packages (GRSECURITY_RAW): kernel/kernel-grsec_full.patch http://www.grsecu...

Sun, 16 Aug 2009 11:39:35 -0700 

Author: arekm                        Date: Sun Aug 16 18:39:21 2009 GMT
Module: packages                      Tag: GRSECURITY_RAW
---- Log message:
http://www.grsecurity.net/~spender/grsecurity-2.1.14-2.6.30.4-200908132040.patch

---- Files affected:
packages/kernel:
   kernel-grsec_full.patch (1.3.2.5 -> 1.3.2.6) 

---- Diffs:

================================================================
Index: packages/kernel/kernel-grsec_full.patch
diff -u packages/kernel/kernel-grsec_full.patch:1.3.2.5 
packages/kernel/kernel-grsec_full.patch:1.3.2.6
--- packages/kernel/kernel-grsec_full.patch:1.3.2.5     Tue Aug 11 10:52:15 2009
+++ packages/kernel/kernel-grsec_full.patch     Sun Aug 16 20:39:15 2009
@@ -8320,7 +8320,7 @@
  efi_rt_function_ptr:
 diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_32.S 
linux-2.6.30.4/arch/x86/kernel/entry_32.S
 --- linux-2.6.30.4/arch/x86/kernel/entry_32.S  2009-07-24 17:47:51.000000000 
-0400
-+++ linux-2.6.30.4/arch/x86/kernel/entry_32.S  2009-07-30 09:48:09.945662533 
-0400
++++ linux-2.6.30.4/arch/x86/kernel/entry_32.S  2009-08-12 21:15:21.098460043 
-0400
 @@ -192,7 +192,7 @@
  
  #endif        /* CONFIG_X86_32_LAZY_GS */
@@ -8525,11 +8525,11 @@
        /* since we are on a wrong stack, we cant make it a C code :( */
 -      PER_CPU(gdt_page, %ebx)
 +#ifdef CONFIG_SMP
-+      movl PER_CPU_VAR(cpu_number), %ebx;
-+      shll $PAGE_SHIFT_asm, %ebx;
-+      addl $cpu_gdt_table, %ebx;
++      movl PER_CPU_VAR(cpu_number), %ebx
++      shll $PAGE_SHIFT_asm, %ebx
++      addl $cpu_gdt_table, %ebx
 +#else
-+      movl $cpu_gdt_table, %ebx;
++      movl $cpu_gdt_table, %ebx
 +#endif
        GET_DESC_BASE(GDT_ENTRY_ESPFIX_SS, %ebx, %eax, %ax, %al, %ah)
        addl %esp, %eax
@@ -8595,14 +8595,18 @@
        CFI_ADJUST_CFA_OFFSET -24
 diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_64.S 
linux-2.6.30.4/arch/x86/kernel/entry_64.S
 --- linux-2.6.30.4/arch/x86/kernel/entry_64.S  2009-07-24 17:47:51.000000000 
-0400
-+++ linux-2.6.30.4/arch/x86/kernel/entry_64.S  2009-07-30 09:48:09.945662533 
-0400
-@@ -1073,7 +1073,8 @@ ENTRY(\sym)
++++ linux-2.6.30.4/arch/x86/kernel/entry_64.S  2009-08-12 21:15:21.099483377 
-0400
+@@ -1073,7 +1073,12 @@ ENTRY(\sym)
        TRACE_IRQS_OFF
        movq %rsp,%rdi          /* pt_regs pointer */
        xorl %esi,%esi          /* no error code */
 -      PER_CPU(init_tss, %rbp)
++#ifdef CONFIG_SMP
 +      imul $TSS_size, PER_CPU_VAR(cpu_number), %ebp
 +      lea init_tss(%rbp), %rbp
++#else
++      lea init_tss(%rip), %rbp
++#endif
        subq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
        call \do_sym
        addq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
@@ -11088,7 +11092,7 @@
                tsk->thread.sysenter_cs = 0;
 diff -urNp linux-2.6.30.4/arch/x86/kernel/vmi_32.c 
linux-2.6.30.4/arch/x86/kernel/vmi_32.c
 --- linux-2.6.30.4/arch/x86/kernel/vmi_32.c    2009-07-24 17:47:51.000000000 
-0400
-+++ linux-2.6.30.4/arch/x86/kernel/vmi_32.c    2009-07-30 09:48:09.962543704 
-0400
++++ linux-2.6.30.4/arch/x86/kernel/vmi_32.c    2009-08-12 21:15:21.104308164 
-0400
 @@ -102,18 +102,43 @@ static unsigned patch_internal(int call,
  {
        u64 reloc;
@@ -11149,7 +11153,7 @@
        vmi_ops.set_pte(pte, (pte_t *)pmd, VMI_PAGE_PD);
  }
  #endif
-@@ -438,8 +463,8 @@ vmi_startup_ipi_hook(int phys_apicid, un
+@@ -438,10 +463,10 @@ vmi_startup_ipi_hook(int phys_apicid, un
        ap.ss = __KERNEL_DS;
        ap.esp = (unsigned long) start_esp;
  
@@ -11158,7 +11162,10 @@
 +      ap.ds = __KERNEL_DS;
 +      ap.es = __KERNEL_DS;
        ap.fs = __KERNEL_PERCPU;
-       ap.gs = 0;
+-      ap.gs = 0;
++      ap.gs = __KERNEL_STACK_CANARY;
+ 
+       ap.eflags = 0;
  
 @@ -634,12 +659,20 @@ static inline int __init activate_vmi(vo
        u64 reloc;
@@ -43646,7 +43653,7 @@
                if (pp->fastreuse && sk->sk_reuse &&
 diff -urNp linux-2.6.30.4/net/socket.c linux-2.6.30.4/net/socket.c
 --- linux-2.6.30.4/net/socket.c        2009-07-24 17:47:51.000000000 -0400
-+++ linux-2.6.30.4/net/socket.c        2009-07-30 11:29:24.032618401 -0400
++++ linux-2.6.30.4/net/socket.c        2009-08-13 20:40:32.961482335 -0400
 @@ -86,6 +86,7 @@
  #include <linux/audit.h>
  #include <linux/wireless.h>
@@ -43695,6 +43702,15 @@
  
  static struct file_system_type sock_fs_type = {
        .name =         "sockfs",
+@@ -736,7 +752,7 @@ static ssize_t sock_sendpage(struct file
+       if (more)
+               flags |= MSG_MORE;
+ 
+-      return sock->ops->sendpage(sock, page, offset, size, flags);
++      return kernel_sendpage(sock, page, offset, size, flags);
+ }
+ 
+ static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
 @@ -1283,6 +1299,16 @@ SYSCALL_DEFINE3(socket, int, family, int
        if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK))
                flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK;
================================================================

---- CVS-web:
    
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_full.patch?r1=1.3.2.5&r2=1.3.2.6&f=u

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

Reply via email to