[Pull request] [Natty] Add RO/NX protection for loadable kernel modules
Kees Cook
kees at ubuntu.com
Fri Nov 19 21:57:37 UTC 2010
This pulls in the module RO/NX protections currently living in tip
x86/security.
The following changes since commit 04c5cc1a4894c3b9d16af7977f5fc4baf230864c:
UBUNTU: Start new release (2010-11-18 18:12:54 +0000)
are available in the git repository at:
git://kernel.ubuntu.com/kees/ubuntu-natty.git master
Kees Cook (1):
UBUNTU: [Config] update config for CONFIG_DEBUG_SET_MODULE_RONX
Matthieu CASTET (3):
x86: Fix improper large page preservation
x86: Add NX protection for kernel data
x86: Add RO/NX protection for loadable kernel modules
arch/x86/Kconfig.debug | 11 ++
arch/x86/include/asm/pci.h | 1 +
arch/x86/kernel/ftrace.c | 3 +
arch/x86/kernel/vmlinux.lds.S | 8 +-
arch/x86/mm/init.c | 3 +-
arch/x86/mm/init_32.c | 20 +++-
arch/x86/mm/init_64.c | 3 +-
arch/x86/mm/pageattr.c | 33 ++++--
arch/x86/pci/pcbios.c | 23 ++++
debian.master/config/config.common.ubuntu | 1 +
debian.master/config/enforce | 1 +
include/linux/module.h | 11 ++-
kernel/module.c | 171 ++++++++++++++++++++++++++++-
13 files changed, 270 insertions(+), 19 deletions(-)
--
Kees Cook
Ubuntu Security Team
More information about the kernel-team
mailing list