packages (Titanium): kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch -...
hawk
hawk at pld-linux.org
Thu Feb 25 19:19:44 CET 2010
Author: hawk Date: Thu Feb 25 18:19:44 2010 GMT
Module: packages Tag: Titanium
---- Log message:
- recreated from scratch for 2.6.32.x kernels
---- Files affected:
packages/kernel-bare-vserver:
linux-2.6-grsec-vs-minimal.patch (1.1.2.8.2.12 -> 1.1.2.8.2.13)
---- Diffs:
================================================================
Index: packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch
diff -u packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.12 packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.13
--- packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch:1.1.2.8.2.12 Fri Nov 7 14:31:37 2008
+++ packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch Thu Feb 25 19:19:39 2010
@@ -1,506 +1,238 @@
-diff -urNp linux-2.6.27.4/arch/sparc/Makefile linux-2.6.27.4/arch/sparc/Makefile
---- linux-2.6.27.4/arch/sparc/Makefile 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/arch/sparc/Makefile 2008-10-25 12:03:06.000000000 -0400
-@@ -37,7 +37,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc
- # Renaming is done to avoid confusing pattern matching rules in 2.5.45 (multy-)
- INIT_Y := $(patsubst %/, %/built-in.o, $(init-y))
- CORE_Y := $(core-y)
--CORE_Y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/
-+CORE_Y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/
- CORE_Y := $(patsubst %/, %/built-in.o, $(CORE_Y))
- DRIVERS_Y := $(patsubst %/, %/built-in.o, $(drivers-y))
- NET_Y := $(patsubst %/, %/built-in.o, $(net-y))
-diff -urNp linux-2.6.27.4/drivers/char/keyboard.c linux-2.6.27.4/drivers/char/keyboard.c
---- linux-2.6.27.4/drivers/char/keyboard.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/drivers/char/keyboard.c 2008-10-27 22:36:17.000000000 -0400
-@@ -635,6 +635,16 @@ static void k_spec(struct vc_data *vc, u
- kbd->kbdmode == VC_MEDIUMRAW) &&
- value != KVAL(K_SAK))
- return; /* SAK is allowed even in raw mode */
+diff -urNp linux-2.6.32.9/arch/sparc/Makefile linux-2.6.32.9/arch/sparc/Makefile
+--- linux-2.6.32.9/arch/sparc/Makefile 2010-02-09 07:57:19.000000000 -0500
++++ linux-2.6.32.9/arch/sparc/Makefile 2010-02-23 17:09:53.091669311 -0500
+@@ -75,7 +75,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc
+ # Export what is needed by arch/sparc/boot/Makefile
+ export VMLINUX_INIT VMLINUX_MAIN
+ VMLINUX_INIT := $(head-y) $(init-y)
+-VMLINUX_MAIN := $(core-y) kernel/ mm/ fs/ ipc/ security/ crypto/ block/
++VMLINUX_MAIN := $(core-y) kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/
+ VMLINUX_MAIN += $(patsubst %/, %/lib.a, $(libs-y)) $(libs-y)
+ VMLINUX_MAIN += $(drivers-y) $(net-y)
+
+diff -urNp linux-2.6.32.9/Makefile linux-2.6.32.9/Makefile
+--- linux-2.6.32.9/Makefile 2010-02-23 17:04:11.556067453 -0500
++++ linux-2.6.32.9/Makefile 2010-02-23 17:09:53.343560823 -0500
+@@ -644,7 +644,7 @@ export mod_strip_cmd
+
+
+ ifeq ($(KBUILD_EXTMOD),)
+-core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/
++core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/
+
+ vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
+ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
+diff -urNp linux-2.6.32.9/grsecurity/Makefile linux-2.6.32.9/grsecurity/Makefile
+--- linux-2.6.32.9/grsecurity/Makefile 1969-12-31 19:00:00.000000000 -0500
++++ linux-2.6.32.9/grsecurity/Makefile 2010-02-23 17:09:53.308131663 -0500
+@@ -0,0 +1,11 @@
++# All code in this directory and various hooks inserted throughout the kernel
++# are copyright Brad Spengler - Open Source Security, Inc., and released
++# under the GPL v2 or higher
+
-+#if defined(CONFIG_GRKERNSEC_PROC)
-+ {
-+ void *func = fn_handler[value];
-+ if (func == fn_show_state || func == fn_show_ptregs ||
-+ func == fn_show_mem)
-+ return;
-+ }
-+#endif
++obj-y = grsec_fifo.o grsec_sock.o grsec_sysctl.o grsec_link.o
+
- fn_handler[value](vc);
- }
++obj-$(CONFIG_GRKERNSEC) += grsec_init.o
++
++ifndef CONFIG_GRKERNSEC
++obj-y += grsec_disabled.o
++endif
+diff -urNp linux-2.6.27.4/security/Kconfig linux-2.6.27.4/security/Kconfig
+--- linux-2.6.27.4/security/Kconfig 2008-10-22 17:38:01.000000000 -0400
++++ linux-2.6.27.4/security/Kconfig 2008-10-27 22:57:19.000000000 -0400
+@@ -4,6 +4,8 @@
-diff -urNp linux-2.6.27.4/drivers/pci/proc.c linux-2.6.27.4/drivers/pci/proc.c
---- linux-2.6.27.4/drivers/pci/proc.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/drivers/pci/proc.c 2008-10-25 12:03:06.000000000 -0400
-@@ -470,7 +470,16 @@ static const struct file_operations proc
- static int __init pci_proc_init(void)
- {
- struct pci_dev *dev = NULL;
+ menu "Security options"
+
++source grsecurity/Kconfig
+
-+#ifdef CONFIG_GRKERNSEC_PROC_ADD
-+#ifdef CONFIG_GRKERNSEC_PROC_USER
-+ proc_bus_pci_dir = proc_mkdir_mode("bus/pci", S_IRUSR | S_IXUSR, NULL);
-+#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ proc_bus_pci_dir = proc_mkdir_mode("bus/pci", S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP, NULL);
-+#endif
-+#else
- proc_bus_pci_dir = proc_mkdir("bus/pci", NULL);
-+#endif
- proc_create("devices", 0, proc_bus_pci_dir,
- &proc_bus_pci_dev_operations);
- proc_initialized = 1;
-diff -urNp linux-2.6.27.4/fs/namei.c linux-2.6.27.4/fs/namei.c
---- linux-2.6.27.4/fs/namei.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/namei.c 2008-10-27 22:36:18.000000000 -0400
-@@ -39,6 +39,8 @@
- #include <linux/vs_device.h>
- #include <linux/vs_context.h>
- #include <linux/pid_namespace.h>
-+#include <linux/grsecurity.h>
+ config KEYS
+ bool "Enable access key retention support"
+ help
+diff -urNp linux-2.6.32.9/grsecurity/Kconfig linux-2.6.32.9/grsecurity/Kconfig
+--- linux-2.6.32.9/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500
++++ linux-2.6.32.9/grsecurity/Kconfig 2010-02-23 17:09:53.308131663 -0500
+@@ -0,0 +1,100 @@
++#
++# grecurity configuration
++#
+
- #include <asm/uaccess.h>
-
- #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
-@@ -761,6 +763,13 @@ static inline int do_follow_link(struct
- err = security_inode_follow_link(path->dentry, nd);
- if (err)
- goto loop;
++menu "Grsecurity"
+
-+ if (gr_handle_follow_link(path->dentry->d_parent->d_inode,
-+ path->dentry->d_inode, path->dentry, nd->path.mnt)) {
-+ err = -EACCES;
-+ goto loop;
-+ }
++config GRKERNSEC_PROC
++ bool "Proc restrictions"
++ help
++ If you say Y here, the permissions of the /proc filesystem
++ will be altered to enhance system security and privacy. You MUST
++ choose either a user only restriction or a user and group restriction.
++ Depending upon the option you choose, you can either restrict users to
++ see only the processes they themselves run, or choose a group that can
++ view all processes and files normally restricted to root if you choose
++ the "restrict to user only" option. NOTE: If you're running identd as
++ a non-root user, you will have to run it as the group you specify here.
+
- current->link_count++;
- current->total_link_count++;
- nd->depth++;
-@@ -1871,6 +1880,12 @@ do_last:
- /*
- * It already exists.
- */
++config GRKERNSEC_PROC_USER
++ bool "Restrict /proc to user only"
++ depends on GRKERNSEC_PROC
++ help
++ If you say Y here, non-root users will only be able to view their own
++ processes, and restricts them from viewing network-related information,
++ and viewing kernel symbol and module information.
+
-+ if (gr_handle_fifo(path.dentry, nd.path.mnt, dir, flag, acc_mode)) {
-+ error = -EACCES;
-+ goto exit_mutex_unlock;
-+ }
++config GRKERNSEC_PROC_USERGROUP
++ bool "Allow special group"
++ depends on GRKERNSEC_PROC && !GRKERNSEC_PROC_USER
++ help
++ If you say Y here, you will be able to select a group that will be
++ able to view all processes, network-related information, and
++ kernel and symbol information. This option is useful if you want
++ to run identd as a non-root user.
+
- mutex_unlock(&dir->d_inode->i_mutex);
- audit_inode(pathname, path.dentry);
-
-@@ -1974,6 +1989,13 @@ do_link:
- error = security_inode_follow_link(path.dentry, &nd);
- if (error)
- goto exit_dput;
++config GRKERNSEC_PROC_GID
++ int "GID for special group"
++ depends on GRKERNSEC_PROC_USERGROUP
++ default 1001
+
-+ if (gr_handle_follow_link(path.dentry->d_parent->d_inode, path.dentry->d_inode,
-+ path.dentry, nd.path.mnt)) {
-+ error = -EACCES;
-+ goto exit_dput;
-+ }
++config GRKERNSEC_PROC_ADD
++ bool "Additional restrictions"
++ depends on GRKERNSEC_PROC_USER || GRKERNSEC_PROC_USERGROUP
++ help
++ If you say Y here, additional restrictions will be placed on
++ /proc that keep normal users from viewing device information and
++ slabinfo information that could be useful for exploits.
+
- error = __do_follow_link(&path, &nd);
- if (error) {
- /* Does someone understand code flow here? Or it is only
-@@ -2592,6 +2614,14 @@ asmlinkage long sys_linkat(int olddfd, c
- error = PTR_ERR(new_dentry);
- if (IS_ERR(new_dentry))
- goto out_unlock;
++config GRKERNSEC_LINK
++ bool "Linking restrictions"
++ help
++ If you say Y here, /tmp race exploits will be prevented, since users
++ will no longer be able to follow symlinks owned by other users in
++ world-writable +t directories (i.e. /tmp), unless the owner of the
++ symlink is the owner of the directory. users will also not be
++ able to hardlink to files they do not own. If the sysctl option is
++ enabled, a sysctl option with name "linking_restrictions" is created.
+
-+ if (gr_handle_hardlink(old_path.dentry, old_path.mnt,
-+ old_path.dentry->d_inode,
-+ old_path.dentry->d_inode->i_mode, to)) {
-+ error = -EACCES;
-+ goto out_dput;
-+ }
++config GRKERNSEC_FIFO
++ bool "FIFO restrictions"
++ help
++ If you say Y here, users will not be able to write to FIFOs they don't
++ own in world-writable +t directories (i.e. /tmp), unless the owner of
++ the FIFO is the same owner of the directory it's held in. If the sysctl
++ option is enabled, a sysctl option with name "fifo_restrictions" is
++ created.
+
- error = mnt_want_write(nd.path.mnt);
- if (error)
- goto out_dput;
-diff -urNp linux-2.6.27.4/fs/proc/array.c linux-2.6.27.4/fs/proc/array.c
---- linux-2.6.27.4/fs/proc/array.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/array.c 2008-10-27 22:36:18.000000000 -0400
-@@ -585,3 +585,10 @@ int proc_pid_statm(struct seq_file *m, s
-
- return 0;
- }
++config GRKERNSEC_DMESG
++ bool "Dmesg(8) restriction"
++ help
++ If you say Y here, non-root users will not be able to use dmesg(8)
++ to view up to the last 4kb of messages in the kernel's log buffer.
++ If the sysctl option is enabled, a sysctl option with name "dmesg" is
++ created.
+
-+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+int proc_pid_ipaddr(struct task_struct *task, char *buffer)
-+{
-+ return sprintf(buffer, "%u.%u.%u.%u\n", NIPQUAD(task->signal->curr_ip));
-+}
-+#endif
-diff -urNp linux-2.6.27.4/fs/proc/base.c linux-2.6.27.4/fs/proc/base.c
---- linux-2.6.27.4/fs/proc/base.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/base.c 2008-10-27 22:36:18.000000000 -0400
-@@ -81,6 +81,8 @@
- #include <linux/pid_namespace.h>
- #include <linux/vs_context.h>
- #include <linux/vs_network.h>
-+#include <linux/grsecurity.h>
++config GRKERNSEC_SYSCTL
++ bool "Sysctl support"
++ help
++ If you say Y here, you will be able to change the options that
++ grsecurity runs with at bootup, without having to recompile your
++ kernel. You can echo values to files in /proc/sys/kernel/grsecurity
++ to enable (1) or disable (0) various features. All the sysctl entries
++ are mutable until the "grsec_lock" entry is set to a non-zero value.
++ All features enabled in the kernel configuration are disabled at boot
++ if you do not say Y to the "Turn on features by default" option.
++ All options should be set at startup, and the grsec_lock entry should
++ be set to a non-zero value after all the options are set.
++ *THIS IS EXTREMELY IMPORTANT*
+
- #include "internal.h"
-
- /* NOTE:
-@@ -150,7 +152,7 @@ static unsigned int pid_entry_count_dirs
- return count;
- }
++config GRKERNSEC_SYSCTL_ON
++ bool "Turn on features by default"
++ depends on GRKERNSEC_SYSCTL
++ help
++ If you say Y here, instead of having all features enabled in the
++ kernel configuration disabled at boot time, the features will be
++ enabled at boot time. It is recommended you say Y here unless
++ there is some reason you would want all sysctl-tunable features to
++ be disabled by default. As mentioned elsewhere, it is important
++ to enable the grsec_lock entry once you have finished modifying
++ the sysctl entries.
+diff -urNp linux-2.6.32.9/include/linux/security.h linux-2.6.32.9/include/linux/security.h
+--- linux-2.6.32.9/include/linux/security.h 2010-02-09 07:57:19.000000000 -0500
++++ linux-2.6.32.9/include/linux/security.h 2010-02-23 17:09:53.320537081 -0500
+@@ -34,6 +34,7 @@
+ #include <linux/key.h>
+ #include <linux/xfrm.h>
+ #include <linux/gfp.h>
++#include <linux/grsecurity.h>
+ #include <net/flow.h>
--int maps_protect;
-+int maps_protect = 1;
- EXPORT_SYMBOL(maps_protect);
-
- static struct fs_struct *get_fs_struct(struct task_struct *task)
-@@ -314,9 +316,9 @@ static int proc_pid_auxv(struct task_str
- struct mm_struct *mm = get_task_mm(task);
- if (mm) {
- unsigned int nwords = 0;
-- do
-+ do {
- nwords += 2;
-- while (mm->saved_auxv[nwords - 2] != 0); /* AT_NULL */
-+ } while (mm->saved_auxv[nwords - 2] != 0); /* AT_NULL */
- res = nwords * sizeof(mm->saved_auxv[0]);
- if (res > PAGE_SIZE)
- res = PAGE_SIZE;
-@@ -1439,7 +1441,11 @@ static struct inode *proc_pid_make_inode
- inode->i_gid = 0;
- if (task_dumpable(task)) {
- inode->i_uid = task->euid;
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
-+#else
- inode->i_gid = task->egid;
+ /* Maximum number of letters for an LSM name string */
+diff -urNp linux-2.6.32.9/include/linux/grinternal.h linux-2.6.32.9/include/linux/grinternal.h
+--- linux-2.6.32.9/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500
++++ linux-2.6.32.9/include/linux/grinternal.h 2010-02-23 17:09:53.311553777 -0500
+@@ -0,0 +1,14 @@
++#ifndef __GRINTERNAL_H
++#define __GRINTERNAL_H
++
++#ifdef CONFIG_GRKERNSEC
++
++#include <linux/fs.h>
++
++extern int grsec_enable_link;
++extern int grsec_enable_fifo;
++extern int grsec_lock;
++
+#endif
- }
- /* procfs is xid tagged */
- inode->i_tag = (tag_t)vx_task_xid(task);
-@@ -1457,17 +1463,39 @@ static int pid_getattr(struct vfsmount *
- {
- struct inode *inode = dentry->d_inode;
- struct task_struct *task;
-+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ struct task_struct *tmp = current;
++
+#endif
+diff -urNp linux-2.6.32.9/include/linux/grsecurity.h linux-2.6.32.9/include/linux/grsecurity.h
+--- linux-2.6.32.9/include/linux/grsecurity.h 1969-12-31 19:00:00.000000000 -0500
++++ linux-2.6.32.9/include/linux/grsecurity.h 2010-02-23 17:09:53.311553777 -0500
+@@ -0,0 +1,24 @@
++#ifndef GR_SECURITY_H
++#define GR_SECURITY_H
++#include <linux/fs.h>
++#include <linux/fs_struct.h>
++#include <linux/binfmts.h>
+
- generic_fillattr(inode, stat);
-
- rcu_read_lock();
- stat->uid = 0;
- stat->gid = 0;
- task = pid_task(proc_pid(inode), PIDTYPE_PID);
-- if (task) {
++void gr_del_task_from_ip_table(struct task_struct *p);
++
++int gr_handle_follow_link(const struct inode *parent,
++ const struct inode *inode,
++ const struct dentry *dentry,
++ const struct vfsmount *mnt);
++int gr_handle_fifo(const struct dentry *dentry,
++ const struct vfsmount *mnt,
++ const struct dentry *dir, const int flag,
++ const int acc_mode);
++int gr_handle_hardlink(const struct dentry *dentry,
++ const struct vfsmount *mnt,
++ struct inode *inode,
++ const int mode, const char *to);
++
++extern int grsec_enable_dmesg;
+
-+ if (task
-+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ && (!tmp->uid || (tmp->uid == task->uid)
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ || in_group_p(CONFIG_GRKERNSEC_PROC_GID)
+#endif
-+ )
+diff -urNp linux-2.6.32.9/include/linux/sched.h linux-2.6.32.9/include/linux/sched.h
+--- linux-2.6.32.9/include/linux/sched.h 2010-02-23 17:04:12.651619895 -0500
++++ linux-2.6.32.9/include/linux/sched.h 2010-02-23 17:09:53.320537081 -0500
+@@ -664,6 +665,15 @@ struct signal_struct {
+ struct tty_audit_buf *tty_audit_buf;
+ #endif
+
++#ifdef CONFIG_GRKERNSEC
++ u32 curr_ip;
++ u32 gr_saddr;
++ u32 gr_daddr;
++ u16 gr_sport;
++ u16 gr_dport;
++ u8 used_accept:1;
+#endif
-+ ) {
- if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
-+#ifdef CONFIG_GRKERNSEC_PROC_USER
-+ (inode->i_mode == (S_IFDIR|S_IRUSR|S_IXUSR)) ||
-+#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ (inode->i_mode == (S_IFDIR|S_IRUSR|S_IRGRP|S_IXUSR|S_IXGRP)) ||
-+#endif
- task_dumpable(task)) {
- stat->uid = task->euid;
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ stat->gid = CONFIG_GRKERNSEC_PROC_GID;
-+#else
- stat->gid = task->egid;
-+#endif
- }
- }
- rcu_read_unlock();
-@@ -1495,11 +1523,21 @@ static int pid_revalidate(struct dentry
- {
- struct inode *inode = dentry->d_inode;
- struct task_struct *task = get_proc_task(inode);
-+
- if (task) {
- if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) ||
-+#ifdef CONFIG_GRKERNSEC_PROC_USER
-+ (inode->i_mode == (S_IFDIR|S_IRUSR|S_IXUSR)) ||
-+#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ (inode->i_mode == (S_IFDIR|S_IRUSR|S_IRGRP|S_IXUSR|S_IXGRP)) ||
-+#endif
- task_dumpable(task)) {
- inode->i_uid = task->euid;
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
-+#else
- inode->i_gid = task->egid;
-+#endif
- } else {
- inode->i_uid = 0;
- inode->i_gid = 0;
-@@ -1867,12 +1905,19 @@ static const struct file_operations proc
- static int proc_fd_permission(struct inode *inode, int mask)
- {
- int rv;
-+ struct task_struct *task;
-
- rv = generic_permission(inode, mask, NULL);
-- if (rv == 0)
-- return 0;
-+
- if (task_pid(current) == proc_pid(inode))
- rv = 0;
+
-+ task = get_proc_task(inode);
-+ if (task == NULL)
-+ return rv;
-+
-+ put_task_struct(task);
-+
- return rv;
- }
-
-@@ -2535,6 +2580,9 @@ static const struct pid_entry tgid_base_
- INF("io", S_IRUGO, tgid_io_accounting),
- #endif
- ONE("nsproxy", S_IRUGO, pid_nsproxy),
-+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+ INF("ipaddr", S_IRUSR, pid_ipaddr),
-+#endif
+ int oom_adj; /* OOM kill score adjustment (bit shift) */
};
- static int proc_tgid_base_readdir(struct file * filp,
-@@ -2664,7 +2712,14 @@ static struct dentry *proc_pid_instantia
- if (!inode)
- goto out;
-
-+#ifdef CONFIG_GRKERNSEC_PROC_USER
-+ inode->i_mode = S_IFDIR|S_IRUSR|S_IXUSR;
-+#elif defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
-+ inode->i_mode = S_IFDIR|S_IRUSR|S_IRGRP|S_IXUSR|S_IXGRP;
-+#else
- inode->i_mode = S_IFDIR|S_IRUGO|S_IXUGO;
-+#endif
- inode->i_op = &proc_tgid_base_inode_operations;
- inode->i_fop = &proc_tgid_base_operations;
- inode->i_flags|=S_IMMUTABLE;
-@@ -2771,6 +2826,9 @@ int proc_pid_readdir(struct file * filp,
- {
- unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY;
- struct task_struct *reaper = get_proc_task_real(filp->f_path.dentry->d_inode);
-+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ struct task_struct *tmp = current;
-+#endif
- struct tgid_iter iter;
- struct pid_namespace *ns;
-
-@@ -2789,6 +2847,15 @@ int proc_pid_readdir(struct file * filp,
- for (iter = next_tgid(ns, iter);
- iter.task;
- iter.tgid += 1, iter = next_tgid(ns, iter)) {
-+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
-+ if (tmp->uid && (iter.task->uid != tmp->uid)
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ && !in_group_p(CONFIG_GRKERNSEC_PROC_GID)
-+#endif
-+ )
-+#endif
-+ continue;
-+
- filp->f_pos = iter.tgid + TGID_OFFSET;
- if (!vx_proc_task_visible(iter.task))
- continue;
-diff -urNp linux-2.6.27.4/fs/proc/inode.c linux-2.6.27.4/fs/proc/inode.c
---- linux-2.6.27.4/fs/proc/inode.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/inode.c 2008-10-25 12:03:07.000000000 -0400
-@@ -467,7 +467,11 @@ struct inode *proc_get_inode(struct supe
- if (de->mode) {
- inode->i_mode = de->mode;
- inode->i_uid = de->uid;
-+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
-+ inode->i_gid = CONFIG_GRKERNSEC_PROC_GID;
-+#else
- inode->i_gid = de->gid;
-+#endif
- }
- if (de->vx_flags)
- PROC_I(inode)->vx_flags = de->vx_flags;
-diff -urNp linux-2.6.27.4/fs/proc/internal.h linux-2.6.27.4/fs/proc/internal.h
---- linux-2.6.27.4/fs/proc/internal.h 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/internal.h 2008-10-25 12:03:07.000000000 -0400
-@@ -58,6 +58,9 @@ extern int proc_pid_statm(struct seq_fil
- struct pid *pid, struct task_struct *task);
- extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
- struct pid *pid, struct task_struct *task);
-+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR
-+extern int proc_pid_ipaddr(struct task_struct *task, char *buffer);
-+#endif
-
- extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
-
-diff -urNp linux-2.6.27.4/fs/proc/Kconfig linux-2.6.27.4/fs/proc/Kconfig
---- linux-2.6.27.4/fs/proc/Kconfig 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/Kconfig 2008-10-25 12:20:56.000000000 -0400
-@@ -30,12 +30,12 @@ config PROC_FS
-
- config PROC_KCORE
- bool "/proc/kcore support" if !ARM
-- depends on PROC_FS && MMU
-+ depends on PROC_FS && MMU && !GRKERNSEC_PROC_ADD
-
- config PROC_VMCORE
- bool "/proc/vmcore support (EXPERIMENTAL)"
-- depends on PROC_FS && CRASH_DUMP
-- default y
-+ depends on PROC_FS && CRASH_DUMP && !GRKERNSEC
-+ default n
- help
- Exports the dump image of crashed kernel in ELF format.
-
-diff -urNp linux-2.6.27.4/fs/proc/proc_misc.c linux-2.6.27.4/fs/proc/proc_misc.c
---- linux-2.6.27.4/fs/proc/proc_misc.c 2008-10-22 17:38:01.000000000 -0400
-+++ linux-2.6.27.4/fs/proc/proc_misc.c 2008-10-25 12:03:07.000000000 -0400
-@@ -881,6 +881,8 @@ struct proc_dir_entry *proc_root_kcore;
-
- void __init proc_misc_init(void)
- {
-+ int gr_mode = 0;
-+
- static struct {
- char *name;
- int (*read_proc)(char*,char**,off_t,int,int*,void*);
-@@ -896,13 +898,24 @@ void __init proc_misc_init(void)
- {"stram", stram_read_proc},
- #endif
- {"filesystems", filesystems_read_proc},
-+#ifndef CONFIG_GRKERNSEC_PROC_ADD
- {"cmdline", cmdline_read_proc},
-+#endif
- {"execdomains", execdomains_read_proc},
- {NULL,}
- };
- for (p = simple_ones; p->name; p++)
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel-bare-vserver/linux-2.6-grsec-vs-minimal.patch?r1=1.1.2.8.2.12&r2=1.1.2.8.2.13&f=u
More information about the pld-cvs-commit
mailing list