summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2005-04-29 12:36:37 +0000
committerNed Ludd <solar@gentoo.org>2005-04-29 12:36:37 +0000
commit12629a0b333f2b54a5fee0d796ee452bd373b2eb (patch)
treec33dc0698554bce798b6f17f3e76fc5b424f4c69 /sys-kernel/grsec-sources
parentDigest (diff)
downloadhistorical-12629a0b333f2b54a5fee0d796ee452bd373b2eb.tar.gz
historical-12629a0b333f2b54a5fee0d796ee452bd373b2eb.tar.bz2
historical-12629a0b333f2b54a5fee0d796ee452bd373b2eb.zip
- ebuild and filesdir cleanup. This is the last planned grsec-sources, see http://marc.theaimsgroup.com/?l=gentoo-hardened&m=111419177808622&w=2 for more info
Package-Manager: portage-2.0.51.20-r5
Diffstat (limited to 'sys-kernel/grsec-sources')
-rw-r--r--sys-kernel/grsec-sources/ChangeLog13
-rw-r--r--sys-kernel/grsec-sources/Manifest32
-rw-r--r--sys-kernel/grsec-sources/files/2.4.26-CAN-2004-0394.patch11
-rw-r--r--sys-kernel/grsec-sources/files/2.4.27-cmdline-race.patch11
-rw-r--r--sys-kernel/grsec-sources/files/2.4.28-binfmt_a.out.patch63
-rw-r--r--sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch44
-rw-r--r--sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch265
-rw-r--r--sys-kernel/grsec-sources/files/2.4.29-CAN-2005-0001.patch44
-rw-r--r--sys-kernel/grsec-sources/files/CAN-2004-1016.patch75
-rw-r--r--sys-kernel/grsec-sources/files/CAN-2004-1074.patch352
-rw-r--r--sys-kernel/grsec-sources/files/CAN-2004-1335.patch29
-rw-r--r--sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.33
-rw-r--r--sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.43
-rw-r--r--sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch59
-rw-r--r--sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.3.ebuild51
-rw-r--r--sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.4.ebuild52
16 files changed, 22 insertions, 1085 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog
index 71c201815ba4..1d6efbb98c2b 100644
--- a/sys-kernel/grsec-sources/ChangeLog
+++ b/sys-kernel/grsec-sources/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for sys-kernel/grsec-sources
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.54 2005/04/28 21:22:14 gustavoz Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.55 2005/04/29 12:36:37 solar Exp $
+
+ 29 Apr 2005; <solar@gentoo.org> -files/2.4.26-CAN-2004-0394.patch,
+ -files/2.4.27-cmdline-race.patch, -files/2.4.28-binfmt_a.out.patch,
+ -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
+ -files/2.4.28-uselib4pax.patch, -files/2.4.29-CAN-2005-0001.patch,
+ -files/CAN-2004-1016.patch, -files/CAN-2004-1074.patch,
+ -files/CAN-2004-1335.patch, -files/gentoo-sources-2.4.CAN-2004-1137.patch,
+ -grsec-sources-2.4.29.2.1.3.ebuild, -grsec-sources-2.4.29.2.1.4.ebuild:
+ - ebuild and filesdir cleanup. This is the last planned grsec-sources, see
+ http://marc.theaimsgroup.com/?l=gentoo-hardened&m=111419177808622&w=2 for more
+ info
28 Apr 2005; Gustavo Zacarias <gustavoz@gentoo.org>
grsec-sources-2.4.30.2.1.5.ebuild:
diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest
index 3b3f2e78a606..c043ba36b647 100644
--- a/sys-kernel/grsec-sources/Manifest
+++ b/sys-kernel/grsec-sources/Manifest
@@ -1,31 +1,19 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-MD5 416d756b4496f062d49cb748c6410fb4 ChangeLog 11730
-MD5 0b2ea9b53b5d526e39afbdc5040ff07a metadata.xml 487
MD5 a7207fc0f80889ad23137af4c81bee97 grsec-sources-2.4.30.2.1.5.ebuild 1589
-MD5 2a4a5d00823f2d2950ca3b89f8a7e06a grsec-sources-2.4.29.2.1.3.ebuild 1858
-MD5 70696d6b8d7907edbe5b8fbb5def5e37 grsec-sources-2.4.29.2.1.4.ebuild 1903
-MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
-MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319
-MD5 4a0215139f9aebfe2cc2747743763f08 files/2.4.28-binfmt_a.out.patch 1887
-MD5 6aa8f7a7c2d55734389b53d3bcf78570 files/CAN-2004-1016.patch 2835
-MD5 d1ccc2047be533c992f67270a150a210 files/2.4.27-cmdline-race.patch 388
+MD5 79a9a050f20a8d4de550993d73cc43c8 ChangeLog 12363
+MD5 0b2ea9b53b5d526e39afbdc5040ff07a metadata.xml 487
+MD5 0adbefda5e0d752b23dd2f930e6f6bbf files/linux-2.4.28-random-poolsize.patch 452
MD5 2c122c506c654e3af5e7053232319eaa files/digest-grsec-sources-2.4.30.2.1.5 234
-MD5 9860d0e9e59d561a5573648f80547f7e files/CAN-2004-1335.patch 788
MD5 757ee1239c3f14645ccea3640d551e11 files/CAN-2004-1056.patch 11249
-MD5 4263daf594b58ea0c0b59e87afe3a7c9 files/CAN-2004-1074.patch 11121
-MD5 a0c6a4f388d0481b6e25bb12f71da868 files/digest-grsec-sources-2.4.29.2.1.3 231
-MD5 29e531cdd3f2effce5e31a1f2afb5b5d files/2.4.28-uselib4pax.patch 8912
-MD5 153b1ba98912172f66892de96a7d0bb4 files/digest-grsec-sources-2.4.29.2.1.4 235
-MD5 8c35751caf824a9dacb02e80d6189b2e files/gentoo-sources-2.4.CAN-2004-1137.patch 1764
-MD5 0adbefda5e0d752b23dd2f930e6f6bbf files/linux-2.4.28-random-poolsize.patch 452
-MD5 1efe4024e443e60db5fd9b21b22fabd2 files/2.4.29-CAN-2005-0001.patch 1724
-MD5 b1f723b1661a3fcbe79e921ddfe40584 files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch 1202
+MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.1-ecc0.1.6 (GNU/Linux)
+Version: GnuPG v1.4.0 (GNU/Linux)
-iD8DBQFCcVQJKRy60XGEcJIRAivBAJ0Tv1yR46ney43A8eFOZVSjOcpMGgCfWlzl
-kkTDeCO9d1i8/f9KFk9HCgI=
-=RGUq
+iQCVAwUBQnIqFZ4WFLgrx1GWAQLUnwP+Lld0nDFVeeDapAu0uO43OECmXz6i8nv4
+6zM9vSGyZGI3ack5mxjXhMn//M1tNbqoaaGDWIv8gYG/x3jQq/1ZDg7DvZPdD5eq
+MDx99KgJH7vR/QWZPSq2HSnfdjOIQ83deW1fUISKpVDp3VFYqOhofo/TDEF7dABb
+Q3SO6FkXkyE=
+=ksre
-----END PGP SIGNATURE-----
diff --git a/sys-kernel/grsec-sources/files/2.4.26-CAN-2004-0394.patch b/sys-kernel/grsec-sources/files/2.4.26-CAN-2004-0394.patch
deleted file mode 100644
index 7b12ecbccce1..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.26-CAN-2004-0394.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- linux/kernel/panic.c Tue Mar 30 15:37:18 2004
-+++ linux/kernel/panic.c Mon May 17 18:44:01 2004
-@@ -51,7 +51,7 @@
-
- bust_spinlocks(1);
- va_start(args, fmt);
-- vsprintf(buf, fmt, args);
-+ vsnprintf(buf, sizeof(buf), fmt, args);
- va_end(args);
- printk(KERN_EMERG "Kernel panic: %s\n",buf);
- if (in_interrupt())
diff --git a/sys-kernel/grsec-sources/files/2.4.27-cmdline-race.patch b/sys-kernel/grsec-sources/files/2.4.27-cmdline-race.patch
deleted file mode 100644
index 5f26f7f388f6..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.27-cmdline-race.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- linux-2.4/fs/proc/base.c 2004-04-15 07:09:32.000000000 +0100
-+++ linux-2.4/fs/proc/base.c.plasmaroo 2004-08-09 23:30:43.869195800 +0100
-@@ -187,7 +187,7 @@ static int proc_pid_cmdline(struct task_
- if (mm)
- atomic_inc(&mm->mm_users);
- task_unlock(task);
-- if (mm) {
-+ if (mm && mm->arg_end) {
- int len = mm->arg_end - mm->arg_start;
- if (len > PAGE_SIZE)
- len = PAGE_SIZE;
diff --git a/sys-kernel/grsec-sources/files/2.4.28-binfmt_a.out.patch b/sys-kernel/grsec-sources/files/2.4.28-binfmt_a.out.patch
deleted file mode 100644
index 16e06c44b5b4..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.28-binfmt_a.out.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-diff -Nru linux-2.4.28/fs/binfmt_aout.c linux-2.4.28-hardened/fs/binfmt_aout.c
---- linux-2.4.28/fs/binfmt_aout.c 2004-11-28 15:44:03.000000000 -0500
-+++ linux-2.4.28-hardened/fs/binfmt_aout.c 2004-11-28 16:05:16.000000000 -0500
-@@ -39,13 +39,18 @@
- NULL, THIS_MODULE, load_aout_binary, load_aout_library, aout_core_dump, PAGE_SIZE
- };
-
--static void set_brk(unsigned long start, unsigned long end)
-+#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
-+
-+static int set_brk(unsigned long start, unsigned long end)
- {
- start = PAGE_ALIGN(start);
- end = PAGE_ALIGN(end);
-- if (end <= start)
-- return;
-- do_brk(start, end - start);
-+ if (end > start) {
-+ unsigned long addr = do_brk(start, end - start);
-+ if (BAD_ADDR(addr))
-+ return addr;
-+ }
-+ return 0;
- }
-
- /*
-@@ -429,7 +434,11 @@
- beyond_if:
- set_binfmt(&aout_format);
-
-- set_brk(current->mm->start_brk, current->mm->brk);
-+ retval = set_brk(current->mm->start_brk, current->mm->brk);
-+ if (retval < 0) {
-+ send_sig(SIGKILL, current, 0);
-+ return retval;
-+ }
-
- retval = setup_arg_pages(bprm);
- if (retval < 0) {
-diff -Nru linux-2.4.28/fs/exec.c linux-2.4.28-hardened/fs/exec.c
---- linux-2.4.28/fs/exec.c 2004-11-28 15:44:03.000000000 -0500
-+++ linux-2.4.28-hardened/fs/exec.c 2004-11-28 16:05:16.000000000 -0500
-@@ -387,6 +387,7 @@
-
- down_write(&current->mm->mmap_sem);
- {
-+ struct vm_area_struct *vma;
- mpnt->vm_mm = current->mm;
- mpnt->vm_start = PAGE_MASK & (unsigned long) bprm->p;
- mpnt->vm_end = STACK_TOP;
-@@ -401,6 +402,12 @@
- mpnt->vm_pgoff = 0;
- mpnt->vm_file = NULL;
- mpnt->vm_private_data = (void *) 0;
-+ vma = find_vma(current->mm, mpnt->vm_start);
-+ if (vma) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, mpnt);
-+ return -ENOMEM;
-+ }
- insert_vm_struct(current->mm, mpnt);
- current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
-
diff --git a/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch b/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch
deleted file mode 100644
index baf4907aba34..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch
+++ /dev/null
@@ -1,44 +0,0 @@
---- mm/mmap.c.orig 2005-03-05 13:29:06.000000000 -0500
-+++ mm/mmap.c 2005-03-05 13:33:51.000000000 -0500
-@@ -1014,7 +1014,7 @@
- * we just free'd - but there's no telling how much before.
- */
- static void free_pgtables(struct mm_struct * mm, struct vm_area_struct *prev,
-- unsigned long start, unsigned long end)
-+ struct vm_area_struct *mpnt, unsigned long start, unsigned long end)
- {
- unsigned long first = start & PGDIR_MASK;
- unsigned long last = end + PGDIR_SIZE - 1;
-@@ -1046,6 +1046,14 @@
- break;
- }
- no_mmaps:
-+ while (mpnt && first < last) {
-+ if ((mpnt->vm_end > first) &&(last > mpnt->vm_start)) {
-+ first = mpnt->vm_end + PGDIR_SIZE - 1;
-+ last = mpnt->vm_start;
-+ }
-+ mpnt = mpnt->vm_next;
-+ }
-+
- if (last < first)
- return;
- /*
-@@ -1106,7 +1114,7 @@
- extra = unmap_vma(mm, addr, len, mpnt, extra);
- }
-
-- free_pgtables(mm, prev, addr, addr+len);
-+ free_pgtables(mm, prev, NULL, addr, addr+len);
-
- return extra;
- }
-@@ -1130,7 +1138,7 @@
- find_vma_prev(mm, mpnt->vm_start, &prev);
- extra_m = unmap_vma(mm, addr_m, len, mpnt, extra_m);
-
-- free_pgtables(mm, prev, start, end);
-+ free_pgtables(mm, prev, free_m, start, end);
- }
-
- return extra_m;
diff --git a/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch b/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch
deleted file mode 100644
index c275b0b1649e..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.28-uselib4pax.patch
+++ /dev/null
@@ -1,265 +0,0 @@
-diff -ur linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c
---- linux-2.4.28-gentoo-r4/arch/mips/kernel/irixelf.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/arch/mips/kernel/irixelf.c 2005-01-07 20:20:32.000000000 +0000
-@@ -130,7 +130,7 @@
- end = PAGE_ALIGN(end);
- if (end <= start)
- return;
-- do_brk(start, end - start);
-+ do_brk_locked(start, end - start);
- }
-
-
-@@ -379,7 +379,7 @@
-
- /* Map the last of the bss segment */
- if (last_bss > len) {
-- do_brk(len, (last_bss - len));
-+ do_brk_locked(len, (last_bss - len));
- }
- kfree(elf_phdata);
-
-@@ -567,7 +567,7 @@
- unsigned long v;
- struct prda *pp;
-
-- v = do_brk (PRDA_ADDRESS, PAGE_SIZE);
-+ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
-
- if (v < 0)
- return;
-@@ -859,7 +859,7 @@
- len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
- bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
- if (bss > len)
-- do_brk(len, bss-len);
-+ do_brk_locked(len, bss-len);
- kfree(elf_phdata);
- return 0;
- }
-diff -ur linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c
---- linux-2.4.28-gentoo-r4/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 20:20:32.000000000 +0000
-@@ -49,7 +49,7 @@
- end = PAGE_ALIGN(end);
- if (end <= start)
- return;
-- do_brk(start, end - start);
-+ do_brk_locked(start, end - start);
- }
-
- /*
-@@ -246,10 +246,10 @@
- if (N_MAGIC(ex) == NMAGIC) {
- loff_t pos = fd_offset;
- /* Fuck me plenty... */
-- error = do_brk(N_TXTADDR(ex), ex.a_text);
-+ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
- bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
- ex.a_text, &pos);
-- error = do_brk(N_DATADDR(ex), ex.a_data);
-+ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
- bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
- ex.a_data, &pos);
- goto beyond_if;
-@@ -257,7 +257,7 @@
-
- if (N_MAGIC(ex) == OMAGIC) {
- loff_t pos = fd_offset;
-- do_brk(N_TXTADDR(ex) & PAGE_MASK,
-+ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
- ex.a_text+ex.a_data + PAGE_SIZE - 1);
- bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
- ex.a_text+ex.a_data, &pos);
-@@ -272,7 +272,7 @@
-
- if (!bprm->file->f_op->mmap) {
- loff_t pos = fd_offset;
-- do_brk(0, ex.a_text+ex.a_data);
-+ do_brk_locked(0, ex.a_text+ex.a_data);
- bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
- ex.a_text+ex.a_data, &pos);
- goto beyond_if;
-@@ -388,7 +388,7 @@
- len = PAGE_ALIGN(ex.a_text + ex.a_data);
- bss = ex.a_text + ex.a_data + ex.a_bss;
- if (bss > len) {
-- error = do_brk(start_addr + len, bss - len);
-+ error = do_brk_locked(start_addr + len, bss - len);
- retval = error;
- if (error != start_addr + len)
- goto out;
-diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_aout.c linux-2.4.28-gentoo-r5/fs/binfmt_aout.c
---- linux-2.4.28-gentoo-r4/fs/binfmt_aout.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/fs/binfmt_aout.c 2005-01-07 20:20:32.000000000 +0000
-@@ -46,7 +46,7 @@
- start = PAGE_ALIGN(start);
- end = PAGE_ALIGN(end);
- if (end > start) {
-- unsigned long addr = do_brk(start, end - start);
-+ unsigned long addr = do_brk_locked(start, end - start);
- if (BAD_ADDR(addr))
- return addr;
- }
-@@ -341,10 +341,10 @@
- loff_t pos = fd_offset;
- /* Fuck me plenty... */
- /* <AOL></AOL> */
-- error = do_brk(N_TXTADDR(ex), ex.a_text);
-+ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
- bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
- ex.a_text, &pos);
-- error = do_brk(N_DATADDR(ex), ex.a_data);
-+ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
- bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
- ex.a_data, &pos);
- goto beyond_if;
-@@ -365,7 +365,7 @@
- map_size = ex.a_text+ex.a_data;
- #endif
-
-- error = do_brk(text_addr & PAGE_MASK, map_size);
-+ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
- if (error != (text_addr & PAGE_MASK)) {
- send_sig(SIGKILL, current, 0);
- return error;
-@@ -399,7 +399,7 @@
-
- if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
- loff_t pos = fd_offset;
-- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
-+ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
- bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
- ex.a_text+ex.a_data, &pos);
- flush_icache_range((unsigned long) N_TXTADDR(ex),
-@@ -500,7 +500,7 @@
- error_time = jiffies;
- }
-
-- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
-+ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
-
- file->f_op->read(file, (char *)start_addr,
- ex.a_text + ex.a_data, &pos);
-@@ -524,7 +524,7 @@
- len = PAGE_ALIGN(ex.a_text + ex.a_data);
- bss = ex.a_text + ex.a_data + ex.a_bss;
- if (bss > len) {
-- error = do_brk(start_addr + len, bss - len);
-+ error = do_brk_locked(start_addr + len, bss - len);
- retval = error;
- if (error != start_addr + len)
- goto out;
-diff -ur linux-2.4.28-gentoo-r4/fs/binfmt_elf.c linux-2.4.28-gentoo-r5/fs/binfmt_elf.c
---- linux-2.4.28-gentoo-r4/fs/binfmt_elf.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/fs/binfmt_elf.c 2005-01-07 20:20:46.000000000 +0000
-@@ -88,6 +88,7 @@ static void set_brk(unsigned long start,
- end = ELF_PAGEALIGN(end);
- if (end <= start)
- return;
-+ down_write(&current->mm->mmap_sem);
- do_brk(start, end - start);
-
- #ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
-@@ -95,6 +96,7 @@ static void set_brk(unsigned long start,
- __do_mmap_pgoff(NULL, ELF_PAGEALIGN(start + current->mm->delta_exec), 0UL, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED | MAP_MIRROR, start);
- #endif
-
-+ up_write(&current->mm->mmap_sem);
- }
-
-
-@@ -295,7 +297,9 @@ static unsigned long load_elf_interp(str
- */
- if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
- goto out;
-- if (interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
-+
-+ if (interp_elf_ex->e_phnum < 1 ||
-+ interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
- goto out;
-
- /* Now read in all of the header information */
-@@ -370,7 +370,7 @@
-
- /* Map the last of the bss segment */
- if (last_bss > elf_bss)
-- do_brk(elf_bss, last_bss - elf_bss);
-+ do_brk_locked(elf_bss, last_bss - elf_bss);
-
- *interp_load_addr = load_addr;
- error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
-@@ -407,7 +407,7 @@
- goto out;
- }
-
-- do_brk(0, text_data);
-+ do_brk_locked(0, text_data);
- if (!interpreter->f_op || !interpreter->f_op->read)
- goto out;
- if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
-@@ -415,7 +415,7 @@
- flush_icache_range((unsigned long)addr,
- (unsigned long)addr + text_data);
-
-- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
-+ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
- interp_ex->a_bss);
- elf_entry = interp_ex->a_entry;
-
-@@ -1271,7 +1271,7 @@
- len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
- bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
- if (bss > len)
-- do_brk(len, bss - len);
-+ do_brk_locked(len, bss - len);
- error = 0;
-
- out_free_ph:
-diff -ur linux-2.4.28-gentoo-r4/include/linux/mm.h linux-2.4.28-gentoo-r5/include/linux/mm.h
---- linux-2.4.28-gentoo-r4/include/linux/mm.h 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/include/linux/mm.h 2005-01-07 20:20:32.000000000 +0000
-@@ -601,6 +601,7 @@
- extern int do_munmap(struct mm_struct *, unsigned long, size_t);
-
- extern unsigned long do_brk(unsigned long, unsigned long);
-+extern unsigned long do_brk_locked(unsigned long, unsigned long);
-
- static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
- {
-diff -ur linux-2.4.28-gentoo-r4/kernel/ksyms.c linux-2.4.28-gentoo-r5/kernel/ksyms.c
---- linux-2.4.28-gentoo-r4/kernel/ksyms.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/kernel/ksyms.c 2005-01-07 20:20:32.000000000 +0000
-@@ -90,6 +90,7 @@
- EXPORT_SYMBOL(__do_mmap_pgoff);
- EXPORT_SYMBOL(do_munmap);
- EXPORT_SYMBOL(do_brk);
-+EXPORT_SYMBOL(do_brk_locked);
- EXPORT_SYMBOL(exit_mm);
- EXPORT_SYMBOL(exit_files);
- EXPORT_SYMBOL(exit_fs);
-diff -ur linux-2.4.28-gentoo-r4/mm/mmap.c linux-2.4.28-gentoo-r5/mm/mmap.c
---- linux-2.4.28-gentoo-r4/mm/mmap.c 2005-01-07 20:33:12.000000000 +0000
-+++ linux-2.4.28-gentoo-r5/mm/mmap.c 2005-01-07 20:20:32.000000000 +0000
-@@ -1401,6 +1401,21 @@
- return addr;
- }
-
-+/* locking version of do_brk. */
-+unsigned long do_brk_locked(unsigned long addr, unsigned long len)
-+{
-+ unsigned long ret;
-+
-+ down_write(&current->mm->mmap_sem);
-+ ret = do_brk(addr, len);
-+ up_write(&current->mm->mmap_sem);
-+
-+ return ret;
-+}
-+
-+
-+
-+
- /* Build the RB tree corresponding to the VMA list. */
- void build_mmap_rb(struct mm_struct * mm)
- {
diff --git a/sys-kernel/grsec-sources/files/2.4.29-CAN-2005-0001.patch b/sys-kernel/grsec-sources/files/2.4.29-CAN-2005-0001.patch
deleted file mode 100644
index 6b687788f912..000000000000
--- a/sys-kernel/grsec-sources/files/2.4.29-CAN-2005-0001.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-# This is a BitKeeper generated diff -Nru style patch.
-#
-# ChangeSet
-# 2005/01/12 09:14:50-02:00 marcelo.tosatti@cyclades.com
-# [PATCH] Fix expand_stack() SMP race
-#
-# Description: Fix expand_stack() SMP race
-#
-# Two threads sharing the same VMA can race in expand_stack, resulting in incorrect VMA
-# size accounting and possibly a "uncovered-by-VMA" pte leak.
-#
-# Fix is to check if the stack has already been expanded after acquiring a lock which
-# guarantees exclusivity (page_table_lock in v2.4 and vma_anon lock in v2.6).
-#
-# include/linux/mm.h
-# 2005/01/07 14:51:21-02:00 marcelo.tosatti@cyclades.com +10 -3
-# Fix expand_stack() SMP race
-#
-diff -Nru a/include/linux/mm.h b/include/linux/mm.h
---- a/include/linux/mm.h 2005-01-13 04:59:30 -08:00
-+++ b/include/linux/mm.h 2005-01-13 04:59:30 -08:00
-@@ -648,12 +648,19 @@
- unsigned long grow;
-
- /*
-- * vma->vm_start/vm_end cannot change under us because the caller is required
-- * to hold the mmap_sem in write mode. We need to get the spinlock only
-- * before relocating the vma range ourself.
-+ * vma->vm_start/vm_end cannot change under us because the caller
-+ * is required to hold the mmap_sem in read mode. We need the
-+ * page_table_lock lock to serialize against concurrent expand_stacks.
- */
- address &= PAGE_MASK;
- spin_lock(&vma->vm_mm->page_table_lock);
-+
-+ /* already expanded while we were spinning? */
-+ if (vma->vm_start <= address) {
-+ spin_unlock(&vma->vm_mm->page_table_lock);
-+ return 0;
-+ }
-+
- grow = (vma->vm_start - address) >> PAGE_SHIFT;
- if (vma->vm_end - address > current->rlim[RLIMIT_STACK].rlim_cur ||
- ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) > current->rlim[RLIMIT_AS].rlim_cur) {
diff --git a/sys-kernel/grsec-sources/files/CAN-2004-1016.patch b/sys-kernel/grsec-sources/files/CAN-2004-1016.patch
deleted file mode 100644
index aa25ac95ed61..000000000000
--- a/sys-kernel/grsec-sources/files/CAN-2004-1016.patch
+++ /dev/null
@@ -1,75 +0,0 @@
-===== include/linux/socket.h 1.12 vs edited =====
---- 1.12/include/linux/socket.h 2004-09-09 06:40:01 +10:00
-+++ edited/include/linux/socket.h 2004-11-27 11:53:40 +11:00
-@@ -90,6 +90,10 @@
- (struct cmsghdr *)(ctl) : \
- (struct cmsghdr *)NULL)
- #define CMSG_FIRSTHDR(msg) __CMSG_FIRSTHDR((msg)->msg_control, (msg)->msg_controllen)
-+#define CMSG_OK(mhdr, cmsg) ((cmsg)->cmsg_len >= sizeof(struct cmsghdr) && \
-+ (cmsg)->cmsg_len <= (unsigned long) \
-+ ((mhdr)->msg_controllen - \
-+ ((char *)(cmsg) - (char *)(mhdr)->msg_control)))
-
- /*
- * This mess will go away with glibc
-===== net/core/scm.c 1.10 vs edited =====
---- 1.10/net/core/scm.c 2004-05-31 05:08:14 +10:00
-+++ edited/net/core/scm.c 2004-11-27 11:48:55 +11:00
-@@ -127,9 +127,7 @@
- for too short ancillary data object at all! Oops.
- OK, let's add it...
- */
-- if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
-- (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
-- + cmsg->cmsg_len) > msg->msg_controllen)
-+ if (!CMSG_OK(msg, cmsg))
- goto error;
-
- if (cmsg->cmsg_level != SOL_SOCKET)
-===== net/ipv4/ip_sockglue.c 1.26 vs edited =====
---- 1.26/net/ipv4/ip_sockglue.c 2004-07-01 06:10:53 +10:00
-+++ edited/net/ipv4/ip_sockglue.c 2004-11-27 11:49:45 +11:00
-@@ -146,11 +146,8 @@
- struct cmsghdr *cmsg;
-
- for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
-- if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
-- (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
-- + cmsg->cmsg_len) > msg->msg_controllen) {
-+ if (!CMSG_OK(msg, cmsg))
- return -EINVAL;
-- }
- if (cmsg->cmsg_level != SOL_IP)
- continue;
- switch (cmsg->cmsg_type) {
-===== net/ipv6/datagram.c 1.20 vs edited =====
---- 1.20/net/ipv6/datagram.c 2004-11-10 17:57:03 +11:00
-+++ edited/net/ipv6/datagram.c 2004-11-27 11:51:15 +11:00
-@@ -427,9 +427,7 @@
- int addr_type;
- struct net_device *dev = NULL;
-
-- if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
-- (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
-- + cmsg->cmsg_len) > msg->msg_controllen) {
-+ if (!CMSG_OK(msg, cmsg)) {
- err = -EINVAL;
- goto exit_f;
- }
-===== net/sctp/socket.c 1.129 vs edited =====
---- 1.129/net/sctp/socket.c 2004-11-19 08:43:18 +11:00
-+++ edited/net/sctp/socket.c 2004-11-27 11:52:11 +11:00
-@@ -4098,12 +4098,8 @@
- for (cmsg = CMSG_FIRSTHDR(msg);
- cmsg != NULL;
- cmsg = CMSG_NXTHDR((struct msghdr*)msg, cmsg)) {
-- /* Check for minimum length. The SCM code has this check. */
-- if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
-- (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
-- + cmsg->cmsg_len) > msg->msg_controllen) {
-+ if (!CMSG_OK(msg, cmsg))
- return -EINVAL;
-- }
-
- /* Should we parse this header or ignore? */
- if (cmsg->cmsg_level != IPPROTO_SCTP)
diff --git a/sys-kernel/grsec-sources/files/CAN-2004-1074.patch b/sys-kernel/grsec-sources/files/CAN-2004-1074.patch
deleted file mode 100644
index 57fe2f42bfc0..000000000000
--- a/sys-kernel/grsec-sources/files/CAN-2004-1074.patch
+++ /dev/null
@@ -1,352 +0,0 @@
-diff -Nru linux-2.4.28/arch/ia64/ia32/binfmt_elf32.c linux-2.4.28-hardened/arch/ia64/ia32/binfmt_elf32.c
---- linux-2.4.28/arch/ia64/ia32/binfmt_elf32.c 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/arch/ia64/ia32/binfmt_elf32.c 2004-12-21 21:07:11.095515536 -0500
-@@ -105,7 +105,11 @@
- vma->vm_private_data = NULL;
- down_write(&current->mm->mmap_sem);
- {
-- insert_vm_struct(current->mm, vma);
-+ if (insert_vm_struct(current->mm, vma)) {
-+ kmem_cache_free(vm_area_cachep, vma);
-+ up_write(&current->mm->mmap_sem);
-+ return;
-+ }
- }
- up_write(&current->mm->mmap_sem);
- }
-@@ -127,7 +131,11 @@
- vma->vm_private_data = NULL;
- down_write(&current->mm->mmap_sem);
- {
-- insert_vm_struct(current->mm, vma);
-+ if (insert_vm_struct(current->mm, vma)) {
-+ kmem_cache_free(vm_area_cachep, vma);
-+ up_write(&current->mm->mmap_sem);
-+ return;
-+ }
- }
- up_write(&current->mm->mmap_sem);
- }
-@@ -174,7 +182,7 @@
- {
- unsigned long stack_base;
- struct vm_area_struct *mpnt;
-- int i;
-+ int i, ret;
-
- stack_base = IA32_STACK_TOP - MAX_ARG_PAGES*PAGE_SIZE;
-
-@@ -205,7 +213,11 @@
- mpnt->vm_pgoff = 0;
- mpnt->vm_file = NULL;
- mpnt->vm_private_data = 0;
-- insert_vm_struct(current->mm, mpnt);
-+ if ((ret = insert_vm_struct(current->mm, mpnt))) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, mpnt);
-+ return ret;
-+ }
- current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
- }
-
-diff -Nru linux-2.4.28/arch/ia64/kernel/perfmon.c linux-2.4.28-hardened/arch/ia64/kernel/perfmon.c
---- linux-2.4.28/arch/ia64/kernel/perfmon.c 2004-12-21 20:47:22.000000000 -0500
-+++ linux-2.4.28-hardened/arch/ia64/kernel/perfmon.c 2004-12-21 21:07:11.102514472 -0500
-@@ -967,7 +967,8 @@
- * now insert the vma in the vm list for the process, must be
- * done with mmap lock held
- */
-- insert_vm_struct(mm, vma);
-+ if(insert_vm_struct(mm, vma)) /* Handle -ENOMEM et al. */
-+ goto error;
-
- mm->total_vm += size >> PAGE_SHIFT;
-
-diff -Nru linux-2.4.28/arch/ia64/mm/init.c linux-2.4.28-hardened/arch/ia64/mm/init.c
---- linux-2.4.28/arch/ia64/mm/init.c 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/arch/ia64/mm/init.c 2004-12-21 21:07:11.104514168 -0500
-@@ -105,7 +105,13 @@
- vma->vm_pgoff = 0;
- vma->vm_file = NULL;
- vma->vm_private_data = NULL;
-- insert_vm_struct(current->mm, vma);
-+ down_write(&current->mm->mmap_sem);
-+ if (insert_vm_struct(current->mm, vma)) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, vma);
-+ return;
-+ }
-+ up_write(&current->mm->mmap_sem);
- }
-
- /* map NaT-page at address zero to speed up speculative dereferencing of NULL: */
-@@ -117,7 +123,13 @@
- vma->vm_end = PAGE_SIZE;
- vma->vm_page_prot = __pgprot(pgprot_val(PAGE_READONLY) | _PAGE_MA_NAT);
- vma->vm_flags = VM_READ | VM_MAYREAD | VM_IO | VM_RESERVED;
-- insert_vm_struct(current->mm, vma);
-+ down_write(&current->mm->mmap_sem);
-+ if (insert_vm_struct(current->mm, vma)) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, vma);
-+ return;
-+ }
-+ up_write(&current->mm->mmap_sem);
- }
- }
- }
-diff -Nru linux-2.4.28/arch/ppc/mm/fault.c linux-2.4.28-hardened/arch/ppc/mm/fault.c
---- linux-2.4.28/arch/ppc/mm/fault.c 2004-12-21 20:57:02.000000000 -0500
-+++ linux-2.4.28-hardened/arch/ppc/mm/fault.c 2004-12-21 21:07:11.107513712 -0500
-@@ -83,8 +83,10 @@
- nopage: pax_syscall_nopage,
- };
-
--static void pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
-+static int pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
- {
-+ int ret;
-+
- vma->vm_mm = current->mm;
- vma->vm_start = addr;
- vma->vm_end = addr + PAGE_SIZE;
-@@ -94,8 +96,15 @@
- vma->vm_pgoff = 0UL;
- vma->vm_file = NULL;
- vma->vm_private_data = NULL;
-- insert_vm_struct(current->mm, vma);
-+ ret = insert_vm_struct(current->mm, vma);
-+ if(ret != 0)
-+ {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, vma);
-+ return ret;
-+ }
- ++current->mm->total_vm;
-+ return 0;
- }
- #endif
-
-@@ -333,7 +342,8 @@
- return 1;
- }
-
-- pax_insert_vma(vma, call_syscall);
-+ if(pax_insert_vma(vma, call_syscall))
-+ return 1; /* VMA overlapping attempt; bye bye! */
- current->mm->call_syscall = call_syscall;
- up_write(&current->mm->mmap_sem);
-
-@@ -377,7 +387,8 @@
- return 1;
- }
-
-- pax_insert_vma(vma, call_syscall);
-+ if(pax_insert_vma(vma, call_syscall))
-+ return 1; /* VMA overlapping attempt; bye bye! */
- current->mm->call_syscall = call_syscall;
- up_write(&current->mm->mmap_sem);
-
-diff -Nru linux-2.4.28/arch/s390x/kernel/exec32.c linux-2.4.28-hardened/arch/s390x/kernel/exec32.c
---- linux-2.4.28/arch/s390x/kernel/exec32.c 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/arch/s390x/kernel/exec32.c 2004-12-21 21:07:11.109513408 -0500
-@@ -41,7 +41,7 @@
- {
- unsigned long stack_base;
- struct vm_area_struct *mpnt;
-- int i;
-+ int i, ret;
-
- stack_base = STACK_TOP - MAX_ARG_PAGES*PAGE_SIZE;
-
-@@ -65,7 +65,11 @@
- mpnt->vm_pgoff = 0;
- mpnt->vm_file = NULL;
- mpnt->vm_private_data = (void *) 0;
-- insert_vm_struct(current->mm, mpnt);
-+ if ((ret = insert_vm_struct(current->mm, mpnt))) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, mpnt);
-+ return ret;
-+ }
- current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
- }
-
-diff -Nru linux-2.4.28/arch/sparc/mm/fault.c linux-2.4.28-hardened/arch/sparc/mm/fault.c
---- linux-2.4.28/arch/sparc/mm/fault.c 2004-12-21 20:57:02.000000000 -0500
-+++ linux-2.4.28-hardened/arch/sparc/mm/fault.c 2004-12-21 21:07:11.111513104 -0500
-@@ -250,8 +250,10 @@
- nopage: pax_emuplt_nopage,
- };
-
--static void pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
-+static int pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
- {
-+ int ret;
-+
- vma->vm_mm = current->mm;
- vma->vm_start = addr;
- vma->vm_end = addr + PAGE_SIZE;
-@@ -261,8 +263,15 @@
- vma->vm_pgoff = 0UL;
- vma->vm_file = NULL;
- vma->vm_private_data = NULL;
-- insert_vm_struct(current->mm, vma);
-+ ret = insert_vm_struct(current->mm, vma);
-+ if(ret != 0)
-+ {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, vma);
-+ return ret;
-+ }
- ++current->mm->total_vm;
-+ return 0;
- }
-
- /*
-@@ -423,7 +432,8 @@
- return 1;
- }
-
-- pax_insert_vma(vma, call_dl_resolve);
-+ if(pax_insert_vma(vma, call_dl_resolve))
-+ return 1; /* VMA overlapping attempt; bye bye! */
- current->mm->call_dl_resolve = call_dl_resolve;
- up_write(&current->mm->mmap_sem);
-
-diff -Nru linux-2.4.28/arch/sparc64/mm/fault.c linux-2.4.28-hardened/arch/sparc64/mm/fault.c
---- linux-2.4.28/arch/sparc64/mm/fault.c 2004-12-21 20:57:02.000000000 -0500
-+++ linux-2.4.28-hardened/arch/sparc64/mm/fault.c 2004-12-21 21:07:11.117512192 -0500
-@@ -338,8 +338,10 @@
- nopage: pax_emuplt_nopage,
- };
-
--static void pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
-+static int pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
- {
-+ int ret;
-+
- vma->vm_mm = current->mm;
- vma->vm_start = addr;
- vma->vm_end = addr + PAGE_SIZE;
-@@ -349,8 +351,15 @@
- vma->vm_pgoff = 0UL;
- vma->vm_file = NULL;
- vma->vm_private_data = NULL;
-- insert_vm_struct(current->mm, vma);
-+ ret = insert_vm_struct(current->mm, vma);
-+ if(ret != 0)
-+ {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, vma);
-+ return ret;
-+ }
- ++current->mm->total_vm;
-+ return 0;
- }
- #endif
-
-@@ -633,7 +642,8 @@
- return 1;
- }
-
-- pax_insert_vma(vma, call_dl_resolve);
-+ if(pax_insert_vma(vma, call_dl_resolve))
-+ return 1; /* VMA overlapping attempt; bye bye! */
- current->mm->call_dl_resolve = call_dl_resolve;
- up_write(&current->mm->mmap_sem);
-
-diff -Nru linux-2.4.28/arch/x86_64/ia32/ia32_binfmt.c linux-2.4.28-hardened/arch/x86_64/ia32/ia32_binfmt.c
---- linux-2.4.28/arch/x86_64/ia32/ia32_binfmt.c 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/arch/x86_64/ia32/ia32_binfmt.c 2004-12-21 21:07:11.122511432 -0500
-@@ -243,7 +243,7 @@
- {
- unsigned long stack_base;
- struct vm_area_struct *mpnt;
-- int i;
-+ int i, ret;
-
- stack_base = IA32_STACK_TOP - MAX_ARG_PAGES*PAGE_SIZE;
-
-@@ -274,7 +274,11 @@
- mpnt->vm_pgoff = 0;
- mpnt->vm_file = NULL;
- mpnt->vm_private_data = (void *) 0;
-- insert_vm_struct(current->mm, mpnt);
-+ if ((ret = insert_vm_struct(current->mm, mpnt))) {
-+ up_write(&current->mm->mmap_sem);
-+ kmem_cache_free(vm_area_cachep, mpnt);
-+ return ret;
-+ }
- current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
- }
-
-diff -Nru linux-2.4.28/include/linux/mm.h linux-2.4.28-hardened/include/linux/mm.h
---- linux-2.4.28/include/linux/mm.h 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/include/linux/mm.h 2004-12-21 21:07:11.000000000 -0500
-@@ -568,7 +568,7 @@
- /* mmap.c */
- extern void lock_vma_mappings(struct vm_area_struct *);
- extern void unlock_vma_mappings(struct vm_area_struct *);
--extern void insert_vm_struct(struct mm_struct *, struct vm_area_struct *);
-+extern int insert_vm_struct(struct mm_struct *, struct vm_area_struct *);
- extern void __insert_vm_struct(struct mm_struct *, struct vm_area_struct *);
- extern void build_mmap_rb(struct mm_struct *);
- extern void exit_mmap(struct mm_struct *);
-diff -Nru linux-2.4.28/mm/mmap.c linux-2.4.28-hardened/mm/mmap.c
---- linux-2.4.28/mm/mmap.c 2004-12-21 20:59:35.000000000 -0500
-+++ linux-2.4.28-hardened/mm/mmap.c 2004-12-21 21:07:11.000000000 -0500
-@@ -1478,14 +1478,15 @@
- validate_mm(mm);
- }
-
--void insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma)
-+int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma)
- {
- struct vm_area_struct * __vma, * prev;
- rb_node_t ** rb_link, * rb_parent;
-
- __vma = find_vma_prepare(mm, vma->vm_start, &prev, &rb_link, &rb_parent);
- if (__vma && __vma->vm_start < vma->vm_end)
-- BUG();
-+ return -ENOMEM;
- vma_link(mm, vma, prev, rb_link, rb_parent);
- validate_mm(mm);
-+ return 0;
- }
---- linux-2.4.28-grsec/fs/exec.c 2004-12-24 15:27:42.000000000 -0500
-+++ linux-2.4.28-grsec-2.0.2/fs/exec.c 2004-12-24 15:47:07.208307624 -0500
-@@ -358,7 +358,7 @@
- {
- unsigned long stack_base;
- struct vm_area_struct *mpnt;
-- int i;
-+ int i, ret;
-
- #ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
- struct vm_area_struct *mpnt_m = NULL;
-@@ -387,7 +387,6 @@
-
- down_write(&current->mm->mmap_sem);
- {
-- struct vm_area_struct *vma;
- mpnt->vm_mm = current->mm;
- mpnt->vm_start = PAGE_MASK & (unsigned long) bprm->p;
- mpnt->vm_end = STACK_TOP;
-@@ -402,13 +401,11 @@
- mpnt->vm_pgoff = 0;
- mpnt->vm_file = NULL;
- mpnt->vm_private_data = (void *) 0;
-- vma = find_vma(current->mm, mpnt->vm_start);
-- if (vma) {
-- up_write(&current->mm->mmap_sem);
-+ if ((ret = insert_vm_struct(current->mm, mpnt))) {
-+ up_write(&current->mm->mmap_sem);
- kmem_cache_free(vm_area_cachep, mpnt);
-- return -ENOMEM;
-+ return ret;
- }
-- insert_vm_struct(current->mm, mpnt);
- current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
-
- #ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
diff --git a/sys-kernel/grsec-sources/files/CAN-2004-1335.patch b/sys-kernel/grsec-sources/files/CAN-2004-1335.patch
deleted file mode 100644
index ab7e90d3d78f..000000000000
--- a/sys-kernel/grsec-sources/files/CAN-2004-1335.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-# This is a BitKeeper generated diff -Nru style patch.
-#
-# ChangeSet
-# 2004/12/08 12:39:15-08:00 davem@nuts.davemloft.net
-# [IPV4]: Do not leak IP options.
-#
-# If the user makes ip_cmsg_send call ip_options_get
-# multiple times, we leak kmalloced IP options data.
-#
-# Noticed by Georgi Guninski.
-#
-# Signed-off-by: David S. Miller <davem@davemloft.net>
-#
-# net/ipv4/ip_options.c
-# 2004/12/08 12:38:09-08:00 davem@nuts.davemloft.net +2 -0
-# [IPV4]: Do not leak IP options.
-#
-diff -Nru a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
---- a/net/ipv4/ip_options.c 2005-01-31 08:43:48 -08:00
-+++ b/net/ipv4/ip_options.c 2005-01-31 08:43:48 -08:00
-@@ -515,6 +515,8 @@
- kfree(opt);
- return -EINVAL;
- }
-+ if (*optp)
-+ kfree(*optp);
- *optp = opt;
- return 0;
- }
diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.3 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.3
deleted file mode 100644
index 745a24117790..000000000000
--- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.3
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 e3b17d72fc976ddc9fa7de02d964db26 grsecurity-2.1.3-2.4.29-200503070900.patch 687300
-MD5 fcf8b6bb620467f27b657c1c4a60bbff linux-2.4.29.tar.bz2 31124710
-MD5 3fa09a0d8ea8def546b840bde027d61b linux-2.4.28-CAN-2004-0814.patch 145009
diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.4 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.4
deleted file mode 100644
index ade5217e1816..000000000000
--- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.29.2.1.4
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 4edf716f2bf9a127a3682ad72f6abe3d grsecurity-2.1.4-2.4.29-200503212012.patch.bz2 116852
-MD5 fcf8b6bb620467f27b657c1c4a60bbff linux-2.4.29.tar.bz2 31124710
-MD5 3fa09a0d8ea8def546b840bde027d61b linux-2.4.28-CAN-2004-0814.patch 145009
diff --git a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch b/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch
deleted file mode 100644
index 161806ce79d7..000000000000
--- a/sys-kernel/grsec-sources/files/gentoo-sources-2.4.CAN-2004-1137.patch
+++ /dev/null
@@ -1,59 +0,0 @@
---- linux-2.4.28-orig/net/ipv4/igmp.c 2004-08-08 01:26:06.000000000 +0200
-+++ linux-2.4.28/net/ipv4/igmp.c 2004-12-15 22:12:48.000000000 +0100
-@@ -1757,12 +1757,12 @@
- goto done;
- rv = !0;
- for (i=0; i<psl->sl_count; i++) {
-- rv = memcmp(&psl->sl_addr, &mreqs->imr_multiaddr,
-+ rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
- sizeof(__u32));
-- if (rv >= 0)
-+ if (rv == 0)
- break;
- }
-- if (!rv) /* source not found */
-+ if (rv) /* source not found */
- goto done;
-
- /* update the interface filter */
-@@ -1804,9 +1804,9 @@
- }
- rv = 1; /* > 0 for insert logic below if sl_count is 0 */
- for (i=0; i<psl->sl_count; i++) {
-- rv = memcmp(&psl->sl_addr, &mreqs->imr_multiaddr,
-+ rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
- sizeof(__u32));
-- if (rv >= 0)
-+ if (rv == 0)
- break;
- }
- if (rv == 0) /* address already there is an error */
---- linux-2.4.28-orig/net/ipv6/mcast.c 2004-11-17 12:54:22.000000000 +0100
-+++ linux-2.4.28/net/ipv6/mcast.c 2004-12-15 22:14:07.000000000 +0100
-@@ -386,12 +386,12 @@
- goto done;
- rv = !0;
- for (i=0; i<psl->sl_count; i++) {
-- rv = memcmp(&psl->sl_addr, group,
-+ rv = memcmp(&psl->sl_addr[i], source,
- sizeof(struct in6_addr));
-- if (rv >= 0)
-+ if (rv == 0)
- break;
- }
-- if (!rv) /* source not found */
-+ if (rv) /* source not found */
- goto done;
-
- /* update the interface filter */
-@@ -432,8 +432,8 @@
- }
- rv = 1; /* > 0 for insert logic below if sl_count is 0 */
- for (i=0; i<psl->sl_count; i++) {
-- rv = memcmp(&psl->sl_addr, group, sizeof(struct in6_addr));
-- if (rv >= 0)
-+ rv = memcmp(&psl->sl_addr[i], source, sizeof(struct in6_addr));
-+ if (rv == 0)
- break;
- }
- if (rv == 0) /* address already there is an error */
diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.3.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.3.ebuild
deleted file mode 100644
index 6336439d53a8..000000000000
--- a/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.3.ebuild
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.3.ebuild,v 1.3 2005/04/12 12:24:07 solar Exp $
-
-ETYPE="sources"
-UNIPATCH_STRICTORDER="yes"
-CKV=2.4.29
-MY_PV=2.1.3
-inherit kernel-2
-detect_version
-
-OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}"
-PATCH_BASE="${PV/${OKV}./}"
-PATCH_BASE="${PATCH_BASE/_/-}"
-EXTRAVERSION="-grsec-${PATCH_BASE}"
-PATCH_STAMP=200503070900
-KV_FULL="${OKV}${EXTRAVERSION}"
-PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch"
-DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch"
-SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch \
- http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 \
- http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.28-CAN-2004-0814.patch"
-
-HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net"
-KEYWORDS="x86 sparc ppc alpha amd64 -hppa"
-RESTRICT="buildpkg"
-IUSE=""
-RDEPEND=""
-UNIPATCH_STRICTORDER="yes"
-UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \
- ${FILESDIR}/CAN-2004-1056.patch \
- ${FILESDIR}/linux-2.4.28-random-poolsize.patch"
-
-
-# ${FILESDIR}/CAN-2004-1335.patch
-# ${FILESDIR}/2.4.29-CAN-2005-0001.patch
-# ${FILESDIR}/2.4.27-cmdline-race.patch
-# ${FILESDIR}/2.4.28-uselib4pax.patch
-# ${DISTDIR}/linux-2.4.28-CAN-2004-0814.patch
-# ${FILESDIR}/CAN-2004-1074.patch
-# ${FILESDIR}/CAN-2004-1016.patch
-# ${FILESDIR}/2.4.28-binfmt_a.out.patch
-# ${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch
-
-src_unpack() {
- kernel-2_src_unpack
-
- # users are often confused by what settings should be set.
- # so we provide an example of what a P4 desktop would look like.
- cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config
-}
diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.4.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.4.ebuild
deleted file mode 100644
index 51919842cc96..000000000000
--- a/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.4.ebuild
+++ /dev/null
@@ -1,52 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.29.2.1.4.ebuild,v 1.2 2005/04/12 12:24:07 solar Exp $
-
-ETYPE="sources"
-UNIPATCH_STRICTORDER="yes"
-CKV=2.4.29
-MY_PV=2.1.4
-inherit kernel-2
-detect_version
-
-OKV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH/.*/}"
-PATCH_BASE="${PV/${OKV}./}"
-PATCH_BASE="${PATCH_BASE/_/-}"
-EXTRAVERSION="-grsec-${PATCH_BASE}"
-PATCH_STAMP=200503212012
-KV_FULL="${OKV}${EXTRAVERSION}"
-PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}-${PATCH_STAMP}.patch.bz2"
-DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch"
-SRC_URI="http://grsecurity.net/${PATCH_SRC_BASE} \
- http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2 \
- http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.28-CAN-2004-0814.patch"
-#SRC_URI="http://grsecurity.net/~spender/${PATCH_SRC_BASE} ${SRC_URI}"
-
-HOMEPAGE="http://www.kernel.org/ http://www.grsecurity.net"
-KEYWORDS="~x86 ~sparc ~ppc ~alpha ~amd64 -hppa"
-RESTRICT="buildpkg"
-IUSE=""
-RDEPEND=""
-UNIPATCH_STRICTORDER="yes"
-UNIPATCH_LIST="${DISTDIR}/${PATCH_SRC_BASE} \
- ${FILESDIR}/CAN-2004-1056.patch \
- ${FILESDIR}/linux-2.4.28-random-poolsize.patch"
-
-
-# ${FILESDIR}/CAN-2004-1335.patch
-# ${FILESDIR}/2.4.29-CAN-2005-0001.patch
-# ${FILESDIR}/2.4.27-cmdline-race.patch
-# ${FILESDIR}/2.4.28-uselib4pax.patch
-# ${DISTDIR}/linux-2.4.28-CAN-2004-0814.patch
-# ${FILESDIR}/CAN-2004-1074.patch
-# ${FILESDIR}/CAN-2004-1016.patch
-# ${FILESDIR}/2.4.28-binfmt_a.out.patch
-# ${FILESDIR}/gentoo-sources-2.4.CAN-2004-1137.patch
-
-src_unpack() {
- kernel-2_src_unpack
-
- # users are often confused by what settings should be set.
- # so we provide an example of what a P4 desktop would look like.
- cp ${FILESDIR}/2.4.24-x86.config gentoo-grsec-custom-example-2.4.2x-x86.config
-}