[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 6fdbf3dcaebc451852e209c343f97b4c4f07b570 Author: Anthony G. Basile blueness AT gentoo DOT org AuthorDate: Fri Jul 18 10:44:41 2014 + Commit: Anthony G. Basile blueness AT gentoo DOT org CommitDate: Fri Jul 18 10:44:41 2014 + URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=6fdbf3dc Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407170639 --- 3.14.12/_README| 2 +- ...4420_grsecurity-3.0-3.14.12-201407170638.patch} | 24 +++- 3.15.5/_README | 2 +- ... 4420_grsecurity-3.0-3.15.5-201407170639.patch} | 24 +++- 3.2.61/_README | 2 +- ... 4420_grsecurity-3.0-3.2.61-201407170636.patch} | 26 -- 6 files changed, 73 insertions(+), 7 deletions(-) diff --git a/3.14.12/_README b/3.14.12/_README index 6360d1d..857c6a1 100644 --- a/3.14.12/_README +++ b/3.14.12/_README @@ -2,7 +2,7 @@ README - Individual Patch Descriptions: - -Patch: 4420_grsecurity-3.0-3.14.12-201407151838.patch +Patch: 4420_grsecurity-3.0-3.14.12-201407170638.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch b/3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch similarity index 99% rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch index a8bccce..02636ed 100644 --- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch +++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407170638.patch @@ -8567,7 +8567,7 @@ index 1d0848b..d74685f 100644 #endif } diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c -index 6cff040..74ac5d1 100644 +index 6cff040..74ac5d1b 100644 --- a/arch/powerpc/kernel/module_32.c +++ b/arch/powerpc/kernel/module_32.c @@ -161,7 +161,7 @@ int module_frob_arch_sections(Elf32_Ehdr *hdr, @@ -101749,6 +101749,28 @@ index 7932697..a13d158 100644 } while (!res); return res; } +diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +index ec66063..1e05bbd 100644 +--- a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +@@ -1368,7 +1368,7 @@ static int pppol2tp_setsockopt(struct socket *sock, int level, int optname, + int err; + + if (level != SOL_PPPOL2TP) +- return udp_prot.setsockopt(sk, level, optname, optval, optlen); ++ return -EINVAL; + + if (optlen sizeof(int)) + return -EINVAL; +@@ -1494,7 +1494,7 @@ static int pppol2tp_getsockopt(struct socket *sock, int level, int optname, + struct pppol2tp_session *ps; + + if (level != SOL_PPPOL2TP) +- return udp_prot.getsockopt(sk, level, optname, optval, optlen); ++ return -EINVAL; + + if (get_user(len, optlen)) + return -EFAULT; diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c index 1a3c7e0..80f8b0c 100644 --- a/net/llc/llc_proc.c diff --git a/3.15.5/_README b/3.15.5/_README index 6d4dc1c..6000532 100644 --- a/3.15.5/_README +++ b/3.15.5/_README @@ -2,7 +2,7 @@ README - Individual Patch Descriptions: - -Patch: 4420_grsecurity-3.0-3.15.5-201407151839.patch +Patch: 4420_grsecurity-3.0-3.15.5-201407170639.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch b/3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch similarity index 99% rename from 3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch rename to 3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch index eb81858..7a5e81c 100644 --- a/3.15.5/4420_grsecurity-3.0-3.15.5-201407151839.patch +++ b/3.15.5/4420_grsecurity-3.0-3.15.5-201407170639.patch @@ -8597,7 +8597,7 @@ index ca1cd74..6f0241a 100644 #endif } diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c -index 6cff040..74ac5d1 100644 +index 6cff040..74ac5d1b 100644 --- a/arch/powerpc/kernel/module_32.c +++ b/arch/powerpc/kernel/module_32.c @@ -161,7 +161,7 @@ int module_frob_arch_sections(Elf32_Ehdr *hdr, @@ -101634,6 +101634,28 @@ index 3397fe6..861fd1a 100644 } if (inet-cmsg_flags) ip_cmsg_recv(msg, skb); +diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +index 950909f..13752d9 100644 +--- a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c +@@ -1365,7 +1365,7 @@ static int pppol2tp_setsockopt(struct socket *sock, int level, int optname, + int err; + +
[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 1f3bf0fa8962be00664083ddf6088ef409932c04 Author: Anthony G. Basile blueness AT gentoo DOT org AuthorDate: Wed Jul 16 12:01:09 2014 + Commit: Anthony G. Basile blueness AT gentoo DOT org CommitDate: Wed Jul 16 12:01:09 2014 + URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=1f3bf0fa Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407151839 --- 3.14.12/_README| 2 +- ...4420_grsecurity-3.0-3.14.12-201407151838.patch} | 73 ++ 3.15.5/_README | 2 +- ... 4420_grsecurity-3.0-3.15.5-201407151839.patch} | 73 ++ 3.2.61/_README | 2 +- ... 4420_grsecurity-3.0-3.2.61-201407151835.patch} | 73 ++ 6 files changed, 222 insertions(+), 3 deletions(-) diff --git a/3.14.12/_README b/3.14.12/_README index f32e676..6360d1d 100644 --- a/3.14.12/_README +++ b/3.14.12/_README @@ -2,7 +2,7 @@ README - Individual Patch Descriptions: - -Patch: 4420_grsecurity-3.0-3.14.12-201407142243.patch +Patch: 4420_grsecurity-3.0-3.14.12-201407151838.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch b/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch similarity index 99% rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch index bf2b106..a8bccce 100644 --- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch +++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407151838.patch @@ -45265,6 +45265,79 @@ index a1c641e..3007da9 100644 static int dib7070_set_param_override(struct dvb_frontend *fe) { +diff --git a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c +index 733a7ff..f8b52e3 100644 +--- a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c +@@ -35,42 +35,57 @@ static int usb_cypress_writemem(struct usb_device *udev,u16 addr,u8 *data, u8 le + + int usb_cypress_load_firmware(struct usb_device *udev, const struct firmware *fw, int type) + { +- struct hexline hx; +- u8 reset; ++ struct hexline *hx; ++ u8 *reset; + int ret,pos=0; + ++ reset = kmalloc(1, GFP_KERNEL); ++ if (reset == NULL) ++ return -ENOMEM; ++ ++ hx = kmalloc(sizeof(struct hexline), GFP_KERNEL); ++ if (hx == NULL) { ++ kfree(reset); ++ return -ENOMEM; ++ } ++ + /* stop the CPU */ +- reset = 1; +- if ((ret = usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1)) != 1) ++ reset[0] = 1; ++ if ((ret = usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1)) != 1) + err(could not stop the USB controller CPU.); + +- while ((ret = dvb_usb_get_hexline(fw,hx,pos)) 0) { +- deb_fw(writing to address 0x%04x (buffer: 0x%02x %02x)\n,hx.addr,hx.len,hx.chk); +- ret = usb_cypress_writemem(udev,hx.addr,hx.data,hx.len); ++ while ((ret = dvb_usb_get_hexline(fw,hx,pos)) 0) { ++ deb_fw(writing to address 0x%04x (buffer: 0x%02x %02x)\n,hx-addr,hx-len,hx-chk); ++ ret = usb_cypress_writemem(udev,hx-addr,hx-data,hx-len); + +- if (ret != hx.len) { ++ if (ret != hx-len) { + err(error while transferring firmware + (transferred size: %d, block size: %d), +- ret,hx.len); ++ ret,hx-len); + ret = -EINVAL; + break; + } + } + if (ret 0) { + err(firmware download failed at %d with %d,pos,ret); ++ kfree(reset); ++ kfree(hx); + return ret; + } + + if (ret == 0) { + /* restart the CPU */ +- reset = 0; +- if (ret || usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1) != 1) { ++ reset[0] = 0; ++ if (ret || usb_cypress_writemem(udev,cypress[type].cpu_cs_register,reset,1) != 1) { + err(could not restart the USB controller CPU.); + ret = -EINVAL; + } + } else + ret = -EIO; + ++ kfree(reset); ++ kfree(hx); ++ + return ret; + } + EXPORT_SYMBOL(usb_cypress_load_firmware); diff --git a/drivers/media/usb/dvb-usb/dw2102.c b/drivers/media/usb/dvb-usb/dw2102.c index ae0f56a..ec71784 100644 --- a/drivers/media/usb/dvb-usb/dw2102.c diff --git a/3.15.5/_README
[gentoo-commits] proj/hardened-patchset:master commit in: 3.15.5/, 3.14.12/, 3.2.61/
commit: 31d2e9dad6475db7495158a948214b524d774843 Author: Anthony G. Basile blueness AT gentoo DOT org AuthorDate: Tue Jul 15 10:41:42 2014 + Commit: Anthony G. Basile blueness AT gentoo DOT org CommitDate: Tue Jul 15 10:41:42 2014 + URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=31d2e9da Grsec/PaX: 3.0-{3.2.60,3.14.12,3.15.5}-201407142248 --- 3.14.12/_README| 2 +- ...4420_grsecurity-3.0-3.14.12-201407142243.patch} | 262 +- 3.15.5/_README | 2 +- ... 4420_grsecurity-3.0-3.15.5-201407142248.patch} | 394 - 3.2.61/_README | 2 +- ... 4420_grsecurity-3.0-3.2.61-201407132023.patch} | 86 - 6 files changed, 711 insertions(+), 37 deletions(-) diff --git a/3.14.12/_README b/3.14.12/_README index f71dcad..f32e676 100644 --- a/3.14.12/_README +++ b/3.14.12/_README @@ -2,7 +2,7 @@ README - Individual Patch Descriptions: - -Patch: 4420_grsecurity-3.0-3.14.12-201407100035.patch +Patch: 4420_grsecurity-3.0-3.14.12-201407142243.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch b/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch similarity index 99% rename from 3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch rename to 3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch index 3a245d4..bf2b106 100644 --- a/3.14.12/4420_grsecurity-3.0-3.14.12-201407100035.patch +++ b/3.14.12/4420_grsecurity-3.0-3.14.12-201407142243.patch @@ -45278,6 +45278,212 @@ index ae0f56a..ec71784 100644 /* debug */ static int dvb_usb_dw2102_debug; +diff --git a/drivers/media/usb/dvb-usb/technisat-usb2.c b/drivers/media/usb/dvb-usb/technisat-usb2.c +index 98d24ae..bc22415 100644 +--- a/drivers/media/usb/dvb-usb/technisat-usb2.c b/drivers/media/usb/dvb-usb/technisat-usb2.c +@@ -87,8 +87,11 @@ struct technisat_usb2_state { + static int technisat_usb2_i2c_access(struct usb_device *udev, + u8 device_addr, u8 *tx, u8 txlen, u8 *rx, u8 rxlen) + { +- u8 b[64]; +- int ret, actual_length; ++ u8 *b = kmalloc(64, GFP_KERNEL); ++ int ret, actual_length, error = 0; ++ ++ if (b == NULL) ++ return -ENOMEM; + + deb_i2c(i2c-access: %02x, tx: , device_addr); + debug_dump(tx, txlen, deb_i2c); +@@ -121,7 +124,8 @@ static int technisat_usb2_i2c_access(struct usb_device *udev, + + if (ret 0) { + err(i2c-error: out failed %02x = %d, device_addr, ret); +- return -ENODEV; ++ error = -ENODEV; ++ goto out; + } + + ret = usb_bulk_msg(udev, +@@ -129,7 +133,8 @@ static int technisat_usb2_i2c_access(struct usb_device *udev, + b, 64, actual_length, 1000); + if (ret 0) { + err(i2c-error: in failed %02x = %d, device_addr, ret); +- return -ENODEV; ++ error = -ENODEV; ++ goto out; + } + + if (b[0] != I2C_STATUS_OK) { +@@ -137,8 +142,10 @@ static int technisat_usb2_i2c_access(struct usb_device *udev, + /* handle tuner-i2c-nak */ + if (!(b[0] == I2C_STATUS_NAK + device_addr == 0x60 +- /* device_is_technisat_usb2 */)) +- return -ENODEV; ++ /* device_is_technisat_usb2 */)) { ++ error = -ENODEV; ++ goto out; ++ } + } + + deb_i2c(status: %d, , b[0]); +@@ -152,7 +159,9 @@ static int technisat_usb2_i2c_access(struct usb_device *udev, + + deb_i2c(\n); + +- return 0; ++out: ++ kfree(b); ++ return error; + } + + static int technisat_usb2_i2c_xfer(struct i2c_adapter *adap, struct i2c_msg *msg, +@@ -224,14 +233,16 @@ static int technisat_usb2_set_led(struct dvb_usb_device *d, int red, enum techni + { + int ret; + +- u8 led[8] = { +- red ? SET_RED_LED_VENDOR_REQUEST : SET_GREEN_LED_VENDOR_REQUEST, +- 0 +- }; ++ u8 *led = kzalloc(8, GFP_KERNEL); ++ ++ if (led == NULL) ++ return -ENOMEM; + + if (disable_led_control state != LED_OFF) + return 0; + ++ led[0] = red ? SET_RED_LED_VENDOR_REQUEST : SET_GREEN_LED_VENDOR_REQUEST; ++ + switch (state) { + case LED_ON: + led[1] = 0x82; +@@ -263,16 +274,22 @@ static int technisat_usb2_set_led(struct dvb_usb_device *d, int red, enum techni + red ? SET_RED_LED_VENDOR_REQUEST : SET_GREEN_LED_VENDOR_REQUEST, + USB_TYPE_VENDOR