Author: mguevara Date: Sun May 6 14:31:09 2007 GMT
Module: SOURCES Tag: LINUX_2_6
---- Log message:
- applied changes between grsecurity-2.1.10-2.6.21-200705021312.patch and
grsecurity-2.1.10-2.6.21-200705041939.patch
---- Files affected:
SOURCES:
linux-2.6-grsec_full.patch (1.1.2.4 -> 1.1.2.5)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsec_full.patch
diff -u SOURCES/linux-2.6-grsec_full.patch:1.1.2.4
SOURCES/linux-2.6-grsec_full.patch:1.1.2.5
--- SOURCES/linux-2.6-grsec_full.patch:1.1.2.4 Fri May 4 13:33:29 2007
+++ SOURCES/linux-2.6-grsec_full.patch Sun May 6 16:31:03 2007
@@ -14576,7 +14576,7 @@
diff -urNp linux-2.6.21/grsecurity/gracl.c linux-2.6.21/grsecurity/gracl.c
--- linux-2.6.21/grsecurity/gracl.c 1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.21/grsecurity/gracl.c 2007-04-29 23:39:37.000000000 -0400
-@@ -0,0 +1,3550 @@
+@@ -0,0 +1,3547 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -17729,8 +17729,6 @@
+#endif
+
+#ifdef CONFIG_SYSCTL
-+extern ctl_table root_table[];
-+
+/* the following function is called under the BKL */
+
+__u32
@@ -17758,7 +17756,7 @@
+
+ /* convert the requested sysctl entry into a pathname */
+
-+ for (tmp = (ctl_table *)table; tmp != (ctl_table *)&root_table; tmp =
tmp->parent) {
++ for (tmp = (ctl_table *)table; tmp != NULL; tmp = tmp->parent) {
+ len += strlen(tmp->procname);
+ len++;
+ depth++;
@@ -17776,8 +17774,7 @@
+ for (; depth > 0; depth--) {
+ path[pos] = '/';
+ pos++;
-+ for (i = 1, tmp = (ctl_table *)table; tmp != (ctl_table
*)&root_table;
-+ tmp = tmp->parent) {
++ for (i = 1, tmp = (ctl_table *)table; tmp != NULL; tmp =
tmp->parent) {
+ if (depth == i) {
+ memcpy(path + pos, tmp->procname,
+ strlen(tmp->procname));
@@ -28522,19 +28519,16 @@
/* External variables not in a header file. */
extern int C_A_D;
-@@ -137,9 +145,9 @@ static int proc_dointvec_taint(ctl_table
- void __user *buffer, size_t *lenp, loff_t *ppos);
- #endif
+@@ -139,7 +147,7 @@ static int proc_dointvec_taint(ctl_table
--static ctl_table root_table[];
-+ctl_table root_table[];
+ static ctl_table root_table[];
static struct ctl_table_header root_table_header =
- { root_table, LIST_HEAD_INIT(root_table_header.ctl_entry) };
+ { root_table, LIST_HEAD_INIT(root_table_header.ctl_entry), 0, NULL };
static ctl_table kern_table[];
static ctl_table vm_table[];
-@@ -153,15 +161,30 @@ extern ctl_table pty_table[];
+@@ -153,11 +161,26 @@ extern ctl_table pty_table[];
#ifdef CONFIG_INOTIFY_USER
extern ctl_table inotify_table[];
#endif
@@ -28561,11 +28555,6 @@
/* The default sysctl tables: */
--static ctl_table root_table[] = {
-+ctl_table root_table[] = {
- {
- .ctl_name = CTL_KERN,
- .procname = "kernel",
@@ -200,7 +223,6 @@ static ctl_table root_table[] = {
.mode = 0555,
.child = dev_table,
@@ -31348,7 +31337,7 @@
+
+config PAX
+ bool "Enable various PaX features"
-+ depends on GRKERNSEC && (ALPHA || ARM || AVR32 || IA64 || MIPS32 ||
MIPS64 || PARISC || PPC32 || PPC64 || SPARC32 || SPARC64 || X86 || X86_64)
++ depends on GRSECURITY && (ALPHA || ARM || AVR32 || IA64 || MIPS32 ||
MIPS64 || PARISC || PPC32 || PPC64 || SPARC32 || SPARC64 || X86 || X86_64)
+ help
+ This allows you to enable various PaX features. PaX adds
+ intrusion prevention mechanisms to the kernel that reduce
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/linux-2.6-grsec_full.patch?r1=1.1.2.4&r2=1.1.2.5&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
