DivestOS/Patches/LineageOS-17.1/android_bionic/0003-Graphene_Bionic_Hardening-5.patch

47 lines
1.7 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 19 Nov 2016 09:56:14 -0500
Subject: [PATCH] stop implicitly marking mappings as mergeable
---
libc/bionic/mmap.cpp | 19 +------------------
1 file changed, 1 insertion(+), 18 deletions(-)
diff --git a/libc/bionic/mmap.cpp b/libc/bionic/mmap.cpp
index 35033199a..c08106892 100644
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
--- a/libc/bionic/mmap.cpp
+++ b/libc/bionic/mmap.cpp
@@ -39,8 +39,6 @@ extern "C" void* __mmap2(void*, size_t, int, int, int, size_t);
#define MMAP2_SHIFT 12 // 2**12 == 4096
-static bool kernel_has_MADV_MERGEABLE = true;
-
void* mmap64(void* addr, size_t size, int prot, int flags, int fd, off64_t offset) {
if (offset < 0 || (offset & ((1UL << MMAP2_SHIFT)-1)) != 0) {
errno = EINVAL;
@@ -54,22 +52,7 @@ void* mmap64(void* addr, size_t size, int prot, int flags, int fd, off64_t offse
return MAP_FAILED;
}
- bool is_private_anonymous =
- (flags & (MAP_PRIVATE | MAP_ANONYMOUS)) == (MAP_PRIVATE | MAP_ANONYMOUS);
- bool is_stack_or_grows_down = (flags & (MAP_STACK | MAP_GROWSDOWN)) != 0;
-
- void* result = __mmap2(addr, size, prot, flags, fd, offset >> MMAP2_SHIFT);
-
- if (result != MAP_FAILED && kernel_has_MADV_MERGEABLE &&
- is_private_anonymous && !is_stack_or_grows_down) {
- ErrnoRestorer errno_restorer;
- int rc = madvise(result, size, MADV_MERGEABLE);
- if (rc == -1 && errno == EINVAL) {
- kernel_has_MADV_MERGEABLE = false;
- }
- }
-
- return result;
+ return __mmap2(addr, size, prot, flags, fd, offset >> MMAP2_SHIFT);
}
void* mmap(void* addr, size_t size, int prot, int flags, int fd, off_t offset) {