mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-22 06:51:26 +02:00
sys-kernel/coreos-*: fix VM_BUG_ON() in stack gap fix
This commit is contained in:
Benjamin Gilbert
parent
4b08342fe3
commit
a2b420e6c6
@ -2,7 +2,7 @@
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=5
|
||||
COREOS_SOURCE_REVISION=""
|
||||
COREOS_SOURCE_REVISION="-r1"
|
||||
inherit coreos-kernel
|
||||
|
||||
DESCRIPTION="CoreOS Linux kernel"
|
||||
@ -2,7 +2,7 @@
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=5
|
||||
COREOS_SOURCE_REVISION=""
|
||||
COREOS_SOURCE_REVISION="-r1"
|
||||
inherit coreos-kernel savedconfig
|
||||
|
||||
DESCRIPTION="CoreOS Linux kernel modules"
|
||||
@ -45,4 +45,5 @@ UNIPATCH_LIST="
|
||||
${PATCH_DIR}/z0023-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch \
|
||||
${PATCH_DIR}/z0024-Add-arm64-coreos-verity-hash.patch \
|
||||
${PATCH_DIR}/z0025-mm-larger-stack-guard-gap-between-vmas.patch \
|
||||
${PATCH_DIR}/z0026-mm-fix-new-crash-in-unmapped_area_topdown.patch \
|
||||
"
|
||||
@ -1,7 +1,7 @@
|
||||
From fd884cf2511d381bbf180714adabbf49f3b2779a Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Mon, 21 Nov 2016 23:55:55 +0000
|
||||
Subject: [PATCH 01/25] efi: Add EFI_SECURE_BOOT bit
|
||||
Subject: [PATCH 01/26] efi: Add EFI_SECURE_BOOT bit
|
||||
|
||||
UEFI machines can be booted in Secure Boot mode. Add a EFI_SECURE_BOOT bit
|
||||
that can be passed to efi_enabled() to find out whether secure boot is
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 031d0e66222dcc1f8e659ea4dec906828739b442 Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Mon, 21 Nov 2016 23:36:17 +0000
|
||||
Subject: [PATCH 02/25] Add the ability to lock down access to the running
|
||||
Subject: [PATCH 02/26] Add the ability to lock down access to the running
|
||||
kernel image
|
||||
|
||||
Provide a single call to allow kernel code to determine whether the system
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 8b8192d581d483984d4bff7ba86acfb748bb13c0 Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Mon, 21 Nov 2016 23:55:55 +0000
|
||||
Subject: [PATCH 03/25] efi: Lock down the kernel if booted in secure boot mode
|
||||
Subject: [PATCH 03/26] efi: Lock down the kernel if booted in secure boot mode
|
||||
|
||||
UEFI Secure Boot provides a mechanism for ensuring that the firmware will
|
||||
only load signed bootloaders and kernels. Certain use cases may also
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 44c06553478bda830c83cfcff1169386757bfa5e Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 23 Nov 2016 13:22:22 +0000
|
||||
Subject: [PATCH 04/25] Enforce module signatures if the kernel is locked down
|
||||
Subject: [PATCH 04/26] Enforce module signatures if the kernel is locked down
|
||||
|
||||
If the kernel is locked down, require that all modules have valid
|
||||
signatures that we can verify.
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From ebcf469083241dcddd27f65d8465957d9c5374c9 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:16 +0000
|
||||
Subject: [PATCH 05/25] Restrict /dev/mem and /dev/kmem when the kernel is
|
||||
Subject: [PATCH 05/26] Restrict /dev/mem and /dev/kmem when the kernel is
|
||||
locked down
|
||||
|
||||
Allowing users to write to address space makes it possible for the kernel to
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 9db5ea1dbc604754bf41fab3383fd8743ae6a42f Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:15 +0000
|
||||
Subject: [PATCH 06/25] kexec: Disable at runtime if the kernel is locked down
|
||||
Subject: [PATCH 06/26] kexec: Disable at runtime if the kernel is locked down
|
||||
|
||||
kexec permits the loading and execution of arbitrary code in ring 0, which
|
||||
is something that lock-down is meant to prevent. It makes sense to disable
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 84196308f898ed6739af65d69e2b077b541153e1 Mon Sep 17 00:00:00 2001
|
||||
From: Dave Young <dyoung@redhat.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:15 +0000
|
||||
Subject: [PATCH 07/25] Copy secure_boot flag in boot params across kexec
|
||||
Subject: [PATCH 07/26] Copy secure_boot flag in boot params across kexec
|
||||
reboot
|
||||
|
||||
Kexec reboot in case secure boot being enabled does not keep the secure
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 6d464109d41e58169e6121d844765443a23f0a37 Mon Sep 17 00:00:00 2001
|
||||
From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
|
||||
Date: Wed, 23 Nov 2016 13:49:19 +0000
|
||||
Subject: [PATCH 08/25] kexec_file: Disable at runtime if securelevel has been
|
||||
Subject: [PATCH 08/26] kexec_file: Disable at runtime if securelevel has been
|
||||
set
|
||||
|
||||
When KEXEC_VERIFY_SIG is not enabled, kernel should not loads image
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From ca4d2b0d492a011f3f04ca27112dc897afa6cd6c Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Tue, 22 Nov 2016 08:46:15 +0000
|
||||
Subject: [PATCH 09/25] hibernate: Disable when the kernel is locked down
|
||||
Subject: [PATCH 09/26] hibernate: Disable when the kernel is locked down
|
||||
|
||||
There is currently no way to verify the resume image when returning
|
||||
from hibernate. This might compromise the signed modules trust model,
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 71a51cb3bf8ccadcd8909fd83d69ded308654c17 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <mjg59@srcf.ucam.org>
|
||||
Date: Wed, 23 Nov 2016 13:28:17 +0000
|
||||
Subject: [PATCH 10/25] uswsusp: Disable when the kernel is locked down
|
||||
Subject: [PATCH 10/26] uswsusp: Disable when the kernel is locked down
|
||||
|
||||
uswsusp allows a user process to dump and then restore kernel state, which
|
||||
makes it possible to modify the running kernel. Disable this if the kernel
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 723299a61788af79dde4257a756aeba12ba1ae4a Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:15 +0000
|
||||
Subject: [PATCH 11/25] PCI: Lock down BAR access when the kernel is locked
|
||||
Subject: [PATCH 11/26] PCI: Lock down BAR access when the kernel is locked
|
||||
down
|
||||
|
||||
Any hardware that can potentially generate DMA has to be locked down in
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 6082b23ef0f4f4e8ab59d3bb4a9f0fd5847f560e Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:16 +0000
|
||||
Subject: [PATCH 12/25] x86: Lock down IO port access when the kernel is locked
|
||||
Subject: [PATCH 12/26] x86: Lock down IO port access when the kernel is locked
|
||||
down
|
||||
|
||||
IO port access would permit users to gain access to PCI configuration
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From c281b90cf4a02a233765fcf5901b9d6ec3718966 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:17 +0000
|
||||
Subject: [PATCH 13/25] x86: Restrict MSR access when the kernel is locked down
|
||||
Subject: [PATCH 13/26] x86: Restrict MSR access when the kernel is locked down
|
||||
|
||||
Writing to MSRs should not be allowed if the kernel is locked down, since
|
||||
it could lead to execution of arbitrary code in kernel mode. Based on a
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 3991f2855a05f21641d223f05b822abc46b388b1 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:16 +0000
|
||||
Subject: [PATCH 14/25] asus-wmi: Restrict debugfs interface when the kernel is
|
||||
Subject: [PATCH 14/26] asus-wmi: Restrict debugfs interface when the kernel is
|
||||
locked down
|
||||
|
||||
We have no way of validating what all of the Asus WMI methods do on a given
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 8d62701b2c57b2e472a80393e3e976f1ade21dac Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:16 +0000
|
||||
Subject: [PATCH 15/25] ACPI: Limit access to custom_method when the kernel is
|
||||
Subject: [PATCH 15/26] ACPI: Limit access to custom_method when the kernel is
|
||||
locked down
|
||||
|
||||
custom_method effectively allows arbitrary access to system memory, making
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 953a0fc5063cd15031a4d6b328b5c9f1d2e71902 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@redhat.com>
|
||||
Date: Tue, 22 Nov 2016 08:46:16 +0000
|
||||
Subject: [PATCH 16/25] acpi: Ignore acpi_rsdp kernel param when the kernel has
|
||||
Subject: [PATCH 16/26] acpi: Ignore acpi_rsdp kernel param when the kernel has
|
||||
been locked down
|
||||
|
||||
This option allows userspace to pass the RSDP address to the kernel, which
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 7ad375dfa5b163a2d1918647f245d4f18811fbdf Mon Sep 17 00:00:00 2001
|
||||
From: Linn Crosetto <linn@hpe.com>
|
||||
Date: Wed, 23 Nov 2016 13:32:27 +0000
|
||||
Subject: [PATCH 17/25] acpi: Disable ACPI table override if the kernel is
|
||||
Subject: [PATCH 17/26] acpi: Disable ACPI table override if the kernel is
|
||||
locked down
|
||||
|
||||
From the kernel documentation (initrd_table_override.txt):
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 0aaecda5c1b5f825b9cd2046e40d82b7ab811a95 Mon Sep 17 00:00:00 2001
|
||||
From: Linn Crosetto <linn@hpe.com>
|
||||
Date: Wed, 23 Nov 2016 13:39:41 +0000
|
||||
Subject: [PATCH 18/25] acpi: Disable APEI error injection if the kernel is
|
||||
Subject: [PATCH 18/26] acpi: Disable APEI error injection if the kernel is
|
||||
locked down
|
||||
|
||||
ACPI provides an error injection mechanism, EINJ, for debugging and testing
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From cbdbd3c0ff6d98dba590cd3f4978c9b318ef1656 Mon Sep 17 00:00:00 2001
|
||||
From: "Lee, Chun-Yi" <jlee@suse.com>
|
||||
Date: Wed, 23 Nov 2016 13:52:16 +0000
|
||||
Subject: [PATCH 19/25] bpf: Restrict kernel image access functions when the
|
||||
Subject: [PATCH 19/26] bpf: Restrict kernel image access functions when the
|
||||
kernel is locked down
|
||||
|
||||
There are some bpf functions can be used to read kernel memory:
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 32c85f7a1d68ae1b947d305b2f73c1e2c46ecb1c Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Tue, 22 Nov 2016 10:10:34 +0000
|
||||
Subject: [PATCH 20/25] scsi: Lock down the eata driver
|
||||
Subject: [PATCH 20/26] scsi: Lock down the eata driver
|
||||
|
||||
When the kernel is running in secure boot mode, we lock down the kernel to
|
||||
prevent userspace from modifying the running kernel image. Whilst this
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From e835b3d609297875784bc7835cde55bfc8a40f7e Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Fri, 25 Nov 2016 14:37:45 +0000
|
||||
Subject: [PATCH 21/25] Prohibit PCMCIA CIS storage when the kernel is locked
|
||||
Subject: [PATCH 21/26] Prohibit PCMCIA CIS storage when the kernel is locked
|
||||
down
|
||||
|
||||
Prohibit replacement of the PCMCIA Card Information Structure when the
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 9b09194823ad294e0a41de6b7ff9ee47e8e1e9cb Mon Sep 17 00:00:00 2001
|
||||
From: David Howells <dhowells@redhat.com>
|
||||
Date: Wed, 7 Dec 2016 10:28:39 +0000
|
||||
Subject: [PATCH 22/25] Lock down TIOCSSERIAL
|
||||
Subject: [PATCH 22/26] Lock down TIOCSSERIAL
|
||||
|
||||
Lock down TIOCSSERIAL as that can be used to change the ioport and irq
|
||||
settings on a serial port. This only appears to be an issue for the serial
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From cec28fd85530cf618a0c5412e5845130cdec93ad Mon Sep 17 00:00:00 2001
|
||||
From: Vito Caputo <vito.caputo@coreos.com>
|
||||
Date: Wed, 25 Nov 2015 02:59:45 -0800
|
||||
Subject: [PATCH 23/25] kbuild: derive relative path for KBUILD_SRC from CURDIR
|
||||
Subject: [PATCH 23/26] kbuild: derive relative path for KBUILD_SRC from CURDIR
|
||||
|
||||
This enables relocating source and build trees to different roots,
|
||||
provided they stay reachable relative to one another. Useful for
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From 6869be30ef74913549956bcaa4c90f98e85d9ee2 Mon Sep 17 00:00:00 2001
|
||||
From: Geoff Levand <geoff@infradead.org>
|
||||
Date: Fri, 11 Nov 2016 17:28:52 -0800
|
||||
Subject: [PATCH 24/25] Add arm64 coreos verity hash
|
||||
Subject: [PATCH 24/26] Add arm64 coreos verity hash
|
||||
|
||||
Signed-off-by: Geoff Levand <geoff@infradead.org>
|
||||
---
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
From f87c64a5210a044c70a3f3b1e1f94c0d5e77e25d Mon Sep 17 00:00:00 2001
|
||||
From: Hugh Dickins <hughd@google.com>
|
||||
Date: Mon, 19 Jun 2017 04:03:24 -0700
|
||||
Subject: [PATCH 25/25] mm: larger stack guard gap, between vmas
|
||||
Subject: [PATCH 25/26] mm: larger stack guard gap, between vmas
|
||||
|
||||
commit 1be7107fbe18eed3e319a6c3e83c78254b693acb upstream.
|
||||
|
||||
|
||||
@ -0,0 +1,50 @@
|
||||
From c462b13be57c29509b945f12b239bb90eba89d3c Mon Sep 17 00:00:00 2001
|
||||
From: Hugh Dickins <hughd@google.com>
|
||||
Date: Tue, 20 Jun 2017 02:10:44 -0700
|
||||
Subject: [PATCH 26/26] mm: fix new crash in unmapped_area_topdown()
|
||||
|
||||
Trinity gets kernel BUG at mm/mmap.c:1963! in about 3 minutes of
|
||||
mmap testing. That's the VM_BUG_ON(gap_end < gap_start) at the
|
||||
end of unmapped_area_topdown(). Linus points out how MAP_FIXED
|
||||
(which does not have to respect our stack guard gap intentions)
|
||||
could result in gap_end below gap_start there. Fix that, and
|
||||
the similar case in its alternative, unmapped_area().
|
||||
|
||||
Cc: stable@vger.kernel.org
|
||||
Fixes: 1be7107fbe18 ("mm: larger stack guard gap, between vmas")
|
||||
Reported-by: Dave Jones <davej@codemonkey.org.uk>
|
||||
Debugged-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Signed-off-by: Hugh Dickins <hughd@google.com>
|
||||
Acked-by: Michal Hocko <mhocko@suse.com>
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
---
|
||||
mm/mmap.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/mm/mmap.c b/mm/mmap.c
|
||||
index 116ea08..ad54b9f 100644
|
||||
--- a/mm/mmap.c
|
||||
+++ b/mm/mmap.c
|
||||
@@ -1817,7 +1817,8 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info)
|
||||
/* Check if current node has a suitable gap */
|
||||
if (gap_start > high_limit)
|
||||
return -ENOMEM;
|
||||
- if (gap_end >= low_limit && gap_end - gap_start >= length)
|
||||
+ if (gap_end >= low_limit &&
|
||||
+ gap_end > gap_start && gap_end - gap_start >= length)
|
||||
goto found;
|
||||
|
||||
/* Visit right subtree if it looks promising */
|
||||
@@ -1920,7 +1921,8 @@ unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info)
|
||||
gap_end = vm_start_gap(vma);
|
||||
if (gap_end < low_limit)
|
||||
return -ENOMEM;
|
||||
- if (gap_start <= high_limit && gap_end - gap_start >= length)
|
||||
+ if (gap_start <= high_limit &&
|
||||
+ gap_end > gap_start && gap_end - gap_start >= length)
|
||||
goto found;
|
||||
|
||||
/* Visit left subtree if it looks promising */
|
||||
--
|
||||
2.9.4
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user