diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 08:35:51 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-02 11:54:11 +0000 |
commit | 4561ca9c4f5d622dd826f2ce8b4830d6c8756456 (patch) | |
tree | 17690dd96677db7c0aff001e813da166af380046 | |
parent | 51c2dd402a67512c6c21567ee76c81eb73ef1b64 (diff) | |
download | alpine_aports-4561ca9c4f5d622dd826f2ce8b4830d6c8756456.tar.bz2 alpine_aports-4561ca9c4f5d622dd826f2ce8b4830d6c8756456.tar.xz alpine_aports-4561ca9c4f5d622dd826f2ce8b4830d6c8756456.zip |
main/linux-grsec: fix memory map for PIE applications (when randmmap is disabled)
(cherry picked from commit 0407e45a283ccf781eea4aed24703cec49a721f9)
-rw-r--r-- | main/linux-grsec/APKBUILD | 6 | ||||
-rw-r--r-- | main/linux-grsec/fix-memory-map-for-PIE-applications.patch | 68 |
2 files changed, 73 insertions, 1 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 23fe4c09f8..7a5a132334 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD | |||
@@ -7,7 +7,7 @@ case $pkgver in | |||
7 | *.*.*) _kernver=${pkgver%.*};; | 7 | *.*.*) _kernver=${pkgver%.*};; |
8 | *.*) _kernver=${pkgver};; | 8 | *.*) _kernver=${pkgver};; |
9 | esac | 9 | esac |
10 | pkgrel=0 | 10 | pkgrel=1 |
11 | pkgdesc="Linux kernel with grsecurity" | 11 | pkgdesc="Linux kernel with grsecurity" |
12 | url=http://grsecurity.net | 12 | url=http://grsecurity.net |
13 | depends="mkinitfs linux-firmware" | 13 | depends="mkinitfs linux-firmware" |
@@ -25,6 +25,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz | |||
25 | 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch | 25 | 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch |
26 | 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch | 26 | 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch |
27 | 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch | 27 | 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch |
28 | fix-memory-map-for-PIE-applications.patch | ||
28 | 29 | ||
29 | kernelconfig.x86 | 30 | kernelconfig.x86 |
30 | kernelconfig.x86_64 | 31 | kernelconfig.x86_64 |
@@ -157,6 +158,7 @@ aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-p | |||
157 | 2a12a3717052e878c0cd42aa935bfcf4 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch | 158 | 2a12a3717052e878c0cd42aa935bfcf4 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch |
158 | 6ce5fed63aad3f1a1ff1b9ba7b741822 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch | 159 | 6ce5fed63aad3f1a1ff1b9ba7b741822 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch |
159 | 1a5800a2122ba0cc0d06733cb3bb8b8f 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch | 160 | 1a5800a2122ba0cc0d06733cb3bb8b8f 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch |
161 | 6564cb3165cdf3d0dc0910251d62fd62 fix-memory-map-for-PIE-applications.patch | ||
160 | 866e6c4daed45d563829804f8ad50ed9 kernelconfig.x86 | 162 | 866e6c4daed45d563829804f8ad50ed9 kernelconfig.x86 |
161 | 272aaddd0a19a5052208bc25551995a3 kernelconfig.x86_64" | 163 | 272aaddd0a19a5052208bc25551995a3 kernelconfig.x86_64" |
162 | sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz | 164 | sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz |
@@ -168,6 +170,7 @@ dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush | |||
168 | 260fd1807838b68305a96992bf7d3302a2a8ef3a3b08fe079ba9a07e6422f736 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch | 170 | 260fd1807838b68305a96992bf7d3302a2a8ef3a3b08fe079ba9a07e6422f736 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch |
169 | ae32bb72afa170e6c3788c564b342763aba5945afacc1e2ebfc096adf50d77a3 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch | 171 | ae32bb72afa170e6c3788c564b342763aba5945afacc1e2ebfc096adf50d77a3 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch |
170 | fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch | 172 | fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch |
173 | 090e3e8ebcf0f8649042e1b8411722c9ee77e2da111ff84a2ed1d379f0266415 fix-memory-map-for-PIE-applications.patch | ||
171 | 7fd28634998ef1fddafed5f2516e902924245d2464b9e86476bfaa55ccfc3bc3 kernelconfig.x86 | 174 | 7fd28634998ef1fddafed5f2516e902924245d2464b9e86476bfaa55ccfc3bc3 kernelconfig.x86 |
172 | f2843ae4f9b3e3c27f3138ce4b740c2803bdab0c7a910c662d951843803b9554 kernelconfig.x86_64" | 175 | f2843ae4f9b3e3c27f3138ce4b740c2803bdab0c7a910c662d951843803b9554 kernelconfig.x86_64" |
173 | sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz | 176 | sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz |
@@ -179,5 +182,6 @@ sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504d | |||
179 | d2f578ad1d6e1fe52b55863e5bf338ae8201b828a498ec3e42e549c55295d3d1c6c3adfa9e226d711e3486628ed56ab996484e219d79ac4b0c0ec684ebd380aa 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch | 182 | d2f578ad1d6e1fe52b55863e5bf338ae8201b828a498ec3e42e549c55295d3d1c6c3adfa9e226d711e3486628ed56ab996484e219d79ac4b0c0ec684ebd380aa 0004-ipv4-rate-limit-updating-of-next-hop-exceptions-with.patch |
180 | 28a33e644bf2faf99c8dd6dbccfe14e140dfdd8824a8fb2d58aa7deb9e572f130d92b6b35ee181084050d82166bdf2e498a451a2a538a67b7ab84204405d2d87 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch | 183 | 28a33e644bf2faf99c8dd6dbccfe14e140dfdd8824a8fb2d58aa7deb9e572f130d92b6b35ee181084050d82166bdf2e498a451a2a538a67b7ab84204405d2d87 0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch |
181 | 249140374c19a5599876268ff5b3cda2e136681aee103b4a9fff5d7d346f8e3295a907fb43db0701b8a9fece64c299ad2abac0434259cce6631307ce84090205 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch | 184 | 249140374c19a5599876268ff5b3cda2e136681aee103b4a9fff5d7d346f8e3295a907fb43db0701b8a9fece64c299ad2abac0434259cce6631307ce84090205 0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch |
185 | 101aec800e6390f2dee26b496a033b325fb00108e72fc01b3cf6719b1d256526fbc8e7448b3a06b03ce02233b86703f1f2f31267c8e1a7f28a8f47235eaa0b4a fix-memory-map-for-PIE-applications.patch | ||
182 | 1721542ff111c8ec550323dae6f6174131db180668cbf14f01dc4c76ffbbb479715919a80c35d8c8ac22a6479dd3b42700be6ddc5ef2a8b6a62de811c7ae86df kernelconfig.x86 | 186 | 1721542ff111c8ec550323dae6f6174131db180668cbf14f01dc4c76ffbbb479715919a80c35d8c8ac22a6479dd3b42700be6ddc5ef2a8b6a62de811c7ae86df kernelconfig.x86 |
183 | d49bf57bd0aae17d762d87d5bf983e48219d71ca44bc0c3120db94d357192c07146a8938cef9d435218e4bb748691ec426387545837be637d47e45cdc4482d71 kernelconfig.x86_64" | 187 | d49bf57bd0aae17d762d87d5bf983e48219d71ca44bc0c3120db94d357192c07146a8938cef9d435218e4bb748691ec426387545837be637d47e45cdc4482d71 kernelconfig.x86_64" |
diff --git a/main/linux-grsec/fix-memory-map-for-PIE-applications.patch b/main/linux-grsec/fix-memory-map-for-PIE-applications.patch new file mode 100644 index 0000000000..0ef81cf93f --- /dev/null +++ b/main/linux-grsec/fix-memory-map-for-PIE-applications.patch | |||
@@ -0,0 +1,68 @@ | |||
1 | From 21f973f87f480e3d24f1cb6c22b71253d25a3ea1 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> | ||
3 | Date: Tue, 1 Oct 2013 13:46:04 +0300 | ||
4 | Subject: [PATCH 3.10-grsec] fs/binfmt_elf: fix memory map for PIE applications | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | arch/*/include/asm/elf.h comments say: | ||
10 | ELF_ET_DYN_BASE is the location that an ET_DYN program is loaded | ||
11 | if exec'ed. Typical use of this is to invoke "./ld.so someprog" | ||
12 | to test out a new version of the loader. We need to make sure | ||
13 | that it is out of the way of the program that it will "exec", | ||
14 | and that there is sufficient room for the brk. | ||
15 | |||
16 | In case we have main application linked as PIE, this can cause | ||
17 | problems as the main program itself is being loaded to this | ||
18 | alternate address. And this allows limited heap size. While | ||
19 | this is inevitable when exec'ing the interpreter directly, | ||
20 | we should do better for PIE applications. | ||
21 | |||
22 | This fixes the loader to detect PIE application by checking if | ||
23 | elf_interpreter is requested. This images are loaded to beginning | ||
24 | of the address space instead of the specially crafted place for elf | ||
25 | interpreter. This allows full heap address space for PIE applications | ||
26 | and fixes random "out of memory" errors. | ||
27 | |||
28 | Signed-off-by: Timo Teräs <timo.teras@iki.fi> | ||
29 | --- | ||
30 | fs/binfmt_elf.c | 14 ++++++-------- | ||
31 | 1 file changed, 6 insertions(+), 8 deletions(-) | ||
32 | |||
33 | diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c | ||
34 | index 6f036ed..06419af 100644 | ||
35 | --- a/fs/binfmt_elf.c | ||
36 | +++ b/fs/binfmt_elf.c | ||
37 | @@ -1217,21 +1217,19 @@ static int load_elf_binary(struct linux_binprm *bprm) | ||
38 | * default mmap base, as well as whatever program they | ||
39 | * might try to exec. This is because the brk will | ||
40 | * follow the loader, and is not movable. */ | ||
41 | + if (elf_interpreter) | ||
42 | + load_bias = 0x00400000UL; | ||
43 | + else | ||
44 | + load_bias = ELF_ET_DYN_BASE; | ||
45 | #ifdef CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE | ||
46 | /* Memory randomization might have been switched off | ||
47 | * in runtime via sysctl or explicit setting of | ||
48 | * personality flags. | ||
49 | - * If that is the case, retain the original non-zero | ||
50 | - * load_bias value in order to establish proper | ||
51 | - * non-randomized mappings. | ||
52 | */ | ||
53 | if (current->flags & PF_RANDOMIZE) | ||
54 | - load_bias = 0; | ||
55 | - else | ||
56 | - load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); | ||
57 | -#else | ||
58 | - load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); | ||
59 | + load_bias = (get_random_int() & STACK_RND_MASK) << PAGE_SHIFT; | ||
60 | #endif | ||
61 | + load_bias = ELF_PAGESTART(vaddr + load_bias); | ||
62 | |||
63 | #ifdef CONFIG_PAX_RANDMMAP | ||
64 | /* PaX: randomize base address at the default exe base if requested */ | ||
65 | -- | ||
66 | 1.8.4 | ||
67 | |||
68 | |||