summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--2.6.32/0000_README2
-rw-r--r--2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107191826.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107142110.patch)110
-rw-r--r--2.6.39/0000_README2
-rw-r--r--2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107191826.patch (renamed from 2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107161559.patch)99
4 files changed, 142 insertions, 71 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index b4d5b5c..d1f7ce8 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.2-2.6.32.43-201107142110.patch
+Patch: 4420_grsecurity-2.2.2-2.6.32.43-201107191826.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107142110.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107191826.patch
index f729b69..27cdae4 100644
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107142110.patch
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.43-201107191826.patch
@@ -15572,8 +15572,18 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/module.c linux-2.6.32.43/arch/x86/ker
goto overflow;
diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/kernel/paravirt.c
--- linux-2.6.32.43/arch/x86/kernel/paravirt.c 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.43/arch/x86/kernel/paravirt.c 2011-05-16 21:46:57.000000000 -0400
-@@ -122,7 +122,7 @@ unsigned paravirt_patch_jmp(void *insnbu
++++ linux-2.6.32.43/arch/x86/kernel/paravirt.c 2011-07-19 18:26:50.000000000 -0400
+@@ -53,6 +53,9 @@ u64 _paravirt_ident_64(u64 x)
+ {
+ return x;
+ }
++#if defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
++PV_CALLEE_SAVE_REGS_THUNK(_paravirt_ident_64);
++#endif
+
+ void __init default_banner(void)
+ {
+@@ -122,7 +125,7 @@ unsigned paravirt_patch_jmp(void *insnbu
* corresponding structure. */
static void *get_call_destination(u8 type)
{
@@ -15582,7 +15592,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
.pv_init_ops = pv_init_ops,
.pv_time_ops = pv_time_ops,
.pv_cpu_ops = pv_cpu_ops,
-@@ -133,6 +133,9 @@ static void *get_call_destination(u8 typ
+@@ -133,6 +136,9 @@ static void *get_call_destination(u8 typ
.pv_lock_ops = pv_lock_ops,
#endif
};
@@ -15592,7 +15602,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
return *((void **)&tmpl + type);
}
-@@ -145,14 +148,14 @@ unsigned paravirt_patch_default(u8 type,
+@@ -145,15 +151,19 @@ unsigned paravirt_patch_default(u8 type,
if (opfunc == NULL)
/* If there's no function, patch it with a ud2a (BUG) */
ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a));
@@ -15608,9 +15618,14 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
- else if (opfunc == _paravirt_ident_64)
+ else if (opfunc == (void *)_paravirt_ident_64)
ret = paravirt_patch_ident_64(insnbuf, len);
++#if defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
++ else if (opfunc == (void *)__raw_callee_save__paravirt_ident_64)
++ ret = paravirt_patch_ident_64(insnbuf, len);
++#endif
else if (type == PARAVIRT_PATCH(pv_cpu_ops.iret) ||
-@@ -178,7 +181,7 @@ unsigned paravirt_patch_insns(void *insn
+ type == PARAVIRT_PATCH(pv_cpu_ops.irq_enable_sysexit) ||
+@@ -178,7 +188,7 @@ unsigned paravirt_patch_insns(void *insn
if (insn_len > len || start == NULL)
insn_len = len;
else
@@ -15619,7 +15634,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
return insn_len;
}
-@@ -294,22 +297,22 @@ void arch_flush_lazy_mmu_mode(void)
+@@ -294,22 +304,22 @@ void arch_flush_lazy_mmu_mode(void)
preempt_enable();
}
@@ -15646,7 +15661,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
.save_fl = __PV_IS_CALLEE_SAVE(native_save_fl),
.restore_fl = __PV_IS_CALLEE_SAVE(native_restore_fl),
.irq_disable = __PV_IS_CALLEE_SAVE(native_irq_disable),
-@@ -321,7 +324,7 @@ struct pv_irq_ops pv_irq_ops = {
+@@ -321,7 +331,7 @@ struct pv_irq_ops pv_irq_ops = {
#endif
};
@@ -15655,7 +15670,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
.cpuid = native_cpuid,
.get_debugreg = native_get_debugreg,
.set_debugreg = native_set_debugreg,
-@@ -382,7 +385,7 @@ struct pv_cpu_ops pv_cpu_ops = {
+@@ -382,21 +392,26 @@ struct pv_cpu_ops pv_cpu_ops = {
.end_context_switch = paravirt_nop,
};
@@ -15664,7 +15679,19 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
#ifdef CONFIG_X86_LOCAL_APIC
.startup_ipi_hook = paravirt_nop,
#endif
-@@ -396,7 +399,7 @@ struct pv_apic_ops pv_apic_ops = {
+ };
+
+-#if defined(CONFIG_X86_32) && !defined(CONFIG_X86_PAE)
++#ifdef CONFIG_X86_32
++#ifdef CONFIG_X86_PAE
++/* 64-bit pagetable entries */
++#define PTE_IDENT PV_CALLEE_SAVE(_paravirt_ident_64)
++#else
+ /* 32-bit pagetable entries */
+ #define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_32)
++#endif
+ #else
+ /* 64-bit pagetable entries */
#define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_64)
#endif
@@ -15673,7 +15700,7 @@ diff -urNp linux-2.6.32.43/arch/x86/kernel/paravirt.c linux-2.6.32.43/arch/x86/k
.read_cr2 = native_read_cr2,
.write_cr2 = native_write_cr2,
-@@ -467,6 +470,12 @@ struct pv_mmu_ops pv_mmu_ops = {
+@@ -467,6 +482,12 @@ struct pv_mmu_ops pv_mmu_ops = {
},
.set_fixmap = native_set_fixmap,
@@ -20339,8 +20366,16 @@ diff -urNp linux-2.6.32.43/arch/x86/lib/usercopy_64.c linux-2.6.32.43/arch/x86/l
diff -urNp linux-2.6.32.43/arch/x86/Makefile linux-2.6.32.43/arch/x86/Makefile
--- linux-2.6.32.43/arch/x86/Makefile 2011-03-27 14:31:47.000000000 -0400
-+++ linux-2.6.32.43/arch/x86/Makefile 2011-04-17 15:56:46.000000000 -0400
-@@ -189,3 +189,12 @@ define archhelp
++++ linux-2.6.32.43/arch/x86/Makefile 2011-07-19 18:16:02.000000000 -0400
+@@ -44,6 +44,7 @@ ifeq ($(CONFIG_X86_32),y)
+ else
+ BITS := 64
+ UTS_MACHINE := x86_64
++ biarch := $(call cc-option,-m64)
+ CHECKFLAGS += -D__x86_64__ -m64
+
+ KBUILD_AFLAGS += -m64
+@@ -189,3 +190,12 @@ define archhelp
echo ' FDARGS="..." arguments for the booted kernel'
echo ' FDINITRD=file initrd for the booted kernel'
endef
@@ -50202,8 +50237,8 @@ diff -urNp linux-2.6.32.43/grsecurity/grsec_chdir.c linux-2.6.32.43/grsecurity/g
+}
diff -urNp linux-2.6.32.43/grsecurity/grsec_chroot.c linux-2.6.32.43/grsecurity/grsec_chroot.c
--- linux-2.6.32.43/grsecurity/grsec_chroot.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.43/grsecurity/grsec_chroot.c 2011-07-14 19:24:30.000000000 -0400
-@@ -0,0 +1,378 @@
++++ linux-2.6.32.43/grsecurity/grsec_chroot.c 2011-07-18 17:14:10.000000000 -0400
+@@ -0,0 +1,384 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -50429,14 +50464,19 @@ diff -urNp linux-2.6.32.43/grsecurity/grsec_chroot.c linux-2.6.32.43/grsecurity/
+
+ if ((p = find_task_by_vpid_unrestricted(shm_cprid))) {
+ starttime = p->start_time.tv_sec;
-+ if (unlikely(!have_same_root(current, p) &&
-+ time_before_eq((unsigned long)starttime, (unsigned long)shm_createtime))) {
-+ read_unlock(&tasklist_lock);
-+ rcu_read_unlock();
-+ gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
-+ return 0;
++ if (time_before_eq((unsigned long)starttime, (unsigned long)shm_createtime)) {
++ if (have_same_root(current, p)) {
++ goto allow;
++ } else {
++ read_unlock(&tasklist_lock);
++ rcu_read_unlock();
++ gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
++ return 0;
++ }
+ }
-+ } else if ((p = find_task_by_vpid_unrestricted(shm_lapid))) {
++ /* creator exited, pid reuse, fall through to next check */
++ }
++ if ((p = find_task_by_vpid_unrestricted(shm_lapid))) {
+ if (unlikely(!have_same_root(current, p))) {
+ read_unlock(&tasklist_lock);
+ rcu_read_unlock();
@@ -50445,6 +50485,7 @@ diff -urNp linux-2.6.32.43/grsecurity/grsec_chroot.c linux-2.6.32.43/grsecurity/
+ }
+ }
+
++allow:
+ read_unlock(&tasklist_lock);
+ rcu_read_unlock();
+#endif
@@ -70775,7 +70816,7 @@ diff -urNp linux-2.6.32.43/net/sysctl_net.c linux-2.6.32.43/net/sysctl_net.c
}
diff -urNp linux-2.6.32.43/net/unix/af_unix.c linux-2.6.32.43/net/unix/af_unix.c
--- linux-2.6.32.43/net/unix/af_unix.c 2011-05-10 22:12:02.000000000 -0400
-+++ linux-2.6.32.43/net/unix/af_unix.c 2011-05-10 22:12:34.000000000 -0400
++++ linux-2.6.32.43/net/unix/af_unix.c 2011-07-18 18:17:33.000000000 -0400
@@ -745,6 +745,12 @@ static struct sock *unix_find_other(stru
err = -ECONNREFUSED;
if (!S_ISSOCK(inode->i_mode))
@@ -70822,18 +70863,7 @@ diff -urNp linux-2.6.32.43/net/unix/af_unix.c linux-2.6.32.43/net/unix/af_unix.c
mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
dput(nd.path.dentry);
nd.path.dentry = dentry;
-@@ -872,6 +892,10 @@ out_mknod_drop_write:
- goto out_unlock;
- }
-
-+#ifdef CONFIG_GRKERNSEC_CHROOT_UNIX
-+ sk->sk_peercred.pid = current->pid;
-+#endif
-+
- list = &unix_socket_table[addr->hash];
- } else {
- list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)];
-@@ -2211,7 +2235,11 @@ static int unix_seq_show(struct seq_file
+@@ -2211,7 +2231,11 @@ static int unix_seq_show(struct seq_file
unix_state_lock(s);
seq_printf(seq, "%p: %08X %08X %08X %04X %02X %5lu",
@@ -71245,6 +71275,18 @@ diff -urNp linux-2.6.32.43/scripts/mod/sumversion.c linux-2.6.32.43/scripts/mod/
warn("writing sum in %s failed: %s\n",
filename, strerror(errno));
goto out;
+diff -urNp linux-2.6.32.43/scripts/package/mkspec linux-2.6.32.43/scripts/package/mkspec
+--- linux-2.6.32.43/scripts/package/mkspec 2011-03-27 14:31:47.000000000 -0400
++++ linux-2.6.32.43/scripts/package/mkspec 2011-07-19 18:19:12.000000000 -0400
+@@ -70,7 +70,7 @@ echo 'mkdir -p $RPM_BUILD_ROOT/boot $RPM
+ echo 'mkdir -p $RPM_BUILD_ROOT/lib/firmware'
+ echo "%endif"
+
+-echo 'INSTALL_MOD_PATH=$RPM_BUILD_ROOT make %{_smp_mflags} KBUILD_SRC= modules_install'
++echo 'INSTALL_MOD_PATH=$RPM_BUILD_ROOT make %{?_smp_mflags} KBUILD_SRC= modules_install'
+ echo "%ifarch ia64"
+ echo 'cp $KBUILD_IMAGE $RPM_BUILD_ROOT'"/boot/efi/vmlinuz-$KERNELRELEASE"
+ echo 'ln -s '"efi/vmlinuz-$KERNELRELEASE" '$RPM_BUILD_ROOT'"/boot/"
diff -urNp linux-2.6.32.43/scripts/pnmtologo.c linux-2.6.32.43/scripts/pnmtologo.c
--- linux-2.6.32.43/scripts/pnmtologo.c 2011-03-27 14:31:47.000000000 -0400
+++ linux-2.6.32.43/scripts/pnmtologo.c 2011-04-17 15:56:46.000000000 -0400
diff --git a/2.6.39/0000_README b/2.6.39/0000_README
index 4559efd..66fcae4 100644
--- a/2.6.39/0000_README
+++ b/2.6.39/0000_README
@@ -3,7 +3,7 @@ README
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.2.2-2.6.39.3-201107161559.patch
+Patch: 4420_grsecurity-2.2.2-2.6.39.3-201107191826.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107161559.patch b/2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107191826.patch
index b63ab98..f85e905 100644
--- a/2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107161559.patch
+++ b/2.6.39/4420_grsecurity-2.2.2-2.6.39.3-201107191826.patch
@@ -16527,8 +16527,18 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/module.c linux-2.6.39.3/arch/x86/kerne
goto overflow;
diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/kernel/paravirt.c
--- linux-2.6.39.3/arch/x86/kernel/paravirt.c 2011-05-19 00:06:34.000000000 -0400
-+++ linux-2.6.39.3/arch/x86/kernel/paravirt.c 2011-05-22 19:36:30.000000000 -0400
-@@ -122,7 +122,7 @@ unsigned paravirt_patch_jmp(void *insnbu
++++ linux-2.6.39.3/arch/x86/kernel/paravirt.c 2011-07-19 18:26:58.000000000 -0400
+@@ -53,6 +53,9 @@ u64 _paravirt_ident_64(u64 x)
+ {
+ return x;
+ }
++#if defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
++PV_CALLEE_SAVE_REGS_THUNK(_paravirt_ident_64);
++#endif
+
+ void __init default_banner(void)
+ {
+@@ -122,7 +125,7 @@ unsigned paravirt_patch_jmp(void *insnbu
* corresponding structure. */
static void *get_call_destination(u8 type)
{
@@ -16537,7 +16547,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
.pv_init_ops = pv_init_ops,
.pv_time_ops = pv_time_ops,
.pv_cpu_ops = pv_cpu_ops,
-@@ -133,6 +133,9 @@ static void *get_call_destination(u8 typ
+@@ -133,6 +136,9 @@ static void *get_call_destination(u8 typ
.pv_lock_ops = pv_lock_ops,
#endif
};
@@ -16547,7 +16557,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
return *((void **)&tmpl + type);
}
-@@ -145,14 +148,14 @@ unsigned paravirt_patch_default(u8 type,
+@@ -145,15 +151,19 @@ unsigned paravirt_patch_default(u8 type,
if (opfunc == NULL)
/* If there's no function, patch it with a ud2a (BUG) */
ret = paravirt_patch_insns(insnbuf, len, ud2a, ud2a+sizeof(ud2a));
@@ -16563,9 +16573,14 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
- else if (opfunc == _paravirt_ident_64)
+ else if (opfunc == (void *)_paravirt_ident_64)
ret = paravirt_patch_ident_64(insnbuf, len);
++#if defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
++ else if (opfunc == (void *)__raw_callee_save__paravirt_ident_64)
++ ret = paravirt_patch_ident_64(insnbuf, len);
++#endif
else if (type == PARAVIRT_PATCH(pv_cpu_ops.iret) ||
-@@ -178,7 +181,7 @@ unsigned paravirt_patch_insns(void *insn
+ type == PARAVIRT_PATCH(pv_cpu_ops.irq_enable_sysexit) ||
+@@ -178,7 +188,7 @@ unsigned paravirt_patch_insns(void *insn
if (insn_len > len || start == NULL)
insn_len = len;
else
@@ -16574,7 +16589,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
return insn_len;
}
-@@ -294,22 +297,22 @@ void arch_flush_lazy_mmu_mode(void)
+@@ -294,22 +304,22 @@ void arch_flush_lazy_mmu_mode(void)
preempt_enable();
}
@@ -16601,7 +16616,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
.save_fl = __PV_IS_CALLEE_SAVE(native_save_fl),
.restore_fl = __PV_IS_CALLEE_SAVE(native_restore_fl),
.irq_disable = __PV_IS_CALLEE_SAVE(native_irq_disable),
-@@ -321,7 +324,7 @@ struct pv_irq_ops pv_irq_ops = {
+@@ -321,7 +331,7 @@ struct pv_irq_ops pv_irq_ops = {
#endif
};
@@ -16610,7 +16625,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
.cpuid = native_cpuid,
.get_debugreg = native_get_debugreg,
.set_debugreg = native_set_debugreg,
-@@ -382,7 +385,7 @@ struct pv_cpu_ops pv_cpu_ops = {
+@@ -382,21 +392,26 @@ struct pv_cpu_ops pv_cpu_ops = {
.end_context_switch = paravirt_nop,
};
@@ -16619,7 +16634,19 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
#ifdef CONFIG_X86_LOCAL_APIC
.startup_ipi_hook = paravirt_nop,
#endif
-@@ -396,7 +399,7 @@ struct pv_apic_ops pv_apic_ops = {
+ };
+
+-#if defined(CONFIG_X86_32) && !defined(CONFIG_X86_PAE)
++#ifdef CONFIG_X86_32
++#ifdef CONFIG_X86_PAE
++/* 64-bit pagetable entries */
++#define PTE_IDENT PV_CALLEE_SAVE(_paravirt_ident_64)
++#else
+ /* 32-bit pagetable entries */
+ #define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_32)
++#endif
+ #else
+ /* 64-bit pagetable entries */
#define PTE_IDENT __PV_IS_CALLEE_SAVE(_paravirt_ident_64)
#endif
@@ -16628,7 +16655,7 @@ diff -urNp linux-2.6.39.3/arch/x86/kernel/paravirt.c linux-2.6.39.3/arch/x86/ker
.read_cr2 = native_read_cr2,
.write_cr2 = native_write_cr2,
-@@ -465,6 +468,12 @@ struct pv_mmu_ops pv_mmu_ops = {
+@@ -465,6 +480,12 @@ struct pv_mmu_ops pv_mmu_ops = {
},
.set_fixmap = native_set_fixmap,
@@ -21193,8 +21220,16 @@ diff -urNp linux-2.6.39.3/arch/x86/lib/usercopy_64.c linux-2.6.39.3/arch/x86/lib
diff -urNp linux-2.6.39.3/arch/x86/Makefile linux-2.6.39.3/arch/x86/Makefile
--- linux-2.6.39.3/arch/x86/Makefile 2011-05-19 00:06:34.000000000 -0400
-+++ linux-2.6.39.3/arch/x86/Makefile 2011-05-22 19:36:30.000000000 -0400
-@@ -195,3 +195,12 @@ define archhelp
++++ linux-2.6.39.3/arch/x86/Makefile 2011-07-19 18:16:36.000000000 -0400
+@@ -44,6 +44,7 @@ ifeq ($(CONFIG_X86_32),y)
+ else
+ BITS := 64
+ UTS_MACHINE := x86_64
++ biarch := $(call cc-option,-m64)
+ CHECKFLAGS += -D__x86_64__ -m64
+
+ KBUILD_AFLAGS += -m64
+@@ -195,3 +196,12 @@ define archhelp
echo ' FDARGS="..." arguments for the booted kernel'
echo ' FDINITRD=file initrd for the booted kernel'
endef
@@ -57458,8 +57493,8 @@ diff -urNp linux-2.6.39.3/grsecurity/grsec_chdir.c linux-2.6.39.3/grsecurity/grs
+}
diff -urNp linux-2.6.39.3/grsecurity/grsec_chroot.c linux-2.6.39.3/grsecurity/grsec_chroot.c
--- linux-2.6.39.3/grsecurity/grsec_chroot.c 1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.39.3/grsecurity/grsec_chroot.c 2011-07-16 15:27:28.000000000 -0400
-@@ -0,0 +1,343 @@
++++ linux-2.6.39.3/grsecurity/grsec_chroot.c 2011-07-18 17:20:05.000000000 -0400
+@@ -0,0 +1,349 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -57650,14 +57685,19 @@ diff -urNp linux-2.6.39.3/grsecurity/grsec_chroot.c linux-2.6.39.3/grsecurity/gr
+
+ if ((p = find_task_by_vpid_unrestricted(shm_cprid))) {
+ starttime = p->start_time.tv_sec;
-+ if (unlikely(!have_same_root(current, p) &&
-+ time_before_eq((unsigned long)starttime, (unsigned long)shm_createtime))) {
-+ read_unlock(&tasklist_lock);
-+ rcu_read_unlock();
-+ gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
-+ return 0;
++ if (time_before_eq((unsigned long)starttime, (unsigned long)shm_createtime)) {
++ if (have_same_root(current, p)) {
++ goto allow;
++ } else {
++ read_unlock(&tasklist_lock);
++ rcu_read_unlock();
++ gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
++ return 0;
++ }
+ }
-+ } else if ((p = find_task_by_vpid_unrestricted(shm_lapid))) {
++ /* creator exited, pid reuse, fall through to next check */
++ }
++ if ((p = find_task_by_vpid_unrestricted(shm_lapid))) {
+ if (unlikely(!have_same_root(current, p))) {
+ read_unlock(&tasklist_lock);
+ rcu_read_unlock();
@@ -57666,6 +57706,7 @@ diff -urNp linux-2.6.39.3/grsecurity/grsec_chroot.c linux-2.6.39.3/grsecurity/gr
+ }
+ }
+
++allow:
+ read_unlock(&tasklist_lock);
+ rcu_read_unlock();
+#endif
@@ -79332,7 +79373,7 @@ diff -urNp linux-2.6.39.3/net/sysctl_net.c linux-2.6.39.3/net/sysctl_net.c
}
diff -urNp linux-2.6.39.3/net/unix/af_unix.c linux-2.6.39.3/net/unix/af_unix.c
--- linux-2.6.39.3/net/unix/af_unix.c 2011-05-19 00:06:34.000000000 -0400
-+++ linux-2.6.39.3/net/unix/af_unix.c 2011-07-16 15:36:42.000000000 -0400
++++ linux-2.6.39.3/net/unix/af_unix.c 2011-07-18 18:16:27.000000000 -0400
@@ -767,6 +767,12 @@ static struct sock *unix_find_other(stru
err = -ECONNREFUSED;
if (!S_ISSOCK(inode->i_mode))
@@ -79379,19 +79420,7 @@ diff -urNp linux-2.6.39.3/net/unix/af_unix.c linux-2.6.39.3/net/unix/af_unix.c
mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
dput(nd.path.dentry);
nd.path.dentry = dentry;
-@@ -894,6 +914,11 @@ out_mknod_drop_write:
- goto out_unlock;
- }
-
-+#ifdef CONFIG_GRKERNSEC_CHROOT_UNIX
-+ put_pid(sk->sk_peer_pid);
-+ sk->sk_peer_pid = get_pid(task_tgid(current));
-+#endif
-+
- list = &unix_socket_table[addr->hash];
- } else {
- list = &unix_socket_table[dentry->d_inode->i_ino & (UNIX_HASH_SIZE-1)];
-@@ -2255,7 +2280,11 @@ static int unix_seq_show(struct seq_file
+@@ -2255,7 +2275,11 @@ static int unix_seq_show(struct seq_file
unix_state_lock(s);
seq_printf(seq, "%p: %08X %08X %08X %04X %02X %5lu",