[kernel] r14937 - in dists/lenny/linux-2.6/debian: . patches/bugfix/all patches/series

Ben Hutchings benh at alioth.debian.org
Wed Jan 13 01:51:17 UTC 2010 

Author: benh
Date: Wed Jan 13 01:51:14 2010
New Revision: 14937

Log:
x86: Increase MIN_GAP to include randomized stack (Closes: #559035)

Added:
   dists/lenny/linux-2.6/debian/patches/bugfix/all/x86-Increase-MIN_GAP-to-include-randomized-stack.patch
Modified:
   dists/lenny/linux-2.6/debian/changelog
   dists/lenny/linux-2.6/debian/patches/series/22

Modified: dists/lenny/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny/linux-2.6/debian/changelog	Tue Jan 12 17:02:29 2010	(r14936)
+++ dists/lenny/linux-2.6/debian/changelog	Wed Jan 13 01:51:14 2010	(r14937)
@@ -12,6 +12,7 @@
     (Closes: #562694)
   * dmfe/tulip: Let dmfe handle DM910x except for SPARC on-board chips
     (Closes: #515533)
+  * x86: Increase MIN_GAP to include randomized stack (Closes: #559035)
 
  -- maximilian attems <maks at debian.org>  Mon, 28 Dec 2009 23:44:19 +0100
 

Added: dists/lenny/linux-2.6/debian/patches/bugfix/all/x86-Increase-MIN_GAP-to-include-randomized-stack.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny/linux-2.6/debian/patches/bugfix/all/x86-Increase-MIN_GAP-to-include-randomized-stack.patch	Wed Jan 13 01:51:14 2010	(r14937)
@@ -0,0 +1,80 @@
+From 2578cf95969936c372db29ee2bbc21c9b6a299aa Mon Sep 17 00:00:00 2001
+From: Michal Hocko <mhocko at suse.cz>
+Date: Wed, 7 Oct 2009 17:38:24 -0400
+Subject: [PATCH] x86: Increase MIN_GAP to include randomized stack
+
+[ trivial backport to 2.6.27: Chuck Ebbert <cebbert at redhat.com> ]
+
+commit 80938332d8cf652f6b16e0788cf0ca136befe0b5 upstream.
+
+Currently we are not including randomized stack size when calculating
+mmap_base address in arch_pick_mmap_layout for topdown case. This might
+cause that mmap_base starts in the stack reserved area because stack is
+randomized by 1GB for 64b (8MB for 32b) and the minimum gap is 128MB.
+
+If the stack really grows down to mmap_base then we can get silent mmap
+region overwrite by the stack values.
+
+Let's include maximum stack randomization size into MIN_GAP which is
+used as the low bound for the gap in mmap.
+
+Signed-off-by: Michal Hocko <mhocko at suse.cz>
+LKML-Reference: <1252400515-6866-1-git-send-email-mhocko at suse.cz>
+Acked-by: Jiri Kosina <jkosina at suse.cz>
+Signed-off-by: H. Peter Anvin <hpa at zytor.com>
+Cc: Chuck Ebbert <cebbert at redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ arch/x86/mm/mmap.c    |   17 +++++++++++++++--
+ include/asm-x86/elf.h |    2 ++
+ 2 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
+index 56fe712..47dd8f5 100644
+--- a/arch/x86/mm/mmap.c
++++ b/arch/x86/mm/mmap.c
+@@ -29,13 +29,26 @@
+ #include <linux/random.h>
+ #include <linux/limits.h>
+ #include <linux/sched.h>
++#include <asm/elf.h>
++
++static unsigned int stack_maxrandom_size(void)
++{
++	unsigned int max = 0;
++	if ((current->flags & PF_RANDOMIZE) &&
++		!(current->personality & ADDR_NO_RANDOMIZE)) {
++		max = ((-1U) & STACK_RND_MASK) << PAGE_SHIFT;
++	}
++
++	return max;
++}
++
+ 
+ /*
+  * Top of mmap area (just below the process stack).
+  *
+- * Leave an at least ~128 MB hole.
++ * Leave an at least ~128 MB hole with possible stack randomization.
+  */
+-#define MIN_GAP (128*1024*1024)
++#define MIN_GAP (128*1024*1024UL + stack_maxrandom_size())
+ #define MAX_GAP (TASK_SIZE/6*5)
+ 
+ /*
+diff --git a/include/asm-x86/elf.h b/include/asm-x86/elf.h
+index 7be4733..36343b6 100644
+--- a/include/asm-x86/elf.h
++++ b/include/asm-x86/elf.h
+@@ -287,6 +287,8 @@ do {									\
+ 
+ #ifdef CONFIG_X86_32
+ 
++#define STACK_RND_MASK (0x7ff)
++
+ #define VDSO_HIGH_BASE		(__fix_to_virt(FIX_VDSO))
+ 
+ #define ARCH_DLINFO		ARCH_DLINFO_IA32(vdso_enabled)
+-- 
+1.6.5.7
+

Modified: dists/lenny/linux-2.6/debian/patches/series/22
==============================================================================
--- dists/lenny/linux-2.6/debian/patches/series/22	Tue Jan 12 17:02:29 2010	(r14936)
+++ dists/lenny/linux-2.6/debian/patches/series/22	Wed Jan 13 01:51:14 2010	(r14937)
@@ -4,3 +4,4 @@
 + features/all/atl1c-backport.patch
 + features/all/atl1c-kbuild.patch
 + bugfix/all/dmfe-tulip-Let-dmfe-handle-DM910x-except-SPARC-onboard.patch
++ bugfix/all/x86-Increase-MIN_GAP-to-include-randomized-stack.patch

More information about the Kernel-svn-changes mailing list