ChangeSet@1.1848, 2004-07-18 09:08:19-07:00, mingo@elte.hu
  [PATCH] NX: clean up legacy binary support
  
  This cleans up legacy x86 binary support by introducing a new
  personality bit: READ_IMPLIES_EXEC, and implements Linus' suggestion to
  add the PROT_EXEC bit on the two affected syscall entry places,
  sys_mprotect() and sys_mmap().  If this bit is set then PROT_READ will
  also add the PROT_EXEC bit - as expected by legacy x86 binaries.  The
  ELF loader will automatically set this bit when it encounters a legacy
  binary.
  
  This approach avoids the problems the previous ->def_flags solution
  caused.  In particular this patch fixes the PROT_NONE problem in a
  cleaner way (http://lkml.org/lkml/2004/7/12/227), and it should fix the
  ia64 PROT_EXEC problem reported by David Mosberger.  Also,
  mprotect(PROT_READ) done by legacy binaries will do the right thing as
  well. 
  
  the details:
  
  - the personality bit is added to the personality mask upon exec(),
    within the ELF loader, but is not cleared (see the exceptions below). 
    This means that if an environment that already has the bit exec()s a
    new-style binary it will still get the old behavior.
  
  - one exception are setuid/setgid binaries: these will reset the
    bit - thus local attackers cannot manually set the bit and circumvent
    NX protection. Legacy setuid binaries will still get the bit through
    the ELF loader. This gives us maximum flexibility in shaping
    compatibility environments.
  
  - selinux also clears the bit when switching SIDs via exec().
  
  - x86 is the only arch making use of READ_IMPLIES_EXEC currently. Other
    arches will have the pre-NX-patch protection setup they always had.
  
  I have booted an old distro [RH 7.2] and two new PT_GNU_STACK distros
  [SuSE 9.2 and FC2] on an NX-capable CPU - they work just fine and all
  the mapping details are right. I've checked the PROT_NONE test-utility
  as well and it works as expected. I have checked various setuid
  scenarios as well involving legacy and new-style binaries.
  
  an improved setarch utility can be used to set the personality bit
  manually:
  
  	http://redhat.com/~mingo/nx-patches/setarch-1.4-3.tar.gz
  
  the new '-X' flag does it, e.g.:
  
  	./setarch -X linux /bin/cat /proc/self/maps
  
  will trigger the old protection layout even on a new distro.
  
  Signed-off-by: Ingo Molnar <mingo@elte.hu>
  Signed-off-by: Linus Torvalds <torvalds@osdl.org>

ChangeSet@1.1847, 2004-07-18 09:06:48-07:00, eger@havoc.gtf.org
  [PATCH] pmac_zilog: serial minors taken failure path fix
  
  I've tracked down the core issue giving me the oops wrt pmac_zilog.
  
  When you have two serial drivers, (e.g. 8250 and PMAC_ZILOG) they both say
  
  "I want to reserve X ports starting with major TTY_MAJOR and minor 64".
  
  By the time pmac_zilog gets there, the ports it requests are already
  reserved.  Unfortunately, init_pmz() doesn't check for pmz_register()
  failure, and so it merrily goes on to register the half-initialized
  pmac_zilog driver with the power management subsystem.
  
  This path provides a proper failure path.
  
  Also: 
  
  Restore ppc configs now that I know people use AT Keyboards on CHRP and PReP
  machines, and the zilog driver is no longer Oops'ing.
  
  Signed-off-by: David Eger <eger@havoc.gtf.org>
  Signed-off-by: Linus Torvalds <torvalds@osdl.org>

ChangeSet@1.1846, 2004-07-17 21:52:45-07:00, torvalds@ppc970.osdl.org
  Linux 2.6.8-rc2
  
  Ready for the kernel summit in Ottawa...
  TAG: v2.6.8-rc2