summaryrefslogtreecommitdiff
path: root/2.6.32
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2013-05-26 10:46:36 -0400
committerAnthony G. Basile <blueness@gentoo.org>2013-05-26 10:46:36 -0400
commitdf0935613e3e6c1fe7597dc68ab847b0069c019b (patch)
tree314d301f95c99d83158291d4df55045c1cb7b152 /2.6.32
parentGrsec/PaX: 2.9.1-{2.6.32.60,3.2.45,3.9.2}-201305172333 (diff)
downloadhardened-patchset-df0935613e3e6c1fe7597dc68ab847b0069c019b.tar.gz
hardened-patchset-df0935613e3e6c1fe7597dc68ab847b0069c019b.tar.bz2
hardened-patchset-df0935613e3e6c1fe7597dc68ab847b0069c019b.zip
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.45,3.9.4}-20130525100920130525
Diffstat (limited to '2.6.32')
-rw-r--r--2.6.32/0000_README2
-rw-r--r--2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305251007.patch (renamed from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305162326.patch)30
2 files changed, 30 insertions, 2 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 755285c..5ca0857 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201305162326.patch
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201305251007.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305162326.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305251007.patch
index 3482354..f7ef7a8 100644
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305162326.patch
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201305251007.patch
@@ -42858,6 +42858,22 @@ index 266b858..f3ee0bb 100644
return 0;
return HVCS_BUFF_LEN - hvcsd->chars_in_buffer;
+diff --git a/drivers/char/ipmi/ipmi_bt_sm.c b/drivers/char/ipmi/ipmi_bt_sm.c
+index 7b98c06..a65a574 100644
+--- a/drivers/char/ipmi/ipmi_bt_sm.c
++++ b/drivers/char/ipmi/ipmi_bt_sm.c
+@@ -95,9 +95,9 @@ struct si_sm_data {
+ enum bt_states state;
+ unsigned char seq; /* BT sequence number */
+ struct si_sm_io *io;
+- unsigned char write_data[IPMI_MAX_MSG_LENGTH];
++ unsigned char write_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */
+ int write_count;
+- unsigned char read_data[IPMI_MAX_MSG_LENGTH];
++ unsigned char read_data[IPMI_MAX_MSG_LENGTH + 2]; /* +2 for memcpy */
+ int read_count;
+ int truncated;
+ long timeout; /* microseconds countdown */
diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c
index ec5e3f8..02455ba 100644
--- a/drivers/char/ipmi/ipmi_msghandler.c
@@ -104715,7 +104731,7 @@ index 53dae4b..9ba3743 100644
EXPORT_SYMBOL_GPL(kgdb_breakpoint);
diff --git a/kernel/kmod.c b/kernel/kmod.c
-index a061472..40884b6 100644
+index a061472..e928a83 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -68,13 +68,12 @@ char modprobe_path[KMOD_PATH_LEN] = "/sbin/modprobe";
@@ -104820,6 +104836,18 @@ index a061472..40884b6 100644
/*
* If ret is 0, either ____call_usermodehelper failed and the
+@@ -506,6 +559,11 @@ int call_usermodehelper_exec(struct subprocess_info *sub_info,
+ validate_creds(sub_info->cred);
+
+ helper_lock();
++ if (!sub_info->path) {
++ retval = -EINVAL;
++ goto out;
++ }
++
+ if (sub_info->path[0] == '\0')
+ goto out;
+
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 176d825..68c261a 100644
--- a/kernel/kprobes.c