1 |
commit: 781f9e515903c8925cb467479acd24fe4df4ed14 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Sep 1 00:03:10 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Sep 1 00:03:10 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=781f9e51 |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.59,3.2.28,3.5.3}-201208302015 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.9.1-2.6.32.59-201208302014.patch} | 75 +++++++++++++++----- |
13 |
3.2.28/0000_README | 2 +- |
14 |
...420_grsecurity-2.9.1-3.2.28-201208302014.patch} | 26 +++++++- |
15 |
3.5.3/0000_README | 2 +- |
16 |
...4420_grsecurity-2.9.1-3.5.3-201208302015.patch} | 26 +++++++- |
17 |
6 files changed, 110 insertions(+), 23 deletions(-) |
18 |
|
19 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
20 |
index 16680e5..c0cf34a 100644 |
21 |
--- a/2.6.32/0000_README |
22 |
+++ b/2.6.32/0000_README |
23 |
@@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch |
24 |
From: http://www.kernel.org |
25 |
Desc: Linux 2.6.32.59 |
26 |
|
27 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.59-201208271903.patch |
28 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.59-201208302014.patch |
29 |
From: http://www.grsecurity.net |
30 |
Desc: hardened-sources base patch from upstream grsecurity |
31 |
|
32 |
|
33 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208271903.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208302014.patch |
34 |
similarity index 99% |
35 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208271903.patch |
36 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208302014.patch |
37 |
index 63a8206..7327d9d 100644 |
38 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208271903.patch |
39 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208302014.patch |
40 |
@@ -66499,7 +66499,7 @@ index b4ea829..e63ef18 100644 |
41 |
} |
42 |
|
43 |
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
44 |
-index 136a0d6..a287331 100644 |
45 |
+index 136a0d6..cdff021 100644 |
46 |
--- a/fs/autofs4/waitq.c |
47 |
+++ b/fs/autofs4/waitq.c |
48 |
@@ -60,7 +60,7 @@ static int autofs4_write(struct file *file, const void *addr, int bytes) |
49 |
@@ -66511,6 +66511,30 @@ index 136a0d6..a287331 100644 |
50 |
ssize_t wr = 0; |
51 |
|
52 |
/** WARNING: this is not safe for writing more than PIPE_BUF bytes! **/ |
53 |
+@@ -326,6 +326,10 @@ static int validate_request(struct autofs_wait_queue **wait, |
54 |
+ return 1; |
55 |
+ } |
56 |
+ |
57 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
58 |
++static atomic_unchecked_t autofs_dummy_name_id = ATOMIC_INIT(0); |
59 |
++#endif |
60 |
++ |
61 |
+ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
62 |
+ enum autofs_notify notify) |
63 |
+ { |
64 |
+@@ -359,7 +363,12 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
65 |
+ |
66 |
+ /* If this is a direct mount request create a dummy name */ |
67 |
+ if (IS_ROOT(dentry) && autofs_type_trigger(sbi->type)) |
68 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
69 |
++ /* this name does get written to userland via autofs4_write() */ |
70 |
++ qstr.len = sprintf(name, "%08lx", atomic_inc_return_unchecked(&autofs_dummy_name_id)); |
71 |
++#else |
72 |
+ qstr.len = sprintf(name, "%p", dentry); |
73 |
++#endif |
74 |
+ else { |
75 |
+ qstr.len = autofs4_getpath(sbi, dentry, &name); |
76 |
+ if (!qstr.len) { |
77 |
diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c |
78 |
index 9158c07..3f06659 100644 |
79 |
--- a/fs/befs/linuxvfs.c |
80 |
@@ -91544,18 +91568,6 @@ index 0000000..3891139 |
81 |
+int do_syslog(int type, char __user *buf, int count, bool from_file); |
82 |
+ |
83 |
+#endif /* _LINUX_SYSLOG_H */ |
84 |
-diff --git a/include/linux/tfrc.h b/include/linux/tfrc.h |
85 |
-index 8a8462b..097fe78 100644 |
86 |
---- a/include/linux/tfrc.h |
87 |
-+++ b/include/linux/tfrc.h |
88 |
-@@ -50,6 +50,7 @@ struct tfrc_tx_info { |
89 |
- __u32 tfrctx_p; |
90 |
- __u32 tfrctx_rto; |
91 |
- __u32 tfrctx_ipi; |
92 |
-+ __u32 padding; |
93 |
- }; |
94 |
- |
95 |
- #endif /* _LINUX_TFRC_H_ */ |
96 |
diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h |
97 |
index a8cc4e1..98d3b85 100644 |
98 |
--- a/include/linux/thread_info.h |
99 |
@@ -103836,14 +103848,41 @@ index facedd2..ab260b0 100644 |
100 |
optval, optlen); |
101 |
return rc; |
102 |
diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c |
103 |
-index 34dcc79..ca75875 100644 |
104 |
+index 34dcc79..f51ed45 100644 |
105 |
--- a/net/dccp/ccids/ccid3.c |
106 |
+++ b/net/dccp/ccids/ccid3.c |
107 |
-@@ -618,6 +618,7 @@ static int ccid3_hc_tx_getsockopt(struct sock *sk, const int optname, int len, |
108 |
+@@ -604,20 +604,29 @@ static void ccid3_hc_tx_get_info(struct sock *sk, struct tcp_info *info) |
109 |
+ static int ccid3_hc_tx_getsockopt(struct sock *sk, const int optname, int len, |
110 |
+ u32 __user *optval, int __user *optlen) |
111 |
+ { |
112 |
+- const struct ccid3_hc_tx_sock *hctx; |
113 |
++ const struct ccid3_hc_tx_sock *hc = ccid3_hc_tx_sk(sk); |
114 |
++ struct tfrc_tx_info tfrc; |
115 |
+ const void *val; |
116 |
+ |
117 |
+ /* Listen socks doesn't have a private CCID block */ |
118 |
+ if (sk->sk_state == DCCP_LISTEN) |
119 |
+ return -EINVAL; |
120 |
+ |
121 |
+- hctx = ccid3_hc_tx_sk(sk); |
122 |
+ switch (optname) { |
123 |
+ case DCCP_SOCKOPT_CCID_TX_INFO: |
124 |
+- if (len < sizeof(hctx->ccid3hctx_tfrc)) |
125 |
++ if (len < sizeof(tfrc)) |
126 |
return -EINVAL; |
127 |
- len = sizeof(hctx->ccid3hctx_tfrc); |
128 |
- val = &hctx->ccid3hctx_tfrc; |
129 |
-+ hctx->ccid3hctx_tfrc.padding = 0; |
130 |
+- len = sizeof(hctx->ccid3hctx_tfrc); |
131 |
+- val = &hctx->ccid3hctx_tfrc; |
132 |
++ |
133 |
++ memset(&tfrc, 0, sizeof(tfrc)); |
134 |
++ tfrc.tfrctx_x = hc->ccid3hctx_x; |
135 |
++ tfrc.tfrctx_x_recv = hc->ccid3hctx_x_recv; |
136 |
++ tfrc.tfrctx_x_calc = hc->ccid3hctx_x_calc; |
137 |
++ tfrc.tfrctx_rtt = hc->ccid3hctx_rtt; |
138 |
++ tfrc.tfrctx_p = hc->ccid3hctx_p; |
139 |
++ tfrc.tfrctx_rto = hc->ccid3hctx_t_rto; |
140 |
++ tfrc.tfrctx_ipi = hc->ccid3hctx_t_ipi; |
141 |
++ len = sizeof(tfrc); |
142 |
++ val = &tfrc; |
143 |
break; |
144 |
default: |
145 |
return -ENOPROTOOPT; |
146 |
|
147 |
diff --git a/3.2.28/0000_README b/3.2.28/0000_README |
148 |
index 8e8f3c9..5fc9a2d 100644 |
149 |
--- a/3.2.28/0000_README |
150 |
+++ b/3.2.28/0000_README |
151 |
@@ -30,7 +30,7 @@ Patch: 1027_linux-3.2.28.patch |
152 |
From: http://www.kernel.org |
153 |
Desc: Linux 3.2.28 |
154 |
|
155 |
-Patch: 4420_grsecurity-2.9.1-3.2.28-201208271905.patch |
156 |
+Patch: 4420_grsecurity-2.9.1-3.2.28-201208302014.patch |
157 |
From: http://www.grsecurity.net |
158 |
Desc: hardened-sources base patch from upstream grsecurity |
159 |
|
160 |
|
161 |
diff --git a/3.2.28/4420_grsecurity-2.9.1-3.2.28-201208271905.patch b/3.2.28/4420_grsecurity-2.9.1-3.2.28-201208302014.patch |
162 |
similarity index 99% |
163 |
rename from 3.2.28/4420_grsecurity-2.9.1-3.2.28-201208271905.patch |
164 |
rename to 3.2.28/4420_grsecurity-2.9.1-3.2.28-201208302014.patch |
165 |
index 11d1b8e..ece45f0 100644 |
166 |
--- a/3.2.28/4420_grsecurity-2.9.1-3.2.28-201208271905.patch |
167 |
+++ b/3.2.28/4420_grsecurity-2.9.1-3.2.28-201208302014.patch |
168 |
@@ -42649,7 +42649,7 @@ index b8f55c4..4c2b80c 100644 |
169 |
goto out_sig; |
170 |
if (offset > inode->i_sb->s_maxbytes) |
171 |
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
172 |
-index e1fbdee..cd5ea56 100644 |
173 |
+index e1fbdee..87eb5fc 100644 |
174 |
--- a/fs/autofs4/waitq.c |
175 |
+++ b/fs/autofs4/waitq.c |
176 |
@@ -60,7 +60,7 @@ static int autofs4_write(struct file *file, const void *addr, int bytes) |
177 |
@@ -42661,6 +42661,30 @@ index e1fbdee..cd5ea56 100644 |
178 |
ssize_t wr = 0; |
179 |
|
180 |
/** WARNING: this is not safe for writing more than PIPE_BUF bytes! **/ |
181 |
+@@ -338,6 +338,10 @@ static int validate_request(struct autofs_wait_queue **wait, |
182 |
+ return 1; |
183 |
+ } |
184 |
+ |
185 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
186 |
++static atomic_unchecked_t autofs_dummy_name_id = ATOMIC_INIT(0); |
187 |
++#endif |
188 |
++ |
189 |
+ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
190 |
+ enum autofs_notify notify) |
191 |
+ { |
192 |
+@@ -371,7 +375,12 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
193 |
+ |
194 |
+ /* If this is a direct mount request create a dummy name */ |
195 |
+ if (IS_ROOT(dentry) && autofs_type_trigger(sbi->type)) |
196 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
197 |
++ /* this name does get written to userland via autofs4_write() */ |
198 |
++ qstr.len = sprintf(name, "%08lx", atomic_inc_return_unchecked(&autofs_dummy_name_id)); |
199 |
++#else |
200 |
+ qstr.len = sprintf(name, "%p", dentry); |
201 |
++#endif |
202 |
+ else { |
203 |
+ qstr.len = autofs4_getpath(sbi, dentry, &name); |
204 |
+ if (!qstr.len) { |
205 |
diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c |
206 |
index 8342ca6..82fd192 100644 |
207 |
--- a/fs/befs/linuxvfs.c |
208 |
|
209 |
diff --git a/3.5.3/0000_README b/3.5.3/0000_README |
210 |
index 24c63b2..de2721a 100644 |
211 |
--- a/3.5.3/0000_README |
212 |
+++ b/3.5.3/0000_README |
213 |
@@ -2,7 +2,7 @@ README |
214 |
----------------------------------------------------------------------------- |
215 |
Individual Patch Descriptions: |
216 |
----------------------------------------------------------------------------- |
217 |
-Patch: 4420_grsecurity-2.9.1-3.5.3-201208271906.patch |
218 |
+Patch: 4420_grsecurity-2.9.1-3.5.3-201208302015.patch |
219 |
From: http://www.grsecurity.net |
220 |
Desc: hardened-sources base patch from upstream grsecurity |
221 |
|
222 |
|
223 |
diff --git a/3.5.3/4420_grsecurity-2.9.1-3.5.3-201208271906.patch b/3.5.3/4420_grsecurity-2.9.1-3.5.3-201208302015.patch |
224 |
similarity index 99% |
225 |
rename from 3.5.3/4420_grsecurity-2.9.1-3.5.3-201208271906.patch |
226 |
rename to 3.5.3/4420_grsecurity-2.9.1-3.5.3-201208302015.patch |
227 |
index 9557d64..711cf9b 100644 |
228 |
--- a/3.5.3/4420_grsecurity-2.9.1-3.5.3-201208271906.patch |
229 |
+++ b/3.5.3/4420_grsecurity-2.9.1-3.5.3-201208302015.patch |
230 |
@@ -42299,7 +42299,7 @@ index 0da9095..1386693 100644 |
231 |
goto out_sig; |
232 |
if (offset > inode->i_sb->s_maxbytes) |
233 |
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
234 |
-index da8876d..9f3e6d8 100644 |
235 |
+index da8876d..4456166 100644 |
236 |
--- a/fs/autofs4/waitq.c |
237 |
+++ b/fs/autofs4/waitq.c |
238 |
@@ -61,7 +61,7 @@ static int autofs4_write(struct autofs_sb_info *sbi, |
239 |
@@ -42311,6 +42311,30 @@ index da8876d..9f3e6d8 100644 |
240 |
ssize_t wr = 0; |
241 |
|
242 |
sigpipe = sigismember(¤t->pending.signal, SIGPIPE); |
243 |
+@@ -348,6 +348,10 @@ static int validate_request(struct autofs_wait_queue **wait, |
244 |
+ return 1; |
245 |
+ } |
246 |
+ |
247 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
248 |
++static atomic_unchecked_t autofs_dummy_name_id = ATOMIC_INIT(0); |
249 |
++#endif |
250 |
++ |
251 |
+ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
252 |
+ enum autofs_notify notify) |
253 |
+ { |
254 |
+@@ -381,7 +385,12 @@ int autofs4_wait(struct autofs_sb_info *sbi, struct dentry *dentry, |
255 |
+ |
256 |
+ /* If this is a direct mount request create a dummy name */ |
257 |
+ if (IS_ROOT(dentry) && autofs_type_trigger(sbi->type)) |
258 |
++#ifdef CONFIG_GRKERNSEC_HIDESYM |
259 |
++ /* this name does get written to userland via autofs4_write() */ |
260 |
++ qstr.len = sprintf(name, "%08lx", atomic_inc_return_unchecked(&autofs_dummy_name_id)); |
261 |
++#else |
262 |
+ qstr.len = sprintf(name, "%p", dentry); |
263 |
++#endif |
264 |
+ else { |
265 |
+ qstr.len = autofs4_getpath(sbi, dentry, &name); |
266 |
+ if (!qstr.len) { |
267 |
diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c |
268 |
index e18da23..affc30e 100644 |
269 |
--- a/fs/befs/linuxvfs.c |