summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--3.13.5/0000_README2
-rw-r--r--3.13.5/4420_grsecurity-3.0-3.13.5-201403041938.patch (renamed from 3.13.5/4420_grsecurity-3.0-3.13.5-201403031445.patch)52
-rw-r--r--3.2.55/0000_README2
-rw-r--r--3.2.55/4420_grsecurity-3.0-3.2.55-201403041936.patch (renamed from 3.2.55/4420_grsecurity-3.0-3.2.55-201403022154.patch)18
4 files changed, 72 insertions, 2 deletions
diff --git a/3.13.5/0000_README b/3.13.5/0000_README
index 838ac74..c20a3d4 100644
--- a/3.13.5/0000_README
+++ b/3.13.5/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.13.5-201403031445.patch
+Patch: 4420_grsecurity-3.0-3.13.5-201403041938.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.13.5/4420_grsecurity-3.0-3.13.5-201403031445.patch b/3.13.5/4420_grsecurity-3.0-3.13.5-201403041938.patch
index eaf708f..9efbd6a 100644
--- a/3.13.5/4420_grsecurity-3.0-3.13.5-201403031445.patch
+++ b/3.13.5/4420_grsecurity-3.0-3.13.5-201403041938.patch
@@ -97152,6 +97152,23 @@ index fc0e649..febfa65 100644
EXPORT_SYMBOL(sysctl_local_reserved_ports);
void inet_get_local_port_range(struct net *net, int *low, int *high)
+diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c
+index bb075fc..322dceb 100644
+--- a/net/ipv4/inet_fragment.c
++++ b/net/ipv4/inet_fragment.c
+@@ -278,9 +278,10 @@ static struct inet_frag_queue *inet_frag_intern(struct netns_frags *nf,
+
+ atomic_inc(&qp->refcnt);
+ hlist_add_head(&qp->list, &hb->chain);
+- spin_unlock(&hb->chain_lock);
+- read_unlock(&f->lock);
+ inet_frag_lru_add(nf, qp);
++ spin_unlock(&hb->chain_lock);
++ read_unlock(&f->lock);
++
+ return qp;
+ }
+
diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
index 8b9cf27..0d8d592 100644
--- a/net/ipv4/inet_hashtables.c
@@ -100566,6 +100583,24 @@ index 1a6eef3..17e898f 100644
NULL,
sctp_generate_t1_cookie_event,
sctp_generate_t1_init_event,
+diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
+index a26065b..af7be05 100644
+--- a/net/sctp/sm_statefuns.c
++++ b/net/sctp/sm_statefuns.c
+@@ -759,6 +759,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net,
+ struct sctp_chunk auth;
+ sctp_ierror_t ret;
+
++ /* Make sure that we and the peer are AUTH capable */
++ if (!net->sctp.auth_enable || !new_asoc->peer.auth_capable) {
++ kfree_skb(chunk->auth_chunk);
++ sctp_association_free(new_asoc);
++ return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
++ }
++
+ /* set-up our fake chunk so that we can process it */
+ auth.skb = chunk->auth_chunk;
+ auth.asoc = chunk->asoc;
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 42b709c..e7d09ac 100644
--- a/net/sctp/socket.c
@@ -103517,6 +103552,23 @@ index cee72ce..e46074a 100644
err:
if (iov != iovstack)
kfree(iov);
+diff --git a/security/keys/keyring.c b/security/keys/keyring.c
+index d46cbc5..2fb2576 100644
+--- a/security/keys/keyring.c
++++ b/security/keys/keyring.c
+@@ -1000,7 +1000,11 @@ static int keyring_detect_cycle_iterator(const void *object,
+
+ kenter("{%d}", key->serial);
+
+- BUG_ON(key != ctx->match_data);
++ /* We might get a keyring with matching index-key that is nonetheless a
++ * different keyring. */
++ if (key != ctx->match_data)
++ return 0;
++
+ ctx->result = ERR_PTR(-EDEADLK);
+ return 1;
+ }
diff --git a/security/min_addr.c b/security/min_addr.c
index f728728..6457a0c 100644
--- a/security/min_addr.c
diff --git a/3.2.55/0000_README b/3.2.55/0000_README
index e75270d..6e1b2f5 100644
--- a/3.2.55/0000_README
+++ b/3.2.55/0000_README
@@ -138,7 +138,7 @@ Patch: 1054_linux-3.2.55.patch
From: http://www.kernel.org
Desc: Linux 3.2.55
-Patch: 4420_grsecurity-3.0-3.2.55-201403022154.patch
+Patch: 4420_grsecurity-3.0-3.2.55-201403041936.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.55/4420_grsecurity-3.0-3.2.55-201403022154.patch b/3.2.55/4420_grsecurity-3.0-3.2.55-201403041936.patch
index 5e79266..5a6b289 100644
--- a/3.2.55/4420_grsecurity-3.0-3.2.55-201403022154.patch
+++ b/3.2.55/4420_grsecurity-3.0-3.2.55-201403041936.patch
@@ -101674,6 +101674,24 @@ index 76388b0..a967f68 100644
NULL,
sctp_generate_t1_cookie_event,
sctp_generate_t1_init_event,
+diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
+index cb1c430..f131caf 100644
+--- a/net/sctp/sm_statefuns.c
++++ b/net/sctp/sm_statefuns.c
+@@ -747,6 +747,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(const struct sctp_endpoint *ep,
+ struct sctp_chunk auth;
+ sctp_ierror_t ret;
+
++ /* Make sure that we and the peer are AUTH capable */
++ if (!sctp_auth_enable || !new_asoc->peer.auth_capable) {
++ kfree_skb(chunk->auth_chunk);
++ sctp_association_free(new_asoc);
++ return sctp_sf_pdiscard(ep, asoc, type, arg, commands);
++ }
++
+ /* set-up our fake chunk so that we can process it */
+ auth.skb = chunk->auth_chunk;
+ auth.asoc = chunk->asoc;
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index c53d01e..9659111 100644
--- a/net/sctp/socket.c