From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 11 Sep 2015 22:40:29 +0000 (-0700)
Subject: 3.10-stable patches
X-Git-Tag: v3.10.88~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=521cdd69ecb1690c1484ff1a954ca2c4ca105f62;p=thirdparty%2Fkernel%2Fstable-queue.git

3.10-stable patches

added patches:
	arm64-mm-remove-hack-in-mmap-randomize-layout.patch
---

diff --git a/queue-3.10/arm64-mm-remove-hack-in-mmap-randomize-layout.patch b/queue-3.10/arm64-mm-remove-hack-in-mmap-randomize-layout.patch
new file mode 100644
index 00000000000..eddf45a95bb
--- /dev/null
+++ b/queue-3.10/arm64-mm-remove-hack-in-mmap-randomize-layout.patch
@@ -0,0 +1,68 @@
+From d6c763afab142a85e4770b4bc2a5f40f256d5c5d Mon Sep 17 00:00:00 2001
+From: Yann Droneaud <ydroneaud@opteya.com>
+Date: Mon, 17 Nov 2014 23:02:19 +0000
+Subject: arm64/mm: Remove hack in mmap randomize layout
+
+From: Yann Droneaud <ydroneaud@opteya.com>
+
+commit d6c763afab142a85e4770b4bc2a5f40f256d5c5d upstream.
+
+Since commit 8a0a9bd4db63 ('random: make get_random_int() more
+random'), get_random_int() returns a random value for each call,
+so comment and hack introduced in mmap_rnd() as part of commit
+1d18c47c735e ('arm64: MMU fault handling and page table management')
+are incorrects.
+
+Commit 1d18c47c735e seems to use the same hack introduced by
+commit a5adc91a4b44 ('powerpc: Ensure random space between stack
+and mmaps'), latter copied in commit 5a0efea09f42 ('sparc64: Sharpen
+address space randomization calculations.').
+
+But both architectures were cleaned up as part of commit
+fa8cbaaf5a68 ('powerpc+sparc64/mm: Remove hack in mmap randomize
+layout') as hack is no more needed since commit 8a0a9bd4db63.
+
+So the present patch removes the comment and the hack around
+get_random_int() on AArch64's mmap_rnd().
+
+Cc: David S. Miller <davem@davemloft.net>
+Cc: Anton Blanchard <anton@samba.org>
+Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
+Acked-by: Will Deacon <will.deacon@arm.com>
+Acked-by: Dan McGee <dpmcgee@gmail.com>
+Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+Cc: Matthias Brugger <mbrugger@suse.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/arm64/mm/mmap.c |   12 ++----------
+ 1 file changed, 2 insertions(+), 10 deletions(-)
+
+--- a/arch/arm64/mm/mmap.c
++++ b/arch/arm64/mm/mmap.c
+@@ -47,22 +47,14 @@ static int mmap_is_legacy(void)
+ 	return sysctl_legacy_va_layout;
+ }
+ 
+-/*
+- * Since get_random_int() returns the same value within a 1 jiffy window, we
+- * will almost always get the same randomisation for the stack and mmap
+- * region. This will mean the relative distance between stack and mmap will be
+- * the same.
+- *
+- * To avoid this we can shift the randomness by 1 bit.
+- */
+ static unsigned long mmap_rnd(void)
+ {
+ 	unsigned long rnd = 0;
+ 
+ 	if (current->flags & PF_RANDOMIZE)
+-		rnd = (long)get_random_int() & (STACK_RND_MASK >> 1);
++		rnd = (long)get_random_int() & STACK_RND_MASK;
+ 
+-	return rnd << (PAGE_SHIFT + 1);
++	return rnd << PAGE_SHIFT;
+ }
+ 
+ static unsigned long mmap_base(void)
diff --git a/queue-3.10/series b/queue-3.10/series
index 5ae30c521b8..f4d5c50964f 100644
--- a/queue-3.10/series
+++ b/queue-3.10/series
@@ -8,3 +8,4 @@ edac-ppc4xx-access-mci-csrows-array-elements-properly.patch
 drm-radeon-add-new-oland-pci-id.patch
 libfc-fix-fc_fcp_cleanup_each_cmd.patch
 crypto-caam-fix-memory-corruption-in-ahash_final_ctx.patch
+arm64-mm-remove-hack-in-mmap-randomize-layout.patch