Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 2.6.32/, 3.2.4/
Date: Sun, 05 Feb 2012 16:40:54
Message-Id: 37cbbcacda2762cc7a054330ae8df40dd5ec9e62.blueness@gentoo
1 commit: 37cbbcacda2762cc7a054330ae8df40dd5ec9e62
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Sun Feb 5 16:40:33 2012 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Sun Feb 5 16:40:33 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=37cbbcac
7
8 Renumbered patches
9
10 ---
11 2.6.32/0000_README | 27 +++++++++++--------
12 ... => 4430_grsec-remove-localversion-grsec.patch} | 0
13 ...rnings.patch => 4435_grsec-mute-warnings.patch} | 0
14 ...tch => 4440_grsec-remove-protected-paths.patch} | 0
15 ...ec.patch => 4445_grsec-pax-without-grsec.patch} | 0
16 ...patch => 4450_grsec-kconfig-default-gids.patch} | 0
17 ...entoo.patch => 4455_grsec-kconfig-gentoo.patch} | 0
18 ...er.patch => 4460-grsec-kconfig-proc-user.patch} | 0
19 ...ch => 4465_selinux-avc_audit-log-curr_ip.patch} | 0
20 ...t_vdso.patch => 4470_disable-compat_vdso.patch} | 0
21 ...heck_ssp_fix.patch => 4475_check_ssp_fix.patch} | 0
22 3.2.4/0000_README | 21 +++++++++------
23 ... => 4430_grsec-remove-localversion-grsec.patch} | 0
24 ...rnings.patch => 4435_grsec-mute-warnings.patch} | 0
25 ...tch => 4440_grsec-remove-protected-paths.patch} | 0
26 ...ec.patch => 4445_grsec-pax-without-grsec.patch} | 0
27 ...patch => 4450_grsec-kconfig-default-gids.patch} | 0
28 ...entoo.patch => 4455_grsec-kconfig-gentoo.patch} | 0
29 ...er.patch => 4460-grsec-kconfig-proc-user.patch} | 0
30 ...ch => 4465_selinux-avc_audit-log-curr_ip.patch} | 0
31 ...t_vdso.patch => 4470_disable-compat_vdso.patch} | 0
32 21 files changed, 29 insertions(+), 19 deletions(-)
33
34 diff --git a/2.6.32/0000_README b/2.6.32/0000_README
35 index f0c7190..ecd453e 100644
36 --- a/2.6.32/0000_README
37 +++ b/2.6.32/0000_README
38 @@ -22,46 +22,51 @@ Patch: 4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch
39 From: http://www.grsecurity.net
40 Desc: hardened-sources base patch from upstream grsecurity
41
42 -Patch: 4421_grsec-remove-localversion-grsec.patch
43 +Patch: 4430_grsec-remove-localversion-grsec.patch
44 From: Kerin Millar <kerframil@×××××.com>
45 Desc: Removes grsecurity's localversion-grsec file
46
47 -Patch: 4422_grsec-mute-warnings.patch
48 +Patch: 4435_grsec-mute-warnings.patch
49 From: Alexander Gabert <gaberta@××××××××.de>
50 Gordon Malm <gengor@g.o>
51 Desc: Removes verbose compile warning settings from grsecurity, restores
52 mainline Linux kernel behavior
53
54 -Patch: 4423_grsec-remove-protected-paths.patch
55 +Patch: 4440_grsec-remove-protected-paths.patch
56 From: Anthony G. Basile <blueness@g.o>
57 Desc: Removes chmod statements from grsecurity/Makefile
58
59 -Patch: 4425_grsec-pax-without-grsec.patch
60 +Patch: 4445_grsec-pax-without-grsec.patch
61 From: Gordon Malm <gengor@g.o>
62 Desc: Allows PaX features to be selected without enabling GRKERNSEC
63
64 -Patch: 4430_grsec-kconfig-default-gids.patch
65 +Patch: 4450_grsec-kconfig-default-gids.patch
66 From: Kerin Millar <kerframil@×××××.com>
67 Desc: Sets sane(r) default GIDs on various grsecurity group-dependent
68 features
69
70 -Patch: 4435_grsec-kconfig-gentoo.patch
71 +Patch: 4455_grsec-kconfig-gentoo.patch
72 From: Gordon Malm <gengor@g.o>
73 Kerin Millar <kerframil@×××××.com>
74 Anthony G. Basile <blueness@g.o>
75 -Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels,
76 - sets Hardened Gentoo [workstation] as default
77 +Desc: Adds Hardened Gentoo [server/workstation/virtualization] security
78 + levels, sets Hardened Gentoo [workstation] as default
79
80 -Patch: 4440_selinux-avc_audit-log-curr_ip.patch
81 +Patch: 4460-grsec-kconfig-proc-user.patch
82 +From: Anthony G. Basile <blueness@g.o>
83 +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually
84 + exclusive to avoid bug #366019.
85 +
86 +Patch: 4465_selinux-avc_audit-log-curr_ip.patch
87 From: Gordon Malm <gengor@g.o>
88 Anthony G. Basile <blueness@g.o>
89 Desc: Configurable option to add src IP address to SELinux log messages
90
91 -Patch: 4445_disable-compat_vdso.patch
92 +Patch: 4470_disable-compat_vdso.patch
93 From: Gordon Malm <gengor@g.o>
94 Kerin Millar <kerframil@×××××.com>
95 Desc: Disables VDSO_COMPAT operation completely
96
97 -Patch: 4450_check_ssp_fix.patch
98 +Patch: 4475_check_ssp_fix.patch
99 From: Magnus Granberg <zorry@g.o>
100 Desc: Fixes kernel check script for ssp
101
102 diff --git a/2.6.32/4421_grsec-remove-localversion-grsec.patch b/2.6.32/4430_grsec-remove-localversion-grsec.patch
103 similarity index 100%
104 rename from 2.6.32/4421_grsec-remove-localversion-grsec.patch
105 rename to 2.6.32/4430_grsec-remove-localversion-grsec.patch
106
107 diff --git a/2.6.32/4422_grsec-mute-warnings.patch b/2.6.32/4435_grsec-mute-warnings.patch
108 similarity index 100%
109 rename from 2.6.32/4422_grsec-mute-warnings.patch
110 rename to 2.6.32/4435_grsec-mute-warnings.patch
111
112 diff --git a/2.6.32/4423_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch
113 similarity index 100%
114 rename from 2.6.32/4423_grsec-remove-protected-paths.patch
115 rename to 2.6.32/4440_grsec-remove-protected-paths.patch
116
117 diff --git a/2.6.32/4425_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch
118 similarity index 100%
119 rename from 2.6.32/4425_grsec-pax-without-grsec.patch
120 rename to 2.6.32/4445_grsec-pax-without-grsec.patch
121
122 diff --git a/2.6.32/4430_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch
123 similarity index 100%
124 rename from 2.6.32/4430_grsec-kconfig-default-gids.patch
125 rename to 2.6.32/4450_grsec-kconfig-default-gids.patch
126
127 diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4455_grsec-kconfig-gentoo.patch
128 similarity index 100%
129 rename from 2.6.32/4435_grsec-kconfig-gentoo.patch
130 rename to 2.6.32/4455_grsec-kconfig-gentoo.patch
131
132 diff --git a/2.6.32/4437-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch
133 similarity index 100%
134 rename from 2.6.32/4437-grsec-kconfig-proc-user.patch
135 rename to 2.6.32/4460-grsec-kconfig-proc-user.patch
136
137 diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
138 similarity index 100%
139 rename from 2.6.32/4440_selinux-avc_audit-log-curr_ip.patch
140 rename to 2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
141
142 diff --git a/2.6.32/4445_disable-compat_vdso.patch b/2.6.32/4470_disable-compat_vdso.patch
143 similarity index 100%
144 rename from 2.6.32/4445_disable-compat_vdso.patch
145 rename to 2.6.32/4470_disable-compat_vdso.patch
146
147 diff --git a/2.6.32/4450_check_ssp_fix.patch b/2.6.32/4475_check_ssp_fix.patch
148 similarity index 100%
149 rename from 2.6.32/4450_check_ssp_fix.patch
150 rename to 2.6.32/4475_check_ssp_fix.patch
151
152 diff --git a/3.2.4/0000_README b/3.2.4/0000_README
153 index 97fce67..ce0507d 100644
154 --- a/3.2.4/0000_README
155 +++ b/3.2.4/0000_README
156 @@ -14,42 +14,47 @@ Patch: 4420_grsecurity-2.2.2-3.2.4-201202032052.patch
157 From: http://www.grsecurity.net
158 Desc: hardened-sources base patch from upstream grsecurity
159
160 -Patch: 4421_grsec-remove-localversion-grsec.patch
161 +Patch: 4430_grsec-remove-localversion-grsec.patch
162 From: Kerin Millar <kerframil@×××××.com>
163 Desc: Removes grsecurity's localversion-grsec file
164
165 -Patch: 4422_grsec-mute-warnings.patch
166 +Patch: 4435_grsec-mute-warnings.patch
167 From: Alexander Gabert <gaberta@××××××××.de>
168 Gordon Malm <gengor@g.o>
169 Desc: Removes verbose compile warning settings from grsecurity, restores
170 mainline Linux kernel behavior
171
172 -Patch: 4423_grsec-remove-protected-paths.patch
173 +Patch: 4440_grsec-remove-protected-paths.patch
174 From: Anthony G. Basile <blueness@g.o>
175 Desc: Removes chmod statements from grsecurity/Makefile
176
177 -Patch: 4425_grsec-pax-without-grsec.patch
178 +Patch: 4445_grsec-pax-without-grsec.patch
179 From: Gordon Malm <gengor@g.o>
180 Desc: Allows PaX features to be selected without enabling GRKERNSEC
181
182 -Patch: 4430_grsec-kconfig-default-gids.patch
183 +Patch: 4450_grsec-kconfig-default-gids.patch
184 From: Kerin Millar <kerframil@×××××.com>
185 Desc: Sets sane(r) default GIDs on various grsecurity group-dependent
186 features
187
188 -Patch: 4435_grsec-kconfig-gentoo.patch
189 +Patch: 4455_grsec-kconfig-gentoo.patch
190 From: Gordon Malm <gengor@g.o>
191 Kerin Millar <kerframil@×××××.com>
192 Anthony G. Basile <blueness@g.o>
193 Desc: Adds Hardened Gentoo [server/workstation/virtualization] security levels,
194 sets Hardened Gentoo [workstation] as default
195
196 -Patch: 4440_selinux-avc_audit-log-curr_ip.patch
197 +Patch: 4460-grsec-kconfig-proc-user.patch
198 +From: Anthony G. Basile <blueness@g.o>
199 +Desc: Make GRKERNSEC_PROC_USER, and GRKERNSEC_PROC_USERGROUP mutually
200 + exclusive to avoid bug #366019.
201 +
202 +Patch: 4465_selinux-avc_audit-log-curr_ip.patch
203 From: Gordon Malm <gengor@g.o>
204 Anthony G. Basile <blueness@g.o>
205 Desc: Configurable option to add src IP address to SELinux log messages
206
207 -Patch: 4445_disable-compat_vdso.patch
208 +Patch: 4470_disable-compat_vdso.patch
209 From: Gordon Malm <gengor@g.o>
210 Kerin Millar <kerframil@×××××.com>
211 Desc: Disables VDSO_COMPAT operation completely
212
213 diff --git a/3.2.4/4421_grsec-remove-localversion-grsec.patch b/3.2.4/4430_grsec-remove-localversion-grsec.patch
214 similarity index 100%
215 rename from 3.2.4/4421_grsec-remove-localversion-grsec.patch
216 rename to 3.2.4/4430_grsec-remove-localversion-grsec.patch
217
218 diff --git a/3.2.4/4422_grsec-mute-warnings.patch b/3.2.4/4435_grsec-mute-warnings.patch
219 similarity index 100%
220 rename from 3.2.4/4422_grsec-mute-warnings.patch
221 rename to 3.2.4/4435_grsec-mute-warnings.patch
222
223 diff --git a/3.2.4/4423_grsec-remove-protected-paths.patch b/3.2.4/4440_grsec-remove-protected-paths.patch
224 similarity index 100%
225 rename from 3.2.4/4423_grsec-remove-protected-paths.patch
226 rename to 3.2.4/4440_grsec-remove-protected-paths.patch
227
228 diff --git a/3.2.4/4425_grsec-pax-without-grsec.patch b/3.2.4/4445_grsec-pax-without-grsec.patch
229 similarity index 100%
230 rename from 3.2.4/4425_grsec-pax-without-grsec.patch
231 rename to 3.2.4/4445_grsec-pax-without-grsec.patch
232
233 diff --git a/3.2.4/4430_grsec-kconfig-default-gids.patch b/3.2.4/4450_grsec-kconfig-default-gids.patch
234 similarity index 100%
235 rename from 3.2.4/4430_grsec-kconfig-default-gids.patch
236 rename to 3.2.4/4450_grsec-kconfig-default-gids.patch
237
238 diff --git a/3.2.4/4435_grsec-kconfig-gentoo.patch b/3.2.4/4455_grsec-kconfig-gentoo.patch
239 similarity index 100%
240 rename from 3.2.4/4435_grsec-kconfig-gentoo.patch
241 rename to 3.2.4/4455_grsec-kconfig-gentoo.patch
242
243 diff --git a/3.2.4/4437-grsec-kconfig-proc-user.patch b/3.2.4/4460-grsec-kconfig-proc-user.patch
244 similarity index 100%
245 rename from 3.2.4/4437-grsec-kconfig-proc-user.patch
246 rename to 3.2.4/4460-grsec-kconfig-proc-user.patch
247
248 diff --git a/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch b/3.2.4/4465_selinux-avc_audit-log-curr_ip.patch
249 similarity index 100%
250 rename from 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch
251 rename to 3.2.4/4465_selinux-avc_audit-log-curr_ip.patch
252
253 diff --git a/3.2.4/4445_disable-compat_vdso.patch b/3.2.4/4470_disable-compat_vdso.patch
254 similarity index 100%
255 rename from 3.2.4/4445_disable-compat_vdso.patch
256 rename to 3.2.4/4470_disable-compat_vdso.patch
Report Message
Find on MARC Find on Google Groups