exp $ + +ETYPE="sources" + +CKV="${PV/_*}" +K_NOUSENAME=true +inherit kernel-2 + +KV_FULL=${CKV}-pa${PATCH_LEVEL} +detect_version + + +DESCRIPTION="Full sources for the Linux kernel with patch for hppa" +PATCH_LEVEL="${PV/${CKV}_p/}" +SRC_URI="${KERNEL_URI} +http://ftp.parisc-linux.org/cvs/linux-2.6/patch-${OKV}-pa${PATCH_LEVEL}.gz +http://dev.gentoo.org/~dertobi123/hppa/4705_squashfs-2.1.patch.bz2" +UNIPATCH_LIST="${T}/patch-${OKV}-pa${PATCH_LEVEL}.patch +${DISTDIR}/4705_squashfs-2.1.patch.bz2 +${FILESDIR}/CVE-2005-3356.patch" +HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/ http://parisc-linux.org" +KEYWORDS="-* hppa" + + +src_unpack() { + + if [[ -n ${KV_EXTRA} ]] + then + + KV_EXTRA=".${KV_EXTRA}" + + zcat ${DISTDIR}/patch-${OKV}-pa${PATCH_LEVEL}.gz | \ + sed -e "/+EXTRAVERSION/s/=.*\$/=/" > \ + ${T}/patch-${OKV}-pa${PATCH_LEVEL}.patch + else + zcat ${DISTDIR}/patch-${OKV}-pa${PATCH_LEVEL}.gz > \ + ${T}/patch-${OKV}-pa${PATCH_LEVEL}.patch + fi + + EXTRAVERSION=${KV_EXTRA}-pa${PATCH_LEVEL} + + universal_unpack + + + # We force the order of patching. kernel-2.eclass does weird stuff + unipatch ${UNIPATCH_LIST} + unipatch ${UNIPATCH_LIST_DEFAULT} + + unpack_set_extraversion + unpack_fix_docbook + unpack_fix_install_path + +} |