Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 298441 Details for
Bug 329499
dev-lang/python-2.6 'rwx' mmap() calls prevent loading of ctypes module (possibly others) under new PaX kernels
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
kernel EMUTRAMP patch (tested on 3.1.8-grsec-201201062207)
emutramp.patch (text/plain), 3.53 KB, created by
Pavel Labushev
on 2012-01-10 01:01:12 UTC
(
hide
)
Description:
kernel EMUTRAMP patch (tested on 3.1.8-grsec-201201062207)
Filename:
MIME Type:
Creator:
Pavel Labushev
Created:
2012-01-10 01:01:12 UTC
Size:
3.53 KB
patch
obsolete
># interdiff pax-linux-3.1.8-test22.patch pax-linux-3.1.8-test23.patch >reverted: >--- linux-3.1.8-pax/arch/s390/kernel/setup.c 2011-10-24 13:07:45.779029872 +0200 >+++ linux-3.1.8/arch/s390/kernel/setup.c 2011-10-24 12:48:25.395091819 +0200 >@@ -271,7 +271,7 @@ > } > early_param("mem", early_parse_mem); > >+unsigned int user_mode = HOME_SPACE_MODE; >-unsigned int user_mode = SECONDARY_SPACE_MODE; > EXPORT_SYMBOL_GPL(user_mode); > > static int set_amode_and_uaccess(unsigned long user_amode, >diff -u linux-3.1.8-pax/arch/x86/include/asm/alternative-asm.h linux-3.1.8-pax/arch/x86/include/asm/alternative-asm.h >--- linux-3.1.8-pax/arch/x86/include/asm/alternative-asm.h 2011-12-02 19:06:05.331851615 +0100 >+++ linux-3.1.8-pax/arch/x86/include/asm/alternative-asm.h 2012-01-08 19:22:10.467555159 +0100 >@@ -4,10 +4,10 @@ > > #ifdef CONFIG_SMP > .macro LOCK_PREFIX >-1: lock >+672: lock > .section .smp_locks,"a" > .balign 4 >- .long 1b - . >+ .long 672b - . > .previous > .endm > #else >diff -u linux-3.1.8-pax/arch/x86/include/asm/atomic.h linux-3.1.8-pax/arch/x86/include/asm/atomic.h >--- linux-3.1.8-pax/arch/x86/include/asm/atomic.h 2011-10-24 13:07:45.795029858 +0200 >+++ linux-3.1.8-pax/arch/x86/include/asm/atomic.h 2012-01-08 03:46:50.937673168 +0100 >@@ -390,8 +390,8 @@ > #ifdef CONFIG_M386 > no_xadd: /* Legacy 386 processor */ > raw_local_irq_save(flags); >- __i = atomic_read(v); >- atomic_set(v, i + __i); >+ __i = atomic_read_unchecked(v); >+ atomic_set_unchecked(v, i + __i); > raw_local_irq_restore(flags); > return i + __i; > #endif >diff -u linux-3.1.8-pax/arch/x86/mm/fault.c linux-3.1.8-pax/arch/x86/mm/fault.c >--- linux-3.1.8-pax/arch/x86/mm/fault.c 2011-11-15 18:04:32.837973586 +0100 >+++ linux-3.1.8-pax/arch/x86/mm/fault.c 2012-01-09 21:49:13.922572670 +0100 >@@ -1442,6 +1442,30 @@ > { > int err; > >+ do { /* PaX: libffi trampoline emulation */ >+ unsigned char mov, jmp; >+ unsigned int addr1, addr2; >+ >+#ifdef CONFIG_X86_64 >+ if ((regs->ip + 9) >> 32) >+ break; >+#endif >+ >+ err = get_user(mov, (unsigned char __user *)regs->ip); >+ err |= get_user(addr1, (unsigned int __user *)(regs->ip + 1)); >+ err |= get_user(jmp, (unsigned char __user *)(regs->ip + 5)); >+ err |= get_user(addr2, (unsigned int __user *)(regs->ip + 6)); >+ >+ if (err) >+ break; >+ >+ if (mov == 0xB8 && jmp == 0xE9) { >+ regs->ax = addr1; >+ regs->ip = (unsigned int)(regs->ip + addr2 + 10); >+ return 2; >+ } >+ } while (0); >+ > do { /* PaX: gcc trampoline emulation #1 */ > unsigned char mov1, mov2; > unsigned short jmp; >@@ -1501,6 +1525,34 @@ > { > int err; > >+ do { /* PaX: libffi trampoline emulation */ >+ unsigned short mov1, mov2, jmp1; >+ unsigned char stcclc, jmp2; >+ unsigned long addr1, addr2; >+ >+ err = get_user(mov1, (unsigned short __user *)regs->ip); >+ err |= get_user(addr1, (unsigned long __user *)(regs->ip + 2)); >+ err |= get_user(mov2, (unsigned short __user *)(regs->ip + 10)); >+ err |= get_user(addr2, (unsigned long __user *)(regs->ip + 12)); >+ err |= get_user(stcclc, (unsigned char __user *)(regs->ip + 20)); >+ err |= get_user(jmp1, (unsigned short __user *)(regs->ip + 21)); >+ err |= get_user(jmp2, (unsigned char __user *)(regs->ip + 23)); >+ >+ if (err) >+ break; >+ >+ if (mov1 == 0xBB49 && mov2 == 0xBA49 && (stcclc == 0xF8 || stcclc == 0xF9) && jmp1 == 0xFF49 && jmp2 == 0xE3) { >+ regs->r11 = addr1; >+ regs->r10 = addr2; >+ if (stcclc == 0xF8) >+ regs->flags &= ~X86_EFLAGS_CF; >+ else >+ regs->flags |= X86_EFLAGS_CF; >+ regs->ip = addr1; >+ return 2; >+ } >+ } while (0); >+ > do { /* PaX: gcc trampoline emulation #1 */ > unsigned short mov1, mov2, jmp1; > unsigned char jmp2;
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 329499
:
239871
|
239875
|
240887
|
240889
|
240891
|
288671
|
297183
|
297185
| 298441 |
298841
|
304207
|
308707
|
308711