rpms/kernel/devel kernel.spec, 1.435, 1.436 linux-2.6-execshield.patch, 1.83, 1.84

Dave Jones (davej) fedora-extras-commits at redhat.com
Mon Feb 18 16:55:21 UTC 2008 

Author: davej

Update of /cvs/pkgs/rpms/kernel/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31709

Modified Files:
	kernel.spec linux-2.6-execshield.patch 
Log Message:
* Mon Feb 18 2008 Dave Jones <davej at redhat.com>
- More exec-sheild cleanup.



Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/kernel.spec,v
retrieving revision 1.435
retrieving revision 1.436
diff -u -r1.435 -r1.436
--- kernel.spec	18 Feb 2008 02:38:36 -0000	1.435
+++ kernel.spec	18 Feb 2008 16:54:29 -0000	1.436
@@ -1737,6 +1737,9 @@
 %kernel_variant_files -a /%{image_install_path}/xen*-%{KVERREL} -e /etc/ld.so.conf.d/kernelcap-%{KVERREL}.conf %{with_xen} xen
 
 %changelog
+* Mon Feb 18 2008 Dave Jones <davej at redhat.com>
+- More exec-sheild cleanup.
+
 * Sun Feb 17 2008 Chuck Ebbert <cebbert at redhat.com>
 - Fix Powerbook function keys on x86-64.
 

linux-2.6-execshield.patch:

Index: linux-2.6-execshield.patch
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/linux-2.6-execshield.patch,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -r1.83 -r1.84
--- linux-2.6-execshield.patch	15 Feb 2008 21:59:01 -0000	1.83
+++ linux-2.6-execshield.patch	18 Feb 2008 16:54:29 -0000	1.84
@@ -30,11 +30,15 @@
  
  	/* we're going to use this soon, after a few expensive things */
  	if (next_p->fpu_counter > 5)
-@@ -842,8 +843,58 @@ unsigned long arch_align_stack(unsigned long sp)
- 	return sp & ~0xf;
+diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
+index a7d50a5..86e35cb 100644
+--- a/arch/x86/kernel/process_32.c
++++ b/arch/x86/kernel/process_32.c
+@@ -847,3 +847,42 @@ unsigned long arch_randomize_brk(struct mm_struct *mm)
+ 	unsigned long range_end = mm->brk + 0x02000000;
+ 	return randomize_range(mm->brk, range_end, 0) ? : mm->brk;
  }
- 
--unsigned long arch_randomize_brk(struct mm_struct *mm)
++
 +void arch_add_exec_range(struct mm_struct *mm, unsigned long limit)
 +{
 +	if (limit > mm->context.exec_limit) {
@@ -49,9 +53,7 @@
 +}
 +
 +void arch_remove_exec_range(struct mm_struct *mm, unsigned long old_end)
- {
--	unsigned long range_end = mm->brk + 0x02000000;
--	return randomize_range(mm->brk, range_end, 0) ? : mm->brk;
++{
 +	struct vm_area_struct *vma;
 +	unsigned long limit = PAGE_SIZE;
 +
@@ -75,23 +77,6 @@
 +	mm->context.exec_limit = 0;
 +	set_user_cs(&mm->context.user_cs, 0);
 +}
-+
-+/*
-+ * Generate random brk address between 128MB and 196MB. (if the layout
-+ * allows it.)
-+ */
-+void randomize_brk(unsigned long old_brk)
-+{
-+	unsigned long new_brk, range_start, range_end;
-+
-+	range_start = 0x08000000;
-+	if (current->mm->brk >= range_start)
-+		range_start = current->mm->brk;
-+	range_end = range_start + 0x02000000;
-+	new_brk = randomize_range(range_start, range_end, 0);
-+	if (new_brk)
-+		current->mm->brk = new_brk;
- }
 diff --git a/arch/x86/kernel/setup64.c b/arch/x86/kernel/setup64.c
 index 309366f..8a940dc 100644
 --- a/arch/x86/kernel/setup64.c
@@ -406,24 +391,6 @@
  
  static int set_brk(unsigned long start, unsigned long end)
  {
-@@ -544,7 +544,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
- 	unsigned long start_code, end_code, start_data, end_data;
- 	unsigned long reloc_func_desc = 0;
- 	struct files_struct *files;
--	int executable_stack = EXSTACK_DEFAULT;
-+	int executable_stack;
- 	unsigned long def_flags = 0;
- 	struct {
- 		struct elfhdr elf_ex;
-@@ -611,6 +611,8 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
- 	fd_install(elf_exec_fileno = retval, bprm->file);
- 
- 	elf_ppnt = elf_phdata;
-+	executable_stack = EXSTACK_DEFAULT;
-+
- 	elf_bss = 0;
- 	elf_brk = 0;
- 
 @@ -709,6 +711,11 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
  			break;
  		}
@@ -471,45 +438,6 @@
  			/*
  			 * load_elf_interp() returns relocation
  			 * adjustment
-@@ -934,20 +953,21 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
- 		}
- 	}
- 
--	kfree(elf_phdata);
--
- 	sys_close(elf_exec_fileno);
- 
- 	set_binfmt(&elf_format);
- 
- #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
- 	retval = arch_setup_additional_pages(bprm, executable_stack);
-+
- 	if (retval < 0) {
- 		send_sig(SIGKILL, current, 0);
--		goto out;
-+		goto out_free_fh;
- 	}
- #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
- 
-+	kfree(elf_phdata);
-+
- 	compute_creds(bprm);
- 	current->flags &= ~PF_FORKNOEXEC;
- 	retval = create_elf_tables(bprm, &loc->elf_ex,
-@@ -963,10 +983,9 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
- 	current->mm->end_data = end_data;
- 	current->mm->start_stack = bprm->p;
- 
--#ifdef arch_randomize_brk
--	if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1))
--		current->mm->brk = current->mm->start_brk =
--			arch_randomize_brk(current->mm);
-+#ifdef __HAVE_ARCH_RANDOMIZE_BRK
-+	if (current->flags & PF_RANDOMIZE)
-+		randomize_brk(elf_brk);
- #endif
- 
- 	if (current->personality & MMAP_PAGE_ZERO) {
 diff --git a/fs/proc/array.c b/fs/proc/array.c
 index 07d6c48..46adc3b 100644
 --- a/fs/proc/array.c
@@ -529,109 +457,6 @@
  	if (!whole) {
  		min_flt = task->min_flt;
  		maj_flt = task->maj_flt;
-diff --git a/fs/proc/base.c b/fs/proc/base.c
-index 7c6b4ec..877d0a2 100644
---- a/fs/proc/base.c
-+++ b/fs/proc/base.c
-@@ -2290,7 +2290,7 @@ static const struct pid_entry tgid_base_stuff[] = {
- 	INF("cmdline",    S_IRUGO, pid_cmdline),
- 	ONE("stat",       S_IRUGO, tgid_stat),
- 	ONE("statm",      S_IRUGO, pid_statm),
--	REG("maps",       S_IRUGO, maps),
-+	REG("maps",       S_IRUSR, maps),
- #ifdef CONFIG_NUMA
- 	REG("numa_maps",  S_IRUGO, numa_maps),
- #endif
-@@ -2302,7 +2302,7 @@ static const struct pid_entry tgid_base_stuff[] = {
- 	REG("mountstats", S_IRUSR, mountstats),
- #ifdef CONFIG_PROC_PAGE_MONITOR
- 	REG("clear_refs", S_IWUSR, clear_refs),
--	REG("smaps",      S_IRUGO, smaps),
-+	REG("smaps",      S_IRUSR, smaps),
- 	REG("pagemap",    S_IRUSR, pagemap),
- #endif
- #ifdef CONFIG_SECURITY
-@@ -2621,7 +2621,7 @@ static const struct pid_entry tid_base_stuff[] = {
- 	INF("cmdline",   S_IRUGO, pid_cmdline),
- 	ONE("stat",      S_IRUGO, tid_stat),
- 	ONE("statm",     S_IRUGO, pid_statm),
--	REG("maps",      S_IRUGO, maps),
-+	REG("maps",      S_IRUSR, maps),
- #ifdef CONFIG_NUMA
- 	REG("numa_maps", S_IRUGO, numa_maps),
- #endif
-@@ -2632,7 +2632,7 @@ static const struct pid_entry tid_base_stuff[] = {
- 	REG("mounts",    S_IRUGO, mounts),
- #ifdef CONFIG_PROC_PAGE_MONITOR
- 	REG("clear_refs", S_IWUSR, clear_refs),
--	REG("smaps",     S_IRUGO, smaps),
-+	REG("smaps",     S_IRUSR, smaps),
- 	REG("pagemap",    S_IRUSR, pagemap),
- #endif
- #ifdef CONFIG_SECURITY
-diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
-index ae4d3f2..9a838b8 100644
---- a/fs/proc/task_mmu.c
-+++ b/fs/proc/task_mmu.c
-@@ -48,7 +48,11 @@ void task_mem(struct seq_file *m, struct mm_struct *mm)
- 		"VmStk:\t%8lu kB\n"
- 		"VmExe:\t%8lu kB\n"
- 		"VmLib:\t%8lu kB\n"
--		"VmPTE:\t%8lu kB\n",
-+		"VmPTE:\t%8lu kB\n"
-+		"StaBrk:\t%08lx kB\n"
-+		"Brk:\t%08lx kB\n"
-+		"StaStk:\t%08lx kB\n"
-+		,
- 		hiwater_vm << (PAGE_SHIFT-10),
- 		(total_vm - mm->reserved_vm) << (PAGE_SHIFT-10),
- 		mm->locked_vm << (PAGE_SHIFT-10),
-@@ -56,7 +60,12 @@ void task_mem(struct seq_file *m, struct mm_struct *mm)
- 		total_rss << (PAGE_SHIFT-10),
- 		data << (PAGE_SHIFT-10),
- 		mm->stack_vm << (PAGE_SHIFT-10), text, lib,
--		(PTRS_PER_PTE*sizeof(pte_t)*mm->nr_ptes) >> 10);
-+		(PTRS_PER_PTE*sizeof(pte_t)*mm->nr_ptes) >> 10,
-+		mm->start_brk, mm->brk, mm->start_stack);
-+#ifdef CONFIG_X86_32
-+	if (!nx_enabled)
-+		seq_printf(m, "ExecLim:\t%08lx\n", mm->context.exec_limit);
-+#endif
- }
- 
- unsigned long task_vsize(struct mm_struct *mm)
-@@ -238,6 +247,9 @@ static int show_map(struct seq_file *m, void *v)
- {
- 	struct proc_maps_private *priv = m->private;
- 	struct task_struct *task = priv->task;
-+#ifdef CONFIG_X86_32
-+	struct mm_struct *tmm = get_task_mm(task);
-+#endif
- 	struct vm_area_struct *vma = v;
- 	struct mm_struct *mm = vma->vm_mm;
- 	struct file *file = vma->vm_file;
-@@ -260,10 +272,20 @@ static int show_map(struct seq_file *m, void *v)
- 			vma->vm_end,
- 			flags & VM_READ ? 'r' : '-',
- 			flags & VM_WRITE ? 'w' : '-',
--			flags & VM_EXEC ? 'x' : '-',
-+			(flags & VM_EXEC
-+#ifdef CONFIG_X86_32
-+				|| (!nx_enabled && tmm &&
-+				(vma->vm_start < tmm->context.exec_limit))
-+#endif
-+			)
-+				? 'x' : '-',
- 			flags & VM_MAYSHARE ? 's' : 'p',
- 			vma->vm_pgoff << PAGE_SHIFT,
- 			MAJOR(dev), MINOR(dev), ino, &len);
-+#ifdef CONFIG_X86_32
-+	if (tmm)
-+		mmput(tmm);
-+#endif
- 
- 	/*
- 	 * Print the dentry name for named mappings, and a
 diff --git a/include/asm-ia64/pgalloc.h b/include/asm-ia64/pgalloc.h
 index b9ac1a6..24f183a 100644
 --- a/include/asm-ia64/pgalloc.h
@@ -766,18 +591,6 @@
  
  #endif /* !CONFIG_X86_32 */
  
-@@ -317,7 +315,9 @@ extern int arch_setup_additional_pages(struct linux_binprm *bprm,
- extern int syscall32_setup_pages(struct linux_binprm *, int exstack);
- #define compat_arch_setup_additional_pages	syscall32_setup_pages
- 
--extern unsigned long arch_randomize_brk(struct mm_struct *mm);
--#define arch_randomize_brk arch_randomize_brk
-+#ifdef CONFIG_X86_32
-+#define __HAVE_ARCH_RANDOMIZE_BRK
-+extern void randomize_brk(unsigned long old_brk);
-+#endif
- 
- #endif
 diff --git a/include/asm-x86/mmu.h b/include/asm-x86/mmu.h
 index efa962c..db9b109 100644
 --- a/include/asm-x86/mmu.h

More information about the fedora-extras-commits mailing list