1 |
commit: 694b56591453a2987d6633230abe447a7c7ecd61 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Jul 5 02:24:44 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jul 5 02:24:44 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=694b5659 |
7 |
|
8 |
Update Grsec/PaX |
9 |
2.2.2-2.6.32.42-201107011911 |
10 |
2.2.2-2.6.39.2-201107011911 |
11 |
|
12 |
--- |
13 |
2.6.32/0000_README | 2 +- |
14 |
..._grsecurity-2.2.2-2.6.32.42-201107011911.patch} | 664 ++++++++++++++++++-- |
15 |
2.6.39/0000_README | 2 +- |
16 |
...0_grsecurity-2.2.2-2.6.39.2-201107011911.patch} | 247 +++++++- |
17 |
4 files changed, 832 insertions(+), 83 deletions(-) |
18 |
|
19 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
20 |
index 03320de..73ac723 100644 |
21 |
--- a/2.6.32/0000_README |
22 |
+++ b/2.6.32/0000_README |
23 |
@@ -3,7 +3,7 @@ README |
24 |
|
25 |
Individual Patch Descriptions: |
26 |
----------------------------------------------------------------------------- |
27 |
-Patch: 4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch |
28 |
+Patch: 4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch |
29 |
From: http://www.grsecurity.net |
30 |
Desc: hardened-sources base patch from upstream grsecurity |
31 |
|
32 |
|
33 |
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch |
34 |
similarity index 99% |
35 |
rename from 2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch |
36 |
rename to 2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch |
37 |
index d0d2a83..568fb06 100644 |
38 |
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch |
39 |
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch |
40 |
@@ -325,8 +325,43 @@ diff -urNp linux-2.6.32.42/arch/arm/include/asm/kmap_types.h linux-2.6.32.42/arc |
41 |
|
42 |
diff -urNp linux-2.6.32.42/arch/arm/include/asm/uaccess.h linux-2.6.32.42/arch/arm/include/asm/uaccess.h |
43 |
--- linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-03-27 14:31:47.000000000 -0400 |
44 |
-+++ linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-04-17 15:56:45.000000000 -0400 |
45 |
-@@ -403,6 +403,9 @@ extern unsigned long __must_check __strn |
46 |
++++ linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-06-29 21:02:24.000000000 -0400 |
47 |
+@@ -22,6 +22,8 @@ |
48 |
+ #define VERIFY_READ 0 |
49 |
+ #define VERIFY_WRITE 1 |
50 |
+ |
51 |
++extern void check_object_size(const void *ptr, unsigned long n, bool to); |
52 |
++ |
53 |
+ /* |
54 |
+ * The exception table consists of pairs of addresses: the first is the |
55 |
+ * address of an instruction that is allowed to fault, and the second is |
56 |
+@@ -387,8 +389,23 @@ do { \ |
57 |
+ |
58 |
+ |
59 |
+ #ifdef CONFIG_MMU |
60 |
+-extern unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n); |
61 |
+-extern unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n); |
62 |
++extern unsigned long __must_check ___copy_from_user(void *to, const void __user *from, unsigned long n); |
63 |
++extern unsigned long __must_check ___copy_to_user(void __user *to, const void *from, unsigned long n); |
64 |
++ |
65 |
++static inline unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n) |
66 |
++{ |
67 |
++ if (!__builtin_constant_p(n)) |
68 |
++ check_object_size(to, n, false); |
69 |
++ return ___copy_from_user(to, from, n); |
70 |
++} |
71 |
++ |
72 |
++static inline unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n) |
73 |
++{ |
74 |
++ if (!__builtin_constant_p(n)) |
75 |
++ check_object_size(from, n, true); |
76 |
++ return ___copy_to_user(to, from, n); |
77 |
++} |
78 |
++ |
79 |
+ extern unsigned long __must_check __copy_to_user_std(void __user *to, const void *from, unsigned long n); |
80 |
+ extern unsigned long __must_check __clear_user(void __user *addr, unsigned long n); |
81 |
+ extern unsigned long __must_check __clear_user_std(void __user *addr, unsigned long n); |
82 |
+@@ -403,6 +420,9 @@ extern unsigned long __must_check __strn |
83 |
|
84 |
static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) |
85 |
{ |
86 |
@@ -336,7 +371,7 @@ diff -urNp linux-2.6.32.42/arch/arm/include/asm/uaccess.h linux-2.6.32.42/arch/a |
87 |
if (access_ok(VERIFY_READ, from, n)) |
88 |
n = __copy_from_user(to, from, n); |
89 |
else /* security hole - plug it */ |
90 |
-@@ -412,6 +415,9 @@ static inline unsigned long __must_check |
91 |
+@@ -412,6 +432,9 @@ static inline unsigned long __must_check |
92 |
|
93 |
static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) |
94 |
{ |
95 |
@@ -379,6 +414,126 @@ diff -urNp linux-2.6.32.42/arch/arm/kernel/traps.c linux-2.6.32.42/arch/arm/kern |
96 |
do_exit(SIGSEGV); |
97 |
} |
98 |
|
99 |
+diff -urNp linux-2.6.32.42/arch/arm/lib/copy_from_user.S linux-2.6.32.42/arch/arm/lib/copy_from_user.S |
100 |
+--- linux-2.6.32.42/arch/arm/lib/copy_from_user.S 2011-03-27 14:31:47.000000000 -0400 |
101 |
++++ linux-2.6.32.42/arch/arm/lib/copy_from_user.S 2011-06-29 20:48:38.000000000 -0400 |
102 |
+@@ -16,7 +16,7 @@ |
103 |
+ /* |
104 |
+ * Prototype: |
105 |
+ * |
106 |
+- * size_t __copy_from_user(void *to, const void *from, size_t n) |
107 |
++ * size_t ___copy_from_user(void *to, const void *from, size_t n) |
108 |
+ * |
109 |
+ * Purpose: |
110 |
+ * |
111 |
+@@ -84,11 +84,11 @@ |
112 |
+ |
113 |
+ .text |
114 |
+ |
115 |
+-ENTRY(__copy_from_user) |
116 |
++ENTRY(___copy_from_user) |
117 |
+ |
118 |
+ #include "copy_template.S" |
119 |
+ |
120 |
+-ENDPROC(__copy_from_user) |
121 |
++ENDPROC(___copy_from_user) |
122 |
+ |
123 |
+ .section .fixup,"ax" |
124 |
+ .align 0 |
125 |
+diff -urNp linux-2.6.32.42/arch/arm/lib/copy_to_user.S linux-2.6.32.42/arch/arm/lib/copy_to_user.S |
126 |
+--- linux-2.6.32.42/arch/arm/lib/copy_to_user.S 2011-03-27 14:31:47.000000000 -0400 |
127 |
++++ linux-2.6.32.42/arch/arm/lib/copy_to_user.S 2011-06-29 20:46:49.000000000 -0400 |
128 |
+@@ -16,7 +16,7 @@ |
129 |
+ /* |
130 |
+ * Prototype: |
131 |
+ * |
132 |
+- * size_t __copy_to_user(void *to, const void *from, size_t n) |
133 |
++ * size_t ___copy_to_user(void *to, const void *from, size_t n) |
134 |
+ * |
135 |
+ * Purpose: |
136 |
+ * |
137 |
+@@ -88,11 +88,11 @@ |
138 |
+ .text |
139 |
+ |
140 |
+ ENTRY(__copy_to_user_std) |
141 |
+-WEAK(__copy_to_user) |
142 |
++WEAK(___copy_to_user) |
143 |
+ |
144 |
+ #include "copy_template.S" |
145 |
+ |
146 |
+-ENDPROC(__copy_to_user) |
147 |
++ENDPROC(___copy_to_user) |
148 |
+ |
149 |
+ .section .fixup,"ax" |
150 |
+ .align 0 |
151 |
+diff -urNp linux-2.6.32.42/arch/arm/lib/uaccess.S linux-2.6.32.42/arch/arm/lib/uaccess.S |
152 |
+--- linux-2.6.32.42/arch/arm/lib/uaccess.S 2011-03-27 14:31:47.000000000 -0400 |
153 |
++++ linux-2.6.32.42/arch/arm/lib/uaccess.S 2011-06-29 20:48:53.000000000 -0400 |
154 |
+@@ -19,7 +19,7 @@ |
155 |
+ |
156 |
+ #define PAGE_SHIFT 12 |
157 |
+ |
158 |
+-/* Prototype: int __copy_to_user(void *to, const char *from, size_t n) |
159 |
++/* Prototype: int ___copy_to_user(void *to, const char *from, size_t n) |
160 |
+ * Purpose : copy a block to user memory from kernel memory |
161 |
+ * Params : to - user memory |
162 |
+ * : from - kernel memory |
163 |
+@@ -39,7 +39,7 @@ USER( strgtbt r3, [r0], #1) @ May fau |
164 |
+ sub r2, r2, ip |
165 |
+ b .Lc2u_dest_aligned |
166 |
+ |
167 |
+-ENTRY(__copy_to_user) |
168 |
++ENTRY(___copy_to_user) |
169 |
+ stmfd sp!, {r2, r4 - r7, lr} |
170 |
+ cmp r2, #4 |
171 |
+ blt .Lc2u_not_enough |
172 |
+@@ -277,14 +277,14 @@ USER( strgebt r3, [r0], #1) @ May fau |
173 |
+ ldrgtb r3, [r1], #0 |
174 |
+ USER( strgtbt r3, [r0], #1) @ May fault |
175 |
+ b .Lc2u_finished |
176 |
+-ENDPROC(__copy_to_user) |
177 |
++ENDPROC(___copy_to_user) |
178 |
+ |
179 |
+ .section .fixup,"ax" |
180 |
+ .align 0 |
181 |
+ 9001: ldmfd sp!, {r0, r4 - r7, pc} |
182 |
+ .previous |
183 |
+ |
184 |
+-/* Prototype: unsigned long __copy_from_user(void *to,const void *from,unsigned long n); |
185 |
++/* Prototype: unsigned long ___copy_from_user(void *to,const void *from,unsigned long n); |
186 |
+ * Purpose : copy a block from user memory to kernel memory |
187 |
+ * Params : to - kernel memory |
188 |
+ * : from - user memory |
189 |
+@@ -303,7 +303,7 @@ USER( ldrgtbt r3, [r1], #1) @ May fau |
190 |
+ sub r2, r2, ip |
191 |
+ b .Lcfu_dest_aligned |
192 |
+ |
193 |
+-ENTRY(__copy_from_user) |
194 |
++ENTRY(___copy_from_user) |
195 |
+ stmfd sp!, {r0, r2, r4 - r7, lr} |
196 |
+ cmp r2, #4 |
197 |
+ blt .Lcfu_not_enough |
198 |
+@@ -543,7 +543,7 @@ USER( ldrgebt r3, [r1], #1) @ May fau |
199 |
+ USER( ldrgtbt r3, [r1], #1) @ May fault |
200 |
+ strgtb r3, [r0], #1 |
201 |
+ b .Lcfu_finished |
202 |
+-ENDPROC(__copy_from_user) |
203 |
++ENDPROC(___copy_from_user) |
204 |
+ |
205 |
+ .section .fixup,"ax" |
206 |
+ .align 0 |
207 |
+diff -urNp linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c |
208 |
+--- linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c 2011-03-27 14:31:47.000000000 -0400 |
209 |
++++ linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c 2011-06-29 20:44:35.000000000 -0400 |
210 |
+@@ -97,7 +97,7 @@ out: |
211 |
+ } |
212 |
+ |
213 |
+ unsigned long |
214 |
+-__copy_to_user(void __user *to, const void *from, unsigned long n) |
215 |
++___copy_to_user(void __user *to, const void *from, unsigned long n) |
216 |
+ { |
217 |
+ /* |
218 |
+ * This test is stubbed out of the main function above to keep |
219 |
diff -urNp linux-2.6.32.42/arch/arm/mach-at91/pm.c linux-2.6.32.42/arch/arm/mach-at91/pm.c |
220 |
--- linux-2.6.32.42/arch/arm/mach-at91/pm.c 2011-03-27 14:31:47.000000000 -0400 |
221 |
+++ linux-2.6.32.42/arch/arm/mach-at91/pm.c 2011-04-17 15:56:45.000000000 -0400 |
222 |
@@ -6003,7 +6158,7 @@ diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_32.S linux-2.6.32.42/ar |
223 |
2: |
224 |
diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_64.S linux-2.6.32.42/arch/x86/boot/compressed/head_64.S |
225 |
--- linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-03-27 14:31:47.000000000 -0400 |
226 |
-+++ linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-04-17 15:56:46.000000000 -0400 |
227 |
++++ linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-07-01 18:53:00.000000000 -0400 |
228 |
@@ -91,7 +91,7 @@ ENTRY(startup_32) |
229 |
notl %eax |
230 |
andl %eax, %ebx |
231 |
@@ -6013,6 +6168,15 @@ diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_64.S linux-2.6.32.42/ar |
232 |
#endif |
233 |
|
234 |
/* Target address to relocate to for decompression */ |
235 |
+@@ -183,7 +183,7 @@ no_longmode: |
236 |
+ hlt |
237 |
+ jmp 1b |
238 |
+ |
239 |
+-#include "../../kernel/verify_cpu_64.S" |
240 |
++#include "../../kernel/verify_cpu.S" |
241 |
+ |
242 |
+ /* |
243 |
+ * Be careful here startup_64 needs to be at a predictable |
244 |
@@ -234,7 +234,7 @@ ENTRY(startup_64) |
245 |
notq %rax |
246 |
andq %rax, %rbp |
247 |
@@ -9945,7 +10109,7 @@ diff -urNp linux-2.6.32.42/arch/x86/include/asm/segment.h linux-2.6.32.42/arch/x |
248 |
#define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS* 8 + 3) |
249 |
diff -urNp linux-2.6.32.42/arch/x86/include/asm/smp.h linux-2.6.32.42/arch/x86/include/asm/smp.h |
250 |
--- linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-03-27 14:31:47.000000000 -0400 |
251 |
-+++ linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-04-17 15:56:46.000000000 -0400 |
252 |
++++ linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-07-01 19:00:40.000000000 -0400 |
253 |
@@ -24,7 +24,7 @@ extern unsigned int num_processors; |
254 |
DECLARE_PER_CPU(cpumask_var_t, cpu_sibling_map); |
255 |
DECLARE_PER_CPU(cpumask_var_t, cpu_core_map); |
256 |
@@ -9955,7 +10119,19 @@ diff -urNp linux-2.6.32.42/arch/x86/include/asm/smp.h linux-2.6.32.42/arch/x86/i |
257 |
|
258 |
static inline struct cpumask *cpu_sibling_mask(int cpu) |
259 |
{ |
260 |
-@@ -175,14 +175,8 @@ extern unsigned disabled_cpus __cpuinitd |
261 |
+@@ -40,10 +40,7 @@ DECLARE_EARLY_PER_CPU(u16, x86_cpu_to_ap |
262 |
+ DECLARE_EARLY_PER_CPU(u16, x86_bios_cpu_apicid); |
263 |
+ |
264 |
+ /* Static state in head.S used to set up a CPU */ |
265 |
+-extern struct { |
266 |
+- void *sp; |
267 |
+- unsigned short ss; |
268 |
+-} stack_start; |
269 |
++extern unsigned long stack_start; /* Initial stack pointer address */ |
270 |
+ |
271 |
+ struct smp_ops { |
272 |
+ void (*smp_prepare_boot_cpu)(void); |
273 |
+@@ -175,14 +172,8 @@ extern unsigned disabled_cpus __cpuinitd |
274 |
extern int safe_smp_processor_id(void); |
275 |
|
276 |
#elif defined(CONFIG_X86_64_SMP) |
277 |
@@ -11199,8 +11375,18 @@ diff -urNp linux-2.6.32.42/arch/x86/Kconfig.debug linux-2.6.32.42/arch/x86/Kconf |
278 |
in order to catch accidental (and incorrect) writes to such const |
279 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S |
280 |
--- linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-03-27 14:31:47.000000000 -0400 |
281 |
-+++ linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-04-17 15:56:46.000000000 -0400 |
282 |
-@@ -104,7 +104,7 @@ _start: |
283 |
++++ linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-07-01 18:53:40.000000000 -0400 |
284 |
+@@ -91,6 +91,9 @@ _start: |
285 |
+ /* Do any other stuff... */ |
286 |
+ |
287 |
+ #ifndef CONFIG_64BIT |
288 |
++ /* Recheck NX bit overrides (64bit path does this in trampoline) */ |
289 |
++ call verify_cpu |
290 |
++ |
291 |
+ /* This could also be done in C code... */ |
292 |
+ movl pmode_cr3, %eax |
293 |
+ movl %eax, %cr3 |
294 |
+@@ -104,7 +107,7 @@ _start: |
295 |
movl %eax, %ecx |
296 |
orl %edx, %ecx |
297 |
jz 1f |
298 |
@@ -11209,9 +11395,17 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.32.4 |
299 |
wrmsr |
300 |
1: |
301 |
|
302 |
+@@ -114,6 +117,7 @@ _start: |
303 |
+ movl pmode_cr0, %eax |
304 |
+ movl %eax, %cr0 |
305 |
+ jmp pmode_return |
306 |
++# include "../../verify_cpu.S" |
307 |
+ #else |
308 |
+ pushw $0 |
309 |
+ pushw trampoline_segment |
310 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c |
311 |
--- linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-03-27 14:31:47.000000000 -0400 |
312 |
-+++ linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-04-17 15:56:46.000000000 -0400 |
313 |
++++ linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-07-01 19:01:34.000000000 -0400 |
314 |
@@ -11,11 +11,12 @@ |
315 |
#include <linux/cpumask.h> |
316 |
#include <asm/segment.h> |
317 |
@@ -11226,10 +11420,12 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c linux-2.6.32.42/arch/x86 |
318 |
unsigned long acpi_realmode_flags; |
319 |
|
320 |
/* address in low memory of the wakeup routine. */ |
321 |
-@@ -99,8 +100,12 @@ int acpi_save_state_mem(void) |
322 |
+@@ -98,9 +99,13 @@ int acpi_save_state_mem(void) |
323 |
+ #else /* CONFIG_64BIT */ |
324 |
header->trampoline_segment = setup_trampoline() >> 4; |
325 |
#ifdef CONFIG_SMP |
326 |
- stack_start.sp = temp_stack + sizeof(temp_stack); |
327 |
+- stack_start.sp = temp_stack + sizeof(temp_stack); |
328 |
++ stack_start = (unsigned long)temp_stack + sizeof(temp_stack); |
329 |
+ |
330 |
+ pax_open_kernel(); |
331 |
early_gdt_descr.address = |
332 |
@@ -13796,7 +13992,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head32.c linux-2.6.32.42/arch/x86/ker |
333 |
/* Reserve INITRD */ |
334 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/kernel/head_32.S |
335 |
--- linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-03-27 14:31:47.000000000 -0400 |
336 |
-+++ linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-04-17 15:56:46.000000000 -0400 |
337 |
++++ linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-07-01 19:09:03.000000000 -0400 |
338 |
@@ -19,10 +19,17 @@ |
339 |
#include <asm/setup.h> |
340 |
#include <asm/processor-flags.h> |
341 |
@@ -13841,7 +14037,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
342 |
* 32-bit kernel entrypoint; only used by the boot CPU. On entry, |
343 |
* %esi points to the real-mode code as a 32-bit pointer. |
344 |
* CS and DS must be 4 GB flat segments, but we don't depend on |
345 |
-@@ -80,6 +89,13 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) |
346 |
+@@ -80,7 +89,16 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) |
347 |
* can. |
348 |
*/ |
349 |
__HEAD |
350 |
@@ -13853,12 +14049,19 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
351 |
+#endif |
352 |
+ |
353 |
ENTRY(startup_32) |
354 |
++ movl pa(stack_start),%ecx |
355 |
++ |
356 |
/* test KEEP_SEGMENTS flag to see if the bootloader is asking |
357 |
us to not reload segments */ |
358 |
-@@ -97,6 +113,57 @@ ENTRY(startup_32) |
359 |
+ testb $(1<<6), BP_loadflags(%esi) |
360 |
+@@ -95,7 +113,60 @@ ENTRY(startup_32) |
361 |
+ movl %eax,%es |
362 |
+ movl %eax,%fs |
363 |
movl %eax,%gs |
364 |
++ movl %eax,%ss |
365 |
2: |
366 |
- |
367 |
++ leal -__PAGE_OFFSET(%ecx),%esp |
368 |
++ |
369 |
+#ifdef CONFIG_SMP |
370 |
+ movl $pa(cpu_gdt_table),%edi |
371 |
+ movl $__per_cpu_load,%eax |
372 |
@@ -13909,11 +14112,10 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
373 |
+ addl $PAGE_SIZE_asm,%edi |
374 |
+ loop 1b |
375 |
+#endif |
376 |
-+ |
377 |
+ |
378 |
/* |
379 |
* Clear BSS first so that there are no surprises... |
380 |
- */ |
381 |
-@@ -140,9 +207,7 @@ ENTRY(startup_32) |
382 |
+@@ -140,9 +211,7 @@ ENTRY(startup_32) |
383 |
cmpl $num_subarch_entries, %eax |
384 |
jae bad_subarch |
385 |
|
386 |
@@ -13924,7 +14126,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
387 |
|
388 |
bad_subarch: |
389 |
WEAK(lguest_entry) |
390 |
-@@ -154,10 +219,10 @@ WEAK(xen_entry) |
391 |
+@@ -154,10 +223,10 @@ WEAK(xen_entry) |
392 |
__INITDATA |
393 |
|
394 |
subarch_entries: |
395 |
@@ -13939,7 +14141,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
396 |
num_subarch_entries = (. - subarch_entries) / 4 |
397 |
.previous |
398 |
#endif /* CONFIG_PARAVIRT */ |
399 |
-@@ -218,8 +283,11 @@ default_entry: |
400 |
+@@ -218,8 +287,11 @@ default_entry: |
401 |
movl %eax, pa(max_pfn_mapped) |
402 |
|
403 |
/* Do early initialization of the fixmap area */ |
404 |
@@ -13953,7 +14155,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
405 |
#else /* Not PAE */ |
406 |
|
407 |
page_pde_offset = (__PAGE_OFFSET >> 20); |
408 |
-@@ -249,8 +317,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); |
409 |
+@@ -249,8 +321,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); |
410 |
movl %eax, pa(max_pfn_mapped) |
411 |
|
412 |
/* Do early initialization of the fixmap area */ |
413 |
@@ -13967,7 +14169,17 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
414 |
#endif |
415 |
jmp 3f |
416 |
/* |
417 |
-@@ -297,6 +368,7 @@ ENTRY(startup_32_smp) |
418 |
+@@ -272,6 +347,9 @@ ENTRY(startup_32_smp) |
419 |
+ movl %eax,%es |
420 |
+ movl %eax,%fs |
421 |
+ movl %eax,%gs |
422 |
++ movl pa(stack_start),%ecx |
423 |
++ movl %eax,%ss |
424 |
++ leal -__PAGE_OFFSET(%ecx),%esp |
425 |
+ #endif /* CONFIG_SMP */ |
426 |
+ 3: |
427 |
+ |
428 |
+@@ -297,6 +375,7 @@ ENTRY(startup_32_smp) |
429 |
orl %edx,%eax |
430 |
movl %eax,%cr4 |
431 |
|
432 |
@@ -13975,7 +14187,18 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
433 |
btl $5, %eax # check if PAE is enabled |
434 |
jnc 6f |
435 |
|
436 |
-@@ -312,13 +384,17 @@ ENTRY(startup_32_smp) |
437 |
+@@ -305,6 +384,10 @@ ENTRY(startup_32_smp) |
438 |
+ cpuid |
439 |
+ cmpl $0x80000000, %eax |
440 |
+ jbe 6f |
441 |
++ |
442 |
++ /* Clear bogus XD_DISABLE bits */ |
443 |
++ call verify_cpu |
444 |
++ |
445 |
+ mov $0x80000001, %eax |
446 |
+ cpuid |
447 |
+ /* Execute Disable bit supported? */ |
448 |
+@@ -312,13 +395,17 @@ ENTRY(startup_32_smp) |
449 |
jnc 6f |
450 |
|
451 |
/* Setup EFER (Extended Feature Enable Register) */ |
452 |
@@ -13994,18 +14217,29 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
453 |
6: |
454 |
|
455 |
/* |
456 |
-@@ -344,9 +420,7 @@ ENTRY(startup_32_smp) |
457 |
+@@ -331,8 +418,8 @@ ENTRY(startup_32_smp) |
458 |
+ movl %eax,%cr0 /* ..and set paging (PG) bit */ |
459 |
+ ljmp $__BOOT_CS,$1f /* Clear prefetch and normalize %eip */ |
460 |
+ 1: |
461 |
+- /* Set up the stack pointer */ |
462 |
+- lss stack_start,%esp |
463 |
++ /* Shift the stack pointer to a virtual address */ |
464 |
++ addl $__PAGE_OFFSET, %esp |
465 |
+ |
466 |
+ /* |
467 |
+ * Initialize eflags. Some BIOS's leave bits like NT set. This would |
468 |
+@@ -344,9 +431,7 @@ ENTRY(startup_32_smp) |
469 |
|
470 |
#ifdef CONFIG_SMP |
471 |
cmpb $0, ready |
472 |
- jz 1f /* Initial CPU cleans BSS */ |
473 |
- jmp checkCPUtype |
474 |
-1: |
475 |
-+ jnz checkCPUtype /* Initial CPU cleans BSS */ |
476 |
++ jnz checkCPUtype |
477 |
#endif /* CONFIG_SMP */ |
478 |
|
479 |
/* |
480 |
-@@ -424,7 +498,7 @@ is386: movl $2,%ecx # set MP |
481 |
+@@ -424,7 +509,7 @@ is386: movl $2,%ecx # set MP |
482 |
1: movl $(__KERNEL_DS),%eax # reload all the segment registers |
483 |
movl %eax,%ss # after changing gdt. |
484 |
|
485 |
@@ -14014,7 +14248,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
486 |
movl %eax,%ds |
487 |
movl %eax,%es |
488 |
|
489 |
-@@ -438,15 +512,22 @@ is386: movl $2,%ecx # set MP |
490 |
+@@ -438,15 +523,22 @@ is386: movl $2,%ecx # set MP |
491 |
*/ |
492 |
cmpb $0,ready |
493 |
jne 1f |
494 |
@@ -14039,18 +14273,22 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
495 |
movl %eax,%gs |
496 |
|
497 |
xorl %eax,%eax # Clear LDT |
498 |
-@@ -457,10 +538,6 @@ is386: movl $2,%ecx # set MP |
499 |
- #ifdef CONFIG_SMP |
500 |
- movb ready, %cl |
501 |
+@@ -454,14 +546,7 @@ is386: movl $2,%ecx # set MP |
502 |
+ |
503 |
+ cld # gcc2 wants the direction flag cleared at all times |
504 |
+ pushl $0 # fake return address for unwinder |
505 |
+-#ifdef CONFIG_SMP |
506 |
+- movb ready, %cl |
507 |
movb $1, ready |
508 |
- cmpb $0,%cl # the first CPU calls start_kernel |
509 |
- je 1f |
510 |
- movl (stack_start), %esp |
511 |
-1: |
512 |
- #endif /* CONFIG_SMP */ |
513 |
+-#endif /* CONFIG_SMP */ |
514 |
jmp *(initial_code) |
515 |
|
516 |
-@@ -546,22 +623,22 @@ early_page_fault: |
517 |
+ /* |
518 |
+@@ -546,22 +631,22 @@ early_page_fault: |
519 |
jmp early_fault |
520 |
|
521 |
early_fault: |
522 |
@@ -14078,7 +14316,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
523 |
hlt_loop: |
524 |
hlt |
525 |
jmp hlt_loop |
526 |
-@@ -569,8 +646,11 @@ hlt_loop: |
527 |
+@@ -569,8 +654,11 @@ hlt_loop: |
528 |
/* This is the default interrupt "handler" :-) */ |
529 |
ALIGN |
530 |
ignore_int: |
531 |
@@ -14091,7 +14329,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
532 |
pushl %eax |
533 |
pushl %ecx |
534 |
pushl %edx |
535 |
-@@ -579,9 +659,6 @@ ignore_int: |
536 |
+@@ -579,9 +667,6 @@ ignore_int: |
537 |
movl $(__KERNEL_DS),%eax |
538 |
movl %eax,%ds |
539 |
movl %eax,%es |
540 |
@@ -14101,7 +14339,16 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
541 |
pushl 16(%esp) |
542 |
pushl 24(%esp) |
543 |
pushl 32(%esp) |
544 |
-@@ -610,31 +687,47 @@ ENTRY(initial_page_table) |
545 |
+@@ -600,6 +685,8 @@ ignore_int: |
546 |
+ #endif |
547 |
+ iret |
548 |
+ |
549 |
++#include "verify_cpu.S" |
550 |
++ |
551 |
+ __REFDATA |
552 |
+ .align 4 |
553 |
+ ENTRY(initial_code) |
554 |
+@@ -610,31 +697,47 @@ ENTRY(initial_page_table) |
555 |
/* |
556 |
* BSS section |
557 |
*/ |
558 |
@@ -14154,7 +14401,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
559 |
ENTRY(swapper_pg_dir) |
560 |
.long pa(swapper_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ |
561 |
# if KPMDS == 3 |
562 |
-@@ -653,15 +746,24 @@ ENTRY(swapper_pg_dir) |
563 |
+@@ -653,15 +756,24 @@ ENTRY(swapper_pg_dir) |
564 |
# error "Kernel PMDs should be 1, 2 or 3" |
565 |
# endif |
566 |
.align PAGE_SIZE_asm /* needs to be page-sized too */ |
567 |
@@ -14169,10 +14416,11 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
568 |
#endif |
569 |
|
570 |
.data |
571 |
++.balign 4 |
572 |
ENTRY(stack_start) |
573 |
- .long init_thread_union+THREAD_SIZE |
574 |
+- .long __BOOT_DS |
575 |
+ .long init_thread_union+THREAD_SIZE-8 |
576 |
- .long __BOOT_DS |
577 |
|
578 |
ready: .byte 0 |
579 |
|
580 |
@@ -14180,7 +14428,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
581 |
early_recursion_flag: |
582 |
.long 0 |
583 |
|
584 |
-@@ -697,7 +799,7 @@ fault_msg: |
585 |
+@@ -697,7 +809,7 @@ fault_msg: |
586 |
.word 0 # 32 bit align gdt_desc.address |
587 |
boot_gdt_descr: |
588 |
.word __BOOT_DS+7 |
589 |
@@ -14189,7 +14437,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
590 |
|
591 |
.word 0 # 32-bit align idt_desc.address |
592 |
idt_descr: |
593 |
-@@ -708,7 +810,7 @@ idt_descr: |
594 |
+@@ -708,7 +820,7 @@ idt_descr: |
595 |
.word 0 # 32 bit align gdt_desc.address |
596 |
ENTRY(early_gdt_descr) |
597 |
.word GDT_ENTRIES*8-1 |
598 |
@@ -14198,7 +14446,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke |
599 |
|
600 |
/* |
601 |
* The boot_gdt must mirror the equivalent in setup.S and is |
602 |
-@@ -717,5 +819,65 @@ ENTRY(early_gdt_descr) |
603 |
+@@ -717,5 +829,65 @@ ENTRY(early_gdt_descr) |
604 |
.align L1_CACHE_BYTES |
605 |
ENTRY(boot_gdt) |
606 |
.fill GDT_ENTRY_BOOT_CS,8,0 |
607 |
@@ -16160,7 +16408,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/signal.c linux-2.6.32.42/arch/x86/ker |
608 |
if (current_thread_info()->status & TS_RESTORE_SIGMASK) |
609 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/kernel/smpboot.c |
610 |
--- linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-03-27 14:31:47.000000000 -0400 |
611 |
-+++ linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-05-11 18:25:15.000000000 -0400 |
612 |
++++ linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-07-01 19:10:03.000000000 -0400 |
613 |
@@ -94,14 +94,14 @@ static DEFINE_PER_CPU(struct task_struct |
614 |
*/ |
615 |
static DEFINE_MUTEX(x86_cpu_hotplug_driver_mutex); |
616 |
@@ -16180,6 +16428,15 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke |
617 |
} |
618 |
|
619 |
ssize_t arch_cpu_probe(const char *buf, size_t count) { return -1; } |
620 |
+@@ -625,7 +625,7 @@ wakeup_secondary_cpu_via_init(int phys_a |
621 |
+ * target processor state. |
622 |
+ */ |
623 |
+ startup_ipi_hook(phys_apicid, (unsigned long) start_secondary, |
624 |
+- (unsigned long)stack_start.sp); |
625 |
++ stack_start); |
626 |
+ |
627 |
+ /* |
628 |
+ * Run STARTUP IPI loop. |
629 |
@@ -743,6 +743,7 @@ static int __cpuinit do_boot_cpu(int api |
630 |
set_idle_for_cpu(cpu, c_idle.idle); |
631 |
do_rest: |
632 |
@@ -16188,7 +16445,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke |
633 |
#ifdef CONFIG_X86_32 |
634 |
/* Stack for startup_32 can be just as for start_secondary onwards */ |
635 |
irq_ctx_init(cpu); |
636 |
-@@ -750,11 +751,13 @@ do_rest: |
637 |
+@@ -750,13 +751,15 @@ do_rest: |
638 |
#else |
639 |
clear_tsk_thread_flag(c_idle.idle, TIF_FORK); |
640 |
initial_gs = per_cpu_offset(cpu); |
641 |
@@ -16203,8 +16460,11 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke |
642 |
+ pax_close_kernel(); |
643 |
+ |
644 |
initial_code = (unsigned long)start_secondary; |
645 |
- stack_start.sp = (void *) c_idle.idle->thread.sp; |
646 |
+- stack_start.sp = (void *) c_idle.idle->thread.sp; |
647 |
++ stack_start = c_idle.idle->thread.sp; |
648 |
|
649 |
+ /* start_ip had better be page-aligned! */ |
650 |
+ start_ip = setup_trampoline(); |
651 |
@@ -891,6 +894,12 @@ int __cpuinit native_cpu_up(unsigned int |
652 |
|
653 |
per_cpu(cpu_state, cpu) = CPU_UP_PREPARE; |
654 |
@@ -16819,7 +17079,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_32.S linux-2.6.32.42/arch/ |
655 |
# hence we don't use the boot_gdt_descr defined in head.S |
656 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_64.S linux-2.6.32.42/arch/x86/kernel/trampoline_64.S |
657 |
--- linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-03-27 14:31:47.000000000 -0400 |
658 |
-+++ linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-04-17 15:56:46.000000000 -0400 |
659 |
++++ linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-07-01 18:53:26.000000000 -0400 |
660 |
@@ -91,7 +91,7 @@ startup_32: |
661 |
movl $__KERNEL_DS, %eax # Initialize the %ds segment register |
662 |
movl %eax, %ds |
663 |
@@ -16829,6 +17089,15 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_64.S linux-2.6.32.42/arch/ |
664 |
movl %eax, %cr4 # Enable PAE mode |
665 |
|
666 |
# Setup trampoline 4 level pagetables |
667 |
+@@ -127,7 +127,7 @@ startup_64: |
668 |
+ no_longmode: |
669 |
+ hlt |
670 |
+ jmp no_longmode |
671 |
+-#include "verify_cpu_64.S" |
672 |
++#include "verify_cpu.S" |
673 |
+ |
674 |
+ # Careful these need to be in the same 64K segment as the above; |
675 |
+ tidt: |
676 |
@@ -138,7 +138,7 @@ tidt: |
677 |
# so the kernel can live anywhere |
678 |
.balign 4 |
679 |
@@ -17009,6 +17278,259 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/traps.c linux-2.6.32.42/arch/x86/kern |
680 |
|
681 |
if (!tsk_used_math(tsk)) { |
682 |
local_irq_enable(); |
683 |
+diff -urNp linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S |
684 |
+--- linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S 2011-03-27 14:31:47.000000000 -0400 |
685 |
++++ linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S 1969-12-31 19:00:00.000000000 -0500 |
686 |
+@@ -1,105 +0,0 @@ |
687 |
+-/* |
688 |
+- * |
689 |
+- * verify_cpu.S - Code for cpu long mode and SSE verification. This |
690 |
+- * code has been borrowed from boot/setup.S and was introduced by |
691 |
+- * Andi Kleen. |
692 |
+- * |
693 |
+- * Copyright (c) 2007 Andi Kleen (ak@××××.de) |
694 |
+- * Copyright (c) 2007 Eric Biederman (ebiederm@××××××××.com) |
695 |
+- * Copyright (c) 2007 Vivek Goyal (vgoyal@××××××.com) |
696 |
+- * |
697 |
+- * This source code is licensed under the GNU General Public License, |
698 |
+- * Version 2. See the file COPYING for more details. |
699 |
+- * |
700 |
+- * This is a common code for verification whether CPU supports |
701 |
+- * long mode and SSE or not. It is not called directly instead this |
702 |
+- * file is included at various places and compiled in that context. |
703 |
+- * Following are the current usage. |
704 |
+- * |
705 |
+- * This file is included by both 16bit and 32bit code. |
706 |
+- * |
707 |
+- * arch/x86_64/boot/setup.S : Boot cpu verification (16bit) |
708 |
+- * arch/x86_64/boot/compressed/head.S: Boot cpu verification (32bit) |
709 |
+- * arch/x86_64/kernel/trampoline.S: secondary processor verfication (16bit) |
710 |
+- * arch/x86_64/kernel/acpi/wakeup.S:Verfication at resume (16bit) |
711 |
+- * |
712 |
+- * verify_cpu, returns the status of cpu check in register %eax. |
713 |
+- * 0: Success 1: Failure |
714 |
+- * |
715 |
+- * The caller needs to check for the error code and take the action |
716 |
+- * appropriately. Either display a message or halt. |
717 |
+- */ |
718 |
+- |
719 |
+-#include <asm/cpufeature.h> |
720 |
+- |
721 |
+-verify_cpu: |
722 |
+- pushfl # Save caller passed flags |
723 |
+- pushl $0 # Kill any dangerous flags |
724 |
+- popfl |
725 |
+- |
726 |
+- pushfl # standard way to check for cpuid |
727 |
+- popl %eax |
728 |
+- movl %eax,%ebx |
729 |
+- xorl $0x200000,%eax |
730 |
+- pushl %eax |
731 |
+- popfl |
732 |
+- pushfl |
733 |
+- popl %eax |
734 |
+- cmpl %eax,%ebx |
735 |
+- jz verify_cpu_no_longmode # cpu has no cpuid |
736 |
+- |
737 |
+- movl $0x0,%eax # See if cpuid 1 is implemented |
738 |
+- cpuid |
739 |
+- cmpl $0x1,%eax |
740 |
+- jb verify_cpu_no_longmode # no cpuid 1 |
741 |
+- |
742 |
+- xor %di,%di |
743 |
+- cmpl $0x68747541,%ebx # AuthenticAMD |
744 |
+- jnz verify_cpu_noamd |
745 |
+- cmpl $0x69746e65,%edx |
746 |
+- jnz verify_cpu_noamd |
747 |
+- cmpl $0x444d4163,%ecx |
748 |
+- jnz verify_cpu_noamd |
749 |
+- mov $1,%di # cpu is from AMD |
750 |
+- |
751 |
+-verify_cpu_noamd: |
752 |
+- movl $0x1,%eax # Does the cpu have what it takes |
753 |
+- cpuid |
754 |
+- andl $REQUIRED_MASK0,%edx |
755 |
+- xorl $REQUIRED_MASK0,%edx |
756 |
+- jnz verify_cpu_no_longmode |
757 |
+- |
758 |
+- movl $0x80000000,%eax # See if extended cpuid is implemented |
759 |
+- cpuid |
760 |
+- cmpl $0x80000001,%eax |
761 |
+- jb verify_cpu_no_longmode # no extended cpuid |
762 |
+- |
763 |
+- movl $0x80000001,%eax # Does the cpu have what it takes |
764 |
+- cpuid |
765 |
+- andl $REQUIRED_MASK1,%edx |
766 |
+- xorl $REQUIRED_MASK1,%edx |
767 |
+- jnz verify_cpu_no_longmode |
768 |
+- |
769 |
+-verify_cpu_sse_test: |
770 |
+- movl $1,%eax |
771 |
+- cpuid |
772 |
+- andl $SSE_MASK,%edx |
773 |
+- cmpl $SSE_MASK,%edx |
774 |
+- je verify_cpu_sse_ok |
775 |
+- test %di,%di |
776 |
+- jz verify_cpu_no_longmode # only try to force SSE on AMD |
777 |
+- movl $0xc0010015,%ecx # HWCR |
778 |
+- rdmsr |
779 |
+- btr $15,%eax # enable SSE |
780 |
+- wrmsr |
781 |
+- xor %di,%di # don't loop |
782 |
+- jmp verify_cpu_sse_test # try again |
783 |
+- |
784 |
+-verify_cpu_no_longmode: |
785 |
+- popfl # Restore caller passed flags |
786 |
+- movl $1,%eax |
787 |
+- ret |
788 |
+-verify_cpu_sse_ok: |
789 |
+- popfl # Restore caller passed flags |
790 |
+- xorl %eax, %eax |
791 |
+- ret |
792 |
+diff -urNp linux-2.6.32.42/arch/x86/kernel/verify_cpu.S linux-2.6.32.42/arch/x86/kernel/verify_cpu.S |
793 |
+--- linux-2.6.32.42/arch/x86/kernel/verify_cpu.S 1969-12-31 19:00:00.000000000 -0500 |
794 |
++++ linux-2.6.32.42/arch/x86/kernel/verify_cpu.S 2011-07-01 18:28:42.000000000 -0400 |
795 |
+@@ -0,0 +1,140 @@ |
796 |
++/* |
797 |
++ * |
798 |
++ * verify_cpu.S - Code for cpu long mode and SSE verification. This |
799 |
++ * code has been borrowed from boot/setup.S and was introduced by |
800 |
++ * Andi Kleen. |
801 |
++ * |
802 |
++ * Copyright (c) 2007 Andi Kleen (ak@××××.de) |
803 |
++ * Copyright (c) 2007 Eric Biederman (ebiederm@××××××××.com) |
804 |
++ * Copyright (c) 2007 Vivek Goyal (vgoyal@××××××.com) |
805 |
++ * Copyright (c) 2010 Kees Cook (kees.cook@×××××××××.com) |
806 |
++ * |
807 |
++ * This source code is licensed under the GNU General Public License, |
808 |
++ * Version 2. See the file COPYING for more details. |
809 |
++ * |
810 |
++ * This is a common code for verification whether CPU supports |
811 |
++ * long mode and SSE or not. It is not called directly instead this |
812 |
++ * file is included at various places and compiled in that context. |
813 |
++ * This file is expected to run in 32bit code. Currently: |
814 |
++ * |
815 |
++ * arch/x86/boot/compressed/head_64.S: Boot cpu verification |
816 |
++ * arch/x86/kernel/trampoline_64.S: secondary processor verification |
817 |
++ * arch/x86/kernel/head_32.S: processor startup |
818 |
++ * arch/x86/kernel/acpi/realmode/wakeup.S: 32bit processor resume |
819 |
++ * |
820 |
++ * verify_cpu, returns the status of longmode and SSE in register %eax. |
821 |
++ * 0: Success 1: Failure |
822 |
++ * |
823 |
++ * On Intel, the XD_DISABLE flag will be cleared as a side-effect. |
824 |
++ * |
825 |
++ * The caller needs to check for the error code and take the action |
826 |
++ * appropriately. Either display a message or halt. |
827 |
++ */ |
828 |
++ |
829 |
++#include <asm/cpufeature.h> |
830 |
++#include <asm/msr-index.h> |
831 |
++ |
832 |
++verify_cpu: |
833 |
++ pushfl # Save caller passed flags |
834 |
++ pushl $0 # Kill any dangerous flags |
835 |
++ popfl |
836 |
++ |
837 |
++ pushfl # standard way to check for cpuid |
838 |
++ popl %eax |
839 |
++ movl %eax,%ebx |
840 |
++ xorl $0x200000,%eax |
841 |
++ pushl %eax |
842 |
++ popfl |
843 |
++ pushfl |
844 |
++ popl %eax |
845 |
++ cmpl %eax,%ebx |
846 |
++ jz verify_cpu_no_longmode # cpu has no cpuid |
847 |
++ |
848 |
++ movl $0x0,%eax # See if cpuid 1 is implemented |
849 |
++ cpuid |
850 |
++ cmpl $0x1,%eax |
851 |
++ jb verify_cpu_no_longmode # no cpuid 1 |
852 |
++ |
853 |
++ xor %di,%di |
854 |
++ cmpl $0x68747541,%ebx # AuthenticAMD |
855 |
++ jnz verify_cpu_noamd |
856 |
++ cmpl $0x69746e65,%edx |
857 |
++ jnz verify_cpu_noamd |
858 |
++ cmpl $0x444d4163,%ecx |
859 |
++ jnz verify_cpu_noamd |
860 |
++ mov $1,%di # cpu is from AMD |
861 |
++ jmp verify_cpu_check |
862 |
++ |
863 |
++verify_cpu_noamd: |
864 |
++ cmpl $0x756e6547,%ebx # GenuineIntel? |
865 |
++ jnz verify_cpu_check |
866 |
++ cmpl $0x49656e69,%edx |
867 |
++ jnz verify_cpu_check |
868 |
++ cmpl $0x6c65746e,%ecx |
869 |
++ jnz verify_cpu_check |
870 |
++ |
871 |
++ # only call IA32_MISC_ENABLE when: |
872 |
++ # family > 6 || (family == 6 && model >= 0xd) |
873 |
++ movl $0x1, %eax # check CPU family and model |
874 |
++ cpuid |
875 |
++ movl %eax, %ecx |
876 |
++ |
877 |
++ andl $0x0ff00f00, %eax # mask family and extended family |
878 |
++ shrl $8, %eax |
879 |
++ cmpl $6, %eax |
880 |
++ ja verify_cpu_clear_xd # family > 6, ok |
881 |
++ jb verify_cpu_check # family < 6, skip |
882 |
++ |
883 |
++ andl $0x000f00f0, %ecx # mask model and extended model |
884 |
++ shrl $4, %ecx |
885 |
++ cmpl $0xd, %ecx |
886 |
++ jb verify_cpu_check # family == 6, model < 0xd, skip |
887 |
++ |
888 |
++verify_cpu_clear_xd: |
889 |
++ movl $MSR_IA32_MISC_ENABLE, %ecx |
890 |
++ rdmsr |
891 |
++ btrl $2, %edx # clear MSR_IA32_MISC_ENABLE_XD_DISABLE |
892 |
++ jnc verify_cpu_check # only write MSR if bit was changed |
893 |
++ wrmsr |
894 |
++ |
895 |
++verify_cpu_check: |
896 |
++ movl $0x1,%eax # Does the cpu have what it takes |
897 |
++ cpuid |
898 |
++ andl $REQUIRED_MASK0,%edx |
899 |
++ xorl $REQUIRED_MASK0,%edx |
900 |
++ jnz verify_cpu_no_longmode |
901 |
++ |
902 |
++ movl $0x80000000,%eax # See if extended cpuid is implemented |
903 |
++ cpuid |
904 |
++ cmpl $0x80000001,%eax |
905 |
++ jb verify_cpu_no_longmode # no extended cpuid |
906 |
++ |
907 |
++ movl $0x80000001,%eax # Does the cpu have what it takes |
908 |
++ cpuid |
909 |
++ andl $REQUIRED_MASK1,%edx |
910 |
++ xorl $REQUIRED_MASK1,%edx |
911 |
++ jnz verify_cpu_no_longmode |
912 |
++ |
913 |
++verify_cpu_sse_test: |
914 |
++ movl $1,%eax |
915 |
++ cpuid |
916 |
++ andl $SSE_MASK,%edx |
917 |
++ cmpl $SSE_MASK,%edx |
918 |
++ je verify_cpu_sse_ok |
919 |
++ test %di,%di |
920 |
++ jz verify_cpu_no_longmode # only try to force SSE on AMD |
921 |
++ movl $MSR_K7_HWCR,%ecx |
922 |
++ rdmsr |
923 |
++ btr $15,%eax # enable SSE |
924 |
++ wrmsr |
925 |
++ xor %di,%di # don't loop |
926 |
++ jmp verify_cpu_sse_test # try again |
927 |
++ |
928 |
++verify_cpu_no_longmode: |
929 |
++ popfl # Restore caller passed flags |
930 |
++ movl $1,%eax |
931 |
++ ret |
932 |
++verify_cpu_sse_ok: |
933 |
++ popfl # Restore caller passed flags |
934 |
++ xorl %eax, %eax |
935 |
++ ret |
936 |
diff -urNp linux-2.6.32.42/arch/x86/kernel/vm86_32.c linux-2.6.32.42/arch/x86/kernel/vm86_32.c |
937 |
--- linux-2.6.32.42/arch/x86/kernel/vm86_32.c 2011-03-27 14:31:47.000000000 -0400 |
938 |
+++ linux-2.6.32.42/arch/x86/kernel/vm86_32.c 2011-04-17 15:56:46.000000000 -0400 |
939 |
@@ -50542,8 +51064,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_fork.c linux-2.6.32.42/grsecurity/gr |
940 |
+} |
941 |
diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/grsec_init.c |
942 |
--- linux-2.6.32.42/grsecurity/grsec_init.c 1969-12-31 19:00:00.000000000 -0500 |
943 |
-+++ linux-2.6.32.42/grsecurity/grsec_init.c 2011-04-17 15:56:46.000000000 -0400 |
944 |
-@@ -0,0 +1,270 @@ |
945 |
++++ linux-2.6.32.42/grsecurity/grsec_init.c 2011-06-29 19:35:26.000000000 -0400 |
946 |
+@@ -0,0 +1,274 @@ |
947 |
+#include <linux/kernel.h> |
948 |
+#include <linux/sched.h> |
949 |
+#include <linux/mm.h> |
950 |
@@ -50554,6 +51076,7 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/gr |
951 |
+#include <linux/percpu.h> |
952 |
+#include <linux/module.h> |
953 |
+ |
954 |
++int grsec_enable_brute; |
955 |
+int grsec_enable_link; |
956 |
+int grsec_enable_dmesg; |
957 |
+int grsec_enable_harden_ptrace; |
958 |
@@ -50718,6 +51241,9 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/gr |
959 |
+#ifdef CONFIG_GRKERNSEC_LINK |
960 |
+ grsec_enable_link = 1; |
961 |
+#endif |
962 |
++#ifdef CONFIG_GRKERNSEC_BRUTE |
963 |
++ grsec_enable_brute = 1; |
964 |
++#endif |
965 |
+#ifdef CONFIG_GRKERNSEC_DMESG |
966 |
+ grsec_enable_dmesg = 1; |
967 |
+#endif |
968 |
@@ -51338,8 +51864,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_ptrace.c linux-2.6.32.42/grsecurity/ |
969 |
+} |
970 |
diff -urNp linux-2.6.32.42/grsecurity/grsec_sig.c linux-2.6.32.42/grsecurity/grsec_sig.c |
971 |
--- linux-2.6.32.42/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500 |
972 |
-+++ linux-2.6.32.42/grsecurity/grsec_sig.c 2011-05-17 17:30:04.000000000 -0400 |
973 |
-@@ -0,0 +1,202 @@ |
974 |
++++ linux-2.6.32.42/grsecurity/grsec_sig.c 2011-06-29 19:40:31.000000000 -0400 |
975 |
+@@ -0,0 +1,205 @@ |
976 |
+#include <linux/kernel.h> |
977 |
+#include <linux/sched.h> |
978 |
+#include <linux/delay.h> |
979 |
@@ -51431,6 +51957,9 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sig.c linux-2.6.32.42/grsecurity/grs |
980 |
+#ifdef CONFIG_GRKERNSEC_BRUTE |
981 |
+ uid_t uid = 0; |
982 |
+ |
983 |
++ if (!grsec_enable_brute) |
984 |
++ return; |
985 |
++ |
986 |
+ rcu_read_lock(); |
987 |
+ read_lock(&tasklist_lock); |
988 |
+ read_lock(&grsec_exec_file_lock); |
989 |
@@ -51823,8 +52352,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sock.c linux-2.6.32.42/grsecurity/gr |
990 |
+} |
991 |
diff -urNp linux-2.6.32.42/grsecurity/grsec_sysctl.c linux-2.6.32.42/grsecurity/grsec_sysctl.c |
992 |
--- linux-2.6.32.42/grsecurity/grsec_sysctl.c 1969-12-31 19:00:00.000000000 -0500 |
993 |
-+++ linux-2.6.32.42/grsecurity/grsec_sysctl.c 2011-04-17 15:56:46.000000000 -0400 |
994 |
-@@ -0,0 +1,479 @@ |
995 |
++++ linux-2.6.32.42/grsecurity/grsec_sysctl.c 2011-06-29 19:37:19.000000000 -0400 |
996 |
+@@ -0,0 +1,489 @@ |
997 |
+#include <linux/kernel.h> |
998 |
+#include <linux/sched.h> |
999 |
+#include <linux/sysctl.h> |
1000 |
@@ -51872,6 +52401,16 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sysctl.c linux-2.6.32.42/grsecurity/ |
1001 |
+ .proc_handler = &proc_dointvec, |
1002 |
+ }, |
1003 |
+#endif |
1004 |
++#ifdef CONFIG_GRKERNSEC_BRUTE |
1005 |
++ { |
1006 |
++ .ctl_name = CTL_UNNUMBERED, |
1007 |
++ .procname = "deter_bruteforce", |
1008 |
++ .data = &grsec_enable_brute, |
1009 |
++ .maxlen = sizeof(int), |
1010 |
++ .mode = 0600, |
1011 |
++ .proc_handler = &proc_dointvec, |
1012 |
++ }, |
1013 |
++#endif |
1014 |
+#ifdef CONFIG_GRKERNSEC_FIFO |
1015 |
+ { |
1016 |
+ .ctl_name = CTL_UNNUMBERED, |
1017 |
@@ -52434,8 +52973,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsum.c linux-2.6.32.42/grsecurity/grsum.c |
1018 |
+} |
1019 |
diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1020 |
--- linux-2.6.32.42/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500 |
1021 |
-+++ linux-2.6.32.42/grsecurity/Kconfig 2011-06-13 21:34:09.000000000 -0400 |
1022 |
-@@ -0,0 +1,1045 @@ |
1023 |
++++ linux-2.6.32.42/grsecurity/Kconfig 2011-06-29 20:55:13.000000000 -0400 |
1024 |
+@@ -0,0 +1,1047 @@ |
1025 |
+# |
1026 |
+# grecurity configuration |
1027 |
+# |
1028 |
@@ -52514,7 +53053,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1029 |
+ select PAX_ASLR |
1030 |
+ select PAX_RANDMMAP |
1031 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
1032 |
-+ select PAX_USERCOPY if ((X86 || SPARC32 || SPARC64 || PPC) && (SLAB || SLUB || SLOB)) |
1033 |
++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) |
1034 |
+ |
1035 |
+ help |
1036 |
+ If you say Y here, several features in addition to those included |
1037 |
@@ -52578,7 +53117,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1038 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
1039 |
+ select GRKERNSEC_HARDEN_PTRACE |
1040 |
+ select GRKERNSEC_VM86 if (X86_32) |
1041 |
-+ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC32 || SPARC64) |
1042 |
++ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC) |
1043 |
+ select PAX |
1044 |
+ select PAX_RANDUSTACK |
1045 |
+ select PAX_ASLR |
1046 |
@@ -52593,13 +53132,13 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1047 |
+ select PAX_RANDKSTACK if (X86_TSC && X86) |
1048 |
+ select PAX_SEGMEXEC if (X86_32) |
1049 |
+ select PAX_PAGEEXEC |
1050 |
-+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC32 || SPARC64) |
1051 |
++ select PAX_EMUPLT if (ALPHA || PARISC || SPARC) |
1052 |
+ select PAX_EMUTRAMP if (PARISC) |
1053 |
+ select PAX_EMUSIGRT if (PARISC) |
1054 |
+ select PAX_ETEXECRELOCS if (ALPHA || IA64 || PARISC) |
1055 |
+ select PAX_ELFRELOCS if (PAX_ETEXECRELOCS || (IA64 || PPC || X86)) |
1056 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
1057 |
-+ select PAX_USERCOPY if ((X86 || PPC || SPARC32 || SPARC64) && (SLAB || SLUB || SLOB)) |
1058 |
++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) |
1059 |
+ help |
1060 |
+ If you say Y here, many of the features of grsecurity will be |
1061 |
+ enabled, which will protect you against many kinds of attacks |
1062 |
@@ -52729,6 +53268,8 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1063 |
+ It is recommended that you also enable signal logging in the auditing |
1064 |
+ section so that logs are generated when a process triggers a suspicious |
1065 |
+ signal. |
1066 |
++ If the sysctl option is enabled, a sysctl option with name |
1067 |
++ "deter_bruteforce" is created. |
1068 |
+ |
1069 |
+config GRKERNSEC_MODHARDEN |
1070 |
+ bool "Harden module auto-loading" |
1071 |
@@ -52778,7 +53319,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig |
1072 |
+ |
1073 |
+config GRKERNSEC_KERN_LOCKOUT |
1074 |
+ bool "Active kernel exploit response" |
1075 |
-+ depends on X86 || ARM || PPC || SPARC32 || SPARC64 |
1076 |
++ depends on X86 || ARM || PPC || SPARC |
1077 |
+ help |
1078 |
+ If you say Y here, when a PaX alert is triggered due to suspicious |
1079 |
+ activity in the kernel (from KERNEXEC/UDEREF/USERCOPY) |
1080 |
@@ -55345,8 +55886,8 @@ diff -urNp linux-2.6.32.42/include/linux/grdefs.h linux-2.6.32.42/include/linux/ |
1081 |
+#endif |
1082 |
diff -urNp linux-2.6.32.42/include/linux/grinternal.h linux-2.6.32.42/include/linux/grinternal.h |
1083 |
--- linux-2.6.32.42/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 |
1084 |
-+++ linux-2.6.32.42/include/linux/grinternal.h 2011-04-17 15:56:46.000000000 -0400 |
1085 |
-@@ -0,0 +1,218 @@ |
1086 |
++++ linux-2.6.32.42/include/linux/grinternal.h 2011-06-29 19:41:14.000000000 -0400 |
1087 |
+@@ -0,0 +1,219 @@ |
1088 |
+#ifndef __GRINTERNAL_H |
1089 |
+#define __GRINTERNAL_H |
1090 |
+ |
1091 |
@@ -55427,6 +55968,7 @@ diff -urNp linux-2.6.32.42/include/linux/grinternal.h linux-2.6.32.42/include/li |
1092 |
+extern int grsec_resource_logging; |
1093 |
+extern int grsec_enable_blackhole; |
1094 |
+extern int grsec_lastack_retries; |
1095 |
++extern int grsec_enable_brute; |
1096 |
+extern int grsec_lock; |
1097 |
+ |
1098 |
+extern spinlock_t grsec_alert_lock; |
1099 |
@@ -70607,7 +71149,7 @@ diff -urNp linux-2.6.32.42/security/integrity/ima/ima_queue.c linux-2.6.32.42/se |
1100 |
return 0; |
1101 |
diff -urNp linux-2.6.32.42/security/Kconfig linux-2.6.32.42/security/Kconfig |
1102 |
--- linux-2.6.32.42/security/Kconfig 2011-03-27 14:31:47.000000000 -0400 |
1103 |
-+++ linux-2.6.32.42/security/Kconfig 2011-06-04 20:45:36.000000000 -0400 |
1104 |
++++ linux-2.6.32.42/security/Kconfig 2011-06-29 20:55:36.000000000 -0400 |
1105 |
@@ -4,6 +4,555 @@ |
1106 |
|
1107 |
menu "Security options" |
1108 |
@@ -71129,7 +71671,7 @@ diff -urNp linux-2.6.32.42/security/Kconfig linux-2.6.32.42/security/Kconfig |
1109 |
+ |
1110 |
+config PAX_USERCOPY |
1111 |
+ bool "Harden heap object copies between kernel and userland" |
1112 |
-+ depends on X86 || PPC || SPARC |
1113 |
++ depends on X86 || PPC || SPARC || ARM |
1114 |
+ depends on GRKERNSEC && (SLAB || SLUB) |
1115 |
+ help |
1116 |
+ By saying Y here the kernel will enforce the size of heap objects |
1117 |
|
1118 |
diff --git a/2.6.39/0000_README b/2.6.39/0000_README |
1119 |
index b6b1a96..2c34d1e 100644 |
1120 |
--- a/2.6.39/0000_README |
1121 |
+++ b/2.6.39/0000_README |
1122 |
@@ -3,7 +3,7 @@ README |
1123 |
|
1124 |
Individual Patch Descriptions: |
1125 |
----------------------------------------------------------------------------- |
1126 |
-Patch: 4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch |
1127 |
+Patch: 4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch |
1128 |
From: http://www.grsecurity.net |
1129 |
Desc: hardened-sources base patch from upstream grsecurity |
1130 |
|
1131 |
|
1132 |
diff --git a/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch b/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch |
1133 |
similarity index 99% |
1134 |
rename from 2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch |
1135 |
rename to 2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch |
1136 |
index 8495f8b..4a5d663 100644 |
1137 |
--- a/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch |
1138 |
+++ b/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch |
1139 |
@@ -677,8 +677,43 @@ diff -urNp linux-2.6.39.2/arch/arm/include/asm/page.h linux-2.6.39.2/arch/arm/in |
1140 |
#define __cpu_copy_user_highpage cpu_user.cpu_copy_user_highpage |
1141 |
diff -urNp linux-2.6.39.2/arch/arm/include/asm/uaccess.h linux-2.6.39.2/arch/arm/include/asm/uaccess.h |
1142 |
--- linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-05-19 00:06:34.000000000 -0400 |
1143 |
-+++ linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-05-22 19:36:30.000000000 -0400 |
1144 |
-@@ -403,6 +403,9 @@ extern unsigned long __must_check __strn |
1145 |
++++ linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-06-29 21:04:12.000000000 -0400 |
1146 |
+@@ -22,6 +22,8 @@ |
1147 |
+ #define VERIFY_READ 0 |
1148 |
+ #define VERIFY_WRITE 1 |
1149 |
+ |
1150 |
++extern void check_object_size(const void *ptr, unsigned long n, bool to); |
1151 |
++ |
1152 |
+ /* |
1153 |
+ * The exception table consists of pairs of addresses: the first is the |
1154 |
+ * address of an instruction that is allowed to fault, and the second is |
1155 |
+@@ -387,8 +389,23 @@ do { \ |
1156 |
+ |
1157 |
+ |
1158 |
+ #ifdef CONFIG_MMU |
1159 |
+-extern unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n); |
1160 |
+-extern unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n); |
1161 |
++extern unsigned long __must_check ___copy_from_user(void *to, const void __user *from, unsigned long n); |
1162 |
++extern unsigned long __must_check ___copy_to_user(void __user *to, const void *from, unsigned long n); |
1163 |
++ |
1164 |
++static inline unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n) |
1165 |
++{ |
1166 |
++ if (!__builtin_constant_p(n)) |
1167 |
++ check_object_size(to, n, false); |
1168 |
++ return ___copy_from_user(to, from, n); |
1169 |
++} |
1170 |
++ |
1171 |
++static inline unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n) |
1172 |
++{ |
1173 |
++ if (!__builtin_constant_p(n)) |
1174 |
++ check_object_size(from, n, true); |
1175 |
++ return ___copy_to_user(to, from, n); |
1176 |
++} |
1177 |
++ |
1178 |
+ extern unsigned long __must_check __copy_to_user_std(void __user *to, const void *from, unsigned long n); |
1179 |
+ extern unsigned long __must_check __clear_user(void __user *addr, unsigned long n); |
1180 |
+ extern unsigned long __must_check __clear_user_std(void __user *addr, unsigned long n); |
1181 |
+@@ -403,6 +420,9 @@ extern unsigned long __must_check __strn |
1182 |
|
1183 |
static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) |
1184 |
{ |
1185 |
@@ -688,7 +723,7 @@ diff -urNp linux-2.6.39.2/arch/arm/include/asm/uaccess.h linux-2.6.39.2/arch/arm |
1186 |
if (access_ok(VERIFY_READ, from, n)) |
1187 |
n = __copy_from_user(to, from, n); |
1188 |
else /* security hole - plug it */ |
1189 |
-@@ -412,6 +415,9 @@ static inline unsigned long __must_check |
1190 |
+@@ -412,6 +432,9 @@ static inline unsigned long __must_check |
1191 |
|
1192 |
static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) |
1193 |
{ |
1194 |
@@ -756,6 +791,126 @@ diff -urNp linux-2.6.39.2/arch/arm/kernel/traps.c linux-2.6.39.2/arch/arm/kernel |
1195 |
if (ret != NOTIFY_STOP) |
1196 |
do_exit(SIGSEGV); |
1197 |
} |
1198 |
+diff -urNp linux-2.6.39.2/arch/arm/lib/copy_from_user.S linux-2.6.39.2/arch/arm/lib/copy_from_user.S |
1199 |
+--- linux-2.6.39.2/arch/arm/lib/copy_from_user.S 2011-05-19 00:06:34.000000000 -0400 |
1200 |
++++ linux-2.6.39.2/arch/arm/lib/copy_from_user.S 2011-06-29 20:58:18.000000000 -0400 |
1201 |
+@@ -16,7 +16,7 @@ |
1202 |
+ /* |
1203 |
+ * Prototype: |
1204 |
+ * |
1205 |
+- * size_t __copy_from_user(void *to, const void *from, size_t n) |
1206 |
++ * size_t ___copy_from_user(void *to, const void *from, size_t n) |
1207 |
+ * |
1208 |
+ * Purpose: |
1209 |
+ * |
1210 |
+@@ -84,11 +84,11 @@ |
1211 |
+ |
1212 |
+ .text |
1213 |
+ |
1214 |
+-ENTRY(__copy_from_user) |
1215 |
++ENTRY(___copy_from_user) |
1216 |
+ |
1217 |
+ #include "copy_template.S" |
1218 |
+ |
1219 |
+-ENDPROC(__copy_from_user) |
1220 |
++ENDPROC(___copy_from_user) |
1221 |
+ |
1222 |
+ .pushsection .fixup,"ax" |
1223 |
+ .align 0 |
1224 |
+diff -urNp linux-2.6.39.2/arch/arm/lib/copy_to_user.S linux-2.6.39.2/arch/arm/lib/copy_to_user.S |
1225 |
+--- linux-2.6.39.2/arch/arm/lib/copy_to_user.S 2011-05-19 00:06:34.000000000 -0400 |
1226 |
++++ linux-2.6.39.2/arch/arm/lib/copy_to_user.S 2011-06-29 20:59:20.000000000 -0400 |
1227 |
+@@ -16,7 +16,7 @@ |
1228 |
+ /* |
1229 |
+ * Prototype: |
1230 |
+ * |
1231 |
+- * size_t __copy_to_user(void *to, const void *from, size_t n) |
1232 |
++ * size_t ___copy_to_user(void *to, const void *from, size_t n) |
1233 |
+ * |
1234 |
+ * Purpose: |
1235 |
+ * |
1236 |
+@@ -88,11 +88,11 @@ |
1237 |
+ .text |
1238 |
+ |
1239 |
+ ENTRY(__copy_to_user_std) |
1240 |
+-WEAK(__copy_to_user) |
1241 |
++WEAK(___copy_to_user) |
1242 |
+ |
1243 |
+ #include "copy_template.S" |
1244 |
+ |
1245 |
+-ENDPROC(__copy_to_user) |
1246 |
++ENDPROC(___copy_to_user) |
1247 |
+ ENDPROC(__copy_to_user_std) |
1248 |
+ |
1249 |
+ .pushsection .fixup,"ax" |
1250 |
+diff -urNp linux-2.6.39.2/arch/arm/lib/uaccess.S linux-2.6.39.2/arch/arm/lib/uaccess.S |
1251 |
+--- linux-2.6.39.2/arch/arm/lib/uaccess.S 2011-05-19 00:06:34.000000000 -0400 |
1252 |
++++ linux-2.6.39.2/arch/arm/lib/uaccess.S 2011-06-29 20:59:01.000000000 -0400 |
1253 |
+@@ -20,7 +20,7 @@ |
1254 |
+ |
1255 |
+ #define PAGE_SHIFT 12 |
1256 |
+ |
1257 |
+-/* Prototype: int __copy_to_user(void *to, const char *from, size_t n) |
1258 |
++/* Prototype: int ___copy_to_user(void *to, const char *from, size_t n) |
1259 |
+ * Purpose : copy a block to user memory from kernel memory |
1260 |
+ * Params : to - user memory |
1261 |
+ * : from - kernel memory |
1262 |
+@@ -40,7 +40,7 @@ USER( T(strgtb) r3, [r0], #1) @ May f |
1263 |
+ sub r2, r2, ip |
1264 |
+ b .Lc2u_dest_aligned |
1265 |
+ |
1266 |
+-ENTRY(__copy_to_user) |
1267 |
++ENTRY(___copy_to_user) |
1268 |
+ stmfd sp!, {r2, r4 - r7, lr} |
1269 |
+ cmp r2, #4 |
1270 |
+ blt .Lc2u_not_enough |
1271 |
+@@ -278,14 +278,14 @@ USER( T(strgeb) r3, [r0], #1) @ May f |
1272 |
+ ldrgtb r3, [r1], #0 |
1273 |
+ USER( T(strgtb) r3, [r0], #1) @ May fault |
1274 |
+ b .Lc2u_finished |
1275 |
+-ENDPROC(__copy_to_user) |
1276 |
++ENDPROC(___copy_to_user) |
1277 |
+ |
1278 |
+ .pushsection .fixup,"ax" |
1279 |
+ .align 0 |
1280 |
+ 9001: ldmfd sp!, {r0, r4 - r7, pc} |
1281 |
+ .popsection |
1282 |
+ |
1283 |
+-/* Prototype: unsigned long __copy_from_user(void *to,const void *from,unsigned long n); |
1284 |
++/* Prototype: unsigned long ___copy_from_user(void *to,const void *from,unsigned long n); |
1285 |
+ * Purpose : copy a block from user memory to kernel memory |
1286 |
+ * Params : to - kernel memory |
1287 |
+ * : from - user memory |
1288 |
+@@ -304,7 +304,7 @@ USER( T(ldrgtb) r3, [r1], #1) @ May f |
1289 |
+ sub r2, r2, ip |
1290 |
+ b .Lcfu_dest_aligned |
1291 |
+ |
1292 |
+-ENTRY(__copy_from_user) |
1293 |
++ENTRY(___copy_from_user) |
1294 |
+ stmfd sp!, {r0, r2, r4 - r7, lr} |
1295 |
+ cmp r2, #4 |
1296 |
+ blt .Lcfu_not_enough |
1297 |
+@@ -544,7 +544,7 @@ USER( T(ldrgeb) r3, [r1], #1) @ May f |
1298 |
+ USER( T(ldrgtb) r3, [r1], #1) @ May fault |
1299 |
+ strgtb r3, [r0], #1 |
1300 |
+ b .Lcfu_finished |
1301 |
+-ENDPROC(__copy_from_user) |
1302 |
++ENDPROC(___copy_from_user) |
1303 |
+ |
1304 |
+ .pushsection .fixup,"ax" |
1305 |
+ .align 0 |
1306 |
+diff -urNp linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c |
1307 |
+--- linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c 2011-05-19 00:06:34.000000000 -0400 |
1308 |
++++ linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c 2011-06-29 20:59:55.000000000 -0400 |
1309 |
+@@ -103,7 +103,7 @@ out: |
1310 |
+ } |
1311 |
+ |
1312 |
+ unsigned long |
1313 |
+-__copy_to_user(void __user *to, const void *from, unsigned long n) |
1314 |
++___copy_to_user(void __user *to, const void *from, unsigned long n) |
1315 |
+ { |
1316 |
+ /* |
1317 |
+ * This test is stubbed out of the main function above to keep |
1318 |
diff -urNp linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c |
1319 |
--- linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c 2011-05-19 00:06:34.000000000 -0400 |
1320 |
+++ linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c 2011-05-22 19:36:30.000000000 -0400 |
1321 |
@@ -12633,6 +12788,27 @@ diff -urNp linux-2.6.39.2/arch/x86/Kconfig.debug linux-2.6.39.2/arch/x86/Kconfig |
1322 |
---help--- |
1323 |
This option helps catch unintended modifications to loadable |
1324 |
kernel module's text and read-only data. It also prevents execution |
1325 |
+diff -urNp linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S |
1326 |
+--- linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S 2011-05-19 00:06:34.000000000 -0400 |
1327 |
++++ linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S 2011-07-01 18:27:29.000000000 -0400 |
1328 |
+@@ -94,6 +94,9 @@ wakeup_code: |
1329 |
+ /* Do any other stuff... */ |
1330 |
+ |
1331 |
+ #ifndef CONFIG_64BIT |
1332 |
++ /* Recheck NX bit overrides (64bit path does this in trampoline */ |
1333 |
++ call verify_cpu |
1334 |
++ |
1335 |
+ /* This could also be done in C code... */ |
1336 |
+ movl pmode_cr3, %eax |
1337 |
+ movl %eax, %cr3 |
1338 |
+@@ -117,6 +120,7 @@ wakeup_code: |
1339 |
+ movl pmode_cr0, %eax |
1340 |
+ movl %eax, %cr0 |
1341 |
+ jmp pmode_return |
1342 |
++# include "../../verify_cpu.S" |
1343 |
+ #else |
1344 |
+ pushw $0 |
1345 |
+ pushw trampoline_segment |
1346 |
diff -urNp linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c |
1347 |
--- linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c 2011-05-19 00:06:34.000000000 -0400 |
1348 |
+++ linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c 2011-05-22 19:36:30.000000000 -0400 |
1349 |
@@ -18050,6 +18226,17 @@ diff -urNp linux-2.6.39.2/arch/x86/kernel/traps.c linux-2.6.39.2/arch/x86/kernel |
1350 |
|
1351 |
if (!tsk_used_math(tsk)) { |
1352 |
local_irq_enable(); |
1353 |
+diff -urNp linux-2.6.39.2/arch/x86/kernel/verify_cpu.S linux-2.6.39.2/arch/x86/kernel/verify_cpu.S |
1354 |
+--- linux-2.6.39.2/arch/x86/kernel/verify_cpu.S 2011-05-19 00:06:34.000000000 -0400 |
1355 |
++++ linux-2.6.39.2/arch/x86/kernel/verify_cpu.S 2011-07-01 18:28:04.000000000 -0400 |
1356 |
+@@ -20,6 +20,7 @@ |
1357 |
+ * arch/x86/boot/compressed/head_64.S: Boot cpu verification |
1358 |
+ * arch/x86/kernel/trampoline_64.S: secondary processor verification |
1359 |
+ * arch/x86/kernel/head_32.S: processor startup |
1360 |
++ * arch/x86/kernel/acpi/realmode/wakeup.S: 32bit processor resume |
1361 |
+ * |
1362 |
+ * verify_cpu, returns the status of longmode and SSE in register %eax. |
1363 |
+ * 0: Success 1: Failure |
1364 |
diff -urNp linux-2.6.39.2/arch/x86/kernel/vm86_32.c linux-2.6.39.2/arch/x86/kernel/vm86_32.c |
1365 |
--- linux-2.6.39.2/arch/x86/kernel/vm86_32.c 2011-05-19 00:06:34.000000000 -0400 |
1366 |
+++ linux-2.6.39.2/arch/x86/kernel/vm86_32.c 2011-05-22 19:41:32.000000000 -0400 |
1367 |
@@ -58154,8 +58341,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_fork.c linux-2.6.39.2/grsecurity/grse |
1368 |
+} |
1369 |
diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grsec_init.c |
1370 |
--- linux-2.6.39.2/grsecurity/grsec_init.c 1969-12-31 19:00:00.000000000 -0500 |
1371 |
-+++ linux-2.6.39.2/grsecurity/grsec_init.c 2011-05-22 22:47:15.000000000 -0400 |
1372 |
-@@ -0,0 +1,269 @@ |
1373 |
++++ linux-2.6.39.2/grsecurity/grsec_init.c 2011-06-29 19:35:59.000000000 -0400 |
1374 |
+@@ -0,0 +1,273 @@ |
1375 |
+#include <linux/kernel.h> |
1376 |
+#include <linux/sched.h> |
1377 |
+#include <linux/mm.h> |
1378 |
@@ -58165,6 +58352,7 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grse |
1379 |
+#include <linux/percpu.h> |
1380 |
+#include <linux/module.h> |
1381 |
+ |
1382 |
++int grsec_enable_brute; |
1383 |
+int grsec_enable_link; |
1384 |
+int grsec_enable_dmesg; |
1385 |
+int grsec_enable_harden_ptrace; |
1386 |
@@ -58329,6 +58517,9 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grse |
1387 |
+#ifdef CONFIG_GRKERNSEC_LINK |
1388 |
+ grsec_enable_link = 1; |
1389 |
+#endif |
1390 |
++#ifdef CONFIG_GRKERNSEC_BRUTE |
1391 |
++ grsec_enable_brute = 1; |
1392 |
++#endif |
1393 |
+#ifdef CONFIG_GRKERNSEC_DMESG |
1394 |
+ grsec_enable_dmesg = 1; |
1395 |
+#endif |
1396 |
@@ -58949,8 +59140,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_ptrace.c linux-2.6.39.2/grsecurity/gr |
1397 |
+} |
1398 |
diff -urNp linux-2.6.39.2/grsecurity/grsec_sig.c linux-2.6.39.2/grsecurity/grsec_sig.c |
1399 |
--- linux-2.6.39.2/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500 |
1400 |
-+++ linux-2.6.39.2/grsecurity/grsec_sig.c 2011-05-22 19:41:42.000000000 -0400 |
1401 |
-@@ -0,0 +1,203 @@ |
1402 |
++++ linux-2.6.39.2/grsecurity/grsec_sig.c 2011-06-29 19:40:46.000000000 -0400 |
1403 |
+@@ -0,0 +1,206 @@ |
1404 |
+#include <linux/kernel.h> |
1405 |
+#include <linux/sched.h> |
1406 |
+#include <linux/delay.h> |
1407 |
@@ -59042,6 +59233,9 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sig.c linux-2.6.39.2/grsecurity/grsec |
1408 |
+#ifdef CONFIG_GRKERNSEC_BRUTE |
1409 |
+ uid_t uid = 0; |
1410 |
+ |
1411 |
++ if (!grsec_enable_brute) |
1412 |
++ return; |
1413 |
++ |
1414 |
+ rcu_read_lock(); |
1415 |
+ read_lock(&tasklist_lock); |
1416 |
+ read_lock(&grsec_exec_file_lock); |
1417 |
@@ -59404,8 +59598,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sock.c linux-2.6.39.2/grsecurity/grse |
1418 |
+} |
1419 |
diff -urNp linux-2.6.39.2/grsecurity/grsec_sysctl.c linux-2.6.39.2/grsecurity/grsec_sysctl.c |
1420 |
--- linux-2.6.39.2/grsecurity/grsec_sysctl.c 1969-12-31 19:00:00.000000000 -0500 |
1421 |
-+++ linux-2.6.39.2/grsecurity/grsec_sysctl.c 2011-05-22 19:41:42.000000000 -0400 |
1422 |
-@@ -0,0 +1,433 @@ |
1423 |
++++ linux-2.6.39.2/grsecurity/grsec_sysctl.c 2011-06-29 19:38:04.000000000 -0400 |
1424 |
+@@ -0,0 +1,442 @@ |
1425 |
+#include <linux/kernel.h> |
1426 |
+#include <linux/sched.h> |
1427 |
+#include <linux/sysctl.h> |
1428 |
@@ -59451,6 +59645,15 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sysctl.c linux-2.6.39.2/grsecurity/gr |
1429 |
+ .proc_handler = &proc_dointvec, |
1430 |
+ }, |
1431 |
+#endif |
1432 |
++#ifdef CONFIG_GRKERNSEC_BRUTE |
1433 |
++ { |
1434 |
++ .procname = "deter_bruteforce", |
1435 |
++ .data = &grsec_enable_brute, |
1436 |
++ .maxlen = sizeof(int), |
1437 |
++ .mode = 0600, |
1438 |
++ .proc_handler = &proc_dointvec, |
1439 |
++ }, |
1440 |
++#endif |
1441 |
+#ifdef CONFIG_GRKERNSEC_FIFO |
1442 |
+ { |
1443 |
+ .procname = "fifo_restrictions", |
1444 |
@@ -59969,8 +60172,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsum.c linux-2.6.39.2/grsecurity/grsum.c |
1445 |
+} |
1446 |
diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1447 |
--- linux-2.6.39.2/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500 |
1448 |
-+++ linux-2.6.39.2/grsecurity/Kconfig 2011-06-13 21:34:34.000000000 -0400 |
1449 |
-@@ -0,0 +1,1045 @@ |
1450 |
++++ linux-2.6.39.2/grsecurity/Kconfig 2011-06-29 20:57:06.000000000 -0400 |
1451 |
+@@ -0,0 +1,1048 @@ |
1452 |
+# |
1453 |
+# grecurity configuration |
1454 |
+# |
1455 |
@@ -60049,7 +60252,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1456 |
+ select PAX_ASLR |
1457 |
+ select PAX_RANDMMAP |
1458 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
1459 |
-+ select PAX_USERCOPY if ((X86 || SPARC32 || SPARC64 || PPC) && (SLAB || SLUB || SLOB)) |
1460 |
++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) |
1461 |
+ |
1462 |
+ help |
1463 |
+ If you say Y here, several features in addition to those included |
1464 |
@@ -60113,7 +60316,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1465 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
1466 |
+ select GRKERNSEC_HARDEN_PTRACE |
1467 |
+ select GRKERNSEC_VM86 if (X86_32) |
1468 |
-+ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC32 || SPARC64) |
1469 |
++ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC) |
1470 |
+ select PAX |
1471 |
+ select PAX_RANDUSTACK |
1472 |
+ select PAX_ASLR |
1473 |
@@ -60128,13 +60331,13 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1474 |
+ select PAX_RANDKSTACK if (X86_TSC && X86) |
1475 |
+ select PAX_SEGMEXEC if (X86_32) |
1476 |
+ select PAX_PAGEEXEC |
1477 |
-+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC32 || SPARC64) |
1478 |
++ select PAX_EMUPLT if (ALPHA || PARISC || SPARC) |
1479 |
+ select PAX_EMUTRAMP if (PARISC) |
1480 |
+ select PAX_EMUSIGRT if (PARISC) |
1481 |
+ select PAX_ETEXECRELOCS if (ALPHA || IA64 || PARISC) |
1482 |
+ select PAX_ELFRELOCS if (PAX_ETEXECRELOCS || (IA64 || PPC || X86)) |
1483 |
+ select PAX_REFCOUNT if (X86 || SPARC64) |
1484 |
-+ select PAX_USERCOPY if ((X86 || PPC || SPARC32 || SPARC64) && (SLAB || SLUB || SLOB)) |
1485 |
++ select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB)) |
1486 |
+ help |
1487 |
+ If you say Y here, many of the features of grsecurity will be |
1488 |
+ enabled, which will protect you against many kinds of attacks |
1489 |
@@ -60264,6 +60467,9 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1490 |
+ It is recommended that you also enable signal logging in the auditing |
1491 |
+ section so that logs are generated when a process triggers a suspicious |
1492 |
+ signal. |
1493 |
++ If the sysctl option is enabled, a sysctl option with name |
1494 |
++ "deter_bruteforce" is created. |
1495 |
++ |
1496 |
+ |
1497 |
+config GRKERNSEC_MODHARDEN |
1498 |
+ bool "Harden module auto-loading" |
1499 |
@@ -60313,7 +60519,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig |
1500 |
+ |
1501 |
+config GRKERNSEC_KERN_LOCKOUT |
1502 |
+ bool "Active kernel exploit response" |
1503 |
-+ depends on X86 || ARM || PPC || SPARC32 || SPARC64 |
1504 |
++ depends on X86 || ARM || PPC || SPARC |
1505 |
+ help |
1506 |
+ If you say Y here, when a PaX alert is triggered due to suspicious |
1507 |
+ activity in the kernel (from KERNEXEC/UDEREF/USERCOPY) |
1508 |
@@ -62865,8 +63071,8 @@ diff -urNp linux-2.6.39.2/include/linux/grdefs.h linux-2.6.39.2/include/linux/gr |
1509 |
+#endif |
1510 |
diff -urNp linux-2.6.39.2/include/linux/grinternal.h linux-2.6.39.2/include/linux/grinternal.h |
1511 |
--- linux-2.6.39.2/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 |
1512 |
-+++ linux-2.6.39.2/include/linux/grinternal.h 2011-05-22 19:41:42.000000000 -0400 |
1513 |
-@@ -0,0 +1,219 @@ |
1514 |
++++ linux-2.6.39.2/include/linux/grinternal.h 2011-06-29 19:41:29.000000000 -0400 |
1515 |
+@@ -0,0 +1,220 @@ |
1516 |
+#ifndef __GRINTERNAL_H |
1517 |
+#define __GRINTERNAL_H |
1518 |
+ |
1519 |
@@ -62947,6 +63153,7 @@ diff -urNp linux-2.6.39.2/include/linux/grinternal.h linux-2.6.39.2/include/linu |
1520 |
+extern int grsec_resource_logging; |
1521 |
+extern int grsec_enable_blackhole; |
1522 |
+extern int grsec_lastack_retries; |
1523 |
++extern int grsec_enable_brute; |
1524 |
+extern int grsec_lock; |
1525 |
+ |
1526 |
+extern spinlock_t grsec_alert_lock; |
1527 |
@@ -79546,7 +79753,7 @@ diff -urNp linux-2.6.39.2/security/integrity/ima/ima_queue.c linux-2.6.39.2/secu |
1528 |
return 0; |
1529 |
diff -urNp linux-2.6.39.2/security/Kconfig linux-2.6.39.2/security/Kconfig |
1530 |
--- linux-2.6.39.2/security/Kconfig 2011-05-19 00:06:34.000000000 -0400 |
1531 |
-+++ linux-2.6.39.2/security/Kconfig 2011-06-03 01:13:26.000000000 -0400 |
1532 |
++++ linux-2.6.39.2/security/Kconfig 2011-06-29 20:57:25.000000000 -0400 |
1533 |
@@ -4,6 +4,554 @@ |
1534 |
|
1535 |
menu "Security options" |
1536 |
@@ -80068,7 +80275,7 @@ diff -urNp linux-2.6.39.2/security/Kconfig linux-2.6.39.2/security/Kconfig |
1537 |
+ |
1538 |
+config PAX_USERCOPY |
1539 |
+ bool "Harden heap object copies between kernel and userland" |
1540 |
-+ depends on X86 || PPC || SPARC |
1541 |
++ depends on X86 || PPC || SPARC || ARM |
1542 |
+ depends on GRKERNSEC && (SLAB || SLUB) |
1543 |
+ help |
1544 |
+ By saying Y here the kernel will enforce the size of heap objects |