* [gentoo-commits] proj/hardened-patchset:master commit in: 3.14.3/, 3.2.58/
@ 2014-05-10 16:27 Anthony G. Basile
0 siblings, 0 replies; 3+ messages in thread
From: Anthony G. Basile @ 2014-05-10 16:27 UTC (permalink / raw
To: gentoo-commits
commit: 080fcb7ea019d5794996859a1e45a83006b6bf41
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sat May 10 16:28:55 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat May 10 16:28:55 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=080fcb7e
Grsec/PaX: 3.0-{3.2.58,3.14.3}-201405092337
---
3.14.3/0000_README | 2 +-
... 4420_grsecurity-3.0-3.14.3-201405092337.patch} | 116 ++++++++++++++++++++-
3.2.58/0000_README | 2 +-
... 4420_grsecurity-3.0-3.2.58-201405092334.patch} | 52 ++++++++-
4 files changed, 162 insertions(+), 10 deletions(-)
diff --git a/3.14.3/0000_README b/3.14.3/0000_README
index 51d9a7e..108ad48 100644
--- a/3.14.3/0000_README
+++ b/3.14.3/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.14.3-201405071928.patch
+Patch: 4420_grsecurity-3.0-3.14.3-201405092337.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.3/4420_grsecurity-3.0-3.14.3-201405071928.patch b/3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch
similarity index 99%
rename from 3.14.3/4420_grsecurity-3.0-3.14.3-201405071928.patch
rename to 3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch
index b5d0cff..4e0c19f 100644
--- a/3.14.3/4420_grsecurity-3.0-3.14.3-201405071928.patch
+++ b/3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch
@@ -7487,6 +7487,18 @@ index 4006964..fcb3cc2 100644
ret = __copy_from_user(to, from, n);
else
copy_from_user_overflow();
+diff --git a/arch/parisc/include/uapi/asm/resource.h b/arch/parisc/include/uapi/asm/resource.h
+index 8b06343..090483c 100644
+--- a/arch/parisc/include/uapi/asm/resource.h
++++ b/arch/parisc/include/uapi/asm/resource.h
+@@ -1,7 +1,6 @@
+ #ifndef _ASM_PARISC_RESOURCE_H
+ #define _ASM_PARISC_RESOURCE_H
+
+-#define _STK_LIM_MAX 10 * _STK_LIM
+ #include <asm-generic/resource.h>
+
+ #endif
diff --git a/arch/parisc/kernel/module.c b/arch/parisc/kernel/module.c
index 50dfafc..b9fc230 100644
--- a/arch/parisc/kernel/module.c
@@ -37847,6 +37859,44 @@ index d073305..4998fea 100644
static struct asender_cmd asender_tbl[] = {
[P_PING] = { 0, got_Ping },
+diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c
+index 2023043..dab515c 100644
+--- a/drivers/block/floppy.c
++++ b/drivers/block/floppy.c
+@@ -3053,7 +3053,10 @@ static int raw_cmd_copyout(int cmd, void __user *param,
+ int ret;
+
+ while (ptr) {
+- ret = copy_to_user(param, ptr, sizeof(*ptr));
++ struct floppy_raw_cmd cmd = *ptr;
++ cmd.next = NULL;
++ cmd.kernel_data = NULL;
++ ret = copy_to_user(param, &cmd, sizeof(cmd));
+ if (ret)
+ return -EFAULT;
+ param += sizeof(struct floppy_raw_cmd);
+@@ -3107,10 +3110,11 @@ loop:
+ return -ENOMEM;
+ *rcmd = ptr;
+ ret = copy_from_user(ptr, param, sizeof(*ptr));
+- if (ret)
+- return -EFAULT;
+ ptr->next = NULL;
+ ptr->buffer_length = 0;
++ ptr->kernel_data = NULL;
++ if (ret)
++ return -EFAULT;
+ param += sizeof(struct floppy_raw_cmd);
+ if (ptr->cmd_count > 33)
+ /* the command may now also take up the space
+@@ -3126,7 +3130,6 @@ loop:
+ for (i = 0; i < 16; i++)
+ ptr->reply[i] = 0;
+ ptr->resultcode = 0;
+- ptr->kernel_data = NULL;
+
+ if (ptr->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
+ if (ptr->length <= 0)
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index 66e8c3b..9b68dd9 100644
--- a/drivers/block/loop.c
@@ -38115,10 +38165,18 @@ index a48e05b..6bac831 100644
kfree(usegment);
kfree(ksegment);
diff --git a/drivers/char/agp/frontend.c b/drivers/char/agp/frontend.c
-index 1b19239..b87b143 100644
+index 1b19239..963967b 100644
--- a/drivers/char/agp/frontend.c
+++ b/drivers/char/agp/frontend.c
-@@ -819,7 +819,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
+@@ -731,6 +731,7 @@ static int agpioc_info_wrap(struct agp_file_private *priv, void __user *arg)
+
+ agp_copy_info(agp_bridge, &kerninfo);
+
++ memset(&userinfo, 0, sizeof(userinfo));
+ userinfo.version.major = kerninfo.version.major;
+ userinfo.version.minor = kerninfo.version.minor;
+ userinfo.bridge_id = kerninfo.device->vendor |
+@@ -819,7 +820,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
if (copy_from_user(&reserve, arg, sizeof(struct agp_region)))
return -EFAULT;
@@ -38127,7 +38185,7 @@ index 1b19239..b87b143 100644
return -EFAULT;
client = agp_find_client_by_pid(reserve.pid);
-@@ -849,7 +849,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
+@@ -849,7 +850,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
if (segment == NULL)
return -ENOMEM;
@@ -46235,6 +46293,19 @@ index 26f8635..c237839 100644
if (cmd == TUNSETIFF || cmd == TUNSETQUEUE || _IOC_TYPE(cmd) == 0x89) {
if (copy_from_user(&ifr, argp, ifreq_len))
return -EFAULT;
+diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c
+index d350d27..75d7d9d 100644
+--- a/drivers/net/usb/cdc_ncm.c
++++ b/drivers/net/usb/cdc_ncm.c
+@@ -768,7 +768,7 @@ cdc_ncm_fill_tx_frame(struct usbnet *dev, struct sk_buff *skb, __le32 sign)
+ skb_out->len > CDC_NCM_MIN_TX_PKT)
+ memset(skb_put(skb_out, ctx->tx_max - skb_out->len), 0,
+ ctx->tx_max - skb_out->len);
+- else if ((skb_out->len % dev->maxpacket) == 0)
++ else if (skb_out->len < ctx->tx_max && (skb_out->len % dev->maxpacket) == 0)
+ *skb_put(skb_out, 1) = 0; /* force short packet */
+
+ /* set final frame length */
diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c
index 660bd5e..ac59452 100644
--- a/drivers/net/usb/hso.c
@@ -55838,6 +55909,19 @@ index 370b24c..ff0be7b 100644
---help---
A.out (Assembler.OUTput) is a set of formats for libraries and
executables used in the earliest versions of UNIX. Linux used
+diff --git a/fs/affs/super.c b/fs/affs/super.c
+index d098731..9a5b19d 100644
+--- a/fs/affs/super.c
++++ b/fs/affs/super.c
+@@ -336,8 +336,6 @@ static int affs_fill_super(struct super_block *sb, void *data, int silent)
+ &blocksize,&sbi->s_prefix,
+ sbi->s_volume, &mount_flags)) {
+ printk(KERN_ERR "AFFS: Error parsing options\n");
+- kfree(sbi->s_prefix);
+- kfree(sbi);
+ return -EINVAL;
+ }
+ /* N.B. after this point s_prefix must be released */
diff --git a/fs/afs/inode.c b/fs/afs/inode.c
index ce25d75..dc09eeb 100644
--- a/fs/afs/inode.c
@@ -55861,7 +55945,7 @@ index ce25d75..dc09eeb 100644
&data);
if (!inode) {
diff --git a/fs/aio.c b/fs/aio.c
-index 062a5f6..e5618e0 100644
+index 062a5f6..6ecefa2 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -374,7 +374,7 @@ static int aio_setup_ring(struct kioctx *ctx)
@@ -55873,6 +55957,19 @@ index 062a5f6..e5618e0 100644
return -EINVAL;
file = aio_private_file(ctx, nr_pages);
+@@ -1285,10 +1285,8 @@ rw_common:
+ &iovec, compat)
+ : aio_setup_single_vector(req, rw, buf, &nr_segs,
+ iovec);
+- if (ret)
+- return ret;
+-
+- ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
++ if (!ret)
++ ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
+ if (ret < 0) {
+ if (iovec != &inline_vec)
+ kfree(iovec);
diff --git a/fs/attr.c b/fs/attr.c
index 5d4e59d..fd02418 100644
--- a/fs/attr.c
@@ -62228,7 +62325,7 @@ index a80a741..7b96e1b 100644
}
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
-index 287a22c..a2a043a 100644
+index 287a22c..4e56e4e 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -251,8 +251,8 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
@@ -62242,6 +62339,15 @@ index 287a22c..a2a043a 100644
goto out_close_fd;
ret = prepare_for_access_response(group, event, fd);
+@@ -742,6 +742,8 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)
+ oevent->path.mnt = NULL;
+ oevent->path.dentry = NULL;
+
++ if (force_o_largefile())
++ event_f_flags |= O_LARGEFILE;
+ group->fanotify_data.f_flags = event_f_flags;
+ #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
+ oevent->response = 0;
diff --git a/fs/notify/notification.c b/fs/notify/notification.c
index 1e58402..bb2d6f4 100644
--- a/fs/notify/notification.c
diff --git a/3.2.58/0000_README b/3.2.58/0000_README
index f10476b..df97a0f 100644
--- a/3.2.58/0000_README
+++ b/3.2.58/0000_README
@@ -150,7 +150,7 @@ Patch: 1057_linux-3.2.58.patch
From: http://www.kernel.org
Desc: Linux 3.2.58
-Patch: 4420_grsecurity-3.0-3.2.58-201405061705.patch
+Patch: 4420_grsecurity-3.0-3.2.58-201405092334.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.58/4420_grsecurity-3.0-3.2.58-201405061705.patch b/3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch
similarity index 99%
rename from 3.2.58/4420_grsecurity-3.0-3.2.58-201405061705.patch
rename to 3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch
index fab7860..4f95c38 100644
--- a/3.2.58/4420_grsecurity-3.0-3.2.58-201405061705.patch
+++ b/3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch
@@ -34158,6 +34158,44 @@ index 13cbdd3..d374957 100644
static struct asender_cmd *get_asender_cmd(int cmd)
{
+diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c
+index 7a90d4a..6d0f3e1 100644
+--- a/drivers/block/floppy.c
++++ b/drivers/block/floppy.c
+@@ -3060,7 +3060,10 @@ static int raw_cmd_copyout(int cmd, void __user *param,
+ int ret;
+
+ while (ptr) {
+- ret = copy_to_user(param, ptr, sizeof(*ptr));
++ struct floppy_raw_cmd cmd = *ptr;
++ cmd.next = NULL;
++ cmd.kernel_data = NULL;
++ ret = copy_to_user(param, &cmd, sizeof(cmd));
+ if (ret)
+ return -EFAULT;
+ param += sizeof(struct floppy_raw_cmd);
+@@ -3114,10 +3117,11 @@ loop:
+ return -ENOMEM;
+ *rcmd = ptr;
+ ret = copy_from_user(ptr, param, sizeof(*ptr));
+- if (ret)
+- return -EFAULT;
+ ptr->next = NULL;
+ ptr->buffer_length = 0;
++ ptr->kernel_data = NULL;
++ if (ret)
++ return -EFAULT;
+ param += sizeof(struct floppy_raw_cmd);
+ if (ptr->cmd_count > 33)
+ /* the command may now also take up the space
+@@ -3133,7 +3137,6 @@ loop:
+ for (i = 0; i < 16; i++)
+ ptr->reply[i] = 0;
+ ptr->resultcode = 0;
+- ptr->kernel_data = NULL;
+
+ if (ptr->flags & (FD_RAW_READ | FD_RAW_WRITE)) {
+ if (ptr->length <= 0)
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index d659135..45fe633 100644
--- a/drivers/block/loop.c
@@ -34367,10 +34405,18 @@ index a48e05b..6bac831 100644
kfree(usegment);
kfree(ksegment);
diff --git a/drivers/char/agp/frontend.c b/drivers/char/agp/frontend.c
-index 2e04433..771f2cc 100644
+index 2e04433..3b8afe7 100644
--- a/drivers/char/agp/frontend.c
+++ b/drivers/char/agp/frontend.c
-@@ -817,7 +817,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
+@@ -729,6 +729,7 @@ static int agpioc_info_wrap(struct agp_file_private *priv, void __user *arg)
+
+ agp_copy_info(agp_bridge, &kerninfo);
+
++ memset(&userinfo, 0, sizeof(userinfo));
+ userinfo.version.major = kerninfo.version.major;
+ userinfo.version.minor = kerninfo.version.minor;
+ userinfo.bridge_id = kerninfo.device->vendor |
+@@ -817,7 +818,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
if (copy_from_user(&reserve, arg, sizeof(struct agp_region)))
return -EFAULT;
@@ -34379,7 +34425,7 @@ index 2e04433..771f2cc 100644
return -EFAULT;
client = agp_find_client_by_pid(reserve.pid);
-@@ -847,7 +847,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
+@@ -847,7 +848,7 @@ static int agpioc_reserve_wrap(struct agp_file_private *priv, void __user *arg)
if (segment == NULL)
return -ENOMEM;
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] proj/hardened-patchset:master commit in: 3.14.3/, 3.2.58/
@ 2014-05-11 11:53 Anthony G. Basile
0 siblings, 0 replies; 3+ messages in thread
From: Anthony G. Basile @ 2014-05-11 11:53 UTC (permalink / raw
To: gentoo-commits
commit: c93aa17d5126ba7c50c7e204d699491674712983
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun May 11 11:55:06 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun May 11 11:55:06 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=c93aa17d
Grsec/PaX: 3.0-{3.2.58,3.14.3}-201405101947
---
3.14.3/0000_README | 2 +-
... 4420_grsecurity-3.0-3.14.3-201405101947.patch} | 203 +++++++++++++----
3.2.58/0000_README | 2 +-
... 4420_grsecurity-3.0-3.2.58-201405101946.patch} | 242 ++++++++++++++++++---
4 files changed, 368 insertions(+), 81 deletions(-)
diff --git a/3.14.3/0000_README b/3.14.3/0000_README
index 108ad48..4ea0a4a 100644
--- a/3.14.3/0000_README
+++ b/3.14.3/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.14.3-201405092337.patch
+Patch: 4420_grsecurity-3.0-3.14.3-201405101947.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch b/3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch
similarity index 99%
rename from 3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch
rename to 3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch
index 4e0c19f..d17eca9 100644
--- a/3.14.3/4420_grsecurity-3.0-3.14.3-201405092337.patch
+++ b/3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch
@@ -6784,7 +6784,7 @@ index 44a1f79..2bd6aa3 100644
void __init gt641xx_irq_init(void)
diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c
-index d1fea7a..45602ea 100644
+index d1fea7a..2e591b0 100644
--- a/arch/mips/kernel/irq.c
+++ b/arch/mips/kernel/irq.c
@@ -77,17 +77,17 @@ void ack_bad_irq(unsigned int irq)
@@ -6808,6 +6808,25 @@ index d1fea7a..45602ea 100644
}
void __init init_IRQ(void)
+@@ -110,7 +110,10 @@ void __init init_IRQ(void)
+ #endif
+ }
+
++
+ #ifdef DEBUG_STACKOVERFLOW
++extern void gr_handle_kernel_exploit(void);
++
+ static inline void check_stack_overflow(void)
+ {
+ unsigned long sp;
+@@ -126,6 +129,7 @@ static inline void check_stack_overflow(void)
+ printk("do_IRQ: stack overflow: %ld\n",
+ sp - sizeof(struct thread_info));
+ dump_stack();
++ gr_handle_kernel_exploit();
+ }
+ }
+ #else
diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c
index 6ae540e..b7396dc 100644
--- a/arch/mips/kernel/process.c
@@ -8435,6 +8454,27 @@ index 38d5073..f00af8d 100644
mr r5,r3
addi r3,r1,STACK_FRAME_OVERHEAD
lwz r4,_DAR(r1)
+diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c
+index 1d0848b..d74685f 100644
+--- a/arch/powerpc/kernel/irq.c
++++ b/arch/powerpc/kernel/irq.c
+@@ -447,6 +447,8 @@ void migrate_irqs(void)
+ }
+ #endif
+
++extern void gr_handle_kernel_exploit(void);
++
+ static inline void check_stack_overflow(void)
+ {
+ #ifdef CONFIG_DEBUG_STACKOVERFLOW
+@@ -459,6 +461,7 @@ static inline void check_stack_overflow(void)
+ printk("do_IRQ: stack overflow: %ld\n",
+ sp - sizeof(struct thread_info));
+ dump_stack();
++ gr_handle_kernel_exploit();
+ }
+ #endif
+ }
diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c
index 6cff040..74ac5d1 100644
--- a/arch/powerpc/kernel/module_32.c
@@ -21668,7 +21708,7 @@ index d9c12d3..7858b62 100644
if (__die(str, regs, err))
diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
-index f2a1770..540657f 100644
+index f2a1770..10fa52d 100644
--- a/arch/x86/kernel/dumpstack_32.c
+++ b/arch/x86/kernel/dumpstack_32.c
@@ -38,15 +38,13 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,
@@ -21746,7 +21786,7 @@ index f2a1770..540657f 100644
return ud2 == 0x0b0f;
}
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)
+void pax_check_alloca(unsigned long size)
+{
+ unsigned long sp = (unsigned long)&sp, stack_left;
@@ -21758,7 +21798,7 @@ index f2a1770..540657f 100644
+EXPORT_SYMBOL(pax_check_alloca);
+#endif
diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c
-index addb207..99635fa 100644
+index addb207..921706b 100644
--- a/arch/x86/kernel/dumpstack_64.c
+++ b/arch/x86/kernel/dumpstack_64.c
@@ -119,9 +119,9 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,
@@ -21827,7 +21867,7 @@ index addb207..99635fa 100644
return ud2 == 0x0b0f;
}
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)
+void pax_check_alloca(unsigned long size)
+{
+ unsigned long sp = (unsigned long)&sp, stack_start, stack_end;
@@ -24891,10 +24931,19 @@ index d99f31d..1c0f466 100644
}
diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c
-index d7fcbed..1f747f7 100644
+index d7fcbed..96e715a 100644
--- a/arch/x86/kernel/irq_32.c
+++ b/arch/x86/kernel/irq_32.c
-@@ -39,7 +39,7 @@ static int check_stack_overflow(void)
+@@ -29,6 +29,8 @@ EXPORT_PER_CPU_SYMBOL(irq_regs);
+
+ #ifdef CONFIG_DEBUG_STACKOVERFLOW
+
++extern void gr_handle_kernel_exploit(void);
++
+ int sysctl_panic_on_stackoverflow __read_mostly;
+
+ /* Debugging check for stack overflow: is there less than 1KB free? */
+@@ -39,13 +41,14 @@ static int check_stack_overflow(void)
__asm__ __volatile__("andl %%esp,%0" :
"=r" (sp) : "0" (THREAD_SIZE - 1));
@@ -24903,7 +24952,14 @@ index d7fcbed..1f747f7 100644
}
static void print_stack_overflow(void)
-@@ -59,8 +59,8 @@ static inline void print_stack_overflow(void) { }
+ {
+ printk(KERN_WARNING "low stack detected by irq handler\n");
+ dump_stack();
++ gr_handle_kernel_exploit();
+ if (sysctl_panic_on_stackoverflow)
+ panic("low stack detected by irq handler - check messages\n");
+ }
+@@ -59,8 +62,8 @@ static inline void print_stack_overflow(void) { }
* per-CPU IRQ handling contexts (thread information and stack)
*/
union irq_ctx {
@@ -24914,7 +24970,7 @@ index d7fcbed..1f747f7 100644
} __attribute__((aligned(THREAD_SIZE)));
static DEFINE_PER_CPU(union irq_ctx *, hardirq_ctx);
-@@ -80,10 +80,9 @@ static void call_on_stack(void *func, void *stack)
+@@ -80,10 +83,9 @@ static void call_on_stack(void *func, void *stack)
static inline int
execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
{
@@ -24926,7 +24982,7 @@ index d7fcbed..1f747f7 100644
irqctx = __this_cpu_read(hardirq_ctx);
/*
-@@ -92,13 +91,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -92,13 +94,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
* handler) we can't do that and just have to keep using the
* current stack (which is the irq stack already after all)
*/
@@ -24947,7 +25003,7 @@ index d7fcbed..1f747f7 100644
if (unlikely(overflow))
call_on_stack(print_stack_overflow, isp);
-@@ -110,6 +112,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -110,6 +115,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
: "0" (irq), "1" (desc), "2" (isp),
"D" (desc->handle_irq)
: "memory", "cc", "ecx");
@@ -24959,7 +25015,7 @@ index d7fcbed..1f747f7 100644
return 1;
}
-@@ -118,48 +125,34 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -118,48 +128,34 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
*/
void irq_ctx_init(int cpu)
{
@@ -25021,7 +25077,7 @@ index d7fcbed..1f747f7 100644
}
bool handle_irq(unsigned irq, struct pt_regs *regs)
-@@ -173,7 +166,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs)
+@@ -173,7 +169,7 @@ bool handle_irq(unsigned irq, struct pt_regs *regs)
if (unlikely(!desc))
return false;
@@ -25031,10 +25087,19 @@ index d7fcbed..1f747f7 100644
print_stack_overflow();
desc->handle_irq(irq, desc);
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
-index 4d1c746..232961d 100644
+index 4d1c746..55a22d6 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
-@@ -44,7 +44,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
+@@ -26,6 +26,8 @@ EXPORT_PER_CPU_SYMBOL(irq_stat);
+ DEFINE_PER_CPU(struct pt_regs *, irq_regs);
+ EXPORT_PER_CPU_SYMBOL(irq_regs);
+
++extern void gr_handle_kernel_exploit(void);
++
+ int sysctl_panic_on_stackoverflow;
+
+ /*
+@@ -44,7 +46,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
u64 estack_top, estack_bottom;
u64 curbase = (u64)task_stack_page(current);
@@ -25043,6 +25108,15 @@ index 4d1c746..232961d 100644
return;
if (regs->sp >= curbase + sizeof(struct thread_info) +
+@@ -69,6 +71,8 @@ static inline void stack_overflow_check(struct pt_regs *regs)
+ irq_stack_top, irq_stack_bottom,
+ estack_top, estack_bottom);
+
++ gr_handle_kernel_exploit();
++
+ if (sysctl_panic_on_stackoverflow)
+ panic("low stack detected by irq handler - check messages\n");
+ #endif
diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c
index 26d5a55..a01160a 100644
--- a/arch/x86/kernel/jump_label.c
@@ -58399,7 +58473,7 @@ index e4141f2..d8263e8 100644
i += packet_length_size;
if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
diff --git a/fs/exec.c b/fs/exec.c
-index 3d78fcc..5a38b6b 100644
+index 3d78fcc..460e2a0 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -55,8 +55,20 @@
@@ -58882,7 +58956,7 @@ index 3d78fcc..5a38b6b 100644
out:
if (bprm->mm) {
acct_arg_size(bprm, 0);
-@@ -1626,3 +1800,295 @@ asmlinkage long compat_sys_execve(const char __user * filename,
+@@ -1626,3 +1800,296 @@ asmlinkage long compat_sys_execve(const char __user * filename,
return compat_do_execve(getname(filename), argv, envp);
}
#endif
@@ -59099,6 +59173,7 @@ index 3d78fcc..5a38b6b 100644
+#endif
+
+#ifdef CONFIG_PAX_USERCOPY
++
+static inline bool check_kernel_text_object(unsigned long low, unsigned long high)
+{
+#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC)
@@ -64219,7 +64294,7 @@ index 87dbcbe..55e1b4d 100644
}
diff --git a/fs/proc/stat.c b/fs/proc/stat.c
-index 6f599c6..8f4644f 100644
+index 6f599c6..bd00271 100644
--- a/fs/proc/stat.c
+++ b/fs/proc/stat.c
@@ -11,6 +11,7 @@
@@ -64249,34 +64324,63 @@ index 6f599c6..8f4644f 100644
user = nice = system = idle = iowait =
irq = softirq = steal = 0;
-@@ -94,6 +107,7 @@ static int show_stat(struct seq_file *p, void *v)
- getboottime(&boottime);
- jif = boottime.tv_sec;
-
-+ if (unrestricted) {
- for_each_possible_cpu(i) {
- user += kcpustat_cpu(i).cpustat[CPUTIME_USER];
+@@ -99,23 +112,25 @@ static int show_stat(struct seq_file *p, void *v)
nice += kcpustat_cpu(i).cpustat[CPUTIME_NICE];
-@@ -116,6 +130,7 @@ static int show_stat(struct seq_file *p, void *v)
+ system += kcpustat_cpu(i).cpustat[CPUTIME_SYSTEM];
+ idle += get_idle_time(i);
+- iowait += get_iowait_time(i);
+- irq += kcpustat_cpu(i).cpustat[CPUTIME_IRQ];
+- softirq += kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ];
+- steal += kcpustat_cpu(i).cpustat[CPUTIME_STEAL];
+- guest += kcpustat_cpu(i).cpustat[CPUTIME_GUEST];
+- guest_nice += kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE];
+- sum += kstat_cpu_irqs_sum(i);
+- sum += arch_irq_stat_cpu(i);
++ if (unrestricted) {
++ iowait += get_iowait_time(i);
++ irq += kcpustat_cpu(i).cpustat[CPUTIME_IRQ];
++ softirq += kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ];
++ steal += kcpustat_cpu(i).cpustat[CPUTIME_STEAL];
++ guest += kcpustat_cpu(i).cpustat[CPUTIME_GUEST];
++ guest_nice += kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE];
++ sum += kstat_cpu_irqs_sum(i);
++ sum += arch_irq_stat_cpu(i);
++ for (j = 0; j < NR_SOFTIRQS; j++) {
++ unsigned int softirq_stat = kstat_softirqs_cpu(j, i);
+
+- for (j = 0; j < NR_SOFTIRQS; j++) {
+- unsigned int softirq_stat = kstat_softirqs_cpu(j, i);
+-
+- per_softirq_sums[j] += softirq_stat;
+- sum_softirq += softirq_stat;
++ per_softirq_sums[j] += softirq_stat;
++ sum_softirq += softirq_stat;
++ }
}
}
- sum += arch_irq_stat();
-+ }
+- sum += arch_irq_stat();
++ if (unrestricted)
++ sum += arch_irq_stat();
seq_puts(p, "cpu ");
seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user));
-@@ -131,6 +146,7 @@ static int show_stat(struct seq_file *p, void *v)
- seq_putc(p, '\n');
-
- for_each_online_cpu(i) {
-+ if (unrestricted) {
- /* Copy values here to work around gcc-2.95.3, gcc-2.96 */
- user = kcpustat_cpu(i).cpustat[CPUTIME_USER];
+@@ -136,12 +151,14 @@ static int show_stat(struct seq_file *p, void *v)
nice = kcpustat_cpu(i).cpustat[CPUTIME_NICE];
-@@ -142,6 +158,7 @@ static int show_stat(struct seq_file *p, void *v)
- steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL];
- guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST];
- guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE];
+ system = kcpustat_cpu(i).cpustat[CPUTIME_SYSTEM];
+ idle = get_idle_time(i);
+- iowait = get_iowait_time(i);
+- irq = kcpustat_cpu(i).cpustat[CPUTIME_IRQ];
+- softirq = kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ];
+- steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL];
+- guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST];
+- guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE];
++ if (unrestricted) {
++ iowait = get_iowait_time(i);
++ irq = kcpustat_cpu(i).cpustat[CPUTIME_IRQ];
++ softirq = kcpustat_cpu(i).cpustat[CPUTIME_SOFTIRQ];
++ steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL];
++ guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST];
++ guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE];
+ }
seq_printf(p, "cpu%d", i);
seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user));
@@ -82480,16 +82584,26 @@ index 387fa7d..3fcde6b 100644
#ifdef CONFIG_MAGIC_SYSRQ
diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h
-index fddbe20..0312de8 100644
+index fddbe20..e4cce53 100644
--- a/include/linux/thread_info.h
+++ b/include/linux/thread_info.h
-@@ -161,6 +161,15 @@ static inline bool test_and_clear_restore_sigmask(void)
+@@ -161,6 +161,25 @@ static inline bool test_and_clear_restore_sigmask(void)
#error "no set_restore_sigmask() provided and default one won't work"
#endif
+extern void __check_object_size(const void *ptr, unsigned long n, bool to_user);
++
++#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY)
++extern void pax_check_alloca(unsigned long size);
++#endif
++
+static inline void check_object_size(const void *ptr, unsigned long n, bool to_user)
+{
++#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY)
++ /* always check if we've overflowed the stack in a copy*user */
++ pax_check_alloca(sizeof(unsigned long));
++#endif
++
+#ifndef CONFIG_PAX_USERCOPY_DEBUG
+ if (!__builtin_constant_p(n))
+#endif
@@ -103516,10 +103630,10 @@ index 8fac3fd..32ff38d 100644
unsigned int secindex_strings;
diff --git a/security/Kconfig b/security/Kconfig
-index beb86b5..1ea5a01 100644
+index beb86b5..55198cd 100644
--- a/security/Kconfig
+++ b/security/Kconfig
-@@ -4,6 +4,960 @@
+@@ -4,6 +4,961 @@
menu "Security options"
@@ -103556,6 +103670,7 @@ index beb86b5..1ea5a01 100644
+ select TTY
+ select DEBUG_KERNEL
+ select DEBUG_LIST
++ select DEBUG_STACKOVERFLOW if HAVE_DEBUG_STACKOVERFLOW
+ help
+ If you say Y here, you will be able to configure many features
+ that will enhance the security of your system. It is highly
@@ -104480,7 +104595,7 @@ index beb86b5..1ea5a01 100644
source security/keys/Kconfig
config SECURITY_DMESG_RESTRICT
-@@ -103,7 +1057,7 @@ config INTEL_TXT
+@@ -103,7 +1058,7 @@ config INTEL_TXT
config LSM_MMAP_MIN_ADDR
int "Low address space for LSM to protect from user allocation"
depends on SECURITY && SECURITY_SELINUX
diff --git a/3.2.58/0000_README b/3.2.58/0000_README
index df97a0f..ad7286d 100644
--- a/3.2.58/0000_README
+++ b/3.2.58/0000_README
@@ -150,7 +150,7 @@ Patch: 1057_linux-3.2.58.patch
From: http://www.kernel.org
Desc: Linux 3.2.58
-Patch: 4420_grsecurity-3.0-3.2.58-201405092334.patch
+Patch: 4420_grsecurity-3.0-3.2.58-201405101946.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch b/3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch
similarity index 99%
rename from 3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch
rename to 3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch
index 4f95c38..ed3fd8f 100644
--- a/3.2.58/4420_grsecurity-3.0-3.2.58-201405092334.patch
+++ b/3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch
@@ -4059,6 +4059,29 @@ index 883fc6c..28c0acd 100644
}
void __init gt641xx_irq_init(void)
+diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c
+index 7f50318..20685b9 100644
+--- a/arch/mips/kernel/irq.c
++++ b/arch/mips/kernel/irq.c
+@@ -111,7 +111,10 @@ void __init init_IRQ(void)
+ #endif
+ }
+
++
+ #ifdef DEBUG_STACKOVERFLOW
++extern void gr_handle_kernel_exploit(void);
++
+ static inline void check_stack_overflow(void)
+ {
+ unsigned long sp;
+@@ -127,6 +130,7 @@ static inline void check_stack_overflow(void)
+ printk("do_IRQ: stack overflow: %ld\n",
+ sp - sizeof(struct thread_info));
+ dump_stack();
++ gr_handle_kernel_exploit();
+ }
+ }
+ #else
diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c
index bf128d7..bc244d6 100644
--- a/arch/mips/kernel/process.c
@@ -5731,10 +5754,27 @@ index 8c3baa0..4d8c6f1 100644
addi r3,r1,STACK_FRAME_OVERHEAD
lwz r4,_DAR(r1)
diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c
-index 745c1e7..59d97a6 100644
+index 745c1e7..d231072 100644
--- a/arch/powerpc/kernel/irq.c
+++ b/arch/powerpc/kernel/irq.c
-@@ -547,9 +547,6 @@ struct irq_host *irq_alloc_host(struct device_node *of_node,
+@@ -324,6 +324,8 @@ static inline void handle_one_irq(unsigned int irq)
+ set_bits(irqtp->flags, &curtp->flags);
+ }
+
++extern void gr_handle_kernel_exploit(void);
++
+ static inline void check_stack_overflow(void)
+ {
+ #ifdef CONFIG_DEBUG_STACKOVERFLOW
+@@ -336,6 +338,7 @@ static inline void check_stack_overflow(void)
+ printk("do_IRQ: stack overflow: %ld\n",
+ sp - sizeof(struct thread_info));
+ dump_stack();
++ gr_handle_kernel_exploit();
+ }
+ #endif
+ }
+@@ -547,9 +550,6 @@ struct irq_host *irq_alloc_host(struct device_node *of_node,
host->ops = ops;
host->of_node = of_node_get(of_node);
@@ -5744,7 +5784,7 @@ index 745c1e7..59d97a6 100644
raw_spin_lock_irqsave(&irq_big_lock, flags);
/* If it's a legacy controller, check for duplicates and
-@@ -622,7 +619,12 @@ struct irq_host *irq_find_host(struct device_node *node)
+@@ -622,7 +622,12 @@ struct irq_host *irq_find_host(struct device_node *node)
*/
raw_spin_lock_irqsave(&irq_big_lock, flags);
list_for_each_entry(h, &irq_hosts, link)
@@ -18092,7 +18132,7 @@ index 1aae78f..138ca1b 100644
if (__die(str, regs, err))
diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
-index c99f9ed..025ebd3 100644
+index c99f9ed..76cf602 100644
--- a/arch/x86/kernel/dumpstack_32.c
+++ b/arch/x86/kernel/dumpstack_32.c
@@ -38,15 +38,13 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,
@@ -18163,7 +18203,7 @@ index c99f9ed..025ebd3 100644
return ud2 == 0x0b0f;
}
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)
+void pax_check_alloca(unsigned long size)
+{
+ unsigned long sp = (unsigned long)&sp, stack_left;
@@ -18175,7 +18215,7 @@ index c99f9ed..025ebd3 100644
+EXPORT_SYMBOL(pax_check_alloca);
+#endif
diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c
-index 6d728d9..80f1867 100644
+index 6d728d9..c4c40f5 100644
--- a/arch/x86/kernel/dumpstack_64.c
+++ b/arch/x86/kernel/dumpstack_64.c
@@ -119,9 +119,9 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,
@@ -18253,7 +18293,7 @@ index 6d728d9..80f1867 100644
return ud2 == 0x0b0f;
}
+
-+#ifdef CONFIG_PAX_MEMORY_STACKLEAK
++#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)
+void pax_check_alloca(unsigned long size)
+{
+ unsigned long sp = (unsigned long)&sp, stack_start, stack_end;
@@ -21138,10 +21178,20 @@ index 687637b..3e626d9 100644
}
diff --git a/arch/x86/kernel/irq_32.c b/arch/x86/kernel/irq_32.c
-index 7209070..cbcd71a 100644
+index 7209070..ada4d63 100644
--- a/arch/x86/kernel/irq_32.c
+++ b/arch/x86/kernel/irq_32.c
-@@ -36,7 +36,7 @@ static int check_stack_overflow(void)
+@@ -28,6 +28,9 @@ DEFINE_PER_CPU(struct pt_regs *, irq_regs);
+ EXPORT_PER_CPU_SYMBOL(irq_regs);
+
+ #ifdef CONFIG_DEBUG_STACKOVERFLOW
++
++extern void gr_handle_kernel_exploit(void);
++
+ /* Debugging check for stack overflow: is there less than 1KB free? */
+ static int check_stack_overflow(void)
+ {
+@@ -36,13 +39,14 @@ static int check_stack_overflow(void)
__asm__ __volatile__("andl %%esp,%0" :
"=r" (sp) : "0" (THREAD_SIZE - 1));
@@ -21150,7 +21200,14 @@ index 7209070..cbcd71a 100644
}
static void print_stack_overflow(void)
-@@ -54,8 +54,8 @@ static inline void print_stack_overflow(void) { }
+ {
+ printk(KERN_WARNING "low stack detected by irq handler\n");
+ dump_stack();
++ gr_handle_kernel_exploit();
+ }
+
+ #else
+@@ -54,8 +58,8 @@ static inline void print_stack_overflow(void) { }
* per-CPU IRQ handling contexts (thread information and stack)
*/
union irq_ctx {
@@ -21161,7 +21218,7 @@ index 7209070..cbcd71a 100644
} __attribute__((aligned(THREAD_SIZE)));
static DEFINE_PER_CPU(union irq_ctx *, hardirq_ctx);
-@@ -75,10 +75,9 @@ static void call_on_stack(void *func, void *stack)
+@@ -75,10 +79,9 @@ static void call_on_stack(void *func, void *stack)
static inline int
execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
{
@@ -21173,7 +21230,7 @@ index 7209070..cbcd71a 100644
irqctx = __this_cpu_read(hardirq_ctx);
/*
-@@ -87,21 +86,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -87,21 +90,16 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
* handler) we can't do that and just have to keep using the
* current stack (which is the irq stack already after all)
*/
@@ -21201,7 +21258,7 @@ index 7209070..cbcd71a 100644
if (unlikely(overflow))
call_on_stack(print_stack_overflow, isp);
-@@ -113,6 +107,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -113,6 +111,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
: "0" (irq), "1" (desc), "2" (isp),
"D" (desc->handle_irq)
: "memory", "cc", "ecx");
@@ -21213,7 +21270,7 @@ index 7209070..cbcd71a 100644
return 1;
}
-@@ -121,29 +120,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
+@@ -121,29 +124,11 @@ execute_on_irq_stack(int overflow, struct irq_desc *desc, int irq)
*/
void __cpuinit irq_ctx_init(int cpu)
{
@@ -21245,7 +21302,7 @@ index 7209070..cbcd71a 100644
printk(KERN_DEBUG "CPU %u irqstacks, hard=%p soft=%p\n",
cpu, per_cpu(hardirq_ctx, cpu), per_cpu(softirq_ctx, cpu));
-@@ -152,7 +133,6 @@ void __cpuinit irq_ctx_init(int cpu)
+@@ -152,7 +137,6 @@ void __cpuinit irq_ctx_init(int cpu)
asmlinkage void do_softirq(void)
{
unsigned long flags;
@@ -21253,7 +21310,7 @@ index 7209070..cbcd71a 100644
union irq_ctx *irqctx;
u32 *isp;
-@@ -162,15 +142,22 @@ asmlinkage void do_softirq(void)
+@@ -162,15 +146,22 @@ asmlinkage void do_softirq(void)
local_irq_save(flags);
if (local_softirq_pending()) {
@@ -21281,10 +21338,19 @@ index 7209070..cbcd71a 100644
* Shouldn't happen, we returned above if in_interrupt():
*/
diff --git a/arch/x86/kernel/irq_64.c b/arch/x86/kernel/irq_64.c
-index 69bca46..0bac999 100644
+index 69bca46..fe78277 100644
--- a/arch/x86/kernel/irq_64.c
+++ b/arch/x86/kernel/irq_64.c
-@@ -38,7 +38,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
+@@ -26,6 +26,8 @@ EXPORT_PER_CPU_SYMBOL(irq_stat);
+ DEFINE_PER_CPU(struct pt_regs *, irq_regs);
+ EXPORT_PER_CPU_SYMBOL(irq_regs);
+
++extern void gr_handle_kernel_exploit(void);
++
+ /*
+ * Probabilistic stack overflow check:
+ *
+@@ -38,7 +40,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
#ifdef CONFIG_DEBUG_STACKOVERFLOW
u64 curbase = (u64)task_stack_page(current);
@@ -21293,6 +21359,14 @@ index 69bca46..0bac999 100644
return;
WARN_ONCE(regs->sp >= curbase &&
+@@ -48,6 +50,7 @@ static inline void stack_overflow_check(struct pt_regs *regs)
+
+ "do_IRQ: %s near stack overflow (cur:%Lx,sp:%lx)\n",
+ current->comm, curbase, regs->sp);
++ gr_handle_kernel_exploit();
+ #endif
+ }
+
diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index 2f45c4c..3f51a0c 100644
--- a/arch/x86/kernel/kgdb.c
@@ -56597,7 +56671,7 @@ index 451b9b8..12e5a03 100644
out_free_fd:
diff --git a/fs/exec.c b/fs/exec.c
-index 78199eb..1781a561 100644
+index 78199eb..80dac79 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -55,12 +55,35 @@
@@ -57210,7 +57284,7 @@ index 78199eb..1781a561 100644
cn->corename = kmalloc(cn->size, GFP_KERNEL);
cn->used = 0;
-@@ -1833,6 +2016,292 @@ out:
+@@ -1833,6 +2016,293 @@ out:
return ispipe;
}
@@ -57420,6 +57494,7 @@ index 78199eb..1781a561 100644
+#endif
+
+#ifdef CONFIG_PAX_USERCOPY
++
+static inline bool check_kernel_text_object(unsigned long low, unsigned long high)
+{
+#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC)
@@ -57503,7 +57578,7 @@ index 78199eb..1781a561 100644
static int zap_process(struct task_struct *start, int exit_code)
{
struct task_struct *t;
-@@ -2006,17 +2475,17 @@ static void coredump_finish(struct mm_struct *mm)
+@@ -2006,17 +2476,17 @@ static void coredump_finish(struct mm_struct *mm)
void set_dumpable(struct mm_struct *mm, int value)
{
switch (value) {
@@ -57524,7 +57599,7 @@ index 78199eb..1781a561 100644
set_bit(MMF_DUMP_SECURELY, &mm->flags);
smp_wmb();
set_bit(MMF_DUMPABLE, &mm->flags);
-@@ -2029,7 +2498,7 @@ static int __get_dumpable(unsigned long mm_flags)
+@@ -2029,7 +2499,7 @@ static int __get_dumpable(unsigned long mm_flags)
int ret;
ret = mm_flags & MMF_DUMPABLE_MASK;
@@ -57533,7 +57608,7 @@ index 78199eb..1781a561 100644
}
/*
-@@ -2050,17 +2519,17 @@ static void wait_for_dump_helpers(struct file *file)
+@@ -2050,17 +2520,17 @@ static void wait_for_dump_helpers(struct file *file)
pipe = file->f_path.dentry->d_inode->i_pipe;
pipe_lock(pipe);
@@ -57556,7 +57631,7 @@ index 78199eb..1781a561 100644
pipe_unlock(pipe);
}
-@@ -2121,7 +2590,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2121,7 +2591,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
int retval = 0;
int flag = 0;
int ispipe;
@@ -57566,7 +57641,7 @@ index 78199eb..1781a561 100644
struct coredump_params cprm = {
.signr = signr,
.regs = regs,
-@@ -2136,6 +2606,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2136,6 +2607,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
audit_core_dumps(signr);
@@ -57576,7 +57651,7 @@ index 78199eb..1781a561 100644
binfmt = mm->binfmt;
if (!binfmt || !binfmt->core_dump)
goto fail;
-@@ -2146,14 +2619,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2146,14 +2620,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
if (!cred)
goto fail;
/*
@@ -57597,7 +57672,7 @@ index 78199eb..1781a561 100644
}
retval = coredump_wait(exit_code, &core_state);
-@@ -2203,7 +2678,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2203,7 +2679,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
}
cprm.limit = RLIM_INFINITY;
@@ -57606,7 +57681,7 @@ index 78199eb..1781a561 100644
if (core_pipe_limit && (core_pipe_limit < dump_count)) {
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n",
task_tgid_vnr(current), current->comm);
-@@ -2230,9 +2705,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2230,9 +2706,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
} else {
struct inode *inode;
@@ -57626,7 +57701,7 @@ index 78199eb..1781a561 100644
cprm.file = filp_open(cn.corename,
O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
0600);
-@@ -2273,7 +2758,7 @@ close_fail:
+@@ -2273,7 +2759,7 @@ close_fail:
filp_close(cprm.file, NULL);
fail_dropcount:
if (ispipe)
@@ -57635,7 +57710,7 @@ index 78199eb..1781a561 100644
fail_unlock:
kfree(cn.corename);
fail_corename:
-@@ -2292,7 +2777,7 @@ fail:
+@@ -2292,7 +2778,7 @@ fail:
*/
int dump_write(struct file *file, const void *addr, int nr)
{
@@ -63098,6 +63173,92 @@ index 03102d9..4ae347e 100644
proc_sys_init();
}
+diff --git a/fs/proc/stat.c b/fs/proc/stat.c
+index 4c9a859..0b51e6b 100644
+--- a/fs/proc/stat.c
++++ b/fs/proc/stat.c
+@@ -67,6 +67,18 @@ static int show_stat(struct seq_file *p, void *v)
+ u64 sum_softirq = 0;
+ unsigned int per_softirq_sums[NR_SOFTIRQS] = {0};
+ struct timespec boottime;
++ int unrestricted = 1;
++
++#ifdef CONFIG_GRKERNSEC_PROC_ADD
++#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
++ if (current_uid()
++#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
++ && !in_group_p(grsec_proc_gid)
++#endif
++ )
++ unrestricted = 0;
++#endif
++#endif
+
+ user = nice = system = idle = iowait =
+ irq = softirq = steal = cputime64_zero;
+@@ -79,24 +91,27 @@ static int show_stat(struct seq_file *p, void *v)
+ nice = cputime64_add(nice, kstat_cpu(i).cpustat.nice);
+ system = cputime64_add(system, kstat_cpu(i).cpustat.system);
+ idle = cputime64_add(idle, get_idle_time(i));
+- iowait = cputime64_add(iowait, get_iowait_time(i));
+- irq = cputime64_add(irq, kstat_cpu(i).cpustat.irq);
+- softirq = cputime64_add(softirq, kstat_cpu(i).cpustat.softirq);
+- steal = cputime64_add(steal, kstat_cpu(i).cpustat.steal);
+- guest = cputime64_add(guest, kstat_cpu(i).cpustat.guest);
+- guest_nice = cputime64_add(guest_nice,
+- kstat_cpu(i).cpustat.guest_nice);
+- sum += kstat_cpu_irqs_sum(i);
+- sum += arch_irq_stat_cpu(i);
++ if (unrestricted) {
++ iowait = cputime64_add(iowait, get_iowait_time(i));
++ irq = cputime64_add(irq, kstat_cpu(i).cpustat.irq);
++ softirq = cputime64_add(softirq, kstat_cpu(i).cpustat.softirq);
++ steal = cputime64_add(steal, kstat_cpu(i).cpustat.steal);
++ guest = cputime64_add(guest, kstat_cpu(i).cpustat.guest);
++ guest_nice = cputime64_add(guest_nice,
++ kstat_cpu(i).cpustat.guest_nice);
++ sum += kstat_cpu_irqs_sum(i);
++ sum += arch_irq_stat_cpu(i);
+
+- for (j = 0; j < NR_SOFTIRQS; j++) {
+- unsigned int softirq_stat = kstat_softirqs_cpu(j, i);
++ for (j = 0; j < NR_SOFTIRQS; j++) {
++ unsigned int softirq_stat = kstat_softirqs_cpu(j, i);
+
+- per_softirq_sums[j] += softirq_stat;
+- sum_softirq += softirq_stat;
++ per_softirq_sums[j] += softirq_stat;
++ sum_softirq += softirq_stat;
++ }
+ }
+ }
+- sum += arch_irq_stat();
++ if (unrestricted)
++ sum += arch_irq_stat();
+
+ seq_printf(p, "cpu %llu %llu %llu %llu %llu %llu %llu %llu %llu "
+ "%llu\n",
+@@ -116,12 +131,14 @@ static int show_stat(struct seq_file *p, void *v)
+ nice = kstat_cpu(i).cpustat.nice;
+ system = kstat_cpu(i).cpustat.system;
+ idle = get_idle_time(i);
+- iowait = get_iowait_time(i);
+- irq = kstat_cpu(i).cpustat.irq;
+- softirq = kstat_cpu(i).cpustat.softirq;
+- steal = kstat_cpu(i).cpustat.steal;
+- guest = kstat_cpu(i).cpustat.guest;
+- guest_nice = kstat_cpu(i).cpustat.guest_nice;
++ if (unrestricted) {
++ iowait = get_iowait_time(i);
++ irq = kstat_cpu(i).cpustat.irq;
++ softirq = kstat_cpu(i).cpustat.softirq;
++ steal = kstat_cpu(i).cpustat.steal;
++ guest = kstat_cpu(i).cpustat.guest;
++ guest_nice = kstat_cpu(i).cpustat.guest_nice;
++ }
+ seq_printf(p,
+ "cpu%d %llu %llu %llu %llu %llu %llu %llu %llu %llu "
+ "%llu\n",
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index ef1740d..9a18b87 100644
--- a/fs/proc/task_mmu.c
@@ -82409,16 +82570,26 @@ index 7faf933..9b85a0c 100644
#ifdef CONFIG_MAGIC_SYSRQ
diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h
-index 8d03f07..e723aa8 100644
+index 8d03f07..66b3cf6 100644
--- a/include/linux/thread_info.h
+++ b/include/linux/thread_info.h
-@@ -123,6 +123,13 @@ static inline void set_restore_sigmask(void)
+@@ -123,6 +123,23 @@ static inline void set_restore_sigmask(void)
}
#endif /* TIF_RESTORE_SIGMASK && !HAVE_SET_RESTORE_SIGMASK */
+extern void __check_object_size(const void *ptr, unsigned long n, bool to);
++
++#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY)
++extern void pax_check_alloca(unsigned long size);
++#endif
++
+static inline void check_object_size(const void *ptr, unsigned long n, bool to)
+{
++#if defined(CONFIG_X86) && defined(CONFIG_PAX_USERCOPY)
++ /* always check if we've overflowed the stack in a copy*user */
++ pax_check_alloca(sizeof(unsigned long));
++#endif
++
+ if (!__builtin_constant_p(n))
+ __check_object_size(ptr, n, to);
+}
@@ -106618,10 +106789,10 @@ index 38f6617..e70b72b 100755
exuberant()
diff --git a/security/Kconfig b/security/Kconfig
-index 51bd5a0..d4191c5 100644
+index 51bd5a0..f75fbf0 100644
--- a/security/Kconfig
+++ b/security/Kconfig
-@@ -4,6 +4,955 @@
+@@ -4,6 +4,956 @@
menu "Security options"
@@ -106657,6 +106828,7 @@ index 51bd5a0..d4191c5 100644
+ select STOP_MACHINE
+ select DEBUG_KERNEL
+ select DEBUG_LIST
++ select DEBUG_STACKOVERFLOW if HAVE_DEBUG_STACKOVERFLOW
+ help
+ If you say Y here, you will be able to configure many features
+ that will enhance the security of your system. It is highly
@@ -107577,7 +107749,7 @@ index 51bd5a0..d4191c5 100644
config KEYS
bool "Enable access key retention support"
help
-@@ -169,7 +1118,7 @@ config INTEL_TXT
+@@ -169,7 +1119,7 @@ config INTEL_TXT
config LSM_MMAP_MIN_ADDR
int "Low address space for LSM to protect from user allocation"
depends on SECURITY && SECURITY_SELINUX
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] proj/hardened-patchset:master commit in: 3.14.3/, 3.2.58/
@ 2014-05-12 12:34 Anthony G. Basile
0 siblings, 0 replies; 3+ messages in thread
From: Anthony G. Basile @ 2014-05-12 12:34 UTC (permalink / raw
To: gentoo-commits
commit: 77b297713485d2da87bfe9b58e57627ecc71b222
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Mon May 12 12:35:58 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Mon May 12 12:35:58 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=77b29771
Grsec/PaX: 3.0-{3.2.58,3.14.3}-201405112005
---
3.14.3/0000_README | 2 +-
... 4420_grsecurity-3.0-3.14.3-201405112005.patch} | 442 ++++++++++++++++++++-
3.2.58/0000_README | 2 +-
... 4420_grsecurity-3.0-3.2.58-201405112002.patch} | 47 ++-
4 files changed, 468 insertions(+), 25 deletions(-)
diff --git a/3.14.3/0000_README b/3.14.3/0000_README
index 4ea0a4a..99900e8 100644
--- a/3.14.3/0000_README
+++ b/3.14.3/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.14.3-201405101947.patch
+Patch: 4420_grsecurity-3.0-3.14.3-201405112005.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch b/3.14.3/4420_grsecurity-3.0-3.14.3-201405112005.patch
similarity index 99%
rename from 3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch
rename to 3.14.3/4420_grsecurity-3.0-3.14.3-201405112005.patch
index d17eca9..c5fa685 100644
--- a/3.14.3/4420_grsecurity-3.0-3.14.3-201405101947.patch
+++ b/3.14.3/4420_grsecurity-3.0-3.14.3-201405112005.patch
@@ -9763,6 +9763,142 @@ index 502f632..da1917f 100644
#define __S100 PAGE_READONLY
#define __S101 PAGE_READONLY
#define __S110 PAGE_SHARED
+diff --git a/arch/sparc/include/asm/pgtable_64.h b/arch/sparc/include/asm/pgtable_64.h
+index 0f9e945..a949e55 100644
+--- a/arch/sparc/include/asm/pgtable_64.h
++++ b/arch/sparc/include/asm/pgtable_64.h
+@@ -71,6 +71,23 @@
+
+ #include <linux/sched.h>
+
++extern unsigned long sparc64_valid_addr_bitmap[];
++
++/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */
++static inline bool __kern_addr_valid(unsigned long paddr)
++{
++ if ((paddr >> MAX_PHYS_ADDRESS_BITS) != 0UL)
++ return false;
++ return test_bit(paddr >> ILOG2_4MB, sparc64_valid_addr_bitmap);
++}
++
++static inline bool kern_addr_valid(unsigned long addr)
++{
++ unsigned long paddr = __pa(addr);
++
++ return __kern_addr_valid(paddr);
++}
++
+ /* Entries per page directory level. */
+ #define PTRS_PER_PTE (1UL << (PAGE_SHIFT-3))
+ #define PTRS_PER_PMD (1UL << PMD_BITS)
+@@ -79,9 +96,12 @@
+ /* Kernel has a separate 44bit address space. */
+ #define FIRST_USER_ADDRESS 0
+
+-#define pte_ERROR(e) __builtin_trap()
+-#define pmd_ERROR(e) __builtin_trap()
+-#define pgd_ERROR(e) __builtin_trap()
++#define pmd_ERROR(e) \
++ pr_err("%s:%d: bad pmd %p(%016lx) seen at (%pS)\n", \
++ __FILE__, __LINE__, &(e), pmd_val(e), __builtin_return_address(0))
++#define pgd_ERROR(e) \
++ pr_err("%s:%d: bad pgd %p(%016lx) seen at (%pS)\n", \
++ __FILE__, __LINE__, &(e), pgd_val(e), __builtin_return_address(0))
+
+ #endif /* !(__ASSEMBLY__) */
+
+@@ -633,7 +653,7 @@ static inline unsigned long pmd_large(pmd_t pmd)
+ {
+ pte_t pte = __pte(pmd_val(pmd));
+
+- return (pte_val(pte) & _PAGE_PMD_HUGE) && pte_present(pte);
++ return pte_val(pte) & _PAGE_PMD_HUGE;
+ }
+
+ #ifdef CONFIG_TRANSPARENT_HUGEPAGE
+@@ -719,20 +739,6 @@ static inline pmd_t pmd_mkwrite(pmd_t pmd)
+ return __pmd(pte_val(pte));
+ }
+
+-static inline pmd_t pmd_mknotpresent(pmd_t pmd)
+-{
+- unsigned long mask;
+-
+- if (tlb_type == hypervisor)
+- mask = _PAGE_PRESENT_4V;
+- else
+- mask = _PAGE_PRESENT_4U;
+-
+- pmd_val(pmd) &= ~mask;
+-
+- return pmd;
+-}
+-
+ static inline pmd_t pmd_mksplitting(pmd_t pmd)
+ {
+ pte_t pte = __pte(pmd_val(pmd));
+@@ -757,6 +763,20 @@ static inline int pmd_present(pmd_t pmd)
+
+ #define pmd_none(pmd) (!pmd_val(pmd))
+
++/* pmd_bad() is only called on non-trans-huge PMDs. Our encoding is
++ * very simple, it's just the physical address. PTE tables are of
++ * size PAGE_SIZE so make sure the sub-PAGE_SIZE bits are clear and
++ * the top bits outside of the range of any physical address size we
++ * support are clear as well. We also validate the physical itself.
++ */
++#define pmd_bad(pmd) ((pmd_val(pmd) & ~PAGE_MASK) || \
++ !__kern_addr_valid(pmd_val(pmd)))
++
++#define pud_none(pud) (!pud_val(pud))
++
++#define pud_bad(pud) ((pud_val(pud) & ~PAGE_MASK) || \
++ !__kern_addr_valid(pud_val(pud)))
++
+ #ifdef CONFIG_TRANSPARENT_HUGEPAGE
+ extern void set_pmd_at(struct mm_struct *mm, unsigned long addr,
+ pmd_t *pmdp, pmd_t pmd);
+@@ -790,10 +810,7 @@ static inline unsigned long __pmd_page(pmd_t pmd)
+ #define pud_page_vaddr(pud) \
+ ((unsigned long) __va(pud_val(pud)))
+ #define pud_page(pud) virt_to_page((void *)pud_page_vaddr(pud))
+-#define pmd_bad(pmd) (0)
+ #define pmd_clear(pmdp) (pmd_val(*(pmdp)) = 0UL)
+-#define pud_none(pud) (!pud_val(pud))
+-#define pud_bad(pud) (0)
+ #define pud_present(pud) (pud_val(pud) != 0U)
+ #define pud_clear(pudp) (pud_val(*(pudp)) = 0UL)
+
+@@ -893,6 +910,10 @@ extern void update_mmu_cache(struct vm_area_struct *, unsigned long, pte_t *);
+ extern void update_mmu_cache_pmd(struct vm_area_struct *vma, unsigned long addr,
+ pmd_t *pmd);
+
++#define __HAVE_ARCH_PMDP_INVALIDATE
++extern void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
++ pmd_t *pmdp);
++
+ #define __HAVE_ARCH_PGTABLE_DEPOSIT
+ extern void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp,
+ pgtable_t pgtable);
+@@ -919,18 +940,6 @@ extern unsigned long pte_file(pte_t);
+ extern pte_t pgoff_to_pte(unsigned long);
+ #define PTE_FILE_MAX_BITS (64UL - PAGE_SHIFT - 1UL)
+
+-extern unsigned long sparc64_valid_addr_bitmap[];
+-
+-/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */
+-static inline bool kern_addr_valid(unsigned long addr)
+-{
+- unsigned long paddr = __pa(addr);
+-
+- if ((paddr >> 41UL) != 0UL)
+- return false;
+- return test_bit(paddr >> 22, sparc64_valid_addr_bitmap);
+-}
+-
+ extern int page_in_phys_avail(unsigned long paddr);
+
+ /*
diff --git a/arch/sparc/include/asm/pgtsrmmu.h b/arch/sparc/include/asm/pgtsrmmu.h
index 79da178..c2eede8 100644
--- a/arch/sparc/include/asm/pgtsrmmu.h
@@ -9940,6 +10076,20 @@ index a5f01ac..703b554 100644
/*
* Thread-synchronous status.
*
+diff --git a/arch/sparc/include/asm/tsb.h b/arch/sparc/include/asm/tsb.h
+index 2230f80..90916f9 100644
+--- a/arch/sparc/include/asm/tsb.h
++++ b/arch/sparc/include/asm/tsb.h
+@@ -171,7 +171,8 @@ extern struct tsb_phys_patch_entry __tsb_phys_patch, __tsb_phys_patch_end;
+ andcc REG1, REG2, %g0; \
+ be,pt %xcc, 700f; \
+ sethi %hi(4 * 1024 * 1024), REG2; \
+- andn REG1, REG2, REG1; \
++ brgez,pn REG1, FAIL_LABEL; \
++ andn REG1, REG2, REG1; \
+ and VADDR, REG2, REG2; \
+ brlz,pt REG1, PTE_LABEL; \
+ or REG1, REG2, REG1; \
diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h
index 0167d26..767bb0c 100644
--- a/arch/sparc/include/asm/uaccess.h
@@ -10688,10 +10838,37 @@ index 4ced92f..965eeed 100644
}
EXPORT_SYMBOL(die_if_kernel);
diff --git a/arch/sparc/kernel/unaligned_64.c b/arch/sparc/kernel/unaligned_64.c
-index 3c1a7cb..73e1923 100644
+index 3c1a7cb..9046547 100644
--- a/arch/sparc/kernel/unaligned_64.c
+++ b/arch/sparc/kernel/unaligned_64.c
-@@ -289,7 +289,7 @@ static void log_unaligned(struct pt_regs *regs)
+@@ -166,17 +166,23 @@ static unsigned long *fetch_reg_addr(unsigned int reg, struct pt_regs *regs)
+ unsigned long compute_effective_address(struct pt_regs *regs,
+ unsigned int insn, unsigned int rd)
+ {
++ int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
+ unsigned int rs1 = (insn >> 14) & 0x1f;
+ unsigned int rs2 = insn & 0x1f;
+- int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
++ unsigned long addr;
+
+ if (insn & 0x2000) {
+ maybe_flush_windows(rs1, 0, rd, from_kernel);
+- return (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
++ addr = (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
+ } else {
+ maybe_flush_windows(rs1, rs2, rd, from_kernel);
+- return (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
++ addr = (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
+ }
++
++ if (!from_kernel && test_thread_flag(TIF_32BIT))
++ addr &= 0xffffffff;
++
++ return addr;
+ }
+
+ /* This is just to make gcc think die_if_kernel does return... */
+@@ -289,7 +295,7 @@ static void log_unaligned(struct pt_regs *regs)
static DEFINE_RATELIMIT_STATE(ratelimit, 5 * HZ, 5);
if (__ratelimit(&ratelimit)) {
@@ -11281,7 +11458,7 @@ index 59dbd46..1dd7f5e 100644
if (!(vma->vm_flags & (VM_READ | VM_EXEC)))
goto bad_area;
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c
-index 69bb818..6ca35c8 100644
+index 69bb818..3542236 100644
--- a/arch/sparc/mm/fault_64.c
+++ b/arch/sparc/mm/fault_64.c
@@ -22,6 +22,9 @@
@@ -11303,7 +11480,124 @@ index 69bb818..6ca35c8 100644
printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr);
dump_stack();
unhandled_fault(regs->tpc, current, regs);
-@@ -271,6 +274,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs,
+@@ -96,38 +99,51 @@ static unsigned int get_user_insn(unsigned long tpc)
+ pte_t *ptep, pte;
+ unsigned long pa;
+ u32 insn = 0;
+- unsigned long pstate;
+
+- if (pgd_none(*pgdp))
+- goto outret;
++ if (pgd_none(*pgdp) || unlikely(pgd_bad(*pgdp)))
++ goto out;
+ pudp = pud_offset(pgdp, tpc);
+- if (pud_none(*pudp))
+- goto outret;
+- pmdp = pmd_offset(pudp, tpc);
+- if (pmd_none(*pmdp))
+- goto outret;
++ if (pud_none(*pudp) || unlikely(pud_bad(*pudp)))
++ goto out;
+
+ /* This disables preemption for us as well. */
+- __asm__ __volatile__("rdpr %%pstate, %0" : "=r" (pstate));
+- __asm__ __volatile__("wrpr %0, %1, %%pstate"
+- : : "r" (pstate), "i" (PSTATE_IE));
+- ptep = pte_offset_map(pmdp, tpc);
+- pte = *ptep;
+- if (!pte_present(pte))
+- goto out;
++ local_irq_disable();
+
+- pa = (pte_pfn(pte) << PAGE_SHIFT);
+- pa += (tpc & ~PAGE_MASK);
++ pmdp = pmd_offset(pudp, tpc);
++ if (pmd_none(*pmdp) || unlikely(pmd_bad(*pmdp)))
++ goto out_irq_enable;
+
+- /* Use phys bypass so we don't pollute dtlb/dcache. */
+- __asm__ __volatile__("lduwa [%1] %2, %0"
+- : "=r" (insn)
+- : "r" (pa), "i" (ASI_PHYS_USE_EC));
++#ifdef CONFIG_TRANSPARENT_HUGEPAGE
++ if (pmd_trans_huge(*pmdp)) {
++ if (pmd_trans_splitting(*pmdp))
++ goto out_irq_enable;
+
++ pa = pmd_pfn(*pmdp) << PAGE_SHIFT;
++ pa += tpc & ~HPAGE_MASK;
++
++ /* Use phys bypass so we don't pollute dtlb/dcache. */
++ __asm__ __volatile__("lduwa [%1] %2, %0"
++ : "=r" (insn)
++ : "r" (pa), "i" (ASI_PHYS_USE_EC));
++ } else
++#endif
++ {
++ ptep = pte_offset_map(pmdp, tpc);
++ pte = *ptep;
++ if (pte_present(pte)) {
++ pa = (pte_pfn(pte) << PAGE_SHIFT);
++ pa += (tpc & ~PAGE_MASK);
++
++ /* Use phys bypass so we don't pollute dtlb/dcache. */
++ __asm__ __volatile__("lduwa [%1] %2, %0"
++ : "=r" (insn)
++ : "r" (pa), "i" (ASI_PHYS_USE_EC));
++ }
++ pte_unmap(ptep);
++ }
++out_irq_enable:
++ local_irq_enable();
+ out:
+- pte_unmap(ptep);
+- __asm__ __volatile__("wrpr %0, 0x0, %%pstate" : : "r" (pstate));
+-outret:
+ return insn;
+ }
+
+@@ -153,7 +169,8 @@ show_signal_msg(struct pt_regs *regs, int sig, int code,
+ }
+
+ static void do_fault_siginfo(int code, int sig, struct pt_regs *regs,
+- unsigned int insn, int fault_code)
++ unsigned long fault_addr, unsigned int insn,
++ int fault_code)
+ {
+ unsigned long addr;
+ siginfo_t info;
+@@ -161,10 +178,18 @@ static void do_fault_siginfo(int code, int sig, struct pt_regs *regs,
+ info.si_code = code;
+ info.si_signo = sig;
+ info.si_errno = 0;
+- if (fault_code & FAULT_CODE_ITLB)
++ if (fault_code & FAULT_CODE_ITLB) {
+ addr = regs->tpc;
+- else
+- addr = compute_effective_address(regs, insn, 0);
++ } else {
++ /* If we were able to probe the faulting instruction, use it
++ * to compute a precise fault address. Otherwise use the fault
++ * time provided address which may only have page granularity.
++ */
++ if (insn)
++ addr = compute_effective_address(regs, insn, 0);
++ else
++ addr = fault_addr;
++ }
+ info.si_addr = (void __user *) addr;
+ info.si_trapno = 0;
+
+@@ -239,7 +264,7 @@ static void __kprobes do_kernel_fault(struct pt_regs *regs, int si_code,
+ /* The si_code was set to make clear whether
+ * this was a SEGV_MAPERR or SEGV_ACCERR fault.
+ */
+- do_fault_siginfo(si_code, SIGSEGV, regs, insn, fault_code);
++ do_fault_siginfo(si_code, SIGSEGV, regs, address, insn, fault_code);
+ return;
+ }
+
+@@ -271,6 +296,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs,
show_regs(regs);
}
@@ -11770,7 +12064,7 @@ index 69bb818..6ca35c8 100644
asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs)
{
enum ctx_state prev_state = exception_enter();
-@@ -344,6 +807,29 @@ retry:
+@@ -344,6 +829,29 @@ retry:
if (!vma)
goto bad_area;
@@ -11800,6 +12094,28 @@ index 69bb818..6ca35c8 100644
/* Pure DTLB misses do not tell us whether the fault causing
* load/store/atomic was a write or not, it only says that there
* was no match. So in such a case we (carefully) read the
+@@ -525,7 +1033,7 @@ do_sigbus:
+ * Send a sigbus, regardless of whether we were in kernel
+ * or user mode.
+ */
+- do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, insn, fault_code);
++ do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, address, insn, fault_code);
+
+ /* Kernel mode? Handle exceptions or die */
+ if (regs->tstate & TSTATE_PRIV)
+diff --git a/arch/sparc/mm/gup.c b/arch/sparc/mm/gup.c
+index c4d3da6..1aed043 100644
+--- a/arch/sparc/mm/gup.c
++++ b/arch/sparc/mm/gup.c
+@@ -73,7 +73,7 @@ static int gup_huge_pmd(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
+ struct page *head, *page, *tail;
+ int refs;
+
+- if (!pmd_large(pmd))
++ if (!(pmd_val(pmd) & _PAGE_VALID))
+ return 0;
+
+ if (write && !pmd_write(pmd))
diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c
index 9bd9ce8..dc84852 100644
--- a/arch/sparc/mm/hugetlbpage.c
@@ -11944,6 +12260,67 @@ index eafbc65..5a8070d 100644
#endif /* CONFIG_SMP */
#endif /* CONFIG_DEBUG_DCFLUSH */
}
+diff --git a/arch/sparc/mm/tlb.c b/arch/sparc/mm/tlb.c
+index b12cb5e..b89aba2 100644
+--- a/arch/sparc/mm/tlb.c
++++ b/arch/sparc/mm/tlb.c
+@@ -134,7 +134,7 @@ no_cache_flush:
+
+ #ifdef CONFIG_TRANSPARENT_HUGEPAGE
+ static void tlb_batch_pmd_scan(struct mm_struct *mm, unsigned long vaddr,
+- pmd_t pmd, bool exec)
++ pmd_t pmd)
+ {
+ unsigned long end;
+ pte_t *pte;
+@@ -142,8 +142,11 @@ static void tlb_batch_pmd_scan(struct mm_struct *mm, unsigned long vaddr,
+ pte = pte_offset_map(&pmd, vaddr);
+ end = vaddr + HPAGE_SIZE;
+ while (vaddr < end) {
+- if (pte_val(*pte) & _PAGE_VALID)
++ if (pte_val(*pte) & _PAGE_VALID) {
++ bool exec = pte_exec(*pte);
++
+ tlb_batch_add_one(mm, vaddr, exec);
++ }
+ pte++;
+ vaddr += PAGE_SIZE;
+ }
+@@ -177,19 +180,30 @@ void set_pmd_at(struct mm_struct *mm, unsigned long addr,
+ }
+
+ if (!pmd_none(orig)) {
+- pte_t orig_pte = __pte(pmd_val(orig));
+- bool exec = pte_exec(orig_pte);
+-
+ addr &= HPAGE_MASK;
+ if (pmd_trans_huge(orig)) {
++ pte_t orig_pte = __pte(pmd_val(orig));
++ bool exec = pte_exec(orig_pte);
++
+ tlb_batch_add_one(mm, addr, exec);
+ tlb_batch_add_one(mm, addr + REAL_HPAGE_SIZE, exec);
+ } else {
+- tlb_batch_pmd_scan(mm, addr, orig, exec);
++ tlb_batch_pmd_scan(mm, addr, orig);
+ }
+ }
+ }
+
++void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
++ pmd_t *pmdp)
++{
++ pmd_t entry = *pmdp;
++
++ pmd_val(entry) &= ~_PAGE_VALID;
++
++ set_pmd_at(vma->vm_mm, address, pmdp, entry);
++ flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
++}
++
+ void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp,
+ pgtable_t pgtable)
+ {
diff --git a/arch/tile/Kconfig b/arch/tile/Kconfig
index b3692ce..e4517c9 100644
--- a/arch/tile/Kconfig
@@ -27950,7 +28327,7 @@ index da6b35a..977e9cf 100644
#ifdef CONFIG_SMP
diff --git a/arch/x86/kernel/vsyscall_64.c b/arch/x86/kernel/vsyscall_64.c
-index 1f96f93..d5c8f7a 100644
+index 1f96f93..6f29be7 100644
--- a/arch/x86/kernel/vsyscall_64.c
+++ b/arch/x86/kernel/vsyscall_64.c
@@ -56,15 +56,13 @@
@@ -27970,6 +28347,15 @@ index 1f96f93..d5c8f7a 100644
else if (!strcmp("none", str))
vsyscall_mode = NONE;
else
+@@ -101,7 +99,7 @@ void update_vsyscall(struct timekeeper *tk)
+ vdata->monotonic_time_sec = tk->xtime_sec
+ + tk->wall_to_monotonic.tv_sec;
+ vdata->monotonic_time_snsec = tk->xtime_nsec
+- + (tk->wall_to_monotonic.tv_nsec
++ + ((u64)tk->wall_to_monotonic.tv_nsec
+ << tk->shift);
+ while (vdata->monotonic_time_snsec >=
+ (((u64)NSEC_PER_SEC) << tk->shift)) {
@@ -323,8 +321,7 @@ do_ret:
return true;
@@ -39200,7 +39586,7 @@ index 3d1cba9..0ab21d2 100644
if (speedstep_detect_processor() == SPEEDSTEP_CPU_P4M) {
printk(KERN_WARNING PFX "Warning: Pentium 4-M detected. "
diff --git a/drivers/cpufreq/sparc-us3-cpufreq.c b/drivers/cpufreq/sparc-us3-cpufreq.c
-index 724ffbd..ad83692 100644
+index 724ffbd..f06aaaa 100644
--- a/drivers/cpufreq/sparc-us3-cpufreq.c
+++ b/drivers/cpufreq/sparc-us3-cpufreq.c
@@ -18,14 +18,12 @@
@@ -39219,7 +39605,7 @@ index 724ffbd..ad83692 100644
/* UltraSPARC-III has three dividers: 1, 2, and 32. These are controlled
* in the Safari config register.
-@@ -156,14 +154,26 @@ static int __init us3_freq_cpu_init(struct cpufreq_policy *policy)
+@@ -156,18 +154,28 @@ static int __init us3_freq_cpu_init(struct cpufreq_policy *policy)
static int us3_freq_cpu_exit(struct cpufreq_policy *policy)
{
@@ -39242,7 +39628,6 @@ index 724ffbd..ad83692 100644
+ .target_index = us3_freq_target,
+ .get = us3_freq_get,
+ .exit = us3_freq_cpu_exit,
-+ .owner = THIS_MODULE,
+ .name = "UltraSPARC-III",
+
+};
@@ -39250,7 +39635,11 @@ index 724ffbd..ad83692 100644
static int __init us3_freq_init(void)
{
unsigned long manuf, impl, ver;
-@@ -180,55 +190,15 @@ static int __init us3_freq_init(void)
+- int ret;
+
+ if (tlb_type != cheetah && tlb_type != cheetah_plus)
+ return -ENODEV;
+@@ -180,55 +188,15 @@ static int __init us3_freq_init(void)
(impl == CHEETAH_IMPL ||
impl == CHEETAH_PLUS_IMPL ||
impl == JAGUAR_IMPL ||
@@ -94729,7 +95118,7 @@ index 769a67a..414d24f 100644
if (nstart < prev->vm_end)
diff --git a/mm/mremap.c b/mm/mremap.c
-index 0843feb..4f5b2e6 100644
+index 0843feb..c3cde48 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -144,6 +144,12 @@ static void move_ptes(struct vm_area_struct *vma, pmd_t *old_pmd,
@@ -94745,7 +95134,26 @@ index 0843feb..4f5b2e6 100644
pte = move_soft_dirty_pte(pte);
set_pte_at(mm, new_addr, new_pte, pte);
}
-@@ -337,6 +343,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
+@@ -194,10 +200,17 @@ unsigned long move_page_tables(struct vm_area_struct *vma,
+ break;
+ if (pmd_trans_huge(*old_pmd)) {
+ int err = 0;
+- if (extent == HPAGE_PMD_SIZE)
++ if (extent == HPAGE_PMD_SIZE) {
++ VM_BUG_ON(vma->vm_file || !vma->anon_vma);
++ /* See comment in move_ptes() */
++ if (need_rmap_locks)
++ anon_vma_lock_write(vma->anon_vma);
+ err = move_huge_pmd(vma, new_vma, old_addr,
+ new_addr, old_end,
+ old_pmd, new_pmd);
++ if (need_rmap_locks)
++ anon_vma_unlock_write(vma->anon_vma);
++ }
+ if (err > 0) {
+ need_flush = true;
+ continue;
+@@ -337,6 +350,11 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
if (is_vm_hugetlb_page(vma))
goto Einval;
@@ -94757,7 +95165,7 @@ index 0843feb..4f5b2e6 100644
/* We can't remap across vm area boundaries */
if (old_len > vma->vm_end - addr)
goto Efault;
-@@ -392,20 +403,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len,
+@@ -392,20 +410,25 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len,
unsigned long ret = -EINVAL;
unsigned long charged = 0;
unsigned long map_flags;
@@ -94788,7 +95196,7 @@ index 0843feb..4f5b2e6 100644
goto out;
ret = do_munmap(mm, new_addr, new_len);
-@@ -474,6 +490,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
+@@ -474,6 +497,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
unsigned long ret = -EINVAL;
unsigned long charged = 0;
bool locked = false;
@@ -94796,7 +95204,7 @@ index 0843feb..4f5b2e6 100644
if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE))
return ret;
-@@ -495,6 +512,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
+@@ -495,6 +519,17 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
if (!new_len)
return ret;
@@ -94814,7 +95222,7 @@ index 0843feb..4f5b2e6 100644
down_write(¤t->mm->mmap_sem);
if (flags & MREMAP_FIXED) {
-@@ -545,6 +573,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
+@@ -545,6 +580,7 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
new_addr = addr;
}
ret = addr;
@@ -94822,7 +95230,7 @@ index 0843feb..4f5b2e6 100644
goto out;
}
}
-@@ -568,7 +597,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
+@@ -568,7 +604,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
goto out;
}
diff --git a/3.2.58/0000_README b/3.2.58/0000_README
index ad7286d..5094122 100644
--- a/3.2.58/0000_README
+++ b/3.2.58/0000_README
@@ -150,7 +150,7 @@ Patch: 1057_linux-3.2.58.patch
From: http://www.kernel.org
Desc: Linux 3.2.58
-Patch: 4420_grsecurity-3.0-3.2.58-201405101946.patch
+Patch: 4420_grsecurity-3.0-3.2.58-201405112002.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch b/3.2.58/4420_grsecurity-3.0-3.2.58-201405112002.patch
similarity index 99%
rename from 3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch
rename to 3.2.58/4420_grsecurity-3.0-3.2.58-201405112002.patch
index ed3fd8f..b77f99b 100644
--- a/3.2.58/4420_grsecurity-3.0-3.2.58-201405101946.patch
+++ b/3.2.58/4420_grsecurity-3.0-3.2.58-201405112002.patch
@@ -8351,10 +8351,37 @@ index 0cbdaa4..f37a97c 100644
}
EXPORT_SYMBOL(die_if_kernel);
diff --git a/arch/sparc/kernel/unaligned_64.c b/arch/sparc/kernel/unaligned_64.c
-index 76e4ac1..78f8bb1 100644
+index 76e4ac1..439d7e8 100644
--- a/arch/sparc/kernel/unaligned_64.c
+++ b/arch/sparc/kernel/unaligned_64.c
-@@ -279,7 +279,7 @@ static void log_unaligned(struct pt_regs *regs)
+@@ -156,17 +156,23 @@ static unsigned long *fetch_reg_addr(unsigned int reg, struct pt_regs *regs)
+ unsigned long compute_effective_address(struct pt_regs *regs,
+ unsigned int insn, unsigned int rd)
+ {
++ int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
+ unsigned int rs1 = (insn >> 14) & 0x1f;
+ unsigned int rs2 = insn & 0x1f;
+- int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
++ unsigned long addr;
+
+ if (insn & 0x2000) {
+ maybe_flush_windows(rs1, 0, rd, from_kernel);
+- return (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
++ addr = (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
+ } else {
+ maybe_flush_windows(rs1, rs2, rd, from_kernel);
+- return (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
++ addr = (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
+ }
++
++ if (!from_kernel && test_thread_flag(TIF_32BIT))
++ addr &= 0xffffffff;
++
++ return addr;
+ }
+
+ /* This is just to make gcc think die_if_kernel does return... */
+@@ -279,7 +285,7 @@ static void log_unaligned(struct pt_regs *regs)
static DEFINE_RATELIMIT_STATE(ratelimit, 5 * HZ, 5);
if (__ratelimit(&ratelimit)) {
@@ -63174,10 +63201,18 @@ index 03102d9..4ae347e 100644
}
diff --git a/fs/proc/stat.c b/fs/proc/stat.c
-index 4c9a859..0b51e6b 100644
+index 4c9a859..8c9ebb1 100644
--- a/fs/proc/stat.c
+++ b/fs/proc/stat.c
-@@ -67,6 +67,18 @@ static int show_stat(struct seq_file *p, void *v)
+@@ -11,6 +11,7 @@
+ #include <linux/irqnr.h>
+ #include <asm/cputime.h>
+ #include <linux/tick.h>
++#include <linux/grsecurity.h>
+
+ #ifndef arch_irq_stat_cpu
+ #define arch_irq_stat_cpu(cpu) 0
+@@ -67,6 +68,18 @@ static int show_stat(struct seq_file *p, void *v)
u64 sum_softirq = 0;
unsigned int per_softirq_sums[NR_SOFTIRQS] = {0};
struct timespec boottime;
@@ -63196,7 +63231,7 @@ index 4c9a859..0b51e6b 100644
user = nice = system = idle = iowait =
irq = softirq = steal = cputime64_zero;
-@@ -79,24 +91,27 @@ static int show_stat(struct seq_file *p, void *v)
+@@ -79,24 +92,27 @@ static int show_stat(struct seq_file *p, void *v)
nice = cputime64_add(nice, kstat_cpu(i).cpustat.nice);
system = cputime64_add(system, kstat_cpu(i).cpustat.system);
idle = cputime64_add(idle, get_idle_time(i));
@@ -63238,7 +63273,7 @@ index 4c9a859..0b51e6b 100644
seq_printf(p, "cpu %llu %llu %llu %llu %llu %llu %llu %llu %llu "
"%llu\n",
-@@ -116,12 +131,14 @@ static int show_stat(struct seq_file *p, void *v)
+@@ -116,12 +132,14 @@ static int show_stat(struct seq_file *p, void *v)
nice = kstat_cpu(i).cpustat.nice;
system = kstat_cpu(i).cpustat.system;
idle = get_idle_time(i);
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-05-12 12:34 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-10 16:27 [gentoo-commits] proj/hardened-patchset:master commit in: 3.14.3/, 3.2.58/ Anthony G. Basile
-- strict thread matches above, loose matches on Subject: below --
2014-05-11 11:53 Anthony G. Basile
2014-05-12 12:34 Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox