SOURCES (Titanium): linux-2.6-grsec-vs-minimal.patch - updated for...
hawk
hawk at pld-linux.org
Fri Apr 25 17:30:05 CEST 2008
Author: hawk Date: Fri Apr 25 15:30:05 2008 GMT
Module: SOURCES Tag: Titanium
---- Log message:
- updated for 2.6.25
---- Files affected:
SOURCES:
linux-2.6-grsec-vs-minimal.patch (1.1.2.8.2.3 -> 1.1.2.8.2.4)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsec-vs-minimal.patch
diff -u SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.3 SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.4
--- SOURCES/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.3 Fri Apr 25 14:28:00 2008
+++ SOURCES/linux-2.6-grsec-vs-minimal.patch Fri Apr 25 17:30:00 2008
@@ -1,6 +1,6 @@
-diff -urNp linux-2.6.24.5/arch/sparc/Makefile linux-2.6.24.5/arch/sparc/Makefile
---- linux-2.6.24.5/arch/sparc/Makefile 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/arch/sparc/Makefile 2008-03-26 20:21:07.000000000 -0400
+diff -urNp linux-2.6.25.orig/arch/sparc/Makefile linux-2.6.25/arch/sparc/Makefile
+--- linux-2.6.25.orig/arch/sparc/Makefile 2008-04-25 15:09:15.000000000 +0200
++++ linux-2.6.25/arch/sparc/Makefile 2008-04-25 15:10:25.000000000 +0200
@@ -36,7 +36,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc
# Renaming is done to avoid confusing pattern matching rules in 2.5.45 (multy-)
INIT_Y := $(patsubst %/, %/built-in.o, $(init-y))
@@ -10,10 +10,10 @@
CORE_Y := $(patsubst %/, %/built-in.o, $(CORE_Y))
DRIVERS_Y := $(patsubst %/, %/built-in.o, $(drivers-y))
NET_Y := $(patsubst %/, %/built-in.o, $(net-y))
-diff -urNp linux-2.6.24.5/Makefile linux-2.6.24.5/Makefile
---- linux-2.6.24.5/Makefile 2008-04-17 20:05:17.000000000 -0400
-+++ linux-2.6.24.5/Makefile 2008-04-17 20:05:00.000000000 -0400
-@@ -597,7 +597,7 @@ export mod_strip_cmd
+diff -urNp linux-2.6.25.orig/Makefile linux-2.6.25/Makefile
+--- linux-2.6.25.orig/Makefile 2008-04-25 15:09:13.000000000 +0200
++++ linux-2.6.25/Makefile 2008-04-25 15:10:25.000000000 +0200
+@@ -603,7 +603,7 @@ export mod_strip_cmd
ifeq ($(KBUILD_EXTMOD),)
@@ -22,10 +22,10 @@
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-diff -urNp linux-2.6.24.5/drivers/char/keyboard.c linux-2.6.24.5/drivers/char/keyboard.c
---- linux-2.6.24.5/drivers/char/keyboard.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/drivers/char/keyboard.c 2008-03-26 20:21:08.000000000 -0400
-@@ -631,6 +631,16 @@ static void k_spec(struct vc_data *vc, u
+diff -urNp linux-2.6.25.orig/drivers/char/keyboard.c linux-2.6.25/drivers/char/keyboard.c
+--- linux-2.6.25.orig/drivers/char/keyboard.c 2008-04-25 15:09:06.000000000 +0200
++++ linux-2.6.25/drivers/char/keyboard.c 2008-04-25 15:10:25.000000000 +0200
+@@ -630,6 +630,16 @@ static void k_spec(struct vc_data *vc, u
kbd->kbdmode == VC_MEDIUMRAW) &&
value != KVAL(K_SAK))
return; /* SAK is allowed even in raw mode */
@@ -42,10 +42,10 @@
fn_handler[value](vc);
}
-diff -urNp linux-2.6.24.5/drivers/pci/proc.c linux-2.6.24.5/drivers/pci/proc.c
---- linux-2.6.24.5/drivers/pci/proc.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/drivers/pci/proc.c 2008-03-26 20:21:08.000000000 -0400
-@@ -467,7 +467,15 @@ static int __init pci_proc_init(void)
+diff -urNp linux-2.6.25.orig/drivers/pci/proc.c linux-2.6.25/drivers/pci/proc.c
+--- linux-2.6.25.orig/drivers/pci/proc.c 2008-04-25 15:09:08.000000000 +0200
++++ linux-2.6.25/drivers/pci/proc.c 2008-04-25 15:10:25.000000000 +0200
+@@ -472,7 +472,15 @@ static int __init pci_proc_init(void)
{
struct proc_dir_entry *entry;
struct pci_dev *dev = NULL;
@@ -61,10 +61,10 @@
entry = create_proc_entry("devices", 0, proc_bus_pci_dir);
if (entry)
entry->proc_fops = &proc_bus_pci_dev_operations;
-diff -urNp linux-2.6.24.5/fs/Kconfig linux-2.6.24.5/fs/Kconfig
---- linux-2.6.24.5/fs/Kconfig 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/Kconfig 2008-03-26 20:21:08.000000000 -0400
-@@ -937,7 +937,7 @@ config PROC_FS
+diff -urNp linux-2.6.25.orig/fs/Kconfig linux-2.6.25/fs/Kconfig
+--- linux-2.6.25.orig/fs/Kconfig 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/Kconfig 2008-04-25 15:10:25.000000000 +0200
+@@ -899,7 +899,7 @@ config PROC_FS
config PROC_KCORE
bool "/proc/kcore support" if !ARM
@@ -73,9 +73,9 @@
config PROC_VMCORE
bool "/proc/vmcore support (EXPERIMENTAL)"
-diff -urNp linux-2.6.24.5/fs/namei.c linux-2.6.24.5/fs/namei.c
---- linux-2.6.24.5/fs/namei.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/namei.c 2008-03-26 20:21:08.000000000 -0400
+diff -urNp linux-2.6.25.orig/fs/namei.c linux-2.6.25/fs/namei.c
+--- linux-2.6.25.orig/fs/namei.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/namei.c 2008-04-25 15:10:25.000000000 +0200
@@ -37,6 +37,7 @@
#include <linux/vs_cowbl.h>
#include <linux/vs_device.h>
@@ -84,7 +84,7 @@
#include <asm/namei.h>
#include <asm/uaccess.h>
-@@ -689,6 +690,13 @@ static inline int do_follow_link(struct
+@@ -729,6 +730,13 @@ static inline int do_follow_link(struct
err = security_inode_follow_link(path->dentry, nd);
if (err)
goto loop;
@@ -98,7 +98,7 @@
current->link_count++;
current->total_link_count++;
nd->depth++;
-@@ -1856,6 +1864,13 @@ do_last:
+@@ -1859,6 +1867,13 @@ do_last:
/*
* It already exists.
*/
@@ -112,7 +112,7 @@
mutex_unlock(&dir->d_inode->i_mutex);
audit_inode(pathname, path.dentry);
-@@ -1927,6 +1942,13 @@ do_link:
+@@ -1930,6 +1945,13 @@ do_link:
error = security_inode_follow_link(path.dentry, nd);
if (error)
goto exit_dput;
@@ -126,7 +126,7 @@
error = __do_follow_link(&path, nd);
if (error) {
/* Does someone understand code flow here? Or it is only
-@@ -2509,7 +2531,16 @@ asmlinkage long sys_linkat(int olddfd, c
+@@ -2514,8 +2536,17 @@ asmlinkage long sys_linkat(int olddfd, c
error = PTR_ERR(new_dentry);
if (IS_ERR(new_dentry))
goto out_unlock;
@@ -138,12 +138,13 @@
+ goto out_unlock_dput;
+ }
+
- error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry, &nd);
+ error = vfs_link(old_nd.path.dentry, nd.path.dentry->d_inode,
+ new_dentry, &nd);
+out_unlock_dput:
dput(new_dentry);
out_unlock:
- mutex_unlock(&nd.dentry->d_inode->i_mutex);
-@@ -2738,8 +2769,16 @@ static int do_rename(int olddfd, const c
+ mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
+@@ -2744,8 +2775,16 @@ static int do_rename(int olddfd, const c
if (new_dentry == trap)
goto exit5;
@@ -161,12 +162,12 @@
exit5:
dput(new_dentry);
exit4:
-diff -urNp linux-2.6.24.5/fs/proc/array.c linux-2.6.24.5/fs/proc/array.c
---- linux-2.6.24.5/fs/proc/array.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/proc/array.c 2008-03-26 20:21:08.000000000 -0400
-@@ -629,3 +629,14 @@ int proc_pid_statm(struct task_struct *t
- return sprintf(buffer, "%d %d %d %d %d %d %d\n",
- size, resident, shared, text, lib, data, 0);
+diff -urNp linux-2.6.25.orig/fs/proc/array.c linux-2.6.25/fs/proc/array.c
+--- linux-2.6.25.orig/fs/proc/array.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/proc/array.c 2008-04-25 15:10:25.000000000 +0200
+@@ -637,3 +637,14 @@ int proc_pid_statm(struct seq_file *m, s
+
+ return 0;
}
+
+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
@@ -179,38 +180,39 @@
+}
+#endif
+
-diff -urNp linux-2.6.24.5/fs/proc/inode.c linux-2.6.24.5/fs/proc/inode.c
---- linux-2.6.24.5/fs/proc/inode.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/proc/inode.c 2008-03-26 20:21:08.000000000 -0400
-@@ -411,7 +411,11 @@ struct inode *proc_get_inode(struct supe
- if (de->mode) {
- inode->i_mode = de->mode;
- inode->i_uid = de->uid;
+diff -urNp linux-2.6.25.orig/fs/proc/inode.c linux-2.6.25/fs/proc/inode.c
+--- linux-2.6.25.orig/fs/proc/inode.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/proc/inode.c 2008-04-25 15:10:25.000000000 +0200
+@@ -406,7 +406,11 @@ struct inode *proc_get_inode(struct supe
+ if (de->mode) {
+ inode->i_mode = de->mode;
+ inode->i_uid = de->uid;
+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
++ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
+#else
- inode->i_gid = de->gid;
+ inode->i_gid = de->gid;
+#endif
- }
+ }
if (de->vx_flags)
PROC_I(inode)->vx_flags = de->vx_flags;
-diff -urNp linux-2.6.24.5/fs/proc/internal.h linux-2.6.24.5/fs/proc/internal.h
---- linux-2.6.24.5/fs/proc/internal.h 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/proc/internal.h 2008-03-26 20:21:08.000000000 -0400
-@@ -54,6 +54,9 @@ extern int proc_tgid_stat(struct task_st
- extern int proc_pid_status(struct task_struct *, char *);
- extern int proc_pid_statm(struct task_struct *, char *);
- extern int proc_pid_nsproxy(struct task_struct *, char *);
+diff -urNp linux-2.6.25.orig/fs/proc/internal.h linux-2.6.25/fs/proc/internal.h
+--- linux-2.6.25.orig/fs/proc/internal.h 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/proc/internal.h 2008-04-25 15:10:25.000000000 +0200
+@@ -60,6 +60,10 @@ extern int proc_pid_statm(struct seq_fil
+ struct pid *pid, struct task_struct *task);
+ extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
+ struct pid *pid, struct task_struct *task);
+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+extern int proc_pid_ipaddr(struct task_struct*,char*);
++extern int proc_pid_ipaddr(struct seq_file *m, struct pid_namespace *ns,
++ struct pid *pid, struct task_struct *task);
+#endif
- extern const struct file_operations proc_maps_operations;
- extern const struct file_operations proc_numa_maps_operations;
-diff -urNp linux-2.6.24.5/fs/proc/proc_misc.c linux-2.6.24.5/fs/proc/proc_misc.c
---- linux-2.6.24.5/fs/proc/proc_misc.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/proc/proc_misc.c 2008-03-26 20:21:08.000000000 -0400
-@@ -707,6 +707,8 @@ void create_seq_entry(char *name, mode_t
+ extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
+
+diff -urNp linux-2.6.25.orig/fs/proc/proc_misc.c linux-2.6.25/fs/proc/proc_misc.c
+--- linux-2.6.25.orig/fs/proc/proc_misc.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/proc/proc_misc.c 2008-04-25 15:10:25.000000000 +0200
+@@ -843,6 +843,8 @@ void create_seq_entry(char *name, mode_t
void __init proc_misc_init(void)
{
@@ -219,7 +221,7 @@
static struct {
char *name;
int (*read_proc)(char*,char**,off_t,int,int*,void*);
-@@ -722,13 +724,24 @@ void __init proc_misc_init(void)
+@@ -858,13 +860,24 @@ void __init proc_misc_init(void)
{"stram", stram_read_proc},
#endif
{"filesystems", filesystems_read_proc},
@@ -244,7 +246,7 @@
proc_symlink("mounts", NULL, "self/mounts");
/* And now for trickier ones */
-@@ -741,7 +754,11 @@ void __init proc_misc_init(void)
+@@ -877,7 +890,11 @@ void __init proc_misc_init(void)
}
#endif
create_seq_entry("locks", 0, &proc_locks_operations);
@@ -256,7 +258,7 @@
create_seq_entry("cpuinfo", 0, &proc_cpuinfo_operations);
#ifdef CONFIG_BLOCK
create_seq_entry("partitions", 0, &proc_partitions_operations);
-@@ -749,7 +766,11 @@ void __init proc_misc_init(void)
+@@ -885,7 +902,11 @@ void __init proc_misc_init(void)
create_seq_entry("stat", 0, &proc_stat_operations);
create_seq_entry("interrupts", 0, &proc_interrupts_operations);
#ifdef CONFIG_SLABINFO
@@ -268,7 +270,7 @@
#ifdef CONFIG_DEBUG_SLAB_LEAK
create_seq_entry("slab_allocators", 0 ,&proc_slabstats_operations);
#endif
-@@ -767,7 +788,7 @@ void __init proc_misc_init(void)
+@@ -903,7 +924,7 @@ void __init proc_misc_init(void)
#ifdef CONFIG_SCHEDSTATS
create_seq_entry("schedstat", 0, &proc_schedstat_operations);
#endif
@@ -277,9 +279,9 @@
proc_root_kcore = create_proc_entry("kcore", S_IRUSR, NULL);
if (proc_root_kcore) {
proc_root_kcore->proc_fops = &proc_kcore_operations;
-diff -urNp linux-2.6.24.5/fs/proc/root.c linux-2.6.24.5/fs/proc/root.c
---- linux-2.6.24.5/fs/proc/root.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/fs/proc/root.c 2008-03-26 20:21:08.000000000 -0400
+diff -urNp linux-2.6.25.orig/fs/proc/root.c linux-2.6.25/fs/proc/root.c
+--- linux-2.6.25.orig/fs/proc/root.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/fs/proc/root.c 2008-04-25 15:10:25.000000000 +0200
@@ -140,7 +140,15 @@ void __init proc_root_init(void)
#ifdef CONFIG_PROC_DEVICETREE
proc_device_tree_init();
@@ -296,9 +298,9 @@
proc_vx_init();
proc_sys_init();
}
-diff -urNp linux-2.6.24.5/grsecurity/Kconfig linux-2.6.24.5/grsecurity/Kconfig
---- linux-2.6.24.5/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/Kconfig 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/Kconfig linux-2.6.25/grsecurity/Kconfig
+--- linux-2.6.25.orig/grsecurity/Kconfig 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/Kconfig 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,123 @@
+#
+# grecurity configuration
@@ -423,9 +425,9 @@
+ the sysctl entries.
+
+endmenu
-diff -urNp linux-2.6.24.5/grsecurity/Makefile linux-2.6.24.5/grsecurity/Makefile
---- linux-2.6.24.5/grsecurity/Makefile 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/Makefile 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/Makefile linux-2.6.25/grsecurity/Makefile
+--- linux-2.6.25.orig/grsecurity/Makefile 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/Makefile 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,11 @@
+# All code in this directory and various hooks inserted throughout the kernel
+# are copyright Brad Spengler, and released under the GPL v2 or higher
@@ -438,9 +440,9 @@
+obj-y += grsec_disabled.o
+endif
+
-diff -urNp linux-2.6.24.5/grsecurity/grsec_disabled.c linux-2.6.24.5/grsecurity/grsec_disabled.c
---- linux-2.6.24.5/grsecurity/grsec_disabled.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_disabled.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_disabled.c linux-2.6.25/grsecurity/grsec_disabled.c
+--- linux-2.6.25.orig/grsecurity/grsec_disabled.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_disabled.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,6 @@
+void
+grsecurity_init(void)
@@ -448,9 +450,9 @@
+ return;
+}
+
-diff -urNp linux-2.6.24.5/grsecurity/grsec_fifo.c linux-2.6.24.5/grsecurity/grsec_fifo.c
---- linux-2.6.24.5/grsecurity/grsec_fifo.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_fifo.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_fifo.c linux-2.6.25/grsecurity/grsec_fifo.c
+--- linux-2.6.25.orig/grsecurity/grsec_fifo.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_fifo.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,21 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -473,9 +475,9 @@
+#endif
+ return 0;
+}
-diff -urNp linux-2.6.24.5/grsecurity/grsec_init.c linux-2.6.24.5/grsecurity/grsec_init.c
---- linux-2.6.24.5/grsecurity/grsec_init.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_init.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_init.c linux-2.6.25/grsecurity/grsec_init.c
+--- linux-2.6.25.orig/grsecurity/grsec_init.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_init.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,30 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -507,9 +509,9 @@
+
+ return;
+}
-diff -urNp linux-2.6.24.5/grsecurity/grsec_link.c linux-2.6.24.5/grsecurity/grsec_link.c
---- linux-2.6.24.5/grsecurity/grsec_link.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_link.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_link.c linux-2.6.25/grsecurity/grsec_link.c
+--- linux-2.6.25.orig/grsecurity/grsec_link.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_link.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,37 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -548,9 +550,9 @@
+#endif
+ return 0;
+}
-diff -urNp linux-2.6.24.5/grsecurity/grsec_sock.c linux-2.6.24.5/grsecurity/grsec_sock.c
---- linux-2.6.24.5/grsecurity/grsec_sock.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_sock.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_sock.c linux-2.6.25/grsecurity/grsec_sock.c
+--- linux-2.6.25.orig/grsecurity/grsec_sock.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_sock.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,167 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
@@ -719,9 +721,9 @@
+ return;
+}
+
-diff -urNp linux-2.6.24.5/grsecurity/grsec_sysctl.c linux-2.6.24.5/grsecurity/grsec_sysctl.c
---- linux-2.6.24.5/grsecurity/grsec_sysctl.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/grsecurity/grsec_sysctl.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/grsecurity/grsec_sysctl.c linux-2.6.25/grsecurity/grsec_sysctl.c
+--- linux-2.6.25.orig/grsecurity/grsec_sysctl.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/grsecurity/grsec_sysctl.c 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,52 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -775,9 +777,9 @@
+ { .ctl_name = 0 }
+};
+#endif
-diff -urNp linux-2.6.24.5/include/linux/grinternal.h linux-2.6.24.5/include/linux/grinternal.h
---- linux-2.6.24.5/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/include/linux/grinternal.h 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/include/linux/grinternal.h linux-2.6.25/include/linux/grinternal.h
+--- linux-2.6.25.orig/include/linux/grinternal.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/include/linux/grinternal.h 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,14 @@
+#ifndef __GRINTERNAL_H
+#define __GRINTERNAL_H
@@ -793,9 +795,9 @@
+#endif
+
+#endif
-diff -urNp linux-2.6.24.5/include/linux/grsecurity.h linux-2.6.24.5/include/linux/grsecurity.h
---- linux-2.6.24.5/include/linux/grsecurity.h 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.24.5/include/linux/grsecurity.h 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/include/linux/grsecurity.h linux-2.6.25/include/linux/grsecurity.h
+--- linux-2.6.25.orig/include/linux/grsecurity.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.25/include/linux/grsecurity.h 2008-04-25 15:10:25.000000000 +0200
@@ -0,0 +1,21 @@
+#ifndef GR_SECURITY_H
+#define GR_SECURITY_H
@@ -818,10 +820,10 @@
+ const int mode, const char *to);
+
+#endif
-diff -urNp linux-2.6.24.5/include/linux/sched.h linux-2.6.24.5/include/linux/sched.h
---- linux-2.6.24.5/include/linux/sched.h 2008-04-17 20:05:17.000000000 -0400
-+++ linux-2.6.24.5/include/linux/sched.h 2008-04-17 20:05:01.000000000 -0400
-@@ -510,6 +510,15 @@ struct signal_struct {
+diff -urNp linux-2.6.25.orig/include/linux/sched.h linux-2.6.25/include/linux/sched.h
+--- linux-2.6.25.orig/include/linux/sched.h 2008-04-25 15:09:05.000000000 +0200
++++ linux-2.6.25/include/linux/sched.h 2008-04-25 15:10:25.000000000 +0200
+@@ -544,6 +544,15 @@ struct signal_struct {
unsigned audit_tty;
struct tty_audit_buf *tty_audit_buf;
#endif
@@ -837,10 +839,10 @@
};
/* Context switch must be unlocked if interrupts are to be enabled */
-diff -urNp linux-2.6.24.5/include/linux/sysctl.h linux-2.6.24.5/include/linux/sysctl.h
---- linux-2.6.24.5/include/linux/sysctl.h 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/include/linux/sysctl.h 2008-03-26 20:21:09.000000000 -0400
-@@ -166,8 +166,11 @@ enum
+diff -urNp linux-2.6.25.orig/include/linux/sysctl.h linux-2.6.25/include/linux/sysctl.h
+--- linux-2.6.25.orig/include/linux/sysctl.h 2008-04-25 15:09:05.000000000 +0200
++++ linux-2.6.25/include/linux/sysctl.h 2008-04-25 15:10:25.000000000 +0200
+@@ -165,8 +165,11 @@ enum
KERN_MAX_LOCK_DEPTH=74,
KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */
KERN_PANIC_ON_NMI=76, /* int: whether we will panic on an unrecovered */
@@ -853,9 +855,9 @@
/* CTL_VM names: */
-diff -urNp linux-2.6.24.5/kernel/configs.c linux-2.6.24.5/kernel/configs.c
---- linux-2.6.24.5/kernel/configs.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/kernel/configs.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/kernel/configs.c linux-2.6.25/kernel/configs.c
+--- linux-2.6.25.orig/kernel/configs.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/kernel/configs.c 2008-04-25 15:10:25.000000000 +0200
@@ -79,8 +79,16 @@ static int __init ikconfig_init(void)
struct proc_dir_entry *entry;
@@ -873,9 +875,9 @@
if (!entry)
return -ENOMEM;
-diff -urNp linux-2.6.24.5/kernel/exit.c linux-2.6.24.5/kernel/exit.c
---- linux-2.6.24.5/kernel/exit.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/kernel/exit.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/kernel/exit.c linux-2.6.25/kernel/exit.c
+--- linux-2.6.25.orig/kernel/exit.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/kernel/exit.c 2008-04-25 15:10:25.000000000 +0200
@@ -49,6 +49,7 @@
#include <linux/vs_network.h>
#include <linux/vs_pid.h>
@@ -884,7 +886,7 @@
#include <asm/uaccess.h>
#include <asm/unistd.h>
-@@ -127,6 +128,7 @@ static void __exit_signal(struct task_st
+@@ -125,6 +126,7 @@ static void __exit_signal(struct task_st
__unhash_process(tsk);
@@ -892,10 +894,10 @@
tsk->signal = NULL;
tsk->sighand = NULL;
spin_unlock(&sighand->siglock);
-diff -urNp linux-2.6.24.5/kernel/kallsyms.c linux-2.6.24.5/kernel/kallsyms.c
---- linux-2.6.24.5/kernel/kallsyms.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/kernel/kallsyms.c 2008-03-26 20:21:09.000000000 -0400
-@@ -486,7 +486,15 @@ static int __init kallsyms_init(void)
+diff -urNp linux-2.6.25.orig/kernel/kallsyms.c linux-2.6.25/kernel/kallsyms.c
+--- linux-2.6.25.orig/kernel/kallsyms.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/kernel/kallsyms.c 2008-04-25 15:10:25.000000000 +0200
+@@ -474,7 +474,15 @@ static int __init kallsyms_init(void)
{
struct proc_dir_entry *entry;
@@ -911,9 +913,9 @@
if (entry)
entry->proc_fops = &kallsyms_operations;
return 0;
-diff -urNp linux-2.6.24.5/kernel/resource.c linux-2.6.24.5/kernel/resource.c
---- linux-2.6.24.5/kernel/resource.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/kernel/resource.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/kernel/resource.c linux-2.6.25/kernel/resource.c
+--- linux-2.6.25.orig/kernel/resource.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/kernel/resource.c 2008-04-25 15:10:25.000000000 +0200
@@ -133,10 +133,27 @@ static int __init ioresources_init(void)
{
struct proc_dir_entry *entry;
@@ -942,9 +944,9 @@
if (entry)
entry->proc_fops = &proc_iomem_operations;
return 0;
-diff -urNp linux-2.6.24.5/kernel/sysctl.c linux-2.6.24.5/kernel/sysctl.c
---- linux-2.6.24.5/kernel/sysctl.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/kernel/sysctl.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/kernel/sysctl.c linux-2.6.25/kernel/sysctl.c
+--- linux-2.6.25.orig/kernel/sysctl.c 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/kernel/sysctl.c 2008-04-25 15:10:25.000000000 +0200
@@ -58,6 +58,11 @@
static int deprecated_sysctl_warning(struct __sysctl_args *args);
@@ -957,20 +959,15 @@
/* External variables not in a header file. */
extern int C_A_D;
-@@ -155,10 +160,11 @@ static int proc_do_cad_pid(struct ctl_ta
+@@ -157,6 +162,7 @@ static int proc_do_cad_pid(struct ctl_ta
static int proc_dointvec_taint(struct ctl_table *table, int write, struct file *filp,
void __user *buffer, size_t *lenp, loff_t *ppos);
#endif
+extern ctl_table grsecurity_table[];
static struct ctl_table root_table[];
- static struct ctl_table_header root_table_header =
-- { root_table, LIST_HEAD_INIT(root_table_header.ctl_entry) };
-+ { root_table, LIST_HEAD_INIT(root_table_header.ctl_entry), 0, NULL };
-
- static struct ctl_table kern_table[];
- static struct ctl_table vm_table[];
-@@ -785,6 +791,14 @@ static struct ctl_table kern_table[] = {
+ static struct ctl_table_root sysctl_table_root;
+@@ -830,6 +836,14 @@ static struct ctl_table kern_table[] = {
.proc_handler = &proc_dostring,
.strategy = &sysctl_string,
},
@@ -985,7 +982,7 @@
/*
* NOTE: do not add new entries to this table unless you have read
* Documentation/sysctl/ctl_unnumbered.txt
-@@ -1404,6 +1418,10 @@ static int test_perm(int mode, int op)
+@@ -1517,6 +1531,10 @@ static int test_perm(int mode, int op)
int sysctl_perm(struct ctl_table *table, int op)
{
int error;
@@ -996,9 +993,9 @@
error = security_sysctl(table, op);
if (error)
return error;
-diff -urNp linux-2.6.24.5/net/ipv4/inet_hashtables.c linux-2.6.24.5/net/ipv4/inet_hashtables.c
---- linux-2.6.24.5/net/ipv4/inet_hashtables.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/net/ipv4/inet_hashtables.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/net/ipv4/inet_hashtables.c linux-2.6.25/net/ipv4/inet_hashtables.c
+--- linux-2.6.25.orig/net/ipv4/inet_hashtables.c 2008-04-25 15:09:05.000000000 +0200
++++ linux-2.6.25/net/ipv4/inet_hashtables.c 2008-04-25 15:10:25.000000000 +0200
@@ -18,12 +18,15 @@
#include <linux/sched.h>
#include <linux/slab.h>
@@ -1015,7 +1012,7 @@
/*
* Allocate and initialize a new local port bind bucket.
* The bindhash mutex for snum's hash chain must be held here.
-@@ -338,6 +341,8 @@ ok:
+@@ -467,6 +470,8 @@ ok:
}
spin_unlock(&head->lock);
@@ -1024,9 +1021,9 @@
if (tw) {
inet_twsk_deschedule(tw, death_row);
inet_twsk_put(tw);
-diff -urNp linux-2.6.24.5/net/socket.c linux-2.6.24.5/net/socket.c
---- linux-2.6.24.5/net/socket.c 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/net/socket.c 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/net/socket.c linux-2.6.25/net/socket.c
+--- linux-2.6.25.orig/net/socket.c 2008-04-25 15:09:05.000000000 +0200
++++ linux-2.6.25/net/socket.c 2008-04-25 15:10:25.000000000 +0200
@@ -85,6 +85,7 @@
#include <linux/audit.h>
#include <linux/wireless.h>
@@ -1044,7 +1041,7 @@
static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
unsigned long nr_segs, loff_t pos);
-@@ -1488,6 +1491,7 @@ asmlinkage long sys_accept(int fd, struc
+@@ -1502,6 +1505,7 @@ asmlinkage long sys_accept(int fd, struc
err = newfd;
security_socket_post_accept(sock, newsock);
@@ -1052,9 +1049,9 @@
out_put:
fput_light(sock->file, fput_needed);
-diff -urNp linux-2.6.24.5/security/Kconfig linux-2.6.24.5/security/Kconfig
---- linux-2.6.24.5/security/Kconfig 2008-03-24 14:49:18.000000000 -0400
-+++ linux-2.6.24.5/security/Kconfig 2008-03-26 20:21:09.000000000 -0400
+diff -urNp linux-2.6.25.orig/security/Kconfig linux-2.6.25/security/Kconfig
+--- linux-2.6.25.orig/security/Kconfig 2008-04-25 15:09:12.000000000 +0200
++++ linux-2.6.25/security/Kconfig 2008-04-25 15:10:25.000000000 +0200
@@ -4,6 +4,8 @@
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/linux-2.6-grsec-vs-minimal.patch?r1=1.1.2.8.2.3&r2=1.1.2.8.2.4&f=u
More information about the pld-cvs-commit
mailing list