aboutsummaryrefslogtreecommitdiffstats
path: root/main/linux-grsec
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-10-23 07:42:50 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-10-23 12:59:09 +0000
commit84f85bac07604b9cb12f3104534535c993ddb1e4 (patch)
tree5d78c2c0d87b04ba0462bc5ed48b062991cdb5dd /main/linux-grsec
parent4cee076869205e9cd7c2b35f85e9198bdf81c876 (diff)
downloadaports-84f85bac07604b9cb12f3104534535c993ddb1e4.tar.bz2
aports-84f85bac07604b9cb12f3104534535c993ddb1e4.tar.xz
main/linux-grsec: fix x86_64 copy_user_generic
Diffstat (limited to 'main/linux-grsec')
-rw-r--r--main/linux-grsec/0001-pax-x86_64-fix-copy_user_generic.patch40
-rw-r--r--main/linux-grsec/APKBUILD6
2 files changed, 45 insertions, 1 deletions
diff --git a/main/linux-grsec/0001-pax-x86_64-fix-copy_user_generic.patch b/main/linux-grsec/0001-pax-x86_64-fix-copy_user_generic.patch
new file mode 100644
index 0000000000..da442aae39
--- /dev/null
+++ b/main/linux-grsec/0001-pax-x86_64-fix-copy_user_generic.patch
@@ -0,0 +1,40 @@
+From b8bf456d13988fb38cfe248676327f44a2d2ed2e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Wed, 23 Oct 2013 09:54:54 +0300
+Subject: [PATCH] pax: x86_64: fix copy_user_generic
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Pax patch removed r10 from clobbers list as all assembly code was
+updated to not use it. However, in the error path the assembly code
+ends up calling copy_user_handle_tail() C-function that can clobber
+r10. This broke things for certain gcc optimizations (at least for gcc
+4.8.x), as copy_user_generic() is inline function, and the inline
+assembly incorrectly guaranteed not to clobber r10.
+
+Add r10 back to clobbers list like vanilla kernel has it. It is
+needed always due to the possibly C-function call in error path.
+
+Signed-off-by: Timo Teräs <timo.teras@iki.f>
+Acked-by: Natanael Copa <ncopa@alpinelinux.org>
+---
+ arch/x86/include/asm/uaccess_64.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
+index 1dbe82f..9d398f4 100644
+--- a/arch/x86/include/asm/uaccess_64.h
++++ b/arch/x86/include/asm/uaccess_64.h
+@@ -44,7 +44,7 @@ copy_user_generic(void *to, const void *from, unsigned len)
+ ASM_OUTPUT2("=a" (ret), "=D" (to), "=S" (from),
+ "=d" (len)),
+ "1" (to), "2" (from), "3" (len)
+- : "memory", "rcx", "r8", "r9", "r11");
++ : "memory", "rcx", "r8", "r9", "r10", "r11");
+ return ret;
+ }
+
+--
+1.8.4.1
+
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 67f3b9747f..e0eb128876 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
esac
-pkgrel=0
+pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
@@ -18,6 +18,7 @@ install=
source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz
grsecurity-2.9.1-$pkgver-unofficial.patch
+ 0001-pax-x86_64-fix-copy_user_generic.patch
0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
@@ -152,6 +153,7 @@ dev() {
md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481 linux-3.10.tar.xz
8431ee4e2467fdfde47e31701813a265 patch-3.10.17.xz
6894537e9ccc2b296b27b42c39c64b31 grsecurity-2.9.1-3.10.17-unofficial.patch
+51607abf0a105aebbe65e3df6fb415bd 0001-pax-x86_64-fix-copy_user_generic.patch
a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -164,6 +166,7 @@ c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch
sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz
5552fc6f24a56d13d603ddc7759114a7b52e92ad2fb84a23a1b80b37b739a33b patch-3.10.17.xz
8e82e71c0da392a601a952aa712b56a5116fcf626c19d69ae9d86dda2d200852 grsecurity-2.9.1-3.10.17-unofficial.patch
+0742780b41ded0837d25f0b2f646b954da9362ac5956886427ad630000c0e335 0001-pax-x86_64-fix-copy_user_generic.patch
6af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
0985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -176,6 +179,7 @@ f2843ae4f9b3e3c27f3138ce4b740c2803bdab0c7a910c662d951843803b9554 kernelconfig.x
sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz
38f9085d67d59cb37c32db69b84714a96f327fe74b69bb4a7304861ea6e474614216067ee08093f41739ce803b83a70400c83f06c695cb1114cf41c0b2dc7aa7 patch-3.10.17.xz
6d27a986f32f42b12c4291ebb4b7365d8cd90b604ee9bc57344b9f9764efd7c5aae89c5ab4977878a24ae4b6e812c1db6030c3451bd15fdb2ea01a2a50e2ce41 grsecurity-2.9.1-3.10.17-unofficial.patch
+b32903a59cd582c2acf95869640bb34fefee544d242702e04af1db188f381da3889c9db9475e8ffc31628cda0b0641828f609c5ac9a387dd86ac4917be26792f 0001-pax-x86_64-fix-copy_user_generic.patch
81e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
51ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
57d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch