commit: 609ffe9ee3a9e872e67a7e811058ee837cd917dd Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Tue Apr 26 08:20:46 2016 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Tue Apr 26 08:20:46 2016 +0000 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=609ffe9e
grsecurity-3.1-4.4.8-201604252206 4.4.8/0000_README | 2 +- ...> 4420_grsecurity-3.1-4.4.8-201604252206.patch} | 63 ++++++++++++++++++++-- 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/4.4.8/0000_README b/4.4.8/0000_README index 50bafae..31bb556 100644 --- a/4.4.8/0000_README +++ b/4.4.8/0000_README @@ -6,7 +6,7 @@ Patch: 1007_linux-4.4.8.patch From: http://www.kernel.org Desc: Linux 4.4.8 -Patch: 4420_grsecurity-3.1-4.4.8-201604201957.patch +Patch: 4420_grsecurity-3.1-4.4.8-201604252206.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.4.8/4420_grsecurity-3.1-4.4.8-201604201957.patch b/4.4.8/4420_grsecurity-3.1-4.4.8-201604252206.patch similarity index 99% rename from 4.4.8/4420_grsecurity-3.1-4.4.8-201604201957.patch rename to 4.4.8/4420_grsecurity-3.1-4.4.8-201604252206.patch index a90771e..a7a3280 100644 --- a/4.4.8/4420_grsecurity-3.1-4.4.8-201604201957.patch +++ b/4.4.8/4420_grsecurity-3.1-4.4.8-201604252206.patch @@ -56408,6 +56408,18 @@ index a14c784..6de6790 100644 } #define BFA_CACHELINE_SZ (256) +diff --git a/drivers/scsi/cxgbi/libcxgbi.c b/drivers/scsi/cxgbi/libcxgbi.c +index f3bb7af..ead83a2 100644 +--- a/drivers/scsi/cxgbi/libcxgbi.c ++++ b/drivers/scsi/cxgbi/libcxgbi.c +@@ -688,6 +688,7 @@ static struct rt6_info *find_route_ipv6(const struct in6_addr *saddr, + { + struct flowi6 fl; + ++ memset(&fl, 0, sizeof(fl)); + if (saddr) + memcpy(&fl.saddr, saddr, sizeof(struct in6_addr)); + if (daddr) diff --git a/drivers/scsi/fcoe/fcoe_sysfs.c b/drivers/scsi/fcoe/fcoe_sysfs.c index 045c4e1..13de803 100644 --- a/drivers/scsi/fcoe/fcoe_sysfs.c @@ -59040,7 +59052,7 @@ index c3fe026..9cfe421 100644 dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index cf000b3..63baffa 100644 +index cf000b3..a399250 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -1507,7 +1507,7 @@ n_tty_receive_char_lnext(struct tty_struct *tty, unsigned char c, char flag) @@ -59110,7 +59122,28 @@ index cf000b3..63baffa 100644 down_read(&tty->termios_rwsem); -@@ -2550,6 +2550,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -1723,15 +1723,16 @@ n_tty_receive_buf_common(struct tty_struct *tty, const unsigned char *cp, + room = N_TTY_BUF_SIZE - (ldata->read_head - tail); + if (I_PARMRK(tty)) + room = (room + 2) / 3; +- room--; +- if (room <= 0) { ++ if (room <= 1) { + overflow = ldata->icanon && ldata->canon_head == tail; +- if (overflow && room < 0) ++ if (overflow && room == 0) + ldata->read_head--; + room = overflow; + ldata->no_room = flow && !room; +- } else ++ } else { ++ room--; + overflow = 0; ++ } + + n = min(count, room); + if (!n) +@@ -2550,6 +2551,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -86717,7 +86750,7 @@ index b6c00ce..ab37ad1 100644 static struct pid * get_children_pid(struct inode *inode, struct pid *pid_prev, loff_t pos) diff --git a/fs/proc/base.c b/fs/proc/base.c -index b7de324..417bafe 100644 +index b7de324..c1235e2 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -113,6 +113,14 @@ struct pid_entry { @@ -86928,8 +86961,12 @@ index b7de324..417bafe 100644 if (write && copy_from_user(page, buf, this_len)) { copied = -EFAULT; -@@ -957,6 +1037,13 @@ static ssize_t environ_read(struct file *file, char __user *buf, - if (!mm) +@@ -954,9 +1034,16 @@ static ssize_t environ_read(struct file *file, char __user *buf, + int ret = 0; + struct mm_struct *mm = file->private_data; + +- if (!mm) ++ if (!mm || !mm->env_end) return 0; +#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP @@ -115251,6 +115288,22 @@ index 70e5e09..87f2797 100644 } #else static void register_sched_domain_sysctl(void) +diff --git a/kernel/sched/debug.c b/kernel/sched/debug.c +index 6415117..7dc45dc 100644 +--- a/kernel/sched/debug.c ++++ b/kernel/sched/debug.c +@@ -490,7 +490,11 @@ static int __init init_sched_debug_procfs(void) + { + struct proc_dir_entry *pe; + ++#ifdef CONFIG_GRKERNSEC_PROC_ADD ++ pe = proc_create("sched_debug", 0400, NULL, &sched_debug_fops); ++#else + pe = proc_create("sched_debug", 0444, NULL, &sched_debug_fops); ++#endif + if (!pe) + return -ENOMEM; + return 0; diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c index cfdc0e6..71f2abd 100644 --- a/kernel/sched/fair.c
