From a295a3efa27987092b01d38c12b60084116251a9 Mon Sep 17 00:00:00 2001 From: Zero_Chaos Date: Tue, 1 Dec 2009 07:51:38 +0000 Subject: [PATCH] emergency security fixes for mac80211 --- net-wireless/compat-wireless/Manifest | 4 +- .../compat-wireless-2.6.32_rc7-r3.ebuild | 69 +++++++++++++++++++ 2 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 net-wireless/compat-wireless/compat-wireless-2.6.32_rc7-r3.ebuild diff --git a/net-wireless/compat-wireless/Manifest b/net-wireless/compat-wireless/Manifest index 12e83830d..5403931f6 100644 --- a/net-wireless/compat-wireless/Manifest +++ b/net-wireless/compat-wireless/Manifest @@ -5,6 +5,7 @@ AUX 4005_ath5k-frequency-expansion-2.6.30.patch 4838 RMD160 e175138fd025ef075017 AUX 4007_ath5k-pass-failed-crc.patch 568 RMD160 1f38abc77887fc23b5f09b1ddd7e4159ab190e91 SHA1 22ecfbd59b4e7f1038ac9415003e182cddae8df2 SHA256 12e8549aa3fd85d83fc7c80ab2dbd4ed5a22ae446af6979bfbdd4a3c2d4e9fe6 AUX 4012_openwrt-b43-disable_qos_when_openfw.patch 721 RMD160 cd67c2425cd5b29f637781652a49a951a9ffda21 SHA1 382947ee332836c43c4eeb32eb8358b88e18fd22 SHA256 f03374faa0d41a5dca7e20079d7a7bd59aebd309b56aa6c7f7108b596d3f0da2 AUX 4013-runtime-enable-disable-of-mac80211-packet-injection.patch 1490 RMD160 53c728303c77b2ffd93917bceaaad6a38ee80236 SHA1 3b6aa934cf4c09deb8e93fcb08b10bfb1f6bdbb9 SHA256 88f997a54768feeb40a9f985e412e90e9fda2491f32cf6b078eb2a0a9f81e785 +AUX 4099-2.6.32-rc7-mac80211-security-fixes.patch 5951 RMD160 fb07610df222a12f81e66b4e69f35737ccf8003c SHA1 089a6ab27f14db15ce3b9280bd173f2cba124406 SHA256 61d0c5e5681f0fb20cf65925b49eeebf34d3b026906e052c086f1f17147a9359 AUX blinky.patch 357 RMD160 6c93e916efc56412f316076e836c1c5d98e58047 SHA1 e23568801309cdf2a01fa5be8cd3b9a3fcff5edd SHA256 1c2f0e18ecbcf2c07ba732671e77408326d2566d260f0252002c5698f9e65e30 AUX compat-chaos.patch 6187 RMD160 2b8477fbf8b8bde456c5c32a8146330232ae355f SHA1 7bd56bcb3c50eb6f22be7ec24b886ae70bf747cd SHA256 5e8c11b46bc8acf10a2ce8b934fec32662b57c003c99e5e0ca4717a8c6b19474 AUX failed_ath5k-frequency-chaos-2.6.28.patch 5787 RMD160 978b39113ebdc4ec1543bd4379d4428431524cb6 SHA1 a1b9268aedeb0d9035fd13214fe465145f1c5334 SHA256 8e9e0888e890a2970274a7ba9d40d75e01ebaedb0e16700d8994b9ecfe921185 @@ -35,5 +36,6 @@ EBUILD compat-wireless-2.6.32_rc5.ebuild 1742 RMD160 dc0e574a6fa4d34fad5dc08a308 EBUILD compat-wireless-2.6.32_rc6.ebuild 1779 RMD160 c943d857694cddcb21c92ace853a5a06116b7a1e SHA1 8636e437ad0edd666a8b919e0da0443f998b7b64 SHA256 2c2668bf82abc183816662e80068d3e37a788c70b4fd0ff7eb450fcc239f240e EBUILD compat-wireless-2.6.32_rc7-r1.ebuild 1929 RMD160 42b7a5c62813aa6f1f0681b9246efd34f217717a SHA1 81882c26de50066c171d5d0b521d2669bb127504 SHA256 8baad26721e3033629e64afd144f5f430d4ad3d6db6bee810d4c68775ea275c3 EBUILD compat-wireless-2.6.32_rc7-r2.ebuild 2015 RMD160 c402f6c8b17d3d457a7c5db669315b9bcc94679a SHA1 7d4febe08a8e131aa47b40c7640d9d5b607f3acf SHA256 3b0584cd529a950654dc625184b0822f4d7d10088c8901956d2bad05f3cb2ffc +EBUILD compat-wireless-2.6.32_rc7-r3.ebuild 2083 RMD160 d51afccc1626bc2263508c9b866c5493f9300584 SHA1 8f4abec2fd3c39f3e7367b11ef4235d450ad959b SHA256 f9a0fea176c5b90eefe9807fe8958e8e0288ead3fc500f8829a64485579ff7dd EBUILD compat-wireless-2.6.32_rc7.ebuild 1804 RMD160 184e3e153488b5dbbefd92368035086a9e15825f SHA1 11626bb82f0b04485fefcef2efaae9ef9e62f017 SHA256 fb33ffed690e34491e2d7bf50a99d1aea334fac7e814ce2e3cf61644dab23130 -MISC metadata.xml 319 RMD160 97de13f77d18b1d8d976b8ae63a2bf9836d10fe0 SHA1 7a64fd4808ae3dcc285ec29fb1fffd3086b1c605 SHA256 c4e33bff5b919dae361e0187573226ef0db674dce414c454a4ab8c3fd4ce4b91 +MISC metadata.xml 228 RMD160 cd3fb26b5d8049ab5dba38f21d7654ec033aa0eb SHA1 3148dfbdced7a623a311d21c6f728ab9c7135dae SHA256 8715828d1bff71d5d96b991ba600bae9376c1c80c96f0f102260fc335ca22487 diff --git a/net-wireless/compat-wireless/compat-wireless-2.6.32_rc7-r3.ebuild b/net-wireless/compat-wireless/compat-wireless-2.6.32_rc7-r3.ebuild new file mode 100644 index 000000000..70fc6dc17 --- /dev/null +++ b/net-wireless/compat-wireless/compat-wireless-2.6.32_rc7-r3.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +EAPI="2" +inherit linux-mod linux-info + +##Stable +MY_P=${P/_rc/-rc} +DESCRIPTION="Stable kernel pre-release wifi subsystem backport" +HOMEPAGE="http://wireless.kernel.org/en/users/Download/stable" +SRC_URI="http://www.orbit-lab.org/kernel/${PN}-2.6-stable/v2.6.32/${MY_P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="injection" + +DEPEND="" +RDEPEND="=sys-kernel/linux-firmware-99999999" + +S=${WORKDIR}/${MY_P} +RESTRICT="strip" + +CONFIG_CHECK="!DYNAMIC_FTRACE" + +pkg_setup() { + linux-mod_pkg_setup + kernel_is -lt 2 6 27 && die "kernel 2.6.27 or higher is required" + linux_chkconfig_module MAC80211 || die "CONFIG_MAC80211 must be built as a _module_ !" + linux_chkconfig_module CFG80211 || die "CONFIG_CFG80211 must be built as a _module_ !" +} + +src_prepare() { + #whynot patch is against the makefile to fix general brokeness + epatch "${FILESDIR}"/whynot-2.6.32.patch + epatch "${FILESDIR}"/4099-2.6.32-rc7-mac80211-security-fixes.patch + + if use injection; then + epatch "${FILESDIR}"/400[24]_*.patch + epatch "${FILESDIR}"/mac80211.compat08082009.wl_frag+ack_v1.patch + epatch "${FILESDIR}"/4013-runtime-enable-disable-of-mac80211-packet-injection.patch + epatch "${FILESDIR}"/compat-chaos.patch; + fi +} + +src_compile() { + addpredict "${KERNEL_DIR}" + set_arch_to_kernel + emake KVER="${KV_FULL}" || die "emake failed" +} + +src_install() { + for file in $(find -name \*.ko); do + insinto "/lib/modules/${KV_FULL}/updates/$(dirname ${file})" + doins "${file}" || die "failed to install module ${file}" + done + dosbin scripts/athenable scripts/b43load scripts/iwl-enable \ + scripts/madwifi-unload scripts/athload scripts/iwl-load \ + scripts/modlib.sh scripts/b43enable scripts/load.sh \ + scripts/unload.sh || die "script installation failed" + dodoc README || die +} + +pkg_postinst() { + update_depmod + einfo 'You may have problem if you do not run "depmod -ae" after this installation' + einfo 'To switch to the new drivers without reboot run unload.sh then load.sh' +}