Date: Thu, 5 Nov 1998 09:55:42 +0100 From: Ernst Jan Plugge <rmc@DDS.NL> Subject: Secure-linux patch To: BUGTRAQ@NETSPACE.ORG Now that Red Hat 5.2 is out, with a pre-2.0.36 kernel, people will find that Solar Designer's secure-linux patch doesn't apply cleanly to the new source tree. The following patch against the 2.0.35 version of the patch will make it apply cleanly with the -p 1 option. The changes are trivial. Please note that this is a patch against the patch -- it is NOT a full version of the secure-linux patch. Solar Designer's patch can be found at <http://www.false.com/security/linux/>. The new patch will probably not apply cleanly to a stock pre-2.0.36 kernel, because of Red Hat's own kernel patches, although the difference should be no more than a few line offsets. Whether or not the new patch will apply cleanly to 2.0.36 when it is officially released is not known. This small patch is just intended for Red Hat 5.2 users wishing to do a quick upgrade or install new machines without missing out on secure-linux's features. Y.T., Ernst Jan Plugge - rmc@dds.nl Network Security Consultant -- --- secure-linux-2.0.35.diff Thu Jul 30 01:54:40 1998 +++ secure-linux-2.0.36.diff Thu Nov 5 09:22:06 1998 @@ -1,9 +1,9 @@ diff -urPX nopatch linux-2.0.35/Documentation/Configure.help linux/Documentation/Configure.help --- linux-2.0.35/Documentation/Configure.help Sat Jul 18 22:46:27 1998 +++ linux/Documentation/Configure.help Sat Jul 18 23:42:07 1998 -@@ -4593,6 +4593,75 @@ - removed from the running kernel whenever you want), say M and read - Documentation/modules.txt. If unsure, say Y. +@@ -4702,6 +4702,75 @@ + rules require. If you have a PPro or later SMP and one or more CPU's + report a value of about 2-3 bogomips enable this. +Non-executable user stack area +CONFIG_SECURE_STACK @@ -109,7 +109,7 @@ diff -urPX nopatch linux-2.0.35/arch/i386/config.in linux/arch/i386/config.in --- linux-2.0.35/arch/i386/config.in Mon May 13 08:17:23 1996 +++ linux/arch/i386/config.in Sat Jul 18 23:42:07 1998 -@@ -104,6 +104,21 @@ +@@ -110,6 +110,21 @@ endmenu mainmenu_option next_comment @@ -134,8 +134,8 @@ diff -urPX nopatch linux-2.0.35/arch/i386/defconfig linux/arch/i386/defconfig --- linux-2.0.35/arch/i386/defconfig Sat Jul 18 22:46:29 1998 +++ linux/arch/i386/defconfig Sat Jul 18 23:42:07 1998 -@@ -204,6 +204,16 @@ - # CONFIG_SOUND is not set +@@ -501,6 +501,16 @@ + # CONFIG_AEDSP16_MPU401 is not set # +# Security @@ -300,15 +300,7 @@ return; if (regs->cs & 3) { esp = regs->esp; -@@ -192,12 +192,19 @@ - DO_ERROR(17, SIGSEGV, "alignment check", alignment_check, current) - DO_ERROR(18, SIGSEGV, "reserved", reserved, current) - --/* signal_return is directly after ret_from_sys_call in entry.S */ -+/* divide_error is after ret_from_sys_call in entry.S */ - asmlinkage void ret_from_sys_call(void) __asm__("ret_from_sys_call"); --asmlinkage void signal_return(void) __asm__("signal_return"); -+asmlinkage void divide_error(void) __asm__("divide_error"); +@@ -198,6 +198,13 @@ asmlinkage void do_general_protection(struct pt_regs * regs, long error_code) { @@ -322,18 +314,15 @@ if (regs->eflags & VM_MASK) { handle_vm86_fault((struct vm86_regs *) regs, error_code); return; -@@ -208,9 +215,9 @@ +@@ -208,7 +215,7 @@ * barfage for 2.0 has been put into the too-hard basket but having * a user producing endless GPFs is unacceptable as well. - Paul G. */ - if ((regs->cs & 3) != 3) { + if ((regs->cs & 3) < 2) { if (regs->eip >= (unsigned long)ret_from_sys_call && -- regs->eip < (unsigned long)signal_return) { -+ regs->eip < (unsigned long)divide_error) { + regs->eip < (unsigned long)divide_error) { static int moancount = 0; - if (moancount < 5) { - printk(KERN_INFO "Ignoring GPF attempt from program \"%s\" (pid %d).\n", @@ -219,9 +226,111 @@ } do_exit(SIGSEGV); @@ -895,7 +884,7 @@ /* * System setup and hardware bug flags.. -@@ -41,7 +43,17 @@ +@@ -88,7 +90,17 @@ */ #define TASK_SIZE (0xC0000000UL) #define MAX_USER_ADDR TASK_SIZE @@ -913,7 +902,7 @@ /* * Size of io_bitmap in longwords: 32 is ports 0-0x3ff. -@@ -136,14 +148,6 @@ +@@ -183,14 +195,6 @@ #define alloc_kernel_stack() __get_free_page(GFP_KERNEL) #define free_kernel_stack(page) free_page((page)) @@ -928,7 +917,7 @@ /* * Return saved PC of a blocked thread. */ -@@ -153,3 +157,25 @@ +@@ -200,3 +204,25 @@ } #endif /* __ASM_I386_PROCESSOR_H */