From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SHcxQ-00031c-93 for garchives@archives.gentoo.org; Tue, 10 Apr 2012 15:26:12 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B8E71E07B3; Tue, 10 Apr 2012 15:26:04 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 6FEA1E07B3 for ; Tue, 10 Apr 2012 15:26:04 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 88DDD1B4002 for ; Tue, 10 Apr 2012 15:26:03 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 46B89E5402 for ; Tue, 10 Apr 2012 15:26:02 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <1334071541.16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0.blueness@gentoo> Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/ X-VCS-Repository: proj/hardened-patchset X-VCS-Files: 2.6.32/0000_README 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch 3.2.14/0000_README 3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch 3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch 3.3.1/0000_README 3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch 3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch X-VCS-Directories: 3.2.14/ 2.6.32/ 3.3.1/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0 X-VCS-Branch: master Date: Tue, 10 Apr 2012 15:26:02 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 4b4f0b81-7ba7-4b5b-822a-b568d20bfef6 X-Archives-Hash: 263fe84f2750b077b2f7fc593d2f0ac5 commit: 16c0f4a1cf9b30e6cca3a4ef0a839338c67ff3a0 Author: Anthony G. Basile gentoo org> AuthorDate: Tue Apr 10 15:25:41 2012 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Tue Apr 10 15:25:41 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-patc= hset.git;a=3Dcommit;h=3D16c0f4a1 Grsec/PaX: 2.9-{2.6.32.59,3.2.14,3.3.1}-201204081846 --- 2.6.32/0000_README | 2 +- ...20_grsecurity-2.9-2.6.32.59-201204091727.patch} | 37 ++++++++++++++= ----- 3.2.14/0000_README | 2 +- ... 4420_grsecurity-2.9-3.2.14-201204091728.patch} | 24 +++++++----- 3.3.1/0000_README | 2 +- ...> 4420_grsecurity-2.9-3.3.1-201204091729.patch} | 37 ++++++++++++++= ----- 6 files changed, 71 insertions(+), 33 deletions(-) diff --git a/2.6.32/0000_README b/2.6.32/0000_README index 5165b40..0ae8b42 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch From: http://www.kernel.org Desc: Linux 2.6.32.59 =20 -Patch: 4420_grsecurity-2.9-2.6.32.59-201204081845.patch +Patch: 4420_grsecurity-2.9-2.6.32.59-201204091727.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity =20 diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch b/2.= 6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch similarity index 99% rename from 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch rename to 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch index 221682f..e32341f 100644 --- a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204081845.patch +++ b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204091727.patch @@ -19231,6 +19231,19 @@ index 7d35d0f..03f1d52 100644 /* * Shouldnt happen, we returned above if in_interrupt(): */ +diff --git a/arch/x86/kernel/kdebugfs.c b/arch/x86/kernel/kdebugfs.c +index e444357..437b4c5 100644 +--- a/arch/x86/kernel/kdebugfs.c ++++ b/arch/x86/kernel/kdebugfs.c +@@ -27,6 +27,8 @@ struct setup_data_node { + }; +=20 + static ssize_t setup_data_read(struct file *file, char __user *user_buf= , ++ size_t count, loff_t *ppos) __size_overflow(3); ++static ssize_t setup_data_read(struct file *file, char __user *user_buf= , + size_t count, loff_t *ppos) + { + struct setup_data_node *node =3D file->private_data; diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c index 8d82a77..0baf312 100644 --- a/arch/x86/kernel/kgdb.c @@ -27321,10 +27334,10 @@ index df3d5c8..c2223e1 100644 p +=3D get_opcode(p, &opcode); for (i =3D 0; i < ARRAY_SIZE(imm_wop); i++) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c -index e0e6fad..2d8a9a5 100644 +index e0e6fad..8aae04d 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c -@@ -83,9 +83,56 @@ static inline void pgd_list_del(pgd_t *pgd) +@@ -83,9 +83,60 @@ static inline void pgd_list_del(pgd_t *pgd) list_del(&page->lru); } =20 @@ -27346,7 +27359,11 @@ index e0e6fad..2d8a9a5 100644 + while (count--) { + pgd_t pgd; + ++#ifdef CONFIG_X86_64 + pgd =3D __pgd(pgd_val(*src++) | _PAGE_USER); ++#else ++ pgd =3D *src++; ++#endif + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + pgd =3D __pgd(pgd_val(pgd) & clone_pgd_mask); @@ -27383,7 +27400,7 @@ index e0e6fad..2d8a9a5 100644 static void pgd_ctor(pgd_t *pgd) { /* If the pgd points to a shared pagetable level (either the -@@ -119,6 +166,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -119,6 +170,7 @@ static void pgd_dtor(pgd_t *pgd) pgd_list_del(pgd); spin_unlock_irqrestore(&pgd_lock, flags); } @@ -27391,7 +27408,7 @@ index e0e6fad..2d8a9a5 100644 =20 /* * List of all pgd's needed for non-PAE so it can invalidate entries -@@ -131,7 +179,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -131,7 +183,7 @@ static void pgd_dtor(pgd_t *pgd) * -- wli */ =20 @@ -27400,7 +27417,7 @@ index e0e6fad..2d8a9a5 100644 /* * In PAE mode, we need to do a cr3 reload (=3Dtlb flush) when * updating the top-level pagetable entries to guarantee the -@@ -143,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -143,7 +195,7 @@ static void pgd_dtor(pgd_t *pgd) * not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate * and initialize the kernel pmds here. */ @@ -27409,7 +27426,7 @@ index e0e6fad..2d8a9a5 100644 =20 void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) { -@@ -161,36 +209,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) +@@ -161,36 +213,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) */ flush_tlb_mm(mm); } @@ -27459,7 +27476,7 @@ index e0e6fad..2d8a9a5 100644 return -ENOMEM; } =20 -@@ -203,51 +253,56 @@ static int preallocate_pmds(pmd_t *pmds[]) +@@ -203,51 +257,56 @@ static int preallocate_pmds(pmd_t *pmds[]) * preallocate which never got a corresponding vma will need to be * freed manually. */ @@ -27533,7 +27550,7 @@ index e0e6fad..2d8a9a5 100644 unsigned long flags; =20 pgd =3D (pgd_t *)__get_free_page(PGALLOC_GFP); -@@ -257,11 +312,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -257,11 +316,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) =20 mm->pgd =3D pgd; =20 @@ -27547,7 +27564,7 @@ index e0e6fad..2d8a9a5 100644 =20 /* * Make sure that pre-populating the pmds is atomic with -@@ -271,14 +326,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -271,14 +330,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) spin_lock_irqsave(&pgd_lock, flags); =20 pgd_ctor(pgd); @@ -27565,7 +27582,7 @@ index e0e6fad..2d8a9a5 100644 out_free_pgd: free_page((unsigned long)pgd); out: -@@ -287,7 +342,7 @@ out: +@@ -287,7 +346,7 @@ out: =20 void pgd_free(struct mm_struct *mm, pgd_t *pgd) { diff --git a/3.2.14/0000_README b/3.2.14/0000_README index 470e24e..89c9544 100644 --- a/3.2.14/0000_README +++ b/3.2.14/0000_README @@ -2,7 +2,7 @@ README ------------------------------------------------------------------------= ----- Individual Patch Descriptions: ------------------------------------------------------------------------= ----- -Patch: 4420_grsecurity-2.9-3.2.14-201204081846.patch +Patch: 4420_grsecurity-2.9-3.2.14-201204091728.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity =20 diff --git a/3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch b/3.2.1= 4/4420_grsecurity-2.9-3.2.14-201204091728.patch similarity index 99% rename from 3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch rename to 3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch index e79b84e..a915736 100644 --- a/3.2.14/4420_grsecurity-2.9-3.2.14-201204081846.patch +++ b/3.2.14/4420_grsecurity-2.9-3.2.14-201204091728.patch @@ -25345,10 +25345,10 @@ index 9f0614d..92ae64a 100644 p +=3D get_opcode(p, &opcode); for (i =3D 0; i < ARRAY_SIZE(imm_wop); i++) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c -index 8573b83..01e9be7 100644 +index 8573b83..7d9628f 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c -@@ -84,10 +84,56 @@ static inline void pgd_list_del(pgd_t *pgd) +@@ -84,10 +84,60 @@ static inline void pgd_list_del(pgd_t *pgd) list_del(&page->lru); } =20 @@ -25370,7 +25370,11 @@ index 8573b83..01e9be7 100644 + while (count--) { + pgd_t pgd; + ++#ifdef CONFIG_X86_64 + pgd =3D __pgd(pgd_val(*src++) | _PAGE_USER); ++#else ++ pgd =3D *src++; ++#endif + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + pgd =3D __pgd(pgd_val(pgd) & clone_pgd_mask); @@ -25407,7 +25411,7 @@ index 8573b83..01e9be7 100644 static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm) { BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm)); -@@ -128,6 +174,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -128,6 +178,7 @@ static void pgd_dtor(pgd_t *pgd) pgd_list_del(pgd); spin_unlock(&pgd_lock); } @@ -25415,7 +25419,7 @@ index 8573b83..01e9be7 100644 =20 /* * List of all pgd's needed for non-PAE so it can invalidate entries -@@ -140,7 +187,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -140,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd) * -- wli */ =20 @@ -25424,7 +25428,7 @@ index 8573b83..01e9be7 100644 /* * In PAE mode, we need to do a cr3 reload (=3Dtlb flush) when * updating the top-level pagetable entries to guarantee the -@@ -152,7 +199,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -152,7 +203,7 @@ static void pgd_dtor(pgd_t *pgd) * not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate * and initialize the kernel pmds here. */ @@ -25433,7 +25437,7 @@ index 8573b83..01e9be7 100644 =20 void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) { -@@ -170,36 +217,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) +@@ -170,36 +221,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) */ flush_tlb_mm(mm); } @@ -25483,7 +25487,7 @@ index 8573b83..01e9be7 100644 return -ENOMEM; } =20 -@@ -212,51 +261,55 @@ static int preallocate_pmds(pmd_t *pmds[]) +@@ -212,51 +265,55 @@ static int preallocate_pmds(pmd_t *pmds[]) * preallocate which never got a corresponding vma will need to be * freed manually. */ @@ -25556,7 +25560,7 @@ index 8573b83..01e9be7 100644 =20 pgd =3D (pgd_t *)__get_free_page(PGALLOC_GFP); =20 -@@ -265,11 +318,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -265,11 +322,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) =20 mm->pgd =3D pgd; =20 @@ -25570,7 +25574,7 @@ index 8573b83..01e9be7 100644 =20 /* * Make sure that pre-populating the pmds is atomic with -@@ -279,14 +332,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -279,14 +336,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) spin_lock(&pgd_lock); =20 pgd_ctor(mm, pgd); @@ -25588,7 +25592,7 @@ index 8573b83..01e9be7 100644 out_free_pgd: free_page((unsigned long)pgd); out: -@@ -295,7 +348,7 @@ out: +@@ -295,7 +352,7 @@ out: =20 void pgd_free(struct mm_struct *mm, pgd_t *pgd) { diff --git a/3.3.1/0000_README b/3.3.1/0000_README index 40d542b..7b3630b 100644 --- a/3.3.1/0000_README +++ b/3.3.1/0000_README @@ -2,7 +2,7 @@ README ------------------------------------------------------------------------= ----- Individual Patch Descriptions: ------------------------------------------------------------------------= ----- -Patch: 4420_grsecurity-2.9-3.3.1-201204081847.patch +Patch: 4420_grsecurity-2.9-3.3.1-201204091729.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity =20 diff --git a/3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch b/3.3.1/4= 420_grsecurity-2.9-3.3.1-201204091729.patch similarity index 99% rename from 3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch rename to 3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch index bcf0191..50d2854 100644 --- a/3.3.1/4420_grsecurity-2.9-3.3.1-201204081847.patch +++ b/3.3.1/4420_grsecurity-2.9-3.3.1-201204091729.patch @@ -17354,6 +17354,19 @@ index d04d3ec..ea4b374 100644 return; =20 if (regs->sp >=3D curbase + sizeof(struct thread_info) + +diff --git a/arch/x86/kernel/kdebugfs.c b/arch/x86/kernel/kdebugfs.c +index 90fcf62..e682cdd 100644 +--- a/arch/x86/kernel/kdebugfs.c ++++ b/arch/x86/kernel/kdebugfs.c +@@ -28,6 +28,8 @@ struct setup_data_node { + }; +=20 + static ssize_t setup_data_read(struct file *file, char __user *user_buf= , ++ size_t count, loff_t *ppos) __size_overflow(3); ++static ssize_t setup_data_read(struct file *file, char __user *user_buf= , + size_t count, loff_t *ppos) + { + struct setup_data_node *node =3D file->private_data; diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c index faba577..93b9e71 100644 --- a/arch/x86/kernel/kgdb.c @@ -25249,10 +25262,10 @@ index 9f0614d..92ae64a 100644 p +=3D get_opcode(p, &opcode); for (i =3D 0; i < ARRAY_SIZE(imm_wop); i++) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c -index 8573b83..01e9be7 100644 +index 8573b83..7d9628f 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c -@@ -84,10 +84,56 @@ static inline void pgd_list_del(pgd_t *pgd) +@@ -84,10 +84,60 @@ static inline void pgd_list_del(pgd_t *pgd) list_del(&page->lru); } =20 @@ -25274,7 +25287,11 @@ index 8573b83..01e9be7 100644 + while (count--) { + pgd_t pgd; + ++#ifdef CONFIG_X86_64 + pgd =3D __pgd(pgd_val(*src++) | _PAGE_USER); ++#else ++ pgd =3D *src++; ++#endif + +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + pgd =3D __pgd(pgd_val(pgd) & clone_pgd_mask); @@ -25311,7 +25328,7 @@ index 8573b83..01e9be7 100644 static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm) { BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm)); -@@ -128,6 +174,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -128,6 +178,7 @@ static void pgd_dtor(pgd_t *pgd) pgd_list_del(pgd); spin_unlock(&pgd_lock); } @@ -25319,7 +25336,7 @@ index 8573b83..01e9be7 100644 =20 /* * List of all pgd's needed for non-PAE so it can invalidate entries -@@ -140,7 +187,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -140,7 +191,7 @@ static void pgd_dtor(pgd_t *pgd) * -- wli */ =20 @@ -25328,7 +25345,7 @@ index 8573b83..01e9be7 100644 /* * In PAE mode, we need to do a cr3 reload (=3Dtlb flush) when * updating the top-level pagetable entries to guarantee the -@@ -152,7 +199,7 @@ static void pgd_dtor(pgd_t *pgd) +@@ -152,7 +203,7 @@ static void pgd_dtor(pgd_t *pgd) * not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate * and initialize the kernel pmds here. */ @@ -25337,7 +25354,7 @@ index 8573b83..01e9be7 100644 =20 void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd) { -@@ -170,36 +217,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) +@@ -170,36 +221,38 @@ void pud_populate(struct mm_struct *mm, pud_t *pud= p, pmd_t *pmd) */ flush_tlb_mm(mm); } @@ -25387,7 +25404,7 @@ index 8573b83..01e9be7 100644 return -ENOMEM; } =20 -@@ -212,51 +261,55 @@ static int preallocate_pmds(pmd_t *pmds[]) +@@ -212,51 +265,55 @@ static int preallocate_pmds(pmd_t *pmds[]) * preallocate which never got a corresponding vma will need to be * freed manually. */ @@ -25460,7 +25477,7 @@ index 8573b83..01e9be7 100644 =20 pgd =3D (pgd_t *)__get_free_page(PGALLOC_GFP); =20 -@@ -265,11 +318,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -265,11 +322,11 @@ pgd_t *pgd_alloc(struct mm_struct *mm) =20 mm->pgd =3D pgd; =20 @@ -25474,7 +25491,7 @@ index 8573b83..01e9be7 100644 =20 /* * Make sure that pre-populating the pmds is atomic with -@@ -279,14 +332,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) +@@ -279,14 +336,14 @@ pgd_t *pgd_alloc(struct mm_struct *mm) spin_lock(&pgd_lock); =20 pgd_ctor(mm, pgd); @@ -25492,7 +25509,7 @@ index 8573b83..01e9be7 100644 out_free_pgd: free_page((unsigned long)pgd); out: -@@ -295,7 +348,7 @@ out: +@@ -295,7 +352,7 @@ out: =20 void pgd_free(struct mm_struct *mm, pgd_t *pgd) {