Commit 967ed15c authored by Natanael Copa's avatar Natanael Copa

main/linux-grsec: upgrade to grsecurity-2.2.2-3.0.4-201109190917

parent 19b7ea72
......@@ -4,7 +4,7 @@ _flavor=grsec
pkgname=linux-${_flavor}
pkgver=3.0.4
_kernver=3.0
pkgrel=5
pkgrel=6
pkgdesc="Linux kernel with grsecurity"
url=http://grsecurity.net
depends="mkinitfs linux-firmware"
......@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH}}
install=
source="ftp://ftp.kernel.org/pub/linux/kernel/v3.0/linux-$_kernver.tar.bz2
ftp://ftp.kernel.org/pub/linux/kernel/v3.0/patch-$pkgver.bz2
grsecurity-2.2.2-3.0.4-201109150655.patch
grsecurity-2.2.2-3.0.4-201109190917.patch
0004-arp-flush-arp-cache-on-device-change.patch
......@@ -138,7 +138,7 @@ dev() {
md5sums="398e95866794def22b12dfbc15ce89c0 linux-3.0.tar.bz2
62ca5f3caed233617127b2b3b7a87d15 patch-3.0.4.bz2
b7dc9741bbb8f0ec91f88a6983a4fc74 grsecurity-2.2.2-3.0.4-201109150655.patch
475c1129df5aca0d82587640b878109d grsecurity-2.2.2-3.0.4-201109190917.patch
776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch
9a2c88b20d296158cdcd01f843898415 kernelconfig.x86
6957efc9f017c59b05aa0a2e4167255e kernelconfig.x86_64"
......@@ -5589,6 +5589,74 @@ diff -urNp linux-3.0.4/arch/x86/boot/video-vesa.c linux-3.0.4/arch/x86/boot/vide
}
/*
diff -urNp linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/crypto/aes-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -71,6 +71,12 @@ FUNC: movq r1,r2; \
je B192; \
leaq 32(r9),r9;
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+#define ret orb $0x80, 0x7(%rsp); ret
+#else
+#define ret ret
+#endif
+
#define epilogue(r1,r2,r3,r4,r5,r6,r7,r8,r9) \
movq r1,r2; \
movq r3,r4; \
diff -urNp linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/crypto/salsa20-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -790,6 +790,9 @@ ECRYPT_encrypt_bytes:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
# bytesatleast65:
._bytesatleast65:
@@ -891,6 +894,9 @@ ECRYPT_keysetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
# enter ECRYPT_ivsetup
.text
@@ -917,4 +923,7 @@ ECRYPT_ivsetup:
add %r11,%rsp
mov %rdi,%rax
mov %rsi,%rdx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
diff -urNp linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S
--- linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/crypto/twofish-x86_64-asm_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -269,6 +269,9 @@ twofish_enc_blk:
popq R1
movq $1,%rax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
twofish_dec_blk:
@@ -321,4 +324,7 @@ twofish_dec_blk:
popq R1
movq $1,%rax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
diff -urNp linux-3.0.4/arch/x86/ia32/ia32_aout.c linux-3.0.4/arch/x86/ia32/ia32_aout.c
--- linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/ia32/ia32_aout.c 2011-08-23 21:48:14.000000000 -0400
......@@ -8676,8 +8744,8 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/rwsem.h linux-3.0.4/arch/x86/include
diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/include/asm/segment.h
--- linux-3.0.4/arch/x86/include/asm/segment.h 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/include/asm/segment.h 2011-08-23 21:47:55.000000000 -0400
@@ -64,8 +64,8 @@
+++ linux-3.0.4/arch/x86/include/asm/segment.h 2011-09-17 00:53:42.000000000 -0400
@@ -64,10 +64,15 @@
* 26 - ESPFIX small SS
* 27 - per-cpu [ offset to per-cpu data area ]
* 28 - stack_canary-20 [ for stack protector ]
......@@ -8687,8 +8755,15 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/inclu
+ * 30 - PCI BIOS DS
* 31 - TSS for double fault handler
*/
+#define GDT_ENTRY_KERNEXEC_EFI_CS (1)
+#define GDT_ENTRY_KERNEXEC_EFI_DS (2)
+#define __KERNEXEC_EFI_CS (GDT_ENTRY_KERNEXEC_EFI_CS*8)
+#define __KERNEXEC_EFI_DS (GDT_ENTRY_KERNEXEC_EFI_DS*8)
+
#define GDT_ENTRY_TLS_MIN 6
@@ -79,6 +79,8 @@
#define GDT_ENTRY_TLS_MAX (GDT_ENTRY_TLS_MIN + GDT_ENTRY_TLS_ENTRIES - 1)
@@ -79,6 +84,8 @@
#define GDT_ENTRY_KERNEL_CS (GDT_ENTRY_KERNEL_BASE+0)
......@@ -8697,7 +8772,7 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/inclu
#define GDT_ENTRY_KERNEL_DS (GDT_ENTRY_KERNEL_BASE+1)
#define GDT_ENTRY_TSS (GDT_ENTRY_KERNEL_BASE+4)
@@ -104,6 +106,12 @@
@@ -104,6 +111,12 @@
#define __KERNEL_STACK_CANARY 0
#endif
......@@ -8710,7 +8785,7 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/inclu
#define GDT_ENTRY_DOUBLEFAULT_TSS 31
/*
@@ -141,7 +149,7 @@
@@ -141,7 +154,7 @@
*/
/* Matches PNP_CS32 and PNP_CS16 (they must be consecutive) */
......@@ -8719,7 +8794,7 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/inclu
#else
@@ -165,6 +173,8 @@
@@ -165,6 +178,8 @@
#define __USER32_CS (GDT_ENTRY_DEFAULT_USER32_CS * 8 + 3)
#define __USER32_DS __USER_DS
......@@ -8728,7 +8803,7 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/segment.h linux-3.0.4/arch/x86/inclu
#define GDT_ENTRY_TSS 8 /* needs two entries */
#define GDT_ENTRY_LDT 10 /* needs two entries */
#define GDT_ENTRY_TLS_MIN 12
@@ -185,6 +195,7 @@
@@ -185,6 +200,7 @@
#endif
#define __KERNEL_CS (GDT_ENTRY_KERNEL_CS*8)
......@@ -10047,7 +10122,7 @@ diff -urNp linux-3.0.4/arch/x86/include/asm/xsave.h linux-3.0.4/arch/x86/include
".section .fixup,\"ax\"\n"
diff -urNp linux-3.0.4/arch/x86/Kconfig linux-3.0.4/arch/x86/Kconfig
--- linux-3.0.4/arch/x86/Kconfig 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/Kconfig 2011-08-23 21:48:14.000000000 -0400
+++ linux-3.0.4/arch/x86/Kconfig 2011-09-17 00:58:36.000000000 -0400
@@ -229,7 +229,7 @@ config X86_HT
config X86_32_LAZY_GS
......@@ -10084,15 +10159,6 @@ diff -urNp linux-3.0.4/arch/x86/Kconfig linux-3.0.4/arch/x86/Kconfig
default 0x40000000 if VMSPLIT_1G
default 0xC0000000
depends on X86_32
@@ -1453,7 +1453,7 @@ config ARCH_USES_PG_UNCACHED
config EFI
bool "EFI runtime service support"
- depends on ACPI
+ depends on ACPI && !PAX_KERNEXEC
---help---
This enables the kernel to use EFI runtime services that are
available (such as the EFI variable services).
@@ -1483,6 +1483,7 @@ config SECCOMP
config CC_STACKPROTECTOR
......@@ -11728,7 +11794,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_32.S linux-3.0.4/arch/x86/kernel/en
CFI_ADJUST_CFA_OFFSET -24
diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/entry_64.S
--- linux-3.0.4/arch/x86/kernel/entry_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/kernel/entry_64.S 2011-08-26 19:49:56.000000000 -0400
+++ linux-3.0.4/arch/x86/kernel/entry_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -53,6 +53,7 @@
#include <asm/paravirt.h>
#include <asm/ftrace.h>
......@@ -12108,7 +12174,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
je retint_kernel
/* Interrupt came from user space */
@@ -847,12 +1125,15 @@ retint_swapgs: /* return to user-space
@@ -847,12 +1125,18 @@ retint_swapgs: /* return to user-space
* The iretq could re-enable interrupts:
*/
DISABLE_INTERRUPTS(CLBR_ANY)
......@@ -12121,10 +12187,13 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
retint_restore_args: /* return to kernel space */
DISABLE_INTERRUPTS(CLBR_ANY)
+ pax_exit_kernel
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80,0x7+RIP-ARGOFFSET(%rsp)
+#endif
/*
* The iretq could re-enable interrupts:
*/
@@ -1027,6 +1308,16 @@ ENTRY(\sym)
@@ -1027,6 +1311,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
......@@ -12141,7 +12210,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
@@ -1044,6 +1335,16 @@ ENTRY(\sym)
@@ -1044,6 +1338,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
......@@ -12158,7 +12227,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
movq %rsp,%rdi /* pt_regs pointer */
xorl %esi,%esi /* no error code */
call \do_sym
@@ -1052,7 +1353,7 @@ ENTRY(\sym)
@@ -1052,7 +1356,7 @@ ENTRY(\sym)
END(\sym)
.endm
......@@ -12167,7 +12236,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
.macro paranoidzeroentry_ist sym do_sym ist
ENTRY(\sym)
INTR_FRAME
@@ -1062,8 +1363,24 @@ ENTRY(\sym)
@@ -1062,8 +1366,24 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
TRACE_IRQS_OFF
......@@ -12192,7 +12261,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
subq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
call \do_sym
addq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
@@ -1080,6 +1397,16 @@ ENTRY(\sym)
@@ -1080,6 +1400,16 @@ ENTRY(\sym)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call error_entry
DEFAULT_FRAME 0
......@@ -12209,7 +12278,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
@@ -1099,6 +1426,16 @@ ENTRY(\sym)
@@ -1099,6 +1429,16 @@ ENTRY(\sym)
call save_paranoid
DEFAULT_FRAME 0
TRACE_IRQS_OFF
......@@ -12226,7 +12295,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
movq %rsp,%rdi /* pt_regs pointer */
movq ORIG_RAX(%rsp),%rsi /* get error code */
movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
@@ -1361,14 +1698,27 @@ ENTRY(paranoid_exit)
@@ -1361,16 +1701,35 @@ ENTRY(paranoid_exit)
TRACE_IRQS_OFF
testl %ebx,%ebx /* swapgs needed? */
jnz paranoid_restore
......@@ -12238,6 +12307,9 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
+ TRACE_IRQS_IRETQ 0
+ SWAPGS_UNSAFE_STACK
+ RESTORE_ALL 8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80,0x7(%rsp)
+#endif
+ jmp irq_return
+#endif
paranoid_swapgs:
......@@ -12254,8 +12326,13 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
+ pax_exit_kernel
TRACE_IRQS_IRETQ 0
RESTORE_ALL 8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80,0x7(%rsp)
+#endif
jmp irq_return
@@ -1426,7 +1776,7 @@ ENTRY(error_entry)
paranoid_userspace:
GET_THREAD_INFO(%rcx)
@@ -1426,7 +1785,7 @@ ENTRY(error_entry)
movq_cfi r14, R14+8
movq_cfi r15, R15+8
xorl %ebx,%ebx
......@@ -12264,7 +12341,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
je error_kernelspace
error_swapgs:
SWAPGS
@@ -1490,6 +1840,16 @@ ENTRY(nmi)
@@ -1490,6 +1849,16 @@ ENTRY(nmi)
CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
call save_paranoid
DEFAULT_FRAME 0
......@@ -12281,7 +12358,7 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
movq %rsp,%rdi
movq $-1,%rsi
@@ -1500,11 +1860,25 @@ ENTRY(nmi)
@@ -1500,12 +1869,32 @@ ENTRY(nmi)
DISABLE_INTERRUPTS(CLBR_NONE)
testl %ebx,%ebx /* swapgs needed? */
jnz nmi_restore
......@@ -12292,6 +12369,9 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
+ pax_exit_kernel
+ SWAPGS_UNSAFE_STACK
+ RESTORE_ALL 8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80,0x7(%rsp)
+#endif
+ jmp irq_return
+#endif
nmi_swapgs:
......@@ -12306,8 +12386,12 @@ diff -urNp linux-3.0.4/arch/x86/kernel/entry_64.S linux-3.0.4/arch/x86/kernel/en
nmi_restore:
+ pax_exit_kernel
RESTORE_ALL 8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80,0x7(%rsp)
+#endif
jmp irq_return
nmi_userspace:
GET_THREAD_INFO(%rcx)
diff -urNp linux-3.0.4/arch/x86/kernel/ftrace.c linux-3.0.4/arch/x86/kernel/ftrace.c
--- linux-3.0.4/arch/x86/kernel/ftrace.c 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/kernel/ftrace.c 2011-08-23 21:47:55.000000000 -0400
......@@ -16528,8 +16612,15 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_386_32.S linux-3.0.4/arch/x86/lib/a
movl %edx, 4(v)
diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S
--- linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-08-23 21:47:55.000000000 -0400
@@ -39,6 +39,14 @@ ENTRY(atomic64_read_cx8)
+++ linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S 2011-09-17 18:31:51.000000000 -0400
@@ -35,10 +35,24 @@ ENTRY(atomic64_read_cx8)
CFI_STARTPROC
read64 %ecx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(atomic64_read_cx8)
......@@ -16537,6 +16628,9 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
+ CFI_STARTPROC
+
+ read64 %ecx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
+ ret
+ CFI_ENDPROC
+ENDPROC(atomic64_read_unchecked_cx8)
......@@ -16544,7 +16638,14 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
ENTRY(atomic64_set_cx8)
CFI_STARTPROC
@@ -52,6 +60,19 @@ ENTRY(atomic64_set_cx8)
@@ -48,10 +62,29 @@ ENTRY(atomic64_set_cx8)
cmpxchg8b (%esi)
jne 1b
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(atomic64_set_cx8)
......@@ -16557,6 +16658,9 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
+ cmpxchg8b (%esi)
+ jne 1b
+
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
+ ret
+ CFI_ENDPROC
+ENDPROC(atomic64_set_unchecked_cx8)
......@@ -16564,7 +16668,14 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
ENTRY(atomic64_xchg_cx8)
CFI_STARTPROC
@@ -66,8 +87,8 @@ ENTRY(atomic64_xchg_cx8)
@@ -62,12 +95,15 @@ ENTRY(atomic64_xchg_cx8)
cmpxchg8b (%esi)
jne 1b
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(atomic64_xchg_cx8)
......@@ -16575,7 +16686,7 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
CFI_STARTPROC
SAVE ebp
SAVE ebx
@@ -84,27 +105,43 @@ ENTRY(atomic64_\func\()_return_cx8)
@@ -84,27 +120,46 @@ ENTRY(atomic64_\func\()_return_cx8)
movl %edx, %ecx
\ins\()l %esi, %ebx
\insc\()l %edi, %ecx
......@@ -16606,6 +16717,9 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
RESTORE esi
RESTORE ebx
RESTORE ebp
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
-ENDPROC(atomic64_\func\()_return_cx8)
......@@ -16624,7 +16738,7 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
CFI_STARTPROC
SAVE ebx
@@ -114,21 +151,38 @@ ENTRY(atomic64_\func\()_return_cx8)
@@ -114,21 +169,41 @@ ENTRY(atomic64_\func\()_return_cx8)
movl %edx, %ecx
\ins\()l $1, %ebx
\insc\()l $0, %ecx
......@@ -16652,6 +16766,9 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
+.endif
+
RESTORE ebx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
-ENDPROC(atomic64_\func\()_return_cx8)
......@@ -16665,7 +16782,7 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
ENTRY(atomic64_dec_if_positive_cx8)
CFI_STARTPROC
@@ -140,6 +194,13 @@ ENTRY(atomic64_dec_if_positive_cx8)
@@ -140,6 +215,13 @@ ENTRY(atomic64_dec_if_positive_cx8)
movl %edx, %ecx
subl $1, %ebx
sbb $0, %ecx
......@@ -16679,7 +16796,17 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
js 2f
LOCK_PREFIX
cmpxchg8b (%esi)
@@ -174,6 +235,13 @@ ENTRY(atomic64_add_unless_cx8)
@@ -149,6 +231,9 @@ ENTRY(atomic64_dec_if_positive_cx8)
movl %ebx, %eax
movl %ecx, %edx
RESTORE ebx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(atomic64_dec_if_positive_cx8)
@@ -174,6 +259,13 @@ ENTRY(atomic64_add_unless_cx8)
movl %edx, %ecx
addl %esi, %ebx
adcl %edi, %ecx
......@@ -16693,7 +16820,17 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
LOCK_PREFIX
cmpxchg8b (%ebp)
jne 1b
@@ -206,6 +274,13 @@ ENTRY(atomic64_inc_not_zero_cx8)
@@ -184,6 +276,9 @@ ENTRY(atomic64_add_unless_cx8)
CFI_ADJUST_CFA_OFFSET -8
RESTORE ebx
RESTORE ebp
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
4:
cmpl %edx, 4(%esp)
@@ -206,6 +301,13 @@ ENTRY(atomic64_inc_not_zero_cx8)
movl %edx, %ecx
addl $1, %ebx
adcl $0, %ecx
......@@ -16707,6 +16844,16 @@ diff -urNp linux-3.0.4/arch/x86/lib/atomic64_cx8_32.S linux-3.0.4/arch/x86/lib/a
LOCK_PREFIX
cmpxchg8b (%esi)
jne 1b
@@ -213,6 +315,9 @@ ENTRY(atomic64_inc_not_zero_cx8)
movl $1, %eax
3:
RESTORE ebx
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
4:
testl %edx, %edx
diff -urNp linux-3.0.4/arch/x86/lib/checksum_32.S linux-3.0.4/arch/x86/lib/checksum_32.S
--- linux-3.0.4/arch/x86/lib/checksum_32.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/checksum_32.S 2011-08-23 21:47:55.000000000 -0400
......@@ -16956,8 +17103,38 @@ diff -urNp linux-3.0.4/arch/x86/lib/checksum_32.S linux-3.0.4/arch/x86/lib/check
#undef ROUND1
diff -urNp linux-3.0.4/arch/x86/lib/clear_page_64.S linux-3.0.4/arch/x86/lib/clear_page_64.S
--- linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-08-23 21:47:55.000000000 -0400
@@ -58,7 +58,7 @@ ENDPROC(clear_page)
+++ linux-3.0.4/arch/x86/lib/clear_page_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -11,6 +11,9 @@ ENTRY(clear_page_c)
movl $4096/8,%ecx
xorl %eax,%eax
rep stosq
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(clear_page_c)
@@ -20,6 +23,9 @@ ENTRY(clear_page_c_e)
movl $4096,%ecx
xorl %eax,%eax
rep stosb
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(clear_page_c_e)
@@ -43,6 +49,9 @@ ENTRY(clear_page)
leaq 64(%rdi),%rdi
jnz .Lloop
nop
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
.Lclear_page_end:
@@ -58,7 +67,7 @@ ENDPROC(clear_page)
#include <asm/cpufeature.h>
......@@ -16968,8 +17145,28 @@ diff -urNp linux-3.0.4/arch/x86/lib/clear_page_64.S linux-3.0.4/arch/x86/lib/cle
2: .byte 0xeb /* jmp <disp8> */
diff -urNp linux-3.0.4/arch/x86/lib/copy_page_64.S linux-3.0.4/arch/x86/lib/copy_page_64.S
--- linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-08-23 21:47:55.000000000 -0400
@@ -104,7 +104,7 @@ ENDPROC(copy_page)
+++ linux-3.0.4/arch/x86/lib/copy_page_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -8,6 +8,9 @@ copy_page_c:
CFI_STARTPROC
movl $4096/8,%ecx
rep movsq
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(copy_page_c)
@@ -94,6 +97,9 @@ ENTRY(copy_page)
CFI_RESTORE r13
addq $3*8,%rsp
CFI_ADJUST_CFA_OFFSET -3*8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.Lcopy_page_end:
CFI_ENDPROC
@@ -104,7 +110,7 @@ ENDPROC(copy_page)
#include <asm/cpufeature.h>
......@@ -16980,7 +17177,7 @@ diff -urNp linux-3.0.4/arch/x86/lib/copy_page_64.S linux-3.0.4/arch/x86/lib/copy
2:
diff -urNp linux-3.0.4/arch/x86/lib/copy_user_64.S linux-3.0.4/arch/x86/lib/copy_user_64.S
--- linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-08-23 21:47:55.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/copy_user_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -16,6 +16,7 @@
#include <asm/thread_info.h>
#include <asm/cpufeature.h>
......@@ -16998,7 +17195,7 @@ diff -urNp linux-3.0.4/arch/x86/lib/copy_user_64.S linux-3.0.4/arch/x86/lib/copy
2: .byte 0xe9 /* near jump with 32bit immediate */
.long \alt1-1b /* offset */ /* or alternatively to alt1 */
3: .byte 0xe9 /* near jump with 32bit immediate */
@@ -71,41 +72,13 @@
@@ -71,47 +72,22 @@
#endif
.endm
......@@ -17042,9 +17239,48 @@ diff -urNp linux-3.0.4/arch/x86/lib/copy_user_64.S linux-3.0.4/arch/x86/lib/copy
movl %edx,%ecx
xorl %eax,%eax
rep
stosb
bad_to_user:
movl %edx,%eax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(bad_from_user)
@@ -179,6 +155,9 @@ ENTRY(copy_user_generic_unrolled)
decl %ecx
jnz 21b
23: xor %eax,%eax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.section .fixup,"ax"
@@ -251,6 +230,9 @@ ENTRY(copy_user_generic_string)
3: rep
movsb
4: xorl %eax,%eax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.section .fixup,"ax"
@@ -287,6 +269,9 @@ ENTRY(copy_user_enhanced_fast_string)
1: rep
movsb
2: xorl %eax,%eax
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.section .fixup,"ax"
diff -urNp linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S
--- linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S 2011-08-23 21:47:55.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -14,6 +14,7 @@
#include <asm/current.h>
#include <asm/asm-offsets.h>
......@@ -17069,6 +17305,29 @@ diff -urNp linux-3.0.4/arch/x86/lib/copy_user_nocache_64.S linux-3.0.4/arch/x86/
cmpl $8,%edx
jb 20f /* less then 8 bytes, go to byte copy loop */
ALIGN_DESTINATION
@@ -98,6 +108,9 @@ ENTRY(__copy_user_nocache)
jnz 21b
23: xorl %eax,%eax
sfence
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.section .fixup,"ax"
diff -urNp linux-3.0.4/arch/x86/lib/csum-copy_64.S linux-3.0.4/arch/x86/lib/csum-copy_64.S
--- linux-3.0.4/arch/x86/lib/csum-copy_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/csum-copy_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -228,6 +228,9 @@ ENTRY(csum_partial_copy_generic)
CFI_RESTORE rbp
addq $7*8, %rsp
CFI_ADJUST_CFA_OFFSET -7*8
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_RESTORE_STATE
diff -urNp linux-3.0.4/arch/x86/lib/csum-wrappers_64.c linux-3.0.4/arch/x86/lib/csum-wrappers_64.c
--- linux-3.0.4/arch/x86/lib/csum-wrappers_64.c 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/csum-wrappers_64.c 2011-08-23 21:47:55.000000000 -0400
......@@ -17232,6 +17491,138 @@ diff -urNp linux-3.0.4/arch/x86/lib/insn.c linux-3.0.4/arch/x86/lib/insn.c
insn->x86_64 = x86_64 ? 1 : 0;
insn->opnd_bytes = 4;
if (x86_64)
diff -urNp linux-3.0.4/arch/x86/lib/iomap_copy_64.S linux-3.0.4/arch/x86/lib/iomap_copy_64.S
--- linux-3.0.4/arch/x86/lib/iomap_copy_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/iomap_copy_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -25,6 +25,9 @@ ENTRY(__iowrite32_copy)
CFI_STARTPROC
movl %edx,%ecx
rep movsd
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
CFI_ENDPROC
ENDPROC(__iowrite32_copy)
diff -urNp linux-3.0.4/arch/x86/lib/memcpy_64.S linux-3.0.4/arch/x86/lib/memcpy_64.S
--- linux-3.0.4/arch/x86/lib/memcpy_64.S 2011-07-21 22:17:23.000000000 -0400
+++ linux-3.0.4/arch/x86/lib/memcpy_64.S 2011-09-17 18:31:51.000000000 -0400
@@ -34,6 +34,9 @@
rep movsq
movl %edx, %ecx
rep movsb
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.Lmemcpy_e:
.previous
@@ -51,6 +54,9 @@
movl %edx, %ecx
rep movsb
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
ret
.Lmemcpy_e_e:
.previous
@@ -141,6 +147,9 @@ ENTRY(memcpy)
movq %r9, 1*8(%rdi)
movq %r10, -2*8(%rdi, %rdx)
movq %r11, -1*8(%rdi, %rdx)
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
retq
.p2align 4
.Lless_16bytes:
@@ -153,6 +162,9 @@ ENTRY(memcpy)
movq -1*8(%rsi, %rdx), %r9
movq %r8, 0*8(%rdi)
movq %r9, -1*8(%rdi, %rdx)
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
retq
.p2align 4
.Lless_8bytes:
@@ -166,6 +178,9 @@ ENTRY(memcpy)
movl -4(%rsi, %rdx), %r8d
movl %ecx, (%rdi)
movl %r8d, -4(%rdi, %rdx)
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)
+#endif
retq
.p2align 4
.Lless_3bytes:
@@ -183,6 +198,9 @@ ENTRY(memcpy)
jnz .Lloop_1
.Lend:
+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
+ orb $0x80, 0x7(%rsp)