1 --- linux-2.4.19/kernel/sysctl.c.org Thu Sep 26 19:41:20 2002
2 +++ linux-2.4.19/kernel/sysctl.c Mon Sep 30 14:21:12 2002
4 GS_RANDSRC, GS_RANDPING, GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT,
5 GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID,
6 GS_TTY, GS_TTYS, GS_PTY, GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC,
7 -GS_DMSG, GS_RANDRPC, GS_FINDTASK, GS_LOCK};
8 +GS_DMSG, GS_RANDRPC, GS_FINDTASK, GS_PAXNOEXEC, GS_PAXPAGEEXEC, GS_PAXSEGMEXEC,
9 +GS_PAXEMUTRAMP, GS_PAXMPROTECT, GS_PAXASLR, GS_PAXRANDEXEC, GS_LOCK};
11 static ctl_table grsecurity_table[] = {
12 {GS_ACL,"acl", NULL, sizeof(int), 0600, NULL, &gr_proc_handler},
14 {GS_FINDTASK, "chroot_findtask", &grsec_enable_chroot_findtask,
15 sizeof (int), 0600, NULL, &proc_dointvec},
17 +#ifdef CONFIG_GRKERNSEC_PAX_NOEXEC
18 + {GS_PAXNOEXEC, "pax_noexec", &grsec_pax_noexec,
19 + sizeof (int), 0600, NULL, &proc_dointvec},
21 +#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
22 + {GS_PAXPAGEEXEC, "pax_pageexec", &grsec_pax_pageexec,
23 + sizeof (int), 0600, NULL, &proc_dointvec},
25 +#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
26 + {GS_PAXSEGMEXEC, "pax_segmexec", &grsec_pax_segmexec,
27 + sizeof (int), 0600, NULL, &proc_dointvec},
29 +#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
30 + {GS_PAXEMUTRAMP, "pax_emutramp", &grsec_pax_emutramp,
31 + sizeof (int), 0600, NULL, &proc_dointvec},
33 +#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
34 + {GS_PAXMPROTECT, "pax_mprotect", &grsec_pax_mprotect,
35 + sizeof (int), 0600, NULL, &proc_dointvec},
37 +#ifdef CONFIG_GRKERNSEC_PAX_ASLR
38 + {GS_PAXASLR, "pax_aslr", &grsec_pax_aslr,
39 + sizeof (int), 0600, NULL, &proc_dointvec},
41 +#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
42 + {GS_PAXRANDEXEC, "pax_randexec", &grsec_pax_randexec,
43 + sizeof (int), 0600, NULL, &proc_dointvec},
45 {GS_LOCK, "grsec_lock", &grsec_lock, sizeof (int), 0600, NULL,
48 --- linux-2.4.19/grsecurity/grsecurity.c.org Thu Sep 26 19:41:20 2002
49 +++ linux-2.4.19/grsecurity/grsecurity.c Mon Sep 30 14:10:09 2002
51 int grsec_enable_socket_server = 0;
52 int grsec_socket_server_gid = 0;
54 +int grsec_pax_noexec = 0;
55 +int grsec_pax_pageexec = 0;
56 +int grsec_pax_segmexec = 0;
57 +int grsec_pax_emutramp = 0;
58 +int grsec_pax_mprotect = 0;
59 +int grsec_pax_aslr = 0;
60 +int grsec_pax_randexec = 0;
63 handle the variables if parts of grsecurity are configured without sysctl
65 grsec_enable_socket_server = 1;
66 grsec_socket_server_gid= CONFIG_GRKERNSEC_SOCKET_SERVER_GID;
68 +#ifdef CONFIG_GRKERNSEC_PAX_NOEXEC
69 +grsec_pax_noexec = 1;
71 +#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
72 +grsec_pax_pageexec = 1;
74 +#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
75 +grsec_pax_segmexec = 1;
77 +#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
78 +grsec_pax_emutramp = 1;
80 +#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
81 +grsec_pax_mprotect = 1;
83 +#ifdef CONFIG_GRKERNSEC_PAX_ASLR
86 +#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
87 +grsec_pax_randexec = 1;
92 --- linux-2.4.19/include/linux/grsecurity.h.org Fri Sep 27 03:42:07 2002
93 +++ linux-2.4.19/include/linux/grsecurity.h Mon Sep 30 14:27:55 2002
95 extern int grsec_enable_audit_ipc;
96 extern int grsec_enable_mount;
97 extern int grsec_enable_chdir;
98 +extern int grsec_pax_noexec;
99 +extern int grsec_pax_pageexec;
100 +extern int grsec_pax_segmexec;
101 +extern int grsec_pax_emutramp;
102 +extern int grsec_pax_mprotect;
103 +extern int grsec_pax_aslr;
104 +extern int grsec_pax_randexec;
105 extern int grsec_lock;
107 extern struct task_struct *child_reaper;
108 --- linux-2.4.19/fs/exec.c.org Tue Oct 1 08:24:12 2002
109 +++ linux-2.4.19/fs/exec.c Wed Oct 2 09:11:51 2002
110 @@ -281,11 +281,10 @@
112 flush_dcache_page(page);
113 flush_page_to_ram(page);
114 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
115 - if (tsk->flags & PF_PAX_PAGEEXEC)
116 +if(grsec_pax_pageexec)
117 + {if (tsk->flags & PF_PAX_PAGEEXEC)
118 set_pte(pte, pte_mkdirty(pte_mkwrite(mk_pte(page, PAGE_COPY_NOEXEC))));
122 set_pte(pte, pte_mkdirty(pte_mkwrite(mk_pte(page, PAGE_COPY))));
124 spin_unlock(&tsk->mm->page_table_lock);
125 @@ -323,11 +322,10 @@
126 mpnt->vm_end = STACK_TOP;
127 mpnt->vm_flags = VM_STACK_FLAGS;
129 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
130 - if (!(current->flags & PF_PAX_PAGEEXEC))
131 +if(grsec_pax_pageexec)
132 + {if (!(current->flags & PF_PAX_PAGEEXEC))
133 mpnt->vm_page_prot = protection_map[(mpnt->vm_flags | VM_EXEC) & 0x0f];
137 mpnt->vm_page_prot = protection_map[mpnt->vm_flags & 0x0f];
140 @@ -578,29 +576,23 @@
142 current->comm[i] = '\0';
144 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
145 +if(grsec_pax_pageexec)
146 current->flags &= ~PF_PAX_PAGEEXEC;
149 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
150 +if(grsec_pax_emutramp)
151 current->flags &= ~PF_PAX_EMUTRAMP;
154 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
155 +if(grsec_pax_mprotect)
156 current->flags &= ~PF_PAX_MPROTECT;
159 -#ifdef CONFIG_GRKERNSEC_PAX_ASLR
161 current->flags &= ~PF_PAX_RANDMMAP;
164 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
165 +if(grsec_pax_randexec)
166 current->flags &= ~PF_PAX_RANDEXEC;
169 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
170 +if(grsec_pax_segmexec)
171 current->flags &= ~PF_PAX_SEGMEXEC;
176 --- linux-2.4.19/fs/binfmt_elf.c.org Tue Oct 1 08:24:12 2002
177 +++ linux-2.4.19/fs/binfmt_elf.c Wed Oct 2 09:23:08 2002
179 struct exec interp_ex;
180 char passed_fileno[6];
182 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
183 +if(grsec_pax_randexec)
184 unsigned long load_addr_random = 0UL;
187 /* Get the exec-header */
188 elf_ex = *((struct elfhdr *) bprm->buf);
189 @@ -605,30 +604,30 @@
190 current->mm->end_code = 0;
191 current->mm->mmap = NULL;
193 -#ifdef CONFIG_GRKERNSEC_PAX_ASLR
195 current->mm->delta_mmap = 0UL;
196 current->mm->delta_exec = 0UL;
197 current->mm->delta_stack = 0UL;
201 current->flags &= ~PF_FORKNOEXEC;
203 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
204 +if(grsec_pax_pageexec){
205 if (!(elf_ex.e_flags & EF_PAX_PAGEEXEC))
206 current->flags |= PF_PAX_PAGEEXEC;
210 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
211 +if(grsec_pax_emutramp){
212 if (elf_ex.e_flags & EF_PAX_EMUTRAMP)
213 current->flags |= PF_PAX_EMUTRAMP;
217 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
218 +if(grsec_pax_mprotect){
219 if (!(elf_ex.e_flags & EF_PAX_MPROTECT))
220 current->flags |= PF_PAX_MPROTECT;
224 -#ifdef CONFIG_GRKERNSEC_PAX_ASLR
226 if (!(elf_ex.e_flags & EF_PAX_RANDMMAP)) {
228 current->flags |= PF_PAX_RANDMMAP;
229 @@ -646,27 +645,27 @@
230 current->mm->delta_stack = pax_delta_mask(delta, PAGE_SHIFT);
231 #undef pax_delta_mask
236 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
237 +if(grsec_pax_segmexec){
238 if (!(elf_ex.e_flags & EF_PAX_SEGMEXEC)) {
239 current->flags &= ~PF_PAX_PAGEEXEC;
240 current->flags |= PF_PAX_SEGMEXEC;
242 -#ifdef CONFIG_GRKERNSEC_PAX_ASLR
244 current->mm->delta_mmap &= 0x07FFFFFFUL;
245 current->mm->delta_exec &= 0x07FFFFFFUL;
246 current->mm->delta_stack &= 0x07FFFFFFUL;
254 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
255 +if(grsec_pax_randexec){
256 if ((elf_ex.e_flags & EF_PAX_RANDEXEC) && (elf_ex.e_type == ET_EXEC) &&
257 (current->flags & (PF_PAX_PAGEEXEC | PF_PAX_SEGMEXEC)))
258 current->flags |= PF_PAX_RANDEXEC;
262 elf_entry = (unsigned long) elf_ex.e_entry;
268 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
269 +if(grsec_pax_randexec){
270 if ((current->flags & PF_PAX_RANDEXEC) && (elf_ex.e_type == ET_EXEC)) {
271 if (current->flags & PF_PAX_PAGEEXEC)
272 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot & ~PROT_EXEC, elf_flags);
274 /* PaX: mirror at a randomized base */
275 down_write(¤t->mm->mmap_sem);
277 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
278 +if(grsec_pax_segmexec){
279 if (current->flags & PF_PAX_SEGMEXEC) {
280 if (elf_prot & PROT_EXEC) {
281 load_addr_random = do_mmap_pgoff(NULL, 0UL, elf_ppnt->p_memsz, PROT_NONE, MAP_PRIVATE, 0UL);
282 @@ -759,13 +758,13 @@
284 load_addr_random = do_mmap_pgoff(NULL, 0UL, 0UL, elf_prot, MAP_PRIVATE | MAP_MIRROR | MAP_MIRROR2, error);
288 load_addr_random = do_mmap_pgoff(NULL, 0UL, 0UL, elf_prot, MAP_PRIVATE | MAP_MIRROR2, error);
289 up_write(¤t->mm->mmap_sem);
290 if (BAD_ADDR(load_addr_random))
296 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags);
299 load_addr += load_bias;
302 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
303 +if(grsec_pax_randexec){
304 current->mm->delta_exec = load_addr_random - load_addr;
309 k = elf_ppnt->p_vaddr;
310 if (k < start_code) start_code = k;
311 --- linux-2.4.19/fs/binfmt_aout.c.org Tue Oct 1 08:24:12 2002
312 +++ linux-2.4.19/fs/binfmt_aout.c Wed Oct 2 09:25:46 2002
313 @@ -315,22 +315,22 @@
315 current->flags &= ~PF_FORKNOEXEC;
317 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
318 +if(grsec_pax_pageexec){
319 if (!(N_FLAGS(ex) & F_PAX_PAGEEXEC)) {
320 current->flags |= PF_PAX_PAGEEXEC;
322 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
323 +if(grsec_pax_emutramp){
324 if (N_FLAGS(ex) & F_PAX_EMUTRAMP)
325 current->flags |= PF_PAX_EMUTRAMP;
329 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
330 +if(grsec_pax_mprotect){
331 if (!(N_FLAGS(ex) & F_PAX_MPROTECT))
332 current->flags |= PF_PAX_MPROTECT;
341 if (N_MAGIC(ex) == NMAGIC) {
342 --- linux-2.4.19/mm/mprotect.c.org Tue Oct 1 08:24:13 2002
343 +++ linux-2.4.19/mm/mprotect.c Wed Oct 2 09:30:47 2002
345 #include <linux/shm.h>
346 #include <linux/mman.h>
348 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
349 +if(grsec_pax_mprotect){
350 #include <linux/elf.h>
351 #include <linux/fs.h>
355 #include <asm/uaccess.h>
356 #include <asm/pgalloc.h>
357 @@ -252,11 +252,11 @@
361 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
362 +if(grsec_pax_pageexec){
363 if (!(current->flags & PF_PAX_PAGEEXEC) && (newflags & (VM_READ|VM_WRITE)))
364 newprot = protection_map[(newflags | VM_EXEC) & 0xf];
368 newprot = protection_map[newflags & 0xf];
369 if (start == vma->vm_start) {
370 if (end == vma->vm_end)
375 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
376 +if(grsec_pax_mprotect){
377 /* PaX: non-PIC ELF libraries need relocations on their executable segments
378 * therefore we'll grant them VM_MAYWRITE once during their life.
381 } while (dyn.d_tag != DT_NULL);
387 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
388 +if(grsec_pax_segmexec){
389 static long __sys_mprotect(unsigned long start, size_t len, unsigned long prot);
391 asmlinkage long sys_mprotect(unsigned long start, size_t len, unsigned long prot)
395 static long __sys_mprotect(unsigned long start, size_t len, unsigned long prot)
398 asmlinkage long sys_mprotect(unsigned long start, size_t len, unsigned long prot)
402 unsigned long nstart, end, tmp;
403 struct vm_area_struct * vma, * next, * prev;
404 @@ -371,19 +371,19 @@
408 -#ifndef CONFIG_GRKERNSEC_PAX_SEGMEXEC
409 +if(grsec_pax_segmexec){
410 down_write(¤t->mm->mmap_sem);
414 vma = find_vma_prev(current->mm, start, &prev);
416 if (!vma || vma->vm_start > start)
419 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
420 +if(grsec_pax_mprotect){
421 if ((current->flags & PF_PAX_MPROTECT) && (prot & PROT_WRITE))
422 pax_handle_maywrite(vma, start);
426 for (nstart = start ; ; ) {
427 unsigned int newflags;
428 @@ -397,12 +397,12 @@
432 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
433 +if(grsec_pax_mprotect){
434 /* PaX: disallow write access after relocs are done, hopefully noone else needs it... */
435 if ((current->flags & PF_PAX_MPROTECT) && (prot & PROT_WRITE) && (vma->vm_flags & VM_MAYNOTWRITE)) {
436 newflags &= ~VM_MAYWRITE;
440 if (vma->vm_ops && vma->vm_ops->mprotect) {
441 error = vma->vm_ops->mprotect(vma, newflags);
447 -#ifndef CONFIG_GRKERNSEC_PAX_SEGMEXEC
448 +if(grsec_pax_segmexec){
449 up_write(¤t->mm->mmap_sem);
455 --- linux-2.4.19/mm/mmap.c.org Tue Oct 1 08:24:13 2002
456 +++ linux-2.4.19/mm/mmap.c Wed Oct 2 09:41:32 2002
457 @@ -209,13 +209,13 @@
458 _trans(prot, PROT_EXEC, VM_EXEC);
461 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
462 +if(grsec_pax_segmexec){
463 _trans(flags, MAP_MIRROR, VM_MIRROR) |
467 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
468 +if(grsec_pax_randexec){
469 _trans(flags, MAP_MIRROR2, VM_MIRROR2) |
473 _trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN) |
474 _trans(flags, MAP_DENYWRITE, VM_DENYWRITE) |
475 @@ -417,13 +417,13 @@
479 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
480 +if(grsec_pax_segmexec){
481 (flags & MAP_MIRROR) ||
485 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
486 +if(grsec_pax_randexec){
487 (flags & MAP_MIRROR2)
493 @@ -437,13 +437,13 @@
495 vma_m->vm_start != pgoff ||
497 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
498 +if(grsec_pax_segmexec){
499 (vma_m->vm_flags & (VM_MIRROR | VM_MIRRORED)) ||
503 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
504 +if(grsec_pax_randexec){
505 (vma_m->vm_flags & (VM_MIRROR2 | VM_MIRRORED2)) ||
509 (vma_m->vm_flags & (VM_MIRROR | VM_MIRRORED)) ||
510 (!(vma_m->vm_flags & VM_WRITE) && (prot & PROT_WRITE)))
511 @@ -484,47 +484,47 @@
513 vm_flags = calc_vm_flags(prot,flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC;
515 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
516 +if(grsec_pax_pageexec){
517 if (current->flags & PF_PAX_PAGEEXEC) {
519 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
520 +if(grsec_pax_randexec){
521 if (!file && !(flags & MAP_MIRROR2))
527 vm_flags &= ~VM_EXEC;
529 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
530 +if(grsec_pax_mprotect){
532 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
533 +if(grsec_pax_randexec)
534 if ((current->flags & PF_PAX_MPROTECT) && ((!file && !(flags & MAP_MIRROR2)) || !(prot & PROT_EXEC)))
537 if ((current->flags & PF_PAX_MPROTECT) && (!file || !(prot & PROT_EXEC)))
540 vm_flags &= ~VM_MAYEXEC;
542 if ((current->flags & PF_PAX_MPROTECT) && file && (prot & PROT_EXEC))
543 vm_flags &= ~VM_MAYWRITE;
551 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
552 +if(grsec_pax_segmexec){
553 if (current->flags & PF_PAX_SEGMEXEC) {
554 if (!file && !(flags & MAP_MIRROR))
555 vm_flags &= ~VM_EXEC;
557 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
558 +if(grsec_pax_mprotect){
559 if ((current->flags & PF_PAX_MPROTECT) && ((!file && !(flags & MAP_MIRROR)) || !(prot & PROT_EXEC)))
560 vm_flags &= ~VM_MAYEXEC;
562 if ((current->flags & PF_PAX_MPROTECT) && file && (prot & PROT_EXEC))
563 vm_flags &= ~VM_MAYWRITE;
571 /* mlock MCL_FUTURE? */
572 if (vm_flags & VM_LOCKED) {
573 @@ -626,11 +626,11 @@
574 vma->vm_end = addr + len;
575 vma->vm_flags = vm_flags;
577 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
578 +if(grsec_pax_pageexec){
579 if ((file || !(current->flags & PF_PAX_PAGEEXEC)) && (vm_flags & (VM_READ|VM_WRITE)))
580 vma->vm_page_prot = protection_map[(vm_flags | VM_EXEC) & 0x0f];
585 vma->vm_page_prot = protection_map[vm_flags & 0x0f];
587 @@ -660,15 +660,15 @@
591 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
592 +if(grsec_pax_segmexec){
593 if (flags & MAP_MIRROR)
594 vma_m->vm_flags |= VM_MIRRORED;
598 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
599 +if(grsec_pax_randexec){
600 if (flags & MAP_MIRROR2)
601 vma_m->vm_flags |= VM_MIRRORED2;
605 /* Can addr have changed??
607 @@ -741,11 +741,10 @@
609 struct vm_area_struct *vma;
611 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
612 +if(grsec_pax_segmexec){
613 if ((current->flags & PF_PAX_SEGMEXEC) && len > TASK_SIZE/2)
621 @@ -754,10 +753,10 @@
622 addr = PAGE_ALIGN(addr);
623 vma = find_vma(current->mm, addr);
625 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
626 +if(grsec_pax_segmexec){
627 if ((current->flags & PF_PAX_SEGMEXEC) && TASK_SIZE/2-len < addr)
632 if (TASK_SIZE - len >= addr &&
633 (!vma || addr + len <= vma->vm_start))
634 @@ -774,11 +773,11 @@
635 for (vma = find_vma(current->mm, addr); ; vma = vma->vm_next) {
636 /* At this point: (!vma || addr < vma->vm_end). */
638 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
639 +if(grsec_pax_segmexec){
640 if ((current->flags & PF_PAX_SEGMEXEC) && TASK_SIZE/2-len < addr)
646 if (TASK_SIZE - len < addr)
648 @@ -1168,21 +1167,21 @@
650 down_write(&mm->mmap_sem);
652 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
653 +if(grsec_pax_segmexec){
654 if ((current->flags & PF_PAX_SEGMEXEC) &&
655 (len > TASK_SIZE/2 || addr > TASK_SIZE/2-len))
660 ret = do_munmap(mm, addr, len);
662 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
663 +if(grsec_pax_segmexec){
664 if ((current->flags & PF_PAX_SEGMEXEC) && !ret) {
665 int ret_m = do_munmap(mm, addr + TASK_SIZE/2, len);
672 up_write(&mm->mmap_sem);
674 @@ -1244,10 +1243,10 @@
675 if (current->flags & (PF_PAX_PAGEEXEC | PF_PAX_SEGMEXEC))
678 -#ifdef CONFIG_GRKERNSEC_PAX_MPROTECT
679 +if(grsec_pax_mprotect){
680 if (current->flags & PF_PAX_MPROTECT)
681 flags &= ~VM_MAYEXEC;
686 /* Can we just expand an old anonymous mapping? */
687 @@ -1266,11 +1265,10 @@
688 vma->vm_end = addr + len;
689 vma->vm_flags = flags;
691 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
692 +if(grsec_pax_pageexec){
693 if (!(current->flags & PF_PAX_PAGEEXEC) && (flags & (VM_READ|VM_WRITE)))
694 vma->vm_page_prot = protection_map[(flags | VM_EXEC) & 0x0f];
698 vma->vm_page_prot = protection_map[flags & 0x0f];
701 --- linux-2.4.19/mm/filemap.c.org Tue Oct 1 08:24:13 2002
702 +++ linux-2.4.19/mm/filemap.c Wed Oct 2 09:42:41 2002
703 @@ -2180,10 +2180,10 @@
704 if (!mapping->a_ops->readpage)
707 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
708 +if(grsec_pax_pageexec){
709 if (current->flags & PF_PAX_PAGEEXEC)
710 vma->vm_page_prot = protection_map[vma->vm_flags & 0x0f];
715 vma->vm_ops = &generic_file_vm_ops;
716 --- linux-2.4.19/arch/i386/mm/fault.c.org Tue Oct 1 08:24:12 2002
717 +++ linux-2.4.19/arch/i386/mm/fault.c Wed Oct 2 09:49:58 2002
718 @@ -143,11 +143,11 @@
719 * bit 1 == 0 means read, 1 means write
720 * bit 2 == 0 means kernel, 1 means user-mode
722 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
723 +if(grsec_pax_pageexec){
724 asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long error_code, unsigned long address)
727 asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long error_code)
731 struct task_struct *tsk;
732 struct mm_struct *mm;
733 @@ -283,21 +283,21 @@
735 /* User mode accesses just cause a SIGSEGV */
736 if (error_code & 4) {
737 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
738 +if(grsec_pax_segmexec){
739 if (current->flags & PF_PAX_SEGMEXEC) {
741 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
742 +if(grsec_pax_randexec){
743 if ((error_code == 4) && (regs->eip + TASK_SIZE/2 == address) &&
744 pax_handle_read_fault(regs) == 5)
749 if (address >= TASK_SIZE/2) {
750 pax_report_fault(regs);
757 tsk->thread.cr2 = address;
758 tsk->thread.error_code = error_code;
763 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
764 +if(grsec_pax_pageexec){
765 /* PaX: called with the page_table_lock spinlock held */
766 static inline pte_t * pax_get_pte(struct mm_struct *mm, unsigned long address)
770 return pte_offset(pmd, address);
776 * PaX: decide what to do with offenders (regs->eip = fault address)
777 @@ -459,12 +459,12 @@
778 #if defined(CONFIG_GRKERNSEC_PAX_PAGEEXEC) || defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC)
779 static int pax_handle_read_fault(struct pt_regs *regs)
781 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
782 +if(grsec_pax_emutramp){
783 static const unsigned char trans[8] = {6, 1, 2, 0, 13, 5, 3, 4};
788 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
789 +if(grsec_pax_randexec){
790 if (current->flags & PF_PAX_RANDEXEC) {
792 if (regs->eip >= current->mm->start_code &&
800 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
801 +if(grsec_pax_emutramp){
802 if (!(current->flags & PF_PAX_EMUTRAMP))
812 return 1; /* PaX in action */
818 -#ifdef CONFIG_GRKERNSEC_PAX_PAGEEXEC
819 +if(grsec_pax_pageexec){
821 * PaX: handle the extra page faults or pass it down to the original handler
823 @@ -670,19 +670,19 @@
824 /* instruction fetch attempt from a protected page in user mode */
825 ret = pax_handle_read_fault(regs);
827 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
828 +if(grsec_pax_randexec){
834 -#ifdef CONFIG_GRKERNSEC_PAX_EMUTRAMP
835 +if(grsec_pax_emutramp){
846 pax_report_fault(regs);
848 spin_unlock(&mm->page_table_lock);
853 --- linux-2.4.19/kernel/ptrace.c.org Tue Oct 1 08:24:13 2002
854 +++ linux-2.4.19/kernel/ptrace.c Wed Oct 2 09:52:40 2002
855 @@ -129,10 +129,10 @@
859 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
860 +if(grsec_pax_segmexec){
861 if ((tsk->flags & PF_PAX_SEGMEXEC) && (addr >= TASK_SIZE/2))
866 down_read(&mm->mmap_sem);
867 /* ignore errors, just check how much was sucessfully transfered */
868 --- linux-2.4.19/mm/memory.c.org Tue Oct 1 08:24:23 2002
869 +++ linux-2.4.19/mm/memory.c Wed Oct 2 09:57:25 2002
870 @@ -1374,43 +1374,43 @@
871 struct vm_area_struct * vma_m = NULL;
874 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
875 +if(grsec_pax_segmexec){
876 if (vma->vm_flags & VM_MIRRORED) {
880 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
881 +if(grsec_pax_randexec){
882 if (vma->vm_flags & VM_MIRRORED2) {
883 address += mm->delta_exec;
884 if (vma->vm_flags & VM_EXEC)
885 address += TASK_SIZE/2;
890 address += TASK_SIZE/2;
891 vma = find_vma(mm, address);
892 } else if (vma->vm_flags & VM_MIRROR) {
895 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
896 +if(grsec_pax_randexec){
897 if (vma->vm_flags & VM_MIRROR2) {
898 address_m -= mm->delta_exec;
899 if (vma->vm_flags & VM_EXEC)
900 address_m -= TASK_SIZE/2;
905 address_m -= TASK_SIZE/2;
906 vma_m = find_vma(mm, address_m);
911 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
912 +if(grsec_pax_randexec){
913 if (vma && (vma->vm_flags & (VM_MIRROR2 | VM_MIRRORED2))
915 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
916 +if(grsec_pax_segmexec){
917 && !(vma->vm_flags & (VM_MIRROR | VM_MIRRORED))
923 @@ -1424,19 +1424,19 @@
924 vma_m = find_vma(mm, address_m);
930 /* PaX: sanity checks, to be removed when proved to be stable */
931 #if defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC) || defined(CONFIG_GRKERNSEC_PAX_RANDEXEC)
934 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
935 +if(grsec_pax_segmexec){
936 || (vma->vm_flags & VM_MIRROR)
940 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
941 +if(grsec_pax_randexec){
942 || (vma->vm_flags & VM_MIRROR2)
947 if (!vma || !vma_m) {
948 @@ -1445,17 +1445,17 @@
952 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
953 +if(grsec_pax_segmexec){
954 (!(vma_m->vm_flags & VM_MIRRORED) &&
961 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
962 +if(grsec_pax_randexec){
963 !(vma_m->vm_flags & VM_MIRRORED2)) ||
970 vma->vm_start > address ||
971 vma_m->vm_start > address_m ||
972 @@ -1483,17 +1483,17 @@
974 #if defined(CONFIG_GRKERNSEC_PAX_SEGMEXEC) || defined(CONFIG_GRKERNSEC_PAX_RANDEXEC)
976 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
977 +if(grsec_pax_segmexec){
979 -#ifdef CONFIG_GRKERNSEC_PAX_RANDEXEC
980 +if(grsec_pax_randexec){
981 && (vma->vm_flags & (VM_MIRROR | VM_MIRROR2))
984 && (vma->vm_flags & VM_MIRROR)
990 && (vma->vm_flags & VM_MIRROR2)
996 --- linux-2.4.19/mm/mremap.c.org Tue Oct 1 08:24:13 2002
997 +++ linux-2.4.19/mm/mremap.c Wed Oct 2 09:58:45 2002
998 @@ -227,11 +227,11 @@
999 old_len = PAGE_ALIGN(old_len);
1000 new_len = PAGE_ALIGN(new_len);
1002 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
1003 +if(grsec_pax_segmexec){
1004 if ((current->flags & PF_PAX_SEGMEXEC) && (flags & MREMAP_FIXED) &&
1005 (new_len > TASK_SIZE/2 || new_addr > TASK_SIZE/2-new_len))
1010 /* new_addr is only valid if MREMAP_FIXED is specified */
1011 if (flags & MREMAP_FIXED) {
1012 @@ -274,10 +274,10 @@
1013 if (!vma || vma->vm_start > addr)
1016 -#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
1017 +if(grsec_pax_segmexec){
1018 if ((current->flags & PF_PAX_SEGMEXEC) && (vma->vm_flags & VM_MIRRORED))
1023 /* We can't remap across vm area boundaries */
1024 if (old_len > vma->vm_end - addr)