[gentoo-commits] proj/hardened-patchset:master commit in: 3.13.1/, 3.13.0/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] proj/hardened-patchset:master commit in: 3.13.1/, 3.13.0/
@ 2014-02-01 17:19 Anthony G. Basile
  0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2014-02-01 17:19 UTC (permalink / raw
  To: gentoo-commits

commit:     c2144d560a97fdad96c84200e9b45a564409b42e
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sat Feb  1 17:18:55 2014 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Feb  1 17:18:55 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=c2144d56

Grsec/PaX: 3.0-3.13.1-201401301657

---
 {3.13.0 => 3.13.1}/0000_README                     |  2 +-
 .../4420_grsecurity-3.0-3.13.1-201401301657.patch  | 75 +++++++++++++---------
 {3.13.0 => 3.13.1}/4425_grsec_remove_EI_PAX.patch  |  0
 .../4427_force_XATTR_PAX_tmpfs.patch               |  0
 .../4430_grsec-remove-localversion-grsec.patch     |  0
 {3.13.0 => 3.13.1}/4435_grsec-mute-warnings.patch  |  0
 .../4440_grsec-remove-protected-paths.patch        |  0
 .../4450_grsec-kconfig-default-gids.patch          |  0
 .../4465_selinux-avc_audit-log-curr_ip.patch       |  0
 {3.13.0 => 3.13.1}/4470_disable-compat_vdso.patch  |  0
 {3.13.0 => 3.13.1}/4475_emutramp_default_on.patch  |  0
 11 files changed, 46 insertions(+), 31 deletions(-)

diff --git a/3.13.0/0000_README b/3.13.1/0000_README
similarity index 96%
rename from 3.13.0/0000_README
rename to 3.13.1/0000_README
index d5c2b2c..a830d5a 100644
--- a/3.13.0/0000_README
+++ b/3.13.1/0000_README
@@ -2,7 +2,7 @@ README
 -----------------------------------------------------------------------------
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-3.0-3.13.0-201401281848.patch
+Patch:	4420_grsecurity-3.0-3.13.1-201401301657.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 

diff --git a/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch b/3.13.1/4420_grsecurity-3.0-3.13.1-201401301657.patch
similarity index 99%
rename from 3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
rename to 3.13.1/4420_grsecurity-3.0-3.13.1-201401301657.patch
index 93699a6..08da283 100644
--- a/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
+++ b/3.13.1/4420_grsecurity-3.0-3.13.1-201401301657.patch
@@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644
  
  	pcd.		[PARIDE]
 diff --git a/Makefile b/Makefile
-index b8b7f74..1f3d7c8 100644
+index de4cda9..d1183df 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -19178,7 +19178,7 @@ index 3c03a5d..1071638 100644
  
  #endif /* _ASM_X86_UACCESS_32_H */
 diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
-index 190413d..bf69468 100644
+index 190413d..8a80c2a 100644
 --- a/arch/x86/include/asm/uaccess_64.h
 +++ b/arch/x86/include/asm/uaccess_64.h
 @@ -10,6 +10,9 @@
@@ -19457,7 +19457,7 @@ index 190413d..bf69468 100644
 +__copy_from_user_inatomic(void *dst, const void __user *src, unsigned long size)
  {
 -	return __copy_from_user_nocheck(dst, (__force const void *)src, size);
-+	return __copy_from_user_nocheck(dst, ____m(src), size);
++	return __copy_from_user_nocheck(dst, src, size);
  }
  
 -static __must_check __always_inline int
@@ -19466,7 +19466,7 @@ index 190413d..bf69468 100644
 +__copy_to_user_inatomic(void __user *dst, const void *src, unsigned long size)
  {
 -	return __copy_to_user_nocheck((__force void *)dst, src, size);
-+	return __copy_to_user_nocheck(____m(dst), src, size);
++	return __copy_to_user_nocheck(dst, src, size);
  }
  
 -extern long __copy_user_nocache(void *dst, const void __user *src,
@@ -43411,7 +43411,7 @@ index 06eeb99..770613e 100644
  
  			rdev_dec_pending(rdev, mddev);
 diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c
-index cbb1571..47952f5 100644
+index 03f82ab..374bb38 100644
 --- a/drivers/md/raid5.c
 +++ b/drivers/md/raid5.c
 @@ -1991,21 +1991,21 @@ static void raid5_end_read_request(struct bio * bi, int error)
@@ -78741,7 +78741,7 @@ index 9fe426b..8148be6 100644
  static inline int
  vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst)
 diff --git a/include/linux/mm.h b/include/linux/mm.h
-index 3552717..658aae0 100644
+index 9fac6dd..158ca43 100644
 --- a/include/linux/mm.h
 +++ b/include/linux/mm.h
 @@ -117,6 +117,11 @@ extern unsigned int kobjsize(const void *objp);
@@ -78775,7 +78775,7 @@ index 3552717..658aae0 100644
  
  struct mmu_gather;
  struct inode;
-@@ -1061,8 +1067,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address,
+@@ -1064,8 +1070,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address,
  	unsigned long *pfn);
  int follow_phys(struct vm_area_struct *vma, unsigned long address,
  		unsigned int flags, unsigned long *prot, resource_size_t *phys);
@@ -78786,7 +78786,7 @@ index 3552717..658aae0 100644
  
  static inline void unmap_shared_mapping_range(struct address_space *mapping,
  		loff_t const holebegin, loff_t const holelen)
-@@ -1101,9 +1107,9 @@ static inline int fixup_user_fault(struct task_struct *tsk,
+@@ -1104,9 +1110,9 @@ static inline int fixup_user_fault(struct task_struct *tsk,
  }
  #endif
  
@@ -78799,7 +78799,7 @@ index 3552717..658aae0 100644
  
  long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
  		      unsigned long start, unsigned long nr_pages,
-@@ -1135,34 +1141,6 @@ int set_page_dirty(struct page *page);
+@@ -1138,34 +1144,6 @@ int set_page_dirty(struct page *page);
  int set_page_dirty_lock(struct page *page);
  int clear_page_dirty_for_io(struct page *page);
  
@@ -78834,7 +78834,7 @@ index 3552717..658aae0 100644
  extern pid_t
  vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group);
  
-@@ -1262,6 +1240,15 @@ static inline void sync_mm_rss(struct mm_struct *mm)
+@@ -1265,6 +1243,15 @@ static inline void sync_mm_rss(struct mm_struct *mm)
  }
  #endif
  
@@ -78850,7 +78850,7 @@ index 3552717..658aae0 100644
  int vma_wants_writenotify(struct vm_area_struct *vma);
  
  extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr,
-@@ -1280,8 +1267,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd,
+@@ -1283,8 +1270,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd,
  {
  	return 0;
  }
@@ -78866,7 +78866,7 @@ index 3552717..658aae0 100644
  #endif
  
  #ifdef __PAGETABLE_PMD_FOLDED
-@@ -1290,8 +1284,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud,
+@@ -1293,8 +1287,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud,
  {
  	return 0;
  }
@@ -78882,7 +78882,7 @@ index 3552717..658aae0 100644
  #endif
  
  int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma,
-@@ -1309,11 +1310,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a
+@@ -1312,11 +1313,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a
  		NULL: pud_offset(pgd, address);
  }
  
@@ -78906,7 +78906,7 @@ index 3552717..658aae0 100644
  #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */
  
  #if USE_SPLIT_PTE_PTLOCKS
-@@ -1691,7 +1704,7 @@ extern int install_special_mapping(struct mm_struct *mm,
+@@ -1694,7 +1707,7 @@ extern int install_special_mapping(struct mm_struct *mm,
  				   unsigned long addr, unsigned long len,
  				   unsigned long flags, struct page **pages);
  
@@ -78915,7 +78915,7 @@ index 3552717..658aae0 100644
  
  extern unsigned long mmap_region(struct file *file, unsigned long addr,
  	unsigned long len, vm_flags_t vm_flags, unsigned long pgoff);
-@@ -1699,6 +1712,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
+@@ -1702,6 +1715,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
  	unsigned long len, unsigned long prot, unsigned long flags,
  	unsigned long pgoff, unsigned long *populate);
  extern int do_munmap(struct mm_struct *, unsigned long, size_t);
@@ -78923,7 +78923,7 @@ index 3552717..658aae0 100644
  
  #ifdef CONFIG_MMU
  extern int __mm_populate(unsigned long addr, unsigned long len,
-@@ -1727,10 +1741,11 @@ struct vm_unmapped_area_info {
+@@ -1730,10 +1744,11 @@ struct vm_unmapped_area_info {
  	unsigned long high_limit;
  	unsigned long align_mask;
  	unsigned long align_offset;
@@ -78937,7 +78937,7 @@ index 3552717..658aae0 100644
  
  /*
   * Search for an unmapped address range.
-@@ -1742,7 +1757,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info);
+@@ -1745,7 +1760,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info);
   * - satisfies (begin_addr & align_mask) == (align_offset & align_mask)
   */
  static inline unsigned long
@@ -78946,7 +78946,7 @@ index 3552717..658aae0 100644
  {
  	if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN))
  		return unmapped_area(info);
-@@ -1805,6 +1820,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add
+@@ -1808,6 +1823,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add
  extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr,
  					     struct vm_area_struct **pprev);
  
@@ -78957,7 +78957,7 @@ index 3552717..658aae0 100644
  /* Look up the first VMA which intersects the interval start_addr..end_addr-1,
     NULL if none.  Assume start_addr < end_addr. */
  static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr)
-@@ -1833,15 +1852,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm,
+@@ -1836,15 +1855,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm,
  	return vma;
  }
  
@@ -78973,7 +78973,7 @@ index 3552717..658aae0 100644
  #ifdef CONFIG_ARCH_USES_NUMA_PROT_NONE
  unsigned long change_prot_numa(struct vm_area_struct *vma,
  			unsigned long start, unsigned long end);
-@@ -1893,6 +1903,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long);
+@@ -1896,6 +1906,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long);
  static inline void vm_stat_account(struct mm_struct *mm,
  			unsigned long flags, struct file *file, long pages)
  {
@@ -78985,7 +78985,7 @@ index 3552717..658aae0 100644
  	mm->total_vm += pages;
  }
  #endif /* CONFIG_PROC_FS */
-@@ -1974,7 +1989,7 @@ extern int unpoison_memory(unsigned long pfn);
+@@ -1977,7 +1992,7 @@ extern int unpoison_memory(unsigned long pfn);
  extern int sysctl_memory_failure_early_kill;
  extern int sysctl_memory_failure_recovery;
  extern void shake_page(struct page *p, int access);
@@ -78994,7 +78994,7 @@ index 3552717..658aae0 100644
  extern int soft_offline_page(struct page *page, int flags);
  
  extern void dump_page(struct page *page);
-@@ -2011,5 +2026,11 @@ void __init setup_nr_node_ids(void);
+@@ -2014,5 +2029,11 @@ void __init setup_nr_node_ids(void);
  static inline void setup_nr_node_ids(void) {}
  #endif
  
@@ -95456,7 +95456,7 @@ index 4a5df7b..9ad1f1d 100644
  
  	switch (ss->ss_family) {
 diff --git a/net/compat.c b/net/compat.c
-index dd32e34..0529c9c 100644
+index dd32e34..94fa415 100644
 --- a/net/compat.c
 +++ b/net/compat.c
 @@ -73,9 +73,9 @@ int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr __user *umsg)
@@ -95586,16 +95586,31 @@ index dd32e34..0529c9c 100644
  	struct group_filter __user *kgf;
  	int __user	*koptlen;
  	u32 interface, fmode, numsrc;
-@@ -783,7 +783,7 @@ asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
- 	if (COMPAT_USE_64BIT_TIME)
- 		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
- 				      flags | MSG_CMSG_COMPAT,
--				      (struct timespec *) timeout);
-+				      (struct timespec __force_kernel *) timeout);
+@@ -780,21 +780,16 @@ asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
+ 	if (flags & MSG_CMSG_COMPAT)
+ 		return -EINVAL;
  
+-	if (COMPAT_USE_64BIT_TIME)
+-		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
+-				      flags | MSG_CMSG_COMPAT,
+-				      (struct timespec *) timeout);
+-
  	if (timeout == NULL)
  		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
-@@ -808,7 +808,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
+ 				      flags | MSG_CMSG_COMPAT, NULL);
+ 
+-	if (get_compat_timespec(&ktspec, timeout))
++	if (compat_get_timespec(&ktspec, timeout))
+ 		return -EFAULT;
+ 
+ 	datagrams = __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
+ 				   flags | MSG_CMSG_COMPAT, &ktspec);
+-	if (datagrams > 0 && put_compat_timespec(&ktspec, timeout))
++	if (datagrams > 0 && compat_put_timespec(&ktspec, timeout))
+ 		datagrams = -EFAULT;
+ 
+ 	return datagrams;
+@@ -808,7 +803,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
  
  	if (call < SYS_SOCKET || call > SYS_SENDMMSG)
  		return -EINVAL;

diff --git a/3.13.0/4425_grsec_remove_EI_PAX.patch b/3.13.1/4425_grsec_remove_EI_PAX.patch
similarity index 100%
rename from 3.13.0/4425_grsec_remove_EI_PAX.patch
rename to 3.13.1/4425_grsec_remove_EI_PAX.patch

diff --git a/3.13.0/4427_force_XATTR_PAX_tmpfs.patch b/3.13.1/4427_force_XATTR_PAX_tmpfs.patch
similarity index 100%
rename from 3.13.0/4427_force_XATTR_PAX_tmpfs.patch
rename to 3.13.1/4427_force_XATTR_PAX_tmpfs.patch

diff --git a/3.13.0/4430_grsec-remove-localversion-grsec.patch b/3.13.1/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 3.13.0/4430_grsec-remove-localversion-grsec.patch
rename to 3.13.1/4430_grsec-remove-localversion-grsec.patch

diff --git a/3.13.0/4435_grsec-mute-warnings.patch b/3.13.1/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 3.13.0/4435_grsec-mute-warnings.patch
rename to 3.13.1/4435_grsec-mute-warnings.patch

diff --git a/3.13.0/4440_grsec-remove-protected-paths.patch b/3.13.1/4440_grsec-remove-protected-paths.patch
similarity index 100%
rename from 3.13.0/4440_grsec-remove-protected-paths.patch
rename to 3.13.1/4440_grsec-remove-protected-paths.patch

diff --git a/3.13.0/4450_grsec-kconfig-default-gids.patch b/3.13.1/4450_grsec-kconfig-default-gids.patch
similarity index 100%
rename from 3.13.0/4450_grsec-kconfig-default-gids.patch
rename to 3.13.1/4450_grsec-kconfig-default-gids.patch

diff --git a/3.13.0/4465_selinux-avc_audit-log-curr_ip.patch b/3.13.1/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 100%
rename from 3.13.0/4465_selinux-avc_audit-log-curr_ip.patch
rename to 3.13.1/4465_selinux-avc_audit-log-curr_ip.patch

diff --git a/3.13.0/4470_disable-compat_vdso.patch b/3.13.1/4470_disable-compat_vdso.patch
similarity index 100%
rename from 3.13.0/4470_disable-compat_vdso.patch
rename to 3.13.1/4470_disable-compat_vdso.patch

diff --git a/3.13.0/4475_emutramp_default_on.patch b/3.13.1/4475_emutramp_default_on.patch
similarity index 100%
rename from 3.13.0/4475_emutramp_default_on.patch
rename to 3.13.1/4475_emutramp_default_on.patch


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2014-02-01 17:19 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-02-01 17:19 [gentoo-commits] proj/hardened-patchset:master commit in: 3.13.1/, 3.13.0/ Anthony G. Basile

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox