diff options
-rw-r--r-- | 2.6.32/0000_README | 2 | ||||
-rw-r--r-- | 2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch (renamed from 2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch) | 664 | ||||
-rw-r--r-- | 2.6.39/0000_README | 2 | ||||
-rw-r--r-- | 2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch (renamed from 2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch) | 247 |
4 files changed, 832 insertions, 83 deletions
diff --git a/2.6.32/0000_README b/2.6.32/0000_README index 03320de..73ac723 100644 --- a/2.6.32/0000_README +++ b/2.6.32/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch +Patch: 4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch index d0d2a83..568fb06 100644 --- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201106281648.patch +++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.42-201107011911.patch @@ -325,8 +325,43 @@ diff -urNp linux-2.6.32.42/arch/arm/include/asm/kmap_types.h linux-2.6.32.42/arc diff -urNp linux-2.6.32.42/arch/arm/include/asm/uaccess.h linux-2.6.32.42/arch/arm/include/asm/uaccess.h --- linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-04-17 15:56:45.000000000 -0400 -@@ -403,6 +403,9 @@ extern unsigned long __must_check __strn ++++ linux-2.6.32.42/arch/arm/include/asm/uaccess.h 2011-06-29 21:02:24.000000000 -0400 +@@ -22,6 +22,8 @@ + #define VERIFY_READ 0 + #define VERIFY_WRITE 1 + ++extern void check_object_size(const void *ptr, unsigned long n, bool to); ++ + /* + * The exception table consists of pairs of addresses: the first is the + * address of an instruction that is allowed to fault, and the second is +@@ -387,8 +389,23 @@ do { \ + + + #ifdef CONFIG_MMU +-extern unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n); +-extern unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n); ++extern unsigned long __must_check ___copy_from_user(void *to, const void __user *from, unsigned long n); ++extern unsigned long __must_check ___copy_to_user(void __user *to, const void *from, unsigned long n); ++ ++static inline unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n) ++{ ++ if (!__builtin_constant_p(n)) ++ check_object_size(to, n, false); ++ return ___copy_from_user(to, from, n); ++} ++ ++static inline unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n) ++{ ++ if (!__builtin_constant_p(n)) ++ check_object_size(from, n, true); ++ return ___copy_to_user(to, from, n); ++} ++ + extern unsigned long __must_check __copy_to_user_std(void __user *to, const void *from, unsigned long n); + extern unsigned long __must_check __clear_user(void __user *addr, unsigned long n); + extern unsigned long __must_check __clear_user_std(void __user *addr, unsigned long n); +@@ -403,6 +420,9 @@ extern unsigned long __must_check __strn static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) { @@ -336,7 +371,7 @@ diff -urNp linux-2.6.32.42/arch/arm/include/asm/uaccess.h linux-2.6.32.42/arch/a if (access_ok(VERIFY_READ, from, n)) n = __copy_from_user(to, from, n); else /* security hole - plug it */ -@@ -412,6 +415,9 @@ static inline unsigned long __must_check +@@ -412,6 +432,9 @@ static inline unsigned long __must_check static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) { @@ -379,6 +414,126 @@ diff -urNp linux-2.6.32.42/arch/arm/kernel/traps.c linux-2.6.32.42/arch/arm/kern do_exit(SIGSEGV); } +diff -urNp linux-2.6.32.42/arch/arm/lib/copy_from_user.S linux-2.6.32.42/arch/arm/lib/copy_from_user.S +--- linux-2.6.32.42/arch/arm/lib/copy_from_user.S 2011-03-27 14:31:47.000000000 -0400 ++++ linux-2.6.32.42/arch/arm/lib/copy_from_user.S 2011-06-29 20:48:38.000000000 -0400 +@@ -16,7 +16,7 @@ + /* + * Prototype: + * +- * size_t __copy_from_user(void *to, const void *from, size_t n) ++ * size_t ___copy_from_user(void *to, const void *from, size_t n) + * + * Purpose: + * +@@ -84,11 +84,11 @@ + + .text + +-ENTRY(__copy_from_user) ++ENTRY(___copy_from_user) + + #include "copy_template.S" + +-ENDPROC(__copy_from_user) ++ENDPROC(___copy_from_user) + + .section .fixup,"ax" + .align 0 +diff -urNp linux-2.6.32.42/arch/arm/lib/copy_to_user.S linux-2.6.32.42/arch/arm/lib/copy_to_user.S +--- linux-2.6.32.42/arch/arm/lib/copy_to_user.S 2011-03-27 14:31:47.000000000 -0400 ++++ linux-2.6.32.42/arch/arm/lib/copy_to_user.S 2011-06-29 20:46:49.000000000 -0400 +@@ -16,7 +16,7 @@ + /* + * Prototype: + * +- * size_t __copy_to_user(void *to, const void *from, size_t n) ++ * size_t ___copy_to_user(void *to, const void *from, size_t n) + * + * Purpose: + * +@@ -88,11 +88,11 @@ + .text + + ENTRY(__copy_to_user_std) +-WEAK(__copy_to_user) ++WEAK(___copy_to_user) + + #include "copy_template.S" + +-ENDPROC(__copy_to_user) ++ENDPROC(___copy_to_user) + + .section .fixup,"ax" + .align 0 +diff -urNp linux-2.6.32.42/arch/arm/lib/uaccess.S linux-2.6.32.42/arch/arm/lib/uaccess.S +--- linux-2.6.32.42/arch/arm/lib/uaccess.S 2011-03-27 14:31:47.000000000 -0400 ++++ linux-2.6.32.42/arch/arm/lib/uaccess.S 2011-06-29 20:48:53.000000000 -0400 +@@ -19,7 +19,7 @@ + + #define PAGE_SHIFT 12 + +-/* Prototype: int __copy_to_user(void *to, const char *from, size_t n) ++/* Prototype: int ___copy_to_user(void *to, const char *from, size_t n) + * Purpose : copy a block to user memory from kernel memory + * Params : to - user memory + * : from - kernel memory +@@ -39,7 +39,7 @@ USER( strgtbt r3, [r0], #1) @ May fau + sub r2, r2, ip + b .Lc2u_dest_aligned + +-ENTRY(__copy_to_user) ++ENTRY(___copy_to_user) + stmfd sp!, {r2, r4 - r7, lr} + cmp r2, #4 + blt .Lc2u_not_enough +@@ -277,14 +277,14 @@ USER( strgebt r3, [r0], #1) @ May fau + ldrgtb r3, [r1], #0 + USER( strgtbt r3, [r0], #1) @ May fault + b .Lc2u_finished +-ENDPROC(__copy_to_user) ++ENDPROC(___copy_to_user) + + .section .fixup,"ax" + .align 0 + 9001: ldmfd sp!, {r0, r4 - r7, pc} + .previous + +-/* Prototype: unsigned long __copy_from_user(void *to,const void *from,unsigned long n); ++/* Prototype: unsigned long ___copy_from_user(void *to,const void *from,unsigned long n); + * Purpose : copy a block from user memory to kernel memory + * Params : to - kernel memory + * : from - user memory +@@ -303,7 +303,7 @@ USER( ldrgtbt r3, [r1], #1) @ May fau + sub r2, r2, ip + b .Lcfu_dest_aligned + +-ENTRY(__copy_from_user) ++ENTRY(___copy_from_user) + stmfd sp!, {r0, r2, r4 - r7, lr} + cmp r2, #4 + blt .Lcfu_not_enough +@@ -543,7 +543,7 @@ USER( ldrgebt r3, [r1], #1) @ May fau + USER( ldrgtbt r3, [r1], #1) @ May fault + strgtb r3, [r0], #1 + b .Lcfu_finished +-ENDPROC(__copy_from_user) ++ENDPROC(___copy_from_user) + + .section .fixup,"ax" + .align 0 +diff -urNp linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c +--- linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c 2011-03-27 14:31:47.000000000 -0400 ++++ linux-2.6.32.42/arch/arm/lib/uaccess_with_memcpy.c 2011-06-29 20:44:35.000000000 -0400 +@@ -97,7 +97,7 @@ out: + } + + unsigned long +-__copy_to_user(void __user *to, const void *from, unsigned long n) ++___copy_to_user(void __user *to, const void *from, unsigned long n) + { + /* + * This test is stubbed out of the main function above to keep diff -urNp linux-2.6.32.42/arch/arm/mach-at91/pm.c linux-2.6.32.42/arch/arm/mach-at91/pm.c --- linux-2.6.32.42/arch/arm/mach-at91/pm.c 2011-03-27 14:31:47.000000000 -0400 +++ linux-2.6.32.42/arch/arm/mach-at91/pm.c 2011-04-17 15:56:45.000000000 -0400 @@ -6003,7 +6158,7 @@ diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_32.S linux-2.6.32.42/ar 2: diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_64.S linux-2.6.32.42/arch/x86/boot/compressed/head_64.S --- linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-04-17 15:56:46.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/boot/compressed/head_64.S 2011-07-01 18:53:00.000000000 -0400 @@ -91,7 +91,7 @@ ENTRY(startup_32) notl %eax andl %eax, %ebx @@ -6013,6 +6168,15 @@ diff -urNp linux-2.6.32.42/arch/x86/boot/compressed/head_64.S linux-2.6.32.42/ar #endif /* Target address to relocate to for decompression */ +@@ -183,7 +183,7 @@ no_longmode: + hlt + jmp 1b + +-#include "../../kernel/verify_cpu_64.S" ++#include "../../kernel/verify_cpu.S" + + /* + * Be careful here startup_64 needs to be at a predictable @@ -234,7 +234,7 @@ ENTRY(startup_64) notq %rax andq %rax, %rbp @@ -9945,7 +10109,7 @@ diff -urNp linux-2.6.32.42/arch/x86/include/asm/segment.h linux-2.6.32.42/arch/x #define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS* 8 + 3) diff -urNp linux-2.6.32.42/arch/x86/include/asm/smp.h linux-2.6.32.42/arch/x86/include/asm/smp.h --- linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-04-17 15:56:46.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/include/asm/smp.h 2011-07-01 19:00:40.000000000 -0400 @@ -24,7 +24,7 @@ extern unsigned int num_processors; DECLARE_PER_CPU(cpumask_var_t, cpu_sibling_map); DECLARE_PER_CPU(cpumask_var_t, cpu_core_map); @@ -9955,7 +10119,19 @@ diff -urNp linux-2.6.32.42/arch/x86/include/asm/smp.h linux-2.6.32.42/arch/x86/i static inline struct cpumask *cpu_sibling_mask(int cpu) { -@@ -175,14 +175,8 @@ extern unsigned disabled_cpus __cpuinitd +@@ -40,10 +40,7 @@ DECLARE_EARLY_PER_CPU(u16, x86_cpu_to_ap + DECLARE_EARLY_PER_CPU(u16, x86_bios_cpu_apicid); + + /* Static state in head.S used to set up a CPU */ +-extern struct { +- void *sp; +- unsigned short ss; +-} stack_start; ++extern unsigned long stack_start; /* Initial stack pointer address */ + + struct smp_ops { + void (*smp_prepare_boot_cpu)(void); +@@ -175,14 +172,8 @@ extern unsigned disabled_cpus __cpuinitd extern int safe_smp_processor_id(void); #elif defined(CONFIG_X86_64_SMP) @@ -11199,8 +11375,18 @@ diff -urNp linux-2.6.32.42/arch/x86/Kconfig.debug linux-2.6.32.42/arch/x86/Kconf in order to catch accidental (and incorrect) writes to such const diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S --- linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-04-17 15:56:46.000000000 -0400 -@@ -104,7 +104,7 @@ _start: ++++ linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S 2011-07-01 18:53:40.000000000 -0400 +@@ -91,6 +91,9 @@ _start: + /* Do any other stuff... */ + + #ifndef CONFIG_64BIT ++ /* Recheck NX bit overrides (64bit path does this in trampoline) */ ++ call verify_cpu ++ + /* This could also be done in C code... */ + movl pmode_cr3, %eax + movl %eax, %cr3 +@@ -104,7 +107,7 @@ _start: movl %eax, %ecx orl %edx, %ecx jz 1f @@ -11209,9 +11395,17 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.32.4 wrmsr 1: +@@ -114,6 +117,7 @@ _start: + movl pmode_cr0, %eax + movl %eax, %cr0 + jmp pmode_return ++# include "../../verify_cpu.S" + #else + pushw $0 + pushw trampoline_segment diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c --- linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-04-17 15:56:46.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c 2011-07-01 19:01:34.000000000 -0400 @@ -11,11 +11,12 @@ #include <linux/cpumask.h> #include <asm/segment.h> @@ -11226,10 +11420,12 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/acpi/sleep.c linux-2.6.32.42/arch/x86 unsigned long acpi_realmode_flags; /* address in low memory of the wakeup routine. */ -@@ -99,8 +100,12 @@ int acpi_save_state_mem(void) +@@ -98,9 +99,13 @@ int acpi_save_state_mem(void) + #else /* CONFIG_64BIT */ header->trampoline_segment = setup_trampoline() >> 4; #ifdef CONFIG_SMP - stack_start.sp = temp_stack + sizeof(temp_stack); +- stack_start.sp = temp_stack + sizeof(temp_stack); ++ stack_start = (unsigned long)temp_stack + sizeof(temp_stack); + + pax_open_kernel(); early_gdt_descr.address = @@ -13796,7 +13992,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head32.c linux-2.6.32.42/arch/x86/ker /* Reserve INITRD */ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/kernel/head_32.S --- linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-04-17 15:56:46.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/kernel/head_32.S 2011-07-01 19:09:03.000000000 -0400 @@ -19,10 +19,17 @@ #include <asm/setup.h> #include <asm/processor-flags.h> @@ -13841,7 +14037,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke * 32-bit kernel entrypoint; only used by the boot CPU. On entry, * %esi points to the real-mode code as a 32-bit pointer. * CS and DS must be 4 GB flat segments, but we don't depend on -@@ -80,6 +89,13 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) +@@ -80,7 +89,16 @@ RESERVE_BRK(pagetables, INIT_MAP_SIZE) * can. */ __HEAD @@ -13853,12 +14049,19 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke +#endif + ENTRY(startup_32) ++ movl pa(stack_start),%ecx ++ /* test KEEP_SEGMENTS flag to see if the bootloader is asking us to not reload segments */ -@@ -97,6 +113,57 @@ ENTRY(startup_32) + testb $(1<<6), BP_loadflags(%esi) +@@ -95,7 +113,60 @@ ENTRY(startup_32) + movl %eax,%es + movl %eax,%fs movl %eax,%gs ++ movl %eax,%ss 2: - ++ leal -__PAGE_OFFSET(%ecx),%esp ++ +#ifdef CONFIG_SMP + movl $pa(cpu_gdt_table),%edi + movl $__per_cpu_load,%eax @@ -13909,11 +14112,10 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke + addl $PAGE_SIZE_asm,%edi + loop 1b +#endif -+ + /* * Clear BSS first so that there are no surprises... - */ -@@ -140,9 +207,7 @@ ENTRY(startup_32) +@@ -140,9 +211,7 @@ ENTRY(startup_32) cmpl $num_subarch_entries, %eax jae bad_subarch @@ -13924,7 +14126,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke bad_subarch: WEAK(lguest_entry) -@@ -154,10 +219,10 @@ WEAK(xen_entry) +@@ -154,10 +223,10 @@ WEAK(xen_entry) __INITDATA subarch_entries: @@ -13939,7 +14141,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke num_subarch_entries = (. - subarch_entries) / 4 .previous #endif /* CONFIG_PARAVIRT */ -@@ -218,8 +283,11 @@ default_entry: +@@ -218,8 +287,11 @@ default_entry: movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -13953,7 +14155,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke #else /* Not PAE */ page_pde_offset = (__PAGE_OFFSET >> 20); -@@ -249,8 +317,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); +@@ -249,8 +321,11 @@ page_pde_offset = (__PAGE_OFFSET >> 20); movl %eax, pa(max_pfn_mapped) /* Do early initialization of the fixmap area */ @@ -13967,7 +14169,17 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke #endif jmp 3f /* -@@ -297,6 +368,7 @@ ENTRY(startup_32_smp) +@@ -272,6 +347,9 @@ ENTRY(startup_32_smp) + movl %eax,%es + movl %eax,%fs + movl %eax,%gs ++ movl pa(stack_start),%ecx ++ movl %eax,%ss ++ leal -__PAGE_OFFSET(%ecx),%esp + #endif /* CONFIG_SMP */ + 3: + +@@ -297,6 +375,7 @@ ENTRY(startup_32_smp) orl %edx,%eax movl %eax,%cr4 @@ -13975,7 +14187,18 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke btl $5, %eax # check if PAE is enabled jnc 6f -@@ -312,13 +384,17 @@ ENTRY(startup_32_smp) +@@ -305,6 +384,10 @@ ENTRY(startup_32_smp) + cpuid + cmpl $0x80000000, %eax + jbe 6f ++ ++ /* Clear bogus XD_DISABLE bits */ ++ call verify_cpu ++ + mov $0x80000001, %eax + cpuid + /* Execute Disable bit supported? */ +@@ -312,13 +395,17 @@ ENTRY(startup_32_smp) jnc 6f /* Setup EFER (Extended Feature Enable Register) */ @@ -13994,18 +14217,29 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke 6: /* -@@ -344,9 +420,7 @@ ENTRY(startup_32_smp) +@@ -331,8 +418,8 @@ ENTRY(startup_32_smp) + movl %eax,%cr0 /* ..and set paging (PG) bit */ + ljmp $__BOOT_CS,$1f /* Clear prefetch and normalize %eip */ + 1: +- /* Set up the stack pointer */ +- lss stack_start,%esp ++ /* Shift the stack pointer to a virtual address */ ++ addl $__PAGE_OFFSET, %esp + + /* + * Initialize eflags. Some BIOS's leave bits like NT set. This would +@@ -344,9 +431,7 @@ ENTRY(startup_32_smp) #ifdef CONFIG_SMP cmpb $0, ready - jz 1f /* Initial CPU cleans BSS */ - jmp checkCPUtype -1: -+ jnz checkCPUtype /* Initial CPU cleans BSS */ ++ jnz checkCPUtype #endif /* CONFIG_SMP */ /* -@@ -424,7 +498,7 @@ is386: movl $2,%ecx # set MP +@@ -424,7 +509,7 @@ is386: movl $2,%ecx # set MP 1: movl $(__KERNEL_DS),%eax # reload all the segment registers movl %eax,%ss # after changing gdt. @@ -14014,7 +14248,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke movl %eax,%ds movl %eax,%es -@@ -438,15 +512,22 @@ is386: movl $2,%ecx # set MP +@@ -438,15 +523,22 @@ is386: movl $2,%ecx # set MP */ cmpb $0,ready jne 1f @@ -14039,18 +14273,22 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke movl %eax,%gs xorl %eax,%eax # Clear LDT -@@ -457,10 +538,6 @@ is386: movl $2,%ecx # set MP - #ifdef CONFIG_SMP - movb ready, %cl +@@ -454,14 +546,7 @@ is386: movl $2,%ecx # set MP + + cld # gcc2 wants the direction flag cleared at all times + pushl $0 # fake return address for unwinder +-#ifdef CONFIG_SMP +- movb ready, %cl movb $1, ready - cmpb $0,%cl # the first CPU calls start_kernel - je 1f - movl (stack_start), %esp -1: - #endif /* CONFIG_SMP */ +-#endif /* CONFIG_SMP */ jmp *(initial_code) -@@ -546,22 +623,22 @@ early_page_fault: + /* +@@ -546,22 +631,22 @@ early_page_fault: jmp early_fault early_fault: @@ -14078,7 +14316,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke hlt_loop: hlt jmp hlt_loop -@@ -569,8 +646,11 @@ hlt_loop: +@@ -569,8 +654,11 @@ hlt_loop: /* This is the default interrupt "handler" :-) */ ALIGN ignore_int: @@ -14091,7 +14329,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke pushl %eax pushl %ecx pushl %edx -@@ -579,9 +659,6 @@ ignore_int: +@@ -579,9 +667,6 @@ ignore_int: movl $(__KERNEL_DS),%eax movl %eax,%ds movl %eax,%es @@ -14101,7 +14339,16 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke pushl 16(%esp) pushl 24(%esp) pushl 32(%esp) -@@ -610,31 +687,47 @@ ENTRY(initial_page_table) +@@ -600,6 +685,8 @@ ignore_int: + #endif + iret + ++#include "verify_cpu.S" ++ + __REFDATA + .align 4 + ENTRY(initial_code) +@@ -610,31 +697,47 @@ ENTRY(initial_page_table) /* * BSS section */ @@ -14154,7 +14401,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke ENTRY(swapper_pg_dir) .long pa(swapper_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ # if KPMDS == 3 -@@ -653,15 +746,24 @@ ENTRY(swapper_pg_dir) +@@ -653,15 +756,24 @@ ENTRY(swapper_pg_dir) # error "Kernel PMDs should be 1, 2 or 3" # endif .align PAGE_SIZE_asm /* needs to be page-sized too */ @@ -14169,10 +14416,11 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke #endif .data ++.balign 4 ENTRY(stack_start) - .long init_thread_union+THREAD_SIZE +- .long __BOOT_DS + .long init_thread_union+THREAD_SIZE-8 - .long __BOOT_DS ready: .byte 0 @@ -14180,7 +14428,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke early_recursion_flag: .long 0 -@@ -697,7 +799,7 @@ fault_msg: +@@ -697,7 +809,7 @@ fault_msg: .word 0 # 32 bit align gdt_desc.address boot_gdt_descr: .word __BOOT_DS+7 @@ -14189,7 +14437,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke .word 0 # 32-bit align idt_desc.address idt_descr: -@@ -708,7 +810,7 @@ idt_descr: +@@ -708,7 +820,7 @@ idt_descr: .word 0 # 32 bit align gdt_desc.address ENTRY(early_gdt_descr) .word GDT_ENTRIES*8-1 @@ -14198,7 +14446,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/head_32.S linux-2.6.32.42/arch/x86/ke /* * The boot_gdt must mirror the equivalent in setup.S and is -@@ -717,5 +819,65 @@ ENTRY(early_gdt_descr) +@@ -717,5 +829,65 @@ ENTRY(early_gdt_descr) .align L1_CACHE_BYTES ENTRY(boot_gdt) .fill GDT_ENTRY_BOOT_CS,8,0 @@ -16160,7 +16408,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/signal.c linux-2.6.32.42/arch/x86/ker if (current_thread_info()->status & TS_RESTORE_SIGMASK) diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/kernel/smpboot.c --- linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-05-11 18:25:15.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/kernel/smpboot.c 2011-07-01 19:10:03.000000000 -0400 @@ -94,14 +94,14 @@ static DEFINE_PER_CPU(struct task_struct */ static DEFINE_MUTEX(x86_cpu_hotplug_driver_mutex); @@ -16180,6 +16428,15 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke } ssize_t arch_cpu_probe(const char *buf, size_t count) { return -1; } +@@ -625,7 +625,7 @@ wakeup_secondary_cpu_via_init(int phys_a + * target processor state. + */ + startup_ipi_hook(phys_apicid, (unsigned long) start_secondary, +- (unsigned long)stack_start.sp); ++ stack_start); + + /* + * Run STARTUP IPI loop. @@ -743,6 +743,7 @@ static int __cpuinit do_boot_cpu(int api set_idle_for_cpu(cpu, c_idle.idle); do_rest: @@ -16188,7 +16445,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke #ifdef CONFIG_X86_32 /* Stack for startup_32 can be just as for start_secondary onwards */ irq_ctx_init(cpu); -@@ -750,11 +751,13 @@ do_rest: +@@ -750,13 +751,15 @@ do_rest: #else clear_tsk_thread_flag(c_idle.idle, TIF_FORK); initial_gs = per_cpu_offset(cpu); @@ -16203,8 +16460,11 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/smpboot.c linux-2.6.32.42/arch/x86/ke + pax_close_kernel(); + initial_code = (unsigned long)start_secondary; - stack_start.sp = (void *) c_idle.idle->thread.sp; +- stack_start.sp = (void *) c_idle.idle->thread.sp; ++ stack_start = c_idle.idle->thread.sp; + /* start_ip had better be page-aligned! */ + start_ip = setup_trampoline(); @@ -891,6 +894,12 @@ int __cpuinit native_cpu_up(unsigned int per_cpu(cpu_state, cpu) = CPU_UP_PREPARE; @@ -16819,7 +17079,7 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_32.S linux-2.6.32.42/arch/ # hence we don't use the boot_gdt_descr defined in head.S diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_64.S linux-2.6.32.42/arch/x86/kernel/trampoline_64.S --- linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-04-17 15:56:46.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/kernel/trampoline_64.S 2011-07-01 18:53:26.000000000 -0400 @@ -91,7 +91,7 @@ startup_32: movl $__KERNEL_DS, %eax # Initialize the %ds segment register movl %eax, %ds @@ -16829,6 +17089,15 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/trampoline_64.S linux-2.6.32.42/arch/ movl %eax, %cr4 # Enable PAE mode # Setup trampoline 4 level pagetables +@@ -127,7 +127,7 @@ startup_64: + no_longmode: + hlt + jmp no_longmode +-#include "verify_cpu_64.S" ++#include "verify_cpu.S" + + # Careful these need to be in the same 64K segment as the above; + tidt: @@ -138,7 +138,7 @@ tidt: # so the kernel can live anywhere .balign 4 @@ -17009,6 +17278,259 @@ diff -urNp linux-2.6.32.42/arch/x86/kernel/traps.c linux-2.6.32.42/arch/x86/kern if (!tsk_used_math(tsk)) { local_irq_enable(); +diff -urNp linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S +--- linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S 2011-03-27 14:31:47.000000000 -0400 ++++ linux-2.6.32.42/arch/x86/kernel/verify_cpu_64.S 1969-12-31 19:00:00.000000000 -0500 +@@ -1,105 +0,0 @@ +-/* +- * +- * verify_cpu.S - Code for cpu long mode and SSE verification. This +- * code has been borrowed from boot/setup.S and was introduced by +- * Andi Kleen. +- * +- * Copyright (c) 2007 Andi Kleen (ak@suse.de) +- * Copyright (c) 2007 Eric Biederman (ebiederm@xmission.com) +- * Copyright (c) 2007 Vivek Goyal (vgoyal@in.ibm.com) +- * +- * This source code is licensed under the GNU General Public License, +- * Version 2. See the file COPYING for more details. +- * +- * This is a common code for verification whether CPU supports +- * long mode and SSE or not. It is not called directly instead this +- * file is included at various places and compiled in that context. +- * Following are the current usage. +- * +- * This file is included by both 16bit and 32bit code. +- * +- * arch/x86_64/boot/setup.S : Boot cpu verification (16bit) +- * arch/x86_64/boot/compressed/head.S: Boot cpu verification (32bit) +- * arch/x86_64/kernel/trampoline.S: secondary processor verfication (16bit) +- * arch/x86_64/kernel/acpi/wakeup.S:Verfication at resume (16bit) +- * +- * verify_cpu, returns the status of cpu check in register %eax. +- * 0: Success 1: Failure +- * +- * The caller needs to check for the error code and take the action +- * appropriately. Either display a message or halt. +- */ +- +-#include <asm/cpufeature.h> +- +-verify_cpu: +- pushfl # Save caller passed flags +- pushl $0 # Kill any dangerous flags +- popfl +- +- pushfl # standard way to check for cpuid +- popl %eax +- movl %eax,%ebx +- xorl $0x200000,%eax +- pushl %eax +- popfl +- pushfl +- popl %eax +- cmpl %eax,%ebx +- jz verify_cpu_no_longmode # cpu has no cpuid +- +- movl $0x0,%eax # See if cpuid 1 is implemented +- cpuid +- cmpl $0x1,%eax +- jb verify_cpu_no_longmode # no cpuid 1 +- +- xor %di,%di +- cmpl $0x68747541,%ebx # AuthenticAMD +- jnz verify_cpu_noamd +- cmpl $0x69746e65,%edx +- jnz verify_cpu_noamd +- cmpl $0x444d4163,%ecx +- jnz verify_cpu_noamd +- mov $1,%di # cpu is from AMD +- +-verify_cpu_noamd: +- movl $0x1,%eax # Does the cpu have what it takes +- cpuid +- andl $REQUIRED_MASK0,%edx +- xorl $REQUIRED_MASK0,%edx +- jnz verify_cpu_no_longmode +- +- movl $0x80000000,%eax # See if extended cpuid is implemented +- cpuid +- cmpl $0x80000001,%eax +- jb verify_cpu_no_longmode # no extended cpuid +- +- movl $0x80000001,%eax # Does the cpu have what it takes +- cpuid +- andl $REQUIRED_MASK1,%edx +- xorl $REQUIRED_MASK1,%edx +- jnz verify_cpu_no_longmode +- +-verify_cpu_sse_test: +- movl $1,%eax +- cpuid +- andl $SSE_MASK,%edx +- cmpl $SSE_MASK,%edx +- je verify_cpu_sse_ok +- test %di,%di +- jz verify_cpu_no_longmode # only try to force SSE on AMD +- movl $0xc0010015,%ecx # HWCR +- rdmsr +- btr $15,%eax # enable SSE +- wrmsr +- xor %di,%di # don't loop +- jmp verify_cpu_sse_test # try again +- +-verify_cpu_no_longmode: +- popfl # Restore caller passed flags +- movl $1,%eax +- ret +-verify_cpu_sse_ok: +- popfl # Restore caller passed flags +- xorl %eax, %eax +- ret +diff -urNp linux-2.6.32.42/arch/x86/kernel/verify_cpu.S linux-2.6.32.42/arch/x86/kernel/verify_cpu.S +--- linux-2.6.32.42/arch/x86/kernel/verify_cpu.S 1969-12-31 19:00:00.000000000 -0500 ++++ linux-2.6.32.42/arch/x86/kernel/verify_cpu.S 2011-07-01 18:28:42.000000000 -0400 +@@ -0,0 +1,140 @@ ++/* ++ * ++ * verify_cpu.S - Code for cpu long mode and SSE verification. This ++ * code has been borrowed from boot/setup.S and was introduced by ++ * Andi Kleen. ++ * ++ * Copyright (c) 2007 Andi Kleen (ak@suse.de) ++ * Copyright (c) 2007 Eric Biederman (ebiederm@xmission.com) ++ * Copyright (c) 2007 Vivek Goyal (vgoyal@in.ibm.com) ++ * Copyright (c) 2010 Kees Cook (kees.cook@canonical.com) ++ * ++ * This source code is licensed under the GNU General Public License, ++ * Version 2. See the file COPYING for more details. ++ * ++ * This is a common code for verification whether CPU supports ++ * long mode and SSE or not. It is not called directly instead this ++ * file is included at various places and compiled in that context. ++ * This file is expected to run in 32bit code. Currently: ++ * ++ * arch/x86/boot/compressed/head_64.S: Boot cpu verification ++ * arch/x86/kernel/trampoline_64.S: secondary processor verification ++ * arch/x86/kernel/head_32.S: processor startup ++ * arch/x86/kernel/acpi/realmode/wakeup.S: 32bit processor resume ++ * ++ * verify_cpu, returns the status of longmode and SSE in register %eax. ++ * 0: Success 1: Failure ++ * ++ * On Intel, the XD_DISABLE flag will be cleared as a side-effect. ++ * ++ * The caller needs to check for the error code and take the action ++ * appropriately. Either display a message or halt. ++ */ ++ ++#include <asm/cpufeature.h> ++#include <asm/msr-index.h> ++ ++verify_cpu: ++ pushfl # Save caller passed flags ++ pushl $0 # Kill any dangerous flags ++ popfl ++ ++ pushfl # standard way to check for cpuid ++ popl %eax ++ movl %eax,%ebx ++ xorl $0x200000,%eax ++ pushl %eax ++ popfl ++ pushfl ++ popl %eax ++ cmpl %eax,%ebx ++ jz verify_cpu_no_longmode # cpu has no cpuid ++ ++ movl $0x0,%eax # See if cpuid 1 is implemented ++ cpuid ++ cmpl $0x1,%eax ++ jb verify_cpu_no_longmode # no cpuid 1 ++ ++ xor %di,%di ++ cmpl $0x68747541,%ebx # AuthenticAMD ++ jnz verify_cpu_noamd ++ cmpl $0x69746e65,%edx ++ jnz verify_cpu_noamd ++ cmpl $0x444d4163,%ecx ++ jnz verify_cpu_noamd ++ mov $1,%di # cpu is from AMD ++ jmp verify_cpu_check ++ ++verify_cpu_noamd: ++ cmpl $0x756e6547,%ebx # GenuineIntel? ++ jnz verify_cpu_check ++ cmpl $0x49656e69,%edx ++ jnz verify_cpu_check ++ cmpl $0x6c65746e,%ecx ++ jnz verify_cpu_check ++ ++ # only call IA32_MISC_ENABLE when: ++ # family > 6 || (family == 6 && model >= 0xd) ++ movl $0x1, %eax # check CPU family and model ++ cpuid ++ movl %eax, %ecx ++ ++ andl $0x0ff00f00, %eax # mask family and extended family ++ shrl $8, %eax ++ cmpl $6, %eax ++ ja verify_cpu_clear_xd # family > 6, ok ++ jb verify_cpu_check # family < 6, skip ++ ++ andl $0x000f00f0, %ecx # mask model and extended model ++ shrl $4, %ecx ++ cmpl $0xd, %ecx ++ jb verify_cpu_check # family == 6, model < 0xd, skip ++ ++verify_cpu_clear_xd: ++ movl $MSR_IA32_MISC_ENABLE, %ecx ++ rdmsr ++ btrl $2, %edx # clear MSR_IA32_MISC_ENABLE_XD_DISABLE ++ jnc verify_cpu_check # only write MSR if bit was changed ++ wrmsr ++ ++verify_cpu_check: ++ movl $0x1,%eax # Does the cpu have what it takes ++ cpuid ++ andl $REQUIRED_MASK0,%edx ++ xorl $REQUIRED_MASK0,%edx ++ jnz verify_cpu_no_longmode ++ ++ movl $0x80000000,%eax # See if extended cpuid is implemented ++ cpuid ++ cmpl $0x80000001,%eax ++ jb verify_cpu_no_longmode # no extended cpuid ++ ++ movl $0x80000001,%eax # Does the cpu have what it takes ++ cpuid ++ andl $REQUIRED_MASK1,%edx ++ xorl $REQUIRED_MASK1,%edx ++ jnz verify_cpu_no_longmode ++ ++verify_cpu_sse_test: ++ movl $1,%eax ++ cpuid ++ andl $SSE_MASK,%edx ++ cmpl $SSE_MASK,%edx ++ je verify_cpu_sse_ok ++ test %di,%di ++ jz verify_cpu_no_longmode # only try to force SSE on AMD ++ movl $MSR_K7_HWCR,%ecx ++ rdmsr ++ btr $15,%eax # enable SSE ++ wrmsr ++ xor %di,%di # don't loop ++ jmp verify_cpu_sse_test # try again ++ ++verify_cpu_no_longmode: ++ popfl # Restore caller passed flags ++ movl $1,%eax ++ ret ++verify_cpu_sse_ok: ++ popfl # Restore caller passed flags ++ xorl %eax, %eax ++ ret diff -urNp linux-2.6.32.42/arch/x86/kernel/vm86_32.c linux-2.6.32.42/arch/x86/kernel/vm86_32.c --- linux-2.6.32.42/arch/x86/kernel/vm86_32.c 2011-03-27 14:31:47.000000000 -0400 +++ linux-2.6.32.42/arch/x86/kernel/vm86_32.c 2011-04-17 15:56:46.000000000 -0400 @@ -50542,8 +51064,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_fork.c linux-2.6.32.42/grsecurity/gr +} diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/grsec_init.c --- linux-2.6.32.42/grsecurity/grsec_init.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.42/grsecurity/grsec_init.c 2011-04-17 15:56:46.000000000 -0400 -@@ -0,0 +1,270 @@ ++++ linux-2.6.32.42/grsecurity/grsec_init.c 2011-06-29 19:35:26.000000000 -0400 +@@ -0,0 +1,274 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/mm.h> @@ -50554,6 +51076,7 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/gr +#include <linux/percpu.h> +#include <linux/module.h> + ++int grsec_enable_brute; +int grsec_enable_link; +int grsec_enable_dmesg; +int grsec_enable_harden_ptrace; @@ -50718,6 +51241,9 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_init.c linux-2.6.32.42/grsecurity/gr +#ifdef CONFIG_GRKERNSEC_LINK + grsec_enable_link = 1; +#endif ++#ifdef CONFIG_GRKERNSEC_BRUTE ++ grsec_enable_brute = 1; ++#endif +#ifdef CONFIG_GRKERNSEC_DMESG + grsec_enable_dmesg = 1; +#endif @@ -51338,8 +51864,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_ptrace.c linux-2.6.32.42/grsecurity/ +} diff -urNp linux-2.6.32.42/grsecurity/grsec_sig.c linux-2.6.32.42/grsecurity/grsec_sig.c --- linux-2.6.32.42/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.42/grsecurity/grsec_sig.c 2011-05-17 17:30:04.000000000 -0400 -@@ -0,0 +1,202 @@ ++++ linux-2.6.32.42/grsecurity/grsec_sig.c 2011-06-29 19:40:31.000000000 -0400 +@@ -0,0 +1,205 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/delay.h> @@ -51431,6 +51957,9 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sig.c linux-2.6.32.42/grsecurity/grs +#ifdef CONFIG_GRKERNSEC_BRUTE + uid_t uid = 0; + ++ if (!grsec_enable_brute) ++ return; ++ + rcu_read_lock(); + read_lock(&tasklist_lock); + read_lock(&grsec_exec_file_lock); @@ -51823,8 +52352,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sock.c linux-2.6.32.42/grsecurity/gr +} diff -urNp linux-2.6.32.42/grsecurity/grsec_sysctl.c linux-2.6.32.42/grsecurity/grsec_sysctl.c --- linux-2.6.32.42/grsecurity/grsec_sysctl.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.42/grsecurity/grsec_sysctl.c 2011-04-17 15:56:46.000000000 -0400 -@@ -0,0 +1,479 @@ ++++ linux-2.6.32.42/grsecurity/grsec_sysctl.c 2011-06-29 19:37:19.000000000 -0400 +@@ -0,0 +1,489 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/sysctl.h> @@ -51872,6 +52401,16 @@ diff -urNp linux-2.6.32.42/grsecurity/grsec_sysctl.c linux-2.6.32.42/grsecurity/ + .proc_handler = &proc_dointvec, + }, +#endif ++#ifdef CONFIG_GRKERNSEC_BRUTE ++ { ++ .ctl_name = CTL_UNNUMBERED, ++ .procname = "deter_bruteforce", ++ .data = &grsec_enable_brute, ++ .maxlen = sizeof(int), ++ .mode = 0600, ++ .proc_handler = &proc_dointvec, ++ }, ++#endif +#ifdef CONFIG_GRKERNSEC_FIFO + { + .ctl_name = CTL_UNNUMBERED, @@ -52434,8 +52973,8 @@ diff -urNp linux-2.6.32.42/grsecurity/grsum.c linux-2.6.32.42/grsecurity/grsum.c +} diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig --- linux-2.6.32.42/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.42/grsecurity/Kconfig 2011-06-13 21:34:09.000000000 -0400 -@@ -0,0 +1,1045 @@ ++++ linux-2.6.32.42/grsecurity/Kconfig 2011-06-29 20:55:13.000000000 -0400 +@@ -0,0 +1,1047 @@ +# +# grecurity configuration +# @@ -52514,7 +53053,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig + select PAX_ASLR + select PAX_RANDMMAP + select PAX_REFCOUNT if (X86 || SPARC64) -+ select PAX_USERCOPY if ((X86 || SPARC32 || SPARC64 || PPC) && (SLAB || SLUB || SLOB)) ++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) + + help + If you say Y here, several features in addition to those included @@ -52578,7 +53117,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig + select GRKERNSEC_MODHARDEN if (MODULES) + select GRKERNSEC_HARDEN_PTRACE + select GRKERNSEC_VM86 if (X86_32) -+ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC32 || SPARC64) ++ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC) + select PAX + select PAX_RANDUSTACK + select PAX_ASLR @@ -52593,13 +53132,13 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig + select PAX_RANDKSTACK if (X86_TSC && X86) + select PAX_SEGMEXEC if (X86_32) + select PAX_PAGEEXEC -+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC32 || SPARC64) ++ select PAX_EMUPLT if (ALPHA || PARISC || SPARC) + select PAX_EMUTRAMP if (PARISC) + select PAX_EMUSIGRT if (PARISC) + select PAX_ETEXECRELOCS if (ALPHA || IA64 || PARISC) + select PAX_ELFRELOCS if (PAX_ETEXECRELOCS || (IA64 || PPC || X86)) + select PAX_REFCOUNT if (X86 || SPARC64) -+ select PAX_USERCOPY if ((X86 || PPC || SPARC32 || SPARC64) && (SLAB || SLUB || SLOB)) ++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) + help + If you say Y here, many of the features of grsecurity will be + enabled, which will protect you against many kinds of attacks @@ -52729,6 +53268,8 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig + It is recommended that you also enable signal logging in the auditing + section so that logs are generated when a process triggers a suspicious + signal. ++ If the sysctl option is enabled, a sysctl option with name ++ "deter_bruteforce" is created. + +config GRKERNSEC_MODHARDEN + bool "Harden module auto-loading" @@ -52778,7 +53319,7 @@ diff -urNp linux-2.6.32.42/grsecurity/Kconfig linux-2.6.32.42/grsecurity/Kconfig + +config GRKERNSEC_KERN_LOCKOUT + bool "Active kernel exploit response" -+ depends on X86 || ARM || PPC || SPARC32 || SPARC64 ++ depends on X86 || ARM || PPC || SPARC + help + If you say Y here, when a PaX alert is triggered due to suspicious + activity in the kernel (from KERNEXEC/UDEREF/USERCOPY) @@ -55345,8 +55886,8 @@ diff -urNp linux-2.6.32.42/include/linux/grdefs.h linux-2.6.32.42/include/linux/ +#endif diff -urNp linux-2.6.32.42/include/linux/grinternal.h linux-2.6.32.42/include/linux/grinternal.h --- linux-2.6.32.42/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.32.42/include/linux/grinternal.h 2011-04-17 15:56:46.000000000 -0400 -@@ -0,0 +1,218 @@ ++++ linux-2.6.32.42/include/linux/grinternal.h 2011-06-29 19:41:14.000000000 -0400 +@@ -0,0 +1,219 @@ +#ifndef __GRINTERNAL_H +#define __GRINTERNAL_H + @@ -55427,6 +55968,7 @@ diff -urNp linux-2.6.32.42/include/linux/grinternal.h linux-2.6.32.42/include/li +extern int grsec_resource_logging; +extern int grsec_enable_blackhole; +extern int grsec_lastack_retries; ++extern int grsec_enable_brute; +extern int grsec_lock; + +extern spinlock_t grsec_alert_lock; @@ -70607,7 +71149,7 @@ diff -urNp linux-2.6.32.42/security/integrity/ima/ima_queue.c linux-2.6.32.42/se return 0; diff -urNp linux-2.6.32.42/security/Kconfig linux-2.6.32.42/security/Kconfig --- linux-2.6.32.42/security/Kconfig 2011-03-27 14:31:47.000000000 -0400 -+++ linux-2.6.32.42/security/Kconfig 2011-06-04 20:45:36.000000000 -0400 ++++ linux-2.6.32.42/security/Kconfig 2011-06-29 20:55:36.000000000 -0400 @@ -4,6 +4,555 @@ menu "Security options" @@ -71129,7 +71671,7 @@ diff -urNp linux-2.6.32.42/security/Kconfig linux-2.6.32.42/security/Kconfig + +config PAX_USERCOPY + bool "Harden heap object copies between kernel and userland" -+ depends on X86 || PPC || SPARC ++ depends on X86 || PPC || SPARC || ARM + depends on GRKERNSEC && (SLAB || SLUB) + help + By saying Y here the kernel will enforce the size of heap objects diff --git a/2.6.39/0000_README b/2.6.39/0000_README index b6b1a96..2c34d1e 100644 --- a/2.6.39/0000_README +++ b/2.6.39/0000_README @@ -3,7 +3,7 @@ README Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch +Patch: 4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch b/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch index 8495f8b..4a5d663 100644 --- a/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201106281648.patch +++ b/2.6.39/4420_grsecurity-2.2.2-2.6.39.2-201107011911.patch @@ -677,8 +677,43 @@ diff -urNp linux-2.6.39.2/arch/arm/include/asm/page.h linux-2.6.39.2/arch/arm/in #define __cpu_copy_user_highpage cpu_user.cpu_copy_user_highpage diff -urNp linux-2.6.39.2/arch/arm/include/asm/uaccess.h linux-2.6.39.2/arch/arm/include/asm/uaccess.h --- linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-05-19 00:06:34.000000000 -0400 -+++ linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-05-22 19:36:30.000000000 -0400 -@@ -403,6 +403,9 @@ extern unsigned long __must_check __strn ++++ linux-2.6.39.2/arch/arm/include/asm/uaccess.h 2011-06-29 21:04:12.000000000 -0400 +@@ -22,6 +22,8 @@ + #define VERIFY_READ 0 + #define VERIFY_WRITE 1 + ++extern void check_object_size(const void *ptr, unsigned long n, bool to); ++ + /* + * The exception table consists of pairs of addresses: the first is the + * address of an instruction that is allowed to fault, and the second is +@@ -387,8 +389,23 @@ do { \ + + + #ifdef CONFIG_MMU +-extern unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n); +-extern unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n); ++extern unsigned long __must_check ___copy_from_user(void *to, const void __user *from, unsigned long n); ++extern unsigned long __must_check ___copy_to_user(void __user *to, const void *from, unsigned long n); ++ ++static inline unsigned long __must_check __copy_from_user(void *to, const void __user *from, unsigned long n) ++{ ++ if (!__builtin_constant_p(n)) ++ check_object_size(to, n, false); ++ return ___copy_from_user(to, from, n); ++} ++ ++static inline unsigned long __must_check __copy_to_user(void __user *to, const void *from, unsigned long n) ++{ ++ if (!__builtin_constant_p(n)) ++ check_object_size(from, n, true); ++ return ___copy_to_user(to, from, n); ++} ++ + extern unsigned long __must_check __copy_to_user_std(void __user *to, const void *from, unsigned long n); + extern unsigned long __must_check __clear_user(void __user *addr, unsigned long n); + extern unsigned long __must_check __clear_user_std(void __user *addr, unsigned long n); +@@ -403,6 +420,9 @@ extern unsigned long __must_check __strn static inline unsigned long __must_check copy_from_user(void *to, const void __user *from, unsigned long n) { @@ -688,7 +723,7 @@ diff -urNp linux-2.6.39.2/arch/arm/include/asm/uaccess.h linux-2.6.39.2/arch/arm if (access_ok(VERIFY_READ, from, n)) n = __copy_from_user(to, from, n); else /* security hole - plug it */ -@@ -412,6 +415,9 @@ static inline unsigned long __must_check +@@ -412,6 +432,9 @@ static inline unsigned long __must_check static inline unsigned long __must_check copy_to_user(void __user *to, const void *from, unsigned long n) { @@ -756,6 +791,126 @@ diff -urNp linux-2.6.39.2/arch/arm/kernel/traps.c linux-2.6.39.2/arch/arm/kernel if (ret != NOTIFY_STOP) do_exit(SIGSEGV); } +diff -urNp linux-2.6.39.2/arch/arm/lib/copy_from_user.S linux-2.6.39.2/arch/arm/lib/copy_from_user.S +--- linux-2.6.39.2/arch/arm/lib/copy_from_user.S 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/arm/lib/copy_from_user.S 2011-06-29 20:58:18.000000000 -0400 +@@ -16,7 +16,7 @@ + /* + * Prototype: + * +- * size_t __copy_from_user(void *to, const void *from, size_t n) ++ * size_t ___copy_from_user(void *to, const void *from, size_t n) + * + * Purpose: + * +@@ -84,11 +84,11 @@ + + .text + +-ENTRY(__copy_from_user) ++ENTRY(___copy_from_user) + + #include "copy_template.S" + +-ENDPROC(__copy_from_user) ++ENDPROC(___copy_from_user) + + .pushsection .fixup,"ax" + .align 0 +diff -urNp linux-2.6.39.2/arch/arm/lib/copy_to_user.S linux-2.6.39.2/arch/arm/lib/copy_to_user.S +--- linux-2.6.39.2/arch/arm/lib/copy_to_user.S 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/arm/lib/copy_to_user.S 2011-06-29 20:59:20.000000000 -0400 +@@ -16,7 +16,7 @@ + /* + * Prototype: + * +- * size_t __copy_to_user(void *to, const void *from, size_t n) ++ * size_t ___copy_to_user(void *to, const void *from, size_t n) + * + * Purpose: + * +@@ -88,11 +88,11 @@ + .text + + ENTRY(__copy_to_user_std) +-WEAK(__copy_to_user) ++WEAK(___copy_to_user) + + #include "copy_template.S" + +-ENDPROC(__copy_to_user) ++ENDPROC(___copy_to_user) + ENDPROC(__copy_to_user_std) + + .pushsection .fixup,"ax" +diff -urNp linux-2.6.39.2/arch/arm/lib/uaccess.S linux-2.6.39.2/arch/arm/lib/uaccess.S +--- linux-2.6.39.2/arch/arm/lib/uaccess.S 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/arm/lib/uaccess.S 2011-06-29 20:59:01.000000000 -0400 +@@ -20,7 +20,7 @@ + + #define PAGE_SHIFT 12 + +-/* Prototype: int __copy_to_user(void *to, const char *from, size_t n) ++/* Prototype: int ___copy_to_user(void *to, const char *from, size_t n) + * Purpose : copy a block to user memory from kernel memory + * Params : to - user memory + * : from - kernel memory +@@ -40,7 +40,7 @@ USER( T(strgtb) r3, [r0], #1) @ May f + sub r2, r2, ip + b .Lc2u_dest_aligned + +-ENTRY(__copy_to_user) ++ENTRY(___copy_to_user) + stmfd sp!, {r2, r4 - r7, lr} + cmp r2, #4 + blt .Lc2u_not_enough +@@ -278,14 +278,14 @@ USER( T(strgeb) r3, [r0], #1) @ May f + ldrgtb r3, [r1], #0 + USER( T(strgtb) r3, [r0], #1) @ May fault + b .Lc2u_finished +-ENDPROC(__copy_to_user) ++ENDPROC(___copy_to_user) + + .pushsection .fixup,"ax" + .align 0 + 9001: ldmfd sp!, {r0, r4 - r7, pc} + .popsection + +-/* Prototype: unsigned long __copy_from_user(void *to,const void *from,unsigned long n); ++/* Prototype: unsigned long ___copy_from_user(void *to,const void *from,unsigned long n); + * Purpose : copy a block from user memory to kernel memory + * Params : to - kernel memory + * : from - user memory +@@ -304,7 +304,7 @@ USER( T(ldrgtb) r3, [r1], #1) @ May f + sub r2, r2, ip + b .Lcfu_dest_aligned + +-ENTRY(__copy_from_user) ++ENTRY(___copy_from_user) + stmfd sp!, {r0, r2, r4 - r7, lr} + cmp r2, #4 + blt .Lcfu_not_enough +@@ -544,7 +544,7 @@ USER( T(ldrgeb) r3, [r1], #1) @ May f + USER( T(ldrgtb) r3, [r1], #1) @ May fault + strgtb r3, [r0], #1 + b .Lcfu_finished +-ENDPROC(__copy_from_user) ++ENDPROC(___copy_from_user) + + .pushsection .fixup,"ax" + .align 0 +diff -urNp linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c +--- linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/arm/lib/uaccess_with_memcpy.c 2011-06-29 20:59:55.000000000 -0400 +@@ -103,7 +103,7 @@ out: + } + + unsigned long +-__copy_to_user(void __user *to, const void *from, unsigned long n) ++___copy_to_user(void __user *to, const void *from, unsigned long n) + { + /* + * This test is stubbed out of the main function above to keep diff -urNp linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c --- linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c 2011-05-19 00:06:34.000000000 -0400 +++ linux-2.6.39.2/arch/arm/mach-cns3xxx/pcie.c 2011-05-22 19:36:30.000000000 -0400 @@ -12633,6 +12788,27 @@ diff -urNp linux-2.6.39.2/arch/x86/Kconfig.debug linux-2.6.39.2/arch/x86/Kconfig ---help--- This option helps catch unintended modifications to loadable kernel module's text and read-only data. It also prevents execution +diff -urNp linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S +--- linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/x86/kernel/acpi/realmode/wakeup.S 2011-07-01 18:27:29.000000000 -0400 +@@ -94,6 +94,9 @@ wakeup_code: + /* Do any other stuff... */ + + #ifndef CONFIG_64BIT ++ /* Recheck NX bit overrides (64bit path does this in trampoline */ ++ call verify_cpu ++ + /* This could also be done in C code... */ + movl pmode_cr3, %eax + movl %eax, %cr3 +@@ -117,6 +120,7 @@ wakeup_code: + movl pmode_cr0, %eax + movl %eax, %cr0 + jmp pmode_return ++# include "../../verify_cpu.S" + #else + pushw $0 + pushw trampoline_segment diff -urNp linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c --- linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c 2011-05-19 00:06:34.000000000 -0400 +++ linux-2.6.39.2/arch/x86/kernel/acpi/sleep.c 2011-05-22 19:36:30.000000000 -0400 @@ -18050,6 +18226,17 @@ diff -urNp linux-2.6.39.2/arch/x86/kernel/traps.c linux-2.6.39.2/arch/x86/kernel if (!tsk_used_math(tsk)) { local_irq_enable(); +diff -urNp linux-2.6.39.2/arch/x86/kernel/verify_cpu.S linux-2.6.39.2/arch/x86/kernel/verify_cpu.S +--- linux-2.6.39.2/arch/x86/kernel/verify_cpu.S 2011-05-19 00:06:34.000000000 -0400 ++++ linux-2.6.39.2/arch/x86/kernel/verify_cpu.S 2011-07-01 18:28:04.000000000 -0400 +@@ -20,6 +20,7 @@ + * arch/x86/boot/compressed/head_64.S: Boot cpu verification + * arch/x86/kernel/trampoline_64.S: secondary processor verification + * arch/x86/kernel/head_32.S: processor startup ++ * arch/x86/kernel/acpi/realmode/wakeup.S: 32bit processor resume + * + * verify_cpu, returns the status of longmode and SSE in register %eax. + * 0: Success 1: Failure diff -urNp linux-2.6.39.2/arch/x86/kernel/vm86_32.c linux-2.6.39.2/arch/x86/kernel/vm86_32.c --- linux-2.6.39.2/arch/x86/kernel/vm86_32.c 2011-05-19 00:06:34.000000000 -0400 +++ linux-2.6.39.2/arch/x86/kernel/vm86_32.c 2011-05-22 19:41:32.000000000 -0400 @@ -58154,8 +58341,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_fork.c linux-2.6.39.2/grsecurity/grse +} diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grsec_init.c --- linux-2.6.39.2/grsecurity/grsec_init.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.39.2/grsecurity/grsec_init.c 2011-05-22 22:47:15.000000000 -0400 -@@ -0,0 +1,269 @@ ++++ linux-2.6.39.2/grsecurity/grsec_init.c 2011-06-29 19:35:59.000000000 -0400 +@@ -0,0 +1,273 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/mm.h> @@ -58165,6 +58352,7 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grse +#include <linux/percpu.h> +#include <linux/module.h> + ++int grsec_enable_brute; +int grsec_enable_link; +int grsec_enable_dmesg; +int grsec_enable_harden_ptrace; @@ -58329,6 +58517,9 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_init.c linux-2.6.39.2/grsecurity/grse +#ifdef CONFIG_GRKERNSEC_LINK + grsec_enable_link = 1; +#endif ++#ifdef CONFIG_GRKERNSEC_BRUTE ++ grsec_enable_brute = 1; ++#endif +#ifdef CONFIG_GRKERNSEC_DMESG + grsec_enable_dmesg = 1; +#endif @@ -58949,8 +59140,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_ptrace.c linux-2.6.39.2/grsecurity/gr +} diff -urNp linux-2.6.39.2/grsecurity/grsec_sig.c linux-2.6.39.2/grsecurity/grsec_sig.c --- linux-2.6.39.2/grsecurity/grsec_sig.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.39.2/grsecurity/grsec_sig.c 2011-05-22 19:41:42.000000000 -0400 -@@ -0,0 +1,203 @@ ++++ linux-2.6.39.2/grsecurity/grsec_sig.c 2011-06-29 19:40:46.000000000 -0400 +@@ -0,0 +1,206 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/delay.h> @@ -59042,6 +59233,9 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sig.c linux-2.6.39.2/grsecurity/grsec +#ifdef CONFIG_GRKERNSEC_BRUTE + uid_t uid = 0; + ++ if (!grsec_enable_brute) ++ return; ++ + rcu_read_lock(); + read_lock(&tasklist_lock); + read_lock(&grsec_exec_file_lock); @@ -59404,8 +59598,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sock.c linux-2.6.39.2/grsecurity/grse +} diff -urNp linux-2.6.39.2/grsecurity/grsec_sysctl.c linux-2.6.39.2/grsecurity/grsec_sysctl.c --- linux-2.6.39.2/grsecurity/grsec_sysctl.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.39.2/grsecurity/grsec_sysctl.c 2011-05-22 19:41:42.000000000 -0400 -@@ -0,0 +1,433 @@ ++++ linux-2.6.39.2/grsecurity/grsec_sysctl.c 2011-06-29 19:38:04.000000000 -0400 +@@ -0,0 +1,442 @@ +#include <linux/kernel.h> +#include <linux/sched.h> +#include <linux/sysctl.h> @@ -59451,6 +59645,15 @@ diff -urNp linux-2.6.39.2/grsecurity/grsec_sysctl.c linux-2.6.39.2/grsecurity/gr + .proc_handler = &proc_dointvec, + }, +#endif ++#ifdef CONFIG_GRKERNSEC_BRUTE ++ { ++ .procname = "deter_bruteforce", ++ .data = &grsec_enable_brute, ++ .maxlen = sizeof(int), ++ .mode = 0600, ++ .proc_handler = &proc_dointvec, ++ }, ++#endif +#ifdef CONFIG_GRKERNSEC_FIFO + { + .procname = "fifo_restrictions", @@ -59969,8 +60172,8 @@ diff -urNp linux-2.6.39.2/grsecurity/grsum.c linux-2.6.39.2/grsecurity/grsum.c +} diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig --- linux-2.6.39.2/grsecurity/Kconfig 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.39.2/grsecurity/Kconfig 2011-06-13 21:34:34.000000000 -0400 -@@ -0,0 +1,1045 @@ ++++ linux-2.6.39.2/grsecurity/Kconfig 2011-06-29 20:57:06.000000000 -0400 +@@ -0,0 +1,1048 @@ +# +# grecurity configuration +# @@ -60049,7 +60252,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig + select PAX_ASLR + select PAX_RANDMMAP + select PAX_REFCOUNT if (X86 || SPARC64) -+ select PAX_USERCOPY if ((X86 || SPARC32 || SPARC64 || PPC) && (SLAB || SLUB || SLOB)) ++ select PAX_USERCOPY if ((X86 || SPARC || PPC || ARM) && (SLAB || SLUB)) + + help + If you say Y here, several features in addition to those included @@ -60113,7 +60316,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig + select GRKERNSEC_MODHARDEN if (MODULES) + select GRKERNSEC_HARDEN_PTRACE + select GRKERNSEC_VM86 if (X86_32) -+ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC32 || SPARC64) ++ select GRKERNSEC_KERN_LOCKOUT if (X86 || ARM || PPC || SPARC) + select PAX + select PAX_RANDUSTACK + select PAX_ASLR @@ -60128,13 +60331,13 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig + select PAX_RANDKSTACK if (X86_TSC && X86) + select PAX_SEGMEXEC if (X86_32) + select PAX_PAGEEXEC -+ select PAX_EMUPLT if (ALPHA || PARISC || SPARC32 || SPARC64) ++ select PAX_EMUPLT if (ALPHA || PARISC || SPARC) + select PAX_EMUTRAMP if (PARISC) + select PAX_EMUSIGRT if (PARISC) + select PAX_ETEXECRELOCS if (ALPHA || IA64 || PARISC) + select PAX_ELFRELOCS if (PAX_ETEXECRELOCS || (IA64 || PPC || X86)) + select PAX_REFCOUNT if (X86 || SPARC64) -+ select PAX_USERCOPY if ((X86 || PPC || SPARC32 || SPARC64) && (SLAB || SLUB || SLOB)) ++ select PAX_USERCOPY if ((X86 || PPC || SPARC || ARM) && (SLAB || SLUB)) + help + If you say Y here, many of the features of grsecurity will be + enabled, which will protect you against many kinds of attacks @@ -60264,6 +60467,9 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig + It is recommended that you also enable signal logging in the auditing + section so that logs are generated when a process triggers a suspicious + signal. ++ If the sysctl option is enabled, a sysctl option with name ++ "deter_bruteforce" is created. ++ + +config GRKERNSEC_MODHARDEN + bool "Harden module auto-loading" @@ -60313,7 +60519,7 @@ diff -urNp linux-2.6.39.2/grsecurity/Kconfig linux-2.6.39.2/grsecurity/Kconfig + +config GRKERNSEC_KERN_LOCKOUT + bool "Active kernel exploit response" -+ depends on X86 || ARM || PPC || SPARC32 || SPARC64 ++ depends on X86 || ARM || PPC || SPARC + help + If you say Y here, when a PaX alert is triggered due to suspicious + activity in the kernel (from KERNEXEC/UDEREF/USERCOPY) @@ -62865,8 +63071,8 @@ diff -urNp linux-2.6.39.2/include/linux/grdefs.h linux-2.6.39.2/include/linux/gr +#endif diff -urNp linux-2.6.39.2/include/linux/grinternal.h linux-2.6.39.2/include/linux/grinternal.h --- linux-2.6.39.2/include/linux/grinternal.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.39.2/include/linux/grinternal.h 2011-05-22 19:41:42.000000000 -0400 -@@ -0,0 +1,219 @@ ++++ linux-2.6.39.2/include/linux/grinternal.h 2011-06-29 19:41:29.000000000 -0400 +@@ -0,0 +1,220 @@ +#ifndef __GRINTERNAL_H +#define __GRINTERNAL_H + @@ -62947,6 +63153,7 @@ diff -urNp linux-2.6.39.2/include/linux/grinternal.h linux-2.6.39.2/include/linu +extern int grsec_resource_logging; +extern int grsec_enable_blackhole; +extern int grsec_lastack_retries; ++extern int grsec_enable_brute; +extern int grsec_lock; + +extern spinlock_t grsec_alert_lock; @@ -79546,7 +79753,7 @@ diff -urNp linux-2.6.39.2/security/integrity/ima/ima_queue.c linux-2.6.39.2/secu return 0; diff -urNp linux-2.6.39.2/security/Kconfig linux-2.6.39.2/security/Kconfig --- linux-2.6.39.2/security/Kconfig 2011-05-19 00:06:34.000000000 -0400 -+++ linux-2.6.39.2/security/Kconfig 2011-06-03 01:13:26.000000000 -0400 ++++ linux-2.6.39.2/security/Kconfig 2011-06-29 20:57:25.000000000 -0400 @@ -4,6 +4,554 @@ menu "Security options" @@ -80068,7 +80275,7 @@ diff -urNp linux-2.6.39.2/security/Kconfig linux-2.6.39.2/security/Kconfig + +config PAX_USERCOPY + bool "Harden heap object copies between kernel and userland" -+ depends on X86 || PPC || SPARC ++ depends on X86 || PPC || SPARC || ARM + depends on GRKERNSEC && (SLAB || SLUB) + help + By saying Y here the kernel will enforce the size of heap objects |