SOURCES (Titanium): linux-2.6-grsecurity.patch - http://www.grsecurity.net/...
hawk
hawk at pld-linux.org
Sat Jun 7 15:04:40 CEST 2008
Author: hawk Date: Sat Jun 7 13:04:40 2008 GMT
Module: SOURCES Tag: Titanium
---- Log message:
- http://www.grsecurity.net/~spender/grsecurity-2.1.12-2.6.25.4-200806040904.patch
with localversion killed
---- Files affected:
SOURCES:
linux-2.6-grsecurity.patch (1.1.2.14 -> 1.1.2.15)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsecurity.patch
diff -u SOURCES/linux-2.6-grsecurity.patch:1.1.2.14 SOURCES/linux-2.6-grsecurity.patch:1.1.2.15
--- SOURCES/linux-2.6-grsecurity.patch:1.1.2.14 Sat May 24 14:58:57 2008
+++ SOURCES/linux-2.6-grsecurity.patch Sat Jun 7 15:04:34 2008
@@ -1,6 +1,96 @@
+diff -urNp linux-2.6.25.4/Documentation/dontdiff linux-2.6.25.4/Documentation/dontdiff
+--- linux-2.6.25.4/Documentation/dontdiff 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/Documentation/dontdiff 2008-06-04 08:52:09.000000000 -0400
+@@ -3,6 +3,7 @@
+ *.bin
+ *.cpio
+ *.css
++*.dbg
+ *.dvi
+ *.eps
+ *.gif
+@@ -55,6 +56,7 @@ ChangeSet
+ Image
+ Kerntypes
+ MODS.txt
++Module.markers
+ Module.symvers
+ PENDING
+ SCCS
+@@ -89,6 +91,7 @@ config_data.gz*
+ conmakehash
+ consolemap_deftbl.c*
+ crc32table.h*
++cpustr.h
+ cscope.*
+ defkeymap.c*
+ devlist.h*
+@@ -137,11 +140,13 @@ miboot*
+ mk_elfconfig
+ mkboot
+ mkbugboot
++mkcpustr
+ mkdep
+ mkprep
+ mktables
+ mktree
+ modpost
++modules.order
+ modversions.h*
+ offset.h
+ offsets.h
+@@ -172,20 +177,24 @@ sm_tbl*
+ split-include
+ tags
+ tftpboot.img
++timeconst.h
+ times.h*
+ tkparse
+ trix_boot.h
+ utsrelease.h*
+-vdso.lds
++vdso*.lds
+ version.h*
+ vmlinux
+ vmlinux-*
+ vmlinux.aout
+-vmlinux*.lds*
++vmlinux.bin.all
++vmlinux*.lds
++vmlinux.relocs
+ vmlinux*.scr
+-vsyscall.lds
++vsyscall*.lds
+ wanxlfw.inc
+ uImage
+ unifdef
++utsrelease.h
+ zImage*
+ zconf.hash.c
+diff -urNp linux-2.6.25.4/Makefile linux-2.6.25.4/Makefile
+--- linux-2.6.25.4/Makefile 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/Makefile 2008-06-04 08:52:09.000000000 -0400
+@@ -214,7 +214,7 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH"
+
+ HOSTCC = gcc
+ HOSTCXX = g++
+-HOSTCFLAGS = -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer
++HOSTCFLAGS = -Wall -W -Wno-unused -Wno-sign-compare -Wstrict-prototypes -O2 -fomit-frame-pointer
+ HOSTCXXFLAGS = -O2
+
+ # Decide whether to build built-in, modular, or both.
+@@ -603,7 +603,7 @@ export mod_strip_cmd
+
+
+ ifeq ($(KBUILD_EXTMOD),)
+-core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/
++core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/
+
+ vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
+ $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
diff -urNp linux-2.6.25.4/arch/alpha/kernel/module.c linux-2.6.25.4/arch/alpha/kernel/module.c
--- linux-2.6.25.4/arch/alpha/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/alpha/kernel/module.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/alpha/kernel/module.c 2008-06-04 08:52:08.000000000 -0400
@@ -176,7 +176,7 @@ apply_relocate_add(Elf64_Shdr *sechdrs,
/* The small sections were sorted to the end of the segment.
@@ -12,7 +102,7 @@
for (i = 0; i < n; i++) {
diff -urNp linux-2.6.25.4/arch/alpha/kernel/osf_sys.c linux-2.6.25.4/arch/alpha/kernel/osf_sys.c
--- linux-2.6.25.4/arch/alpha/kernel/osf_sys.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/alpha/kernel/osf_sys.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/alpha/kernel/osf_sys.c 2008-06-04 08:52:08.000000000 -0400
@@ -1288,6 +1288,10 @@ arch_get_unmapped_area(struct file *filp
merely specific addresses, but regions of memory -- perhaps
this feature should be incorporated into all ports? */
@@ -37,7 +127,7 @@
diff -urNp linux-2.6.25.4/arch/alpha/kernel/ptrace.c linux-2.6.25.4/arch/alpha/kernel/ptrace.c
--- linux-2.6.25.4/arch/alpha/kernel/ptrace.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/alpha/kernel/ptrace.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/alpha/kernel/ptrace.c 2008-06-04 08:52:08.000000000 -0400
@@ -15,6 +15,7 @@
#include <linux/slab.h>
#include <linux/security.h>
@@ -58,7 +148,7 @@
case PTRACE_PEEKTEXT: /* read word at location addr. */
diff -urNp linux-2.6.25.4/arch/alpha/mm/fault.c linux-2.6.25.4/arch/alpha/mm/fault.c
--- linux-2.6.25.4/arch/alpha/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/alpha/mm/fault.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/alpha/mm/fault.c 2008-06-04 08:52:08.000000000 -0400
@@ -23,6 +23,7 @@
#include <linux/smp.h>
#include <linux/interrupt.h>
@@ -225,7 +315,7 @@
if (!(vma->vm_flags & (VM_READ | VM_WRITE)))
diff -urNp linux-2.6.25.4/arch/arm/mm/mmap.c linux-2.6.25.4/arch/arm/mm/mmap.c
--- linux-2.6.25.4/arch/arm/mm/mmap.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/arm/mm/mmap.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/arm/mm/mmap.c 2008-06-04 08:52:08.000000000 -0400
@@ -60,6 +60,10 @@ arch_get_unmapped_area(struct file *filp
if (len > TASK_SIZE)
return -ENOMEM;
@@ -264,7 +354,7 @@
}
diff -urNp linux-2.6.25.4/arch/avr32/mm/fault.c linux-2.6.25.4/arch/avr32/mm/fault.c
--- linux-2.6.25.4/arch/avr32/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/avr32/mm/fault.c 2008-05-18 13:33:13.000000000 -0400
++++ linux-2.6.25.4/arch/avr32/mm/fault.c 2008-06-04 08:52:08.000000000 -0400
@@ -41,6 +41,23 @@ static inline int notify_page_fault(stru
int exception_trace = 1;
@@ -308,7 +398,7 @@
"sp %08lx ecr %lu\n",
diff -urNp linux-2.6.25.4/arch/ia64/ia32/binfmt_elf32.c linux-2.6.25.4/arch/ia64/ia32/binfmt_elf32.c
--- linux-2.6.25.4/arch/ia64/ia32/binfmt_elf32.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/ia32/binfmt_elf32.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/ia32/binfmt_elf32.c 2008-06-04 08:52:09.000000000 -0400
@@ -45,6 +45,13 @@ randomize_stack_top(unsigned long stack_
#define elf_read_implies_exec(ex, have_pt_gnu_stack) (!(have_pt_gnu_stack))
@@ -325,7 +415,7 @@
diff -urNp linux-2.6.25.4/arch/ia64/ia32/ia32priv.h linux-2.6.25.4/arch/ia64/ia32/ia32priv.h
--- linux-2.6.25.4/arch/ia64/ia32/ia32priv.h 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/ia32/ia32priv.h 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/ia32/ia32priv.h 2008-06-04 08:52:09.000000000 -0400
@@ -303,7 +303,14 @@ struct old_linux32_dirent {
#define ELF_DATA ELFDATA2LSB
#define ELF_ARCH EM_386
@@ -344,7 +434,7 @@
diff -urNp linux-2.6.25.4/arch/ia64/kernel/module.c linux-2.6.25.4/arch/ia64/kernel/module.c
--- linux-2.6.25.4/arch/ia64/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/kernel/module.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/kernel/module.c 2008-06-04 08:52:09.000000000 -0400
@@ -321,7 +321,7 @@ module_alloc (unsigned long size)
void
module_free (struct module *mod, void *module_region)
@@ -434,7 +524,7 @@
}
diff -urNp linux-2.6.25.4/arch/ia64/kernel/sys_ia64.c linux-2.6.25.4/arch/ia64/kernel/sys_ia64.c
--- linux-2.6.25.4/arch/ia64/kernel/sys_ia64.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/kernel/sys_ia64.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/kernel/sys_ia64.c 2008-06-04 08:52:09.000000000 -0400
@@ -43,6 +43,13 @@ arch_get_unmapped_area (struct file *fil
if (REGION_NUMBER(addr) == RGN_HPAGE)
addr = 0;
@@ -463,7 +553,7 @@
return -ENOMEM;
diff -urNp linux-2.6.25.4/arch/ia64/mm/fault.c linux-2.6.25.4/arch/ia64/mm/fault.c
--- linux-2.6.25.4/arch/ia64/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -10,6 +10,7 @@
#include <linux/interrupt.h>
#include <linux/kprobes.h>
@@ -523,7 +613,7 @@
* If for any reason at all we couldn't handle the fault, make
diff -urNp linux-2.6.25.4/arch/ia64/mm/init.c linux-2.6.25.4/arch/ia64/mm/init.c
--- linux-2.6.25.4/arch/ia64/mm/init.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ia64/mm/init.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ia64/mm/init.c 2008-06-04 08:52:09.000000000 -0400
@@ -20,8 +20,8 @@
#include <linux/proc_fs.h>
#include <linux/bitops.h>
@@ -541,7 +631,7 @@
+
+#ifdef CONFIG_PAX_PAGEEXEC
+ if (current->mm->pax_flags & MF_PAX_PAGEEXEC) {
-+ vm->vm_flags &= ~VM_EXEC;
++ vma->vm_flags &= ~VM_EXEC;
+
+#ifdef CONFIG_PAX_MPROTECT
+ if (current->mm->pax_flags & MF_PAX_MPROTECT)
@@ -556,7 +646,7 @@
if (insert_vm_struct(current->mm, vma)) {
diff -urNp linux-2.6.25.4/arch/mips/kernel/binfmt_elfn32.c linux-2.6.25.4/arch/mips/kernel/binfmt_elfn32.c
--- linux-2.6.25.4/arch/mips/kernel/binfmt_elfn32.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/mips/kernel/binfmt_elfn32.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/mips/kernel/binfmt_elfn32.c 2008-06-04 08:52:09.000000000 -0400
@@ -50,6 +50,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_N
#undef ELF_ET_DYN_BASE
#define ELF_ET_DYN_BASE (TASK32_SIZE / 3 * 2)
@@ -573,7 +663,7 @@
#include <linux/elfcore.h>
diff -urNp linux-2.6.25.4/arch/mips/kernel/binfmt_elfo32.c linux-2.6.25.4/arch/mips/kernel/binfmt_elfo32.c
--- linux-2.6.25.4/arch/mips/kernel/binfmt_elfo32.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/mips/kernel/binfmt_elfo32.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/mips/kernel/binfmt_elfo32.c 2008-06-04 08:52:09.000000000 -0400
@@ -52,6 +52,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_N
#undef ELF_ET_DYN_BASE
#define ELF_ET_DYN_BASE (TASK32_SIZE / 3 * 2)
@@ -590,7 +680,7 @@
#include <linux/elfcore.h>
diff -urNp linux-2.6.25.4/arch/mips/kernel/syscall.c linux-2.6.25.4/arch/mips/kernel/syscall.c
--- linux-2.6.25.4/arch/mips/kernel/syscall.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/mips/kernel/syscall.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/mips/kernel/syscall.c 2008-06-04 08:52:09.000000000 -0400
@@ -93,6 +93,11 @@ unsigned long arch_get_unmapped_area(str
do_color_align = 0;
if (filp || (flags & MAP_SHARED))
@@ -614,7 +704,7 @@
else
diff -urNp linux-2.6.25.4/arch/mips/mm/fault.c linux-2.6.25.4/arch/mips/mm/fault.c
--- linux-2.6.25.4/arch/mips/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/mips/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/mips/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -26,6 +26,23 @@
#include <asm/ptrace.h>
#include <asm/highmem.h> /* For VMALLOC_END */
@@ -641,7 +731,7 @@
* and the problem, and then passes it off to one of the appropriate
diff -urNp linux-2.6.25.4/arch/parisc/kernel/module.c linux-2.6.25.4/arch/parisc/kernel/module.c
--- linux-2.6.25.4/arch/parisc/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/parisc/kernel/module.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/parisc/kernel/module.c 2008-06-04 08:52:09.000000000 -0400
@@ -73,16 +73,38 @@
/* three functions to determine where in the module core
@@ -775,7 +865,7 @@
me->arch.unwind_section, table, end, gp);
diff -urNp linux-2.6.25.4/arch/parisc/kernel/sys_parisc.c linux-2.6.25.4/arch/parisc/kernel/sys_parisc.c
--- linux-2.6.25.4/arch/parisc/kernel/sys_parisc.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/parisc/kernel/sys_parisc.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/parisc/kernel/sys_parisc.c 2008-06-04 08:52:09.000000000 -0400
@@ -111,7 +111,7 @@ unsigned long arch_get_unmapped_area(str
if (flags & MAP_FIXED)
return addr;
@@ -787,7 +877,7 @@
addr = get_shared_area(filp->f_mapping, addr, len, pgoff);
diff -urNp linux-2.6.25.4/arch/parisc/kernel/traps.c linux-2.6.25.4/arch/parisc/kernel/traps.c
--- linux-2.6.25.4/arch/parisc/kernel/traps.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/parisc/kernel/traps.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/parisc/kernel/traps.c 2008-06-04 08:52:09.000000000 -0400
@@ -732,9 +732,7 @@ void handle_interruption(int code, struc
down_read(¤t->mm->mmap_sem);
@@ -801,7 +891,7 @@
diff -urNp linux-2.6.25.4/arch/parisc/mm/fault.c linux-2.6.25.4/arch/parisc/mm/fault.c
--- linux-2.6.25.4/arch/parisc/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/parisc/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/parisc/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -16,6 +16,8 @@
#include <linux/sched.h>
#include <linux/interrupt.h>
@@ -974,7 +1064,7 @@
* If for any reason at all we couldn't handle the fault, make
diff -urNp linux-2.6.25.4/arch/powerpc/kernel/module_32.c linux-2.6.25.4/arch/powerpc/kernel/module_32.c
--- linux-2.6.25.4/arch/powerpc/kernel/module_32.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/kernel/module_32.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/kernel/module_32.c 2008-06-04 08:52:09.000000000 -0400
@@ -175,7 +175,7 @@ int module_frob_arch_sections(Elf32_Ehdr
me->arch.core_plt_section = i;
}
@@ -1006,7 +1096,7 @@
while (entry->jump[0]) {
diff -urNp linux-2.6.25.4/arch/powerpc/kernel/signal_32.c linux-2.6.25.4/arch/powerpc/kernel/signal_32.c
--- linux-2.6.25.4/arch/powerpc/kernel/signal_32.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/kernel/signal_32.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/kernel/signal_32.c 2008-06-04 08:52:09.000000000 -0400
@@ -730,7 +730,7 @@ int handle_rt_signal32(unsigned long sig
/* Save user registers on the stack */
frame = &rt_sf->uc.uc_mcontext;
@@ -1018,7 +1108,7 @@
regs->link = current->mm->context.vdso_base + vdso32_rt_sigtramp;
diff -urNp linux-2.6.25.4/arch/powerpc/kernel/signal_64.c linux-2.6.25.4/arch/powerpc/kernel/signal_64.c
--- linux-2.6.25.4/arch/powerpc/kernel/signal_64.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/kernel/signal_64.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/kernel/signal_64.c 2008-06-04 08:52:09.000000000 -0400
@@ -369,7 +369,7 @@ int handle_rt_signal64(int signr, struct
current->thread.fpscr.val = 0;
@@ -1030,7 +1120,7 @@
err |= setup_trampoline(__NR_rt_sigreturn, &frame->tramp[0]);
diff -urNp linux-2.6.25.4/arch/powerpc/kernel/vdso.c linux-2.6.25.4/arch/powerpc/kernel/vdso.c
--- linux-2.6.25.4/arch/powerpc/kernel/vdso.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/kernel/vdso.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/kernel/vdso.c 2008-06-04 08:52:09.000000000 -0400
@@ -211,7 +211,7 @@ int arch_setup_additional_pages(struct l
vdso_base = VDSO32_MBASE;
#endif
@@ -1051,7 +1141,7 @@
goto fail_mmapsem;
diff -urNp linux-2.6.25.4/arch/powerpc/mm/fault.c linux-2.6.25.4/arch/powerpc/mm/fault.c
--- linux-2.6.25.4/arch/powerpc/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -29,6 +29,12 @@
#include <linux/module.h>
#include <linux/kprobes.h>
@@ -1481,7 +1571,7 @@
}
diff -urNp linux-2.6.25.4/arch/powerpc/mm/mmap.c linux-2.6.25.4/arch/powerpc/mm/mmap.c
--- linux-2.6.25.4/arch/powerpc/mm/mmap.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/powerpc/mm/mmap.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/powerpc/mm/mmap.c 2008-06-04 08:52:09.000000000 -0400
@@ -75,10 +75,22 @@ void arch_pick_mmap_layout(struct mm_str
*/
if (mmap_is_legacy()) {
@@ -1507,7 +1597,7 @@
}
diff -urNp linux-2.6.25.4/arch/ppc/mm/fault.c linux-2.6.25.4/arch/ppc/mm/fault.c
--- linux-2.6.25.4/arch/ppc/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/ppc/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/ppc/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -25,6 +25,11 @@
#include <linux/interrupt.h>
#include <linux/highmem.h>
@@ -1958,7 +2048,7 @@
}
diff -urNp linux-2.6.25.4/arch/s390/kernel/module.c linux-2.6.25.4/arch/s390/kernel/module.c
--- linux-2.6.25.4/arch/s390/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/s390/kernel/module.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/s390/kernel/module.c 2008-06-04 08:52:09.000000000 -0400
@@ -166,11 +166,11 @@ module_frob_arch_sections(Elf_Ehdr *hdr,
/* Increase core size by size of got & plt and set start
@@ -2030,21 +2120,9 @@
rela->r_addend - loc;
if (r_type == R_390_GOTPC)
*(unsigned int *) loc = val;
-diff -urNp linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c
---- linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c 2008-05-18 13:33:14.000000000 -0400
-@@ -57,7 +57,7 @@ unsigned long arch_get_unmapped_area(str
- if (ARCH_SUN4C_SUN4 && len > 0x20000000)
- return -ENOMEM;
- if (!addr)
-- addr = TASK_UNMAPPED_BASE;
-+ addr = current->mm->mmap_base;
-
- if (flags & MAP_SHARED)
- addr = COLOUR_ALIGN(addr);
diff -urNp linux-2.6.25.4/arch/sparc/Makefile linux-2.6.25.4/arch/sparc/Makefile
--- linux-2.6.25.4/arch/sparc/Makefile 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc/Makefile 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc/Makefile 2008-06-04 08:52:09.000000000 -0400
@@ -36,7 +36,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc
# Renaming is done to avoid confusing pattern matching rules in 2.5.45 (multy-)
INIT_Y := $(patsubst %/, %/built-in.o, $(init-y))
@@ -2054,9 +2132,21 @@
CORE_Y := $(patsubst %/, %/built-in.o, $(CORE_Y))
DRIVERS_Y := $(patsubst %/, %/built-in.o, $(drivers-y))
NET_Y := $(patsubst %/, %/built-in.o, $(net-y))
+diff -urNp linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c
+--- linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/arch/sparc/kernel/sys_sparc.c 2008-06-04 08:52:09.000000000 -0400
+@@ -57,7 +57,7 @@ unsigned long arch_get_unmapped_area(str
+ if (ARCH_SUN4C_SUN4 && len > 0x20000000)
+ return -ENOMEM;
+ if (!addr)
+- addr = TASK_UNMAPPED_BASE;
++ addr = current->mm->mmap_base;
+
+ if (flags & MAP_SHARED)
+ addr = COLOUR_ALIGN(addr);
diff -urNp linux-2.6.25.4/arch/sparc/mm/fault.c linux-2.6.25.4/arch/sparc/mm/fault.c
--- linux-2.6.25.4/arch/sparc/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -21,6 +21,10 @@
#include <linux/interrupt.h>
#include <linux/module.h>
@@ -2349,8 +2439,18 @@
goto bad_area;
diff -urNp linux-2.6.25.4/arch/sparc/mm/init.c linux-2.6.25.4/arch/sparc/mm/init.c
--- linux-2.6.25.4/arch/sparc/mm/init.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc/mm/init.c 2008-05-18 13:33:14.000000000 -0400
-@@ -336,17 +336,17 @@ void __init paging_init(void)
++++ linux-2.6.25.4/arch/sparc/mm/init.c 2008-06-04 08:52:09.000000000 -0400
+@@ -311,6 +311,9 @@ extern void device_scan(void);
+ pgprot_t PAGE_SHARED __read_mostly;
+ EXPORT_SYMBOL(PAGE_SHARED);
+
++pgprot_t PAGE_SHARED_NOEXEC __read_mostly;
++EXPORT_SYMBOL(PAGE_SHARED_NOEXEC);
++
+ void __init paging_init(void)
+ {
+ switch(sparc_cpu_model) {
+@@ -336,17 +339,17 @@ void __init paging_init(void)
/* Initialize the protection map with non-constant, MMU dependent values. */
protection_map[0] = PAGE_NONE;
@@ -2376,7 +2476,7 @@
protection_map[14] = PAGE_SHARED;
diff -urNp linux-2.6.25.4/arch/sparc/mm/srmmu.c linux-2.6.25.4/arch/sparc/mm/srmmu.c
--- linux-2.6.25.4/arch/sparc/mm/srmmu.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc/mm/srmmu.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc/mm/srmmu.c 2008-06-04 08:52:09.000000000 -0400
@@ -2160,6 +2160,13 @@ void __init ld_mmu_srmmu(void)
PAGE_SHARED = pgprot_val(SRMMU_PAGE_SHARED);
BTFIXUPSET_INT(page_copy, pgprot_val(SRMMU_PAGE_COPY));
@@ -2393,7 +2493,7 @@
diff -urNp linux-2.6.25.4/arch/sparc64/kernel/Makefile linux-2.6.25.4/arch/sparc64/kernel/Makefile
--- linux-2.6.25.4/arch/sparc64/kernel/Makefile 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc64/kernel/Makefile 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc64/kernel/Makefile 2008-06-04 08:52:09.000000000 -0400
@@ -3,7 +3,7 @@
#
@@ -2405,7 +2505,7 @@
diff -urNp linux-2.6.25.4/arch/sparc64/kernel/sys_sparc.c linux-2.6.25.4/arch/sparc64/kernel/sys_sparc.c
--- linux-2.6.25.4/arch/sparc64/kernel/sys_sparc.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc64/kernel/sys_sparc.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc64/kernel/sys_sparc.c 2008-06-04 08:52:09.000000000 -0400
@@ -124,7 +124,7 @@ unsigned long arch_get_unmapped_area(str
/* We do not accept a shared mapping if it would violate
* cache aliasing constraints.
@@ -2484,9 +2584,21 @@
mm->get_unmapped_area = arch_get_unmapped_area_topdown;
mm->unmap_area = arch_unmap_area_topdown;
}
+diff -urNp linux-2.6.25.4/arch/sparc64/mm/Makefile linux-2.6.25.4/arch/sparc64/mm/Makefile
+--- linux-2.6.25.4/arch/sparc64/mm/Makefile 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/arch/sparc64/mm/Makefile 2008-06-04 08:52:09.000000000 -0400
+@@ -3,7 +3,7 @@
+ #
+
+ EXTRA_AFLAGS := -ansi
+-EXTRA_CFLAGS := -Werror
++#EXTRA_CFLAGS := -Werror
+
+ obj-y := ultra.o tlb.o tsb.o fault.o init.o generic.o
+
diff -urNp linux-2.6.25.4/arch/sparc64/mm/fault.c linux-2.6.25.4/arch/sparc64/mm/fault.c
--- linux-2.6.25.4/arch/sparc64/mm/fault.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc64/mm/fault.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/sparc64/mm/fault.c 2008-06-04 08:52:09.000000000 -0400
@@ -20,6 +20,10 @@
#include <linux/kprobes.h>
#include <linux/kallsyms.h>
@@ -2911,21 +3023,9 @@
/* Pure DTLB misses do not tell us whether the fault causing
* load/store/atomic was a write or not, it only says that there
* was no match. So in such a case we (carefully) read the
-diff -urNp linux-2.6.25.4/arch/sparc64/mm/Makefile linux-2.6.25.4/arch/sparc64/mm/Makefile
---- linux-2.6.25.4/arch/sparc64/mm/Makefile 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/sparc64/mm/Makefile 2008-05-18 13:33:14.000000000 -0400
-@@ -3,7 +3,7 @@
- #
-
- EXTRA_AFLAGS := -ansi
--EXTRA_CFLAGS := -Werror
-+#EXTRA_CFLAGS := -Werror
-
- obj-y := ultra.o tlb.o tsb.o fault.o init.o generic.o
-
diff -urNp linux-2.6.25.4/arch/v850/kernel/module.c linux-2.6.25.4/arch/v850/kernel/module.c
--- linux-2.6.25.4/arch/v850/kernel/module.c 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/v850/kernel/module.c 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/v850/kernel/module.c 2008-06-04 08:52:09.000000000 -0400
@@ -150,8 +150,8 @@ static uint32_t do_plt_call (void *locat
tramp[1] = ((val >> 16) & 0xffff) + 0x610000; /* ...; jmp r1 */
@@ -2937,9 +3037,94 @@
entry = (void *)sechdrs[mod->arch.core_plt_section].sh_addr;
else
entry = (void *)sechdrs[mod->arch.init_plt_section].sh_addr;
+diff -urNp linux-2.6.25.4/arch/x86/Kconfig linux-2.6.25.4/arch/x86/Kconfig
+--- linux-2.6.25.4/arch/x86/Kconfig 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/arch/x86/Kconfig 2008-06-04 08:52:09.000000000 -0400
+@@ -828,7 +828,7 @@ config PAGE_OFFSET
+ hex
+ default 0xB0000000 if VMSPLIT_3G_OPT
+ default 0x80000000 if VMSPLIT_2G
+- default 0x78000000 if VMSPLIT_2G_OPT
++ default 0x70000000 if VMSPLIT_2G_OPT
+ default 0x40000000 if VMSPLIT_1G
+ default 0xC0000000
+ depends on X86_32
+@@ -1122,8 +1122,7 @@ config CRASH_DUMP
+ config PHYSICAL_START
+ hex "Physical address where the kernel is loaded" if (EMBEDDED || CRASH_DUMP)
+ default "0x1000000" if X86_NUMAQ
+- default "0x200000" if X86_64
+- default "0x100000"
++ default "0x200000"
+ help
+ This gives the physical address where the kernel is loaded.
+
+@@ -1215,9 +1214,9 @@ config HOTPLUG_CPU
+ suspend.
+
+ config COMPAT_VDSO
+- def_bool y
++ def_bool n
+ prompt "Compat VDSO support"
+- depends on X86_32 || IA32_EMULATION
++ depends on (X86_32 || IA32_EMULATION) && !PAX_NOEXEC
+ help
+ Map the 32-bit VDSO to the predictable old-style address too.
+ ---help---
+@@ -1404,7 +1403,7 @@ config PCI
+ choice
+ prompt "PCI access mode"
+ depends on X86_32 && PCI && !X86_VISWS
+- default PCI_GOANY
++ default PCI_GODIRECT
+ ---help---
+ On PCI systems, the BIOS can be used to detect the PCI devices and
+ determine their configuration. However, some old PCI motherboards
+diff -urNp linux-2.6.25.4/arch/x86/Kconfig.cpu linux-2.6.25.4/arch/x86/Kconfig.cpu
+--- linux-2.6.25.4/arch/x86/Kconfig.cpu 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/arch/x86/Kconfig.cpu 2008-06-04 08:52:09.000000000 -0400
+@@ -335,7 +335,7 @@ config X86_PPRO_FENCE
+
+ config X86_F00F_BUG
+ def_bool y
+- depends on M586MMX || M586TSC || M586 || M486 || M386
++ depends on (M586MMX || M586TSC || M586 || M486 || M386) && !PAX_KERNEXEC
+
+ config X86_WP_WORKS_OK
+ def_bool y
+@@ -355,7 +355,7 @@ config X86_POPAD_OK
+
+ config X86_ALIGNMENT_16
+ def_bool y
+- depends on MWINCHIP3D || MWINCHIP2 || MWINCHIPC6 || MCYRIXIII || X86_ELAN || MK6 || M586MMX || M586TSC || M586 || M486 || MVIAC3_2 || MGEODEGX1
++ depends on MWINCHIP3D || MWINCHIP2 || MWINCHIPC6 || MCYRIXIII || X86_ELAN || MK8 || MK7 || MK6 || MCORE2 || MPENTIUM4 || MPENTIUMIII || MPENTIUMII || M686 || M586MMX || M586TSC || M586 || M486 || MVIAC3_2 || MGEODEGX1
+
+ config X86_GOOD_APIC
+ def_bool y
+@@ -398,7 +398,7 @@ config X86_TSC
+ # generates cmov.
+ config X86_CMOV
+ def_bool y
+- depends on (MK7 || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7)
++ depends on (MK8 || MK7 || MCORE2 || MPSC || MPENTIUM4 || MPENTIUMM || MPENTIUMIII || MPENTIUMII || M686 || MVIAC3_2 || MVIAC7)
+
+ config X86_MINIMUM_CPU_FAMILY
+ int
+diff -urNp linux-2.6.25.4/arch/x86/Kconfig.debug linux-2.6.25.4/arch/x86/Kconfig.debug
+--- linux-2.6.25.4/arch/x86/Kconfig.debug 2008-05-15 11:00:12.000000000 -0400
++++ linux-2.6.25.4/arch/x86/Kconfig.debug 2008-06-04 08:52:09.000000000 -0400
+@@ -57,7 +57,7 @@ config DEBUG_PER_CPU_MAPS
+ config DEBUG_RODATA
+ bool "Write protect kernel read-only data structures"
+ default y
+- depends on DEBUG_KERNEL
++ depends on DEBUG_KERNEL && BROKEN
+ help
+ Mark the kernel read-only data as write-protected in the pagetables,
+ in order to catch accidental (and incorrect) writes to such const
diff -urNp linux-2.6.25.4/arch/x86/boot/bitops.h linux-2.6.25.4/arch/x86/boot/bitops.h
--- linux-2.6.25.4/arch/x86/boot/bitops.h 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/x86/boot/bitops.h 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/x86/boot/bitops.h 2008-06-04 08:52:09.000000000 -0400
@@ -28,7 +28,7 @@ static inline int variable_test_bit(int
u8 v;
const u32 *p = (const u32 *)addr;
@@ -2960,7 +3145,7 @@
#endif /* BOOT_BITOPS_H */
diff -urNp linux-2.6.25.4/arch/x86/boot/boot.h linux-2.6.25.4/arch/x86/boot/boot.h
--- linux-2.6.25.4/arch/x86/boot/boot.h 2008-05-15 11:00:12.000000000 -0400
-+++ linux-2.6.25.4/arch/x86/boot/boot.h 2008-05-18 13:33:14.000000000 -0400
++++ linux-2.6.25.4/arch/x86/boot/boot.h 2008-06-04 08:52:09.000000000 -0400
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/linux-2.6-grsecurity.patch?r1=1.1.2.14&r2=1.1.2.15&f=u
More information about the pld-cvs-commit
mailing list