Update Grsec/PaX20101128

 2.2.1-2.6.32.26-201011280939 against 2.6.32.26
 2.2.1-2.6.36.1-201011280939 against 2.6.36.1

4 files changed, 14 insertions, 12 deletions

diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 30ae499..e3e4d2b 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
 
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.2.1-2.6.32.26-201011261834.patch
+Patch:	4420_grsecurity-2.2.1-2.6.32.26-201011280939.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 
diff --git a/2.6.32/4420_grsecurity-2.2.1-2.6.32.26-201011261834.patch b/2.6.32/4420_grsecurity-2.2.1-2.6.32.26-201011280939.patch
index c47b8fd..32c1449 100644
--- a/2.6.32/4420_grsecurity-2.2.1-2.6.32.26-201011261834.patch
+++ b/2.6.32/4420_grsecurity-2.2.1-2.6.32.26-201011280939.patch
@@ -36137,7 +36137,7 @@ diff -urNp linux-2.6.32.26/fs/utimes.c linux-2.6.32.26/fs/utimes.c
  	mutex_unlock(&inode->i_mutex);
 diff -urNp linux-2.6.32.26/fs/xattr.c linux-2.6.32.26/fs/xattr.c
 --- linux-2.6.32.26/fs/xattr.c	2010-08-13 16:24:37.000000000 -0400
-+++ linux-2.6.32.26/fs/xattr.c	2010-11-20 22:11:30.000000000 -0500
++++ linux-2.6.32.26/fs/xattr.c	2010-11-28 09:38:51.000000000 -0500
 @@ -247,7 +247,7 @@ EXPORT_SYMBOL_GPL(vfs_removexattr);
   * Extended attribute SET operations
   */
@@ -36147,11 +36147,12 @@ diff -urNp linux-2.6.32.26/fs/xattr.c linux-2.6.32.26/fs/xattr.c
  	 size_t size, int flags)
  {
  	int error;
-@@ -271,7 +271,11 @@ setxattr(struct dentry *d, const char __
+@@ -271,7 +271,12 @@ setxattr(struct dentry *d, const char __
  			return PTR_ERR(kvalue);
  	}
  
 -	error = vfs_setxattr(d, kname, kvalue, size, flags);
++	error = 0;
 +	if (!gr_acl_handle_setxattr(path->dentry, path->mnt))
 +		error = -EACCES;
 +
@@ -36160,7 +36161,7 @@ diff -urNp linux-2.6.32.26/fs/xattr.c linux-2.6.32.26/fs/xattr.c
  	kfree(kvalue);
  	return error;
  }
-@@ -288,7 +292,7 @@ SYSCALL_DEFINE5(setxattr, const char __u
+@@ -288,7 +293,7 @@ SYSCALL_DEFINE5(setxattr, const char __u
  		return error;
  	error = mnt_want_write(path.mnt);
  	if (!error) {
@@ -36169,7 +36170,7 @@ diff -urNp linux-2.6.32.26/fs/xattr.c linux-2.6.32.26/fs/xattr.c
  		mnt_drop_write(path.mnt);
  	}
  	path_put(&path);
-@@ -307,7 +311,7 @@ SYSCALL_DEFINE5(lsetxattr, const char __
+@@ -307,7 +312,7 @@ SYSCALL_DEFINE5(lsetxattr, const char __
  		return error;
  	error = mnt_want_write(path.mnt);
  	if (!error) {
@@ -36178,7 +36179,7 @@ diff -urNp linux-2.6.32.26/fs/xattr.c linux-2.6.32.26/fs/xattr.c
  		mnt_drop_write(path.mnt);
  	}
  	path_put(&path);
-@@ -318,17 +322,15 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, cons
+@@ -318,17 +323,15 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, cons
  		const void __user *,value, size_t, size, int, flags)
  {
  	struct file *f;
diff --git a/2.6.36/0000_README b/2.6.36/0000_README
index 15d94a5..b91ec18 100644
--- a/2.6.36/0000_README
+++ b/2.6.36/0000_README
@@ -3,7 +3,7 @@ README
 
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.2.1-2.6.36.1-201011261834.patch
+Patch:	4420_grsecurity-2.2.1-2.6.36.1-201011280939.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 
diff --git a/2.6.36/4420_grsecurity-2.2.1-2.6.36.1-201011261834.patch b/2.6.36/4420_grsecurity-2.2.1-2.6.36.1-201011280939.patch
index 5e6f0b8..7398331 100644
--- a/2.6.36/4420_grsecurity-2.2.1-2.6.36.1-201011261834.patch
+++ b/2.6.36/4420_grsecurity-2.2.1-2.6.36.1-201011280939.patch
@@ -34692,7 +34692,7 @@ diff -urNp linux-2.6.36.1/fs/utimes.c linux-2.6.36.1/fs/utimes.c
  	mutex_unlock(&inode->i_mutex);
 diff -urNp linux-2.6.36.1/fs/xattr.c linux-2.6.36.1/fs/xattr.c
 --- linux-2.6.36.1/fs/xattr.c	2010-10-20 16:30:22.000000000 -0400
-+++ linux-2.6.36.1/fs/xattr.c	2010-11-26 18:18:12.000000000 -0500
++++ linux-2.6.36.1/fs/xattr.c	2010-11-28 09:39:04.000000000 -0500
 @@ -247,7 +247,7 @@ EXPORT_SYMBOL_GPL(vfs_removexattr);
   * Extended attribute SET operations
   */
@@ -34702,11 +34702,12 @@ diff -urNp linux-2.6.36.1/fs/xattr.c linux-2.6.36.1/fs/xattr.c
  	 size_t size, int flags)
  {
  	int error;
-@@ -271,7 +271,11 @@ setxattr(struct dentry *d, const char __
+@@ -271,7 +271,12 @@ setxattr(struct dentry *d, const char __
  			return PTR_ERR(kvalue);
  	}
  
 -	error = vfs_setxattr(d, kname, kvalue, size, flags);
++	error = 0;
 +	if (!gr_acl_handle_setxattr(path->dentry, path->mnt))
 +		error = -EACCES;
 +
@@ -34715,7 +34716,7 @@ diff -urNp linux-2.6.36.1/fs/xattr.c linux-2.6.36.1/fs/xattr.c
  	kfree(kvalue);
  	return error;
  }
-@@ -288,7 +292,7 @@ SYSCALL_DEFINE5(setxattr, const char __u
+@@ -288,7 +293,7 @@ SYSCALL_DEFINE5(setxattr, const char __u
  		return error;
  	error = mnt_want_write(path.mnt);
  	if (!error) {
@@ -34724,7 +34725,7 @@ diff -urNp linux-2.6.36.1/fs/xattr.c linux-2.6.36.1/fs/xattr.c
  		mnt_drop_write(path.mnt);
  	}
  	path_put(&path);
-@@ -307,7 +311,7 @@ SYSCALL_DEFINE5(lsetxattr, const char __
+@@ -307,7 +312,7 @@ SYSCALL_DEFINE5(lsetxattr, const char __
  		return error;
  	error = mnt_want_write(path.mnt);
  	if (!error) {
@@ -34733,7 +34734,7 @@ diff -urNp linux-2.6.36.1/fs/xattr.c linux-2.6.36.1/fs/xattr.c
  		mnt_drop_write(path.mnt);
  	}
  	path_put(&path);
-@@ -318,17 +322,15 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, cons
+@@ -318,17 +323,15 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, cons
  		const void __user *,value, size_t, size, int, flags)
  {
  	struct file *f;