SOURCES (hawk-LINUX_2_6): linux-2.6-grsec-vs-minimal.patch - updat...

hawk hawk at pld-linux.org
Thu May 31 16:46:07 CEST 2007 

Author: hawk                         Date: Thu May 31 14:46:06 2007 GMT
Module: SOURCES                       Tag: hawk-LINUX_2_6
---- Log message:
- updated for 2.6.21.3

---- Files affected:
SOURCES:
   linux-2.6-grsec-vs-minimal.patch (1.1.2.6 -> 1.1.2.7) 

---- Diffs:

================================================================
Index: SOURCES/linux-2.6-grsec-vs-minimal.patch
diff -u SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.6 SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.7
--- SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.6	Mon Mar 26 18:45:42 2007
+++ SOURCES/linux-2.6-grsec-vs-minimal.patch	Thu May 31 16:46:01 2007
@@ -192,10 +192,10 @@
 diff -urNp linux-2.6.20.3/fs/proc/proc_misc.c linux-2.6.20.3/fs/proc/proc_misc.c
 --- linux-2.6.20.3/fs/proc/proc_misc.c	2007-03-13 14:27:08.000000000 -0400
 +++ linux-2.6.20.3/fs/proc/proc_misc.c	2007-03-23 08:11:31.000000000 -0400
-@@ -673,6 +673,8 @@ void create_seq_entry(char *name, mode_t
+@@ -667,6 +667,8 @@ void create_seq_entry(char *name, mode_t
+ 
  void __init proc_misc_init(void)
  {
- 	struct proc_dir_entry *entry;
 +	int gr_mode = 0;
 +
  	static struct {
@@ -277,7 +277,7 @@
  	proc_net_stat = proc_mkdir("net/stat", NULL);
  
  #ifdef CONFIG_SYSVIPC
-@@ -89,7 +95,15 @@ void __init proc_root_init(void)
+@@ -78,7 +84,15 @@ void __init proc_root_init(void)
  #ifdef CONFIG_PROC_DEVICETREE
  	proc_device_tree_init();
  #endif
@@ -933,18 +933,18 @@
  	shp->shm_segsz = size;
  	shp->shm_nattch = 0;
  	shp->id = shm_buildid(ns, id, shp->shm_perm.seq);
-@@ -842,6 +869,11 @@ long do_shmat(int shmid, char __user *sh
- 	file = shp->shm_file;
- 	size = i_size_read(file->f_path.dentry->d_inode);
+@@ -901,6 +916,11 @@ long do_shmat(int shmid, char __user *sh
+ 	path.dentry = dget(shp->shm_file->f_path.dentry);
+ 	path.mnt    = mntget(shp->shm_file->f_path.mnt);
  	shp->shm_nattch++;
 +
 +#ifdef CONFIG_GRKERNSEC
 +	shp->shm_lapid = current->pid;
 +#endif
 +
+ 	size = i_size_read(path.dentry->d_inode);
  	shm_unlock(shp);
  
- 	down_write(&current->mm->mmap_sem);
 @@ -1014,3 +1055,27 @@ static int sysvipc_shm_proc_show(struct 
  			  shp->shm_ctim);
  }
@@ -1109,11 +1109,13 @@
  	{ .ctl_name = 0 }
  };
  
-@@ -1295,6 +1335,8 @@ static int test_perm(int mode, int op)
+@@ -1233,6 +1249,10 @@ static int test_perm(int mode, int op)
  static inline int ctl_perm(ctl_table *table, int op)
  {
  	int error;
-+	if (table->de && gr_handle_sysctl_mod(table->de->parent->name, table->de->name, op))
++	if (table->parent != NULL && table->parent->procname != NULL &&
++	    table->procname != NULL &&
++	    gr_handle_sysctl_mod(table->parent->procname, table->procname, op))
 +		return -EACCES;
  	error = security_sysctl(table, op);
  	if (error)
@@ -1137,14 +1139,14 @@
   * Allocate and initialize a new local port bind bucket.
   * The bindhash mutex for snum's hash chain must be held here.
 @@ -338,6 +341,8 @@ ok:
-  		}
-  		spin_unlock(&head->lock);
+ 		}
+ 		spin_unlock(&head->lock);
  
 +		gr_update_task_in_ip_table(current, inet_sk(sk));
 +
-  		if (tw) {
-  			inet_twsk_deschedule(tw, death_row);
-  			inet_twsk_put(tw);
+ 		if (tw) {
+ 			inet_twsk_deschedule(tw, death_row);
+ 			inet_twsk_put(tw);
 diff -urNp linux-2.6.20.3/net/socket.c linux-2.6.20.3/net/socket.c
 --- linux-2.6.20.3/net/socket.c	2007-03-13 14:27:08.000000000 -0400
 +++ linux-2.6.20.3/net/socket.c	2007-03-23 08:11:31.000000000 -0400
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SOURCES/linux-2.6-grsec-vs-minimal.patch?r1=1.1.2.6&r2=1.1.2.7&f=u

More information about the pld-cvs-commit mailing list