1 |
commit: 3654e93df322afa3fdc41646d253584ba0207241 |
2 |
Author: Anthony G. Basile <basile <AT> opensource <DOT> dyc <DOT> edu> |
3 |
AuthorDate: Sun Feb 13 16:41:40 2011 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 13 16:41:40 2011 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=3654e93d |
7 |
|
8 |
Update Grsec/PaX |
9 |
2.2.1-2.6.32.28-201102121148 |
10 |
2.2.1-2.6.37-201102121148.patch |
11 |
|
12 |
--- |
13 |
2.6.32/0000_README | 2 +- |
14 |
..._grsecurity-2.2.1-2.6.32.28-201102121148.patch} | 990 ++++++++++++++----- |
15 |
2.6.32/4440_selinux-avc_audit-log-curr_ip.patch | 2 +- |
16 |
2.6.37/0000_README | 2 +- |
17 |
...420_grsecurity-2.2.1-2.6.37-201102121148.patch} | 1041 ++++++++++++++------ |
18 |
2.6.37/4440_selinux-avc_audit-log-curr_ip.patch | 2 +- |
19 |
6 files changed, 1503 insertions(+), 536 deletions(-) |
20 |
|
21 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
22 |
index ebbdde9..c1feb8d 100644 |
23 |
--- a/2.6.32/0000_README |
24 |
+++ b/2.6.32/0000_README |
25 |
@@ -3,7 +3,7 @@ README |
26 |
|
27 |
Individual Patch Descriptions: |
28 |
----------------------------------------------------------------------------- |
29 |
-Patch: 4420_grsecurity-2.2.1-2.6.32.28-201101170305.patch |
30 |
+Patch: 4420_grsecurity-2.2.1-2.6.32.28-201102121148.patch |
31 |
From: http://www.grsecurity.net |
32 |
Desc: hardened-sources base patch from upstream grsecurity |
33 |
|
34 |
|
35 |
diff --git a/2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201101170305.patch b/2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201102121148.patch |
36 |
similarity index 98% |
37 |
rename from 2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201101170305.patch |
38 |
rename to 2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201102121148.patch |
39 |
index ead21d1..b1b6990 100644 |
40 |
--- a/2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201101170305.patch |
41 |
+++ b/2.6.32/4420_grsecurity-2.2.1-2.6.32.28-201102121148.patch |
42 |
@@ -7603,7 +7603,7 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/elf.h linux-2.6.32.28/arch/x86/i |
43 |
#endif /* _ASM_X86_ELF_H */ |
44 |
diff -urNp linux-2.6.32.28/arch/x86/include/asm/futex.h linux-2.6.32.28/arch/x86/include/asm/futex.h |
45 |
--- linux-2.6.32.28/arch/x86/include/asm/futex.h 2010-08-13 16:24:37.000000000 -0400 |
46 |
-+++ linux-2.6.32.28/arch/x86/include/asm/futex.h 2010-12-31 14:47:00.000000000 -0500 |
47 |
++++ linux-2.6.32.28/arch/x86/include/asm/futex.h 2011-01-25 20:24:47.000000000 -0500 |
48 |
@@ -12,16 +12,18 @@ |
49 |
#include <asm/system.h> |
50 |
|
51 |
@@ -7616,7 +7616,7 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/futex.h linux-2.6.32.28/arch/x86 |
52 |
"\t.previous\n" \ |
53 |
_ASM_EXTABLE(1b, 3b) \ |
54 |
- : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \ |
55 |
-+ : "=r" (oldval), "=r" (ret), "+m" (*____m(uaddr))\ |
56 |
++ : "=r" (oldval), "=r" (ret), "+m" (*(u32 *)____m(uaddr))\ |
57 |
: "i" (-EFAULT), "0" (oparg), "1" (0)) |
58 |
|
59 |
#define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \ |
60 |
@@ -7629,7 +7629,7 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/futex.h linux-2.6.32.28/arch/x86 |
61 |
_ASM_EXTABLE(2b, 4b) \ |
62 |
: "=&a" (oldval), "=&r" (ret), \ |
63 |
- "+m" (*uaddr), "=&r" (tem) \ |
64 |
-+ "+m" (*(____m(uaddr))), "=&r" (tem) \ |
65 |
++ "+m" (*(u32 *)____m(uaddr)), "=&r" (tem) \ |
66 |
: "r" (oparg), "i" (-EFAULT), "1" (0)) |
67 |
|
68 |
-static inline int futex_atomic_op_inuser(int encoded_op, int __user *uaddr) |
69 |
@@ -7675,7 +7675,7 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/futex.h linux-2.6.32.28/arch/x86 |
70 |
"\t.previous\n" |
71 |
_ASM_EXTABLE(1b, 3b) |
72 |
- : "=a" (oldval), "+m" (*uaddr) |
73 |
-+ : "=a" (oldval), "+m" (*____m(uaddr)) |
74 |
++ : "=a" (oldval), "+m" (*(u32 *)____m(uaddr)) |
75 |
: "i" (-EFAULT), "r" (newval), "0" (oldval) |
76 |
: "memory" |
77 |
); |
78 |
@@ -7722,9 +7722,38 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/i387.h linux-2.6.32.28/arch/x86/ |
79 |
|
80 |
/* |
81 |
* These must be called with preempt disabled |
82 |
+diff -urNp linux-2.6.32.28/arch/x86/include/asm/io_32.h linux-2.6.32.28/arch/x86/include/asm/io_32.h |
83 |
+--- linux-2.6.32.28/arch/x86/include/asm/io_32.h 2010-08-13 16:24:37.000000000 -0400 |
84 |
++++ linux-2.6.32.28/arch/x86/include/asm/io_32.h 2011-01-27 22:39:52.000000000 -0500 |
85 |
+@@ -3,6 +3,7 @@ |
86 |
+ |
87 |
+ #include <linux/string.h> |
88 |
+ #include <linux/compiler.h> |
89 |
++#include <asm/processor.h> |
90 |
+ |
91 |
+ /* |
92 |
+ * This file contains the definitions for the x86 IO instructions |
93 |
+@@ -42,6 +43,17 @@ |
94 |
+ |
95 |
+ #ifdef __KERNEL__ |
96 |
+ |
97 |
++#define ARCH_HAS_VALID_PHYS_ADDR_RANGE |
98 |
++static inline int valid_phys_addr_range(unsigned long addr, size_t count) |
99 |
++{ |
100 |
++ return ((addr + count + PAGE_SIZE - 1) >> PAGE_SHIFT) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
101 |
++} |
102 |
++ |
103 |
++static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t count) |
104 |
++{ |
105 |
++ return (pfn + (count >> PAGE_SHIFT)) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
106 |
++} |
107 |
++ |
108 |
+ #include <asm-generic/iomap.h> |
109 |
+ |
110 |
+ #include <linux/vmalloc.h> |
111 |
diff -urNp linux-2.6.32.28/arch/x86/include/asm/io_64.h linux-2.6.32.28/arch/x86/include/asm/io_64.h |
112 |
--- linux-2.6.32.28/arch/x86/include/asm/io_64.h 2010-08-13 16:24:37.000000000 -0400 |
113 |
-+++ linux-2.6.32.28/arch/x86/include/asm/io_64.h 2010-12-31 14:46:53.000000000 -0500 |
114 |
++++ linux-2.6.32.28/arch/x86/include/asm/io_64.h 2011-01-27 22:39:52.000000000 -0500 |
115 |
@@ -140,6 +140,17 @@ __OUTS(l) |
116 |
|
117 |
#include <linux/vmalloc.h> |
118 |
@@ -7732,12 +7761,12 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/io_64.h linux-2.6.32.28/arch/x86 |
119 |
+#define ARCH_HAS_VALID_PHYS_ADDR_RANGE |
120 |
+static inline int valid_phys_addr_range(unsigned long addr, size_t count) |
121 |
+{ |
122 |
-+ return ((addr + count + PAGE_SIZE - 1) >> PAGE_SHIFT) < (1 << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
123 |
++ return ((addr + count + PAGE_SIZE - 1) >> PAGE_SHIFT) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
124 |
+} |
125 |
+ |
126 |
+static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t count) |
127 |
+{ |
128 |
-+ return (pfn + (count >> PAGE_SHIFT)) < (1 << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
129 |
++ return (pfn + (count >> PAGE_SHIFT)) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
130 |
+} |
131 |
+ |
132 |
#include <asm-generic/iomap.h> |
133 |
@@ -8014,7 +8043,7 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/mman.h linux-2.6.32.28/arch/x86/ |
134 |
#endif /* _ASM_X86_MMAN_H */ |
135 |
diff -urNp linux-2.6.32.28/arch/x86/include/asm/mmu_context.h linux-2.6.32.28/arch/x86/include/asm/mmu_context.h |
136 |
--- linux-2.6.32.28/arch/x86/include/asm/mmu_context.h 2010-08-13 16:24:37.000000000 -0400 |
137 |
-+++ linux-2.6.32.28/arch/x86/include/asm/mmu_context.h 2010-12-31 14:46:53.000000000 -0500 |
138 |
++++ linux-2.6.32.28/arch/x86/include/asm/mmu_context.h 2011-02-12 11:05:01.000000000 -0500 |
139 |
@@ -24,6 +24,21 @@ void destroy_context(struct mm_struct *m |
140 |
|
141 |
static inline void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk) |
142 |
@@ -8046,8 +8075,8 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/mmu_context.h linux-2.6.32.28/ar |
143 |
+#endif |
144 |
|
145 |
if (likely(prev != next)) { |
146 |
- /* stop flush ipis for the previous mm */ |
147 |
- cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
148 |
+- /* stop flush ipis for the previous mm */ |
149 |
+- cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
150 |
#ifdef CONFIG_SMP |
151 |
+#ifdef CONFIG_X86_32 |
152 |
+ tlbstate = percpu_read(cpu_tlbstate.state); |
153 |
@@ -8067,6 +8096,8 @@ diff -urNp linux-2.6.32.28/arch/x86/include/asm/mmu_context.h linux-2.6.32.28/ar |
154 |
+#else |
155 |
load_cr3(next->pgd); |
156 |
+#endif |
157 |
++ /* stop flush ipis for the previous mm */ |
158 |
++ cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
159 |
|
160 |
/* |
161 |
* load the LDT, if the LDT is different: |
162 |
@@ -10724,8 +10755,16 @@ diff -urNp linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce_amd.c linux-2.6.32.28/ |
163 |
}; |
164 |
diff -urNp linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c |
165 |
--- linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c 2010-08-13 16:24:37.000000000 -0400 |
166 |
-+++ linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c 2010-12-31 14:46:53.000000000 -0500 |
167 |
-@@ -187,7 +187,7 @@ static void print_mce(struct mce *m) |
168 |
++++ linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c 2011-01-25 20:24:47.000000000 -0500 |
169 |
+@@ -43,6 +43,7 @@ |
170 |
+ #include <asm/ipi.h> |
171 |
+ #include <asm/mce.h> |
172 |
+ #include <asm/msr.h> |
173 |
++#include <asm/local.h> |
174 |
+ |
175 |
+ #include "mce-internal.h" |
176 |
+ |
177 |
+@@ -187,7 +188,7 @@ static void print_mce(struct mce *m) |
178 |
!(m->mcgstatus & MCG_STATUS_EIPV) ? " !INEXACT!" : "", |
179 |
m->cs, m->ip); |
180 |
|
181 |
@@ -10734,12 +10773,12 @@ diff -urNp linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.32.28/arch |
182 |
print_symbol("{%s}", m->ip); |
183 |
pr_cont("\n"); |
184 |
} |
185 |
-@@ -1429,14 +1429,14 @@ void __cpuinit mcheck_init(struct cpuinf |
186 |
+@@ -1429,14 +1430,14 @@ void __cpuinit mcheck_init(struct cpuinf |
187 |
*/ |
188 |
|
189 |
static DEFINE_SPINLOCK(mce_state_lock); |
190 |
-static int open_count; /* #times opened */ |
191 |
-+static atomic_t open_count; /* #times opened */ |
192 |
++static local_t open_count; /* #times opened */ |
193 |
static int open_exclu; /* already open exclusive? */ |
194 |
|
195 |
static int mce_open(struct inode *inode, struct file *file) |
196 |
@@ -10747,29 +10786,29 @@ diff -urNp linux-2.6.32.28/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.32.28/arch |
197 |
spin_lock(&mce_state_lock); |
198 |
|
199 |
- if (open_exclu || (open_count && (file->f_flags & O_EXCL))) { |
200 |
-+ if (open_exclu || (atomic_read(&open_count) && (file->f_flags & O_EXCL))) { |
201 |
++ if (open_exclu || (local_read(&open_count) && (file->f_flags & O_EXCL))) { |
202 |
spin_unlock(&mce_state_lock); |
203 |
|
204 |
return -EBUSY; |
205 |
-@@ -1444,7 +1444,7 @@ static int mce_open(struct inode *inode, |
206 |
+@@ -1444,7 +1445,7 @@ static int mce_open(struct inode *inode, |
207 |
|
208 |
if (file->f_flags & O_EXCL) |
209 |
open_exclu = 1; |
210 |
- open_count++; |
211 |
-+ atomic_inc(&open_count); |
212 |
++ local_inc(&open_count); |
213 |
|
214 |
spin_unlock(&mce_state_lock); |
215 |
|
216 |
-@@ -1455,7 +1455,7 @@ static int mce_release(struct inode *ino |
217 |
+@@ -1455,7 +1456,7 @@ static int mce_release(struct inode *ino |
218 |
{ |
219 |
spin_lock(&mce_state_lock); |
220 |
|
221 |
- open_count--; |
222 |
-+ atomic_dec(&open_count); |
223 |
++ local_dec(&open_count); |
224 |
open_exclu = 0; |
225 |
|
226 |
spin_unlock(&mce_state_lock); |
227 |
-@@ -1595,6 +1595,7 @@ static struct miscdevice mce_log_device |
228 |
+@@ -1595,6 +1596,7 @@ static struct miscdevice mce_log_device |
229 |
MISC_MCELOG_MINOR, |
230 |
"mcelog", |
231 |
&mce_chrdev_ops, |
232 |
@@ -23970,98 +24009,106 @@ diff -urNp linux-2.6.32.28/drivers/char/hvc_rtas.c linux-2.6.32.28/drivers/char/ |
233 |
}; |
234 |
diff -urNp linux-2.6.32.28/drivers/char/hvcs.c linux-2.6.32.28/drivers/char/hvcs.c |
235 |
--- linux-2.6.32.28/drivers/char/hvcs.c 2010-08-13 16:24:37.000000000 -0400 |
236 |
-+++ linux-2.6.32.28/drivers/char/hvcs.c 2010-12-31 14:46:53.000000000 -0500 |
237 |
-@@ -269,7 +269,7 @@ struct hvcs_struct { |
238 |
++++ linux-2.6.32.28/drivers/char/hvcs.c 2011-01-25 20:24:47.000000000 -0500 |
239 |
+@@ -82,6 +82,7 @@ |
240 |
+ #include <asm/hvcserver.h> |
241 |
+ #include <asm/uaccess.h> |
242 |
+ #include <asm/vio.h> |
243 |
++#include <asm/local.h> |
244 |
+ |
245 |
+ /* |
246 |
+ * 1.3.0 -> 1.3.1 In hvcs_open memset(..,0x00,..) instead of memset(..,0x3F,00). |
247 |
+@@ -269,7 +270,7 @@ struct hvcs_struct { |
248 |
unsigned int index; |
249 |
|
250 |
struct tty_struct *tty; |
251 |
- int open_count; |
252 |
-+ atomic_t open_count; |
253 |
++ local_t open_count; |
254 |
|
255 |
/* |
256 |
* Used to tell the driver kernel_thread what operations need to take |
257 |
-@@ -419,7 +419,7 @@ static ssize_t hvcs_vterm_state_store(st |
258 |
+@@ -419,7 +420,7 @@ static ssize_t hvcs_vterm_state_store(st |
259 |
|
260 |
spin_lock_irqsave(&hvcsd->lock, flags); |
261 |
|
262 |
- if (hvcsd->open_count > 0) { |
263 |
-+ if (atomic_read(&hvcsd->open_count) > 0) { |
264 |
++ if (local_read(&hvcsd->open_count) > 0) { |
265 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
266 |
printk(KERN_INFO "HVCS: vterm state unchanged. " |
267 |
"The hvcs device node is still in use.\n"); |
268 |
-@@ -1135,7 +1135,7 @@ static int hvcs_open(struct tty_struct * |
269 |
+@@ -1135,7 +1136,7 @@ static int hvcs_open(struct tty_struct * |
270 |
if ((retval = hvcs_partner_connect(hvcsd))) |
271 |
goto error_release; |
272 |
|
273 |
- hvcsd->open_count = 1; |
274 |
-+ atomic_set(&hvcsd->open_count, 1); |
275 |
++ local_set(&hvcsd->open_count, 1); |
276 |
hvcsd->tty = tty; |
277 |
tty->driver_data = hvcsd; |
278 |
|
279 |
-@@ -1169,7 +1169,7 @@ fast_open: |
280 |
+@@ -1169,7 +1170,7 @@ fast_open: |
281 |
|
282 |
spin_lock_irqsave(&hvcsd->lock, flags); |
283 |
kref_get(&hvcsd->kref); |
284 |
- hvcsd->open_count++; |
285 |
-+ atomic_inc(&hvcsd->open_count); |
286 |
++ local_inc(&hvcsd->open_count); |
287 |
hvcsd->todo_mask |= HVCS_SCHED_READ; |
288 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
289 |
|
290 |
-@@ -1213,7 +1213,7 @@ static void hvcs_close(struct tty_struct |
291 |
+@@ -1213,7 +1214,7 @@ static void hvcs_close(struct tty_struct |
292 |
hvcsd = tty->driver_data; |
293 |
|
294 |
spin_lock_irqsave(&hvcsd->lock, flags); |
295 |
- if (--hvcsd->open_count == 0) { |
296 |
-+ if (atomic_dec_and_test(&hvcsd->open_count)) { |
297 |
++ if (local_dec_and_test(&hvcsd->open_count)) { |
298 |
|
299 |
vio_disable_interrupts(hvcsd->vdev); |
300 |
|
301 |
-@@ -1239,10 +1239,10 @@ static void hvcs_close(struct tty_struct |
302 |
+@@ -1239,10 +1240,10 @@ static void hvcs_close(struct tty_struct |
303 |
free_irq(irq, hvcsd); |
304 |
kref_put(&hvcsd->kref, destroy_hvcs_struct); |
305 |
return; |
306 |
- } else if (hvcsd->open_count < 0) { |
307 |
-+ } else if (atomic_read(&hvcsd->open_count) < 0) { |
308 |
++ } else if (local_read(&hvcsd->open_count) < 0) { |
309 |
printk(KERN_ERR "HVCS: vty-server@%X open_count: %d" |
310 |
" is missmanaged.\n", |
311 |
- hvcsd->vdev->unit_address, hvcsd->open_count); |
312 |
-+ hvcsd->vdev->unit_address, atomic_read(&hvcsd->open_count)); |
313 |
++ hvcsd->vdev->unit_address, local_read(&hvcsd->open_count)); |
314 |
} |
315 |
|
316 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
317 |
-@@ -1258,7 +1258,7 @@ static void hvcs_hangup(struct tty_struc |
318 |
+@@ -1258,7 +1259,7 @@ static void hvcs_hangup(struct tty_struc |
319 |
|
320 |
spin_lock_irqsave(&hvcsd->lock, flags); |
321 |
/* Preserve this so that we know how many kref refs to put */ |
322 |
- temp_open_count = hvcsd->open_count; |
323 |
-+ temp_open_count = atomic_read(&hvcsd->open_count); |
324 |
++ temp_open_count = local_read(&hvcsd->open_count); |
325 |
|
326 |
/* |
327 |
* Don't kref put inside the spinlock because the destruction |
328 |
-@@ -1273,7 +1273,7 @@ static void hvcs_hangup(struct tty_struc |
329 |
+@@ -1273,7 +1274,7 @@ static void hvcs_hangup(struct tty_struc |
330 |
hvcsd->tty->driver_data = NULL; |
331 |
hvcsd->tty = NULL; |
332 |
|
333 |
- hvcsd->open_count = 0; |
334 |
-+ atomic_set(&hvcsd->open_count, 0); |
335 |
++ local_set(&hvcsd->open_count, 0); |
336 |
|
337 |
/* This will drop any buffered data on the floor which is OK in a hangup |
338 |
* scenario. */ |
339 |
-@@ -1344,7 +1344,7 @@ static int hvcs_write(struct tty_struct |
340 |
+@@ -1344,7 +1345,7 @@ static int hvcs_write(struct tty_struct |
341 |
* the middle of a write operation? This is a crummy place to do this |
342 |
* but we want to keep it all in the spinlock. |
343 |
*/ |
344 |
- if (hvcsd->open_count <= 0) { |
345 |
-+ if (atomic_read(&hvcsd->open_count) <= 0) { |
346 |
++ if (local_read(&hvcsd->open_count) <= 0) { |
347 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
348 |
return -ENODEV; |
349 |
} |
350 |
-@@ -1418,7 +1418,7 @@ static int hvcs_write_room(struct tty_st |
351 |
+@@ -1418,7 +1419,7 @@ static int hvcs_write_room(struct tty_st |
352 |
{ |
353 |
struct hvcs_struct *hvcsd = tty->driver_data; |
354 |
|
355 |
- if (!hvcsd || hvcsd->open_count <= 0) |
356 |
-+ if (!hvcsd || atomic_read(&hvcsd->open_count) <= 0) |
357 |
++ if (!hvcsd || local_read(&hvcsd->open_count) <= 0) |
358 |
return 0; |
359 |
|
360 |
return HVCS_BUFF_LEN - hvcsd->chars_in_buffer; |
361 |
@@ -24392,118 +24439,126 @@ diff -urNp linux-2.6.32.28/drivers/char/nvram.c linux-2.6.32.28/drivers/char/nvr |
362 |
static int __init nvram_init(void) |
363 |
diff -urNp linux-2.6.32.28/drivers/char/pcmcia/ipwireless/tty.c linux-2.6.32.28/drivers/char/pcmcia/ipwireless/tty.c |
364 |
--- linux-2.6.32.28/drivers/char/pcmcia/ipwireless/tty.c 2010-08-13 16:24:37.000000000 -0400 |
365 |
-+++ linux-2.6.32.28/drivers/char/pcmcia/ipwireless/tty.c 2010-12-31 14:46:53.000000000 -0500 |
366 |
-@@ -51,7 +51,7 @@ struct ipw_tty { |
367 |
++++ linux-2.6.32.28/drivers/char/pcmcia/ipwireless/tty.c 2011-01-25 20:24:47.000000000 -0500 |
368 |
+@@ -29,6 +29,7 @@ |
369 |
+ #include <linux/tty_driver.h> |
370 |
+ #include <linux/tty_flip.h> |
371 |
+ #include <linux/uaccess.h> |
372 |
++#include <asm/local.h> |
373 |
+ |
374 |
+ #include "tty.h" |
375 |
+ #include "network.h" |
376 |
+@@ -51,7 +52,7 @@ struct ipw_tty { |
377 |
int tty_type; |
378 |
struct ipw_network *network; |
379 |
struct tty_struct *linux_tty; |
380 |
- int open_count; |
381 |
-+ atomic_t open_count; |
382 |
++ local_t open_count; |
383 |
unsigned int control_lines; |
384 |
struct mutex ipw_tty_mutex; |
385 |
int tx_bytes_queued; |
386 |
-@@ -127,10 +127,10 @@ static int ipw_open(struct tty_struct *l |
387 |
+@@ -127,10 +128,10 @@ static int ipw_open(struct tty_struct *l |
388 |
mutex_unlock(&tty->ipw_tty_mutex); |
389 |
return -ENODEV; |
390 |
} |
391 |
- if (tty->open_count == 0) |
392 |
-+ if (atomic_read(&tty->open_count) == 0) |
393 |
++ if (local_read(&tty->open_count) == 0) |
394 |
tty->tx_bytes_queued = 0; |
395 |
|
396 |
- tty->open_count++; |
397 |
-+ atomic_inc(&tty->open_count); |
398 |
++ local_inc(&tty->open_count); |
399 |
|
400 |
tty->linux_tty = linux_tty; |
401 |
linux_tty->driver_data = tty; |
402 |
-@@ -146,9 +146,7 @@ static int ipw_open(struct tty_struct *l |
403 |
+@@ -146,9 +147,7 @@ static int ipw_open(struct tty_struct *l |
404 |
|
405 |
static void do_ipw_close(struct ipw_tty *tty) |
406 |
{ |
407 |
- tty->open_count--; |
408 |
- |
409 |
- if (tty->open_count == 0) { |
410 |
-+ if (atomic_dec_return(&tty->open_count) == 0) { |
411 |
++ if (local_dec_return(&tty->open_count) == 0) { |
412 |
struct tty_struct *linux_tty = tty->linux_tty; |
413 |
|
414 |
if (linux_tty != NULL) { |
415 |
-@@ -169,7 +167,7 @@ static void ipw_hangup(struct tty_struct |
416 |
+@@ -169,7 +168,7 @@ static void ipw_hangup(struct tty_struct |
417 |
return; |
418 |
|
419 |
mutex_lock(&tty->ipw_tty_mutex); |
420 |
- if (tty->open_count == 0) { |
421 |
-+ if (atomic_read(&tty->open_count) == 0) { |
422 |
++ if (local_read(&tty->open_count) == 0) { |
423 |
mutex_unlock(&tty->ipw_tty_mutex); |
424 |
return; |
425 |
} |
426 |
-@@ -198,7 +196,7 @@ void ipwireless_tty_received(struct ipw_ |
427 |
+@@ -198,7 +197,7 @@ void ipwireless_tty_received(struct ipw_ |
428 |
return; |
429 |
} |
430 |
|
431 |
- if (!tty->open_count) { |
432 |
-+ if (!atomic_read(&tty->open_count)) { |
433 |
++ if (!local_read(&tty->open_count)) { |
434 |
mutex_unlock(&tty->ipw_tty_mutex); |
435 |
return; |
436 |
} |
437 |
-@@ -240,7 +238,7 @@ static int ipw_write(struct tty_struct * |
438 |
+@@ -240,7 +239,7 @@ static int ipw_write(struct tty_struct * |
439 |
return -ENODEV; |
440 |
|
441 |
mutex_lock(&tty->ipw_tty_mutex); |
442 |
- if (!tty->open_count) { |
443 |
-+ if (!atomic_read(&tty->open_count)) { |
444 |
++ if (!local_read(&tty->open_count)) { |
445 |
mutex_unlock(&tty->ipw_tty_mutex); |
446 |
return -EINVAL; |
447 |
} |
448 |
-@@ -280,7 +278,7 @@ static int ipw_write_room(struct tty_str |
449 |
+@@ -280,7 +279,7 @@ static int ipw_write_room(struct tty_str |
450 |
if (!tty) |
451 |
return -ENODEV; |
452 |
|
453 |
- if (!tty->open_count) |
454 |
-+ if (!atomic_read(&tty->open_count)) |
455 |
++ if (!local_read(&tty->open_count)) |
456 |
return -EINVAL; |
457 |
|
458 |
room = IPWIRELESS_TX_QUEUE_SIZE - tty->tx_bytes_queued; |
459 |
-@@ -322,7 +320,7 @@ static int ipw_chars_in_buffer(struct tt |
460 |
+@@ -322,7 +321,7 @@ static int ipw_chars_in_buffer(struct tt |
461 |
if (!tty) |
462 |
return 0; |
463 |
|
464 |
- if (!tty->open_count) |
465 |
-+ if (!atomic_read(&tty->open_count)) |
466 |
++ if (!local_read(&tty->open_count)) |
467 |
return 0; |
468 |
|
469 |
return tty->tx_bytes_queued; |
470 |
-@@ -403,7 +401,7 @@ static int ipw_tiocmget(struct tty_struc |
471 |
+@@ -403,7 +402,7 @@ static int ipw_tiocmget(struct tty_struc |
472 |
if (!tty) |
473 |
return -ENODEV; |
474 |
|
475 |
- if (!tty->open_count) |
476 |
-+ if (!atomic_read(&tty->open_count)) |
477 |
++ if (!local_read(&tty->open_count)) |
478 |
return -EINVAL; |
479 |
|
480 |
return get_control_lines(tty); |
481 |
-@@ -419,7 +417,7 @@ ipw_tiocmset(struct tty_struct *linux_tt |
482 |
+@@ -419,7 +418,7 @@ ipw_tiocmset(struct tty_struct *linux_tt |
483 |
if (!tty) |
484 |
return -ENODEV; |
485 |
|
486 |
- if (!tty->open_count) |
487 |
-+ if (!atomic_read(&tty->open_count)) |
488 |
++ if (!local_read(&tty->open_count)) |
489 |
return -EINVAL; |
490 |
|
491 |
return set_control_lines(tty, set, clear); |
492 |
-@@ -433,7 +431,7 @@ static int ipw_ioctl(struct tty_struct * |
493 |
+@@ -433,7 +432,7 @@ static int ipw_ioctl(struct tty_struct * |
494 |
if (!tty) |
495 |
return -ENODEV; |
496 |
|
497 |
- if (!tty->open_count) |
498 |
-+ if (!atomic_read(&tty->open_count)) |
499 |
++ if (!local_read(&tty->open_count)) |
500 |
return -EINVAL; |
501 |
|
502 |
/* FIXME: Exactly how is the tty object locked here .. */ |
503 |
-@@ -591,7 +589,7 @@ void ipwireless_tty_free(struct ipw_tty |
504 |
+@@ -591,7 +590,7 @@ void ipwireless_tty_free(struct ipw_tty |
505 |
against a parallel ioctl etc */ |
506 |
mutex_lock(&ttyj->ipw_tty_mutex); |
507 |
} |
508 |
- while (ttyj->open_count) |
509 |
-+ while (atomic_read(&ttyj->open_count)) |
510 |
++ while (local_read(&ttyj->open_count)) |
511 |
do_ipw_close(ttyj); |
512 |
ipwireless_disassociate_network_ttys(network, |
513 |
ttyj->channel_idx); |
514 |
@@ -24586,34 +24641,42 @@ diff -urNp linux-2.6.32.28/drivers/char/random.c linux-2.6.32.28/drivers/char/ra |
515 |
|
516 |
diff -urNp linux-2.6.32.28/drivers/char/sonypi.c linux-2.6.32.28/drivers/char/sonypi.c |
517 |
--- linux-2.6.32.28/drivers/char/sonypi.c 2010-08-13 16:24:37.000000000 -0400 |
518 |
-+++ linux-2.6.32.28/drivers/char/sonypi.c 2010-12-31 14:46:53.000000000 -0500 |
519 |
-@@ -491,7 +491,7 @@ static struct sonypi_device { |
520 |
++++ linux-2.6.32.28/drivers/char/sonypi.c 2011-01-25 20:24:47.000000000 -0500 |
521 |
+@@ -55,6 +55,7 @@ |
522 |
+ #include <asm/uaccess.h> |
523 |
+ #include <asm/io.h> |
524 |
+ #include <asm/system.h> |
525 |
++#include <asm/local.h> |
526 |
+ |
527 |
+ #include <linux/sonypi.h> |
528 |
+ |
529 |
+@@ -491,7 +492,7 @@ static struct sonypi_device { |
530 |
spinlock_t fifo_lock; |
531 |
wait_queue_head_t fifo_proc_list; |
532 |
struct fasync_struct *fifo_async; |
533 |
- int open_count; |
534 |
-+ atomic_t open_count; |
535 |
++ local_t open_count; |
536 |
int model; |
537 |
struct input_dev *input_jog_dev; |
538 |
struct input_dev *input_key_dev; |
539 |
-@@ -895,7 +895,7 @@ static int sonypi_misc_fasync(int fd, st |
540 |
+@@ -895,7 +896,7 @@ static int sonypi_misc_fasync(int fd, st |
541 |
static int sonypi_misc_release(struct inode *inode, struct file *file) |
542 |
{ |
543 |
mutex_lock(&sonypi_device.lock); |
544 |
- sonypi_device.open_count--; |
545 |
-+ atomic_dec(&sonypi_device.open_count); |
546 |
++ local_dec(&sonypi_device.open_count); |
547 |
mutex_unlock(&sonypi_device.lock); |
548 |
return 0; |
549 |
} |
550 |
-@@ -905,9 +905,9 @@ static int sonypi_misc_open(struct inode |
551 |
+@@ -905,9 +906,9 @@ static int sonypi_misc_open(struct inode |
552 |
lock_kernel(); |
553 |
mutex_lock(&sonypi_device.lock); |
554 |
/* Flush input queue on first open */ |
555 |
- if (!sonypi_device.open_count) |
556 |
-+ if (!atomic_read(&sonypi_device.open_count)) |
557 |
++ if (!local_read(&sonypi_device.open_count)) |
558 |
kfifo_reset(sonypi_device.fifo); |
559 |
- sonypi_device.open_count++; |
560 |
-+ atomic_inc(&sonypi_device.open_count); |
561 |
++ local_inc(&sonypi_device.open_count); |
562 |
mutex_unlock(&sonypi_device.lock); |
563 |
unlock_kernel(); |
564 |
return 0; |
565 |
@@ -25166,7 +25229,7 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_drv.c linux-2.6.32.28/drivers/gpu |
566 |
DRM_DEBUG("pid=%d, cmd=0x%02x, nr=0x%02x, dev 0x%lx, auth=%d\n", |
567 |
diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_fops.c linux-2.6.32.28/drivers/gpu/drm/drm_fops.c |
568 |
--- linux-2.6.32.28/drivers/gpu/drm/drm_fops.c 2010-08-13 16:24:37.000000000 -0400 |
569 |
-+++ linux-2.6.32.28/drivers/gpu/drm/drm_fops.c 2010-12-31 14:46:53.000000000 -0500 |
570 |
++++ linux-2.6.32.28/drivers/gpu/drm/drm_fops.c 2011-01-24 18:05:30.000000000 -0500 |
571 |
@@ -66,7 +66,7 @@ static int drm_setup(struct drm_device * |
572 |
} |
573 |
|
574 |
@@ -25184,7 +25247,7 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_fops.c linux-2.6.32.28/drivers/gp |
575 |
+ atomic_inc_unchecked(&dev->counts[_DRM_STAT_OPENS]); |
576 |
spin_lock(&dev->count_lock); |
577 |
- if (!dev->open_count++) { |
578 |
-+ if (atomic_inc_return(&dev->open_count) == 1) { |
579 |
++ if (local_inc_return(&dev->open_count) == 1) { |
580 |
spin_unlock(&dev->count_lock); |
581 |
retcode = drm_setup(dev); |
582 |
goto out; |
583 |
@@ -25193,7 +25256,7 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_fops.c linux-2.6.32.28/drivers/gp |
584 |
lock_kernel(); |
585 |
|
586 |
- DRM_DEBUG("open_count = %d\n", dev->open_count); |
587 |
-+ DRM_DEBUG("open_count = %d\n", atomic_read(&dev->open_count)); |
588 |
++ DRM_DEBUG("open_count = %d\n", local_read(&dev->open_count)); |
589 |
|
590 |
if (dev->driver->preclose) |
591 |
dev->driver->preclose(dev, file_priv); |
592 |
@@ -25202,7 +25265,7 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_fops.c linux-2.6.32.28/drivers/gp |
593 |
task_pid_nr(current), |
594 |
(long)old_encode_dev(file_priv->minor->device), |
595 |
- dev->open_count); |
596 |
-+ atomic_read(&dev->open_count)); |
597 |
++ local_read(&dev->open_count)); |
598 |
|
599 |
/* if the master has gone away we can't do anything with the lock */ |
600 |
if (file_priv->minor->master) |
601 |
@@ -25214,13 +25277,49 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_fops.c linux-2.6.32.28/drivers/gp |
602 |
+ atomic_inc_unchecked(&dev->counts[_DRM_STAT_CLOSES]); |
603 |
spin_lock(&dev->count_lock); |
604 |
- if (!--dev->open_count) { |
605 |
-+ if (atomic_dec_and_test(&dev->open_count)) { |
606 |
++ if (local_dec_and_test(&dev->open_count)) { |
607 |
if (atomic_read(&dev->ioctl_count)) { |
608 |
DRM_ERROR("Device busy: %d\n", |
609 |
atomic_read(&dev->ioctl_count)); |
610 |
+diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_gem.c linux-2.6.32.28/drivers/gpu/drm/drm_gem.c |
611 |
+--- linux-2.6.32.28/drivers/gpu/drm/drm_gem.c 2010-08-13 16:24:37.000000000 -0400 |
612 |
++++ linux-2.6.32.28/drivers/gpu/drm/drm_gem.c 2011-01-24 18:05:37.000000000 -0500 |
613 |
+@@ -83,11 +83,11 @@ drm_gem_init(struct drm_device *dev) |
614 |
+ spin_lock_init(&dev->object_name_lock); |
615 |
+ idr_init(&dev->object_name_idr); |
616 |
+ atomic_set(&dev->object_count, 0); |
617 |
+- atomic_set(&dev->object_memory, 0); |
618 |
++ atomic_set_unchecked(&dev->object_memory, 0); |
619 |
+ atomic_set(&dev->pin_count, 0); |
620 |
+- atomic_set(&dev->pin_memory, 0); |
621 |
++ atomic_set_unchecked(&dev->pin_memory, 0); |
622 |
+ atomic_set(&dev->gtt_count, 0); |
623 |
+- atomic_set(&dev->gtt_memory, 0); |
624 |
++ atomic_set_unchecked(&dev->gtt_memory, 0); |
625 |
+ |
626 |
+ mm = kzalloc(sizeof(struct drm_gem_mm), GFP_KERNEL); |
627 |
+ if (!mm) { |
628 |
+@@ -150,7 +150,7 @@ drm_gem_object_alloc(struct drm_device * |
629 |
+ goto fput; |
630 |
+ } |
631 |
+ atomic_inc(&dev->object_count); |
632 |
+- atomic_add(obj->size, &dev->object_memory); |
633 |
++ atomic_add_unchecked(obj->size, &dev->object_memory); |
634 |
+ return obj; |
635 |
+ fput: |
636 |
+ fput(obj->filp); |
637 |
+@@ -429,7 +429,7 @@ drm_gem_object_free(struct kref *kref) |
638 |
+ |
639 |
+ fput(obj->filp); |
640 |
+ atomic_dec(&dev->object_count); |
641 |
+- atomic_sub(obj->size, &dev->object_memory); |
642 |
++ atomic_sub_unchecked(obj->size, &dev->object_memory); |
643 |
+ kfree(obj); |
644 |
+ } |
645 |
+ EXPORT_SYMBOL(drm_gem_object_free); |
646 |
diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_info.c linux-2.6.32.28/drivers/gpu/drm/drm_info.c |
647 |
--- linux-2.6.32.28/drivers/gpu/drm/drm_info.c 2010-08-13 16:24:37.000000000 -0400 |
648 |
-+++ linux-2.6.32.28/drivers/gpu/drm/drm_info.c 2010-12-31 14:46:53.000000000 -0500 |
649 |
++++ linux-2.6.32.28/drivers/gpu/drm/drm_info.c 2011-01-24 18:05:30.000000000 -0500 |
650 |
@@ -75,10 +75,14 @@ int drm_vm_info(struct seq_file *m, void |
651 |
struct drm_local_map *map; |
652 |
struct drm_map_list *r_list; |
653 |
@@ -25249,6 +25348,20 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_info.c linux-2.6.32.28/drivers/gp |
654 |
type = "??"; |
655 |
else |
656 |
type = types[map->type]; |
657 |
+@@ -265,10 +269,10 @@ int drm_gem_object_info(struct seq_file |
658 |
+ struct drm_device *dev = node->minor->dev; |
659 |
+ |
660 |
+ seq_printf(m, "%d objects\n", atomic_read(&dev->object_count)); |
661 |
+- seq_printf(m, "%d object bytes\n", atomic_read(&dev->object_memory)); |
662 |
++ seq_printf(m, "%d object bytes\n", atomic_read_unchecked(&dev->object_memory)); |
663 |
+ seq_printf(m, "%d pinned\n", atomic_read(&dev->pin_count)); |
664 |
+- seq_printf(m, "%d pin bytes\n", atomic_read(&dev->pin_memory)); |
665 |
+- seq_printf(m, "%d gtt bytes\n", atomic_read(&dev->gtt_memory)); |
666 |
++ seq_printf(m, "%d pin bytes\n", atomic_read_unchecked(&dev->pin_memory)); |
667 |
++ seq_printf(m, "%d gtt bytes\n", atomic_read_unchecked(&dev->gtt_memory)); |
668 |
+ seq_printf(m, "%d gtt total\n", dev->gtt_total); |
669 |
+ return 0; |
670 |
+ } |
671 |
diff -urNp linux-2.6.32.28/drivers/gpu/drm/drm_ioctl.c linux-2.6.32.28/drivers/gpu/drm/drm_ioctl.c |
672 |
--- linux-2.6.32.28/drivers/gpu/drm/drm_ioctl.c 2010-08-13 16:24:37.000000000 -0400 |
673 |
+++ linux-2.6.32.28/drivers/gpu/drm/drm_ioctl.c 2010-12-31 14:46:53.000000000 -0500 |
674 |
@@ -25416,7 +25529,16 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/i915/i915_drv.c linux-2.6.32.28/drive |
675 |
.close = drm_gem_vm_close, |
676 |
diff -urNp linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c |
677 |
--- linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c 2010-09-20 17:26:42.000000000 -0400 |
678 |
-+++ linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c 2010-12-31 14:46:53.000000000 -0500 |
679 |
++++ linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c 2011-01-24 18:05:30.000000000 -0500 |
680 |
+@@ -102,7 +102,7 @@ i915_gem_get_aperture_ioctl(struct drm_d |
681 |
+ |
682 |
+ args->aper_size = dev->gtt_total; |
683 |
+ args->aper_available_size = (args->aper_size - |
684 |
+- atomic_read(&dev->pin_memory)); |
685 |
++ atomic_read_unchecked(&dev->pin_memory)); |
686 |
+ |
687 |
+ return 0; |
688 |
+ } |
689 |
@@ -492,6 +492,11 @@ i915_gem_pread_ioctl(struct drm_device * |
690 |
return -EINVAL; |
691 |
} |
692 |
@@ -25441,6 +25563,55 @@ diff -urNp linux-2.6.32.28/drivers/gpu/drm/i915/i915_gem.c linux-2.6.32.28/drive |
693 |
/* We can only do the GTT pwrite on untiled buffers, as otherwise |
694 |
* it would end up going through the fenced access, and we'll get |
695 |
* different detiling behavior between reading and writing. |
696 |
+@@ -2054,7 +2064,7 @@ i915_gem_object_unbind(struct drm_gem_ob |
697 |
+ |
698 |
+ if (obj_priv->gtt_space) { |
699 |
+ atomic_dec(&dev->gtt_count); |
700 |
+- atomic_sub(obj->size, &dev->gtt_memory); |
701 |
++ atomic_sub_unchecked(obj->size, &dev->gtt_memory); |
702 |
+ |
703 |
+ drm_mm_put_block(obj_priv->gtt_space); |
704 |
+ obj_priv->gtt_space = NULL; |
705 |
+@@ -2697,7 +2707,7 @@ i915_gem_object_bind_to_gtt(struct drm_g |
706 |
+ goto search_free; |
707 |
+ } |
708 |
+ atomic_inc(&dev->gtt_count); |
709 |
+- atomic_add(obj->size, &dev->gtt_memory); |
710 |
++ atomic_add_unchecked(obj->size, &dev->gtt_memory); |
711 |
+ |
712 |
+ /* Assert that the object is not currently in any GPU domain. As it |
713 |
+ * wasn't in the GTT, there shouldn't be any way it could have been in |
714 |
+@@ -3751,9 +3761,9 @@ i915_gem_execbuffer(struct drm_device *d |
715 |
+ "%d/%d gtt bytes\n", |
716 |
+ atomic_read(&dev->object_count), |
717 |
+ atomic_read(&dev->pin_count), |
718 |
+- atomic_read(&dev->object_memory), |
719 |
+- atomic_read(&dev->pin_memory), |
720 |
+- atomic_read(&dev->gtt_memory), |
721 |
++ atomic_read_unchecked(&dev->object_memory), |
722 |
++ atomic_read_unchecked(&dev->pin_memory), |
723 |
++ atomic_read_unchecked(&dev->gtt_memory), |
724 |
+ dev->gtt_total); |
725 |
+ } |
726 |
+ goto err; |
727 |
+@@ -3985,7 +3995,7 @@ i915_gem_object_pin(struct drm_gem_objec |
728 |
+ */ |
729 |
+ if (obj_priv->pin_count == 1) { |
730 |
+ atomic_inc(&dev->pin_count); |
731 |
+- atomic_add(obj->size, &dev->pin_memory); |
732 |
++ atomic_add_unchecked(obj->size, &dev->pin_memory); |
733 |
+ if (!obj_priv->active && |
734 |
+ (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0 && |
735 |
+ !list_empty(&obj_priv->list)) |
736 |
+@@ -4018,7 +4028,7 @@ i915_gem_object_unpin(struct drm_gem_obj |
737 |
+ list_move_tail(&obj_priv->list, |
738 |
+ &dev_priv->mm.inactive_list); |
739 |
+ atomic_dec(&dev->pin_count); |
740 |
+- atomic_sub(obj->size, &dev->pin_memory); |
741 |
++ atomic_sub_unchecked(obj->size, &dev->pin_memory); |
742 |
+ } |
743 |
+ i915_verify_inactive(dev, __FILE__, __LINE__); |
744 |
+ } |
745 |
diff -urNp linux-2.6.32.28/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.32.28/drivers/gpu/drm/radeon/mkregtable.c |
746 |
--- linux-2.6.32.28/drivers/gpu/drm/radeon/mkregtable.c 2010-08-13 16:24:37.000000000 -0400 |
747 |
+++ linux-2.6.32.28/drivers/gpu/drm/radeon/mkregtable.c 2010-12-31 14:46:53.000000000 -0500 |
748 |
@@ -26279,31 +26450,39 @@ diff -urNp linux-2.6.32.28/drivers/input/serio/serio_raw.c linux-2.6.32.28/drive |
749 |
MODULE_DEVICE_TABLE(serio, serio_raw_serio_ids); |
750 |
diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/common.c linux-2.6.32.28/drivers/isdn/gigaset/common.c |
751 |
--- linux-2.6.32.28/drivers/isdn/gigaset/common.c 2010-08-13 16:24:37.000000000 -0400 |
752 |
-+++ linux-2.6.32.28/drivers/isdn/gigaset/common.c 2010-12-31 14:46:53.000000000 -0500 |
753 |
++++ linux-2.6.32.28/drivers/isdn/gigaset/common.c 2011-01-24 18:05:30.000000000 -0500 |
754 |
@@ -712,7 +712,7 @@ struct cardstate *gigaset_initcs(struct |
755 |
cs->commands_pending = 0; |
756 |
cs->cur_at_seq = 0; |
757 |
cs->gotfwver = -1; |
758 |
- cs->open_count = 0; |
759 |
-+ atomic_set(&cs->open_count, 0); |
760 |
++ local_set(&cs->open_count, 0); |
761 |
cs->dev = NULL; |
762 |
cs->tty = NULL; |
763 |
cs->tty_dev = NULL; |
764 |
diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/gigaset.h linux-2.6.32.28/drivers/isdn/gigaset/gigaset.h |
765 |
--- linux-2.6.32.28/drivers/isdn/gigaset/gigaset.h 2010-08-13 16:24:37.000000000 -0400 |
766 |
-+++ linux-2.6.32.28/drivers/isdn/gigaset/gigaset.h 2010-12-31 14:46:53.000000000 -0500 |
767 |
-@@ -446,7 +446,7 @@ struct cardstate { |
768 |
++++ linux-2.6.32.28/drivers/isdn/gigaset/gigaset.h 2011-01-25 20:24:47.000000000 -0500 |
769 |
+@@ -34,6 +34,7 @@ |
770 |
+ #include <linux/tty_driver.h> |
771 |
+ #include <linux/list.h> |
772 |
+ #include <asm/atomic.h> |
773 |
++#include <asm/local.h> |
774 |
+ |
775 |
+ #define GIG_VERSION {0,5,0,0} |
776 |
+ #define GIG_COMPAT {0,4,0,0} |
777 |
+@@ -446,7 +447,7 @@ struct cardstate { |
778 |
spinlock_t cmdlock; |
779 |
unsigned curlen, cmdbytes; |
780 |
|
781 |
- unsigned open_count; |
782 |
-+ atomic_t open_count; |
783 |
++ local_t open_count; |
784 |
struct tty_struct *tty; |
785 |
struct tasklet_struct if_wake_tasklet; |
786 |
unsigned control_state; |
787 |
diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/drivers/isdn/gigaset/interface.c |
788 |
--- linux-2.6.32.28/drivers/isdn/gigaset/interface.c 2010-08-13 16:24:37.000000000 -0400 |
789 |
-+++ linux-2.6.32.28/drivers/isdn/gigaset/interface.c 2010-12-31 14:46:53.000000000 -0500 |
790 |
++++ linux-2.6.32.28/drivers/isdn/gigaset/interface.c 2011-01-24 18:05:30.000000000 -0500 |
791 |
@@ -165,9 +165,7 @@ static int if_open(struct tty_struct *tt |
792 |
return -ERESTARTSYS; // FIXME -EINTR? |
793 |
tty->driver_data = cs; |
794 |
@@ -26311,7 +26490,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
795 |
- ++cs->open_count; |
796 |
- |
797 |
- if (cs->open_count == 1) { |
798 |
-+ if (atomic_inc_return(&cs->open_count) == 1) { |
799 |
++ if (local_inc_return(&cs->open_count) == 1) { |
800 |
spin_lock_irqsave(&cs->lock, flags); |
801 |
cs->tty = tty; |
802 |
spin_unlock_irqrestore(&cs->lock, flags); |
803 |
@@ -26320,11 +26499,11 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
804 |
if (!cs->connected) |
805 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
806 |
- else if (!cs->open_count) |
807 |
-+ else if (!atomic_read(&cs->open_count)) |
808 |
++ else if (!local_read(&cs->open_count)) |
809 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
810 |
else { |
811 |
- if (!--cs->open_count) { |
812 |
-+ if (!atomic_dec_return(&cs->open_count)) { |
813 |
++ if (!local_dec_return(&cs->open_count)) { |
814 |
spin_lock_irqsave(&cs->lock, flags); |
815 |
cs->tty = NULL; |
816 |
spin_unlock_irqrestore(&cs->lock, flags); |
817 |
@@ -26333,7 +26512,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
818 |
gig_dbg(DEBUG_IF, "not connected"); |
819 |
retval = -ENODEV; |
820 |
- } else if (!cs->open_count) |
821 |
-+ } else if (!atomic_read(&cs->open_count)) |
822 |
++ } else if (!local_read(&cs->open_count)) |
823 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
824 |
else { |
825 |
retval = 0; |
826 |
@@ -26342,7 +26521,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
827 |
gig_dbg(DEBUG_IF, "not connected"); |
828 |
retval = -ENODEV; |
829 |
- } else if (!cs->open_count) |
830 |
-+ } else if (!atomic_read(&cs->open_count)) |
831 |
++ } else if (!local_read(&cs->open_count)) |
832 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
833 |
else if (cs->mstate != MS_LOCKED) { |
834 |
dev_warn(cs->dev, "can't write to unlocked device\n"); |
835 |
@@ -26351,7 +26530,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
836 |
gig_dbg(DEBUG_IF, "not connected"); |
837 |
retval = -ENODEV; |
838 |
- } else if (!cs->open_count) |
839 |
-+ } else if (!atomic_read(&cs->open_count)) |
840 |
++ } else if (!local_read(&cs->open_count)) |
841 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
842 |
else if (cs->mstate != MS_LOCKED) { |
843 |
dev_warn(cs->dev, "can't write to unlocked device\n"); |
844 |
@@ -26360,7 +26539,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
845 |
if (!cs->connected) |
846 |
gig_dbg(DEBUG_IF, "not connected"); |
847 |
- else if (!cs->open_count) |
848 |
-+ else if (!atomic_read(&cs->open_count)) |
849 |
++ else if (!local_read(&cs->open_count)) |
850 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
851 |
else if (cs->mstate != MS_LOCKED) |
852 |
dev_warn(cs->dev, "can't write to unlocked device\n"); |
853 |
@@ -26369,7 +26548,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
854 |
if (!cs->connected) |
855 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
856 |
- else if (!cs->open_count) |
857 |
-+ else if (!atomic_read(&cs->open_count)) |
858 |
++ else if (!local_read(&cs->open_count)) |
859 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
860 |
else { |
861 |
//FIXME |
862 |
@@ -26378,7 +26557,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
863 |
if (!cs->connected) |
864 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
865 |
- else if (!cs->open_count) |
866 |
-+ else if (!atomic_read(&cs->open_count)) |
867 |
++ else if (!local_read(&cs->open_count)) |
868 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
869 |
else { |
870 |
//FIXME |
871 |
@@ -26387,7 +26566,7 @@ diff -urNp linux-2.6.32.28/drivers/isdn/gigaset/interface.c linux-2.6.32.28/driv |
872 |
} |
873 |
|
874 |
- if (!cs->open_count) { |
875 |
-+ if (!atomic_read(&cs->open_count)) { |
876 |
++ if (!local_read(&cs->open_count)) { |
877 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
878 |
goto out; |
879 |
} |
880 |
@@ -26756,6 +26935,18 @@ diff -urNp linux-2.6.32.28/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.32.28/d |
881 |
struct file_operations *dvbdevfops; |
882 |
struct device *clsdev; |
883 |
int minor; |
884 |
+diff -urNp linux-2.6.32.28/drivers/media/dvb/ttpci/av7110_ca.c linux-2.6.32.28/drivers/media/dvb/ttpci/av7110_ca.c |
885 |
+--- linux-2.6.32.28/drivers/media/dvb/ttpci/av7110_ca.c 2010-08-13 16:24:37.000000000 -0400 |
886 |
++++ linux-2.6.32.28/drivers/media/dvb/ttpci/av7110_ca.c 2011-01-24 18:12:30.000000000 -0500 |
887 |
+@@ -277,7 +277,7 @@ static int dvb_ca_ioctl(struct inode *in |
888 |
+ { |
889 |
+ ca_slot_info_t *info=(ca_slot_info_t *)parg; |
890 |
+ |
891 |
+- if (info->num > 1) |
892 |
++ if (info->num < 0 || info->num > 1) |
893 |
+ return -EINVAL; |
894 |
+ av7110->ci_slot[info->num].num = info->num; |
895 |
+ av7110->ci_slot[info->num].type = FW_CI_LL_SUPPORT(av7110->arm_app) ? |
896 |
diff -urNp linux-2.6.32.28/drivers/media/radio/radio-cadet.c linux-2.6.32.28/drivers/media/radio/radio-cadet.c |
897 |
--- linux-2.6.32.28/drivers/media/radio/radio-cadet.c 2010-08-13 16:24:37.000000000 -0400 |
898 |
+++ linux-2.6.32.28/drivers/media/radio/radio-cadet.c 2010-12-31 14:46:53.000000000 -0500 |
899 |
@@ -27692,13 +27883,22 @@ diff -urNp linux-2.6.32.28/drivers/net/tulip/de4x5.c linux-2.6.32.28/drivers/net |
900 |
#define DE4X5_DUMP 0x0f /* Dump the DE4X5 Status */ |
901 |
diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb/hso.c |
902 |
--- linux-2.6.32.28/drivers/net/usb/hso.c 2010-09-26 17:26:05.000000000 -0400 |
903 |
-+++ linux-2.6.32.28/drivers/net/usb/hso.c 2010-12-31 14:46:53.000000000 -0500 |
904 |
++++ linux-2.6.32.28/drivers/net/usb/hso.c 2011-01-24 18:05:30.000000000 -0500 |
905 |
+@@ -71,7 +71,7 @@ |
906 |
+ #include <asm/byteorder.h> |
907 |
+ #include <linux/serial_core.h> |
908 |
+ #include <linux/serial.h> |
909 |
+- |
910 |
++#include <asm/local.h> |
911 |
+ |
912 |
+ #define DRIVER_VERSION "1.2" |
913 |
+ #define MOD_AUTHOR "Option Wireless" |
914 |
@@ -258,7 +258,7 @@ struct hso_serial { |
915 |
|
916 |
/* from usb_serial_port */ |
917 |
struct tty_struct *tty; |
918 |
- int open_count; |
919 |
-+ atomic_t open_count; |
920 |
++ local_t open_count; |
921 |
spinlock_t serial_lock; |
922 |
|
923 |
int (*write_data) (struct hso_serial *serial); |
924 |
@@ -27707,7 +27907,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
925 |
|
926 |
urb = serial->rx_urb[0]; |
927 |
- if (serial->open_count > 0) { |
928 |
-+ if (atomic_read(&serial->open_count) > 0) { |
929 |
++ if (local_read(&serial->open_count) > 0) { |
930 |
count = put_rxbuf_data(urb, serial); |
931 |
if (count == -1) |
932 |
return; |
933 |
@@ -27716,7 +27916,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
934 |
|
935 |
/* Anyone listening? */ |
936 |
- if (serial->open_count == 0) |
937 |
-+ if (atomic_read(&serial->open_count) == 0) |
938 |
++ if (local_read(&serial->open_count) == 0) |
939 |
return; |
940 |
|
941 |
if (status == 0) { |
942 |
@@ -27726,7 +27926,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
943 |
/* check for port already opened, if not set the termios */ |
944 |
- serial->open_count++; |
945 |
- if (serial->open_count == 1) { |
946 |
-+ if (atomic_inc_return(&serial->open_count) == 1) { |
947 |
++ if (local_inc_return(&serial->open_count) == 1) { |
948 |
tty->low_latency = 1; |
949 |
serial->rx_state = RX_IDLE; |
950 |
/* Force default termio settings */ |
951 |
@@ -27735,7 +27935,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
952 |
if (result) { |
953 |
hso_stop_serial_device(serial->parent); |
954 |
- serial->open_count--; |
955 |
-+ atomic_dec(&serial->open_count); |
956 |
++ local_dec(&serial->open_count); |
957 |
kref_put(&serial->parent->ref, hso_serial_ref_free); |
958 |
} |
959 |
} else { |
960 |
@@ -27744,12 +27944,12 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
961 |
/* reset the rts and dtr */ |
962 |
/* do the actual close */ |
963 |
- serial->open_count--; |
964 |
-+ atomic_dec(&serial->open_count); |
965 |
++ local_dec(&serial->open_count); |
966 |
|
967 |
- if (serial->open_count <= 0) { |
968 |
- serial->open_count = 0; |
969 |
-+ if (atomic_read(&serial->open_count) <= 0) { |
970 |
-+ atomic_set(&serial->open_count, 0); |
971 |
++ if (local_read(&serial->open_count) <= 0) { |
972 |
++ local_set(&serial->open_count, 0); |
973 |
spin_lock_irq(&serial->serial_lock); |
974 |
if (serial->tty == tty) { |
975 |
serial->tty->driver_data = NULL; |
976 |
@@ -27758,7 +27958,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
977 |
/* the actual setup */ |
978 |
spin_lock_irqsave(&serial->serial_lock, flags); |
979 |
- if (serial->open_count) |
980 |
-+ if (atomic_read(&serial->open_count)) |
981 |
++ if (local_read(&serial->open_count)) |
982 |
_hso_serial_set_termios(tty, old); |
983 |
else |
984 |
tty->termios = old; |
985 |
@@ -27781,7 +27981,7 @@ diff -urNp linux-2.6.32.28/drivers/net/usb/hso.c linux-2.6.32.28/drivers/net/usb |
986 |
for (i = 0; i < HSO_SERIAL_TTY_MINORS; i++) { |
987 |
if (serial_table[i] && (serial_table[i]->interface == iface)) { |
988 |
- if (dev2ser(serial_table[i])->open_count) { |
989 |
-+ if (atomic_read(&dev2ser(serial_table[i])->open_count)) { |
990 |
++ if (local_read(&dev2ser(serial_table[i])->open_count)) { |
991 |
result = |
992 |
hso_start_serial_device(serial_table[i], GFP_NOIO); |
993 |
hso_kick_transmit(dev2ser(serial_table[i])); |
994 |
@@ -29306,8 +29506,25 @@ diff -urNp linux-2.6.32.28/drivers/staging/vme/devices/vme_user.c linux-2.6.32.2 |
995 |
.read = vme_user_read, |
996 |
diff -urNp linux-2.6.32.28/drivers/uio/uio.c linux-2.6.32.28/drivers/uio/uio.c |
997 |
--- linux-2.6.32.28/drivers/uio/uio.c 2010-08-13 16:24:37.000000000 -0400 |
998 |
-+++ linux-2.6.32.28/drivers/uio/uio.c 2010-12-31 14:46:53.000000000 -0500 |
999 |
-@@ -129,7 +129,7 @@ static ssize_t map_type_show(struct kobj |
1000 |
++++ linux-2.6.32.28/drivers/uio/uio.c 2011-01-24 18:05:34.000000000 -0500 |
1001 |
+@@ -23,6 +23,7 @@ |
1002 |
+ #include <linux/string.h> |
1003 |
+ #include <linux/kobject.h> |
1004 |
+ #include <linux/uio_driver.h> |
1005 |
++#include <asm/local.h> |
1006 |
+ |
1007 |
+ #define UIO_MAX_DEVICES 255 |
1008 |
+ |
1009 |
+@@ -33,7 +34,7 @@ struct uio_device { |
1010 |
+ atomic_t event; |
1011 |
+ struct fasync_struct *async_queue; |
1012 |
+ wait_queue_head_t wait; |
1013 |
+- int vma_count; |
1014 |
++ local_t vma_count; |
1015 |
+ struct uio_info *info; |
1016 |
+ struct kobject *map_dir; |
1017 |
+ struct kobject *portio_dir; |
1018 |
+@@ -129,7 +130,7 @@ static ssize_t map_type_show(struct kobj |
1019 |
return entry->show(mem, buf); |
1020 |
} |
1021 |
|
1022 |
@@ -29316,7 +29533,7 @@ diff -urNp linux-2.6.32.28/drivers/uio/uio.c linux-2.6.32.28/drivers/uio/uio.c |
1023 |
.show = map_type_show, |
1024 |
}; |
1025 |
|
1026 |
-@@ -217,7 +217,7 @@ static ssize_t portio_type_show(struct k |
1027 |
+@@ -217,7 +218,7 @@ static ssize_t portio_type_show(struct k |
1028 |
return entry->show(port, buf); |
1029 |
} |
1030 |
|
1031 |
@@ -29325,6 +29542,22 @@ diff -urNp linux-2.6.32.28/drivers/uio/uio.c linux-2.6.32.28/drivers/uio/uio.c |
1032 |
.show = portio_type_show, |
1033 |
}; |
1034 |
|
1035 |
+@@ -624,13 +625,13 @@ static int uio_find_mem_index(struct vm_ |
1036 |
+ static void uio_vma_open(struct vm_area_struct *vma) |
1037 |
+ { |
1038 |
+ struct uio_device *idev = vma->vm_private_data; |
1039 |
+- idev->vma_count++; |
1040 |
++ local_inc(&idev->vma_count); |
1041 |
+ } |
1042 |
+ |
1043 |
+ static void uio_vma_close(struct vm_area_struct *vma) |
1044 |
+ { |
1045 |
+ struct uio_device *idev = vma->vm_private_data; |
1046 |
+- idev->vma_count--; |
1047 |
++ local_dec(&idev->vma_count); |
1048 |
+ } |
1049 |
+ |
1050 |
+ static int uio_vma_fault(struct vm_area_struct *vma, struct vm_fault *vmf) |
1051 |
diff -urNp linux-2.6.32.28/drivers/usb/atm/usbatm.c linux-2.6.32.28/drivers/usb/atm/usbatm.c |
1052 |
--- linux-2.6.32.28/drivers/usb/atm/usbatm.c 2010-08-13 16:24:37.000000000 -0400 |
1053 |
+++ linux-2.6.32.28/drivers/usb/atm/usbatm.c 2010-12-31 14:46:53.000000000 -0500 |
1054 |
@@ -29565,6 +29798,18 @@ diff -urNp linux-2.6.32.28/drivers/usb/misc/appledisplay.c linux-2.6.32.28/drive |
1055 |
.get_brightness = appledisplay_bl_get_brightness, |
1056 |
.update_status = appledisplay_bl_update_status, |
1057 |
}; |
1058 |
+diff -urNp linux-2.6.32.28/drivers/usb/misc/iowarrior.c linux-2.6.32.28/drivers/usb/misc/iowarrior.c |
1059 |
+--- linux-2.6.32.28/drivers/usb/misc/iowarrior.c 2010-12-09 18:13:03.000000000 -0500 |
1060 |
++++ linux-2.6.32.28/drivers/usb/misc/iowarrior.c 2011-01-25 17:27:31.000000000 -0500 |
1061 |
+@@ -373,7 +373,7 @@ static ssize_t iowarrior_write(struct fi |
1062 |
+ case USB_DEVICE_ID_CODEMERCS_IOWPV2: |
1063 |
+ case USB_DEVICE_ID_CODEMERCS_IOW40: |
1064 |
+ /* IOW24 and IOW40 use a synchronous call */ |
1065 |
+- buf = kmalloc(8, GFP_KERNEL); /* 8 bytes are enough for both products */ |
1066 |
++ buf = kmalloc(count, GFP_KERNEL); |
1067 |
+ if (!buf) { |
1068 |
+ retval = -ENOMEM; |
1069 |
+ goto exit; |
1070 |
diff -urNp linux-2.6.32.28/drivers/usb/mon/mon_main.c linux-2.6.32.28/drivers/usb/mon/mon_main.c |
1071 |
--- linux-2.6.32.28/drivers/usb/mon/mon_main.c 2010-08-13 16:24:37.000000000 -0400 |
1072 |
+++ linux-2.6.32.28/drivers/usb/mon/mon_main.c 2010-12-31 14:46:53.000000000 -0500 |
1073 |
@@ -32011,7 +32256,7 @@ diff -urNp linux-2.6.32.28/fs/ecryptfs/inode.c linux-2.6.32.28/fs/ecryptfs/inode |
1074 |
goto out_free; |
1075 |
diff -urNp linux-2.6.32.28/fs/exec.c linux-2.6.32.28/fs/exec.c |
1076 |
--- linux-2.6.32.28/fs/exec.c 2011-01-11 23:55:35.000000000 -0500 |
1077 |
-+++ linux-2.6.32.28/fs/exec.c 2011-01-11 23:56:03.000000000 -0500 |
1078 |
++++ linux-2.6.32.28/fs/exec.c 2011-02-12 11:21:23.000000000 -0500 |
1079 |
@@ -56,12 +56,24 @@ |
1080 |
#include <linux/fsnotify.h> |
1081 |
#include <linux/fs_struct.h> |
1082 |
@@ -32596,7 +32841,7 @@ diff -urNp linux-2.6.32.28/fs/exec.c linux-2.6.32.28/fs/exec.c |
1083 |
*/ |
1084 |
clear_thread_flag(TIF_SIGPENDING); |
1085 |
|
1086 |
-+ if (signr == SIGKILL || signr == SIGILL) |
1087 |
++ if (signr == SIGSEGV || signr == SIGBUS || signr == SIGKILL || signr == SIGILL) |
1088 |
+ gr_handle_brute_attach(current); |
1089 |
+ gr_learn_resource(current, RLIMIT_CORE, binfmt->min_coredump, 1); |
1090 |
+ |
1091 |
@@ -46729,8 +46974,16 @@ diff -urNp linux-2.6.32.28/include/drm/drm_pciids.h linux-2.6.32.28/include/drm/ |
1092 |
+ {0, 0, 0, 0, 0, 0} |
1093 |
diff -urNp linux-2.6.32.28/include/drm/drmP.h linux-2.6.32.28/include/drm/drmP.h |
1094 |
--- linux-2.6.32.28/include/drm/drmP.h 2010-08-13 16:24:37.000000000 -0400 |
1095 |
-+++ linux-2.6.32.28/include/drm/drmP.h 2010-12-31 14:46:53.000000000 -0500 |
1096 |
-@@ -814,7 +814,7 @@ struct drm_driver { |
1097 |
++++ linux-2.6.32.28/include/drm/drmP.h 2011-01-24 18:05:37.000000000 -0500 |
1098 |
+@@ -71,6 +71,7 @@ |
1099 |
+ #include <linux/workqueue.h> |
1100 |
+ #include <linux/poll.h> |
1101 |
+ #include <asm/pgalloc.h> |
1102 |
++#include <asm/local.h> |
1103 |
+ #include "drm.h" |
1104 |
+ |
1105 |
+ #include <linux/idr.h> |
1106 |
+@@ -814,7 +815,7 @@ struct drm_driver { |
1107 |
void (*vgaarb_irq)(struct drm_device *dev, bool state); |
1108 |
|
1109 |
/* Driver private ops for this object */ |
1110 |
@@ -46739,16 +46992,16 @@ diff -urNp linux-2.6.32.28/include/drm/drmP.h linux-2.6.32.28/include/drm/drmP.h |
1111 |
|
1112 |
int major; |
1113 |
int minor; |
1114 |
-@@ -917,7 +917,7 @@ struct drm_device { |
1115 |
+@@ -917,7 +918,7 @@ struct drm_device { |
1116 |
|
1117 |
/** \name Usage Counters */ |
1118 |
/*@{ */ |
1119 |
- int open_count; /**< Outstanding files open */ |
1120 |
-+ atomic_t open_count; /**< Outstanding files open */ |
1121 |
++ local_t open_count; /**< Outstanding files open */ |
1122 |
atomic_t ioctl_count; /**< Outstanding IOCTLs pending */ |
1123 |
atomic_t vma_count; /**< Outstanding vma areas open */ |
1124 |
int buf_use; /**< Buffers in use -- cannot alloc */ |
1125 |
-@@ -928,7 +928,7 @@ struct drm_device { |
1126 |
+@@ -928,7 +929,7 @@ struct drm_device { |
1127 |
/*@{ */ |
1128 |
unsigned long counters; |
1129 |
enum drm_stat_type types[15]; |
1130 |
@@ -46757,6 +47010,21 @@ diff -urNp linux-2.6.32.28/include/drm/drmP.h linux-2.6.32.28/include/drm/drmP.h |
1131 |
/*@} */ |
1132 |
|
1133 |
struct list_head filelist; |
1134 |
+@@ -1042,11 +1043,11 @@ struct drm_device { |
1135 |
+ spinlock_t object_name_lock; |
1136 |
+ struct idr object_name_idr; |
1137 |
+ atomic_t object_count; |
1138 |
+- atomic_t object_memory; |
1139 |
++ atomic_unchecked_t object_memory; |
1140 |
+ atomic_t pin_count; |
1141 |
+- atomic_t pin_memory; |
1142 |
++ atomic_unchecked_t pin_memory; |
1143 |
+ atomic_t gtt_count; |
1144 |
+- atomic_t gtt_memory; |
1145 |
++ atomic_unchecked_t gtt_memory; |
1146 |
+ uint32_t gtt_total; |
1147 |
+ uint32_t invalidate_domains; /* domains pending invalidation */ |
1148 |
+ uint32_t flush_domains; /* domains pending flush */ |
1149 |
diff -urNp linux-2.6.32.28/include/linux/a.out.h linux-2.6.32.28/include/linux/a.out.h |
1150 |
--- linux-2.6.32.28/include/linux/a.out.h 2010-08-13 16:24:37.000000000 -0400 |
1151 |
+++ linux-2.6.32.28/include/linux/a.out.h 2010-12-31 14:46:53.000000000 -0500 |
1152 |
@@ -48479,6 +48747,23 @@ diff -urNp linux-2.6.32.28/include/linux/interrupt.h linux-2.6.32.28/include/lin |
1153 |
extern void softirq_init(void); |
1154 |
#define __raise_softirq_irqoff(nr) do { or_softirq_pending(1UL << (nr)); } while (0) |
1155 |
extern void raise_softirq_irqoff(unsigned int nr); |
1156 |
+diff -urNp linux-2.6.32.28/include/linux/irq.h linux-2.6.32.28/include/linux/irq.h |
1157 |
+--- linux-2.6.32.28/include/linux/irq.h 2010-08-13 16:24:37.000000000 -0400 |
1158 |
++++ linux-2.6.32.28/include/linux/irq.h 2011-01-24 18:05:37.000000000 -0500 |
1159 |
+@@ -438,12 +438,12 @@ extern int set_irq_msi(unsigned int irq, |
1160 |
+ static inline bool alloc_desc_masks(struct irq_desc *desc, int node, |
1161 |
+ bool boot) |
1162 |
+ { |
1163 |
++#ifdef CONFIG_CPUMASK_OFFSTACK |
1164 |
+ gfp_t gfp = GFP_ATOMIC; |
1165 |
+ |
1166 |
+ if (boot) |
1167 |
+ gfp = GFP_NOWAIT; |
1168 |
+ |
1169 |
+-#ifdef CONFIG_CPUMASK_OFFSTACK |
1170 |
+ if (!alloc_cpumask_var_node(&desc->affinity, gfp, node)) |
1171 |
+ return false; |
1172 |
+ |
1173 |
diff -urNp linux-2.6.32.28/include/linux/jbd2.h linux-2.6.32.28/include/linux/jbd2.h |
1174 |
--- linux-2.6.32.28/include/linux/jbd2.h 2010-08-13 16:24:37.000000000 -0400 |
1175 |
+++ linux-2.6.32.28/include/linux/jbd2.h 2010-12-31 14:46:53.000000000 -0500 |
1176 |
@@ -50119,15 +50404,23 @@ diff -urNp linux-2.6.32.28/include/net/inetpeer.h linux-2.6.32.28/include/net/in |
1177 |
}; |
1178 |
diff -urNp linux-2.6.32.28/include/net/irda/ircomm_tty.h linux-2.6.32.28/include/net/irda/ircomm_tty.h |
1179 |
--- linux-2.6.32.28/include/net/irda/ircomm_tty.h 2010-08-13 16:24:37.000000000 -0400 |
1180 |
-+++ linux-2.6.32.28/include/net/irda/ircomm_tty.h 2010-12-31 14:46:53.000000000 -0500 |
1181 |
-@@ -105,8 +105,8 @@ struct ircomm_tty_cb { |
1182 |
++++ linux-2.6.32.28/include/net/irda/ircomm_tty.h 2011-01-25 20:24:47.000000000 -0500 |
1183 |
+@@ -35,6 +35,7 @@ |
1184 |
+ #include <linux/termios.h> |
1185 |
+ #include <linux/timer.h> |
1186 |
+ #include <linux/tty.h> /* struct tty_struct */ |
1187 |
++#include <asm/local.h> |
1188 |
+ |
1189 |
+ #include <net/irda/irias_object.h> |
1190 |
+ #include <net/irda/ircomm_core.h> |
1191 |
+@@ -105,8 +106,8 @@ struct ircomm_tty_cb { |
1192 |
unsigned short close_delay; |
1193 |
unsigned short closing_wait; /* time to wait before closing */ |
1194 |
|
1195 |
- int open_count; |
1196 |
- int blocked_open; /* # of blocked opens */ |
1197 |
-+ atomic_t open_count; |
1198 |
-+ atomic_t blocked_open; /* # of blocked opens */ |
1199 |
++ local_t open_count; |
1200 |
++ local_t blocked_open; /* # of blocked opens */ |
1201 |
|
1202 |
/* Protect concurent access to : |
1203 |
* o self->open_count |
1204 |
@@ -50943,7 +51236,24 @@ diff -urNp linux-2.6.32.28/kernel/cpu.c linux-2.6.32.28/kernel/cpu.c |
1205 |
* Should always be manipulated under cpu_add_remove_lock |
1206 |
diff -urNp linux-2.6.32.28/kernel/cred.c linux-2.6.32.28/kernel/cred.c |
1207 |
--- linux-2.6.32.28/kernel/cred.c 2010-08-13 16:24:37.000000000 -0400 |
1208 |
-+++ linux-2.6.32.28/kernel/cred.c 2010-12-31 14:46:53.000000000 -0500 |
1209 |
++++ linux-2.6.32.28/kernel/cred.c 2011-02-12 10:44:11.000000000 -0500 |
1210 |
+@@ -231,13 +231,13 @@ struct cred *cred_alloc_blank(void) |
1211 |
+ #endif |
1212 |
+ |
1213 |
+ atomic_set(&new->usage, 1); |
1214 |
++#ifdef CONFIG_DEBUG_CREDENTIALS |
1215 |
++ new->magic = CRED_MAGIC; |
1216 |
++#endif |
1217 |
+ |
1218 |
+ if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) |
1219 |
+ goto error; |
1220 |
+ |
1221 |
+-#ifdef CONFIG_DEBUG_CREDENTIALS |
1222 |
+- new->magic = CRED_MAGIC; |
1223 |
+-#endif |
1224 |
+ return new; |
1225 |
+ |
1226 |
+ error: |
1227 |
@@ -520,6 +520,8 @@ int commit_creds(struct cred *new) |
1228 |
|
1229 |
get_cred(new); /* we will require a ref for the subj creds too */ |
1230 |
@@ -50953,6 +51263,37 @@ diff -urNp linux-2.6.32.28/kernel/cred.c linux-2.6.32.28/kernel/cred.c |
1231 |
/* dumpability changes */ |
1232 |
if (old->euid != new->euid || |
1233 |
old->egid != new->egid || |
1234 |
+@@ -696,6 +698,8 @@ struct cred *prepare_kernel_cred(struct |
1235 |
+ validate_creds(old); |
1236 |
+ |
1237 |
+ *new = *old; |
1238 |
++ atomic_set(&new->usage, 1); |
1239 |
++ set_cred_subscribers(new, 0); |
1240 |
+ get_uid(new->user); |
1241 |
+ get_group_info(new->group_info); |
1242 |
+ |
1243 |
+@@ -713,8 +717,6 @@ struct cred *prepare_kernel_cred(struct |
1244 |
+ if (security_prepare_creds(new, old, GFP_KERNEL) < 0) |
1245 |
+ goto error; |
1246 |
+ |
1247 |
+- atomic_set(&new->usage, 1); |
1248 |
+- set_cred_subscribers(new, 0); |
1249 |
+ put_cred(old); |
1250 |
+ validate_creds(new); |
1251 |
+ return new; |
1252 |
+@@ -787,7 +789,11 @@ bool creds_are_invalid(const struct cred |
1253 |
+ if (cred->magic != CRED_MAGIC) |
1254 |
+ return true; |
1255 |
+ #ifdef CONFIG_SECURITY_SELINUX |
1256 |
+- if (selinux_is_enabled()) { |
1257 |
++ /* |
1258 |
++ * cred->security == NULL if security_cred_alloc_blank() or |
1259 |
++ * security_prepare_creds() returned an error. |
1260 |
++ */ |
1261 |
++ if (selinux_is_enabled() && cred->security) { |
1262 |
+ if ((unsigned long) cred->security < PAGE_SIZE) |
1263 |
+ return true; |
1264 |
+ if ((*(u32 *)cred->security & 0xffffff00) == |
1265 |
diff -urNp linux-2.6.32.28/kernel/exit.c linux-2.6.32.28/kernel/exit.c |
1266 |
--- linux-2.6.32.28/kernel/exit.c 2011-01-11 23:55:35.000000000 -0500 |
1267 |
+++ linux-2.6.32.28/kernel/exit.c 2010-12-31 14:46:53.000000000 -0500 |
1268 |
@@ -51525,8 +51866,8 @@ diff -urNp linux-2.6.32.28/kernel/kgdb.c linux-2.6.32.28/kernel/kgdb.c |
1269 |
|
1270 |
diff -urNp linux-2.6.32.28/kernel/kmod.c linux-2.6.32.28/kernel/kmod.c |
1271 |
--- linux-2.6.32.28/kernel/kmod.c 2010-08-13 16:24:37.000000000 -0400 |
1272 |
-+++ linux-2.6.32.28/kernel/kmod.c 2010-12-31 14:46:53.000000000 -0500 |
1273 |
-@@ -90,6 +90,18 @@ int __request_module(bool wait, const ch |
1274 |
++++ linux-2.6.32.28/kernel/kmod.c 2011-02-12 10:58:19.000000000 -0500 |
1275 |
+@@ -90,6 +90,28 @@ int __request_module(bool wait, const ch |
1276 |
if (ret >= MODULE_NAME_LEN) |
1277 |
return -ENAMETOOLONG; |
1278 |
|
1279 |
@@ -51537,7 +51878,17 @@ diff -urNp linux-2.6.32.28/kernel/kmod.c linux-2.6.32.28/kernel/kmod.c |
1280 |
+ auto-loaded |
1281 |
+ */ |
1282 |
+ if (current_uid()) { |
1283 |
-+ gr_log_nonroot_mod_load(module_name); |
1284 |
++#if !defined(CONFIG_IPV6) && !defined(CONFIG_IPV6_MODULE) |
1285 |
++ /* There are known knowns. These are things we know |
1286 |
++ that we know. There are known unknowns. That is to say, |
1287 |
++ there are things that we know we don't know. But there are |
1288 |
++ also unknown unknowns. There are things we don't know |
1289 |
++ we don't know. |
1290 |
++ This here is a known unknown. |
1291 |
++ */ |
1292 |
++ if (strcmp(module_name, "net-pf-10")) |
1293 |
++#endif |
1294 |
++ gr_log_nonroot_mod_load(module_name); |
1295 |
+ return -EPERM; |
1296 |
+ } |
1297 |
+#endif |
1298 |
@@ -51724,7 +52075,7 @@ diff -urNp linux-2.6.32.28/kernel/lockdep_proc.c linux-2.6.32.28/kernel/lockdep_ |
1299 |
if (!name) { |
1300 |
diff -urNp linux-2.6.32.28/kernel/module.c linux-2.6.32.28/kernel/module.c |
1301 |
--- linux-2.6.32.28/kernel/module.c 2010-08-13 16:24:37.000000000 -0400 |
1302 |
-+++ linux-2.6.32.28/kernel/module.c 2010-12-31 14:46:53.000000000 -0500 |
1303 |
++++ linux-2.6.32.28/kernel/module.c 2011-02-02 20:27:32.000000000 -0500 |
1304 |
@@ -89,7 +89,8 @@ static DECLARE_WAIT_QUEUE_HEAD(module_wq |
1305 |
static BLOCKING_NOTIFIER_HEAD(module_notify_list); |
1306 |
|
1307 |
@@ -51762,6 +52113,15 @@ diff -urNp linux-2.6.32.28/kernel/module.c linux-2.6.32.28/kernel/module.c |
1308 |
printk(KERN_WARNING "%s: per-cpu alignment %li > %li\n", |
1309 |
name, align, PAGE_SIZE); |
1310 |
align = PAGE_SIZE; |
1311 |
+@@ -1158,7 +1159,7 @@ static const struct kernel_symbol *resol |
1312 |
+ * /sys/module/foo/sections stuff |
1313 |
+ * J. Corbet <corbet@×××.net> |
1314 |
+ */ |
1315 |
+-#if defined(CONFIG_KALLSYMS) && defined(CONFIG_SYSFS) |
1316 |
++#if defined(CONFIG_KALLSYMS) && defined(CONFIG_SYSFS) && !defined(CONFIG_GRKERNSEC_HIDESYM) |
1317 |
+ |
1318 |
+ static inline bool sect_empty(const Elf_Shdr *sect) |
1319 |
+ { |
1320 |
@@ -1545,7 +1546,8 @@ static void free_module(struct module *m |
1321 |
destroy_params(mod->kp, mod->num_kp); |
1322 |
|
1323 |
@@ -52493,7 +52853,7 @@ diff -urNp linux-2.6.32.28/kernel/printk.c linux-2.6.32.28/kernel/printk.c |
1324 |
return error; |
1325 |
diff -urNp linux-2.6.32.28/kernel/ptrace.c linux-2.6.32.28/kernel/ptrace.c |
1326 |
--- linux-2.6.32.28/kernel/ptrace.c 2010-08-13 16:24:37.000000000 -0400 |
1327 |
-+++ linux-2.6.32.28/kernel/ptrace.c 2011-01-01 00:19:08.000000000 -0500 |
1328 |
++++ linux-2.6.32.28/kernel/ptrace.c 2011-02-12 10:37:47.000000000 -0500 |
1329 |
@@ -141,7 +141,7 @@ int __ptrace_may_access(struct task_stru |
1330 |
cred->gid != tcred->egid || |
1331 |
cred->gid != tcred->sgid || |
1332 |
@@ -52521,6 +52881,15 @@ diff -urNp linux-2.6.32.28/kernel/ptrace.c linux-2.6.32.28/kernel/ptrace.c |
1333 |
task->ptrace |= PT_PTRACE_CAP; |
1334 |
|
1335 |
__ptrace_link(task, current); |
1336 |
+@@ -314,7 +314,7 @@ int ptrace_detach(struct task_struct *ch |
1337 |
+ child->exit_code = data; |
1338 |
+ dead = __ptrace_detach(current, child); |
1339 |
+ if (!child->exit_state) |
1340 |
+- wake_up_process(child); |
1341 |
++ wake_up_state(child, TASK_TRACED | TASK_STOPPED); |
1342 |
+ } |
1343 |
+ write_unlock_irq(&tasklist_lock); |
1344 |
+ |
1345 |
@@ -532,18 +532,18 @@ int ptrace_request(struct task_struct *c |
1346 |
ret = ptrace_setoptions(child, data); |
1347 |
break; |
1348 |
@@ -52745,7 +53114,7 @@ diff -urNp linux-2.6.32.28/kernel/sched.c linux-2.6.32.28/kernel/sched.c |
1349 |
return; |
1350 |
diff -urNp linux-2.6.32.28/kernel/signal.c linux-2.6.32.28/kernel/signal.c |
1351 |
--- linux-2.6.32.28/kernel/signal.c 2010-08-13 16:24:37.000000000 -0400 |
1352 |
-+++ linux-2.6.32.28/kernel/signal.c 2010-12-31 14:46:53.000000000 -0500 |
1353 |
++++ linux-2.6.32.28/kernel/signal.c 2011-02-12 11:22:46.000000000 -0500 |
1354 |
@@ -41,12 +41,12 @@ |
1355 |
|
1356 |
static struct kmem_cache *sigqueue_cachep; |
1357 |
@@ -52808,17 +53177,34 @@ diff -urNp linux-2.6.32.28/kernel/signal.c linux-2.6.32.28/kernel/signal.c |
1358 |
specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
1359 |
{ |
1360 |
return send_signal(sig, info, t, 0); |
1361 |
-@@ -1022,6 +1028,9 @@ force_sig_info(int sig, struct siginfo * |
1362 |
+@@ -1005,6 +1011,7 @@ force_sig_info(int sig, struct siginfo * |
1363 |
+ unsigned long int flags; |
1364 |
+ int ret, blocked, ignored; |
1365 |
+ struct k_sigaction *action; |
1366 |
++ int is_unhandled = 0; |
1367 |
+ |
1368 |
+ spin_lock_irqsave(&t->sighand->siglock, flags); |
1369 |
+ action = &t->sighand->action[sig-1]; |
1370 |
+@@ -1019,9 +1026,18 @@ force_sig_info(int sig, struct siginfo * |
1371 |
+ } |
1372 |
+ if (action->sa.sa_handler == SIG_DFL) |
1373 |
+ t->signal->flags &= ~SIGNAL_UNKILLABLE; |
1374 |
++ if (action->sa.sa_handler == SIG_IGN || action->sa.sa_handler == SIG_DFL) |
1375 |
++ is_unhandled = 1; |
1376 |
ret = specific_send_sig_info(sig, info, t); |
1377 |
spin_unlock_irqrestore(&t->sighand->siglock, flags); |
1378 |
|
1379 |
-+ gr_log_signal(sig, !is_si_special(info) ? info->si_addr : NULL, t); |
1380 |
-+ gr_handle_crash(t, sig); |
1381 |
++ /* only deal with unhandled signals, java etc trigger SIGSEGV during |
1382 |
++ normal operation */ |
1383 |
++ if (is_unhandled) { |
1384 |
++ gr_log_signal(sig, !is_si_special(info) ? info->si_addr : NULL, t); |
1385 |
++ gr_handle_crash(t, sig); |
1386 |
++ } |
1387 |
+ |
1388 |
return ret; |
1389 |
} |
1390 |
|
1391 |
-@@ -1081,8 +1090,11 @@ int group_send_sig_info(int sig, struct |
1392 |
+@@ -1081,8 +1097,11 @@ int group_send_sig_info(int sig, struct |
1393 |
{ |
1394 |
int ret = check_kill_permission(sig, info, p); |
1395 |
|
1396 |
@@ -54853,7 +55239,7 @@ diff -urNp linux-2.6.32.28/mm/migrate.c linux-2.6.32.28/mm/migrate.c |
1397 |
goto out; |
1398 |
diff -urNp linux-2.6.32.28/mm/mlock.c linux-2.6.32.28/mm/mlock.c |
1399 |
--- linux-2.6.32.28/mm/mlock.c 2010-10-31 16:44:11.000000000 -0400 |
1400 |
-+++ linux-2.6.32.28/mm/mlock.c 2010-12-31 14:46:53.000000000 -0500 |
1401 |
++++ linux-2.6.32.28/mm/mlock.c 2011-01-24 18:05:37.000000000 -0500 |
1402 |
@@ -13,6 +13,7 @@ |
1403 |
#include <linux/pagemap.h> |
1404 |
#include <linux/mempolicy.h> |
1405 |
@@ -54889,6 +55275,15 @@ diff -urNp linux-2.6.32.28/mm/mlock.c linux-2.6.32.28/mm/mlock.c |
1406 |
while (nr_pages > 0) { |
1407 |
int i; |
1408 |
|
1409 |
+@@ -440,7 +428,7 @@ static int do_mlock(unsigned long start, |
1410 |
+ { |
1411 |
+ unsigned long nstart, end, tmp; |
1412 |
+ struct vm_area_struct * vma, * prev; |
1413 |
+- int error; |
1414 |
++ int error = -EINVAL; |
1415 |
+ |
1416 |
+ len = PAGE_ALIGN(len); |
1417 |
+ end = start + len; |
1418 |
@@ -448,6 +436,9 @@ static int do_mlock(unsigned long start, |
1419 |
return -EINVAL; |
1420 |
if (end == start) |
1421 |
@@ -54957,7 +55352,7 @@ diff -urNp linux-2.6.32.28/mm/mlock.c linux-2.6.32.28/mm/mlock.c |
1422 |
ret = do_mlockall(flags); |
1423 |
diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1424 |
--- linux-2.6.32.28/mm/mmap.c 2011-01-11 23:55:35.000000000 -0500 |
1425 |
-+++ linux-2.6.32.28/mm/mmap.c 2010-12-31 14:46:53.000000000 -0500 |
1426 |
++++ linux-2.6.32.28/mm/mmap.c 2011-02-12 11:38:46.000000000 -0500 |
1427 |
@@ -45,6 +45,16 @@ |
1428 |
#define arch_rebalance_pgtables(addr, len) (addr) |
1429 |
#endif |
1430 |
@@ -55179,12 +55574,13 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1431 |
if (addr & ~PAGE_MASK) |
1432 |
return addr; |
1433 |
|
1434 |
-@@ -969,6 +1046,31 @@ unsigned long do_mmap_pgoff(struct file |
1435 |
+@@ -969,6 +1046,36 @@ unsigned long do_mmap_pgoff(struct file |
1436 |
vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | |
1437 |
mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; |
1438 |
|
1439 |
+#ifdef CONFIG_PAX_MPROTECT |
1440 |
+ if (mm->pax_flags & MF_PAX_MPROTECT) { |
1441 |
++#ifndef CONFIG_PAX_MPROTECT_COMPAT |
1442 |
+ if ((vm_flags & (VM_WRITE | VM_EXEC)) == (VM_WRITE | VM_EXEC)) { |
1443 |
+ gr_log_rwxmmap(file); |
1444 |
+ |
1445 |
@@ -55198,6 +55594,10 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1446 |
+ |
1447 |
+ if (!(vm_flags & VM_EXEC)) |
1448 |
+ vm_flags &= ~VM_MAYEXEC; |
1449 |
++#else |
1450 |
++ if ((vm_flags & (VM_WRITE | VM_EXEC)) != VM_EXEC) |
1451 |
++ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); |
1452 |
++#endif |
1453 |
+ else |
1454 |
+ vm_flags &= ~VM_MAYWRITE; |
1455 |
+ } |
1456 |
@@ -55211,7 +55611,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1457 |
if (flags & MAP_LOCKED) |
1458 |
if (!can_do_mlock()) |
1459 |
return -EPERM; |
1460 |
-@@ -980,6 +1082,7 @@ unsigned long do_mmap_pgoff(struct file |
1461 |
+@@ -980,6 +1087,7 @@ unsigned long do_mmap_pgoff(struct file |
1462 |
locked += mm->locked_vm; |
1463 |
lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; |
1464 |
lock_limit >>= PAGE_SHIFT; |
1465 |
@@ -55219,7 +55619,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1466 |
if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
1467 |
return -EAGAIN; |
1468 |
} |
1469 |
-@@ -1053,6 +1156,9 @@ unsigned long do_mmap_pgoff(struct file |
1470 |
+@@ -1053,6 +1161,9 @@ unsigned long do_mmap_pgoff(struct file |
1471 |
if (error) |
1472 |
return error; |
1473 |
|
1474 |
@@ -55229,7 +55629,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1475 |
return mmap_region(file, addr, len, flags, vm_flags, pgoff); |
1476 |
} |
1477 |
EXPORT_SYMBOL(do_mmap_pgoff); |
1478 |
-@@ -1065,10 +1171,10 @@ EXPORT_SYMBOL(do_mmap_pgoff); |
1479 |
+@@ -1065,10 +1176,10 @@ EXPORT_SYMBOL(do_mmap_pgoff); |
1480 |
*/ |
1481 |
int vma_wants_writenotify(struct vm_area_struct *vma) |
1482 |
{ |
1483 |
@@ -55242,7 +55642,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1484 |
return 0; |
1485 |
|
1486 |
/* The backer wishes to know when pages are first written to? */ |
1487 |
-@@ -1117,14 +1223,24 @@ unsigned long mmap_region(struct file *f |
1488 |
+@@ -1117,14 +1228,24 @@ unsigned long mmap_region(struct file *f |
1489 |
unsigned long charged = 0; |
1490 |
struct inode *inode = file ? file->f_path.dentry->d_inode : NULL; |
1491 |
|
1492 |
@@ -55269,7 +55669,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1493 |
} |
1494 |
|
1495 |
/* Check against address space limit. */ |
1496 |
-@@ -1173,6 +1289,16 @@ munmap_back: |
1497 |
+@@ -1173,6 +1294,16 @@ munmap_back: |
1498 |
goto unacct_error; |
1499 |
} |
1500 |
|
1501 |
@@ -55286,7 +55686,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1502 |
vma->vm_mm = mm; |
1503 |
vma->vm_start = addr; |
1504 |
vma->vm_end = addr + len; |
1505 |
-@@ -1195,6 +1321,19 @@ munmap_back: |
1506 |
+@@ -1195,6 +1326,19 @@ munmap_back: |
1507 |
error = file->f_op->mmap(file, vma); |
1508 |
if (error) |
1509 |
goto unmap_and_free_vma; |
1510 |
@@ -55306,7 +55706,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1511 |
if (vm_flags & VM_EXECUTABLE) |
1512 |
added_exe_file_vma(mm); |
1513 |
|
1514 |
-@@ -1218,6 +1357,11 @@ munmap_back: |
1515 |
+@@ -1218,6 +1362,11 @@ munmap_back: |
1516 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
1517 |
file = vma->vm_file; |
1518 |
|
1519 |
@@ -55318,7 +55718,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1520 |
/* Once vma denies write, undo our temporary denial count */ |
1521 |
if (correct_wcount) |
1522 |
atomic_inc(&inode->i_writecount); |
1523 |
-@@ -1226,6 +1370,7 @@ out: |
1524 |
+@@ -1226,6 +1375,7 @@ out: |
1525 |
|
1526 |
mm->total_vm += len >> PAGE_SHIFT; |
1527 |
vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); |
1528 |
@@ -55326,7 +55726,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1529 |
if (vm_flags & VM_LOCKED) { |
1530 |
/* |
1531 |
* makes pages present; downgrades, drops, reacquires mmap_sem |
1532 |
-@@ -1248,6 +1393,12 @@ unmap_and_free_vma: |
1533 |
+@@ -1248,6 +1398,12 @@ unmap_and_free_vma: |
1534 |
unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); |
1535 |
charged = 0; |
1536 |
free_vma: |
1537 |
@@ -55339,7 +55739,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1538 |
kmem_cache_free(vm_area_cachep, vma); |
1539 |
unacct_error: |
1540 |
if (charged) |
1541 |
-@@ -1255,6 +1406,33 @@ unacct_error: |
1542 |
+@@ -1255,6 +1411,33 @@ unacct_error: |
1543 |
return error; |
1544 |
} |
1545 |
|
1546 |
@@ -55373,7 +55773,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1547 |
/* Get an address range which is currently unmapped. |
1548 |
* For shmat() with addr=0. |
1549 |
* |
1550 |
-@@ -1281,18 +1459,23 @@ arch_get_unmapped_area(struct file *filp |
1551 |
+@@ -1281,18 +1464,23 @@ arch_get_unmapped_area(struct file *filp |
1552 |
if (flags & MAP_FIXED) |
1553 |
return addr; |
1554 |
|
1555 |
@@ -55404,7 +55804,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1556 |
} |
1557 |
|
1558 |
full_search: |
1559 |
-@@ -1303,34 +1486,40 @@ full_search: |
1560 |
+@@ -1303,34 +1491,40 @@ full_search: |
1561 |
* Start a new search - just in case we missed |
1562 |
* some holes. |
1563 |
*/ |
1564 |
@@ -55456,7 +55856,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1565 |
mm->free_area_cache = addr; |
1566 |
mm->cached_hole_size = ~0UL; |
1567 |
} |
1568 |
-@@ -1348,7 +1537,7 @@ arch_get_unmapped_area_topdown(struct fi |
1569 |
+@@ -1348,7 +1542,7 @@ arch_get_unmapped_area_topdown(struct fi |
1570 |
{ |
1571 |
struct vm_area_struct *vma; |
1572 |
struct mm_struct *mm = current->mm; |
1573 |
@@ -55465,7 +55865,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1574 |
|
1575 |
/* requested length too big for entire address space */ |
1576 |
if (len > TASK_SIZE) |
1577 |
-@@ -1357,13 +1546,18 @@ arch_get_unmapped_area_topdown(struct fi |
1578 |
+@@ -1357,13 +1551,18 @@ arch_get_unmapped_area_topdown(struct fi |
1579 |
if (flags & MAP_FIXED) |
1580 |
return addr; |
1581 |
|
1582 |
@@ -55488,7 +55888,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1583 |
} |
1584 |
|
1585 |
/* check if free_area_cache is useful for us */ |
1586 |
-@@ -1378,7 +1572,7 @@ arch_get_unmapped_area_topdown(struct fi |
1587 |
+@@ -1378,7 +1577,7 @@ arch_get_unmapped_area_topdown(struct fi |
1588 |
/* make sure it can fit in the remaining address space */ |
1589 |
if (addr > len) { |
1590 |
vma = find_vma(mm, addr-len); |
1591 |
@@ -55497,7 +55897,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1592 |
/* remember the address as a hint for next time */ |
1593 |
return (mm->free_area_cache = addr-len); |
1594 |
} |
1595 |
-@@ -1395,7 +1589,7 @@ arch_get_unmapped_area_topdown(struct fi |
1596 |
+@@ -1395,7 +1594,7 @@ arch_get_unmapped_area_topdown(struct fi |
1597 |
* return with success: |
1598 |
*/ |
1599 |
vma = find_vma(mm, addr); |
1600 |
@@ -55506,7 +55906,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1601 |
/* remember the address as a hint for next time */ |
1602 |
return (mm->free_area_cache = addr); |
1603 |
|
1604 |
-@@ -1414,13 +1608,21 @@ bottomup: |
1605 |
+@@ -1414,13 +1613,21 @@ bottomup: |
1606 |
* can happen with large stack limits and large mmap() |
1607 |
* allocations. |
1608 |
*/ |
1609 |
@@ -55530,7 +55930,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1610 |
mm->cached_hole_size = ~0UL; |
1611 |
|
1612 |
return addr; |
1613 |
-@@ -1429,6 +1631,12 @@ bottomup: |
1614 |
+@@ -1429,6 +1636,12 @@ bottomup: |
1615 |
|
1616 |
void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) |
1617 |
{ |
1618 |
@@ -55543,7 +55943,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1619 |
/* |
1620 |
* Is this a new hole at the highest possible address? |
1621 |
*/ |
1622 |
-@@ -1436,8 +1644,10 @@ void arch_unmap_area_topdown(struct mm_s |
1623 |
+@@ -1436,8 +1649,10 @@ void arch_unmap_area_topdown(struct mm_s |
1624 |
mm->free_area_cache = addr; |
1625 |
|
1626 |
/* dont allow allocations above current base */ |
1627 |
@@ -55555,7 +55955,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1628 |
} |
1629 |
|
1630 |
unsigned long |
1631 |
-@@ -1545,6 +1755,27 @@ out: |
1632 |
+@@ -1545,6 +1760,27 @@ out: |
1633 |
return prev ? prev->vm_next : vma; |
1634 |
} |
1635 |
|
1636 |
@@ -55583,7 +55983,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1637 |
/* |
1638 |
* Verify that the stack growth is acceptable and |
1639 |
* update accounting. This is shared with both the |
1640 |
-@@ -1561,6 +1792,7 @@ static int acct_stack_growth(struct vm_a |
1641 |
+@@ -1561,6 +1797,7 @@ static int acct_stack_growth(struct vm_a |
1642 |
return -ENOMEM; |
1643 |
|
1644 |
/* Stack limit test */ |
1645 |
@@ -55591,7 +55991,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1646 |
if (size > rlim[RLIMIT_STACK].rlim_cur) |
1647 |
return -ENOMEM; |
1648 |
|
1649 |
-@@ -1570,6 +1802,7 @@ static int acct_stack_growth(struct vm_a |
1650 |
+@@ -1570,6 +1807,7 @@ static int acct_stack_growth(struct vm_a |
1651 |
unsigned long limit; |
1652 |
locked = mm->locked_vm + grow; |
1653 |
limit = rlim[RLIMIT_MEMLOCK].rlim_cur >> PAGE_SHIFT; |
1654 |
@@ -55599,7 +55999,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1655 |
if (locked > limit && !capable(CAP_IPC_LOCK)) |
1656 |
return -ENOMEM; |
1657 |
} |
1658 |
-@@ -1600,37 +1833,48 @@ static int acct_stack_growth(struct vm_a |
1659 |
+@@ -1600,37 +1838,48 @@ static int acct_stack_growth(struct vm_a |
1660 |
* PA-RISC uses this for its stack; IA64 for its Register Backing Store. |
1661 |
* vma is the last one with address > vma->vm_end. Have to extend vma. |
1662 |
*/ |
1663 |
@@ -55657,7 +56057,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1664 |
unsigned long size, grow; |
1665 |
|
1666 |
size = address - vma->vm_start; |
1667 |
-@@ -1640,6 +1884,8 @@ int expand_upwards(struct vm_area_struct |
1668 |
+@@ -1640,6 +1889,8 @@ int expand_upwards(struct vm_area_struct |
1669 |
if (!error) |
1670 |
vma->vm_end = address; |
1671 |
} |
1672 |
@@ -55666,7 +56066,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1673 |
anon_vma_unlock(vma); |
1674 |
return error; |
1675 |
} |
1676 |
-@@ -1652,6 +1898,8 @@ static int expand_downwards(struct vm_ar |
1677 |
+@@ -1652,6 +1903,8 @@ static int expand_downwards(struct vm_ar |
1678 |
unsigned long address) |
1679 |
{ |
1680 |
int error; |
1681 |
@@ -55675,7 +56075,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1682 |
|
1683 |
/* |
1684 |
* We must make sure the anon_vma is allocated |
1685 |
-@@ -1665,6 +1913,15 @@ static int expand_downwards(struct vm_ar |
1686 |
+@@ -1665,6 +1918,15 @@ static int expand_downwards(struct vm_ar |
1687 |
if (error) |
1688 |
return error; |
1689 |
|
1690 |
@@ -55691,7 +56091,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1691 |
anon_vma_lock(vma); |
1692 |
|
1693 |
/* |
1694 |
-@@ -1674,9 +1931,17 @@ static int expand_downwards(struct vm_ar |
1695 |
+@@ -1674,9 +1936,17 @@ static int expand_downwards(struct vm_ar |
1696 |
*/ |
1697 |
|
1698 |
/* Somebody else might have raced and expanded it already */ |
1699 |
@@ -55710,7 +56110,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1700 |
size = vma->vm_end - address; |
1701 |
grow = (vma->vm_start - address) >> PAGE_SHIFT; |
1702 |
|
1703 |
-@@ -1684,9 +1949,20 @@ static int expand_downwards(struct vm_ar |
1704 |
+@@ -1684,9 +1954,20 @@ static int expand_downwards(struct vm_ar |
1705 |
if (!error) { |
1706 |
vma->vm_start = address; |
1707 |
vma->vm_pgoff -= grow; |
1708 |
@@ -55731,7 +56131,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1709 |
return error; |
1710 |
} |
1711 |
|
1712 |
-@@ -1762,6 +2038,13 @@ static void remove_vma_list(struct mm_st |
1713 |
+@@ -1762,6 +2043,13 @@ static void remove_vma_list(struct mm_st |
1714 |
do { |
1715 |
long nrpages = vma_pages(vma); |
1716 |
|
1717 |
@@ -55745,7 +56145,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1718 |
mm->total_vm -= nrpages; |
1719 |
vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); |
1720 |
vma = remove_vma(vma); |
1721 |
-@@ -1807,6 +2090,16 @@ detach_vmas_to_be_unmapped(struct mm_str |
1722 |
+@@ -1807,6 +2095,16 @@ detach_vmas_to_be_unmapped(struct mm_str |
1723 |
insertion_point = (prev ? &prev->vm_next : &mm->mmap); |
1724 |
vma->vm_prev = NULL; |
1725 |
do { |
1726 |
@@ -55762,7 +56162,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1727 |
rb_erase(&vma->vm_rb, &mm->mm_rb); |
1728 |
mm->map_count--; |
1729 |
tail_vma = vma; |
1730 |
-@@ -1834,10 +2127,25 @@ int split_vma(struct mm_struct * mm, str |
1731 |
+@@ -1834,10 +2132,25 @@ int split_vma(struct mm_struct * mm, str |
1732 |
struct mempolicy *pol; |
1733 |
struct vm_area_struct *new; |
1734 |
|
1735 |
@@ -55788,7 +56188,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1736 |
if (mm->map_count >= sysctl_max_map_count) |
1737 |
return -ENOMEM; |
1738 |
|
1739 |
-@@ -1845,6 +2153,16 @@ int split_vma(struct mm_struct * mm, str |
1740 |
+@@ -1845,6 +2158,16 @@ int split_vma(struct mm_struct * mm, str |
1741 |
if (!new) |
1742 |
return -ENOMEM; |
1743 |
|
1744 |
@@ -55805,7 +56205,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1745 |
/* most fields are the same, copy all, and then fixup */ |
1746 |
*new = *vma; |
1747 |
|
1748 |
-@@ -1855,8 +2173,29 @@ int split_vma(struct mm_struct * mm, str |
1749 |
+@@ -1855,8 +2178,29 @@ int split_vma(struct mm_struct * mm, str |
1750 |
new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); |
1751 |
} |
1752 |
|
1753 |
@@ -55835,7 +56235,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1754 |
kmem_cache_free(vm_area_cachep, new); |
1755 |
return PTR_ERR(pol); |
1756 |
} |
1757 |
-@@ -1877,6 +2216,28 @@ int split_vma(struct mm_struct * mm, str |
1758 |
+@@ -1877,6 +2221,28 @@ int split_vma(struct mm_struct * mm, str |
1759 |
else |
1760 |
vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); |
1761 |
|
1762 |
@@ -55864,13 +56264,13 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1763 |
return 0; |
1764 |
} |
1765 |
|
1766 |
-@@ -1885,11 +2246,30 @@ int split_vma(struct mm_struct * mm, str |
1767 |
+@@ -1885,11 +2251,30 @@ int split_vma(struct mm_struct * mm, str |
1768 |
* work. This now handles partial unmappings. |
1769 |
* Jeremy Fitzhardinge <jeremy@××××.org> |
1770 |
*/ |
1771 |
+#ifdef CONFIG_PAX_SEGMEXEC |
1772 |
- int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1773 |
- { |
1774 |
++int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1775 |
++{ |
1776 |
+ int ret = __do_munmap(mm, start, len); |
1777 |
+ if (ret || !(mm->pax_flags & MF_PAX_SEGMEXEC)) |
1778 |
+ return ret; |
1779 |
@@ -55880,9 +56280,9 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1780 |
+ |
1781 |
+int __do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1782 |
+#else |
1783 |
-+int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1784 |
+ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1785 |
+#endif |
1786 |
-+{ |
1787 |
+ { |
1788 |
unsigned long end; |
1789 |
struct vm_area_struct *vma, *prev, *last; |
1790 |
|
1791 |
@@ -55895,7 +56295,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1792 |
if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) |
1793 |
return -EINVAL; |
1794 |
|
1795 |
-@@ -1953,6 +2333,8 @@ int do_munmap(struct mm_struct *mm, unsi |
1796 |
+@@ -1953,6 +2338,8 @@ int do_munmap(struct mm_struct *mm, unsi |
1797 |
/* Fix up all other VM information */ |
1798 |
remove_vma_list(mm, vma); |
1799 |
|
1800 |
@@ -55904,7 +56304,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1801 |
return 0; |
1802 |
} |
1803 |
|
1804 |
-@@ -1965,22 +2347,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a |
1805 |
+@@ -1965,22 +2352,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a |
1806 |
|
1807 |
profile_munmap(addr); |
1808 |
|
1809 |
@@ -55933,7 +56333,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1810 |
/* |
1811 |
* this is really a simplified "do_mmap". it only handles |
1812 |
* anonymous maps. eventually we may be able to do some |
1813 |
-@@ -1994,6 +2372,7 @@ unsigned long do_brk(unsigned long addr, |
1814 |
+@@ -1994,6 +2377,7 @@ unsigned long do_brk(unsigned long addr, |
1815 |
struct rb_node ** rb_link, * rb_parent; |
1816 |
pgoff_t pgoff = addr >> PAGE_SHIFT; |
1817 |
int error; |
1818 |
@@ -55941,7 +56341,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1819 |
|
1820 |
len = PAGE_ALIGN(len); |
1821 |
if (!len) |
1822 |
-@@ -2005,16 +2384,30 @@ unsigned long do_brk(unsigned long addr, |
1823 |
+@@ -2005,16 +2389,30 @@ unsigned long do_brk(unsigned long addr, |
1824 |
|
1825 |
flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; |
1826 |
|
1827 |
@@ -55973,7 +56373,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1828 |
locked += mm->locked_vm; |
1829 |
lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; |
1830 |
lock_limit >>= PAGE_SHIFT; |
1831 |
-@@ -2031,22 +2424,22 @@ unsigned long do_brk(unsigned long addr, |
1832 |
+@@ -2031,22 +2429,22 @@ unsigned long do_brk(unsigned long addr, |
1833 |
/* |
1834 |
* Clear old maps. this also does some error checking for us |
1835 |
*/ |
1836 |
@@ -56000,7 +56400,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1837 |
return -ENOMEM; |
1838 |
|
1839 |
/* Can we just expand an old private anonymous mapping? */ |
1840 |
-@@ -2060,7 +2453,7 @@ unsigned long do_brk(unsigned long addr, |
1841 |
+@@ -2060,7 +2458,7 @@ unsigned long do_brk(unsigned long addr, |
1842 |
*/ |
1843 |
vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); |
1844 |
if (!vma) { |
1845 |
@@ -56009,7 +56409,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1846 |
return -ENOMEM; |
1847 |
} |
1848 |
|
1849 |
-@@ -2072,11 +2465,12 @@ unsigned long do_brk(unsigned long addr, |
1850 |
+@@ -2072,11 +2470,12 @@ unsigned long do_brk(unsigned long addr, |
1851 |
vma->vm_page_prot = vm_get_page_prot(flags); |
1852 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
1853 |
out: |
1854 |
@@ -56024,7 +56424,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1855 |
return addr; |
1856 |
} |
1857 |
|
1858 |
-@@ -2123,8 +2517,10 @@ void exit_mmap(struct mm_struct *mm) |
1859 |
+@@ -2123,8 +2522,10 @@ void exit_mmap(struct mm_struct *mm) |
1860 |
* Walk the list again, actually closing and freeing it, |
1861 |
* with preemption enabled, without holding any MM locks. |
1862 |
*/ |
1863 |
@@ -56036,7 +56436,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1864 |
|
1865 |
BUG_ON(mm->nr_ptes > (FIRST_USER_ADDRESS+PMD_SIZE-1)>>PMD_SHIFT); |
1866 |
} |
1867 |
-@@ -2138,6 +2534,10 @@ int insert_vm_struct(struct mm_struct * |
1868 |
+@@ -2138,6 +2539,10 @@ int insert_vm_struct(struct mm_struct * |
1869 |
struct vm_area_struct * __vma, * prev; |
1870 |
struct rb_node ** rb_link, * rb_parent; |
1871 |
|
1872 |
@@ -56047,7 +56447,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1873 |
/* |
1874 |
* The vm_pgoff of a purely anonymous vma should be irrelevant |
1875 |
* until its first write fault, when page's anon_vma and index |
1876 |
-@@ -2160,7 +2560,22 @@ int insert_vm_struct(struct mm_struct * |
1877 |
+@@ -2160,7 +2565,22 @@ int insert_vm_struct(struct mm_struct * |
1878 |
if ((vma->vm_flags & VM_ACCOUNT) && |
1879 |
security_vm_enough_memory_mm(mm, vma_pages(vma))) |
1880 |
return -ENOMEM; |
1881 |
@@ -56070,7 +56470,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1882 |
return 0; |
1883 |
} |
1884 |
|
1885 |
-@@ -2178,6 +2593,8 @@ struct vm_area_struct *copy_vma(struct v |
1886 |
+@@ -2178,6 +2598,8 @@ struct vm_area_struct *copy_vma(struct v |
1887 |
struct rb_node **rb_link, *rb_parent; |
1888 |
struct mempolicy *pol; |
1889 |
|
1890 |
@@ -56079,7 +56479,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1891 |
/* |
1892 |
* If anonymous vma has not yet been faulted, update new pgoff |
1893 |
* to match new location, to increase its chance of merging. |
1894 |
-@@ -2221,6 +2638,35 @@ struct vm_area_struct *copy_vma(struct v |
1895 |
+@@ -2221,6 +2643,35 @@ struct vm_area_struct *copy_vma(struct v |
1896 |
return new_vma; |
1897 |
} |
1898 |
|
1899 |
@@ -56115,7 +56515,7 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1900 |
/* |
1901 |
* Return true if the calling process may expand its vm space by the passed |
1902 |
* number of pages |
1903 |
-@@ -2231,7 +2677,7 @@ int may_expand_vm(struct mm_struct *mm, |
1904 |
+@@ -2231,7 +2682,7 @@ int may_expand_vm(struct mm_struct *mm, |
1905 |
unsigned long lim; |
1906 |
|
1907 |
lim = current->signal->rlim[RLIMIT_AS].rlim_cur >> PAGE_SHIFT; |
1908 |
@@ -56124,16 +56524,21 @@ diff -urNp linux-2.6.32.28/mm/mmap.c linux-2.6.32.28/mm/mmap.c |
1909 |
if (cur + npages > lim) |
1910 |
return 0; |
1911 |
return 1; |
1912 |
-@@ -2301,6 +2747,17 @@ int install_special_mapping(struct mm_st |
1913 |
+@@ -2301,6 +2752,22 @@ int install_special_mapping(struct mm_st |
1914 |
vma->vm_start = addr; |
1915 |
vma->vm_end = addr + len; |
1916 |
|
1917 |
+#ifdef CONFIG_PAX_MPROTECT |
1918 |
+ if (mm->pax_flags & MF_PAX_MPROTECT) { |
1919 |
++#ifndef CONFIG_PAX_MPROTECT_COMPAT |
1920 |
+ if ((vm_flags & (VM_WRITE | VM_EXEC)) == (VM_WRITE | VM_EXEC)) |
1921 |
+ return -EPERM; |
1922 |
+ if (!(vm_flags & VM_EXEC)) |
1923 |
+ vm_flags &= ~VM_MAYEXEC; |
1924 |
++#else |
1925 |
++ if ((vm_flags & (VM_WRITE | VM_EXEC)) != VM_EXEC) |
1926 |
++ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); |
1927 |
++#endif |
1928 |
+ else |
1929 |
+ vm_flags &= ~VM_MAYWRITE; |
1930 |
+ } |
1931 |
@@ -56595,7 +57000,7 @@ diff -urNp linux-2.6.32.28/mm/rmap.c linux-2.6.32.28/mm/rmap.c |
1932 |
allocated = NULL; |
1933 |
diff -urNp linux-2.6.32.28/mm/shmem.c linux-2.6.32.28/mm/shmem.c |
1934 |
--- linux-2.6.32.28/mm/shmem.c 2010-08-13 16:24:37.000000000 -0400 |
1935 |
-+++ linux-2.6.32.28/mm/shmem.c 2010-12-31 14:46:53.000000000 -0500 |
1936 |
++++ linux-2.6.32.28/mm/shmem.c 2011-01-24 18:05:37.000000000 -0500 |
1937 |
@@ -31,7 +31,7 @@ |
1938 |
#include <linux/swap.h> |
1939 |
#include <linux/ima.h> |
1940 |
@@ -56605,6 +57010,15 @@ diff -urNp linux-2.6.32.28/mm/shmem.c linux-2.6.32.28/mm/shmem.c |
1941 |
|
1942 |
#ifdef CONFIG_SHMEM |
1943 |
/* |
1944 |
+@@ -1061,6 +1061,8 @@ static int shmem_writepage(struct page * |
1945 |
+ goto unlock; |
1946 |
+ } |
1947 |
+ entry = shmem_swp_entry(info, index, NULL); |
1948 |
++ if (!entry) |
1949 |
++ goto unlock; |
1950 |
+ if (entry->val) { |
1951 |
+ /* |
1952 |
+ * The more uptodate page coming down from a stacked |
1953 |
diff -urNp linux-2.6.32.28/mm/slab.c linux-2.6.32.28/mm/slab.c |
1954 |
--- linux-2.6.32.28/mm/slab.c 2010-08-29 21:08:20.000000000 -0400 |
1955 |
+++ linux-2.6.32.28/mm/slab.c 2010-12-31 14:46:53.000000000 -0500 |
1956 |
@@ -58424,24 +58838,24 @@ diff -urNp linux-2.6.32.28/net/irda/af_irda.c linux-2.6.32.28/net/irda/af_irda.c |
1957 |
{ |
1958 |
diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c |
1959 |
--- linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c 2010-08-13 16:24:37.000000000 -0400 |
1960 |
-+++ linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c 2010-12-31 14:46:53.000000000 -0500 |
1961 |
++++ linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c 2011-01-24 18:05:37.000000000 -0500 |
1962 |
@@ -280,16 +280,16 @@ static int ircomm_tty_block_til_ready(st |
1963 |
add_wait_queue(&self->open_wait, &wait); |
1964 |
|
1965 |
IRDA_DEBUG(2, "%s(%d):block_til_ready before block on %s open_count=%d\n", |
1966 |
- __FILE__,__LINE__, tty->driver->name, self->open_count ); |
1967 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count) ); |
1968 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count) ); |
1969 |
|
1970 |
/* As far as I can see, we protect open_count - Jean II */ |
1971 |
spin_lock_irqsave(&self->spinlock, flags); |
1972 |
if (!tty_hung_up_p(filp)) { |
1973 |
extra_count = 1; |
1974 |
- self->open_count--; |
1975 |
-+ atomic_dec(&self->open_count); |
1976 |
++ local_dec(&self->open_count); |
1977 |
} |
1978 |
spin_unlock_irqrestore(&self->spinlock, flags); |
1979 |
- self->blocked_open++; |
1980 |
-+ atomic_inc(&self->blocked_open); |
1981 |
++ local_inc(&self->blocked_open); |
1982 |
|
1983 |
while (1) { |
1984 |
if (tty->termios->c_cflag & CBAUD) { |
1985 |
@@ -58450,7 +58864,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
1986 |
|
1987 |
IRDA_DEBUG(1, "%s(%d):block_til_ready blocking on %s open_count=%d\n", |
1988 |
- __FILE__,__LINE__, tty->driver->name, self->open_count ); |
1989 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count) ); |
1990 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count) ); |
1991 |
|
1992 |
schedule(); |
1993 |
} |
1994 |
@@ -58459,15 +58873,15 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
1995 |
/* ++ is not atomic, so this should be protected - Jean II */ |
1996 |
spin_lock_irqsave(&self->spinlock, flags); |
1997 |
- self->open_count++; |
1998 |
-+ atomic_inc(&self->open_count); |
1999 |
++ local_inc(&self->open_count); |
2000 |
spin_unlock_irqrestore(&self->spinlock, flags); |
2001 |
} |
2002 |
- self->blocked_open--; |
2003 |
-+ atomic_dec(&self->blocked_open); |
2004 |
++ local_dec(&self->blocked_open); |
2005 |
|
2006 |
IRDA_DEBUG(1, "%s(%d):block_til_ready after blocking on %s open_count=%d\n", |
2007 |
- __FILE__,__LINE__, tty->driver->name, self->open_count); |
2008 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count)); |
2009 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count)); |
2010 |
|
2011 |
if (!retval) |
2012 |
self->flags |= ASYNC_NORMAL_ACTIVE; |
2013 |
@@ -58476,7 +58890,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2014 |
/* ++ is not atomic, so this should be protected - Jean II */ |
2015 |
spin_lock_irqsave(&self->spinlock, flags); |
2016 |
- self->open_count++; |
2017 |
-+ atomic_inc(&self->open_count); |
2018 |
++ local_inc(&self->open_count); |
2019 |
|
2020 |
tty->driver_data = self; |
2021 |
self->tty = tty; |
2022 |
@@ -58484,7 +58898,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2023 |
|
2024 |
IRDA_DEBUG(1, "%s(), %s%d, count = %d\n", __func__ , tty->driver->name, |
2025 |
- self->line, self->open_count); |
2026 |
-+ self->line, atomic_read(&self->open_count)); |
2027 |
++ self->line, local_read(&self->open_count)); |
2028 |
|
2029 |
/* Not really used by us, but lets do it anyway */ |
2030 |
self->tty->low_latency = (self->flags & ASYNC_LOW_LATENCY) ? 1 : 0; |
2031 |
@@ -58493,7 +58907,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2032 |
} |
2033 |
|
2034 |
- if ((tty->count == 1) && (self->open_count != 1)) { |
2035 |
-+ if ((tty->count == 1) && (atomic_read(&self->open_count) != 1)) { |
2036 |
++ if ((tty->count == 1) && (local_read(&self->open_count) != 1)) { |
2037 |
/* |
2038 |
* Uh, oh. tty->count is 1, which means that the tty |
2039 |
* structure will be freed. state->count should always |
2040 |
@@ -58503,20 +58917,20 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2041 |
"tty->count is 1, state->count is %d\n", __func__ , |
2042 |
- self->open_count); |
2043 |
- self->open_count = 1; |
2044 |
-+ atomic_read(&self->open_count)); |
2045 |
-+ atomic_set(&self->open_count, 1); |
2046 |
++ local_read(&self->open_count)); |
2047 |
++ local_set(&self->open_count, 1); |
2048 |
} |
2049 |
|
2050 |
- if (--self->open_count < 0) { |
2051 |
-+ if (atomic_dec_return(&self->open_count) < 0) { |
2052 |
++ if (local_dec_return(&self->open_count) < 0) { |
2053 |
IRDA_ERROR("%s(), bad serial port count for ttys%d: %d\n", |
2054 |
- __func__, self->line, self->open_count); |
2055 |
- self->open_count = 0; |
2056 |
-+ __func__, self->line, atomic_read(&self->open_count)); |
2057 |
-+ atomic_set(&self->open_count, 0); |
2058 |
++ __func__, self->line, local_read(&self->open_count)); |
2059 |
++ local_set(&self->open_count, 0); |
2060 |
} |
2061 |
- if (self->open_count) { |
2062 |
-+ if (atomic_read(&self->open_count)) { |
2063 |
++ if (local_read(&self->open_count)) { |
2064 |
spin_unlock_irqrestore(&self->spinlock, flags); |
2065 |
|
2066 |
IRDA_DEBUG(0, "%s(), open count > 0\n", __func__ ); |
2067 |
@@ -58525,7 +58939,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2068 |
self->tty = NULL; |
2069 |
|
2070 |
- if (self->blocked_open) { |
2071 |
-+ if (atomic_read(&self->blocked_open)) { |
2072 |
++ if (local_read(&self->blocked_open)) { |
2073 |
if (self->close_delay) |
2074 |
schedule_timeout_interruptible(self->close_delay); |
2075 |
wake_up_interruptible(&self->open_wait); |
2076 |
@@ -58534,7 +58948,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2077 |
self->flags &= ~ASYNC_NORMAL_ACTIVE; |
2078 |
self->tty = NULL; |
2079 |
- self->open_count = 0; |
2080 |
-+ atomic_set(&self->open_count, 0); |
2081 |
++ local_set(&self->open_count, 0); |
2082 |
spin_unlock_irqrestore(&self->spinlock, flags); |
2083 |
|
2084 |
wake_up_interruptible(&self->open_wait); |
2085 |
@@ -58543,7 +58957,7 @@ diff -urNp linux-2.6.32.28/net/irda/ircomm/ircomm_tty.c linux-2.6.32.28/net/irda |
2086 |
|
2087 |
seq_printf(m, "Role: %s\n", self->client ? "client" : "server"); |
2088 |
- seq_printf(m, "Open count: %d\n", self->open_count); |
2089 |
-+ seq_printf(m, "Open count: %d\n", atomic_read(&self->open_count)); |
2090 |
++ seq_printf(m, "Open count: %d\n", local_read(&self->open_count)); |
2091 |
seq_printf(m, "Max data size: %d\n", self->max_data_size); |
2092 |
seq_printf(m, "Max header size: %d\n", self->max_header_size); |
2093 |
|
2094 |
@@ -58582,25 +58996,33 @@ diff -urNp linux-2.6.32.28/net/mac80211/debugfs_key.c linux-2.6.32.28/net/mac802 |
2095 |
p += scnprintf(p, bufsize + buf - p, "%02x", key->conf.key[i]); |
2096 |
diff -urNp linux-2.6.32.28/net/mac80211/ieee80211_i.h linux-2.6.32.28/net/mac80211/ieee80211_i.h |
2097 |
--- linux-2.6.32.28/net/mac80211/ieee80211_i.h 2010-08-13 16:24:37.000000000 -0400 |
2098 |
-+++ linux-2.6.32.28/net/mac80211/ieee80211_i.h 2010-12-31 14:46:53.000000000 -0500 |
2099 |
-@@ -635,7 +635,7 @@ struct ieee80211_local { |
2100 |
++++ linux-2.6.32.28/net/mac80211/ieee80211_i.h 2011-01-24 18:05:37.000000000 -0500 |
2101 |
+@@ -25,6 +25,7 @@ |
2102 |
+ #include <linux/etherdevice.h> |
2103 |
+ #include <net/cfg80211.h> |
2104 |
+ #include <net/mac80211.h> |
2105 |
++#include <asm/local.h> |
2106 |
+ #include "key.h" |
2107 |
+ #include "sta_info.h" |
2108 |
+ |
2109 |
+@@ -635,7 +636,7 @@ struct ieee80211_local { |
2110 |
/* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ |
2111 |
spinlock_t queue_stop_reason_lock; |
2112 |
|
2113 |
- int open_count; |
2114 |
-+ atomic_t open_count; |
2115 |
++ local_t open_count; |
2116 |
int monitors, cooked_mntrs; |
2117 |
/* number of interfaces with corresponding FIF_ flags */ |
2118 |
int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss, fif_pspoll; |
2119 |
diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/iface.c |
2120 |
--- linux-2.6.32.28/net/mac80211/iface.c 2010-08-13 16:24:37.000000000 -0400 |
2121 |
-+++ linux-2.6.32.28/net/mac80211/iface.c 2010-12-31 14:46:53.000000000 -0500 |
2122 |
++++ linux-2.6.32.28/net/mac80211/iface.c 2011-01-24 18:05:37.000000000 -0500 |
2123 |
@@ -166,7 +166,7 @@ static int ieee80211_open(struct net_dev |
2124 |
break; |
2125 |
} |
2126 |
|
2127 |
- if (local->open_count == 0) { |
2128 |
-+ if (atomic_read(&local->open_count) == 0) { |
2129 |
++ if (local_read(&local->open_count) == 0) { |
2130 |
res = drv_start(local); |
2131 |
if (res) |
2132 |
goto err_del_bss; |
2133 |
@@ -58609,7 +59031,7 @@ diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/ifa |
2134 |
*/ |
2135 |
if (!is_valid_ether_addr(dev->dev_addr)) { |
2136 |
- if (!local->open_count) |
2137 |
-+ if (!atomic_read(&local->open_count)) |
2138 |
++ if (!local_read(&local->open_count)) |
2139 |
drv_stop(local); |
2140 |
return -EADDRNOTAVAIL; |
2141 |
} |
2142 |
@@ -58618,7 +59040,7 @@ diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/ifa |
2143 |
hw_reconf_flags |= __ieee80211_recalc_idle(local); |
2144 |
|
2145 |
- local->open_count++; |
2146 |
-+ atomic_inc(&local->open_count); |
2147 |
++ local_inc(&local->open_count); |
2148 |
if (hw_reconf_flags) { |
2149 |
ieee80211_hw_config(local, hw_reconf_flags); |
2150 |
/* |
2151 |
@@ -58627,7 +59049,7 @@ diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/ifa |
2152 |
drv_remove_interface(local, &conf); |
2153 |
err_stop: |
2154 |
- if (!local->open_count) |
2155 |
-+ if (!atomic_read(&local->open_count)) |
2156 |
++ if (!local_read(&local->open_count)) |
2157 |
drv_stop(local); |
2158 |
err_del_bss: |
2159 |
sdata->bss = NULL; |
2160 |
@@ -58636,7 +59058,7 @@ diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/ifa |
2161 |
} |
2162 |
|
2163 |
- local->open_count--; |
2164 |
-+ atomic_dec(&local->open_count); |
2165 |
++ local_dec(&local->open_count); |
2166 |
|
2167 |
switch (sdata->vif.type) { |
2168 |
case NL80211_IFTYPE_AP_VLAN: |
2169 |
@@ -58645,43 +59067,43 @@ diff -urNp linux-2.6.32.28/net/mac80211/iface.c linux-2.6.32.28/net/mac80211/ifa |
2170 |
ieee80211_recalc_ps(local, -1); |
2171 |
|
2172 |
- if (local->open_count == 0) { |
2173 |
-+ if (atomic_read(&local->open_count) == 0) { |
2174 |
++ if (local_read(&local->open_count) == 0) { |
2175 |
ieee80211_clear_tx_pending(local); |
2176 |
ieee80211_stop_device(local); |
2177 |
|
2178 |
diff -urNp linux-2.6.32.28/net/mac80211/main.c linux-2.6.32.28/net/mac80211/main.c |
2179 |
--- linux-2.6.32.28/net/mac80211/main.c 2010-08-13 16:24:37.000000000 -0400 |
2180 |
-+++ linux-2.6.32.28/net/mac80211/main.c 2010-12-31 14:46:53.000000000 -0500 |
2181 |
++++ linux-2.6.32.28/net/mac80211/main.c 2011-01-24 18:05:37.000000000 -0500 |
2182 |
@@ -145,7 +145,7 @@ int ieee80211_hw_config(struct ieee80211 |
2183 |
local->hw.conf.power_level = power; |
2184 |
} |
2185 |
|
2186 |
- if (changed && local->open_count) { |
2187 |
-+ if (changed && atomic_read(&local->open_count)) { |
2188 |
++ if (changed && local_read(&local->open_count)) { |
2189 |
ret = drv_config(local, changed); |
2190 |
/* |
2191 |
* Goal: |
2192 |
diff -urNp linux-2.6.32.28/net/mac80211/pm.c linux-2.6.32.28/net/mac80211/pm.c |
2193 |
--- linux-2.6.32.28/net/mac80211/pm.c 2010-08-13 16:24:37.000000000 -0400 |
2194 |
-+++ linux-2.6.32.28/net/mac80211/pm.c 2010-12-31 14:46:53.000000000 -0500 |
2195 |
++++ linux-2.6.32.28/net/mac80211/pm.c 2011-01-24 18:05:37.000000000 -0500 |
2196 |
@@ -107,7 +107,7 @@ int __ieee80211_suspend(struct ieee80211 |
2197 |
} |
2198 |
|
2199 |
/* stop hardware - this must stop RX */ |
2200 |
- if (local->open_count) |
2201 |
-+ if (atomic_read(&local->open_count)) |
2202 |
++ if (local_read(&local->open_count)) |
2203 |
ieee80211_stop_device(local); |
2204 |
|
2205 |
local->suspended = true; |
2206 |
diff -urNp linux-2.6.32.28/net/mac80211/rate.c linux-2.6.32.28/net/mac80211/rate.c |
2207 |
--- linux-2.6.32.28/net/mac80211/rate.c 2010-08-13 16:24:37.000000000 -0400 |
2208 |
-+++ linux-2.6.32.28/net/mac80211/rate.c 2010-12-31 14:46:53.000000000 -0500 |
2209 |
++++ linux-2.6.32.28/net/mac80211/rate.c 2011-01-24 18:05:37.000000000 -0500 |
2210 |
@@ -287,7 +287,7 @@ int ieee80211_init_rate_ctrl_alg(struct |
2211 |
struct rate_control_ref *ref, *old; |
2212 |
|
2213 |
ASSERT_RTNL(); |
2214 |
- if (local->open_count) |
2215 |
-+ if (atomic_read(&local->open_count)) |
2216 |
++ if (local_read(&local->open_count)) |
2217 |
return -EBUSY; |
2218 |
|
2219 |
ref = rate_control_alloc(name, local); |
2220 |
@@ -58699,13 +59121,13 @@ diff -urNp linux-2.6.32.28/net/mac80211/tx.c linux-2.6.32.28/net/mac80211/tx.c |
2221 |
return local == wdev_priv(dev->ieee80211_ptr); |
2222 |
diff -urNp linux-2.6.32.28/net/mac80211/util.c linux-2.6.32.28/net/mac80211/util.c |
2223 |
--- linux-2.6.32.28/net/mac80211/util.c 2010-08-13 16:24:37.000000000 -0400 |
2224 |
-+++ linux-2.6.32.28/net/mac80211/util.c 2010-12-31 14:46:53.000000000 -0500 |
2225 |
++++ linux-2.6.32.28/net/mac80211/util.c 2011-01-24 18:05:37.000000000 -0500 |
2226 |
@@ -1042,7 +1042,7 @@ int ieee80211_reconfig(struct ieee80211_ |
2227 |
local->resuming = true; |
2228 |
|
2229 |
/* restart hardware */ |
2230 |
- if (local->open_count) { |
2231 |
-+ if (atomic_read(&local->open_count)) { |
2232 |
++ if (local_read(&local->open_count)) { |
2233 |
/* |
2234 |
* Upon resume hardware can sometimes be goofy due to |
2235 |
* various platform / driver / bus issues, so restarting |
2236 |
@@ -59747,8 +60169,8 @@ diff -urNp linux-2.6.32.28/security/integrity/ima/ima_queue.c linux-2.6.32.28/se |
2237 |
return 0; |
2238 |
diff -urNp linux-2.6.32.28/security/Kconfig linux-2.6.32.28/security/Kconfig |
2239 |
--- linux-2.6.32.28/security/Kconfig 2010-08-13 16:24:37.000000000 -0400 |
2240 |
-+++ linux-2.6.32.28/security/Kconfig 2011-01-04 17:43:17.000000000 -0500 |
2241 |
-@@ -4,6 +4,509 @@ |
2242 |
++++ linux-2.6.32.28/security/Kconfig 2011-02-12 11:33:55.000000000 -0500 |
2243 |
+@@ -4,6 +4,527 @@ |
2244 |
|
2245 |
menu "Security options" |
2246 |
|
2247 |
@@ -59994,6 +60416,24 @@ diff -urNp linux-2.6.32.28/security/Kconfig linux-2.6.32.28/security/Kconfig |
2248 |
+ NOTE: you can use the 'chpax' or 'paxctl' utilities to control |
2249 |
+ this feature on a per file basis. |
2250 |
+ |
2251 |
++config PAX_MPROTECT_COMPAT |
2252 |
++ bool "Use legacy/compat protection demoting (read help)" |
2253 |
++ depends on PAX_MPROTECT |
2254 |
++ default n |
2255 |
++ help |
2256 |
++ The current implementation of PAX_MPROTECT denies RWX allocations/mprotects |
2257 |
++ by sending the proper error code to the application. For some broken |
2258 |
++ userland, this can cause problems with Python or other applications. The |
2259 |
++ current implementation however allows for applications like clamav to |
2260 |
++ detect if JIT compilation/execution is allowed and to fall back gracefully |
2261 |
++ to an interpreter-based mode if it does not. While we encourage everyone |
2262 |
++ to use the current implementation as-is and push upstream to fix broken |
2263 |
++ userland (note that the RWX logging option can assist with this), in some |
2264 |
++ environments this may not be possible. Having to disable MPROTECT |
2265 |
++ completely on certain binaries reduces the security benefit of PaX, |
2266 |
++ so this option is provided for those environments to revert to the old |
2267 |
++ behavior. |
2268 |
++ |
2269 |
+config PAX_ELFRELOCS |
2270 |
+ bool "Allow ELF text relocations (read help)" |
2271 |
+ depends on PAX_MPROTECT |
2272 |
@@ -60258,7 +60698,7 @@ diff -urNp linux-2.6.32.28/security/Kconfig linux-2.6.32.28/security/Kconfig |
2273 |
config KEYS |
2274 |
bool "Enable access key retention support" |
2275 |
help |
2276 |
-@@ -146,7 +649,7 @@ config INTEL_TXT |
2277 |
+@@ -146,7 +667,7 @@ config INTEL_TXT |
2278 |
config LSM_MMAP_MIN_ADDR |
2279 |
int "Low address space for LSM to protect from user allocation" |
2280 |
depends on SECURITY && SECURITY_SELINUX |
2281 |
@@ -60321,7 +60761,7 @@ diff -urNp linux-2.6.32.28/security/security.c linux-2.6.32.28/security/security |
2282 |
printk(KERN_DEBUG "%s could not verify " |
2283 |
diff -urNp linux-2.6.32.28/security/selinux/hooks.c linux-2.6.32.28/security/selinux/hooks.c |
2284 |
--- linux-2.6.32.28/security/selinux/hooks.c 2010-08-13 16:24:37.000000000 -0400 |
2285 |
-+++ linux-2.6.32.28/security/selinux/hooks.c 2010-12-31 14:46:53.000000000 -0500 |
2286 |
++++ linux-2.6.32.28/security/selinux/hooks.c 2011-02-12 11:03:00.000000000 -0500 |
2287 |
@@ -131,7 +131,7 @@ int selinux_enabled = 1; |
2288 |
* Minimal support for a secondary security module, |
2289 |
* just to allow the use of the capability module. |
2290 |
@@ -60331,7 +60771,20 @@ diff -urNp linux-2.6.32.28/security/selinux/hooks.c linux-2.6.32.28/security/sel |
2291 |
|
2292 |
/* Lists of inode and superblock security structures initialized |
2293 |
before the policy was loaded. */ |
2294 |
-@@ -5450,7 +5450,7 @@ static int selinux_key_getsecurity(struc |
2295 |
+@@ -3259,7 +3259,11 @@ static void selinux_cred_free(struct cre |
2296 |
+ { |
2297 |
+ struct task_security_struct *tsec = cred->security; |
2298 |
+ |
2299 |
+- BUG_ON((unsigned long) cred->security < PAGE_SIZE); |
2300 |
++ /* |
2301 |
++ * cred->security == NULL if security_cred_alloc_blank() or |
2302 |
++ * security_prepare_creds() returned an error. |
2303 |
++ */ |
2304 |
++ BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE); |
2305 |
+ cred->security = (void *) 0x7UL; |
2306 |
+ kfree(tsec); |
2307 |
+ } |
2308 |
+@@ -5450,7 +5454,7 @@ static int selinux_key_getsecurity(struc |
2309 |
|
2310 |
#endif |
2311 |
|
2312 |
@@ -60340,7 +60793,7 @@ diff -urNp linux-2.6.32.28/security/selinux/hooks.c linux-2.6.32.28/security/sel |
2313 |
.name = "selinux", |
2314 |
|
2315 |
.ptrace_access_check = selinux_ptrace_access_check, |
2316 |
-@@ -5834,7 +5834,9 @@ int selinux_disable(void) |
2317 |
+@@ -5834,7 +5838,9 @@ int selinux_disable(void) |
2318 |
avc_disable(); |
2319 |
|
2320 |
/* Reset security_ops to the secondary module, dummy or capability. */ |
2321 |
@@ -60376,13 +60829,13 @@ diff -urNp linux-2.6.32.28/security/tomoyo/tomoyo.c linux-2.6.32.28/security/tom |
2322 |
.cred_prepare = tomoyo_cred_prepare, |
2323 |
diff -urNp linux-2.6.32.28/sound/aoa/codecs/onyx.c linux-2.6.32.28/sound/aoa/codecs/onyx.c |
2324 |
--- linux-2.6.32.28/sound/aoa/codecs/onyx.c 2010-08-13 16:24:37.000000000 -0400 |
2325 |
-+++ linux-2.6.32.28/sound/aoa/codecs/onyx.c 2010-12-31 14:46:53.000000000 -0500 |
2326 |
++++ linux-2.6.32.28/sound/aoa/codecs/onyx.c 2011-01-24 18:05:37.000000000 -0500 |
2327 |
@@ -53,7 +53,7 @@ struct onyx { |
2328 |
spdif_locked:1, |
2329 |
analog_locked:1, |
2330 |
original_mute:2; |
2331 |
- int open_count; |
2332 |
-+ atomic_t open_count; |
2333 |
++ local_t open_count; |
2334 |
struct codec_info *codec_info; |
2335 |
|
2336 |
/* mutex serializes concurrent access to the device |
2337 |
@@ -60391,7 +60844,7 @@ diff -urNp linux-2.6.32.28/sound/aoa/codecs/onyx.c linux-2.6.32.28/sound/aoa/cod |
2338 |
|
2339 |
mutex_lock(&onyx->mutex); |
2340 |
- onyx->open_count++; |
2341 |
-+ atomic_inc(&onyx->open_count); |
2342 |
++ local_inc(&onyx->open_count); |
2343 |
mutex_unlock(&onyx->mutex); |
2344 |
|
2345 |
return 0; |
2346 |
@@ -60401,10 +60854,21 @@ diff -urNp linux-2.6.32.28/sound/aoa/codecs/onyx.c linux-2.6.32.28/sound/aoa/cod |
2347 |
mutex_lock(&onyx->mutex); |
2348 |
- onyx->open_count--; |
2349 |
- if (!onyx->open_count) |
2350 |
-+ if (atomic_dec_and_test(&onyx->open_count)) |
2351 |
++ if (local_dec_and_test(&onyx->open_count)) |
2352 |
onyx->spdif_locked = onyx->analog_locked = 0; |
2353 |
mutex_unlock(&onyx->mutex); |
2354 |
|
2355 |
+diff -urNp linux-2.6.32.28/sound/aoa/codecs/onyx.h linux-2.6.32.28/sound/aoa/codecs/onyx.h |
2356 |
+--- linux-2.6.32.28/sound/aoa/codecs/onyx.h 2010-08-13 16:24:37.000000000 -0400 |
2357 |
++++ linux-2.6.32.28/sound/aoa/codecs/onyx.h 2011-01-25 20:24:47.000000000 -0500 |
2358 |
+@@ -11,6 +11,7 @@ |
2359 |
+ #include <linux/i2c.h> |
2360 |
+ #include <asm/pmac_low_i2c.h> |
2361 |
+ #include <asm/prom.h> |
2362 |
++#include <asm/local.h> |
2363 |
+ |
2364 |
+ /* PCM3052 register definitions */ |
2365 |
+ |
2366 |
diff -urNp linux-2.6.32.28/sound/core/oss/pcm_oss.c linux-2.6.32.28/sound/core/oss/pcm_oss.c |
2367 |
--- linux-2.6.32.28/sound/core/oss/pcm_oss.c 2010-08-13 16:24:37.000000000 -0400 |
2368 |
+++ linux-2.6.32.28/sound/core/oss/pcm_oss.c 2010-12-31 14:46:53.000000000 -0500 |
2369 |
@@ -60439,64 +60903,80 @@ diff -urNp linux-2.6.32.28/sound/core/seq/seq_lock.h linux-2.6.32.28/sound/core/ |
2370 |
|
2371 |
diff -urNp linux-2.6.32.28/sound/drivers/mts64.c linux-2.6.32.28/sound/drivers/mts64.c |
2372 |
--- linux-2.6.32.28/sound/drivers/mts64.c 2010-08-13 16:24:37.000000000 -0400 |
2373 |
-+++ linux-2.6.32.28/sound/drivers/mts64.c 2010-12-31 14:46:53.000000000 -0500 |
2374 |
-@@ -65,7 +65,7 @@ struct mts64 { |
2375 |
++++ linux-2.6.32.28/sound/drivers/mts64.c 2011-01-25 22:35:30.000000000 -0500 |
2376 |
+@@ -27,6 +27,7 @@ |
2377 |
+ #include <sound/initval.h> |
2378 |
+ #include <sound/rawmidi.h> |
2379 |
+ #include <sound/control.h> |
2380 |
++#include <asm/local.h> |
2381 |
+ |
2382 |
+ #define CARD_NAME "Miditerminal 4140" |
2383 |
+ #define DRIVER_NAME "MTS64" |
2384 |
+@@ -65,7 +66,7 @@ struct mts64 { |
2385 |
struct pardevice *pardev; |
2386 |
int pardev_claimed; |
2387 |
|
2388 |
- int open_count; |
2389 |
-+ atomic_t open_count; |
2390 |
++ local_t open_count; |
2391 |
int current_midi_output_port; |
2392 |
int current_midi_input_port; |
2393 |
u8 mode[MTS64_NUM_INPUT_PORTS]; |
2394 |
-@@ -695,7 +695,7 @@ static int snd_mts64_rawmidi_open(struct |
2395 |
+@@ -695,7 +696,7 @@ static int snd_mts64_rawmidi_open(struct |
2396 |
{ |
2397 |
struct mts64 *mts = substream->rmidi->private_data; |
2398 |
|
2399 |
- if (mts->open_count == 0) { |
2400 |
-+ if (atomic_read(&mts->open_count) == 0) { |
2401 |
++ if (local_read(&mts->open_count) == 0) { |
2402 |
/* We don't need a spinlock here, because this is just called |
2403 |
if the device has not been opened before. |
2404 |
So there aren't any IRQs from the device */ |
2405 |
-@@ -703,7 +703,7 @@ static int snd_mts64_rawmidi_open(struct |
2406 |
+@@ -703,7 +704,7 @@ static int snd_mts64_rawmidi_open(struct |
2407 |
|
2408 |
msleep(50); |
2409 |
} |
2410 |
- ++(mts->open_count); |
2411 |
-+ atomic_inc(&mts->open_count); |
2412 |
++ local_inc(&mts->open_count); |
2413 |
|
2414 |
return 0; |
2415 |
} |
2416 |
-@@ -713,8 +713,7 @@ static int snd_mts64_rawmidi_close(struc |
2417 |
+@@ -713,8 +714,7 @@ static int snd_mts64_rawmidi_close(struc |
2418 |
struct mts64 *mts = substream->rmidi->private_data; |
2419 |
unsigned long flags; |
2420 |
|
2421 |
- --(mts->open_count); |
2422 |
- if (mts->open_count == 0) { |
2423 |
-+ if (atomic_dec_return(&mts->open_count) == 0) { |
2424 |
++ if (local_dec_return(&mts->open_count) == 0) { |
2425 |
/* We need the spinlock_irqsave here because we can still |
2426 |
have IRQs at this point */ |
2427 |
spin_lock_irqsave(&mts->lock, flags); |
2428 |
-@@ -723,8 +722,8 @@ static int snd_mts64_rawmidi_close(struc |
2429 |
+@@ -723,8 +723,8 @@ static int snd_mts64_rawmidi_close(struc |
2430 |
|
2431 |
msleep(500); |
2432 |
|
2433 |
- } else if (mts->open_count < 0) |
2434 |
- mts->open_count = 0; |
2435 |
-+ } else if (atomic_read(&mts->open_count) < 0) |
2436 |
-+ atomic_set(&mts->open_count, 0); |
2437 |
++ } else if (local_read(&mts->open_count) < 0) |
2438 |
++ local_set(&mts->open_count, 0); |
2439 |
|
2440 |
return 0; |
2441 |
} |
2442 |
diff -urNp linux-2.6.32.28/sound/drivers/portman2x4.c linux-2.6.32.28/sound/drivers/portman2x4.c |
2443 |
--- linux-2.6.32.28/sound/drivers/portman2x4.c 2010-08-13 16:24:37.000000000 -0400 |
2444 |
-+++ linux-2.6.32.28/sound/drivers/portman2x4.c 2010-12-31 14:46:53.000000000 -0500 |
2445 |
-@@ -83,7 +83,7 @@ struct portman { |
2446 |
++++ linux-2.6.32.28/sound/drivers/portman2x4.c 2011-01-25 20:24:47.000000000 -0500 |
2447 |
+@@ -46,6 +46,7 @@ |
2448 |
+ #include <sound/initval.h> |
2449 |
+ #include <sound/rawmidi.h> |
2450 |
+ #include <sound/control.h> |
2451 |
++#include <asm/local.h> |
2452 |
+ |
2453 |
+ #define CARD_NAME "Portman 2x4" |
2454 |
+ #define DRIVER_NAME "portman" |
2455 |
+@@ -83,7 +84,7 @@ struct portman { |
2456 |
struct pardevice *pardev; |
2457 |
int pardev_claimed; |
2458 |
|
2459 |
- int open_count; |
2460 |
-+ atomic_t open_count; |
2461 |
++ local_t open_count; |
2462 |
int mode[PORTMAN_NUM_INPUT_PORTS]; |
2463 |
struct snd_rawmidi_substream *midi_input[PORTMAN_NUM_INPUT_PORTS]; |
2464 |
}; |
2465 |
|
2466 |
diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
2467 |
index 0049a17..5592c67 100644 |
2468 |
--- a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
2469 |
+++ b/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
2470 |
@@ -27,7 +27,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
2471 |
|
2472 |
--- a/grsecurity/Kconfig |
2473 |
+++ b/grsecurity/Kconfig |
2474 |
-@@ -1385,6 +1385,27 @@ |
2475 |
+@@ -1230,6 +1230,27 @@ |
2476 |
menu "Logging Options" |
2477 |
depends on GRKERNSEC |
2478 |
|
2479 |
|
2480 |
diff --git a/2.6.37/0000_README b/2.6.37/0000_README |
2481 |
index 587d47a..16e7e24 100644 |
2482 |
--- a/2.6.37/0000_README |
2483 |
+++ b/2.6.37/0000_README |
2484 |
@@ -3,7 +3,7 @@ README |
2485 |
|
2486 |
Individual Patch Descriptions: |
2487 |
----------------------------------------------------------------------------- |
2488 |
-Patch: 4420_grsecurity-2.2.1-2.6.37-201101172105.patch |
2489 |
+Patch: 4420_grsecurity-2.2.1-2.6.37-201102121148.patch |
2490 |
From: http://www.grsecurity.net |
2491 |
Desc: hardened-sources base patch from upstream grsecurity |
2492 |
|
2493 |
|
2494 |
diff --git a/2.6.37/4420_grsecurity-2.2.1-2.6.37-201101172105.patch b/2.6.37/4420_grsecurity-2.2.1-2.6.37-201102121148.patch |
2495 |
similarity index 98% |
2496 |
rename from 2.6.37/4420_grsecurity-2.2.1-2.6.37-201101172105.patch |
2497 |
rename to 2.6.37/4420_grsecurity-2.2.1-2.6.37-201102121148.patch |
2498 |
index 3e2bbf5..e66397d 100644 |
2499 |
--- a/2.6.37/4420_grsecurity-2.2.1-2.6.37-201101172105.patch |
2500 |
+++ b/2.6.37/4420_grsecurity-2.2.1-2.6.37-201102121148.patch |
2501 |
@@ -7638,7 +7638,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/elf.h linux-2.6.37/arch/x86/include |
2502 |
#endif /* _ASM_X86_ELF_H */ |
2503 |
diff -urNp linux-2.6.37/arch/x86/include/asm/futex.h linux-2.6.37/arch/x86/include/asm/futex.h |
2504 |
--- linux-2.6.37/arch/x86/include/asm/futex.h 2011-01-04 19:50:19.000000000 -0500 |
2505 |
-+++ linux-2.6.37/arch/x86/include/asm/futex.h 2011-01-17 02:41:00.000000000 -0500 |
2506 |
++++ linux-2.6.37/arch/x86/include/asm/futex.h 2011-01-25 20:24:56.000000000 -0500 |
2507 |
@@ -12,16 +12,18 @@ |
2508 |
#include <asm/system.h> |
2509 |
|
2510 |
@@ -7651,7 +7651,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/futex.h linux-2.6.37/arch/x86/inclu |
2511 |
"\t.previous\n" \ |
2512 |
_ASM_EXTABLE(1b, 3b) \ |
2513 |
- : "=r" (oldval), "=r" (ret), "+m" (*uaddr) \ |
2514 |
-+ : "=r" (oldval), "=r" (ret), "+m" (*____m(uaddr))\ |
2515 |
++ : "=r" (oldval), "=r" (ret), "+m" (*(u32 *)____m(uaddr))\ |
2516 |
: "i" (-EFAULT), "0" (oparg), "1" (0)) |
2517 |
|
2518 |
#define __futex_atomic_op2(insn, ret, oldval, uaddr, oparg) \ |
2519 |
@@ -7664,7 +7664,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/futex.h linux-2.6.37/arch/x86/inclu |
2520 |
_ASM_EXTABLE(2b, 4b) \ |
2521 |
: "=&a" (oldval), "=&r" (ret), \ |
2522 |
- "+m" (*uaddr), "=&r" (tem) \ |
2523 |
-+ "+m" (*(____m(uaddr))), "=&r" (tem) \ |
2524 |
++ "+m" (*(u32 *)____m(uaddr)), "=&r" (tem) \ |
2525 |
: "r" (oparg), "i" (-EFAULT), "1" (0)) |
2526 |
|
2527 |
-static inline int futex_atomic_op_inuser(int encoded_op, int __user *uaddr) |
2528 |
@@ -7710,7 +7710,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/futex.h linux-2.6.37/arch/x86/inclu |
2529 |
"\t.previous\n" |
2530 |
_ASM_EXTABLE(1b, 3b) |
2531 |
- : "=a" (oldval), "+m" (*uaddr) |
2532 |
-+ : "=a" (oldval), "+m" (*____m(uaddr)) |
2533 |
++ : "=a" (oldval), "+m" (*(u32 *)____m(uaddr)) |
2534 |
: "i" (-EFAULT), "r" (newval), "0" (oldval) |
2535 |
: "memory" |
2536 |
); |
2537 |
@@ -7759,7 +7759,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/i387.h linux-2.6.37/arch/x86/includ |
2538 |
* These must be called with preempt disabled |
2539 |
diff -urNp linux-2.6.37/arch/x86/include/asm/io.h linux-2.6.37/arch/x86/include/asm/io.h |
2540 |
--- linux-2.6.37/arch/x86/include/asm/io.h 2011-01-04 19:50:19.000000000 -0500 |
2541 |
-+++ linux-2.6.37/arch/x86/include/asm/io.h 2011-01-17 02:41:00.000000000 -0500 |
2542 |
++++ linux-2.6.37/arch/x86/include/asm/io.h 2011-01-27 22:37:21.000000000 -0500 |
2543 |
@@ -216,6 +216,17 @@ extern void set_iounmap_nonlazy(void); |
2544 |
|
2545 |
#include <linux/vmalloc.h> |
2546 |
@@ -7767,12 +7767,12 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/io.h linux-2.6.37/arch/x86/include/ |
2547 |
+#define ARCH_HAS_VALID_PHYS_ADDR_RANGE |
2548 |
+static inline int valid_phys_addr_range(unsigned long addr, size_t count) |
2549 |
+{ |
2550 |
-+ return ((addr + count + PAGE_SIZE - 1) >> PAGE_SHIFT) < (1 << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
2551 |
++ return ((addr + count + PAGE_SIZE - 1) >> PAGE_SHIFT) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
2552 |
+} |
2553 |
+ |
2554 |
+static inline int valid_mmap_phys_addr_range(unsigned long pfn, size_t count) |
2555 |
+{ |
2556 |
-+ return (pfn + (count >> PAGE_SHIFT)) < (1 << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
2557 |
++ return (pfn + (count >> PAGE_SHIFT)) < (1ULL << (boot_cpu_data.x86_phys_bits - PAGE_SHIFT)) ? 1 : 0; |
2558 |
+} |
2559 |
+ |
2560 |
/* |
2561 |
@@ -8049,7 +8049,7 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/mman.h linux-2.6.37/arch/x86/includ |
2562 |
#endif /* _ASM_X86_MMAN_H */ |
2563 |
diff -urNp linux-2.6.37/arch/x86/include/asm/mmu_context.h linux-2.6.37/arch/x86/include/asm/mmu_context.h |
2564 |
--- linux-2.6.37/arch/x86/include/asm/mmu_context.h 2011-01-04 19:50:19.000000000 -0500 |
2565 |
-+++ linux-2.6.37/arch/x86/include/asm/mmu_context.h 2011-01-17 02:41:00.000000000 -0500 |
2566 |
++++ linux-2.6.37/arch/x86/include/asm/mmu_context.h 2011-02-12 11:04:35.000000000 -0500 |
2567 |
@@ -24,6 +24,21 @@ void destroy_context(struct mm_struct *m |
2568 |
|
2569 |
static inline void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk) |
2570 |
@@ -8081,8 +8081,8 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/mmu_context.h linux-2.6.37/arch/x86 |
2571 |
+#endif |
2572 |
|
2573 |
if (likely(prev != next)) { |
2574 |
- /* stop flush ipis for the previous mm */ |
2575 |
- cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
2576 |
+- /* stop flush ipis for the previous mm */ |
2577 |
+- cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
2578 |
#ifdef CONFIG_SMP |
2579 |
+#ifdef CONFIG_X86_32 |
2580 |
+ tlbstate = percpu_read(cpu_tlbstate.state); |
2581 |
@@ -8102,6 +8102,8 @@ diff -urNp linux-2.6.37/arch/x86/include/asm/mmu_context.h linux-2.6.37/arch/x86 |
2582 |
+#else |
2583 |
load_cr3(next->pgd); |
2584 |
+#endif |
2585 |
++ /* stop flush ipis for the previous mm */ |
2586 |
++ cpumask_clear_cpu(cpu, mm_cpumask(prev)); |
2587 |
|
2588 |
/* |
2589 |
* load the LDT, if the LDT is different: |
2590 |
@@ -10759,8 +10761,16 @@ diff -urNp linux-2.6.37/arch/x86/kernel/cpu/Makefile linux-2.6.37/arch/x86/kerne |
2591 |
obj-y += vmware.o hypervisor.o sched.o mshyperv.o |
2592 |
diff -urNp linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c |
2593 |
--- linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c 2011-01-04 19:50:19.000000000 -0500 |
2594 |
-+++ linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c 2011-01-17 02:41:01.000000000 -0500 |
2595 |
-@@ -219,7 +219,7 @@ static void print_mce(struct mce *m) |
2596 |
++++ linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c 2011-01-25 20:24:56.000000000 -0500 |
2597 |
+@@ -45,6 +45,7 @@ |
2598 |
+ #include <asm/ipi.h> |
2599 |
+ #include <asm/mce.h> |
2600 |
+ #include <asm/msr.h> |
2601 |
++#include <asm/local.h> |
2602 |
+ |
2603 |
+ #include "mce-internal.h" |
2604 |
+ |
2605 |
+@@ -219,7 +220,7 @@ static void print_mce(struct mce *m) |
2606 |
!(m->mcgstatus & MCG_STATUS_EIPV) ? " !INEXACT!" : "", |
2607 |
m->cs, m->ip); |
2608 |
|
2609 |
@@ -10769,12 +10779,12 @@ diff -urNp linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.37/arch/x86/k |
2610 |
print_symbol("{%s}", m->ip); |
2611 |
pr_cont("\n"); |
2612 |
} |
2613 |
-@@ -1460,14 +1460,14 @@ void __cpuinit mcheck_cpu_init(struct cp |
2614 |
+@@ -1460,14 +1461,14 @@ void __cpuinit mcheck_cpu_init(struct cp |
2615 |
*/ |
2616 |
|
2617 |
static DEFINE_SPINLOCK(mce_state_lock); |
2618 |
-static int open_count; /* #times opened */ |
2619 |
-+static atomic_t open_count; /* #times opened */ |
2620 |
++static local_t open_count; /* #times opened */ |
2621 |
static int open_exclu; /* already open exclusive? */ |
2622 |
|
2623 |
static int mce_open(struct inode *inode, struct file *file) |
2624 |
@@ -10782,29 +10792,29 @@ diff -urNp linux-2.6.37/arch/x86/kernel/cpu/mcheck/mce.c linux-2.6.37/arch/x86/k |
2625 |
spin_lock(&mce_state_lock); |
2626 |
|
2627 |
- if (open_exclu || (open_count && (file->f_flags & O_EXCL))) { |
2628 |
-+ if (open_exclu || (atomic_read(&open_count) && (file->f_flags & O_EXCL))) { |
2629 |
++ if (open_exclu || (local_read(&open_count) && (file->f_flags & O_EXCL))) { |
2630 |
spin_unlock(&mce_state_lock); |
2631 |
|
2632 |
return -EBUSY; |
2633 |
-@@ -1475,7 +1475,7 @@ static int mce_open(struct inode *inode, |
2634 |
+@@ -1475,7 +1476,7 @@ static int mce_open(struct inode *inode, |
2635 |
|
2636 |
if (file->f_flags & O_EXCL) |
2637 |
open_exclu = 1; |
2638 |
- open_count++; |
2639 |
-+ atomic_inc(&open_count); |
2640 |
++ local_inc(&open_count); |
2641 |
|
2642 |
spin_unlock(&mce_state_lock); |
2643 |
|
2644 |
-@@ -1486,7 +1486,7 @@ static int mce_release(struct inode *ino |
2645 |
+@@ -1486,7 +1487,7 @@ static int mce_release(struct inode *ino |
2646 |
{ |
2647 |
spin_lock(&mce_state_lock); |
2648 |
|
2649 |
- open_count--; |
2650 |
-+ atomic_dec(&open_count); |
2651 |
++ local_dec(&open_count); |
2652 |
open_exclu = 0; |
2653 |
|
2654 |
spin_unlock(&mce_state_lock); |
2655 |
-@@ -1673,6 +1673,7 @@ static struct miscdevice mce_log_device |
2656 |
+@@ -1673,6 +1674,7 @@ static struct miscdevice mce_log_device |
2657 |
MISC_MCELOG_MINOR, |
2658 |
"mcelog", |
2659 |
&mce_chrdev_ops, |
2660 |
@@ -11971,7 +11981,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head32.c linux-2.6.37/arch/x86/kernel/he |
2661 |
/* Reserve INITRD */ |
2662 |
diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/head_32.S |
2663 |
--- linux-2.6.37/arch/x86/kernel/head_32.S 2011-01-04 19:50:19.000000000 -0500 |
2664 |
-+++ linux-2.6.37/arch/x86/kernel/head_32.S 2011-01-17 02:41:01.000000000 -0500 |
2665 |
++++ linux-2.6.37/arch/x86/kernel/head_32.S 2011-01-25 20:24:56.000000000 -0500 |
2666 |
@@ -25,6 +25,12 @@ |
2667 |
/* Physical address */ |
2668 |
#define pa(X) ((X) - __PAGE_OFFSET) |
2669 |
@@ -12262,7 +12272,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2670 |
pushl 16(%esp) |
2671 |
pushl 24(%esp) |
2672 |
pushl 32(%esp) |
2673 |
-@@ -619,29 +694,42 @@ ENTRY(initial_code) |
2674 |
+@@ -619,29 +694,43 @@ ENTRY(initial_code) |
2675 |
/* |
2676 |
* BSS section |
2677 |
*/ |
2678 |
@@ -12273,6 +12283,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2679 |
ENTRY(initial_pg_pmd) |
2680 |
.fill 1024*KPMDS,4,0 |
2681 |
#else |
2682 |
++.section .initial_page_table,"a",@progbits |
2683 |
ENTRY(initial_page_table) |
2684 |
.fill 1024,4,0 |
2685 |
#endif |
2686 |
@@ -12310,7 +12321,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2687 |
ENTRY(initial_page_table) |
2688 |
.long pa(initial_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ |
2689 |
# if KPMDS == 3 |
2690 |
-@@ -660,15 +748,24 @@ ENTRY(initial_page_table) |
2691 |
+@@ -660,15 +749,24 @@ ENTRY(initial_page_table) |
2692 |
# error "Kernel PMDs should be 1, 2 or 3" |
2693 |
# endif |
2694 |
.align PAGE_SIZE_asm /* needs to be page-sized too */ |
2695 |
@@ -12336,7 +12347,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2696 |
early_recursion_flag: |
2697 |
.long 0 |
2698 |
|
2699 |
-@@ -704,7 +801,7 @@ fault_msg: |
2700 |
+@@ -704,7 +802,7 @@ fault_msg: |
2701 |
.word 0 # 32 bit align gdt_desc.address |
2702 |
boot_gdt_descr: |
2703 |
.word __BOOT_DS+7 |
2704 |
@@ -12345,7 +12356,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2705 |
|
2706 |
.word 0 # 32-bit align idt_desc.address |
2707 |
idt_descr: |
2708 |
-@@ -715,7 +812,7 @@ idt_descr: |
2709 |
+@@ -715,7 +813,7 @@ idt_descr: |
2710 |
.word 0 # 32 bit align gdt_desc.address |
2711 |
ENTRY(early_gdt_descr) |
2712 |
.word GDT_ENTRIES*8-1 |
2713 |
@@ -12354,7 +12365,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/head_32.S linux-2.6.37/arch/x86/kernel/h |
2714 |
|
2715 |
/* |
2716 |
* The boot_gdt must mirror the equivalent in setup.S and is |
2717 |
-@@ -724,5 +821,65 @@ ENTRY(early_gdt_descr) |
2718 |
+@@ -724,5 +822,65 @@ ENTRY(early_gdt_descr) |
2719 |
.align L1_CACHE_BYTES |
2720 |
ENTRY(boot_gdt) |
2721 |
.fill GDT_ENTRY_BOOT_CS,8,0 |
2722 |
@@ -12777,7 +12788,7 @@ diff -urNp linux-2.6.37/arch/x86/kernel/ioport.c linux-2.6.37/arch/x86/kernel/io |
2723 |
} |
2724 |
diff -urNp linux-2.6.37/arch/x86/kernel/irq_32.c linux-2.6.37/arch/x86/kernel/irq_32.c |
2725 |
--- linux-2.6.37/arch/x86/kernel/irq_32.c 2011-01-04 19:50:19.000000000 -0500 |
2726 |
-+++ linux-2.6.37/arch/x86/kernel/irq_32.c 2011-01-17 02:41:01.000000000 -0500 |
2727 |
++++ linux-2.6.37/arch/x86/kernel/irq_32.c 2011-01-24 18:04:15.000000000 -0500 |
2728 |
@@ -91,7 +91,7 @@ execute_on_irq_stack(int overflow, struc |
2729 |
return 0; |
2730 |
|
2731 |
@@ -12810,7 +12821,29 @@ diff -urNp linux-2.6.37/arch/x86/kernel/irq_32.c linux-2.6.37/arch/x86/kernel/ir |
2732 |
return 1; |
2733 |
} |
2734 |
|
2735 |
-@@ -171,9 +180,18 @@ asmlinkage void do_softirq(void) |
2736 |
+@@ -129,8 +138,7 @@ void __cpuinit irq_ctx_init(int cpu) |
2737 |
+ irqctx = page_address(alloc_pages_node(cpu_to_node(cpu), |
2738 |
+ THREAD_FLAGS, |
2739 |
+ THREAD_ORDER)); |
2740 |
+- irqctx->tinfo.task = NULL; |
2741 |
+- irqctx->tinfo.exec_domain = NULL; |
2742 |
++ memset(&irqctx->tinfo, 0, sizeof(struct thread_info)); |
2743 |
+ irqctx->tinfo.cpu = cpu; |
2744 |
+ irqctx->tinfo.preempt_count = HARDIRQ_OFFSET; |
2745 |
+ irqctx->tinfo.addr_limit = MAKE_MM_SEG(0); |
2746 |
+@@ -140,10 +148,8 @@ void __cpuinit irq_ctx_init(int cpu) |
2747 |
+ irqctx = page_address(alloc_pages_node(cpu_to_node(cpu), |
2748 |
+ THREAD_FLAGS, |
2749 |
+ THREAD_ORDER)); |
2750 |
+- irqctx->tinfo.task = NULL; |
2751 |
+- irqctx->tinfo.exec_domain = NULL; |
2752 |
++ memset(&irqctx->tinfo, 0, sizeof(struct thread_info)); |
2753 |
+ irqctx->tinfo.cpu = cpu; |
2754 |
+- irqctx->tinfo.preempt_count = 0; |
2755 |
+ irqctx->tinfo.addr_limit = MAKE_MM_SEG(0); |
2756 |
+ |
2757 |
+ per_cpu(softirq_ctx, cpu) = irqctx; |
2758 |
+@@ -171,9 +177,18 @@ asmlinkage void do_softirq(void) |
2759 |
irqctx->tinfo.previous_esp = current_stack_pointer; |
2760 |
|
2761 |
/* build the stack frame on the softirq stack */ |
2762 |
@@ -15943,16 +15976,20 @@ diff -urNp linux-2.6.37/arch/x86/lib/getuser.S linux-2.6.37/arch/x86/lib/getuser |
2763 |
ret |
2764 |
diff -urNp linux-2.6.37/arch/x86/lib/insn.c linux-2.6.37/arch/x86/lib/insn.c |
2765 |
--- linux-2.6.37/arch/x86/lib/insn.c 2011-01-04 19:50:19.000000000 -0500 |
2766 |
-+++ linux-2.6.37/arch/x86/lib/insn.c 2011-01-17 02:41:01.000000000 -0500 |
2767 |
-@@ -21,6 +21,7 @@ |
2768 |
++++ linux-2.6.37/arch/x86/lib/insn.c 2011-01-24 18:04:15.000000000 -0500 |
2769 |
+@@ -21,6 +21,11 @@ |
2770 |
#include <linux/string.h> |
2771 |
#include <asm/inat.h> |
2772 |
#include <asm/insn.h> |
2773 |
++#ifdef __KERNEL__ |
2774 |
+#include <asm/pgtable_types.h> |
2775 |
++#else |
2776 |
++#define ktla_ktva(addr) addr |
2777 |
++#endif |
2778 |
|
2779 |
#define get_next(t, insn) \ |
2780 |
({t r; r = *(t*)insn->next_byte; insn->next_byte += sizeof(t); r; }) |
2781 |
-@@ -40,8 +41,8 @@ |
2782 |
+@@ -40,8 +45,8 @@ |
2783 |
void insn_init(struct insn *insn, const void *kaddr, int x86_64) |
2784 |
{ |
2785 |
memset(insn, 0, sizeof(*insn)); |
2786 |
@@ -23513,98 +23550,106 @@ diff -urNp linux-2.6.37/drivers/char/hvc_console.h linux-2.6.37/drivers/char/hvc |
2787 |
|
2788 |
diff -urNp linux-2.6.37/drivers/char/hvcs.c linux-2.6.37/drivers/char/hvcs.c |
2789 |
--- linux-2.6.37/drivers/char/hvcs.c 2011-01-04 19:50:19.000000000 -0500 |
2790 |
-+++ linux-2.6.37/drivers/char/hvcs.c 2011-01-17 02:41:01.000000000 -0500 |
2791 |
-@@ -270,7 +270,7 @@ struct hvcs_struct { |
2792 |
++++ linux-2.6.37/drivers/char/hvcs.c 2011-01-25 20:24:56.000000000 -0500 |
2793 |
+@@ -83,6 +83,7 @@ |
2794 |
+ #include <asm/hvcserver.h> |
2795 |
+ #include <asm/uaccess.h> |
2796 |
+ #include <asm/vio.h> |
2797 |
++#include <asm/local.h> |
2798 |
+ |
2799 |
+ /* |
2800 |
+ * 1.3.0 -> 1.3.1 In hvcs_open memset(..,0x00,..) instead of memset(..,0x3F,00). |
2801 |
+@@ -270,7 +271,7 @@ struct hvcs_struct { |
2802 |
unsigned int index; |
2803 |
|
2804 |
struct tty_struct *tty; |
2805 |
- int open_count; |
2806 |
-+ atomic_t open_count; |
2807 |
++ local_t open_count; |
2808 |
|
2809 |
/* |
2810 |
* Used to tell the driver kernel_thread what operations need to take |
2811 |
-@@ -420,7 +420,7 @@ static ssize_t hvcs_vterm_state_store(st |
2812 |
+@@ -420,7 +421,7 @@ static ssize_t hvcs_vterm_state_store(st |
2813 |
|
2814 |
spin_lock_irqsave(&hvcsd->lock, flags); |
2815 |
|
2816 |
- if (hvcsd->open_count > 0) { |
2817 |
-+ if (atomic_read(&hvcsd->open_count) > 0) { |
2818 |
++ if (local_read(&hvcsd->open_count) > 0) { |
2819 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
2820 |
printk(KERN_INFO "HVCS: vterm state unchanged. " |
2821 |
"The hvcs device node is still in use.\n"); |
2822 |
-@@ -1136,7 +1136,7 @@ static int hvcs_open(struct tty_struct * |
2823 |
+@@ -1136,7 +1137,7 @@ static int hvcs_open(struct tty_struct * |
2824 |
if ((retval = hvcs_partner_connect(hvcsd))) |
2825 |
goto error_release; |
2826 |
|
2827 |
- hvcsd->open_count = 1; |
2828 |
-+ atomic_set(&hvcsd->open_count, 1); |
2829 |
++ local_set(&hvcsd->open_count, 1); |
2830 |
hvcsd->tty = tty; |
2831 |
tty->driver_data = hvcsd; |
2832 |
|
2833 |
-@@ -1170,7 +1170,7 @@ fast_open: |
2834 |
+@@ -1170,7 +1171,7 @@ fast_open: |
2835 |
|
2836 |
spin_lock_irqsave(&hvcsd->lock, flags); |
2837 |
kref_get(&hvcsd->kref); |
2838 |
- hvcsd->open_count++; |
2839 |
-+ atomic_inc(&hvcsd->open_count); |
2840 |
++ local_inc(&hvcsd->open_count); |
2841 |
hvcsd->todo_mask |= HVCS_SCHED_READ; |
2842 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
2843 |
|
2844 |
-@@ -1214,7 +1214,7 @@ static void hvcs_close(struct tty_struct |
2845 |
+@@ -1214,7 +1215,7 @@ static void hvcs_close(struct tty_struct |
2846 |
hvcsd = tty->driver_data; |
2847 |
|
2848 |
spin_lock_irqsave(&hvcsd->lock, flags); |
2849 |
- if (--hvcsd->open_count == 0) { |
2850 |
-+ if (atomic_dec_and_test(&hvcsd->open_count)) { |
2851 |
++ if (local_dec_and_test(&hvcsd->open_count)) { |
2852 |
|
2853 |
vio_disable_interrupts(hvcsd->vdev); |
2854 |
|
2855 |
-@@ -1240,10 +1240,10 @@ static void hvcs_close(struct tty_struct |
2856 |
+@@ -1240,10 +1241,10 @@ static void hvcs_close(struct tty_struct |
2857 |
free_irq(irq, hvcsd); |
2858 |
kref_put(&hvcsd->kref, destroy_hvcs_struct); |
2859 |
return; |
2860 |
- } else if (hvcsd->open_count < 0) { |
2861 |
-+ } else if (atomic_read(&hvcsd->open_count) < 0) { |
2862 |
++ } else if (local_read(&hvcsd->open_count) < 0) { |
2863 |
printk(KERN_ERR "HVCS: vty-server@%X open_count: %d" |
2864 |
" is missmanaged.\n", |
2865 |
- hvcsd->vdev->unit_address, hvcsd->open_count); |
2866 |
-+ hvcsd->vdev->unit_address, atomic_read(&hvcsd->open_count)); |
2867 |
++ hvcsd->vdev->unit_address, local_read(&hvcsd->open_count)); |
2868 |
} |
2869 |
|
2870 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
2871 |
-@@ -1259,7 +1259,7 @@ static void hvcs_hangup(struct tty_struc |
2872 |
+@@ -1259,7 +1260,7 @@ static void hvcs_hangup(struct tty_struc |
2873 |
|
2874 |
spin_lock_irqsave(&hvcsd->lock, flags); |
2875 |
/* Preserve this so that we know how many kref refs to put */ |
2876 |
- temp_open_count = hvcsd->open_count; |
2877 |
-+ temp_open_count = atomic_read(&hvcsd->open_count); |
2878 |
++ temp_open_count = local_read(&hvcsd->open_count); |
2879 |
|
2880 |
/* |
2881 |
* Don't kref put inside the spinlock because the destruction |
2882 |
-@@ -1274,7 +1274,7 @@ static void hvcs_hangup(struct tty_struc |
2883 |
+@@ -1274,7 +1275,7 @@ static void hvcs_hangup(struct tty_struc |
2884 |
hvcsd->tty->driver_data = NULL; |
2885 |
hvcsd->tty = NULL; |
2886 |
|
2887 |
- hvcsd->open_count = 0; |
2888 |
-+ atomic_set(&hvcsd->open_count, 0); |
2889 |
++ local_set(&hvcsd->open_count, 0); |
2890 |
|
2891 |
/* This will drop any buffered data on the floor which is OK in a hangup |
2892 |
* scenario. */ |
2893 |
-@@ -1345,7 +1345,7 @@ static int hvcs_write(struct tty_struct |
2894 |
+@@ -1345,7 +1346,7 @@ static int hvcs_write(struct tty_struct |
2895 |
* the middle of a write operation? This is a crummy place to do this |
2896 |
* but we want to keep it all in the spinlock. |
2897 |
*/ |
2898 |
- if (hvcsd->open_count <= 0) { |
2899 |
-+ if (atomic_read(&hvcsd->open_count) <= 0) { |
2900 |
++ if (local_read(&hvcsd->open_count) <= 0) { |
2901 |
spin_unlock_irqrestore(&hvcsd->lock, flags); |
2902 |
return -ENODEV; |
2903 |
} |
2904 |
-@@ -1419,7 +1419,7 @@ static int hvcs_write_room(struct tty_st |
2905 |
+@@ -1419,7 +1420,7 @@ static int hvcs_write_room(struct tty_st |
2906 |
{ |
2907 |
struct hvcs_struct *hvcsd = tty->driver_data; |
2908 |
|
2909 |
- if (!hvcsd || hvcsd->open_count <= 0) |
2910 |
-+ if (!hvcsd || atomic_read(&hvcsd->open_count) <= 0) |
2911 |
++ if (!hvcsd || local_read(&hvcsd->open_count) <= 0) |
2912 |
return 0; |
2913 |
|
2914 |
return HVCS_BUFF_LEN - hvcsd->chars_in_buffer; |
2915 |
@@ -23909,118 +23954,126 @@ diff -urNp linux-2.6.37/drivers/char/nvram.c linux-2.6.37/drivers/char/nvram.c |
2916 |
static int __init nvram_init(void) |
2917 |
diff -urNp linux-2.6.37/drivers/char/pcmcia/ipwireless/tty.c linux-2.6.37/drivers/char/pcmcia/ipwireless/tty.c |
2918 |
--- linux-2.6.37/drivers/char/pcmcia/ipwireless/tty.c 2011-01-04 19:50:19.000000000 -0500 |
2919 |
-+++ linux-2.6.37/drivers/char/pcmcia/ipwireless/tty.c 2011-01-17 02:41:01.000000000 -0500 |
2920 |
-@@ -51,7 +51,7 @@ struct ipw_tty { |
2921 |
++++ linux-2.6.37/drivers/char/pcmcia/ipwireless/tty.c 2011-01-25 20:24:56.000000000 -0500 |
2922 |
+@@ -29,6 +29,7 @@ |
2923 |
+ #include <linux/tty_driver.h> |
2924 |
+ #include <linux/tty_flip.h> |
2925 |
+ #include <linux/uaccess.h> |
2926 |
++#include <asm/local.h> |
2927 |
+ |
2928 |
+ #include "tty.h" |
2929 |
+ #include "network.h" |
2930 |
+@@ -51,7 +52,7 @@ struct ipw_tty { |
2931 |
int tty_type; |
2932 |
struct ipw_network *network; |
2933 |
struct tty_struct *linux_tty; |
2934 |
- int open_count; |
2935 |
-+ atomic_t open_count; |
2936 |
++ local_t open_count; |
2937 |
unsigned int control_lines; |
2938 |
struct mutex ipw_tty_mutex; |
2939 |
int tx_bytes_queued; |
2940 |
-@@ -127,10 +127,10 @@ static int ipw_open(struct tty_struct *l |
2941 |
+@@ -127,10 +128,10 @@ static int ipw_open(struct tty_struct *l |
2942 |
mutex_unlock(&tty->ipw_tty_mutex); |
2943 |
return -ENODEV; |
2944 |
} |
2945 |
- if (tty->open_count == 0) |
2946 |
-+ if (atomic_read(&tty->open_count) == 0) |
2947 |
++ if (local_read(&tty->open_count) == 0) |
2948 |
tty->tx_bytes_queued = 0; |
2949 |
|
2950 |
- tty->open_count++; |
2951 |
-+ atomic_inc(&tty->open_count); |
2952 |
++ local_inc(&tty->open_count); |
2953 |
|
2954 |
tty->linux_tty = linux_tty; |
2955 |
linux_tty->driver_data = tty; |
2956 |
-@@ -146,9 +146,7 @@ static int ipw_open(struct tty_struct *l |
2957 |
+@@ -146,9 +147,7 @@ static int ipw_open(struct tty_struct *l |
2958 |
|
2959 |
static void do_ipw_close(struct ipw_tty *tty) |
2960 |
{ |
2961 |
- tty->open_count--; |
2962 |
- |
2963 |
- if (tty->open_count == 0) { |
2964 |
-+ if (atomic_dec_return(&tty->open_count) == 0) { |
2965 |
++ if (local_dec_return(&tty->open_count) == 0) { |
2966 |
struct tty_struct *linux_tty = tty->linux_tty; |
2967 |
|
2968 |
if (linux_tty != NULL) { |
2969 |
-@@ -169,7 +167,7 @@ static void ipw_hangup(struct tty_struct |
2970 |
+@@ -169,7 +168,7 @@ static void ipw_hangup(struct tty_struct |
2971 |
return; |
2972 |
|
2973 |
mutex_lock(&tty->ipw_tty_mutex); |
2974 |
- if (tty->open_count == 0) { |
2975 |
-+ if (atomic_read(&tty->open_count) == 0) { |
2976 |
++ if (local_read(&tty->open_count) == 0) { |
2977 |
mutex_unlock(&tty->ipw_tty_mutex); |
2978 |
return; |
2979 |
} |
2980 |
-@@ -198,7 +196,7 @@ void ipwireless_tty_received(struct ipw_ |
2981 |
+@@ -198,7 +197,7 @@ void ipwireless_tty_received(struct ipw_ |
2982 |
return; |
2983 |
} |
2984 |
|
2985 |
- if (!tty->open_count) { |
2986 |
-+ if (!atomic_read(&tty->open_count)) { |
2987 |
++ if (!local_read(&tty->open_count)) { |
2988 |
mutex_unlock(&tty->ipw_tty_mutex); |
2989 |
return; |
2990 |
} |
2991 |
-@@ -240,7 +238,7 @@ static int ipw_write(struct tty_struct * |
2992 |
+@@ -240,7 +239,7 @@ static int ipw_write(struct tty_struct * |
2993 |
return -ENODEV; |
2994 |
|
2995 |
mutex_lock(&tty->ipw_tty_mutex); |
2996 |
- if (!tty->open_count) { |
2997 |
-+ if (!atomic_read(&tty->open_count)) { |
2998 |
++ if (!local_read(&tty->open_count)) { |
2999 |
mutex_unlock(&tty->ipw_tty_mutex); |
3000 |
return -EINVAL; |
3001 |
} |
3002 |
-@@ -280,7 +278,7 @@ static int ipw_write_room(struct tty_str |
3003 |
+@@ -280,7 +279,7 @@ static int ipw_write_room(struct tty_str |
3004 |
if (!tty) |
3005 |
return -ENODEV; |
3006 |
|
3007 |
- if (!tty->open_count) |
3008 |
-+ if (!atomic_read(&tty->open_count)) |
3009 |
++ if (!local_read(&tty->open_count)) |
3010 |
return -EINVAL; |
3011 |
|
3012 |
room = IPWIRELESS_TX_QUEUE_SIZE - tty->tx_bytes_queued; |
3013 |
-@@ -322,7 +320,7 @@ static int ipw_chars_in_buffer(struct tt |
3014 |
+@@ -322,7 +321,7 @@ static int ipw_chars_in_buffer(struct tt |
3015 |
if (!tty) |
3016 |
return 0; |
3017 |
|
3018 |
- if (!tty->open_count) |
3019 |
-+ if (!atomic_read(&tty->open_count)) |
3020 |
++ if (!local_read(&tty->open_count)) |
3021 |
return 0; |
3022 |
|
3023 |
return tty->tx_bytes_queued; |
3024 |
-@@ -403,7 +401,7 @@ static int ipw_tiocmget(struct tty_struc |
3025 |
+@@ -403,7 +402,7 @@ static int ipw_tiocmget(struct tty_struc |
3026 |
if (!tty) |
3027 |
return -ENODEV; |
3028 |
|
3029 |
- if (!tty->open_count) |
3030 |
-+ if (!atomic_read(&tty->open_count)) |
3031 |
++ if (!local_read(&tty->open_count)) |
3032 |
return -EINVAL; |
3033 |
|
3034 |
return get_control_lines(tty); |
3035 |
-@@ -419,7 +417,7 @@ ipw_tiocmset(struct tty_struct *linux_tt |
3036 |
+@@ -419,7 +418,7 @@ ipw_tiocmset(struct tty_struct *linux_tt |
3037 |
if (!tty) |
3038 |
return -ENODEV; |
3039 |
|
3040 |
- if (!tty->open_count) |
3041 |
-+ if (!atomic_read(&tty->open_count)) |
3042 |
++ if (!local_read(&tty->open_count)) |
3043 |
return -EINVAL; |
3044 |
|
3045 |
return set_control_lines(tty, set, clear); |
3046 |
-@@ -433,7 +431,7 @@ static int ipw_ioctl(struct tty_struct * |
3047 |
+@@ -433,7 +432,7 @@ static int ipw_ioctl(struct tty_struct * |
3048 |
if (!tty) |
3049 |
return -ENODEV; |
3050 |
|
3051 |
- if (!tty->open_count) |
3052 |
-+ if (!atomic_read(&tty->open_count)) |
3053 |
++ if (!local_read(&tty->open_count)) |
3054 |
return -EINVAL; |
3055 |
|
3056 |
/* FIXME: Exactly how is the tty object locked here .. */ |
3057 |
-@@ -582,7 +580,7 @@ void ipwireless_tty_free(struct ipw_tty |
3058 |
+@@ -582,7 +581,7 @@ void ipwireless_tty_free(struct ipw_tty |
3059 |
against a parallel ioctl etc */ |
3060 |
mutex_lock(&ttyj->ipw_tty_mutex); |
3061 |
} |
3062 |
- while (ttyj->open_count) |
3063 |
-+ while (atomic_read(&ttyj->open_count)) |
3064 |
++ while (local_read(&ttyj->open_count)) |
3065 |
do_ipw_close(ttyj); |
3066 |
ipwireless_disassociate_network_ttys(network, |
3067 |
ttyj->channel_idx); |
3068 |
@@ -24079,34 +24132,42 @@ diff -urNp linux-2.6.37/drivers/char/random.c linux-2.6.37/drivers/char/random.c |
3069 |
|
3070 |
diff -urNp linux-2.6.37/drivers/char/sonypi.c linux-2.6.37/drivers/char/sonypi.c |
3071 |
--- linux-2.6.37/drivers/char/sonypi.c 2011-01-04 19:50:19.000000000 -0500 |
3072 |
-+++ linux-2.6.37/drivers/char/sonypi.c 2011-01-17 02:41:01.000000000 -0500 |
3073 |
-@@ -491,7 +491,7 @@ static struct sonypi_device { |
3074 |
++++ linux-2.6.37/drivers/char/sonypi.c 2011-01-25 20:24:56.000000000 -0500 |
3075 |
+@@ -55,6 +55,7 @@ |
3076 |
+ #include <asm/uaccess.h> |
3077 |
+ #include <asm/io.h> |
3078 |
+ #include <asm/system.h> |
3079 |
++#include <asm/local.h> |
3080 |
+ |
3081 |
+ #include <linux/sonypi.h> |
3082 |
+ |
3083 |
+@@ -491,7 +492,7 @@ static struct sonypi_device { |
3084 |
spinlock_t fifo_lock; |
3085 |
wait_queue_head_t fifo_proc_list; |
3086 |
struct fasync_struct *fifo_async; |
3087 |
- int open_count; |
3088 |
-+ atomic_t open_count; |
3089 |
++ local_t open_count; |
3090 |
int model; |
3091 |
struct input_dev *input_jog_dev; |
3092 |
struct input_dev *input_key_dev; |
3093 |
-@@ -898,7 +898,7 @@ static int sonypi_misc_fasync(int fd, st |
3094 |
+@@ -898,7 +899,7 @@ static int sonypi_misc_fasync(int fd, st |
3095 |
static int sonypi_misc_release(struct inode *inode, struct file *file) |
3096 |
{ |
3097 |
mutex_lock(&sonypi_device.lock); |
3098 |
- sonypi_device.open_count--; |
3099 |
-+ atomic_dec(&sonypi_device.open_count); |
3100 |
++ local_dec(&sonypi_device.open_count); |
3101 |
mutex_unlock(&sonypi_device.lock); |
3102 |
return 0; |
3103 |
} |
3104 |
-@@ -907,9 +907,9 @@ static int sonypi_misc_open(struct inode |
3105 |
+@@ -907,9 +908,9 @@ static int sonypi_misc_open(struct inode |
3106 |
{ |
3107 |
mutex_lock(&sonypi_device.lock); |
3108 |
/* Flush input queue on first open */ |
3109 |
- if (!sonypi_device.open_count) |
3110 |
-+ if (!atomic_read(&sonypi_device.open_count)) |
3111 |
++ if (!local_read(&sonypi_device.open_count)) |
3112 |
kfifo_reset(&sonypi_device.fifo); |
3113 |
- sonypi_device.open_count++; |
3114 |
-+ atomic_inc(&sonypi_device.open_count); |
3115 |
++ local_inc(&sonypi_device.open_count); |
3116 |
mutex_unlock(&sonypi_device.lock); |
3117 |
|
3118 |
return 0; |
3119 |
@@ -24251,7 +24312,7 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/drm_drv.c linux-2.6.37/drivers/gpu/drm/d |
3120 |
DRM_DEBUG("pid=%d, cmd=0x%02x, nr=0x%02x, dev 0x%lx, auth=%d\n", |
3121 |
diff -urNp linux-2.6.37/drivers/gpu/drm/drm_fops.c linux-2.6.37/drivers/gpu/drm/drm_fops.c |
3122 |
--- linux-2.6.37/drivers/gpu/drm/drm_fops.c 2011-01-04 19:50:19.000000000 -0500 |
3123 |
-+++ linux-2.6.37/drivers/gpu/drm/drm_fops.c 2011-01-17 02:41:01.000000000 -0500 |
3124 |
++++ linux-2.6.37/drivers/gpu/drm/drm_fops.c 2011-01-24 18:04:15.000000000 -0500 |
3125 |
@@ -70,7 +70,7 @@ static int drm_setup(struct drm_device * |
3126 |
} |
3127 |
|
3128 |
@@ -24268,7 +24329,7 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/drm_fops.c linux-2.6.37/drivers/gpu/drm/ |
3129 |
- atomic_inc(&dev->counts[_DRM_STAT_OPENS]); |
3130 |
- if (!dev->open_count++) |
3131 |
+ atomic_inc_unchecked(&dev->counts[_DRM_STAT_OPENS]); |
3132 |
-+ if (atomic_inc_return(&dev->open_count) == 1) |
3133 |
++ if (local_inc_return(&dev->open_count) == 1) |
3134 |
retcode = drm_setup(dev); |
3135 |
} |
3136 |
if (!retcode) { |
3137 |
@@ -24277,7 +24338,7 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/drm_fops.c linux-2.6.37/drivers/gpu/drm/ |
3138 |
mutex_lock(&drm_global_mutex); |
3139 |
|
3140 |
- DRM_DEBUG("open_count = %d\n", dev->open_count); |
3141 |
-+ DRM_DEBUG("open_count = %d\n", atomic_read(&dev->open_count)); |
3142 |
++ DRM_DEBUG("open_count = %d\n", local_read(&dev->open_count)); |
3143 |
|
3144 |
if (dev->driver->preclose) |
3145 |
dev->driver->preclose(dev, file_priv); |
3146 |
@@ -24286,7 +24347,7 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/drm_fops.c linux-2.6.37/drivers/gpu/drm/ |
3147 |
task_pid_nr(current), |
3148 |
(long)old_encode_dev(file_priv->minor->device), |
3149 |
- dev->open_count); |
3150 |
-+ atomic_read(&dev->open_count)); |
3151 |
++ local_read(&dev->open_count)); |
3152 |
|
3153 |
/* if the master has gone away we can't do anything with the lock */ |
3154 |
if (file_priv->minor->master) |
3155 |
@@ -24297,7 +24358,7 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/drm_fops.c linux-2.6.37/drivers/gpu/drm/ |
3156 |
- atomic_inc(&dev->counts[_DRM_STAT_CLOSES]); |
3157 |
- if (!--dev->open_count) { |
3158 |
+ atomic_inc_unchecked(&dev->counts[_DRM_STAT_CLOSES]); |
3159 |
-+ if (atomic_dec_and_test(&dev->open_count)) { |
3160 |
++ if (local_dec_and_test(&dev->open_count)) { |
3161 |
if (atomic_read(&dev->ioctl_count)) { |
3162 |
DRM_ERROR("Device busy: %d\n", |
3163 |
atomic_read(&dev->ioctl_count)); |
3164 |
@@ -24547,13 +24608,13 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/i915/dvo_tfp410.c linux-2.6.37/drivers/g |
3165 |
.mode_valid = tfp410_mode_valid, |
3166 |
diff -urNp linux-2.6.37/drivers/gpu/drm/i915/i915_dma.c linux-2.6.37/drivers/gpu/drm/i915/i915_dma.c |
3167 |
--- linux-2.6.37/drivers/gpu/drm/i915/i915_dma.c 2011-01-04 19:50:19.000000000 -0500 |
3168 |
-+++ linux-2.6.37/drivers/gpu/drm/i915/i915_dma.c 2011-01-17 02:41:01.000000000 -0500 |
3169 |
++++ linux-2.6.37/drivers/gpu/drm/i915/i915_dma.c 2011-01-24 18:04:15.000000000 -0500 |
3170 |
@@ -1191,7 +1191,7 @@ static bool i915_switcheroo_can_switch(s |
3171 |
bool can_switch; |
3172 |
|
3173 |
spin_lock(&dev->count_lock); |
3174 |
- can_switch = (dev->open_count == 0); |
3175 |
-+ can_switch = (atomic_read(&dev->open_count) == 0); |
3176 |
++ can_switch = (local_read(&dev->open_count) == 0); |
3177 |
spin_unlock(&dev->count_lock); |
3178 |
return can_switch; |
3179 |
} |
3180 |
@@ -24603,13 +24664,13 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_backlight.c linux-2.6.37 |
3181 |
.update_status = nv50_set_intensity, |
3182 |
diff -urNp linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_state.c linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_state.c |
3183 |
--- linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_state.c 2011-01-04 19:50:19.000000000 -0500 |
3184 |
-+++ linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_state.c 2011-01-17 02:41:01.000000000 -0500 |
3185 |
++++ linux-2.6.37/drivers/gpu/drm/nouveau/nouveau_state.c 2011-01-24 18:04:15.000000000 -0500 |
3186 |
@@ -546,7 +546,7 @@ static bool nouveau_switcheroo_can_switc |
3187 |
bool can_switch; |
3188 |
|
3189 |
spin_lock(&dev->count_lock); |
3190 |
- can_switch = (dev->open_count == 0); |
3191 |
-+ can_switch = (atomic_read(&dev->open_count) == 0); |
3192 |
++ can_switch = (local_read(&dev->open_count) == 0); |
3193 |
spin_unlock(&dev->count_lock); |
3194 |
return can_switch; |
3195 |
} |
3196 |
@@ -24635,13 +24696,13 @@ diff -urNp linux-2.6.37/drivers/gpu/drm/radeon/mkregtable.c linux-2.6.37/drivers |
3197 |
(&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { |
3198 |
diff -urNp linux-2.6.37/drivers/gpu/drm/radeon/radeon_device.c linux-2.6.37/drivers/gpu/drm/radeon/radeon_device.c |
3199 |
--- linux-2.6.37/drivers/gpu/drm/radeon/radeon_device.c 2011-01-04 19:50:19.000000000 -0500 |
3200 |
-+++ linux-2.6.37/drivers/gpu/drm/radeon/radeon_device.c 2011-01-17 02:41:01.000000000 -0500 |
3201 |
++++ linux-2.6.37/drivers/gpu/drm/radeon/radeon_device.c 2011-01-24 18:04:15.000000000 -0500 |
3202 |
@@ -659,7 +659,7 @@ static bool radeon_switcheroo_can_switch |
3203 |
bool can_switch; |
3204 |
|
3205 |
spin_lock(&dev->count_lock); |
3206 |
- can_switch = (dev->open_count == 0); |
3207 |
-+ can_switch = (atomic_read(&dev->open_count) == 0); |
3208 |
++ can_switch = (local_read(&dev->open_count) == 0); |
3209 |
spin_unlock(&dev->count_lock); |
3210 |
return can_switch; |
3211 |
} |
3212 |
@@ -25252,31 +25313,39 @@ diff -urNp linux-2.6.37/drivers/input/serio/serio_raw.c linux-2.6.37/drivers/inp |
3213 |
MODULE_DEVICE_TABLE(serio, serio_raw_serio_ids); |
3214 |
diff -urNp linux-2.6.37/drivers/isdn/gigaset/common.c linux-2.6.37/drivers/isdn/gigaset/common.c |
3215 |
--- linux-2.6.37/drivers/isdn/gigaset/common.c 2011-01-04 19:50:19.000000000 -0500 |
3216 |
-+++ linux-2.6.37/drivers/isdn/gigaset/common.c 2011-01-17 02:41:01.000000000 -0500 |
3217 |
++++ linux-2.6.37/drivers/isdn/gigaset/common.c 2011-01-24 18:04:15.000000000 -0500 |
3218 |
@@ -723,7 +723,7 @@ struct cardstate *gigaset_initcs(struct |
3219 |
cs->commands_pending = 0; |
3220 |
cs->cur_at_seq = 0; |
3221 |
cs->gotfwver = -1; |
3222 |
- cs->open_count = 0; |
3223 |
-+ atomic_set(&cs->open_count, 0); |
3224 |
++ local_set(&cs->open_count, 0); |
3225 |
cs->dev = NULL; |
3226 |
cs->tty = NULL; |
3227 |
cs->tty_dev = NULL; |
3228 |
diff -urNp linux-2.6.37/drivers/isdn/gigaset/gigaset.h linux-2.6.37/drivers/isdn/gigaset/gigaset.h |
3229 |
--- linux-2.6.37/drivers/isdn/gigaset/gigaset.h 2011-01-04 19:50:19.000000000 -0500 |
3230 |
-+++ linux-2.6.37/drivers/isdn/gigaset/gigaset.h 2011-01-17 02:41:01.000000000 -0500 |
3231 |
-@@ -433,7 +433,7 @@ struct cardstate { |
3232 |
++++ linux-2.6.37/drivers/isdn/gigaset/gigaset.h 2011-01-25 20:24:56.000000000 -0500 |
3233 |
+@@ -35,6 +35,7 @@ |
3234 |
+ #include <linux/tty_driver.h> |
3235 |
+ #include <linux/list.h> |
3236 |
+ #include <asm/atomic.h> |
3237 |
++#include <asm/local.h> |
3238 |
+ |
3239 |
+ #define GIG_VERSION {0, 5, 0, 0} |
3240 |
+ #define GIG_COMPAT {0, 4, 0, 0} |
3241 |
+@@ -433,7 +434,7 @@ struct cardstate { |
3242 |
spinlock_t cmdlock; |
3243 |
unsigned curlen, cmdbytes; |
3244 |
|
3245 |
- unsigned open_count; |
3246 |
-+ atomic_t open_count; |
3247 |
++ local_t open_count; |
3248 |
struct tty_struct *tty; |
3249 |
struct tasklet_struct if_wake_tasklet; |
3250 |
unsigned control_state; |
3251 |
diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/isdn/gigaset/interface.c |
3252 |
--- linux-2.6.37/drivers/isdn/gigaset/interface.c 2011-01-04 19:50:19.000000000 -0500 |
3253 |
-+++ linux-2.6.37/drivers/isdn/gigaset/interface.c 2011-01-17 02:41:01.000000000 -0500 |
3254 |
++++ linux-2.6.37/drivers/isdn/gigaset/interface.c 2011-01-24 18:04:15.000000000 -0500 |
3255 |
@@ -160,9 +160,7 @@ static int if_open(struct tty_struct *tt |
3256 |
return -ERESTARTSYS; |
3257 |
tty->driver_data = cs; |
3258 |
@@ -25284,7 +25353,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3259 |
- ++cs->open_count; |
3260 |
- |
3261 |
- if (cs->open_count == 1) { |
3262 |
-+ if (atomic_inc_return(&cs->open_count) == 1) { |
3263 |
++ if (local_inc_return(&cs->open_count) == 1) { |
3264 |
spin_lock_irqsave(&cs->lock, flags); |
3265 |
cs->tty = tty; |
3266 |
spin_unlock_irqrestore(&cs->lock, flags); |
3267 |
@@ -25293,11 +25362,11 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3268 |
if (!cs->connected) |
3269 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
3270 |
- else if (!cs->open_count) |
3271 |
-+ else if (!atomic_read(&cs->open_count)) |
3272 |
++ else if (!local_read(&cs->open_count)) |
3273 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3274 |
else { |
3275 |
- if (!--cs->open_count) { |
3276 |
-+ if (!atomic_dec_return(&cs->open_count)) { |
3277 |
++ if (!local_dec_return(&cs->open_count)) { |
3278 |
spin_lock_irqsave(&cs->lock, flags); |
3279 |
cs->tty = NULL; |
3280 |
spin_unlock_irqrestore(&cs->lock, flags); |
3281 |
@@ -25306,7 +25375,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3282 |
gig_dbg(DEBUG_IF, "not connected"); |
3283 |
retval = -ENODEV; |
3284 |
- } else if (!cs->open_count) |
3285 |
-+ } else if (!atomic_read(&cs->open_count)) |
3286 |
++ } else if (!local_read(&cs->open_count)) |
3287 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3288 |
else { |
3289 |
retval = 0; |
3290 |
@@ -25315,7 +25384,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3291 |
goto done; |
3292 |
} |
3293 |
- if (!cs->open_count) { |
3294 |
-+ if (!atomic_read(&cs->open_count)) { |
3295 |
++ if (!local_read(&cs->open_count)) { |
3296 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3297 |
retval = -ENODEV; |
3298 |
goto done; |
3299 |
@@ -25324,7 +25393,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3300 |
gig_dbg(DEBUG_IF, "not connected"); |
3301 |
retval = -ENODEV; |
3302 |
- } else if (!cs->open_count) |
3303 |
-+ } else if (!atomic_read(&cs->open_count)) |
3304 |
++ } else if (!local_read(&cs->open_count)) |
3305 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3306 |
else if (cs->mstate != MS_LOCKED) { |
3307 |
dev_warn(cs->dev, "can't write to unlocked device\n"); |
3308 |
@@ -25333,7 +25402,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3309 |
if (!cs->connected) |
3310 |
gig_dbg(DEBUG_IF, "not connected"); |
3311 |
- else if (!cs->open_count) |
3312 |
-+ else if (!atomic_read(&cs->open_count)) |
3313 |
++ else if (!local_read(&cs->open_count)) |
3314 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3315 |
else if (cs->mstate != MS_LOCKED) |
3316 |
dev_warn(cs->dev, "can't write to unlocked device\n"); |
3317 |
@@ -25342,7 +25411,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3318 |
if (!cs->connected) |
3319 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
3320 |
- else if (!cs->open_count) |
3321 |
-+ else if (!atomic_read(&cs->open_count)) |
3322 |
++ else if (!local_read(&cs->open_count)) |
3323 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3324 |
else |
3325 |
gig_dbg(DEBUG_IF, "%s: not implemented\n", __func__); |
3326 |
@@ -25351,7 +25420,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3327 |
if (!cs->connected) |
3328 |
gig_dbg(DEBUG_IF, "not connected"); /* nothing to do */ |
3329 |
- else if (!cs->open_count) |
3330 |
-+ else if (!atomic_read(&cs->open_count)) |
3331 |
++ else if (!local_read(&cs->open_count)) |
3332 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3333 |
else |
3334 |
gig_dbg(DEBUG_IF, "%s: not implemented\n", __func__); |
3335 |
@@ -25360,7 +25429,7 @@ diff -urNp linux-2.6.37/drivers/isdn/gigaset/interface.c linux-2.6.37/drivers/is |
3336 |
} |
3337 |
|
3338 |
- if (!cs->open_count) { |
3339 |
-+ if (!atomic_read(&cs->open_count)) { |
3340 |
++ if (!local_read(&cs->open_count)) { |
3341 |
dev_warn(cs->dev, "%s: device not opened\n", __func__); |
3342 |
goto out; |
3343 |
} |
3344 |
@@ -25669,6 +25738,18 @@ diff -urNp linux-2.6.37/drivers/media/dvb/dvb-core/dvbdev.c linux-2.6.37/drivers |
3345 |
struct file_operations *dvbdevfops; |
3346 |
struct device *clsdev; |
3347 |
int minor; |
3348 |
+diff -urNp linux-2.6.37/drivers/media/dvb/ttpci/av7110_ca.c linux-2.6.37/drivers/media/dvb/ttpci/av7110_ca.c |
3349 |
+--- linux-2.6.37/drivers/media/dvb/ttpci/av7110_ca.c 2011-01-04 19:50:19.000000000 -0500 |
3350 |
++++ linux-2.6.37/drivers/media/dvb/ttpci/av7110_ca.c 2011-01-24 18:13:05.000000000 -0500 |
3351 |
+@@ -277,7 +277,7 @@ static int dvb_ca_ioctl(struct file *fil |
3352 |
+ { |
3353 |
+ ca_slot_info_t *info=(ca_slot_info_t *)parg; |
3354 |
+ |
3355 |
+- if (info->num > 1) |
3356 |
++ if (info->num < 0 || info->num > 1) |
3357 |
+ return -EINVAL; |
3358 |
+ av7110->ci_slot[info->num].num = info->num; |
3359 |
+ av7110->ci_slot[info->num].type = FW_CI_LL_SUPPORT(av7110->arm_app) ? |
3360 |
diff -urNp linux-2.6.37/drivers/media/IR/ir-lirc-codec.c linux-2.6.37/drivers/media/IR/ir-lirc-codec.c |
3361 |
--- linux-2.6.37/drivers/media/IR/ir-lirc-codec.c 2011-01-04 19:50:19.000000000 -0500 |
3362 |
+++ linux-2.6.37/drivers/media/IR/ir-lirc-codec.c 2011-01-17 02:41:01.000000000 -0500 |
3363 |
@@ -26618,13 +26699,22 @@ diff -urNp linux-2.6.37/drivers/net/tulip/de4x5.c linux-2.6.37/drivers/net/tulip |
3364 |
} |
3365 |
diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3366 |
--- linux-2.6.37/drivers/net/usb/hso.c 2011-01-04 19:50:19.000000000 -0500 |
3367 |
-+++ linux-2.6.37/drivers/net/usb/hso.c 2011-01-17 02:41:01.000000000 -0500 |
3368 |
++++ linux-2.6.37/drivers/net/usb/hso.c 2011-01-24 18:04:15.000000000 -0500 |
3369 |
+@@ -71,7 +71,7 @@ |
3370 |
+ #include <asm/byteorder.h> |
3371 |
+ #include <linux/serial_core.h> |
3372 |
+ #include <linux/serial.h> |
3373 |
+- |
3374 |
++#include <asm/local.h> |
3375 |
+ |
3376 |
+ #define MOD_AUTHOR "Option Wireless" |
3377 |
+ #define MOD_DESCRIPTION "USB High Speed Option driver" |
3378 |
@@ -257,7 +257,7 @@ struct hso_serial { |
3379 |
|
3380 |
/* from usb_serial_port */ |
3381 |
struct tty_struct *tty; |
3382 |
- int open_count; |
3383 |
-+ atomic_t open_count; |
3384 |
++ local_t open_count; |
3385 |
spinlock_t serial_lock; |
3386 |
|
3387 |
int (*write_data) (struct hso_serial *serial); |
3388 |
@@ -26633,7 +26723,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3389 |
|
3390 |
urb = serial->rx_urb[0]; |
3391 |
- if (serial->open_count > 0) { |
3392 |
-+ if (atomic_read(&serial->open_count) > 0) { |
3393 |
++ if (local_read(&serial->open_count) > 0) { |
3394 |
count = put_rxbuf_data(urb, serial); |
3395 |
if (count == -1) |
3396 |
return; |
3397 |
@@ -26642,7 +26732,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3398 |
|
3399 |
/* Anyone listening? */ |
3400 |
- if (serial->open_count == 0) |
3401 |
-+ if (atomic_read(&serial->open_count) == 0) |
3402 |
++ if (local_read(&serial->open_count) == 0) |
3403 |
return; |
3404 |
|
3405 |
if (status == 0) { |
3406 |
@@ -26652,7 +26742,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3407 |
/* check for port already opened, if not set the termios */ |
3408 |
- serial->open_count++; |
3409 |
- if (serial->open_count == 1) { |
3410 |
-+ if (atomic_inc_return(&serial->open_count) == 1) { |
3411 |
++ if (local_inc_return(&serial->open_count) == 1) { |
3412 |
serial->rx_state = RX_IDLE; |
3413 |
/* Force default termio settings */ |
3414 |
_hso_serial_set_termios(tty, NULL); |
3415 |
@@ -26661,7 +26751,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3416 |
if (result) { |
3417 |
hso_stop_serial_device(serial->parent); |
3418 |
- serial->open_count--; |
3419 |
-+ atomic_dec(&serial->open_count); |
3420 |
++ local_dec(&serial->open_count); |
3421 |
kref_put(&serial->parent->ref, hso_serial_ref_free); |
3422 |
} |
3423 |
} else { |
3424 |
@@ -26670,12 +26760,12 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3425 |
/* reset the rts and dtr */ |
3426 |
/* do the actual close */ |
3427 |
- serial->open_count--; |
3428 |
-+ atomic_dec(&serial->open_count); |
3429 |
++ local_dec(&serial->open_count); |
3430 |
|
3431 |
- if (serial->open_count <= 0) { |
3432 |
- serial->open_count = 0; |
3433 |
-+ if (atomic_read(&serial->open_count) <= 0) { |
3434 |
-+ atomic_set(&serial->open_count, 0); |
3435 |
++ if (local_read(&serial->open_count) <= 0) { |
3436 |
++ local_set(&serial->open_count, 0); |
3437 |
spin_lock_irq(&serial->serial_lock); |
3438 |
if (serial->tty == tty) { |
3439 |
serial->tty->driver_data = NULL; |
3440 |
@@ -26684,7 +26774,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3441 |
/* the actual setup */ |
3442 |
spin_lock_irqsave(&serial->serial_lock, flags); |
3443 |
- if (serial->open_count) |
3444 |
-+ if (atomic_read(&serial->open_count)) |
3445 |
++ if (local_read(&serial->open_count)) |
3446 |
_hso_serial_set_termios(tty, old); |
3447 |
else |
3448 |
tty->termios = old; |
3449 |
@@ -26693,7 +26783,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3450 |
spin_lock(&serial->serial_lock); |
3451 |
if (serial->rx_state == RX_IDLE && |
3452 |
- serial->open_count > 0) { |
3453 |
-+ atomic_read(&serial->open_count) > 0) { |
3454 |
++ local_read(&serial->open_count) > 0) { |
3455 |
/* Setup and send a ctrl req read on |
3456 |
* port i */ |
3457 |
if (!serial->rx_urb_filled[0]) { |
3458 |
@@ -26702,7 +26792,7 @@ diff -urNp linux-2.6.37/drivers/net/usb/hso.c linux-2.6.37/drivers/net/usb/hso.c |
3459 |
for (i = 0; i < HSO_SERIAL_TTY_MINORS; i++) { |
3460 |
if (serial_table[i] && (serial_table[i]->interface == iface)) { |
3461 |
- if (dev2ser(serial_table[i])->open_count) { |
3462 |
-+ if (atomic_read(&dev2ser(serial_table[i])->open_count)) { |
3463 |
++ if (local_read(&dev2ser(serial_table[i])->open_count)) { |
3464 |
result = |
3465 |
hso_start_serial_device(serial_table[i], GFP_NOIO); |
3466 |
hso_kick_transmit(dev2ser(serial_table[i])); |
3467 |
@@ -26956,6 +27046,26 @@ diff -urNp linux-2.6.37/drivers/pci/pcie/portdrv_pci.c linux-2.6.37/drivers/pci/ |
3468 |
}; |
3469 |
MODULE_DEVICE_TABLE(pci, port_pci_ids); |
3470 |
|
3471 |
+diff -urNp linux-2.6.37/drivers/pci/pci-sysfs.c linux-2.6.37/drivers/pci/pci-sysfs.c |
3472 |
+--- linux-2.6.37/drivers/pci/pci-sysfs.c 2011-01-04 19:50:19.000000000 -0500 |
3473 |
++++ linux-2.6.37/drivers/pci/pci-sysfs.c 2011-02-12 10:32:55.000000000 -0500 |
3474 |
+@@ -23,6 +23,7 @@ |
3475 |
+ #include <linux/mm.h> |
3476 |
+ #include <linux/fs.h> |
3477 |
+ #include <linux/capability.h> |
3478 |
++#include <linux/security.h> |
3479 |
+ #include <linux/pci-aspm.h> |
3480 |
+ #include <linux/slab.h> |
3481 |
+ #include "pci.h" |
3482 |
+@@ -368,7 +369,7 @@ pci_read_config(struct file *filp, struc |
3483 |
+ u8 *data = (u8*) buf; |
3484 |
+ |
3485 |
+ /* Several chips lock up trying to read undefined config space */ |
3486 |
+- if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) { |
3487 |
++ if (security_capable(filp->f_cred, CAP_SYS_ADMIN)) { |
3488 |
+ size = dev->cfg_size; |
3489 |
+ } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) { |
3490 |
+ size = 128; |
3491 |
diff -urNp linux-2.6.37/drivers/pci/probe.c linux-2.6.37/drivers/pci/probe.c |
3492 |
--- linux-2.6.37/drivers/pci/probe.c 2011-01-04 19:50:19.000000000 -0500 |
3493 |
+++ linux-2.6.37/drivers/pci/probe.c 2011-01-17 02:41:01.000000000 -0500 |
3494 |
@@ -27525,7 +27635,7 @@ diff -urNp linux-2.6.37/drivers/serial/kgdboc.c linux-2.6.37/drivers/serial/kgdb |
3495 |
.read_char = kgdboc_get_char, |
3496 |
diff -urNp linux-2.6.37/drivers/staging/autofs/root.c linux-2.6.37/drivers/staging/autofs/root.c |
3497 |
--- linux-2.6.37/drivers/staging/autofs/root.c 2011-01-04 19:50:19.000000000 -0500 |
3498 |
-+++ linux-2.6.37/drivers/staging/autofs/root.c 2011-01-17 21:04:34.000000000 -0500 |
3499 |
++++ linux-2.6.37/drivers/staging/autofs/root.c 2011-01-24 18:04:18.000000000 -0500 |
3500 |
@@ -308,7 +308,8 @@ static int autofs_root_symlink(struct in |
3501 |
set_bit(n,sbi->symlink_bitmap); |
3502 |
sl = &sbi->symlink[n]; |
3503 |
@@ -27560,6 +27670,76 @@ diff -urNp linux-2.6.37/drivers/staging/bcm/InterfaceInit.c linux-2.6.37/drivers |
3504 |
.open = usbbcm_open, |
3505 |
.release = usbbcm_release, |
3506 |
.read = usbbcm_read, |
3507 |
+diff -urNp linux-2.6.37/drivers/staging/brcm80211/brcmfmac/dhd_linux.c linux-2.6.37/drivers/staging/brcm80211/brcmfmac/dhd_linux.c |
3508 |
+--- linux-2.6.37/drivers/staging/brcm80211/brcmfmac/dhd_linux.c 2011-01-04 19:50:19.000000000 -0500 |
3509 |
++++ linux-2.6.37/drivers/staging/brcm80211/brcmfmac/dhd_linux.c 2011-01-24 18:04:18.000000000 -0500 |
3510 |
+@@ -864,14 +864,14 @@ static void dhd_op_if(dhd_if_t *ifp) |
3511 |
+ free_netdev(ifp->net); |
3512 |
+ } |
3513 |
+ /* Allocate etherdev, including space for private structure */ |
3514 |
+- ifp->net = alloc_etherdev(sizeof(dhd)); |
3515 |
++ ifp->net = alloc_etherdev(sizeof(*dhd)); |
3516 |
+ if (!ifp->net) { |
3517 |
+ DHD_ERROR(("%s: OOM - alloc_etherdev\n", __func__)); |
3518 |
+ ret = -ENOMEM; |
3519 |
+ } |
3520 |
+ if (ret == 0) { |
3521 |
+ strcpy(ifp->net->name, ifp->name); |
3522 |
+- memcpy(netdev_priv(ifp->net), &dhd, sizeof(dhd)); |
3523 |
++ memcpy(netdev_priv(ifp->net), dhd, sizeof(*dhd)); |
3524 |
+ err = dhd_net_attach(&dhd->pub, ifp->idx); |
3525 |
+ if (err != 0) { |
3526 |
+ DHD_ERROR(("%s: dhd_net_attach failed, " |
3527 |
+@@ -1891,25 +1891,23 @@ dhd_pub_t *dhd_attach(osl_t *osh, struct |
3528 |
+ strcpy(nv_path, nvram_path); |
3529 |
+ |
3530 |
+ /* Allocate etherdev, including space for private structure */ |
3531 |
+- net = alloc_etherdev(sizeof(dhd)); |
3532 |
++ net = alloc_etherdev(sizeof(*dhd)); |
3533 |
+ if (!net) { |
3534 |
+ DHD_ERROR(("%s: OOM - alloc_etherdev\n", __func__)); |
3535 |
+ goto fail; |
3536 |
+ } |
3537 |
+ |
3538 |
+ /* Allocate primary dhd_info */ |
3539 |
+- dhd = kmalloc(sizeof(dhd_info_t), GFP_ATOMIC); |
3540 |
++ dhd = kzalloc(sizeof(dhd_info_t), GFP_ATOMIC); |
3541 |
+ if (!dhd) { |
3542 |
+ DHD_ERROR(("%s: OOM - alloc dhd_info\n", __func__)); |
3543 |
+ goto fail; |
3544 |
+ } |
3545 |
+ |
3546 |
+- memset(dhd, 0, sizeof(dhd_info_t)); |
3547 |
+- |
3548 |
+ /* |
3549 |
+ * Save the dhd_info into the priv |
3550 |
+ */ |
3551 |
+- memcpy(netdev_priv(net), &dhd, sizeof(dhd)); |
3552 |
++ memcpy(netdev_priv(net), dhd, sizeof(*dhd)); |
3553 |
+ dhd->pub.osh = osh; |
3554 |
+ |
3555 |
+ /* Set network interface name if it was provided as module parameter */ |
3556 |
+@@ -2027,7 +2025,7 @@ dhd_pub_t *dhd_attach(osl_t *osh, struct |
3557 |
+ /* |
3558 |
+ * Save the dhd_info into the priv |
3559 |
+ */ |
3560 |
+- memcpy(netdev_priv(net), &dhd, sizeof(dhd)); |
3561 |
++ memcpy(netdev_priv(net), dhd, sizeof(*dhd)); |
3562 |
+ |
3563 |
+ #if defined(CUSTOMER_HW2) && defined(CONFIG_WIFI_CONTROL_FUNC) |
3564 |
+ g_bus = bus; |
3565 |
+diff -urNp linux-2.6.37/drivers/staging/brcm80211/brcmfmac/wl_iw.c linux-2.6.37/drivers/staging/brcm80211/brcmfmac/wl_iw.c |
3566 |
+--- linux-2.6.37/drivers/staging/brcm80211/brcmfmac/wl_iw.c 2011-01-04 19:50:19.000000000 -0500 |
3567 |
++++ linux-2.6.37/drivers/staging/brcm80211/brcmfmac/wl_iw.c 2011-01-24 18:04:18.000000000 -0500 |
3568 |
+@@ -514,7 +514,7 @@ wl_iw_get_range(struct net_device *dev, |
3569 |
+ list = (wl_u32_list_t *) channels; |
3570 |
+ |
3571 |
+ dwrq->length = sizeof(struct iw_range); |
3572 |
+- memset(range, 0, sizeof(range)); |
3573 |
++ memset(range, 0, sizeof(*range)); |
3574 |
+ |
3575 |
+ range->min_nwid = range->max_nwid = 0; |
3576 |
+ |
3577 |
diff -urNp linux-2.6.37/drivers/staging/comedi/comedi_fops.c linux-2.6.37/drivers/staging/comedi/comedi_fops.c |
3578 |
--- linux-2.6.37/drivers/staging/comedi/comedi_fops.c 2011-01-04 19:50:19.000000000 -0500 |
3579 |
+++ linux-2.6.37/drivers/staging/comedi/comedi_fops.c 2011-01-17 02:41:01.000000000 -0500 |
3580 |
@@ -28058,6 +28238,42 @@ diff -urNp linux-2.6.37/drivers/tty/vt/vt_ioctl.c linux-2.6.37/drivers/tty/vt/vt |
3581 |
if (!perm) { |
3582 |
ret = -EPERM; |
3583 |
goto reterr; |
3584 |
+diff -urNp linux-2.6.37/drivers/uio/uio.c linux-2.6.37/drivers/uio/uio.c |
3585 |
+--- linux-2.6.37/drivers/uio/uio.c 2011-01-04 19:50:19.000000000 -0500 |
3586 |
++++ linux-2.6.37/drivers/uio/uio.c 2011-01-24 18:04:18.000000000 -0500 |
3587 |
+@@ -25,6 +25,7 @@ |
3588 |
+ #include <linux/kobject.h> |
3589 |
+ #include <linux/cdev.h> |
3590 |
+ #include <linux/uio_driver.h> |
3591 |
++#include <asm/local.h> |
3592 |
+ |
3593 |
+ #define UIO_MAX_DEVICES (1U << MINORBITS) |
3594 |
+ |
3595 |
+@@ -35,7 +36,7 @@ struct uio_device { |
3596 |
+ atomic_t event; |
3597 |
+ struct fasync_struct *async_queue; |
3598 |
+ wait_queue_head_t wait; |
3599 |
+- int vma_count; |
3600 |
++ local_t vma_count; |
3601 |
+ struct uio_info *info; |
3602 |
+ struct kobject *map_dir; |
3603 |
+ struct kobject *portio_dir; |
3604 |
+@@ -602,13 +603,13 @@ static int uio_find_mem_index(struct vm_ |
3605 |
+ static void uio_vma_open(struct vm_area_struct *vma) |
3606 |
+ { |
3607 |
+ struct uio_device *idev = vma->vm_private_data; |
3608 |
+- idev->vma_count++; |
3609 |
++ local_inc(&idev->vma_count); |
3610 |
+ } |
3611 |
+ |
3612 |
+ static void uio_vma_close(struct vm_area_struct *vma) |
3613 |
+ { |
3614 |
+ struct uio_device *idev = vma->vm_private_data; |
3615 |
+- idev->vma_count--; |
3616 |
++ local_dec(&idev->vma_count); |
3617 |
+ } |
3618 |
+ |
3619 |
+ static int uio_vma_fault(struct vm_area_struct *vma, struct vm_fault *vmf) |
3620 |
diff -urNp linux-2.6.37/drivers/usb/atm/cxacru.c linux-2.6.37/drivers/usb/atm/cxacru.c |
3621 |
--- linux-2.6.37/drivers/usb/atm/cxacru.c 2011-01-04 19:50:19.000000000 -0500 |
3622 |
+++ linux-2.6.37/drivers/usb/atm/cxacru.c 2011-01-17 02:41:01.000000000 -0500 |
3623 |
@@ -30054,6 +30270,40 @@ diff -urNp linux-2.6.37/fs/btrfs/inode.c linux-2.6.37/fs/btrfs/inode.c |
3624 |
.fill_delalloc = run_delalloc_range, |
3625 |
.submit_bio_hook = btrfs_submit_bio_hook, |
3626 |
.merge_bio_hook = btrfs_merge_bio_hook, |
3627 |
+diff -urNp linux-2.6.37/fs/btrfs/ioctl.c linux-2.6.37/fs/btrfs/ioctl.c |
3628 |
+--- linux-2.6.37/fs/btrfs/ioctl.c 2011-01-04 19:50:19.000000000 -0500 |
3629 |
++++ linux-2.6.37/fs/btrfs/ioctl.c 2011-02-12 10:29:31.000000000 -0500 |
3630 |
+@@ -2087,7 +2087,7 @@ long btrfs_ioctl_space_info(struct btrfs |
3631 |
+ int num_types = 4; |
3632 |
+ int alloc_size; |
3633 |
+ int ret = 0; |
3634 |
+- int slot_count = 0; |
3635 |
++ u64 slot_count = 0; |
3636 |
+ int i, c; |
3637 |
+ |
3638 |
+ if (copy_from_user(&space_args, |
3639 |
+@@ -2126,7 +2126,7 @@ long btrfs_ioctl_space_info(struct btrfs |
3640 |
+ goto out; |
3641 |
+ } |
3642 |
+ |
3643 |
+- slot_count = min_t(int, space_args.space_slots, slot_count); |
3644 |
++ slot_count = min_t(u64, space_args.space_slots, slot_count); |
3645 |
+ |
3646 |
+ alloc_size = sizeof(*dest) * slot_count; |
3647 |
+ |
3648 |
+@@ -2146,6 +2146,12 @@ long btrfs_ioctl_space_info(struct btrfs |
3649 |
+ for (i = 0; i < num_types; i++) { |
3650 |
+ struct btrfs_space_info *tmp; |
3651 |
+ |
3652 |
++ /* Don't copy in more than we allocated */ |
3653 |
++ if (!slot_count) |
3654 |
++ break; |
3655 |
++ |
3656 |
++ slot_count--; |
3657 |
++ |
3658 |
+ info = NULL; |
3659 |
+ rcu_read_lock(); |
3660 |
+ list_for_each_entry_rcu(tmp, &root->fs_info->space_info, |
3661 |
diff -urNp linux-2.6.37/fs/btrfs/relocation.c linux-2.6.37/fs/btrfs/relocation.c |
3662 |
--- linux-2.6.37/fs/btrfs/relocation.c 2011-01-04 19:50:19.000000000 -0500 |
3663 |
+++ linux-2.6.37/fs/btrfs/relocation.c 2011-01-17 02:41:01.000000000 -0500 |
3664 |
@@ -30474,7 +30724,7 @@ diff -urNp linux-2.6.37/fs/ecryptfs/miscdev.c linux-2.6.37/fs/ecryptfs/miscdev.c |
3665 |
if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) |
3666 |
diff -urNp linux-2.6.37/fs/exec.c linux-2.6.37/fs/exec.c |
3667 |
--- linux-2.6.37/fs/exec.c 2011-01-04 19:50:19.000000000 -0500 |
3668 |
-+++ linux-2.6.37/fs/exec.c 2011-01-17 02:41:01.000000000 -0500 |
3669 |
++++ linux-2.6.37/fs/exec.c 2011-02-12 11:21:04.000000000 -0500 |
3670 |
@@ -55,12 +55,24 @@ |
3671 |
#include <linux/fs_struct.h> |
3672 |
#include <linux/pipe_fs_i.h> |
3673 |
@@ -31000,7 +31250,7 @@ diff -urNp linux-2.6.37/fs/exec.c linux-2.6.37/fs/exec.c |
3674 |
goto fail_corename; |
3675 |
} |
3676 |
|
3677 |
-+ if (signr == SIGKILL || signr == SIGILL) |
3678 |
++ if (signr == SIGSEGV || signr == SIGBUS || signr == SIGKILL || signr == SIGILL) |
3679 |
+ gr_handle_brute_attach(current); |
3680 |
+ gr_learn_resource(current, RLIMIT_CORE, binfmt->min_coredump, 1); |
3681 |
+ |
3682 |
@@ -44979,8 +45229,16 @@ diff -urNp linux-2.6.37/include/drm/drm_pciids.h linux-2.6.37/include/drm/drm_pc |
3683 |
+ {0, 0, 0, 0, 0, 0} |
3684 |
diff -urNp linux-2.6.37/include/drm/drmP.h linux-2.6.37/include/drm/drmP.h |
3685 |
--- linux-2.6.37/include/drm/drmP.h 2011-01-04 19:50:19.000000000 -0500 |
3686 |
-+++ linux-2.6.37/include/drm/drmP.h 2011-01-17 02:41:02.000000000 -0500 |
3687 |
-@@ -804,7 +804,7 @@ struct drm_driver { |
3688 |
++++ linux-2.6.37/include/drm/drmP.h 2011-01-24 18:04:18.000000000 -0500 |
3689 |
+@@ -73,6 +73,7 @@ |
3690 |
+ #include <linux/workqueue.h> |
3691 |
+ #include <linux/poll.h> |
3692 |
+ #include <asm/pgalloc.h> |
3693 |
++#include <asm/local.h> |
3694 |
+ #include "drm.h" |
3695 |
+ |
3696 |
+ #include <linux/idr.h> |
3697 |
+@@ -804,7 +805,7 @@ struct drm_driver { |
3698 |
void (*vgaarb_irq)(struct drm_device *dev, bool state); |
3699 |
|
3700 |
/* Driver private ops for this object */ |
3701 |
@@ -44989,7 +45247,7 @@ diff -urNp linux-2.6.37/include/drm/drmP.h linux-2.6.37/include/drm/drmP.h |
3702 |
|
3703 |
int major; |
3704 |
int minor; |
3705 |
-@@ -817,7 +817,7 @@ struct drm_driver { |
3706 |
+@@ -817,7 +818,7 @@ struct drm_driver { |
3707 |
int dev_priv_size; |
3708 |
struct drm_ioctl_desc *ioctls; |
3709 |
int num_ioctls; |
3710 |
@@ -44998,16 +45256,16 @@ diff -urNp linux-2.6.37/include/drm/drmP.h linux-2.6.37/include/drm/drmP.h |
3711 |
struct pci_driver pci_driver; |
3712 |
struct platform_device *platform_device; |
3713 |
/* List of devices hanging off this driver */ |
3714 |
-@@ -914,7 +914,7 @@ struct drm_device { |
3715 |
+@@ -914,7 +915,7 @@ struct drm_device { |
3716 |
|
3717 |
/** \name Usage Counters */ |
3718 |
/*@{ */ |
3719 |
- int open_count; /**< Outstanding files open */ |
3720 |
-+ atomic_t open_count; /**< Outstanding files open */ |
3721 |
++ local_t open_count; /**< Outstanding files open */ |
3722 |
atomic_t ioctl_count; /**< Outstanding IOCTLs pending */ |
3723 |
atomic_t vma_count; /**< Outstanding vma areas open */ |
3724 |
int buf_use; /**< Buffers in use -- cannot alloc */ |
3725 |
-@@ -925,7 +925,7 @@ struct drm_device { |
3726 |
+@@ -925,7 +926,7 @@ struct drm_device { |
3727 |
/*@{ */ |
3728 |
unsigned long counters; |
3729 |
enum drm_stat_type types[15]; |
3730 |
@@ -47649,7 +47907,7 @@ diff -urNp linux-2.6.37/include/linux/screen_info.h linux-2.6.37/include/linux/s |
3731 |
#define VIDEO_TYPE_MDA 0x10 /* Monochrome Text Display */ |
3732 |
diff -urNp linux-2.6.37/include/linux/security.h linux-2.6.37/include/linux/security.h |
3733 |
--- linux-2.6.37/include/linux/security.h 2011-01-04 19:50:19.000000000 -0500 |
3734 |
-+++ linux-2.6.37/include/linux/security.h 2011-01-17 02:41:02.000000000 -0500 |
3735 |
++++ linux-2.6.37/include/linux/security.h 2011-02-12 10:34:03.000000000 -0500 |
3736 |
@@ -35,6 +35,7 @@ |
3737 |
#include <linux/key.h> |
3738 |
#include <linux/xfrm.h> |
3739 |
@@ -47658,6 +47916,27 @@ diff -urNp linux-2.6.37/include/linux/security.h linux-2.6.37/include/linux/secu |
3740 |
#include <net/flow.h> |
3741 |
|
3742 |
/* Maximum number of letters for an LSM name string */ |
3743 |
+@@ -1664,7 +1665,7 @@ int security_capset(struct cred *new, co |
3744 |
+ const kernel_cap_t *effective, |
3745 |
+ const kernel_cap_t *inheritable, |
3746 |
+ const kernel_cap_t *permitted); |
3747 |
+-int security_capable(int cap); |
3748 |
++int security_capable(const struct cred *cred, int cap); |
3749 |
+ int security_real_capable(struct task_struct *tsk, int cap); |
3750 |
+ int security_real_capable_noaudit(struct task_struct *tsk, int cap); |
3751 |
+ int security_sysctl(struct ctl_table *table, int op); |
3752 |
+@@ -1857,9 +1858,9 @@ static inline int security_capset(struct |
3753 |
+ return cap_capset(new, old, effective, inheritable, permitted); |
3754 |
+ } |
3755 |
+ |
3756 |
+-static inline int security_capable(int cap) |
3757 |
++static inline int security_capable(const struct cred *cred, int cap) |
3758 |
+ { |
3759 |
+- return cap_capable(current, current_cred(), cap, SECURITY_CAP_AUDIT); |
3760 |
++ return cap_capable(current, cred, cap, SECURITY_CAP_AUDIT); |
3761 |
+ } |
3762 |
+ |
3763 |
+ static inline int security_real_capable(struct task_struct *tsk, int cap) |
3764 |
diff -urNp linux-2.6.37/include/linux/shm.h linux-2.6.37/include/linux/shm.h |
3765 |
--- linux-2.6.37/include/linux/shm.h 2011-01-04 19:50:19.000000000 -0500 |
3766 |
+++ linux-2.6.37/include/linux/shm.h 2011-01-17 02:41:02.000000000 -0500 |
3767 |
@@ -48410,15 +48689,23 @@ diff -urNp linux-2.6.37/include/net/inetpeer.h linux-2.6.37/include/net/inetpeer |
3768 |
#endif /* _NET_INETPEER_H */ |
3769 |
diff -urNp linux-2.6.37/include/net/irda/ircomm_tty.h linux-2.6.37/include/net/irda/ircomm_tty.h |
3770 |
--- linux-2.6.37/include/net/irda/ircomm_tty.h 2011-01-04 19:50:19.000000000 -0500 |
3771 |
-+++ linux-2.6.37/include/net/irda/ircomm_tty.h 2011-01-17 02:41:02.000000000 -0500 |
3772 |
-@@ -105,8 +105,8 @@ struct ircomm_tty_cb { |
3773 |
++++ linux-2.6.37/include/net/irda/ircomm_tty.h 2011-01-25 20:24:56.000000000 -0500 |
3774 |
+@@ -35,6 +35,7 @@ |
3775 |
+ #include <linux/termios.h> |
3776 |
+ #include <linux/timer.h> |
3777 |
+ #include <linux/tty.h> /* struct tty_struct */ |
3778 |
++#include <asm/local.h> |
3779 |
+ |
3780 |
+ #include <net/irda/irias_object.h> |
3781 |
+ #include <net/irda/ircomm_core.h> |
3782 |
+@@ -105,8 +106,8 @@ struct ircomm_tty_cb { |
3783 |
unsigned short close_delay; |
3784 |
unsigned short closing_wait; /* time to wait before closing */ |
3785 |
|
3786 |
- int open_count; |
3787 |
- int blocked_open; /* # of blocked opens */ |
3788 |
-+ atomic_t open_count; |
3789 |
-+ atomic_t blocked_open; /* # of blocked opens */ |
3790 |
++ local_t open_count; |
3791 |
++ local_t blocked_open; /* # of blocked opens */ |
3792 |
|
3793 |
/* Protect concurent access to : |
3794 |
* o self->open_count |
3795 |
@@ -49037,7 +49324,7 @@ diff -urNp linux-2.6.37/kernel/acct.c linux-2.6.37/kernel/acct.c |
3796 |
set_fs(fs); |
3797 |
diff -urNp linux-2.6.37/kernel/capability.c linux-2.6.37/kernel/capability.c |
3798 |
--- linux-2.6.37/kernel/capability.c 2011-01-04 19:50:19.000000000 -0500 |
3799 |
-+++ linux-2.6.37/kernel/capability.c 2011-01-17 02:41:02.000000000 -0500 |
3800 |
++++ linux-2.6.37/kernel/capability.c 2011-02-12 11:48:20.000000000 -0500 |
3801 |
@@ -205,6 +205,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_ |
3802 |
* before modification is attempted and the application |
3803 |
* fails. |
3804 |
@@ -49053,7 +49340,7 @@ diff -urNp linux-2.6.37/kernel/capability.c linux-2.6.37/kernel/capability.c |
3805 |
} |
3806 |
|
3807 |
- if (security_capable(cap) == 0) { |
3808 |
-+ if (security_capable(cap) == 0 && gr_is_capable(cap)) { |
3809 |
++ if (security_capable(current_cred(), cap) == 0 && gr_is_capable(cap)) { |
3810 |
current->flags |= PF_SUPERPRIV; |
3811 |
return 1; |
3812 |
} |
3813 |
@@ -49067,7 +49354,7 @@ diff -urNp linux-2.6.37/kernel/capability.c linux-2.6.37/kernel/capability.c |
3814 |
+ BUG(); |
3815 |
+ } |
3816 |
+ |
3817 |
-+ if (security_capable(cap) == 0 && gr_is_capable_nolog(cap)) { |
3818 |
++ if (security_capable(current_cred(), cap) == 0 && gr_is_capable_nolog(cap)) { |
3819 |
+ current->flags |= PF_SUPERPRIV; |
3820 |
+ return 1; |
3821 |
+ } |
3822 |
@@ -49112,7 +49399,24 @@ diff -urNp linux-2.6.37/kernel/configs.c linux-2.6.37/kernel/configs.c |
3823 |
|
3824 |
diff -urNp linux-2.6.37/kernel/cred.c linux-2.6.37/kernel/cred.c |
3825 |
--- linux-2.6.37/kernel/cred.c 2011-01-04 19:50:19.000000000 -0500 |
3826 |
-+++ linux-2.6.37/kernel/cred.c 2011-01-17 02:41:02.000000000 -0500 |
3827 |
++++ linux-2.6.37/kernel/cred.c 2011-02-12 11:03:34.000000000 -0500 |
3828 |
+@@ -252,13 +252,13 @@ struct cred *cred_alloc_blank(void) |
3829 |
+ #endif |
3830 |
+ |
3831 |
+ atomic_set(&new->usage, 1); |
3832 |
++#ifdef CONFIG_DEBUG_CREDENTIALS |
3833 |
++ new->magic = CRED_MAGIC; |
3834 |
++#endif |
3835 |
+ |
3836 |
+ if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) |
3837 |
+ goto error; |
3838 |
+ |
3839 |
+-#ifdef CONFIG_DEBUG_CREDENTIALS |
3840 |
+- new->magic = CRED_MAGIC; |
3841 |
+-#endif |
3842 |
+ return new; |
3843 |
+ |
3844 |
+ error: |
3845 |
@@ -483,6 +483,8 @@ int commit_creds(struct cred *new) |
3846 |
|
3847 |
get_cred(new); /* we will require a ref for the subj creds too */ |
3848 |
@@ -49122,6 +49426,37 @@ diff -urNp linux-2.6.37/kernel/cred.c linux-2.6.37/kernel/cred.c |
3849 |
/* dumpability changes */ |
3850 |
if (old->euid != new->euid || |
3851 |
old->egid != new->egid || |
3852 |
+@@ -657,6 +659,8 @@ struct cred *prepare_kernel_cred(struct |
3853 |
+ validate_creds(old); |
3854 |
+ |
3855 |
+ *new = *old; |
3856 |
++ atomic_set(&new->usage, 1); |
3857 |
++ set_cred_subscribers(new, 0); |
3858 |
+ get_uid(new->user); |
3859 |
+ get_group_info(new->group_info); |
3860 |
+ |
3861 |
+@@ -674,8 +678,6 @@ struct cred *prepare_kernel_cred(struct |
3862 |
+ if (security_prepare_creds(new, old, GFP_KERNEL) < 0) |
3863 |
+ goto error; |
3864 |
+ |
3865 |
+- atomic_set(&new->usage, 1); |
3866 |
+- set_cred_subscribers(new, 0); |
3867 |
+ put_cred(old); |
3868 |
+ validate_creds(new); |
3869 |
+ return new; |
3870 |
+@@ -748,7 +750,11 @@ bool creds_are_invalid(const struct cred |
3871 |
+ if (cred->magic != CRED_MAGIC) |
3872 |
+ return true; |
3873 |
+ #ifdef CONFIG_SECURITY_SELINUX |
3874 |
+- if (selinux_is_enabled()) { |
3875 |
++ /* |
3876 |
++ * cred->security == NULL if security_cred_alloc_blank() or |
3877 |
++ * security_prepare_creds() returned an error. |
3878 |
++ */ |
3879 |
++ if (selinux_is_enabled() && cred->security) { |
3880 |
+ if ((unsigned long) cred->security < PAGE_SIZE) |
3881 |
+ return true; |
3882 |
+ if ((*(u32 *)cred->security & 0xffffff00) == |
3883 |
diff -urNp linux-2.6.37/kernel/debug/debug_core.c linux-2.6.37/kernel/debug/debug_core.c |
3884 |
--- linux-2.6.37/kernel/debug/debug_core.c 2011-01-04 19:50:19.000000000 -0500 |
3885 |
+++ linux-2.6.37/kernel/debug/debug_core.c 2011-01-17 02:41:02.000000000 -0500 |
3886 |
@@ -49889,8 +50224,8 @@ diff -urNp linux-2.6.37/kernel/kallsyms.c linux-2.6.37/kernel/kallsyms.c |
3887 |
reset_iter(iter, 0); |
3888 |
diff -urNp linux-2.6.37/kernel/kmod.c linux-2.6.37/kernel/kmod.c |
3889 |
--- linux-2.6.37/kernel/kmod.c 2011-01-04 19:50:19.000000000 -0500 |
3890 |
-+++ linux-2.6.37/kernel/kmod.c 2011-01-17 02:41:02.000000000 -0500 |
3891 |
-@@ -90,6 +90,18 @@ int __request_module(bool wait, const ch |
3892 |
++++ linux-2.6.37/kernel/kmod.c 2011-02-12 10:56:18.000000000 -0500 |
3893 |
+@@ -90,6 +90,28 @@ int __request_module(bool wait, const ch |
3894 |
if (ret) |
3895 |
return ret; |
3896 |
|
3897 |
@@ -49901,7 +50236,17 @@ diff -urNp linux-2.6.37/kernel/kmod.c linux-2.6.37/kernel/kmod.c |
3898 |
+ auto-loaded |
3899 |
+ */ |
3900 |
+ if (current_uid()) { |
3901 |
-+ gr_log_nonroot_mod_load(module_name); |
3902 |
++#if !defined(CONFIG_IPV6) && !defined(CONFIG_IPV6_MODULE) |
3903 |
++ /* There are known knowns. These are things we know |
3904 |
++ that we know. There are known unknowns. That is to say, |
3905 |
++ there are things that we know we don't know. But there are |
3906 |
++ also unknown unknowns. There are things we don't know |
3907 |
++ we don't know. |
3908 |
++ This here is a known unknown. |
3909 |
++ */ |
3910 |
++ if (strcmp(module_name, "net-pf-10")) |
3911 |
++#endif |
3912 |
++ gr_log_nonroot_mod_load(module_name); |
3913 |
+ return -EPERM; |
3914 |
+ } |
3915 |
+#endif |
3916 |
@@ -49993,7 +50338,7 @@ diff -urNp linux-2.6.37/kernel/lockdep_proc.c linux-2.6.37/kernel/lockdep_proc.c |
3917 |
if (!name) { |
3918 |
diff -urNp linux-2.6.37/kernel/module.c linux-2.6.37/kernel/module.c |
3919 |
--- linux-2.6.37/kernel/module.c 2011-01-04 19:50:19.000000000 -0500 |
3920 |
-+++ linux-2.6.37/kernel/module.c 2011-01-17 02:41:02.000000000 -0500 |
3921 |
++++ linux-2.6.37/kernel/module.c 2011-02-02 20:28:40.000000000 -0500 |
3922 |
@@ -97,7 +97,8 @@ static BLOCKING_NOTIFIER_HEAD(module_not |
3923 |
|
3924 |
/* Bounds of module allocation, for speeding __module_address. |
3925 |
@@ -50031,6 +50376,15 @@ diff -urNp linux-2.6.37/kernel/module.c linux-2.6.37/kernel/module.c |
3926 |
printk(KERN_WARNING "%s: per-cpu alignment %li > %li\n", |
3927 |
mod->name, align, PAGE_SIZE); |
3928 |
align = PAGE_SIZE; |
3929 |
+@@ -1122,7 +1123,7 @@ resolve_symbol_wait(struct module *mod, |
3930 |
+ */ |
3931 |
+ #ifdef CONFIG_SYSFS |
3932 |
+ |
3933 |
+-#ifdef CONFIG_KALLSYMS |
3934 |
++#if defined(CONFIG_KALLSYMS) && !defined(CONFIG_GRKERNSEC_HIDESYM) |
3935 |
+ static inline bool sect_empty(const Elf_Shdr *sect) |
3936 |
+ { |
3937 |
+ return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0; |
3938 |
@@ -1566,15 +1567,18 @@ static void free_module(struct module *m |
3939 |
destroy_params(mod->kp, mod->num_kp); |
3940 |
|
3941 |
@@ -50251,10 +50605,8 @@ diff -urNp linux-2.6.37/kernel/module.c linux-2.6.37/kernel/module.c |
3942 |
+ if (!ptr) { |
3943 |
+ module_free(mod, mod->module_init_rw); |
3944 |
+ module_free(mod, mod->module_core_rw); |
3945 |
- return -ENOMEM; |
3946 |
- } |
3947 |
-- memset(ptr, 0, mod->init_size); |
3948 |
-- mod->module_init = ptr; |
3949 |
++ return -ENOMEM; |
3950 |
++ } |
3951 |
+ |
3952 |
+ pax_open_kernel(); |
3953 |
+ memset(ptr, 0, mod->core_size_rx); |
3954 |
@@ -50267,8 +50619,10 @@ diff -urNp linux-2.6.37/kernel/module.c linux-2.6.37/kernel/module.c |
3955 |
+ module_free_exec(mod, mod->module_core_rx); |
3956 |
+ module_free(mod, mod->module_init_rw); |
3957 |
+ module_free(mod, mod->module_core_rw); |
3958 |
-+ return -ENOMEM; |
3959 |
-+ } |
3960 |
+ return -ENOMEM; |
3961 |
+ } |
3962 |
+- memset(ptr, 0, mod->init_size); |
3963 |
+- mod->module_init = ptr; |
3964 |
+ |
3965 |
+ pax_open_kernel(); |
3966 |
+ memset(ptr, 0, mod->init_size_rx); |
3967 |
@@ -50683,7 +51037,7 @@ diff -urNp linux-2.6.37/kernel/printk.c linux-2.6.37/kernel/printk.c |
3968 |
* at open time. |
3969 |
diff -urNp linux-2.6.37/kernel/ptrace.c linux-2.6.37/kernel/ptrace.c |
3970 |
--- linux-2.6.37/kernel/ptrace.c 2011-01-04 19:50:19.000000000 -0500 |
3971 |
-+++ linux-2.6.37/kernel/ptrace.c 2011-01-17 02:41:02.000000000 -0500 |
3972 |
++++ linux-2.6.37/kernel/ptrace.c 2011-02-12 10:37:18.000000000 -0500 |
3973 |
@@ -140,7 +140,7 @@ int __ptrace_may_access(struct task_stru |
3974 |
cred->gid != tcred->egid || |
3975 |
cred->gid != tcred->sgid || |
3976 |
@@ -50711,6 +51065,15 @@ diff -urNp linux-2.6.37/kernel/ptrace.c linux-2.6.37/kernel/ptrace.c |
3977 |
task->ptrace |= PT_PTRACE_CAP; |
3978 |
|
3979 |
__ptrace_link(task, current); |
3980 |
+@@ -313,7 +313,7 @@ int ptrace_detach(struct task_struct *ch |
3981 |
+ child->exit_code = data; |
3982 |
+ dead = __ptrace_detach(current, child); |
3983 |
+ if (!child->exit_state) |
3984 |
+- wake_up_process(child); |
3985 |
++ wake_up_state(child, TASK_TRACED | TASK_STOPPED); |
3986 |
+ } |
3987 |
+ write_unlock_irq(&tasklist_lock); |
3988 |
+ |
3989 |
@@ -369,7 +369,7 @@ int ptrace_readdata(struct task_struct * |
3990 |
break; |
3991 |
return -EIO; |
3992 |
@@ -50895,7 +51258,7 @@ diff -urNp linux-2.6.37/kernel/sched_fair.c linux-2.6.37/kernel/sched_fair.c |
3993 |
struct rq *this_rq = cpu_rq(this_cpu); |
3994 |
diff -urNp linux-2.6.37/kernel/signal.c linux-2.6.37/kernel/signal.c |
3995 |
--- linux-2.6.37/kernel/signal.c 2011-01-04 19:50:19.000000000 -0500 |
3996 |
-+++ linux-2.6.37/kernel/signal.c 2011-01-17 02:41:02.000000000 -0500 |
3997 |
++++ linux-2.6.37/kernel/signal.c 2011-02-12 11:22:39.000000000 -0500 |
3998 |
@@ -45,12 +45,12 @@ static struct kmem_cache *sigqueue_cache |
3999 |
|
4000 |
int print_fatal_signals __read_mostly; |
4001 |
@@ -50958,17 +51321,34 @@ diff -urNp linux-2.6.37/kernel/signal.c linux-2.6.37/kernel/signal.c |
4002 |
specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
4003 |
{ |
4004 |
return send_signal(sig, info, t, 0); |
4005 |
-@@ -1079,6 +1085,9 @@ force_sig_info(int sig, struct siginfo * |
4006 |
+@@ -1062,6 +1068,7 @@ force_sig_info(int sig, struct siginfo * |
4007 |
+ unsigned long int flags; |
4008 |
+ int ret, blocked, ignored; |
4009 |
+ struct k_sigaction *action; |
4010 |
++ int is_unhandled = 0; |
4011 |
+ |
4012 |
+ spin_lock_irqsave(&t->sighand->siglock, flags); |
4013 |
+ action = &t->sighand->action[sig-1]; |
4014 |
+@@ -1076,9 +1083,18 @@ force_sig_info(int sig, struct siginfo * |
4015 |
+ } |
4016 |
+ if (action->sa.sa_handler == SIG_DFL) |
4017 |
+ t->signal->flags &= ~SIGNAL_UNKILLABLE; |
4018 |
++ if (action->sa.sa_handler == SIG_IGN || action->sa.sa_handler == SIG_DFL) |
4019 |
++ is_unhandled = 1; |
4020 |
ret = specific_send_sig_info(sig, info, t); |
4021 |
spin_unlock_irqrestore(&t->sighand->siglock, flags); |
4022 |
|
4023 |
-+ gr_log_signal(sig, !is_si_special(info) ? info->si_addr : NULL, t); |
4024 |
-+ gr_handle_crash(t, sig); |
4025 |
++ /* only deal with unhandled signals, java etc trigger SIGSEGV during |
4026 |
++ normal operation */ |
4027 |
++ if (is_unhandled) { |
4028 |
++ gr_log_signal(sig, !is_si_special(info) ? info->si_addr : NULL, t); |
4029 |
++ gr_handle_crash(t, sig); |
4030 |
++ } |
4031 |
+ |
4032 |
return ret; |
4033 |
} |
4034 |
|
4035 |
-@@ -1137,8 +1146,11 @@ int group_send_sig_info(int sig, struct |
4036 |
+@@ -1137,8 +1153,11 @@ int group_send_sig_info(int sig, struct |
4037 |
ret = check_kill_permission(sig, info, p); |
4038 |
rcu_read_unlock(); |
4039 |
|
4040 |
@@ -52896,7 +53276,7 @@ diff -urNp linux-2.6.37/mm/migrate.c linux-2.6.37/mm/migrate.c |
4041 |
goto out; |
4042 |
diff -urNp linux-2.6.37/mm/mlock.c linux-2.6.37/mm/mlock.c |
4043 |
--- linux-2.6.37/mm/mlock.c 2011-01-04 19:50:19.000000000 -0500 |
4044 |
-+++ linux-2.6.37/mm/mlock.c 2011-01-17 02:41:02.000000000 -0500 |
4045 |
++++ linux-2.6.37/mm/mlock.c 2011-01-24 18:04:18.000000000 -0500 |
4046 |
@@ -13,6 +13,7 @@ |
4047 |
#include <linux/pagemap.h> |
4048 |
#include <linux/mempolicy.h> |
4049 |
@@ -52932,6 +53312,15 @@ diff -urNp linux-2.6.37/mm/mlock.c linux-2.6.37/mm/mlock.c |
4050 |
while (nr_pages > 0) { |
4051 |
int i; |
4052 |
|
4053 |
+@@ -437,7 +425,7 @@ static int do_mlock(unsigned long start, |
4054 |
+ { |
4055 |
+ unsigned long nstart, end, tmp; |
4056 |
+ struct vm_area_struct * vma, * prev; |
4057 |
+- int error; |
4058 |
++ int error = -EINVAL; |
4059 |
+ |
4060 |
+ len = PAGE_ALIGN(len); |
4061 |
+ end = start + len; |
4062 |
@@ -445,6 +433,9 @@ static int do_mlock(unsigned long start, |
4063 |
return -EINVAL; |
4064 |
if (end == start) |
4065 |
@@ -53000,7 +53389,7 @@ diff -urNp linux-2.6.37/mm/mlock.c linux-2.6.37/mm/mlock.c |
4066 |
ret = do_mlockall(flags); |
4067 |
diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4068 |
--- linux-2.6.37/mm/mmap.c 2011-01-04 19:50:19.000000000 -0500 |
4069 |
-+++ linux-2.6.37/mm/mmap.c 2011-01-17 02:41:02.000000000 -0500 |
4070 |
++++ linux-2.6.37/mm/mmap.c 2011-02-12 11:36:29.000000000 -0500 |
4071 |
@@ -45,6 +45,16 @@ |
4072 |
#define arch_rebalance_pgtables(addr, len) (addr) |
4073 |
#endif |
4074 |
@@ -53223,12 +53612,13 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4075 |
if (addr & ~PAGE_MASK) |
4076 |
return addr; |
4077 |
|
4078 |
-@@ -1016,6 +1093,31 @@ unsigned long do_mmap_pgoff(struct file |
4079 |
+@@ -1016,6 +1093,36 @@ unsigned long do_mmap_pgoff(struct file |
4080 |
vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | |
4081 |
mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; |
4082 |
|
4083 |
+#ifdef CONFIG_PAX_MPROTECT |
4084 |
+ if (mm->pax_flags & MF_PAX_MPROTECT) { |
4085 |
++#ifndef CONFIG_PAX_MPROTECT_COMPAT |
4086 |
+ if ((vm_flags & (VM_WRITE | VM_EXEC)) == (VM_WRITE | VM_EXEC)) { |
4087 |
+ gr_log_rwxmmap(file); |
4088 |
+ |
4089 |
@@ -53242,6 +53632,10 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4090 |
+ |
4091 |
+ if (!(vm_flags & VM_EXEC)) |
4092 |
+ vm_flags &= ~VM_MAYEXEC; |
4093 |
++#else |
4094 |
++ if ((vm_flags & (VM_WRITE | VM_EXEC)) != VM_EXEC) |
4095 |
++ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); |
4096 |
++#endif |
4097 |
+ else |
4098 |
+ vm_flags &= ~VM_MAYWRITE; |
4099 |
+ } |
4100 |
@@ -53255,7 +53649,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4101 |
if (flags & MAP_LOCKED) |
4102 |
if (!can_do_mlock()) |
4103 |
return -EPERM; |
4104 |
-@@ -1027,6 +1129,7 @@ unsigned long do_mmap_pgoff(struct file |
4105 |
+@@ -1027,6 +1134,7 @@ unsigned long do_mmap_pgoff(struct file |
4106 |
locked += mm->locked_vm; |
4107 |
lock_limit = rlimit(RLIMIT_MEMLOCK); |
4108 |
lock_limit >>= PAGE_SHIFT; |
4109 |
@@ -53263,7 +53657,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4110 |
if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
4111 |
return -EAGAIN; |
4112 |
} |
4113 |
-@@ -1097,6 +1200,9 @@ unsigned long do_mmap_pgoff(struct file |
4114 |
+@@ -1097,6 +1205,9 @@ unsigned long do_mmap_pgoff(struct file |
4115 |
if (error) |
4116 |
return error; |
4117 |
|
4118 |
@@ -53273,7 +53667,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4119 |
return mmap_region(file, addr, len, flags, vm_flags, pgoff); |
4120 |
} |
4121 |
EXPORT_SYMBOL(do_mmap_pgoff); |
4122 |
-@@ -1174,10 +1280,10 @@ SYSCALL_DEFINE1(old_mmap, struct mmap_ar |
4123 |
+@@ -1174,10 +1285,10 @@ SYSCALL_DEFINE1(old_mmap, struct mmap_ar |
4124 |
*/ |
4125 |
int vma_wants_writenotify(struct vm_area_struct *vma) |
4126 |
{ |
4127 |
@@ -53286,7 +53680,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4128 |
return 0; |
4129 |
|
4130 |
/* The backer wishes to know when pages are first written to? */ |
4131 |
-@@ -1226,14 +1332,24 @@ unsigned long mmap_region(struct file *f |
4132 |
+@@ -1226,14 +1337,24 @@ unsigned long mmap_region(struct file *f |
4133 |
unsigned long charged = 0; |
4134 |
struct inode *inode = file ? file->f_path.dentry->d_inode : NULL; |
4135 |
|
4136 |
@@ -53313,7 +53707,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4137 |
} |
4138 |
|
4139 |
/* Check against address space limit. */ |
4140 |
-@@ -1282,6 +1398,16 @@ munmap_back: |
4141 |
+@@ -1282,6 +1403,16 @@ munmap_back: |
4142 |
goto unacct_error; |
4143 |
} |
4144 |
|
4145 |
@@ -53330,7 +53724,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4146 |
vma->vm_mm = mm; |
4147 |
vma->vm_start = addr; |
4148 |
vma->vm_end = addr + len; |
4149 |
-@@ -1305,6 +1431,19 @@ munmap_back: |
4150 |
+@@ -1305,6 +1436,19 @@ munmap_back: |
4151 |
error = file->f_op->mmap(file, vma); |
4152 |
if (error) |
4153 |
goto unmap_and_free_vma; |
4154 |
@@ -53350,7 +53744,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4155 |
if (vm_flags & VM_EXECUTABLE) |
4156 |
added_exe_file_vma(mm); |
4157 |
|
4158 |
-@@ -1340,6 +1479,11 @@ munmap_back: |
4159 |
+@@ -1340,6 +1484,11 @@ munmap_back: |
4160 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
4161 |
file = vma->vm_file; |
4162 |
|
4163 |
@@ -53362,7 +53756,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4164 |
/* Once vma denies write, undo our temporary denial count */ |
4165 |
if (correct_wcount) |
4166 |
atomic_inc(&inode->i_writecount); |
4167 |
-@@ -1348,6 +1492,7 @@ out: |
4168 |
+@@ -1348,6 +1497,7 @@ out: |
4169 |
|
4170 |
mm->total_vm += len >> PAGE_SHIFT; |
4171 |
vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); |
4172 |
@@ -53370,7 +53764,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4173 |
if (vm_flags & VM_LOCKED) { |
4174 |
if (!mlock_vma_pages_range(vma, addr, addr + len)) |
4175 |
mm->locked_vm += (len >> PAGE_SHIFT); |
4176 |
-@@ -1365,6 +1510,12 @@ unmap_and_free_vma: |
4177 |
+@@ -1365,6 +1515,12 @@ unmap_and_free_vma: |
4178 |
unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); |
4179 |
charged = 0; |
4180 |
free_vma: |
4181 |
@@ -53383,7 +53777,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4182 |
kmem_cache_free(vm_area_cachep, vma); |
4183 |
unacct_error: |
4184 |
if (charged) |
4185 |
-@@ -1372,6 +1523,33 @@ unacct_error: |
4186 |
+@@ -1372,6 +1528,33 @@ unacct_error: |
4187 |
return error; |
4188 |
} |
4189 |
|
4190 |
@@ -53417,7 +53811,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4191 |
/* Get an address range which is currently unmapped. |
4192 |
* For shmat() with addr=0. |
4193 |
* |
4194 |
-@@ -1398,18 +1576,23 @@ arch_get_unmapped_area(struct file *filp |
4195 |
+@@ -1398,18 +1581,23 @@ arch_get_unmapped_area(struct file *filp |
4196 |
if (flags & MAP_FIXED) |
4197 |
return addr; |
4198 |
|
4199 |
@@ -53448,7 +53842,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4200 |
} |
4201 |
|
4202 |
full_search: |
4203 |
-@@ -1420,34 +1603,40 @@ full_search: |
4204 |
+@@ -1420,34 +1608,40 @@ full_search: |
4205 |
* Start a new search - just in case we missed |
4206 |
* some holes. |
4207 |
*/ |
4208 |
@@ -53500,7 +53894,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4209 |
mm->free_area_cache = addr; |
4210 |
mm->cached_hole_size = ~0UL; |
4211 |
} |
4212 |
-@@ -1465,7 +1654,7 @@ arch_get_unmapped_area_topdown(struct fi |
4213 |
+@@ -1465,7 +1659,7 @@ arch_get_unmapped_area_topdown(struct fi |
4214 |
{ |
4215 |
struct vm_area_struct *vma; |
4216 |
struct mm_struct *mm = current->mm; |
4217 |
@@ -53509,7 +53903,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4218 |
|
4219 |
/* requested length too big for entire address space */ |
4220 |
if (len > TASK_SIZE) |
4221 |
-@@ -1474,13 +1663,18 @@ arch_get_unmapped_area_topdown(struct fi |
4222 |
+@@ -1474,13 +1668,18 @@ arch_get_unmapped_area_topdown(struct fi |
4223 |
if (flags & MAP_FIXED) |
4224 |
return addr; |
4225 |
|
4226 |
@@ -53532,7 +53926,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4227 |
} |
4228 |
|
4229 |
/* check if free_area_cache is useful for us */ |
4230 |
-@@ -1495,7 +1689,7 @@ arch_get_unmapped_area_topdown(struct fi |
4231 |
+@@ -1495,7 +1694,7 @@ arch_get_unmapped_area_topdown(struct fi |
4232 |
/* make sure it can fit in the remaining address space */ |
4233 |
if (addr > len) { |
4234 |
vma = find_vma(mm, addr-len); |
4235 |
@@ -53541,7 +53935,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4236 |
/* remember the address as a hint for next time */ |
4237 |
return (mm->free_area_cache = addr-len); |
4238 |
} |
4239 |
-@@ -1512,7 +1706,7 @@ arch_get_unmapped_area_topdown(struct fi |
4240 |
+@@ -1512,7 +1711,7 @@ arch_get_unmapped_area_topdown(struct fi |
4241 |
* return with success: |
4242 |
*/ |
4243 |
vma = find_vma(mm, addr); |
4244 |
@@ -53550,7 +53944,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4245 |
/* remember the address as a hint for next time */ |
4246 |
return (mm->free_area_cache = addr); |
4247 |
|
4248 |
-@@ -1531,13 +1725,21 @@ bottomup: |
4249 |
+@@ -1531,13 +1730,21 @@ bottomup: |
4250 |
* can happen with large stack limits and large mmap() |
4251 |
* allocations. |
4252 |
*/ |
4253 |
@@ -53574,7 +53968,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4254 |
mm->cached_hole_size = ~0UL; |
4255 |
|
4256 |
return addr; |
4257 |
-@@ -1546,6 +1748,12 @@ bottomup: |
4258 |
+@@ -1546,6 +1753,12 @@ bottomup: |
4259 |
|
4260 |
void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) |
4261 |
{ |
4262 |
@@ -53587,7 +53981,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4263 |
/* |
4264 |
* Is this a new hole at the highest possible address? |
4265 |
*/ |
4266 |
-@@ -1553,8 +1761,10 @@ void arch_unmap_area_topdown(struct mm_s |
4267 |
+@@ -1553,8 +1766,10 @@ void arch_unmap_area_topdown(struct mm_s |
4268 |
mm->free_area_cache = addr; |
4269 |
|
4270 |
/* dont allow allocations above current base */ |
4271 |
@@ -53599,7 +53993,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4272 |
} |
4273 |
|
4274 |
unsigned long |
4275 |
-@@ -1662,6 +1872,28 @@ out: |
4276 |
+@@ -1662,6 +1877,28 @@ out: |
4277 |
return prev ? prev->vm_next : vma; |
4278 |
} |
4279 |
|
4280 |
@@ -53628,7 +54022,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4281 |
/* |
4282 |
* Verify that the stack growth is acceptable and |
4283 |
* update accounting. This is shared with both the |
4284 |
-@@ -1678,6 +1910,7 @@ static int acct_stack_growth(struct vm_a |
4285 |
+@@ -1678,6 +1915,7 @@ static int acct_stack_growth(struct vm_a |
4286 |
return -ENOMEM; |
4287 |
|
4288 |
/* Stack limit test */ |
4289 |
@@ -53636,7 +54030,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4290 |
if (size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) |
4291 |
return -ENOMEM; |
4292 |
|
4293 |
-@@ -1688,6 +1921,7 @@ static int acct_stack_growth(struct vm_a |
4294 |
+@@ -1688,6 +1926,7 @@ static int acct_stack_growth(struct vm_a |
4295 |
locked = mm->locked_vm + grow; |
4296 |
limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); |
4297 |
limit >>= PAGE_SHIFT; |
4298 |
@@ -53644,7 +54038,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4299 |
if (locked > limit && !capable(CAP_IPC_LOCK)) |
4300 |
return -ENOMEM; |
4301 |
} |
4302 |
-@@ -1718,37 +1952,48 @@ static int acct_stack_growth(struct vm_a |
4303 |
+@@ -1718,37 +1957,48 @@ static int acct_stack_growth(struct vm_a |
4304 |
* PA-RISC uses this for its stack; IA64 for its Register Backing Store. |
4305 |
* vma is the last one with address > vma->vm_end. Have to extend vma. |
4306 |
*/ |
4307 |
@@ -53702,7 +54096,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4308 |
unsigned long size, grow; |
4309 |
|
4310 |
size = address - vma->vm_start; |
4311 |
-@@ -1760,6 +2005,8 @@ int expand_upwards(struct vm_area_struct |
4312 |
+@@ -1760,6 +2010,8 @@ int expand_upwards(struct vm_area_struct |
4313 |
perf_event_mmap(vma); |
4314 |
} |
4315 |
} |
4316 |
@@ -53711,7 +54105,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4317 |
vma_unlock_anon_vma(vma); |
4318 |
return error; |
4319 |
} |
4320 |
-@@ -1772,6 +2019,8 @@ static int expand_downwards(struct vm_ar |
4321 |
+@@ -1772,6 +2024,8 @@ static int expand_downwards(struct vm_ar |
4322 |
unsigned long address) |
4323 |
{ |
4324 |
int error; |
4325 |
@@ -53720,7 +54114,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4326 |
|
4327 |
/* |
4328 |
* We must make sure the anon_vma is allocated |
4329 |
-@@ -1785,6 +2034,15 @@ static int expand_downwards(struct vm_ar |
4330 |
+@@ -1785,6 +2039,15 @@ static int expand_downwards(struct vm_ar |
4331 |
if (error) |
4332 |
return error; |
4333 |
|
4334 |
@@ -53736,7 +54130,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4335 |
vma_lock_anon_vma(vma); |
4336 |
|
4337 |
/* |
4338 |
-@@ -1794,9 +2052,17 @@ static int expand_downwards(struct vm_ar |
4339 |
+@@ -1794,9 +2057,17 @@ static int expand_downwards(struct vm_ar |
4340 |
*/ |
4341 |
|
4342 |
/* Somebody else might have raced and expanded it already */ |
4343 |
@@ -53755,7 +54149,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4344 |
size = vma->vm_end - address; |
4345 |
grow = (vma->vm_start - address) >> PAGE_SHIFT; |
4346 |
|
4347 |
-@@ -1804,10 +2070,21 @@ static int expand_downwards(struct vm_ar |
4348 |
+@@ -1804,10 +2075,21 @@ static int expand_downwards(struct vm_ar |
4349 |
if (!error) { |
4350 |
vma->vm_start = address; |
4351 |
vma->vm_pgoff -= grow; |
4352 |
@@ -53777,7 +54171,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4353 |
return error; |
4354 |
} |
4355 |
|
4356 |
-@@ -1881,6 +2158,13 @@ static void remove_vma_list(struct mm_st |
4357 |
+@@ -1881,6 +2163,13 @@ static void remove_vma_list(struct mm_st |
4358 |
do { |
4359 |
long nrpages = vma_pages(vma); |
4360 |
|
4361 |
@@ -53791,7 +54185,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4362 |
mm->total_vm -= nrpages; |
4363 |
vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); |
4364 |
vma = remove_vma(vma); |
4365 |
-@@ -1926,6 +2210,16 @@ detach_vmas_to_be_unmapped(struct mm_str |
4366 |
+@@ -1926,6 +2215,16 @@ detach_vmas_to_be_unmapped(struct mm_str |
4367 |
insertion_point = (prev ? &prev->vm_next : &mm->mmap); |
4368 |
vma->vm_prev = NULL; |
4369 |
do { |
4370 |
@@ -53808,7 +54202,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4371 |
rb_erase(&vma->vm_rb, &mm->mm_rb); |
4372 |
mm->map_count--; |
4373 |
tail_vma = vma; |
4374 |
-@@ -1954,14 +2248,33 @@ static int __split_vma(struct mm_struct |
4375 |
+@@ -1954,14 +2253,33 @@ static int __split_vma(struct mm_struct |
4376 |
struct vm_area_struct *new; |
4377 |
int err = -ENOMEM; |
4378 |
|
4379 |
@@ -53842,7 +54236,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4380 |
/* most fields are the same, copy all, and then fixup */ |
4381 |
*new = *vma; |
4382 |
|
4383 |
-@@ -1974,6 +2287,22 @@ static int __split_vma(struct mm_struct |
4384 |
+@@ -1974,6 +2292,22 @@ static int __split_vma(struct mm_struct |
4385 |
new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); |
4386 |
} |
4387 |
|
4388 |
@@ -53865,7 +54259,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4389 |
pol = mpol_dup(vma_policy(vma)); |
4390 |
if (IS_ERR(pol)) { |
4391 |
err = PTR_ERR(pol); |
4392 |
-@@ -1999,6 +2328,42 @@ static int __split_vma(struct mm_struct |
4393 |
+@@ -1999,6 +2333,42 @@ static int __split_vma(struct mm_struct |
4394 |
else |
4395 |
err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); |
4396 |
|
4397 |
@@ -53908,7 +54302,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4398 |
/* Success. */ |
4399 |
if (!err) |
4400 |
return 0; |
4401 |
-@@ -2011,10 +2376,18 @@ static int __split_vma(struct mm_struct |
4402 |
+@@ -2011,10 +2381,18 @@ static int __split_vma(struct mm_struct |
4403 |
removed_exe_file_vma(mm); |
4404 |
fput(new->vm_file); |
4405 |
} |
4406 |
@@ -53928,7 +54322,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4407 |
kmem_cache_free(vm_area_cachep, new); |
4408 |
out_err: |
4409 |
return err; |
4410 |
-@@ -2027,6 +2400,15 @@ static int __split_vma(struct mm_struct |
4411 |
+@@ -2027,6 +2405,15 @@ static int __split_vma(struct mm_struct |
4412 |
int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
4413 |
unsigned long addr, int new_below) |
4414 |
{ |
4415 |
@@ -53944,7 +54338,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4416 |
if (mm->map_count >= sysctl_max_map_count) |
4417 |
return -ENOMEM; |
4418 |
|
4419 |
-@@ -2038,11 +2420,30 @@ int split_vma(struct mm_struct *mm, stru |
4420 |
+@@ -2038,11 +2425,30 @@ int split_vma(struct mm_struct *mm, stru |
4421 |
* work. This now handles partial unmappings. |
4422 |
* Jeremy Fitzhardinge <jeremy@××××.org> |
4423 |
*/ |
4424 |
@@ -53975,7 +54369,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4425 |
if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) |
4426 |
return -EINVAL; |
4427 |
|
4428 |
-@@ -2116,6 +2517,8 @@ int do_munmap(struct mm_struct *mm, unsi |
4429 |
+@@ -2116,6 +2522,8 @@ int do_munmap(struct mm_struct *mm, unsi |
4430 |
/* Fix up all other VM information */ |
4431 |
remove_vma_list(mm, vma); |
4432 |
|
4433 |
@@ -53984,7 +54378,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4434 |
return 0; |
4435 |
} |
4436 |
|
4437 |
-@@ -2128,22 +2531,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a |
4438 |
+@@ -2128,22 +2536,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, a |
4439 |
|
4440 |
profile_munmap(addr); |
4441 |
|
4442 |
@@ -54013,7 +54407,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4443 |
/* |
4444 |
* this is really a simplified "do_mmap". it only handles |
4445 |
* anonymous maps. eventually we may be able to do some |
4446 |
-@@ -2157,6 +2556,7 @@ unsigned long do_brk(unsigned long addr, |
4447 |
+@@ -2157,6 +2561,7 @@ unsigned long do_brk(unsigned long addr, |
4448 |
struct rb_node ** rb_link, * rb_parent; |
4449 |
pgoff_t pgoff = addr >> PAGE_SHIFT; |
4450 |
int error; |
4451 |
@@ -54021,7 +54415,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4452 |
|
4453 |
len = PAGE_ALIGN(len); |
4454 |
if (!len) |
4455 |
-@@ -2168,16 +2568,30 @@ unsigned long do_brk(unsigned long addr, |
4456 |
+@@ -2168,16 +2573,30 @@ unsigned long do_brk(unsigned long addr, |
4457 |
|
4458 |
flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; |
4459 |
|
4460 |
@@ -54053,7 +54447,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4461 |
locked += mm->locked_vm; |
4462 |
lock_limit = rlimit(RLIMIT_MEMLOCK); |
4463 |
lock_limit >>= PAGE_SHIFT; |
4464 |
-@@ -2194,22 +2608,22 @@ unsigned long do_brk(unsigned long addr, |
4465 |
+@@ -2194,22 +2613,22 @@ unsigned long do_brk(unsigned long addr, |
4466 |
/* |
4467 |
* Clear old maps. this also does some error checking for us |
4468 |
*/ |
4469 |
@@ -54080,7 +54474,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4470 |
return -ENOMEM; |
4471 |
|
4472 |
/* Can we just expand an old private anonymous mapping? */ |
4473 |
-@@ -2223,7 +2637,7 @@ unsigned long do_brk(unsigned long addr, |
4474 |
+@@ -2223,7 +2642,7 @@ unsigned long do_brk(unsigned long addr, |
4475 |
*/ |
4476 |
vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); |
4477 |
if (!vma) { |
4478 |
@@ -54089,7 +54483,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4479 |
return -ENOMEM; |
4480 |
} |
4481 |
|
4482 |
-@@ -2237,11 +2651,12 @@ unsigned long do_brk(unsigned long addr, |
4483 |
+@@ -2237,11 +2656,12 @@ unsigned long do_brk(unsigned long addr, |
4484 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
4485 |
out: |
4486 |
perf_event_mmap(vma); |
4487 |
@@ -54104,7 +54498,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4488 |
return addr; |
4489 |
} |
4490 |
|
4491 |
-@@ -2288,8 +2703,10 @@ void exit_mmap(struct mm_struct *mm) |
4492 |
+@@ -2288,8 +2708,10 @@ void exit_mmap(struct mm_struct *mm) |
4493 |
* Walk the list again, actually closing and freeing it, |
4494 |
* with preemption enabled, without holding any MM locks. |
4495 |
*/ |
4496 |
@@ -54116,7 +54510,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4497 |
|
4498 |
BUG_ON(mm->nr_ptes > (FIRST_USER_ADDRESS+PMD_SIZE-1)>>PMD_SHIFT); |
4499 |
} |
4500 |
-@@ -2303,6 +2720,13 @@ int insert_vm_struct(struct mm_struct * |
4501 |
+@@ -2303,6 +2725,13 @@ int insert_vm_struct(struct mm_struct * |
4502 |
struct vm_area_struct * __vma, * prev; |
4503 |
struct rb_node ** rb_link, * rb_parent; |
4504 |
|
4505 |
@@ -54130,7 +54524,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4506 |
/* |
4507 |
* The vm_pgoff of a purely anonymous vma should be irrelevant |
4508 |
* until its first write fault, when page's anon_vma and index |
4509 |
-@@ -2325,7 +2749,22 @@ int insert_vm_struct(struct mm_struct * |
4510 |
+@@ -2325,7 +2754,22 @@ int insert_vm_struct(struct mm_struct * |
4511 |
if ((vma->vm_flags & VM_ACCOUNT) && |
4512 |
security_vm_enough_memory_mm(mm, vma_pages(vma))) |
4513 |
return -ENOMEM; |
4514 |
@@ -54153,7 +54547,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4515 |
return 0; |
4516 |
} |
4517 |
|
4518 |
-@@ -2343,6 +2782,8 @@ struct vm_area_struct *copy_vma(struct v |
4519 |
+@@ -2343,6 +2787,8 @@ struct vm_area_struct *copy_vma(struct v |
4520 |
struct rb_node **rb_link, *rb_parent; |
4521 |
struct mempolicy *pol; |
4522 |
|
4523 |
@@ -54162,7 +54556,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4524 |
/* |
4525 |
* If anonymous vma has not yet been faulted, update new pgoff |
4526 |
* to match new location, to increase its chance of merging. |
4527 |
-@@ -2392,6 +2833,39 @@ struct vm_area_struct *copy_vma(struct v |
4528 |
+@@ -2392,6 +2838,39 @@ struct vm_area_struct *copy_vma(struct v |
4529 |
kmem_cache_free(vm_area_cachep, new_vma); |
4530 |
return NULL; |
4531 |
} |
4532 |
@@ -54202,7 +54596,7 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4533 |
|
4534 |
/* |
4535 |
* Return true if the calling process may expand its vm space by the passed |
4536 |
-@@ -2403,7 +2877,7 @@ int may_expand_vm(struct mm_struct *mm, |
4537 |
+@@ -2403,7 +2882,7 @@ int may_expand_vm(struct mm_struct *mm, |
4538 |
unsigned long lim; |
4539 |
|
4540 |
lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; |
4541 |
@@ -54211,16 +54605,21 @@ diff -urNp linux-2.6.37/mm/mmap.c linux-2.6.37/mm/mmap.c |
4542 |
if (cur + npages > lim) |
4543 |
return 0; |
4544 |
return 1; |
4545 |
-@@ -2474,6 +2948,17 @@ int install_special_mapping(struct mm_st |
4546 |
+@@ -2474,6 +2953,22 @@ int install_special_mapping(struct mm_st |
4547 |
vma->vm_start = addr; |
4548 |
vma->vm_end = addr + len; |
4549 |
|
4550 |
+#ifdef CONFIG_PAX_MPROTECT |
4551 |
+ if (mm->pax_flags & MF_PAX_MPROTECT) { |
4552 |
++#ifndef CONFIG_PAX_MPROTECT_COMPAT |
4553 |
+ if ((vm_flags & (VM_WRITE | VM_EXEC)) == (VM_WRITE | VM_EXEC)) |
4554 |
+ return -EPERM; |
4555 |
+ if (!(vm_flags & VM_EXEC)) |
4556 |
+ vm_flags &= ~VM_MAYEXEC; |
4557 |
++#else |
4558 |
++ if ((vm_flags & (VM_WRITE | VM_EXEC)) != VM_EXEC) |
4559 |
++ vm_flags &= ~(VM_EXEC | VM_MAYEXEC); |
4560 |
++#endif |
4561 |
+ else |
4562 |
+ vm_flags &= ~VM_MAYWRITE; |
4563 |
+ } |
4564 |
@@ -54753,7 +55152,7 @@ diff -urNp linux-2.6.37/mm/rmap.c linux-2.6.37/mm/rmap.c |
4565 |
struct anon_vma *anon_vma; |
4566 |
diff -urNp linux-2.6.37/mm/shmem.c linux-2.6.37/mm/shmem.c |
4567 |
--- linux-2.6.37/mm/shmem.c 2011-01-04 19:50:19.000000000 -0500 |
4568 |
-+++ linux-2.6.37/mm/shmem.c 2011-01-17 02:41:02.000000000 -0500 |
4569 |
++++ linux-2.6.37/mm/shmem.c 2011-01-24 18:04:18.000000000 -0500 |
4570 |
@@ -31,7 +31,7 @@ |
4571 |
#include <linux/percpu_counter.h> |
4572 |
#include <linux/swap.h> |
4573 |
@@ -54763,6 +55162,15 @@ diff -urNp linux-2.6.37/mm/shmem.c linux-2.6.37/mm/shmem.c |
4574 |
|
4575 |
#ifdef CONFIG_SHMEM |
4576 |
/* |
4577 |
+@@ -1070,6 +1070,8 @@ static int shmem_writepage(struct page * |
4578 |
+ goto unlock; |
4579 |
+ } |
4580 |
+ entry = shmem_swp_entry(info, index, NULL); |
4581 |
++ if (!entry) |
4582 |
++ goto unlock; |
4583 |
+ if (entry->val) { |
4584 |
+ /* |
4585 |
+ * The more uptodate page coming down from a stacked |
4586 |
diff -urNp linux-2.6.37/mm/slab.c linux-2.6.37/mm/slab.c |
4587 |
--- linux-2.6.37/mm/slab.c 2011-01-04 19:50:19.000000000 -0500 |
4588 |
+++ linux-2.6.37/mm/slab.c 2011-01-17 02:41:02.000000000 -0500 |
4589 |
@@ -56479,24 +56887,24 @@ diff -urNp linux-2.6.37/net/ipv6/udp.c linux-2.6.37/net/ipv6/udp.c |
4590 |
|
4591 |
diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircomm/ircomm_tty.c |
4592 |
--- linux-2.6.37/net/irda/ircomm/ircomm_tty.c 2011-01-04 19:50:19.000000000 -0500 |
4593 |
-+++ linux-2.6.37/net/irda/ircomm/ircomm_tty.c 2011-01-17 02:41:02.000000000 -0500 |
4594 |
++++ linux-2.6.37/net/irda/ircomm/ircomm_tty.c 2011-01-24 18:04:18.000000000 -0500 |
4595 |
@@ -281,16 +281,16 @@ static int ircomm_tty_block_til_ready(st |
4596 |
add_wait_queue(&self->open_wait, &wait); |
4597 |
|
4598 |
IRDA_DEBUG(2, "%s(%d):block_til_ready before block on %s open_count=%d\n", |
4599 |
- __FILE__,__LINE__, tty->driver->name, self->open_count ); |
4600 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count) ); |
4601 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count) ); |
4602 |
|
4603 |
/* As far as I can see, we protect open_count - Jean II */ |
4604 |
spin_lock_irqsave(&self->spinlock, flags); |
4605 |
if (!tty_hung_up_p(filp)) { |
4606 |
extra_count = 1; |
4607 |
- self->open_count--; |
4608 |
-+ atomic_dec(&self->open_count); |
4609 |
++ local_dec(&self->open_count); |
4610 |
} |
4611 |
spin_unlock_irqrestore(&self->spinlock, flags); |
4612 |
- self->blocked_open++; |
4613 |
-+ atomic_inc(&self->blocked_open); |
4614 |
++ local_inc(&self->blocked_open); |
4615 |
|
4616 |
while (1) { |
4617 |
if (tty->termios->c_cflag & CBAUD) { |
4618 |
@@ -56505,7 +56913,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4619 |
|
4620 |
IRDA_DEBUG(1, "%s(%d):block_til_ready blocking on %s open_count=%d\n", |
4621 |
- __FILE__,__LINE__, tty->driver->name, self->open_count ); |
4622 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count) ); |
4623 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count) ); |
4624 |
|
4625 |
schedule(); |
4626 |
} |
4627 |
@@ -56514,15 +56922,15 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4628 |
/* ++ is not atomic, so this should be protected - Jean II */ |
4629 |
spin_lock_irqsave(&self->spinlock, flags); |
4630 |
- self->open_count++; |
4631 |
-+ atomic_inc(&self->open_count); |
4632 |
++ local_inc(&self->open_count); |
4633 |
spin_unlock_irqrestore(&self->spinlock, flags); |
4634 |
} |
4635 |
- self->blocked_open--; |
4636 |
-+ atomic_dec(&self->blocked_open); |
4637 |
++ local_dec(&self->blocked_open); |
4638 |
|
4639 |
IRDA_DEBUG(1, "%s(%d):block_til_ready after blocking on %s open_count=%d\n", |
4640 |
- __FILE__,__LINE__, tty->driver->name, self->open_count); |
4641 |
-+ __FILE__,__LINE__, tty->driver->name, atomic_read(&self->open_count)); |
4642 |
++ __FILE__,__LINE__, tty->driver->name, local_read(&self->open_count)); |
4643 |
|
4644 |
if (!retval) |
4645 |
self->flags |= ASYNC_NORMAL_ACTIVE; |
4646 |
@@ -56531,7 +56939,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4647 |
/* ++ is not atomic, so this should be protected - Jean II */ |
4648 |
spin_lock_irqsave(&self->spinlock, flags); |
4649 |
- self->open_count++; |
4650 |
-+ atomic_inc(&self->open_count); |
4651 |
++ local_inc(&self->open_count); |
4652 |
|
4653 |
tty->driver_data = self; |
4654 |
self->tty = tty; |
4655 |
@@ -56539,7 +56947,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4656 |
|
4657 |
IRDA_DEBUG(1, "%s(), %s%d, count = %d\n", __func__ , tty->driver->name, |
4658 |
- self->line, self->open_count); |
4659 |
-+ self->line, atomic_read(&self->open_count)); |
4660 |
++ self->line, local_read(&self->open_count)); |
4661 |
|
4662 |
/* Not really used by us, but lets do it anyway */ |
4663 |
self->tty->low_latency = (self->flags & ASYNC_LOW_LATENCY) ? 1 : 0; |
4664 |
@@ -56548,7 +56956,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4665 |
} |
4666 |
|
4667 |
- if ((tty->count == 1) && (self->open_count != 1)) { |
4668 |
-+ if ((tty->count == 1) && (atomic_read(&self->open_count) != 1)) { |
4669 |
++ if ((tty->count == 1) && (local_read(&self->open_count) != 1)) { |
4670 |
/* |
4671 |
* Uh, oh. tty->count is 1, which means that the tty |
4672 |
* structure will be freed. state->count should always |
4673 |
@@ -56558,20 +56966,20 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4674 |
"tty->count is 1, state->count is %d\n", __func__ , |
4675 |
- self->open_count); |
4676 |
- self->open_count = 1; |
4677 |
-+ atomic_read(&self->open_count)); |
4678 |
-+ atomic_set(&self->open_count, 1); |
4679 |
++ local_read(&self->open_count)); |
4680 |
++ local_set(&self->open_count, 1); |
4681 |
} |
4682 |
|
4683 |
- if (--self->open_count < 0) { |
4684 |
-+ if (atomic_dec_return(&self->open_count) < 0) { |
4685 |
++ if (local_dec_return(&self->open_count) < 0) { |
4686 |
IRDA_ERROR("%s(), bad serial port count for ttys%d: %d\n", |
4687 |
- __func__, self->line, self->open_count); |
4688 |
- self->open_count = 0; |
4689 |
-+ __func__, self->line, atomic_read(&self->open_count)); |
4690 |
-+ atomic_set(&self->open_count, 0); |
4691 |
++ __func__, self->line, local_read(&self->open_count)); |
4692 |
++ local_set(&self->open_count, 0); |
4693 |
} |
4694 |
- if (self->open_count) { |
4695 |
-+ if (atomic_read(&self->open_count)) { |
4696 |
++ if (local_read(&self->open_count)) { |
4697 |
spin_unlock_irqrestore(&self->spinlock, flags); |
4698 |
|
4699 |
IRDA_DEBUG(0, "%s(), open count > 0\n", __func__ ); |
4700 |
@@ -56580,7 +56988,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4701 |
self->tty = NULL; |
4702 |
|
4703 |
- if (self->blocked_open) { |
4704 |
-+ if (atomic_read(&self->blocked_open)) { |
4705 |
++ if (local_read(&self->blocked_open)) { |
4706 |
if (self->close_delay) |
4707 |
schedule_timeout_interruptible(self->close_delay); |
4708 |
wake_up_interruptible(&self->open_wait); |
4709 |
@@ -56589,7 +56997,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4710 |
self->flags &= ~ASYNC_NORMAL_ACTIVE; |
4711 |
self->tty = NULL; |
4712 |
- self->open_count = 0; |
4713 |
-+ atomic_set(&self->open_count, 0); |
4714 |
++ local_set(&self->open_count, 0); |
4715 |
spin_unlock_irqrestore(&self->spinlock, flags); |
4716 |
|
4717 |
wake_up_interruptible(&self->open_wait); |
4718 |
@@ -56598,7 +57006,7 @@ diff -urNp linux-2.6.37/net/irda/ircomm/ircomm_tty.c linux-2.6.37/net/irda/ircom |
4719 |
|
4720 |
seq_printf(m, "Role: %s\n", self->client ? "client" : "server"); |
4721 |
- seq_printf(m, "Open count: %d\n", self->open_count); |
4722 |
-+ seq_printf(m, "Open count: %d\n", atomic_read(&self->open_count)); |
4723 |
++ seq_printf(m, "Open count: %d\n", local_read(&self->open_count)); |
4724 |
seq_printf(m, "Max data size: %d\n", self->max_data_size); |
4725 |
seq_printf(m, "Max header size: %d\n", self->max_header_size); |
4726 |
|
4727 |
@@ -56619,25 +57027,33 @@ diff -urNp linux-2.6.37/net/key/af_key.c linux-2.6.37/net/key/af_key.c |
4728 |
sk_wmem_alloc_get(s), |
4729 |
diff -urNp linux-2.6.37/net/mac80211/ieee80211_i.h linux-2.6.37/net/mac80211/ieee80211_i.h |
4730 |
--- linux-2.6.37/net/mac80211/ieee80211_i.h 2011-01-04 19:50:19.000000000 -0500 |
4731 |
-+++ linux-2.6.37/net/mac80211/ieee80211_i.h 2011-01-17 02:41:02.000000000 -0500 |
4732 |
-@@ -704,7 +704,7 @@ struct ieee80211_local { |
4733 |
++++ linux-2.6.37/net/mac80211/ieee80211_i.h 2011-01-24 18:04:18.000000000 -0500 |
4734 |
+@@ -26,6 +26,7 @@ |
4735 |
+ #include <net/ieee80211_radiotap.h> |
4736 |
+ #include <net/cfg80211.h> |
4737 |
+ #include <net/mac80211.h> |
4738 |
++#include <asm/local.h> |
4739 |
+ #include "key.h" |
4740 |
+ #include "sta_info.h" |
4741 |
+ |
4742 |
+@@ -704,7 +705,7 @@ struct ieee80211_local { |
4743 |
/* also used to protect ampdu_ac_queue and amdpu_ac_stop_refcnt */ |
4744 |
spinlock_t queue_stop_reason_lock; |
4745 |
|
4746 |
- int open_count; |
4747 |
-+ atomic_t open_count; |
4748 |
++ local_t open_count; |
4749 |
int monitors, cooked_mntrs; |
4750 |
/* number of interfaces with corresponding FIF_ flags */ |
4751 |
int fif_fcsfail, fif_plcpfail, fif_control, fif_other_bss, fif_pspoll, |
4752 |
diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4753 |
--- linux-2.6.37/net/mac80211/iface.c 2011-01-04 19:50:19.000000000 -0500 |
4754 |
-+++ linux-2.6.37/net/mac80211/iface.c 2011-01-17 02:41:02.000000000 -0500 |
4755 |
++++ linux-2.6.37/net/mac80211/iface.c 2011-01-24 18:04:18.000000000 -0500 |
4756 |
@@ -216,7 +216,7 @@ static int ieee80211_do_open(struct net_ |
4757 |
break; |
4758 |
} |
4759 |
|
4760 |
- if (local->open_count == 0) { |
4761 |
-+ if (atomic_read(&local->open_count) == 0) { |
4762 |
++ if (local_read(&local->open_count) == 0) { |
4763 |
res = drv_start(local); |
4764 |
if (res) |
4765 |
goto err_del_bss; |
4766 |
@@ -56646,7 +57062,7 @@ diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4767 |
|
4768 |
if (!is_valid_ether_addr(dev->dev_addr)) { |
4769 |
- if (!local->open_count) |
4770 |
-+ if (!atomic_read(&local->open_count)) |
4771 |
++ if (!local_read(&local->open_count)) |
4772 |
drv_stop(local); |
4773 |
return -EADDRNOTAVAIL; |
4774 |
} |
4775 |
@@ -56655,7 +57071,7 @@ diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4776 |
|
4777 |
if (coming_up) |
4778 |
- local->open_count++; |
4779 |
-+ atomic_inc(&local->open_count); |
4780 |
++ local_inc(&local->open_count); |
4781 |
|
4782 |
if (hw_reconf_flags) { |
4783 |
ieee80211_hw_config(local, hw_reconf_flags); |
4784 |
@@ -56664,7 +57080,7 @@ diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4785 |
drv_remove_interface(local, &sdata->vif); |
4786 |
err_stop: |
4787 |
- if (!local->open_count) |
4788 |
-+ if (!atomic_read(&local->open_count)) |
4789 |
++ if (!local_read(&local->open_count)) |
4790 |
drv_stop(local); |
4791 |
err_del_bss: |
4792 |
sdata->bss = NULL; |
4793 |
@@ -56673,7 +57089,7 @@ diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4794 |
|
4795 |
if (going_down) |
4796 |
- local->open_count--; |
4797 |
-+ atomic_dec(&local->open_count); |
4798 |
++ local_dec(&local->open_count); |
4799 |
|
4800 |
switch (sdata->vif.type) { |
4801 |
case NL80211_IFTYPE_AP_VLAN: |
4802 |
@@ -56682,43 +57098,43 @@ diff -urNp linux-2.6.37/net/mac80211/iface.c linux-2.6.37/net/mac80211/iface.c |
4803 |
ieee80211_recalc_ps(local, -1); |
4804 |
|
4805 |
- if (local->open_count == 0) { |
4806 |
-+ if (atomic_read(&local->open_count) == 0) { |
4807 |
++ if (local_read(&local->open_count) == 0) { |
4808 |
if (local->ops->napi_poll) |
4809 |
napi_disable(&local->napi); |
4810 |
ieee80211_clear_tx_pending(local); |
4811 |
diff -urNp linux-2.6.37/net/mac80211/main.c linux-2.6.37/net/mac80211/main.c |
4812 |
--- linux-2.6.37/net/mac80211/main.c 2011-01-04 19:50:19.000000000 -0500 |
4813 |
-+++ linux-2.6.37/net/mac80211/main.c 2011-01-17 02:41:02.000000000 -0500 |
4814 |
++++ linux-2.6.37/net/mac80211/main.c 2011-01-24 18:04:18.000000000 -0500 |
4815 |
@@ -159,7 +159,7 @@ int ieee80211_hw_config(struct ieee80211 |
4816 |
local->hw.conf.power_level = power; |
4817 |
} |
4818 |
|
4819 |
- if (changed && local->open_count) { |
4820 |
-+ if (changed && atomic_read(&local->open_count)) { |
4821 |
++ if (changed && local_read(&local->open_count)) { |
4822 |
ret = drv_config(local, changed); |
4823 |
/* |
4824 |
* Goal: |
4825 |
diff -urNp linux-2.6.37/net/mac80211/pm.c linux-2.6.37/net/mac80211/pm.c |
4826 |
--- linux-2.6.37/net/mac80211/pm.c 2011-01-04 19:50:19.000000000 -0500 |
4827 |
-+++ linux-2.6.37/net/mac80211/pm.c 2011-01-17 02:41:02.000000000 -0500 |
4828 |
++++ linux-2.6.37/net/mac80211/pm.c 2011-01-24 18:04:18.000000000 -0500 |
4829 |
@@ -95,7 +95,7 @@ int __ieee80211_suspend(struct ieee80211 |
4830 |
} |
4831 |
|
4832 |
/* stop hardware - this must stop RX */ |
4833 |
- if (local->open_count) |
4834 |
-+ if (atomic_read(&local->open_count)) |
4835 |
++ if (local_read(&local->open_count)) |
4836 |
ieee80211_stop_device(local); |
4837 |
|
4838 |
local->suspended = true; |
4839 |
diff -urNp linux-2.6.37/net/mac80211/rate.c linux-2.6.37/net/mac80211/rate.c |
4840 |
--- linux-2.6.37/net/mac80211/rate.c 2011-01-04 19:50:19.000000000 -0500 |
4841 |
-+++ linux-2.6.37/net/mac80211/rate.c 2011-01-17 02:41:02.000000000 -0500 |
4842 |
++++ linux-2.6.37/net/mac80211/rate.c 2011-01-24 18:04:18.000000000 -0500 |
4843 |
@@ -361,7 +361,7 @@ int ieee80211_init_rate_ctrl_alg(struct |
4844 |
|
4845 |
ASSERT_RTNL(); |
4846 |
|
4847 |
- if (local->open_count) |
4848 |
-+ if (atomic_read(&local->open_count)) |
4849 |
++ if (local_read(&local->open_count)) |
4850 |
return -EBUSY; |
4851 |
|
4852 |
if (local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) { |
4853 |
@@ -56748,13 +57164,13 @@ diff -urNp linux-2.6.37/net/mac80211/tx.c linux-2.6.37/net/mac80211/tx.c |
4854 |
return local == wdev_priv(dev->ieee80211_ptr); |
4855 |
diff -urNp linux-2.6.37/net/mac80211/util.c linux-2.6.37/net/mac80211/util.c |
4856 |
--- linux-2.6.37/net/mac80211/util.c 2011-01-04 19:50:19.000000000 -0500 |
4857 |
-+++ linux-2.6.37/net/mac80211/util.c 2011-01-17 02:41:02.000000000 -0500 |
4858 |
++++ linux-2.6.37/net/mac80211/util.c 2011-01-24 18:04:18.000000000 -0500 |
4859 |
@@ -1111,7 +1111,7 @@ int ieee80211_reconfig(struct ieee80211_ |
4860 |
local->resuming = true; |
4861 |
|
4862 |
/* restart hardware */ |
4863 |
- if (local->open_count) { |
4864 |
-+ if (atomic_read(&local->open_count)) { |
4865 |
++ if (local_read(&local->open_count)) { |
4866 |
/* |
4867 |
* Upon resume hardware can sometimes be goofy due to |
4868 |
* various platform / driver / bus issues, so restarting |
4869 |
@@ -57730,8 +58146,8 @@ diff -urNp linux-2.6.37/security/integrity/ima/ima_queue.c linux-2.6.37/security |
4870 |
return 0; |
4871 |
diff -urNp linux-2.6.37/security/Kconfig linux-2.6.37/security/Kconfig |
4872 |
--- linux-2.6.37/security/Kconfig 2011-01-04 19:50:19.000000000 -0500 |
4873 |
-+++ linux-2.6.37/security/Kconfig 2011-01-17 02:41:02.000000000 -0500 |
4874 |
-@@ -4,6 +4,509 @@ |
4875 |
++++ linux-2.6.37/security/Kconfig 2011-02-12 11:32:56.000000000 -0500 |
4876 |
+@@ -4,6 +4,527 @@ |
4877 |
|
4878 |
menu "Security options" |
4879 |
|
4880 |
@@ -57977,6 +58393,24 @@ diff -urNp linux-2.6.37/security/Kconfig linux-2.6.37/security/Kconfig |
4881 |
+ NOTE: you can use the 'chpax' or 'paxctl' utilities to control |
4882 |
+ this feature on a per file basis. |
4883 |
+ |
4884 |
++config PAX_MPROTECT_COMPAT |
4885 |
++ bool "Use legacy/compat protection demoting (read help)" |
4886 |
++ depends on PAX_MPROTECT |
4887 |
++ default n |
4888 |
++ help |
4889 |
++ The current implementation of PAX_MPROTECT denies RWX allocations/mprotects |
4890 |
++ by sending the proper error code to the application. For some broken |
4891 |
++ userland, this can cause problems with Python or other applications. The |
4892 |
++ current implementation however allows for applications like clamav to |
4893 |
++ detect if JIT compilation/execution is allowed and to fall back gracefully |
4894 |
++ to an interpreter-based mode if it does not. While we encourage everyone |
4895 |
++ to use the current implementation as-is and push upstream to fix broken |
4896 |
++ userland (note that the RWX logging option can assist with this), in some |
4897 |
++ environments this may not be possible. Having to disable MPROTECT |
4898 |
++ completely on certain binaries reduces the security benefit of PaX, |
4899 |
++ so this option is provided for those environments to revert to the old |
4900 |
++ behavior. |
4901 |
++ |
4902 |
+config PAX_ELFRELOCS |
4903 |
+ bool "Allow ELF text relocations (read help)" |
4904 |
+ depends on PAX_MPROTECT |
4905 |
@@ -58241,7 +58675,7 @@ diff -urNp linux-2.6.37/security/Kconfig linux-2.6.37/security/Kconfig |
4906 |
config KEYS |
4907 |
bool "Enable access key retention support" |
4908 |
help |
4909 |
-@@ -136,7 +639,7 @@ config INTEL_TXT |
4910 |
+@@ -136,7 +657,7 @@ config INTEL_TXT |
4911 |
config LSM_MMAP_MIN_ADDR |
4912 |
int "Low address space for LSM to protect from user allocation" |
4913 |
depends on SECURITY && SECURITY_SELINUX |
4914 |
@@ -58271,7 +58705,7 @@ diff -urNp linux-2.6.37/security/min_addr.c linux-2.6.37/security/min_addr.c |
4915 |
/* |
4916 |
diff -urNp linux-2.6.37/security/security.c linux-2.6.37/security/security.c |
4917 |
--- linux-2.6.37/security/security.c 2011-01-04 19:50:19.000000000 -0500 |
4918 |
-+++ linux-2.6.37/security/security.c 2011-01-17 02:41:02.000000000 -0500 |
4919 |
++++ linux-2.6.37/security/security.c 2011-02-12 10:36:34.000000000 -0500 |
4920 |
@@ -25,8 +25,8 @@ static __initdata char chosen_lsm[SECURI |
4921 |
/* things that live in capability.c */ |
4922 |
extern void __init security_fixup_ops(struct security_operations *ops); |
4923 |
@@ -58293,9 +58727,22 @@ diff -urNp linux-2.6.37/security/security.c linux-2.6.37/security/security.c |
4924 |
} |
4925 |
|
4926 |
/* Save user chosen LSM */ |
4927 |
+@@ -154,10 +156,9 @@ int security_capset(struct cred *new, co |
4928 |
+ effective, inheritable, permitted); |
4929 |
+ } |
4930 |
+ |
4931 |
+-int security_capable(int cap) |
4932 |
++int security_capable(const struct cred *cred, int cap) |
4933 |
+ { |
4934 |
+- return security_ops->capable(current, current_cred(), cap, |
4935 |
+- SECURITY_CAP_AUDIT); |
4936 |
++ return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT); |
4937 |
+ } |
4938 |
+ |
4939 |
+ int security_real_capable(struct task_struct *tsk, int cap) |
4940 |
diff -urNp linux-2.6.37/security/selinux/hooks.c linux-2.6.37/security/selinux/hooks.c |
4941 |
--- linux-2.6.37/security/selinux/hooks.c 2011-01-04 19:50:19.000000000 -0500 |
4942 |
-+++ linux-2.6.37/security/selinux/hooks.c 2011-01-17 02:41:02.000000000 -0500 |
4943 |
++++ linux-2.6.37/security/selinux/hooks.c 2011-02-12 11:02:14.000000000 -0500 |
4944 |
@@ -90,7 +90,6 @@ |
4945 |
#define NUM_SEL_MNT_OPTS 5 |
4946 |
|
4947 |
@@ -58304,7 +58751,20 @@ diff -urNp linux-2.6.37/security/selinux/hooks.c linux-2.6.37/security/selinux/h |
4948 |
|
4949 |
/* SECMARK reference count */ |
4950 |
atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); |
4951 |
-@@ -5388,7 +5387,7 @@ static int selinux_key_getsecurity(struc |
4952 |
+@@ -3195,7 +3194,11 @@ static void selinux_cred_free(struct cre |
4953 |
+ { |
4954 |
+ struct task_security_struct *tsec = cred->security; |
4955 |
+ |
4956 |
+- BUG_ON((unsigned long) cred->security < PAGE_SIZE); |
4957 |
++ /* |
4958 |
++ * cred->security == NULL if security_cred_alloc_blank() or |
4959 |
++ * security_prepare_creds() returned an error. |
4960 |
++ */ |
4961 |
++ BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE); |
4962 |
+ cred->security = (void *) 0x7UL; |
4963 |
+ kfree(tsec); |
4964 |
+ } |
4965 |
+@@ -5388,7 +5391,7 @@ static int selinux_key_getsecurity(struc |
4966 |
|
4967 |
#endif |
4968 |
|
4969 |
@@ -58339,13 +58799,13 @@ diff -urNp linux-2.6.37/security/tomoyo/tomoyo.c linux-2.6.37/security/tomoyo/to |
4970 |
.cred_prepare = tomoyo_cred_prepare, |
4971 |
diff -urNp linux-2.6.37/sound/aoa/codecs/onyx.c linux-2.6.37/sound/aoa/codecs/onyx.c |
4972 |
--- linux-2.6.37/sound/aoa/codecs/onyx.c 2011-01-04 19:50:19.000000000 -0500 |
4973 |
-+++ linux-2.6.37/sound/aoa/codecs/onyx.c 2011-01-17 02:41:02.000000000 -0500 |
4974 |
++++ linux-2.6.37/sound/aoa/codecs/onyx.c 2011-01-24 18:04:18.000000000 -0500 |
4975 |
@@ -54,7 +54,7 @@ struct onyx { |
4976 |
spdif_locked:1, |
4977 |
analog_locked:1, |
4978 |
original_mute:2; |
4979 |
- int open_count; |
4980 |
-+ atomic_t open_count; |
4981 |
++ local_t open_count; |
4982 |
struct codec_info *codec_info; |
4983 |
|
4984 |
/* mutex serializes concurrent access to the device |
4985 |
@@ -58354,7 +58814,7 @@ diff -urNp linux-2.6.37/sound/aoa/codecs/onyx.c linux-2.6.37/sound/aoa/codecs/on |
4986 |
|
4987 |
mutex_lock(&onyx->mutex); |
4988 |
- onyx->open_count++; |
4989 |
-+ atomic_inc(&onyx->open_count); |
4990 |
++ local_inc(&onyx->open_count); |
4991 |
mutex_unlock(&onyx->mutex); |
4992 |
|
4993 |
return 0; |
4994 |
@@ -58364,10 +58824,21 @@ diff -urNp linux-2.6.37/sound/aoa/codecs/onyx.c linux-2.6.37/sound/aoa/codecs/on |
4995 |
mutex_lock(&onyx->mutex); |
4996 |
- onyx->open_count--; |
4997 |
- if (!onyx->open_count) |
4998 |
-+ if (atomic_dec_and_test(&onyx->open_count)) |
4999 |
++ if (local_dec_and_test(&onyx->open_count)) |
5000 |
onyx->spdif_locked = onyx->analog_locked = 0; |
5001 |
mutex_unlock(&onyx->mutex); |
5002 |
|
5003 |
+diff -urNp linux-2.6.37/sound/aoa/codecs/onyx.h linux-2.6.37/sound/aoa/codecs/onyx.h |
5004 |
+--- linux-2.6.37/sound/aoa/codecs/onyx.h 2011-01-04 19:50:19.000000000 -0500 |
5005 |
++++ linux-2.6.37/sound/aoa/codecs/onyx.h 2011-01-25 20:24:56.000000000 -0500 |
5006 |
+@@ -11,6 +11,7 @@ |
5007 |
+ #include <linux/i2c.h> |
5008 |
+ #include <asm/pmac_low_i2c.h> |
5009 |
+ #include <asm/prom.h> |
5010 |
++#include <asm/local.h> |
5011 |
+ |
5012 |
+ /* PCM3052 register definitions */ |
5013 |
+ |
5014 |
diff -urNp linux-2.6.37/sound/core/oss/pcm_oss.c linux-2.6.37/sound/core/oss/pcm_oss.c |
5015 |
--- linux-2.6.37/sound/core/oss/pcm_oss.c 2011-01-04 19:50:19.000000000 -0500 |
5016 |
+++ linux-2.6.37/sound/core/oss/pcm_oss.c 2011-01-17 02:41:02.000000000 -0500 |
5017 |
@@ -58402,64 +58873,80 @@ diff -urNp linux-2.6.37/sound/core/seq/seq_lock.h linux-2.6.37/sound/core/seq/se |
5018 |
|
5019 |
diff -urNp linux-2.6.37/sound/drivers/mts64.c linux-2.6.37/sound/drivers/mts64.c |
5020 |
--- linux-2.6.37/sound/drivers/mts64.c 2011-01-04 19:50:19.000000000 -0500 |
5021 |
-+++ linux-2.6.37/sound/drivers/mts64.c 2011-01-17 02:41:02.000000000 -0500 |
5022 |
-@@ -66,7 +66,7 @@ struct mts64 { |
5023 |
++++ linux-2.6.37/sound/drivers/mts64.c 2011-01-25 22:35:55.000000000 -0500 |
5024 |
+@@ -28,6 +28,7 @@ |
5025 |
+ #include <sound/initval.h> |
5026 |
+ #include <sound/rawmidi.h> |
5027 |
+ #include <sound/control.h> |
5028 |
++#include <asm/local.h> |
5029 |
+ |
5030 |
+ #define CARD_NAME "Miditerminal 4140" |
5031 |
+ #define DRIVER_NAME "MTS64" |
5032 |
+@@ -66,7 +67,7 @@ struct mts64 { |
5033 |
struct pardevice *pardev; |
5034 |
int pardev_claimed; |
5035 |
|
5036 |
- int open_count; |
5037 |
-+ atomic_t open_count; |
5038 |
++ local_t open_count; |
5039 |
int current_midi_output_port; |
5040 |
int current_midi_input_port; |
5041 |
u8 mode[MTS64_NUM_INPUT_PORTS]; |
5042 |
-@@ -696,7 +696,7 @@ static int snd_mts64_rawmidi_open(struct |
5043 |
+@@ -696,7 +697,7 @@ static int snd_mts64_rawmidi_open(struct |
5044 |
{ |
5045 |
struct mts64 *mts = substream->rmidi->private_data; |
5046 |
|
5047 |
- if (mts->open_count == 0) { |
5048 |
-+ if (atomic_read(&mts->open_count) == 0) { |
5049 |
++ if (local_read(&mts->open_count) == 0) { |
5050 |
/* We don't need a spinlock here, because this is just called |
5051 |
if the device has not been opened before. |
5052 |
So there aren't any IRQs from the device */ |
5053 |
-@@ -704,7 +704,7 @@ static int snd_mts64_rawmidi_open(struct |
5054 |
+@@ -704,7 +705,7 @@ static int snd_mts64_rawmidi_open(struct |
5055 |
|
5056 |
msleep(50); |
5057 |
} |
5058 |
- ++(mts->open_count); |
5059 |
-+ atomic_inc(&mts->open_count); |
5060 |
++ local_inc(&mts->open_count); |
5061 |
|
5062 |
return 0; |
5063 |
} |
5064 |
-@@ -714,8 +714,7 @@ static int snd_mts64_rawmidi_close(struc |
5065 |
+@@ -714,8 +715,7 @@ static int snd_mts64_rawmidi_close(struc |
5066 |
struct mts64 *mts = substream->rmidi->private_data; |
5067 |
unsigned long flags; |
5068 |
|
5069 |
- --(mts->open_count); |
5070 |
- if (mts->open_count == 0) { |
5071 |
-+ if (atomic_dec_return(&mts->open_count) == 0) { |
5072 |
++ if (local_dec_return(&mts->open_count) == 0) { |
5073 |
/* We need the spinlock_irqsave here because we can still |
5074 |
have IRQs at this point */ |
5075 |
spin_lock_irqsave(&mts->lock, flags); |
5076 |
-@@ -724,8 +723,8 @@ static int snd_mts64_rawmidi_close(struc |
5077 |
+@@ -724,8 +724,8 @@ static int snd_mts64_rawmidi_close(struc |
5078 |
|
5079 |
msleep(500); |
5080 |
|
5081 |
- } else if (mts->open_count < 0) |
5082 |
- mts->open_count = 0; |
5083 |
-+ } else if (atomic_read(&mts->open_count) < 0) |
5084 |
-+ atomic_set(&mts->open_count, 0); |
5085 |
++ } else if (local_read(&mts->open_count) < 0) |
5086 |
++ local_set(&mts->open_count, 0); |
5087 |
|
5088 |
return 0; |
5089 |
} |
5090 |
diff -urNp linux-2.6.37/sound/drivers/portman2x4.c linux-2.6.37/sound/drivers/portman2x4.c |
5091 |
--- linux-2.6.37/sound/drivers/portman2x4.c 2011-01-04 19:50:19.000000000 -0500 |
5092 |
-+++ linux-2.6.37/sound/drivers/portman2x4.c 2011-01-17 02:41:02.000000000 -0500 |
5093 |
-@@ -84,7 +84,7 @@ struct portman { |
5094 |
++++ linux-2.6.37/sound/drivers/portman2x4.c 2011-01-25 20:24:56.000000000 -0500 |
5095 |
+@@ -47,6 +47,7 @@ |
5096 |
+ #include <sound/initval.h> |
5097 |
+ #include <sound/rawmidi.h> |
5098 |
+ #include <sound/control.h> |
5099 |
++#include <asm/local.h> |
5100 |
+ |
5101 |
+ #define CARD_NAME "Portman 2x4" |
5102 |
+ #define DRIVER_NAME "portman" |
5103 |
+@@ -84,7 +85,7 @@ struct portman { |
5104 |
struct pardevice *pardev; |
5105 |
int pardev_claimed; |
5106 |
|
5107 |
- int open_count; |
5108 |
-+ atomic_t open_count; |
5109 |
++ local_t open_count; |
5110 |
int mode[PORTMAN_NUM_INPUT_PORTS]; |
5111 |
struct snd_rawmidi_substream *midi_input[PORTMAN_NUM_INPUT_PORTS]; |
5112 |
}; |
5113 |
|
5114 |
diff --git a/2.6.37/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.37/4440_selinux-avc_audit-log-curr_ip.patch |
5115 |
index e8b9c36..c7c942f 100644 |
5116 |
--- a/2.6.37/4440_selinux-avc_audit-log-curr_ip.patch |
5117 |
+++ b/2.6.37/4440_selinux-avc_audit-log-curr_ip.patch |
5118 |
@@ -27,7 +27,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
5119 |
|
5120 |
--- a/grsecurity/Kconfig |
5121 |
+++ b/grsecurity/Kconfig |
5122 |
-@@ -1385,6 +1385,27 @@ |
5123 |
+@@ -1230,6 +1230,27 @@ |
5124 |
menu "Logging Options" |
5125 |
depends on GRKERNSEC |