Added the patch for the mremap/munmap vulnerability. Bug #42024.

author: Tim Yamin <plasmaroo@gentoo.org> 2004-02-18 18:24:35 +0000
committer: Tim Yamin <plasmaroo@gentoo.org> 2004-02-18 18:24:35 +0000
commit: 197c32733efdbcc01659d16ceca209c089adc724 (patch)
tree: 958901bb514661cc9027f3e0d85b982e7beb14fe /sys-kernel
parent: bump to 2.6.3 stable and fix for munmap vulnerability (diff)
download: historical-197c32733efdbcc01659d16ceca209c089adc724.tar.gz
historical-197c32733efdbcc01659d16ceca209c089adc724.tar.bz2
historical-197c32733efdbcc01659d16ceca209c089adc724.zip
6 files changed, 95 insertions, 7 deletions
diff --git a/sys-kernel/ck-sources/ChangeLog b/sys-kernel/ck-sources/ChangeLog
index 4568218ff03e..143b16c148a4 100644
--- a/sys-kernel/ck-sources/ChangeLog
+++ b/sys-kernel/ck-sources/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for sys-kernel/ck-sources
 # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.20 2004/02/16 14:42:39 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.21 2004/02/18 18:24:35 plasmaroo Exp $
+
+  18 Feb 2004; <plasmaroo@gentoo.org> ck-sources-2.4.24-r1.ebuild,
+  ck-sources-2.6.2-r1.ebuild, files/ck-sources-2.4.24.munmap.patch,
+  files/ck-sources-2.6.2.munmap.patch:
+  Added the patch for the mremap/munmap vulnerability. Bug #42024.
 
   16 Feb 2004; <plasmaroo@gentoo.org> ck-sources-2.4.24-r1.ebuild,
   files/ck-sources-2.4.24.CAN-2004-0001.patch:
diff --git a/sys-kernel/ck-sources/Manifest b/sys-kernel/ck-sources/Manifest
index 76faae6f9d85..f8228c88e810 100644
--- a/sys-kernel/ck-sources/Manifest
+++ b/sys-kernel/ck-sources/Manifest
@@ -1,9 +1,9 @@
-MD5 09b0e5185faacd06e4955f2c0fa41372 ChangeLog 3489
+MD5 ea8e609b89d12af93e0c8e3b8edcec1d ChangeLog 3731
 MD5 50b4d502e416be23c76ec38bb5be275d ck-sources-2.4.22-r1.ebuild 2376
-MD5 fbc082ff256360b9e73aafeb01d2a021 ck-sources-2.6.2-r1.ebuild 659
+MD5 0cfb332fa263eca3fa2d2816b68eb137 ck-sources-2.6.2-r1.ebuild 693
 MD5 659225f3709d3099b222fe32b01996aa ck-sources-2.4.22-r2.ebuild 2819
 MD5 7187b8c28501f454a2412c9e4a7fcf53 metadata.xml 421
-MD5 c8855fa0a1738ff4cc58f4cfecfda849 ck-sources-2.4.24-r1.ebuild 2222
+MD5 cbcaaa861549a40ecf97cca35cb38eda ck-sources-2.4.24-r1.ebuild 2299
 MD5 ff7e54e20cd07989740ecef4b723e8f6 ck-sources-2.4.22-r3.ebuild 2831
 MD5 bc2d9e3acdf71e4e0ce547851e208c97 ck-sources-2.4.23-r1.ebuild 2290
 MD5 21de1cea06112ebc3b93be74f0cd68cd files/digest-ck-sources-2.4.22-r1 132
@@ -11,6 +11,8 @@ MD5 e77a93fdf26f06cf3ea5080b27211725 files/ck-sources.CAN-2003-0985.patch 414
 MD5 e2e2b545b6fcdcecf49e33798efa5b84 files/ck-sources.rtc_fix.patch 7073
 MD5 bf2b609e8cab6460d220b1267db09826 files/ck-sources-2.4.24.CAN-2004-0001.patch 982
 MD5 a0bc6b01975d5e049d56dac1b325690b files/digest-ck-sources-2.4.24-r1 132
+MD5 127fe46a668983c028f6b4a2f30174bc files/ck-sources-2.6.2.munmap.patch 1557
+MD5 174438d215b70cad5ffb00ca8123c062 files/ck-sources-2.4.24.munmap.patch 837
 MD5 82966f7b4b6e4528742eb1fb46a62565 files/digest-ck-sources-2.4.22-r2 285
 MD5 f6e9c2031ae54360cabb5d8670ce2eaf files/digest-ck-sources-2.6.2-r1 129
 MD5 8ff65c51449bbe71a64f15dd6840d3b5 files/digest-ck-sources-2.4.23-r1 285
diff --git a/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild b/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild
index d17f6494049d..f0aed0cf6c0f 100644
--- a/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild
+++ b/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild,v 1.2 2004/02/16 14:42:40 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.24-r1.ebuild,v 1.3 2004/02/18 18:24:35 plasmaroo Exp $
 
 IUSE="build"
 
@@ -59,6 +59,7 @@ src_unpack() {
 
 	bzcat ${DISTDIR}/patch-${KV}.bz2|patch -p1 || die "-ck patch failed"
 	epatch ${FILESDIR}/${P}.CAN-2004-0001.patch || die "Failed to apply AMD64 ptrace patch!"
+	epatch ${FILESDIR}/${P}.munmap.patch || die "Failed to apply munmap patch!"
 
 	kernel_universal_unpack
 }
diff --git a/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild b/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild
index e544e962ede8..e1755f9768c3 100644
--- a/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild
+++ b/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild
@@ -1,8 +1,8 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild,v 1.1 2004/02/16 12:08:44 spock Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.6.2-r1.ebuild,v 1.2 2004/02/18 18:24:35 plasmaroo Exp $
 
-UNIPATCH_LIST="${DISTDIR}/patch-${KV}.bz2"
+UNIPATCH_LIST="${DISTDIR}/patch-${KV}.bz2 ${FILESDIR}/${P}.munmap.patch"
 K_PREPATCHED="yes"
 UNIPATCH_STRICTORDER="yes"
 
diff --git a/sys-kernel/ck-sources/files/ck-sources-2.4.24.munmap.patch b/sys-kernel/ck-sources/files/ck-sources-2.4.24.munmap.patch
new file mode 100644
index 000000000000..e120b35b7adb
--- /dev/null
+++ b/sys-kernel/ck-sources/files/ck-sources-2.4.24.munmap.patch
@@ -0,0 +1,27 @@
+diff -ur linux-2.4.25-rc3/mm/mremap.c linux-2.4.25-rc4/mm/mremap.c
+--- linux-2.4.25-rc3/mm/mremap.c	2004-02-18 13:56:01.000000000 +0000
++++ linux-2.4.25-rc4/mm/mremap.c	2004-02-18 13:49:08.000000000 +0000
+@@ -258,16 +258,20 @@
+ 		if ((addr <= new_addr) && (addr+old_len) > new_addr)
+ 			goto out;
+ 
+-		do_munmap(current->mm, new_addr, new_len);
++		ret = do_munmap(current->mm, new_addr, new_len);
++		if (ret && new_len)
++			goto out;
+ 	}
+ 
+ 	/*
+ 	 * Always allow a shrinking remap: that just unmaps
+ 	 * the unnecessary pages..
+ 	 */
+-	ret = addr;
+ 	if (old_len >= new_len) {
+-		do_munmap(current->mm, addr+new_len, old_len - new_len);
++		ret = do_munmap(current->mm, addr+new_len, old_len - new_len);
++		if (ret && old_len != new_len)
++			goto out;
++		ret = addr;
+ 		if (!(flags & MREMAP_FIXED) || (new_addr == addr))
+ 			goto out;
+ 	}
diff --git a/sys-kernel/ck-sources/files/ck-sources-2.6.2.munmap.patch b/sys-kernel/ck-sources/files/ck-sources-2.6.2.munmap.patch
new file mode 100644
index 000000000000..47a199c870db
--- /dev/null
+++ b/sys-kernel/ck-sources/files/ck-sources-2.6.2.munmap.patch
@@ -0,0 +1,53 @@
+diff -Naur 2.6.2/mm/mremap.c 2.6.3/mm/mremap.c
+--- 2.6.2/mm/mremap.c	2004-02-18 03:29:48.000000000 +0100
++++ 2.6.3/mm/mremap.c	2004-02-18 10:21:20.000000000 +0100
+@@ -135,15 +135,17 @@
+ 		dst = alloc_one_pte_map(mm, new_addr);
+ 		if (src == NULL)
+ 			src = get_one_pte_map_nested(mm, old_addr);
+-		error = copy_one_pte(vma, old_addr, src, dst, &pte_chain);
+-		pte_unmap_nested(src);
+-		pte_unmap(dst);
+-	} else
+ 		/*
+-		 * Why do we need this flush ? If there is no pte for
+-		 * old_addr, then there must not be a pte for it as well.
++		 * Since alloc_one_pte_map can drop and re-acquire
++		 * page_table_lock, we should re-check the src entry...
+ 		 */
+-		flush_tlb_page(vma, old_addr);
++		if (src) {
++			error = copy_one_pte(vma, old_addr, src,
++						dst, &pte_chain);
++			pte_unmap_nested(src);
++		}
++		pte_unmap(dst);
++	}
+ 	spin_unlock(&mm->page_table_lock);
+ 	pte_chain_free(pte_chain);
+ out:
+@@ -346,7 +348,9 @@
+ 		if ((addr <= new_addr) && (addr+old_len) > new_addr)
+ 			goto out;
+ 
+-		do_munmap(current->mm, new_addr, new_len);
++		ret = do_munmap(current->mm, new_addr, new_len);
++		if (ret)
++			goto out;
+ 	}
+ 
+ 	/*
+@@ -354,9 +358,11 @@
+ 	 * the unnecessary pages..
+ 	 * do_munmap does all the needed commit accounting
+ 	 */
+-	ret = addr;
+ 	if (old_len >= new_len) {
+-		do_munmap(current->mm, addr+new_len, old_len - new_len);
++		ret = do_munmap(current->mm, addr+new_len, old_len - new_len);
++		if (ret && old_len != new_len)
++			goto out;
++		ret = addr;
+ 		if (!(flags & MREMAP_FIXED) || (new_addr == addr))
+ 			goto out;
+ 		old_len = new_len;
author	Tim Yamin <plasmaroo@gentoo.org>	2004-02-18 18:24:35 +0000
committer	Tim Yamin <plasmaroo@gentoo.org>	2004-02-18 18:24:35 +0000
commit	197c32733efdbcc01659d16ceca209c089adc724 (patch)
tree	958901bb514661cc9027f3e0d85b982e7beb14fe /sys-kernel
parent	bump to 2.6.3 stable and fix for munmap vulnerability (diff)
download	historical-197c32733efdbcc01659d16ceca209c089adc724.tar.gz historical-197c32733efdbcc01659d16ceca209c089adc724.tar.bz2 historical-197c32733efdbcc01659d16ceca209c089adc724.zip