]>
Commit | Line | Data |
---|---|---|
d768bd4e | 1 | --- linux-2.4.19/kernel/sysctl.c.org Thu Sep 26 19:41:20 2002 |
2 | +++ linux-2.4.19/kernel/sysctl.c Mon Sep 30 14:21:12 2002 | |
3 | @@ -285,7 +285,8 @@ | |
4 | GS_RANDSRC, GS_RANDPING, GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT, | |
5 | GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID, | |
6 | GS_TTY, GS_TTYS, GS_PTY, GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC, | |
7 | -GS_DMSG, GS_RANDRPC, GS_FINDTASK, GS_LOCK}; | |
8 | +GS_DMSG, GS_RANDRPC, GS_FINDTASK, GS_PAXNOEXEC, GS_PAXPAGEEXEC, GS_PAXSEGMEXEC, | |
415e9df5 | 9 | +GS_PAXEMUTRAMP, GS_PAXMPROTECT, GS_PAXASLR, GS_PAXRANDEXEC, GS_LOCK}; |
d768bd4e | 10 | |
11 | static ctl_table grsecurity_table[] = { | |
12 | {GS_ACL,"acl", NULL, sizeof(int), 0600, NULL, &gr_proc_handler}, | |
415e9df5 | 13 | @@ -439,6 +440,34 @@ |
d768bd4e | 14 | {GS_FINDTASK, "chroot_findtask", &grsec_enable_chroot_findtask, |
15 | sizeof (int), 0600, NULL, &proc_dointvec}, | |
16 | #endif | |
17 | +#ifdef CONFIG_GRKERNSEC_PAX_NOEXEC | |
18 | + {GS_PAXNOEXEC, "pax_noexec", &grsec_pax_noexec, | |
19 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
20 | +#endif | |
21 | +#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
22 | + {GS_PAXPAGEEXEC, "pax_pageexec", &grsec_pax_pageexec, | |
23 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
24 | +#endif | |
25 | +#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
26 | + {GS_PAXSEGMEXEC, "pax_segmexec", &grsec_pax_segmexec, | |
27 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
28 | +#endif | |
29 | +#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
30 | + {GS_PAXEMUTRAMP, "pax_emutramp", &grsec_pax_emutramp, | |
31 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
32 | +#endif | |
33 | +#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
34 | + {GS_PAXMPROTECT, "pax_mprotect", &grsec_pax_mprotect, | |
35 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
415e9df5 | 36 | +#endif |
37 | +#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
38 | + {GS_PAXASLR, "pax_aslr", &grsec_pax_aslr, | |
39 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
40 | +#endif | |
41 | +#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
42 | + {GS_PAXRANDEXEC, "pax_randexec", &grsec_pax_randexec, | |
43 | + sizeof (int), 0600, NULL, &proc_dointvec}, | |
d768bd4e | 44 | +#endif |
45 | {GS_LOCK, "grsec_lock", &grsec_lock, sizeof (int), 0600, NULL, | |
46 | &proc_dointvec}, | |
47 | #endif | |
48 | --- linux-2.4.19/grsecurity/grsecurity.c.org Thu Sep 26 19:41:20 2002 | |
49 | +++ linux-2.4.19/grsecurity/grsecurity.c Mon Sep 30 14:10:09 2002 | |
415e9df5 | 50 | @@ -53,6 +53,13 @@ |
d768bd4e | 51 | int grsec_enable_socket_server = 0; |
52 | int grsec_socket_server_gid = 0; | |
53 | int grsec_lock = 0; | |
54 | +int grsec_pax_noexec = 0; | |
55 | +int grsec_pax_pageexec = 0; | |
56 | +int grsec_pax_segmexec = 0; | |
57 | +int grsec_pax_emutramp = 0; | |
58 | +int grsec_pax_mprotect = 0; | |
415e9df5 | 59 | +int grsec_pax_aslr = 0; |
60 | +int grsec_pax_randexec = 0; | |
d768bd4e | 61 | |
62 | /* | |
63 | handle the variables if parts of grsecurity are configured without sysctl | |
415e9df5 | 64 | @@ -167,6 +172,27 @@ |
d768bd4e | 65 | grsec_enable_socket_server = 1; |
66 | grsec_socket_server_gid= CONFIG_GRKERNSEC_SOCKET_SERVER_GID; | |
67 | #endif | |
68 | +#ifdef CONFIG_GRKERNSEC_PAX_NOEXEC | |
69 | +grsec_pax_noexec = 1; | |
70 | +#endif | |
71 | +#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
72 | +grsec_pax_pageexec = 1; | |
73 | +#endif | |
74 | +#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
75 | +grsec_pax_segmexec = 1; | |
76 | +#endif | |
77 | +#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
78 | +grsec_pax_emutramp = 1; | |
79 | +#endif | |
80 | +#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
81 | +grsec_pax_mprotect = 1; | |
415e9df5 | 82 | +#endif |
83 | +#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
84 | +grsec_pax_aslr = 1; | |
85 | +#endif | |
86 | +#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
87 | +grsec_pax_randexec = 1; | |
d768bd4e | 88 | +#endif |
89 | #endif | |
90 | ||
91 | return; | |
92 | --- linux-2.4.19/include/linux/grsecurity.h.org Fri Sep 27 03:42:07 2002 | |
93 | +++ linux-2.4.19/include/linux/grsecurity.h Mon Sep 30 14:27:55 2002 | |
415e9df5 | 94 | @@ -99,6 +99,13 @@ |
d768bd4e | 95 | extern int grsec_enable_audit_ipc; |
96 | extern int grsec_enable_mount; | |
97 | extern int grsec_enable_chdir; | |
98 | +extern int grsec_pax_noexec; | |
99 | +extern int grsec_pax_pageexec; | |
100 | +extern int grsec_pax_segmexec; | |
101 | +extern int grsec_pax_emutramp; | |
102 | +extern int grsec_pax_mprotect; | |
415e9df5 | 103 | +extern int grsec_pax_aslr; |
104 | +extern int grsec_pax_randexec; | |
d768bd4e | 105 | extern int grsec_lock; |
106 | ||
107 | extern struct task_struct *child_reaper; | |
415e9df5 | 108 | --- linux-2.4.19/fs/exec.c.org Tue Oct 1 08:24:12 2002 |
109 | +++ linux-2.4.19/fs/exec.c Wed Oct 2 09:11:51 2002 | |
110 | @@ -281,11 +281,10 @@ | |
111 | lru_cache_add(page); | |
112 | flush_dcache_page(page); | |
113 | flush_page_to_ram(page); | |
114 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
115 | - if (tsk->flags & PF_PAX_PAGEEXEC) | |
116 | +if(grsec_pax_pageexec) | |
117 | + {if (tsk->flags & PF_PAX_PAGEEXEC) | |
118 | set_pte(pte, pte_mkdirty(pte_mkwrite(mk_pte(page, PAGE_COPY_NOEXEC)))); | |
119 | - else | |
120 | -#endif | |
121 | + } | |
122 | set_pte(pte, pte_mkdirty(pte_mkwrite(mk_pte(page, PAGE_COPY)))); | |
123 | tsk->mm->rss++; | |
124 | spin_unlock(&tsk->mm->page_table_lock); | |
125 | @@ -323,11 +322,10 @@ | |
126 | mpnt->vm_end = STACK_TOP; | |
127 | mpnt->vm_flags = VM_STACK_FLAGS; | |
128 | ||
129 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
130 | - if (!(current->flags & PF_PAX_PAGEEXEC)) | |
131 | +if(grsec_pax_pageexec) | |
132 | + {if (!(current->flags & PF_PAX_PAGEEXEC)) | |
133 | mpnt->vm_page_prot = protection_map[(mpnt->vm_flags | VM_EXEC) & 0x0f]; | |
134 | - else | |
135 | -#endif | |
136 | + } | |
137 | mpnt->vm_page_prot = protection_map[mpnt->vm_flags & 0x0f]; | |
138 | mpnt->vm_ops = NULL; | |
139 | mpnt->vm_pgoff = 0; | |
140 | @@ -578,29 +576,23 @@ | |
141 | } | |
142 | current->comm[i] = '\0'; | |
143 | ||
144 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
145 | +if(grsec_pax_pageexec) | |
146 | current->flags &= ~PF_PAX_PAGEEXEC; | |
147 | -#endif | |
148 | ||
149 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
150 | +if(grsec_pax_emutramp) | |
151 | current->flags &= ~PF_PAX_EMUTRAMP; | |
152 | -#endif | |
153 | ||
154 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
155 | +if(grsec_pax_mprotect) | |
156 | current->flags &= ~PF_PAX_MPROTECT; | |
157 | -#endif | |
158 | ||
159 | -#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
160 | +if(grsec_pax_aslr) | |
161 | current->flags &= ~PF_PAX_RANDMMAP; | |
162 | -#endif | |
163 | ||
164 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
165 | +if(grsec_pax_randexec) | |
166 | current->flags &= ~PF_PAX_RANDEXEC; | |
167 | -#endif | |
168 | ||
169 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
170 | +if(grsec_pax_segmexec) | |
171 | current->flags &= ~PF_PAX_SEGMEXEC; | |
172 | -#endif | |
173 | ||
174 | flush_thread(); | |
175 | ||
176 | --- linux-2.4.19/fs/binfmt_elf.c.org Tue Oct 1 08:24:12 2002 | |
177 | +++ linux-2.4.19/fs/binfmt_elf.c Wed Oct 2 09:23:08 2002 | |
178 | @@ -447,9 +447,8 @@ | |
179 | struct exec interp_ex; | |
180 | char passed_fileno[6]; | |
181 | ||
182 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
183 | +if(grsec_pax_randexec) | |
184 | unsigned long load_addr_random = 0UL; | |
185 | -#endif | |
186 | ||
187 | /* Get the exec-header */ | |
188 | elf_ex = *((struct elfhdr *) bprm->buf); | |
189 | @@ -605,30 +604,30 @@ | |
190 | current->mm->end_code = 0; | |
191 | current->mm->mmap = NULL; | |
192 | ||
193 | -#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
194 | +if(grsec_pax_aslr){ | |
195 | current->mm->delta_mmap = 0UL; | |
196 | current->mm->delta_exec = 0UL; | |
197 | current->mm->delta_stack = 0UL; | |
198 | -#endif | |
199 | +} | |
200 | ||
201 | current->flags &= ~PF_FORKNOEXEC; | |
202 | ||
203 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
204 | +if(grsec_pax_pageexec){ | |
205 | if (!(elf_ex.e_flags & EF_PAX_PAGEEXEC)) | |
206 | current->flags |= PF_PAX_PAGEEXEC; | |
207 | -#endif | |
208 | +} | |
209 | ||
210 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
211 | +if(grsec_pax_emutramp){ | |
212 | if (elf_ex.e_flags & EF_PAX_EMUTRAMP) | |
213 | current->flags |= PF_PAX_EMUTRAMP; | |
214 | -#endif | |
215 | +} | |
216 | ||
217 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
218 | +if(grsec_pax_mprotect){ | |
219 | if (!(elf_ex.e_flags & EF_PAX_MPROTECT)) | |
220 | current->flags |= PF_PAX_MPROTECT; | |
221 | -#endif | |
222 | +} | |
223 | ||
224 | -#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
225 | +if(grsec_pax_aslr){ | |
226 | if (!(elf_ex.e_flags & EF_PAX_RANDMMAP)) { | |
227 | unsigned long delta; | |
228 | current->flags |= PF_PAX_RANDMMAP; | |
229 | @@ -646,27 +645,27 @@ | |
230 | current->mm->delta_stack = pax_delta_mask(delta, PAGE_SHIFT); | |
231 | #undef pax_delta_mask | |
232 | } | |
233 | -#endif | |
234 | +} | |
235 | ||
236 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
237 | +if(grsec_pax_segmexec){ | |
238 | if (!(elf_ex.e_flags & EF_PAX_SEGMEXEC)) { | |
239 | current->flags &= ~PF_PAX_PAGEEXEC; | |
240 | current->flags |= PF_PAX_SEGMEXEC; | |
241 | ||
242 | -#ifdef CONFIG_GRKERNSEC_PAX_ASLR | |
243 | +if(grsec_pax_aslr){ | |
244 | current->mm->delta_mmap &= 0x07FFFFFFUL; | |
245 | current->mm->delta_exec &= 0x07FFFFFFUL; | |
246 | current->mm->delta_stack &= 0x07FFFFFFUL; | |
247 | -#endif | |
248 | + } | |
249 | ||
250 | } | |
251 | -#endif | |
252 | +} | |
253 | ||
254 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
255 | +if(grsec_pax_randexec){ | |
256 | if ((elf_ex.e_flags & EF_PAX_RANDEXEC) && (elf_ex.e_type == ET_EXEC) && | |
257 | (current->flags & (PF_PAX_PAGEEXEC | PF_PAX_SEGMEXEC))) | |
258 | current->flags |= PF_PAX_RANDEXEC; | |
259 | -#endif | |
260 | +} | |
261 | ||
262 | elf_entry = (unsigned long) elf_ex.e_entry; | |
263 | ||
264 | @@ -733,7 +732,7 @@ | |
265 | ||
266 | } | |
267 | ||
268 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
269 | +if(grsec_pax_randexec){ | |
270 | if ((current->flags & PF_PAX_RANDEXEC) && (elf_ex.e_type == ET_EXEC)) { | |
271 | if (current->flags & PF_PAX_PAGEEXEC) | |
272 | error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot & ~PROT_EXEC, elf_flags); | |
273 | @@ -748,7 +747,7 @@ | |
274 | /* PaX: mirror at a randomized base */ | |
275 | down_write(¤t->mm->mmap_sem); | |
276 | ||
277 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
278 | +if(grsec_pax_segmexec){ | |
279 | if (current->flags & PF_PAX_SEGMEXEC) { | |
280 | if (elf_prot & PROT_EXEC) { | |
281 | load_addr_random = do_mmap_pgoff(NULL, 0UL, elf_ppnt->p_memsz, PROT_NONE, MAP_PRIVATE, 0UL); | |
282 | @@ -759,13 +758,13 @@ | |
283 | } else | |
284 | load_addr_random = do_mmap_pgoff(NULL, 0UL, 0UL, elf_prot, MAP_PRIVATE | MAP_MIRROR | MAP_MIRROR2, error); | |
285 | } else | |
286 | -#endif | |
287 | + } | |
288 | load_addr_random = do_mmap_pgoff(NULL, 0UL, 0UL, elf_prot, MAP_PRIVATE | MAP_MIRROR2, error); | |
289 | up_write(¤t->mm->mmap_sem); | |
290 | if (BAD_ADDR(load_addr_random)) | |
291 | continue; | |
292 | } else | |
293 | -#endif | |
294 | +} | |
295 | { | |
296 | error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags); | |
297 | if (BAD_ADDR(error)) | |
298 | @@ -781,10 +780,9 @@ | |
299 | load_addr += load_bias; | |
300 | } | |
301 | ||
302 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
303 | +if(grsec_pax_randexec){ | |
304 | current->mm->delta_exec = load_addr_random - load_addr; | |
305 | -#endif | |
306 | - | |
307 | +} | |
308 | } | |
309 | k = elf_ppnt->p_vaddr; | |
310 | if (k < start_code) start_code = k; | |
311 | --- linux-2.4.19/fs/binfmt_aout.c.org Tue Oct 1 08:24:12 2002 | |
312 | +++ linux-2.4.19/fs/binfmt_aout.c Wed Oct 2 09:25:46 2002 | |
313 | @@ -315,22 +315,22 @@ | |
314 | compute_creds(bprm); | |
315 | current->flags &= ~PF_FORKNOEXEC; | |
316 | ||
317 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
318 | +if(grsec_pax_pageexec){ | |
319 | if (!(N_FLAGS(ex) & F_PAX_PAGEEXEC)) { | |
320 | current->flags |= PF_PAX_PAGEEXEC; | |
321 | ||
322 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
323 | +if(grsec_pax_emutramp){ | |
324 | if (N_FLAGS(ex) & F_PAX_EMUTRAMP) | |
325 | current->flags |= PF_PAX_EMUTRAMP; | |
326 | -#endif | |
327 | + } | |
328 | ||
329 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
330 | +if(grsec_pax_mprotect){ | |
331 | if (!(N_FLAGS(ex) & F_PAX_MPROTECT)) | |
332 | current->flags |= PF_PAX_MPROTECT; | |
333 | -#endif | |
334 | +} | |
335 | ||
336 | } | |
337 | -#endif | |
338 | +} | |
339 | ||
340 | #ifdef __sparc__ | |
341 | if (N_MAGIC(ex) == NMAGIC) { | |
342 | --- linux-2.4.19/mm/mprotect.c.org Tue Oct 1 08:24:13 2002 | |
343 | +++ linux-2.4.19/mm/mprotect.c Wed Oct 2 09:30:47 2002 | |
344 | @@ -8,10 +8,10 @@ | |
345 | #include <linux/shm.h> | |
346 | #include <linux/mman.h> | |
347 | ||
348 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
349 | +if(grsec_pax_mprotect){ | |
350 | #include <linux/elf.h> | |
351 | #include <linux/fs.h> | |
352 | -#endif | |
353 | +} | |
354 | ||
355 | #include <asm/uaccess.h> | |
356 | #include <asm/pgalloc.h> | |
357 | @@ -252,11 +252,11 @@ | |
358 | return 0; | |
359 | } | |
360 | ||
361 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
362 | +if(grsec_pax_pageexec){ | |
363 | if (!(current->flags & PF_PAX_PAGEEXEC) && (newflags & (VM_READ|VM_WRITE))) | |
364 | newprot = protection_map[(newflags | VM_EXEC) & 0xf]; | |
365 | else | |
366 | -#endif | |
367 | +} | |
368 | newprot = protection_map[newflags & 0xf]; | |
369 | if (start == vma->vm_start) { | |
370 | if (end == vma->vm_end) | |
371 | @@ -275,7 +275,7 @@ | |
372 | return 0; | |
373 | } | |
374 | ||
375 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
376 | +if(grsec_pax_mprotect){ | |
377 | /* PaX: non-PIC ELF libraries need relocations on their executable segments | |
378 | * therefore we'll grant them VM_MAYWRITE once during their life. | |
379 | * | |
380 | @@ -326,9 +326,9 @@ | |
381 | } while (dyn.d_tag != DT_NULL); | |
382 | return; | |
383 | } | |
384 | -#endif | |
385 | +} | |
386 | ||
387 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
388 | +if(grsec_pax_segmexec){ | |
389 | static long __sys_mprotect(unsigned long start, size_t len, unsigned long prot); | |
390 | ||
391 | asmlinkage long sys_mprotect(unsigned long start, size_t len, unsigned long prot) | |
392 | @@ -352,9 +352,9 @@ | |
393 | } | |
394 | ||
395 | static long __sys_mprotect(unsigned long start, size_t len, unsigned long prot) | |
396 | -#else | |
397 | +}else | |
398 | asmlinkage long sys_mprotect(unsigned long start, size_t len, unsigned long prot) | |
399 | -#endif | |
400 | + | |
401 | { | |
402 | unsigned long nstart, end, tmp; | |
403 | struct vm_area_struct * vma, * next, * prev; | |
404 | @@ -371,19 +371,19 @@ | |
405 | if (end == start) | |
406 | return 0; | |
407 | ||
408 | -#ifndef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
409 | +if(grsec_pax_segmexec){ | |
410 | down_write(¤t->mm->mmap_sem); | |
411 | -#endif | |
412 | +} | |
413 | ||
414 | vma = find_vma_prev(current->mm, start, &prev); | |
415 | error = -ENOMEM; | |
416 | if (!vma || vma->vm_start > start) | |
417 | goto out; | |
418 | ||
419 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
420 | +if(grsec_pax_mprotect){ | |
421 | if ((current->flags & PF_PAX_MPROTECT) && (prot & PROT_WRITE)) | |
422 | pax_handle_maywrite(vma, start); | |
423 | -#endif | |
424 | +} | |
425 | ||
426 | for (nstart = start ; ; ) { | |
427 | unsigned int newflags; | |
428 | @@ -397,12 +397,12 @@ | |
429 | goto out; | |
430 | } | |
431 | ||
432 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
433 | +if(grsec_pax_mprotect){ | |
434 | /* PaX: disallow write access after relocs are done, hopefully noone else needs it... */ | |
435 | if ((current->flags & PF_PAX_MPROTECT) && (prot & PROT_WRITE) && (vma->vm_flags & VM_MAYNOTWRITE)) { | |
436 | newflags &= ~VM_MAYWRITE; | |
437 | } | |
438 | -#endif | |
439 | +} | |
440 | if (vma->vm_ops && vma->vm_ops->mprotect) { | |
441 | error = vma->vm_ops->mprotect(vma, newflags); | |
442 | if (error < 0) | |
443 | @@ -441,9 +441,9 @@ | |
444 | } | |
445 | out: | |
446 | ||
447 | -#ifndef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
448 | +if(grsec_pax_segmexec){ | |
449 | up_write(¤t->mm->mmap_sem); | |
450 | -#endif | |
451 | +} | |
452 | ||
453 | return error; | |
454 | } | |
455 | --- linux-2.4.19/mm/mmap.c.org Tue Oct 1 08:24:13 2002 | |
456 | +++ linux-2.4.19/mm/mmap.c Wed Oct 2 09:41:32 2002 | |
457 | @@ -209,13 +209,13 @@ | |
458 | _trans(prot, PROT_EXEC, VM_EXEC); | |
459 | flag_bits = | |
460 | ||
461 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
462 | +if(grsec_pax_segmexec){ | |
463 | _trans(flags, MAP_MIRROR, VM_MIRROR) | | |
464 | -#endif | |
465 | +} | |
466 | ||
467 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
468 | +if(grsec_pax_randexec){ | |
469 | _trans(flags, MAP_MIRROR2, VM_MIRROR2) | | |
470 | -#endif | |
471 | +} | |
472 | ||
473 | _trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN) | | |
474 | _trans(flags, MAP_DENYWRITE, VM_DENYWRITE) | | |
475 | @@ -417,13 +417,13 @@ | |
476 | ||
477 | if ( | |
478 | ||
479 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
480 | +if(grsec_pax_segmexec){ | |
481 | (flags & MAP_MIRROR) || | |
482 | -#endif | |
483 | +} | |
484 | ||
485 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
486 | +if(grsec_pax_randexec){ | |
487 | (flags & MAP_MIRROR2) | |
488 | -#else | |
489 | +} | |
490 | 0 | |
491 | #endif | |
492 | ) | |
493 | @@ -437,13 +437,13 @@ | |
494 | if (!vma_m || | |
495 | vma_m->vm_start != pgoff || | |
496 | ||
497 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
498 | +if(grsec_pax_segmexec){ | |
499 | (vma_m->vm_flags & (VM_MIRROR | VM_MIRRORED)) || | |
500 | -#endif | |
501 | +} | |
502 | ||
503 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
504 | +if(grsec_pax_randexec){ | |
505 | (vma_m->vm_flags & (VM_MIRROR2 | VM_MIRRORED2)) || | |
506 | -#endif | |
507 | +} | |
508 | ||
509 | (vma_m->vm_flags & (VM_MIRROR | VM_MIRRORED)) || | |
510 | (!(vma_m->vm_flags & VM_WRITE) && (prot & PROT_WRITE))) | |
511 | @@ -484,47 +484,47 @@ | |
512 | */ | |
513 | vm_flags = calc_vm_flags(prot,flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; | |
514 | ||
515 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
516 | +if(grsec_pax_pageexec){ | |
517 | if (current->flags & PF_PAX_PAGEEXEC) { | |
518 | ||
519 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
520 | +if(grsec_pax_randexec){ | |
521 | if (!file && !(flags & MAP_MIRROR2)) | |
522 | -#else | |
523 | +} | |
524 | if (!file) | |
525 | -#endif | |
526 | +} | |
527 | vm_flags &= ~VM_EXEC; | |
528 | ||
529 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
530 | +if(grsec_pax_mprotect){ | |
531 | ||
532 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
533 | +if(grsec_pax_randexec) | |
534 | if ((current->flags & PF_PAX_MPROTECT) && ((!file && !(flags & MAP_MIRROR2)) || !(prot & PROT_EXEC))) | |
535 | -#else | |
536 | +else | |
537 | if ((current->flags & PF_PAX_MPROTECT) && (!file || !(prot & PROT_EXEC))) | |
538 | -#endif | |
539 | + | |
540 | vm_flags &= ~VM_MAYEXEC; | |
541 | ||
542 | if ((current->flags & PF_PAX_MPROTECT) && file && (prot & PROT_EXEC)) | |
543 | vm_flags &= ~VM_MAYWRITE; | |
544 | -#endif | |
545 | +} | |
546 | ||
547 | } | |
548 | -#endif | |
549 | +} | |
550 | ||
551 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
552 | +if(grsec_pax_segmexec){ | |
553 | if (current->flags & PF_PAX_SEGMEXEC) { | |
554 | if (!file && !(flags & MAP_MIRROR)) | |
555 | vm_flags &= ~VM_EXEC; | |
556 | ||
557 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
558 | +if(grsec_pax_mprotect){ | |
559 | if ((current->flags & PF_PAX_MPROTECT) && ((!file && !(flags & MAP_MIRROR)) || !(prot & PROT_EXEC))) | |
560 | vm_flags &= ~VM_MAYEXEC; | |
561 | ||
562 | if ((current->flags & PF_PAX_MPROTECT) && file && (prot & PROT_EXEC)) | |
563 | vm_flags &= ~VM_MAYWRITE; | |
564 | -#endif | |
565 | +} | |
566 | ||
567 | } | |
568 | -#endif | |
569 | +} | |
570 | ||
571 | /* mlock MCL_FUTURE? */ | |
572 | if (vm_flags & VM_LOCKED) { | |
573 | @@ -626,11 +626,11 @@ | |
574 | vma->vm_end = addr + len; | |
575 | vma->vm_flags = vm_flags; | |
576 | ||
577 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
578 | +if(grsec_pax_pageexec){ | |
579 | if ((file || !(current->flags & PF_PAX_PAGEEXEC)) && (vm_flags & (VM_READ|VM_WRITE))) | |
580 | vma->vm_page_prot = protection_map[(vm_flags | VM_EXEC) & 0x0f]; | |
581 | else | |
582 | -#endif | |
583 | +} | |
584 | ||
585 | vma->vm_page_prot = protection_map[vm_flags & 0x0f]; | |
586 | vma->vm_ops = NULL; | |
587 | @@ -660,15 +660,15 @@ | |
588 | goto free_vma; | |
589 | } | |
590 | ||
591 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
592 | +if(grsec_pax_segmexec){ | |
593 | if (flags & MAP_MIRROR) | |
594 | vma_m->vm_flags |= VM_MIRRORED; | |
595 | -#endif | |
596 | +} | |
597 | ||
598 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
599 | +if(grsec_pax_randexec){ | |
600 | if (flags & MAP_MIRROR2) | |
601 | vma_m->vm_flags |= VM_MIRRORED2; | |
602 | -#endif | |
603 | +} | |
604 | ||
605 | /* Can addr have changed?? | |
606 | * | |
607 | @@ -741,11 +741,10 @@ | |
608 | { | |
609 | struct vm_area_struct *vma; | |
610 | ||
611 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
612 | +if(grsec_pax_segmexec){ | |
613 | if ((current->flags & PF_PAX_SEGMEXEC) && len > TASK_SIZE/2) | |
614 | return -ENOMEM; | |
615 | - else | |
616 | -#endif | |
617 | +} | |
618 | ||
619 | if (len > TASK_SIZE) | |
620 | return -ENOMEM; | |
621 | @@ -754,10 +753,10 @@ | |
622 | addr = PAGE_ALIGN(addr); | |
623 | vma = find_vma(current->mm, addr); | |
624 | ||
625 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
626 | +if(grsec_pax_segmexec){ | |
627 | if ((current->flags & PF_PAX_SEGMEXEC) && TASK_SIZE/2-len < addr) | |
628 | return -ENOMEM; | |
629 | -#endif | |
630 | +} | |
631 | ||
632 | if (TASK_SIZE - len >= addr && | |
633 | (!vma || addr + len <= vma->vm_start)) | |
634 | @@ -774,11 +773,11 @@ | |
635 | for (vma = find_vma(current->mm, addr); ; vma = vma->vm_next) { | |
636 | /* At this point: (!vma || addr < vma->vm_end). */ | |
637 | ||
638 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
639 | +if(grsec_pax_segmexec){ | |
640 | if ((current->flags & PF_PAX_SEGMEXEC) && TASK_SIZE/2-len < addr) | |
641 | return -ENOMEM; | |
642 | else | |
643 | -#endif | |
644 | +} | |
645 | ||
646 | if (TASK_SIZE - len < addr) | |
647 | return -ENOMEM; | |
648 | @@ -1168,21 +1167,21 @@ | |
649 | ||
650 | down_write(&mm->mmap_sem); | |
651 | ||
652 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
653 | +if(grsec_pax_segmexec){ | |
654 | if ((current->flags & PF_PAX_SEGMEXEC) && | |
655 | (len > TASK_SIZE/2 || addr > TASK_SIZE/2-len)) | |
656 | return -EINVAL; | |
657 | -#endif | |
658 | +} | |
659 | ||
660 | ret = do_munmap(mm, addr, len); | |
661 | ||
662 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
663 | +if(grsec_pax_segmexec){ | |
664 | if ((current->flags & PF_PAX_SEGMEXEC) && !ret) { | |
665 | int ret_m = do_munmap(mm, addr + TASK_SIZE/2, len); | |
666 | if (ret_m) | |
667 | ret = ret_m; | |
668 | } | |
669 | -#endif | |
670 | +} | |
671 | ||
672 | up_write(&mm->mmap_sem); | |
673 | return ret; | |
674 | @@ -1244,10 +1243,10 @@ | |
675 | if (current->flags & (PF_PAX_PAGEEXEC | PF_PAX_SEGMEXEC)) | |
676 | flags &= ~VM_EXEC; | |
677 | ||
678 | -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT | |
679 | +if(grsec_pax_mprotect){ | |
680 | if (current->flags & PF_PAX_MPROTECT) | |
681 | flags &= ~VM_MAYEXEC; | |
682 | -#endif | |
683 | +} | |
684 | ||
685 | #endif | |
686 | /* Can we just expand an old anonymous mapping? */ | |
687 | @@ -1266,11 +1265,10 @@ | |
688 | vma->vm_end = addr + len; | |
689 | vma->vm_flags = flags; | |
690 | ||
691 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
692 | +if(grsec_pax_pageexec){ | |
693 | if (!(current->flags & PF_PAX_PAGEEXEC) && (flags & (VM_READ|VM_WRITE))) | |
694 | vma->vm_page_prot = protection_map[(flags | VM_EXEC) & 0x0f]; | |
695 | - else | |
696 | -#endif | |
697 | +} | |
698 | vma->vm_page_prot = protection_map[flags & 0x0f]; | |
699 | vma->vm_ops = NULL; | |
700 | vma->vm_pgoff = 0; | |
701 | --- linux-2.4.19/mm/filemap.c.org Tue Oct 1 08:24:13 2002 | |
702 | +++ linux-2.4.19/mm/filemap.c Wed Oct 2 09:42:41 2002 | |
703 | @@ -2180,10 +2180,10 @@ | |
704 | if (!mapping->a_ops->readpage) | |
705 | return -ENOEXEC; | |
706 | ||
707 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
708 | +if(grsec_pax_pageexec){ | |
709 | if (current->flags & PF_PAX_PAGEEXEC) | |
710 | vma->vm_page_prot = protection_map[vma->vm_flags & 0x0f]; | |
711 | -#endif | |
712 | +} | |
713 | ||
714 | UPDATE_ATIME(inode); | |
715 | vma->vm_ops = &generic_file_vm_ops; | |
716 | --- linux-2.4.19/arch/i386/mm/fault.c.org Tue Oct 1 08:24:12 2002 | |
717 | +++ linux-2.4.19/arch/i386/mm/fault.c Wed Oct 2 09:49:58 2002 | |
718 | @@ -143,11 +143,11 @@ | |
719 | * bit 1 == 0 means read, 1 means write | |
720 | * bit 2 == 0 means kernel, 1 means user-mode | |
721 | */ | |
722 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
723 | +if(grsec_pax_pageexec){ | |
724 | asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long error_code, unsigned long address) | |
725 | -#else | |
726 | +else | |
727 | asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long error_code) | |
728 | -#endif | |
729 | +} | |
730 | { | |
731 | struct task_struct *tsk; | |
732 | struct mm_struct *mm; | |
733 | @@ -283,21 +283,21 @@ | |
734 | ||
735 | /* User mode accesses just cause a SIGSEGV */ | |
736 | if (error_code & 4) { | |
737 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
738 | +if(grsec_pax_segmexec){ | |
739 | if (current->flags & PF_PAX_SEGMEXEC) { | |
740 | ||
741 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
742 | +if(grsec_pax_randexec){ | |
743 | if ((error_code == 4) && (regs->eip + TASK_SIZE/2 == address) && | |
744 | pax_handle_read_fault(regs) == 5) | |
745 | return; | |
746 | -#endif | |
747 | +} | |
748 | ||
749 | if (address >= TASK_SIZE/2) { | |
750 | pax_report_fault(regs); | |
751 | do_exit(SIGKILL); | |
752 | } | |
753 | } | |
754 | -#endif | |
755 | +} | |
756 | ||
757 | tsk->thread.cr2 = address; | |
758 | tsk->thread.error_code = error_code; | |
759 | @@ -429,7 +429,7 @@ | |
760 | return; | |
761 | } | |
762 | } | |
763 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
764 | +if(grsec_pax_pageexec){ | |
765 | /* PaX: called with the page_table_lock spinlock held */ | |
766 | static inline pte_t * pax_get_pte(struct mm_struct *mm, unsigned long address) | |
767 | { | |
768 | @@ -444,7 +444,7 @@ | |
769 | return 0; | |
770 | return pte_offset(pmd, address); | |
771 | } | |
772 | -#endif | |
773 | +} | |
774 | ||
775 | /* | |
776 | * PaX: decide what to do with offenders (regs->eip = fault address) | |
777 | @@ -459,12 +459,12 @@ | |
778 | #if defined(CONFIG_GRKERNSEC_PAX_PAGEEXEC) || defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC) | |
779 | static int pax_handle_read_fault(struct pt_regs *regs) | |
780 | { | |
781 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
782 | +if(grsec_pax_emutramp){ | |
783 | static const unsigned char trans[8] = {6, 1, 2, 0, 13, 5, 3, 4}; | |
784 | -#endif | |
785 | +} | |
786 | int err; | |
787 | ||
788 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
789 | +if(grsec_pax_randexec){ | |
790 | if (current->flags & PF_PAX_RANDEXEC) { | |
791 | unsigned long esp_4; | |
792 | if (regs->eip >= current->mm->start_code && | |
793 | @@ -477,9 +477,9 @@ | |
794 | } | |
795 | } | |
796 | } | |
797 | -#endif | |
798 | +} | |
799 | ||
800 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
801 | +if(grsec_pax_emutramp){ | |
802 | if (!(current->flags & PF_PAX_EMUTRAMP)) | |
803 | return 1; | |
804 | ||
805 | @@ -589,7 +589,7 @@ | |
806 | } | |
807 | } | |
808 | } | |
809 | -#endif | |
810 | +} | |
811 | ||
812 | return 1; /* PaX in action */ | |
813 | } | |
814 | @@ -634,7 +634,7 @@ | |
815 | } | |
816 | #endif | |
817 | ||
818 | -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC | |
819 | +if(grsec_pax_pageexec){ | |
820 | /* | |
821 | * PaX: handle the extra page faults or pass it down to the original handler | |
822 | * | |
823 | @@ -670,19 +670,19 @@ | |
824 | /* instruction fetch attempt from a protected page in user mode */ | |
825 | ret = pax_handle_read_fault(regs); | |
826 | switch (ret) { | |
827 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
828 | +if(grsec_pax_randexec){ | |
829 | case 5: | |
830 | return 0; | |
831 | -#endif | |
832 | +} | |
833 | ||
834 | -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP | |
835 | +if(grsec_pax_emutramp){ | |
836 | case 0: | |
837 | break; | |
838 | case 4: | |
839 | return 0; | |
840 | case 3: | |
841 | case 2: return 1; | |
842 | -#endif | |
843 | +} | |
844 | case 1: | |
845 | default: | |
846 | pax_report_fault(regs); | |
847 | @@ -738,4 +738,4 @@ | |
848 | spin_unlock(&mm->page_table_lock); | |
849 | return 0; | |
850 | } | |
851 | -#endif | |
852 | +} | |
853 | --- linux-2.4.19/kernel/ptrace.c.org Tue Oct 1 08:24:13 2002 | |
854 | +++ linux-2.4.19/kernel/ptrace.c Wed Oct 2 09:52:40 2002 | |
855 | @@ -129,10 +129,10 @@ | |
856 | if (!mm) | |
857 | return 0; | |
858 | ||
859 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
860 | +if(grsec_pax_segmexec){ | |
861 | if ((tsk->flags & PF_PAX_SEGMEXEC) && (addr >= TASK_SIZE/2)) | |
862 | return 0; | |
863 | -#endif | |
864 | +} | |
865 | ||
866 | down_read(&mm->mmap_sem); | |
867 | /* ignore errors, just check how much was sucessfully transfered */ | |
868 | --- linux-2.4.19/mm/memory.c.org Tue Oct 1 08:24:23 2002 | |
869 | +++ linux-2.4.19/mm/memory.c Wed Oct 2 09:57:25 2002 | |
870 | @@ -1374,43 +1374,43 @@ | |
871 | struct vm_area_struct * vma_m = NULL; | |
872 | #endif | |
873 | ||
874 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
875 | +if(grsec_pax_segmexec){ | |
876 | if (vma->vm_flags & VM_MIRRORED) { | |
877 | address_m = address; | |
878 | vma_m = vma; | |
879 | ||
880 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
881 | +if(grsec_pax_randexec){ | |
882 | if (vma->vm_flags & VM_MIRRORED2) { | |
883 | address += mm->delta_exec; | |
884 | if (vma->vm_flags & VM_EXEC) | |
885 | address += TASK_SIZE/2; | |
886 | } else | |
887 | -#endif | |
888 | +} | |
889 | ||
890 | address += TASK_SIZE/2; | |
891 | vma = find_vma(mm, address); | |
892 | } else if (vma->vm_flags & VM_MIRROR) { | |
893 | address_m = address; | |
894 | ||
895 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
896 | +if(grsec_pax_randexec){ | |
897 | if (vma->vm_flags & VM_MIRROR2) { | |
898 | address_m -= mm->delta_exec; | |
899 | if (vma->vm_flags & VM_EXEC) | |
900 | address_m -= TASK_SIZE/2; | |
901 | } else | |
902 | -#endif | |
903 | +} | |
904 | ||
905 | address_m -= TASK_SIZE/2; | |
906 | vma_m = find_vma(mm, address_m); | |
907 | } | |
908 | -#endif | |
909 | +} | |
910 | ||
911 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
912 | +if(grsec_pax_randexec){ | |
913 | if (vma && (vma->vm_flags & (VM_MIRROR2 | VM_MIRRORED2)) | |
914 | ||
915 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
916 | +if(grsec_pax_segmexec){ | |
917 | && !(vma->vm_flags & (VM_MIRROR | VM_MIRRORED)) | |
918 | -#endif | |
919 | +} | |
920 | ||
921 | ) | |
922 | { | |
923 | @@ -1424,19 +1424,19 @@ | |
924 | vma_m = find_vma(mm, address_m); | |
925 | } | |
926 | } | |
927 | -#endif | |
928 | +} | |
929 | ||
930 | /* PaX: sanity checks, to be removed when proved to be stable */ | |
931 | #if defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC) || defined(CONFIG_GRKERNSEC_PAX_RANDEXEC) | |
932 | if (!vma | |
933 | ||
934 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
935 | +if(grsec_pax_segmexec){ | |
936 | || (vma->vm_flags & VM_MIRROR) | |
937 | -#endif | |
938 | +} | |
939 | ||
940 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
941 | +if(grsec_pax_randexec){ | |
942 | || (vma->vm_flags & VM_MIRROR2) | |
943 | -#endif | |
944 | +} | |
945 | ) | |
946 | { | |
947 | if (!vma || !vma_m) { | |
948 | @@ -1445,17 +1445,17 @@ | |
949 | return 0; | |
950 | } else if ( | |
951 | ||
952 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
953 | +if(grsec_pax_segmexec){ | |
954 | (!(vma_m->vm_flags & VM_MIRRORED) && | |
955 | -#else | |
956 | +else | |
957 | (1 && | |
958 | -#endif | |
959 | +} | |
960 | ||
961 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
962 | +if(grsec_pax_randexec){ | |
963 | !(vma_m->vm_flags & VM_MIRRORED2)) || | |
964 | -#else | |
965 | +else | |
966 | 1) || | |
967 | -#endif | |
968 | +} | |
969 | ||
970 | vma->vm_start > address || | |
971 | vma_m->vm_start > address_m || | |
972 | @@ -1483,17 +1483,17 @@ | |
973 | ||
974 | #if defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC) || defined(CONFIG_GRKERNSEC_PAX_RANDEXEC) | |
975 | if (pte | |
976 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
977 | +if(grsec_pax_segmexec){ | |
978 | ||
979 | -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC | |
980 | +if(grsec_pax_randexec){ | |
981 | && (vma->vm_flags & (VM_MIRROR | VM_MIRROR2)) | |
982 | -#else | |
983 | +else | |
984 | && (vma->vm_flags & VM_MIRROR) | |
985 | -#endif | |
986 | +} | |
987 | ||
988 | -#else | |
989 | +else | |
990 | && (vma->vm_flags & VM_MIRROR2) | |
991 | -#endif | |
992 | +} | |
993 | ) | |
994 | { | |
995 | pgd_t *pgd_m; | |
996 | --- linux-2.4.19/mm/mremap.c.org Tue Oct 1 08:24:13 2002 | |
997 | +++ linux-2.4.19/mm/mremap.c Wed Oct 2 09:58:45 2002 | |
998 | @@ -227,11 +227,11 @@ | |
999 | old_len = PAGE_ALIGN(old_len); | |
1000 | new_len = PAGE_ALIGN(new_len); | |
1001 | ||
1002 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
1003 | +if(grsec_pax_segmexec){ | |
1004 | if ((current->flags & PF_PAX_SEGMEXEC) && (flags & MREMAP_FIXED) && | |
1005 | (new_len > TASK_SIZE/2 || new_addr > TASK_SIZE/2-new_len)) | |
1006 | goto out; | |
1007 | -#endif | |
1008 | +} | |
1009 | ||
1010 | /* new_addr is only valid if MREMAP_FIXED is specified */ | |
1011 | if (flags & MREMAP_FIXED) { | |
1012 | @@ -274,10 +274,10 @@ | |
1013 | if (!vma || vma->vm_start > addr) | |
1014 | goto out; | |
1015 | ||
1016 | -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC | |
1017 | +if(grsec_pax_segmexec){ | |
1018 | if ((current->flags & PF_PAX_SEGMEXEC) && (vma->vm_flags & VM_MIRRORED)) | |
1019 | return -EINVAL; | |
1020 | -#endif | |
1021 | +} | |
1022 | ||
1023 | /* We can't remap across vm area boundaries */ | |
1024 | if (old_len > vma->vm_end - addr) |