Author: hawk Date: Tue Nov 4 08:10:46 2008 GMT
Module: SOURCES Tag: Titanium
---- Log message:
-
http://www.grsecurity.net/~spender/grsecurity-2.1.12-2.6.27.4-200811011834.patch
with localversion killed
---- Files affected:
SOURCES:
linux-2.6-grsecurity.patch (1.1.2.26 -> 1.1.2.27)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsecurity.patch
diff -u SOURCES/linux-2.6-grsecurity.patch:1.1.2.26
SOURCES/linux-2.6-grsecurity.patch:1.1.2.27
--- SOURCES/linux-2.6-grsecurity.patch:1.1.2.26 Fri Oct 24 12:20:06 2008
+++ SOURCES/linux-2.6-grsecurity.patch Tue Nov 4 09:10:40 2008
@@ -1,6 +1,6 @@
-diff -urNp linux-2.6.26.6/arch/alpha/kernel/module.c
linux-2.6.26.6/arch/alpha/kernel/module.c
---- linux-2.6.26.6/arch/alpha/kernel/module.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/alpha/kernel/module.c 2008-10-11 21:54:18.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/alpha/kernel/module.c
linux-2.6.27.4/arch/alpha/kernel/module.c
+--- linux-2.6.27.4/arch/alpha/kernel/module.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/alpha/kernel/module.c 2008-10-27 22:36:16.000000000
-0400
@@ -182,7 +182,7 @@ apply_relocate_add(Elf64_Shdr *sechdrs,
/* The small sections were sorted to the end of the segment.
@@ -10,10 +10,10 @@
got = sechdrs[me->arch.gotsecindex].sh_addr;
for (i = 0; i < n; i++) {
-diff -urNp linux-2.6.26.6/arch/alpha/kernel/osf_sys.c
linux-2.6.26.6/arch/alpha/kernel/osf_sys.c
---- linux-2.6.26.6/arch/alpha/kernel/osf_sys.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/alpha/kernel/osf_sys.c 2008-10-11 21:54:18.000000000
-0400
-@@ -1227,6 +1227,10 @@ arch_get_unmapped_area(struct file *filp
+diff -urNp linux-2.6.27.4/arch/alpha/kernel/osf_sys.c
linux-2.6.27.4/arch/alpha/kernel/osf_sys.c
+--- linux-2.6.27.4/arch/alpha/kernel/osf_sys.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/alpha/kernel/osf_sys.c 2008-10-27 22:36:16.000000000
-0400
+@@ -1232,6 +1232,10 @@ arch_get_unmapped_area(struct file *filp
merely specific addresses, but regions of memory -- perhaps
this feature should be incorporated into all ports? */
@@ -24,7 +24,7 @@
if (addr) {
addr = arch_get_unmapped_area_1 (PAGE_ALIGN(addr), len, limit);
if (addr != (unsigned long) -ENOMEM)
-@@ -1234,8 +1238,8 @@ arch_get_unmapped_area(struct file *filp
+@@ -1239,8 +1243,8 @@ arch_get_unmapped_area(struct file *filp
}
/* Next, try allocating at TASK_UNMAPPED_BASE. */
@@ -35,9 +35,9 @@
if (addr != (unsigned long) -ENOMEM)
return addr;
-diff -urNp linux-2.6.26.6/arch/alpha/kernel/ptrace.c
linux-2.6.26.6/arch/alpha/kernel/ptrace.c
---- linux-2.6.26.6/arch/alpha/kernel/ptrace.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/alpha/kernel/ptrace.c 2008-10-11 21:54:18.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/alpha/kernel/ptrace.c
linux-2.6.27.4/arch/alpha/kernel/ptrace.c
+--- linux-2.6.27.4/arch/alpha/kernel/ptrace.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/alpha/kernel/ptrace.c 2008-10-25 12:03:06.000000000
-0400
@@ -15,6 +15,7 @@
#include <linux/slab.h>
#include <linux/security.h>
@@ -56,9 +56,9 @@
switch (request) {
/* When I and D space are separate, these will need to be fixed. */
case PTRACE_PEEKTEXT: /* read word at location addr. */
-diff -urNp linux-2.6.26.6/arch/alpha/mm/fault.c
linux-2.6.26.6/arch/alpha/mm/fault.c
---- linux-2.6.26.6/arch/alpha/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/alpha/mm/fault.c 2008-10-11 21:54:18.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/alpha/mm/fault.c
linux-2.6.27.4/arch/alpha/mm/fault.c
+--- linux-2.6.27.4/arch/alpha/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/alpha/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -54,6 +54,124 @@ __load_new_mm_context(struct mm_struct *
__reload_thread(pcb);
}
@@ -215,9 +215,9 @@
} else if (!cause) {
/* Allow reads even for write-only mappings */
if (!(vma->vm_flags & (VM_READ | VM_WRITE)))
-diff -urNp linux-2.6.26.6/arch/arm/mm/mmap.c linux-2.6.26.6/arch/arm/mm/mmap.c
---- linux-2.6.26.6/arch/arm/mm/mmap.c 2008-10-08 23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/arm/mm/mmap.c 2008-10-11 21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/arm/mm/mmap.c linux-2.6.27.4/arch/arm/mm/mmap.c
+--- linux-2.6.27.4/arch/arm/mm/mmap.c 2008-10-22 17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/arm/mm/mmap.c 2008-10-27 22:36:16.000000000 -0400
@@ -60,6 +60,10 @@ arch_get_unmapped_area(struct file *filp
if (len > TASK_SIZE)
return -ENOMEM;
@@ -254,9 +254,9 @@
mm->cached_hole_size = 0;
goto full_search;
}
-diff -urNp linux-2.6.26.6/arch/avr32/mm/fault.c
linux-2.6.26.6/arch/avr32/mm/fault.c
---- linux-2.6.26.6/arch/avr32/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/avr32/mm/fault.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/avr32/mm/fault.c
linux-2.6.27.4/arch/avr32/mm/fault.c
+--- linux-2.6.27.4/arch/avr32/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/avr32/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -41,6 +41,23 @@ static inline int notify_page_fault(stru
int exception_trace = 1;
@@ -298,9 +298,9 @@
if (exception_trace && printk_ratelimit())
printk("%s%s[%d]: segfault at %08lx pc %08lx "
"sp %08lx ecr %lu\n",
-diff -urNp linux-2.6.26.6/arch/ia64/ia32/binfmt_elf32.c
linux-2.6.26.6/arch/ia64/ia32/binfmt_elf32.c
---- linux-2.6.26.6/arch/ia64/ia32/binfmt_elf32.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/ia64/ia32/binfmt_elf32.c 2008-10-11
21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/ia64/ia32/binfmt_elf32.c
linux-2.6.27.4/arch/ia64/ia32/binfmt_elf32.c
+--- linux-2.6.27.4/arch/ia64/ia32/binfmt_elf32.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/ia64/ia32/binfmt_elf32.c 2008-10-27
22:36:16.000000000 -0400
@@ -45,6 +45,13 @@ randomize_stack_top(unsigned long stack_
#define elf_read_implies_exec(ex, have_pt_gnu_stack) (!(have_pt_gnu_stack))
@@ -315,10 +315,10 @@
/* Ugly but avoids duplication */
#include "../../../fs/binfmt_elf.c"
-diff -urNp linux-2.6.26.6/arch/ia64/ia32/ia32priv.h
linux-2.6.26.6/arch/ia64/ia32/ia32priv.h
---- linux-2.6.26.6/arch/ia64/ia32/ia32priv.h 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/ia64/ia32/ia32priv.h 2008-10-11 21:54:19.000000000
-0400
-@@ -303,7 +303,14 @@ struct old_linux32_dirent {
+diff -urNp linux-2.6.27.4/arch/ia64/ia32/ia32priv.h
linux-2.6.27.4/arch/ia64/ia32/ia32priv.h
+--- linux-2.6.27.4/arch/ia64/ia32/ia32priv.h 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/ia64/ia32/ia32priv.h 2008-10-27 22:36:16.000000000
-0400
+@@ -296,7 +296,14 @@ typedef struct compat_siginfo {
#define ELF_DATA ELFDATA2LSB
#define ELF_ARCH EM_386
@@ -334,19 +334,20 @@
#define IA32_GATE_OFFSET IA32_PAGE_OFFSET
#define IA32_GATE_END IA32_PAGE_OFFSET + PAGE_SIZE
-diff -urNp linux-2.6.26.6/arch/ia64/kernel/module.c
linux-2.6.26.6/arch/ia64/kernel/module.c
---- linux-2.6.26.6/arch/ia64/kernel/module.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/ia64/kernel/module.c 2008-10-11 21:54:19.000000000
-0400
-@@ -321,7 +321,7 @@ module_alloc (unsigned long size)
+diff -urNp linux-2.6.27.4/arch/ia64/kernel/module.c
linux-2.6.27.4/arch/ia64/kernel/module.c
+--- linux-2.6.27.4/arch/ia64/kernel/module.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/ia64/kernel/module.c 2008-10-27 22:36:16.000000000
-0400
+@@ -312,8 +312,7 @@ module_alloc (unsigned long size)
void
module_free (struct module *mod, void *module_region)
{
-- if (mod->arch.init_unw_table && module_region == mod->module_init) {
-+ if (mod->arch.init_unw_table && module_region == mod->module_init_rx) {
+- if (mod && mod->arch.init_unw_table &&
+- module_region == mod->module_init) {
++ if (mod && mod->arch.init_unw_table && module_region ==
mod->module_init_rx) {
unw_remove_unwind_table(mod->arch.init_unw_table);
mod->arch.init_unw_table = NULL;
}
-@@ -499,15 +499,39 @@ module_frob_arch_sections (Elf_Ehdr *ehd
+@@ -491,15 +490,39 @@ module_frob_arch_sections (Elf_Ehdr *ehd
}
static inline int
@@ -388,7 +389,7 @@
}
static inline int
-@@ -691,7 +715,14 @@ do_reloc (struct module *mod, uint8_t r_
+@@ -683,7 +706,14 @@ do_reloc (struct module *mod, uint8_t r_
break;
case RV_BDREL:
@@ -404,7 +405,7 @@
break;
case RV_LTV:
-@@ -825,15 +856,15 @@ apply_relocate_add (Elf64_Shdr *sechdrs,
+@@ -817,15 +847,15 @@ apply_relocate_add (Elf64_Shdr *sechdrs,
* addresses have been selected...
*/
uint64_t gp;
@@ -424,9 +425,9 @@
mod->arch.gp = gp;
DEBUGP("%s: placing gp at 0x%lx\n", __func__, gp);
}
-diff -urNp linux-2.6.26.6/arch/ia64/kernel/sys_ia64.c
linux-2.6.26.6/arch/ia64/kernel/sys_ia64.c
---- linux-2.6.26.6/arch/ia64/kernel/sys_ia64.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/ia64/kernel/sys_ia64.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/ia64/kernel/sys_ia64.c
linux-2.6.27.4/arch/ia64/kernel/sys_ia64.c
+--- linux-2.6.27.4/arch/ia64/kernel/sys_ia64.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/ia64/kernel/sys_ia64.c 2008-10-27 22:36:16.000000000
-0400
@@ -43,6 +43,13 @@ arch_get_unmapped_area (struct file *fil
if (REGION_NUMBER(addr) == RGN_HPAGE)
addr = 0;
@@ -453,9 +454,9 @@
goto full_search;
}
return -ENOMEM;
-diff -urNp linux-2.6.26.6/arch/ia64/mm/fault.c
linux-2.6.26.6/arch/ia64/mm/fault.c
---- linux-2.6.26.6/arch/ia64/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/ia64/mm/fault.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/ia64/mm/fault.c
linux-2.6.27.4/arch/ia64/mm/fault.c
+--- linux-2.6.27.4/arch/ia64/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/ia64/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -72,6 +72,23 @@ mapped_kernel_page_is_present (unsigned
return pte_present(pte);
}
@@ -505,9 +506,9 @@
survive:
/*
* If for any reason at all we couldn't handle the fault, make
-diff -urNp linux-2.6.26.6/arch/ia64/mm/init.c
linux-2.6.26.6/arch/ia64/mm/init.c
---- linux-2.6.26.6/arch/ia64/mm/init.c 2008-10-08 23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/ia64/mm/init.c 2008-10-11 21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/ia64/mm/init.c
linux-2.6.27.4/arch/ia64/mm/init.c
+--- linux-2.6.27.4/arch/ia64/mm/init.c 2008-10-22 17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/ia64/mm/init.c 2008-10-27 22:36:16.000000000 -0400
@@ -122,6 +122,19 @@ ia64_init_addr_space (void)
vma->vm_start = current->thread.rbs_bot & PAGE_MASK;
vma->vm_end = vma->vm_start + PAGE_SIZE;
@@ -528,44 +529,63 @@
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);
down_write(¤t->mm->mmap_sem);
if (insert_vm_struct(current->mm, vma)) {
-diff -urNp linux-2.6.26.6/arch/mips/kernel/binfmt_elfn32.c
linux-2.6.26.6/arch/mips/kernel/binfmt_elfn32.c
---- linux-2.6.26.6/arch/mips/kernel/binfmt_elfn32.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/mips/kernel/binfmt_elfn32.c 2008-10-11
21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/mips/kernel/binfmt_elfn32.c
linux-2.6.27.4/arch/mips/kernel/binfmt_elfn32.c
+--- linux-2.6.27.4/arch/mips/kernel/binfmt_elfn32.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/mips/kernel/binfmt_elfn32.c 2008-10-27
22:36:16.000000000 -0400
@@ -50,6 +50,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_N
#undef ELF_ET_DYN_BASE
#define ELF_ET_DYN_BASE (TASK32_SIZE / 3 * 2)
+#ifdef CONFIG_PAX_ASLR
-+#define PAX_ELF_ET_DYN_BASE ((current->thread.mflags & MF_32BIT_ADDR) ?
0x00400000UL : 0x00400000UL)
++#define PAX_ELF_ET_DYN_BASE (test_thread_flag(TIF_32BIT_ADDR) ?
0x00400000UL : 0x00400000UL)
+
-+#define PAX_DELTA_MMAP_LEN ((current->thread.mflags & MF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
-+#define PAX_DELTA_STACK_LEN ((current->thread.mflags & MF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
++#define PAX_DELTA_MMAP_LEN (test_thread_flag(TIF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
++#define PAX_DELTA_STACK_LEN (test_thread_flag(TIF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
+#endif
+
#include <asm/processor.h>
#include <linux/module.h>
#include <linux/elfcore.h>
-diff -urNp linux-2.6.26.6/arch/mips/kernel/binfmt_elfo32.c
linux-2.6.26.6/arch/mips/kernel/binfmt_elfo32.c
---- linux-2.6.26.6/arch/mips/kernel/binfmt_elfo32.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/mips/kernel/binfmt_elfo32.c 2008-10-11
21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/mips/kernel/binfmt_elfo32.c
linux-2.6.27.4/arch/mips/kernel/binfmt_elfo32.c
+--- linux-2.6.27.4/arch/mips/kernel/binfmt_elfo32.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/mips/kernel/binfmt_elfo32.c 2008-10-27
22:36:16.000000000 -0400
@@ -52,6 +52,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_N
#undef ELF_ET_DYN_BASE
#define ELF_ET_DYN_BASE (TASK32_SIZE / 3 * 2)
+#ifdef CONFIG_PAX_ASLR
-+#define PAX_ELF_ET_DYN_BASE ((current->thread.mflags & MF_32BIT_ADDR) ?
0x00400000UL : 0x00400000UL)
++#define PAX_ELF_ET_DYN_BASE (test_thread_flag(TIF_32BIT_ADDR) ?
0x00400000UL : 0x00400000UL)
+
-+#define PAX_DELTA_MMAP_LEN ((current->thread.mflags & MF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
-+#define PAX_DELTA_STACK_LEN ((current->thread.mflags & MF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
++#define PAX_DELTA_MMAP_LEN (test_thread_flag(TIF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
++#define PAX_DELTA_STACK_LEN (test_thread_flag(TIF_32BIT_ADDR) ?
27-PAGE_SHIFT : 36-PAGE_SHIFT)
+#endif
+
#include <asm/processor.h>
#include <linux/module.h>
#include <linux/elfcore.h>
-diff -urNp linux-2.6.26.6/arch/mips/kernel/syscall.c
linux-2.6.26.6/arch/mips/kernel/syscall.c
---- linux-2.6.26.6/arch/mips/kernel/syscall.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/mips/kernel/syscall.c 2008-10-11 21:54:19.000000000
-0400
-@@ -93,6 +93,11 @@ unsigned long arch_get_unmapped_area(str
+diff -urNp linux-2.6.27.4/arch/mips/kernel/process.c
linux-2.6.27.4/arch/mips/kernel/process.c
+--- linux-2.6.27.4/arch/mips/kernel/process.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/mips/kernel/process.c 2008-10-27 22:36:16.000000000
-0400
+@@ -458,15 +458,3 @@ unsigned long get_wchan(struct task_stru
+ out:
+ return pc;
+ }
+-
+-/*
+- * Don't forget that the stack pointer must be aligned on a 8 bytes
+- * boundary for 32-bits ABI and 16 bytes for 64-bits ABI.
+- */
+-unsigned long arch_align_stack(unsigned long sp)
+-{
+- if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
+- sp -= get_random_int() & ~PAGE_MASK;
+-
+- return sp & ALMASK;
+-}
+diff -urNp linux-2.6.27.4/arch/mips/kernel/syscall.c
linux-2.6.27.4/arch/mips/kernel/syscall.c
+--- linux-2.6.27.4/arch/mips/kernel/syscall.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/mips/kernel/syscall.c 2008-10-27 22:36:16.000000000
-0400
+@@ -100,6 +100,11 @@ unsigned long arch_get_unmapped_area(str
do_color_align = 0;
if (filp || (flags & MAP_SHARED))
do_color_align = 1;
@@ -577,7 +597,7 @@
if (addr) {
if (do_color_align)
addr = COLOUR_ALIGN(addr, pgoff);
-@@ -103,7 +108,7 @@ unsigned long arch_get_unmapped_area(str
+@@ -110,7 +115,7 @@ unsigned long arch_get_unmapped_area(str
(!vmm || addr + len <= vmm->vm_start))
return addr;
}
@@ -586,9 +606,9 @@
if (do_color_align)
addr = COLOUR_ALIGN(addr, pgoff);
else
-diff -urNp linux-2.6.26.6/arch/mips/mm/fault.c
linux-2.6.26.6/arch/mips/mm/fault.c
---- linux-2.6.26.6/arch/mips/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/mips/mm/fault.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/mips/mm/fault.c
linux-2.6.27.4/arch/mips/mm/fault.c
+--- linux-2.6.27.4/arch/mips/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/mips/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -26,6 +26,23 @@
#include <asm/ptrace.h>
#include <asm/highmem.h> /* For VMALLOC_END */
@@ -613,10 +633,10 @@
/*
* This routine handles page faults. It determines the address,
* and the problem, and then passes it off to one of the appropriate
-diff -urNp linux-2.6.26.6/arch/parisc/kernel/module.c
linux-2.6.26.6/arch/parisc/kernel/module.c
---- linux-2.6.26.6/arch/parisc/kernel/module.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/parisc/kernel/module.c 2008-10-11 21:54:19.000000000
-0400
-@@ -73,16 +73,38 @@
+diff -urNp linux-2.6.27.4/arch/parisc/kernel/module.c
linux-2.6.27.4/arch/parisc/kernel/module.c
+--- linux-2.6.27.4/arch/parisc/kernel/module.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/parisc/kernel/module.c 2008-10-27 22:36:16.000000000
-0400
+@@ -75,16 +75,38 @@
/* three functions to determine where in the module core
* or init pieces the location is */
@@ -659,7 +679,7 @@
}
static inline int in_local(struct module *me, void *loc)
-@@ -296,21 +318,21 @@ int module_frob_arch_sections(CONST Elf_
+@@ -298,21 +320,21 @@ int module_frob_arch_sections(CONST Elf_
}
/* align things a bit */
@@ -696,7 +716,7 @@
me->arch.got_max = gots;
me->arch.fdesc_max = fdescs;
-@@ -330,7 +352,7 @@ static Elf64_Word get_got(struct module
+@@ -332,7 +354,7 @@ static Elf64_Word get_got(struct module
BUG_ON(value == 0);
@@ -705,7 +725,7 @@
for (i = 0; got[i].addr; i++)
if (got[i].addr == value)
goto out;
-@@ -348,7 +370,7 @@ static Elf64_Word get_got(struct module
+@@ -350,7 +372,7 @@ static Elf64_Word get_got(struct module
#ifdef CONFIG_64BIT
static Elf_Addr get_fdesc(struct module *me, unsigned long value)
{
@@ -714,7 +734,7 @@
if (!value) {
printk(KERN_ERR "%s: zero OPD requested!\n", me->name);
-@@ -366,7 +388,7 @@ static Elf_Addr get_fdesc(struct module
+@@ -368,7 +390,7 @@ static Elf_Addr get_fdesc(struct module
/* Create new one */
fdesc->addr = value;
@@ -723,7 +743,7 @@
return (Elf_Addr)fdesc;
}
#endif /* CONFIG_64BIT */
-@@ -386,12 +408,12 @@ static Elf_Addr get_stub(struct module *
+@@ -388,12 +410,12 @@ static Elf_Addr get_stub(struct module *
if(init_section) {
i = me->arch.init_stub_count++;
BUG_ON(me->arch.init_stub_count > me->arch.init_stub_max);
@@ -738,7 +758,7 @@
i * sizeof(struct stub_entry);
}
-@@ -759,7 +781,7 @@ register_unwind_table(struct module *me,
+@@ -761,7 +783,7 @@ register_unwind_table(struct module *me,
table = (unsigned char *)sechdrs[me->arch.unwind_section].sh_addr;
end = table + sechdrs[me->arch.unwind_section].sh_size;
@@ -747,9 +767,9 @@
DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n",
me->arch.unwind_section, table, end, gp);
-diff -urNp linux-2.6.26.6/arch/parisc/kernel/sys_parisc.c
linux-2.6.26.6/arch/parisc/kernel/sys_parisc.c
---- linux-2.6.26.6/arch/parisc/kernel/sys_parisc.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/parisc/kernel/sys_parisc.c 2008-10-11
21:54:19.000000000 -0400
+diff -urNp linux-2.6.27.4/arch/parisc/kernel/sys_parisc.c
linux-2.6.27.4/arch/parisc/kernel/sys_parisc.c
+--- linux-2.6.27.4/arch/parisc/kernel/sys_parisc.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/parisc/kernel/sys_parisc.c 2008-10-27
22:36:16.000000000 -0400
@@ -98,7 +98,7 @@ unsigned long arch_get_unmapped_area(str
if (flags & MAP_FIXED)
return addr;
@@ -759,9 +779,9 @@
if (filp) {
addr = get_shared_area(filp->f_mapping, addr, len, pgoff);
-diff -urNp linux-2.6.26.6/arch/parisc/kernel/traps.c
linux-2.6.26.6/arch/parisc/kernel/traps.c
---- linux-2.6.26.6/arch/parisc/kernel/traps.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/parisc/kernel/traps.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/parisc/kernel/traps.c
linux-2.6.27.4/arch/parisc/kernel/traps.c
+--- linux-2.6.27.4/arch/parisc/kernel/traps.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/parisc/kernel/traps.c 2008-10-27 22:36:16.000000000
-0400
@@ -732,9 +732,7 @@ void handle_interruption(int code, struc
down_read(¤t->mm->mmap_sem);
@@ -773,9 +793,9 @@
fault_address = regs->iaoq[0];
fault_space = regs->iasq[0];
-diff -urNp linux-2.6.26.6/arch/parisc/mm/fault.c
linux-2.6.26.6/arch/parisc/mm/fault.c
---- linux-2.6.26.6/arch/parisc/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/parisc/mm/fault.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/parisc/mm/fault.c
linux-2.6.27.4/arch/parisc/mm/fault.c
+--- linux-2.6.27.4/arch/parisc/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/parisc/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -16,6 +16,7 @@
#include <linux/sched.h>
#include <linux/interrupt.h>
@@ -945,10 +965,10 @@
/*
* If for any reason at all we couldn't handle the fault, make
-diff -urNp linux-2.6.26.6/arch/powerpc/kernel/module_32.c
linux-2.6.26.6/arch/powerpc/kernel/module_32.c
---- linux-2.6.26.6/arch/powerpc/kernel/module_32.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/powerpc/kernel/module_32.c 2008-10-11
21:54:19.000000000 -0400
-@@ -175,7 +175,7 @@ int module_frob_arch_sections(Elf32_Ehdr
+diff -urNp linux-2.6.27.4/arch/powerpc/kernel/module_32.c
linux-2.6.27.4/arch/powerpc/kernel/module_32.c
+--- linux-2.6.27.4/arch/powerpc/kernel/module_32.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/powerpc/kernel/module_32.c 2008-10-27
22:36:16.000000000 -0400
+@@ -158,7 +158,7 @@ int module_frob_arch_sections(Elf32_Ehdr
me->arch.core_plt_section = i;
}
if (!me->arch.core_plt_section || !me->arch.init_plt_section) {
@@ -957,7 +977,7 @@
return -ENOEXEC;
}
-@@ -216,11 +216,16 @@ static uint32_t do_plt_call(void *locati
+@@ -199,11 +199,16 @@ static uint32_t do_plt_call(void *locati
DEBUGP("Doing plt for call to 0x%x at 0x%x\n", val, (unsigned
int)location);
/* Init, or core PLT? */
@@ -977,10 +997,10 @@
/* Find this entry, or if that fails, the next avail. entry */
while (entry->jump[0]) {
-diff -urNp linux-2.6.26.6/arch/powerpc/kernel/signal_32.c
linux-2.6.26.6/arch/powerpc/kernel/signal_32.c
---- linux-2.6.26.6/arch/powerpc/kernel/signal_32.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/powerpc/kernel/signal_32.c 2008-10-11
21:54:19.000000000 -0400
-@@ -743,7 +743,7 @@ int handle_rt_signal32(unsigned long sig
+diff -urNp linux-2.6.27.4/arch/powerpc/kernel/signal_32.c
linux-2.6.27.4/arch/powerpc/kernel/signal_32.c
+--- linux-2.6.27.4/arch/powerpc/kernel/signal_32.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/powerpc/kernel/signal_32.c 2008-10-27
22:36:16.000000000 -0400
+@@ -857,7 +857,7 @@ int handle_rt_signal32(unsigned long sig
/* Save user registers on the stack */
frame = &rt_sf->uc.uc_mcontext;
addr = frame;
@@ -989,10 +1009,10 @@
if (save_user_regs(regs, frame, 0))
goto badframe;
regs->link = current->mm->context.vdso_base +
vdso32_rt_sigtramp;
-diff -urNp linux-2.6.26.6/arch/powerpc/kernel/signal_64.c
linux-2.6.26.6/arch/powerpc/kernel/signal_64.c
---- linux-2.6.26.6/arch/powerpc/kernel/signal_64.c 2008-10-08
23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/powerpc/kernel/signal_64.c 2008-10-11
21:54:19.000000000 -0400
-@@ -371,7 +371,7 @@ int handle_rt_signal64(int signr, struct
+diff -urNp linux-2.6.27.4/arch/powerpc/kernel/signal_64.c
linux-2.6.27.4/arch/powerpc/kernel/signal_64.c
+--- linux-2.6.27.4/arch/powerpc/kernel/signal_64.c 2008-10-22
17:38:01.000000000 -0400
++++ linux-2.6.27.4/arch/powerpc/kernel/signal_64.c 2008-10-27
22:36:16.000000000 -0400
+@@ -434,7 +434,7 @@ int handle_rt_signal64(int signr, struct
current->thread.fpscr.val = 0;
/* Set up to return from userspace. */
@@ -1001,9 +1021,9 @@
regs->link = current->mm->context.vdso_base +
vdso64_rt_sigtramp;
} else {
err |= setup_trampoline(__NR_rt_sigreturn, &frame->tramp[0]);
-diff -urNp linux-2.6.26.6/arch/powerpc/kernel/vdso.c
linux-2.6.26.6/arch/powerpc/kernel/vdso.c
---- linux-2.6.26.6/arch/powerpc/kernel/vdso.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/powerpc/kernel/vdso.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/powerpc/kernel/vdso.c
linux-2.6.27.4/arch/powerpc/kernel/vdso.c
+--- linux-2.6.27.4/arch/powerpc/kernel/vdso.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/powerpc/kernel/vdso.c 2008-10-27 22:36:16.000000000
-0400
@@ -212,7 +212,7 @@ int arch_setup_additional_pages(struct l
vdso_base = VDSO32_MBASE;
#endif
@@ -1022,9 +1042,9 @@
if (IS_ERR_VALUE(vdso_base)) {
rc = vdso_base;
goto fail_mmapsem;
-diff -urNp linux-2.6.26.6/arch/powerpc/mm/fault.c
linux-2.6.26.6/arch/powerpc/mm/fault.c
---- linux-2.6.26.6/arch/powerpc/mm/fault.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/powerpc/mm/fault.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/powerpc/mm/fault.c
linux-2.6.27.4/arch/powerpc/mm/fault.c
+--- linux-2.6.27.4/arch/powerpc/mm/fault.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/powerpc/mm/fault.c 2008-10-27 22:36:16.000000000
-0400
@@ -29,6 +29,10 @@
#include <linux/module.h>
#include <linux/kprobes.h>
@@ -1400,7 +1420,7 @@
/*
* Check whether the instruction at regs->nip is a store using
* an update addressing form which will update r1.
-@@ -157,7 +518,7 @@ int __kprobes do_page_fault(struct pt_re
+@@ -132,7 +493,7 @@ int __kprobes do_page_fault(struct pt_re
* indicate errors in DSISR but can validly be set in SRR1.
*/
if (trap == 0x400)
@@ -1409,7 +1429,7 @@
else
is_write = error_code & DSISR_ISSTORE;
#else
-@@ -355,6 +716,37 @@ bad_area:
+@@ -331,6 +692,37 @@ bad_area:
bad_area_nosemaphore:
/* User mode accesses cause a SIGSEGV */
if (user_mode(regs)) {
@@ -1447,9 +1467,9 @@
_exception(SIGSEGV, regs, code, address);
return 0;
}
-diff -urNp linux-2.6.26.6/arch/powerpc/mm/mmap.c
linux-2.6.26.6/arch/powerpc/mm/mmap.c
---- linux-2.6.26.6/arch/powerpc/mm/mmap.c 2008-10-08 23:24:05.000000000
-0400
-+++ linux-2.6.26.6/arch/powerpc/mm/mmap.c 2008-10-11 21:54:19.000000000
-0400
+diff -urNp linux-2.6.27.4/arch/powerpc/mm/mmap.c
linux-2.6.27.4/arch/powerpc/mm/mmap.c
+--- linux-2.6.27.4/arch/powerpc/mm/mmap.c 2008-10-22 17:38:01.000000000
-0400
++++ linux-2.6.27.4/arch/powerpc/mm/mmap.c 2008-10-27 22:36:16.000000000
-0400
@@ -75,10 +75,22 @@ void arch_pick_mmap_layout(struct mm_str
*/
if (mmap_is_legacy()) {
@@ -1473,456 +1493,9 @@
mm->get_unmapped_area = arch_get_unmapped_area_topdown;
mm->unmap_area = arch_unmap_area_topdown;
}
-diff -urNp linux-2.6.26.6/arch/ppc/mm/fault.c
linux-2.6.26.6/arch/ppc/mm/fault.c
---- linux-2.6.26.6/arch/ppc/mm/fault.c 2008-10-08 23:24:05.000000000 -0400
-+++ linux-2.6.26.6/arch/ppc/mm/fault.c 2008-10-11 21:54:19.000000000 -0400
-@@ -25,6 +25,10 @@
- #include <linux/interrupt.h>
- #include <linux/highmem.h>
- #include <linux/module.h>
-+#include <linux/slab.h>
-+#include <linux/pagemap.h>
-+#include <linux/compiler.h>
-+#include <linux/unistd.h>
-
- #include <asm/page.h>
- #include <asm/pgtable.h>
-@@ -48,6 +52,363 @@ unsigned long pte_misses; /* updated by
- unsigned long pte_errors; /* updated by do_page_fault() */
- unsigned int probingmem;
-
-+#ifdef CONFIG_PAX_EMUSIGRT
-+void pax_syscall_close(struct vm_area_struct *vma)
-+{
-+ vma->vm_mm->call_syscall = 0UL;
-+}
-+
-+static int pax_syscall_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
-+{
-+ unsigned int *kaddr;
-+
-+ vmf->page = alloc_page(GFP_HIGHUSER);
-+ if (!vmf->page)
-+ return VM_FAULT_OOM;
-+
-+ kaddr = kmap(vmf->page);
-+ memset(kaddr, 0, PAGE_SIZE);
-+ kaddr[0] = 0x44000002U; /* sc */
-+ __flush_dcache_icache(kaddr);
-+ kunmap(vmf->page);
-+ return VM_FAULT_MAJOR;
-+}
-+
-+static struct vm_operations_struct pax_vm_ops = {
-+ .close = pax_syscall_close,
-+ .fault = pax_syscall_fault
-+};
-+
-+static int pax_insert_vma(struct vm_area_struct *vma, unsigned long addr)
-+{
-+ int ret;
-+
-+ vma->vm_mm = current->mm;
-+ vma->vm_start = addr;
-+ vma->vm_end = addr + PAGE_SIZE;
-+ vma->vm_flags = VM_READ | VM_EXEC | VM_MAYREAD | VM_MAYEXEC;
-+ vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);
-+ vma->vm_ops = &pax_vm_ops;
-+
-+ ret = insert_vm_struct(current->mm, vma);
-+ if (ret)
-+ return ret;
-+
-+ ++current->mm->total_vm;
-+ return 0;
-+}
-+#endif
-+
-+#ifdef CONFIG_PAX_PAGEEXEC
-+/*
-+ * PaX: decide what to do with offenders (regs->nip = fault address)
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/linux-2.6-grsecurity.patch?r1=1.1.2.26&r2=1.1.2.27&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
