From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/
Date: Tue, 10 Apr 2012 15:26:02 +0000 (UTC) [thread overview]
Message-ID: <1334071541.16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0.blueness@gentoo> (raw)
commit: 16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Tue Apr 10 15:25:41 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Tue Apr 10 15:25:41 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=16c0f4a1
Grsec/PaX: 2.9-{2.6.32.59,3.2.14,3.3.1}-201204081846
---
2.6.32/0000_README | 2 +-
...20_grsecurity-2.9-2.6.32.59-201204091727.patch} | 37 ++++++++++++++-----
3.2.14/0000_README | 2 +-
... 4420_grsecurity-2.9-3.2.14-201204091728.patch} | 24 +++++++-----
3.3.1/0000_README | 2 +-
...> 4420_grsecurity-2.9-3.3.1-201204091729.patch} | 37 ++++++++++++++-----
6 files changed, 71 insertions(+), 33 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 5165b40..0ae8b42 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9-2.6.32.59-201204081845.patch
+Patch: 4420_grsecurity-2.9-2.6.32.59-201204091727.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch
rename to 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch
index 221682f..e32341f 100644
--- a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch
+++ b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch
@@ -19231,6 +19231,19 @@ index 7d35d0f..03f1d52 100644
/*
* Shouldnt happen, we returned above if in_interrupt():
*/
+diff --git a/arch/x86/kernel/kdebugfs.c b/arch/x86/kernel/kdebugfs.c
+index e444357..437b4c5 100644
+--- a/arch/x86/kernel/kdebugfs.c
++++ b/arch/x86/kernel/kdebugfs.c
+@@ -27,6 +27,8 @@ struct setup_data_node {
+ };
+
+ static ssize_t setup_data_read(struct file *file, char __user *user_buf,
++ size_t count, loff_t *ppos) __size_overflow(3);
++static ssize_t setup_data_read(struct file *file, char __user *user_buf,
+ size_t count, loff_t *ppos)
+ {
+ struct setup_data_node *node = file->private_data;
diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index 8d82a77..0baf312 100644
--- a/arch/x86/kernel/kgdb.c
@@ -27321,10 +27334,10 @@ index df3d5c8..c2223e1 100644
p += get_opcode(p, &opcode);
for (i = 0; i < ARRAY_SIZE(imm_wop); i++)
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
-index e0e6fad..2d8a9a5 100644
+index e0e6fad..8aae04d 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
-@@ -83,9 +83,56 @@ static inline void pgd_list_del(pgd_t *pgd)
+@@ -83,9 +83,60 @@ static inline void pgd_list_del(pgd_t *pgd)
list_del(&page->lru);
}
@@ -27346,7 +27359,11 @@ index e0e6fad..2d8a9a5 100644
+ while (count--) {
+ pgd_t pgd;
+
++#ifdef CONFIG_X86_64
+ pgd = __pgd(pgd_val(*src++) | _PAGE_USER);
++#else
++ pgd = *src++;
++#endif
+
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
+ pgd = __pgd(pgd_val(pgd) & clone_pgd_mask);
@@ -27383,7 +27400,7 @@ index e0e6fad..2d8a9a5 100644
static void pgd_ctor(pgd_t *pgd)
{
/* If the pgd points to a shared pagetable level (either the
-@@ -119,6 +166,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -119,6 +170,7 @@ static void pgd_dtor(pgd_t *pgd)
pgd_list_del(pgd);
spin_unlock_irqrestore(&pgd_lock, flags);
}
@@ -27391,7 +27408,7 @@ index e0e6fad..2d8a9a5 100644
/*
* List of all pgd's needed for non-PAE so it can invalidate entries
-@@ -131,7 +179,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -131,7 +183,7 @@ static void pgd_dtor(pgd_t *pgd)
* -- wli
*/
@@ -27400,7 +27417,7 @@ index e0e6fad..2d8a9a5 100644
/*
* In PAE mode, we need to do a cr3 reload (=tlb flush) when
* updating the top-level pagetable entries to guarantee the
-@@ -143,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -143,7 +195,7 @@ static void pgd_dtor(pgd_t *pgd)
* not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate
* and initialize the kernel pmds here.
*/
@@ -27409,7 +27426,7 @@ index e0e6fad..2d8a9a5 100644
void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
{
-@@ -161,36 +209,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
+@@ -161,36 +213,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
*/
flush_tlb_mm(mm);
}
@@ -27459,7 +27476,7 @@ index e0e6fad..2d8a9a5 100644
return -ENOMEM;
}
-@@ -203,51 +253,56 @@ static int preallocate_pmds(pmd_t *pmds[])
+@@ -203,51 +257,56 @@ static int preallocate_pmds(pmd_t *pmds[])
* preallocate which never got a corresponding vma will need to be
* freed manually.
*/
@@ -27533,7 +27550,7 @@ index e0e6fad..2d8a9a5 100644
unsigned long flags;
pgd = (pgd_t *)__get_free_page(PGALLOC_GFP);
-@@ -257,11 +312,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -257,11 +316,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
mm->pgd = pgd;
@@ -27547,7 +27564,7 @@ index e0e6fad..2d8a9a5 100644
/*
* Make sure that pre-populating the pmds is atomic with
-@@ -271,14 +326,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -271,14 +330,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
spin_lock_irqsave(&pgd_lock, flags);
pgd_ctor(pgd);
@@ -27565,7 +27582,7 @@ index e0e6fad..2d8a9a5 100644
out_free_pgd:
free_page((unsigned long)pgd);
out:
-@@ -287,7 +342,7 @@ out:
+@@ -287,7 +346,7 @@ out:
void pgd_free(struct mm_struct *mm, pgd_t *pgd)
{
diff --git a/3.2.14/0000_README b/3.2.14/0000_README
index 470e24e..89c9544 100644
--- a/3.2.14/0000_README
+++ b/3.2.14/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9-3.2.14-201204081846.patch
+Patch: 4420_grsecurity-2.9-3.2.14-201204091728.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch b/3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch
similarity index 99%
rename from 3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch
rename to 3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch
index e79b84e..a915736 100644
--- a/3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch
+++ b/3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch
@@ -25345,10 +25345,10 @@ index 9f0614d..92ae64a 100644
p += get_opcode(p, &opcode);
for (i = 0; i < ARRAY_SIZE(imm_wop); i++)
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
-index 8573b83..01e9be7 100644
+index 8573b83..7d9628f 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
-@@ -84,10 +84,56 @@ static inline void pgd_list_del(pgd_t *pgd)
+@@ -84,10 +84,60 @@ static inline void pgd_list_del(pgd_t *pgd)
list_del(&page->lru);
}
@@ -25370,7 +25370,11 @@ index 8573b83..01e9be7 100644
+ while (count--) {
+ pgd_t pgd;
+
++#ifdef CONFIG_X86_64
+ pgd = __pgd(pgd_val(*src++) | _PAGE_USER);
++#else
++ pgd = *src++;
++#endif
+
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
+ pgd = __pgd(pgd_val(pgd) & clone_pgd_mask);
@@ -25407,7 +25411,7 @@ index 8573b83..01e9be7 100644
static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm)
{
BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm));
-@@ -128,6 +174,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -128,6 +178,7 @@ static void pgd_dtor(pgd_t *pgd)
pgd_list_del(pgd);
spin_unlock(&pgd_lock);
}
@@ -25415,7 +25419,7 @@ index 8573b83..01e9be7 100644
/*
* List of all pgd's needed for non-PAE so it can invalidate entries
-@@ -140,7 +187,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -140,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd)
* -- wli
*/
@@ -25424,7 +25428,7 @@ index 8573b83..01e9be7 100644
/*
* In PAE mode, we need to do a cr3 reload (=tlb flush) when
* updating the top-level pagetable entries to guarantee the
-@@ -152,7 +199,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -152,7 +203,7 @@ static void pgd_dtor(pgd_t *pgd)
* not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate
* and initialize the kernel pmds here.
*/
@@ -25433,7 +25437,7 @@ index 8573b83..01e9be7 100644
void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
{
-@@ -170,36 +217,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
+@@ -170,36 +221,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
*/
flush_tlb_mm(mm);
}
@@ -25483,7 +25487,7 @@ index 8573b83..01e9be7 100644
return -ENOMEM;
}
-@@ -212,51 +261,55 @@ static int preallocate_pmds(pmd_t *pmds[])
+@@ -212,51 +265,55 @@ static int preallocate_pmds(pmd_t *pmds[])
* preallocate which never got a corresponding vma will need to be
* freed manually.
*/
@@ -25556,7 +25560,7 @@ index 8573b83..01e9be7 100644
pgd = (pgd_t *)__get_free_page(PGALLOC_GFP);
-@@ -265,11 +318,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -265,11 +322,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
mm->pgd = pgd;
@@ -25570,7 +25574,7 @@ index 8573b83..01e9be7 100644
/*
* Make sure that pre-populating the pmds is atomic with
-@@ -279,14 +332,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -279,14 +336,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
spin_lock(&pgd_lock);
pgd_ctor(mm, pgd);
@@ -25588,7 +25592,7 @@ index 8573b83..01e9be7 100644
out_free_pgd:
free_page((unsigned long)pgd);
out:
-@@ -295,7 +348,7 @@ out:
+@@ -295,7 +352,7 @@ out:
void pgd_free(struct mm_struct *mm, pgd_t *pgd)
{
diff --git a/3.3.1/0000_README b/3.3.1/0000_README
index 40d542b..7b3630b 100644
--- a/3.3.1/0000_README
+++ b/3.3.1/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9-3.3.1-201204081847.patch
+Patch: 4420_grsecurity-2.9-3.3.1-201204091729.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch b/3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch
similarity index 99%
rename from 3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch
rename to 3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch
index bcf0191..50d2854 100644
--- a/3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch
+++ b/3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch
@@ -17354,6 +17354,19 @@ index d04d3ec..ea4b374 100644
return;
if (regs->sp >= curbase + sizeof(struct thread_info) +
+diff --git a/arch/x86/kernel/kdebugfs.c b/arch/x86/kernel/kdebugfs.c
+index 90fcf62..e682cdd 100644
+--- a/arch/x86/kernel/kdebugfs.c
++++ b/arch/x86/kernel/kdebugfs.c
+@@ -28,6 +28,8 @@ struct setup_data_node {
+ };
+
+ static ssize_t setup_data_read(struct file *file, char __user *user_buf,
++ size_t count, loff_t *ppos) __size_overflow(3);
++static ssize_t setup_data_read(struct file *file, char __user *user_buf,
+ size_t count, loff_t *ppos)
+ {
+ struct setup_data_node *node = file->private_data;
diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index faba577..93b9e71 100644
--- a/arch/x86/kernel/kgdb.c
@@ -25249,10 +25262,10 @@ index 9f0614d..92ae64a 100644
p += get_opcode(p, &opcode);
for (i = 0; i < ARRAY_SIZE(imm_wop); i++)
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
-index 8573b83..01e9be7 100644
+index 8573b83..7d9628f 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
-@@ -84,10 +84,56 @@ static inline void pgd_list_del(pgd_t *pgd)
+@@ -84,10 +84,60 @@ static inline void pgd_list_del(pgd_t *pgd)
list_del(&page->lru);
}
@@ -25274,7 +25287,11 @@ index 8573b83..01e9be7 100644
+ while (count--) {
+ pgd_t pgd;
+
++#ifdef CONFIG_X86_64
+ pgd = __pgd(pgd_val(*src++) | _PAGE_USER);
++#else
++ pgd = *src++;
++#endif
+
+#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
+ pgd = __pgd(pgd_val(pgd) & clone_pgd_mask);
@@ -25311,7 +25328,7 @@ index 8573b83..01e9be7 100644
static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm)
{
BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm));
-@@ -128,6 +174,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -128,6 +178,7 @@ static void pgd_dtor(pgd_t *pgd)
pgd_list_del(pgd);
spin_unlock(&pgd_lock);
}
@@ -25319,7 +25336,7 @@ index 8573b83..01e9be7 100644
/*
* List of all pgd's needed for non-PAE so it can invalidate entries
-@@ -140,7 +187,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -140,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd)
* -- wli
*/
@@ -25328,7 +25345,7 @@ index 8573b83..01e9be7 100644
/*
* In PAE mode, we need to do a cr3 reload (=tlb flush) when
* updating the top-level pagetable entries to guarantee the
-@@ -152,7 +199,7 @@ static void pgd_dtor(pgd_t *pgd)
+@@ -152,7 +203,7 @@ static void pgd_dtor(pgd_t *pgd)
* not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate
* and initialize the kernel pmds here.
*/
@@ -25337,7 +25354,7 @@ index 8573b83..01e9be7 100644
void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
{
-@@ -170,36 +217,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
+@@ -170,36 +221,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
*/
flush_tlb_mm(mm);
}
@@ -25387,7 +25404,7 @@ index 8573b83..01e9be7 100644
return -ENOMEM;
}
-@@ -212,51 +261,55 @@ static int preallocate_pmds(pmd_t *pmds[])
+@@ -212,51 +265,55 @@ static int preallocate_pmds(pmd_t *pmds[])
* preallocate which never got a corresponding vma will need to be
* freed manually.
*/
@@ -25460,7 +25477,7 @@ index 8573b83..01e9be7 100644
pgd = (pgd_t *)__get_free_page(PGALLOC_GFP);
-@@ -265,11 +318,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -265,11 +322,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
mm->pgd = pgd;
@@ -25474,7 +25491,7 @@ index 8573b83..01e9be7 100644
/*
* Make sure that pre-populating the pmds is atomic with
-@@ -279,14 +332,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -279,14 +336,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
spin_lock(&pgd_lock);
pgd_ctor(mm, pgd);
@@ -25492,7 +25509,7 @@ index 8573b83..01e9be7 100644
out_free_pgd:
free_page((unsigned long)pgd);
out:
-@@ -295,7 +348,7 @@ out:
+@@ -295,7 +352,7 @@ out:
void pgd_free(struct mm_struct *mm, pgd_t *pgd)
{
next reply other threads:[~2012-04-10 15:26 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-10 15:26 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-04-10 15:17 [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/ Anthony G. Basile
2012-04-09 13:34 Anthony G. Basile
2012-04-08 16:08 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1334071541.16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox