Remove patch to binfmt_elf_fdpic
We do not build this module and we do not support NOMMU platforms. svn path=/dists/trunk/linux-2.6/; revision=15104
This commit is contained in:
Ben Hutchings
parent
162bbcf175
commit
222e0d7fa9
|
|
@ -11,10 +11,7 @@ linux-2.6 (2.6.32-7) UNRELEASED; urgency=low
|
|||
[ dann frazier ]
|
||||
* Disable FUNCTION_TRACER due to performance/build issues.
|
||||
(Closes: #568025)
|
||||
* Patches queued for 2.6.32.8:
|
||||
- FDPIC: Respect PT_GNU_STACK exec protection markings when creating
|
||||
NOMMU stack
|
||||
- Split 'flush_old_exec' into two functions (CVE-2010-0307)
|
||||
* Split 'flush_old_exec' into two functions (CVE-2010-0307)
|
||||
|
||||
-- maximilian attems <maks@debian.org> Mon, 01 Feb 2010 17:16:31 +0100
|
||||
|
||||
|
|
|
|||
|
|
@ -1,105 +0,0 @@
|
|||
From 04e4f2b18c8de1389d1e00fef0f42a8099910daf Mon Sep 17 00:00:00 2001
|
||||
From: Mike Frysinger <vapier@gentoo.org>
|
||||
Date: Wed, 6 Jan 2010 17:23:17 +0000
|
||||
Subject: FDPIC: Respect PT_GNU_STACK exec protection markings when creating NOMMU stack
|
||||
|
||||
From: Mike Frysinger <vapier@gentoo.org>
|
||||
|
||||
commit 04e4f2b18c8de1389d1e00fef0f42a8099910daf upstream.
|
||||
|
||||
The current code will load the stack size and protection markings, but
|
||||
then only use the markings in the MMU code path. The NOMMU code path
|
||||
always passes PROT_EXEC to the mmap() call. While this doesn't matter
|
||||
to most people whilst the code is running, it will cause a pointless
|
||||
icache flush when starting every FDPIC application. Typically this
|
||||
icache flush will be of a region on the order of 128KB in size, or may
|
||||
be the entire icache, depending on the facilities available on the CPU.
|
||||
|
||||
In the case where the arch default behaviour seems to be desired
|
||||
(EXSTACK_DEFAULT), we probe VM_STACK_FLAGS for VM_EXEC to determine
|
||||
whether we should be setting PROT_EXEC or not.
|
||||
|
||||
For arches that support an MPU (Memory Protection Unit - an MMU without
|
||||
the virtual mapping capability), setting PROT_EXEC or not will make an
|
||||
important difference.
|
||||
|
||||
It should be noted that this change also affects the executability of
|
||||
the brk region, since ELF-FDPIC has that share with the stack. However,
|
||||
this is probably irrelevant as NOMMU programs aren't likely to use the
|
||||
brk region, preferring instead allocation via mmap().
|
||||
|
||||
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
|
||||
Signed-off-by: David Howells <dhowells@redhat.com>
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
||||
|
||||
---
|
||||
arch/blackfin/include/asm/page.h | 5 +++++
|
||||
arch/frv/include/asm/page.h | 2 --
|
||||
fs/binfmt_elf_fdpic.c | 13 +++++++++++--
|
||||
3 files changed, 16 insertions(+), 4 deletions(-)
|
||||
|
||||
--- a/arch/blackfin/include/asm/page.h
|
||||
+++ b/arch/blackfin/include/asm/page.h
|
||||
@@ -10,4 +10,9 @@
|
||||
#include <asm-generic/page.h>
|
||||
#define MAP_NR(addr) (((unsigned long)(addr)-PAGE_OFFSET) >> PAGE_SHIFT)
|
||||
|
||||
+#define VM_DATA_DEFAULT_FLAGS \
|
||||
+ (VM_READ | VM_WRITE | \
|
||||
+ ((current->personality & READ_IMPLIES_EXEC) ? VM_EXEC : 0 ) | \
|
||||
+ VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
|
||||
+
|
||||
#endif
|
||||
--- a/arch/frv/include/asm/page.h
|
||||
+++ b/arch/frv/include/asm/page.h
|
||||
@@ -63,12 +63,10 @@ extern unsigned long max_pfn;
|
||||
#define virt_addr_valid(kaddr) pfn_valid(__pa(kaddr) >> PAGE_SHIFT)
|
||||
|
||||
|
||||
-#ifdef CONFIG_MMU
|
||||
#define VM_DATA_DEFAULT_FLAGS \
|
||||
(VM_READ | VM_WRITE | \
|
||||
((current->personality & READ_IMPLIES_EXEC) ? VM_EXEC : 0 ) | \
|
||||
VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC)
|
||||
-#endif
|
||||
|
||||
#endif /* __ASSEMBLY__ */
|
||||
|
||||
--- a/fs/binfmt_elf_fdpic.c
|
||||
+++ b/fs/binfmt_elf_fdpic.c
|
||||
@@ -171,6 +171,9 @@ static int load_elf_fdpic_binary(struct
|
||||
#ifdef ELF_FDPIC_PLAT_INIT
|
||||
unsigned long dynaddr;
|
||||
#endif
|
||||
+#ifndef CONFIG_MMU
|
||||
+ unsigned long stack_prot;
|
||||
+#endif
|
||||
struct file *interpreter = NULL; /* to shut gcc up */
|
||||
char *interpreter_name = NULL;
|
||||
int executable_stack;
|
||||
@@ -316,6 +319,8 @@ static int load_elf_fdpic_binary(struct
|
||||
* defunct, deceased, etc. after this point we have to exit via
|
||||
* error_kill */
|
||||
set_personality(PER_LINUX_FDPIC);
|
||||
+ if (elf_read_implies_exec(&exec_params.hdr, executable_stack))
|
||||
+ current->personality |= READ_IMPLIES_EXEC;
|
||||
set_binfmt(&elf_fdpic_format);
|
||||
|
||||
current->mm->start_code = 0;
|
||||
@@ -377,9 +382,13 @@ static int load_elf_fdpic_binary(struct
|
||||
if (stack_size < PAGE_SIZE * 2)
|
||||
stack_size = PAGE_SIZE * 2;
|
||||
|
||||
+ stack_prot = PROT_READ | PROT_WRITE;
|
||||
+ if (executable_stack == EXSTACK_ENABLE_X ||
|
||||
+ (executable_stack == EXSTACK_DEFAULT && VM_STACK_FLAGS & VM_EXEC))
|
||||
+ stack_prot |= PROT_EXEC;
|
||||
+
|
||||
down_write(¤t->mm->mmap_sem);
|
||||
- current->mm->start_brk = do_mmap(NULL, 0, stack_size,
|
||||
- PROT_READ | PROT_WRITE | PROT_EXEC,
|
||||
+ current->mm->start_brk = do_mmap(NULL, 0, stack_size, stack_prot,
|
||||
MAP_PRIVATE | MAP_ANONYMOUS | MAP_GROWSDOWN,
|
||||
0);
|
||||
|
||||
|
|
@ -1,3 +1,2 @@
|
|||
+ bugfix/all/clocksource-events-Fix-fallout-of-generic-code-changes.patch
|
||||
+ bugfix/all/fdpic-respect-pt_gnu_stack-exec-protection-markings-when-creating-nommu-stack.patch
|
||||
+ bugfix/all/split-flush_old_exec-into-two-functions.patch
|
||||
|
|
|
|||
Loading…
Reference in New Issue