diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2012-08-25 17:32:30 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2012-08-25 17:32:30 -0400 |
commit | 7a1d378a94319f2dd5b0a6e0e60bc22cb4110be7 (patch) | |
tree | 5fe4853db7f07dfa2a4651ace6b3f102de88248a /2.6.32 | |
parent | Grsec/PaX: 2.9.1-{2.6.32.59,3.2.28,3.5.2}-201208222031 (diff) | |
download | hardened-patchset-7a1d378a94319f2dd5b0a6e0e60bc22cb4110be7.tar.gz hardened-patchset-7a1d378a94319f2dd5b0a6e0e60bc22cb4110be7.tar.bz2 hardened-patchset-7a1d378a94319f2dd5b0a6e0e60bc22cb4110be7.zip |
Grsec/PaX: 2.9.1-{2.6.32.59,3.2.28,3.5.2}-20120824194320120824
Diffstat (limited to '2.6.32')
-rw-r--r-- | 2.6.32/0000_README | 2 | ||||
-rw-r--r-- | 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208232048.patch (renamed from 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208222030.patch) | 77 |
2 files changed, 76 insertions, 3 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index 24bc841..9c19fa1 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch From: http://www.kernel.org Desc: Linux 2.6.32.59 -Patch: 4420_grsecurity-2.9.1-2.6.32.59-201208222030.patch +Patch: 4420_grsecurity-2.9.1-2.6.32.59-201208232048.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208222030.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208232048.patch index a4b7131..da02455 100644 --- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208222030.patch +++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201208232048.patch @@ -55117,6 +55117,23 @@ index b38d3b7..b1cff23 100644 { /* Sometime a Level-One switch card. */ "Winbond W89c840", CanHaveMII | HasBrokenTx | FDXOnNoMII}, { "Winbond W89c840", CanHaveMII | HasBrokenTx}, +diff --git a/drivers/net/tun.c b/drivers/net/tun.c +index 0f77aca..a69420d 100644 +--- a/drivers/net/tun.c ++++ b/drivers/net/tun.c +@@ -1121,9 +1121,11 @@ static long tun_chr_ioctl(struct file *file, unsigned int cmd, + int sndbuf; + int ret; + +- if (cmd == TUNSETIFF || _IOC_TYPE(cmd) == 0x89) ++ if (cmd == TUNSETIFF || _IOC_TYPE(cmd) == 0x89) { + if (copy_from_user(&ifr, argp, sizeof ifr)) + return -EFAULT; ++ } else ++ memset(&ifr, 0, sizeof(ifr)); + + if (cmd == TUNGETFEATURES) { + /* Currently this just means: "what IFF flags are valid?". diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c index f450bc9..2b747c8 100644 --- a/drivers/net/usb/hso.c @@ -72050,6 +72067,18 @@ index 6c75110..19d2c3c 100644 error = -EFAULT; return error; +diff --git a/fs/isofs/export.c b/fs/isofs/export.c +index e81a305..caec670 100644 +--- a/fs/isofs/export.c ++++ b/fs/isofs/export.c +@@ -131,6 +131,7 @@ isofs_export_encode_fh(struct dentry *dentry, + len = 3; + fh32[0] = ei->i_iget5_block; + fh16[2] = (__u16)ei->i_iget5_offset; /* fh16 [sic] */ ++ fh16[3] = 0; /* avoid leaking uninitialized data */ + fh32[2] = inode->i_generation; + if (connectable && !S_ISDIR(inode->i_mode)) { + struct inode *parent; diff --git a/fs/jbd/checkpoint.c b/fs/jbd/checkpoint.c index b0435dd..81ee0be 100644 --- a/fs/jbd/checkpoint.c @@ -75925,6 +75954,18 @@ index 9215700..bf1f68e 100644 u8 checksum = 0; int i; for (i = 0; i < sizeof(struct tag); ++i) +diff --git a/fs/udf/namei.c b/fs/udf/namei.c +index 21dad8c..b754151 100644 +--- a/fs/udf/namei.c ++++ b/fs/udf/namei.c +@@ -1331,6 +1331,7 @@ static int udf_encode_fh(struct dentry *de, __u32 *fh, int *lenp, + *lenp = 3; + fid->udf.block = location.logicalBlockNum; + fid->udf.partref = location.partitionReferenceNum; ++ fid->udf.parent_partref = 0; + fid->udf.generation = inode->i_generation; + + if (connectable && !S_ISDIR(inode->i_mode)) { diff --git a/fs/udf/super.c b/fs/udf/super.c index ee6b3af..ab17bcd 100644 --- a/fs/udf/super.c @@ -91431,6 +91472,18 @@ index 0000000..3891139 +int do_syslog(int type, char __user *buf, int count, bool from_file); + +#endif /* _LINUX_SYSLOG_H */ +diff --git a/include/linux/tfrc.h b/include/linux/tfrc.h +index 8a8462b..097fe78 100644 +--- a/include/linux/tfrc.h ++++ b/include/linux/tfrc.h +@@ -50,6 +50,7 @@ struct tfrc_tx_info { + __u32 tfrctx_p; + __u32 tfrctx_rto; + __u32 tfrctx_ipi; ++ __u32 padding; + }; + + #endif /* _LINUX_TFRC_H_ */ diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h index a8cc4e1..98d3b85 100644 --- a/include/linux/thread_info.h @@ -103710,6 +103763,18 @@ index facedd2..ab260b0 100644 rc = ccid->ccid_ops->ccid_hc_tx_getsockopt(sk, optname, len, optval, optlen); return rc; +diff --git a/net/dccp/ccids/ccid3.c b/net/dccp/ccids/ccid3.c +index 34dcc79..ca75875 100644 +--- a/net/dccp/ccids/ccid3.c ++++ b/net/dccp/ccids/ccid3.c +@@ -618,6 +618,7 @@ static int ccid3_hc_tx_getsockopt(struct sock *sk, const int optname, int len, + return -EINVAL; + len = sizeof(hctx->ccid3hctx_tfrc); + val = &hctx->ccid3hctx_tfrc; ++ hctx->ccid3hctx_tfrc.padding = 0; + break; + default: + return -ENOPROTOOPT; diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c index 2036568..c55883d 100644 --- a/net/decnet/sysctl_net_decnet.c @@ -107019,7 +107084,7 @@ index cb81ca3..e15d49a 100644 goto restart; } diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c -index b95a2d6..85c4d78 100644 +index b95a2d6..53a422d 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -1169,6 +1169,8 @@ static int copy_to_user_tmpl(struct xfrm_policy *xp, struct sk_buff *skb) @@ -107031,7 +107096,15 @@ index b95a2d6..85c4d78 100644 if (xp->xfrm_nr == 0) return 0; -@@ -1784,6 +1786,8 @@ static int xfrm_do_migrate(struct sk_buff *skb, struct nlmsghdr *nlh, +@@ -1176,6 +1178,7 @@ static int copy_to_user_tmpl(struct xfrm_policy *xp, struct sk_buff *skb) + struct xfrm_user_tmpl *up = &vec[i]; + struct xfrm_tmpl *kp = &xp->xfrm_vec[i]; + ++ memset(up, 0, sizeof(*up)); + memcpy(&up->id, &kp->id, sizeof(up->id)); + up->family = kp->encap_family; + memcpy(&up->saddr, &kp->saddr, sizeof(up->saddr)); +@@ -1784,6 +1787,8 @@ static int xfrm_do_migrate(struct sk_buff *skb, struct nlmsghdr *nlh, int err; int n = 0; |