/[linux-patches]/hardened/2.6/tags/2.6.18-4/4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch
Gentoo

Contents of /hardened/2.6/tags/2.6.18-4/4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 761 - (show annotations) (download)
Sun Dec 10 14:27:08 2006 UTC (7 years, 8 months ago) by phreak
File size: 6771 byte(s)
Fixing 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch in 2.6.18-4.
1 From: Alexander Gabert <pappy@gentoo.org>
2
3 This patch reworks the logic behind GRKERNSEC_IO and GRKERNSEC_KMEM, making it less
4 intrusive and adding support for sysctl.
5
6 This patch is based on the work of Peter S. Mazinger (ps dot m at gmx dot net)
7 and Nedd Ludd <solar@gentoo.org>.
8
9 Index: linux-2.6.18/arch/i386/kernel/ioport.c
10 ===================================================================
11 --- linux-2.6.18.orig/arch/i386/kernel/ioport.c
12 +++ linux-2.6.18/arch/i386/kernel/ioport.c
13 @@ -17,6 +17,7 @@
14 #include <linux/slab.h>
15 #include <linux/thread_info.h>
16 #include <linux/grsecurity.h>
17 +#include <linux/grinternal.h>
18
19 /* Set EXTENT bits starting at BASE in BITMAP to value TURN_ON. */
20 static void set_bitmap(unsigned long *bitmap, unsigned int base, unsigned int extent, int new_value)
21 @@ -65,18 +66,21 @@ asmlinkage long sys_ioperm(unsigned long
22
23 if ((from + num <= from) || (from + num > IO_BITMAP_BITS))
24 return -EINVAL;
25 -#ifdef CONFIG_GRKERNSEC_IO
26 +
27 if (turn_on) {
28 - gr_handle_ioperm();
29 +#ifdef CONFIG_GRKERNSEC_IO
30 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_io)) {
31 #else
32 - if (turn_on && !capable(CAP_SYS_RAWIO))
33 + if (grsec_enable_secure_io) {
34 #endif
35 - return -EPERM;
36 -#ifdef CONFIG_GRKERNSEC_IO
37 + gr_handle_ioperm();
38 + return -EPERM;
39 + } else if (!capable(CAP_SYS_RAWIO)) {
40 + return -EPERM;
41 + }
42 }
43 -#endif
44 - /*
45 - * If it's the first ioperm() call in this thread's lifetime, set the
46 +
47 + /* If it's the first ioperm() call in this thread's lifetime, set the
48 * IO bitmap up. ioperm() is much less timing critical than clone(),
49 * this is why we delay this operation until now:
50 */
51 @@ -152,13 +156,17 @@ asmlinkage long sys_iopl(unsigned long u
52 /* Trying to gain more privileges? */
53 if (level > old) {
54 #ifdef CONFIG_GRKERNSEC_IO
55 - gr_handle_iopl();
56 - return -EPERM;
57 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_io)) {
58 #else
59 - if (!capable(CAP_SYS_RAWIO))
60 - return -EPERM;
61 + if (grsec_enable_secure_io) {
62 #endif
63 + gr_handle_iopl();
64 + return -EPERM;
65 + } else if (!capable(CAP_SYS_RAWIO)) {
66 + return -EPERM;
67 + }
68 }
69 +
70 t->iopl = level << 12;
71 regs->eflags = (regs->eflags & ~X86_EFLAGS_IOPL) | t->iopl;
72 set_iopl_mask(t->iopl);
73 Index: linux-2.6.18/drivers/char/mem.c
74 ===================================================================
75 --- linux-2.6.18.orig/drivers/char/mem.c
76 +++ linux-2.6.18/drivers/char/mem.c
77 @@ -27,6 +27,7 @@
78 #include <linux/bootmem.h>
79 #include <linux/pipe_fs_i.h>
80 #include <linux/grsecurity.h>
81 +#include <linux/grinternal.h>
82
83 #include <asm/uaccess.h>
84 #include <asm/io.h>
85 @@ -179,9 +180,13 @@ static ssize_t write_mem(struct file * f
86 return -EFAULT;
87
88 #ifdef CONFIG_GRKERNSEC_KMEM
89 - gr_handle_mem_write();
90 - return -EPERM;
91 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_kmem)) {
92 +#else
93 + if (grsec_enable_secure_kmem) {
94 #endif
95 + gr_handle_mem_write();
96 + return -EPERM;
97 + }
98
99 written = 0;
100
101 @@ -260,9 +265,13 @@ static int mmap_mem(struct file * file,
102 vma->vm_page_prot);
103
104 #ifdef CONFIG_GRKERNSEC_KMEM
105 - if (gr_handle_mem_mmap(vma->vm_pgoff << PAGE_SHIFT, vma))
106 - return -EPERM;
107 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_kmem)) {
108 +#else
109 + if (grsec_enable_secure_kmem) {
110 #endif
111 + if (gr_handle_mem_mmap(vma->vm_pgoff << PAGE_SHIFT, vma))
112 + return -EPERM;
113 + }
114
115 /* Remap-pfn-range will mark the range VM_IO and VM_RESERVED */
116 if (remap_pfn_range(vma,
117 @@ -492,9 +501,13 @@ static ssize_t write_kmem(struct file *
118 char * kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
119
120 #ifdef CONFIG_GRKERNSEC_KMEM
121 - gr_handle_kmem_write();
122 - return -EPERM;
123 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_kmem)) {
124 +#else
125 + if (grsec_enable_secure_kmem) {
126 #endif
127 + gr_handle_kmem_write();
128 + return -EPERM;
129 + }
130
131 if (p < (unsigned long) high_memory) {
132
133 @@ -802,9 +815,13 @@ static loff_t memory_lseek(struct file *
134 static int open_port(struct inode * inode, struct file * filp)
135 {
136 #ifdef CONFIG_GRKERNSEC_KMEM
137 - gr_handle_open_port();
138 - return -EPERM;
139 + if (!grsec_lock || (grsec_lock && grsec_enable_secure_kmem)) {
140 +#else
141 + if (grsec_enable_secure_kmem) {
142 #endif
143 + gr_handle_open_port();
144 + return -EPERM;
145 + }
146
147 return capable(CAP_SYS_RAWIO) ? 0 : -EPERM;
148 }
149 Index: linux-2.6.18/grsecurity/grsec_init.c
150 ===================================================================
151 --- linux-2.6.18.orig/grsecurity/grsec_init.c
152 +++ linux-2.6.18/grsecurity/grsec_init.c
153 @@ -46,6 +46,8 @@ int grsec_enable_socket_client;
154 int grsec_socket_client_gid;
155 int grsec_enable_socket_server;
156 int grsec_socket_server_gid;
157 +int grsec_enable_secure_io;
158 +int grsec_enable_secure_kmem;
159 int grsec_resource_logging;
160 int grsec_lock;
161
162 @@ -230,6 +232,12 @@ grsecurity_init(void)
163 grsec_enable_socket_server = 1;
164 grsec_socket_server_gid = CONFIG_GRKERNSEC_SOCKET_SERVER_GID;
165 #endif
166 +#ifdef CONFIG_GRKERNSEC_IO
167 + grsec_enable_secure_io = 1;
168 +#endif
169 +#ifdef CONFIG_GRKERNSEC_KMEM
170 + grsec_enable_secure_kmem = 1;
171 +#endif
172 #endif
173
174 return;
175 Index: linux-2.6.18/grsecurity/grsec_sysctl.c
176 ===================================================================
177 --- linux-2.6.18.orig/grsecurity/grsec_sysctl.c
178 +++ linux-2.6.18/grsecurity/grsec_sysctl.c
179 @@ -36,7 +36,7 @@ GS_CHROOT_SYSCTL, GS_TPE, GS_TPE_GID, GS
180 GS_RANDPID, GS_SOCKET_ALL, GS_SOCKET_ALL_GID, GS_SOCKET_CLIENT,
181 GS_SOCKET_CLIENT_GID, GS_SOCKET_SERVER, GS_SOCKET_SERVER_GID,
182 GS_GROUP, GS_GID, GS_ACHDIR, GS_AMOUNT, GS_AIPC, GS_DMSG,
183 -GS_TEXTREL, GS_FINDTASK, GS_SHM, GS_LOCK, GS_MODSTOP, GS_RESLOG};
184 +GS_TEXTREL, GS_FINDTASK, GS_SHM, GS_IO, GS_KMEM, GS_LOCK, GS_MODSTOP, GS_RESLOG};
185
186
187 ctl_table grsecurity_table[] = {
188 @@ -431,6 +431,26 @@ ctl_table grsecurity_table[] = {
189 .proc_handler = &proc_dointvec,
190 },
191 #endif
192 +#ifdef CONFIG_GRKERNSEC_IO
193 + {
194 + .ctl_name = GS_IO,
195 + .procname = "secure_io",
196 + .data = &grsec_enable_secure_io,
197 + .maxlen = sizeof(int),
198 + .mode = 0600,
199 + .proc_handler = &proc_dointvec,
200 + },
201 +#endif
202 +#ifdef CONFIG_GRKERNSEC_KMEM
203 + {
204 + .ctl_name = GS_KMEM,
205 + .procname = "secure_kmem",
206 + .data = &grsec_enable_secure_kmem,
207 + .maxlen = sizeof(int),
208 + .mode = 0600,
209 + .proc_handler = &proc_dointvec,
210 + },
211 +#endif
212 {
213 .ctl_name = GS_LOCK,
214 .procname = "grsec_lock",
215 Index: linux-2.6.18/include/linux/grsecurity.h
216 ===================================================================
217 --- linux-2.6.18.orig/include/linux/grsecurity.h
218 +++ linux-2.6.18/include/linux/grsecurity.h
219 @@ -188,6 +188,8 @@ extern int gr_handle_mem_mmap(const unsi
220 extern unsigned long pax_get_random_long(void);
221 #define get_random_long() pax_get_random_long()
222
223 +extern int grsec_enable_secure_io;
224 +extern int grsec_enable_secure_kmem;
225 extern int grsec_enable_dmesg;
226 extern int grsec_enable_randsrc;
227 extern int grsec_enable_shm;

  ViewVC Help
Powered by ViewVC 1.1.20