diff options
-rw-r--r-- | 3.14.10/0000_README | 2 | ||||
-rw-r--r-- | 3.14.10/4420_grsecurity-3.0-3.14.10-201407052031.patch (renamed from 3.14.10/4420_grsecurity-3.0-3.14.10-201407012152.patch) | 70 | ||||
-rw-r--r-- | 3.15.3/4420_grsecurity-3.0-3.15.3-201407052032.patch (renamed from 3.15.3/4420_grsecurity-3.0-3.15.3-201407012153.patch) | 70 | ||||
-rw-r--r-- | 3.2.60/0000_README | 2 | ||||
-rw-r--r-- | 3.2.60/4420_grsecurity-3.0-3.2.60-201407052028.patch (renamed from 3.2.60/4420_grsecurity-3.0-3.2.60-201407012149.patch) | 37 |
5 files changed, 175 insertions, 6 deletions
diff --git a/3.14.10/0000_README b/3.14.10/0000_README index f6fde5b..7edf2bb 100644 --- a/3.14.10/0000_README +++ b/3.14.10/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.0-3.14.10-201407012152.patch +Patch: 4420_grsecurity-3.0-3.14.10-201407052031.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.10/4420_grsecurity-3.0-3.14.10-201407012152.patch b/3.14.10/4420_grsecurity-3.0-3.14.10-201407052031.patch index ba8d0dd..5cd674b 100644 --- a/3.14.10/4420_grsecurity-3.0-3.14.10-201407012152.patch +++ b/3.14.10/4420_grsecurity-3.0-3.14.10-201407052031.patch @@ -18734,7 +18734,7 @@ index fdedd38..95c02c2 100644 void df_debug(struct pt_regs *regs, long error_code); #endif /* _ASM_X86_PROCESSOR_H */ diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h -index 14fd6fd..6740420 100644 +index 14fd6fd..b31a4a4 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -84,28 +84,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) @@ -18807,6 +18807,29 @@ index 14fd6fd..6740420 100644 #endif return *(unsigned long *)((unsigned long)regs + offset); } +@@ -231,6 +235,22 @@ static inline unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, + + #define ARCH_HAS_USER_SINGLE_STEP_INFO + ++/* ++ * When hitting ptrace_stop(), we cannot return using SYSRET because ++ * that does not restore the full CPU state, only a minimal set. The ++ * ptracer can change arbitrary register values, which is usually okay ++ * because the usual ptrace stops run off the signal delivery path which ++ * forces IRET; however, ptrace_event() stops happen in arbitrary places ++ * in the kernel and don't force IRET path. ++ * ++ * So force IRET path after a ptrace stop. ++ */ ++#define arch_ptrace_stop_needed(code, info) \ ++({ \ ++ set_thread_flag(TIF_NOTIFY_RESUME); \ ++ false; \ ++}) ++ + struct user_desc; + extern int do_get_thread_area(struct task_struct *p, int idx, + struct user_desc __user *info); diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h index 9c6b890..5305f53 100644 --- a/arch/x86/include/asm/realmode.h @@ -82077,6 +82100,20 @@ index 34a1e10..70f6bde 100644 struct proc_ns { void *ns; +diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h +index 077904c..cc79eff 100644 +--- a/include/linux/ptrace.h ++++ b/include/linux/ptrace.h +@@ -334,6 +334,9 @@ static inline void user_single_step_siginfo(struct task_struct *tsk, + * calling arch_ptrace_stop() when it would be superfluous. For example, + * if the thread has not been back to user mode since the last stop, the + * thread state might indicate that nothing needs to be done. ++ * ++ * This is guaranteed to be invoked once before a task stops for ptrace and ++ * may include arch-specific operations necessary prior to a ptrace stop. + */ + #define arch_ptrace_stop_needed(code, info) (0) + #endif diff --git a/include/linux/quota.h b/include/linux/quota.h index cc7494a..1e27036 100644 --- a/include/linux/quota.h @@ -92405,6 +92442,37 @@ index c24c2f7..f0296f4 100644 + pax_close_kernel(); +} +EXPORT_SYMBOL(pax_list_del_rcu); +diff --git a/lib/lz4/lz4_decompress.c b/lib/lz4/lz4_decompress.c +index b74da44..7a85967 100644 +--- a/lib/lz4/lz4_decompress.c ++++ b/lib/lz4/lz4_decompress.c +@@ -192,6 +192,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + int s = 255; + while ((ip < iend) && (s == 255)) { + s = *ip++; ++ if (unlikely(length > (size_t)(length + s))) ++ goto _output_error; + length += s; + } + } +@@ -232,6 +234,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + if (length == ML_MASK) { + while (ip < iend) { + int s = *ip++; ++ if (unlikely(length > (size_t)(length + s))) ++ goto _output_error; + length += s; + if (s == 255) + continue; +@@ -284,7 +288,7 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + + /* write overflow error detected */ + _output_error: +- return (int) (-(((char *) ip) - source)); ++ return -1; + } + + int lz4_decompress(const unsigned char *src, size_t *src_len, diff --git a/lib/percpu-refcount.c b/lib/percpu-refcount.c index 963b703..438bc51 100644 --- a/lib/percpu-refcount.c diff --git a/3.15.3/4420_grsecurity-3.0-3.15.3-201407012153.patch b/3.15.3/4420_grsecurity-3.0-3.15.3-201407052032.patch index 962e272..34bb183 100644 --- a/3.15.3/4420_grsecurity-3.0-3.15.3-201407012153.patch +++ b/3.15.3/4420_grsecurity-3.0-3.15.3-201407052032.patch @@ -18365,7 +18365,7 @@ index a4ea023..33aa874 100644 void df_debug(struct pt_regs *regs, long error_code); #endif /* _ASM_X86_PROCESSOR_H */ diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h -index 14fd6fd..6740420 100644 +index 14fd6fd..b31a4a4 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -84,28 +84,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) @@ -18438,6 +18438,29 @@ index 14fd6fd..6740420 100644 #endif return *(unsigned long *)((unsigned long)regs + offset); } +@@ -231,6 +235,22 @@ static inline unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, + + #define ARCH_HAS_USER_SINGLE_STEP_INFO + ++/* ++ * When hitting ptrace_stop(), we cannot return using SYSRET because ++ * that does not restore the full CPU state, only a minimal set. The ++ * ptracer can change arbitrary register values, which is usually okay ++ * because the usual ptrace stops run off the signal delivery path which ++ * forces IRET; however, ptrace_event() stops happen in arbitrary places ++ * in the kernel and don't force IRET path. ++ * ++ * So force IRET path after a ptrace stop. ++ */ ++#define arch_ptrace_stop_needed(code, info) \ ++({ \ ++ set_thread_flag(TIF_NOTIFY_RESUME); \ ++ false; \ ++}) ++ + struct user_desc; + extern int do_get_thread_area(struct task_struct *p, int idx, + struct user_desc __user *info); diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h index 9c6b890..5305f53 100644 --- a/arch/x86/include/asm/realmode.h @@ -81526,6 +81549,20 @@ index 34a1e10..70f6bde 100644 struct proc_ns { void *ns; +diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h +index 077904c..cc79eff 100644 +--- a/include/linux/ptrace.h ++++ b/include/linux/ptrace.h +@@ -334,6 +334,9 @@ static inline void user_single_step_siginfo(struct task_struct *tsk, + * calling arch_ptrace_stop() when it would be superfluous. For example, + * if the thread has not been back to user mode since the last stop, the + * thread state might indicate that nothing needs to be done. ++ * ++ * This is guaranteed to be invoked once before a task stops for ptrace and ++ * may include arch-specific operations necessary prior to a ptrace stop. + */ + #define arch_ptrace_stop_needed(code, info) (0) + #endif diff --git a/include/linux/quota.h b/include/linux/quota.h index cc7494a..1e27036 100644 --- a/include/linux/quota.h @@ -91912,6 +91949,37 @@ index c24c2f7..f0296f4 100644 + pax_close_kernel(); +} +EXPORT_SYMBOL(pax_list_del_rcu); +diff --git a/lib/lz4/lz4_decompress.c b/lib/lz4/lz4_decompress.c +index b74da44..7a85967 100644 +--- a/lib/lz4/lz4_decompress.c ++++ b/lib/lz4/lz4_decompress.c +@@ -192,6 +192,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + int s = 255; + while ((ip < iend) && (s == 255)) { + s = *ip++; ++ if (unlikely(length > (size_t)(length + s))) ++ goto _output_error; + length += s; + } + } +@@ -232,6 +234,8 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + if (length == ML_MASK) { + while (ip < iend) { + int s = *ip++; ++ if (unlikely(length > (size_t)(length + s))) ++ goto _output_error; + length += s; + if (s == 255) + continue; +@@ -284,7 +288,7 @@ static int lz4_uncompress_unknownoutputsize(const char *source, char *dest, + + /* write overflow error detected */ + _output_error: +- return (int) (-(((char *) ip) - source)); ++ return -1; + } + + int lz4_decompress(const unsigned char *src, size_t *src_len, diff --git a/lib/percpu-refcount.c b/lib/percpu-refcount.c index 963b703..438bc51 100644 --- a/lib/percpu-refcount.c diff --git a/3.2.60/0000_README b/3.2.60/0000_README index 9604a91..ee22cb5 100644 --- a/3.2.60/0000_README +++ b/3.2.60/0000_README @@ -158,7 +158,7 @@ Patch: 1059_linux-3.2.60.patch From: http://www.kernel.org Desc: Linux 3.2.60 -Patch: 4420_grsecurity-3.0-3.2.60-201407012149.patch +Patch: 4420_grsecurity-3.0-3.2.60-201407052028.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.2.60/4420_grsecurity-3.0-3.2.60-201407012149.patch b/3.2.60/4420_grsecurity-3.0-3.2.60-201407052028.patch index 2be45b2..2ddb90d 100644 --- a/3.2.60/4420_grsecurity-3.0-3.2.60-201407012149.patch +++ b/3.2.60/4420_grsecurity-3.0-3.2.60-201407052028.patch @@ -15196,7 +15196,7 @@ index 7b0a55a..ad115bf 100644 /* top of stack page */ diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h -index 3b96fd4..8790004 100644 +index 3b96fd4..d8c7f13 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -156,28 +156,29 @@ static inline unsigned long regs_return_value(struct pt_regs *regs) @@ -15254,6 +15254,29 @@ index 3b96fd4..8790004 100644 #endif } #endif +@@ -287,6 +289,22 @@ static inline unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, + + #define ARCH_HAS_USER_SINGLE_STEP_INFO + ++/* ++ * When hitting ptrace_stop(), we cannot return using SYSRET because ++ * that does not restore the full CPU state, only a minimal set. The ++ * ptracer can change arbitrary register values, which is usually okay ++ * because the usual ptrace stops run off the signal delivery path which ++ * forces IRET; however, ptrace_event() stops happen in arbitrary places ++ * in the kernel and don't force IRET path. ++ * ++ * So force IRET path after a ptrace stop. ++ */ ++#define arch_ptrace_stop_needed(code, info) \ ++({ \ ++ set_thread_flag(TIF_NOTIFY_RESUME); \ ++ false; \ ++}) ++ + struct user_desc; + extern int do_get_thread_area(struct task_struct *p, int idx, + struct user_desc __user *info); diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 92f29706..d0a1a53 100644 --- a/arch/x86/include/asm/reboot.h @@ -81186,7 +81209,7 @@ index 643b96c..c9bfc32 100644 static inline struct proc_inode *PROC_I(const struct inode *inode) { diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h -index 800f113..13b3715 100644 +index 800f113..635a20c 100644 --- a/include/linux/ptrace.h +++ b/include/linux/ptrace.h @@ -62,8 +62,9 @@ @@ -81247,6 +81270,16 @@ index 800f113..13b3715 100644 } } +@@ -371,6 +377,9 @@ static inline void user_single_step_siginfo(struct task_struct *tsk, + * calling arch_ptrace_stop() when it would be superfluous. For example, + * if the thread has not been back to user mode since the last stop, the + * thread state might indicate that nothing needs to be done. ++ * ++ * This is guaranteed to be invoked once before a task stops for ptrace and ++ * may include arch-specific operations necessary prior to a ptrace stop. + */ + #define arch_ptrace_stop_needed(code, info) (0) + #endif diff --git a/include/linux/random.h b/include/linux/random.h index f5e1311..d51eec7 100644 --- a/include/linux/random.h |