Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.14/, 2.6.32/, 3.3.1/
Date: Sun, 08 Apr 2012 16:08:44
Message-Id: 1333901285.0a52db7b3a5e19bbd7e27bc6d800a92a4a5c69c6.blueness@gentoo
1 commit: 0a52db7b3a5e19bbd7e27bc6d800a92a4a5c69c6
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Sun Apr 8 16:08:05 2012 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Sun Apr 8 16:08:05 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=0a52db7b
7
8 Grsec/PaX: 2.9-{2.6.32.59-201204010910,3.2.14-201204021757,3.3.1-201204021758}
9
10 ---
11 2.6.32/0000_README | 2 +-
12 ...20_grsecurity-2.9-2.6.32.59-201204062020.patch} | 38 +++++++++++-------
13 3.2.14/0000_README | 2 +-
14 ... 4420_grsecurity-2.9-3.2.14-201204062020.patch} | 42 ++++++++++++--------
15 3.3.1/0000_README | 2 +-
16 ...> 4420_grsecurity-2.9-3.3.1-201204062021.patch} | 42 ++++++++++++--------
17 6 files changed, 76 insertions(+), 52 deletions(-)
18
19 diff --git a/2.6.32/0000_README b/2.6.32/0000_README
20 index eb3b0e5..e55e10a 100644
21 --- a/2.6.32/0000_README
22 +++ b/2.6.32/0000_README
23 @@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch
24 From: http://www.kernel.org
25 Desc: Linux 2.6.32.59
26
27 -Patch: 4420_grsecurity-2.9-2.6.32.59-201204010910.patch
28 +Patch: 4420_grsecurity-2.9-2.6.32.59-201204062020.patch
29 From: http://www.grsecurity.net
30 Desc: hardened-sources base patch from upstream grsecurity
31
32
33 diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
34 similarity index 99%
35 rename from 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch
36 rename to 2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
37 index adc0a83..8d7ed1b 100644
38 --- a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204010910.patch
39 +++ b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201204062020.patch
40 @@ -64990,7 +64990,7 @@ index 0133b5a..3710d09 100644
41 (unsigned long) create_aout_tables((char __user *) bprm->p, bprm);
42 #ifdef __alpha__
43 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
44 -index a64fde6..4d6ea81 100644
45 +index a64fde6..aea5248 100644
46 --- a/fs/binfmt_elf.c
47 +++ b/fs/binfmt_elf.c
48 @@ -31,6 +31,7 @@
49 @@ -65633,7 +65633,7 @@ index a64fde6..4d6ea81 100644
50 /* set_brk can never work. Avoid overflows. */
51 send_sig(SIGKILL, current, 0);
52 retval = -EINVAL;
53 -@@ -877,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
54 +@@ -877,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
55 goto out_free_dentry;
56 }
57 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
58 @@ -65651,8 +65651,10 @@ index a64fde6..4d6ea81 100644
59 + if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
60 + unsigned long start, size;
61 +
62 ++ current->mm->end_data = end_data = elf_brk;
63 + start = ELF_PAGEALIGN(elf_brk);
64 + size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
65 ++ current->mm->start_brk = start + size;
66 + down_write(&current->mm->mmap_sem);
67 + retval = -ENOMEM;
68 + if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
69 @@ -65672,7 +65674,7 @@ index a64fde6..4d6ea81 100644
70 if (elf_interpreter) {
71 unsigned long uninitialized_var(interp_map_addr);
72
73 -@@ -1112,8 +1598,10 @@ static int dump_seek(struct file *file, loff_t off)
74 +@@ -1112,8 +1600,10 @@ static int dump_seek(struct file *file, loff_t off)
75 unsigned long n = off;
76 if (n > PAGE_SIZE)
77 n = PAGE_SIZE;
78 @@ -65684,7 +65686,7 @@ index a64fde6..4d6ea81 100644
79 off -= n;
80 }
81 free_page((unsigned long)buf);
82 -@@ -1125,7 +1613,7 @@ static int dump_seek(struct file *file, loff_t off)
83 +@@ -1125,7 +1615,7 @@ static int dump_seek(struct file *file, loff_t off)
84 * Decide what to dump of a segment, part, all or none.
85 */
86 static unsigned long vma_dump_size(struct vm_area_struct *vma,
87 @@ -65693,7 +65695,7 @@ index a64fde6..4d6ea81 100644
88 {
89 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
90
91 -@@ -1159,7 +1647,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
92 +@@ -1159,7 +1649,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
93 if (vma->vm_file == NULL)
94 return 0;
95
96 @@ -65702,7 +65704,7 @@ index a64fde6..4d6ea81 100644
97 goto whole;
98
99 /*
100 -@@ -1255,8 +1743,11 @@ static int writenote(struct memelfnote *men, struct file *file,
101 +@@ -1255,8 +1745,11 @@ static int writenote(struct memelfnote *men, struct file *file,
102 #undef DUMP_WRITE
103
104 #define DUMP_WRITE(addr, nr) \
105 @@ -65715,7 +65717,7 @@ index a64fde6..4d6ea81 100644
106
107 static void fill_elf_header(struct elfhdr *elf, int segs,
108 u16 machine, u32 flags, u8 osabi)
109 -@@ -1385,9 +1876,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
110 +@@ -1385,9 +1878,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
111 {
112 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
113 int i = 0;
114 @@ -65727,7 +65729,7 @@ index a64fde6..4d6ea81 100644
115 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
116 }
117
118 -@@ -1973,7 +2464,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
119 +@@ -1973,7 +2466,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
120 phdr.p_offset = offset;
121 phdr.p_vaddr = vma->vm_start;
122 phdr.p_paddr = 0;
123 @@ -65736,7 +65738,7 @@ index a64fde6..4d6ea81 100644
124 phdr.p_memsz = vma->vm_end - vma->vm_start;
125 offset += phdr.p_filesz;
126 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
127 -@@ -2006,7 +2497,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
128 +@@ -2006,7 +2499,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
129 unsigned long addr;
130 unsigned long end;
131
132 @@ -65745,7 +65747,7 @@ index a64fde6..4d6ea81 100644
133
134 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
135 struct page *page;
136 -@@ -2015,6 +2506,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
137 +@@ -2015,6 +2508,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un
138 page = get_dump_page(addr);
139 if (page) {
140 void *kaddr = kmap(page);
141 @@ -65753,7 +65755,7 @@ index a64fde6..4d6ea81 100644
142 stop = ((size += PAGE_SIZE) > limit) ||
143 !dump_write(file, kaddr, PAGE_SIZE);
144 kunmap(page);
145 -@@ -2042,6 +2534,97 @@ out:
146 +@@ -2042,6 +2536,97 @@ out:
147
148 #endif /* USE_ELF_CORE_DUMP */
149
150 @@ -96871,7 +96873,7 @@ index 2d846cf..98134d2 100644
151 capable(CAP_IPC_LOCK))
152 ret = do_mlockall(flags);
153 diff --git a/mm/mmap.c b/mm/mmap.c
154 -index 4b80cbf..12a7861 100644
155 +index 4b80cbf..073ac3e 100644
156 --- a/mm/mmap.c
157 +++ b/mm/mmap.c
158 @@ -45,6 +45,16 @@
159 @@ -98127,16 +98129,22 @@ index 4b80cbf..12a7861 100644
160 /*
161 * Return true if the calling process may expand its vm space by the passed
162 * number of pages
163 -@@ -2237,7 +2691,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
164 +@@ -2236,8 +2690,14 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
165 + unsigned long cur = mm->total_vm; /* pages */
166 unsigned long lim;
167
168 ++#ifdef CONFIG_PAX_RANDMMAP
169 ++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
170 ++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
171 ++#endif
172 ++
173 lim = current->signal->rlim[RLIMIT_AS].rlim_cur >> PAGE_SHIFT;
174 --
175 +
176 + gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
177 if (cur + npages > lim)
178 return 0;
179 return 1;
180 -@@ -2307,6 +2761,22 @@ int install_special_mapping(struct mm_struct *mm,
181 +@@ -2307,6 +2767,22 @@ int install_special_mapping(struct mm_struct *mm,
182 vma->vm_start = addr;
183 vma->vm_end = addr + len;
184
185
186 diff --git a/3.2.14/0000_README b/3.2.14/0000_README
187 index 61ea918..3842c31 100644
188 --- a/3.2.14/0000_README
189 +++ b/3.2.14/0000_README
190 @@ -2,7 +2,7 @@ README
191 -----------------------------------------------------------------------------
192 Individual Patch Descriptions:
193 -----------------------------------------------------------------------------
194 -Patch: 4420_grsecurity-2.9-3.2.14-201204021757.patch
195 +Patch: 4420_grsecurity-2.9-3.2.14-201204062020.patch
196 From: http://www.grsecurity.net
197 Desc: hardened-sources base patch from upstream grsecurity
198
199
200 diff --git a/3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch b/3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
201 similarity index 99%
202 rename from 3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch
203 rename to 3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
204 index 7964fc2..a4dfa05 100644
205 --- a/3.2.14/4420_grsecurity-2.9-3.2.14-201204021757.patch
206 +++ b/3.2.14/4420_grsecurity-2.9-3.2.14-201204062020.patch
207 @@ -42181,7 +42181,7 @@ index a6395bd..f1e376a 100644
208 (unsigned long) create_aout_tables((char __user *) bprm->p, bprm);
209 #ifdef __alpha__
210 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
211 -index 6ff96c6..64d2dec 100644
212 +index 6ff96c6..d788bf7 100644
213 --- a/fs/binfmt_elf.c
214 +++ b/fs/binfmt_elf.c
215 @@ -32,6 +32,7 @@
216 @@ -42815,7 +42815,7 @@ index 6ff96c6..64d2dec 100644
217 /* set_brk can never work. Avoid overflows. */
218 send_sig(SIGKILL, current, 0);
219 retval = -EINVAL;
220 -@@ -881,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
221 +@@ -881,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
222 goto out_free_dentry;
223 }
224 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
225 @@ -42833,8 +42833,10 @@ index 6ff96c6..64d2dec 100644
226 + if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
227 + unsigned long start, size;
228 +
229 ++ current->mm->end_data = end_data = elf_brk;
230 + start = ELF_PAGEALIGN(elf_brk);
231 + size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
232 ++ current->mm->start_brk = start + size;
233 + down_write(&current->mm->mmap_sem);
234 + retval = -ENOMEM;
235 + if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
236 @@ -42854,7 +42856,7 @@ index 6ff96c6..64d2dec 100644
237 if (elf_interpreter) {
238 unsigned long uninitialized_var(interp_map_addr);
239
240 -@@ -1098,7 +1580,7 @@ out:
241 +@@ -1098,7 +1582,7 @@ out:
242 * Decide what to dump of a segment, part, all or none.
243 */
244 static unsigned long vma_dump_size(struct vm_area_struct *vma,
245 @@ -42863,7 +42865,7 @@ index 6ff96c6..64d2dec 100644
246 {
247 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
248
249 -@@ -1132,7 +1614,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
250 +@@ -1132,7 +1616,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
251 if (vma->vm_file == NULL)
252 return 0;
253
254 @@ -42872,7 +42874,7 @@ index 6ff96c6..64d2dec 100644
255 goto whole;
256
257 /*
258 -@@ -1354,9 +1836,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
259 +@@ -1354,9 +1838,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
260 {
261 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
262 int i = 0;
263 @@ -42884,7 +42886,7 @@ index 6ff96c6..64d2dec 100644
264 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
265 }
266
267 -@@ -1862,14 +2344,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
268 +@@ -1862,14 +2346,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
269 }
270
271 static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
272 @@ -42901,7 +42903,7 @@ index 6ff96c6..64d2dec 100644
273 return size;
274 }
275
276 -@@ -1963,7 +2445,7 @@ static int elf_core_dump(struct coredump_params *cprm)
277 +@@ -1963,7 +2447,7 @@ static int elf_core_dump(struct coredump_params *cprm)
278
279 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
280
281 @@ -42910,7 +42912,7 @@ index 6ff96c6..64d2dec 100644
282 offset += elf_core_extra_data_size();
283 e_shoff = offset;
284
285 -@@ -1977,10 +2459,12 @@ static int elf_core_dump(struct coredump_params *cprm)
286 +@@ -1977,10 +2461,12 @@ static int elf_core_dump(struct coredump_params *cprm)
287 offset = dataoff;
288
289 size += sizeof(*elf);
290 @@ -42923,7 +42925,7 @@ index 6ff96c6..64d2dec 100644
291 if (size > cprm->limit
292 || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
293 goto end_coredump;
294 -@@ -1994,7 +2478,7 @@ static int elf_core_dump(struct coredump_params *cprm)
295 +@@ -1994,7 +2480,7 @@ static int elf_core_dump(struct coredump_params *cprm)
296 phdr.p_offset = offset;
297 phdr.p_vaddr = vma->vm_start;
298 phdr.p_paddr = 0;
299 @@ -42932,7 +42934,7 @@ index 6ff96c6..64d2dec 100644
300 phdr.p_memsz = vma->vm_end - vma->vm_start;
301 offset += phdr.p_filesz;
302 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
303 -@@ -2005,6 +2489,7 @@ static int elf_core_dump(struct coredump_params *cprm)
304 +@@ -2005,6 +2491,7 @@ static int elf_core_dump(struct coredump_params *cprm)
305 phdr.p_align = ELF_EXEC_PAGESIZE;
306
307 size += sizeof(phdr);
308 @@ -42940,7 +42942,7 @@ index 6ff96c6..64d2dec 100644
309 if (size > cprm->limit
310 || !dump_write(cprm->file, &phdr, sizeof(phdr)))
311 goto end_coredump;
312 -@@ -2029,7 +2514,7 @@ static int elf_core_dump(struct coredump_params *cprm)
313 +@@ -2029,7 +2516,7 @@ static int elf_core_dump(struct coredump_params *cprm)
314 unsigned long addr;
315 unsigned long end;
316
317 @@ -42949,7 +42951,7 @@ index 6ff96c6..64d2dec 100644
318
319 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
320 struct page *page;
321 -@@ -2038,6 +2523,7 @@ static int elf_core_dump(struct coredump_params *cprm)
322 +@@ -2038,6 +2525,7 @@ static int elf_core_dump(struct coredump_params *cprm)
323 page = get_dump_page(addr);
324 if (page) {
325 void *kaddr = kmap(page);
326 @@ -42957,7 +42959,7 @@ index 6ff96c6..64d2dec 100644
327 stop = ((size += PAGE_SIZE) > cprm->limit) ||
328 !dump_write(cprm->file, kaddr,
329 PAGE_SIZE);
330 -@@ -2055,6 +2541,7 @@ static int elf_core_dump(struct coredump_params *cprm)
331 +@@ -2055,6 +2543,7 @@ static int elf_core_dump(struct coredump_params *cprm)
332
333 if (e_phnum == PN_XNUM) {
334 size += sizeof(*shdr4extnum);
335 @@ -42965,7 +42967,7 @@ index 6ff96c6..64d2dec 100644
336 if (size > cprm->limit
337 || !dump_write(cprm->file, shdr4extnum,
338 sizeof(*shdr4extnum)))
339 -@@ -2075,6 +2562,97 @@ out:
340 +@@ -2075,6 +2564,97 @@ out:
341
342 #endif /* CONFIG_ELF_CORE */
343
344 @@ -71682,7 +71684,7 @@ index 4f4f53b..9511904 100644
345 capable(CAP_IPC_LOCK))
346 ret = do_mlockall(flags);
347 diff --git a/mm/mmap.c b/mm/mmap.c
348 -index eae90af..c930262 100644
349 +index eae90af..4370c73 100644
350 --- a/mm/mmap.c
351 +++ b/mm/mmap.c
352 @@ -46,6 +46,16 @@
353 @@ -72978,16 +72980,22 @@ index eae90af..c930262 100644
354 /*
355 * Return true if the calling process may expand its vm space by the passed
356 * number of pages
357 -@@ -2383,7 +2864,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
358 +@@ -2382,8 +2863,13 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
359 + unsigned long cur = mm->total_vm; /* pages */
360 unsigned long lim;
361
362 ++#ifdef CONFIG_PAX_RANDMMAP
363 ++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
364 ++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
365 ++#endif
366 ++
367 lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT;
368 -
369 + gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
370 if (cur + npages > lim)
371 return 0;
372 return 1;
373 -@@ -2454,6 +2935,22 @@ int install_special_mapping(struct mm_struct *mm,
374 +@@ -2454,6 +2940,22 @@ int install_special_mapping(struct mm_struct *mm,
375 vma->vm_start = addr;
376 vma->vm_end = addr + len;
377
378
379 diff --git a/3.3.1/0000_README b/3.3.1/0000_README
380 index 224c31f..945f66f 100644
381 --- a/3.3.1/0000_README
382 +++ b/3.3.1/0000_README
383 @@ -2,7 +2,7 @@ README
384 -----------------------------------------------------------------------------
385 Individual Patch Descriptions:
386 -----------------------------------------------------------------------------
387 -Patch: 4420_grsecurity-2.9-3.3.1-201204021758.patch
388 +Patch: 4420_grsecurity-2.9-3.3.1-201204062021.patch
389 From: http://www.grsecurity.net
390 Desc: hardened-sources base patch from upstream grsecurity
391
392
393 diff --git a/3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch b/3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
394 similarity index 99%
395 rename from 3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch
396 rename to 3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
397 index 9d0bae3..2fad352 100644
398 --- a/3.3.1/4420_grsecurity-2.9-3.3.1-201204021758.patch
399 +++ b/3.3.1/4420_grsecurity-2.9-3.3.1-201204062021.patch
400 @@ -41022,7 +41022,7 @@ index 1ff9405..f1e376a 100644
401 fd_offset + ex.a_text);
402 up_write(&current->mm->mmap_sem);
403 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
404 -index 07d096c..5e2a0b3 100644
405 +index 07d096c..1f08d39 100644
406 --- a/fs/binfmt_elf.c
407 +++ b/fs/binfmt_elf.c
408 @@ -32,6 +32,7 @@
409 @@ -41656,7 +41656,7 @@ index 07d096c..5e2a0b3 100644
410 /* set_brk can never work. Avoid overflows. */
411 send_sig(SIGKILL, current, 0);
412 retval = -EINVAL;
413 -@@ -881,11 +1339,35 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
414 +@@ -881,11 +1339,37 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
415 goto out_free_dentry;
416 }
417 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
418 @@ -41674,8 +41674,10 @@ index 07d096c..5e2a0b3 100644
419 + if (current->mm->pax_flags & MF_PAX_RANDMMAP) {
420 + unsigned long start, size;
421 +
422 ++ current->mm->end_data = end_data = elf_brk;
423 + start = ELF_PAGEALIGN(elf_brk);
424 + size = PAGE_SIZE + ((pax_get_random_long() & ((1UL << 22) - 1UL)) << 4);
425 ++ current->mm->start_brk = start + size;
426 + down_write(&current->mm->mmap_sem);
427 + retval = -ENOMEM;
428 + if (!find_vma_intersection(current->mm, start, start + size + PAGE_SIZE)) {
429 @@ -41695,7 +41697,7 @@ index 07d096c..5e2a0b3 100644
430 if (elf_interpreter) {
431 unsigned long uninitialized_var(interp_map_addr);
432
433 -@@ -1098,7 +1580,7 @@ out:
434 +@@ -1098,7 +1582,7 @@ out:
435 * Decide what to dump of a segment, part, all or none.
436 */
437 static unsigned long vma_dump_size(struct vm_area_struct *vma,
438 @@ -41704,7 +41706,7 @@ index 07d096c..5e2a0b3 100644
439 {
440 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
441
442 -@@ -1132,7 +1614,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
443 +@@ -1132,7 +1616,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
444 if (vma->vm_file == NULL)
445 return 0;
446
447 @@ -41713,7 +41715,7 @@ index 07d096c..5e2a0b3 100644
448 goto whole;
449
450 /*
451 -@@ -1354,9 +1836,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
452 +@@ -1354,9 +1838,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
453 {
454 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
455 int i = 0;
456 @@ -41725,7 +41727,7 @@ index 07d096c..5e2a0b3 100644
457 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
458 }
459
460 -@@ -1862,14 +2344,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
461 +@@ -1862,14 +2346,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
462 }
463
464 static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
465 @@ -41742,7 +41744,7 @@ index 07d096c..5e2a0b3 100644
466 return size;
467 }
468
469 -@@ -1963,7 +2445,7 @@ static int elf_core_dump(struct coredump_params *cprm)
470 +@@ -1963,7 +2447,7 @@ static int elf_core_dump(struct coredump_params *cprm)
471
472 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
473
474 @@ -41751,7 +41753,7 @@ index 07d096c..5e2a0b3 100644
475 offset += elf_core_extra_data_size();
476 e_shoff = offset;
477
478 -@@ -1977,10 +2459,12 @@ static int elf_core_dump(struct coredump_params *cprm)
479 +@@ -1977,10 +2461,12 @@ static int elf_core_dump(struct coredump_params *cprm)
480 offset = dataoff;
481
482 size += sizeof(*elf);
483 @@ -41764,7 +41766,7 @@ index 07d096c..5e2a0b3 100644
484 if (size > cprm->limit
485 || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
486 goto end_coredump;
487 -@@ -1994,7 +2478,7 @@ static int elf_core_dump(struct coredump_params *cprm)
488 +@@ -1994,7 +2480,7 @@ static int elf_core_dump(struct coredump_params *cprm)
489 phdr.p_offset = offset;
490 phdr.p_vaddr = vma->vm_start;
491 phdr.p_paddr = 0;
492 @@ -41773,7 +41775,7 @@ index 07d096c..5e2a0b3 100644
493 phdr.p_memsz = vma->vm_end - vma->vm_start;
494 offset += phdr.p_filesz;
495 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
496 -@@ -2005,6 +2489,7 @@ static int elf_core_dump(struct coredump_params *cprm)
497 +@@ -2005,6 +2491,7 @@ static int elf_core_dump(struct coredump_params *cprm)
498 phdr.p_align = ELF_EXEC_PAGESIZE;
499
500 size += sizeof(phdr);
501 @@ -41781,7 +41783,7 @@ index 07d096c..5e2a0b3 100644
502 if (size > cprm->limit
503 || !dump_write(cprm->file, &phdr, sizeof(phdr)))
504 goto end_coredump;
505 -@@ -2029,7 +2514,7 @@ static int elf_core_dump(struct coredump_params *cprm)
506 +@@ -2029,7 +2516,7 @@ static int elf_core_dump(struct coredump_params *cprm)
507 unsigned long addr;
508 unsigned long end;
509
510 @@ -41790,7 +41792,7 @@ index 07d096c..5e2a0b3 100644
511
512 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
513 struct page *page;
514 -@@ -2038,6 +2523,7 @@ static int elf_core_dump(struct coredump_params *cprm)
515 +@@ -2038,6 +2525,7 @@ static int elf_core_dump(struct coredump_params *cprm)
516 page = get_dump_page(addr);
517 if (page) {
518 void *kaddr = kmap(page);
519 @@ -41798,7 +41800,7 @@ index 07d096c..5e2a0b3 100644
520 stop = ((size += PAGE_SIZE) > cprm->limit) ||
521 !dump_write(cprm->file, kaddr,
522 PAGE_SIZE);
523 -@@ -2055,6 +2541,7 @@ static int elf_core_dump(struct coredump_params *cprm)
524 +@@ -2055,6 +2543,7 @@ static int elf_core_dump(struct coredump_params *cprm)
525
526 if (e_phnum == PN_XNUM) {
527 size += sizeof(*shdr4extnum);
528 @@ -41806,7 +41808,7 @@ index 07d096c..5e2a0b3 100644
529 if (size > cprm->limit
530 || !dump_write(cprm->file, shdr4extnum,
531 sizeof(*shdr4extnum)))
532 -@@ -2075,6 +2562,97 @@ out:
533 +@@ -2075,6 +2564,97 @@ out:
534
535 #endif /* CONFIG_ELF_CORE */
536
537 @@ -70120,7 +70122,7 @@ index ef726e8..13e0901 100644
538 capable(CAP_IPC_LOCK))
539 ret = do_mlockall(flags);
540 diff --git a/mm/mmap.c b/mm/mmap.c
541 -index da15a79..2e3d9ff 100644
542 +index da15a79..333850b 100644
543 --- a/mm/mmap.c
544 +++ b/mm/mmap.c
545 @@ -46,6 +46,16 @@
546 @@ -71349,16 +71351,22 @@ index da15a79..2e3d9ff 100644
547 /*
548 * Return true if the calling process may expand its vm space by the passed
549 * number of pages
550 -@@ -2392,7 +2882,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
551 +@@ -2391,8 +2881,13 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages)
552 + unsigned long cur = mm->total_vm; /* pages */
553 unsigned long lim;
554
555 ++#ifdef CONFIG_PAX_RANDMMAP
556 ++ if ((mm->pax_flags & MF_PAX_RANDMMAP) && mm->end_data)
557 ++ cur -= (mm->start_brk - mm->end_data) >> PAGE_SHIFT;
558 ++#endif
559 ++
560 lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT;
561 -
562 + gr_learn_resource(current, RLIMIT_AS, (cur + npages) << PAGE_SHIFT, 1);
563 if (cur + npages > lim)
564 return 0;
565 return 1;
566 -@@ -2463,6 +2953,22 @@ int install_special_mapping(struct mm_struct *mm,
567 +@@ -2463,6 +2958,22 @@ int install_special_mapping(struct mm_struct *mm,
568 vma->vm_start = addr;
569 vma->vm_end = addr + len;
Report Message
Find on MARC Find on Google Groups