]>
Commit | Line | Data |
---|---|---|
4f517a68 PK |
1 | diff --git a/Documentation/dontdiff b/Documentation/dontdiff |
2 | index 9de9813..1462492 100644 | |
3 | --- a/Documentation/dontdiff | |
4 | +++ b/Documentation/dontdiff | |
5 | @@ -3,9 +3,11 @@ | |
6 | *.bc | |
7 | *.bin | |
8 | *.bz2 | |
9 | +*.c.[012]*.* | |
10 | *.cis | |
11 | *.cpio | |
12 | *.csp | |
13 | +*.dbg | |
14 | *.dsp | |
15 | *.dvi | |
16 | *.elf | |
17 | @@ -15,6 +17,7 @@ | |
18 | *.gcov | |
19 | *.gen.S | |
20 | *.gif | |
21 | +*.gmo | |
22 | *.grep | |
23 | *.grp | |
24 | *.gz | |
25 | @@ -51,14 +54,17 @@ | |
26 | *.tab.h | |
27 | *.tex | |
28 | *.ver | |
29 | +*.vim | |
30 | *.xml | |
31 | *.xz | |
32 | *_MODULES | |
33 | +*_reg_safe.h | |
34 | *_vga16.c | |
35 | *~ | |
36 | \#*# | |
37 | *.9 | |
38 | -.* | |
39 | +.[^g]* | |
40 | +.gen* | |
41 | .*.d | |
42 | .mm | |
43 | 53c700_d.h | |
44 | @@ -72,9 +78,11 @@ Image | |
45 | Module.markers | |
46 | Module.symvers | |
47 | PENDING | |
48 | +PERF* | |
49 | SCCS | |
50 | System.map* | |
51 | TAGS | |
52 | +TRACEEVENT-CFLAGS | |
53 | aconf | |
54 | af_names.h | |
55 | aic7*reg.h* | |
56 | @@ -83,6 +91,7 @@ aic7*seq.h* | |
57 | aicasm | |
58 | aicdb.h* | |
59 | altivec*.c | |
60 | +ashldi3.S | |
61 | asm-offsets.h | |
62 | asm_offsets.h | |
63 | autoconf.h* | |
64 | @@ -95,32 +104,40 @@ bounds.h | |
65 | bsetup | |
66 | btfixupprep | |
67 | build | |
68 | +builtin-policy.h | |
69 | bvmlinux | |
70 | bzImage* | |
71 | capability_names.h | |
72 | capflags.c | |
73 | classlist.h* | |
74 | +clut_vga16.c | |
75 | +common-cmds.h | |
76 | comp*.log | |
77 | compile.h* | |
78 | conf | |
79 | config | |
80 | config-* | |
81 | config_data.h* | |
82 | +config.c | |
83 | config.mak | |
84 | config.mak.autogen | |
85 | +config.tmp | |
86 | conmakehash | |
87 | consolemap_deftbl.c* | |
88 | cpustr.h | |
89 | crc32table.h* | |
90 | cscope.* | |
91 | defkeymap.c | |
92 | +devicetable-offsets.h | |
93 | devlist.h* | |
94 | dnotify_test | |
95 | docproc | |
96 | dslm | |
97 | +dtc-lexer.lex.c | |
98 | elf2ecoff | |
99 | elfconfig.h* | |
100 | evergreen_reg_safe.h | |
101 | +exception_policy.conf | |
102 | fixdep | |
103 | flask.h | |
104 | fore200e_mkfirm | |
105 | @@ -128,12 +145,15 @@ fore200e_pca_fw.c* | |
106 | gconf | |
107 | gconf.glade.h | |
108 | gen-devlist | |
109 | +gen-kdb_cmds.c | |
110 | gen_crc32table | |
111 | gen_init_cpio | |
112 | generated | |
113 | genheaders | |
114 | genksyms | |
115 | *_gray256.c | |
116 | +hash | |
117 | +hid-example | |
118 | hpet_example | |
119 | hugepage-mmap | |
120 | hugepage-shm | |
121 | @@ -148,14 +168,14 @@ int32.c | |
122 | int4.c | |
123 | int8.c | |
124 | kallsyms | |
125 | -kconfig | |
126 | +kern_constants.h | |
127 | keywords.c | |
128 | ksym.c* | |
129 | ksym.h* | |
130 | kxgettext | |
131 | lex.c | |
132 | lex.*.c | |
133 | -linux | |
134 | +lib1funcs.S | |
135 | logo_*.c | |
136 | logo_*_clut224.c | |
137 | logo_*_mono.c | |
138 | @@ -165,14 +185,15 @@ mach-types.h | |
139 | machtypes.h | |
140 | map | |
141 | map_hugetlb | |
142 | -media | |
143 | mconf | |
144 | +mdp | |
145 | miboot* | |
146 | mk_elfconfig | |
147 | mkboot | |
148 | mkbugboot | |
149 | mkcpustr | |
150 | mkdep | |
151 | +mkpiggy | |
152 | mkprep | |
153 | mkregtable | |
154 | mktables | |
155 | @@ -188,6 +209,8 @@ oui.c* | |
156 | page-types | |
157 | parse.c | |
158 | parse.h | |
159 | +parse-events* | |
160 | +pasyms.h | |
161 | patches* | |
162 | pca200e.bin | |
163 | pca200e_ecd.bin2 | |
164 | @@ -197,6 +220,7 @@ perf-archive | |
165 | piggyback | |
166 | piggy.gzip | |
167 | piggy.S | |
168 | +pmu-* | |
169 | pnmtologo | |
170 | ppc_defs.h* | |
171 | pss_boot.h | |
172 | @@ -206,7 +230,12 @@ r200_reg_safe.h | |
173 | r300_reg_safe.h | |
174 | r420_reg_safe.h | |
175 | r600_reg_safe.h | |
176 | +randomize_layout_hash.h | |
177 | +randomize_layout_seed.h | |
178 | +realmode.lds | |
179 | +realmode.relocs | |
180 | recordmcount | |
181 | +regdb.c | |
182 | relocs | |
183 | rlim_names.h | |
184 | rn50_reg_safe.h | |
185 | @@ -216,8 +245,12 @@ series | |
186 | setup | |
187 | setup.bin | |
188 | setup.elf | |
189 | +signing_key* | |
190 | +size_overflow_hash.h | |
191 | sImage | |
192 | +slabinfo | |
193 | sm_tbl* | |
194 | +sortextable | |
195 | split-include | |
196 | syscalltab.h | |
197 | tables.c | |
198 | @@ -227,6 +260,7 @@ tftpboot.img | |
199 | timeconst.h | |
200 | times.h* | |
201 | trix_boot.h | |
202 | +user_constants.h | |
203 | utsrelease.h* | |
204 | vdso-syms.lds | |
205 | vdso.lds | |
206 | @@ -238,13 +272,17 @@ vdso32.lds | |
207 | vdso32.so.dbg | |
208 | vdso64.lds | |
209 | vdso64.so.dbg | |
210 | +vdsox32.lds | |
211 | +vdsox32-syms.lds | |
212 | version.h* | |
213 | vmImage | |
214 | vmlinux | |
215 | vmlinux-* | |
216 | vmlinux.aout | |
217 | vmlinux.bin.all | |
218 | +vmlinux.bin.bz2 | |
219 | vmlinux.lds | |
220 | +vmlinux.relocs | |
221 | vmlinuz | |
222 | voffset.h | |
223 | vsyscall.lds | |
224 | @@ -252,9 +290,12 @@ vsyscall_32.lds | |
225 | wanxlfw.inc | |
226 | uImage | |
227 | unifdef | |
228 | +utsrelease.h | |
229 | wakeup.bin | |
230 | wakeup.elf | |
231 | wakeup.lds | |
232 | +x509* | |
233 | zImage* | |
234 | zconf.hash.c | |
235 | +zconf.lex.c | |
236 | zoffset.h | |
237 | diff --git a/Documentation/kbuild/makefiles.txt b/Documentation/kbuild/makefiles.txt | |
238 | index 74b6c6d..eac0e77 100644 | |
239 | --- a/Documentation/kbuild/makefiles.txt | |
240 | +++ b/Documentation/kbuild/makefiles.txt | |
241 | @@ -23,10 +23,11 @@ This document describes the Linux kernel Makefiles. | |
242 | === 4 Host Program support | |
243 | --- 4.1 Simple Host Program | |
244 | --- 4.2 Composite Host Programs | |
245 | - --- 4.3 Using C++ for host programs | |
246 | - --- 4.4 Controlling compiler options for host programs | |
247 | - --- 4.5 When host programs are actually built | |
248 | - --- 4.6 Using hostprogs-$(CONFIG_FOO) | |
249 | + --- 4.3 Defining shared libraries | |
250 | + --- 4.4 Using C++ for host programs | |
251 | + --- 4.5 Controlling compiler options for host programs | |
252 | + --- 4.6 When host programs are actually built | |
253 | + --- 4.7 Using hostprogs-$(CONFIG_FOO) | |
254 | ||
255 | === 5 Kbuild clean infrastructure | |
256 | ||
257 | @@ -643,7 +644,29 @@ Both possibilities are described in the following. | |
258 | Finally, the two .o files are linked to the executable, lxdialog. | |
259 | Note: The syntax <executable>-y is not permitted for host-programs. | |
260 | ||
261 | ---- 4.3 Using C++ for host programs | |
262 | +--- 4.3 Defining shared libraries | |
263 | + | |
264 | + Objects with extension .so are considered shared libraries, and | |
265 | + will be compiled as position independent objects. | |
266 | + Kbuild provides support for shared libraries, but the usage | |
267 | + shall be restricted. | |
268 | + In the following example the libkconfig.so shared library is used | |
269 | + to link the executable conf. | |
270 | + | |
271 | + Example: | |
272 | + #scripts/kconfig/Makefile | |
273 | + hostprogs-y := conf | |
274 | + conf-objs := conf.o libkconfig.so | |
275 | + libkconfig-objs := expr.o type.o | |
276 | + | |
277 | + Shared libraries always require a corresponding -objs line, and | |
278 | + in the example above the shared library libkconfig is composed by | |
279 | + the two objects expr.o and type.o. | |
280 | + expr.o and type.o will be built as position independent code and | |
281 | + linked as a shared library libkconfig.so. C++ is not supported for | |
282 | + shared libraries. | |
283 | + | |
284 | +--- 4.4 Using C++ for host programs | |
285 | ||
286 | kbuild offers support for host programs written in C++. This was | |
287 | introduced solely to support kconfig, and is not recommended | |
288 | @@ -666,7 +689,7 @@ Both possibilities are described in the following. | |
289 | qconf-cxxobjs := qconf.o | |
290 | qconf-objs := check.o | |
291 | ||
292 | ---- 4.4 Controlling compiler options for host programs | |
293 | +--- 4.5 Controlling compiler options for host programs | |
294 | ||
295 | When compiling host programs, it is possible to set specific flags. | |
296 | The programs will always be compiled utilising $(HOSTCC) passed | |
297 | @@ -694,7 +717,7 @@ Both possibilities are described in the following. | |
298 | When linking qconf, it will be passed the extra option | |
299 | "-L$(QTDIR)/lib". | |
300 | ||
301 | ---- 4.5 When host programs are actually built | |
302 | +--- 4.6 When host programs are actually built | |
303 | ||
304 | Kbuild will only build host-programs when they are referenced | |
305 | as a prerequisite. | |
306 | @@ -725,7 +748,7 @@ Both possibilities are described in the following. | |
307 | This will tell kbuild to build lxdialog even if not referenced in | |
308 | any rule. | |
309 | ||
310 | ---- 4.6 Using hostprogs-$(CONFIG_FOO) | |
311 | +--- 4.7 Using hostprogs-$(CONFIG_FOO) | |
312 | ||
313 | A typical pattern in a Kbuild file looks like this: | |
314 | ||
315 | diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt | |
316 | index 4d68ec8..9546b75 100644 | |
317 | --- a/Documentation/kernel-parameters.txt | |
318 | +++ b/Documentation/kernel-parameters.txt | |
319 | @@ -1203,6 +1203,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. | |
320 | Format: <unsigned int> such that (rxsize & ~0x1fffc0) == 0. | |
321 | Default: 1024 | |
322 | ||
323 | + grsec_proc_gid= [GRKERNSEC_PROC_USERGROUP] Chooses GID to | |
324 | + ignore grsecurity's /proc restrictions | |
325 | + | |
326 | + grsec_sysfs_restrict= Format: 0 | 1 | |
327 | + Default: 1 | |
328 | + Disables GRKERNSEC_SYSFS_RESTRICT if enabled in config | |
329 | + | |
330 | hashdist= [KNL,NUMA] Large hashes allocated during boot | |
331 | are distributed across NUMA nodes. Defaults on | |
332 | for 64-bit NUMA, off otherwise. | |
333 | @@ -2300,6 +2307,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. | |
334 | noexec=on: enable non-executable mappings (default) | |
335 | noexec=off: disable non-executable mappings | |
336 | ||
337 | + nopcid [X86-64] | |
338 | + Disable PCID (Process-Context IDentifier) even if it | |
339 | + is supported by the processor. | |
340 | + | |
341 | nosmap [X86] | |
342 | Disable SMAP (Supervisor Mode Access Prevention) | |
343 | even if it is supported by processor. | |
344 | @@ -2601,6 +2612,30 @@ bytes respectively. Such letter suffixes can also be entirely omitted. | |
345 | the specified number of seconds. This is to be used if | |
346 | your oopses keep scrolling off the screen. | |
347 | ||
348 | + pax_nouderef [X86] disables UDEREF. Most likely needed under certain | |
349 | + virtualization environments that don't cope well with the | |
350 | + expand down segment used by UDEREF on X86-32 or the frequent | |
351 | + page table updates on X86-64. | |
352 | + | |
353 | + pax_sanitize_slab= | |
354 | + Format: { 0 | 1 | off | fast | full } | |
355 | + Options '0' and '1' are only provided for backward | |
356 | + compatibility, 'off' or 'fast' should be used instead. | |
357 | + 0|off : disable slab object sanitization | |
358 | + 1|fast: enable slab object sanitization excluding | |
359 | + whitelisted slabs (default) | |
360 | + full : sanitize all slabs, even the whitelisted ones | |
361 | + | |
362 | + pax_softmode= 0/1 to disable/enable PaX softmode on boot already. | |
363 | + | |
364 | + pax_extra_latent_entropy | |
365 | + Enable a very simple form of latent entropy extraction | |
366 | + from the first 4GB of memory as the bootmem allocator | |
367 | + passes the memory pages to the buddy allocator. | |
368 | + | |
369 | + pax_weakuderef [X86-64] enables the weaker but faster form of UDEREF | |
370 | + when the processor supports PCID. | |
371 | + | |
372 | pcbit= [HW,ISDN] | |
373 | ||
374 | pcd. [PARIDE] | |
375 | diff --git a/Makefile b/Makefile | |
376 | index af6da04..22820aa 100644 | |
377 | --- a/Makefile | |
378 | +++ b/Makefile | |
379 | @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ | |
380 | HOSTCC = gcc | |
381 | HOSTCXX = g++ | |
382 | HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89 | |
383 | -HOSTCXXFLAGS = -O2 | |
384 | +HOSTCFLAGS = -W -Wno-unused-parameter -Wno-missing-field-initializers -fno-delete-null-pointer-checks | |
385 | +HOSTCFLAGS += $(call cc-option, -Wno-empty-body) | |
386 | +HOSTCXXFLAGS = -O2 -Wall -W -Wno-array-bounds | |
387 | ||
388 | ifeq ($(shell $(HOSTCC) -v 2>&1 | grep -c "clang version"), 1) | |
389 | HOSTCFLAGS += -Wno-unused-value -Wno-unused-parameter \ | |
390 | @@ -446,8 +448,8 @@ export RCS_TAR_IGNORE := --exclude SCCS --exclude BitKeeper --exclude .svn \ | |
391 | # Rules shared between *config targets and build targets | |
392 | ||
393 | # Basic helpers built in scripts/ | |
394 | -PHONY += scripts_basic | |
395 | -scripts_basic: | |
396 | +PHONY += scripts_basic gcc-plugins | |
397 | +scripts_basic: gcc-plugins | |
398 | $(Q)$(MAKE) $(build)=scripts/basic | |
399 | $(Q)rm -f .tmp_quiet_recordmcount | |
400 | ||
401 | @@ -622,6 +624,74 @@ endif | |
402 | # Tell gcc to never replace conditional load with a non-conditional one | |
403 | KBUILD_CFLAGS += $(call cc-option,--param=allow-store-data-races=0) | |
404 | ||
405 | +ifndef DISABLE_PAX_PLUGINS | |
406 | +ifeq ($(call cc-ifversion, -ge, 0408, y), y) | |
407 | +PLUGINCC := $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCXX)" "$(HOSTCXX)" "$(CC)") | |
408 | +else | |
409 | +PLUGINCC := $(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(HOSTCXX)" "$(CC)") | |
410 | +endif | |
411 | +ifneq ($(PLUGINCC),) | |
412 | +ifdef CONFIG_PAX_CONSTIFY_PLUGIN | |
413 | +CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN | |
414 | +endif | |
415 | +ifdef CONFIG_PAX_MEMORY_STACKLEAK | |
416 | +STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN | |
417 | +STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 | |
418 | +endif | |
419 | +ifdef CONFIG_KALLOCSTAT_PLUGIN | |
420 | +KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so | |
421 | +endif | |
422 | +ifdef CONFIG_PAX_KERNEXEC_PLUGIN | |
423 | +KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so | |
424 | +KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN | |
425 | +KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN | |
426 | +endif | |
427 | +ifdef CONFIG_GRKERNSEC_RANDSTRUCT | |
428 | +RANDSTRUCT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/randomize_layout_plugin.so -DRANDSTRUCT_PLUGIN | |
429 | +ifdef CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE | |
430 | +RANDSTRUCT_PLUGIN_CFLAGS += -fplugin-arg-randomize_layout_plugin-performance-mode | |
431 | +endif | |
432 | +endif | |
433 | +ifdef CONFIG_CHECKER_PLUGIN | |
434 | +ifeq ($(call cc-ifversion, -ge, 0406, y), y) | |
435 | +CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN | |
436 | +endif | |
437 | +endif | |
438 | +COLORIZE_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/colorize_plugin.so | |
439 | +ifdef CONFIG_PAX_SIZE_OVERFLOW | |
440 | +SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN | |
441 | +endif | |
442 | +ifdef CONFIG_PAX_LATENT_ENTROPY | |
443 | +LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN | |
444 | +endif | |
445 | +ifdef CONFIG_PAX_MEMORY_STRUCTLEAK | |
446 | +STRUCTLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/structleak_plugin.so -DSTRUCTLEAK_PLUGIN | |
447 | +endif | |
448 | +INITIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/initify_plugin.so -DINITIFY_PLUGIN | |
449 | +GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) | |
450 | +GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) | |
451 | +GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY_PLUGIN_CFLAGS) $(STRUCTLEAK_PLUGIN_CFLAGS) | |
452 | +GCC_PLUGINS_CFLAGS += $(INITIFY_PLUGIN_CFLAGS) | |
453 | +GCC_PLUGINS_CFLAGS += $(RANDSTRUCT_PLUGIN_CFLAGS) | |
454 | +GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) | |
455 | +export PLUGINCC GCC_PLUGINS_CFLAGS GCC_PLUGINS_AFLAGS CONSTIFY_PLUGIN LATENT_ENTROPY_PLUGIN_CFLAGS | |
456 | +ifeq ($(KBUILD_EXTMOD),) | |
457 | +gcc-plugins: | |
458 | + $(Q)$(MAKE) $(build)=tools/gcc | |
459 | +else | |
460 | +gcc-plugins: ; | |
461 | +endif | |
462 | +else | |
463 | +gcc-plugins: | |
464 | +ifeq ($(call cc-ifversion, -ge, 0405, y), y) | |
465 | + $(error Your gcc installation does not support plugins. If the necessary headers for plugin support are missing, they should be installed. On Debian, apt-get install gcc-<ver>-plugin-dev. If you choose to ignore this error and lessen the improvements provided by this patch, re-run make with the DISABLE_PAX_PLUGINS=y argument.)) | |
466 | +else | |
467 | + $(Q)echo "warning, your gcc version does not support plugins, you should upgrade it to gcc 4.5 at least" | |
468 | +endif | |
469 | + $(Q)echo "PAX_MEMORY_STACKLEAK, constification, PAX_LATENT_ENTROPY and other features will be less secure. PAX_SIZE_OVERFLOW will not be active." | |
470 | +endif | |
471 | +endif | |
472 | + | |
473 | ifdef CONFIG_READABLE_ASM | |
474 | # Disable optimizations that make assembler listings hard to read. | |
475 | # reorder blocks reorders the control in the function | |
476 | @@ -714,7 +784,7 @@ KBUILD_CFLAGS += $(call cc-option, -gsplit-dwarf, -g) | |
477 | else | |
478 | KBUILD_CFLAGS += -g | |
479 | endif | |
480 | -KBUILD_AFLAGS += -Wa,-gdwarf-2 | |
481 | +KBUILD_AFLAGS += -Wa,--gdwarf-2 | |
482 | endif | |
483 | ifdef CONFIG_DEBUG_INFO_DWARF4 | |
484 | KBUILD_CFLAGS += $(call cc-option, -gdwarf-4,) | |
485 | @@ -884,7 +954,7 @@ export mod_sign_cmd | |
486 | ||
487 | ||
488 | ifeq ($(KBUILD_EXTMOD),) | |
489 | -core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ | |
490 | +core-y += kernel/ mm/ fs/ ipc/ security/ crypto/ block/ grsecurity/ | |
491 | ||
492 | vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ | |
493 | $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ | |
494 | @@ -934,6 +1004,8 @@ endif | |
495 | ||
496 | # The actual objects are generated when descending, | |
497 | # make sure no implicit rule kicks in | |
498 | +$(filter-out $(init-y),$(vmlinux-deps)): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
499 | +$(filter-out $(init-y),$(vmlinux-deps)): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
500 | $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; | |
501 | ||
502 | # Handle descending into subdirectories listed in $(vmlinux-dirs) | |
503 | @@ -943,7 +1015,7 @@ $(sort $(vmlinux-deps)): $(vmlinux-dirs) ; | |
504 | # Error messages still appears in the original language | |
505 | ||
506 | PHONY += $(vmlinux-dirs) | |
507 | -$(vmlinux-dirs): prepare scripts | |
508 | +$(vmlinux-dirs): gcc-plugins prepare scripts | |
509 | $(Q)$(MAKE) $(build)=$@ | |
510 | ||
511 | define filechk_kernel.release | |
512 | @@ -986,10 +1058,13 @@ prepare1: prepare2 $(version_h) include/generated/utsrelease.h \ | |
513 | ||
514 | archprepare: archheaders archscripts prepare1 scripts_basic | |
515 | ||
516 | +prepare0: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
517 | +prepare0: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
518 | prepare0: archprepare FORCE | |
519 | $(Q)$(MAKE) $(build)=. | |
520 | ||
521 | # All the preparing.. | |
522 | +prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS)) | |
523 | prepare: prepare0 | |
524 | ||
525 | # Generate some files | |
526 | @@ -1103,6 +1178,8 @@ all: modules | |
527 | # using awk while concatenating to the final file. | |
528 | ||
529 | PHONY += modules | |
530 | +modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
531 | +modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
532 | modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin | |
533 | $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order | |
534 | @$(kecho) ' Building modules, stage 2.'; | |
535 | @@ -1118,7 +1195,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) | |
536 | ||
537 | # Target to prepare building external modules | |
538 | PHONY += modules_prepare | |
539 | -modules_prepare: prepare scripts | |
540 | +modules_prepare: gcc-plugins prepare scripts | |
541 | ||
542 | # Target to install modules | |
543 | PHONY += modules_install | |
544 | @@ -1184,7 +1261,10 @@ MRPROPER_FILES += .config .config.old .version .old_version \ | |
545 | Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS \ | |
546 | signing_key.priv signing_key.x509 x509.genkey \ | |
547 | extra_certificates signing_key.x509.keyid \ | |
548 | - signing_key.x509.signer vmlinux-gdb.py | |
549 | + signing_key.x509.signer vmlinux-gdb.py \ | |
550 | + tools/gcc/size_overflow_plugin/size_overflow_hash_aux.h \ | |
551 | + tools/gcc/size_overflow_plugin/size_overflow_hash.h \ | |
552 | + tools/gcc/randomize_layout_seed.h | |
553 | ||
554 | # clean - Delete most, but leave enough to build external modules | |
555 | # | |
556 | @@ -1223,7 +1303,7 @@ distclean: mrproper | |
557 | @find $(srctree) $(RCS_FIND_IGNORE) \ | |
558 | \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ | |
559 | -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ | |
560 | - -o -name '.*.rej' -o -name '*%' -o -name 'core' \) \ | |
561 | + -o -name '.*.rej' -o -name '*.so' -o -name '*%' -o -name 'core' \) \ | |
562 | -type f -print | xargs rm -f | |
563 | ||
564 | ||
565 | @@ -1389,6 +1469,8 @@ PHONY += $(module-dirs) modules | |
566 | $(module-dirs): crmodverdir $(objtree)/Module.symvers | |
567 | $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) | |
568 | ||
569 | +modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
570 | +modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
571 | modules: $(module-dirs) | |
572 | @$(kecho) ' Building modules, stage 2.'; | |
573 | $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost | |
574 | @@ -1529,17 +1611,21 @@ else | |
575 | target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) | |
576 | endif | |
577 | ||
578 | -%.s: %.c prepare scripts FORCE | |
579 | +%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
580 | +%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
581 | +%.s: %.c gcc-plugins prepare scripts FORCE | |
582 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
583 | %.i: %.c prepare scripts FORCE | |
584 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
585 | -%.o: %.c prepare scripts FORCE | |
586 | +%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
587 | +%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
588 | +%.o: %.c gcc-plugins prepare scripts FORCE | |
589 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
590 | %.lst: %.c prepare scripts FORCE | |
591 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
592 | -%.s: %.S prepare scripts FORCE | |
593 | +%.s: %.S gcc-plugins prepare scripts FORCE | |
594 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
595 | -%.o: %.S prepare scripts FORCE | |
596 | +%.o: %.S gcc-plugins prepare scripts FORCE | |
597 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
598 | %.symtypes: %.c prepare scripts FORCE | |
599 | $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) | |
600 | @@ -1551,11 +1637,15 @@ endif | |
601 | $(build)=$(build-dir) | |
602 | # Make sure the latest headers are built for Documentation | |
603 | Documentation/: headers_install | |
604 | -%/: prepare scripts FORCE | |
605 | +%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
606 | +%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
607 | +%/: gcc-plugins prepare scripts FORCE | |
608 | $(cmd_crmodverdir) | |
609 | $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ | |
610 | $(build)=$(build-dir) | |
611 | -%.ko: prepare scripts FORCE | |
612 | +%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) | |
613 | +%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) | |
614 | +%.ko: gcc-plugins prepare scripts FORCE | |
615 | $(cmd_crmodverdir) | |
616 | $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ | |
617 | $(build)=$(build-dir) $(@:.ko=.o) | |
618 | diff --git a/arch/alpha/include/asm/atomic.h b/arch/alpha/include/asm/atomic.h | |
619 | index 8f8eafb..3405f46 100644 | |
620 | --- a/arch/alpha/include/asm/atomic.h | |
621 | +++ b/arch/alpha/include/asm/atomic.h | |
622 | @@ -239,4 +239,14 @@ static inline long atomic64_dec_if_positive(atomic64_t *v) | |
623 | #define atomic_dec(v) atomic_sub(1,(v)) | |
624 | #define atomic64_dec(v) atomic64_sub(1,(v)) | |
625 | ||
626 | +#define atomic64_read_unchecked(v) atomic64_read(v) | |
627 | +#define atomic64_set_unchecked(v, i) atomic64_set((v), (i)) | |
628 | +#define atomic64_add_unchecked(a, v) atomic64_add((a), (v)) | |
629 | +#define atomic64_add_return_unchecked(a, v) atomic64_add_return((a), (v)) | |
630 | +#define atomic64_sub_unchecked(a, v) atomic64_sub((a), (v)) | |
631 | +#define atomic64_inc_unchecked(v) atomic64_inc(v) | |
632 | +#define atomic64_inc_return_unchecked(v) atomic64_inc_return(v) | |
633 | +#define atomic64_dec_unchecked(v) atomic64_dec(v) | |
634 | +#define atomic64_cmpxchg_unchecked(v, o, n) atomic64_cmpxchg((v), (o), (n)) | |
635 | + | |
636 | #endif /* _ALPHA_ATOMIC_H */ | |
637 | diff --git a/arch/alpha/include/asm/cache.h b/arch/alpha/include/asm/cache.h | |
638 | index ad368a9..fbe0f25 100644 | |
639 | --- a/arch/alpha/include/asm/cache.h | |
640 | +++ b/arch/alpha/include/asm/cache.h | |
641 | @@ -4,19 +4,19 @@ | |
642 | #ifndef __ARCH_ALPHA_CACHE_H | |
643 | #define __ARCH_ALPHA_CACHE_H | |
644 | ||
645 | +#include <linux/const.h> | |
646 | ||
647 | /* Bytes per L1 (data) cache line. */ | |
648 | #if defined(CONFIG_ALPHA_GENERIC) || defined(CONFIG_ALPHA_EV6) | |
649 | -# define L1_CACHE_BYTES 64 | |
650 | # define L1_CACHE_SHIFT 6 | |
651 | #else | |
652 | /* Both EV4 and EV5 are write-through, read-allocate, | |
653 | direct-mapped, physical. | |
654 | */ | |
655 | -# define L1_CACHE_BYTES 32 | |
656 | # define L1_CACHE_SHIFT 5 | |
657 | #endif | |
658 | ||
659 | +#define L1_CACHE_BYTES (_AC(1,UL) << L1_CACHE_SHIFT) | |
660 | #define SMP_CACHE_BYTES L1_CACHE_BYTES | |
661 | ||
662 | #endif | |
663 | diff --git a/arch/alpha/include/asm/elf.h b/arch/alpha/include/asm/elf.h | |
664 | index 968d999..d36b2df 100644 | |
665 | --- a/arch/alpha/include/asm/elf.h | |
666 | +++ b/arch/alpha/include/asm/elf.h | |
667 | @@ -91,6 +91,13 @@ typedef elf_fpreg_t elf_fpregset_t[ELF_NFPREG]; | |
668 | ||
669 | #define ELF_ET_DYN_BASE (TASK_UNMAPPED_BASE + 0x1000000) | |
670 | ||
671 | +#ifdef CONFIG_PAX_ASLR | |
672 | +#define PAX_ELF_ET_DYN_BASE (current->personality & ADDR_LIMIT_32BIT ? 0x10000 : 0x120000000UL) | |
673 | + | |
674 | +#define PAX_DELTA_MMAP_LEN (current->personality & ADDR_LIMIT_32BIT ? 14 : 28) | |
675 | +#define PAX_DELTA_STACK_LEN (current->personality & ADDR_LIMIT_32BIT ? 14 : 19) | |
676 | +#endif | |
677 | + | |
678 | /* $0 is set by ld.so to a pointer to a function which might be | |
679 | registered using atexit. This provides a mean for the dynamic | |
680 | linker to call DT_FINI functions for shared libraries that have | |
681 | diff --git a/arch/alpha/include/asm/pgalloc.h b/arch/alpha/include/asm/pgalloc.h | |
682 | index aab14a0..b4fa3e7 100644 | |
683 | --- a/arch/alpha/include/asm/pgalloc.h | |
684 | +++ b/arch/alpha/include/asm/pgalloc.h | |
685 | @@ -29,6 +29,12 @@ pgd_populate(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmd) | |
686 | pgd_set(pgd, pmd); | |
687 | } | |
688 | ||
689 | +static inline void | |
690 | +pgd_populate_kernel(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmd) | |
691 | +{ | |
692 | + pgd_populate(mm, pgd, pmd); | |
693 | +} | |
694 | + | |
695 | extern pgd_t *pgd_alloc(struct mm_struct *mm); | |
696 | ||
697 | static inline void | |
698 | diff --git a/arch/alpha/include/asm/pgtable.h b/arch/alpha/include/asm/pgtable.h | |
699 | index a9a1195..e9b8417 100644 | |
700 | --- a/arch/alpha/include/asm/pgtable.h | |
701 | +++ b/arch/alpha/include/asm/pgtable.h | |
702 | @@ -101,6 +101,17 @@ struct vm_area_struct; | |
703 | #define PAGE_SHARED __pgprot(_PAGE_VALID | __ACCESS_BITS) | |
704 | #define PAGE_COPY __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW) | |
705 | #define PAGE_READONLY __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW) | |
706 | + | |
707 | +#ifdef CONFIG_PAX_PAGEEXEC | |
708 | +# define PAGE_SHARED_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOE) | |
709 | +# define PAGE_COPY_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW | _PAGE_FOE) | |
710 | +# define PAGE_READONLY_NOEXEC __pgprot(_PAGE_VALID | __ACCESS_BITS | _PAGE_FOW | _PAGE_FOE) | |
711 | +#else | |
712 | +# define PAGE_SHARED_NOEXEC PAGE_SHARED | |
713 | +# define PAGE_COPY_NOEXEC PAGE_COPY | |
714 | +# define PAGE_READONLY_NOEXEC PAGE_READONLY | |
715 | +#endif | |
716 | + | |
717 | #define PAGE_KERNEL __pgprot(_PAGE_VALID | _PAGE_ASM | _PAGE_KRE | _PAGE_KWE) | |
718 | ||
719 | #define _PAGE_NORMAL(x) __pgprot(_PAGE_VALID | __ACCESS_BITS | (x)) | |
720 | diff --git a/arch/alpha/kernel/module.c b/arch/alpha/kernel/module.c | |
721 | index 2fd00b7..cfd5069 100644 | |
722 | --- a/arch/alpha/kernel/module.c | |
723 | +++ b/arch/alpha/kernel/module.c | |
724 | @@ -160,7 +160,7 @@ apply_relocate_add(Elf64_Shdr *sechdrs, const char *strtab, | |
725 | ||
726 | /* The small sections were sorted to the end of the segment. | |
727 | The following should definitely cover them. */ | |
728 | - gp = (u64)me->module_core + me->core_size - 0x8000; | |
729 | + gp = (u64)me->module_core_rw + me->core_size_rw - 0x8000; | |
730 | got = sechdrs[me->arch.gotsecindex].sh_addr; | |
731 | ||
732 | for (i = 0; i < n; i++) { | |
733 | diff --git a/arch/alpha/kernel/osf_sys.c b/arch/alpha/kernel/osf_sys.c | |
734 | index e51f578..16c64a3 100644 | |
735 | --- a/arch/alpha/kernel/osf_sys.c | |
736 | +++ b/arch/alpha/kernel/osf_sys.c | |
737 | @@ -1296,10 +1296,11 @@ SYSCALL_DEFINE1(old_adjtimex, struct timex32 __user *, txc_p) | |
738 | generic version except that we know how to honor ADDR_LIMIT_32BIT. */ | |
739 | ||
740 | static unsigned long | |
741 | -arch_get_unmapped_area_1(unsigned long addr, unsigned long len, | |
742 | - unsigned long limit) | |
743 | +arch_get_unmapped_area_1(struct file *filp, unsigned long addr, unsigned long len, | |
744 | + unsigned long limit, unsigned long flags) | |
745 | { | |
746 | struct vm_unmapped_area_info info; | |
747 | + unsigned long offset = gr_rand_threadstack_offset(current->mm, filp, flags); | |
748 | ||
749 | info.flags = 0; | |
750 | info.length = len; | |
751 | @@ -1307,6 +1308,7 @@ arch_get_unmapped_area_1(unsigned long addr, unsigned long len, | |
752 | info.high_limit = limit; | |
753 | info.align_mask = 0; | |
754 | info.align_offset = 0; | |
755 | + info.threadstack_offset = offset; | |
756 | return vm_unmapped_area(&info); | |
757 | } | |
758 | ||
759 | @@ -1339,20 +1341,24 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, | |
760 | merely specific addresses, but regions of memory -- perhaps | |
761 | this feature should be incorporated into all ports? */ | |
762 | ||
763 | +#ifdef CONFIG_PAX_RANDMMAP | |
764 | + if (!(current->mm->pax_flags & MF_PAX_RANDMMAP)) | |
765 | +#endif | |
766 | + | |
767 | if (addr) { | |
768 | - addr = arch_get_unmapped_area_1 (PAGE_ALIGN(addr), len, limit); | |
769 | + addr = arch_get_unmapped_area_1 (filp, PAGE_ALIGN(addr), len, limit, flags); | |
770 | if (addr != (unsigned long) -ENOMEM) | |
771 | return addr; | |
772 | } | |
773 | ||
774 | /* Next, try allocating at TASK_UNMAPPED_BASE. */ | |
775 | - addr = arch_get_unmapped_area_1 (PAGE_ALIGN(TASK_UNMAPPED_BASE), | |
776 | - len, limit); | |
777 | + addr = arch_get_unmapped_area_1 (filp, PAGE_ALIGN(current->mm->mmap_base), len, limit, flags); | |
778 | + | |
779 | if (addr != (unsigned long) -ENOMEM) | |
780 | return addr; | |
781 | ||
782 | /* Finally, try allocating in low memory. */ | |
783 | - addr = arch_get_unmapped_area_1 (PAGE_SIZE, len, limit); | |
784 | + addr = arch_get_unmapped_area_1 (filp, PAGE_SIZE, len, limit, flags); | |
785 | ||
786 | return addr; | |
787 | } | |
788 | diff --git a/arch/alpha/mm/fault.c b/arch/alpha/mm/fault.c | |
789 | index 9d0ac09..479a962 100644 | |
790 | --- a/arch/alpha/mm/fault.c | |
791 | +++ b/arch/alpha/mm/fault.c | |
792 | @@ -53,6 +53,124 @@ __load_new_mm_context(struct mm_struct *next_mm) | |
793 | __reload_thread(pcb); | |
794 | } | |
795 | ||
796 | +#ifdef CONFIG_PAX_PAGEEXEC | |
797 | +/* | |
798 | + * PaX: decide what to do with offenders (regs->pc = fault address) | |
799 | + * | |
800 | + * returns 1 when task should be killed | |
801 | + * 2 when patched PLT trampoline was detected | |
802 | + * 3 when unpatched PLT trampoline was detected | |
803 | + */ | |
804 | +static int pax_handle_fetch_fault(struct pt_regs *regs) | |
805 | +{ | |
806 | + | |
807 | +#ifdef CONFIG_PAX_EMUPLT | |
808 | + int err; | |
809 | + | |
810 | + do { /* PaX: patched PLT emulation #1 */ | |
811 | + unsigned int ldah, ldq, jmp; | |
812 | + | |
813 | + err = get_user(ldah, (unsigned int *)regs->pc); | |
814 | + err |= get_user(ldq, (unsigned int *)(regs->pc+4)); | |
815 | + err |= get_user(jmp, (unsigned int *)(regs->pc+8)); | |
816 | + | |
817 | + if (err) | |
818 | + break; | |
819 | + | |
820 | + if ((ldah & 0xFFFF0000U) == 0x277B0000U && | |
821 | + (ldq & 0xFFFF0000U) == 0xA77B0000U && | |
822 | + jmp == 0x6BFB0000U) | |
823 | + { | |
824 | + unsigned long r27, addr; | |
825 | + unsigned long addrh = (ldah | 0xFFFFFFFFFFFF0000UL) << 16; | |
826 | + unsigned long addrl = ldq | 0xFFFFFFFFFFFF0000UL; | |
827 | + | |
828 | + addr = regs->r27 + ((addrh ^ 0x80000000UL) + 0x80000000UL) + ((addrl ^ 0x8000UL) + 0x8000UL); | |
829 | + err = get_user(r27, (unsigned long *)addr); | |
830 | + if (err) | |
831 | + break; | |
832 | + | |
833 | + regs->r27 = r27; | |
834 | + regs->pc = r27; | |
835 | + return 2; | |
836 | + } | |
837 | + } while (0); | |
838 | + | |
839 | + do { /* PaX: patched PLT emulation #2 */ | |
840 | + unsigned int ldah, lda, br; | |
841 | + | |
842 | + err = get_user(ldah, (unsigned int *)regs->pc); | |
843 | + err |= get_user(lda, (unsigned int *)(regs->pc+4)); | |
844 | + err |= get_user(br, (unsigned int *)(regs->pc+8)); | |
845 | + | |
846 | + if (err) | |
847 | + break; | |
848 | + | |
849 | + if ((ldah & 0xFFFF0000U) == 0x277B0000U && | |
850 | + (lda & 0xFFFF0000U) == 0xA77B0000U && | |
851 | + (br & 0xFFE00000U) == 0xC3E00000U) | |
852 | + { | |
853 | + unsigned long addr = br | 0xFFFFFFFFFFE00000UL; | |
854 | + unsigned long addrh = (ldah | 0xFFFFFFFFFFFF0000UL) << 16; | |
855 | + unsigned long addrl = lda | 0xFFFFFFFFFFFF0000UL; | |
856 | + | |
857 | + regs->r27 += ((addrh ^ 0x80000000UL) + 0x80000000UL) + ((addrl ^ 0x8000UL) + 0x8000UL); | |
858 | + regs->pc += 12 + (((addr ^ 0x00100000UL) + 0x00100000UL) << 2); | |
859 | + return 2; | |
860 | + } | |
861 | + } while (0); | |
862 | + | |
863 | + do { /* PaX: unpatched PLT emulation */ | |
864 | + unsigned int br; | |
865 | + | |
866 | + err = get_user(br, (unsigned int *)regs->pc); | |
867 | + | |
868 | + if (!err && (br & 0xFFE00000U) == 0xC3800000U) { | |
869 | + unsigned int br2, ldq, nop, jmp; | |
870 | + unsigned long addr = br | 0xFFFFFFFFFFE00000UL, resolver; | |
871 | + | |
872 | + addr = regs->pc + 4 + (((addr ^ 0x00100000UL) + 0x00100000UL) << 2); | |
873 | + err = get_user(br2, (unsigned int *)addr); | |
874 | + err |= get_user(ldq, (unsigned int *)(addr+4)); | |
875 | + err |= get_user(nop, (unsigned int *)(addr+8)); | |
876 | + err |= get_user(jmp, (unsigned int *)(addr+12)); | |
877 | + err |= get_user(resolver, (unsigned long *)(addr+16)); | |
878 | + | |
879 | + if (err) | |
880 | + break; | |
881 | + | |
882 | + if (br2 == 0xC3600000U && | |
883 | + ldq == 0xA77B000CU && | |
884 | + nop == 0x47FF041FU && | |
885 | + jmp == 0x6B7B0000U) | |
886 | + { | |
887 | + regs->r28 = regs->pc+4; | |
888 | + regs->r27 = addr+16; | |
889 | + regs->pc = resolver; | |
890 | + return 3; | |
891 | + } | |
892 | + } | |
893 | + } while (0); | |
894 | +#endif | |
895 | + | |
896 | + return 1; | |
897 | +} | |
898 | + | |
899 | +void pax_report_insns(struct pt_regs *regs, void *pc, void *sp) | |
900 | +{ | |
901 | + unsigned long i; | |
902 | + | |
903 | + printk(KERN_ERR "PAX: bytes at PC: "); | |
904 | + for (i = 0; i < 5; i++) { | |
905 | + unsigned int c; | |
906 | + if (get_user(c, (unsigned int *)pc+i)) | |
907 | + printk( |