Author: shadzik Date: Sun Mar 29 21:44:48 2009 GMT Module: SOURCES Tag: Titanium ---- Log message: - fixes
---- Files affected: SOURCES: kernel-desktop-grsec-minimal.patch (1.8.4.2 -> 1.8.4.3) ---- Diffs: ================================================================ Index: SOURCES/kernel-desktop-grsec-minimal.patch diff -u SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2 SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.3 --- SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2 Sun Mar 29 23:16:36 2009 +++ SOURCES/kernel-desktop-grsec-minimal.patch Sun Mar 29 23:44:42 2009 @@ -1,6 +1,6 @@ -diff -Nru linux-2.6.29/arch/sparc/Makefile linux-2.6.29-grsec/arch/sparc/Makefile ---- linux-2.6.29/arch/sparc/Makefile 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/arch/sparc/Makefile 2009-03-29 22:55:48.646121675 +0200 +diff -Nru linux-2.6.29-orig/arch/sparc/Makefile linux-2.6.29/arch/sparc/Makefile +--- linux-2.6.29-orig/arch/sparc/Makefile 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/arch/sparc/Makefile 2009-03-29 23:34:04.446725642 +0200 @@ -72,6 +72,7 @@ core-y += arch/sparc/kernel/ @@ -9,9 +9,9 @@ libs-y += arch/sparc/prom/ libs-y += arch/sparc/lib/ -diff -Nru linux-2.6.29/drivers/char/keyboard.c linux-2.6.29-grsec/drivers/char/keyboard.c ---- linux-2.6.29/drivers/char/keyboard.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/drivers/char/keyboard.c 2009-03-29 22:55:48.612631221 +0200 +diff -Nru linux-2.6.29-orig/drivers/char/keyboard.c linux-2.6.29/drivers/char/keyboard.c +--- linux-2.6.29-orig/drivers/char/keyboard.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/drivers/char/keyboard.c 2009-03-29 23:34:04.446725642 +0200 @@ -635,6 +635,16 @@ kbd->kbdmode == VC_MEDIUMRAW) && value != KVAL(K_SAK)) @@ -29,9 +29,9 @@ fn_handler[value](vc); } -diff -Nru linux-2.6.29/drivers/pci/proc.c linux-2.6.29-grsec/drivers/pci/proc.c ---- linux-2.6.29/drivers/pci/proc.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/drivers/pci/proc.c 2009-03-29 22:55:48.612631221 +0200 +diff -Nru linux-2.6.29-orig/drivers/pci/proc.c linux-2.6.29/drivers/pci/proc.c +--- linux-2.6.29-orig/drivers/pci/proc.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/drivers/pci/proc.c 2009-03-29 23:34:04.446725642 +0200 @@ -480,7 +480,16 @@ static int __init pci_proc_init(void) { @@ -49,9 +49,9 @@ proc_create("devices", 0, proc_bus_pci_dir, &proc_bus_pci_dev_operations); proc_initialized = 1; -diff -Nru linux-2.6.29/fs/namei.c linux-2.6.29-grsec/fs/namei.c ---- linux-2.6.29/fs/namei.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/namei.c 2009-03-29 22:55:48.646121675 +0200 +diff -Nru linux-2.6.29-orig/fs/namei.c linux-2.6.29/fs/namei.c +--- linux-2.6.29-orig/fs/namei.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/namei.c 2009-03-29 23:34:04.450058682 +0200 @@ -32,6 +32,7 @@ #include <linux/fcntl.h> #include <linux/device_cgroup.h> @@ -115,9 +115,9 @@ error = mnt_want_write(nd.path.mnt); if (error) goto out_dput; -diff -Nru linux-2.6.29/fs/proc/array.c linux-2.6.29-grsec/fs/proc/array.c ---- linux-2.6.29/fs/proc/array.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/array.c 2009-03-29 22:55:48.612631221 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/array.c linux-2.6.29/fs/proc/array.c +--- linux-2.6.29-orig/fs/proc/array.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/array.c 2009-03-29 23:34:04.450058682 +0200 @@ -529,3 +529,10 @@ return 0; @@ -129,9 +129,9 @@ + return sprintf(buffer, "%u.%u.%u.%u\n", NIPQUAD(task->signal->curr_ip)); +} +#endif -diff -Nru linux-2.6.29/fs/proc/base.c linux-2.6.29-grsec/fs/proc/base.c ---- linux-2.6.29/fs/proc/base.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/base.c 2009-03-29 23:02:57.774010127 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/base.c linux-2.6.29/fs/proc/base.c +--- linux-2.6.29-orig/fs/proc/base.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/base.c 2009-03-29 23:42:59.660794909 +0200 @@ -80,6 +80,7 @@ #include <linux/oom.h> #include <linux/elf.h> @@ -150,11 +150,13 @@ generic_fillattr(inode, stat); -@@ -1481,11 +1485,27 @@ +@@ -1480,12 +1484,29 @@ + stat->uid = 0; stat->gid = 0; task = pid_task(proc_pid(inode), PIDTYPE_PID); - if (task) { -+ cred = __task_cred(task); +- if (task) { ++ cred = __task_cred(task); ++ if (task +#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) + && (!tmp->uid || (tmp->uid == cred->uid) +#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP @@ -162,6 +164,7 @@ +#endif + ) +#endif ++ ) { if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || +#ifdef CONFIG_GRKERNSEC_PROC_USER + (inode->i_mode == (S_IFDIR|S_IRUSR|S_IXUSR)) || @@ -179,7 +182,7 @@ } } rcu_read_unlock(); -@@ -1517,11 +1537,20 @@ +@@ -1517,11 +1538,20 @@ if (task) { if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || @@ -200,7 +203,7 @@ rcu_read_unlock(); } else { inode->i_uid = 0; -@@ -1894,12 +1923,19 @@ +@@ -1894,12 +1924,19 @@ static int proc_fd_permission(struct inode *inode, int mask) { int rv; @@ -222,7 +225,7 @@ return rv; } -@@ -2685,7 +2721,14 @@ +@@ -2685,7 +2722,14 @@ if (!inode) goto out; @@ -237,7 +240,7 @@ inode->i_op = &proc_tgid_base_inode_operations; inode->i_fop = &proc_tgid_base_operations; inode->i_flags|=S_IMMUTABLE; -@@ -2792,6 +2835,10 @@ +@@ -2792,6 +2836,10 @@ { unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY; struct task_struct *reaper = get_proc_task(filp->f_path.dentry->d_inode); @@ -248,40 +251,38 @@ struct tgid_iter iter; struct pid_namespace *ns; -@@ -2810,6 +2857,20 @@ +@@ -2810,6 +2858,18 @@ for (iter = next_tgid(ns, iter); iter.task; iter.tgid += 1, iter = next_tgid(ns, iter)) { +#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) + itercred = __task_cred(iter.task); +#endif -+ if (gr_pid_is_chrooted(iter.task) || gr_check_hidden_task(iter.task) -+ #if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) -+ || (tmp->uid && (itercred->uid != tmp->uid) -+ #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP -+ && !in_group_p(CONFIG_GRKERNSEC_PROC_GID) -+ #endif -+ ) ++#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) ++ if (tmp->uid && (itercred->uid != tmp->uid) ++ #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP ++ && !in_group_p(CONFIG_GRKERNSEC_PROC_GID) ++ #endif ++ ) +#endif -+ ) + continue; + filp->f_pos = iter.tgid + TGID_OFFSET; if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) { put_task_struct(iter.task); -@@ -2891,6 +2952,9 @@ +@@ -2891,6 +2951,9 @@ #ifdef CONFIG_TASK_IO_ACCOUNTING INF("io", S_IRUGO, proc_tid_io_accounting), #endif +#ifdef CONFIG_GRKERNSEC_PROC_IPADDR -+ INF("ipaddr", S_IRUSR, pid_ipaddr), ++ INF("ipaddr", S_IRUSR, proc_pid_ipaddr), +#endif }; static int proc_tid_base_readdir(struct file * filp, -diff -Nru linux-2.6.29/fs/proc/cmdline.c linux-2.6.29-grsec/fs/proc/cmdline.c ---- linux-2.6.29/fs/proc/cmdline.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/cmdline.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/cmdline.c linux-2.6.29/fs/proc/cmdline.c +--- linux-2.6.29-orig/fs/proc/cmdline.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/cmdline.c 2009-03-29 23:34:04.452349599 +0200 @@ -23,7 +23,15 @@ static int __init proc_cmdline_init(void) @@ -299,9 +300,9 @@ return 0; } module_init(proc_cmdline_init); -diff -Nru linux-2.6.29/fs/proc/devices.c linux-2.6.29-grsec/fs/proc/devices.c ---- linux-2.6.29/fs/proc/devices.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/devices.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/devices.c linux-2.6.29/fs/proc/devices.c +--- linux-2.6.29-orig/fs/proc/devices.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/devices.c 2009-03-29 23:34:04.452349599 +0200 @@ -64,7 +64,13 @@ static int __init proc_devices_init(void) @@ -317,9 +318,9 @@ return 0; } module_init(proc_devices_init); -diff -Nru linux-2.6.29/fs/proc/inode.c linux-2.6.29-grsec/fs/proc/inode.c ---- linux-2.6.29/fs/proc/inode.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/inode.c 2009-03-29 22:55:48.612631221 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/inode.c linux-2.6.29/fs/proc/inode.c +--- linux-2.6.29-orig/fs/proc/inode.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/inode.c 2009-03-29 23:34:04.452349599 +0200 @@ -463,7 +463,11 @@ if (de->mode) { inode->i_mode = de->mode; @@ -332,9 +333,9 @@ } if (de->size) inode->i_size = de->size; -diff -Nru linux-2.6.29/fs/proc/internal.h linux-2.6.29-grsec/fs/proc/internal.h ---- linux-2.6.29/fs/proc/internal.h 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/internal.h 2009-03-29 22:55:48.649464378 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/internal.h linux-2.6.29/fs/proc/internal.h +--- linux-2.6.29-orig/fs/proc/internal.h 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/internal.h 2009-03-29 23:34:04.452349599 +0200 @@ -51,6 +51,9 @@ struct pid *pid, struct task_struct *task); extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, @@ -345,9 +346,9 @@ extern loff_t mem_lseek(struct file *file, loff_t offset, int orig); extern const struct file_operations proc_maps_operations; -diff -Nru linux-2.6.29/fs/proc/Kconfig linux-2.6.29-grsec/fs/proc/Kconfig ---- linux-2.6.29/fs/proc/Kconfig 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/Kconfig 2009-03-29 22:55:48.612631221 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/Kconfig linux-2.6.29/fs/proc/Kconfig +--- linux-2.6.29-orig/fs/proc/Kconfig 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/Kconfig 2009-03-29 23:34:04.452349599 +0200 @@ -30,12 +30,12 @@ config PROC_KCORE @@ -364,9 +365,9 @@ help Exports the dump image of crashed kernel in ELF format. -diff -Nru linux-2.6.29/fs/proc/kcore.c linux-2.6.29-grsec/fs/proc/kcore.c ---- linux-2.6.29/fs/proc/kcore.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/kcore.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/kcore.c linux-2.6.29/fs/proc/kcore.c +--- linux-2.6.29-orig/fs/proc/kcore.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/kcore.c 2009-03-29 23:34:04.452349599 +0200 @@ -404,10 +404,12 @@ static int __init proc_kcore_init(void) @@ -380,9 +381,9 @@ return 0; } module_init(proc_kcore_init); -diff -Nru linux-2.6.29/fs/proc/root.c linux-2.6.29-grsec/fs/proc/root.c ---- linux-2.6.29/fs/proc/root.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/fs/proc/root.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/fs/proc/root.c linux-2.6.29/fs/proc/root.c +--- linux-2.6.29-orig/fs/proc/root.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/fs/proc/root.c 2009-03-29 23:34:04.452349599 +0200 @@ -134,7 +134,15 @@ #ifdef CONFIG_PROC_DEVICETREE proc_device_tree_init(); @@ -399,9 +400,9 @@ proc_sys_init(); } -diff -Nru linux-2.6.29/grsecurity/grsec_disabled.c linux-2.6.29-grsec/grsecurity/grsec_disabled.c ---- linux-2.6.29/grsecurity/grsec_disabled.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_disabled.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_disabled.c linux-2.6.29/grsecurity/grsec_disabled.c +--- linux-2.6.29-orig/grsecurity/grsec_disabled.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_disabled.c 2009-03-29 23:34:04.452349599 +0200 @@ -0,0 +1,6 @@ +void +grsecurity_init(void) @@ -409,9 +410,9 @@ + return; +} + -diff -Nru linux-2.6.29/grsecurity/grsec_fifo.c linux-2.6.29-grsec/grsecurity/grsec_fifo.c ---- linux-2.6.29/grsecurity/grsec_fifo.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_fifo.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_fifo.c linux-2.6.29/grsecurity/grsec_fifo.c +--- linux-2.6.29-orig/grsecurity/grsec_fifo.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_fifo.c 2009-03-29 23:34:04.452349599 +0200 @@ -0,0 +1,21 @@ +#include <linux/kernel.h> +#include <linux/sched.h> @@ -434,9 +435,9 @@ +#endif + return 0; +} -diff -Nru linux-2.6.29/grsecurity/grsec_init.c linux-2.6.29-grsec/grsecurity/grsec_init.c ---- linux-2.6.29/grsecurity/grsec_init.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_init.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_init.c linux-2.6.29/grsecurity/grsec_init.c +--- linux-2.6.29-orig/grsecurity/grsec_init.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_init.c 2009-03-29 23:34:04.452349599 +0200 @@ -0,0 +1,29 @@ +#include <linux/kernel.h> +#include <linux/sched.h> @@ -467,9 +468,9 @@ + + return; +} -diff -Nru linux-2.6.29/grsecurity/grsec_link.c linux-2.6.29-grsec/grsecurity/grsec_link.c ---- linux-2.6.29/grsecurity/grsec_link.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_link.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_link.c linux-2.6.29/grsecurity/grsec_link.c +--- linux-2.6.29-orig/grsecurity/grsec_link.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_link.c 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,39 @@ +#include <linux/kernel.h> +#include <linux/sched.h> @@ -510,9 +511,9 @@ +#endif + return 0; +} -diff -Nru linux-2.6.29/grsecurity/grsec_sock.c linux-2.6.29-grsec/grsecurity/grsec_sock.c ---- linux-2.6.29/grsecurity/grsec_sock.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_sock.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_sock.c linux-2.6.29/grsecurity/grsec_sock.c +--- linux-2.6.29-orig/grsecurity/grsec_sock.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_sock.c 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,170 @@ +#include <linux/kernel.h> +#include <linux/module.h> @@ -684,9 +685,9 @@ + return; +} + -diff -Nru linux-2.6.29/grsecurity/grsec_sysctl.c linux-2.6.29-grsec/grsecurity/grsec_sysctl.c ---- linux-2.6.29/grsecurity/grsec_sysctl.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/grsec_sysctl.c 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/grsec_sysctl.c linux-2.6.29/grsecurity/grsec_sysctl.c +--- linux-2.6.29-orig/grsecurity/grsec_sysctl.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/grsec_sysctl.c 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,52 @@ +#include <linux/kernel.h> +#include <linux/sched.h> @@ -740,9 +741,9 @@ + { .ctl_name = 0 } +}; +#endif -diff -Nru linux-2.6.29/grsecurity/Kconfig linux-2.6.29-grsec/grsecurity/Kconfig ---- linux-2.6.29/grsecurity/Kconfig 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/Kconfig 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/Kconfig linux-2.6.29/grsecurity/Kconfig +--- linux-2.6.29-orig/grsecurity/Kconfig 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/Kconfig 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,123 @@ +# +# grecurity configuration @@ -867,9 +868,9 @@ + the sysctl entries. + +endmenu -diff -Nru linux-2.6.29/grsecurity/Makefile linux-2.6.29-grsec/grsecurity/Makefile ---- linux-2.6.29/grsecurity/Makefile 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/grsecurity/Makefile 2009-03-29 22:55:48.616329143 +0200 +diff -Nru linux-2.6.29-orig/grsecurity/Makefile linux-2.6.29/grsecurity/Makefile +--- linux-2.6.29-orig/grsecurity/Makefile 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/grsecurity/Makefile 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,11 @@ +# All code in this directory and various hooks inserted throughout the kernel +# are copyright Brad Spengler, and released under the GPL v2 or higher @@ -882,9 +883,9 @@ +obj-y += grsec_disabled.o +endif + -diff -Nru linux-2.6.29/include/linux/grinternal.h linux-2.6.29-grsec/include/linux/grinternal.h ---- linux-2.6.29/include/linux/grinternal.h 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/include/linux/grinternal.h 2009-03-29 22:55:48.639297786 +0200 +diff -Nru linux-2.6.29-orig/include/linux/grinternal.h linux-2.6.29/include/linux/grinternal.h +--- linux-2.6.29-orig/include/linux/grinternal.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/include/linux/grinternal.h 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,14 @@ +#ifndef __GRINTERNAL_H +#define __GRINTERNAL_H @@ -900,9 +901,9 @@ +#endif + +#endif -diff -Nru linux-2.6.29/include/linux/grsecurity.h linux-2.6.29-grsec/include/linux/grsecurity.h ---- linux-2.6.29/include/linux/grsecurity.h 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.6.29-grsec/include/linux/grsecurity.h 2009-03-29 22:55:48.639297786 +0200 +diff -Nru linux-2.6.29-orig/include/linux/grsecurity.h linux-2.6.29/include/linux/grsecurity.h +--- linux-2.6.29-orig/include/linux/grsecurity.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.6.29/include/linux/grsecurity.h 2009-03-29 23:34:04.456724414 +0200 @@ -0,0 +1,18 @@ +#ifndef GR_SECURITY_H +#define GR_SECURITY_H @@ -922,9 +923,9 @@ + const int mode, const char *to); + +#endif -diff -Nru linux-2.6.29/include/linux/sched.h linux-2.6.29-grsec/include/linux/sched.h ---- linux-2.6.29/include/linux/sched.h 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/include/linux/sched.h 2009-03-29 22:55:48.639297786 +0200 +diff -Nru linux-2.6.29-orig/include/linux/sched.h linux-2.6.29/include/linux/sched.h +--- linux-2.6.29-orig/include/linux/sched.h 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/include/linux/sched.h 2009-03-29 23:34:04.456724414 +0200 @@ -605,6 +605,15 @@ unsigned audit_tty; struct tty_audit_buf *tty_audit_buf; @@ -941,9 +942,9 @@ }; /* Context switch must be unlocked if interrupts are to be enabled */ -diff -Nru linux-2.6.29/include/linux/sysctl.h linux-2.6.29-grsec/include/linux/sysctl.h ---- linux-2.6.29/include/linux/sysctl.h 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/include/linux/sysctl.h 2009-03-29 22:55:48.639297786 +0200 +diff -Nru linux-2.6.29-orig/include/linux/sysctl.h linux-2.6.29/include/linux/sysctl.h +--- linux-2.6.29-orig/include/linux/sysctl.h 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/include/linux/sysctl.h 2009-03-29 23:34:04.459223012 +0200 @@ -163,8 +163,11 @@ KERN_MAX_LOCK_DEPTH=74, KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */ @@ -957,9 +958,9 @@ /* CTL_VM names: */ -diff -Nru linux-2.6.29/kernel/configs.c linux-2.6.29-grsec/kernel/configs.c ---- linux-2.6.29/kernel/configs.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/kernel/configs.c 2009-03-29 22:55:48.639297786 +0200 +diff -Nru linux-2.6.29-orig/kernel/configs.c linux-2.6.29/kernel/configs.c +--- linux-2.6.29-orig/kernel/configs.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/kernel/configs.c 2009-03-29 23:34:04.459223012 +0200 @@ -73,8 +73,19 @@ struct proc_dir_entry *entry; @@ -980,9 +981,9 @@ if (!entry) return -ENOMEM; -diff -Nru linux-2.6.29/kernel/exit.c linux-2.6.29-grsec/kernel/exit.c ---- linux-2.6.29/kernel/exit.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/kernel/exit.c 2009-03-29 22:55:48.642798453 +0200 +diff -Nru linux-2.6.29-orig/kernel/exit.c linux-2.6.29/kernel/exit.c +--- linux-2.6.29-orig/kernel/exit.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/kernel/exit.c 2009-03-29 23:34:04.459223012 +0200 @@ -48,6 +48,7 @@ #include <linux/tracehook.h> #include <linux/init_task.h> @@ -999,9 +1000,9 @@ tsk->signal = NULL; tsk->sighand = NULL; spin_unlock(&sighand->siglock); -diff -Nru linux-2.6.29/kernel/kallsyms.c linux-2.6.29-grsec/kernel/kallsyms.c ---- linux-2.6.29/kernel/kallsyms.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/kernel/kallsyms.c 2009-03-29 22:55:48.642798453 +0200 +diff -Nru linux-2.6.29-orig/kernel/kallsyms.c linux-2.6.29/kernel/kallsyms.c +--- linux-2.6.29-orig/kernel/kallsyms.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/kernel/kallsyms.c 2009-03-29 23:34:04.459223012 +0200 @@ -478,7 +478,15 @@ static int __init kallsyms_init(void) @@ -1018,9 +1019,9 @@ return 0; } __initcall(kallsyms_init); -diff -Nru linux-2.6.29/kernel/resource.c linux-2.6.29-grsec/kernel/resource.c ---- linux-2.6.29/kernel/resource.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/kernel/resource.c 2009-03-29 22:55:48.642798453 +0200 +diff -Nru linux-2.6.29-orig/kernel/resource.c linux-2.6.29/kernel/resource.c +--- linux-2.6.29-orig/kernel/resource.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/kernel/resource.c 2009-03-29 23:34:04.459223012 +0200 @@ -132,8 +132,18 @@ static int __init ioresources_init(void) @@ -1040,9 +1041,9 @@ return 0; } __initcall(ioresources_init); -diff -Nru linux-2.6.29/kernel/sysctl.c linux-2.6.29-grsec/kernel/sysctl.c ---- linux-2.6.29/kernel/sysctl.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/kernel/sysctl.c 2009-03-29 22:55:48.642798453 +0200 +diff -Nru linux-2.6.29-orig/kernel/sysctl.c linux-2.6.29/kernel/sysctl.c +--- linux-2.6.29-orig/kernel/sysctl.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/kernel/sysctl.c 2009-03-29 23:34:04.459223012 +0200 @@ -61,6 +61,11 @@ static int deprecated_sysctl_warning(struct __sysctl_args *args); @@ -1090,9 +1091,9 @@ error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC)); if (error) return error; -diff -Nru linux-2.6.29/Makefile linux-2.6.29-grsec/Makefile ---- linux-2.6.29/Makefile 2009-03-29 22:56:50.747163685 +0200 -+++ linux-2.6.29-grsec/Makefile 2009-03-29 22:55:48.656120698 +0200 +diff -Nru linux-2.6.29-orig/Makefile linux-2.6.29/Makefile +--- linux-2.6.29-orig/Makefile 2009-03-29 22:56:50.747163685 +0200 ++++ linux-2.6.29/Makefile 2009-03-29 23:34:04.470474457 +0200 @@ -636,7 +636,7 @@ @@ -1102,9 +1103,9 @@ vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ -diff -Nru linux-2.6.29/net/ipv4/inet_hashtables.c linux-2.6.29-grsec/net/ipv4/inet_hashtables.c ---- linux-2.6.29/net/ipv4/inet_hashtables.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/net/ipv4/inet_hashtables.c 2009-03-29 22:55:48.649464378 +0200 +diff -Nru linux-2.6.29-orig/net/ipv4/inet_hashtables.c linux-2.6.29/net/ipv4/inet_hashtables.c +--- linux-2.6.29-orig/net/ipv4/inet_hashtables.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/net/ipv4/inet_hashtables.c 2009-03-29 23:34:04.463807910 +0200 @@ -18,11 +18,14 @@ #include <linux/sched.h> #include <linux/slab.h> @@ -1129,9 +1130,9 @@ if (tw) { inet_twsk_deschedule(tw, death_row); inet_twsk_put(tw); -diff -Nru linux-2.6.29/net/socket.c linux-2.6.29-grsec/net/socket.c ---- linux-2.6.29/net/socket.c 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/net/socket.c 2009-03-29 22:55:48.646121675 +0200 +diff -Nru linux-2.6.29-orig/net/socket.c linux-2.6.29/net/socket.c +--- linux-2.6.29-orig/net/socket.c 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/net/socket.c 2009-03-29 23:34:04.463807910 +0200 @@ -86,6 +86,7 @@ #include <linux/audit.h> #include <linux/wireless.h> @@ -1157,9 +1158,9 @@ out_put: fput_light(sock->file, fput_needed); -diff -Nru linux-2.6.29/security/Kconfig linux-2.6.29-grsec/security/Kconfig ---- linux-2.6.29/security/Kconfig 2009-03-24 00:12:14.000000000 +0100 -+++ linux-2.6.29-grsec/security/Kconfig 2009-03-29 22:55:48.646121675 +0200 +diff -Nru linux-2.6.29-orig/security/Kconfig linux-2.6.29/security/Kconfig +--- linux-2.6.29-orig/security/Kconfig 2009-03-24 00:12:14.000000000 +0100 ++++ linux-2.6.29/security/Kconfig 2009-03-29 23:34:04.463807910 +0200 @@ -4,6 +4,8 @@ menu "Security options" ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-grsec-minimal.patch?r1=1.8.4.2&r2=1.8.4.3&f=u _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit