Added the fix for the ptrace vulnerability for AMD64 platforms.

3 files changed, 37 insertions, 3 deletions

diff --git a/sys-kernel/aa-sources/ChangeLog b/sys-kernel/aa-sources/ChangeLog
index 28fb8328f24f..073989ad8951 100644
--- a/sys-kernel/aa-sources/ChangeLog
+++ b/sys-kernel/aa-sources/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for sys-kernel/aa-sources
-# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/ChangeLog,v 1.26 2004/01/08 17:44:57 plasmaroo Exp $
+# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/ChangeLog,v 1.27 2004/02/16 13:49:00 plasmaroo Exp $
+
+  16 Feb 2004; <plasmaroo@gentoo.org> aa-sources-2.4.23-r1.ebuild,
+  files/aa-sources-2.4.23.CAN-2004-0001.patch:
+  Added the fix for the ptrace vulnerability for AMD64 platforms.
 
   08 Jan 2004; Brian Jackson <iggy@gentoo.org> aa-sources-2.4.23-r1.ebuild:
   Somebody accidentally commented ${OKV}, bug 37588 resolved.
diff --git a/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild b/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild
index 31633d483e1c..27b8d67002ec 100644
--- a/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild
+++ b/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild,v 1.5 2004/01/08 15:14:15 iggy Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/aa-sources-2.4.23-r1.ebuild,v 1.6 2004/02/16 13:49:00 plasmaroo Exp $
 
 IUSE="build"
 
@@ -62,6 +62,7 @@ src_unpack() {
 	sed -e '51i \				   qsort.o \\' -i fs/xfs/support/Makefile
 
 	epatch ${FILESDIR}/${P}.CAN-2003-0985.patch || die "Failed to apply mremap() patch!"
+	epatch ${FILESDIR}/${P}.CAN-2004-0001.patch || die "Failed to apply AMD64 ptrace patch!"
 	epatch ${FILESDIR}/${P}.rtc_fix.patch || die "Failed to apply RTC patch!"
 
 	kernel_universal_unpack
diff --git a/sys-kernel/aa-sources/files/aa-sources-2.4.23.CAN-2004-0001.patch b/sys-kernel/aa-sources/files/aa-sources-2.4.23.CAN-2004-0001.patch
new file mode 100644
index 000000000000..bb51f9aa9a62
--- /dev/null
+++ b/sys-kernel/aa-sources/files/aa-sources-2.4.23.CAN-2004-0001.patch
@@ -0,0 +1,29 @@
+diff -u linux/arch/x86_64/ia32/ptrace32.c-PTRACE linux/arch/x86_64/ia32/ptrace32.c
+--- linux/arch/x86_64/ia32/ptrace32.c-PTRACE	2003-06-16 13:03:58.000000000 +0200
++++ linux/arch/x86_64/ia32/ptrace32.c	2004-01-07 18:04:43.000000000 +0100
+@@ -25,6 +25,10 @@
+ #include <asm/fpu32.h>
+ #include <linux/mm.h>
+ 
++/* determines which flags the user has access to. */
++/* 1 = access 0 = no access */
++#define FLAG_MASK 0x44dd5UL
++
+ #define R32(l,q) \
+ 	case offsetof(struct user32, regs.l): stack[offsetof(struct pt_regs, q)/8] = val; break
+ 
+@@ -69,9 +73,12 @@
+ 	R32(eip, rip);
+ 	R32(esp, rsp);
+ 
+-	case offsetof(struct user32, regs.eflags): 
+-		stack[offsetof(struct pt_regs, eflags)/8] = val & 0x44dd5; 
++	case offsetof(struct user32, regs.eflags): { 
++		__u64 *flags = &stack[offsetof(struct pt_regs, eflags)/8];
++		val &= FLAG_MASK;
++		*flags = val | (*flags & ~FLAG_MASK);
+ 		break;
++	}
+ 
+ 	case offsetof(struct user32, u_debugreg[4]): 
+ 	case offsetof(struct user32, u_debugreg[5]):