1 |
commit: ae1a30b46e35c812cbafd2e6e93e8e439fb81481 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 31 08:36:00 2013 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 31 08:36:00 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=ae1a30b4 |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.45,3.9.4}-201305301927 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
...92148.patch => 4420_grsecurity-2.9.1-2.6.32.60-201305301924.patch} | 4 ++-- |
13 |
3.2.45/0000_README | 2 +- |
14 |
...05292150.patch => 4420_grsecurity-2.9.1-3.2.45-201305301925.patch} | 4 ++-- |
15 |
3.9.4/0000_README | 2 +- |
16 |
...305292151.patch => 4420_grsecurity-2.9.1-3.9.4-201305301927.patch} | 4 ++-- |
17 |
6 files changed, 9 insertions(+), 9 deletions(-) |
18 |
|
19 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
20 |
index 378709b..1fce241 100644 |
21 |
--- a/2.6.32/0000_README |
22 |
+++ b/2.6.32/0000_README |
23 |
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch |
24 |
From: http://www.kernel.org |
25 |
Desc: Linux 2.6.32.59 |
26 |
|
27 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201305292148.patch |
28 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201305301924.patch |
29 |
From: http://www.grsecurity.net |
30 |
Desc: hardened-sources base patch from upstream grsecurity |
31 |
|
32 |
|
33 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305292148.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305301924.patch |
34 |
similarity index 99% |
35 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305292148.patch |
36 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305301924.patch |
37 |
index a6ebcd3..220fd66 100644 |
38 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305292148.patch |
39 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305301924.patch |
40 |
@@ -107973,7 +107973,7 @@ index 04a0252..4ee2bbb 100644 |
41 |
struct tasklet_struct *list; |
42 |
|
43 |
diff --git a/kernel/sys.c b/kernel/sys.c |
44 |
-index e9512b1..b6c0a2e 100644 |
45 |
+index e9512b1..892ee9e 100644 |
46 |
--- a/kernel/sys.c |
47 |
+++ b/kernel/sys.c |
48 |
@@ -133,6 +133,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
49 |
@@ -108144,7 +108144,7 @@ index e9512b1..b6c0a2e 100644 |
50 |
+ user in between this limit change and an execve by this task, force |
51 |
+ a recheck only for this task by setting PF_NPROC_EXCEEDED |
52 |
+ */ |
53 |
-+ if (resource == RLIMIT_NPROC) |
54 |
++ if (resource == RLIMIT_NPROC && current->real_cred->user != INIT_USER) |
55 |
+ current->flags |= PF_NPROC_EXCEEDED; |
56 |
+ |
57 |
/* |
58 |
|
59 |
diff --git a/3.2.45/0000_README b/3.2.45/0000_README |
60 |
index 577c9db..c1bb1b0 100644 |
61 |
--- a/3.2.45/0000_README |
62 |
+++ b/3.2.45/0000_README |
63 |
@@ -98,7 +98,7 @@ Patch: 1044_linux-3.2.45.patch |
64 |
From: http://www.kernel.org |
65 |
Desc: Linux 3.2.45 |
66 |
|
67 |
-Patch: 4420_grsecurity-2.9.1-3.2.45-201305292150.patch |
68 |
+Patch: 4420_grsecurity-2.9.1-3.2.45-201305301925.patch |
69 |
From: http://www.grsecurity.net |
70 |
Desc: hardened-sources base patch from upstream grsecurity |
71 |
|
72 |
|
73 |
diff --git a/3.2.45/4420_grsecurity-2.9.1-3.2.45-201305292150.patch b/3.2.45/4420_grsecurity-2.9.1-3.2.45-201305301925.patch |
74 |
similarity index 99% |
75 |
rename from 3.2.45/4420_grsecurity-2.9.1-3.2.45-201305292150.patch |
76 |
rename to 3.2.45/4420_grsecurity-2.9.1-3.2.45-201305301925.patch |
77 |
index 52e473e..4aeabd6 100644 |
78 |
--- a/3.2.45/4420_grsecurity-2.9.1-3.2.45-201305292150.patch |
79 |
+++ b/3.2.45/4420_grsecurity-2.9.1-3.2.45-201305301925.patch |
80 |
@@ -78525,7 +78525,7 @@ index 2f194e9..2c05ea9 100644 |
81 |
.priority = 10, |
82 |
}; |
83 |
diff --git a/kernel/sys.c b/kernel/sys.c |
84 |
-index be5fa8b..bb69d33 100644 |
85 |
+index be5fa8b..a8c2090 100644 |
86 |
--- a/kernel/sys.c |
87 |
+++ b/kernel/sys.c |
88 |
@@ -158,6 +158,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
89 |
@@ -78682,7 +78682,7 @@ index be5fa8b..bb69d33 100644 |
90 |
+ user in between this limit change and an execve by this task, force |
91 |
+ a recheck only for this task by setting PF_NPROC_EXCEEDED |
92 |
+ */ |
93 |
-+ if (resource == RLIMIT_NPROC) |
94 |
++ if (resource == RLIMIT_NPROC && tsk->real_cred->user != INIT_USER) |
95 |
+ tsk->flags |= PF_NPROC_EXCEEDED; |
96 |
} |
97 |
if (!retval) { |
98 |
|
99 |
diff --git a/3.9.4/0000_README b/3.9.4/0000_README |
100 |
index 66c5468..236a360 100644 |
101 |
--- a/3.9.4/0000_README |
102 |
+++ b/3.9.4/0000_README |
103 |
@@ -2,7 +2,7 @@ README |
104 |
----------------------------------------------------------------------------- |
105 |
Individual Patch Descriptions: |
106 |
----------------------------------------------------------------------------- |
107 |
-Patch: 4420_grsecurity-2.9.1-3.9.4-201305292151.patch |
108 |
+Patch: 4420_grsecurity-2.9.1-3.9.4-201305301927.patch |
109 |
From: http://www.grsecurity.net |
110 |
Desc: hardened-sources base patch from upstream grsecurity |
111 |
|
112 |
|
113 |
diff --git a/3.9.4/4420_grsecurity-2.9.1-3.9.4-201305292151.patch b/3.9.4/4420_grsecurity-2.9.1-3.9.4-201305301927.patch |
114 |
similarity index 99% |
115 |
rename from 3.9.4/4420_grsecurity-2.9.1-3.9.4-201305292151.patch |
116 |
rename to 3.9.4/4420_grsecurity-2.9.1-3.9.4-201305301927.patch |
117 |
index 8cdedca..06e925c 100644 |
118 |
--- a/3.9.4/4420_grsecurity-2.9.1-3.9.4-201305292151.patch |
119 |
+++ b/3.9.4/4420_grsecurity-2.9.1-3.9.4-201305301927.patch |
120 |
@@ -78370,7 +78370,7 @@ index 01d5ccb..cdcbee6 100644 |
121 |
return idx; |
122 |
} |
123 |
diff --git a/kernel/sys.c b/kernel/sys.c |
124 |
-index 0da73cf..a22106a 100644 |
125 |
+index 0da73cf..5c2af3c 100644 |
126 |
--- a/kernel/sys.c |
127 |
+++ b/kernel/sys.c |
128 |
@@ -158,6 +158,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
129 |
@@ -78527,7 +78527,7 @@ index 0da73cf..a22106a 100644 |
130 |
+ user in between this limit change and an execve by this task, force |
131 |
+ a recheck only for this task by setting PF_NPROC_EXCEEDED |
132 |
+ */ |
133 |
-+ if (resource == RLIMIT_NPROC) |
134 |
++ if (resource == RLIMIT_NPROC && tsk->real_cred->user != INIT_USER) |
135 |
+ tsk->flags |= PF_NPROC_EXCEEDED; |
136 |
} |
137 |
if (!retval) { |