summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Yamin <plasmaroo@gentoo.org>2005-01-09 12:22:41 +0000
committerTim Yamin <plasmaroo@gentoo.org>2005-01-09 12:22:41 +0000
commitbdbe73e4be2e08b6ec2ae8d6f0e92269fb872e9d (patch)
tree06257f0dcabff78f324ff9b1c39ae879b91ca61e
parentApache herd package refresh (Manifest recommit) (diff)
downloadgentoo-2-bdbe73e4be2e08b6ec2ae8d6f0e92269fb872e9d.tar.gz
gentoo-2-bdbe73e4be2e08b6ec2ae8d6f0e92269fb872e9d.tar.bz2
gentoo-2-bdbe73e4be2e08b6ec2ae8d6f0e92269fb872e9d.zip
Security bump; fixes bugs #75963, #77025 and #77094.
-rw-r--r--sys-kernel/usermode-sources/ChangeLog16
-rw-r--r--sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r12 (renamed from sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r11)2
-rw-r--r--sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r8 (renamed from sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r7)0
-rw-r--r--sys-kernel/usermode-sources/files/usermode-sources-2.4.77094.patch12
-rw-r--r--sys-kernel/usermode-sources/files/usermode-sources-2.4.brk-locked.patch258
-rw-r--r--sys-kernel/usermode-sources/files/usermode-sources-2.6.75963.patch32
-rw-r--r--sys-kernel/usermode-sources/files/usermode-sources-2.6.77094.patch142
-rw-r--r--sys-kernel/usermode-sources/files/usermode-sources-2.6.brk-locked.patch303
-rw-r--r--sys-kernel/usermode-sources/usermode-sources-2.4.26-r12.ebuild (renamed from sys-kernel/usermode-sources/usermode-sources-2.4.26-r11.ebuild)12
-rw-r--r--sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r8.ebuild (renamed from sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r7.ebuild)9
10 files changed, 775 insertions, 11 deletions
diff --git a/sys-kernel/usermode-sources/ChangeLog b/sys-kernel/usermode-sources/ChangeLog
index ee08fb7672e9..896f372dad6a 100644
--- a/sys-kernel/usermode-sources/ChangeLog
+++ b/sys-kernel/usermode-sources/ChangeLog
@@ -1,6 +1,18 @@
# ChangeLog for sys-kernel/usermode-sources
-# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/ChangeLog,v 1.57 2004/12/24 18:46:22 plasmaroo Exp $
+# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/ChangeLog,v 1.58 2005/01/09 12:22:41 plasmaroo Exp $
+
+*usermode-sources-2.6.8.1-r8 (09 Jan 2005)
+
+ 09 Jan 2005; <plasmaroo@gentoo.org> -usermode-sources-2.4.26-r11.ebuild,
+ +usermode-sources-2.4.26-r12.ebuild, -usermode-sources-2.6.8.1-r7.ebuild,
+ +usermode-sources-2.6.8.1-r8.ebuild,
+ +files/usermode-sources-2.4.77094.patch,
+ +files/usermode-sources-2.4.brk-locked.patch,
+ +files/usermode-sources-2.6.75963.patch,
+ +files/usermode-sources-2.6.77094.patch,
+ +files/usermode-sources-2.6.brk-locked.patch:
+ Security bump; fixes bugs #75963, #77025 and #77094.
*usermode-sources-2.4.26-r11 (24 Dec 2004)
diff --git a/sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r11 b/sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r12
index 9e29fc732ec2..dc87a6b958c9 100644
--- a/sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r11
+++ b/sys-kernel/usermode-sources/files/digest-usermode-sources-2.4.26-r12
@@ -1,4 +1,4 @@
MD5 88d7aefa03c92739cb70298a0b486e2c linux-2.4.26.tar.bz2 30772389
MD5 3fb146ded9e33819b815f5d233b891c2 uml-patch-2.4.26-3.bz2 206477
MD5 8f8f2412aacf9a01b5549bf2a9a3bff8 linux-2.4.26-CAN-2004-0415.patch 90145
-MD5 ad331c801d0a51a55f6f16046f2b15f8 usermode-sources-2.4.26-CAN-2004-0814.patch 81511
+MD5 53bc4871fa1f0e74c4700a7299a37d8e usermode-sources-2.4.26-CAN-2004-0814.2.patch 147684
diff --git a/sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r7 b/sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r8
index 700dd6829cb4..700dd6829cb4 100644
--- a/sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r7
+++ b/sys-kernel/usermode-sources/files/digest-usermode-sources-2.6.8.1-r8
diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.4.77094.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.4.77094.patch
new file mode 100644
index 000000000000..cc3a1552c83d
--- /dev/null
+++ b/sys-kernel/usermode-sources/files/usermode-sources-2.4.77094.patch
@@ -0,0 +1,12 @@
+diff -ur linux-2.4.28/drivers/char/random.c linux-2.4.28.plasmaroo/drivers/char/random.c
+--- linux-2.4.28/drivers/char/random.c 2004-11-17 11:54:21.000000000 +0000
++++ linux-2.4.28.plasmaroo/drivers/char/random.c 2005-01-08 02:54:49.198635736 +0000
+@@ -1787,7 +1787,7 @@
+ void *oldval, size_t *oldlenp,
+ void *newval, size_t newlen, void **context)
+ {
+- int len;
++ size_t len;
+
+ sysctl_poolsize = random_state->poolinfo.POOLBYTES;
+
diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.4.brk-locked.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.4.brk-locked.patch
new file mode 100644
index 000000000000..4a1a249464e1
--- /dev/null
+++ b/sys-kernel/usermode-sources/files/usermode-sources-2.4.brk-locked.patch
@@ -0,0 +1,258 @@
+diff -ur linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c
+--- linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c 2005-01-07 20:20:32.000000000 +0000
+@@ -130,7 +130,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+
+@@ -379,7 +379,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > len) {
+- do_brk(len, (last_bss - len));
++ do_brk_locked(len, (last_bss - len));
+ }
+ kfree(elf_phdata);
+
+@@ -567,7 +567,7 @@
+ unsigned long v;
+ struct prda *pp;
+
+- v = do_brk (PRDA_ADDRESS, PAGE_SIZE);
++ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
+
+ if (v < 0)
+ return;
+@@ -859,7 +859,7 @@
+ len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss-len);
++ do_brk_locked(len, bss-len);
+ kfree(elf_phdata);
+ return 0;
+ }
+diff -ur linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c
+--- linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:20:32.000000000 +0000
+@@ -49,7 +49,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+ /*
+@@ -246,10 +246,10 @@
+ if (N_MAGIC(ex) == NMAGIC) {
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -257,7 +257,7 @@
+
+ if (N_MAGIC(ex) == OMAGIC) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex) & PAGE_MASK,
++ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
+ ex.a_text+ex.a_data + PAGE_SIZE - 1);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+@@ -272,7 +272,7 @@
+
+ if (!bprm->file->f_op->mmap) {
+ loff_t pos = fd_offset;
+- do_brk(0, ex.a_text+ex.a_data);
++ do_brk_locked(0, ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+ goto beyond_if;
+@@ -388,7 +388,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_aout.c linux-2.4.28-gentoo-r5/fs/binfmt_aout.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_aout.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_aout.c 2005-01-07 20:20:32.000000000 +0000
+@@ -46,7 +46,7 @@
+ start = PAGE_ALIGN(start);
+ end = PAGE_ALIGN(end);
+ if (end > start) {
+- unsigned long addr = do_brk(start, end - start);
++ unsigned long addr = do_brk_locked(start, end - start);
+ if (BAD_ADDR(addr))
+ return addr;
+ }
+@@ -341,10 +341,10 @@
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+ /* <AOL></AOL> */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -365,7 +365,7 @@
+ map_size = ex.a_text+ex.a_data;
+ #endif
+
+- error = do_brk(text_addr & PAGE_MASK, map_size);
++ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
+ if (error != (text_addr & PAGE_MASK)) {
+ send_sig(SIGKILL, current, 0);
+ return error;
+@@ -399,7 +399,7 @@
+
+ if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
++ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+ flush_icache_range((unsigned long) N_TXTADDR(ex),
+@@ -500,7 +500,7 @@
+ error_time = jiffies;
+ }
+
+- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
++ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+
+ file->f_op->read(file, (char *)start_addr,
+ ex.a_text + ex.a_data, &pos);
+@@ -524,7 +524,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_elf.c linux-2.4.28-gentoo-r5/fs/binfmt_elf.c
+--- linux-2.4.28-gentoo-r4/fs/binfmt_elf.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/fs/binfmt_elf.c 2005-01-07 20:20:46.000000000 +0000
+@@ -130,7 +130,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+
+@@ -295,7 +297,9 @@ static unsigned long load_elf_interp(str
+ */
+ if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
+ goto out;
+- if (interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
++
++ if (interp_elf_ex->e_phnum < 1 ||
++ interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
+ goto out;
+
+ /* Now read in all of the header information */
+@@ -370,7 +370,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > elf_bss)
+- do_brk(elf_bss, last_bss - elf_bss);
++ do_brk_locked(elf_bss, last_bss - elf_bss);
+
+ *interp_load_addr = load_addr;
+ error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
+@@ -407,7 +407,7 @@
+ goto out;
+ }
+
+- do_brk(0, text_data);
++ do_brk_locked(0, text_data);
+ retval = -ENOEXEC;
+ if (!interpreter->f_op || !interpreter->f_op->read)
+ goto out;
+@@ -415,7 +415,7 @@
+ flush_icache_range((unsigned long)addr,
+ (unsigned long)addr + text_data);
+
+- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
++ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
+ interp_ex->a_bss);
+ elf_entry = interp_ex->a_entry;
+
+@@ -1271,7 +1271,7 @@
+ len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss - len);
++ do_brk_locked(len, bss - len);
+ error = 0;
+
+ out_free_ph:
+diff -ur linux-2.4.28-gentoo-r4/include/linux/mm.h linux-2.4.28-gentoo-r5/include/linux/mm.h
+--- linux-2.4.28-gentoo-r4/include/linux/mm.h 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/include/linux/mm.h 2005-01-07 20:20:32.000000000 +0000
+@@ -601,6 +601,7 @@
+ extern int do_munmap(struct mm_struct *, unsigned long, size_t);
+
+ extern unsigned long do_brk(unsigned long, unsigned long);
++extern unsigned long do_brk_locked(unsigned long, unsigned long);
+
+ static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
+ {
+diff -ur linux-2.4.28-gentoo-r4/kernel/ksyms.c linux-2.4.28-gentoo-r5/kernel/ksyms.c
+--- linux-2.4.28-gentoo-r4/kernel/ksyms.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/kernel/ksyms.c 2005-01-07 20:20:32.000000000 +0000
+@@ -90,6 +90,7 @@
+ EXPORT_SYMBOL(__do_mmap_pgoff);
+ EXPORT_SYMBOL(do_munmap);
+ EXPORT_SYMBOL(do_brk);
++EXPORT_SYMBOL(do_brk_locked);
+ EXPORT_SYMBOL(exit_mm);
+ EXPORT_SYMBOL(exit_files);
+ EXPORT_SYMBOL(exit_fs);
+diff -ur linux-2.4.28-gentoo-r4/mm/mmap.c linux-2.4.28-gentoo-r5/mm/mmap.c
+--- linux-2.4.28-gentoo-r4/mm/mmap.c 2005-01-07 20:33:12.000000000 +0000
++++ linux-2.4.28-gentoo-r5/mm/mmap.c 2005-01-07 20:20:32.000000000 +0000
+@@ -1401,6 +1401,21 @@
+ return addr;
+ }
+
++/* locking version of do_brk. */
++unsigned long do_brk_locked(unsigned long addr, unsigned long len)
++{
++ unsigned long ret;
++
++ down_write(&current->mm->mmap_sem);
++ ret = do_brk(addr, len);
++ up_write(&current->mm->mmap_sem);
++
++ return ret;
++}
++
++
++
++
+ /* Build the RB tree corresponding to the VMA list. */
+ void build_mmap_rb(struct mm_struct * mm)
+ {
diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.6.75963.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.6.75963.patch
new file mode 100644
index 000000000000..80390f13bd73
--- /dev/null
+++ b/sys-kernel/usermode-sources/files/usermode-sources-2.6.75963.patch
@@ -0,0 +1,32 @@
+--- linux-2.6.10/security/dummy.c 2004-12-24 21:34:26.000000000 +0000
++++ linux-2.6.10.plasmaroo/security/dummy.c 2005-01-07 20:13:50.763073872 +0000
+@@ -74,11 +74,8 @@
+
+ static int dummy_capable (struct task_struct *tsk, int cap)
+ {
+- if (cap_is_fs_cap (cap) ? tsk->fsuid == 0 : tsk->euid == 0)
+- /* capability granted */
++ if (cap_raised (tsk->cap_effective, cap))
+ return 0;
+-
+- /* capability denied */
+ return -EPERM;
+ }
+
+@@ -191,6 +188,8 @@
+
+ current->suid = current->euid = current->fsuid = bprm->e_uid;
+ current->sgid = current->egid = current->fsgid = bprm->e_gid;
++
++ dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ }
+
+ static int dummy_bprm_set_security (struct linux_binprm *bprm)
+@@ -550,6 +549,7 @@
+
+ static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+ {
++ dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ return 0;
+ }
+
diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.6.77094.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.6.77094.patch
new file mode 100644
index 000000000000..40ebbe843021
--- /dev/null
+++ b/sys-kernel/usermode-sources/files/usermode-sources-2.6.77094.patch
@@ -0,0 +1,142 @@
+diff -urp linux-2.6.8.1-r7/drivers/block/scsi_ioctl.c linux-2.6.8.1-r8/drivers/block/scsi_ioctl.c
+--- linux-2.6.8.1-r7/drivers/block/scsi_ioctl.c 2004-08-14 11:56:23.000000000 +0100
++++ linux-2.6.8.1-r8/drivers/block/scsi_ioctl.c 2005-01-09 12:09:55.345308528 +0000
+@@ -304,7 +304,8 @@ static int sg_scsi_ioctl(struct file *fi
+ struct gendisk *bd_disk, Scsi_Ioctl_Command __user *sic)
+ {
+ struct request *rq;
+- int err, in_len, out_len, bytes, opcode, cmdlen;
++ unsigned int in_len, out_len, bytes, opcode, cmdlen;
++ int err;
+ char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE];
+
+ /*
+diff -urp linux-2.6.8.1-r7/drivers/char/moxa.c linux-2.6.8.1-r8/drivers/char/moxa.c
+--- linux-2.6.8.1-r7/drivers/char/moxa.c 2005-01-09 12:06:21.000000000 +0000
++++ linux-2.6.8.1-r8/drivers/char/moxa.c 2005-01-09 12:09:55.327311264 +0000
+@@ -1687,6 +1687,8 @@ int MoxaDriverIoctl(unsigned int cmd, un
+ return -EFAULT;
+ if(dltmp.cardno < 0 || dltmp.cardno >= MAX_BOARDS)
+ return -EINVAL;
++ if(dltmp.len < 0 || dltmp.len > sizeof(moxaBuff))
++ return -EINVAL;
+
+ switch(cmd)
+ {
+@@ -2841,8 +2843,6 @@ static int moxaload320b(int cardno, unsi
+ unsigned long baseAddr;
+ int i;
+
+- if(len > sizeof(moxaBuff))
+- return -EINVAL;
+ if(copy_from_user(moxaBuff, tmp, len))
+ return -EFAULT;
+ baseAddr = moxaBaseAddr[cardno];
+diff -urp linux-2.6.8.1-r7/drivers/char/random.c linux-2.6.8.1-r8/drivers/char/random.c
+--- linux-2.6.8.1-r7/drivers/char/random.c 2004-08-14 11:54:48.000000000 +0100
++++ linux-2.6.8.1-r8/drivers/char/random.c 2005-01-09 12:09:55.358306552 +0000
+@@ -1917,7 +1917,7 @@ static int poolsize_strategy(ctl_table *
+ void __user *oldval, size_t __user *oldlenp,
+ void __user *newval, size_t newlen, void **context)
+ {
+- int len;
++ size_t len;
+
+ sysctl_poolsize = random_state->poolinfo.POOLBYTES;
+
+diff -urp linux-2.6.8.1-r7/include/linux/writeback.h linux-2.6.8.1-r8/include/linux/writeback.h
+--- linux-2.6.8.1-r7/include/linux/writeback.h 2004-08-14 11:54:49.000000000 +0100
++++ linux-2.6.8.1-r8/include/linux/writeback.h 2005-01-09 12:09:55.000000000 +0000
+@@ -74,6 +74,7 @@ static inline void wait_on_inode(struct
+ int wakeup_bdflush(long nr_pages);
+ void laptop_io_completion(void);
+ void laptop_sync_completion(void);
++void throttle_vm_writeout(void);
+
+ /* These are exported to sysctl. */
+ extern int dirty_background_ratio;
+diff -urp linux-2.6.8.1-r7/mm/mmap.c linux-2.6.8.1-r8/mm/mmap.c
+--- linux-2.6.8.1-r7/mm/mmap.c 2005-01-09 12:06:23.000000000 +0000
++++ linux-2.6.8.1-r8/mm/mmap.c 2005-01-09 12:09:55.000000000 +0000
+@@ -1223,6 +1223,13 @@ int expand_stack(struct vm_area_struct *
+ vm_unacct_memory(grow);
+ return -ENOMEM;
+ }
++ if ((vma->vm_flags & VM_LOCKED) && !capable(CAP_IPC_LOCK) &&
++ ((vma->vm_mm->locked_vm + grow) << PAGE_SHIFT) >
++ current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur) {
++ anon_vma_unlock(vma);
++ vm_unacct_memory(grow);
++ return -ENOMEM;
++ }
+ vma->vm_end = address;
+ vma->vm_mm->total_vm += grow;
+ if (vma->vm_flags & VM_LOCKED)
+@@ -1284,6 +1291,13 @@ int expand_stack(struct vm_area_struct *
+ vm_unacct_memory(grow);
+ return -ENOMEM;
+ }
++ if ((vma->vm_flags & VM_LOCKED) && !capable(CAP_IPC_LOCK) &&
++ ((vma->vm_mm->locked_vm + grow) << PAGE_SHIFT) >
++ current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur) {
++ anon_vma_unlock(vma);
++ vm_unacct_memory(grow);
++ return -ENOMEM;
++ }
+ vma->vm_start = address;
+ vma->vm_pgoff -= grow;
+ vma->vm_mm->total_vm += grow;
+diff -urp linux-2.6.8.1-r7/mm/page-writeback.c linux-2.6.8.1-r8/mm/page-writeback.c
+--- linux-2.6.8.1-r7/mm/page-writeback.c 2004-08-14 11:55:47.000000000 +0100
++++ linux-2.6.8.1-r8/mm/page-writeback.c 2005-01-09 12:09:55.000000000 +0000
+@@ -276,6 +276,28 @@ void balance_dirty_pages_ratelimited(str
+ }
+ EXPORT_SYMBOL(balance_dirty_pages_ratelimited);
+
++void throttle_vm_writeout(void)
++{
++ struct writeback_state wbs;
++ long background_thresh;
++ long dirty_thresh;
++
++ for ( ; ; ) {
++ get_dirty_limits(&wbs, &background_thresh, &dirty_thresh);
++
++ /*
++ * Boost the allowable dirty threshold a bit for page
++ * allocators so they don't get DoS'ed by heavy writers
++ */
++ dirty_thresh += dirty_thresh / 10; /* wheeee... */
++
++ if (wbs.nr_unstable + wbs.nr_writeback <= dirty_thresh)
++ break;
++ blk_congestion_wait(WRITE, HZ/10);
++ }
++}
++
++
+ /*
+ * writeback at least _min_pages, and keep writing until the amount of dirty
+ * memory is less than the background threshold, or until we're all clean.
+diff -urp linux-2.6.8.1-r7/mm/vmscan.c linux-2.6.8.1-r8/mm/vmscan.c
+--- linux-2.6.8.1-r7/mm/vmscan.c 2004-08-14 11:54:50.000000000 +0100
++++ linux-2.6.8.1-r8/mm/vmscan.c 2005-01-09 12:10:52.000000000 +0000
+@@ -362,9 +362,6 @@ static int shrink_list(struct list_head
+
+ BUG_ON(PageActive(page));
+
+- if (PageWriteback(page))
+- goto keep_locked;
+-
+ sc->nr_scanned++;
+ /* Double the slab pressure for mapped and swapcache pages */
+ if (page_mapped(page) || PageSwapCache(page))
+@@ -841,6 +838,8 @@ shrink_zone(struct zone *zone, struct sc
+ break;
+ }
+ }
++
++ throttle_vm_writeout();
+ }
+
+ /*
diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.6.brk-locked.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.6.brk-locked.patch
new file mode 100644
index 000000000000..6095e844d5f1
--- /dev/null
+++ b/sys-kernel/usermode-sources/files/usermode-sources-2.6.brk-locked.patch
@@ -0,0 +1,303 @@
+diff -ur linux-2.6.10/arch/mips/kernel/irixelf.c linux-2.6.10.plasmaroo/arch/mips/kernel/irixelf.c
+--- linux-2.6.10/arch/mips/kernel/irixelf.c 2004-12-24 21:35:50.000000000 +0000
++++ linux-2.6.10.plasmaroo/arch/mips/kernel/irixelf.c 2005-01-07 15:36:00.383356800 +0000
+@@ -127,7 +127,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+
+@@ -375,7 +375,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > len) {
+- do_brk(len, (last_bss - len));
++ do_brk_locked(len, (last_bss - len));
+ }
+ kfree(elf_phdata);
+
+@@ -562,7 +562,7 @@
+ unsigned long v;
+ struct prda *pp;
+
+- v = do_brk (PRDA_ADDRESS, PAGE_SIZE);
++ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
+
+ if (v < 0)
+ return;
+@@ -853,7 +853,7 @@
+ len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss-len);
++ do_brk_locked(len, bss-len);
+ kfree(elf_phdata);
+ return 0;
+ }
+diff -ur linux-2.6.10/arch/sparc64/kernel/binfmt_aout32.c linux-2.6.10.plasmaroo/arch/sparc64/kernel/binfmt_aout32.c
+--- linux-2.6.10/arch/sparc64/kernel/binfmt_aout32.c 2004-12-24 21:34:45.000000000 +0000
++++ linux-2.6.10.plasmaroo/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 15:36:00.432349352 +0000
+@@ -49,7 +49,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+ /*
+@@ -246,10 +246,10 @@
+ if (N_MAGIC(ex) == NMAGIC) {
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char __user *)N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char __user *)N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -257,7 +257,7 @@
+
+ if (N_MAGIC(ex) == OMAGIC) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex) & PAGE_MASK,
++ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
+ ex.a_text+ex.a_data + PAGE_SIZE - 1);
+ bprm->file->f_op->read(bprm->file, (char __user *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+@@ -272,7 +272,7 @@
+
+ if (!bprm->file->f_op->mmap) {
+ loff_t pos = fd_offset;
+- do_brk(0, ex.a_text+ex.a_data);
++ do_brk_locked(0, ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,
+ (char __user *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+@@ -389,7 +389,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -Nur linux-2.6.10/arch/x86_64/ia32/ia32_aout.c linux-2.6.10.plasmaroo/arch/x86_64/ia32/ia32_aout.c
+--- linux-2.6.10/arch/x86_64/ia32/ia32_aout.c 2005-01-03 16:17:04.000000000 -0200
++++ linux-2.6.10.plasmaroo/arch/x86_64/ia32/ia32_aout.c 2005-01-03 16:46:53.846823360 -0200
+@@ -115,7 +115,7 @@
+ end = PAGE_ALIGN(end);
+ if (end <= start)
+ return;
+- do_brk(start, end - start);
++ do_brk_locked(start, end - start);
+ }
+
+ #if CORE_DUMP
+@@ -325,7 +325,7 @@
+ pos = 32;
+ map_size = ex.a_text+ex.a_data;
+
+- error = do_brk(text_addr & PAGE_MASK, map_size);
++ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
+ if (error != (text_addr & PAGE_MASK)) {
+ send_sig(SIGKILL, current, 0);
+ return error;
+@@ -361,7 +361,7 @@
+
+ if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
++ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+ flush_icache_range((unsigned long) N_TXTADDR(ex),
+@@ -470,7 +470,7 @@
+ }
+ #endif
+
+- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
++ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+
+ file->f_op->read(file, (char *)start_addr,
+ ex.a_text + ex.a_data, &pos);
+@@ -494,7 +494,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.6.10/fs/binfmt_aout.c linux-2.6.10.plasmaroo/fs/binfmt_aout.c
+--- linux-2.6.10/fs/binfmt_aout.c 2004-12-24 21:35:50.000000000 +0000
++++ linux-2.6.10.plasmaroo/fs/binfmt_aout.c 2005-01-07 15:36:00.000000000 +0000
+@@ -50,7 +50,7 @@
+ start = PAGE_ALIGN(start);
+ end = PAGE_ALIGN(end);
+ if (end > start) {
+- unsigned long addr = do_brk(start, end - start);
++ unsigned long addr = do_brk_locked(start, end - start);
+ if (BAD_ADDR(addr))
+ return addr;
+ }
+@@ -323,10 +323,10 @@
+ loff_t pos = fd_offset;
+ /* Fuck me plenty... */
+ /* <AOL></AOL> */
+- error = do_brk(N_TXTADDR(ex), ex.a_text);
++ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
+ bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
+ ex.a_text, &pos);
+- error = do_brk(N_DATADDR(ex), ex.a_data);
++ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
+ bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
+ ex.a_data, &pos);
+ goto beyond_if;
+@@ -347,7 +347,7 @@
+ map_size = ex.a_text+ex.a_data;
+ #endif
+
+- error = do_brk(text_addr & PAGE_MASK, map_size);
++ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
+ if (error != (text_addr & PAGE_MASK)) {
+ send_sig(SIGKILL, current, 0);
+ return error;
+@@ -382,7 +382,7 @@
+
+ if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
+ loff_t pos = fd_offset;
+- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
++ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ bprm->file->f_op->read(bprm->file,
+ (char __user *)N_TXTADDR(ex),
+ ex.a_text+ex.a_data, &pos);
+@@ -488,7 +488,7 @@
+ error_time = jiffies;
+ }
+
+- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
++ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+
+ file->f_op->read(file, (char __user *)start_addr,
+ ex.a_text + ex.a_data, &pos);
+@@ -512,7 +512,7 @@
+ len = PAGE_ALIGN(ex.a_text + ex.a_data);
+ bss = ex.a_text + ex.a_data + ex.a_bss;
+ if (bss > len) {
+- error = do_brk(start_addr + len, bss - len);
++ error = do_brk_locked(start_addr + len, bss - len);
+ retval = error;
+ if (error != start_addr + len)
+ goto out;
+diff -ur linux-2.6.10/fs/binfmt_elf.c linux-2.6.10.plasmaroo/fs/binfmt_elf.c
+--- linux-2.6.10/fs/binfmt_elf.c 2004-12-24 21:34:33.000000000 +0000
++++ linux-2.6.10.plasmaroo/fs/binfmt_elf.c 2005-01-07 15:36:00.000000000 +0000
+@@ -88,7 +88,7 @@
+ start = ELF_PAGEALIGN(start);
+ end = ELF_PAGEALIGN(end);
+ if (end > start) {
+- unsigned long addr = do_brk(start, end - start);
++ unsigned long addr = do_brk_locked(start, end - start);
+ if (BAD_ADDR(addr))
+ return addr;
+ }
+@@ -408,7 +408,7 @@
+
+ /* Map the last of the bss segment */
+ if (last_bss > elf_bss) {
+- error = do_brk(elf_bss, last_bss - elf_bss);
++ error = do_brk_locked(elf_bss, last_bss - elf_bss);
+ if (BAD_ADDR(error))
+ goto out_close;
+ }
+@@ -448,7 +448,7 @@
+ goto out;
+ }
+
+- do_brk(0, text_data);
++ do_brk_locked(0, text_data);
+ if (!interpreter->f_op || !interpreter->f_op->read)
+ goto out;
+ if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
+@@ -456,7 +456,7 @@
+ flush_icache_range((unsigned long)addr,
+ (unsigned long)addr + text_data);
+
+- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
++ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
+ interp_ex->a_bss);
+ elf_entry = interp_ex->a_entry;
+
+@@ -1025,7 +1025,7 @@
+ len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
+ bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
+ if (bss > len)
+- do_brk(len, bss - len);
++ do_brk_locked(len, bss - len);
+ error = 0;
+
+ out_free_ph:
+diff -ur linux-2.6.10/include/linux/mm.h linux-2.6.10.plasmaroo/include/linux/mm.h
+--- linux-2.6.10/include/linux/mm.h 2004-12-24 21:33:50.000000000 +0000
++++ linux-2.6.10.plasmaroo/include/linux/mm.h 2005-01-07 15:36:00.000000000 +0000
+@@ -704,6 +704,7 @@
+ extern int do_munmap(struct mm_struct *, unsigned long, size_t);
+
+ extern unsigned long do_brk(unsigned long, unsigned long);
++extern unsigned long do_brk_locked(unsigned long, unsigned long);
+
+ /* filemap.c */
+ extern unsigned long page_unuse(struct page *);
+diff -ur linux-2.6.10/mm/mmap.c linux-2.6.10.plasmaroo/mm/mmap.c
+--- linux-2.6.10/mm/mmap.c 2004-12-24 21:35:00.000000000 +0000
++++ linux-2.6.10.plasmaroo/mm/mmap.c 2005-01-07 15:36:04.000000000 +0000
+@@ -1826,6 +1826,20 @@
+
+ EXPORT_SYMBOL(do_brk);
+
++/* locking version of do_brk. */
++unsigned long do_brk_locked(unsigned long addr, unsigned long len)
++{
++ unsigned long ret;
++
++ down_write(&current->mm->mmap_sem);
++ ret = do_brk(addr, len);
++ up_write(&current->mm->mmap_sem);
++
++ return ret;
++}
++
++EXPORT_SYMBOL(do_brk_locked);
++
+ /* Release all mmaps. */
+ void exit_mmap(struct mm_struct *mm)
+ {
+@@ -1952,3 +1966,4 @@
+ }
+ return new_vma;
+ }
++
+diff -ur linux-2.6.10/mm/nommu.c linux-2.6.10.plasmaroo/mm/nommu.c
+--- linux-2.6.10/mm/nommu.c 2004-12-24 21:35:25.000000000 +0000
++++ linux-2.6.10.plasmaroo/mm/nommu.c 2005-01-07 15:30:24.000000000 +0000
+@@ -557,6 +557,11 @@
+ return -ENOMEM;
+ }
+
++unsigned long do_brk_locked(unsigned long addr, unsigned long len)
++{
++ return -ENOMEM;
++}
++
+ struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long addr)
+ {
+ return NULL;
diff --git a/sys-kernel/usermode-sources/usermode-sources-2.4.26-r11.ebuild b/sys-kernel/usermode-sources/usermode-sources-2.4.26-r12.ebuild
index 2b6ad53f9643..55b0045c8143 100644
--- a/sys-kernel/usermode-sources/usermode-sources-2.4.26-r11.ebuild
+++ b/sys-kernel/usermode-sources/usermode-sources-2.4.26-r12.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.4.26-r11.ebuild,v 1.1 2004/12/24 18:46:22 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.4.26-r12.ebuild,v 1.1 2005/01/09 12:22:41 plasmaroo Exp $
ETYPE="sources"
inherit kernel-2
@@ -15,7 +15,7 @@ DESCRIPTION="Full (vanilla) sources for the User Mode Linux kernel"
SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${PV}.tar.bz2
mirror://sourceforge/user-mode-linux/${UML_PATCH}.bz2
http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-${PV}-CAN-2004-0415.patch
- http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.patch"
+ http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.2.patch"
HOMEPAGE="http://www.kernel.org/ http://user-mode-linux.sourceforge.net"
LICENSE="GPL-2"
KEYWORDS="x86 -ppc"
@@ -34,7 +34,7 @@ UNIPATCH_LIST="${DISTDIR}/${UML_PATCH}.bz2
${FILESDIR}/${PN}.CAN-2004-0497.patch
${FILESDIR}/${PN}-2.4.CAN-2004-0535.patch
${FILESDIR}/${PN}-2.4.CAN-2004-0685.patch
- ${DISTDIR}/${P}-CAN-2004-0814.patch
+ ${DISTDIR}/${P}-CAN-2004-0814.2.patch
${FILESDIR}/${PN}-2.4.FPULockup-53804.patch
${FILESDIR}/${PN}-2.4.cmdlineLeak.patch
${FILESDIR}/${PN}-2.4.XDRWrapFix.patch
@@ -45,7 +45,9 @@ UNIPATCH_LIST="${DISTDIR}/${UML_PATCH}.bz2
${FILESDIR}/${PN}-2.4.vma.patch
${FILESDIR}/${PN}-2.4.CAN-2004-1016.patch
${FILESDIR}/${PN}-2.4.CAN-2004-1056.patch
- ${FILESDIR}/${PN}-2.4.CAN-2004-1137.patch"
+ ${FILESDIR}/${PN}-2.4.CAN-2004-1137.patch
+ ${FILESDIR}/${PN}-2.4.brk-locked.patch
+ ${FILESDIR}/${PN}-2.4.77094.patch"
src_install() {
kernel-2_src_install
diff --git a/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r7.ebuild b/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r8.ebuild
index c3c880bf5be4..49747b1c27d1 100644
--- a/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r7.ebuild
+++ b/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r8.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2004 Gentoo Foundation
+# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r7.ebuild,v 1.1 2004/12/20 21:44:42 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.6.8.1-r8.ebuild,v 1.1 2005/01/09 12:22:41 plasmaroo Exp $
K_NOUSENAME="yes"
ETYPE="sources"
@@ -22,7 +22,10 @@ UNIPATCH_LIST="${DISTDIR}/${UML_PATCH}.bz2
${FILESDIR}/${PN}-2.6.CAN-2004-1016.patch
${FILESDIR}/${PN}-2.6.CAN-2004-1056.patch
${FILESDIR}/${PN}-2.6.CAN-2004-1137.patch
- ${FILESDIR}/${PN}-2.6.CAN-2004-1151.patch"
+ ${FILESDIR}/${PN}-2.6.CAN-2004-1151.patch
+ ${FILESDIR}/${PN}-2.6.75963.patch
+ ${FILESDIR}/${PN}-2.6.brk-locked.patch
+ ${FILESDIR}/${PN}-2.6.77094.patch"
DESCRIPTION="Full (vanilla) sources for the User Mode Linux kernel"
SRC_URI="mirror://kernel/linux/kernel/v2.6/linux-${PV}.tar.bz2