1 |
commit: 82d2c36cc22e9a10732b6279952d085c72230d17 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Dec 23 23:33:49 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Dec 23 23:33:49 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=82d2c36c |
7 |
|
8 |
Grsec/PaX: 2.6.32.51-201112222105 + 3.1.6-201112222105 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.2.2-2.6.32.51-201112222105.patch} | 121 +----- |
13 |
{3.1.5 => 3.1.6}/0000_README | 2 +- |
14 |
.../4420_grsecurity-2.2.2-3.1.6-201112222105.patch | 431 ++++++++++---------- |
15 |
.../4421_grsec-remove-localversion-grsec.patch | 0 |
16 |
{3.1.5 => 3.1.6}/4422_grsec-mute-warnings.patch | 0 |
17 |
.../4423_grsec-remove-protected-paths.patch | 0 |
18 |
.../4425_grsec-pax-without-grsec.patch | 0 |
19 |
.../4430_grsec-kconfig-default-gids.patch | 0 |
20 |
{3.1.5 => 3.1.6}/4435_grsec-kconfig-gentoo.patch | 0 |
21 |
.../4437-grsec-kconfig-proc-user.patch | 0 |
22 |
.../4440_selinux-avc_audit-log-curr_ip.patch | 0 |
23 |
{3.1.5 => 3.1.6}/4445_disable-compat_vdso.patch | 0 |
24 |
13 files changed, 250 insertions(+), 306 deletions(-) |
25 |
|
26 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
27 |
index 60b9d80..22c2947 100644 |
28 |
--- a/2.6.32/0000_README |
29 |
+++ b/2.6.32/0000_README |
30 |
@@ -3,7 +3,7 @@ README |
31 |
|
32 |
Individual Patch Descriptions: |
33 |
----------------------------------------------------------------------------- |
34 |
-Patch: 4420_grsecurity-2.2.2-2.6.32.50-201112102010.patch |
35 |
+Patch: 4420_grsecurity-2.2.2-2.6.32.51-201112222105.patch |
36 |
From: http://www.grsecurity.net |
37 |
Desc: hardened-sources base patch from upstream grsecurity |
38 |
|
39 |
|
40 |
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.50-201112102010.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.51-201112222105.patch |
41 |
similarity index 99% |
42 |
rename from 2.6.32/4420_grsecurity-2.2.2-2.6.32.50-201112102010.patch |
43 |
rename to 2.6.32/4420_grsecurity-2.2.2-2.6.32.51-201112222105.patch |
44 |
index bb97e13..1a4e34c 100644 |
45 |
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.50-201112102010.patch |
46 |
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.51-201112222105.patch |
47 |
@@ -185,7 +185,7 @@ index c840e7d..f4c451c 100644 |
48 |
|
49 |
pcd. [PARIDE] |
50 |
diff --git a/Makefile b/Makefile |
51 |
-index f38986c..46a251b 100644 |
52 |
+index 1c640ea..b545bdc 100644 |
53 |
--- a/Makefile |
54 |
+++ b/Makefile |
55 |
@@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
56 |
@@ -26002,19 +26002,10 @@ index 36fe08e..b123d3a 100644 |
57 |
EXPORT_SYMBOL_GPL(leave_mm); |
58 |
|
59 |
diff --git a/arch/x86/oprofile/backtrace.c b/arch/x86/oprofile/backtrace.c |
60 |
-index 044897b..a195924 100644 |
61 |
+index 829edf0..672adb3 100644 |
62 |
--- a/arch/x86/oprofile/backtrace.c |
63 |
+++ b/arch/x86/oprofile/backtrace.c |
64 |
-@@ -57,7 +57,7 @@ static struct frame_head *dump_user_backtrace(struct frame_head *head) |
65 |
- struct frame_head bufhead[2]; |
66 |
- |
67 |
- /* Also check accessibility of one struct frame_head beyond */ |
68 |
-- if (!access_ok(VERIFY_READ, head, sizeof(bufhead))) |
69 |
-+ if (!__access_ok(VERIFY_READ, head, sizeof(bufhead))) |
70 |
- return NULL; |
71 |
- if (__copy_from_user_inatomic(bufhead, head, sizeof(bufhead))) |
72 |
- return NULL; |
73 |
-@@ -77,7 +77,7 @@ x86_backtrace(struct pt_regs * const regs, unsigned int depth) |
74 |
+@@ -115,7 +115,7 @@ x86_backtrace(struct pt_regs * const regs, unsigned int depth) |
75 |
{ |
76 |
struct frame_head *head = (struct frame_head *)frame_pointer(regs); |
77 |
|
78 |
@@ -39601,10 +39592,10 @@ index 2ecbedb..42704f0 100644 |
79 |
|
80 |
tmp = cpu_to_le32(rts_threshold); |
81 |
diff --git a/drivers/oprofile/buffer_sync.c b/drivers/oprofile/buffer_sync.c |
82 |
-index 5c4df24..3b42925 100644 |
83 |
+index 334ccd6..47f8944 100644 |
84 |
--- a/drivers/oprofile/buffer_sync.c |
85 |
+++ b/drivers/oprofile/buffer_sync.c |
86 |
-@@ -341,7 +341,7 @@ static void add_data(struct op_entry *entry, struct mm_struct *mm) |
87 |
+@@ -342,7 +342,7 @@ static void add_data(struct op_entry *entry, struct mm_struct *mm) |
88 |
if (cookie == NO_COOKIE) |
89 |
offset = pc; |
90 |
if (cookie == INVALID_COOKIE) { |
91 |
@@ -39613,7 +39604,7 @@ index 5c4df24..3b42925 100644 |
92 |
offset = pc; |
93 |
} |
94 |
if (cookie != last_cookie) { |
95 |
-@@ -385,14 +385,14 @@ add_sample(struct mm_struct *mm, struct op_sample *s, int in_kernel) |
96 |
+@@ -386,14 +386,14 @@ add_sample(struct mm_struct *mm, struct op_sample *s, int in_kernel) |
97 |
/* add userspace sample */ |
98 |
|
99 |
if (!mm) { |
100 |
@@ -39630,7 +39621,7 @@ index 5c4df24..3b42925 100644 |
101 |
return 0; |
102 |
} |
103 |
|
104 |
-@@ -561,7 +561,7 @@ void sync_buffer(int cpu) |
105 |
+@@ -562,7 +562,7 @@ void sync_buffer(int cpu) |
106 |
/* ignore backtraces if failed to add a sample */ |
107 |
if (state == sb_bt_start) { |
108 |
state = sb_bt_ignore; |
109 |
@@ -50470,50 +50461,6 @@ index 4463297..4fed53b 100644 |
110 |
.uevent = gfs2_uevent, |
111 |
}; |
112 |
|
113 |
-diff --git a/fs/hfs/btree.c b/fs/hfs/btree.c |
114 |
-index 052f214..2462c5b 100644 |
115 |
---- a/fs/hfs/btree.c |
116 |
-+++ b/fs/hfs/btree.c |
117 |
-@@ -45,11 +45,27 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke |
118 |
- case HFS_EXT_CNID: |
119 |
- hfs_inode_read_fork(tree->inode, mdb->drXTExtRec, mdb->drXTFlSize, |
120 |
- mdb->drXTFlSize, be32_to_cpu(mdb->drXTClpSiz)); |
121 |
-+ |
122 |
-+ if (HFS_I(tree->inode)->alloc_blocks > |
123 |
-+ HFS_I(tree->inode)->first_blocks) { |
124 |
-+ printk(KERN_ERR "hfs: invalid btree extent records\n"); |
125 |
-+ unlock_new_inode(tree->inode); |
126 |
-+ goto free_inode; |
127 |
-+ } |
128 |
-+ |
129 |
- tree->inode->i_mapping->a_ops = &hfs_btree_aops; |
130 |
- break; |
131 |
- case HFS_CAT_CNID: |
132 |
- hfs_inode_read_fork(tree->inode, mdb->drCTExtRec, mdb->drCTFlSize, |
133 |
- mdb->drCTFlSize, be32_to_cpu(mdb->drCTClpSiz)); |
134 |
-+ |
135 |
-+ if (!HFS_I(tree->inode)->first_blocks) { |
136 |
-+ printk(KERN_ERR "hfs: invalid btree extent records " |
137 |
-+ "(0 size).\n"); |
138 |
-+ unlock_new_inode(tree->inode); |
139 |
-+ goto free_inode; |
140 |
-+ } |
141 |
-+ |
142 |
- tree->inode->i_mapping->a_ops = &hfs_btree_aops; |
143 |
- break; |
144 |
- default: |
145 |
-@@ -58,11 +74,6 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke |
146 |
- } |
147 |
- unlock_new_inode(tree->inode); |
148 |
- |
149 |
-- if (!HFS_I(tree->inode)->first_blocks) { |
150 |
-- printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n"); |
151 |
-- goto free_inode; |
152 |
-- } |
153 |
-- |
154 |
- mapping = tree->inode->i_mapping; |
155 |
- page = read_mapping_page(mapping, 0, NULL); |
156 |
- if (IS_ERR(page)) |
157 |
diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c |
158 |
index f6874ac..7cd98a8 100644 |
159 |
--- a/fs/hfsplus/catalog.c |
160 |
@@ -71032,7 +70979,7 @@ index 4bde56f..29a9bab 100644 |
161 |
else |
162 |
new_fs = fs; |
163 |
diff --git a/kernel/futex.c b/kernel/futex.c |
164 |
-index fb98c9f..f158c0c 100644 |
165 |
+index fb98c9f..333faec 100644 |
166 |
--- a/kernel/futex.c |
167 |
+++ b/kernel/futex.c |
168 |
@@ -54,6 +54,7 @@ |
169 |
@@ -71082,34 +71029,18 @@ index fb98c9f..f158c0c 100644 |
170 |
if (!bitset) |
171 |
return -EINVAL; |
172 |
|
173 |
-@@ -2407,7 +2417,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
174 |
- { |
175 |
- struct robust_list_head __user *head; |
176 |
- unsigned long ret; |
177 |
-+#ifndef CONFIG_GRKERNSEC_PROC_MEMMAP |
178 |
- const struct cred *cred = current_cred(), *pcred; |
179 |
-+#endif |
180 |
- |
181 |
- if (!futex_cmpxchg_enabled) |
182 |
- return -ENOSYS; |
183 |
-@@ -2423,11 +2435,16 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
184 |
+@@ -2423,6 +2433,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
185 |
if (!p) |
186 |
goto err_unlock; |
187 |
ret = -EPERM; |
188 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
189 |
+ if (!ptrace_may_access(p, PTRACE_MODE_READ)) |
190 |
+ goto err_unlock; |
191 |
-+#else |
192 |
++#endif |
193 |
pcred = __task_cred(p); |
194 |
if (cred->euid != pcred->euid && |
195 |
cred->euid != pcred->uid && |
196 |
- !capable(CAP_SYS_PTRACE)) |
197 |
- goto err_unlock; |
198 |
-+#endif |
199 |
- head = p->robust_list; |
200 |
- rcu_read_unlock(); |
201 |
- } |
202 |
-@@ -2489,7 +2506,7 @@ retry: |
203 |
+@@ -2489,7 +2503,7 @@ retry: |
204 |
*/ |
205 |
static inline int fetch_robust_entry(struct robust_list __user **entry, |
206 |
struct robust_list __user * __user *head, |
207 |
@@ -71118,7 +71049,7 @@ index fb98c9f..f158c0c 100644 |
208 |
{ |
209 |
unsigned long uentry; |
210 |
|
211 |
-@@ -2670,6 +2687,7 @@ static int __init futex_init(void) |
212 |
+@@ -2670,6 +2684,7 @@ static int __init futex_init(void) |
213 |
{ |
214 |
u32 curval; |
215 |
int i; |
216 |
@@ -71126,7 +71057,7 @@ index fb98c9f..f158c0c 100644 |
217 |
|
218 |
/* |
219 |
* This will fail and we want it. Some arch implementations do |
220 |
-@@ -2681,7 +2699,10 @@ static int __init futex_init(void) |
221 |
+@@ -2681,7 +2696,10 @@ static int __init futex_init(void) |
222 |
* implementation, the non functional ones will return |
223 |
* -ENOSYS. |
224 |
*/ |
225 |
@@ -71138,7 +71069,7 @@ index fb98c9f..f158c0c 100644 |
226 |
futex_cmpxchg_enabled = 1; |
227 |
|
228 |
diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c |
229 |
-index 2357165..8d70cee 100644 |
230 |
+index 2357165..eb25501 100644 |
231 |
--- a/kernel/futex_compat.c |
232 |
+++ b/kernel/futex_compat.c |
233 |
@@ -10,6 +10,7 @@ |
234 |
@@ -71149,35 +71080,27 @@ index 2357165..8d70cee 100644 |
235 |
|
236 |
#include <asm/uaccess.h> |
237 |
|
238 |
-@@ -135,7 +136,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
239 |
+@@ -135,7 +136,8 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
240 |
{ |
241 |
struct compat_robust_list_head __user *head; |
242 |
unsigned long ret; |
243 |
- const struct cred *cred = current_cred(), *pcred; |
244 |
-+#ifndef CONFIG_GRKERNSEC_PROC_MEMMAP |
245 |
+ const struct cred *cred = current_cred(); |
246 |
+ const struct cred *pcred; |
247 |
-+#endif |
248 |
|
249 |
if (!futex_cmpxchg_enabled) |
250 |
return -ENOSYS; |
251 |
-@@ -151,11 +155,16 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
252 |
+@@ -151,6 +153,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
253 |
if (!p) |
254 |
goto err_unlock; |
255 |
ret = -EPERM; |
256 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
257 |
+ if (!ptrace_may_access(p, PTRACE_MODE_READ)) |
258 |
+ goto err_unlock; |
259 |
-+#else |
260 |
++#endif |
261 |
pcred = __task_cred(p); |
262 |
if (cred->euid != pcred->euid && |
263 |
cred->euid != pcred->uid && |
264 |
- !capable(CAP_SYS_PTRACE)) |
265 |
- goto err_unlock; |
266 |
-+#endif |
267 |
- head = p->compat_robust_list; |
268 |
- read_unlock(&tasklist_lock); |
269 |
- } |
270 |
diff --git a/kernel/gcov/base.c b/kernel/gcov/base.c |
271 |
index 9b22d03..6295b62 100644 |
272 |
--- a/kernel/gcov/base.c |
273 |
@@ -74411,7 +74334,7 @@ index 469193c..ea3ecb2 100644 |
274 |
(table->proc_handler == proc_dointvec_minmax) || |
275 |
(table->proc_handler == proc_dointvec_jiffies) || |
276 |
diff --git a/kernel/taskstats.c b/kernel/taskstats.c |
277 |
-index b080920..d344f89 100644 |
278 |
+index a4ef542..798bcd7 100644 |
279 |
--- a/kernel/taskstats.c |
280 |
+++ b/kernel/taskstats.c |
281 |
@@ -26,9 +26,12 @@ |
282 |
@@ -78051,11 +77974,11 @@ index 3ecab7e..594a471 100644 |
283 |
#endif /* CONFIG_SPARSEMEM */ |
284 |
|
285 |
diff --git a/mm/percpu.c b/mm/percpu.c |
286 |
-index 3bfd6e2..60404b9 100644 |
287 |
+index c90614a..5f7b7b8 100644 |
288 |
--- a/mm/percpu.c |
289 |
+++ b/mm/percpu.c |
290 |
-@@ -115,7 +115,7 @@ static unsigned int pcpu_first_unit_cpu __read_mostly; |
291 |
- static unsigned int pcpu_last_unit_cpu __read_mostly; |
292 |
+@@ -115,7 +115,7 @@ static unsigned int pcpu_low_unit_cpu __read_mostly; |
293 |
+ static unsigned int pcpu_high_unit_cpu __read_mostly; |
294 |
|
295 |
/* the address of the first chunk which starts with the kernel static area */ |
296 |
-void *pcpu_base_addr __read_mostly; |
297 |
@@ -78943,7 +78866,7 @@ index 308e57d..5de19c0 100644 |
298 |
} |
299 |
} |
300 |
diff --git a/mm/util.c b/mm/util.c |
301 |
-index b377ce4..3a891af 100644 |
302 |
+index e48b493..24a601d 100644 |
303 |
--- a/mm/util.c |
304 |
+++ b/mm/util.c |
305 |
@@ -228,6 +228,12 @@ EXPORT_SYMBOL(strndup_user); |
306 |
|
307 |
diff --git a/3.1.5/0000_README b/3.1.6/0000_README |
308 |
similarity index 97% |
309 |
rename from 3.1.5/0000_README |
310 |
rename to 3.1.6/0000_README |
311 |
index 613b71d..29427c6 100644 |
312 |
--- a/3.1.5/0000_README |
313 |
+++ b/3.1.6/0000_README |
314 |
@@ -3,7 +3,7 @@ README |
315 |
|
316 |
Individual Patch Descriptions: |
317 |
----------------------------------------------------------------------------- |
318 |
-Patch: 4420_grsecurity-2.2.2-3.1.5-201112101853.patch |
319 |
+Patch: 4420_grsecurity-2.2.2-3.1.6-201112222105.patch |
320 |
From: http://www.grsecurity.net |
321 |
Desc: hardened-sources base patch from upstream grsecurity |
322 |
|
323 |
|
324 |
diff --git a/3.1.5/4420_grsecurity-2.2.2-3.1.5-201112101853.patch b/3.1.6/4420_grsecurity-2.2.2-3.1.6-201112222105.patch |
325 |
similarity index 99% |
326 |
rename from 3.1.5/4420_grsecurity-2.2.2-3.1.5-201112101853.patch |
327 |
rename to 3.1.6/4420_grsecurity-2.2.2-3.1.6-201112222105.patch |
328 |
index 67dea05..5c91c1a 100644 |
329 |
--- a/3.1.5/4420_grsecurity-2.2.2-3.1.5-201112101853.patch |
330 |
+++ b/3.1.6/4420_grsecurity-2.2.2-3.1.6-201112222105.patch |
331 |
@@ -186,7 +186,7 @@ index d6e6724..a024ce8 100644 |
332 |
|
333 |
pcd. [PARIDE] |
334 |
diff --git a/Makefile b/Makefile |
335 |
-index 94ab2ad..1e4a6e8 100644 |
336 |
+index 2d6e0a8..d1d2564 100644 |
337 |
--- a/Makefile |
338 |
+++ b/Makefile |
339 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
340 |
@@ -10212,7 +10212,7 @@ index cb23852..2dde194 100644 |
341 |
|
342 |
asmlinkage long sys32_sched_rr_get_interval(compat_pid_t, |
343 |
diff --git a/arch/x86/include/asm/system.h b/arch/x86/include/asm/system.h |
344 |
-index c2ff2a1..4349184 100644 |
345 |
+index 2d2f01c..f985723 100644 |
346 |
--- a/arch/x86/include/asm/system.h |
347 |
+++ b/arch/x86/include/asm/system.h |
348 |
@@ -129,7 +129,7 @@ do { \ |
349 |
@@ -10242,7 +10242,7 @@ index c2ff2a1..4349184 100644 |
350 |
} |
351 |
|
352 |
static inline void native_clts(void) |
353 |
-@@ -397,12 +397,12 @@ void enable_hlt(void); |
354 |
+@@ -397,13 +397,13 @@ void enable_hlt(void); |
355 |
|
356 |
void cpu_idle_wait(void); |
357 |
|
358 |
@@ -10251,6 +10251,7 @@ index c2ff2a1..4349184 100644 |
359 |
extern void free_init_pages(char *what, unsigned long begin, unsigned long end); |
360 |
|
361 |
void default_idle(void); |
362 |
+ bool set_pm_idle_to_default(void); |
363 |
|
364 |
-void stop_this_cpu(void *dummy); |
365 |
+void stop_this_cpu(void *dummy) __noreturn; |
366 |
@@ -16136,7 +16137,7 @@ index 35ccf75..67e7d4d 100644 |
367 |
for (p = start; p < finish; p++) { |
368 |
q = find_dependents_of(start, finish, p); |
369 |
diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c |
370 |
-index e7e3b01..43c5af3 100644 |
371 |
+index 30eb651..0758167 100644 |
372 |
--- a/arch/x86/kernel/process.c |
373 |
+++ b/arch/x86/kernel/process.c |
374 |
@@ -48,16 +48,33 @@ void free_thread_xstate(struct task_struct *tsk) |
375 |
@@ -16219,16 +16220,17 @@ index e7e3b01..43c5af3 100644 |
376 |
#else |
377 |
regs.ss = __KERNEL_DS; |
378 |
#endif |
379 |
-@@ -403,7 +423,7 @@ void default_idle(void) |
380 |
- EXPORT_SYMBOL(default_idle); |
381 |
- #endif |
382 |
+@@ -411,7 +431,8 @@ bool set_pm_idle_to_default(void) |
383 |
|
384 |
+ return ret; |
385 |
+ } |
386 |
-void stop_this_cpu(void *dummy) |
387 |
++ |
388 |
+__noreturn void stop_this_cpu(void *dummy) |
389 |
{ |
390 |
local_irq_disable(); |
391 |
/* |
392 |
-@@ -645,16 +665,37 @@ static int __init idle_setup(char *str) |
393 |
+@@ -653,16 +674,37 @@ static int __init idle_setup(char *str) |
394 |
} |
395 |
early_param("idle", idle_setup); |
396 |
|
397 |
@@ -22066,19 +22068,10 @@ index 0d17c8c..4f4764f 100644 |
398 |
+ return ret ? -EFAULT : 0; |
399 |
+} |
400 |
diff --git a/arch/x86/mm/gup.c b/arch/x86/mm/gup.c |
401 |
-index ea30585..7d26398 100644 |
402 |
+index dd74e46..7d26398 100644 |
403 |
--- a/arch/x86/mm/gup.c |
404 |
+++ b/arch/x86/mm/gup.c |
405 |
-@@ -201,6 +201,8 @@ static noinline int gup_huge_pud(pud_t pud, unsigned long addr, |
406 |
- do { |
407 |
- VM_BUG_ON(compound_head(page) != head); |
408 |
- pages[*nr] = page; |
409 |
-+ if (PageTail(page)) |
410 |
-+ get_huge_page_tail(page); |
411 |
- (*nr)++; |
412 |
- page++; |
413 |
- refs++; |
414 |
-@@ -253,7 +255,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, |
415 |
+@@ -255,7 +255,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, |
416 |
addr = start; |
417 |
len = (unsigned long) nr_pages << PAGE_SHIFT; |
418 |
end = start + len; |
419 |
@@ -28728,10 +28721,10 @@ index b51e157..8f14fb9 100644 |
420 |
return can_switch; |
421 |
} |
422 |
diff --git a/drivers/gpu/drm/radeon/radeon_display.c b/drivers/gpu/drm/radeon/radeon_display.c |
423 |
-index 6adb3e5..b91553e2 100644 |
424 |
+index 07ac481..41cb437 100644 |
425 |
--- a/drivers/gpu/drm/radeon/radeon_display.c |
426 |
+++ b/drivers/gpu/drm/radeon/radeon_display.c |
427 |
-@@ -925,6 +925,8 @@ void radeon_compute_pll_legacy(struct radeon_pll *pll, |
428 |
+@@ -926,6 +926,8 @@ void radeon_compute_pll_legacy(struct radeon_pll *pll, |
429 |
uint32_t post_div; |
430 |
u32 pll_out_min, pll_out_max; |
431 |
|
432 |
@@ -37356,10 +37349,10 @@ index ed147c4..94fc3c6 100644 |
433 |
|
434 |
/* core tmem accessor functions */ |
435 |
diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c |
436 |
-index 26a5d8b..74434f8 100644 |
437 |
+index c4ac6f6..4f90f53 100644 |
438 |
--- a/drivers/target/iscsi/iscsi_target.c |
439 |
+++ b/drivers/target/iscsi/iscsi_target.c |
440 |
-@@ -1368,7 +1368,7 @@ static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) |
441 |
+@@ -1370,7 +1370,7 @@ static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) |
442 |
* outstanding_r2ts reaches zero, go ahead and send the delayed |
443 |
* TASK_ABORTED status. |
444 |
*/ |
445 |
@@ -37391,7 +37384,7 @@ index 8badcb4..94c9ac6 100644 |
446 |
memset(wwn, 0, ALUA_SECONDARY_METADATA_WWN_LEN); |
447 |
|
448 |
diff --git a/drivers/target/target_core_cdb.c b/drivers/target/target_core_cdb.c |
449 |
-index f04d4ef..7de212b 100644 |
450 |
+index 5f91397..dcc2d25 100644 |
451 |
--- a/drivers/target/target_core_cdb.c |
452 |
+++ b/drivers/target/target_core_cdb.c |
453 |
@@ -933,6 +933,8 @@ target_emulate_modesense(struct se_cmd *cmd, int ten) |
454 |
@@ -37479,7 +37472,7 @@ index 5c1b8c5..0cb7d0e 100644 |
455 |
|
456 |
core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count); |
457 |
diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c |
458 |
-index 013c100..8fd2e57 100644 |
459 |
+index e2added..ccb5251 100644 |
460 |
--- a/drivers/target/target_core_transport.c |
461 |
+++ b/drivers/target/target_core_transport.c |
462 |
@@ -1445,7 +1445,7 @@ struct se_device *transport_add_device_to_core_hba( |
463 |
@@ -37521,7 +37514,7 @@ index 013c100..8fd2e57 100644 |
464 |
cmd->t_task_list_num) |
465 |
atomic_set(&cmd->transport_sent, 1); |
466 |
|
467 |
-@@ -4665,7 +4665,7 @@ static void transport_generic_wait_for_tasks( |
468 |
+@@ -4682,7 +4682,7 @@ static void transport_generic_wait_for_tasks( |
469 |
atomic_set(&cmd->transport_lun_stop, 0); |
470 |
} |
471 |
if (!atomic_read(&cmd->t_transport_active) || |
472 |
@@ -37530,7 +37523,7 @@ index 013c100..8fd2e57 100644 |
473 |
goto remove; |
474 |
|
475 |
atomic_set(&cmd->t_transport_stop, 1); |
476 |
-@@ -4900,7 +4900,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status) |
477 |
+@@ -4917,7 +4917,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status) |
478 |
{ |
479 |
int ret = 0; |
480 |
|
481 |
@@ -37539,7 +37532,7 @@ index 013c100..8fd2e57 100644 |
482 |
if (!send_status || |
483 |
(cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS)) |
484 |
return 1; |
485 |
-@@ -4937,7 +4937,7 @@ void transport_send_task_abort(struct se_cmd *cmd) |
486 |
+@@ -4954,7 +4954,7 @@ void transport_send_task_abort(struct se_cmd *cmd) |
487 |
*/ |
488 |
if (cmd->data_direction == DMA_TO_DEVICE) { |
489 |
if (cmd->se_tfo->write_pending_status(cmd) != 0) { |
490 |
@@ -37548,7 +37541,7 @@ index 013c100..8fd2e57 100644 |
491 |
smp_mb__after_atomic_inc(); |
492 |
cmd->scsi_status = SAM_STAT_TASK_ABORTED; |
493 |
transport_new_cmd_failure(cmd); |
494 |
-@@ -5051,7 +5051,7 @@ static void transport_processing_shutdown(struct se_device *dev) |
495 |
+@@ -5068,7 +5068,7 @@ static void transport_processing_shutdown(struct se_device *dev) |
496 |
cmd->se_tfo->get_task_tag(cmd), |
497 |
cmd->t_task_list_num, |
498 |
atomic_read(&cmd->t_task_cdbs_left), |
499 |
@@ -43434,10 +43427,10 @@ index 9a37a9b..35792b6 100644 |
500 |
/* |
501 |
* We'll have a dentry and an inode for |
502 |
diff --git a/fs/dcache.c b/fs/dcache.c |
503 |
-index a88948b..1e32160 100644 |
504 |
+index 8b732a2..6db6c27 100644 |
505 |
--- a/fs/dcache.c |
506 |
+++ b/fs/dcache.c |
507 |
-@@ -2998,7 +2998,7 @@ void __init vfs_caches_init(unsigned long mempages) |
508 |
+@@ -3015,7 +3015,7 @@ void __init vfs_caches_init(unsigned long mempages) |
509 |
mempages -= reserve; |
510 |
|
511 |
names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0, |
512 |
@@ -45976,7 +45969,7 @@ index b6cca47..ec782c3 100644 |
513 |
cuse_class = class_create(THIS_MODULE, "cuse"); |
514 |
if (IS_ERR(cuse_class)) |
515 |
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c |
516 |
-index 5cb8614..6865b11 100644 |
517 |
+index 2aaf3ea..8e50863 100644 |
518 |
--- a/fs/fuse/dev.c |
519 |
+++ b/fs/fuse/dev.c |
520 |
@@ -1242,7 +1242,7 @@ static ssize_t fuse_dev_splice_read(struct file *in, loff_t *ppos, |
521 |
@@ -46014,50 +46007,6 @@ index 900cf98..3896726 100644 |
522 |
if (!IS_ERR(s)) |
523 |
kfree(s); |
524 |
} |
525 |
-diff --git a/fs/hfs/btree.c b/fs/hfs/btree.c |
526 |
-index 3ebc437..eb23952 100644 |
527 |
---- a/fs/hfs/btree.c |
528 |
-+++ b/fs/hfs/btree.c |
529 |
-@@ -46,11 +46,27 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke |
530 |
- case HFS_EXT_CNID: |
531 |
- hfs_inode_read_fork(tree->inode, mdb->drXTExtRec, mdb->drXTFlSize, |
532 |
- mdb->drXTFlSize, be32_to_cpu(mdb->drXTClpSiz)); |
533 |
-+ |
534 |
-+ if (HFS_I(tree->inode)->alloc_blocks > |
535 |
-+ HFS_I(tree->inode)->first_blocks) { |
536 |
-+ printk(KERN_ERR "hfs: invalid btree extent records\n"); |
537 |
-+ unlock_new_inode(tree->inode); |
538 |
-+ goto free_inode; |
539 |
-+ } |
540 |
-+ |
541 |
- tree->inode->i_mapping->a_ops = &hfs_btree_aops; |
542 |
- break; |
543 |
- case HFS_CAT_CNID: |
544 |
- hfs_inode_read_fork(tree->inode, mdb->drCTExtRec, mdb->drCTFlSize, |
545 |
- mdb->drCTFlSize, be32_to_cpu(mdb->drCTClpSiz)); |
546 |
-+ |
547 |
-+ if (!HFS_I(tree->inode)->first_blocks) { |
548 |
-+ printk(KERN_ERR "hfs: invalid btree extent records " |
549 |
-+ "(0 size).\n"); |
550 |
-+ unlock_new_inode(tree->inode); |
551 |
-+ goto free_inode; |
552 |
-+ } |
553 |
-+ |
554 |
- tree->inode->i_mapping->a_ops = &hfs_btree_aops; |
555 |
- break; |
556 |
- default: |
557 |
-@@ -59,11 +75,6 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke |
558 |
- } |
559 |
- unlock_new_inode(tree->inode); |
560 |
- |
561 |
-- if (!HFS_I(tree->inode)->first_blocks) { |
562 |
-- printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n"); |
563 |
-- goto free_inode; |
564 |
-- } |
565 |
-- |
566 |
- mapping = tree->inode->i_mapping; |
567 |
- page = read_mapping_page(mapping, 0, NULL); |
568 |
- if (IS_ERR(page)) |
569 |
diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c |
570 |
index 4dfbfec..947c9c2 100644 |
571 |
--- a/fs/hfsplus/catalog.c |
572 |
@@ -47015,10 +46964,10 @@ index 3d15072..c1ddf9c 100644 |
573 |
out: |
574 |
return len; |
575 |
diff --git a/fs/namespace.c b/fs/namespace.c |
576 |
-index e5e1c7d..019609e 100644 |
577 |
+index 5e7f2e9..cd13685 100644 |
578 |
--- a/fs/namespace.c |
579 |
+++ b/fs/namespace.c |
580 |
-@@ -1329,6 +1329,9 @@ static int do_umount(struct vfsmount *mnt, int flags) |
581 |
+@@ -1326,6 +1326,9 @@ static int do_umount(struct vfsmount *mnt, int flags) |
582 |
if (!(sb->s_flags & MS_RDONLY)) |
583 |
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); |
584 |
up_write(&sb->s_umount); |
585 |
@@ -47028,7 +46977,7 @@ index e5e1c7d..019609e 100644 |
586 |
return retval; |
587 |
} |
588 |
|
589 |
-@@ -1348,6 +1351,9 @@ static int do_umount(struct vfsmount *mnt, int flags) |
590 |
+@@ -1345,6 +1348,9 @@ static int do_umount(struct vfsmount *mnt, int flags) |
591 |
br_write_unlock(vfsmount_lock); |
592 |
up_write(&namespace_sem); |
593 |
release_mounts(&umount_list); |
594 |
@@ -47038,7 +46987,7 @@ index e5e1c7d..019609e 100644 |
595 |
return retval; |
596 |
} |
597 |
|
598 |
-@@ -2339,6 +2345,16 @@ long do_mount(char *dev_name, char *dir_name, char *type_page, |
599 |
+@@ -2336,6 +2342,16 @@ long do_mount(char *dev_name, char *dir_name, char *type_page, |
600 |
MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | |
601 |
MS_STRICTATIME); |
602 |
|
603 |
@@ -47055,7 +47004,7 @@ index e5e1c7d..019609e 100644 |
604 |
if (flags & MS_REMOUNT) |
605 |
retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, |
606 |
data_page); |
607 |
-@@ -2353,6 +2369,9 @@ long do_mount(char *dev_name, char *dir_name, char *type_page, |
608 |
+@@ -2350,6 +2366,9 @@ long do_mount(char *dev_name, char *dir_name, char *type_page, |
609 |
dev_name, data_page); |
610 |
dput_out: |
611 |
path_put(&path); |
612 |
@@ -47065,7 +47014,7 @@ index e5e1c7d..019609e 100644 |
613 |
return retval; |
614 |
} |
615 |
|
616 |
-@@ -2576,6 +2595,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, |
617 |
+@@ -2573,6 +2592,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, |
618 |
if (error) |
619 |
goto out2; |
620 |
|
621 |
@@ -48470,7 +48419,7 @@ index d245cb2..7e645bd 100644 |
622 |
return -EPERM; |
623 |
if (kcore_need_update) |
624 |
diff --git a/fs/proc/meminfo.c b/fs/proc/meminfo.c |
625 |
-index 5861741..32c53bc 100644 |
626 |
+index 80e4645..d2689e9 100644 |
627 |
--- a/fs/proc/meminfo.c |
628 |
+++ b/fs/proc/meminfo.c |
629 |
@@ -29,6 +29,8 @@ static int meminfo_proc_show(struct seq_file *m, void *v) |
630 |
@@ -48482,7 +48431,7 @@ index 5861741..32c53bc 100644 |
631 |
/* |
632 |
* display in kilobytes. |
633 |
*/ |
634 |
-@@ -157,7 +159,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v) |
635 |
+@@ -158,7 +160,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v) |
636 |
vmi.used >> 10, |
637 |
vmi.largest_chunk >> 10 |
638 |
#ifdef CONFIG_MEMORY_FAILURE |
639 |
@@ -49098,7 +49047,7 @@ index d33418f..f8e06bc 100644 |
640 |
return -EINVAL; |
641 |
|
642 |
diff --git a/fs/seq_file.c b/fs/seq_file.c |
643 |
-index 05d6b0e..ee96362 100644 |
644 |
+index dba43c3..a99fb63 100644 |
645 |
--- a/fs/seq_file.c |
646 |
+++ b/fs/seq_file.c |
647 |
@@ -76,7 +76,8 @@ static int traverse(struct seq_file *m, loff_t offset) |
648 |
@@ -49591,10 +49540,10 @@ index 474920b..97169a9 100644 |
649 |
kfree(s); |
650 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
651 |
new file mode 100644 |
652 |
-index 0000000..9629731 |
653 |
+index 0000000..4639511 |
654 |
--- /dev/null |
655 |
+++ b/grsecurity/Kconfig |
656 |
-@@ -0,0 +1,1037 @@ |
657 |
+@@ -0,0 +1,1051 @@ |
658 |
+# |
659 |
+# grecurity configuration |
660 |
+# |
661 |
@@ -49729,6 +49678,7 @@ index 0000000..9629731 |
662 |
+ select GRKERNSEC_PROC_ADD |
663 |
+ select GRKERNSEC_CHROOT_CHMOD |
664 |
+ select GRKERNSEC_CHROOT_NICE |
665 |
++ select GRKERNSEC_SETXID |
666 |
+ select GRKERNSEC_AUDIT_MOUNT |
667 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
668 |
+ select GRKERNSEC_HARDEN_PTRACE |
669 |
@@ -50394,6 +50344,19 @@ index 0000000..9629731 |
670 |
+ option is enabled, a sysctl option with name "harden_ptrace" is |
671 |
+ created. |
672 |
+ |
673 |
++config GRKERNSEC_SETXID |
674 |
++ bool "Enforce consistent multithreaded privileges" |
675 |
++ help |
676 |
++ If you say Y here, a change from a root uid to a non-root uid |
677 |
++ in a multithreaded application will cause the resulting uids, |
678 |
++ gids, supplementary groups, and capabilities in that thread |
679 |
++ to be propagated to the other threads of the process. In most |
680 |
++ cases this is unnecessary, as glibc will emulate this behavior |
681 |
++ on behalf of the application. Other libcs do not act in the |
682 |
++ same way, allowing the other threads of the process to continue |
683 |
++ running with root privileges. If the sysctl option is enabled, |
684 |
++ a sysctl option with name "consistent_setxid" is created. |
685 |
++ |
686 |
+config GRKERNSEC_TPE |
687 |
+ bool "Trusted Path Execution (TPE)" |
688 |
+ help |
689 |
@@ -57558,10 +57521,10 @@ index 0000000..8ca18bf |
690 |
+} |
691 |
diff --git a/grsecurity/grsec_init.c b/grsecurity/grsec_init.c |
692 |
new file mode 100644 |
693 |
-index 0000000..356ef00 |
694 |
+index 0000000..cb8e5a1 |
695 |
--- /dev/null |
696 |
+++ b/grsecurity/grsec_init.c |
697 |
-@@ -0,0 +1,269 @@ |
698 |
+@@ -0,0 +1,273 @@ |
699 |
+#include <linux/kernel.h> |
700 |
+#include <linux/sched.h> |
701 |
+#include <linux/mm.h> |
702 |
@@ -57571,6 +57534,7 @@ index 0000000..356ef00 |
703 |
+#include <linux/percpu.h> |
704 |
+#include <linux/module.h> |
705 |
+ |
706 |
++int grsec_enable_setxid; |
707 |
+int grsec_enable_brute; |
708 |
+int grsec_enable_link; |
709 |
+int grsec_enable_dmesg; |
710 |
@@ -57751,6 +57715,9 @@ index 0000000..356ef00 |
711 |
+#ifdef CONFIG_GRKERNSEC_EXECLOG |
712 |
+ grsec_enable_execlog = 1; |
713 |
+#endif |
714 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
715 |
++ grsec_enable_setxid = 1; |
716 |
++#endif |
717 |
+#ifdef CONFIG_GRKERNSEC_SIGNAL |
718 |
+ grsec_enable_signal = 1; |
719 |
+#endif |
720 |
@@ -58841,10 +58808,10 @@ index 0000000..4030d57 |
721 |
+} |
722 |
diff --git a/grsecurity/grsec_sysctl.c b/grsecurity/grsec_sysctl.c |
723 |
new file mode 100644 |
724 |
-index 0000000..174668f |
725 |
+index 0000000..bceef2f |
726 |
--- /dev/null |
727 |
+++ b/grsecurity/grsec_sysctl.c |
728 |
-@@ -0,0 +1,433 @@ |
729 |
+@@ -0,0 +1,442 @@ |
730 |
+#include <linux/kernel.h> |
731 |
+#include <linux/sched.h> |
732 |
+#include <linux/sysctl.h> |
733 |
@@ -58908,6 +58875,15 @@ index 0000000..174668f |
734 |
+ .proc_handler = &proc_dointvec, |
735 |
+ }, |
736 |
+#endif |
737 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
738 |
++ { |
739 |
++ .procname = "consistent_setxid", |
740 |
++ .data = &grsec_enable_setxid, |
741 |
++ .maxlen = sizeof(int), |
742 |
++ .mode = 0600, |
743 |
++ .proc_handler = &proc_dointvec, |
744 |
++ }, |
745 |
++#endif |
746 |
+#ifdef CONFIG_GRKERNSEC_BLACKHOLE |
747 |
+ { |
748 |
+ .procname = "ip_blackhole", |
749 |
@@ -60533,7 +60509,7 @@ index 84ccf8e..2e9b14c 100644 |
750 |
}; |
751 |
|
752 |
diff --git a/include/linux/fs.h b/include/linux/fs.h |
753 |
-index 277f497..9be66a4 100644 |
754 |
+index cf7bc25..0d2babf 100644 |
755 |
--- a/include/linux/fs.h |
756 |
+++ b/include/linux/fs.h |
757 |
@@ -1588,7 +1588,8 @@ struct file_operations { |
758 |
@@ -61455,10 +61431,10 @@ index 0000000..9d5fd4a |
759 |
+#define GR_INIT_TRANSFER_MSG "persistent special role transferred privilege to init by " |
760 |
diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h |
761 |
new file mode 100644 |
762 |
-index 0000000..bd25f72 |
763 |
+index 0000000..4620f36 |
764 |
--- /dev/null |
765 |
+++ b/include/linux/grsecurity.h |
766 |
-@@ -0,0 +1,228 @@ |
767 |
+@@ -0,0 +1,231 @@ |
768 |
+#ifndef GR_SECURITY_H |
769 |
+#define GR_SECURITY_H |
770 |
+#include <linux/fs.h> |
771 |
@@ -61684,6 +61660,9 @@ index 0000000..bd25f72 |
772 |
+#ifdef CONFIG_GRKERNSEC_CHROOT_FINDTASK |
773 |
+extern int grsec_enable_chroot_findtask; |
774 |
+#endif |
775 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
776 |
++extern int grsec_enable_setxid; |
777 |
++#endif |
778 |
+#endif |
779 |
+ |
780 |
+#endif |
781 |
@@ -65202,7 +65181,7 @@ index 42e8fa0..9e7406b 100644 |
782 |
return -ENOMEM; |
783 |
|
784 |
diff --git a/kernel/cred.c b/kernel/cred.c |
785 |
-index 8ef31f5..f63d997 100644 |
786 |
+index 8ef31f5..d7d50d8 100644 |
787 |
--- a/kernel/cred.c |
788 |
+++ b/kernel/cred.c |
789 |
@@ -158,6 +158,8 @@ static void put_cred_rcu(struct rcu_head *rcu) |
790 |
@@ -65241,7 +65220,15 @@ index 8ef31f5..f63d997 100644 |
791 |
new = kmem_cache_zalloc(cred_jar, GFP_KERNEL); |
792 |
if (!new) |
793 |
return NULL; |
794 |
-@@ -287,6 +295,8 @@ struct cred *prepare_creds(void) |
795 |
+@@ -281,12 +289,14 @@ error: |
796 |
+ * |
797 |
+ * Call commit_creds() or abort_creds() to clean up. |
798 |
+ */ |
799 |
+-struct cred *prepare_creds(void) |
800 |
++ |
801 |
++static struct cred *__prepare_creds(struct task_struct *task) |
802 |
+ { |
803 |
+- struct task_struct *task = current; |
804 |
const struct cred *old; |
805 |
struct cred *new; |
806 |
|
807 |
@@ -65250,7 +65237,19 @@ index 8ef31f5..f63d997 100644 |
808 |
validate_process_creds(); |
809 |
|
810 |
new = kmem_cache_alloc(cred_jar, GFP_KERNEL); |
811 |
-@@ -333,6 +343,8 @@ struct cred *prepare_exec_creds(void) |
812 |
+@@ -322,6 +332,11 @@ error: |
813 |
+ abort_creds(new); |
814 |
+ return NULL; |
815 |
+ } |
816 |
++ |
817 |
++struct cred *prepare_creds(void) |
818 |
++{ |
819 |
++ return __prepare_creds(current); |
820 |
++} |
821 |
+ EXPORT_SYMBOL(prepare_creds); |
822 |
+ |
823 |
+ /* |
824 |
+@@ -333,6 +348,8 @@ struct cred *prepare_exec_creds(void) |
825 |
struct thread_group_cred *tgcred = NULL; |
826 |
struct cred *new; |
827 |
|
828 |
@@ -65259,7 +65258,7 @@ index 8ef31f5..f63d997 100644 |
829 |
#ifdef CONFIG_KEYS |
830 |
tgcred = kmalloc(sizeof(*tgcred), GFP_KERNEL); |
831 |
if (!tgcred) |
832 |
-@@ -385,6 +397,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) |
833 |
+@@ -385,6 +402,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) |
834 |
struct cred *new; |
835 |
int ret; |
836 |
|
837 |
@@ -65268,8 +65267,14 @@ index 8ef31f5..f63d997 100644 |
838 |
if ( |
839 |
#ifdef CONFIG_KEYS |
840 |
!p->cred->thread_keyring && |
841 |
-@@ -475,6 +489,8 @@ int commit_creds(struct cred *new) |
842 |
- struct task_struct *task = current; |
843 |
+@@ -470,11 +489,12 @@ error_put: |
844 |
+ * Always returns 0 thus allowing this function to be tail-called at the end |
845 |
+ * of, say, sys_setgid(). |
846 |
+ */ |
847 |
+-int commit_creds(struct cred *new) |
848 |
++static int __commit_creds(struct task_struct *task, struct cred *new) |
849 |
+ { |
850 |
+- struct task_struct *task = current; |
851 |
const struct cred *old = task->real_cred; |
852 |
|
853 |
+ pax_track_stack(); |
854 |
@@ -65277,7 +65282,7 @@ index 8ef31f5..f63d997 100644 |
855 |
kdebug("commit_creds(%p{%d,%d})", new, |
856 |
atomic_read(&new->usage), |
857 |
read_cred_subscribers(new)); |
858 |
-@@ -489,6 +505,8 @@ int commit_creds(struct cred *new) |
859 |
+@@ -489,6 +509,8 @@ int commit_creds(struct cred *new) |
860 |
|
861 |
get_cred(new); /* we will require a ref for the subj creds too */ |
862 |
|
863 |
@@ -65286,7 +65291,72 @@ index 8ef31f5..f63d997 100644 |
864 |
/* dumpability changes */ |
865 |
if (old->euid != new->euid || |
866 |
old->egid != new->egid || |
867 |
-@@ -549,6 +567,8 @@ EXPORT_SYMBOL(commit_creds); |
868 |
+@@ -538,6 +560,64 @@ int commit_creds(struct cred *new) |
869 |
+ put_cred(old); |
870 |
+ return 0; |
871 |
+ } |
872 |
++ |
873 |
++int commit_creds(struct cred *new) |
874 |
++{ |
875 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
876 |
++ struct task_struct *t; |
877 |
++ struct cred *ncred; |
878 |
++ const struct cred *old; |
879 |
++ |
880 |
++ if (grsec_enable_setxid && !current_is_single_threaded() && |
881 |
++ !current_uid() && new->uid) { |
882 |
++ rcu_read_lock(); |
883 |
++ read_lock(&tasklist_lock); |
884 |
++ for (t = next_thread(current); t != current; |
885 |
++ t = next_thread(t)) { |
886 |
++ old = __task_cred(t); |
887 |
++ if (old->uid) |
888 |
++ continue; |
889 |
++ ncred = __prepare_creds(t); |
890 |
++ if (!ncred) |
891 |
++ goto die; |
892 |
++ // uids |
893 |
++ ncred->uid = new->uid; |
894 |
++ ncred->euid = new->euid; |
895 |
++ ncred->suid = new->suid; |
896 |
++ ncred->fsuid = new->fsuid; |
897 |
++ // gids |
898 |
++ ncred->gid = new->gid; |
899 |
++ ncred->egid = new->egid; |
900 |
++ ncred->sgid = new->sgid; |
901 |
++ ncred->fsgid = new->fsgid; |
902 |
++ // groups |
903 |
++ if (set_groups(ncred, new->group_info) < 0) { |
904 |
++ abort_creds(ncred); |
905 |
++ goto die; |
906 |
++ } |
907 |
++ // caps |
908 |
++ ncred->securebits = new->securebits; |
909 |
++ ncred->cap_inheritable = new->cap_inheritable; |
910 |
++ ncred->cap_permitted = new->cap_permitted; |
911 |
++ ncred->cap_effective = new->cap_effective; |
912 |
++ ncred->cap_bset = new->cap_bset; |
913 |
++ |
914 |
++ __commit_creds(t, ncred); |
915 |
++ } |
916 |
++ read_unlock(&tasklist_lock); |
917 |
++ rcu_read_unlock(); |
918 |
++ } |
919 |
++#endif |
920 |
++ return __commit_creds(current, new); |
921 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
922 |
++die: |
923 |
++ read_unlock(&tasklist_lock); |
924 |
++ rcu_read_unlock(); |
925 |
++ abort_creds(new); |
926 |
++ do_group_exit(SIGKILL); |
927 |
++#endif |
928 |
++} |
929 |
++ |
930 |
+ EXPORT_SYMBOL(commit_creds); |
931 |
+ |
932 |
+ /** |
933 |
+@@ -549,6 +629,8 @@ EXPORT_SYMBOL(commit_creds); |
934 |
*/ |
935 |
void abort_creds(struct cred *new) |
936 |
{ |
937 |
@@ -65295,7 +65365,7 @@ index 8ef31f5..f63d997 100644 |
938 |
kdebug("abort_creds(%p{%d,%d})", new, |
939 |
atomic_read(&new->usage), |
940 |
read_cred_subscribers(new)); |
941 |
-@@ -572,6 +592,8 @@ const struct cred *override_creds(const struct cred *new) |
942 |
+@@ -572,6 +654,8 @@ const struct cred *override_creds(const struct cred *new) |
943 |
{ |
944 |
const struct cred *old = current->cred; |
945 |
|
946 |
@@ -65304,7 +65374,7 @@ index 8ef31f5..f63d997 100644 |
947 |
kdebug("override_creds(%p{%d,%d})", new, |
948 |
atomic_read(&new->usage), |
949 |
read_cred_subscribers(new)); |
950 |
-@@ -601,6 +623,8 @@ void revert_creds(const struct cred *old) |
951 |
+@@ -601,6 +685,8 @@ void revert_creds(const struct cred *old) |
952 |
{ |
953 |
const struct cred *override = current->cred; |
954 |
|
955 |
@@ -65313,7 +65383,7 @@ index 8ef31f5..f63d997 100644 |
956 |
kdebug("revert_creds(%p{%d,%d})", old, |
957 |
atomic_read(&old->usage), |
958 |
read_cred_subscribers(old)); |
959 |
-@@ -647,6 +671,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
960 |
+@@ -647,6 +733,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
961 |
const struct cred *old; |
962 |
struct cred *new; |
963 |
|
964 |
@@ -65322,7 +65392,7 @@ index 8ef31f5..f63d997 100644 |
965 |
new = kmem_cache_alloc(cred_jar, GFP_KERNEL); |
966 |
if (!new) |
967 |
return NULL; |
968 |
-@@ -701,6 +727,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
969 |
+@@ -701,6 +789,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
970 |
*/ |
971 |
int set_security_override(struct cred *new, u32 secid) |
972 |
{ |
973 |
@@ -65331,7 +65401,7 @@ index 8ef31f5..f63d997 100644 |
974 |
return security_kernel_act_as(new, secid); |
975 |
} |
976 |
EXPORT_SYMBOL(set_security_override); |
977 |
-@@ -720,6 +748,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
978 |
+@@ -720,6 +810,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
979 |
u32 secid; |
980 |
int ret; |
981 |
|
982 |
@@ -65896,7 +65966,7 @@ index 8e6b6f4..9dccf00 100644 |
983 |
else |
984 |
new_fs = fs; |
985 |
diff --git a/kernel/futex.c b/kernel/futex.c |
986 |
-index 11cbe05..9ff191b 100644 |
987 |
+index 11cbe05..c5dab58 100644 |
988 |
--- a/kernel/futex.c |
989 |
+++ b/kernel/futex.c |
990 |
@@ -54,6 +54,7 @@ |
991 |
@@ -65937,36 +66007,18 @@ index 11cbe05..9ff191b 100644 |
992 |
if (!bitset) |
993 |
return -EINVAL; |
994 |
|
995 |
-@@ -2431,7 +2441,9 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
996 |
- { |
997 |
- struct robust_list_head __user *head; |
998 |
- unsigned long ret; |
999 |
-+#ifndef CONFIG_GRKERNSEC_PROC_MEMMAP |
1000 |
- const struct cred *cred = current_cred(), *pcred; |
1001 |
-+#endif |
1002 |
- |
1003 |
- if (!futex_cmpxchg_enabled) |
1004 |
- return -ENOSYS; |
1005 |
-@@ -2447,6 +2459,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
1006 |
+@@ -2447,6 +2457,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
1007 |
if (!p) |
1008 |
goto err_unlock; |
1009 |
ret = -EPERM; |
1010 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
1011 |
+ if (!ptrace_may_access(p, PTRACE_MODE_READ)) |
1012 |
+ goto err_unlock; |
1013 |
-+#else |
1014 |
++#endif |
1015 |
pcred = __task_cred(p); |
1016 |
/* If victim is in different user_ns, then uids are not |
1017 |
comparable, so we must have CAP_SYS_PTRACE */ |
1018 |
-@@ -2461,6 +2477,7 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
1019 |
- !ns_capable(pcred->user->user_ns, CAP_SYS_PTRACE)) |
1020 |
- goto err_unlock; |
1021 |
- ok: |
1022 |
-+#endif |
1023 |
- head = p->robust_list; |
1024 |
- rcu_read_unlock(); |
1025 |
- } |
1026 |
-@@ -2712,6 +2729,7 @@ static int __init futex_init(void) |
1027 |
+@@ -2712,6 +2726,7 @@ static int __init futex_init(void) |
1028 |
{ |
1029 |
u32 curval; |
1030 |
int i; |
1031 |
@@ -65974,7 +66026,7 @@ index 11cbe05..9ff191b 100644 |
1032 |
|
1033 |
/* |
1034 |
* This will fail and we want it. Some arch implementations do |
1035 |
-@@ -2723,8 +2741,11 @@ static int __init futex_init(void) |
1036 |
+@@ -2723,8 +2738,11 @@ static int __init futex_init(void) |
1037 |
* implementation, the non-functional ones will return |
1038 |
* -ENOSYS. |
1039 |
*/ |
1040 |
@@ -65987,7 +66039,7 @@ index 11cbe05..9ff191b 100644 |
1041 |
for (i = 0; i < ARRAY_SIZE(futex_queues); i++) { |
1042 |
plist_head_init(&futex_queues[i].chain); |
1043 |
diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c |
1044 |
-index 5f9e689..03afa21 100644 |
1045 |
+index 5f9e689..582d46d 100644 |
1046 |
--- a/kernel/futex_compat.c |
1047 |
+++ b/kernel/futex_compat.c |
1048 |
@@ -10,6 +10,7 @@ |
1049 |
@@ -65998,37 +66050,27 @@ index 5f9e689..03afa21 100644 |
1050 |
|
1051 |
#include <asm/uaccess.h> |
1052 |
|
1053 |
-@@ -136,7 +137,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
1054 |
+@@ -136,7 +137,8 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
1055 |
{ |
1056 |
struct compat_robust_list_head __user *head; |
1057 |
unsigned long ret; |
1058 |
- const struct cred *cred = current_cred(), *pcred; |
1059 |
-+#ifndef CONFIG_GRKERNSEC_PROC_MEMMAP |
1060 |
+ const struct cred *cred = current_cred(); |
1061 |
+ const struct cred *pcred; |
1062 |
-+#endif |
1063 |
|
1064 |
if (!futex_cmpxchg_enabled) |
1065 |
return -ENOSYS; |
1066 |
-@@ -152,6 +156,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
1067 |
+@@ -152,6 +154,10 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
1068 |
if (!p) |
1069 |
goto err_unlock; |
1070 |
ret = -EPERM; |
1071 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
1072 |
+ if (!ptrace_may_access(p, PTRACE_MODE_READ)) |
1073 |
+ goto err_unlock; |
1074 |
-+#else |
1075 |
++#endif |
1076 |
pcred = __task_cred(p); |
1077 |
/* If victim is in different user_ns, then uids are not |
1078 |
comparable, so we must have CAP_SYS_PTRACE */ |
1079 |
-@@ -166,6 +174,7 @@ compat_sys_get_robust_list(int pid, compat_uptr_t __user *head_ptr, |
1080 |
- !ns_capable(pcred->user->user_ns, CAP_SYS_PTRACE)) |
1081 |
- goto err_unlock; |
1082 |
- ok: |
1083 |
-+#endif |
1084 |
- head = p->compat_robust_list; |
1085 |
- rcu_read_unlock(); |
1086 |
- } |
1087 |
diff --git a/kernel/gcov/base.c b/kernel/gcov/base.c |
1088 |
index 9b22d03..6295b62 100644 |
1089 |
--- a/kernel/gcov/base.c |
1090 |
@@ -66364,10 +66406,10 @@ index b30fd54..11821ec 100644 |
1091 |
head = &kprobe_table[i]; |
1092 |
preempt_disable(); |
1093 |
diff --git a/kernel/lockdep.c b/kernel/lockdep.c |
1094 |
-index 91d67ce..ac259df 100644 |
1095 |
+index 4479606..4036bea 100644 |
1096 |
--- a/kernel/lockdep.c |
1097 |
+++ b/kernel/lockdep.c |
1098 |
-@@ -583,6 +583,10 @@ static int static_obj(void *obj) |
1099 |
+@@ -584,6 +584,10 @@ static int static_obj(void *obj) |
1100 |
end = (unsigned long) &_end, |
1101 |
addr = (unsigned long) obj; |
1102 |
|
1103 |
@@ -66378,7 +66420,7 @@ index 91d67ce..ac259df 100644 |
1104 |
/* |
1105 |
* static variable? |
1106 |
*/ |
1107 |
-@@ -718,6 +722,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) |
1108 |
+@@ -719,6 +723,7 @@ register_lock_class(struct lockdep_map *lock, unsigned int subclass, int force) |
1109 |
if (!static_obj(lock->key)) { |
1110 |
debug_locks_off(); |
1111 |
printk("INFO: trying to register non-static key.\n"); |
1112 |
@@ -66386,7 +66428,7 @@ index 91d67ce..ac259df 100644 |
1113 |
printk("the code is fine but needs lockdep annotation.\n"); |
1114 |
printk("turning off the locking correctness validator.\n"); |
1115 |
dump_stack(); |
1116 |
-@@ -2948,7 +2953,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, |
1117 |
+@@ -2954,7 +2959,7 @@ static int __lock_acquire(struct lockdep_map *lock, unsigned int subclass, |
1118 |
if (!class) |
1119 |
return 0; |
1120 |
} |
1121 |
@@ -69057,7 +69099,7 @@ index d776062..fa8d186 100644 |
1122 |
sys_tz = *tz; |
1123 |
update_vsyscall_tz(); |
1124 |
diff --git a/kernel/time/alarmtimer.c b/kernel/time/alarmtimer.c |
1125 |
-index ea5e1a9..8b8df07 100644 |
1126 |
+index 8b70c76..923e9f5 100644 |
1127 |
--- a/kernel/time/alarmtimer.c |
1128 |
+++ b/kernel/time/alarmtimer.c |
1129 |
@@ -693,7 +693,7 @@ static int __init alarmtimer_init(void) |
1130 |
@@ -69679,6 +69721,20 @@ index 013a761..c28f3fc 100644 |
1131 |
#define free(a) kfree(a) |
1132 |
#endif |
1133 |
|
1134 |
+diff --git a/lib/is_single_threaded.c b/lib/is_single_threaded.c |
1135 |
+index bd2bea9..6b3c95e 100644 |
1136 |
+--- a/lib/is_single_threaded.c |
1137 |
++++ b/lib/is_single_threaded.c |
1138 |
+@@ -22,6 +22,9 @@ bool current_is_single_threaded(void) |
1139 |
+ struct task_struct *p, *t; |
1140 |
+ bool ret; |
1141 |
+ |
1142 |
++ if (!mm) |
1143 |
++ return true; |
1144 |
++ |
1145 |
+ if (atomic_read(&task->signal->live) != 1) |
1146 |
+ return false; |
1147 |
+ |
1148 |
diff --git a/lib/kref.c b/lib/kref.c |
1149 |
index 3efb882..8492f4c 100644 |
1150 |
--- a/lib/kref.c |
1151 |
@@ -69916,18 +69972,10 @@ index d819d93..468e18f 100644 |
1152 |
cond_resched(); |
1153 |
} |
1154 |
diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
1155 |
-index bb28a5f..fef0140 100644 |
1156 |
+index 73f17c0..fef0140 100644 |
1157 |
--- a/mm/hugetlb.c |
1158 |
+++ b/mm/hugetlb.c |
1159 |
-@@ -576,6 +576,7 @@ static void prep_compound_gigantic_page(struct page *page, unsigned long order) |
1160 |
- __SetPageHead(page); |
1161 |
- for (i = 1; i < nr_pages; i++, p = mem_map_next(p, page, i)) { |
1162 |
- __SetPageTail(p); |
1163 |
-+ set_page_count(p, 0); |
1164 |
- p->first_page = page; |
1165 |
- } |
1166 |
- } |
1167 |
-@@ -2346,6 +2347,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
1168 |
+@@ -2347,6 +2347,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
1169 |
return 1; |
1170 |
} |
1171 |
|
1172 |
@@ -69955,7 +70003,7 @@ index bb28a5f..fef0140 100644 |
1173 |
/* |
1174 |
* Hugetlb_cow() should be called with page lock of the original hugepage held. |
1175 |
*/ |
1176 |
-@@ -2449,6 +2471,11 @@ retry_avoidcopy: |
1177 |
+@@ -2450,6 +2471,11 @@ retry_avoidcopy: |
1178 |
make_huge_pte(vma, new_page, 1)); |
1179 |
page_remove_rmap(old_page); |
1180 |
hugepage_add_new_anon_rmap(new_page, vma, address); |
1181 |
@@ -69967,7 +70015,7 @@ index bb28a5f..fef0140 100644 |
1182 |
/* Make the old page be freed below */ |
1183 |
new_page = old_page; |
1184 |
mmu_notifier_invalidate_range_end(mm, |
1185 |
-@@ -2600,6 +2627,10 @@ retry: |
1186 |
+@@ -2601,6 +2627,10 @@ retry: |
1187 |
&& (vma->vm_flags & VM_SHARED))); |
1188 |
set_huge_pte_at(mm, address, ptep, new_pte); |
1189 |
|
1190 |
@@ -69978,7 +70026,7 @@ index bb28a5f..fef0140 100644 |
1191 |
if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { |
1192 |
/* Optimization, do the COW without a second fault */ |
1193 |
ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page); |
1194 |
-@@ -2629,6 +2660,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1195 |
+@@ -2630,6 +2660,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1196 |
static DEFINE_MUTEX(hugetlb_instantiation_mutex); |
1197 |
struct hstate *h = hstate_vma(vma); |
1198 |
|
1199 |
@@ -69989,7 +70037,7 @@ index bb28a5f..fef0140 100644 |
1200 |
ptep = huge_pte_offset(mm, address); |
1201 |
if (ptep) { |
1202 |
entry = huge_ptep_get(ptep); |
1203 |
-@@ -2640,6 +2675,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1204 |
+@@ -2641,6 +2675,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1205 |
VM_FAULT_SET_HINDEX(h - hstates); |
1206 |
} |
1207 |
|
1208 |
@@ -72683,7 +72731,7 @@ index 626303b..e9a1785 100644 |
1209 |
if (oom_unkillable_task(p, mem, nodemask)) |
1210 |
return 0; |
1211 |
diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
1212 |
-index 6e8ecb6..d9e3d7a 100644 |
1213 |
+index e8fae15..18c0442 100644 |
1214 |
--- a/mm/page_alloc.c |
1215 |
+++ b/mm/page_alloc.c |
1216 |
@@ -340,7 +340,7 @@ out: |
1217 |
@@ -72695,16 +72743,6 @@ index 6e8ecb6..d9e3d7a 100644 |
1218 |
{ |
1219 |
__free_pages_ok(page, compound_order(page)); |
1220 |
} |
1221 |
-@@ -355,8 +355,8 @@ void prep_compound_page(struct page *page, unsigned long order) |
1222 |
- __SetPageHead(page); |
1223 |
- for (i = 1; i < nr_pages; i++) { |
1224 |
- struct page *p = page + i; |
1225 |
-- |
1226 |
- __SetPageTail(p); |
1227 |
-+ set_page_count(p, 0); |
1228 |
- p->first_page = page; |
1229 |
- } |
1230 |
- } |
1231 |
@@ -653,6 +653,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) |
1232 |
int i; |
1233 |
int bad = 0; |
1234 |
@@ -72763,20 +72801,12 @@ index 6e8ecb6..d9e3d7a 100644 |
1235 |
return 1; |
1236 |
} |
1237 |
return 0; |
1238 |
-@@ -3373,6 +3393,7 @@ static void setup_zone_migrate_reserve(struct zone *zone) |
1239 |
- /* Get the start pfn, end pfn and the number of blocks to reserve */ |
1240 |
- start_pfn = zone->zone_start_pfn; |
1241 |
- end_pfn = start_pfn + zone->spanned_pages; |
1242 |
-+ start_pfn = roundup(start_pfn, pageblock_nr_pages); |
1243 |
- reserve = roundup(min_wmark_pages(zone), pageblock_nr_pages) >> |
1244 |
- pageblock_order; |
1245 |
- |
1246 |
diff --git a/mm/percpu.c b/mm/percpu.c |
1247 |
-index bf80e55..c7c3f9a 100644 |
1248 |
+index 93b5a7c..28d642c 100644 |
1249 |
--- a/mm/percpu.c |
1250 |
+++ b/mm/percpu.c |
1251 |
-@@ -121,7 +121,7 @@ static unsigned int pcpu_first_unit_cpu __read_mostly; |
1252 |
- static unsigned int pcpu_last_unit_cpu __read_mostly; |
1253 |
+@@ -121,7 +121,7 @@ static unsigned int pcpu_low_unit_cpu __read_mostly; |
1254 |
+ static unsigned int pcpu_high_unit_cpu __read_mostly; |
1255 |
|
1256 |
/* the address of the first chunk which starts with the kernel static area */ |
1257 |
-void *pcpu_base_addr __read_mostly; |
1258 |
@@ -73806,7 +73836,7 @@ index 88ea1bd..0f1dfdb 100644 |
1259 |
mm->unmap_area = arch_unmap_area; |
1260 |
} |
1261 |
diff --git a/mm/vmalloc.c b/mm/vmalloc.c |
1262 |
-index 56faf31..862c072 100644 |
1263 |
+index 3a65d6f7..862c072 100644 |
1264 |
--- a/mm/vmalloc.c |
1265 |
+++ b/mm/vmalloc.c |
1266 |
@@ -39,8 +39,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) |
1267 |
@@ -73955,16 +73985,7 @@ index 56faf31..862c072 100644 |
1268 |
area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNLIST, |
1269 |
start, end, node, gfp_mask, caller); |
1270 |
|
1271 |
-@@ -1634,6 +1696,8 @@ void *__vmalloc_node_range(unsigned long size, unsigned long align, |
1272 |
- return NULL; |
1273 |
- |
1274 |
- addr = __vmalloc_area_node(area, gfp_mask, prot, node, caller); |
1275 |
-+ if (!addr) |
1276 |
-+ return NULL; |
1277 |
- |
1278 |
- /* |
1279 |
- * In this function, newly allocated vm_struct is not added |
1280 |
-@@ -1672,6 +1736,7 @@ static void *__vmalloc_node(unsigned long size, unsigned long align, |
1281 |
+@@ -1674,6 +1736,7 @@ static void *__vmalloc_node(unsigned long size, unsigned long align, |
1282 |
gfp_mask, prot, node, caller); |
1283 |
} |
1284 |
|
1285 |
@@ -73972,7 +73993,7 @@ index 56faf31..862c072 100644 |
1286 |
void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot) |
1287 |
{ |
1288 |
return __vmalloc_node(size, 1, gfp_mask, prot, -1, |
1289 |
-@@ -1695,6 +1760,7 @@ static inline void *__vmalloc_node_flags(unsigned long size, |
1290 |
+@@ -1697,6 +1760,7 @@ static inline void *__vmalloc_node_flags(unsigned long size, |
1291 |
* For tight control over page level allocator and protection flags |
1292 |
* use __vmalloc() instead. |
1293 |
*/ |
1294 |
@@ -73980,7 +74001,7 @@ index 56faf31..862c072 100644 |
1295 |
void *vmalloc(unsigned long size) |
1296 |
{ |
1297 |
return __vmalloc_node_flags(size, -1, GFP_KERNEL | __GFP_HIGHMEM); |
1298 |
-@@ -1711,6 +1777,7 @@ EXPORT_SYMBOL(vmalloc); |
1299 |
+@@ -1713,6 +1777,7 @@ EXPORT_SYMBOL(vmalloc); |
1300 |
* For tight control over page level allocator and protection flags |
1301 |
* use __vmalloc() instead. |
1302 |
*/ |
1303 |
@@ -73988,7 +74009,7 @@ index 56faf31..862c072 100644 |
1304 |
void *vzalloc(unsigned long size) |
1305 |
{ |
1306 |
return __vmalloc_node_flags(size, -1, |
1307 |
-@@ -1725,6 +1792,7 @@ EXPORT_SYMBOL(vzalloc); |
1308 |
+@@ -1727,6 +1792,7 @@ EXPORT_SYMBOL(vzalloc); |
1309 |
* The resulting memory area is zeroed so it can be mapped to userspace |
1310 |
* without leaking data. |
1311 |
*/ |
1312 |
@@ -73996,7 +74017,7 @@ index 56faf31..862c072 100644 |
1313 |
void *vmalloc_user(unsigned long size) |
1314 |
{ |
1315 |
struct vm_struct *area; |
1316 |
-@@ -1752,6 +1820,7 @@ EXPORT_SYMBOL(vmalloc_user); |
1317 |
+@@ -1754,6 +1820,7 @@ EXPORT_SYMBOL(vmalloc_user); |
1318 |
* For tight control over page level allocator and protection flags |
1319 |
* use __vmalloc() instead. |
1320 |
*/ |
1321 |
@@ -74004,7 +74025,7 @@ index 56faf31..862c072 100644 |
1322 |
void *vmalloc_node(unsigned long size, int node) |
1323 |
{ |
1324 |
return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL, |
1325 |
-@@ -1771,6 +1840,7 @@ EXPORT_SYMBOL(vmalloc_node); |
1326 |
+@@ -1773,6 +1840,7 @@ EXPORT_SYMBOL(vmalloc_node); |
1327 |
* For tight control over page level allocator and protection flags |
1328 |
* use __vmalloc_node() instead. |
1329 |
*/ |
1330 |
@@ -74012,7 +74033,7 @@ index 56faf31..862c072 100644 |
1331 |
void *vzalloc_node(unsigned long size, int node) |
1332 |
{ |
1333 |
return __vmalloc_node_flags(size, node, |
1334 |
-@@ -1793,10 +1863,10 @@ EXPORT_SYMBOL(vzalloc_node); |
1335 |
+@@ -1795,10 +1863,10 @@ EXPORT_SYMBOL(vzalloc_node); |
1336 |
* For tight control over page level allocator and protection flags |
1337 |
* use __vmalloc() instead. |
1338 |
*/ |
1339 |
@@ -74025,7 +74046,7 @@ index 56faf31..862c072 100644 |
1340 |
-1, __builtin_return_address(0)); |
1341 |
} |
1342 |
|
1343 |
-@@ -1815,6 +1885,7 @@ void *vmalloc_exec(unsigned long size) |
1344 |
+@@ -1817,6 +1885,7 @@ void *vmalloc_exec(unsigned long size) |
1345 |
* Allocate enough 32bit PA addressable pages to cover @size from the |
1346 |
* page level allocator and map them into contiguous kernel virtual space. |
1347 |
*/ |
1348 |
@@ -74033,7 +74054,7 @@ index 56faf31..862c072 100644 |
1349 |
void *vmalloc_32(unsigned long size) |
1350 |
{ |
1351 |
return __vmalloc_node(size, 1, GFP_VMALLOC32, PAGE_KERNEL, |
1352 |
-@@ -1829,6 +1900,7 @@ EXPORT_SYMBOL(vmalloc_32); |
1353 |
+@@ -1831,6 +1900,7 @@ EXPORT_SYMBOL(vmalloc_32); |
1354 |
* The resulting memory area is 32bit addressable and zeroed so it can be |
1355 |
* mapped to userspace without leaking data. |
1356 |
*/ |
1357 |
@@ -74041,7 +74062,7 @@ index 56faf31..862c072 100644 |
1358 |
void *vmalloc_32_user(unsigned long size) |
1359 |
{ |
1360 |
struct vm_struct *area; |
1361 |
-@@ -2091,6 +2163,8 @@ int remap_vmalloc_range(struct vm_area_struct *vma, void *addr, |
1362 |
+@@ -2093,6 +2163,8 @@ int remap_vmalloc_range(struct vm_area_struct *vma, void *addr, |
1363 |
unsigned long uaddr = vma->vm_start; |
1364 |
unsigned long usize = vma->vm_end - vma->vm_start; |
1365 |
|
1366 |
|
1367 |
diff --git a/3.1.5/4421_grsec-remove-localversion-grsec.patch b/3.1.6/4421_grsec-remove-localversion-grsec.patch |
1368 |
similarity index 100% |
1369 |
rename from 3.1.5/4421_grsec-remove-localversion-grsec.patch |
1370 |
rename to 3.1.6/4421_grsec-remove-localversion-grsec.patch |
1371 |
|
1372 |
diff --git a/3.1.5/4422_grsec-mute-warnings.patch b/3.1.6/4422_grsec-mute-warnings.patch |
1373 |
similarity index 100% |
1374 |
rename from 3.1.5/4422_grsec-mute-warnings.patch |
1375 |
rename to 3.1.6/4422_grsec-mute-warnings.patch |
1376 |
|
1377 |
diff --git a/3.1.5/4423_grsec-remove-protected-paths.patch b/3.1.6/4423_grsec-remove-protected-paths.patch |
1378 |
similarity index 100% |
1379 |
rename from 3.1.5/4423_grsec-remove-protected-paths.patch |
1380 |
rename to 3.1.6/4423_grsec-remove-protected-paths.patch |
1381 |
|
1382 |
diff --git a/3.1.5/4425_grsec-pax-without-grsec.patch b/3.1.6/4425_grsec-pax-without-grsec.patch |
1383 |
similarity index 100% |
1384 |
rename from 3.1.5/4425_grsec-pax-without-grsec.patch |
1385 |
rename to 3.1.6/4425_grsec-pax-without-grsec.patch |
1386 |
|
1387 |
diff --git a/3.1.5/4430_grsec-kconfig-default-gids.patch b/3.1.6/4430_grsec-kconfig-default-gids.patch |
1388 |
similarity index 100% |
1389 |
rename from 3.1.5/4430_grsec-kconfig-default-gids.patch |
1390 |
rename to 3.1.6/4430_grsec-kconfig-default-gids.patch |
1391 |
|
1392 |
diff --git a/3.1.5/4435_grsec-kconfig-gentoo.patch b/3.1.6/4435_grsec-kconfig-gentoo.patch |
1393 |
similarity index 100% |
1394 |
rename from 3.1.5/4435_grsec-kconfig-gentoo.patch |
1395 |
rename to 3.1.6/4435_grsec-kconfig-gentoo.patch |
1396 |
|
1397 |
diff --git a/3.1.5/4437-grsec-kconfig-proc-user.patch b/3.1.6/4437-grsec-kconfig-proc-user.patch |
1398 |
similarity index 100% |
1399 |
rename from 3.1.5/4437-grsec-kconfig-proc-user.patch |
1400 |
rename to 3.1.6/4437-grsec-kconfig-proc-user.patch |
1401 |
|
1402 |
diff --git a/3.1.5/4440_selinux-avc_audit-log-curr_ip.patch b/3.1.6/4440_selinux-avc_audit-log-curr_ip.patch |
1403 |
similarity index 100% |
1404 |
rename from 3.1.5/4440_selinux-avc_audit-log-curr_ip.patch |
1405 |
rename to 3.1.6/4440_selinux-avc_audit-log-curr_ip.patch |
1406 |
|
1407 |
diff --git a/3.1.5/4445_disable-compat_vdso.patch b/3.1.6/4445_disable-compat_vdso.patch |
1408 |
similarity index 100% |
1409 |
rename from 3.1.5/4445_disable-compat_vdso.patch |
1410 |
rename to 3.1.6/4445_disable-compat_vdso.patch |