From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/
Date: Sun, 8 Apr 2012 16:08:28 +0000 (UTC) [thread overview]
Message-ID: <1333901285.0a52db7b3a5e19bbd7e27bc6d800a92a4a5c69c6.blueness@gentoo> (raw)
commit: 0a52db7b3a5e19bbd7e27bc6d800a92a4a5c69c6
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 8 16:08:05 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Apr 8 16:08:05 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=0a52db7b
Grsec/PaX: 2.9-{2.6.32.59-201204010910,3.2.14-201204021757,3.3.1-201204021758}
---
2.6.32/0000_README | 2 +-
...20_grsecurity-2.9-2.6.32.59-201204062020.patch} | 38 +++++++++++-------
3.2.14/0000_README | 2 +-
... 4420_grsecurity-2.9-3.2.14-201204062020.patch} | 42 ++++++++++++--------
3.3.1/0000_README | 2 +-
...> 4420_grsecurity-2.9-3.3.1-201204062021.patch} | 42 ++++++++++++--------
6 files changed, 76 insertions(+), 52 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index eb3b0e5..e55e10a 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9-2.6.32.59-201204010910.patch
+Patch: 4420_grsecurity-2.9-2.6.32.59-201204062020.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch
rename to 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
index adc0a83..8d7ed1b 100644
--- a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch
+++ b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
@@ -64990,7 +64990,7 @@ index 0133b5a..3710d09 100644
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm);
#ifdef __alpha__
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index a64fde6..4d6ea81 100644
+index a64fde6..aea5248 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -31,6 +31,7 @@
@@ -65633,7 +65633,7 @@ index a64fde6..4d6ea81 100644
/* set_brk can never work. Avoid overflows. */
send_sig(SIGKILL, current, 0);
retval = -EINVAL;
-@@ -877,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
+@@ -877,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
goto out_free_dentry;
}
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
@@ -65651,8 +65651,10 @@ index a64fde6..4d6ea81 100644
+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
+ unsigned long start, size;
+
++ current->mm->end_data = end_data = elf_brk;
+ start = ELF_PAGEALIGN(elf_brk);
+ size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
++ current->mm->start_brk = start + size;
+ down_write(¤t->mm->mmap_sem);
+ retval = -ENOMEM;
+ if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
@@ -65672,7 +65674,7 @@ index a64fde6..4d6ea81 100644
if (elf_interpreter) {
unsigned long uninitialized_var(interp_map_addr);
-@@ -1112,8 +1598,10 @@ static int dump_seek(struct file *file, loff_t off)
+@@ -1112,8 +1600,10 @@ static int dump_seek(struct file *file, loff_t off)
unsigned long n = off;
if (n > PAGE_SIZE)
n = PAGE_SIZE;
@@ -65684,7 +65686,7 @@ index a64fde6..4d6ea81 100644
off -= n;
}
free_page((unsigned long)buf);
-@@ -1125,7 +1613,7 @@ static int dump_seek(struct file *file, loff_t off)
+@@ -1125,7 +1615,7 @@ static int dump_seek(struct file *file, loff_t off)
* Decide what to dump of a segment, part, all or none.
*/
static unsigned long vma_dump_size(struct vm_area_struct *vma,
@@ -65693,7 +65695,7 @@ index a64fde6..4d6ea81 100644
{
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
-@@ -1159,7 +1647,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
+@@ -1159,7 +1649,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
if (vma->vm_file == NULL)
return 0;
@@ -65702,7 +65704,7 @@ index a64fde6..4d6ea81 100644
goto whole;
/*
-@@ -1255,8 +1743,11 @@ static int writenote(struct memelfnote *men, struct file *file,
+@@ -1255,8 +1745,11 @@ static int writenote(struct memelfnote *men, struct file *file,
#undef DUMP_WRITE
#define DUMP_WRITE(addr, nr) \
@@ -65715,7 +65717,7 @@ index a64fde6..4d6ea81 100644
static void fill_elf_header(struct elfhdr *elf, int segs,
u16 machine, u32 flags, u8 osabi)
-@@ -1385,9 +1876,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
+@@ -1385,9 +1878,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
{
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
int i = 0;
@@ -65727,7 +65729,7 @@ index a64fde6..4d6ea81 100644
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
}
-@@ -1973,7 +2464,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
+@@ -1973,7 +2466,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
phdr.p_offset = offset;
phdr.p_vaddr = vma->vm_start;
phdr.p_paddr = 0;
@@ -65736,7 +65738,7 @@ index a64fde6..4d6ea81 100644
phdr.p_memsz = vma->vm_end - vma->vm_start;
offset += phdr.p_filesz;
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
-@@ -2006,7 +2497,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
+@@ -2006,7 +2499,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
unsigned long addr;
unsigned long end;
@@ -65745,7 +65747,7 @@ index a64fde6..4d6ea81 100644
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
struct page *page;
-@@ -2015,6 +2506,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
+@@ -2015,6 +2508,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
page = get_dump_page(addr);
if (page) {
void *kaddr = kmap(page);
@@ -65753,7 +65755,7 @@ index a64fde6..4d6ea81 100644
stop = ((size += PAGE_SIZE) > limit) ||
!dump_write(file, kaddr, PAGE_SIZE);
kunmap(page);
-@@ -2042,6 +2534,97 @@ out:
+@@ -2042,6 +2536,97 @@ out:
#endif /* USE_ELF_CORE_DUMP */
@@ -96871,7 +96873,7 @@ index 2d846cf..98134d2 100644
capable(CAP_IPC_LOCK))
ret = do_mlockall(flags);
diff --git a/mm/mmap.c b/mm/mmap.c
-index 4b80cbf..12a7861 100644
+index 4b80cbf..073ac3e 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -45,6 +45,16 @@
@@ -98127,16 +98129,22 @@ index 4b80cbf..12a7861 100644
/*
* Return true if the calling process may expand its vm space by the passed
* number of pages
-@@ -2237,7 +2691,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+@@ -2236,8 +2690,14 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+ unsigned long cur = mm->total_vm; /* pages */
unsigned long lim;
++#ifdef CONFIG_PAX_RANDMMAP
++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
++#endif
++
lim = current->signal->rlim[RLIMIT_AS].rlim_cur >> PAGE_SHIFT;
--
+
+ gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
if (cur + npages > lim)
return 0;
return 1;
-@@ -2307,6 +2761,22 @@ int install_special_mapping(struct mm_struct *mm,
+@@ -2307,6 +2767,22 @@ int install_special_mapping(struct mm_struct *mm,
vma->vm_start = addr;
vma->vm_end = addr + len;
diff --git a/3.2.14/0000_README b/3.2.14/0000_README
index 61ea918..3842c31 100644
--- a/3.2.14/0000_README
+++ b/3.2.14/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9-3.2.14-201204021757.patch
+Patch: 4420_grsecurity-2.9-3.2.14-201204062020.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch b/3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
similarity index 99%
rename from 3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch
rename to 3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
index 7964fc2..a4dfa05 100644
--- a/3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch
+++ b/3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
@@ -42181,7 +42181,7 @@ index a6395bd..f1e376a 100644
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm);
#ifdef __alpha__
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 6ff96c6..64d2dec 100644
+index 6ff96c6..d788bf7 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -32,6 +32,7 @@
@@ -42815,7 +42815,7 @@ index 6ff96c6..64d2dec 100644
/* set_brk can never work. Avoid overflows. */
send_sig(SIGKILL, current, 0);
retval = -EINVAL;
-@@ -881,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
+@@ -881,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
goto out_free_dentry;
}
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
@@ -42833,8 +42833,10 @@ index 6ff96c6..64d2dec 100644
+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
+ unsigned long start, size;
+
++ current->mm->end_data = end_data = elf_brk;
+ start = ELF_PAGEALIGN(elf_brk);
+ size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
++ current->mm->start_brk = start + size;
+ down_write(¤t->mm->mmap_sem);
+ retval = -ENOMEM;
+ if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
@@ -42854,7 +42856,7 @@ index 6ff96c6..64d2dec 100644
if (elf_interpreter) {
unsigned long uninitialized_var(interp_map_addr);
-@@ -1098,7 +1580,7 @@ out:
+@@ -1098,7 +1582,7 @@ out:
* Decide what to dump of a segment, part, all or none.
*/
static unsigned long vma_dump_size(struct vm_area_struct *vma,
@@ -42863,7 +42865,7 @@ index 6ff96c6..64d2dec 100644
{
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
-@@ -1132,7 +1614,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
+@@ -1132,7 +1616,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
if (vma->vm_file == NULL)
return 0;
@@ -42872,7 +42874,7 @@ index 6ff96c6..64d2dec 100644
goto whole;
/*
-@@ -1354,9 +1836,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
+@@ -1354,9 +1838,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
{
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
int i = 0;
@@ -42884,7 +42886,7 @@ index 6ff96c6..64d2dec 100644
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
}
-@@ -1862,14 +2344,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
+@@ -1862,14 +2346,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
}
static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
@@ -42901,7 +42903,7 @@ index 6ff96c6..64d2dec 100644
return size;
}
-@@ -1963,7 +2445,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1963,7 +2447,7 @@ static int elf_core_dump(struct coredump_params *cprm)
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
@@ -42910,7 +42912,7 @@ index 6ff96c6..64d2dec 100644
offset += elf_core_extra_data_size();
e_shoff = offset;
-@@ -1977,10 +2459,12 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1977,10 +2461,12 @@ static int elf_core_dump(struct coredump_params *cprm)
offset = dataoff;
size += sizeof(*elf);
@@ -42923,7 +42925,7 @@ index 6ff96c6..64d2dec 100644
if (size > cprm->limit
|| !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
goto end_coredump;
-@@ -1994,7 +2478,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1994,7 +2480,7 @@ static int elf_core_dump(struct coredump_params *cprm)
phdr.p_offset = offset;
phdr.p_vaddr = vma->vm_start;
phdr.p_paddr = 0;
@@ -42932,7 +42934,7 @@ index 6ff96c6..64d2dec 100644
phdr.p_memsz = vma->vm_end - vma->vm_start;
offset += phdr.p_filesz;
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
-@@ -2005,6 +2489,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2005,6 +2491,7 @@ static int elf_core_dump(struct coredump_params *cprm)
phdr.p_align = ELF_EXEC_PAGESIZE;
size += sizeof(phdr);
@@ -42940,7 +42942,7 @@ index 6ff96c6..64d2dec 100644
if (size > cprm->limit
|| !dump_write(cprm->file, &phdr, sizeof(phdr)))
goto end_coredump;
-@@ -2029,7 +2514,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2029,7 +2516,7 @@ static int elf_core_dump(struct coredump_params *cprm)
unsigned long addr;
unsigned long end;
@@ -42949,7 +42951,7 @@ index 6ff96c6..64d2dec 100644
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
struct page *page;
-@@ -2038,6 +2523,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2038,6 +2525,7 @@ static int elf_core_dump(struct coredump_params *cprm)
page = get_dump_page(addr);
if (page) {
void *kaddr = kmap(page);
@@ -42957,7 +42959,7 @@ index 6ff96c6..64d2dec 100644
stop = ((size += PAGE_SIZE) > cprm->limit) ||
!dump_write(cprm->file, kaddr,
PAGE_SIZE);
-@@ -2055,6 +2541,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2055,6 +2543,7 @@ static int elf_core_dump(struct coredump_params *cprm)
if (e_phnum == PN_XNUM) {
size += sizeof(*shdr4extnum);
@@ -42965,7 +42967,7 @@ index 6ff96c6..64d2dec 100644
if (size > cprm->limit
|| !dump_write(cprm->file, shdr4extnum,
sizeof(*shdr4extnum)))
-@@ -2075,6 +2562,97 @@ out:
+@@ -2075,6 +2564,97 @@ out:
#endif /* CONFIG_ELF_CORE */
@@ -71682,7 +71684,7 @@ index 4f4f53b..9511904 100644
capable(CAP_IPC_LOCK))
ret = do_mlockall(flags);
diff --git a/mm/mmap.c b/mm/mmap.c
-index eae90af..c930262 100644
+index eae90af..4370c73 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -46,6 +46,16 @@
@@ -72978,16 +72980,22 @@ index eae90af..c930262 100644
/*
* Return true if the calling process may expand its vm space by the passed
* number of pages
-@@ -2383,7 +2864,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+@@ -2382,8 +2863,13 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+ unsigned long cur = mm->total_vm; /* pages */
unsigned long lim;
++#ifdef CONFIG_PAX_RANDMMAP
++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
++#endif
++
lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT;
-
+ gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
if (cur + npages > lim)
return 0;
return 1;
-@@ -2454,6 +2935,22 @@ int install_special_mapping(struct mm_struct *mm,
+@@ -2454,6 +2940,22 @@ int install_special_mapping(struct mm_struct *mm,
vma->vm_start = addr;
vma->vm_end = addr + len;
diff --git a/3.3.1/0000_README b/3.3.1/0000_README
index 224c31f..945f66f 100644
--- a/3.3.1/0000_README
+++ b/3.3.1/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9-3.3.1-201204021758.patch
+Patch: 4420_grsecurity-2.9-3.3.1-201204062021.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch b/3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
similarity index 99%
rename from 3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch
rename to 3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
index 9d0bae3..2fad352 100644
--- a/3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch
+++ b/3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
@@ -41022,7 +41022,7 @@ index 1ff9405..f1e376a 100644
fd_offset + ex.a_text);
up_write(¤t->mm->mmap_sem);
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 07d096c..5e2a0b3 100644
+index 07d096c..1f08d39 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -32,6 +32,7 @@
@@ -41656,7 +41656,7 @@ index 07d096c..5e2a0b3 100644
/* set_brk can never work. Avoid overflows. */
send_sig(SIGKILL, current, 0);
retval = -EINVAL;
-@@ -881,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
+@@ -881,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
goto out_free_dentry;
}
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
@@ -41674,8 +41674,10 @@ index 07d096c..5e2a0b3 100644
+ if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
+ unsigned long start, size;
+
++ current->mm->end_data = end_data = elf_brk;
+ start = ELF_PAGEALIGN(elf_brk);
+ size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
++ current->mm->start_brk = start + size;
+ down_write(¤t->mm->mmap_sem);
+ retval = -ENOMEM;
+ if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
@@ -41695,7 +41697,7 @@ index 07d096c..5e2a0b3 100644
if (elf_interpreter) {
unsigned long uninitialized_var(interp_map_addr);
-@@ -1098,7 +1580,7 @@ out:
+@@ -1098,7 +1582,7 @@ out:
* Decide what to dump of a segment, part, all or none.
*/
static unsigned long vma_dump_size(struct vm_area_struct *vma,
@@ -41704,7 +41706,7 @@ index 07d096c..5e2a0b3 100644
{
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
-@@ -1132,7 +1614,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
+@@ -1132,7 +1616,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
if (vma->vm_file == NULL)
return 0;
@@ -41713,7 +41715,7 @@ index 07d096c..5e2a0b3 100644
goto whole;
/*
-@@ -1354,9 +1836,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
+@@ -1354,9 +1838,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
{
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
int i = 0;
@@ -41725,7 +41727,7 @@ index 07d096c..5e2a0b3 100644
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
}
-@@ -1862,14 +2344,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
+@@ -1862,14 +2346,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
}
static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
@@ -41742,7 +41744,7 @@ index 07d096c..5e2a0b3 100644
return size;
}
-@@ -1963,7 +2445,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1963,7 +2447,7 @@ static int elf_core_dump(struct coredump_params *cprm)
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
@@ -41751,7 +41753,7 @@ index 07d096c..5e2a0b3 100644
offset += elf_core_extra_data_size();
e_shoff = offset;
-@@ -1977,10 +2459,12 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1977,10 +2461,12 @@ static int elf_core_dump(struct coredump_params *cprm)
offset = dataoff;
size += sizeof(*elf);
@@ -41764,7 +41766,7 @@ index 07d096c..5e2a0b3 100644
if (size > cprm->limit
|| !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
goto end_coredump;
-@@ -1994,7 +2478,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -1994,7 +2480,7 @@ static int elf_core_dump(struct coredump_params *cprm)
phdr.p_offset = offset;
phdr.p_vaddr = vma->vm_start;
phdr.p_paddr = 0;
@@ -41773,7 +41775,7 @@ index 07d096c..5e2a0b3 100644
phdr.p_memsz = vma->vm_end - vma->vm_start;
offset += phdr.p_filesz;
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
-@@ -2005,6 +2489,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2005,6 +2491,7 @@ static int elf_core_dump(struct coredump_params *cprm)
phdr.p_align = ELF_EXEC_PAGESIZE;
size += sizeof(phdr);
@@ -41781,7 +41783,7 @@ index 07d096c..5e2a0b3 100644
if (size > cprm->limit
|| !dump_write(cprm->file, &phdr, sizeof(phdr)))
goto end_coredump;
-@@ -2029,7 +2514,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2029,7 +2516,7 @@ static int elf_core_dump(struct coredump_params *cprm)
unsigned long addr;
unsigned long end;
@@ -41790,7 +41792,7 @@ index 07d096c..5e2a0b3 100644
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
struct page *page;
-@@ -2038,6 +2523,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2038,6 +2525,7 @@ static int elf_core_dump(struct coredump_params *cprm)
page = get_dump_page(addr);
if (page) {
void *kaddr = kmap(page);
@@ -41798,7 +41800,7 @@ index 07d096c..5e2a0b3 100644
stop = ((size += PAGE_SIZE) > cprm->limit) ||
!dump_write(cprm->file, kaddr,
PAGE_SIZE);
-@@ -2055,6 +2541,7 @@ static int elf_core_dump(struct coredump_params *cprm)
+@@ -2055,6 +2543,7 @@ static int elf_core_dump(struct coredump_params *cprm)
if (e_phnum == PN_XNUM) {
size += sizeof(*shdr4extnum);
@@ -41806,7 +41808,7 @@ index 07d096c..5e2a0b3 100644
if (size > cprm->limit
|| !dump_write(cprm->file, shdr4extnum,
sizeof(*shdr4extnum)))
-@@ -2075,6 +2562,97 @@ out:
+@@ -2075,6 +2564,97 @@ out:
#endif /* CONFIG_ELF_CORE */
@@ -70120,7 +70122,7 @@ index ef726e8..13e0901 100644
capable(CAP_IPC_LOCK))
ret = do_mlockall(flags);
diff --git a/mm/mmap.c b/mm/mmap.c
-index da15a79..2e3d9ff 100644
+index da15a79..333850b 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -46,6 +46,16 @@
@@ -71349,16 +71351,22 @@ index da15a79..2e3d9ff 100644
/*
* Return true if the calling process may expand its vm space by the passed
* number of pages
-@@ -2392,7 +2882,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+@@ -2391,8 +2881,13 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
+ unsigned long cur = mm->total_vm; /* pages */
unsigned long lim;
++#ifdef CONFIG_PAX_RANDMMAP
++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
++#endif
++
lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT;
-
+ gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
if (cur + npages > lim)
return 0;
return 1;
-@@ -2463,6 +2953,22 @@ int install_special_mapping(struct mm_struct *mm,
+@@ -2463,6 +2958,22 @@ int install_special_mapping(struct mm_struct *mm,
vma->vm_start = addr;
vma->vm_end = addr + len;
next reply other threads:[~2012-04-08 16:08 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-08 16:08 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-04-09 13:34 [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/ Anthony G. Basile
2012-04-10 15:17 Anthony G. Basile
2012-04-10 15:26 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1333901285.0a52db7b3a5e19bbd7e27bc6d800a92a4a5c69c6.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox