rpms/kernel/FC-5 linux-2.6-execshield.patch,1.24,1.25
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Oct 30 05:29:29 UTC 2006
Author: davej
Update of /cvs/dist/rpms/kernel/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv16754
Modified Files:
linux-2.6-execshield.patch
Log Message:
rediff
linux-2.6-execshield.patch:
arch/i386/kernel/cpu/common.c | 7 +
arch/i386/kernel/process.c | 59 +++++++++++++
arch/i386/kernel/smp.c | 3
arch/i386/kernel/sysenter.c | 5 -
arch/i386/kernel/traps.c | 93 ++++++++++++++++++++
arch/i386/mm/init.c | 6 +
arch/i386/mm/mmap.c | 6 -
arch/i386/mm/pageattr.c | 8 +
arch/ia64/ia32/binfmt_elf32.c | 2
arch/powerpc/kernel/vdso.c | 3
arch/x86_64/ia32/ia32_binfmt.c | 6 -
arch/x86_64/ia32/syscall32.c | 4
arch/x86_64/kernel/process.c | 6 -
arch/x86_64/kernel/setup64.c | 23 -----
arch/x86_64/mm/fault.c | 2
arch/x86_64/mm/mmap.c | 98 +++++++++++++++++----
drivers/char/random.c | 7 +
fs/binfmt_elf.c | 147 +++++++++++++++++++++++++-------
fs/proc/array.c | 8 +
fs/proc/base.c | 8 -
fs/proc/task_mmu.c | 29 +++++-
include/asm-i386/a.out.h | 2
include/asm-i386/desc.h | 14 +++
include/asm-i386/elf.h | 6 +
include/asm-i386/mmu.h | 4
include/asm-i386/page.h | 5 +
include/asm-i386/pgalloc.h | 1
include/asm-i386/processor.h | 8 +
include/asm-ia64/pgalloc.h | 4
include/asm-powerpc/elf.h | 3
include/asm-powerpc/pgalloc.h | 5 +
include/asm-ppc/pgalloc.h | 5 +
include/asm-s390/pgalloc.h | 4
include/asm-sparc/pgalloc.h | 4
include/asm-sparc64/pgalloc.h | 4
include/asm-x86_64/pgalloc.h | 7 +
include/asm-x86_64/pgtable.h | 2
include/linux/mm.h | 16 +++
include/linux/resource.h | 5 -
include/linux/sched.h | 9 ++
include/linux/sysctl.h | 3
kernel/signal.c | 33 +++++++
kernel/sysctl.c | 56 ++++++++++++
mm/fremap.c | 16 ++-
mm/mmap.c | 183 +++++++++++++++++++++++++++++++++++++++--
mm/mprotect.c | 5 -
mm/mremap.c | 4
47 files changed, 803 insertions(+), 135 deletions(-)
Index: linux-2.6-execshield.patch
===================================================================
RCS file: /cvs/dist/rpms/kernel/FC-5/linux-2.6-execshield.patch,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- linux-2.6-execshield.patch 28 Oct 2006 01:16:08 -0000 1.24
+++ linux-2.6-execshield.patch 30 Oct 2006 05:29:26 -0000 1.25
@@ -18,7 +18,7 @@
diff -urNp --exclude-from=/home/davej/.exclude linux-802/arch/i386/kernel/process.c linux-810/arch/i386/kernel/process.c
--- linux-802/arch/i386/kernel/process.c
+++ linux-810/arch/i386/kernel/process.c
-@@ -646,6 +646,8 @@ struct task_struct fastcall * __switch_t
+@@ -641,6 +641,8 @@ struct task_struct fastcall * __switch_t
/* never put a printk in __switch_to... printk() calls wake_up*() indirectly */
__unlazy_fpu(prev_p);
@@ -27,7 +27,7 @@
/*
* Reload esp0.
-@@ -906,3 +908,60 @@ unsigned long arch_align_stack(unsigned
+@@ -901,3 +903,60 @@ unsigned long arch_align_stack(unsigned
sp -= get_random_int() % 8192;
return sp & ~0xf;
}
@@ -121,10 +121,19 @@
{
struct vm_area_struct *vma;
struct mm_struct *mm = current->mm;
+@@ -126,7 +127,7 @@ int arch_setup_additional_pages(struct l
+ int ret;
+
+ down_write(&mm->mmap_sem);
+- addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0);
++ addr = get_unmapped_area_prot(NULL, 0, PAGE_SIZE, 0, 0, 1);
+ if (IS_ERR_VALUE(addr)) {
+ ret = addr;
+ goto up_fail;
diff -urNp --exclude-from=/home/davej/.exclude linux-802/arch/i386/kernel/traps.c linux-810/arch/i386/kernel/traps.c
--- linux-802/arch/i386/kernel/traps.c
+++ linux-810/arch/i386/kernel/traps.c
-@@ -565,7 +565,82 @@ DO_ERROR(10, SIGSEGV, "invalid TSS", inv
+@@ -625,7 +625,82 @@ DO_ERROR(10, SIGSEGV, "invalid TSS", inv
DO_ERROR(11, SIGBUS, "segment not present", segment_not_present)
DO_ERROR(12, SIGBUS, "stack segment", stack_segment)
DO_ERROR_INFO(17, SIGBUS, "alignment check", alignment_check, BUS_ADRALN, 0)
@@ -208,7 +217,7 @@
fastcall void __kprobes do_general_protection(struct pt_regs * regs,
long error_code)
-@@ -573,6 +648,7 @@ fastcall void __kprobes do_general_prote
+@@ -633,6 +708,7 @@ fastcall void __kprobes do_general_prote
int cpu = get_cpu();
struct tss_struct *tss = &per_cpu(init_tss, cpu);
struct thread_struct *thread = ¤t->thread;
@@ -216,7 +225,7 @@
/*
* Perform the lazy TSS's I/O bitmap copy. If the TSS has an
-@@ -599,7 +675,6 @@ fastcall void __kprobes do_general_prote
+@@ -659,7 +735,6 @@ fastcall void __kprobes do_general_prote
put_cpu();
return;
}
@@ -224,7 +233,7 @@
current->thread.error_code = error_code;
current->thread.trap_no = 13;
-@@ -610,17 +685,31 @@ fastcall void __kprobes do_general_prote
+@@ -670,17 +745,31 @@ fastcall void __kprobes do_general_prote
if (!user_mode(regs))
goto gp_in_kernel;
@@ -310,6 +319,31 @@
mm->unmap_area = arch_unmap_area_topdown;
}
}
+diff -urNp --exclude-from=/home/davej/.exclude linux-802/arch/i386/mm/pageattr.c linux-810/arch/i386/mm/pageattr.c
+--- linux-802/arch/i386/mm/pageattr.c
++++ linux-810/arch/i386/mm/pageattr.c
+@@ -8,6 +8,8 @@
+ #include <linux/highmem.h>
+ #include <linux/module.h>
+ #include <linux/slab.h>
++#include <linux/kernel.h>
++#include <asm/sections.h>
+ #include <asm/uaccess.h>
+ #include <asm/processor.h>
+ #include <asm/tlbflush.h>
+@@ -130,6 +132,12 @@ __change_page_attr(struct page *page, pg
+ BUG_ON(PageHighMem(page));
+ address = (unsigned long)page_address(page);
+
++ if (address >= (unsigned long)__start_rodata && address <= (unsigned long)__end_rodata &&
++ (pgprot_val(prot) & _PAGE_RW)) {
++ pgprot_val(prot) &= ~(_PAGE_RW);
++ add_taint(TAINT_MACHINE_CHECK);
++ }
++
+ kpte = lookup_address(address);
+ if (!kpte)
+ return -EINVAL;
diff -urNp --exclude-from=/home/davej/.exclude linux-802/arch/ia64/ia32/binfmt_elf32.c linux-810/arch/ia64/ia32/binfmt_elf32.c
--- linux-802/arch/ia64/ia32/binfmt_elf32.c
+++ linux-810/arch/ia64/ia32/binfmt_elf32.c
@@ -986,8 +1020,7 @@
return buffer;
}
-@@ -130,6 +140,9 @@ __attribute__((weak)) const char *arch_v
- static int show_map_internal(struct seq_file *m, void *v, struct mem_size_stats *mss)
+@@ -131,6 +141,9 @@ static int show_map_internal(struct seq_
{
struct proc_maps_private *priv = m->private;
struct task_struct *task = priv->task;
@@ -996,6 +1029,7 @@
+#endif
struct vm_area_struct *vma = v;
struct mm_struct *mm = vma->vm_mm;
+ struct file *file = vma->vm_file;
@@ -150,10 +163,20 @@ static int show_map_internal(struct seq_
vma->vm_end,
flags & VM_READ ? 'r' : '-',
@@ -1416,22 +1450,21 @@
diff -urNp --exclude-from=/home/davej/.exclude linux-802/kernel/sysctl.c linux-810/kernel/sysctl.c
--- linux-802/kernel/sysctl.c
+++ linux-810/kernel/sysctl.c
-@@ -80,6 +80,29 @@ extern int proc_unknown_nmi_panic(ctl_ta
+@@ -80,6 +80,28 @@ extern int proc_unknown_nmi_panic(ctl_ta
void __user *, size_t *, loff_t *);
#endif
+extern unsigned int vdso_enabled, vdso_populate;
+
-+int exec_shield = (1<<3) | (1<<0);
++int exec_shield = (1<<0);
+/* exec_shield is a bitmask:
+ 0: off; vdso at STACK_TOP, 1 page below TASK_SIZE
+ (1<<0) 1: on [also on if !=0]
-+ (1<<1) 2: noexecstack by default
++ (1<<1) 2: force noexecstack regardless of PT_GNU_STACK
++ The old settings
+ (1<<2) 4: vdso just below .text of main (unless too low)
+ (1<<3) 8: vdso just below .text of PT_INTERP (unless too low)
-+Yes, vdso placement is overloaded here; but exec_shield off
-+is a strong incentive to place vdso at STACK_TOP, so the bit
-+for vdso just below .text comes along for the ride.
++ are ignored because the vdso is placed completely randomly
+*/
+
+static int __init setup_exec_shield(char *str)
@@ -1446,7 +1479,7 @@
/* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
static int maxolduid = 65535;
static int minolduid;
-@@ -282,6 +305,40 @@ static ctl_table kern_table[] = {
+@@ -282,6 +304,40 @@ static ctl_table kern_table[] = {
.proc_handler = &proc_dointvec,
},
{
@@ -1592,7 +1625,7 @@
-EXPORT_SYMBOL(get_unmapped_area);
+EXPORT_SYMBOL(get_unmapped_area_prot);
+
-+#define SHLIB_BASE 0x00111000
++#define SHLIB_BASE 0x00110000
+
+unsigned long arch_get_unmapped_exec_area(struct file *filp, unsigned long addr0,
+ unsigned long len0, unsigned long pgoff, unsigned long flags)
@@ -1832,100 +1865,3 @@
ret = new_addr;
if (new_addr & ~PAGE_MASK)
goto out;
-
-
-Date: Fri, 29 Sep 2006 02:14:32 +0100
-From: "Bart Oldeman" <bartoldeman at users.sourceforge.net>
-To: mingo at elte.hu
-Subject: [patch] exec-shield: move vdso back to the ascii-armor.
-
-Hi Ingo,
-
-testing exec-shield I observed that unlike in earlier versions, the
-vdso page was now placed at the normal maps around 0xbf000000. With
-the cs-selector protection that makes the heap executable.
-
-I wonder if this was done on purpose? In any case, the attached patch
-rectifies this.
-
-Also, two of the four bits in the sysctl are not used anymore, and I
-observed that random_int() when called withing very short time ranges,
-returns the same value, and the same random address, so the address is
-reset to 0x110000.
-
-As the vdso page is no longer placed just below any other region, SHLIB_BASE
-could be decreased by 0x1000.
-
-Bart
-
---- linux-2.6.18.noarch/kernel/sysctl.c~ 2006-09-29 16:59:02.000000000 -0400
-+++ linux-2.6.18.noarch/kernel/sysctl.c 2006-09-29 17:00:06.000000000 -0400
-@@ -82,16 +82,15 @@ extern int proc_unknown_nmi_panic(ctl_ta
-
- extern unsigned int vdso_enabled, vdso_populate;
-
--int exec_shield = (1<<3) | (1<<0);
-+int exec_shield = (1<<0);
- /* exec_shield is a bitmask:
- 0: off; vdso at STACK_TOP, 1 page below TASK_SIZE
- (1<<0) 1: on [also on if !=0]
-- (1<<1) 2: noexecstack by default
-+ (1<<1) 2: force noexecstack regardless of PT_GNU_STACK
-+ The old settings
- (1<<2) 4: vdso just below .text of main (unless too low)
- (1<<3) 8: vdso just below .text of PT_INTERP (unless too low)
--Yes, vdso placement is overloaded here; but exec_shield off
--is a strong incentive to place vdso at STACK_TOP, so the bit
--for vdso just below .text comes along for the ride.
-+ are ignored because the vdso is placed completely randomly
- */
-
- static int __init setup_exec_shield(char *str)
---- 1/mm/mmap.c.orig 2006-09-28 22:16:49.000000000 +0100
-+++ 2/mm/mmap.c 2006-09-28 23:58:14.000000000 +0100
-@@ -1407,7 +1407,7 @@
-
- EXPORT_SYMBOL(get_unmapped_area_prot);
-
--#define SHLIB_BASE 0x00111000
-+#define SHLIB_BASE 0x00110000
-
- unsigned long arch_get_unmapped_exec_area(struct file *filp, unsigned long addr0,
- unsigned long len0, unsigned long pgoff, unsigned long flags)
---- 1/arch/i386/kernel/sysenter.c.orig 2006-09-28 22:09:57.000000000 +0100
-+++ 2/arch/i386/kernel/sysenter.c 2006-09-28 23:02:38.000000000 +0100
-@@ -127,7 +127,7 @@
- int ret;
-
- down_write(&mm->mmap_sem);
-- addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0);
-+ addr = get_unmapped_area_prot(NULL, 0, PAGE_SIZE, 0, 0, 1);
- if (IS_ERR_VALUE(addr)) {
- ret = addr;
- goto up_fail;
-
-
---- linux-2.6.17-rc3-mm1-davej/arch/i386/mm/pageattr.c.org 2006-05-04 09:23:56.000000000 +0200
-+++ linux-2.6.17-rc3-mm1-davej/arch/i386/mm/pageattr.c 2006-05-04 09:27:21.000000000 +0200
-@@ -8,6 +8,8 @@
- #include <linux/highmem.h>
- #include <linux/module.h>
- #include <linux/slab.h>
-+#include <linux/kernel.h>
-+#include <asm/sections.h>
- #include <asm/uaccess.h>
- #include <asm/processor.h>
- #include <asm/tlbflush.h>
-@@ -130,6 +132,12 @@
- BUG_ON(PageHighMem(page));
- address = (unsigned long)page_address(page);
-
-+ if (address >= (unsigned long)__start_rodata && address <= (unsigned long)__end_rodata &&
-+ (pgprot_val(prot) & _PAGE_RW)) {
-+ pgprot_val(prot) &= ~(_PAGE_RW);
-+ add_taint(TAINT_MACHINE_CHECK);
-+ }
-+
- kpte = lookup_address(address);
- if (!kpte)
- return -EINVAL;
More information about the fedora-cvs-commits
mailing list