1 |
commit: b2f45f348b92b13fb376bad38b4c5057666d9226 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jan 28 04:47:37 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jan 28 04:47:37 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=b2f45f34 |
7 |
|
8 |
Grsec/PaX: 2.2.2-2.6.32.55-201201272054 + 2.2.2-3.2.2-201201272014 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.2.2-2.6.32.55-201201272054.patch} | 718 +++++++++++++++++--- |
13 |
3.2.2/0000_README | 2 +- |
14 |
...4420_grsecurity-2.2.2-3.2.2-201201272014.patch} | 550 ++++++++++++++-- |
15 |
4 files changed, 1150 insertions(+), 122 deletions(-) |
16 |
|
17 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
18 |
index 22a45d2..c4e9b3d 100644 |
19 |
--- a/2.6.32/0000_README |
20 |
+++ b/2.6.32/0000_README |
21 |
@@ -14,7 +14,7 @@ Patch: 1054_linux-2.6.32.55.patch |
22 |
From: http://www.kernel.org |
23 |
Desc: Linux 2.6.32.55 |
24 |
|
25 |
-Patch: 4420_grsecurity-2.2.2-2.6.32.55-201201252116.patch |
26 |
+Patch: 4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
27 |
From: http://www.grsecurity.net |
28 |
Desc: hardened-sources base patch from upstream grsecurity |
29 |
|
30 |
|
31 |
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201252116.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
32 |
similarity index 99% |
33 |
rename from 2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201252116.patch |
34 |
rename to 2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
35 |
index 62dfa48..4b8b2b0 100644 |
36 |
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201252116.patch |
37 |
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
38 |
@@ -27473,6 +27473,109 @@ index b651a55..023297d 100644 |
39 |
/* Copy key, add padding */ |
40 |
|
41 |
for (i = 0; i < keylen; ++i) |
42 |
+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
43 |
+index 9ed9f60..88f160b 100644 |
44 |
+--- a/crypto/sha512_generic.c |
45 |
++++ b/crypto/sha512_generic.c |
46 |
+@@ -21,8 +21,6 @@ |
47 |
+ #include <linux/percpu.h> |
48 |
+ #include <asm/byteorder.h> |
49 |
+ |
50 |
+-static DEFINE_PER_CPU(u64[80], msg_schedule); |
51 |
+- |
52 |
+ static inline u64 Ch(u64 x, u64 y, u64 z) |
53 |
+ { |
54 |
+ return z ^ (x & (y ^ z)); |
55 |
+@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
56 |
+ |
57 |
+ static inline void BLEND_OP(int I, u64 *W) |
58 |
+ { |
59 |
+- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
60 |
++ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
61 |
+ } |
62 |
+ |
63 |
+ static void |
64 |
+@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
65 |
+ u64 a, b, c, d, e, f, g, h, t1, t2; |
66 |
+ |
67 |
+ int i; |
68 |
+- u64 *W = get_cpu_var(msg_schedule); |
69 |
++ u64 W[16]; |
70 |
+ |
71 |
+ /* load the input */ |
72 |
+ for (i = 0; i < 16; i++) |
73 |
+ LOAD_OP(i, W, input); |
74 |
+ |
75 |
+- for (i = 16; i < 80; i++) { |
76 |
+- BLEND_OP(i, W); |
77 |
+- } |
78 |
+- |
79 |
+ /* load the state into our registers */ |
80 |
+ a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
81 |
+ e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
82 |
+ |
83 |
+- /* now iterate */ |
84 |
+- for (i=0; i<80; i+=8) { |
85 |
+- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
86 |
+- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
87 |
+- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
88 |
+- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
89 |
+- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
90 |
+- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
91 |
+- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
92 |
+- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
93 |
+- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
94 |
+- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
95 |
+- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
96 |
+- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
97 |
+- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
98 |
+- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
99 |
+- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
100 |
+- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
101 |
++#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
102 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
103 |
++ t2 = e0(a) + Maj(a, b, c); \ |
104 |
++ d += t1; \ |
105 |
++ h = t1 + t2 |
106 |
++ |
107 |
++#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
108 |
++ BLEND_OP(i, W); \ |
109 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
110 |
++ t2 = e0(a) + Maj(a, b, c); \ |
111 |
++ d += t1; \ |
112 |
++ h = t1 + t2 |
113 |
++ |
114 |
++ for (i = 0; i < 16; i += 8) { |
115 |
++ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
116 |
++ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
117 |
++ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
118 |
++ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
119 |
++ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
120 |
++ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
121 |
++ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
122 |
++ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
123 |
++ } |
124 |
++ for (i = 16; i < 80; i += 8) { |
125 |
++ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
126 |
++ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
127 |
++ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
128 |
++ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
129 |
++ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
130 |
++ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
131 |
++ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
132 |
++ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
133 |
+ } |
134 |
+ |
135 |
+ state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
136 |
+@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
137 |
+ |
138 |
+ /* erase our data */ |
139 |
+ a = b = c = d = e = f = g = h = t1 = t2 = 0; |
140 |
+- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
141 |
+- put_cpu_var(msg_schedule); |
142 |
+ } |
143 |
+ |
144 |
+ static int |
145 |
diff --git a/drivers/acpi/acpi_pad.c b/drivers/acpi/acpi_pad.c |
146 |
index 0d2cdb8..d8de48d 100644 |
147 |
--- a/drivers/acpi/acpi_pad.c |
148 |
@@ -47969,7 +48072,7 @@ index a5bf577..6d19845 100644 |
149 |
return hit; |
150 |
} |
151 |
diff --git a/fs/compat.c b/fs/compat.c |
152 |
-index d1e2411..27064e4 100644 |
153 |
+index d1e2411..b1eda5d 100644 |
154 |
--- a/fs/compat.c |
155 |
+++ b/fs/compat.c |
156 |
@@ -133,8 +133,8 @@ asmlinkage long compat_sys_utimes(char __user *filename, struct compat_timeval _ |
157 |
@@ -48126,7 +48229,18 @@ index d1e2411..27064e4 100644 |
158 |
|
159 |
retval = unshare_files(&displaced); |
160 |
if (retval) |
161 |
-@@ -1499,6 +1541,15 @@ int compat_do_execve(char * filename, |
162 |
+@@ -1493,12 +1535,26 @@ int compat_do_execve(char * filename, |
163 |
+ if (IS_ERR(file)) |
164 |
+ goto out_unmark; |
165 |
+ |
166 |
++ if (gr_ptrace_readexec(file, bprm->unsafe)) { |
167 |
++ retval = -EPERM; |
168 |
++ goto out_file; |
169 |
++ } |
170 |
++ |
171 |
+ sched_exec(); |
172 |
+ |
173 |
+ bprm->file = file; |
174 |
bprm->filename = filename; |
175 |
bprm->interp = filename; |
176 |
|
177 |
@@ -48142,7 +48256,7 @@ index d1e2411..27064e4 100644 |
178 |
retval = bprm_mm_init(bprm); |
179 |
if (retval) |
180 |
goto out_file; |
181 |
-@@ -1528,9 +1579,40 @@ int compat_do_execve(char * filename, |
182 |
+@@ -1528,9 +1584,40 @@ int compat_do_execve(char * filename, |
183 |
if (retval < 0) |
184 |
goto out; |
185 |
|
186 |
@@ -48169,7 +48283,7 @@ index d1e2411..27064e4 100644 |
187 |
+#endif |
188 |
+ |
189 |
+ retval = gr_set_proc_label(file->f_dentry, file->f_vfsmnt, |
190 |
-+ bprm->unsafe & LSM_UNSAFE_SHARE); |
191 |
++ bprm->unsafe); |
192 |
+ if (retval < 0) |
193 |
+ goto out_fail; |
194 |
+ |
195 |
@@ -48184,7 +48298,7 @@ index d1e2411..27064e4 100644 |
196 |
|
197 |
/* execve succeeded */ |
198 |
current->fs->in_exec = 0; |
199 |
-@@ -1541,6 +1623,14 @@ int compat_do_execve(char * filename, |
200 |
+@@ -1541,6 +1628,14 @@ int compat_do_execve(char * filename, |
201 |
put_files_struct(displaced); |
202 |
return retval; |
203 |
|
204 |
@@ -48199,7 +48313,7 @@ index d1e2411..27064e4 100644 |
205 |
out: |
206 |
if (bprm->mm) { |
207 |
acct_arg_size(bprm, 0); |
208 |
-@@ -1711,6 +1801,8 @@ int compat_core_sys_select(int n, compat_ulong_t __user *inp, |
209 |
+@@ -1711,6 +1806,8 @@ int compat_core_sys_select(int n, compat_ulong_t __user *inp, |
210 |
struct fdtable *fdt; |
211 |
long stack_fds[SELECT_STACK_ALLOC/sizeof(long)]; |
212 |
|
213 |
@@ -48208,7 +48322,7 @@ index d1e2411..27064e4 100644 |
214 |
if (n < 0) |
215 |
goto out_nofds; |
216 |
|
217 |
-@@ -2151,7 +2243,7 @@ asmlinkage long compat_sys_nfsservctl(int cmd, |
218 |
+@@ -2151,7 +2248,7 @@ asmlinkage long compat_sys_nfsservctl(int cmd, |
219 |
oldfs = get_fs(); |
220 |
set_fs(KERNEL_DS); |
221 |
/* The __user pointer casts are valid because of the set_fs() */ |
222 |
@@ -48328,6 +48442,78 @@ index c010ecf..a8d8c59 100644 |
223 |
.show = dlm_attr_show, |
224 |
.store = dlm_attr_store, |
225 |
}; |
226 |
+diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
227 |
+index 443947f..a871402 100644 |
228 |
+--- a/fs/ecryptfs/crypto.c |
229 |
++++ b/fs/ecryptfs/crypto.c |
230 |
+@@ -418,17 +418,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
231 |
+ rc); |
232 |
+ goto out; |
233 |
+ } |
234 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
235 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypting extent " |
236 |
+- "with iv:\n"); |
237 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
238 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
239 |
+- "encryption:\n"); |
240 |
+- ecryptfs_dump_hex((char *) |
241 |
+- (page_address(page) |
242 |
+- + (extent_offset * crypt_stat->extent_size)), |
243 |
+- 8); |
244 |
+- } |
245 |
+ rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, |
246 |
+ page, (extent_offset |
247 |
+ * crypt_stat->extent_size), |
248 |
+@@ -441,14 +430,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
249 |
+ goto out; |
250 |
+ } |
251 |
+ rc = 0; |
252 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
253 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " |
254 |
+- "rc = [%d]\n", (extent_base + extent_offset), |
255 |
+- rc); |
256 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
257 |
+- "encryption:\n"); |
258 |
+- ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); |
259 |
+- } |
260 |
+ out: |
261 |
+ return rc; |
262 |
+ } |
263 |
+@@ -545,17 +526,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
264 |
+ rc); |
265 |
+ goto out; |
266 |
+ } |
267 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
268 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypting extent " |
269 |
+- "with iv:\n"); |
270 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
271 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
272 |
+- "decryption:\n"); |
273 |
+- ecryptfs_dump_hex((char *) |
274 |
+- (page_address(enc_extent_page) |
275 |
+- + (extent_offset * crypt_stat->extent_size)), |
276 |
+- 8); |
277 |
+- } |
278 |
+ rc = ecryptfs_decrypt_page_offset(crypt_stat, page, |
279 |
+ (extent_offset |
280 |
+ * crypt_stat->extent_size), |
281 |
+@@ -569,6 +539,7 @@ static int ecryptfs_decrypt_extent(struct page *page, |
282 |
+ goto out; |
283 |
+ } |
284 |
+ rc = 0; |
285 |
++<<<<<<< HEAD |
286 |
+ if (unlikely(ecryptfs_verbosity > 0)) { |
287 |
+ ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " |
288 |
+ "rc = [%d]\n", (extent_base + extent_offset), |
289 |
+@@ -579,6 +550,8 @@ static int ecryptfs_decrypt_extent(struct page *page, |
290 |
+ + (extent_offset |
291 |
+ * crypt_stat->extent_size)), 8); |
292 |
+ } |
293 |
++======= |
294 |
++>>>>>>> 58ded24... eCryptfs: Fix oops when printing debug info in extent crypto functions |
295 |
+ out: |
296 |
+ return rc; |
297 |
+ } |
298 |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
299 |
index 88ba4d4..073f003 100644 |
300 |
--- a/fs/ecryptfs/inode.c |
301 |
@@ -48350,8 +48536,136 @@ index 88ba4d4..073f003 100644 |
302 |
set_fs(old_fs); |
303 |
if (rc < 0) |
304 |
goto out_free; |
305 |
+diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
306 |
+index 4ec8f61..c4b0bc5 100644 |
307 |
+--- a/fs/ecryptfs/miscdev.c |
308 |
++++ b/fs/ecryptfs/miscdev.c |
309 |
+@@ -408,11 +408,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
310 |
+ ssize_t sz = 0; |
311 |
+ char *data; |
312 |
+ uid_t euid = current_euid(); |
313 |
++ unsigned char packet_size_peek[3]; |
314 |
+ int rc; |
315 |
+ |
316 |
+- if (count == 0) |
317 |
++ if (count == 0) { |
318 |
+ goto out; |
319 |
++ } else if (count == (1 + 4)) { |
320 |
++ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
321 |
++ goto memdup; |
322 |
++ } else if (count < (1 + 4 + 1) |
323 |
++ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
324 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
325 |
++ printk(KERN_WARNING "%s: Acceptable packet size range is " |
326 |
++ "[%d-%lu], but amount of data written is [%zu].", |
327 |
++ __func__, (1 + 4 + 1), |
328 |
++ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
329 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
330 |
++ return -EINVAL; |
331 |
++ } |
332 |
+ |
333 |
++ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
334 |
++ sizeof(packet_size_peek))) { |
335 |
++ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
336 |
++ __func__); |
337 |
++ return -EFAULT; |
338 |
++ } |
339 |
++ |
340 |
++ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
341 |
++ &packet_size_length); |
342 |
++ if (rc) { |
343 |
++ printk(KERN_WARNING "%s: Error parsing packet length; " |
344 |
++ "rc = [%d]\n", __func__, rc); |
345 |
++ return rc; |
346 |
++ } |
347 |
++ |
348 |
++ if ((1 + 4 + packet_size_length + packet_size) != count) { |
349 |
++ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
350 |
++ packet_size); |
351 |
++ return -EINVAL; |
352 |
++ } |
353 |
++ |
354 |
++memdup: |
355 |
+ data = memdup_user(buf, count); |
356 |
+ if (IS_ERR(data)) { |
357 |
+ printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
358 |
+@@ -434,23 +470,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
359 |
+ } |
360 |
+ memcpy(&counter_nbo, &data[i], 4); |
361 |
+ seq = be32_to_cpu(counter_nbo); |
362 |
+- i += 4; |
363 |
+- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
364 |
+- &packet_size_length); |
365 |
+- if (rc) { |
366 |
+- printk(KERN_WARNING "%s: Error parsing packet length; " |
367 |
+- "rc = [%d]\n", __func__, rc); |
368 |
+- goto out_free; |
369 |
+- } |
370 |
+- i += packet_size_length; |
371 |
+- if ((1 + 4 + packet_size_length + packet_size) != count) { |
372 |
+- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
373 |
+- " + packet_size([%zd]))([%zd]) != " |
374 |
+- "count([%zd]). Invalid packet format.\n", |
375 |
+- __func__, packet_size_length, packet_size, |
376 |
+- (1 + packet_size_length + packet_size), count); |
377 |
+- goto out_free; |
378 |
+- } |
379 |
++ i += 4 + packet_size_length; |
380 |
+ rc = ecryptfs_miscdev_response(&data[i], packet_size, |
381 |
+ euid, current_user_ns(), |
382 |
+ task_pid(current), seq); |
383 |
+diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
384 |
+index 0cc4faf..0404659 100644 |
385 |
+--- a/fs/ecryptfs/read_write.c |
386 |
++++ b/fs/ecryptfs/read_write.c |
387 |
+@@ -134,13 +134,18 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
388 |
+ pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); |
389 |
+ size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); |
390 |
+ size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
391 |
+- size_t total_remaining_bytes = ((offset + size) - pos); |
392 |
++ loff_t total_remaining_bytes = ((offset + size) - pos); |
393 |
++ |
394 |
++ if (fatal_signal_pending(current)) { |
395 |
++ rc = -EINTR; |
396 |
++ break; |
397 |
++ } |
398 |
+ |
399 |
+ if (num_bytes > total_remaining_bytes) |
400 |
+ num_bytes = total_remaining_bytes; |
401 |
+ if (pos < offset) { |
402 |
+ /* remaining zeros to write, up to destination offset */ |
403 |
+- size_t total_remaining_zeros = (offset - pos); |
404 |
++ loff_t total_remaining_zeros = (offset - pos); |
405 |
+ |
406 |
+ if (num_bytes > total_remaining_zeros) |
407 |
+ num_bytes = total_remaining_zeros; |
408 |
+@@ -197,15 +202,19 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
409 |
+ } |
410 |
+ pos += num_bytes; |
411 |
+ } |
412 |
+- if ((offset + size) > ecryptfs_file_size) { |
413 |
+- i_size_write(ecryptfs_inode, (offset + size)); |
414 |
++ if (pos > ecryptfs_file_size) { |
415 |
++ i_size_write(ecryptfs_inode, pos); |
416 |
+ if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
417 |
+- rc = ecryptfs_write_inode_size_to_metadata( |
418 |
++ int rc2; |
419 |
++ |
420 |
++ rc2 = ecryptfs_write_inode_size_to_metadata( |
421 |
+ ecryptfs_inode); |
422 |
+- if (rc) { |
423 |
++ if (rc2) { |
424 |
+ printk(KERN_ERR "Problem with " |
425 |
+ "ecryptfs_write_inode_size_to_metadata; " |
426 |
+- "rc = [%d]\n", rc); |
427 |
++ "rc = [%d]\n", rc2); |
428 |
++ if (!rc) |
429 |
++ rc = rc2; |
430 |
+ goto out; |
431 |
+ } |
432 |
+ } |
433 |
diff --git a/fs/exec.c b/fs/exec.c |
434 |
-index 86fafc6..6d33cbb 100644 |
435 |
+index 86fafc6..5033350 100644 |
436 |
--- a/fs/exec.c |
437 |
+++ b/fs/exec.c |
438 |
@@ -56,12 +56,28 @@ |
439 |
@@ -48572,7 +48886,18 @@ index 86fafc6..6d33cbb 100644 |
440 |
|
441 |
retval = unshare_files(&displaced); |
442 |
if (retval) |
443 |
-@@ -1383,6 +1440,16 @@ int do_execve(char * filename, |
444 |
+@@ -1377,12 +1434,27 @@ int do_execve(char * filename, |
445 |
+ if (IS_ERR(file)) |
446 |
+ goto out_unmark; |
447 |
+ |
448 |
++ if (gr_ptrace_readexec(file, bprm->unsafe)) { |
449 |
++ retval = -EPERM; |
450 |
++ goto out_file; |
451 |
++ } |
452 |
++ |
453 |
+ sched_exec(); |
454 |
+ |
455 |
+ bprm->file = file; |
456 |
bprm->filename = filename; |
457 |
bprm->interp = filename; |
458 |
|
459 |
@@ -48589,7 +48914,7 @@ index 86fafc6..6d33cbb 100644 |
460 |
retval = bprm_mm_init(bprm); |
461 |
if (retval) |
462 |
goto out_file; |
463 |
-@@ -1412,10 +1479,41 @@ int do_execve(char * filename, |
464 |
+@@ -1412,10 +1484,41 @@ int do_execve(char * filename, |
465 |
if (retval < 0) |
466 |
goto out; |
467 |
|
468 |
@@ -48616,7 +48941,7 @@ index 86fafc6..6d33cbb 100644 |
469 |
+#endif |
470 |
+ |
471 |
+ retval = gr_set_proc_label(file->f_dentry, file->f_vfsmnt, |
472 |
-+ bprm->unsafe & LSM_UNSAFE_SHARE); |
473 |
++ bprm->unsafe); |
474 |
+ if (retval < 0) |
475 |
+ goto out_fail; |
476 |
+ |
477 |
@@ -48632,7 +48957,7 @@ index 86fafc6..6d33cbb 100644 |
478 |
|
479 |
/* execve succeeded */ |
480 |
current->fs->in_exec = 0; |
481 |
-@@ -1426,6 +1524,14 @@ int do_execve(char * filename, |
482 |
+@@ -1426,6 +1529,14 @@ int do_execve(char * filename, |
483 |
put_files_struct(displaced); |
484 |
return retval; |
485 |
|
486 |
@@ -48647,7 +48972,7 @@ index 86fafc6..6d33cbb 100644 |
487 |
out: |
488 |
if (bprm->mm) { |
489 |
acct_arg_size(bprm, 0); |
490 |
-@@ -1591,6 +1697,220 @@ out: |
491 |
+@@ -1591,6 +1702,220 @@ out: |
492 |
return ispipe; |
493 |
} |
494 |
|
495 |
@@ -48868,7 +49193,7 @@ index 86fafc6..6d33cbb 100644 |
496 |
static int zap_process(struct task_struct *start) |
497 |
{ |
498 |
struct task_struct *t; |
499 |
-@@ -1793,17 +2113,17 @@ static void wait_for_dump_helpers(struct file *file) |
500 |
+@@ -1793,17 +2118,17 @@ static void wait_for_dump_helpers(struct file *file) |
501 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
502 |
|
503 |
pipe_lock(pipe); |
504 |
@@ -48891,7 +49216,7 @@ index 86fafc6..6d33cbb 100644 |
505 |
pipe_unlock(pipe); |
506 |
|
507 |
} |
508 |
-@@ -1826,10 +2146,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
509 |
+@@ -1826,10 +2151,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
510 |
char **helper_argv = NULL; |
511 |
int helper_argc = 0; |
512 |
int dump_count = 0; |
513 |
@@ -48906,7 +49231,7 @@ index 86fafc6..6d33cbb 100644 |
514 |
binfmt = mm->binfmt; |
515 |
if (!binfmt || !binfmt->core_dump) |
516 |
goto fail; |
517 |
-@@ -1874,6 +2197,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
518 |
+@@ -1874,6 +2202,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
519 |
*/ |
520 |
clear_thread_flag(TIF_SIGPENDING); |
521 |
|
522 |
@@ -48915,7 +49240,7 @@ index 86fafc6..6d33cbb 100644 |
523 |
/* |
524 |
* lock_kernel() because format_corename() is controlled by sysctl, which |
525 |
* uses lock_kernel() |
526 |
-@@ -1908,7 +2233,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
527 |
+@@ -1908,7 +2238,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
528 |
goto fail_unlock; |
529 |
} |
530 |
|
531 |
@@ -48924,7 +49249,7 @@ index 86fafc6..6d33cbb 100644 |
532 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
533 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
534 |
task_tgid_vnr(current), current->comm); |
535 |
-@@ -1972,7 +2297,7 @@ close_fail: |
536 |
+@@ -1972,7 +2302,7 @@ close_fail: |
537 |
filp_close(file, NULL); |
538 |
fail_dropcount: |
539 |
if (dump_count) |
540 |
@@ -54671,10 +54996,10 @@ index e89734e..5e84d8d 100644 |
541 |
*offset = off & 0x7fffffff; |
542 |
return 0; |
543 |
diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c |
544 |
-index 8f32f50..859e8a3 100644 |
545 |
+index 8f32f50..b6a41e8 100644 |
546 |
--- a/fs/xfs/xfs_vnodeops.c |
547 |
+++ b/fs/xfs/xfs_vnodeops.c |
548 |
-@@ -564,13 +564,17 @@ xfs_readlink( |
549 |
+@@ -564,13 +564,18 @@ xfs_readlink( |
550 |
|
551 |
xfs_ilock(ip, XFS_ILOCK_SHARED); |
552 |
|
553 |
@@ -54689,7 +55014,8 @@ index 8f32f50..859e8a3 100644 |
554 |
+ xfs_fs_cmn_err(CE_ALERT, mp, "%s: inode (%llu) symlink length (%d) too long", |
555 |
+ __func__, (unsigned long long)ip->i_ino, pathlen); |
556 |
+ ASSERT(0); |
557 |
-+ return XFS_ERROR(EFSCORRUPTED); |
558 |
++ error = XFS_ERROR(EFSCORRUPTED); |
559 |
++ goto out; |
560 |
+ } |
561 |
+ |
562 |
if (ip->i_df.if_flags & XFS_IFINLINE) { |
563 |
@@ -54697,10 +55023,10 @@ index 8f32f50..859e8a3 100644 |
564 |
link[pathlen] = '\0'; |
565 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
566 |
new file mode 100644 |
567 |
-index 0000000..f27a8e8 |
568 |
+index 0000000..883b00b |
569 |
--- /dev/null |
570 |
+++ b/grsecurity/Kconfig |
571 |
-@@ -0,0 +1,1036 @@ |
572 |
+@@ -0,0 +1,1064 @@ |
573 |
+# |
574 |
+# grecurity configuration |
575 |
+# |
576 |
@@ -54835,9 +55161,11 @@ index 0000000..f27a8e8 |
577 |
+ select GRKERNSEC_PROC_ADD |
578 |
+ select GRKERNSEC_CHROOT_CHMOD |
579 |
+ select GRKERNSEC_CHROOT_NICE |
580 |
++ select GRKERNSEC_SETXID |
581 |
+ select GRKERNSEC_AUDIT_MOUNT |
582 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
583 |
+ select GRKERNSEC_HARDEN_PTRACE |
584 |
++ select GRKERNSEC_PTRACE_READEXEC |
585 |
+ select GRKERNSEC_VM86 if (X86_32) |
586 |
+ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC) |
587 |
+ select PAX |
588 |
@@ -55499,6 +55827,32 @@ index 0000000..f27a8e8 |
589 |
+ option is enabled, a sysctl option with name "harden_ptrace" is |
590 |
+ created. |
591 |
+ |
592 |
++config GRKERNSEC_PTRACE_READEXEC |
593 |
++ bool "Require read access to ptrace sensitive binaries" |
594 |
++ help |
595 |
++ If you say Y here, unprivileged users will not be able to ptrace unreadable |
596 |
++ binaries. This option is useful in environments that |
597 |
++ remove the read bits (e.g. file mode 4711) from suid binaries to |
598 |
++ prevent infoleaking of their contents. This option adds |
599 |
++ consistency to the use of that file mode, as the binary could normally |
600 |
++ be read out when run without privileges while ptracing. |
601 |
++ |
602 |
++ If the sysctl option is enabled, a sysctl option with name "ptrace_readexec" |
603 |
++ is created. |
604 |
++ |
605 |
++config GRKERNSEC_SETXID |
606 |
++ bool "Enforce consistent multithreaded privileges" |
607 |
++ help |
608 |
++ If you say Y here, a change from a root uid to a non-root uid |
609 |
++ in a multithreaded application will cause the resulting uids, |
610 |
++ gids, supplementary groups, and capabilities in that thread |
611 |
++ to be propagated to the other threads of the process. In most |
612 |
++ cases this is unnecessary, as glibc will emulate this behavior |
613 |
++ on behalf of the application. Other libcs do not act in the |
614 |
++ same way, allowing the other threads of the process to continue |
615 |
++ running with root privileges. If the sysctl option is enabled, |
616 |
++ a sysctl option with name "consistent_setxid" is created. |
617 |
++ |
618 |
+config GRKERNSEC_TPE |
619 |
+ bool "Trusted Path Execution (TPE)" |
620 |
+ help |
621 |
@@ -55781,10 +56135,10 @@ index 0000000..be9ae3a |
622 |
+endif |
623 |
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c |
624 |
new file mode 100644 |
625 |
-index 0000000..6bd68d6 |
626 |
+index 0000000..71cb167 |
627 |
--- /dev/null |
628 |
+++ b/grsecurity/gracl.c |
629 |
-@@ -0,0 +1,4141 @@ |
630 |
+@@ -0,0 +1,4140 @@ |
631 |
+#include <linux/kernel.h> |
632 |
+#include <linux/module.h> |
633 |
+#include <linux/sched.h> |
634 |
@@ -55804,7 +56158,7 @@ index 0000000..6bd68d6 |
635 |
+#include <linux/ptrace.h> |
636 |
+#include <linux/gracl.h> |
637 |
+#include <linux/gralloc.h> |
638 |
-+#include <linux/grsecurity.h> |
639 |
++#include <linux/security.h> |
640 |
+#include <linux/grinternal.h> |
641 |
+#include <linux/pid_namespace.h> |
642 |
+#include <linux/fdtable.h> |
643 |
@@ -58298,7 +58652,7 @@ index 0000000..6bd68d6 |
644 |
+ |
645 |
+int |
646 |
+gr_set_proc_label(const struct dentry *dentry, const struct vfsmount *mnt, |
647 |
-+ const int unsafe_share) |
648 |
++ const int unsafe_flags) |
649 |
+{ |
650 |
+ struct task_struct *task = current; |
651 |
+ struct acl_subject_label *newacl; |
652 |
@@ -58311,13 +58665,12 @@ index 0000000..6bd68d6 |
653 |
+ newacl = chk_subj_label(dentry, mnt, task->role); |
654 |
+ |
655 |
+ task_lock(task); |
656 |
-+ if ((((task->ptrace & PT_PTRACED) || unsafe_share) && |
657 |
-+ !(task->acl->mode & GR_POVERRIDE) && (task->acl != newacl) && |
658 |
++ if (unsafe_flags && !(task->acl->mode & GR_POVERRIDE) && (task->acl != newacl) && |
659 |
+ !(task->role->roletype & GR_ROLE_GOD) && |
660 |
+ !gr_search_file(dentry, GR_PTRACERD, mnt) && |
661 |
-+ !(task->acl->mode & (GR_LEARN | GR_INHERITLEARN)))) { |
662 |
++ !(task->acl->mode & (GR_LEARN | GR_INHERITLEARN))) { |
663 |
+ task_unlock(task); |
664 |
-+ if (unsafe_share) |
665 |
++ if (unsafe_flags & LSM_UNSAFE_SHARE) |
666 |
+ gr_log_fs_generic(GR_DONT_AUDIT, GR_UNSAFESHARE_EXEC_ACL_MSG, dentry, mnt); |
667 |
+ else |
668 |
+ gr_log_fs_generic(GR_DONT_AUDIT, GR_PTRACE_EXEC_ACL_MSG, dentry, mnt); |
669 |
@@ -62727,10 +63080,10 @@ index 0000000..8ca18bf |
670 |
+} |
671 |
diff --git a/grsecurity/grsec_init.c b/grsecurity/grsec_init.c |
672 |
new file mode 100644 |
673 |
-index 0000000..f813c26 |
674 |
+index 0000000..1e995d3 |
675 |
--- /dev/null |
676 |
+++ b/grsecurity/grsec_init.c |
677 |
-@@ -0,0 +1,270 @@ |
678 |
+@@ -0,0 +1,278 @@ |
679 |
+#include <linux/kernel.h> |
680 |
+#include <linux/sched.h> |
681 |
+#include <linux/mm.h> |
682 |
@@ -62741,6 +63094,8 @@ index 0000000..f813c26 |
683 |
+#include <linux/percpu.h> |
684 |
+#include <linux/module.h> |
685 |
+ |
686 |
++int grsec_enable_ptrace_readexec; |
687 |
++int grsec_enable_setxid; |
688 |
+int grsec_enable_brute; |
689 |
+int grsec_enable_link; |
690 |
+int grsec_enable_dmesg; |
691 |
@@ -62921,6 +63276,12 @@ index 0000000..f813c26 |
692 |
+#ifdef CONFIG_GRKERNSEC_EXECLOG |
693 |
+ grsec_enable_execlog = 1; |
694 |
+#endif |
695 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
696 |
++ grsec_enable_setxid = 1; |
697 |
++#endif |
698 |
++#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC |
699 |
++ grsec_enable_ptrace_readexec = 1; |
700 |
++#endif |
701 |
+#ifdef CONFIG_GRKERNSEC_SIGNAL |
702 |
+ grsec_enable_signal = 1; |
703 |
+#endif |
704 |
@@ -63529,14 +63890,14 @@ index 0000000..a3b12a0 |
705 |
+} |
706 |
diff --git a/grsecurity/grsec_ptrace.c b/grsecurity/grsec_ptrace.c |
707 |
new file mode 100644 |
708 |
-index 0000000..472c1d6 |
709 |
+index 0000000..78f8733 |
710 |
--- /dev/null |
711 |
+++ b/grsecurity/grsec_ptrace.c |
712 |
-@@ -0,0 +1,14 @@ |
713 |
+@@ -0,0 +1,30 @@ |
714 |
+#include <linux/kernel.h> |
715 |
+#include <linux/sched.h> |
716 |
+#include <linux/grinternal.h> |
717 |
-+#include <linux/grsecurity.h> |
718 |
++#include <linux/security.h> |
719 |
+ |
720 |
+void |
721 |
+gr_audit_ptrace(struct task_struct *task) |
722 |
@@ -63547,6 +63908,22 @@ index 0000000..472c1d6 |
723 |
+#endif |
724 |
+ return; |
725 |
+} |
726 |
++ |
727 |
++int |
728 |
++gr_ptrace_readexec(struct file *file, int unsafe_flags) |
729 |
++{ |
730 |
++#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC |
731 |
++ const struct dentry *dentry = file->f_path.dentry; |
732 |
++ const struct vfsmount *mnt = file->f_path.mnt; |
733 |
++ |
734 |
++ if (grsec_enable_ptrace_readexec && (unsafe_flags & LSM_UNSAFE_PTRACE) && |
735 |
++ (inode_permission(dentry->d_inode, MAY_READ) || !gr_acl_handle_open(dentry, mnt, MAY_READ))) { |
736 |
++ gr_log_fs_generic(GR_DONT_AUDIT, GR_PTRACE_READEXEC_MSG, dentry, mnt); |
737 |
++ return -EACCES; |
738 |
++ } |
739 |
++#endif |
740 |
++ return 0; |
741 |
++} |
742 |
diff --git a/grsecurity/grsec_sig.c b/grsecurity/grsec_sig.c |
743 |
new file mode 100644 |
744 |
index 0000000..c648492 |
745 |
@@ -64042,10 +64419,10 @@ index 0000000..7512ea9 |
746 |
+} |
747 |
diff --git a/grsecurity/grsec_sysctl.c b/grsecurity/grsec_sysctl.c |
748 |
new file mode 100644 |
749 |
-index 0000000..2753505 |
750 |
+index 0000000..31f3258 |
751 |
--- /dev/null |
752 |
+++ b/grsecurity/grsec_sysctl.c |
753 |
-@@ -0,0 +1,479 @@ |
754 |
+@@ -0,0 +1,499 @@ |
755 |
+#include <linux/kernel.h> |
756 |
+#include <linux/sched.h> |
757 |
+#include <linux/sysctl.h> |
758 |
@@ -64113,6 +64490,26 @@ index 0000000..2753505 |
759 |
+ .proc_handler = &proc_dointvec, |
760 |
+ }, |
761 |
+#endif |
762 |
++#ifdef CONFIG_GRKERNSEC_PTRACE_READEXEC |
763 |
++ { |
764 |
++ .ctl_name = CTL_UNNUMBERED, |
765 |
++ .procname = "ptrace_readexec", |
766 |
++ .data = &grsec_enable_ptrace_readexec, |
767 |
++ .maxlen = sizeof(int), |
768 |
++ .mode = 0600, |
769 |
++ .proc_handler = &proc_dointvec, |
770 |
++ }, |
771 |
++#endif |
772 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
773 |
++ { |
774 |
++ .ctl_name = CTL_UNNUMBERED, |
775 |
++ .procname = "consistent_setxid", |
776 |
++ .data = &grsec_enable_setxid, |
777 |
++ .maxlen = sizeof(int), |
778 |
++ .mode = 0600, |
779 |
++ .proc_handler = &proc_dointvec, |
780 |
++ }, |
781 |
++#endif |
782 |
+#ifdef CONFIG_GRKERNSEC_BLACKHOLE |
783 |
+ { |
784 |
+ .ctl_name = CTL_UNNUMBERED, |
785 |
@@ -66732,10 +67129,10 @@ index 0000000..70d6cd5 |
786 |
+#endif |
787 |
diff --git a/include/linux/grinternal.h b/include/linux/grinternal.h |
788 |
new file mode 100644 |
789 |
-index 0000000..e5817d7 |
790 |
+index 0000000..3826b91 |
791 |
--- /dev/null |
792 |
+++ b/include/linux/grinternal.h |
793 |
-@@ -0,0 +1,218 @@ |
794 |
+@@ -0,0 +1,219 @@ |
795 |
+#ifndef __GRINTERNAL_H |
796 |
+#define __GRINTERNAL_H |
797 |
+ |
798 |
@@ -66772,6 +67169,7 @@ index 0000000..e5817d7 |
799 |
+char *gr_to_filename3(const struct dentry *dentry, |
800 |
+ const struct vfsmount *mnt); |
801 |
+ |
802 |
++extern int grsec_enable_ptrace_readexec; |
803 |
+extern int grsec_enable_harden_ptrace; |
804 |
+extern int grsec_enable_link; |
805 |
+extern int grsec_enable_fifo; |
806 |
@@ -66956,10 +67354,10 @@ index 0000000..e5817d7 |
807 |
+#endif |
808 |
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h |
809 |
new file mode 100644 |
810 |
-index 0000000..9d5fd4a |
811 |
+index 0000000..dfb15ef |
812 |
--- /dev/null |
813 |
+++ b/include/linux/grmsg.h |
814 |
-@@ -0,0 +1,108 @@ |
815 |
+@@ -0,0 +1,109 @@ |
816 |
+#define DEFAULTSECMSG "%.256s[%.16s:%d] uid/euid:%u/%u gid/egid:%u/%u, parent %.256s[%.16s:%d] uid/euid:%u/%u gid/egid:%u/%u" |
817 |
+#define GR_ACL_PROCACCT_MSG "%.256s[%.16s:%d] IP:%pI4 TTY:%.64s uid/euid:%u/%u gid/egid:%u/%u run time:[%ud %uh %um %us] cpu time:[%ud %uh %um %us] %s with exit code %ld, parent %.256s[%.16s:%d] IP:%pI4 TTY:%.64s uid/euid:%u/%u gid/egid:%u/%u" |
818 |
+#define GR_PTRACE_ACL_MSG "denied ptrace of %.950s(%.16s:%d) by " |
819 |
@@ -67067,13 +67465,14 @@ index 0000000..9d5fd4a |
820 |
+#define GR_TEXTREL_AUDIT_MSG "text relocation in %s, VMA:0x%08lx 0x%08lx by " |
821 |
+#define GR_VM86_MSG "denied use of vm86 by " |
822 |
+#define GR_PTRACE_AUDIT_MSG "process %.950s(%.16s:%d) attached to via ptrace by " |
823 |
++#define GR_PTRACE_READEXEC_MSG "denied ptrace of unreadable binary %.950s by " |
824 |
+#define GR_INIT_TRANSFER_MSG "persistent special role transferred privilege to init by " |
825 |
diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h |
826 |
new file mode 100644 |
827 |
-index 0000000..24676f4 |
828 |
+index 0000000..ebba836 |
829 |
--- /dev/null |
830 |
+++ b/include/linux/grsecurity.h |
831 |
-@@ -0,0 +1,218 @@ |
832 |
+@@ -0,0 +1,223 @@ |
833 |
+#ifndef GR_SECURITY_H |
834 |
+#define GR_SECURITY_H |
835 |
+#include <linux/fs.h> |
836 |
@@ -67217,7 +67616,7 @@ index 0000000..24676f4 |
837 |
+ const gid_t gid); |
838 |
+int gr_set_proc_label(const struct dentry *dentry, |
839 |
+ const struct vfsmount *mnt, |
840 |
-+ const int unsafe_share); |
841 |
++ const int unsafe_flags); |
842 |
+__u32 gr_acl_handle_hidden_file(const struct dentry *dentry, |
843 |
+ const struct vfsmount *mnt); |
844 |
+__u32 gr_acl_handle_open(const struct dentry *dentry, |
845 |
@@ -67279,6 +67678,8 @@ index 0000000..24676f4 |
846 |
+void gr_audit_ptrace(struct task_struct *task); |
847 |
+dev_t gr_get_dev_from_dentry(struct dentry *dentry); |
848 |
+ |
849 |
++int gr_ptrace_readexec(struct file *file, int unsafe_flags); |
850 |
++ |
851 |
+#ifdef CONFIG_GRKERNSEC |
852 |
+void task_grsec_rbac(struct seq_file *m, struct task_struct *p); |
853 |
+void gr_handle_vm86(void); |
854 |
@@ -67289,6 +67690,9 @@ index 0000000..24676f4 |
855 |
+#ifdef CONFIG_GRKERNSEC_CHROOT_FINDTASK |
856 |
+extern int grsec_enable_chroot_findtask; |
857 |
+#endif |
858 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
859 |
++extern int grsec_enable_setxid; |
860 |
++#endif |
861 |
+#endif |
862 |
+ |
863 |
+#endif |
864 |
@@ -68429,7 +68833,7 @@ index 3392c59..a746428 100644 |
865 |
#if defined(CONFIG_RFKILL) || defined(CONFIG_RFKILL_MODULE) |
866 |
/** |
867 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
868 |
-index 71849bf..40217dc 100644 |
869 |
+index 71849bf..0ad2f74 100644 |
870 |
--- a/include/linux/sched.h |
871 |
+++ b/include/linux/sched.h |
872 |
@@ -101,6 +101,7 @@ struct bio; |
873 |
@@ -68556,13 +68960,16 @@ index 71849bf..40217dc 100644 |
874 |
struct io_context *io_context; |
875 |
|
876 |
unsigned long ptrace_message; |
877 |
-@@ -1519,6 +1544,21 @@ struct task_struct { |
878 |
+@@ -1519,6 +1544,24 @@ struct task_struct { |
879 |
unsigned long default_timer_slack_ns; |
880 |
|
881 |
struct list_head *scm_work_list; |
882 |
+ |
883 |
+#ifdef CONFIG_GRKERNSEC |
884 |
+ /* grsecurity */ |
885 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
886 |
++ const struct cred *delayed_cred; |
887 |
++#endif |
888 |
+ struct dentry *gr_chroot_dentry; |
889 |
+ struct acl_subject_label *acl; |
890 |
+ struct acl_role_label *role; |
891 |
@@ -68578,7 +68985,7 @@ index 71849bf..40217dc 100644 |
892 |
#ifdef CONFIG_FUNCTION_GRAPH_TRACER |
893 |
/* Index of current stored adress in ret_stack */ |
894 |
int curr_ret_stack; |
895 |
-@@ -1542,6 +1582,57 @@ struct task_struct { |
896 |
+@@ -1542,6 +1585,57 @@ struct task_struct { |
897 |
#endif /* CONFIG_TRACING */ |
898 |
}; |
899 |
|
900 |
@@ -68636,7 +69043,7 @@ index 71849bf..40217dc 100644 |
901 |
/* Future-safe accessor for struct task_struct's cpus_allowed. */ |
902 |
#define tsk_cpumask(tsk) (&(tsk)->cpus_allowed) |
903 |
|
904 |
-@@ -1740,7 +1831,7 @@ extern void thread_group_times(struct task_struct *p, cputime_t *ut, cputime_t * |
905 |
+@@ -1740,7 +1834,7 @@ extern void thread_group_times(struct task_struct *p, cputime_t *ut, cputime_t * |
906 |
#define PF_DUMPCORE 0x00000200 /* dumped core */ |
907 |
#define PF_SIGNALED 0x00000400 /* killed by a signal */ |
908 |
#define PF_MEMALLOC 0x00000800 /* Allocating memory */ |
909 |
@@ -68645,7 +69052,7 @@ index 71849bf..40217dc 100644 |
910 |
#define PF_USED_MATH 0x00002000 /* if unset the fpu must be initialized before use */ |
911 |
#define PF_FREEZING 0x00004000 /* freeze in progress. do not account to load */ |
912 |
#define PF_NOFREEZE 0x00008000 /* this thread should not be frozen */ |
913 |
-@@ -1978,7 +2069,9 @@ void yield(void); |
914 |
+@@ -1978,7 +2072,9 @@ void yield(void); |
915 |
extern struct exec_domain default_exec_domain; |
916 |
|
917 |
union thread_union { |
918 |
@@ -68655,7 +69062,7 @@ index 71849bf..40217dc 100644 |
919 |
unsigned long stack[THREAD_SIZE/sizeof(long)]; |
920 |
}; |
921 |
|
922 |
-@@ -2011,6 +2104,7 @@ extern struct pid_namespace init_pid_ns; |
923 |
+@@ -2011,6 +2107,7 @@ extern struct pid_namespace init_pid_ns; |
924 |
*/ |
925 |
|
926 |
extern struct task_struct *find_task_by_vpid(pid_t nr); |
927 |
@@ -68663,7 +69070,7 @@ index 71849bf..40217dc 100644 |
928 |
extern struct task_struct *find_task_by_pid_ns(pid_t nr, |
929 |
struct pid_namespace *ns); |
930 |
|
931 |
-@@ -2155,7 +2249,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
932 |
+@@ -2155,7 +2252,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
933 |
extern void exit_itimers(struct signal_struct *); |
934 |
extern void flush_itimer_signals(void); |
935 |
|
936 |
@@ -68672,7 +69079,7 @@ index 71849bf..40217dc 100644 |
937 |
|
938 |
extern void daemonize(const char *, ...); |
939 |
extern int allow_signal(int); |
940 |
-@@ -2284,13 +2378,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
941 |
+@@ -2284,13 +2381,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
942 |
|
943 |
#endif |
944 |
|
945 |
@@ -71191,7 +71598,7 @@ index 3f2f04f..4e53ded 100644 |
946 |
/* If set, cpu_up and cpu_down will return -EBUSY and do nothing. |
947 |
* Should always be manipulated under cpu_add_remove_lock |
948 |
diff --git a/kernel/cred.c b/kernel/cred.c |
949 |
-index 0b5b5fc..419b86a 100644 |
950 |
+index 0b5b5fc..f7fe51a 100644 |
951 |
--- a/kernel/cred.c |
952 |
+++ b/kernel/cred.c |
953 |
@@ -160,6 +160,8 @@ static void put_cred_rcu(struct rcu_head *rcu) |
954 |
@@ -71212,7 +71619,23 @@ index 0b5b5fc..419b86a 100644 |
955 |
kdebug("exit_creds(%u,%p,%p,{%d,%d})", tsk->pid, tsk->real_cred, tsk->cred, |
956 |
atomic_read(&tsk->cred->usage), |
957 |
read_cred_subscribers(tsk->cred)); |
958 |
-@@ -222,6 +226,8 @@ const struct cred *get_task_cred(struct task_struct *task) |
959 |
+@@ -206,6 +210,15 @@ void exit_creds(struct task_struct *tsk) |
960 |
+ validate_creds(cred); |
961 |
+ put_cred(cred); |
962 |
+ } |
963 |
++ |
964 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
965 |
++ cred = (struct cred *) tsk->delayed_cred; |
966 |
++ if (cred) { |
967 |
++ tsk->delayed_cred = NULL; |
968 |
++ validate_creds(cred); |
969 |
++ put_cred(cred); |
970 |
++ } |
971 |
++#endif |
972 |
+ } |
973 |
+ |
974 |
+ /** |
975 |
+@@ -222,6 +235,8 @@ const struct cred *get_task_cred(struct task_struct *task) |
976 |
{ |
977 |
const struct cred *cred; |
978 |
|
979 |
@@ -71221,7 +71644,7 @@ index 0b5b5fc..419b86a 100644 |
980 |
rcu_read_lock(); |
981 |
|
982 |
do { |
983 |
-@@ -241,6 +247,8 @@ struct cred *cred_alloc_blank(void) |
984 |
+@@ -241,6 +256,8 @@ struct cred *cred_alloc_blank(void) |
985 |
{ |
986 |
struct cred *new; |
987 |
|
988 |
@@ -71230,7 +71653,7 @@ index 0b5b5fc..419b86a 100644 |
989 |
new = kmem_cache_zalloc(cred_jar, GFP_KERNEL); |
990 |
if (!new) |
991 |
return NULL; |
992 |
-@@ -289,6 +297,8 @@ struct cred *prepare_creds(void) |
993 |
+@@ -289,6 +306,8 @@ struct cred *prepare_creds(void) |
994 |
const struct cred *old; |
995 |
struct cred *new; |
996 |
|
997 |
@@ -71239,7 +71662,7 @@ index 0b5b5fc..419b86a 100644 |
998 |
validate_process_creds(); |
999 |
|
1000 |
new = kmem_cache_alloc(cred_jar, GFP_KERNEL); |
1001 |
-@@ -335,6 +345,8 @@ struct cred *prepare_exec_creds(void) |
1002 |
+@@ -335,6 +354,8 @@ struct cred *prepare_exec_creds(void) |
1003 |
struct thread_group_cred *tgcred = NULL; |
1004 |
struct cred *new; |
1005 |
|
1006 |
@@ -71248,7 +71671,7 @@ index 0b5b5fc..419b86a 100644 |
1007 |
#ifdef CONFIG_KEYS |
1008 |
tgcred = kmalloc(sizeof(*tgcred), GFP_KERNEL); |
1009 |
if (!tgcred) |
1010 |
-@@ -441,6 +453,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) |
1011 |
+@@ -441,6 +462,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags) |
1012 |
struct cred *new; |
1013 |
int ret; |
1014 |
|
1015 |
@@ -71257,7 +71680,13 @@ index 0b5b5fc..419b86a 100644 |
1016 |
mutex_init(&p->cred_guard_mutex); |
1017 |
|
1018 |
if ( |
1019 |
-@@ -528,6 +542,8 @@ int commit_creds(struct cred *new) |
1020 |
+@@ -523,11 +546,13 @@ error_put: |
1021 |
+ * Always returns 0 thus allowing this function to be tail-called at the end |
1022 |
+ * of, say, sys_setgid(). |
1023 |
+ */ |
1024 |
+-int commit_creds(struct cred *new) |
1025 |
++static int __commit_creds(struct cred *new) |
1026 |
+ { |
1027 |
struct task_struct *task = current; |
1028 |
const struct cred *old = task->real_cred; |
1029 |
|
1030 |
@@ -71266,7 +71695,7 @@ index 0b5b5fc..419b86a 100644 |
1031 |
kdebug("commit_creds(%p{%d,%d})", new, |
1032 |
atomic_read(&new->usage), |
1033 |
read_cred_subscribers(new)); |
1034 |
-@@ -544,6 +560,8 @@ int commit_creds(struct cred *new) |
1035 |
+@@ -544,6 +569,8 @@ int commit_creds(struct cred *new) |
1036 |
|
1037 |
get_cred(new); /* we will require a ref for the subj creds too */ |
1038 |
|
1039 |
@@ -71275,7 +71704,7 @@ index 0b5b5fc..419b86a 100644 |
1040 |
/* dumpability changes */ |
1041 |
if (old->euid != new->euid || |
1042 |
old->egid != new->egid || |
1043 |
-@@ -563,10 +581,8 @@ int commit_creds(struct cred *new) |
1044 |
+@@ -563,10 +590,8 @@ int commit_creds(struct cred *new) |
1045 |
key_fsgid_changed(task); |
1046 |
|
1047 |
/* do it |
1048 |
@@ -71288,7 +71717,104 @@ index 0b5b5fc..419b86a 100644 |
1049 |
*/ |
1050 |
alter_cred_subscribers(new, 2); |
1051 |
if (new->user != old->user) |
1052 |
-@@ -606,6 +622,8 @@ EXPORT_SYMBOL(commit_creds); |
1053 |
+@@ -595,8 +620,96 @@ int commit_creds(struct cred *new) |
1054 |
+ put_cred(old); |
1055 |
+ return 0; |
1056 |
+ } |
1057 |
++ |
1058 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
1059 |
++extern int set_user(struct cred *new); |
1060 |
++ |
1061 |
++void gr_delayed_cred_worker(void) |
1062 |
++{ |
1063 |
++ const struct cred *new = current->delayed_cred; |
1064 |
++ struct cred *ncred; |
1065 |
++ |
1066 |
++ current->delayed_cred = NULL; |
1067 |
++ |
1068 |
++ if (current_uid() && new != NULL) { |
1069 |
++ // from doing get_cred on it when queueing this |
1070 |
++ put_cred(new); |
1071 |
++ return; |
1072 |
++ } else if (new == NULL) |
1073 |
++ return; |
1074 |
++ |
1075 |
++ ncred = prepare_creds(); |
1076 |
++ if (!ncred) |
1077 |
++ goto die; |
1078 |
++ // uids |
1079 |
++ ncred->uid = new->uid; |
1080 |
++ ncred->euid = new->euid; |
1081 |
++ ncred->suid = new->suid; |
1082 |
++ ncred->fsuid = new->fsuid; |
1083 |
++ // gids |
1084 |
++ ncred->gid = new->gid; |
1085 |
++ ncred->egid = new->egid; |
1086 |
++ ncred->sgid = new->sgid; |
1087 |
++ ncred->fsgid = new->fsgid; |
1088 |
++ // groups |
1089 |
++ if (set_groups(ncred, new->group_info) < 0) { |
1090 |
++ abort_creds(ncred); |
1091 |
++ goto die; |
1092 |
++ } |
1093 |
++ // caps |
1094 |
++ ncred->securebits = new->securebits; |
1095 |
++ ncred->cap_inheritable = new->cap_inheritable; |
1096 |
++ ncred->cap_permitted = new->cap_permitted; |
1097 |
++ ncred->cap_effective = new->cap_effective; |
1098 |
++ ncred->cap_bset = new->cap_bset; |
1099 |
++ |
1100 |
++ if (set_user(ncred)) { |
1101 |
++ abort_creds(ncred); |
1102 |
++ goto die; |
1103 |
++ } |
1104 |
++ |
1105 |
++ // from doing get_cred on it when queueing this |
1106 |
++ put_cred(new); |
1107 |
++ |
1108 |
++ __commit_creds(ncred); |
1109 |
++ return; |
1110 |
++die: |
1111 |
++ // from doing get_cred on it when queueing this |
1112 |
++ put_cred(new); |
1113 |
++ do_group_exit(SIGKILL); |
1114 |
++} |
1115 |
++#endif |
1116 |
++ |
1117 |
++int commit_creds(struct cred *new) |
1118 |
++{ |
1119 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
1120 |
++ struct task_struct *t; |
1121 |
++ |
1122 |
++ /* we won't get called with tasklist_lock held for writing |
1123 |
++ and interrupts disabled as the cred struct in that case is |
1124 |
++ init_cred |
1125 |
++ */ |
1126 |
++ if (grsec_enable_setxid && !current_is_single_threaded() && |
1127 |
++ !current_uid() && new->uid) { |
1128 |
++ rcu_read_lock(); |
1129 |
++ read_lock(&tasklist_lock); |
1130 |
++ for (t = next_thread(current); t != current; |
1131 |
++ t = next_thread(t)) { |
1132 |
++ if (t->delayed_cred == NULL) { |
1133 |
++ t->delayed_cred = get_cred(new); |
1134 |
++ set_tsk_need_resched(t); |
1135 |
++ } |
1136 |
++ } |
1137 |
++ read_unlock(&tasklist_lock); |
1138 |
++ rcu_read_unlock(); |
1139 |
++ } |
1140 |
++#endif |
1141 |
++ return __commit_creds(new); |
1142 |
++} |
1143 |
++ |
1144 |
+ EXPORT_SYMBOL(commit_creds); |
1145 |
+ |
1146 |
++ |
1147 |
+ /** |
1148 |
+ * abort_creds - Discard a set of credentials and unlock the current task |
1149 |
+ * @new: The credentials that were going to be applied |
1150 |
+@@ -606,6 +719,8 @@ EXPORT_SYMBOL(commit_creds); |
1151 |
*/ |
1152 |
void abort_creds(struct cred *new) |
1153 |
{ |
1154 |
@@ -71297,7 +71823,7 @@ index 0b5b5fc..419b86a 100644 |
1155 |
kdebug("abort_creds(%p{%d,%d})", new, |
1156 |
atomic_read(&new->usage), |
1157 |
read_cred_subscribers(new)); |
1158 |
-@@ -629,6 +647,8 @@ const struct cred *override_creds(const struct cred *new) |
1159 |
+@@ -629,6 +744,8 @@ const struct cred *override_creds(const struct cred *new) |
1160 |
{ |
1161 |
const struct cred *old = current->cred; |
1162 |
|
1163 |
@@ -71306,7 +71832,7 @@ index 0b5b5fc..419b86a 100644 |
1164 |
kdebug("override_creds(%p{%d,%d})", new, |
1165 |
atomic_read(&new->usage), |
1166 |
read_cred_subscribers(new)); |
1167 |
-@@ -658,6 +678,8 @@ void revert_creds(const struct cred *old) |
1168 |
+@@ -658,6 +775,8 @@ void revert_creds(const struct cred *old) |
1169 |
{ |
1170 |
const struct cred *override = current->cred; |
1171 |
|
1172 |
@@ -71315,7 +71841,7 @@ index 0b5b5fc..419b86a 100644 |
1173 |
kdebug("revert_creds(%p{%d,%d})", old, |
1174 |
atomic_read(&old->usage), |
1175 |
read_cred_subscribers(old)); |
1176 |
-@@ -704,6 +726,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
1177 |
+@@ -704,6 +823,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
1178 |
const struct cred *old; |
1179 |
struct cred *new; |
1180 |
|
1181 |
@@ -71324,7 +71850,7 @@ index 0b5b5fc..419b86a 100644 |
1182 |
new = kmem_cache_alloc(cred_jar, GFP_KERNEL); |
1183 |
if (!new) |
1184 |
return NULL; |
1185 |
-@@ -758,6 +782,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
1186 |
+@@ -758,6 +879,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
1187 |
*/ |
1188 |
int set_security_override(struct cred *new, u32 secid) |
1189 |
{ |
1190 |
@@ -71333,7 +71859,7 @@ index 0b5b5fc..419b86a 100644 |
1191 |
return security_kernel_act_as(new, secid); |
1192 |
} |
1193 |
EXPORT_SYMBOL(set_security_override); |
1194 |
-@@ -777,6 +803,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
1195 |
+@@ -777,6 +900,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
1196 |
u32 secid; |
1197 |
int ret; |
1198 |
|
1199 |
@@ -74345,7 +74871,7 @@ index 29bd4ba..8c5de90 100644 |
1200 |
WARN_ON(pendowner->pi_blocked_on->lock != lock); |
1201 |
|
1202 |
diff --git a/kernel/sched.c b/kernel/sched.c |
1203 |
-index 0591df8..db35e3d 100644 |
1204 |
+index 0591df8..e3af3a4 100644 |
1205 |
--- a/kernel/sched.c |
1206 |
+++ b/kernel/sched.c |
1207 |
@@ -5043,7 +5043,7 @@ out: |
1208 |
@@ -74357,7 +74883,27 @@ index 0591df8..db35e3d 100644 |
1209 |
{ |
1210 |
int this_cpu = smp_processor_id(); |
1211 |
struct rq *this_rq = cpu_rq(this_cpu); |
1212 |
-@@ -5700,6 +5700,8 @@ asmlinkage void __sched schedule(void) |
1213 |
+@@ -5690,6 +5690,19 @@ pick_next_task(struct rq *rq) |
1214 |
+ } |
1215 |
+ } |
1216 |
+ |
1217 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
1218 |
++extern void gr_delayed_cred_worker(void); |
1219 |
++static inline void gr_cred_schedule(void) |
1220 |
++{ |
1221 |
++ if (unlikely(current->delayed_cred)) |
1222 |
++ gr_delayed_cred_worker(); |
1223 |
++} |
1224 |
++#else |
1225 |
++static inline void gr_cred_schedule(void) |
1226 |
++{ |
1227 |
++} |
1228 |
++#endif |
1229 |
++ |
1230 |
+ /* |
1231 |
+ * schedule() is the main scheduler function. |
1232 |
+ */ |
1233 |
+@@ -5700,6 +5713,8 @@ asmlinkage void __sched schedule(void) |
1234 |
struct rq *rq; |
1235 |
int cpu; |
1236 |
|
1237 |
@@ -74366,7 +74912,16 @@ index 0591df8..db35e3d 100644 |
1238 |
need_resched: |
1239 |
preempt_disable(); |
1240 |
cpu = smp_processor_id(); |
1241 |
-@@ -5770,7 +5772,7 @@ EXPORT_SYMBOL(schedule); |
1242 |
+@@ -5713,6 +5728,8 @@ need_resched_nonpreemptible: |
1243 |
+ |
1244 |
+ schedule_debug(prev); |
1245 |
+ |
1246 |
++ gr_cred_schedule(); |
1247 |
++ |
1248 |
+ if (sched_feat(HRTICK)) |
1249 |
+ hrtick_clear(rq); |
1250 |
+ |
1251 |
+@@ -5770,7 +5787,7 @@ EXPORT_SYMBOL(schedule); |
1252 |
* Look out! "owner" is an entirely speculative pointer |
1253 |
* access and not reliable. |
1254 |
*/ |
1255 |
@@ -74375,7 +74930,7 @@ index 0591df8..db35e3d 100644 |
1256 |
{ |
1257 |
unsigned int cpu; |
1258 |
struct rq *rq; |
1259 |
-@@ -5784,10 +5786,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1260 |
+@@ -5784,10 +5801,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1261 |
* DEBUG_PAGEALLOC could have unmapped it if |
1262 |
* the mutex owner just released it and exited. |
1263 |
*/ |
1264 |
@@ -74388,7 +74943,7 @@ index 0591df8..db35e3d 100644 |
1265 |
#endif |
1266 |
|
1267 |
/* |
1268 |
-@@ -5816,7 +5818,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1269 |
+@@ -5816,7 +5833,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1270 |
/* |
1271 |
* Is that owner really running on that cpu? |
1272 |
*/ |
1273 |
@@ -74397,7 +74952,7 @@ index 0591df8..db35e3d 100644 |
1274 |
return 0; |
1275 |
|
1276 |
cpu_relax(); |
1277 |
-@@ -6359,6 +6361,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1278 |
+@@ -6359,6 +6376,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1279 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
1280 |
int nice_rlim = 20 - nice; |
1281 |
|
1282 |
@@ -74406,7 +74961,7 @@ index 0591df8..db35e3d 100644 |
1283 |
return (nice_rlim <= p->signal->rlim[RLIMIT_NICE].rlim_cur || |
1284 |
capable(CAP_SYS_NICE)); |
1285 |
} |
1286 |
-@@ -6392,7 +6396,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1287 |
+@@ -6392,7 +6411,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1288 |
if (nice > 19) |
1289 |
nice = 19; |
1290 |
|
1291 |
@@ -74416,7 +74971,7 @@ index 0591df8..db35e3d 100644 |
1292 |
return -EPERM; |
1293 |
|
1294 |
retval = security_task_setnice(current, nice); |
1295 |
-@@ -8774,7 +8779,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
1296 |
+@@ -8774,7 +8794,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
1297 |
long power; |
1298 |
int weight; |
1299 |
|
1300 |
@@ -74656,7 +75211,7 @@ index 04a0252..580c512 100644 |
1301 |
struct tasklet_struct *list; |
1302 |
|
1303 |
diff --git a/kernel/sys.c b/kernel/sys.c |
1304 |
-index e9512b1..3c265de 100644 |
1305 |
+index e9512b1..f07185f 100644 |
1306 |
--- a/kernel/sys.c |
1307 |
+++ b/kernel/sys.c |
1308 |
@@ -133,6 +133,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
1309 |
@@ -74722,6 +75277,15 @@ index e9512b1..3c265de 100644 |
1310 |
if (capable(CAP_SETGID)) |
1311 |
new->gid = new->egid = new->sgid = new->fsgid = gid; |
1312 |
else if (gid == old->gid || gid == old->sgid) |
1313 |
+@@ -559,7 +572,7 @@ error: |
1314 |
+ /* |
1315 |
+ * change the user struct in a credentials set to match the new UID |
1316 |
+ */ |
1317 |
+-static int set_user(struct cred *new) |
1318 |
++int set_user(struct cred *new) |
1319 |
+ { |
1320 |
+ struct user_struct *new_user; |
1321 |
+ |
1322 |
@@ -567,12 +580,19 @@ static int set_user(struct cred *new) |
1323 |
if (!new_user) |
1324 |
return -EAGAIN; |
1325 |
|
1326 |
diff --git a/3.2.2/0000_README b/3.2.2/0000_README |
1327 |
index 742124c..a38ba28 100644 |
1328 |
--- a/3.2.2/0000_README |
1329 |
+++ b/3.2.2/0000_README |
1330 |
@@ -6,7 +6,7 @@ Patch: 1001_linux-3.2.2.patch |
1331 |
From: http://www.kernel.org |
1332 |
Desc: Linux 3.2.2 |
1333 |
|
1334 |
-Patch: 4420_grsecurity-2.2.2-3.2.2-201201252117.patch |
1335 |
+Patch: 4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
1336 |
From: http://www.grsecurity.net |
1337 |
Desc: hardened-sources base patch from upstream grsecurity |
1338 |
|
1339 |
|
1340 |
diff --git a/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201252117.patch b/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
1341 |
similarity index 99% |
1342 |
rename from 3.2.2/4420_grsecurity-2.2.2-3.2.2-201201252117.patch |
1343 |
rename to 3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
1344 |
index 4d4d52e..3f6029d 100644 |
1345 |
--- a/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201252117.patch |
1346 |
+++ b/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
1347 |
@@ -12223,9 +12223,18 @@ index 2af127d..8ff7ac0 100644 |
1348 |
atomic_set(&mce_callin, 0); |
1349 |
atomic_set(&global_nwo, 0); |
1350 |
diff --git a/arch/x86/kernel/cpu/mcheck/p5.c b/arch/x86/kernel/cpu/mcheck/p5.c |
1351 |
-index 5c0e653..1e82c7c 100644 |
1352 |
+index 5c0e653..51ddf2c 100644 |
1353 |
--- a/arch/x86/kernel/cpu/mcheck/p5.c |
1354 |
+++ b/arch/x86/kernel/cpu/mcheck/p5.c |
1355 |
+@@ -11,7 +11,7 @@ |
1356 |
+ #include <asm/processor.h> |
1357 |
+ #include <asm/system.h> |
1358 |
+ #include <asm/mce.h> |
1359 |
+-#include <asm/msr.h> |
1360 |
++#include <asm/pgtable.h> |
1361 |
+ |
1362 |
+ /* By default disabled */ |
1363 |
+ int mce_p5_enabled __read_mostly; |
1364 |
@@ -50,7 +50,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) |
1365 |
if (!cpu_has(c, X86_FEATURE_MCE)) |
1366 |
return; |
1367 |
@@ -12237,10 +12246,18 @@ index 5c0e653..1e82c7c 100644 |
1368 |
wmb(); |
1369 |
|
1370 |
diff --git a/arch/x86/kernel/cpu/mcheck/winchip.c b/arch/x86/kernel/cpu/mcheck/winchip.c |
1371 |
-index 54060f5..e6ba93d 100644 |
1372 |
+index 54060f5..c1a7577 100644 |
1373 |
--- a/arch/x86/kernel/cpu/mcheck/winchip.c |
1374 |
+++ b/arch/x86/kernel/cpu/mcheck/winchip.c |
1375 |
-@@ -24,7 +24,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) |
1376 |
+@@ -11,6 +11,7 @@ |
1377 |
+ #include <asm/system.h> |
1378 |
+ #include <asm/mce.h> |
1379 |
+ #include <asm/msr.h> |
1380 |
++#include <asm/pgtable.h> |
1381 |
+ |
1382 |
+ /* Machine check handler for WinChip C6: */ |
1383 |
+ static void winchip_machine_check(struct pt_regs *regs, long error_code) |
1384 |
+@@ -24,7 +25,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) |
1385 |
{ |
1386 |
u32 lo, hi; |
1387 |
|
1388 |
@@ -15883,7 +15900,7 @@ index 3ca42d0..7cff8cc 100644 |
1389 |
|
1390 |
static void microcode_fini_cpu(int cpu) |
1391 |
diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c |
1392 |
-index 925179f..85bec6c 100644 |
1393 |
+index 925179f..267ac7a 100644 |
1394 |
--- a/arch/x86/kernel/module.c |
1395 |
+++ b/arch/x86/kernel/module.c |
1396 |
@@ -36,15 +36,60 @@ |
1397 |
@@ -15893,7 +15910,8 @@ index 925179f..85bec6c 100644 |
1398 |
-void *module_alloc(unsigned long size) |
1399 |
+static inline void *__module_alloc(unsigned long size, pgprot_t prot) |
1400 |
{ |
1401 |
- if (PAGE_ALIGN(size) > MODULES_LEN) |
1402 |
+- if (PAGE_ALIGN(size) > MODULES_LEN) |
1403 |
++ if (size == 0 || PAGE_ALIGN(size) > MODULES_LEN) |
1404 |
return NULL; |
1405 |
return __vmalloc_node_range(size, 1, MODULES_VADDR, MODULES_END, |
1406 |
- GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL_EXEC, |
1407 |
@@ -24976,6 +24994,109 @@ index 671d4d6..5f24030 100644 |
1408 |
|
1409 |
static void cryptd_queue_worker(struct work_struct *work); |
1410 |
|
1411 |
+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
1412 |
+index 9ed9f60..88f160b 100644 |
1413 |
+--- a/crypto/sha512_generic.c |
1414 |
++++ b/crypto/sha512_generic.c |
1415 |
+@@ -21,8 +21,6 @@ |
1416 |
+ #include <linux/percpu.h> |
1417 |
+ #include <asm/byteorder.h> |
1418 |
+ |
1419 |
+-static DEFINE_PER_CPU(u64[80], msg_schedule); |
1420 |
+- |
1421 |
+ static inline u64 Ch(u64 x, u64 y, u64 z) |
1422 |
+ { |
1423 |
+ return z ^ (x & (y ^ z)); |
1424 |
+@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
1425 |
+ |
1426 |
+ static inline void BLEND_OP(int I, u64 *W) |
1427 |
+ { |
1428 |
+- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
1429 |
++ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
1430 |
+ } |
1431 |
+ |
1432 |
+ static void |
1433 |
+@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
1434 |
+ u64 a, b, c, d, e, f, g, h, t1, t2; |
1435 |
+ |
1436 |
+ int i; |
1437 |
+- u64 *W = get_cpu_var(msg_schedule); |
1438 |
++ u64 W[16]; |
1439 |
+ |
1440 |
+ /* load the input */ |
1441 |
+ for (i = 0; i < 16; i++) |
1442 |
+ LOAD_OP(i, W, input); |
1443 |
+ |
1444 |
+- for (i = 16; i < 80; i++) { |
1445 |
+- BLEND_OP(i, W); |
1446 |
+- } |
1447 |
+- |
1448 |
+ /* load the state into our registers */ |
1449 |
+ a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
1450 |
+ e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
1451 |
+ |
1452 |
+- /* now iterate */ |
1453 |
+- for (i=0; i<80; i+=8) { |
1454 |
+- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
1455 |
+- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
1456 |
+- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
1457 |
+- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
1458 |
+- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
1459 |
+- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
1460 |
+- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
1461 |
+- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
1462 |
+- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
1463 |
+- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
1464 |
+- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
1465 |
+- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
1466 |
+- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
1467 |
+- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
1468 |
+- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
1469 |
+- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
1470 |
++#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
1471 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
1472 |
++ t2 = e0(a) + Maj(a, b, c); \ |
1473 |
++ d += t1; \ |
1474 |
++ h = t1 + t2 |
1475 |
++ |
1476 |
++#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
1477 |
++ BLEND_OP(i, W); \ |
1478 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
1479 |
++ t2 = e0(a) + Maj(a, b, c); \ |
1480 |
++ d += t1; \ |
1481 |
++ h = t1 + t2 |
1482 |
++ |
1483 |
++ for (i = 0; i < 16; i += 8) { |
1484 |
++ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
1485 |
++ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
1486 |
++ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
1487 |
++ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
1488 |
++ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
1489 |
++ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
1490 |
++ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
1491 |
++ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
1492 |
++ } |
1493 |
++ for (i = 16; i < 80; i += 8) { |
1494 |
++ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
1495 |
++ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
1496 |
++ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
1497 |
++ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
1498 |
++ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
1499 |
++ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
1500 |
++ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
1501 |
++ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
1502 |
+ } |
1503 |
+ |
1504 |
+ state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
1505 |
+@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
1506 |
+ |
1507 |
+ /* erase our data */ |
1508 |
+ a = b = c = d = e = f = g = h = t1 = t2 = 0; |
1509 |
+- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
1510 |
+- put_cpu_var(msg_schedule); |
1511 |
+ } |
1512 |
+ |
1513 |
+ static int |
1514 |
diff --git a/drivers/acpi/apei/cper.c b/drivers/acpi/apei/cper.c |
1515 |
index 5d41894..22021e4 100644 |
1516 |
--- a/drivers/acpi/apei/cper.c |
1517 |
@@ -41282,8 +41403,80 @@ index f7908ae..920a680 100644 |
1518 |
|
1519 |
dcache_init(); |
1520 |
inode_init(); |
1521 |
+diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
1522 |
+index 2a83425..b082cec 100644 |
1523 |
+--- a/fs/ecryptfs/crypto.c |
1524 |
++++ b/fs/ecryptfs/crypto.c |
1525 |
+@@ -417,17 +417,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
1526 |
+ (unsigned long long)(extent_base + extent_offset), rc); |
1527 |
+ goto out; |
1528 |
+ } |
1529 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
1530 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypting extent " |
1531 |
+- "with iv:\n"); |
1532 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
1533 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
1534 |
+- "encryption:\n"); |
1535 |
+- ecryptfs_dump_hex((char *) |
1536 |
+- (page_address(page) |
1537 |
+- + (extent_offset * crypt_stat->extent_size)), |
1538 |
+- 8); |
1539 |
+- } |
1540 |
+ rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, |
1541 |
+ page, (extent_offset |
1542 |
+ * crypt_stat->extent_size), |
1543 |
+@@ -440,14 +429,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
1544 |
+ goto out; |
1545 |
+ } |
1546 |
+ rc = 0; |
1547 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
1548 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16llx]; " |
1549 |
+- "rc = [%d]\n", |
1550 |
+- (unsigned long long)(extent_base + extent_offset), rc); |
1551 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
1552 |
+- "encryption:\n"); |
1553 |
+- ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); |
1554 |
+- } |
1555 |
+ out: |
1556 |
+ return rc; |
1557 |
+ } |
1558 |
+@@ -543,17 +524,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
1559 |
+ (unsigned long long)(extent_base + extent_offset), rc); |
1560 |
+ goto out; |
1561 |
+ } |
1562 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
1563 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypting extent " |
1564 |
+- "with iv:\n"); |
1565 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
1566 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
1567 |
+- "decryption:\n"); |
1568 |
+- ecryptfs_dump_hex((char *) |
1569 |
+- (page_address(enc_extent_page) |
1570 |
+- + (extent_offset * crypt_stat->extent_size)), |
1571 |
+- 8); |
1572 |
+- } |
1573 |
+ rc = ecryptfs_decrypt_page_offset(crypt_stat, page, |
1574 |
+ (extent_offset |
1575 |
+ * crypt_stat->extent_size), |
1576 |
+@@ -567,16 +537,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
1577 |
+ goto out; |
1578 |
+ } |
1579 |
+ rc = 0; |
1580 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
1581 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16llx]; " |
1582 |
+- "rc = [%d]\n", |
1583 |
+- (unsigned long long)(extent_base + extent_offset), rc); |
1584 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
1585 |
+- "decryption:\n"); |
1586 |
+- ecryptfs_dump_hex((char *)(page_address(page) |
1587 |
+- + (extent_offset |
1588 |
+- * crypt_stat->extent_size)), 8); |
1589 |
+- } |
1590 |
+ out: |
1591 |
+ return rc; |
1592 |
+ } |
1593 |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
1594 |
-index 32f90a3..0be89e0 100644 |
1595 |
+index 32f90a3..a766407 100644 |
1596 |
--- a/fs/ecryptfs/inode.c |
1597 |
+++ b/fs/ecryptfs/inode.c |
1598 |
@@ -691,7 +691,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf, |
1599 |
@@ -41313,8 +41506,84 @@ index 32f90a3..0be89e0 100644 |
1600 |
if (!IS_ERR(buf)) { |
1601 |
/* Free the char* */ |
1602 |
kfree(buf); |
1603 |
+@@ -841,18 +841,6 @@ static int truncate_upper(struct dentry *dentry, struct iattr *ia, |
1604 |
+ size_t num_zeros = (PAGE_CACHE_SIZE |
1605 |
+ - (ia->ia_size & ~PAGE_CACHE_MASK)); |
1606 |
+ |
1607 |
+- |
1608 |
+- /* |
1609 |
+- * XXX(truncate) this should really happen at the begginning |
1610 |
+- * of ->setattr. But the code is too messy to that as part |
1611 |
+- * of a larger patch. ecryptfs is also totally missing out |
1612 |
+- * on the inode_change_ok check at the beginning of |
1613 |
+- * ->setattr while would include this. |
1614 |
+- */ |
1615 |
+- rc = inode_newsize_ok(inode, ia->ia_size); |
1616 |
+- if (rc) |
1617 |
+- goto out; |
1618 |
+- |
1619 |
+ if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
1620 |
+ truncate_setsize(inode, ia->ia_size); |
1621 |
+ lower_ia->ia_size = ia->ia_size; |
1622 |
+@@ -902,6 +890,28 @@ out: |
1623 |
+ return rc; |
1624 |
+ } |
1625 |
+ |
1626 |
++static int ecryptfs_inode_newsize_ok(struct inode *inode, loff_t offset) |
1627 |
++{ |
1628 |
++ struct ecryptfs_crypt_stat *crypt_stat; |
1629 |
++ loff_t lower_oldsize, lower_newsize; |
1630 |
++ |
1631 |
++ crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; |
1632 |
++ lower_oldsize = upper_size_to_lower_size(crypt_stat, |
1633 |
++ i_size_read(inode)); |
1634 |
++ lower_newsize = upper_size_to_lower_size(crypt_stat, offset); |
1635 |
++ if (lower_newsize > lower_oldsize) { |
1636 |
++ /* |
1637 |
++ * The eCryptfs inode and the new *lower* size are mixed here |
1638 |
++ * because we may not have the lower i_mutex held and/or it may |
1639 |
++ * not be appropriate to call inode_newsize_ok() with inodes |
1640 |
++ * from other filesystems. |
1641 |
++ */ |
1642 |
++ return inode_newsize_ok(inode, lower_newsize); |
1643 |
++ } |
1644 |
++ |
1645 |
++ return 0; |
1646 |
++} |
1647 |
++ |
1648 |
+ /** |
1649 |
+ * ecryptfs_truncate |
1650 |
+ * @dentry: The ecryptfs layer dentry |
1651 |
+@@ -918,6 +928,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
1652 |
+ struct iattr lower_ia = { .ia_valid = 0 }; |
1653 |
+ int rc; |
1654 |
+ |
1655 |
++ rc = ecryptfs_inode_newsize_ok(dentry->d_inode, new_length); |
1656 |
++ if (rc) |
1657 |
++ return rc; |
1658 |
++ |
1659 |
+ rc = truncate_upper(dentry, &ia, &lower_ia); |
1660 |
+ if (!rc && lower_ia.ia_valid & ATTR_SIZE) { |
1661 |
+ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry); |
1662 |
+@@ -997,6 +1011,16 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
1663 |
+ } |
1664 |
+ } |
1665 |
+ mutex_unlock(&crypt_stat->cs_mutex); |
1666 |
++ |
1667 |
++ rc = inode_change_ok(inode, ia); |
1668 |
++ if (rc) |
1669 |
++ goto out; |
1670 |
++ if (ia->ia_valid & ATTR_SIZE) { |
1671 |
++ rc = ecryptfs_inode_newsize_ok(inode, ia->ia_size); |
1672 |
++ if (rc) |
1673 |
++ goto out; |
1674 |
++ } |
1675 |
++ |
1676 |
+ if (S_ISREG(inode->i_mode)) { |
1677 |
+ rc = filemap_write_and_wait(inode->i_mapping); |
1678 |
+ if (rc) |
1679 |
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
1680 |
-index 940a82e..63af89e 100644 |
1681 |
+index 940a82e..d3cdeea 100644 |
1682 |
--- a/fs/ecryptfs/miscdev.c |
1683 |
+++ b/fs/ecryptfs/miscdev.c |
1684 |
@@ -328,7 +328,7 @@ check_list: |
1685 |
@@ -41326,8 +41595,82 @@ index 940a82e..63af89e 100644 |
1686 |
goto out_unlock_msg_ctx; |
1687 |
i += packet_length_size; |
1688 |
if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) |
1689 |
+@@ -409,11 +409,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
1690 |
+ ssize_t sz = 0; |
1691 |
+ char *data; |
1692 |
+ uid_t euid = current_euid(); |
1693 |
++ unsigned char packet_size_peek[3]; |
1694 |
+ int rc; |
1695 |
+ |
1696 |
+- if (count == 0) |
1697 |
++ if (count == 0) { |
1698 |
+ goto out; |
1699 |
++ } else if (count == (1 + 4)) { |
1700 |
++ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
1701 |
++ goto memdup; |
1702 |
++ } else if (count < (1 + 4 + 1) |
1703 |
++ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
1704 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
1705 |
++ printk(KERN_WARNING "%s: Acceptable packet size range is " |
1706 |
++ "[%d-%lu], but amount of data written is [%zu].", |
1707 |
++ __func__, (1 + 4 + 1), |
1708 |
++ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
1709 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
1710 |
++ return -EINVAL; |
1711 |
++ } |
1712 |
+ |
1713 |
++ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
1714 |
++ sizeof(packet_size_peek))) { |
1715 |
++ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
1716 |
++ __func__); |
1717 |
++ return -EFAULT; |
1718 |
++ } |
1719 |
++ |
1720 |
++ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
1721 |
++ &packet_size_length); |
1722 |
++ if (rc) { |
1723 |
++ printk(KERN_WARNING "%s: Error parsing packet length; " |
1724 |
++ "rc = [%d]\n", __func__, rc); |
1725 |
++ return rc; |
1726 |
++ } |
1727 |
++ |
1728 |
++ if ((1 + 4 + packet_size_length + packet_size) != count) { |
1729 |
++ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
1730 |
++ packet_size); |
1731 |
++ return -EINVAL; |
1732 |
++ } |
1733 |
++ |
1734 |
++memdup: |
1735 |
+ data = memdup_user(buf, count); |
1736 |
+ if (IS_ERR(data)) { |
1737 |
+ printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
1738 |
+@@ -435,23 +471,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
1739 |
+ } |
1740 |
+ memcpy(&counter_nbo, &data[i], 4); |
1741 |
+ seq = be32_to_cpu(counter_nbo); |
1742 |
+- i += 4; |
1743 |
+- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
1744 |
+- &packet_size_length); |
1745 |
+- if (rc) { |
1746 |
+- printk(KERN_WARNING "%s: Error parsing packet length; " |
1747 |
+- "rc = [%d]\n", __func__, rc); |
1748 |
+- goto out_free; |
1749 |
+- } |
1750 |
+- i += packet_size_length; |
1751 |
+- if ((1 + 4 + packet_size_length + packet_size) != count) { |
1752 |
+- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
1753 |
+- " + packet_size([%zd]))([%zd]) != " |
1754 |
+- "count([%zd]). Invalid packet format.\n", |
1755 |
+- __func__, packet_size_length, packet_size, |
1756 |
+- (1 + packet_size_length + packet_size), count); |
1757 |
+- goto out_free; |
1758 |
+- } |
1759 |
++ i += 4 + packet_size_length; |
1760 |
+ rc = ecryptfs_miscdev_response(&data[i], packet_size, |
1761 |
+ euid, current_user_ns(), |
1762 |
+ task_pid(current), seq); |
1763 |
diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
1764 |
-index 3745f7c..89cc7a3 100644 |
1765 |
+index 3745f7c..7d040a8 100644 |
1766 |
--- a/fs/ecryptfs/read_write.c |
1767 |
+++ b/fs/ecryptfs/read_write.c |
1768 |
@@ -48,7 +48,7 @@ int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data, |
1769 |
@@ -41339,7 +41682,53 @@ index 3745f7c..89cc7a3 100644 |
1770 |
set_fs(fs_save); |
1771 |
mark_inode_dirty_sync(ecryptfs_inode); |
1772 |
return rc; |
1773 |
-@@ -235,7 +235,7 @@ int ecryptfs_read_lower(char *data, loff_t offset, size_t size, |
1774 |
+@@ -130,13 +130,18 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
1775 |
+ pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); |
1776 |
+ size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); |
1777 |
+ size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
1778 |
+- size_t total_remaining_bytes = ((offset + size) - pos); |
1779 |
++ loff_t total_remaining_bytes = ((offset + size) - pos); |
1780 |
++ |
1781 |
++ if (fatal_signal_pending(current)) { |
1782 |
++ rc = -EINTR; |
1783 |
++ break; |
1784 |
++ } |
1785 |
+ |
1786 |
+ if (num_bytes > total_remaining_bytes) |
1787 |
+ num_bytes = total_remaining_bytes; |
1788 |
+ if (pos < offset) { |
1789 |
+ /* remaining zeros to write, up to destination offset */ |
1790 |
+- size_t total_remaining_zeros = (offset - pos); |
1791 |
++ loff_t total_remaining_zeros = (offset - pos); |
1792 |
+ |
1793 |
+ if (num_bytes > total_remaining_zeros) |
1794 |
+ num_bytes = total_remaining_zeros; |
1795 |
+@@ -193,15 +198,19 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
1796 |
+ } |
1797 |
+ pos += num_bytes; |
1798 |
+ } |
1799 |
+- if ((offset + size) > ecryptfs_file_size) { |
1800 |
+- i_size_write(ecryptfs_inode, (offset + size)); |
1801 |
++ if (pos > ecryptfs_file_size) { |
1802 |
++ i_size_write(ecryptfs_inode, pos); |
1803 |
+ if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
1804 |
+- rc = ecryptfs_write_inode_size_to_metadata( |
1805 |
++ int rc2; |
1806 |
++ |
1807 |
++ rc2 = ecryptfs_write_inode_size_to_metadata( |
1808 |
+ ecryptfs_inode); |
1809 |
+- if (rc) { |
1810 |
++ if (rc2) { |
1811 |
+ printk(KERN_ERR "Problem with " |
1812 |
+ "ecryptfs_write_inode_size_to_metadata; " |
1813 |
+- "rc = [%d]\n", rc); |
1814 |
++ "rc = [%d]\n", rc2); |
1815 |
++ if (!rc) |
1816 |
++ rc = rc2; |
1817 |
+ goto out; |
1818 |
+ } |
1819 |
+ } |
1820 |
+@@ -235,7 +244,7 @@ int ecryptfs_read_lower(char *data, loff_t offset, size_t size, |
1821 |
return -EIO; |
1822 |
fs_save = get_fs(); |
1823 |
set_fs(get_ds()); |
1824 |
@@ -41349,7 +41738,7 @@ index 3745f7c..89cc7a3 100644 |
1825 |
return rc; |
1826 |
} |
1827 |
diff --git a/fs/exec.c b/fs/exec.c |
1828 |
-index 3625464..d08b205 100644 |
1829 |
+index 3625464..fac01f4 100644 |
1830 |
--- a/fs/exec.c |
1831 |
+++ b/fs/exec.c |
1832 |
@@ -55,12 +55,28 @@ |
1833 |
@@ -41671,7 +42060,7 @@ index 3625464..d08b205 100644 |
1834 |
+#endif |
1835 |
+ |
1836 |
+ retval = gr_set_proc_label(file->f_dentry, file->f_vfsmnt, |
1837 |
-+ bprm->unsafe & LSM_UNSAFE_SHARE); |
1838 |
++ bprm->unsafe); |
1839 |
+ if (retval < 0) |
1840 |
+ goto out_fail; |
1841 |
+ |
1842 |
@@ -46762,12 +47151,26 @@ index 23ce927..e274cc1 100644 |
1843 |
|
1844 |
if (!IS_ERR(s)) |
1845 |
kfree(s); |
1846 |
+diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c |
1847 |
+index ce9268a..ee98d0b 100644 |
1848 |
+--- a/fs/xfs/xfs_vnodeops.c |
1849 |
++++ b/fs/xfs/xfs_vnodeops.c |
1850 |
+@@ -131,7 +131,8 @@ xfs_readlink( |
1851 |
+ __func__, (unsigned long long) ip->i_ino, |
1852 |
+ (long long) pathlen); |
1853 |
+ ASSERT(0); |
1854 |
+- return XFS_ERROR(EFSCORRUPTED); |
1855 |
++ error = XFS_ERROR(EFSCORRUPTED); |
1856 |
++ goto out; |
1857 |
+ } |
1858 |
+ |
1859 |
+ |
1860 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
1861 |
new file mode 100644 |
1862 |
-index 0000000..fbe6950d9 |
1863 |
+index 0000000..ab77366 |
1864 |
--- /dev/null |
1865 |
+++ b/grsecurity/Kconfig |
1866 |
-@@ -0,0 +1,1067 @@ |
1867 |
+@@ -0,0 +1,1065 @@ |
1868 |
+# |
1869 |
+# grecurity configuration |
1870 |
+# |
1871 |
@@ -47572,13 +47975,11 @@ index 0000000..fbe6950d9 |
1872 |
+config GRKERNSEC_PTRACE_READEXEC |
1873 |
+ bool "Require read access to ptrace sensitive binaries" |
1874 |
+ help |
1875 |
-+ If you say Y here, read permission will be required by any unprivileged |
1876 |
-+ process to ptrace suid/sgid binaries. Note that the ability to |
1877 |
-+ ptrace privileged binaries and retain that binary's privilege is |
1878 |
-+ already not possible. This option is useful in environments that |
1879 |
++ If you say Y here, unprivileged users will not be able to ptrace unreadable |
1880 |
++ binaries. This option is useful in environments that |
1881 |
+ remove the read bits (e.g. file mode 4711) from suid binaries to |
1882 |
-+ prevent infoleaking of their contents. What this option adds |
1883 |
-+ is consistency to the use of that file mode, as the binary could normally |
1884 |
++ prevent infoleaking of their contents. This option adds |
1885 |
++ consistency to the use of that file mode, as the binary could normally |
1886 |
+ be read out when run without privileges while ptracing. |
1887 |
+ |
1888 |
+ If the sysctl option is enabled, a sysctl option with name "ptrace_readexec" |
1889 |
@@ -47879,10 +48280,10 @@ index 0000000..be9ae3a |
1890 |
+endif |
1891 |
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c |
1892 |
new file mode 100644 |
1893 |
-index 0000000..09258e0 |
1894 |
+index 0000000..d3b423d |
1895 |
--- /dev/null |
1896 |
+++ b/grsecurity/gracl.c |
1897 |
-@@ -0,0 +1,4156 @@ |
1898 |
+@@ -0,0 +1,4155 @@ |
1899 |
+#include <linux/kernel.h> |
1900 |
+#include <linux/module.h> |
1901 |
+#include <linux/sched.h> |
1902 |
@@ -47902,7 +48303,7 @@ index 0000000..09258e0 |
1903 |
+#include <linux/ptrace.h> |
1904 |
+#include <linux/gracl.h> |
1905 |
+#include <linux/gralloc.h> |
1906 |
-+#include <linux/grsecurity.h> |
1907 |
++#include <linux/security.h> |
1908 |
+#include <linux/grinternal.h> |
1909 |
+#include <linux/pid_namespace.h> |
1910 |
+#include <linux/fdtable.h> |
1911 |
@@ -50411,7 +50812,7 @@ index 0000000..09258e0 |
1912 |
+ |
1913 |
+int |
1914 |
+gr_set_proc_label(const struct dentry *dentry, const struct vfsmount *mnt, |
1915 |
-+ const int unsafe_share) |
1916 |
++ const int unsafe_flags) |
1917 |
+{ |
1918 |
+ struct task_struct *task = current; |
1919 |
+ struct acl_subject_label *newacl; |
1920 |
@@ -50424,13 +50825,12 @@ index 0000000..09258e0 |
1921 |
+ newacl = chk_subj_label(dentry, mnt, task->role); |
1922 |
+ |
1923 |
+ task_lock(task); |
1924 |
-+ if ((((task->ptrace & PT_PTRACED) || unsafe_share) && |
1925 |
-+ !(task->acl->mode & GR_POVERRIDE) && (task->acl != newacl) && |
1926 |
++ if (unsafe_flags && !(task->acl->mode & GR_POVERRIDE) && (task->acl != newacl) && |
1927 |
+ !(task->role->roletype & GR_ROLE_GOD) && |
1928 |
+ !gr_search_file(dentry, GR_PTRACERD, mnt) && |
1929 |
-+ !(task->acl->mode & (GR_LEARN | GR_INHERITLEARN)))) { |
1930 |
++ !(task->acl->mode & (GR_LEARN | GR_INHERITLEARN))) { |
1931 |
+ task_unlock(task); |
1932 |
-+ if (unsafe_share) |
1933 |
++ if (unsafe_flags & LSM_UNSAFE_SHARE) |
1934 |
+ gr_log_fs_generic(GR_DONT_AUDIT, GR_UNSAFESHARE_EXEC_ACL_MSG, dentry, mnt); |
1935 |
+ else |
1936 |
+ gr_log_fs_generic(GR_DONT_AUDIT, GR_PTRACE_EXEC_ACL_MSG, dentry, mnt); |
1937 |
@@ -58614,7 +59014,7 @@ index 0000000..da390f1 |
1938 |
+#endif |
1939 |
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h |
1940 |
new file mode 100644 |
1941 |
-index 0000000..cf49370 |
1942 |
+index 0000000..dfb15ef |
1943 |
--- /dev/null |
1944 |
+++ b/include/linux/grmsg.h |
1945 |
@@ -0,0 +1,109 @@ |
1946 |
@@ -58725,11 +59125,11 @@ index 0000000..cf49370 |
1947 |
+#define GR_TEXTREL_AUDIT_MSG "text relocation in %s, VMA:0x%08lx 0x%08lx by " |
1948 |
+#define GR_VM86_MSG "denied use of vm86 by " |
1949 |
+#define GR_PTRACE_AUDIT_MSG "process %.950s(%.16s:%d) attached to via ptrace by " |
1950 |
-+#define GR_PTRACE_READEXEC_MSG "denied ptrace of unreadable suid/sgid binary %.950s by " |
1951 |
++#define GR_PTRACE_READEXEC_MSG "denied ptrace of unreadable binary %.950s by " |
1952 |
+#define GR_INIT_TRANSFER_MSG "persistent special role transferred privilege to init by " |
1953 |
diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h |
1954 |
new file mode 100644 |
1955 |
-index 0000000..1ca3931 |
1956 |
+index 0000000..eb4885f |
1957 |
--- /dev/null |
1958 |
+++ b/include/linux/grsecurity.h |
1959 |
@@ -0,0 +1,233 @@ |
1960 |
@@ -58886,7 +59286,7 @@ index 0000000..1ca3931 |
1961 |
+ const gid_t gid); |
1962 |
+int gr_set_proc_label(const struct dentry *dentry, |
1963 |
+ const struct vfsmount *mnt, |
1964 |
-+ const int unsafe_share); |
1965 |
++ const int unsafe_flags); |
1966 |
+__u32 gr_acl_handle_hidden_file(const struct dentry *dentry, |
1967 |
+ const struct vfsmount *mnt); |
1968 |
+__u32 gr_acl_handle_open(const struct dentry *dentry, |
1969 |
@@ -59680,7 +60080,7 @@ index ffc0213..2c1f2cb 100644 |
1970 |
return nd->saved_names[nd->depth]; |
1971 |
} |
1972 |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
1973 |
-index a82ad4d..be68b4b 100644 |
1974 |
+index a82ad4d..90d15b7 100644 |
1975 |
--- a/include/linux/netdevice.h |
1976 |
+++ b/include/linux/netdevice.h |
1977 |
@@ -949,6 +949,7 @@ struct net_device_ops { |
1978 |
@@ -59691,6 +60091,15 @@ index a82ad4d..be68b4b 100644 |
1979 |
|
1980 |
/* |
1981 |
* The DEVICE structure. |
1982 |
+@@ -1088,7 +1089,7 @@ struct net_device { |
1983 |
+ int iflink; |
1984 |
+ |
1985 |
+ struct net_device_stats stats; |
1986 |
+- atomic_long_t rx_dropped; /* dropped packets by core network |
1987 |
++ atomic_long_unchecked_t rx_dropped; /* dropped packets by core network |
1988 |
+ * Do not use this in drivers. |
1989 |
+ */ |
1990 |
+ |
1991 |
diff --git a/include/linux/netfilter/xt_gradm.h b/include/linux/netfilter/xt_gradm.h |
1992 |
new file mode 100644 |
1993 |
index 0000000..33f4af8 |
1994 |
@@ -60026,7 +60435,7 @@ index 2148b12..519b820 100644 |
1995 |
|
1996 |
static inline void anon_vma_merge(struct vm_area_struct *vma, |
1997 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
1998 |
-index 1c4f3e9..e96dced 100644 |
1999 |
+index 1c4f3e9..c5b241a 100644 |
2000 |
--- a/include/linux/sched.h |
2001 |
+++ b/include/linux/sched.h |
2002 |
@@ -101,6 +101,7 @@ struct bio_list; |
2003 |
@@ -60135,14 +60544,16 @@ index 1c4f3e9..e96dced 100644 |
2004 |
#ifdef CONFIG_DEBUG_MUTEXES |
2005 |
/* mutex deadlock detection */ |
2006 |
struct mutex_waiter *blocked_on; |
2007 |
-@@ -1540,6 +1566,22 @@ struct task_struct { |
2008 |
+@@ -1540,6 +1566,24 @@ struct task_struct { |
2009 |
unsigned long default_timer_slack_ns; |
2010 |
|
2011 |
struct list_head *scm_work_list; |
2012 |
+ |
2013 |
+#ifdef CONFIG_GRKERNSEC |
2014 |
+ /* grsecurity */ |
2015 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
2016 |
+ const struct cred *delayed_cred; |
2017 |
++#endif |
2018 |
+ struct dentry *gr_chroot_dentry; |
2019 |
+ struct acl_subject_label *acl; |
2020 |
+ struct acl_role_label *role; |
2021 |
@@ -60158,7 +60569,7 @@ index 1c4f3e9..e96dced 100644 |
2022 |
#ifdef CONFIG_FUNCTION_GRAPH_TRACER |
2023 |
/* Index of current stored address in ret_stack */ |
2024 |
int curr_ret_stack; |
2025 |
-@@ -1574,6 +1616,51 @@ struct task_struct { |
2026 |
+@@ -1574,6 +1618,51 @@ struct task_struct { |
2027 |
#endif |
2028 |
}; |
2029 |
|
2030 |
@@ -60210,7 +60621,7 @@ index 1c4f3e9..e96dced 100644 |
2031 |
/* Future-safe accessor for struct task_struct's cpus_allowed. */ |
2032 |
#define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) |
2033 |
|
2034 |
-@@ -2081,7 +2168,9 @@ void yield(void); |
2035 |
+@@ -2081,7 +2170,9 @@ void yield(void); |
2036 |
extern struct exec_domain default_exec_domain; |
2037 |
|
2038 |
union thread_union { |
2039 |
@@ -60220,7 +60631,7 @@ index 1c4f3e9..e96dced 100644 |
2040 |
unsigned long stack[THREAD_SIZE/sizeof(long)]; |
2041 |
}; |
2042 |
|
2043 |
-@@ -2114,6 +2203,7 @@ extern struct pid_namespace init_pid_ns; |
2044 |
+@@ -2114,6 +2205,7 @@ extern struct pid_namespace init_pid_ns; |
2045 |
*/ |
2046 |
|
2047 |
extern struct task_struct *find_task_by_vpid(pid_t nr); |
2048 |
@@ -60228,7 +60639,7 @@ index 1c4f3e9..e96dced 100644 |
2049 |
extern struct task_struct *find_task_by_pid_ns(pid_t nr, |
2050 |
struct pid_namespace *ns); |
2051 |
|
2052 |
-@@ -2251,7 +2341,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
2053 |
+@@ -2251,7 +2343,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
2054 |
extern void exit_itimers(struct signal_struct *); |
2055 |
extern void flush_itimer_signals(void); |
2056 |
|
2057 |
@@ -60237,7 +60648,7 @@ index 1c4f3e9..e96dced 100644 |
2058 |
|
2059 |
extern void daemonize(const char *, ...); |
2060 |
extern int allow_signal(int); |
2061 |
-@@ -2416,13 +2506,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
2062 |
+@@ -2416,13 +2508,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
2063 |
|
2064 |
#endif |
2065 |
|
2066 |
@@ -69949,7 +70360,7 @@ index 716eb4a..8d10419 100644 |
2067 |
|
2068 |
static const int *pcpu_unit_map __read_mostly; /* cpu -> unit */ |
2069 |
diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c |
2070 |
-index e920aa3..c19184f0 100644 |
2071 |
+index e920aa3..78fe584 100644 |
2072 |
--- a/mm/process_vm_access.c |
2073 |
+++ b/mm/process_vm_access.c |
2074 |
@@ -13,6 +13,7 @@ |
2075 |
@@ -69960,7 +70371,15 @@ index e920aa3..c19184f0 100644 |
2076 |
#include <linux/ptrace.h> |
2077 |
#include <linux/slab.h> |
2078 |
#include <linux/syscalls.h> |
2079 |
-@@ -264,13 +265,11 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
2080 |
+@@ -258,19 +259,19 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
2081 |
+ size_t iov_l_curr_offset = 0; |
2082 |
+ ssize_t iov_len; |
2083 |
+ |
2084 |
++ return -ENOSYS; // PaX: until properly audited |
2085 |
++ |
2086 |
+ /* |
2087 |
+ * Work out how many pages of struct pages we're going to need |
2088 |
+ * when eventually calling get_user_pages |
2089 |
*/ |
2090 |
for (i = 0; i < riovcnt; i++) { |
2091 |
iov_len = rvec[i].iov_len; |
2092 |
@@ -69979,7 +70398,7 @@ index e920aa3..c19184f0 100644 |
2093 |
} |
2094 |
|
2095 |
if (nr_pages == 0) |
2096 |
-@@ -298,8 +297,13 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
2097 |
+@@ -298,8 +299,13 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
2098 |
goto free_proc_pages; |
2099 |
} |
2100 |
|
2101 |
@@ -71914,7 +72333,7 @@ index 68bbf9f..5ef0d12 100644 |
2102 |
|
2103 |
return err; |
2104 |
diff --git a/net/core/dev.c b/net/core/dev.c |
2105 |
-index 5a13edf..1bc016b 100644 |
2106 |
+index 5a13edf..a6f2bd2 100644 |
2107 |
--- a/net/core/dev.c |
2108 |
+++ b/net/core/dev.c |
2109 |
@@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name) |
2110 |
@@ -71932,6 +72351,24 @@ index 5a13edf..1bc016b 100644 |
2111 |
} |
2112 |
} |
2113 |
EXPORT_SYMBOL(dev_load); |
2114 |
+@@ -1573,7 +1577,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
2115 |
+ { |
2116 |
+ if (skb_shinfo(skb)->tx_flags & SKBTX_DEV_ZEROCOPY) { |
2117 |
+ if (skb_copy_ubufs(skb, GFP_ATOMIC)) { |
2118 |
+- atomic_long_inc(&dev->rx_dropped); |
2119 |
++ atomic_long_inc_unchecked(&dev->rx_dropped); |
2120 |
+ kfree_skb(skb); |
2121 |
+ return NET_RX_DROP; |
2122 |
+ } |
2123 |
+@@ -1583,7 +1587,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
2124 |
+ nf_reset(skb); |
2125 |
+ |
2126 |
+ if (unlikely(!is_skb_forwardable(dev, skb))) { |
2127 |
+- atomic_long_inc(&dev->rx_dropped); |
2128 |
++ atomic_long_inc_unchecked(&dev->rx_dropped); |
2129 |
+ kfree_skb(skb); |
2130 |
+ return NET_RX_DROP; |
2131 |
+ } |
2132 |
@@ -2036,7 +2040,7 @@ static int illegal_highdma(struct net_device *dev, struct sk_buff *skb) |
2133 |
|
2134 |
struct dev_gso_cb { |
2135 |
@@ -71941,6 +72378,15 @@ index 5a13edf..1bc016b 100644 |
2136 |
|
2137 |
#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) |
2138 |
|
2139 |
+@@ -2970,7 +2974,7 @@ enqueue: |
2140 |
+ |
2141 |
+ local_irq_restore(flags); |
2142 |
+ |
2143 |
+- atomic_long_inc(&skb->dev->rx_dropped); |
2144 |
++ atomic_long_inc_unchecked(&skb->dev->rx_dropped); |
2145 |
+ kfree_skb(skb); |
2146 |
+ return NET_RX_DROP; |
2147 |
+ } |
2148 |
@@ -3044,7 +3048,7 @@ int netif_rx_ni(struct sk_buff *skb) |
2149 |
} |
2150 |
EXPORT_SYMBOL(netif_rx_ni); |
2151 |
@@ -71950,6 +72396,15 @@ index 5a13edf..1bc016b 100644 |
2152 |
{ |
2153 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
2154 |
|
2155 |
+@@ -3333,7 +3337,7 @@ ncls: |
2156 |
+ if (pt_prev) { |
2157 |
+ ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
2158 |
+ } else { |
2159 |
+- atomic_long_inc(&skb->dev->rx_dropped); |
2160 |
++ atomic_long_inc_unchecked(&skb->dev->rx_dropped); |
2161 |
+ kfree_skb(skb); |
2162 |
+ /* Jamal, now you will not able to escape explaining |
2163 |
+ * me how you were going to use this. :-) |
2164 |
@@ -3891,7 +3895,7 @@ void netif_napi_del(struct napi_struct *napi) |
2165 |
} |
2166 |
EXPORT_SYMBOL(netif_napi_del); |
2167 |
@@ -71959,6 +72414,15 @@ index 5a13edf..1bc016b 100644 |
2168 |
{ |
2169 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
2170 |
unsigned long time_limit = jiffies + 2; |
2171 |
+@@ -5949,7 +5953,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
2172 |
+ } else { |
2173 |
+ netdev_stats_to_stats64(storage, &dev->stats); |
2174 |
+ } |
2175 |
+- storage->rx_dropped += atomic_long_read(&dev->rx_dropped); |
2176 |
++ storage->rx_dropped += atomic_long_read_unchecked(&dev->rx_dropped); |
2177 |
+ return storage; |
2178 |
+ } |
2179 |
+ EXPORT_SYMBOL(dev_get_stats); |
2180 |
diff --git a/net/core/flow.c b/net/core/flow.c |
2181 |
index e318c7e..168b1d0 100644 |
2182 |
--- a/net/core/flow.c |