packages: kernel/kernel-grsec_full.patch, kernel/kernel.spec - tg3 fix and ...
arekm
arekm at pld-linux.org
Fri Sep 23 21:18:35 CEST 2011
Author: arekm Date: Fri Sep 23 19:18:35 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- tg3 fix and grsec updated to grsecurity-2.2.2-3.0.4-201109190917.patch
---- Files affected:
packages/kernel:
kernel-grsec_full.patch (1.80 -> 1.81) , kernel.spec (1.979 -> 1.980)
---- Diffs:
================================================================
Index: packages/kernel/kernel-grsec_full.patch
diff -u packages/kernel/kernel-grsec_full.patch:1.80 packages/kernel/kernel-grsec_full.patch:1.81
--- packages/kernel/kernel-grsec_full.patch:1.80 Fri Sep 16 19:38:53 2011
+++ packages/kernel/kernel-grsec_full.patch Fri Sep 23 21:18:29 2011
@@ -5589,6 +5589,74 @@
}
/*
+diff -urNp linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S
+--- linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
+@@ -71,6 +71,12 @@ FUNC: movq r1,r2; \
+ je B192; \
+ leaq 32(r9),r9;
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++#define ret orb $0x80, 0x7(%rsp); ret
++#else
++#define ret ret
++#endif
++
+ #define epilogue(r1,r2,r3,r4,r5,r6,r7,r8,r9) \
+ movq r1,r2; \
+ movq r3,r4; \
+diff -urNp linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S
+--- linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
+@@ -790,6 +790,9 @@ ECRYPT_encrypt_bytes:
+ add %r11,%rsp
+ mov %rdi,%rax
+ mov %rsi,%rdx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ # bytesatleast65:
+ ._bytesatleast65:
+@@ -891,6 +894,9 @@ ECRYPT_keysetup:
+ add %r11,%rsp
+ mov %rdi,%rax
+ mov %rsi,%rdx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ # enter ECRYPT_ivsetup
+ .text
+@@ -917,4 +923,7 @@ ECRYPT_ivsetup:
+ add %r11,%rsp
+ mov %rdi,%rax
+ mov %rsi,%rdx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+diff -urNp linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S
+--- linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
+@@ -269,6 +269,9 @@ twofish_enc_blk:
+
+ popq R1
+ movq $1,%rax
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+
+ twofish_dec_blk:
+@@ -321,4 +324,7 @@ twofish_dec_blk:
+
+ popq R1
+ movq $1,%rax
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_aout.c linux-3.0.4/arch/x86/ia32/ia32_aout.c
--- linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-08-23 21:48:14.000000000 -0400
@@ -8676,8 +8744,8 @@
diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/include/asm/segment.h
--- linux-3.0.4/arch/x86/include/asm/segment.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/segment.h 2011-08-23 21:47:55.000000000 -0400
-@@ -64,8 +64,8 @@
++++ linux-3.0.4/arch/x86/include/asm/segment.h 2011-09-17 00:53:42.000000000 -0400
+@@ -64,10 +64,15 @@
* 26 - ESPFIX small SS
* 27 - per-cpu [ offset to per-cpu data area ]
* 28 - stack_canary-20 [ for stack protector ]
@@ -8687,8 +8755,15 @@
+ * 30 - PCI BIOS DS
* 31 - TSS for double fault handler
*/
++#define GDT_ENTRY_KERNEXEC_EFI_CS (1)
++#define GDT_ENTRY_KERNEXEC_EFI_DS (2)
++#define __KERNEXEC_EFI_CS (GDT_ENTRY_KERNEXEC_EFI_CS*8)
++#define __KERNEXEC_EFI_DS (GDT_ENTRY_KERNEXEC_EFI_DS*8)
++
#define GDT_ENTRY_TLS_MIN 6
-@@ -79,6 +79,8 @@
+ #define GDT_ENTRY_TLS_MAX (GDT_ENTRY_TLS_MIN + GDT_ENTRY_TLS_ENTRIES - 1)
+
+@@ -79,6 +84,8 @@
#define GDT_ENTRY_KERNEL_CS (GDT_ENTRY_KERNEL_BASE+0)
@@ -8697,7 +8772,7 @@
#define GDT_ENTRY_KERNEL_DS (GDT_ENTRY_KERNEL_BASE+1)
#define GDT_ENTRY_TSS (GDT_ENTRY_KERNEL_BASE+4)
-@@ -104,6 +106,12 @@
+@@ -104,6 +111,12 @@
#define __KERNEL_STACK_CANARY 0
#endif
@@ -8710,7 +8785,7 @@
#define GDT_ENTRY_DOUBLEFAULT_TSS 31
/*
-@@ -141,7 +149,7 @@
+@@ -141,7 +154,7 @@
*/
/* Matches PNP_CS32 and PNP_CS16 (they must be consecutive) */
@@ -8719,7 +8794,7 @@
#else
-@@ -165,6 +173,8 @@
+@@ -165,6 +178,8 @@
#define __USER32_CS (GDT_ENTRY_DEFAULT_USER32_CS * 8 + 3)
#define __USER32_DS __USER_DS
@@ -8728,7 +8803,7 @@
#define GDT_ENTRY_TSS 8 /* needs two entries */
#define GDT_ENTRY_LDT 10 /* needs two entries */
#define GDT_ENTRY_TLS_MIN 12
-@@ -185,6 +195,7 @@
+@@ -185,6 +200,7 @@
#endif
#define __KERNEL_CS (GDT_ENTRY_KERNEL_CS*8)
@@ -10047,7 +10122,7 @@
".section .fixup,\"ax\"\n"
diff -urNp linux-3.0.4/arch/x86/Kconfig linux-3.0.4/arch/x86/Kconfig
--- linux-3.0.4/arch/x86/Kconfig 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/Kconfig 2011-08-23 21:48:14.000000000 -0400
++++ linux-3.0.4/arch/x86/Kconfig 2011-09-17 00:58:36.000000000 -0400
@@ -229,7 +229,7 @@ config X86_HT
config X86_32_LAZY_GS
@@ -10084,15 +10159,6 @@
default 0x40000000 if VMSPLIT_1G
default 0xC0000000
depends on X86_32
-@@ -1453,7 +1453,7 @@ config ARCH_USES_PG_UNCACHED
-
- config EFI
- bool "EFI runtime service support"
-- depends on ACPI
-+ depends on ACPI && !PAX_KERNEXEC
- ---help---
- This enables the kernel to use EFI runtime services that are
- available (such as the EFI variable services).
@@ -1483,6 +1483,7 @@ config SECCOMP
config CC_STACKPROTECTOR
@@ -11728,7 +11794,7 @@
CFI_ADJUST_CFA_OFFSET -24
diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/entry_64.S
--- linux-3.0.4/arch/x86/kernel/entry_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/kernel/entry_64.S 2011-08-26 19:49:56.000000000 -0400
++++ linux-3.0.4/arch/x86/kernel/entry_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -53,6 +53,7 @@
#include <asm/paravirt.h>
#include <asm/ftrace.h>
@@ -12108,7 +12174,7 @@
je retint_kernel
/* Interrupt came from user space */
-@@ -847,12 +1125,15 @@ retint_swapgs: /* return to user-space
+@@ -847,12 +1125,18 @@ retint_swapgs: /* return to user-space
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
@@ -12121,10 +12187,13 @@
retint_restore_args: /* return to kernel space */
DISABLE_INTERRUPTS(CLBR_ANY)
+ pax_exit_kernel
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80,0x7+RIP-ARGOFFSET(%rsp)
++#endif
/*
* The iretq could re-enable interrupts:
*/
-@@ -1027,6 +1308,16 @@ ENTRY(\sym)
+@@ -1027,6 +1311,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
@@ -12141,7 +12210,7 @@
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1044,6 +1335,16 @@ ENTRY(\sym)
+@@ -1044,6 +1338,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
@@ -12158,7 +12227,7 @@
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
-@@ -1052,7 +1353,7 @@ ENTRY(\sym)
+@@ -1052,7 +1356,7 @@ ENTRY(\sym)
END(\sym)
.endm
@@ -12167,7 +12236,7 @@
.macro paranoidzeroentry_ist sym do_sym ist
ENTRY(\sym)
INTR_FRAME
-@@ -1062,8 +1363,24 @@ ENTRY(\sym)
+@@ -1062,8 +1366,24 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
@@ -12192,7 +12261,7 @@
subq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
call \do_sym
addq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
-@@ -1080,6 +1397,16 @@ ENTRY(\sym)
+@@ -1080,6 +1400,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
@@ -12209,7 +12278,7 @@
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1099,6 +1426,16 @@ ENTRY(\sym)
+@@ -1099,6 +1429,16 @@ ENTRY(\sym)
call save_paranoid
DEFAULT_FRAME 0
TRACE_IRQS_OFF
@@ -12226,7 +12295,7 @@
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
-@@ -1361,14 +1698,27 @@ ENTRY(paranoid_exit)
+@@ -1361,16 +1701,35 @@ ENTRY(paranoid_exit)
TRACE_IRQS_OFF
testl %ebx,%ebx /* swapgs needed? */
jnz paranoid_restore
@@ -12238,6 +12307,9 @@
+ TRACE_IRQS_IRETQ 0
+ SWAPGS_UNSAFE_STACK
+ RESTORE_ALL 8
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80,0x7(%rsp)
++#endif
+ jmp irq_return
+#endif
paranoid_swapgs:
@@ -12254,8 +12326,13 @@
+ pax_exit_kernel
TRACE_IRQS_IRETQ 0
RESTORE_ALL 8
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80,0x7(%rsp)
++#endif
jmp irq_return
-@@ -1426,7 +1776,7 @@ ENTRY(error_entry)
+ paranoid_userspace:
+ GET_THREAD_INFO(%rcx)
+@@ -1426,7 +1785,7 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
@@ -12264,7 +12341,7 @@
je error_kernelspace
error_swapgs:
SWAPGS
-@@ -1490,6 +1840,16 @@ ENTRY(nmi)
+@@ -1490,6 +1849,16 @@ ENTRY(nmi)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
DEFAULT_FRAME 0
@@ -12281,7 +12358,7 @@
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
movq $-1,%rsi
-@@ -1500,11 +1860,25 @@ ENTRY(nmi)
+@@ -1500,12 +1869,32 @@ ENTRY(nmi)
DISABLE_INTERRUPTS(CLBR_NONE)
testl %ebx,%ebx /* swapgs needed? */
jnz nmi_restore
@@ -12292,6 +12369,9 @@
+ pax_exit_kernel
+ SWAPGS_UNSAFE_STACK
+ RESTORE_ALL 8
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80,0x7(%rsp)
++#endif
+ jmp irq_return
+#endif
nmi_swapgs:
@@ -12306,8 +12386,12 @@
nmi_restore:
+ pax_exit_kernel
RESTORE_ALL 8
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80,0x7(%rsp)
++#endif
jmp irq_return
nmi_userspace:
+ GET_THREAD_INFO(%rcx)
diff -urNp linux-3.0.4/arch/x86/kernel/ftrace.c linux-3.0.4/arch/x86/kernel/ftrace.c
--- linux-3.0.4/arch/x86/kernel/ftrace.c 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/kernel/ftrace.c 2011-08-23 21:47:55.000000000 -0400
@@ -16528,8 +16612,15 @@
movl %edx, 4(v)
diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S
--- linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-08-23 21:47:55.000000000 -0400
-@@ -39,6 +39,14 @@ ENTRY(atomic64_read_cx8)
++++ linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-09-17 18:31:51.000000000 -0400
+@@ -35,10 +35,24 @@ ENTRY(atomic64_read_cx8)
+ CFI_STARTPROC
+
+ read64 %ecx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
CFI_ENDPROC
ENDPROC(atomic64_read_cx8)
@@ -16537,6 +16628,9 @@
+ CFI_STARTPROC
+
+ read64 %ecx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ENDPROC(atomic64_read_unchecked_cx8)
@@ -16544,7 +16638,14 @@
ENTRY(atomic64_set_cx8)
CFI_STARTPROC
-@@ -52,6 +60,19 @@ ENTRY(atomic64_set_cx8)
+@@ -48,10 +62,29 @@ ENTRY(atomic64_set_cx8)
+ cmpxchg8b (%esi)
+ jne 1b
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
CFI_ENDPROC
ENDPROC(atomic64_set_cx8)
@@ -16557,6 +16658,9 @@
+ cmpxchg8b (%esi)
+ jne 1b
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ENDPROC(atomic64_set_unchecked_cx8)
@@ -16564,7 +16668,14 @@
ENTRY(atomic64_xchg_cx8)
CFI_STARTPROC
-@@ -66,8 +87,8 @@ ENTRY(atomic64_xchg_cx8)
+@@ -62,12 +95,15 @@ ENTRY(atomic64_xchg_cx8)
+ cmpxchg8b (%esi)
+ jne 1b
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
CFI_ENDPROC
ENDPROC(atomic64_xchg_cx8)
@@ -16575,7 +16686,7 @@
CFI_STARTPROC
SAVE ebp
SAVE ebx
-@@ -84,27 +105,43 @@ ENTRY(atomic64_\func\()_return_cx8)
+@@ -84,27 +120,46 @@ ENTRY(atomic64_\func\()_return_cx8)
movl %edx, %ecx
\ins\()l %esi, %ebx
\insc\()l %edi, %ecx
@@ -16606,6 +16717,9 @@
RESTORE esi
RESTORE ebx
RESTORE ebp
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
ret
CFI_ENDPROC
-ENDPROC(atomic64_\func\()_return_cx8)
@@ -16624,7 +16738,7 @@
CFI_STARTPROC
SAVE ebx
-@@ -114,21 +151,38 @@ ENTRY(atomic64_\func\()_return_cx8)
+@@ -114,21 +169,41 @@ ENTRY(atomic64_\func\()_return_cx8)
movl %edx, %ecx
\ins\()l $1, %ebx
\insc\()l $0, %ecx
@@ -16652,6 +16766,9 @@
+.endif
+
RESTORE ebx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
ret
CFI_ENDPROC
-ENDPROC(atomic64_\func\()_return_cx8)
@@ -16665,7 +16782,7 @@
ENTRY(atomic64_dec_if_positive_cx8)
CFI_STARTPROC
-@@ -140,6 +194,13 @@ ENTRY(atomic64_dec_if_positive_cx8)
+@@ -140,6 +215,13 @@ ENTRY(atomic64_dec_if_positive_cx8)
movl %edx, %ecx
subl $1, %ebx
sbb $0, %ecx
@@ -16679,7 +16796,17 @@
js 2f
LOCK_PREFIX
cmpxchg8b (%esi)
-@@ -174,6 +235,13 @@ ENTRY(atomic64_add_unless_cx8)
+@@ -149,6 +231,9 @@ ENTRY(atomic64_dec_if_positive_cx8)
+ movl %ebx, %eax
+ movl %ecx, %edx
+ RESTORE ebx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ ENDPROC(atomic64_dec_if_positive_cx8)
+@@ -174,6 +259,13 @@ ENTRY(atomic64_add_unless_cx8)
movl %edx, %ecx
addl %esi, %ebx
adcl %edi, %ecx
@@ -16693,7 +16820,17 @@
LOCK_PREFIX
cmpxchg8b (%ebp)
jne 1b
-@@ -206,6 +274,13 @@ ENTRY(atomic64_inc_not_zero_cx8)
+@@ -184,6 +276,9 @@ ENTRY(atomic64_add_unless_cx8)
+ CFI_ADJUST_CFA_OFFSET -8
+ RESTORE ebx
+ RESTORE ebp
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ 4:
+ cmpl %edx, 4(%esp)
+@@ -206,6 +301,13 @@ ENTRY(atomic64_inc_not_zero_cx8)
movl %edx, %ecx
addl $1, %ebx
adcl $0, %ecx
@@ -16707,6 +16844,16 @@
LOCK_PREFIX
cmpxchg8b (%esi)
jne 1b
+@@ -213,6 +315,9 @@ ENTRY(atomic64_inc_not_zero_cx8)
+ movl $1, %eax
+ 3:
+ RESTORE ebx
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ 4:
+ testl %edx, %edx
diff -urNp linux-3.0.4/arch/x86/lib/checksum_32.S linux-3.0.4/arch/x86/lib/checksum_32.S
--- linux-3.0.4/arch/x86/lib/checksum_32.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/checksum_32.S 2011-08-23 21:47:55.000000000 -0400
@@ -16956,8 +17103,38 @@
#undef ROUND1
diff -urNp linux-3.0.4/arch/x86/lib/clear_page_64.S linux-3.0.4/arch/x86/lib/clear_page_64.S
--- linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-08-23 21:47:55.000000000 -0400
-@@ -58,7 +58,7 @@ ENDPROC(clear_page)
++++ linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-09-17 18:31:51.000000000 -0400
+@@ -11,6 +11,9 @@ ENTRY(clear_page_c)
+ movl $4096/8,%ecx
+ xorl %eax,%eax
+ rep stosq
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ ENDPROC(clear_page_c)
+@@ -20,6 +23,9 @@ ENTRY(clear_page_c_e)
+ movl $4096,%ecx
+ xorl %eax,%eax
+ rep stosb
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ ENDPROC(clear_page_c_e)
+@@ -43,6 +49,9 @@ ENTRY(clear_page)
+ leaq 64(%rdi),%rdi
+ jnz .Lloop
+ nop
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ .Lclear_page_end:
+@@ -58,7 +67,7 @@ ENDPROC(clear_page)
#include <asm/cpufeature.h>
@@ -16968,8 +17145,28 @@
2: .byte 0xeb /* jmp <disp8> */
diff -urNp linux-3.0.4/arch/x86/lib/copy_page_64.S linux-3.0.4/arch/x86/lib/copy_page_64.S
--- linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-08-23 21:47:55.000000000 -0400
-@@ -104,7 +104,7 @@ ENDPROC(copy_page)
++++ linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-09-17 18:31:51.000000000 -0400
+@@ -8,6 +8,9 @@ copy_page_c:
+ CFI_STARTPROC
+ movl $4096/8,%ecx
+ rep movsq
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ ENDPROC(copy_page_c)
+@@ -94,6 +97,9 @@ ENTRY(copy_page)
+ CFI_RESTORE r13
+ addq $3*8,%rsp
+ CFI_ADJUST_CFA_OFFSET -3*8
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ .Lcopy_page_end:
+ CFI_ENDPROC
+@@ -104,7 +110,7 @@ ENDPROC(copy_page)
#include <asm/cpufeature.h>
@@ -16980,7 +17177,7 @@
2:
diff -urNp linux-3.0.4/arch/x86/lib/copy_user_64.S linux-3.0.4/arch/x86/lib/copy_user_64.S
--- linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -16,6 +16,7 @@
#include <asm/thread_info.h>
#include <asm/cpufeature.h>
@@ -16998,7 +17195,7 @@
2: .byte 0xe9 /* near jump with 32bit immediate */
.long \alt1-1b /* offset */ /* or alternatively to alt1 */
3: .byte 0xe9 /* near jump with 32bit immediate */
-@@ -71,41 +72,13 @@
+@@ -71,47 +72,22 @@
#endif
.endm
@@ -17042,9 +17239,48 @@
movl %edx,%ecx
xorl %eax,%eax
rep
+ stosb
+ bad_to_user:
+ movl %edx,%eax
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ orb $0x80, 0x7(%rsp)
++#endif
+ ret
+ CFI_ENDPROC
+ ENDPROC(bad_from_user)
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_full.patch?r1=1.80&r2=1.81&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel.spec?r1=1.979&r2=1.980&f=u
More information about the pld-cvs-commit
mailing list