diff options
Diffstat (limited to '2.6.36')
-rw-r--r-- | 2.6.36/0000_README | 2 | ||||
-rw-r--r-- | 2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch (renamed from 2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch) | 84 |
2 files changed, 78 insertions, 8 deletions
diff --git a/2.6.36/0000_README b/2.6.36/0000_README index ab84404..2e68652 100644 --- a/2.6.36/0000_README +++ b/2.6.36/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch +Patch: 4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch b/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch index 8259591..ecd20a1 100644 --- a/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101120010.patch +++ b/2.6.36/4420_grsecurity-2.2.1-2.6.36.3-201101131705.patch @@ -35178,8 +35178,8 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl_alloc.c linux-2.6.36.3/grsecurity/gra +} diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c --- linux-2.6.36.3/grsecurity/gracl.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.36.3/grsecurity/gracl.c 2011-01-11 22:55:00.000000000 -0500 -@@ -0,0 +1,3921 @@ ++++ linux-2.6.36.3/grsecurity/gracl.c 2011-01-13 17:05:45.000000000 -0500 +@@ -0,0 +1,3991 @@ +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/sched.h> @@ -35332,16 +35332,82 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c + return !memcmp(a, b, lena); +} + ++static int prepend(char **buffer, int *buflen, const char *str, int namelen) ++{ ++ *buflen -= namelen; ++ if (*buflen < 0) ++ return -ENAMETOOLONG; ++ *buffer -= namelen; ++ memcpy(*buffer, str, namelen); ++ return 0; ++} ++ ++static int prepend_name(char **buffer, int *buflen, struct qstr *name) ++{ ++ return prepend(buffer, buflen, name->name, name->len); ++} ++ ++static int prepend_path(const struct path *path, struct path *root, ++ char **buffer, int *buflen) ++{ ++ struct dentry *dentry = path->dentry; ++ struct vfsmount *vfsmnt = path->mnt; ++ bool slash = false; ++ int error = 0; ++ ++ while (dentry != root->dentry || vfsmnt != root->mnt) { ++ struct dentry * parent; ++ ++ if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) { ++ /* Global root? */ ++ if (vfsmnt->mnt_parent == vfsmnt) { ++ goto out; ++ } ++ dentry = vfsmnt->mnt_mountpoint; ++ vfsmnt = vfsmnt->mnt_parent; ++ continue; ++ } ++ parent = dentry->d_parent; ++ prefetch(parent); ++ error = prepend_name(buffer, buflen, &dentry->d_name); ++ if (!error) ++ error = prepend(buffer, buflen, "/", 1); ++ if (error) ++ break; ++ ++ slash = true; ++ dentry = parent; ++ } ++ ++out: ++ if (!error && !slash) ++ error = prepend(buffer, buflen, "/", 1); ++ ++ return error; ++} ++ ++/* this must be called with vfsmount_lock and dcache_lock held */ ++ ++static char *__our_d_path(const struct path *path, struct path *root, ++ char *buf, int buflen) ++{ ++ char *res = buf + buflen; ++ int error; ++ ++ prepend(&res, &buflen, "\0", 1); ++ error = prepend_path(path, root, &res, &buflen); ++ if (error) ++ return ERR_PTR(error); ++ ++ return res; ++} ++ +static char * +gen_full_path(struct path *path, struct path *root, char *buf, int buflen) +{ + char *retval; -+ struct path old_root = *root; -+ -+ /* __d_path modifies root, so have it modify our dummy copy -+ */ + -+ retval = __d_path(path, &old_root, buf, buflen); ++ retval = __our_d_path(path, root, buf, buflen); + if (unlikely(IS_ERR(retval))) + retval = strcpy(buf, "<path too long>"); + else if (unlikely(retval[1] == '/' && retval[2] == '\0')) @@ -35383,7 +35449,9 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c + get_fs_root(reaper->fs, &root); + + spin_lock(&dcache_lock); ++ br_read_lock(vfsmount_lock); + res = gen_full_path(&path, &root, buf, buflen); ++ br_read_unlock(vfsmount_lock); + spin_unlock(&dcache_lock); + + path_put(&root); @@ -35395,8 +35463,10 @@ diff -urNp linux-2.6.36.3/grsecurity/gracl.c linux-2.6.36.3/grsecurity/gracl.c +{ + char *ret; + spin_lock(&dcache_lock); ++ br_read_lock(vfsmount_lock); + ret = __d_real_path(dentry, mnt, per_cpu_ptr(gr_shared_page[0],smp_processor_id()), + PAGE_SIZE); ++ br_read_unlock(vfsmount_lock); + spin_unlock(&dcache_lock); + return ret; +} |