Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > 27922b4260f65d317aabda37e42bbbff > files > 2235

kernel-2.6.18-238.el5.src.rpm

From: Danny Feng <dfeng@redhat.com>
Date: Fri, 29 Jan 2010 09:26:45 -0500
Subject: [mm] keep get_unmapped_area_prot functional
Message-id: <20100129092657.4587.77143.sendpatchset@dhcp-65-180.nay.redhat.com>
Patchwork-id: 22997
O-Subject: [PATCH RHEL5.5 12/12 BZ556710 CVE-2010-0291] with respect to
	get_unmapped_area_prot
Bugzilla: 556710
RH-Acked-by: Jarod Wilson <jarod@redhat.com>
RH-Acked-by: Larry Woodman <lwoodman@redhat.com>

Not upstream, adjusted for rhel5 kernel exec shield.

Subject: [PATCH] with respect to get_unmapped_area_prot

rhel5 uses get_unmapped_area_prot to support exec shield, so
in rhel5 mmap untangle fix, we should not break this.

Signed-off-by: Danny Feng <dfeng@redhat.com>

diff --git a/mm/mremap.c b/mm/mremap.c
index 27b9604..49e1d05 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -346,9 +346,9 @@ static unsigned long mremap_to(unsigned long addr,
 	if (vma->vm_flags & VM_MAYSHARE)
 		map_flags |= MAP_SHARED;
 
-	ret = get_unmapped_area(vma->vm_file, new_addr, new_len, vma->vm_pgoff +
+	ret = get_unmapped_area_prot(vma->vm_file, new_addr, new_len, vma->vm_pgoff +
 				((addr - vma->vm_start) >> PAGE_SHIFT),
-				map_flags);
+				map_flags, vma->vm_flags & VM_EXEC);
 	if (ret & ~PAGE_MASK)
 		goto out1;
 
@@ -369,8 +369,8 @@ static int vma_expandable(struct vm_area_struct *vma, unsigned long delta)
 		return 0;
 	if (vma->vm_next && vma->vm_next->vm_start < end) /* intersection */
 		return 0;
-	if (get_unmapped_area(NULL, vma->vm_start, end - vma->vm_start,
-			      0, MAP_FIXED) & ~PAGE_MASK)
+	if (get_unmapped_area_prot(NULL, vma->vm_start, end - vma->vm_start,
+			      0, MAP_FIXED, vma->vm_flags & VM_EXEC) & ~PAGE_MASK)
 		return 0;
 	return 1;
 }
@@ -468,10 +468,10 @@ unsigned long do_mremap(unsigned long addr,
 		if (vma->vm_flags & VM_MAYSHARE)
 			map_flags |= MAP_SHARED;
 
-		new_addr = get_unmapped_area(vma->vm_file, 0, new_len,
+		new_addr = get_unmapped_area_prot(vma->vm_file, 0, new_len,
 					vma->vm_pgoff +
 					((addr - vma->vm_start) >> PAGE_SHIFT),
-					map_flags);
+					map_flags, vma->vm_flags & VM_EXEC);
 		if (new_addr & ~PAGE_MASK) {
 			ret = new_addr;
 			goto out;

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional