Author: arekm Date: Wed Aug 24 15:59:56 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- rel 0.3
---- Files affected:
packages/kernel:
kernel-apparmor.patch (1.13 -> 1.14) , kernel-aufs2-no-const-grsec.patch
(1.6 -> 1.7) , kernel.spec (1.959 -> 1.960)
---- Diffs:
================================================================
Index: packages/kernel/kernel-apparmor.patch
diff -u packages/kernel/kernel-apparmor.patch:1.13
packages/kernel/kernel-apparmor.patch:1.14
--- packages/kernel/kernel-apparmor.patch:1.13 Wed Aug 24 11:09:53 2011
+++ packages/kernel/kernel-apparmor.patch Wed Aug 24 17:59:49 2011
@@ -162,27 +162,7 @@
#include "include/path.h"
#include "include/policy.h"
#include "include/procattr.h"
-@@ -651,6 +750,19 @@ static struct security_operations apparmor_ops = {
- .getprocattr = apparmor_getprocattr,
- .setprocattr = apparmor_setprocattr,
-
-+ .socket_create = apparmor_socket_create,
-+ .socket_bind = apparmor_socket_bind,
-+ .socket_connect = apparmor_socket_connect,
-+ .socket_listen = apparmor_socket_listen,
-+ .socket_accept = apparmor_socket_accept,
-+ .socket_sendmsg = apparmor_socket_sendmsg,
-+ .socket_recvmsg = apparmor_socket_recvmsg,
-+ .socket_getsockname = apparmor_socket_getsockname,
-+ .socket_getpeername = apparmor_socket_getpeername,
-+ .socket_getsockopt = apparmor_socket_getsockopt,
-+ .socket_setsockopt = apparmor_socket_setsockopt,
-+ .socket_shutdown = apparmor_socket_shutdown,
-+
- .cred_alloc_blank = apparmor_cred_alloc_blank,
- .cred_free = apparmor_cred_free,
- .cred_prepare = apparmor_cred_prepare,
-@@ -949,4 +950,102 @@ static int apparmor_task_setrlimit(struct task_struct
*task,
+@@ -610,5 +611,103 @@ static int apparmor_task_setrlimit(struct task_struct
*task,
return error;
}
@@ -284,8 +264,28 @@
+ return aa_revalidate_sk(OP_SOCK_SHUTDOWN, sk);
+}
+
- security_initcall(apparmor_init);
-
+ static int apparmor_task_setrlimit(struct task_struct *task,
+ unsigned int resource, struct rlimit *new_rlim)
+@@ -651,6 +750,19 @@ static struct security_operations apparmor_ops = {
+ .getprocattr = apparmor_getprocattr,
+ .setprocattr = apparmor_setprocattr,
+
++ .socket_create = apparmor_socket_create,
++ .socket_bind = apparmor_socket_bind,
++ .socket_connect = apparmor_socket_connect,
++ .socket_listen = apparmor_socket_listen,
++ .socket_accept = apparmor_socket_accept,
++ .socket_sendmsg = apparmor_socket_sendmsg,
++ .socket_recvmsg = apparmor_socket_recvmsg,
++ .socket_getsockname = apparmor_socket_getsockname,
++ .socket_getpeername = apparmor_socket_getpeername,
++ .socket_getsockopt = apparmor_socket_getsockopt,
++ .socket_setsockopt = apparmor_socket_setsockopt,
++ .socket_shutdown = apparmor_socket_shutdown,
++
+ .cred_alloc_blank = apparmor_cred_alloc_blank,
+ .cred_free = apparmor_cred_free,
+ .cred_prepare = apparmor_cred_prepare,
diff --git a/security/apparmor/net.c b/security/apparmor/net.c
new file mode 100644
index 0000000..1765901
================================================================
Index: packages/kernel/kernel-aufs2-no-const-grsec.patch
diff -u packages/kernel/kernel-aufs2-no-const-grsec.patch:1.6
packages/kernel/kernel-aufs2-no-const-grsec.patch:1.7
--- packages/kernel/kernel-aufs2-no-const-grsec.patch:1.6 Wed Aug 24
13:52:00 2011
+++ packages/kernel/kernel-aufs2-no-const-grsec.patch Wed Aug 24 17:59:49 2011
@@ -70,3 +70,25 @@
#endif
#ifdef CONFIG_SYSFS
+--- linux-3.0/fs/aufs/f_op_sp.c~ 2011-08-24 14:41:55.000000000 +0200
++++ linux-3.0/fs/aufs/f_op_sp.c 2011-08-24 14:54:22.072544774 +0200
+@@ -108,7 +108,7 @@
+ static int aufs_open_sp(struct inode *inode, struct file *file);
+ static struct au_sp_fop {
+ int done;
+- struct file_operations fop; /* not 'const' */
++ file_operations_no_const fop; /* not 'const' */
+ spinlock_t spin;
+ } au_sp_fop[AuSp_Last] = {
+ [AuSp_FIFO] = {
+@@ -161,7 +161,9 @@ static void au_init_fop_sp(struct file *
+ h_file = au_hf_top(file);
+ spin_lock(&p->spin);
+ if (!p->done) {
+- p->fop = *h_file->f_op;
++ pax_open_kernel();
++ memcpy((void *)&p->fop, h_file->f_op, sizeof(p->fop));
+ p->fop.owner = THIS_MODULE;
++ pax_close_kernel();
+ if (p->fop.aio_read)
+ p->fop.aio_read = aufs_aio_read_sp;
================================================================
Index: packages/kernel/kernel.spec
diff -u packages/kernel/kernel.spec:1.959 packages/kernel/kernel.spec:1.960
--- packages/kernel/kernel.spec:1.959 Wed Aug 24 13:37:36 2011
+++ packages/kernel/kernel.spec Wed Aug 24 17:59:49 2011
@@ -95,7 +95,7 @@
%define basever 3.0
%define postver .3
-%define rel 0.2
+%define rel 0.3
%define _enable_debug_packages 0
@@ -1519,6 +1519,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.960 2011/08/24 15:59:49 arekm
+- rel 0.3
+
Revision 1.959 2011/08/24 11:37:36 arekm
- switch to aufs3
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-apparmor.patch?r1=1.13&r2=1.14&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-aufs2-no-const-grsec.patch?r1=1.6&r2=1.7&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel.spec?r1=1.959&r2=1.960&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
