commit: fe9cd0792773d512df74e504d2ef92946d02f6da Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Tue Jun 28 11:24:47 2016 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Tue Jun 28 11:24:47 2016 +0000 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=fe9cd079
grsecurity-3.1-4.5.7-201606280009 4.5.7/0000_README | 2 +- ...> 4420_grsecurity-3.1-4.5.7-201606280009.patch} | 32 ++++++++++++---------- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/4.5.7/0000_README b/4.5.7/0000_README index b74a9dd..bdf9f5e 100644 --- a/4.5.7/0000_README +++ b/4.5.7/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-4.5.7-201606262019.patch +Patch: 4420_grsecurity-3.1-4.5.7-201606280009.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.5.7/4420_grsecurity-3.1-4.5.7-201606262019.patch b/4.5.7/4420_grsecurity-3.1-4.5.7-201606280009.patch similarity index 99% rename from 4.5.7/4420_grsecurity-3.1-4.5.7-201606262019.patch rename to 4.5.7/4420_grsecurity-3.1-4.5.7-201606280009.patch index 3d3b9d3..f3179f6 100644 --- a/4.5.7/4420_grsecurity-3.1-4.5.7-201606262019.patch +++ b/4.5.7/4420_grsecurity-3.1-4.5.7-201606280009.patch @@ -98058,7 +98058,7 @@ index e4141f2..d8263e8 100644 i += packet_length_size; if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) diff --git a/fs/exec.c b/fs/exec.c -index dcd4ac7..f651515 100644 +index dcd4ac7..7a1a7dc 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -56,8 +56,20 @@ @@ -98572,7 +98572,7 @@ index dcd4ac7..f651515 100644 out: if (bprm->mm) { acct_arg_size(bprm, 0); -@@ -1749,3 +1930,319 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, +@@ -1749,3 +1930,316 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, argv, envp, flags); } #endif @@ -98719,10 +98719,7 @@ index dcd4ac7..f651515 100644 + printk(KERN_EMERG "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", current->comm, task_pid_nr(current), + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid())); + print_symbol(KERN_EMERG "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs)); -+ preempt_disable(); -+ show_regs(regs); -+ preempt_enable(); -+ force_sig_info(SIGKILL, SEND_SIG_FORCED, current); ++ BUG(); +} +#endif + @@ -139266,7 +139263,7 @@ index c112abb..49d919f 100644 if (wo->wo_flags & __WNOTHREAD) break; diff --git a/kernel/fork.c b/kernel/fork.c -index 2e391c7..4af22a9 100644 +index 2e391c7..87a5bfe 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -188,12 +188,55 @@ static void free_thread_info(struct thread_info *ti) @@ -139655,7 +139652,7 @@ index 2e391c7..4af22a9 100644 if (atomic_read(&p->real_cred->user->processes) >= task_rlimit(p, RLIMIT_NPROC)) { if (p->real_cred->user != INIT_USER && -@@ -1568,6 +1681,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1568,6 +1681,16 @@ static struct task_struct *copy_process(unsigned long clone_flags, goto bad_fork_cancel_cgroup; } @@ -139664,10 +139661,15 @@ index 2e391c7..4af22a9 100644 + */ + gr_copy_label(p); + ++#ifdef CONFIG_GRKERNSEC_SETXID ++ if (p->delayed_cred) ++ get_cred(p->delayed_cred); ++#endif ++ if (likely(p->pid)) { ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace); -@@ -1657,6 +1775,8 @@ bad_fork_cleanup_count: +@@ -1657,6 +1780,8 @@ bad_fork_cleanup_count: bad_fork_free: free_task(p); fork_out: @@ -139676,7 +139678,7 @@ index 2e391c7..4af22a9 100644 return ERR_PTR(retval); } -@@ -1719,6 +1839,7 @@ long _do_fork(unsigned long clone_flags, +@@ -1719,6 +1844,7 @@ long _do_fork(unsigned long clone_flags, p = copy_process(clone_flags, stack_start, stack_size, child_tidptr, NULL, trace, tls); @@ -139684,7 +139686,7 @@ index 2e391c7..4af22a9 100644 /* * Do this prior waking up the new thread - the thread pointer * might get invalid after that point, if the thread exits quickly. -@@ -1735,6 +1856,8 @@ long _do_fork(unsigned long clone_flags, +@@ -1735,6 +1861,8 @@ long _do_fork(unsigned long clone_flags, if (clone_flags & CLONE_PARENT_SETTID) put_user(nr, parent_tidptr); @@ -139693,7 +139695,7 @@ index 2e391c7..4af22a9 100644 if (clone_flags & CLONE_VFORK) { p->vfork_done = &vfork; init_completion(&vfork); -@@ -1871,7 +1994,7 @@ void __init proc_caches_init(void) +@@ -1871,7 +1999,7 @@ void __init proc_caches_init(void) sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK|SLAB_ACCOUNT, NULL); @@ -139702,7 +139704,7 @@ index 2e391c7..4af22a9 100644 mmap_init(); nsproxy_cache_init(); } -@@ -1919,7 +2042,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) +@@ -1919,7 +2047,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) return 0; /* don't need lock here; in the worst case we'll do useless copy */ @@ -139711,7 +139713,7 @@ index 2e391c7..4af22a9 100644 return 0; *new_fsp = copy_fs_struct(fs); -@@ -2032,7 +2155,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -2032,7 +2160,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) fs = current->fs; spin_lock(&fs->lock); current->fs = new_fs; @@ -139721,7 +139723,7 @@ index 2e391c7..4af22a9 100644 new_fs = NULL; else new_fs = fs; -@@ -2096,7 +2220,7 @@ int unshare_files(struct files_struct **displaced) +@@ -2096,7 +2225,7 @@ int unshare_files(struct files_struct **displaced) int sysctl_max_threads(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos) {
