/[linux-patches]/hardened/2.6/trunk/2.6.14/4907_grsec-2.1.8-killall-workaround.patch
Gentoo

Contents of /hardened/2.6/trunk/2.6.14/4907_grsec-2.1.8-killall-workaround.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 309 - (show annotations) (download)
Wed Feb 8 17:47:23 2006 UTC (8 years, 6 months ago) by johnm
File size: 1643 byte(s)
4906 fixes bug #121250 - _MODSTOP locking down other tunables. 4907 fixes bug #99413 - _PROC_MEMMAP RAND_FLAGS bug
1 This patch should fix gentoo bug #99413. This problem is also described at
2 http://grsecurity.net/pipermail/grsecurity/2006-February/000702.html. Below
3 is an excerpt from spender's post on the thread:
4
5 On Sun, Feb 05, 2006 at 10:11:01PM -0500, Mike Frysinger wrote:
6 > On Sunday 05 February 2006 20:37, General Stone wrote:
7 > > The killall5(8) command don't work properly. I don't know why and there
8 > > isn't any output in kernel logs.
9 > >
10 > > As example:
11 > > The wdm starts a xconsole with uid/gid 0/0.
12 > > When I make 'killall5 -15' or 'killall5 -9' the xconsole won't be killed
13 > > :-/.
14 > >
15 > > Without grsec it works. Any idea?
16 >
17 > some Gentoo users have mentioned similar issues ...
18
19 Can you try one of the patches in http://grsecurity.net/~spender ?
20 After looking at the killall5 source, I believe I've resolved the bug
21 (which seems to be due to killall5 being an awful hack of an
22 application).
23
24 --- linux-2.6.14-grsec-2.1.8-2.6.14.6-200601211647/fs/proc/array.c 2006-02-05 23:18:05.000000000 -0500
25 +++ linux-2.6.14-grsec-2.1.8-2.6.14.7-200602052251/fs/proc/array.c 2006-02-05 23:18:35.000000000 -0500
26 @@ -480,8 +480,8 @@ static int do_task_stat(struct task_stru
27 mm ? get_mm_counter(mm, rss) : 0, /* you might want to shift this left 3 */
28 rsslim,
29 #ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
30 - PAX_RAND_FLAGS(mm) ? 0 : (mm ? mm->start_code : 0),
31 - PAX_RAND_FLAGS(mm) ? 0 : (mm ? mm->end_code : 0),
32 + PAX_RAND_FLAGS(mm) ? 1 : (mm ? mm->start_code : 0),
33 + PAX_RAND_FLAGS(mm) ? 1 : (mm ? mm->end_code : 0),
34 PAX_RAND_FLAGS(mm) ? 0 : (mm ? mm->start_stack : 0),
35 #else
36 mm ? mm->start_code : 0,

  ViewVC Help
Powered by ViewVC 1.1.20