diff options
| author | Arkadiusz MiĆkiewicz | 2010-12-21 20:58:24 (GMT) |
|---|---|---|
| committer | cvs2git | 2012-06-24 12:13:13 (GMT) |
| commit | 3bac966d7180441cd29b387564e8fccb3fda018c (patch) | |
| tree | b2d0d4daaa20377c99a2f04502daf644f38456b2 | |
| parent | 98a9bfbecf21a975099fed31777e53cecf5e7bc6 (diff) | |
| download | kernel-3bac966d7180441cd29b387564e8fccb3fda018c.zip kernel-3bac966d7180441cd29b387564e8fccb3fda018c.tar.gz | |
- rel 2; update vserver (patch-2.6.36.2-vs2.3.0.36.38.2.diff) and grsecurity (grsecurity-2.2.1-2.6.36.2-201012192125.patch) patchesauto/th/kernel-2_6_36_2-2
Changed files:
kernel-grsec_full.patch -> 1.54
kernel-vserver-2.3.patch -> 1.52
kernel-vserver-fixes.patch -> 1.19
kernel.spec -> 1.865
| -rw-r--r-- | kernel-grsec_full.patch | 2185 | ||||
| -rw-r--r-- | kernel-vserver-2.3.patch | 7628 | ||||
| -rw-r--r-- | kernel-vserver-fixes.patch | 233 | ||||
| -rw-r--r-- | kernel.spec | 6 |
4 files changed, 4880 insertions, 5172 deletions
diff --git a/kernel-grsec_full.patch b/kernel-grsec_full.patch index b23cf41..7ff9c81 100644 --- a/kernel-grsec_full.patch +++ b/kernel-grsec_full.patch @@ -7531,46 +7531,11 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/elf.h linux-2.6.36.2/arch/x86/inc #endif /* _ASM_X86_ELF_H */ diff -urNp linux-2.6.36.2/arch/x86/include/asm/futex.h linux-2.6.36.2/arch/x86/include/asm/futex.h --- linux-2.6.36.2/arch/x86/include/asm/futex.h 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/include/asm/futex.h 2010-12-09 20:24:53.000000000 -0500 -@@ -11,17 +11,54 @@ - #include <asm/processor.h> ++++ linux-2.6.36.2/arch/x86/include/asm/futex.h 2010-12-19 12:46:43.000000000 -0500 +@@ -12,16 +12,18 @@ #include <asm/system.h> -+#ifdef CONFIG_X86_32 #define __futex_atomic_op1(insn, ret, oldval, uaddr, oparg) \ -+ asm volatile( \ -+ "movw\t%w6, %%ds\n" \ -+ "1:\t" insn "\n" \ -+ "2:\tpushl\t%%ss\n" \ -+ "\tpopl\t%%ds\n" \ -+ "\t.section .fixup,\"ax\"\n" \ -+ "3:\tmov\t%3, %1\n" \ -+ "\tjmp\t2b\n" \ -+ "\t.previous\n" \ -+ _ASM_EXTABLE(1b, 3b) \ -+ : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \ -+ : "i" (-EFAULT), "0" (oparg), "1" (0), "r" (__USER_DS)) -+ -+#define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \ -+ asm volatile("movw\t%w7, %%es\n" \ -+ "1:\tmovl\t%%es:%2, %0\n" \ -+ "\tmovl\t%0, %3\n" \ -+ "\t" insn "\n" \ -+ "2:\t" LOCK_PREFIX "cmpxchgl %3, %%es:%2\n"\ -+ "\tjnz\t1b\n" \ -+ "3:\tpushl\t%%ss\n" \ -+ "\tpopl\t%%es\n" \ -+ "\t.section .fixup,\"ax\"\n" \ -+ "4:\tmov\t%5, %1\n" \ -+ "\tjmp\t3b\n" \ -+ "\t.previous\n" \ -+ _ASM_EXTABLE(1b, 4b) \ -+ _ASM_EXTABLE(2b, 4b) \ -+ : "=&a" (oldval), "=&r" (ret), \ -+ "+m" (*uaddr), "=&r" (tem) \ -+ : "r" (oparg), "i" (-EFAULT), "1" (0), "r" (__USER_DS)) -+#else -+#define __futex_atomic_op1(insn, ret, oldval, uaddr, oparg) \ + typecheck(u32 *, uaddr); \ asm volatile("1:\t" insn "\n" \ "2:\t.section .fixup,\"ax\"\n" \ @@ -7579,8 +7544,7 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/futex.h linux-2.6.36.2/arch/x86/i "\t.previous\n" \ _ASM_EXTABLE(1b, 3b) \ - : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \ -+ : "=r" (oldval), "=r" (ret), \ -+ "+m" (*(uaddr + PAX_USER_SHADOW_BASE / 4))\ ++ : "=r" (oldval), "=r" (ret), "+m" (*____m(uaddr))\ : "i" (-EFAULT), "0" (oparg), "1" (0)) #define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \ @@ -7588,43 +7552,33 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/futex.h linux-2.6.36.2/arch/x86/i asm volatile("1:\tmovl %2, %0\n" \ "\tmovl\t%0, %3\n" \ "\t" insn "\n" \ -@@ -34,10 +71,12 @@ +@@ -34,10 +36,10 @@ _ASM_EXTABLE(1b, 4b) \ _ASM_EXTABLE(2b, 4b) \ : "=&a" (oldval), "=&r" (ret), \ - "+m" (*uaddr), "=&r" (tem) \ -+ "+m" (*(uaddr + PAX_USER_SHADOW_BASE / 4)),\ -+ "=&r" (tem) \ ++ "+m" (*(____m(uaddr))), "=&r" (tem) \ : "r" (oparg), "i" (-EFAULT), "1" (0)) -+#endif -static inline int futex_atomic_op_inuser(int encoded_op, int __user *uaddr) +static inline int futex_atomic_op_inuser(int encoded_op, u32 __user *uaddr) { int op = (encoded_op >> 28) & 7; int cmp = (encoded_op >> 24) & 15; -@@ -61,11 +100,20 @@ static inline int futex_atomic_op_inuser +@@ -61,10 +63,10 @@ static inline int futex_atomic_op_inuser switch (op) { case FUTEX_OP_SET: -+#ifdef CONFIG_X86_32 -+ __futex_atomic_op1("xchgl %0, %%ds:%2", ret, oldval, uaddr, oparg); -+#else - __futex_atomic_op1("xchgl %0, %2", ret, oldval, uaddr, oparg); -+#endif +- __futex_atomic_op1("xchgl %0, %2", ret, oldval, uaddr, oparg); ++ __futex_atomic_op1("xchgl %0, "__copyuser_seg"%2", ret, oldval, uaddr, oparg); break; case FUTEX_OP_ADD: -+#ifdef CONFIG_X86_32 -+ __futex_atomic_op1(LOCK_PREFIX "xaddl %0, %%ds:%2", ret, oldval, -+ uaddr, oparg); -+#else - __futex_atomic_op1(LOCK_PREFIX "xaddl %0, %2", ret, oldval, +- __futex_atomic_op1(LOCK_PREFIX "xaddl %0, %2", ret, oldval, ++ __futex_atomic_op1(LOCK_PREFIX "xaddl %0, "__copyuser_seg"%2", ret, oldval, uaddr, oparg); -+#endif break; case FUTEX_OP_OR: - __futex_atomic_op2("orl %4, %3", ret, oldval, uaddr, oparg); -@@ -109,7 +157,7 @@ static inline int futex_atomic_op_inuser +@@ -109,7 +111,7 @@ static inline int futex_atomic_op_inuser return ret; } @@ -7633,7 +7587,7 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/futex.h linux-2.6.36.2/arch/x86/i int newval) { -@@ -119,17 +167,31 @@ static inline int futex_atomic_cmpxchg_i +@@ -119,16 +121,16 @@ static inline int futex_atomic_cmpxchg_i return -ENOSYS; #endif @@ -7642,32 +7596,17 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/futex.h linux-2.6.36.2/arch/x86/i return -EFAULT; - asm volatile("1:\t" LOCK_PREFIX "cmpxchgl %3, %1\n" -- "2:\t.section .fixup, \"ax\"\n" -+ asm volatile( -+#ifdef CONFIG_X86_32 -+ "\tmovw %w5, %%ds\n" -+ "1:\t" LOCK_PREFIX "cmpxchgl %3, %%ds:%1\n" -+ "2:\tpushl %%ss\n" -+ "\tpopl %%ds\n" -+#else -+ "1:\t" LOCK_PREFIX "cmpxchgl %3, %1\n" -+ "2:\n" -+#endif -+ "\t.section .fixup, \"ax\"\n" ++ asm volatile("1:\t" LOCK_PREFIX "cmpxchgl %3, "__copyuser_seg"%1\n" + "2:\t.section .fixup, \"ax\"\n" "3:\tmov %2, %0\n" "\tjmp 2b\n" "\t.previous\n" _ASM_EXTABLE(1b, 3b) -+#ifdef CONFIG_X86_32 - : "=a" (oldval), "+m" (*uaddr) -+ : "i" (-EFAULT), "r" (newval), "0" (oldval), "r" (__USER_DS) -+#else -+ : "=a" (oldval), "+m" (*(uaddr + PAX_USER_SHADOW_BASE / 4)) +- : "=a" (oldval), "+m" (*uaddr) ++ : "=a" (oldval), "+m" (*____m(uaddr)) : "i" (-EFAULT), "r" (newval), "0" (oldval) -+#endif : "memory" ); - diff -urNp linux-2.6.36.2/arch/x86/include/asm/i387.h linux-2.6.36.2/arch/x86/include/asm/i387.h --- linux-2.6.36.2/arch/x86/include/asm/i387.h 2010-10-20 16:30:22.000000000 -0400 +++ linux-2.6.36.2/arch/x86/include/asm/i387.h 2010-12-09 20:24:53.000000000 -0500 @@ -9419,6 +9358,18 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/spinlock.h linux-2.6.36.2/arch/x8 : "+m" (rw->lock) : "i" (RW_LOCK_BIAS) : "memory"); } +diff -urNp linux-2.6.36.2/arch/x86/include/asm/stackprotector.h linux-2.6.36.2/arch/x86/include/asm/stackprotector.h +--- linux-2.6.36.2/arch/x86/include/asm/stackprotector.h 2010-10-20 16:30:22.000000000 -0400 ++++ linux-2.6.36.2/arch/x86/include/asm/stackprotector.h 2010-12-19 12:46:50.000000000 -0500 +@@ -113,7 +113,7 @@ static inline void setup_stack_canary_se + + static inline void load_stack_canary_segment(void) + { +-#ifdef CONFIG_X86_32 ++#if defined(CONFIG_X86_32) && !defined(CONFIG_PAX_MEMORY_UDEREF) + asm volatile ("mov %0, %%gs" : : "r" (0)); + #endif + } diff -urNp linux-2.6.36.2/arch/x86/include/asm/system.h linux-2.6.36.2/arch/x86/include/asm/system.h --- linux-2.6.36.2/arch/x86/include/asm/system.h 2010-10-20 16:30:22.000000000 -0400 +++ linux-2.6.36.2/arch/x86/include/asm/system.h 2010-12-09 20:24:53.000000000 -0500 @@ -9936,7 +9887,7 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess_64.h linux-2.6.36.2/arch/ #endif /* _ASM_X86_UACCESS_64_H */ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86/include/asm/uaccess.h --- linux-2.6.36.2/arch/x86/include/asm/uaccess.h 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/include/asm/uaccess.h 2010-12-09 20:24:53.000000000 -0500 ++++ linux-2.6.36.2/arch/x86/include/asm/uaccess.h 2010-12-19 12:46:43.000000000 -0500 @@ -8,12 +8,15 @@ #include <linux/thread_info.h> #include <linux/prefetch.h> @@ -9953,12 +9904,11 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86 /* * The fs value determines whether argument validity checking should be * performed or not. If get_fs() == USER_DS, checking is performed, with -@@ -29,7 +32,12 @@ +@@ -29,7 +32,11 @@ #define get_ds() (KERNEL_DS) #define get_fs() (current_thread_info()->addr_limit) -+#ifdef CONFIG_X86_32 -+void __set_fs(mm_segment_t x, int cpu); ++#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) +void set_fs(mm_segment_t x); +#else #define set_fs(x) (current_thread_info()->addr_limit = (x)) @@ -9966,7 +9916,7 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86 #define segment_eq(a, b) ((a).seg == (b).seg) -@@ -77,7 +85,33 @@ +@@ -77,7 +84,33 @@ * checks that the pointer is in the user space range - after calling * this function, memory access functions may still return -EFAULT. */ @@ -10001,92 +9951,69 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86 /* * The exception table consists of pairs of addresses: the first is the -@@ -183,13 +217,21 @@ extern int __get_user_bad(void); +@@ -183,12 +216,20 @@ extern int __get_user_bad(void); asm volatile("call __put_user_" #size : "=a" (__ret_pu) \ : "0" ((typeof(*(ptr)))(x)), "c" (ptr) : "ebx") - -+#ifdef CONFIG_X86_32 -+#define _ASM_LOAD_USER_DS(ds) "movw %w" #ds ",%%ds\n" -+#define _ASM_LOAD_KERNEL_DS "pushl %%ss; popl %%ds\n" ++#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_MEMORY_UDEREF) ++#define __copyuser_seg "%%gs:" ++#define __COPYUSER_SET_ES "pushl %%gs; popl %%es\n" ++#define __COPYUSER_RESTORE_ES "pushl %%ss; popl %%es\n" +#else -+#define _ASM_LOAD_USER_DS(ds) -+#define _ASM_LOAD_KERNEL_DS ++#define __copyuser_seg ++#define __COPYUSER_SET_ES ++#define __COPYUSER_RESTORE_ES +#endif #ifdef CONFIG_X86_32 #define __put_user_asm_u64(x, addr, err, errret) \ - asm volatile("1: movl %%eax,0(%2)\n" \ - "2: movl %%edx,4(%2)\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(5) \ -+ "1: movl %%eax,%%ds:0(%2)\n" \ -+ "2: movl %%edx,%%ds:4(%2)\n" \ ++ asm volatile("1: movl %%eax," __copyuser_seg"0(%2)\n" \ ++ "2: movl %%edx," __copyuser_seg"4(%2)\n" \ "3:\n" \ -+ _ASM_LOAD_KERNEL_DS \ ".section .fixup,\"ax\"\n" \ "4: movl %3,%0\n" \ - " jmp 3b\n" \ -@@ -197,15 +239,18 @@ extern int __get_user_bad(void); - _ASM_EXTABLE(1b, 4b) \ - _ASM_EXTABLE(2b, 4b) \ - : "=r" (err) \ -- : "A" (x), "r" (addr), "i" (errret), "0" (err)) -+ : "A" (x), "r" (addr), "i" (errret), "0" (err), \ -+ "r"(__USER_DS)) +@@ -200,8 +241,8 @@ extern int __get_user_bad(void); + : "A" (x), "r" (addr), "i" (errret), "0" (err)) #define __put_user_asm_ex_u64(x, addr) \ - asm volatile("1: movl %%eax,0(%1)\n" \ - "2: movl %%edx,4(%1)\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(2) \ -+ "1: movl %%eax,%%ds:0(%1)\n" \ -+ "2: movl %%edx,%%ds:4(%1)\n" \ ++ asm volatile("1: movl %%eax," __copyuser_seg"0(%1)\n" \ ++ "2: movl %%edx," __copyuser_seg"4(%1)\n" \ "3:\n" \ -+ _ASM_LOAD_KERNEL_DS \ _ASM_EXTABLE(1b, 2b - 1b) \ _ASM_EXTABLE(2b, 3b - 2b) \ -- : : "A" (x), "r" (addr)) -+ : : "A" (x), "r" (addr), "r"(__USER_DS)) - - #define __put_user_x8(x, ptr, __ret_pu) \ - asm volatile("call __put_user_8" : "=a" (__ret_pu) \ -@@ -374,16 +419,18 @@ do { \ +@@ -374,7 +415,7 @@ do { \ } while (0) #define __get_user_asm(x, addr, err, itype, rtype, ltype, errret) \ - asm volatile("1: mov"itype" %2,%"rtype"1\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(5) \ -+ "1: mov"itype" %%ds:%2,%"rtype"1\n" \ ++ asm volatile("1: mov"itype" "__copyuser_seg"%2,%"rtype"1\n"\ "2:\n" \ -+ _ASM_LOAD_KERNEL_DS \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ - " xor"itype" %"rtype"1,%"rtype"1\n" \ +@@ -382,7 +423,7 @@ do { \ " jmp 2b\n" \ ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ - : "=r" (err), ltype(x) \ -- : "m" (__m(addr)), "i" (errret), "0" (err)) + : "=r" (err), ltype (x) \ -+ : "m" (__m(addr)), "i" (errret), "0" (err), "r"(__USER_DS)) + : "m" (__m(addr)), "i" (errret), "0" (err)) #define __get_user_size_ex(x, ptr, size) \ - do { \ -@@ -407,10 +454,12 @@ do { \ +@@ -407,7 +448,7 @@ do { \ } while (0) #define __get_user_asm_ex(x, addr, itype, rtype, ltype) \ - asm volatile("1: mov"itype" %1,%"rtype"0\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(2) \ -+ "1: mov"itype" %%ds:%1,%"rtype"0\n" \ ++ asm volatile("1: mov"itype" "__copyuser_seg"%1,%"rtype"0\n"\ "2:\n" \ -+ _ASM_LOAD_KERNEL_DS \ _ASM_EXTABLE(1b, 2b - 1b) \ -- : ltype(x) : "m" (__m(addr))) -+ : ltype(x) : "m" (__m(addr)), "r"(__USER_DS)) - - #define __put_user_nocheck(x, ptr, size) \ - ({ \ -@@ -424,13 +473,24 @@ do { \ + : ltype(x) : "m" (__m(addr))) +@@ -424,13 +465,24 @@ do { \ int __gu_err; \ unsigned long __gu_val; \ __get_user_size(__gu_val, (ptr), (size), __gu_err, -EFAULT); \ @@ -10113,38 +10040,29 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86 /* * Tell gcc we read from memory instead of writing: this is because -@@ -438,21 +498,26 @@ struct __large_struct { unsigned long bu +@@ -438,7 +490,7 @@ struct __large_struct { unsigned long bu * aliasing issues. */ #define __put_user_asm(x, addr, err, itype, rtype, ltype, errret) \ - asm volatile("1: mov"itype" %"rtype"1,%2\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(5) \ -+ "1: mov"itype" %"rtype"1,%%ds:%2\n" \ ++ asm volatile("1: mov"itype" %"rtype"1," __copyuser_seg"%2\n"\ "2:\n" \ -+ _ASM_LOAD_KERNEL_DS \ ".section .fixup,\"ax\"\n" \ "3: mov %3,%0\n" \ - " jmp 2b\n" \ +@@ -446,10 +498,10 @@ struct __large_struct { unsigned long bu ".previous\n" \ _ASM_EXTABLE(1b, 3b) \ : "=r"(err) \ - : ltype(x), "m" (__m(addr)), "i" (errret), "0" (err)) -+ : ltype (x), "m" (__m(addr)), "i" (errret), "0" (err),\ -+ "r"(__USER_DS)) ++ : ltype (x), "m" (__m(addr)), "i" (errret), "0" (err)) #define __put_user_asm_ex(x, addr, itype, rtype, ltype) \ - asm volatile("1: mov"itype" %"rtype"0,%1\n" \ -+ asm volatile(_ASM_LOAD_USER_DS(2) \ -+ "1: mov"itype" %"rtype"0,%%ds:%1\n" \ ++ asm volatile("1: mov"itype" %"rtype"0," __copyuser_seg"%1\n"\ "2:\n" \ -+ _ASM_LOAD_KERNEL_DS \ _ASM_EXTABLE(1b, 2b - 1b) \ -- : : ltype(x), "m" (__m(addr))) -+ : : ltype(x), "m" (__m(addr)), "r"(__USER_DS)) - - /* - * uaccess_try and catch -@@ -530,7 +595,7 @@ struct __large_struct { unsigned long bu + : : ltype(x), "m" (__m(addr))) +@@ -530,7 +582,7 @@ struct __large_struct { unsigned long bu #define get_user_ex(x, ptr) do { \ unsigned long __gue_val; \ __get_user_size_ex((__gue_val), (ptr), (sizeof(*(ptr)))); \ @@ -10153,7 +10071,7 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/uaccess.h linux-2.6.36.2/arch/x86 } while (0) #ifdef CONFIG_X86_WP_WORKS_OK -@@ -567,6 +632,7 @@ extern struct movsl_mask { +@@ -567,6 +619,7 @@ extern struct movsl_mask { #define ARCH_HAS_NOCACHE_UACCESS 1 @@ -10245,7 +10163,16 @@ diff -urNp linux-2.6.36.2/arch/x86/include/asm/xsave.h linux-2.6.36.2/arch/x86/i ".section .fixup,\"ax\"\n" diff -urNp linux-2.6.36.2/arch/x86/Kconfig linux-2.6.36.2/arch/x86/Kconfig --- linux-2.6.36.2/arch/x86/Kconfig 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/Kconfig 2010-12-09 20:24:54.000000000 -0500 ++++ linux-2.6.36.2/arch/x86/Kconfig 2010-12-19 12:46:43.000000000 -0500 +@@ -236,7 +236,7 @@ config X86_TRAMPOLINE + + config X86_32_LAZY_GS + def_bool y +- depends on X86_32 && !CC_STACKPROTECTOR ++ depends on X86_32 && !CC_STACKPROTECTOR && !PAX_MEMORY_UDEREF + + config ARCH_HWEIGHT_CFLAGS + string @@ -1036,7 +1036,7 @@ choice config NOHIGHMEM @@ -10282,7 +10209,15 @@ diff -urNp linux-2.6.36.2/arch/x86/Kconfig linux-2.6.36.2/arch/x86/Kconfig ---help--- This enables the kernel to use EFI runtime services that are available (such as the EFI variable services). -@@ -1546,6 +1546,7 @@ config KEXEC_JUMP +@@ -1489,6 +1489,7 @@ config SECCOMP + + config CC_STACKPROTECTOR + bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)" ++ depends on X86_64 || !PAX_MEMORY_UDEREF + ---help--- + This option turns on the -fstack-protector GCC feature. This + feature puts, at the beginning of functions, a canary value on +@@ -1546,6 +1547,7 @@ config KEXEC_JUMP config PHYSICAL_START hex "Physical address where the kernel is loaded" if (EMBEDDED || CRASH_DUMP) default "0x1000000" @@ -10290,7 +10225,7 @@ diff -urNp linux-2.6.36.2/arch/x86/Kconfig linux-2.6.36.2/arch/x86/Kconfig ---help--- This gives the physical address where the kernel is loaded. -@@ -1609,6 +1610,7 @@ config X86_NEED_RELOCS +@@ -1609,6 +1611,7 @@ config X86_NEED_RELOCS config PHYSICAL_ALIGN hex "Alignment value to which kernel should be aligned" if X86_32 default "0x1000000" @@ -10298,7 +10233,7 @@ diff -urNp linux-2.6.36.2/arch/x86/Kconfig linux-2.6.36.2/arch/x86/Kconfig range 0x2000 0x1000000 ---help--- This value puts the alignment restrictions on physical address -@@ -1640,9 +1642,10 @@ config HOTPLUG_CPU +@@ -1640,9 +1643,10 @@ config HOTPLUG_CPU Say N if you want to disable CPU hotplug. config COMPAT_VDSO @@ -10719,7 +10654,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/asm-offsets_64.c linux-2.6.36.2/arch/x DEFINE(crypto_tfm_ctx_offset, offsetof(struct crypto_tfm, __crt_ctx)); diff -urNp linux-2.6.36.2/arch/x86/kernel/cpu/common.c linux-2.6.36.2/arch/x86/kernel/cpu/common.c --- linux-2.6.36.2/arch/x86/kernel/cpu/common.c 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/kernel/cpu/common.c 2010-12-09 20:24:55.000000000 -0500 ++++ linux-2.6.36.2/arch/x86/kernel/cpu/common.c 2010-12-19 12:46:43.000000000 -0500 @@ -83,60 +83,6 @@ static const struct cpu_dev __cpuinitcon static const struct cpu_dev *this_cpu __cpuinitdata = &default_cpu; @@ -10801,6 +10736,15 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/cpu/common.c linux-2.6.36.2/arch/x86/k /* If the model name is still unset, do table lookup. */ if (!c->x86_model_id[0]) { const char *p; +@@ -1080,7 +1030,7 @@ struct pt_regs * __cpuinit idle_regs(str + { + memset(regs, 0, sizeof(struct pt_regs)); + regs->fs = __KERNEL_PERCPU; +- regs->gs = __KERNEL_STACK_CANARY; ++ savesegment(gs, regs->gs); + + return regs; + } @@ -1135,7 +1085,7 @@ void __cpuinit cpu_init(void) int i; @@ -11371,8 +11315,22 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/efi_stub_32.S linux-2.6.36.2/arch/x86/ efi_rt_function_ptr: diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/kernel/entry_32.S --- linux-2.6.36.2/arch/x86/kernel/entry_32.S 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/kernel/entry_32.S 2010-12-09 20:24:54.000000000 -0500 -@@ -192,7 +192,67 @@ ++++ linux-2.6.36.2/arch/x86/kernel/entry_32.S 2010-12-19 12:47:27.000000000 -0500 +@@ -186,13 +186,81 @@ + /*CFI_REL_OFFSET gs, PT_GS*/ + .endm + .macro SET_KERNEL_GS reg ++ ++#ifdef CONFIG_CC_STACKPROTECTOR + movl $(__KERNEL_STACK_CANARY), \reg ++#elif defined(CONFIG_PAX_MEMORY_UDEREF) ++ movl $(__USER_DS), \reg ++#else ++ xorl \reg, \reg ++#endif ++ + movl \reg, %gs + .endm #endif /* CONFIG_X86_32_LAZY_GS */ @@ -11441,7 +11399,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker cld PUSH_GS pushl %fs -@@ -225,7 +285,7 @@ +@@ -225,7 +293,7 @@ pushl %ebx CFI_ADJUST_CFA_OFFSET 4 CFI_REL_OFFSET ebx, 0 @@ -11450,7 +11408,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker movl %edx, %ds movl %edx, %es movl $(__KERNEL_PERCPU), %edx -@@ -233,6 +293,15 @@ +@@ -233,6 +301,15 @@ SET_KERNEL_GS %edx .endm @@ -11466,7 +11424,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker .macro RESTORE_INT_REGS popl %ebx CFI_ADJUST_CFA_OFFSET -4 -@@ -357,7 +426,15 @@ check_userspace: +@@ -357,7 +434,15 @@ check_userspace: movb PT_CS(%esp), %al andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax cmpl $USER_RPL, %eax @@ -11482,7 +11440,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker ENTRY(resume_userspace) LOCKDEP_SYS_EXIT -@@ -423,10 +500,9 @@ sysenter_past_esp: +@@ -423,10 +508,9 @@ sysenter_past_esp: /*CFI_REL_OFFSET cs, 0*/ /* * Push current_thread_info()->sysenter_return to the stack. @@ -11495,7 +11453,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker CFI_ADJUST_CFA_OFFSET 4 CFI_REL_OFFSET eip, 0 -@@ -439,9 +515,19 @@ sysenter_past_esp: +@@ -439,9 +523,19 @@ sysenter_past_esp: * Load the potential sixth argument from user stack. * Careful about security. */ @@ -11515,7 +11473,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker movl %ebp,PT_EBP(%esp) .section __ex_table,"a" .align 4 -@@ -464,12 +550,23 @@ sysenter_do_call: +@@ -464,12 +558,23 @@ sysenter_do_call: testl $_TIF_ALLWORK_MASK, %ecx jne sysexit_audit sysenter_exit: @@ -11539,7 +11497,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker PTGS_TO_GS ENABLE_INTERRUPTS_SYSEXIT -@@ -513,11 +610,17 @@ sysexit_audit: +@@ -513,11 +618,17 @@ sysexit_audit: CFI_ENDPROC .pushsection .fixup,"ax" @@ -11559,7 +11517,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker .popsection PTGS_TO_GS_EX ENDPROC(ia32_sysenter_target) -@@ -551,6 +654,10 @@ syscall_exit: +@@ -551,6 +662,10 @@ syscall_exit: testl $_TIF_ALLWORK_MASK, %ecx # current->work jne syscall_exit_work @@ -11570,7 +11528,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker restore_all: TRACE_IRQS_IRET restore_all_notrace: -@@ -611,14 +718,21 @@ ldt_ss: +@@ -611,14 +726,21 @@ ldt_ss: * compensating for the offset by changing to the ESPFIX segment with * a base address that matches for the difference. */ @@ -11595,7 +11553,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker pushl $__ESPFIX_SS CFI_ADJUST_CFA_OFFSET 4 push %eax /* new kernel esp */ -@@ -655,25 +769,19 @@ work_resched: +@@ -655,25 +777,19 @@ work_resched: work_notifysig: # deal with pending signals and # notify-resume requests @@ -11624,7 +11582,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker #endif xorl %edx, %edx call do_notify_resume -@@ -708,6 +816,10 @@ END(syscall_exit_work) +@@ -708,6 +824,10 @@ END(syscall_exit_work) RING0_INT_FRAME # can't unwind into user space anyway syscall_fault: @@ -11635,7 +11593,39 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker GET_THREAD_INFO(%ebp) movl $-EFAULT,PT_EAX(%esp) jmp resume_userspace -@@ -791,8 +903,15 @@ ptregs_clone: +@@ -782,6 +902,31 @@ ptregs_clone: + addl $8,%esp + ret + ++ ALIGN; ++ENTRY(kernel_execve) ++ push %ebp ++ sub $PT_OLDSS+4,%esp ++ push %edi ++ push %ecx ++ push %eax ++ lea 3*4(%esp),%edi ++ mov $PT_OLDSS/4+1,%ecx ++ xorl %eax,%eax ++ rep stosl ++ pop %eax ++ pop %ecx ++ pop %edi ++ movl $X86_EFLAGS_IF,PT_EFLAGS(%esp) ++ push %esp ++ call sys_execve ++ add $4,%esp ++ GET_THREAD_INFO(%ebp) ++ test %eax,%eax ++ jz syscall_exit ++ add $PT_OLDSS+4,%esp ++ pop %ebp ++ ret ++ + .macro FIXUP_ESPFIX_STACK + /* + * Switch back for ESPFIX stack to the normal zerobased stack +@@ -791,8 +936,15 @@ ptregs_clone: * normal stack and adjusts ESP with the matching offset. */ /* fixup the stack */ @@ -11653,7 +11643,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker shl $16, %eax addl %esp, %eax /* the adjusted stack pointer */ pushl $__KERNEL_DS -@@ -1275,7 +1394,6 @@ return_to_handler: +@@ -1275,7 +1427,6 @@ return_to_handler: jmp *%ecx #endif @@ -11661,7 +11651,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker #include "syscall_table_32.S" syscall_table_size=(.-sys_call_table) -@@ -1332,9 +1450,12 @@ error_code: +@@ -1332,9 +1483,12 @@ error_code: movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart REG_TO_PTGS %ecx SET_KERNEL_GS %ecx @@ -11675,7 +11665,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker TRACE_IRQS_OFF movl %esp,%eax # pt_regs pointer call *%edi -@@ -1428,6 +1549,9 @@ nmi_stack_correct: +@@ -1428,6 +1582,9 @@ nmi_stack_correct: xorl %edx,%edx # zero error code movl %esp,%eax # pt_regs pointer call do_nmi @@ -11685,7 +11675,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/entry_32.S linux-2.6.36.2/arch/x86/ker jmp restore_all_notrace CFI_ENDPROC -@@ -1468,6 +1592,9 @@ nmi_espfix_stack: +@@ -1468,6 +1625,9 @@ nmi_espfix_stack: FIXUP_ESPFIX_STACK # %eax == %esp xorl %edx,%edx # zero error code call do_nmi @@ -12253,7 +12243,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head32.c linux-2.6.36.2/arch/x86/kerne /* Reserve INITRD */ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kernel/head_32.S --- linux-2.6.36.2/arch/x86/kernel/head_32.S 2010-10-20 16:30:22.000000000 -0400 -+++ linux-2.6.36.2/arch/x86/kernel/head_32.S 2010-12-09 20:24:55.000000000 -0500 ++++ linux-2.6.36.2/arch/x86/kernel/head_32.S 2010-12-19 12:46:43.000000000 -0500 @@ -25,6 +25,12 @@ /* Physical address */ #define pa(X) ((X) - __PAGE_OFFSET) @@ -12307,7 +12297,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern ENTRY(startup_32) /* test KEEP_SEGMENTS flag to see if the bootloader is asking us to not reload segments */ -@@ -99,6 +114,55 @@ ENTRY(startup_32) +@@ -99,6 +114,57 @@ ENTRY(startup_32) movl %eax,%gs 2: @@ -12328,6 +12318,8 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern + movl $pa(cpu_gdt_table),%edi +1: + movl $((((__PAGE_OFFSET-1) & 0xf0000000) >> 12) | 0x00c09700),GDT_ENTRY_KERNEL_DS * 8 + 4(%edi) ++ movl $((((__PAGE_OFFSET-1) & 0xf0000000) >> 12) | 0x00c0fb00),GDT_ENTRY_DEFAULT_USER_CS * 8 + 4(%edi) ++ movl $((((__PAGE_OFFSET-1) & 0xf0000000) >> 12) | 0x00c0f300),GDT_ENTRY_DEFAULT_USER_DS * 8 + 4(%edi) + addl $PAGE_SIZE_asm,%edi + loop 1b +#endif @@ -12363,7 +12355,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern /* * Clear BSS first so that there are no surprises... */ -@@ -148,9 +212,7 @@ ENTRY(startup_32) +@@ -148,9 +214,7 @@ ENTRY(startup_32) cmpl $num_subarch_entries, %eax jae bad_subarch @@ -12374,7 +12366,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern bad_subarch: WEAK(lguest_entry) -@@ -162,10 +224,10 @@ WEAK(xen_entry) +@@ -162,10 +226,10 @@ WEAK(xen_entry) __INITDATA subarch_entries: @@ -12389,7 +12381,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern num_subarch_entries = (. - subarch_entries) / 4 .previous #endif /* CONFIG_PARAVIRT */ -@@ -226,8 +288,11 @@ default_entry: +@@ -226,8 +290,11 @@ default_entry: movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -12403,7 +12395,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern #else /* Not PAE */ page_pde_offset = (__PAGE_OFFSET >> 20); -@@ -257,8 +322,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); +@@ -257,8 +324,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -12417,7 +12409,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern #endif jmp 3f /* -@@ -305,6 +373,7 @@ ENTRY(startup_32_smp) +@@ -305,6 +375,7 @@ ENTRY(startup_32_smp) orl %edx,%eax movl %eax,%cr4 @@ -12425,7 +12417,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern testb $X86_CR4_PAE, %al # check if PAE is enabled jz 6f -@@ -329,6 +398,9 @@ ENTRY(startup_32_smp) +@@ -329,6 +400,9 @@ ENTRY(startup_32_smp) /* Make changes effective */ wrmsr @@ -12435,7 +12427,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern 6: /* -@@ -354,9 +426,7 @@ ENTRY(startup_32_smp) +@@ -354,9 +428,7 @@ ENTRY(startup_32_smp) #ifdef CONFIG_SMP cmpb $0, ready @@ -12446,7 +12438,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern #endif /* CONFIG_SMP */ /* -@@ -434,7 +504,7 @@ is386: movl $2,%ecx # set MP +@@ -434,7 +506,7 @@ is386: movl $2,%ecx # set MP 1: movl $(__KERNEL_DS),%eax # reload all the segment registers movl %eax,%ss # after changing gdt. @@ -12455,7 +12447,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern movl %eax,%ds movl %eax,%es -@@ -448,8 +518,11 @@ is386: movl $2,%ecx # set MP +@@ -448,15 +520,22 @@ is386: movl $2,%ecx # set MP */ cmpb $0,ready jne 1f @@ -12468,7 +12460,19 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern movw %cx, 8 * GDT_ENTRY_STACK_CANARY + 2(%eax) shrl $16, %ecx movb %cl, 8 * GDT_ENTRY_STACK_CANARY + 4(%eax) -@@ -467,10 +540,6 @@ is386: movl $2,%ecx # set MP + movb %ch, 8 * GDT_ENTRY_STACK_CANARY + 7(%eax) + 1: +-#endif + movl $(__KERNEL_STACK_CANARY),%eax ++#elif defined(CONFIG_PAX_MEMORY_UDEREF) ++ movl $(__USER_DS),%eax ++#else ++ xorl %eax,%eax ++#endif + movl %eax,%gs + + xorl %eax,%eax # Clear LDT +@@ -467,10 +546,6 @@ is386: movl $2,%ecx # set MP #ifdef CONFIG_SMP movb ready, %cl movb $1, ready @@ -12479,7 +12483,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern #endif /* CONFIG_SMP */ jmp *(initial_code) -@@ -556,22 +625,22 @@ early_page_fault: +@@ -556,22 +631,22 @@ early_page_fault: jmp early_fault early_fault: @@ -12507,7 +12511,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern hlt_loop: hlt jmp hlt_loop -@@ -579,8 +648,11 @@ hlt_loop: +@@ -579,8 +654,11 @@ hlt_loop: /* This is the default interrupt "handler" :-) */ ALIGN ignore_int: @@ -12520,7 +12524,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern pushl %eax pushl %ecx pushl %edx -@@ -589,9 +661,6 @@ ignore_int: +@@ -589,9 +667,6 @@ ignore_int: movl $(__KERNEL_DS),%eax movl %eax,%ds movl %eax,%es @@ -12530,7 +12534,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern pushl 16(%esp) pushl 24(%esp) pushl 32(%esp) -@@ -620,31 +689,47 @@ ENTRY(initial_page_table) +@@ -620,31 +695,47 @@ ENTRY(initial_page_table) /* * BSS section */ @@ -12583,7 +12587,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern ENTRY(swapper_pg_dir) .long pa(swapper_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ # if KPMDS == 3 -@@ -663,15 +748,24 @@ ENTRY(swapper_pg_dir) +@@ -663,15 +754,24 @@ ENTRY(swapper_pg_dir) # error "Kernel PMDs should be 1, 2 or 3" # endif .align PAGE_SIZE_asm /* needs to be page-sized too */ @@ -12609,7 +12613,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern early_recursion_flag: .long 0 -@@ -707,7 +801,7 @@ fault_msg: +@@ -707,7 +807,7 @@ fault_msg: .word 0 # 32 bit align gdt_desc.address boot_gdt_descr: .word __BOOT_DS+7 @@ -12618,7 +12622,7 @@ diff -urNp linux-2.6.36.2/arch/x86/kernel/head_32.S linux-2.6.36.2/arch/x86/kern .word 0 # 32-bit align idt_desc.address idt_descr: -@@ -718,7 +812,7 @@ idt_descr: +@@ -718,7 +818,7 @@ i |