[grsec] how to patch grsec for 2.4.29-pre2?
pageexec at freemail.hu
pageexec at freemail.hu
Wed Dec 22 15:39:39 EST 2004
> >look at 2.6.9, i think it's the exact same code there and is properly
> resolved.
>
> There's a difference in the moment current->mm->* is updated. In 2.6
> it's updated upon entry of set_brk, in 2.4.29-pre2 it's updated just
> before exiting. Is it correct to use the same code as in 2.6?
well, it's an interesting piece of code 'cos the mainline kernel
actually changes a long tradition where the initial value of brk()
used to be equal to the _end symbol of the main executable. this
is also bad for brk randomization so i changed it back to the old
behaviour. it's really your call if you set brk the new or the old
way. for the new way, i've actually update my patch to change brk
only if do_brk() was successful, look at -rc2 in my home, or here's
the relevant chunk:
--- linux-2.6.9/fs/binfmt_elf.c 2004-10-18 23:54:07.000000000 +0200
+++ linux-2.6.9-pax/fs/binfmt_elf.c 2004-12-22 21:17:42.576699504 +0100
@@ -85,14 +90,24 @@ static struct linux_binfmt elf_format =
static int set_brk(unsigned long start, unsigned long end)
{
+ unsigned long e = end;
+
start = ELF_PAGEALIGN(start);
end = ELF_PAGEALIGN(end);
if (end > start) {
unsigned long addr = do_brk(start, end - start);
if (BAD_ADDR(addr))
return addr;
+
+#ifdef CONFIG_PAX_RANDEXEC
+ if (current->flags & PF_PAX_RANDEXEC)
+ addr = __do_mmap_pgoff(NULL, ELF_PAGEALIGN(start + current->mm->delta_exec), 0UL, PROT_READ | PROT_WRITE, MAP_PRIVATE |
MAP_FIXED | MAP_MIRROR, start);
+ if (BAD_ADDR(addr))
+ return addr;
+#endif
+
}
- current->mm->start_brk = current->mm->brk = end;
+ current->mm->start_brk = current->mm->brk = e;
return 0;
}
More information about the grsecurity
mailing list