From 0356e599ee82fc0ef3b94b95e10eb295ba7352d2 Mon Sep 17 00:00:00 2001
From: Ned Ludd <solar@gentoo.org>
Date: Sat, 8 Jan 2005 19:26:33 +0000
Subject: - Adds CAN-2004-1137.patch. - Adds 2.4.x uselib patch with extra
 semaphore locking for PaX enabled kernels. - Adds back
 2.4.27-cmdline-race.patch.

---
 sys-kernel/grsec-sources/ChangeLog                 |   9 +-
 sys-kernel/grsec-sources/Manifest                  |  16 +-
 .../grsec-sources/files/2.4.28-uselib4pax.patch    | 265 +++++++++++++++++++++
 .../files/gentoo-sources-2.4.CAN-2004-1137.patch   |  59 +++++
 .../grsec-sources-2.4.28.2.1.0.ebuild              |   7 +-
 5 files changed, 346 insertions(+), 10 deletions(-)
 create mode 100644 sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch
 create mode 100644 sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch

(limited to 'sys-kernel/grsec-sources')

diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog
index 3c0b85b943f8..24cd605aeb9b 100644
--- a/sys-kernel/grsec-sources/ChangeLog
+++ b/sys-kernel/grsec-sources/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-kernel/grsec-sources
 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.42 2005/01/08 16:35:44 solar Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.43 2005/01/08 19:26:33 solar Exp $
+
+  08 Jan 2005; <solar@gentoo.org> +files/2.4.28-uselib4pax.patch,
+  +files/gentoo-sources-2.4.CAN-2004-1137.patch,
+  grsec-sources-2.4.28.2.1.0.ebuild:
+  - Adds CAN-2004-1137.patch.
+  - Adds 2.4.x uselib patch with extra semaphore locking for PaX enabled kernels.
+  - Adds back 2.4.27-cmdline-race.patch.
 
   08 Jan 2005; <solar@gentoo.org> :
   - digest update from plasmaroo for new CAN-2004-0814 patch
diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest
index 0724d31e23b3..9a055aa1fa80 100644
--- a/sys-kernel/grsec-sources/Manifest
+++ b/sys-kernel/grsec-sources/Manifest
@@ -4,13 +4,15 @@ Hash: SHA1
 MD5 14e92bfd64bcdc6704d67c60641a9896 grsec-sources-2.4.28.2.0.2-r1.ebuild 1253
 MD5 24764b94c52b15c33321df855d74ef1a grsec-sources-2.4.28.2.0.2-r3.ebuild 1353
 MD5 28f7057c915a09df4936882fd7088f05 grsec-sources-2.4.28.2.0.2-r2.ebuild 1281
-MD5 af528b54f8973d7add36f9760af7ae6d grsec-sources-2.4.28.2.1.0.ebuild 1607
-MD5 d251d310c6298c6446df71a6f1bd6961 ChangeLog 9353
+MD5 bb15b16d01dbecf547fd9086b2e90a03 grsec-sources-2.4.28.2.1.0.ebuild 1739
+MD5 090bc17c360948e415cb042df8d03494 ChangeLog 9659
 MD5 0b2ea9b53b5d526e39afbdc5040ff07a metadata.xml 487
 MD5 0adbefda5e0d752b23dd2f930e6f6bbf files/linux-2.4.28-random-poolsize.patch 452
+MD5 8c35751caf824a9dacb02e80d6189b2e files/gentoo-sources-2.4.CAN-2004-1137.patch 1764
 MD5 4263daf594b58ea0c0b59e87afe3a7c9 files/CAN-2004-1074.patch 11121
 MD5 757ee1239c3f14645ccea3640d551e11 files/CAN-2004-1056.patch 11249
 MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319
+MD5 29e531cdd3f2effce5e31a1f2afb5b5d files/2.4.28-uselib4pax.patch 8912
 MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
 MD5 8c7a1adf3e5ca3b4cfd6a75f5704d2fc files/digest-grsec-sources-2.4.28.2.1.0 231
 MD5 4a0215139f9aebfe2cc2747743763f08 files/2.4.28-binfmt_a.out.patch 1887
@@ -22,9 +24,9 @@ MD5 d1ccc2047be533c992f67270a150a210 files/2.4.27-cmdline-race.patch 388
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.4 (GNU/Linux)
 
-iQCVAwUBQeALQJ4WFLgrx1GWAQK3jAP/bWr0WlQov1423InyNCq2UG1vKzcDKDAX
-GCnSpzth5BQs5qZfOi5V/U+6pCTKyLYbotkDR0m26dSdPFv/oxrSlcPLakl8HbeR
-fonUwlISF0PA/nuIzwmsjpsq70FwDt9oEpvp5Q0UTICqxR+W6A7igRSYNNfyK8h0
-RcYvE6G5Q+E=
-=4Mt8
+iQCVAwUBQeAzTp4WFLgrx1GWAQLFwwP/YryG2VUPH9IDCtJLu9aS+W0ptrgrU2aa
+xLy6CAx+ESZP3Nj5IZG8tWNS93KcPZp7XOyaSdORabqF88mK2gk8rxtnvhIkSbW+
+c4XY4EcCuGcNlByH08JrW43Cf79n8Pm34VFlfzKGLIbV63ru/2056s7mrXY5Cw9D
+etapTbG/q9A=
+=534e
 -----END PGP SIGNATURE-----
diff --git a/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch b/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch
new file mode 100644
index 000000000000..c275b0b1649e
--- /dev/null
+++ b/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch
@@ -0,0 +1,265 @@
+diff -ur linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c
+--- linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c	2005-01-07 20:20:32.000000000 +0000
+@@ -130,7 +130,7 @@
+ 	end = PAGE_ALIGN(end);
+ 	if (end <= start)
+ 		return;
+-	do_brk(start, end - start);
++	do_brk_locked(start, end - start);
+ }
+ 
+ 
+@@ -379,7 +379,7 @@
+ 
+ 	/* Map the last of the bss segment */
+ 	if (last_bss > len) {
+-		do_brk(len, (last_bss - len));
++		do_brk_locked(len, (last_bss - len));
+ 	}
+ 	kfree(elf_phdata);
+ 
+@@ -567,7 +567,7 @@
+ 	unsigned long v;
+ 	struct prda *pp;
+ 
+-	v =  do_brk (PRDA_ADDRESS, PAGE_SIZE);
++	v =  do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
+ 
+ 	if (v < 0)
+ 		return;
+@@ -859,7 +859,7 @@
+ 	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
+ 	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ 	if (bss > len)
+-	  do_brk(len, bss-len);
++	  do_brk_locked(len, bss-len);
+ 	kfree(elf_phdata);
+ 	return 0;
+ }
+diff -ur linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c
+--- linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c	2005-01-07 20:20:32.000000000 +0000
+@@ -49,7 +49,7 @@
+ 	end = PAGE_ALIGN(end);
+ 	if (end <= start)
+ 		return;
+-	do_brk(start, end - start);
++	do_brk_locked(start, end - start);
+ }
+ 
+ /*
+@@ -246,10 +246,10 @@
+ 	if (N_MAGIC(ex) == NMAGIC) {
+ 		loff_t pos = fd_offset;
+ 		/* Fuck me plenty... */
+-		error = do_brk(N_TXTADDR(ex), ex.a_text);
++		error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ 		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ 			  ex.a_text, &pos);
+-		error = do_brk(N_DATADDR(ex), ex.a_data);
++		error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ 		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ 			  ex.a_data, &pos);
+ 		goto beyond_if;
+@@ -257,7 +257,7 @@
+ 
+ 	if (N_MAGIC(ex) == OMAGIC) {
+ 		loff_t pos = fd_offset;
+-		do_brk(N_TXTADDR(ex) & PAGE_MASK,
++		do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
+ 			ex.a_text+ex.a_data + PAGE_SIZE - 1);
+ 		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ 			  ex.a_text+ex.a_data, &pos);
+@@ -272,7 +272,7 @@
+ 
+ 		if (!bprm->file->f_op->mmap) {
+ 			loff_t pos = fd_offset;
+-			do_brk(0, ex.a_text+ex.a_data);
++			do_brk_locked(0, ex.a_text+ex.a_data);
+ 			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ 				  ex.a_text+ex.a_data, &pos);
+ 			goto beyond_if;
+@@ -388,7 +388,7 @@
+ 	len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ 	bss = ex.a_text + ex.a_data + ex.a_bss;
+ 	if (bss > len) {
+-		error = do_brk(start_addr + len, bss - len);
++		error = do_brk_locked(start_addr + len, bss - len);
+ 		retval = error;
+ 		if (error != start_addr + len)
+ 			goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_aout.c linux-2.4.28-gentoo-r5/fs/binfmt_aout.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_aout.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_aout.c	2005-01-07 20:20:32.000000000 +0000
+@@ -46,7 +46,7 @@
+ 	start = PAGE_ALIGN(start);
+ 	end = PAGE_ALIGN(end);
+ 	if (end > start) {
+-		unsigned long addr = do_brk(start, end - start);
++		unsigned long addr = do_brk_locked(start, end - start);
+ 		if (BAD_ADDR(addr))
+ 			return addr;
+ 	}
+@@ -341,10 +341,10 @@
+ 		loff_t pos = fd_offset;
+ 		/* Fuck me plenty... */
+ 		/* <AOL></AOL> */
+-		error = do_brk(N_TXTADDR(ex), ex.a_text);
++		error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ 		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ 			  ex.a_text, &pos);
+-		error = do_brk(N_DATADDR(ex), ex.a_data);
++		error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ 		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ 			  ex.a_data, &pos);
+ 		goto beyond_if;
+@@ -365,7 +365,7 @@
+ 		map_size = ex.a_text+ex.a_data;
+ #endif
+ 
+-		error = do_brk(text_addr & PAGE_MASK, map_size);
++		error = do_brk_locked(text_addr & PAGE_MASK, map_size);
+ 		if (error != (text_addr & PAGE_MASK)) {
+ 			send_sig(SIGKILL, current, 0);
+ 			return error;
+@@ -399,7 +399,7 @@
+ 
+ 		if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
+ 			loff_t pos = fd_offset;
+-			do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
++			do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ 			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ 					ex.a_text+ex.a_data, &pos);
+ 			flush_icache_range((unsigned long) N_TXTADDR(ex),
+@@ -500,7 +500,7 @@
+ 			error_time = jiffies;
+ 		}
+ 
+-		do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
++		do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+ 		
+ 		file->f_op->read(file, (char *)start_addr,
+ 			ex.a_text + ex.a_data, &pos);
+@@ -524,7 +524,7 @@
+ 	len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ 	bss = ex.a_text + ex.a_data + ex.a_bss;
+ 	if (bss > len) {
+-		error = do_brk(start_addr + len, bss - len);
++		error = do_brk_locked(start_addr + len, bss - len);
+ 		retval = error;
+ 		if (error != start_addr + len)
+ 			goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_elf.c linux-2.4.28-gentoo-r5/fs/binfmt_elf.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_elf.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_elf.c	2005-01-07 20:20:46.000000000 +0000
+@@ -88,6 +88,7 @@ static void set_brk(unsigned long start,
+ 	end = ELF_PAGEALIGN(end);
+ 	if (end <= start)
+ 		return;
++	down_write(&current->mm->mmap_sem);
+ 	do_brk(start, end - start);
+ 
+ #ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
+@@ -95,6 +96,7 @@ static void set_brk(unsigned long start,
+ 		__do_mmap_pgoff(NULL, ELF_PAGEALIGN(start + current->mm->delta_exec), 0UL, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED | MAP_MIRROR, start);
+ #endif
+ 
++	up_write(&current->mm->mmap_sem);
+ }
+ 
+ 
+@@ -295,7 +297,9 @@ static unsigned long load_elf_interp(str
+ 	 */
+ 	if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
+ 		goto out;
+-	if (interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
++
++	if (interp_elf_ex->e_phnum < 1 ||
++	    interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
+ 		goto out;
+ 
+ 	/* Now read in all of the header information */ 
+@@ -370,7 +370,7 @@
+ 
+ 	/* Map the last of the bss segment */
+ 	if (last_bss > elf_bss)
+-		do_brk(elf_bss, last_bss - elf_bss);
++		do_brk_locked(elf_bss, last_bss - elf_bss);
+ 
+ 	*interp_load_addr = load_addr;
+ 	error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
+@@ -407,7 +407,7 @@
+ 		goto out;
+ 	}
+ 
+-	do_brk(0, text_data);
++	do_brk_locked(0, text_data);
+ 	if (!interpreter->f_op || !interpreter->f_op->read)
+ 		goto out;
+ 	if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
+@@ -415,7 +415,7 @@
+ 	flush_icache_range((unsigned long)addr,
+ 	                   (unsigned long)addr + text_data);
+ 
+-	do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
++	do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
+ 		interp_ex->a_bss);
+ 	elf_entry = interp_ex->a_entry;
+ 
+@@ -1271,7 +1271,7 @@
+ 	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
+ 	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ 	if (bss > len)
+-		do_brk(len, bss - len);
++		do_brk_locked(len, bss - len);
+ 	error = 0;
+ 
+ out_free_ph:
+diff -ur linux-2.4.28-gentoo-r4/include/linux/mm.h linux-2.4.28-gentoo-r5/include/linux/mm.h
+--- linux-2.4.28-gentoo-r4/include/linux/mm.h	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/include/linux/mm.h	2005-01-07 20:20:32.000000000 +0000
+@@ -601,6 +601,7 @@
+ extern int do_munmap(struct mm_struct *, unsigned long, size_t);
+ 
+ extern unsigned long do_brk(unsigned long, unsigned long);
++extern unsigned long do_brk_locked(unsigned long, unsigned long);
+ 
+ static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
+ {
+diff -ur linux-2.4.28-gentoo-r4/kernel/ksyms.c linux-2.4.28-gentoo-r5/kernel/ksyms.c
+--- linux-2.4.28-gentoo-r4/kernel/ksyms.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/kernel/ksyms.c	2005-01-07 20:20:32.000000000 +0000
+@@ -90,6 +90,7 @@
+ EXPORT_SYMBOL(__do_mmap_pgoff);
+ EXPORT_SYMBOL(do_munmap);
+ EXPORT_SYMBOL(do_brk);
++EXPORT_SYMBOL(do_brk_locked);
+ EXPORT_SYMBOL(exit_mm);
+ EXPORT_SYMBOL(exit_files);
+ EXPORT_SYMBOL(exit_fs);
+diff -ur linux-2.4.28-gentoo-r4/mm/mmap.c linux-2.4.28-gentoo-r5/mm/mmap.c
+--- linux-2.4.28-gentoo-r4/mm/mmap.c	2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/mm/mmap.c	2005-01-07 20:20:32.000000000 +0000
+@@ -1401,6 +1401,21 @@
+ 	return addr;
+ }
+ 
++/* locking version of do_brk. */
++unsigned long do_brk_locked(unsigned long addr, unsigned long len)
++{
++	unsigned long ret;
++
++	down_write(&current->mm->mmap_sem);
++	ret = do_brk(addr, len);
++	up_write(&current->mm->mmap_sem);
++
++	return ret;
++}
++
++
++
++
+ /* Build the RB tree corresponding to the VMA list. */
+ void build_mmap_rb(struct mm_struct * mm)
+ {
diff --git a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch b/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch
new file mode 100644
index 000000000000..161806ce79d7
--- /dev/null
+++ b/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch
@@ -0,0 +1,59 @@
+--- linux-2.4.28-orig/net/ipv4/igmp.c	2004-08-08 01:26:06.000000000 +0200
++++ linux-2.4.28/net/ipv4/igmp.c	2004-12-15 22:12:48.000000000 +0100
+@@ -1757,12 +1757,12 @@
+ 			goto done;
+ 		rv = !0;
+ 		for (i=0; i<psl->sl_count; i++) {
+-			rv = memcmp(&psl->sl_addr, &mreqs->imr_multiaddr,
++			rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
+ 				sizeof(__u32));
+-			if (rv >= 0)
++			if (rv == 0)
+ 				break;
+ 		}
+-		if (!rv)	/* source not found */
++		if (rv)		/* source not found */
+ 			goto done;
+ 
+ 		/* update the interface filter */
+@@ -1804,9 +1804,9 @@
+ 	}
+ 	rv = 1;	/* > 0 for insert logic below if sl_count is 0 */
+ 	for (i=0; i<psl->sl_count; i++) {
+-		rv = memcmp(&psl->sl_addr, &mreqs->imr_multiaddr,
++		rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
+ 			sizeof(__u32));
+-		if (rv >= 0)
++		if (rv == 0)
+ 			break;
+ 	}
+ 	if (rv == 0)		/* address already there is an error */
+--- linux-2.4.28-orig/net/ipv6/mcast.c	2004-11-17 12:54:22.000000000 +0100
++++ linux-2.4.28/net/ipv6/mcast.c	2004-12-15 22:14:07.000000000 +0100
+@@ -386,12 +386,12 @@
+ 			goto done;
+ 		rv = !0;
+ 		for (i=0; i<psl->sl_count; i++) {
+-			rv = memcmp(&psl->sl_addr, group,
++			rv = memcmp(&psl->sl_addr[i], source,
+ 				sizeof(struct in6_addr));
+-			if (rv >= 0)
++			if (rv == 0)
+ 				break;
+ 		}
+-		if (!rv)	/* source not found */
++		if (rv)		/* source not found */
+ 			goto done;
+ 
+ 		/* update the interface filter */
+@@ -432,8 +432,8 @@
+ 	}
+ 	rv = 1;	/* > 0 for insert logic below if sl_count is 0 */
+ 	for (i=0; i<psl->sl_count; i++) {
+-		rv = memcmp(&psl->sl_addr, group, sizeof(struct in6_addr));
+-		if (rv >= 0)
++		rv = memcmp(&psl->sl_addr[i], source, sizeof(struct in6_addr));
++		if (rv == 0)
+ 			break;
+ 	}
+ 	if (rv == 0)		/* address already there is an error */
diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild
index f6fbeb38daa5..828e8e693d53 100644
--- a/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild
+++ b/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild,v 1.1 2005/01/08 05:21:39 solar Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.28.2.1.0.ebuild,v 1.2 2005/01/08 19:26:33 solar Exp $
 
 ETYPE="sources"
 UNIPATCH_STRICTORDER="yes"
@@ -31,7 +31,10 @@ UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \
 	${FILESDIR}/CAN-2004-1074.patch \
 	${FILESDIR}/CAN-2004-1056.patch \
 	${DISTDIR}/linux-2.4.28-CAN-2004-0814.patch \
-	${FILESDIR}/linux-2.4.28-random-poolsize.patch"
+	${FILESDIR}/linux-2.4.28-random-poolsize.patch \
+	${FILESDIR}/2.4.27-cmdline-race.patch \
+	${FILESDIR}/2.4.28-uselib4pax.patch
+	${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch"
 
 src_unpack() {
 	kernel-2_src_unpack
-- 
cgit v1.2.3-65-gdbad