Update Grsec/PaX20110101

2.2.1-2.6.32.27-201101011905 2.2.1-2.6.36.2-201101011905
author: Anthony G. Basile <basile@opensource.dyc.edu> 2011-01-02 10:12:03 -0500
committer: Anthony G. Basile <basile@opensource.dyc.edu> 2011-01-02 10:12:03 -0500
commit: 077b6a427ed67d0464bee83c6d391501ba4d10f5 (patch)
tree: 47cf8e6ab0c1d47047cf6c0db6bbea473bc818bb
parent: Update Grsec/PaX (diff)
download: hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.tar.gz
hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.tar.bz2
hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.zip
4 files changed, 76 insertions, 26 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 0d22820..a505aae 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
 
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.2.1-2.6.32.27-201101010201.patch
+Patch:	4420_grsecurity-2.2.1-2.6.32.27-201101011905.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 
diff --git a/2.6.32/4420_grsecurity-2.2.1-2.6.32.27-201101010201.patch b/2.6.32/4420_grsecurity-2.2.1-2.6.32.27-201101011905.patch
index 69ffcab..fe5fb59 100644
--- a/2.6.32/4420_grsecurity-2.2.1-2.6.32.27-201101010201.patch
+++ b/2.6.32/4420_grsecurity-2.2.1-2.6.32.27-201101011905.patch
@@ -28519,6 +28519,26 @@ diff -urNp linux-2.6.32.27/drivers/pnp/resource.c linux-2.6.32.27/drivers/pnp/re
  		return 0;
  
  	/* check if the resource is reserved */
+diff -urNp linux-2.6.32.27/drivers/rtc/rtc-dev.c linux-2.6.32.27/drivers/rtc/rtc-dev.c
+--- linux-2.6.32.27/drivers/rtc/rtc-dev.c	2010-08-13 16:24:37.000000000 -0400
++++ linux-2.6.32.27/drivers/rtc/rtc-dev.c	2011-01-01 19:02:12.000000000 -0500
+@@ -14,6 +14,7 @@
+ #include <linux/module.h>
+ #include <linux/rtc.h>
+ #include <linux/sched.h>
++#include <linux/grsecurity.h>
+ #include "rtc-core.h"
+ 
+ static dev_t rtc_devt;
+@@ -357,6 +358,8 @@ static long rtc_dev_ioctl(struct file *f
+ 		if (copy_from_user(&tm, uarg, sizeof(tm)))
+ 			return -EFAULT;
+ 
++		gr_log_timechange();
++
+ 		return rtc_set_time(rtc, &tm);
+ 
+ 	case RTC_PIE_ON:
 diff -urNp linux-2.6.32.27/drivers/s390/cio/qdio_perf.c linux-2.6.32.27/drivers/s390/cio/qdio_perf.c
 --- linux-2.6.32.27/drivers/s390/cio/qdio_perf.c	2010-08-13 16:24:37.000000000 -0400
 +++ linux-2.6.32.27/drivers/s390/cio/qdio_perf.c	2010-12-31 14:46:53.000000000 -0500
@@ -44601,8 +44621,8 @@ diff -urNp linux-2.6.32.27/grsecurity/grsec_sysctl.c linux-2.6.32.27/grsecurity/
 +#endif
 diff -urNp linux-2.6.32.27/grsecurity/grsec_time.c linux-2.6.32.27/grsecurity/grsec_time.c
 --- linux-2.6.32.27/grsecurity/grsec_time.c	1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.27/grsecurity/grsec_time.c	2010-12-31 14:46:53.000000000 -0500
-@@ -0,0 +1,13 @@
++++ linux-2.6.32.27/grsecurity/grsec_time.c	2011-01-01 19:03:28.000000000 -0500
+@@ -0,0 +1,15 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
 +#include <linux/grinternal.h>
@@ -44616,6 +44636,8 @@ diff -urNp linux-2.6.32.27/grsecurity/grsec_time.c linux-2.6.32.27/grsecurity/gr
 +#endif
 +	return;
 +}
++
++EXPORT_SYMBOL(gr_log_timechange);
 diff -urNp linux-2.6.32.27/grsecurity/grsec_tpe.c linux-2.6.32.27/grsecurity/grsec_tpe.c
 --- linux-2.6.32.27/grsecurity/grsec_tpe.c	1969-12-31 19:00:00.000000000 -0500
 +++ linux-2.6.32.27/grsecurity/grsec_tpe.c	2010-12-31 14:46:53.000000000 -0500
@@ -53193,17 +53215,20 @@ diff -urNp linux-2.6.32.27/kernel/time/timer_stats.c linux-2.6.32.27/kernel/time
  	return 0;
 diff -urNp linux-2.6.32.27/kernel/time.c linux-2.6.32.27/kernel/time.c
 --- linux-2.6.32.27/kernel/time.c	2010-08-13 16:24:37.000000000 -0400
-+++ linux-2.6.32.27/kernel/time.c	2011-01-01 02:01:24.000000000 -0500
-@@ -160,6 +160,8 @@ int do_sys_settimeofday(struct timespec 
- 	if (tv && !timespec_valid(tv))
- 		return -EINVAL;
++++ linux-2.6.32.27/kernel/time.c	2011-01-01 18:50:34.000000000 -0500
+@@ -165,6 +165,11 @@ int do_sys_settimeofday(struct timespec 
+ 		return error;
  
-+	gr_log_timechange();
+ 	if (tz) {
++		/* we log in do_settimeofday called below, so don't log twice
++		*/
++		if (!tv)
++			gr_log_timechange();
 +
- 	error = security_settime(tv, tz);
- 	if (error)
- 		return error;
-@@ -240,7 +242,7 @@ EXPORT_SYMBOL(current_fs_time);
+ 		/* SMP safe, global irq locking makes it work. */
+ 		sys_tz = *tz;
+ 		update_vsyscall_tz();
+@@ -240,7 +245,7 @@ EXPORT_SYMBOL(current_fs_time);
   * Avoid unnecessary multiplications/divisions in the
   * two most common HZ cases:
   */
@@ -53212,7 +53237,7 @@ diff -urNp linux-2.6.32.27/kernel/time.c linux-2.6.32.27/kernel/time.c
  {
  #if HZ <= MSEC_PER_SEC && !(MSEC_PER_SEC % HZ)
  	return (MSEC_PER_SEC / HZ) * j;
-@@ -256,7 +258,7 @@ unsigned int inline jiffies_to_msecs(con
+@@ -256,7 +261,7 @@ unsigned int inline jiffies_to_msecs(con
  }
  EXPORT_SYMBOL(jiffies_to_msecs);
  
diff --git a/2.6.36/0000_README b/2.6.36/0000_README
index 29125bd..dab9ff4 100644
--- a/2.6.36/0000_README
+++ b/2.6.36/0000_README
@@ -3,7 +3,7 @@ README
 
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.2.1-2.6.36.2-201101010201.patch
+Patch:	4420_grsecurity-2.2.1-2.6.36.2-201101011905.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 
diff --git a/2.6.36/4420_grsecurity-2.2.1-2.6.36.2-201101010201.patch b/2.6.36/4420_grsecurity-2.2.1-2.6.36.2-201101011905.patch
index 8a1abfa..1a6c368 100644
--- a/2.6.36/4420_grsecurity-2.2.1-2.6.36.2-201101010201.patch
+++ b/2.6.36/4420_grsecurity-2.2.1-2.6.36.2-201101011905.patch
@@ -27849,6 +27849,26 @@ diff -urNp linux-2.6.36.2/drivers/pnp/resource.c linux-2.6.36.2/drivers/pnp/reso
  		return 0;
  
  	/* check if the resource is reserved */
+diff -urNp linux-2.6.36.2/drivers/rtc/rtc-dev.c linux-2.6.36.2/drivers/rtc/rtc-dev.c
+--- linux-2.6.36.2/drivers/rtc/rtc-dev.c	2010-10-20 16:30:22.000000000 -0400
++++ linux-2.6.36.2/drivers/rtc/rtc-dev.c	2011-01-01 19:05:03.000000000 -0500
+@@ -14,6 +14,7 @@
+ #include <linux/module.h>
+ #include <linux/rtc.h>
+ #include <linux/sched.h>
++#include <linux/grsecurity.h>
+ #include "rtc-core.h"
+ 
+ static dev_t rtc_devt;
+@@ -357,6 +358,8 @@ static long rtc_dev_ioctl(struct file *f
+ 		if (copy_from_user(&tm, uarg, sizeof(tm)))
+ 			return -EFAULT;
+ 
++		gr_log_timechange();
++
+ 		return rtc_set_time(rtc, &tm);
+ 
+ 	case RTC_PIE_ON:
 diff -urNp linux-2.6.36.2/drivers/s390/cio/qdio_debug.c linux-2.6.36.2/drivers/s390/cio/qdio_debug.c
 --- linux-2.6.36.2/drivers/s390/cio/qdio_debug.c	2010-10-20 16:30:22.000000000 -0400
 +++ linux-2.6.36.2/drivers/s390/cio/qdio_debug.c	2010-12-09 20:24:31.000000000 -0500
@@ -43181,8 +43201,8 @@ diff -urNp linux-2.6.36.2/grsecurity/grsec_sysctl.c linux-2.6.36.2/grsecurity/gr
 +#endif
 diff -urNp linux-2.6.36.2/grsecurity/grsec_time.c linux-2.6.36.2/grsecurity/grsec_time.c
 --- linux-2.6.36.2/grsecurity/grsec_time.c	1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.36.2/grsecurity/grsec_time.c	2010-12-09 20:24:32.000000000 -0500
-@@ -0,0 +1,13 @@
++++ linux-2.6.36.2/grsecurity/grsec_time.c	2011-01-01 19:04:18.000000000 -0500
+@@ -0,0 +1,15 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
 +#include <linux/grinternal.h>
@@ -43196,6 +43216,8 @@ diff -urNp linux-2.6.36.2/grsecurity/grsec_time.c linux-2.6.36.2/grsecurity/grse
 +#endif
 +	return;
 +}
++
++EXPORT_SYMBOL(gr_log_timechange);
 diff -urNp linux-2.6.36.2/grsecurity/grsec_tpe.c linux-2.6.36.2/grsecurity/grsec_tpe.c
 --- linux-2.6.36.2/grsecurity/grsec_tpe.c	1969-12-31 19:00:00.000000000 -0500
 +++ linux-2.6.36.2/grsecurity/grsec_tpe.c	2010-12-09 20:24:32.000000000 -0500
@@ -51640,17 +51662,20 @@ diff -urNp linux-2.6.36.2/kernel/time/timer_stats.c linux-2.6.36.2/kernel/time/t
  	return 0;
 diff -urNp linux-2.6.36.2/kernel/time.c linux-2.6.36.2/kernel/time.c
 --- linux-2.6.36.2/kernel/time.c	2010-10-20 16:30:22.000000000 -0400
-+++ linux-2.6.36.2/kernel/time.c	2011-01-01 02:00:17.000000000 -0500
-@@ -158,6 +158,8 @@ int do_sys_settimeofday(struct timespec 
- 	if (tv && !timespec_valid(tv))
- 		return -EINVAL;
++++ linux-2.6.36.2/kernel/time.c	2011-01-01 18:52:18.000000000 -0500
+@@ -163,6 +163,11 @@ int do_sys_settimeofday(struct timespec 
+ 		return error;
  
-+	gr_log_timechange();
+ 	if (tz) {
++		/* we log in do_settimeofday called below, so don't log twice
++		*/
++		if (!tv)
++			gr_log_timechange();
 +
- 	error = security_settime(tv, tz);
- 	if (error)
- 		return error;
-@@ -238,7 +240,7 @@ EXPORT_SYMBOL(current_fs_time);
+ 		/* SMP safe, global irq locking makes it work. */
+ 		sys_tz = *tz;
+ 		update_vsyscall_tz();
+@@ -238,7 +243,7 @@ EXPORT_SYMBOL(current_fs_time);
   * Avoid unnecessary multiplications/divisions in the
   * two most common HZ cases:
   */
@@ -51659,7 +51684,7 @@ diff -urNp linux-2.6.36.2/kernel/time.c linux-2.6.36.2/kernel/time.c
  {
  #if HZ <= MSEC_PER_SEC && !(MSEC_PER_SEC % HZ)
  	return (MSEC_PER_SEC / HZ) * j;
-@@ -254,7 +256,7 @@ unsigned int inline jiffies_to_msecs(con
+@@ -254,7 +259,7 @@ unsigned int inline jiffies_to_msecs(con
  }
  EXPORT_SYMBOL(jiffies_to_msecs);
author	Anthony G. Basile <basile@opensource.dyc.edu>	2011-01-02 10:12:03 -0500
committer	Anthony G. Basile <basile@opensource.dyc.edu>	2011-01-02 10:12:03 -0500
commit	077b6a427ed67d0464bee83c6d391501ba4d10f5 (patch)
tree	47cf8e6ab0c1d47047cf6c0db6bbea473bc818bb
parent	Update Grsec/PaX (diff)
download	hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.tar.gz hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.tar.bz2 hardened-patchset-077b6a427ed67d0464bee83c6d391501ba4d10f5.zip