[gentoo-commits] proj/hardened-patchset:master commit in: 2.6.32/, 3.0.7/

["Anthony G. Basile" <blueness@gentoo.org>]

commit:     be3fdfc1030dfff96c419b4e9b22308c69926ec0
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Fri Oct 21 21:40:42 2011 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Fri Oct 21 21:40:42 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=be3fdfc1

Grsec/PaX: 2.2.2-2.6.32.46-201110200052 + 2.2.2-3.0.7-201110200052

---
 2.6.32/0000_README                                 |    2 +-
 ..._grsecurity-2.2.2-2.6.32.46-201110200052.patch} |    7 ++++---
 3.0.7/0000_README                                  |    2 +-
 ...4420_grsecurity-2.2.2-3.0.7-201110200052.patch} |   14 ++++++++------
 4 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index fda316c..54860bc 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
 
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch
+Patch:	4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 

diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch
rename to 2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch
index 4c56198..64e8748 100644
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110191214.patch
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.46-201110200052.patch
@@ -62660,8 +62660,8 @@ diff -urNp linux-2.6.32.46/include/linux/grdefs.h linux-2.6.32.46/include/linux/
 +#endif
 diff -urNp linux-2.6.32.46/include/linux/grinternal.h linux-2.6.32.46/include/linux/grinternal.h
 --- linux-2.6.32.46/include/linux/grinternal.h	1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.46/include/linux/grinternal.h	2011-08-11 19:58:37.000000000 -0400
-@@ -0,0 +1,217 @@
++++ linux-2.6.32.46/include/linux/grinternal.h	2011-10-20 00:48:45.000000000 -0400
+@@ -0,0 +1,218 @@
 +#ifndef __GRINTERNAL_H
 +#define __GRINTERNAL_H
 +
@@ -62785,7 +62785,8 @@ diff -urNp linux-2.6.32.46/include/linux/grinternal.h linux-2.6.32.46/include/li
 +	CAP_TO_MASK(CAP_SYS_PACCT) | CAP_TO_MASK(CAP_SYS_ADMIN) | \
 +	CAP_TO_MASK(CAP_SYS_BOOT) | CAP_TO_MASK(CAP_SYS_TIME) | \
 +	CAP_TO_MASK(CAP_NET_RAW) | CAP_TO_MASK(CAP_SYS_TTY_CONFIG) | \
-+	CAP_TO_MASK(CAP_IPC_OWNER) , 0 }}
++	CAP_TO_MASK(CAP_IPC_OWNER) | CAP_TO_MASK(CAP_SETFCAP), \
++	CAP_TO_MASK(CAP_MAC_ADMIN) }}
 +
 +#define security_learn(normal_msg,args...) \
 +({ \

diff --git a/3.0.7/0000_README b/3.0.7/0000_README
index f57a73c..406c7d8 100644
--- a/3.0.7/0000_README
+++ b/3.0.7/0000_README
@@ -7,7 +7,7 @@ Patch:	1006_linux-3.0.7.patch
 From:	http://www.kernel.org
 Desc:	Linux 3.0.7
 
-Patch:	4420_grsecurity-2.2.2-3.0.7-201110191214.patch
+Patch:	4420_grsecurity-2.2.2-3.0.7-201110200052.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 

diff --git a/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch b/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch
similarity index 99%
rename from 3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch
rename to 3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch
index acce39b..de32794 100644
--- a/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110191214.patch
+++ b/3.0.7/4420_grsecurity-2.2.2-3.0.7-201110200052.patch
@@ -54654,8 +54654,8 @@ diff -urNp linux-3.0.7/grsecurity/grsec_disabled.c linux-3.0.7/grsecurity/grsec_
 +#endif
 diff -urNp linux-3.0.7/grsecurity/grsec_exec.c linux-3.0.7/grsecurity/grsec_exec.c
 --- linux-3.0.7/grsecurity/grsec_exec.c	1969-12-31 19:00:00.000000000 -0500
-+++ linux-3.0.7/grsecurity/grsec_exec.c	2011-09-14 09:20:28.000000000 -0400
-@@ -0,0 +1,145 @@
++++ linux-3.0.7/grsecurity/grsec_exec.c	2011-10-20 00:50:54.000000000 -0400
+@@ -0,0 +1,146 @@
 +#include <linux/kernel.h>
 +#include <linux/sched.h>
 +#include <linux/file.h>
@@ -54772,7 +54772,8 @@ diff -urNp linux-3.0.7/grsecurity/grsec_exec.c linux-3.0.7/grsecurity/grsec_exec
 +	"CAP_SETFCAP",
 +	"CAP_MAC_OVERRIDE",
 +	"CAP_MAC_ADMIN",
-+	"CAP_SYSLOG"
++	"CAP_SYSLOG",
++	"CAP_WAKE_ALARM"
 +};
 +
 +int captab_log_entries = sizeof(captab_log)/sizeof(captab_log[0]);
@@ -58301,8 +58302,8 @@ diff -urNp linux-3.0.7/include/linux/grdefs.h linux-3.0.7/include/linux/grdefs.h
 +#endif
 diff -urNp linux-3.0.7/include/linux/grinternal.h linux-3.0.7/include/linux/grinternal.h
 --- linux-3.0.7/include/linux/grinternal.h	1969-12-31 19:00:00.000000000 -0500
-+++ linux-3.0.7/include/linux/grinternal.h	2011-10-17 00:25:19.000000000 -0400
-@@ -0,0 +1,219 @@
++++ linux-3.0.7/include/linux/grinternal.h	2011-10-20 00:47:28.000000000 -0400
+@@ -0,0 +1,220 @@
 +#ifndef __GRINTERNAL_H
 +#define __GRINTERNAL_H
 +
@@ -58427,7 +58428,8 @@ diff -urNp linux-3.0.7/include/linux/grinternal.h linux-3.0.7/include/linux/grin
 +	CAP_TO_MASK(CAP_SYS_PACCT) | CAP_TO_MASK(CAP_SYS_ADMIN) | \
 +	CAP_TO_MASK(CAP_SYS_BOOT) | CAP_TO_MASK(CAP_SYS_TIME) | \
 +	CAP_TO_MASK(CAP_NET_RAW) | CAP_TO_MASK(CAP_SYS_TTY_CONFIG) | \
-+	CAP_TO_MASK(CAP_IPC_OWNER) , CAP_TO_MASK(CAP_SYSLOG) }}
++	CAP_TO_MASK(CAP_IPC_OWNER) | CAP_TO_MASK(CAP_SETFCAP), \
++	CAP_TO_MASK(CAP_SYSLOG) | CAP_TO_MASK(CAP_MAC_ADMIN) }}
 +
 +#define security_learn(normal_msg,args...) \
 +({ \