packages (GRSECURITY_RAW): kernel/kernel-grsec_full.patch http://grsecurity...

arekm arekm at pld-linux.org
Wed Jan 19 18:59:23 CET 2011 

Author: arekm                        Date: Wed Jan 19 17:59:23 2011 GMT
Module: packages                      Tag: GRSECURITY_RAW
---- Log message:
http://grsecurity.net/~spender/grsecurity-2.2.1-2.6.37-201101172105.patch

---- Files affected:
packages/kernel:
   kernel-grsec_full.patch (1.3.2.53 -> 1.3.2.54) 

---- Diffs:

================================================================
Index: packages/kernel/kernel-grsec_full.patch
diff -u packages/kernel/kernel-grsec_full.patch:1.3.2.53 packages/kernel/kernel-grsec_full.patch:1.3.2.54
--- packages/kernel/kernel-grsec_full.patch:1.3.2.53	Mon Jan 17 09:36:10 2011
+++ packages/kernel/kernel-grsec_full.patch	Wed Jan 19 18:59:06 2011
@@ -27523,6 +27523,19 @@
  static struct kgdb_io kgdboc_io_ops = {
  	.name			= "kgdboc",
  	.read_char		= kgdboc_get_char,
+diff -urNp linux-2.6.37/drivers/staging/autofs/root.c linux-2.6.37/drivers/staging/autofs/root.c
+--- linux-2.6.37/drivers/staging/autofs/root.c	2011-01-04 19:50:19.000000000 -0500
++++ linux-2.6.37/drivers/staging/autofs/root.c	2011-01-17 21:04:34.000000000 -0500
+@@ -308,7 +308,8 @@ static int autofs_root_symlink(struct in
+ 	set_bit(n,sbi->symlink_bitmap);
+ 	sl = &sbi->symlink[n];
+ 	sl->len = strlen(symname);
+-	sl->data = kmalloc(slsize = sl->len+1, GFP_KERNEL);
++	slsize = sl->len + 1;
++	sl->data = kmalloc(slsize, GFP_KERNEL);
+ 	if (!sl->data) {
+ 		clear_bit(n,sbi->symlink_bitmap);
+ 		unlock_kernel();
 diff -urNp linux-2.6.37/drivers/staging/bcm/Bcmchar.c linux-2.6.37/drivers/staging/bcm/Bcmchar.c
 --- linux-2.6.37/drivers/staging/bcm/Bcmchar.c	2011-01-04 19:50:19.000000000 -0500
 +++ linux-2.6.37/drivers/staging/bcm/Bcmchar.c	2011-01-17 02:41:01.000000000 -0500
@@ -31937,7 +31950,7 @@
  	lock_flocks();
 diff -urNp linux-2.6.37/fs/namei.c linux-2.6.37/fs/namei.c
 --- linux-2.6.37/fs/namei.c	2011-01-04 19:50:19.000000000 -0500
-+++ linux-2.6.37/fs/namei.c	2011-01-17 02:46:52.000000000 -0500
++++ linux-2.6.37/fs/namei.c	2011-01-17 11:57:48.000000000 -0500
 @@ -221,14 +221,6 @@ int generic_permission(struct inode *ino
  		return ret;
  
@@ -32155,7 +32168,19 @@
  	mutex_unlock(&dir->d_inode->i_mutex);
  	audit_inode(pathname, path->dentry);
  
-@@ -2013,6 +2064,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const
+@@ -1838,6 +1889,11 @@ reval:
+ 		error = security_inode_follow_link(path.dentry, &nd);
+ 		if (error)
+ 			goto exit_dput;
++		if (gr_handle_follow_link(path.dentry->d_parent->d_inode,
++					  path.dentry->d_inode, path.dentry, nd.path.mnt)) {
++			error = -EACCES;
++			goto exit_dput;
++		}
+ 		error = __do_follow_link(&path, &nd, &cookie);
+ 		if (unlikely(error)) {
+ 			/* nd.path had been dropped */
+@@ -2013,6 +2069,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const
  	error = may_mknod(mode);
  	if (error)
  		goto out_dput;
@@ -32173,7 +32198,7 @@
  	error = mnt_want_write(nd.path.mnt);
  	if (error)
  		goto out_dput;
-@@ -2033,6 +2095,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const
+@@ -2033,6 +2100,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const
  	}
  out_drop_write:
  	mnt_drop_write(nd.path.mnt);
@@ -32183,7 +32208,7 @@
  out_dput:
  	dput(dentry);
  out_unlock:
-@@ -2085,6 +2150,11 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const
+@@ -2085,6 +2155,11 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const
  	if (IS_ERR(dentry))
  		goto out_unlock;
  
@@ -32195,7 +32220,7 @@
  	if (!IS_POSIXACL(nd.path.dentry->d_inode))
  		mode &= ~current_umask();
  	error = mnt_want_write(nd.path.mnt);
-@@ -2096,6 +2166,10 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const
+@@ -2096,6 +2171,10 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const
  	error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode);
  out_drop_write:
  	mnt_drop_write(nd.path.mnt);
@@ -32206,7 +32231,7 @@
  out_dput:
  	dput(dentry);
  out_unlock:
-@@ -2177,6 +2251,8 @@ static long do_rmdir(int dfd, const char
+@@ -2177,6 +2256,8 @@ static long do_rmdir(int dfd, const char
  	char * name;
  	struct dentry *dentry;
  	struct nameidata nd;
@@ -32215,7 +32240,7 @@
  
  	error = user_path_parent(dfd, pathname, &nd, &name);
  	if (error)
-@@ -2201,6 +2277,19 @@ static long do_rmdir(int dfd, const char
+@@ -2201,6 +2282,19 @@ static long do_rmdir(int dfd, const char
  	error = PTR_ERR(dentry);
  	if (IS_ERR(dentry))
  		goto exit2;
@@ -32235,7 +32260,7 @@
  	error = mnt_want_write(nd.path.mnt);
  	if (error)
  		goto exit3;
-@@ -2208,6 +2297,8 @@ static long do_rmdir(int dfd, const char
+@@ -2208,6 +2302,8 @@ static long do_rmdir(int dfd, const char
  	if (error)
  		goto exit4;
  	error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
@@ -32244,7 +32269,7 @@
  exit4:
  	mnt_drop_write(nd.path.mnt);
  exit3:
-@@ -2270,6 +2361,8 @@ static long do_unlinkat(int dfd, const c
+@@ -2270,6 +2366,8 @@ static long do_unlinkat(int dfd, const c
  	struct dentry *dentry;
  	struct nameidata nd;
  	struct inode *inode = NULL;
@@ -32253,7 +32278,7 @@
  
  	error = user_path_parent(dfd, pathname, &nd, &name);
  	if (error)
-@@ -2289,8 +2382,17 @@ static long do_unlinkat(int dfd, const c
+@@ -2289,8 +2387,17 @@ static long do_unlinkat(int dfd, const c
  		if (nd.last.name[nd.last.len])
  			goto slashes;
  		inode = dentry->d_inode;
@@ -32272,7 +32297,7 @@
  		error = mnt_want_write(nd.path.mnt);
  		if (error)
  			goto exit2;
-@@ -2298,6 +2400,8 @@ static long do_unlinkat(int dfd, const c
+@@ -2298,6 +2405,8 @@ static long do_unlinkat(int dfd, const c
  		if (error)
  			goto exit3;
  		error = vfs_unlink(nd.path.dentry->d_inode, dentry);
@@ -32281,7 +32306,7 @@
  exit3:
  		mnt_drop_write(nd.path.mnt);
  	exit2:
-@@ -2375,6 +2479,11 @@ SYSCALL_DEFINE3(symlinkat, const char __
+@@ -2375,6 +2484,11 @@ SYSCALL_DEFINE3(symlinkat, const char __
  	if (IS_ERR(dentry))
  		goto out_unlock;
  
@@ -32293,7 +32318,7 @@
  	error = mnt_want_write(nd.path.mnt);
  	if (error)
  		goto out_dput;
-@@ -2382,6 +2491,8 @@ SYSCALL_DEFINE3(symlinkat, const char __
+@@ -2382,6 +2496,8 @@ SYSCALL_DEFINE3(symlinkat, const char __
  	if (error)
  		goto out_drop_write;
  	error = vfs_symlink(nd.path.dentry->d_inode, dentry, from);
@@ -32302,7 +32327,7 @@
  out_drop_write:
  	mnt_drop_write(nd.path.mnt);
  out_dput:
-@@ -2474,6 +2585,20 @@ SYSCALL_DEFINE5(linkat, int, olddfd, con
+@@ -2474,6 +2590,20 @@ SYSCALL_DEFINE5(linkat, int, olddfd, con
  	error = PTR_ERR(new_dentry);
  	if (IS_ERR(new_dentry))
  		goto out_unlock;
@@ -32323,7 +32348,7 @@
  	error = mnt_want_write(nd.path.mnt);
  	if (error)
  		goto out_dput;
-@@ -2481,6 +2606,8 @@ SYSCALL_DEFINE5(linkat, int, olddfd, con
+@@ -2481,6 +2611,8 @@ SYSCALL_DEFINE5(linkat, int, olddfd, con
  	if (error)
  		goto out_drop_write;
  	error = vfs_link(old_path.dentry, nd.path.dentry->d_inode, new_dentry);
@@ -32332,7 +32357,7 @@
  out_drop_write:
  	mnt_drop_write(nd.path.mnt);
  out_dput:
-@@ -2714,6 +2841,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -2714,6 +2846,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
  	if (new_dentry == trap)
  		goto exit5;
  
@@ -32345,7 +32370,7 @@
  	error = mnt_want_write(oldnd.path.mnt);
  	if (error)
  		goto exit5;
-@@ -2723,6 +2856,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
+@@ -2723,6 +2861,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
  		goto exit6;
  	error = vfs_rename(old_dir->d_inode, old_dentry,
  				   new_dir->d_inode, new_dentry);
@@ -34772,7 +34797,7 @@
 +}
 diff -urNp linux-2.6.37/grsecurity/gracl.c linux-2.6.37/grsecurity/gracl.c
 --- linux-2.6.37/grsecurity/gracl.c	1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.37/grsecurity/gracl.c	2011-01-17 02:41:02.000000000 -0500
++++ linux-2.6.37/grsecurity/gracl.c	2011-01-17 20:20:28.000000000 -0500
 @@ -0,0 +1,3991 @@
 +#include <linux/kernel.h>
 +#include <linux/module.h>
@@ -37815,7 +37840,7 @@
 +			gr_log_str(GR_DONT_AUDIT_GOOD, GR_RELOADI_ACL_MSG, GR_VERSION);
 +			error = -EAGAIN;
 +		} else if (!(chkpw(gr_usermode, gr_system_salt, gr_system_sum))) {
-+			lock_kernel();
++			preempt_disable();
 +
 +			pax_open_kernel();
 +			gr_status &= ~GR_READY;
@@ -37823,10 +37848,10 @@
 +
 +			free_variables();
 +			if (!(error2 = gracl_init(gr_usermode))) {
-+				unlock_kernel();
++				preempt_enable();
 +				gr_log_str(GR_DONT_AUDIT_GOOD, GR_RELOAD_ACL_MSG, GR_VERSION);
 +			} else {
-+				unlock_kernel();
++				preempt_enable();
 +				error = error2;
 +				gr_log_str(GR_DONT_AUDIT, GR_RELOADF_ACL_MSG, GR_VERSION);
 +			}
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_full.patch?r1=1.3.2.53&r2=1.3.2.54&f=u

More information about the pld-cvs-commit mailing list