aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-03-03 13:05:57 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-03-03 13:05:57 +0000
commit1095a18501f6e7fdaa5c397b5111b76afba0a6d0 (patch)
treeaa76a89884af65dc9087c48a88c138556d9c133a
parentc14895917b22f1e10ba2b8a838149804e2d99a19 (diff)
downloadaports-1095a18501f6e7fdaa5c397b5111b76afba0a6d0.tar.bz2
aports-1095a18501f6e7fdaa5c397b5111b76afba0a6d0.tar.xz
main/linux-grsec: Fix NOARP behaviour on NBMA mGRE tunnels
-rw-r--r--main/linux-grsec/APKBUILD6
-rw-r--r--main/linux-grsec/arp.patch14
-rw-r--r--main/linux-grsec/ip_gre.patch15
3 files changed, 34 insertions, 1 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index e87fb96dd0..ec454a74d0 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
pkgname=linux-${_flavor}
pkgver=2.6.32.9
_kernver=2.6.32
-pkgrel=0
+pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
@@ -15,6 +15,8 @@ install=
source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2
grsecurity-2.1.14-2.6.32.9-201002231820.patch
+ ip_gre.patch
+ arp.patch
kernelconfig.x86
"
subpackages="$pkgname-dev linux-firmware:firmware"
@@ -121,4 +123,6 @@ firmware() {
md5sums="260551284ac224c3a43c4adac7df4879 linux-2.6.32.tar.bz2
7f615dd3b4a3b19fb86e479996a2deb5 patch-2.6.32.9.bz2
7da77829d4d994498218c412caed1db8 grsecurity-2.1.14-2.6.32.9-201002231820.patch
+3ef822f3a2723b9a80c3f12954457225 ip_gre.patch
+4c39a161d918e7f274292ecfd168b891 arp.patch
782074af6a1f1b1b1c9a33f5ac1b42bf kernelconfig.x86"
diff --git a/main/linux-grsec/arp.patch b/main/linux-grsec/arp.patch
new file mode 100644
index 0000000000..d2682690f5
--- /dev/null
+++ b/main/linux-grsec/arp.patch
@@ -0,0 +1,14 @@
+diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
+index c95cd93..71ab56f 100644
+--- a/net/ipv4/arp.c
++++ b/net/ipv4/arp.c
+@@ -1200,6 +1200,9 @@ static int arp_netdev_event(struct notifier_block *this, unsigned long event, vo
+ neigh_changeaddr(&arp_tbl, dev);
+ rt_cache_flush(dev_net(dev), 0);
+ break;
++ case NETDEV_CHANGE:
++ neigh_changeaddr(&arp_tbl, dev);
++ break;
+ default:
+ break;
+ }
diff --git a/main/linux-grsec/ip_gre.patch b/main/linux-grsec/ip_gre.patch
new file mode 100644
index 0000000000..ba5f19b300
--- /dev/null
+++ b/main/linux-grsec/ip_gre.patch
@@ -0,0 +1,15 @@
+--- a/net/ipv4/ip_gre.c.orig
++++ b/net/ipv4/ip_gre.c
+@@ -1137,11 +1137,8 @@
+
+ if (saddr)
+ memcpy(&iph->saddr, saddr, 4);
+-
+- if (daddr) {
++ if (daddr)
+ memcpy(&iph->daddr, daddr, 4);
+- return t->hlen;
+- }
+ if (iph->daddr && !ipv4_is_multicast(iph->daddr))
+ return t->hlen;
+