main/linux-grsec: upgrade to 2.1.14-2.6.32.11-201004071936

(cherry picked from commit 4afea78ab3bd6afcac3466cd87785aa355c66e43)
author: Natanael Copa <ncopa@alpinelinux.org> 2010-04-13 08:05:19 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2010-04-14 12:21:53 +0000
commit: f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0 (patch)
tree: d2c4108ef53bd7eb97d0efce918cef9c3e119a2f
parent: 6dd7139df647443641f5a1a6bddc77a93e64d697 (diff)
download: alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.tar.bz2
alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.tar.xz
alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.zip
2 files changed, 167 insertions, 121 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 0e93993e87..2b81673eaf 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -4,7 +4,7 @@ _flavor=grsec
 pkgname=linux-${_flavor}
 pkgver=2.6.32.11
 _kernver=2.6.32
-pkgrel=0
+pkgrel=1
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH:-x86}}
 install=
 source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2
        ftp://ftp.kernel.org/pub/linux/kernel/v2.6/patch-$pkgver.bz2
-        grsecurity-2.1.14-2.6.32.11-201004042103.patch
+        grsecurity-2.1.14-2.6.32.11-201004071936.patch
        ip_gre.patch
        ip_gre2.patch
        arp.patch
@@ -126,7 +126,7 @@ firmware() {
 md5sums="260551284ac224c3a43c4adac7df4879  linux-2.6.32.tar.bz2
 855c248334a71ef5ca3d8cb89d51334f  patch-2.6.32.11.bz2
-86fc90c3b2821a5dc0df726893c63297  grsecurity-2.1.14-2.6.32.11-201004042103.patch
+6eabb0c08a988a97a823b5462d1c5018  grsecurity-2.1.14-2.6.32.11-201004071936.patch
 3ef822f3a2723b9a80c3f12954457225  ip_gre.patch
 13ca9e91700e459da269c957062bbea7  ip_gre2.patch
 4c39a161d918e7f274292ecfd168b891  arp.patch
diff --git a/main/linux-grsec/grsecurity-2.1.14-2.6.32.11-201004042103.patch b/main/linux-grsec/grsecurity-2.1.14-2.6.32.11-201004071936.patch
index 77ce387829..62c446bc3e 100644
--- a/main/linux-grsec/grsecurity-2.1.14-2.6.32.11-201004042103.patch
+++ b/main/linux-grsec/grsecurity-2.1.14-2.6.32.11-201004071936.patch
@@ -6908,6 +6908,21 @@ diff -urNp linux-2.6.32.11/arch/x86/include/asm/iommu.h linux-2.6.32.11/arch/x86
 extern int force_iommu, no_iommu;
 extern int iommu_detected;
 extern int iommu_pass_through;
+diff -urNp linux-2.6.32.11/arch/x86/include/asm/irqflags.h linux-2.6.32.11/arch/x86/include/asm/irqflags.h
+--- linux-2.6.32.11/arch/x86/include/asm/irqflags.h     2010-03-15 11:52:04.000000000 -0400
+++ linux-2.6.32.11/arch/x86/include/asm/irqflags.h     2010-04-07 19:33:06.601891934 -0400
+@@ -142,6 +142,11 @@ static inline unsigned long __raw_local_
+        sti;                                    \
+        sysexit
+ 
+#define GET_CR0_INTO_RDI               mov %cr0, %rdi
+#define SET_RDI_INTO_CR0               mov %rdi, %cr0
+#define GET_CR3_INTO_RDI               mov %cr3, %rdi
+#define SET_RDI_INTO_CR3               mov %rdi, %cr3
+
+ #else
+ #define INTERRUPT_RETURN               iret
+ #define ENABLE_INTERRUPTS_SYSEXIT      sti; sysexit
 diff -urNp linux-2.6.32.11/arch/x86/include/asm/kvm_host.h linux-2.6.32.11/arch/x86/include/asm/kvm_host.h
 --- linux-2.6.32.11/arch/x86/include/asm/kvm_host.h     2010-03-15 11:52:04.000000000 -0400
 +++ linux-2.6.32.11/arch/x86/include/asm/kvm_host.h     2010-04-04 20:46:41.500459645 -0400
@@ -7210,8 +7225,8 @@ diff -urNp linux-2.6.32.11/arch/x86/include/asm/mman.h linux-2.6.32.11/arch/x86/
 #endif /* _ASM_X86_MMAN_H */
 diff -urNp linux-2.6.32.11/arch/x86/include/asm/mmu_context.h linux-2.6.32.11/arch/x86/include/asm/mmu_context.h
 --- linux-2.6.32.11/arch/x86/include/asm/mmu_context.h  2010-03-15 11:52:04.000000000 -0400
-+++ linux-2.6.32.11/arch/x86/include/asm/mmu_context.h  2010-04-04 20:58:33.220592413 -0400
+++ linux-2.6.32.11/arch/x86/include/asm/mmu_context.h  2010-04-06 22:21:53.692294722 -0400
-@@ -24,6 +24,22 @@ void destroy_context(struct mm_struct *m
+@@ -24,6 +24,21 @@ void destroy_context(struct mm_struct *m
 
 static inline void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk)
 {
@@ -7223,18 +7238,17 @@ diff -urNp linux-2.6.32.11/arch/x86/include/asm/mmu_context.h linux-2.6.32.11/ar
 +       pax_open_kernel();
 +       pgd = get_cpu_pgd(smp_processor_id());
 +       for (i = USER_PGD_PTRS; i < 2 * USER_PGD_PTRS; ++i)
-+#ifdef CONFIG_PARAVIRT
+               if (paravirt_enabled())
-+               set_pgd(pgd+i, native_make_pgd(0));
+                       set_pgd(pgd+i, native_make_pgd(0));
-+#else
+               else
-+               pgd[i] = native_make_pgd(0);
+                       pgd[i] = native_make_pgd(0);
-+#endif
 +       pax_close_kernel();
 +#endif
 +
 #ifdef CONFIG_SMP
        if (percpu_read(cpu_tlbstate.state) == TLBSTATE_OK)
                percpu_write(cpu_tlbstate.state, TLBSTATE_LAZY);
-@@ -34,37 +50,96 @@ static inline void switch_mm(struct mm_s
+@@ -34,37 +49,96 @@ static inline void switch_mm(struct mm_s
                             struct task_struct *tsk)
 {
        unsigned cpu = smp_processor_id();
@@ -7425,7 +7439,7 @@ diff -urNp linux-2.6.32.11/arch/x86/include/asm/page_64_types.h linux-2.6.32.11/
 #define __VIRTUAL_MASK_SHIFT   47
 diff -urNp linux-2.6.32.11/arch/x86/include/asm/paravirt.h linux-2.6.32.11/arch/x86/include/asm/paravirt.h
 --- linux-2.6.32.11/arch/x86/include/asm/paravirt.h     2010-03-15 11:52:04.000000000 -0400
-+++ linux-2.6.32.11/arch/x86/include/asm/paravirt.h     2010-04-04 20:47:28.952733264 -0400
+++ linux-2.6.32.11/arch/x86/include/asm/paravirt.h     2010-04-07 16:58:23.343008831 -0400
 @@ -729,6 +729,21 @@ static inline void __set_fixmap(unsigned
        pv_mmu_ops.set_fixmap(idx, phys, flags);
 }
@@ -7457,6 +7471,28 @@ diff -urNp linux-2.6.32.11/arch/x86/include/asm/paravirt.h linux-2.6.32.11/arch/
 #endif
 
 #define INTERRUPT_RETURN                                               \
+@@ -1022,6 +1037,21 @@ extern void default_banner(void);
+        PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_irq_enable_sysexit),    \
+                  CLBR_NONE,                                            \
+                  jmp PARA_INDIRECT(pv_cpu_ops+PV_CPU_irq_enable_sysexit))
+
+#define GET_CR0_INTO_RDI                               \
+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0); \
+       mov %rax,%rdi
+
+#define SET_RDI_INTO_CR0                               \
+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_write_cr0)
+
+#define GET_CR3_INTO_RDI                               \
+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_read_cr3); \
+       mov %rax,%rdi
+
+#define SET_RDI_INTO_CR3                               \
+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_write_cr3)
+
+ #endif /* CONFIG_X86_32 */
+ 
+ #endif /* __ASSEMBLY__ */
 diff -urNp linux-2.6.32.11/arch/x86/include/asm/paravirt_types.h linux-2.6.32.11/arch/x86/include/asm/paravirt_types.h
 --- linux-2.6.32.11/arch/x86/include/asm/paravirt_types.h       2010-03-15 11:52:04.000000000 -0400
 +++ linux-2.6.32.11/arch/x86/include/asm/paravirt_types.h       2010-04-04 20:46:41.505526780 -0400
@@ -10641,7 +10677,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_32.S linux-2.6.32.11/arch/x86/k
        CFI_ADJUST_CFA_OFFSET -24
 diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/kernel/entry_64.S
 --- linux-2.6.32.11/arch/x86/kernel/entry_64.S  2010-03-15 11:52:04.000000000 -0400
-+++ linux-2.6.32.11/arch/x86/kernel/entry_64.S  2010-04-04 20:58:33.220592413 -0400
+++ linux-2.6.32.11/arch/x86/kernel/entry_64.S  2010-04-07 16:58:23.343008831 -0400
 @@ -53,6 +53,7 @@
 #include <asm/paravirt.h>
 #include <asm/ftrace.h>
@@ -10650,7 +10686,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
 
 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this.  */
 #include <linux/elf-em.h>
-@@ -174,6 +175,200 @@ ENTRY(native_usergs_sysret64)
+@@ -174,6 +175,189 @@ ENTRY(native_usergs_sysret64)
 ENDPROC(native_usergs_sysret64)
 #endif /* CONFIG_PARAVIRT */
 
@@ -10671,16 +10707,13 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
 +ENTRY(pax_enter_kernel)
 +
 +#ifdef CONFIG_PAX_KERNEXEC
-+       push %rax
 +       push %rdi
 +
 +#ifdef CONFIG_PARAVIRT
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
+       PV_SAVE_REGS(CLBR_RDI)
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
-+       mov %rax,%rdi
-+#else
-+       mov %cr0,%rdi
 +#endif
+
+       GET_CR0_INTO_RDI
 +       bts $16,%rdi
 +       jnc 1f
 +       mov %cs,%edi
@@ -10688,17 +10721,14 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
 +       jz 3f
 +       ljmpq __KERNEL_CS,3f
 +1:     ljmpq __KERNEXEC_KERNEL_CS,2f
-+2:
+2:     SET_RDI_INTO_CR0
-+#ifdef CONFIG_PARAVIRT
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_write_cr0)
-+3:     PV_RESTORE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
-+#else
-+       mov %rdi,%cr0
 +3:
+
+#ifdef CONFIG_PARAVIRT
+       PV_RESTORE_REGS(CLBR_RDI)
 +#endif
 +
 +       pop %rdi
-+       pop %rax
 +#endif
 +
 +       retq
@@ -10707,34 +10737,26 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
 +ENTRY(pax_exit_kernel)
 +
 +#ifdef CONFIG_PAX_KERNEXEC
-+       push %rax
 +       push %rdi
 +
 +#ifdef CONFIG_PARAVIRT
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
+       PV_SAVE_REGS(CLBR_RDI)
 +#endif
+
 +       mov %cs,%rdi
 +       cmp $__KERNEXEC_KERNEL_CS,%edi
 +       jnz 2f
-+#ifdef CONFIG_PARAVIRT
+       GET_CR0_INTO_RDI
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
-+       mov %rax,%rdi
-+#else
-+       mov %cr0,%rdi
-+#endif
 +       btr $16,%rdi
 +       ljmpq __KERNEL_CS,1f
-+1:
+1:     SET_RDI_INTO_CR0
-+#ifdef CONFIG_PARAVIRT
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_write_cr0)
-+2:     PV_RESTORE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI);
-+#else
-+       mov %rdi,%cr0
 +2:
+
+#ifdef CONFIG_PARAVIRT
+       PV_RESTORE_REGS(CLBR_RDI);
 +#endif
 +
 +       pop %rdi
-+       pop %rax
 +#endif
 +
 +       retq
@@ -10743,115 +10765,118 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
 +ENTRY(pax_enter_kernel_user)
 +
 +#ifdef CONFIG_PAX_MEMORY_UDEREF
-+       push %rax
 +       push %rdi
+       push %rbx
 +
 +#ifdef CONFIG_PARAVIRT
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
+       PV_SAVE_REGS(CLBR_RDI)
-+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_read_cr3)
-+#else
-+       mov %cr3,%rax
 +#endif
 +
-+       mov %rax,%rdi
+       GET_CR3_INTO_RDI
-+       add $__START_KERNEL_map,%rax
+       mov %rdi,%rbx
-+       sub phys_base(%rip),%rax
+       add $__START_KERNEL_map,%rbx
+       sub phys_base(%rip),%rbx
 +
+#ifdef CONFIG_PARAVIRT
+       push %rdi
+       cmpl $0, pv_info+PARAVIRT_enabled
+       jz 1f
 +       i = 0
 +       .rept USER_PGD_PTRS
-+#ifdef CONFIG_PARAVIRT
+       mov i*8(%rbx),%rsi
-+       mov i*8(%rax),%rsi
+       mov $0,%sil
-+       mov $0,$sil
+       lea i*8(%rbx),%rdi
-+       lea i*8(%rax),%rdi
+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_set_pgd)
-+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_set+pgd)
+       i = i + 1
-+#else
+       .endr
-+       movb $0,i*8(%rax)
+       jmp 2f
+1:
 +#endif
+
+       i = 0
+       .rept USER_PGD_PTRS
+       movb $0,i*8(%rbx)
 +       i = i + 1
 +       .endr
 +
 +#ifdef CONFIG_PARAVIRT
-+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_write_cr3)
+2:     pop %rdi
-+       PV_RESTORE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
-+#else
-+       mov %rdi,%cr3
 +#endif
+       SET_RDI_INTO_CR3
 +
 +#ifdef CONFIG_PAX_KERNEXEC
-+#ifdef CONFIG_PARAVIRT
+       GET_CR0_INTO_RDI
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
-+       mov %rax,%rdi
-+#else
-+       mov %cr0,%rdi
-+#endif
 +       bts $16,%rdi
-+#ifdef CONFIG_PARAVIRT
+       SET_RDI_INTO_CR0
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_write_cr0)
-+       PV_RESTORE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
-+#else
-+       mov %rdi,%cr0
 +#endif
+
+#ifdef CONFIG_PARAVIRT
+       PV_RESTORE_REGS(CLBR_RDI)
 +#endif
 +
+       pop %rbx
 +       pop %rdi
-+       pop %rax
 +#endif
 +
 +       retq
 +ENDPROC(pax_enter_kernel_user)
 +
 +ENTRY(pax_exit_kernel_user)
-+       push %rax
+
+#ifdef CONFIG_PAX_MEMORY_UDEREF
 +       push %rdi
 +
-+#ifdef CONFIG_PAX_KERNEXEC
 +#ifdef CONFIG_PARAVIRT
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
+       push %rbx
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_read_cr0)
+       PV_SAVE_REGS(CLBR_RDI)
-+       mov %rax,%rdi
-+#else
-+       mov %cr0,%rdi
 +#endif
+
+#ifdef CONFIG_PAX_KERNEXEC
+       GET_CR0_INTO_RDI
 +       btr $16,%rdi
-+#ifdef CONFIG_PARAVIRT
+       SET_RDI_INTO_CR0
-+       call PARA_INDIRECT(pv_cpu_ops+PV_CPU_write_cr0)
-+       PV_RESTORE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
-+#else
-+       mov %rdi,%cr0
-+#endif
 +#endif
 +
+       GET_CR3_INTO_RDI
+       add $__START_KERNEL_map,%rdi
+       sub phys_base(%rip),%rdi
+
 +#ifdef CONFIG_PARAVIRT
-+       PV_SAVE_REGS(CLBR_NONE | CLBR_RAX | CLBR_RDI)
+       cmpl $0, pv_info+PARAVIRT_enabled
-+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_read_cr3)
+       jz 1f
-+#else
+       mov %rdi,%rbx
-+       mov %cr3,%rax
+       i = 0
+       .rept USER_PGD_PTRS
+       mov i*8(%rbx),%rsi
+       mov $0x67,%sil
+       lea i*8(%rbx),%rdi
+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_set_pgd)
+       i = i + 1
+       .endr
+       jmp 2f
+1:
 +#endif
-+       add $__START_KERNEL_map,%rax
-+       sub phys_base(%rip),%rax
 +
 +       i = 0
 +       .rept USER_PGD_PTRS
-+#ifdef CONFIG_PARAVIRT
+       movb $0x67,i*8(%rdi)
-+       mov i*8(%rax),%rsi
-+       mov $0x67,$sil
-+       lea i*8(%rax),%rdi
-+       call PARA_INDIRECT(pv_mmu_ops+PV_MMU_set+pgd)
-+#else
-+       movb $0x67,i*8(%rax)
-+#endif
 +       i = i + 1
 +       .endr
 +
+#ifdef CONFIG_PARAVIRT
+2:     PV_RESTORE_REGS(CLBR_RDI)
+       pop %rbx
+#endif
+
 +       pop %rdi
-+       pop %rax
+#endif
+
 +       retq
 +ENDPROC(pax_exit_kernel_user)
 
 .macro TRACE_IRQS_IRETQ offset=ARGOFFSET
 #ifdef CONFIG_TRACE_IRQFLAGS
-@@ -468,6 +663,11 @@ ENTRY(system_call_after_swapgs)
+@@ -468,6 +652,11 @@ ENTRY(system_call_after_swapgs)
 
        movq    %rsp,PER_CPU_VAR(old_rsp)
        movq    PER_CPU_VAR(kernel_stack),%rsp
@@ -10863,7 +10888,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        /*
         * No need to follow this irqs off/on section - it's straight
         * and short:
-@@ -502,6 +702,11 @@ sysret_check:
+@@ -502,6 +691,11 @@ sysret_check:
        andl %edi,%edx
        jnz  sysret_careful
        CFI_REMEMBER_STATE
@@ -10875,7 +10900,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        /*
         * sysretq will re-enable interrupts:
         */
-@@ -800,7 +1005,16 @@ END(interrupt)
+@@ -800,7 +994,16 @@ END(interrupt)
        CFI_ADJUST_CFA_OFFSET 10*8
        call save_args
        PARTIAL_FRAME 0
@@ -10893,7 +10918,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        .endm
 
        /*
-@@ -844,12 +1058,18 @@ retint_swapgs:           /* return to user-space 
+@@ -844,12 +1047,18 @@ retint_swapgs:           /* return to user-space 
         * The iretq could re-enable interrupts:
         */
        DISABLE_INTERRUPTS(CLBR_ANY)
@@ -10912,7 +10937,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        /*
         * The iretq could re-enable interrupts:
         */
-@@ -1032,7 +1252,16 @@ ENTRY(\sym)
+@@ -1032,7 +1241,16 @@ ENTRY(\sym)
        CFI_ADJUST_CFA_OFFSET 15*8
        call error_entry
        DEFAULT_FRAME 0
@@ -10930,7 +10955,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        xorl %esi,%esi          /* no error code */
        call \do_sym
        jmp error_exit          /* %ebx: no swapgs flag */
-@@ -1049,7 +1278,16 @@ ENTRY(\sym)
+@@ -1049,7 +1267,16 @@ ENTRY(\sym)
        subq $15*8, %rsp
        call save_paranoid
        TRACE_IRQS_OFF
@@ -10948,7 +10973,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        xorl %esi,%esi          /* no error code */
        call \do_sym
        jmp paranoid_exit       /* %ebx: no swapgs flag */
-@@ -1066,9 +1304,23 @@ ENTRY(\sym)
+@@ -1066,9 +1293,23 @@ ENTRY(\sym)
        subq $15*8, %rsp
        call save_paranoid
        TRACE_IRQS_OFF
@@ -10974,7 +10999,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        subq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
        call \do_sym
        addq $EXCEPTION_STKSZ, TSS_ist + (\ist - 1) * 8(%rbp)
-@@ -1085,7 +1337,16 @@ ENTRY(\sym)
+@@ -1085,7 +1326,16 @@ ENTRY(\sym)
        CFI_ADJUST_CFA_OFFSET 15*8
        call error_entry
        DEFAULT_FRAME 0
@@ -10992,7 +11017,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        movq ORIG_RAX(%rsp),%rsi        /* get error code */
        movq $-1,ORIG_RAX(%rsp)         /* no syscall to restart */
        call \do_sym
-@@ -1104,7 +1365,16 @@ ENTRY(\sym)
+@@ -1104,7 +1354,16 @@ ENTRY(\sym)
        call save_paranoid
        DEFAULT_FRAME 0
        TRACE_IRQS_OFF
@@ -11010,7 +11035,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        movq ORIG_RAX(%rsp),%rsi        /* get error code */
        movq $-1,ORIG_RAX(%rsp)         /* no syscall to restart */
        call \do_sym
-@@ -1408,11 +1678,13 @@ ENTRY(paranoid_exit)
+@@ -1408,11 +1667,13 @@ ENTRY(paranoid_exit)
        testl $3,CS(%rsp)
        jnz   paranoid_userspace
 paranoid_swapgs:
@@ -11024,7 +11049,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        TRACE_IRQS_IRETQ 0
        RESTORE_ALL 8
        jmp irq_return
-@@ -1529,6 +1801,16 @@ ENTRY(nmi)
+@@ -1529,6 +1790,16 @@ ENTRY(nmi)
        CFI_ADJUST_CFA_OFFSET 15*8
        call save_paranoid
        DEFAULT_FRAME 0
@@ -11041,7 +11066,7 @@ diff -urNp linux-2.6.32.11/arch/x86/kernel/entry_64.S linux-2.6.32.11/arch/x86/k
        /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
        movq %rsp,%rdi
        movq $-1,%rsi
-@@ -1544,6 +1826,7 @@ ENTRY(nmi)
+@@ -1544,6 +1815,7 @@ ENTRY(nmi)
 nmi_swapgs:
        SWAPGS_UNSAFE_STACK
 nmi_restore:
@@ -30825,6 +30850,18 @@ diff -urNp linux-2.6.32.11/fs/hfsplus/inode.c linux-2.6.32.11/fs/hfsplus/inode.c
                hfs_bnode_read(fd.bnode, &entry, fd.entryoffset,
                                        sizeof(struct hfsplus_cat_file));
                hfsplus_inode_write_fork(inode, &file->data_fork);
+diff -urNp linux-2.6.32.11/fs/hugetlbfs/inode.c linux-2.6.32.11/fs/hugetlbfs/inode.c
+--- linux-2.6.32.11/fs/hugetlbfs/inode.c        2010-03-15 11:52:04.000000000 -0400
+++ linux-2.6.32.11/fs/hugetlbfs/inode.c        2010-04-06 22:13:08.677504702 -0400
+@@ -909,7 +909,7 @@ static struct file_system_type hugetlbfs
+        .kill_sb        = kill_litter_super,
+ };
+ 
+-static struct vfsmount *hugetlbfs_vfsmount;
+struct vfsmount *hugetlbfs_vfsmount;
+ 
+ static int can_do_hugetlb_shm(void)
+ {
 diff -urNp linux-2.6.32.11/fs/ioctl.c linux-2.6.32.11/fs/ioctl.c
 --- linux-2.6.32.11/fs/ioctl.c  2010-03-15 11:52:04.000000000 -0400
 +++ linux-2.6.32.11/fs/ioctl.c  2010-04-04 20:46:41.653544810 -0400
@@ -33684,8 +33721,8 @@ diff -urNp linux-2.6.32.11/grsecurity/gracl_alloc.c linux-2.6.32.11/grsecurity/g
 +}
 diff -urNp linux-2.6.32.11/grsecurity/gracl.c linux-2.6.32.11/grsecurity/gracl.c
 --- linux-2.6.32.11/grsecurity/gracl.c  1969-12-31 19:00:00.000000000 -0500
-+++ linux-2.6.32.11/grsecurity/gracl.c  2010-04-04 20:46:41.668784531 -0400
+++ linux-2.6.32.11/grsecurity/gracl.c  2010-04-06 22:16:21.600343588 -0400
-@@ -0,0 +1,3917 @@
+@@ -0,0 +1,3924 @@
 +#include <linux/kernel.h>
 +#include <linux/module.h>
 +#include <linux/sched.h>
@@ -33764,6 +33801,10 @@ diff -urNp linux-2.6.32.11/grsecurity/gracl.c linux-2.6.32.11/grsecurity/gracl.c
 +extern struct vfsmount *sock_mnt;
 +extern struct vfsmount *pipe_mnt;
 +extern struct vfsmount *shm_mnt;
+#ifdef CONFIG_HUGETLBFS
+extern struct vfsmount *hugetlbfs_vfsmount;
+#endif
+
 +static struct acl_object_label *fakefs_obj;
 +
 +extern int gr_init_uidset(void);
@@ -35479,6 +35520,9 @@ diff -urNp linux-2.6.32.11/grsecurity/gracl.c linux-2.6.32.11/grsecurity/gracl.c
 +       spin_lock(&dcache_lock);
 +
 +       if (unlikely(mnt == shm_mnt || mnt == pipe_mnt || mnt == sock_mnt ||
+#ifdef CONFIG_HUGETLBFS
+           mnt == hugetlbfs_vfsmount ||
+#endif
 +               /* ignore Eric Biederman */
 +           IS_PRIVATE(l_dentry->d_inode))) {
 +               retval = fakefs_obj;
@@ -47655,7 +47699,7 @@ diff -urNp linux-2.6.32.11/kernel/hrtimer.c linux-2.6.32.11/kernel/hrtimer.c
 }
 diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
 --- linux-2.6.32.11/kernel/kallsyms.c   2010-03-15 11:52:04.000000000 -0400
-+++ linux-2.6.32.11/kernel/kallsyms.c   2010-04-04 20:46:41.693491350 -0400
+++ linux-2.6.32.11/kernel/kallsyms.c   2010-04-06 22:21:53.692294722 -0400
 @@ -11,6 +11,9 @@
  *      Changed the compression method from stem compression to "table lookup"
  *      compression (see scripts/kallsyms.c for a more complete description)
@@ -47676,7 +47720,7 @@ diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
        if (addr >= (unsigned long)_sinittext
            && addr <= (unsigned long)_einittext)
                return 1;
-@@ -67,6 +73,24 @@ static inline int is_kernel_text(unsigne
+@@ -67,6 +73,26 @@ static inline int is_kernel_text(unsigne
 
 static inline int is_kernel(unsigned long addr)
 {
@@ -47684,8 +47728,10 @@ diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
 +               return 1;
 +
 +#if defined(CONFIG_X86_32) && defined(CONFIG_PAX_KERNEXEC)
+#ifdef CONFIG_MODULES
 +       if ((unsigned long)MODULES_EXEC_VADDR <= ktla_ktva(addr) && ktla_ktva(addr) <= (unsigned long)MODULES_EXEC_END)
 +               return 0;
+#endif
 +
 +       if (is_kernel_text(addr))
 +               return 1;
@@ -47701,7 +47747,7 @@ diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
        if (addr >= (unsigned long)_stext && addr <= (unsigned long)_end)
                return 1;
        return in_gate_area_no_task(addr);
-@@ -413,7 +437,6 @@ static unsigned long get_ksymbol_core(st
+@@ -413,7 +439,6 @@ static unsigned long get_ksymbol_core(st
 
 static void reset_iter(struct kallsym_iter *iter, loff_t new_pos)
 {
@@ -47709,7 +47755,7 @@ diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
        iter->nameoff = get_symbol_offset(new_pos);
        iter->pos = new_pos;
 }
-@@ -461,6 +484,11 @@ static int s_show(struct seq_file *m, vo
+@@ -461,6 +486,11 @@ static int s_show(struct seq_file *m, vo
 {
        struct kallsym_iter *iter = m->private;
 
@@ -47721,7 +47767,7 @@ diff -urNp linux-2.6.32.11/kernel/kallsyms.c linux-2.6.32.11/kernel/kallsyms.c
        /* Some debugging symbols have no name.  Ignore them. */
        if (!iter->name[0])
                return 0;
-@@ -501,7 +529,7 @@ static int kallsyms_open(struct inode *i
+@@ -501,7 +531,7 @@ static int kallsyms_open(struct inode *i
        struct kallsym_iter *iter;
        int ret;
author	Natanael Copa <ncopa@alpinelinux.org>	2010-04-13 08:05:19 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2010-04-14 12:21:53 +0000
commit	f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0 (patch)
tree	d2c4108ef53bd7eb97d0efce918cef9c3e119a2f
parent	6dd7139df647443641f5a1a6bddc77a93e64d697 (diff)
download	alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.tar.bz2 alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.tar.xz alpine_aports-f4c1523e429f2a7e9d5c83c6d8a41b0a6fdbd2b0.zip