packages: kernel/kernel-grsec_fixes.patch, kernel/kernel-grsec_full.patch, ...
arekm
arekm at pld-linux.org
Wed Oct 12 17:45:26 CEST 2011
Author: arekm Date: Wed Oct 12 15:45:26 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- up to 3.0.6
---- Files affected:
packages/kernel:
kernel-grsec_fixes.patch (1.25 -> 1.26) , kernel-grsec_full.patch (1.81 -> 1.82) , kernel-vserver-2.3.patch (1.81 -> 1.82) , kernel-vserver-fixes.patch (1.23 -> 1.24) , kernel.spec (1.980 -> 1.981) , patch-3.0.6 (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/kernel/kernel-grsec_fixes.patch
diff -u packages/kernel/kernel-grsec_fixes.patch:1.25 packages/kernel/kernel-grsec_fixes.patch:1.26
--- packages/kernel/kernel-grsec_fixes.patch:1.25 Thu Aug 25 22:07:12 2011
+++ packages/kernel/kernel-grsec_fixes.patch Wed Oct 12 17:45:19 2011
@@ -120,4 +120,15 @@
sock_release(newsock);
-
+diff -NurpX linux-3.0.6-pax/Documentation/dontdiff linux-3.0.6/drivers/media/video/timblogiw.c linux-3.0.6-pax/drivers/media/video/timblogiw.c
+--- linux-3.0.6/drivers/media/video/timblogiw.c 2011-07-22 04:17:23.000000000 +0200
++++ linux-3.0.6-pax/drivers/media/video/timblogiw.c 2011-10-09 13:14:45.187928072 +0200
+@@ -767,7 +767,7 @@ static __devinitconst struct v4l2_ioctl_
+ .vidioc_enum_framesizes = timblogiw_enum_framesizes,
+ };
+
+-static __devinitconst struct v4l2_file_operations timblogiw_fops = {
++static __devinitconst v4l2_file_operations_no_const timblogiw_fops = {
+ .owner = THIS_MODULE,
+ .open = timblogiw_open,
+ .release = timblogiw_close,
================================================================
Index: packages/kernel/kernel-grsec_full.patch
diff -u packages/kernel/kernel-grsec_full.patch:1.81 packages/kernel/kernel-grsec_full.patch:1.82
--- packages/kernel/kernel-grsec_full.patch:1.81 Fri Sep 23 21:18:29 2011
+++ packages/kernel/kernel-grsec_full.patch Wed Oct 12 17:45:19 2011
@@ -3057,20 +3057,19 @@
diff -urNp linux-3.0.4/arch/sparc/include/asm/elf_64.h linux-3.0.4/arch/sparc/include/asm/elf_64.h
--- linux-3.0.4/arch/sparc/include/asm/elf_64.h 2011-09-02 18:11:21.000000000 -0400
+++ linux-3.0.4/arch/sparc/include/asm/elf_64.h 2011-08-23 21:47:55.000000000 -0400
-@@ -180,6 +180,13 @@ typedef struct {
+@@ -162,6 +162,12 @@ typedef struct {
#define ELF_ET_DYN_BASE 0x0000010000000000UL
#define COMPAT_ELF_ET_DYN_BASE 0x0000000070000000UL
+#ifdef CONFIG_PAX_ASLR
-+#define PAX_ELF_ET_DYN_BASE (test_thread_flag(TIF_32BIT) ? 0x10000UL : 0x100000UL)
++#define PAX_ELF_ET_DYN_BASE (test_thread_flag(TIF_32BIT) ? 0x10000UL : 0x100000UL)
+
-+#define PAX_DELTA_MMAP_LEN (test_thread_flag(TIF_32BIT) ? 14 : 28)
-+#define PAX_DELTA_STACK_LEN (test_thread_flag(TIF_32BIT) ? 15 : 29)
++#define PAX_DELTA_MMAP_LEN (test_thread_flag(TIF_32BIT) ? 14 : 28)
++#define PAX_DELTA_STACK_LEN (test_thread_flag(TIF_32BIT) ? 15 : 29)
+#endif
-+
- extern unsigned long sparc64_elf_hwcap;
- #define ELF_HWCAP sparc64_elf_hwcap
+ /* This yields a mask that user programs can use to figure out what
+ instruction set this cpu supports. */
diff -urNp linux-3.0.4/arch/sparc/include/asm/pgtable_32.h linux-3.0.4/arch/sparc/include/asm/pgtable_32.h
--- linux-3.0.4/arch/sparc/include/asm/pgtable_32.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/sparc/include/asm/pgtable_32.h 2011-08-23 21:47:55.000000000 -0400
@@ -5591,71 +5590,80 @@
/*
diff -urNp linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -71,6 +71,12 @@ FUNC: movq r1,r2; \
++++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -8,6 +8,8 @@
+ * including this sentence is retained in full.
+ */
+
++#include <asm/alternative-asm.h>
++
+ .extern crypto_ft_tab
+ .extern crypto_it_tab
+ .extern crypto_fl_tab
+@@ -71,6 +73,8 @@ FUNC: movq r1,r2; \
je B192; \
leaq 32(r9),r9;
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+#define ret orb $0x80, 0x7(%rsp); ret
-+#else
-+#define ret ret
-+#endif
++#define ret pax_force_retaddr; ret
+
#define epilogue(r1,r2,r3,r4,r5,r6,r7,r8,r9) \
movq r1,r2; \
movq r3,r4; \
diff -urNp linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -790,6 +790,9 @@ ECRYPT_encrypt_bytes:
++++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -1,3 +1,5 @@
++#include <asm/alternative-asm.h>
++
+ # enter ECRYPT_encrypt_bytes
+ .text
+ .p2align 5
+@@ -790,6 +792,7 @@ ECRYPT_encrypt_bytes:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
# bytesatleast65:
._bytesatleast65:
-@@ -891,6 +894,9 @@ ECRYPT_keysetup:
+@@ -891,6 +894,7 @@ ECRYPT_keysetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
# enter ECRYPT_ivsetup
.text
-@@ -917,4 +923,7 @@ ECRYPT_ivsetup:
+@@ -917,4 +921,5 @@ ECRYPT_ivsetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
diff -urNp linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -269,6 +269,9 @@ twofish_enc_blk:
++++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -21,6 +21,7 @@
+ .text
+
+ #include <asm/asm-offsets.h>
++#include <asm/alternative-asm.h>
+
+ #define a_offset 0
+ #define b_offset 4
+@@ -269,6 +270,7 @@ twofish_enc_blk:
popq R1
movq $1,%rax
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
twofish_dec_blk:
-@@ -321,4 +324,7 @@ twofish_dec_blk:
+@@ -321,4 +323,5 @@ twofish_dec_blk:
popq R1
movq $1,%rax
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_aout.c linux-3.0.4/arch/x86/ia32/ia32_aout.c
--- linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-07-21 22:17:23.000000000 -0400
@@ -5850,7 +5858,34 @@
cmpq $(IA32_NR_syscalls-1),%rax
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_signal.c linux-3.0.4/arch/x86/ia32/ia32_signal.c
--- linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-10-06 04:17:55.000000000 -0400
+@@ -167,7 +167,7 @@ asmlinkage long sys32_sigaltstack(const
+ }
+ seg = get_fs();
+ set_fs(KERNEL_DS);
+- ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss, regs->sp);
++ ret = do_sigaltstack(uss_ptr ? (const stack_t __force_user *)&uss : NULL, (stack_t __force_user *)&uoss, regs->sp);
+ set_fs(seg);
+ if (ret >= 0 && uoss_ptr) {
+ if (!access_ok(VERIFY_WRITE, uoss_ptr, sizeof(stack_ia32_t)))
+@@ -374,7 +374,7 @@ static int ia32_setup_sigcontext(struct
+ */
+ static void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
+ size_t frame_size,
+- void **fpstate)
++ void __user **fpstate)
+ {
+ unsigned long sp;
+
+@@ -395,7 +395,7 @@ static void __user *get_sigframe(struct
+
+ if (used_math()) {
+ sp = sp - sig_xstate_ia32_size;
+- *fpstate = (struct _fpstate_ia32 *) sp;
++ *fpstate = (struct _fpstate_ia32 __user *) sp;
+ if (save_i387_xstate_ia32(*fpstate) < 0)
+ return (void __user *) -1L;
+ }
@@ -403,7 +403,7 @@ static void __user *get_sigframe(struct
sp -= frame_size;
/* Align the stack pointer according to the i386 ABI,
@@ -5865,7 +5900,7 @@
* gdb versions depend on them as a marker.
*/
- put_user_ex(*((u64 *)&code), (u64 *)frame->retcode);
-+ put_user_ex(*((const u64 *)&code), (u64 *)frame->retcode);
++ put_user_ex(*((const u64 *)&code), (u64 __user *)frame->retcode);
} put_user_catch(err);
if (err)
@@ -5896,10 +5931,104 @@
* versions need it.
*/
- put_user_ex(*((u64 *)&code), (u64 *)frame->retcode);
-+ put_user_ex(*((const u64 *)&code), (u64 *)frame->retcode);
++ put_user_ex(*((const u64 *)&code), (u64 __user *)frame->retcode);
} put_user_catch(err);
if (err)
+diff -urNp linux-3.0.4/arch/x86/ia32/sys_ia32.c linux-3.0.4/arch/x86/ia32/sys_ia32.c
+--- linux-3.0.4/arch/x86/ia32/sys_ia32.c 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/ia32/sys_ia32.c 2011-10-06 04:17:55.000000000 -0400
+@@ -69,8 +69,8 @@ asmlinkage long sys32_ftruncate64(unsign
+ */
+ static int cp_stat64(struct stat64 __user *ubuf, struct kstat *stat)
+ {
+- typeof(ubuf->st_uid) uid = 0;
+- typeof(ubuf->st_gid) gid = 0;
++ typeof(((struct stat64 *)0)->st_uid) uid = 0;
++ typeof(((struct stat64 *)0)->st_gid) gid = 0;
+ SET_UID(uid, stat->uid);
+ SET_GID(gid, stat->gid);
+ if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct stat64)) ||
+@@ -308,8 +308,8 @@ asmlinkage long sys32_rt_sigprocmask(int
+ }
+ set_fs(KERNEL_DS);
+ ret = sys_rt_sigprocmask(how,
+- set ? (sigset_t __user *)&s : NULL,
+- oset ? (sigset_t __user *)&s : NULL,
++ set ? (sigset_t __force_user *)&s : NULL,
++ oset ? (sigset_t __force_user *)&s : NULL,
+ sigsetsize);
+ set_fs(old_fs);
+ if (ret)
+@@ -332,7 +332,7 @@ asmlinkage long sys32_alarm(unsigned int
+ return alarm_setitimer(seconds);
+ }
+
+-asmlinkage long sys32_waitpid(compat_pid_t pid, unsigned int *stat_addr,
++asmlinkage long sys32_waitpid(compat_pid_t pid, unsigned int __user *stat_addr,
+ int options)
+ {
+ return compat_sys_wait4(pid, stat_addr, options, NULL);
+@@ -353,7 +353,7 @@ asmlinkage long sys32_sched_rr_get_inter
+ mm_segment_t old_fs = get_fs();
+
+ set_fs(KERNEL_DS);
+- ret = sys_sched_rr_get_interval(pid, (struct timespec __user *)&t);
++ ret = sys_sched_rr_get_interval(pid, (struct timespec __force_user *)&t);
+ set_fs(old_fs);
+ if (put_compat_timespec(&t, interval))
+ return -EFAULT;
+@@ -369,7 +369,7 @@ asmlinkage long sys32_rt_sigpending(comp
+ mm_segment_t old_fs = get_fs();
+
+ set_fs(KERNEL_DS);
+- ret = sys_rt_sigpending((sigset_t __user *)&s, sigsetsize);
++ ret = sys_rt_sigpending((sigset_t __force_user *)&s, sigsetsize);
+ set_fs(old_fs);
+ if (!ret) {
+ switch (_NSIG_WORDS) {
+@@ -394,7 +394,7 @@ asmlinkage long sys32_rt_sigqueueinfo(in
+ if (copy_siginfo_from_user32(&info, uinfo))
+ return -EFAULT;
+ set_fs(KERNEL_DS);
+- ret = sys_rt_sigqueueinfo(pid, sig, (siginfo_t __user *)&info);
++ ret = sys_rt_sigqueueinfo(pid, sig, (siginfo_t __force_user *)&info);
+ set_fs(old_fs);
+ return ret;
+ }
+@@ -439,7 +439,7 @@ asmlinkage long sys32_sendfile(int out_f
+ return -EFAULT;
+
+ set_fs(KERNEL_DS);
+- ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __user *)&of : NULL,
++ ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __force_user *)&of : NULL,
+ count);
+ set_fs(old_fs);
+
+diff -urNp linux-3.0.4/arch/x86/include/asm/alternative-asm.h linux-3.0.4/arch/x86/include/asm/alternative-asm.h
+--- linux-3.0.4/arch/x86/include/asm/alternative-asm.h 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/alternative-asm.h 2011-10-07 19:07:23.000000000 -0400
+@@ -15,6 +15,20 @@
+ .endm
+ #endif
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ .macro pax_force_retaddr rip=0
++ btsq $63,\rip(%rsp)
++ .endm
++ .macro pax_force_fptr ptr
++ btsq $63,\ptr
++ .endm
++#else
++ .macro pax_force_retaddr rip=0
++ .endm
++ .macro pax_force_fptr ptr
++ .endm
++#endif
++
+ .macro altinstruction_entry orig alt feature orig_len alt_len
+ .align 8
+ .quad \orig
diff -urNp linux-3.0.4/arch/x86/include/asm/alternative.h linux-3.0.4/arch/x86/include/asm/alternative.h
--- linux-3.0.4/arch/x86/include/asm/alternative.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/alternative.h 2011-08-23 21:47:55.000000000 -0400
@@ -7226,12 +7355,12 @@
#endif /* _ASM_X86_EMERGENCY_RESTART_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/futex.h linux-3.0.4/arch/x86/include/asm/futex.h
--- linux-3.0.4/arch/x86/include/asm/futex.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/futex.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/futex.h 2011-10-06 04:17:55.000000000 -0400
@@ -12,16 +12,18 @@
#include <asm/system.h>
#define __futex_atomic_op1(insn, ret, oldval, uaddr, oparg) \
-+ typecheck(u32 *, uaddr); \
++ typecheck(u32 __user *, uaddr); \
asm volatile("1:\t" insn "\n" \
"2:\t.section .fixup,\"ax\"\n" \
"3:\tmov\t%3, %1\n" \
@@ -7239,11 +7368,11 @@
"\t.previous\n" \
_ASM_EXTABLE(1b, 3b) \
- : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \
-+ : "=r" (oldval), "=r" (ret), "+m" (*(u32 *)____m(uaddr))\
++ : "=r" (oldval), "=r" (ret), "+m" (*(u32 __user *)____m(uaddr))\
: "i" (-EFAULT), "0" (oparg), "1" (0))
#define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \
-+ typecheck(u32 *, uaddr); \
++ typecheck(u32 __user *, uaddr); \
asm volatile("1:\tmovl %2, %0\n" \
"\tmovl\t%0, %3\n" \
"\t" insn "\n" \
@@ -7252,7 +7381,7 @@
_ASM_EXTABLE(2b, 4b) \
: "=&a" (oldval), "=&r" (ret), \
- "+m" (*uaddr), "=&r" (tem) \
-+ "+m" (*(u32 *)____m(uaddr)), "=&r" (tem) \
++ "+m" (*(u32 __user *)____m(uaddr)), "=&r" (tem) \
: "r" (oparg), "i" (-EFAULT), "1" (0))
static inline int futex_atomic_op_inuser(int encoded_op, u32 __user *uaddr)
@@ -7281,7 +7410,7 @@
"\t.previous\n"
_ASM_EXTABLE(1b, 3b)
- : "+r" (ret), "=a" (oldval), "+m" (*uaddr)
-+ : "+r" (ret), "=a" (oldval), "+m" (*(u32 *)____m(uaddr))
++ : "+r" (ret), "=a" (oldval), "+m" (*(u32 __user *)____m(uaddr))
: "i" (-EFAULT), "r" (newval), "1" (oldval)
: "memory"
);
@@ -7301,14 +7430,14 @@
extern void eisa_set_level_irq(unsigned int irq);
diff -urNp linux-3.0.4/arch/x86/include/asm/i387.h linux-3.0.4/arch/x86/include/asm/i387.h
--- linux-3.0.4/arch/x86/include/asm/i387.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/i387.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/i387.h 2011-10-06 04:17:55.000000000 -0400
@@ -92,6 +92,11 @@ static inline int fxrstor_checking(struc
{
int err;
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
+ if ((unsigned long)fx < PAX_USER_SHADOW_BASE)
-+ fx = (struct i387_fxsave_struct *)((void *)fx + PAX_USER_SHADOW_BASE);
++ fx = (struct i387_fxsave_struct __user *)((void *)fx + PAX_USER_SHADOW_BASE);
+#endif
+
/* See comment in fxsave() below. */
@@ -7758,7 +7887,7 @@
#ifdef CONFIG_SMP
diff -urNp linux-3.0.4/arch/x86/include/asm/module.h linux-3.0.4/arch/x86/include/asm/module.h
--- linux-3.0.4/arch/x86/include/asm/module.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/module.h 2011-08-23 21:48:14.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/module.h 2011-10-07 19:24:31.000000000 -0400
@@ -5,6 +5,7 @@
#ifdef CONFIG_X86_64
@@ -7767,37 +7896,25 @@
#elif defined CONFIG_M386
#define MODULE_PROC_FAMILY "386 "
#elif defined CONFIG_M486
-@@ -59,8 +60,30 @@
+@@ -59,8 +60,18 @@
#error unknown processor family
#endif
-#ifdef CONFIG_X86_32
-# define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY
-+#ifdef CONFIG_PAX_MEMORY_UDEREF
-+#define MODULE_PAX_UDEREF "UDEREF "
-+#else
-+#define MODULE_PAX_UDEREF ""
-+#endif
-+
+#ifdef CONFIG_PAX_KERNEXEC
+#define MODULE_PAX_KERNEXEC "KERNEXEC "
+#else
+#define MODULE_PAX_KERNEXEC ""
#endif
-+#ifdef CONFIG_PAX_REFCOUNT
-+#define MODULE_PAX_REFCOUNT "REFCOUNT "
-+#else
-+#define MODULE_PAX_REFCOUNT ""
-+#endif
-+
-+#ifdef CONFIG_GRKERNSEC
-+#define MODULE_GRSEC "GRSECURITY "
++#ifdef CONFIG_PAX_MEMORY_UDEREF
++#define MODULE_PAX_UDEREF "UDEREF "
+#else
-+#define MODULE_GRSEC ""
++#define MODULE_PAX_UDEREF ""
+#endif
+
-+#define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY MODULE_GRSEC MODULE_PAX_KERNEXEC MODULE_PAX_UDEREF MODULE_PAX_REFCOUNT
++#define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY MODULE_PAX_KERNEXEC MODULE_PAX_UDEREF
+
#endif /* _ASM_X86_MODULE_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/page_64_types.h linux-3.0.4/arch/x86/include/asm/page_64_types.h
@@ -8988,6 +9105,18 @@
};
void dump_trace(struct task_struct *tsk, struct pt_regs *regs,
+diff -urNp linux-3.0.4/arch/x86/include/asm/sys_ia32.h linux-3.0.4/arch/x86/include/asm/sys_ia32.h
+--- linux-3.0.4/arch/x86/include/asm/sys_ia32.h 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/sys_ia32.h 2011-10-06 04:17:55.000000000 -0400
+@@ -40,7 +40,7 @@ asmlinkage long sys32_rt_sigprocmask(int
+ compat_sigset_t __user *, unsigned int);
+ asmlinkage long sys32_alarm(unsigned int);
+
+-asmlinkage long sys32_waitpid(compat_pid_t, unsigned int *, int);
++asmlinkage long sys32_waitpid(compat_pid_t, unsigned int __user *, int);
+ asmlinkage long sys32_sysfs(int, u32, u32);
+
+ asmlinkage long sys32_sched_rr_get_interval(compat_pid_t,
diff -urNp linux-3.0.4/arch/x86/include/asm/system.h linux-3.0.4/arch/x86/include/asm/system.h
--- linux-3.0.4/arch/x86/include/asm/system.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/system.h 2011-08-23 21:47:55.000000000 -0400
@@ -9355,7 +9484,7 @@
diff -urNp linux-3.0.4/arch/x86/include/asm/uaccess_64.h linux-3.0.4/arch/x86/include/asm/uaccess_64.h
--- linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-08-23 21:48:14.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-10-06 04:17:55.000000000 -0400
@@ -10,6 +10,9 @@
#include <asm/alternative.h>
#include <asm/cpufeature.h>
@@ -9453,7 +9582,7 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
-+ return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
+ }
switch (size) {
- case 1:__get_user_asm(*(u8 *)dst, (u8 __user *)src,
@@ -9502,7 +9631,7 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
-+ return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
}
}
@@ -9516,6 +9645,7 @@
might_fault();
- if (!__builtin_constant_p(size))
+- return copy_user_generic((__force void *)dst, src, size);
+
+ pax_track_stack();
+
@@ -9542,7 +9672,7 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
+ }
switch (size) {
- case 1:__put_user_asm(*(u8 *)src, (u8 __user *)dst,
@@ -9584,13 +9714,14 @@
ret, "q", "", "er", 8);
return ret;
default:
+- return copy_user_generic((__force void *)dst, src, size);
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ if ((unsigned long)dst < PAX_USER_SHADOW_BASE)
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
}
}
@@ -9603,6 +9734,8 @@
might_fault();
- if (!__builtin_constant_p(size))
+- return copy_user_generic((__force void *)dst,
+- (__force void *)src, size);
+
+ if ((int)size < 0)
+ return size;
@@ -9623,9 +9756,8 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst,
-- (__force void *)src, size);
-+ (__force const void *)src, size);
++ return copy_user_generic((__force_kernel void *)dst,
++ (__force_kernel const void *)src, size);
+ }
switch (size) {
case 1: {
@@ -9666,6 +9798,8 @@
return ret;
}
default:
+- return copy_user_generic((__force void *)dst,
+- (__force void *)src, size);
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ if ((unsigned long)src < PAX_USER_SHADOW_BASE)
@@ -9674,9 +9808,8 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst,
-- (__force void *)src, size);
-+ (__force const void *)src, size);
++ return copy_user_generic((__force_kernel void *)dst,
++ (__force_kernel const void *)src, size);
}
}
@@ -9684,6 +9817,7 @@
static __must_check __always_inline int
__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size)
{
+- return copy_user_generic(dst, (__force const void *)src, size);
+ pax_track_stack();
+
+ if ((int)size < 0)
@@ -9697,13 +9831,14 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
}
-static __must_check __always_inline int
+static __must_check __always_inline unsigned long
__copy_to_user_inatomic(void __user *dst, const void *src, unsigned size)
{
+- return copy_user_generic((__force void *)dst, src, size);
+ if ((int)size < 0)
+ return size;
+
@@ -9715,7 +9850,7 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
}
-extern long __copy_user_nocache(void *dst, const void __user *src,
@@ -9756,13 +9891,14 @@
}
-unsigned long
+-copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest);
+extern unsigned long
- copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest);
++copy_user_handle_tail(char __user *to, char __user *from, unsigned len, unsigned zerorest);
#endif /* _ASM_X86_UACCESS_64_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/uaccess.h linux-3.0.4/arch/x86/include/asm/uaccess.h
--- linux-3.0.4/arch/x86/include/asm/uaccess.h 2011-07-21 22:17:23.000000000 -0400
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_fixes.patch?r1=1.25&r2=1.26&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_full.patch?r1=1.81&r2=1.82&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-vserver-2.3.patch?r1=1.81&r2=1.82&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-vserver-fixes.patch?r1=1.23&r2=1.24&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel.spec?r1=1.980&r2=1.981&f=u
More information about the pld-cvs-commit
mailing list