summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2011-06-07 15:01:22 -0400
committerAnthony G. Basile <blueness@gentoo.org>2011-06-07 15:01:22 -0400
commit9933d84fc1b507a8859ef99685b21a65beea6d4d (patch)
tree28486d8de365e17595920dc9e6669e72ad573592
parentUpdate Grsec/PaX (diff)
downloadhardened-patchset-9933d84fc1b507a8859ef99685b21a65beea6d4d.tar.gz
hardened-patchset-9933d84fc1b507a8859ef99685b21a65beea6d4d.tar.bz2
hardened-patchset-9933d84fc1b507a8859ef99685b21a65beea6d4d.zip
Update Grsec/PaX20110606
2.2.2-2.6.32.41-201106061735 2.2.2-2.6.39.1-201106061957
-rw-r--r--2.6.32/0000_README2
-rw-r--r--2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106061735.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106042120.patch)12
-rw-r--r--2.6.39/0000_README2
-rw-r--r--2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106061957.patch (renamed from 2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106042120.patch)25
4 files changed, 26 insertions, 15 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index beea0b4..f6eac50 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.2-2.6.32.41-201106042120.patch
+Patch: 4420_grsecurity-2.2.2-2.6.32.41-201106061735.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106042120.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106061735.patch
index 7457e1f..fe17a6f 100644
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106042120.patch
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.41-201106061735.patch
@@ -19708,7 +19708,7 @@ diff -urNp linux-2.6.32.41/arch/x86/mm/extable.c linux-2.6.32.41/arch/x86/mm/ext
pnp_bios_is_utter_crap = 1;
diff -urNp linux-2.6.32.41/arch/x86/mm/fault.c linux-2.6.32.41/arch/x86/mm/fault.c
--- linux-2.6.32.41/arch/x86/mm/fault.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.41/arch/x86/mm/fault.c 2011-06-04 20:36:59.000000000 -0400
++++ linux-2.6.32.41/arch/x86/mm/fault.c 2011-06-06 17:35:16.000000000 -0400
@@ -11,10 +11,19 @@
#include <linux/kprobes.h> /* __kprobes, ... */
#include <linux/mmiotrace.h> /* kmmio_handler, ... */
@@ -19930,10 +19930,10 @@ diff -urNp linux-2.6.32.41/arch/x86/mm/fault.c linux-2.6.32.41/arch/x86/mm/fault
+#ifdef CONFIG_X86_64
+ if (mm && (error_code & PF_INSTR) && mm->context.vdso) {
+ if (regs->ip == (unsigned long)vgettimeofday) {
-+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, gettimeofday);
++ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, fallback_gettimeofday);
+ return;
+ } else if (regs->ip == (unsigned long)vtime) {
-+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, clock_gettime);
++ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, fallback_time);
+ return;
+ } else if (regs->ip == (unsigned long)vgetcpu) {
+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, getcpu);
@@ -22488,15 +22488,15 @@ diff -urNp linux-2.6.32.41/arch/x86/vdso/vdso32-setup.c linux-2.6.32.41/arch/x86
}
diff -urNp linux-2.6.32.41/arch/x86/vdso/vdso.lds.S linux-2.6.32.41/arch/x86/vdso/vdso.lds.S
--- linux-2.6.32.41/arch/x86/vdso/vdso.lds.S 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.41/arch/x86/vdso/vdso.lds.S 2011-06-04 20:37:24.000000000 -0400
++++ linux-2.6.32.41/arch/x86/vdso/vdso.lds.S 2011-06-06 17:35:35.000000000 -0400
@@ -35,3 +35,9 @@ VDSO64_PRELINK = VDSO_PRELINK;
#define VEXTERN(x) VDSO64_ ## x = vdso_ ## x;
#include "vextern.h"
#undef VEXTERN
+
+#define VEXTERN(x) VDSO64_ ## x = __vdso_ ## x;
-+VEXTERN(gettimeofday)
-+VEXTERN(clock_gettime)
++VEXTERN(fallback_gettimeofday)
++VEXTERN(fallback_time)
+VEXTERN(getcpu)
+#undef VEXTERN
diff -urNp linux-2.6.32.41/arch/x86/vdso/vextern.h linux-2.6.32.41/arch/x86/vdso/vextern.h
diff --git a/2.6.39/0000_README b/2.6.39/0000_README
index 86747fc..4d1ac37 100644
--- a/2.6.39/0000_README
+++ b/2.6.39/0000_README
@@ -7,7 +7,7 @@ Patch: 1000_linux-2.6.39.1.patch
From: http://www.kernel.org
Desc: Linux 2.6.39.1
-Patch: 4420_grsecurity-2.2.2-2.6.39.1-201106042120.patch
+Patch: 4420_grsecurity-2.2.2-2.6.39.1-201106061957.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106042120.patch b/2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106061957.patch
index 83c2bb1..8e4787c 100644
--- a/2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106042120.patch
+++ b/2.6.39/4420_grsecurity-2.2.2-2.6.39.1-201106061957.patch
@@ -20923,7 +20923,7 @@ diff -urNp linux-2.6.39.1/arch/x86/mm/extable.c linux-2.6.39.1/arch/x86/mm/extab
pnp_bios_is_utter_crap = 1;
diff -urNp linux-2.6.39.1/arch/x86/mm/fault.c linux-2.6.39.1/arch/x86/mm/fault.c
--- linux-2.6.39.1/arch/x86/mm/fault.c 2011-05-19 00:06:34.000000000 -0400
-+++ linux-2.6.39.1/arch/x86/mm/fault.c 2011-06-04 10:15:52.000000000 -0400
++++ linux-2.6.39.1/arch/x86/mm/fault.c 2011-06-06 17:34:04.000000000 -0400
@@ -12,10 +12,18 @@
#include <linux/mmiotrace.h> /* kmmio_handler, ... */
#include <linux/perf_event.h> /* perf_sw_event */
@@ -21128,10 +21128,10 @@ diff -urNp linux-2.6.39.1/arch/x86/mm/fault.c linux-2.6.39.1/arch/x86/mm/fault.c
+#ifdef CONFIG_X86_64
+ if (mm && (error_code & PF_INSTR) && mm->context.vdso) {
+ if (regs->ip == (unsigned long)vgettimeofday) {
-+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, gettimeofday);
++ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, fallback_gettimeofday);
+ return;
+ } else if (regs->ip == (unsigned long)vtime) {
-+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, clock_gettime);
++ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, fallback_time);
+ return;
+ } else if (regs->ip == (unsigned long)vgetcpu) {
+ regs->ip = (unsigned long)VDSO64_SYMBOL(mm->context.vdso, getcpu);
@@ -23900,15 +23900,15 @@ diff -urNp linux-2.6.39.1/arch/x86/vdso/vdso32-setup.c linux-2.6.39.1/arch/x86/v
}
diff -urNp linux-2.6.39.1/arch/x86/vdso/vdso.lds.S linux-2.6.39.1/arch/x86/vdso/vdso.lds.S
--- linux-2.6.39.1/arch/x86/vdso/vdso.lds.S 2011-05-19 00:06:34.000000000 -0400
-+++ linux-2.6.39.1/arch/x86/vdso/vdso.lds.S 2011-06-04 10:15:38.000000000 -0400
++++ linux-2.6.39.1/arch/x86/vdso/vdso.lds.S 2011-06-06 17:34:26.000000000 -0400
@@ -35,3 +35,9 @@ VDSO64_PRELINK = VDSO_PRELINK;
#define VEXTERN(x) VDSO64_ ## x = vdso_ ## x;
#include "vextern.h"
#undef VEXTERN
+
+#define VEXTERN(x) VDSO64_ ## x = __vdso_ ## x;
-+VEXTERN(gettimeofday)
-+VEXTERN(clock_gettime)
++VEXTERN(fallback_gettimeofday)
++VEXTERN(fallback_time)
+VEXTERN(getcpu)
+#undef VEXTERN
diff -urNp linux-2.6.39.1/arch/x86/vdso/vextern.h linux-2.6.39.1/arch/x86/vdso/vextern.h
@@ -44177,7 +44177,7 @@ diff -urNp linux-2.6.39.1/fs/bio.c linux-2.6.39.1/fs/bio.c
char *addr = page_address(bvec->bv_page);
diff -urNp linux-2.6.39.1/fs/block_dev.c linux-2.6.39.1/fs/block_dev.c
--- linux-2.6.39.1/fs/block_dev.c 2011-06-03 00:04:14.000000000 -0400
-+++ linux-2.6.39.1/fs/block_dev.c 2011-06-03 00:32:07.000000000 -0400
++++ linux-2.6.39.1/fs/block_dev.c 2011-06-06 19:57:05.000000000 -0400
@@ -671,7 +671,7 @@ static bool bd_may_claim(struct block_de
else if (bdev->bd_contains == bdev)
return true; /* is a whole device which isn't held */
@@ -44187,6 +44187,17 @@ diff -urNp linux-2.6.39.1/fs/block_dev.c linux-2.6.39.1/fs/block_dev.c
return true; /* is a partition of a device that is being partitioned */
else if (whole->bd_holder != NULL)
return false; /* is a partition of a held device */
+@@ -1272,8 +1272,8 @@ int blkdev_get(struct block_device *bdev
+ * individual writeable reference is too fragile given the
+ * way @mode is used in blkdev_get/put().
+ */
+- if ((disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE) &&
+- !res && (mode & FMODE_WRITE) && !bdev->bd_write_holder) {
++ if (!res && (mode & FMODE_WRITE) && !bdev->bd_write_holder &&
++ (disk->flags & GENHD_FL_BLOCK_EVENTS_ON_EXCL_WRITE)) {
+ bdev->bd_write_holder = true;
+ disk_block_events(disk);
+ }
diff -urNp linux-2.6.39.1/fs/btrfs/compression.c linux-2.6.39.1/fs/btrfs/compression.c
--- linux-2.6.39.1/fs/btrfs/compression.c 2011-05-19 00:06:34.000000000 -0400
+++ linux-2.6.39.1/fs/btrfs/compression.c 2011-05-22 19:36:32.000000000 -0400