[grsec] using 25.10 patch with 25.12?
Carlos Carvalho
carlos at fisica.ufpr.br
Sun Jul 27 15:09:23 EDT 2008
Applying the 25.10 patch to the 2.6.25.12 tree there is this reject:
*************** int setup_arg_pages(struct linux_binprm
*** 605,612 ****
bprm->exec -= stack_shift;
down_write(&mm->mmap_sem);
vm_flags = vma->vm_flags;
/*
* Adjust stack execute permissions; explicitly enable for
* EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone
--- 618,637 ----
bprm->exec -= stack_shift;
down_write(&mm->mmap_sem);
+
+ /* Move stack pages down in memory. */
+ if (stack_shift) {
+ ret = shift_arg_pages(vma, stack_shift);
+ if (ret)
+ goto out_unlock;
+ }
+
vm_flags = vma->vm_flags;
+ #ifdef CONFIG_PAX_SEGMEXEC
+ vm_flags |= VM_STACK_FLAGS & (VM_EXEC | VM_MAYEXEC);
+ #endif
+
/*
* Adjust stack execute permissions; explicitly enable for
* EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone
It seems it can be applied by hand. Is this right?
More information about the grsecurity
mailing list