SOURCES (hawk-LINUX_2_6): linux-2.6-grsec-vs-minimal.patch - updat...
hawk
hawk at pld-linux.org
Thu May 31 16:46:07 CEST 2007
Author: hawk Date: Thu May 31 14:46:06 2007 GMT
Module: SOURCES Tag: hawk-LINUX_2_6
---- Log message:
- updated for 2.6.21.3
---- Files affected:
SOURCES:
linux-2.6-grsec-vs-minimal.patch (1.1.2.6 -> 1.1.2.7)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsec-vs-minimal.patch
diff -u SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.6 SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.7
--- SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.6 Mon Mar 26 18:45:42 2007
+++ SOURCES/linux-2.6-grsec-vs-minimal.patch Thu May 31 16:46:01 2007
@@ -192,10 +192,10 @@
diff -urNp linux-2.6.20.3/fs/proc/proc_misc.c linux-2.6.20.3/fs/proc/proc_misc.c
--- linux-2.6.20.3/fs/proc/proc_misc.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/fs/proc/proc_misc.c 2007-03-23 08:11:31.000000000 -0400
-@@ -673,6 +673,8 @@ void create_seq_entry(char *name, mode_t
+@@ -667,6 +667,8 @@ void create_seq_entry(char *name, mode_t
+
void __init proc_misc_init(void)
{
- struct proc_dir_entry *entry;
+ int gr_mode = 0;
+
static struct {
@@ -277,7 +277,7 @@
proc_net_stat = proc_mkdir("net/stat", NULL);
#ifdef CONFIG_SYSVIPC
-@@ -89,7 +95,15 @@ void __init proc_root_init(void)
+@@ -78,7 +84,15 @@ void __init proc_root_init(void)
#ifdef CONFIG_PROC_DEVICETREE
proc_device_tree_init();
#endif
@@ -933,18 +933,18 @@
shp->shm_segsz = size;
shp->shm_nattch = 0;
shp->id = shm_buildid(ns, id, shp->shm_perm.seq);
-@@ -842,6 +869,11 @@ long do_shmat(int shmid, char __user *sh
- file = shp->shm_file;
- size = i_size_read(file->f_path.dentry->d_inode);
+@@ -901,6 +916,11 @@ long do_shmat(int shmid, char __user *sh
+ path.dentry = dget(shp->shm_file->f_path.dentry);
+ path.mnt = mntget(shp->shm_file->f_path.mnt);
shp->shm_nattch++;
+
+#ifdef CONFIG_GRKERNSEC
+ shp->shm_lapid = current->pid;
+#endif
+
+ size = i_size_read(path.dentry->d_inode);
shm_unlock(shp);
- down_write(¤t->mm->mmap_sem);
@@ -1014,3 +1055,27 @@ static int sysvipc_shm_proc_show(struct
shp->shm_ctim);
}
@@ -1109,11 +1109,13 @@
{ .ctl_name = 0 }
};
-@@ -1295,6 +1335,8 @@ static int test_perm(int mode, int op)
+@@ -1233,6 +1249,10 @@ static int test_perm(int mode, int op)
static inline int ctl_perm(ctl_table *table, int op)
{
int error;
-+ if (table->de && gr_handle_sysctl_mod(table->de->parent->name, table->de->name, op))
++ if (table->parent != NULL && table->parent->procname != NULL &&
++ table->procname != NULL &&
++ gr_handle_sysctl_mod(table->parent->procname, table->procname, op))
+ return -EACCES;
error = security_sysctl(table, op);
if (error)
@@ -1137,14 +1139,14 @@
* Allocate and initialize a new local port bind bucket.
* The bindhash mutex for snum's hash chain must be held here.
@@ -338,6 +341,8 @@ ok:
- }
- spin_unlock(&head->lock);
+ }
+ spin_unlock(&head->lock);
+ gr_update_task_in_ip_table(current, inet_sk(sk));
+
- if (tw) {
- inet_twsk_deschedule(tw, death_row);
- inet_twsk_put(tw);
+ if (tw) {
+ inet_twsk_deschedule(tw, death_row);
+ inet_twsk_put(tw);
diff -urNp linux-2.6.20.3/net/socket.c linux-2.6.20.3/net/socket.c
--- linux-2.6.20.3/net/socket.c 2007-03-13 14:27:08.000000000 -0400
+++ linux-2.6.20.3/net/socket.c 2007-03-23 08:11:31.000000000 -0400
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/linux-2.6-grsec-vs-minimal.patch?r1=1.1.2.6&r2=1.1.2.7&f=u
More information about the pld-cvs-commit
mailing list