Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--4.2.6/0000_README2
-rw-r--r--4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch (renamed from 4.2.6/4420_grsecurity-3.1-4.2.6-201511211841.patch)175
2 files changed, 150 insertions, 27 deletions
diff --git a/4.2.6/0000_README b/4.2.6/0000_README
index 454ccd7..91bcf5d 100644
--- a/4.2.6/0000_README
+++ b/4.2.6/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.1-4.2.6-201511211841.patch
+Patch: 4420_grsecurity-3.1-4.2.6-201511232037.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/4.2.6/4420_grsecurity-3.1-4.2.6-201511211841.patch b/4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch
index 30663c2..32f511d 100644
--- a/4.2.6/4420_grsecurity-3.1-4.2.6-201511211841.patch
+++ b/4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch
@@ -23775,7 +23775,7 @@ index 04f0fe5..3c0598c 100644
/*
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
-index cb9e5df..0d25636 100644
+index cb9e5df..0849dd8 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -91,60 +91,6 @@ static const struct cpu_dev default_cpu = {
@@ -23839,7 +23839,19 @@ index cb9e5df..0d25636 100644
static int __init x86_mpx_setup(char *s)
{
/* require an exact match without trailing characters */
-@@ -287,6 +233,109 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
+@@ -272,10 +218,9 @@ __setup("nosmap", setup_disable_smap);
+
+ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
+ {
+- unsigned long eflags;
++ unsigned long eflags = native_save_fl();
+
+ /* This should have been cleared long ago */
+- raw_local_save_flags(eflags);
+ BUG_ON(eflags & X86_EFLAGS_AC);
+
+ if (cpu_has(c, X86_FEATURE_SMAP)) {
+@@ -287,6 +232,109 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
}
}
@@ -23949,7 +23961,7 @@ index cb9e5df..0d25636 100644
/*
* Some CPU features depend on higher CPUID levels, which may not always
* be available due to CPUID level capping or broken virtualization
-@@ -387,7 +436,7 @@ void switch_to_new_gdt(int cpu)
+@@ -387,7 +435,7 @@ void switch_to_new_gdt(int cpu)
{
struct desc_ptr gdt_descr;
@@ -23958,7 +23970,7 @@ index cb9e5df..0d25636 100644
gdt_descr.size = GDT_SIZE - 1;
load_gdt(&gdt_descr);
/* Reload the per-cpu base */
-@@ -918,6 +967,20 @@ static void identify_cpu(struct cpuinfo_x86 *c)
+@@ -918,6 +966,20 @@ static void identify_cpu(struct cpuinfo_x86 *c)
setup_smep(c);
setup_smap(c);
@@ -23979,7 +23991,7 @@ index cb9e5df..0d25636 100644
/*
* The vendor-specific functions might have changed features.
* Now we do "generic changes."
-@@ -992,7 +1055,7 @@ void enable_sep_cpu(void)
+@@ -992,7 +1054,7 @@ void enable_sep_cpu(void)
int cpu;
cpu = get_cpu();
@@ -23988,7 +24000,7 @@ index cb9e5df..0d25636 100644
if (!boot_cpu_has(X86_FEATURE_SEP))
goto out;
-@@ -1138,10 +1201,12 @@ static __init int setup_disablecpuid(char *arg)
+@@ -1138,10 +1200,12 @@ static __init int setup_disablecpuid(char *arg)
}
__setup("clearcpuid=", setup_disablecpuid);
@@ -24004,7 +24016,7 @@ index cb9e5df..0d25636 100644
DEFINE_PER_CPU_FIRST(union irq_stack_union,
irq_stack_union) __aligned(PAGE_SIZE) __visible;
-@@ -1253,21 +1318,21 @@ EXPORT_PER_CPU_SYMBOL(current_task);
+@@ -1253,21 +1317,21 @@ EXPORT_PER_CPU_SYMBOL(current_task);
DEFINE_PER_CPU(int, __preempt_count) = INIT_PREEMPT_COUNT;
EXPORT_PER_CPU_SYMBOL(__preempt_count);
@@ -24033,7 +24045,7 @@ index cb9e5df..0d25636 100644
/*
* Clear all 6 debug registers:
*/
-@@ -1343,7 +1408,7 @@ void cpu_init(void)
+@@ -1343,7 +1407,7 @@ void cpu_init(void)
*/
load_ucode_ap();
@@ -24042,7 +24054,7 @@ index cb9e5df..0d25636 100644
oist = &per_cpu(orig_ist, cpu);
#ifdef CONFIG_NUMA
-@@ -1375,7 +1440,6 @@ void cpu_init(void)
+@@ -1375,7 +1439,6 @@ void cpu_init(void)
wrmsrl(MSR_KERNEL_GS_BASE, 0);
barrier();
@@ -24050,7 +24062,7 @@ index cb9e5df..0d25636 100644
x2apic_setup();
/*
-@@ -1427,7 +1491,7 @@ void cpu_init(void)
+@@ -1427,7 +1490,7 @@ void cpu_init(void)
{
int cpu = smp_processor_id();
struct task_struct *curr = current;
@@ -25391,7 +25403,7 @@ index dc60810..6c8a1fa 100644
}
diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
-index 50ec9af..bb871ca 100644
+index 50ec9af..32d7f10 100644
--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -54,7 +54,7 @@ static inline int check_for_xstate(struct fxregs_state __user *buf,
@@ -25480,8 +25492,34 @@ index 50ec9af..bb871ca 100644
err = -1;
} else {
sanitize_restored_xstate(tsk, &env, xfeatures, fx_only);
+@@ -385,20 +387,19 @@ fpu__alloc_mathframe(unsigned long sp, int ia32_frame,
+ */
+ void fpu__init_prepare_fx_sw_frame(void)
+ {
+- int fsave_header_size = sizeof(struct fregs_state);
+ int size = xstate_size + FP_XSTATE_MAGIC2_SIZE;
+
+- if (config_enabled(CONFIG_X86_32))
+- size += fsave_header_size;
+-
+ fx_sw_reserved.magic1 = FP_XSTATE_MAGIC1;
+ fx_sw_reserved.extended_size = size;
+ fx_sw_reserved.xfeatures = xfeatures_mask;
+ fx_sw_reserved.xstate_size = xstate_size;
+
+- if (config_enabled(CONFIG_IA32_EMULATION)) {
++ if (config_enabled(CONFIG_IA32_EMULATION) ||
++ config_enabled(CONFIG_X86_32)) {
++ int fsave_header_size = sizeof(struct fregs_state);
++
+ fx_sw_reserved_ia32 = fx_sw_reserved;
+- fx_sw_reserved_ia32.extended_size += fsave_header_size;
++ fx_sw_reserved_ia32.extended_size = size + fsave_header_size;
+ }
+ }
+
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
-index 62fc001..5ce38be 100644
+index 62fc001..099cbd7 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -93,14 +93,14 @@ EXPORT_SYMBOL_GPL(cpu_has_xfeatures);
@@ -25501,16 +25539,15 @@ index 62fc001..5ce38be 100644
/*
* None of the feature bits are in init state. So nothing else
-@@ -402,7 +402,7 @@ void *get_xsave_addr(struct xregs_state *xsave, int xstate_feature)
+@@ -402,7 +402,6 @@ void *get_xsave_addr(struct xregs_state *xsave, int xstate_feature)
if (!boot_cpu_has(X86_FEATURE_XSAVE))
return NULL;
- xsave = &current->thread.fpu.state.xsave;
-+ xsave = &current->thread.fpu.state->xsave;
/*
* We should not ever be requesting features that we
* have not enabled. Remember that pcntxt_mask is
-@@ -457,5 +457,5 @@ const void *get_xsave_field_ptr(int xsave_state)
+@@ -457,5 +456,5 @@ const void *get_xsave_field_ptr(int xsave_state)
*/
fpu__save(fpu);
@@ -34900,6 +34937,78 @@ index 0057a7acc..95c7edd 100644
{
might_sleep();
if (is_enabled()) /* recheck and proper locking in *_core() */
+diff --git a/arch/x86/mm/mpx.c b/arch/x86/mm/mpx.c
+index db1b0bc..c28f618 100644
+--- a/arch/x86/mm/mpx.c
++++ b/arch/x86/mm/mpx.c
+@@ -622,6 +622,29 @@ static unsigned long mpx_bd_entry_to_bt_addr(struct mm_struct *mm,
+ }
+
+ /*
++ * We only want to do a 4-byte get_user() on 32-bit. Otherwise,
++ * we might run off the end of the bounds table if we are on
++ * a 64-bit kernel and try to get 8 bytes.
++ */
++int get_user_bd_entry(struct mm_struct *mm, unsigned long *bd_entry_ret,
++ long __user *bd_entry_ptr)
++{
++ u32 bd_entry_32;
++ int ret;
++
++ if (is_64bit_mm(mm))
++ return get_user(*bd_entry_ret, bd_entry_ptr);
++
++ /*
++ * Note that get_user() uses the type of the *pointer* to
++ * establish the size of the get, not the destination.
++ */
++ ret = get_user(bd_entry_32, (u32 __user *)bd_entry_ptr);
++ *bd_entry_ret = bd_entry_32;
++ return ret;
++}
++
++/*
+ * Get the base of bounds tables pointed by specific bounds
+ * directory entry.
+ */
+@@ -641,7 +664,7 @@ static int get_bt_addr(struct mm_struct *mm,
+ int need_write = 0;
+
+ pagefault_disable();
+- ret = get_user(bd_entry, bd_entry_ptr);
++ ret = get_user_bd_entry(mm, &bd_entry, bd_entry_ptr);
+ pagefault_enable();
+ if (!ret)
+ break;
+@@ -736,11 +759,23 @@ static unsigned long mpx_get_bt_entry_offset_bytes(struct mm_struct *mm,
+ */
+ static inline unsigned long bd_entry_virt_space(struct mm_struct *mm)
+ {
+- unsigned long long virt_space = (1ULL << boot_cpu_data.x86_virt_bits);
+- if (is_64bit_mm(mm))
+- return virt_space / MPX_BD_NR_ENTRIES_64;
+- else
+- return virt_space / MPX_BD_NR_ENTRIES_32;
++ unsigned long long virt_space;
++ unsigned long long GB = (1ULL << 30);
++
++ /*
++ * This covers 32-bit emulation as well as 32-bit kernels
++ * running on 64-bit harware.
++ */
++ if (!is_64bit_mm(mm))
++ return (4ULL * GB) / MPX_BD_NR_ENTRIES_32;
++
++ /*
++ * 'x86_virt_bits' returns what the hardware is capable
++ * of, and returns the full >32-bit adddress space when
++ * running 32-bit kernels on 64-bit hardware.
++ */
++ virt_space = (1ULL << boot_cpu_data.x86_virt_bits);
++ return virt_space / MPX_BD_NR_ENTRIES_64;
+ }
+
+ /*
diff --git a/arch/x86/mm/numa.c b/arch/x86/mm/numa.c
index 4053bb5..b1ad3dc 100644
--- a/arch/x86/mm/numa.c
@@ -52060,10 +52169,10 @@ index dab2513..4c4b65d 100644
return msecs_to_jiffies((s->poll_timeout[2] << 16)
| (s->poll_timeout[1] << 8)
diff --git a/drivers/net/wireless/ath/ath10k/ce.c b/drivers/net/wireless/ath/ath10k/ce.c
-index e508c65..fb0dbae 100644
+index e508c65..3fd90eb 100644
--- a/drivers/net/wireless/ath/ath10k/ce.c
+++ b/drivers/net/wireless/ath/ath10k/ce.c
-@@ -896,7 +896,7 @@ static int ath10k_ce_init_dest_ring(struct ath10k *ar,
+@@ -896,12 +896,12 @@ static int ath10k_ce_init_dest_ring(struct ath10k *ar,
return 0;
}
@@ -52072,6 +52181,21 @@ index e508c65..fb0dbae 100644
ath10k_ce_alloc_src_ring(struct ath10k *ar, unsigned int ce_id,
const struct ce_attr *attr)
{
+ struct ath10k_ce_ring *src_ring;
+- u32 nentries = attr->src_nentries;
++ unsigned long nentries = attr->src_nentries;
+ dma_addr_t base_addr;
+
+ nentries = roundup_pow_of_two(nentries);
+@@ -968,7 +968,7 @@ ath10k_ce_alloc_dest_ring(struct ath10k *ar, unsigned int ce_id,
+ const struct ce_attr *attr)
+ {
+ struct ath10k_ce_ring *dest_ring;
+- u32 nentries;
++ unsigned long nentries;
+ dma_addr_t base_addr;
+
+ nentries = roundup_pow_of_two(attr->dest_nentries);
diff --git a/drivers/net/wireless/ath/ath10k/htc.c b/drivers/net/wireless/ath/ath10k/htc.c
index 32d9ff1..0952b33 100644
--- a/drivers/net/wireless/ath/ath10k/htc.c
@@ -129238,10 +129362,10 @@ index 0000000..b884a56
+}
diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h
new file mode 100644
-index 0000000..5f73f93
+index 0000000..2ec0551
--- /dev/null
+++ b/tools/gcc/gcc-common.h
-@@ -0,0 +1,813 @@
+@@ -0,0 +1,812 @@
+#ifndef GCC_COMMON_H_INCLUDED
+#define GCC_COMMON_H_INCLUDED
+
@@ -129848,12 +129972,7 @@ index 0000000..5f73f93
+#define NODE_IMPLICIT_ALIAS(node) (node)->cpp_implicit_alias
+#endif
+
-+#if BUILDING_GCC_VERSION < 6000
-+#define get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, preversep, pvolatilep, keep_aligning) get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, pvolatilep, keep_aligning)
-+#define gen_rtx_set(ARG0, ARG1) gen_rtx_SET(VOIDmode, (ARG0), (ARG1))
-+#endif
-+
-+#if BUILDING_GCC_VERSION == 5000
++#if BUILDING_GCC_VERSION >= 5000 && BUILDING_GCC_VERSION < 6000
+// gimple related
+template <>
+template <>
@@ -129965,7 +130084,6 @@ index 0000000..5f73f93
+ symtab->remove_cgraph_duplication_hook(entry);
+}
+
-+
+#if BUILDING_GCC_VERSION >= 6000
+typedef gimple *gimple_ptr;
+typedef const gimple *const_gimple;
@@ -130050,6 +130168,11 @@ index 0000000..5f73f93
+}
+#endif
+
++#if BUILDING_GCC_VERSION < 6000
++#define get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, preversep, pvolatilep, keep_aligning) get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, pvolatilep, keep_aligning)
++#define gen_rtx_set(ARG0, ARG1) gen_rtx_SET(VOIDmode, (ARG0), (ARG1))
++#endif
++
+#if BUILDING_GCC_VERSION >= 6000
+#define gen_rtx_set(ARG0, ARG1) gen_rtx_SET((ARG0), (ARG1))
+#endif