![](/themes/blju2/spacer.gif)
|
![](/themes/blju2/spacer.gif) |
Новини » Сигурност
Коментар от: euphoria |
Дата: 10-01-2005 |
[ Други коментари] |
Аз, за това и спрях да пиша тук новини от типа *critical*. За тия които не са намерили patch ето го тук :
diff -ur linux-2.6.10/arch/mips/kernel/irixelf.c linux-2.6.10.plasmaroo/arch/mips/kernel/irixelf.c
--- linux-2.6.10/arch/mips/kernel/irixelf.c 2004-12-24 21:35:50.000000000 +0000
+++ linux-2.6.10.plasmaroo/arch/mips/kernel/irixelf.c 2005-01-07 15:36:00.383356800 +0000
@@ -127,7 +127,7 @@
end = PAGE_ALIGN(end);
if (end <= start)
return;
- do_brk(start, end - start);
+ do_brk_locked(start, end - start);
}
@@ -375,7 +375,7 @@
/* Map the last of the bss segment */
if (last_bss > len) {
- do_brk(len, (last_bss - len));
+ do_brk_locked(len, (last_bss - len));
}
kfree(elf_phdata);
@@ -562,7 +562,7 @@
unsigned long v;
struct prda *pp;
- v = do_brk (PRDA_ADDRESS, PAGE_SIZE);
+ v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
if (v < 0)
return;
@@ -853,7 +853,7 @@
len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
if (bss > len)
- do_brk(len, bss-len);
+ do_brk_locked(len, bss-len);
kfree(elf_phdata);
return 0;
}
diff -ur linux-2.6.10/arch/sparc64/kernel/binfmt_aout32.c linux-2.6.10.plasmaroo/arch/sparc64/kernel/binfmt_aout32.c
--- linux-2.6.10/arch/sparc64/kernel/binfmt_aout32.c 2004-12-24 21:34:45.000000000 +0000
+++ linux-2.6.10.plasmaroo/arch/sparc64/kernel/binfmt_aout32.c 2005-01-07 15:36:00.432349352 +0000
@@ -49,7 +49,7 @@
end = PAGE_ALIGN(end);
if (end <= start)
return;
- do_brk(start, end - start);
+ do_brk_locked(start, end - start);
}
/*
@@ -246,10 +246,10 @@
if (N_MAGIC(ex) == NMAGIC) {
loff_t pos = fd_offset;
/* Fuck me plenty... */
- error = do_brk(N_TXTADDR(ex), ex.a_text);
+ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
bprm->file->f_op->read(bprm->file, (char __user *)N_TXTADDR(ex),
ex.a_text, &pos);
- error = do_brk(N_DATADDR(ex), ex.a_data);
+ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
bprm->file->f_op->read(bprm->file, (char __user *)N_DATADDR(ex),
ex.a_data, &pos);
goto beyond_if;
@@ -257,7 +257,7 @@
if (N_MAGIC(ex) == OMAGIC) {
loff_t pos = fd_offset;
- do_brk(N_TXTADDR(ex) & PAGE_MASK,
+ do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
ex.a_text+ex.a_data + PAGE_SIZE - 1);
bprm->file->f_op->read(bprm->file, (char __user *)N_TXTADDR(ex),
ex.a_text+ex.a_data, &pos);
@@ -272,7 +272,7 @@
if (!bprm->file->f_op->mmap) {
loff_t pos = fd_offset;
- do_brk(0, ex.a_text+ex.a_data);
+ do_brk_locked(0, ex.a_text+ex.a_data);
bprm->file->f_op->read(bprm->file,
(char __user *)N_TXTADDR(ex),
ex.a_text+ex.a_data, &pos);
@@ -389,7 +389,7 @@
len = PAGE_ALIGN(ex.a_text + ex.a_data);
bss = ex.a_text + ex.a_data + ex.a_bss;
if (bss > len) {
- error = do_brk(start_addr + len, bss - len);
+ error = do_brk_locked(start_addr + len, bss - len);
retval = error;
if (error != start_addr + len)
goto out;
diff -Nur linux-2.6.10/arch/x86_64/ia32/ia32_aout.c linux-2.6.10.plasmaroo/arch/x86_64/ia32/ia32_aout.c
--- linux-2.6.10/arch/x86_64/ia32/ia32_aout.c 2005-01-03 16:17:04.000000000 -0200
+++ linux-2.6.10.plasmaroo/arch/x86_64/ia32/ia32_aout.c 2005-01-03 16:46:53.846823360 -0200
@@ -115,7 +115,7 @@
end = PAGE_ALIGN(end);
if (end <= start)
return;
- do_brk(start, end - start);
+ do_brk_locked(start, end - start);
}
#if CORE_DUMP
@@ -325,7 +325,7 @@
pos = 32;
map_size = ex.a_text+ex.a_data;
- error = do_brk(text_addr & PAGE_MASK, map_size);
+ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
if (error != (text_addr & PAGE_MASK)) {
send_sig(SIGKILL, current, 0);
return error;
@@ -361,7 +361,7 @@
if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
loff_t pos = fd_offset;
- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
ex.a_text+ex.a_data, &pos);
flush_icache_range((unsigned long) N_TXTADDR(ex),
@@ -470,7 +470,7 @@
}
#endif
- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
file->f_op->read(file, (char *)start_addr,
ex.a_text + ex.a_data, &pos);
@@ -494,7 +494,7 @@
len = PAGE_ALIGN(ex.a_text + ex.a_data);
bss = ex.a_text + ex.a_data + ex.a_bss;
if (bss > len) {
- error = do_brk(start_addr + len, bss - len);
+ error = do_brk_locked(start_addr + len, bss - len);
retval = error;
if (error != start_addr + len)
goto out;
diff -ur linux-2.6.10/fs/binfmt_aout.c linux-2.6.10.plasmaroo/fs/binfmt_aout.c
--- linux-2.6.10/fs/binfmt_aout.c 2004-12-24 21:35:50.000000000 +0000
+++ linux-2.6.10.plasmaroo/fs/binfmt_aout.c 2005-01-07 15:36:00.000000000 +0000
@@ -50,7 +50,7 @@
start = PAGE_ALIGN(start);
end = PAGE_ALIGN(end);
if (end > start) {
- unsigned long addr = do_brk(start, end - start);
+ unsigned long addr = do_brk_locked(start, end - start);
if (BAD_ADDR(addr))
return addr;
}
@@ -323,10 +323,10 @@
loff_t pos = fd_offset;
/* Fuck me plenty... */
/* <AOL></AOL> */
- error = do_brk(N_TXTADDR(ex), ex.a_text);
+ error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
ex.a_text, &pos);
- error = do_brk(N_DATADDR(ex), ex.a_data);
+ error = do_brk_locked(N_DATADDR(ex), ex.a_data);
bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
ex.a_data, &pos);
goto beyond_if;
@@ -347,7 +347,7 @@
map_size = ex.a_text+ex.a_data;
#endif
- error = do_brk(text_addr & PAGE_MASK, map_size);
+ error = do_brk_locked(text_addr & PAGE_MASK, map_size);
if (error != (text_addr & PAGE_MASK)) {
send_sig(SIGKILL, current, 0);
return error;
@@ -382,7 +382,7 @@
if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
loff_t pos = fd_offset;
- do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
+ do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
bprm->file->f_op->read(bprm->file,
(char __user *)N_TXTADDR(ex),
ex.a_text+ex.a_data, &pos);
@@ -488,7 +488,7 @@
error_time = jiffies;
}
- do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
+ do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
file->f_op->read(file, (char __user *)start_addr,
ex.a_text + ex.a_data, &pos);
@@ -512,7 +512,7 @@
len = PAGE_ALIGN(ex.a_text + ex.a_data);
bss = ex.a_text + ex.a_data + ex.a_bss;
if (bss > len) {
- error = do_brk(start_addr + len, bss - len);
+ error = do_brk_locked(start_addr + len, bss - len);
retval = error;
if (error != start_addr + len)
goto out;
diff -ur linux-2.6.10/fs/binfmt_elf.c linux-2.6.10.plasmaroo/fs/binfmt_elf.c
--- linux-2.6.10/fs/binfmt_elf.c 2004-12-24 21:34:33.000000000 +0000
+++ linux-2.6.10.plasmaroo/fs/binfmt_elf.c 2005-01-07 15:36:00.000000000 +0000
@@ -88,7 +88,7 @@
start = ELF_PAGEALIGN(start);
end = ELF_PAGEALIGN(end);
if (end > start) {
- unsigned long addr = do_brk(start, end - start);
+ unsigned long addr = do_brk_locked(start, end - start);
if (BAD_ADDR(addr))
return addr;
}
@@ -408,7 +408,7 @@
/* Map the last of the bss segment */
if (last_bss > elf_bss) {
- error = do_brk(elf_bss, last_bss - elf_bss);
+ error = do_brk_locked(elf_bss, last_bss - elf_bss);
if (BAD_ADDR(error))
goto out_close;
}
@@ -448,7 +448,7 @@
goto out;
}
- do_brk(0, text_data);
+ do_brk_locked(0, text_data);
if (!interpreter->f_op || !interpreter->f_op->read)
goto out;
if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
@@ -456,7 +456,7 @@
flush_icache_range((unsigned long)addr,
(unsigned long)addr + text_data);
- do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
+ do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
interp_ex->a_bss);
elf_entry = interp_ex->a_entry;
@@ -1025,7 +1025,7 @@
len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
if (bss > len)
- do_brk(len, bss - len);
+ do_brk_locked(len, bss - len);
error = 0;
out_free_ph:
diff -ur linux-2.6.10/include/linux/mm.h linux-2.6.10.plasmaroo/include/linux/mm.h
--- linux-2.6.10/include/linux/mm.h 2004-12-24 21:33:50.000000000 +0000
+++ linux-2.6.10.plasmaroo/include/linux/mm.h 2005-01-07 15:36:00.000000000 +0000
@@ -704,6 +704,7 @@
extern int do_munmap(struct mm_struct *, unsigned long, size_t);
extern unsigned long do_brk(unsigned long, unsigned long);
+extern unsigned long do_brk_locked(unsigned long, unsigned long);
/* filemap.c */
extern unsigned long page_unuse(struct page *);
diff -ur linux-2.6.10/mm/mmap.c linux-2.6.10.plasmaroo/mm/mmap.c
--- linux-2.6.10/mm/mmap.c 2004-12-24 21:35:00.000000000 +0000
+++ linux-2.6.10.plasmaroo/mm/mmap.c 2005-01-07 15:36:04.000000000 +0000
@@ -1826,6 +1826,20 @@
EXPORT_SYMBOL(do_brk);
+/* locking version of do_brk. */
+unsigned long do_brk_locked(unsigned long addr, unsigned long len)
+{
+ unsigned long ret;
+
+ down_write(¤t->mm->mmap_sem);
+ ret = do_brk(addr, len);
+ up_write(¤t->mm->mmap_sem);
+
+ return ret;
+}
+
+EXPORT_SYMBOL(do_brk_locked);
+
/* Release all mmaps. */
void exit_mmap(struct mm_struct *mm)
{
@@ -1952,3 +1966,4 @@
}
return new_vma;
}
+
diff -ur linux-2.6.10/mm/nommu.c linux-2.6.10.plasmaroo/mm/nommu.c
--- linux-2.6.10/mm/nommu.c 2004-12-24 21:35:25.000000000 +0000
+++ linux-2.6.10.plasmaroo/mm/nommu.c 2005-01-07 15:30:24.000000000 +0000
@@ -557,6 +557,11 @@
return -ENOMEM;
}
+unsigned long do_brk_locked(unsigned long addr, unsigned long len)
+{
+ return -ENOMEM;
+}
+
struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long addr)
{
return NULL;
Редактиран на: 10-01-2005@12:14
|
<< lag | Към: lag >> |
|
![](/default_images/clearpixel.gif) |
|
|
|
|
|
|