[grsec] how to patch grsec for 2.4.29-pre2?

Carlos Carvalho carlos at fisica.ufpr.br
Thu Dec 23 11:55:24 EST 2004


pageexec at freemail.hu (pageexec at freemail.hu) wrote on 22 December 2004 21:39:
 >for the new way, i've actually update my patch to change brk
 >only if do_brk() was successful, look at -rc2 in my home, or here's
 >the relevant chunk:

Looks a nice solution. However I've just noticed what resulted from
the patch in binfmt_elf.c:

	end_data += load_bias;

	/* Calling set_brk effectively mmaps the pages that we need
	 * for the bss and break sections.  We must do this before
	 * mapping in the interpreter, to make sure it doesn't wind
	 * up getting placed where the bss needs to go.
	 */
	retval = set_brk(elf_bss, elf_brk);
	if (retval) {
		send_sig(SIGKILL, current, 0);
		goto out_free_dentry;
	}
	padzero(elf_bss);

#ifdef CONFIG_GRKERNSEC_PAX_RANDMMAP

#ifdef CONFIG_GRKERNSEC_PAX_SOFTMODE
	if (pax_aslr)
#endif

	if (current->flags & PF_PAX_RANDMMAP)
		elf_brk += PAGE_SIZE + pax_delta_mask(get_random_long(), 4, PAGE_SHIFT);
#undef pax_delta_mask
#endif

	/* Calling set_brk effectively mmaps the pages that we need
	 * for the bss and break sections
	 */
	set_brk(elf_bss, elf_brk);

	padzero(elf_bss);

	if (elf_interpreter) {
		if (interpreter_type == INTERPRETER_AOUT)
			elf_entry = load_aout_interp(&interp_ex,

It seems patch made a mess, notice the repetition :-( This makes me
lose confidence in the patch because there may be other places where
it also made a mess but didn't complain... Is this possible?


More information about the grsecurity mailing list