summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Birchinger <joker@gentoo.org>2004-11-12 22:20:22 +0000
committerChristian Birchinger <joker@gentoo.org>2004-11-12 22:20:22 +0000
commitdc80aabc7e4434c23b3c801d95cb9be816d814cc (patch)
tree94ac23581ebd8211ceb001171e517c278e704913 /sys-kernel/sparc-sources
parentStable sparc. (Manifest recommit) (diff)
downloadgentoo-2-dc80aabc7e4434c23b3c801d95cb9be816d814cc.tar.gz
gentoo-2-dc80aabc7e4434c23b3c801d95cb9be816d814cc.tar.bz2
gentoo-2-dc80aabc7e4434c23b3c801d95cb9be816d814cc.zip
Added a security fix for the Linux kernel binfmt_elf loader vulnerabilities
Diffstat (limited to 'sys-kernel/sparc-sources')
-rw-r--r--sys-kernel/sparc-sources/ChangeLog9
-rw-r--r--sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.27-r32
-rw-r--r--sys-kernel/sparc-sources/files/gentoo-sources-2.4.27-binfmt_elf.patch84
-rw-r--r--sys-kernel/sparc-sources/sparc-sources-2.4.27-r3.ebuild69
4 files changed, 163 insertions, 1 deletions
diff --git a/sys-kernel/sparc-sources/ChangeLog b/sys-kernel/sparc-sources/ChangeLog
index b4219069bf40..af30e540ba8a 100644
--- a/sys-kernel/sparc-sources/ChangeLog
+++ b/sys-kernel/sparc-sources/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for sys-kernel/sparc-sources
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.65 2004/11/10 16:49:32 joker Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/ChangeLog,v 1.66 2004/11/12 22:20:22 joker Exp $
+
+*sparc-sources-2.4.27-r3 (12 Nov 2004)
+
+ 12 Nov 2004; Christian Birchinger <joker@gentoo.org>
+ +files/gentoo-sources-2.4.27-binfmt_elf.patch,
+ +sparc-sources-2.4.27-r3.ebuild:
+ Added a security fix for the Linux kernel binfmt_elf loader vulnerabilities
*sparc-sources-2.4.27-r2 (10 Nov 2004)
diff --git a/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.27-r3 b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.27-r3
new file mode 100644
index 000000000000..662b3b82757a
--- /dev/null
+++ b/sys-kernel/sparc-sources/files/digest-sparc-sources-2.4.27-r3
@@ -0,0 +1,2 @@
+MD5 59a2e6fde1d110e2ffa20351ac8b4d9e linux-2.4.27.tar.bz2 30898453
+MD5 4aa6453113601fbd6d134dad8aef21e7 patches-2.4.27-sparc-r2.tar.bz2 181499
diff --git a/sys-kernel/sparc-sources/files/gentoo-sources-2.4.27-binfmt_elf.patch b/sys-kernel/sparc-sources/files/gentoo-sources-2.4.27-binfmt_elf.patch
new file mode 100644
index 000000000000..bce026adf312
--- /dev/null
+++ b/sys-kernel/sparc-sources/files/gentoo-sources-2.4.27-binfmt_elf.patch
@@ -0,0 +1,84 @@
+diff -ur linux-2.4.27-gentoo-r2/fs/binfmt_elf.c linux-2.4.27-gentoo-r3/fs/binfmt_elf.c
+--- linux-2.4.27-gentoo-r2/fs/binfmt_elf.c 2004-11-10 20:43:18.000000000 +0000
++++ linux-2.4.27-gentoo-r3/fs/binfmt_elf.c 2004-11-10 20:33:40.000000000 +0000
+@@ -308,9 +308,12 @@
+ goto out;
+
+ retval = kernel_read(interpreter,interp_elf_ex->e_phoff,(char *)elf_phdata,size);
+- error = retval;
+- if (retval < 0)
++ error = -EIO;
++ if (retval != size) {
++ if (retval < 0)
++ error = retval;
+ goto out_close;
++ }
+
+ eppnt = elf_phdata;
+ for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) {
+@@ -686,8 +689,11 @@
+ goto out;
+
+ retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *) elf_phdata, size);
+- if (retval < 0)
++ if (retval != size) {
++ if (retval >= 0)
++ retval = -EIO;
+ goto out_free_ph;
++ }
+
+ files = current->files; /* Refcounted so ok */
+ retval = unshare_files();
+@@ -734,8 +740,14 @@
+ retval = kernel_read(bprm->file, elf_ppnt->p_offset,
+ elf_interpreter,
+ elf_ppnt->p_filesz);
+- if (retval < 0)
++ if (retval != elf_ppnt->p_filesz) {
++ if (retval >= 0)
++ retval = -EIO;
+ goto out_free_interp;
++ }
++ /* make sure path is NULL terminated */
++ elf_interpreter[elf_ppnt->p_filesz - 1] = '\0';
++
+ /* If the program interpreter is one of these two,
+ * then assume an iBCS2 image. Otherwise assume
+ * a native linux image.
+@@ -754,8 +766,11 @@
+ if (IS_ERR(interpreter))
+ goto out_free_interp;
+ retval = kernel_read(interpreter, 0, bprm->buf, BINPRM_BUF_SIZE);
+- if (retval < 0)
++ if (retval != BINPRM_BUF_SIZE) {
++ if (retval >= 0)
++ retval = -EIO;
+ goto out_free_dentry;
++ }
+
+ /* Get the exec headers */
+ interp_ex = *((struct exec *) bprm->buf);
+@@ -967,7 +982,10 @@
+ #endif
+
+ if (BAD_ADDR(error))
+- continue;
++ {
++ send_sig(SIGKILL, current, 0);
++ goto out_free_dentry;
++ }
+
+ /* PaX: mirror at a randomized base */
+ down_write(&current->mm->mmap_sem);
+@@ -1008,7 +1026,10 @@
+ {
+ error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags);
+ if (BAD_ADDR(error))
+- continue;
++ {
++ send_sig(SIGKILL, current, 0);
++ goto out_free_dentry;
++ }
+ }
+
+ if (!load_addr_set) {
diff --git a/sys-kernel/sparc-sources/sparc-sources-2.4.27-r3.ebuild b/sys-kernel/sparc-sources/sparc-sources-2.4.27-r3.ebuild
new file mode 100644
index 000000000000..efd7f6480272
--- /dev/null
+++ b/sys-kernel/sparc-sources/sparc-sources-2.4.27-r3.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/sparc-sources/sparc-sources-2.4.27-r3.ebuild,v 1.1 2004/11/12 22:20:22 joker Exp $
+
+IUSE="ultra1"
+
+# Kernel ebuilds using the kernel.eclass can remove any patch that you
+# do not want to apply by simply setting the KERNEL_EXCLUDE shell
+# variable to the string you want to exclude (for instance
+# KERNEL_EXCLUDE="grsecurity" would not patch any patches whose names match
+# *grsecurity*). Kernels are only tested in the default configuration, but
+# this may be useful if you know that a particular patch is causing a
+# conflict with a patch you personally want to apply, or some other
+# similar situation.
+
+ETYPE="sources"
+inherit kernel eutils
+
+# OKV=original kernel version, KV=patched kernel version. They can be the same.
+[ "$OKV" == "" ] && OKV="${PV}"
+
+EXTRAVERSION="-${PN/-*/}"
+[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}"
+KV="${OKV}${EXTRAVERSION}"
+
+PATCH_VERSION="2.4.27-sparc-r2"
+
+# Documentation on the patches contained in this kernel will be installed
+# to /usr/share/doc/sparc-sources-${PV}/patches.txt.gz
+
+DESCRIPTION="Full sources for the Gentoo Sparc Linux kernel"
+SRC_URI="http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2
+ mirror://gentoo/patches-${PATCH_VERSION}.tar.bz2"
+
+S=${WORKDIR}/linux-${KV}
+KEYWORDS="~x86 -ppc sparc"
+SLOT="${KV}"
+
+src_unpack() {
+ unpack ${A}
+ mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}"
+ cd ${PATCH_VERSION} || die "Unable to cd into ${PATCH_VERSION}"
+
+ kernel_src_unpack
+
+ # Fix a grsecurity problem on sparc32
+ [ "${PROFILE_ARCH}" = "sparc64" ] || epatch ${FILESDIR}/use-pte_alloc_one_fast-r1.patch
+
+ # Security fix Linux kernel binfmt_elf loader vulnerabilities
+ epatch ${FILESDIR}/gentoo-sources-2.4.27-binfmt_elf.patch
+
+ # Patch the HME driver only on Ultra1 machines.
+ use ultra1 && epatch ${FILESDIR}/U1-hme-lockup.patch
+}
+
+pkg_postinst() {
+
+ kernel_pkg_postinst
+
+ # Display SUN Ultra 1 HME warning if it can be detected or if the machinetype is unknown.
+ if [ ! -r "/proc/openprom/name" -o "`cat /proc/openprom/name 2>/dev/null`" = "'SUNW,Ultra-1'" ]; then
+ einfo
+ einfo "For users with an Enterprise model Ultra 1 using the HME network interface,"
+ einfo "please emerge the kernel using the following command:"
+ einfo
+ einfo "USE=ultra1 emerge sparc-sources"
+ einfo
+ fi
+}