packages (GRSECURITY_RAW): kernel/kernel-grsec_full.patch http://grsecurity...
arekm
arekm at pld-linux.org
Tue Oct 11 21:06:13 CEST 2011
Author: arekm Date: Tue Oct 11 19:06:13 2011 GMT
Module: packages Tag: GRSECURITY_RAW
---- Log message:
http://grsecurity.net/~spender/grsecurity-2.2.2-3.0.4-201110080819.patch
---- Files affected:
packages/kernel:
kernel-grsec_full.patch (1.3.2.74 -> 1.3.2.75)
---- Diffs:
================================================================
Index: packages/kernel/kernel-grsec_full.patch
diff -u packages/kernel/kernel-grsec_full.patch:1.3.2.74 packages/kernel/kernel-grsec_full.patch:1.3.2.75
--- packages/kernel/kernel-grsec_full.patch:1.3.2.74 Fri Sep 23 20:56:15 2011
+++ packages/kernel/kernel-grsec_full.patch Tue Oct 11 21:05:51 2011
@@ -5591,71 +5591,80 @@
/*
diff -urNp linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -71,6 +71,12 @@ FUNC: movq r1,r2; \
++++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -8,6 +8,8 @@
+ * including this sentence is retained in full.
+ */
+
++#include <asm/alternative-asm.h>
++
+ .extern crypto_ft_tab
+ .extern crypto_it_tab
+ .extern crypto_fl_tab
+@@ -71,6 +73,8 @@ FUNC: movq r1,r2; \
je B192; \
leaq 32(r9),r9;
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+#define ret orb $0x80, 0x7(%rsp); ret
-+#else
-+#define ret ret
-+#endif
++#define ret pax_force_retaddr; ret
+
#define epilogue(r1,r2,r3,r4,r5,r6,r7,r8,r9) \
movq r1,r2; \
movq r3,r4; \
diff -urNp linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -790,6 +790,9 @@ ECRYPT_encrypt_bytes:
++++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -1,3 +1,5 @@
++#include <asm/alternative-asm.h>
++
+ # enter ECRYPT_encrypt_bytes
+ .text
+ .p2align 5
+@@ -790,6 +792,7 @@ ECRYPT_encrypt_bytes:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
# bytesatleast65:
._bytesatleast65:
-@@ -891,6 +894,9 @@ ECRYPT_keysetup:
+@@ -891,6 +894,7 @@ ECRYPT_keysetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
# enter ECRYPT_ivsetup
.text
-@@ -917,4 +923,7 @@ ECRYPT_ivsetup:
+@@ -917,4 +921,5 @@ ECRYPT_ivsetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
diff -urNp linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
-@@ -269,6 +269,9 @@ twofish_enc_blk:
++++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-10-06 04:17:55.000000000 -0400
+@@ -21,6 +21,7 @@
+ .text
+
+ #include <asm/asm-offsets.h>
++#include <asm/alternative-asm.h>
+
+ #define a_offset 0
+ #define b_offset 4
+@@ -269,6 +270,7 @@ twofish_enc_blk:
popq R1
movq $1,%rax
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
twofish_dec_blk:
-@@ -321,4 +324,7 @@ twofish_dec_blk:
+@@ -321,4 +323,5 @@ twofish_dec_blk:
popq R1
movq $1,%rax
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+ orb $0x80, 0x7(%rsp)
-+#endif
++ pax_force_retaddr
ret
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_aout.c linux-3.0.4/arch/x86/ia32/ia32_aout.c
--- linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-07-21 22:17:23.000000000 -0400
@@ -5850,7 +5859,34 @@
cmpq $(IA32_NR_syscalls-1),%rax
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_signal.c linux-3.0.4/arch/x86/ia32/ia32_signal.c
--- linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/ia32/ia32_signal.c 2011-10-06 04:17:55.000000000 -0400
+@@ -167,7 +167,7 @@ asmlinkage long sys32_sigaltstack(const
+ }
+ seg = get_fs();
+ set_fs(KERNEL_DS);
+- ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss, regs->sp);
++ ret = do_sigaltstack(uss_ptr ? (const stack_t __force_user *)&uss : NULL, (stack_t __force_user *)&uoss, regs->sp);
+ set_fs(seg);
+ if (ret >= 0 && uoss_ptr) {
+ if (!access_ok(VERIFY_WRITE, uoss_ptr, sizeof(stack_ia32_t)))
+@@ -374,7 +374,7 @@ static int ia32_setup_sigcontext(struct
+ */
+ static void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs,
+ size_t frame_size,
+- void **fpstate)
++ void __user **fpstate)
+ {
+ unsigned long sp;
+
+@@ -395,7 +395,7 @@ static void __user *get_sigframe(struct
+
+ if (used_math()) {
+ sp = sp - sig_xstate_ia32_size;
+- *fpstate = (struct _fpstate_ia32 *) sp;
++ *fpstate = (struct _fpstate_ia32 __user *) sp;
+ if (save_i387_xstate_ia32(*fpstate) < 0)
+ return (void __user *) -1L;
+ }
@@ -403,7 +403,7 @@ static void __user *get_sigframe(struct
sp -= frame_size;
/* Align the stack pointer according to the i386 ABI,
@@ -5865,7 +5901,7 @@
* gdb versions depend on them as a marker.
*/
- put_user_ex(*((u64 *)&code), (u64 *)frame->retcode);
-+ put_user_ex(*((const u64 *)&code), (u64 *)frame->retcode);
++ put_user_ex(*((const u64 *)&code), (u64 __user *)frame->retcode);
} put_user_catch(err);
if (err)
@@ -5896,10 +5932,104 @@
* versions need it.
*/
- put_user_ex(*((u64 *)&code), (u64 *)frame->retcode);
-+ put_user_ex(*((const u64 *)&code), (u64 *)frame->retcode);
++ put_user_ex(*((const u64 *)&code), (u64 __user *)frame->retcode);
} put_user_catch(err);
if (err)
+diff -urNp linux-3.0.4/arch/x86/ia32/sys_ia32.c linux-3.0.4/arch/x86/ia32/sys_ia32.c
+--- linux-3.0.4/arch/x86/ia32/sys_ia32.c 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/ia32/sys_ia32.c 2011-10-06 04:17:55.000000000 -0400
+@@ -69,8 +69,8 @@ asmlinkage long sys32_ftruncate64(unsign
+ */
+ static int cp_stat64(struct stat64 __user *ubuf, struct kstat *stat)
+ {
+- typeof(ubuf->st_uid) uid = 0;
+- typeof(ubuf->st_gid) gid = 0;
++ typeof(((struct stat64 *)0)->st_uid) uid = 0;
++ typeof(((struct stat64 *)0)->st_gid) gid = 0;
+ SET_UID(uid, stat->uid);
+ SET_GID(gid, stat->gid);
+ if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct stat64)) ||
+@@ -308,8 +308,8 @@ asmlinkage long sys32_rt_sigprocmask(int
+ }
+ set_fs(KERNEL_DS);
+ ret = sys_rt_sigprocmask(how,
+- set ? (sigset_t __user *)&s : NULL,
+- oset ? (sigset_t __user *)&s : NULL,
++ set ? (sigset_t __force_user *)&s : NULL,
++ oset ? (sigset_t __force_user *)&s : NULL,
+ sigsetsize);
+ set_fs(old_fs);
+ if (ret)
+@@ -332,7 +332,7 @@ asmlinkage long sys32_alarm(unsigned int
+ return alarm_setitimer(seconds);
+ }
+
+-asmlinkage long sys32_waitpid(compat_pid_t pid, unsigned int *stat_addr,
++asmlinkage long sys32_waitpid(compat_pid_t pid, unsigned int __user *stat_addr,
+ int options)
+ {
+ return compat_sys_wait4(pid, stat_addr, options, NULL);
+@@ -353,7 +353,7 @@ asmlinkage long sys32_sched_rr_get_inter
+ mm_segment_t old_fs = get_fs();
+
+ set_fs(KERNEL_DS);
+- ret = sys_sched_rr_get_interval(pid, (struct timespec __user *)&t);
++ ret = sys_sched_rr_get_interval(pid, (struct timespec __force_user *)&t);
+ set_fs(old_fs);
+ if (put_compat_timespec(&t, interval))
+ return -EFAULT;
+@@ -369,7 +369,7 @@ asmlinkage long sys32_rt_sigpending(comp
+ mm_segment_t old_fs = get_fs();
+
+ set_fs(KERNEL_DS);
+- ret = sys_rt_sigpending((sigset_t __user *)&s, sigsetsize);
++ ret = sys_rt_sigpending((sigset_t __force_user *)&s, sigsetsize);
+ set_fs(old_fs);
+ if (!ret) {
+ switch (_NSIG_WORDS) {
+@@ -394,7 +394,7 @@ asmlinkage long sys32_rt_sigqueueinfo(in
+ if (copy_siginfo_from_user32(&info, uinfo))
+ return -EFAULT;
+ set_fs(KERNEL_DS);
+- ret = sys_rt_sigqueueinfo(pid, sig, (siginfo_t __user *)&info);
++ ret = sys_rt_sigqueueinfo(pid, sig, (siginfo_t __force_user *)&info);
+ set_fs(old_fs);
+ return ret;
+ }
+@@ -439,7 +439,7 @@ asmlinkage long sys32_sendfile(int out_f
+ return -EFAULT;
+
+ set_fs(KERNEL_DS);
+- ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __user *)&of : NULL,
++ ret = sys_sendfile(out_fd, in_fd, offset ? (off_t __force_user *)&of : NULL,
+ count);
+ set_fs(old_fs);
+
+diff -urNp linux-3.0.4/arch/x86/include/asm/alternative-asm.h linux-3.0.4/arch/x86/include/asm/alternative-asm.h
+--- linux-3.0.4/arch/x86/include/asm/alternative-asm.h 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/alternative-asm.h 2011-10-07 19:07:23.000000000 -0400
+@@ -15,6 +15,20 @@
+ .endm
+ #endif
+
++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++ .macro pax_force_retaddr rip=0
++ btsq $63,\rip(%rsp)
++ .endm
++ .macro pax_force_fptr ptr
++ btsq $63,\ptr
++ .endm
++#else
++ .macro pax_force_retaddr rip=0
++ .endm
++ .macro pax_force_fptr ptr
++ .endm
++#endif
++
+ .macro altinstruction_entry orig alt feature orig_len alt_len
+ .align 8
+ .quad \orig
diff -urNp linux-3.0.4/arch/x86/include/asm/alternative.h linux-3.0.4/arch/x86/include/asm/alternative.h
--- linux-3.0.4/arch/x86/include/asm/alternative.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/alternative.h 2011-08-23 21:47:55.000000000 -0400
@@ -7226,12 +7356,12 @@
#endif /* _ASM_X86_EMERGENCY_RESTART_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/futex.h linux-3.0.4/arch/x86/include/asm/futex.h
--- linux-3.0.4/arch/x86/include/asm/futex.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/futex.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/futex.h 2011-10-06 04:17:55.000000000 -0400
@@ -12,16 +12,18 @@
#include <asm/system.h>
#define __futex_atomic_op1(insn, ret, oldval, uaddr, oparg) \
-+ typecheck(u32 *, uaddr); \
++ typecheck(u32 __user *, uaddr); \
asm volatile("1:\t" insn "\n" \
"2:\t.section .fixup,\"ax\"\n" \
"3:\tmov\t%3, %1\n" \
@@ -7239,11 +7369,11 @@
"\t.previous\n" \
_ASM_EXTABLE(1b, 3b) \
- : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \
-+ : "=r" (oldval), "=r" (ret), "+m" (*(u32 *)____m(uaddr))\
++ : "=r" (oldval), "=r" (ret), "+m" (*(u32 __user *)____m(uaddr))\
: "i" (-EFAULT), "0" (oparg), "1" (0))
#define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \
-+ typecheck(u32 *, uaddr); \
++ typecheck(u32 __user *, uaddr); \
asm volatile("1:\tmovl %2, %0\n" \
"\tmovl\t%0, %3\n" \
"\t" insn "\n" \
@@ -7252,7 +7382,7 @@
_ASM_EXTABLE(2b, 4b) \
: "=&a" (oldval), "=&r" (ret), \
- "+m" (*uaddr), "=&r" (tem) \
-+ "+m" (*(u32 *)____m(uaddr)), "=&r" (tem) \
++ "+m" (*(u32 __user *)____m(uaddr)), "=&r" (tem) \
: "r" (oparg), "i" (-EFAULT), "1" (0))
static inline int futex_atomic_op_inuser(int encoded_op, u32 __user *uaddr)
@@ -7281,7 +7411,7 @@
"\t.previous\n"
_ASM_EXTABLE(1b, 3b)
- : "+r" (ret), "=a" (oldval), "+m" (*uaddr)
-+ : "+r" (ret), "=a" (oldval), "+m" (*(u32 *)____m(uaddr))
++ : "+r" (ret), "=a" (oldval), "+m" (*(u32 __user *)____m(uaddr))
: "i" (-EFAULT), "r" (newval), "1" (oldval)
: "memory"
);
@@ -7301,14 +7431,14 @@
extern void eisa_set_level_irq(unsigned int irq);
diff -urNp linux-3.0.4/arch/x86/include/asm/i387.h linux-3.0.4/arch/x86/include/asm/i387.h
--- linux-3.0.4/arch/x86/include/asm/i387.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/i387.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/i387.h 2011-10-06 04:17:55.000000000 -0400
@@ -92,6 +92,11 @@ static inline int fxrstor_checking(struc
{
int err;
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
+ if ((unsigned long)fx < PAX_USER_SHADOW_BASE)
-+ fx = (struct i387_fxsave_struct *)((void *)fx + PAX_USER_SHADOW_BASE);
++ fx = (struct i387_fxsave_struct __user *)((void *)fx + PAX_USER_SHADOW_BASE);
+#endif
+
/* See comment in fxsave() below. */
@@ -7758,7 +7888,7 @@
#ifdef CONFIG_SMP
diff -urNp linux-3.0.4/arch/x86/include/asm/module.h linux-3.0.4/arch/x86/include/asm/module.h
--- linux-3.0.4/arch/x86/include/asm/module.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/module.h 2011-08-23 21:48:14.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/module.h 2011-10-07 19:24:31.000000000 -0400
@@ -5,6 +5,7 @@
#ifdef CONFIG_X86_64
@@ -7767,37 +7897,25 @@
#elif defined CONFIG_M386
#define MODULE_PROC_FAMILY "386 "
#elif defined CONFIG_M486
-@@ -59,8 +60,30 @@
+@@ -59,8 +60,18 @@
#error unknown processor family
#endif
-#ifdef CONFIG_X86_32
-# define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY
-+#ifdef CONFIG_PAX_MEMORY_UDEREF
-+#define MODULE_PAX_UDEREF "UDEREF "
-+#else
-+#define MODULE_PAX_UDEREF ""
-+#endif
-+
+#ifdef CONFIG_PAX_KERNEXEC
+#define MODULE_PAX_KERNEXEC "KERNEXEC "
+#else
+#define MODULE_PAX_KERNEXEC ""
#endif
-+#ifdef CONFIG_PAX_REFCOUNT
-+#define MODULE_PAX_REFCOUNT "REFCOUNT "
-+#else
-+#define MODULE_PAX_REFCOUNT ""
-+#endif
-+
-+#ifdef CONFIG_GRKERNSEC
-+#define MODULE_GRSEC "GRSECURITY "
++#ifdef CONFIG_PAX_MEMORY_UDEREF
++#define MODULE_PAX_UDEREF "UDEREF "
+#else
-+#define MODULE_GRSEC ""
++#define MODULE_PAX_UDEREF ""
+#endif
+
-+#define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY MODULE_GRSEC MODULE_PAX_KERNEXEC MODULE_PAX_UDEREF MODULE_PAX_REFCOUNT
++#define MODULE_ARCH_VERMAGIC MODULE_PROC_FAMILY MODULE_PAX_KERNEXEC MODULE_PAX_UDEREF
+
#endif /* _ASM_X86_MODULE_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/page_64_types.h linux-3.0.4/arch/x86/include/asm/page_64_types.h
@@ -8988,6 +9106,18 @@
};
void dump_trace(struct task_struct *tsk, struct pt_regs *regs,
+diff -urNp linux-3.0.4/arch/x86/include/asm/sys_ia32.h linux-3.0.4/arch/x86/include/asm/sys_ia32.h
+--- linux-3.0.4/arch/x86/include/asm/sys_ia32.h 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/sys_ia32.h 2011-10-06 04:17:55.000000000 -0400
+@@ -40,7 +40,7 @@ asmlinkage long sys32_rt_sigprocmask(int
+ compat_sigset_t __user *, unsigned int);
+ asmlinkage long sys32_alarm(unsigned int);
+
+-asmlinkage long sys32_waitpid(compat_pid_t, unsigned int *, int);
++asmlinkage long sys32_waitpid(compat_pid_t, unsigned int __user *, int);
+ asmlinkage long sys32_sysfs(int, u32, u32);
+
+ asmlinkage long sys32_sched_rr_get_interval(compat_pid_t,
diff -urNp linux-3.0.4/arch/x86/include/asm/system.h linux-3.0.4/arch/x86/include/asm/system.h
--- linux-3.0.4/arch/x86/include/asm/system.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/system.h 2011-08-23 21:47:55.000000000 -0400
@@ -9355,7 +9485,7 @@
diff -urNp linux-3.0.4/arch/x86/include/asm/uaccess_64.h linux-3.0.4/arch/x86/include/asm/uaccess_64.h
--- linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-08-23 21:48:14.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/uaccess_64.h 2011-10-06 04:17:55.000000000 -0400
@@ -10,6 +10,9 @@
#include <asm/alternative.h>
#include <asm/cpufeature.h>
@@ -9453,7 +9583,7 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
-+ return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
+ }
switch (size) {
- case 1:__get_user_asm(*(u8 *)dst, (u8 __user *)src,
@@ -9502,7 +9632,7 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
-+ return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
}
}
@@ -9516,6 +9646,7 @@
might_fault();
- if (!__builtin_constant_p(size))
+- return copy_user_generic((__force void *)dst, src, size);
+
+ pax_track_stack();
+
@@ -9542,7 +9673,7 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
+ }
switch (size) {
- case 1:__put_user_asm(*(u8 *)src, (u8 __user *)dst,
@@ -9584,13 +9715,14 @@
ret, "q", "", "er", 8);
return ret;
default:
+- return copy_user_generic((__force void *)dst, src, size);
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ if ((unsigned long)dst < PAX_USER_SHADOW_BASE)
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
}
}
@@ -9603,6 +9735,8 @@
might_fault();
- if (!__builtin_constant_p(size))
+- return copy_user_generic((__force void *)dst,
+- (__force void *)src, size);
+
+ if ((int)size < 0)
+ return size;
@@ -9623,9 +9757,8 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst,
-- (__force void *)src, size);
-+ (__force const void *)src, size);
++ return copy_user_generic((__force_kernel void *)dst,
++ (__force_kernel const void *)src, size);
+ }
switch (size) {
case 1: {
@@ -9666,6 +9799,8 @@
return ret;
}
default:
+- return copy_user_generic((__force void *)dst,
+- (__force void *)src, size);
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
+ if ((unsigned long)src < PAX_USER_SHADOW_BASE)
@@ -9674,9 +9809,8 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst,
-- (__force void *)src, size);
-+ (__force const void *)src, size);
++ return copy_user_generic((__force_kernel void *)dst,
++ (__force_kernel const void *)src, size);
}
}
@@ -9684,6 +9818,7 @@
static __must_check __always_inline int
__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size)
{
+- return copy_user_generic(dst, (__force const void *)src, size);
+ pax_track_stack();
+
+ if ((int)size < 0)
@@ -9697,13 +9832,14 @@
+ src += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic(dst, (__force const void *)src, size);
++ return copy_user_generic(dst, (__force_kernel const void *)src, size);
}
-static __must_check __always_inline int
+static __must_check __always_inline unsigned long
__copy_to_user_inatomic(void __user *dst, const void *src, unsigned size)
{
+- return copy_user_generic((__force void *)dst, src, size);
+ if ((int)size < 0)
+ return size;
+
@@ -9715,7 +9851,7 @@
+ dst += PAX_USER_SHADOW_BASE;
+#endif
+
- return copy_user_generic((__force void *)dst, src, size);
++ return copy_user_generic((__force_kernel void *)dst, src, size);
}
-extern long __copy_user_nocache(void *dst, const void __user *src,
@@ -9756,13 +9892,14 @@
}
-unsigned long
+-copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest);
+extern unsigned long
- copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest);
++copy_user_handle_tail(char __user *to, char __user *from, unsigned len, unsigned zerorest);
#endif /* _ASM_X86_UACCESS_64_H */
diff -urNp linux-3.0.4/arch/x86/include/asm/uaccess.h linux-3.0.4/arch/x86/include/asm/uaccess.h
--- linux-3.0.4/arch/x86/include/asm/uaccess.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/uaccess.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/uaccess.h 2011-10-06 04:17:55.000000000 -0400
@@ -7,12 +7,15 @@
#include <linux/compiler.h>
#include <linux/thread_info.h>
@@ -9862,6 +9999,15 @@
"3:\n" \
_ASM_EXTABLE(1b, 2b - 1b) \
_ASM_EXTABLE(2b, 3b - 2b) \
+@@ -252,7 +294,7 @@ extern void __put_user_8(void);
+ __typeof__(*(ptr)) __pu_val; \
+ __chk_user_ptr(ptr); \
+ might_fault(); \
+- __pu_val = x; \
++ __pu_val = (x); \
+ switch (sizeof(*(ptr))) { \
+ case 1: \
+ __put_user_x(1, __pu_val, ptr, __ret_pu); \
@@ -373,7 +415,7 @@ do { \
} while (0)
@@ -9973,6 +10119,18 @@
} while (0)
#ifdef CONFIG_X86_WP_WORKS_OK
+diff -urNp linux-3.0.4/arch/x86/include/asm/vdso.h linux-3.0.4/arch/x86/include/asm/vdso.h
+--- linux-3.0.4/arch/x86/include/asm/vdso.h 2011-07-21 22:17:23.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/vdso.h 2011-10-06 04:17:55.000000000 -0400
+@@ -11,7 +11,7 @@ extern const char VDSO32_PRELINK[];
+ #define VDSO32_SYMBOL(base, name) \
+ ({ \
+ extern const char VDSO32_##name[]; \
+- (void *)(VDSO32_##name - VDSO32_PRELINK + (unsigned long)(base)); \
++ (void __user *)(VDSO32_##name - VDSO32_PRELINK + (unsigned long)(base)); \
+ })
+ #endif
+
diff -urNp linux-3.0.4/arch/x86/include/asm/x86_init.h linux-3.0.4/arch/x86/include/asm/x86_init.h
--- linux-3.0.4/arch/x86/include/asm/x86_init.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/x86_init.h 2011-08-23 21:47:55.000000000 -0400
@@ -10095,7 +10253,7 @@
extern struct x86_cpuinit_ops x86_cpuinit;
diff -urNp linux-3.0.4/arch/x86/include/asm/xsave.h linux-3.0.4/arch/x86/include/asm/xsave.h
--- linux-3.0.4/arch/x86/include/asm/xsave.h 2011-07-21 22:17:23.000000000 -0400
-+++ linux-3.0.4/arch/x86/include/asm/xsave.h 2011-08-23 21:47:55.000000000 -0400
++++ linux-3.0.4/arch/x86/include/asm/xsave.h 2011-10-06 04:17:55.000000000 -0400
@@ -65,6 +65,11 @@ static inline int xsave_user(struct xsav
{
int err;
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/kernel/kernel-grsec_full.patch?r1=1.3.2.74&r2=1.3.2.75&f=u
More information about the pld-cvs-commit
mailing list