Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/2.6.36
diff options
context:
space:
mode:
Diffstat (limited to '2.6.36')
-rw-r--r--2.6.36/0000_README2
-rw-r--r--2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch (renamed from 2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch)84
2 files changed, 78 insertions, 8 deletions
diff --git a/2.6.36/0000_README b/2.6.36/0000_README
index ab84404..2e68652 100644
--- a/2.6.36/0000_README
+++ b/2.6.36/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch
+Patch: 4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch b/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch
index 8259591..ecd20a1 100644
--- a/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch
+++ b/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch
@@ -35178,8 +35178,8 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl_alloc.c linux-2.6.36.3/grsecurity/gra
+}
diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c
--- linux-2.6.36.3/grsecurity/gracl.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.36.3/grsecurity/gracl.c 2011-01-11 22:55:00.000000000 -0500
-@@ -0,0 +1,3921 @@
++++ linux-2.6.36.3/grsecurity/gracl.c 2011-01-13 17:05:45.000000000 -0500
+@@ -0,0 +1,3991 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -35332,16 +35332,82 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c
+ return !memcmp(a, b, lena);
+}
+
++static int prepend(char **buffer, int *buflen, const char *str, int namelen)
++{
++ *buflen -= namelen;
++ if (*buflen < 0)
++ return -ENAMETOOLONG;
++ *buffer -= namelen;
++ memcpy(*buffer, str, namelen);
++ return 0;
++}
++
++static int prepend_name(char **buffer, int *buflen, struct qstr *name)
++{
++ return prepend(buffer, buflen, name->name, name->len);
++}
++
++static int prepend_path(const struct path *path, struct path *root,
++ char **buffer, int *buflen)
++{
++ struct dentry *dentry = path->dentry;
++ struct vfsmount *vfsmnt = path->mnt;
++ bool slash = false;
++ int error = 0;
++
++ while (dentry != root->dentry || vfsmnt != root->mnt) {
++ struct dentry * parent;
++
++ if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
++ /* Global root? */
++ if (vfsmnt->mnt_parent == vfsmnt) {
++ goto out;
++ }
++ dentry = vfsmnt->mnt_mountpoint;
++ vfsmnt = vfsmnt->mnt_parent;
++ continue;
++ }
++ parent = dentry->d_parent;
++ prefetch(parent);
++ error = prepend_name(buffer, buflen, &dentry->d_name);
++ if (!error)
++ error = prepend(buffer, buflen, "/", 1);
++ if (error)
++ break;
++
++ slash = true;
++ dentry = parent;
++ }
++
++out:
++ if (!error && !slash)
++ error = prepend(buffer, buflen, "/", 1);
++
++ return error;
++}
++
++/* this must be called with vfsmount_lock and dcache_lock held */
++
++static char *__our_d_path(const struct path *path, struct path *root,
++ char *buf, int buflen)
++{
++ char *res = buf + buflen;
++ int error;
++
++ prepend(&res, &buflen, "\0", 1);
++ error = prepend_path(path, root, &res, &buflen);
++ if (error)
++ return ERR_PTR(error);
++
++ return res;
++}
++
+static char *
+gen_full_path(struct path *path, struct path *root, char *buf, int buflen)
+{
+ char *retval;
-+ struct path old_root = *root;
-+
-+ /* __d_path modifies root, so have it modify our dummy copy
-+ */
+
-+ retval = __d_path(path, &old_root, buf, buflen);
++ retval = __our_d_path(path, root, buf, buflen);
+ if (unlikely(IS_ERR(retval)))
+ retval = strcpy(buf, "<path too long>");
+ else if (unlikely(retval[1] == '/' && retval[2] == '\0'))
@@ -35383,7 +35449,9 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c
+ get_fs_root(reaper->fs, &root);
+
+ spin_lock(&dcache_lock);
++ br_read_lock(vfsmount_lock);
+ res = gen_full_path(&path, &root, buf, buflen);
++ br_read_unlock(vfsmount_lock);
+ spin_unlock(&dcache_lock);
+
+ path_put(&root);
@@ -35395,8 +35463,10 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c
+{
+ char *ret;
+ spin_lock(&dcache_lock);
++ br_read_lock(vfsmount_lock);
+ ret = __d_real_path(dentry, mnt, per_cpu_ptr(gr_shared_page[0],smp_processor_id()),
+ PAGE_SIZE);
++ br_read_unlock(vfsmount_lock);
+ spin_unlock(&dcache_lock);
+ return ret;
+}