Grsec/PaX: 2.9.1-3.10.4-201308011855

author: Anthony G. Basile <blueness@gentoo.org> 2013-08-02 08:15:20 -0400
committer: Anthony G. Basile <blueness@gentoo.org> 2013-08-02 08:15:20 -0400
commit: 32de7cbff80bfad850403ce1a7fa232beb4bb5bc (patch)
tree: 7fc2d9d6b874b6b40d5eba462c85eb9fcdb9bd48
parent: Grsec/PaX: 2.9.1-3.10.4-201307311627 (diff)
download: hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.tar.gz
hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.tar.bz2
hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.zip
2 files changed, 257 insertions, 147 deletions
diff --git a/3.10.4/0000_README b/3.10.4/0000_README
index ec1a9e6..52e9f3c 100644
--- a/3.10.4/0000_README
+++ b/3.10.4/0000_README
@@ -2,7 +2,7 @@ README
 -----------------------------------------------------------------------------
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-2.9.1-3.10.4-201307311627.patch
+Patch:	4420_grsecurity-2.9.1-3.10.4-201308011855.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 
diff --git a/3.10.4/4420_grsecurity-2.9.1-3.10.4-201307311627.patch b/3.10.4/4420_grsecurity-2.9.1-3.10.4-201308011855.patch
index afbc771..589e333 100644
--- a/3.10.4/4420_grsecurity-2.9.1-3.10.4-201307311627.patch
+++ b/3.10.4/4420_grsecurity-2.9.1-3.10.4-201308011855.patch
@@ -17846,7 +17846,7 @@ index 155a13f..1672b9b 100644
  
  		.__cr3		= __pa_nodebug(swapper_pg_dir),
 diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
-index deb6421..622e0ed 100644
+index deb6421..76bbc12 100644
 --- a/arch/x86/kernel/dumpstack.c
 +++ b/arch/x86/kernel/dumpstack.c
 @@ -2,6 +2,9 @@
@@ -17951,6 +17951,15 @@ index deb6421..622e0ed 100644
  	}
  
  	return (unsigned long)frame;
+@@ -150,7 +149,7 @@ static int print_trace_stack(void *data, char *name)
+ static void print_trace_address(void *data, unsigned long addr, int reliable)
+ {
+ 	touch_nmi_watchdog();
+-	printk(data);
++	printk("%s", (char *)data);
+ 	printk_address(addr, reliable);
+ }
+ 
 @@ -219,6 +218,8 @@ unsigned __kprobes long oops_begin(void)
  }
  EXPORT_SYMBOL_GPL(oops_begin);
@@ -22596,6 +22605,19 @@ index 76fa1e9..abf09ea 100644
  	.power_off = native_machine_power_off,
  	.shutdown = native_machine_shutdown,
  	.emergency_restart = native_machine_emergency_restart,
+diff --git a/arch/x86/kernel/reboot_fixups_32.c b/arch/x86/kernel/reboot_fixups_32.c
+index c8e41e9..64049ef 100644
+--- a/arch/x86/kernel/reboot_fixups_32.c
++++ b/arch/x86/kernel/reboot_fixups_32.c
+@@ -57,7 +57,7 @@ struct device_fixup {
+ 	unsigned int vendor;
+ 	unsigned int device;
+ 	void (*reboot_fixup)(struct pci_dev *);
+-};
++} __do_const;
+ 
+ /*
+  * PCI ids solely used for fixups_table go here
 diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S
 index f2bb9c9..bed145d7 100644
 --- a/arch/x86/kernel/relocate_kernel_64.S
@@ -25423,7 +25445,7 @@ index 25b7ae8..169fafc 100644
  }
  EXPORT_SYMBOL(csum_partial_copy_to_user);
 diff --git a/arch/x86/lib/getuser.S b/arch/x86/lib/getuser.S
-index a451235..79fb5cf 100644
+index a451235..1daa956 100644
 --- a/arch/x86/lib/getuser.S
 +++ b/arch/x86/lib/getuser.S
 @@ -33,17 +33,40 @@
@@ -25549,8 +25571,14 @@ index a451235..79fb5cf 100644
  	ret
  #else
  	add $7,%_ASM_AX
-@@ -102,6 +163,7 @@ ENTRY(__get_user_8)
- 5:	movl -3(%_ASM_AX),%ecx
+@@ -98,10 +159,11 @@ ENTRY(__get_user_8)
+ 	cmp TI_addr_limit(%_ASM_DX),%_ASM_AX
+ 	jae bad_get_user_8
+ 	ASM_STAC
+-4:	movl -7(%_ASM_AX),%edx
+-5:	movl -3(%_ASM_AX),%ecx
++4:	__copyuser_seg movl -7(%_ASM_AX),%edx
++5:	__copyuser_seg movl -3(%_ASM_AX),%ecx
  	xor %eax,%eax
  	ASM_CLAC
 +	pax_force_retaddr
@@ -40919,7 +40947,7 @@ index b37a582..680835d 100644
  
  	D_INFO("*** LOAD DRIVER ***\n");
 diff --git a/drivers/net/wireless/iwlwifi/dvm/debugfs.c b/drivers/net/wireless/iwlwifi/dvm/debugfs.c
-index d532948..a1cb592 100644
+index d532948..e0d8bb1 100644
 --- a/drivers/net/wireless/iwlwifi/dvm/debugfs.c
 +++ b/drivers/net/wireless/iwlwifi/dvm/debugfs.c
 @@ -203,7 +203,7 @@ static ssize_t iwl_dbgfs_sram_write(struct file *file,
@@ -40958,6 +40986,21 @@ index d532948..a1cb592 100644
  	int value;
  
  	memset(buf, 0, sizeof(buf));
+@@ -698,10 +698,10 @@ DEBUGFS_READ_FILE_OPS(temperature);
+ DEBUGFS_READ_WRITE_FILE_OPS(sleep_level_override);
+ DEBUGFS_READ_FILE_OPS(current_sleep_command);
+ 
+-static const char *fmt_value = "  %-30s %10u\n";
+-static const char *fmt_hex   = "  %-30s       0x%02X\n";
+-static const char *fmt_table = "  %-30s %10u  %10u  %10u  %10u\n";
+-static const char *fmt_header =
++static const char fmt_value[] = "  %-30s %10u\n";
++static const char fmt_hex[]   = "  %-30s       0x%02X\n";
++static const char fmt_table[] = "  %-30s %10u  %10u  %10u  %10u\n";
++static const char fmt_header[] =
+ 	"%-32s    current  cumulative       delta         max\n";
+ 
+ static int iwl_statistics_flag(struct iwl_priv *priv, char *buf, int bufsz)
 @@ -1871,7 +1871,7 @@ static ssize_t iwl_dbgfs_clear_ucode_statistics_write(struct file *file,
  {
  	struct iwl_priv *priv = file->private_data;
@@ -45054,6 +45097,19 @@ index 95ec042..e6affdd 100644
  
  	return 0;
  }
+diff --git a/drivers/video/backlight/backlight.c b/drivers/video/backlight/backlight.c
+index c74e7aa..e3c2790 100644
+--- a/drivers/video/backlight/backlight.c
++++ b/drivers/video/backlight/backlight.c
+@@ -304,7 +304,7 @@ struct backlight_device *backlight_device_register(const char *name,
+ 	new_bd->dev.class = backlight_class;
+ 	new_bd->dev.parent = parent;
+ 	new_bd->dev.release = bl_device_release;
+-	dev_set_name(&new_bd->dev, name);
++	dev_set_name(&new_bd->dev, "%s", name);
+ 	dev_set_drvdata(&new_bd->dev, devdata);
+ 
+ 	/* Set default properties */
 diff --git a/drivers/video/backlight/kb3886_bl.c b/drivers/video/backlight/kb3886_bl.c
 index bca6ccc..252107e 100644
 --- a/drivers/video/backlight/kb3886_bl.c
@@ -45067,6 +45123,19 @@ index bca6ccc..252107e 100644
  	{
  		.ident = "Sahara Touch-iT",
  		.matches = {
+diff --git a/drivers/video/backlight/lcd.c b/drivers/video/backlight/lcd.c
+index 34fb6bd..3649fd9 100644
+--- a/drivers/video/backlight/lcd.c
++++ b/drivers/video/backlight/lcd.c
+@@ -219,7 +219,7 @@ struct lcd_device *lcd_device_register(const char *name, struct device *parent,
+ 	new_ld->dev.class = lcd_class;
+ 	new_ld->dev.parent = parent;
+ 	new_ld->dev.release = lcd_device_release;
+-	dev_set_name(&new_ld->dev, name);
++	dev_set_name(&new_ld->dev, "%s", name);
+ 	dev_set_drvdata(&new_ld->dev, devdata);
+ 
+ 	rc = device_register(&new_ld->dev);
 diff --git a/drivers/video/fb_defio.c b/drivers/video/fb_defio.c
 index 900aa4e..6d49418 100644
 --- a/drivers/video/fb_defio.c
@@ -48614,7 +48683,7 @@ index bce8769..7fc7544 100644
  				fd_offset + ex.a_text);
  		if (error != N_DATADDR(ex)) {
 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index f8a0b0e..8186af0 100644
+index f8a0b0e..989dbf2 100644
 --- a/fs/binfmt_elf.c
 +++ b/fs/binfmt_elf.c
 @@ -34,6 +34,7 @@
@@ -49400,7 +49469,7 @@ index f8a0b0e..8186af0 100644
  		if (size > cprm->limit
  		    || !dump_write(cprm->file, shdr4extnum,
  				   sizeof(*shdr4extnum)))
-@@ -2231,6 +2683,97 @@ out:
+@@ -2231,6 +2683,138 @@ out:
  
  #endif		/* CONFIG_ELF_CORE */
  
@@ -49468,9 +49537,9 @@ index f8a0b0e..8186af0 100644
 +				elf_dyn dyn;
 +
 +				if (sizeof(dyn) != kernel_read(vma->vm_file, elf_p.p_offset + i*sizeof(dyn), (char *)&dyn, sizeof(dyn)))
-+					return;
++					break;
 +				if (dyn.d_tag == DT_NULL)
-+					return;
++					break;
 +				if (dyn.d_tag == DT_TEXTREL || (dyn.d_tag == DT_FLAGS && (dyn.d_un.d_val & DF_TEXTREL))) {
 +					gr_log_textrel(vma);
 +					if (is_textrel_rw)
@@ -49478,18 +49547,59 @@ index f8a0b0e..8186af0 100644
 +					else
 +						/* PaX: disallow write access after relocs are done, hopefully noone else needs it... */
 +						vma->vm_flags &= ~VM_MAYWRITE;
-+					return;
++					break;
 +				}
 +				i++;
 +			}
-+			return;
++			is_textrel_rw = false;
++			is_textrel_rx = false;
++			continue;
 +
 +		case PT_GNU_RELRO:
 +			if (!is_relro)
 +				continue;
 +			if ((elf_p.p_offset >> PAGE_SHIFT) == vma->vm_pgoff && ELF_PAGEALIGN(elf_p.p_memsz) == vma->vm_end - vma->vm_start)
 +				vma->vm_flags &= ~VM_MAYWRITE;
-+			return;
++			is_relro = false;
++			continue;
++
++#ifdef CONFIG_PAX_PT_PAX_FLAGS
++		case PT_PAX_FLAGS: {
++			const char *msg_mprotect = "", *msg_emutramp = "";
++			char *buffer_lib, *buffer_exe;
++
++			if (elf_p.p_flags & PF_NOMPROTECT)
++				msg_mprotect = "MPROTECT disabled";
++
++#ifdef CONFIG_PAX_EMUTRAMP
++			if (!(vma->vm_mm->pax_flags & MF_PAX_EMUTRAMP) && !(elf_p.p_flags & PF_NOEMUTRAMP))
++				msg_emutramp = "EMUTRAMP enabled";
++#endif
++
++			if (!msg_mprotect[0] && !msg_emutramp[0])
++				continue;
++
++			if (!printk_ratelimit())
++				continue;
++
++			buffer_lib = (char *)__get_free_page(GFP_KERNEL);
++			buffer_exe = (char *)__get_free_page(GFP_KERNEL);
++			if (buffer_lib && buffer_exe) {
++				char *path_lib, *path_exe;
++
++				path_lib = pax_get_path(&vma->vm_file->f_path, buffer_lib, PAGE_SIZE);
++				path_exe = pax_get_path(&vma->vm_mm->exe_file->f_path, buffer_exe, PAGE_SIZE);
++
++				pr_info("PAX: %s wants %s%s%s on %s\n", path_lib, msg_mprotect,
++					(msg_mprotect[0] && msg_emutramp[0] ? " and " : ""), msg_emutramp, path_exe);
++
++			}
++			free_page((unsigned long)buffer_exe);
++			free_page((unsigned long)buffer_lib);
++			continue;
++		}
++#endif
++
 +		}
 +	}
 +}
@@ -50708,7 +50818,7 @@ index e4141f2..d8263e8 100644
  		i += packet_length_size;
  		if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
 diff --git a/fs/exec.c b/fs/exec.c
-index ffd7a81..f0afae1 100644
+index ffd7a81..97f4c7d 100644
 --- a/fs/exec.c
 +++ b/fs/exec.c
 @@ -55,8 +55,20 @@
@@ -51190,7 +51300,7 @@ index ffd7a81..f0afae1 100644
  out:
  	if (bprm->mm) {
  		acct_arg_size(bprm, 0);
-@@ -1701,3 +1875,283 @@ asmlinkage long compat_sys_execve(const char __user * filename,
+@@ -1701,3 +1875,281 @@ asmlinkage long compat_sys_execve(const char __user * filename,
  	return error;
  }
  #endif
@@ -51249,6 +51359,25 @@ index ffd7a81..f0afae1 100644
 +EXPORT_SYMBOL(pax_check_flags);
 +
 +#if defined(CONFIG_PAX_PAGEEXEC) || defined(CONFIG_PAX_SEGMEXEC)
++char *pax_get_path(const struct path *path, char *buf, int buflen)
++{
++	char *pathname = d_path(path, buf, buflen);
++
++	if (IS_ERR(pathname))
++		goto toolong;
++
++	pathname = mangle_path(buf, pathname, "\t\n\\");
++	if (!pathname)
++		goto toolong;
++
++	*pathname = 0;
++	return buf;
++
++toolong:
++	return "<path too long>";
++}
++EXPORT_SYMBOL(pax_get_path);
++
 +void pax_report_fault(struct pt_regs *regs, void *pc, void *sp)
 +{
 +	struct task_struct *tsk = current;
@@ -51272,36 +51401,15 @@ index ffd7a81..f0afae1 100644
 +				vma_fault = vma;
 +			vma = vma->vm_next;
 +		}
-+		if (vma_exec) {
-+			path_exec = d_path(&vma_exec->vm_file->f_path, buffer_exec, PAGE_SIZE);
-+			if (IS_ERR(path_exec))
-+				path_exec = "<path too long>";
-+			else {
-+				path_exec = mangle_path(buffer_exec, path_exec, "\t\n\\");
-+				if (path_exec) {
-+					*path_exec = 0;
-+					path_exec = buffer_exec;
-+				} else
-+					path_exec = "<path too long>";
-+			}
-+		}
++		if (vma_exec)
++			path_exec = pax_get_path(&vma_exec->vm_file->f_path, buffer_exec, PAGE_SIZE);
 +		if (vma_fault) {
 +			start = vma_fault->vm_start;
 +			end = vma_fault->vm_end;
 +			offset = vma_fault->vm_pgoff << PAGE_SHIFT;
-+			if (vma_fault->vm_file) {
-+				path_fault = d_path(&vma_fault->vm_file->f_path, buffer_fault, PAGE_SIZE);
-+				if (IS_ERR(path_fault))
-+					path_fault = "<path too long>";
-+				else {
-+					path_fault = mangle_path(buffer_fault, path_fault, "\t\n\\");
-+					if (path_fault) {
-+						*path_fault = 0;
-+						path_fault = buffer_fault;
-+					} else
-+						path_fault = "<path too long>";
-+				}
-+			} else
++			if (vma_fault->vm_file)
++				path_fault = pax_get_path(&vma_fault->vm_file->f_path, buffer_fault, PAGE_SIZE);
++			else
 +				path_fault = "<anonymous mapping>";
 +		}
 +		up_read(&mm->mmap_sem);
@@ -58361,7 +58469,7 @@ index 0000000..36845aa
 +endif
 diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c
 new file mode 100644
-index 0000000..29892a3
+index 0000000..6907918
 --- /dev/null
 +++ b/grsecurity/gracl.c
 @@ -0,0 +1,4178 @@
@@ -58467,6 +58575,102 @@ index 0000000..29892a3
 +extern void gr_remove_uid(uid_t uid);
 +extern int gr_find_uid(uid_t uid);
 +
++static int copy_acl_object_label_normal(struct acl_object_label *obj, const struct acl_object_label *userp)
++{
++	if (copy_from_user(obj, userp, sizeof(struct acl_object_label)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_acl_ip_label_normal(struct acl_ip_label *ip, const struct acl_ip_label *userp)
++{
++	if (copy_from_user(ip, userp, sizeof(struct acl_ip_label)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_acl_subject_label_normal(struct acl_subject_label *subj, const struct acl_subject_label *userp)
++{
++	if (copy_from_user(subj, userp, sizeof(struct acl_subject_label)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_acl_role_label_normal(struct acl_role_label *role, const struct acl_role_label *userp)
++{
++	if (copy_from_user(role, userp, sizeof(struct acl_role_label)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_role_allowed_ip_normal(struct role_allowed_ip *roleip, const struct role_allowed_ip *userp)
++{
++	if (copy_from_user(roleip, userp, sizeof(struct role_allowed_ip)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_sprole_pw_normal(struct sprole_pw *pw, unsigned long idx, const struct sprole_pw *userp)
++{
++	if (copy_from_user(pw, userp + idx, sizeof(struct sprole_pw)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_gr_hash_struct_normal(struct gr_hash_struct *hash, const struct gr_hash_struct *userp)
++{
++	if (copy_from_user(hash, userp, sizeof(struct gr_hash_struct)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_role_transition_normal(struct role_transition *trans, const struct role_transition *userp)
++{
++	if (copy_from_user(trans, userp, sizeof(struct role_transition)))
++		return -EFAULT;
++
++	return 0;
++}
++
++int copy_pointer_from_array_normal(void *ptr, unsigned long idx, const void *userp)
++{
++	if (copy_from_user(ptr, userp + (idx * sizeof(void *)), sizeof(void *)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static int copy_gr_arg_wrapper_normal(const char __user *buf, struct gr_arg_wrapper *uwrap)
++{
++	if (copy_from_user(uwrap, buf, sizeof (struct gr_arg_wrapper)))
++		return -EFAULT;
++
++	if ((uwrap->version != GRSECURITY_VERSION) || (uwrap->size != sizeof(struct gr_arg)))
++		return -EINVAL;
++
++	return 0;
++}
++
++static int copy_gr_arg_normal(const struct gr_arg __user *buf, struct gr_arg *arg)
++{
++	if (copy_from_user(arg, buf, sizeof (struct gr_arg)))
++		return -EFAULT;
++
++	return 0;
++}
++
++static size_t get_gr_arg_wrapper_size_normal(void)
++{
++	return sizeof(struct gr_arg_wrapper);
++}
++
 +#ifdef CONFIG_COMPAT
 +extern int copy_gr_arg_wrapper_compat(const char *buf, struct gr_arg_wrapper *uwrap);
 +extern int copy_gr_arg_compat(const struct gr_arg __user *buf, struct gr_arg *arg);
@@ -58497,6 +58701,7 @@ index 0000000..29892a3
 +#else
 +#define copy_gr_arg_wrapper copy_gr_arg_wrapper_normal
 +#define copy_gr_arg copy_gr_arg_normal
++#define copy_gr_hash_struct copy_gr_hash_struct_normal
 +#define copy_acl_object_label copy_acl_object_label_normal
 +#define copy_acl_subject_label copy_acl_subject_label_normal
 +#define copy_acl_role_label copy_acl_role_label_normal
@@ -61514,102 +61719,6 @@ index 0000000..29892a3
 +	return 0;
 +}
 +
-+static int copy_acl_object_label_normal(struct acl_object_label *obj, const struct acl_object_label *userp)
-+{
-+	if (copy_from_user(obj, userp, sizeof(struct acl_object_label)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_acl_ip_label_normal(struct acl_ip_label *ip, const struct acl_ip_label *userp)
-+{
-+	if (copy_from_user(ip, userp, sizeof(struct acl_ip_label)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_acl_subject_label_normal(struct acl_subject_label *subj, const struct acl_subject_label *userp)
-+{
-+	if (copy_from_user(subj, userp, sizeof(struct acl_subject_label)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_acl_role_label_normal(struct acl_role_label *role, const struct acl_role_label *userp)
-+{
-+	if (copy_from_user(role, userp, sizeof(struct acl_role_label)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_role_allowed_ip_normal(struct role_allowed_ip *roleip, const struct role_allowed_ip *userp)
-+{
-+	if (copy_from_user(roleip, userp, sizeof(struct role_allowed_ip)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_sprole_pw_normal(struct sprole_pw *pw, unsigned long idx, const struct sprole_pw *userp)
-+{
-+	if (copy_from_user(pw, userp + idx, sizeof(struct sprole_pw)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_gr_hash_struct_normal(struct gr_hash_struct *hash, const struct gr_hash_struct *userp)
-+{
-+	if (copy_from_user(hash, userp, sizeof(struct gr_hash_struct)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_role_transition_normal(struct role_transition *trans, const struct role_transition *userp)
-+{
-+	if (copy_from_user(trans, userp, sizeof(struct role_transition)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+int copy_pointer_from_array_normal(void *ptr, unsigned long idx, const void *userp)
-+{
-+	if (copy_from_user(ptr, userp + (idx * sizeof(void *)), sizeof(void *)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static int copy_gr_arg_wrapper_normal(const char __user *buf, struct gr_arg_wrapper *uwrap)
-+{
-+	if (copy_from_user(uwrap, buf, sizeof (struct gr_arg_wrapper)))
-+		return -EFAULT;
-+
-+	if ((uwrap->version != GRSECURITY_VERSION) || (uwrap->size != sizeof(struct gr_arg)))
-+		return -EINVAL;
-+
-+	return 0;
-+}
-+
-+static int copy_gr_arg_normal(const struct gr_arg __user *buf, struct gr_arg *arg)
-+{
-+	if (copy_from_user(arg, buf, sizeof (struct gr_arg)))
-+		return -EFAULT;
-+
-+	return 0;
-+}
-+
-+static size_t get_gr_arg_wrapper_size_normal(void)
-+{
-+	return sizeof(struct gr_arg_wrapper);
-+}
-+
 +ssize_t
 +write_grsec_handler(struct file *file, const char __user * buf, size_t count, loff_t *ppos)
 +{
@@ -61618,7 +61727,6 @@ index 0000000..29892a3
 +	unsigned char *sprole_sum = NULL;
 +	int error = 0;
 +	int error2 = 0;
-+	int compat = is_compat_task();
 +	size_t req_count;
 +
 +	mutex_lock(&gr_dev_mutex);
@@ -61630,7 +61738,7 @@ index 0000000..29892a3
 +
 +#ifdef CONFIG_COMPAT
 +	pax_open_kernel();
-+	if (compat) {
++	if (is_compat_task()) {
 +		copy_gr_arg_wrapper = &copy_gr_arg_wrapper_compat;
 +		copy_gr_arg = &copy_gr_arg_compat;
 +		copy_acl_object_label = &copy_acl_object_label_compat;
@@ -72189,7 +72297,7 @@ index 6dacb93..6174423 100644
  static inline void anon_vma_merge(struct vm_area_struct *vma,
  				  struct vm_area_struct *next)
 diff --git a/include/linux/sched.h b/include/linux/sched.h
-index 178a8d9..52e71a3 100644
+index 178a8d9..450bf11 100644
 --- a/include/linux/sched.h
 +++ b/include/linux/sched.h
 @@ -62,6 +62,7 @@ struct bio_list;
@@ -72318,7 +72426,7 @@ index 178a8d9..52e71a3 100644
  #ifdef CONFIG_FUTEX
  	struct robust_list_head __user *robust_list;
  #ifdef CONFIG_COMPAT
-@@ -1416,8 +1456,74 @@ struct task_struct {
+@@ -1416,8 +1456,76 @@ struct task_struct {
  	unsigned int	sequential_io;
  	unsigned int	sequential_io_avg;
  #endif
@@ -72386,6 +72494,8 @@ index 178a8d9..52e71a3 100644
 +extern void (*pax_set_initial_flags_func)(struct linux_binprm *bprm);
 +#endif
 +
++struct path;
++extern char *pax_get_path(const struct path *path, char *buf, int buflen);
 +extern void pax_report_fault(struct pt_regs *regs, void *pc, void *sp);
 +extern void pax_report_insns(struct pt_regs *regs, void *pc, void *sp);
 +extern void pax_report_refcount_overflow(struct pt_regs *regs);
@@ -72393,7 +72503,7 @@ index 178a8d9..52e71a3 100644
  /* Future-safe accessor for struct task_struct's cpus_allowed. */
  #define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed)
  
-@@ -1476,7 +1582,7 @@ struct pid_namespace;
+@@ -1476,7 +1584,7 @@ struct pid_namespace;
  pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type,
  			struct pid_namespace *ns);
  
@@ -72402,7 +72512,7 @@ index 178a8d9..52e71a3 100644
  {
  	return tsk->pid;
  }
-@@ -1919,7 +2025,9 @@ void yield(void);
+@@ -1919,7 +2027,9 @@ void yield(void);
  extern struct exec_domain	default_exec_domain;
  
  union thread_union {
@@ -72412,7 +72522,7 @@ index 178a8d9..52e71a3 100644
  	unsigned long stack[THREAD_SIZE/sizeof(long)];
  };
  
-@@ -1952,6 +2060,7 @@ extern struct pid_namespace init_pid_ns;
+@@ -1952,6 +2062,7 @@ extern struct pid_namespace init_pid_ns;
   */
  
  extern struct task_struct *find_task_by_vpid(pid_t nr);
@@ -72420,7 +72530,7 @@ index 178a8d9..52e71a3 100644
  extern struct task_struct *find_task_by_pid_ns(pid_t nr,
  		struct pid_namespace *ns);
  
-@@ -2118,7 +2227,7 @@ extern void __cleanup_sighand(struct sighand_struct *);
+@@ -2118,7 +2229,7 @@ extern void __cleanup_sighand(struct sighand_struct *);
  extern void exit_itimers(struct signal_struct *);
  extern void flush_itimer_signals(void);
  
@@ -72429,7 +72539,7 @@ index 178a8d9..52e71a3 100644
  
  extern int allow_signal(int);
  extern int disallow_signal(int);
-@@ -2309,9 +2418,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p)
+@@ -2309,9 +2420,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p)
  
  #endif
author	Anthony G. Basile <blueness@gentoo.org>	2013-08-02 08:15:20 -0400
committer	Anthony G. Basile <blueness@gentoo.org>	2013-08-02 08:15:20 -0400
commit	32de7cbff80bfad850403ce1a7fa232beb4bb5bc (patch)
tree	7fc2d9d6b874b6b40d5eba462c85eb9fcdb9bd48
parent	Grsec/PaX: 2.9.1-3.10.4-201307311627 (diff)
download	hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.tar.gz hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.tar.bz2 hardened-patchset-32de7cbff80bfad850403ce1a7fa232beb4bb5bc.zip