diff -Nru linux-2.4.23-grsec-1.9.13/grsecurity/Config.in linux-2.4.23-grsec-1.9.13-textrel/grsecurity/Config.in --- linux-2.4.23-grsec-1.9.13/grsecurity/Config.in 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/grsecurity/Config.in 2003-12-21 01:29:48.000000000 -0500 @@ -1,3 +1,4 @@ +define_bool CONFIG_GRKERNSEC_AUDIT_TEXTREL y define_bool CONFIG_CRYPTO y define_bool CONFIG_CRYPTO_SHA256 y choice 'Security level' \ @@ -319,6 +320,7 @@ bool 'Signal logging' CONFIG_GRKERNSEC_SIGNAL bool 'Fork failure logging' CONFIG_GRKERNSEC_FORKFAIL bool 'Time change logging' CONFIG_GRKERNSEC_TIME +bool 'ELF text relocations logging' CONFIG_GRKERNSEC_AUDIT_TEXTREL endmenu mainmenu_option next_comment comment 'Executable Protections' diff -Nru linux-2.4.23-grsec-1.9.13/grsecurity/grsec_init.c linux-2.4.23-grsec-1.9.13-textrel/grsecurity/grsec_init.c --- linux-2.4.23-grsec-1.9.13/grsecurity/grsec_init.c 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/grsecurity/grsec_init.c 2003-12-20 20:55:36.000000000 -0500 @@ -5,6 +5,7 @@ #include #include +int grsec_enable_audit_textrel; int grsec_enable_link; int grsec_enable_dmesg; int grsec_enable_fifo; @@ -85,6 +86,9 @@ #ifndef CONFIG_GRKERNSEC_SYSCTL grsec_lock = 1; +#ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL + grsec_enable_audit_textrel = 1; +#endif #ifdef CONFIG_GRKERNSEC_AUDIT_GROUP grsec_enable_group = 1; grsec_audit_gid = CONFIG_GRKERNSEC_AUDIT_GID; diff -Nru linux-2.4.23-grsec-1.9.13/include/linux/grmsg.h linux-2.4.23-grsec-1.9.13-textrel/include/linux/grmsg.h --- linux-2.4.23-grsec-1.9.13/include/linux/grmsg.h 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/include/linux/grmsg.h 2003-12-23 18:06:05.000000000 -0500 @@ -97,3 +97,4 @@ #define GR_SHM_AUDIT_MSG "shared memory of size %d created by " DEFAULTSECMSG #define GR_SHMR_AUDIT_MSG "shared memory of uid:%d euid:%d removed by " DEFAULTSECMSG #define GR_RESOURCE_MSG "attempted resource overstep by requesting %lu for %.16s against limit %lu by " DEFAULTSECMSG +#define GR_TEXTREL_AUDIT_MSG "textrel VMA:0x%08lx-0x%08lx in " DEFAULTSECMSG diff -Nru linux-2.4.23-grsec-1.9.13/include/linux/grsecurity.h linux-2.4.23-grsec-1.9.13-textrel/include/linux/grsecurity.h --- linux-2.4.23-grsec-1.9.13/include/linux/grsecurity.h 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/include/linux/grsecurity.h 2003-12-21 01:31:42.000000000 -0500 @@ -164,6 +164,7 @@ extern int grsec_enable_randisn; extern int grsec_enable_randsrc; extern int grsec_enable_randrpc; +extern int grsec_enable_audit_textrel; #endif #endif diff -Nru linux-2.4.23-grsec-1.9.13/kernel/sysctl.c linux-2.4.23-grsec-1.9.13-textrel/kernel/sysctl.c --- linux-2.4.23-grsec-1.9.13/kernel/sysctl.c 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/kernel/sysctl.c 2003-12-20 20:54:41.000000000 -0500 @@ -293,7 +293,7 @@ }; #ifdef CONFIG_GRKERNSEC -enum {GS_ACL=1, GS_LINK, GS_FIFO, GS_EXECVE, GS_EXECLOG, GS_SIGNAL, +enum {GS_ACL=1, GS_TEXTREL, GS_LINK, GS_FIFO, GS_EXECVE, GS_EXECLOG, GS_SIGNAL, GS_FORKFAIL, GS_TIME, GS_CHROOT_SHMAT, GS_CHROOT_UNIX, GS_CHROOT_MNT, GS_CHROOT_FCHDIR, GS_CHROOT_DBL, GS_CHROOT_PVT, GS_CHROOT_CD, GS_CHROOT_CM, GS_CHROOT_MK, GS_CHROOT_NI, GS_CHROOT_EXECLOG, GS_CHROOT_CAPS, @@ -307,6 +307,10 @@ static ctl_table grsecurity_table[] = { {GS_ACL,"acl", NULL, sizeof(int), 0600, NULL, &gr_proc_handler}, #ifdef CONFIG_GRKERNSEC_SYSCTL +#ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL + {GS_TEXTREL, "audit_textrel", &grsec_enable_audit_textrel, sizeof (int), + 0600, NULL, &proc_dointvec}, +#endif #ifdef CONFIG_GRKERNSEC_LINK {GS_LINK, "linking_restrictions", &grsec_enable_link, sizeof (int), 0600, NULL, &proc_dointvec}, diff -Nru linux-2.4.23-grsec-1.9.13/mm/mprotect.c linux-2.4.23-grsec-1.9.13-textrel/mm/mprotect.c --- linux-2.4.23-grsec-1.9.13/mm/mprotect.c 2003-12-23 14:29:30.000000000 -0500 +++ linux-2.4.23-grsec-1.9.13-textrel/mm/mprotect.c 2003-12-23 17:59:37.000000000 -0500 @@ -361,6 +361,10 @@ return; if (dyn.d_tag == DT_TEXTREL || (dyn.d_tag == DT_FLAGS && (dyn.d_un.d_val & DF_TEXTREL))) { vma->vm_flags |= VM_MAYWRITE | VM_MAYNOTWRITE; +#ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL + if (grsec_enable_audit_textrel) + security_audit(GR_TEXTREL_AUDIT_MSG, vma->vm_start, vma->vm_pgoff, DEFAULTSECARGS); +#endif return; } i++;