Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 4.7.2/
Date: Thu, 01 Sep 2016 16:20:40
Message-Id: 1472746798.e2a98b267048a5c634a9963b7910407d089cdc2f.blueness@gentoo
1 commit: e2a98b267048a5c634a9963b7910407d089cdc2f
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Thu Sep 1 16:19:58 2016 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Thu Sep 1 16:19:58 2016 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=e2a98b26
7
8 grsecurity-3.1-4.7.2-201608312326
9
10 4.7.2/0000_README | 2 +-
11 ...> 4420_grsecurity-3.1-4.7.2-201608312326.patch} | 129 +++++++++++++++------
12 2 files changed, 96 insertions(+), 35 deletions(-)
13
14 diff --git a/4.7.2/0000_README b/4.7.2/0000_README
15 index 0fbc43d..cfaeba4 100644
16 --- a/4.7.2/0000_README
17 +++ b/4.7.2/0000_README
18 @@ -10,7 +10,7 @@ Patch: 1001_linux-4.7.2.patch
19 From: http://www.kernel.org
20 Desc: Linux 4.7.2
21
22 -Patch: 4420_grsecurity-3.1-4.7.2-201608211829.patch
23 +Patch: 4420_grsecurity-3.1-4.7.2-201608312326.patch
24 From: http://www.grsecurity.net
25 Desc: hardened-sources base patch from upstream grsecurity
26
27
28 diff --git a/4.7.2/4420_grsecurity-3.1-4.7.2-201608211829.patch b/4.7.2/4420_grsecurity-3.1-4.7.2-201608312326.patch
29 similarity index 99%
30 rename from 4.7.2/4420_grsecurity-3.1-4.7.2-201608211829.patch
31 rename to 4.7.2/4420_grsecurity-3.1-4.7.2-201608312326.patch
32 index 6aabc5c..0653f29 100644
33 --- a/4.7.2/4420_grsecurity-3.1-4.7.2-201608211829.patch
34 +++ b/4.7.2/4420_grsecurity-3.1-4.7.2-201608312326.patch
35 @@ -23925,7 +23925,7 @@ index c3496619..3f3a7dc 100644
36 asmlinkage void smp_deferred_error_interrupt(void);
37 #endif
38 diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
39 -index 2982387..a619e60c 100644
40 +index 2982387..8adcc96 100644
41 --- a/arch/x86/include/asm/uaccess.h
42 +++ b/arch/x86/include/asm/uaccess.h
43 @@ -8,6 +8,7 @@
44 @@ -24401,7 +24401,7 @@ index 2982387..a619e60c 100644
45 - copy_from_user_overflow();
46 - else
47 - __copy_from_user_overflow(sz, n);
48 -+ if (likely(sz != (size_t)-1 && sz < n)) {
49 ++ if (unlikely(sz != (size_t)-1 && sz < n)) {
50 + if(__builtin_constant_p(n))
51 + copy_from_user_overflow();
52 + else
53 @@ -24431,7 +24431,7 @@ index 2982387..a619e60c 100644
54 - copy_to_user_overflow();
55 - else
56 - __copy_to_user_overflow(sz, n);
57 -+ if (likely(sz != (size_t)-1 && sz < n)) {
58 ++ if (unlikely(sz != (size_t)-1 && sz < n)) {
59 + if(__builtin_constant_p(n))
60 + copy_to_user_overflow();
61 + else
62 @@ -36980,7 +36980,7 @@ index 9c086c5..421e25b 100644
63 unsigned long uninitialized_var(pfn_align);
64 int i, nid;
65 diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
66 -index 7a1f7bb..b245aea 100644
67 +index 7a1f7bb..62a6748 100644
68 --- a/arch/x86/mm/pageattr.c
69 +++ b/arch/x86/mm/pageattr.c
70 @@ -258,7 +258,7 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address,
71 @@ -37015,7 +37015,7 @@ index 7a1f7bb..b245aea 100644
72 #endif
73
74 +#ifdef CONFIG_PAX_KERNEXEC
75 -+ if (within(pfn, __pa(ktla_ktva((unsigned long)&_text)), __pa((unsigned long)&_sdata))) {
76 ++ if (within(pfn, __pa(ktla_ktva((unsigned long)&_text)) >> PAGE_SHIFT, __pa((unsigned long)&_sdata) >> PAGE_SHIFT)) {
77 + pgprot_val(forbidden) |= _PAGE_RW;
78 + pgprot_val(forbidden) |= _PAGE_NX & __supported_pte_mask;
79 + }
80 @@ -95993,7 +95993,7 @@ index ae1b540..15cfacf 100644
81 fd_offset + ex.a_text);
82 if (error != N_DATADDR(ex))
83 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
84 -index a7a28110..eddc1f5 100644
85 +index a7a28110..5e00fdb 100644
86 --- a/fs/binfmt_elf.c
87 +++ b/fs/binfmt_elf.c
88 @@ -36,6 +36,7 @@
89 @@ -96605,7 +96605,15 @@ index a7a28110..eddc1f5 100644
90 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
91 current->personality |= READ_IMPLIES_EXEC;
92
93 -@@ -919,8 +1358,21 @@ static int load_elf_binary(struct linux_binprm *bprm)
94 +@@ -851,6 +1290,7 @@ static int load_elf_binary(struct linux_binprm *bprm)
95 + current->flags |= PF_RANDOMIZE;
96 +
97 + setup_new_exec(bprm);
98 ++ install_exec_creds(bprm);
99 +
100 + /* Do this so that we can load the interpreter, if need be. We will
101 + change some of these later */
102 +@@ -919,8 +1359,21 @@ static int load_elf_binary(struct linux_binprm *bprm)
103 if (current->flags & PF_RANDOMIZE)
104 load_bias += arch_mmap_rnd();
105 load_bias = ELF_PAGESTART(load_bias);
106 @@ -96629,7 +96637,7 @@ index a7a28110..eddc1f5 100644
107 if (!total_size) {
108 retval = -EINVAL;
109 goto out_free_dentry;
110 -@@ -956,9 +1408,9 @@ static int load_elf_binary(struct linux_binprm *bprm)
111 +@@ -956,9 +1409,9 @@ static int load_elf_binary(struct linux_binprm *bprm)
112 * allowed task size. Note that p_filesz must always be
113 * <= p_memsz so it is only necessary to check p_memsz.
114 */
115 @@ -96642,7 +96650,7 @@ index a7a28110..eddc1f5 100644
116 /* set_brk can never work. Avoid overflows. */
117 retval = -EINVAL;
118 goto out_free_dentry;
119 -@@ -994,16 +1446,43 @@ static int load_elf_binary(struct linux_binprm *bprm)
120 +@@ -994,16 +1447,43 @@ static int load_elf_binary(struct linux_binprm *bprm)
121 if (retval)
122 goto out_free_dentry;
123 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
124 @@ -96691,6 +96699,14 @@ index a7a28110..eddc1f5 100644
125 load_bias, interp_elf_phdata);
126 if (!IS_ERR((void *)elf_entry)) {
127 /*
128 +@@ -1042,7 +1522,6 @@ static int load_elf_binary(struct linux_binprm *bprm)
129 + goto out;
130 + #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
131 +
132 +- install_exec_creds(bprm);
133 + retval = create_elf_tables(bprm, &loc->elf_ex,
134 + load_addr, interp_load_addr);
135 + if (retval < 0)
136 @@ -1054,6 +1533,7 @@ static int load_elf_binary(struct linux_binprm *bprm)
137 current->mm->end_data = end_data;
138 current->mm->start_stack = bprm->p;
139 @@ -98766,7 +98782,7 @@ index 281b768..f39dcdf 100644
140 return 0;
141 while (nr) {
142 diff --git a/fs/dcache.c b/fs/dcache.c
143 -index 1ed81bb..85b5276 100644
144 +index 1ed81bb..3d8fde8 100644
145 --- a/fs/dcache.c
146 +++ b/fs/dcache.c
147 @@ -339,8 +339,9 @@ static inline void dentry_rcuwalk_invalidate(struct dentry *dentry)
148 @@ -98850,7 +98866,16 @@ index 1ed81bb..85b5276 100644
149 return 0;
150 }
151
152 -@@ -824,7 +827,7 @@ repeat:
153 +@@ -795,8 +798,6 @@ void dput(struct dentry *dentry)
154 + return;
155 +
156 + repeat:
157 +- might_sleep();
158 +-
159 + rcu_read_lock();
160 + if (likely(fast_dput(dentry))) {
161 + rcu_read_unlock();
162 +@@ -824,7 +825,7 @@ repeat:
163 dentry->d_flags |= DCACHE_REFERENCED;
164 dentry_lru_add(dentry);
165
166 @@ -98859,7 +98884,7 @@ index 1ed81bb..85b5276 100644
167 spin_unlock(&dentry->d_lock);
168 return;
169
170 -@@ -841,7 +844,7 @@ EXPORT_SYMBOL(dput);
171 +@@ -841,7 +842,7 @@ EXPORT_SYMBOL(dput);
172 /* This must be called with d_lock held */
173 static inline void __dget_dlock(struct dentry *dentry)
174 {
175 @@ -98868,7 +98893,7 @@ index 1ed81bb..85b5276 100644
176 }
177
178 static inline void __dget(struct dentry *dentry)
179 -@@ -882,8 +885,8 @@ repeat:
180 +@@ -882,8 +883,8 @@ repeat:
181 goto repeat;
182 }
183 rcu_read_unlock();
184 @@ -98879,7 +98904,7 @@ index 1ed81bb..85b5276 100644
185 spin_unlock(&ret->d_lock);
186 return ret;
187 }
188 -@@ -961,9 +964,9 @@ restart:
189 +@@ -961,9 +962,9 @@ restart:
190 spin_lock(&inode->i_lock);
191 hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) {
192 spin_lock(&dentry->d_lock);
193 @@ -98891,7 +98916,7 @@ index 1ed81bb..85b5276 100644
194 __dentry_kill(dentry);
195 dput(parent);
196 goto restart;
197 -@@ -998,7 +1001,7 @@ static void shrink_dentry_list(struct list_head *list)
198 +@@ -998,7 +999,7 @@ static void shrink_dentry_list(struct list_head *list)
199 * We found an inuse dentry which was not removed from
200 * the LRU because of laziness during lookup. Do not free it.
201 */
202 @@ -98900,7 +98925,7 @@ index 1ed81bb..85b5276 100644
203 spin_unlock(&dentry->d_lock);
204 if (parent)
205 spin_unlock(&parent->d_lock);
206 -@@ -1036,8 +1039,8 @@ static void shrink_dentry_list(struct list_head *list)
207 +@@ -1036,8 +1037,8 @@ static void shrink_dentry_list(struct list_head *list)
208 dentry = parent;
209 while (dentry && !lockref_put_or_lock(&dentry->d_lockref)) {
210 parent = lock_parent(dentry);
211 @@ -98911,7 +98936,7 @@ index 1ed81bb..85b5276 100644
212 spin_unlock(&dentry->d_lock);
213 if (parent)
214 spin_unlock(&parent->d_lock);
215 -@@ -1077,7 +1080,7 @@ static enum lru_status dentry_lru_isolate(struct list_head *item,
216 +@@ -1077,7 +1078,7 @@ static enum lru_status dentry_lru_isolate(struct list_head *item,
217 * counts, just remove them from the LRU. Otherwise give them
218 * another pass through the LRU.
219 */
220 @@ -98920,7 +98945,7 @@ index 1ed81bb..85b5276 100644
221 d_lru_isolate(lru, dentry);
222 spin_unlock(&dentry->d_lock);
223 return LRU_REMOVED;
224 -@@ -1414,7 +1417,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry)
225 +@@ -1414,7 +1415,7 @@ static enum d_walk_ret select_collect(void *_data, struct dentry *dentry)
226 } else {
227 if (dentry->d_flags & DCACHE_LRU_LIST)
228 d_lru_del(dentry);
229 @@ -98929,7 +98954,7 @@ index 1ed81bb..85b5276 100644
230 d_shrink_add(dentry, &data->dispose);
231 data->found++;
232 }
233 -@@ -1462,7 +1465,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry)
234 +@@ -1462,7 +1463,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry)
235 return D_WALK_CONTINUE;
236
237 /* root with refcount 1 is fine */
238 @@ -98938,7 +98963,7 @@ index 1ed81bb..85b5276 100644
239 return D_WALK_CONTINUE;
240
241 printk(KERN_ERR "BUG: Dentry %p{i=%lx,n=%pd} "
242 -@@ -1471,7 +1474,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry)
243 +@@ -1471,7 +1472,7 @@ static enum d_walk_ret umount_check(void *_data, struct dentry *dentry)
244 dentry->d_inode ?
245 dentry->d_inode->i_ino : 0UL,
246 dentry,
247 @@ -98947,7 +98972,7 @@ index 1ed81bb..85b5276 100644
248 dentry->d_sb->s_type->name,
249 dentry->d_sb->s_id);
250 WARN_ON(1);
251 -@@ -1616,7 +1619,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
252 +@@ -1616,7 +1617,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
253 dname = dentry->d_iname;
254 } else if (name->len > DNAME_INLINE_LEN-1) {
255 size_t size = offsetof(struct external_name, name[1]);
256 @@ -98956,7 +98981,7 @@ index 1ed81bb..85b5276 100644
257 GFP_KERNEL_ACCOUNT);
258 if (!p) {
259 kmem_cache_free(dentry_cache, dentry);
260 -@@ -1640,7 +1643,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
261 +@@ -1640,7 +1641,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
262 smp_wmb();
263 dentry->d_name.name = dname;
264
265 @@ -98965,7 +98990,7 @@ index 1ed81bb..85b5276 100644
266 dentry->d_flags = 0;
267 spin_lock_init(&dentry->d_lock);
268 seqcount_init(&dentry->d_seq);
269 -@@ -1649,6 +1652,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
270 +@@ -1649,6 +1650,9 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
271 dentry->d_sb = sb;
272 dentry->d_op = NULL;
273 dentry->d_fsdata = NULL;
274 @@ -98975,7 +99000,7 @@ index 1ed81bb..85b5276 100644
275 INIT_HLIST_BL_NODE(&dentry->d_hash);
276 INIT_LIST_HEAD(&dentry->d_lru);
277 INIT_LIST_HEAD(&dentry->d_subdirs);
278 -@@ -2314,7 +2320,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name)
279 +@@ -2314,7 +2318,7 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name)
280 goto next;
281 }
282
283 @@ -98984,7 +99009,7 @@ index 1ed81bb..85b5276 100644
284 found = dentry;
285 spin_unlock(&dentry->d_lock);
286 break;
287 -@@ -2382,7 +2388,7 @@ again:
288 +@@ -2382,7 +2386,7 @@ again:
289 spin_lock(&dentry->d_lock);
290 inode = dentry->d_inode;
291 isdir = S_ISDIR(inode->i_mode);
292 @@ -98993,7 +99018,7 @@ index 1ed81bb..85b5276 100644
293 if (!spin_trylock(&inode->i_lock)) {
294 spin_unlock(&dentry->d_lock);
295 cpu_relax();
296 -@@ -3601,7 +3607,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry)
297 +@@ -3601,7 +3605,7 @@ static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry)
298
299 if (!(dentry->d_flags & DCACHE_GENOCIDE)) {
300 dentry->d_flags |= DCACHE_GENOCIDE;
301 @@ -99002,7 +99027,7 @@ index 1ed81bb..85b5276 100644
302 }
303 }
304 return D_WALK_CONTINUE;
305 -@@ -3709,7 +3715,8 @@ void __init vfs_caches_init_early(void)
306 +@@ -3709,7 +3713,8 @@ void __init vfs_caches_init_early(void)
307 void __init vfs_caches_init(void)
308 {
309 names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0,
310 @@ -158510,7 +158535,7 @@ index f2280f7..c0a006f 100644
311 struct irlap_cb *self = (struct irlap_cb *) data;
312
313 diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
314 -index fc3598a..03a184e3 100644
315 +index fc3598a..6c1fb65 100644
316 --- a/net/iucv/af_iucv.c
317 +++ b/net/iucv/af_iucv.c
318 @@ -685,10 +685,10 @@ static void __iucv_auto_name(struct iucv_sock *iucv)
319 @@ -158526,6 +158551,27 @@ index fc3598a..03a184e3 100644
320 }
321 memcpy(iucv->src_name, name, 8);
322 }
323 +@@ -1326,7 +1326,7 @@ static int iucv_sock_recvmsg(struct socket *sock, struct msghdr *msg,
324 + unsigned int copied, rlen;
325 + struct sk_buff *skb, *rskb, *cskb;
326 + int err = 0;
327 +- u32 offset;
328 ++ u32 offset, class;
329 +
330 + if ((sk->sk_state == IUCV_DISCONN) &&
331 + skb_queue_empty(&iucv->backlog_skb_q) &&
332 +@@ -1370,9 +1370,8 @@ static int iucv_sock_recvmsg(struct socket *sock, struct msghdr *msg,
333 + /* create control message to store iucv msg target class:
334 + * get the trgcls from the control buffer of the skb due to
335 + * fragmentation of original iucv message. */
336 +- err = put_cmsg(msg, SOL_IUCV, SCM_IUCV_TRGCLS,
337 +- sizeof(IUCV_SKB_CB(skb)->class),
338 +- (void *)&IUCV_SKB_CB(skb)->class);
339 ++ class = IUCV_SKB_CB(skb)->class;
340 ++ err = put_cmsg(msg, SOL_IUCV, SCM_IUCV_TRGCLS, sizeof(class), &class);
341 + if (err) {
342 + if (!(flags & MSG_PEEK))
343 + skb_queue_head(&sk->sk_receive_queue, skb);
344 diff --git a/net/iucv/iucv.c b/net/iucv/iucv.c
345 index 7eaa000..2fa7f35 100644
346 --- a/net/iucv/iucv.c
347 @@ -160079,7 +160125,7 @@ index 11de55e..f25e448 100644
348 return 0;
349 }
350 diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
351 -index 627f898c..13afbf6 100644
352 +index 627f898c..32d06cc 100644
353 --- a/net/netlink/af_netlink.c
354 +++ b/net/netlink/af_netlink.c
355 @@ -287,7 +287,7 @@ static void netlink_overrun(struct sock *sk)
356 @@ -160091,7 +160137,22 @@ index 627f898c..13afbf6 100644
357 }
358
359 static void netlink_rcv_wake(struct sock *sk)
360 -@@ -2150,7 +2150,9 @@ errout_skb:
361 +@@ -1703,11 +1703,12 @@ static void netlink_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
362 + static void netlink_cmsg_listen_all_nsid(struct sock *sk, struct msghdr *msg,
363 + struct sk_buff *skb)
364 + {
365 ++ int nsid = NETLINK_CB(skb).nsid;
366 ++
367 + if (!NETLINK_CB(skb).nsid_is_set)
368 + return;
369 +
370 +- put_cmsg(msg, SOL_NETLINK, NETLINK_LISTEN_ALL_NSID, sizeof(int),
371 +- &NETLINK_CB(skb).nsid);
372 ++ put_cmsg(msg, SOL_NETLINK, NETLINK_LISTEN_ALL_NSID, sizeof(nsid), &nsid);
373 + }
374 +
375 + static int netlink_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
376 +@@ -2150,7 +2151,9 @@ errout_skb:
377
378 int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
379 const struct nlmsghdr *nlh,
380 @@ -160102,7 +160163,7 @@ index 627f898c..13afbf6 100644
381 {
382 struct netlink_callback *cb;
383 struct sock *sk;
384 -@@ -2173,7 +2175,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
385 +@@ -2173,7 +2176,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
386 goto error_unlock;
387 }
388 /* add reference of module which cb->dump belongs to */
389 @@ -160111,7 +160172,7 @@ index 627f898c..13afbf6 100644
390 ret = -EPROTONOSUPPORT;
391 goto error_unlock;
392 }
393 -@@ -2184,8 +2186,8 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
394 +@@ -2184,8 +2187,8 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
395 cb->dump = control->dump;
396 cb->done = control->done;
397 cb->nlh = nlh;
398 @@ -160122,7 +160183,7 @@ index 627f898c..13afbf6 100644
399 cb->min_dump_alloc = control->min_dump_alloc;
400 cb->skb = skb;
401
402 -@@ -2452,7 +2454,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
403 +@@ -2452,7 +2455,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
404 sk_wmem_alloc_get(s),
405 nlk->cb_running,
406 atomic_read(&s->sk_refcnt),
407 @@ -160131,7 +160192,7 @@ index 627f898c..13afbf6 100644
408 sock_i_ino(s)
409 );
410
411 -@@ -2559,7 +2561,7 @@ static void __init netlink_add_usersock_entry(void)
412 +@@ -2559,7 +2562,7 @@ static void __init netlink_add_usersock_entry(void)
413 netlink_table_ungrab();
414 }
Report Message
Find on MARC Find on Google Groups