Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 847776 Details for
Bug 788691
dev-build/kbuild-0.1.9998.3407 kmk_builtin_redirect […]/kUtil/kUtil.a Segmentation fault (GCC 11.1?)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
hardened1 patches that trigger BUG
5-15-85-hardened-nomemory.patch (text/plain), 5.58 KB, created by
genBTC
on 2023-01-07 09:14:15 UTC
(
hide
)
Description:
hardened1 patches that trigger BUG
Filename:
MIME Type:
Creator:
genBTC
Created:
2023-01-07 09:14:15 UTC
Size:
5.58 KB
patch
obsolete
>diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c >index 1000d457c3321..18d38955bc20a 100644 >--- a/arch/x86/entry/vdso/vma.c >+++ b/arch/x86/entry/vdso/vma.c >@@ -298,55 +298,9 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) > } > > #ifdef CONFIG_X86_64 >-/* >- * Put the vdso above the (randomized) stack with another randomized >- * offset. This way there is no hole in the middle of address space. >- * To save memory make sure it is still in the same PTE as the stack >- * top. This doesn't give that many random bits. >- * >- * Note that this algorithm is imperfect: the distribution of the vdso >- * start address within a PMD is biased toward the end. >- * >- * Only used for the 64-bit and x32 vdsos. >- */ >-static unsigned long vdso_addr(unsigned long start, unsigned len) >-{ >- unsigned long addr, end; >- unsigned offset; >- >- /* >- * Round up the start address. It can start out unaligned as a result >- * of stack start randomization. >- */ >- start = PAGE_ALIGN(start); >- >- /* Round the lowest possible end address up to a PMD boundary. */ >- end = (start + len + PMD_SIZE - 1) & PMD_MASK; >- if (end >= TASK_SIZE_MAX) >- end = TASK_SIZE_MAX; >- end -= len; >- >- if (end > start) { >- offset = get_random_int() % (((end - start) >> PAGE_SHIFT) + 1); >- addr = start + (offset << PAGE_SHIFT); >- } else { >- addr = start; >- } >- >- /* >- * Forcibly align the final address in case we have a hardware >- * issue that requires alignment for performance reasons. >- */ >- addr = align_vdso_addr(addr); >- >- return addr; >-} >- > static int map_vdso_randomized(const struct vdso_image *image) > { >- unsigned long addr = vdso_addr(current->mm->start_stack, image->size-image->sym_vvar_start); >- >- return map_vdso(image, addr); >+ return map_vdso(image, 0); > } > #endif > >diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h >index 29fea180a6658..28d86671b089a 100644 >--- a/arch/x86/include/asm/elf.h >+++ b/arch/x86/include/asm/elf.h >@@ -247,11 +247,11 @@ extern int force_personality32; > > /* > * This is the base location for PIE (ET_DYN with INTERP) loads. On >- * 64-bit, this is above 4GB to leave the entire 32-bit address >+ * 64-bit, this is raised to 4GB to leave the entire 32-bit address > * space open for things that want to use the area for 32-bit pointers. > */ > #define ELF_ET_DYN_BASE (mmap_is_ia32() ? 0x000400000UL : \ >- (DEFAULT_MAP_WINDOW / 3 * 2)) >+ 0x100000000UL) > > /* This yields a mask that user programs can use to figure out what > instruction set this CPU supports. This could be done in user space, >@@ -333,8 +333,8 @@ extern unsigned long get_sigframe_size(void); > > #ifdef CONFIG_X86_32 > >-#define __STACK_RND_MASK(is32bit) (0x7ff) >-#define STACK_RND_MASK (0x7ff) >+#define __STACK_RND_MASK(is32bit) ((1UL << mmap_rnd_bits) - 1) >+#define STACK_RND_MASK ((1UL << mmap_rnd_bits) - 1) > > #define ARCH_DLINFO ARCH_DLINFO_IA32 > >@@ -343,7 +343,11 @@ extern unsigned long get_sigframe_size(void); > #else /* CONFIG_X86_32 */ > > /* 1GB for 64bit, 8MB for 32bit */ >-#define __STACK_RND_MASK(is32bit) ((is32bit) ? 0x7ff : 0x3fffff) >+#ifdef CONFIG_COMPAT >+#define __STACK_RND_MASK(is32bit) ((is32bit) ? (1UL << mmap_rnd_compat_bits) - 1 : (1UL << mmap_rnd_bits) - 1) >+#else >+#define __STACK_RND_MASK(is32bit) ((1UL << mmap_rnd_bits) - 1) >+#endif > #define STACK_RND_MASK __STACK_RND_MASK(mmap_is_ia32()) > > #define ARCH_DLINFO \ >@@ -407,5 +411,4 @@ struct va_alignment { > } ____cacheline_aligned; > > extern struct va_alignment va_align; >-extern unsigned long align_vdso_addr(unsigned long); > #endif /* _ASM_X86_ELF_H */ >265a375,446 >diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c >index bc9b4b93cf9bc..76f2bd6012e57 100644 >--- a/arch/x86/kernel/process.c >+++ b/arch/x86/kernel/process.c >@@ -43,6 +43,8 @@ > #include <asm/io_bitmap.h> > #include <asm/proto.h> > #include <asm/frame.h> >+#include <asm/elf.h> >+#include <linux/sizes.h> > > #include "process.h" > >@@ -625,6 +627,7 @@ void speculation_ctrl_update_current(void) > static inline void cr4_toggle_bits_irqsoff(unsigned long mask) > { > unsigned long newval, cr4 = this_cpu_read(cpu_tlbstate.cr4); >+ BUG_ON(cr4 != __read_cr4()); > > newval = cr4 ^ mask; > if (newval != cr4) { >@@ -937,7 +940,10 @@ unsigned long arch_align_stack(unsigned long sp) > > unsigned long arch_randomize_brk(struct mm_struct *mm) > { >- return randomize_page(mm->brk, 0x02000000); >+ if (mmap_is_ia32()) >+ return mm->brk + get_random_long() % SZ_32M + PAGE_SIZE; >+ else >+ return mm->brk + get_random_long() % SZ_1G + PAGE_SIZE; > } > > /* >diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c >index 8cc653ffdccd7..77e8a88ba3b31 100644 >--- a/arch/x86/kernel/sys_x86_64.c >+++ b/arch/x86/kernel/sys_x86_64.c >@@ -52,13 +52,6 @@ static unsigned long get_align_bits(void) > return va_align.bits & get_align_mask(); > } > >-unsigned long align_vdso_addr(unsigned long addr) >-{ >- unsigned long align_mask = get_align_mask(); >- addr = (addr + align_mask) & ~align_mask; >- return addr | get_align_bits(); >-} >- > static int __init control_va_addr_alignment(char *str) > { > /* guard against enabling this on other CPU families */ >@@ -113,10 +106,7 @@ static void find_start_end(unsigned long addr, unsigned long flags, > } > > *begin = get_mmap_base(1); >- if (in_32bit_syscall()) >- *end = task_size_32bit(); >- else >- *end = task_size_64bit(addr > DEFAULT_MAP_WINDOW); >+ *end = get_mmap_base(0); > } > > unsigned long >@@ -193,7 +183,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, > > info.flags = VM_UNMAPPED_AREA_TOPDOWN; > info.length = len; >- info.low_limit = PAGE_SIZE; >+ info.low_limit = get_mmap_base(1); > info.high_limit = get_mmap_base(0); > > /*
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=847776">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 788691
:
706458
|
706461
|
751178
|
751216
| 847776
