summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2009-08-13 15:49:06 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2009-08-13 15:49:06 +0000
commitf966169b52b77682d48ba83333b96f00e16e487a (patch)
treefcca5682e759e7b6584a46f5df78cefd6c333be3
parentd7c0aed5ab029a04cd60356126d7feede60bfc0a (diff)
downloadaports-f966169b52b77682d48ba83333b96f00e16e487a.tar.bz2
aports-f966169b52b77682d48ba83333b96f00e16e487a.tar.xz
main/linux-grsec: upgrade to grsecurity patch 200908090749
-rw-r--r--main/linux-grsec/APKBUILD6
-rw-r--r--main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908122115.patch (renamed from main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908090749.patch)27
2 files changed, 20 insertions, 13 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 625989df1..6d88c138a 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
pkgname=linux-${_flavor}
pkgver=2.6.30.4
_kernver=2.6.30
-pkgrel=3
+pkgrel=4
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs"
@@ -13,7 +13,7 @@ _config=${config:-kernelconfig}
install="$pkgname.post-install $pkgname.post-upgrade"
source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2
- grsecurity-2.1.14-2.6.30.4-200908090749.patch
+ grsecurity-2.1.14-2.6.30.4-200908122115.patch
linux-nbma-mroute-v4-2.6.30.diff
net-next-2.6.git-5ef12d98a19254ee5dc851bd83e214b43ec1f725.patch
$_config
@@ -113,7 +113,7 @@ dev() {
md5sums="7a80058a6382e5108cdb5554d1609615 linux-2.6.30.tar.bz2
d0fc44b54ba5953140b3f2aa9a1f2580 patch-2.6.30.4.bz2
-78f3778d96c03006ba0b4c96ed885cd6 grsecurity-2.1.14-2.6.30.4-200908090749.patch
+8b90a9def6800972fd09685bb73c5945 grsecurity-2.1.14-2.6.30.4-200908122115.patch
7420c0b1095335990313656b114e1379 linux-nbma-mroute-v4-2.6.30.diff
ca05fd252783b82e01610e775cf56498 net-next-2.6.git-5ef12d98a19254ee5dc851bd83e214b43ec1f725.patch
60adb085be0ab268c0f27279ae2b2bab kernelconfig
diff --git a/main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908090749.patch b/main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908122115.patch
index 3fff0bbb8..6f697a13f 100644
--- a/main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908090749.patch
+++ b/main/linux-grsec/grsecurity-2.1.14-2.6.30.4-200908122115.patch
@@ -8320,7 +8320,7 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/efi_stub_32.S linux-2.6.30.4/arch/x86/
efi_rt_function_ptr:
diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_32.S linux-2.6.30.4/arch/x86/kernel/entry_32.S
--- linux-2.6.30.4/arch/x86/kernel/entry_32.S 2009-07-24 17:47:51.000000000 -0400
-+++ linux-2.6.30.4/arch/x86/kernel/entry_32.S 2009-07-30 09:48:09.945662533 -0400
++++ linux-2.6.30.4/arch/x86/kernel/entry_32.S 2009-08-12 21:15:21.098460043 -0400
@@ -192,7 +192,7 @@
#endif /* CONFIG_X86_32_LAZY_GS */
@@ -8525,11 +8525,11 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_32.S linux-2.6.30.4/arch/x86/ker
/* since we are on a wrong stack, we cant make it a C code :( */
- PER_CPU(gdt_page, %ebx)
+#ifdef CONFIG_SMP
-+ movl PER_CPU_VAR(cpu_number), %ebx;
-+ shll $PAGE_SHIFT_asm, %ebx;
-+ addl $cpu_gdt_table, %ebx;
++ movl PER_CPU_VAR(cpu_number), %ebx
++ shll $PAGE_SHIFT_asm, %ebx
++ addl $cpu_gdt_table, %ebx
+#else
-+ movl $cpu_gdt_table, %ebx;
++ movl $cpu_gdt_table, %ebx
+#endif
GET_DESC_BASE(GDT_ENTRY_ESPFIX_SS, %ebx, %eax, %ax, %al, %ah)
addl %esp, %eax
@@ -8595,14 +8595,18 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_32.S linux-2.6.30.4/arch/x86/ker
CFI_ADJUST_CFA_OFFSET -24
diff -urNp linux-2.6.30.4/arch/x86/kernel/entry_64.S linux-2.6.30.4/arch/x86/kernel/entry_64.S
--- linux-2.6.30.4/arch/x86/kernel/entry_64.S 2009-07-24 17:47:51.000000000 -0400
-+++ linux-2.6.30.4/arch/x86/kernel/entry_64.S 2009-07-30 09:48:09.945662533 -0400
-@@ -1073,7 +1073,8 @@ ENTRY(\sym)
++++ linux-2.6.30.4/arch/x86/kernel/entry_64.S 2009-08-12 21:15:21.099483377 -0400
+@@ -1073,7 +1073,12 @@ ENTRY(\sym)
TRACE_IRQS_OFF
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
- PER_CPU(init_tss, %rbp)
++#ifdef CONFIG_SMP
+ imul $TSS_size, PER_CPU_VAR(cpu_number), %ebp
+ lea init_tss(%rbp), %rbp
++#else
++ lea init_tss(%rip), %rbp
++#endif
subq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
call \do_sym
addq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
@@ -11088,7 +11092,7 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/vm86_32.c linux-2.6.30.4/arch/x86/kern
tsk->thread.sysenter_cs = 0;
diff -urNp linux-2.6.30.4/arch/x86/kernel/vmi_32.c linux-2.6.30.4/arch/x86/kernel/vmi_32.c
--- linux-2.6.30.4/arch/x86/kernel/vmi_32.c 2009-07-24 17:47:51.000000000 -0400
-+++ linux-2.6.30.4/arch/x86/kernel/vmi_32.c 2009-07-30 09:48:09.962543704 -0400
++++ linux-2.6.30.4/arch/x86/kernel/vmi_32.c 2009-08-12 21:15:21.104308164 -0400
@@ -102,18 +102,43 @@ static unsigned patch_internal(int call,
{
u64 reloc;
@@ -11149,7 +11153,7 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/vmi_32.c linux-2.6.30.4/arch/x86/kerne
vmi_ops.set_pte(pte, (pte_t *)pmd, VMI_PAGE_PD);
}
#endif
-@@ -438,8 +463,8 @@ vmi_startup_ipi_hook(int phys_apicid, un
+@@ -438,10 +463,10 @@ vmi_startup_ipi_hook(int phys_apicid, un
ap.ss = __KERNEL_DS;
ap.esp = (unsigned long) start_esp;
@@ -11158,7 +11162,10 @@ diff -urNp linux-2.6.30.4/arch/x86/kernel/vmi_32.c linux-2.6.30.4/arch/x86/kerne
+ ap.ds = __KERNEL_DS;
+ ap.es = __KERNEL_DS;
ap.fs = __KERNEL_PERCPU;
- ap.gs = 0;
+- ap.gs = 0;
++ ap.gs = __KERNEL_STACK_CANARY;
+
+ ap.eflags = 0;
@@ -634,12 +659,20 @@ static inline int __init activate_vmi(vo
u64 reloc;