SOURCES (LINUX_2_6_20): grsecurity-2.1.10-2.6.20.3.patch - merged ...
zbyniu
zbyniu at pld-linux.org
Tue Apr 10 21:13:02 CEST 2007
Author: zbyniu Date: Tue Apr 10 19:13:02 2007 GMT
Module: SOURCES Tag: LINUX_2_6_20
---- Log message:
- merged changes from grsecurity-2.1.10-2.6.20.6-200704091818.patch
- cleanups
---- Files affected:
SOURCES:
grsecurity-2.1.10-2.6.20.3.patch (1.1.2.5 -> 1.1.2.6)
---- Diffs:
================================================================
Index: SOURCES/grsecurity-2.1.10-2.6.20.3.patch
diff -u SOURCES/grsecurity-2.1.10-2.6.20.3.patch:1.1.2.5 SOURCES/grsecurity-2.1.10-2.6.20.3.patch:1.1.2.6
--- SOURCES/grsecurity-2.1.10-2.6.20.3.patch:1.1.2.5 Mon Apr 9 22:36:11 2007
+++ SOURCES/grsecurity-2.1.10-2.6.20.3.patch Tue Apr 10 21:12:57 2007
@@ -46,7 +46,7 @@
#include <asm/uaccess.h>
#include <asm/pgtable.h>
-@@ -283,6 +284,9 @@ do_sys_ptrace(long request, long pid, lo
+@@ -289,6 +290,9 @@ do_sys_ptrace(long request, long pid, lo
goto out;
}
@@ -3563,6 +3563,15 @@
unsigned long base = (kesp - uesp) & -THREAD_SIZE;
unsigned long new_kesp = kesp - base;
unsigned long lim_pages = (new_kesp | (THREAD_SIZE - 1)) >> PAGE_SHIFT;
+@@ -1076,7 +1095,7 @@ void __init trap_init_f00f_bug(void)
+ * Update the IDT descriptor and reload the IDT so that
+ * it uses the read-only mapped virtual address.
+ */
+- idt_descr.address = fix_to_virt(FIX_F00F_IDT);
++ idt_descr.address = (struct desc_struct *)fix_to_virt(FIX_F00F_IDT);
+ load_idt(&idt_descr);
+ }
+ #endif
diff -urNp linux-2.6.20.3/arch/i386/kernel/tsc.c linux-2.6.20.3/arch/i386/kernel/tsc.c
--- linux-2.6.20.3/arch/i386/kernel/tsc.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/arch/i386/kernel/tsc.c 2007-03-23 08:10:06.000000000 -0400
@@ -5913,7 +5922,16 @@
/* User mode accesses just cause a SIGSEGV */
if (error_code & 4) {
/*
-@@ -551,6 +708,22 @@ no_context:
+@@ -508,7 +666,7 @@ bad_area_nosemaphore:
+ if (boot_cpu_data.f00f_bug) {
+ unsigned long nr;
+
+- nr = (address - idt_descr.address) >> 3;
++ nr = (address - (unsigned long)idt_descr.address) >> 3;
+
+ if (nr == 6) {
+ do_invalid_op(regs, 0);
+@@ -551,6 +709,22 @@ no_context:
if (address < PAGE_SIZE)
printk(KERN_ALERT "BUG: unable to handle kernel NULL "
"pointer dereference");
@@ -5936,7 +5954,7 @@
else
printk(KERN_ALERT "BUG: unable to handle kernel paging"
" request");
-@@ -558,24 +731,34 @@ no_context:
+@@ -558,24 +732,34 @@ no_context:
printk(KERN_ALERT " printing eip:\n");
printk("%08lx\n", regs->eip);
}
@@ -5987,7 +6005,7 @@
tsk->thread.cr2 = address;
tsk->thread.trap_no = 14;
tsk->thread.error_code = error_code;
-@@ -652,3 +835,101 @@ void vmalloc_sync_all(void)
+@@ -653,3 +837,101 @@ void vmalloc_sync_all(void)
}
}
#endif
@@ -13429,7 +13447,7 @@
diff -urNp linux-2.6.20.3/fs/namespace.c linux-2.6.20.3/fs/namespace.c
--- linux-2.6.20.3/fs/namespace.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/namespace.c 2007-03-23 08:11:31.000000000 -0400
-@@ -25,6 +25,7 @@
+@@ -30,6 +30,7 @@
#include <linux/vs_tag.h>
#include <linux/vserver/space.h>
#include <linux/vserver/global.h>
@@ -13437,8 +13455,8 @@
#include <asm/uaccess.h>
#include <asm/unistd.h>
#include "pnode.h"
-@@ -599,6 +600,8 @@ static int do_umount(struct vfsmount *mn
- DQUOT_OFF(sb);
+@@ -658,6 +659,8 @@ static int do_umount(struct vfsmount *mn
+ DQUOT_OFF(sb->s_dqh);
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
unlock_kernel();
+
@@ -13446,7 +13464,7 @@
}
up_write(&sb->s_umount);
return retval;
-@@ -619,6 +622,9 @@ static int do_umount(struct vfsmount *mn
+@@ -678,6 +681,9 @@ static int do_umount(struct vfsmount *mn
security_sb_umount_busy(mnt);
up_write(&namespace_sem);
release_mounts(&umount_list);
@@ -13456,7 +13474,7 @@
return retval;
}
-@@ -1421,6 +1427,11 @@ long do_mount(char *dev_name, char *dir_
+@@ -1504,6 +1510,11 @@ long do_mount(char *dev_name, char *dir_
if (retval)
goto dput_out;
@@ -13467,8 +13485,8 @@
+
if (flags & MS_REMOUNT)
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
- data_page);
-@@ -1435,6 +1446,9 @@ long do_mount(char *dev_name, char *dir_
+ data_page, tag);
+@@ -1518,6 +1529,9 @@ long do_mount(char *dev_name, char *dir_
dev_name, data_page);
dput_out:
path_release(&nd);
@@ -13478,7 +13496,7 @@
return retval;
}
-@@ -1688,6 +1702,9 @@ asmlinkage long sys_pivot_root(const cha
+@@ -1772,6 +1786,9 @@ asmlinkage long sys_pivot_root(const cha
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
@@ -13676,8 +13694,8 @@
diff -urNp linux-2.6.20.3/fs/proc/array.c linux-2.6.20.3/fs/proc/array.c
--- linux-2.6.20.3/fs/proc/array.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/proc/array.c 2007-03-23 08:11:31.000000000 -0400
-@@ -291,6 +291,21 @@ static inline char *task_cap(struct task
- cap_t(p->cap_effective));
+@@ -304,6 +304,21 @@ static inline char *task_cap(struct task
+ (unsigned)vx_info_mbcap(vxi, p->cap_effective));
}
+#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR)
@@ -13773,7 +13791,7 @@
diff -urNp linux-2.6.20.3/fs/proc/base.c linux-2.6.20.3/fs/proc/base.c
--- linux-2.6.20.3/fs/proc/base.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/proc/base.c 2007-03-23 08:11:31.000000000 -0400
-@@ -73,6 +73,7 @@
+@@ -75,6 +75,7 @@
#include <linux/oom.h>
#include <linux/vs_context.h>
#include <linux/vs_network.h>
@@ -13781,7 +13799,7 @@
#include "internal.h"
-@@ -194,7 +195,7 @@ static int proc_root_link(struct inode *
+@@ -197,7 +198,7 @@ static int proc_root_link(struct inode *
(task->parent == current && \
(task->ptrace & PT_PTRACED) && \
(task->state == TASK_STOPPED || task->state == TASK_TRACED) && \
@@ -13930,9 +13948,9 @@
files = get_files_struct(p);
if (!files)
goto out;
-@@ -1486,6 +1542,9 @@ static struct dentry *proc_pident_lookup
+@@ -1479,6 +1535,9 @@ static struct dentry *proc_pident_lookup
!memcmp(dentry->d_name.name, "ninfo", 5)))
- goto out_no_task;
+ goto out;
+ if (gr_pid_is_chrooted(task) || gr_check_hidden_task(task))
+ goto out;
@@ -14007,7 +14025,7 @@
struct task_struct *task;
int tgid;
-@@ -2100,6 +2182,18 @@ int proc_pid_readdir(struct file * filp,
+@@ -2117,6 +2199,18 @@ int proc_pid_readdir(struct file * filp,
task;
put_task_struct(task), task = next_tgid(tgid + 1)) {
tgid = task->pid;
@@ -14024,8 +14042,8 @@
+ continue;
+
filp->f_pos = tgid + TGID_OFFSET;
- if (proc_pid_fill_cache(filp, dirent, filldir, task, tgid) < 0) {
- put_task_struct(task);
+ if (!vx_proc_task_visible(task))
+ continue;
diff -urNp linux-2.6.20.3/fs/proc/inode.c linux-2.6.20.3/fs/proc/inode.c
--- linux-2.6.20.3/fs/proc/inode.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/proc/inode.c 2007-03-23 08:11:31.000000000 -0400
@@ -14492,15 +14510,15 @@
diff -urNp linux-2.6.20.3/fs/utimes.c linux-2.6.20.3/fs/utimes.c
--- linux-2.6.20.3/fs/utimes.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/utimes.c 2007-03-23 08:11:31.000000000 -0400
-@@ -5,6 +5,7 @@
- #include <linux/sched.h>
+@@ -6,6 +6,7 @@
#include <linux/utime.h>
+ #include <linux/mount.h>
#include <linux/vs_cowbl.h>
+#include <linux/grsecurity.h>
#include <asm/uaccess.h>
#include <asm/unistd.h>
-@@ -61,6 +62,12 @@ asmlinkage long sys_utime(char __user *
+@@ -63,6 +64,12 @@ asmlinkage long sys_utime(char __user *
(error = vfs_permission(&nd, MAY_WRITE)) != 0)
goto dput_and_out;
}
@@ -14513,7 +14531,7 @@
mutex_lock(&inode->i_mutex);
error = notify_change(nd.dentry, &newattrs);
mutex_unlock(&inode->i_mutex);
-@@ -114,6 +121,12 @@ long do_utimes(int dfd, char __user *fil
+@@ -115,6 +122,12 @@ long do_utimes(int dfd, char __user *fil
(error = vfs_permission(&nd, MAY_WRITE)) != 0)
goto dput_and_out;
}
@@ -27422,7 +27440,7 @@
#include <asm/uaccess.h>
unsigned securebits = SECUREBITS_DEFAULT; /* systemwide security settings */
-@@ -234,14 +235,25 @@ out:
+@@ -237,14 +238,25 @@ out:
return ret;
}
@@ -27448,7 +27466,7 @@
+}
EXPORT_SYMBOL(__capable);
- int capable(int cap)
+ #include <linux/vserver/base.h>
@@ -249,3 +261,4 @@ int capable(int cap)
return __capable(current, cap);
}
@@ -28256,7 +28274,7 @@
#include <asm/pgtable.h>
#include <asm/uaccess.h>
-@@ -137,12 +138,12 @@ static int may_attach(struct task_struct
+@@ -138,12 +139,12 @@ static int may_attach(struct task_struct
(current->uid != task->uid) ||
(current->gid != task->egid) ||
(current->gid != task->sgid) ||
@@ -28269,9 +28287,9 @@
- if (!dumpable && !capable(CAP_SYS_PTRACE))
+ if (!dumpable && !capable_nolog(CAP_SYS_PTRACE))
return -EPERM;
-
- return security_ptrace(current, task);
-@@ -477,6 +478,11 @@ asmlinkage long sys_ptrace(long request,
+ if (!vx_check(task->xid, VS_ADMIN_P|VS_IDENT))
+ return -EPERM;
+@@ -487,6 +488,11 @@ asmlinkage long sys_ptrace(long request,
if (ret < 0)
goto out_put_task_struct;
@@ -28363,8 +28381,8 @@
+#include <linux/grsecurity.h>
#include <linux/nsproxy.h>
#include <linux/vs_context.h>
-
-@@ -595,11 +596,11 @@ static int check_kill_permission(int sig
+ #include <linux/vs_pid.h>
+@@ -596,11 +597,11 @@ static int check_kill_permission(int sig
sig, info, t, vx_task_xid(t), t->pid);
error = -EPERM;
@@ -28378,7 +28396,7 @@
return error;
error = -ESRCH;
-@@ -611,8 +612,10 @@ static int check_kill_permission(int sig
+@@ -612,8 +613,10 @@ static int check_kill_permission(int sig
}
skip:
error = security_task_kill(t, info, sig, 0);
@@ -28390,7 +28408,7 @@
return error;
}
-@@ -790,7 +793,7 @@ out_set:
+@@ -791,7 +794,7 @@ out_set:
(((sig) < SIGRTMIN) && sigismember(&(sigptr)->signal, (sig)))
@@ -28399,7 +28417,7 @@
specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t)
{
int ret = 0;
-@@ -844,6 +847,10 @@ force_sig_info(int sig, struct siginfo *
+@@ -845,6 +848,10 @@ force_sig_info(int sig, struct siginfo *
}
}
ret = specific_send_sig_info(sig, info, t);
@@ -28421,8 +28439,8 @@
#include <linux/compat.h>
#include <linux/syscalls.h>
-@@ -579,6 +580,12 @@ static int set_one_prio(struct task_stru
- error = -EACCES;
+@@ -583,6 +584,12 @@ static int set_one_prio(struct task_stru
+ error = -EACCES;
goto out;
}
+
@@ -28525,7 +28543,7 @@
/* External variables not in a header file. */
extern int C_A_D;
-@@ -155,7 +163,7 @@ static int proc_do_cad_pid(ctl_table *ta
+@@ -156,7 +164,7 @@ static int proc_do_cad_pid(ctl_table *ta
static ctl_table root_table[];
static struct ctl_table_header root_table_header =
@@ -28534,7 +28552,7 @@
static ctl_table kern_table[];
static ctl_table vm_table[];
-@@ -169,6 +177,7 @@ extern ctl_table pty_table[];
+@@ -170,6 +178,7 @@ extern ctl_table pty_table[];
#ifdef CONFIG_INOTIFY_USER
extern ctl_table inotify_table[];
#endif
@@ -28542,7 +28560,7 @@
#ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
int sysctl_legacy_va_layout;
-@@ -208,6 +217,21 @@ static void *get_ipc(ctl_table *table, i
+@@ -209,6 +218,21 @@ static void *get_ipc(ctl_table *table, i
#define get_ipc(T,W) ((T)->data)
#endif
@@ -28564,7 +28582,7 @@
/* /proc declarations: */
#ifdef CONFIG_PROC_SYSCTL
-@@ -269,7 +293,6 @@ static ctl_table root_table[] = {
+@@ -270,7 +294,6 @@ static ctl_table root_table[] = {
.mode = 0555,
.child = dev_table,
},
@@ -28572,7 +28590,7 @@
{ .ctl_name = 0 }
};
-@@ -781,6 +804,23 @@ static ctl_table kern_table[] = {
+@@ -791,6 +814,23 @@ static ctl_table kern_table[] = {
},
#endif
@@ -28596,7 +28614,7 @@
{ .ctl_name = 0 }
};
-@@ -1295,6 +1335,10 @@ static int test_perm(int mode, int op)
+@@ -1305,6 +1345,10 @@ static int test_perm(int mode, int op)
static inline int ctl_perm(ctl_table *table, int op)
{
int error;
@@ -28607,7 +28625,7 @@
error = security_sysctl(table, op);
if (error)
return error;
-@@ -1334,6 +1378,10 @@ repeat:
+@@ -1344,6 +1388,10 @@ repeat:
table = table->child;
goto repeat;
}
@@ -28996,7 +29014,7 @@
unlock:
pte_unmap_unlock(page_table, ptl);
if (dirty_page) {
-@@ -2438,6 +2562,12 @@ static inline int handle_pte_fault(struc
+@@ -2464,6 +2588,12 @@ static inline int handle_pte_fault(struc
flush_tlb_page(vma, address);
}
unlock:
@@ -29007,8 +29025,8 @@
+#endif
+
pte_unmap_unlock(pte, ptl);
- return VM_FAULT_MINOR;
- }
+ ret = VM_FAULT_MINOR;
+ out:
@@ -2460,6 +2590,49 @@ int __handle_mm_fault(struct mm_struct *
if (unlikely(is_vm_hugetlb_page(vma)))
return hugetlb_fault(mm, vma, address, write_access);
@@ -29529,11 +29547,11 @@
vma->vm_flags, NULL, file, pgoff, vma_policy(vma))) {
@@ -1143,6 +1262,7 @@ munmap_back:
out:
- mm->total_vm += len >> PAGE_SHIFT;
+ vx_vmpages_add(mm, len >> PAGE_SHIFT);
vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT);
+ track_exec_limit(mm, addr, addr + len, vm_flags);
if (vm_flags & VM_LOCKED) {
- mm->locked_vm += len >> PAGE_SHIFT;
+ vx_vmlocked_add(mm, len >> PAGE_SHIFT);
make_pages_present(addr, addr + len);
@@ -1197,6 +1317,10 @@ arch_get_unmapped_area(struct file *filp
if (len > TASK_SIZE)
@@ -29873,8 +29891,8 @@
+ gr_learn_resource(current, RLIMIT_MEMLOCK, locked << PAGE_SHIFT, 1);
if (locked > lock_limit && !capable(CAP_IPC_LOCK))
return -EAGAIN;
- }
-@@ -1918,12 +2120,12 @@ unsigned long do_brk(unsigned long addr,
+ if (!vx_vmlocked_avail(mm, len >> PAGE_SHIFT))
+@@ -1920,12 +2122,12 @@ unsigned long do_brk(unsigned long addr,
/*
* Clear old maps. this also does some error checking for us
*/
@@ -29889,7 +29907,7 @@
}
/* Check against address space limits *after* clearing old maps... */
-@@ -1955,6 +2157,13 @@ unsigned long do_brk(unsigned long addr,
+@@ -1958,6 +2160,13 @@ unsigned long do_brk(unsigned long addr,
vma->vm_end = addr + len;
vma->vm_pgoff = pgoff;
vma->vm_flags = flags;
@@ -29903,15 +29921,15 @@
vma->vm_page_prot = protection_map[flags &
(VM_READ|VM_WRITE|VM_EXEC|VM_SHARED)];
vma_link(mm, vma, prev, rb_link, rb_parent);
-@@ -1964,6 +2173,7 @@ out:
- mm->locked_vm += len >> PAGE_SHIFT;
+@@ -1967,6 +2176,7 @@ out:
+ vx_vmlocked_add(mm, len >> PAGE_SHIFT);
make_pages_present(addr, addr + len);
}
+ track_exec_limit(mm, addr, addr + len, flags);
return addr;
}
-@@ -2096,7 +2306,7 @@ int may_expand_vm(struct mm_struct *mm,
+@@ -2105,7 +2315,7 @@ int may_expand_vm(struct mm_struct *mm,
unsigned long lim;
lim = current->signal->rlim[RLIMIT_AS].rlim_cur >> PAGE_SHIFT;
@@ -29919,7 +29937,7 @@
+ gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
if (cur + npages > lim)
return 0;
- return 1;
+ if (!vx_vmpages_avail(mm, npages))
diff -urNp linux-2.6.20.3/mm/mprotect.c linux-2.6.20.3/mm/mprotect.c
--- linux-2.6.20.3/mm/mprotect.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/mm/mprotect.c 2007-03-23 08:27:30.000000000 -0400
@@ -30744,7 +30762,7 @@
diff -urNp linux-2.6.20.3/net/ipv4/netfilter/Kconfig linux-2.6.20.3/net/ipv4/netfilter/Kconfig
--- linux-2.6.20.3/net/ipv4/netfilter/Kconfig 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/net/ipv4/netfilter/Kconfig 2007-03-23 08:11:31.000000000 -0400
-@@ -312,6 +312,21 @@ config IP_NF_MATCH_ADDRTYPE
+@@ -330,6 +330,21 @@ config IP_NF_MATCH_ADDRTYPE
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
@@ -30766,22 +30784,17 @@
# `filter', generic and specific targets
config IP_NF_FILTER
tristate "Packet filtering"
-@@ -682,4 +697,3 @@ config IP_NF_ARP_MANGLE
- hardware and network addresses.
-
- endmenu
--
diff -urNp linux-2.6.20.3/net/ipv4/netfilter/Makefile linux-2.6.20.3/net/ipv4/netfilter/Makefile
--- linux-2.6.20.3/net/ipv4/netfilter/Makefile 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/net/ipv4/netfilter/Makefile 2007-03-23 08:11:31.000000000 -0400
-@@ -91,6 +91,7 @@ obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn
- obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
+@@ -104,6 +104,7 @@ obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn
obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
+ obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
+obj-$(CONFIG_IP_NF_MATCH_STEALTH) += ipt_stealth.o
- # targets
- obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
+ obj-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_layer7.o
+
diff -urNp linux-2.6.20.3/net/ipv4/tcp_ipv4.c linux-2.6.20.3/net/ipv4/tcp_ipv4.c
--- linux-2.6.20.3/net/ipv4/tcp_ipv4.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/net/ipv4/tcp_ipv4.c 2007-03-23 08:11:31.000000000 -0400
@@ -31004,9 +31017,9 @@
#include <asm/uaccess.h>
#include <asm/unistd.h>
-@@ -93,6 +94,21 @@
- #include <net/sock.h>
- #include <linux/netfilter.h>
+@@ -95,6 +96,21 @@
+ #include <linux/vs_base.h>
+ #include <linux/vs_socket.h>
+extern void gr_attach_curr_ip(const struct sock *sk);
+extern int gr_handle_sock_all(const int family, const int type,
@@ -31026,7 +31039,7 @@
static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
unsigned long nr_segs, loff_t pos);
-@@ -295,7 +311,7 @@ static int sockfs_get_sb(struct file_sys
+@@ -297,7 +313,7 @@ static int sockfs_get_sb(struct file_sys
mnt);
}
@@ -31341,7 +31354,7 @@
static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
{
-@@ -138,8 +139,11 @@ static void dummy_bprm_apply_creds (stru
+@@ -139,8 +140,11 @@ static void dummy_bprm_apply_creds (stru
}
}
@@ -31790,7 +31803,7 @@
+
config KEYS
bool "Enable access key retention support"
- help
+ depends on !VSERVER_SECURITY
diff -urNp linux-2.6.20.3/sound/core/oss/pcm_oss.c linux-2.6.20.3/sound/core/oss/pcm_oss.c
--- linux-2.6.20.3/sound/core/oss/pcm_oss.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/sound/core/oss/pcm_oss.c 2007-03-23 08:10:06.000000000 -0400
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/grsecurity-2.1.10-2.6.20.3.patch?r1=1.1.2.5&r2=1.1.2.6&f=u
More information about the pld-cvs-commit
mailing list