diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2011-10-21 17:40:42 -0400 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2011-10-21 17:40:42 -0400 |
| commit | be3fdfc1030dfff96c419b4e9b22308c69926ec0 (patch) | |
| tree | 33a24d9860895748afd89374f244ffbdf38e80af | |
| parent | Grsec/PaX: 2.2.2-2.6.32.46-201110191214 + 2.2.2-3.0.7-201110191214 (diff) | |
| download | hardened-patchset-be3fdfc1030dfff96c419b4e9b22308c69926ec0.tar.gz hardened-patchset-be3fdfc1030dfff96c419b4e9b22308c69926ec0.tar.bz2 hardened-patchset-be3fdfc1030dfff96c419b4e9b22308c69926ec0.zip | |
Grsec/PaX: 2.2.2-2.6.32.46-201110200052 + 2.2.2-3.0.7-201110200052
| -rw-r--r-- | 2.6.32/0000_README | 2 | ||||
| -rw-r--r-- | 2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch) | 7 | ||||
| -rw-r--r-- | 3.0.7/0000_README | 2 | ||||
| -rw-r--r-- | 3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch (renamed from 3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch) | 14 |
4 files changed, 14 insertions, 11 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index fda316c..54860bc 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch +Patch: 4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch index 4c56198..64e8748 100644 --- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch +++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch @@ -62660,8 +62660,8 @@ diff -urNp linux-2.6.32.46/include/linux/grdefs.h linux-2.6.32.46/include/linux/ +#endif diff -urNp linux-2.6.32.46/include/linux/grinternal.h linux-2.6.32.46/include/linux/grinternal.h --- linux-2.6.32.46/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.46/include/linux/grinternal.h 2011-08-11 19:58:37.000000000 -0400 -@@ -0,0 +1,217 @@ ++++ linux-2.6.32.46/include/linux/grinternal.h 2011-10-20 00:48:45.000000000 -0400 +@@ -0,0 +1,218 @@ +#ifndef __GRINTERNAL_H +#define __GRINTERNAL_H + @@ -62785,7 +62785,8 @@ diff -urNp linux-2.6.32.46/include/linux/grinternal.h linux-2.6.32.46/include/li + CAP_TO_MASK(CAP_SYS_PACCT) | CAP_TO_MASK(CAP_SYS_ADMIN) | \ + CAP_TO_MASK(CAP_SYS_BOOT) | CAP_TO_MASK(CAP_SYS_TIME) | \ + CAP_TO_MASK(CAP_NET_RAW) | CAP_TO_MASK(CAP_SYS_TTY_CONFIG) | \ -+ CAP_TO_MASK(CAP_IPC_OWNER) , 0 }} ++ CAP_TO_MASK(CAP_IPC_OWNER) | CAP_TO_MASK(CAP_SETFCAP), \ ++ CAP_TO_MASK(CAP_MAC_ADMIN) }} + +#define security_learn(normal_msg,args...) \ +({ \ diff --git a/3.0.7/0000_README b/3.0.7/0000_README index f57a73c..406c7d8 100644 --- a/3.0.7/0000_README +++ b/3.0.7/0000_README @@ -7,7 +7,7 @@ Patch: 1006_linux-3.0.7.patch From: http://www.kernel.org Desc: Linux 3.0.7 -Patch: 4420_grsecurity-2.2.2-3.0.7-201110191214.patch +Patch: 4420_grsecurity-2.2.2-3.0.7-201110200052.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch b/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch index acce39b..de32794 100644 --- a/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch +++ b/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch @@ -54654,8 +54654,8 @@ diff -urNp linux-3.0.7/grsecurity/grsec_disabled.c linux-3.0.7/grsecurity/grsec_ +#endif diff -urNp linux-3.0.7/grsecurity/grsec_exec.c linux-3.0.7/grsecurity/grsec_exec.c --- linux-3.0.7/grsecurity/grsec_exec.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-3.0.7/grsecurity/grsec_exec.c 2011-09-14 09:20:28.000000000 -0400 -@@ -0,0 +1,145 @@ ++++ linux-3.0.7/grsecurity/grsec_exec.c 2011-10-20 00:50:54.000000000 -0400 +@@ -0,0 +1,146 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/file.h> @@ -54772,7 +54772,8 @@ diff -urNp linux-3.0.7/grsecurity/grsec_exec.c linux-3.0.7/grsecurity/grsec_exec + "CAP_SETFCAP", + "CAP_MAC_OVERRIDE", + "CAP_MAC_ADMIN", -+ "CAP_SYSLOG" ++ "CAP_SYSLOG", ++ "CAP_WAKE_ALARM" +}; + +int captab_log_entries = sizeof(captab_log)/sizeof(captab_log[0]); @@ -58301,8 +58302,8 @@ diff -urNp linux-3.0.7/include/linux/grdefs.h linux-3.0.7/include/linux/grdefs.h +#endif diff -urNp linux-3.0.7/include/linux/grinternal.h linux-3.0.7/include/linux/grinternal.h --- linux-3.0.7/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-3.0.7/include/linux/grinternal.h 2011-10-17 00:25:19.000000000 -0400 -@@ -0,0 +1,219 @@ ++++ linux-3.0.7/include/linux/grinternal.h 2011-10-20 00:47:28.000000000 -0400 +@@ -0,0 +1,220 @@ +#ifndef __GRINTERNAL_H +#define __GRINTERNAL_H + @@ -58427,7 +58428,8 @@ diff -urNp linux-3.0.7/include/linux/grinternal.h linux-3.0.7/include/linux/grin + CAP_TO_MASK(CAP_SYS_PACCT) | CAP_TO_MASK(CAP_SYS_ADMIN) | \ + CAP_TO_MASK(CAP_SYS_BOOT) | CAP_TO_MASK(CAP_SYS_TIME) | \ + CAP_TO_MASK(CAP_NET_RAW) | CAP_TO_MASK(CAP_SYS_TTY_CONFIG) | \ -+ CAP_TO_MASK(CAP_IPC_OWNER) , CAP_TO_MASK(CAP_SYSLOG) }} ++ CAP_TO_MASK(CAP_IPC_OWNER) | CAP_TO_MASK(CAP_SETFCAP), \ ++ CAP_TO_MASK(CAP_SYSLOG) | CAP_TO_MASK(CAP_MAC_ADMIN) }} + +#define security_learn(normal_msg,args...) \ +({ \ |