diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2013-09-15 15:06:13 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2013-09-15 15:06:13 -0400 |
commit | 9b0ac5a8148d4017774fb7a52fa67031c7427bfc (patch) | |
tree | b5f291c1e92bb8c9b1c40a2d8f975d8d5a0d15fb | |
parent | Grsec/PaX: 2.9.1-{3.2.51,3.11.1}-201309151124 (diff) | |
download | hardened-patchset-20130915.tar.gz hardened-patchset-20130915.tar.bz2 hardened-patchset-20130915.zip |
Clean up line numbers20130915
-rw-r--r-- | 3.11.1/4427_force_XATTR_PAX_tmpfs.patch | 4 | ||||
-rw-r--r-- | 3.11.1/4450_grsec-kconfig-default-gids.patch | 12 | ||||
-rw-r--r-- | 3.11.1/4465_selinux-avc_audit-log-curr_ip.patch | 2 | ||||
-rw-r--r-- | 3.11.1/4470_disable-compat_vdso.patch | 2 | ||||
-rw-r--r-- | 3.2.51/4440_grsec-remove-protected-paths.patch | 2 | ||||
-rw-r--r-- | 3.2.51/4450_grsec-kconfig-default-gids.patch | 12 | ||||
-rw-r--r-- | 3.2.51/4465_selinux-avc_audit-log-curr_ip.patch | 2 |
7 files changed, 18 insertions, 18 deletions
diff --git a/3.11.1/4427_force_XATTR_PAX_tmpfs.patch b/3.11.1/4427_force_XATTR_PAX_tmpfs.patch index 3090b07..23e60cd 100644 --- a/3.11.1/4427_force_XATTR_PAX_tmpfs.patch +++ b/3.11.1/4427_force_XATTR_PAX_tmpfs.patch @@ -6,7 +6,7 @@ namespace supported on tmpfs so that the PaX markings survive emerge. diff -Naur a/mm/shmem.c b/mm/shmem.c --- a/mm/shmem.c 2013-06-11 21:00:18.000000000 -0400 +++ b/mm/shmem.c 2013-06-11 21:08:18.000000000 -0400 -@@ -2203,11 +2203,7 @@ +@@ -2232,11 +2232,7 @@ static int shmem_xattr_validate(const char *name) { struct { const char *prefix; size_t len; } arr[] = { @@ -18,7 +18,7 @@ diff -Naur a/mm/shmem.c b/mm/shmem.c { XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN }, { XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN } }; -@@ -2263,14 +2259,12 @@ +@@ -2292,14 +2288,12 @@ if (err) return err; diff --git a/3.11.1/4450_grsec-kconfig-default-gids.patch b/3.11.1/4450_grsec-kconfig-default-gids.patch index 7a1010d..8c7b0b2 100644 --- a/3.11.1/4450_grsec-kconfig-default-gids.patch +++ b/3.11.1/4450_grsec-kconfig-default-gids.patch @@ -16,7 +16,7 @@ from shooting themselves in the foot. diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2012-10-13 09:51:35.000000000 -0400 +++ b/grsecurity/Kconfig 2012-10-13 09:52:32.000000000 -0400 -@@ -611,7 +611,7 @@ +@@ -612,7 +612,7 @@ config GRKERNSEC_AUDIT_GID int "GID for auditing" depends on GRKERNSEC_AUDIT_GROUP @@ -25,7 +25,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig config GRKERNSEC_EXECLOG bool "Exec logging" -@@ -820,7 +820,7 @@ +@@ -821,7 +821,7 @@ config GRKERNSEC_TPE_UNTRUSTED_GID int "GID for TPE-untrusted users" depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT @@ -34,7 +34,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *enabled* for. If the sysctl option is enabled, a sysctl option -@@ -829,7 +829,7 @@ +@@ -830,7 +830,7 @@ config GRKERNSEC_TPE_TRUSTED_GID int "GID for TPE-trusted users" depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT @@ -43,7 +43,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *disabled* for. If the sysctl option is enabled, a sysctl option -@@ -922,7 +922,7 @@ +@@ -923,7 +923,7 @@ config GRKERNSEC_SOCKET_ALL_GID int "GID to deny all sockets for" depends on GRKERNSEC_SOCKET_ALL @@ -52,7 +52,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable socket access for. Remember to add the users you want socket access disabled for to the GID -@@ -943,7 +943,7 @@ +@@ -944,7 +944,7 @@ config GRKERNSEC_SOCKET_CLIENT_GID int "GID to deny client sockets for" depends on GRKERNSEC_SOCKET_CLIENT @@ -61,7 +61,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable client socket access for. Remember to add the users you want client socket access disabled for to -@@ -961,7 +961,7 @@ +@@ -962,7 +962,7 @@ config GRKERNSEC_SOCKET_SERVER_GID int "GID to deny server sockets for" depends on GRKERNSEC_SOCKET_SERVER diff --git a/3.11.1/4465_selinux-avc_audit-log-curr_ip.patch b/3.11.1/4465_selinux-avc_audit-log-curr_ip.patch index 07de5c4..fea3943 100644 --- a/3.11.1/4465_selinux-avc_audit-log-curr_ip.patch +++ b/3.11.1/4465_selinux-avc_audit-log-curr_ip.patch @@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 +++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 -@@ -1040,6 +1040,27 @@ +@@ -1057,6 +1057,27 @@ menu "Logging Options" depends on GRKERNSEC diff --git a/3.11.1/4470_disable-compat_vdso.patch b/3.11.1/4470_disable-compat_vdso.patch index a2d6ed9..4572f4f 100644 --- a/3.11.1/4470_disable-compat_vdso.patch +++ b/3.11.1/4470_disable-compat_vdso.patch @@ -26,7 +26,7 @@ Closes bug: http://bugs.gentoo.org/show_bug.cgi?id=210138 diff -urp a/arch/x86/Kconfig b/arch/x86/Kconfig --- a/arch/x86/Kconfig 2009-07-31 01:36:57.323857684 +0100 +++ b/arch/x86/Kconfig 2009-07-31 01:51:39.395749681 +0100 -@@ -1783,17 +1783,8 @@ +@@ -1798,17 +1798,8 @@ config COMPAT_VDSO def_bool n diff --git a/3.2.51/4440_grsec-remove-protected-paths.patch b/3.2.51/4440_grsec-remove-protected-paths.patch index e2c2dc9..05710b1 100644 --- a/3.2.51/4440_grsec-remove-protected-paths.patch +++ b/3.2.51/4440_grsec-remove-protected-paths.patch @@ -6,7 +6,7 @@ the filesystem. diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile --- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400 +++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400 -@@ -33,10 +33,4 @@ +@@ -34,10 +34,4 @@ ifdef CONFIG_GRKERNSEC_HIDESYM extra-y := grsec_hidesym.o $(obj)/grsec_hidesym.o: diff --git a/3.2.51/4450_grsec-kconfig-default-gids.patch b/3.2.51/4450_grsec-kconfig-default-gids.patch index bb13fd4..4de4ac0 100644 --- a/3.2.51/4450_grsec-kconfig-default-gids.patch +++ b/3.2.51/4450_grsec-kconfig-default-gids.patch @@ -16,7 +16,7 @@ from shooting themselves in the foot. diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2012-10-13 09:51:35.000000000 -0400 +++ b/grsecurity/Kconfig 2012-10-13 09:52:32.000000000 -0400 -@@ -611,7 +611,7 @@ +@@ -612,7 +612,7 @@ config GRKERNSEC_AUDIT_GID int "GID for auditing" depends on GRKERNSEC_AUDIT_GROUP @@ -25,7 +25,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig config GRKERNSEC_EXECLOG bool "Exec logging" -@@ -820,7 +820,7 @@ +@@ -821,7 +821,7 @@ config GRKERNSEC_TPE_UNTRUSTED_GID int "GID for TPE-untrusted users" depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT @@ -34,7 +34,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *enabled* for. If the sysctl option is enabled, a sysctl option -@@ -829,7 +829,7 @@ +@@ -830,7 +830,7 @@ config GRKERNSEC_TPE_TRUSTED_GID int "GID for TPE-trusted users" depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT @@ -43,7 +43,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Setting this GID determines what group TPE restrictions will be *disabled* for. If the sysctl option is enabled, a sysctl option -@@ -922,7 +922,7 @@ +@@ -923,7 +923,7 @@ config GRKERNSEC_SOCKET_ALL_GID int "GID to deny all sockets for" depends on GRKERNSEC_SOCKET_ALL @@ -52,7 +52,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable socket access for. Remember to add the users you want socket access disabled for to the GID -@@ -943,7 +943,7 @@ +@@ -944,7 +944,7 @@ config GRKERNSEC_SOCKET_CLIENT_GID int "GID to deny client sockets for" depends on GRKERNSEC_SOCKET_CLIENT @@ -61,7 +61,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig help Here you can choose the GID to disable client socket access for. Remember to add the users you want client socket access disabled for to -@@ -961,7 +961,7 @@ +@@ -962,7 +962,7 @@ config GRKERNSEC_SOCKET_SERVER_GID int "GID to deny server sockets for" depends on GRKERNSEC_SOCKET_SERVER diff --git a/3.2.51/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.51/4465_selinux-avc_audit-log-curr_ip.patch index 28ec979..687ae4c 100644 --- a/3.2.51/4465_selinux-avc_audit-log-curr_ip.patch +++ b/3.2.51/4465_selinux-avc_audit-log-curr_ip.patch @@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig --- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 +++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 -@@ -1020,6 +1020,27 @@ +@@ -1057,6 +1057,27 @@ menu "Logging Options" depends on GRKERNSEC |