Djam/kernel-6.1
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/kernel-6.1.git synced 2025-02-25 08:12:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revisited the patch for memory sanitization

Browse source 
Based on the patch by Grsecurity:
https://grsecurity.net/test/grsecurity-3.1-4.6.5-201607272152.patch
This commit is contained in:
Evgenii Shatokhin 2016-07-29 15:08:52 +03:00
parent 5533da8c64
commit 47fe53318a
1 changed files with 16 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
sanitize-memory.patch
View file

@ -1,5 +1,5 @@
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 0b3de80..2125a49 100644 index 0b3de80..2167ea0 100644
--- a/Documentation/kernel-parameters.txt --- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt
@@ -2818,6 +2818,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. @@ -2818,6 +2818,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
@ -222,25 +222,33 @@ index 5ec1580..385cdbc 100644
/* This slob page is about to become partially free. Easy! */ /* This slob page is about to become partially free. Easy! */
sp->units = units; sp->units = units;
diff --git a/mm/slub.c b/mm/slub.c diff --git a/mm/slub.c b/mm/slub.c
index 4dbb109e..aba52e1 100644 index 4dbb109e..da2dc67 100644
--- a/mm/slub.c --- a/mm/slub.c
+++ b/mm/slub.c +++ b/mm/slub.c
@@ -2778,6 +2778,14 @@ static __always_inline void slab_free(struct kmem_cache *s, struct page *page, @@ -2778,6 +2778,22 @@ static __always_inline void slab_free(struct kmem_cache *s, struct page *page,
slab_free_freelist_hook(s, head, tail); slab_free_freelist_hook(s, head, tail);
+#ifdef CONFIG_PAX_MEMORY_SANITIZE +#ifdef CONFIG_PAX_MEMORY_SANITIZE
+ if (pax_sanitize_slab && !(s->flags & SLAB_NO_SANITIZE)) { + if (pax_sanitize_slab && !(s->flags & SLAB_NO_SANITIZE)) {
+ memset(x, PAX_MEMORY_SANITIZE_VALUE, s->object_size); + int offset = s->offset ? 0 : sizeof(void *);
+ void *x = head;
+
+ while (1) {
+ memset(x + offset, PAX_MEMORY_SANITIZE_VALUE, s->object_size - offset);
+ if (s->ctor) + if (s->ctor)
+ s->ctor(x); + s->ctor(x);
+ if (x == tail_obj)
+ break;
+ x = get_freepointer(s, x);
+ }
+ } + }
+#endif +#endif
+ +
redo: redo:
/* /*
* Determine the currently cpus per cpu slab. * Determine the currently cpus per cpu slab.
@@ -3291,6 +3299,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) @@ -3291,6 +3307,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order)
s->inuse = size; s->inuse = size;
if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) || if (((flags & (SLAB_DESTROY_BY_RCU | SLAB_POISON)) ||
@ -272,7 +280,7 @@ index 59bf4d7..69f08cd 100644
} }
diff --git a/security/Kconfig b/security/Kconfig diff --git a/security/Kconfig b/security/Kconfig
index e452378..0847880 100644 index e452378..a7ca1d9 100644
--- a/security/Kconfig --- a/security/Kconfig
+++ b/security/Kconfig +++ b/security/Kconfig
@@ -6,6 +6,37 @@ menu "Security options" @@ -6,6 +6,37 @@ menu "Security options"