SOURCES (Titanium): kernel-desktop-grsec-minimal.patch - fixes

shadzik Sun, 29 Mar 2009 14:45:06 -0700

Author: shadzik                      Date: Sun Mar 29 21:44:48 2009 GMT
Module: SOURCES                       Tag: Titanium
---- Log message:
- fixes


---- Files affected:
SOURCES:
   kernel-desktop-grsec-minimal.patch (1.8.4.2 -> 1.8.4.3) 

---- Diffs:

================================================================
Index: SOURCES/kernel-desktop-grsec-minimal.patch
diff -u SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2 
SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.3
--- SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2  Sun Mar 29 23:16:36 2009
+++ SOURCES/kernel-desktop-grsec-minimal.patch  Sun Mar 29 23:44:42 2009
@@ -1,6 +1,6 @@
-diff -Nru linux-2.6.29/arch/sparc/Makefile 
linux-2.6.29-grsec/arch/sparc/Makefile
---- linux-2.6.29/arch/sparc/Makefile   2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/arch/sparc/Makefile     2009-03-29 22:55:48.646121675 
+0200
+diff -Nru linux-2.6.29-orig/arch/sparc/Makefile 
linux-2.6.29/arch/sparc/Makefile
+--- linux-2.6.29-orig/arch/sparc/Makefile      2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/arch/sparc/Makefile   2009-03-29 23:34:04.446725642 +0200
 @@ -72,6 +72,7 @@
  
  core-y                 += arch/sparc/kernel/
@@ -9,9 +9,9 @@
  
  libs-y                 += arch/sparc/prom/
  libs-y                 += arch/sparc/lib/
-diff -Nru linux-2.6.29/drivers/char/keyboard.c 
linux-2.6.29-grsec/drivers/char/keyboard.c
---- linux-2.6.29/drivers/char/keyboard.c       2009-03-24 00:12:14.000000000 
+0100
-+++ linux-2.6.29-grsec/drivers/char/keyboard.c 2009-03-29 22:55:48.612631221 
+0200
+diff -Nru linux-2.6.29-orig/drivers/char/keyboard.c 
linux-2.6.29/drivers/char/keyboard.c
+--- linux-2.6.29-orig/drivers/char/keyboard.c  2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/drivers/char/keyboard.c       2009-03-29 23:34:04.446725642 
+0200
 @@ -635,6 +635,16 @@
             kbd->kbdmode == VC_MEDIUMRAW) &&
             value != KVAL(K_SAK))
@@ -29,9 +29,9 @@
        fn_handler[value](vc);
  }
  
-diff -Nru linux-2.6.29/drivers/pci/proc.c linux-2.6.29-grsec/drivers/pci/proc.c
---- linux-2.6.29/drivers/pci/proc.c    2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/drivers/pci/proc.c      2009-03-29 22:55:48.612631221 
+0200
+diff -Nru linux-2.6.29-orig/drivers/pci/proc.c linux-2.6.29/drivers/pci/proc.c
+--- linux-2.6.29-orig/drivers/pci/proc.c       2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/drivers/pci/proc.c    2009-03-29 23:34:04.446725642 +0200
 @@ -480,7 +480,16 @@
  static int __init pci_proc_init(void)
  {
@@ -49,9 +49,9 @@
        proc_create("devices", 0, proc_bus_pci_dir,
                    &proc_bus_pci_dev_operations);
        proc_initialized = 1;
-diff -Nru linux-2.6.29/fs/namei.c linux-2.6.29-grsec/fs/namei.c
---- linux-2.6.29/fs/namei.c    2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/namei.c      2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/fs/namei.c linux-2.6.29/fs/namei.c
+--- linux-2.6.29-orig/fs/namei.c       2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/namei.c    2009-03-29 23:34:04.450058682 +0200
 @@ -32,6 +32,7 @@
  #include <linux/fcntl.h>
  #include <linux/device_cgroup.h>
@@ -115,9 +115,9 @@
        error = mnt_want_write(nd.path.mnt);
        if (error)
                goto out_dput;
-diff -Nru linux-2.6.29/fs/proc/array.c linux-2.6.29-grsec/fs/proc/array.c
---- linux-2.6.29/fs/proc/array.c       2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/array.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/array.c linux-2.6.29/fs/proc/array.c
+--- linux-2.6.29-orig/fs/proc/array.c  2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/array.c       2009-03-29 23:34:04.450058682 +0200
 @@ -529,3 +529,10 @@
  
        return 0;
@@ -129,9 +129,9 @@
 +      return sprintf(buffer, "%u.%u.%u.%u\n", NIPQUAD(task->signal->curr_ip));
 +}
 +#endif
-diff -Nru linux-2.6.29/fs/proc/base.c linux-2.6.29-grsec/fs/proc/base.c
---- linux-2.6.29/fs/proc/base.c        2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/base.c  2009-03-29 23:02:57.774010127 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/base.c linux-2.6.29/fs/proc/base.c
+--- linux-2.6.29-orig/fs/proc/base.c   2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/base.c        2009-03-29 23:42:59.660794909 +0200
 @@ -80,6 +80,7 @@
  #include <linux/oom.h>
  #include <linux/elf.h>
@@ -150,11 +150,13 @@
  
        generic_fillattr(inode, stat);
  
-@@ -1481,11 +1485,27 @@
+@@ -1480,12 +1484,29 @@
+       stat->uid = 0;
        stat->gid = 0;
        task = pid_task(proc_pid(inode), PIDTYPE_PID);
-       if (task) {
-+              cred = __task_cred(task);
+-      if (task) {
++      cred = __task_cred(task);
++      if (task
 +#if defined(CONFIG_GRKERNSEC_PROC_USER) || 
defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
 +              && (!tmp->uid || (tmp->uid == cred->uid)
 +#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
@@ -162,6 +164,7 @@
 +#endif
 +              )
 +#endif
++         ) {
                if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
 +#ifdef CONFIG_GRKERNSEC_PROC_USER
 +              (inode->i_mode == (S_IFDIR|S_IRUSR|S_IXUSR)) ||
@@ -179,7 +182,7 @@
                }
        }
        rcu_read_unlock();
-@@ -1517,11 +1537,20 @@
+@@ -1517,11 +1538,20 @@
  
        if (task) {
                if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
@@ -200,7 +203,7 @@
                        rcu_read_unlock();
                } else {
                        inode->i_uid = 0;
-@@ -1894,12 +1923,19 @@
+@@ -1894,12 +1924,19 @@
  static int proc_fd_permission(struct inode *inode, int mask)
  {
        int rv;
@@ -222,7 +225,7 @@
        return rv;
  }
  
-@@ -2685,7 +2721,14 @@
+@@ -2685,7 +2722,14 @@
        if (!inode)
                goto out;
  
@@ -237,7 +240,7 @@
        inode->i_op = &proc_tgid_base_inode_operations;
        inode->i_fop = &proc_tgid_base_operations;
        inode->i_flags|=S_IMMUTABLE;
-@@ -2792,6 +2835,10 @@
+@@ -2792,6 +2836,10 @@
  {
        unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY;
        struct task_struct *reaper = 
get_proc_task(filp->f_path.dentry->d_inode);
@@ -248,40 +251,38 @@
        struct tgid_iter iter;
        struct pid_namespace *ns;
  
-@@ -2810,6 +2857,20 @@
+@@ -2810,6 +2858,18 @@
        for (iter = next_tgid(ns, iter);
             iter.task;
             iter.tgid += 1, iter = next_tgid(ns, iter)) {
 +#if defined(CONFIG_GRKERNSEC_PROC_USER) || 
defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
 +      itercred = __task_cred(iter.task);
 +#endif
-+      if (gr_pid_is_chrooted(iter.task) || gr_check_hidden_task(iter.task)
-+                      #if defined(CONFIG_GRKERNSEC_PROC_USER) || 
defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+                      || (tmp->uid && (itercred->uid != tmp->uid)
-+                              #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+                              && !in_group_p(CONFIG_GRKERNSEC_PROC_GID)
-+                              #endif
-+                              )
++#if defined(CONFIG_GRKERNSEC_PROC_USER) || 
defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
++      if (tmp->uid && (itercred->uid != tmp->uid)
++                      #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
++                      && !in_group_p(CONFIG_GRKERNSEC_PROC_GID)
++                      #endif
++      )
 +#endif
-+                      )
 +              continue;
 +
                filp->f_pos = iter.tgid + TGID_OFFSET;
                if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) {
                        put_task_struct(iter.task);
-@@ -2891,6 +2952,9 @@
+@@ -2891,6 +2951,9 @@
  #ifdef CONFIG_TASK_IO_ACCOUNTING
        INF("io",       S_IRUGO, proc_tid_io_accounting),
  #endif
 +#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+      INF("ipaddr",     S_IRUSR, pid_ipaddr),
++      INF("ipaddr",     S_IRUSR, proc_pid_ipaddr),
 +#endif
  };
  
  static int proc_tid_base_readdir(struct file * filp,
-diff -Nru linux-2.6.29/fs/proc/cmdline.c linux-2.6.29-grsec/fs/proc/cmdline.c
---- linux-2.6.29/fs/proc/cmdline.c     2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/cmdline.c       2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/fs/proc/cmdline.c linux-2.6.29/fs/proc/cmdline.c
+--- linux-2.6.29-orig/fs/proc/cmdline.c        2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/fs/proc/cmdline.c     2009-03-29 23:34:04.452349599 +0200
 @@ -23,7 +23,15 @@
  
  static int __init proc_cmdline_init(void)
@@ -299,9 +300,9 @@
        return 0;
  }
  module_init(proc_cmdline_init);
-diff -Nru linux-2.6.29/fs/proc/devices.c linux-2.6.29-grsec/fs/proc/devices.c
---- linux-2.6.29/fs/proc/devices.c     2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/devices.c       2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/fs/proc/devices.c linux-2.6.29/fs/proc/devices.c
+--- linux-2.6.29-orig/fs/proc/devices.c        2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/fs/proc/devices.c     2009-03-29 23:34:04.452349599 +0200
 @@ -64,7 +64,13 @@
  
  static int __init proc_devices_init(void)
@@ -317,9 +318,9 @@
        return 0;
  }
  module_init(proc_devices_init);
-diff -Nru linux-2.6.29/fs/proc/inode.c linux-2.6.29-grsec/fs/proc/inode.c
---- linux-2.6.29/fs/proc/inode.c       2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/inode.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/inode.c linux-2.6.29/fs/proc/inode.c
+--- linux-2.6.29-orig/fs/proc/inode.c  2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/inode.c       2009-03-29 23:34:04.452349599 +0200
 @@ -463,7 +463,11 @@
                if (de->mode) {
                        inode->i_mode = de->mode;
@@ -332,9 +333,9 @@
                }
                if (de->size)
                        inode->i_size = de->size;
-diff -Nru linux-2.6.29/fs/proc/internal.h linux-2.6.29-grsec/fs/proc/internal.h
---- linux-2.6.29/fs/proc/internal.h    2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/internal.h      2009-03-29 22:55:48.649464378 
+0200
+diff -Nru linux-2.6.29-orig/fs/proc/internal.h linux-2.6.29/fs/proc/internal.h
+--- linux-2.6.29-orig/fs/proc/internal.h       2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/fs/proc/internal.h    2009-03-29 23:34:04.452349599 +0200
 @@ -51,6 +51,9 @@
                                struct pid *pid, struct task_struct *task);
  extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
@@ -345,9 +346,9 @@
  extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
  
  extern const struct file_operations proc_maps_operations;
-diff -Nru linux-2.6.29/fs/proc/Kconfig linux-2.6.29-grsec/fs/proc/Kconfig
---- linux-2.6.29/fs/proc/Kconfig       2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/Kconfig 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/Kconfig linux-2.6.29/fs/proc/Kconfig
+--- linux-2.6.29-orig/fs/proc/Kconfig  2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/Kconfig       2009-03-29 23:34:04.452349599 +0200
 @@ -30,12 +30,12 @@
  
  config PROC_KCORE
@@ -364,9 +365,9 @@
          help
          Exports the dump image of crashed kernel in ELF format.
  
-diff -Nru linux-2.6.29/fs/proc/kcore.c linux-2.6.29-grsec/fs/proc/kcore.c
---- linux-2.6.29/fs/proc/kcore.c       2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/kcore.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/kcore.c linux-2.6.29/fs/proc/kcore.c
+--- linux-2.6.29-orig/fs/proc/kcore.c  2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/kcore.c       2009-03-29 23:34:04.452349599 +0200
 @@ -404,10 +404,12 @@
  
  static int __init proc_kcore_init(void)
@@ -380,9 +381,9 @@
        return 0;
  }
  module_init(proc_kcore_init);
-diff -Nru linux-2.6.29/fs/proc/root.c linux-2.6.29-grsec/fs/proc/root.c
---- linux-2.6.29/fs/proc/root.c        2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/root.c  2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/root.c linux-2.6.29/fs/proc/root.c
+--- linux-2.6.29-orig/fs/proc/root.c   2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/root.c        2009-03-29 23:34:04.452349599 +0200
 @@ -134,7 +134,15 @@
  #ifdef CONFIG_PROC_DEVICETREE
        proc_device_tree_init();
@@ -399,9 +400,9 @@
        proc_sys_init();
  }
  
-diff -Nru linux-2.6.29/grsecurity/grsec_disabled.c 
linux-2.6.29-grsec/grsecurity/grsec_disabled.c
---- linux-2.6.29/grsecurity/grsec_disabled.c   1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_disabled.c     2009-03-29 
22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_disabled.c 
linux-2.6.29/grsecurity/grsec_disabled.c
+--- linux-2.6.29-orig/grsecurity/grsec_disabled.c      1970-01-01 
01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_disabled.c   2009-03-29 23:34:04.452349599 
+0200
 @@ -0,0 +1,6 @@
 +void
 +grsecurity_init(void)
@@ -409,9 +410,9 @@
 +      return;
 +}
 +
-diff -Nru linux-2.6.29/grsecurity/grsec_fifo.c 
linux-2.6.29-grsec/grsecurity/grsec_fifo.c
---- linux-2.6.29/grsecurity/grsec_fifo.c       1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_fifo.c 2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_fifo.c 
linux-2.6.29/grsecurity/grsec_fifo.c
+--- linux-2.6.29-orig/grsecurity/grsec_fifo.c  1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/grsec_fifo.c       2009-03-29 23:34:04.452349599 
+0200
 @@ -0,0 +1,21 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
@@ -434,9 +435,9 @@
 +#endif
 +      return 0;
 +}
-diff -Nru linux-2.6.29/grsecurity/grsec_init.c 
linux-2.6.29-grsec/grsecurity/grsec_init.c
---- linux-2.6.29/grsecurity/grsec_init.c       1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_init.c 2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_init.c 
linux-2.6.29/grsecurity/grsec_init.c
+--- linux-2.6.29-orig/grsecurity/grsec_init.c  1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/grsec_init.c       2009-03-29 23:34:04.452349599 
+0200
 @@ -0,0 +1,29 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
@@ -467,9 +468,9 @@
 +
 +      return;
 +}
-diff -Nru linux-2.6.29/grsecurity/grsec_link.c 
linux-2.6.29-grsec/grsecurity/grsec_link.c
---- linux-2.6.29/grsecurity/grsec_link.c       1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_link.c 2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_link.c 
linux-2.6.29/grsecurity/grsec_link.c
+--- linux-2.6.29-orig/grsecurity/grsec_link.c  1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/grsec_link.c       2009-03-29 23:34:04.456724414 
+0200
 @@ -0,0 +1,39 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
@@ -510,9 +511,9 @@
 +#endif
 +      return 0;
 +}
-diff -Nru linux-2.6.29/grsecurity/grsec_sock.c 
linux-2.6.29-grsec/grsecurity/grsec_sock.c
---- linux-2.6.29/grsecurity/grsec_sock.c       1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_sock.c 2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_sock.c 
linux-2.6.29/grsecurity/grsec_sock.c
+--- linux-2.6.29-orig/grsecurity/grsec_sock.c  1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/grsec_sock.c       2009-03-29 23:34:04.456724414 
+0200
 @@ -0,0 +1,170 @@
 +#include <linux/kernel.h>
 +#include <linux/module.h>
@@ -684,9 +685,9 @@
 +      return;
 +}
 +
-diff -Nru linux-2.6.29/grsecurity/grsec_sysctl.c 
linux-2.6.29-grsec/grsecurity/grsec_sysctl.c
---- linux-2.6.29/grsecurity/grsec_sysctl.c     1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_sysctl.c       2009-03-29 
22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_sysctl.c 
linux-2.6.29/grsecurity/grsec_sysctl.c
+--- linux-2.6.29-orig/grsecurity/grsec_sysctl.c        1970-01-01 
01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_sysctl.c     2009-03-29 23:34:04.456724414 
+0200
 @@ -0,0 +1,52 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
@@ -740,9 +741,9 @@
 +      { .ctl_name = 0 }
 +};
 +#endif
-diff -Nru linux-2.6.29/grsecurity/Kconfig linux-2.6.29-grsec/grsecurity/Kconfig
---- linux-2.6.29/grsecurity/Kconfig    1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/Kconfig      2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/Kconfig linux-2.6.29/grsecurity/Kconfig
+--- linux-2.6.29-orig/grsecurity/Kconfig       1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/Kconfig    2009-03-29 23:34:04.456724414 +0200
 @@ -0,0 +1,123 @@
 +#
 +# grecurity configuration
@@ -867,9 +868,9 @@
 +        the sysctl entries.
 +
 +endmenu
-diff -Nru linux-2.6.29/grsecurity/Makefile 
linux-2.6.29-grsec/grsecurity/Makefile
---- linux-2.6.29/grsecurity/Makefile   1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/Makefile     2009-03-29 22:55:48.616329143 
+0200
+diff -Nru linux-2.6.29-orig/grsecurity/Makefile 
linux-2.6.29/grsecurity/Makefile
+--- linux-2.6.29-orig/grsecurity/Makefile      1970-01-01 01:00:00.000000000 
+0100
++++ linux-2.6.29/grsecurity/Makefile   2009-03-29 23:34:04.456724414 +0200
 @@ -0,0 +1,11 @@
 +# All code in this directory and various hooks inserted throughout the kernel
 +# are copyright Brad Spengler, and released under the GPL v2 or higher
@@ -882,9 +883,9 @@
 +obj-y += grsec_disabled.o
 +endif
 +
-diff -Nru linux-2.6.29/include/linux/grinternal.h 
linux-2.6.29-grsec/include/linux/grinternal.h
---- linux-2.6.29/include/linux/grinternal.h    1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/include/linux/grinternal.h      2009-03-29 
22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/grinternal.h 
linux-2.6.29/include/linux/grinternal.h
+--- linux-2.6.29-orig/include/linux/grinternal.h       1970-01-01 
01:00:00.000000000 +0100
++++ linux-2.6.29/include/linux/grinternal.h    2009-03-29 23:34:04.456724414 
+0200
 @@ -0,0 +1,14 @@
 +#ifndef __GRINTERNAL_H
 +#define __GRINTERNAL_H
@@ -900,9 +901,9 @@
 +#endif
 +
 +#endif
-diff -Nru linux-2.6.29/include/linux/grsecurity.h 
linux-2.6.29-grsec/include/linux/grsecurity.h
---- linux-2.6.29/include/linux/grsecurity.h    1970-01-01 01:00:00.000000000 
+0100
-+++ linux-2.6.29-grsec/include/linux/grsecurity.h      2009-03-29 
22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/grsecurity.h 
linux-2.6.29/include/linux/grsecurity.h
+--- linux-2.6.29-orig/include/linux/grsecurity.h       1970-01-01 
01:00:00.000000000 +0100
++++ linux-2.6.29/include/linux/grsecurity.h    2009-03-29 23:34:04.456724414 
+0200
 @@ -0,0 +1,18 @@
 +#ifndef GR_SECURITY_H
 +#define GR_SECURITY_H
@@ -922,9 +923,9 @@
 +                            const int mode, const char *to);
 +
 +#endif
-diff -Nru linux-2.6.29/include/linux/sched.h 
linux-2.6.29-grsec/include/linux/sched.h
---- linux-2.6.29/include/linux/sched.h 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/include/linux/sched.h   2009-03-29 22:55:48.639297786 
+0200
+diff -Nru linux-2.6.29-orig/include/linux/sched.h 
linux-2.6.29/include/linux/sched.h
+--- linux-2.6.29-orig/include/linux/sched.h    2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/include/linux/sched.h 2009-03-29 23:34:04.456724414 +0200
 @@ -605,6 +605,15 @@
        unsigned audit_tty;
        struct tty_audit_buf *tty_audit_buf;
@@ -941,9 +942,9 @@
  };
  
  /* Context switch must be unlocked if interrupts are to be enabled */
-diff -Nru linux-2.6.29/include/linux/sysctl.h 
linux-2.6.29-grsec/include/linux/sysctl.h
---- linux-2.6.29/include/linux/sysctl.h        2009-03-24 00:12:14.000000000 
+0100
-+++ linux-2.6.29-grsec/include/linux/sysctl.h  2009-03-29 22:55:48.639297786 
+0200
+diff -Nru linux-2.6.29-orig/include/linux/sysctl.h 
linux-2.6.29/include/linux/sysctl.h
+--- linux-2.6.29-orig/include/linux/sysctl.h   2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/include/linux/sysctl.h        2009-03-29 23:34:04.459223012 
+0200
 @@ -163,8 +163,11 @@
        KERN_MAX_LOCK_DEPTH=74,
        KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */
@@ -957,9 +958,9 @@
  
  
  /* CTL_VM names: */
-diff -Nru linux-2.6.29/kernel/configs.c linux-2.6.29-grsec/kernel/configs.c
---- linux-2.6.29/kernel/configs.c      2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/configs.c        2009-03-29 22:55:48.639297786 
+0200
+diff -Nru linux-2.6.29-orig/kernel/configs.c linux-2.6.29/kernel/configs.c
+--- linux-2.6.29-orig/kernel/configs.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/configs.c      2009-03-29 23:34:04.459223012 +0200
 @@ -73,8 +73,19 @@
        struct proc_dir_entry *entry;
  
@@ -980,9 +981,9 @@
        if (!entry)
                return -ENOMEM;
  
-diff -Nru linux-2.6.29/kernel/exit.c linux-2.6.29-grsec/kernel/exit.c
---- linux-2.6.29/kernel/exit.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/exit.c   2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/exit.c linux-2.6.29/kernel/exit.c
+--- linux-2.6.29-orig/kernel/exit.c    2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/exit.c 2009-03-29 23:34:04.459223012 +0200
 @@ -48,6 +48,7 @@
  #include <linux/tracehook.h>
  #include <linux/init_task.h>
@@ -999,9 +1000,9 @@
        tsk->signal = NULL;
        tsk->sighand = NULL;
        spin_unlock(&sighand->siglock);
-diff -Nru linux-2.6.29/kernel/kallsyms.c linux-2.6.29-grsec/kernel/kallsyms.c
---- linux-2.6.29/kernel/kallsyms.c     2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/kallsyms.c       2009-03-29 22:55:48.642798453 
+0200
+diff -Nru linux-2.6.29-orig/kernel/kallsyms.c linux-2.6.29/kernel/kallsyms.c
+--- linux-2.6.29-orig/kernel/kallsyms.c        2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/kernel/kallsyms.c     2009-03-29 23:34:04.459223012 +0200
 @@ -478,7 +478,15 @@
  
  static int __init kallsyms_init(void)
@@ -1018,9 +1019,9 @@
        return 0;
  }
  __initcall(kallsyms_init);
-diff -Nru linux-2.6.29/kernel/resource.c linux-2.6.29-grsec/kernel/resource.c
---- linux-2.6.29/kernel/resource.c     2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/resource.c       2009-03-29 22:55:48.642798453 
+0200
+diff -Nru linux-2.6.29-orig/kernel/resource.c linux-2.6.29/kernel/resource.c
+--- linux-2.6.29-orig/kernel/resource.c        2009-03-24 00:12:14.000000000 
+0100
++++ linux-2.6.29/kernel/resource.c     2009-03-29 23:34:04.459223012 +0200
 @@ -132,8 +132,18 @@
  
  static int __init ioresources_init(void)
@@ -1040,9 +1041,9 @@
        return 0;
  }
  __initcall(ioresources_init);
-diff -Nru linux-2.6.29/kernel/sysctl.c linux-2.6.29-grsec/kernel/sysctl.c
---- linux-2.6.29/kernel/sysctl.c       2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/sysctl.c 2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/sysctl.c linux-2.6.29/kernel/sysctl.c
+--- linux-2.6.29-orig/kernel/sysctl.c  2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/sysctl.c       2009-03-29 23:34:04.459223012 +0200
 @@ -61,6 +61,11 @@
  static int deprecated_sysctl_warning(struct __sysctl_args *args);
  
@@ -1090,9 +1091,9 @@
        error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC));
        if (error)
                return error;
-diff -Nru linux-2.6.29/Makefile linux-2.6.29-grsec/Makefile
---- linux-2.6.29/Makefile      2009-03-29 22:56:50.747163685 +0200
-+++ linux-2.6.29-grsec/Makefile        2009-03-29 22:55:48.656120698 +0200
+diff -Nru linux-2.6.29-orig/Makefile linux-2.6.29/Makefile
+--- linux-2.6.29-orig/Makefile 2009-03-29 22:56:50.747163685 +0200
++++ linux-2.6.29/Makefile      2009-03-29 23:34:04.470474457 +0200
 @@ -636,7 +636,7 @@
  
  
@@ -1102,9 +1103,9 @@
  
  vmlinux-dirs  := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
                     $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-diff -Nru linux-2.6.29/net/ipv4/inet_hashtables.c 
linux-2.6.29-grsec/net/ipv4/inet_hashtables.c
---- linux-2.6.29/net/ipv4/inet_hashtables.c    2009-03-24 00:12:14.000000000 
+0100
-+++ linux-2.6.29-grsec/net/ipv4/inet_hashtables.c      2009-03-29 
22:55:48.649464378 +0200
+diff -Nru linux-2.6.29-orig/net/ipv4/inet_hashtables.c 
linux-2.6.29/net/ipv4/inet_hashtables.c
+--- linux-2.6.29-orig/net/ipv4/inet_hashtables.c       2009-03-24 
00:12:14.000000000 +0100
++++ linux-2.6.29/net/ipv4/inet_hashtables.c    2009-03-29 23:34:04.463807910 
+0200
 @@ -18,11 +18,14 @@
  #include <linux/sched.h>
  #include <linux/slab.h>
@@ -1129,9 +1130,9 @@
                if (tw) {
                        inet_twsk_deschedule(tw, death_row);
                        inet_twsk_put(tw);
-diff -Nru linux-2.6.29/net/socket.c linux-2.6.29-grsec/net/socket.c
---- linux-2.6.29/net/socket.c  2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/net/socket.c    2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/net/socket.c linux-2.6.29/net/socket.c
+--- linux-2.6.29-orig/net/socket.c     2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/net/socket.c  2009-03-29 23:34:04.463807910 +0200
 @@ -86,6 +86,7 @@
  #include <linux/audit.h>
  #include <linux/wireless.h>
@@ -1157,9 +1158,9 @@
  
  out_put:
        fput_light(sock->file, fput_needed);
-diff -Nru linux-2.6.29/security/Kconfig linux-2.6.29-grsec/security/Kconfig
---- linux-2.6.29/security/Kconfig      2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/security/Kconfig        2009-03-29 22:55:48.646121675 
+0200
+diff -Nru linux-2.6.29-orig/security/Kconfig linux-2.6.29/security/Kconfig
+--- linux-2.6.29-orig/security/Kconfig 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/security/Kconfig      2009-03-29 23:34:04.463807910 +0200
 @@ -4,6 +4,8 @@
  
  menu "Security options"
================================================================

---- CVS-web:
    
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-grsec-minimal.patch?r1=1.8.4.2&r2=1.8.4.3&f=u

_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

SOURCES (Titanium): kernel-desktop-grsec-minimal.patch - fixes

Reply via email to