Version bump to fix bugs #143538 (CVE-2006-4145), #139641 (CVE-2006-2936), and #141503 (CVE-2006-3468).

Package-Manager: portage-2.1-r2
author: Andrew Ross <aross@gentoo.org> 2006-09-10 11:36:22 +0000
committer: Andrew Ross <aross@gentoo.org> 2006-09-10 11:36:22 +0000
commit: 57345006ddae31ccb71a1dc265b7b9cd97c1ac1f (patch)
tree: 6bbb14cb759dc35c62a74f2bbc01868b060f037e /sys-kernel/xen-sources
parent: Updating non versioned tar.gz. Bug #130342 (diff)
download: historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.tar.gz
historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.tar.bz2
historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.zip
5 files changed, 183 insertions, 5 deletions
diff --git a/sys-kernel/xen-sources/ChangeLog b/sys-kernel/xen-sources/ChangeLog
index 76c3b7a35781..bdc0e43f2f59 100644
--- a/sys-kernel/xen-sources/ChangeLog
+++ b/sys-kernel/xen-sources/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for sys-kernel/xen-sources
 # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/ChangeLog,v 1.33 2006/08/26 06:24:11 aross Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/ChangeLog,v 1.34 2006/09/10 11:36:22 aross Exp $
+
+*xen-sources-2.6.16.28 (10 Sep 2006)
+
+  10 Sep 2006; <aross@gentoo.org>
+  +files/xen-sources-2.6.16.28-CVE-2006-3468.patch,
+  +xen-sources-2.6.16.28.ebuild:
+  Version bump to fix bugs #143538 (CVE-2006-4145), #139641 (CVE-2006-2936), and
+  #141503 (CVE-2006-3468).
 
 *xen-sources-2.6.16.26-r1 (26 Aug 2006)
 
diff --git a/sys-kernel/xen-sources/Manifest b/sys-kernel/xen-sources/Manifest
index e6c3f0a1a8ec..0b890d7c110e 100644
--- a/sys-kernel/xen-sources/Manifest
+++ b/sys-kernel/xen-sources/Manifest
@@ -2,8 +2,13 @@ AUX xen-sources-2.6.16.26-CVE-2006-2935.patch 987 RMD160 fd8896a08cbca676cc76ed7
 MD5 54151e6ebaffe8c0e120a81039a8ccda files/xen-sources-2.6.16.26-CVE-2006-2935.patch 987
 RMD160 fd8896a08cbca676cc76ed713cd4e223d44ee0ba files/xen-sources-2.6.16.26-CVE-2006-2935.patch 987
 SHA256 34eb3014c59ca234ff0ab0e22540fadb97f54d2cdca14743845820200a9245f3 files/xen-sources-2.6.16.26-CVE-2006-2935.patch 987
+AUX xen-sources-2.6.16.28-CVE-2006-3468.patch 3700 RMD160 6f4f016f1e8586384824803228729490e15478c4 SHA1 8409d2d61224c3ca6c8341baed9de4a0e28bb04b SHA256 235e7d34d6545480e6fa1e1e190860ed2c081d7890bb6532c0aad2d973084fdc
+MD5 07597cf53abbd6bf2a90bba4c514a8fb files/xen-sources-2.6.16.28-CVE-2006-3468.patch 3700
+RMD160 6f4f016f1e8586384824803228729490e15478c4 files/xen-sources-2.6.16.28-CVE-2006-3468.patch 3700
+SHA256 235e7d34d6545480e6fa1e1e190860ed2c081d7890bb6532c0aad2d973084fdc files/xen-sources-2.6.16.28-CVE-2006-3468.patch 3700
 DIST linux-2.6.16.tar.bz2 40845005 RMD160 af5c2f55733fadd2fdf8b00da55e7b31d516d4e8 SHA1 bef21cd5063a648f33a99a26f4742dd05eb4dca2 SHA256 1200dcc7e60fcdaf68618dba991917a47e41e67099e8b22143976ec972e2cad7
 DIST patch-2.6.16.26.bz2 59594 RMD160 4bf2a4db7aa6a3e04f381c2be9bd8ed2394dc1bf SHA1 bcdb7684626c2baa36b59ce594a05a0db3716593 SHA256 9439e071a4938aad379c514068cf3c6f100f49be209b5b6b1ab48f9aaf5ba0e0
+DIST patch-2.6.16.28.bz2 76693 RMD160 5235c0b5f9665a279f5bf5d42f942cef215e822f SHA1 7b1d450cf300ec6788919e4b5601389e258d28cc SHA256 6b05fd7121a86a5a6cfd0177200259eeb9a3d276a3cb16ba8cf2acdd747fa6be
 DIST xen-3.0.2-src.tgz 4933621 RMD160 34e4431a981891319f8a5ea0c3f604e7d8d7d7af SHA1 b7e797048b516f8b385afd3da9ae2eded1b8033a SHA256 f18ffab16a457fa721d11933c75f8288f6958c88c2669857c7c11d5107ba2951
 EBUILD xen-sources-2.6.16.26-r1.ebuild 1591 RMD160 017b57e94c079d9714136740042b6f85f78492c0 SHA1 de3bf8fb18f929defb3ffc896b6d6ede4f96a425 SHA256 670c516bf14b6c70232840efe7fe06d5300f9a2a57a22febe6224ad49fc72f80
 MD5 0509d037707611acd1b4f88babae4208 xen-sources-2.6.16.26-r1.ebuild 1591
@@ -13,10 +18,14 @@ EBUILD xen-sources-2.6.16.26.ebuild 1493 RMD160 c9af0104ef83a52f7e0ae743f0fc118e
 MD5 387804a4e1a8d611331f84f5ac48451b xen-sources-2.6.16.26.ebuild 1493
 RMD160 c9af0104ef83a52f7e0ae743f0fc118e170e713e xen-sources-2.6.16.26.ebuild 1493
 SHA256 fa611f203c9427809f19215fc33663ea8a450b354149e5966422080d285fe513 xen-sources-2.6.16.26.ebuild 1493
-MISC ChangeLog 5300 RMD160 409bf5fcda0242500662d3019d516bb6a5d831e5 SHA1 453d59acdf6d1782dc630ad5aae314a1788208d4 SHA256 17ba3501d4972277ff1b26b3d14954be05befe1b603fe12b30ff781db99050c9
-MD5 c7e3802a606c96717392ae972ca5bfb4 ChangeLog 5300
-RMD160 409bf5fcda0242500662d3019d516bb6a5d831e5 ChangeLog 5300
-SHA256 17ba3501d4972277ff1b26b3d14954be05befe1b603fe12b30ff781db99050c9 ChangeLog 5300
+EBUILD xen-sources-2.6.16.28.ebuild 1612 RMD160 e10fd59aae61b3c1c1d256053c166b47b7f575c7 SHA1 afad39fe7539a2796593edc95be1d498be995ff8 SHA256 1579641cae4d4e6cf4ce1c11f4b860b36d2b01ae81ea2ae64e49eb1decb7804c
+MD5 cdd1574a18b704893fa9dee6e63e59a9 xen-sources-2.6.16.28.ebuild 1612
+RMD160 e10fd59aae61b3c1c1d256053c166b47b7f575c7 xen-sources-2.6.16.28.ebuild 1612
+SHA256 1579641cae4d4e6cf4ce1c11f4b860b36d2b01ae81ea2ae64e49eb1decb7804c xen-sources-2.6.16.28.ebuild 1612
+MISC ChangeLog 5566 RMD160 cc2b9c945c75b5cb60282ee8eb3357a4155a7b4e SHA1 f80ec8a0f3fe787d6626f182f100e4d7bfb61e2c SHA256 f04d2472411b8c034b7207313f38c495182ff145f8328011394a2b8ec78c7a6b
+MD5 4556d4e27781ae816791742a477dbd65 ChangeLog 5566
+RMD160 cc2b9c945c75b5cb60282ee8eb3357a4155a7b4e ChangeLog 5566
+SHA256 f04d2472411b8c034b7207313f38c495182ff145f8328011394a2b8ec78c7a6b ChangeLog 5566
 MISC metadata.xml 156 RMD160 bb062b1ba5554779dcfd0e73baf533ce9fbcdf68 SHA1 e6da014f2004758c7a806592ef9450489eebf593 SHA256 4a030777459245372bda9f7925f3a5ed3ef2b29b77e1a2971f3400ac2059b1e2
 MD5 559b4095659a2a2a489784de8a6ef95e metadata.xml 156
 RMD160 bb062b1ba5554779dcfd0e73baf533ce9fbcdf68 metadata.xml 156
@@ -27,3 +36,6 @@ SHA256 2e376a6ddbbbc8c479d021719374dece65ad3c709984444f7d5f363a6a44fd05 files/di
 MD5 4a35def291ade3b7fc27598438b74191 files/digest-xen-sources-2.6.16.26-r1 717
 RMD160 a7397a617dd168b3415f792efb4f8459b8235e14 files/digest-xen-sources-2.6.16.26-r1 717
 SHA256 2e376a6ddbbbc8c479d021719374dece65ad3c709984444f7d5f363a6a44fd05 files/digest-xen-sources-2.6.16.26-r1 717
+MD5 577d28e423cb641a10a19426dd7d4b75 files/digest-xen-sources-2.6.16.28 717
+RMD160 733fddcdf423e30d8e952092cf4d2d2b8ecae621 files/digest-xen-sources-2.6.16.28 717
+SHA256 432b14d8eb07be2c7b17c028a5724598eae329997631a5bd3cee8251eec694bb files/digest-xen-sources-2.6.16.28 717
diff --git a/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28 b/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28
new file mode 100644
index 000000000000..30347f3d6d5e
--- /dev/null
+++ b/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28
@@ -0,0 +1,9 @@
+MD5 9a91b2719949ff0856b40bc467fd47be linux-2.6.16.tar.bz2 40845005
+RMD160 af5c2f55733fadd2fdf8b00da55e7b31d516d4e8 linux-2.6.16.tar.bz2 40845005
+SHA256 1200dcc7e60fcdaf68618dba991917a47e41e67099e8b22143976ec972e2cad7 linux-2.6.16.tar.bz2 40845005
+MD5 736e7d741c0650c320c2b37bf6de3c0b patch-2.6.16.28.bz2 76693
+RMD160 5235c0b5f9665a279f5bf5d42f942cef215e822f patch-2.6.16.28.bz2 76693
+SHA256 6b05fd7121a86a5a6cfd0177200259eeb9a3d276a3cb16ba8cf2acdd747fa6be patch-2.6.16.28.bz2 76693
+MD5 544eab940a0734a55459d648e5c3b224 xen-3.0.2-src.tgz 4933621
+RMD160 34e4431a981891319f8a5ea0c3f604e7d8d7d7af xen-3.0.2-src.tgz 4933621
+SHA256 f18ffab16a457fa721d11933c75f8288f6958c88c2669857c7c11d5107ba2951 xen-3.0.2-src.tgz 4933621
diff --git a/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-3468.patch b/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-3468.patch
new file mode 100644
index 000000000000..1452939ae341
--- /dev/null
+++ b/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-3468.patch
@@ -0,0 +1,106 @@
+diff --exclude-from=/home/dang/.diffrc -u -ruN linux-2.6.16.orig/fs/ext3/inode.c linux-2.6.16/fs/ext3/inode.c
+--- linux-2.6.16.orig/fs/ext3/inode.c	2006-03-20 00:53:29.000000000 -0500
++++ linux-2.6.16/fs/ext3/inode.c	2006-09-06 17:58:38.000000000 -0400
+@@ -1005,7 +1005,7 @@
+ 		ret = PTR_ERR(handle);
+ 		goto out;
+ 	}
+-	if (test_opt(inode->i_sb, NOBH))
++	if (test_opt(inode->i_sb, NOBH) && ext3_should_writeback_data(inode))
+ 		ret = nobh_prepare_write(page, from, to, ext3_get_block);
+ 	else
+ 		ret = block_prepare_write(page, from, to, ext3_get_block);
+@@ -1093,7 +1093,7 @@
+ 	if (new_i_size > EXT3_I(inode)->i_disksize)
+ 		EXT3_I(inode)->i_disksize = new_i_size;
+ 
+-	if (test_opt(inode->i_sb, NOBH))
++	if (test_opt(inode->i_sb, NOBH) && ext3_should_writeback_data(inode))
+ 		ret = nobh_commit_write(file, page, from, to);
+ 	else
+ 		ret = generic_commit_write(file, page, from, to);
+@@ -1343,7 +1343,7 @@
+ 		goto out_fail;
+ 	}
+ 
+-	if (test_opt(inode->i_sb, NOBH))
++	if (test_opt(inode->i_sb, NOBH) && ext3_should_writeback_data(inode))
+ 		ret = nobh_writepage(page, ext3_get_block, wbc);
+ 	else
+ 		ret = block_write_full_page(page, ext3_get_block, wbc);
+@@ -2258,17 +2258,15 @@
+ 	struct buffer_head *bh;
+ 	struct ext3_group_desc * gdp;
+ 
+-
+-	if ((ino != EXT3_ROOT_INO &&
+-		ino != EXT3_JOURNAL_INO &&
+-		ino != EXT3_RESIZE_INO &&
+-		ino < EXT3_FIRST_INO(sb)) ||
+-		ino > le32_to_cpu(
+-			EXT3_SB(sb)->s_es->s_inodes_count)) {
+-		ext3_error (sb, "ext3_get_inode_block",
+-			    "bad inode number: %lu", ino);
++	if (!ext3_valid_inum(sb, ino)) {
++		/*
++		 * This error is already checked for in namei.c unless we are
++		 * looking at an NFS filehandle, in which case no error
++		 * report is needed
++		 */
+ 		return 0;
+ 	}
++
+ 	block_group = (ino - 1) / EXT3_INODES_PER_GROUP(sb);
+ 	if (block_group >= EXT3_SB(sb)->s_groups_count) {
+ 		ext3_error (sb, "ext3_get_inode_block",
+diff --exclude-from=/home/dang/.diffrc -u -ruN linux-2.6.16.orig/fs/ext3/namei.c linux-2.6.16/fs/ext3/namei.c
+--- linux-2.6.16.orig/fs/ext3/namei.c	2006-03-20 00:53:29.000000000 -0500
++++ linux-2.6.16/fs/ext3/namei.c	2006-09-06 17:55:59.000000000 -0400
+@@ -1000,7 +1000,12 @@
+ 	if (bh) {
+ 		unsigned long ino = le32_to_cpu(de->inode);
+ 		brelse (bh);
+-		inode = iget(dir->i_sb, ino);
++		if (!ext3_valid_inum(dir->i_sb, ino)) {
++			ext3_error(dir->i_sb, "ext3_lookup",
++				   "bad inode number: %lu", ino);
++			inode = NULL;
++		} else
++			inode = iget(dir->i_sb, ino);
+ 
+ 		if (!inode)
+ 			return ERR_PTR(-EACCES);
+@@ -1028,7 +1033,13 @@
+ 		return ERR_PTR(-ENOENT);
+ 	ino = le32_to_cpu(de->inode);
+ 	brelse(bh);
+-	inode = iget(child->d_inode->i_sb, ino);
++
++	if (!ext3_valid_inum(child->d_inode->i_sb, ino)) {
++		ext3_error(child->d_inode->i_sb, "ext3_get_parent",
++			   "bad inode number: %lu", ino);
++		inode = NULL;
++	} else
++		inode = iget(child->d_inode->i_sb, ino);
+ 
+ 	if (!inode)
+ 		return ERR_PTR(-EACCES);
+diff --exclude-from=/home/dang/.diffrc -u -ruN linux-2.6.16.orig/include/linux/ext3_fs.h linux-2.6.16/include/linux/ext3_fs.h
+--- linux-2.6.16.orig/include/linux/ext3_fs.h	2006-03-20 00:53:29.000000000 -0500
++++ linux-2.6.16/include/linux/ext3_fs.h	2006-09-06 17:55:59.000000000 -0400
+@@ -494,6 +494,15 @@
+ {
+ 	return container_of(inode, struct ext3_inode_info, vfs_inode);
+ }
++
++static inline int ext3_valid_inum(struct super_block *sb, unsigned long ino)
++{
++	return ino == EXT3_ROOT_INO ||
++		ino == EXT3_JOURNAL_INO ||
++		ino == EXT3_RESIZE_INO ||
++		(ino >= EXT3_FIRST_INO(sb) &&
++		 ino <= le32_to_cpu(EXT3_SB(sb)->s_es->s_inodes_count));
++}
+ #else
+ /* Assume that user mode programs are passing in an ext3fs superblock, not
+  * a kernel struct super_block.  This will allow us to call the feature-test
diff --git a/sys-kernel/xen-sources/xen-sources-2.6.16.28.ebuild b/sys-kernel/xen-sources/xen-sources-2.6.16.28.ebuild
new file mode 100644
index 000000000000..c88c87331a38
--- /dev/null
+++ b/sys-kernel/xen-sources/xen-sources-2.6.16.28.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/xen-sources-2.6.16.28.ebuild,v 1.1 2006/09/10 11:36:22 aross Exp $
+
+ETYPE="sources"
+inherit kernel-2 eutils
+detect_arch
+detect_version
+[ "${PR}" == "r0" ] && KV=${PV/_/-}-xen || KV=${PV/_/-}-xen-${PR}
+
+DESCRIPTION="Full sources for a dom0/domU Linux kernel to run under Xen"
+HOMEPAGE="http://www.cl.cam.ac.uk/Research/SRG/netos/xen/index.html"
+XEN_VERSION="3.0.2"
+MY_P="xen-${XEN_VERSION}"
+SRC_URI="${KERNEL_URI} mirror://kernel/linux/kernel/v${KV_MAJOR}.${KV_MINOR}/patch-${PV}.bz2 http://www.cl.cam.ac.uk/Research/SRG/netos/xen/downloads/xen-${XEN_VERSION}-src.tgz"
+
+KEYWORDS="~x86 ~amd64"
+#RDEPEND="~app-emulation/xen-${XEN_VERSION}"
+S="${WORKDIR}"
+RESTRICT="nostrip"
+XEN_KV=${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}
+
+src_unpack() {
+	unpack ${A}
+	cd ${MY_P}
+	mv "${WORKDIR}"/patch-${PV} patches/linux-${XEN_KV}/linux-${PV}.patch \
+		|| die "failed to mv ${WORKDIR}/patch-${PV}"
+	sed -e 's:relative_lndir \([^(].*\):cp -dpPR \1/* .:' \
+		-i linux-2.6-xen-sparse/mkbuildtree || die
+
+	# No need to run oldconfig
+	sed -e 's:$(MAKE) -C $(LINUX_DIR) ARCH=$(LINUX_ARCH) oldconfig::' \
+		-i buildconfigs/mk.linux-2.6-xen
+
+	make LINUX_SRC_PATH=${DISTDIR} -f buildconfigs/mk.linux-2.6-xen \
+		linux-${XEN_KV}-xen/include/linux/autoconf.h || die
+	mv linux-${XEN_KV}-xen "${WORKDIR}"/linux-${KV} || die
+	rm -rf "${WORKDIR}"/linux-${XEN_KV} || die
+	rm -rf "${WORKDIR}/${MY_P}" || die
+
+	cd "${WORKDIR}"/linux-${KV}
+	epatch "${FILESDIR}/${P}"-CVE-2006-3468.patch
+}
author	Andrew Ross <aross@gentoo.org>	2006-09-10 11:36:22 +0000
committer	Andrew Ross <aross@gentoo.org>	2006-09-10 11:36:22 +0000
commit	57345006ddae31ccb71a1dc265b7b9cd97c1ac1f (patch)
tree	6bbb14cb759dc35c62a74f2bbc01868b060f037e /sys-kernel/xen-sources
parent	Updating non versioned tar.gz. Bug #130342 (diff)
download	historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.tar.gz historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.tar.bz2 historical-57345006ddae31ccb71a1dc265b7b9cd97c1ac1f.zip