From 62667a709f9ed5e996e43ebb38bd11ff9e6b559f Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 11 Feb 2014 16:54:48 +0100 Subject: [PATCH] linux: Fix grsecurity-related crash on Intel Haswell CPUs. --- lfs/linux | 1 + .../grsecurity-haswell-32bit-fix.patch | 53 +++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 src/patches/grsecurity-haswell-32bit-fix.patch diff --git a/lfs/linux b/lfs/linux index a422d7a11..08fa9a3c8 100644 --- a/lfs/linux +++ b/lfs/linux @@ -124,6 +124,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) ifneq "$(KCFG)" "-headers" cd $(DIR_APP) && xz -c -d $(DIR_DL)/$(GRS_PATCHES) | patch -Np1 cd $(DIR_APP) && rm localversion-grsec + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grsecurity-haswell-32bit-fix.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.7-disable-compat_vdso.patch endif diff --git a/src/patches/grsecurity-haswell-32bit-fix.patch b/src/patches/grsecurity-haswell-32bit-fix.patch new file mode 100644 index 000000000..abff2b02d --- /dev/null +++ b/src/patches/grsecurity-haswell-32bit-fix.patch @@ -0,0 +1,53 @@ +diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h +index 7430027..2124e35 100644 +--- a/arch/x86/include/asm/mmu_context.h ++++ b/arch/x86/include/asm/mmu_context.h +@@ -80,7 +80,7 @@ static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next, + #if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + if (static_cpu_has(X86_FEATURE_PCID)) { + if (static_cpu_has(X86_FEATURE_INVPCID)) { +- unsigned long descriptor[2]; ++ u64 descriptor[2]; + descriptor[0] = PCID_USER; + asm volatile(__ASM_INVPCID : : "d"(&descriptor), "a"(INVPCID_SINGLE_CONTEXT) : "memory"); + } else { +@@ -144,7 +144,7 @@ static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next, + #if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF) + if (static_cpu_has(X86_FEATURE_PCID)) { + if (static_cpu_has(X86_FEATURE_INVPCID)) { +- unsigned long descriptor[2]; ++ u64 descriptor[2]; + descriptor[0] = PCID_USER; + asm volatile(__ASM_INVPCID : : "d"(&descriptor), "a"(INVPCID_SINGLE_CONTEXT) : "memory"); + } else { +diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h +index 45844c0..ada2172 100644 +--- a/arch/x86/include/asm/tlbflush.h ++++ b/arch/x86/include/asm/tlbflush.h +@@ -18,7 +18,7 @@ + static inline void __native_flush_tlb(void) + { + if (static_cpu_has(X86_FEATURE_INVPCID)) { +- unsigned long descriptor[2]; ++ u64 descriptor[2]; + + descriptor[0] = PCID_KERNEL; + asm volatile(__ASM_INVPCID : : "d"(&descriptor), "a"(INVPCID_ALL_MONGLOBAL) : "memory"); +@@ -42,7 +42,7 @@ static inline void __native_flush_tlb(void) + static inline void __native_flush_tlb_global_irq_disabled(void) + { + if (static_cpu_has(X86_FEATURE_INVPCID)) { +- unsigned long descriptor[2]; ++ u64 descriptor[2]; + + descriptor[0] = PCID_KERNEL; + asm volatile(__ASM_INVPCID : : "d"(&descriptor), "a"(INVPCID_ALL_GLOBAL) : "memory"); +@@ -77,7 +77,7 @@ static inline void __native_flush_tlb_single(unsigned long addr) + { + + if (static_cpu_has(X86_FEATURE_INVPCID)) { +- unsigned long descriptor[2]; ++ u64 descriptor[2]; + + descriptor[0] = PCID_KERNEL; + descriptor[1] = addr; -- 2.39.2