diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2010-10-18 13:31:31 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-10-18 14:20:48 +0000 |
commit | ad7605847f191d5ca185291d29e6d50d916e9d64 (patch) | |
tree | b75920dc76c08c0d7433a68119b71220e0249899 | |
parent | 45b641394157610188e606bfdc08f2a202313292 (diff) | |
download | alpine_aports-ad7605847f191d5ca185291d29e6d50d916e9d64.tar.bz2 alpine_aports-ad7605847f191d5ca185291d29e6d50d916e9d64.tar.xz alpine_aports-ad7605847f191d5ca185291d29e6d50d916e9d64.zip |
main/linux-grsec: upgrade to grsecurity-2.2.0-2.6.32.24-201010121028
(cherry picked from commit 90b7d529aeac4b6f4c3792772baa6cc4e5e69f7a)
-rw-r--r-- | main/linux-grsec/APKBUILD | 6 | ||||
-rw-r--r-- | main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010121028.patch (renamed from main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010021153.patch) | 147 |
2 files changed, 147 insertions, 6 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 6af7a98cf1..e861009c74 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD | |||
@@ -4,7 +4,7 @@ _flavor=grsec | |||
4 | pkgname=linux-${_flavor} | 4 | pkgname=linux-${_flavor} |
5 | pkgver=2.6.32.24 | 5 | pkgver=2.6.32.24 |
6 | _kernver=2.6.32 | 6 | _kernver=2.6.32 |
7 | pkgrel=0 | 7 | pkgrel=1 |
8 | pkgdesc="Linux kernel with grsecurity" | 8 | pkgdesc="Linux kernel with grsecurity" |
9 | url=http://grsecurity.net | 9 | url=http://grsecurity.net |
10 | depends="mkinitfs linux-firmware" | 10 | depends="mkinitfs linux-firmware" |
@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH:-x86}} | |||
14 | install= | 14 | install= |
15 | source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2 | 15 | source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2 |
16 | ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2 | 16 | ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2 |
17 | grsecurity-2.2.0-2.6.32.24-201010021153.patch | 17 | grsecurity-2.2.0-2.6.32.24-201010121028.patch |
18 | 0001-grsec-revert-conflicting-flow-cache-changes.patch | 18 | 0001-grsec-revert-conflicting-flow-cache-changes.patch |
19 | 0002-gre-fix-hard-header-destination-address-checking.patch | 19 | 0002-gre-fix-hard-header-destination-address-checking.patch |
20 | 0003-ip_gre-include-route-header_len-in-max_headroom-calc.patch | 20 | 0003-ip_gre-include-route-header_len-in-max_headroom-calc.patch |
@@ -150,7 +150,7 @@ firmware() { | |||
150 | 150 | ||
151 | md5sums="260551284ac224c3a43c4adac7df4879 linux-2.6.32.tar.bz2 | 151 | md5sums="260551284ac224c3a43c4adac7df4879 linux-2.6.32.tar.bz2 |
152 | e3346e3b4b92f048b8ecded829f45cdf patch-2.6.32.24.bz2 | 152 | e3346e3b4b92f048b8ecded829f45cdf patch-2.6.32.24.bz2 |
153 | 18b64a2ec06196468d2df1a84fe51354 grsecurity-2.2.0-2.6.32.24-201010021153.patch | 153 | 09ea9b3a8d3f3df001d306ef56e26068 grsecurity-2.2.0-2.6.32.24-201010121028.patch |
154 | 1d247140abec49b96250aec9aa59b324 0001-grsec-revert-conflicting-flow-cache-changes.patch | 154 | 1d247140abec49b96250aec9aa59b324 0001-grsec-revert-conflicting-flow-cache-changes.patch |
155 | 437317f88ec13ace8d39c31983a41696 0002-gre-fix-hard-header-destination-address-checking.patch | 155 | 437317f88ec13ace8d39c31983a41696 0002-gre-fix-hard-header-destination-address-checking.patch |
156 | 151b29a161178ed39d62a08f21f3484d 0003-ip_gre-include-route-header_len-in-max_headroom-calc.patch | 156 | 151b29a161178ed39d62a08f21f3484d 0003-ip_gre-include-route-header_len-in-max_headroom-calc.patch |
diff --git a/main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010021153.patch b/main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010121028.patch index 16dfdbec13..52451a14f3 100644 --- a/main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010021153.patch +++ b/main/linux-grsec/grsecurity-2.2.0-2.6.32.24-201010121028.patch | |||
@@ -26286,6 +26286,43 @@ diff -urNp linux-2.6.32.24/drivers/isdn/icn/icn.c linux-2.6.32.24/drivers/isdn/i | |||
26286 | return -EFAULT; | 26286 | return -EFAULT; |
26287 | } else | 26287 | } else |
26288 | memcpy(msg, buf, count); | 26288 | memcpy(msg, buf, count); |
26289 | diff -urNp linux-2.6.32.24/drivers/isdn/sc/interrupt.c linux-2.6.32.24/drivers/isdn/sc/interrupt.c | ||
26290 | --- linux-2.6.32.24/drivers/isdn/sc/interrupt.c 2010-08-13 16:24:37.000000000 -0400 | ||
26291 | +++ linux-2.6.32.24/drivers/isdn/sc/interrupt.c 2010-10-10 15:57:56.000000000 -0400 | ||
26292 | @@ -112,11 +112,19 @@ irqreturn_t interrupt_handler(int dummy, | ||
26293 | } | ||
26294 | else if(callid>=0x0000 && callid<=0x7FFF) | ||
26295 | { | ||
26296 | + int len; | ||
26297 | + | ||
26298 | pr_debug("%s: Got Incoming Call\n", | ||
26299 | sc_adapter[card]->devicename); | ||
26300 | - strcpy(setup.phone,&(rcvmsg.msg_data.byte_array[4])); | ||
26301 | - strcpy(setup.eazmsn, | ||
26302 | - sc_adapter[card]->channel[rcvmsg.phy_link_no-1].dn); | ||
26303 | + len = strlcpy(setup.phone, &(rcvmsg.msg_data.byte_array[4]), | ||
26304 | + sizeof(setup.phone)); | ||
26305 | + if (len >= sizeof(setup.phone)) | ||
26306 | + continue; | ||
26307 | + len = strlcpy(setup.eazmsn, | ||
26308 | + sc_adapter[card]->channel[rcvmsg.phy_link_no - 1].dn, | ||
26309 | + sizeof(setup.eazmsn)); | ||
26310 | + if (len >= sizeof(setup.eazmsn)) | ||
26311 | + continue; | ||
26312 | setup.si1 = 7; | ||
26313 | setup.si2 = 0; | ||
26314 | setup.plan = 0; | ||
26315 | @@ -176,7 +184,9 @@ irqreturn_t interrupt_handler(int dummy, | ||
26316 | * Handle a GetMyNumber Rsp | ||
26317 | */ | ||
26318 | if (IS_CE_MESSAGE(rcvmsg,Call,0,GetMyNumber)){ | ||
26319 | - strcpy(sc_adapter[card]->channel[rcvmsg.phy_link_no-1].dn,rcvmsg.msg_data.byte_array); | ||
26320 | + strlcpy(sc_adapter[card]->channel[rcvmsg.phy_link_no - 1].dn, | ||
26321 | + rcvmsg.msg_data.byte_array, | ||
26322 | + sizeof(rcvmsg.msg_data.byte_array)); | ||
26323 | continue; | ||
26324 | } | ||
26325 | |||
26289 | diff -urNp linux-2.6.32.24/drivers/lguest/core.c linux-2.6.32.24/drivers/lguest/core.c | 26326 | diff -urNp linux-2.6.32.24/drivers/lguest/core.c linux-2.6.32.24/drivers/lguest/core.c |
26290 | --- linux-2.6.32.24/drivers/lguest/core.c 2010-08-13 16:24:37.000000000 -0400 | 26327 | --- linux-2.6.32.24/drivers/lguest/core.c 2010-08-13 16:24:37.000000000 -0400 |
26291 | +++ linux-2.6.32.24/drivers/lguest/core.c 2010-09-04 15:54:52.000000000 -0400 | 26328 | +++ linux-2.6.32.24/drivers/lguest/core.c 2010-09-04 15:54:52.000000000 -0400 |
@@ -49288,6 +49325,58 @@ diff -urNp linux-2.6.32.24/init/noinitramfs.c linux-2.6.32.24/init/noinitramfs.c | |||
49288 | if (err < 0) | 49325 | if (err < 0) |
49289 | goto out; | 49326 | goto out; |
49290 | 49327 | ||
49328 | diff -urNp linux-2.6.32.24/ipc/compat.c linux-2.6.32.24/ipc/compat.c | ||
49329 | --- linux-2.6.32.24/ipc/compat.c 2010-08-13 16:24:37.000000000 -0400 | ||
49330 | +++ linux-2.6.32.24/ipc/compat.c 2010-10-10 16:05:38.000000000 -0400 | ||
49331 | @@ -242,6 +242,8 @@ long compat_sys_semctl(int first, int se | ||
49332 | struct semid64_ds __user *up64; | ||
49333 | int version = compat_ipc_parse_version(&third); | ||
49334 | |||
49335 | + memset(&s64, 0, sizeof(s64)); | ||
49336 | + | ||
49337 | if (!uptr) | ||
49338 | return -EINVAL; | ||
49339 | if (get_user(pad, (u32 __user *) uptr)) | ||
49340 | @@ -422,6 +424,8 @@ long compat_sys_msgctl(int first, int se | ||
49341 | int version = compat_ipc_parse_version(&second); | ||
49342 | void __user *p; | ||
49343 | |||
49344 | + memset(&m64, 0, sizeof(m64)); | ||
49345 | + | ||
49346 | switch (second & (~IPC_64)) { | ||
49347 | case IPC_INFO: | ||
49348 | case IPC_RMID: | ||
49349 | @@ -595,6 +599,8 @@ long compat_sys_shmctl(int first, int se | ||
49350 | int err, err2; | ||
49351 | int version = compat_ipc_parse_version(&second); | ||
49352 | |||
49353 | + memset(&s64, 0, sizeof(s64)); | ||
49354 | + | ||
49355 | switch (second & (~IPC_64)) { | ||
49356 | case IPC_RMID: | ||
49357 | case SHM_LOCK: | ||
49358 | diff -urNp linux-2.6.32.24/ipc/compat_mq.c linux-2.6.32.24/ipc/compat_mq.c | ||
49359 | --- linux-2.6.32.24/ipc/compat_mq.c 2010-08-13 16:24:37.000000000 -0400 | ||
49360 | +++ linux-2.6.32.24/ipc/compat_mq.c 2010-10-10 16:06:07.000000000 -0400 | ||
49361 | @@ -53,6 +53,9 @@ asmlinkage long compat_sys_mq_open(const | ||
49362 | void __user *p = NULL; | ||
49363 | if (u_attr && oflag & O_CREAT) { | ||
49364 | struct mq_attr attr; | ||
49365 | + | ||
49366 | + memset(&attr, 0, sizeof(attr)); | ||
49367 | + | ||
49368 | p = compat_alloc_user_space(sizeof(attr)); | ||
49369 | if (get_compat_mq_attr(&attr, u_attr) || | ||
49370 | copy_to_user(p, &attr, sizeof(attr))) | ||
49371 | @@ -127,6 +130,8 @@ asmlinkage long compat_sys_mq_getsetattr | ||
49372 | struct mq_attr __user *p = compat_alloc_user_space(2 * sizeof(*p)); | ||
49373 | long ret; | ||
49374 | |||
49375 | + memset(&mqstat, 0, sizeof(mqstat)); | ||
49376 | + | ||
49377 | if (u_mqstat) { | ||
49378 | if (get_compat_mq_attr(&mqstat, u_mqstat) || | ||
49379 | copy_to_user(p, &mqstat, sizeof(mqstat))) | ||
49291 | diff -urNp linux-2.6.32.24/ipc/ipc_sysctl.c linux-2.6.32.24/ipc/ipc_sysctl.c | 49380 | diff -urNp linux-2.6.32.24/ipc/ipc_sysctl.c linux-2.6.32.24/ipc/ipc_sysctl.c |
49292 | --- linux-2.6.32.24/ipc/ipc_sysctl.c 2010-08-13 16:24:37.000000000 -0400 | 49381 | --- linux-2.6.32.24/ipc/ipc_sysctl.c 2010-08-13 16:24:37.000000000 -0400 |
49293 | +++ linux-2.6.32.24/ipc/ipc_sysctl.c 2010-09-04 15:54:52.000000000 -0400 | 49382 | +++ linux-2.6.32.24/ipc/ipc_sysctl.c 2010-09-04 15:54:52.000000000 -0400 |
@@ -49334,7 +49423,7 @@ diff -urNp linux-2.6.32.24/ipc/sem.c linux-2.6.32.24/ipc/sem.c | |||
49334 | out.sem_otime = in->sem_otime; | 49423 | out.sem_otime = in->sem_otime; |
49335 | diff -urNp linux-2.6.32.24/ipc/shm.c linux-2.6.32.24/ipc/shm.c | 49424 | diff -urNp linux-2.6.32.24/ipc/shm.c linux-2.6.32.24/ipc/shm.c |
49336 | --- linux-2.6.32.24/ipc/shm.c 2010-08-13 16:24:37.000000000 -0400 | 49425 | --- linux-2.6.32.24/ipc/shm.c 2010-08-13 16:24:37.000000000 -0400 |
49337 | +++ linux-2.6.32.24/ipc/shm.c 2010-09-04 15:54:52.000000000 -0400 | 49426 | +++ linux-2.6.32.24/ipc/shm.c 2010-10-10 16:04:50.000000000 -0400 |
49338 | @@ -70,6 +70,14 @@ static void shm_destroy (struct ipc_name | 49427 | @@ -70,6 +70,14 @@ static void shm_destroy (struct ipc_name |
49339 | static int sysvipc_shm_proc_show(struct seq_file *s, void *it); | 49428 | static int sysvipc_shm_proc_show(struct seq_file *s, void *it); |
49340 | #endif | 49429 | #endif |
@@ -49365,7 +49454,16 @@ diff -urNp linux-2.6.32.24/ipc/shm.c linux-2.6.32.24/ipc/shm.c | |||
49365 | shp->shm_segsz = size; | 49454 | shp->shm_segsz = size; |
49366 | shp->shm_nattch = 0; | 49455 | shp->shm_nattch = 0; |
49367 | shp->shm_file = file; | 49456 | shp->shm_file = file; |
49368 | @@ -879,9 +895,21 @@ long do_shmat(int shmid, char __user *sh | 49457 | @@ -474,6 +490,8 @@ static inline unsigned long copy_shmid_t |
49458 | { | ||
49459 | struct shmid_ds out; | ||
49460 | |||
49461 | + memset(&out, 0, sizeof(out)); | ||
49462 | + | ||
49463 | ipc64_perm_to_ipc_perm(&in->shm_perm, &out.shm_perm); | ||
49464 | out.shm_segsz = in->shm_segsz; | ||
49465 | out.shm_atime = in->shm_atime; | ||
49466 | @@ -879,9 +897,21 @@ long do_shmat(int shmid, char __user *sh | ||
49369 | if (err) | 49467 | if (err) |
49370 | goto out_unlock; | 49468 | goto out_unlock; |
49371 | 49469 | ||
@@ -51338,7 +51436,7 @@ diff -urNp linux-2.6.32.24/kernel/sys.c linux-2.6.32.24/kernel/sys.c | |||
51338 | } | 51436 | } |
51339 | diff -urNp linux-2.6.32.24/kernel/sysctl.c linux-2.6.32.24/kernel/sysctl.c | 51437 | diff -urNp linux-2.6.32.24/kernel/sysctl.c linux-2.6.32.24/kernel/sysctl.c |
51340 | --- linux-2.6.32.24/kernel/sysctl.c 2010-08-13 16:24:37.000000000 -0400 | 51438 | --- linux-2.6.32.24/kernel/sysctl.c 2010-08-13 16:24:37.000000000 -0400 |
51341 | +++ linux-2.6.32.24/kernel/sysctl.c 2010-09-17 18:34:04.000000000 -0400 | 51439 | +++ linux-2.6.32.24/kernel/sysctl.c 2010-10-10 15:59:01.000000000 -0400 |
51342 | @@ -63,6 +63,13 @@ | 51440 | @@ -63,6 +63,13 @@ |
51343 | static int deprecated_sysctl_warning(struct __sysctl_args *args); | 51441 | static int deprecated_sysctl_warning(struct __sysctl_args *args); |
51344 | 51442 | ||
@@ -51474,6 +51572,15 @@ diff -urNp linux-2.6.32.24/kernel/sysctl.c linux-2.6.32.24/kernel/sysctl.c | |||
51474 | error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC)); | 51572 | error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC)); |
51475 | if (error) | 51573 | if (error) |
51476 | return error; | 51574 | return error; |
51575 | @@ -2609,7 +2686,7 @@ static int __do_proc_doulongvec_minmax(v | ||
51576 | vleft = table->maxlen / sizeof(unsigned long); | ||
51577 | left = *lenp; | ||
51578 | |||
51579 | - for (; left && vleft--; i++, min++, max++, first=0) { | ||
51580 | + for (; left && vleft--; i++, first=0) { | ||
51581 | if (write) { | ||
51582 | while (left) { | ||
51583 | char c; | ||
51477 | diff -urNp linux-2.6.32.24/kernel/taskstats.c linux-2.6.32.24/kernel/taskstats.c | 51584 | diff -urNp linux-2.6.32.24/kernel/taskstats.c linux-2.6.32.24/kernel/taskstats.c |
51478 | --- linux-2.6.32.24/kernel/taskstats.c 2010-08-13 16:24:37.000000000 -0400 | 51585 | --- linux-2.6.32.24/kernel/taskstats.c 2010-08-13 16:24:37.000000000 -0400 |
51479 | +++ linux-2.6.32.24/kernel/taskstats.c 2010-09-04 15:54:52.000000000 -0400 | 51586 | +++ linux-2.6.32.24/kernel/taskstats.c 2010-09-04 15:54:52.000000000 -0400 |
@@ -55656,6 +55763,18 @@ diff -urNp linux-2.6.32.24/net/core/dev.c linux-2.6.32.24/net/core/dev.c | |||
55656 | { | 55763 | { |
55657 | struct list_head *list = &__get_cpu_var(softnet_data).poll_list; | 55764 | struct list_head *list = &__get_cpu_var(softnet_data).poll_list; |
55658 | unsigned long time_limit = jiffies + 2; | 55765 | unsigned long time_limit = jiffies + 2; |
55766 | diff -urNp linux-2.6.32.24/net/core/ethtool.c linux-2.6.32.24/net/core/ethtool.c | ||
55767 | --- linux-2.6.32.24/net/core/ethtool.c 2010-08-13 16:24:37.000000000 -0400 | ||
55768 | +++ linux-2.6.32.24/net/core/ethtool.c 2010-10-10 15:55:54.000000000 -0400 | ||
55769 | @@ -265,7 +265,7 @@ static int ethtool_get_rxnfc(struct net_ | ||
55770 | if (info.cmd == ETHTOOL_GRXCLSRLALL) { | ||
55771 | if (info.rule_cnt > 0) { | ||
55772 | if (info.rule_cnt <= KMALLOC_MAX_SIZE / sizeof(u32)) | ||
55773 | - rule_buf = kmalloc(info.rule_cnt * sizeof(u32), | ||
55774 | + rule_buf = kzalloc(info.rule_cnt * sizeof(u32), | ||
55775 | GFP_USER); | ||
55776 | if (!rule_buf) | ||
55777 | return -ENOMEM; | ||
55659 | diff -urNp linux-2.6.32.24/net/core/flow.c linux-2.6.32.24/net/core/flow.c | 55778 | diff -urNp linux-2.6.32.24/net/core/flow.c linux-2.6.32.24/net/core/flow.c |
55660 | --- linux-2.6.32.24/net/core/flow.c 2010-08-13 16:24:37.000000000 -0400 | 55779 | --- linux-2.6.32.24/net/core/flow.c 2010-08-13 16:24:37.000000000 -0400 |
55661 | +++ linux-2.6.32.24/net/core/flow.c 2010-09-04 15:54:52.000000000 -0400 | 55780 | +++ linux-2.6.32.24/net/core/flow.c 2010-09-04 15:54:52.000000000 -0400 |
@@ -57934,6 +58053,28 @@ diff -urNp linux-2.6.32.24/sound/aoa/codecs/onyx.c linux-2.6.32.24/sound/aoa/cod | |||
57934 | onyx->spdif_locked = onyx->analog_locked = 0; | 58053 | onyx->spdif_locked = onyx->analog_locked = 0; |
57935 | mutex_unlock(&onyx->mutex); | 58054 | mutex_unlock(&onyx->mutex); |
57936 | 58055 | ||
58056 | diff -urNp linux-2.6.32.24/sound/core/control.c linux-2.6.32.24/sound/core/control.c | ||
58057 | --- linux-2.6.32.24/sound/core/control.c 2010-08-13 16:24:37.000000000 -0400 | ||
58058 | +++ linux-2.6.32.24/sound/core/control.c 2010-10-12 10:26:46.000000000 -0400 | ||
58059 | @@ -31,6 +31,7 @@ | ||
58060 | |||
58061 | /* max number of user-defined controls */ | ||
58062 | #define MAX_USER_CONTROLS 32 | ||
58063 | +#define MAX_CONTROL_COUNT 1028 | ||
58064 | |||
58065 | struct snd_kctl_ioctl { | ||
58066 | struct list_head list; /* list of all ioctls */ | ||
58067 | @@ -190,6 +191,10 @@ static struct snd_kcontrol *snd_ctl_new( | ||
58068 | |||
58069 | if (snd_BUG_ON(!control || !control->count)) | ||
58070 | return NULL; | ||
58071 | + | ||
58072 | + if (control->count > MAX_CONTROL_COUNT) | ||
58073 | + return NULL; | ||
58074 | + | ||
58075 | kctl = kzalloc(sizeof(*kctl) + sizeof(struct snd_kcontrol_volatile) * control->count, GFP_KERNEL); | ||
58076 | if (kctl == NULL) { | ||
58077 | snd_printk(KERN_ERR "Cannot allocate control instance\n"); | ||
57937 | diff -urNp linux-2.6.32.24/sound/core/oss/pcm_oss.c linux-2.6.32.24/sound/core/oss/pcm_oss.c | 58078 | diff -urNp linux-2.6.32.24/sound/core/oss/pcm_oss.c linux-2.6.32.24/sound/core/oss/pcm_oss.c |
57938 | --- linux-2.6.32.24/sound/core/oss/pcm_oss.c 2010-08-13 16:24:37.000000000 -0400 | 58079 | --- linux-2.6.32.24/sound/core/oss/pcm_oss.c 2010-08-13 16:24:37.000000000 -0400 |
57939 | +++ linux-2.6.32.24/sound/core/oss/pcm_oss.c 2010-09-04 15:54:52.000000000 -0400 | 58080 | +++ linux-2.6.32.24/sound/core/oss/pcm_oss.c 2010-09-04 15:54:52.000000000 -0400 |