Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 4.6.4/
Date: Tue, 26 Jul 2016 07:02:21
Message-Id: 1469516148.626340b17d84dea8bf5f882750f594207fd5119c.blueness@gentoo
1 commit: 626340b17d84dea8bf5f882750f594207fd5119c
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Tue Jul 26 06:55:48 2016 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Tue Jul 26 06:55:48 2016 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=626340b1
7
8 grsecurity-3.1-4.6.4-201607242014
9
10 4.6.4/0000_README | 2 +-
11 ...> 4420_grsecurity-3.1-4.6.4-201607242014.patch} | 81 ++++++++++++++--------
12 2 files changed, 53 insertions(+), 30 deletions(-)
13
14 diff --git a/4.6.4/0000_README b/4.6.4/0000_README
15 index 0a9f680..81410da 100644
16 --- a/4.6.4/0000_README
17 +++ b/4.6.4/0000_README
18 @@ -2,7 +2,7 @@ README
19 -----------------------------------------------------------------------------
20 Individual Patch Descriptions:
21 -----------------------------------------------------------------------------
22 -Patch: 4420_grsecurity-3.1-4.6.4-201607192040.patch
23 +Patch: 4420_grsecurity-3.1-4.6.4-201607242014.patch
24 From: http://www.grsecurity.net
25 Desc: hardened-sources base patch from upstream grsecurity
26
27
28 diff --git a/4.6.4/4420_grsecurity-3.1-4.6.4-201607192040.patch b/4.6.4/4420_grsecurity-3.1-4.6.4-201607242014.patch
29 similarity index 99%
30 rename from 4.6.4/4420_grsecurity-3.1-4.6.4-201607192040.patch
31 rename to 4.6.4/4420_grsecurity-3.1-4.6.4-201607242014.patch
32 index 4b02b21..f7868ce 100644
33 --- a/4.6.4/4420_grsecurity-3.1-4.6.4-201607192040.patch
34 +++ b/4.6.4/4420_grsecurity-3.1-4.6.4-201607242014.patch
35 @@ -877,7 +877,7 @@ index a876743..fe2a193 100644
36 Counts number of I and D TLB Misses and exports them via Debugfs
37 The counters can be cleared via Debugfs as well
38 diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
39 -index cdfa6c2..aba8354 100644
40 +index cdfa6c2..f39881d 100644
41 --- a/arch/arm/Kconfig
42 +++ b/arch/arm/Kconfig
43 @@ -53,6 +53,7 @@ config ARM
44 @@ -888,7 +888,15 @@ index cdfa6c2..aba8354 100644
45 select HAVE_GENERIC_DMA_COHERENT
46 select HAVE_HW_BREAKPOINT if (PERF_EVENTS && (CPU_V6 || CPU_V6K || CPU_V7))
47 select HAVE_IDE if PCI || ISA || PCMCIA
48 -@@ -1629,6 +1630,7 @@ config HIGHPTE
49 +@@ -1561,6 +1562,7 @@ config AEABI
50 + config OABI_COMPAT
51 + bool "Allow old ABI binaries to run with this kernel (EXPERIMENTAL)"
52 + depends on AEABI && !THUMB2_KERNEL
53 ++ depends on !GRKERNSEC
54 + help
55 + This option preserves the old syscall interface along with the
56 + new (ARM EABI) one. It also provides a compatibility layer to
57 +@@ -1629,6 +1631,7 @@ config HIGHPTE
58 config CPU_SW_DOMAIN_PAN
59 bool "Enable use of CPU domains to implement privileged no-access"
60 depends on MMU && !ARM_LPAE
61 @@ -896,7 +904,7 @@ index cdfa6c2..aba8354 100644
62 default y
63 help
64 Increase kernel security by ensuring that normal kernel accesses
65 -@@ -1705,7 +1707,7 @@ config ALIGNMENT_TRAP
66 +@@ -1705,7 +1708,7 @@ config ALIGNMENT_TRAP
67
68 config UACCESS_WITH_MEMCPY
69 bool "Use kernel mem{cpy,set}() for {copy_to,clear}_user()"
70 @@ -905,7 +913,7 @@ index cdfa6c2..aba8354 100644
71 default y if CPU_FEROCEON
72 help
73 Implement faster copy_to_user and clear_user methods for CPU
74 -@@ -1960,6 +1962,7 @@ config KEXEC
75 +@@ -1960,6 +1963,7 @@ config KEXEC
76 depends on (!SMP || PM_SLEEP_SMP)
77 depends on !CPU_V7M
78 select KEXEC_CORE
79 @@ -913,7 +921,7 @@ index cdfa6c2..aba8354 100644
80 help
81 kexec is a system call that implements the ability to shutdown your
82 current kernel, and to start another kernel. It is like a reboot
83 -@@ -2004,7 +2007,7 @@ config EFI_STUB
84 +@@ -2004,7 +2008,7 @@ config EFI_STUB
85
86 config EFI
87 bool "UEFI runtime support"
88 @@ -23850,7 +23858,7 @@ index c3496619..3f3a7dc 100644
89 asmlinkage void smp_deferred_error_interrupt(void);
90 #endif
91 diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
92 -index 2e7513d..73d9d20 100644
93 +index 2e7513d..792107f 100644
94 --- a/arch/x86/include/asm/uaccess.h
95 +++ b/arch/x86/include/asm/uaccess.h
96 @@ -7,6 +7,7 @@
97 @@ -23887,7 +23895,7 @@ index 2e7513d..73d9d20 100644
98 + unsigned long __size = size; \
99 + unsigned long __addr = (unsigned long)addr; \
100 + bool __ret_ao = __range_not_ok(__addr, __size, user_addr_max()) == 0;\
101 -+ if (__ret_ao && __size) { \
102 ++ if (__ret_ao && __size < 256 * PAGE_SIZE) { \
103 + unsigned long __addr_ao = __addr & PAGE_MASK; \
104 + unsigned long __end_ao = __addr + __size - 1; \
105 + if (unlikely((__end_ao ^ __addr_ao) & PAGE_MASK)) { \
106 @@ -28460,7 +28468,7 @@ index e565e0e..fdfeb45 100644
107 }
108 memcpy(&code, ideal_nops[NOP_ATOMIC5], JUMP_LABEL_NOP_SIZE);
109 diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
110 -index 2da6ee9..4cbe3af 100644
111 +index 2da6ee9..fc0ca78 100644
112 --- a/arch/x86/kernel/kgdb.c
113 +++ b/arch/x86/kernel/kgdb.c
114 @@ -228,7 +228,10 @@ static void kgdb_correct_hw_break(void)
115 @@ -28518,7 +28526,7 @@ index 2da6ee9..4cbe3af 100644
116 text_poke((void *)bpt->bpt_addr, arch_kgdb_ops.gdb_bpt_instr,
117 BREAK_INSTR_SIZE);
118 - err = probe_kernel_read(opc, (char *)bpt->bpt_addr, BREAK_INSTR_SIZE);
119 -+ err = probe_kernel_read(opc, ktla_ktva((char *)bpt->bpt_addr), BREAK_INSTR_SIZE);
120 ++ err = probe_kernel_read(opc, (const void *)ktla_ktva(bpt->bpt_addr), BREAK_INSTR_SIZE);
121 if (err)
122 return err;
123 if (memcmp(opc, arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE))
124 @@ -28527,7 +28535,7 @@ index 2da6ee9..4cbe3af 100644
125 goto knl_write;
126 text_poke((void *)bpt->bpt_addr, bpt->saved_instr, BREAK_INSTR_SIZE);
127 - err = probe_kernel_read(opc, (char *)bpt->bpt_addr, BREAK_INSTR_SIZE);
128 -+ err = probe_kernel_read(opc, ktla_ktva((char *)bpt->bpt_addr), BREAK_INSTR_SIZE);
129 ++ err = probe_kernel_read(opc, (const void *)ktla_ktva(bpt->bpt_addr), BREAK_INSTR_SIZE);
130 if (err || memcmp(opc, bpt->saved_instr, BREAK_INSTR_SIZE))
131 goto knl_write;
132 return err;
133 @@ -124075,10 +124083,10 @@ index 0000000..696d76d
134 +}
135 diff --git a/grsecurity/gracl_res.c b/grsecurity/gracl_res.c
136 new file mode 100644
137 -index 0000000..39645c9
138 +index 0000000..dfba8fd
139 --- /dev/null
140 +++ b/grsecurity/gracl_res.c
141 -@@ -0,0 +1,68 @@
142 +@@ -0,0 +1,74 @@
143 +#include <linux/kernel.h>
144 +#include <linux/sched.h>
145 +#include <linux/gracl.h>
146 @@ -124118,6 +124126,14 @@ index 0000000..39645c9
147 + if (unlikely(!restab_log[res]))
148 + return;
149 +
150 ++ /*
151 ++ * not really security relevant, too much userland code shared
152 ++ * from pulseaudio that blindly attempts to violate limits in a loop,
153 ++ * resulting in log spam
154 ++ */
155 ++ if (res == RLIMIT_NICE)
156 ++ return;
157 ++
158 + if (res == RLIMIT_CPU || res == RLIMIT_RTTIME)
159 + rlim = task_rlimit_max(task, res);
160 + else
161 @@ -124136,8 +124152,6 @@ index 0000000..39645c9
162 + else if (res == RLIMIT_MEMLOCK &&
163 + cap_raised(cred->cap_effective, CAP_IPC_LOCK))
164 + goto out_rcu_unlock;
165 -+ else if (res == RLIMIT_NICE && cap_raised(cred->cap_effective, CAP_SYS_NICE))
166 -+ goto out_rcu_unlock;
167 + rcu_read_unlock();
168 +
169 + gr_log_res_ulong2_str(GR_DONT_AUDIT, GR_RESOURCE_MSG, task, wanted, restab_log[res], rlim);
170 @@ -144283,7 +144297,7 @@ index 2c5e3a8..301fb1a 100644
171 return -ENOSYS;
172 }
173 diff --git a/kernel/sysctl.c b/kernel/sysctl.c
174 -index 725587f..750f909 100644
175 +index 725587f..c7834cc 100644
176 --- a/kernel/sysctl.c
177 +++ b/kernel/sysctl.c
178 @@ -95,7 +95,6 @@
179 @@ -144440,7 +144454,7 @@ index 725587f..750f909 100644
180 - .proc_handler = proc_dointvec_minmax_sysadmin,
181 + .proc_handler = proc_dointvec_minmax_secure_sysadmin,
182 +#ifdef CONFIG_GRKERNSEC_HIDESYM
183 -+ .extra1 = &two,
184 ++ .extra1 = &one,
185 +#else
186 .extra1 = &zero,
187 +#endif
188 @@ -146874,7 +146888,7 @@ index 4f5b1dd..7cab418 100644
189 +}
190 +EXPORT_SYMBOL(copy_to_user_overflow);
191 diff --git a/lib/vsprintf.c b/lib/vsprintf.c
192 -index ccb664b..058e2978 100644
193 +index ccb664b..be065a5 100644
194 --- a/lib/vsprintf.c
195 +++ b/lib/vsprintf.c
196 @@ -16,6 +16,9 @@
197 @@ -146902,7 +146916,7 @@ index ccb664b..058e2978 100644
198
199 -int kptr_restrict __read_mostly;
200 +#ifdef CONFIG_GRKERNSEC_HIDESYM
201 -+int kptr_restrict __read_only = 2;
202 ++int kptr_restrict __read_only = 1;
203 +#else
204 +int kptr_restrict __read_only;
205 +#endif
206 @@ -146959,7 +146973,17 @@ index ccb664b..058e2978 100644
207 case 'K':
208 switch (kptr_restrict) {
209 case 0:
210 -@@ -1724,6 +1743,22 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr,
211 +@@ -1691,6 +1710,9 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr,
212 + */
213 + cred = current_cred();
214 + if (!has_capability_noaudit(current, CAP_SYSLOG) ||
215 ++#ifdef CONFIG_GRKERNSEC_HIDESYM
216 ++ !has_capability_noaudit(current, CAP_SYS_ADMIN) ||
217 ++#endif
218 + !uid_eq(cred->euid, cred->uid) ||
219 + !gid_eq(cred->egid, cred->gid))
220 + ptr = NULL;
221 +@@ -1724,6 +1746,22 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr,
222 case 'G':
223 return flags_string(buf, end, ptr, fmt);
224 }
225 @@ -146982,7 +147006,7 @@ index ccb664b..058e2978 100644
226 spec.flags |= SMALL;
227 if (spec.field_width == -1) {
228 spec.field_width = default_width;
229 -@@ -2424,11 +2459,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
230 +@@ -2424,11 +2462,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
231 typeof(type) value; \
232 if (sizeof(type) == 8) { \
233 args = PTR_ALIGN(args, sizeof(u32)); \
234 @@ -146997,7 +147021,7 @@ index ccb664b..058e2978 100644
235 } \
236 args += sizeof(type); \
237 value; \
238 -@@ -2491,7 +2526,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
239 +@@ -2491,7 +2529,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
240 case FORMAT_TYPE_STR: {
241 const char *str_arg = args;
242 args += strlen(str_arg) + 1;
243 @@ -163915,10 +163939,10 @@ index 0000000..ffe60f6
244 +}
245 diff --git a/scripts/gcc-plugins/constify_plugin.c b/scripts/gcc-plugins/constify_plugin.c
246 new file mode 100644
247 -index 0000000..1a56d17
248 +index 0000000..b769ccf
249 --- /dev/null
250 +++ b/scripts/gcc-plugins/constify_plugin.c
251 -@@ -0,0 +1,583 @@
252 +@@ -0,0 +1,582 @@
253 +/*
254 + * Copyright 2011 by Emese Revfy <re.emese@×××××.com>
255 + * Copyright 2011-2016 by PaX Team <pageexec@××××××××.hu>
256 @@ -163944,7 +163968,7 @@ index 0000000..1a56d17
257 +static bool enabled = true;
258 +
259 +static struct plugin_info const_plugin_info = {
260 -+ .version = "201606280200",
261 ++ .version = "201607241840",
262 + .help = "disable\tturn off constification\n",
263 +};
264 +
265 @@ -164069,10 +164093,8 @@ index 0000000..1a56d17
266 + continue;
267 + if (!constified(ptrtype))
268 + continue;
269 -+ if (TYPE_MAIN_VARIANT(ptrtype) == TYPE_MAIN_VARIANT(type)) {
270 -+ TREE_TYPE(field) = copy_node(TREE_TYPE(field));
271 -+ TREE_TYPE(TREE_TYPE(field)) = build_qualified_type(type, TYPE_QUALS(ptrtype) & ~TYPE_QUAL_CONST);
272 -+ }
273 ++ if (TYPE_MAIN_VARIANT(ptrtype) == TYPE_MAIN_VARIANT(type))
274 ++ TREE_TYPE(field) = build_pointer_type(build_qualified_type(type, TYPE_QUALS(ptrtype) & ~TYPE_QUAL_CONST));
275 + continue;
276 + }
277 + if (TREE_CODE(fieldtype) != RECORD_TYPE && TREE_CODE(fieldtype) != UNION_TYPE)
278 @@ -164190,6 +164212,7 @@ index 0000000..1a56d17
279 +
280 +static void constify_type(tree type)
281 +{
282 ++ gcc_assert(type == TYPE_MAIN_VARIANT(type));
283 + TYPE_READONLY(type) = 1;
284 + C_TYPE_FIELDS_READONLY(type) = 1;
285 + TYPE_CONSTIFY_VISITED(type) = 1;
286 @@ -214202,7 +214225,7 @@ index 3a9b66c..2b38b21 100644
287 unsigned long flags;
288
289 diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
290 -index 9106d8e..e7e2e3c 100644
291 +index 9106d8e..e7e2e3ca 100644
292 --- a/sound/core/pcm_native.c
293 +++ b/sound/core/pcm_native.c
294 @@ -3014,11 +3014,11 @@ int snd_pcm_kernel_ioctl(struct snd_pcm_substream *substream,