1 |
commit: dc5a4e9bf9471a2e93a27d65a0d6877fb05d3065 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 25 14:34:41 2014 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 25 14:34:41 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=dc5a4e9b |
7 |
|
8 |
Grsec/PaX: 3.0-{3.2.55,3.13.4}-201402221308 |
9 |
|
10 |
--- |
11 |
3.13.3/0000_README | 2 +- |
12 |
... 4420_grsecurity-3.0-3.13.4-201402221308.patch} | 242 +++++++++++++++------ |
13 |
3.2.55/0000_README | 2 +- |
14 |
... 4420_grsecurity-3.0-3.2.55-201402221305.patch} | 196 ++++++++++++++--- |
15 |
4 files changed, 338 insertions(+), 104 deletions(-) |
16 |
|
17 |
diff --git a/3.13.3/0000_README b/3.13.3/0000_README |
18 |
index 398b4fa..dc48ad4 100644 |
19 |
--- a/3.13.3/0000_README |
20 |
+++ b/3.13.3/0000_README |
21 |
@@ -2,7 +2,7 @@ README |
22 |
----------------------------------------------------------------------------- |
23 |
Individual Patch Descriptions: |
24 |
----------------------------------------------------------------------------- |
25 |
-Patch: 4420_grsecurity-3.0-3.13.3-201402192252.patch |
26 |
+Patch: 4420_grsecurity-3.0-3.13.4-201402221308.patch |
27 |
From: http://www.grsecurity.net |
28 |
Desc: hardened-sources base patch from upstream grsecurity |
29 |
|
30 |
|
31 |
diff --git a/3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch b/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch |
32 |
similarity index 99% |
33 |
rename from 3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch |
34 |
rename to 3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch |
35 |
index 26f9252..0cb3174 100644 |
36 |
--- a/3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch |
37 |
+++ b/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch |
38 |
@@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644 |
39 |
|
40 |
pcd. [PARIDE] |
41 |
diff --git a/Makefile b/Makefile |
42 |
-index 704b508..4a788c4 100644 |
43 |
+index 2236ed8..89d7bf0 100644 |
44 |
--- a/Makefile |
45 |
+++ b/Makefile |
46 |
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
47 |
@@ -895,7 +895,7 @@ index c1f1a7e..554b0cd 100644 |
48 |
kexec is a system call that implements the ability to shutdown your |
49 |
current kernel, and to start another kernel. It is like a reboot |
50 |
diff --git a/arch/arm/include/asm/atomic.h b/arch/arm/include/asm/atomic.h |
51 |
-index 62d2cb5..7a13651 100644 |
52 |
+index 62d2cb5..09d45e3 100644 |
53 |
--- a/arch/arm/include/asm/atomic.h |
54 |
+++ b/arch/arm/include/asm/atomic.h |
55 |
@@ -18,17 +18,35 @@ |
56 |
@@ -1398,7 +1398,7 @@ index 62d2cb5..7a13651 100644 |
57 |
" sbc %R0, %R0, %R4\n" |
58 |
" strexd %1, %0, %H0, [%3]\n" |
59 |
" teq %1, #0\n" |
60 |
-@@ -344,17 +691,28 @@ static inline long long atomic64_sub_return(long long i, atomic64_t *v) |
61 |
+@@ -344,16 +691,29 @@ static inline long long atomic64_sub_return(long long i, atomic64_t *v) |
62 |
__asm__ __volatile__("@ atomic64_sub_return\n" |
63 |
"1: ldrexd %0, %H0, [%3]\n" |
64 |
" subs %Q0, %Q0, %Q4\n" |
65 |
@@ -1425,14 +1425,13 @@ index 62d2cb5..7a13651 100644 |
66 |
: "=&r" (result), "=&r" (tmp), "+Qo" (v->counter) |
67 |
: "r" (&v->counter), "r" (i) |
68 |
: "cc"); |
69 |
-- |
70 |
+ |
71 |
- smp_mb(); |
72 |
- |
73 |
-- return result; |
74 |
+ return result; |
75 |
} |
76 |
|
77 |
- static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old, |
78 |
-@@ -382,6 +740,31 @@ static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old, |
79 |
+@@ -382,6 +742,31 @@ static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old, |
80 |
return oldval; |
81 |
} |
82 |
|
83 |
@@ -1464,7 +1463,7 @@ index 62d2cb5..7a13651 100644 |
84 |
static inline long long atomic64_xchg(atomic64_t *ptr, long long new) |
85 |
{ |
86 |
long long result; |
87 |
-@@ -406,20 +789,34 @@ static inline long long atomic64_xchg(atomic64_t *ptr, long long new) |
88 |
+@@ -406,20 +791,34 @@ static inline long long atomic64_xchg(atomic64_t *ptr, long long new) |
89 |
static inline long long atomic64_dec_if_positive(atomic64_t *v) |
90 |
{ |
91 |
long long result; |
92 |
@@ -1505,7 +1504,7 @@ index 62d2cb5..7a13651 100644 |
93 |
: "=&r" (result), "=&r" (tmp), "+Qo" (v->counter) |
94 |
: "r" (&v->counter) |
95 |
: "cc"); |
96 |
-@@ -442,13 +839,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u) |
97 |
+@@ -442,13 +841,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u) |
98 |
" teq %0, %5\n" |
99 |
" teqeq %H0, %H5\n" |
100 |
" moveq %1, #0\n" |
101 |
@@ -1534,7 +1533,7 @@ index 62d2cb5..7a13651 100644 |
102 |
: "=&r" (val), "+r" (ret), "=&r" (tmp), "+Qo" (v->counter) |
103 |
: "r" (&v->counter), "r" (u), "r" (a) |
104 |
: "cc"); |
105 |
-@@ -461,10 +870,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u) |
106 |
+@@ -461,10 +872,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u) |
107 |
|
108 |
#define atomic64_add_negative(a, v) (atomic64_add_return((a), (v)) < 0) |
109 |
#define atomic64_inc(v) atomic64_add(1LL, (v)) |
110 |
@@ -38160,7 +38159,7 @@ index d39cca6..8c1e269 100644 |
111 |
|
112 |
if (cmd != SIOCWANDEV) |
113 |
diff --git a/drivers/char/random.c b/drivers/char/random.c |
114 |
-index 429b75b..a4f540d 100644 |
115 |
+index 429b75b..a7f4145 100644 |
116 |
--- a/drivers/char/random.c |
117 |
+++ b/drivers/char/random.c |
118 |
@@ -270,10 +270,17 @@ |
119 |
@@ -38211,6 +38210,19 @@ index 429b75b..a4f540d 100644 |
120 |
#if 0 |
121 |
/* x^2048 + x^1638 + x^1231 + x^819 + x^411 + x + 1 -- 115 */ |
122 |
{ S(2048), 1638, 1231, 819, 411, 1 }, |
123 |
+@@ -433,9 +444,9 @@ struct entropy_store { |
124 |
+ }; |
125 |
+ |
126 |
+ static void push_to_pool(struct work_struct *work); |
127 |
+-static __u32 input_pool_data[INPUT_POOL_WORDS]; |
128 |
+-static __u32 blocking_pool_data[OUTPUT_POOL_WORDS]; |
129 |
+-static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS]; |
130 |
++static __u32 input_pool_data[INPUT_POOL_WORDS] __latent_entropy; |
131 |
++static __u32 blocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy; |
132 |
++static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy; |
133 |
+ |
134 |
+ static struct entropy_store input_pool = { |
135 |
+ .poolinfo = &poolinfo_table[0], |
136 |
@@ -524,8 +535,8 @@ static void _mix_pool_bytes(struct entropy_store *r, const void *in, |
137 |
input_rotate = (input_rotate + (i ? 7 : 14)) & 31; |
138 |
} |
139 |
@@ -47785,10 +47797,10 @@ index 84419af..268ede8 100644 |
140 |
&dev_attr_energy_uj.attr; |
141 |
} |
142 |
diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c |
143 |
-index d85f313..ae857d0 100644 |
144 |
+index 0186c1b..6491409 100644 |
145 |
--- a/drivers/regulator/core.c |
146 |
+++ b/drivers/regulator/core.c |
147 |
-@@ -3362,7 +3362,7 @@ regulator_register(const struct regulator_desc *regulator_desc, |
148 |
+@@ -3369,7 +3369,7 @@ regulator_register(const struct regulator_desc *regulator_desc, |
149 |
{ |
150 |
const struct regulation_constraints *constraints = NULL; |
151 |
const struct regulator_init_data *init_data; |
152 |
@@ -47797,7 +47809,7 @@ index d85f313..ae857d0 100644 |
153 |
struct regulator_dev *rdev; |
154 |
struct device *dev; |
155 |
int ret, i; |
156 |
-@@ -3432,7 +3432,7 @@ regulator_register(const struct regulator_desc *regulator_desc, |
157 |
+@@ -3439,7 +3439,7 @@ regulator_register(const struct regulator_desc *regulator_desc, |
158 |
rdev->dev.of_node = config->of_node; |
159 |
rdev->dev.parent = dev; |
160 |
dev_set_name(&rdev->dev, "regulator.%d", |
161 |
@@ -55371,7 +55383,7 @@ index ca0ba15..0fa3257 100644 |
162 |
fd_offset + ex.a_text); |
163 |
if (error != N_DATADDR(ex)) { |
164 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
165 |
-index 571a423..dbb9c6c 100644 |
166 |
+index 571a423..eed5754 100644 |
167 |
--- a/fs/binfmt_elf.c |
168 |
+++ b/fs/binfmt_elf.c |
169 |
@@ -34,6 +34,7 @@ |
170 |
@@ -55382,6 +55394,15 @@ index 571a423..dbb9c6c 100644 |
171 |
#include <asm/uaccess.h> |
172 |
#include <asm/param.h> |
173 |
#include <asm/page.h> |
174 |
+@@ -48,7 +49,7 @@ |
175 |
+ static int load_elf_binary(struct linux_binprm *bprm); |
176 |
+ static int load_elf_library(struct file *); |
177 |
+ static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *, |
178 |
+- int, int, unsigned long); |
179 |
++ int, int, unsigned long) __intentional_overflow(-1); |
180 |
+ |
181 |
+ /* |
182 |
+ * If we don't support core dumping, then supply a NULL so we |
183 |
@@ -60,6 +61,14 @@ static int elf_core_dump(struct coredump_params *cprm); |
184 |
#define elf_core_dump NULL |
185 |
#endif |
186 |
@@ -56528,10 +56549,10 @@ index d71a11d..384e2c4 100644 |
187 |
wake_up(&root->fs_info->transaction_wait); |
188 |
wake_up(&root->fs_info->transaction_blocked_wait); |
189 |
diff --git a/fs/buffer.c b/fs/buffer.c |
190 |
-index 6024877..7bd000a 100644 |
191 |
+index aeeea65..7651d590 100644 |
192 |
--- a/fs/buffer.c |
193 |
+++ b/fs/buffer.c |
194 |
-@@ -3426,7 +3426,7 @@ void __init buffer_init(void) |
195 |
+@@ -3428,7 +3428,7 @@ void __init buffer_init(void) |
196 |
bh_cachep = kmem_cache_create("buffer_head", |
197 |
sizeof(struct buffer_head), 0, |
198 |
(SLAB_RECLAIM_ACCOUNT|SLAB_PANIC| |
199 |
@@ -82340,7 +82361,7 @@ index 7ceed99..d3ffaa2 100644 |
200 |
static inline int rate_supported(struct ieee80211_sta *sta, |
201 |
enum ieee80211_band band, |
202 |
diff --git a/include/net/neighbour.h b/include/net/neighbour.h |
203 |
-index 536501a..74ad02bc 100644 |
204 |
+index 536501a..47b7982 100644 |
205 |
--- a/include/net/neighbour.h |
206 |
+++ b/include/net/neighbour.h |
207 |
@@ -123,7 +123,7 @@ struct neigh_ops { |
208 |
@@ -82352,7 +82373,15 @@ index 536501a..74ad02bc 100644 |
209 |
|
210 |
struct pneigh_entry { |
211 |
struct pneigh_entry *next; |
212 |
-@@ -178,7 +178,7 @@ struct neigh_table { |
213 |
+@@ -163,7 +163,6 @@ struct neigh_table { |
214 |
+ void (*proxy_redo)(struct sk_buff *skb); |
215 |
+ char *id; |
216 |
+ struct neigh_parms parms; |
217 |
+- /* HACK. gc_* should follow parms without a gap! */ |
218 |
+ int gc_interval; |
219 |
+ int gc_thresh1; |
220 |
+ int gc_thresh2; |
221 |
+@@ -178,7 +177,7 @@ struct neigh_table { |
222 |
struct neigh_statistics __percpu *stats; |
223 |
struct neigh_hash_table __rcu *nht; |
224 |
struct pneigh_entry **phash_buckets; |
225 |
@@ -89993,10 +90022,10 @@ index db25707..8b16430 100644 |
226 |
This option lets you use the FireWire bus for remote debugging |
227 |
with help of the firewire-ohci driver. It enables unfiltered |
228 |
diff --git a/lib/Makefile b/lib/Makefile |
229 |
-index a459c31..3320e82 100644 |
230 |
+index 04944e9..f43eabe 100644 |
231 |
--- a/lib/Makefile |
232 |
+++ b/lib/Makefile |
233 |
-@@ -49,7 +49,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o |
234 |
+@@ -50,7 +50,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o |
235 |
obj-$(CONFIG_BTREE) += btree.o |
236 |
obj-$(CONFIG_ASSOCIATIVE_ARRAY) += assoc_array.o |
237 |
obj-$(CONFIG_DEBUG_PREEMPT) += smp_processor_id.o |
238 |
@@ -93711,7 +93740,7 @@ index fec093a..8162f74 100644 |
239 |
struct mm_struct *mm; |
240 |
|
241 |
diff --git a/mm/page-writeback.c b/mm/page-writeback.c |
242 |
-index 2d30e2c..8b3d14c 100644 |
243 |
+index 7106cb1..0805f48 100644 |
244 |
--- a/mm/page-writeback.c |
245 |
+++ b/mm/page-writeback.c |
246 |
@@ -685,7 +685,7 @@ static inline long long pos_ratio_polynom(unsigned long setpoint, |
247 |
@@ -95099,7 +95128,7 @@ index 84b26aa..ce39899 100644 |
248 |
} |
249 |
|
250 |
diff --git a/mm/swapfile.c b/mm/swapfile.c |
251 |
-index 612a7c9..66b0f5a 100644 |
252 |
+index 461fce2..363ae44 100644 |
253 |
--- a/mm/swapfile.c |
254 |
+++ b/mm/swapfile.c |
255 |
@@ -66,7 +66,7 @@ static DEFINE_MUTEX(swapon_mutex); |
256 |
@@ -95111,16 +95140,16 @@ index 612a7c9..66b0f5a 100644 |
257 |
|
258 |
static inline unsigned char swap_count(unsigned char ent) |
259 |
{ |
260 |
-@@ -1949,7 +1949,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) |
261 |
- } |
262 |
- filp_close(swap_file, NULL); |
263 |
+@@ -1958,7 +1958,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) |
264 |
+ spin_unlock(&swap_lock); |
265 |
+ |
266 |
err = 0; |
267 |
- atomic_inc(&proc_poll_event); |
268 |
+ atomic_inc_unchecked(&proc_poll_event); |
269 |
wake_up_interruptible(&proc_poll_wait); |
270 |
|
271 |
out_dput: |
272 |
-@@ -1966,8 +1966,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait) |
273 |
+@@ -1975,8 +1975,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait) |
274 |
|
275 |
poll_wait(file, &proc_poll_wait, wait); |
276 |
|
277 |
@@ -95131,7 +95160,7 @@ index 612a7c9..66b0f5a 100644 |
278 |
return POLLIN | POLLRDNORM | POLLERR | POLLPRI; |
279 |
} |
280 |
|
281 |
-@@ -2065,7 +2065,7 @@ static int swaps_open(struct inode *inode, struct file *file) |
282 |
+@@ -2074,7 +2074,7 @@ static int swaps_open(struct inode *inode, struct file *file) |
283 |
return ret; |
284 |
|
285 |
seq = file->private_data; |
286 |
@@ -95140,7 +95169,7 @@ index 612a7c9..66b0f5a 100644 |
287 |
return 0; |
288 |
} |
289 |
|
290 |
-@@ -2524,7 +2524,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags) |
291 |
+@@ -2533,7 +2533,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags) |
292 |
(frontswap_map) ? "FS" : ""); |
293 |
|
294 |
mutex_unlock(&swapon_mutex); |
295 |
@@ -96429,7 +96458,7 @@ index b618694..192bbba 100644 |
296 |
|
297 |
m->msg_iov = iov; |
298 |
diff --git a/net/core/neighbour.c b/net/core/neighbour.c |
299 |
-index 932c6d7..7c7aa10 100644 |
300 |
+index 932c6d7..71fd94a 100644 |
301 |
--- a/net/core/neighbour.c |
302 |
+++ b/net/core/neighbour.c |
303 |
@@ -2775,7 +2775,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, |
304 |
@@ -96441,6 +96470,23 @@ index 932c6d7..7c7aa10 100644 |
305 |
|
306 |
tmp.extra1 = &zero; |
307 |
tmp.extra2 = &unres_qlen_max; |
308 |
+@@ -2983,11 +2983,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, |
309 |
+ memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0, |
310 |
+ sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL])); |
311 |
+ } else { |
312 |
++ struct neigh_table *ntable = container_of(p, struct neigh_table, parms); |
313 |
+ dev_name_source = "default"; |
314 |
+- t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = (int *)(p + 1); |
315 |
+- t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = (int *)(p + 1) + 1; |
316 |
+- t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = (int *)(p + 1) + 2; |
317 |
+- t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = (int *)(p + 1) + 3; |
318 |
++ t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &ntable->gc_interval; |
319 |
++ t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &ntable->gc_thresh1; |
320 |
++ t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &ntable->gc_thresh2; |
321 |
++ t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &ntable->gc_thresh3; |
322 |
+ } |
323 |
+ |
324 |
+ |
325 |
diff --git a/net/core/net-procfs.c b/net/core/net-procfs.c |
326 |
index 2bf8329..7960607 100644 |
327 |
--- a/net/core/net-procfs.c |
328 |
@@ -103593,21 +103639,6 @@ index 48c3cc9..8022cf7 100644 |
329 |
rtnl_lock(); |
330 |
for_each_net(net) |
331 |
rt_genid_bump_all(net); |
332 |
-diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c |
333 |
-index d106733..539aadd 100644 |
334 |
---- a/security/selinux/ss/services.c |
335 |
-+++ b/security/selinux/ss/services.c |
336 |
-@@ -1232,6 +1232,10 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, |
337 |
- struct context context; |
338 |
- int rc = 0; |
339 |
- |
340 |
-+ /* An empty security context is never valid. */ |
341 |
-+ if (!scontext_len) |
342 |
-+ return -EINVAL; |
343 |
-+ |
344 |
- if (!ss_initialized) { |
345 |
- int i; |
346 |
- |
347 |
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c |
348 |
index b0be893..646bd94 100644 |
349 |
--- a/security/smack/smack_lsm.c |
350 |
@@ -105362,10 +105393,10 @@ index 0000000..4f67ac1 |
351 |
+} |
352 |
diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h |
353 |
new file mode 100644 |
354 |
-index 0000000..312d3b6 |
355 |
+index 0000000..af12645 |
356 |
--- /dev/null |
357 |
+++ b/tools/gcc/gcc-common.h |
358 |
-@@ -0,0 +1,268 @@ |
359 |
+@@ -0,0 +1,274 @@ |
360 |
+#ifndef GCC_COMMON_H_INCLUDED |
361 |
+#define GCC_COMMON_H_INCLUDED |
362 |
+ |
363 |
@@ -105603,8 +105634,14 @@ index 0000000..312d3b6 |
364 |
+#endif |
365 |
+ |
366 |
+#if BUILDING_GCC_VERSION <= 4008 |
367 |
-+#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN) |
368 |
-+#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN) |
369 |
++#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN) |
370 |
++#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN) |
371 |
++#define basic_block_info_for_fn(FN) ((FN)->cfg->x_basic_block_info) |
372 |
++#define n_basic_blocks_for_fn(FN) ((FN)->cfg->x_n_basic_blocks) |
373 |
++#define n_edges_for_fn(FN) ((FN)->cfg->x_n_edges) |
374 |
++#define last_basic_block_for_fn(FN) ((FN)->cfg->x_last_basic_block) |
375 |
++#define label_to_block_map_for_fn(FN) ((FN)->cfg->x_label_to_block_map) |
376 |
++#define profile_status_for_fn(FN) ((FN)->cfg->x_profile_status) |
377 |
+ |
378 |
+static inline const char *get_tree_code_name(enum tree_code code) |
379 |
+{ |
380 |
@@ -106463,10 +106500,10 @@ index 0000000..dd73713 |
381 |
+} |
382 |
diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
383 |
new file mode 100644 |
384 |
-index 0000000..515d689 |
385 |
+index 0000000..7e39d81 |
386 |
--- /dev/null |
387 |
+++ b/tools/gcc/latent_entropy_plugin.c |
388 |
-@@ -0,0 +1,337 @@ |
389 |
+@@ -0,0 +1,403 @@ |
390 |
+/* |
391 |
+ * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu> |
392 |
+ * Licensed under the GPL v2 |
393 |
@@ -106477,7 +106514,7 @@ index 0000000..515d689 |
394 |
+ * any of the gcc libraries |
395 |
+ * |
396 |
+ * gcc plugin to help generate a little bit of entropy from program state, |
397 |
-+ * used during boot in the kernel |
398 |
++ * used throughout the uptime of the kernel |
399 |
+ * |
400 |
+ * TODO: |
401 |
+ * - add ipa pass to identify not explicitly marked candidate functions |
402 |
@@ -106495,19 +106532,30 @@ index 0000000..515d689 |
403 |
+static tree latent_entropy_decl; |
404 |
+ |
405 |
+static struct plugin_info latent_entropy_plugin_info = { |
406 |
-+ .version = "201402131900", |
407 |
++ .version = "201402210120", |
408 |
+ .help = NULL |
409 |
+}; |
410 |
+ |
411 |
+static unsigned HOST_WIDE_INT seed; |
412 |
+static unsigned HOST_WIDE_INT get_random_const(void) |
413 |
+{ |
414 |
-+ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL); |
415 |
-+ return seed; |
416 |
++ unsigned int i; |
417 |
++ unsigned HOST_WIDE_INT ret = 0; |
418 |
++ |
419 |
++ for (i = 0; i < 8 * sizeof ret; i++) { |
420 |
++ ret = (ret << 1) | (seed & 1); |
421 |
++ seed >>= 1; |
422 |
++ if (ret & 1) |
423 |
++ seed ^= 0xD800000000000000ULL; |
424 |
++ } |
425 |
++ |
426 |
++ return ret; |
427 |
+} |
428 |
+ |
429 |
+static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
430 |
+{ |
431 |
++ tree type; |
432 |
++ |
433 |
+ switch (TREE_CODE(*node)) { |
434 |
+ default: |
435 |
+ *no_add_attrs = true; |
436 |
@@ -106520,7 +106568,65 @@ index 0000000..515d689 |
437 |
+ error("variable %qD with %qE attribute must not be initialized", *node, name); |
438 |
+ break; |
439 |
+ } |
440 |
-+ DECL_INITIAL(*node) = build_int_cstu(long_long_unsigned_type_node, get_random_const()); |
441 |
++ |
442 |
++ if (!TREE_STATIC(*node)) { |
443 |
++ *no_add_attrs = true; |
444 |
++ error("variable %qD with %qE attribute must not be local", *node, name); |
445 |
++ break; |
446 |
++ } |
447 |
++ |
448 |
++ type = TREE_TYPE(*node); |
449 |
++ switch (TREE_CODE(type)) { |
450 |
++ default: |
451 |
++ *no_add_attrs = true; |
452 |
++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name); |
453 |
++ break; |
454 |
++ |
455 |
++ case INTEGER_TYPE: |
456 |
++ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const()); |
457 |
++ break; |
458 |
++ |
459 |
++ case ARRAY_TYPE: { |
460 |
++ tree elt_type, array_size, elt_size; |
461 |
++ unsigned long long mask; |
462 |
++ unsigned int i, nelt; |
463 |
++#if BUILDING_GCC_VERSION <= 4007 |
464 |
++ VEC(constructor_elt, gc) *vals; |
465 |
++#else |
466 |
++ vec<constructor_elt, va_gc> *vals; |
467 |
++#endif |
468 |
++ |
469 |
++ elt_type = TREE_TYPE(type); |
470 |
++ elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type)); |
471 |
++ array_size = TYPE_SIZE_UNIT(type); |
472 |
++ |
473 |
++ if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) { |
474 |
++ *no_add_attrs = true; |
475 |
++ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name); |
476 |
++ break; |
477 |
++ } |
478 |
++ |
479 |
++ nelt = TREE_INT_CST_LOW(array_size) / TREE_INT_CST_LOW(elt_size); |
480 |
++#if BUILDING_GCC_VERSION <= 4007 |
481 |
++ vals = VEC_alloc(constructor_elt, gc, nelt); |
482 |
++#else |
483 |
++ vec_alloc(vals, nelt); |
484 |
++#endif |
485 |
++ |
486 |
++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(elt_type)) - 1); |
487 |
++ mask = 2 * (mask - 1) + 1; |
488 |
++ |
489 |
++ for (i = 0; i < nelt; i++) |
490 |
++ if (TYPE_UNSIGNED(elt_type)) |
491 |
++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cstu(elt_type, mask & get_random_const())); |
492 |
++ else |
493 |
++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cst(elt_type, mask & get_random_const())); |
494 |
++ |
495 |
++ DECL_INITIAL(*node) = build_constructor(type, vals); |
496 |
++//debug_tree(DECL_INITIAL(*node)); |
497 |
++ break; |
498 |
++ } |
499 |
++ } |
500 |
+ break; |
501 |
+ |
502 |
+ case FUNCTION_DECL: |
503 |
@@ -106550,10 +106656,7 @@ index 0000000..515d689 |
504 |
+ |
505 |
+static bool gate_latent_entropy(void) |
506 |
+{ |
507 |
-+ tree latent_entropy_attr; |
508 |
-+ |
509 |
-+ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)); |
510 |
-+ return latent_entropy_attr != NULL_TREE; |
511 |
++ return lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)) != NULL_TREE; |
512 |
+} |
513 |
+ |
514 |
+static enum tree_code get_op(tree *rhs) |
515 |
@@ -106806,10 +106909,10 @@ index 0000000..515d689 |
516 |
+} |
517 |
diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c |
518 |
new file mode 100644 |
519 |
-index 0000000..bc490ca |
520 |
+index 0000000..8dafb22 |
521 |
--- /dev/null |
522 |
+++ b/tools/gcc/randomize_layout_plugin.c |
523 |
-@@ -0,0 +1,906 @@ |
524 |
+@@ -0,0 +1,910 @@ |
525 |
+/* |
526 |
+ * Copyright 2014 by Open Source Security, Inc., Brad Spengler <spender@××××××××××.net> |
527 |
+ * and PaX Team <pageexec@××××××××.hu> |
528 |
@@ -106838,7 +106941,7 @@ index 0000000..bc490ca |
529 |
+static int performance_mode; |
530 |
+ |
531 |
+static struct plugin_info randomize_layout_plugin_info = { |
532 |
-+ .version = "201402061950", |
533 |
++ .version = "201402201816", |
534 |
+ .help = "disable\t\t\tdo not activate plugin\n" |
535 |
+ "performance-mode\tenable cacheline-aware layout randomization\n" |
536 |
+}; |
537 |
@@ -107375,6 +107478,10 @@ index 0000000..bc490ca |
538 |
+ continue; |
539 |
+ } |
540 |
+ |
541 |
++ /* pipacs' plugin creates franken-arrays that differ from those produced by |
542 |
++ normal code which all have valid 'field' trees. work around this */ |
543 |
++ if (field == NULL_TREE) |
544 |
++ continue; |
545 |
+ field_type = TREE_TYPE(field); |
546 |
+ val_type = TREE_TYPE(val); |
547 |
+ |
548 |
@@ -117484,10 +117591,10 @@ index 0000000..4aab36f |
549 |
+} |
550 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
551 |
new file mode 100644 |
552 |
-index 0000000..e684c74 |
553 |
+index 0000000..5c0b937 |
554 |
--- /dev/null |
555 |
+++ b/tools/gcc/stackleak_plugin.c |
556 |
-@@ -0,0 +1,373 @@ |
557 |
+@@ -0,0 +1,374 @@ |
558 |
+/* |
559 |
+ * Copyright 2011-2014 by the PaX Team <pageexec@××××××××.hu> |
560 |
+ * Licensed under the GPL v2 |
561 |
@@ -117641,7 +117748,8 @@ index 0000000..e684c74 |
562 |
+ body = XEXP(body, 0); |
563 |
+ if (GET_CODE(body) != SYMBOL_REF) |
564 |
+ continue; |
565 |
-+ if (strcmp(XSTR(body, 0), track_function)) |
566 |
++// if (strcmp(XSTR(body, 0), track_function)) |
567 |
++ if (SYMBOL_REF_DECL(body) != track_function_decl) |
568 |
+ continue; |
569 |
+// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size); |
570 |
+ // 2. delete call |
571 |
@@ -117714,7 +117822,7 @@ index 0000000..e684c74 |
572 |
+ .properties_provided = 0, |
573 |
+ .properties_destroyed = 0, |
574 |
+ .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts, |
575 |
-+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa |
576 |
++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa | TODO_rebuild_cgraph_edges |
577 |
+#if BUILDING_GCC_VERSION < 4009 |
578 |
+ } |
579 |
+#endif |
580 |
|
581 |
diff --git a/3.2.55/0000_README b/3.2.55/0000_README |
582 |
index 943c944..f58c905 100644 |
583 |
--- a/3.2.55/0000_README |
584 |
+++ b/3.2.55/0000_README |
585 |
@@ -138,7 +138,7 @@ Patch: 1054_linux-3.2.55.patch |
586 |
From: http://www.kernel.org |
587 |
Desc: Linux 3.2.55 |
588 |
|
589 |
-Patch: 4420_grsecurity-3.0-3.2.55-201402192249.patch |
590 |
+Patch: 4420_grsecurity-3.0-3.2.55-201402221305.patch |
591 |
From: http://www.grsecurity.net |
592 |
Desc: hardened-sources base patch from upstream grsecurity |
593 |
|
594 |
|
595 |
diff --git a/3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch b/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch |
596 |
similarity index 99% |
597 |
rename from 3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch |
598 |
rename to 3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch |
599 |
index 598b438..8c95615 100644 |
600 |
--- a/3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch |
601 |
+++ b/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch |
602 |
@@ -34290,7 +34290,7 @@ index da3cfee..a5a6606 100644 |
603 |
|
604 |
*ppos = i; |
605 |
diff --git a/drivers/char/random.c b/drivers/char/random.c |
606 |
-index c244f0e..2080073 100644 |
607 |
+index c244f0e..05e9c5e 100644 |
608 |
--- a/drivers/char/random.c |
609 |
+++ b/drivers/char/random.c |
610 |
@@ -255,10 +255,8 @@ |
611 |
@@ -34557,7 +34557,7 @@ index c244f0e..2080073 100644 |
612 |
/********************************************************************** |
613 |
* |
614 |
* OS independent entropy store. Here are the functions which handle |
615 |
-@@ -421,22 +425,26 @@ module_param(debug, bool, 0644); |
616 |
+@@ -421,31 +425,35 @@ module_param(debug, bool, 0644); |
617 |
struct entropy_store; |
618 |
struct entropy_store { |
619 |
/* read-only data: */ |
620 |
@@ -34584,11 +34584,15 @@ index c244f0e..2080073 100644 |
621 |
__u8 last_data[EXTRACT_SIZE]; |
622 |
}; |
623 |
|
624 |
+-static __u32 input_pool_data[INPUT_POOL_WORDS]; |
625 |
+-static __u32 blocking_pool_data[OUTPUT_POOL_WORDS]; |
626 |
+-static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS]; |
627 |
+static void push_to_pool(struct work_struct *work); |
628 |
- static __u32 input_pool_data[INPUT_POOL_WORDS]; |
629 |
- static __u32 blocking_pool_data[OUTPUT_POOL_WORDS]; |
630 |
- static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS]; |
631 |
-@@ -445,7 +453,7 @@ static struct entropy_store input_pool = { |
632 |
++static __u32 input_pool_data[INPUT_POOL_WORDS] __latent_entropy; |
633 |
++static __u32 blocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy; |
634 |
++static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy; |
635 |
+ |
636 |
+ static struct entropy_store input_pool = { |
637 |
.poolinfo = &poolinfo_table[0], |
638 |
.name = "input", |
639 |
.limit = 1, |
640 |
@@ -52713,7 +52717,7 @@ index a6395bd..f1e376a 100644 |
641 |
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm); |
642 |
#ifdef __alpha__ |
643 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
644 |
-index 8dd615c..52ad259 100644 |
645 |
+index 8dd615c..3ecdf113 100644 |
646 |
--- a/fs/binfmt_elf.c |
647 |
+++ b/fs/binfmt_elf.c |
648 |
@@ -32,6 +32,7 @@ |
649 |
@@ -52724,6 +52728,15 @@ index 8dd615c..52ad259 100644 |
650 |
#include <asm/uaccess.h> |
651 |
#include <asm/param.h> |
652 |
#include <asm/page.h> |
653 |
+@@ -39,7 +40,7 @@ |
654 |
+ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs); |
655 |
+ static int load_elf_library(struct file *); |
656 |
+ static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *, |
657 |
+- int, int, unsigned long); |
658 |
++ int, int, unsigned long) __intentional_overflow(-1); |
659 |
+ |
660 |
+ /* |
661 |
+ * If we don't support core dumping, then supply a NULL so we |
662 |
@@ -51,6 +52,14 @@ static int elf_core_dump(struct coredump_params *cprm); |
663 |
#define elf_core_dump NULL |
664 |
#endif |
665 |
@@ -74957,11 +74970,18 @@ index d42bd48..554dcd5 100644 |
666 |
/* |
667 |
* epoll (fs/eventpoll.c) compat bits follow ... |
668 |
diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h |
669 |
-index 643d6c4..289dbb3 100644 |
670 |
+index 643d6c4..3c5171b 100644 |
671 |
--- a/include/linux/compiler-gcc4.h |
672 |
+++ b/include/linux/compiler-gcc4.h |
673 |
-@@ -46,6 +46,26 @@ |
674 |
- #endif |
675 |
+@@ -39,13 +39,29 @@ |
676 |
+ * |
677 |
+ * (asm goto is automatically volatile - the naming reflects this.) |
678 |
+ */ |
679 |
+-#if GCC_VERSION <= 40801 |
680 |
+ # define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) |
681 |
+-#else |
682 |
+-# define asm_volatile_goto(x...) do { asm goto(x); } while (0) |
683 |
+-#endif |
684 |
|
685 |
#if __GNUC_MINOR__ >= 5 |
686 |
+ |
687 |
@@ -74987,7 +75007,7 @@ index 643d6c4..289dbb3 100644 |
688 |
/* |
689 |
* Mark a position in code as unreachable. This can be used to |
690 |
* suppress control flow warnings after asm blocks that transfer |
691 |
-@@ -61,6 +81,11 @@ |
692 |
+@@ -61,6 +77,11 @@ |
693 |
#define __noclone __attribute__((__noclone__)) |
694 |
|
695 |
#endif |
696 |
@@ -81223,7 +81243,7 @@ index 1a6201a..66d9531 100644 |
697 |
static inline int rate_supported(struct ieee80211_sta *sta, |
698 |
enum ieee80211_band band, |
699 |
diff --git a/include/net/neighbour.h b/include/net/neighbour.h |
700 |
-index 2720884..bbc0141 100644 |
701 |
+index 2720884..0dc13cd 100644 |
702 |
--- a/include/net/neighbour.h |
703 |
+++ b/include/net/neighbour.h |
704 |
@@ -122,7 +122,7 @@ struct neigh_ops { |
705 |
@@ -81235,7 +81255,15 @@ index 2720884..bbc0141 100644 |
706 |
|
707 |
struct pneigh_entry { |
708 |
struct pneigh_entry *next; |
709 |
-@@ -176,7 +176,7 @@ struct neigh_table { |
710 |
+@@ -160,7 +160,6 @@ struct neigh_table { |
711 |
+ void (*proxy_redo)(struct sk_buff *skb); |
712 |
+ char *id; |
713 |
+ struct neigh_parms parms; |
714 |
+- /* HACK. gc_* should follow parms without a gap! */ |
715 |
+ int gc_interval; |
716 |
+ int gc_thresh1; |
717 |
+ int gc_thresh2; |
718 |
+@@ -176,7 +175,7 @@ struct neigh_table { |
719 |
struct neigh_statistics __percpu *stats; |
720 |
struct neigh_hash_table __rcu *nht; |
721 |
struct pneigh_entry **phash_buckets; |
722 |
@@ -97243,6 +97271,27 @@ index 139ef93..7afaa2f 100644 |
723 |
return -EFAULT; |
724 |
|
725 |
m->msg_iov = iov; |
726 |
+diff --git a/net/core/neighbour.c b/net/core/neighbour.c |
727 |
+index 0ea3fd3..d87fef1 100644 |
728 |
+--- a/net/core/neighbour.c |
729 |
++++ b/net/core/neighbour.c |
730 |
+@@ -2803,11 +2803,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, |
731 |
+ /* Terminate the table early */ |
732 |
+ memset(&t->neigh_vars[14], 0, sizeof(t->neigh_vars[14])); |
733 |
+ } else { |
734 |
++ struct neigh_table *ntable = container_of(p, struct neigh_table, parms); |
735 |
+ dev_name_source = neigh_path[NEIGH_CTL_PATH_DEV].procname; |
736 |
+- t->neigh_vars[14].data = (int *)(p + 1); |
737 |
+- t->neigh_vars[15].data = (int *)(p + 1) + 1; |
738 |
+- t->neigh_vars[16].data = (int *)(p + 1) + 2; |
739 |
+- t->neigh_vars[17].data = (int *)(p + 1) + 3; |
740 |
++ t->neigh_vars[14].data = &ntable->gc_interval; |
741 |
++ t->neigh_vars[15].data = &ntable->gc_thresh1; |
742 |
++ t->neigh_vars[16].data = &ntable->gc_thresh2; |
743 |
++ t->neigh_vars[17].data = &ntable->gc_thresh3; |
744 |
+ } |
745 |
+ |
746 |
+ |
747 |
diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c |
748 |
index 0329404..ab4e13a 100644 |
749 |
--- a/net/core/net-sysfs.c |
750 |
@@ -107829,10 +107878,10 @@ index 0000000..4f67ac1 |
751 |
+} |
752 |
diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h |
753 |
new file mode 100644 |
754 |
-index 0000000..312d3b6 |
755 |
+index 0000000..af12645 |
756 |
--- /dev/null |
757 |
+++ b/tools/gcc/gcc-common.h |
758 |
-@@ -0,0 +1,268 @@ |
759 |
+@@ -0,0 +1,274 @@ |
760 |
+#ifndef GCC_COMMON_H_INCLUDED |
761 |
+#define GCC_COMMON_H_INCLUDED |
762 |
+ |
763 |
@@ -108070,8 +108119,14 @@ index 0000000..312d3b6 |
764 |
+#endif |
765 |
+ |
766 |
+#if BUILDING_GCC_VERSION <= 4008 |
767 |
-+#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN) |
768 |
-+#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN) |
769 |
++#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN) |
770 |
++#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN) |
771 |
++#define basic_block_info_for_fn(FN) ((FN)->cfg->x_basic_block_info) |
772 |
++#define n_basic_blocks_for_fn(FN) ((FN)->cfg->x_n_basic_blocks) |
773 |
++#define n_edges_for_fn(FN) ((FN)->cfg->x_n_edges) |
774 |
++#define last_basic_block_for_fn(FN) ((FN)->cfg->x_last_basic_block) |
775 |
++#define label_to_block_map_for_fn(FN) ((FN)->cfg->x_label_to_block_map) |
776 |
++#define profile_status_for_fn(FN) ((FN)->cfg->x_profile_status) |
777 |
+ |
778 |
+static inline const char *get_tree_code_name(enum tree_code code) |
779 |
+{ |
780 |
@@ -108930,10 +108985,10 @@ index 0000000..dd73713 |
781 |
+} |
782 |
diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
783 |
new file mode 100644 |
784 |
-index 0000000..515d689 |
785 |
+index 0000000..7e39d81 |
786 |
--- /dev/null |
787 |
+++ b/tools/gcc/latent_entropy_plugin.c |
788 |
-@@ -0,0 +1,337 @@ |
789 |
+@@ -0,0 +1,403 @@ |
790 |
+/* |
791 |
+ * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu> |
792 |
+ * Licensed under the GPL v2 |
793 |
@@ -108944,7 +108999,7 @@ index 0000000..515d689 |
794 |
+ * any of the gcc libraries |
795 |
+ * |
796 |
+ * gcc plugin to help generate a little bit of entropy from program state, |
797 |
-+ * used during boot in the kernel |
798 |
++ * used throughout the uptime of the kernel |
799 |
+ * |
800 |
+ * TODO: |
801 |
+ * - add ipa pass to identify not explicitly marked candidate functions |
802 |
@@ -108962,19 +109017,30 @@ index 0000000..515d689 |
803 |
+static tree latent_entropy_decl; |
804 |
+ |
805 |
+static struct plugin_info latent_entropy_plugin_info = { |
806 |
-+ .version = "201402131900", |
807 |
++ .version = "201402210120", |
808 |
+ .help = NULL |
809 |
+}; |
810 |
+ |
811 |
+static unsigned HOST_WIDE_INT seed; |
812 |
+static unsigned HOST_WIDE_INT get_random_const(void) |
813 |
+{ |
814 |
-+ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL); |
815 |
-+ return seed; |
816 |
++ unsigned int i; |
817 |
++ unsigned HOST_WIDE_INT ret = 0; |
818 |
++ |
819 |
++ for (i = 0; i < 8 * sizeof ret; i++) { |
820 |
++ ret = (ret << 1) | (seed & 1); |
821 |
++ seed >>= 1; |
822 |
++ if (ret & 1) |
823 |
++ seed ^= 0xD800000000000000ULL; |
824 |
++ } |
825 |
++ |
826 |
++ return ret; |
827 |
+} |
828 |
+ |
829 |
+static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
830 |
+{ |
831 |
++ tree type; |
832 |
++ |
833 |
+ switch (TREE_CODE(*node)) { |
834 |
+ default: |
835 |
+ *no_add_attrs = true; |
836 |
@@ -108987,7 +109053,65 @@ index 0000000..515d689 |
837 |
+ error("variable %qD with %qE attribute must not be initialized", *node, name); |
838 |
+ break; |
839 |
+ } |
840 |
-+ DECL_INITIAL(*node) = build_int_cstu(long_long_unsigned_type_node, get_random_const()); |
841 |
++ |
842 |
++ if (!TREE_STATIC(*node)) { |
843 |
++ *no_add_attrs = true; |
844 |
++ error("variable %qD with %qE attribute must not be local", *node, name); |
845 |
++ break; |
846 |
++ } |
847 |
++ |
848 |
++ type = TREE_TYPE(*node); |
849 |
++ switch (TREE_CODE(type)) { |
850 |
++ default: |
851 |
++ *no_add_attrs = true; |
852 |
++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name); |
853 |
++ break; |
854 |
++ |
855 |
++ case INTEGER_TYPE: |
856 |
++ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const()); |
857 |
++ break; |
858 |
++ |
859 |
++ case ARRAY_TYPE: { |
860 |
++ tree elt_type, array_size, elt_size; |
861 |
++ unsigned long long mask; |
862 |
++ unsigned int i, nelt; |
863 |
++#if BUILDING_GCC_VERSION <= 4007 |
864 |
++ VEC(constructor_elt, gc) *vals; |
865 |
++#else |
866 |
++ vec<constructor_elt, va_gc> *vals; |
867 |
++#endif |
868 |
++ |
869 |
++ elt_type = TREE_TYPE(type); |
870 |
++ elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type)); |
871 |
++ array_size = TYPE_SIZE_UNIT(type); |
872 |
++ |
873 |
++ if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) { |
874 |
++ *no_add_attrs = true; |
875 |
++ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name); |
876 |
++ break; |
877 |
++ } |
878 |
++ |
879 |
++ nelt = TREE_INT_CST_LOW(array_size) / TREE_INT_CST_LOW(elt_size); |
880 |
++#if BUILDING_GCC_VERSION <= 4007 |
881 |
++ vals = VEC_alloc(constructor_elt, gc, nelt); |
882 |
++#else |
883 |
++ vec_alloc(vals, nelt); |
884 |
++#endif |
885 |
++ |
886 |
++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(elt_type)) - 1); |
887 |
++ mask = 2 * (mask - 1) + 1; |
888 |
++ |
889 |
++ for (i = 0; i < nelt; i++) |
890 |
++ if (TYPE_UNSIGNED(elt_type)) |
891 |
++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cstu(elt_type, mask & get_random_const())); |
892 |
++ else |
893 |
++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cst(elt_type, mask & get_random_const())); |
894 |
++ |
895 |
++ DECL_INITIAL(*node) = build_constructor(type, vals); |
896 |
++//debug_tree(DECL_INITIAL(*node)); |
897 |
++ break; |
898 |
++ } |
899 |
++ } |
900 |
+ break; |
901 |
+ |
902 |
+ case FUNCTION_DECL: |
903 |
@@ -109017,10 +109141,7 @@ index 0000000..515d689 |
904 |
+ |
905 |
+static bool gate_latent_entropy(void) |
906 |
+{ |
907 |
-+ tree latent_entropy_attr; |
908 |
-+ |
909 |
-+ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)); |
910 |
-+ return latent_entropy_attr != NULL_TREE; |
911 |
++ return lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)) != NULL_TREE; |
912 |
+} |
913 |
+ |
914 |
+static enum tree_code get_op(tree *rhs) |
915 |
@@ -109273,10 +109394,10 @@ index 0000000..515d689 |
916 |
+} |
917 |
diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c |
918 |
new file mode 100644 |
919 |
-index 0000000..bc490ca |
920 |
+index 0000000..8dafb22 |
921 |
--- /dev/null |
922 |
+++ b/tools/gcc/randomize_layout_plugin.c |
923 |
-@@ -0,0 +1,906 @@ |
924 |
+@@ -0,0 +1,910 @@ |
925 |
+/* |
926 |
+ * Copyright 2014 by Open Source Security, Inc., Brad Spengler <spender@××××××××××.net> |
927 |
+ * and PaX Team <pageexec@××××××××.hu> |
928 |
@@ -109305,7 +109426,7 @@ index 0000000..bc490ca |
929 |
+static int performance_mode; |
930 |
+ |
931 |
+static struct plugin_info randomize_layout_plugin_info = { |
932 |
-+ .version = "201402061950", |
933 |
++ .version = "201402201816", |
934 |
+ .help = "disable\t\t\tdo not activate plugin\n" |
935 |
+ "performance-mode\tenable cacheline-aware layout randomization\n" |
936 |
+}; |
937 |
@@ -109842,6 +109963,10 @@ index 0000000..bc490ca |
938 |
+ continue; |
939 |
+ } |
940 |
+ |
941 |
++ /* pipacs' plugin creates franken-arrays that differ from those produced by |
942 |
++ normal code which all have valid 'field' trees. work around this */ |
943 |
++ if (field == NULL_TREE) |
944 |
++ continue; |
945 |
+ field_type = TREE_TYPE(field); |
946 |
+ val_type = TREE_TYPE(val); |
947 |
+ |
948 |
@@ -120249,10 +120374,10 @@ index 0000000..4aab36f |
949 |
+} |
950 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
951 |
new file mode 100644 |
952 |
-index 0000000..e684c74 |
953 |
+index 0000000..5c0b937 |
954 |
--- /dev/null |
955 |
+++ b/tools/gcc/stackleak_plugin.c |
956 |
-@@ -0,0 +1,373 @@ |
957 |
+@@ -0,0 +1,374 @@ |
958 |
+/* |
959 |
+ * Copyright 2011-2014 by the PaX Team <pageexec@××××××××.hu> |
960 |
+ * Licensed under the GPL v2 |
961 |
@@ -120406,7 +120531,8 @@ index 0000000..e684c74 |
962 |
+ body = XEXP(body, 0); |
963 |
+ if (GET_CODE(body) != SYMBOL_REF) |
964 |
+ continue; |
965 |
-+ if (strcmp(XSTR(body, 0), track_function)) |
966 |
++// if (strcmp(XSTR(body, 0), track_function)) |
967 |
++ if (SYMBOL_REF_DECL(body) != track_function_decl) |
968 |
+ continue; |
969 |
+// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size); |
970 |
+ // 2. delete call |
971 |
@@ -120479,7 +120605,7 @@ index 0000000..e684c74 |
972 |
+ .properties_provided = 0, |
973 |
+ .properties_destroyed = 0, |
974 |
+ .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts, |
975 |
-+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa |
976 |
++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa | TODO_rebuild_cgraph_edges |
977 |
+#if BUILDING_GCC_VERSION < 4009 |
978 |
+ } |
979 |
+#endif |