[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 6fdbf3dcaebc451852e209c343f97b4c4f07b570
Author: Anthony G. Basile blueness AT gentoo DOT org
AuthorDate: Fri Jul 18 10:44:41 2014 +
Commit: Anthony G. Basile blueness AT gentoo DOT org
CommitDate: Fri Jul 18 10:44:41 2014 +
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=6fdbf3dc
Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407170639
---
3.14.12/_README| 2 +-
...4420_grsecurity-3.0-3.14.12-201407170638.patch} | 24 +++-
3.15.5/_README | 2 +-
... 4420_grsecurity-3.0-3.15.5-201407170639.patch} | 24 +++-
3.2.61/_README | 2 +-
... 4420_grsecurity-3.0-3.2.61-201407170636.patch} | 26 --
6 files changed, 73 insertions(+), 7 deletions(-)
diff --git a/3.14.12/_README b/3.14.12/_README
index 6360d1d..857c6a1 100644
--- a/3.14.12/_README
+++ b/3.14.12/_README
@@ -2,7 +2,7 @@ README
-
Individual Patch Descriptions:
-
-Patch: 4420_grsecurity-3.0-3.14.12-201407151838.patch
+Patch: 4420_grsecurity-3.0-3.14.12-201407170638.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
b/3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch
similarity index 99%
rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch
index a8bccce..02636ed 100644
--- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
+++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch
@@ -8567,7 +8567,7 @@ index 1d0848b..d74685f 100644
#endif
}
diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c
-index 6cff040..74ac5d1 100644
+index 6cff040..74ac5d1b 100644
--- a/arch/powerpc/kernel/module_32.c
+++ b/arch/powerpc/kernel/module_32.c
@@ -161,7 +161,7 @@ int module_frob_arch_sections(Elf32_Ehdr *hdr,
@@ -101749,6 +101749,28 @@ index 7932697..a13d158 100644
} while (!res);
return res;
}
+diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
+index ec66063..1e05bbd 100644
+--- a/net/l2tp/l2tp_ppp.c
b/net/l2tp/l2tp_ppp.c
+@@ -1368,7 +1368,7 @@ static int pppol2tp_setsockopt(struct socket *sock, int
level, int optname,
+ int err;
+
+ if (level != SOL_PPPOL2TP)
+- return udp_prot.setsockopt(sk, level, optname, optval, optlen);
++ return -EINVAL;
+
+ if (optlen sizeof(int))
+ return -EINVAL;
+@@ -1494,7 +1494,7 @@ static int pppol2tp_getsockopt(struct socket *sock, int
level, int optname,
+ struct pppol2tp_session *ps;
+
+ if (level != SOL_PPPOL2TP)
+- return udp_prot.getsockopt(sk, level, optname, optval, optlen);
++ return -EINVAL;
+
+ if (get_user(len, optlen))
+ return -EFAULT;
diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c
index 1a3c7e0..80f8b0c 100644
--- a/net/llc/llc_proc.c
diff --git a/3.15.5/_README b/3.15.5/_README
index 6d4dc1c..6000532 100644
--- a/3.15.5/_README
+++ b/3.15.5/_README
@@ -2,7 +2,7 @@ README
-
Individual Patch Descriptions:
-
-Patch: 4420_grsecurity-3.0-3.15.5-201407151839.patch
+Patch: 4420_grsecurity-3.0-3.15.5-201407170639.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch
b/3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch
similarity index 99%
rename from 3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch
rename to 3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch
index eb81858..7a5e81c 100644
--- a/3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch
+++ b/3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch
@@ -8597,7 +8597,7 @@ index ca1cd74..6f0241a 100644
#endif
}
diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c
-index 6cff040..74ac5d1 100644
+index 6cff040..74ac5d1b 100644
--- a/arch/powerpc/kernel/module_32.c
+++ b/arch/powerpc/kernel/module_32.c
@@ -161,7 +161,7 @@ int module_frob_arch_sections(Elf32_Ehdr *hdr,
@@ -101634,6 +101634,28 @@ index 3397fe6..861fd1a 100644
}
if (inet-cmsg_flags)
ip_cmsg_recv(msg, skb);
+diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
+index 950909f..13752d9 100644
+--- a/net/l2tp/l2tp_ppp.c
b/net/l2tp/l2tp_ppp.c
+@@ -1365,7 +1365,7 @@ static int pppol2tp_setsockopt(struct socket *sock, int
level, int optname,
+ int err;
+
+
[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 1f3bf0fa8962be00664083ddf6088ef409932c04
Author: Anthony G. Basile blueness AT gentoo DOT org
AuthorDate: Wed Jul 16 12:01:09 2014 +
Commit: Anthony G. Basile blueness AT gentoo DOT org
CommitDate: Wed Jul 16 12:01:09 2014 +
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=1f3bf0fa
Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407151839
---
3.14.12/_README| 2 +-
...4420_grsecurity-3.0-3.14.12-201407151838.patch} | 73 ++
3.15.5/_README | 2 +-
... 4420_grsecurity-3.0-3.15.5-201407151839.patch} | 73 ++
3.2.61/_README | 2 +-
... 4420_grsecurity-3.0-3.2.61-201407151835.patch} | 73 ++
6 files changed, 222 insertions(+), 3 deletions(-)
diff --git a/3.14.12/_README b/3.14.12/_README
index f32e676..6360d1d 100644
--- a/3.14.12/_README
+++ b/3.14.12/_README
@@ -2,7 +2,7 @@ README
-
Individual Patch Descriptions:
-
-Patch: 4420_grsecurity-3.0-3.14.12-201407142243.patch
+Patch: 4420_grsecurity-3.0-3.14.12-201407151838.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
b/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
similarity index 99%
rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
index bf2b106..a8bccce 100644
--- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
+++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch
@@ -45265,6 +45265,79 @@ index a1c641e..3007da9 100644
static int dib7070_set_param_override(struct dvb_frontend *fe)
{
+diff --git a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
+index 733a7ff..f8b52e3 100644
+--- a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
+@@ -35,42 +35,57 @@ static int usb_cypress_writemem(struct usb_device
*udev,u16 addr,u8 *data, u8 le
+
+ int usb_cypress_load_firmware(struct usb_device *udev, const struct firmware
*fw, int type)
+ {
+- struct hexline hx;
+- u8 reset;
++ struct hexline *hx;
++ u8 *reset;
+ int ret,pos=0;
+
++ reset = kmalloc(1, GFP_KERNEL);
++ if (reset == NULL)
++ return -ENOMEM;
++
++ hx = kmalloc(sizeof(struct hexline), GFP_KERNEL);
++ if (hx == NULL) {
++ kfree(reset);
++ return -ENOMEM;
++ }
++
+ /* stop the CPU */
+- reset = 1;
+- if ((ret =
usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1)) != 1)
++ reset[0] = 1;
++ if ((ret =
usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1)) != 1)
+ err(could not stop the USB controller CPU.);
+
+- while ((ret = dvb_usb_get_hexline(fw,hx,pos)) 0) {
+- deb_fw(writing to address 0x%04x (buffer: 0x%02x
%02x)\n,hx.addr,hx.len,hx.chk);
+- ret = usb_cypress_writemem(udev,hx.addr,hx.data,hx.len);
++ while ((ret = dvb_usb_get_hexline(fw,hx,pos)) 0) {
++ deb_fw(writing to address 0x%04x (buffer: 0x%02x
%02x)\n,hx-addr,hx-len,hx-chk);
++ ret = usb_cypress_writemem(udev,hx-addr,hx-data,hx-len);
+
+- if (ret != hx.len) {
++ if (ret != hx-len) {
+ err(error while transferring firmware
+ (transferred size: %d, block size: %d),
+- ret,hx.len);
++ ret,hx-len);
+ ret = -EINVAL;
+ break;
+ }
+ }
+ if (ret 0) {
+ err(firmware download failed at %d with %d,pos,ret);
++ kfree(reset);
++ kfree(hx);
+ return ret;
+ }
+
+ if (ret == 0) {
+ /* restart the CPU */
+- reset = 0;
+- if (ret ||
usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1) != 1) {
++ reset[0] = 0;
++ if (ret ||
usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1) != 1) {
+ err(could not restart the USB controller CPU.);
+ ret = -EINVAL;
+ }
+ } else
+ ret = -EIO;
+
++ kfree(reset);
++ kfree(hx);
++
+ return ret;
+ }
+ EXPORT_SYMBOL(usb_cypress_load_firmware);
diff --git a/drivers/media/usb/dvb-usb/dw2102.c
b/drivers/media/usb/dvb-usb/dw2102.c
index ae0f56a..ec71784 100644
--- a/drivers/media/usb/dvb-usb/dw2102.c
diff --git a/3.15.5/_README
[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 31d2e9dad6475db7495158a948214b524d774843
Author: Anthony G. Basile blueness AT gentoo DOT org
AuthorDate: Tue Jul 15 10:41:42 2014 +
Commit: Anthony G. Basile blueness AT gentoo DOT org
CommitDate: Tue Jul 15 10:41:42 2014 +
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=31d2e9da
Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407142248
---
3.14.12/_README| 2 +-
...4420_grsecurity-3.0-3.14.12-201407142243.patch} | 262 +-
3.15.5/_README | 2 +-
... 4420_grsecurity-3.0-3.15.5-201407142248.patch} | 394 -
3.2.61/_README | 2 +-
... 4420_grsecurity-3.0-3.2.61-201407132023.patch} | 86 -
6 files changed, 711 insertions(+), 37 deletions(-)
diff --git a/3.14.12/_README b/3.14.12/_README
index f71dcad..f32e676 100644
--- a/3.14.12/_README
+++ b/3.14.12/_README
@@ -2,7 +2,7 @@ README
-
Individual Patch Descriptions:
-
-Patch: 4420_grsecurity-3.0-3.14.12-201407100035.patch
+Patch: 4420_grsecurity-3.0-3.14.12-201407142243.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch
b/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
similarity index 99%
rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch
rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
index 3a245d4..bf2b106 100644
--- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch
+++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch
@@ -45278,6 +45278,212 @@ index ae0f56a..ec71784 100644
/* debug */
static int dvb_usb_dw2102_debug;
+diff --git a/drivers/media/usb/dvb-usb/technisat-usb2.c
b/drivers/media/usb/dvb-usb/technisat-usb2.c
+index 98d24ae..bc22415 100644
+--- a/drivers/media/usb/dvb-usb/technisat-usb2.c
b/drivers/media/usb/dvb-usb/technisat-usb2.c
+@@ -87,8 +87,11 @@ struct technisat_usb2_state {
+ static int technisat_usb2_i2c_access(struct usb_device *udev,
+ u8 device_addr, u8 *tx, u8 txlen, u8 *rx, u8 rxlen)
+ {
+- u8 b[64];
+- int ret, actual_length;
++ u8 *b = kmalloc(64, GFP_KERNEL);
++ int ret, actual_length, error = 0;
++
++ if (b == NULL)
++ return -ENOMEM;
+
+ deb_i2c(i2c-access: %02x, tx: , device_addr);
+ debug_dump(tx, txlen, deb_i2c);
+@@ -121,7 +124,8 @@ static int technisat_usb2_i2c_access(struct usb_device
*udev,
+
+ if (ret 0) {
+ err(i2c-error: out failed %02x = %d, device_addr, ret);
+- return -ENODEV;
++ error = -ENODEV;
++ goto out;
+ }
+
+ ret = usb_bulk_msg(udev,
+@@ -129,7 +133,8 @@ static int technisat_usb2_i2c_access(struct usb_device
*udev,
+ b, 64, actual_length, 1000);
+ if (ret 0) {
+ err(i2c-error: in failed %02x = %d, device_addr, ret);
+- return -ENODEV;
++ error = -ENODEV;
++ goto out;
+ }
+
+ if (b[0] != I2C_STATUS_OK) {
+@@ -137,8 +142,10 @@ static int technisat_usb2_i2c_access(struct usb_device
*udev,
+ /* handle tuner-i2c-nak */
+ if (!(b[0] == I2C_STATUS_NAK
+ device_addr == 0x60
+- /* device_is_technisat_usb2 */))
+- return -ENODEV;
++ /* device_is_technisat_usb2 */)) {
++ error = -ENODEV;
++ goto out;
++ }
+ }
+
+ deb_i2c(status: %d, , b[0]);
+@@ -152,7 +159,9 @@ static int technisat_usb2_i2c_access(struct usb_device
*udev,
+
+ deb_i2c(\n);
+
+- return 0;
++out:
++ kfree(b);
++ return error;
+ }
+
+ static int technisat_usb2_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg
*msg,
+@@ -224,14 +233,16 @@ static int technisat_usb2_set_led(struct dvb_usb_device
*d, int red, enum techni
+ {
+ int ret;
+
+- u8 led[8] = {
+- red ? SET_RED_LED_VENDOR_REQUEST : SET_GREEN_LED_VENDOR_REQUEST,
+- 0
+- };
++ u8 *led = kzalloc(8, GFP_KERNEL);
++
++ if (led == NULL)
++ return -ENOMEM;
+
+ if (disable_led_control state != LED_OFF)
+ return 0;
+
++ led[0] = red ? SET_RED_LED_VENDOR_REQUEST :
SET_GREEN_LED_VENDOR_REQUEST;
++
+ switch (state) {
+ case LED_ON:
+ led[1] = 0x82;
+@@ -263,16 +274,22 @@ static int technisat_usb2_set_led(struct dvb_usb_device
*d, int red, enum techni
+ red ? SET_RED_LED_VENDOR_REQUEST : SET_GREEN_LED_VENDOR_REQUEST,
+ USB_TYPE_VENDOR
