SOURCES (Titanium): linux-2.6-grsecurity.patch - merged pax fixes from http...
hawk
hawk at pld-linux.org
Thu May 22 16:31:43 CEST 2008
Author: hawk Date: Thu May 22 14:31:43 2008 GMT
Module: SOURCES Tag: Titanium
---- Log message:
- merged pax fixes from http://www.grsecurity.net/~paxguy1/pax-linux-2.6.25.4-test16.patch
---- Files affected:
SOURCES:
linux-2.6-grsecurity.patch (1.1.2.11 -> 1.1.2.12)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsecurity.patch
diff -u SOURCES/linux-2.6-grsecurity.patch:1.1.2.11 SOURCES/linux-2.6-grsecurity.patch:1.1.2.12
--- SOURCES/linux-2.6-grsecurity.patch:1.1.2.11 Mon May 19 12:26:08 2008
+++ SOURCES/linux-2.6-grsecurity.patch Thu May 22 16:31:37 2008
@@ -4001,10 +4001,11 @@
diff -urNp linux-2.6.25.4/arch/x86/kernel/cpu/intel.c linux-2.6.25.4/arch/x86/kernel/cpu/intel.c
--- linux-2.6.25.4/arch/x86/kernel/cpu/intel.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/arch/x86/kernel/cpu/intel.c 2008-05-18 13:33:14.000000000 -0400
-@@ -108,6 +108,7 @@ static void __cpuinit trap_init_f00f_bug
+@@ -107,7 +107,7 @@ static void __cpuinit trap_init_f00f_bug
+ * Update the IDT descriptor and reload the IDT so that
* it uses the read-only mapped virtual address.
*/
- idt_descr.address = fix_to_virt(FIX_F00F_IDT);
+- idt_descr.address = fix_to_virt(FIX_F00F_IDT);
+ idt_descr.address = (struct desc_struct *)fix_to_virt(FIX_F00F_IDT);
load_idt(&idt_descr);
}
@@ -5094,13 +5095,14 @@
diff -urNp linux-2.6.25.4/arch/x86/kernel/init_task.c linux-2.6.25.4/arch/x86/kernel/init_task.c
--- linux-2.6.25.4/arch/x86/kernel/init_task.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/arch/x86/kernel/init_task.c 2008-05-18 13:33:14.000000000 -0400
-@@ -43,5 +43,4 @@ EXPORT_SYMBOL(init_task);
+@@ -43,5 +43,5 @@ EXPORT_SYMBOL(init_task);
* section. Since TSS's are completely CPU-local, we want them
* on exact cacheline boundaries, to eliminate cacheline ping-pong.
*/
-DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, init_tss) = INIT_TSS;
-
+struct tss_struct init_tss[NR_CPUS] ____cacheline_internodealigned_in_smp = { [0 ... NR_CPUS-1] = INIT_TSS };
++EXPORT_SYMBOL(init_tss);
diff -urNp linux-2.6.25.4/arch/x86/kernel/ioport.c linux-2.6.25.4/arch/x86/kernel/ioport.c
--- linux-2.6.25.4/arch/x86/kernel/ioport.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/arch/x86/kernel/ioport.c 2008-05-18 13:33:14.000000000 -0400
@@ -5125,7 +5127,7 @@
if (turn_on && !capable(CAP_SYS_RAWIO))
return -EPERM;
-@@ -66,7 +73,7 @@ asmlinkage long sys_ioperm(unsigned long
+@@ -66,7 +66,7 @@ asmlinkage long sys_ioperm(unsigned long
* because the ->io_bitmap_max value must match the bitmap
* contents:
*/
@@ -6042,7 +6044,7 @@
struct x8664_pda boot_cpu_pda[NR_CPUS] __cacheline_aligned;
-struct desc_ptr idt_descr = { 256 * 16 - 1, (unsigned long) idt_table };
-+const struct desc_ptr idt_descr = { 256 * 16 - 1, (unsigned long) idt_table };
++struct desc_ptr idt_descr __read_only = { 256 * 16 - 1, (unsigned long) idt_table };
char boot_cpu_stack[IRQSTACKSIZE] __attribute__((section(".bss.page_aligned")));
@@ -6233,15 +6235,18 @@
diff -urNp linux-2.6.25.4/arch/x86/kernel/smpcommon_32.c linux-2.6.25.4/arch/x86/kernel/smpcommon_32.c
--- linux-2.6.25.4/arch/x86/kernel/smpcommon_32.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/arch/x86/kernel/smpcommon_32.c 2008-05-18 13:33:14.000000000 -0400
-@@ -3,6 +3,7 @@
+@@ -3,8 +3,9 @@
*/
#include <linux/module.h>
#include <asm/smp.h>
+#include <asm/sections.h>
- DEFINE_PER_CPU(unsigned long, this_cpu_off);
+-DEFINE_PER_CPU(unsigned long, this_cpu_off);
++DEFINE_PER_CPU(unsigned long, this_cpu_off) = (unsigned long)__per_cpu_start;
EXPORT_PER_CPU_SYMBOL(this_cpu_off);
-@@ -12,13 +13,20 @@ EXPORT_PER_CPU_SYMBOL(this_cpu_off);
+
+ /* Initialize the CPU's GDT. This is either the boot CPU doing itself
+@@ -12,15 +13,22 @@ EXPORT_PER_CPU_SYMBOL(this_cpu_off);
secondary which will soon come up. */
__cpuinit void init_gdt(int cpu)
{
@@ -6262,11 +6267,14 @@
+ pack_descriptor(&d, base, limit, 0x80 | DESCTYPE_S | 0x3, 0x4);
+ else
+ pack_descriptor(&d, base, limit >> PAGE_SHIFT, 0x80 | DESCTYPE_S | 0x3, 0xC);
-+
-+ write_gdt_entry(gdt, GDT_ENTRY_PERCPU, &d, DESCTYPE_S);
- per_cpu(this_cpu_off, cpu) = __per_cpu_offset[cpu];
+- per_cpu(this_cpu_off, cpu) = __per_cpu_offset[cpu];
++ write_gdt_entry(gdt, GDT_ENTRY_PERCPU, &d, DESCTYPE_S);
++
++ per_cpu(this_cpu_off, cpu) = base;
per_cpu(cpu_number, cpu) = cpu;
+ }
+
diff -urNp linux-2.6.25.4/arch/x86/kernel/step.c linux-2.6.25.4/arch/x86/kernel/step.c
--- linux-2.6.25.4/arch/x86/kernel/step.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/arch/x86/kernel/step.c 2008-05-18 13:33:14.000000000 -0400
@@ -9505,7 +9513,7 @@
#ifdef CONFIG_X86_32
static inline pmd_t *vmalloc_sync_one(pgd_t *pgd, unsigned long address)
{
-@@ -380,17 +404,32 @@ static void show_fault_oops(struct pt_re
+@@ -380,17 +404,28 @@ static void show_fault_oops(struct pt_re
#endif
#ifdef CONFIG_X86_PAE
@@ -9529,18 +9537,14 @@
+#else
+ if (init_mm.start_code <= address && address < init_mm.end_code)
+#endif
-+ if (current->signal->curr_ip)
-+ printk(KERN_ERR "PAX: From %u.%u.%u.%u: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
-+ NIPQUAD(current->signal->curr_ip), current->comm, task_pid_nr(current), current->uid, current->euid);
-+ else
-+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
++ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
+ current->comm, task_pid_nr(current), current->uid, current->euid);
+#endif
+
printk(KERN_ALERT "BUG: unable to handle kernel ");
if (address < PAGE_SIZE)
printk(KERN_CONT "NULL pointer dereference");
-@@ -578,13 +617,22 @@ void __kprobes do_page_fault(struct pt_r
+@@ -578,13 +613,22 @@ void __kprobes do_page_fault(struct pt_r
struct task_struct *tsk;
struct mm_struct *mm;
struct vm_area_struct *vma;
@@ -9564,7 +9568,7 @@
/*
* We can fault from pretty much anywhere, with unknown IRQ state.
*/
-@@ -594,9 +642,6 @@ void __kprobes do_page_fault(struct pt_r
+@@ -594,9 +638,6 @@ void __kprobes do_page_fault(struct pt_r
mm = tsk->mm;
prefetchw(&mm->mmap_sem);
@@ -9574,7 +9578,7 @@
si_code = SEGV_MAPERR;
if (notify_page_fault(regs))
-@@ -647,7 +692,7 @@ void __kprobes do_page_fault(struct pt_r
+@@ -647,7 +688,7 @@ void __kprobes do_page_fault(struct pt_r
* atomic region then we must not take the fault.
*/
if (in_atomic() || !mm)
@@ -9583,7 +9587,7 @@
#else /* CONFIG_X86_64 */
if (likely(regs->flags & X86_EFLAGS_IF))
local_irq_enable();
-@@ -660,13 +705,13 @@ void __kprobes do_page_fault(struct pt_r
+@@ -660,13 +701,13 @@ void __kprobes do_page_fault(struct pt_r
* atomic region then we must not take the fault.
*/
if (unlikely(in_atomic() || !mm))
@@ -9599,7 +9603,7 @@
error_code |= PF_USER;
again:
#endif
-@@ -688,10 +733,104 @@ again:
+@@ -688,10 +729,104 @@ again:
if (!down_read_trylock(&mm->mmap_sem)) {
if ((error_code & PF_USER) == 0 &&
!search_exception_tables(regs->ip))
@@ -9650,7 +9654,7 @@
+#ifdef CONFIG_SMP
+ if (likely(address > get_limit(regs->cs) && cpu_isset(smp_processor_id(), mm->context.cpu_user_cs_mask)))
+#else
-+ if (likely(address > get_limit(regs->xcs)))
++ if (likely(address > get_limit(regs->cs)))
+#endif
+ {
+ set_pte(pte, pte_mkread(*pte));
@@ -9705,7 +9709,7 @@
vma = find_vma(mm, address);
if (!vma)
goto bad_area;
-@@ -709,6 +848,12 @@ again:
+@@ -709,6 +844,12 @@ again:
if (address + 65536 + 32 * sizeof(unsigned long) < regs->sp)
goto bad_area;
}
@@ -9718,7 +9722,7 @@
if (expand_stack(vma, address))
goto bad_area;
/*
-@@ -718,6 +863,8 @@ again:
+@@ -718,6 +859,8 @@ again:
good_area:
si_code = SEGV_ACCERR;
write = 0;
@@ -9727,7 +9731,7 @@
switch (error_code & (PF_PROT|PF_WRITE)) {
default: /* 3: write, present */
/* fall through */
-@@ -775,6 +922,49 @@ bad_area:
+@@ -775,6 +918,49 @@ bad_area:
up_read(&mm->mmap_sem);
bad_area_nosemaphore:
@@ -9777,7 +9781,7 @@
/* User mode accesses just cause a SIGSEGV */
if (error_code & PF_USER) {
/*
-@@ -857,7 +1047,7 @@ no_context:
+@@ -857,7 +1043,7 @@ no_context:
#ifdef CONFIG_X86_32
die("Oops", regs, error_code);
bust_spinlocks(0);
@@ -9786,7 +9790,7 @@
#else
if (__die("Oops", regs, error_code))
regs = NULL;
-@@ -871,17 +1061,17 @@ no_context:
+@@ -871,17 +1057,17 @@ no_context:
* us unable to handle the page fault gracefully.
*/
out_of_memory:
@@ -9806,7 +9810,7 @@
printk("VM: killing process %s\n", tsk->comm);
if (error_code & PF_USER)
do_group_exit(SIGKILL);
-@@ -982,3 +1172,181 @@ void vmalloc_sync_all(void)
+@@ -982,3 +1168,181 @@ void vmalloc_sync_all(void)
(__START_KERNEL & PGDIR_MASK)));
#endif
}
@@ -26759,13 +26763,11 @@
desc->s = 1;
desc->dpl = 0x3;
desc->p = info->seg_not_present ^ 1;
-@@ -26,15 +27,16 @@ static inline void fill_ldt(struct desc_
- desc->base2 = (info->base_addr & 0xff000000) >> 24;
+@@ -27,14 +28,15 @@ static inline void fill_ldt(struct desc_
}
--extern struct desc_ptr idt_descr;
+ extern struct desc_ptr idt_descr;
-extern gate_desc idt_table[];
-+extern const struct desc_ptr idt_descr;
+extern gate_desc idt_table[256];
-#ifdef CONFIG_X86_64
@@ -27392,29 +27394,19 @@
diff -urNp linux-2.6.25.4/include/asm-x86/percpu.h linux-2.6.25.4/include/asm-x86/percpu.h
--- linux-2.6.25.4/include/asm-x86/percpu.h 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/include/asm-x86/percpu.h 2008-05-18 13:33:17.000000000 -0400
-@@ -41,6 +41,7 @@ DECLARE_PER_CPU(struct x8664_pda, pda);
- #ifdef CONFIG_SMP
- #define PER_CPU(var, reg) \
- movl %fs:per_cpu__##this_cpu_off, reg; \
-+ lea __per_cpu_start(reg), reg; \
- lea per_cpu__##var(reg), reg
- #define PER_CPU_VAR(var) %fs:per_cpu__##var
- #else /* ! SMP */
-@@ -65,7 +66,13 @@ DECLARE_PER_CPU(struct x8664_pda, pda);
- */
- #ifdef CONFIG_SMP
+@@ -67,6 +67,12 @@ DECLARE_PER_CPU(struct x8664_pda, pda);
+
+ #define __my_cpu_offset x86_read_percpu(this_cpu_off)
--#define __my_cpu_offset x86_read_percpu(this_cpu_off)
-+#define __my_cpu_offset (x86_read_percpu(this_cpu_off) + (unsigned long)__per_cpu_start)
-+
-+#include <linux/threads.h>
+#include <asm-generic/sections.h>
++#include <linux/threads.h>
+#define __per_cpu_offset __per_cpu_offset
+extern unsigned long __per_cpu_offset[NR_CPUS];
+#define per_cpu_offset(x) (__per_cpu_offset[x] + (unsigned long)__per_cpu_start)
-
++
/* fs segment starts at (positive) offset == __per_cpu_offset[cpu] */
#define __percpu_seg "%%fs:"
+
diff -urNp linux-2.6.25.4/include/asm-x86/pgalloc_32.h linux-2.6.25.4/include/asm-x86/pgalloc_32.h
--- linux-2.6.25.4/include/asm-x86/pgalloc_32.h 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/include/asm-x86/pgalloc_32.h 2008-05-18 13:33:17.000000000 -0400
@@ -30035,15 +30027,7 @@
diff -urNp linux-2.6.25.4/init/main.c linux-2.6.25.4/init/main.c
--- linux-2.6.25.4/init/main.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/init/main.c 2008-05-18 13:33:17.000000000 -0400
-@@ -101,6 +101,7 @@ static inline void mark_rodata_ro(void)
- #ifdef CONFIG_TC
- extern void tc_init(void);
- #endif
-+extern void grsecurity_init(void);
-
- enum system_states system_state;
- EXPORT_SYMBOL(system_state);
-@@ -187,6 +188,17 @@ static int __init set_reset_devices(char
+@@ -187,6 +187,17 @@ static int __init set_reset_devices(char
__setup("reset_devices", set_reset_devices);
@@ -30061,7 +30045,16 @@
static char * argv_init[MAX_INIT_ARGS+2] = { "init", NULL, };
char * envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, };
static const char *panic_later, *panic_param;
-@@ -668,7 +680,7 @@ static void __init do_initcalls(void)
+@@ -364,7 +375,7 @@ static inline void smp_prepare_cpus(unsi
+ #else
+
+ #ifndef CONFIG_HAVE_SETUP_PER_CPU_AREA
+-unsigned long __per_cpu_offset[NR_CPUS] __read_mostly;
++unsigned long __per_cpu_offset[NR_CPUS] __read_only;
+
+ EXPORT_SYMBOL(__per_cpu_offset);
+
+@@ -668,7 +679,7 @@ static void __init do_initcalls(void)
for (call = __initcall_start; call < __initcall_end; call++) {
ktime_t t0, t1, delta;
@@ -30070,7 +30063,7 @@
char msgbuf[40];
int result;
-@@ -697,23 +709,23 @@ static void __init do_initcalls(void)
+@@ -697,23 +708,23 @@ static void __init do_initcalls(void)
(unsigned long) *call);
}
@@ -30102,15 +30095,6 @@
}
}
-@@ -848,6 +860,8 @@ static int __init kernel_init(void * unu
- prepare_namespace();
- }
-
-+ grsecurity_init();
-+
- /*
- * Ok, we have completed the initial bootup, and
- * we're essentially up and running. Get rid of the
diff -urNp linux-2.6.25.4/init/noinitramfs.c linux-2.6.25.4/init/noinitramfs.c
--- linux-2.6.25.4/init/noinitramfs.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/init/noinitramfs.c 2008-05-18 13:33:17.000000000 -0400
@@ -30778,6 +30762,21 @@
/*
* static variable?
*/
+@@ -609,9 +613,12 @@ static int static_obj(void *obj)
+ * percpu var?
+ */
+ for_each_possible_cpu(i) {
++#ifdef CONFIG_X86_32
++ start = per_cpu_offset(i);
++#else
+ start = (unsigned long) &__per_cpu_start + per_cpu_offset(i);
+- end = (unsigned long) &__per_cpu_start + PERCPU_ENOUGH_ROOM
+- + per_cpu_offset(i);
++#endif
++ end = start + PERCPU_ENOUGH_ROOM;
+
+ if ((addr >= start) && (addr < end))
+ return 1;
diff -urNp linux-2.6.25.4/kernel/module.c linux-2.6.25.4/kernel/module.c
--- linux-2.6.25.4/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
+++ linux-2.6.25.4/kernel/module.c 2008-05-18 13:33:17.000000000 -0400
@@ -30793,16 +30792,7 @@
#include <linux/license.h>
#include <asm/sections.h>
-@@ -71,6 +76,8 @@ static DECLARE_WAIT_QUEUE_HEAD(module_wq
-
- static BLOCKING_NOTIFIER_HEAD(module_notify_list);
-
-+extern int gr_check_modstop(void);
-+
- int register_module_notifier(struct notifier_block * nb)
- {
- return blocking_notifier_chain_register(&module_notify_list, nb);
-@@ -344,6 +351,8 @@ static inline unsigned int block_size(in
+@@ -344,6 +349,8 @@ static inline unsigned int block_size(in
return val;
}
@@ -30811,7 +30801,7 @@
static void *percpu_modalloc(unsigned long size, unsigned long align,
const char *name)
{
-@@ -351,7 +360,7 @@ static void *percpu_modalloc(unsigned lo
+@@ -351,7 +358,7 @@ static void *percpu_modalloc(unsigned lo
unsigned int i;
void *ptr;
@@ -30820,17 +30810,19 @@
printk(KERN_WARNING "%s: per-cpu alignment %li > %li\n",
name, align, PAGE_SIZE);
align = PAGE_SIZE;
-@@ -684,6 +693,9 @@ sys_delete_module(const char __user *nam
- char name[MODULE_NAME_LEN];
- int ret, forced = 0;
+@@ -433,7 +440,11 @@ static void percpu_modcopy(void *pcpudes
+ int cpu;
-+ if (gr_check_modstop())
-+ return -EPERM;
-+
- if (!capable(CAP_SYS_MODULE))
- return -EPERM;
+ for_each_possible_cpu(cpu)
++#ifdef CONFIG_X86_32
++ memcpy(pcpudest + __per_cpu_offset[cpu], from, size);
++#else
+ memcpy(pcpudest + per_cpu_offset(cpu), from, size);
++#endif
+ }
-@@ -1347,16 +1359,19 @@ static void free_module(struct module *m
+ static int percpu_modinit(void)
+@@ -1347,16 +1358,19 @@ static void free_module(struct module *m
module_unload_free(mod);
/* This may be NULL, but that's OK */
@@ -30853,7 +30845,7 @@
}
void *__symbol_get(const char *symbol)
-@@ -1421,10 +1436,14 @@ static int simplify_symbols(Elf_Shdr *se
+@@ -1421,10 +1435,14 @@ static int simplify_symbols(Elf_Shdr *se
struct module *mod)
{
Elf_Sym *sym = (void *)sechdrs[symindex].sh_addr;
@@ -30869,7 +30861,7 @@
for (i = 1; i < n; i++) {
switch (sym[i].st_shndx) {
case SHN_COMMON:
-@@ -1443,10 +1462,19 @@ static int simplify_symbols(Elf_Shdr *se
+@@ -1443,10 +1461,19 @@ static int simplify_symbols(Elf_Shdr *se
break;
case SHN_UNDEF:
@@ -30891,7 +30883,7 @@
/* Ok if resolved. */
if (!IS_ERR_VALUE(sym[i].st_value))
break;
-@@ -1461,11 +1489,27 @@ static int simplify_symbols(Elf_Shdr *se
+@@ -1461,11 +1488,27 @@ static int simplify_symbols(Elf_Shdr *se
default:
/* Divert to percpu allocation if a percpu var. */
@@ -30921,7 +30913,7 @@
break;
}
}
-@@ -1517,11 +1561,14 @@ static void layout_sections(struct modul
+@@ -1517,11 +1560,14 @@ static void layout_sections(struct modul
|| strncmp(secstrings + s->sh_name,
".init", 5) == 0)
continue;
@@ -30938,7 +30930,7 @@
}
DEBUGP("Init section allocation order:\n");
-@@ -1535,12 +1582,15 @@ static void layout_sections(struct modul
+@@ -1535,12 +1581,15 @@ static void layout_sections(struct modul
|| strncmp(secstrings + s->sh_name,
".init", 5) != 0)
continue;
@@ -30957,7 +30949,7 @@
}
}
-@@ -1667,14 +1717,31 @@ static void add_kallsyms(struct module *
+@@ -1667,14 +1716,31 @@ static void add_kallsyms(struct module *
{
unsigned int i;
@@ -30992,7 +30984,7 @@
}
#else
static inline void add_kallsyms(struct module *mod,
-@@ -1724,6 +1791,10 @@ static struct module *load_module(void _
+@@ -1724,6 +1790,10 @@ static struct module *load_module(void _
struct exception_table_entry *extable;
mm_segment_t old_fs;
@@ -31003,7 +30995,7 @@
DEBUGP("load_module: umod=%p, len=%lu, uargs=%p\n",
umod, len, uargs);
if (len < sizeof(*hdr))
-@@ -1882,21 +1953,57 @@ static struct module *load_module(void _
+@@ -1882,21 +1952,57 @@ static struct module *load_module(void _
layout_sections(mod, hdr, sechdrs, secstrings);
/* Do the allocs. */
@@ -31025,12 +31017,17 @@
+ }
+ memset(ptr, 0, mod->init_size_rw);
+ mod->module_init_rw = ptr;
-+
+
+- ptr = module_alloc(mod->init_size);
+- if (!ptr && mod->init_size) {
+ ptr = module_alloc_exec(mod->core_size_rx);
+ if (!ptr) {
-+ err = -ENOMEM;
+ err = -ENOMEM;
+- goto free_core;
+ goto free_init_rw;
-+ }
+ }
+- memset(ptr, 0, mod->init_size);
+- mod->module_init = ptr;
+
+#ifdef CONFIG_PAX_KERNEXEC
+ pax_open_kernel(cr0);
@@ -31043,17 +31040,12 @@
+#endif
+
+ mod->module_core_rx = ptr;
-
-- ptr = module_alloc(mod->init_size);
-- if (!ptr && mod->init_size) {
++
+ ptr = module_alloc_exec(mod->init_size_rx);
+ if (!ptr && mod->init_size_rx) {
- err = -ENOMEM;
-- goto free_core;
++ err = -ENOMEM;
+ goto free_core_rx;
- }
-- memset(ptr, 0, mod->init_size);
-- mod->module_init = ptr;
++ }
+
+#ifdef CONFIG_PAX_KERNEXEC
+ pax_open_kernel(cr0);
@@ -31069,7 +31061,7 @@
/* Transfer each section which specifies SHF_ALLOC */
DEBUGP("final section addresses:\n");
-@@ -1906,17 +2013,41 @@ static struct module *load_module(void _
+@@ -1906,17 +2012,41 @@ static struct module *load_module(void _
if (!(sechdrs[i].sh_flags & SHF_ALLOC))
continue;
@@ -31091,10 +31083,7 @@
+ else
+ dest = mod->module_core_rx + sechdrs[i].sh_entsize;
+ }
-
-- if (sechdrs[i].sh_type != SHT_NOBITS)
-- memcpy(dest, (void *)sechdrs[i].sh_addr,
-- sechdrs[i].sh_size);
++
+ if (sechdrs[i].sh_type != SHT_NOBITS) {
+
+#ifdef CONFIG_PAX_KERNEXEC
@@ -31104,7 +31093,10 @@
+ pax_close_kernel(cr0);
+ } else
+#endif
-+
+
+- if (sechdrs[i].sh_type != SHT_NOBITS)
+- memcpy(dest, (void *)sechdrs[i].sh_addr,
+- sechdrs[i].sh_size);
+ memcpy(dest, (void *)sechdrs[i].sh_addr, sechdrs[i].sh_size);
+ }
/* Update sh_addr to point to copy in image. */
@@ -31120,7 +31112,7 @@
DEBUGP("\t0x%lx %s\n", sechdrs[i].sh_addr, secstrings + sechdrs[i].sh_name);
}
/* Module has been moved. */
-@@ -2057,12 +2188,12 @@ static struct module *load_module(void _
+@@ -2057,12 +2187,12 @@ static struct module *load_module(void _
* Do it before processing of module parameters, so the module
* can provide parameter accessor functions of its own.
*/
@@ -31139,7 +31131,7 @@
set_fs(old_fs);
-@@ -2115,9 +2246,13 @@ static struct module *load_module(void _
+@@ -2115,9 +2245,13 @@ static struct module *load_module(void _
kobject_put(&mod->mkobj.kobj);
free_unload:
module_unload_free(mod);
@@ -31156,17 +31148,7 @@
free_percpu:
if (percpu)
percpu_modfree(percpu);
-@@ -2142,6 +2277,9 @@ sys_init_module(void __user *umod,
- struct module *mod;
- int ret = 0;
-
-+ if (gr_check_modstop())
-+ return -EPERM;
-+
- /* Must have permission */
- if (!capable(CAP_SYS_MODULE))
- return -EPERM;
-@@ -2195,10 +2333,12 @@ sys_init_module(void __user *umod,
+@@ -2195,10 +2329,12 @@ sys_init_module(void __user *umod,
/* Drop initial reference. */
module_put(mod);
unwind_remove_table(mod->unwind_info, 1);
@@ -31183,7 +31165,7 @@
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/linux-2.6-grsecurity.patch?r1=1.1.2.11&r2=1.1.2.12&f=u
More information about the pld-cvs-commit
mailing list