Fix PAX Patch/Grsec SLAB_USERCOPY panic

Support grsecurity/PaX kernel configurations where
CONFIG_PAX_USERCOPY_SLABS are enabled.  When this kernel option
is enabled slabs which are used to copy between user and kernel
space must be created with SLAB_USERCOPY.

Stock Linux kernels do not have a SLAB_USERCOPY definition so
this causes no change in behavior for non-PAX-enabled kernels.

Verified-by: Wuffleton <null@wuffleton.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Issue #2977
Issue #3796
This commit is contained in:
Brian Behlendorf 2015-09-28 09:08:11 -07:00
parent f17d005bcc
commit 2ebe396046

View File

@ -986,13 +986,23 @@ spl_kmem_cache_create(char *name, size_t size, size_t align,
if (rc) if (rc)
goto out; goto out;
} else { } else {
unsigned long slabflags = 0;
if (size > (SPL_MAX_KMEM_ORDER_NR_PAGES * PAGE_SIZE)) { if (size > (SPL_MAX_KMEM_ORDER_NR_PAGES * PAGE_SIZE)) {
rc = EINVAL; rc = EINVAL;
goto out; goto out;
} }
#if defined(SLAB_USERCOPY)
/*
* Required for PAX-enabled kernels if the slab is to be
* used for coping between user and kernel space.
*/
slabflags |= SLAB_USERCOPY;
#endif
skc->skc_linux_cache = kmem_cache_create( skc->skc_linux_cache = kmem_cache_create(
skc->skc_name, size, align, 0, NULL); skc->skc_name, size, align, slabflags, NULL);
if (skc->skc_linux_cache == NULL) { if (skc->skc_linux_cache == NULL) {
rc = ENOMEM; rc = ENOMEM;
goto out; goto out;