diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2012-08-01 19:18:00 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2012-08-01 19:18:00 -0400 |
commit | aa9317219e543d3f6f95d00619ba2af268edced9 (patch) | |
tree | 7fd1cef2fb392c92192a8ec9a44c9c3c0f21d54b /2.6.32 | |
parent | Grsec/PaX: 2.9.1-{2.6.32.59,3.2.24,3.4.6}-201207281946 (diff) | |
download | hardened-patchset-aa9317219e543d3f6f95d00619ba2af268edced9.tar.gz hardened-patchset-aa9317219e543d3f6f95d00619ba2af268edced9.tar.bz2 hardened-patchset-aa9317219e543d3f6f95d00619ba2af268edced9.zip |
Grsec/PaX: 2.9.1-{2.6.32.59,3.2.24,3.4.6}-20120731190820120731
Diffstat (limited to '2.6.32')
-rw-r--r-- | 2.6.32/0000_README | 2 | ||||
-rw-r--r-- | 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207311908.patch (renamed from 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch) | 168 |
2 files changed, 140 insertions, 30 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index d4f6601..3010d85 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch From: http://www.kernel.org Desc: Linux 2.6.32.59 -Patch: 4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch +Patch: 4420_grsecurity-2.9.1-2.6.32.59-201207311908.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207311908.patch index 227df5e..a17194d 100644 --- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch +++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207311908.patch @@ -8939,7 +8939,7 @@ index bcbd36c..b1754af 100644 printf(".section \".rodata.compressed\",\"a\",@progbits\n"); diff --git a/arch/x86/boot/compressed/relocs.c b/arch/x86/boot/compressed/relocs.c -index bbeb0c3..f5167ab 100644 +index bbeb0c3..1eb0571 100644 --- a/arch/x86/boot/compressed/relocs.c +++ b/arch/x86/boot/compressed/relocs.c @@ -10,8 +10,11 @@ @@ -9113,7 +9113,7 @@ index bbeb0c3..f5167ab 100644 + +#if defined(CONFIG_PAX_KERNEXEC) && defined(CONFIG_X86_32) + /* Don't relocate actual code, they are relocated implicitly by the base address of KERNEL_CS */ -+ if (!strcmp(sec_name(sym->st_shndx), ".module.text") && !strcmp(sym_name(sym_strtab, sym), "_etext")) ++ if (!strcmp(sec_name(sym->st_shndx), ".text.end") && !strcmp(sym_name(sym_strtab, sym), "_etext")) + continue; + if (!strcmp(sec_name(sym->st_shndx), ".init.text")) + continue; @@ -23007,7 +23007,7 @@ index d430e4c..831f817 100644 local_irq_save(flags); diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S -index 3c68fe2..12c8280 100644 +index 3c68fe2..7a8c35b 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -26,6 +26,13 @@ @@ -23088,7 +23088,7 @@ index 3c68fe2..12c8280 100644 HEAD_TEXT #ifdef CONFIG_X86_32 . = ALIGN(PAGE_SIZE); -@@ -82,28 +102,71 @@ SECTIONS +@@ -82,28 +102,72 @@ SECTIONS IRQENTRY_TEXT *(.fixup) *(.gnu.warning) @@ -23113,8 +23113,8 @@ index 3c68fe2..12c8280 100644 + MODULES_EXEC_VADDR = .; + BYTE(0) + . += (CONFIG_PAX_KERNEXEC_MODULE_TEXT * 1024 * 1024); -+ . = ALIGN(HPAGE_SIZE); -+ MODULES_EXEC_END = . - 1; ++ . = ALIGN(HPAGE_SIZE) - 1; ++ MODULES_EXEC_END = .; +#endif + + } :module @@ -23122,6 +23122,7 @@ index 3c68fe2..12c8280 100644 + + .text.end : AT(ADDR(.text.end) - LOAD_OFFSET) { + /* End of text section */ ++ BYTE(0) + _etext = . - __KERNEL_TEXT_OFFSET; + } + @@ -23167,7 +23168,7 @@ index 3c68fe2..12c8280 100644 PAGE_ALIGNED_DATA(PAGE_SIZE) -@@ -112,6 +175,8 @@ SECTIONS +@@ -112,6 +176,8 @@ SECTIONS DATA_DATA CONSTRUCTORS @@ -23176,7 +23177,7 @@ index 3c68fe2..12c8280 100644 /* rarely changed data like cpu maps */ READ_MOSTLY_DATA(CONFIG_X86_INTERNODE_CACHE_BYTES) -@@ -166,12 +231,6 @@ SECTIONS +@@ -166,12 +232,6 @@ SECTIONS } vgetcpu_mode = VVIRT(.vgetcpu_mode); @@ -23189,7 +23190,7 @@ index 3c68fe2..12c8280 100644 .vsyscall_3 ADDR(.vsyscall_0) + 3072: AT(VLOAD(.vsyscall_3)) { *(.vsyscall_3) } -@@ -187,12 +246,19 @@ SECTIONS +@@ -187,12 +247,19 @@ SECTIONS #endif /* CONFIG_X86_64 */ /* Init code and data - will be freed after init */ @@ -23212,7 +23213,7 @@ index 3c68fe2..12c8280 100644 /* * percpu offsets are zero-based on SMP. PERCPU_VADDR() changes the * output PHDR, so the next output section - .init.text - should -@@ -201,12 +267,27 @@ SECTIONS +@@ -201,12 +268,27 @@ SECTIONS PERCPU_VADDR(0, :percpu) #endif @@ -23245,7 +23246,7 @@ index 3c68fe2..12c8280 100644 .x86_cpu_dev.init : AT(ADDR(.x86_cpu_dev.init) - LOAD_OFFSET) { __x86_cpu_dev_start = .; -@@ -232,19 +313,11 @@ SECTIONS +@@ -232,19 +314,11 @@ SECTIONS *(.altinstr_replacement) } @@ -23266,7 +23267,7 @@ index 3c68fe2..12c8280 100644 PERCPU(PAGE_SIZE) #endif -@@ -267,12 +340,6 @@ SECTIONS +@@ -267,12 +341,6 @@ SECTIONS . = ALIGN(PAGE_SIZE); } @@ -23279,7 +23280,7 @@ index 3c68fe2..12c8280 100644 /* BSS */ . = ALIGN(PAGE_SIZE); .bss : AT(ADDR(.bss) - LOAD_OFFSET) { -@@ -288,6 +355,7 @@ SECTIONS +@@ -288,6 +356,7 @@ SECTIONS __brk_base = .; . += 64 * 1024; /* 64k alignment slop space */ *(.brk_reservation) /* areas brk users have reserved */ @@ -23287,7 +23288,7 @@ index 3c68fe2..12c8280 100644 __brk_limit = .; } -@@ -316,13 +384,12 @@ SECTIONS +@@ -316,13 +385,12 @@ SECTIONS * for the boot processor. */ #define INIT_PER_CPU(x) init_per_cpu__##x = per_cpu__##x + __per_cpu_load @@ -75400,7 +75401,7 @@ index fd38ce2..f5381b8 100644 return -EINVAL; diff --git a/fs/seq_file.c b/fs/seq_file.c -index eae7d9d..b7613c6 100644 +index eae7d9d..c6bba46 100644 --- a/fs/seq_file.c +++ b/fs/seq_file.c @@ -9,6 +9,7 @@ @@ -75421,7 +75422,55 @@ index eae7d9d..b7613c6 100644 /* * Wrappers around seq_open(e.g. swaps_open) need to be -@@ -551,7 +555,7 @@ static void single_stop(struct seq_file *p, void *v) +@@ -76,7 +80,11 @@ static int traverse(struct seq_file *m, loff_t offset) + return 0; + } + if (!m->buf) { ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL | GFP_USERCOPY); ++#else + m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL); ++#endif + if (!m->buf) + return -ENOMEM; + } +@@ -116,7 +124,11 @@ static int traverse(struct seq_file *m, loff_t offset) + Eoverflow: + m->op->stop(m, p); + kfree(m->buf); ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ m->buf = kmalloc(m->size <<= 1, GFP_KERNEL | GFP_USERCOPY); ++#else + m->buf = kmalloc(m->size <<= 1, GFP_KERNEL); ++#endif + return !m->buf ? -ENOMEM : -EAGAIN; + } + +@@ -169,7 +181,11 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) + m->version = file->f_version; + /* grab buffer if we didn't have one */ + if (!m->buf) { ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL | GFP_USERCOPY); ++#else + m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL); ++#endif + if (!m->buf) + goto Enomem; + } +@@ -210,7 +226,11 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos) + goto Fill; + m->op->stop(m, p); + kfree(m->buf); ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ m->buf = kmalloc(m->size <<= 1, GFP_KERNEL | GFP_USERCOPY); ++#else + m->buf = kmalloc(m->size <<= 1, GFP_KERNEL); ++#endif + if (!m->buf) + goto Enomem; + m->count = 0; +@@ -551,7 +571,7 @@ static void single_stop(struct seq_file *p, void *v) int single_open(struct file *file, int (*show)(struct seq_file *, void *), void *data) { @@ -76190,10 +76239,10 @@ index 8f32f50..b6a41e8 100644 link[pathlen] = '\0'; diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig new file mode 100644 -index 0000000..c20c1db +index 0000000..bbbfa1c --- /dev/null +++ b/grsecurity/Kconfig -@@ -0,0 +1,939 @@ +@@ -0,0 +1,940 @@ +# +# grecurity configuration +# @@ -76320,6 +76369,7 @@ index 0000000..c20c1db + +config GRKERNSEC_HIDESYM + bool "Hide kernel symbols" ++ select PAX_USERCOPY_SLABS + default y if GRKERNSEC_CONFIG_AUTO + help + If you say Y here, getting information on loaded modules, and @@ -95468,10 +95518,25 @@ index 67578ca..4115fbf 100644 static inline void mutex_clear_owner(struct mutex *lock) diff --git a/kernel/panic.c b/kernel/panic.c -index 96b45d0..7677a03 100644 +index 96b45d0..98fb1c3 100644 --- a/kernel/panic.c +++ b/kernel/panic.c -@@ -71,7 +71,11 @@ NORET_TYPE void panic(const char * fmt, ...) +@@ -59,6 +59,14 @@ NORET_TYPE void panic(const char * fmt, ...) + long i; + + /* ++ * Disable local interrupts. This will prevent panic_smp_self_stop ++ * from deadlocking the first cpu that invokes the panic, since ++ * there is nothing to prevent an interrupt handler (that runs ++ * after the panic_lock is acquired) from invoking panic again. ++ */ ++ local_irq_disable(); ++ ++ /* + * It's possible to come here directly from a panic-assertion and + * not have preempt disabled. Some functions called from here want + * preempt to be disabled. No point enabling it later though... +@@ -71,7 +79,11 @@ NORET_TYPE void panic(const char * fmt, ...) va_end(args); printk(KERN_EMERG "Kernel panic - not syncing: %s\n",buf); #ifdef CONFIG_DEBUG_BUGVERBOSE @@ -95484,7 +95549,7 @@ index 96b45d0..7677a03 100644 #endif /* -@@ -352,7 +356,7 @@ static void warn_slowpath_common(const char *file, int line, void *caller, struc +@@ -352,7 +364,7 @@ static void warn_slowpath_common(const char *file, int line, void *caller, struc const char *board; printk(KERN_WARNING "------------[ cut here ]------------\n"); @@ -95493,7 +95558,7 @@ index 96b45d0..7677a03 100644 board = dmi_get_system_info(DMI_PRODUCT_NAME); if (board) printk(KERN_WARNING "Hardware name: %s\n", board); -@@ -392,7 +396,8 @@ EXPORT_SYMBOL(warn_slowpath_null); +@@ -392,7 +404,8 @@ EXPORT_SYMBOL(warn_slowpath_null); */ void __stack_chk_fail(void) { @@ -98299,7 +98364,7 @@ index 217d5c4..45aba8a 100644 /** diff --git a/lib/vsprintf.c b/lib/vsprintf.c -index 33bed5e..1477e46 100644 +index 33bed5e..ab4e52f 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -16,6 +16,9 @@ @@ -98369,7 +98434,30 @@ index 33bed5e..1477e46 100644 return symbol_string(buf, end, ptr, spec, *fmt); case 'R': return resource_string(buf, end, ptr, spec); -@@ -1445,7 +1458,7 @@ do { \ +@@ -853,7 +866,22 @@ static char *pointer(const char *fmt, char *buf, char *end, void *ptr, + return ip4_addr_string(buf, end, ptr, spec, fmt); + } + break; ++ case 'P': ++ break; + } ++ ++#ifdef CONFIG_GRKERNSEC_HIDESYM ++ /* 'P' = approved pointers to copy to userland, ++ as in the /proc/kallsyms case, as we make it display nothing ++ for non-root users, and the real contents for root users ++ */ ++ if (ptr > TASK_SIZE && *fmt != 'P' && is_usercopy_object(buf)) { ++ printk(KERN_ALERT "grsec: kernel infoleak detected! Please report this log to spender@grsecurity.net.\n"); ++ dump_stack(); ++ ptr = NULL; ++ } ++#endif ++ + spec.flags |= SMALL; + if (spec.field_width == -1) { + spec.field_width = 2*sizeof(void *); +@@ -1445,7 +1473,7 @@ do { \ size_t len; if ((unsigned long)save_str > (unsigned long)-PAGE_SIZE || (unsigned long)save_str < PAGE_SIZE) @@ -98378,7 +98466,7 @@ index 33bed5e..1477e46 100644 len = strlen(save_str); if (str + len + 1 < end) memcpy(str, save_str, len + 1); -@@ -1555,11 +1568,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -1555,11 +1583,11 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) typeof(type) value; \ if (sizeof(type) == 8) { \ args = PTR_ALIGN(args, sizeof(u32)); \ @@ -98393,7 +98481,7 @@ index 33bed5e..1477e46 100644 } \ args += sizeof(type); \ value; \ -@@ -1622,7 +1635,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) +@@ -1622,7 +1650,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) const char *str_arg = args; size_t len = strlen(str_arg); args += len + 1; @@ -105574,6 +105662,27 @@ index de4a1b1..94ec861 100644 src_addr = (struct sockaddr_in *)&cm_id->route.addr.src_addr; dst_addr = (struct sockaddr_in *)&cm_id->route.addr.dst_addr; +diff --git a/net/rds/recv.c b/net/rds/recv.c +index 6a2654a..c45a881c 100644 +--- a/net/rds/recv.c ++++ b/net/rds/recv.c +@@ -410,6 +410,8 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, + + rdsdebug("size %zu flags 0x%x timeo %ld\n", size, msg_flags, timeo); + ++ msg->msg_namelen = 0; ++ + if (msg_flags & MSG_OOB) + goto out; + +@@ -486,6 +488,7 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg, + sin->sin_port = inc->i_hdr.h_sport; + sin->sin_addr.s_addr = inc->i_saddr; + memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); ++ msg->msg_namelen = sizeof(*sin); + } + break; + } diff --git a/net/rds/tcp.c b/net/rds/tcp.c index b5198ae..8b9fb90 100644 --- a/net/rds/tcp.c @@ -107155,10 +107264,10 @@ index d52f7a0..b66cdd9 100755 rm -f tags xtags ctags diff --git a/security/Kconfig b/security/Kconfig -index fb363cd..6426142 100644 +index fb363cd..124d914 100644 --- a/security/Kconfig +++ b/security/Kconfig -@@ -4,6 +4,869 @@ +@@ -4,6 +4,870 @@ menu "Security options" @@ -107190,6 +107299,7 @@ index fb363cd..6426142 100644 + bool "Grsecurity" + select CRYPTO + select CRYPTO_SHA256 ++ select PROC_FS + select STOP_MACHINE + help + If you say Y here, you will be able to configure many features @@ -108028,7 +108138,7 @@ index fb363cd..6426142 100644 config KEYS bool "Enable access key retention support" help -@@ -146,7 +1009,7 @@ config INTEL_TXT +@@ -146,7 +1010,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX |