From: Brian Behlendorf <behlendorf1@llnl.gov>
Date: Mon, 28 Sep 2015 16:08:11 +0000 (-0700)
Subject: Fix PAX Patch/Grsec SLAB_USERCOPY panic
X-Git-Tag: zfs-0.8.0-rc1~152^2~152
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2ebe396046c99ea191a51f24658273fd860b88c4;p=zfs

Fix PAX Patch/Grsec SLAB_USERCOPY panic

Support grsecurity/PaX kernel configurations where
CONFIG_PAX_USERCOPY_SLABS are enabled.  When this kernel option
is enabled slabs which are used to copy between user and kernel
space must be created with SLAB_USERCOPY.

Stock Linux kernels do not have a SLAB_USERCOPY definition so
this causes no change in behavior for non-PAX-enabled kernels.

Verified-by: Wuffleton <null@wuffleton.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Issue #2977
Issue #3796
---

diff --git a/module/spl/spl-kmem-cache.c b/module/spl/spl-kmem-cache.c
index a83c9f3ae..a7f9ca3a5 100644
--- a/module/spl/spl-kmem-cache.c
+++ b/module/spl/spl-kmem-cache.c
@@ -986,13 +986,23 @@ spl_kmem_cache_create(char *name, size_t size, size_t align,
 		if (rc)
 			goto out;
 	} else {
+		unsigned long slabflags = 0;
+
 		if (size > (SPL_MAX_KMEM_ORDER_NR_PAGES * PAGE_SIZE)) {
 			rc = EINVAL;
 			goto out;
 		}
 
+#if defined(SLAB_USERCOPY)
+		/*
+		 * Required for PAX-enabled kernels if the slab is to be
+		 * used for coping between user and kernel space.
+		 */
+		slabflags |= SLAB_USERCOPY;
+#endif
+
 		skc->skc_linux_cache = kmem_cache_create(
-		    skc->skc_name, size, align, 0, NULL);
+		    skc->skc_name, size, align, slabflags, NULL);
 		if (skc->skc_linux_cache == NULL) {
 			rc = ENOMEM;
 			goto out;