Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 vulnerabilities.

11 files changed, 244 insertions, 277 deletions

diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog
index f4fdc461043a..f8c528456c47 100644
--- a/sys-kernel/hardened-sources/ChangeLog
+++ b/sys-kernel/hardened-sources/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for sys-kernel/hardened-sources
 # Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.24 2004/04/15 22:28:46 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.25 2004/04/17 11:31:19 plasmaroo Exp $
+
+*hardened-sources-2.4.24-r3 (17 Apr 2004)
+
+  17 Apr 2004; <plasmaroo@gentoo.org>
+  +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
+  +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
+  +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
+  +hardened-sources-2.4.24-r3.ebuild:
+  Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
+  vulnerabilities. Old revisions removed.
 
 *hardened-sources-2.4.24-r2 (15 Apr 2004)
 
diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest
index 3c8c653af73b..0ec88364f3ea 100644
--- a/sys-kernel/hardened-sources/Manifest
+++ b/sys-kernel/hardened-sources/Manifest
@@ -1,11 +1,10 @@
-MD5 d944627ab07d615e6614c74c99ec6644 ChangeLog 6441
-MD5 08953fbcd59fdaa90cb9c3baac298723 hardened-sources-2.4.24-r2.ebuild 1820
-MD5 5ce014b028eb12d68b20928094636bb5 hardened-sources-2.4.22-r2.ebuild 2435
+MD5 af1e6ed6496ae6bf4a8ffe23186414fc ChangeLog 6836
+MD5 163bb9a1728f7de17128f9434e929441 hardened-sources-2.4.24-r3.ebuild 2102
 MD5 0a473e60c059cb41c96a6bbcbff84769 metadata.xml 459
-MD5 737445e3f88d572bf45412ef8b8875cd files/digest-hardened-sources-2.4.24-r2 321
-MD5 174438d215b70cad5ffb00ca8123c062 files/hardened-sources-2.4.24.munmap.patch 837
-MD5 21f3a4f186017d925067335e24db36a1 files/hardened-sources-2.4.24.CAN-2004-0109.patch 1877
-MD5 0d5619823272f50a9bac7d4a50ca7757 files/digest-hardened-sources-2.4.22-r2 144
-MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242
+MD5 ac42024b6e6ee1e2165914db4b22a61c files/hardened-sources-2.4.24.CAN-2004-0178.patch 424
+MD5 eaeda68a619caaddd5b8fdc5e7c39932 files/hardened-sources-2.4.24.CAN-2004-0177.patch 384
+MD5 147fec50180ad91b6260fc7201dcb90f files/hardened-sources-2.4.24.CAN-2004-0010.patch 6050
 MD5 e77a93fdf26f06cf3ea5080b27211725 files/mremap-CAN-2003-0985.patch 414
-MD5 e2e2b545b6fcdcecf49e33798efa5b84 files/rtc_fix.patch 7073
+MD5 7683a67dcea902d0c054765c331a8692 files/digest-hardened-sources-2.4.24-r3 237
+MD5 21f3a4f186017d925067335e24db36a1 files/hardened-sources-2.4.24.CAN-2004-0109.patch 1877
+MD5 174438d215b70cad5ffb00ca8123c062 files/hardened-sources-2.4.24.munmap.patch 837
diff --git a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r2 b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r2
deleted file mode 100644
index ccfd14cb665f..000000000000
--- a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.22-r2
+++ /dev/null
@@ -1,2 +0,0 @@
-MD5 75dc85149b06ac9432106b8941eb9f7b linux-2.4.22.tar.bz2 29528612
-MD5 cb58e57bf9c2115eb71745761209df97 patches-2.4.22-hardened.tar.bz2 2592916
diff --git a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.24-r2 b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.24-r3
index a73070900096..3a14ae70d15a 100644
--- a/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.24-r2
+++ b/sys-kernel/hardened-sources/files/digest-hardened-sources-2.4.24-r3
@@ -1,4 +1,3 @@
 MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818
 MD5 ecf37e9bd868f2fa3fc581569ab724e0 hardened-sources-2.4.24-base.patch.bz2 1670068
 MD5 d8a2e8fff78e272378e5c8d13b344550 hardened-sources-2.4.24-selinux.patch.bz2 219034
-MD5 9f581b1bedf236bec48b43127ee79b33 hardened-sources-2.4.24-grsec.patch.bz2 100207
diff --git a/sys-kernel/hardened-sources/files/do_brk_fix.patch b/sys-kernel/hardened-sources/files/do_brk_fix.patch
deleted file mode 100644
index fef1f1e981e2..000000000000
--- a/sys-kernel/hardened-sources/files/do_brk_fix.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/mm/mmap.c Fri Sep 12 06:44:06 2003
-+++ b/mm/mmap.c Thu Oct  2 01:18:19 2003
-@@ -1041,6 +1041,9 @@
-	if (!len)
-		return addr;
- 
-+ 	if ((addr + len) > TASK_SIZE || (addr + len) < addr)
-+ 		return -EINVAL;
-+ 
-	/*
-	 * mlock MCL_FUTURE?
-	 */
diff --git a/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0010.patch b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0010.patch
new file mode 100644
index 000000000000..6b4b1cefa49e
--- /dev/null
+++ b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0010.patch
@@ -0,0 +1,200 @@
+diff -urN linux-2.4.25-pre6/fs/ncpfs/dir.c linux-2.4.25-pre7/fs/ncpfs/dir.c
+--- linux-2.4.25-pre6/fs/ncpfs/dir.c	2002-11-28 15:53:15.000000000 -0800
++++ linux-2.4.25-pre7/fs/ncpfs/dir.c	2004-01-23 10:53:26.000000000 -0800
+@@ -266,8 +266,8 @@
+ 	struct ncp_server *server;
+ 	struct inode *dir = dentry->d_parent->d_inode;
+ 	struct ncp_entry_info finfo;
+-	int res, val = 0, len = dentry->d_name.len + 1;
+-	__u8 __name[len];
++	int res, val = 0, len;
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+ 	if (!dentry->d_inode || !dir)
+ 		goto finished;
+@@ -291,14 +291,15 @@
+ 		dentry->d_parent->d_name.name, dentry->d_name.name,
+ 		NCP_GET_AGE(dentry));
+ 
++	len = sizeof(__name);
+ 	if (ncp_is_server_root(dir)) {
+ 		res = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, 1);
++						dentry->d_name.len, 1);
+ 		if (!res)
+ 			res = ncp_lookup_volume(server, __name, &(finfo.i));
+ 	} else {
+ 		res = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, !ncp_preserve_case(dir));
++						dentry->d_name.len, !ncp_preserve_case(dir));
+ 		if (!res)
+ 			res = ncp_obtain_info(server, dir, __name, &(finfo.i));
+ 	}
+@@ -548,9 +549,9 @@
+ 	int valid = 0;
+ 	int hashed = 0;
+ 	ino_t ino = 0;
+-	__u8 __name[256];
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+-	qname.len = 256;
++	qname.len = sizeof(__name);
+ 	if (ncp_vol2io(NCP_SERVER(inode), __name, &qname.len,
+ 			entry->i.entryName, entry->i.nameLen,
+ 			!ncp_preserve_entry_case(inode, entry->i.NSCreator)))
+@@ -705,16 +706,19 @@
+ {
+ 	struct ncp_server* server = NCP_SBP(sb);
+ 	struct nw_info_struct i;
+-	int result, len = strlen(server->m.mounted_vol) + 1;
+-	__u8 __name[len];
++	int result;
+ 
+ 	if (ncp_single_volume(server)) {
++		int len;
+ 		struct dentry* dent;
++		__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+-		result = -ENOENT;
+-		if (ncp_io2vol(server, __name, &len, server->m.mounted_vol,
+-								len-1, 1))
++		len = sizeof(__name);
++		result = ncp_io2vol(server, __name, &len, server->m.mounted_vol,
++				    strlen(server->m.mounted_vol), 1);
++		if (result)
+ 			goto out;
++		result = -ENOENT;
+ 		if (ncp_lookup_volume(server, __name, &i)) {
+ 			PPRINTK("ncp_conn_logged_in: %s not found\n",
+ 				server->m.mounted_vol);
+@@ -745,8 +749,8 @@
+ 	struct ncp_server *server = NCP_SERVER(dir);
+ 	struct inode *inode = NULL;
+ 	struct ncp_entry_info finfo;
+-	int error, res, len = dentry->d_name.len + 1;
+-	__u8 __name[len];
++	int error, res, len;
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+ 	error = -EIO;
+ 	if (!ncp_conn_valid(server))
+@@ -755,14 +759,15 @@
+ 	PPRINTK("ncp_lookup: server lookup for %s/%s\n",
+ 		dentry->d_parent->d_name.name, dentry->d_name.name);
+ 
++	len = sizeof(__name);
+ 	if (ncp_is_server_root(dir)) {
+ 		res = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, 1);
++				 dentry->d_name.len, 1);
+ 		if (!res)
+ 			res = ncp_lookup_volume(server, __name, &(finfo.i));
+ 	} else {
+ 		res = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, !ncp_preserve_case(dir));
++				 dentry->d_name.len, !ncp_preserve_case(dir));
+ 		if (!res)
+ 			res = ncp_obtain_info(server, dir, __name, &(finfo.i));
+ 	}
+@@ -825,9 +830,9 @@
+ {
+ 	struct ncp_server *server = NCP_SERVER(dir);
+ 	struct ncp_entry_info finfo;
+-	int error, result, len = dentry->d_name.len + 1;
++	int error, result, len;
+ 	int opmode;
+-	__u8 __name[len];
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 	
+ 	PPRINTK("ncp_create_new: creating %s/%s, mode=%x\n",
+ 		dentry->d_parent->d_name.name, dentry->d_name.name, mode);
+@@ -836,8 +841,9 @@
+ 		goto out;
+ 
+ 	ncp_age_dentry(server, dentry);
++	len = sizeof(__name);
+ 	error = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, !ncp_preserve_case(dir));
++			   dentry->d_name.len, !ncp_preserve_case(dir));
+ 	if (error)
+ 		goto out;
+ 
+@@ -880,8 +886,8 @@
+ {
+ 	struct ncp_entry_info finfo;
+ 	struct ncp_server *server = NCP_SERVER(dir);
+-	int error, len = dentry->d_name.len + 1;
+-	__u8 __name[len];
++	int error, len;
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+ 	DPRINTK("ncp_mkdir: making %s/%s\n",
+ 		dentry->d_parent->d_name.name, dentry->d_name.name);
+@@ -890,8 +896,9 @@
+ 		goto out;
+ 
+ 	ncp_age_dentry(server, dentry);
++	len = sizeof(__name);
+ 	error = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, !ncp_preserve_case(dir));
++			   dentry->d_name.len, !ncp_preserve_case(dir));
+ 	if (error)
+ 		goto out;
+ 
+@@ -909,8 +916,8 @@
+ static int ncp_rmdir(struct inode *dir, struct dentry *dentry)
+ {
+ 	struct ncp_server *server = NCP_SERVER(dir);
+-	int error, result, len = dentry->d_name.len + 1;
+-	__u8 __name[len];
++	int error, result, len;
++	__u8 __name[NCP_MAXPATHLEN + 1];
+ 
+ 	DPRINTK("ncp_rmdir: removing %s/%s\n",
+ 		dentry->d_parent->d_name.name, dentry->d_name.name);
+@@ -923,8 +930,9 @@
+ 	if (!d_unhashed(dentry))
+ 		goto out;
+ 
++	len = sizeof(__name);
+ 	error = ncp_io2vol(server, __name, &len, dentry->d_name.name,
+-						len-1, !ncp_preserve_case(dir));
++			   dentry->d_name.len, !ncp_preserve_case(dir));
+ 	if (error)
+ 		goto out;
+ 
+@@ -1022,9 +1030,8 @@
+ {
+ 	struct ncp_server *server = NCP_SERVER(old_dir);
+ 	int error;
+-	int old_len = old_dentry->d_name.len + 1;
+-	int new_len = new_dentry->d_name.len + 1;
+-	__u8 __old_name[old_len], __new_name[new_len];
++	int old_len, new_len;
++	__u8 __old_name[NCP_MAXPATHLEN + 1], __new_name[NCP_MAXPATHLEN + 1];
+ 
+ 	DPRINTK("ncp_rename: %s/%s to %s/%s\n",
+ 		old_dentry->d_parent->d_name.name, old_dentry->d_name.name,
+@@ -1037,15 +1044,17 @@
+ 	ncp_age_dentry(server, old_dentry);
+ 	ncp_age_dentry(server, new_dentry);
+ 
++	old_len = sizeof(__old_name);
+ 	error = ncp_io2vol(server, __old_name, &old_len,
+-					old_dentry->d_name.name, old_len-1,
+-					!ncp_preserve_case(old_dir));
++			   old_dentry->d_name.name, old_dentry->d_name.len,
++			   !ncp_preserve_case(old_dir));
+ 	if (error)
+ 		goto out;
+ 
++	new_len = sizeof(__new_name);
+ 	error = ncp_io2vol(server, __new_name, &new_len,
+-					new_dentry->d_name.name, new_len-1,
+-					!ncp_preserve_case(new_dir));
++			   new_dentry->d_name.name, new_dentry->d_name.len,
++			   !ncp_preserve_case(new_dir));
+ 	if (error)
+ 		goto out;
+ 
+
diff --git a/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0177.patch b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0177.patch
new file mode 100644
index 000000000000..da6b7e190685
--- /dev/null
+++ b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0177.patch
@@ -0,0 +1,10 @@
+--- linux-2.4.26-pre3/fs/jbd/journal.c	2004-02-18 05:36:31.000000000 -0800
++++ linux-2.4.26-pre4/fs/jbd/journal.c	2004-03-16 09:59:36.000000000 -0800
+@@ -671,6 +671,7 @@
+ 
+ 	bh = getblk(journal->j_dev, blocknr, journal->j_blocksize);
+ 	lock_buffer(bh);
++	memset(bh->b_data, 0, journal->j_blocksize);
+ 	BUFFER_TRACE(bh, "return this buffer");
+ 	return journal_add_journal_head(bh);
+ }
diff --git a/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0178.patch b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0178.patch
new file mode 100644
index 000000000000..19e57268c2fa
--- /dev/null
+++ b/sys-kernel/hardened-sources/files/hardened-sources-2.4.24.CAN-2004-0178.patch
@@ -0,0 +1,11 @@
+--- linux-2.4.26-pre2/drivers/sound/sb_audio.c	2002-02-25 11:38:06.000000000 -0800
++++ linux-2.4.26-pre3/drivers/sound/sb_audio.c	2004-03-13 07:43:23.000000000 -0800
+@@ -879,7 +879,7 @@
+ 			c -= locallen; p += locallen;
+ 		}
+ 		/* used = ( samples * 16 bits size ) */
+-		*used = len << 1;
++		*used =  max_in  > ( max_out << 1) ? (max_out << 1) : max_in;
+ 		/* returned = ( samples * 8 bits size ) */
+ 		*returned = len;
+ 	}
diff --git a/sys-kernel/hardened-sources/files/rtc_fix.patch b/sys-kernel/hardened-sources/files/rtc_fix.patch
deleted file mode 100644
index 76a663c6e89d..000000000000
--- a/sys-kernel/hardened-sources/files/rtc_fix.patch
+++ /dev/null
@@ -1,180 +0,0 @@
-diff -urN linux-2.4.23/arch/cris/drivers/ds1302.c linux-2.4.24/arch/cris/drivers/ds1302.c
---- linux-2.4.23/arch/cris/drivers/ds1302.c	2003-08-25 04:44:39.000000000 -0700
-+++ linux-2.4.24/arch/cris/drivers/ds1302.c	2004-01-05 05:53:56.000000000 -0800
-@@ -346,6 +346,7 @@
- 		{
- 			struct rtc_time rtc_tm;
- 						
-+			memset(&rtc_tm, 0, sizeof (struct rtc_time));
- 			get_rtc_time(&rtc_tm);						
- 			if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time)))
- 				return -EFAULT;	
-diff -urN linux-2.4.23/arch/cris/drivers/pcf8563.c linux-2.4.24/arch/cris/drivers/pcf8563.c
---- linux-2.4.23/arch/cris/drivers/pcf8563.c	2003-08-25 04:44:39.000000000 -0700
-+++ linux-2.4.24/arch/cris/drivers/pcf8563.c	2004-01-05 05:53:56.000000000 -0800
-@@ -220,6 +220,7 @@
- 		{
- 			struct rtc_time tm;
- 
-+			memset(&tm, 0, sizeof (struct rtc_time));
- 			get_rtc_time(&tm);
- 
- 			if (copy_to_user((struct rtc_time *) arg, &tm, sizeof tm)) {
-diff -urN linux-2.4.23/arch/m68k/bvme6000/rtc.c linux-2.4.24/arch/m68k/bvme6000/rtc.c
---- linux-2.4.23/arch/m68k/bvme6000/rtc.c	2003-06-13 07:51:31.000000000 -0700
-+++ linux-2.4.24/arch/m68k/bvme6000/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -54,6 +54,7 @@
- 		/* Ensure clock and real-time-mode-register are accessible */
- 		msr = rtc->msr & 0xc0;
- 		rtc->msr = 0x40;
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		do {
- 			wtime.tm_sec =  BCD2BIN(rtc->bcd_sec);
- 			wtime.tm_min =  BCD2BIN(rtc->bcd_min);
-diff -urN linux-2.4.23/arch/m68k/mvme16x/rtc.c linux-2.4.24/arch/m68k/mvme16x/rtc.c
---- linux-2.4.23/arch/m68k/mvme16x/rtc.c	2003-06-13 07:51:31.000000000 -0700
-+++ linux-2.4.24/arch/m68k/mvme16x/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -52,6 +52,7 @@
- 		cli();
- 		/* Ensure clock and real-time-mode-register are accessible */
- 		rtc->ctrl = RTC_READ;
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		wtime.tm_sec =  BCD2BIN(rtc->bcd_sec);
- 		wtime.tm_min =  BCD2BIN(rtc->bcd_min);
- 		wtime.tm_hour = BCD2BIN(rtc->bcd_hr);
-diff -urN linux-2.4.23/arch/ppc64/kernel/rtc.c linux-2.4.24/arch/ppc64/kernel/rtc.c
---- linux-2.4.23/arch/ppc64/kernel/rtc.c	2003-06-13 07:51:32.000000000 -0700
-+++ linux-2.4.24/arch/ppc64/kernel/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -96,6 +96,7 @@
- 	switch (cmd) {
- 	case RTC_RD_TIME:	/* Read the time/date from RTC	*/
- 	{
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		ppc_md.get_rtc_time(&wtime);
- 		break;
- 	}
-diff -urN linux-2.4.23/drivers/acorn/char/i2c.c linux-2.4.24/drivers/acorn/char/i2c.c
---- linux-2.4.23/drivers/acorn/char/i2c.c	2003-08-25 04:44:40.000000000 -0700
-+++ linux-2.4.24/drivers/acorn/char/i2c.c	2004-01-05 05:53:56.000000000 -0800
-@@ -166,6 +166,7 @@
- 		break;
- 
- 	case RTC_RD_TIME:
-+		memset(&rtctm, 0, sizeof(struct rtc_time));
- 		get_rtc_time(&rtc_raw, &year);
- 		rtctm.tm_sec  = rtc_raw.secs;
- 		rtctm.tm_min  = rtc_raw.mins;
-diff -urN linux-2.4.23/drivers/char/ds1286.c linux-2.4.24/drivers/char/ds1286.c
---- linux-2.4.23/drivers/char/ds1286.c	2003-08-25 04:44:41.000000000 -0700
-+++ linux-2.4.24/drivers/char/ds1286.c	2004-01-05 05:53:56.000000000 -0800
-@@ -173,7 +173,7 @@
- 		 * means "don't care" or "match all". Only the tm_hour,
- 		 * tm_min, and tm_sec values are filled in.
- 		 */
--
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		ds1286_get_alm_time(&wtime);
- 		break;
- 	}
-@@ -216,6 +216,7 @@
- 	}
- 	case RTC_RD_TIME:	/* Read the time/date from RTC	*/
- 	{
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		ds1286_get_time(&wtime);
- 		break;
- 	}
-diff -urN linux-2.4.23/drivers/char/efirtc.c linux-2.4.24/drivers/char/efirtc.c
---- linux-2.4.23/drivers/char/efirtc.c	2003-06-13 07:51:32.000000000 -0700
-+++ linux-2.4.24/drivers/char/efirtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -118,6 +118,7 @@
- static void
- convert_from_efi_time(efi_time_t *eft, struct rtc_time *wtime)
- {
-+	memset(wtime, 0, sizeof(struct rtc_time));
- 	wtime->tm_sec  = eft->second;
- 	wtime->tm_min  = eft->minute;
- 	wtime->tm_hour = eft->hour;
-diff -urN linux-2.4.23/drivers/char/ip27-rtc.c linux-2.4.24/drivers/char/ip27-rtc.c
---- linux-2.4.23/drivers/char/ip27-rtc.c	2003-08-25 04:44:41.000000000 -0700
-+++ linux-2.4.24/drivers/char/ip27-rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -83,6 +83,7 @@
- 	switch (cmd) {
- 	case RTC_RD_TIME:	/* Read the time/date from RTC	*/
- 	{
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		get_rtc_time(&wtime);
- 		break;
- 	}
-diff -urN linux-2.4.23/drivers/char/mips_rtc.c linux-2.4.24/drivers/char/mips_rtc.c
---- linux-2.4.23/drivers/char/mips_rtc.c	2003-08-25 04:44:41.000000000 -0700
-+++ linux-2.4.24/drivers/char/mips_rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -82,6 +82,7 @@
- 
- 	switch (cmd) {
- 	case RTC_RD_TIME:	/* Read the time/date from RTC  */
-+		memset(&rtc_tm, 0, sizeof(struct rtc_time));
- 		curr_time = rtc_get_time();
- 		to_tm(curr_time, &rtc_tm);
- 		rtc_tm.tm_year -= 1900;
-diff -urN linux-2.4.23/drivers/char/rtc.c linux-2.4.24/drivers/char/rtc.c
---- linux-2.4.23/drivers/char/rtc.c	2003-11-28 10:26:20.000000000 -0800
-+++ linux-2.4.24/drivers/char/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -362,7 +362,7 @@
- 		 * means "don't care" or "match all". Only the tm_hour,
- 		 * tm_min, and tm_sec values are filled in.
- 		 */
--
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		get_rtc_alm_time(&wtime);
- 		break; 
- 	}
-@@ -406,6 +406,7 @@
- 	}
- 	case RTC_RD_TIME:	/* Read the time/date from RTC	*/
- 	{
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		get_rtc_time(&wtime);
- 		break;
- 	}
-diff -urN linux-2.4.23/drivers/hil/hp_sdc_rtc.c linux-2.4.24/drivers/hil/hp_sdc_rtc.c
---- linux-2.4.23/drivers/hil/hp_sdc_rtc.c	2003-06-13 07:51:33.000000000 -0700
-+++ linux-2.4.24/drivers/hil/hp_sdc_rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -561,6 +561,7 @@
-         }
-         case RTC_ALM_READ:      /* Read the present alarm time */
-         {
-+		memset(&ttime, 0, sizeof(struct timeval));
- 		if (hp_sdc_rtc_read_mt(&ttime)) return -EFAULT;
-                 break;
-         }
-@@ -609,6 +610,7 @@
-         }
-         case RTC_RD_TIME:       /* Read the time/date from RTC  */
-         {
-+		memset(&wtime, 0, sizeof(struct rtc_time));
- 		if (hp_sdc_rtc_read_bbrtc(&wtime)) return -EFAULT;
-                 break;
-         }
-diff -urN linux-2.4.23/drivers/macintosh/rtc.c linux-2.4.24/drivers/macintosh/rtc.c
---- linux-2.4.23/drivers/macintosh/rtc.c	2002-02-25 11:37:58.000000000 -0800
-+++ linux-2.4.24/drivers/macintosh/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -64,6 +64,7 @@
- 	case RTC_RD_TIME:
- 		if (ppc_md.get_rtc_time)
- 		{
-+			memset(&rtc_tm, 0, sizeof(struct rtc_time));
- 			get_rtc_time(&rtc_tm);
- 
- 			if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time)))
-diff -urN linux-2.4.23/drivers/sbus/char/rtc.c linux-2.4.24/drivers/sbus/char/rtc.c
---- linux-2.4.23/drivers/sbus/char/rtc.c	2001-10-10 23:42:47.000000000 -0700
-+++ linux-2.4.24/drivers/sbus/char/rtc.c	2004-01-05 05:53:56.000000000 -0800
-@@ -89,6 +89,7 @@
- 	switch (cmd)
- 	{
- 	case RTCGET:
-+		memset(&rtc_tm, 0, sizeof(struct rtc_time));
- 		get_rtc_time(&rtc_tm);
- 
- 		if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time)))
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild
deleted file mode 100644
index 102bb9f96a9c..000000000000
--- a/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild
+++ /dev/null
@@ -1,71 +0,0 @@
-# Copyright 1999-2004 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.22-r2.ebuild,v 1.5 2004/04/12 16:36:22 aliz Exp $
-
-IUSE="build selinux"
-
-# OKV=original kernel version, KV=patched kernel version.  They can be the same.
-
-ETYPE="sources"
-
-inherit kernel eutils
-
-OKV=2.4.22
-EXTRAVERSION=-hardened
-KV=${OKV}${EXTRAVERSION}
-S=${WORKDIR}/linux-${KV}
-DESCRIPTION="Special Security Hardened Gentoo Linux Kernel"
-SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2
-	mirror://gentoo/patches-${KV}.tar.bz2"
-
-
-HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/proj/en/hardened/"
-KEYWORDS="~x86 ~ppc"
-SLOT="${KV}"
-
-src_unpack() {
-	unpack linux-${OKV}.tar.bz2 patches-${KV}.tar.bz2
-	mv linux-${OKV} linux-${KV} || die
-
-	cd ${KV}
-	# We can't use LSM/SELinux and GRSec in the same kernel.  If USE=selinux, we will
-	# patch in LSM/SELinux and drop support for GRsec.  Otherwise we will include GRSec.
-	if [ "`use selinux`" ]; then
-		einfo "Enabling SELinux support.  This will drop GRSec2 support."
-		for file in *grsec*; do
-			einfo "Dropping ${file}.."
-			rm -f ${file}
-		done
-	else
-		einfo "Did not find \"selinux\" in use, building with GRSec2 support."
-		for file in *lsm* *selinux*; do
-			einfo "Dropping ${file}..."
-			rm -f ${file}
-		done
-	fi
-
-	kernel_src_unpack
-
-	cd ${S}
-	epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln"
-	epatch ${FILESDIR}/mremap-CAN-2003-0985.patch || die "failed to patch for mremap vuln"
-	epatch ${FILESDIR}/rtc_fix.patch || die "failed to patch for rtc vuln"
-}
-
-pkg_postinst() {
-	einfo "This kernel contains LSM/SElinux or GRSecurity, and Systrace"
-	einfo "Also included are various other performance and security related patches"
-	einfo "If you experience problems with this kernel please report them by"
-	einfo "assigning bugs on bugs.gentoo.org to frogger@gentoo.org"
-	if [ "`use selinux`" ]; then
-		einfo ""
-		einfo "Warning!  This kernel contains the new SELinux API and currently"
-		einfo "does not support ReiserFS.  If you need ReiserFS support, and are"
-		einfo "using SELinux, then do not use this kernel."
-		einfo ""
-		einfo "The new SELinux API contains many changes from the previous API,"
-		einfo "including new userspace utilities.  Please see "
-		einfo "http://www.gentoo.org/proj/en/hardened/selinux for more info."
-	fi
-}
-
diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.24-r2.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.24-r3.ebuild
index ed7e4add85f3..1e6704a361a6 100644
--- a/sys-kernel/hardened-sources/hardened-sources-2.4.24-r2.ebuild
+++ b/sys-kernel/hardened-sources/hardened-sources-2.4.24-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.24-r2.ebuild,v 1.2 2004/04/16 18:49:04 method Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.24-r3.ebuild,v 1.1 2004/04/17 11:31:19 plasmaroo Exp $
 
 IUSE="selinux"
 ETYPE="sources"
@@ -38,7 +38,10 @@ src_unpack() {
 	fi
 
 	epatch ${FILESDIR}/${P}.munmap.patch || die "Failed to apply munmap patch!"
+	epatch ${FILESDIR}/${P}.CAN-2004-0010.patch || die "Failed to add the CAN-2004-0010 patch!"
 	epatch ${FILESDIR}/${P}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!"
+	epatch ${FILESDIR}/${P}.CAN-2004-0177.patch || die "Failed to add the CAN-2004-0177 patch!"
+	epatch ${FILESDIR}/${P}.CAN-2004-0178.patch || die "Failed to add the CAN-2004-0178 patch!"
 	kernel_src_unpack
 }