main/linux-grsec: upgrade to 4.4.6

1 files changed, 0 insertions, 37 deletions

diff --git a/main/linux-grsec/keys-fixes.patch b/main/linux-grsec/keys-fixes.patch
deleted file mode 100644
index 85bbda7e02..0000000000
--- a/main/linux-grsec/keys-fixes.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 911b79cde95c7da0ec02f48105358a36636b7a71 Mon Sep 17 00:00:00 2001
-From: David Howells <dhowells@redhat.com>
-Date: Mon, 19 Oct 2015 11:20:28 +0100
-Subject: KEYS: Don't permit request_key() to construct a new keyring
-
-If request_key() is used to find a keyring, only do the search part - don't
-do the construction part if the keyring was not found by the search.  We
-don't really want keyrings in the negative instantiated state since the
-rejected/negative instantiation error value in the payload is unioned with
-keyring metadata.
-
-Now the kernel gives an error:
-
-	request_key("keyring", "#selinux,bdekeyring", "keyring", KEY_SPEC_USER_SESSION_KEYRING) = -1 EPERM (Operation not permitted)
-
-Signed-off-by: David Howells <dhowells@redhat.com>
----
- security/keys/request_key.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/security/keys/request_key.c b/security/keys/request_key.c
-index 486ef6f..0d62531 100644
---- a/security/keys/request_key.c
-+++ b/security/keys/request_key.c
-@@ -440,6 +440,9 @@ static struct key *construct_key_and_link(struct keyring_search_context *ctx,
- 
- 	kenter("");
- 
-+	if (ctx->index_key.type == &key_type_keyring)
-+		return ERR_PTR(-EPERM);
-+	
- 	user = key_user_lookup(current_fsuid());
- 	if (!user)
- 		return ERR_PTR(-ENOMEM);
--- 
-cgit v0.11.2
-