SOURCES (LINUX_2_6_20): grsecurity-2.1.10-2.6.19.2.patch - http://...

mguevara mguevara at pld-linux.org
Thu Feb 1 10:23:24 CET 2007


Author: mguevara                     Date: Thu Feb  1 09:23:24 2007 GMT
Module: SOURCES                       Tag: LINUX_2_6_20
---- Log message:
- http://www.grsecurity.net/~spender/grsecurity-2.1.10-2.6.19.2-200701222307.patch.gz

---- Files affected:
SOURCES:
   grsecurity-2.1.10-2.6.19.2.patch (1.1.2.1 -> 1.1.2.2) 

---- Diffs:

================================================================
Index: SOURCES/grsecurity-2.1.10-2.6.19.2.patch
diff -u SOURCES/grsecurity-2.1.10-2.6.19.2.patch:1.1.2.1 SOURCES/grsecurity-2.1.10-2.6.19.2.patch:1.1.2.2
--- SOURCES/grsecurity-2.1.10-2.6.19.2.patch:1.1.2.1	Sat Jan 13 23:19:55 2007
+++ SOURCES/grsecurity-2.1.10-2.6.19.2.patch	Thu Feb  1 10:23:19 2007
@@ -1,7 +1,7 @@
-diff -urNp linux-2.6.19.2/arch/alpha/kernel/module.c linux-2.6.19.2/arch/alpha/kernel/module.c
+diff -urNP linux-2.6.19.2/arch/alpha/kernel/module.c linux-2.6.19.2/arch/alpha/kernel/module.c
 --- linux-2.6.19.2/arch/alpha/kernel/module.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/alpha/kernel/module.c	2006-12-03 15:15:43.000000000 -0500
-@@ -177,7 +177,7 @@ apply_relocate_add(Elf64_Shdr *sechdrs, 
++++ linux-2.6.19.2/arch/alpha/kernel/module.c	2007-01-20 17:29:54.000000000 -0500
+@@ -177,7 +177,7 @@
  
  	/* The small sections were sorted to the end of the segment.
  	   The following should definitely cover them.  */
@@ -10,10 +10,10 @@
  	got = sechdrs[me->arch.gotsecindex].sh_addr;
  
  	for (i = 0; i < n; i++) {
-diff -urNp linux-2.6.19.2/arch/alpha/kernel/osf_sys.c linux-2.6.19.2/arch/alpha/kernel/osf_sys.c
+diff -urNP linux-2.6.19.2/arch/alpha/kernel/osf_sys.c linux-2.6.19.2/arch/alpha/kernel/osf_sys.c
 --- linux-2.6.19.2/arch/alpha/kernel/osf_sys.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/alpha/kernel/osf_sys.c	2006-12-03 15:15:43.000000000 -0500
-@@ -1277,6 +1277,10 @@ arch_get_unmapped_area(struct file *filp
++++ linux-2.6.19.2/arch/alpha/kernel/osf_sys.c	2007-01-20 17:29:54.000000000 -0500
+@@ -1277,6 +1277,10 @@
  	   merely specific addresses, but regions of memory -- perhaps
  	   this feature should be incorporated into all ports?  */
  
@@ -24,7 +24,7 @@
  	if (addr) {
  		addr = arch_get_unmapped_area_1 (PAGE_ALIGN(addr), len, limit);
  		if (addr != (unsigned long) -ENOMEM)
-@@ -1284,8 +1288,8 @@ arch_get_unmapped_area(struct file *filp
+@@ -1284,8 +1288,8 @@
  	}
  
  	/* Next, try allocating at TASK_UNMAPPED_BASE.  */
@@ -35,9 +35,9 @@
  	if (addr != (unsigned long) -ENOMEM)
  		return addr;
  
-diff -urNp linux-2.6.19.2/arch/alpha/kernel/ptrace.c linux-2.6.19.2/arch/alpha/kernel/ptrace.c
+diff -urNP linux-2.6.19.2/arch/alpha/kernel/ptrace.c linux-2.6.19.2/arch/alpha/kernel/ptrace.c
 --- linux-2.6.19.2/arch/alpha/kernel/ptrace.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/alpha/kernel/ptrace.c	2006-12-03 15:15:43.000000000 -0500
++++ linux-2.6.19.2/arch/alpha/kernel/ptrace.c	2007-01-20 17:29:54.000000000 -0500
 @@ -15,6 +15,7 @@
  #include <linux/slab.h>
  #include <linux/security.h>
@@ -46,7 +46,7 @@
  
  #include <asm/uaccess.h>
  #include <asm/pgtable.h>
-@@ -283,6 +284,9 @@ do_sys_ptrace(long request, long pid, lo
+@@ -283,6 +284,9 @@
  		goto out_notsk;
  	}
  
@@ -56,9 +56,9 @@
  	if (request == PTRACE_ATTACH) {
  		ret = ptrace_attach(child);
  		goto out;
-diff -urNp linux-2.6.19.2/arch/alpha/mm/fault.c linux-2.6.19.2/arch/alpha/mm/fault.c
+diff -urNP linux-2.6.19.2/arch/alpha/mm/fault.c linux-2.6.19.2/arch/alpha/mm/fault.c
 --- linux-2.6.19.2/arch/alpha/mm/fault.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/alpha/mm/fault.c	2006-12-03 15:15:43.000000000 -0500
++++ linux-2.6.19.2/arch/alpha/mm/fault.c	2007-01-20 17:29:54.000000000 -0500
 @@ -24,6 +24,7 @@
  #include <linux/smp_lock.h>
  #include <linux/interrupt.h>
@@ -67,7 +67,7 @@
  
  #include <asm/system.h>
  #include <asm/uaccess.h>
-@@ -55,6 +56,124 @@ __load_new_mm_context(struct mm_struct *
+@@ -55,6 +56,124 @@
  	__reload_thread(pcb);
  }
  
@@ -192,7 +192,7 @@
  
  /*
   * This routine handles page faults.  It determines the address,
-@@ -132,8 +251,29 @@ do_page_fault(unsigned long address, uns
+@@ -132,8 +251,29 @@
   good_area:
  	si_code = SEGV_ACCERR;
  	if (cause < 0) {
@@ -223,10 +223,10 @@
  	} else if (!cause) {
  		/* Allow reads even for write-only mappings */
  		if (!(vma->vm_flags & (VM_READ | VM_WRITE)))
-diff -urNp linux-2.6.19.2/arch/arm/mm/mmap.c linux-2.6.19.2/arch/arm/mm/mmap.c
+diff -urNP linux-2.6.19.2/arch/arm/mm/mmap.c linux-2.6.19.2/arch/arm/mm/mmap.c
 --- linux-2.6.19.2/arch/arm/mm/mmap.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/arm/mm/mmap.c	2006-12-03 15:15:44.000000000 -0500
-@@ -61,6 +61,10 @@ arch_get_unmapped_area(struct file *filp
++++ linux-2.6.19.2/arch/arm/mm/mmap.c	2007-01-20 17:29:54.000000000 -0500
+@@ -61,6 +61,10 @@
  	if (len > TASK_SIZE)
  		return -ENOMEM;
  
@@ -237,7 +237,7 @@
  	if (addr) {
  		if (do_align)
  			addr = COLOUR_ALIGN(addr, pgoff);
-@@ -75,7 +79,7 @@ arch_get_unmapped_area(struct file *filp
+@@ -75,7 +79,7 @@
  	if (len > mm->cached_hole_size) {
  	        start_addr = addr = mm->free_area_cache;
  	} else {
@@ -246,7 +246,7 @@
  	        mm->cached_hole_size = 0;
  	}
  
-@@ -92,8 +96,8 @@ full_search:
+@@ -92,8 +96,8 @@
  			 * Start a new search - just in case we missed
  			 * some holes.
  			 */
@@ -257,10 +257,10 @@
  				mm->cached_hole_size = 0;
  				goto full_search;
  			}
-diff -urNp linux-2.6.19.2/arch/i386/boot/compressed/head.S linux-2.6.19.2/arch/i386/boot/compressed/head.S
+diff -urNP linux-2.6.19.2/arch/i386/boot/compressed/head.S linux-2.6.19.2/arch/i386/boot/compressed/head.S
 --- linux-2.6.19.2/arch/i386/boot/compressed/head.S	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/boot/compressed/head.S	2006-12-03 15:15:45.000000000 -0500
-@@ -39,11 +39,13 @@ startup_32:
++++ linux-2.6.19.2/arch/i386/boot/compressed/head.S	2007-01-20 17:29:54.000000000 -0500
+@@ -39,11 +39,13 @@
  	movl %eax,%gs
  
  	lss stack_start,%esp
@@ -274,10 +274,10 @@
  
  /*
   * Initialize eflags.  Some BIOS's leave bits like NT set.  This would
-diff -urNp linux-2.6.19.2/arch/i386/Kconfig linux-2.6.19.2/arch/i386/Kconfig
+diff -urNP linux-2.6.19.2/arch/i386/Kconfig linux-2.6.19.2/arch/i386/Kconfig
 --- linux-2.6.19.2/arch/i386/Kconfig	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/Kconfig	2006-12-03 15:15:45.000000000 -0500
-@@ -803,7 +803,7 @@ config HOTPLUG_CPU
++++ linux-2.6.19.2/arch/i386/Kconfig	2007-01-20 17:29:54.000000000 -0500
+@@ -803,7 +803,7 @@
  
  config COMPAT_VDSO
  	bool "Compat VDSO support"
@@ -286,7 +286,7 @@
  	depends on !PARAVIRT
  	help
  	  Map the VDSO to the predictable old-style address too.
-@@ -999,7 +999,7 @@ config PCI
+@@ -999,7 +999,7 @@
  choice
  	prompt "PCI access mode"
  	depends on PCI && !X86_VISWS
@@ -295,7 +295,7 @@
  	---help---
  	  On PCI systems, the BIOS can be used to detect the PCI devices and
  	  determine their configuration. However, some old PCI motherboards
-@@ -1031,7 +1031,7 @@ endchoice
+@@ -1031,7 +1031,7 @@
  
  config PCI_BIOS
  	bool
@@ -304,10 +304,10 @@
  	default y
  
  config PCI_DIRECT
-diff -urNp linux-2.6.19.2/arch/i386/Kconfig.cpu linux-2.6.19.2/arch/i386/Kconfig.cpu
+diff -urNP linux-2.6.19.2/arch/i386/Kconfig.cpu linux-2.6.19.2/arch/i386/Kconfig.cpu
 --- linux-2.6.19.2/arch/i386/Kconfig.cpu	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/Kconfig.cpu	2006-12-03 15:15:45.000000000 -0500
-@@ -252,7 +252,7 @@ config X86_PPRO_FENCE
++++ linux-2.6.19.2/arch/i386/Kconfig.cpu	2007-01-20 17:29:54.000000000 -0500
+@@ -252,7 +252,7 @@
  
  config X86_F00F_BUG
  	bool
@@ -316,7 +316,7 @@
  	default y
  
  config X86_WP_WORKS_OK
-@@ -282,7 +282,7 @@ config X86_CMPXCHG64
+@@ -282,7 +282,7 @@
  
  config X86_ALIGNMENT_16
  	bool
@@ -325,10 +325,10 @@
  	default y
  
  config X86_GOOD_APIC
-diff -urNp linux-2.6.19.2/arch/i386/Kconfig.debug linux-2.6.19.2/arch/i386/Kconfig.debug
+diff -urNP linux-2.6.19.2/arch/i386/Kconfig.debug linux-2.6.19.2/arch/i386/Kconfig.debug
 --- linux-2.6.19.2/arch/i386/Kconfig.debug	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/Kconfig.debug	2006-12-03 15:15:45.000000000 -0500
-@@ -48,7 +48,7 @@ config DEBUG_PAGEALLOC
++++ linux-2.6.19.2/arch/i386/Kconfig.debug	2007-01-20 17:29:54.000000000 -0500
+@@ -48,7 +48,7 @@
  
  config DEBUG_RODATA
  	bool "Write protect kernel read-only data structures"
@@ -337,9 +337,9 @@
  	help
  	  Mark the kernel read-only data as write-protected in the pagetables,
  	  in order to catch accidental (and incorrect) writes to such const
-diff -urNp linux-2.6.19.2/arch/i386/kernel/alternative.c linux-2.6.19.2/arch/i386/kernel/alternative.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/alternative.c linux-2.6.19.2/arch/i386/kernel/alternative.c
 --- linux-2.6.19.2/arch/i386/kernel/alternative.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/alternative.c	2006-12-03 15:15:45.000000000 -0500
++++ linux-2.6.19.2/arch/i386/kernel/alternative.c	2007-01-20 17:29:54.000000000 -0500
 @@ -3,6 +3,7 @@
  #include <linux/list.h>
  #include <asm/alternative.h>
@@ -348,7 +348,7 @@
  
  static int no_replacement    = 0;
  static int smp_alt_once      = 0;
-@@ -142,6 +143,12 @@ void apply_alternatives(struct alt_instr
+@@ -142,6 +143,12 @@
  	u8 *instr;
  	int diff, i, k;
  
@@ -361,7 +361,7 @@
  	DPRINTK("%s: alt table %p -> %p\n", __FUNCTION__, start, end);
  	for (a = start; a < end; a++) {
  		BUG_ON(a->replacementlen > a->instrlen);
-@@ -156,16 +163,21 @@ void apply_alternatives(struct alt_instr
+@@ -156,16 +163,21 @@
  				__FUNCTION__, a->instr, instr);
  		}
  #endif
@@ -385,7 +385,7 @@
  }
  
  #ifdef CONFIG_SMP
-@@ -174,50 +186,96 @@ static void alternatives_smp_save(struct
+@@ -174,50 +186,96 @@
  {
  	struct alt_instr *a;
  
@@ -494,10 +494,10 @@
  }
  
  struct smp_alt_module {
-diff -urNp linux-2.6.19.2/arch/i386/kernel/apic.c linux-2.6.19.2/arch/i386/kernel/apic.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/apic.c linux-2.6.19.2/arch/i386/kernel/apic.c
 --- linux-2.6.19.2/arch/i386/kernel/apic.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/apic.c	2006-12-03 15:15:45.000000000 -0500
-@@ -1197,7 +1197,7 @@ inline void smp_local_timer_interrupt(vo
++++ linux-2.6.19.2/arch/i386/kernel/apic.c	2007-01-20 17:29:54.000000000 -0500
+@@ -1197,7 +1197,7 @@
  {
  	profile_tick(CPU_PROFILING);
  #ifdef CONFIG_SMP
@@ -506,9 +506,9 @@
  #endif
  
  	/*
-diff -urNp linux-2.6.19.2/arch/i386/kernel/apm.c linux-2.6.19.2/arch/i386/kernel/apm.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/apm.c linux-2.6.19.2/arch/i386/kernel/apm.c
 --- linux-2.6.19.2/arch/i386/kernel/apm.c	2007-01-12 11:32:03.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/apm.c	2007-01-12 11:32:15.000000000 -0500
++++ linux-2.6.19.2/arch/i386/kernel/apm.c	2007-01-20 17:29:54.000000000 -0500
 @@ -235,7 +235,7 @@
  #include "io_ports.h"
  
@@ -518,7 +518,7 @@
  
  #if defined(CONFIG_APM_DISPLAY_BLANK) && defined(CONFIG_VT)
  extern int (*console_blank_hook)(int);
-@@ -608,9 +608,18 @@ static u8 apm_bios_call(u32 func, u32 eb
+@@ -608,9 +608,18 @@
  	struct desc_struct	save_desc_40;
  	struct desc_struct	*gdt;
  
@@ -537,7 +537,7 @@
  	gdt = get_cpu_gdt_table(cpu);
  	save_desc_40 = gdt[0x40 / 8];
  	gdt[0x40 / 8] = bad_bios_desc;
-@@ -621,6 +630,11 @@ static u8 apm_bios_call(u32 func, u32 eb
+@@ -621,6 +630,11 @@
  	APM_DO_RESTORE_SEGS;
  	apm_irq_restore(flags);
  	gdt[0x40 / 8] = save_desc_40;
@@ -549,7 +549,7 @@
  	put_cpu();
  	apm_restore_cpus(cpus);
  	
-@@ -651,9 +665,18 @@ static u8 apm_bios_call_simple(u32 func,
+@@ -651,9 +665,18 @@
  	struct desc_struct	save_desc_40;
  	struct desc_struct	*gdt;
  
@@ -568,7 +568,7 @@
  	gdt = get_cpu_gdt_table(cpu);
  	save_desc_40 = gdt[0x40 / 8];
  	gdt[0x40 / 8] = bad_bios_desc;
-@@ -664,6 +687,11 @@ static u8 apm_bios_call_simple(u32 func,
+@@ -664,6 +687,11 @@
  	APM_DO_RESTORE_SEGS;
  	apm_irq_restore(flags);
  	gdt[0x40 / 8] = save_desc_40;
@@ -580,7 +580,7 @@
  	put_cpu();
  	apm_restore_cpus(cpus);
  	return error;
-@@ -931,7 +959,7 @@ recalc:
+@@ -931,7 +959,7 @@
   
  static void apm_power_off(void)
  {
@@ -589,10 +589,10 @@
  		0xb8, 0x00, 0x10,	/* movw  $0x1000,ax  */
  		0x8e, 0xd0,		/* movw  ax,ss       */
  		0xbc, 0x00, 0xf0,	/* movw  $0xf000,sp  */
-diff -urNp linux-2.6.19.2/arch/i386/kernel/asm-offsets.c linux-2.6.19.2/arch/i386/kernel/asm-offsets.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/asm-offsets.c linux-2.6.19.2/arch/i386/kernel/asm-offsets.c
 --- linux-2.6.19.2/arch/i386/kernel/asm-offsets.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/asm-offsets.c	2006-12-03 15:15:45.000000000 -0500
-@@ -71,6 +71,7 @@ void foo(void)
++++ linux-2.6.19.2/arch/i386/kernel/asm-offsets.c	2007-01-20 17:29:54.000000000 -0500
+@@ -71,6 +71,7 @@
  		 sizeof(struct tss_struct));
  
  	DEFINE(PAGE_SIZE_asm, PAGE_SIZE);
@@ -600,9 +600,9 @@
  	DEFINE(VDSO_PRELINK, VDSO_PRELINK);
  
  	OFFSET(crypto_tfm_ctx_offset, crypto_tfm, __crt_ctx);
-diff -urNp linux-2.6.19.2/arch/i386/kernel/cpu/common.c linux-2.6.19.2/arch/i386/kernel/cpu/common.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/cpu/common.c linux-2.6.19.2/arch/i386/kernel/cpu/common.c
 --- linux-2.6.19.2/arch/i386/kernel/cpu/common.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/cpu/common.c	2006-12-03 15:15:45.000000000 -0500
++++ linux-2.6.19.2/arch/i386/kernel/cpu/common.c	2007-01-20 17:29:54.000000000 -0500
 @@ -4,7 +4,6 @@
  #include <linux/smp.h>
  #include <linux/module.h>
@@ -633,7 +633,7 @@
  
  struct cpu_dev * cpu_devs[X86_VENDOR_NUM] = {};
  
-@@ -600,11 +601,10 @@ void __init early_cpu_init(void)
+@@ -600,11 +601,10 @@
  void __cpuinit cpu_init(void)
  {
  	int cpu = smp_processor_id();
@@ -647,7 +647,7 @@
  
  	if (cpu_test_and_set(cpu, cpu_initialized)) {
  		printk(KERN_WARNING "CPU#%d already initialized!\n", cpu);
-@@ -621,36 +621,12 @@ void __cpuinit cpu_init(void)
+@@ -621,36 +621,12 @@
  		set_in_cr4(X86_CR4_TSD);
  	}
  
@@ -686,7 +686,7 @@
  
  	/* Set up GDT entry for 16bit stack */
   	*(__u64 *)(&gdt[GDT_ENTRY_ESPFIX_SS]) |=
-@@ -658,10 +634,10 @@ old_gdt:
+@@ -658,10 +634,10 @@
  		((((__u64)stk16_off) << 32) & 0xff00000000000000ULL) |
  		(CPU_16BIT_STACK_SIZE - 1);
  
@@ -700,10 +700,10 @@
  	load_idt(&idt_descr);
  
  	/*
-diff -urNp linux-2.6.19.2/arch/i386/kernel/crash.c linux-2.6.19.2/arch/i386/kernel/crash.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/crash.c linux-2.6.19.2/arch/i386/kernel/crash.c
 --- linux-2.6.19.2/arch/i386/kernel/crash.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/crash.c	2006-12-03 15:15:45.000000000 -0500
-@@ -117,7 +117,7 @@ static int crash_nmi_callback(struct not
++++ linux-2.6.19.2/arch/i386/kernel/crash.c	2007-01-20 17:29:54.000000000 -0500
+@@ -117,7 +117,7 @@
  		return NOTIFY_STOP;
  	local_irq_disable();
  
@@ -712,9 +712,9 @@
  		crash_fixup_ss_esp(&fixed_regs, regs);
  		regs = &fixed_regs;
  	}
-diff -urNp linux-2.6.19.2/arch/i386/kernel/doublefault.c linux-2.6.19.2/arch/i386/kernel/doublefault.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/doublefault.c linux-2.6.19.2/arch/i386/kernel/doublefault.c
 --- linux-2.6.19.2/arch/i386/kernel/doublefault.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/doublefault.c	2006-12-03 15:15:45.000000000 -0500
++++ linux-2.6.19.2/arch/i386/kernel/doublefault.c	2007-01-20 17:29:54.000000000 -0500
 @@ -11,7 +11,7 @@
  
  #define DOUBLEFAULT_STACKSIZE (1024)
@@ -724,7 +724,7 @@
  
  #define ptr_ok(x) ((x) > PAGE_OFFSET && (x) < PAGE_OFFSET + 0x1000000)
  
-@@ -57,10 +57,10 @@ struct tss_struct doublefault_tss __cach
+@@ -57,10 +57,10 @@
  	.eip		= (unsigned long) doublefault_fn,
  	.eflags		= X86_EFLAGS_SF | 0x2,	/* 0x2 bit is always set */
  	.esp		= STACK_START,
@@ -737,10 +737,10 @@
  
  	.__cr3		= __pa(swapper_pg_dir)
  };
-diff -urNp linux-2.6.19.2/arch/i386/kernel/efi.c linux-2.6.19.2/arch/i386/kernel/efi.c
+diff -urNP linux-2.6.19.2/arch/i386/kernel/efi.c linux-2.6.19.2/arch/i386/kernel/efi.c
 --- linux-2.6.19.2/arch/i386/kernel/efi.c	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/efi.c	2006-12-03 15:15:45.000000000 -0500
-@@ -63,82 +63,43 @@ extern void * boot_ioremap(unsigned long
++++ linux-2.6.19.2/arch/i386/kernel/efi.c	2007-01-22 22:57:47.000000000 -0500
+@@ -63,82 +63,43 @@
  
  static unsigned long efi_rt_eflags;
  static DEFINE_SPINLOCK(efi_rt_lock);
@@ -783,7 +783,7 @@
 -	}
 +	clone_pgd_range(efi_bak_pg_dir_pointer, swapper_pg_dir, KERNEL_PGD_PTRS);
 +	clone_pgd_range(swapper_pg_dir, swapper_pg_dir + USER_PGD_PTRS,
-+			USER_PGD_PTRS >= KERNEL_PGD_PTRS ? KERNEL_PGD_PTRS : USER_PGD_PTRS);
++			min_t(unsigned long, KERNEL_PGD_PTRS, USER_PGD_PTRS));
  
  	/*
  	 * After the lock is released, the original page table is restored.
@@ -835,7 +835,7 @@
  phys_efi_set_virtual_address_map(unsigned long memory_map_size,
  				 unsigned long descriptor_size,
  				 u32 descriptor_version,
-@@ -154,7 +115,7 @@ phys_efi_set_virtual_address_map(unsigne
+@@ -154,7 +115,7 @@
  	return status;
  }
  
@@ -844,9 +844,9 @@
  phys_efi_get_time(efi_time_t *tm, efi_time_cap_t *tc)
  {
  	efi_status_t status;
-diff -urNp linux-2.6.19.2/arch/i386/kernel/efi_stub.S linux-2.6.19.2/arch/i386/kernel/efi_stub.S
+diff -urNP linux-2.6.19.2/arch/i386/kernel/efi_stub.S linux-2.6.19.2/arch/i386/kernel/efi_stub.S
 --- linux-2.6.19.2/arch/i386/kernel/efi_stub.S	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/efi_stub.S	2006-12-03 15:15:45.000000000 -0500
++++ linux-2.6.19.2/arch/i386/kernel/efi_stub.S	2007-01-20 17:29:54.000000000 -0500
 @@ -6,6 +6,7 @@
   */
  
@@ -864,7 +864,7 @@
  ENTRY(efi_call_phys)
  	/*
  	 * 0. The function can only be called in Linux kernel. So CS has been
-@@ -36,9 +37,7 @@ ENTRY(efi_call_phys)
+@@ -36,9 +37,7 @@
  	 * The mapping of lower virtual memory has been created in prelog and
  	 * epilog.
  	 */
@@ -875,7 +875,7 @@
  1:
  
  	/*
-@@ -47,14 +46,8 @@ ENTRY(efi_call_phys)
+@@ -47,14 +46,8 @@
  	 * parameter 2, ..., param n. To make things easy, we save the return
  	 * address of efi_call_phys in a global variable.
  	 */
@@ -892,7 +892,7 @@
  
  	/*
  	 * 3. Clear PG bit in %CR0.
-@@ -73,9 +66,8 @@ ENTRY(efi_call_phys)
+@@ -73,9 +66,8 @@
  	/*
  	 * 5. Call the physical function.
  	 */
@@ -903,7 +903,7 @@
  	/*
  	 * 6. After EFI runtime service returns, control will return to
  	 * following instruction. We'd better readjust stack pointer first.
-@@ -85,37 +77,29 @@ ENTRY(efi_call_phys)
+@@ -85,37 +77,29 @@
  	/*
  	 * 7. Restore PG bit
  	 */
@@ -949,10 +949,10 @@
  saved_return_addr:
  	.long 0
  efi_rt_function_ptr:
-diff -urNp linux-2.6.19.2/arch/i386/kernel/entry.S linux-2.6.19.2/arch/i386/kernel/entry.S
+diff -urNP linux-2.6.19.2/arch/i386/kernel/entry.S linux-2.6.19.2/arch/i386/kernel/entry.S
 --- linux-2.6.19.2/arch/i386/kernel/entry.S	2006-11-29 16:57:37.000000000 -0500
-+++ linux-2.6.19.2/arch/i386/kernel/entry.S	2006-12-10 21:43:36.000000000 -0500
-@@ -82,6 +82,8 @@ VM_MASK		= 0x00020000
++++ linux-2.6.19.2/arch/i386/kernel/entry.S	2007-01-20 17:29:54.000000000 -0500
+@@ -82,6 +82,8 @@
  #define ENABLE_INTERRUPTS_SYSEXIT	sti; sysexit
  #define INTERRUPT_RETURN		iret
  #define GET_CR0_INTO_EAX		movl %cr0, %eax
@@ -961,7 +961,7 @@
  
  #ifdef CONFIG_PREEMPT
  #define preempt_stop		DISABLE_INTERRUPTS; TRACE_IRQS_OFF
-@@ -105,7 +107,7 @@ VM_MASK		= 0x00020000
+@@ -105,7 +107,7 @@
  #define resume_userspace_sig	resume_userspace
  #endif
  
@@ -970,7 +970,7 @@
  	cld; \
  	pushl %es; \
  	CFI_ADJUST_CFA_OFFSET 4;\
-@@ -134,10 +136,24 @@ VM_MASK		= 0x00020000
+@@ -134,10 +136,24 @@
  	pushl %ebx; \
  	CFI_ADJUST_CFA_OFFSET 4;\
  	CFI_REL_OFFSET ebx, 0;\
@@ -996,7 +996,7 @@
  #define RESTORE_INT_REGS \
  	popl %ebx;	\
  	CFI_ADJUST_CFA_OFFSET -4;\
-@@ -245,7 +261,18 @@ check_userspace:
+@@ -245,7 +261,18 @@
  	movb CS(%esp), %al
  	andl $(VM_MASK | SEGMENT_RPL_MASK), %eax
  	cmpl $USER_RPL, %eax
@@ -1015,7 +1015,7 @@
  ENTRY(resume_userspace)
   	DISABLE_INTERRUPTS		# make sure we don't miss an interrupt
  					# setting need_resched or sigpending
-@@ -301,10 +328,9 @@ sysenter_past_esp:
+@@ -301,10 +328,9 @@
  	/*CFI_REL_OFFSET cs, 0*/
  	/*
  	 * Push current_thread_info()->sysenter_return to the stack.
@@ -1028,7 +1028,7 @@
  	CFI_ADJUST_CFA_OFFSET 4
  	CFI_REL_OFFSET eip, 0
  
-@@ -312,9 +338,20 @@ sysenter_past_esp:
+@@ -312,9 +338,20 @@
   * Load the potential sixth argument from user stack.
   * Careful about security.
   */
@@ -1049,7 +1049,7 @@
  .section __ex_table,"a"
  	.align 4
  	.long 1b,syscall_fault
-@@ -337,14 +374,36 @@ sysenter_past_esp:
+@@ -337,14 +374,36 @@
  	movl TI_flags(%ebp), %ecx
  	testw $_TIF_ALLWORK_MASK, %cx
  	jne syscall_exit_work
@@ -1086,7 +1086,7 @@
  
  	# system call handler stub
  ENTRY(system_call)
-@@ -375,6 +434,10 @@ syscall_exit:
+@@ -375,6 +434,10 @@
  	testw $_TIF_ALLWORK_MASK, %cx	# current->work
  	jne syscall_exit_work
  
@@ -1097,7 +1097,7 @@
  restore_all:
  	movl EFLAGS(%esp), %eax		# mix EFLAGS, SS and CS
  	# Warning: OLDSS(%esp) contains the wrong/random values if we
-@@ -553,7 +616,7 @@ syscall_badsys:
+@@ -553,7 +616,7 @@
   * Build the entry stubs and pointer table with
   * some assembler magic.
   */
@@ -1106,7 +1106,7 @@
  ENTRY(interrupt)
  .text
  
-@@ -568,7 +631,7 @@ ENTRY(irq_entries_start)
+@@ -568,7 +631,7 @@
  1:	pushl $~(vector)
  	CFI_ADJUST_CFA_OFFSET 4
  	jmp common_interrupt
@@ -1115,7 +1115,7 @@
  	.long 1b
  .text
  vector=vector+1
-@@ -642,12 +705,21 @@ error_code:
+@@ -642,12 +705,21 @@
  	popl %ecx
  	CFI_ADJUST_CFA_OFFSET -4
  	/*CFI_REGISTER es, ecx*/
@@ -1138,7 +1138,7 @@
  	movl %ecx, %ds
  	movl %ecx, %es
  	movl %esp,%eax			# pt_regs pointer
-@@ -778,6 +850,13 @@ nmi_stack_correct:
+@@ -778,6 +850,13 @@
  	xorl %edx,%edx		# zero error code
  	movl %esp,%eax		# pt_regs pointer
  	call do_nmi
@@ -1152,7 +1152,7 @@
<<Diff was trimmed, longer than 597 lines>>

---- CVS-web:
    http://cvs.pld-linux.org/SOURCES/grsecurity-2.1.10-2.6.19.2.patch?r1=1.1.2.1&r2=1.1.2.2&f=u



More information about the pld-cvs-commit mailing list