diff -NurpP linux-2.6.36.2-g-v-orig/fs/fs_struct.c linux-2.6.36.2-g-v/fs/fs_struct.c --- linux-2.6.36.2-g-v-orig/fs/fs_struct.c 2010-12-27 23:24:19.103102785 +0100 +++ linux-2.6.36.2-g-v/fs/fs_struct.c 2010-12-26 20:48:34.732627732 +0100 @@ -5,6 +5,7 @@ #include #include #include +#include /* * Replace the fs->{rootmnt,root} with {mnt,dentry}. Put the old values. diff -NurpP linux-2.6.36.2-g-v-orig/fs/namespace.c linux-2.6.36.2-g-v/fs/namespace.c --- linux-2.6.36.2-g-v-orig/fs/namespace.c 2010-12-27 23:24:19.123105382 +0100 +++ linux-2.6.36.2-g-v/fs/namespace.c 2010-12-26 20:48:34.759488060 +0100 @@ -2126,6 +2126,8 @@ long do_mount(char *dev_name, char *dir_ if (flags & MS_RDONLY) mnt_flags |= MNT_READONLY; + if (!capable(CAP_SYS_ADMIN)) + mnt_flags |= MNT_NODEV; flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE | MS_BORN | MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | MS_STRICTATIME); @@ -2142,9 +2144,9 @@ long do_mount(char *dev_name, char *dir_ if (flags & MS_REMOUNT) retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, - data_page); + data_page, tag); else if (flags & MS_BIND) - retval = do_loopback(&path, dev_name, flags & MS_REC); + retval = do_loopback(&path, dev_name, tag, flags, mnt_flags); else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE)) retval = do_change_type(&path, flags); else if (flags & MS_MOVE) diff -NurpP linux-2.6.36.2-g-v-orig/fs/open.c linux-2.6.36.2-g-v/fs/open.c --- linux-2.6.36.2-g-v-orig/fs/open.c 2010-12-27 23:24:19.146417485 +0100 +++ linux-2.6.36.2-g-v/fs/open.c 2010-12-27 22:14:50.042575176 +0100 @@ -618,14 +618,6 @@ SYSCALL_DEFINE3(chown, const char __user error = cow_check_and_break(&path); if (!error) #endif -#ifdef CONFIG_VSERVER_COWBL - error = cow_check_and_break(&path); - if (!error) -#endif -#ifdef CONFIG_VSERVER_COWBL - error = cow_check_and_break(&path); - if (!error) -#endif error = chown_common(&path, user, group); mnt_drop_write(path.mnt); out_release: @@ -651,6 +643,10 @@ SYSCALL_DEFINE5(fchownat, int, dfd, cons error = mnt_want_write(path.mnt); if (error) goto out_release; +#ifdef CONFIG_VSERVER_COWBL + error = cow_check_and_break(&path); + if (!error) +#endif error = chown_common(&path, user, group); mnt_drop_write(path.mnt); out_release: @@ -670,6 +666,10 @@ SYSCALL_DEFINE3(lchown, const char __use error = mnt_want_write(path.mnt); if (error) goto out_release; +#ifdef CONFIG_VSERVER_COWBL + error = cow_check_and_break(&path); + if (!error) +#endif error = chown_common(&path, user, group); mnt_drop_write(path.mnt); out_release: diff -NurpP linux-2.6.36.2-g-v-orig/fs/proc/base.c linux-2.6.36.2-g-v/fs/proc/base.c --- linux-2.6.36.2-g-v-orig/fs/proc/base.c 2010-12-27 23:24:19.149775167 +0100 +++ linux-2.6.36.2-g-v/fs/proc/base.c 2010-12-26 20:48:34.849488381 +0100 @@ -3101,7 +3101,7 @@ static int proc_pid_fill_cache(struct fi int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) { unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY; - struct task_struct *reaper = get_proc_task(filp->f_path.dentry->d_inode); + struct task_struct *reaper = get_proc_task_real(filp->f_path.dentry->d_inode); #if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) const struct cred *tmpcred = current_cred(); const struct cred *itercred; @@ -3145,6 +3145,8 @@ int proc_pid_readdir(struct file * filp, rcu_read_unlock(); #endif filp->f_pos = iter.tgid + TGID_OFFSET; + if (!vx_proc_task_visible(iter.task)) + continue; if (proc_pid_fill_cache(filp, dirent, __filldir, iter) < 0) { put_task_struct(iter.task); goto out; diff -NurpP linux-2.6.36.2-g-v-orig/fs/proc/internal.h linux-2.6.36.2-g-v/fs/proc/internal.h --- linux-2.6.36.2-g-v-orig/fs/proc/internal.h 2010-12-27 23:24:19.149775167 +0100 +++ linux-2.6.36.2-g-v/fs/proc/internal.h 2010-12-26 20:48:34.852821358 +0100 @@ -52,6 +52,8 @@ extern int proc_pid_status(struct seq_fi struct pid *pid, struct task_struct *task); extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task); +extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns, + struct pid *pid, struct task_struct *task); #ifdef CONFIG_GRKERNSEC_PROC_IPADDR extern int proc_pid_ipaddr(struct task_struct *task, char *buffer); #endif diff -NurpP linux-2.6.36.2-g-v-orig/grsecurity/Kconfig linux-2.6.36.2-g-v/grsecurity/Kconfig --- linux-2.6.36.2-g-v-orig/grsecurity/Kconfig 2010-12-27 23:24:08.836441250 +0100 +++ linux-2.6.36.2-g-v/grsecurity/Kconfig 2010-12-26 20:48:35.586006866 +0100 @@ -65,9 +65,7 @@ config GRKERNSEC_MEDIUM select GRKERNSEC_SIGNAL select GRKERNSEC_CHROOT select GRKERNSEC_CHROOT_UNIX - select GRKERNSEC_CHROOT_MOUNT select GRKERNSEC_CHROOT_PIVOT - select GRKERNSEC_CHROOT_DOUBLE select GRKERNSEC_CHROOT_CHDIR select GRKERNSEC_CHROOT_MKNOD select GRKERNSEC_PROC @@ -115,15 +113,11 @@ config GRKERNSEC_HIGH select GRKERNSEC_CHROOT select GRKERNSEC_CHROOT_SHMAT select GRKERNSEC_CHROOT_UNIX - select GRKERNSEC_CHROOT_MOUNT select GRKERNSEC_CHROOT_FCHDIR select GRKERNSEC_CHROOT_PIVOT - select GRKERNSEC_CHROOT_DOUBLE select GRKERNSEC_CHROOT_CHDIR select GRKERNSEC_CHROOT_MKNOD - select GRKERNSEC_CHROOT_CAPS select GRKERNSEC_CHROOT_SYSCTL - select GRKERNSEC_CHROOT_FINDTASK select GRKERNSEC_PROC select GRKERNSEC_PROC_MEMMAP if (PAX_NOEXEC || PAX_ASLR) select GRKERNSEC_HIDESYM @@ -133,7 +127,6 @@ config GRKERNSEC_HIGH select GRKERNSEC_RESLOG select GRKERNSEC_RANDNET select GRKERNSEC_PROC_ADD - select GRKERNSEC_CHROOT_CHMOD select GRKERNSEC_CHROOT_NICE select GRKERNSEC_AUDIT_MOUNT select GRKERNSEC_MODHARDEN if (MODULES) @@ -457,7 +450,7 @@ config GRKERNSEC_CHROOT config GRKERNSEC_CHROOT_MOUNT bool "Deny mounts" - depends on GRKERNSEC_CHROOT + depends on GRKERNSEC_CHROOT && !VSERVER help If you say Y here, processes inside a chroot will not be able to mount or remount filesystems. If the sysctl option is enabled, a @@ -465,7 +458,7 @@ config GRKERNSEC_CHROOT_MOUNT config GRKERNSEC_CHROOT_DOUBLE bool "Deny double-chroots" - depends on GRKERNSEC_CHROOT + depends on GRKERNSEC_CHROOT && !VSERVER help If you say Y here, processes inside a chroot will not be able to chroot again outside the chroot. This is a widely used method of breaking @@ -503,7 +496,7 @@ config GRKERNSEC_CHROOT_CHDIR config GRKERNSEC_CHROOT_CHMOD bool "Deny (f)chmod +s" - depends on GRKERNSEC_CHROOT + depends on GRKERNSEC_CHROOT && !VSERVER help If you say Y here, processes inside a chroot will not be able to chmod or fchmod files to make them have suid or sgid bits. This protects @@ -555,7 +548,7 @@ config GRKERNSEC_CHROOT_UNIX config GRKERNSEC_CHROOT_FINDTASK bool "Protect outside processes" - depends on GRKERNSEC_CHROOT + depends on GRKERNSEC_CHROOT && !VSERVER help If you say Y here, processes inside a chroot will not be able to kill, send signals with fcntl, ptrace, capget, getpgid, setpgid, @@ -586,7 +579,7 @@ config GRKERNSEC_CHROOT_SYSCTL config GRKERNSEC_CHROOT_CAPS bool "Capability restrictions" - depends on GRKERNSEC_CHROOT + depends on GRKERNSEC_CHROOT && !VSERVER help If you say Y here, the capabilities on all root processes within a chroot jail will be lowered to stop module insertion, raw i/o, diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vserver/cacct_def.h linux-2.6.36.2-g-v/include/linux/vserver/cacct_def.h --- linux-2.6.36.2-g-v-orig/include/linux/vserver/cacct_def.h 2010-12-27 23:24:19.209770073 +0100 +++ linux-2.6.36.2-g-v/include/linux/vserver/cacct_def.h 2010-12-26 20:48:35.669345611 +0100 @@ -6,16 +6,16 @@ struct _vx_sock_acc { - atomic_long_t count; - atomic_long_t total; + atomic_long_unchecked_t count; + atomic_long_unchecked_t total; }; /* context sub struct */ struct _vx_cacct { struct _vx_sock_acc sock[VXA_SOCK_SIZE][3]; - atomic_t slab[8]; - atomic_t page[6][8]; + atomic_unchecked_t slab[8]; + atomic_unchecked_t page[6][8]; }; #ifdef CONFIG_VSERVER_DEBUG @@ -31,8 +31,8 @@ static inline void __dump_vx_cacct(struc printk("\t [%d] =", i); for (j = 0; j < 3; j++) { printk(" [%d] = %8lu, %8lu", j, - atomic_long_read(&ptr[j].count), - atomic_long_read(&ptr[j].total)); + atomic_long_read_unchecked(&ptr[j].count), + atomic_long_read_unchecked(&ptr[j].total)); } printk("\n"); } diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vserver/cacct_int.h linux-2.6.36.2-g-v/include/linux/vserver/cacct_int.h --- linux-2.6.36.2-g-v-orig/include/linux/vserver/cacct_int.h 2010-12-27 23:24:19.213112258 +0100 +++ linux-2.6.36.2-g-v/include/linux/vserver/cacct_int.h 2010-12-26 20:48:35.669345611 +0100 @@ -7,14 +7,14 @@ static inline unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos) { - return atomic_long_read(&cacct->sock[type][pos].count); + return atomic_long_read_unchecked(&cacct->sock[type][pos].count); } static inline unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos) { - return atomic_long_read(&cacct->sock[type][pos].total); + return atomic_long_read_unchecked(&cacct->sock[type][pos].total); } #endif /* __KERNEL__ */ diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vserver/cvirt_def.h linux-2.6.36.2-g-v/include/linux/vserver/cvirt_def.h --- linux-2.6.36.2-g-v-orig/include/linux/vserver/cvirt_def.h 2010-12-27 23:24:19.213112258 +0100 +++ linux-2.6.36.2-g-v/include/linux/vserver/cvirt_def.h 2010-12-26 20:48:35.672683897 +0100 @@ -47,11 +47,11 @@ struct _vx_cvirt { uint64_t bias_clock; /* offset in clock_t */ spinlock_t load_lock; /* lock for the load averages */ - atomic_t load_updates; /* nr of load updates done so far */ + atomic_unchecked_t load_updates; /* nr of load updates done so far */ uint32_t load_last; /* last time load was calculated */ uint32_t load[3]; /* load averages 1,5,15 */ - atomic_t total_forks; /* number of forks so far */ + atomic_unchecked_t total_forks; /* number of forks so far */ struct _vx_syslog syslog; }; @@ -72,7 +72,7 @@ static inline void __dump_vx_cvirt(struc atomic_read(&cvirt->nr_uninterruptible), atomic_read(&cvirt->nr_onhold)); /* add rest here */ - printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks)); + printk("\t total_forks = %d\n", atomic_read_unchecked(&cvirt->total_forks)); } #endif diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vserver/limit_def.h linux-2.6.36.2-g-v/include/linux/vserver/limit_def.h --- linux-2.6.36.2-g-v-orig/include/linux/vserver/limit_def.h 2010-12-27 23:24:19.219770879 +0100 +++ linux-2.6.36.2-g-v/include/linux/vserver/limit_def.h 2010-12-26 20:48:35.679345512 +0100 @@ -15,7 +15,7 @@ struct _vx_res_limit { rlim_t rmin; /* Context minimum */ rlim_t rmax; /* Context maximum */ - atomic_t lhit; /* Limit hits */ + atomic_unchecked_t lhit; /* Limit hits */ }; /* context sub struct */ @@ -38,7 +38,7 @@ static inline void __dump_vx_limit(struc (unsigned long)__rlim_rmax(limit, i), (long)__rlim_soft(limit, i), (long)__rlim_hard(limit, i), - atomic_read(&__rlim_lhit(limit, i))); + atomic_read_unchecked(&__rlim_lhit(limit, i))); } } diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vserver/limit.h linux-2.6.36.2-g-v/include/linux/vserver/limit.h --- linux-2.6.36.2-g-v-orig/include/linux/vserver/limit.h 2010-12-27 23:24:19.219770879 +0100 +++ linux-2.6.36.2-g-v/include/linux/vserver/limit.h 2010-12-26 20:48:35.679345512 +0100 @@ -36,7 +36,7 @@ #define __rlim_rmax(l, r) __rlim_val(l, r, rmax) #define __rlim_lhit(l, r) __rlim_val(l, r, lhit) -#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r)) +#define __rlim_hit(l, r) atomic_inc_unchecked(&__rlim_lhit(l, r)) typedef atomic_long_t rlim_atomic_t; typedef unsigned long rlim_t; diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vs_memory.h linux-2.6.36.2-g-v/include/linux/vs_memory.h --- linux-2.6.36.2-g-v-orig/include/linux/vs_memory.h 2010-12-27 23:24:19.229774196 +0100 +++ linux-2.6.36.2-g-v/include/linux/vs_memory.h 2010-12-26 20:48:35.692677941 +0100 @@ -44,7 +44,7 @@ void __vx_page_fault(struct mm_struct *m */ if (ret & VM_FAULT_WRITE) what |= 0x4; - atomic_inc(&vxi->cacct.page[type][what]); + atomic_inc_unchecked(&vxi->cacct.page[type][what]); } #define vx_page_fault(mm, vma, type, ret) __vx_page_fault(mm, vma, type, ret) diff -NurpP linux-2.6.36.2-g-v-orig/include/linux/vs_socket.h linux-2.6.36.2-g-v/include/linux/vs_socket.h --- linux-2.6.36.2-g-v-orig/include/linux/vs_socket.h 2010-12-27 23:24:19.233110332 +0100 +++ linux-2.6.36.2-g-v/include/linux/vs_socket.h 2010-12-26 20:48:35.692677941 +0100 @@ -39,8 +39,8 @@ static inline void __vx_acc_sock(struct if (vxi) { int type = vx_sock_type(family); - atomic_long_inc(&vxi->cacct.sock[type][pos].count); - atomic_long_add(size, &vxi->cacct.sock[type][pos].total); + atomic_long_inc_unchecked(&vxi->cacct.sock[type][pos].count); + atomic_long_add_unchecked(size, &vxi->cacct.sock[type][pos].total); } } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/capability.c linux-2.6.36.2-g-v/kernel/capability.c --- linux-2.6.36.2-g-v-orig/kernel/capability.c 2010-12-27 23:24:19.259774330 +0100 +++ linux-2.6.36.2-g-v/kernel/capability.c 2010-12-26 20:48:35.789338828 +0100 @@ -325,6 +325,14 @@ int capable(int cap) int capable_nolog(int cap) { + /* here for now so we don't require task locking */ + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap)) + return 0; + if (unlikely(!cap_valid(cap))) { + printk(KERN_CRIT "capable() called with invalid cap=%u\n", cap); + BUG(); + } + if (security_capable(cap) == 0 && gr_is_capable_nolog(cap)) { current->flags |= PF_SUPERPRIV; return 1; diff -NurpP linux-2.6.36.2-g-v-orig/kernel/fork.c linux-2.6.36.2-g-v/kernel/fork.c --- linux-2.6.36.2-g-v-orig/kernel/fork.c 2010-12-27 23:24:19.283097547 +0100 +++ linux-2.6.36.2-g-v/kernel/fork.c 2010-12-26 20:48:35.799325434 +0100 @@ -1069,7 +1069,12 @@ static struct task_struct *copy_process( DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled); DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); #endif + init_vx_info(&p->vx_info, current_vx_info()); + init_nx_info(&p->nx_info, current_nx_info()); + retval = -EAGAIN; + if (!vx_nproc_avail(1)) + goto bad_fork_free; gr_learn_resource(p, RLIMIT_NPROC, atomic_read(&p->real_cred->user->processes), 0); @@ -1345,7 +1350,7 @@ static struct task_struct *copy_process( if (vxi) { claim_vx_info(vxi, p); atomic_inc(&vxi->cvirt.nr_threads); - atomic_inc(&vxi->cvirt.total_forks); + atomic_inc_unchecked(&vxi->cvirt.total_forks); vx_nproc_inc(p); } nxi = p->nx_info; diff -NurpP linux-2.6.36.2-g-v-orig/kernel/pid.c linux-2.6.36.2-g-v/kernel/pid.c --- linux-2.6.36.2-g-v-orig/kernel/pid.c 2010-12-27 23:24:19.286436009 +0100 +++ linux-2.6.36.2-g-v/kernel/pid.c 2010-12-26 20:48:35.816013480 +0100 @@ -422,8 +422,8 @@ EXPORT_SYMBOL(pid_task); struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns) { struct task_struct *task; - - task = pid_task(find_pid_ns(nr, ns), PIDTYPE_PID); + + task = pid_task(find_pid_ns(vx_rmap_pid(nr), ns), PIDTYPE_PID); if (gr_pid_is_chrooted(task)) return NULL; diff -NurpP linux-2.6.36.2-g-v-orig/kernel/printk.c linux-2.6.36.2-g-v/kernel/printk.c --- linux-2.6.36.2-g-v-orig/kernel/printk.c 2010-12-27 23:24:19.289772270 +0100 +++ linux-2.6.36.2-g-v/kernel/printk.c 2010-12-26 20:48:35.819344966 +0100 @@ -267,7 +267,7 @@ int do_syslog(int type, char __user *buf unsigned i, j, limit, count; int do_clear = 0; char c; - int error = 0; + int error; #ifdef CONFIG_GRKERNSEC_DMESG if (grsec_enable_dmesg && !capable(CAP_SYS_ADMIN)) @@ -278,12 +278,9 @@ int do_syslog(int type, char __user *buf if (error) return error; - switch (type) { - case SYSLOG_ACTION_CLOSE: /* Close log */ - break; - case SYSLOG_ACTION_OPEN: /* Open log */ - break; - case SYSLOG_ACTION_READ: /* Read from log */ + if ((type == SYSLOG_ACTION_READ) || + (type == SYSLOG_ACTION_READ_ALL) || + (type == SYSLOG_ACTION_READ_CLEAR)) { error = -EINVAL; if (!buf || len < 0) goto out; diff -NurpP linux-2.6.36.2-g-v-orig/kernel/ptrace.c linux-2.6.36.2-g-v/kernel/ptrace.c --- linux-2.6.36.2-g-v-orig/kernel/ptrace.c 2010-12-27 23:24:19.289772270 +0100 +++ linux-2.6.36.2-g-v/kernel/ptrace.c 2010-12-26 20:48:35.822698397 +0100 @@ -717,7 +717,8 @@ SYSCALL_DEFINE4(ptrace, long, request, l if (gr_handle_ptrace(child, request)) { ret = -EPERM; - goto out_put_task_struct; + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) + goto out_put_task_struct; } if (request == PTRACE_ATTACH) { @@ -862,10 +863,6 @@ asmlinkage long compat_sys_ptrace(compat goto out; } - ret = -EPERM; - if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) - goto out_put_task_struct; - if (request == PTRACE_ATTACH) { ret = ptrace_attach(child); /* diff -NurpP linux-2.6.36.2-g-v-orig/kernel/sched.c linux-2.6.36.2-g-v/kernel/sched.c --- linux-2.6.36.2-g-v-orig/kernel/sched.c 2010-12-27 23:24:19.296441144 +0100 +++ linux-2.6.36.2-g-v/kernel/sched.c 2010-12-26 20:49:42.450162784 +0100 @@ -4488,7 +4488,7 @@ SYSCALL_DEFINE1(nice, int, increment) if (increment < 0 && (!can_nice(current, nice) || gr_handle_chroot_nice())) - return -EPERM; + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM; retval = security_task_setnice(current, nice); if (retval) diff -NurpP linux-2.6.36.2-g-v-orig/kernel/signal.c linux-2.6.36.2-g-v/kernel/signal.c --- linux-2.6.36.2-g-v-orig/kernel/signal.c 2010-12-27 23:24:19.299774734 +0100 +++ linux-2.6.36.2-g-v/kernel/signal.c 2010-12-26 20:48:35.832679498 +0100 @@ -692,9 +692,6 @@ static int check_kill_permission(int sig } } - if (gr_handle_signal(t, sig)) - return -EPERM; - error = -EPERM; if (t->pid == 1 && current->xid) return error; @@ -709,6 +706,10 @@ static int check_kill_permission(int sig return error; } /* skip: */ + + if (gr_handle_signal(t, sig)) + return -EPERM; + return security_task_kill(t, info, sig, 0); } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/time.c linux-2.6.36.2-g-v/kernel/time.c --- linux-2.6.36.2-g-v-orig/kernel/time.c 2010-12-27 23:24:19.309774708 +0100 +++ linux-2.6.36.2-g-v/kernel/time.c 2010-12-26 20:48:35.846014138 +0100 @@ -92,7 +92,7 @@ SYSCALL_DEFINE1(stime, time_t __user *, if (err) return err; - do_settimeofday(&tv); + vx_settimeofday(&tv); gr_log_timechange(); diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/cacct_init.h linux-2.6.36.2-g-v/kernel/vserver/cacct_init.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/cacct_init.h 2010-12-27 23:24:19.309774708 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/cacct_init.h 2010-12-26 20:48:35.856015588 +0100 @@ -7,15 +7,15 @@ static inline void vx_info_init_cacct(st for (i = 0; i < VXA_SOCK_SIZE; i++) { for (j = 0; j < 3; j++) { - atomic_long_set(&cacct->sock[i][j].count, 0); - atomic_long_set(&cacct->sock[i][j].total, 0); + atomic_long_set_unchecked(&cacct->sock[i][j].count, 0); + atomic_long_set_unchecked(&cacct->sock[i][j].total, 0); } } for (i = 0; i < 8; i++) - atomic_set(&cacct->slab[i], 0); + atomic_set_unchecked(&cacct->slab[i], 0); for (i = 0; i < 5; i++) for (j = 0; j < 4; j++) - atomic_set(&cacct->page[i][j], 0); + atomic_set_unchecked(&cacct->page[i][j], 0); } static inline void vx_info_exit_cacct(struct _vx_cacct *cacct) diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/cacct_proc.h linux-2.6.36.2-g-v/kernel/vserver/cacct_proc.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/cacct_proc.h 2010-12-27 23:24:19.313109268 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/cacct_proc.h 2010-12-26 20:48:35.856015588 +0100 @@ -29,23 +29,23 @@ static inline int vx_info_proc_cacct(str length += sprintf(buffer + length, "\n"); length += sprintf(buffer + length, "slab:\t %8u %8u %8u %8u\n", - atomic_read(&cacct->slab[1]), - atomic_read(&cacct->slab[4]), - atomic_read(&cacct->slab[0]), - atomic_read(&cacct->slab[2])); + atomic_read_unchecked(&cacct->slab[1]), + atomic_read_unchecked(&cacct->slab[4]), + atomic_read_unchecked(&cacct->slab[0]), + atomic_read_unchecked(&cacct->slab[2])); length += sprintf(buffer + length, "\n"); for (i = 0; i < 5; i++) { length += sprintf(buffer + length, "page[%d]: %8u %8u %8u %8u\t %8u %8u %8u %8u\n", i, - atomic_read(&cacct->page[i][0]), - atomic_read(&cacct->page[i][1]), - atomic_read(&cacct->page[i][2]), - atomic_read(&cacct->page[i][3]), - atomic_read(&cacct->page[i][4]), - atomic_read(&cacct->page[i][5]), - atomic_read(&cacct->page[i][6]), - atomic_read(&cacct->page[i][7])); + atomic_read_unchecked(&cacct->page[i][0]), + atomic_read_unchecked(&cacct->page[i][1]), + atomic_read_unchecked(&cacct->page[i][2]), + atomic_read_unchecked(&cacct->page[i][3]), + atomic_read_unchecked(&cacct->page[i][4]), + atomic_read_unchecked(&cacct->page[i][5]), + atomic_read_unchecked(&cacct->page[i][6]), + atomic_read_unchecked(&cacct->page[i][7])); } return length; } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/context.c linux-2.6.36.2-g-v/kernel/vserver/context.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/context.c 2010-12-27 23:24:19.313109268 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/context.c 2010-12-26 20:48:35.856015588 +0100 @@ -124,7 +124,7 @@ static struct vx_info *__alloc_vx_info(x // preconfig fs entries for (index = 0; index < VX_SPACES; index++) { spin_lock(&init_fs.lock); - init_fs.users++; + atomic_inc(&init_fs.users); spin_unlock(&init_fs.lock); new->vx_fs[index] = &init_fs; } @@ -204,7 +204,7 @@ static void __shutdown_vx_info(struct vx fs = xchg(&vxi->vx_fs[index], NULL); spin_lock(&fs->lock); - kill = !--fs->users; + kill = atomic_dec_and_test(&fs->users); spin_unlock(&fs->lock); if (kill) free_fs_struct(fs); diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt.c linux-2.6.36.2-g-v/kernel/vserver/cvirt.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt.c 2010-12-27 23:24:19.313109268 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/cvirt.c 2010-12-26 20:48:35.859347745 +0100 @@ -90,7 +90,7 @@ void vx_update_load(struct vx_info *vxi) vxi->cvirt.load_last = now; out: - atomic_inc(&vxi->cvirt.load_updates); + atomic_inc_unchecked(&vxi->cvirt.load_updates); spin_unlock_irqrestore(&vxi->cvirt.load_lock, flags); } @@ -248,7 +248,7 @@ int vc_virt_stat(struct vx_info *vxi, vo vc_data.nr_running = atomic_read(&cvirt->nr_running); vc_data.nr_uninterruptible = atomic_read(&cvirt->nr_uninterruptible); vc_data.nr_onhold = atomic_read(&cvirt->nr_onhold); - vc_data.nr_forks = atomic_read(&cvirt->total_forks); + vc_data.nr_forks = atomic_read_unchecked(&cvirt->total_forks); vc_data.load[0] = cvirt->load[0]; vc_data.load[1] = cvirt->load[1]; vc_data.load[2] = cvirt->load[2]; diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt_init.h linux-2.6.36.2-g-v/kernel/vserver/cvirt_init.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt_init.h 2010-12-27 23:24:19.313109268 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/cvirt_init.h 2010-12-26 20:48:35.859347745 +0100 @@ -22,11 +22,11 @@ static inline void vx_info_init_cvirt(st spin_lock_init(&cvirt->load_lock); cvirt->load_last = jiffies; - atomic_set(&cvirt->load_updates, 0); + atomic_set_unchecked(&cvirt->load_updates, 0); cvirt->load[0] = 0; cvirt->load[1] = 0; cvirt->load[2] = 0; - atomic_set(&cvirt->total_forks, 0); + atomic_set_unchecked(&cvirt->total_forks, 0); spin_lock_init(&cvirt->syslog.logbuf_lock); init_waitqueue_head(&cvirt->syslog.log_wait); diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt_proc.h linux-2.6.36.2-g-v/kernel/vserver/cvirt_proc.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/cvirt_proc.h 2010-12-27 23:24:19.313109268 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/cvirt_proc.h 2010-12-26 20:48:35.859347745 +0100 @@ -116,11 +116,11 @@ int vx_info_proc_cvirt(struct _vx_cvirt atomic_read(&cvirt->nr_running), atomic_read(&cvirt->nr_uninterruptible), atomic_read(&cvirt->nr_onhold), - atomic_read(&cvirt->load_updates), + atomic_read_unchecked(&cvirt->load_updates), LOAD_INT(a), LOAD_FRAC(a), LOAD_INT(b), LOAD_FRAC(b), LOAD_INT(c), LOAD_FRAC(c), - atomic_read(&cvirt->total_forks)); + atomic_read_unchecked(&cvirt->total_forks)); return length; } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/history.c linux-2.6.36.2-g-v/kernel/vserver/history.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/history.c 2010-12-27 23:24:19.316439011 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/history.c 2010-12-26 20:48:35.862675640 +0100 @@ -37,7 +37,7 @@ DEFINE_PER_CPU(struct _vx_history, vx_hi unsigned volatile int vxh_active = 1; -static atomic_t sequence = ATOMIC_INIT(0); +static atomic_unchecked_t sequence = ATOMIC_INIT(0); /* vxh_advance() @@ -54,7 +54,7 @@ struct _vx_hist_entry *vxh_advance(void index = vxh_active ? (hist->counter++ % VXH_SIZE) : VXH_SIZE; entry = &hist->entry[index]; - entry->seq = atomic_inc_return(&sequence); + entry->seq = atomic_inc_return_unchecked(&sequence); entry->loc = loc; return entry; } @@ -140,7 +140,7 @@ static void __vxh_dump_history(void) unsigned int i, cpu; printk("History:\tSEQ: %8x\tNR_CPUS: %d\n", - atomic_read(&sequence), NR_CPUS); + atomic_read_unchecked(&sequence), NR_CPUS); for (i = 0; i < VXH_SIZE; i++) { for_each_online_cpu(cpu) { diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/limit.c linux-2.6.36.2-g-v/kernel/vserver/limit.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/limit.c 2010-12-27 23:24:19.319770726 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/limit.c 2010-12-26 20:48:35.866021815 +0100 @@ -212,7 +212,7 @@ static inline void vx_reset_hits(struct int lim; for (lim = 0; lim < NUM_LIMITS; lim++) { - atomic_set(&__rlim_lhit(limit, lim), 0); + atomic_set_unchecked(&__rlim_lhit(limit, lim), 0); } } @@ -255,7 +255,7 @@ int vc_rlimit_stat(struct vx_info *vxi, return -EINVAL; vx_limit_fixup(limit, id); - vc_data.hits = atomic_read(&__rlim_lhit(limit, id)); + vc_data.hits = atomic_read_unchecked(&__rlim_lhit(limit, id)); vc_data.value = __rlim_get(limit, id); vc_data.minimum = __rlim_rmin(limit, id); vc_data.maximum = __rlim_rmax(limit, id); diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/limit_init.h linux-2.6.36.2-g-v/kernel/vserver/limit_init.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/limit_init.h 2010-12-27 23:24:19.319770726 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/limit_init.h 2010-12-26 20:48:35.866021815 +0100 @@ -8,7 +8,7 @@ static inline void vx_info_init_limit(st __rlim_soft(limit, lim) = RLIM_INFINITY; __rlim_hard(limit, lim) = RLIM_INFINITY; __rlim_set(limit, lim, 0); - atomic_set(&__rlim_lhit(limit, lim), 0); + atomic_set_unchecked(&__rlim_lhit(limit, lim), 0); __rlim_rmin(limit, lim) = 0; __rlim_rmax(limit, lim) = 0; } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/limit_proc.h linux-2.6.36.2-g-v/kernel/vserver/limit_proc.h --- linux-2.6.36.2-g-v-orig/kernel/vserver/limit_proc.h 2010-12-27 23:24:19.319770726 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/limit_proc.h 2010-12-26 20:48:35.866021815 +0100 @@ -14,7 +14,7 @@ (unsigned long)__rlim_rmax(limit, r), \ VX_VLIM(__rlim_soft(limit, r)), \ VX_VLIM(__rlim_hard(limit, r)), \ - atomic_read(&__rlim_lhit(limit, r)) + atomic_read_unchecked(&__rlim_lhit(limit, r)) static inline int vx_info_proc_limit(struct _vx_limit *limit, char *buffer) { diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/proc.c linux-2.6.36.2-g-v/kernel/vserver/proc.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/proc.c 2010-12-27 23:24:19.323104254 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/proc.c 2010-12-26 20:48:35.869346043 +0100 @@ -94,7 +94,7 @@ static int proc_virtual_status(char *buf atomic_read(&vs_global_pid_ns), atomic_read(&init_task.usage), atomic_read(&init_task.nsproxy->count), - init_task.fs->users); + atomic_read(&init_task.fs->users)); } diff -NurpP linux-2.6.36.2-g-v-orig/kernel/vserver/space.c linux-2.6.36.2-g-v/kernel/vserver/space.c --- linux-2.6.36.2-g-v-orig/kernel/vserver/space.c 2010-12-27 23:24:19.326434982 +0100 +++ linux-2.6.36.2-g-v/kernel/vserver/space.c 2010-12-26 20:48:35.872681828 +0100 @@ -222,7 +222,7 @@ int vx_enter_space(struct vx_info *vxi, if (mask & CLONE_FS) { spin_lock(&fs_cur->lock); current->fs = fs; - kill = !--fs_cur->users; + kill = atomic_dec_and_test(&fs_cur->users); spin_unlock(&fs_cur->lock); } @@ -293,7 +293,7 @@ int vx_set_space(struct vx_info *vxi, un if (mask & CLONE_FS) { spin_lock(&fs_vxi->lock); vxi->vx_fs[index] = fs; - kill = !--fs_vxi->users; + kill = atomic_dec_and_test(&fs_vxi->users); spin_unlock(&fs_vxi->lock); } diff -NurpP linux-2.6.36.2-g-v-orig/localversion-grsec linux-2.6.36.2-g-v/localversion-grsec --- linux-2.6.36.2-g-v-orig/localversion-grsec 2010-12-27 23:24:08.983105351 +0100 +++ linux-2.6.36.2-g-v/localversion-grsec 2010-12-26 20:48:35.882680456 +0100 @@ -1 +1 @@ --grsec +-grsec2.2.1 diff -NurpP linux-2.6.36.2-g-v-orig/localversion-vserver linux-2.6.36.2-g-v/localversion-vserver --- linux-2.6.36.2-g-v-orig/localversion-vserver 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.6.36.2-g-v/localversion-vserver 2010-12-26 20:48:35.882680456 +0100 @@ -0,0 +1 @@ +-vs2.3.0.36.38.2 diff -NurpP linux-2.6.36.2-g-v-orig/Makefile linux-2.6.36.2-g-v/Makefile --- linux-2.6.36.2-g-v-orig/Makefile 2010-12-27 23:24:19.326434982 +0100 +++ linux-2.6.36.2-g-v/Makefile 2010-12-26 20:48:35.886012742 +0100 @@ -1,7 +1,7 @@ VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 36 -EXTRAVERSION = .2-vs2.3.0.36.38.2 +EXTRAVERSION = .2 NAME = Flesh-Eating Bats with Fangs # *DOCUMENTATION* diff -NurpP linux-2.6.36.2-g-v-orig/mm/slab_vs.h linux-2.6.36.2-g-v/mm/slab_vs.h --- linux-2.6.36.2-g-v-orig/mm/slab_vs.h 2010-12-27 23:24:19.346440721 +0100 +++ linux-2.6.36.2-g-v/mm/slab_vs.h 2010-12-26 20:48:35.922681918 +0100 @@ -12,7 +12,7 @@ void vx_slab_alloc(struct kmem_cache *ca if (!vxi) return; - atomic_add(cachep->buffer_size, &vxi->cacct.slab[what]); + atomic_add_unchecked(cachep->buffer_size, &vxi->cacct.slab[what]); } static inline @@ -24,6 +24,6 @@ void vx_slab_free(struct kmem_cache *cac if (!vxi) return; - atomic_sub(cachep->buffer_size, &vxi->cacct.slab[what]); + atomic_sub_unchecked(cachep->buffer_size, &vxi->cacct.slab[what]); } diff -NurpP linux-2.6.36.2-g-v-orig/net/ipv6/udp.c linux-2.6.36.2-g-v/net/ipv6/udp.c --- linux-2.6.36.2-g-v-orig/net/ipv6/udp.c 2010-12-27 23:24:19.379769801 +0100 +++ linux-2.6.36.2-g-v/net/ipv6/udp.c 2010-12-26 20:48:35.986010521 +0100 @@ -48,6 +48,7 @@ #include #include +#include #include "udp_impl.h" #ifdef CONFIG_GRKERNSEC_BLACKHOLE @@ -58,7 +59,7 @@ int ipv6_rcv_saddr_equal(const struct so { const struct in6_addr *sk_rcv_saddr6 = &inet6_sk(sk)->rcv_saddr; const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2); - __be32 sk1_rcv_saddr = inet_sk(sk)->inet_rcv_saddr; + __be32 sk_rcv_saddr = inet_sk(sk)->inet_rcv_saddr; __be32 sk2_rcv_saddr = inet_rcv_saddr(sk2); int sk_ipv6only = ipv6_only_sock(sk); int sk2_ipv6only = inet_v6_ipv6only(sk2); diff -NurpP linux-2.6.36.2-g-v-orig/patches linux-2.6.36.2-g-v/patches --- linux-2.6.36.2-g-v-orig/patches 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.6.36.2-g-v/patches 2010-12-27 23:22:50.833104534 +0100 @@ -0,0 +1,2 @@ +grsecurity-2.2.1-2.6.36.2-201012262105.patch +patch-2.6.36.2-vs2.3.0.36.38.2.diff diff -NurpP linux-2.6.36.2-g-v-orig/security/commoncap.c linux-2.6.36.2-g-v/security/commoncap.c --- linux-2.6.36.2-g-v-orig/security/commoncap.c 2010-12-27 23:24:19.389771412 +0100 +++ linux-2.6.36.2-g-v/security/commoncap.c 2010-12-26 20:48:36.059349178 +0100 @@ -28,6 +28,7 @@ #include #include #include +#include #include /* @@ -56,7 +57,7 @@ extern kernel_cap_t gr_cap_rtnetlink(str int cap_netlink_send(struct sock *sk, struct sk_buff *skb) { - NETLINK_CB(skb).eff_cap = gr_cap_rtnetlink(sk); + NETLINK_CB(skb).eff_cap = vx_mbcaps(gr_cap_rtnetlink(sk)); return 0; }