Commit 4799a0b4 authored by Natanael Copa's avatar Natanael Copa

main/linux-grsec: add fix for xen

ref #6071
upstream: https://forums.grsecurity.net/viewtopic.php?f=3&t=4441
parent 60535e9b
......@@ -7,7 +7,7 @@ case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=${pkgver};;
esac
pkgrel=0
pkgrel=1
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs"
......@@ -21,6 +21,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v4.x/linux-$_kernver.tar.xz
fix-spi-nor-namespace-clash.patch
imx6q-no-unclocked-sleep.patch
fix-xen-ssp.patch
gcc6.patch
config-grsec.x86
......@@ -218,6 +219,7 @@ md5sums="9a78fa2eb6c68ca5a40ed5af08142599 linux-4.4.tar.xz
64062fa71e77623c3164b47ee6fa92f2 grsecurity-3.1-4.4.20-201604252206-alpine.patch
c32f1d7517a095a2645fc1c7dec5db8f fix-spi-nor-namespace-clash.patch
b11c29ee88f7f537973191036d48bee7 imx6q-no-unclocked-sleep.patch
8f4b55a9172cf886675c8161c97da6e1 fix-xen-ssp.patch
90e0fca6cb7bca277394b0db7f605098 gcc6.patch
2da05cb44c4f954f05f58734f4e16760 config-grsec.x86
8d86b346ae0a68fea58f3eab2338641b config-grsec.x86_64
......@@ -229,6 +231,7 @@ da9d7d3548070bc4a333786778f628eaa2a76e10f21a34567f591834a9e87d27 patch-4.4.20.x
0fe119716bc047ae2221e760bf3023c27ccfde2cfd040d405c462a315548154c grsecurity-3.1-4.4.20-201604252206-alpine.patch
b8ce28c61663dbd92f7e1c862c042c88c4d0459ce15f6e6ea121e20705b66212 fix-spi-nor-namespace-clash.patch
7e8a954750139a421a76e414e19a3b57645c9ec70e6c14a6b7708a3fa0cfd5e4 imx6q-no-unclocked-sleep.patch
baf5e43ceb3c5958026da57b1da594d0d82cbd82d964c90c86c80efed6ee8744 fix-xen-ssp.patch
21640b417cb9a389bf7be6a11dc71a481ec76fcfcc758992a9be158ab6a643e8 gcc6.patch
4098706e52e79c99b56e74c5aea53ba157c561c794819c130656d92a7b452210 config-grsec.x86
7a332837c3d63bf90bbab1df759801834393894e13f8a0647976dcec9d87a376 config-grsec.x86_64
......@@ -240,6 +243,7 @@ sha512sums="13c8459933a8b80608e226a1398e3d1848352ace84bcfb7e6a4a33cb230bbe1ab719
d5367618ea58a63fa1014522adb64574bdda5c959f829ba284015b0ff99cfd8c9500383cb900e959ef4b5967d0f7b35c4c4b94a944a4aa84fa342ecd1ccbd7a8 grsecurity-3.1-4.4.20-201604252206-alpine.patch
410fe7dae27cb4998d17a441a5b2a19dd350636ead2de97d4ef5317501d9e82e2550bfca0f022c9be6296907c076c381e1e13060d1900ff26ee7d47f234fb104 fix-spi-nor-namespace-clash.patch
9980eb10f529bc5ce482ab0a0037febbc982b528c3e4d02fc4547e6dd45dc529a7b1711d0c89f942b1ae27842c3794b68a6b8959ef80f6fd00183d3a591cea07 imx6q-no-unclocked-sleep.patch
d398cd45e06ab587ebf83b06417d368c54c3d260ad0f8bc8659367df25c8eef1a56ef24cc81291d79d8daf6bc34415a3af6036e9361b9ab15d911145a8fa9e8b fix-xen-ssp.patch
edcebc229956a05621ec1c89039b56aa61b468c74b54420ff72bd08658b65d29d6af385a7d78d1ce4b39889b407106b99efe7309f8a82974a74eb9edb9e89b64 gcc6.patch
0ba45dc80b9070a18bd31155eb2e658efdf8106fb331978d0b32bea68c9a401990b681df834319c9fa8599a78583bd4c45c274aa3d251aabc740d06141c5beb6 config-grsec.x86
65c8a18d3107be8766060eb7d7c89f2b865b38dc7e93f4110bffd98ef009f9cc192b3c9ad6fecbe412208c8efa93a526e81d4362bd207e6a585f30cc22ee8603 config-grsec.x86_64
......
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index de1c6d4..25cf7f8 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -1566,6 +1566,15 @@ asmlinkage __visible void __init xen_start_kernel(void)
*/
__userpte_alloc_gfp &= ~__GFP_HIGHMEM;
+ /* Get mfn list */
+ xen_build_dynamic_phys_to_machine();
+
+ /*
+ * Set up kernel GDT and segment registers, mainly so that
+ * -fstack-protector code can be executed.
+ */
+ xen_setup_gdt(0);
+
/* Work out if we support NX */
#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
if ((cpuid_eax(0x80000000) & 0xffff0000) == 0x80000000 &&
@@ -1579,15 +1588,6 @@ asmlinkage __visible void __init xen_start_kernel(void)
}
#endif
- /* Get mfn list */
- xen_build_dynamic_phys_to_machine();
-
- /*
- * Set up kernel GDT and segment registers, mainly so that
- * -fstack-protector code can be executed.
- */
- xen_setup_gdt(0);
-
xen_init_irq_ops();
xen_init_cpuid_mask();
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment