SOURCES (Titanium): kernel-desktop-grsec-minimal.patch - fixes
shadzik
shadzik at pld-linux.org
Sun Mar 29 23:44:48 CEST 2009
Author: shadzik Date: Sun Mar 29 21:44:48 2009 GMT
Module: SOURCES Tag: Titanium
---- Log message:
- fixes
---- Files affected:
SOURCES:
kernel-desktop-grsec-minimal.patch (1.8.4.2 -> 1.8.4.3)
---- Diffs:
================================================================
Index: SOURCES/kernel-desktop-grsec-minimal.patch
diff -u SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2 SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.3
--- SOURCES/kernel-desktop-grsec-minimal.patch:1.8.4.2 Sun Mar 29 23:16:36 2009
+++ SOURCES/kernel-desktop-grsec-minimal.patch Sun Mar 29 23:44:42 2009
@@ -1,6 +1,6 @@
-diff -Nru linux-2.6.29/arch/sparc/Makefile linux-2.6.29-grsec/arch/sparc/Makefile
---- linux-2.6.29/arch/sparc/Makefile 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/arch/sparc/Makefile 2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/arch/sparc/Makefile linux-2.6.29/arch/sparc/Makefile
+--- linux-2.6.29-orig/arch/sparc/Makefile 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/arch/sparc/Makefile 2009-03-29 23:34:04.446725642 +0200
@@ -72,6 +72,7 @@
core-y += arch/sparc/kernel/
@@ -9,9 +9,9 @@
libs-y += arch/sparc/prom/
libs-y += arch/sparc/lib/
-diff -Nru linux-2.6.29/drivers/char/keyboard.c linux-2.6.29-grsec/drivers/char/keyboard.c
---- linux-2.6.29/drivers/char/keyboard.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/drivers/char/keyboard.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/drivers/char/keyboard.c linux-2.6.29/drivers/char/keyboard.c
+--- linux-2.6.29-orig/drivers/char/keyboard.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/drivers/char/keyboard.c 2009-03-29 23:34:04.446725642 +0200
@@ -635,6 +635,16 @@
kbd->kbdmode == VC_MEDIUMRAW) &&
value != KVAL(K_SAK))
@@ -29,9 +29,9 @@
fn_handler[value](vc);
}
-diff -Nru linux-2.6.29/drivers/pci/proc.c linux-2.6.29-grsec/drivers/pci/proc.c
---- linux-2.6.29/drivers/pci/proc.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/drivers/pci/proc.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/drivers/pci/proc.c linux-2.6.29/drivers/pci/proc.c
+--- linux-2.6.29-orig/drivers/pci/proc.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/drivers/pci/proc.c 2009-03-29 23:34:04.446725642 +0200
@@ -480,7 +480,16 @@
static int __init pci_proc_init(void)
{
@@ -49,9 +49,9 @@
proc_create("devices", 0, proc_bus_pci_dir,
&proc_bus_pci_dev_operations);
proc_initialized = 1;
-diff -Nru linux-2.6.29/fs/namei.c linux-2.6.29-grsec/fs/namei.c
---- linux-2.6.29/fs/namei.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/namei.c 2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/fs/namei.c linux-2.6.29/fs/namei.c
+--- linux-2.6.29-orig/fs/namei.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/namei.c 2009-03-29 23:34:04.450058682 +0200
@@ -32,6 +32,7 @@
#include <linux/fcntl.h>
#include <linux/device_cgroup.h>
@@ -115,9 +115,9 @@
error = mnt_want_write(nd.path.mnt);
if (error)
goto out_dput;
-diff -Nru linux-2.6.29/fs/proc/array.c linux-2.6.29-grsec/fs/proc/array.c
---- linux-2.6.29/fs/proc/array.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/array.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/array.c linux-2.6.29/fs/proc/array.c
+--- linux-2.6.29-orig/fs/proc/array.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/array.c 2009-03-29 23:34:04.450058682 +0200
@@ -529,3 +529,10 @@
return 0;
@@ -129,9 +129,9 @@
+ return sprintf(buffer, "%u.%u.%u.%u\n", NIPQUAD(task->signal->curr_ip));
+}
+#endif
-diff -Nru linux-2.6.29/fs/proc/base.c linux-2.6.29-grsec/fs/proc/base.c
---- linux-2.6.29/fs/proc/base.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/base.c 2009-03-29 23:02:57.774010127 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/base.c linux-2.6.29/fs/proc/base.c
+--- linux-2.6.29-orig/fs/proc/base.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/base.c 2009-03-29 23:42:59.660794909 +0200
@@ -80,6 +80,7 @@
#include <linux/oom.h>
#include <linux/elf.h>
@@ -150,11 +150,13 @@
generic_fillattr(inode, stat);
-@@ -1481,11 +1485,27 @@
+@@ -1480,12 +1484,29 @@
+ stat->uid = 0;
stat->gid = 0;
task = pid_task(proc_pid(inode), PIDTYPE_PID);
- if (task) {
-+ cred = __task_cred(task);
+- if (task) {
++ cred = __task_cred(task);
++ if (task
+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
+ && (!tmp->uid || (tmp->uid == cred->uid)
+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
@@ -162,6 +164,7 @@
+#endif
+ )
+#endif
++ ) {
if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
+#ifdef CONFIG_GRKERNSEC_PROC_USER
+ (inode->i_mode == (S_IFDIR|S_IRUSR|S_IXUSR)) ||
@@ -179,7 +182,7 @@
}
}
rcu_read_unlock();
-@@ -1517,11 +1537,20 @@
+@@ -1517,11 +1538,20 @@
if (task) {
if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
@@ -200,7 +203,7 @@
rcu_read_unlock();
} else {
inode->i_uid = 0;
-@@ -1894,12 +1923,19 @@
+@@ -1894,12 +1924,19 @@
static int proc_fd_permission(struct inode *inode, int mask)
{
int rv;
@@ -222,7 +225,7 @@
return rv;
}
-@@ -2685,7 +2721,14 @@
+@@ -2685,7 +2722,14 @@
if (!inode)
goto out;
@@ -237,7 +240,7 @@
inode->i_op = &proc_tgid_base_inode_operations;
inode->i_fop = &proc_tgid_base_operations;
inode->i_flags|=S_IMMUTABLE;
-@@ -2792,6 +2835,10 @@
+@@ -2792,6 +2836,10 @@
{
unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY;
struct task_struct *reaper = get_proc_task(filp->f_path.dentry->d_inode);
@@ -248,40 +251,38 @@
struct tgid_iter iter;
struct pid_namespace *ns;
-@@ -2810,6 +2857,20 @@
+@@ -2810,6 +2858,18 @@
for (iter = next_tgid(ns, iter);
iter.task;
iter.tgid += 1, iter = next_tgid(ns, iter)) {
+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
+ itercred = __task_cred(iter.task);
+#endif
-+ if (gr_pid_is_chrooted(iter.task) || gr_check_hidden_task(iter.task)
-+ #if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ || (tmp->uid && (itercred->uid != tmp->uid)
-+ #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ && !in_group_p(CONFIG_GRKERNSEC_PROC_GID)
-+ #endif
-+ )
++#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
++ if (tmp->uid && (itercred->uid != tmp->uid)
++ #ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
++ && !in_group_p(CONFIG_GRKERNSEC_PROC_GID)
++ #endif
++ )
+#endif
-+ )
+ continue;
+
filp->f_pos = iter.tgid + TGID_OFFSET;
if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) {
put_task_struct(iter.task);
-@@ -2891,6 +2952,9 @@
+@@ -2891,6 +2951,9 @@
#ifdef CONFIG_TASK_IO_ACCOUNTING
INF("io", S_IRUGO, proc_tid_io_accounting),
#endif
+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+ INF("ipaddr", S_IRUSR, pid_ipaddr),
++ INF("ipaddr", S_IRUSR, proc_pid_ipaddr),
+#endif
};
static int proc_tid_base_readdir(struct file * filp,
-diff -Nru linux-2.6.29/fs/proc/cmdline.c linux-2.6.29-grsec/fs/proc/cmdline.c
---- linux-2.6.29/fs/proc/cmdline.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/cmdline.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/cmdline.c linux-2.6.29/fs/proc/cmdline.c
+--- linux-2.6.29-orig/fs/proc/cmdline.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/cmdline.c 2009-03-29 23:34:04.452349599 +0200
@@ -23,7 +23,15 @@
static int __init proc_cmdline_init(void)
@@ -299,9 +300,9 @@
return 0;
}
module_init(proc_cmdline_init);
-diff -Nru linux-2.6.29/fs/proc/devices.c linux-2.6.29-grsec/fs/proc/devices.c
---- linux-2.6.29/fs/proc/devices.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/devices.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/devices.c linux-2.6.29/fs/proc/devices.c
+--- linux-2.6.29-orig/fs/proc/devices.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/devices.c 2009-03-29 23:34:04.452349599 +0200
@@ -64,7 +64,13 @@
static int __init proc_devices_init(void)
@@ -317,9 +318,9 @@
return 0;
}
module_init(proc_devices_init);
-diff -Nru linux-2.6.29/fs/proc/inode.c linux-2.6.29-grsec/fs/proc/inode.c
---- linux-2.6.29/fs/proc/inode.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/inode.c 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/inode.c linux-2.6.29/fs/proc/inode.c
+--- linux-2.6.29-orig/fs/proc/inode.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/inode.c 2009-03-29 23:34:04.452349599 +0200
@@ -463,7 +463,11 @@
if (de->mode) {
inode->i_mode = de->mode;
@@ -332,9 +333,9 @@
}
if (de->size)
inode->i_size = de->size;
-diff -Nru linux-2.6.29/fs/proc/internal.h linux-2.6.29-grsec/fs/proc/internal.h
---- linux-2.6.29/fs/proc/internal.h 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/internal.h 2009-03-29 22:55:48.649464378 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/internal.h linux-2.6.29/fs/proc/internal.h
+--- linux-2.6.29-orig/fs/proc/internal.h 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/internal.h 2009-03-29 23:34:04.452349599 +0200
@@ -51,6 +51,9 @@
struct pid *pid, struct task_struct *task);
extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
@@ -345,9 +346,9 @@
extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
extern const struct file_operations proc_maps_operations;
-diff -Nru linux-2.6.29/fs/proc/Kconfig linux-2.6.29-grsec/fs/proc/Kconfig
---- linux-2.6.29/fs/proc/Kconfig 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/Kconfig 2009-03-29 22:55:48.612631221 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/Kconfig linux-2.6.29/fs/proc/Kconfig
+--- linux-2.6.29-orig/fs/proc/Kconfig 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/Kconfig 2009-03-29 23:34:04.452349599 +0200
@@ -30,12 +30,12 @@
config PROC_KCORE
@@ -364,9 +365,9 @@
help
Exports the dump image of crashed kernel in ELF format.
-diff -Nru linux-2.6.29/fs/proc/kcore.c linux-2.6.29-grsec/fs/proc/kcore.c
---- linux-2.6.29/fs/proc/kcore.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/kcore.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/kcore.c linux-2.6.29/fs/proc/kcore.c
+--- linux-2.6.29-orig/fs/proc/kcore.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/kcore.c 2009-03-29 23:34:04.452349599 +0200
@@ -404,10 +404,12 @@
static int __init proc_kcore_init(void)
@@ -380,9 +381,9 @@
return 0;
}
module_init(proc_kcore_init);
-diff -Nru linux-2.6.29/fs/proc/root.c linux-2.6.29-grsec/fs/proc/root.c
---- linux-2.6.29/fs/proc/root.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/fs/proc/root.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/fs/proc/root.c linux-2.6.29/fs/proc/root.c
+--- linux-2.6.29-orig/fs/proc/root.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/fs/proc/root.c 2009-03-29 23:34:04.452349599 +0200
@@ -134,7 +134,15 @@
#ifdef CONFIG_PROC_DEVICETREE
proc_device_tree_init();
@@ -399,9 +400,9 @@
proc_sys_init();
}
-diff -Nru linux-2.6.29/grsecurity/grsec_disabled.c linux-2.6.29-grsec/grsecurity/grsec_disabled.c
---- linux-2.6.29/grsecurity/grsec_disabled.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_disabled.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_disabled.c linux-2.6.29/grsecurity/grsec_disabled.c
+--- linux-2.6.29-orig/grsecurity/grsec_disabled.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_disabled.c 2009-03-29 23:34:04.452349599 +0200
@@ -0,0 +1,6 @@
+void
+grsecurity_init(void)
@@ -409,9 +410,9 @@
+ return;
+}
+
-diff -Nru linux-2.6.29/grsecurity/grsec_fifo.c linux-2.6.29-grsec/grsecurity/grsec_fifo.c
---- linux-2.6.29/grsecurity/grsec_fifo.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_fifo.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_fifo.c linux-2.6.29/grsecurity/grsec_fifo.c
+--- linux-2.6.29-orig/grsecurity/grsec_fifo.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_fifo.c 2009-03-29 23:34:04.452349599 +0200
@@ -0,0 +1,21 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -434,9 +435,9 @@
+#endif
+ return 0;
+}
-diff -Nru linux-2.6.29/grsecurity/grsec_init.c linux-2.6.29-grsec/grsecurity/grsec_init.c
---- linux-2.6.29/grsecurity/grsec_init.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_init.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_init.c linux-2.6.29/grsecurity/grsec_init.c
+--- linux-2.6.29-orig/grsecurity/grsec_init.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_init.c 2009-03-29 23:34:04.452349599 +0200
@@ -0,0 +1,29 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -467,9 +468,9 @@
+
+ return;
+}
-diff -Nru linux-2.6.29/grsecurity/grsec_link.c linux-2.6.29-grsec/grsecurity/grsec_link.c
---- linux-2.6.29/grsecurity/grsec_link.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_link.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_link.c linux-2.6.29/grsecurity/grsec_link.c
+--- linux-2.6.29-orig/grsecurity/grsec_link.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_link.c 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,39 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -510,9 +511,9 @@
+#endif
+ return 0;
+}
-diff -Nru linux-2.6.29/grsecurity/grsec_sock.c linux-2.6.29-grsec/grsecurity/grsec_sock.c
---- linux-2.6.29/grsecurity/grsec_sock.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_sock.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_sock.c linux-2.6.29/grsecurity/grsec_sock.c
+--- linux-2.6.29-orig/grsecurity/grsec_sock.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_sock.c 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,170 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
@@ -684,9 +685,9 @@
+ return;
+}
+
-diff -Nru linux-2.6.29/grsecurity/grsec_sysctl.c linux-2.6.29-grsec/grsecurity/grsec_sysctl.c
---- linux-2.6.29/grsecurity/grsec_sysctl.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/grsec_sysctl.c 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/grsec_sysctl.c linux-2.6.29/grsecurity/grsec_sysctl.c
+--- linux-2.6.29-orig/grsecurity/grsec_sysctl.c 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/grsec_sysctl.c 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,52 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
@@ -740,9 +741,9 @@
+ { .ctl_name = 0 }
+};
+#endif
-diff -Nru linux-2.6.29/grsecurity/Kconfig linux-2.6.29-grsec/grsecurity/Kconfig
---- linux-2.6.29/grsecurity/Kconfig 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/Kconfig 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/Kconfig linux-2.6.29/grsecurity/Kconfig
+--- linux-2.6.29-orig/grsecurity/Kconfig 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/Kconfig 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,123 @@
+#
+# grecurity configuration
@@ -867,9 +868,9 @@
+ the sysctl entries.
+
+endmenu
-diff -Nru linux-2.6.29/grsecurity/Makefile linux-2.6.29-grsec/grsecurity/Makefile
---- linux-2.6.29/grsecurity/Makefile 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/grsecurity/Makefile 2009-03-29 22:55:48.616329143 +0200
+diff -Nru linux-2.6.29-orig/grsecurity/Makefile linux-2.6.29/grsecurity/Makefile
+--- linux-2.6.29-orig/grsecurity/Makefile 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/grsecurity/Makefile 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,11 @@
+# All code in this directory and various hooks inserted throughout the kernel
+# are copyright Brad Spengler, and released under the GPL v2 or higher
@@ -882,9 +883,9 @@
+obj-y += grsec_disabled.o
+endif
+
-diff -Nru linux-2.6.29/include/linux/grinternal.h linux-2.6.29-grsec/include/linux/grinternal.h
---- linux-2.6.29/include/linux/grinternal.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/include/linux/grinternal.h 2009-03-29 22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/grinternal.h linux-2.6.29/include/linux/grinternal.h
+--- linux-2.6.29-orig/include/linux/grinternal.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/include/linux/grinternal.h 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,14 @@
+#ifndef __GRINTERNAL_H
+#define __GRINTERNAL_H
@@ -900,9 +901,9 @@
+#endif
+
+#endif
-diff -Nru linux-2.6.29/include/linux/grsecurity.h linux-2.6.29-grsec/include/linux/grsecurity.h
---- linux-2.6.29/include/linux/grsecurity.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.6.29-grsec/include/linux/grsecurity.h 2009-03-29 22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/grsecurity.h linux-2.6.29/include/linux/grsecurity.h
+--- linux-2.6.29-orig/include/linux/grsecurity.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.6.29/include/linux/grsecurity.h 2009-03-29 23:34:04.456724414 +0200
@@ -0,0 +1,18 @@
+#ifndef GR_SECURITY_H
+#define GR_SECURITY_H
@@ -922,9 +923,9 @@
+ const int mode, const char *to);
+
+#endif
-diff -Nru linux-2.6.29/include/linux/sched.h linux-2.6.29-grsec/include/linux/sched.h
---- linux-2.6.29/include/linux/sched.h 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/include/linux/sched.h 2009-03-29 22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/sched.h linux-2.6.29/include/linux/sched.h
+--- linux-2.6.29-orig/include/linux/sched.h 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/include/linux/sched.h 2009-03-29 23:34:04.456724414 +0200
@@ -605,6 +605,15 @@
unsigned audit_tty;
struct tty_audit_buf *tty_audit_buf;
@@ -941,9 +942,9 @@
};
/* Context switch must be unlocked if interrupts are to be enabled */
-diff -Nru linux-2.6.29/include/linux/sysctl.h linux-2.6.29-grsec/include/linux/sysctl.h
---- linux-2.6.29/include/linux/sysctl.h 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/include/linux/sysctl.h 2009-03-29 22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/include/linux/sysctl.h linux-2.6.29/include/linux/sysctl.h
+--- linux-2.6.29-orig/include/linux/sysctl.h 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/include/linux/sysctl.h 2009-03-29 23:34:04.459223012 +0200
@@ -163,8 +163,11 @@
KERN_MAX_LOCK_DEPTH=74,
KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */
@@ -957,9 +958,9 @@
/* CTL_VM names: */
-diff -Nru linux-2.6.29/kernel/configs.c linux-2.6.29-grsec/kernel/configs.c
---- linux-2.6.29/kernel/configs.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/configs.c 2009-03-29 22:55:48.639297786 +0200
+diff -Nru linux-2.6.29-orig/kernel/configs.c linux-2.6.29/kernel/configs.c
+--- linux-2.6.29-orig/kernel/configs.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/configs.c 2009-03-29 23:34:04.459223012 +0200
@@ -73,8 +73,19 @@
struct proc_dir_entry *entry;
@@ -980,9 +981,9 @@
if (!entry)
return -ENOMEM;
-diff -Nru linux-2.6.29/kernel/exit.c linux-2.6.29-grsec/kernel/exit.c
---- linux-2.6.29/kernel/exit.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/exit.c 2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/exit.c linux-2.6.29/kernel/exit.c
+--- linux-2.6.29-orig/kernel/exit.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/exit.c 2009-03-29 23:34:04.459223012 +0200
@@ -48,6 +48,7 @@
#include <linux/tracehook.h>
#include <linux/init_task.h>
@@ -999,9 +1000,9 @@
tsk->signal = NULL;
tsk->sighand = NULL;
spin_unlock(&sighand->siglock);
-diff -Nru linux-2.6.29/kernel/kallsyms.c linux-2.6.29-grsec/kernel/kallsyms.c
---- linux-2.6.29/kernel/kallsyms.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/kallsyms.c 2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/kallsyms.c linux-2.6.29/kernel/kallsyms.c
+--- linux-2.6.29-orig/kernel/kallsyms.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/kallsyms.c 2009-03-29 23:34:04.459223012 +0200
@@ -478,7 +478,15 @@
static int __init kallsyms_init(void)
@@ -1018,9 +1019,9 @@
return 0;
}
__initcall(kallsyms_init);
-diff -Nru linux-2.6.29/kernel/resource.c linux-2.6.29-grsec/kernel/resource.c
---- linux-2.6.29/kernel/resource.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/resource.c 2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/resource.c linux-2.6.29/kernel/resource.c
+--- linux-2.6.29-orig/kernel/resource.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/resource.c 2009-03-29 23:34:04.459223012 +0200
@@ -132,8 +132,18 @@
static int __init ioresources_init(void)
@@ -1040,9 +1041,9 @@
return 0;
}
__initcall(ioresources_init);
-diff -Nru linux-2.6.29/kernel/sysctl.c linux-2.6.29-grsec/kernel/sysctl.c
---- linux-2.6.29/kernel/sysctl.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/kernel/sysctl.c 2009-03-29 22:55:48.642798453 +0200
+diff -Nru linux-2.6.29-orig/kernel/sysctl.c linux-2.6.29/kernel/sysctl.c
+--- linux-2.6.29-orig/kernel/sysctl.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/kernel/sysctl.c 2009-03-29 23:34:04.459223012 +0200
@@ -61,6 +61,11 @@
static int deprecated_sysctl_warning(struct __sysctl_args *args);
@@ -1090,9 +1091,9 @@
error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC));
if (error)
return error;
-diff -Nru linux-2.6.29/Makefile linux-2.6.29-grsec/Makefile
---- linux-2.6.29/Makefile 2009-03-29 22:56:50.747163685 +0200
-+++ linux-2.6.29-grsec/Makefile 2009-03-29 22:55:48.656120698 +0200
+diff -Nru linux-2.6.29-orig/Makefile linux-2.6.29/Makefile
+--- linux-2.6.29-orig/Makefile 2009-03-29 22:56:50.747163685 +0200
++++ linux-2.6.29/Makefile 2009-03-29 23:34:04.470474457 +0200
@@ -636,7 +636,7 @@
@@ -1102,9 +1103,9 @@
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-diff -Nru linux-2.6.29/net/ipv4/inet_hashtables.c linux-2.6.29-grsec/net/ipv4/inet_hashtables.c
---- linux-2.6.29/net/ipv4/inet_hashtables.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/net/ipv4/inet_hashtables.c 2009-03-29 22:55:48.649464378 +0200
+diff -Nru linux-2.6.29-orig/net/ipv4/inet_hashtables.c linux-2.6.29/net/ipv4/inet_hashtables.c
+--- linux-2.6.29-orig/net/ipv4/inet_hashtables.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/net/ipv4/inet_hashtables.c 2009-03-29 23:34:04.463807910 +0200
@@ -18,11 +18,14 @@
#include <linux/sched.h>
#include <linux/slab.h>
@@ -1129,9 +1130,9 @@
if (tw) {
inet_twsk_deschedule(tw, death_row);
inet_twsk_put(tw);
-diff -Nru linux-2.6.29/net/socket.c linux-2.6.29-grsec/net/socket.c
---- linux-2.6.29/net/socket.c 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/net/socket.c 2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/net/socket.c linux-2.6.29/net/socket.c
+--- linux-2.6.29-orig/net/socket.c 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/net/socket.c 2009-03-29 23:34:04.463807910 +0200
@@ -86,6 +86,7 @@
#include <linux/audit.h>
#include <linux/wireless.h>
@@ -1157,9 +1158,9 @@
out_put:
fput_light(sock->file, fput_needed);
-diff -Nru linux-2.6.29/security/Kconfig linux-2.6.29-grsec/security/Kconfig
---- linux-2.6.29/security/Kconfig 2009-03-24 00:12:14.000000000 +0100
-+++ linux-2.6.29-grsec/security/Kconfig 2009-03-29 22:55:48.646121675 +0200
+diff -Nru linux-2.6.29-orig/security/Kconfig linux-2.6.29/security/Kconfig
+--- linux-2.6.29-orig/security/Kconfig 2009-03-24 00:12:14.000000000 +0100
++++ linux-2.6.29/security/Kconfig 2009-03-29 23:34:04.463807910 +0200
@@ -4,6 +4,8 @@
menu "Security options"
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-grsec-minimal.patch?r1=1.8.4.2&r2=1.8.4.3&f=u
More information about the pld-cvs-commit
mailing list