commit: 4402ed1c80aa3d3af5d1349c2eb7eaeaeec571a0
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Thu Oct 9 21:00:00 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Oct 9 21:00:00 2014 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=4402ed1c
Grsec/PaX: 3.0-{3.14.20,3.16.4}-201410081932
---
3.14.20/0000_README | 2 +-
...4420_grsecurity-3.0-3.14.20-201410081929.patch} | 34 +++++++++++++---------
3.16.4/0000_README | 2 +-
... 4420_grsecurity-3.0-3.16.4-201410081932.patch} | 34 +++++++++++++---------
4 files changed, 44 insertions(+), 28 deletions(-)
diff --git a/3.14.20/0000_README b/3.14.20/0000_README
index ed0f1e3..34185fb 100644
--- a/3.14.20/0000_README
+++ b/3.14.20/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.14.20-201410062037.patch
+Patch: 4420_grsecurity-3.0-3.14.20-201410081929.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.20/4420_grsecurity-3.0-3.14.20-201410062037.patch
b/3.14.20/4420_grsecurity-3.0-3.14.20-201410081929.patch
similarity index 99%
rename from 3.14.20/4420_grsecurity-3.0-3.14.20-201410062037.patch
rename to 3.14.20/4420_grsecurity-3.0-3.14.20-201410081929.patch
index 07a0783..23ff6ad 100644
--- a/3.14.20/4420_grsecurity-3.0-3.14.20-201410062037.patch
+++ b/3.14.20/4420_grsecurity-3.0-3.14.20-201410081929.patch
@@ -18024,10 +18024,10 @@ index ed5903b..c7fe163 100644
#define MODULES_END VMALLOC_END
#define MODULES_LEN (MODULES_VADDR - MODULES_END)
diff --git a/arch/x86/include/asm/pgtable_64.h
b/arch/x86/include/asm/pgtable_64.h
-index d869931..82f2923 100644
+index d869931..aeba032 100644
--- a/arch/x86/include/asm/pgtable_64.h
+++ b/arch/x86/include/asm/pgtable_64.h
-@@ -16,11 +16,15 @@
+@@ -16,11 +16,16 @@
extern pud_t level3_kernel_pgt[512];
extern pud_t level3_ident_pgt[512];
@@ -18041,11 +18041,12 @@ index d869931..82f2923 100644
+extern pmd_t level2_ident_pgt[512*2];
extern pte_t level1_fixmap_pgt[512];
-extern pgd_t init_level4_pgt[];
++extern pte_t level1_vsyscall_pgt[512];
+extern pgd_t init_level4_pgt[512];
#define swapper_pg_dir init_level4_pgt
-@@ -62,7 +66,9 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t
pte)
+@@ -62,7 +67,9 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t
pte)
static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)
{
@@ -18055,7 +18056,7 @@ index d869931..82f2923 100644
}
static inline void native_pmd_clear(pmd_t *pmd)
-@@ -98,7 +104,9 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
+@@ -98,7 +105,9 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
static inline void native_set_pud(pud_t *pudp, pud_t pud)
{
@@ -18065,7 +18066,7 @@ index d869931..82f2923 100644
}
static inline void native_pud_clear(pud_t *pud)
-@@ -108,6 +116,13 @@ static inline void native_pud_clear(pud_t *pud)
+@@ -108,6 +117,13 @@ static inline void native_pud_clear(pud_t *pud)
static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
{
@@ -35880,7 +35881,7 @@ index 201d09a..e4723e5 100644
#ifdef CONFIG_ACPI_NUMA
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
-index c83da6f..a5f0379 100644
+index c83da6f..9d019b4 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
@@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val)
@@ -35892,7 +35893,7 @@ index c83da6f..a5f0379 100644
{
if (val & _PAGE_PRESENT) {
unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT;
-@@ -1903,6 +1903,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
+@@ -1903,8 +1903,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
/* L3_k[510] -> level2_kernel_pgt
* L3_k[511] -> level2_fixmap_pgt */
convert_pfn_mfn(level3_kernel_pgt);
@@ -35901,8 +35902,11 @@ index c83da6f..a5f0379 100644
+ convert_pfn_mfn(level3_vmemmap_pgt);
/* L3_k[511][506] -> level1_fixmap_pgt */
++ /* L3_k[511][507] -> level1_vsyscall_pgt */
convert_pfn_mfn(level2_fixmap_pgt);
-@@ -1929,8 +1932,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
+ }
+ /* We get [511][511] and have Xen's version of level2_kernel_pgt */
+@@ -1929,11 +1933,16 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
@@ -35915,7 +35919,11 @@ index c83da6f..a5f0379 100644
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
set_page_prot(level1_fixmap_pgt, PAGE_KERNEL_RO);
-@@ -2120,6 +2127,7 @@ static void __init xen_post_allocator_init(void)
++ set_page_prot(level1_vsyscall_pgt, PAGE_KERNEL_RO);
+
+ /* Pin down new L4 */
+ pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE,
+@@ -2120,6 +2129,7 @@ static void __init xen_post_allocator_init(void)
pv_mmu_ops.set_pud = xen_set_pud;
#if PAGETABLE_LEVELS == 4
pv_mmu_ops.set_pgd = xen_set_pgd;
@@ -35923,7 +35931,7 @@ index c83da6f..a5f0379 100644
#endif
/* This will work as long as patching hasn't happened yet
-@@ -2198,6 +2206,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst =
{
+@@ -2198,6 +2208,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst =
{
.pud_val = PV_CALLEE_SAVE(xen_pud_val),
.make_pud = PV_CALLEE_SAVE(xen_make_pud),
.set_pgd = xen_set_pgd_hyper,
@@ -116098,7 +116106,7 @@ index 0000000..4378111
+}
diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data
b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
new file mode 100644
-index 0000000..e4b26fe
+index 0000000..d832fcc
--- /dev/null
+++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
@@ -0,0 +1,5991 @@
@@ -117447,7 +117455,7 @@ index 0000000..e4b26fe
+keys_proc_write_14792 keys_proc_write 3 14792 NULL
+ext4_kvmalloc_14796 ext4_kvmalloc 1 14796 NULL
+__kfifo_in_14797 __kfifo_in 3-0 14797 NULL nohasharray
-+ttm_page_pool_free_14797 ttm_page_pool_free 2 14797 &__kfifo_in_14797
++ttm_page_pool_free_14797 ttm_page_pool_free 2-0 14797 &__kfifo_in_14797
+hpet_readl_14801 hpet_readl 0 14801 NULL nohasharray
+snd_als300_gcr_read_14801 snd_als300_gcr_read 0 14801 &hpet_readl_14801
+security_inode_rename_14805 security_inode_rename 0 14805 NULL
@@ -117870,7 +117878,7 @@ index 0000000..e4b26fe
+kstrtoll_from_user_19500 kstrtoll_from_user 2 19500 NULL
+ext4_add_new_descs_19509 ext4_add_new_descs 3 19509 NULL
+batadv_tvlv_container_register_19520 batadv_tvlv_container_register 5 19520
NULL
-+ttm_dma_page_pool_free_19527 ttm_dma_page_pool_free 2 19527 NULL
++ttm_dma_page_pool_free_19527 ttm_dma_page_pool_free 2-0 19527 NULL
+apei_exec_pre_map_gars_19529 apei_exec_pre_map_gars 0 19529 NULL nohasharray
+cfc_write_array_to_buffer_19529 cfc_write_array_to_buffer 3 19529
&apei_exec_pre_map_gars_19529
+nfc_llcp_build_tlv_19536 nfc_llcp_build_tlv 3 19536 NULL
diff --git a/3.16.4/0000_README b/3.16.4/0000_README
index bf10499..1714bb8 100644
--- a/3.16.4/0000_README
+++ b/3.16.4/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.16.4-201410062041.patch
+Patch: 4420_grsecurity-3.0-3.16.4-201410081932.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.16.4/4420_grsecurity-3.0-3.16.4-201410062041.patch
b/3.16.4/4420_grsecurity-3.0-3.16.4-201410081932.patch
similarity index 99%
rename from 3.16.4/4420_grsecurity-3.0-3.16.4-201410062041.patch
rename to 3.16.4/4420_grsecurity-3.0-3.16.4-201410081932.patch
index 5883945..bc75cf6 100644
--- a/3.16.4/4420_grsecurity-3.0-3.16.4-201410062041.patch
+++ b/3.16.4/4420_grsecurity-3.0-3.16.4-201410081932.patch
@@ -18533,10 +18533,10 @@ index ed5903b..c7fe163 100644
#define MODULES_END VMALLOC_END
#define MODULES_LEN (MODULES_VADDR - MODULES_END)
diff --git a/arch/x86/include/asm/pgtable_64.h
b/arch/x86/include/asm/pgtable_64.h
-index 3874693..0c42843 100644
+index 3874693..d7906ac 100644
--- a/arch/x86/include/asm/pgtable_64.h
+++ b/arch/x86/include/asm/pgtable_64.h
-@@ -16,11 +16,15 @@
+@@ -16,11 +16,16 @@
extern pud_t level3_kernel_pgt[512];
extern pud_t level3_ident_pgt[512];
@@ -18550,11 +18550,12 @@ index 3874693..0c42843 100644
+extern pmd_t level2_ident_pgt[512*2];
extern pte_t level1_fixmap_pgt[512];
-extern pgd_t init_level4_pgt[];
++extern pte_t level1_vsyscall_pgt[512];
+extern pgd_t init_level4_pgt[512];
#define swapper_pg_dir init_level4_pgt
-@@ -62,7 +66,9 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t
pte)
+@@ -62,7 +67,9 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t
pte)
static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd)
{
@@ -18564,7 +18565,7 @@ index 3874693..0c42843 100644
}
static inline void native_pmd_clear(pmd_t *pmd)
-@@ -98,7 +104,9 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
+@@ -98,7 +105,9 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp)
static inline void native_set_pud(pud_t *pudp, pud_t pud)
{
@@ -18574,7 +18575,7 @@ index 3874693..0c42843 100644
}
static inline void native_pud_clear(pud_t *pud)
-@@ -108,6 +116,13 @@ static inline void native_pud_clear(pud_t *pud)
+@@ -108,6 +117,13 @@ static inline void native_pud_clear(pud_t *pud)
static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd)
{
@@ -37651,7 +37652,7 @@ index ffb101e..98c0ecf 100644
#ifdef CONFIG_ACPI_NUMA
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
-index 16fb009..e1fb520 100644
+index 16fb009..9f68b5d 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
@@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val)
@@ -37663,7 +37664,7 @@ index 16fb009..e1fb520 100644
{
if (val & _PAGE_PRESENT) {
unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT;
-@@ -1903,6 +1903,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
+@@ -1903,8 +1903,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
/* L3_k[510] -> level2_kernel_pgt
* L3_k[511] -> level2_fixmap_pgt */
convert_pfn_mfn(level3_kernel_pgt);
@@ -37672,8 +37673,11 @@ index 16fb009..e1fb520 100644
+ convert_pfn_mfn(level3_vmemmap_pgt);
/* L3_k[511][506] -> level1_fixmap_pgt */
++ /* L3_k[511][507] -> level1_vsyscall_pgt */
convert_pfn_mfn(level2_fixmap_pgt);
-@@ -1929,8 +1932,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
+ }
+ /* We get [511][511] and have Xen's version of level2_kernel_pgt */
+@@ -1929,11 +1933,16 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd,
unsigned long max_pfn)
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
@@ -37686,7 +37690,11 @@ index 16fb009..e1fb520 100644
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
set_page_prot(level1_fixmap_pgt, PAGE_KERNEL_RO);
-@@ -2117,6 +2124,7 @@ static void __init xen_post_allocator_init(void)
++ set_page_prot(level1_vsyscall_pgt, PAGE_KERNEL_RO);
+
+ /* Pin down new L4 */
+ pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE,
+@@ -2117,6 +2126,7 @@ static void __init xen_post_allocator_init(void)
pv_mmu_ops.set_pud = xen_set_pud;
#if PAGETABLE_LEVELS == 4
pv_mmu_ops.set_pgd = xen_set_pgd;
@@ -37694,7 +37702,7 @@ index 16fb009..e1fb520 100644
#endif
/* This will work as long as patching hasn't happened yet
-@@ -2195,6 +2203,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst =
{
+@@ -2195,6 +2205,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst =
{
.pud_val = PV_CALLEE_SAVE(xen_pud_val),
.make_pud = PV_CALLEE_SAVE(xen_make_pud),
.set_pgd = xen_set_pgd_hyper,
@@ -124415,7 +124423,7 @@ index 0000000..4378111
+}
diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data
b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
new file mode 100644
-index 0000000..3350a9f
+index 0000000..77b791f
--- /dev/null
+++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
@@ -0,0 +1,5718 @@
@@ -125707,7 +125715,7 @@ index 0000000..3350a9f
+keys_proc_write_14792 keys_proc_write 3 14792 NULL
+ext4_kvmalloc_14796 ext4_kvmalloc 1 14796 NULL
+__kfifo_in_14797 __kfifo_in 3-0 14797 NULL nohasharray
-+ttm_page_pool_free_14797 ttm_page_pool_free 2 14797 &__kfifo_in_14797
++ttm_page_pool_free_14797 ttm_page_pool_free 2-0 14797 &__kfifo_in_14797
+hpet_readl_14801 hpet_readl 0 14801 NULL nohasharray
+snd_als300_gcr_read_14801 snd_als300_gcr_read 0 14801 &hpet_readl_14801
+mrp_attr_create_14853 mrp_attr_create 3 14853 NULL
@@ -126108,7 +126116,7 @@ index 0000000..3350a9f
+kstrtoll_from_user_19500 kstrtoll_from_user 2 19500 NULL
+ext4_add_new_descs_19509 ext4_add_new_descs 3 19509 NULL
+batadv_tvlv_container_register_19520 batadv_tvlv_container_register 5 19520
NULL
-+ttm_dma_page_pool_free_19527 ttm_dma_page_pool_free 2 19527 NULL
++ttm_dma_page_pool_free_19527 ttm_dma_page_pool_free 2-0 19527 NULL
+nfc_llcp_build_tlv_19536 nfc_llcp_build_tlv 3 19536 NULL
+gfn_to_index_19558 gfn_to_index 0-1-3-2 19558 NULL
+ocfs2_control_message_19564 ocfs2_control_message 3 19564 NULL
