1 |
commit: c17d5a9f4cc40f82beeedf119798bf4ee78b2b1a |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon May 14 01:07:20 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon May 14 01:07:20 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=c17d5a9f |
7 |
|
8 |
Grsec/PaX: 2.9-{2.6.32.59,3.2.17,3.3.6}-201205131658 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
...20_grsecurity-2.9-2.6.32.59-201205131656.patch} | 674 ++- |
13 |
{3.2.16 => 3.2.17}/0000_README | 6 +- |
14 |
3.2.17/1016_linux-3.2.17.patch | 5695 ++++++++++++++++++++ |
15 |
.../4420_grsecurity-2.9-3.2.17-201205131657.patch | 1031 +++-- |
16 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
17 |
{3.2.16 => 3.2.17}/4435_grsec-mute-warnings.patch | 0 |
18 |
.../4440_grsec-remove-protected-paths.patch | 0 |
19 |
.../4445_grsec-pax-without-grsec.patch | 0 |
20 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
21 |
{3.2.16 => 3.2.17}/4455_grsec-kconfig-gentoo.patch | 0 |
22 |
.../4460-grsec-kconfig-proc-user.patch | 0 |
23 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
24 |
{3.2.16 => 3.2.17}/4470_disable-compat_vdso.patch | 0 |
25 |
3.3.5/1004_linux-3.3.5.patch | 3285 ----------- |
26 |
{3.3.5 => 3.3.6}/0000_README | 6 +- |
27 |
3.3.6/1005_linux-3.3.6.patch | 1832 +++++++ |
28 |
.../4420_grsecurity-2.9-3.3.6-201205131658.patch | 773 +++- |
29 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
30 |
{3.3.5 => 3.3.6}/4435_grsec-mute-warnings.patch | 0 |
31 |
.../4440_grsec-remove-protected-paths.patch | 0 |
32 |
.../4445_grsec-pax-without-grsec.patch | 0 |
33 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
34 |
{3.3.5 => 3.3.6}/4455_grsec-kconfig-gentoo.patch | 0 |
35 |
.../4460-grsec-kconfig-proc-user.patch | 0 |
36 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
37 |
{3.3.5 => 3.3.6}/4470_disable-compat_vdso.patch | 0 |
38 |
27 files changed, 9438 insertions(+), 3866 deletions(-) |
39 |
|
40 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
41 |
index cfcffd4..3655217 100644 |
42 |
--- a/2.6.32/0000_README |
43 |
+++ b/2.6.32/0000_README |
44 |
@@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch |
45 |
From: http://www.kernel.org |
46 |
Desc: Linux 2.6.32.59 |
47 |
|
48 |
-Patch: 4420_grsecurity-2.9-2.6.32.59-201205071838.patch |
49 |
+Patch: 4420_grsecurity-2.9-2.6.32.59-201205131656.patch |
50 |
From: http://www.grsecurity.net |
51 |
Desc: hardened-sources base patch from upstream grsecurity |
52 |
|
53 |
|
54 |
diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201205071838.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201205131656.patch |
55 |
similarity index 99% |
56 |
rename from 2.6.32/4420_grsecurity-2.9-2.6.32.59-201205071838.patch |
57 |
rename to 2.6.32/4420_grsecurity-2.9-2.6.32.59-201205131656.patch |
58 |
index 185e1d4..d324f88 100644 |
59 |
--- a/2.6.32/4420_grsecurity-2.9-2.6.32.59-201205071838.patch |
60 |
+++ b/2.6.32/4420_grsecurity-2.9-2.6.32.59-201205131656.patch |
61 |
@@ -1171,6 +1171,34 @@ index d65b2f5..9d87555 100644 |
62 |
#endif /* __ASSEMBLY__ */ |
63 |
|
64 |
#define arch_align_stack(x) (x) |
65 |
+diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h |
66 |
+index 2dfb7d7..8fadd73 100644 |
67 |
+--- a/arch/arm/include/asm/thread_info.h |
68 |
++++ b/arch/arm/include/asm/thread_info.h |
69 |
+@@ -138,6 +138,12 @@ extern void vfp_sync_state(struct thread_info *thread); |
70 |
+ #define TIF_NEED_RESCHED 1 |
71 |
+ #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ |
72 |
+ #define TIF_SYSCALL_TRACE 8 |
73 |
++ |
74 |
++/* within 8 bits of TIF_SYSCALL_TRACE |
75 |
++ to meet flexible second operand requirements |
76 |
++*/ |
77 |
++#define TIF_GRSEC_SETXID 9 |
78 |
++ |
79 |
+ #define TIF_POLLING_NRFLAG 16 |
80 |
+ #define TIF_USING_IWMMXT 17 |
81 |
+ #define TIF_MEMDIE 18 |
82 |
+@@ -152,6 +158,10 @@ extern void vfp_sync_state(struct thread_info *thread); |
83 |
+ #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) |
84 |
+ #define _TIF_FREEZE (1 << TIF_FREEZE) |
85 |
+ #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) |
86 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
87 |
++ |
88 |
++/* Checks for any syscall work in entry-common.S */ |
89 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_GRSEC_SETXID) |
90 |
+ |
91 |
+ /* |
92 |
+ * Change these and you break ASM code in entry-common.S |
93 |
diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h |
94 |
index 1d6bd40..fba0cb9 100644 |
95 |
--- a/arch/arm/include/asm/uaccess.h |
96 |
@@ -1245,6 +1273,28 @@ index 0e62770..e2c2cd6 100644 |
97 |
EXPORT_SYMBOL(__clear_user); |
98 |
|
99 |
EXPORT_SYMBOL(__get_user_1); |
100 |
+diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S |
101 |
+index a6c66f5..bfdad39 100644 |
102 |
+--- a/arch/arm/kernel/entry-common.S |
103 |
++++ b/arch/arm/kernel/entry-common.S |
104 |
+@@ -77,7 +77,7 @@ ENTRY(ret_from_fork) |
105 |
+ get_thread_info tsk |
106 |
+ ldr r1, [tsk, #TI_FLAGS] @ check for syscall tracing |
107 |
+ mov why, #1 |
108 |
+- tst r1, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? |
109 |
++ tst r1, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
110 |
+ beq ret_slow_syscall |
111 |
+ mov r1, sp |
112 |
+ mov r0, #1 @ trace exit [IP = 1] |
113 |
+@@ -275,7 +275,7 @@ ENTRY(vector_swi) |
114 |
+ #endif |
115 |
+ |
116 |
+ stmdb sp!, {r4, r5} @ push fifth and sixth args |
117 |
+- tst ip, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? |
118 |
++ tst ip, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
119 |
+ bne __sys_trace |
120 |
+ |
121 |
+ cmp scno, #NR_syscalls @ check upper syscall limit |
122 |
diff --git a/arch/arm/kernel/kgdb.c b/arch/arm/kernel/kgdb.c |
123 |
index ba8ccfe..2dc34dc 100644 |
124 |
--- a/arch/arm/kernel/kgdb.c |
125 |
@@ -1296,6 +1346,30 @@ index 61f90d3..771ab27 100644 |
126 |
} |
127 |
|
128 |
void machine_restart(char *cmd) |
129 |
+diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c |
130 |
+index a2ea385..4783488 100644 |
131 |
+--- a/arch/arm/kernel/ptrace.c |
132 |
++++ b/arch/arm/kernel/ptrace.c |
133 |
+@@ -847,10 +847,19 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data) |
134 |
+ return ret; |
135 |
+ } |
136 |
+ |
137 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
138 |
++extern void gr_delayed_cred_worker(void); |
139 |
++#endif |
140 |
++ |
141 |
+ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) |
142 |
+ { |
143 |
+ unsigned long ip; |
144 |
+ |
145 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
146 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
147 |
++ gr_delayed_cred_worker(); |
148 |
++#endif |
149 |
++ |
150 |
+ if (!test_thread_flag(TIF_SYSCALL_TRACE)) |
151 |
+ return scno; |
152 |
+ if (!(current->ptrace & PT_PTRACED)) |
153 |
diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c |
154 |
index c6c57b6..0c3b29e 100644 |
155 |
--- a/arch/arm/kernel/setup.c |
156 |
@@ -2917,6 +2991,35 @@ index 83b5509..9fa24a23 100644 |
157 |
+#define arch_align_stack(x) ((x) & ~0xfUL) |
158 |
|
159 |
#endif /* _ASM_SYSTEM_H */ |
160 |
+diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h |
161 |
+index 845da21..f2a91b9 100644 |
162 |
+--- a/arch/mips/include/asm/thread_info.h |
163 |
++++ b/arch/mips/include/asm/thread_info.h |
164 |
+@@ -120,6 +120,8 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
165 |
+ #define TIF_32BIT_ADDR 23 /* 32-bit address space (o32/n32) */ |
166 |
+ #define TIF_FPUBOUND 24 /* thread bound to FPU-full CPU set */ |
167 |
+ #define TIF_LOAD_WATCH 25 /* If set, load watch registers */ |
168 |
++/* li takes a 32bit immediate */ |
169 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
170 |
+ #define TIF_SYSCALL_TRACE 31 /* syscall trace active */ |
171 |
+ |
172 |
+ #ifdef CONFIG_MIPS32_O32 |
173 |
+@@ -144,11 +146,14 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
174 |
+ #define _TIF_32BIT_ADDR (1<<TIF_32BIT_ADDR) |
175 |
+ #define _TIF_FPUBOUND (1<<TIF_FPUBOUND) |
176 |
+ #define _TIF_LOAD_WATCH (1<<TIF_LOAD_WATCH) |
177 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
178 |
++ |
179 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_GRSEC_SETXID) |
180 |
+ |
181 |
+ /* work to do on interrupt/exception return */ |
182 |
+ #define _TIF_WORK_MASK (0x0000ffef & ~_TIF_SECCOMP) |
183 |
+ /* work to do on any return to u-space */ |
184 |
+-#define _TIF_ALLWORK_MASK (0x8000ffff & ~_TIF_SECCOMP) |
185 |
++#define _TIF_ALLWORK_MASK ((0x8000ffff & ~_TIF_SECCOMP) | _TIF_GRSEC_SETXID) |
186 |
+ |
187 |
+ #endif /* __KERNEL__ */ |
188 |
+ |
189 |
diff --git a/arch/mips/kernel/binfmt_elfn32.c b/arch/mips/kernel/binfmt_elfn32.c |
190 |
index 9fdd8bc..fcf9d68 100644 |
191 |
--- a/arch/mips/kernel/binfmt_elfn32.c |
192 |
@@ -2953,6 +3056,19 @@ index ff44823..cf0b48a 100644 |
193 |
#include <asm/processor.h> |
194 |
|
195 |
/* |
196 |
+diff --git a/arch/mips/kernel/entry.S b/arch/mips/kernel/entry.S |
197 |
+index ffa3310..f8b1e06 100644 |
198 |
+--- a/arch/mips/kernel/entry.S |
199 |
++++ b/arch/mips/kernel/entry.S |
200 |
+@@ -167,7 +167,7 @@ work_notifysig: # deal with pending signals and |
201 |
+ FEXPORT(syscall_exit_work_partial) |
202 |
+ SAVE_STATIC |
203 |
+ syscall_exit_work: |
204 |
+- li t0, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
205 |
++ li t0, _TIF_SYSCALL_WORK |
206 |
+ and t0, a2 # a2 is preloaded with TI_FLAGS |
207 |
+ beqz t0, work_pending # trace bit set? |
208 |
+ local_irq_enable # could let do_syscall_trace() |
209 |
diff --git a/arch/mips/kernel/kgdb.c b/arch/mips/kernel/kgdb.c |
210 |
index 50c9bb8..efdd5f8 100644 |
211 |
--- a/arch/mips/kernel/kgdb.c |
212 |
@@ -2985,6 +3101,33 @@ index f3d73e1..bb3f57a 100644 |
213 |
- |
214 |
- return sp & ALMASK; |
215 |
-} |
216 |
+diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c |
217 |
+index 054861c..ddbbc7d 100644 |
218 |
+--- a/arch/mips/kernel/ptrace.c |
219 |
++++ b/arch/mips/kernel/ptrace.c |
220 |
+@@ -558,6 +558,10 @@ static inline int audit_arch(void) |
221 |
+ return arch; |
222 |
+ } |
223 |
+ |
224 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
225 |
++extern void gr_delayed_cred_worker(void); |
226 |
++#endif |
227 |
++ |
228 |
+ /* |
229 |
+ * Notification of system call entry/exit |
230 |
+ * - triggered by current->work.syscall_trace |
231 |
+@@ -568,6 +572,11 @@ asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) |
232 |
+ if (!entryexit) |
233 |
+ secure_computing(regs->regs[0]); |
234 |
+ |
235 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
236 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
237 |
++ gr_delayed_cred_worker(); |
238 |
++#endif |
239 |
++ |
240 |
+ if (unlikely(current->audit_context) && entryexit) |
241 |
+ audit_syscall_exit(AUDITSC_RESULT(regs->regs[2]), |
242 |
+ regs->regs[2]); |
243 |
diff --git a/arch/mips/kernel/reset.c b/arch/mips/kernel/reset.c |
244 |
index 060563a..7fbf310 100644 |
245 |
--- a/arch/mips/kernel/reset.c |
246 |
@@ -3020,6 +3163,58 @@ index 060563a..7fbf310 100644 |
247 |
pm_power_off(); |
248 |
+ BUG(); |
249 |
} |
250 |
+diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S |
251 |
+index fd2a9bb..73ecc89 100644 |
252 |
+--- a/arch/mips/kernel/scall32-o32.S |
253 |
++++ b/arch/mips/kernel/scall32-o32.S |
254 |
+@@ -52,7 +52,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
255 |
+ |
256 |
+ stack_done: |
257 |
+ lw t0, TI_FLAGS($28) # syscall tracing enabled? |
258 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
259 |
++ li t1, _TIF_SYSCALL_WORK |
260 |
+ and t0, t1 |
261 |
+ bnez t0, syscall_trace_entry # -> yes |
262 |
+ |
263 |
+diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S |
264 |
+index 18bf7f3..6659dde 100644 |
265 |
+--- a/arch/mips/kernel/scall64-64.S |
266 |
++++ b/arch/mips/kernel/scall64-64.S |
267 |
+@@ -54,7 +54,7 @@ NESTED(handle_sys64, PT_SIZE, sp) |
268 |
+ |
269 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
270 |
+ |
271 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
272 |
++ li t1, _TIF_SYSCALL_WORK |
273 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
274 |
+ and t0, t1, t0 |
275 |
+ bnez t0, syscall_trace_entry |
276 |
+diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S |
277 |
+index 6ebc079..a16f976 100644 |
278 |
+--- a/arch/mips/kernel/scall64-n32.S |
279 |
++++ b/arch/mips/kernel/scall64-n32.S |
280 |
+@@ -53,7 +53,7 @@ NESTED(handle_sysn32, PT_SIZE, sp) |
281 |
+ |
282 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
283 |
+ |
284 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
285 |
++ li t1, _TIF_SYSCALL_WORK |
286 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
287 |
+ and t0, t1, t0 |
288 |
+ bnez t0, n32_syscall_trace_entry |
289 |
+diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S |
290 |
+index 14dde4c..dc68acf 100644 |
291 |
+--- a/arch/mips/kernel/scall64-o32.S |
292 |
++++ b/arch/mips/kernel/scall64-o32.S |
293 |
+@@ -81,7 +81,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
294 |
+ PTR 4b, bad_stack |
295 |
+ .previous |
296 |
+ |
297 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
298 |
++ li t1, _TIF_SYSCALL_WORK |
299 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
300 |
+ and t0, t1, t0 |
301 |
+ bnez t0, trace_a_syscall |
302 |
diff --git a/arch/mips/kernel/syscall.c b/arch/mips/kernel/syscall.c |
303 |
index 3f7f466..3abe0b5 100644 |
304 |
--- a/arch/mips/kernel/syscall.c |
305 |
@@ -3893,6 +4088,33 @@ index 094a12a..877a60a 100644 |
306 |
|
307 |
/* Used in very early kernel initialization. */ |
308 |
extern unsigned long reloc_offset(void); |
309 |
+diff --git a/arch/powerpc/include/asm/thread_info.h b/arch/powerpc/include/asm/thread_info.h |
310 |
+index aa9d383..0380a05 100644 |
311 |
+--- a/arch/powerpc/include/asm/thread_info.h |
312 |
++++ b/arch/powerpc/include/asm/thread_info.h |
313 |
+@@ -110,7 +110,9 @@ static inline struct thread_info *current_thread_info(void) |
314 |
+ #define TIF_NOERROR 12 /* Force successful syscall return */ |
315 |
+ #define TIF_NOTIFY_RESUME 13 /* callback before returning to user */ |
316 |
+ #define TIF_FREEZE 14 /* Freezing for suspend */ |
317 |
+-#define TIF_RUNLATCH 15 /* Is the runlatch enabled? */ |
318 |
++/* mask must be expressable within 16 bits to satisfy 'andi' instruction reqs */ |
319 |
++#define TIF_GRSEC_SETXID 15 /* update credentials on syscall entry/exit */ |
320 |
++#define TIF_RUNLATCH 16 /* Is the runlatch enabled? */ |
321 |
+ |
322 |
+ /* as above, but as bit values */ |
323 |
+ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) |
324 |
+@@ -128,7 +130,10 @@ static inline struct thread_info *current_thread_info(void) |
325 |
+ #define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME) |
326 |
+ #define _TIF_FREEZE (1<<TIF_FREEZE) |
327 |
+ #define _TIF_RUNLATCH (1<<TIF_RUNLATCH) |
328 |
+-#define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SECCOMP) |
329 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
330 |
++ |
331 |
++#define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT| \ |
332 |
++ _TIF_SECCOMP|_TIF_GRSEC_SETXID) |
333 |
+ |
334 |
+ #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \ |
335 |
+ _TIF_NOTIFY_RESUME) |
336 |
diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h |
337 |
index bd0fb84..a42a14b 100644 |
338 |
--- a/arch/powerpc/include/asm/uaccess.h |
339 |
@@ -4422,7 +4644,7 @@ index 7b816da..8d5c277 100644 |
340 |
- return ret; |
341 |
-} |
342 |
diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c |
343 |
-index ef14988..856c4bc 100644 |
344 |
+index ef14988..8a37ddb 100644 |
345 |
--- a/arch/powerpc/kernel/ptrace.c |
346 |
+++ b/arch/powerpc/kernel/ptrace.c |
347 |
@@ -86,7 +86,7 @@ static int set_user_trap(struct task_struct *task, unsigned long trap) |
348 |
@@ -4443,6 +4665,41 @@ index ef14988..856c4bc 100644 |
349 |
} else { |
350 |
flush_fp_to_thread(child); |
351 |
tmp = ((unsigned long *)child->thread.fpr) |
352 |
+@@ -1033,6 +1033,10 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data) |
353 |
+ return ret; |
354 |
+ } |
355 |
+ |
356 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
357 |
++extern void gr_delayed_cred_worker(void); |
358 |
++#endif |
359 |
++ |
360 |
+ /* |
361 |
+ * We must return the syscall number to actually look up in the table. |
362 |
+ * This can be -1L to skip running any syscall at all. |
363 |
+@@ -1043,6 +1047,11 @@ long do_syscall_trace_enter(struct pt_regs *regs) |
364 |
+ |
365 |
+ secure_computing(regs->gpr[0]); |
366 |
+ |
367 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
368 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
369 |
++ gr_delayed_cred_worker(); |
370 |
++#endif |
371 |
++ |
372 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE) && |
373 |
+ tracehook_report_syscall_entry(regs)) |
374 |
+ /* |
375 |
+@@ -1076,6 +1085,11 @@ void do_syscall_trace_leave(struct pt_regs *regs) |
376 |
+ { |
377 |
+ int step; |
378 |
+ |
379 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
380 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
381 |
++ gr_delayed_cred_worker(); |
382 |
++#endif |
383 |
++ |
384 |
+ if (unlikely(current->audit_context)) |
385 |
+ audit_syscall_exit((regs->ccr&0x10000000)?AUDITSC_FAILURE:AUDITSC_SUCCESS, |
386 |
+ regs->result); |
387 |
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c |
388 |
index d670429..2bc59b2 100644 |
389 |
--- a/arch/powerpc/kernel/signal_32.c |
390 |
@@ -5951,7 +6208,7 @@ index 844d73a..f787fb9 100644 |
391 |
|
392 |
/* |
393 |
diff --git a/arch/sparc/include/asm/thread_info_64.h b/arch/sparc/include/asm/thread_info_64.h |
394 |
-index f78ad9a..9f55fc7 100644 |
395 |
+index f78ad9a..a3213ed 100644 |
396 |
--- a/arch/sparc/include/asm/thread_info_64.h |
397 |
+++ b/arch/sparc/include/asm/thread_info_64.h |
398 |
@@ -68,6 +68,8 @@ struct thread_info { |
399 |
@@ -5963,6 +6220,34 @@ index f78ad9a..9f55fc7 100644 |
400 |
unsigned long fpregs[0] __attribute__ ((aligned(64))); |
401 |
}; |
402 |
|
403 |
+@@ -227,6 +229,8 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
404 |
+ /* flag bit 8 is available */ |
405 |
+ #define TIF_SECCOMP 9 /* secure computing */ |
406 |
+ #define TIF_SYSCALL_AUDIT 10 /* syscall auditing active */ |
407 |
++#define TIF_GRSEC_SETXID 11 /* update credentials on syscall entry/exit */ |
408 |
++ |
409 |
+ /* NOTE: Thread flags >= 12 should be ones we have no interest |
410 |
+ * in using in assembly, else we can't use the mask as |
411 |
+ * an immediate value in instructions such as andcc. |
412 |
+@@ -247,12 +251,18 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
413 |
+ #define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT) |
414 |
+ #define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) |
415 |
+ #define _TIF_FREEZE (1<<TIF_FREEZE) |
416 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
417 |
+ |
418 |
+ #define _TIF_USER_WORK_MASK ((0xff << TI_FLAG_WSAVED_SHIFT) | \ |
419 |
+ _TIF_DO_NOTIFY_RESUME_MASK | \ |
420 |
+ _TIF_NEED_RESCHED | _TIF_PERFCTR) |
421 |
+ #define _TIF_DO_NOTIFY_RESUME_MASK (_TIF_NOTIFY_RESUME | _TIF_SIGPENDING) |
422 |
+ |
423 |
++#define _TIF_WORK_SYSCALL \ |
424 |
++ (_TIF_SYSCALL_TRACE | _TIF_SECCOMP | _TIF_SYSCALL_AUDIT | \ |
425 |
++ _TIF_GRSEC_SETXID) |
426 |
++ |
427 |
++ |
428 |
+ /* |
429 |
+ * Thread-synchronous status. |
430 |
+ * |
431 |
diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h |
432 |
index e88fbe5..96b0ce5 100644 |
433 |
--- a/arch/sparc/include/asm/uaccess.h |
434 |
@@ -6275,6 +6560,45 @@ index cb70476..3d0c191 100644 |
435 |
(void *) gp->tpc, |
436 |
(void *) gp->o7, |
437 |
(void *) gp->i7, |
438 |
+diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c |
439 |
+index 4ae91dc..c2e705e 100644 |
440 |
+--- a/arch/sparc/kernel/ptrace_64.c |
441 |
++++ b/arch/sparc/kernel/ptrace_64.c |
442 |
+@@ -1049,6 +1049,10 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data) |
443 |
+ return ret; |
444 |
+ } |
445 |
+ |
446 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
447 |
++extern void gr_delayed_cred_worker(void); |
448 |
++#endif |
449 |
++ |
450 |
+ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
451 |
+ { |
452 |
+ int ret = 0; |
453 |
+@@ -1056,6 +1060,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
454 |
+ /* do the secure computing check first */ |
455 |
+ secure_computing(regs->u_regs[UREG_G1]); |
456 |
+ |
457 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
458 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
459 |
++ gr_delayed_cred_worker(); |
460 |
++#endif |
461 |
++ |
462 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE)) |
463 |
+ ret = tracehook_report_syscall_entry(regs); |
464 |
+ |
465 |
+@@ -1074,6 +1083,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
466 |
+ |
467 |
+ asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
468 |
+ { |
469 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
470 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
471 |
++ gr_delayed_cred_worker(); |
472 |
++#endif |
473 |
++ |
474 |
+ if (unlikely(current->audit_context)) { |
475 |
+ unsigned long tstate = regs->tstate; |
476 |
+ int result = AUDITSC_SUCCESS; |
477 |
diff --git a/arch/sparc/kernel/rtrap_64.S b/arch/sparc/kernel/rtrap_64.S |
478 |
index fd3cee4..cc4b1ff 100644 |
479 |
--- a/arch/sparc/kernel/rtrap_64.S |
480 |
@@ -6486,6 +6810,55 @@ index cfa0e19..98972ac 100644 |
481 |
mm->get_unmapped_area = arch_get_unmapped_area_topdown; |
482 |
mm->unmap_area = arch_unmap_area_topdown; |
483 |
} |
484 |
+diff --git a/arch/sparc/kernel/syscalls.S b/arch/sparc/kernel/syscalls.S |
485 |
+index d150c2a..bffda9d 100644 |
486 |
+--- a/arch/sparc/kernel/syscalls.S |
487 |
++++ b/arch/sparc/kernel/syscalls.S |
488 |
+@@ -62,7 +62,7 @@ sys32_rt_sigreturn: |
489 |
+ #endif |
490 |
+ .align 32 |
491 |
+ 1: ldx [%g6 + TI_FLAGS], %l5 |
492 |
+- andcc %l5, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 |
493 |
++ andcc %l5, _TIF_WORK_SYSCALL, %g0 |
494 |
+ be,pt %icc, rtrap |
495 |
+ nop |
496 |
+ call syscall_trace_leave |
497 |
+@@ -198,7 +198,7 @@ linux_sparc_syscall32: |
498 |
+ |
499 |
+ srl %i5, 0, %o5 ! IEU1 |
500 |
+ srl %i2, 0, %o2 ! IEU0 Group |
501 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 |
502 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
503 |
+ bne,pn %icc, linux_syscall_trace32 ! CTI |
504 |
+ mov %i0, %l5 ! IEU1 |
505 |
+ call %l7 ! CTI Group brk forced |
506 |
+@@ -221,7 +221,7 @@ linux_sparc_syscall: |
507 |
+ |
508 |
+ mov %i3, %o3 ! IEU1 |
509 |
+ mov %i4, %o4 ! IEU0 Group |
510 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 |
511 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
512 |
+ bne,pn %icc, linux_syscall_trace ! CTI Group |
513 |
+ mov %i0, %l5 ! IEU0 |
514 |
+ 2: call %l7 ! CTI Group brk forced |
515 |
+@@ -245,7 +245,7 @@ ret_sys_call: |
516 |
+ |
517 |
+ cmp %o0, -ERESTART_RESTARTBLOCK |
518 |
+ bgeu,pn %xcc, 1f |
519 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 |
520 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
521 |
+ 80: |
522 |
+ /* System call success, clear Carry condition code. */ |
523 |
+ andn %g3, %g2, %g3 |
524 |
+@@ -260,7 +260,7 @@ ret_sys_call: |
525 |
+ /* System call failure, set Carry condition code. |
526 |
+ * Also, get abs(errno) to return to the process. |
527 |
+ */ |
528 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 |
529 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
530 |
+ sub %g0, %o0, %o0 |
531 |
+ or %g3, %g2, %g3 |
532 |
+ stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] |
533 |
diff --git a/arch/sparc/kernel/traps_32.c b/arch/sparc/kernel/traps_32.c |
534 |
index c0490c7..84959d1 100644 |
535 |
--- a/arch/sparc/kernel/traps_32.c |
536 |
@@ -13413,7 +13786,7 @@ index e0fbf29..858ef4a 100644 |
537 |
/* |
538 |
* Force strict CPU ordering. |
539 |
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h |
540 |
-index 19c3ce4..8962535 100644 |
541 |
+index 19c3ce4..4ad5ba4 100644 |
542 |
--- a/arch/x86/include/asm/thread_info.h |
543 |
+++ b/arch/x86/include/asm/thread_info.h |
544 |
@@ -10,6 +10,7 @@ |
545 |
@@ -13462,7 +13835,45 @@ index 19c3ce4..8962535 100644 |
546 |
#define init_stack (init_thread_union.stack) |
547 |
|
548 |
#else /* !__ASSEMBLY__ */ |
549 |
-@@ -163,45 +157,40 @@ struct thread_info { |
550 |
+@@ -95,6 +89,7 @@ struct thread_info { |
551 |
+ #define TIF_DS_AREA_MSR 26 /* uses thread_struct.ds_area_msr */ |
552 |
+ #define TIF_LAZY_MMU_UPDATES 27 /* task is updating the mmu lazily */ |
553 |
+ #define TIF_SYSCALL_TRACEPOINT 28 /* syscall tracepoint instrumentation */ |
554 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
555 |
+ |
556 |
+ #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) |
557 |
+ #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) |
558 |
+@@ -117,16 +112,17 @@ struct thread_info { |
559 |
+ #define _TIF_DS_AREA_MSR (1 << TIF_DS_AREA_MSR) |
560 |
+ #define _TIF_LAZY_MMU_UPDATES (1 << TIF_LAZY_MMU_UPDATES) |
561 |
+ #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) |
562 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
563 |
+ |
564 |
+ /* work to do in syscall_trace_enter() */ |
565 |
+ #define _TIF_WORK_SYSCALL_ENTRY \ |
566 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_EMU | _TIF_SYSCALL_AUDIT | \ |
567 |
+- _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT) |
568 |
++ _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
569 |
+ |
570 |
+ /* work to do in syscall_trace_leave() */ |
571 |
+ #define _TIF_WORK_SYSCALL_EXIT \ |
572 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_SINGLESTEP | \ |
573 |
+- _TIF_SYSCALL_TRACEPOINT) |
574 |
++ _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
575 |
+ |
576 |
+ /* work to do on interrupt/exception return */ |
577 |
+ #define _TIF_WORK_MASK \ |
578 |
+@@ -136,7 +132,8 @@ struct thread_info { |
579 |
+ |
580 |
+ /* work to do on any return to user space */ |
581 |
+ #define _TIF_ALLWORK_MASK \ |
582 |
+- ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT) |
583 |
++ ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT | \ |
584 |
++ _TIF_GRSEC_SETXID) |
585 |
+ |
586 |
+ /* Only used for 64 bit */ |
587 |
+ #define _TIF_DO_NOTIFY_MASK \ |
588 |
+@@ -163,45 +160,40 @@ struct thread_info { |
589 |
#define alloc_thread_info(tsk) \ |
590 |
((struct thread_info *)__get_free_pages(THREAD_FLAGS, THREAD_ORDER)) |
591 |
|
592 |
@@ -13533,7 +13944,7 @@ index 19c3ce4..8962535 100644 |
593 |
/* |
594 |
* macros/functions for gaining access to the thread information structure |
595 |
* preempt_count needs to be 1 initially, until the scheduler is functional. |
596 |
-@@ -209,21 +198,8 @@ static inline struct thread_info *current_thread_info(void) |
597 |
+@@ -209,21 +201,8 @@ static inline struct thread_info *current_thread_info(void) |
598 |
#ifndef __ASSEMBLY__ |
599 |
DECLARE_PER_CPU(unsigned long, kernel_stack); |
600 |
|
601 |
@@ -13557,7 +13968,7 @@ index 19c3ce4..8962535 100644 |
602 |
#endif |
603 |
|
604 |
#endif /* !X86_32 */ |
605 |
-@@ -260,5 +236,16 @@ extern void arch_task_cache_init(void); |
606 |
+@@ -260,5 +239,16 @@ extern void arch_task_cache_init(void); |
607 |
extern void free_thread_info(struct thread_info *ti); |
608 |
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); |
609 |
#define arch_task_cache_init arch_task_cache_init |
610 |
@@ -16397,7 +16808,7 @@ index 4c07cca..2c8427d 100644 |
611 |
ret |
612 |
ENDPROC(efi_call6) |
613 |
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S |
614 |
-index c097e7d..91be126 100644 |
615 |
+index c097e7d..853746c 100644 |
616 |
--- a/arch/x86/kernel/entry_32.S |
617 |
+++ b/arch/x86/kernel/entry_32.S |
618 |
@@ -95,12 +95,6 @@ |
619 |
@@ -16618,7 +17029,7 @@ index c097e7d..91be126 100644 |
620 |
+#ifdef CONFIG_PAX_KERNEXEC |
621 |
+ jae resume_userspace |
622 |
+ |
623 |
-+ PAX_EXIT_KERNEL |
624 |
++ pax_exit_kernel |
625 |
+ jmp resume_kernel |
626 |
+#else |
627 |
jb resume_kernel # not returning to v8086 or userspace |
628 |
@@ -20524,7 +20935,7 @@ index 39493bc..196816d 100644 |
629 |
ip = *(u64 *)(fp+8); |
630 |
if (!in_sched_functions(ip)) |
631 |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c |
632 |
-index c06acdd..09de221 100644 |
633 |
+index c06acdd..e7dffe1 100644 |
634 |
--- a/arch/x86/kernel/ptrace.c |
635 |
+++ b/arch/x86/kernel/ptrace.c |
636 |
@@ -559,6 +559,10 @@ static int ioperm_active(struct task_struct *target, |
637 |
@@ -20606,7 +21017,15 @@ index c06acdd..09de221 100644 |
638 |
|
639 |
/* Send us the fake SIGTRAP */ |
640 |
force_sig_info(SIGTRAP, &info, tsk); |
641 |
-@@ -1469,7 +1473,7 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs, |
642 |
+@@ -1465,14 +1469,23 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs, |
643 |
+ # define IS_IA32 0 |
644 |
+ #endif |
645 |
+ |
646 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
647 |
++extern void gr_delayed_cred_worker(void); |
648 |
++#endif |
649 |
++ |
650 |
+ /* |
651 |
* We must return the syscall number to actually look up in the table. |
652 |
* This can be -1L to skip running any syscall at all. |
653 |
*/ |
654 |
@@ -20615,15 +21034,29 @@ index c06acdd..09de221 100644 |
655 |
{ |
656 |
long ret = 0; |
657 |
|
658 |
-@@ -1514,7 +1518,7 @@ asmregparm long syscall_trace_enter(struct pt_regs *regs) |
659 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
660 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
661 |
++ gr_delayed_cred_worker(); |
662 |
++#endif |
663 |
++ |
664 |
+ /* |
665 |
+ * If we stepped into a sysenter/syscall insn, it trapped in |
666 |
+ * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP. |
667 |
+@@ -1514,8 +1527,13 @@ asmregparm long syscall_trace_enter(struct pt_regs *regs) |
668 |
return ret ?: regs->orig_ax; |
669 |
} |
670 |
|
671 |
-asmregparm void syscall_trace_leave(struct pt_regs *regs) |
672 |
+void syscall_trace_leave(struct pt_regs *regs) |
673 |
{ |
674 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
675 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
676 |
++ gr_delayed_cred_worker(); |
677 |
++#endif |
678 |
++ |
679 |
if (unlikely(current->audit_context)) |
680 |
audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax); |
681 |
+ |
682 |
diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c |
683 |
index cf98100..e76e03d 100644 |
684 |
--- a/arch/x86/kernel/reboot.c |
685 |
@@ -26424,7 +26857,7 @@ index 63a6ba6..79abd7a 100644 |
686 |
return (void *)vaddr; |
687 |
} |
688 |
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
689 |
-index f46c3407..6ff9a26 100644 |
690 |
+index f46c3407..f7e72b0 100644 |
691 |
--- a/arch/x86/mm/hugetlbpage.c |
692 |
+++ b/arch/x86/mm/hugetlbpage.c |
693 |
@@ -267,13 +267,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
694 |
@@ -26500,7 +26933,7 @@ index f46c3407..6ff9a26 100644 |
695 |
|
696 |
/* don't allow allocations above current base */ |
697 |
if (mm->free_area_cache > base) |
698 |
-@@ -322,64 +329,63 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
699 |
+@@ -322,64 +329,68 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
700 |
largest_hole = 0; |
701 |
mm->free_area_cache = base; |
702 |
} |
703 |
@@ -26515,15 +26948,16 @@ index f46c3407..6ff9a26 100644 |
704 |
+ addr = (mm->free_area_cache - len); |
705 |
do { |
706 |
+ addr &= huge_page_mask(h); |
707 |
-+ vma = find_vma(mm, addr); |
708 |
/* |
709 |
* Lookup failure means no vma is above this address, |
710 |
* i.e. return with success: |
711 |
-- */ |
712 |
+ */ |
713 |
- if (!(vma = find_vma_prev(mm, addr, &prev_vma))) |
714 |
-- return addr; |
715 |
-- |
716 |
-- /* |
717 |
++ vma = find_vma(mm, addr); |
718 |
++ if (!vma) |
719 |
+ return addr; |
720 |
+ |
721 |
+ /* |
722 |
* new region fits between prev_vma->vm_end and |
723 |
* vma->vm_start, use it: |
724 |
*/ |
725 |
@@ -26595,7 +27029,7 @@ index f46c3407..6ff9a26 100644 |
726 |
mm->cached_hole_size = ~0UL; |
727 |
addr = hugetlb_get_unmapped_area_bottomup(file, addr0, |
728 |
len, pgoff, flags); |
729 |
-@@ -387,6 +393,7 @@ fail: |
730 |
+@@ -387,6 +398,7 @@ fail: |
731 |
/* |
732 |
* Restore the topdown base: |
733 |
*/ |
734 |
@@ -26603,7 +27037,7 @@ index f46c3407..6ff9a26 100644 |
735 |
mm->free_area_cache = base; |
736 |
mm->cached_hole_size = ~0UL; |
737 |
|
738 |
-@@ -400,10 +407,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
739 |
+@@ -400,10 +412,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
740 |
struct hstate *h = hstate_file(file); |
741 |
struct mm_struct *mm = current->mm; |
742 |
struct vm_area_struct *vma; |
743 |
@@ -26624,7 +27058,7 @@ index f46c3407..6ff9a26 100644 |
744 |
return -ENOMEM; |
745 |
|
746 |
if (flags & MAP_FIXED) { |
747 |
-@@ -415,8 +431,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
748 |
+@@ -415,8 +436,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
749 |
if (addr) { |
750 |
addr = ALIGN(addr, huge_page_size(h)); |
751 |
vma = find_vma(mm, addr); |
752 |
@@ -27083,7 +27517,7 @@ index 30938c1..bda3d5d 100644 |
753 |
printk(KERN_INFO "Write protecting the kernel text: %luk\n", |
754 |
size >> 10); |
755 |
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c |
756 |
-index 7d095ad..acf1be9 100644 |
757 |
+index 7d095ad..f833fa2 100644 |
758 |
--- a/arch/x86/mm/init_64.c |
759 |
+++ b/arch/x86/mm/init_64.c |
760 |
@@ -123,7 +123,7 @@ static pud_t *fill_pud(pgd_t *pgd, unsigned long vaddr) |
761 |
@@ -27131,6 +27565,15 @@ index 7d095ad..acf1be9 100644 |
762 |
} |
763 |
pmd = pmd_offset(pud, phys); |
764 |
BUG_ON(!pmd_none(*pmd)); |
765 |
+@@ -507,7 +507,7 @@ phys_pud_init(pud_t *pud_page, unsigned long addr, unsigned long end, |
766 |
+ unmap_low_page(pmd); |
767 |
+ |
768 |
+ spin_lock(&init_mm.page_table_lock); |
769 |
+- pud_populate(&init_mm, pud, __va(pmd_phys)); |
770 |
++ pud_populate_kernel(&init_mm, pud, __va(pmd_phys)); |
771 |
+ spin_unlock(&init_mm.page_table_lock); |
772 |
+ } |
773 |
+ __flush_tlb_all(); |
774 |
@@ -560,7 +560,7 @@ kernel_physical_mapping_init(unsigned long start, |
775 |
unmap_low_page(pud); |
776 |
|
777 |
@@ -74487,10 +74930,10 @@ index 8f32f50..b6a41e8 100644 |
778 |
link[pathlen] = '\0'; |
779 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
780 |
new file mode 100644 |
781 |
-index 0000000..50819f8 |
782 |
+index 0000000..5be91c0 |
783 |
--- /dev/null |
784 |
+++ b/grsecurity/Kconfig |
785 |
-@@ -0,0 +1,1077 @@ |
786 |
+@@ -0,0 +1,1078 @@ |
787 |
+# |
788 |
+# grecurity configuration |
789 |
+# |
790 |
@@ -74625,7 +75068,7 @@ index 0000000..50819f8 |
791 |
+ select GRKERNSEC_PROC_ADD |
792 |
+ select GRKERNSEC_CHROOT_CHMOD |
793 |
+ select GRKERNSEC_CHROOT_NICE |
794 |
-+ select GRKERNSEC_SETXID |
795 |
++ select GRKERNSEC_SETXID if (X86 || SPARC64 || PPC || ARM || MIPS) |
796 |
+ select GRKERNSEC_AUDIT_MOUNT |
797 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
798 |
+ select GRKERNSEC_HARDEN_PTRACE |
799 |
@@ -75319,6 +75762,7 @@ index 0000000..50819f8 |
800 |
+ |
801 |
+config GRKERNSEC_SETXID |
802 |
+ bool "Enforce consistent multithreaded privileges" |
803 |
++ depends on (X86 || SPARC64 || PPC || ARM || MIPS) |
804 |
+ help |
805 |
+ If you say Y here, a change from a root uid to a non-root uid |
806 |
+ in a multithreaded application will cause the resulting uids, |
807 |
@@ -75614,10 +76058,10 @@ index 0000000..1b9afa9 |
808 |
+endif |
809 |
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c |
810 |
new file mode 100644 |
811 |
-index 0000000..67b34b9 |
812 |
+index 0000000..c475143 |
813 |
--- /dev/null |
814 |
+++ b/grsecurity/gracl.c |
815 |
-@@ -0,0 +1,4169 @@ |
816 |
+@@ -0,0 +1,4171 @@ |
817 |
+#include <linux/kernel.h> |
818 |
+#include <linux/module.h> |
819 |
+#include <linux/sched.h> |
820 |
@@ -79454,20 +79898,22 @@ index 0000000..67b34b9 |
821 |
+ return 0; |
822 |
+#endif |
823 |
+ |
824 |
-+ read_lock(&tasklist_lock); |
825 |
-+ while (tmp->pid > 0) { |
826 |
-+ if (tmp == curtemp) |
827 |
-+ break; |
828 |
-+ tmp = tmp->real_parent; |
829 |
-+ } |
830 |
++ if (request == PTRACE_ATTACH) { |
831 |
++ read_lock(&tasklist_lock); |
832 |
++ while (tmp->pid > 0) { |
833 |
++ if (tmp == curtemp) |
834 |
++ break; |
835 |
++ tmp = tmp->real_parent; |
836 |
++ } |
837 |
+ |
838 |
-+ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
839 |
-+ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
840 |
++ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
841 |
++ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
842 |
++ read_unlock(&tasklist_lock); |
843 |
++ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
844 |
++ return 1; |
845 |
++ } |
846 |
+ read_unlock(&tasklist_lock); |
847 |
-+ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
848 |
-+ return 1; |
849 |
+ } |
850 |
-+ read_unlock(&tasklist_lock); |
851 |
+ |
852 |
+#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE |
853 |
+ if (!(gr_status & GR_READY)) |
854 |
@@ -91553,7 +91999,7 @@ index 3f2f04f..4e53ded 100644 |
855 |
/* If set, cpu_up and cpu_down will return -EBUSY and do nothing. |
856 |
* Should always be manipulated under cpu_add_remove_lock |
857 |
diff --git a/kernel/cred.c b/kernel/cred.c |
858 |
-index 0b5b5fc..3fe945c 100644 |
859 |
+index 0b5b5fc..f20c6b9 100644 |
860 |
--- a/kernel/cred.c |
861 |
+++ b/kernel/cred.c |
862 |
@@ -160,6 +160,8 @@ static void put_cred_rcu(struct rcu_head *rcu) |
863 |
@@ -91676,7 +92122,7 @@ index 0b5b5fc..3fe945c 100644 |
864 |
*/ |
865 |
alter_cred_subscribers(new, 2); |
866 |
if (new->user != old->user) |
867 |
-@@ -595,8 +622,96 @@ int commit_creds(struct cred *new) |
868 |
+@@ -595,8 +622,105 @@ int commit_creds(struct cred *new) |
869 |
put_cred(old); |
870 |
return 0; |
871 |
} |
872 |
@@ -91743,6 +92189,8 @@ index 0b5b5fc..3fe945c 100644 |
873 |
+int commit_creds(struct cred *new) |
874 |
+{ |
875 |
+#ifdef CONFIG_GRKERNSEC_SETXID |
876 |
++ int ret; |
877 |
++ int schedule_it = 0; |
878 |
+ struct task_struct *t; |
879 |
+ |
880 |
+ /* we won't get called with tasklist_lock held for writing |
881 |
@@ -91751,20 +92199,27 @@ index 0b5b5fc..3fe945c 100644 |
882 |
+ */ |
883 |
+ if (grsec_enable_setxid && !current_is_single_threaded() && |
884 |
+ !current_uid() && new->uid) { |
885 |
++ schedule_it = 1; |
886 |
++ } |
887 |
++ ret = __commit_creds(new); |
888 |
++ if (schedule_it) { |
889 |
+ rcu_read_lock(); |
890 |
+ read_lock(&tasklist_lock); |
891 |
+ for (t = next_thread(current); t != current; |
892 |
+ t = next_thread(t)) { |
893 |
+ if (t->delayed_cred == NULL) { |
894 |
+ t->delayed_cred = get_cred(new); |
895 |
++ set_tsk_thread_flag(t, TIF_GRSEC_SETXID); |
896 |
+ set_tsk_need_resched(t); |
897 |
+ } |
898 |
+ } |
899 |
+ read_unlock(&tasklist_lock); |
900 |
+ rcu_read_unlock(); |
901 |
+ } |
902 |
-+#endif |
903 |
++ return ret; |
904 |
++#else |
905 |
+ return __commit_creds(new); |
906 |
++#endif |
907 |
+} |
908 |
+ |
909 |
EXPORT_SYMBOL(commit_creds); |
910 |
@@ -91773,7 +92228,7 @@ index 0b5b5fc..3fe945c 100644 |
911 |
/** |
912 |
* abort_creds - Discard a set of credentials and unlock the current task |
913 |
* @new: The credentials that were going to be applied |
914 |
-@@ -606,6 +721,8 @@ EXPORT_SYMBOL(commit_creds); |
915 |
+@@ -606,6 +730,8 @@ EXPORT_SYMBOL(commit_creds); |
916 |
*/ |
917 |
void abort_creds(struct cred *new) |
918 |
{ |
919 |
@@ -91782,7 +92237,7 @@ index 0b5b5fc..3fe945c 100644 |
920 |
kdebug("abort_creds(%p{%d,%d})", new, |
921 |
atomic_read(&new->usage), |
922 |
read_cred_subscribers(new)); |
923 |
-@@ -629,6 +746,8 @@ const struct cred *override_creds(const struct cred *new) |
924 |
+@@ -629,6 +755,8 @@ const struct cred *override_creds(const struct cred *new) |
925 |
{ |
926 |
const struct cred *old = current->cred; |
927 |
|
928 |
@@ -91791,7 +92246,7 @@ index 0b5b5fc..3fe945c 100644 |
929 |
kdebug("override_creds(%p{%d,%d})", new, |
930 |
atomic_read(&new->usage), |
931 |
read_cred_subscribers(new)); |
932 |
-@@ -658,6 +777,8 @@ void revert_creds(const struct cred *old) |
933 |
+@@ -658,6 +786,8 @@ void revert_creds(const struct cred *old) |
934 |
{ |
935 |
const struct cred *override = current->cred; |
936 |
|
937 |
@@ -91800,7 +92255,7 @@ index 0b5b5fc..3fe945c 100644 |
938 |
kdebug("revert_creds(%p{%d,%d})", old, |
939 |
atomic_read(&old->usage), |
940 |
read_cred_subscribers(old)); |
941 |
-@@ -704,6 +825,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
942 |
+@@ -704,6 +834,8 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) |
943 |
const struct cred *old; |
944 |
struct cred *new; |
945 |
|
946 |
@@ -91809,7 +92264,7 @@ index 0b5b5fc..3fe945c 100644 |
947 |
new = kmem_cache_alloc(cred_jar, GFP_KERNEL); |
948 |
if (!new) |
949 |
return NULL; |
950 |
-@@ -758,6 +881,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
951 |
+@@ -758,6 +890,8 @@ EXPORT_SYMBOL(prepare_kernel_cred); |
952 |
*/ |
953 |
int set_security_override(struct cred *new, u32 secid) |
954 |
{ |
955 |
@@ -91818,7 +92273,7 @@ index 0b5b5fc..3fe945c 100644 |
956 |
return security_kernel_act_as(new, secid); |
957 |
} |
958 |
EXPORT_SYMBOL(set_security_override); |
959 |
-@@ -777,6 +902,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
960 |
+@@ -777,6 +911,8 @@ int set_security_override_from_ctx(struct cred *new, const char *secctx) |
961 |
u32 secid; |
962 |
int ret; |
963 |
|
964 |
@@ -94871,7 +95326,7 @@ index 29bd4ba..8c5de90 100644 |
965 |
WARN_ON(pendowner->pi_blocked_on->lock != lock); |
966 |
|
967 |
diff --git a/kernel/sched.c b/kernel/sched.c |
968 |
-index 0591df8..e3af3a4 100644 |
969 |
+index 0591df8..db35e3d 100644 |
970 |
--- a/kernel/sched.c |
971 |
+++ b/kernel/sched.c |
972 |
@@ -5043,7 +5043,7 @@ out: |
973 |
@@ -94883,27 +95338,7 @@ index 0591df8..e3af3a4 100644 |
974 |
{ |
975 |
int this_cpu = smp_processor_id(); |
976 |
struct rq *this_rq = cpu_rq(this_cpu); |
977 |
-@@ -5690,6 +5690,19 @@ pick_next_task(struct rq *rq) |
978 |
- } |
979 |
- } |
980 |
- |
981 |
-+#ifdef CONFIG_GRKERNSEC_SETXID |
982 |
-+extern void gr_delayed_cred_worker(void); |
983 |
-+static inline void gr_cred_schedule(void) |
984 |
-+{ |
985 |
-+ if (unlikely(current->delayed_cred)) |
986 |
-+ gr_delayed_cred_worker(); |
987 |
-+} |
988 |
-+#else |
989 |
-+static inline void gr_cred_schedule(void) |
990 |
-+{ |
991 |
-+} |
992 |
-+#endif |
993 |
-+ |
994 |
- /* |
995 |
- * schedule() is the main scheduler function. |
996 |
- */ |
997 |
-@@ -5700,6 +5713,8 @@ asmlinkage void __sched schedule(void) |
998 |
+@@ -5700,6 +5700,8 @@ asmlinkage void __sched schedule(void) |
999 |
struct rq *rq; |
1000 |
int cpu; |
1001 |
|
1002 |
@@ -94912,16 +95347,7 @@ index 0591df8..e3af3a4 100644 |
1003 |
need_resched: |
1004 |
preempt_disable(); |
1005 |
cpu = smp_processor_id(); |
1006 |
-@@ -5713,6 +5728,8 @@ need_resched_nonpreemptible: |
1007 |
- |
1008 |
- schedule_debug(prev); |
1009 |
- |
1010 |
-+ gr_cred_schedule(); |
1011 |
-+ |
1012 |
- if (sched_feat(HRTICK)) |
1013 |
- hrtick_clear(rq); |
1014 |
- |
1015 |
-@@ -5770,7 +5787,7 @@ EXPORT_SYMBOL(schedule); |
1016 |
+@@ -5770,7 +5772,7 @@ EXPORT_SYMBOL(schedule); |
1017 |
* Look out! "owner" is an entirely speculative pointer |
1018 |
* access and not reliable. |
1019 |
*/ |
1020 |
@@ -94930,7 +95356,7 @@ index 0591df8..e3af3a4 100644 |
1021 |
{ |
1022 |
unsigned int cpu; |
1023 |
struct rq *rq; |
1024 |
-@@ -5784,10 +5801,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1025 |
+@@ -5784,10 +5786,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1026 |
* DEBUG_PAGEALLOC could have unmapped it if |
1027 |
* the mutex owner just released it and exited. |
1028 |
*/ |
1029 |
@@ -94943,7 +95369,7 @@ index 0591df8..e3af3a4 100644 |
1030 |
#endif |
1031 |
|
1032 |
/* |
1033 |
-@@ -5816,7 +5833,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1034 |
+@@ -5816,7 +5818,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
1035 |
/* |
1036 |
* Is that owner really running on that cpu? |
1037 |
*/ |
1038 |
@@ -94952,7 +95378,7 @@ index 0591df8..e3af3a4 100644 |
1039 |
return 0; |
1040 |
|
1041 |
cpu_relax(); |
1042 |
-@@ -6359,6 +6376,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1043 |
+@@ -6359,6 +6361,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1044 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
1045 |
int nice_rlim = 20 - nice; |
1046 |
|
1047 |
@@ -94961,7 +95387,7 @@ index 0591df8..e3af3a4 100644 |
1048 |
return (nice_rlim <= p->signal->rlim[RLIMIT_NICE].rlim_cur || |
1049 |
capable(CAP_SYS_NICE)); |
1050 |
} |
1051 |
-@@ -6392,7 +6411,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1052 |
+@@ -6392,7 +6396,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1053 |
if (nice > 19) |
1054 |
nice = 19; |
1055 |
|
1056 |
@@ -94971,7 +95397,7 @@ index 0591df8..e3af3a4 100644 |
1057 |
return -EPERM; |
1058 |
|
1059 |
retval = security_task_setnice(current, nice); |
1060 |
-@@ -8774,7 +8794,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
1061 |
+@@ -8774,7 +8779,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
1062 |
long power; |
1063 |
int weight; |
1064 |
|
1065 |
@@ -96268,6 +96694,28 @@ index d102559..4215f31 100644 |
1066 |
#define free(a) kfree(a) |
1067 |
#endif |
1068 |
|
1069 |
+diff --git a/lib/ioremap.c b/lib/ioremap.c |
1070 |
+index 14c6078..65526a1 100644 |
1071 |
+--- a/lib/ioremap.c |
1072 |
++++ b/lib/ioremap.c |
1073 |
+@@ -37,7 +37,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, |
1074 |
+ unsigned long next; |
1075 |
+ |
1076 |
+ phys_addr -= addr; |
1077 |
+- pmd = pmd_alloc(&init_mm, pud, addr); |
1078 |
++ pmd = pmd_alloc_kernel(&init_mm, pud, addr); |
1079 |
+ if (!pmd) |
1080 |
+ return -ENOMEM; |
1081 |
+ do { |
1082 |
+@@ -55,7 +55,7 @@ static inline int ioremap_pud_range(pgd_t *pgd, unsigned long addr, |
1083 |
+ unsigned long next; |
1084 |
+ |
1085 |
+ phys_addr -= addr; |
1086 |
+- pud = pud_alloc(&init_mm, pgd, addr); |
1087 |
++ pud = pud_alloc_kernel(&init_mm, pgd, addr); |
1088 |
+ if (!pud) |
1089 |
+ return -ENOMEM; |
1090 |
+ do { |
1091 |
diff --git a/lib/is_single_threaded.c b/lib/is_single_threaded.c |
1092 |
index bd2bea9..6b3c95e 100644 |
1093 |
--- a/lib/is_single_threaded.c |
1094 |
@@ -96853,7 +97301,7 @@ index 8aeba53..b4a4198 100644 |
1095 |
/* |
1096 |
* We need/can do nothing about count=0 pages. |
1097 |
diff --git a/mm/memory.c b/mm/memory.c |
1098 |
-index 6c836d3..693224d 100644 |
1099 |
+index 6c836d3..b2296e1 100644 |
1100 |
--- a/mm/memory.c |
1101 |
+++ b/mm/memory.c |
1102 |
@@ -187,8 +187,12 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, |
1103 |
@@ -96955,7 +97403,29 @@ index 6c836d3..693224d 100644 |
1104 |
|
1105 |
if (addr < vma->vm_start || addr >= vma->vm_end) |
1106 |
return -EFAULT; |
1107 |
-@@ -1977,6 +2001,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
1108 |
+@@ -1855,7 +1879,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
1109 |
+ |
1110 |
+ BUG_ON(pud_huge(*pud)); |
1111 |
+ |
1112 |
+- pmd = pmd_alloc(mm, pud, addr); |
1113 |
++ pmd = (mm == &init_mm) ? |
1114 |
++ pmd_alloc_kernel(mm, pud, addr) : |
1115 |
++ pmd_alloc(mm, pud, addr); |
1116 |
+ if (!pmd) |
1117 |
+ return -ENOMEM; |
1118 |
+ do { |
1119 |
+@@ -1875,7 +1901,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
1120 |
+ unsigned long next; |
1121 |
+ int err; |
1122 |
+ |
1123 |
+- pud = pud_alloc(mm, pgd, addr); |
1124 |
++ pud = (mm == &init_mm) ? |
1125 |
++ pud_alloc_kernel(mm, pgd, addr) : |
1126 |
++ pud_alloc(mm, pgd, addr); |
1127 |
+ if (!pud) |
1128 |
+ return -ENOMEM; |
1129 |
+ do { |
1130 |
+@@ -1977,6 +2005,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
1131 |
copy_user_highpage(dst, src, va, vma); |
1132 |
} |
1133 |
|
1134 |
@@ -97142,7 +97612,7 @@ index 6c836d3..693224d 100644 |
1135 |
/* |
1136 |
* This routine handles present pages, when users try to write |
1137 |
* to a shared page. It is done by copying the page to a new address |
1138 |
-@@ -2156,6 +2360,12 @@ gotten: |
1139 |
+@@ -2156,6 +2364,12 @@ gotten: |
1140 |
*/ |
1141 |
page_table = pte_offset_map_lock(mm, pmd, address, &ptl); |
1142 |
if (likely(pte_same(*page_table, orig_pte))) { |
1143 |
@@ -97155,7 +97625,7 @@ index 6c836d3..693224d 100644 |
1144 |
if (old_page) { |
1145 |
if (!PageAnon(old_page)) { |
1146 |
dec_mm_counter(mm, file_rss); |
1147 |
-@@ -2207,6 +2417,10 @@ gotten: |
1148 |
+@@ -2207,6 +2421,10 @@ gotten: |
1149 |
page_remove_rmap(old_page); |
1150 |
} |
1151 |
|
1152 |
@@ -97166,7 +97636,7 @@ index 6c836d3..693224d 100644 |
1153 |
/* Free the old page.. */ |
1154 |
new_page = old_page; |
1155 |
ret |= VM_FAULT_WRITE; |
1156 |
-@@ -2606,6 +2820,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1157 |
+@@ -2606,6 +2824,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1158 |
swap_free(entry); |
1159 |
if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) |
1160 |
try_to_free_swap(page); |
1161 |
@@ -97178,7 +97648,7 @@ index 6c836d3..693224d 100644 |
1162 |
unlock_page(page); |
1163 |
|
1164 |
if (flags & FAULT_FLAG_WRITE) { |
1165 |
-@@ -2617,6 +2836,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1166 |
+@@ -2617,6 +2840,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1167 |
|
1168 |
/* No need to invalidate - it was non-present before */ |
1169 |
update_mmu_cache(vma, address, pte); |
1170 |
@@ -97190,7 +97660,7 @@ index 6c836d3..693224d 100644 |
1171 |
unlock: |
1172 |
pte_unmap_unlock(page_table, ptl); |
1173 |
out: |
1174 |
-@@ -2632,40 +2856,6 @@ out_release: |
1175 |
+@@ -2632,40 +2860,6 @@ out_release: |
1176 |
} |
1177 |
|
1178 |
/* |
1179 |
@@ -97231,7 +97701,7 @@ index 6c836d3..693224d 100644 |
1180 |
* We enter with non-exclusive mmap_sem (to exclude vma changes, |
1181 |
* but allow concurrent faults), and pte mapped but not yet locked. |
1182 |
* We return with mmap_sem still held, but pte unmapped and unlocked. |
1183 |
-@@ -2674,27 +2864,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1184 |
+@@ -2674,27 +2868,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1185 |
unsigned long address, pte_t *page_table, pmd_t *pmd, |
1186 |
unsigned int flags) |
1187 |
{ |
1188 |
@@ -97264,7 +97734,7 @@ index 6c836d3..693224d 100644 |
1189 |
if (unlikely(anon_vma_prepare(vma))) |
1190 |
goto oom; |
1191 |
page = alloc_zeroed_user_highpage_movable(vma, address); |
1192 |
-@@ -2713,6 +2899,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1193 |
+@@ -2713,6 +2903,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1194 |
if (!pte_none(*page_table)) |
1195 |
goto release; |
1196 |
|
1197 |
@@ -97276,7 +97746,7 @@ index 6c836d3..693224d 100644 |
1198 |
inc_mm_counter(mm, anon_rss); |
1199 |
page_add_new_anon_rmap(page, vma, address); |
1200 |
setpte: |
1201 |
-@@ -2720,6 +2911,12 @@ setpte: |
1202 |
+@@ -2720,6 +2915,12 @@ setpte: |
1203 |
|
1204 |
/* No need to invalidate - it was non-present before */ |
1205 |
update_mmu_cache(vma, address, entry); |
1206 |
@@ -97289,7 +97759,7 @@ index 6c836d3..693224d 100644 |
1207 |
unlock: |
1208 |
pte_unmap_unlock(page_table, ptl); |
1209 |
return 0; |
1210 |
-@@ -2862,6 +3059,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1211 |
+@@ -2862,6 +3063,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1212 |
*/ |
1213 |
/* Only go through if we didn't race with anybody else... */ |
1214 |
if (likely(pte_same(*page_table, orig_pte))) { |
1215 |
@@ -97302,7 +97772,7 @@ index 6c836d3..693224d 100644 |
1216 |
flush_icache_page(vma, page); |
1217 |
entry = mk_pte(page, vma->vm_page_prot); |
1218 |
if (flags & FAULT_FLAG_WRITE) |
1219 |
-@@ -2881,6 +3084,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1220 |
+@@ -2881,6 +3088,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1221 |
|
1222 |
/* no need to invalidate: a not-present page won't be cached */ |
1223 |
update_mmu_cache(vma, address, entry); |
1224 |
@@ -97317,7 +97787,7 @@ index 6c836d3..693224d 100644 |
1225 |
} else { |
1226 |
if (charged) |
1227 |
mem_cgroup_uncharge_page(page); |
1228 |
-@@ -3028,6 +3239,12 @@ static inline int handle_pte_fault(struct mm_struct *mm, |
1229 |
+@@ -3028,6 +3243,12 @@ static inline int handle_pte_fault(struct mm_struct *mm, |
1230 |
if (flags & FAULT_FLAG_WRITE) |
1231 |
flush_tlb_page(vma, address); |
1232 |
} |
1233 |
@@ -97330,7 +97800,7 @@ index 6c836d3..693224d 100644 |
1234 |
unlock: |
1235 |
pte_unmap_unlock(pte, ptl); |
1236 |
return 0; |
1237 |
-@@ -3044,6 +3261,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1238 |
+@@ -3044,6 +3265,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1239 |
pmd_t *pmd; |
1240 |
pte_t *pte; |
1241 |
|
1242 |
@@ -97341,7 +97811,7 @@ index 6c836d3..693224d 100644 |
1243 |
__set_current_state(TASK_RUNNING); |
1244 |
|
1245 |
count_vm_event(PGFAULT); |
1246 |
-@@ -3051,6 +3272,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1247 |
+@@ -3051,6 +3276,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1248 |
if (unlikely(is_vm_hugetlb_page(vma))) |
1249 |
return hugetlb_fault(mm, vma, address, flags); |
1250 |
|
1251 |
@@ -97376,7 +97846,7 @@ index 6c836d3..693224d 100644 |
1252 |
pgd = pgd_offset(mm, address); |
1253 |
pud = pud_alloc(mm, pgd, address); |
1254 |
if (!pud) |
1255 |
-@@ -3086,6 +3335,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
1256 |
+@@ -3086,6 +3339,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
1257 |
spin_unlock(&mm->page_table_lock); |
1258 |
return 0; |
1259 |
} |
1260 |
@@ -97400,7 +97870,7 @@ index 6c836d3..693224d 100644 |
1261 |
#endif /* __PAGETABLE_PUD_FOLDED */ |
1262 |
|
1263 |
#ifndef __PAGETABLE_PMD_FOLDED |
1264 |
-@@ -3116,6 +3382,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
1265 |
+@@ -3116,6 +3386,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
1266 |
spin_unlock(&mm->page_table_lock); |
1267 |
return 0; |
1268 |
} |
1269 |
@@ -97431,7 +97901,7 @@ index 6c836d3..693224d 100644 |
1270 |
#endif /* __PAGETABLE_PMD_FOLDED */ |
1271 |
|
1272 |
int make_pages_present(unsigned long addr, unsigned long end) |
1273 |
-@@ -3148,7 +3438,7 @@ static int __init gate_vma_init(void) |
1274 |
+@@ -3148,7 +3442,7 @@ static int __init gate_vma_init(void) |
1275 |
gate_vma.vm_start = FIXADDR_USER_START; |
1276 |
gate_vma.vm_end = FIXADDR_USER_END; |
1277 |
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; |
1278 |
|
1279 |
diff --git a/3.2.16/0000_README b/3.2.17/0000_README |
1280 |
similarity index 93% |
1281 |
rename from 3.2.16/0000_README |
1282 |
rename to 3.2.17/0000_README |
1283 |
index b39a326..d74a42e 100644 |
1284 |
--- a/3.2.16/0000_README |
1285 |
+++ b/3.2.17/0000_README |
1286 |
@@ -2,7 +2,11 @@ README |
1287 |
----------------------------------------------------------------------------- |
1288 |
Individual Patch Descriptions: |
1289 |
----------------------------------------------------------------------------- |
1290 |
-Patch: 4420_grsecurity-2.9-3.2.16-201205071838.patch |
1291 |
+Patch: 1016_linux-3.2.17.patch |
1292 |
+From: http://www.kernel.org |
1293 |
+Desc: Linux 3.2.17 |
1294 |
+ |
1295 |
+Patch: 4420_grsecurity-2.9-3.2.17-201205131657.patch |
1296 |
From: http://www.grsecurity.net |
1297 |
Desc: hardened-sources base patch from upstream grsecurity |
1298 |
|
1299 |
|
1300 |
diff --git a/3.2.17/1016_linux-3.2.17.patch b/3.2.17/1016_linux-3.2.17.patch |
1301 |
new file mode 100644 |
1302 |
index 0000000..5aeed10 |
1303 |
--- /dev/null |
1304 |
+++ b/3.2.17/1016_linux-3.2.17.patch |
1305 |
@@ -0,0 +1,5695 @@ |
1306 |
+diff --git a/Makefile b/Makefile |
1307 |
+index 3da29cb..4c4efa3 100644 |
1308 |
+--- a/Makefile |
1309 |
++++ b/Makefile |
1310 |
+@@ -1,6 +1,6 @@ |
1311 |
+ VERSION = 3 |
1312 |
+ PATCHLEVEL = 2 |
1313 |
+-SUBLEVEL = 16 |
1314 |
++SUBLEVEL = 17 |
1315 |
+ EXTRAVERSION = |
1316 |
+ NAME = Saber-toothed Squirrel |
1317 |
+ |
1318 |
+diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig |
1319 |
+index ab3740e..ef642a0 100644 |
1320 |
+--- a/arch/arm/Kconfig |
1321 |
++++ b/arch/arm/Kconfig |
1322 |
+@@ -1155,6 +1155,15 @@ if !MMU |
1323 |
+ source "arch/arm/Kconfig-nommu" |
1324 |
+ endif |
1325 |
+ |
1326 |
++config ARM_ERRATA_326103 |
1327 |
++ bool "ARM errata: FSR write bit incorrect on a SWP to read-only memory" |
1328 |
++ depends on CPU_V6 |
1329 |
++ help |
1330 |
++ Executing a SWP instruction to read-only memory does not set bit 11 |
1331 |
++ of the FSR on the ARM 1136 prior to r1p0. This causes the kernel to |
1332 |
++ treat the access as a read, preventing a COW from occurring and |
1333 |
++ causing the faulting task to livelock. |
1334 |
++ |
1335 |
+ config ARM_ERRATA_411920 |
1336 |
+ bool "ARM errata: Invalidation of the Instruction Cache operation can fail" |
1337 |
+ depends on CPU_V6 || CPU_V6K |
1338 |
+diff --git a/arch/arm/include/asm/tls.h b/arch/arm/include/asm/tls.h |
1339 |
+index 60843eb..73409e6 100644 |
1340 |
+--- a/arch/arm/include/asm/tls.h |
1341 |
++++ b/arch/arm/include/asm/tls.h |
1342 |
+@@ -7,6 +7,8 @@ |
1343 |
+ |
1344 |
+ .macro set_tls_v6k, tp, tmp1, tmp2 |
1345 |
+ mcr p15, 0, \tp, c13, c0, 3 @ set TLS register |
1346 |
++ mov \tmp1, #0 |
1347 |
++ mcr p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register |
1348 |
+ .endm |
1349 |
+ |
1350 |
+ .macro set_tls_v6, tp, tmp1, tmp2 |
1351 |
+@@ -15,6 +17,8 @@ |
1352 |
+ mov \tmp2, #0xffff0fff |
1353 |
+ tst \tmp1, #HWCAP_TLS @ hardware TLS available? |
1354 |
+ mcrne p15, 0, \tp, c13, c0, 3 @ yes, set TLS register |
1355 |
++ movne \tmp1, #0 |
1356 |
++ mcrne p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register |
1357 |
+ streq \tp, [\tmp2, #-15] @ set TLS value at 0xffff0ff0 |
1358 |
+ .endm |
1359 |
+ |
1360 |
+diff --git a/arch/arm/kernel/irq.c b/arch/arm/kernel/irq.c |
1361 |
+index 3efd82c..87c8be5 100644 |
1362 |
+--- a/arch/arm/kernel/irq.c |
1363 |
++++ b/arch/arm/kernel/irq.c |
1364 |
+@@ -156,10 +156,10 @@ static bool migrate_one_irq(struct irq_desc *desc) |
1365 |
+ } |
1366 |
+ |
1367 |
+ c = irq_data_get_irq_chip(d); |
1368 |
+- if (c->irq_set_affinity) |
1369 |
+- c->irq_set_affinity(d, affinity, true); |
1370 |
+- else |
1371 |
++ if (!c->irq_set_affinity) |
1372 |
+ pr_debug("IRQ%u: unable to set affinity\n", d->irq); |
1373 |
++ else if (c->irq_set_affinity(d, affinity, true) == IRQ_SET_MASK_OK && ret) |
1374 |
++ cpumask_copy(d->affinity, affinity); |
1375 |
+ |
1376 |
+ return ret; |
1377 |
+ } |
1378 |
+diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c |
1379 |
+index ef5640b..e10e59a 100644 |
1380 |
+--- a/arch/arm/kernel/smp.c |
1381 |
++++ b/arch/arm/kernel/smp.c |
1382 |
+@@ -297,8 +297,6 @@ asmlinkage void __cpuinit secondary_start_kernel(void) |
1383 |
+ struct mm_struct *mm = &init_mm; |
1384 |
+ unsigned int cpu = smp_processor_id(); |
1385 |
+ |
1386 |
+- printk("CPU%u: Booted secondary processor\n", cpu); |
1387 |
+- |
1388 |
+ /* |
1389 |
+ * All kernel threads share the same mm context; grab a |
1390 |
+ * reference and switch to it. |
1391 |
+@@ -310,6 +308,8 @@ asmlinkage void __cpuinit secondary_start_kernel(void) |
1392 |
+ enter_lazy_tlb(mm, current); |
1393 |
+ local_flush_tlb_all(); |
1394 |
+ |
1395 |
++ printk("CPU%u: Booted secondary processor\n", cpu); |
1396 |
++ |
1397 |
+ cpu_init(); |
1398 |
+ preempt_disable(); |
1399 |
+ trace_hardirqs_off(); |
1400 |
+diff --git a/arch/arm/kernel/sys_arm.c b/arch/arm/kernel/sys_arm.c |
1401 |
+index d2b1779..76cbb05 100644 |
1402 |
+--- a/arch/arm/kernel/sys_arm.c |
1403 |
++++ b/arch/arm/kernel/sys_arm.c |
1404 |
+@@ -115,7 +115,7 @@ int kernel_execve(const char *filename, |
1405 |
+ "Ir" (THREAD_START_SP - sizeof(regs)), |
1406 |
+ "r" (®s), |
1407 |
+ "Ir" (sizeof(regs)) |
1408 |
+- : "r0", "r1", "r2", "r3", "ip", "lr", "memory"); |
1409 |
++ : "r0", "r1", "r2", "r3", "r8", "r9", "ip", "lr", "memory"); |
1410 |
+ |
1411 |
+ out: |
1412 |
+ return ret; |
1413 |
+diff --git a/arch/arm/mach-omap1/timer.c b/arch/arm/mach-omap1/timer.c |
1414 |
+index 6e90665..fb202af 100644 |
1415 |
+--- a/arch/arm/mach-omap1/timer.c |
1416 |
++++ b/arch/arm/mach-omap1/timer.c |
1417 |
+@@ -47,9 +47,9 @@ static int omap1_dm_timer_set_src(struct platform_device *pdev, |
1418 |
+ int n = (pdev->id - 1) << 1; |
1419 |
+ u32 l; |
1420 |
+ |
1421 |
+- l = __raw_readl(MOD_CONF_CTRL_1) & ~(0x03 << n); |
1422 |
++ l = omap_readl(MOD_CONF_CTRL_1) & ~(0x03 << n); |
1423 |
+ l |= source << n; |
1424 |
+- __raw_writel(l, MOD_CONF_CTRL_1); |
1425 |
++ omap_writel(l, MOD_CONF_CTRL_1); |
1426 |
+ |
1427 |
+ return 0; |
1428 |
+ } |
1429 |
+diff --git a/arch/arm/mm/abort-ev6.S b/arch/arm/mm/abort-ev6.S |
1430 |
+index ff1f7cc..8074199 100644 |
1431 |
+--- a/arch/arm/mm/abort-ev6.S |
1432 |
++++ b/arch/arm/mm/abort-ev6.S |
1433 |
+@@ -26,18 +26,23 @@ ENTRY(v6_early_abort) |
1434 |
+ mrc p15, 0, r1, c5, c0, 0 @ get FSR |
1435 |
+ mrc p15, 0, r0, c6, c0, 0 @ get FAR |
1436 |
+ /* |
1437 |
+- * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR (erratum 326103). |
1438 |
+- * The test below covers all the write situations, including Java bytecodes |
1439 |
++ * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR. |
1440 |
+ */ |
1441 |
+- bic r1, r1, #1 << 11 @ clear bit 11 of FSR |
1442 |
++#ifdef CONFIG_ARM_ERRATA_326103 |
1443 |
++ ldr ip, =0x4107b36 |
1444 |
++ mrc p15, 0, r3, c0, c0, 0 @ get processor id |
1445 |
++ teq ip, r3, lsr #4 @ r0 ARM1136? |
1446 |
++ bne do_DataAbort |
1447 |
+ tst r5, #PSR_J_BIT @ Java? |
1448 |
++ tsteq r5, #PSR_T_BIT @ Thumb? |
1449 |
+ bne do_DataAbort |
1450 |
+- do_thumb_abort fsr=r1, pc=r4, psr=r5, tmp=r3 |
1451 |
+- ldreq r3, [r4] @ read aborted ARM instruction |
1452 |
++ bic r1, r1, #1 << 11 @ clear bit 11 of FSR |
1453 |
++ ldr r3, [r4] @ read aborted ARM instruction |
1454 |
+ #ifdef CONFIG_CPU_ENDIAN_BE8 |
1455 |
+- reveq r3, r3 |
1456 |
++ rev r3, r3 |
1457 |
+ #endif |
1458 |
+ do_ldrd_abort tmp=ip, insn=r3 |
1459 |
+ tst r3, #1 << 20 @ L = 0 -> write |
1460 |
+ orreq r1, r1, #1 << 11 @ yes. |
1461 |
++#endif |
1462 |
+ b do_DataAbort |
1463 |
+diff --git a/arch/arm/mm/cache-l2x0.c b/arch/arm/mm/cache-l2x0.c |
1464 |
+index b1e192b..db7bcc0 100644 |
1465 |
+--- a/arch/arm/mm/cache-l2x0.c |
1466 |
++++ b/arch/arm/mm/cache-l2x0.c |
1467 |
+@@ -32,6 +32,7 @@ static void __iomem *l2x0_base; |
1468 |
+ static DEFINE_RAW_SPINLOCK(l2x0_lock); |
1469 |
+ static uint32_t l2x0_way_mask; /* Bitmask of active ways */ |
1470 |
+ static uint32_t l2x0_size; |
1471 |
++static unsigned long sync_reg_offset = L2X0_CACHE_SYNC; |
1472 |
+ |
1473 |
+ struct l2x0_regs l2x0_saved_regs; |
1474 |
+ |
1475 |
+@@ -61,12 +62,7 @@ static inline void cache_sync(void) |
1476 |
+ { |
1477 |
+ void __iomem *base = l2x0_base; |
1478 |
+ |
1479 |
+-#ifdef CONFIG_PL310_ERRATA_753970 |
1480 |
+- /* write to an unmmapped register */ |
1481 |
+- writel_relaxed(0, base + L2X0_DUMMY_REG); |
1482 |
+-#else |
1483 |
+- writel_relaxed(0, base + L2X0_CACHE_SYNC); |
1484 |
+-#endif |
1485 |
++ writel_relaxed(0, base + sync_reg_offset); |
1486 |
+ cache_wait(base + L2X0_CACHE_SYNC, 1); |
1487 |
+ } |
1488 |
+ |
1489 |
+@@ -85,10 +81,13 @@ static inline void l2x0_inv_line(unsigned long addr) |
1490 |
+ } |
1491 |
+ |
1492 |
+ #if defined(CONFIG_PL310_ERRATA_588369) || defined(CONFIG_PL310_ERRATA_727915) |
1493 |
++static inline void debug_writel(unsigned long val) |
1494 |
++{ |
1495 |
++ if (outer_cache.set_debug) |
1496 |
++ outer_cache.set_debug(val); |
1497 |
++} |
1498 |
+ |
1499 |
+-#define debug_writel(val) outer_cache.set_debug(val) |
1500 |
+- |
1501 |
+-static void l2x0_set_debug(unsigned long val) |
1502 |
++static void pl310_set_debug(unsigned long val) |
1503 |
+ { |
1504 |
+ writel_relaxed(val, l2x0_base + L2X0_DEBUG_CTRL); |
1505 |
+ } |
1506 |
+@@ -98,7 +97,7 @@ static inline void debug_writel(unsigned long val) |
1507 |
+ { |
1508 |
+ } |
1509 |
+ |
1510 |
+-#define l2x0_set_debug NULL |
1511 |
++#define pl310_set_debug NULL |
1512 |
+ #endif |
1513 |
+ |
1514 |
+ #ifdef CONFIG_PL310_ERRATA_588369 |
1515 |
+@@ -331,6 +330,11 @@ void __init l2x0_init(void __iomem *base, __u32 aux_val, __u32 aux_mask) |
1516 |
+ else |
1517 |
+ ways = 8; |
1518 |
+ type = "L310"; |
1519 |
++#ifdef CONFIG_PL310_ERRATA_753970 |
1520 |
++ /* Unmapped register. */ |
1521 |
++ sync_reg_offset = L2X0_DUMMY_REG; |
1522 |
++#endif |
1523 |
++ outer_cache.set_debug = pl310_set_debug; |
1524 |
+ break; |
1525 |
+ case L2X0_CACHE_ID_PART_L210: |
1526 |
+ ways = (aux >> 13) & 0xf; |
1527 |
+@@ -379,7 +383,6 @@ void __init l2x0_init(void __iomem *base, __u32 aux_val, __u32 aux_mask) |
1528 |
+ outer_cache.flush_all = l2x0_flush_all; |
1529 |
+ outer_cache.inv_all = l2x0_inv_all; |
1530 |
+ outer_cache.disable = l2x0_disable; |
1531 |
+- outer_cache.set_debug = l2x0_set_debug; |
1532 |
+ |
1533 |
+ printk(KERN_INFO "%s cache controller enabled\n", type); |
1534 |
+ printk(KERN_INFO "l2x0: %d ways, CACHE_ID 0x%08x, AUX_CTRL 0x%08x, Cache size: %d B\n", |
1535 |
+diff --git a/arch/x86/boot/compressed/relocs.c b/arch/x86/boot/compressed/relocs.c |
1536 |
+index 89bbf4e..e77f4e4 100644 |
1537 |
+--- a/arch/x86/boot/compressed/relocs.c |
1538 |
++++ b/arch/x86/boot/compressed/relocs.c |
1539 |
+@@ -402,13 +402,11 @@ static void print_absolute_symbols(void) |
1540 |
+ for (i = 0; i < ehdr.e_shnum; i++) { |
1541 |
+ struct section *sec = &secs[i]; |
1542 |
+ char *sym_strtab; |
1543 |
+- Elf32_Sym *sh_symtab; |
1544 |
+ int j; |
1545 |
+ |
1546 |
+ if (sec->shdr.sh_type != SHT_SYMTAB) { |
1547 |
+ continue; |
1548 |
+ } |
1549 |
+- sh_symtab = sec->symtab; |
1550 |
+ sym_strtab = sec->link->strtab; |
1551 |
+ for (j = 0; j < sec->shdr.sh_size/sizeof(Elf32_Sym); j++) { |
1552 |
+ Elf32_Sym *sym; |
1553 |
+diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c |
1554 |
+index f98d84c..c4e3581 100644 |
1555 |
+--- a/arch/x86/kernel/apic/apic.c |
1556 |
++++ b/arch/x86/kernel/apic/apic.c |
1557 |
+@@ -1577,9 +1577,11 @@ static int __init apic_verify(void) |
1558 |
+ mp_lapic_addr = APIC_DEFAULT_PHYS_BASE; |
1559 |
+ |
1560 |
+ /* The BIOS may have set up the APIC at some other address */ |
1561 |
+- rdmsr(MSR_IA32_APICBASE, l, h); |
1562 |
+- if (l & MSR_IA32_APICBASE_ENABLE) |
1563 |
+- mp_lapic_addr = l & MSR_IA32_APICBASE_BASE; |
1564 |
++ if (boot_cpu_data.x86 >= 6) { |
1565 |
++ rdmsr(MSR_IA32_APICBASE, l, h); |
1566 |
++ if (l & MSR_IA32_APICBASE_ENABLE) |
1567 |
++ mp_lapic_addr = l & MSR_IA32_APICBASE_BASE; |
1568 |
++ } |
1569 |
+ |
1570 |
+ pr_info("Found and enabled local APIC!\n"); |
1571 |
+ return 0; |
1572 |
+@@ -1597,13 +1599,15 @@ int __init apic_force_enable(unsigned long addr) |
1573 |
+ * MSR. This can only be done in software for Intel P6 or later |
1574 |
+ * and AMD K7 (Model > 1) or later. |
1575 |
+ */ |
1576 |
+- rdmsr(MSR_IA32_APICBASE, l, h); |
1577 |
+- if (!(l & MSR_IA32_APICBASE_ENABLE)) { |
1578 |
+- pr_info("Local APIC disabled by BIOS -- reenabling.\n"); |
1579 |
+- l &= ~MSR_IA32_APICBASE_BASE; |
1580 |
+- l |= MSR_IA32_APICBASE_ENABLE | addr; |
1581 |
+- wrmsr(MSR_IA32_APICBASE, l, h); |
1582 |
+- enabled_via_apicbase = 1; |
1583 |
++ if (boot_cpu_data.x86 >= 6) { |
1584 |
++ rdmsr(MSR_IA32_APICBASE, l, h); |
1585 |
++ if (!(l & MSR_IA32_APICBASE_ENABLE)) { |
1586 |
++ pr_info("Local APIC disabled by BIOS -- reenabling.\n"); |
1587 |
++ l &= ~MSR_IA32_APICBASE_BASE; |
1588 |
++ l |= MSR_IA32_APICBASE_ENABLE | addr; |
1589 |
++ wrmsr(MSR_IA32_APICBASE, l, h); |
1590 |
++ enabled_via_apicbase = 1; |
1591 |
++ } |
1592 |
+ } |
1593 |
+ return apic_verify(); |
1594 |
+ } |
1595 |
+@@ -2149,10 +2153,12 @@ static void lapic_resume(void) |
1596 |
+ * FIXME! This will be wrong if we ever support suspend on |
1597 |
+ * SMP! We'll need to do this as part of the CPU restore! |
1598 |
+ */ |
1599 |
+- rdmsr(MSR_IA32_APICBASE, l, h); |
1600 |
+- l &= ~MSR_IA32_APICBASE_BASE; |
1601 |
+- l |= MSR_IA32_APICBASE_ENABLE | mp_lapic_addr; |
1602 |
+- wrmsr(MSR_IA32_APICBASE, l, h); |
1603 |
++ if (boot_cpu_data.x86 >= 6) { |
1604 |
++ rdmsr(MSR_IA32_APICBASE, l, h); |
1605 |
++ l &= ~MSR_IA32_APICBASE_BASE; |
1606 |
++ l |= MSR_IA32_APICBASE_ENABLE | mp_lapic_addr; |
1607 |
++ wrmsr(MSR_IA32_APICBASE, l, h); |
1608 |
++ } |
1609 |
+ } |
1610 |
+ |
1611 |
+ maxlvt = lapic_get_maxlvt(); |
1612 |
+diff --git a/arch/x86/kernel/microcode_core.c b/arch/x86/kernel/microcode_core.c |
1613 |
+index 9d46f5e..563a09d 100644 |
1614 |
+--- a/arch/x86/kernel/microcode_core.c |
1615 |
++++ b/arch/x86/kernel/microcode_core.c |
1616 |
+@@ -418,10 +418,8 @@ static int mc_sysdev_add(struct sys_device *sys_dev) |
1617 |
+ if (err) |
1618 |
+ return err; |
1619 |
+ |
1620 |
+- if (microcode_init_cpu(cpu) == UCODE_ERROR) { |
1621 |
+- sysfs_remove_group(&sys_dev->kobj, &mc_attr_group); |
1622 |
++ if (microcode_init_cpu(cpu) == UCODE_ERROR) |
1623 |
+ return -EINVAL; |
1624 |
+- } |
1625 |
+ |
1626 |
+ return err; |
1627 |
+ } |
1628 |
+diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c |
1629 |
+index 71f4727..5a98aa2 100644 |
1630 |
+--- a/arch/x86/kernel/setup_percpu.c |
1631 |
++++ b/arch/x86/kernel/setup_percpu.c |
1632 |
+@@ -185,10 +185,22 @@ void __init setup_per_cpu_areas(void) |
1633 |
+ #endif |
1634 |
+ rc = -EINVAL; |
1635 |
+ if (pcpu_chosen_fc != PCPU_FC_PAGE) { |
1636 |
+- const size_t atom_size = cpu_has_pse ? PMD_SIZE : PAGE_SIZE; |
1637 |
+ const size_t dyn_size = PERCPU_MODULE_RESERVE + |
1638 |
+ PERCPU_DYNAMIC_RESERVE - PERCPU_FIRST_CHUNK_RESERVE; |
1639 |
++ size_t atom_size; |
1640 |
+ |
1641 |
++ /* |
1642 |
++ * On 64bit, use PMD_SIZE for atom_size so that embedded |
1643 |
++ * percpu areas are aligned to PMD. This, in the future, |
1644 |
++ * can also allow using PMD mappings in vmalloc area. Use |
1645 |
++ * PAGE_SIZE on 32bit as vmalloc space is highly contended |
1646 |
++ * and large vmalloc area allocs can easily fail. |
1647 |
++ */ |
1648 |
++#ifdef CONFIG_X86_64 |
1649 |
++ atom_size = PMD_SIZE; |
1650 |
++#else |
1651 |
++ atom_size = PAGE_SIZE; |
1652 |
++#endif |
1653 |
+ rc = pcpu_embed_first_chunk(PERCPU_FIRST_CHUNK_RESERVE, |
1654 |
+ dyn_size, atom_size, |
1655 |
+ pcpu_cpu_distance, |
1656 |
+diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
1657 |
+index 1f92865..e7c920b 100644 |
1658 |
+--- a/arch/x86/xen/enlighten.c |
1659 |
++++ b/arch/x86/xen/enlighten.c |
1660 |
+@@ -62,6 +62,7 @@ |
1661 |
+ #include <asm/reboot.h> |
1662 |
+ #include <asm/stackprotector.h> |
1663 |
+ #include <asm/hypervisor.h> |
1664 |
++#include <asm/pci_x86.h> |
1665 |
+ |
1666 |
+ #include "xen-ops.h" |
1667 |
+ #include "mmu.h" |
1668 |
+@@ -1278,8 +1279,10 @@ asmlinkage void __init xen_start_kernel(void) |
1669 |
+ /* Make sure ACS will be enabled */ |
1670 |
+ pci_request_acs(); |
1671 |
+ } |
1672 |
+- |
1673 |
+- |
1674 |
++#ifdef CONFIG_PCI |
1675 |
++ /* PCI BIOS service won't work from a PV guest. */ |
1676 |
++ pci_probe &= ~PCI_PROBE_BIOS; |
1677 |
++#endif |
1678 |
+ xen_raw_console_write("about to get started...\n"); |
1679 |
+ |
1680 |
+ xen_setup_runstate_info(0); |
1681 |
+diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
1682 |
+index 87f6673..ec3d603 100644 |
1683 |
+--- a/arch/x86/xen/mmu.c |
1684 |
++++ b/arch/x86/xen/mmu.c |
1685 |
+@@ -353,8 +353,13 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) |
1686 |
+ { |
1687 |
+ if (val & _PAGE_PRESENT) { |
1688 |
+ unsigned long mfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; |
1689 |
++ unsigned long pfn = mfn_to_pfn(mfn); |
1690 |
++ |
1691 |
+ pteval_t flags = val & PTE_FLAGS_MASK; |
1692 |
+- val = ((pteval_t)mfn_to_pfn(mfn) << PAGE_SHIFT) | flags; |
1693 |
++ if (unlikely(pfn == ~0)) |
1694 |
++ val = flags & ~_PAGE_PRESENT; |
1695 |
++ else |
1696 |
++ val = ((pteval_t)pfn << PAGE_SHIFT) | flags; |
1697 |
+ } |
1698 |
+ |
1699 |
+ return val; |
1700 |
+diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c |
1701 |
+index 041d4fe..9a23fff 100644 |
1702 |
+--- a/arch/x86/xen/smp.c |
1703 |
++++ b/arch/x86/xen/smp.c |
1704 |
+@@ -172,6 +172,7 @@ static void __init xen_fill_possible_map(void) |
1705 |
+ static void __init xen_filter_cpu_maps(void) |
1706 |
+ { |
1707 |
+ int i, rc; |
1708 |
++ unsigned int subtract = 0; |
1709 |
+ |
1710 |
+ if (!xen_initial_domain()) |
1711 |
+ return; |
1712 |
+@@ -186,8 +187,22 @@ static void __init xen_filter_cpu_maps(void) |
1713 |
+ } else { |
1714 |
+ set_cpu_possible(i, false); |
1715 |
+ set_cpu_present(i, false); |
1716 |
++ subtract++; |
1717 |
+ } |
1718 |
+ } |
1719 |
++#ifdef CONFIG_HOTPLUG_CPU |
1720 |
++ /* This is akin to using 'nr_cpus' on the Linux command line. |
1721 |
++ * Which is OK as when we use 'dom0_max_vcpus=X' we can only |
1722 |
++ * have up to X, while nr_cpu_ids is greater than X. This |
1723 |
++ * normally is not a problem, except when CPU hotplugging |
1724 |
++ * is involved and then there might be more than X CPUs |
1725 |
++ * in the guest - which will not work as there is no |
1726 |
++ * hypercall to expand the max number of VCPUs an already |
1727 |
++ * running guest has. So cap it up to X. */ |
1728 |
++ if (subtract) |
1729 |
++ nr_cpu_ids = nr_cpu_ids - subtract; |
1730 |
++#endif |
1731 |
++ |
1732 |
+ } |
1733 |
+ |
1734 |
+ static void __init xen_smp_prepare_boot_cpu(void) |
1735 |
+diff --git a/arch/x86/xen/xen-asm.S b/arch/x86/xen/xen-asm.S |
1736 |
+index 79d7362..3e45aa0 100644 |
1737 |
+--- a/arch/x86/xen/xen-asm.S |
1738 |
++++ b/arch/x86/xen/xen-asm.S |
1739 |
+@@ -96,7 +96,7 @@ ENTRY(xen_restore_fl_direct) |
1740 |
+ |
1741 |
+ /* check for unmasked and pending */ |
1742 |
+ cmpw $0x0001, PER_CPU_VAR(xen_vcpu_info) + XEN_vcpu_info_pending |
1743 |
+- jz 1f |
1744 |
++ jnz 1f |
1745 |
+ 2: call check_events |
1746 |
+ 1: |
1747 |
+ ENDPATCH(xen_restore_fl_direct) |
1748 |
+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
1749 |
+index 107f6f7..dd30f40 100644 |
1750 |
+--- a/crypto/sha512_generic.c |
1751 |
++++ b/crypto/sha512_generic.c |
1752 |
+@@ -174,7 +174,7 @@ sha512_update(struct shash_desc *desc, const u8 *data, unsigned int len) |
1753 |
+ index = sctx->count[0] & 0x7f; |
1754 |
+ |
1755 |
+ /* Update number of bytes */ |
1756 |
+- if (!(sctx->count[0] += len)) |
1757 |
++ if ((sctx->count[0] += len) < len) |
1758 |
+ sctx->count[1]++; |
1759 |
+ |
1760 |
+ part_len = 128 - index; |
1761 |
+diff --git a/drivers/ata/libata-eh.c b/drivers/ata/libata-eh.c |
1762 |
+index a9b2820..58db834 100644 |
1763 |
+--- a/drivers/ata/libata-eh.c |
1764 |
++++ b/drivers/ata/libata-eh.c |
1765 |
+@@ -3500,7 +3500,8 @@ static int ata_count_probe_trials_cb(struct ata_ering_entry *ent, void *void_arg |
1766 |
+ u64 now = get_jiffies_64(); |
1767 |
+ int *trials = void_arg; |
1768 |
+ |
1769 |
+- if (ent->timestamp < now - min(now, interval)) |
1770 |
++ if ((ent->eflags & ATA_EFLAG_OLD_ER) || |
1771 |
++ (ent->timestamp < now - min(now, interval))) |
1772 |
+ return -1; |
1773 |
+ |
1774 |
+ (*trials)++; |
1775 |
+diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c |
1776 |
+index 003cd8d..99fefbd 100644 |
1777 |
+--- a/drivers/bluetooth/ath3k.c |
1778 |
++++ b/drivers/bluetooth/ath3k.c |
1779 |
+@@ -73,6 +73,7 @@ static struct usb_device_id ath3k_table[] = { |
1780 |
+ { USB_DEVICE(0x0CF3, 0x3004) }, |
1781 |
+ { USB_DEVICE(0x0CF3, 0x311D) }, |
1782 |
+ { USB_DEVICE(0x13d3, 0x3375) }, |
1783 |
++ { USB_DEVICE(0x04CA, 0x3005) }, |
1784 |
+ |
1785 |
+ /* Atheros AR5BBU12 with sflash firmware */ |
1786 |
+ { USB_DEVICE(0x0489, 0xE02C) }, |
1787 |
+@@ -91,6 +92,7 @@ static struct usb_device_id ath3k_blist_tbl[] = { |
1788 |
+ { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
1789 |
+ { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 }, |
1790 |
+ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
1791 |
++ { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, |
1792 |
+ |
1793 |
+ { } /* Terminating entry */ |
1794 |
+ }; |
1795 |
+diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c |
1796 |
+index db44ad5..e56da6a 100644 |
1797 |
+--- a/drivers/bluetooth/btusb.c |
1798 |
++++ b/drivers/bluetooth/btusb.c |
1799 |
+@@ -129,6 +129,7 @@ static struct usb_device_id blacklist_table[] = { |
1800 |
+ { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
1801 |
+ { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 }, |
1802 |
+ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
1803 |
++ { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, |
1804 |
+ |
1805 |
+ /* Atheros AR5BBU12 with sflash firmware */ |
1806 |
+ { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, |
1807 |
+diff --git a/drivers/dma/at_hdmac.c b/drivers/dma/at_hdmac.c |
1808 |
+index a60adbf..79dcf6e 100644 |
1809 |
+--- a/drivers/dma/at_hdmac.c |
1810 |
++++ b/drivers/dma/at_hdmac.c |
1811 |
+@@ -239,10 +239,6 @@ static void atc_dostart(struct at_dma_chan *atchan, struct at_desc *first) |
1812 |
+ |
1813 |
+ vdbg_dump_regs(atchan); |
1814 |
+ |
1815 |
+- /* clear any pending interrupt */ |
1816 |
+- while (dma_readl(atdma, EBCISR)) |
1817 |
+- cpu_relax(); |
1818 |
+- |
1819 |
+ channel_writel(atchan, SADDR, 0); |
1820 |
+ channel_writel(atchan, DADDR, 0); |
1821 |
+ channel_writel(atchan, CTRLA, 0); |
1822 |
+diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c |
1823 |
+index b0a8117..0535c21 100644 |
1824 |
+--- a/drivers/firmware/efivars.c |
1825 |
++++ b/drivers/firmware/efivars.c |
1826 |
+@@ -191,6 +191,190 @@ utf16_strncmp(const efi_char16_t *a, const efi_char16_t *b, size_t len) |
1827 |
+ } |
1828 |
+ } |
1829 |
+ |
1830 |
++static bool |
1831 |
++validate_device_path(struct efi_variable *var, int match, u8 *buffer, |
1832 |
++ unsigned long len) |
1833 |
++{ |
1834 |
++ struct efi_generic_dev_path *node; |
1835 |
++ int offset = 0; |
1836 |
++ |
1837 |
++ node = (struct efi_generic_dev_path *)buffer; |
1838 |
++ |
1839 |
++ if (len < sizeof(*node)) |
1840 |
++ return false; |
1841 |
++ |
1842 |
++ while (offset <= len - sizeof(*node) && |
1843 |
++ node->length >= sizeof(*node) && |
1844 |
++ node->length <= len - offset) { |
1845 |
++ offset += node->length; |
1846 |
++ |
1847 |
++ if ((node->type == EFI_DEV_END_PATH || |
1848 |
++ node->type == EFI_DEV_END_PATH2) && |
1849 |
++ node->sub_type == EFI_DEV_END_ENTIRE) |
1850 |
++ return true; |
1851 |
++ |
1852 |
++ node = (struct efi_generic_dev_path *)(buffer + offset); |
1853 |
++ } |
1854 |
++ |
1855 |
++ /* |
1856 |
++ * If we're here then either node->length pointed past the end |
1857 |
++ * of the buffer or we reached the end of the buffer without |
1858 |
++ * finding a device path end node. |
1859 |
++ */ |
1860 |
++ return false; |
1861 |
++} |
1862 |
++ |
1863 |
++static bool |
1864 |
++validate_boot_order(struct efi_variable *var, int match, u8 *buffer, |
1865 |
++ unsigned long len) |
1866 |
++{ |
1867 |
++ /* An array of 16-bit integers */ |
1868 |
++ if ((len % 2) != 0) |
1869 |
++ return false; |
1870 |
++ |
1871 |
++ return true; |
1872 |
++} |
1873 |
++ |
1874 |
++static bool |
1875 |
++validate_load_option(struct efi_variable *var, int match, u8 *buffer, |
1876 |
++ unsigned long len) |
1877 |
++{ |
1878 |
++ u16 filepathlength; |
1879 |
++ int i, desclength = 0, namelen; |
1880 |
++ |
1881 |
++ namelen = utf16_strnlen(var->VariableName, sizeof(var->VariableName)); |
1882 |
++ |
1883 |
++ /* Either "Boot" or "Driver" followed by four digits of hex */ |
1884 |
++ for (i = match; i < match+4; i++) { |
1885 |
++ if (var->VariableName[i] > 127 || |
1886 |
++ hex_to_bin(var->VariableName[i] & 0xff) < 0) |
1887 |
++ return true; |
1888 |
++ } |
1889 |
++ |
1890 |
++ /* Reject it if there's 4 digits of hex and then further content */ |
1891 |
++ if (namelen > match + 4) |
1892 |
++ return false; |
1893 |
++ |
1894 |
++ /* A valid entry must be at least 8 bytes */ |
1895 |
++ if (len < 8) |
1896 |
++ return false; |
1897 |
++ |
1898 |
++ filepathlength = buffer[4] | buffer[5] << 8; |
1899 |
++ |
1900 |
++ /* |
1901 |
++ * There's no stored length for the description, so it has to be |
1902 |
++ * found by hand |
1903 |
++ */ |
1904 |
++ desclength = utf16_strsize((efi_char16_t *)(buffer + 6), len - 6) + 2; |
1905 |
++ |
1906 |
++ /* Each boot entry must have a descriptor */ |
1907 |
++ if (!desclength) |
1908 |
++ return false; |
1909 |
++ |
1910 |
++ /* |
1911 |
++ * If the sum of the length of the description, the claimed filepath |
1912 |
++ * length and the original header are greater than the length of the |
1913 |
++ * variable, it's malformed |
1914 |
++ */ |
1915 |
++ if ((desclength + filepathlength + 6) > len) |
1916 |
++ return false; |
1917 |
++ |
1918 |
++ /* |
1919 |
++ * And, finally, check the filepath |
1920 |
++ */ |
1921 |
++ return validate_device_path(var, match, buffer + desclength + 6, |
1922 |
++ filepathlength); |
1923 |
++} |
1924 |
++ |
1925 |
++static bool |
1926 |
++validate_uint16(struct efi_variable *var, int match, u8 *buffer, |
1927 |
++ unsigned long len) |
1928 |
++{ |
1929 |
++ /* A single 16-bit integer */ |
1930 |
++ if (len != 2) |
1931 |
++ return false; |
1932 |
++ |
1933 |
++ return true; |
1934 |
++} |
1935 |
++ |
1936 |
++static bool |
1937 |
++validate_ascii_string(struct efi_variable *var, int match, u8 *buffer, |
1938 |
++ unsigned long len) |
1939 |
++{ |
1940 |
++ int i; |
1941 |
++ |
1942 |
++ for (i = 0; i < len; i++) { |
1943 |
++ if (buffer[i] > 127) |
1944 |
++ return false; |
1945 |
++ |
1946 |
++ if (buffer[i] == 0) |
1947 |
++ return true; |
1948 |
++ } |
1949 |
++ |
1950 |
++ return false; |
1951 |
++} |
1952 |
++ |
1953 |
++struct variable_validate { |
1954 |
++ char *name; |
1955 |
++ bool (*validate)(struct efi_variable *var, int match, u8 *data, |
1956 |
++ unsigned long len); |
1957 |
++}; |
1958 |
++ |
1959 |
++static const struct variable_validate variable_validate[] = { |
1960 |
++ { "BootNext", validate_uint16 }, |
1961 |
++ { "BootOrder", validate_boot_order }, |
1962 |
++ { "DriverOrder", validate_boot_order }, |
1963 |
++ { "Boot*", validate_load_option }, |
1964 |
++ { "Driver*", validate_load_option }, |
1965 |
++ { "ConIn", validate_device_path }, |
1966 |
++ { "ConInDev", validate_device_path }, |
1967 |
++ { "ConOut", validate_device_path }, |
1968 |
++ { "ConOutDev", validate_device_path }, |
1969 |
++ { "ErrOut", validate_device_path }, |
1970 |
++ { "ErrOutDev", validate_device_path }, |
1971 |
++ { "Timeout", validate_uint16 }, |
1972 |
++ { "Lang", validate_ascii_string }, |
1973 |
++ { "PlatformLang", validate_ascii_string }, |
1974 |
++ { "", NULL }, |
1975 |
++}; |
1976 |
++ |
1977 |
++static bool |
1978 |
++validate_var(struct efi_variable *var, u8 *data, unsigned long len) |
1979 |
++{ |
1980 |
++ int i; |
1981 |
++ u16 *unicode_name = var->VariableName; |
1982 |
++ |
1983 |
++ for (i = 0; variable_validate[i].validate != NULL; i++) { |
1984 |
++ const char *name = variable_validate[i].name; |
1985 |
++ int match; |
1986 |
++ |
1987 |
++ for (match = 0; ; match++) { |
1988 |
++ char c = name[match]; |
1989 |
++ u16 u = unicode_name[match]; |
1990 |
++ |
1991 |
++ /* All special variables are plain ascii */ |
1992 |
++ if (u > 127) |
1993 |
++ return true; |
1994 |
++ |
1995 |
++ /* Wildcard in the matching name means we've matched */ |
1996 |
++ if (c == '*') |
1997 |
++ return variable_validate[i].validate(var, |
1998 |
++ match, data, len); |
1999 |
++ |
2000 |
++ /* Case sensitive match */ |
2001 |
++ if (c != u) |
2002 |
++ break; |
2003 |
++ |
2004 |
++ /* Reached the end of the string while matching */ |
2005 |
++ if (!c) |
2006 |
++ return variable_validate[i].validate(var, |
2007 |
++ match, data, len); |
2008 |
++ } |
2009 |
++ } |
2010 |
++ |
2011 |
++ return true; |
2012 |
++} |
2013 |
++ |
2014 |
+ static efi_status_t |
2015 |
+ get_var_data_locked(struct efivars *efivars, struct efi_variable *var) |
2016 |
+ { |
2017 |
+@@ -324,6 +508,12 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count) |
2018 |
+ return -EINVAL; |
2019 |
+ } |
2020 |
+ |
2021 |
++ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 || |
2022 |
++ validate_var(new_var, new_var->Data, new_var->DataSize) == false) { |
2023 |
++ printk(KERN_ERR "efivars: Malformed variable content\n"); |
2024 |
++ return -EINVAL; |
2025 |
++ } |
2026 |
++ |
2027 |
+ spin_lock(&efivars->lock); |
2028 |
+ status = efivars->ops->set_variable(new_var->VariableName, |
2029 |
+ &new_var->VendorGuid, |
2030 |
+@@ -624,6 +814,12 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj, |
2031 |
+ if (!capable(CAP_SYS_ADMIN)) |
2032 |
+ return -EACCES; |
2033 |
+ |
2034 |
++ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 || |
2035 |
++ validate_var(new_var, new_var->Data, new_var->DataSize) == false) { |
2036 |
++ printk(KERN_ERR "efivars: Malformed variable content\n"); |
2037 |
++ return -EINVAL; |
2038 |
++ } |
2039 |
++ |
2040 |
+ spin_lock(&efivars->lock); |
2041 |
+ |
2042 |
+ /* |
2043 |
+diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
2044 |
+index b9da890..a6c2f7a 100644 |
2045 |
+--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
2046 |
++++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
2047 |
+@@ -984,6 +984,7 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
2048 |
+ struct intel_ring_buffer *ring; |
2049 |
+ u32 exec_start, exec_len; |
2050 |
+ u32 seqno; |
2051 |
++ u32 mask; |
2052 |
+ int ret, mode, i; |
2053 |
+ |
2054 |
+ if (!i915_gem_check_execbuffer(args)) { |
2055 |
+@@ -1021,6 +1022,7 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
2056 |
+ } |
2057 |
+ |
2058 |
+ mode = args->flags & I915_EXEC_CONSTANTS_MASK; |
2059 |
++ mask = I915_EXEC_CONSTANTS_MASK; |
2060 |
+ switch (mode) { |
2061 |
+ case I915_EXEC_CONSTANTS_REL_GENERAL: |
2062 |
+ case I915_EXEC_CONSTANTS_ABSOLUTE: |
2063 |
+@@ -1034,18 +1036,9 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
2064 |
+ mode == I915_EXEC_CONSTANTS_REL_SURFACE) |
2065 |
+ return -EINVAL; |
2066 |
+ |
2067 |
+- ret = intel_ring_begin(ring, 4); |
2068 |
+- if (ret) |
2069 |
+- return ret; |
2070 |
+- |
2071 |
+- intel_ring_emit(ring, MI_NOOP); |
2072 |
+- intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1)); |
2073 |
+- intel_ring_emit(ring, INSTPM); |
2074 |
+- intel_ring_emit(ring, |
2075 |
+- I915_EXEC_CONSTANTS_MASK << 16 | mode); |
2076 |
+- intel_ring_advance(ring); |
2077 |
+- |
2078 |
+- dev_priv->relative_constants_mode = mode; |
2079 |
++ /* The HW changed the meaning on this bit on gen6 */ |
2080 |
++ if (INTEL_INFO(dev)->gen >= 6) |
2081 |
++ mask &= ~I915_EXEC_CONSTANTS_REL_SURFACE; |
2082 |
+ } |
2083 |
+ break; |
2084 |
+ default: |
2085 |
+@@ -1064,6 +1057,11 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
2086 |
+ return -EINVAL; |
2087 |
+ } |
2088 |
+ |
2089 |
++ if (args->num_cliprects > UINT_MAX / sizeof(*cliprects)) { |
2090 |
++ DRM_DEBUG("execbuf with %u cliprects\n", |
2091 |
++ args->num_cliprects); |
2092 |
++ return -EINVAL; |
2093 |
++ } |
2094 |
+ cliprects = kmalloc(args->num_cliprects * sizeof(*cliprects), |
2095 |
+ GFP_KERNEL); |
2096 |
+ if (cliprects == NULL) { |
2097 |
+@@ -1176,6 +1174,21 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
2098 |
+ } |
2099 |
+ } |
2100 |
+ |
2101 |
++ if (ring == &dev_priv->ring[RCS] && |
2102 |
++ mode != dev_priv->relative_constants_mode) { |
2103 |
++ ret = intel_ring_begin(ring, 4); |
2104 |
++ if (ret) |
2105 |
++ goto err; |
2106 |
++ |
2107 |
++ intel_ring_emit(ring, MI_NOOP); |
2108 |
++ intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1)); |
2109 |
++ intel_ring_emit(ring, INSTPM); |
2110 |
++ intel_ring_emit(ring, mask << 16 | mode); |
2111 |
++ intel_ring_advance(ring); |
2112 |
++ |
2113 |
++ dev_priv->relative_constants_mode = mode; |
2114 |
++ } |
2115 |
++ |
2116 |
+ trace_i915_gem_ring_dispatch(ring, seqno); |
2117 |
+ |
2118 |
+ exec_start = batch_obj->gtt_offset + args->batch_start_offset; |
2119 |
+@@ -1314,7 +1327,8 @@ i915_gem_execbuffer2(struct drm_device *dev, void *data, |
2120 |
+ struct drm_i915_gem_exec_object2 *exec2_list = NULL; |
2121 |
+ int ret; |
2122 |
+ |
2123 |
+- if (args->buffer_count < 1) { |
2124 |
++ if (args->buffer_count < 1 || |
2125 |
++ args->buffer_count > UINT_MAX / sizeof(*exec2_list)) { |
2126 |
+ DRM_ERROR("execbuf2 with %d buffers\n", args->buffer_count); |
2127 |
+ return -EINVAL; |
2128 |
+ } |
2129 |
+diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h |
2130 |
+index 2f99fd4..cbe5a88 100644 |
2131 |
+--- a/drivers/gpu/drm/i915/i915_reg.h |
2132 |
++++ b/drivers/gpu/drm/i915/i915_reg.h |
2133 |
+@@ -442,6 +442,7 @@ |
2134 |
+ #define INSTPM_AGPBUSY_DIS (1<<11) /* gen3: when disabled, pending interrupts |
2135 |
+ will not assert AGPBUSY# and will only |
2136 |
+ be delivered when out of C3. */ |
2137 |
++#define INSTPM_FORCE_ORDERING (1<<7) /* GEN6+ */ |
2138 |
+ #define ACTHD 0x020c8 |
2139 |
+ #define FW_BLC 0x020d8 |
2140 |
+ #define FW_BLC2 0x020dc |
2141 |
+@@ -522,6 +523,7 @@ |
2142 |
+ #define CM0_MASK_SHIFT 16 |
2143 |
+ #define CM0_IZ_OPT_DISABLE (1<<6) |
2144 |
+ #define CM0_ZR_OPT_DISABLE (1<<5) |
2145 |
++#define CM0_STC_EVICT_DISABLE_LRA_SNB (1<<5) |
2146 |
+ #define CM0_DEPTH_EVICT_DISABLE (1<<4) |
2147 |
+ #define CM0_COLOR_EVICT_DISABLE (1<<3) |
2148 |
+ #define CM0_DEPTH_WRITE_DISABLE (1<<1) |
2149 |
+diff --git a/drivers/gpu/drm/i915/intel_hdmi.c b/drivers/gpu/drm/i915/intel_hdmi.c |
2150 |
+index 64541f7..9cd81ba 100644 |
2151 |
+--- a/drivers/gpu/drm/i915/intel_hdmi.c |
2152 |
++++ b/drivers/gpu/drm/i915/intel_hdmi.c |
2153 |
+@@ -136,7 +136,7 @@ static void i9xx_write_infoframe(struct drm_encoder *encoder, |
2154 |
+ |
2155 |
+ val &= ~VIDEO_DIP_SELECT_MASK; |
2156 |
+ |
2157 |
+- I915_WRITE(VIDEO_DIP_CTL, val | port | flags); |
2158 |
++ I915_WRITE(VIDEO_DIP_CTL, VIDEO_DIP_ENABLE | val | port | flags); |
2159 |
+ |
2160 |
+ for (i = 0; i < len; i += 4) { |
2161 |
+ I915_WRITE(VIDEO_DIP_DATA, *data); |
2162 |
+diff --git a/drivers/gpu/drm/i915/intel_ringbuffer.c b/drivers/gpu/drm/i915/intel_ringbuffer.c |
2163 |
+index 8673581..62f9ac5 100644 |
2164 |
+--- a/drivers/gpu/drm/i915/intel_ringbuffer.c |
2165 |
++++ b/drivers/gpu/drm/i915/intel_ringbuffer.c |
2166 |
+@@ -414,6 +414,22 @@ static int init_render_ring(struct intel_ring_buffer *ring) |
2167 |
+ return ret; |
2168 |
+ } |
2169 |
+ |
2170 |
++ |
2171 |
++ if (IS_GEN6(dev)) { |
2172 |
++ /* From the Sandybridge PRM, volume 1 part 3, page 24: |
2173 |
++ * "If this bit is set, STCunit will have LRA as replacement |
2174 |
++ * policy. [...] This bit must be reset. LRA replacement |
2175 |
++ * policy is not supported." |
2176 |
++ */ |
2177 |
++ I915_WRITE(CACHE_MODE_0, |
2178 |
++ CM0_STC_EVICT_DISABLE_LRA_SNB << CM0_MASK_SHIFT); |
2179 |
++ } |
2180 |
++ |
2181 |
++ if (INTEL_INFO(dev)->gen >= 6) { |
2182 |
++ I915_WRITE(INSTPM, |
2183 |
++ INSTPM_FORCE_ORDERING << 16 | INSTPM_FORCE_ORDERING); |
2184 |
++ } |
2185 |
++ |
2186 |
+ return ret; |
2187 |
+ } |
2188 |
+ |
2189 |
+diff --git a/drivers/gpu/drm/i915/intel_sdvo.c b/drivers/gpu/drm/i915/intel_sdvo.c |
2190 |
+index e334ec3..8eddcca 100644 |
2191 |
+--- a/drivers/gpu/drm/i915/intel_sdvo.c |
2192 |
++++ b/drivers/gpu/drm/i915/intel_sdvo.c |
2193 |
+@@ -731,6 +731,7 @@ static void intel_sdvo_get_dtd_from_mode(struct intel_sdvo_dtd *dtd, |
2194 |
+ uint16_t width, height; |
2195 |
+ uint16_t h_blank_len, h_sync_len, v_blank_len, v_sync_len; |
2196 |
+ uint16_t h_sync_offset, v_sync_offset; |
2197 |
++ int mode_clock; |
2198 |
+ |
2199 |
+ width = mode->crtc_hdisplay; |
2200 |
+ height = mode->crtc_vdisplay; |
2201 |
+@@ -745,7 +746,11 @@ static void intel_sdvo_get_dtd_from_mode(struct intel_sdvo_dtd *dtd, |
2202 |
+ h_sync_offset = mode->crtc_hsync_start - mode->crtc_hblank_start; |
2203 |
+ v_sync_offset = mode->crtc_vsync_start - mode->crtc_vblank_start; |
2204 |
+ |
2205 |
+- dtd->part1.clock = mode->clock / 10; |
2206 |
++ mode_clock = mode->clock; |
2207 |
++ mode_clock /= intel_mode_get_pixel_multiplier(mode) ?: 1; |
2208 |
++ mode_clock /= 10; |
2209 |
++ dtd->part1.clock = mode_clock; |
2210 |
++ |
2211 |
+ dtd->part1.h_active = width & 0xff; |
2212 |
+ dtd->part1.h_blank = h_blank_len & 0xff; |
2213 |
+ dtd->part1.h_high = (((width >> 8) & 0xf) << 4) | |
2214 |
+@@ -997,7 +1002,7 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
2215 |
+ struct intel_sdvo *intel_sdvo = to_intel_sdvo(encoder); |
2216 |
+ u32 sdvox; |
2217 |
+ struct intel_sdvo_in_out_map in_out; |
2218 |
+- struct intel_sdvo_dtd input_dtd; |
2219 |
++ struct intel_sdvo_dtd input_dtd, output_dtd; |
2220 |
+ int pixel_multiplier = intel_mode_get_pixel_multiplier(adjusted_mode); |
2221 |
+ int rate; |
2222 |
+ |
2223 |
+@@ -1022,20 +1027,13 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
2224 |
+ intel_sdvo->attached_output)) |
2225 |
+ return; |
2226 |
+ |
2227 |
+- /* We have tried to get input timing in mode_fixup, and filled into |
2228 |
+- * adjusted_mode. |
2229 |
+- */ |
2230 |
+- if (intel_sdvo->is_tv || intel_sdvo->is_lvds) { |
2231 |
+- input_dtd = intel_sdvo->input_dtd; |
2232 |
+- } else { |
2233 |
+- /* Set the output timing to the screen */ |
2234 |
+- if (!intel_sdvo_set_target_output(intel_sdvo, |
2235 |
+- intel_sdvo->attached_output)) |
2236 |
+- return; |
2237 |
+- |
2238 |
+- intel_sdvo_get_dtd_from_mode(&input_dtd, adjusted_mode); |
2239 |
+- (void) intel_sdvo_set_output_timing(intel_sdvo, &input_dtd); |
2240 |
+- } |
2241 |
++ /* lvds has a special fixed output timing. */ |
2242 |
++ if (intel_sdvo->is_lvds) |
2243 |
++ intel_sdvo_get_dtd_from_mode(&output_dtd, |
2244 |
++ intel_sdvo->sdvo_lvds_fixed_mode); |
2245 |
++ else |
2246 |
++ intel_sdvo_get_dtd_from_mode(&output_dtd, mode); |
2247 |
++ (void) intel_sdvo_set_output_timing(intel_sdvo, &output_dtd); |
2248 |
+ |
2249 |
+ /* Set the input timing to the screen. Assume always input 0. */ |
2250 |
+ if (!intel_sdvo_set_target_input(intel_sdvo)) |
2251 |
+@@ -1053,6 +1051,10 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
2252 |
+ !intel_sdvo_set_tv_format(intel_sdvo)) |
2253 |
+ return; |
2254 |
+ |
2255 |
++ /* We have tried to get input timing in mode_fixup, and filled into |
2256 |
++ * adjusted_mode. |
2257 |
++ */ |
2258 |
++ intel_sdvo_get_dtd_from_mode(&input_dtd, adjusted_mode); |
2259 |
+ (void) intel_sdvo_set_input_timing(intel_sdvo, &input_dtd); |
2260 |
+ |
2261 |
+ switch (pixel_multiplier) { |
2262 |
+@@ -1219,8 +1221,14 @@ static bool intel_sdvo_get_capabilities(struct intel_sdvo *intel_sdvo, struct in |
2263 |
+ |
2264 |
+ static int intel_sdvo_supports_hotplug(struct intel_sdvo *intel_sdvo) |
2265 |
+ { |
2266 |
++ struct drm_device *dev = intel_sdvo->base.base.dev; |
2267 |
+ u8 response[2]; |
2268 |
+ |
2269 |
++ /* HW Erratum: SDVO Hotplug is broken on all i945G chips, there's noise |
2270 |
++ * on the line. */ |
2271 |
++ if (IS_I945G(dev) || IS_I945GM(dev)) |
2272 |
++ return false; |
2273 |
++ |
2274 |
+ return intel_sdvo_get_value(intel_sdvo, SDVO_CMD_GET_HOT_PLUG_SUPPORT, |
2275 |
+ &response, 2) && response[0]; |
2276 |
+ } |
2277 |
+diff --git a/drivers/gpu/drm/nouveau/nouveau_acpi.c b/drivers/gpu/drm/nouveau/nouveau_acpi.c |
2278 |
+index 525744d..3df56c7 100644 |
2279 |
+--- a/drivers/gpu/drm/nouveau/nouveau_acpi.c |
2280 |
++++ b/drivers/gpu/drm/nouveau/nouveau_acpi.c |
2281 |
+@@ -245,7 +245,7 @@ static bool nouveau_dsm_detect(void) |
2282 |
+ struct acpi_buffer buffer = {sizeof(acpi_method_name), acpi_method_name}; |
2283 |
+ struct pci_dev *pdev = NULL; |
2284 |
+ int has_dsm = 0; |
2285 |
+- int has_optimus; |
2286 |
++ int has_optimus = 0; |
2287 |
+ int vga_count = 0; |
2288 |
+ bool guid_valid; |
2289 |
+ int retval; |
2290 |
+diff --git a/drivers/gpu/drm/radeon/atombios_crtc.c b/drivers/gpu/drm/radeon/atombios_crtc.c |
2291 |
+index b30081f..757c549 100644 |
2292 |
+--- a/drivers/gpu/drm/radeon/atombios_crtc.c |
2293 |
++++ b/drivers/gpu/drm/radeon/atombios_crtc.c |
2294 |
+@@ -917,8 +917,8 @@ static void atombios_crtc_set_pll(struct drm_crtc *crtc, struct drm_display_mode |
2295 |
+ break; |
2296 |
+ } |
2297 |
+ |
2298 |
+- if (radeon_encoder->active_device & |
2299 |
+- (ATOM_DEVICE_LCD_SUPPORT | ATOM_DEVICE_DFP_SUPPORT)) { |
2300 |
++ if ((radeon_encoder->active_device & (ATOM_DEVICE_LCD_SUPPORT | ATOM_DEVICE_DFP_SUPPORT)) || |
2301 |
++ (radeon_encoder_get_dp_bridge_encoder_id(encoder) != ENCODER_OBJECT_ID_NONE)) { |
2302 |
+ struct radeon_encoder_atom_dig *dig = radeon_encoder->enc_priv; |
2303 |
+ struct drm_connector *connector = |
2304 |
+ radeon_get_connector_for_encoder(encoder); |
2305 |
+diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c |
2306 |
+index 104b376..427468f 100644 |
2307 |
+--- a/drivers/hwmon/coretemp.c |
2308 |
++++ b/drivers/hwmon/coretemp.c |
2309 |
+@@ -51,7 +51,7 @@ module_param_named(tjmax, force_tjmax, int, 0444); |
2310 |
+ MODULE_PARM_DESC(tjmax, "TjMax value in degrees Celsius"); |
2311 |
+ |
2312 |
+ #define BASE_SYSFS_ATTR_NO 2 /* Sysfs Base attr no for coretemp */ |
2313 |
+-#define NUM_REAL_CORES 16 /* Number of Real cores per cpu */ |
2314 |
++#define NUM_REAL_CORES 32 /* Number of Real cores per cpu */ |
2315 |
+ #define CORETEMP_NAME_LENGTH 17 /* String Length of attrs */ |
2316 |
+ #define MAX_CORE_ATTRS 4 /* Maximum no of basic attrs */ |
2317 |
+ #define TOTAL_ATTRS (MAX_CORE_ATTRS + 1) |
2318 |
+@@ -705,6 +705,10 @@ static void __cpuinit put_core_offline(unsigned int cpu) |
2319 |
+ |
2320 |
+ indx = TO_ATTR_NO(cpu); |
2321 |
+ |
2322 |
++ /* The core id is too big, just return */ |
2323 |
++ if (indx > MAX_CORE_DATA - 1) |
2324 |
++ return; |
2325 |
++ |
2326 |
+ if (pdata->core_data[indx] && pdata->core_data[indx]->cpu == cpu) |
2327 |
+ coretemp_remove_core(pdata, &pdev->dev, indx); |
2328 |
+ |
2329 |
+diff --git a/drivers/hwmon/fam15h_power.c b/drivers/hwmon/fam15h_power.c |
2330 |
+index 930370d..9a4c3ab 100644 |
2331 |
+--- a/drivers/hwmon/fam15h_power.c |
2332 |
++++ b/drivers/hwmon/fam15h_power.c |
2333 |
+@@ -122,6 +122,41 @@ static bool __devinit fam15h_power_is_internal_node0(struct pci_dev *f4) |
2334 |
+ return true; |
2335 |
+ } |
2336 |
+ |
2337 |
++/* |
2338 |
++ * Newer BKDG versions have an updated recommendation on how to properly |
2339 |
++ * initialize the running average range (was: 0xE, now: 0x9). This avoids |
2340 |
++ * counter saturations resulting in bogus power readings. |
2341 |
++ * We correct this value ourselves to cope with older BIOSes. |
2342 |
++ */ |
2343 |
++static DEFINE_PCI_DEVICE_TABLE(affected_device) = { |
2344 |
++ { PCI_VDEVICE(AMD, PCI_DEVICE_ID_AMD_15H_NB_F4) }, |
2345 |
++ { 0 } |
2346 |
++}; |
2347 |
++ |
2348 |
++static void __devinit tweak_runavg_range(struct pci_dev *pdev) |
2349 |
++{ |
2350 |
++ u32 val; |
2351 |
++ |
2352 |
++ /* |
2353 |
++ * let this quirk apply only to the current version of the |
2354 |
++ * northbridge, since future versions may change the behavior |
2355 |
++ */ |
2356 |
++ if (!pci_match_id(affected_device, pdev)) |
2357 |
++ return; |
2358 |
++ |
2359 |
++ pci_bus_read_config_dword(pdev->bus, |
2360 |
++ PCI_DEVFN(PCI_SLOT(pdev->devfn), 5), |
2361 |
++ REG_TDP_RUNNING_AVERAGE, &val); |
2362 |
++ if ((val & 0xf) != 0xe) |
2363 |
++ return; |
2364 |
++ |
2365 |
++ val &= ~0xf; |
2366 |
++ val |= 0x9; |
2367 |
++ pci_bus_write_config_dword(pdev->bus, |
2368 |
++ PCI_DEVFN(PCI_SLOT(pdev->devfn), 5), |
2369 |
++ REG_TDP_RUNNING_AVERAGE, val); |
2370 |
++} |
2371 |
++ |
2372 |
+ static void __devinit fam15h_power_init_data(struct pci_dev *f4, |
2373 |
+ struct fam15h_power_data *data) |
2374 |
+ { |
2375 |
+@@ -155,6 +190,13 @@ static int __devinit fam15h_power_probe(struct pci_dev *pdev, |
2376 |
+ struct device *dev; |
2377 |
+ int err; |
2378 |
+ |
2379 |
++ /* |
2380 |
++ * though we ignore every other northbridge, we still have to |
2381 |
++ * do the tweaking on _each_ node in MCM processors as the counters |
2382 |
++ * are working hand-in-hand |
2383 |
++ */ |
2384 |
++ tweak_runavg_range(pdev); |
2385 |
++ |
2386 |
+ if (!fam15h_power_is_internal_node0(pdev)) { |
2387 |
+ err = -ENODEV; |
2388 |
+ goto exit; |
2389 |
+diff --git a/drivers/i2c/busses/i2c-pnx.c b/drivers/i2c/busses/i2c-pnx.c |
2390 |
+index 04be9f8..eb8ad53 100644 |
2391 |
+--- a/drivers/i2c/busses/i2c-pnx.c |
2392 |
++++ b/drivers/i2c/busses/i2c-pnx.c |
2393 |
+@@ -546,8 +546,7 @@ static int i2c_pnx_controller_suspend(struct platform_device *pdev, |
2394 |
+ { |
2395 |
+ struct i2c_pnx_algo_data *alg_data = platform_get_drvdata(pdev); |
2396 |
+ |
2397 |
+- /* FIXME: shouldn't this be clk_disable? */ |
2398 |
+- clk_enable(alg_data->clk); |
2399 |
++ clk_disable(alg_data->clk); |
2400 |
+ |
2401 |
+ return 0; |
2402 |
+ } |
2403 |
+diff --git a/drivers/md/md.c b/drivers/md/md.c |
2404 |
+index 6f37aa4..065ab4f 100644 |
2405 |
+--- a/drivers/md/md.c |
2406 |
++++ b/drivers/md/md.c |
2407 |
+@@ -8100,7 +8100,8 @@ static int md_notify_reboot(struct notifier_block *this, |
2408 |
+ |
2409 |
+ for_each_mddev(mddev, tmp) { |
2410 |
+ if (mddev_trylock(mddev)) { |
2411 |
+- __md_stop_writes(mddev); |
2412 |
++ if (mddev->pers) |
2413 |
++ __md_stop_writes(mddev); |
2414 |
+ mddev->safemode = 2; |
2415 |
+ mddev_unlock(mddev); |
2416 |
+ } |
2417 |
+diff --git a/drivers/media/dvb/frontends/drxk_hard.c b/drivers/media/dvb/frontends/drxk_hard.c |
2418 |
+index f6431ef..a1f5e3d 100644 |
2419 |
+--- a/drivers/media/dvb/frontends/drxk_hard.c |
2420 |
++++ b/drivers/media/dvb/frontends/drxk_hard.c |
2421 |
+@@ -1523,8 +1523,10 @@ static int scu_command(struct drxk_state *state, |
2422 |
+ dprintk(1, "\n"); |
2423 |
+ |
2424 |
+ if ((cmd == 0) || ((parameterLen > 0) && (parameter == NULL)) || |
2425 |
+- ((resultLen > 0) && (result == NULL))) |
2426 |
+- goto error; |
2427 |
++ ((resultLen > 0) && (result == NULL))) { |
2428 |
++ printk(KERN_ERR "drxk: Error %d on %s\n", status, __func__); |
2429 |
++ return status; |
2430 |
++ } |
2431 |
+ |
2432 |
+ mutex_lock(&state->mutex); |
2433 |
+ |
2434 |
+diff --git a/drivers/media/rc/winbond-cir.c b/drivers/media/rc/winbond-cir.c |
2435 |
+index 13f54b5..a7e7d6f 100644 |
2436 |
+--- a/drivers/media/rc/winbond-cir.c |
2437 |
++++ b/drivers/media/rc/winbond-cir.c |
2438 |
+@@ -1046,6 +1046,7 @@ wbcir_probe(struct pnp_dev *device, const struct pnp_device_id *dev_id) |
2439 |
+ goto exit_unregister_led; |
2440 |
+ } |
2441 |
+ |
2442 |
++ data->dev->driver_type = RC_DRIVER_IR_RAW; |
2443 |
+ data->dev->driver_name = WBCIR_NAME; |
2444 |
+ data->dev->input_name = WBCIR_NAME; |
2445 |
+ data->dev->input_phys = "wbcir/cir0"; |
2446 |
+diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c |
2447 |
+index e15e47d..34416d4 100644 |
2448 |
+--- a/drivers/mmc/card/block.c |
2449 |
++++ b/drivers/mmc/card/block.c |
2450 |
+@@ -799,7 +799,7 @@ static int mmc_blk_issue_secdiscard_rq(struct mmc_queue *mq, |
2451 |
+ { |
2452 |
+ struct mmc_blk_data *md = mq->data; |
2453 |
+ struct mmc_card *card = md->queue.card; |
2454 |
+- unsigned int from, nr, arg; |
2455 |
++ unsigned int from, nr, arg, trim_arg, erase_arg; |
2456 |
+ int err = 0, type = MMC_BLK_SECDISCARD; |
2457 |
+ |
2458 |
+ if (!(mmc_can_secure_erase_trim(card) || mmc_can_sanitize(card))) { |
2459 |
+@@ -807,20 +807,26 @@ static int mmc_blk_issue_secdiscard_rq(struct mmc_queue *mq, |
2460 |
+ goto out; |
2461 |
+ } |
2462 |
+ |
2463 |
++ from = blk_rq_pos(req); |
2464 |
++ nr = blk_rq_sectors(req); |
2465 |
++ |
2466 |
+ /* The sanitize operation is supported at v4.5 only */ |
2467 |
+ if (mmc_can_sanitize(card)) { |
2468 |
+- err = mmc_switch(card, EXT_CSD_CMD_SET_NORMAL, |
2469 |
+- EXT_CSD_SANITIZE_START, 1, 0); |
2470 |
+- goto out; |
2471 |
++ erase_arg = MMC_ERASE_ARG; |
2472 |
++ trim_arg = MMC_TRIM_ARG; |
2473 |
++ } else { |
2474 |
++ erase_arg = MMC_SECURE_ERASE_ARG; |
2475 |
++ trim_arg = MMC_SECURE_TRIM1_ARG; |
2476 |
+ } |
2477 |
+ |
2478 |
+- from = blk_rq_pos(req); |
2479 |
+- nr = blk_rq_sectors(req); |
2480 |
+- |
2481 |
+- if (mmc_can_trim(card) && !mmc_erase_group_aligned(card, from, nr)) |
2482 |
+- arg = MMC_SECURE_TRIM1_ARG; |
2483 |
+- else |
2484 |
+- arg = MMC_SECURE_ERASE_ARG; |
2485 |
++ if (mmc_erase_group_aligned(card, from, nr)) |
2486 |
++ arg = erase_arg; |
2487 |
++ else if (mmc_can_trim(card)) |
2488 |
++ arg = trim_arg; |
2489 |
++ else { |
2490 |
++ err = -EINVAL; |
2491 |
++ goto out; |
2492 |
++ } |
2493 |
+ retry: |
2494 |
+ if (card->quirks & MMC_QUIRK_INAND_CMD38) { |
2495 |
+ err = mmc_switch(card, EXT_CSD_CMD_SET_NORMAL, |
2496 |
+@@ -830,25 +836,41 @@ retry: |
2497 |
+ INAND_CMD38_ARG_SECERASE, |
2498 |
+ 0); |
2499 |
+ if (err) |
2500 |
+- goto out; |
2501 |
++ goto out_retry; |
2502 |
+ } |
2503 |
++ |
2504 |
+ err = mmc_erase(card, from, nr, arg); |
2505 |
+- if (!err && arg == MMC_SECURE_TRIM1_ARG) { |
2506 |
++ if (err == -EIO) |
2507 |
++ goto out_retry; |
2508 |
++ if (err) |
2509 |
++ goto out; |
2510 |
++ |
2511 |
++ if (arg == MMC_SECURE_TRIM1_ARG) { |
2512 |
+ if (card->quirks & MMC_QUIRK_INAND_CMD38) { |
2513 |
+ err = mmc_switch(card, EXT_CSD_CMD_SET_NORMAL, |
2514 |
+ INAND_CMD38_ARG_EXT_CSD, |
2515 |
+ INAND_CMD38_ARG_SECTRIM2, |
2516 |
+ 0); |
2517 |
+ if (err) |
2518 |
+- goto out; |
2519 |
++ goto out_retry; |
2520 |
+ } |
2521 |
++ |
2522 |
+ err = mmc_erase(card, from, nr, MMC_SECURE_TRIM2_ARG); |
2523 |
++ if (err == -EIO) |
2524 |
++ goto out_retry; |
2525 |
++ if (err) |
2526 |
++ goto out; |
2527 |
+ } |
2528 |
+-out: |
2529 |
+- if (err == -EIO && !mmc_blk_reset(md, card->host, type)) |
2530 |
++ |
2531 |
++ if (mmc_can_sanitize(card)) |
2532 |
++ err = mmc_switch(card, EXT_CSD_CMD_SET_NORMAL, |
2533 |
++ EXT_CSD_SANITIZE_START, 1, 0); |
2534 |
++out_retry: |
2535 |
++ if (err && !mmc_blk_reset(md, card->host, type)) |
2536 |
+ goto retry; |
2537 |
+ if (!err) |
2538 |
+ mmc_blk_reset_success(md, type); |
2539 |
++out: |
2540 |
+ spin_lock_irq(&md->lock); |
2541 |
+ __blk_end_request(req, err, blk_rq_bytes(req)); |
2542 |
+ spin_unlock_irq(&md->lock); |
2543 |
+diff --git a/drivers/mmc/card/queue.c b/drivers/mmc/card/queue.c |
2544 |
+index dcad59c..78690f2 100644 |
2545 |
+--- a/drivers/mmc/card/queue.c |
2546 |
++++ b/drivers/mmc/card/queue.c |
2547 |
+@@ -134,7 +134,7 @@ static void mmc_queue_setup_discard(struct request_queue *q, |
2548 |
+ |
2549 |
+ queue_flag_set_unlocked(QUEUE_FLAG_DISCARD, q); |
2550 |
+ q->limits.max_discard_sectors = max_discard; |
2551 |
+- if (card->erased_byte == 0) |
2552 |
++ if (card->erased_byte == 0 && !mmc_can_discard(card)) |
2553 |
+ q->limits.discard_zeroes_data = 1; |
2554 |
+ q->limits.discard_granularity = card->pref_erase << 9; |
2555 |
+ /* granularity must not be greater than max. discard */ |
2556 |
+diff --git a/drivers/mmc/core/core.c b/drivers/mmc/core/core.c |
2557 |
+index 950b97d..411a994 100644 |
2558 |
+--- a/drivers/mmc/core/core.c |
2559 |
++++ b/drivers/mmc/core/core.c |
2560 |
+@@ -1516,7 +1516,10 @@ static unsigned int mmc_mmc_erase_timeout(struct mmc_card *card, |
2561 |
+ { |
2562 |
+ unsigned int erase_timeout; |
2563 |
+ |
2564 |
+- if (card->ext_csd.erase_group_def & 1) { |
2565 |
++ if (arg == MMC_DISCARD_ARG || |
2566 |
++ (arg == MMC_TRIM_ARG && card->ext_csd.rev >= 6)) { |
2567 |
++ erase_timeout = card->ext_csd.trim_timeout; |
2568 |
++ } else if (card->ext_csd.erase_group_def & 1) { |
2569 |
+ /* High Capacity Erase Group Size uses HC timeouts */ |
2570 |
+ if (arg == MMC_TRIM_ARG) |
2571 |
+ erase_timeout = card->ext_csd.trim_timeout; |
2572 |
+@@ -1788,8 +1791,6 @@ int mmc_can_trim(struct mmc_card *card) |
2573 |
+ { |
2574 |
+ if (card->ext_csd.sec_feature_support & EXT_CSD_SEC_GB_CL_EN) |
2575 |
+ return 1; |
2576 |
+- if (mmc_can_discard(card)) |
2577 |
+- return 1; |
2578 |
+ return 0; |
2579 |
+ } |
2580 |
+ EXPORT_SYMBOL(mmc_can_trim); |
2581 |
+@@ -1808,6 +1809,8 @@ EXPORT_SYMBOL(mmc_can_discard); |
2582 |
+ |
2583 |
+ int mmc_can_sanitize(struct mmc_card *card) |
2584 |
+ { |
2585 |
++ if (!mmc_can_trim(card) && !mmc_can_erase(card)) |
2586 |
++ return 0; |
2587 |
+ if (card->ext_csd.sec_feature_support & EXT_CSD_SEC_SANITIZE) |
2588 |
+ return 1; |
2589 |
+ return 0; |
2590 |
+diff --git a/drivers/mmc/host/sdhci-esdhc-imx.c b/drivers/mmc/host/sdhci-esdhc-imx.c |
2591 |
+index 4540e37..1b47937 100644 |
2592 |
+--- a/drivers/mmc/host/sdhci-esdhc-imx.c |
2593 |
++++ b/drivers/mmc/host/sdhci-esdhc-imx.c |
2594 |
+@@ -467,8 +467,7 @@ static int __devinit sdhci_esdhc_imx_probe(struct platform_device *pdev) |
2595 |
+ clk_enable(clk); |
2596 |
+ pltfm_host->clk = clk; |
2597 |
+ |
2598 |
+- if (!is_imx25_esdhc(imx_data)) |
2599 |
+- host->quirks |= SDHCI_QUIRK_BROKEN_TIMEOUT_VAL; |
2600 |
++ host->quirks |= SDHCI_QUIRK_BROKEN_TIMEOUT_VAL; |
2601 |
+ |
2602 |
+ if (is_imx25_esdhc(imx_data) || is_imx35_esdhc(imx_data)) |
2603 |
+ /* Fix errata ENGcm07207 present on i.MX25 and i.MX35 */ |
2604 |
+diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
2605 |
+index e58aa2b..f65e0b9 100644 |
2606 |
+--- a/drivers/net/bonding/bond_main.c |
2607 |
++++ b/drivers/net/bonding/bond_main.c |
2608 |
+@@ -2982,7 +2982,11 @@ static void bond_ab_arp_commit(struct bonding *bond, int delta_in_ticks) |
2609 |
+ trans_start + delta_in_ticks)) || |
2610 |
+ bond->curr_active_slave != slave) { |
2611 |
+ slave->link = BOND_LINK_UP; |
2612 |
+- bond->current_arp_slave = NULL; |
2613 |
++ if (bond->current_arp_slave) { |
2614 |
++ bond_set_slave_inactive_flags( |
2615 |
++ bond->current_arp_slave); |
2616 |
++ bond->current_arp_slave = NULL; |
2617 |
++ } |
2618 |
+ |
2619 |
+ pr_info("%s: link status definitely up for interface %s.\n", |
2620 |
+ bond->dev->name, slave->dev->name); |
2621 |
+diff --git a/drivers/net/dummy.c b/drivers/net/dummy.c |
2622 |
+index a7c5e88..eeac9ca 100644 |
2623 |
+--- a/drivers/net/dummy.c |
2624 |
++++ b/drivers/net/dummy.c |
2625 |
+@@ -106,14 +106,14 @@ static int dummy_dev_init(struct net_device *dev) |
2626 |
+ return 0; |
2627 |
+ } |
2628 |
+ |
2629 |
+-static void dummy_dev_free(struct net_device *dev) |
2630 |
++static void dummy_dev_uninit(struct net_device *dev) |
2631 |
+ { |
2632 |
+ free_percpu(dev->dstats); |
2633 |
+- free_netdev(dev); |
2634 |
+ } |
2635 |
+ |
2636 |
+ static const struct net_device_ops dummy_netdev_ops = { |
2637 |
+ .ndo_init = dummy_dev_init, |
2638 |
++ .ndo_uninit = dummy_dev_uninit, |
2639 |
+ .ndo_start_xmit = dummy_xmit, |
2640 |
+ .ndo_validate_addr = eth_validate_addr, |
2641 |
+ .ndo_set_rx_mode = set_multicast_list, |
2642 |
+@@ -127,7 +127,7 @@ static void dummy_setup(struct net_device *dev) |
2643 |
+ |
2644 |
+ /* Initialize the device structure. */ |
2645 |
+ dev->netdev_ops = &dummy_netdev_ops; |
2646 |
+- dev->destructor = dummy_dev_free; |
2647 |
++ dev->destructor = free_netdev; |
2648 |
+ |
2649 |
+ /* Fill in device structure with ethernet-generic values. */ |
2650 |
+ dev->tx_queue_len = 0; |
2651 |
+diff --git a/drivers/net/ethernet/atheros/atlx/atl1.c b/drivers/net/ethernet/atheros/atlx/atl1.c |
2652 |
+index 33a4e35..ee532e1 100644 |
2653 |
+--- a/drivers/net/ethernet/atheros/atlx/atl1.c |
2654 |
++++ b/drivers/net/ethernet/atheros/atlx/atl1.c |
2655 |
+@@ -2473,7 +2473,7 @@ static irqreturn_t atl1_intr(int irq, void *data) |
2656 |
+ "pcie phy link down %x\n", status); |
2657 |
+ if (netif_running(adapter->netdev)) { /* reset MAC */ |
2658 |
+ iowrite32(0, adapter->hw.hw_addr + REG_IMR); |
2659 |
+- schedule_work(&adapter->pcie_dma_to_rst_task); |
2660 |
++ schedule_work(&adapter->reset_dev_task); |
2661 |
+ return IRQ_HANDLED; |
2662 |
+ } |
2663 |
+ } |
2664 |
+@@ -2485,7 +2485,7 @@ static irqreturn_t atl1_intr(int irq, void *data) |
2665 |
+ "pcie DMA r/w error (status = 0x%x)\n", |
2666 |
+ status); |
2667 |
+ iowrite32(0, adapter->hw.hw_addr + REG_IMR); |
2668 |
+- schedule_work(&adapter->pcie_dma_to_rst_task); |
2669 |
++ schedule_work(&adapter->reset_dev_task); |
2670 |
+ return IRQ_HANDLED; |
2671 |
+ } |
2672 |
+ |
2673 |
+@@ -2630,10 +2630,10 @@ static void atl1_down(struct atl1_adapter *adapter) |
2674 |
+ atl1_clean_rx_ring(adapter); |
2675 |
+ } |
2676 |
+ |
2677 |
+-static void atl1_tx_timeout_task(struct work_struct *work) |
2678 |
++static void atl1_reset_dev_task(struct work_struct *work) |
2679 |
+ { |
2680 |
+ struct atl1_adapter *adapter = |
2681 |
+- container_of(work, struct atl1_adapter, tx_timeout_task); |
2682 |
++ container_of(work, struct atl1_adapter, reset_dev_task); |
2683 |
+ struct net_device *netdev = adapter->netdev; |
2684 |
+ |
2685 |
+ netif_device_detach(netdev); |
2686 |
+@@ -3032,12 +3032,10 @@ static int __devinit atl1_probe(struct pci_dev *pdev, |
2687 |
+ (unsigned long)adapter); |
2688 |
+ adapter->phy_timer_pending = false; |
2689 |
+ |
2690 |
+- INIT_WORK(&adapter->tx_timeout_task, atl1_tx_timeout_task); |
2691 |
++ INIT_WORK(&adapter->reset_dev_task, atl1_reset_dev_task); |
2692 |
+ |
2693 |
+ INIT_WORK(&adapter->link_chg_task, atlx_link_chg_task); |
2694 |
+ |
2695 |
+- INIT_WORK(&adapter->pcie_dma_to_rst_task, atl1_tx_timeout_task); |
2696 |
+- |
2697 |
+ err = register_netdev(netdev); |
2698 |
+ if (err) |
2699 |
+ goto err_common; |
2700 |
+diff --git a/drivers/net/ethernet/atheros/atlx/atl1.h b/drivers/net/ethernet/atheros/atlx/atl1.h |
2701 |
+index 109d6da..e04bf4d 100644 |
2702 |
+--- a/drivers/net/ethernet/atheros/atlx/atl1.h |
2703 |
++++ b/drivers/net/ethernet/atheros/atlx/atl1.h |
2704 |
+@@ -758,9 +758,8 @@ struct atl1_adapter { |
2705 |
+ u16 link_speed; |
2706 |
+ u16 link_duplex; |
2707 |
+ spinlock_t lock; |
2708 |
+- struct work_struct tx_timeout_task; |
2709 |
++ struct work_struct reset_dev_task; |
2710 |
+ struct work_struct link_chg_task; |
2711 |
+- struct work_struct pcie_dma_to_rst_task; |
2712 |
+ |
2713 |
+ struct timer_list phy_config_timer; |
2714 |
+ bool phy_timer_pending; |
2715 |
+diff --git a/drivers/net/ethernet/atheros/atlx/atlx.c b/drivers/net/ethernet/atheros/atlx/atlx.c |
2716 |
+index aabcf4b..41c6d83 100644 |
2717 |
+--- a/drivers/net/ethernet/atheros/atlx/atlx.c |
2718 |
++++ b/drivers/net/ethernet/atheros/atlx/atlx.c |
2719 |
+@@ -193,7 +193,7 @@ static void atlx_tx_timeout(struct net_device *netdev) |
2720 |
+ { |
2721 |
+ struct atlx_adapter *adapter = netdev_priv(netdev); |
2722 |
+ /* Do the reset outside of interrupt context */ |
2723 |
+- schedule_work(&adapter->tx_timeout_task); |
2724 |
++ schedule_work(&adapter->reset_dev_task); |
2725 |
+ } |
2726 |
+ |
2727 |
+ /* |
2728 |
+diff --git a/drivers/net/ethernet/micrel/ks8851_mll.c b/drivers/net/ethernet/micrel/ks8851_mll.c |
2729 |
+index d19c849..77241b6 100644 |
2730 |
+--- a/drivers/net/ethernet/micrel/ks8851_mll.c |
2731 |
++++ b/drivers/net/ethernet/micrel/ks8851_mll.c |
2732 |
+@@ -40,7 +40,7 @@ |
2733 |
+ #define DRV_NAME "ks8851_mll" |
2734 |
+ |
2735 |
+ static u8 KS_DEFAULT_MAC_ADDRESS[] = { 0x00, 0x10, 0xA1, 0x86, 0x95, 0x11 }; |
2736 |
+-#define MAX_RECV_FRAMES 32 |
2737 |
++#define MAX_RECV_FRAMES 255 |
2738 |
+ #define MAX_BUF_SIZE 2048 |
2739 |
+ #define TX_BUF_SIZE 2000 |
2740 |
+ #define RX_BUF_SIZE 2000 |
2741 |
+diff --git a/drivers/net/ethernet/micrel/ksz884x.c b/drivers/net/ethernet/micrel/ksz884x.c |
2742 |
+index 7ece990..4b9f4bd 100644 |
2743 |
+--- a/drivers/net/ethernet/micrel/ksz884x.c |
2744 |
++++ b/drivers/net/ethernet/micrel/ksz884x.c |
2745 |
+@@ -5679,7 +5679,7 @@ static int netdev_set_mac_address(struct net_device *dev, void *addr) |
2746 |
+ memcpy(hw->override_addr, mac->sa_data, MAC_ADDR_LEN); |
2747 |
+ } |
2748 |
+ |
2749 |
+- memcpy(dev->dev_addr, mac->sa_data, MAX_ADDR_LEN); |
2750 |
++ memcpy(dev->dev_addr, mac->sa_data, ETH_ALEN); |
2751 |
+ |
2752 |
+ interrupt = hw_block_intr(hw); |
2753 |
+ |
2754 |
+diff --git a/drivers/net/ethernet/realtek/8139cp.c b/drivers/net/ethernet/realtek/8139cp.c |
2755 |
+index aba4f67..8f47907 100644 |
2756 |
+--- a/drivers/net/ethernet/realtek/8139cp.c |
2757 |
++++ b/drivers/net/ethernet/realtek/8139cp.c |
2758 |
+@@ -961,6 +961,11 @@ static inline void cp_start_hw (struct cp_private *cp) |
2759 |
+ cpw8(Cmd, RxOn | TxOn); |
2760 |
+ } |
2761 |
+ |
2762 |
++static void cp_enable_irq(struct cp_private *cp) |
2763 |
++{ |
2764 |
++ cpw16_f(IntrMask, cp_intr_mask); |
2765 |
++} |
2766 |
++ |
2767 |
+ static void cp_init_hw (struct cp_private *cp) |
2768 |
+ { |
2769 |
+ struct net_device *dev = cp->dev; |
2770 |
+@@ -1000,8 +1005,6 @@ static void cp_init_hw (struct cp_private *cp) |
2771 |
+ |
2772 |
+ cpw16(MultiIntr, 0); |
2773 |
+ |
2774 |
+- cpw16_f(IntrMask, cp_intr_mask); |
2775 |
+- |
2776 |
+ cpw8_f(Cfg9346, Cfg9346_Lock); |
2777 |
+ } |
2778 |
+ |
2779 |
+@@ -1133,6 +1136,8 @@ static int cp_open (struct net_device *dev) |
2780 |
+ if (rc) |
2781 |
+ goto err_out_hw; |
2782 |
+ |
2783 |
++ cp_enable_irq(cp); |
2784 |
++ |
2785 |
+ netif_carrier_off(dev); |
2786 |
+ mii_check_media(&cp->mii_if, netif_msg_link(cp), true); |
2787 |
+ netif_start_queue(dev); |
2788 |
+@@ -2034,6 +2039,7 @@ static int cp_resume (struct pci_dev *pdev) |
2789 |
+ /* FIXME: sh*t may happen if the Rx ring buffer is depleted */ |
2790 |
+ cp_init_rings_index (cp); |
2791 |
+ cp_init_hw (cp); |
2792 |
++ cp_enable_irq(cp); |
2793 |
+ netif_start_queue (dev); |
2794 |
+ |
2795 |
+ spin_lock_irqsave (&cp->lock, flags); |
2796 |
+diff --git a/drivers/net/ethernet/smsc/smsc911x.c b/drivers/net/ethernet/smsc/smsc911x.c |
2797 |
+index 8843071..8c7dd21 100644 |
2798 |
+--- a/drivers/net/ethernet/smsc/smsc911x.c |
2799 |
++++ b/drivers/net/ethernet/smsc/smsc911x.c |
2800 |
+@@ -1089,10 +1089,8 @@ smsc911x_rx_counterrors(struct net_device *dev, unsigned int rxstat) |
2801 |
+ |
2802 |
+ /* Quickly dumps bad packets */ |
2803 |
+ static void |
2804 |
+-smsc911x_rx_fastforward(struct smsc911x_data *pdata, unsigned int pktbytes) |
2805 |
++smsc911x_rx_fastforward(struct smsc911x_data *pdata, unsigned int pktwords) |
2806 |
+ { |
2807 |
+- unsigned int pktwords = (pktbytes + NET_IP_ALIGN + 3) >> 2; |
2808 |
+- |
2809 |
+ if (likely(pktwords >= 4)) { |
2810 |
+ unsigned int timeout = 500; |
2811 |
+ unsigned int val; |
2812 |
+@@ -1156,7 +1154,7 @@ static int smsc911x_poll(struct napi_struct *napi, int budget) |
2813 |
+ continue; |
2814 |
+ } |
2815 |
+ |
2816 |
+- skb = netdev_alloc_skb(dev, pktlength + NET_IP_ALIGN); |
2817 |
++ skb = netdev_alloc_skb(dev, pktwords << 2); |
2818 |
+ if (unlikely(!skb)) { |
2819 |
+ SMSC_WARN(pdata, rx_err, |
2820 |
+ "Unable to allocate skb for rx packet"); |
2821 |
+@@ -1166,14 +1164,12 @@ static int smsc911x_poll(struct napi_struct *napi, int budget) |
2822 |
+ break; |
2823 |
+ } |
2824 |
+ |
2825 |
+- skb->data = skb->head; |
2826 |
+- skb_reset_tail_pointer(skb); |
2827 |
++ pdata->ops->rx_readfifo(pdata, |
2828 |
++ (unsigned int *)skb->data, pktwords); |
2829 |
+ |
2830 |
+ /* Align IP on 16B boundary */ |
2831 |
+ skb_reserve(skb, NET_IP_ALIGN); |
2832 |
+ skb_put(skb, pktlength - 4); |
2833 |
+- pdata->ops->rx_readfifo(pdata, |
2834 |
+- (unsigned int *)skb->head, pktwords); |
2835 |
+ skb->protocol = eth_type_trans(skb, dev); |
2836 |
+ skb_checksum_none_assert(skb); |
2837 |
+ netif_receive_skb(skb); |
2838 |
+@@ -1396,7 +1392,7 @@ static int smsc911x_open(struct net_device *dev) |
2839 |
+ smsc911x_reg_write(pdata, FIFO_INT, temp); |
2840 |
+ |
2841 |
+ /* set RX Data offset to 2 bytes for alignment */ |
2842 |
+- smsc911x_reg_write(pdata, RX_CFG, (2 << 8)); |
2843 |
++ smsc911x_reg_write(pdata, RX_CFG, (NET_IP_ALIGN << 8)); |
2844 |
+ |
2845 |
+ /* enable NAPI polling before enabling RX interrupts */ |
2846 |
+ napi_enable(&pdata->napi); |
2847 |
+diff --git a/drivers/net/ethernet/ti/davinci_mdio.c b/drivers/net/ethernet/ti/davinci_mdio.c |
2848 |
+index 7615040..f470ab6 100644 |
2849 |
+--- a/drivers/net/ethernet/ti/davinci_mdio.c |
2850 |
++++ b/drivers/net/ethernet/ti/davinci_mdio.c |
2851 |
+@@ -181,6 +181,11 @@ static inline int wait_for_user_access(struct davinci_mdio_data *data) |
2852 |
+ __davinci_mdio_reset(data); |
2853 |
+ return -EAGAIN; |
2854 |
+ } |
2855 |
++ |
2856 |
++ reg = __raw_readl(®s->user[0].access); |
2857 |
++ if ((reg & USERACCESS_GO) == 0) |
2858 |
++ return 0; |
2859 |
++ |
2860 |
+ dev_err(data->dev, "timed out waiting for user access\n"); |
2861 |
+ return -ETIMEDOUT; |
2862 |
+ } |
2863 |
+diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c |
2864 |
+index 486b404..3ed983c 100644 |
2865 |
+--- a/drivers/net/ppp/ppp_generic.c |
2866 |
++++ b/drivers/net/ppp/ppp_generic.c |
2867 |
+@@ -968,7 +968,6 @@ ppp_start_xmit(struct sk_buff *skb, struct net_device *dev) |
2868 |
+ proto = npindex_to_proto[npi]; |
2869 |
+ put_unaligned_be16(proto, pp); |
2870 |
+ |
2871 |
+- netif_stop_queue(dev); |
2872 |
+ skb_queue_tail(&ppp->file.xq, skb); |
2873 |
+ ppp_xmit_process(ppp); |
2874 |
+ return NETDEV_TX_OK; |
2875 |
+@@ -1063,6 +1062,8 @@ ppp_xmit_process(struct ppp *ppp) |
2876 |
+ code that we can accept some more. */ |
2877 |
+ if (!ppp->xmit_pending && !skb_peek(&ppp->file.xq)) |
2878 |
+ netif_wake_queue(ppp->dev); |
2879 |
++ else |
2880 |
++ netif_stop_queue(ppp->dev); |
2881 |
+ } |
2882 |
+ ppp_xmit_unlock(ppp); |
2883 |
+ } |
2884 |
+diff --git a/drivers/net/usb/smsc75xx.c b/drivers/net/usb/smsc75xx.c |
2885 |
+index a5b9b12..7bd219b 100644 |
2886 |
+--- a/drivers/net/usb/smsc75xx.c |
2887 |
++++ b/drivers/net/usb/smsc75xx.c |
2888 |
+@@ -1050,6 +1050,7 @@ static int smsc75xx_bind(struct usbnet *dev, struct usb_interface *intf) |
2889 |
+ dev->net->ethtool_ops = &smsc75xx_ethtool_ops; |
2890 |
+ dev->net->flags |= IFF_MULTICAST; |
2891 |
+ dev->net->hard_header_len += SMSC75XX_TX_OVERHEAD; |
2892 |
++ dev->hard_mtu = dev->net->mtu + dev->net->hard_header_len; |
2893 |
+ return 0; |
2894 |
+ } |
2895 |
+ |
2896 |
+diff --git a/drivers/net/usb/smsc95xx.c b/drivers/net/usb/smsc95xx.c |
2897 |
+index eff6767..55b3218 100644 |
2898 |
+--- a/drivers/net/usb/smsc95xx.c |
2899 |
++++ b/drivers/net/usb/smsc95xx.c |
2900 |
+@@ -1190,7 +1190,7 @@ static const struct driver_info smsc95xx_info = { |
2901 |
+ .rx_fixup = smsc95xx_rx_fixup, |
2902 |
+ .tx_fixup = smsc95xx_tx_fixup, |
2903 |
+ .status = smsc95xx_status, |
2904 |
+- .flags = FLAG_ETHER | FLAG_SEND_ZLP, |
2905 |
++ .flags = FLAG_ETHER | FLAG_SEND_ZLP | FLAG_LINK_INTR, |
2906 |
+ }; |
2907 |
+ |
2908 |
+ static const struct usb_device_id products[] = { |
2909 |
+diff --git a/drivers/net/wimax/i2400m/netdev.c b/drivers/net/wimax/i2400m/netdev.c |
2910 |
+index 64a1106..4697cf3 100644 |
2911 |
+--- a/drivers/net/wimax/i2400m/netdev.c |
2912 |
++++ b/drivers/net/wimax/i2400m/netdev.c |
2913 |
+@@ -607,7 +607,8 @@ static void i2400m_get_drvinfo(struct net_device *net_dev, |
2914 |
+ struct i2400m *i2400m = net_dev_to_i2400m(net_dev); |
2915 |
+ |
2916 |
+ strncpy(info->driver, KBUILD_MODNAME, sizeof(info->driver) - 1); |
2917 |
+- strncpy(info->fw_version, i2400m->fw_name, sizeof(info->fw_version) - 1); |
2918 |
++ strncpy(info->fw_version, |
2919 |
++ i2400m->fw_name ? : "", sizeof(info->fw_version) - 1); |
2920 |
+ if (net_dev->dev.parent) |
2921 |
+ strncpy(info->bus_info, dev_name(net_dev->dev.parent), |
2922 |
+ sizeof(info->bus_info) - 1); |
2923 |
+diff --git a/drivers/net/wireless/b43/main.c b/drivers/net/wireless/b43/main.c |
2924 |
+index 5634d9a..680709c 100644 |
2925 |
+--- a/drivers/net/wireless/b43/main.c |
2926 |
++++ b/drivers/net/wireless/b43/main.c |
2927 |
+@@ -4820,8 +4820,14 @@ static int b43_op_start(struct ieee80211_hw *hw) |
2928 |
+ out_mutex_unlock: |
2929 |
+ mutex_unlock(&wl->mutex); |
2930 |
+ |
2931 |
+- /* reload configuration */ |
2932 |
+- b43_op_config(hw, ~0); |
2933 |
++ /* |
2934 |
++ * Configuration may have been overwritten during initialization. |
2935 |
++ * Reload the configuration, but only if initialization was |
2936 |
++ * successful. Reloading the configuration after a failed init |
2937 |
++ * may hang the system. |
2938 |
++ */ |
2939 |
++ if (!err) |
2940 |
++ b43_op_config(hw, ~0); |
2941 |
+ |
2942 |
+ return err; |
2943 |
+ } |
2944 |
+diff --git a/drivers/net/wireless/brcm80211/brcmsmac/main.c b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
2945 |
+index 453f58e..f98becc 100644 |
2946 |
+--- a/drivers/net/wireless/brcm80211/brcmsmac/main.c |
2947 |
++++ b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
2948 |
+@@ -7865,6 +7865,7 @@ brcms_c_recvctl(struct brcms_c_info *wlc, struct d11rxhdr *rxh, |
2949 |
+ { |
2950 |
+ int len_mpdu; |
2951 |
+ struct ieee80211_rx_status rx_status; |
2952 |
++ struct ieee80211_hdr *hdr; |
2953 |
+ |
2954 |
+ memset(&rx_status, 0, sizeof(rx_status)); |
2955 |
+ prep_mac80211_status(wlc, rxh, p, &rx_status); |
2956 |
+@@ -7874,6 +7875,13 @@ brcms_c_recvctl(struct brcms_c_info *wlc, struct d11rxhdr *rxh, |
2957 |
+ skb_pull(p, D11_PHY_HDR_LEN); |
2958 |
+ __skb_trim(p, len_mpdu); |
2959 |
+ |
2960 |
++ /* unmute transmit */ |
2961 |
++ if (wlc->hw->suspended_fifos) { |
2962 |
++ hdr = (struct ieee80211_hdr *)p->data; |
2963 |
++ if (ieee80211_is_beacon(hdr->frame_control)) |
2964 |
++ brcms_b_mute(wlc->hw, false); |
2965 |
++ } |
2966 |
++ |
2967 |
+ memcpy(IEEE80211_SKB_RXCB(p), &rx_status, sizeof(rx_status)); |
2968 |
+ ieee80211_rx_irqsafe(wlc->pub->ieee_hw, p); |
2969 |
+ } |
2970 |
+diff --git a/drivers/net/wireless/ipw2x00/ipw2200.c b/drivers/net/wireless/ipw2x00/ipw2200.c |
2971 |
+index 99a710d..827889b 100644 |
2972 |
+--- a/drivers/net/wireless/ipw2x00/ipw2200.c |
2973 |
++++ b/drivers/net/wireless/ipw2x00/ipw2200.c |
2974 |
+@@ -2183,6 +2183,7 @@ static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd) |
2975 |
+ { |
2976 |
+ int rc = 0; |
2977 |
+ unsigned long flags; |
2978 |
++ unsigned long now, end; |
2979 |
+ |
2980 |
+ spin_lock_irqsave(&priv->lock, flags); |
2981 |
+ if (priv->status & STATUS_HCMD_ACTIVE) { |
2982 |
+@@ -2224,10 +2225,20 @@ static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd) |
2983 |
+ } |
2984 |
+ spin_unlock_irqrestore(&priv->lock, flags); |
2985 |
+ |
2986 |
++ now = jiffies; |
2987 |
++ end = now + HOST_COMPLETE_TIMEOUT; |
2988 |
++again: |
2989 |
+ rc = wait_event_interruptible_timeout(priv->wait_command_queue, |
2990 |
+ !(priv-> |
2991 |
+ status & STATUS_HCMD_ACTIVE), |
2992 |
+- HOST_COMPLETE_TIMEOUT); |
2993 |
++ end - now); |
2994 |
++ if (rc < 0) { |
2995 |
++ now = jiffies; |
2996 |
++ if (time_before(now, end)) |
2997 |
++ goto again; |
2998 |
++ rc = 0; |
2999 |
++ } |
3000 |
++ |
3001 |
+ if (rc == 0) { |
3002 |
+ spin_lock_irqsave(&priv->lock, flags); |
3003 |
+ if (priv->status & STATUS_HCMD_ACTIVE) { |
3004 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-1000.c b/drivers/net/wireless/iwlwifi/iwl-1000.c |
3005 |
+index dd008b0..1e6c8cc 100644 |
3006 |
+--- a/drivers/net/wireless/iwlwifi/iwl-1000.c |
3007 |
++++ b/drivers/net/wireless/iwlwifi/iwl-1000.c |
3008 |
+@@ -45,8 +45,8 @@ |
3009 |
+ #include "iwl-cfg.h" |
3010 |
+ |
3011 |
+ /* Highest firmware API version supported */ |
3012 |
+-#define IWL1000_UCODE_API_MAX 6 |
3013 |
+-#define IWL100_UCODE_API_MAX 6 |
3014 |
++#define IWL1000_UCODE_API_MAX 5 |
3015 |
++#define IWL100_UCODE_API_MAX 5 |
3016 |
+ |
3017 |
+ /* Oldest version we won't warn about */ |
3018 |
+ #define IWL1000_UCODE_API_OK 5 |
3019 |
+@@ -244,5 +244,5 @@ struct iwl_cfg iwl100_bg_cfg = { |
3020 |
+ IWL_DEVICE_100, |
3021 |
+ }; |
3022 |
+ |
3023 |
+-MODULE_FIRMWARE(IWL1000_MODULE_FIRMWARE(IWL1000_UCODE_API_MAX)); |
3024 |
+-MODULE_FIRMWARE(IWL100_MODULE_FIRMWARE(IWL100_UCODE_API_MAX)); |
3025 |
++MODULE_FIRMWARE(IWL1000_MODULE_FIRMWARE(IWL1000_UCODE_API_OK)); |
3026 |
++MODULE_FIRMWARE(IWL100_MODULE_FIRMWARE(IWL100_UCODE_API_OK)); |
3027 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-2000.c b/drivers/net/wireless/iwlwifi/iwl-2000.c |
3028 |
+index 7943197..9823e41 100644 |
3029 |
+--- a/drivers/net/wireless/iwlwifi/iwl-2000.c |
3030 |
++++ b/drivers/net/wireless/iwlwifi/iwl-2000.c |
3031 |
+@@ -51,10 +51,10 @@ |
3032 |
+ #define IWL135_UCODE_API_MAX 6 |
3033 |
+ |
3034 |
+ /* Oldest version we won't warn about */ |
3035 |
+-#define IWL2030_UCODE_API_OK 5 |
3036 |
+-#define IWL2000_UCODE_API_OK 5 |
3037 |
+-#define IWL105_UCODE_API_OK 5 |
3038 |
+-#define IWL135_UCODE_API_OK 5 |
3039 |
++#define IWL2030_UCODE_API_OK 6 |
3040 |
++#define IWL2000_UCODE_API_OK 6 |
3041 |
++#define IWL105_UCODE_API_OK 6 |
3042 |
++#define IWL135_UCODE_API_OK 6 |
3043 |
+ |
3044 |
+ /* Lowest firmware API version supported */ |
3045 |
+ #define IWL2030_UCODE_API_MIN 5 |
3046 |
+@@ -372,7 +372,7 @@ struct iwl_cfg iwl135_bgn_cfg = { |
3047 |
+ .ht_params = &iwl2000_ht_params, |
3048 |
+ }; |
3049 |
+ |
3050 |
+-MODULE_FIRMWARE(IWL2000_MODULE_FIRMWARE(IWL2000_UCODE_API_MAX)); |
3051 |
+-MODULE_FIRMWARE(IWL2030_MODULE_FIRMWARE(IWL2030_UCODE_API_MAX)); |
3052 |
+-MODULE_FIRMWARE(IWL105_MODULE_FIRMWARE(IWL105_UCODE_API_MAX)); |
3053 |
+-MODULE_FIRMWARE(IWL135_MODULE_FIRMWARE(IWL135_UCODE_API_MAX)); |
3054 |
++MODULE_FIRMWARE(IWL2000_MODULE_FIRMWARE(IWL2000_UCODE_API_OK)); |
3055 |
++MODULE_FIRMWARE(IWL2030_MODULE_FIRMWARE(IWL2030_UCODE_API_OK)); |
3056 |
++MODULE_FIRMWARE(IWL105_MODULE_FIRMWARE(IWL105_UCODE_API_OK)); |
3057 |
++MODULE_FIRMWARE(IWL135_MODULE_FIRMWARE(IWL135_UCODE_API_OK)); |
3058 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-5000.c b/drivers/net/wireless/iwlwifi/iwl-5000.c |
3059 |
+index f55fb2d..606213f 100644 |
3060 |
+--- a/drivers/net/wireless/iwlwifi/iwl-5000.c |
3061 |
++++ b/drivers/net/wireless/iwlwifi/iwl-5000.c |
3062 |
+@@ -50,6 +50,10 @@ |
3063 |
+ #define IWL5000_UCODE_API_MAX 5 |
3064 |
+ #define IWL5150_UCODE_API_MAX 2 |
3065 |
+ |
3066 |
++/* Oldest version we won't warn about */ |
3067 |
++#define IWL5000_UCODE_API_OK 5 |
3068 |
++#define IWL5150_UCODE_API_OK 2 |
3069 |
++ |
3070 |
+ /* Lowest firmware API version supported */ |
3071 |
+ #define IWL5000_UCODE_API_MIN 1 |
3072 |
+ #define IWL5150_UCODE_API_MIN 1 |
3073 |
+@@ -373,6 +377,7 @@ static struct iwl_ht_params iwl5000_ht_params = { |
3074 |
+ #define IWL_DEVICE_5000 \ |
3075 |
+ .fw_name_pre = IWL5000_FW_PRE, \ |
3076 |
+ .ucode_api_max = IWL5000_UCODE_API_MAX, \ |
3077 |
++ .ucode_api_ok = IWL5000_UCODE_API_OK, \ |
3078 |
+ .ucode_api_min = IWL5000_UCODE_API_MIN, \ |
3079 |
+ .eeprom_ver = EEPROM_5000_EEPROM_VERSION, \ |
3080 |
+ .eeprom_calib_ver = EEPROM_5000_TX_POWER_VERSION, \ |
3081 |
+@@ -416,6 +421,7 @@ struct iwl_cfg iwl5350_agn_cfg = { |
3082 |
+ .name = "Intel(R) WiMAX/WiFi Link 5350 AGN", |
3083 |
+ .fw_name_pre = IWL5000_FW_PRE, |
3084 |
+ .ucode_api_max = IWL5000_UCODE_API_MAX, |
3085 |
++ .ucode_api_ok = IWL5000_UCODE_API_OK, |
3086 |
+ .ucode_api_min = IWL5000_UCODE_API_MIN, |
3087 |
+ .eeprom_ver = EEPROM_5050_EEPROM_VERSION, |
3088 |
+ .eeprom_calib_ver = EEPROM_5050_TX_POWER_VERSION, |
3089 |
+@@ -429,6 +435,7 @@ struct iwl_cfg iwl5350_agn_cfg = { |
3090 |
+ #define IWL_DEVICE_5150 \ |
3091 |
+ .fw_name_pre = IWL5150_FW_PRE, \ |
3092 |
+ .ucode_api_max = IWL5150_UCODE_API_MAX, \ |
3093 |
++ .ucode_api_ok = IWL5150_UCODE_API_OK, \ |
3094 |
+ .ucode_api_min = IWL5150_UCODE_API_MIN, \ |
3095 |
+ .eeprom_ver = EEPROM_5050_EEPROM_VERSION, \ |
3096 |
+ .eeprom_calib_ver = EEPROM_5050_TX_POWER_VERSION, \ |
3097 |
+@@ -450,5 +457,5 @@ struct iwl_cfg iwl5150_abg_cfg = { |
3098 |
+ IWL_DEVICE_5150, |
3099 |
+ }; |
3100 |
+ |
3101 |
+-MODULE_FIRMWARE(IWL5000_MODULE_FIRMWARE(IWL5000_UCODE_API_MAX)); |
3102 |
+-MODULE_FIRMWARE(IWL5150_MODULE_FIRMWARE(IWL5150_UCODE_API_MAX)); |
3103 |
++MODULE_FIRMWARE(IWL5000_MODULE_FIRMWARE(IWL5000_UCODE_API_OK)); |
3104 |
++MODULE_FIRMWARE(IWL5150_MODULE_FIRMWARE(IWL5150_UCODE_API_OK)); |
3105 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-6000.c b/drivers/net/wireless/iwlwifi/iwl-6000.c |
3106 |
+index c840c78..b4f809c 100644 |
3107 |
+--- a/drivers/net/wireless/iwlwifi/iwl-6000.c |
3108 |
++++ b/drivers/net/wireless/iwlwifi/iwl-6000.c |
3109 |
+@@ -46,12 +46,15 @@ |
3110 |
+ #include "iwl-cfg.h" |
3111 |
+ |
3112 |
+ /* Highest firmware API version supported */ |
3113 |
+-#define IWL6000_UCODE_API_MAX 4 |
3114 |
++#define IWL6000_UCODE_API_MAX 6 |
3115 |
+ #define IWL6050_UCODE_API_MAX 5 |
3116 |
+ #define IWL6000G2_UCODE_API_MAX 6 |
3117 |
+ |
3118 |
+ /* Oldest version we won't warn about */ |
3119 |
++#define IWL6000_UCODE_API_OK 4 |
3120 |
+ #define IWL6000G2_UCODE_API_OK 5 |
3121 |
++#define IWL6050_UCODE_API_OK 5 |
3122 |
++#define IWL6000G2B_UCODE_API_OK 6 |
3123 |
+ |
3124 |
+ /* Lowest firmware API version supported */ |
3125 |
+ #define IWL6000_UCODE_API_MIN 4 |
3126 |
+@@ -399,7 +402,7 @@ struct iwl_cfg iwl6005_2agn_d_cfg = { |
3127 |
+ #define IWL_DEVICE_6030 \ |
3128 |
+ .fw_name_pre = IWL6030_FW_PRE, \ |
3129 |
+ .ucode_api_max = IWL6000G2_UCODE_API_MAX, \ |
3130 |
+- .ucode_api_ok = IWL6000G2_UCODE_API_OK, \ |
3131 |
++ .ucode_api_ok = IWL6000G2B_UCODE_API_OK, \ |
3132 |
+ .ucode_api_min = IWL6000G2_UCODE_API_MIN, \ |
3133 |
+ .eeprom_ver = EEPROM_6030_EEPROM_VERSION, \ |
3134 |
+ .eeprom_calib_ver = EEPROM_6030_TX_POWER_VERSION, \ |
3135 |
+@@ -479,6 +482,7 @@ struct iwl_cfg iwl130_bg_cfg = { |
3136 |
+ #define IWL_DEVICE_6000i \ |
3137 |
+ .fw_name_pre = IWL6000_FW_PRE, \ |
3138 |
+ .ucode_api_max = IWL6000_UCODE_API_MAX, \ |
3139 |
++ .ucode_api_ok = IWL6000_UCODE_API_OK, \ |
3140 |
+ .ucode_api_min = IWL6000_UCODE_API_MIN, \ |
3141 |
+ .valid_tx_ant = ANT_BC, /* .cfg overwrite */ \ |
3142 |
+ .valid_rx_ant = ANT_BC, /* .cfg overwrite */ \ |
3143 |
+@@ -559,6 +563,7 @@ struct iwl_cfg iwl6000_3agn_cfg = { |
3144 |
+ .name = "Intel(R) Centrino(R) Ultimate-N 6300 AGN", |
3145 |
+ .fw_name_pre = IWL6000_FW_PRE, |
3146 |
+ .ucode_api_max = IWL6000_UCODE_API_MAX, |
3147 |
++ .ucode_api_ok = IWL6000_UCODE_API_OK, |
3148 |
+ .ucode_api_min = IWL6000_UCODE_API_MIN, |
3149 |
+ .eeprom_ver = EEPROM_6000_EEPROM_VERSION, |
3150 |
+ .eeprom_calib_ver = EEPROM_6000_TX_POWER_VERSION, |
3151 |
+@@ -569,7 +574,7 @@ struct iwl_cfg iwl6000_3agn_cfg = { |
3152 |
+ .led_mode = IWL_LED_BLINK, |
3153 |
+ }; |
3154 |
+ |
3155 |
+-MODULE_FIRMWARE(IWL6000_MODULE_FIRMWARE(IWL6000_UCODE_API_MAX)); |
3156 |
+-MODULE_FIRMWARE(IWL6050_MODULE_FIRMWARE(IWL6050_UCODE_API_MAX)); |
3157 |
+-MODULE_FIRMWARE(IWL6005_MODULE_FIRMWARE(IWL6000G2_UCODE_API_MAX)); |
3158 |
+-MODULE_FIRMWARE(IWL6030_MODULE_FIRMWARE(IWL6000G2_UCODE_API_MAX)); |
3159 |
++MODULE_FIRMWARE(IWL6000_MODULE_FIRMWARE(IWL6000_UCODE_API_OK)); |
3160 |
++MODULE_FIRMWARE(IWL6050_MODULE_FIRMWARE(IWL6050_UCODE_API_OK)); |
3161 |
++MODULE_FIRMWARE(IWL6005_MODULE_FIRMWARE(IWL6000G2_UCODE_API_OK)); |
3162 |
++MODULE_FIRMWARE(IWL6030_MODULE_FIRMWARE(IWL6000G2B_UCODE_API_OK)); |
3163 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-agn.c b/drivers/net/wireless/iwlwifi/iwl-agn.c |
3164 |
+index e0e9a3d..d7d2512 100644 |
3165 |
+--- a/drivers/net/wireless/iwlwifi/iwl-agn.c |
3166 |
++++ b/drivers/net/wireless/iwlwifi/iwl-agn.c |
3167 |
+@@ -1504,7 +1504,6 @@ static void iwl_bg_run_time_calib_work(struct work_struct *work) |
3168 |
+ |
3169 |
+ static void iwlagn_prepare_restart(struct iwl_priv *priv) |
3170 |
+ { |
3171 |
+- struct iwl_rxon_context *ctx; |
3172 |
+ bool bt_full_concurrent; |
3173 |
+ u8 bt_ci_compliance; |
3174 |
+ u8 bt_load; |
3175 |
+@@ -1513,8 +1512,6 @@ static void iwlagn_prepare_restart(struct iwl_priv *priv) |
3176 |
+ |
3177 |
+ lockdep_assert_held(&priv->shrd->mutex); |
3178 |
+ |
3179 |
+- for_each_context(priv, ctx) |
3180 |
+- ctx->vif = NULL; |
3181 |
+ priv->is_open = 0; |
3182 |
+ |
3183 |
+ /* |
3184 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-core.c b/drivers/net/wireless/iwlwifi/iwl-core.c |
3185 |
+index 3d75d4c..832ec4d 100644 |
3186 |
+--- a/drivers/net/wireless/iwlwifi/iwl-core.c |
3187 |
++++ b/drivers/net/wireless/iwlwifi/iwl-core.c |
3188 |
+@@ -1228,6 +1228,7 @@ int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
3189 |
+ struct iwl_rxon_context *tmp, *ctx = NULL; |
3190 |
+ int err; |
3191 |
+ enum nl80211_iftype viftype = ieee80211_vif_type_p2p(vif); |
3192 |
++ bool reset = false; |
3193 |
+ |
3194 |
+ IWL_DEBUG_MAC80211(priv, "enter: type %d, addr %pM\n", |
3195 |
+ viftype, vif->addr); |
3196 |
+@@ -1249,6 +1250,13 @@ int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
3197 |
+ tmp->interface_modes | tmp->exclusive_interface_modes; |
3198 |
+ |
3199 |
+ if (tmp->vif) { |
3200 |
++ /* On reset we need to add the same interface again */ |
3201 |
++ if (tmp->vif == vif) { |
3202 |
++ reset = true; |
3203 |
++ ctx = tmp; |
3204 |
++ break; |
3205 |
++ } |
3206 |
++ |
3207 |
+ /* check if this busy context is exclusive */ |
3208 |
+ if (tmp->exclusive_interface_modes & |
3209 |
+ BIT(tmp->vif->type)) { |
3210 |
+@@ -1275,7 +1283,7 @@ int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
3211 |
+ ctx->vif = vif; |
3212 |
+ |
3213 |
+ err = iwl_setup_interface(priv, ctx); |
3214 |
+- if (!err) |
3215 |
++ if (!err || reset) |
3216 |
+ goto out; |
3217 |
+ |
3218 |
+ ctx->vif = NULL; |
3219 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-fh.h b/drivers/net/wireless/iwlwifi/iwl-fh.h |
3220 |
+index 5bede9d..aae992a 100644 |
3221 |
+--- a/drivers/net/wireless/iwlwifi/iwl-fh.h |
3222 |
++++ b/drivers/net/wireless/iwlwifi/iwl-fh.h |
3223 |
+@@ -104,15 +104,29 @@ |
3224 |
+ * (see struct iwl_tfd_frame). These 16 pointer registers are offset by 0x04 |
3225 |
+ * bytes from one another. Each TFD circular buffer in DRAM must be 256-byte |
3226 |
+ * aligned (address bits 0-7 must be 0). |
3227 |
++ * Later devices have 20 (5000 series) or 30 (higher) queues, but the registers |
3228 |
++ * for them are in different places. |
3229 |
+ * |
3230 |
+ * Bit fields in each pointer register: |
3231 |
+ * 27-0: TFD CB physical base address [35:8], must be 256-byte aligned |
3232 |
+ */ |
3233 |
+-#define FH_MEM_CBBC_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0x9D0) |
3234 |
+-#define FH_MEM_CBBC_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xA10) |
3235 |
+- |
3236 |
+-/* Find TFD CB base pointer for given queue (range 0-15). */ |
3237 |
+-#define FH_MEM_CBBC_QUEUE(x) (FH_MEM_CBBC_LOWER_BOUND + (x) * 0x4) |
3238 |
++#define FH_MEM_CBBC_0_15_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0x9D0) |
3239 |
++#define FH_MEM_CBBC_0_15_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xA10) |
3240 |
++#define FH_MEM_CBBC_16_19_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0xBF0) |
3241 |
++#define FH_MEM_CBBC_16_19_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xC00) |
3242 |
++#define FH_MEM_CBBC_20_31_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0xB20) |
3243 |
++#define FH_MEM_CBBC_20_31_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xB80) |
3244 |
++ |
3245 |
++/* Find TFD CB base pointer for given queue */ |
3246 |
++static inline unsigned int FH_MEM_CBBC_QUEUE(unsigned int chnl) |
3247 |
++{ |
3248 |
++ if (chnl < 16) |
3249 |
++ return FH_MEM_CBBC_0_15_LOWER_BOUND + 4 * chnl; |
3250 |
++ if (chnl < 20) |
3251 |
++ return FH_MEM_CBBC_16_19_LOWER_BOUND + 4 * (chnl - 16); |
3252 |
++ WARN_ON_ONCE(chnl >= 32); |
3253 |
++ return FH_MEM_CBBC_20_31_LOWER_BOUND + 4 * (chnl - 20); |
3254 |
++} |
3255 |
+ |
3256 |
+ |
3257 |
+ /** |
3258 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-prph.h b/drivers/net/wireless/iwlwifi/iwl-prph.h |
3259 |
+index bebdd82..d9b089e 100644 |
3260 |
+--- a/drivers/net/wireless/iwlwifi/iwl-prph.h |
3261 |
++++ b/drivers/net/wireless/iwlwifi/iwl-prph.h |
3262 |
+@@ -227,12 +227,33 @@ |
3263 |
+ #define SCD_AIT (SCD_BASE + 0x0c) |
3264 |
+ #define SCD_TXFACT (SCD_BASE + 0x10) |
3265 |
+ #define SCD_ACTIVE (SCD_BASE + 0x14) |
3266 |
+-#define SCD_QUEUE_WRPTR(x) (SCD_BASE + 0x18 + (x) * 4) |
3267 |
+-#define SCD_QUEUE_RDPTR(x) (SCD_BASE + 0x68 + (x) * 4) |
3268 |
+ #define SCD_QUEUECHAIN_SEL (SCD_BASE + 0xe8) |
3269 |
+ #define SCD_AGGR_SEL (SCD_BASE + 0x248) |
3270 |
+ #define SCD_INTERRUPT_MASK (SCD_BASE + 0x108) |
3271 |
+-#define SCD_QUEUE_STATUS_BITS(x) (SCD_BASE + 0x10c + (x) * 4) |
3272 |
++ |
3273 |
++static inline unsigned int SCD_QUEUE_WRPTR(unsigned int chnl) |
3274 |
++{ |
3275 |
++ if (chnl < 20) |
3276 |
++ return SCD_BASE + 0x18 + chnl * 4; |
3277 |
++ WARN_ON_ONCE(chnl >= 32); |
3278 |
++ return SCD_BASE + 0x284 + (chnl - 20) * 4; |
3279 |
++} |
3280 |
++ |
3281 |
++static inline unsigned int SCD_QUEUE_RDPTR(unsigned int chnl) |
3282 |
++{ |
3283 |
++ if (chnl < 20) |
3284 |
++ return SCD_BASE + 0x68 + chnl * 4; |
3285 |
++ WARN_ON_ONCE(chnl >= 32); |
3286 |
++ return SCD_BASE + 0x2B4 + (chnl - 20) * 4; |
3287 |
++} |
3288 |
++ |
3289 |
++static inline unsigned int SCD_QUEUE_STATUS_BITS(unsigned int chnl) |
3290 |
++{ |
3291 |
++ if (chnl < 20) |
3292 |
++ return SCD_BASE + 0x10c + chnl * 4; |
3293 |
++ WARN_ON_ONCE(chnl >= 32); |
3294 |
++ return SCD_BASE + 0x384 + (chnl - 20) * 4; |
3295 |
++} |
3296 |
+ |
3297 |
+ /*********************** END TX SCHEDULER *************************************/ |
3298 |
+ |
3299 |
+diff --git a/drivers/net/wireless/mwifiex/pcie.h b/drivers/net/wireless/mwifiex/pcie.h |
3300 |
+index 445ff21..2f218f9 100644 |
3301 |
+--- a/drivers/net/wireless/mwifiex/pcie.h |
3302 |
++++ b/drivers/net/wireless/mwifiex/pcie.h |
3303 |
+@@ -48,15 +48,15 @@ |
3304 |
+ #define PCIE_HOST_INT_STATUS_MASK 0xC3C |
3305 |
+ #define PCIE_SCRATCH_2_REG 0xC40 |
3306 |
+ #define PCIE_SCRATCH_3_REG 0xC44 |
3307 |
+-#define PCIE_SCRATCH_4_REG 0xCC0 |
3308 |
+-#define PCIE_SCRATCH_5_REG 0xCC4 |
3309 |
+-#define PCIE_SCRATCH_6_REG 0xCC8 |
3310 |
+-#define PCIE_SCRATCH_7_REG 0xCCC |
3311 |
+-#define PCIE_SCRATCH_8_REG 0xCD0 |
3312 |
+-#define PCIE_SCRATCH_9_REG 0xCD4 |
3313 |
+-#define PCIE_SCRATCH_10_REG 0xCD8 |
3314 |
+-#define PCIE_SCRATCH_11_REG 0xCDC |
3315 |
+-#define PCIE_SCRATCH_12_REG 0xCE0 |
3316 |
++#define PCIE_SCRATCH_4_REG 0xCD0 |
3317 |
++#define PCIE_SCRATCH_5_REG 0xCD4 |
3318 |
++#define PCIE_SCRATCH_6_REG 0xCD8 |
3319 |
++#define PCIE_SCRATCH_7_REG 0xCDC |
3320 |
++#define PCIE_SCRATCH_8_REG 0xCE0 |
3321 |
++#define PCIE_SCRATCH_9_REG 0xCE4 |
3322 |
++#define PCIE_SCRATCH_10_REG 0xCE8 |
3323 |
++#define PCIE_SCRATCH_11_REG 0xCEC |
3324 |
++#define PCIE_SCRATCH_12_REG 0xCF0 |
3325 |
+ |
3326 |
+ #define CPU_INTR_DNLD_RDY BIT(0) |
3327 |
+ #define CPU_INTR_DOOR_BELL BIT(1) |
3328 |
+diff --git a/drivers/net/wireless/rt2x00/rt2800usb.c b/drivers/net/wireless/rt2x00/rt2800usb.c |
3329 |
+index cb71e88..0ffa111 100644 |
3330 |
+--- a/drivers/net/wireless/rt2x00/rt2800usb.c |
3331 |
++++ b/drivers/net/wireless/rt2x00/rt2800usb.c |
3332 |
+@@ -914,12 +914,14 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3333 |
+ { USB_DEVICE(0x050d, 0x8053) }, |
3334 |
+ { USB_DEVICE(0x050d, 0x805c) }, |
3335 |
+ { USB_DEVICE(0x050d, 0x815c) }, |
3336 |
++ { USB_DEVICE(0x050d, 0x825a) }, |
3337 |
+ { USB_DEVICE(0x050d, 0x825b) }, |
3338 |
+ { USB_DEVICE(0x050d, 0x935a) }, |
3339 |
+ { USB_DEVICE(0x050d, 0x935b) }, |
3340 |
+ /* Buffalo */ |
3341 |
+ { USB_DEVICE(0x0411, 0x00e8) }, |
3342 |
+ { USB_DEVICE(0x0411, 0x0158) }, |
3343 |
++ { USB_DEVICE(0x0411, 0x015d) }, |
3344 |
+ { USB_DEVICE(0x0411, 0x016f) }, |
3345 |
+ { USB_DEVICE(0x0411, 0x01a2) }, |
3346 |
+ /* Corega */ |
3347 |
+@@ -934,6 +936,8 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3348 |
+ { USB_DEVICE(0x07d1, 0x3c0e) }, |
3349 |
+ { USB_DEVICE(0x07d1, 0x3c0f) }, |
3350 |
+ { USB_DEVICE(0x07d1, 0x3c11) }, |
3351 |
++ { USB_DEVICE(0x07d1, 0x3c13) }, |
3352 |
++ { USB_DEVICE(0x07d1, 0x3c15) }, |
3353 |
+ { USB_DEVICE(0x07d1, 0x3c16) }, |
3354 |
+ { USB_DEVICE(0x2001, 0x3c1b) }, |
3355 |
+ /* Draytek */ |
3356 |
+@@ -944,6 +948,7 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3357 |
+ { USB_DEVICE(0x7392, 0x7711) }, |
3358 |
+ { USB_DEVICE(0x7392, 0x7717) }, |
3359 |
+ { USB_DEVICE(0x7392, 0x7718) }, |
3360 |
++ { USB_DEVICE(0x7392, 0x7722) }, |
3361 |
+ /* Encore */ |
3362 |
+ { USB_DEVICE(0x203d, 0x1480) }, |
3363 |
+ { USB_DEVICE(0x203d, 0x14a9) }, |
3364 |
+@@ -978,6 +983,7 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3365 |
+ { USB_DEVICE(0x1737, 0x0070) }, |
3366 |
+ { USB_DEVICE(0x1737, 0x0071) }, |
3367 |
+ { USB_DEVICE(0x1737, 0x0077) }, |
3368 |
++ { USB_DEVICE(0x1737, 0x0078) }, |
3369 |
+ /* Logitec */ |
3370 |
+ { USB_DEVICE(0x0789, 0x0162) }, |
3371 |
+ { USB_DEVICE(0x0789, 0x0163) }, |
3372 |
+@@ -1001,9 +1007,13 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3373 |
+ { USB_DEVICE(0x0db0, 0x871b) }, |
3374 |
+ { USB_DEVICE(0x0db0, 0x871c) }, |
3375 |
+ { USB_DEVICE(0x0db0, 0x899a) }, |
3376 |
++ /* Ovislink */ |
3377 |
++ { USB_DEVICE(0x1b75, 0x3071) }, |
3378 |
++ { USB_DEVICE(0x1b75, 0x3072) }, |
3379 |
+ /* Para */ |
3380 |
+ { USB_DEVICE(0x20b8, 0x8888) }, |
3381 |
+ /* Pegatron */ |
3382 |
++ { USB_DEVICE(0x1d4d, 0x0002) }, |
3383 |
+ { USB_DEVICE(0x1d4d, 0x000c) }, |
3384 |
+ { USB_DEVICE(0x1d4d, 0x000e) }, |
3385 |
+ { USB_DEVICE(0x1d4d, 0x0011) }, |
3386 |
+@@ -1056,7 +1066,9 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3387 |
+ /* Sparklan */ |
3388 |
+ { USB_DEVICE(0x15a9, 0x0006) }, |
3389 |
+ /* Sweex */ |
3390 |
++ { USB_DEVICE(0x177f, 0x0153) }, |
3391 |
+ { USB_DEVICE(0x177f, 0x0302) }, |
3392 |
++ { USB_DEVICE(0x177f, 0x0313) }, |
3393 |
+ /* U-Media */ |
3394 |
+ { USB_DEVICE(0x157e, 0x300e) }, |
3395 |
+ { USB_DEVICE(0x157e, 0x3013) }, |
3396 |
+@@ -1140,27 +1152,24 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3397 |
+ { USB_DEVICE(0x13d3, 0x3322) }, |
3398 |
+ /* Belkin */ |
3399 |
+ { USB_DEVICE(0x050d, 0x1003) }, |
3400 |
+- { USB_DEVICE(0x050d, 0x825a) }, |
3401 |
+ /* Buffalo */ |
3402 |
+ { USB_DEVICE(0x0411, 0x012e) }, |
3403 |
+ { USB_DEVICE(0x0411, 0x0148) }, |
3404 |
+ { USB_DEVICE(0x0411, 0x0150) }, |
3405 |
+- { USB_DEVICE(0x0411, 0x015d) }, |
3406 |
+ /* Corega */ |
3407 |
+ { USB_DEVICE(0x07aa, 0x0041) }, |
3408 |
+ { USB_DEVICE(0x07aa, 0x0042) }, |
3409 |
+ { USB_DEVICE(0x18c5, 0x0008) }, |
3410 |
+ /* D-Link */ |
3411 |
+ { USB_DEVICE(0x07d1, 0x3c0b) }, |
3412 |
+- { USB_DEVICE(0x07d1, 0x3c13) }, |
3413 |
+- { USB_DEVICE(0x07d1, 0x3c15) }, |
3414 |
+ { USB_DEVICE(0x07d1, 0x3c17) }, |
3415 |
+ { USB_DEVICE(0x2001, 0x3c17) }, |
3416 |
+ /* Edimax */ |
3417 |
+ { USB_DEVICE(0x7392, 0x4085) }, |
3418 |
+- { USB_DEVICE(0x7392, 0x7722) }, |
3419 |
+ /* Encore */ |
3420 |
+ { USB_DEVICE(0x203d, 0x14a1) }, |
3421 |
++ /* Fujitsu Stylistic 550 */ |
3422 |
++ { USB_DEVICE(0x1690, 0x0761) }, |
3423 |
+ /* Gemtek */ |
3424 |
+ { USB_DEVICE(0x15a9, 0x0010) }, |
3425 |
+ /* Gigabyte */ |
3426 |
+@@ -1172,19 +1181,13 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3427 |
+ /* LevelOne */ |
3428 |
+ { USB_DEVICE(0x1740, 0x0605) }, |
3429 |
+ { USB_DEVICE(0x1740, 0x0615) }, |
3430 |
+- /* Linksys */ |
3431 |
+- { USB_DEVICE(0x1737, 0x0078) }, |
3432 |
+ /* Logitec */ |
3433 |
+ { USB_DEVICE(0x0789, 0x0168) }, |
3434 |
+ { USB_DEVICE(0x0789, 0x0169) }, |
3435 |
+ /* Motorola */ |
3436 |
+ { USB_DEVICE(0x100d, 0x9032) }, |
3437 |
+- /* Ovislink */ |
3438 |
+- { USB_DEVICE(0x1b75, 0x3071) }, |
3439 |
+- { USB_DEVICE(0x1b75, 0x3072) }, |
3440 |
+ /* Pegatron */ |
3441 |
+ { USB_DEVICE(0x05a6, 0x0101) }, |
3442 |
+- { USB_DEVICE(0x1d4d, 0x0002) }, |
3443 |
+ { USB_DEVICE(0x1d4d, 0x0010) }, |
3444 |
+ /* Planex */ |
3445 |
+ { USB_DEVICE(0x2019, 0x5201) }, |
3446 |
+@@ -1203,9 +1206,6 @@ static struct usb_device_id rt2800usb_device_table[] = { |
3447 |
+ { USB_DEVICE(0x083a, 0xc522) }, |
3448 |
+ { USB_DEVICE(0x083a, 0xd522) }, |
3449 |
+ { USB_DEVICE(0x083a, 0xf511) }, |
3450 |
+- /* Sweex */ |
3451 |
+- { USB_DEVICE(0x177f, 0x0153) }, |
3452 |
+- { USB_DEVICE(0x177f, 0x0313) }, |
3453 |
+ /* Zyxel */ |
3454 |
+ { USB_DEVICE(0x0586, 0x341a) }, |
3455 |
+ #endif |
3456 |
+diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c |
3457 |
+index d44d398..47ba0f7 100644 |
3458 |
+--- a/drivers/net/wireless/rtlwifi/pci.c |
3459 |
++++ b/drivers/net/wireless/rtlwifi/pci.c |
3460 |
+@@ -1961,6 +1961,7 @@ void rtl_pci_disconnect(struct pci_dev *pdev) |
3461 |
+ rtl_deinit_deferred_work(hw); |
3462 |
+ rtlpriv->intf_ops->adapter_stop(hw); |
3463 |
+ } |
3464 |
++ rtlpriv->cfg->ops->disable_interrupt(hw); |
3465 |
+ |
3466 |
+ /*deinit rfkill */ |
3467 |
+ rtl_deinit_rfkill(hw); |
3468 |
+diff --git a/drivers/net/wireless/wl1251/main.c b/drivers/net/wireless/wl1251/main.c |
3469 |
+index ba3268e..40c1574 100644 |
3470 |
+--- a/drivers/net/wireless/wl1251/main.c |
3471 |
++++ b/drivers/net/wireless/wl1251/main.c |
3472 |
+@@ -479,6 +479,7 @@ static void wl1251_op_stop(struct ieee80211_hw *hw) |
3473 |
+ cancel_work_sync(&wl->irq_work); |
3474 |
+ cancel_work_sync(&wl->tx_work); |
3475 |
+ cancel_work_sync(&wl->filter_work); |
3476 |
++ cancel_delayed_work_sync(&wl->elp_work); |
3477 |
+ |
3478 |
+ mutex_lock(&wl->mutex); |
3479 |
+ |
3480 |
+diff --git a/drivers/net/wireless/wl1251/sdio.c b/drivers/net/wireless/wl1251/sdio.c |
3481 |
+index f786942..1b851f6 100644 |
3482 |
+--- a/drivers/net/wireless/wl1251/sdio.c |
3483 |
++++ b/drivers/net/wireless/wl1251/sdio.c |
3484 |
+@@ -315,8 +315,8 @@ static void __devexit wl1251_sdio_remove(struct sdio_func *func) |
3485 |
+ |
3486 |
+ if (wl->irq) |
3487 |
+ free_irq(wl->irq, wl); |
3488 |
+- kfree(wl_sdio); |
3489 |
+ wl1251_free_hw(wl); |
3490 |
++ kfree(wl_sdio); |
3491 |
+ |
3492 |
+ sdio_claim_host(func); |
3493 |
+ sdio_release_irq(func); |
3494 |
+diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c |
3495 |
+index 6476547..78fda9c 100644 |
3496 |
+--- a/drivers/pci/quirks.c |
3497 |
++++ b/drivers/pci/quirks.c |
3498 |
+@@ -2906,6 +2906,40 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x65f8, quirk_intel_mc_errata); |
3499 |
+ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x65f9, quirk_intel_mc_errata); |
3500 |
+ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x65fa, quirk_intel_mc_errata); |
3501 |
+ |
3502 |
++/* |
3503 |
++ * Some BIOS implementations leave the Intel GPU interrupts enabled, |
3504 |
++ * even though no one is handling them (f.e. i915 driver is never loaded). |
3505 |
++ * Additionally the interrupt destination is not set up properly |
3506 |
++ * and the interrupt ends up -somewhere-. |
3507 |
++ * |
3508 |
++ * These spurious interrupts are "sticky" and the kernel disables |
3509 |
++ * the (shared) interrupt line after 100.000+ generated interrupts. |
3510 |
++ * |
3511 |
++ * Fix it by disabling the still enabled interrupts. |
3512 |
++ * This resolves crashes often seen on monitor unplug. |
3513 |
++ */ |
3514 |
++#define I915_DEIER_REG 0x4400c |
3515 |
++static void __devinit disable_igfx_irq(struct pci_dev *dev) |
3516 |
++{ |
3517 |
++ void __iomem *regs = pci_iomap(dev, 0, 0); |
3518 |
++ if (regs == NULL) { |
3519 |
++ dev_warn(&dev->dev, "igfx quirk: Can't iomap PCI device\n"); |
3520 |
++ return; |
3521 |
++ } |
3522 |
++ |
3523 |
++ /* Check if any interrupt line is still enabled */ |
3524 |
++ if (readl(regs + I915_DEIER_REG) != 0) { |
3525 |
++ dev_warn(&dev->dev, "BIOS left Intel GPU interrupts enabled; " |
3526 |
++ "disabling\n"); |
3527 |
++ |
3528 |
++ writel(0, regs + I915_DEIER_REG); |
3529 |
++ } |
3530 |
++ |
3531 |
++ pci_iounmap(dev, regs); |
3532 |
++} |
3533 |
++DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x0102, disable_igfx_irq); |
3534 |
++DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x010a, disable_igfx_irq); |
3535 |
++ |
3536 |
+ static void pci_do_fixups(struct pci_dev *dev, struct pci_fixup *f, |
3537 |
+ struct pci_fixup *end) |
3538 |
+ { |
3539 |
+diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c |
3540 |
+index d93e962..1d3bcce 100644 |
3541 |
+--- a/drivers/platform/x86/dell-laptop.c |
3542 |
++++ b/drivers/platform/x86/dell-laptop.c |
3543 |
+@@ -184,6 +184,34 @@ static struct dmi_system_id __devinitdata dell_quirks[] = { |
3544 |
+ }, |
3545 |
+ .driver_data = &quirk_dell_vostro_v130, |
3546 |
+ }, |
3547 |
++ { |
3548 |
++ .callback = dmi_matched, |
3549 |
++ .ident = "Dell Vostro 3555", |
3550 |
++ .matches = { |
3551 |
++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), |
3552 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "Vostro 3555"), |
3553 |
++ }, |
3554 |
++ .driver_data = &quirk_dell_vostro_v130, |
3555 |
++ }, |
3556 |
++ { |
3557 |
++ .callback = dmi_matched, |
3558 |
++ .ident = "Dell Inspiron N311z", |
3559 |
++ .matches = { |
3560 |
++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), |
3561 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron N311z"), |
3562 |
++ }, |
3563 |
++ .driver_data = &quirk_dell_vostro_v130, |
3564 |
++ }, |
3565 |
++ { |
3566 |
++ .callback = dmi_matched, |
3567 |
++ .ident = "Dell Inspiron M5110", |
3568 |
++ .matches = { |
3569 |
++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), |
3570 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron M5110"), |
3571 |
++ }, |
3572 |
++ .driver_data = &quirk_dell_vostro_v130, |
3573 |
++ }, |
3574 |
++ { } |
3575 |
+ }; |
3576 |
+ |
3577 |
+ static struct calling_interface_buffer *buffer; |
3578 |
+@@ -615,6 +643,7 @@ static void touchpad_led_set(struct led_classdev *led_cdev, |
3579 |
+ static struct led_classdev touchpad_led = { |
3580 |
+ .name = "dell-laptop::touchpad", |
3581 |
+ .brightness_set = touchpad_led_set, |
3582 |
++ .flags = LED_CORE_SUSPENDRESUME, |
3583 |
+ }; |
3584 |
+ |
3585 |
+ static int __devinit touchpad_led_init(struct device *dev) |
3586 |
+diff --git a/drivers/scsi/libsas/sas_expander.c b/drivers/scsi/libsas/sas_expander.c |
3587 |
+index 1b831c5..e48ba4b 100644 |
3588 |
+--- a/drivers/scsi/libsas/sas_expander.c |
3589 |
++++ b/drivers/scsi/libsas/sas_expander.c |
3590 |
+@@ -192,7 +192,14 @@ static void sas_set_ex_phy(struct domain_device *dev, int phy_id, |
3591 |
+ phy->attached_sata_ps = dr->attached_sata_ps; |
3592 |
+ phy->attached_iproto = dr->iproto << 1; |
3593 |
+ phy->attached_tproto = dr->tproto << 1; |
3594 |
+- memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE); |
3595 |
++ /* help some expanders that fail to zero sas_address in the 'no |
3596 |
++ * device' case |
3597 |
++ */ |
3598 |
++ if (phy->attached_dev_type == NO_DEVICE || |
3599 |
++ phy->linkrate < SAS_LINK_RATE_1_5_GBPS) |
3600 |
++ memset(phy->attached_sas_addr, 0, SAS_ADDR_SIZE); |
3601 |
++ else |
3602 |
++ memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE); |
3603 |
+ phy->attached_phy_id = dr->attached_phy_id; |
3604 |
+ phy->phy_change_count = dr->change_count; |
3605 |
+ phy->routing_attr = dr->routing_attr; |
3606 |
+@@ -1643,9 +1650,17 @@ static int sas_find_bcast_phy(struct domain_device *dev, int *phy_id, |
3607 |
+ int phy_change_count = 0; |
3608 |
+ |
3609 |
+ res = sas_get_phy_change_count(dev, i, &phy_change_count); |
3610 |
+- if (res) |
3611 |
+- goto out; |
3612 |
+- else if (phy_change_count != ex->ex_phy[i].phy_change_count) { |
3613 |
++ switch (res) { |
3614 |
++ case SMP_RESP_PHY_VACANT: |
3615 |
++ case SMP_RESP_NO_PHY: |
3616 |
++ continue; |
3617 |
++ case SMP_RESP_FUNC_ACC: |
3618 |
++ break; |
3619 |
++ default: |
3620 |
++ return res; |
3621 |
++ } |
3622 |
++ |
3623 |
++ if (phy_change_count != ex->ex_phy[i].phy_change_count) { |
3624 |
+ if (update) |
3625 |
+ ex->ex_phy[i].phy_change_count = |
3626 |
+ phy_change_count; |
3627 |
+@@ -1653,8 +1668,7 @@ static int sas_find_bcast_phy(struct domain_device *dev, int *phy_id, |
3628 |
+ return 0; |
3629 |
+ } |
3630 |
+ } |
3631 |
+-out: |
3632 |
+- return res; |
3633 |
++ return 0; |
3634 |
+ } |
3635 |
+ |
3636 |
+ static int sas_get_ex_change_count(struct domain_device *dev, int *ecc) |
3637 |
+diff --git a/drivers/spi/spi-fsl-spi.c b/drivers/spi/spi-fsl-spi.c |
3638 |
+index 24cacff..5f748c0 100644 |
3639 |
+--- a/drivers/spi/spi-fsl-spi.c |
3640 |
++++ b/drivers/spi/spi-fsl-spi.c |
3641 |
+@@ -139,10 +139,12 @@ static void fsl_spi_change_mode(struct spi_device *spi) |
3642 |
+ static void fsl_spi_chipselect(struct spi_device *spi, int value) |
3643 |
+ { |
3644 |
+ struct mpc8xxx_spi *mpc8xxx_spi = spi_master_get_devdata(spi->master); |
3645 |
+- struct fsl_spi_platform_data *pdata = spi->dev.parent->platform_data; |
3646 |
++ struct fsl_spi_platform_data *pdata; |
3647 |
+ bool pol = spi->mode & SPI_CS_HIGH; |
3648 |
+ struct spi_mpc8xxx_cs *cs = spi->controller_state; |
3649 |
+ |
3650 |
++ pdata = spi->dev.parent->parent->platform_data; |
3651 |
++ |
3652 |
+ if (value == BITBANG_CS_INACTIVE) { |
3653 |
+ if (pdata->cs_control) |
3654 |
+ pdata->cs_control(spi, !pol); |
3655 |
+diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c |
3656 |
+index 77eae99..b2ccdea 100644 |
3657 |
+--- a/drivers/spi/spi.c |
3658 |
++++ b/drivers/spi/spi.c |
3659 |
+@@ -319,7 +319,7 @@ struct spi_device *spi_alloc_device(struct spi_master *master) |
3660 |
+ } |
3661 |
+ |
3662 |
+ spi->master = master; |
3663 |
+- spi->dev.parent = dev; |
3664 |
++ spi->dev.parent = &master->dev; |
3665 |
+ spi->dev.bus = &spi_bus_type; |
3666 |
+ spi->dev.release = spidev_release; |
3667 |
+ device_initialize(&spi->dev); |
3668 |
+diff --git a/drivers/staging/rtl8712/os_intfs.c b/drivers/staging/rtl8712/os_intfs.c |
3669 |
+index fb11743..4bb2797 100644 |
3670 |
+--- a/drivers/staging/rtl8712/os_intfs.c |
3671 |
++++ b/drivers/staging/rtl8712/os_intfs.c |
3672 |
+@@ -476,9 +476,6 @@ static int netdev_close(struct net_device *pnetdev) |
3673 |
+ r8712_free_assoc_resources(padapter); |
3674 |
+ /*s2-4.*/ |
3675 |
+ r8712_free_network_queue(padapter); |
3676 |
+- release_firmware(padapter->fw); |
3677 |
+- /* never exit with a firmware callback pending */ |
3678 |
+- wait_for_completion(&padapter->rtl8712_fw_ready); |
3679 |
+ return 0; |
3680 |
+ } |
3681 |
+ |
3682 |
+diff --git a/drivers/staging/rtl8712/usb_intf.c b/drivers/staging/rtl8712/usb_intf.c |
3683 |
+index 9bade18..ec41d38 100644 |
3684 |
+--- a/drivers/staging/rtl8712/usb_intf.c |
3685 |
++++ b/drivers/staging/rtl8712/usb_intf.c |
3686 |
+@@ -30,6 +30,7 @@ |
3687 |
+ |
3688 |
+ #include <linux/usb.h> |
3689 |
+ #include <linux/module.h> |
3690 |
++#include <linux/firmware.h> |
3691 |
+ |
3692 |
+ #include "osdep_service.h" |
3693 |
+ #include "drv_types.h" |
3694 |
+@@ -621,6 +622,10 @@ static void r871xu_dev_remove(struct usb_interface *pusb_intf) |
3695 |
+ struct _adapter *padapter = netdev_priv(pnetdev); |
3696 |
+ struct usb_device *udev = interface_to_usbdev(pusb_intf); |
3697 |
+ |
3698 |
++ if (padapter->fw_found) |
3699 |
++ release_firmware(padapter->fw); |
3700 |
++ /* never exit with a firmware callback pending */ |
3701 |
++ wait_for_completion(&padapter->rtl8712_fw_ready); |
3702 |
+ usb_set_intfdata(pusb_intf, NULL); |
3703 |
+ if (padapter) { |
3704 |
+ if (drvpriv.drv_registered == true) |
3705 |
+diff --git a/drivers/tty/amiserial.c b/drivers/tty/amiserial.c |
3706 |
+index b84c834..8daf073 100644 |
3707 |
+--- a/drivers/tty/amiserial.c |
3708 |
++++ b/drivers/tty/amiserial.c |
3709 |
+@@ -1113,8 +1113,10 @@ static int set_serial_info(struct async_struct * info, |
3710 |
+ (new_serial.close_delay != state->close_delay) || |
3711 |
+ (new_serial.xmit_fifo_size != state->xmit_fifo_size) || |
3712 |
+ ((new_serial.flags & ~ASYNC_USR_MASK) != |
3713 |
+- (state->flags & ~ASYNC_USR_MASK))) |
3714 |
++ (state->flags & ~ASYNC_USR_MASK))) { |
3715 |
++ tty_unlock(); |
3716 |
+ return -EPERM; |
3717 |
++ } |
3718 |
+ state->flags = ((state->flags & ~ASYNC_USR_MASK) | |
3719 |
+ (new_serial.flags & ASYNC_USR_MASK)); |
3720 |
+ info->flags = ((info->flags & ~ASYNC_USR_MASK) | |
3721 |
+diff --git a/drivers/tty/serial/clps711x.c b/drivers/tty/serial/clps711x.c |
3722 |
+index e6c3dbd..836fe273 100644 |
3723 |
+--- a/drivers/tty/serial/clps711x.c |
3724 |
++++ b/drivers/tty/serial/clps711x.c |
3725 |
+@@ -154,10 +154,9 @@ static irqreturn_t clps711xuart_int_tx(int irq, void *dev_id) |
3726 |
+ port->x_char = 0; |
3727 |
+ return IRQ_HANDLED; |
3728 |
+ } |
3729 |
+- if (uart_circ_empty(xmit) || uart_tx_stopped(port)) { |
3730 |
+- clps711xuart_stop_tx(port); |
3731 |
+- return IRQ_HANDLED; |
3732 |
+- } |
3733 |
++ |
3734 |
++ if (uart_circ_empty(xmit) || uart_tx_stopped(port)) |
3735 |
++ goto disable_tx_irq; |
3736 |
+ |
3737 |
+ count = port->fifosize >> 1; |
3738 |
+ do { |
3739 |
+@@ -171,8 +170,11 @@ static irqreturn_t clps711xuart_int_tx(int irq, void *dev_id) |
3740 |
+ if (uart_circ_chars_pending(xmit) < WAKEUP_CHARS) |
3741 |
+ uart_write_wakeup(port); |
3742 |
+ |
3743 |
+- if (uart_circ_empty(xmit)) |
3744 |
+- clps711xuart_stop_tx(port); |
3745 |
++ if (uart_circ_empty(xmit)) { |
3746 |
++ disable_tx_irq: |
3747 |
++ disable_irq_nosync(TX_IRQ(port)); |
3748 |
++ tx_enabled(port) = 0; |
3749 |
++ } |
3750 |
+ |
3751 |
+ return IRQ_HANDLED; |
3752 |
+ } |
3753 |
+diff --git a/drivers/tty/serial/pch_uart.c b/drivers/tty/serial/pch_uart.c |
3754 |
+index da776a0..a4b192d 100644 |
3755 |
+--- a/drivers/tty/serial/pch_uart.c |
3756 |
++++ b/drivers/tty/serial/pch_uart.c |
3757 |
+@@ -1356,9 +1356,11 @@ static int pch_uart_verify_port(struct uart_port *port, |
3758 |
+ __func__); |
3759 |
+ return -EOPNOTSUPP; |
3760 |
+ #endif |
3761 |
+- priv->use_dma = 1; |
3762 |
+ priv->use_dma_flag = 1; |
3763 |
+ dev_info(priv->port.dev, "PCH UART : Use DMA Mode\n"); |
3764 |
++ if (!priv->use_dma) |
3765 |
++ pch_request_dma(port); |
3766 |
++ priv->use_dma = 1; |
3767 |
+ } |
3768 |
+ |
3769 |
+ return 0; |
3770 |
+diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c |
3771 |
+index 9eb71d8..2db0327 100644 |
3772 |
+--- a/drivers/usb/class/cdc-wdm.c |
3773 |
++++ b/drivers/usb/class/cdc-wdm.c |
3774 |
+@@ -108,8 +108,9 @@ static void wdm_out_callback(struct urb *urb) |
3775 |
+ spin_lock(&desc->iuspin); |
3776 |
+ desc->werr = urb->status; |
3777 |
+ spin_unlock(&desc->iuspin); |
3778 |
+- clear_bit(WDM_IN_USE, &desc->flags); |
3779 |
+ kfree(desc->outbuf); |
3780 |
++ desc->outbuf = NULL; |
3781 |
++ clear_bit(WDM_IN_USE, &desc->flags); |
3782 |
+ wake_up(&desc->wait); |
3783 |
+ } |
3784 |
+ |
3785 |
+@@ -312,7 +313,7 @@ static ssize_t wdm_write |
3786 |
+ if (we < 0) |
3787 |
+ return -EIO; |
3788 |
+ |
3789 |
+- desc->outbuf = buf = kmalloc(count, GFP_KERNEL); |
3790 |
++ buf = kmalloc(count, GFP_KERNEL); |
3791 |
+ if (!buf) { |
3792 |
+ rv = -ENOMEM; |
3793 |
+ goto outnl; |
3794 |
+@@ -376,10 +377,12 @@ static ssize_t wdm_write |
3795 |
+ req->wIndex = desc->inum; |
3796 |
+ req->wLength = cpu_to_le16(count); |
3797 |
+ set_bit(WDM_IN_USE, &desc->flags); |
3798 |
++ desc->outbuf = buf; |
3799 |
+ |
3800 |
+ rv = usb_submit_urb(desc->command, GFP_KERNEL); |
3801 |
+ if (rv < 0) { |
3802 |
+ kfree(buf); |
3803 |
++ desc->outbuf = NULL; |
3804 |
+ clear_bit(WDM_IN_USE, &desc->flags); |
3805 |
+ dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv); |
3806 |
+ } else { |
3807 |
+diff --git a/drivers/usb/core/hcd-pci.c b/drivers/usb/core/hcd-pci.c |
3808 |
+index 61d08dd..5f1404a 100644 |
3809 |
+--- a/drivers/usb/core/hcd-pci.c |
3810 |
++++ b/drivers/usb/core/hcd-pci.c |
3811 |
+@@ -495,6 +495,15 @@ static int hcd_pci_suspend_noirq(struct device *dev) |
3812 |
+ |
3813 |
+ pci_save_state(pci_dev); |
3814 |
+ |
3815 |
++ /* |
3816 |
++ * Some systems crash if an EHCI controller is in D3 during |
3817 |
++ * a sleep transition. We have to leave such controllers in D0. |
3818 |
++ */ |
3819 |
++ if (hcd->broken_pci_sleep) { |
3820 |
++ dev_dbg(dev, "Staying in PCI D0\n"); |
3821 |
++ return retval; |
3822 |
++ } |
3823 |
++ |
3824 |
+ /* If the root hub is dead rather than suspended, disallow remote |
3825 |
+ * wakeup. usb_hc_died() should ensure that both hosts are marked as |
3826 |
+ * dying, so we only need to check the primary roothub. |
3827 |
+diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c |
3828 |
+index e238b3b..2b0a341 100644 |
3829 |
+--- a/drivers/usb/core/hub.c |
3830 |
++++ b/drivers/usb/core/hub.c |
3831 |
+@@ -1644,7 +1644,6 @@ void usb_disconnect(struct usb_device **pdev) |
3832 |
+ { |
3833 |
+ struct usb_device *udev = *pdev; |
3834 |
+ int i; |
3835 |
+- struct usb_hcd *hcd = bus_to_hcd(udev->bus); |
3836 |
+ |
3837 |
+ /* mark the device as inactive, so any further urb submissions for |
3838 |
+ * this device (and any of its children) will fail immediately. |
3839 |
+@@ -1667,9 +1666,7 @@ void usb_disconnect(struct usb_device **pdev) |
3840 |
+ * so that the hardware is now fully quiesced. |
3841 |
+ */ |
3842 |
+ dev_dbg (&udev->dev, "unregistering device\n"); |
3843 |
+- mutex_lock(hcd->bandwidth_mutex); |
3844 |
+ usb_disable_device(udev, 0); |
3845 |
+- mutex_unlock(hcd->bandwidth_mutex); |
3846 |
+ usb_hcd_synchronize_unlinks(udev); |
3847 |
+ |
3848 |
+ usb_remove_ep_devs(&udev->ep0); |
3849 |
+diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c |
3850 |
+index aed3e07..ca717da 100644 |
3851 |
+--- a/drivers/usb/core/message.c |
3852 |
++++ b/drivers/usb/core/message.c |
3853 |
+@@ -1136,8 +1136,6 @@ void usb_disable_interface(struct usb_device *dev, struct usb_interface *intf, |
3854 |
+ * Deallocates hcd/hardware state for the endpoints (nuking all or most |
3855 |
+ * pending urbs) and usbcore state for the interfaces, so that usbcore |
3856 |
+ * must usb_set_configuration() before any interfaces could be used. |
3857 |
+- * |
3858 |
+- * Must be called with hcd->bandwidth_mutex held. |
3859 |
+ */ |
3860 |
+ void usb_disable_device(struct usb_device *dev, int skip_ep0) |
3861 |
+ { |
3862 |
+@@ -1190,7 +1188,9 @@ void usb_disable_device(struct usb_device *dev, int skip_ep0) |
3863 |
+ usb_disable_endpoint(dev, i + USB_DIR_IN, false); |
3864 |
+ } |
3865 |
+ /* Remove endpoints from the host controller internal state */ |
3866 |
++ mutex_lock(hcd->bandwidth_mutex); |
3867 |
+ usb_hcd_alloc_bandwidth(dev, NULL, NULL, NULL); |
3868 |
++ mutex_unlock(hcd->bandwidth_mutex); |
3869 |
+ /* Second pass: remove endpoint pointers */ |
3870 |
+ } |
3871 |
+ for (i = skip_ep0; i < 16; ++i) { |
3872 |
+@@ -1750,7 +1750,6 @@ free_interfaces: |
3873 |
+ /* if it's already configured, clear out old state first. |
3874 |
+ * getting rid of old interfaces means unbinding their drivers. |
3875 |
+ */ |
3876 |
+- mutex_lock(hcd->bandwidth_mutex); |
3877 |
+ if (dev->state != USB_STATE_ADDRESS) |
3878 |
+ usb_disable_device(dev, 1); /* Skip ep0 */ |
3879 |
+ |
3880 |
+@@ -1763,6 +1762,7 @@ free_interfaces: |
3881 |
+ * host controller will not allow submissions to dropped endpoints. If |
3882 |
+ * this call fails, the device state is unchanged. |
3883 |
+ */ |
3884 |
++ mutex_lock(hcd->bandwidth_mutex); |
3885 |
+ ret = usb_hcd_alloc_bandwidth(dev, cp, NULL, NULL); |
3886 |
+ if (ret < 0) { |
3887 |
+ mutex_unlock(hcd->bandwidth_mutex); |
3888 |
+diff --git a/drivers/usb/dwc3/ep0.c b/drivers/usb/dwc3/ep0.c |
3889 |
+index 27bd50a..c0dcf69 100644 |
3890 |
+--- a/drivers/usb/dwc3/ep0.c |
3891 |
++++ b/drivers/usb/dwc3/ep0.c |
3892 |
+@@ -572,9 +572,10 @@ static void dwc3_ep0_complete_data(struct dwc3 *dwc, |
3893 |
+ dwc->ep0_bounced = false; |
3894 |
+ } else { |
3895 |
+ transferred = ur->length - trb.length; |
3896 |
+- ur->actual += transferred; |
3897 |
+ } |
3898 |
+ |
3899 |
++ ur->actual += transferred; |
3900 |
++ |
3901 |
+ if ((epnum & 1) && ur->actual < ur->length) { |
3902 |
+ /* for some reason we did not get everything out */ |
3903 |
+ |
3904 |
+diff --git a/drivers/usb/gadget/dummy_hcd.c b/drivers/usb/gadget/dummy_hcd.c |
3905 |
+index ab8f1b4..527736e 100644 |
3906 |
+--- a/drivers/usb/gadget/dummy_hcd.c |
3907 |
++++ b/drivers/usb/gadget/dummy_hcd.c |
3908 |
+@@ -925,7 +925,6 @@ static int dummy_udc_stop(struct usb_gadget *g, |
3909 |
+ |
3910 |
+ dum->driver = NULL; |
3911 |
+ |
3912 |
+- dummy_pullup(&dum->gadget, 0); |
3913 |
+ return 0; |
3914 |
+ } |
3915 |
+ |
3916 |
+diff --git a/drivers/usb/gadget/f_fs.c b/drivers/usb/gadget/f_fs.c |
3917 |
+index acb3800..0e641a1 100644 |
3918 |
+--- a/drivers/usb/gadget/f_fs.c |
3919 |
++++ b/drivers/usb/gadget/f_fs.c |
3920 |
+@@ -712,7 +712,7 @@ static long ffs_ep0_ioctl(struct file *file, unsigned code, unsigned long value) |
3921 |
+ if (code == FUNCTIONFS_INTERFACE_REVMAP) { |
3922 |
+ struct ffs_function *func = ffs->func; |
3923 |
+ ret = func ? ffs_func_revmap_intf(func, value) : -ENODEV; |
3924 |
+- } else if (gadget->ops->ioctl) { |
3925 |
++ } else if (gadget && gadget->ops->ioctl) { |
3926 |
+ ret = gadget->ops->ioctl(gadget, code, value); |
3927 |
+ } else { |
3928 |
+ ret = -ENOTTY; |
3929 |
+diff --git a/drivers/usb/gadget/f_mass_storage.c b/drivers/usb/gadget/f_mass_storage.c |
3930 |
+index 1a6f415..a5570b6 100644 |
3931 |
+--- a/drivers/usb/gadget/f_mass_storage.c |
3932 |
++++ b/drivers/usb/gadget/f_mass_storage.c |
3933 |
+@@ -2182,7 +2182,7 @@ unknown_cmnd: |
3934 |
+ common->data_size_from_cmnd = 0; |
3935 |
+ sprintf(unknown, "Unknown x%02x", common->cmnd[0]); |
3936 |
+ reply = check_command(common, common->cmnd_size, |
3937 |
+- DATA_DIR_UNKNOWN, 0xff, 0, unknown); |
3938 |
++ DATA_DIR_UNKNOWN, ~0, 0, unknown); |
3939 |
+ if (reply == 0) { |
3940 |
+ common->curlun->sense_data = SS_INVALID_COMMAND; |
3941 |
+ reply = -EINVAL; |
3942 |
+diff --git a/drivers/usb/gadget/file_storage.c b/drivers/usb/gadget/file_storage.c |
3943 |
+index 11b5196..db2d607 100644 |
3944 |
+--- a/drivers/usb/gadget/file_storage.c |
3945 |
++++ b/drivers/usb/gadget/file_storage.c |
3946 |
+@@ -2569,7 +2569,7 @@ static int do_scsi_command(struct fsg_dev *fsg) |
3947 |
+ fsg->data_size_from_cmnd = 0; |
3948 |
+ sprintf(unknown, "Unknown x%02x", fsg->cmnd[0]); |
3949 |
+ if ((reply = check_command(fsg, fsg->cmnd_size, |
3950 |
+- DATA_DIR_UNKNOWN, 0xff, 0, unknown)) == 0) { |
3951 |
++ DATA_DIR_UNKNOWN, ~0, 0, unknown)) == 0) { |
3952 |
+ fsg->curlun->sense_data = SS_INVALID_COMMAND; |
3953 |
+ reply = -EINVAL; |
3954 |
+ } |
3955 |
+diff --git a/drivers/usb/gadget/udc-core.c b/drivers/usb/gadget/udc-core.c |
3956 |
+index 6939e17..901924a 100644 |
3957 |
+--- a/drivers/usb/gadget/udc-core.c |
3958 |
++++ b/drivers/usb/gadget/udc-core.c |
3959 |
+@@ -211,9 +211,9 @@ static void usb_gadget_remove_driver(struct usb_udc *udc) |
3960 |
+ |
3961 |
+ if (udc_is_newstyle(udc)) { |
3962 |
+ udc->driver->disconnect(udc->gadget); |
3963 |
++ usb_gadget_disconnect(udc->gadget); |
3964 |
+ udc->driver->unbind(udc->gadget); |
3965 |
+ usb_gadget_udc_stop(udc->gadget, udc->driver); |
3966 |
+- usb_gadget_disconnect(udc->gadget); |
3967 |
+ } else { |
3968 |
+ usb_gadget_stop(udc->gadget, udc->driver); |
3969 |
+ } |
3970 |
+@@ -359,9 +359,13 @@ static ssize_t usb_udc_softconn_store(struct device *dev, |
3971 |
+ struct usb_udc *udc = container_of(dev, struct usb_udc, dev); |
3972 |
+ |
3973 |
+ if (sysfs_streq(buf, "connect")) { |
3974 |
++ if (udc_is_newstyle(udc)) |
3975 |
++ usb_gadget_udc_start(udc->gadget, udc->driver); |
3976 |
+ usb_gadget_connect(udc->gadget); |
3977 |
+ } else if (sysfs_streq(buf, "disconnect")) { |
3978 |
+ usb_gadget_disconnect(udc->gadget); |
3979 |
++ if (udc_is_newstyle(udc)) |
3980 |
++ usb_gadget_udc_stop(udc->gadget, udc->driver); |
3981 |
+ } else { |
3982 |
+ dev_err(dev, "unsupported command '%s'\n", buf); |
3983 |
+ return -EINVAL; |
3984 |
+diff --git a/drivers/usb/gadget/uvc.h b/drivers/usb/gadget/uvc.h |
3985 |
+index bc78c60..ca4e03a 100644 |
3986 |
+--- a/drivers/usb/gadget/uvc.h |
3987 |
++++ b/drivers/usb/gadget/uvc.h |
3988 |
+@@ -28,7 +28,7 @@ |
3989 |
+ |
3990 |
+ struct uvc_request_data |
3991 |
+ { |
3992 |
+- unsigned int length; |
3993 |
++ __s32 length; |
3994 |
+ __u8 data[60]; |
3995 |
+ }; |
3996 |
+ |
3997 |
+diff --git a/drivers/usb/gadget/uvc_v4l2.c b/drivers/usb/gadget/uvc_v4l2.c |
3998 |
+index f6e083b..54d7ca5 100644 |
3999 |
+--- a/drivers/usb/gadget/uvc_v4l2.c |
4000 |
++++ b/drivers/usb/gadget/uvc_v4l2.c |
4001 |
+@@ -39,7 +39,7 @@ uvc_send_response(struct uvc_device *uvc, struct uvc_request_data *data) |
4002 |
+ if (data->length < 0) |
4003 |
+ return usb_ep_set_halt(cdev->gadget->ep0); |
4004 |
+ |
4005 |
+- req->length = min(uvc->event_length, data->length); |
4006 |
++ req->length = min_t(unsigned int, uvc->event_length, data->length); |
4007 |
+ req->zero = data->length < uvc->event_length; |
4008 |
+ req->dma = DMA_ADDR_INVALID; |
4009 |
+ |
4010 |
+diff --git a/drivers/usb/host/ehci-hcd.c b/drivers/usb/host/ehci-hcd.c |
4011 |
+index 3ff9f82..da2f711 100644 |
4012 |
+--- a/drivers/usb/host/ehci-hcd.c |
4013 |
++++ b/drivers/usb/host/ehci-hcd.c |
4014 |
+@@ -815,8 +815,13 @@ static irqreturn_t ehci_irq (struct usb_hcd *hcd) |
4015 |
+ goto dead; |
4016 |
+ } |
4017 |
+ |
4018 |
++ /* |
4019 |
++ * We don't use STS_FLR, but some controllers don't like it to |
4020 |
++ * remain on, so mask it out along with the other status bits. |
4021 |
++ */ |
4022 |
++ masked_status = status & (INTR_MASK | STS_FLR); |
4023 |
++ |
4024 |
+ /* Shared IRQ? */ |
4025 |
+- masked_status = status & INTR_MASK; |
4026 |
+ if (!masked_status || unlikely(ehci->rh_state == EHCI_RH_HALTED)) { |
4027 |
+ spin_unlock(&ehci->lock); |
4028 |
+ return IRQ_NONE; |
4029 |
+@@ -867,7 +872,7 @@ static irqreturn_t ehci_irq (struct usb_hcd *hcd) |
4030 |
+ pcd_status = status; |
4031 |
+ |
4032 |
+ /* resume root hub? */ |
4033 |
+- if (!(cmd & CMD_RUN)) |
4034 |
++ if (ehci->rh_state == EHCI_RH_SUSPENDED) |
4035 |
+ usb_hcd_resume_root_hub(hcd); |
4036 |
+ |
4037 |
+ /* get per-port change detect bits */ |
4038 |
+diff --git a/drivers/usb/host/ehci-pci.c b/drivers/usb/host/ehci-pci.c |
4039 |
+index f4b627d..971d312 100644 |
4040 |
+--- a/drivers/usb/host/ehci-pci.c |
4041 |
++++ b/drivers/usb/host/ehci-pci.c |
4042 |
+@@ -144,6 +144,14 @@ static int ehci_pci_setup(struct usb_hcd *hcd) |
4043 |
+ hcd->has_tt = 1; |
4044 |
+ tdi_reset(ehci); |
4045 |
+ } |
4046 |
++ if (pdev->subsystem_vendor == PCI_VENDOR_ID_ASUSTEK) { |
4047 |
++ /* EHCI #1 or #2 on 6 Series/C200 Series chipset */ |
4048 |
++ if (pdev->device == 0x1c26 || pdev->device == 0x1c2d) { |
4049 |
++ ehci_info(ehci, "broken D3 during system sleep on ASUS\n"); |
4050 |
++ hcd->broken_pci_sleep = 1; |
4051 |
++ device_set_wakeup_capable(&pdev->dev, false); |
4052 |
++ } |
4053 |
++ } |
4054 |
+ break; |
4055 |
+ case PCI_VENDOR_ID_TDI: |
4056 |
+ if (pdev->device == PCI_DEVICE_ID_TDI_EHCI) { |
4057 |
+diff --git a/drivers/usb/misc/yurex.c b/drivers/usb/misc/yurex.c |
4058 |
+index ac5bfd6..2504694 100644 |
4059 |
+--- a/drivers/usb/misc/yurex.c |
4060 |
++++ b/drivers/usb/misc/yurex.c |
4061 |
+@@ -99,9 +99,7 @@ static void yurex_delete(struct kref *kref) |
4062 |
+ usb_put_dev(dev->udev); |
4063 |
+ if (dev->cntl_urb) { |
4064 |
+ usb_kill_urb(dev->cntl_urb); |
4065 |
+- if (dev->cntl_req) |
4066 |
+- usb_free_coherent(dev->udev, YUREX_BUF_SIZE, |
4067 |
+- dev->cntl_req, dev->cntl_urb->setup_dma); |
4068 |
++ kfree(dev->cntl_req); |
4069 |
+ if (dev->cntl_buffer) |
4070 |
+ usb_free_coherent(dev->udev, YUREX_BUF_SIZE, |
4071 |
+ dev->cntl_buffer, dev->cntl_urb->transfer_dma); |
4072 |
+@@ -234,9 +232,7 @@ static int yurex_probe(struct usb_interface *interface, const struct usb_device_ |
4073 |
+ } |
4074 |
+ |
4075 |
+ /* allocate buffer for control req */ |
4076 |
+- dev->cntl_req = usb_alloc_coherent(dev->udev, YUREX_BUF_SIZE, |
4077 |
+- GFP_KERNEL, |
4078 |
+- &dev->cntl_urb->setup_dma); |
4079 |
++ dev->cntl_req = kmalloc(YUREX_BUF_SIZE, GFP_KERNEL); |
4080 |
+ if (!dev->cntl_req) { |
4081 |
+ err("Could not allocate cntl_req"); |
4082 |
+ goto error; |
4083 |
+@@ -286,7 +282,7 @@ static int yurex_probe(struct usb_interface *interface, const struct usb_device_ |
4084 |
+ usb_rcvintpipe(dev->udev, dev->int_in_endpointAddr), |
4085 |
+ dev->int_buffer, YUREX_BUF_SIZE, yurex_interrupt, |
4086 |
+ dev, 1); |
4087 |
+- dev->cntl_urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; |
4088 |
++ dev->urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP; |
4089 |
+ if (usb_submit_urb(dev->urb, GFP_KERNEL)) { |
4090 |
+ retval = -EIO; |
4091 |
+ err("Could not submitting URB"); |
4092 |
+diff --git a/drivers/usb/musb/omap2430.c b/drivers/usb/musb/omap2430.c |
4093 |
+index ba85f27..a8f0c09 100644 |
4094 |
+--- a/drivers/usb/musb/omap2430.c |
4095 |
++++ b/drivers/usb/musb/omap2430.c |
4096 |
+@@ -282,7 +282,8 @@ static int musb_otg_notifications(struct notifier_block *nb, |
4097 |
+ |
4098 |
+ static int omap2430_musb_init(struct musb *musb) |
4099 |
+ { |
4100 |
+- u32 l, status = 0; |
4101 |
++ u32 l; |
4102 |
++ int status = 0; |
4103 |
+ struct device *dev = musb->controller; |
4104 |
+ struct musb_hdrc_platform_data *plat = dev->platform_data; |
4105 |
+ struct omap_musb_board_data *data = plat->board_data; |
4106 |
+@@ -299,7 +300,7 @@ static int omap2430_musb_init(struct musb *musb) |
4107 |
+ |
4108 |
+ status = pm_runtime_get_sync(dev); |
4109 |
+ if (status < 0) { |
4110 |
+- dev_err(dev, "pm_runtime_get_sync FAILED"); |
4111 |
++ dev_err(dev, "pm_runtime_get_sync FAILED %d\n", status); |
4112 |
+ goto err1; |
4113 |
+ } |
4114 |
+ |
4115 |
+@@ -451,14 +452,14 @@ static int __init omap2430_probe(struct platform_device *pdev) |
4116 |
+ goto err2; |
4117 |
+ } |
4118 |
+ |
4119 |
++ pm_runtime_enable(&pdev->dev); |
4120 |
++ |
4121 |
+ ret = platform_device_add(musb); |
4122 |
+ if (ret) { |
4123 |
+ dev_err(&pdev->dev, "failed to register musb device\n"); |
4124 |
+ goto err2; |
4125 |
+ } |
4126 |
+ |
4127 |
+- pm_runtime_enable(&pdev->dev); |
4128 |
+- |
4129 |
+ return 0; |
4130 |
+ |
4131 |
+ err2: |
4132 |
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c |
4133 |
+index 4c12404..f2c57e0 100644 |
4134 |
+--- a/drivers/usb/serial/cp210x.c |
4135 |
++++ b/drivers/usb/serial/cp210x.c |
4136 |
+@@ -285,7 +285,8 @@ static int cp210x_get_config(struct usb_serial_port *port, u8 request, |
4137 |
+ /* Issue the request, attempting to read 'size' bytes */ |
4138 |
+ result = usb_control_msg(serial->dev, usb_rcvctrlpipe(serial->dev, 0), |
4139 |
+ request, REQTYPE_DEVICE_TO_HOST, 0x0000, |
4140 |
+- port_priv->bInterfaceNumber, buf, size, 300); |
4141 |
++ port_priv->bInterfaceNumber, buf, size, |
4142 |
++ USB_CTRL_GET_TIMEOUT); |
4143 |
+ |
4144 |
+ /* Convert data into an array of integers */ |
4145 |
+ for (i = 0; i < length; i++) |
4146 |
+@@ -335,12 +336,14 @@ static int cp210x_set_config(struct usb_serial_port *port, u8 request, |
4147 |
+ result = usb_control_msg(serial->dev, |
4148 |
+ usb_sndctrlpipe(serial->dev, 0), |
4149 |
+ request, REQTYPE_HOST_TO_DEVICE, 0x0000, |
4150 |
+- port_priv->bInterfaceNumber, buf, size, 300); |
4151 |
++ port_priv->bInterfaceNumber, buf, size, |
4152 |
++ USB_CTRL_SET_TIMEOUT); |
4153 |
+ } else { |
4154 |
+ result = usb_control_msg(serial->dev, |
4155 |
+ usb_sndctrlpipe(serial->dev, 0), |
4156 |
+ request, REQTYPE_HOST_TO_DEVICE, data[0], |
4157 |
+- port_priv->bInterfaceNumber, NULL, 0, 300); |
4158 |
++ port_priv->bInterfaceNumber, NULL, 0, |
4159 |
++ USB_CTRL_SET_TIMEOUT); |
4160 |
+ } |
4161 |
+ |
4162 |
+ kfree(buf); |
4163 |
+diff --git a/drivers/usb/serial/sierra.c b/drivers/usb/serial/sierra.c |
4164 |
+index 7c3ec9e..e093585 100644 |
4165 |
+--- a/drivers/usb/serial/sierra.c |
4166 |
++++ b/drivers/usb/serial/sierra.c |
4167 |
+@@ -221,7 +221,7 @@ static const struct sierra_iface_info typeB_interface_list = { |
4168 |
+ }; |
4169 |
+ |
4170 |
+ /* 'blacklist' of interfaces not served by this driver */ |
4171 |
+-static const u8 direct_ip_non_serial_ifaces[] = { 7, 8, 9, 10, 11 }; |
4172 |
++static const u8 direct_ip_non_serial_ifaces[] = { 7, 8, 9, 10, 11, 19, 20 }; |
4173 |
+ static const struct sierra_iface_info direct_ip_interface_blacklist = { |
4174 |
+ .infolen = ARRAY_SIZE(direct_ip_non_serial_ifaces), |
4175 |
+ .ifaceinfo = direct_ip_non_serial_ifaces, |
4176 |
+@@ -289,7 +289,6 @@ static const struct usb_device_id id_table[] = { |
4177 |
+ { USB_DEVICE(0x1199, 0x6856) }, /* Sierra Wireless AirCard 881 U */ |
4178 |
+ { USB_DEVICE(0x1199, 0x6859) }, /* Sierra Wireless AirCard 885 E */ |
4179 |
+ { USB_DEVICE(0x1199, 0x685A) }, /* Sierra Wireless AirCard 885 E */ |
4180 |
+- { USB_DEVICE(0x1199, 0x68A2) }, /* Sierra Wireless MC7710 */ |
4181 |
+ /* Sierra Wireless C885 */ |
4182 |
+ { USB_DEVICE_AND_INTERFACE_INFO(0x1199, 0x6880, 0xFF, 0xFF, 0xFF)}, |
4183 |
+ /* Sierra Wireless C888, Air Card 501, USB 303, USB 304 */ |
4184 |
+@@ -299,6 +298,9 @@ static const struct usb_device_id id_table[] = { |
4185 |
+ /* Sierra Wireless HSPA Non-Composite Device */ |
4186 |
+ { USB_DEVICE_AND_INTERFACE_INFO(0x1199, 0x6892, 0xFF, 0xFF, 0xFF)}, |
4187 |
+ { USB_DEVICE(0x1199, 0x6893) }, /* Sierra Wireless Device */ |
4188 |
++ { USB_DEVICE(0x1199, 0x68A2), /* Sierra Wireless MC77xx in QMI mode */ |
4189 |
++ .driver_info = (kernel_ulong_t)&direct_ip_interface_blacklist |
4190 |
++ }, |
4191 |
+ { USB_DEVICE(0x1199, 0x68A3), /* Sierra Wireless Direct IP modems */ |
4192 |
+ .driver_info = (kernel_ulong_t)&direct_ip_interface_blacklist |
4193 |
+ }, |
4194 |
+diff --git a/drivers/uwb/hwa-rc.c b/drivers/uwb/hwa-rc.c |
4195 |
+index 2babcd4..86685e9 100644 |
4196 |
+--- a/drivers/uwb/hwa-rc.c |
4197 |
++++ b/drivers/uwb/hwa-rc.c |
4198 |
+@@ -645,7 +645,8 @@ void hwarc_neep_cb(struct urb *urb) |
4199 |
+ dev_err(dev, "NEEP: URB error %d\n", urb->status); |
4200 |
+ } |
4201 |
+ result = usb_submit_urb(urb, GFP_ATOMIC); |
4202 |
+- if (result < 0) { |
4203 |
++ if (result < 0 && result != -ENODEV && result != -EPERM) { |
4204 |
++ /* ignoring unrecoverable errors */ |
4205 |
+ dev_err(dev, "NEEP: Can't resubmit URB (%d) resetting device\n", |
4206 |
+ result); |
4207 |
+ goto error; |
4208 |
+diff --git a/drivers/uwb/neh.c b/drivers/uwb/neh.c |
4209 |
+index a269937..8cb71bb 100644 |
4210 |
+--- a/drivers/uwb/neh.c |
4211 |
++++ b/drivers/uwb/neh.c |
4212 |
+@@ -107,6 +107,7 @@ struct uwb_rc_neh { |
4213 |
+ u8 evt_type; |
4214 |
+ __le16 evt; |
4215 |
+ u8 context; |
4216 |
++ u8 completed; |
4217 |
+ uwb_rc_cmd_cb_f cb; |
4218 |
+ void *arg; |
4219 |
+ |
4220 |
+@@ -409,6 +410,7 @@ static void uwb_rc_neh_grok_event(struct uwb_rc *rc, struct uwb_rceb *rceb, size |
4221 |
+ struct device *dev = &rc->uwb_dev.dev; |
4222 |
+ struct uwb_rc_neh *neh; |
4223 |
+ struct uwb_rceb *notif; |
4224 |
++ unsigned long flags; |
4225 |
+ |
4226 |
+ if (rceb->bEventContext == 0) { |
4227 |
+ notif = kmalloc(size, GFP_ATOMIC); |
4228 |
+@@ -422,7 +424,11 @@ static void uwb_rc_neh_grok_event(struct uwb_rc *rc, struct uwb_rceb *rceb, size |
4229 |
+ } else { |
4230 |
+ neh = uwb_rc_neh_lookup(rc, rceb); |
4231 |
+ if (neh) { |
4232 |
+- del_timer_sync(&neh->timer); |
4233 |
++ spin_lock_irqsave(&rc->neh_lock, flags); |
4234 |
++ /* to guard against a timeout */ |
4235 |
++ neh->completed = 1; |
4236 |
++ del_timer(&neh->timer); |
4237 |
++ spin_unlock_irqrestore(&rc->neh_lock, flags); |
4238 |
+ uwb_rc_neh_cb(neh, rceb, size); |
4239 |
+ } else |
4240 |
+ dev_warn(dev, "event 0x%02x/%04x/%02x (%zu bytes): nobody cared\n", |
4241 |
+@@ -568,6 +574,10 @@ static void uwb_rc_neh_timer(unsigned long arg) |
4242 |
+ unsigned long flags; |
4243 |
+ |
4244 |
+ spin_lock_irqsave(&rc->neh_lock, flags); |
4245 |
++ if (neh->completed) { |
4246 |
++ spin_unlock_irqrestore(&rc->neh_lock, flags); |
4247 |
++ return; |
4248 |
++ } |
4249 |
+ if (neh->context) |
4250 |
+ __uwb_rc_neh_rm(rc, neh); |
4251 |
+ else |
4252 |
+diff --git a/drivers/xen/gntdev.c b/drivers/xen/gntdev.c |
4253 |
+index afca14d..625890c 100644 |
4254 |
+--- a/drivers/xen/gntdev.c |
4255 |
++++ b/drivers/xen/gntdev.c |
4256 |
+@@ -692,7 +692,7 @@ static int gntdev_mmap(struct file *flip, struct vm_area_struct *vma) |
4257 |
+ vma->vm_flags |= VM_RESERVED|VM_DONTEXPAND; |
4258 |
+ |
4259 |
+ if (use_ptemod) |
4260 |
+- vma->vm_flags |= VM_DONTCOPY|VM_PFNMAP; |
4261 |
++ vma->vm_flags |= VM_DONTCOPY; |
4262 |
+ |
4263 |
+ vma->vm_private_data = map; |
4264 |
+ |
4265 |
+diff --git a/drivers/xen/xenbus/xenbus_probe_frontend.c b/drivers/xen/xenbus/xenbus_probe_frontend.c |
4266 |
+index 2f73195..2ce95c0 100644 |
4267 |
+--- a/drivers/xen/xenbus/xenbus_probe_frontend.c |
4268 |
++++ b/drivers/xen/xenbus/xenbus_probe_frontend.c |
4269 |
+@@ -129,7 +129,7 @@ static int read_backend_details(struct xenbus_device *xendev) |
4270 |
+ return xenbus_read_otherend_details(xendev, "backend-id", "backend"); |
4271 |
+ } |
4272 |
+ |
4273 |
+-static int is_device_connecting(struct device *dev, void *data) |
4274 |
++static int is_device_connecting(struct device *dev, void *data, bool ignore_nonessential) |
4275 |
+ { |
4276 |
+ struct xenbus_device *xendev = to_xenbus_device(dev); |
4277 |
+ struct device_driver *drv = data; |
4278 |
+@@ -146,16 +146,41 @@ static int is_device_connecting(struct device *dev, void *data) |
4279 |
+ if (drv && (dev->driver != drv)) |
4280 |
+ return 0; |
4281 |
+ |
4282 |
++ if (ignore_nonessential) { |
4283 |
++ /* With older QEMU, for PVonHVM guests the guest config files |
4284 |
++ * could contain: vfb = [ 'vnc=1, vnclisten=0.0.0.0'] |
4285 |
++ * which is nonsensical as there is no PV FB (there can be |
4286 |
++ * a PVKB) running as HVM guest. */ |
4287 |
++ |
4288 |
++ if ((strncmp(xendev->nodename, "device/vkbd", 11) == 0)) |
4289 |
++ return 0; |
4290 |
++ |
4291 |
++ if ((strncmp(xendev->nodename, "device/vfb", 10) == 0)) |
4292 |
++ return 0; |
4293 |
++ } |
4294 |
+ xendrv = to_xenbus_driver(dev->driver); |
4295 |
+ return (xendev->state < XenbusStateConnected || |
4296 |
+ (xendev->state == XenbusStateConnected && |
4297 |
+ xendrv->is_ready && !xendrv->is_ready(xendev))); |
4298 |
+ } |
4299 |
++static int essential_device_connecting(struct device *dev, void *data) |
4300 |
++{ |
4301 |
++ return is_device_connecting(dev, data, true /* ignore PV[KBB+FB] */); |
4302 |
++} |
4303 |
++static int non_essential_device_connecting(struct device *dev, void *data) |
4304 |
++{ |
4305 |
++ return is_device_connecting(dev, data, false); |
4306 |
++} |
4307 |
+ |
4308 |
+-static int exists_connecting_device(struct device_driver *drv) |
4309 |
++static int exists_essential_connecting_device(struct device_driver *drv) |
4310 |
+ { |
4311 |
+ return bus_for_each_dev(&xenbus_frontend.bus, NULL, drv, |
4312 |
+- is_device_connecting); |
4313 |
++ essential_device_connecting); |
4314 |
++} |
4315 |
++static int exists_non_essential_connecting_device(struct device_driver *drv) |
4316 |
++{ |
4317 |
++ return bus_for_each_dev(&xenbus_frontend.bus, NULL, drv, |
4318 |
++ non_essential_device_connecting); |
4319 |
+ } |
4320 |
+ |
4321 |
+ static int print_device_status(struct device *dev, void *data) |
4322 |
+@@ -186,6 +211,23 @@ static int print_device_status(struct device *dev, void *data) |
4323 |
+ /* We only wait for device setup after most initcalls have run. */ |
4324 |
+ static int ready_to_wait_for_devices; |
4325 |
+ |
4326 |
++static bool wait_loop(unsigned long start, unsigned int max_delay, |
4327 |
++ unsigned int *seconds_waited) |
4328 |
++{ |
4329 |
++ if (time_after(jiffies, start + (*seconds_waited+5)*HZ)) { |
4330 |
++ if (!*seconds_waited) |
4331 |
++ printk(KERN_WARNING "XENBUS: Waiting for " |
4332 |
++ "devices to initialise: "); |
4333 |
++ *seconds_waited += 5; |
4334 |
++ printk("%us...", max_delay - *seconds_waited); |
4335 |
++ if (*seconds_waited == max_delay) |
4336 |
++ return true; |
4337 |
++ } |
4338 |
++ |
4339 |
++ schedule_timeout_interruptible(HZ/10); |
4340 |
++ |
4341 |
++ return false; |
4342 |
++} |
4343 |
+ /* |
4344 |
+ * On a 5-minute timeout, wait for all devices currently configured. We need |
4345 |
+ * to do this to guarantee that the filesystems and / or network devices |
4346 |
+@@ -209,19 +251,14 @@ static void wait_for_devices(struct xenbus_driver *xendrv) |
4347 |
+ if (!ready_to_wait_for_devices || !xen_domain()) |
4348 |
+ return; |
4349 |
+ |
4350 |
+- while (exists_connecting_device(drv)) { |
4351 |
+- if (time_after(jiffies, start + (seconds_waited+5)*HZ)) { |
4352 |
+- if (!seconds_waited) |
4353 |
+- printk(KERN_WARNING "XENBUS: Waiting for " |
4354 |
+- "devices to initialise: "); |
4355 |
+- seconds_waited += 5; |
4356 |
+- printk("%us...", 300 - seconds_waited); |
4357 |
+- if (seconds_waited == 300) |
4358 |
+- break; |
4359 |
+- } |
4360 |
+- |
4361 |
+- schedule_timeout_interruptible(HZ/10); |
4362 |
+- } |
4363 |
++ while (exists_non_essential_connecting_device(drv)) |
4364 |
++ if (wait_loop(start, 30, &seconds_waited)) |
4365 |
++ break; |
4366 |
++ |
4367 |
++ /* Skips PVKB and PVFB check.*/ |
4368 |
++ while (exists_essential_connecting_device(drv)) |
4369 |
++ if (wait_loop(start, 270, &seconds_waited)) |
4370 |
++ break; |
4371 |
+ |
4372 |
+ if (seconds_waited) |
4373 |
+ printk("\n"); |
4374 |
+diff --git a/fs/autofs4/autofs_i.h b/fs/autofs4/autofs_i.h |
4375 |
+index 308a98b..650d520 100644 |
4376 |
+--- a/fs/autofs4/autofs_i.h |
4377 |
++++ b/fs/autofs4/autofs_i.h |
4378 |
+@@ -110,7 +110,6 @@ struct autofs_sb_info { |
4379 |
+ int sub_version; |
4380 |
+ int min_proto; |
4381 |
+ int max_proto; |
4382 |
+- int compat_daemon; |
4383 |
+ unsigned long exp_timeout; |
4384 |
+ unsigned int type; |
4385 |
+ int reghost_enabled; |
4386 |
+@@ -269,6 +268,17 @@ int autofs4_fill_super(struct super_block *, void *, int); |
4387 |
+ struct autofs_info *autofs4_new_ino(struct autofs_sb_info *); |
4388 |
+ void autofs4_clean_ino(struct autofs_info *); |
4389 |
+ |
4390 |
++static inline int autofs_prepare_pipe(struct file *pipe) |
4391 |
++{ |
4392 |
++ if (!pipe->f_op || !pipe->f_op->write) |
4393 |
++ return -EINVAL; |
4394 |
++ if (!S_ISFIFO(pipe->f_dentry->d_inode->i_mode)) |
4395 |
++ return -EINVAL; |
4396 |
++ /* We want a packet pipe */ |
4397 |
++ pipe->f_flags |= O_DIRECT; |
4398 |
++ return 0; |
4399 |
++} |
4400 |
++ |
4401 |
+ /* Queue management functions */ |
4402 |
+ |
4403 |
+ int autofs4_wait(struct autofs_sb_info *,struct dentry *, enum autofs_notify); |
4404 |
+diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c |
4405 |
+index 56bac70..de54271 100644 |
4406 |
+--- a/fs/autofs4/dev-ioctl.c |
4407 |
++++ b/fs/autofs4/dev-ioctl.c |
4408 |
+@@ -376,7 +376,7 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp, |
4409 |
+ err = -EBADF; |
4410 |
+ goto out; |
4411 |
+ } |
4412 |
+- if (!pipe->f_op || !pipe->f_op->write) { |
4413 |
++ if (autofs_prepare_pipe(pipe) < 0) { |
4414 |
+ err = -EPIPE; |
4415 |
+ fput(pipe); |
4416 |
+ goto out; |
4417 |
+@@ -385,7 +385,6 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp, |
4418 |
+ sbi->pipefd = pipefd; |
4419 |
+ sbi->pipe = pipe; |
4420 |
+ sbi->catatonic = 0; |
4421 |
+- sbi->compat_daemon = is_compat_task(); |
4422 |
+ } |
4423 |
+ out: |
4424 |
+ mutex_unlock(&sbi->wq_mutex); |
4425 |
+diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c |
4426 |
+index 98a5695..7b5293e 100644 |
4427 |
+--- a/fs/autofs4/inode.c |
4428 |
++++ b/fs/autofs4/inode.c |
4429 |
+@@ -19,7 +19,6 @@ |
4430 |
+ #include <linux/parser.h> |
4431 |
+ #include <linux/bitops.h> |
4432 |
+ #include <linux/magic.h> |
4433 |
+-#include <linux/compat.h> |
4434 |
+ #include "autofs_i.h" |
4435 |
+ #include <linux/module.h> |
4436 |
+ |
4437 |
+@@ -225,7 +224,6 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) |
4438 |
+ set_autofs_type_indirect(&sbi->type); |
4439 |
+ sbi->min_proto = 0; |
4440 |
+ sbi->max_proto = 0; |
4441 |
+- sbi->compat_daemon = is_compat_task(); |
4442 |
+ mutex_init(&sbi->wq_mutex); |
4443 |
+ spin_lock_init(&sbi->fs_lock); |
4444 |
+ sbi->queues = NULL; |
4445 |
+@@ -294,7 +292,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) |
4446 |
+ printk("autofs: could not open pipe file descriptor\n"); |
4447 |
+ goto fail_dput; |
4448 |
+ } |
4449 |
+- if (!pipe->f_op || !pipe->f_op->write) |
4450 |
++ if (autofs_prepare_pipe(pipe) < 0) |
4451 |
+ goto fail_fput; |
4452 |
+ sbi->pipe = pipe; |
4453 |
+ sbi->pipefd = pipefd; |
4454 |
+diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
4455 |
+index 6861f61..e1fbdee 100644 |
4456 |
+--- a/fs/autofs4/waitq.c |
4457 |
++++ b/fs/autofs4/waitq.c |
4458 |
+@@ -90,24 +90,7 @@ static int autofs4_write(struct file *file, const void *addr, int bytes) |
4459 |
+ |
4460 |
+ return (bytes > 0); |
4461 |
+ } |
4462 |
+- |
4463 |
+-/* |
4464 |
+- * The autofs_v5 packet was misdesigned. |
4465 |
+- * |
4466 |
+- * The packets are identical on x86-32 and x86-64, but have different |
4467 |
+- * alignment. Which means that 'sizeof()' will give different results. |
4468 |
+- * Fix it up for the case of running 32-bit user mode on a 64-bit kernel. |
4469 |
+- */ |
4470 |
+-static noinline size_t autofs_v5_packet_size(struct autofs_sb_info *sbi) |
4471 |
+-{ |
4472 |
+- size_t pktsz = sizeof(struct autofs_v5_packet); |
4473 |
+-#if defined(CONFIG_X86_64) && defined(CONFIG_COMPAT) |
4474 |
+- if (sbi->compat_daemon > 0) |
4475 |
+- pktsz -= 4; |
4476 |
+-#endif |
4477 |
+- return pktsz; |
4478 |
+-} |
4479 |
+- |
4480 |
++ |
4481 |
+ static void autofs4_notify_daemon(struct autofs_sb_info *sbi, |
4482 |
+ struct autofs_wait_queue *wq, |
4483 |
+ int type) |
4484 |
+@@ -164,7 +147,8 @@ static void autofs4_notify_daemon(struct autofs_sb_info *sbi, |
4485 |
+ { |
4486 |
+ struct autofs_v5_packet *packet = &pkt.v5_pkt.v5_packet; |
4487 |
+ |
4488 |
+- pktsz = autofs_v5_packet_size(sbi); |
4489 |
++ pktsz = sizeof(*packet); |
4490 |
++ |
4491 |
+ packet->wait_queue_token = wq->wait_queue_token; |
4492 |
+ packet->len = wq->name.len; |
4493 |
+ memcpy(packet->name, wq->name.name, wq->name.len); |
4494 |
+diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h |
4495 |
+index 6738503..83a871f 100644 |
4496 |
+--- a/fs/btrfs/ctree.h |
4497 |
++++ b/fs/btrfs/ctree.h |
4498 |
+@@ -2025,7 +2025,7 @@ BTRFS_SETGET_STACK_FUNCS(root_last_snapshot, struct btrfs_root_item, |
4499 |
+ |
4500 |
+ static inline bool btrfs_root_readonly(struct btrfs_root *root) |
4501 |
+ { |
4502 |
+- return root->root_item.flags & BTRFS_ROOT_SUBVOL_RDONLY; |
4503 |
++ return (root->root_item.flags & cpu_to_le64(BTRFS_ROOT_SUBVOL_RDONLY)) != 0; |
4504 |
+ } |
4505 |
+ |
4506 |
+ /* struct btrfs_root_backup */ |
4507 |
+diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c |
4508 |
+index 0e6adac..e89803b 100644 |
4509 |
+--- a/fs/cifs/cifssmb.c |
4510 |
++++ b/fs/cifs/cifssmb.c |
4511 |
+@@ -4826,8 +4826,12 @@ parse_DFS_referrals(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr, |
4512 |
+ max_len = data_end - temp; |
4513 |
+ node->node_name = cifs_strndup_from_ucs(temp, max_len, |
4514 |
+ is_unicode, nls_codepage); |
4515 |
+- if (!node->node_name) |
4516 |
++ if (!node->node_name) { |
4517 |
+ rc = -ENOMEM; |
4518 |
++ goto parse_DFS_referrals_exit; |
4519 |
++ } |
4520 |
++ |
4521 |
++ ref++; |
4522 |
+ } |
4523 |
+ |
4524 |
+ parse_DFS_referrals_exit: |
4525 |
+diff --git a/fs/eventpoll.c b/fs/eventpoll.c |
4526 |
+index ea54cde..4d9d3a4 100644 |
4527 |
+--- a/fs/eventpoll.c |
4528 |
++++ b/fs/eventpoll.c |
4529 |
+@@ -988,6 +988,10 @@ static int path_count[PATH_ARR_SIZE]; |
4530 |
+ |
4531 |
+ static int path_count_inc(int nests) |
4532 |
+ { |
4533 |
++ /* Allow an arbitrary number of depth 1 paths */ |
4534 |
++ if (nests == 0) |
4535 |
++ return 0; |
4536 |
++ |
4537 |
+ if (++path_count[nests] > path_limits[nests]) |
4538 |
+ return -1; |
4539 |
+ return 0; |
4540 |
+diff --git a/fs/exec.c b/fs/exec.c |
4541 |
+index 3625464..160cd2f 100644 |
4542 |
+--- a/fs/exec.c |
4543 |
++++ b/fs/exec.c |
4544 |
+@@ -973,6 +973,9 @@ static int de_thread(struct task_struct *tsk) |
4545 |
+ sig->notify_count = 0; |
4546 |
+ |
4547 |
+ no_thread_group: |
4548 |
++ /* we have changed execution domain */ |
4549 |
++ tsk->exit_signal = SIGCHLD; |
4550 |
++ |
4551 |
+ if (current->mm) |
4552 |
+ setmax_mm_hiwater_rss(&sig->maxrss, current->mm); |
4553 |
+ |
4554 |
+diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c |
4555 |
+index c2a2012..54f2bdc 100644 |
4556 |
+--- a/fs/ext4/extents.c |
4557 |
++++ b/fs/ext4/extents.c |
4558 |
+@@ -2812,7 +2812,7 @@ static int ext4_split_extent_at(handle_t *handle, |
4559 |
+ if (err) |
4560 |
+ goto fix_extent_len; |
4561 |
+ /* update the extent length and mark as initialized */ |
4562 |
+- ex->ee_len = cpu_to_le32(ee_len); |
4563 |
++ ex->ee_len = cpu_to_le16(ee_len); |
4564 |
+ ext4_ext_try_to_merge(inode, path, ex); |
4565 |
+ err = ext4_ext_dirty(handle, inode, path + depth); |
4566 |
+ goto out; |
4567 |
+diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c |
4568 |
+index 4dfbfec..ec2a9c2 100644 |
4569 |
+--- a/fs/hfsplus/catalog.c |
4570 |
++++ b/fs/hfsplus/catalog.c |
4571 |
+@@ -366,6 +366,10 @@ int hfsplus_rename_cat(u32 cnid, |
4572 |
+ err = hfs_brec_find(&src_fd); |
4573 |
+ if (err) |
4574 |
+ goto out; |
4575 |
++ if (src_fd.entrylength > sizeof(entry) || src_fd.entrylength < 0) { |
4576 |
++ err = -EIO; |
4577 |
++ goto out; |
4578 |
++ } |
4579 |
+ |
4580 |
+ hfs_bnode_read(src_fd.bnode, &entry, src_fd.entryoffset, |
4581 |
+ src_fd.entrylength); |
4582 |
+diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c |
4583 |
+index 4536cd3..5adb740 100644 |
4584 |
+--- a/fs/hfsplus/dir.c |
4585 |
++++ b/fs/hfsplus/dir.c |
4586 |
+@@ -150,6 +150,11 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
4587 |
+ filp->f_pos++; |
4588 |
+ /* fall through */ |
4589 |
+ case 1: |
4590 |
++ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
4591 |
++ err = -EIO; |
4592 |
++ goto out; |
4593 |
++ } |
4594 |
++ |
4595 |
+ hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
4596 |
+ fd.entrylength); |
4597 |
+ if (be16_to_cpu(entry.type) != HFSPLUS_FOLDER_THREAD) { |
4598 |
+@@ -181,6 +186,12 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
4599 |
+ err = -EIO; |
4600 |
+ goto out; |
4601 |
+ } |
4602 |
++ |
4603 |
++ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
4604 |
++ err = -EIO; |
4605 |
++ goto out; |
4606 |
++ } |
4607 |
++ |
4608 |
+ hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
4609 |
+ fd.entrylength); |
4610 |
+ type = be16_to_cpu(entry.type); |
4611 |
+diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c |
4612 |
+index 68d704d..d751f04 100644 |
4613 |
+--- a/fs/jbd2/commit.c |
4614 |
++++ b/fs/jbd2/commit.c |
4615 |
+@@ -683,7 +683,7 @@ start_journal_io: |
4616 |
+ if (commit_transaction->t_need_data_flush && |
4617 |
+ (journal->j_fs_dev != journal->j_dev) && |
4618 |
+ (journal->j_flags & JBD2_BARRIER)) |
4619 |
+- blkdev_issue_flush(journal->j_fs_dev, GFP_KERNEL, NULL); |
4620 |
++ blkdev_issue_flush(journal->j_fs_dev, GFP_NOFS, NULL); |
4621 |
+ |
4622 |
+ /* Done it all: now write the commit record asynchronously. */ |
4623 |
+ if (JBD2_HAS_INCOMPAT_FEATURE(journal, |
4624 |
+@@ -819,7 +819,7 @@ wait_for_iobuf: |
4625 |
+ if (JBD2_HAS_INCOMPAT_FEATURE(journal, |
4626 |
+ JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT) && |
4627 |
+ journal->j_flags & JBD2_BARRIER) { |
4628 |
+- blkdev_issue_flush(journal->j_dev, GFP_KERNEL, NULL); |
4629 |
++ blkdev_issue_flush(journal->j_dev, GFP_NOFS, NULL); |
4630 |
+ } |
4631 |
+ |
4632 |
+ if (err) |
4633 |
+diff --git a/fs/lockd/clnt4xdr.c b/fs/lockd/clnt4xdr.c |
4634 |
+index f848b52..046bb77 100644 |
4635 |
+--- a/fs/lockd/clnt4xdr.c |
4636 |
++++ b/fs/lockd/clnt4xdr.c |
4637 |
+@@ -241,7 +241,7 @@ static int decode_nlm4_stat(struct xdr_stream *xdr, __be32 *stat) |
4638 |
+ p = xdr_inline_decode(xdr, 4); |
4639 |
+ if (unlikely(p == NULL)) |
4640 |
+ goto out_overflow; |
4641 |
+- if (unlikely(*p > nlm4_failed)) |
4642 |
++ if (unlikely(ntohl(*p) > ntohl(nlm4_failed))) |
4643 |
+ goto out_bad_xdr; |
4644 |
+ *stat = *p; |
4645 |
+ return 0; |
4646 |
+diff --git a/fs/lockd/clntxdr.c b/fs/lockd/clntxdr.c |
4647 |
+index 180ac34..36057ce 100644 |
4648 |
+--- a/fs/lockd/clntxdr.c |
4649 |
++++ b/fs/lockd/clntxdr.c |
4650 |
+@@ -236,7 +236,7 @@ static int decode_nlm_stat(struct xdr_stream *xdr, |
4651 |
+ p = xdr_inline_decode(xdr, 4); |
4652 |
+ if (unlikely(p == NULL)) |
4653 |
+ goto out_overflow; |
4654 |
+- if (unlikely(*p > nlm_lck_denied_grace_period)) |
4655 |
++ if (unlikely(ntohl(*p) > ntohl(nlm_lck_denied_grace_period))) |
4656 |
+ goto out_enum; |
4657 |
+ *stat = *p; |
4658 |
+ return 0; |
4659 |
+diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
4660 |
+index 757293b..51f6a40 100644 |
4661 |
+--- a/fs/nfs/nfs4proc.c |
4662 |
++++ b/fs/nfs/nfs4proc.c |
4663 |
+@@ -4453,7 +4453,9 @@ static int _nfs4_do_setlk(struct nfs4_state *state, int cmd, struct file_lock *f |
4664 |
+ static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request) |
4665 |
+ { |
4666 |
+ struct nfs_server *server = NFS_SERVER(state->inode); |
4667 |
+- struct nfs4_exception exception = { }; |
4668 |
++ struct nfs4_exception exception = { |
4669 |
++ .inode = state->inode, |
4670 |
++ }; |
4671 |
+ int err; |
4672 |
+ |
4673 |
+ do { |
4674 |
+@@ -4471,7 +4473,9 @@ static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request |
4675 |
+ static int nfs4_lock_expired(struct nfs4_state *state, struct file_lock *request) |
4676 |
+ { |
4677 |
+ struct nfs_server *server = NFS_SERVER(state->inode); |
4678 |
+- struct nfs4_exception exception = { }; |
4679 |
++ struct nfs4_exception exception = { |
4680 |
++ .inode = state->inode, |
4681 |
++ }; |
4682 |
+ int err; |
4683 |
+ |
4684 |
+ err = nfs4_set_lock_state(state, request); |
4685 |
+@@ -4551,6 +4555,7 @@ static int nfs4_proc_setlk(struct nfs4_state *state, int cmd, struct file_lock * |
4686 |
+ { |
4687 |
+ struct nfs4_exception exception = { |
4688 |
+ .state = state, |
4689 |
++ .inode = state->inode, |
4690 |
+ }; |
4691 |
+ int err; |
4692 |
+ |
4693 |
+@@ -4596,6 +4601,20 @@ nfs4_proc_lock(struct file *filp, int cmd, struct file_lock *request) |
4694 |
+ |
4695 |
+ if (state == NULL) |
4696 |
+ return -ENOLCK; |
4697 |
++ /* |
4698 |
++ * Don't rely on the VFS having checked the file open mode, |
4699 |
++ * since it won't do this for flock() locks. |
4700 |
++ */ |
4701 |
++ switch (request->fl_type & (F_RDLCK|F_WRLCK|F_UNLCK)) { |
4702 |
++ case F_RDLCK: |
4703 |
++ if (!(filp->f_mode & FMODE_READ)) |
4704 |
++ return -EBADF; |
4705 |
++ break; |
4706 |
++ case F_WRLCK: |
4707 |
++ if (!(filp->f_mode & FMODE_WRITE)) |
4708 |
++ return -EBADF; |
4709 |
++ } |
4710 |
++ |
4711 |
+ do { |
4712 |
+ status = nfs4_proc_setlk(state, cmd, request); |
4713 |
+ if ((status != -EAGAIN) || IS_SETLK(cmd)) |
4714 |
+diff --git a/fs/nfs/read.c b/fs/nfs/read.c |
4715 |
+index cfa175c..41bae32 100644 |
4716 |
+--- a/fs/nfs/read.c |
4717 |
++++ b/fs/nfs/read.c |
4718 |
+@@ -324,7 +324,7 @@ out_bad: |
4719 |
+ while (!list_empty(res)) { |
4720 |
+ data = list_entry(res->next, struct nfs_read_data, list); |
4721 |
+ list_del(&data->list); |
4722 |
+- nfs_readdata_free(data); |
4723 |
++ nfs_readdata_release(data); |
4724 |
+ } |
4725 |
+ nfs_readpage_release(req); |
4726 |
+ return -ENOMEM; |
4727 |
+diff --git a/fs/nfs/super.c b/fs/nfs/super.c |
4728 |
+index 3ada13c..376cd65 100644 |
4729 |
+--- a/fs/nfs/super.c |
4730 |
++++ b/fs/nfs/super.c |
4731 |
+@@ -2708,11 +2708,15 @@ static struct vfsmount *nfs_do_root_mount(struct file_system_type *fs_type, |
4732 |
+ char *root_devname; |
4733 |
+ size_t len; |
4734 |
+ |
4735 |
+- len = strlen(hostname) + 3; |
4736 |
++ len = strlen(hostname) + 5; |
4737 |
+ root_devname = kmalloc(len, GFP_KERNEL); |
4738 |
+ if (root_devname == NULL) |
4739 |
+ return ERR_PTR(-ENOMEM); |
4740 |
+- snprintf(root_devname, len, "%s:/", hostname); |
4741 |
++ /* Does hostname needs to be enclosed in brackets? */ |
4742 |
++ if (strchr(hostname, ':')) |
4743 |
++ snprintf(root_devname, len, "[%s]:/", hostname); |
4744 |
++ else |
4745 |
++ snprintf(root_devname, len, "%s:/", hostname); |
4746 |
+ root_mnt = vfs_kern_mount(fs_type, flags, root_devname, data); |
4747 |
+ kfree(root_devname); |
4748 |
+ return root_mnt; |
4749 |
+diff --git a/fs/nfs/write.c b/fs/nfs/write.c |
4750 |
+index 1dda78d..4efd421 100644 |
4751 |
+--- a/fs/nfs/write.c |
4752 |
++++ b/fs/nfs/write.c |
4753 |
+@@ -974,7 +974,7 @@ out_bad: |
4754 |
+ while (!list_empty(res)) { |
4755 |
+ data = list_entry(res->next, struct nfs_write_data, list); |
4756 |
+ list_del(&data->list); |
4757 |
+- nfs_writedata_free(data); |
4758 |
++ nfs_writedata_release(data); |
4759 |
+ } |
4760 |
+ nfs_redirty_request(req); |
4761 |
+ return -ENOMEM; |
4762 |
+diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c |
4763 |
+index 08c6e36..43f46cd 100644 |
4764 |
+--- a/fs/nfsd/nfs3xdr.c |
4765 |
++++ b/fs/nfsd/nfs3xdr.c |
4766 |
+@@ -803,13 +803,13 @@ encode_entry_baggage(struct nfsd3_readdirres *cd, __be32 *p, const char *name, |
4767 |
+ return p; |
4768 |
+ } |
4769 |
+ |
4770 |
+-static int |
4771 |
++static __be32 |
4772 |
+ compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp, |
4773 |
+ const char *name, int namlen) |
4774 |
+ { |
4775 |
+ struct svc_export *exp; |
4776 |
+ struct dentry *dparent, *dchild; |
4777 |
+- int rv = 0; |
4778 |
++ __be32 rv = nfserr_noent; |
4779 |
+ |
4780 |
+ dparent = cd->fh.fh_dentry; |
4781 |
+ exp = cd->fh.fh_export; |
4782 |
+@@ -817,26 +817,20 @@ compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp, |
4783 |
+ if (isdotent(name, namlen)) { |
4784 |
+ if (namlen == 2) { |
4785 |
+ dchild = dget_parent(dparent); |
4786 |
+- if (dchild == dparent) { |
4787 |
+- /* filesystem root - cannot return filehandle for ".." */ |
4788 |
+- dput(dchild); |
4789 |
+- return -ENOENT; |
4790 |
+- } |
4791 |
++ /* filesystem root - cannot return filehandle for ".." */ |
4792 |
++ if (dchild == dparent) |
4793 |
++ goto out; |
4794 |
+ } else |
4795 |
+ dchild = dget(dparent); |
4796 |
+ } else |
4797 |
+ dchild = lookup_one_len(name, dparent, namlen); |
4798 |
+ if (IS_ERR(dchild)) |
4799 |
+- return -ENOENT; |
4800 |
+- rv = -ENOENT; |
4801 |
++ return rv; |
4802 |
+ if (d_mountpoint(dchild)) |
4803 |
+ goto out; |
4804 |
+- rv = fh_compose(fhp, exp, dchild, &cd->fh); |
4805 |
+- if (rv) |
4806 |
+- goto out; |
4807 |
+ if (!dchild->d_inode) |
4808 |
+ goto out; |
4809 |
+- rv = 0; |
4810 |
++ rv = fh_compose(fhp, exp, dchild, &cd->fh); |
4811 |
+ out: |
4812 |
+ dput(dchild); |
4813 |
+ return rv; |
4814 |
+@@ -845,7 +839,7 @@ out: |
4815 |
+ static __be32 *encode_entryplus_baggage(struct nfsd3_readdirres *cd, __be32 *p, const char *name, int namlen) |
4816 |
+ { |
4817 |
+ struct svc_fh fh; |
4818 |
+- int err; |
4819 |
++ __be32 err; |
4820 |
+ |
4821 |
+ fh_init(&fh, NFS3_FHSIZE); |
4822 |
+ err = compose_entry_fh(cd, &fh, name, namlen); |
4823 |
+diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c |
4824 |
+index fa38336..b8c5538 100644 |
4825 |
+--- a/fs/nfsd/nfs4proc.c |
4826 |
++++ b/fs/nfsd/nfs4proc.c |
4827 |
+@@ -231,17 +231,17 @@ do_open_lookup(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_o |
4828 |
+ */ |
4829 |
+ if (open->op_createmode == NFS4_CREATE_EXCLUSIVE && status == 0) |
4830 |
+ open->op_bmval[1] = (FATTR4_WORD1_TIME_ACCESS | |
4831 |
+- FATTR4_WORD1_TIME_MODIFY); |
4832 |
++ FATTR4_WORD1_TIME_MODIFY); |
4833 |
+ } else { |
4834 |
+ status = nfsd_lookup(rqstp, current_fh, |
4835 |
+ open->op_fname.data, open->op_fname.len, &resfh); |
4836 |
+ fh_unlock(current_fh); |
4837 |
+- if (status) |
4838 |
+- goto out; |
4839 |
+- status = nfsd_check_obj_isreg(&resfh); |
4840 |
+ } |
4841 |
+ if (status) |
4842 |
+ goto out; |
4843 |
++ status = nfsd_check_obj_isreg(&resfh); |
4844 |
++ if (status) |
4845 |
++ goto out; |
4846 |
+ |
4847 |
+ if (is_create_with_attrs(open) && open->op_acl != NULL) |
4848 |
+ do_set_nfs4_acl(rqstp, &resfh, open->op_acl, open->op_bmval); |
4849 |
+@@ -827,6 +827,7 @@ nfsd4_setattr(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, |
4850 |
+ struct nfsd4_setattr *setattr) |
4851 |
+ { |
4852 |
+ __be32 status = nfs_ok; |
4853 |
++ int err; |
4854 |
+ |
4855 |
+ if (setattr->sa_iattr.ia_valid & ATTR_SIZE) { |
4856 |
+ nfs4_lock_state(); |
4857 |
+@@ -838,9 +839,9 @@ nfsd4_setattr(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, |
4858 |
+ return status; |
4859 |
+ } |
4860 |
+ } |
4861 |
+- status = mnt_want_write(cstate->current_fh.fh_export->ex_path.mnt); |
4862 |
+- if (status) |
4863 |
+- return status; |
4864 |
++ err = mnt_want_write(cstate->current_fh.fh_export->ex_path.mnt); |
4865 |
++ if (err) |
4866 |
++ return nfserrno(err); |
4867 |
+ status = nfs_ok; |
4868 |
+ |
4869 |
+ status = check_attr_support(rqstp, cstate, setattr->sa_bmval, |
4870 |
+diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c |
4871 |
+index 5abced7..4cfe260 100644 |
4872 |
+--- a/fs/nfsd/nfs4state.c |
4873 |
++++ b/fs/nfsd/nfs4state.c |
4874 |
+@@ -4080,16 +4080,14 @@ out: |
4875 |
+ * vfs_test_lock. (Arguably perhaps test_lock should be done with an |
4876 |
+ * inode operation.) |
4877 |
+ */ |
4878 |
+-static int nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) |
4879 |
++static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) |
4880 |
+ { |
4881 |
+ struct file *file; |
4882 |
+- int err; |
4883 |
+- |
4884 |
+- err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); |
4885 |
+- if (err) |
4886 |
+- return err; |
4887 |
+- err = vfs_test_lock(file, lock); |
4888 |
+- nfsd_close(file); |
4889 |
++ __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); |
4890 |
++ if (!err) { |
4891 |
++ err = nfserrno(vfs_test_lock(file, lock)); |
4892 |
++ nfsd_close(file); |
4893 |
++ } |
4894 |
+ return err; |
4895 |
+ } |
4896 |
+ |
4897 |
+@@ -4103,7 +4101,6 @@ nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, |
4898 |
+ struct inode *inode; |
4899 |
+ struct file_lock file_lock; |
4900 |
+ struct nfs4_lockowner *lo; |
4901 |
+- int error; |
4902 |
+ __be32 status; |
4903 |
+ |
4904 |
+ if (locks_in_grace()) |
4905 |
+@@ -4149,12 +4146,10 @@ nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, |
4906 |
+ |
4907 |
+ nfs4_transform_lock_offset(&file_lock); |
4908 |
+ |
4909 |
+- status = nfs_ok; |
4910 |
+- error = nfsd_test_lock(rqstp, &cstate->current_fh, &file_lock); |
4911 |
+- if (error) { |
4912 |
+- status = nfserrno(error); |
4913 |
++ status = nfsd_test_lock(rqstp, &cstate->current_fh, &file_lock); |
4914 |
++ if (status) |
4915 |
+ goto out; |
4916 |
+- } |
4917 |
++ |
4918 |
+ if (file_lock.fl_type != F_UNLCK) { |
4919 |
+ status = nfserr_denied; |
4920 |
+ nfs4_set_lock_denied(&file_lock, &lockt->lt_denied); |
4921 |
+diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c |
4922 |
+index b6fa792..9cfa60a 100644 |
4923 |
+--- a/fs/nfsd/nfs4xdr.c |
4924 |
++++ b/fs/nfsd/nfs4xdr.c |
4925 |
+@@ -3411,7 +3411,7 @@ nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, int nfserr, |
4926 |
+ nfsd4_decode_stateid(argp, &si); |
4927 |
+ valid = nfs4_validate_stateid(cl, &si); |
4928 |
+ RESERVE_SPACE(4); |
4929 |
+- *p++ = htonl(valid); |
4930 |
++ *p++ = valid; |
4931 |
+ resp->p = p; |
4932 |
+ } |
4933 |
+ nfs4_unlock_state(); |
4934 |
+diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c |
4935 |
+index 7a2e442..5c3cd82 100644 |
4936 |
+--- a/fs/nfsd/vfs.c |
4937 |
++++ b/fs/nfsd/vfs.c |
4938 |
+@@ -1439,7 +1439,7 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp, |
4939 |
+ switch (createmode) { |
4940 |
+ case NFS3_CREATE_UNCHECKED: |
4941 |
+ if (! S_ISREG(dchild->d_inode->i_mode)) |
4942 |
+- err = nfserr_exist; |
4943 |
++ goto out; |
4944 |
+ else if (truncp) { |
4945 |
+ /* in nfsv4, we need to treat this case a little |
4946 |
+ * differently. we don't want to truncate the |
4947 |
+diff --git a/fs/ocfs2/alloc.c b/fs/ocfs2/alloc.c |
4948 |
+index 3165aeb..31b9463 100644 |
4949 |
+--- a/fs/ocfs2/alloc.c |
4950 |
++++ b/fs/ocfs2/alloc.c |
4951 |
+@@ -1134,7 +1134,7 @@ static int ocfs2_adjust_rightmost_branch(handle_t *handle, |
4952 |
+ } |
4953 |
+ |
4954 |
+ el = path_leaf_el(path); |
4955 |
+- rec = &el->l_recs[le32_to_cpu(el->l_next_free_rec) - 1]; |
4956 |
++ rec = &el->l_recs[le16_to_cpu(el->l_next_free_rec) - 1]; |
4957 |
+ |
4958 |
+ ocfs2_adjust_rightmost_records(handle, et, path, rec); |
4959 |
+ |
4960 |
+diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c |
4961 |
+index cf78233..9f32d7c 100644 |
4962 |
+--- a/fs/ocfs2/refcounttree.c |
4963 |
++++ b/fs/ocfs2/refcounttree.c |
4964 |
+@@ -1036,14 +1036,14 @@ static int ocfs2_get_refcount_cpos_end(struct ocfs2_caching_info *ci, |
4965 |
+ |
4966 |
+ tmp_el = left_path->p_node[subtree_root].el; |
4967 |
+ blkno = left_path->p_node[subtree_root+1].bh->b_blocknr; |
4968 |
+- for (i = 0; i < le32_to_cpu(tmp_el->l_next_free_rec); i++) { |
4969 |
++ for (i = 0; i < le16_to_cpu(tmp_el->l_next_free_rec); i++) { |
4970 |
+ if (le64_to_cpu(tmp_el->l_recs[i].e_blkno) == blkno) { |
4971 |
+ *cpos_end = le32_to_cpu(tmp_el->l_recs[i+1].e_cpos); |
4972 |
+ break; |
4973 |
+ } |
4974 |
+ } |
4975 |
+ |
4976 |
+- BUG_ON(i == le32_to_cpu(tmp_el->l_next_free_rec)); |
4977 |
++ BUG_ON(i == le16_to_cpu(tmp_el->l_next_free_rec)); |
4978 |
+ |
4979 |
+ out: |
4980 |
+ ocfs2_free_path(left_path); |
4981 |
+@@ -1468,7 +1468,7 @@ static int ocfs2_divide_leaf_refcount_block(struct buffer_head *ref_leaf_bh, |
4982 |
+ |
4983 |
+ trace_ocfs2_divide_leaf_refcount_block( |
4984 |
+ (unsigned long long)ref_leaf_bh->b_blocknr, |
4985 |
+- le32_to_cpu(rl->rl_count), le32_to_cpu(rl->rl_used)); |
4986 |
++ le16_to_cpu(rl->rl_count), le16_to_cpu(rl->rl_used)); |
4987 |
+ |
4988 |
+ /* |
4989 |
+ * XXX: Improvement later. |
4990 |
+@@ -2411,7 +2411,7 @@ static int ocfs2_calc_refcount_meta_credits(struct super_block *sb, |
4991 |
+ rb = (struct ocfs2_refcount_block *) |
4992 |
+ prev_bh->b_data; |
4993 |
+ |
4994 |
+- if (le64_to_cpu(rb->rf_records.rl_used) + |
4995 |
++ if (le16_to_cpu(rb->rf_records.rl_used) + |
4996 |
+ recs_add > |
4997 |
+ le16_to_cpu(rb->rf_records.rl_count)) |
4998 |
+ ref_blocks++; |
4999 |
+@@ -2476,7 +2476,7 @@ static int ocfs2_calc_refcount_meta_credits(struct super_block *sb, |
5000 |
+ if (prev_bh) { |
5001 |
+ rb = (struct ocfs2_refcount_block *)prev_bh->b_data; |
5002 |
+ |
5003 |
+- if (le64_to_cpu(rb->rf_records.rl_used) + recs_add > |
5004 |
++ if (le16_to_cpu(rb->rf_records.rl_used) + recs_add > |
5005 |
+ le16_to_cpu(rb->rf_records.rl_count)) |
5006 |
+ ref_blocks++; |
5007 |
+ |
5008 |
+@@ -3629,7 +3629,7 @@ int ocfs2_refcounted_xattr_delete_need(struct inode *inode, |
5009 |
+ * one will split a refcount rec, so totally we need |
5010 |
+ * clusters * 2 new refcount rec. |
5011 |
+ */ |
5012 |
+- if (le64_to_cpu(rb->rf_records.rl_used) + clusters * 2 > |
5013 |
++ if (le16_to_cpu(rb->rf_records.rl_used) + clusters * 2 > |
5014 |
+ le16_to_cpu(rb->rf_records.rl_count)) |
5015 |
+ ref_blocks++; |
5016 |
+ |
5017 |
+diff --git a/fs/ocfs2/suballoc.c b/fs/ocfs2/suballoc.c |
5018 |
+index ba5d97e..f169da4 100644 |
5019 |
+--- a/fs/ocfs2/suballoc.c |
5020 |
++++ b/fs/ocfs2/suballoc.c |
5021 |
+@@ -600,7 +600,7 @@ static void ocfs2_bg_alloc_cleanup(handle_t *handle, |
5022 |
+ ret = ocfs2_free_clusters(handle, cluster_ac->ac_inode, |
5023 |
+ cluster_ac->ac_bh, |
5024 |
+ le64_to_cpu(rec->e_blkno), |
5025 |
+- le32_to_cpu(rec->e_leaf_clusters)); |
5026 |
++ le16_to_cpu(rec->e_leaf_clusters)); |
5027 |
+ if (ret) |
5028 |
+ mlog_errno(ret); |
5029 |
+ /* Try all the clusters to free */ |
5030 |
+@@ -1628,7 +1628,7 @@ static int ocfs2_bg_discontig_fix_by_rec(struct ocfs2_suballoc_result *res, |
5031 |
+ { |
5032 |
+ unsigned int bpc = le16_to_cpu(cl->cl_bpc); |
5033 |
+ unsigned int bitoff = le32_to_cpu(rec->e_cpos) * bpc; |
5034 |
+- unsigned int bitcount = le32_to_cpu(rec->e_leaf_clusters) * bpc; |
5035 |
++ unsigned int bitcount = le16_to_cpu(rec->e_leaf_clusters) * bpc; |
5036 |
+ |
5037 |
+ if (res->sr_bit_offset < bitoff) |
5038 |
+ return 0; |
5039 |
+diff --git a/fs/pipe.c b/fs/pipe.c |
5040 |
+index 4065f07..05ed5ca 100644 |
5041 |
+--- a/fs/pipe.c |
5042 |
++++ b/fs/pipe.c |
5043 |
+@@ -345,6 +345,16 @@ static const struct pipe_buf_operations anon_pipe_buf_ops = { |
5044 |
+ .get = generic_pipe_buf_get, |
5045 |
+ }; |
5046 |
+ |
5047 |
++static const struct pipe_buf_operations packet_pipe_buf_ops = { |
5048 |
++ .can_merge = 0, |
5049 |
++ .map = generic_pipe_buf_map, |
5050 |
++ .unmap = generic_pipe_buf_unmap, |
5051 |
++ .confirm = generic_pipe_buf_confirm, |
5052 |
++ .release = anon_pipe_buf_release, |
5053 |
++ .steal = generic_pipe_buf_steal, |
5054 |
++ .get = generic_pipe_buf_get, |
5055 |
++}; |
5056 |
++ |
5057 |
+ static ssize_t |
5058 |
+ pipe_read(struct kiocb *iocb, const struct iovec *_iov, |
5059 |
+ unsigned long nr_segs, loff_t pos) |
5060 |
+@@ -406,6 +416,13 @@ redo: |
5061 |
+ ret += chars; |
5062 |
+ buf->offset += chars; |
5063 |
+ buf->len -= chars; |
5064 |
++ |
5065 |
++ /* Was it a packet buffer? Clean up and exit */ |
5066 |
++ if (buf->flags & PIPE_BUF_FLAG_PACKET) { |
5067 |
++ total_len = chars; |
5068 |
++ buf->len = 0; |
5069 |
++ } |
5070 |
++ |
5071 |
+ if (!buf->len) { |
5072 |
+ buf->ops = NULL; |
5073 |
+ ops->release(pipe, buf); |
5074 |
+@@ -458,6 +475,11 @@ redo: |
5075 |
+ return ret; |
5076 |
+ } |
5077 |
+ |
5078 |
++static inline int is_packetized(struct file *file) |
5079 |
++{ |
5080 |
++ return (file->f_flags & O_DIRECT) != 0; |
5081 |
++} |
5082 |
++ |
5083 |
+ static ssize_t |
5084 |
+ pipe_write(struct kiocb *iocb, const struct iovec *_iov, |
5085 |
+ unsigned long nr_segs, loff_t ppos) |
5086 |
+@@ -592,6 +614,11 @@ redo2: |
5087 |
+ buf->ops = &anon_pipe_buf_ops; |
5088 |
+ buf->offset = 0; |
5089 |
+ buf->len = chars; |
5090 |
++ buf->flags = 0; |
5091 |
++ if (is_packetized(filp)) { |
5092 |
++ buf->ops = &packet_pipe_buf_ops; |
5093 |
++ buf->flags = PIPE_BUF_FLAG_PACKET; |
5094 |
++ } |
5095 |
+ pipe->nrbufs = ++bufs; |
5096 |
+ pipe->tmp_page = NULL; |
5097 |
+ |
5098 |
+@@ -1012,7 +1039,7 @@ struct file *create_write_pipe(int flags) |
5099 |
+ goto err_dentry; |
5100 |
+ f->f_mapping = inode->i_mapping; |
5101 |
+ |
5102 |
+- f->f_flags = O_WRONLY | (flags & O_NONBLOCK); |
5103 |
++ f->f_flags = O_WRONLY | (flags & (O_NONBLOCK | O_DIRECT)); |
5104 |
+ f->f_version = 0; |
5105 |
+ |
5106 |
+ return f; |
5107 |
+@@ -1056,7 +1083,7 @@ int do_pipe_flags(int *fd, int flags) |
5108 |
+ int error; |
5109 |
+ int fdw, fdr; |
5110 |
+ |
5111 |
+- if (flags & ~(O_CLOEXEC | O_NONBLOCK)) |
5112 |
++ if (flags & ~(O_CLOEXEC | O_NONBLOCK | O_DIRECT)) |
5113 |
+ return -EINVAL; |
5114 |
+ |
5115 |
+ fw = create_write_pipe(flags); |
5116 |
+diff --git a/fs/splice.c b/fs/splice.c |
5117 |
+index fa2defa..6d0dfb8 100644 |
5118 |
+--- a/fs/splice.c |
5119 |
++++ b/fs/splice.c |
5120 |
+@@ -31,6 +31,7 @@ |
5121 |
+ #include <linux/uio.h> |
5122 |
+ #include <linux/security.h> |
5123 |
+ #include <linux/gfp.h> |
5124 |
++#include <linux/socket.h> |
5125 |
+ |
5126 |
+ /* |
5127 |
+ * Attempt to steal a page from a pipe buffer. This should perhaps go into |
5128 |
+@@ -691,7 +692,9 @@ static int pipe_to_sendpage(struct pipe_inode_info *pipe, |
5129 |
+ if (!likely(file->f_op && file->f_op->sendpage)) |
5130 |
+ return -EINVAL; |
5131 |
+ |
5132 |
+- more = (sd->flags & SPLICE_F_MORE) || sd->len < sd->total_len; |
5133 |
++ more = (sd->flags & SPLICE_F_MORE) ? MSG_MORE : 0; |
5134 |
++ if (sd->len < sd->total_len) |
5135 |
++ more |= MSG_SENDPAGE_NOTLAST; |
5136 |
+ return file->f_op->sendpage(file, buf->page, buf->offset, |
5137 |
+ sd->len, &pos, more); |
5138 |
+ } |
5139 |
+diff --git a/include/asm-generic/statfs.h b/include/asm-generic/statfs.h |
5140 |
+index 0fd28e0..c749af9 100644 |
5141 |
+--- a/include/asm-generic/statfs.h |
5142 |
++++ b/include/asm-generic/statfs.h |
5143 |
+@@ -15,7 +15,7 @@ typedef __kernel_fsid_t fsid_t; |
5144 |
+ * with a 10' pole. |
5145 |
+ */ |
5146 |
+ #ifndef __statfs_word |
5147 |
+-#if BITS_PER_LONG == 64 |
5148 |
++#if __BITS_PER_LONG == 64 |
5149 |
+ #define __statfs_word long |
5150 |
+ #else |
5151 |
+ #define __statfs_word __u32 |
5152 |
+diff --git a/include/linux/efi.h b/include/linux/efi.h |
5153 |
+index 2362a0b..1328d8c 100644 |
5154 |
+--- a/include/linux/efi.h |
5155 |
++++ b/include/linux/efi.h |
5156 |
+@@ -383,7 +383,18 @@ extern int __init efi_setup_pcdp_console(char *); |
5157 |
+ #define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001 |
5158 |
+ #define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002 |
5159 |
+ #define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004 |
5160 |
+- |
5161 |
++#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008 |
5162 |
++#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010 |
5163 |
++#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020 |
5164 |
++#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040 |
5165 |
++ |
5166 |
++#define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \ |
5167 |
++ EFI_VARIABLE_BOOTSERVICE_ACCESS | \ |
5168 |
++ EFI_VARIABLE_RUNTIME_ACCESS | \ |
5169 |
++ EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ |
5170 |
++ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ |
5171 |
++ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ |
5172 |
++ EFI_VARIABLE_APPEND_WRITE) |
5173 |
+ /* |
5174 |
+ * EFI Device Path information |
5175 |
+ */ |
5176 |
+diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h |
5177 |
+index d526231..35410ef 100644 |
5178 |
+--- a/include/linux/kvm_host.h |
5179 |
++++ b/include/linux/kvm_host.h |
5180 |
+@@ -562,6 +562,7 @@ void kvm_free_irq_source_id(struct kvm *kvm, int irq_source_id); |
5181 |
+ |
5182 |
+ #ifdef CONFIG_IOMMU_API |
5183 |
+ int kvm_iommu_map_pages(struct kvm *kvm, struct kvm_memory_slot *slot); |
5184 |
++void kvm_iommu_unmap_pages(struct kvm *kvm, struct kvm_memory_slot *slot); |
5185 |
+ int kvm_iommu_map_guest(struct kvm *kvm); |
5186 |
+ int kvm_iommu_unmap_guest(struct kvm *kvm); |
5187 |
+ int kvm_assign_device(struct kvm *kvm, |
5188 |
+@@ -575,6 +576,11 @@ static inline int kvm_iommu_map_pages(struct kvm *kvm, |
5189 |
+ return 0; |
5190 |
+ } |
5191 |
+ |
5192 |
++static inline void kvm_iommu_unmap_pages(struct kvm *kvm, |
5193 |
++ struct kvm_memory_slot *slot) |
5194 |
++{ |
5195 |
++} |
5196 |
++ |
5197 |
+ static inline int kvm_iommu_map_guest(struct kvm *kvm) |
5198 |
+ { |
5199 |
+ return -ENODEV; |
5200 |
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
5201 |
+index a82ad4d..cbeb586 100644 |
5202 |
+--- a/include/linux/netdevice.h |
5203 |
++++ b/include/linux/netdevice.h |
5204 |
+@@ -2536,8 +2536,6 @@ extern void net_disable_timestamp(void); |
5205 |
+ extern void *dev_seq_start(struct seq_file *seq, loff_t *pos); |
5206 |
+ extern void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos); |
5207 |
+ extern void dev_seq_stop(struct seq_file *seq, void *v); |
5208 |
+-extern int dev_seq_open_ops(struct inode *inode, struct file *file, |
5209 |
+- const struct seq_operations *ops); |
5210 |
+ #endif |
5211 |
+ |
5212 |
+ extern int netdev_class_create_file(struct class_attribute *class_attr); |
5213 |
+diff --git a/include/linux/pipe_fs_i.h b/include/linux/pipe_fs_i.h |
5214 |
+index 77257c9..0072a53 100644 |
5215 |
+--- a/include/linux/pipe_fs_i.h |
5216 |
++++ b/include/linux/pipe_fs_i.h |
5217 |
+@@ -8,6 +8,7 @@ |
5218 |
+ #define PIPE_BUF_FLAG_LRU 0x01 /* page is on the LRU */ |
5219 |
+ #define PIPE_BUF_FLAG_ATOMIC 0x02 /* was atomically mapped */ |
5220 |
+ #define PIPE_BUF_FLAG_GIFT 0x04 /* page is a gift */ |
5221 |
++#define PIPE_BUF_FLAG_PACKET 0x08 /* read() as a packet */ |
5222 |
+ |
5223 |
+ /** |
5224 |
+ * struct pipe_buffer - a linux kernel pipe buffer |
5225 |
+diff --git a/include/linux/seqlock.h b/include/linux/seqlock.h |
5226 |
+index c6db9fb..bb1fac5 100644 |
5227 |
+--- a/include/linux/seqlock.h |
5228 |
++++ b/include/linux/seqlock.h |
5229 |
+@@ -141,7 +141,7 @@ static inline unsigned __read_seqcount_begin(const seqcount_t *s) |
5230 |
+ unsigned ret; |
5231 |
+ |
5232 |
+ repeat: |
5233 |
+- ret = s->sequence; |
5234 |
++ ret = ACCESS_ONCE(s->sequence); |
5235 |
+ if (unlikely(ret & 1)) { |
5236 |
+ cpu_relax(); |
5237 |
+ goto repeat; |
5238 |
+diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
5239 |
+index 6cf8b53..e689b47 100644 |
5240 |
+--- a/include/linux/skbuff.h |
5241 |
++++ b/include/linux/skbuff.h |
5242 |
+@@ -458,6 +458,7 @@ struct sk_buff { |
5243 |
+ union { |
5244 |
+ __u32 mark; |
5245 |
+ __u32 dropcount; |
5246 |
++ __u32 avail_size; |
5247 |
+ }; |
5248 |
+ |
5249 |
+ __u16 vlan_tci; |
5250 |
+@@ -1326,6 +1327,18 @@ static inline int skb_tailroom(const struct sk_buff *skb) |
5251 |
+ } |
5252 |
+ |
5253 |
+ /** |
5254 |
++ * skb_availroom - bytes at buffer end |
5255 |
++ * @skb: buffer to check |
5256 |
++ * |
5257 |
++ * Return the number of bytes of free space at the tail of an sk_buff |
5258 |
++ * allocated by sk_stream_alloc() |
5259 |
++ */ |
5260 |
++static inline int skb_availroom(const struct sk_buff *skb) |
5261 |
++{ |
5262 |
++ return skb_is_nonlinear(skb) ? 0 : skb->avail_size - skb->len; |
5263 |
++} |
5264 |
++ |
5265 |
++/** |
5266 |
+ * skb_reserve - adjust headroom |
5267 |
+ * @skb: buffer to alter |
5268 |
+ * @len: bytes to move |
5269 |
+diff --git a/include/linux/socket.h b/include/linux/socket.h |
5270 |
+index d0e77f6..ad919e0 100644 |
5271 |
+--- a/include/linux/socket.h |
5272 |
++++ b/include/linux/socket.h |
5273 |
+@@ -265,7 +265,7 @@ struct ucred { |
5274 |
+ #define MSG_NOSIGNAL 0x4000 /* Do not generate SIGPIPE */ |
5275 |
+ #define MSG_MORE 0x8000 /* Sender will send more */ |
5276 |
+ #define MSG_WAITFORONE 0x10000 /* recvmmsg(): block until 1+ packets avail */ |
5277 |
+- |
5278 |
++#define MSG_SENDPAGE_NOTLAST 0x20000 /* sendpage() internal : not the last page */ |
5279 |
+ #define MSG_EOF MSG_FIN |
5280 |
+ |
5281 |
+ #define MSG_CMSG_CLOEXEC 0x40000000 /* Set close_on_exit for file |
5282 |
+diff --git a/include/linux/usb/hcd.h b/include/linux/usb/hcd.h |
5283 |
+index 03354d5..64cec8d 100644 |
5284 |
+--- a/include/linux/usb/hcd.h |
5285 |
++++ b/include/linux/usb/hcd.h |
5286 |
+@@ -128,6 +128,8 @@ struct usb_hcd { |
5287 |
+ unsigned wireless:1; /* Wireless USB HCD */ |
5288 |
+ unsigned authorized_default:1; |
5289 |
+ unsigned has_tt:1; /* Integrated TT in root hub */ |
5290 |
++ unsigned broken_pci_sleep:1; /* Don't put the |
5291 |
++ controller in PCI-D3 for system sleep */ |
5292 |
+ |
5293 |
+ int irq; /* irq allocated */ |
5294 |
+ void __iomem *regs; /* device memory/io */ |
5295 |
+diff --git a/kernel/exit.c b/kernel/exit.c |
5296 |
+index e6e01b9..5a8a66e 100644 |
5297 |
+--- a/kernel/exit.c |
5298 |
++++ b/kernel/exit.c |
5299 |
+@@ -819,25 +819,6 @@ static void exit_notify(struct task_struct *tsk, int group_dead) |
5300 |
+ if (group_dead) |
5301 |
+ kill_orphaned_pgrp(tsk->group_leader, NULL); |
5302 |
+ |
5303 |
+- /* Let father know we died |
5304 |
+- * |
5305 |
+- * Thread signals are configurable, but you aren't going to use |
5306 |
+- * that to send signals to arbitrary processes. |
5307 |
+- * That stops right now. |
5308 |
+- * |
5309 |
+- * If the parent exec id doesn't match the exec id we saved |
5310 |
+- * when we started then we know the parent has changed security |
5311 |
+- * domain. |
5312 |
+- * |
5313 |
+- * If our self_exec id doesn't match our parent_exec_id then |
5314 |
+- * we have changed execution domain as these two values started |
5315 |
+- * the same after a fork. |
5316 |
+- */ |
5317 |
+- if (thread_group_leader(tsk) && tsk->exit_signal != SIGCHLD && |
5318 |
+- (tsk->parent_exec_id != tsk->real_parent->self_exec_id || |
5319 |
+- tsk->self_exec_id != tsk->parent_exec_id)) |
5320 |
+- tsk->exit_signal = SIGCHLD; |
5321 |
+- |
5322 |
+ if (unlikely(tsk->ptrace)) { |
5323 |
+ int sig = thread_group_leader(tsk) && |
5324 |
+ thread_group_empty(tsk) && |
5325 |
+diff --git a/kernel/power/swap.c b/kernel/power/swap.c |
5326 |
+index 11a594c..b313086 100644 |
5327 |
+--- a/kernel/power/swap.c |
5328 |
++++ b/kernel/power/swap.c |
5329 |
+@@ -52,6 +52,23 @@ |
5330 |
+ |
5331 |
+ #define MAP_PAGE_ENTRIES (PAGE_SIZE / sizeof(sector_t) - 1) |
5332 |
+ |
5333 |
++/* |
5334 |
++ * Number of free pages that are not high. |
5335 |
++ */ |
5336 |
++static inline unsigned long low_free_pages(void) |
5337 |
++{ |
5338 |
++ return nr_free_pages() - nr_free_highpages(); |
5339 |
++} |
5340 |
++ |
5341 |
++/* |
5342 |
++ * Number of pages required to be kept free while writing the image. Always |
5343 |
++ * half of all available low pages before the writing starts. |
5344 |
++ */ |
5345 |
++static inline unsigned long reqd_free_pages(void) |
5346 |
++{ |
5347 |
++ return low_free_pages() / 2; |
5348 |
++} |
5349 |
++ |
5350 |
+ struct swap_map_page { |
5351 |
+ sector_t entries[MAP_PAGE_ENTRIES]; |
5352 |
+ sector_t next_swap; |
5353 |
+@@ -73,7 +90,7 @@ struct swap_map_handle { |
5354 |
+ sector_t cur_swap; |
5355 |
+ sector_t first_sector; |
5356 |
+ unsigned int k; |
5357 |
+- unsigned long nr_free_pages, written; |
5358 |
++ unsigned long reqd_free_pages; |
5359 |
+ u32 crc32; |
5360 |
+ }; |
5361 |
+ |
5362 |
+@@ -317,8 +334,7 @@ static int get_swap_writer(struct swap_map_handle *handle) |
5363 |
+ goto err_rel; |
5364 |
+ } |
5365 |
+ handle->k = 0; |
5366 |
+- handle->nr_free_pages = nr_free_pages() >> 1; |
5367 |
+- handle->written = 0; |
5368 |
++ handle->reqd_free_pages = reqd_free_pages(); |
5369 |
+ handle->first_sector = handle->cur_swap; |
5370 |
+ return 0; |
5371 |
+ err_rel: |
5372 |
+@@ -353,11 +369,11 @@ static int swap_write_page(struct swap_map_handle *handle, void *buf, |
5373 |
+ handle->cur_swap = offset; |
5374 |
+ handle->k = 0; |
5375 |
+ } |
5376 |
+- if (bio_chain && ++handle->written > handle->nr_free_pages) { |
5377 |
++ if (bio_chain && low_free_pages() <= handle->reqd_free_pages) { |
5378 |
+ error = hib_wait_on_bio_chain(bio_chain); |
5379 |
+ if (error) |
5380 |
+ goto out; |
5381 |
+- handle->written = 0; |
5382 |
++ handle->reqd_free_pages = reqd_free_pages(); |
5383 |
+ } |
5384 |
+ out: |
5385 |
+ return error; |
5386 |
+@@ -619,7 +635,7 @@ static int save_image_lzo(struct swap_map_handle *handle, |
5387 |
+ * Adjust number of free pages after all allocations have been done. |
5388 |
+ * We don't want to run out of pages when writing. |
5389 |
+ */ |
5390 |
+- handle->nr_free_pages = nr_free_pages() >> 1; |
5391 |
++ handle->reqd_free_pages = reqd_free_pages(); |
5392 |
+ |
5393 |
+ /* |
5394 |
+ * Start the CRC32 thread. |
5395 |
+diff --git a/kernel/sched.c b/kernel/sched.c |
5396 |
+index d6b149c..299f55c 100644 |
5397 |
+--- a/kernel/sched.c |
5398 |
++++ b/kernel/sched.c |
5399 |
+@@ -3538,13 +3538,10 @@ calc_load_n(unsigned long load, unsigned long exp, |
5400 |
+ * Once we've updated the global active value, we need to apply the exponential |
5401 |
+ * weights adjusted to the number of cycles missed. |
5402 |
+ */ |
5403 |
+-static void calc_global_nohz(unsigned long ticks) |
5404 |
++static void calc_global_nohz(void) |
5405 |
+ { |
5406 |
+ long delta, active, n; |
5407 |
+ |
5408 |
+- if (time_before(jiffies, calc_load_update)) |
5409 |
+- return; |
5410 |
+- |
5411 |
+ /* |
5412 |
+ * If we crossed a calc_load_update boundary, make sure to fold |
5413 |
+ * any pending idle changes, the respective CPUs might have |
5414 |
+@@ -3556,31 +3553,25 @@ static void calc_global_nohz(unsigned long ticks) |
5415 |
+ atomic_long_add(delta, &calc_load_tasks); |
5416 |
+ |
5417 |
+ /* |
5418 |
+- * If we were idle for multiple load cycles, apply them. |
5419 |
++ * It could be the one fold was all it took, we done! |
5420 |
+ */ |
5421 |
+- if (ticks >= LOAD_FREQ) { |
5422 |
+- n = ticks / LOAD_FREQ; |
5423 |
++ if (time_before(jiffies, calc_load_update + 10)) |
5424 |
++ return; |
5425 |
+ |
5426 |
+- active = atomic_long_read(&calc_load_tasks); |
5427 |
+- active = active > 0 ? active * FIXED_1 : 0; |
5428 |
++ /* |
5429 |
++ * Catch-up, fold however many we are behind still |
5430 |
++ */ |
5431 |
++ delta = jiffies - calc_load_update - 10; |
5432 |
++ n = 1 + (delta / LOAD_FREQ); |
5433 |
+ |
5434 |
+- avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
5435 |
+- avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
5436 |
+- avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
5437 |
++ active = atomic_long_read(&calc_load_tasks); |
5438 |
++ active = active > 0 ? active * FIXED_1 : 0; |
5439 |
+ |
5440 |
+- calc_load_update += n * LOAD_FREQ; |
5441 |
+- } |
5442 |
++ avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
5443 |
++ avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
5444 |
++ avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
5445 |
+ |
5446 |
+- /* |
5447 |
+- * Its possible the remainder of the above division also crosses |
5448 |
+- * a LOAD_FREQ period, the regular check in calc_global_load() |
5449 |
+- * which comes after this will take care of that. |
5450 |
+- * |
5451 |
+- * Consider us being 11 ticks before a cycle completion, and us |
5452 |
+- * sleeping for 4*LOAD_FREQ + 22 ticks, then the above code will |
5453 |
+- * age us 4 cycles, and the test in calc_global_load() will |
5454 |
+- * pick up the final one. |
5455 |
+- */ |
5456 |
++ calc_load_update += n * LOAD_FREQ; |
5457 |
+ } |
5458 |
+ #else |
5459 |
+ static void calc_load_account_idle(struct rq *this_rq) |
5460 |
+@@ -3592,7 +3583,7 @@ static inline long calc_load_fold_idle(void) |
5461 |
+ return 0; |
5462 |
+ } |
5463 |
+ |
5464 |
+-static void calc_global_nohz(unsigned long ticks) |
5465 |
++static void calc_global_nohz(void) |
5466 |
+ { |
5467 |
+ } |
5468 |
+ #endif |
5469 |
+@@ -3620,8 +3611,6 @@ void calc_global_load(unsigned long ticks) |
5470 |
+ { |
5471 |
+ long active; |
5472 |
+ |
5473 |
+- calc_global_nohz(ticks); |
5474 |
+- |
5475 |
+ if (time_before(jiffies, calc_load_update + 10)) |
5476 |
+ return; |
5477 |
+ |
5478 |
+@@ -3633,6 +3622,16 @@ void calc_global_load(unsigned long ticks) |
5479 |
+ avenrun[2] = calc_load(avenrun[2], EXP_15, active); |
5480 |
+ |
5481 |
+ calc_load_update += LOAD_FREQ; |
5482 |
++ |
5483 |
++ /* |
5484 |
++ * Account one period with whatever state we found before |
5485 |
++ * folding in the nohz state and ageing the entire idle period. |
5486 |
++ * |
5487 |
++ * This avoids loosing a sample when we go idle between |
5488 |
++ * calc_load_account_active() (10 ticks ago) and now and thus |
5489 |
++ * under-accounting. |
5490 |
++ */ |
5491 |
++ calc_global_nohz(); |
5492 |
+ } |
5493 |
+ |
5494 |
+ /* |
5495 |
+@@ -7605,16 +7604,26 @@ static void __sdt_free(const struct cpumask *cpu_map) |
5496 |
+ struct sd_data *sdd = &tl->data; |
5497 |
+ |
5498 |
+ for_each_cpu(j, cpu_map) { |
5499 |
+- struct sched_domain *sd = *per_cpu_ptr(sdd->sd, j); |
5500 |
+- if (sd && (sd->flags & SD_OVERLAP)) |
5501 |
+- free_sched_groups(sd->groups, 0); |
5502 |
+- kfree(*per_cpu_ptr(sdd->sd, j)); |
5503 |
+- kfree(*per_cpu_ptr(sdd->sg, j)); |
5504 |
+- kfree(*per_cpu_ptr(sdd->sgp, j)); |
5505 |
++ struct sched_domain *sd; |
5506 |
++ |
5507 |
++ if (sdd->sd) { |
5508 |
++ sd = *per_cpu_ptr(sdd->sd, j); |
5509 |
++ if (sd && (sd->flags & SD_OVERLAP)) |
5510 |
++ free_sched_groups(sd->groups, 0); |
5511 |
++ kfree(*per_cpu_ptr(sdd->sd, j)); |
5512 |
++ } |
5513 |
++ |
5514 |
++ if (sdd->sg) |
5515 |
++ kfree(*per_cpu_ptr(sdd->sg, j)); |
5516 |
++ if (sdd->sgp) |
5517 |
++ kfree(*per_cpu_ptr(sdd->sgp, j)); |
5518 |
+ } |
5519 |
+ free_percpu(sdd->sd); |
5520 |
++ sdd->sd = NULL; |
5521 |
+ free_percpu(sdd->sg); |
5522 |
++ sdd->sg = NULL; |
5523 |
+ free_percpu(sdd->sgp); |
5524 |
++ sdd->sgp = NULL; |
5525 |
+ } |
5526 |
+ } |
5527 |
+ |
5528 |
+diff --git a/kernel/signal.c b/kernel/signal.c |
5529 |
+index 2065515..08e0b97 100644 |
5530 |
+--- a/kernel/signal.c |
5531 |
++++ b/kernel/signal.c |
5532 |
+@@ -1610,6 +1610,15 @@ bool do_notify_parent(struct task_struct *tsk, int sig) |
5533 |
+ BUG_ON(!tsk->ptrace && |
5534 |
+ (tsk->group_leader != tsk || !thread_group_empty(tsk))); |
5535 |
+ |
5536 |
++ if (sig != SIGCHLD) { |
5537 |
++ /* |
5538 |
++ * This is only possible if parent == real_parent. |
5539 |
++ * Check if it has changed security domain. |
5540 |
++ */ |
5541 |
++ if (tsk->parent_exec_id != tsk->parent->self_exec_id) |
5542 |
++ sig = SIGCHLD; |
5543 |
++ } |
5544 |
++ |
5545 |
+ info.si_signo = sig; |
5546 |
+ info.si_errno = 0; |
5547 |
+ /* |
5548 |
+diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c |
5549 |
+index 5199930..1dcf253 100644 |
5550 |
+--- a/kernel/trace/trace_output.c |
5551 |
++++ b/kernel/trace/trace_output.c |
5552 |
+@@ -638,6 +638,8 @@ int trace_print_lat_context(struct trace_iterator *iter) |
5553 |
+ { |
5554 |
+ u64 next_ts; |
5555 |
+ int ret; |
5556 |
++ /* trace_find_next_entry will reset ent_size */ |
5557 |
++ int ent_size = iter->ent_size; |
5558 |
+ struct trace_seq *s = &iter->seq; |
5559 |
+ struct trace_entry *entry = iter->ent, |
5560 |
+ *next_entry = trace_find_next_entry(iter, NULL, |
5561 |
+@@ -646,6 +648,9 @@ int trace_print_lat_context(struct trace_iterator *iter) |
5562 |
+ unsigned long abs_usecs = ns2usecs(iter->ts - iter->tr->time_start); |
5563 |
+ unsigned long rel_usecs; |
5564 |
+ |
5565 |
++ /* Restore the original ent_size */ |
5566 |
++ iter->ent_size = ent_size; |
5567 |
++ |
5568 |
+ if (!next_entry) |
5569 |
+ next_ts = iter->ts; |
5570 |
+ rel_usecs = ns2usecs(next_ts - iter->ts); |
5571 |
+diff --git a/mm/swap_state.c b/mm/swap_state.c |
5572 |
+index 78cc4d1..7704d9c 100644 |
5573 |
+--- a/mm/swap_state.c |
5574 |
++++ b/mm/swap_state.c |
5575 |
+@@ -27,7 +27,7 @@ |
5576 |
+ */ |
5577 |
+ static const struct address_space_operations swap_aops = { |
5578 |
+ .writepage = swap_writepage, |
5579 |
+- .set_page_dirty = __set_page_dirty_nobuffers, |
5580 |
++ .set_page_dirty = __set_page_dirty_no_writeback, |
5581 |
+ .migratepage = migrate_page, |
5582 |
+ }; |
5583 |
+ |
5584 |
+diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c |
5585 |
+index e7c69f4..b04a6ef 100644 |
5586 |
+--- a/net/ax25/af_ax25.c |
5587 |
++++ b/net/ax25/af_ax25.c |
5588 |
+@@ -2006,16 +2006,17 @@ static void __exit ax25_exit(void) |
5589 |
+ proc_net_remove(&init_net, "ax25_route"); |
5590 |
+ proc_net_remove(&init_net, "ax25"); |
5591 |
+ proc_net_remove(&init_net, "ax25_calls"); |
5592 |
+- ax25_rt_free(); |
5593 |
+- ax25_uid_free(); |
5594 |
+- ax25_dev_free(); |
5595 |
+ |
5596 |
+- ax25_unregister_sysctl(); |
5597 |
+ unregister_netdevice_notifier(&ax25_dev_notifier); |
5598 |
++ ax25_unregister_sysctl(); |
5599 |
+ |
5600 |
+ dev_remove_pack(&ax25_packet_type); |
5601 |
+ |
5602 |
+ sock_unregister(PF_AX25); |
5603 |
+ proto_unregister(&ax25_proto); |
5604 |
++ |
5605 |
++ ax25_rt_free(); |
5606 |
++ ax25_uid_free(); |
5607 |
++ ax25_dev_free(); |
5608 |
+ } |
5609 |
+ module_exit(ax25_exit); |
5610 |
+diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c |
5611 |
+index 8eb6b15..5ac1811 100644 |
5612 |
+--- a/net/bridge/br_multicast.c |
5613 |
++++ b/net/bridge/br_multicast.c |
5614 |
+@@ -241,7 +241,6 @@ static void br_multicast_group_expired(unsigned long data) |
5615 |
+ hlist_del_rcu(&mp->hlist[mdb->ver]); |
5616 |
+ mdb->size--; |
5617 |
+ |
5618 |
+- del_timer(&mp->query_timer); |
5619 |
+ call_rcu_bh(&mp->rcu, br_multicast_free_group); |
5620 |
+ |
5621 |
+ out: |
5622 |
+@@ -271,7 +270,6 @@ static void br_multicast_del_pg(struct net_bridge *br, |
5623 |
+ rcu_assign_pointer(*pp, p->next); |
5624 |
+ hlist_del_init(&p->mglist); |
5625 |
+ del_timer(&p->timer); |
5626 |
+- del_timer(&p->query_timer); |
5627 |
+ call_rcu_bh(&p->rcu, br_multicast_free_pg); |
5628 |
+ |
5629 |
+ if (!mp->ports && !mp->mglist && |
5630 |
+@@ -507,74 +505,6 @@ static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, |
5631 |
+ return NULL; |
5632 |
+ } |
5633 |
+ |
5634 |
+-static void br_multicast_send_group_query(struct net_bridge_mdb_entry *mp) |
5635 |
+-{ |
5636 |
+- struct net_bridge *br = mp->br; |
5637 |
+- struct sk_buff *skb; |
5638 |
+- |
5639 |
+- skb = br_multicast_alloc_query(br, &mp->addr); |
5640 |
+- if (!skb) |
5641 |
+- goto timer; |
5642 |
+- |
5643 |
+- netif_rx(skb); |
5644 |
+- |
5645 |
+-timer: |
5646 |
+- if (++mp->queries_sent < br->multicast_last_member_count) |
5647 |
+- mod_timer(&mp->query_timer, |
5648 |
+- jiffies + br->multicast_last_member_interval); |
5649 |
+-} |
5650 |
+- |
5651 |
+-static void br_multicast_group_query_expired(unsigned long data) |
5652 |
+-{ |
5653 |
+- struct net_bridge_mdb_entry *mp = (void *)data; |
5654 |
+- struct net_bridge *br = mp->br; |
5655 |
+- |
5656 |
+- spin_lock(&br->multicast_lock); |
5657 |
+- if (!netif_running(br->dev) || !mp->mglist || |
5658 |
+- mp->queries_sent >= br->multicast_last_member_count) |
5659 |
+- goto out; |
5660 |
+- |
5661 |
+- br_multicast_send_group_query(mp); |
5662 |
+- |
5663 |
+-out: |
5664 |
+- spin_unlock(&br->multicast_lock); |
5665 |
+-} |
5666 |
+- |
5667 |
+-static void br_multicast_send_port_group_query(struct net_bridge_port_group *pg) |
5668 |
+-{ |
5669 |
+- struct net_bridge_port *port = pg->port; |
5670 |
+- struct net_bridge *br = port->br; |
5671 |
+- struct sk_buff *skb; |
5672 |
+- |
5673 |
+- skb = br_multicast_alloc_query(br, &pg->addr); |
5674 |
+- if (!skb) |
5675 |
+- goto timer; |
5676 |
+- |
5677 |
+- br_deliver(port, skb); |
5678 |
+- |
5679 |
+-timer: |
5680 |
+- if (++pg->queries_sent < br->multicast_last_member_count) |
5681 |
+- mod_timer(&pg->query_timer, |
5682 |
+- jiffies + br->multicast_last_member_interval); |
5683 |
+-} |
5684 |
+- |
5685 |
+-static void br_multicast_port_group_query_expired(unsigned long data) |
5686 |
+-{ |
5687 |
+- struct net_bridge_port_group *pg = (void *)data; |
5688 |
+- struct net_bridge_port *port = pg->port; |
5689 |
+- struct net_bridge *br = port->br; |
5690 |
+- |
5691 |
+- spin_lock(&br->multicast_lock); |
5692 |
+- if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) || |
5693 |
+- pg->queries_sent >= br->multicast_last_member_count) |
5694 |
+- goto out; |
5695 |
+- |
5696 |
+- br_multicast_send_port_group_query(pg); |
5697 |
+- |
5698 |
+-out: |
5699 |
+- spin_unlock(&br->multicast_lock); |
5700 |
+-} |
5701 |
+- |
5702 |
+ static struct net_bridge_mdb_entry *br_multicast_get_group( |
5703 |
+ struct net_bridge *br, struct net_bridge_port *port, |
5704 |
+ struct br_ip *group, int hash) |
5705 |
+@@ -690,8 +620,6 @@ rehash: |
5706 |
+ mp->addr = *group; |
5707 |
+ setup_timer(&mp->timer, br_multicast_group_expired, |
5708 |
+ (unsigned long)mp); |
5709 |
+- setup_timer(&mp->query_timer, br_multicast_group_query_expired, |
5710 |
+- (unsigned long)mp); |
5711 |
+ |
5712 |
+ hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]); |
5713 |
+ mdb->size++; |
5714 |
+@@ -746,8 +674,6 @@ static int br_multicast_add_group(struct net_bridge *br, |
5715 |
+ hlist_add_head(&p->mglist, &port->mglist); |
5716 |
+ setup_timer(&p->timer, br_multicast_port_group_expired, |
5717 |
+ (unsigned long)p); |
5718 |
+- setup_timer(&p->query_timer, br_multicast_port_group_query_expired, |
5719 |
+- (unsigned long)p); |
5720 |
+ |
5721 |
+ rcu_assign_pointer(*pp, p); |
5722 |
+ |
5723 |
+@@ -1291,9 +1217,6 @@ static void br_multicast_leave_group(struct net_bridge *br, |
5724 |
+ time_after(mp->timer.expires, time) : |
5725 |
+ try_to_del_timer_sync(&mp->timer) >= 0)) { |
5726 |
+ mod_timer(&mp->timer, time); |
5727 |
+- |
5728 |
+- mp->queries_sent = 0; |
5729 |
+- mod_timer(&mp->query_timer, now); |
5730 |
+ } |
5731 |
+ |
5732 |
+ goto out; |
5733 |
+@@ -1310,9 +1233,6 @@ static void br_multicast_leave_group(struct net_bridge *br, |
5734 |
+ time_after(p->timer.expires, time) : |
5735 |
+ try_to_del_timer_sync(&p->timer) >= 0)) { |
5736 |
+ mod_timer(&p->timer, time); |
5737 |
+- |
5738 |
+- p->queries_sent = 0; |
5739 |
+- mod_timer(&p->query_timer, now); |
5740 |
+ } |
5741 |
+ |
5742 |
+ break; |
5743 |
+@@ -1680,7 +1600,6 @@ void br_multicast_stop(struct net_bridge *br) |
5744 |
+ hlist_for_each_entry_safe(mp, p, n, &mdb->mhash[i], |
5745 |
+ hlist[ver]) { |
5746 |
+ del_timer(&mp->timer); |
5747 |
+- del_timer(&mp->query_timer); |
5748 |
+ call_rcu_bh(&mp->rcu, br_multicast_free_group); |
5749 |
+ } |
5750 |
+ } |
5751 |
+diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h |
5752 |
+index d7d6fb0..93264df 100644 |
5753 |
+--- a/net/bridge/br_private.h |
5754 |
++++ b/net/bridge/br_private.h |
5755 |
+@@ -82,9 +82,7 @@ struct net_bridge_port_group { |
5756 |
+ struct hlist_node mglist; |
5757 |
+ struct rcu_head rcu; |
5758 |
+ struct timer_list timer; |
5759 |
+- struct timer_list query_timer; |
5760 |
+ struct br_ip addr; |
5761 |
+- u32 queries_sent; |
5762 |
+ }; |
5763 |
+ |
5764 |
+ struct net_bridge_mdb_entry |
5765 |
+@@ -94,10 +92,8 @@ struct net_bridge_mdb_entry |
5766 |
+ struct net_bridge_port_group __rcu *ports; |
5767 |
+ struct rcu_head rcu; |
5768 |
+ struct timer_list timer; |
5769 |
+- struct timer_list query_timer; |
5770 |
+ struct br_ip addr; |
5771 |
+ bool mglist; |
5772 |
+- u32 queries_sent; |
5773 |
+ }; |
5774 |
+ |
5775 |
+ struct net_bridge_mdb_htable |
5776 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
5777 |
+index 55cd370..cd5050e 100644 |
5778 |
+--- a/net/core/dev.c |
5779 |
++++ b/net/core/dev.c |
5780 |
+@@ -4102,54 +4102,41 @@ static int dev_ifconf(struct net *net, char __user *arg) |
5781 |
+ |
5782 |
+ #ifdef CONFIG_PROC_FS |
5783 |
+ |
5784 |
+-#define BUCKET_SPACE (32 - NETDEV_HASHBITS) |
5785 |
+- |
5786 |
+-struct dev_iter_state { |
5787 |
+- struct seq_net_private p; |
5788 |
+- unsigned int pos; /* bucket << BUCKET_SPACE + offset */ |
5789 |
+-}; |
5790 |
++#define BUCKET_SPACE (32 - NETDEV_HASHBITS - 1) |
5791 |
+ |
5792 |
+ #define get_bucket(x) ((x) >> BUCKET_SPACE) |
5793 |
+ #define get_offset(x) ((x) & ((1 << BUCKET_SPACE) - 1)) |
5794 |
+ #define set_bucket_offset(b, o) ((b) << BUCKET_SPACE | (o)) |
5795 |
+ |
5796 |
+-static inline struct net_device *dev_from_same_bucket(struct seq_file *seq) |
5797 |
++static inline struct net_device *dev_from_same_bucket(struct seq_file *seq, loff_t *pos) |
5798 |
+ { |
5799 |
+- struct dev_iter_state *state = seq->private; |
5800 |
+ struct net *net = seq_file_net(seq); |
5801 |
+ struct net_device *dev; |
5802 |
+ struct hlist_node *p; |
5803 |
+ struct hlist_head *h; |
5804 |
+- unsigned int count, bucket, offset; |
5805 |
++ unsigned int count = 0, offset = get_offset(*pos); |
5806 |
+ |
5807 |
+- bucket = get_bucket(state->pos); |
5808 |
+- offset = get_offset(state->pos); |
5809 |
+- h = &net->dev_name_head[bucket]; |
5810 |
+- count = 0; |
5811 |
++ h = &net->dev_name_head[get_bucket(*pos)]; |
5812 |
+ hlist_for_each_entry_rcu(dev, p, h, name_hlist) { |
5813 |
+- if (count++ == offset) { |
5814 |
+- state->pos = set_bucket_offset(bucket, count); |
5815 |
++ if (++count == offset) |
5816 |
+ return dev; |
5817 |
+- } |
5818 |
+ } |
5819 |
+ |
5820 |
+ return NULL; |
5821 |
+ } |
5822 |
+ |
5823 |
+-static inline struct net_device *dev_from_new_bucket(struct seq_file *seq) |
5824 |
++static inline struct net_device *dev_from_bucket(struct seq_file *seq, loff_t *pos) |
5825 |
+ { |
5826 |
+- struct dev_iter_state *state = seq->private; |
5827 |
+ struct net_device *dev; |
5828 |
+ unsigned int bucket; |
5829 |
+ |
5830 |
+- bucket = get_bucket(state->pos); |
5831 |
+ do { |
5832 |
+- dev = dev_from_same_bucket(seq); |
5833 |
++ dev = dev_from_same_bucket(seq, pos); |
5834 |
+ if (dev) |
5835 |
+ return dev; |
5836 |
+ |
5837 |
+- bucket++; |
5838 |
+- state->pos = set_bucket_offset(bucket, 0); |
5839 |
++ bucket = get_bucket(*pos) + 1; |
5840 |
++ *pos = set_bucket_offset(bucket, 1); |
5841 |
+ } while (bucket < NETDEV_HASHENTRIES); |
5842 |
+ |
5843 |
+ return NULL; |
5844 |
+@@ -4162,33 +4149,20 @@ static inline struct net_device *dev_from_new_bucket(struct seq_file *seq) |
5845 |
+ void *dev_seq_start(struct seq_file *seq, loff_t *pos) |
5846 |
+ __acquires(RCU) |
5847 |
+ { |
5848 |
+- struct dev_iter_state *state = seq->private; |
5849 |
+- |
5850 |
+ rcu_read_lock(); |
5851 |
+ if (!*pos) |
5852 |
+ return SEQ_START_TOKEN; |
5853 |
+ |
5854 |
+- /* check for end of the hash */ |
5855 |
+- if (state->pos == 0 && *pos > 1) |
5856 |
++ if (get_bucket(*pos) >= NETDEV_HASHENTRIES) |
5857 |
+ return NULL; |
5858 |
+ |
5859 |
+- return dev_from_new_bucket(seq); |
5860 |
++ return dev_from_bucket(seq, pos); |
5861 |
+ } |
5862 |
+ |
5863 |
+ void *dev_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
5864 |
+ { |
5865 |
+- struct net_device *dev; |
5866 |
+- |
5867 |
+ ++*pos; |
5868 |
+- |
5869 |
+- if (v == SEQ_START_TOKEN) |
5870 |
+- return dev_from_new_bucket(seq); |
5871 |
+- |
5872 |
+- dev = dev_from_same_bucket(seq); |
5873 |
+- if (dev) |
5874 |
+- return dev; |
5875 |
+- |
5876 |
+- return dev_from_new_bucket(seq); |
5877 |
++ return dev_from_bucket(seq, pos); |
5878 |
+ } |
5879 |
+ |
5880 |
+ void dev_seq_stop(struct seq_file *seq, void *v) |
5881 |
+@@ -4287,13 +4261,7 @@ static const struct seq_operations dev_seq_ops = { |
5882 |
+ static int dev_seq_open(struct inode *inode, struct file *file) |
5883 |
+ { |
5884 |
+ return seq_open_net(inode, file, &dev_seq_ops, |
5885 |
+- sizeof(struct dev_iter_state)); |
5886 |
+-} |
5887 |
+- |
5888 |
+-int dev_seq_open_ops(struct inode *inode, struct file *file, |
5889 |
+- const struct seq_operations *ops) |
5890 |
+-{ |
5891 |
+- return seq_open_net(inode, file, ops, sizeof(struct dev_iter_state)); |
5892 |
++ sizeof(struct seq_net_private)); |
5893 |
+ } |
5894 |
+ |
5895 |
+ static const struct file_operations dev_seq_fops = { |
5896 |
+diff --git a/net/core/dev_addr_lists.c b/net/core/dev_addr_lists.c |
5897 |
+index febba51..277faef 100644 |
5898 |
+--- a/net/core/dev_addr_lists.c |
5899 |
++++ b/net/core/dev_addr_lists.c |
5900 |
+@@ -696,7 +696,8 @@ static const struct seq_operations dev_mc_seq_ops = { |
5901 |
+ |
5902 |
+ static int dev_mc_seq_open(struct inode *inode, struct file *file) |
5903 |
+ { |
5904 |
+- return dev_seq_open_ops(inode, file, &dev_mc_seq_ops); |
5905 |
++ return seq_open_net(inode, file, &dev_mc_seq_ops, |
5906 |
++ sizeof(struct seq_net_private)); |
5907 |
+ } |
5908 |
+ |
5909 |
+ static const struct file_operations dev_mc_seq_fops = { |
5910 |
+diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c |
5911 |
+index 0e950fd..31a5ae5 100644 |
5912 |
+--- a/net/core/net_namespace.c |
5913 |
++++ b/net/core/net_namespace.c |
5914 |
+@@ -83,21 +83,29 @@ assign: |
5915 |
+ |
5916 |
+ static int ops_init(const struct pernet_operations *ops, struct net *net) |
5917 |
+ { |
5918 |
+- int err; |
5919 |
++ int err = -ENOMEM; |
5920 |
++ void *data = NULL; |
5921 |
++ |
5922 |
+ if (ops->id && ops->size) { |
5923 |
+- void *data = kzalloc(ops->size, GFP_KERNEL); |
5924 |
++ data = kzalloc(ops->size, GFP_KERNEL); |
5925 |
+ if (!data) |
5926 |
+- return -ENOMEM; |
5927 |
++ goto out; |
5928 |
+ |
5929 |
+ err = net_assign_generic(net, *ops->id, data); |
5930 |
+- if (err) { |
5931 |
+- kfree(data); |
5932 |
+- return err; |
5933 |
+- } |
5934 |
++ if (err) |
5935 |
++ goto cleanup; |
5936 |
+ } |
5937 |
++ err = 0; |
5938 |
+ if (ops->init) |
5939 |
+- return ops->init(net); |
5940 |
+- return 0; |
5941 |
++ err = ops->init(net); |
5942 |
++ if (!err) |
5943 |
++ return 0; |
5944 |
++ |
5945 |
++cleanup: |
5946 |
++ kfree(data); |
5947 |
++ |
5948 |
++out: |
5949 |
++ return err; |
5950 |
+ } |
5951 |
+ |
5952 |
+ static void ops_free(const struct pernet_operations *ops, struct net *net) |
5953 |
+@@ -448,12 +456,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops) |
5954 |
+ static int __register_pernet_operations(struct list_head *list, |
5955 |
+ struct pernet_operations *ops) |
5956 |
+ { |
5957 |
+- int err = 0; |
5958 |
+- err = ops_init(ops, &init_net); |
5959 |
+- if (err) |
5960 |
+- ops_free(ops, &init_net); |
5961 |
+- return err; |
5962 |
+- |
5963 |
++ return ops_init(ops, &init_net); |
5964 |
+ } |
5965 |
+ |
5966 |
+ static void __unregister_pernet_operations(struct pernet_operations *ops) |
5967 |
+diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
5968 |
+index 3c30ee4..2ec200de 100644 |
5969 |
+--- a/net/core/skbuff.c |
5970 |
++++ b/net/core/skbuff.c |
5971 |
+@@ -903,9 +903,11 @@ int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail, |
5972 |
+ goto adjust_others; |
5973 |
+ } |
5974 |
+ |
5975 |
+- data = kmalloc(size + sizeof(struct skb_shared_info), gfp_mask); |
5976 |
++ data = kmalloc(size + SKB_DATA_ALIGN(sizeof(struct skb_shared_info)), |
5977 |
++ gfp_mask); |
5978 |
+ if (!data) |
5979 |
+ goto nodata; |
5980 |
++ size = SKB_WITH_OVERHEAD(ksize(data)); |
5981 |
+ |
5982 |
+ /* Copy only real data... and, alas, header. This should be |
5983 |
+ * optimized for the cases when header is void. |
5984 |
+@@ -3111,6 +3113,8 @@ static void sock_rmem_free(struct sk_buff *skb) |
5985 |
+ */ |
5986 |
+ int sock_queue_err_skb(struct sock *sk, struct sk_buff *skb) |
5987 |
+ { |
5988 |
++ int len = skb->len; |
5989 |
++ |
5990 |
+ if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= |
5991 |
+ (unsigned)sk->sk_rcvbuf) |
5992 |
+ return -ENOMEM; |
5993 |
+@@ -3125,7 +3129,7 @@ int sock_queue_err_skb(struct sock *sk, struct sk_buff *skb) |
5994 |
+ |
5995 |
+ skb_queue_tail(&sk->sk_error_queue, skb); |
5996 |
+ if (!sock_flag(sk, SOCK_DEAD)) |
5997 |
+- sk->sk_data_ready(sk, skb->len); |
5998 |
++ sk->sk_data_ready(sk, len); |
5999 |
+ return 0; |
6000 |
+ } |
6001 |
+ EXPORT_SYMBOL(sock_queue_err_skb); |
6002 |
+diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c |
6003 |
+index 34f5db1..7904db4 100644 |
6004 |
+--- a/net/ipv4/tcp.c |
6005 |
++++ b/net/ipv4/tcp.c |
6006 |
+@@ -701,11 +701,12 @@ struct sk_buff *sk_stream_alloc_skb(struct sock *sk, int size, gfp_t gfp) |
6007 |
+ skb = alloc_skb_fclone(size + sk->sk_prot->max_header, gfp); |
6008 |
+ if (skb) { |
6009 |
+ if (sk_wmem_schedule(sk, skb->truesize)) { |
6010 |
++ skb_reserve(skb, sk->sk_prot->max_header); |
6011 |
+ /* |
6012 |
+ * Make sure that we have exactly size bytes |
6013 |
+ * available to the caller, no more, no less. |
6014 |
+ */ |
6015 |
+- skb_reserve(skb, skb_tailroom(skb) - size); |
6016 |
++ skb->avail_size = size; |
6017 |
+ return skb; |
6018 |
+ } |
6019 |
+ __kfree_skb(skb); |
6020 |
+@@ -860,7 +861,7 @@ wait_for_memory: |
6021 |
+ } |
6022 |
+ |
6023 |
+ out: |
6024 |
+- if (copied) |
6025 |
++ if (copied && !(flags & MSG_SENDPAGE_NOTLAST)) |
6026 |
+ tcp_push(sk, flags, mss_now, tp->nonagle); |
6027 |
+ return copied; |
6028 |
+ |
6029 |
+@@ -995,10 +996,9 @@ new_segment: |
6030 |
+ copy = seglen; |
6031 |
+ |
6032 |
+ /* Where to copy to? */ |
6033 |
+- if (skb_tailroom(skb) > 0) { |
6034 |
++ if (skb_availroom(skb) > 0) { |
6035 |
+ /* We have some space in skb head. Superb! */ |
6036 |
+- if (copy > skb_tailroom(skb)) |
6037 |
+- copy = skb_tailroom(skb); |
6038 |
++ copy = min_t(int, copy, skb_availroom(skb)); |
6039 |
+ err = skb_add_data_nocache(sk, skb, from, copy); |
6040 |
+ if (err) |
6041 |
+ goto do_fault; |
6042 |
+diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
6043 |
+index e4d1e4a..daedc07 100644 |
6044 |
+--- a/net/ipv4/tcp_input.c |
6045 |
++++ b/net/ipv4/tcp_input.c |
6046 |
+@@ -334,6 +334,7 @@ static void tcp_grow_window(struct sock *sk, const struct sk_buff *skb) |
6047 |
+ incr = __tcp_grow_window(sk, skb); |
6048 |
+ |
6049 |
+ if (incr) { |
6050 |
++ incr = max_t(int, incr, 2 * skb->len); |
6051 |
+ tp->rcv_ssthresh = min(tp->rcv_ssthresh + incr, |
6052 |
+ tp->window_clamp); |
6053 |
+ inet_csk(sk)->icsk_ack.quick |= 1; |
6054 |
+@@ -473,8 +474,11 @@ static void tcp_rcv_rtt_update(struct tcp_sock *tp, u32 sample, int win_dep) |
6055 |
+ if (!win_dep) { |
6056 |
+ m -= (new_sample >> 3); |
6057 |
+ new_sample += m; |
6058 |
+- } else if (m < new_sample) |
6059 |
+- new_sample = m << 3; |
6060 |
++ } else { |
6061 |
++ m <<= 3; |
6062 |
++ if (m < new_sample) |
6063 |
++ new_sample = m; |
6064 |
++ } |
6065 |
+ } else { |
6066 |
+ /* No previous measure. */ |
6067 |
+ new_sample = m << 3; |
6068 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
6069 |
+index 097e0c7..c51dd5b 100644 |
6070 |
+--- a/net/ipv4/tcp_output.c |
6071 |
++++ b/net/ipv4/tcp_output.c |
6072 |
+@@ -1093,6 +1093,14 @@ static void __pskb_trim_head(struct sk_buff *skb, int len) |
6073 |
+ { |
6074 |
+ int i, k, eat; |
6075 |
+ |
6076 |
++ eat = min_t(int, len, skb_headlen(skb)); |
6077 |
++ if (eat) { |
6078 |
++ __skb_pull(skb, eat); |
6079 |
++ skb->avail_size -= eat; |
6080 |
++ len -= eat; |
6081 |
++ if (!len) |
6082 |
++ return; |
6083 |
++ } |
6084 |
+ eat = len; |
6085 |
+ k = 0; |
6086 |
+ for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { |
6087 |
+@@ -1124,11 +1132,7 @@ int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) |
6088 |
+ if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) |
6089 |
+ return -ENOMEM; |
6090 |
+ |
6091 |
+- /* If len == headlen, we avoid __skb_pull to preserve alignment. */ |
6092 |
+- if (unlikely(len < skb_headlen(skb))) |
6093 |
+- __skb_pull(skb, len); |
6094 |
+- else |
6095 |
+- __pskb_trim_head(skb, len - skb_headlen(skb)); |
6096 |
++ __pskb_trim_head(skb, len); |
6097 |
+ |
6098 |
+ TCP_SKB_CB(skb)->seq += len; |
6099 |
+ skb->ip_summed = CHECKSUM_PARTIAL; |
6100 |
+@@ -2057,7 +2061,7 @@ static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to, |
6101 |
+ /* Punt if not enough space exists in the first SKB for |
6102 |
+ * the data in the second |
6103 |
+ */ |
6104 |
+- if (skb->len > skb_tailroom(to)) |
6105 |
++ if (skb->len > skb_availroom(to)) |
6106 |
+ break; |
6107 |
+ |
6108 |
+ if (after(TCP_SKB_CB(skb)->end_seq, tcp_wnd_end(tp))) |
6109 |
+diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c |
6110 |
+index 2257366..f2d74ea 100644 |
6111 |
+--- a/net/ipv6/mcast.c |
6112 |
++++ b/net/ipv6/mcast.c |
6113 |
+@@ -2054,7 +2054,7 @@ static int ip6_mc_add_src(struct inet6_dev *idev, const struct in6_addr *pmca, |
6114 |
+ if (!delta) |
6115 |
+ pmc->mca_sfcount[sfmode]--; |
6116 |
+ for (j=0; j<i; j++) |
6117 |
+- (void) ip6_mc_del1_src(pmc, sfmode, &psfsrc[i]); |
6118 |
++ ip6_mc_del1_src(pmc, sfmode, &psfsrc[j]); |
6119 |
+ } else if (isexclude != (pmc->mca_sfcount[MCAST_EXCLUDE] != 0)) { |
6120 |
+ struct ip6_sf_list *psf; |
6121 |
+ |
6122 |
+diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
6123 |
+index b859e4a..4a56574 100644 |
6124 |
+--- a/net/ipv6/tcp_ipv6.c |
6125 |
++++ b/net/ipv6/tcp_ipv6.c |
6126 |
+@@ -1494,6 +1494,10 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, |
6127 |
+ tcp_mtup_init(newsk); |
6128 |
+ tcp_sync_mss(newsk, dst_mtu(dst)); |
6129 |
+ newtp->advmss = dst_metric_advmss(dst); |
6130 |
++ if (tcp_sk(sk)->rx_opt.user_mss && |
6131 |
++ tcp_sk(sk)->rx_opt.user_mss < newtp->advmss) |
6132 |
++ newtp->advmss = tcp_sk(sk)->rx_opt.user_mss; |
6133 |
++ |
6134 |
+ tcp_initialize_rcv_mss(newsk); |
6135 |
+ if (tcp_rsk(req)->snt_synack) |
6136 |
+ tcp_valid_rtt_meas(newsk, |
6137 |
+diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c |
6138 |
+index eff1f4e..4ff35bf 100644 |
6139 |
+--- a/net/mac80211/tx.c |
6140 |
++++ b/net/mac80211/tx.c |
6141 |
+@@ -1121,7 +1121,8 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata, |
6142 |
+ tx->sta = rcu_dereference(sdata->u.vlan.sta); |
6143 |
+ if (!tx->sta && sdata->dev->ieee80211_ptr->use_4addr) |
6144 |
+ return TX_DROP; |
6145 |
+- } else if (info->flags & IEEE80211_TX_CTL_INJECTED) { |
6146 |
++ } else if (info->flags & IEEE80211_TX_CTL_INJECTED || |
6147 |
++ tx->sdata->control_port_protocol == tx->skb->protocol) { |
6148 |
+ tx->sta = sta_info_get_bss(sdata, hdr->addr1); |
6149 |
+ } |
6150 |
+ if (!tx->sta) |
6151 |
+diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
6152 |
+index 1201b6d..a99fb41 100644 |
6153 |
+--- a/net/netlink/af_netlink.c |
6154 |
++++ b/net/netlink/af_netlink.c |
6155 |
+@@ -830,12 +830,19 @@ int netlink_attachskb(struct sock *sk, struct sk_buff *skb, |
6156 |
+ return 0; |
6157 |
+ } |
6158 |
+ |
6159 |
+-int netlink_sendskb(struct sock *sk, struct sk_buff *skb) |
6160 |
++static int __netlink_sendskb(struct sock *sk, struct sk_buff *skb) |
6161 |
+ { |
6162 |
+ int len = skb->len; |
6163 |
+ |
6164 |
+ skb_queue_tail(&sk->sk_receive_queue, skb); |
6165 |
+ sk->sk_data_ready(sk, len); |
6166 |
++ return len; |
6167 |
++} |
6168 |
++ |
6169 |
++int netlink_sendskb(struct sock *sk, struct sk_buff *skb) |
6170 |
++{ |
6171 |
++ int len = __netlink_sendskb(sk, skb); |
6172 |
++ |
6173 |
+ sock_put(sk); |
6174 |
+ return len; |
6175 |
+ } |
6176 |
+@@ -960,8 +967,7 @@ static inline int netlink_broadcast_deliver(struct sock *sk, |
6177 |
+ if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf && |
6178 |
+ !test_bit(0, &nlk->state)) { |
6179 |
+ skb_set_owner_r(skb, sk); |
6180 |
+- skb_queue_tail(&sk->sk_receive_queue, skb); |
6181 |
+- sk->sk_data_ready(sk, skb->len); |
6182 |
++ __netlink_sendskb(sk, skb); |
6183 |
+ return atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf; |
6184 |
+ } |
6185 |
+ return -1; |
6186 |
+@@ -1684,10 +1690,8 @@ static int netlink_dump(struct sock *sk) |
6187 |
+ |
6188 |
+ if (sk_filter(sk, skb)) |
6189 |
+ kfree_skb(skb); |
6190 |
+- else { |
6191 |
+- skb_queue_tail(&sk->sk_receive_queue, skb); |
6192 |
+- sk->sk_data_ready(sk, skb->len); |
6193 |
+- } |
6194 |
++ else |
6195 |
++ __netlink_sendskb(sk, skb); |
6196 |
+ return 0; |
6197 |
+ } |
6198 |
+ |
6199 |
+@@ -1701,10 +1705,8 @@ static int netlink_dump(struct sock *sk) |
6200 |
+ |
6201 |
+ if (sk_filter(sk, skb)) |
6202 |
+ kfree_skb(skb); |
6203 |
+- else { |
6204 |
+- skb_queue_tail(&sk->sk_receive_queue, skb); |
6205 |
+- sk->sk_data_ready(sk, skb->len); |
6206 |
+- } |
6207 |
++ else |
6208 |
++ __netlink_sendskb(sk, skb); |
6209 |
+ |
6210 |
+ if (cb->done) |
6211 |
+ cb->done(cb); |
6212 |
+diff --git a/net/phonet/pep.c b/net/phonet/pep.c |
6213 |
+index 2ba6e9f..007546d 100644 |
6214 |
+--- a/net/phonet/pep.c |
6215 |
++++ b/net/phonet/pep.c |
6216 |
+@@ -1046,6 +1046,9 @@ static int pep_sendmsg(struct kiocb *iocb, struct sock *sk, |
6217 |
+ int flags = msg->msg_flags; |
6218 |
+ int err, done; |
6219 |
+ |
6220 |
++ if (len > USHRT_MAX) |
6221 |
++ return -EMSGSIZE; |
6222 |
++ |
6223 |
+ if ((msg->msg_flags & ~(MSG_DONTWAIT|MSG_EOR|MSG_NOSIGNAL| |
6224 |
+ MSG_CMSG_COMPAT)) || |
6225 |
+ !(msg->msg_flags & MSG_EOR)) |
6226 |
+diff --git a/net/sched/sch_gred.c b/net/sched/sch_gred.c |
6227 |
+index 6cd8ddf..e1afe0c 100644 |
6228 |
+--- a/net/sched/sch_gred.c |
6229 |
++++ b/net/sched/sch_gred.c |
6230 |
+@@ -544,11 +544,8 @@ static int gred_dump(struct Qdisc *sch, struct sk_buff *skb) |
6231 |
+ opt.packets = q->packetsin; |
6232 |
+ opt.bytesin = q->bytesin; |
6233 |
+ |
6234 |
+- if (gred_wred_mode(table)) { |
6235 |
+- q->parms.qidlestart = |
6236 |
+- table->tab[table->def]->parms.qidlestart; |
6237 |
+- q->parms.qavg = table->tab[table->def]->parms.qavg; |
6238 |
+- } |
6239 |
++ if (gred_wred_mode(table)) |
6240 |
++ gred_load_wred_set(table, q); |
6241 |
+ |
6242 |
+ opt.qave = red_calc_qavg(&q->parms, q->parms.qavg); |
6243 |
+ |
6244 |
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c |
6245 |
+index 54a7cd2..0075554 100644 |
6246 |
+--- a/net/sctp/socket.c |
6247 |
++++ b/net/sctp/socket.c |
6248 |
+@@ -4133,9 +4133,10 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, |
6249 |
+ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, |
6250 |
+ int __user *optlen) |
6251 |
+ { |
6252 |
+- if (len < sizeof(struct sctp_event_subscribe)) |
6253 |
++ if (len <= 0) |
6254 |
+ return -EINVAL; |
6255 |
+- len = sizeof(struct sctp_event_subscribe); |
6256 |
++ if (len > sizeof(struct sctp_event_subscribe)) |
6257 |
++ len = sizeof(struct sctp_event_subscribe); |
6258 |
+ if (put_user(len, optlen)) |
6259 |
+ return -EFAULT; |
6260 |
+ if (copy_to_user(optval, &sctp_sk(sk)->subscribe, len)) |
6261 |
+diff --git a/net/socket.c b/net/socket.c |
6262 |
+index 2dce67a..273cbce 100644 |
6263 |
+--- a/net/socket.c |
6264 |
++++ b/net/socket.c |
6265 |
+@@ -791,9 +791,9 @@ static ssize_t sock_sendpage(struct file *file, struct page *page, |
6266 |
+ |
6267 |
+ sock = file->private_data; |
6268 |
+ |
6269 |
+- flags = !(file->f_flags & O_NONBLOCK) ? 0 : MSG_DONTWAIT; |
6270 |
+- if (more) |
6271 |
+- flags |= MSG_MORE; |
6272 |
++ flags = (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0; |
6273 |
++ /* more is a combination of MSG_MORE and MSG_SENDPAGE_NOTLAST */ |
6274 |
++ flags |= more; |
6275 |
+ |
6276 |
+ return kernel_sendpage(sock, page, offset, size, flags); |
6277 |
+ } |
6278 |
+diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c |
6279 |
+index ffafda5..c06c365 100644 |
6280 |
+--- a/net/wireless/nl80211.c |
6281 |
++++ b/net/wireless/nl80211.c |
6282 |
+@@ -1258,6 +1258,11 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) |
6283 |
+ goto bad_res; |
6284 |
+ } |
6285 |
+ |
6286 |
++ if (!netif_running(netdev)) { |
6287 |
++ result = -ENETDOWN; |
6288 |
++ goto bad_res; |
6289 |
++ } |
6290 |
++ |
6291 |
+ nla_for_each_nested(nl_txq_params, |
6292 |
+ info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], |
6293 |
+ rem_txq_params) { |
6294 |
+@@ -5944,7 +5949,7 @@ static struct genl_ops nl80211_ops[] = { |
6295 |
+ .doit = nl80211_get_key, |
6296 |
+ .policy = nl80211_policy, |
6297 |
+ .flags = GENL_ADMIN_PERM, |
6298 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6299 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6300 |
+ NL80211_FLAG_NEED_RTNL, |
6301 |
+ }, |
6302 |
+ { |
6303 |
+@@ -5976,7 +5981,7 @@ static struct genl_ops nl80211_ops[] = { |
6304 |
+ .policy = nl80211_policy, |
6305 |
+ .flags = GENL_ADMIN_PERM, |
6306 |
+ .doit = nl80211_addset_beacon, |
6307 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6308 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6309 |
+ NL80211_FLAG_NEED_RTNL, |
6310 |
+ }, |
6311 |
+ { |
6312 |
+@@ -5984,7 +5989,7 @@ static struct genl_ops nl80211_ops[] = { |
6313 |
+ .policy = nl80211_policy, |
6314 |
+ .flags = GENL_ADMIN_PERM, |
6315 |
+ .doit = nl80211_addset_beacon, |
6316 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6317 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6318 |
+ NL80211_FLAG_NEED_RTNL, |
6319 |
+ }, |
6320 |
+ { |
6321 |
+@@ -6008,7 +6013,7 @@ static struct genl_ops nl80211_ops[] = { |
6322 |
+ .doit = nl80211_set_station, |
6323 |
+ .policy = nl80211_policy, |
6324 |
+ .flags = GENL_ADMIN_PERM, |
6325 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6326 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6327 |
+ NL80211_FLAG_NEED_RTNL, |
6328 |
+ }, |
6329 |
+ { |
6330 |
+@@ -6024,7 +6029,7 @@ static struct genl_ops nl80211_ops[] = { |
6331 |
+ .doit = nl80211_del_station, |
6332 |
+ .policy = nl80211_policy, |
6333 |
+ .flags = GENL_ADMIN_PERM, |
6334 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6335 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6336 |
+ NL80211_FLAG_NEED_RTNL, |
6337 |
+ }, |
6338 |
+ { |
6339 |
+@@ -6057,7 +6062,7 @@ static struct genl_ops nl80211_ops[] = { |
6340 |
+ .doit = nl80211_del_mpath, |
6341 |
+ .policy = nl80211_policy, |
6342 |
+ .flags = GENL_ADMIN_PERM, |
6343 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6344 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6345 |
+ NL80211_FLAG_NEED_RTNL, |
6346 |
+ }, |
6347 |
+ { |
6348 |
+@@ -6065,7 +6070,7 @@ static struct genl_ops nl80211_ops[] = { |
6349 |
+ .doit = nl80211_set_bss, |
6350 |
+ .policy = nl80211_policy, |
6351 |
+ .flags = GENL_ADMIN_PERM, |
6352 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6353 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6354 |
+ NL80211_FLAG_NEED_RTNL, |
6355 |
+ }, |
6356 |
+ { |
6357 |
+@@ -6091,7 +6096,7 @@ static struct genl_ops nl80211_ops[] = { |
6358 |
+ .doit = nl80211_get_mesh_config, |
6359 |
+ .policy = nl80211_policy, |
6360 |
+ /* can be retrieved by unprivileged users */ |
6361 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6362 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6363 |
+ NL80211_FLAG_NEED_RTNL, |
6364 |
+ }, |
6365 |
+ { |
6366 |
+@@ -6224,7 +6229,7 @@ static struct genl_ops nl80211_ops[] = { |
6367 |
+ .doit = nl80211_setdel_pmksa, |
6368 |
+ .policy = nl80211_policy, |
6369 |
+ .flags = GENL_ADMIN_PERM, |
6370 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6371 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6372 |
+ NL80211_FLAG_NEED_RTNL, |
6373 |
+ }, |
6374 |
+ { |
6375 |
+@@ -6232,7 +6237,7 @@ static struct genl_ops nl80211_ops[] = { |
6376 |
+ .doit = nl80211_setdel_pmksa, |
6377 |
+ .policy = nl80211_policy, |
6378 |
+ .flags = GENL_ADMIN_PERM, |
6379 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6380 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6381 |
+ NL80211_FLAG_NEED_RTNL, |
6382 |
+ }, |
6383 |
+ { |
6384 |
+@@ -6240,7 +6245,7 @@ static struct genl_ops nl80211_ops[] = { |
6385 |
+ .doit = nl80211_flush_pmksa, |
6386 |
+ .policy = nl80211_policy, |
6387 |
+ .flags = GENL_ADMIN_PERM, |
6388 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6389 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6390 |
+ NL80211_FLAG_NEED_RTNL, |
6391 |
+ }, |
6392 |
+ { |
6393 |
+@@ -6328,7 +6333,7 @@ static struct genl_ops nl80211_ops[] = { |
6394 |
+ .doit = nl80211_set_wds_peer, |
6395 |
+ .policy = nl80211_policy, |
6396 |
+ .flags = GENL_ADMIN_PERM, |
6397 |
+- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
6398 |
++ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
6399 |
+ NL80211_FLAG_NEED_RTNL, |
6400 |
+ }, |
6401 |
+ { |
6402 |
+diff --git a/net/wireless/util.c b/net/wireless/util.c |
6403 |
+index 4dde429..8bf8902 100644 |
6404 |
+--- a/net/wireless/util.c |
6405 |
++++ b/net/wireless/util.c |
6406 |
+@@ -996,7 +996,7 @@ int cfg80211_can_change_interface(struct cfg80211_registered_device *rdev, |
6407 |
+ if (rdev->wiphy.software_iftypes & BIT(iftype)) |
6408 |
+ continue; |
6409 |
+ for (j = 0; j < c->n_limits; j++) { |
6410 |
+- if (!(limits[j].types & iftype)) |
6411 |
++ if (!(limits[j].types & BIT(iftype))) |
6412 |
+ continue; |
6413 |
+ if (limits[j].max < num[iftype]) |
6414 |
+ goto cont; |
6415 |
+diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c |
6416 |
+index f936d1f..d1d0ae8 100644 |
6417 |
+--- a/scripts/mod/file2alias.c |
6418 |
++++ b/scripts/mod/file2alias.c |
6419 |
+@@ -926,6 +926,10 @@ void handle_moddevtable(struct module *mod, struct elf_info *info, |
6420 |
+ if (!sym->st_shndx || get_secindex(info, sym) >= info->num_sections) |
6421 |
+ return; |
6422 |
+ |
6423 |
++ /* We're looking for an object */ |
6424 |
++ if (ELF_ST_TYPE(sym->st_info) != STT_OBJECT) |
6425 |
++ return; |
6426 |
++ |
6427 |
+ /* Handle all-NULL symbols allocated into .bss */ |
6428 |
+ if (info->sechdrs[get_secindex(info, sym)].sh_type & SHT_NOBITS) { |
6429 |
+ zeros = calloc(1, sym->st_size); |
6430 |
+diff --git a/sound/pci/hda/patch_conexant.c b/sound/pci/hda/patch_conexant.c |
6431 |
+index ae94929..51a1afc 100644 |
6432 |
+--- a/sound/pci/hda/patch_conexant.c |
6433 |
++++ b/sound/pci/hda/patch_conexant.c |
6434 |
+@@ -4003,9 +4003,14 @@ static void cx_auto_init_output(struct hda_codec *codec) |
6435 |
+ int i; |
6436 |
+ |
6437 |
+ mute_outputs(codec, spec->multiout.num_dacs, spec->multiout.dac_nids); |
6438 |
+- for (i = 0; i < cfg->hp_outs; i++) |
6439 |
++ for (i = 0; i < cfg->hp_outs; i++) { |
6440 |
++ unsigned int val = PIN_OUT; |
6441 |
++ if (snd_hda_query_pin_caps(codec, cfg->hp_pins[i]) & |
6442 |
++ AC_PINCAP_HP_DRV) |
6443 |
++ val |= AC_PINCTL_HP_EN; |
6444 |
+ snd_hda_codec_write(codec, cfg->hp_pins[i], 0, |
6445 |
+- AC_VERB_SET_PIN_WIDGET_CONTROL, PIN_HP); |
6446 |
++ AC_VERB_SET_PIN_WIDGET_CONTROL, val); |
6447 |
++ } |
6448 |
+ mute_outputs(codec, cfg->hp_outs, cfg->hp_pins); |
6449 |
+ mute_outputs(codec, cfg->line_outs, cfg->line_out_pins); |
6450 |
+ mute_outputs(codec, cfg->speaker_outs, cfg->speaker_pins); |
6451 |
+@@ -4408,8 +4413,10 @@ static void apply_pin_fixup(struct hda_codec *codec, |
6452 |
+ |
6453 |
+ enum { |
6454 |
+ CXT_PINCFG_LENOVO_X200, |
6455 |
++ CXT_PINCFG_LENOVO_TP410, |
6456 |
+ }; |
6457 |
+ |
6458 |
++/* ThinkPad X200 & co with cxt5051 */ |
6459 |
+ static const struct cxt_pincfg cxt_pincfg_lenovo_x200[] = { |
6460 |
+ { 0x16, 0x042140ff }, /* HP (seq# overridden) */ |
6461 |
+ { 0x17, 0x21a11000 }, /* dock-mic */ |
6462 |
+@@ -4417,15 +4424,33 @@ static const struct cxt_pincfg cxt_pincfg_lenovo_x200[] = { |
6463 |
+ {} |
6464 |
+ }; |
6465 |
+ |
6466 |
++/* ThinkPad 410/420/510/520, X201 & co with cxt5066 */ |
6467 |
++static const struct cxt_pincfg cxt_pincfg_lenovo_tp410[] = { |
6468 |
++ { 0x19, 0x042110ff }, /* HP (seq# overridden) */ |
6469 |
++ { 0x1a, 0x21a190f0 }, /* dock-mic */ |
6470 |
++ { 0x1c, 0x212140ff }, /* dock-HP */ |
6471 |
++ {} |
6472 |
++}; |
6473 |
++ |
6474 |
+ static const struct cxt_pincfg *cxt_pincfg_tbl[] = { |
6475 |
+ [CXT_PINCFG_LENOVO_X200] = cxt_pincfg_lenovo_x200, |
6476 |
++ [CXT_PINCFG_LENOVO_TP410] = cxt_pincfg_lenovo_tp410, |
6477 |
+ }; |
6478 |
+ |
6479 |
+-static const struct snd_pci_quirk cxt_fixups[] = { |
6480 |
++static const struct snd_pci_quirk cxt5051_fixups[] = { |
6481 |
+ SND_PCI_QUIRK(0x17aa, 0x20f2, "Lenovo X200", CXT_PINCFG_LENOVO_X200), |
6482 |
+ {} |
6483 |
+ }; |
6484 |
+ |
6485 |
++static const struct snd_pci_quirk cxt5066_fixups[] = { |
6486 |
++ SND_PCI_QUIRK(0x17aa, 0x20f2, "Lenovo T400", CXT_PINCFG_LENOVO_TP410), |
6487 |
++ SND_PCI_QUIRK(0x17aa, 0x215e, "Lenovo T410", CXT_PINCFG_LENOVO_TP410), |
6488 |
++ SND_PCI_QUIRK(0x17aa, 0x215f, "Lenovo T510", CXT_PINCFG_LENOVO_TP410), |
6489 |
++ SND_PCI_QUIRK(0x17aa, 0x21ce, "Lenovo T420", CXT_PINCFG_LENOVO_TP410), |
6490 |
++ SND_PCI_QUIRK(0x17aa, 0x21cf, "Lenovo T520", CXT_PINCFG_LENOVO_TP410), |
6491 |
++ {} |
6492 |
++}; |
6493 |
++ |
6494 |
+ /* add "fake" mute amp-caps to DACs on cx5051 so that mixer mute switches |
6495 |
+ * can be created (bko#42825) |
6496 |
+ */ |
6497 |
+@@ -4462,11 +4487,13 @@ static int patch_conexant_auto(struct hda_codec *codec) |
6498 |
+ break; |
6499 |
+ case 0x14f15051: |
6500 |
+ add_cx5051_fake_mutes(codec); |
6501 |
++ apply_pin_fixup(codec, cxt5051_fixups, cxt_pincfg_tbl); |
6502 |
++ break; |
6503 |
++ default: |
6504 |
++ apply_pin_fixup(codec, cxt5066_fixups, cxt_pincfg_tbl); |
6505 |
+ break; |
6506 |
+ } |
6507 |
+ |
6508 |
+- apply_pin_fixup(codec, cxt_fixups, cxt_pincfg_tbl); |
6509 |
+- |
6510 |
+ err = cx_auto_search_adcs(codec); |
6511 |
+ if (err < 0) |
6512 |
+ return err; |
6513 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
6514 |
+index dc8a6fc..0bc5a46 100644 |
6515 |
+--- a/sound/pci/hda/patch_realtek.c |
6516 |
++++ b/sound/pci/hda/patch_realtek.c |
6517 |
+@@ -5032,6 +5032,7 @@ static const struct alc_fixup alc269_fixups[] = { |
6518 |
+ }; |
6519 |
+ |
6520 |
+ static const struct snd_pci_quirk alc269_fixup_tbl[] = { |
6521 |
++ SND_PCI_QUIRK(0x1043, 0x1427, "Asus Zenbook UX31E", ALC269VB_FIXUP_DMIC), |
6522 |
+ SND_PCI_QUIRK(0x1043, 0x1a13, "Asus G73Jw", ALC269_FIXUP_ASUS_G73JW), |
6523 |
+ SND_PCI_QUIRK(0x1043, 0x16e3, "ASUS UX50", ALC269_FIXUP_STEREO_DMIC), |
6524 |
+ SND_PCI_QUIRK(0x1043, 0x831a, "ASUS P901", ALC269_FIXUP_STEREO_DMIC), |
6525 |
+diff --git a/sound/soc/codecs/tlv320aic23.c b/sound/soc/codecs/tlv320aic23.c |
6526 |
+index 336de8f..0e7e26e 100644 |
6527 |
+--- a/sound/soc/codecs/tlv320aic23.c |
6528 |
++++ b/sound/soc/codecs/tlv320aic23.c |
6529 |
+@@ -473,7 +473,7 @@ static int tlv320aic23_set_dai_sysclk(struct snd_soc_dai *codec_dai, |
6530 |
+ static int tlv320aic23_set_bias_level(struct snd_soc_codec *codec, |
6531 |
+ enum snd_soc_bias_level level) |
6532 |
+ { |
6533 |
+- u16 reg = snd_soc_read(codec, TLV320AIC23_PWR) & 0xff7f; |
6534 |
++ u16 reg = snd_soc_read(codec, TLV320AIC23_PWR) & 0x17f; |
6535 |
+ |
6536 |
+ switch (level) { |
6537 |
+ case SND_SOC_BIAS_ON: |
6538 |
+@@ -492,7 +492,7 @@ static int tlv320aic23_set_bias_level(struct snd_soc_codec *codec, |
6539 |
+ case SND_SOC_BIAS_OFF: |
6540 |
+ /* everything off, dac mute, inactive */ |
6541 |
+ snd_soc_write(codec, TLV320AIC23_ACTIVE, 0x0); |
6542 |
+- snd_soc_write(codec, TLV320AIC23_PWR, 0xffff); |
6543 |
++ snd_soc_write(codec, TLV320AIC23_PWR, 0x1ff); |
6544 |
+ break; |
6545 |
+ } |
6546 |
+ codec->dapm.bias_level = level; |
6547 |
+diff --git a/sound/soc/codecs/wm8994.c b/sound/soc/codecs/wm8994.c |
6548 |
+index 2f1f5f8..7806301 100644 |
6549 |
+--- a/sound/soc/codecs/wm8994.c |
6550 |
++++ b/sound/soc/codecs/wm8994.c |
6551 |
+@@ -883,61 +883,170 @@ static void wm8994_update_class_w(struct snd_soc_codec *codec) |
6552 |
+ } |
6553 |
+ } |
6554 |
+ |
6555 |
+-static int late_enable_ev(struct snd_soc_dapm_widget *w, |
6556 |
+- struct snd_kcontrol *kcontrol, int event) |
6557 |
++static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
6558 |
++ struct snd_kcontrol *kcontrol, int event) |
6559 |
+ { |
6560 |
+ struct snd_soc_codec *codec = w->codec; |
6561 |
+- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6562 |
++ struct wm8994 *control = codec->control_data; |
6563 |
++ int mask = WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC1R_ENA; |
6564 |
++ int dac; |
6565 |
++ int adc; |
6566 |
++ int val; |
6567 |
++ |
6568 |
++ switch (control->type) { |
6569 |
++ case WM8994: |
6570 |
++ case WM8958: |
6571 |
++ mask |= WM8994_AIF1DAC2L_ENA | WM8994_AIF1DAC2R_ENA; |
6572 |
++ break; |
6573 |
++ default: |
6574 |
++ break; |
6575 |
++ } |
6576 |
+ |
6577 |
+ switch (event) { |
6578 |
+ case SND_SOC_DAPM_PRE_PMU: |
6579 |
+- if (wm8994->aif1clk_enable) { |
6580 |
+- snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
6581 |
+- WM8994_AIF1CLK_ENA_MASK, |
6582 |
+- WM8994_AIF1CLK_ENA); |
6583 |
+- wm8994->aif1clk_enable = 0; |
6584 |
+- } |
6585 |
+- if (wm8994->aif2clk_enable) { |
6586 |
+- snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
6587 |
+- WM8994_AIF2CLK_ENA_MASK, |
6588 |
+- WM8994_AIF2CLK_ENA); |
6589 |
+- wm8994->aif2clk_enable = 0; |
6590 |
+- } |
6591 |
++ val = snd_soc_read(codec, WM8994_AIF1_CONTROL_1); |
6592 |
++ if ((val & WM8994_AIF1ADCL_SRC) && |
6593 |
++ (val & WM8994_AIF1ADCR_SRC)) |
6594 |
++ adc = WM8994_AIF1ADC1R_ENA | WM8994_AIF1ADC2R_ENA; |
6595 |
++ else if (!(val & WM8994_AIF1ADCL_SRC) && |
6596 |
++ !(val & WM8994_AIF1ADCR_SRC)) |
6597 |
++ adc = WM8994_AIF1ADC1L_ENA | WM8994_AIF1ADC2L_ENA; |
6598 |
++ else |
6599 |
++ adc = WM8994_AIF1ADC1R_ENA | WM8994_AIF1ADC2R_ENA | |
6600 |
++ WM8994_AIF1ADC1L_ENA | WM8994_AIF1ADC2L_ENA; |
6601 |
++ |
6602 |
++ val = snd_soc_read(codec, WM8994_AIF1_CONTROL_2); |
6603 |
++ if ((val & WM8994_AIF1DACL_SRC) && |
6604 |
++ (val & WM8994_AIF1DACR_SRC)) |
6605 |
++ dac = WM8994_AIF1DAC1R_ENA | WM8994_AIF1DAC2R_ENA; |
6606 |
++ else if (!(val & WM8994_AIF1DACL_SRC) && |
6607 |
++ !(val & WM8994_AIF1DACR_SRC)) |
6608 |
++ dac = WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC2L_ENA; |
6609 |
++ else |
6610 |
++ dac = WM8994_AIF1DAC1R_ENA | WM8994_AIF1DAC2R_ENA | |
6611 |
++ WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC2L_ENA; |
6612 |
++ |
6613 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
6614 |
++ mask, adc); |
6615 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6616 |
++ mask, dac); |
6617 |
++ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
6618 |
++ WM8994_AIF1DSPCLK_ENA | |
6619 |
++ WM8994_SYSDSPCLK_ENA, |
6620 |
++ WM8994_AIF1DSPCLK_ENA | |
6621 |
++ WM8994_SYSDSPCLK_ENA); |
6622 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, mask, |
6623 |
++ WM8994_AIF1ADC1R_ENA | |
6624 |
++ WM8994_AIF1ADC1L_ENA | |
6625 |
++ WM8994_AIF1ADC2R_ENA | |
6626 |
++ WM8994_AIF1ADC2L_ENA); |
6627 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, mask, |
6628 |
++ WM8994_AIF1DAC1R_ENA | |
6629 |
++ WM8994_AIF1DAC1L_ENA | |
6630 |
++ WM8994_AIF1DAC2R_ENA | |
6631 |
++ WM8994_AIF1DAC2L_ENA); |
6632 |
++ break; |
6633 |
++ |
6634 |
++ case SND_SOC_DAPM_PRE_PMD: |
6635 |
++ case SND_SOC_DAPM_POST_PMD: |
6636 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6637 |
++ mask, 0); |
6638 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
6639 |
++ mask, 0); |
6640 |
++ |
6641 |
++ val = snd_soc_read(codec, WM8994_CLOCKING_1); |
6642 |
++ if (val & WM8994_AIF2DSPCLK_ENA) |
6643 |
++ val = WM8994_SYSDSPCLK_ENA; |
6644 |
++ else |
6645 |
++ val = 0; |
6646 |
++ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
6647 |
++ WM8994_SYSDSPCLK_ENA | |
6648 |
++ WM8994_AIF1DSPCLK_ENA, val); |
6649 |
+ break; |
6650 |
+ } |
6651 |
+ |
6652 |
+- /* We may also have postponed startup of DSP, handle that. */ |
6653 |
+- wm8958_aif_ev(w, kcontrol, event); |
6654 |
+- |
6655 |
+ return 0; |
6656 |
+ } |
6657 |
+ |
6658 |
+-static int late_disable_ev(struct snd_soc_dapm_widget *w, |
6659 |
+- struct snd_kcontrol *kcontrol, int event) |
6660 |
++static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
6661 |
++ struct snd_kcontrol *kcontrol, int event) |
6662 |
+ { |
6663 |
+ struct snd_soc_codec *codec = w->codec; |
6664 |
+- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6665 |
++ int dac; |
6666 |
++ int adc; |
6667 |
++ int val; |
6668 |
+ |
6669 |
+ switch (event) { |
6670 |
++ case SND_SOC_DAPM_PRE_PMU: |
6671 |
++ val = snd_soc_read(codec, WM8994_AIF2_CONTROL_1); |
6672 |
++ if ((val & WM8994_AIF2ADCL_SRC) && |
6673 |
++ (val & WM8994_AIF2ADCR_SRC)) |
6674 |
++ adc = WM8994_AIF2ADCR_ENA; |
6675 |
++ else if (!(val & WM8994_AIF2ADCL_SRC) && |
6676 |
++ !(val & WM8994_AIF2ADCR_SRC)) |
6677 |
++ adc = WM8994_AIF2ADCL_ENA; |
6678 |
++ else |
6679 |
++ adc = WM8994_AIF2ADCL_ENA | WM8994_AIF2ADCR_ENA; |
6680 |
++ |
6681 |
++ |
6682 |
++ val = snd_soc_read(codec, WM8994_AIF2_CONTROL_2); |
6683 |
++ if ((val & WM8994_AIF2DACL_SRC) && |
6684 |
++ (val & WM8994_AIF2DACR_SRC)) |
6685 |
++ dac = WM8994_AIF2DACR_ENA; |
6686 |
++ else if (!(val & WM8994_AIF2DACL_SRC) && |
6687 |
++ !(val & WM8994_AIF2DACR_SRC)) |
6688 |
++ dac = WM8994_AIF2DACL_ENA; |
6689 |
++ else |
6690 |
++ dac = WM8994_AIF2DACL_ENA | WM8994_AIF2DACR_ENA; |
6691 |
++ |
6692 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
6693 |
++ WM8994_AIF2ADCL_ENA | |
6694 |
++ WM8994_AIF2ADCR_ENA, adc); |
6695 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6696 |
++ WM8994_AIF2DACL_ENA | |
6697 |
++ WM8994_AIF2DACR_ENA, dac); |
6698 |
++ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
6699 |
++ WM8994_AIF2DSPCLK_ENA | |
6700 |
++ WM8994_SYSDSPCLK_ENA, |
6701 |
++ WM8994_AIF2DSPCLK_ENA | |
6702 |
++ WM8994_SYSDSPCLK_ENA); |
6703 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
6704 |
++ WM8994_AIF2ADCL_ENA | |
6705 |
++ WM8994_AIF2ADCR_ENA, |
6706 |
++ WM8994_AIF2ADCL_ENA | |
6707 |
++ WM8994_AIF2ADCR_ENA); |
6708 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6709 |
++ WM8994_AIF2DACL_ENA | |
6710 |
++ WM8994_AIF2DACR_ENA, |
6711 |
++ WM8994_AIF2DACL_ENA | |
6712 |
++ WM8994_AIF2DACR_ENA); |
6713 |
++ break; |
6714 |
++ |
6715 |
++ case SND_SOC_DAPM_PRE_PMD: |
6716 |
+ case SND_SOC_DAPM_POST_PMD: |
6717 |
+- if (wm8994->aif1clk_disable) { |
6718 |
+- snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
6719 |
+- WM8994_AIF1CLK_ENA_MASK, 0); |
6720 |
+- wm8994->aif1clk_disable = 0; |
6721 |
+- } |
6722 |
+- if (wm8994->aif2clk_disable) { |
6723 |
+- snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
6724 |
+- WM8994_AIF2CLK_ENA_MASK, 0); |
6725 |
+- wm8994->aif2clk_disable = 0; |
6726 |
+- } |
6727 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6728 |
++ WM8994_AIF2DACL_ENA | |
6729 |
++ WM8994_AIF2DACR_ENA, 0); |
6730 |
++ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
6731 |
++ WM8994_AIF2ADCL_ENA | |
6732 |
++ WM8994_AIF2ADCR_ENA, 0); |
6733 |
++ |
6734 |
++ val = snd_soc_read(codec, WM8994_CLOCKING_1); |
6735 |
++ if (val & WM8994_AIF1DSPCLK_ENA) |
6736 |
++ val = WM8994_SYSDSPCLK_ENA; |
6737 |
++ else |
6738 |
++ val = 0; |
6739 |
++ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
6740 |
++ WM8994_SYSDSPCLK_ENA | |
6741 |
++ WM8994_AIF2DSPCLK_ENA, val); |
6742 |
+ break; |
6743 |
+ } |
6744 |
+ |
6745 |
+ return 0; |
6746 |
+ } |
6747 |
+ |
6748 |
+-static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
6749 |
+- struct snd_kcontrol *kcontrol, int event) |
6750 |
++static int aif1clk_late_ev(struct snd_soc_dapm_widget *w, |
6751 |
++ struct snd_kcontrol *kcontrol, int event) |
6752 |
+ { |
6753 |
+ struct snd_soc_codec *codec = w->codec; |
6754 |
+ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6755 |
+@@ -954,8 +1063,8 @@ static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
6756 |
+ return 0; |
6757 |
+ } |
6758 |
+ |
6759 |
+-static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
6760 |
+- struct snd_kcontrol *kcontrol, int event) |
6761 |
++static int aif2clk_late_ev(struct snd_soc_dapm_widget *w, |
6762 |
++ struct snd_kcontrol *kcontrol, int event) |
6763 |
+ { |
6764 |
+ struct snd_soc_codec *codec = w->codec; |
6765 |
+ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6766 |
+@@ -972,6 +1081,63 @@ static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
6767 |
+ return 0; |
6768 |
+ } |
6769 |
+ |
6770 |
++static int late_enable_ev(struct snd_soc_dapm_widget *w, |
6771 |
++ struct snd_kcontrol *kcontrol, int event) |
6772 |
++{ |
6773 |
++ struct snd_soc_codec *codec = w->codec; |
6774 |
++ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6775 |
++ |
6776 |
++ switch (event) { |
6777 |
++ case SND_SOC_DAPM_PRE_PMU: |
6778 |
++ if (wm8994->aif1clk_enable) { |
6779 |
++ aif1clk_ev(w, kcontrol, event); |
6780 |
++ snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
6781 |
++ WM8994_AIF1CLK_ENA_MASK, |
6782 |
++ WM8994_AIF1CLK_ENA); |
6783 |
++ wm8994->aif1clk_enable = 0; |
6784 |
++ } |
6785 |
++ if (wm8994->aif2clk_enable) { |
6786 |
++ aif2clk_ev(w, kcontrol, event); |
6787 |
++ snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
6788 |
++ WM8994_AIF2CLK_ENA_MASK, |
6789 |
++ WM8994_AIF2CLK_ENA); |
6790 |
++ wm8994->aif2clk_enable = 0; |
6791 |
++ } |
6792 |
++ break; |
6793 |
++ } |
6794 |
++ |
6795 |
++ /* We may also have postponed startup of DSP, handle that. */ |
6796 |
++ wm8958_aif_ev(w, kcontrol, event); |
6797 |
++ |
6798 |
++ return 0; |
6799 |
++} |
6800 |
++ |
6801 |
++static int late_disable_ev(struct snd_soc_dapm_widget *w, |
6802 |
++ struct snd_kcontrol *kcontrol, int event) |
6803 |
++{ |
6804 |
++ struct snd_soc_codec *codec = w->codec; |
6805 |
++ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
6806 |
++ |
6807 |
++ switch (event) { |
6808 |
++ case SND_SOC_DAPM_POST_PMD: |
6809 |
++ if (wm8994->aif1clk_disable) { |
6810 |
++ snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
6811 |
++ WM8994_AIF1CLK_ENA_MASK, 0); |
6812 |
++ aif1clk_ev(w, kcontrol, event); |
6813 |
++ wm8994->aif1clk_disable = 0; |
6814 |
++ } |
6815 |
++ if (wm8994->aif2clk_disable) { |
6816 |
++ snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
6817 |
++ WM8994_AIF2CLK_ENA_MASK, 0); |
6818 |
++ aif2clk_ev(w, kcontrol, event); |
6819 |
++ wm8994->aif2clk_disable = 0; |
6820 |
++ } |
6821 |
++ break; |
6822 |
++ } |
6823 |
++ |
6824 |
++ return 0; |
6825 |
++} |
6826 |
++ |
6827 |
+ static int adc_mux_ev(struct snd_soc_dapm_widget *w, |
6828 |
+ struct snd_kcontrol *kcontrol, int event) |
6829 |
+ { |
6830 |
+@@ -1268,9 +1434,9 @@ static const struct snd_kcontrol_new aif2dacr_src_mux = |
6831 |
+ SOC_DAPM_ENUM("AIF2DACR Mux", aif2dacr_src_enum); |
6832 |
+ |
6833 |
+ static const struct snd_soc_dapm_widget wm8994_lateclk_revd_widgets[] = { |
6834 |
+-SND_SOC_DAPM_SUPPLY("AIF1CLK", SND_SOC_NOPM, 0, 0, aif1clk_ev, |
6835 |
++SND_SOC_DAPM_SUPPLY("AIF1CLK", SND_SOC_NOPM, 0, 0, aif1clk_late_ev, |
6836 |
+ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
6837 |
+-SND_SOC_DAPM_SUPPLY("AIF2CLK", SND_SOC_NOPM, 0, 0, aif2clk_ev, |
6838 |
++SND_SOC_DAPM_SUPPLY("AIF2CLK", SND_SOC_NOPM, 0, 0, aif2clk_late_ev, |
6839 |
+ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
6840 |
+ |
6841 |
+ SND_SOC_DAPM_PGA_E("Late DAC1L Enable PGA", SND_SOC_NOPM, 0, 0, NULL, 0, |
6842 |
+@@ -1299,8 +1465,10 @@ SND_SOC_DAPM_POST("Late Disable PGA", late_disable_ev) |
6843 |
+ }; |
6844 |
+ |
6845 |
+ static const struct snd_soc_dapm_widget wm8994_lateclk_widgets[] = { |
6846 |
+-SND_SOC_DAPM_SUPPLY("AIF1CLK", WM8994_AIF1_CLOCKING_1, 0, 0, NULL, 0), |
6847 |
+-SND_SOC_DAPM_SUPPLY("AIF2CLK", WM8994_AIF2_CLOCKING_1, 0, 0, NULL, 0), |
6848 |
++SND_SOC_DAPM_SUPPLY("AIF1CLK", WM8994_AIF1_CLOCKING_1, 0, 0, aif1clk_ev, |
6849 |
++ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_PRE_PMD), |
6850 |
++SND_SOC_DAPM_SUPPLY("AIF2CLK", WM8994_AIF2_CLOCKING_1, 0, 0, aif2clk_ev, |
6851 |
++ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_PRE_PMD), |
6852 |
+ SND_SOC_DAPM_PGA("Direct Voice", SND_SOC_NOPM, 0, 0, NULL, 0), |
6853 |
+ SND_SOC_DAPM_MIXER("SPKL", WM8994_POWER_MANAGEMENT_3, 8, 0, |
6854 |
+ left_speaker_mixer, ARRAY_SIZE(left_speaker_mixer)), |
6855 |
+@@ -1353,30 +1521,30 @@ SND_SOC_DAPM_SUPPLY("VMID", SND_SOC_NOPM, 0, 0, vmid_event, |
6856 |
+ SND_SOC_DAPM_SUPPLY("CLK_SYS", SND_SOC_NOPM, 0, 0, clk_sys_event, |
6857 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
6858 |
+ |
6859 |
+-SND_SOC_DAPM_SUPPLY("DSP1CLK", WM8994_CLOCKING_1, 3, 0, NULL, 0), |
6860 |
+-SND_SOC_DAPM_SUPPLY("DSP2CLK", WM8994_CLOCKING_1, 2, 0, NULL, 0), |
6861 |
+-SND_SOC_DAPM_SUPPLY("DSPINTCLK", WM8994_CLOCKING_1, 1, 0, NULL, 0), |
6862 |
++SND_SOC_DAPM_SUPPLY("DSP1CLK", SND_SOC_NOPM, 3, 0, NULL, 0), |
6863 |
++SND_SOC_DAPM_SUPPLY("DSP2CLK", SND_SOC_NOPM, 2, 0, NULL, 0), |
6864 |
++SND_SOC_DAPM_SUPPLY("DSPINTCLK", SND_SOC_NOPM, 1, 0, NULL, 0), |
6865 |
+ |
6866 |
+ SND_SOC_DAPM_AIF_OUT("AIF1ADC1L", NULL, |
6867 |
+- 0, WM8994_POWER_MANAGEMENT_4, 9, 0), |
6868 |
++ 0, SND_SOC_NOPM, 9, 0), |
6869 |
+ SND_SOC_DAPM_AIF_OUT("AIF1ADC1R", NULL, |
6870 |
+- 0, WM8994_POWER_MANAGEMENT_4, 8, 0), |
6871 |
++ 0, SND_SOC_NOPM, 8, 0), |
6872 |
+ SND_SOC_DAPM_AIF_IN_E("AIF1DAC1L", NULL, 0, |
6873 |
+- WM8994_POWER_MANAGEMENT_5, 9, 0, wm8958_aif_ev, |
6874 |
++ SND_SOC_NOPM, 9, 0, wm8958_aif_ev, |
6875 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
6876 |
+ SND_SOC_DAPM_AIF_IN_E("AIF1DAC1R", NULL, 0, |
6877 |
+- WM8994_POWER_MANAGEMENT_5, 8, 0, wm8958_aif_ev, |
6878 |
++ SND_SOC_NOPM, 8, 0, wm8958_aif_ev, |
6879 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
6880 |
+ |
6881 |
+ SND_SOC_DAPM_AIF_OUT("AIF1ADC2L", NULL, |
6882 |
+- 0, WM8994_POWER_MANAGEMENT_4, 11, 0), |
6883 |
++ 0, SND_SOC_NOPM, 11, 0), |
6884 |
+ SND_SOC_DAPM_AIF_OUT("AIF1ADC2R", NULL, |
6885 |
+- 0, WM8994_POWER_MANAGEMENT_4, 10, 0), |
6886 |
++ 0, SND_SOC_NOPM, 10, 0), |
6887 |
+ SND_SOC_DAPM_AIF_IN_E("AIF1DAC2L", NULL, 0, |
6888 |
+- WM8994_POWER_MANAGEMENT_5, 11, 0, wm8958_aif_ev, |
6889 |
++ SND_SOC_NOPM, 11, 0, wm8958_aif_ev, |
6890 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
6891 |
+ SND_SOC_DAPM_AIF_IN_E("AIF1DAC2R", NULL, 0, |
6892 |
+- WM8994_POWER_MANAGEMENT_5, 10, 0, wm8958_aif_ev, |
6893 |
++ SND_SOC_NOPM, 10, 0, wm8958_aif_ev, |
6894 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
6895 |
+ |
6896 |
+ SND_SOC_DAPM_MIXER("AIF1ADC1L Mixer", SND_SOC_NOPM, 0, 0, |
6897 |
+@@ -1403,14 +1571,14 @@ SND_SOC_DAPM_MIXER("DAC1R Mixer", SND_SOC_NOPM, 0, 0, |
6898 |
+ dac1r_mix, ARRAY_SIZE(dac1r_mix)), |
6899 |
+ |
6900 |
+ SND_SOC_DAPM_AIF_OUT("AIF2ADCL", NULL, 0, |
6901 |
+- WM8994_POWER_MANAGEMENT_4, 13, 0), |
6902 |
++ SND_SOC_NOPM, 13, 0), |
6903 |
+ SND_SOC_DAPM_AIF_OUT("AIF2ADCR", NULL, 0, |
6904 |
+- WM8994_POWER_MANAGEMENT_4, 12, 0), |
6905 |
++ SND_SOC_NOPM, 12, 0), |
6906 |
+ SND_SOC_DAPM_AIF_IN_E("AIF2DACL", NULL, 0, |
6907 |
+- WM8994_POWER_MANAGEMENT_5, 13, 0, wm8958_aif_ev, |
6908 |
++ SND_SOC_NOPM, 13, 0, wm8958_aif_ev, |
6909 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
6910 |
+ SND_SOC_DAPM_AIF_IN_E("AIF2DACR", NULL, 0, |
6911 |
+- WM8994_POWER_MANAGEMENT_5, 12, 0, wm8958_aif_ev, |
6912 |
++ SND_SOC_NOPM, 12, 0, wm8958_aif_ev, |
6913 |
+ SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
6914 |
+ |
6915 |
+ SND_SOC_DAPM_AIF_IN("AIF1DACDAT", "AIF1 Playback", 0, SND_SOC_NOPM, 0, 0), |
6916 |
+diff --git a/sound/soc/soc-dapm.c b/sound/soc/soc-dapm.c |
6917 |
+index ea909c5..90e93bf 100644 |
6918 |
+--- a/sound/soc/soc-dapm.c |
6919 |
++++ b/sound/soc/soc-dapm.c |
6920 |
+@@ -69,6 +69,7 @@ static int dapm_up_seq[] = { |
6921 |
+ [snd_soc_dapm_out_drv] = 10, |
6922 |
+ [snd_soc_dapm_hp] = 10, |
6923 |
+ [snd_soc_dapm_spk] = 10, |
6924 |
++ [snd_soc_dapm_line] = 10, |
6925 |
+ [snd_soc_dapm_post] = 11, |
6926 |
+ }; |
6927 |
+ |
6928 |
+@@ -77,6 +78,7 @@ static int dapm_down_seq[] = { |
6929 |
+ [snd_soc_dapm_adc] = 1, |
6930 |
+ [snd_soc_dapm_hp] = 2, |
6931 |
+ [snd_soc_dapm_spk] = 2, |
6932 |
++ [snd_soc_dapm_line] = 2, |
6933 |
+ [snd_soc_dapm_out_drv] = 2, |
6934 |
+ [snd_soc_dapm_pga] = 4, |
6935 |
+ [snd_soc_dapm_mixer_named_ctl] = 5, |
6936 |
+diff --git a/tools/perf/util/hist.c b/tools/perf/util/hist.c |
6937 |
+index adb372d..e0a0970 100644 |
6938 |
+--- a/tools/perf/util/hist.c |
6939 |
++++ b/tools/perf/util/hist.c |
6940 |
+@@ -237,8 +237,8 @@ struct hist_entry *__hists__add_entry(struct hists *hists, |
6941 |
+ * mis-adjust symbol addresses when computing |
6942 |
+ * the history counter to increment. |
6943 |
+ */ |
6944 |
+- if (he->ms.map != entry->ms.map) { |
6945 |
+- he->ms.map = entry->ms.map; |
6946 |
++ if (he->ms.map != entry.ms.map) { |
6947 |
++ he->ms.map = entry.ms.map; |
6948 |
+ if (he->ms.map) |
6949 |
+ he->ms.map->referenced = true; |
6950 |
+ } |
6951 |
+diff --git a/virt/kvm/iommu.c b/virt/kvm/iommu.c |
6952 |
+index a195c07..fd817a2 100644 |
6953 |
+--- a/virt/kvm/iommu.c |
6954 |
++++ b/virt/kvm/iommu.c |
6955 |
+@@ -309,6 +309,11 @@ static void kvm_iommu_put_pages(struct kvm *kvm, |
6956 |
+ } |
6957 |
+ } |
6958 |
+ |
6959 |
++void kvm_iommu_unmap_pages(struct kvm *kvm, struct kvm_memory_slot *slot) |
6960 |
++{ |
6961 |
++ kvm_iommu_put_pages(kvm, slot->base_gfn, slot->npages); |
6962 |
++} |
6963 |
++ |
6964 |
+ static int kvm_iommu_unmap_memslots(struct kvm *kvm) |
6965 |
+ { |
6966 |
+ int i, idx; |
6967 |
+@@ -317,10 +322,9 @@ static int kvm_iommu_unmap_memslots(struct kvm *kvm) |
6968 |
+ idx = srcu_read_lock(&kvm->srcu); |
6969 |
+ slots = kvm_memslots(kvm); |
6970 |
+ |
6971 |
+- for (i = 0; i < slots->nmemslots; i++) { |
6972 |
+- kvm_iommu_put_pages(kvm, slots->memslots[i].base_gfn, |
6973 |
+- slots->memslots[i].npages); |
6974 |
+- } |
6975 |
++ for (i = 0; i < slots->nmemslots; i++) |
6976 |
++ kvm_iommu_unmap_pages(kvm, &slots->memslots[i]); |
6977 |
++ |
6978 |
+ srcu_read_unlock(&kvm->srcu, idx); |
6979 |
+ |
6980 |
+ return 0; |
6981 |
+diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
6982 |
+index d9cfb78..e401c1b 100644 |
6983 |
+--- a/virt/kvm/kvm_main.c |
6984 |
++++ b/virt/kvm/kvm_main.c |
6985 |
+@@ -802,12 +802,13 @@ skip_lpage: |
6986 |
+ if (r) |
6987 |
+ goto out_free; |
6988 |
+ |
6989 |
+- /* map the pages in iommu page table */ |
6990 |
++ /* map/unmap the pages in iommu page table */ |
6991 |
+ if (npages) { |
6992 |
+ r = kvm_iommu_map_pages(kvm, &new); |
6993 |
+ if (r) |
6994 |
+ goto out_free; |
6995 |
+- } |
6996 |
++ } else |
6997 |
++ kvm_iommu_unmap_pages(kvm, &old); |
6998 |
+ |
6999 |
+ r = -ENOMEM; |
7000 |
+ slots = kzalloc(sizeof(struct kvm_memslots), GFP_KERNEL); |
7001 |
|
7002 |
diff --git a/3.2.16/4420_grsecurity-2.9-3.2.16-201205071838.patch b/3.2.17/4420_grsecurity-2.9-3.2.17-201205131657.patch |
7003 |
similarity index 99% |
7004 |
rename from 3.2.16/4420_grsecurity-2.9-3.2.16-201205071838.patch |
7005 |
rename to 3.2.17/4420_grsecurity-2.9-3.2.17-201205131657.patch |
7006 |
index 390b567..8ddeecb 100644 |
7007 |
--- a/3.2.16/4420_grsecurity-2.9-3.2.16-201205071838.patch |
7008 |
+++ b/3.2.17/4420_grsecurity-2.9-3.2.17-201205131657.patch |
7009 |
@@ -195,7 +195,7 @@ index 81c287f..d456d02 100644 |
7010 |
|
7011 |
pcd. [PARIDE] |
7012 |
diff --git a/Makefile b/Makefile |
7013 |
-index 3da29cb..47b7468 100644 |
7014 |
+index 4c4efa3..1171c69 100644 |
7015 |
--- a/Makefile |
7016 |
+++ b/Makefile |
7017 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
7018 |
@@ -1454,6 +1454,34 @@ index 984014b..a6d914f 100644 |
7019 |
#endif /* __ASSEMBLY__ */ |
7020 |
|
7021 |
#define arch_align_stack(x) (x) |
7022 |
+diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h |
7023 |
+index 7b5cc8d..5d70d88 100644 |
7024 |
+--- a/arch/arm/include/asm/thread_info.h |
7025 |
++++ b/arch/arm/include/asm/thread_info.h |
7026 |
+@@ -139,6 +139,12 @@ extern void vfp_flush_hwstate(struct thread_info *); |
7027 |
+ #define TIF_NEED_RESCHED 1 |
7028 |
+ #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ |
7029 |
+ #define TIF_SYSCALL_TRACE 8 |
7030 |
++ |
7031 |
++/* within 8 bits of TIF_SYSCALL_TRACE |
7032 |
++ to meet flexible second operand requirements |
7033 |
++*/ |
7034 |
++#define TIF_GRSEC_SETXID 9 |
7035 |
++ |
7036 |
+ #define TIF_POLLING_NRFLAG 16 |
7037 |
+ #define TIF_USING_IWMMXT 17 |
7038 |
+ #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ |
7039 |
+@@ -155,6 +161,10 @@ extern void vfp_flush_hwstate(struct thread_info *); |
7040 |
+ #define _TIF_FREEZE (1 << TIF_FREEZE) |
7041 |
+ #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) |
7042 |
+ #define _TIF_SECCOMP (1 << TIF_SECCOMP) |
7043 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
7044 |
++ |
7045 |
++/* Checks for any syscall work in entry-common.S */ |
7046 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_GRSEC_SETXID) |
7047 |
+ |
7048 |
+ /* |
7049 |
+ * Change these and you break ASM code in entry-common.S |
7050 |
diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h |
7051 |
index b293616..96310e5 100644 |
7052 |
--- a/arch/arm/include/asm/uaccess.h |
7053 |
@@ -1528,6 +1556,28 @@ index 5b0bce6..becd81c 100644 |
7054 |
EXPORT_SYMBOL(__clear_user); |
7055 |
|
7056 |
EXPORT_SYMBOL(__get_user_1); |
7057 |
+diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S |
7058 |
+index b2a27b6..520889c 100644 |
7059 |
+--- a/arch/arm/kernel/entry-common.S |
7060 |
++++ b/arch/arm/kernel/entry-common.S |
7061 |
+@@ -87,7 +87,7 @@ ENTRY(ret_from_fork) |
7062 |
+ get_thread_info tsk |
7063 |
+ ldr r1, [tsk, #TI_FLAGS] @ check for syscall tracing |
7064 |
+ mov why, #1 |
7065 |
+- tst r1, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? |
7066 |
++ tst r1, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
7067 |
+ beq ret_slow_syscall |
7068 |
+ mov r1, sp |
7069 |
+ mov r0, #1 @ trace exit [IP = 1] |
7070 |
+@@ -443,7 +443,7 @@ ENTRY(vector_swi) |
7071 |
+ 1: |
7072 |
+ #endif |
7073 |
+ |
7074 |
+- tst r10, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? |
7075 |
++ tst r10, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
7076 |
+ bne __sys_trace |
7077 |
+ |
7078 |
+ cmp scno, #NR_syscalls @ check upper syscall limit |
7079 |
diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c |
7080 |
index 3d0c6fb..9d326fa 100644 |
7081 |
--- a/arch/arm/kernel/process.c |
7082 |
@@ -1579,6 +1629,30 @@ index 3d0c6fb..9d326fa 100644 |
7083 |
#ifdef CONFIG_MMU |
7084 |
/* |
7085 |
* The vectors page is always readable from user space for the |
7086 |
+diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c |
7087 |
+index 90fa8b3..a3a2212 100644 |
7088 |
+--- a/arch/arm/kernel/ptrace.c |
7089 |
++++ b/arch/arm/kernel/ptrace.c |
7090 |
+@@ -904,10 +904,19 @@ long arch_ptrace(struct task_struct *child, long request, |
7091 |
+ return ret; |
7092 |
+ } |
7093 |
+ |
7094 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7095 |
++extern void gr_delayed_cred_worker(void); |
7096 |
++#endif |
7097 |
++ |
7098 |
+ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) |
7099 |
+ { |
7100 |
+ unsigned long ip; |
7101 |
+ |
7102 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7103 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7104 |
++ gr_delayed_cred_worker(); |
7105 |
++#endif |
7106 |
++ |
7107 |
+ if (!test_thread_flag(TIF_SYSCALL_TRACE)) |
7108 |
+ return scno; |
7109 |
+ if (!(current->ptrace & PT_PTRACED)) |
7110 |
diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c |
7111 |
index 8fc2c8f..064c150 100644 |
7112 |
--- a/arch/arm/kernel/setup.c |
7113 |
@@ -2779,6 +2853,40 @@ index 6018c80..7c37203 100644 |
7114 |
+#define arch_align_stack(x) ((x) & ~0xfUL) |
7115 |
|
7116 |
#endif /* _ASM_SYSTEM_H */ |
7117 |
+diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h |
7118 |
+index 97f8bf6..3986751 100644 |
7119 |
+--- a/arch/mips/include/asm/thread_info.h |
7120 |
++++ b/arch/mips/include/asm/thread_info.h |
7121 |
+@@ -124,6 +124,8 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
7122 |
+ #define TIF_32BIT_ADDR 23 /* 32-bit address space (o32/n32) */ |
7123 |
+ #define TIF_FPUBOUND 24 /* thread bound to FPU-full CPU set */ |
7124 |
+ #define TIF_LOAD_WATCH 25 /* If set, load watch registers */ |
7125 |
++/* li takes a 32bit immediate */ |
7126 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
7127 |
+ #define TIF_SYSCALL_TRACE 31 /* syscall trace active */ |
7128 |
+ |
7129 |
+ #ifdef CONFIG_MIPS32_O32 |
7130 |
+@@ -148,15 +150,18 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
7131 |
+ #define _TIF_32BIT_ADDR (1<<TIF_32BIT_ADDR) |
7132 |
+ #define _TIF_FPUBOUND (1<<TIF_FPUBOUND) |
7133 |
+ #define _TIF_LOAD_WATCH (1<<TIF_LOAD_WATCH) |
7134 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
7135 |
++ |
7136 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_GRSEC_SETXID) |
7137 |
+ |
7138 |
+ /* work to do in syscall_trace_leave() */ |
7139 |
+-#define _TIF_WORK_SYSCALL_EXIT (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT) |
7140 |
++#define _TIF_WORK_SYSCALL_EXIT (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_GRSEC_SETXID) |
7141 |
+ |
7142 |
+ /* work to do on interrupt/exception return */ |
7143 |
+ #define _TIF_WORK_MASK (0x0000ffef & \ |
7144 |
+ ~(_TIF_SECCOMP | _TIF_SYSCALL_AUDIT)) |
7145 |
+ /* work to do on any return to u-space */ |
7146 |
+-#define _TIF_ALLWORK_MASK (0x8000ffff & ~_TIF_SECCOMP) |
7147 |
++#define _TIF_ALLWORK_MASK ((0x8000ffff & ~_TIF_SECCOMP) | _TIF_GRSEC_SETXID) |
7148 |
+ |
7149 |
+ #endif /* __KERNEL__ */ |
7150 |
+ |
7151 |
diff --git a/arch/mips/kernel/binfmt_elfn32.c b/arch/mips/kernel/binfmt_elfn32.c |
7152 |
index 9fdd8bc..4bd7f1a 100644 |
7153 |
--- a/arch/mips/kernel/binfmt_elfn32.c |
7154 |
@@ -2835,6 +2943,85 @@ index c47f96e..661d418 100644 |
7155 |
- |
7156 |
- return sp & ALMASK; |
7157 |
-} |
7158 |
+diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c |
7159 |
+index 4e6ea1f..0922422 100644 |
7160 |
+--- a/arch/mips/kernel/ptrace.c |
7161 |
++++ b/arch/mips/kernel/ptrace.c |
7162 |
+@@ -529,6 +529,10 @@ static inline int audit_arch(void) |
7163 |
+ return arch; |
7164 |
+ } |
7165 |
+ |
7166 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7167 |
++extern void gr_delayed_cred_worker(void); |
7168 |
++#endif |
7169 |
++ |
7170 |
+ /* |
7171 |
+ * Notification of system call entry/exit |
7172 |
+ * - triggered by current->work.syscall_trace |
7173 |
+@@ -538,6 +542,11 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) |
7174 |
+ /* do the secure computing check first */ |
7175 |
+ secure_computing(regs->regs[2]); |
7176 |
+ |
7177 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7178 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7179 |
++ gr_delayed_cred_worker(); |
7180 |
++#endif |
7181 |
++ |
7182 |
+ if (!(current->ptrace & PT_PTRACED)) |
7183 |
+ goto out; |
7184 |
+ |
7185 |
+diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S |
7186 |
+index a632bc1..0b77c7c 100644 |
7187 |
+--- a/arch/mips/kernel/scall32-o32.S |
7188 |
++++ b/arch/mips/kernel/scall32-o32.S |
7189 |
+@@ -52,7 +52,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
7190 |
+ |
7191 |
+ stack_done: |
7192 |
+ lw t0, TI_FLAGS($28) # syscall tracing enabled? |
7193 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
7194 |
++ li t1, _TIF_SYSCALL_WORK |
7195 |
+ and t0, t1 |
7196 |
+ bnez t0, syscall_trace_entry # -> yes |
7197 |
+ |
7198 |
+diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S |
7199 |
+index 3b5a5e9..e1ee86d 100644 |
7200 |
+--- a/arch/mips/kernel/scall64-64.S |
7201 |
++++ b/arch/mips/kernel/scall64-64.S |
7202 |
+@@ -54,7 +54,7 @@ NESTED(handle_sys64, PT_SIZE, sp) |
7203 |
+ |
7204 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
7205 |
+ |
7206 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
7207 |
++ li t1, _TIF_SYSCALL_WORK |
7208 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
7209 |
+ and t0, t1, t0 |
7210 |
+ bnez t0, syscall_trace_entry |
7211 |
+diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S |
7212 |
+index 6be6f70..1859577 100644 |
7213 |
+--- a/arch/mips/kernel/scall64-n32.S |
7214 |
++++ b/arch/mips/kernel/scall64-n32.S |
7215 |
+@@ -53,7 +53,7 @@ NESTED(handle_sysn32, PT_SIZE, sp) |
7216 |
+ |
7217 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
7218 |
+ |
7219 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
7220 |
++ li t1, _TIF_SYSCALL_WORK |
7221 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
7222 |
+ and t0, t1, t0 |
7223 |
+ bnez t0, n32_syscall_trace_entry |
7224 |
+diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S |
7225 |
+index 5422855..74e63a3 100644 |
7226 |
+--- a/arch/mips/kernel/scall64-o32.S |
7227 |
++++ b/arch/mips/kernel/scall64-o32.S |
7228 |
+@@ -81,7 +81,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
7229 |
+ PTR 4b, bad_stack |
7230 |
+ .previous |
7231 |
+ |
7232 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
7233 |
++ li t1, _TIF_SYSCALL_WORK |
7234 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
7235 |
+ and t0, t1, t0 |
7236 |
+ bnez t0, trace_a_syscall |
7237 |
diff --git a/arch/mips/mm/fault.c b/arch/mips/mm/fault.c |
7238 |
index 937cf33..adb39bb 100644 |
7239 |
--- a/arch/mips/mm/fault.c |
7240 |
@@ -3677,6 +3864,41 @@ index e30a13d..2b7d994 100644 |
7241 |
|
7242 |
/* Used in very early kernel initialization. */ |
7243 |
extern unsigned long reloc_offset(void); |
7244 |
+diff --git a/arch/powerpc/include/asm/thread_info.h b/arch/powerpc/include/asm/thread_info.h |
7245 |
+index 836f231..8403cfb 100644 |
7246 |
+--- a/arch/powerpc/include/asm/thread_info.h |
7247 |
++++ b/arch/powerpc/include/asm/thread_info.h |
7248 |
+@@ -104,7 +104,6 @@ static inline struct thread_info *current_thread_info(void) |
7249 |
+ #define TIF_PERFMON_CTXSW 6 /* perfmon needs ctxsw calls */ |
7250 |
+ #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */ |
7251 |
+ #define TIF_SINGLESTEP 8 /* singlestepping active */ |
7252 |
+-#define TIF_MEMDIE 9 /* is terminating due to OOM killer */ |
7253 |
+ #define TIF_SECCOMP 10 /* secure computing */ |
7254 |
+ #define TIF_RESTOREALL 11 /* Restore all regs (implies NOERROR) */ |
7255 |
+ #define TIF_NOERROR 12 /* Force successful syscall return */ |
7256 |
+@@ -112,6 +111,9 @@ static inline struct thread_info *current_thread_info(void) |
7257 |
+ #define TIF_FREEZE 14 /* Freezing for suspend */ |
7258 |
+ #define TIF_SYSCALL_TRACEPOINT 15 /* syscall tracepoint instrumentation */ |
7259 |
+ #define TIF_RUNLATCH 16 /* Is the runlatch enabled? */ |
7260 |
++#define TIF_MEMDIE 17 /* is terminating due to OOM killer */ |
7261 |
++/* mask must be expressable within 16 bits to satisfy 'andi' instruction reqs */ |
7262 |
++#define TIF_GRSEC_SETXID 9 /* update credentials on syscall entry/exit */ |
7263 |
+ |
7264 |
+ /* as above, but as bit values */ |
7265 |
+ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) |
7266 |
+@@ -130,8 +132,11 @@ static inline struct thread_info *current_thread_info(void) |
7267 |
+ #define _TIF_FREEZE (1<<TIF_FREEZE) |
7268 |
+ #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) |
7269 |
+ #define _TIF_RUNLATCH (1<<TIF_RUNLATCH) |
7270 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
7271 |
++ |
7272 |
+ #define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ |
7273 |
+- _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT) |
7274 |
++ _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT \ |
7275 |
++ _TIF_GRSEC_SETXID) |
7276 |
+ |
7277 |
+ #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \ |
7278 |
+ _TIF_NOTIFY_RESUME) |
7279 |
diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h |
7280 |
index bd0fb84..a42a14b 100644 |
7281 |
--- a/arch/powerpc/include/asm/uaccess.h |
7282 |
@@ -4053,6 +4275,45 @@ index 6457574..08b28d3 100644 |
7283 |
- |
7284 |
- return ret; |
7285 |
-} |
7286 |
+diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c |
7287 |
+index 5de73db..a05f61c 100644 |
7288 |
+--- a/arch/powerpc/kernel/ptrace.c |
7289 |
++++ b/arch/powerpc/kernel/ptrace.c |
7290 |
+@@ -1702,6 +1702,10 @@ long arch_ptrace(struct task_struct *child, long request, |
7291 |
+ return ret; |
7292 |
+ } |
7293 |
+ |
7294 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7295 |
++extern void gr_delayed_cred_worker(void); |
7296 |
++#endif |
7297 |
++ |
7298 |
+ /* |
7299 |
+ * We must return the syscall number to actually look up in the table. |
7300 |
+ * This can be -1L to skip running any syscall at all. |
7301 |
+@@ -1712,6 +1716,11 @@ long do_syscall_trace_enter(struct pt_regs *regs) |
7302 |
+ |
7303 |
+ secure_computing(regs->gpr[0]); |
7304 |
+ |
7305 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7306 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7307 |
++ gr_delayed_cred_worker(); |
7308 |
++#endif |
7309 |
++ |
7310 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE) && |
7311 |
+ tracehook_report_syscall_entry(regs)) |
7312 |
+ /* |
7313 |
+@@ -1748,6 +1757,11 @@ void do_syscall_trace_leave(struct pt_regs *regs) |
7314 |
+ { |
7315 |
+ int step; |
7316 |
+ |
7317 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7318 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7319 |
++ gr_delayed_cred_worker(); |
7320 |
++#endif |
7321 |
++ |
7322 |
+ if (unlikely(current->audit_context)) |
7323 |
+ audit_syscall_exit((regs->ccr&0x10000000)?AUDITSC_FAILURE:AUDITSC_SUCCESS, |
7324 |
+ regs->result); |
7325 |
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c |
7326 |
index 836a5a1..27289a3 100644 |
7327 |
--- a/arch/powerpc/kernel/signal_32.c |
7328 |
@@ -5278,7 +5539,7 @@ index fa57532..e1a4c53 100644 |
7329 |
|
7330 |
/* |
7331 |
diff --git a/arch/sparc/include/asm/thread_info_64.h b/arch/sparc/include/asm/thread_info_64.h |
7332 |
-index 60d86be..952dea1 100644 |
7333 |
+index 60d86be..6389ac8 100644 |
7334 |
--- a/arch/sparc/include/asm/thread_info_64.h |
7335 |
+++ b/arch/sparc/include/asm/thread_info_64.h |
7336 |
@@ -63,6 +63,8 @@ struct thread_info { |
7337 |
@@ -5290,6 +5551,38 @@ index 60d86be..952dea1 100644 |
7338 |
unsigned long fpregs[0] __attribute__ ((aligned(64))); |
7339 |
}; |
7340 |
|
7341 |
+@@ -214,10 +216,11 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
7342 |
+ #define TIF_UNALIGNED 5 /* allowed to do unaligned accesses */ |
7343 |
+ /* flag bit 6 is available */ |
7344 |
+ #define TIF_32BIT 7 /* 32-bit binary */ |
7345 |
+-/* flag bit 8 is available */ |
7346 |
++#define TIF_GRSEC_SETXID 8 /* update credentials on syscall entry/exit */ |
7347 |
+ #define TIF_SECCOMP 9 /* secure computing */ |
7348 |
+ #define TIF_SYSCALL_AUDIT 10 /* syscall auditing active */ |
7349 |
+ #define TIF_SYSCALL_TRACEPOINT 11 /* syscall tracepoint instrumentation */ |
7350 |
++ |
7351 |
+ /* NOTE: Thread flags >= 12 should be ones we have no interest |
7352 |
+ * in using in assembly, else we can't use the mask as |
7353 |
+ * an immediate value in instructions such as andcc. |
7354 |
+@@ -238,12 +241,18 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
7355 |
+ #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) |
7356 |
+ #define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) |
7357 |
+ #define _TIF_FREEZE (1<<TIF_FREEZE) |
7358 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
7359 |
+ |
7360 |
+ #define _TIF_USER_WORK_MASK ((0xff << TI_FLAG_WSAVED_SHIFT) | \ |
7361 |
+ _TIF_DO_NOTIFY_RESUME_MASK | \ |
7362 |
+ _TIF_NEED_RESCHED) |
7363 |
+ #define _TIF_DO_NOTIFY_RESUME_MASK (_TIF_NOTIFY_RESUME | _TIF_SIGPENDING) |
7364 |
+ |
7365 |
++#define _TIF_WORK_SYSCALL \ |
7366 |
++ (_TIF_SYSCALL_TRACE | _TIF_SECCOMP | _TIF_SYSCALL_AUDIT | \ |
7367 |
++ _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
7368 |
++ |
7369 |
++ |
7370 |
+ /* |
7371 |
+ * Thread-synchronous status. |
7372 |
+ * |
7373 |
diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h |
7374 |
index e88fbe5..96b0ce5 100644 |
7375 |
--- a/arch/sparc/include/asm/uaccess.h |
7376 |
@@ -5500,6 +5793,45 @@ index 3739a06..48b2ff0 100644 |
7377 |
(void *) gp->tpc, |
7378 |
(void *) gp->o7, |
7379 |
(void *) gp->i7, |
7380 |
+diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c |
7381 |
+index 96ee50a..68ce124 100644 |
7382 |
+--- a/arch/sparc/kernel/ptrace_64.c |
7383 |
++++ b/arch/sparc/kernel/ptrace_64.c |
7384 |
+@@ -1058,6 +1058,10 @@ long arch_ptrace(struct task_struct *child, long request, |
7385 |
+ return ret; |
7386 |
+ } |
7387 |
+ |
7388 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7389 |
++extern void gr_delayed_cred_worker(void); |
7390 |
++#endif |
7391 |
++ |
7392 |
+ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
7393 |
+ { |
7394 |
+ int ret = 0; |
7395 |
+@@ -1065,6 +1069,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
7396 |
+ /* do the secure computing check first */ |
7397 |
+ secure_computing(regs->u_regs[UREG_G1]); |
7398 |
+ |
7399 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7400 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7401 |
++ gr_delayed_cred_worker(); |
7402 |
++#endif |
7403 |
++ |
7404 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE)) |
7405 |
+ ret = tracehook_report_syscall_entry(regs); |
7406 |
+ |
7407 |
+@@ -1086,6 +1095,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
7408 |
+ |
7409 |
+ asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
7410 |
+ { |
7411 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7412 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7413 |
++ gr_delayed_cred_worker(); |
7414 |
++#endif |
7415 |
++ |
7416 |
+ #ifdef CONFIG_AUDITSYSCALL |
7417 |
+ if (unlikely(current->audit_context)) { |
7418 |
+ unsigned long tstate = regs->tstate; |
7419 |
diff --git a/arch/sparc/kernel/sys_sparc_32.c b/arch/sparc/kernel/sys_sparc_32.c |
7420 |
index 42b282f..28ce9f2 100644 |
7421 |
--- a/arch/sparc/kernel/sys_sparc_32.c |
7422 |
@@ -5673,6 +6005,55 @@ index 441521a..b767073 100644 |
7423 |
mm->get_unmapped_area = arch_get_unmapped_area_topdown; |
7424 |
mm->unmap_area = arch_unmap_area_topdown; |
7425 |
} |
7426 |
+diff --git a/arch/sparc/kernel/syscalls.S b/arch/sparc/kernel/syscalls.S |
7427 |
+index 1d7e274..b39c527 100644 |
7428 |
+--- a/arch/sparc/kernel/syscalls.S |
7429 |
++++ b/arch/sparc/kernel/syscalls.S |
7430 |
+@@ -62,7 +62,7 @@ sys32_rt_sigreturn: |
7431 |
+ #endif |
7432 |
+ .align 32 |
7433 |
+ 1: ldx [%g6 + TI_FLAGS], %l5 |
7434 |
+- andcc %l5, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
7435 |
++ andcc %l5, _TIF_WORK_SYSCALL, %g0 |
7436 |
+ be,pt %icc, rtrap |
7437 |
+ nop |
7438 |
+ call syscall_trace_leave |
7439 |
+@@ -179,7 +179,7 @@ linux_sparc_syscall32: |
7440 |
+ |
7441 |
+ srl %i5, 0, %o5 ! IEU1 |
7442 |
+ srl %i2, 0, %o2 ! IEU0 Group |
7443 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
7444 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
7445 |
+ bne,pn %icc, linux_syscall_trace32 ! CTI |
7446 |
+ mov %i0, %l5 ! IEU1 |
7447 |
+ call %l7 ! CTI Group brk forced |
7448 |
+@@ -202,7 +202,7 @@ linux_sparc_syscall: |
7449 |
+ |
7450 |
+ mov %i3, %o3 ! IEU1 |
7451 |
+ mov %i4, %o4 ! IEU0 Group |
7452 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
7453 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
7454 |
+ bne,pn %icc, linux_syscall_trace ! CTI Group |
7455 |
+ mov %i0, %l5 ! IEU0 |
7456 |
+ 2: call %l7 ! CTI Group brk forced |
7457 |
+@@ -226,7 +226,7 @@ ret_sys_call: |
7458 |
+ |
7459 |
+ cmp %o0, -ERESTART_RESTARTBLOCK |
7460 |
+ bgeu,pn %xcc, 1f |
7461 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %l6 |
7462 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
7463 |
+ 80: |
7464 |
+ /* System call success, clear Carry condition code. */ |
7465 |
+ andn %g3, %g2, %g3 |
7466 |
+@@ -241,7 +241,7 @@ ret_sys_call: |
7467 |
+ /* System call failure, set Carry condition code. |
7468 |
+ * Also, get abs(errno) to return to the process. |
7469 |
+ */ |
7470 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %l6 |
7471 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
7472 |
+ sub %g0, %o0, %o0 |
7473 |
+ or %g3, %g2, %g3 |
7474 |
+ stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] |
7475 |
diff --git a/arch/sparc/kernel/traps_32.c b/arch/sparc/kernel/traps_32.c |
7476 |
index 591f20c..0f1b925 100644 |
7477 |
--- a/arch/sparc/kernel/traps_32.c |
7478 |
@@ -7544,7 +7925,7 @@ index 3a19d04..7c1d55a 100644 |
7479 |
#endif |
7480 |
|
7481 |
diff --git a/arch/x86/boot/compressed/relocs.c b/arch/x86/boot/compressed/relocs.c |
7482 |
-index 89bbf4e..869908e 100644 |
7483 |
+index e77f4e4..17e511f 100644 |
7484 |
--- a/arch/x86/boot/compressed/relocs.c |
7485 |
+++ b/arch/x86/boot/compressed/relocs.c |
7486 |
@@ -13,8 +13,11 @@ |
7487 |
@@ -7649,7 +8030,7 @@ index 89bbf4e..869908e 100644 |
7488 |
rel->r_info = elf32_to_cpu(rel->r_info); |
7489 |
} |
7490 |
} |
7491 |
-@@ -396,14 +440,14 @@ static void read_relocs(FILE *fp) |
7492 |
+@@ -396,13 +440,13 @@ static void read_relocs(FILE *fp) |
7493 |
|
7494 |
static void print_absolute_symbols(void) |
7495 |
{ |
7496 |
@@ -7660,13 +8041,12 @@ index 89bbf4e..869908e 100644 |
7497 |
for (i = 0; i < ehdr.e_shnum; i++) { |
7498 |
struct section *sec = &secs[i]; |
7499 |
char *sym_strtab; |
7500 |
- Elf32_Sym *sh_symtab; |
7501 |
- int j; |
7502 |
+ unsigned int j; |
7503 |
|
7504 |
if (sec->shdr.sh_type != SHT_SYMTAB) { |
7505 |
continue; |
7506 |
-@@ -431,14 +475,14 @@ static void print_absolute_symbols(void) |
7507 |
+@@ -429,14 +473,14 @@ static void print_absolute_symbols(void) |
7508 |
|
7509 |
static void print_absolute_relocs(void) |
7510 |
{ |
7511 |
@@ -7683,7 +8063,7 @@ index 89bbf4e..869908e 100644 |
7512 |
if (sec->shdr.sh_type != SHT_REL) { |
7513 |
continue; |
7514 |
} |
7515 |
-@@ -499,13 +543,13 @@ static void print_absolute_relocs(void) |
7516 |
+@@ -497,13 +541,13 @@ static void print_absolute_relocs(void) |
7517 |
|
7518 |
static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
7519 |
{ |
7520 |
@@ -7699,7 +8079,7 @@ index 89bbf4e..869908e 100644 |
7521 |
struct section *sec = &secs[i]; |
7522 |
|
7523 |
if (sec->shdr.sh_type != SHT_REL) { |
7524 |
-@@ -530,6 +574,22 @@ static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
7525 |
+@@ -528,6 +572,22 @@ static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
7526 |
!is_rel_reloc(sym_name(sym_strtab, sym))) { |
7527 |
continue; |
7528 |
} |
7529 |
@@ -7722,7 +8102,7 @@ index 89bbf4e..869908e 100644 |
7530 |
switch (r_type) { |
7531 |
case R_386_NONE: |
7532 |
case R_386_PC32: |
7533 |
-@@ -571,7 +631,7 @@ static int cmp_relocs(const void *va, const void *vb) |
7534 |
+@@ -569,7 +629,7 @@ static int cmp_relocs(const void *va, const void *vb) |
7535 |
|
7536 |
static void emit_relocs(int as_text) |
7537 |
{ |
7538 |
@@ -7731,7 +8111,7 @@ index 89bbf4e..869908e 100644 |
7539 |
/* Count how many relocations I have and allocate space for them. */ |
7540 |
reloc_count = 0; |
7541 |
walk_relocs(count_reloc); |
7542 |
-@@ -665,6 +725,7 @@ int main(int argc, char **argv) |
7543 |
+@@ -663,6 +723,7 @@ int main(int argc, char **argv) |
7544 |
fname, strerror(errno)); |
7545 |
} |
7546 |
read_ehdr(fp); |
7547 |
@@ -12161,7 +12541,7 @@ index 2d2f01c..f985723 100644 |
7548 |
/* |
7549 |
* Force strict CPU ordering. |
7550 |
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h |
7551 |
-index d7ef849..6af292e 100644 |
7552 |
+index d7ef849..b1b009a 100644 |
7553 |
--- a/arch/x86/include/asm/thread_info.h |
7554 |
+++ b/arch/x86/include/asm/thread_info.h |
7555 |
@@ -10,6 +10,7 @@ |
7556 |
@@ -12210,7 +12590,45 @@ index d7ef849..6af292e 100644 |
7557 |
#define init_stack (init_thread_union.stack) |
7558 |
|
7559 |
#else /* !__ASSEMBLY__ */ |
7560 |
-@@ -170,45 +164,40 @@ struct thread_info { |
7561 |
+@@ -95,6 +89,7 @@ struct thread_info { |
7562 |
+ #define TIF_BLOCKSTEP 25 /* set when we want DEBUGCTLMSR_BTF */ |
7563 |
+ #define TIF_LAZY_MMU_UPDATES 27 /* task is updating the mmu lazily */ |
7564 |
+ #define TIF_SYSCALL_TRACEPOINT 28 /* syscall tracepoint instrumentation */ |
7565 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
7566 |
+ |
7567 |
+ #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) |
7568 |
+ #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) |
7569 |
+@@ -117,16 +112,17 @@ struct thread_info { |
7570 |
+ #define _TIF_BLOCKSTEP (1 << TIF_BLOCKSTEP) |
7571 |
+ #define _TIF_LAZY_MMU_UPDATES (1 << TIF_LAZY_MMU_UPDATES) |
7572 |
+ #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) |
7573 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
7574 |
+ |
7575 |
+ /* work to do in syscall_trace_enter() */ |
7576 |
+ #define _TIF_WORK_SYSCALL_ENTRY \ |
7577 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_EMU | _TIF_SYSCALL_AUDIT | \ |
7578 |
+- _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT) |
7579 |
++ _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
7580 |
+ |
7581 |
+ /* work to do in syscall_trace_leave() */ |
7582 |
+ #define _TIF_WORK_SYSCALL_EXIT \ |
7583 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_SINGLESTEP | \ |
7584 |
+- _TIF_SYSCALL_TRACEPOINT) |
7585 |
++ _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
7586 |
+ |
7587 |
+ /* work to do on interrupt/exception return */ |
7588 |
+ #define _TIF_WORK_MASK \ |
7589 |
+@@ -136,7 +132,8 @@ struct thread_info { |
7590 |
+ |
7591 |
+ /* work to do on any return to user space */ |
7592 |
+ #define _TIF_ALLWORK_MASK \ |
7593 |
+- ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT) |
7594 |
++ ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT | \ |
7595 |
++ _TIF_GRSEC_SETXID) |
7596 |
+ |
7597 |
+ /* Only used for 64 bit */ |
7598 |
+ #define _TIF_DO_NOTIFY_MASK \ |
7599 |
+@@ -170,45 +167,40 @@ struct thread_info { |
7600 |
ret; \ |
7601 |
}) |
7602 |
|
7603 |
@@ -12281,7 +12699,7 @@ index d7ef849..6af292e 100644 |
7604 |
/* |
7605 |
* macros/functions for gaining access to the thread information structure |
7606 |
* preempt_count needs to be 1 initially, until the scheduler is functional. |
7607 |
-@@ -216,21 +205,8 @@ static inline struct thread_info *current_thread_info(void) |
7608 |
+@@ -216,21 +208,8 @@ static inline struct thread_info *current_thread_info(void) |
7609 |
#ifndef __ASSEMBLY__ |
7610 |
DECLARE_PER_CPU(unsigned long, kernel_stack); |
7611 |
|
7612 |
@@ -12305,7 +12723,7 @@ index d7ef849..6af292e 100644 |
7613 |
#endif |
7614 |
|
7615 |
#endif /* !X86_32 */ |
7616 |
-@@ -264,5 +240,16 @@ extern void arch_task_cache_init(void); |
7617 |
+@@ -264,5 +243,16 @@ extern void arch_task_cache_init(void); |
7618 |
extern void free_thread_info(struct thread_info *ti); |
7619 |
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); |
7620 |
#define arch_task_cache_init arch_task_cache_init |
7621 |
@@ -13612,7 +14030,7 @@ index 1f84794..e23f862 100644 |
7622 |
} |
7623 |
|
7624 |
diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c |
7625 |
-index f98d84c..e402a69 100644 |
7626 |
+index c4e3581..7e2f9d0 100644 |
7627 |
--- a/arch/x86/kernel/apic/apic.c |
7628 |
+++ b/arch/x86/kernel/apic/apic.c |
7629 |
@@ -174,7 +174,7 @@ int first_system_vector = 0xfe; |
7630 |
@@ -13624,7 +14042,7 @@ index f98d84c..e402a69 100644 |
7631 |
|
7632 |
int pic_mode; |
7633 |
|
7634 |
-@@ -1853,7 +1853,7 @@ void smp_error_interrupt(struct pt_regs *regs) |
7635 |
+@@ -1857,7 +1857,7 @@ void smp_error_interrupt(struct pt_regs *regs) |
7636 |
apic_write(APIC_ESR, 0); |
7637 |
v1 = apic_read(APIC_ESR); |
7638 |
ack_APIC_irq(); |
7639 |
@@ -14623,7 +15041,7 @@ index cd28a35..c72ed9a 100644 |
7640 |
#include <asm/processor.h> |
7641 |
#include <asm/fcntl.h> |
7642 |
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S |
7643 |
-index bcda816..b0cbdf9 100644 |
7644 |
+index bcda816..5c89791 100644 |
7645 |
--- a/arch/x86/kernel/entry_32.S |
7646 |
+++ b/arch/x86/kernel/entry_32.S |
7647 |
@@ -180,13 +180,146 @@ |
7648 |
@@ -14816,7 +15234,7 @@ index bcda816..b0cbdf9 100644 |
7649 |
+#ifdef CONFIG_PAX_KERNEXEC |
7650 |
+ jae resume_userspace |
7651 |
+ |
7652 |
-+ PAX_EXIT_KERNEL |
7653 |
++ pax_exit_kernel |
7654 |
+ jmp resume_kernel |
7655 |
+#else |
7656 |
jb resume_kernel # not returning to v8086 or userspace |
7657 |
@@ -18551,7 +18969,7 @@ index 6a364a6..b147d11 100644 |
7658 |
ip = *(u64 *)(fp+8); |
7659 |
if (!in_sched_functions(ip)) |
7660 |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c |
7661 |
-index 8252879..f367ec9 100644 |
7662 |
+index 8252879..39d15fc 100644 |
7663 |
--- a/arch/x86/kernel/ptrace.c |
7664 |
+++ b/arch/x86/kernel/ptrace.c |
7665 |
@@ -791,6 +791,10 @@ static int ioperm_active(struct task_struct *target, |
7666 |
@@ -18600,6 +19018,41 @@ index 8252879..f367ec9 100644 |
7667 |
} |
7668 |
|
7669 |
void user_single_step_siginfo(struct task_struct *tsk, |
7670 |
+@@ -1360,6 +1364,10 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs, |
7671 |
+ # define IS_IA32 0 |
7672 |
+ #endif |
7673 |
+ |
7674 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7675 |
++extern void gr_delayed_cred_worker(void); |
7676 |
++#endif |
7677 |
++ |
7678 |
+ /* |
7679 |
+ * We must return the syscall number to actually look up in the table. |
7680 |
+ * This can be -1L to skip running any syscall at all. |
7681 |
+@@ -1368,6 +1376,11 @@ long syscall_trace_enter(struct pt_regs *regs) |
7682 |
+ { |
7683 |
+ long ret = 0; |
7684 |
+ |
7685 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7686 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7687 |
++ gr_delayed_cred_worker(); |
7688 |
++#endif |
7689 |
++ |
7690 |
+ /* |
7691 |
+ * If we stepped into a sysenter/syscall insn, it trapped in |
7692 |
+ * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP. |
7693 |
+@@ -1413,6 +1426,11 @@ void syscall_trace_leave(struct pt_regs *regs) |
7694 |
+ { |
7695 |
+ bool step; |
7696 |
+ |
7697 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
7698 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
7699 |
++ gr_delayed_cred_worker(); |
7700 |
++#endif |
7701 |
++ |
7702 |
+ if (unlikely(current->audit_context)) |
7703 |
+ audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax); |
7704 |
+ |
7705 |
diff --git a/arch/x86/kernel/pvclock.c b/arch/x86/kernel/pvclock.c |
7706 |
index 42eb330..139955c 100644 |
7707 |
--- a/arch/x86/kernel/pvclock.c |
7708 |
@@ -18838,7 +19291,7 @@ index cf0ef98..e3f780b 100644 |
7709 |
bss_resource.start = virt_to_phys(&__bss_start); |
7710 |
bss_resource.end = virt_to_phys(&__bss_stop)-1; |
7711 |
diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c |
7712 |
-index 71f4727..217419b 100644 |
7713 |
+index 5a98aa2..848d2be 100644 |
7714 |
--- a/arch/x86/kernel/setup_percpu.c |
7715 |
+++ b/arch/x86/kernel/setup_percpu.c |
7716 |
@@ -21,19 +21,17 @@ |
7717 |
@@ -18897,7 +19350,7 @@ index 71f4727..217419b 100644 |
7718 |
write_gdt_entry(get_cpu_gdt_table(cpu), |
7719 |
GDT_ENTRY_PERCPU, &gdt, DESCTYPE_S); |
7720 |
#endif |
7721 |
-@@ -207,6 +209,11 @@ void __init setup_per_cpu_areas(void) |
7722 |
+@@ -219,6 +221,11 @@ void __init setup_per_cpu_areas(void) |
7723 |
/* alrighty, percpu areas up and running */ |
7724 |
delta = (unsigned long)pcpu_base_addr - (unsigned long)__per_cpu_start; |
7725 |
for_each_possible_cpu(cpu) { |
7726 |
@@ -18909,7 +19362,7 @@ index 71f4727..217419b 100644 |
7727 |
per_cpu_offset(cpu) = delta + pcpu_unit_offsets[cpu]; |
7728 |
per_cpu(this_cpu_off, cpu) = per_cpu_offset(cpu); |
7729 |
per_cpu(cpu_number, cpu) = cpu; |
7730 |
-@@ -247,6 +254,12 @@ void __init setup_per_cpu_areas(void) |
7731 |
+@@ -259,6 +266,12 @@ void __init setup_per_cpu_areas(void) |
7732 |
*/ |
7733 |
set_cpu_numa_node(cpu, early_cpu_to_node(cpu)); |
7734 |
#endif |
7735 |
@@ -20979,7 +21432,7 @@ index e8e7e0d..56fd1b0 100644 |
7736 |
movl %eax, (v) |
7737 |
movl %edx, 4(v) |
7738 |
diff --git a/arch/x86/lib/atomic64_cx8_32.S b/arch/x86/lib/atomic64_cx8_32.S |
7739 |
-index 391a083..d658e9f 100644 |
7740 |
+index 391a083..3a2cf39 100644 |
7741 |
--- a/arch/x86/lib/atomic64_cx8_32.S |
7742 |
+++ b/arch/x86/lib/atomic64_cx8_32.S |
7743 |
@@ -35,10 +35,20 @@ ENTRY(atomic64_read_cx8) |
7744 |
@@ -21090,7 +21543,7 @@ index 391a083..d658e9f 100644 |
7745 |
|
7746 |
-.macro incdec_return func ins insc |
7747 |
-ENTRY(atomic64_\func\()_return_cx8) |
7748 |
-+.macro incdec_return func ins insc unchecked |
7749 |
++.macro incdec_return func ins insc unchecked="" |
7750 |
+ENTRY(atomic64_\func\()_return\unchecked\()_cx8) |
7751 |
CFI_STARTPROC |
7752 |
SAVE ebx |
7753 |
@@ -24383,7 +24836,7 @@ index f4f29b1..5cac4fb 100644 |
7754 |
|
7755 |
return (void *)vaddr; |
7756 |
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
7757 |
-index f581a18..29efd37 100644 |
7758 |
+index f581a18..a269cab 100644 |
7759 |
--- a/arch/x86/mm/hugetlbpage.c |
7760 |
+++ b/arch/x86/mm/hugetlbpage.c |
7761 |
@@ -266,13 +266,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
7762 |
@@ -24459,7 +24912,7 @@ index f581a18..29efd37 100644 |
7763 |
|
7764 |
/* don't allow allocations above current base */ |
7765 |
if (mm->free_area_cache > base) |
7766 |
-@@ -321,64 +328,63 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
7767 |
+@@ -321,64 +328,68 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
7768 |
largest_hole = 0; |
7769 |
mm->free_area_cache = base; |
7770 |
} |
7771 |
@@ -24474,15 +24927,16 @@ index f581a18..29efd37 100644 |
7772 |
+ addr = (mm->free_area_cache - len); |
7773 |
do { |
7774 |
+ addr &= huge_page_mask(h); |
7775 |
-+ vma = find_vma(mm, addr); |
7776 |
/* |
7777 |
* Lookup failure means no vma is above this address, |
7778 |
* i.e. return with success: |
7779 |
-- */ |
7780 |
+ */ |
7781 |
- if (!(vma = find_vma_prev(mm, addr, &prev_vma))) |
7782 |
-- return addr; |
7783 |
-- |
7784 |
-- /* |
7785 |
++ vma = find_vma(mm, addr); |
7786 |
++ if (!vma) |
7787 |
+ return addr; |
7788 |
+ |
7789 |
+ /* |
7790 |
* new region fits between prev_vma->vm_end and |
7791 |
* vma->vm_start, use it: |
7792 |
*/ |
7793 |
@@ -24554,7 +25008,7 @@ index f581a18..29efd37 100644 |
7794 |
mm->cached_hole_size = ~0UL; |
7795 |
addr = hugetlb_get_unmapped_area_bottomup(file, addr0, |
7796 |
len, pgoff, flags); |
7797 |
-@@ -386,6 +392,7 @@ fail: |
7798 |
+@@ -386,6 +397,7 @@ fail: |
7799 |
/* |
7800 |
* Restore the topdown base: |
7801 |
*/ |
7802 |
@@ -24562,7 +25016,7 @@ index f581a18..29efd37 100644 |
7803 |
mm->free_area_cache = base; |
7804 |
mm->cached_hole_size = ~0UL; |
7805 |
|
7806 |
-@@ -399,10 +406,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
7807 |
+@@ -399,10 +411,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
7808 |
struct hstate *h = hstate_file(file); |
7809 |
struct mm_struct *mm = current->mm; |
7810 |
struct vm_area_struct *vma; |
7811 |
@@ -24583,7 +25037,7 @@ index f581a18..29efd37 100644 |
7812 |
return -ENOMEM; |
7813 |
|
7814 |
if (flags & MAP_FIXED) { |
7815 |
-@@ -414,8 +430,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
7816 |
+@@ -414,8 +435,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
7817 |
if (addr) { |
7818 |
addr = ALIGN(addr, huge_page_size(h)); |
7819 |
vma = find_vma(mm, addr); |
7820 |
@@ -25011,7 +25465,7 @@ index 29f7c6d..b46b35b 100644 |
7821 |
printk(KERN_INFO "Write protecting the kernel text: %luk\n", |
7822 |
size >> 10); |
7823 |
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c |
7824 |
-index bbaaa00..0ad4539 100644 |
7825 |
+index bbaaa00..020e913 100644 |
7826 |
--- a/arch/x86/mm/init_64.c |
7827 |
+++ b/arch/x86/mm/init_64.c |
7828 |
@@ -75,7 +75,7 @@ early_param("gbpages", parse_direct_gbpages_on); |
7829 |
@@ -25128,6 +25582,15 @@ index bbaaa00..0ad4539 100644 |
7830 |
adr = (void *)(((unsigned long)adr) | left); |
7831 |
|
7832 |
return adr; |
7833 |
+@@ -546,7 +560,7 @@ phys_pud_init(pud_t *pud_page, unsigned long addr, unsigned long end, |
7834 |
+ unmap_low_page(pmd); |
7835 |
+ |
7836 |
+ spin_lock(&init_mm.page_table_lock); |
7837 |
+- pud_populate(&init_mm, pud, __va(pmd_phys)); |
7838 |
++ pud_populate_kernel(&init_mm, pud, __va(pmd_phys)); |
7839 |
+ spin_unlock(&init_mm.page_table_lock); |
7840 |
+ } |
7841 |
+ __flush_tlb_all(); |
7842 |
@@ -592,7 +606,7 @@ kernel_physical_mapping_init(unsigned long start, |
7843 |
unmap_low_page(pud); |
7844 |
|
7845 |
@@ -26908,10 +27371,10 @@ index 153407c..611cba9 100644 |
7846 |
-} |
7847 |
-__setup("vdso=", vdso_setup); |
7848 |
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
7849 |
-index 1f92865..c843b20 100644 |
7850 |
+index e7c920b..c9bdcf7 100644 |
7851 |
--- a/arch/x86/xen/enlighten.c |
7852 |
+++ b/arch/x86/xen/enlighten.c |
7853 |
-@@ -85,8 +85,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); |
7854 |
+@@ -86,8 +86,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); |
7855 |
|
7856 |
struct shared_info xen_dummy_shared_info; |
7857 |
|
7858 |
@@ -26920,7 +27383,7 @@ index 1f92865..c843b20 100644 |
7859 |
RESERVE_BRK(shared_info_page_brk, PAGE_SIZE); |
7860 |
__read_mostly int xen_have_vector_callback; |
7861 |
EXPORT_SYMBOL_GPL(xen_have_vector_callback); |
7862 |
-@@ -1029,7 +1027,7 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
7863 |
+@@ -1030,7 +1028,7 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
7864 |
#endif |
7865 |
}; |
7866 |
|
7867 |
@@ -26929,7 +27392,7 @@ index 1f92865..c843b20 100644 |
7868 |
{ |
7869 |
struct sched_shutdown r = { .reason = reason }; |
7870 |
|
7871 |
-@@ -1037,17 +1035,17 @@ static void xen_reboot(int reason) |
7872 |
+@@ -1038,17 +1036,17 @@ static void xen_reboot(int reason) |
7873 |
BUG(); |
7874 |
} |
7875 |
|
7876 |
@@ -26950,7 +27413,7 @@ index 1f92865..c843b20 100644 |
7877 |
{ |
7878 |
xen_reboot(SHUTDOWN_poweroff); |
7879 |
} |
7880 |
-@@ -1153,7 +1151,17 @@ asmlinkage void __init xen_start_kernel(void) |
7881 |
+@@ -1154,7 +1152,17 @@ asmlinkage void __init xen_start_kernel(void) |
7882 |
__userpte_alloc_gfp &= ~__GFP_HIGHMEM; |
7883 |
|
7884 |
/* Work out if we support NX */ |
7885 |
@@ -26969,7 +27432,7 @@ index 1f92865..c843b20 100644 |
7886 |
|
7887 |
xen_setup_features(); |
7888 |
|
7889 |
-@@ -1184,13 +1192,6 @@ asmlinkage void __init xen_start_kernel(void) |
7890 |
+@@ -1185,13 +1193,6 @@ asmlinkage void __init xen_start_kernel(void) |
7891 |
|
7892 |
machine_ops = xen_machine_ops; |
7893 |
|
7894 |
@@ -26984,10 +27447,10 @@ index 1f92865..c843b20 100644 |
7895 |
|
7896 |
#ifdef CONFIG_ACPI_NUMA |
7897 |
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
7898 |
-index 87f6673..e2555a6 100644 |
7899 |
+index ec3d603..fa4ed1b 100644 |
7900 |
--- a/arch/x86/xen/mmu.c |
7901 |
+++ b/arch/x86/xen/mmu.c |
7902 |
-@@ -1733,6 +1733,9 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
7903 |
+@@ -1738,6 +1738,9 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
7904 |
convert_pfn_mfn(init_level4_pgt); |
7905 |
convert_pfn_mfn(level3_ident_pgt); |
7906 |
convert_pfn_mfn(level3_kernel_pgt); |
7907 |
@@ -26997,7 +27460,7 @@ index 87f6673..e2555a6 100644 |
7908 |
|
7909 |
l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd); |
7910 |
l2 = m2v(l3[pud_index(__START_KERNEL_map)].pud); |
7911 |
-@@ -1751,7 +1754,11 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
7912 |
+@@ -1756,7 +1759,11 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
7913 |
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); |
7914 |
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); |
7915 |
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); |
7916 |
@@ -27009,7 +27472,7 @@ index 87f6673..e2555a6 100644 |
7917 |
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); |
7918 |
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); |
7919 |
|
7920 |
-@@ -1962,6 +1969,7 @@ static void __init xen_post_allocator_init(void) |
7921 |
+@@ -1967,6 +1974,7 @@ static void __init xen_post_allocator_init(void) |
7922 |
pv_mmu_ops.set_pud = xen_set_pud; |
7923 |
#if PAGETABLE_LEVELS == 4 |
7924 |
pv_mmu_ops.set_pgd = xen_set_pgd; |
7925 |
@@ -27017,7 +27480,7 @@ index 87f6673..e2555a6 100644 |
7926 |
#endif |
7927 |
|
7928 |
/* This will work as long as patching hasn't happened yet |
7929 |
-@@ -2043,6 +2051,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { |
7930 |
+@@ -2048,6 +2056,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { |
7931 |
.pud_val = PV_CALLEE_SAVE(xen_pud_val), |
7932 |
.make_pud = PV_CALLEE_SAVE(xen_make_pud), |
7933 |
.set_pgd = xen_set_pgd_hyper, |
7934 |
@@ -27026,10 +27489,10 @@ index 87f6673..e2555a6 100644 |
7935 |
.alloc_pud = xen_alloc_pmd_init, |
7936 |
.release_pud = xen_release_pmd_init, |
7937 |
diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c |
7938 |
-index 041d4fe..7666b7e 100644 |
7939 |
+index 9a23fff..9dfee11ca 100644 |
7940 |
--- a/arch/x86/xen/smp.c |
7941 |
+++ b/arch/x86/xen/smp.c |
7942 |
-@@ -194,11 +194,6 @@ static void __init xen_smp_prepare_boot_cpu(void) |
7943 |
+@@ -209,11 +209,6 @@ static void __init xen_smp_prepare_boot_cpu(void) |
7944 |
{ |
7945 |
BUG_ON(smp_processor_id() != 0); |
7946 |
native_smp_prepare_boot_cpu(); |
7947 |
@@ -27041,7 +27504,7 @@ index 041d4fe..7666b7e 100644 |
7948 |
xen_filter_cpu_maps(); |
7949 |
xen_setup_vcpu_info_placement(); |
7950 |
} |
7951 |
-@@ -275,12 +270,12 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) |
7952 |
+@@ -290,12 +285,12 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) |
7953 |
gdt = get_cpu_gdt_table(cpu); |
7954 |
|
7955 |
ctxt->flags = VGCF_IN_KERNEL; |
7956 |
@@ -27057,7 +27520,7 @@ index 041d4fe..7666b7e 100644 |
7957 |
#else |
7958 |
ctxt->gs_base_kernel = per_cpu_offset(cpu); |
7959 |
#endif |
7960 |
-@@ -331,13 +326,12 @@ static int __cpuinit xen_cpu_up(unsigned int cpu) |
7961 |
+@@ -346,13 +341,12 @@ static int __cpuinit xen_cpu_up(unsigned int cpu) |
7962 |
int rc; |
7963 |
|
7964 |
per_cpu(current_task, cpu) = idle; |
7965 |
@@ -27073,19 +27536,6 @@ index 041d4fe..7666b7e 100644 |
7966 |
#endif |
7967 |
xen_setup_runstate_info(cpu); |
7968 |
xen_setup_timer(cpu); |
7969 |
-diff --git a/arch/x86/xen/xen-asm.S b/arch/x86/xen/xen-asm.S |
7970 |
-index 79d7362..3e45aa0 100644 |
7971 |
---- a/arch/x86/xen/xen-asm.S |
7972 |
-+++ b/arch/x86/xen/xen-asm.S |
7973 |
-@@ -96,7 +96,7 @@ ENTRY(xen_restore_fl_direct) |
7974 |
- |
7975 |
- /* check for unmasked and pending */ |
7976 |
- cmpw $0x0001, PER_CPU_VAR(xen_vcpu_info) + XEN_vcpu_info_pending |
7977 |
-- jz 1f |
7978 |
-+ jnz 1f |
7979 |
- 2: call check_events |
7980 |
- 1: |
7981 |
- ENDPATCH(xen_restore_fl_direct) |
7982 |
diff --git a/arch/x86/xen/xen-asm_32.S b/arch/x86/xen/xen-asm_32.S |
7983 |
index b040b0e..8cc4fe0 100644 |
7984 |
--- a/arch/x86/xen/xen-asm_32.S |
7985 |
@@ -30676,7 +31126,7 @@ index ae294a0..1755461 100644 |
7986 |
return container_of(adapter, struct intel_gmbus, adapter)->force_bit; |
7987 |
} |
7988 |
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
7989 |
-index b9da890..cad1d98 100644 |
7990 |
+index a6c2f7a..0eea25d 100644 |
7991 |
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
7992 |
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
7993 |
@@ -189,7 +189,7 @@ i915_gem_object_set_to_gpu_domain(struct drm_i915_gem_object *obj, |
7994 |
@@ -33705,7 +34155,7 @@ index 4720f68..78d1df7 100644 |
7995 |
|
7996 |
void dm_uevent_add(struct mapped_device *md, struct list_head *elist) |
7997 |
diff --git a/drivers/md/md.c b/drivers/md/md.c |
7998 |
-index 6f37aa4..8d49123 100644 |
7999 |
+index 065ab4f..653e6d8 100644 |
8000 |
--- a/drivers/md/md.c |
8001 |
+++ b/drivers/md/md.c |
8002 |
@@ -278,10 +278,10 @@ EXPORT_SYMBOL_GPL(md_trim_bio); |
8003 |
@@ -35613,10 +36063,10 @@ index 1b7082d..c786773 100644 |
8004 |
if ((num_pages != size) || |
8005 |
(num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) |
8006 |
diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c |
8007 |
-index 486b404..0d6677d 100644 |
8008 |
+index 3ed983c..a1bb418 100644 |
8009 |
--- a/drivers/net/ppp/ppp_generic.c |
8010 |
+++ b/drivers/net/ppp/ppp_generic.c |
8011 |
-@@ -987,7 +987,6 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) |
8012 |
+@@ -986,7 +986,6 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) |
8013 |
void __user *addr = (void __user *) ifr->ifr_ifru.ifru_data; |
8014 |
struct ppp_stats stats; |
8015 |
struct ppp_comp_stats cstats; |
8016 |
@@ -35624,7 +36074,7 @@ index 486b404..0d6677d 100644 |
8017 |
|
8018 |
switch (cmd) { |
8019 |
case SIOCGPPPSTATS: |
8020 |
-@@ -1009,8 +1008,7 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) |
8021 |
+@@ -1008,8 +1007,7 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) |
8022 |
break; |
8023 |
|
8024 |
case SIOCGPPPVER: |
8025 |
@@ -37836,7 +38286,7 @@ index f64250e..1ee3049 100644 |
8026 |
{ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x0800) }, |
8027 |
{}, |
8028 |
diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c |
8029 |
-index 77eae99..b7cdcc9 100644 |
8030 |
+index b2ccdea..84cde75 100644 |
8031 |
--- a/drivers/spi/spi.c |
8032 |
+++ b/drivers/spi/spi.c |
8033 |
@@ -1024,7 +1024,7 @@ int spi_bus_unlock(struct spi_master *master) |
8034 |
@@ -42484,7 +42934,7 @@ index 7ee7ba4..0c61a60 100644 |
8035 |
goto out_sig; |
8036 |
if (offset > inode->i_sb->s_maxbytes) |
8037 |
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
8038 |
-index 6861f61..a25f010 100644 |
8039 |
+index e1fbdee..cd5ea56 100644 |
8040 |
--- a/fs/autofs4/waitq.c |
8041 |
+++ b/fs/autofs4/waitq.c |
8042 |
@@ -60,7 +60,7 @@ static int autofs4_write(struct file *file, const void *addr, int bytes) |
8043 |
@@ -44516,7 +44966,7 @@ index 608c1c3..7d040a8 100644 |
8044 |
return rc; |
8045 |
} |
8046 |
diff --git a/fs/exec.c b/fs/exec.c |
8047 |
-index 3625464..ff895b9 100644 |
8048 |
+index 160cd2f..e74d2a6 100644 |
8049 |
--- a/fs/exec.c |
8050 |
+++ b/fs/exec.c |
8051 |
@@ -55,12 +55,28 @@ |
8052 |
@@ -44771,7 +45221,7 @@ index 3625464..ff895b9 100644 |
8053 |
set_fs(old_fs); |
8054 |
return result; |
8055 |
} |
8056 |
-@@ -1067,6 +1099,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
8057 |
+@@ -1070,6 +1102,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
8058 |
perf_event_comm(tsk); |
8059 |
} |
8060 |
|
8061 |
@@ -44793,7 +45243,7 @@ index 3625464..ff895b9 100644 |
8062 |
int flush_old_exec(struct linux_binprm * bprm) |
8063 |
{ |
8064 |
int retval; |
8065 |
-@@ -1081,6 +1128,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
8066 |
+@@ -1084,6 +1131,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
8067 |
|
8068 |
set_mm_exe_file(bprm->mm, bprm->file); |
8069 |
|
8070 |
@@ -44801,7 +45251,7 @@ index 3625464..ff895b9 100644 |
8071 |
/* |
8072 |
* Release all of the old mmap stuff |
8073 |
*/ |
8074 |
-@@ -1112,10 +1160,6 @@ EXPORT_SYMBOL(would_dump); |
8075 |
+@@ -1115,10 +1163,6 @@ EXPORT_SYMBOL(would_dump); |
8076 |
|
8077 |
void setup_new_exec(struct linux_binprm * bprm) |
8078 |
{ |
8079 |
@@ -44812,7 +45262,7 @@ index 3625464..ff895b9 100644 |
8080 |
arch_pick_mmap_layout(current->mm); |
8081 |
|
8082 |
/* This is the point of no return */ |
8083 |
-@@ -1126,18 +1170,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
8084 |
+@@ -1129,18 +1173,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
8085 |
else |
8086 |
set_dumpable(current->mm, suid_dumpable); |
8087 |
|
8088 |
@@ -44832,7 +45282,7 @@ index 3625464..ff895b9 100644 |
8089 |
|
8090 |
/* Set the new mm task size. We have to do that late because it may |
8091 |
* depend on TIF_32BIT which is only updated in flush_thread() on |
8092 |
-@@ -1247,7 +1280,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
8093 |
+@@ -1250,7 +1283,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
8094 |
} |
8095 |
rcu_read_unlock(); |
8096 |
|
8097 |
@@ -44841,7 +45291,7 @@ index 3625464..ff895b9 100644 |
8098 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
8099 |
} else { |
8100 |
res = -EAGAIN; |
8101 |
-@@ -1442,6 +1475,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
8102 |
+@@ -1445,6 +1478,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
8103 |
|
8104 |
EXPORT_SYMBOL(search_binary_handler); |
8105 |
|
8106 |
@@ -44870,7 +45320,7 @@ index 3625464..ff895b9 100644 |
8107 |
/* |
8108 |
* sys_execve() executes a new program. |
8109 |
*/ |
8110 |
-@@ -1450,6 +1505,11 @@ static int do_execve_common(const char *filename, |
8111 |
+@@ -1453,6 +1508,11 @@ static int do_execve_common(const char *filename, |
8112 |
struct user_arg_ptr envp, |
8113 |
struct pt_regs *regs) |
8114 |
{ |
8115 |
@@ -44882,7 +45332,7 @@ index 3625464..ff895b9 100644 |
8116 |
struct linux_binprm *bprm; |
8117 |
struct file *file; |
8118 |
struct files_struct *displaced; |
8119 |
-@@ -1457,6 +1517,8 @@ static int do_execve_common(const char *filename, |
8120 |
+@@ -1460,6 +1520,8 @@ static int do_execve_common(const char *filename, |
8121 |
int retval; |
8122 |
const struct cred *cred = current_cred(); |
8123 |
|
8124 |
@@ -44891,7 +45341,7 @@ index 3625464..ff895b9 100644 |
8125 |
/* |
8126 |
* We move the actual failure in case of RLIMIT_NPROC excess from |
8127 |
* set*uid() to execve() because too many poorly written programs |
8128 |
-@@ -1497,12 +1559,27 @@ static int do_execve_common(const char *filename, |
8129 |
+@@ -1500,12 +1562,27 @@ static int do_execve_common(const char *filename, |
8130 |
if (IS_ERR(file)) |
8131 |
goto out_unmark; |
8132 |
|
8133 |
@@ -44919,7 +45369,7 @@ index 3625464..ff895b9 100644 |
8134 |
retval = bprm_mm_init(bprm); |
8135 |
if (retval) |
8136 |
goto out_file; |
8137 |
-@@ -1519,24 +1596,65 @@ static int do_execve_common(const char *filename, |
8138 |
+@@ -1522,24 +1599,65 @@ static int do_execve_common(const char *filename, |
8139 |
if (retval < 0) |
8140 |
goto out; |
8141 |
|
8142 |
@@ -44989,7 +45439,7 @@ index 3625464..ff895b9 100644 |
8143 |
current->fs->in_exec = 0; |
8144 |
current->in_execve = 0; |
8145 |
acct_update_integrals(current); |
8146 |
-@@ -1545,6 +1663,14 @@ static int do_execve_common(const char *filename, |
8147 |
+@@ -1548,6 +1666,14 @@ static int do_execve_common(const char *filename, |
8148 |
put_files_struct(displaced); |
8149 |
return retval; |
8150 |
|
8151 |
@@ -45004,7 +45454,7 @@ index 3625464..ff895b9 100644 |
8152 |
out: |
8153 |
if (bprm->mm) { |
8154 |
acct_arg_size(bprm, 0); |
8155 |
-@@ -1618,7 +1744,7 @@ static int expand_corename(struct core_name *cn) |
8156 |
+@@ -1621,7 +1747,7 @@ static int expand_corename(struct core_name *cn) |
8157 |
{ |
8158 |
char *old_corename = cn->corename; |
8159 |
|
8160 |
@@ -45013,7 +45463,7 @@ index 3625464..ff895b9 100644 |
8161 |
cn->corename = krealloc(old_corename, cn->size, GFP_KERNEL); |
8162 |
|
8163 |
if (!cn->corename) { |
8164 |
-@@ -1715,7 +1841,7 @@ static int format_corename(struct core_name *cn, long signr) |
8165 |
+@@ -1718,7 +1844,7 @@ static int format_corename(struct core_name *cn, long signr) |
8166 |
int pid_in_pattern = 0; |
8167 |
int err = 0; |
8168 |
|
8169 |
@@ -45022,7 +45472,7 @@ index 3625464..ff895b9 100644 |
8170 |
cn->corename = kmalloc(cn->size, GFP_KERNEL); |
8171 |
cn->used = 0; |
8172 |
|
8173 |
-@@ -1812,6 +1938,228 @@ out: |
8174 |
+@@ -1815,6 +1941,228 @@ out: |
8175 |
return ispipe; |
8176 |
} |
8177 |
|
8178 |
@@ -45251,7 +45701,7 @@ index 3625464..ff895b9 100644 |
8179 |
static int zap_process(struct task_struct *start, int exit_code) |
8180 |
{ |
8181 |
struct task_struct *t; |
8182 |
-@@ -2023,17 +2371,17 @@ static void wait_for_dump_helpers(struct file *file) |
8183 |
+@@ -2026,17 +2374,17 @@ static void wait_for_dump_helpers(struct file *file) |
8184 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
8185 |
|
8186 |
pipe_lock(pipe); |
8187 |
@@ -45274,7 +45724,7 @@ index 3625464..ff895b9 100644 |
8188 |
pipe_unlock(pipe); |
8189 |
|
8190 |
} |
8191 |
-@@ -2094,7 +2442,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8192 |
+@@ -2097,7 +2445,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8193 |
int retval = 0; |
8194 |
int flag = 0; |
8195 |
int ispipe; |
8196 |
@@ -45283,7 +45733,7 @@ index 3625464..ff895b9 100644 |
8197 |
struct coredump_params cprm = { |
8198 |
.signr = signr, |
8199 |
.regs = regs, |
8200 |
-@@ -2109,6 +2457,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8201 |
+@@ -2112,6 +2460,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8202 |
|
8203 |
audit_core_dumps(signr); |
8204 |
|
8205 |
@@ -45293,7 +45743,7 @@ index 3625464..ff895b9 100644 |
8206 |
binfmt = mm->binfmt; |
8207 |
if (!binfmt || !binfmt->core_dump) |
8208 |
goto fail; |
8209 |
-@@ -2176,7 +2527,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8210 |
+@@ -2179,7 +2530,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8211 |
} |
8212 |
cprm.limit = RLIM_INFINITY; |
8213 |
|
8214 |
@@ -45302,7 +45752,7 @@ index 3625464..ff895b9 100644 |
8215 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
8216 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
8217 |
task_tgid_vnr(current), current->comm); |
8218 |
-@@ -2203,6 +2554,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8219 |
+@@ -2206,6 +2557,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
8220 |
} else { |
8221 |
struct inode *inode; |
8222 |
|
8223 |
@@ -45311,7 +45761,7 @@ index 3625464..ff895b9 100644 |
8224 |
if (cprm.limit < binfmt->min_coredump) |
8225 |
goto fail_unlock; |
8226 |
|
8227 |
-@@ -2246,7 +2599,7 @@ close_fail: |
8228 |
+@@ -2249,7 +2602,7 @@ close_fail: |
8229 |
filp_close(cprm.file, NULL); |
8230 |
fail_dropcount: |
8231 |
if (ispipe) |
8232 |
@@ -45320,7 +45770,7 @@ index 3625464..ff895b9 100644 |
8233 |
fail_unlock: |
8234 |
kfree(cn.corename); |
8235 |
fail_corename: |
8236 |
-@@ -2265,7 +2618,7 @@ fail: |
8237 |
+@@ -2268,7 +2621,7 @@ fail: |
8238 |
*/ |
8239 |
int dump_write(struct file *file, const void *addr, int nr) |
8240 |
{ |
8241 |
@@ -47143,50 +47593,6 @@ index cfd4959..a780959 100644 |
8242 |
if (!IS_ERR(s)) |
8243 |
kfree(s); |
8244 |
} |
8245 |
-diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c |
8246 |
-index 4dfbfec..ec2a9c2 100644 |
8247 |
---- a/fs/hfsplus/catalog.c |
8248 |
-+++ b/fs/hfsplus/catalog.c |
8249 |
-@@ -366,6 +366,10 @@ int hfsplus_rename_cat(u32 cnid, |
8250 |
- err = hfs_brec_find(&src_fd); |
8251 |
- if (err) |
8252 |
- goto out; |
8253 |
-+ if (src_fd.entrylength > sizeof(entry) || src_fd.entrylength < 0) { |
8254 |
-+ err = -EIO; |
8255 |
-+ goto out; |
8256 |
-+ } |
8257 |
- |
8258 |
- hfs_bnode_read(src_fd.bnode, &entry, src_fd.entryoffset, |
8259 |
- src_fd.entrylength); |
8260 |
-diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c |
8261 |
-index 4536cd3..5adb740 100644 |
8262 |
---- a/fs/hfsplus/dir.c |
8263 |
-+++ b/fs/hfsplus/dir.c |
8264 |
-@@ -150,6 +150,11 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
8265 |
- filp->f_pos++; |
8266 |
- /* fall through */ |
8267 |
- case 1: |
8268 |
-+ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
8269 |
-+ err = -EIO; |
8270 |
-+ goto out; |
8271 |
-+ } |
8272 |
-+ |
8273 |
- hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
8274 |
- fd.entrylength); |
8275 |
- if (be16_to_cpu(entry.type) != HFSPLUS_FOLDER_THREAD) { |
8276 |
-@@ -181,6 +186,12 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
8277 |
- err = -EIO; |
8278 |
- goto out; |
8279 |
- } |
8280 |
-+ |
8281 |
-+ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
8282 |
-+ err = -EIO; |
8283 |
-+ goto out; |
8284 |
-+ } |
8285 |
-+ |
8286 |
- hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
8287 |
- fd.entrylength); |
8288 |
- type = be16_to_cpu(entry.type); |
8289 |
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c |
8290 |
index 2d0ca24..c4b8676511 100644 |
8291 |
--- a/fs/hugetlbfs/inode.c |
8292 |
@@ -47965,7 +48371,7 @@ index 50a15fa..ca113f9 100644 |
8293 |
|
8294 |
void nfs_fattr_init(struct nfs_fattr *fattr) |
8295 |
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c |
8296 |
-index 7a2e442..8e544cc 100644 |
8297 |
+index 5c3cd82..ed535e5 100644 |
8298 |
--- a/fs/nfsd/vfs.c |
8299 |
+++ b/fs/nfsd/vfs.c |
8300 |
@@ -914,7 +914,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
8301 |
@@ -48109,7 +48515,7 @@ index d355e6e..578d905 100644 |
8302 |
|
8303 |
enum ocfs2_local_alloc_state |
8304 |
diff --git a/fs/ocfs2/suballoc.c b/fs/ocfs2/suballoc.c |
8305 |
-index ba5d97e..c77db25 100644 |
8306 |
+index f169da4..9112253 100644 |
8307 |
--- a/fs/ocfs2/suballoc.c |
8308 |
+++ b/fs/ocfs2/suballoc.c |
8309 |
@@ -872,7 +872,7 @@ static int ocfs2_reserve_suballoc_bits(struct ocfs2_super *osb, |
8310 |
@@ -48345,10 +48751,10 @@ index bd8ae78..539d250 100644 |
8311 |
ldm_crit ("Out of memory."); |
8312 |
return false; |
8313 |
diff --git a/fs/pipe.c b/fs/pipe.c |
8314 |
-index 4065f07..68c0706 100644 |
8315 |
+index 05ed5ca..ab15592 100644 |
8316 |
--- a/fs/pipe.c |
8317 |
+++ b/fs/pipe.c |
8318 |
-@@ -420,9 +420,9 @@ redo: |
8319 |
+@@ -437,9 +437,9 @@ redo: |
8320 |
} |
8321 |
if (bufs) /* More to do? */ |
8322 |
continue; |
8323 |
@@ -48360,7 +48766,7 @@ index 4065f07..68c0706 100644 |
8324 |
/* syscall merging: Usually we must not sleep |
8325 |
* if O_NONBLOCK is set, or if we got some data. |
8326 |
* But if a writer sleeps in kernel space, then |
8327 |
-@@ -481,7 +481,7 @@ pipe_write(struct kiocb *iocb, const struct iovec *_iov, |
8328 |
+@@ -503,7 +503,7 @@ pipe_write(struct kiocb *iocb, const struct iovec *_iov, |
8329 |
mutex_lock(&inode->i_mutex); |
8330 |
pipe = inode->i_pipe; |
8331 |
|
8332 |
@@ -48369,7 +48775,7 @@ index 4065f07..68c0706 100644 |
8333 |
send_sig(SIGPIPE, current, 0); |
8334 |
ret = -EPIPE; |
8335 |
goto out; |
8336 |
-@@ -530,7 +530,7 @@ redo1: |
8337 |
+@@ -552,7 +552,7 @@ redo1: |
8338 |
for (;;) { |
8339 |
int bufs; |
8340 |
|
8341 |
@@ -48378,7 +48784,7 @@ index 4065f07..68c0706 100644 |
8342 |
send_sig(SIGPIPE, current, 0); |
8343 |
if (!ret) |
8344 |
ret = -EPIPE; |
8345 |
-@@ -616,9 +616,9 @@ redo2: |
8346 |
+@@ -643,9 +643,9 @@ redo2: |
8347 |
kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); |
8348 |
do_wakeup = 0; |
8349 |
} |
8350 |
@@ -48390,7 +48796,7 @@ index 4065f07..68c0706 100644 |
8351 |
} |
8352 |
out: |
8353 |
mutex_unlock(&inode->i_mutex); |
8354 |
-@@ -685,7 +685,7 @@ pipe_poll(struct file *filp, poll_table *wait) |
8355 |
+@@ -712,7 +712,7 @@ pipe_poll(struct file *filp, poll_table *wait) |
8356 |
mask = 0; |
8357 |
if (filp->f_mode & FMODE_READ) { |
8358 |
mask = (nrbufs > 0) ? POLLIN | POLLRDNORM : 0; |
8359 |
@@ -48399,7 +48805,7 @@ index 4065f07..68c0706 100644 |
8360 |
mask |= POLLHUP; |
8361 |
} |
8362 |
|
8363 |
-@@ -695,7 +695,7 @@ pipe_poll(struct file *filp, poll_table *wait) |
8364 |
+@@ -722,7 +722,7 @@ pipe_poll(struct file *filp, poll_table *wait) |
8365 |
* Most Unices do not set POLLERR for FIFOs but on Linux they |
8366 |
* behave exactly like pipes for poll(). |
8367 |
*/ |
8368 |
@@ -48408,7 +48814,7 @@ index 4065f07..68c0706 100644 |
8369 |
mask |= POLLERR; |
8370 |
} |
8371 |
|
8372 |
-@@ -709,10 +709,10 @@ pipe_release(struct inode *inode, int decr, int decw) |
8373 |
+@@ -736,10 +736,10 @@ pipe_release(struct inode *inode, int decr, int decw) |
8374 |
|
8375 |
mutex_lock(&inode->i_mutex); |
8376 |
pipe = inode->i_pipe; |
8377 |
@@ -48422,7 +48828,7 @@ index 4065f07..68c0706 100644 |
8378 |
free_pipe_info(inode); |
8379 |
} else { |
8380 |
wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP); |
8381 |
-@@ -802,7 +802,7 @@ pipe_read_open(struct inode *inode, struct file *filp) |
8382 |
+@@ -829,7 +829,7 @@ pipe_read_open(struct inode *inode, struct file *filp) |
8383 |
|
8384 |
if (inode->i_pipe) { |
8385 |
ret = 0; |
8386 |
@@ -48431,7 +48837,7 @@ index 4065f07..68c0706 100644 |
8387 |
} |
8388 |
|
8389 |
mutex_unlock(&inode->i_mutex); |
8390 |
-@@ -819,7 +819,7 @@ pipe_write_open(struct inode *inode, struct file *filp) |
8391 |
+@@ -846,7 +846,7 @@ pipe_write_open(struct inode *inode, struct file *filp) |
8392 |
|
8393 |
if (inode->i_pipe) { |
8394 |
ret = 0; |
8395 |
@@ -48440,7 +48846,7 @@ index 4065f07..68c0706 100644 |
8396 |
} |
8397 |
|
8398 |
mutex_unlock(&inode->i_mutex); |
8399 |
-@@ -837,9 +837,9 @@ pipe_rdwr_open(struct inode *inode, struct file *filp) |
8400 |
+@@ -864,9 +864,9 @@ pipe_rdwr_open(struct inode *inode, struct file *filp) |
8401 |
if (inode->i_pipe) { |
8402 |
ret = 0; |
8403 |
if (filp->f_mode & FMODE_READ) |
8404 |
@@ -48452,7 +48858,7 @@ index 4065f07..68c0706 100644 |
8405 |
} |
8406 |
|
8407 |
mutex_unlock(&inode->i_mutex); |
8408 |
-@@ -931,7 +931,7 @@ void free_pipe_info(struct inode *inode) |
8409 |
+@@ -958,7 +958,7 @@ void free_pipe_info(struct inode *inode) |
8410 |
inode->i_pipe = NULL; |
8411 |
} |
8412 |
|
8413 |
@@ -48461,7 +48867,7 @@ index 4065f07..68c0706 100644 |
8414 |
|
8415 |
/* |
8416 |
* pipefs_dname() is called from d_path(). |
8417 |
-@@ -961,7 +961,8 @@ static struct inode * get_pipe_inode(void) |
8418 |
+@@ -988,7 +988,8 @@ static struct inode * get_pipe_inode(void) |
8419 |
goto fail_iput; |
8420 |
inode->i_pipe = pipe; |
8421 |
|
8422 |
@@ -49865,10 +50271,10 @@ index dba43c3..4b3f701 100644 |
8423 |
|
8424 |
if (op) { |
8425 |
diff --git a/fs/splice.c b/fs/splice.c |
8426 |
-index fa2defa..8601650 100644 |
8427 |
+index 6d0dfb8..115bb3a 100644 |
8428 |
--- a/fs/splice.c |
8429 |
+++ b/fs/splice.c |
8430 |
-@@ -194,7 +194,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, |
8431 |
+@@ -195,7 +195,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, |
8432 |
pipe_lock(pipe); |
8433 |
|
8434 |
for (;;) { |
8435 |
@@ -49877,7 +50283,7 @@ index fa2defa..8601650 100644 |
8436 |
send_sig(SIGPIPE, current, 0); |
8437 |
if (!ret) |
8438 |
ret = -EPIPE; |
8439 |
-@@ -248,9 +248,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, |
8440 |
+@@ -249,9 +249,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, |
8441 |
do_wakeup = 0; |
8442 |
} |
8443 |
|
8444 |
@@ -49889,7 +50295,7 @@ index fa2defa..8601650 100644 |
8445 |
} |
8446 |
|
8447 |
pipe_unlock(pipe); |
8448 |
-@@ -560,7 +560,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, |
8449 |
+@@ -561,7 +561,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, |
8450 |
old_fs = get_fs(); |
8451 |
set_fs(get_ds()); |
8452 |
/* The cast to a user pointer is valid due to the set_fs() */ |
8453 |
@@ -49898,7 +50304,7 @@ index fa2defa..8601650 100644 |
8454 |
set_fs(old_fs); |
8455 |
|
8456 |
return res; |
8457 |
-@@ -575,7 +575,7 @@ static ssize_t kernel_write(struct file *file, const char *buf, size_t count, |
8458 |
+@@ -576,7 +576,7 @@ static ssize_t kernel_write(struct file *file, const char *buf, size_t count, |
8459 |
old_fs = get_fs(); |
8460 |
set_fs(get_ds()); |
8461 |
/* The cast to a user pointer is valid due to the set_fs() */ |
8462 |
@@ -49907,7 +50313,7 @@ index fa2defa..8601650 100644 |
8463 |
set_fs(old_fs); |
8464 |
|
8465 |
return res; |
8466 |
-@@ -626,7 +626,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, |
8467 |
+@@ -627,7 +627,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, |
8468 |
goto err; |
8469 |
|
8470 |
this_len = min_t(size_t, len, PAGE_CACHE_SIZE - offset); |
8471 |
@@ -49916,7 +50322,7 @@ index fa2defa..8601650 100644 |
8472 |
vec[i].iov_len = this_len; |
8473 |
spd.pages[i] = page; |
8474 |
spd.nr_pages++; |
8475 |
-@@ -846,10 +846,10 @@ EXPORT_SYMBOL(splice_from_pipe_feed); |
8476 |
+@@ -849,10 +849,10 @@ EXPORT_SYMBOL(splice_from_pipe_feed); |
8477 |
int splice_from_pipe_next(struct pipe_inode_info *pipe, struct splice_desc *sd) |
8478 |
{ |
8479 |
while (!pipe->nrbufs) { |
8480 |
@@ -49929,7 +50335,7 @@ index fa2defa..8601650 100644 |
8481 |
return 0; |
8482 |
|
8483 |
if (sd->flags & SPLICE_F_NONBLOCK) |
8484 |
-@@ -1182,7 +1182,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, |
8485 |
+@@ -1185,7 +1185,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, |
8486 |
* out of the pipe right after the splice_to_pipe(). So set |
8487 |
* PIPE_READERS appropriately. |
8488 |
*/ |
8489 |
@@ -49938,7 +50344,7 @@ index fa2defa..8601650 100644 |
8490 |
|
8491 |
current->splice_pipe = pipe; |
8492 |
} |
8493 |
-@@ -1734,9 +1734,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8494 |
+@@ -1737,9 +1737,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8495 |
ret = -ERESTARTSYS; |
8496 |
break; |
8497 |
} |
8498 |
@@ -49950,7 +50356,7 @@ index fa2defa..8601650 100644 |
8499 |
if (flags & SPLICE_F_NONBLOCK) { |
8500 |
ret = -EAGAIN; |
8501 |
break; |
8502 |
-@@ -1768,7 +1768,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8503 |
+@@ -1771,7 +1771,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8504 |
pipe_lock(pipe); |
8505 |
|
8506 |
while (pipe->nrbufs >= pipe->buffers) { |
8507 |
@@ -49959,7 +50365,7 @@ index fa2defa..8601650 100644 |
8508 |
send_sig(SIGPIPE, current, 0); |
8509 |
ret = -EPIPE; |
8510 |
break; |
8511 |
-@@ -1781,9 +1781,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8512 |
+@@ -1784,9 +1784,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) |
8513 |
ret = -ERESTARTSYS; |
8514 |
break; |
8515 |
} |
8516 |
@@ -49971,7 +50377,7 @@ index fa2defa..8601650 100644 |
8517 |
} |
8518 |
|
8519 |
pipe_unlock(pipe); |
8520 |
-@@ -1819,14 +1819,14 @@ retry: |
8521 |
+@@ -1822,14 +1822,14 @@ retry: |
8522 |
pipe_double_lock(ipipe, opipe); |
8523 |
|
8524 |
do { |
8525 |
@@ -49988,7 +50394,7 @@ index fa2defa..8601650 100644 |
8526 |
break; |
8527 |
|
8528 |
/* |
8529 |
-@@ -1923,7 +1923,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, |
8530 |
+@@ -1926,7 +1926,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, |
8531 |
pipe_double_lock(ipipe, opipe); |
8532 |
|
8533 |
do { |
8534 |
@@ -49997,7 +50403,7 @@ index fa2defa..8601650 100644 |
8535 |
send_sig(SIGPIPE, current, 0); |
8536 |
if (!ret) |
8537 |
ret = -EPIPE; |
8538 |
-@@ -1968,7 +1968,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, |
8539 |
+@@ -1971,7 +1971,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, |
8540 |
* return EAGAIN if we have the potential of some data in the |
8541 |
* future, otherwise just return 0 |
8542 |
*/ |
8543 |
@@ -50306,10 +50712,10 @@ index 23ce927..e274cc1 100644 |
8544 |
kfree(s); |
8545 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
8546 |
new file mode 100644 |
8547 |
-index 0000000..4089e05 |
8548 |
+index 0000000..2645296 |
8549 |
--- /dev/null |
8550 |
+++ b/grsecurity/Kconfig |
8551 |
-@@ -0,0 +1,1078 @@ |
8552 |
+@@ -0,0 +1,1079 @@ |
8553 |
+# |
8554 |
+# grecurity configuration |
8555 |
+# |
8556 |
@@ -50444,7 +50850,7 @@ index 0000000..4089e05 |
8557 |
+ select GRKERNSEC_PROC_ADD |
8558 |
+ select GRKERNSEC_CHROOT_CHMOD |
8559 |
+ select GRKERNSEC_CHROOT_NICE |
8560 |
-+ select GRKERNSEC_SETXID |
8561 |
++ select GRKERNSEC_SETXID if (X86 || SPARC64 || PPC || ARM || MIPS) |
8562 |
+ select GRKERNSEC_AUDIT_MOUNT |
8563 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
8564 |
+ select GRKERNSEC_HARDEN_PTRACE |
8565 |
@@ -51139,6 +51545,7 @@ index 0000000..4089e05 |
8566 |
+ |
8567 |
+config GRKERNSEC_SETXID |
8568 |
+ bool "Enforce consistent multithreaded privileges" |
8569 |
++ depends on (X86 || SPARC64 || PPC || ARM || MIPS) |
8570 |
+ help |
8571 |
+ If you say Y here, a change from a root uid to a non-root uid |
8572 |
+ in a multithreaded application will cause the resulting uids, |
8573 |
@@ -51434,10 +51841,10 @@ index 0000000..1b9afa9 |
8574 |
+endif |
8575 |
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c |
8576 |
new file mode 100644 |
8577 |
-index 0000000..50b4257 |
8578 |
+index 0000000..e22066e |
8579 |
--- /dev/null |
8580 |
+++ b/grsecurity/gracl.c |
8581 |
-@@ -0,0 +1,4185 @@ |
8582 |
+@@ -0,0 +1,4186 @@ |
8583 |
+#include <linux/kernel.h> |
8584 |
+#include <linux/module.h> |
8585 |
+#include <linux/sched.h> |
8586 |
@@ -55288,21 +55695,22 @@ index 0000000..50b4257 |
8587 |
+ if (unlikely(!(gr_status & GR_READY))) |
8588 |
+ return 0; |
8589 |
+#endif |
8590 |
++ if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) { |
8591 |
++ read_lock(&tasklist_lock); |
8592 |
++ while (tmp->pid > 0) { |
8593 |
++ if (tmp == curtemp) |
8594 |
++ break; |
8595 |
++ tmp = tmp->real_parent; |
8596 |
++ } |
8597 |
+ |
8598 |
-+ read_lock(&tasklist_lock); |
8599 |
-+ while (tmp->pid > 0) { |
8600 |
-+ if (tmp == curtemp) |
8601 |
-+ break; |
8602 |
-+ tmp = tmp->real_parent; |
8603 |
-+ } |
8604 |
-+ |
8605 |
-+ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
8606 |
-+ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
8607 |
++ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
8608 |
++ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
8609 |
++ read_unlock(&tasklist_lock); |
8610 |
++ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
8611 |
++ return 1; |
8612 |
++ } |
8613 |
+ read_unlock(&tasklist_lock); |
8614 |
-+ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
8615 |
-+ return 1; |
8616 |
+ } |
8617 |
-+ read_unlock(&tasklist_lock); |
8618 |
+ |
8619 |
+#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE |
8620 |
+ if (!(gr_status & GR_READY)) |
8621 |
@@ -61396,10 +61804,10 @@ index e13117c..e9fc938 100644 |
8622 |
#define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1)) |
8623 |
|
8624 |
diff --git a/include/linux/efi.h b/include/linux/efi.h |
8625 |
-index 2362a0b..cfaf8fcc 100644 |
8626 |
+index 1328d8c..2cd894c 100644 |
8627 |
--- a/include/linux/efi.h |
8628 |
+++ b/include/linux/efi.h |
8629 |
-@@ -446,7 +446,7 @@ struct efivar_operations { |
8630 |
+@@ -457,7 +457,7 @@ struct efivar_operations { |
8631 |
efi_get_variable_t *get_variable; |
8632 |
efi_get_next_variable_t *get_next_variable; |
8633 |
efi_set_variable_t *set_variable; |
8634 |
@@ -62939,7 +63347,7 @@ index b16f653..eb908f4 100644 |
8635 |
#define request_module_nowait(mod...) __request_module(false, mod) |
8636 |
#define try_then_request_module(x, mod...) \ |
8637 |
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h |
8638 |
-index d526231..c9599fc 100644 |
8639 |
+index 35410ef..9f98b23 100644 |
8640 |
--- a/include/linux/kvm_host.h |
8641 |
+++ b/include/linux/kvm_host.h |
8642 |
@@ -308,7 +308,7 @@ void kvm_vcpu_uninit(struct kvm_vcpu *vcpu); |
8643 |
@@ -62987,7 +63395,7 @@ index d526231..c9599fc 100644 |
8644 |
void kvm_arch_exit(void); |
8645 |
|
8646 |
int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); |
8647 |
-@@ -690,7 +690,7 @@ int kvm_setup_default_irq_routing(struct kvm *kvm); |
8648 |
+@@ -696,7 +696,7 @@ int kvm_setup_default_irq_routing(struct kvm *kvm); |
8649 |
int kvm_set_irq_routing(struct kvm *kvm, |
8650 |
const struct kvm_irq_routing_entry *entries, |
8651 |
unsigned nr, |
8652 |
@@ -63521,7 +63929,7 @@ index ffc0213..2c1f2cb 100644 |
8653 |
return nd->saved_names[nd->depth]; |
8654 |
} |
8655 |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
8656 |
-index a82ad4d..90d15b7 100644 |
8657 |
+index cbeb586..eba9b27 100644 |
8658 |
--- a/include/linux/netdevice.h |
8659 |
+++ b/include/linux/netdevice.h |
8660 |
@@ -949,6 +949,7 @@ struct net_device_ops { |
8661 |
@@ -63646,10 +64054,10 @@ index 8fc7dd1a..c19d89e 100644 |
8662 |
|
8663 |
/* |
8664 |
diff --git a/include/linux/pipe_fs_i.h b/include/linux/pipe_fs_i.h |
8665 |
-index 77257c9..51d473a 100644 |
8666 |
+index 0072a53..c5dcca5 100644 |
8667 |
--- a/include/linux/pipe_fs_i.h |
8668 |
+++ b/include/linux/pipe_fs_i.h |
8669 |
-@@ -46,9 +46,9 @@ struct pipe_buffer { |
8670 |
+@@ -47,9 +47,9 @@ struct pipe_buffer { |
8671 |
struct pipe_inode_info { |
8672 |
wait_queue_head_t wait; |
8673 |
unsigned int nrbufs, curbuf, buffers; |
8674 |
@@ -64223,10 +64631,10 @@ index 92808b8..c28cac4 100644 |
8675 |
|
8676 |
/* shm_mode upper byte flags */ |
8677 |
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
8678 |
-index 6cf8b53..bcce844 100644 |
8679 |
+index e689b47..3404939 100644 |
8680 |
--- a/include/linux/skbuff.h |
8681 |
+++ b/include/linux/skbuff.h |
8682 |
-@@ -642,7 +642,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) |
8683 |
+@@ -643,7 +643,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) |
8684 |
*/ |
8685 |
static inline int skb_queue_empty(const struct sk_buff_head *list) |
8686 |
{ |
8687 |
@@ -64235,7 +64643,7 @@ index 6cf8b53..bcce844 100644 |
8688 |
} |
8689 |
|
8690 |
/** |
8691 |
-@@ -655,7 +655,7 @@ static inline int skb_queue_empty(const struct sk_buff_head *list) |
8692 |
+@@ -656,7 +656,7 @@ static inline int skb_queue_empty(const struct sk_buff_head *list) |
8693 |
static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
8694 |
const struct sk_buff *skb) |
8695 |
{ |
8696 |
@@ -64244,7 +64652,7 @@ index 6cf8b53..bcce844 100644 |
8697 |
} |
8698 |
|
8699 |
/** |
8700 |
-@@ -668,7 +668,7 @@ static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
8701 |
+@@ -669,7 +669,7 @@ static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
8702 |
static inline bool skb_queue_is_first(const struct sk_buff_head *list, |
8703 |
const struct sk_buff *skb) |
8704 |
{ |
8705 |
@@ -64253,7 +64661,7 @@ index 6cf8b53..bcce844 100644 |
8706 |
} |
8707 |
|
8708 |
/** |
8709 |
-@@ -1533,7 +1533,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
8710 |
+@@ -1546,7 +1546,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
8711 |
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) |
8712 |
*/ |
8713 |
#ifndef NET_SKB_PAD |
8714 |
@@ -66500,7 +66908,7 @@ index 42e8fa0..9e7406b 100644 |
8715 |
return -ENOMEM; |
8716 |
|
8717 |
diff --git a/kernel/cred.c b/kernel/cred.c |
8718 |
-index 48c6fd3..3342f00 100644 |
8719 |
+index 48c6fd3..8398912 100644 |
8720 |
--- a/kernel/cred.c |
8721 |
+++ b/kernel/cred.c |
8722 |
@@ -204,6 +204,15 @@ void exit_creds(struct task_struct *tsk) |
8723 |
@@ -66537,7 +66945,7 @@ index 48c6fd3..3342f00 100644 |
8724 |
/* dumpability changes */ |
8725 |
if (old->euid != new->euid || |
8726 |
old->egid != new->egid || |
8727 |
-@@ -540,6 +551,92 @@ int commit_creds(struct cred *new) |
8728 |
+@@ -540,6 +551,101 @@ int commit_creds(struct cred *new) |
8729 |
put_cred(old); |
8730 |
return 0; |
8731 |
} |
8732 |
@@ -66603,6 +67011,8 @@ index 48c6fd3..3342f00 100644 |
8733 |
+int commit_creds(struct cred *new) |
8734 |
+{ |
8735 |
+#ifdef CONFIG_GRKERNSEC_SETXID |
8736 |
++ int ret; |
8737 |
++ int schedule_it = 0; |
8738 |
+ struct task_struct *t; |
8739 |
+ |
8740 |
+ /* we won't get called with tasklist_lock held for writing |
8741 |
@@ -66611,20 +67021,27 @@ index 48c6fd3..3342f00 100644 |
8742 |
+ */ |
8743 |
+ if (grsec_enable_setxid && !current_is_single_threaded() && |
8744 |
+ !current_uid() && new->uid) { |
8745 |
++ schedule_it = 1; |
8746 |
++ } |
8747 |
++ ret = __commit_creds(new); |
8748 |
++ if (schedule_it) { |
8749 |
+ rcu_read_lock(); |
8750 |
+ read_lock(&tasklist_lock); |
8751 |
+ for (t = next_thread(current); t != current; |
8752 |
+ t = next_thread(t)) { |
8753 |
+ if (t->delayed_cred == NULL) { |
8754 |
+ t->delayed_cred = get_cred(new); |
8755 |
++ set_tsk_thread_flag(t, TIF_GRSEC_SETXID); |
8756 |
+ set_tsk_need_resched(t); |
8757 |
+ } |
8758 |
+ } |
8759 |
+ read_unlock(&tasklist_lock); |
8760 |
+ rcu_read_unlock(); |
8761 |
+ } |
8762 |
-+#endif |
8763 |
++ return ret; |
8764 |
++#else |
8765 |
+ return __commit_creds(new); |
8766 |
++#endif |
8767 |
+} |
8768 |
+ |
8769 |
EXPORT_SYMBOL(commit_creds); |
8770 |
@@ -66816,7 +67233,7 @@ index 58690af..d903d75 100644 |
8771 |
|
8772 |
/* |
8773 |
diff --git a/kernel/exit.c b/kernel/exit.c |
8774 |
-index e6e01b9..0a21b0a 100644 |
8775 |
+index 5a8a66e..ded4680 100644 |
8776 |
--- a/kernel/exit.c |
8777 |
+++ b/kernel/exit.c |
8778 |
@@ -57,6 +57,10 @@ |
8779 |
@@ -66868,7 +67285,7 @@ index e6e01b9..0a21b0a 100644 |
8780 |
/* |
8781 |
* If we were started as result of loading a module, close all of the |
8782 |
* user space pages. We don't need them, and if we didn't close them |
8783 |
-@@ -893,6 +912,8 @@ NORET_TYPE void do_exit(long code) |
8784 |
+@@ -874,6 +893,8 @@ NORET_TYPE void do_exit(long code) |
8785 |
struct task_struct *tsk = current; |
8786 |
int group_dead; |
8787 |
|
8788 |
@@ -66877,7 +67294,7 @@ index e6e01b9..0a21b0a 100644 |
8789 |
profile_task_exit(tsk); |
8790 |
|
8791 |
WARN_ON(blk_needs_flush_plug(tsk)); |
8792 |
-@@ -909,7 +930,6 @@ NORET_TYPE void do_exit(long code) |
8793 |
+@@ -890,7 +911,6 @@ NORET_TYPE void do_exit(long code) |
8794 |
* mm_release()->clear_child_tid() from writing to a user-controlled |
8795 |
* kernel address. |
8796 |
*/ |
8797 |
@@ -66885,7 +67302,7 @@ index e6e01b9..0a21b0a 100644 |
8798 |
|
8799 |
ptrace_event(PTRACE_EVENT_EXIT, code); |
8800 |
|
8801 |
-@@ -971,6 +991,9 @@ NORET_TYPE void do_exit(long code) |
8802 |
+@@ -952,6 +972,9 @@ NORET_TYPE void do_exit(long code) |
8803 |
tsk->exit_code = code; |
8804 |
taskstats_exit(tsk, group_dead); |
8805 |
|
8806 |
@@ -66895,7 +67312,7 @@ index e6e01b9..0a21b0a 100644 |
8807 |
exit_mm(tsk); |
8808 |
|
8809 |
if (group_dead) |
8810 |
-@@ -1068,7 +1091,7 @@ SYSCALL_DEFINE1(exit, int, error_code) |
8811 |
+@@ -1049,7 +1072,7 @@ SYSCALL_DEFINE1(exit, int, error_code) |
8812 |
* Take down every thread in the group. This is called by fatal signals |
8813 |
* as well as by sys_exit_group (below). |
8814 |
*/ |
8815 |
@@ -69537,39 +69954,10 @@ index 3d9f31c..7fefc9e 100644 |
8816 |
|
8817 |
default: |
8818 |
diff --git a/kernel/sched.c b/kernel/sched.c |
8819 |
-index d6b149c..896cbb8 100644 |
8820 |
+index 299f55c..2b2e317 100644 |
8821 |
--- a/kernel/sched.c |
8822 |
+++ b/kernel/sched.c |
8823 |
-@@ -4389,6 +4389,19 @@ pick_next_task(struct rq *rq) |
8824 |
- BUG(); /* the idle class will always have a runnable task */ |
8825 |
- } |
8826 |
- |
8827 |
-+#ifdef CONFIG_GRKERNSEC_SETXID |
8828 |
-+extern void gr_delayed_cred_worker(void); |
8829 |
-+static inline void gr_cred_schedule(void) |
8830 |
-+{ |
8831 |
-+ if (unlikely(current->delayed_cred)) |
8832 |
-+ gr_delayed_cred_worker(); |
8833 |
-+} |
8834 |
-+#else |
8835 |
-+static inline void gr_cred_schedule(void) |
8836 |
-+{ |
8837 |
-+} |
8838 |
-+#endif |
8839 |
-+ |
8840 |
- /* |
8841 |
- * __schedule() is the main scheduler function. |
8842 |
- */ |
8843 |
-@@ -4408,6 +4421,8 @@ need_resched: |
8844 |
- |
8845 |
- schedule_debug(prev); |
8846 |
- |
8847 |
-+ gr_cred_schedule(); |
8848 |
-+ |
8849 |
- if (sched_feat(HRTICK)) |
8850 |
- hrtick_clear(rq); |
8851 |
- |
8852 |
-@@ -5098,6 +5113,8 @@ int can_nice(const struct task_struct *p, const int nice) |
8853 |
+@@ -5097,6 +5097,8 @@ int can_nice(const struct task_struct *p, const int nice) |
8854 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
8855 |
int nice_rlim = 20 - nice; |
8856 |
|
8857 |
@@ -69578,7 +69966,7 @@ index d6b149c..896cbb8 100644 |
8858 |
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || |
8859 |
capable(CAP_SYS_NICE)); |
8860 |
} |
8861 |
-@@ -5131,7 +5148,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
8862 |
+@@ -5130,7 +5132,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
8863 |
if (nice > 19) |
8864 |
nice = 19; |
8865 |
|
8866 |
@@ -69588,7 +69976,7 @@ index d6b149c..896cbb8 100644 |
8867 |
return -EPERM; |
8868 |
|
8869 |
retval = security_task_setnice(current, nice); |
8870 |
-@@ -5288,6 +5306,7 @@ recheck: |
8871 |
+@@ -5287,6 +5290,7 @@ recheck: |
8872 |
unsigned long rlim_rtprio = |
8873 |
task_rlimit(p, RLIMIT_RTPRIO); |
8874 |
|
8875 |
@@ -69632,7 +70020,7 @@ index 8a39fa3..34f3dbc 100644 |
8876 |
int this_cpu = smp_processor_id(); |
8877 |
struct rq *this_rq = cpu_rq(this_cpu); |
8878 |
diff --git a/kernel/signal.c b/kernel/signal.c |
8879 |
-index 2065515..aed2987 100644 |
8880 |
+index 08e0b97..cdf6f49 100644 |
8881 |
--- a/kernel/signal.c |
8882 |
+++ b/kernel/signal.c |
8883 |
@@ -45,12 +45,12 @@ static struct kmem_cache *sigqueue_cachep; |
8884 |
@@ -69741,7 +70129,7 @@ index 2065515..aed2987 100644 |
8885 |
|
8886 |
return ret; |
8887 |
} |
8888 |
-@@ -2754,7 +2777,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
8889 |
+@@ -2763,7 +2786,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
8890 |
int error = -ESRCH; |
8891 |
|
8892 |
rcu_read_lock(); |
8893 |
@@ -70729,7 +71117,7 @@ index fd3c8aa..5f324a6 100644 |
8894 |
} |
8895 |
entry = ring_buffer_event_data(event); |
8896 |
diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c |
8897 |
-index 5199930..26c73a0 100644 |
8898 |
+index 1dcf253..b31d45c 100644 |
8899 |
--- a/kernel/trace/trace_output.c |
8900 |
+++ b/kernel/trace/trace_output.c |
8901 |
@@ -278,7 +278,7 @@ int trace_seq_path(struct trace_seq *s, struct path *path) |
8902 |
@@ -70934,6 +71322,28 @@ index 013a761..c28f3fc 100644 |
8903 |
#define free(a) kfree(a) |
8904 |
#endif |
8905 |
|
8906 |
+diff --git a/lib/ioremap.c b/lib/ioremap.c |
8907 |
+index da4e2ad..6373b5f 100644 |
8908 |
+--- a/lib/ioremap.c |
8909 |
++++ b/lib/ioremap.c |
8910 |
+@@ -38,7 +38,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, |
8911 |
+ unsigned long next; |
8912 |
+ |
8913 |
+ phys_addr -= addr; |
8914 |
+- pmd = pmd_alloc(&init_mm, pud, addr); |
8915 |
++ pmd = pmd_alloc_kernel(&init_mm, pud, addr); |
8916 |
+ if (!pmd) |
8917 |
+ return -ENOMEM; |
8918 |
+ do { |
8919 |
+@@ -56,7 +56,7 @@ static inline int ioremap_pud_range(pgd_t *pgd, unsigned long addr, |
8920 |
+ unsigned long next; |
8921 |
+ |
8922 |
+ phys_addr -= addr; |
8923 |
+- pud = pud_alloc(&init_mm, pgd, addr); |
8924 |
++ pud = pud_alloc_kernel(&init_mm, pgd, addr); |
8925 |
+ if (!pud) |
8926 |
+ return -ENOMEM; |
8927 |
+ do { |
8928 |
diff --git a/lib/is_single_threaded.c b/lib/is_single_threaded.c |
8929 |
index bd2bea9..6b3c95e 100644 |
8930 |
--- a/lib/is_single_threaded.c |
8931 |
@@ -71500,7 +71910,7 @@ index 06d3479..0778eef 100644 |
8932 |
/* keep elevated page count for bad page */ |
8933 |
return ret; |
8934 |
diff --git a/mm/memory.c b/mm/memory.c |
8935 |
-index 1b1ca17..d49bd61 100644 |
8936 |
+index 1b1ca17..e6715dd 100644 |
8937 |
--- a/mm/memory.c |
8938 |
+++ b/mm/memory.c |
8939 |
@@ -457,8 +457,12 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, |
8940 |
@@ -71627,7 +72037,29 @@ index 1b1ca17..d49bd61 100644 |
8941 |
|
8942 |
if (addr < vma->vm_start || addr >= vma->vm_end) |
8943 |
return -EFAULT; |
8944 |
-@@ -2453,6 +2466,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
8945 |
+@@ -2345,7 +2358,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
8946 |
+ |
8947 |
+ BUG_ON(pud_huge(*pud)); |
8948 |
+ |
8949 |
+- pmd = pmd_alloc(mm, pud, addr); |
8950 |
++ pmd = (mm == &init_mm) ? |
8951 |
++ pmd_alloc_kernel(mm, pud, addr) : |
8952 |
++ pmd_alloc(mm, pud, addr); |
8953 |
+ if (!pmd) |
8954 |
+ return -ENOMEM; |
8955 |
+ do { |
8956 |
+@@ -2365,7 +2380,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
8957 |
+ unsigned long next; |
8958 |
+ int err; |
8959 |
+ |
8960 |
+- pud = pud_alloc(mm, pgd, addr); |
8961 |
++ pud = (mm == &init_mm) ? |
8962 |
++ pud_alloc_kernel(mm, pgd, addr) : |
8963 |
++ pud_alloc(mm, pgd, addr); |
8964 |
+ if (!pud) |
8965 |
+ return -ENOMEM; |
8966 |
+ do { |
8967 |
+@@ -2453,6 +2470,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
8968 |
copy_user_highpage(dst, src, va, vma); |
8969 |
} |
8970 |
|
8971 |
@@ -71814,7 +72246,7 @@ index 1b1ca17..d49bd61 100644 |
8972 |
/* |
8973 |
* This routine handles present pages, when users try to write |
8974 |
* to a shared page. It is done by copying the page to a new address |
8975 |
-@@ -2664,6 +2857,12 @@ gotten: |
8976 |
+@@ -2664,6 +2861,12 @@ gotten: |
8977 |
*/ |
8978 |
page_table = pte_offset_map_lock(mm, pmd, address, &ptl); |
8979 |
if (likely(pte_same(*page_table, orig_pte))) { |
8980 |
@@ -71827,7 +72259,7 @@ index 1b1ca17..d49bd61 100644 |
8981 |
if (old_page) { |
8982 |
if (!PageAnon(old_page)) { |
8983 |
dec_mm_counter_fast(mm, MM_FILEPAGES); |
8984 |
-@@ -2715,6 +2914,10 @@ gotten: |
8985 |
+@@ -2715,6 +2918,10 @@ gotten: |
8986 |
page_remove_rmap(old_page); |
8987 |
} |
8988 |
|
8989 |
@@ -71838,7 +72270,7 @@ index 1b1ca17..d49bd61 100644 |
8990 |
/* Free the old page.. */ |
8991 |
new_page = old_page; |
8992 |
ret |= VM_FAULT_WRITE; |
8993 |
-@@ -2994,6 +3197,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
8994 |
+@@ -2994,6 +3201,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
8995 |
swap_free(entry); |
8996 |
if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) |
8997 |
try_to_free_swap(page); |
8998 |
@@ -71850,7 +72282,7 @@ index 1b1ca17..d49bd61 100644 |
8999 |
unlock_page(page); |
9000 |
if (swapcache) { |
9001 |
/* |
9002 |
-@@ -3017,6 +3225,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9003 |
+@@ -3017,6 +3229,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9004 |
|
9005 |
/* No need to invalidate - it was non-present before */ |
9006 |
update_mmu_cache(vma, address, page_table); |
9007 |
@@ -71862,7 +72294,7 @@ index 1b1ca17..d49bd61 100644 |
9008 |
unlock: |
9009 |
pte_unmap_unlock(page_table, ptl); |
9010 |
out: |
9011 |
-@@ -3036,40 +3249,6 @@ out_release: |
9012 |
+@@ -3036,40 +3253,6 @@ out_release: |
9013 |
} |
9014 |
|
9015 |
/* |
9016 |
@@ -71903,7 +72335,7 @@ index 1b1ca17..d49bd61 100644 |
9017 |
* We enter with non-exclusive mmap_sem (to exclude vma changes, |
9018 |
* but allow concurrent faults), and pte mapped but not yet locked. |
9019 |
* We return with mmap_sem still held, but pte unmapped and unlocked. |
9020 |
-@@ -3078,27 +3257,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9021 |
+@@ -3078,27 +3261,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9022 |
unsigned long address, pte_t *page_table, pmd_t *pmd, |
9023 |
unsigned int flags) |
9024 |
{ |
9025 |
@@ -71936,7 +72368,7 @@ index 1b1ca17..d49bd61 100644 |
9026 |
if (unlikely(anon_vma_prepare(vma))) |
9027 |
goto oom; |
9028 |
page = alloc_zeroed_user_highpage_movable(vma, address); |
9029 |
-@@ -3117,6 +3292,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9030 |
+@@ -3117,6 +3296,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
9031 |
if (!pte_none(*page_table)) |
9032 |
goto release; |
9033 |
|
9034 |
@@ -71948,7 +72380,7 @@ index 1b1ca17..d49bd61 100644 |
9035 |
inc_mm_counter_fast(mm, MM_ANONPAGES); |
9036 |
page_add_new_anon_rmap(page, vma, address); |
9037 |
setpte: |
9038 |
-@@ -3124,6 +3304,12 @@ setpte: |
9039 |
+@@ -3124,6 +3308,12 @@ setpte: |
9040 |
|
9041 |
/* No need to invalidate - it was non-present before */ |
9042 |
update_mmu_cache(vma, address, page_table); |
9043 |
@@ -71961,7 +72393,7 @@ index 1b1ca17..d49bd61 100644 |
9044 |
unlock: |
9045 |
pte_unmap_unlock(page_table, ptl); |
9046 |
return 0; |
9047 |
-@@ -3267,6 +3453,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9048 |
+@@ -3267,6 +3457,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9049 |
*/ |
9050 |
/* Only go through if we didn't race with anybody else... */ |
9051 |
if (likely(pte_same(*page_table, orig_pte))) { |
9052 |
@@ -71974,7 +72406,7 @@ index 1b1ca17..d49bd61 100644 |
9053 |
flush_icache_page(vma, page); |
9054 |
entry = mk_pte(page, vma->vm_page_prot); |
9055 |
if (flags & FAULT_FLAG_WRITE) |
9056 |
-@@ -3286,6 +3478,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9057 |
+@@ -3286,6 +3482,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9058 |
|
9059 |
/* no need to invalidate: a not-present page won't be cached */ |
9060 |
update_mmu_cache(vma, address, page_table); |
9061 |
@@ -71989,7 +72421,7 @@ index 1b1ca17..d49bd61 100644 |
9062 |
} else { |
9063 |
if (cow_page) |
9064 |
mem_cgroup_uncharge_page(cow_page); |
9065 |
-@@ -3439,6 +3639,12 @@ int handle_pte_fault(struct mm_struct *mm, |
9066 |
+@@ -3439,6 +3643,12 @@ int handle_pte_fault(struct mm_struct *mm, |
9067 |
if (flags & FAULT_FLAG_WRITE) |
9068 |
flush_tlb_fix_spurious_fault(vma, address); |
9069 |
} |
9070 |
@@ -72002,7 +72434,7 @@ index 1b1ca17..d49bd61 100644 |
9071 |
unlock: |
9072 |
pte_unmap_unlock(pte, ptl); |
9073 |
return 0; |
9074 |
-@@ -3455,6 +3661,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9075 |
+@@ -3455,6 +3665,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9076 |
pmd_t *pmd; |
9077 |
pte_t *pte; |
9078 |
|
9079 |
@@ -72013,7 +72445,7 @@ index 1b1ca17..d49bd61 100644 |
9080 |
__set_current_state(TASK_RUNNING); |
9081 |
|
9082 |
count_vm_event(PGFAULT); |
9083 |
-@@ -3466,6 +3676,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9084 |
+@@ -3466,6 +3680,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9085 |
if (unlikely(is_vm_hugetlb_page(vma))) |
9086 |
return hugetlb_fault(mm, vma, address, flags); |
9087 |
|
9088 |
@@ -72048,7 +72480,7 @@ index 1b1ca17..d49bd61 100644 |
9089 |
pgd = pgd_offset(mm, address); |
9090 |
pud = pud_alloc(mm, pgd, address); |
9091 |
if (!pud) |
9092 |
-@@ -3495,7 +3733,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9093 |
+@@ -3495,7 +3737,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
9094 |
* run pte_offset_map on the pmd, if an huge pmd could |
9095 |
* materialize from under us from a different thread. |
9096 |
*/ |
9097 |
@@ -72057,7 +72489,7 @@ index 1b1ca17..d49bd61 100644 |
9098 |
return VM_FAULT_OOM; |
9099 |
/* if an huge pmd materialized from under us just retry later */ |
9100 |
if (unlikely(pmd_trans_huge(*pmd))) |
9101 |
-@@ -3532,6 +3770,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
9102 |
+@@ -3532,6 +3774,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
9103 |
spin_unlock(&mm->page_table_lock); |
9104 |
return 0; |
9105 |
} |
9106 |
@@ -72081,7 +72513,7 @@ index 1b1ca17..d49bd61 100644 |
9107 |
#endif /* __PAGETABLE_PUD_FOLDED */ |
9108 |
|
9109 |
#ifndef __PAGETABLE_PMD_FOLDED |
9110 |
-@@ -3562,6 +3817,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
9111 |
+@@ -3562,6 +3821,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
9112 |
spin_unlock(&mm->page_table_lock); |
9113 |
return 0; |
9114 |
} |
9115 |
@@ -72112,7 +72544,7 @@ index 1b1ca17..d49bd61 100644 |
9116 |
#endif /* __PAGETABLE_PMD_FOLDED */ |
9117 |
|
9118 |
int make_pages_present(unsigned long addr, unsigned long end) |
9119 |
-@@ -3599,7 +3878,7 @@ static int __init gate_vma_init(void) |
9120 |
+@@ -3599,7 +3882,7 @@ static int __init gate_vma_init(void) |
9121 |
gate_vma.vm_start = FIXADDR_USER_START; |
9122 |
gate_vma.vm_end = FIXADDR_USER_END; |
9123 |
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; |
9124 |
@@ -75714,10 +76146,10 @@ index 17b5b1c..826d872 100644 |
9125 |
} |
9126 |
} |
9127 |
diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c |
9128 |
-index 8eb6b15..e3db7ab 100644 |
9129 |
+index 5ac1811..7eb2320 100644 |
9130 |
--- a/net/bridge/br_multicast.c |
9131 |
+++ b/net/bridge/br_multicast.c |
9132 |
-@@ -1488,7 +1488,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br, |
9133 |
+@@ -1408,7 +1408,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br, |
9134 |
nexthdr = ip6h->nexthdr; |
9135 |
offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr); |
9136 |
|
9137 |
@@ -76073,7 +76505,7 @@ index 68bbf9f..5ef0d12 100644 |
9138 |
|
9139 |
return err; |
9140 |
diff --git a/net/core/dev.c b/net/core/dev.c |
9141 |
-index 55cd370..672cffa 100644 |
9142 |
+index cd5050e..b1b4530 100644 |
9143 |
--- a/net/core/dev.c |
9144 |
+++ b/net/core/dev.c |
9145 |
@@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name) |
9146 |
@@ -76154,7 +76586,7 @@ index 55cd370..672cffa 100644 |
9147 |
{ |
9148 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
9149 |
unsigned long time_limit = jiffies + 2; |
9150 |
-@@ -5956,7 +5960,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
9151 |
+@@ -5924,7 +5928,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
9152 |
} else { |
9153 |
netdev_stats_to_stats64(storage, &dev->stats); |
9154 |
} |
9155 |
@@ -76278,28 +76710,6 @@ index ff52ad0..aff1c0f 100644 |
9156 |
i++, cmfptr++) |
9157 |
{ |
9158 |
int new_fd; |
9159 |
-diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
9160 |
-index 3c30ee4..29cb392 100644 |
9161 |
---- a/net/core/skbuff.c |
9162 |
-+++ b/net/core/skbuff.c |
9163 |
-@@ -3111,6 +3111,8 @@ static void sock_rmem_free(struct sk_buff *skb) |
9164 |
- */ |
9165 |
- int sock_queue_err_skb(struct sock *sk, struct sk_buff *skb) |
9166 |
- { |
9167 |
-+ int len = skb->len; |
9168 |
-+ |
9169 |
- if (atomic_read(&sk->sk_rmem_alloc) + skb->truesize >= |
9170 |
- (unsigned)sk->sk_rcvbuf) |
9171 |
- return -ENOMEM; |
9172 |
-@@ -3125,7 +3127,7 @@ int sock_queue_err_skb(struct sock *sk, struct sk_buff *skb) |
9173 |
- |
9174 |
- skb_queue_tail(&sk->sk_error_queue, skb); |
9175 |
- if (!sock_flag(sk, SOCK_DEAD)) |
9176 |
-- sk->sk_data_ready(sk, skb->len); |
9177 |
-+ sk->sk_data_ready(sk, len); |
9178 |
- return 0; |
9179 |
- } |
9180 |
- EXPORT_SYMBOL(sock_queue_err_skb); |
9181 |
diff --git a/net/core/sock.c b/net/core/sock.c |
9182 |
index b23f174..b9a0d26 100644 |
9183 |
--- a/net/core/sock.c |
9184 |
@@ -77312,7 +77722,7 @@ index 361ebf3..d5628fb 100644 |
9185 |
|
9186 |
static int raw6_seq_show(struct seq_file *seq, void *v) |
9187 |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
9188 |
-index b859e4a..f9d1589 100644 |
9189 |
+index 4a56574..9745b8a 100644 |
9190 |
--- a/net/ipv6/tcp_ipv6.c |
9191 |
+++ b/net/ipv6/tcp_ipv6.c |
9192 |
@@ -93,6 +93,10 @@ static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, |
9193 |
@@ -77326,7 +77736,7 @@ index b859e4a..f9d1589 100644 |
9194 |
static void tcp_v6_hash(struct sock *sk) |
9195 |
{ |
9196 |
if (sk->sk_state != TCP_CLOSE) { |
9197 |
-@@ -1651,6 +1655,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) |
9198 |
+@@ -1655,6 +1659,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) |
9199 |
return 0; |
9200 |
|
9201 |
reset: |
9202 |
@@ -77336,7 +77746,7 @@ index b859e4a..f9d1589 100644 |
9203 |
tcp_v6_send_reset(sk, skb); |
9204 |
discard: |
9205 |
if (opt_skb) |
9206 |
-@@ -1730,12 +1737,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) |
9207 |
+@@ -1734,12 +1741,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) |
9208 |
TCP_SKB_CB(skb)->sacked = 0; |
9209 |
|
9210 |
sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); |
9211 |
@@ -77359,7 +77769,7 @@ index b859e4a..f9d1589 100644 |
9212 |
|
9213 |
if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { |
9214 |
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); |
9215 |
-@@ -1783,6 +1798,10 @@ no_tcp_socket: |
9216 |
+@@ -1787,6 +1802,10 @@ no_tcp_socket: |
9217 |
bad_packet: |
9218 |
TCP_INC_STATS_BH(net, TCP_MIB_INERRS); |
9219 |
} else { |
9220 |
@@ -77370,7 +77780,7 @@ index b859e4a..f9d1589 100644 |
9221 |
tcp_v6_send_reset(NULL, skb); |
9222 |
} |
9223 |
|
9224 |
-@@ -2043,7 +2062,13 @@ static void get_openreq6(struct seq_file *seq, |
9225 |
+@@ -2047,7 +2066,13 @@ static void get_openreq6(struct seq_file *seq, |
9226 |
uid, |
9227 |
0, /* non standard timer */ |
9228 |
0, /* open_requests have no inode */ |
9229 |
@@ -77385,7 +77795,7 @@ index b859e4a..f9d1589 100644 |
9230 |
} |
9231 |
|
9232 |
static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) |
9233 |
-@@ -2093,7 +2118,12 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) |
9234 |
+@@ -2097,7 +2122,12 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) |
9235 |
sock_i_uid(sp), |
9236 |
icsk->icsk_probes_out, |
9237 |
sock_i_ino(sp), |
9238 |
@@ -77399,7 +77809,7 @@ index b859e4a..f9d1589 100644 |
9239 |
jiffies_to_clock_t(icsk->icsk_rto), |
9240 |
jiffies_to_clock_t(icsk->icsk_ack.ato), |
9241 |
(icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, |
9242 |
-@@ -2128,7 +2158,13 @@ static void get_timewait6_sock(struct seq_file *seq, |
9243 |
+@@ -2132,7 +2162,13 @@ static void get_timewait6_sock(struct seq_file *seq, |
9244 |
dest->s6_addr32[2], dest->s6_addr32[3], destp, |
9245 |
tw->tw_substate, 0, 0, |
9246 |
3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, |
9247 |
@@ -78097,7 +78507,7 @@ index 4fe4fb4..87a89e5 100644 |
9248 |
return 0; |
9249 |
} |
9250 |
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
9251 |
-index 1201b6d..bcff8c6 100644 |
9252 |
+index a99fb41..740c2a4 100644 |
9253 |
--- a/net/netlink/af_netlink.c |
9254 |
+++ b/net/netlink/af_netlink.c |
9255 |
@@ -742,7 +742,7 @@ static void netlink_overrun(struct sock *sk) |
9256 |
@@ -78109,7 +78519,7 @@ index 1201b6d..bcff8c6 100644 |
9257 |
} |
9258 |
|
9259 |
static struct sock *netlink_getsockbypid(struct sock *ssk, u32 pid) |
9260 |
-@@ -1999,7 +1999,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) |
9261 |
+@@ -2001,7 +2001,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) |
9262 |
sk_wmem_alloc_get(s), |
9263 |
nlk->cb, |
9264 |
atomic_read(&s->sk_refcnt), |
9265 |
@@ -78201,7 +78611,7 @@ index d65f699..05aa6ce 100644 |
9266 |
|
9267 |
err = proto_register(pp->prot, 1); |
9268 |
diff --git a/net/phonet/pep.c b/net/phonet/pep.c |
9269 |
-index 2ba6e9f..409573f 100644 |
9270 |
+index 007546d..9a8e5c6 100644 |
9271 |
--- a/net/phonet/pep.c |
9272 |
+++ b/net/phonet/pep.c |
9273 |
@@ -388,7 +388,7 @@ static int pipe_do_rcv(struct sock *sk, struct sk_buff *skb) |
9274 |
@@ -78679,10 +79089,10 @@ index 1e2eee8..ce3967e 100644 |
9275 |
assoc->assoc_id, |
9276 |
assoc->sndbuf_used, |
9277 |
diff --git a/net/sctp/socket.c b/net/sctp/socket.c |
9278 |
-index 54a7cd2..944edae 100644 |
9279 |
+index 0075554..42d36a1 100644 |
9280 |
--- a/net/sctp/socket.c |
9281 |
+++ b/net/sctp/socket.c |
9282 |
-@@ -4574,7 +4574,7 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, |
9283 |
+@@ -4575,7 +4575,7 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, |
9284 |
addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len; |
9285 |
if (space_left < addrlen) |
9286 |
return -ENOMEM; |
9287 |
@@ -78692,7 +79102,7 @@ index 54a7cd2..944edae 100644 |
9288 |
to += addrlen; |
9289 |
cnt++; |
9290 |
diff --git a/net/socket.c b/net/socket.c |
9291 |
-index 2dce67a..1e91168 100644 |
9292 |
+index 273cbce..fd1e8ff 100644 |
9293 |
--- a/net/socket.c |
9294 |
+++ b/net/socket.c |
9295 |
@@ -88,6 +88,7 @@ |
9296 |
@@ -79535,7 +79945,7 @@ index 0000000..8729101 |
9297 |
+#!/bin/sh |
9298 |
+echo -e "#include \"gcc-plugin.h\"\n#include \"tree.h\"\n#include \"tm.h\"\n#include \"rtl.h\"" | $1 -x c -shared - -o /dev/null -I`$2 -print-file-name=plugin`/include >/dev/null 2>&1 && echo "y" |
9299 |
diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c |
9300 |
-index f936d1f..a66d95f 100644 |
9301 |
+index d1d0ae8..6b73b2a 100644 |
9302 |
--- a/scripts/mod/file2alias.c |
9303 |
+++ b/scripts/mod/file2alias.c |
9304 |
@@ -72,7 +72,7 @@ static void device_id_check(const char *modname, const char *device_id, |
9305 |
@@ -87078,21 +87488,6 @@ index 0000000..b87ec9d |
9306 |
+ |
9307 |
+ return 0; |
9308 |
+} |
9309 |
-diff --git a/tools/perf/util/hist.c b/tools/perf/util/hist.c |
9310 |
-index adb372d..e0a0970 100644 |
9311 |
---- a/tools/perf/util/hist.c |
9312 |
-+++ b/tools/perf/util/hist.c |
9313 |
-@@ -237,8 +237,8 @@ struct hist_entry *__hists__add_entry(struct hists *hists, |
9314 |
- * mis-adjust symbol addresses when computing |
9315 |
- * the history counter to increment. |
9316 |
- */ |
9317 |
-- if (he->ms.map != entry->ms.map) { |
9318 |
-- he->ms.map = entry->ms.map; |
9319 |
-+ if (he->ms.map != entry.ms.map) { |
9320 |
-+ he->ms.map = entry.ms.map; |
9321 |
- if (he->ms.map) |
9322 |
- he->ms.map->referenced = true; |
9323 |
- } |
9324 |
diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h |
9325 |
index 6789d78..4afd019 100644 |
9326 |
--- a/tools/perf/util/include/asm/alternative-asm.h |
9327 |
@@ -87132,7 +87527,7 @@ index af0f22f..9a7d479 100644 |
9328 |
break; |
9329 |
} |
9330 |
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
9331 |
-index d9cfb78..4f27c10 100644 |
9332 |
+index e401c1b..8d4d5fa 100644 |
9333 |
--- a/virt/kvm/kvm_main.c |
9334 |
+++ b/virt/kvm/kvm_main.c |
9335 |
@@ -75,7 +75,7 @@ LIST_HEAD(vm_list); |
9336 |
@@ -87144,7 +87539,7 @@ index d9cfb78..4f27c10 100644 |
9337 |
|
9338 |
struct kmem_cache *kvm_vcpu_cache; |
9339 |
EXPORT_SYMBOL_GPL(kvm_vcpu_cache); |
9340 |
-@@ -2268,7 +2268,7 @@ static void hardware_enable_nolock(void *junk) |
9341 |
+@@ -2269,7 +2269,7 @@ static void hardware_enable_nolock(void *junk) |
9342 |
|
9343 |
if (r) { |
9344 |
cpumask_clear_cpu(cpu, cpus_hardware_enabled); |
9345 |
@@ -87153,7 +87548,7 @@ index d9cfb78..4f27c10 100644 |
9346 |
printk(KERN_INFO "kvm: enabling virtualization on " |
9347 |
"CPU%d failed\n", cpu); |
9348 |
} |
9349 |
-@@ -2322,10 +2322,10 @@ static int hardware_enable_all(void) |
9350 |
+@@ -2323,10 +2323,10 @@ static int hardware_enable_all(void) |
9351 |
|
9352 |
kvm_usage_count++; |
9353 |
if (kvm_usage_count == 1) { |
9354 |
@@ -87166,7 +87561,7 @@ index d9cfb78..4f27c10 100644 |
9355 |
hardware_disable_all_nolock(); |
9356 |
r = -EBUSY; |
9357 |
} |
9358 |
-@@ -2676,7 +2676,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
9359 |
+@@ -2677,7 +2677,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
9360 |
kvm_arch_vcpu_put(vcpu); |
9361 |
} |
9362 |
|
9363 |
@@ -87175,7 +87570,7 @@ index d9cfb78..4f27c10 100644 |
9364 |
struct module *module) |
9365 |
{ |
9366 |
int r; |
9367 |
-@@ -2739,7 +2739,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
9368 |
+@@ -2740,7 +2740,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
9369 |
if (!vcpu_align) |
9370 |
vcpu_align = __alignof__(struct kvm_vcpu); |
9371 |
kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, |
9372 |
@@ -87184,7 +87579,7 @@ index d9cfb78..4f27c10 100644 |
9373 |
if (!kvm_vcpu_cache) { |
9374 |
r = -ENOMEM; |
9375 |
goto out_free_3; |
9376 |
-@@ -2749,9 +2749,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
9377 |
+@@ -2750,9 +2750,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
9378 |
if (r) |
9379 |
goto out_free; |
9380 |
|
9381 |
|
9382 |
diff --git a/3.2.16/4430_grsec-remove-localversion-grsec.patch b/3.2.17/4430_grsec-remove-localversion-grsec.patch |
9383 |
similarity index 100% |
9384 |
rename from 3.2.16/4430_grsec-remove-localversion-grsec.patch |
9385 |
rename to 3.2.17/4430_grsec-remove-localversion-grsec.patch |
9386 |
|
9387 |
diff --git a/3.2.16/4435_grsec-mute-warnings.patch b/3.2.17/4435_grsec-mute-warnings.patch |
9388 |
similarity index 100% |
9389 |
rename from 3.2.16/4435_grsec-mute-warnings.patch |
9390 |
rename to 3.2.17/4435_grsec-mute-warnings.patch |
9391 |
|
9392 |
diff --git a/3.2.16/4440_grsec-remove-protected-paths.patch b/3.2.17/4440_grsec-remove-protected-paths.patch |
9393 |
similarity index 100% |
9394 |
rename from 3.2.16/4440_grsec-remove-protected-paths.patch |
9395 |
rename to 3.2.17/4440_grsec-remove-protected-paths.patch |
9396 |
|
9397 |
diff --git a/3.2.16/4445_grsec-pax-without-grsec.patch b/3.2.17/4445_grsec-pax-without-grsec.patch |
9398 |
similarity index 100% |
9399 |
rename from 3.2.16/4445_grsec-pax-without-grsec.patch |
9400 |
rename to 3.2.17/4445_grsec-pax-without-grsec.patch |
9401 |
|
9402 |
diff --git a/3.2.16/4450_grsec-kconfig-default-gids.patch b/3.2.17/4450_grsec-kconfig-default-gids.patch |
9403 |
similarity index 100% |
9404 |
rename from 3.2.16/4450_grsec-kconfig-default-gids.patch |
9405 |
rename to 3.2.17/4450_grsec-kconfig-default-gids.patch |
9406 |
|
9407 |
diff --git a/3.2.16/4455_grsec-kconfig-gentoo.patch b/3.2.17/4455_grsec-kconfig-gentoo.patch |
9408 |
similarity index 100% |
9409 |
rename from 3.2.16/4455_grsec-kconfig-gentoo.patch |
9410 |
rename to 3.2.17/4455_grsec-kconfig-gentoo.patch |
9411 |
|
9412 |
diff --git a/3.2.16/4460-grsec-kconfig-proc-user.patch b/3.2.17/4460-grsec-kconfig-proc-user.patch |
9413 |
similarity index 100% |
9414 |
rename from 3.2.16/4460-grsec-kconfig-proc-user.patch |
9415 |
rename to 3.2.17/4460-grsec-kconfig-proc-user.patch |
9416 |
|
9417 |
diff --git a/3.2.16/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.17/4465_selinux-avc_audit-log-curr_ip.patch |
9418 |
similarity index 100% |
9419 |
rename from 3.2.16/4465_selinux-avc_audit-log-curr_ip.patch |
9420 |
rename to 3.2.17/4465_selinux-avc_audit-log-curr_ip.patch |
9421 |
|
9422 |
diff --git a/3.2.16/4470_disable-compat_vdso.patch b/3.2.17/4470_disable-compat_vdso.patch |
9423 |
similarity index 100% |
9424 |
rename from 3.2.16/4470_disable-compat_vdso.patch |
9425 |
rename to 3.2.17/4470_disable-compat_vdso.patch |
9426 |
|
9427 |
diff --git a/3.3.5/1004_linux-3.3.5.patch b/3.3.5/1004_linux-3.3.5.patch |
9428 |
deleted file mode 100644 |
9429 |
index a1fa635..0000000 |
9430 |
--- a/3.3.5/1004_linux-3.3.5.patch |
9431 |
+++ /dev/null |
9432 |
@@ -1,3285 +0,0 @@ |
9433 |
-diff --git a/Makefile b/Makefile |
9434 |
-index 44ef766..64615e9 100644 |
9435 |
---- a/Makefile |
9436 |
-+++ b/Makefile |
9437 |
-@@ -1,6 +1,6 @@ |
9438 |
- VERSION = 3 |
9439 |
- PATCHLEVEL = 3 |
9440 |
--SUBLEVEL = 4 |
9441 |
-+SUBLEVEL = 5 |
9442 |
- EXTRAVERSION = |
9443 |
- NAME = Saber-toothed Squirrel |
9444 |
- |
9445 |
-diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig |
9446 |
-index dfb0312..dedb885 100644 |
9447 |
---- a/arch/arm/Kconfig |
9448 |
-+++ b/arch/arm/Kconfig |
9449 |
-@@ -1163,6 +1163,15 @@ if !MMU |
9450 |
- source "arch/arm/Kconfig-nommu" |
9451 |
- endif |
9452 |
- |
9453 |
-+config ARM_ERRATA_326103 |
9454 |
-+ bool "ARM errata: FSR write bit incorrect on a SWP to read-only memory" |
9455 |
-+ depends on CPU_V6 |
9456 |
-+ help |
9457 |
-+ Executing a SWP instruction to read-only memory does not set bit 11 |
9458 |
-+ of the FSR on the ARM 1136 prior to r1p0. This causes the kernel to |
9459 |
-+ treat the access as a read, preventing a COW from occurring and |
9460 |
-+ causing the faulting task to livelock. |
9461 |
-+ |
9462 |
- config ARM_ERRATA_411920 |
9463 |
- bool "ARM errata: Invalidation of the Instruction Cache operation can fail" |
9464 |
- depends on CPU_V6 || CPU_V6K |
9465 |
-diff --git a/arch/arm/include/asm/tls.h b/arch/arm/include/asm/tls.h |
9466 |
-index 60843eb..73409e6 100644 |
9467 |
---- a/arch/arm/include/asm/tls.h |
9468 |
-+++ b/arch/arm/include/asm/tls.h |
9469 |
-@@ -7,6 +7,8 @@ |
9470 |
- |
9471 |
- .macro set_tls_v6k, tp, tmp1, tmp2 |
9472 |
- mcr p15, 0, \tp, c13, c0, 3 @ set TLS register |
9473 |
-+ mov \tmp1, #0 |
9474 |
-+ mcr p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register |
9475 |
- .endm |
9476 |
- |
9477 |
- .macro set_tls_v6, tp, tmp1, tmp2 |
9478 |
-@@ -15,6 +17,8 @@ |
9479 |
- mov \tmp2, #0xffff0fff |
9480 |
- tst \tmp1, #HWCAP_TLS @ hardware TLS available? |
9481 |
- mcrne p15, 0, \tp, c13, c0, 3 @ yes, set TLS register |
9482 |
-+ movne \tmp1, #0 |
9483 |
-+ mcrne p15, 0, \tmp1, c13, c0, 2 @ clear user r/w TLS register |
9484 |
- streq \tp, [\tmp2, #-15] @ set TLS value at 0xffff0ff0 |
9485 |
- .endm |
9486 |
- |
9487 |
-diff --git a/arch/arm/kernel/irq.c b/arch/arm/kernel/irq.c |
9488 |
-index 3efd82c..87c8be5 100644 |
9489 |
---- a/arch/arm/kernel/irq.c |
9490 |
-+++ b/arch/arm/kernel/irq.c |
9491 |
-@@ -156,10 +156,10 @@ static bool migrate_one_irq(struct irq_desc *desc) |
9492 |
- } |
9493 |
- |
9494 |
- c = irq_data_get_irq_chip(d); |
9495 |
-- if (c->irq_set_affinity) |
9496 |
-- c->irq_set_affinity(d, affinity, true); |
9497 |
-- else |
9498 |
-+ if (!c->irq_set_affinity) |
9499 |
- pr_debug("IRQ%u: unable to set affinity\n", d->irq); |
9500 |
-+ else if (c->irq_set_affinity(d, affinity, true) == IRQ_SET_MASK_OK && ret) |
9501 |
-+ cpumask_copy(d->affinity, affinity); |
9502 |
- |
9503 |
- return ret; |
9504 |
- } |
9505 |
-diff --git a/arch/arm/mm/abort-ev6.S b/arch/arm/mm/abort-ev6.S |
9506 |
-index ff1f7cc..8074199 100644 |
9507 |
---- a/arch/arm/mm/abort-ev6.S |
9508 |
-+++ b/arch/arm/mm/abort-ev6.S |
9509 |
-@@ -26,18 +26,23 @@ ENTRY(v6_early_abort) |
9510 |
- mrc p15, 0, r1, c5, c0, 0 @ get FSR |
9511 |
- mrc p15, 0, r0, c6, c0, 0 @ get FAR |
9512 |
- /* |
9513 |
-- * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR (erratum 326103). |
9514 |
-- * The test below covers all the write situations, including Java bytecodes |
9515 |
-+ * Faulty SWP instruction on 1136 doesn't set bit 11 in DFSR. |
9516 |
- */ |
9517 |
-- bic r1, r1, #1 << 11 @ clear bit 11 of FSR |
9518 |
-+#ifdef CONFIG_ARM_ERRATA_326103 |
9519 |
-+ ldr ip, =0x4107b36 |
9520 |
-+ mrc p15, 0, r3, c0, c0, 0 @ get processor id |
9521 |
-+ teq ip, r3, lsr #4 @ r0 ARM1136? |
9522 |
-+ bne do_DataAbort |
9523 |
- tst r5, #PSR_J_BIT @ Java? |
9524 |
-+ tsteq r5, #PSR_T_BIT @ Thumb? |
9525 |
- bne do_DataAbort |
9526 |
-- do_thumb_abort fsr=r1, pc=r4, psr=r5, tmp=r3 |
9527 |
-- ldreq r3, [r4] @ read aborted ARM instruction |
9528 |
-+ bic r1, r1, #1 << 11 @ clear bit 11 of FSR |
9529 |
-+ ldr r3, [r4] @ read aborted ARM instruction |
9530 |
- #ifdef CONFIG_CPU_ENDIAN_BE8 |
9531 |
-- reveq r3, r3 |
9532 |
-+ rev r3, r3 |
9533 |
- #endif |
9534 |
- do_ldrd_abort tmp=ip, insn=r3 |
9535 |
- tst r3, #1 << 20 @ L = 0 -> write |
9536 |
- orreq r1, r1, #1 << 11 @ yes. |
9537 |
-+#endif |
9538 |
- b do_DataAbort |
9539 |
-diff --git a/arch/mips/ath79/dev-wmac.c b/arch/mips/ath79/dev-wmac.c |
9540 |
-index e215070..9c717bf 100644 |
9541 |
---- a/arch/mips/ath79/dev-wmac.c |
9542 |
-+++ b/arch/mips/ath79/dev-wmac.c |
9543 |
-@@ -58,8 +58,8 @@ static void __init ar913x_wmac_setup(void) |
9544 |
- |
9545 |
- static int ar933x_wmac_reset(void) |
9546 |
- { |
9547 |
-- ath79_device_reset_clear(AR933X_RESET_WMAC); |
9548 |
- ath79_device_reset_set(AR933X_RESET_WMAC); |
9549 |
-+ ath79_device_reset_clear(AR933X_RESET_WMAC); |
9550 |
- |
9551 |
- return 0; |
9552 |
- } |
9553 |
-diff --git a/arch/powerpc/platforms/85xx/common.c b/arch/powerpc/platforms/85xx/common.c |
9554 |
-index 9fef530..67dac22 100644 |
9555 |
---- a/arch/powerpc/platforms/85xx/common.c |
9556 |
-+++ b/arch/powerpc/platforms/85xx/common.c |
9557 |
-@@ -21,6 +21,12 @@ static struct of_device_id __initdata mpc85xx_common_ids[] = { |
9558 |
- { .compatible = "fsl,qe", }, |
9559 |
- { .compatible = "fsl,cpm2", }, |
9560 |
- { .compatible = "fsl,srio", }, |
9561 |
-+ /* So that the DMA channel nodes can be probed individually: */ |
9562 |
-+ { .compatible = "fsl,eloplus-dma", }, |
9563 |
-+ /* For the PMC driver */ |
9564 |
-+ { .compatible = "fsl,mpc8548-guts", }, |
9565 |
-+ /* Probably unnecessary? */ |
9566 |
-+ { .compatible = "gpio-leds", }, |
9567 |
- {}, |
9568 |
- }; |
9569 |
- |
9570 |
-diff --git a/arch/powerpc/platforms/85xx/mpc85xx_mds.c b/arch/powerpc/platforms/85xx/mpc85xx_mds.c |
9571 |
-index 1d15a0c..b498864 100644 |
9572 |
---- a/arch/powerpc/platforms/85xx/mpc85xx_mds.c |
9573 |
-+++ b/arch/powerpc/platforms/85xx/mpc85xx_mds.c |
9574 |
-@@ -405,12 +405,6 @@ static int __init board_fixups(void) |
9575 |
- machine_arch_initcall(mpc8568_mds, board_fixups); |
9576 |
- machine_arch_initcall(mpc8569_mds, board_fixups); |
9577 |
- |
9578 |
--static struct of_device_id mpc85xx_ids[] = { |
9579 |
-- { .compatible = "fsl,mpc8548-guts", }, |
9580 |
-- { .compatible = "gpio-leds", }, |
9581 |
-- {}, |
9582 |
--}; |
9583 |
-- |
9584 |
- static int __init mpc85xx_publish_devices(void) |
9585 |
- { |
9586 |
- if (machine_is(mpc8568_mds)) |
9587 |
-@@ -418,10 +412,7 @@ static int __init mpc85xx_publish_devices(void) |
9588 |
- if (machine_is(mpc8569_mds)) |
9589 |
- simple_gpiochip_init("fsl,mpc8569mds-bcsr-gpio"); |
9590 |
- |
9591 |
-- mpc85xx_common_publish_devices(); |
9592 |
-- of_platform_bus_probe(NULL, mpc85xx_ids, NULL); |
9593 |
-- |
9594 |
-- return 0; |
9595 |
-+ return mpc85xx_common_publish_devices(); |
9596 |
- } |
9597 |
- |
9598 |
- machine_device_initcall(mpc8568_mds, mpc85xx_publish_devices); |
9599 |
-diff --git a/arch/powerpc/platforms/85xx/p1022_ds.c b/arch/powerpc/platforms/85xx/p1022_ds.c |
9600 |
-index b0984ad..cc79cad8 100644 |
9601 |
---- a/arch/powerpc/platforms/85xx/p1022_ds.c |
9602 |
-+++ b/arch/powerpc/platforms/85xx/p1022_ds.c |
9603 |
-@@ -303,18 +303,7 @@ static void __init p1022_ds_setup_arch(void) |
9604 |
- pr_info("Freescale P1022 DS reference board\n"); |
9605 |
- } |
9606 |
- |
9607 |
--static struct of_device_id __initdata p1022_ds_ids[] = { |
9608 |
-- /* So that the DMA channel nodes can be probed individually: */ |
9609 |
-- { .compatible = "fsl,eloplus-dma", }, |
9610 |
-- {}, |
9611 |
--}; |
9612 |
-- |
9613 |
--static int __init p1022_ds_publish_devices(void) |
9614 |
--{ |
9615 |
-- mpc85xx_common_publish_devices(); |
9616 |
-- return of_platform_bus_probe(NULL, p1022_ds_ids, NULL); |
9617 |
--} |
9618 |
--machine_device_initcall(p1022_ds, p1022_ds_publish_devices); |
9619 |
-+machine_device_initcall(p1022_ds, mpc85xx_common_publish_devices); |
9620 |
- |
9621 |
- machine_arch_initcall(p1022_ds, swiotlb_setup_bus_notifier); |
9622 |
- |
9623 |
-diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile |
9624 |
-index 95365a8..5a747dd 100644 |
9625 |
---- a/arch/x86/boot/Makefile |
9626 |
-+++ b/arch/x86/boot/Makefile |
9627 |
-@@ -37,7 +37,8 @@ setup-y += video-bios.o |
9628 |
- targets += $(setup-y) |
9629 |
- hostprogs-y := mkcpustr tools/build |
9630 |
- |
9631 |
--HOST_EXTRACFLAGS += $(LINUXINCLUDE) |
9632 |
-+HOST_EXTRACFLAGS += -I$(srctree)/tools/include $(LINUXINCLUDE) \ |
9633 |
-+ -D__EXPORTED_HEADERS__ |
9634 |
- |
9635 |
- $(obj)/cpu.o: $(obj)/cpustr.h |
9636 |
- |
9637 |
-diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile |
9638 |
-index b123b9a..fd55a2f 100644 |
9639 |
---- a/arch/x86/boot/compressed/Makefile |
9640 |
-+++ b/arch/x86/boot/compressed/Makefile |
9641 |
-@@ -22,6 +22,7 @@ LDFLAGS := -m elf_$(UTS_MACHINE) |
9642 |
- LDFLAGS_vmlinux := -T |
9643 |
- |
9644 |
- hostprogs-y := mkpiggy |
9645 |
-+HOST_EXTRACFLAGS += -I$(srctree)/tools/include |
9646 |
- |
9647 |
- VMLINUX_OBJS = $(obj)/vmlinux.lds $(obj)/head_$(BITS).o $(obj)/misc.o \ |
9648 |
- $(obj)/string.o $(obj)/cmdline.o $(obj)/early_serial_console.o \ |
9649 |
-diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c |
9650 |
-index fec216f..0cdfc0d 100644 |
9651 |
---- a/arch/x86/boot/compressed/eboot.c |
9652 |
-+++ b/arch/x86/boot/compressed/eboot.c |
9653 |
-@@ -539,7 +539,7 @@ static efi_status_t handle_ramdisks(efi_loaded_image_t *image, |
9654 |
- struct initrd *initrd; |
9655 |
- efi_file_handle_t *h; |
9656 |
- efi_file_info_t *info; |
9657 |
-- efi_char16_t filename[256]; |
9658 |
-+ efi_char16_t filename_16[256]; |
9659 |
- unsigned long info_sz; |
9660 |
- efi_guid_t info_guid = EFI_FILE_INFO_ID; |
9661 |
- efi_char16_t *p; |
9662 |
-@@ -552,14 +552,14 @@ static efi_status_t handle_ramdisks(efi_loaded_image_t *image, |
9663 |
- str += 7; |
9664 |
- |
9665 |
- initrd = &initrds[i]; |
9666 |
-- p = filename; |
9667 |
-+ p = filename_16; |
9668 |
- |
9669 |
- /* Skip any leading slashes */ |
9670 |
- while (*str == '/' || *str == '\\') |
9671 |
- str++; |
9672 |
- |
9673 |
- while (*str && *str != ' ' && *str != '\n') { |
9674 |
-- if (p >= filename + sizeof(filename)) |
9675 |
-+ if ((u8 *)p >= (u8 *)filename_16 + sizeof(filename_16)) |
9676 |
- break; |
9677 |
- |
9678 |
- *p++ = *str++; |
9679 |
-@@ -583,7 +583,7 @@ static efi_status_t handle_ramdisks(efi_loaded_image_t *image, |
9680 |
- goto free_initrds; |
9681 |
- } |
9682 |
- |
9683 |
-- status = efi_call_phys5(fh->open, fh, &h, filename, |
9684 |
-+ status = efi_call_phys5(fh->open, fh, &h, filename_16, |
9685 |
- EFI_FILE_MODE_READ, (u64)0); |
9686 |
- if (status != EFI_SUCCESS) |
9687 |
- goto close_handles; |
9688 |
-diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S |
9689 |
-index a055993..c85e3ac 100644 |
9690 |
---- a/arch/x86/boot/compressed/head_32.S |
9691 |
-+++ b/arch/x86/boot/compressed/head_32.S |
9692 |
-@@ -33,6 +33,9 @@ |
9693 |
- __HEAD |
9694 |
- ENTRY(startup_32) |
9695 |
- #ifdef CONFIG_EFI_STUB |
9696 |
-+ jmp preferred_addr |
9697 |
-+ |
9698 |
-+ .balign 0x10 |
9699 |
- /* |
9700 |
- * We don't need the return address, so set up the stack so |
9701 |
- * efi_main() can find its arugments. |
9702 |
-@@ -41,12 +44,17 @@ ENTRY(startup_32) |
9703 |
- |
9704 |
- call efi_main |
9705 |
- cmpl $0, %eax |
9706 |
-- je preferred_addr |
9707 |
- movl %eax, %esi |
9708 |
-- call 1f |
9709 |
-+ jne 2f |
9710 |
- 1: |
9711 |
-+ /* EFI init failed, so hang. */ |
9712 |
-+ hlt |
9713 |
-+ jmp 1b |
9714 |
-+2: |
9715 |
-+ call 3f |
9716 |
-+3: |
9717 |
- popl %eax |
9718 |
-- subl $1b, %eax |
9719 |
-+ subl $3b, %eax |
9720 |
- subl BP_pref_address(%esi), %eax |
9721 |
- add BP_code32_start(%esi), %eax |
9722 |
- leal preferred_addr(%eax), %eax |
9723 |
-diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S |
9724 |
-index 558d76c..87e03a1 100644 |
9725 |
---- a/arch/x86/boot/compressed/head_64.S |
9726 |
-+++ b/arch/x86/boot/compressed/head_64.S |
9727 |
-@@ -200,18 +200,28 @@ ENTRY(startup_64) |
9728 |
- * entire text+data+bss and hopefully all of memory. |
9729 |
- */ |
9730 |
- #ifdef CONFIG_EFI_STUB |
9731 |
-- pushq %rsi |
9732 |
-+ /* |
9733 |
-+ * The entry point for the PE/COFF executable is 0x210, so only |
9734 |
-+ * legacy boot loaders will execute this jmp. |
9735 |
-+ */ |
9736 |
-+ jmp preferred_addr |
9737 |
-+ |
9738 |
-+ .org 0x210 |
9739 |
- mov %rcx, %rdi |
9740 |
- mov %rdx, %rsi |
9741 |
- call efi_main |
9742 |
-- popq %rsi |
9743 |
-- cmpq $0,%rax |
9744 |
-- je preferred_addr |
9745 |
- movq %rax,%rsi |
9746 |
-- call 1f |
9747 |
-+ cmpq $0,%rax |
9748 |
-+ jne 2f |
9749 |
- 1: |
9750 |
-+ /* EFI init failed, so hang. */ |
9751 |
-+ hlt |
9752 |
-+ jmp 1b |
9753 |
-+2: |
9754 |
-+ call 3f |
9755 |
-+3: |
9756 |
- popq %rax |
9757 |
-- subq $1b, %rax |
9758 |
-+ subq $3b, %rax |
9759 |
- subq BP_pref_address(%rsi), %rax |
9760 |
- add BP_code32_start(%esi), %eax |
9761 |
- leaq preferred_addr(%rax), %rax |
9762 |
-diff --git a/arch/x86/boot/compressed/mkpiggy.c b/arch/x86/boot/compressed/mkpiggy.c |
9763 |
-index 46a8238..958a641 100644 |
9764 |
---- a/arch/x86/boot/compressed/mkpiggy.c |
9765 |
-+++ b/arch/x86/boot/compressed/mkpiggy.c |
9766 |
-@@ -29,14 +29,7 @@ |
9767 |
- #include <stdio.h> |
9768 |
- #include <string.h> |
9769 |
- #include <inttypes.h> |
9770 |
-- |
9771 |
--static uint32_t getle32(const void *p) |
9772 |
--{ |
9773 |
-- const uint8_t *cp = p; |
9774 |
-- |
9775 |
-- return (uint32_t)cp[0] + ((uint32_t)cp[1] << 8) + |
9776 |
-- ((uint32_t)cp[2] << 16) + ((uint32_t)cp[3] << 24); |
9777 |
--} |
9778 |
-+#include <tools/le_byteshift.h> |
9779 |
- |
9780 |
- int main(int argc, char *argv[]) |
9781 |
- { |
9782 |
-@@ -69,7 +62,7 @@ int main(int argc, char *argv[]) |
9783 |
- } |
9784 |
- |
9785 |
- ilen = ftell(f); |
9786 |
-- olen = getle32(&olen); |
9787 |
-+ olen = get_unaligned_le32(&olen); |
9788 |
- fclose(f); |
9789 |
- |
9790 |
- /* |
9791 |
-diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c |
9792 |
-index 4e9bd6b..09ce870 100644 |
9793 |
---- a/arch/x86/boot/tools/build.c |
9794 |
-+++ b/arch/x86/boot/tools/build.c |
9795 |
-@@ -34,6 +34,7 @@ |
9796 |
- #include <fcntl.h> |
9797 |
- #include <sys/mman.h> |
9798 |
- #include <asm/boot.h> |
9799 |
-+#include <tools/le_byteshift.h> |
9800 |
- |
9801 |
- typedef unsigned char u8; |
9802 |
- typedef unsigned short u16; |
9803 |
-@@ -41,6 +42,7 @@ typedef unsigned long u32; |
9804 |
- |
9805 |
- #define DEFAULT_MAJOR_ROOT 0 |
9806 |
- #define DEFAULT_MINOR_ROOT 0 |
9807 |
-+#define DEFAULT_ROOT_DEV (DEFAULT_MAJOR_ROOT << 8 | DEFAULT_MINOR_ROOT) |
9808 |
- |
9809 |
- /* Minimal number of setup sectors */ |
9810 |
- #define SETUP_SECT_MIN 5 |
9811 |
-@@ -159,7 +161,7 @@ int main(int argc, char ** argv) |
9812 |
- die("read-error on `setup'"); |
9813 |
- if (c < 1024) |
9814 |
- die("The setup must be at least 1024 bytes"); |
9815 |
-- if (buf[510] != 0x55 || buf[511] != 0xaa) |
9816 |
-+ if (get_unaligned_le16(&buf[510]) != 0xAA55) |
9817 |
- die("Boot block hasn't got boot flag (0xAA55)"); |
9818 |
- fclose(file); |
9819 |
- |
9820 |
-@@ -171,8 +173,7 @@ int main(int argc, char ** argv) |
9821 |
- memset(buf+c, 0, i-c); |
9822 |
- |
9823 |
- /* Set the default root device */ |
9824 |
-- buf[508] = DEFAULT_MINOR_ROOT; |
9825 |
-- buf[509] = DEFAULT_MAJOR_ROOT; |
9826 |
-+ put_unaligned_le16(DEFAULT_ROOT_DEV, &buf[508]); |
9827 |
- |
9828 |
- fprintf(stderr, "Setup is %d bytes (padded to %d bytes).\n", c, i); |
9829 |
- |
9830 |
-@@ -192,44 +193,49 @@ int main(int argc, char ** argv) |
9831 |
- |
9832 |
- /* Patch the setup code with the appropriate size parameters */ |
9833 |
- buf[0x1f1] = setup_sectors-1; |
9834 |
-- buf[0x1f4] = sys_size; |
9835 |
-- buf[0x1f5] = sys_size >> 8; |
9836 |
-- buf[0x1f6] = sys_size >> 16; |
9837 |
-- buf[0x1f7] = sys_size >> 24; |
9838 |
-+ put_unaligned_le32(sys_size, &buf[0x1f4]); |
9839 |
- |
9840 |
- #ifdef CONFIG_EFI_STUB |
9841 |
- file_sz = sz + i + ((sys_size * 16) - sz); |
9842 |
- |
9843 |
-- pe_header = *(unsigned int *)&buf[0x3c]; |
9844 |
-+ pe_header = get_unaligned_le32(&buf[0x3c]); |
9845 |
- |
9846 |
- /* Size of code */ |
9847 |
-- *(unsigned int *)&buf[pe_header + 0x1c] = file_sz; |
9848 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0x1c]); |
9849 |
- |
9850 |
- /* Size of image */ |
9851 |
-- *(unsigned int *)&buf[pe_header + 0x50] = file_sz; |
9852 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0x50]); |
9853 |
- |
9854 |
- #ifdef CONFIG_X86_32 |
9855 |
-- /* Address of entry point */ |
9856 |
-- *(unsigned int *)&buf[pe_header + 0x28] = i; |
9857 |
-+ /* |
9858 |
-+ * Address of entry point. |
9859 |
-+ * |
9860 |
-+ * The EFI stub entry point is +16 bytes from the start of |
9861 |
-+ * the .text section. |
9862 |
-+ */ |
9863 |
-+ put_unaligned_le32(i + 16, &buf[pe_header + 0x28]); |
9864 |
- |
9865 |
- /* .text size */ |
9866 |
-- *(unsigned int *)&buf[pe_header + 0xb0] = file_sz; |
9867 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0xb0]); |
9868 |
- |
9869 |
- /* .text size of initialised data */ |
9870 |
-- *(unsigned int *)&buf[pe_header + 0xb8] = file_sz; |
9871 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0xb8]); |
9872 |
- #else |
9873 |
- /* |
9874 |
- * Address of entry point. startup_32 is at the beginning and |
9875 |
- * the 64-bit entry point (startup_64) is always 512 bytes |
9876 |
-- * after. |
9877 |
-+ * after. The EFI stub entry point is 16 bytes after that, as |
9878 |
-+ * the first instruction allows legacy loaders to jump over |
9879 |
-+ * the EFI stub initialisation |
9880 |
- */ |
9881 |
-- *(unsigned int *)&buf[pe_header + 0x28] = i + 512; |
9882 |
-+ put_unaligned_le32(i + 528, &buf[pe_header + 0x28]); |
9883 |
- |
9884 |
- /* .text size */ |
9885 |
-- *(unsigned int *)&buf[pe_header + 0xc0] = file_sz; |
9886 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0xc0]); |
9887 |
- |
9888 |
- /* .text size of initialised data */ |
9889 |
-- *(unsigned int *)&buf[pe_header + 0xc8] = file_sz; |
9890 |
-+ put_unaligned_le32(file_sz, &buf[pe_header + 0xc8]); |
9891 |
-+ |
9892 |
- #endif /* CONFIG_X86_32 */ |
9893 |
- #endif /* CONFIG_EFI_STUB */ |
9894 |
- |
9895 |
-diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h |
9896 |
-index 517d476..a609c39 100644 |
9897 |
---- a/arch/x86/include/asm/x86_init.h |
9898 |
-+++ b/arch/x86/include/asm/x86_init.h |
9899 |
-@@ -189,6 +189,5 @@ extern struct x86_msi_ops x86_msi; |
9900 |
- |
9901 |
- extern void x86_init_noop(void); |
9902 |
- extern void x86_init_uint_noop(unsigned int unused); |
9903 |
--extern void x86_default_fixup_cpu_id(struct cpuinfo_x86 *c, int node); |
9904 |
- |
9905 |
- #endif |
9906 |
-diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c |
9907 |
-index 2eec05b..5b3f88e 100644 |
9908 |
---- a/arch/x86/kernel/apic/apic.c |
9909 |
-+++ b/arch/x86/kernel/apic/apic.c |
9910 |
-@@ -1632,9 +1632,11 @@ static int __init apic_verify(void) |
9911 |
- mp_lapic_addr = APIC_DEFAULT_PHYS_BASE; |
9912 |
- |
9913 |
- /* The BIOS may have set up the APIC at some other address */ |
9914 |
-- rdmsr(MSR_IA32_APICBASE, l, h); |
9915 |
-- if (l & MSR_IA32_APICBASE_ENABLE) |
9916 |
-- mp_lapic_addr = l & MSR_IA32_APICBASE_BASE; |
9917 |
-+ if (boot_cpu_data.x86 >= 6) { |
9918 |
-+ rdmsr(MSR_IA32_APICBASE, l, h); |
9919 |
-+ if (l & MSR_IA32_APICBASE_ENABLE) |
9920 |
-+ mp_lapic_addr = l & MSR_IA32_APICBASE_BASE; |
9921 |
-+ } |
9922 |
- |
9923 |
- pr_info("Found and enabled local APIC!\n"); |
9924 |
- return 0; |
9925 |
-@@ -1652,13 +1654,15 @@ int __init apic_force_enable(unsigned long addr) |
9926 |
- * MSR. This can only be done in software for Intel P6 or later |
9927 |
- * and AMD K7 (Model > 1) or later. |
9928 |
- */ |
9929 |
-- rdmsr(MSR_IA32_APICBASE, l, h); |
9930 |
-- if (!(l & MSR_IA32_APICBASE_ENABLE)) { |
9931 |
-- pr_info("Local APIC disabled by BIOS -- reenabling.\n"); |
9932 |
-- l &= ~MSR_IA32_APICBASE_BASE; |
9933 |
-- l |= MSR_IA32_APICBASE_ENABLE | addr; |
9934 |
-- wrmsr(MSR_IA32_APICBASE, l, h); |
9935 |
-- enabled_via_apicbase = 1; |
9936 |
-+ if (boot_cpu_data.x86 >= 6) { |
9937 |
-+ rdmsr(MSR_IA32_APICBASE, l, h); |
9938 |
-+ if (!(l & MSR_IA32_APICBASE_ENABLE)) { |
9939 |
-+ pr_info("Local APIC disabled by BIOS -- reenabling.\n"); |
9940 |
-+ l &= ~MSR_IA32_APICBASE_BASE; |
9941 |
-+ l |= MSR_IA32_APICBASE_ENABLE | addr; |
9942 |
-+ wrmsr(MSR_IA32_APICBASE, l, h); |
9943 |
-+ enabled_via_apicbase = 1; |
9944 |
-+ } |
9945 |
- } |
9946 |
- return apic_verify(); |
9947 |
- } |
9948 |
-@@ -2204,10 +2208,12 @@ static void lapic_resume(void) |
9949 |
- * FIXME! This will be wrong if we ever support suspend on |
9950 |
- * SMP! We'll need to do this as part of the CPU restore! |
9951 |
- */ |
9952 |
-- rdmsr(MSR_IA32_APICBASE, l, h); |
9953 |
-- l &= ~MSR_IA32_APICBASE_BASE; |
9954 |
-- l |= MSR_IA32_APICBASE_ENABLE | mp_lapic_addr; |
9955 |
-- wrmsr(MSR_IA32_APICBASE, l, h); |
9956 |
-+ if (boot_cpu_data.x86 >= 6) { |
9957 |
-+ rdmsr(MSR_IA32_APICBASE, l, h); |
9958 |
-+ l &= ~MSR_IA32_APICBASE_BASE; |
9959 |
-+ l |= MSR_IA32_APICBASE_ENABLE | mp_lapic_addr; |
9960 |
-+ wrmsr(MSR_IA32_APICBASE, l, h); |
9961 |
-+ } |
9962 |
- } |
9963 |
- |
9964 |
- maxlvt = lapic_get_maxlvt(); |
9965 |
-diff --git a/arch/x86/kernel/apic/apic_numachip.c b/arch/x86/kernel/apic/apic_numachip.c |
9966 |
-index 09d3d8c..ade0182 100644 |
9967 |
---- a/arch/x86/kernel/apic/apic_numachip.c |
9968 |
-+++ b/arch/x86/kernel/apic/apic_numachip.c |
9969 |
-@@ -201,8 +201,11 @@ static void __init map_csrs(void) |
9970 |
- |
9971 |
- static void fixup_cpu_id(struct cpuinfo_x86 *c, int node) |
9972 |
- { |
9973 |
-- c->phys_proc_id = node; |
9974 |
-- per_cpu(cpu_llc_id, smp_processor_id()) = node; |
9975 |
-+ |
9976 |
-+ if (c->phys_proc_id != node) { |
9977 |
-+ c->phys_proc_id = node; |
9978 |
-+ per_cpu(cpu_llc_id, smp_processor_id()) = node; |
9979 |
-+ } |
9980 |
- } |
9981 |
- |
9982 |
- static int __init numachip_system_init(void) |
9983 |
-diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c |
9984 |
-index f4773f4..80ab83d 100644 |
9985 |
---- a/arch/x86/kernel/cpu/amd.c |
9986 |
-+++ b/arch/x86/kernel/cpu/amd.c |
9987 |
-@@ -352,10 +352,11 @@ static void __cpuinit srat_detect_node(struct cpuinfo_x86 *c) |
9988 |
- node = per_cpu(cpu_llc_id, cpu); |
9989 |
- |
9990 |
- /* |
9991 |
-- * If core numbers are inconsistent, it's likely a multi-fabric platform, |
9992 |
-- * so invoke platform-specific handler |
9993 |
-+ * On multi-fabric platform (e.g. Numascale NumaChip) a |
9994 |
-+ * platform-specific handler needs to be called to fixup some |
9995 |
-+ * IDs of the CPU. |
9996 |
- */ |
9997 |
-- if (c->phys_proc_id != node) |
9998 |
-+ if (x86_cpuinit.fixup_cpu_id) |
9999 |
- x86_cpuinit.fixup_cpu_id(c, node); |
10000 |
- |
10001 |
- if (!node_online(node)) { |
10002 |
-diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c |
10003 |
-index c0f7d68..1a810e4 100644 |
10004 |
---- a/arch/x86/kernel/cpu/common.c |
10005 |
-+++ b/arch/x86/kernel/cpu/common.c |
10006 |
-@@ -1163,15 +1163,6 @@ static void dbg_restore_debug_regs(void) |
10007 |
- #endif /* ! CONFIG_KGDB */ |
10008 |
- |
10009 |
- /* |
10010 |
-- * Prints an error where the NUMA and configured core-number mismatch and the |
10011 |
-- * platform didn't override this to fix it up |
10012 |
-- */ |
10013 |
--void __cpuinit x86_default_fixup_cpu_id(struct cpuinfo_x86 *c, int node) |
10014 |
--{ |
10015 |
-- pr_err("NUMA core number %d differs from configured core number %d\n", node, c->phys_proc_id); |
10016 |
--} |
10017 |
-- |
10018 |
--/* |
10019 |
- * cpu_init() initializes state that is per-CPU. Some data is already |
10020 |
- * initialized (naturally) in the bootstrap process, such as the GDT |
10021 |
- * and IDT. We reload them nevertheless, this function acts as a |
10022 |
-diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c |
10023 |
-index 739d859..f239f30 100644 |
10024 |
---- a/arch/x86/kernel/i387.c |
10025 |
-+++ b/arch/x86/kernel/i387.c |
10026 |
-@@ -154,6 +154,7 @@ int init_fpu(struct task_struct *tsk) |
10027 |
- if (tsk_used_math(tsk)) { |
10028 |
- if (HAVE_HWFP && tsk == current) |
10029 |
- unlazy_fpu(tsk); |
10030 |
-+ tsk->thread.fpu.last_cpu = ~0; |
10031 |
- return 0; |
10032 |
- } |
10033 |
- |
10034 |
-diff --git a/arch/x86/kernel/microcode_amd.c b/arch/x86/kernel/microcode_amd.c |
10035 |
-index 73465aa..8a2ce8f 100644 |
10036 |
---- a/arch/x86/kernel/microcode_amd.c |
10037 |
-+++ b/arch/x86/kernel/microcode_amd.c |
10038 |
-@@ -82,11 +82,6 @@ static int collect_cpu_info_amd(int cpu, struct cpu_signature *csig) |
10039 |
- { |
10040 |
- struct cpuinfo_x86 *c = &cpu_data(cpu); |
10041 |
- |
10042 |
-- if (c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10) { |
10043 |
-- pr_warning("CPU%d: family %d not supported\n", cpu, c->x86); |
10044 |
-- return -1; |
10045 |
-- } |
10046 |
-- |
10047 |
- csig->rev = c->microcode; |
10048 |
- pr_info("CPU%d: patch_level=0x%08x\n", cpu, csig->rev); |
10049 |
- |
10050 |
-@@ -380,6 +375,13 @@ static struct microcode_ops microcode_amd_ops = { |
10051 |
- |
10052 |
- struct microcode_ops * __init init_amd_microcode(void) |
10053 |
- { |
10054 |
-+ struct cpuinfo_x86 *c = &cpu_data(0); |
10055 |
-+ |
10056 |
-+ if (c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10) { |
10057 |
-+ pr_warning("AMD CPU family 0x%x not supported\n", c->x86); |
10058 |
-+ return NULL; |
10059 |
-+ } |
10060 |
-+ |
10061 |
- patch = (void *)get_zeroed_page(GFP_KERNEL); |
10062 |
- if (!patch) |
10063 |
- return NULL; |
10064 |
-diff --git a/arch/x86/kernel/microcode_core.c b/arch/x86/kernel/microcode_core.c |
10065 |
-index fda91c3..50a5875 100644 |
10066 |
---- a/arch/x86/kernel/microcode_core.c |
10067 |
-+++ b/arch/x86/kernel/microcode_core.c |
10068 |
-@@ -418,10 +418,8 @@ static int mc_device_add(struct device *dev, struct subsys_interface *sif) |
10069 |
- if (err) |
10070 |
- return err; |
10071 |
- |
10072 |
-- if (microcode_init_cpu(cpu) == UCODE_ERROR) { |
10073 |
-- sysfs_remove_group(&dev->kobj, &mc_attr_group); |
10074 |
-+ if (microcode_init_cpu(cpu) == UCODE_ERROR) |
10075 |
- return -EINVAL; |
10076 |
-- } |
10077 |
- |
10078 |
- return err; |
10079 |
- } |
10080 |
-@@ -513,11 +511,11 @@ static int __init microcode_init(void) |
10081 |
- microcode_ops = init_intel_microcode(); |
10082 |
- else if (c->x86_vendor == X86_VENDOR_AMD) |
10083 |
- microcode_ops = init_amd_microcode(); |
10084 |
-- |
10085 |
-- if (!microcode_ops) { |
10086 |
-+ else |
10087 |
- pr_err("no support for this CPU vendor\n"); |
10088 |
-+ |
10089 |
-+ if (!microcode_ops) |
10090 |
- return -ENODEV; |
10091 |
-- } |
10092 |
- |
10093 |
- microcode_pdev = platform_device_register_simple("microcode", -1, |
10094 |
- NULL, 0); |
10095 |
-diff --git a/arch/x86/kernel/x86_init.c b/arch/x86/kernel/x86_init.c |
10096 |
-index 947a06c..83b05ad 100644 |
10097 |
---- a/arch/x86/kernel/x86_init.c |
10098 |
-+++ b/arch/x86/kernel/x86_init.c |
10099 |
-@@ -92,7 +92,6 @@ struct x86_init_ops x86_init __initdata = { |
10100 |
- |
10101 |
- struct x86_cpuinit_ops x86_cpuinit __cpuinitdata = { |
10102 |
- .setup_percpu_clockev = setup_secondary_APIC_clock, |
10103 |
-- .fixup_cpu_id = x86_default_fixup_cpu_id, |
10104 |
- }; |
10105 |
- |
10106 |
- static void default_nmi_init(void) { }; |
10107 |
-diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c |
10108 |
-index 501d4e0..f2ce60a 100644 |
10109 |
---- a/arch/x86/xen/smp.c |
10110 |
-+++ b/arch/x86/xen/smp.c |
10111 |
-@@ -172,6 +172,7 @@ static void __init xen_fill_possible_map(void) |
10112 |
- static void __init xen_filter_cpu_maps(void) |
10113 |
- { |
10114 |
- int i, rc; |
10115 |
-+ unsigned int subtract = 0; |
10116 |
- |
10117 |
- if (!xen_initial_domain()) |
10118 |
- return; |
10119 |
-@@ -186,8 +187,22 @@ static void __init xen_filter_cpu_maps(void) |
10120 |
- } else { |
10121 |
- set_cpu_possible(i, false); |
10122 |
- set_cpu_present(i, false); |
10123 |
-+ subtract++; |
10124 |
- } |
10125 |
- } |
10126 |
-+#ifdef CONFIG_HOTPLUG_CPU |
10127 |
-+ /* This is akin to using 'nr_cpus' on the Linux command line. |
10128 |
-+ * Which is OK as when we use 'dom0_max_vcpus=X' we can only |
10129 |
-+ * have up to X, while nr_cpu_ids is greater than X. This |
10130 |
-+ * normally is not a problem, except when CPU hotplugging |
10131 |
-+ * is involved and then there might be more than X CPUs |
10132 |
-+ * in the guest - which will not work as there is no |
10133 |
-+ * hypercall to expand the max number of VCPUs an already |
10134 |
-+ * running guest has. So cap it up to X. */ |
10135 |
-+ if (subtract) |
10136 |
-+ nr_cpu_ids = nr_cpu_ids - subtract; |
10137 |
-+#endif |
10138 |
-+ |
10139 |
- } |
10140 |
- |
10141 |
- static void __init xen_smp_prepare_boot_cpu(void) |
10142 |
-diff --git a/arch/x86/xen/xen-asm.S b/arch/x86/xen/xen-asm.S |
10143 |
-index 79d7362..3e45aa0 100644 |
10144 |
---- a/arch/x86/xen/xen-asm.S |
10145 |
-+++ b/arch/x86/xen/xen-asm.S |
10146 |
-@@ -96,7 +96,7 @@ ENTRY(xen_restore_fl_direct) |
10147 |
- |
10148 |
- /* check for unmasked and pending */ |
10149 |
- cmpw $0x0001, PER_CPU_VAR(xen_vcpu_info) + XEN_vcpu_info_pending |
10150 |
-- jz 1f |
10151 |
-+ jnz 1f |
10152 |
- 2: call check_events |
10153 |
- 1: |
10154 |
- ENDPATCH(xen_restore_fl_direct) |
10155 |
-diff --git a/drivers/ata/libata-eh.c b/drivers/ata/libata-eh.c |
10156 |
-index a9b2820..58db834 100644 |
10157 |
---- a/drivers/ata/libata-eh.c |
10158 |
-+++ b/drivers/ata/libata-eh.c |
10159 |
-@@ -3500,7 +3500,8 @@ static int ata_count_probe_trials_cb(struct ata_ering_entry *ent, void *void_arg |
10160 |
- u64 now = get_jiffies_64(); |
10161 |
- int *trials = void_arg; |
10162 |
- |
10163 |
-- if (ent->timestamp < now - min(now, interval)) |
10164 |
-+ if ((ent->eflags & ATA_EFLAG_OLD_ER) || |
10165 |
-+ (ent->timestamp < now - min(now, interval))) |
10166 |
- return -1; |
10167 |
- |
10168 |
- (*trials)++; |
10169 |
-diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c |
10170 |
-index 2d8c789..b28dbfa 100644 |
10171 |
---- a/drivers/crypto/talitos.c |
10172 |
-+++ b/drivers/crypto/talitos.c |
10173 |
-@@ -124,6 +124,9 @@ struct talitos_private { |
10174 |
- void __iomem *reg; |
10175 |
- int irq[2]; |
10176 |
- |
10177 |
-+ /* SEC global registers lock */ |
10178 |
-+ spinlock_t reg_lock ____cacheline_aligned; |
10179 |
-+ |
10180 |
- /* SEC version geometry (from device tree node) */ |
10181 |
- unsigned int num_channels; |
10182 |
- unsigned int chfifo_len; |
10183 |
-@@ -412,6 +415,7 @@ static void talitos_done_##name(unsigned long data) \ |
10184 |
- { \ |
10185 |
- struct device *dev = (struct device *)data; \ |
10186 |
- struct talitos_private *priv = dev_get_drvdata(dev); \ |
10187 |
-+ unsigned long flags; \ |
10188 |
- \ |
10189 |
- if (ch_done_mask & 1) \ |
10190 |
- flush_channel(dev, 0, 0, 0); \ |
10191 |
-@@ -427,8 +431,10 @@ static void talitos_done_##name(unsigned long data) \ |
10192 |
- out: \ |
10193 |
- /* At this point, all completed channels have been processed */ \ |
10194 |
- /* Unmask done interrupts for channels completed later on. */ \ |
10195 |
-+ spin_lock_irqsave(&priv->reg_lock, flags); \ |
10196 |
- setbits32(priv->reg + TALITOS_IMR, ch_done_mask); \ |
10197 |
- setbits32(priv->reg + TALITOS_IMR_LO, TALITOS_IMR_LO_INIT); \ |
10198 |
-+ spin_unlock_irqrestore(&priv->reg_lock, flags); \ |
10199 |
- } |
10200 |
- DEF_TALITOS_DONE(4ch, TALITOS_ISR_4CHDONE) |
10201 |
- DEF_TALITOS_DONE(ch0_2, TALITOS_ISR_CH_0_2_DONE) |
10202 |
-@@ -619,22 +625,28 @@ static irqreturn_t talitos_interrupt_##name(int irq, void *data) \ |
10203 |
- struct device *dev = data; \ |
10204 |
- struct talitos_private *priv = dev_get_drvdata(dev); \ |
10205 |
- u32 isr, isr_lo; \ |
10206 |
-+ unsigned long flags; \ |
10207 |
- \ |
10208 |
-+ spin_lock_irqsave(&priv->reg_lock, flags); \ |
10209 |
- isr = in_be32(priv->reg + TALITOS_ISR); \ |
10210 |
- isr_lo = in_be32(priv->reg + TALITOS_ISR_LO); \ |
10211 |
- /* Acknowledge interrupt */ \ |
10212 |
- out_be32(priv->reg + TALITOS_ICR, isr & (ch_done_mask | ch_err_mask)); \ |
10213 |
- out_be32(priv->reg + TALITOS_ICR_LO, isr_lo); \ |
10214 |
- \ |
10215 |
-- if (unlikely((isr & ~TALITOS_ISR_4CHDONE) & ch_err_mask || isr_lo)) \ |
10216 |
-- talitos_error(dev, isr, isr_lo); \ |
10217 |
-- else \ |
10218 |
-+ if (unlikely(isr & ch_err_mask || isr_lo)) { \ |
10219 |
-+ spin_unlock_irqrestore(&priv->reg_lock, flags); \ |
10220 |
-+ talitos_error(dev, isr & ch_err_mask, isr_lo); \ |
10221 |
-+ } \ |
10222 |
-+ else { \ |
10223 |
- if (likely(isr & ch_done_mask)) { \ |
10224 |
- /* mask further done interrupts. */ \ |
10225 |
- clrbits32(priv->reg + TALITOS_IMR, ch_done_mask); \ |
10226 |
- /* done_task will unmask done interrupts at exit */ \ |
10227 |
- tasklet_schedule(&priv->done_task[tlet]); \ |
10228 |
- } \ |
10229 |
-+ spin_unlock_irqrestore(&priv->reg_lock, flags); \ |
10230 |
-+ } \ |
10231 |
- \ |
10232 |
- return (isr & (ch_done_mask | ch_err_mask) || isr_lo) ? IRQ_HANDLED : \ |
10233 |
- IRQ_NONE; \ |
10234 |
-@@ -2718,6 +2730,8 @@ static int talitos_probe(struct platform_device *ofdev) |
10235 |
- |
10236 |
- priv->ofdev = ofdev; |
10237 |
- |
10238 |
-+ spin_lock_init(&priv->reg_lock); |
10239 |
-+ |
10240 |
- err = talitos_probe_irq(ofdev); |
10241 |
- if (err) |
10242 |
- goto err_out; |
10243 |
-diff --git a/drivers/dma/at_hdmac.c b/drivers/dma/at_hdmac.c |
10244 |
-index f4aed5f..a342873 100644 |
10245 |
---- a/drivers/dma/at_hdmac.c |
10246 |
-+++ b/drivers/dma/at_hdmac.c |
10247 |
-@@ -241,10 +241,6 @@ static void atc_dostart(struct at_dma_chan *atchan, struct at_desc *first) |
10248 |
- |
10249 |
- vdbg_dump_regs(atchan); |
10250 |
- |
10251 |
-- /* clear any pending interrupt */ |
10252 |
-- while (dma_readl(atdma, EBCISR)) |
10253 |
-- cpu_relax(); |
10254 |
-- |
10255 |
- channel_writel(atchan, SADDR, 0); |
10256 |
- channel_writel(atchan, DADDR, 0); |
10257 |
- channel_writel(atchan, CTRLA, 0); |
10258 |
-diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c |
10259 |
-index d25599f..47408e8 100644 |
10260 |
---- a/drivers/firmware/efivars.c |
10261 |
-+++ b/drivers/firmware/efivars.c |
10262 |
-@@ -191,6 +191,190 @@ utf16_strncmp(const efi_char16_t *a, const efi_char16_t *b, size_t len) |
10263 |
- } |
10264 |
- } |
10265 |
- |
10266 |
-+static bool |
10267 |
-+validate_device_path(struct efi_variable *var, int match, u8 *buffer, |
10268 |
-+ unsigned long len) |
10269 |
-+{ |
10270 |
-+ struct efi_generic_dev_path *node; |
10271 |
-+ int offset = 0; |
10272 |
-+ |
10273 |
-+ node = (struct efi_generic_dev_path *)buffer; |
10274 |
-+ |
10275 |
-+ if (len < sizeof(*node)) |
10276 |
-+ return false; |
10277 |
-+ |
10278 |
-+ while (offset <= len - sizeof(*node) && |
10279 |
-+ node->length >= sizeof(*node) && |
10280 |
-+ node->length <= len - offset) { |
10281 |
-+ offset += node->length; |
10282 |
-+ |
10283 |
-+ if ((node->type == EFI_DEV_END_PATH || |
10284 |
-+ node->type == EFI_DEV_END_PATH2) && |
10285 |
-+ node->sub_type == EFI_DEV_END_ENTIRE) |
10286 |
-+ return true; |
10287 |
-+ |
10288 |
-+ node = (struct efi_generic_dev_path *)(buffer + offset); |
10289 |
-+ } |
10290 |
-+ |
10291 |
-+ /* |
10292 |
-+ * If we're here then either node->length pointed past the end |
10293 |
-+ * of the buffer or we reached the end of the buffer without |
10294 |
-+ * finding a device path end node. |
10295 |
-+ */ |
10296 |
-+ return false; |
10297 |
-+} |
10298 |
-+ |
10299 |
-+static bool |
10300 |
-+validate_boot_order(struct efi_variable *var, int match, u8 *buffer, |
10301 |
-+ unsigned long len) |
10302 |
-+{ |
10303 |
-+ /* An array of 16-bit integers */ |
10304 |
-+ if ((len % 2) != 0) |
10305 |
-+ return false; |
10306 |
-+ |
10307 |
-+ return true; |
10308 |
-+} |
10309 |
-+ |
10310 |
-+static bool |
10311 |
-+validate_load_option(struct efi_variable *var, int match, u8 *buffer, |
10312 |
-+ unsigned long len) |
10313 |
-+{ |
10314 |
-+ u16 filepathlength; |
10315 |
-+ int i, desclength = 0, namelen; |
10316 |
-+ |
10317 |
-+ namelen = utf16_strnlen(var->VariableName, sizeof(var->VariableName)); |
10318 |
-+ |
10319 |
-+ /* Either "Boot" or "Driver" followed by four digits of hex */ |
10320 |
-+ for (i = match; i < match+4; i++) { |
10321 |
-+ if (var->VariableName[i] > 127 || |
10322 |
-+ hex_to_bin(var->VariableName[i] & 0xff) < 0) |
10323 |
-+ return true; |
10324 |
-+ } |
10325 |
-+ |
10326 |
-+ /* Reject it if there's 4 digits of hex and then further content */ |
10327 |
-+ if (namelen > match + 4) |
10328 |
-+ return false; |
10329 |
-+ |
10330 |
-+ /* A valid entry must be at least 8 bytes */ |
10331 |
-+ if (len < 8) |
10332 |
-+ return false; |
10333 |
-+ |
10334 |
-+ filepathlength = buffer[4] | buffer[5] << 8; |
10335 |
-+ |
10336 |
-+ /* |
10337 |
-+ * There's no stored length for the description, so it has to be |
10338 |
-+ * found by hand |
10339 |
-+ */ |
10340 |
-+ desclength = utf16_strsize((efi_char16_t *)(buffer + 6), len - 6) + 2; |
10341 |
-+ |
10342 |
-+ /* Each boot entry must have a descriptor */ |
10343 |
-+ if (!desclength) |
10344 |
-+ return false; |
10345 |
-+ |
10346 |
-+ /* |
10347 |
-+ * If the sum of the length of the description, the claimed filepath |
10348 |
-+ * length and the original header are greater than the length of the |
10349 |
-+ * variable, it's malformed |
10350 |
-+ */ |
10351 |
-+ if ((desclength + filepathlength + 6) > len) |
10352 |
-+ return false; |
10353 |
-+ |
10354 |
-+ /* |
10355 |
-+ * And, finally, check the filepath |
10356 |
-+ */ |
10357 |
-+ return validate_device_path(var, match, buffer + desclength + 6, |
10358 |
-+ filepathlength); |
10359 |
-+} |
10360 |
-+ |
10361 |
-+static bool |
10362 |
-+validate_uint16(struct efi_variable *var, int match, u8 *buffer, |
10363 |
-+ unsigned long len) |
10364 |
-+{ |
10365 |
-+ /* A single 16-bit integer */ |
10366 |
-+ if (len != 2) |
10367 |
-+ return false; |
10368 |
-+ |
10369 |
-+ return true; |
10370 |
-+} |
10371 |
-+ |
10372 |
-+static bool |
10373 |
-+validate_ascii_string(struct efi_variable *var, int match, u8 *buffer, |
10374 |
-+ unsigned long len) |
10375 |
-+{ |
10376 |
-+ int i; |
10377 |
-+ |
10378 |
-+ for (i = 0; i < len; i++) { |
10379 |
-+ if (buffer[i] > 127) |
10380 |
-+ return false; |
10381 |
-+ |
10382 |
-+ if (buffer[i] == 0) |
10383 |
-+ return true; |
10384 |
-+ } |
10385 |
-+ |
10386 |
-+ return false; |
10387 |
-+} |
10388 |
-+ |
10389 |
-+struct variable_validate { |
10390 |
-+ char *name; |
10391 |
-+ bool (*validate)(struct efi_variable *var, int match, u8 *data, |
10392 |
-+ unsigned long len); |
10393 |
-+}; |
10394 |
-+ |
10395 |
-+static const struct variable_validate variable_validate[] = { |
10396 |
-+ { "BootNext", validate_uint16 }, |
10397 |
-+ { "BootOrder", validate_boot_order }, |
10398 |
-+ { "DriverOrder", validate_boot_order }, |
10399 |
-+ { "Boot*", validate_load_option }, |
10400 |
-+ { "Driver*", validate_load_option }, |
10401 |
-+ { "ConIn", validate_device_path }, |
10402 |
-+ { "ConInDev", validate_device_path }, |
10403 |
-+ { "ConOut", validate_device_path }, |
10404 |
-+ { "ConOutDev", validate_device_path }, |
10405 |
-+ { "ErrOut", validate_device_path }, |
10406 |
-+ { "ErrOutDev", validate_device_path }, |
10407 |
-+ { "Timeout", validate_uint16 }, |
10408 |
-+ { "Lang", validate_ascii_string }, |
10409 |
-+ { "PlatformLang", validate_ascii_string }, |
10410 |
-+ { "", NULL }, |
10411 |
-+}; |
10412 |
-+ |
10413 |
-+static bool |
10414 |
-+validate_var(struct efi_variable *var, u8 *data, unsigned long len) |
10415 |
-+{ |
10416 |
-+ int i; |
10417 |
-+ u16 *unicode_name = var->VariableName; |
10418 |
-+ |
10419 |
-+ for (i = 0; variable_validate[i].validate != NULL; i++) { |
10420 |
-+ const char *name = variable_validate[i].name; |
10421 |
-+ int match; |
10422 |
-+ |
10423 |
-+ for (match = 0; ; match++) { |
10424 |
-+ char c = name[match]; |
10425 |
-+ u16 u = unicode_name[match]; |
10426 |
-+ |
10427 |
-+ /* All special variables are plain ascii */ |
10428 |
-+ if (u > 127) |
10429 |
-+ return true; |
10430 |
-+ |
10431 |
-+ /* Wildcard in the matching name means we've matched */ |
10432 |
-+ if (c == '*') |
10433 |
-+ return variable_validate[i].validate(var, |
10434 |
-+ match, data, len); |
10435 |
-+ |
10436 |
-+ /* Case sensitive match */ |
10437 |
-+ if (c != u) |
10438 |
-+ break; |
10439 |
-+ |
10440 |
-+ /* Reached the end of the string while matching */ |
10441 |
-+ if (!c) |
10442 |
-+ return variable_validate[i].validate(var, |
10443 |
-+ match, data, len); |
10444 |
-+ } |
10445 |
-+ } |
10446 |
-+ |
10447 |
-+ return true; |
10448 |
-+} |
10449 |
-+ |
10450 |
- static efi_status_t |
10451 |
- get_var_data_locked(struct efivars *efivars, struct efi_variable *var) |
10452 |
- { |
10453 |
-@@ -324,6 +508,12 @@ efivar_store_raw(struct efivar_entry *entry, const char *buf, size_t count) |
10454 |
- return -EINVAL; |
10455 |
- } |
10456 |
- |
10457 |
-+ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 || |
10458 |
-+ validate_var(new_var, new_var->Data, new_var->DataSize) == false) { |
10459 |
-+ printk(KERN_ERR "efivars: Malformed variable content\n"); |
10460 |
-+ return -EINVAL; |
10461 |
-+ } |
10462 |
-+ |
10463 |
- spin_lock(&efivars->lock); |
10464 |
- status = efivars->ops->set_variable(new_var->VariableName, |
10465 |
- &new_var->VendorGuid, |
10466 |
-@@ -626,6 +816,12 @@ static ssize_t efivar_create(struct file *filp, struct kobject *kobj, |
10467 |
- if (!capable(CAP_SYS_ADMIN)) |
10468 |
- return -EACCES; |
10469 |
- |
10470 |
-+ if ((new_var->Attributes & ~EFI_VARIABLE_MASK) != 0 || |
10471 |
-+ validate_var(new_var, new_var->Data, new_var->DataSize) == false) { |
10472 |
-+ printk(KERN_ERR "efivars: Malformed variable content\n"); |
10473 |
-+ return -EINVAL; |
10474 |
-+ } |
10475 |
-+ |
10476 |
- spin_lock(&efivars->lock); |
10477 |
- |
10478 |
- /* |
10479 |
-diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
10480 |
-index 65e1f00..e159e33 100644 |
10481 |
---- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
10482 |
-+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
10483 |
-@@ -1082,6 +1082,11 @@ i915_gem_do_execbuffer(struct drm_device *dev, void *data, |
10484 |
- return -EINVAL; |
10485 |
- } |
10486 |
- |
10487 |
-+ if (args->num_cliprects > UINT_MAX / sizeof(*cliprects)) { |
10488 |
-+ DRM_DEBUG("execbuf with %u cliprects\n", |
10489 |
-+ args->num_cliprects); |
10490 |
-+ return -EINVAL; |
10491 |
-+ } |
10492 |
- cliprects = kmalloc(args->num_cliprects * sizeof(*cliprects), |
10493 |
- GFP_KERNEL); |
10494 |
- if (cliprects == NULL) { |
10495 |
-@@ -1353,7 +1358,8 @@ i915_gem_execbuffer2(struct drm_device *dev, void *data, |
10496 |
- struct drm_i915_gem_exec_object2 *exec2_list = NULL; |
10497 |
- int ret; |
10498 |
- |
10499 |
-- if (args->buffer_count < 1) { |
10500 |
-+ if (args->buffer_count < 1 || |
10501 |
-+ args->buffer_count > UINT_MAX / sizeof(*exec2_list)) { |
10502 |
- DRM_ERROR("execbuf2 with %d buffers\n", args->buffer_count); |
10503 |
- return -EINVAL; |
10504 |
- } |
10505 |
-diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h |
10506 |
-index 3e6429a..ac38d21 100644 |
10507 |
---- a/drivers/gpu/drm/i915/i915_reg.h |
10508 |
-+++ b/drivers/gpu/drm/i915/i915_reg.h |
10509 |
-@@ -523,6 +523,7 @@ |
10510 |
- #define CM0_MASK_SHIFT 16 |
10511 |
- #define CM0_IZ_OPT_DISABLE (1<<6) |
10512 |
- #define CM0_ZR_OPT_DISABLE (1<<5) |
10513 |
-+#define CM0_STC_EVICT_DISABLE_LRA_SNB (1<<5) |
10514 |
- #define CM0_DEPTH_EVICT_DISABLE (1<<4) |
10515 |
- #define CM0_COLOR_EVICT_DISABLE (1<<3) |
10516 |
- #define CM0_DEPTH_WRITE_DISABLE (1<<1) |
10517 |
-diff --git a/drivers/gpu/drm/i915/intel_ringbuffer.c b/drivers/gpu/drm/i915/intel_ringbuffer.c |
10518 |
-index cbc3c04..99f71af 100644 |
10519 |
---- a/drivers/gpu/drm/i915/intel_ringbuffer.c |
10520 |
-+++ b/drivers/gpu/drm/i915/intel_ringbuffer.c |
10521 |
-@@ -417,6 +417,14 @@ static int init_render_ring(struct intel_ring_buffer *ring) |
10522 |
- if (INTEL_INFO(dev)->gen >= 6) { |
10523 |
- I915_WRITE(INSTPM, |
10524 |
- INSTPM_FORCE_ORDERING << 16 | INSTPM_FORCE_ORDERING); |
10525 |
-+ |
10526 |
-+ /* From the Sandybridge PRM, volume 1 part 3, page 24: |
10527 |
-+ * "If this bit is set, STCunit will have LRA as replacement |
10528 |
-+ * policy. [...] This bit must be reset. LRA replacement |
10529 |
-+ * policy is not supported." |
10530 |
-+ */ |
10531 |
-+ I915_WRITE(CACHE_MODE_0, |
10532 |
-+ CM0_STC_EVICT_DISABLE_LRA_SNB << CM0_MASK_SHIFT); |
10533 |
- } |
10534 |
- |
10535 |
- return ret; |
10536 |
-diff --git a/drivers/gpu/drm/i915/intel_sdvo.c b/drivers/gpu/drm/i915/intel_sdvo.c |
10537 |
-index e334ec3..0a877dd 100644 |
10538 |
---- a/drivers/gpu/drm/i915/intel_sdvo.c |
10539 |
-+++ b/drivers/gpu/drm/i915/intel_sdvo.c |
10540 |
-@@ -731,6 +731,7 @@ static void intel_sdvo_get_dtd_from_mode(struct intel_sdvo_dtd *dtd, |
10541 |
- uint16_t width, height; |
10542 |
- uint16_t h_blank_len, h_sync_len, v_blank_len, v_sync_len; |
10543 |
- uint16_t h_sync_offset, v_sync_offset; |
10544 |
-+ int mode_clock; |
10545 |
- |
10546 |
- width = mode->crtc_hdisplay; |
10547 |
- height = mode->crtc_vdisplay; |
10548 |
-@@ -745,7 +746,11 @@ static void intel_sdvo_get_dtd_from_mode(struct intel_sdvo_dtd *dtd, |
10549 |
- h_sync_offset = mode->crtc_hsync_start - mode->crtc_hblank_start; |
10550 |
- v_sync_offset = mode->crtc_vsync_start - mode->crtc_vblank_start; |
10551 |
- |
10552 |
-- dtd->part1.clock = mode->clock / 10; |
10553 |
-+ mode_clock = mode->clock; |
10554 |
-+ mode_clock /= intel_mode_get_pixel_multiplier(mode) ?: 1; |
10555 |
-+ mode_clock /= 10; |
10556 |
-+ dtd->part1.clock = mode_clock; |
10557 |
-+ |
10558 |
- dtd->part1.h_active = width & 0xff; |
10559 |
- dtd->part1.h_blank = h_blank_len & 0xff; |
10560 |
- dtd->part1.h_high = (((width >> 8) & 0xf) << 4) | |
10561 |
-@@ -997,7 +1002,7 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
10562 |
- struct intel_sdvo *intel_sdvo = to_intel_sdvo(encoder); |
10563 |
- u32 sdvox; |
10564 |
- struct intel_sdvo_in_out_map in_out; |
10565 |
-- struct intel_sdvo_dtd input_dtd; |
10566 |
-+ struct intel_sdvo_dtd input_dtd, output_dtd; |
10567 |
- int pixel_multiplier = intel_mode_get_pixel_multiplier(adjusted_mode); |
10568 |
- int rate; |
10569 |
- |
10570 |
-@@ -1022,20 +1027,13 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
10571 |
- intel_sdvo->attached_output)) |
10572 |
- return; |
10573 |
- |
10574 |
-- /* We have tried to get input timing in mode_fixup, and filled into |
10575 |
-- * adjusted_mode. |
10576 |
-- */ |
10577 |
-- if (intel_sdvo->is_tv || intel_sdvo->is_lvds) { |
10578 |
-- input_dtd = intel_sdvo->input_dtd; |
10579 |
-- } else { |
10580 |
-- /* Set the output timing to the screen */ |
10581 |
-- if (!intel_sdvo_set_target_output(intel_sdvo, |
10582 |
-- intel_sdvo->attached_output)) |
10583 |
-- return; |
10584 |
-- |
10585 |
-- intel_sdvo_get_dtd_from_mode(&input_dtd, adjusted_mode); |
10586 |
-- (void) intel_sdvo_set_output_timing(intel_sdvo, &input_dtd); |
10587 |
-- } |
10588 |
-+ /* lvds has a special fixed output timing. */ |
10589 |
-+ if (intel_sdvo->is_lvds) |
10590 |
-+ intel_sdvo_get_dtd_from_mode(&output_dtd, |
10591 |
-+ intel_sdvo->sdvo_lvds_fixed_mode); |
10592 |
-+ else |
10593 |
-+ intel_sdvo_get_dtd_from_mode(&output_dtd, mode); |
10594 |
-+ (void) intel_sdvo_set_output_timing(intel_sdvo, &output_dtd); |
10595 |
- |
10596 |
- /* Set the input timing to the screen. Assume always input 0. */ |
10597 |
- if (!intel_sdvo_set_target_input(intel_sdvo)) |
10598 |
-@@ -1053,6 +1051,10 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
10599 |
- !intel_sdvo_set_tv_format(intel_sdvo)) |
10600 |
- return; |
10601 |
- |
10602 |
-+ /* We have tried to get input timing in mode_fixup, and filled into |
10603 |
-+ * adjusted_mode. |
10604 |
-+ */ |
10605 |
-+ intel_sdvo_get_dtd_from_mode(&input_dtd, adjusted_mode); |
10606 |
- (void) intel_sdvo_set_input_timing(intel_sdvo, &input_dtd); |
10607 |
- |
10608 |
- switch (pixel_multiplier) { |
10609 |
-diff --git a/drivers/gpu/drm/nouveau/nouveau_acpi.c b/drivers/gpu/drm/nouveau/nouveau_acpi.c |
10610 |
-index 7814a76..284bd25 100644 |
10611 |
---- a/drivers/gpu/drm/nouveau/nouveau_acpi.c |
10612 |
-+++ b/drivers/gpu/drm/nouveau/nouveau_acpi.c |
10613 |
-@@ -270,7 +270,7 @@ static bool nouveau_dsm_detect(void) |
10614 |
- struct acpi_buffer buffer = {sizeof(acpi_method_name), acpi_method_name}; |
10615 |
- struct pci_dev *pdev = NULL; |
10616 |
- int has_dsm = 0; |
10617 |
-- int has_optimus; |
10618 |
-+ int has_optimus = 0; |
10619 |
- int vga_count = 0; |
10620 |
- bool guid_valid; |
10621 |
- int retval; |
10622 |
-diff --git a/drivers/gpu/drm/radeon/atombios_crtc.c b/drivers/gpu/drm/radeon/atombios_crtc.c |
10623 |
-index 24ed306..2dab552 100644 |
10624 |
---- a/drivers/gpu/drm/radeon/atombios_crtc.c |
10625 |
-+++ b/drivers/gpu/drm/radeon/atombios_crtc.c |
10626 |
-@@ -912,8 +912,8 @@ static void atombios_crtc_set_pll(struct drm_crtc *crtc, struct drm_display_mode |
10627 |
- break; |
10628 |
- } |
10629 |
- |
10630 |
-- if (radeon_encoder->active_device & |
10631 |
-- (ATOM_DEVICE_LCD_SUPPORT | ATOM_DEVICE_DFP_SUPPORT)) { |
10632 |
-+ if ((radeon_encoder->active_device & (ATOM_DEVICE_LCD_SUPPORT | ATOM_DEVICE_DFP_SUPPORT)) || |
10633 |
-+ (radeon_encoder_get_dp_bridge_encoder_id(encoder) != ENCODER_OBJECT_ID_NONE)) { |
10634 |
- struct radeon_encoder_atom_dig *dig = radeon_encoder->enc_priv; |
10635 |
- struct drm_connector *connector = |
10636 |
- radeon_get_connector_for_encoder(encoder); |
10637 |
-diff --git a/drivers/hwmon/coretemp.c b/drivers/hwmon/coretemp.c |
10638 |
-index a6c6ec3..1248ee4 100644 |
10639 |
---- a/drivers/hwmon/coretemp.c |
10640 |
-+++ b/drivers/hwmon/coretemp.c |
10641 |
-@@ -51,7 +51,7 @@ module_param_named(tjmax, force_tjmax, int, 0444); |
10642 |
- MODULE_PARM_DESC(tjmax, "TjMax value in degrees Celsius"); |
10643 |
- |
10644 |
- #define BASE_SYSFS_ATTR_NO 2 /* Sysfs Base attr no for coretemp */ |
10645 |
--#define NUM_REAL_CORES 16 /* Number of Real cores per cpu */ |
10646 |
-+#define NUM_REAL_CORES 32 /* Number of Real cores per cpu */ |
10647 |
- #define CORETEMP_NAME_LENGTH 17 /* String Length of attrs */ |
10648 |
- #define MAX_CORE_ATTRS 4 /* Maximum no of basic attrs */ |
10649 |
- #define TOTAL_ATTRS (MAX_CORE_ATTRS + 1) |
10650 |
-@@ -708,6 +708,10 @@ static void __cpuinit put_core_offline(unsigned int cpu) |
10651 |
- |
10652 |
- indx = TO_ATTR_NO(cpu); |
10653 |
- |
10654 |
-+ /* The core id is too big, just return */ |
10655 |
-+ if (indx > MAX_CORE_DATA - 1) |
10656 |
-+ return; |
10657 |
-+ |
10658 |
- if (pdata->core_data[indx] && pdata->core_data[indx]->cpu == cpu) |
10659 |
- coretemp_remove_core(pdata, &pdev->dev, indx); |
10660 |
- |
10661 |
-diff --git a/drivers/hwmon/fam15h_power.c b/drivers/hwmon/fam15h_power.c |
10662 |
-index 930370d..9a4c3ab 100644 |
10663 |
---- a/drivers/hwmon/fam15h_power.c |
10664 |
-+++ b/drivers/hwmon/fam15h_power.c |
10665 |
-@@ -122,6 +122,41 @@ static bool __devinit fam15h_power_is_internal_node0(struct pci_dev *f4) |
10666 |
- return true; |
10667 |
- } |
10668 |
- |
10669 |
-+/* |
10670 |
-+ * Newer BKDG versions have an updated recommendation on how to properly |
10671 |
-+ * initialize the running average range (was: 0xE, now: 0x9). This avoids |
10672 |
-+ * counter saturations resulting in bogus power readings. |
10673 |
-+ * We correct this value ourselves to cope with older BIOSes. |
10674 |
-+ */ |
10675 |
-+static DEFINE_PCI_DEVICE_TABLE(affected_device) = { |
10676 |
-+ { PCI_VDEVICE(AMD, PCI_DEVICE_ID_AMD_15H_NB_F4) }, |
10677 |
-+ { 0 } |
10678 |
-+}; |
10679 |
-+ |
10680 |
-+static void __devinit tweak_runavg_range(struct pci_dev *pdev) |
10681 |
-+{ |
10682 |
-+ u32 val; |
10683 |
-+ |
10684 |
-+ /* |
10685 |
-+ * let this quirk apply only to the current version of the |
10686 |
-+ * northbridge, since future versions may change the behavior |
10687 |
-+ */ |
10688 |
-+ if (!pci_match_id(affected_device, pdev)) |
10689 |
-+ return; |
10690 |
-+ |
10691 |
-+ pci_bus_read_config_dword(pdev->bus, |
10692 |
-+ PCI_DEVFN(PCI_SLOT(pdev->devfn), 5), |
10693 |
-+ REG_TDP_RUNNING_AVERAGE, &val); |
10694 |
-+ if ((val & 0xf) != 0xe) |
10695 |
-+ return; |
10696 |
-+ |
10697 |
-+ val &= ~0xf; |
10698 |
-+ val |= 0x9; |
10699 |
-+ pci_bus_write_config_dword(pdev->bus, |
10700 |
-+ PCI_DEVFN(PCI_SLOT(pdev->devfn), 5), |
10701 |
-+ REG_TDP_RUNNING_AVERAGE, val); |
10702 |
-+} |
10703 |
-+ |
10704 |
- static void __devinit fam15h_power_init_data(struct pci_dev *f4, |
10705 |
- struct fam15h_power_data *data) |
10706 |
- { |
10707 |
-@@ -155,6 +190,13 @@ static int __devinit fam15h_power_probe(struct pci_dev *pdev, |
10708 |
- struct device *dev; |
10709 |
- int err; |
10710 |
- |
10711 |
-+ /* |
10712 |
-+ * though we ignore every other northbridge, we still have to |
10713 |
-+ * do the tweaking on _each_ node in MCM processors as the counters |
10714 |
-+ * are working hand-in-hand |
10715 |
-+ */ |
10716 |
-+ tweak_runavg_range(pdev); |
10717 |
-+ |
10718 |
- if (!fam15h_power_is_internal_node0(pdev)) { |
10719 |
- err = -ENODEV; |
10720 |
- goto exit; |
10721 |
-diff --git a/drivers/i2c/busses/i2c-pnx.c b/drivers/i2c/busses/i2c-pnx.c |
10722 |
-index 04be9f8..eb8ad53 100644 |
10723 |
---- a/drivers/i2c/busses/i2c-pnx.c |
10724 |
-+++ b/drivers/i2c/busses/i2c-pnx.c |
10725 |
-@@ -546,8 +546,7 @@ static int i2c_pnx_controller_suspend(struct platform_device *pdev, |
10726 |
- { |
10727 |
- struct i2c_pnx_algo_data *alg_data = platform_get_drvdata(pdev); |
10728 |
- |
10729 |
-- /* FIXME: shouldn't this be clk_disable? */ |
10730 |
-- clk_enable(alg_data->clk); |
10731 |
-+ clk_disable(alg_data->clk); |
10732 |
- |
10733 |
- return 0; |
10734 |
- } |
10735 |
-diff --git a/drivers/input/mouse/synaptics.c b/drivers/input/mouse/synaptics.c |
10736 |
-index 8081a0a..a4b14a4 100644 |
10737 |
---- a/drivers/input/mouse/synaptics.c |
10738 |
-+++ b/drivers/input/mouse/synaptics.c |
10739 |
-@@ -274,7 +274,8 @@ static int synaptics_set_advanced_gesture_mode(struct psmouse *psmouse) |
10740 |
- static unsigned char param = 0xc8; |
10741 |
- struct synaptics_data *priv = psmouse->private; |
10742 |
- |
10743 |
-- if (!SYN_CAP_ADV_GESTURE(priv->ext_cap_0c)) |
10744 |
-+ if (!(SYN_CAP_ADV_GESTURE(priv->ext_cap_0c) || |
10745 |
-+ SYN_CAP_IMAGE_SENSOR(priv->ext_cap_0c))) |
10746 |
- return 0; |
10747 |
- |
10748 |
- if (psmouse_sliced_command(psmouse, SYN_QUE_MODEL)) |
10749 |
-diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c |
10750 |
-index 360f2b9..d1162e5 100644 |
10751 |
---- a/drivers/md/raid5.c |
10752 |
-+++ b/drivers/md/raid5.c |
10753 |
-@@ -3277,12 +3277,14 @@ static void analyse_stripe(struct stripe_head *sh, struct stripe_head_state *s) |
10754 |
- /* If there is a failed device being replaced, |
10755 |
- * we must be recovering. |
10756 |
- * else if we are after recovery_cp, we must be syncing |
10757 |
-+ * else if MD_RECOVERY_REQUESTED is set, we also are syncing. |
10758 |
- * else we can only be replacing |
10759 |
- * sync and recovery both need to read all devices, and so |
10760 |
- * use the same flag. |
10761 |
- */ |
10762 |
- if (do_recovery || |
10763 |
-- sh->sector >= conf->mddev->recovery_cp) |
10764 |
-+ sh->sector >= conf->mddev->recovery_cp || |
10765 |
-+ test_bit(MD_RECOVERY_REQUESTED, &(conf->mddev->recovery))) |
10766 |
- s->syncing = 1; |
10767 |
- else |
10768 |
- s->replacing = 1; |
10769 |
-diff --git a/drivers/net/wireless/b43/main.c b/drivers/net/wireless/b43/main.c |
10770 |
-index 23ffb1b..11ab4a4 100644 |
10771 |
---- a/drivers/net/wireless/b43/main.c |
10772 |
-+++ b/drivers/net/wireless/b43/main.c |
10773 |
-@@ -4841,8 +4841,14 @@ static int b43_op_start(struct ieee80211_hw *hw) |
10774 |
- out_mutex_unlock: |
10775 |
- mutex_unlock(&wl->mutex); |
10776 |
- |
10777 |
-- /* reload configuration */ |
10778 |
-- b43_op_config(hw, ~0); |
10779 |
-+ /* |
10780 |
-+ * Configuration may have been overwritten during initialization. |
10781 |
-+ * Reload the configuration, but only if initialization was |
10782 |
-+ * successful. Reloading the configuration after a failed init |
10783 |
-+ * may hang the system. |
10784 |
-+ */ |
10785 |
-+ if (!err) |
10786 |
-+ b43_op_config(hw, ~0); |
10787 |
- |
10788 |
- return err; |
10789 |
- } |
10790 |
-diff --git a/drivers/net/wireless/ipw2x00/ipw2200.c b/drivers/net/wireless/ipw2x00/ipw2200.c |
10791 |
-index 4fcdac6..cb33e6c 100644 |
10792 |
---- a/drivers/net/wireless/ipw2x00/ipw2200.c |
10793 |
-+++ b/drivers/net/wireless/ipw2x00/ipw2200.c |
10794 |
-@@ -2191,6 +2191,7 @@ static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd) |
10795 |
- { |
10796 |
- int rc = 0; |
10797 |
- unsigned long flags; |
10798 |
-+ unsigned long now, end; |
10799 |
- |
10800 |
- spin_lock_irqsave(&priv->lock, flags); |
10801 |
- if (priv->status & STATUS_HCMD_ACTIVE) { |
10802 |
-@@ -2232,10 +2233,20 @@ static int __ipw_send_cmd(struct ipw_priv *priv, struct host_cmd *cmd) |
10803 |
- } |
10804 |
- spin_unlock_irqrestore(&priv->lock, flags); |
10805 |
- |
10806 |
-+ now = jiffies; |
10807 |
-+ end = now + HOST_COMPLETE_TIMEOUT; |
10808 |
-+again: |
10809 |
- rc = wait_event_interruptible_timeout(priv->wait_command_queue, |
10810 |
- !(priv-> |
10811 |
- status & STATUS_HCMD_ACTIVE), |
10812 |
-- HOST_COMPLETE_TIMEOUT); |
10813 |
-+ end - now); |
10814 |
-+ if (rc < 0) { |
10815 |
-+ now = jiffies; |
10816 |
-+ if (time_before(now, end)) |
10817 |
-+ goto again; |
10818 |
-+ rc = 0; |
10819 |
-+ } |
10820 |
-+ |
10821 |
- if (rc == 0) { |
10822 |
- spin_lock_irqsave(&priv->lock, flags); |
10823 |
- if (priv->status & STATUS_HCMD_ACTIVE) { |
10824 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-1000.c b/drivers/net/wireless/iwlwifi/iwl-1000.c |
10825 |
-index 1ef7bfc..9fcd417 100644 |
10826 |
---- a/drivers/net/wireless/iwlwifi/iwl-1000.c |
10827 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-1000.c |
10828 |
-@@ -45,8 +45,8 @@ |
10829 |
- #include "iwl-cfg.h" |
10830 |
- |
10831 |
- /* Highest firmware API version supported */ |
10832 |
--#define IWL1000_UCODE_API_MAX 6 |
10833 |
--#define IWL100_UCODE_API_MAX 6 |
10834 |
-+#define IWL1000_UCODE_API_MAX 5 |
10835 |
-+#define IWL100_UCODE_API_MAX 5 |
10836 |
- |
10837 |
- /* Oldest version we won't warn about */ |
10838 |
- #define IWL1000_UCODE_API_OK 5 |
10839 |
-@@ -235,5 +235,5 @@ struct iwl_cfg iwl100_bg_cfg = { |
10840 |
- IWL_DEVICE_100, |
10841 |
- }; |
10842 |
- |
10843 |
--MODULE_FIRMWARE(IWL1000_MODULE_FIRMWARE(IWL1000_UCODE_API_MAX)); |
10844 |
--MODULE_FIRMWARE(IWL100_MODULE_FIRMWARE(IWL100_UCODE_API_MAX)); |
10845 |
-+MODULE_FIRMWARE(IWL1000_MODULE_FIRMWARE(IWL1000_UCODE_API_OK)); |
10846 |
-+MODULE_FIRMWARE(IWL100_MODULE_FIRMWARE(IWL100_UCODE_API_OK)); |
10847 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-2000.c b/drivers/net/wireless/iwlwifi/iwl-2000.c |
10848 |
-index 0946933..369d6b1 100644 |
10849 |
---- a/drivers/net/wireless/iwlwifi/iwl-2000.c |
10850 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-2000.c |
10851 |
-@@ -51,10 +51,10 @@ |
10852 |
- #define IWL135_UCODE_API_MAX 6 |
10853 |
- |
10854 |
- /* Oldest version we won't warn about */ |
10855 |
--#define IWL2030_UCODE_API_OK 5 |
10856 |
--#define IWL2000_UCODE_API_OK 5 |
10857 |
--#define IWL105_UCODE_API_OK 5 |
10858 |
--#define IWL135_UCODE_API_OK 5 |
10859 |
-+#define IWL2030_UCODE_API_OK 6 |
10860 |
-+#define IWL2000_UCODE_API_OK 6 |
10861 |
-+#define IWL105_UCODE_API_OK 6 |
10862 |
-+#define IWL135_UCODE_API_OK 6 |
10863 |
- |
10864 |
- /* Lowest firmware API version supported */ |
10865 |
- #define IWL2030_UCODE_API_MIN 5 |
10866 |
-@@ -338,7 +338,7 @@ struct iwl_cfg iwl135_bgn_cfg = { |
10867 |
- .ht_params = &iwl2000_ht_params, |
10868 |
- }; |
10869 |
- |
10870 |
--MODULE_FIRMWARE(IWL2000_MODULE_FIRMWARE(IWL2000_UCODE_API_MAX)); |
10871 |
--MODULE_FIRMWARE(IWL2030_MODULE_FIRMWARE(IWL2030_UCODE_API_MAX)); |
10872 |
--MODULE_FIRMWARE(IWL105_MODULE_FIRMWARE(IWL105_UCODE_API_MAX)); |
10873 |
--MODULE_FIRMWARE(IWL135_MODULE_FIRMWARE(IWL135_UCODE_API_MAX)); |
10874 |
-+MODULE_FIRMWARE(IWL2000_MODULE_FIRMWARE(IWL2000_UCODE_API_OK)); |
10875 |
-+MODULE_FIRMWARE(IWL2030_MODULE_FIRMWARE(IWL2030_UCODE_API_OK)); |
10876 |
-+MODULE_FIRMWARE(IWL105_MODULE_FIRMWARE(IWL105_UCODE_API_OK)); |
10877 |
-+MODULE_FIRMWARE(IWL135_MODULE_FIRMWARE(IWL135_UCODE_API_OK)); |
10878 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-5000.c b/drivers/net/wireless/iwlwifi/iwl-5000.c |
10879 |
-index b3a365f..3ce542e 100644 |
10880 |
---- a/drivers/net/wireless/iwlwifi/iwl-5000.c |
10881 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-5000.c |
10882 |
-@@ -50,6 +50,10 @@ |
10883 |
- #define IWL5000_UCODE_API_MAX 5 |
10884 |
- #define IWL5150_UCODE_API_MAX 2 |
10885 |
- |
10886 |
-+/* Oldest version we won't warn about */ |
10887 |
-+#define IWL5000_UCODE_API_OK 5 |
10888 |
-+#define IWL5150_UCODE_API_OK 2 |
10889 |
-+ |
10890 |
- /* Lowest firmware API version supported */ |
10891 |
- #define IWL5000_UCODE_API_MIN 1 |
10892 |
- #define IWL5150_UCODE_API_MIN 1 |
10893 |
-@@ -359,6 +363,7 @@ static struct iwl_ht_params iwl5000_ht_params = { |
10894 |
- #define IWL_DEVICE_5000 \ |
10895 |
- .fw_name_pre = IWL5000_FW_PRE, \ |
10896 |
- .ucode_api_max = IWL5000_UCODE_API_MAX, \ |
10897 |
-+ .ucode_api_ok = IWL5000_UCODE_API_OK, \ |
10898 |
- .ucode_api_min = IWL5000_UCODE_API_MIN, \ |
10899 |
- .eeprom_ver = EEPROM_5000_EEPROM_VERSION, \ |
10900 |
- .eeprom_calib_ver = EEPROM_5000_TX_POWER_VERSION, \ |
10901 |
-@@ -402,6 +407,7 @@ struct iwl_cfg iwl5350_agn_cfg = { |
10902 |
- .name = "Intel(R) WiMAX/WiFi Link 5350 AGN", |
10903 |
- .fw_name_pre = IWL5000_FW_PRE, |
10904 |
- .ucode_api_max = IWL5000_UCODE_API_MAX, |
10905 |
-+ .ucode_api_ok = IWL5000_UCODE_API_OK, |
10906 |
- .ucode_api_min = IWL5000_UCODE_API_MIN, |
10907 |
- .eeprom_ver = EEPROM_5050_EEPROM_VERSION, |
10908 |
- .eeprom_calib_ver = EEPROM_5050_TX_POWER_VERSION, |
10909 |
-@@ -415,6 +421,7 @@ struct iwl_cfg iwl5350_agn_cfg = { |
10910 |
- #define IWL_DEVICE_5150 \ |
10911 |
- .fw_name_pre = IWL5150_FW_PRE, \ |
10912 |
- .ucode_api_max = IWL5150_UCODE_API_MAX, \ |
10913 |
-+ .ucode_api_ok = IWL5150_UCODE_API_OK, \ |
10914 |
- .ucode_api_min = IWL5150_UCODE_API_MIN, \ |
10915 |
- .eeprom_ver = EEPROM_5050_EEPROM_VERSION, \ |
10916 |
- .eeprom_calib_ver = EEPROM_5050_TX_POWER_VERSION, \ |
10917 |
-@@ -436,5 +443,5 @@ struct iwl_cfg iwl5150_abg_cfg = { |
10918 |
- IWL_DEVICE_5150, |
10919 |
- }; |
10920 |
- |
10921 |
--MODULE_FIRMWARE(IWL5000_MODULE_FIRMWARE(IWL5000_UCODE_API_MAX)); |
10922 |
--MODULE_FIRMWARE(IWL5150_MODULE_FIRMWARE(IWL5150_UCODE_API_MAX)); |
10923 |
-+MODULE_FIRMWARE(IWL5000_MODULE_FIRMWARE(IWL5000_UCODE_API_OK)); |
10924 |
-+MODULE_FIRMWARE(IWL5150_MODULE_FIRMWARE(IWL5150_UCODE_API_OK)); |
10925 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-6000.c b/drivers/net/wireless/iwlwifi/iwl-6000.c |
10926 |
-index 54b7533..cf806ae 100644 |
10927 |
---- a/drivers/net/wireless/iwlwifi/iwl-6000.c |
10928 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-6000.c |
10929 |
-@@ -53,6 +53,8 @@ |
10930 |
- /* Oldest version we won't warn about */ |
10931 |
- #define IWL6000_UCODE_API_OK 4 |
10932 |
- #define IWL6000G2_UCODE_API_OK 5 |
10933 |
-+#define IWL6050_UCODE_API_OK 5 |
10934 |
-+#define IWL6000G2B_UCODE_API_OK 6 |
10935 |
- |
10936 |
- /* Lowest firmware API version supported */ |
10937 |
- #define IWL6000_UCODE_API_MIN 4 |
10938 |
-@@ -389,7 +391,7 @@ struct iwl_cfg iwl6005_2agn_d_cfg = { |
10939 |
- #define IWL_DEVICE_6030 \ |
10940 |
- .fw_name_pre = IWL6030_FW_PRE, \ |
10941 |
- .ucode_api_max = IWL6000G2_UCODE_API_MAX, \ |
10942 |
-- .ucode_api_ok = IWL6000G2_UCODE_API_OK, \ |
10943 |
-+ .ucode_api_ok = IWL6000G2B_UCODE_API_OK, \ |
10944 |
- .ucode_api_min = IWL6000G2_UCODE_API_MIN, \ |
10945 |
- .eeprom_ver = EEPROM_6030_EEPROM_VERSION, \ |
10946 |
- .eeprom_calib_ver = EEPROM_6030_TX_POWER_VERSION, \ |
10947 |
-@@ -548,6 +550,6 @@ struct iwl_cfg iwl6000_3agn_cfg = { |
10948 |
- }; |
10949 |
- |
10950 |
- MODULE_FIRMWARE(IWL6000_MODULE_FIRMWARE(IWL6000_UCODE_API_OK)); |
10951 |
--MODULE_FIRMWARE(IWL6050_MODULE_FIRMWARE(IWL6050_UCODE_API_MAX)); |
10952 |
--MODULE_FIRMWARE(IWL6005_MODULE_FIRMWARE(IWL6000G2_UCODE_API_MAX)); |
10953 |
--MODULE_FIRMWARE(IWL6030_MODULE_FIRMWARE(IWL6000G2_UCODE_API_MAX)); |
10954 |
-+MODULE_FIRMWARE(IWL6050_MODULE_FIRMWARE(IWL6050_UCODE_API_OK)); |
10955 |
-+MODULE_FIRMWARE(IWL6005_MODULE_FIRMWARE(IWL6000G2_UCODE_API_OK)); |
10956 |
-+MODULE_FIRMWARE(IWL6030_MODULE_FIRMWARE(IWL6000G2B_UCODE_API_OK)); |
10957 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-agn.c b/drivers/net/wireless/iwlwifi/iwl-agn.c |
10958 |
-index b5c7c5f..2db9cd7 100644 |
10959 |
---- a/drivers/net/wireless/iwlwifi/iwl-agn.c |
10960 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-agn.c |
10961 |
-@@ -1403,7 +1403,6 @@ static void iwl_bg_run_time_calib_work(struct work_struct *work) |
10962 |
- |
10963 |
- void iwlagn_prepare_restart(struct iwl_priv *priv) |
10964 |
- { |
10965 |
-- struct iwl_rxon_context *ctx; |
10966 |
- bool bt_full_concurrent; |
10967 |
- u8 bt_ci_compliance; |
10968 |
- u8 bt_load; |
10969 |
-@@ -1412,8 +1411,6 @@ void iwlagn_prepare_restart(struct iwl_priv *priv) |
10970 |
- |
10971 |
- lockdep_assert_held(&priv->shrd->mutex); |
10972 |
- |
10973 |
-- for_each_context(priv, ctx) |
10974 |
-- ctx->vif = NULL; |
10975 |
- priv->is_open = 0; |
10976 |
- |
10977 |
- /* |
10978 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-fh.h b/drivers/net/wireless/iwlwifi/iwl-fh.h |
10979 |
-index 5bede9d..aae992a 100644 |
10980 |
---- a/drivers/net/wireless/iwlwifi/iwl-fh.h |
10981 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-fh.h |
10982 |
-@@ -104,15 +104,29 @@ |
10983 |
- * (see struct iwl_tfd_frame). These 16 pointer registers are offset by 0x04 |
10984 |
- * bytes from one another. Each TFD circular buffer in DRAM must be 256-byte |
10985 |
- * aligned (address bits 0-7 must be 0). |
10986 |
-+ * Later devices have 20 (5000 series) or 30 (higher) queues, but the registers |
10987 |
-+ * for them are in different places. |
10988 |
- * |
10989 |
- * Bit fields in each pointer register: |
10990 |
- * 27-0: TFD CB physical base address [35:8], must be 256-byte aligned |
10991 |
- */ |
10992 |
--#define FH_MEM_CBBC_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0x9D0) |
10993 |
--#define FH_MEM_CBBC_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xA10) |
10994 |
-- |
10995 |
--/* Find TFD CB base pointer for given queue (range 0-15). */ |
10996 |
--#define FH_MEM_CBBC_QUEUE(x) (FH_MEM_CBBC_LOWER_BOUND + (x) * 0x4) |
10997 |
-+#define FH_MEM_CBBC_0_15_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0x9D0) |
10998 |
-+#define FH_MEM_CBBC_0_15_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xA10) |
10999 |
-+#define FH_MEM_CBBC_16_19_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0xBF0) |
11000 |
-+#define FH_MEM_CBBC_16_19_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xC00) |
11001 |
-+#define FH_MEM_CBBC_20_31_LOWER_BOUND (FH_MEM_LOWER_BOUND + 0xB20) |
11002 |
-+#define FH_MEM_CBBC_20_31_UPPER_BOUND (FH_MEM_LOWER_BOUND + 0xB80) |
11003 |
-+ |
11004 |
-+/* Find TFD CB base pointer for given queue */ |
11005 |
-+static inline unsigned int FH_MEM_CBBC_QUEUE(unsigned int chnl) |
11006 |
-+{ |
11007 |
-+ if (chnl < 16) |
11008 |
-+ return FH_MEM_CBBC_0_15_LOWER_BOUND + 4 * chnl; |
11009 |
-+ if (chnl < 20) |
11010 |
-+ return FH_MEM_CBBC_16_19_LOWER_BOUND + 4 * (chnl - 16); |
11011 |
-+ WARN_ON_ONCE(chnl >= 32); |
11012 |
-+ return FH_MEM_CBBC_20_31_LOWER_BOUND + 4 * (chnl - 20); |
11013 |
-+} |
11014 |
- |
11015 |
- |
11016 |
- /** |
11017 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-mac80211.c b/drivers/net/wireless/iwlwifi/iwl-mac80211.c |
11018 |
-index f980e57..4fd5199 100644 |
11019 |
---- a/drivers/net/wireless/iwlwifi/iwl-mac80211.c |
11020 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-mac80211.c |
11021 |
-@@ -1226,6 +1226,7 @@ static int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
11022 |
- struct iwl_rxon_context *tmp, *ctx = NULL; |
11023 |
- int err; |
11024 |
- enum nl80211_iftype viftype = ieee80211_vif_type_p2p(vif); |
11025 |
-+ bool reset = false; |
11026 |
- |
11027 |
- IWL_DEBUG_MAC80211(priv, "enter: type %d, addr %pM\n", |
11028 |
- viftype, vif->addr); |
11029 |
-@@ -1247,6 +1248,13 @@ static int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
11030 |
- tmp->interface_modes | tmp->exclusive_interface_modes; |
11031 |
- |
11032 |
- if (tmp->vif) { |
11033 |
-+ /* On reset we need to add the same interface again */ |
11034 |
-+ if (tmp->vif == vif) { |
11035 |
-+ reset = true; |
11036 |
-+ ctx = tmp; |
11037 |
-+ break; |
11038 |
-+ } |
11039 |
-+ |
11040 |
- /* check if this busy context is exclusive */ |
11041 |
- if (tmp->exclusive_interface_modes & |
11042 |
- BIT(tmp->vif->type)) { |
11043 |
-@@ -1273,7 +1281,7 @@ static int iwlagn_mac_add_interface(struct ieee80211_hw *hw, |
11044 |
- ctx->vif = vif; |
11045 |
- |
11046 |
- err = iwl_setup_interface(priv, ctx); |
11047 |
-- if (!err) |
11048 |
-+ if (!err || reset) |
11049 |
- goto out; |
11050 |
- |
11051 |
- ctx->vif = NULL; |
11052 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-prph.h b/drivers/net/wireless/iwlwifi/iwl-prph.h |
11053 |
-index bebdd82..d9b089e 100644 |
11054 |
---- a/drivers/net/wireless/iwlwifi/iwl-prph.h |
11055 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-prph.h |
11056 |
-@@ -227,12 +227,33 @@ |
11057 |
- #define SCD_AIT (SCD_BASE + 0x0c) |
11058 |
- #define SCD_TXFACT (SCD_BASE + 0x10) |
11059 |
- #define SCD_ACTIVE (SCD_BASE + 0x14) |
11060 |
--#define SCD_QUEUE_WRPTR(x) (SCD_BASE + 0x18 + (x) * 4) |
11061 |
--#define SCD_QUEUE_RDPTR(x) (SCD_BASE + 0x68 + (x) * 4) |
11062 |
- #define SCD_QUEUECHAIN_SEL (SCD_BASE + 0xe8) |
11063 |
- #define SCD_AGGR_SEL (SCD_BASE + 0x248) |
11064 |
- #define SCD_INTERRUPT_MASK (SCD_BASE + 0x108) |
11065 |
--#define SCD_QUEUE_STATUS_BITS(x) (SCD_BASE + 0x10c + (x) * 4) |
11066 |
-+ |
11067 |
-+static inline unsigned int SCD_QUEUE_WRPTR(unsigned int chnl) |
11068 |
-+{ |
11069 |
-+ if (chnl < 20) |
11070 |
-+ return SCD_BASE + 0x18 + chnl * 4; |
11071 |
-+ WARN_ON_ONCE(chnl >= 32); |
11072 |
-+ return SCD_BASE + 0x284 + (chnl - 20) * 4; |
11073 |
-+} |
11074 |
-+ |
11075 |
-+static inline unsigned int SCD_QUEUE_RDPTR(unsigned int chnl) |
11076 |
-+{ |
11077 |
-+ if (chnl < 20) |
11078 |
-+ return SCD_BASE + 0x68 + chnl * 4; |
11079 |
-+ WARN_ON_ONCE(chnl >= 32); |
11080 |
-+ return SCD_BASE + 0x2B4 + (chnl - 20) * 4; |
11081 |
-+} |
11082 |
-+ |
11083 |
-+static inline unsigned int SCD_QUEUE_STATUS_BITS(unsigned int chnl) |
11084 |
-+{ |
11085 |
-+ if (chnl < 20) |
11086 |
-+ return SCD_BASE + 0x10c + chnl * 4; |
11087 |
-+ WARN_ON_ONCE(chnl >= 32); |
11088 |
-+ return SCD_BASE + 0x384 + (chnl - 20) * 4; |
11089 |
-+} |
11090 |
- |
11091 |
- /*********************** END TX SCHEDULER *************************************/ |
11092 |
- |
11093 |
-diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c |
11094 |
-index c694cae..b588ca8 100644 |
11095 |
---- a/drivers/net/wireless/rtlwifi/pci.c |
11096 |
-+++ b/drivers/net/wireless/rtlwifi/pci.c |
11097 |
-@@ -1955,6 +1955,7 @@ void rtl_pci_disconnect(struct pci_dev *pdev) |
11098 |
- rtl_deinit_deferred_work(hw); |
11099 |
- rtlpriv->intf_ops->adapter_stop(hw); |
11100 |
- } |
11101 |
-+ rtlpriv->cfg->ops->disable_interrupt(hw); |
11102 |
- |
11103 |
- /*deinit rfkill */ |
11104 |
- rtl_deinit_rfkill(hw); |
11105 |
-diff --git a/drivers/net/wireless/wl1251/main.c b/drivers/net/wireless/wl1251/main.c |
11106 |
-index ba3268e..40c1574 100644 |
11107 |
---- a/drivers/net/wireless/wl1251/main.c |
11108 |
-+++ b/drivers/net/wireless/wl1251/main.c |
11109 |
-@@ -479,6 +479,7 @@ static void wl1251_op_stop(struct ieee80211_hw *hw) |
11110 |
- cancel_work_sync(&wl->irq_work); |
11111 |
- cancel_work_sync(&wl->tx_work); |
11112 |
- cancel_work_sync(&wl->filter_work); |
11113 |
-+ cancel_delayed_work_sync(&wl->elp_work); |
11114 |
- |
11115 |
- mutex_lock(&wl->mutex); |
11116 |
- |
11117 |
-diff --git a/drivers/net/wireless/wl1251/sdio.c b/drivers/net/wireless/wl1251/sdio.c |
11118 |
-index f786942..1b851f6 100644 |
11119 |
---- a/drivers/net/wireless/wl1251/sdio.c |
11120 |
-+++ b/drivers/net/wireless/wl1251/sdio.c |
11121 |
-@@ -315,8 +315,8 @@ static void __devexit wl1251_sdio_remove(struct sdio_func *func) |
11122 |
- |
11123 |
- if (wl->irq) |
11124 |
- free_irq(wl->irq, wl); |
11125 |
-- kfree(wl_sdio); |
11126 |
- wl1251_free_hw(wl); |
11127 |
-+ kfree(wl_sdio); |
11128 |
- |
11129 |
- sdio_claim_host(func); |
11130 |
- sdio_release_irq(func); |
11131 |
-diff --git a/drivers/platform/x86/dell-laptop.c b/drivers/platform/x86/dell-laptop.c |
11132 |
-index 92e42d4..1d3bcce 100644 |
11133 |
---- a/drivers/platform/x86/dell-laptop.c |
11134 |
-+++ b/drivers/platform/x86/dell-laptop.c |
11135 |
-@@ -211,6 +211,7 @@ static struct dmi_system_id __devinitdata dell_quirks[] = { |
11136 |
- }, |
11137 |
- .driver_data = &quirk_dell_vostro_v130, |
11138 |
- }, |
11139 |
-+ { } |
11140 |
- }; |
11141 |
- |
11142 |
- static struct calling_interface_buffer *buffer; |
11143 |
-diff --git a/drivers/scsi/libsas/sas_expander.c b/drivers/scsi/libsas/sas_expander.c |
11144 |
-index 1b831c5..e48ba4b 100644 |
11145 |
---- a/drivers/scsi/libsas/sas_expander.c |
11146 |
-+++ b/drivers/scsi/libsas/sas_expander.c |
11147 |
-@@ -192,7 +192,14 @@ static void sas_set_ex_phy(struct domain_device *dev, int phy_id, |
11148 |
- phy->attached_sata_ps = dr->attached_sata_ps; |
11149 |
- phy->attached_iproto = dr->iproto << 1; |
11150 |
- phy->attached_tproto = dr->tproto << 1; |
11151 |
-- memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE); |
11152 |
-+ /* help some expanders that fail to zero sas_address in the 'no |
11153 |
-+ * device' case |
11154 |
-+ */ |
11155 |
-+ if (phy->attached_dev_type == NO_DEVICE || |
11156 |
-+ phy->linkrate < SAS_LINK_RATE_1_5_GBPS) |
11157 |
-+ memset(phy->attached_sas_addr, 0, SAS_ADDR_SIZE); |
11158 |
-+ else |
11159 |
-+ memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE); |
11160 |
- phy->attached_phy_id = dr->attached_phy_id; |
11161 |
- phy->phy_change_count = dr->change_count; |
11162 |
- phy->routing_attr = dr->routing_attr; |
11163 |
-@@ -1643,9 +1650,17 @@ static int sas_find_bcast_phy(struct domain_device *dev, int *phy_id, |
11164 |
- int phy_change_count = 0; |
11165 |
- |
11166 |
- res = sas_get_phy_change_count(dev, i, &phy_change_count); |
11167 |
-- if (res) |
11168 |
-- goto out; |
11169 |
-- else if (phy_change_count != ex->ex_phy[i].phy_change_count) { |
11170 |
-+ switch (res) { |
11171 |
-+ case SMP_RESP_PHY_VACANT: |
11172 |
-+ case SMP_RESP_NO_PHY: |
11173 |
-+ continue; |
11174 |
-+ case SMP_RESP_FUNC_ACC: |
11175 |
-+ break; |
11176 |
-+ default: |
11177 |
-+ return res; |
11178 |
-+ } |
11179 |
-+ |
11180 |
-+ if (phy_change_count != ex->ex_phy[i].phy_change_count) { |
11181 |
- if (update) |
11182 |
- ex->ex_phy[i].phy_change_count = |
11183 |
- phy_change_count; |
11184 |
-@@ -1653,8 +1668,7 @@ static int sas_find_bcast_phy(struct domain_device *dev, int *phy_id, |
11185 |
- return 0; |
11186 |
- } |
11187 |
- } |
11188 |
--out: |
11189 |
-- return res; |
11190 |
-+ return 0; |
11191 |
- } |
11192 |
- |
11193 |
- static int sas_get_ex_change_count(struct domain_device *dev, int *ecc) |
11194 |
-diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c |
11195 |
-index 2f085fb..7b45f66 100644 |
11196 |
---- a/drivers/usb/class/cdc-wdm.c |
11197 |
-+++ b/drivers/usb/class/cdc-wdm.c |
11198 |
-@@ -108,8 +108,9 @@ static void wdm_out_callback(struct urb *urb) |
11199 |
- spin_lock(&desc->iuspin); |
11200 |
- desc->werr = urb->status; |
11201 |
- spin_unlock(&desc->iuspin); |
11202 |
-- clear_bit(WDM_IN_USE, &desc->flags); |
11203 |
- kfree(desc->outbuf); |
11204 |
-+ desc->outbuf = NULL; |
11205 |
-+ clear_bit(WDM_IN_USE, &desc->flags); |
11206 |
- wake_up(&desc->wait); |
11207 |
- } |
11208 |
- |
11209 |
-@@ -312,7 +313,7 @@ static ssize_t wdm_write |
11210 |
- if (we < 0) |
11211 |
- return -EIO; |
11212 |
- |
11213 |
-- desc->outbuf = buf = kmalloc(count, GFP_KERNEL); |
11214 |
-+ buf = kmalloc(count, GFP_KERNEL); |
11215 |
- if (!buf) { |
11216 |
- rv = -ENOMEM; |
11217 |
- goto outnl; |
11218 |
-@@ -376,10 +377,12 @@ static ssize_t wdm_write |
11219 |
- req->wIndex = desc->inum; |
11220 |
- req->wLength = cpu_to_le16(count); |
11221 |
- set_bit(WDM_IN_USE, &desc->flags); |
11222 |
-+ desc->outbuf = buf; |
11223 |
- |
11224 |
- rv = usb_submit_urb(desc->command, GFP_KERNEL); |
11225 |
- if (rv < 0) { |
11226 |
- kfree(buf); |
11227 |
-+ desc->outbuf = NULL; |
11228 |
- clear_bit(WDM_IN_USE, &desc->flags); |
11229 |
- dev_err(&desc->intf->dev, "Tx URB error: %d\n", rv); |
11230 |
- } else { |
11231 |
-diff --git a/drivers/usb/core/hcd-pci.c b/drivers/usb/core/hcd-pci.c |
11232 |
-index 81e2c0d..c4dfcc0 100644 |
11233 |
---- a/drivers/usb/core/hcd-pci.c |
11234 |
-+++ b/drivers/usb/core/hcd-pci.c |
11235 |
-@@ -491,6 +491,15 @@ static int hcd_pci_suspend_noirq(struct device *dev) |
11236 |
- |
11237 |
- pci_save_state(pci_dev); |
11238 |
- |
11239 |
-+ /* |
11240 |
-+ * Some systems crash if an EHCI controller is in D3 during |
11241 |
-+ * a sleep transition. We have to leave such controllers in D0. |
11242 |
-+ */ |
11243 |
-+ if (hcd->broken_pci_sleep) { |
11244 |
-+ dev_dbg(dev, "Staying in PCI D0\n"); |
11245 |
-+ return retval; |
11246 |
-+ } |
11247 |
-+ |
11248 |
- /* If the root hub is dead rather than suspended, disallow remote |
11249 |
- * wakeup. usb_hc_died() should ensure that both hosts are marked as |
11250 |
- * dying, so we only need to check the primary roothub. |
11251 |
-diff --git a/drivers/usb/gadget/dummy_hcd.c b/drivers/usb/gadget/dummy_hcd.c |
11252 |
-index db815c2..9098642 100644 |
11253 |
---- a/drivers/usb/gadget/dummy_hcd.c |
11254 |
-+++ b/drivers/usb/gadget/dummy_hcd.c |
11255 |
-@@ -924,7 +924,6 @@ static int dummy_udc_stop(struct usb_gadget *g, |
11256 |
- |
11257 |
- dum->driver = NULL; |
11258 |
- |
11259 |
-- dummy_pullup(&dum->gadget, 0); |
11260 |
- return 0; |
11261 |
- } |
11262 |
- |
11263 |
-diff --git a/drivers/usb/gadget/f_mass_storage.c b/drivers/usb/gadget/f_mass_storage.c |
11264 |
-index ee8ceec..1d7682d 100644 |
11265 |
---- a/drivers/usb/gadget/f_mass_storage.c |
11266 |
-+++ b/drivers/usb/gadget/f_mass_storage.c |
11267 |
-@@ -2190,7 +2190,7 @@ unknown_cmnd: |
11268 |
- common->data_size_from_cmnd = 0; |
11269 |
- sprintf(unknown, "Unknown x%02x", common->cmnd[0]); |
11270 |
- reply = check_command(common, common->cmnd_size, |
11271 |
-- DATA_DIR_UNKNOWN, 0xff, 0, unknown); |
11272 |
-+ DATA_DIR_UNKNOWN, ~0, 0, unknown); |
11273 |
- if (reply == 0) { |
11274 |
- common->curlun->sense_data = SS_INVALID_COMMAND; |
11275 |
- reply = -EINVAL; |
11276 |
-diff --git a/drivers/usb/gadget/file_storage.c b/drivers/usb/gadget/file_storage.c |
11277 |
-index 47766f0..18d96e0 100644 |
11278 |
---- a/drivers/usb/gadget/file_storage.c |
11279 |
-+++ b/drivers/usb/gadget/file_storage.c |
11280 |
-@@ -2579,7 +2579,7 @@ static int do_scsi_command(struct fsg_dev *fsg) |
11281 |
- fsg->data_size_from_cmnd = 0; |
11282 |
- sprintf(unknown, "Unknown x%02x", fsg->cmnd[0]); |
11283 |
- if ((reply = check_command(fsg, fsg->cmnd_size, |
11284 |
-- DATA_DIR_UNKNOWN, 0xff, 0, unknown)) == 0) { |
11285 |
-+ DATA_DIR_UNKNOWN, ~0, 0, unknown)) == 0) { |
11286 |
- fsg->curlun->sense_data = SS_INVALID_COMMAND; |
11287 |
- reply = -EINVAL; |
11288 |
- } |
11289 |
-diff --git a/drivers/usb/gadget/uvc.h b/drivers/usb/gadget/uvc.h |
11290 |
-index bc78c60..ca4e03a 100644 |
11291 |
---- a/drivers/usb/gadget/uvc.h |
11292 |
-+++ b/drivers/usb/gadget/uvc.h |
11293 |
-@@ -28,7 +28,7 @@ |
11294 |
- |
11295 |
- struct uvc_request_data |
11296 |
- { |
11297 |
-- unsigned int length; |
11298 |
-+ __s32 length; |
11299 |
- __u8 data[60]; |
11300 |
- }; |
11301 |
- |
11302 |
-diff --git a/drivers/usb/gadget/uvc_v4l2.c b/drivers/usb/gadget/uvc_v4l2.c |
11303 |
-index f6e083b..54d7ca5 100644 |
11304 |
---- a/drivers/usb/gadget/uvc_v4l2.c |
11305 |
-+++ b/drivers/usb/gadget/uvc_v4l2.c |
11306 |
-@@ -39,7 +39,7 @@ uvc_send_response(struct uvc_device *uvc, struct uvc_request_data *data) |
11307 |
- if (data->length < 0) |
11308 |
- return usb_ep_set_halt(cdev->gadget->ep0); |
11309 |
- |
11310 |
-- req->length = min(uvc->event_length, data->length); |
11311 |
-+ req->length = min_t(unsigned int, uvc->event_length, data->length); |
11312 |
- req->zero = data->length < uvc->event_length; |
11313 |
- req->dma = DMA_ADDR_INVALID; |
11314 |
- |
11315 |
-diff --git a/drivers/usb/host/ehci-pci.c b/drivers/usb/host/ehci-pci.c |
11316 |
-index 01bb7241d..fe8dc06 100644 |
11317 |
---- a/drivers/usb/host/ehci-pci.c |
11318 |
-+++ b/drivers/usb/host/ehci-pci.c |
11319 |
-@@ -144,6 +144,14 @@ static int ehci_pci_setup(struct usb_hcd *hcd) |
11320 |
- hcd->has_tt = 1; |
11321 |
- tdi_reset(ehci); |
11322 |
- } |
11323 |
-+ if (pdev->subsystem_vendor == PCI_VENDOR_ID_ASUSTEK) { |
11324 |
-+ /* EHCI #1 or #2 on 6 Series/C200 Series chipset */ |
11325 |
-+ if (pdev->device == 0x1c26 || pdev->device == 0x1c2d) { |
11326 |
-+ ehci_info(ehci, "broken D3 during system sleep on ASUS\n"); |
11327 |
-+ hcd->broken_pci_sleep = 1; |
11328 |
-+ device_set_wakeup_capable(&pdev->dev, false); |
11329 |
-+ } |
11330 |
-+ } |
11331 |
- break; |
11332 |
- case PCI_VENDOR_ID_TDI: |
11333 |
- if (pdev->device == PCI_DEVICE_ID_TDI_EHCI) { |
11334 |
-diff --git a/drivers/usb/host/ehci-tegra.c b/drivers/usb/host/ehci-tegra.c |
11335 |
-index dbc7fe8..de36b8c 100644 |
11336 |
---- a/drivers/usb/host/ehci-tegra.c |
11337 |
-+++ b/drivers/usb/host/ehci-tegra.c |
11338 |
-@@ -601,7 +601,6 @@ static int setup_vbus_gpio(struct platform_device *pdev) |
11339 |
- dev_err(&pdev->dev, "can't enable vbus\n"); |
11340 |
- return err; |
11341 |
- } |
11342 |
-- gpio_set_value(gpio, 1); |
11343 |
- |
11344 |
- return err; |
11345 |
- } |
11346 |
-diff --git a/fs/autofs4/autofs_i.h b/fs/autofs4/autofs_i.h |
11347 |
-index eb1cc92..908e184 100644 |
11348 |
---- a/fs/autofs4/autofs_i.h |
11349 |
-+++ b/fs/autofs4/autofs_i.h |
11350 |
-@@ -110,7 +110,6 @@ struct autofs_sb_info { |
11351 |
- int sub_version; |
11352 |
- int min_proto; |
11353 |
- int max_proto; |
11354 |
-- int compat_daemon; |
11355 |
- unsigned long exp_timeout; |
11356 |
- unsigned int type; |
11357 |
- int reghost_enabled; |
11358 |
-@@ -270,6 +269,17 @@ int autofs4_fill_super(struct super_block *, void *, int); |
11359 |
- struct autofs_info *autofs4_new_ino(struct autofs_sb_info *); |
11360 |
- void autofs4_clean_ino(struct autofs_info *); |
11361 |
- |
11362 |
-+static inline int autofs_prepare_pipe(struct file *pipe) |
11363 |
-+{ |
11364 |
-+ if (!pipe->f_op || !pipe->f_op->write) |
11365 |
-+ return -EINVAL; |
11366 |
-+ if (!S_ISFIFO(pipe->f_dentry->d_inode->i_mode)) |
11367 |
-+ return -EINVAL; |
11368 |
-+ /* We want a packet pipe */ |
11369 |
-+ pipe->f_flags |= O_DIRECT; |
11370 |
-+ return 0; |
11371 |
-+} |
11372 |
-+ |
11373 |
- /* Queue management functions */ |
11374 |
- |
11375 |
- int autofs4_wait(struct autofs_sb_info *,struct dentry *, enum autofs_notify); |
11376 |
-diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c |
11377 |
-index 85f1fcd..d06d95a 100644 |
11378 |
---- a/fs/autofs4/dev-ioctl.c |
11379 |
-+++ b/fs/autofs4/dev-ioctl.c |
11380 |
-@@ -376,7 +376,7 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp, |
11381 |
- err = -EBADF; |
11382 |
- goto out; |
11383 |
- } |
11384 |
-- if (!pipe->f_op || !pipe->f_op->write) { |
11385 |
-+ if (autofs_prepare_pipe(pipe) < 0) { |
11386 |
- err = -EPIPE; |
11387 |
- fput(pipe); |
11388 |
- goto out; |
11389 |
-@@ -385,7 +385,6 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp, |
11390 |
- sbi->pipefd = pipefd; |
11391 |
- sbi->pipe = pipe; |
11392 |
- sbi->catatonic = 0; |
11393 |
-- sbi->compat_daemon = is_compat_task(); |
11394 |
- } |
11395 |
- out: |
11396 |
- mutex_unlock(&sbi->wq_mutex); |
11397 |
-diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c |
11398 |
-index 06858d9..9ef53a6 100644 |
11399 |
---- a/fs/autofs4/inode.c |
11400 |
-+++ b/fs/autofs4/inode.c |
11401 |
-@@ -19,7 +19,6 @@ |
11402 |
- #include <linux/parser.h> |
11403 |
- #include <linux/bitops.h> |
11404 |
- #include <linux/magic.h> |
11405 |
--#include <linux/compat.h> |
11406 |
- #include "autofs_i.h" |
11407 |
- #include <linux/module.h> |
11408 |
- |
11409 |
-@@ -225,7 +224,6 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) |
11410 |
- set_autofs_type_indirect(&sbi->type); |
11411 |
- sbi->min_proto = 0; |
11412 |
- sbi->max_proto = 0; |
11413 |
-- sbi->compat_daemon = is_compat_task(); |
11414 |
- mutex_init(&sbi->wq_mutex); |
11415 |
- mutex_init(&sbi->pipe_mutex); |
11416 |
- spin_lock_init(&sbi->fs_lock); |
11417 |
-@@ -295,7 +293,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) |
11418 |
- printk("autofs: could not open pipe file descriptor\n"); |
11419 |
- goto fail_dput; |
11420 |
- } |
11421 |
-- if (!pipe->f_op || !pipe->f_op->write) |
11422 |
-+ if (autofs_prepare_pipe(pipe) < 0) |
11423 |
- goto fail_fput; |
11424 |
- sbi->pipe = pipe; |
11425 |
- sbi->pipefd = pipefd; |
11426 |
-diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c |
11427 |
-index 9c098db..f624cd0 100644 |
11428 |
---- a/fs/autofs4/waitq.c |
11429 |
-+++ b/fs/autofs4/waitq.c |
11430 |
-@@ -92,23 +92,6 @@ static int autofs4_write(struct autofs_sb_info *sbi, |
11431 |
- return (bytes > 0); |
11432 |
- } |
11433 |
- |
11434 |
--/* |
11435 |
-- * The autofs_v5 packet was misdesigned. |
11436 |
-- * |
11437 |
-- * The packets are identical on x86-32 and x86-64, but have different |
11438 |
-- * alignment. Which means that 'sizeof()' will give different results. |
11439 |
-- * Fix it up for the case of running 32-bit user mode on a 64-bit kernel. |
11440 |
-- */ |
11441 |
--static noinline size_t autofs_v5_packet_size(struct autofs_sb_info *sbi) |
11442 |
--{ |
11443 |
-- size_t pktsz = sizeof(struct autofs_v5_packet); |
11444 |
--#if defined(CONFIG_X86_64) && defined(CONFIG_COMPAT) |
11445 |
-- if (sbi->compat_daemon > 0) |
11446 |
-- pktsz -= 4; |
11447 |
--#endif |
11448 |
-- return pktsz; |
11449 |
--} |
11450 |
-- |
11451 |
- static void autofs4_notify_daemon(struct autofs_sb_info *sbi, |
11452 |
- struct autofs_wait_queue *wq, |
11453 |
- int type) |
11454 |
-@@ -172,7 +155,8 @@ static void autofs4_notify_daemon(struct autofs_sb_info *sbi, |
11455 |
- { |
11456 |
- struct autofs_v5_packet *packet = &pkt.v5_pkt.v5_packet; |
11457 |
- |
11458 |
-- pktsz = autofs_v5_packet_size(sbi); |
11459 |
-+ pktsz = sizeof(*packet); |
11460 |
-+ |
11461 |
- packet->wait_queue_token = wq->wait_queue_token; |
11462 |
- packet->len = wq->name.len; |
11463 |
- memcpy(packet->name, wq->name.name, wq->name.len); |
11464 |
-diff --git a/fs/exec.c b/fs/exec.c |
11465 |
-index 153dee1..ae42277 100644 |
11466 |
---- a/fs/exec.c |
11467 |
-+++ b/fs/exec.c |
11468 |
-@@ -975,6 +975,9 @@ static int de_thread(struct task_struct *tsk) |
11469 |
- sig->notify_count = 0; |
11470 |
- |
11471 |
- no_thread_group: |
11472 |
-+ /* we have changed execution domain */ |
11473 |
-+ tsk->exit_signal = SIGCHLD; |
11474 |
-+ |
11475 |
- if (current->mm) |
11476 |
- setmax_mm_hiwater_rss(&sig->maxrss, current->mm); |
11477 |
- |
11478 |
-diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c |
11479 |
-index 4dfbfec..ec2a9c2 100644 |
11480 |
---- a/fs/hfsplus/catalog.c |
11481 |
-+++ b/fs/hfsplus/catalog.c |
11482 |
-@@ -366,6 +366,10 @@ int hfsplus_rename_cat(u32 cnid, |
11483 |
- err = hfs_brec_find(&src_fd); |
11484 |
- if (err) |
11485 |
- goto out; |
11486 |
-+ if (src_fd.entrylength > sizeof(entry) || src_fd.entrylength < 0) { |
11487 |
-+ err = -EIO; |
11488 |
-+ goto out; |
11489 |
-+ } |
11490 |
- |
11491 |
- hfs_bnode_read(src_fd.bnode, &entry, src_fd.entryoffset, |
11492 |
- src_fd.entrylength); |
11493 |
-diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c |
11494 |
-index 88e155f..26b53fb 100644 |
11495 |
---- a/fs/hfsplus/dir.c |
11496 |
-+++ b/fs/hfsplus/dir.c |
11497 |
-@@ -150,6 +150,11 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
11498 |
- filp->f_pos++; |
11499 |
- /* fall through */ |
11500 |
- case 1: |
11501 |
-+ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
11502 |
-+ err = -EIO; |
11503 |
-+ goto out; |
11504 |
-+ } |
11505 |
-+ |
11506 |
- hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
11507 |
- fd.entrylength); |
11508 |
- if (be16_to_cpu(entry.type) != HFSPLUS_FOLDER_THREAD) { |
11509 |
-@@ -181,6 +186,12 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir) |
11510 |
- err = -EIO; |
11511 |
- goto out; |
11512 |
- } |
11513 |
-+ |
11514 |
-+ if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) { |
11515 |
-+ err = -EIO; |
11516 |
-+ goto out; |
11517 |
-+ } |
11518 |
-+ |
11519 |
- hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, |
11520 |
- fd.entrylength); |
11521 |
- type = be16_to_cpu(entry.type); |
11522 |
-diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
11523 |
-index 9a54c9e..2612223 100644 |
11524 |
---- a/fs/nfs/nfs4proc.c |
11525 |
-+++ b/fs/nfs/nfs4proc.c |
11526 |
-@@ -4460,7 +4460,9 @@ static int _nfs4_do_setlk(struct nfs4_state *state, int cmd, struct file_lock *f |
11527 |
- static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request) |
11528 |
- { |
11529 |
- struct nfs_server *server = NFS_SERVER(state->inode); |
11530 |
-- struct nfs4_exception exception = { }; |
11531 |
-+ struct nfs4_exception exception = { |
11532 |
-+ .inode = state->inode, |
11533 |
-+ }; |
11534 |
- int err; |
11535 |
- |
11536 |
- do { |
11537 |
-@@ -4478,7 +4480,9 @@ static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request |
11538 |
- static int nfs4_lock_expired(struct nfs4_state *state, struct file_lock *request) |
11539 |
- { |
11540 |
- struct nfs_server *server = NFS_SERVER(state->inode); |
11541 |
-- struct nfs4_exception exception = { }; |
11542 |
-+ struct nfs4_exception exception = { |
11543 |
-+ .inode = state->inode, |
11544 |
-+ }; |
11545 |
- int err; |
11546 |
- |
11547 |
- err = nfs4_set_lock_state(state, request); |
11548 |
-@@ -4558,6 +4562,7 @@ static int nfs4_proc_setlk(struct nfs4_state *state, int cmd, struct file_lock * |
11549 |
- { |
11550 |
- struct nfs4_exception exception = { |
11551 |
- .state = state, |
11552 |
-+ .inode = state->inode, |
11553 |
- }; |
11554 |
- int err; |
11555 |
- |
11556 |
-@@ -4603,6 +4608,20 @@ nfs4_proc_lock(struct file *filp, int cmd, struct file_lock *request) |
11557 |
- |
11558 |
- if (state == NULL) |
11559 |
- return -ENOLCK; |
11560 |
-+ /* |
11561 |
-+ * Don't rely on the VFS having checked the file open mode, |
11562 |
-+ * since it won't do this for flock() locks. |
11563 |
-+ */ |
11564 |
-+ switch (request->fl_type & (F_RDLCK|F_WRLCK|F_UNLCK)) { |
11565 |
-+ case F_RDLCK: |
11566 |
-+ if (!(filp->f_mode & FMODE_READ)) |
11567 |
-+ return -EBADF; |
11568 |
-+ break; |
11569 |
-+ case F_WRLCK: |
11570 |
-+ if (!(filp->f_mode & FMODE_WRITE)) |
11571 |
-+ return -EBADF; |
11572 |
-+ } |
11573 |
-+ |
11574 |
- do { |
11575 |
- status = nfs4_proc_setlk(state, cmd, request); |
11576 |
- if ((status != -EAGAIN) || IS_SETLK(cmd)) |
11577 |
-diff --git a/fs/nfs/read.c b/fs/nfs/read.c |
11578 |
-index cfa175c..41bae32 100644 |
11579 |
---- a/fs/nfs/read.c |
11580 |
-+++ b/fs/nfs/read.c |
11581 |
-@@ -324,7 +324,7 @@ out_bad: |
11582 |
- while (!list_empty(res)) { |
11583 |
- data = list_entry(res->next, struct nfs_read_data, list); |
11584 |
- list_del(&data->list); |
11585 |
-- nfs_readdata_free(data); |
11586 |
-+ nfs_readdata_release(data); |
11587 |
- } |
11588 |
- nfs_readpage_release(req); |
11589 |
- return -ENOMEM; |
11590 |
-diff --git a/fs/nfs/super.c b/fs/nfs/super.c |
11591 |
-index 3dfa4f1..e4622ee 100644 |
11592 |
---- a/fs/nfs/super.c |
11593 |
-+++ b/fs/nfs/super.c |
11594 |
-@@ -2707,11 +2707,15 @@ static struct vfsmount *nfs_do_root_mount(struct file_system_type *fs_type, |
11595 |
- char *root_devname; |
11596 |
- size_t len; |
11597 |
- |
11598 |
-- len = strlen(hostname) + 3; |
11599 |
-+ len = strlen(hostname) + 5; |
11600 |
- root_devname = kmalloc(len, GFP_KERNEL); |
11601 |
- if (root_devname == NULL) |
11602 |
- return ERR_PTR(-ENOMEM); |
11603 |
-- snprintf(root_devname, len, "%s:/", hostname); |
11604 |
-+ /* Does hostname needs to be enclosed in brackets? */ |
11605 |
-+ if (strchr(hostname, ':')) |
11606 |
-+ snprintf(root_devname, len, "[%s]:/", hostname); |
11607 |
-+ else |
11608 |
-+ snprintf(root_devname, len, "%s:/", hostname); |
11609 |
- root_mnt = vfs_kern_mount(fs_type, flags, root_devname, data); |
11610 |
- kfree(root_devname); |
11611 |
- return root_mnt; |
11612 |
-diff --git a/fs/nfs/write.c b/fs/nfs/write.c |
11613 |
-index 834f0fe..8fcc23a 100644 |
11614 |
---- a/fs/nfs/write.c |
11615 |
-+++ b/fs/nfs/write.c |
11616 |
-@@ -974,7 +974,7 @@ out_bad: |
11617 |
- while (!list_empty(res)) { |
11618 |
- data = list_entry(res->next, struct nfs_write_data, list); |
11619 |
- list_del(&data->list); |
11620 |
-- nfs_writedata_free(data); |
11621 |
-+ nfs_writedata_release(data); |
11622 |
- } |
11623 |
- nfs_redirty_request(req); |
11624 |
- return -ENOMEM; |
11625 |
-diff --git a/fs/pipe.c b/fs/pipe.c |
11626 |
-index a932ced..82e651b 100644 |
11627 |
---- a/fs/pipe.c |
11628 |
-+++ b/fs/pipe.c |
11629 |
-@@ -345,6 +345,16 @@ static const struct pipe_buf_operations anon_pipe_buf_ops = { |
11630 |
- .get = generic_pipe_buf_get, |
11631 |
- }; |
11632 |
- |
11633 |
-+static const struct pipe_buf_operations packet_pipe_buf_ops = { |
11634 |
-+ .can_merge = 0, |
11635 |
-+ .map = generic_pipe_buf_map, |
11636 |
-+ .unmap = generic_pipe_buf_unmap, |
11637 |
-+ .confirm = generic_pipe_buf_confirm, |
11638 |
-+ .release = anon_pipe_buf_release, |
11639 |
-+ .steal = generic_pipe_buf_steal, |
11640 |
-+ .get = generic_pipe_buf_get, |
11641 |
-+}; |
11642 |
-+ |
11643 |
- static ssize_t |
11644 |
- pipe_read(struct kiocb *iocb, const struct iovec *_iov, |
11645 |
- unsigned long nr_segs, loff_t pos) |
11646 |
-@@ -406,6 +416,13 @@ redo: |
11647 |
- ret += chars; |
11648 |
- buf->offset += chars; |
11649 |
- buf->len -= chars; |
11650 |
-+ |
11651 |
-+ /* Was it a packet buffer? Clean up and exit */ |
11652 |
-+ if (buf->flags & PIPE_BUF_FLAG_PACKET) { |
11653 |
-+ total_len = chars; |
11654 |
-+ buf->len = 0; |
11655 |
-+ } |
11656 |
-+ |
11657 |
- if (!buf->len) { |
11658 |
- buf->ops = NULL; |
11659 |
- ops->release(pipe, buf); |
11660 |
-@@ -458,6 +475,11 @@ redo: |
11661 |
- return ret; |
11662 |
- } |
11663 |
- |
11664 |
-+static inline int is_packetized(struct file *file) |
11665 |
-+{ |
11666 |
-+ return (file->f_flags & O_DIRECT) != 0; |
11667 |
-+} |
11668 |
-+ |
11669 |
- static ssize_t |
11670 |
- pipe_write(struct kiocb *iocb, const struct iovec *_iov, |
11671 |
- unsigned long nr_segs, loff_t ppos) |
11672 |
-@@ -592,6 +614,11 @@ redo2: |
11673 |
- buf->ops = &anon_pipe_buf_ops; |
11674 |
- buf->offset = 0; |
11675 |
- buf->len = chars; |
11676 |
-+ buf->flags = 0; |
11677 |
-+ if (is_packetized(filp)) { |
11678 |
-+ buf->ops = &packet_pipe_buf_ops; |
11679 |
-+ buf->flags = PIPE_BUF_FLAG_PACKET; |
11680 |
-+ } |
11681 |
- pipe->nrbufs = ++bufs; |
11682 |
- pipe->tmp_page = NULL; |
11683 |
- |
11684 |
-@@ -1012,7 +1039,7 @@ struct file *create_write_pipe(int flags) |
11685 |
- goto err_dentry; |
11686 |
- f->f_mapping = inode->i_mapping; |
11687 |
- |
11688 |
-- f->f_flags = O_WRONLY | (flags & O_NONBLOCK); |
11689 |
-+ f->f_flags = O_WRONLY | (flags & (O_NONBLOCK | O_DIRECT)); |
11690 |
- f->f_version = 0; |
11691 |
- |
11692 |
- return f; |
11693 |
-@@ -1056,7 +1083,7 @@ int do_pipe_flags(int *fd, int flags) |
11694 |
- int error; |
11695 |
- int fdw, fdr; |
11696 |
- |
11697 |
-- if (flags & ~(O_CLOEXEC | O_NONBLOCK)) |
11698 |
-+ if (flags & ~(O_CLOEXEC | O_NONBLOCK | O_DIRECT)) |
11699 |
- return -EINVAL; |
11700 |
- |
11701 |
- fw = create_write_pipe(flags); |
11702 |
-diff --git a/include/linux/efi.h b/include/linux/efi.h |
11703 |
-index 37c3007..7cce0ea 100644 |
11704 |
---- a/include/linux/efi.h |
11705 |
-+++ b/include/linux/efi.h |
11706 |
-@@ -510,7 +510,18 @@ extern int __init efi_setup_pcdp_console(char *); |
11707 |
- #define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001 |
11708 |
- #define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002 |
11709 |
- #define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004 |
11710 |
-- |
11711 |
-+#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008 |
11712 |
-+#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010 |
11713 |
-+#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020 |
11714 |
-+#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040 |
11715 |
-+ |
11716 |
-+#define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \ |
11717 |
-+ EFI_VARIABLE_BOOTSERVICE_ACCESS | \ |
11718 |
-+ EFI_VARIABLE_RUNTIME_ACCESS | \ |
11719 |
-+ EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ |
11720 |
-+ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ |
11721 |
-+ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ |
11722 |
-+ EFI_VARIABLE_APPEND_WRITE) |
11723 |
- /* |
11724 |
- * The type of search to perform when calling boottime->locate_handle |
11725 |
- */ |
11726 |
-diff --git a/include/linux/pipe_fs_i.h b/include/linux/pipe_fs_i.h |
11727 |
-index 77257c9..0072a53 100644 |
11728 |
---- a/include/linux/pipe_fs_i.h |
11729 |
-+++ b/include/linux/pipe_fs_i.h |
11730 |
-@@ -8,6 +8,7 @@ |
11731 |
- #define PIPE_BUF_FLAG_LRU 0x01 /* page is on the LRU */ |
11732 |
- #define PIPE_BUF_FLAG_ATOMIC 0x02 /* was atomically mapped */ |
11733 |
- #define PIPE_BUF_FLAG_GIFT 0x04 /* page is a gift */ |
11734 |
-+#define PIPE_BUF_FLAG_PACKET 0x08 /* read() as a packet */ |
11735 |
- |
11736 |
- /** |
11737 |
- * struct pipe_buffer - a linux kernel pipe buffer |
11738 |
-diff --git a/include/linux/usb/hcd.h b/include/linux/usb/hcd.h |
11739 |
-index b2f62f3..05695ba 100644 |
11740 |
---- a/include/linux/usb/hcd.h |
11741 |
-+++ b/include/linux/usb/hcd.h |
11742 |
-@@ -126,6 +126,8 @@ struct usb_hcd { |
11743 |
- unsigned wireless:1; /* Wireless USB HCD */ |
11744 |
- unsigned authorized_default:1; |
11745 |
- unsigned has_tt:1; /* Integrated TT in root hub */ |
11746 |
-+ unsigned broken_pci_sleep:1; /* Don't put the |
11747 |
-+ controller in PCI-D3 for system sleep */ |
11748 |
- |
11749 |
- int irq; /* irq allocated */ |
11750 |
- void __iomem *regs; /* device memory/io */ |
11751 |
-diff --git a/kernel/exit.c b/kernel/exit.c |
11752 |
-index 4b4042f..46c8b14 100644 |
11753 |
---- a/kernel/exit.c |
11754 |
-+++ b/kernel/exit.c |
11755 |
-@@ -818,25 +818,6 @@ static void exit_notify(struct task_struct *tsk, int group_dead) |
11756 |
- if (group_dead) |
11757 |
- kill_orphaned_pgrp(tsk->group_leader, NULL); |
11758 |
- |
11759 |
-- /* Let father know we died |
11760 |
-- * |
11761 |
-- * Thread signals are configurable, but you aren't going to use |
11762 |
-- * that to send signals to arbitrary processes. |
11763 |
-- * That stops right now. |
11764 |
-- * |
11765 |
-- * If the parent exec id doesn't match the exec id we saved |
11766 |
-- * when we started then we know the parent has changed security |
11767 |
-- * domain. |
11768 |
-- * |
11769 |
-- * If our self_exec id doesn't match our parent_exec_id then |
11770 |
-- * we have changed execution domain as these two values started |
11771 |
-- * the same after a fork. |
11772 |
-- */ |
11773 |
-- if (thread_group_leader(tsk) && tsk->exit_signal != SIGCHLD && |
11774 |
-- (tsk->parent_exec_id != tsk->real_parent->self_exec_id || |
11775 |
-- tsk->self_exec_id != tsk->parent_exec_id)) |
11776 |
-- tsk->exit_signal = SIGCHLD; |
11777 |
-- |
11778 |
- if (unlikely(tsk->ptrace)) { |
11779 |
- int sig = thread_group_leader(tsk) && |
11780 |
- thread_group_empty(tsk) && |
11781 |
-diff --git a/kernel/power/swap.c b/kernel/power/swap.c |
11782 |
-index 8742fd0..eef311a 100644 |
11783 |
---- a/kernel/power/swap.c |
11784 |
-+++ b/kernel/power/swap.c |
11785 |
-@@ -51,6 +51,23 @@ |
11786 |
- |
11787 |
- #define MAP_PAGE_ENTRIES (PAGE_SIZE / sizeof(sector_t) - 1) |
11788 |
- |
11789 |
-+/* |
11790 |
-+ * Number of free pages that are not high. |
11791 |
-+ */ |
11792 |
-+static inline unsigned long low_free_pages(void) |
11793 |
-+{ |
11794 |
-+ return nr_free_pages() - nr_free_highpages(); |
11795 |
-+} |
11796 |
-+ |
11797 |
-+/* |
11798 |
-+ * Number of pages required to be kept free while writing the image. Always |
11799 |
-+ * half of all available low pages before the writing starts. |
11800 |
-+ */ |
11801 |
-+static inline unsigned long reqd_free_pages(void) |
11802 |
-+{ |
11803 |
-+ return low_free_pages() / 2; |
11804 |
-+} |
11805 |
-+ |
11806 |
- struct swap_map_page { |
11807 |
- sector_t entries[MAP_PAGE_ENTRIES]; |
11808 |
- sector_t next_swap; |
11809 |
-@@ -72,7 +89,7 @@ struct swap_map_handle { |
11810 |
- sector_t cur_swap; |
11811 |
- sector_t first_sector; |
11812 |
- unsigned int k; |
11813 |
-- unsigned long nr_free_pages, written; |
11814 |
-+ unsigned long reqd_free_pages; |
11815 |
- u32 crc32; |
11816 |
- }; |
11817 |
- |
11818 |
-@@ -316,8 +333,7 @@ static int get_swap_writer(struct swap_map_handle *handle) |
11819 |
- goto err_rel; |
11820 |
- } |
11821 |
- handle->k = 0; |
11822 |
-- handle->nr_free_pages = nr_free_pages() >> 1; |
11823 |
-- handle->written = 0; |
11824 |
-+ handle->reqd_free_pages = reqd_free_pages(); |
11825 |
- handle->first_sector = handle->cur_swap; |
11826 |
- return 0; |
11827 |
- err_rel: |
11828 |
-@@ -352,11 +368,11 @@ static int swap_write_page(struct swap_map_handle *handle, void *buf, |
11829 |
- handle->cur_swap = offset; |
11830 |
- handle->k = 0; |
11831 |
- } |
11832 |
-- if (bio_chain && ++handle->written > handle->nr_free_pages) { |
11833 |
-+ if (bio_chain && low_free_pages() <= handle->reqd_free_pages) { |
11834 |
- error = hib_wait_on_bio_chain(bio_chain); |
11835 |
- if (error) |
11836 |
- goto out; |
11837 |
-- handle->written = 0; |
11838 |
-+ handle->reqd_free_pages = reqd_free_pages(); |
11839 |
- } |
11840 |
- out: |
11841 |
- return error; |
11842 |
-@@ -618,7 +634,7 @@ static int save_image_lzo(struct swap_map_handle *handle, |
11843 |
- * Adjust number of free pages after all allocations have been done. |
11844 |
- * We don't want to run out of pages when writing. |
11845 |
- */ |
11846 |
-- handle->nr_free_pages = nr_free_pages() >> 1; |
11847 |
-+ handle->reqd_free_pages = reqd_free_pages(); |
11848 |
- |
11849 |
- /* |
11850 |
- * Start the CRC32 thread. |
11851 |
-diff --git a/kernel/sched/core.c b/kernel/sched/core.c |
11852 |
-index b342f57..478a04c 100644 |
11853 |
---- a/kernel/sched/core.c |
11854 |
-+++ b/kernel/sched/core.c |
11855 |
-@@ -2266,13 +2266,10 @@ calc_load_n(unsigned long load, unsigned long exp, |
11856 |
- * Once we've updated the global active value, we need to apply the exponential |
11857 |
- * weights adjusted to the number of cycles missed. |
11858 |
- */ |
11859 |
--static void calc_global_nohz(unsigned long ticks) |
11860 |
-+static void calc_global_nohz(void) |
11861 |
- { |
11862 |
- long delta, active, n; |
11863 |
- |
11864 |
-- if (time_before(jiffies, calc_load_update)) |
11865 |
-- return; |
11866 |
-- |
11867 |
- /* |
11868 |
- * If we crossed a calc_load_update boundary, make sure to fold |
11869 |
- * any pending idle changes, the respective CPUs might have |
11870 |
-@@ -2284,31 +2281,25 @@ static void calc_global_nohz(unsigned long ticks) |
11871 |
- atomic_long_add(delta, &calc_load_tasks); |
11872 |
- |
11873 |
- /* |
11874 |
-- * If we were idle for multiple load cycles, apply them. |
11875 |
-+ * It could be the one fold was all it took, we done! |
11876 |
- */ |
11877 |
-- if (ticks >= LOAD_FREQ) { |
11878 |
-- n = ticks / LOAD_FREQ; |
11879 |
-+ if (time_before(jiffies, calc_load_update + 10)) |
11880 |
-+ return; |
11881 |
- |
11882 |
-- active = atomic_long_read(&calc_load_tasks); |
11883 |
-- active = active > 0 ? active * FIXED_1 : 0; |
11884 |
-+ /* |
11885 |
-+ * Catch-up, fold however many we are behind still |
11886 |
-+ */ |
11887 |
-+ delta = jiffies - calc_load_update - 10; |
11888 |
-+ n = 1 + (delta / LOAD_FREQ); |
11889 |
- |
11890 |
-- avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
11891 |
-- avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
11892 |
-- avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
11893 |
-+ active = atomic_long_read(&calc_load_tasks); |
11894 |
-+ active = active > 0 ? active * FIXED_1 : 0; |
11895 |
- |
11896 |
-- calc_load_update += n * LOAD_FREQ; |
11897 |
-- } |
11898 |
-+ avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
11899 |
-+ avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
11900 |
-+ avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
11901 |
- |
11902 |
-- /* |
11903 |
-- * Its possible the remainder of the above division also crosses |
11904 |
-- * a LOAD_FREQ period, the regular check in calc_global_load() |
11905 |
-- * which comes after this will take care of that. |
11906 |
-- * |
11907 |
-- * Consider us being 11 ticks before a cycle completion, and us |
11908 |
-- * sleeping for 4*LOAD_FREQ + 22 ticks, then the above code will |
11909 |
-- * age us 4 cycles, and the test in calc_global_load() will |
11910 |
-- * pick up the final one. |
11911 |
-- */ |
11912 |
-+ calc_load_update += n * LOAD_FREQ; |
11913 |
- } |
11914 |
- #else |
11915 |
- void calc_load_account_idle(struct rq *this_rq) |
11916 |
-@@ -2320,7 +2311,7 @@ static inline long calc_load_fold_idle(void) |
11917 |
- return 0; |
11918 |
- } |
11919 |
- |
11920 |
--static void calc_global_nohz(unsigned long ticks) |
11921 |
-+static void calc_global_nohz(void) |
11922 |
- { |
11923 |
- } |
11924 |
- #endif |
11925 |
-@@ -2348,8 +2339,6 @@ void calc_global_load(unsigned long ticks) |
11926 |
- { |
11927 |
- long active; |
11928 |
- |
11929 |
-- calc_global_nohz(ticks); |
11930 |
-- |
11931 |
- if (time_before(jiffies, calc_load_update + 10)) |
11932 |
- return; |
11933 |
- |
11934 |
-@@ -2361,6 +2350,16 @@ void calc_global_load(unsigned long ticks) |
11935 |
- avenrun[2] = calc_load(avenrun[2], EXP_15, active); |
11936 |
- |
11937 |
- calc_load_update += LOAD_FREQ; |
11938 |
-+ |
11939 |
-+ /* |
11940 |
-+ * Account one period with whatever state we found before |
11941 |
-+ * folding in the nohz state and ageing the entire idle period. |
11942 |
-+ * |
11943 |
-+ * This avoids loosing a sample when we go idle between |
11944 |
-+ * calc_load_account_active() (10 ticks ago) and now and thus |
11945 |
-+ * under-accounting. |
11946 |
-+ */ |
11947 |
-+ calc_global_nohz(); |
11948 |
- } |
11949 |
- |
11950 |
- /* |
11951 |
-@@ -6334,16 +6333,26 @@ static void __sdt_free(const struct cpumask *cpu_map) |
11952 |
- struct sd_data *sdd = &tl->data; |
11953 |
- |
11954 |
- for_each_cpu(j, cpu_map) { |
11955 |
-- struct sched_domain *sd = *per_cpu_ptr(sdd->sd, j); |
11956 |
-- if (sd && (sd->flags & SD_OVERLAP)) |
11957 |
-- free_sched_groups(sd->groups, 0); |
11958 |
-- kfree(*per_cpu_ptr(sdd->sd, j)); |
11959 |
-- kfree(*per_cpu_ptr(sdd->sg, j)); |
11960 |
-- kfree(*per_cpu_ptr(sdd->sgp, j)); |
11961 |
-+ struct sched_domain *sd; |
11962 |
-+ |
11963 |
-+ if (sdd->sd) { |
11964 |
-+ sd = *per_cpu_ptr(sdd->sd, j); |
11965 |
-+ if (sd && (sd->flags & SD_OVERLAP)) |
11966 |
-+ free_sched_groups(sd->groups, 0); |
11967 |
-+ kfree(*per_cpu_ptr(sdd->sd, j)); |
11968 |
-+ } |
11969 |
-+ |
11970 |
-+ if (sdd->sg) |
11971 |
-+ kfree(*per_cpu_ptr(sdd->sg, j)); |
11972 |
-+ if (sdd->sgp) |
11973 |
-+ kfree(*per_cpu_ptr(sdd->sgp, j)); |
11974 |
- } |
11975 |
- free_percpu(sdd->sd); |
11976 |
-+ sdd->sd = NULL; |
11977 |
- free_percpu(sdd->sg); |
11978 |
-+ sdd->sg = NULL; |
11979 |
- free_percpu(sdd->sgp); |
11980 |
-+ sdd->sgp = NULL; |
11981 |
- } |
11982 |
- } |
11983 |
- |
11984 |
-diff --git a/kernel/signal.c b/kernel/signal.c |
11985 |
-index c73c428..b09cf3b 100644 |
11986 |
---- a/kernel/signal.c |
11987 |
-+++ b/kernel/signal.c |
11988 |
-@@ -1642,6 +1642,15 @@ bool do_notify_parent(struct task_struct *tsk, int sig) |
11989 |
- BUG_ON(!tsk->ptrace && |
11990 |
- (tsk->group_leader != tsk || !thread_group_empty(tsk))); |
11991 |
- |
11992 |
-+ if (sig != SIGCHLD) { |
11993 |
-+ /* |
11994 |
-+ * This is only possible if parent == real_parent. |
11995 |
-+ * Check if it has changed security domain. |
11996 |
-+ */ |
11997 |
-+ if (tsk->parent_exec_id != tsk->parent->self_exec_id) |
11998 |
-+ sig = SIGCHLD; |
11999 |
-+ } |
12000 |
-+ |
12001 |
- info.si_signo = sig; |
12002 |
- info.si_errno = 0; |
12003 |
- /* |
12004 |
-diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c |
12005 |
-index 0d6ff35..d9c07f0 100644 |
12006 |
---- a/kernel/trace/trace_output.c |
12007 |
-+++ b/kernel/trace/trace_output.c |
12008 |
-@@ -650,6 +650,8 @@ int trace_print_lat_context(struct trace_iterator *iter) |
12009 |
- { |
12010 |
- u64 next_ts; |
12011 |
- int ret; |
12012 |
-+ /* trace_find_next_entry will reset ent_size */ |
12013 |
-+ int ent_size = iter->ent_size; |
12014 |
- struct trace_seq *s = &iter->seq; |
12015 |
- struct trace_entry *entry = iter->ent, |
12016 |
- *next_entry = trace_find_next_entry(iter, NULL, |
12017 |
-@@ -658,6 +660,9 @@ int trace_print_lat_context(struct trace_iterator *iter) |
12018 |
- unsigned long abs_usecs = ns2usecs(iter->ts - iter->tr->time_start); |
12019 |
- unsigned long rel_usecs; |
12020 |
- |
12021 |
-+ /* Restore the original ent_size */ |
12022 |
-+ iter->ent_size = ent_size; |
12023 |
-+ |
12024 |
- if (!next_entry) |
12025 |
- next_ts = iter->ts; |
12026 |
- rel_usecs = ns2usecs(next_ts - iter->ts); |
12027 |
-diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c |
12028 |
-index e05667c..6a31cea 100644 |
12029 |
---- a/net/mac80211/tx.c |
12030 |
-+++ b/net/mac80211/tx.c |
12031 |
-@@ -1144,7 +1144,8 @@ ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata, |
12032 |
- tx->sta = rcu_dereference(sdata->u.vlan.sta); |
12033 |
- if (!tx->sta && sdata->dev->ieee80211_ptr->use_4addr) |
12034 |
- return TX_DROP; |
12035 |
-- } else if (info->flags & IEEE80211_TX_CTL_INJECTED) { |
12036 |
-+ } else if (info->flags & IEEE80211_TX_CTL_INJECTED || |
12037 |
-+ tx->sdata->control_port_protocol == tx->skb->protocol) { |
12038 |
- tx->sta = sta_info_get_bss(sdata, hdr->addr1); |
12039 |
- } |
12040 |
- if (!tx->sta) |
12041 |
-diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c |
12042 |
-index afeea32..bf945c9 100644 |
12043 |
---- a/net/wireless/nl80211.c |
12044 |
-+++ b/net/wireless/nl80211.c |
12045 |
-@@ -1293,6 +1293,11 @@ static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) |
12046 |
- goto bad_res; |
12047 |
- } |
12048 |
- |
12049 |
-+ if (!netif_running(netdev)) { |
12050 |
-+ result = -ENETDOWN; |
12051 |
-+ goto bad_res; |
12052 |
-+ } |
12053 |
-+ |
12054 |
- nla_for_each_nested(nl_txq_params, |
12055 |
- info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], |
12056 |
- rem_txq_params) { |
12057 |
-@@ -6262,7 +6267,7 @@ static struct genl_ops nl80211_ops[] = { |
12058 |
- .doit = nl80211_get_key, |
12059 |
- .policy = nl80211_policy, |
12060 |
- .flags = GENL_ADMIN_PERM, |
12061 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12062 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12063 |
- NL80211_FLAG_NEED_RTNL, |
12064 |
- }, |
12065 |
- { |
12066 |
-@@ -6294,7 +6299,7 @@ static struct genl_ops nl80211_ops[] = { |
12067 |
- .policy = nl80211_policy, |
12068 |
- .flags = GENL_ADMIN_PERM, |
12069 |
- .doit = nl80211_addset_beacon, |
12070 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12071 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12072 |
- NL80211_FLAG_NEED_RTNL, |
12073 |
- }, |
12074 |
- { |
12075 |
-@@ -6302,7 +6307,7 @@ static struct genl_ops nl80211_ops[] = { |
12076 |
- .policy = nl80211_policy, |
12077 |
- .flags = GENL_ADMIN_PERM, |
12078 |
- .doit = nl80211_addset_beacon, |
12079 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12080 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12081 |
- NL80211_FLAG_NEED_RTNL, |
12082 |
- }, |
12083 |
- { |
12084 |
-@@ -6326,7 +6331,7 @@ static struct genl_ops nl80211_ops[] = { |
12085 |
- .doit = nl80211_set_station, |
12086 |
- .policy = nl80211_policy, |
12087 |
- .flags = GENL_ADMIN_PERM, |
12088 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12089 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12090 |
- NL80211_FLAG_NEED_RTNL, |
12091 |
- }, |
12092 |
- { |
12093 |
-@@ -6342,7 +6347,7 @@ static struct genl_ops nl80211_ops[] = { |
12094 |
- .doit = nl80211_del_station, |
12095 |
- .policy = nl80211_policy, |
12096 |
- .flags = GENL_ADMIN_PERM, |
12097 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12098 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12099 |
- NL80211_FLAG_NEED_RTNL, |
12100 |
- }, |
12101 |
- { |
12102 |
-@@ -6375,7 +6380,7 @@ static struct genl_ops nl80211_ops[] = { |
12103 |
- .doit = nl80211_del_mpath, |
12104 |
- .policy = nl80211_policy, |
12105 |
- .flags = GENL_ADMIN_PERM, |
12106 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12107 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12108 |
- NL80211_FLAG_NEED_RTNL, |
12109 |
- }, |
12110 |
- { |
12111 |
-@@ -6383,7 +6388,7 @@ static struct genl_ops nl80211_ops[] = { |
12112 |
- .doit = nl80211_set_bss, |
12113 |
- .policy = nl80211_policy, |
12114 |
- .flags = GENL_ADMIN_PERM, |
12115 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12116 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12117 |
- NL80211_FLAG_NEED_RTNL, |
12118 |
- }, |
12119 |
- { |
12120 |
-@@ -6409,7 +6414,7 @@ static struct genl_ops nl80211_ops[] = { |
12121 |
- .doit = nl80211_get_mesh_config, |
12122 |
- .policy = nl80211_policy, |
12123 |
- /* can be retrieved by unprivileged users */ |
12124 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12125 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12126 |
- NL80211_FLAG_NEED_RTNL, |
12127 |
- }, |
12128 |
- { |
12129 |
-@@ -6542,7 +6547,7 @@ static struct genl_ops nl80211_ops[] = { |
12130 |
- .doit = nl80211_setdel_pmksa, |
12131 |
- .policy = nl80211_policy, |
12132 |
- .flags = GENL_ADMIN_PERM, |
12133 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12134 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12135 |
- NL80211_FLAG_NEED_RTNL, |
12136 |
- }, |
12137 |
- { |
12138 |
-@@ -6550,7 +6555,7 @@ static struct genl_ops nl80211_ops[] = { |
12139 |
- .doit = nl80211_setdel_pmksa, |
12140 |
- .policy = nl80211_policy, |
12141 |
- .flags = GENL_ADMIN_PERM, |
12142 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12143 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12144 |
- NL80211_FLAG_NEED_RTNL, |
12145 |
- }, |
12146 |
- { |
12147 |
-@@ -6558,7 +6563,7 @@ static struct genl_ops nl80211_ops[] = { |
12148 |
- .doit = nl80211_flush_pmksa, |
12149 |
- .policy = nl80211_policy, |
12150 |
- .flags = GENL_ADMIN_PERM, |
12151 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12152 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12153 |
- NL80211_FLAG_NEED_RTNL, |
12154 |
- }, |
12155 |
- { |
12156 |
-@@ -6718,7 +6723,7 @@ static struct genl_ops nl80211_ops[] = { |
12157 |
- .doit = nl80211_probe_client, |
12158 |
- .policy = nl80211_policy, |
12159 |
- .flags = GENL_ADMIN_PERM, |
12160 |
-- .internal_flags = NL80211_FLAG_NEED_NETDEV | |
12161 |
-+ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
12162 |
- NL80211_FLAG_NEED_RTNL, |
12163 |
- }, |
12164 |
- { |
12165 |
-diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
12166 |
-index e5153ea..0960ece 100644 |
12167 |
---- a/sound/pci/hda/patch_realtek.c |
12168 |
-+++ b/sound/pci/hda/patch_realtek.c |
12169 |
-@@ -5402,6 +5402,7 @@ static const struct alc_fixup alc269_fixups[] = { |
12170 |
- }; |
12171 |
- |
12172 |
- static const struct snd_pci_quirk alc269_fixup_tbl[] = { |
12173 |
-+ SND_PCI_QUIRK(0x1043, 0x1427, "Asus Zenbook UX31E", ALC269VB_FIXUP_DMIC), |
12174 |
- SND_PCI_QUIRK(0x1043, 0x1a13, "Asus G73Jw", ALC269_FIXUP_ASUS_G73JW), |
12175 |
- SND_PCI_QUIRK(0x1043, 0x16e3, "ASUS UX50", ALC269_FIXUP_STEREO_DMIC), |
12176 |
- SND_PCI_QUIRK(0x1043, 0x831a, "ASUS P901", ALC269_FIXUP_STEREO_DMIC), |
12177 |
-diff --git a/sound/soc/codecs/wm8994.c b/sound/soc/codecs/wm8994.c |
12178 |
-index 900c91b..e5cc616 100644 |
12179 |
---- a/sound/soc/codecs/wm8994.c |
12180 |
-+++ b/sound/soc/codecs/wm8994.c |
12181 |
-@@ -929,61 +929,170 @@ static void wm8994_update_class_w(struct snd_soc_codec *codec) |
12182 |
- } |
12183 |
- } |
12184 |
- |
12185 |
--static int late_enable_ev(struct snd_soc_dapm_widget *w, |
12186 |
-- struct snd_kcontrol *kcontrol, int event) |
12187 |
-+static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
12188 |
-+ struct snd_kcontrol *kcontrol, int event) |
12189 |
- { |
12190 |
- struct snd_soc_codec *codec = w->codec; |
12191 |
-- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12192 |
-+ struct wm8994 *control = codec->control_data; |
12193 |
-+ int mask = WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC1R_ENA; |
12194 |
-+ int dac; |
12195 |
-+ int adc; |
12196 |
-+ int val; |
12197 |
-+ |
12198 |
-+ switch (control->type) { |
12199 |
-+ case WM8994: |
12200 |
-+ case WM8958: |
12201 |
-+ mask |= WM8994_AIF1DAC2L_ENA | WM8994_AIF1DAC2R_ENA; |
12202 |
-+ break; |
12203 |
-+ default: |
12204 |
-+ break; |
12205 |
-+ } |
12206 |
- |
12207 |
- switch (event) { |
12208 |
- case SND_SOC_DAPM_PRE_PMU: |
12209 |
-- if (wm8994->aif1clk_enable) { |
12210 |
-- snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
12211 |
-- WM8994_AIF1CLK_ENA_MASK, |
12212 |
-- WM8994_AIF1CLK_ENA); |
12213 |
-- wm8994->aif1clk_enable = 0; |
12214 |
-- } |
12215 |
-- if (wm8994->aif2clk_enable) { |
12216 |
-- snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
12217 |
-- WM8994_AIF2CLK_ENA_MASK, |
12218 |
-- WM8994_AIF2CLK_ENA); |
12219 |
-- wm8994->aif2clk_enable = 0; |
12220 |
-- } |
12221 |
-+ val = snd_soc_read(codec, WM8994_AIF1_CONTROL_1); |
12222 |
-+ if ((val & WM8994_AIF1ADCL_SRC) && |
12223 |
-+ (val & WM8994_AIF1ADCR_SRC)) |
12224 |
-+ adc = WM8994_AIF1ADC1R_ENA | WM8994_AIF1ADC2R_ENA; |
12225 |
-+ else if (!(val & WM8994_AIF1ADCL_SRC) && |
12226 |
-+ !(val & WM8994_AIF1ADCR_SRC)) |
12227 |
-+ adc = WM8994_AIF1ADC1L_ENA | WM8994_AIF1ADC2L_ENA; |
12228 |
-+ else |
12229 |
-+ adc = WM8994_AIF1ADC1R_ENA | WM8994_AIF1ADC2R_ENA | |
12230 |
-+ WM8994_AIF1ADC1L_ENA | WM8994_AIF1ADC2L_ENA; |
12231 |
-+ |
12232 |
-+ val = snd_soc_read(codec, WM8994_AIF1_CONTROL_2); |
12233 |
-+ if ((val & WM8994_AIF1DACL_SRC) && |
12234 |
-+ (val & WM8994_AIF1DACR_SRC)) |
12235 |
-+ dac = WM8994_AIF1DAC1R_ENA | WM8994_AIF1DAC2R_ENA; |
12236 |
-+ else if (!(val & WM8994_AIF1DACL_SRC) && |
12237 |
-+ !(val & WM8994_AIF1DACR_SRC)) |
12238 |
-+ dac = WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC2L_ENA; |
12239 |
-+ else |
12240 |
-+ dac = WM8994_AIF1DAC1R_ENA | WM8994_AIF1DAC2R_ENA | |
12241 |
-+ WM8994_AIF1DAC1L_ENA | WM8994_AIF1DAC2L_ENA; |
12242 |
-+ |
12243 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
12244 |
-+ mask, adc); |
12245 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12246 |
-+ mask, dac); |
12247 |
-+ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
12248 |
-+ WM8994_AIF1DSPCLK_ENA | |
12249 |
-+ WM8994_SYSDSPCLK_ENA, |
12250 |
-+ WM8994_AIF1DSPCLK_ENA | |
12251 |
-+ WM8994_SYSDSPCLK_ENA); |
12252 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, mask, |
12253 |
-+ WM8994_AIF1ADC1R_ENA | |
12254 |
-+ WM8994_AIF1ADC1L_ENA | |
12255 |
-+ WM8994_AIF1ADC2R_ENA | |
12256 |
-+ WM8994_AIF1ADC2L_ENA); |
12257 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, mask, |
12258 |
-+ WM8994_AIF1DAC1R_ENA | |
12259 |
-+ WM8994_AIF1DAC1L_ENA | |
12260 |
-+ WM8994_AIF1DAC2R_ENA | |
12261 |
-+ WM8994_AIF1DAC2L_ENA); |
12262 |
-+ break; |
12263 |
-+ |
12264 |
-+ case SND_SOC_DAPM_PRE_PMD: |
12265 |
-+ case SND_SOC_DAPM_POST_PMD: |
12266 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12267 |
-+ mask, 0); |
12268 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
12269 |
-+ mask, 0); |
12270 |
-+ |
12271 |
-+ val = snd_soc_read(codec, WM8994_CLOCKING_1); |
12272 |
-+ if (val & WM8994_AIF2DSPCLK_ENA) |
12273 |
-+ val = WM8994_SYSDSPCLK_ENA; |
12274 |
-+ else |
12275 |
-+ val = 0; |
12276 |
-+ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
12277 |
-+ WM8994_SYSDSPCLK_ENA | |
12278 |
-+ WM8994_AIF1DSPCLK_ENA, val); |
12279 |
- break; |
12280 |
- } |
12281 |
- |
12282 |
-- /* We may also have postponed startup of DSP, handle that. */ |
12283 |
-- wm8958_aif_ev(w, kcontrol, event); |
12284 |
-- |
12285 |
- return 0; |
12286 |
- } |
12287 |
- |
12288 |
--static int late_disable_ev(struct snd_soc_dapm_widget *w, |
12289 |
-- struct snd_kcontrol *kcontrol, int event) |
12290 |
-+static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
12291 |
-+ struct snd_kcontrol *kcontrol, int event) |
12292 |
- { |
12293 |
- struct snd_soc_codec *codec = w->codec; |
12294 |
-- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12295 |
-+ int dac; |
12296 |
-+ int adc; |
12297 |
-+ int val; |
12298 |
- |
12299 |
- switch (event) { |
12300 |
-+ case SND_SOC_DAPM_PRE_PMU: |
12301 |
-+ val = snd_soc_read(codec, WM8994_AIF2_CONTROL_1); |
12302 |
-+ if ((val & WM8994_AIF2ADCL_SRC) && |
12303 |
-+ (val & WM8994_AIF2ADCR_SRC)) |
12304 |
-+ adc = WM8994_AIF2ADCR_ENA; |
12305 |
-+ else if (!(val & WM8994_AIF2ADCL_SRC) && |
12306 |
-+ !(val & WM8994_AIF2ADCR_SRC)) |
12307 |
-+ adc = WM8994_AIF2ADCL_ENA; |
12308 |
-+ else |
12309 |
-+ adc = WM8994_AIF2ADCL_ENA | WM8994_AIF2ADCR_ENA; |
12310 |
-+ |
12311 |
-+ |
12312 |
-+ val = snd_soc_read(codec, WM8994_AIF2_CONTROL_2); |
12313 |
-+ if ((val & WM8994_AIF2DACL_SRC) && |
12314 |
-+ (val & WM8994_AIF2DACR_SRC)) |
12315 |
-+ dac = WM8994_AIF2DACR_ENA; |
12316 |
-+ else if (!(val & WM8994_AIF2DACL_SRC) && |
12317 |
-+ !(val & WM8994_AIF2DACR_SRC)) |
12318 |
-+ dac = WM8994_AIF2DACL_ENA; |
12319 |
-+ else |
12320 |
-+ dac = WM8994_AIF2DACL_ENA | WM8994_AIF2DACR_ENA; |
12321 |
-+ |
12322 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
12323 |
-+ WM8994_AIF2ADCL_ENA | |
12324 |
-+ WM8994_AIF2ADCR_ENA, adc); |
12325 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12326 |
-+ WM8994_AIF2DACL_ENA | |
12327 |
-+ WM8994_AIF2DACR_ENA, dac); |
12328 |
-+ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
12329 |
-+ WM8994_AIF2DSPCLK_ENA | |
12330 |
-+ WM8994_SYSDSPCLK_ENA, |
12331 |
-+ WM8994_AIF2DSPCLK_ENA | |
12332 |
-+ WM8994_SYSDSPCLK_ENA); |
12333 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_4, |
12334 |
-+ WM8994_AIF2ADCL_ENA | |
12335 |
-+ WM8994_AIF2ADCR_ENA, |
12336 |
-+ WM8994_AIF2ADCL_ENA | |
12337 |
-+ WM8994_AIF2ADCR_ENA); |
12338 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12339 |
-+ WM8994_AIF2DACL_ENA | |
12340 |
-+ WM8994_AIF2DACR_ENA, |
12341 |
-+ WM8994_AIF2DACL_ENA | |
12342 |
-+ WM8994_AIF2DACR_ENA); |
12343 |
-+ break; |
12344 |
-+ |
12345 |
-+ case SND_SOC_DAPM_PRE_PMD: |
12346 |
- case SND_SOC_DAPM_POST_PMD: |
12347 |
-- if (wm8994->aif1clk_disable) { |
12348 |
-- snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
12349 |
-- WM8994_AIF1CLK_ENA_MASK, 0); |
12350 |
-- wm8994->aif1clk_disable = 0; |
12351 |
-- } |
12352 |
-- if (wm8994->aif2clk_disable) { |
12353 |
-- snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
12354 |
-- WM8994_AIF2CLK_ENA_MASK, 0); |
12355 |
-- wm8994->aif2clk_disable = 0; |
12356 |
-- } |
12357 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12358 |
-+ WM8994_AIF2DACL_ENA | |
12359 |
-+ WM8994_AIF2DACR_ENA, 0); |
12360 |
-+ snd_soc_update_bits(codec, WM8994_POWER_MANAGEMENT_5, |
12361 |
-+ WM8994_AIF2ADCL_ENA | |
12362 |
-+ WM8994_AIF2ADCR_ENA, 0); |
12363 |
-+ |
12364 |
-+ val = snd_soc_read(codec, WM8994_CLOCKING_1); |
12365 |
-+ if (val & WM8994_AIF1DSPCLK_ENA) |
12366 |
-+ val = WM8994_SYSDSPCLK_ENA; |
12367 |
-+ else |
12368 |
-+ val = 0; |
12369 |
-+ snd_soc_update_bits(codec, WM8994_CLOCKING_1, |
12370 |
-+ WM8994_SYSDSPCLK_ENA | |
12371 |
-+ WM8994_AIF2DSPCLK_ENA, val); |
12372 |
- break; |
12373 |
- } |
12374 |
- |
12375 |
- return 0; |
12376 |
- } |
12377 |
- |
12378 |
--static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
12379 |
-- struct snd_kcontrol *kcontrol, int event) |
12380 |
-+static int aif1clk_late_ev(struct snd_soc_dapm_widget *w, |
12381 |
-+ struct snd_kcontrol *kcontrol, int event) |
12382 |
- { |
12383 |
- struct snd_soc_codec *codec = w->codec; |
12384 |
- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12385 |
-@@ -1000,8 +1109,8 @@ static int aif1clk_ev(struct snd_soc_dapm_widget *w, |
12386 |
- return 0; |
12387 |
- } |
12388 |
- |
12389 |
--static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
12390 |
-- struct snd_kcontrol *kcontrol, int event) |
12391 |
-+static int aif2clk_late_ev(struct snd_soc_dapm_widget *w, |
12392 |
-+ struct snd_kcontrol *kcontrol, int event) |
12393 |
- { |
12394 |
- struct snd_soc_codec *codec = w->codec; |
12395 |
- struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12396 |
-@@ -1018,6 +1127,63 @@ static int aif2clk_ev(struct snd_soc_dapm_widget *w, |
12397 |
- return 0; |
12398 |
- } |
12399 |
- |
12400 |
-+static int late_enable_ev(struct snd_soc_dapm_widget *w, |
12401 |
-+ struct snd_kcontrol *kcontrol, int event) |
12402 |
-+{ |
12403 |
-+ struct snd_soc_codec *codec = w->codec; |
12404 |
-+ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12405 |
-+ |
12406 |
-+ switch (event) { |
12407 |
-+ case SND_SOC_DAPM_PRE_PMU: |
12408 |
-+ if (wm8994->aif1clk_enable) { |
12409 |
-+ aif1clk_ev(w, kcontrol, event); |
12410 |
-+ snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
12411 |
-+ WM8994_AIF1CLK_ENA_MASK, |
12412 |
-+ WM8994_AIF1CLK_ENA); |
12413 |
-+ wm8994->aif1clk_enable = 0; |
12414 |
-+ } |
12415 |
-+ if (wm8994->aif2clk_enable) { |
12416 |
-+ aif2clk_ev(w, kcontrol, event); |
12417 |
-+ snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
12418 |
-+ WM8994_AIF2CLK_ENA_MASK, |
12419 |
-+ WM8994_AIF2CLK_ENA); |
12420 |
-+ wm8994->aif2clk_enable = 0; |
12421 |
-+ } |
12422 |
-+ break; |
12423 |
-+ } |
12424 |
-+ |
12425 |
-+ /* We may also have postponed startup of DSP, handle that. */ |
12426 |
-+ wm8958_aif_ev(w, kcontrol, event); |
12427 |
-+ |
12428 |
-+ return 0; |
12429 |
-+} |
12430 |
-+ |
12431 |
-+static int late_disable_ev(struct snd_soc_dapm_widget *w, |
12432 |
-+ struct snd_kcontrol *kcontrol, int event) |
12433 |
-+{ |
12434 |
-+ struct snd_soc_codec *codec = w->codec; |
12435 |
-+ struct wm8994_priv *wm8994 = snd_soc_codec_get_drvdata(codec); |
12436 |
-+ |
12437 |
-+ switch (event) { |
12438 |
-+ case SND_SOC_DAPM_POST_PMD: |
12439 |
-+ if (wm8994->aif1clk_disable) { |
12440 |
-+ snd_soc_update_bits(codec, WM8994_AIF1_CLOCKING_1, |
12441 |
-+ WM8994_AIF1CLK_ENA_MASK, 0); |
12442 |
-+ aif1clk_ev(w, kcontrol, event); |
12443 |
-+ wm8994->aif1clk_disable = 0; |
12444 |
-+ } |
12445 |
-+ if (wm8994->aif2clk_disable) { |
12446 |
-+ snd_soc_update_bits(codec, WM8994_AIF2_CLOCKING_1, |
12447 |
-+ WM8994_AIF2CLK_ENA_MASK, 0); |
12448 |
-+ aif2clk_ev(w, kcontrol, event); |
12449 |
-+ wm8994->aif2clk_disable = 0; |
12450 |
-+ } |
12451 |
-+ break; |
12452 |
-+ } |
12453 |
-+ |
12454 |
-+ return 0; |
12455 |
-+} |
12456 |
-+ |
12457 |
- static int adc_mux_ev(struct snd_soc_dapm_widget *w, |
12458 |
- struct snd_kcontrol *kcontrol, int event) |
12459 |
- { |
12460 |
-@@ -1314,9 +1480,9 @@ static const struct snd_kcontrol_new aif2dacr_src_mux = |
12461 |
- SOC_DAPM_ENUM("AIF2DACR Mux", aif2dacr_src_enum); |
12462 |
- |
12463 |
- static const struct snd_soc_dapm_widget wm8994_lateclk_revd_widgets[] = { |
12464 |
--SND_SOC_DAPM_SUPPLY("AIF1CLK", SND_SOC_NOPM, 0, 0, aif1clk_ev, |
12465 |
-+SND_SOC_DAPM_SUPPLY("AIF1CLK", SND_SOC_NOPM, 0, 0, aif1clk_late_ev, |
12466 |
- SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
12467 |
--SND_SOC_DAPM_SUPPLY("AIF2CLK", SND_SOC_NOPM, 0, 0, aif2clk_ev, |
12468 |
-+SND_SOC_DAPM_SUPPLY("AIF2CLK", SND_SOC_NOPM, 0, 0, aif2clk_late_ev, |
12469 |
- SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
12470 |
- |
12471 |
- SND_SOC_DAPM_PGA_E("Late DAC1L Enable PGA", SND_SOC_NOPM, 0, 0, NULL, 0, |
12472 |
-@@ -1345,8 +1511,10 @@ SND_SOC_DAPM_POST("Late Disable PGA", late_disable_ev) |
12473 |
- }; |
12474 |
- |
12475 |
- static const struct snd_soc_dapm_widget wm8994_lateclk_widgets[] = { |
12476 |
--SND_SOC_DAPM_SUPPLY("AIF1CLK", WM8994_AIF1_CLOCKING_1, 0, 0, NULL, 0), |
12477 |
--SND_SOC_DAPM_SUPPLY("AIF2CLK", WM8994_AIF2_CLOCKING_1, 0, 0, NULL, 0), |
12478 |
-+SND_SOC_DAPM_SUPPLY("AIF1CLK", WM8994_AIF1_CLOCKING_1, 0, 0, aif1clk_ev, |
12479 |
-+ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_PRE_PMD), |
12480 |
-+SND_SOC_DAPM_SUPPLY("AIF2CLK", WM8994_AIF2_CLOCKING_1, 0, 0, aif2clk_ev, |
12481 |
-+ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_PRE_PMD), |
12482 |
- SND_SOC_DAPM_PGA("Direct Voice", SND_SOC_NOPM, 0, 0, NULL, 0), |
12483 |
- SND_SOC_DAPM_MIXER("SPKL", WM8994_POWER_MANAGEMENT_3, 8, 0, |
12484 |
- left_speaker_mixer, ARRAY_SIZE(left_speaker_mixer)), |
12485 |
-@@ -1399,30 +1567,30 @@ SND_SOC_DAPM_SUPPLY("VMID", SND_SOC_NOPM, 0, 0, vmid_event, |
12486 |
- SND_SOC_DAPM_SUPPLY("CLK_SYS", SND_SOC_NOPM, 0, 0, clk_sys_event, |
12487 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
12488 |
- |
12489 |
--SND_SOC_DAPM_SUPPLY("DSP1CLK", WM8994_CLOCKING_1, 3, 0, NULL, 0), |
12490 |
--SND_SOC_DAPM_SUPPLY("DSP2CLK", WM8994_CLOCKING_1, 2, 0, NULL, 0), |
12491 |
--SND_SOC_DAPM_SUPPLY("DSPINTCLK", WM8994_CLOCKING_1, 1, 0, NULL, 0), |
12492 |
-+SND_SOC_DAPM_SUPPLY("DSP1CLK", SND_SOC_NOPM, 3, 0, NULL, 0), |
12493 |
-+SND_SOC_DAPM_SUPPLY("DSP2CLK", SND_SOC_NOPM, 2, 0, NULL, 0), |
12494 |
-+SND_SOC_DAPM_SUPPLY("DSPINTCLK", SND_SOC_NOPM, 1, 0, NULL, 0), |
12495 |
- |
12496 |
- SND_SOC_DAPM_AIF_OUT("AIF1ADC1L", NULL, |
12497 |
-- 0, WM8994_POWER_MANAGEMENT_4, 9, 0), |
12498 |
-+ 0, SND_SOC_NOPM, 9, 0), |
12499 |
- SND_SOC_DAPM_AIF_OUT("AIF1ADC1R", NULL, |
12500 |
-- 0, WM8994_POWER_MANAGEMENT_4, 8, 0), |
12501 |
-+ 0, SND_SOC_NOPM, 8, 0), |
12502 |
- SND_SOC_DAPM_AIF_IN_E("AIF1DAC1L", NULL, 0, |
12503 |
-- WM8994_POWER_MANAGEMENT_5, 9, 0, wm8958_aif_ev, |
12504 |
-+ SND_SOC_NOPM, 9, 0, wm8958_aif_ev, |
12505 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
12506 |
- SND_SOC_DAPM_AIF_IN_E("AIF1DAC1R", NULL, 0, |
12507 |
-- WM8994_POWER_MANAGEMENT_5, 8, 0, wm8958_aif_ev, |
12508 |
-+ SND_SOC_NOPM, 8, 0, wm8958_aif_ev, |
12509 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
12510 |
- |
12511 |
- SND_SOC_DAPM_AIF_OUT("AIF1ADC2L", NULL, |
12512 |
-- 0, WM8994_POWER_MANAGEMENT_4, 11, 0), |
12513 |
-+ 0, SND_SOC_NOPM, 11, 0), |
12514 |
- SND_SOC_DAPM_AIF_OUT("AIF1ADC2R", NULL, |
12515 |
-- 0, WM8994_POWER_MANAGEMENT_4, 10, 0), |
12516 |
-+ 0, SND_SOC_NOPM, 10, 0), |
12517 |
- SND_SOC_DAPM_AIF_IN_E("AIF1DAC2L", NULL, 0, |
12518 |
-- WM8994_POWER_MANAGEMENT_5, 11, 0, wm8958_aif_ev, |
12519 |
-+ SND_SOC_NOPM, 11, 0, wm8958_aif_ev, |
12520 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
12521 |
- SND_SOC_DAPM_AIF_IN_E("AIF1DAC2R", NULL, 0, |
12522 |
-- WM8994_POWER_MANAGEMENT_5, 10, 0, wm8958_aif_ev, |
12523 |
-+ SND_SOC_NOPM, 10, 0, wm8958_aif_ev, |
12524 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_POST_PMD), |
12525 |
- |
12526 |
- SND_SOC_DAPM_MIXER("AIF1ADC1L Mixer", SND_SOC_NOPM, 0, 0, |
12527 |
-@@ -1449,14 +1617,14 @@ SND_SOC_DAPM_MIXER("DAC1R Mixer", SND_SOC_NOPM, 0, 0, |
12528 |
- dac1r_mix, ARRAY_SIZE(dac1r_mix)), |
12529 |
- |
12530 |
- SND_SOC_DAPM_AIF_OUT("AIF2ADCL", NULL, 0, |
12531 |
-- WM8994_POWER_MANAGEMENT_4, 13, 0), |
12532 |
-+ SND_SOC_NOPM, 13, 0), |
12533 |
- SND_SOC_DAPM_AIF_OUT("AIF2ADCR", NULL, 0, |
12534 |
-- WM8994_POWER_MANAGEMENT_4, 12, 0), |
12535 |
-+ SND_SOC_NOPM, 12, 0), |
12536 |
- SND_SOC_DAPM_AIF_IN_E("AIF2DACL", NULL, 0, |
12537 |
-- WM8994_POWER_MANAGEMENT_5, 13, 0, wm8958_aif_ev, |
12538 |
-+ SND_SOC_NOPM, 13, 0, wm8958_aif_ev, |
12539 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
12540 |
- SND_SOC_DAPM_AIF_IN_E("AIF2DACR", NULL, 0, |
12541 |
-- WM8994_POWER_MANAGEMENT_5, 12, 0, wm8958_aif_ev, |
12542 |
-+ SND_SOC_NOPM, 12, 0, wm8958_aif_ev, |
12543 |
- SND_SOC_DAPM_POST_PMU | SND_SOC_DAPM_PRE_PMD), |
12544 |
- |
12545 |
- SND_SOC_DAPM_AIF_IN("AIF1DACDAT", "AIF1 Playback", 0, SND_SOC_NOPM, 0, 0), |
12546 |
-diff --git a/sound/soc/soc-dapm.c b/sound/soc/soc-dapm.c |
12547 |
-index 1315663..ac6b869 100644 |
12548 |
---- a/sound/soc/soc-dapm.c |
12549 |
-+++ b/sound/soc/soc-dapm.c |
12550 |
-@@ -70,6 +70,7 @@ static int dapm_up_seq[] = { |
12551 |
- [snd_soc_dapm_out_drv] = 10, |
12552 |
- [snd_soc_dapm_hp] = 10, |
12553 |
- [snd_soc_dapm_spk] = 10, |
12554 |
-+ [snd_soc_dapm_line] = 10, |
12555 |
- [snd_soc_dapm_post] = 11, |
12556 |
- }; |
12557 |
- |
12558 |
-@@ -78,6 +79,7 @@ static int dapm_down_seq[] = { |
12559 |
- [snd_soc_dapm_adc] = 1, |
12560 |
- [snd_soc_dapm_hp] = 2, |
12561 |
- [snd_soc_dapm_spk] = 2, |
12562 |
-+ [snd_soc_dapm_line] = 2, |
12563 |
- [snd_soc_dapm_out_drv] = 2, |
12564 |
- [snd_soc_dapm_pga] = 4, |
12565 |
- [snd_soc_dapm_mixer_named_ctl] = 5, |
12566 |
-diff --git a/tools/include/tools/be_byteshift.h b/tools/include/tools/be_byteshift.h |
12567 |
-new file mode 100644 |
12568 |
-index 0000000..f4912e2 |
12569 |
---- /dev/null |
12570 |
-+++ b/tools/include/tools/be_byteshift.h |
12571 |
-@@ -0,0 +1,70 @@ |
12572 |
-+#ifndef _TOOLS_BE_BYTESHIFT_H |
12573 |
-+#define _TOOLS_BE_BYTESHIFT_H |
12574 |
-+ |
12575 |
-+#include <linux/types.h> |
12576 |
-+ |
12577 |
-+static inline __u16 __get_unaligned_be16(const __u8 *p) |
12578 |
-+{ |
12579 |
-+ return p[0] << 8 | p[1]; |
12580 |
-+} |
12581 |
-+ |
12582 |
-+static inline __u32 __get_unaligned_be32(const __u8 *p) |
12583 |
-+{ |
12584 |
-+ return p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3]; |
12585 |
-+} |
12586 |
-+ |
12587 |
-+static inline __u64 __get_unaligned_be64(const __u8 *p) |
12588 |
-+{ |
12589 |
-+ return (__u64)__get_unaligned_be32(p) << 32 | |
12590 |
-+ __get_unaligned_be32(p + 4); |
12591 |
-+} |
12592 |
-+ |
12593 |
-+static inline void __put_unaligned_be16(__u16 val, __u8 *p) |
12594 |
-+{ |
12595 |
-+ *p++ = val >> 8; |
12596 |
-+ *p++ = val; |
12597 |
-+} |
12598 |
-+ |
12599 |
-+static inline void __put_unaligned_be32(__u32 val, __u8 *p) |
12600 |
-+{ |
12601 |
-+ __put_unaligned_be16(val >> 16, p); |
12602 |
-+ __put_unaligned_be16(val, p + 2); |
12603 |
-+} |
12604 |
-+ |
12605 |
-+static inline void __put_unaligned_be64(__u64 val, __u8 *p) |
12606 |
-+{ |
12607 |
-+ __put_unaligned_be32(val >> 32, p); |
12608 |
-+ __put_unaligned_be32(val, p + 4); |
12609 |
-+} |
12610 |
-+ |
12611 |
-+static inline __u16 get_unaligned_be16(const void *p) |
12612 |
-+{ |
12613 |
-+ return __get_unaligned_be16((const __u8 *)p); |
12614 |
-+} |
12615 |
-+ |
12616 |
-+static inline __u32 get_unaligned_be32(const void *p) |
12617 |
-+{ |
12618 |
-+ return __get_unaligned_be32((const __u8 *)p); |
12619 |
-+} |
12620 |
-+ |
12621 |
-+static inline __u64 get_unaligned_be64(const void *p) |
12622 |
-+{ |
12623 |
-+ return __get_unaligned_be64((const __u8 *)p); |
12624 |
-+} |
12625 |
-+ |
12626 |
-+static inline void put_unaligned_be16(__u16 val, void *p) |
12627 |
-+{ |
12628 |
-+ __put_unaligned_be16(val, p); |
12629 |
-+} |
12630 |
-+ |
12631 |
-+static inline void put_unaligned_be32(__u32 val, void *p) |
12632 |
-+{ |
12633 |
-+ __put_unaligned_be32(val, p); |
12634 |
-+} |
12635 |
-+ |
12636 |
-+static inline void put_unaligned_be64(__u64 val, void *p) |
12637 |
-+{ |
12638 |
-+ __put_unaligned_be64(val, p); |
12639 |
-+} |
12640 |
-+ |
12641 |
-+#endif /* _TOOLS_BE_BYTESHIFT_H */ |
12642 |
-diff --git a/tools/include/tools/le_byteshift.h b/tools/include/tools/le_byteshift.h |
12643 |
-new file mode 100644 |
12644 |
-index 0000000..c99d45a |
12645 |
---- /dev/null |
12646 |
-+++ b/tools/include/tools/le_byteshift.h |
12647 |
-@@ -0,0 +1,70 @@ |
12648 |
-+#ifndef _TOOLS_LE_BYTESHIFT_H |
12649 |
-+#define _TOOLS_LE_BYTESHIFT_H |
12650 |
-+ |
12651 |
-+#include <linux/types.h> |
12652 |
-+ |
12653 |
-+static inline __u16 __get_unaligned_le16(const __u8 *p) |
12654 |
-+{ |
12655 |
-+ return p[0] | p[1] << 8; |
12656 |
-+} |
12657 |
-+ |
12658 |
-+static inline __u32 __get_unaligned_le32(const __u8 *p) |
12659 |
-+{ |
12660 |
-+ return p[0] | p[1] << 8 | p[2] << 16 | p[3] << 24; |
12661 |
-+} |
12662 |
-+ |
12663 |
-+static inline __u64 __get_unaligned_le64(const __u8 *p) |
12664 |
-+{ |
12665 |
-+ return (__u64)__get_unaligned_le32(p + 4) << 32 | |
12666 |
-+ __get_unaligned_le32(p); |
12667 |
-+} |
12668 |
-+ |
12669 |
-+static inline void __put_unaligned_le16(__u16 val, __u8 *p) |
12670 |
-+{ |
12671 |
-+ *p++ = val; |
12672 |
-+ *p++ = val >> 8; |
12673 |
-+} |
12674 |
-+ |
12675 |
-+static inline void __put_unaligned_le32(__u32 val, __u8 *p) |
12676 |
-+{ |
12677 |
-+ __put_unaligned_le16(val >> 16, p + 2); |
12678 |
-+ __put_unaligned_le16(val, p); |
12679 |
-+} |
12680 |
-+ |
12681 |
-+static inline void __put_unaligned_le64(__u64 val, __u8 *p) |
12682 |
-+{ |
12683 |
-+ __put_unaligned_le32(val >> 32, p + 4); |
12684 |
-+ __put_unaligned_le32(val, p); |
12685 |
-+} |
12686 |
-+ |
12687 |
-+static inline __u16 get_unaligned_le16(const void *p) |
12688 |
-+{ |
12689 |
-+ return __get_unaligned_le16((const __u8 *)p); |
12690 |
-+} |
12691 |
-+ |
12692 |
-+static inline __u32 get_unaligned_le32(const void *p) |
12693 |
-+{ |
12694 |
-+ return __get_unaligned_le32((const __u8 *)p); |
12695 |
-+} |
12696 |
-+ |
12697 |
-+static inline __u64 get_unaligned_le64(const void *p) |
12698 |
-+{ |
12699 |
-+ return __get_unaligned_le64((const __u8 *)p); |
12700 |
-+} |
12701 |
-+ |
12702 |
-+static inline void put_unaligned_le16(__u16 val, void *p) |
12703 |
-+{ |
12704 |
-+ __put_unaligned_le16(val, p); |
12705 |
-+} |
12706 |
-+ |
12707 |
-+static inline void put_unaligned_le32(__u32 val, void *p) |
12708 |
-+{ |
12709 |
-+ __put_unaligned_le32(val, p); |
12710 |
-+} |
12711 |
-+ |
12712 |
-+static inline void put_unaligned_le64(__u64 val, void *p) |
12713 |
-+{ |
12714 |
-+ __put_unaligned_le64(val, p); |
12715 |
-+} |
12716 |
-+ |
12717 |
-+#endif /* _TOOLS_LE_BYTESHIFT_H */ |
12718 |
|
12719 |
diff --git a/3.3.5/0000_README b/3.3.6/0000_README |
12720 |
similarity index 95% |
12721 |
rename from 3.3.5/0000_README |
12722 |
rename to 3.3.6/0000_README |
12723 |
index 9dc6525..f827d9b 100644 |
12724 |
--- a/3.3.5/0000_README |
12725 |
+++ b/3.3.6/0000_README |
12726 |
@@ -2,11 +2,11 @@ README |
12727 |
----------------------------------------------------------------------------- |
12728 |
Individual Patch Descriptions: |
12729 |
----------------------------------------------------------------------------- |
12730 |
-Patch: 1004_linux-3.3.5.patch |
12731 |
+Patch: 1005_linux-3.3.6.patch |
12732 |
From: http://www.kernel.org |
12733 |
-Desc: Linux 3.3.5 |
12734 |
+Desc: Linux 3.3.6 |
12735 |
|
12736 |
-Patch: 4420_grsecurity-2.9-3.3.5-201205071839.patch |
12737 |
+Patch: 4420_grsecurity-2.9-3.3.6-201205131658.patch |
12738 |
From: http://www.grsecurity.net |
12739 |
Desc: hardened-sources base patch from upstream grsecurity |
12740 |
|
12741 |
|
12742 |
diff --git a/3.3.6/1005_linux-3.3.6.patch b/3.3.6/1005_linux-3.3.6.patch |
12743 |
new file mode 100644 |
12744 |
index 0000000..f02721b |
12745 |
--- /dev/null |
12746 |
+++ b/3.3.6/1005_linux-3.3.6.patch |
12747 |
@@ -0,0 +1,1832 @@ |
12748 |
+diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt |
12749 |
+index ad3e80e..d18bbac 100644 |
12750 |
+--- a/Documentation/networking/ip-sysctl.txt |
12751 |
++++ b/Documentation/networking/ip-sysctl.txt |
12752 |
+@@ -147,7 +147,7 @@ tcp_adv_win_scale - INTEGER |
12753 |
+ (if tcp_adv_win_scale > 0) or bytes-bytes/2^(-tcp_adv_win_scale), |
12754 |
+ if it is <= 0. |
12755 |
+ Possible values are [-31, 31], inclusive. |
12756 |
+- Default: 2 |
12757 |
++ Default: 1 |
12758 |
+ |
12759 |
+ tcp_allowed_congestion_control - STRING |
12760 |
+ Show/set the congestion control choices available to non-privileged |
12761 |
+@@ -410,7 +410,7 @@ tcp_rmem - vector of 3 INTEGERs: min, default, max |
12762 |
+ net.core.rmem_max. Calling setsockopt() with SO_RCVBUF disables |
12763 |
+ automatic tuning of that socket's receive buffer size, in which |
12764 |
+ case this value is ignored. |
12765 |
+- Default: between 87380B and 4MB, depending on RAM size. |
12766 |
++ Default: between 87380B and 6MB, depending on RAM size. |
12767 |
+ |
12768 |
+ tcp_sack - BOOLEAN |
12769 |
+ Enable select acknowledgments (SACKS). |
12770 |
+diff --git a/Makefile b/Makefile |
12771 |
+index 64615e9..9cd6941 100644 |
12772 |
+--- a/Makefile |
12773 |
++++ b/Makefile |
12774 |
+@@ -1,6 +1,6 @@ |
12775 |
+ VERSION = 3 |
12776 |
+ PATCHLEVEL = 3 |
12777 |
+-SUBLEVEL = 5 |
12778 |
++SUBLEVEL = 6 |
12779 |
+ EXTRAVERSION = |
12780 |
+ NAME = Saber-toothed Squirrel |
12781 |
+ |
12782 |
+diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c |
12783 |
+index ede6443..f5ce8ab 100644 |
12784 |
+--- a/arch/arm/kernel/ptrace.c |
12785 |
++++ b/arch/arm/kernel/ptrace.c |
12786 |
+@@ -905,27 +905,14 @@ long arch_ptrace(struct task_struct *child, long request, |
12787 |
+ return ret; |
12788 |
+ } |
12789 |
+ |
12790 |
+-#ifdef __ARMEB__ |
12791 |
+-#define AUDIT_ARCH_NR AUDIT_ARCH_ARMEB |
12792 |
+-#else |
12793 |
+-#define AUDIT_ARCH_NR AUDIT_ARCH_ARM |
12794 |
+-#endif |
12795 |
+- |
12796 |
+ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) |
12797 |
+ { |
12798 |
+ unsigned long ip; |
12799 |
+ |
12800 |
+- /* |
12801 |
+- * Save IP. IP is used to denote syscall entry/exit: |
12802 |
+- * IP = 0 -> entry, = 1 -> exit |
12803 |
+- */ |
12804 |
+- ip = regs->ARM_ip; |
12805 |
+- regs->ARM_ip = why; |
12806 |
+- |
12807 |
+- if (!ip) |
12808 |
++ if (why) |
12809 |
+ audit_syscall_exit(regs); |
12810 |
+ else |
12811 |
+- audit_syscall_entry(AUDIT_ARCH_NR, scno, regs->ARM_r0, |
12812 |
++ audit_syscall_entry(AUDIT_ARCH_ARM, scno, regs->ARM_r0, |
12813 |
+ regs->ARM_r1, regs->ARM_r2, regs->ARM_r3); |
12814 |
+ |
12815 |
+ if (!test_thread_flag(TIF_SYSCALL_TRACE)) |
12816 |
+@@ -935,6 +922,13 @@ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) |
12817 |
+ |
12818 |
+ current_thread_info()->syscall = scno; |
12819 |
+ |
12820 |
++ /* |
12821 |
++ * IP is used to denote syscall entry/exit: |
12822 |
++ * IP = 0 -> entry, =1 -> exit |
12823 |
++ */ |
12824 |
++ ip = regs->ARM_ip; |
12825 |
++ regs->ARM_ip = why; |
12826 |
++ |
12827 |
+ /* the 0x80 provides a way for the tracing parent to distinguish |
12828 |
+ between a syscall stop and SIGTRAP delivery */ |
12829 |
+ ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) |
12830 |
+diff --git a/arch/arm/kernel/smp.c b/arch/arm/kernel/smp.c |
12831 |
+index cdeb727..31c2567 100644 |
12832 |
+--- a/arch/arm/kernel/smp.c |
12833 |
++++ b/arch/arm/kernel/smp.c |
12834 |
+@@ -255,8 +255,6 @@ asmlinkage void __cpuinit secondary_start_kernel(void) |
12835 |
+ struct mm_struct *mm = &init_mm; |
12836 |
+ unsigned int cpu = smp_processor_id(); |
12837 |
+ |
12838 |
+- printk("CPU%u: Booted secondary processor\n", cpu); |
12839 |
+- |
12840 |
+ /* |
12841 |
+ * All kernel threads share the same mm context; grab a |
12842 |
+ * reference and switch to it. |
12843 |
+@@ -268,6 +266,8 @@ asmlinkage void __cpuinit secondary_start_kernel(void) |
12844 |
+ enter_lazy_tlb(mm, current); |
12845 |
+ local_flush_tlb_all(); |
12846 |
+ |
12847 |
++ printk("CPU%u: Booted secondary processor\n", cpu); |
12848 |
++ |
12849 |
+ cpu_init(); |
12850 |
+ preempt_disable(); |
12851 |
+ trace_hardirqs_off(); |
12852 |
+diff --git a/arch/arm/kernel/sys_arm.c b/arch/arm/kernel/sys_arm.c |
12853 |
+index d2b1779..76cbb05 100644 |
12854 |
+--- a/arch/arm/kernel/sys_arm.c |
12855 |
++++ b/arch/arm/kernel/sys_arm.c |
12856 |
+@@ -115,7 +115,7 @@ int kernel_execve(const char *filename, |
12857 |
+ "Ir" (THREAD_START_SP - sizeof(regs)), |
12858 |
+ "r" (®s), |
12859 |
+ "Ir" (sizeof(regs)) |
12860 |
+- : "r0", "r1", "r2", "r3", "ip", "lr", "memory"); |
12861 |
++ : "r0", "r1", "r2", "r3", "r8", "r9", "ip", "lr", "memory"); |
12862 |
+ |
12863 |
+ out: |
12864 |
+ return ret; |
12865 |
+diff --git a/arch/arm/mach-omap2/include/mach/ctrl_module_pad_core_44xx.h b/arch/arm/mach-omap2/include/mach/ctrl_module_pad_core_44xx.h |
12866 |
+index 1e2d332..c88420d 100644 |
12867 |
+--- a/arch/arm/mach-omap2/include/mach/ctrl_module_pad_core_44xx.h |
12868 |
++++ b/arch/arm/mach-omap2/include/mach/ctrl_module_pad_core_44xx.h |
12869 |
+@@ -941,10 +941,10 @@ |
12870 |
+ #define OMAP4_DSI2_LANEENABLE_MASK (0x7 << 29) |
12871 |
+ #define OMAP4_DSI1_LANEENABLE_SHIFT 24 |
12872 |
+ #define OMAP4_DSI1_LANEENABLE_MASK (0x1f << 24) |
12873 |
+-#define OMAP4_DSI2_PIPD_SHIFT 19 |
12874 |
+-#define OMAP4_DSI2_PIPD_MASK (0x1f << 19) |
12875 |
+-#define OMAP4_DSI1_PIPD_SHIFT 14 |
12876 |
+-#define OMAP4_DSI1_PIPD_MASK (0x1f << 14) |
12877 |
++#define OMAP4_DSI1_PIPD_SHIFT 19 |
12878 |
++#define OMAP4_DSI1_PIPD_MASK (0x1f << 19) |
12879 |
++#define OMAP4_DSI2_PIPD_SHIFT 14 |
12880 |
++#define OMAP4_DSI2_PIPD_MASK (0x1f << 14) |
12881 |
+ |
12882 |
+ /* CONTROL_MCBSPLP */ |
12883 |
+ #define OMAP4_ALBCTRLRX_FSX_SHIFT 31 |
12884 |
+diff --git a/arch/arm/mach-orion5x/mpp.h b/arch/arm/mach-orion5x/mpp.h |
12885 |
+index eac6897..db70e79 100644 |
12886 |
+--- a/arch/arm/mach-orion5x/mpp.h |
12887 |
++++ b/arch/arm/mach-orion5x/mpp.h |
12888 |
+@@ -65,8 +65,8 @@ |
12889 |
+ #define MPP8_GIGE MPP(8, 0x1, 0, 0, 1, 1, 1) |
12890 |
+ |
12891 |
+ #define MPP9_UNUSED MPP(9, 0x0, 0, 0, 1, 1, 1) |
12892 |
+-#define MPP9_GPIO MPP(9, 0x0, 0, 0, 1, 1, 1) |
12893 |
+-#define MPP9_GIGE MPP(9, 0x1, 1, 1, 1, 1, 1) |
12894 |
++#define MPP9_GPIO MPP(9, 0x0, 1, 1, 1, 1, 1) |
12895 |
++#define MPP9_GIGE MPP(9, 0x1, 0, 0, 1, 1, 1) |
12896 |
+ |
12897 |
+ #define MPP10_UNUSED MPP(10, 0x0, 0, 0, 1, 1, 1) |
12898 |
+ #define MPP10_GPIO MPP(10, 0x0, 1, 1, 1, 1, 1) |
12899 |
+diff --git a/arch/arm/mm/cache-l2x0.c b/arch/arm/mm/cache-l2x0.c |
12900 |
+index b1e192b..db7bcc0 100644 |
12901 |
+--- a/arch/arm/mm/cache-l2x0.c |
12902 |
++++ b/arch/arm/mm/cache-l2x0.c |
12903 |
+@@ -32,6 +32,7 @@ static void __iomem *l2x0_base; |
12904 |
+ static DEFINE_RAW_SPINLOCK(l2x0_lock); |
12905 |
+ static uint32_t l2x0_way_mask; /* Bitmask of active ways */ |
12906 |
+ static uint32_t l2x0_size; |
12907 |
++static unsigned long sync_reg_offset = L2X0_CACHE_SYNC; |
12908 |
+ |
12909 |
+ struct l2x0_regs l2x0_saved_regs; |
12910 |
+ |
12911 |
+@@ -61,12 +62,7 @@ static inline void cache_sync(void) |
12912 |
+ { |
12913 |
+ void __iomem *base = l2x0_base; |
12914 |
+ |
12915 |
+-#ifdef CONFIG_PL310_ERRATA_753970 |
12916 |
+- /* write to an unmmapped register */ |
12917 |
+- writel_relaxed(0, base + L2X0_DUMMY_REG); |
12918 |
+-#else |
12919 |
+- writel_relaxed(0, base + L2X0_CACHE_SYNC); |
12920 |
+-#endif |
12921 |
++ writel_relaxed(0, base + sync_reg_offset); |
12922 |
+ cache_wait(base + L2X0_CACHE_SYNC, 1); |
12923 |
+ } |
12924 |
+ |
12925 |
+@@ -85,10 +81,13 @@ static inline void l2x0_inv_line(unsigned long addr) |
12926 |
+ } |
12927 |
+ |
12928 |
+ #if defined(CONFIG_PL310_ERRATA_588369) || defined(CONFIG_PL310_ERRATA_727915) |
12929 |
++static inline void debug_writel(unsigned long val) |
12930 |
++{ |
12931 |
++ if (outer_cache.set_debug) |
12932 |
++ outer_cache.set_debug(val); |
12933 |
++} |
12934 |
+ |
12935 |
+-#define debug_writel(val) outer_cache.set_debug(val) |
12936 |
+- |
12937 |
+-static void l2x0_set_debug(unsigned long val) |
12938 |
++static void pl310_set_debug(unsigned long val) |
12939 |
+ { |
12940 |
+ writel_relaxed(val, l2x0_base + L2X0_DEBUG_CTRL); |
12941 |
+ } |
12942 |
+@@ -98,7 +97,7 @@ static inline void debug_writel(unsigned long val) |
12943 |
+ { |
12944 |
+ } |
12945 |
+ |
12946 |
+-#define l2x0_set_debug NULL |
12947 |
++#define pl310_set_debug NULL |
12948 |
+ #endif |
12949 |
+ |
12950 |
+ #ifdef CONFIG_PL310_ERRATA_588369 |
12951 |
+@@ -331,6 +330,11 @@ void __init l2x0_init(void __iomem *base, __u32 aux_val, __u32 aux_mask) |
12952 |
+ else |
12953 |
+ ways = 8; |
12954 |
+ type = "L310"; |
12955 |
++#ifdef CONFIG_PL310_ERRATA_753970 |
12956 |
++ /* Unmapped register. */ |
12957 |
++ sync_reg_offset = L2X0_DUMMY_REG; |
12958 |
++#endif |
12959 |
++ outer_cache.set_debug = pl310_set_debug; |
12960 |
+ break; |
12961 |
+ case L2X0_CACHE_ID_PART_L210: |
12962 |
+ ways = (aux >> 13) & 0xf; |
12963 |
+@@ -379,7 +383,6 @@ void __init l2x0_init(void __iomem *base, __u32 aux_val, __u32 aux_mask) |
12964 |
+ outer_cache.flush_all = l2x0_flush_all; |
12965 |
+ outer_cache.inv_all = l2x0_inv_all; |
12966 |
+ outer_cache.disable = l2x0_disable; |
12967 |
+- outer_cache.set_debug = l2x0_set_debug; |
12968 |
+ |
12969 |
+ printk(KERN_INFO "%s cache controller enabled\n", type); |
12970 |
+ printk(KERN_INFO "l2x0: %d ways, CACHE_ID 0x%08x, AUX_CTRL 0x%08x, Cache size: %d B\n", |
12971 |
+diff --git a/arch/ia64/kvm/kvm-ia64.c b/arch/ia64/kvm/kvm-ia64.c |
12972 |
+index 4050520..8c25855 100644 |
12973 |
+--- a/arch/ia64/kvm/kvm-ia64.c |
12974 |
++++ b/arch/ia64/kvm/kvm-ia64.c |
12975 |
+@@ -1169,6 +1169,11 @@ out: |
12976 |
+ |
12977 |
+ #define PALE_RESET_ENTRY 0x80000000ffffffb0UL |
12978 |
+ |
12979 |
++bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) |
12980 |
++{ |
12981 |
++ return irqchip_in_kernel(vcpu->kcm) == (vcpu->arch.apic != NULL); |
12982 |
++} |
12983 |
++ |
12984 |
+ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) |
12985 |
+ { |
12986 |
+ struct kvm_vcpu *v; |
12987 |
+diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c |
12988 |
+index 0243454..a5f6eff 100644 |
12989 |
+--- a/arch/s390/kvm/intercept.c |
12990 |
++++ b/arch/s390/kvm/intercept.c |
12991 |
+@@ -133,13 +133,6 @@ static int handle_stop(struct kvm_vcpu *vcpu) |
12992 |
+ |
12993 |
+ vcpu->stat.exit_stop_request++; |
12994 |
+ spin_lock_bh(&vcpu->arch.local_int.lock); |
12995 |
+- if (vcpu->arch.local_int.action_bits & ACTION_STORE_ON_STOP) { |
12996 |
+- vcpu->arch.local_int.action_bits &= ~ACTION_STORE_ON_STOP; |
12997 |
+- rc = kvm_s390_vcpu_store_status(vcpu, |
12998 |
+- KVM_S390_STORE_STATUS_NOADDR); |
12999 |
+- if (rc >= 0) |
13000 |
+- rc = -EOPNOTSUPP; |
13001 |
+- } |
13002 |
+ |
13003 |
+ if (vcpu->arch.local_int.action_bits & ACTION_RELOADVCPU_ON_STOP) { |
13004 |
+ vcpu->arch.local_int.action_bits &= ~ACTION_RELOADVCPU_ON_STOP; |
13005 |
+@@ -155,7 +148,18 @@ static int handle_stop(struct kvm_vcpu *vcpu) |
13006 |
+ rc = -EOPNOTSUPP; |
13007 |
+ } |
13008 |
+ |
13009 |
+- spin_unlock_bh(&vcpu->arch.local_int.lock); |
13010 |
++ if (vcpu->arch.local_int.action_bits & ACTION_STORE_ON_STOP) { |
13011 |
++ vcpu->arch.local_int.action_bits &= ~ACTION_STORE_ON_STOP; |
13012 |
++ /* store status must be called unlocked. Since local_int.lock |
13013 |
++ * only protects local_int.* and not guest memory we can give |
13014 |
++ * up the lock here */ |
13015 |
++ spin_unlock_bh(&vcpu->arch.local_int.lock); |
13016 |
++ rc = kvm_s390_vcpu_store_status(vcpu, |
13017 |
++ KVM_S390_STORE_STATUS_NOADDR); |
13018 |
++ if (rc >= 0) |
13019 |
++ rc = -EOPNOTSUPP; |
13020 |
++ } else |
13021 |
++ spin_unlock_bh(&vcpu->arch.local_int.lock); |
13022 |
+ return rc; |
13023 |
+ } |
13024 |
+ |
13025 |
+diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c |
13026 |
+index d1c44573..d3cb86c 100644 |
13027 |
+--- a/arch/s390/kvm/kvm-s390.c |
13028 |
++++ b/arch/s390/kvm/kvm-s390.c |
13029 |
+@@ -418,7 +418,7 @@ int kvm_arch_vcpu_ioctl_get_sregs(struct kvm_vcpu *vcpu, |
13030 |
+ int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) |
13031 |
+ { |
13032 |
+ memcpy(&vcpu->arch.guest_fpregs.fprs, &fpu->fprs, sizeof(fpu->fprs)); |
13033 |
+- vcpu->arch.guest_fpregs.fpc = fpu->fpc; |
13034 |
++ vcpu->arch.guest_fpregs.fpc = fpu->fpc & FPC_VALID_MASK; |
13035 |
+ restore_fp_regs(&vcpu->arch.guest_fpregs); |
13036 |
+ return 0; |
13037 |
+ } |
13038 |
+diff --git a/arch/x86/boot/compressed/relocs.c b/arch/x86/boot/compressed/relocs.c |
13039 |
+index 89bbf4e..e77f4e4 100644 |
13040 |
+--- a/arch/x86/boot/compressed/relocs.c |
13041 |
++++ b/arch/x86/boot/compressed/relocs.c |
13042 |
+@@ -402,13 +402,11 @@ static void print_absolute_symbols(void) |
13043 |
+ for (i = 0; i < ehdr.e_shnum; i++) { |
13044 |
+ struct section *sec = &secs[i]; |
13045 |
+ char *sym_strtab; |
13046 |
+- Elf32_Sym *sh_symtab; |
13047 |
+ int j; |
13048 |
+ |
13049 |
+ if (sec->shdr.sh_type != SHT_SYMTAB) { |
13050 |
+ continue; |
13051 |
+ } |
13052 |
+- sh_symtab = sec->symtab; |
13053 |
+ sym_strtab = sec->link->strtab; |
13054 |
+ for (j = 0; j < sec->shdr.sh_size/sizeof(Elf32_Sym); j++) { |
13055 |
+ Elf32_Sym *sym; |
13056 |
+diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c |
13057 |
+index 71f4727..5a98aa2 100644 |
13058 |
+--- a/arch/x86/kernel/setup_percpu.c |
13059 |
++++ b/arch/x86/kernel/setup_percpu.c |
13060 |
+@@ -185,10 +185,22 @@ void __init setup_per_cpu_areas(void) |
13061 |
+ #endif |
13062 |
+ rc = -EINVAL; |
13063 |
+ if (pcpu_chosen_fc != PCPU_FC_PAGE) { |
13064 |
+- const size_t atom_size = cpu_has_pse ? PMD_SIZE : PAGE_SIZE; |
13065 |
+ const size_t dyn_size = PERCPU_MODULE_RESERVE + |
13066 |
+ PERCPU_DYNAMIC_RESERVE - PERCPU_FIRST_CHUNK_RESERVE; |
13067 |
++ size_t atom_size; |
13068 |
+ |
13069 |
++ /* |
13070 |
++ * On 64bit, use PMD_SIZE for atom_size so that embedded |
13071 |
++ * percpu areas are aligned to PMD. This, in the future, |
13072 |
++ * can also allow using PMD mappings in vmalloc area. Use |
13073 |
++ * PAGE_SIZE on 32bit as vmalloc space is highly contended |
13074 |
++ * and large vmalloc area allocs can easily fail. |
13075 |
++ */ |
13076 |
++#ifdef CONFIG_X86_64 |
13077 |
++ atom_size = PMD_SIZE; |
13078 |
++#else |
13079 |
++ atom_size = PAGE_SIZE; |
13080 |
++#endif |
13081 |
+ rc = pcpu_embed_first_chunk(PERCPU_FIRST_CHUNK_RESERVE, |
13082 |
+ dyn_size, atom_size, |
13083 |
+ pcpu_cpu_distance, |
13084 |
+diff --git a/arch/x86/kvm/pmu.c b/arch/x86/kvm/pmu.c |
13085 |
+index 7aad544..3e48c1d 100644 |
13086 |
+--- a/arch/x86/kvm/pmu.c |
13087 |
++++ b/arch/x86/kvm/pmu.c |
13088 |
+@@ -413,7 +413,7 @@ int kvm_pmu_read_pmc(struct kvm_vcpu *vcpu, unsigned pmc, u64 *data) |
13089 |
+ struct kvm_pmc *counters; |
13090 |
+ u64 ctr; |
13091 |
+ |
13092 |
+- pmc &= (3u << 30) - 1; |
13093 |
++ pmc &= ~(3u << 30); |
13094 |
+ if (!fixed && pmc >= pmu->nr_arch_gp_counters) |
13095 |
+ return 1; |
13096 |
+ if (fixed && pmc >= pmu->nr_arch_fixed_counters) |
13097 |
+diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
13098 |
+index 3b4c8d8..a7a6f60 100644 |
13099 |
+--- a/arch/x86/kvm/vmx.c |
13100 |
++++ b/arch/x86/kvm/vmx.c |
13101 |
+@@ -1678,7 +1678,7 @@ static int nested_pf_handled(struct kvm_vcpu *vcpu) |
13102 |
+ struct vmcs12 *vmcs12 = get_vmcs12(vcpu); |
13103 |
+ |
13104 |
+ /* TODO: also check PFEC_MATCH/MASK, not just EB.PF. */ |
13105 |
+- if (!(vmcs12->exception_bitmap & PF_VECTOR)) |
13106 |
++ if (!(vmcs12->exception_bitmap & (1u << PF_VECTOR))) |
13107 |
+ return 0; |
13108 |
+ |
13109 |
+ nested_vmx_vmexit(vcpu); |
13110 |
+@@ -2219,6 +2219,12 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data) |
13111 |
+ msr = find_msr_entry(vmx, msr_index); |
13112 |
+ if (msr) { |
13113 |
+ msr->data = data; |
13114 |
++ if (msr - vmx->guest_msrs < vmx->save_nmsrs) { |
13115 |
++ preempt_disable(); |
13116 |
++ kvm_set_shared_msr(msr->index, msr->data, |
13117 |
++ msr->mask); |
13118 |
++ preempt_enable(); |
13119 |
++ } |
13120 |
+ break; |
13121 |
+ } |
13122 |
+ ret = kvm_set_msr_common(vcpu, msr_index, data); |
13123 |
+@@ -3915,7 +3921,9 @@ static int vmx_vcpu_reset(struct kvm_vcpu *vcpu) |
13124 |
+ vmcs_write16(VIRTUAL_PROCESSOR_ID, vmx->vpid); |
13125 |
+ |
13126 |
+ vmx->vcpu.arch.cr0 = X86_CR0_NW | X86_CR0_CD | X86_CR0_ET; |
13127 |
++ vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); |
13128 |
+ vmx_set_cr0(&vmx->vcpu, kvm_read_cr0(vcpu)); /* enter rmode */ |
13129 |
++ srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); |
13130 |
+ vmx_set_cr4(&vmx->vcpu, 0); |
13131 |
+ vmx_set_efer(&vmx->vcpu, 0); |
13132 |
+ vmx_fpu_activate(&vmx->vcpu); |
13133 |
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
13134 |
+index 9cbfc06..8d1c6c6 100644 |
13135 |
+--- a/arch/x86/kvm/x86.c |
13136 |
++++ b/arch/x86/kvm/x86.c |
13137 |
+@@ -2997,6 +2997,8 @@ static void write_protect_slot(struct kvm *kvm, |
13138 |
+ unsigned long *dirty_bitmap, |
13139 |
+ unsigned long nr_dirty_pages) |
13140 |
+ { |
13141 |
++ spin_lock(&kvm->mmu_lock); |
13142 |
++ |
13143 |
+ /* Not many dirty pages compared to # of shadow pages. */ |
13144 |
+ if (nr_dirty_pages < kvm->arch.n_used_mmu_pages) { |
13145 |
+ unsigned long gfn_offset; |
13146 |
+@@ -3004,16 +3006,13 @@ static void write_protect_slot(struct kvm *kvm, |
13147 |
+ for_each_set_bit(gfn_offset, dirty_bitmap, memslot->npages) { |
13148 |
+ unsigned long gfn = memslot->base_gfn + gfn_offset; |
13149 |
+ |
13150 |
+- spin_lock(&kvm->mmu_lock); |
13151 |
+ kvm_mmu_rmap_write_protect(kvm, gfn, memslot); |
13152 |
+- spin_unlock(&kvm->mmu_lock); |
13153 |
+ } |
13154 |
+ kvm_flush_remote_tlbs(kvm); |
13155 |
+- } else { |
13156 |
+- spin_lock(&kvm->mmu_lock); |
13157 |
++ } else |
13158 |
+ kvm_mmu_slot_remove_write_access(kvm, memslot->id); |
13159 |
+- spin_unlock(&kvm->mmu_lock); |
13160 |
+- } |
13161 |
++ |
13162 |
++ spin_unlock(&kvm->mmu_lock); |
13163 |
+ } |
13164 |
+ |
13165 |
+ /* |
13166 |
+@@ -3132,6 +3131,9 @@ long kvm_arch_vm_ioctl(struct file *filp, |
13167 |
+ r = -EEXIST; |
13168 |
+ if (kvm->arch.vpic) |
13169 |
+ goto create_irqchip_unlock; |
13170 |
++ r = -EINVAL; |
13171 |
++ if (atomic_read(&kvm->online_vcpus)) |
13172 |
++ goto create_irqchip_unlock; |
13173 |
+ r = -ENOMEM; |
13174 |
+ vpic = kvm_create_pic(kvm); |
13175 |
+ if (vpic) { |
13176 |
+@@ -5957,6 +5959,11 @@ void kvm_arch_check_processor_compat(void *rtn) |
13177 |
+ kvm_x86_ops->check_processor_compatibility(rtn); |
13178 |
+ } |
13179 |
+ |
13180 |
++bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) |
13181 |
++{ |
13182 |
++ return irqchip_in_kernel(vcpu->kvm) == (vcpu->arch.apic != NULL); |
13183 |
++} |
13184 |
++ |
13185 |
+ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) |
13186 |
+ { |
13187 |
+ struct page *page; |
13188 |
+diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
13189 |
+index 4172af8..4e517d4 100644 |
13190 |
+--- a/arch/x86/xen/enlighten.c |
13191 |
++++ b/arch/x86/xen/enlighten.c |
13192 |
+@@ -62,6 +62,7 @@ |
13193 |
+ #include <asm/reboot.h> |
13194 |
+ #include <asm/stackprotector.h> |
13195 |
+ #include <asm/hypervisor.h> |
13196 |
++#include <asm/pci_x86.h> |
13197 |
+ |
13198 |
+ #include "xen-ops.h" |
13199 |
+ #include "mmu.h" |
13200 |
+@@ -1274,8 +1275,10 @@ asmlinkage void __init xen_start_kernel(void) |
13201 |
+ /* Make sure ACS will be enabled */ |
13202 |
+ pci_request_acs(); |
13203 |
+ } |
13204 |
+- |
13205 |
+- |
13206 |
++#ifdef CONFIG_PCI |
13207 |
++ /* PCI BIOS service won't work from a PV guest. */ |
13208 |
++ pci_probe &= ~PCI_PROBE_BIOS; |
13209 |
++#endif |
13210 |
+ xen_raw_console_write("about to get started...\n"); |
13211 |
+ |
13212 |
+ xen_setup_runstate_info(0); |
13213 |
+diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
13214 |
+index 95c1cf6..dc19347 100644 |
13215 |
+--- a/arch/x86/xen/mmu.c |
13216 |
++++ b/arch/x86/xen/mmu.c |
13217 |
+@@ -353,8 +353,13 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) |
13218 |
+ { |
13219 |
+ if (val & _PAGE_PRESENT) { |
13220 |
+ unsigned long mfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; |
13221 |
++ unsigned long pfn = mfn_to_pfn(mfn); |
13222 |
++ |
13223 |
+ pteval_t flags = val & PTE_FLAGS_MASK; |
13224 |
+- val = ((pteval_t)mfn_to_pfn(mfn) << PAGE_SHIFT) | flags; |
13225 |
++ if (unlikely(pfn == ~0)) |
13226 |
++ val = flags & ~_PAGE_PRESENT; |
13227 |
++ else |
13228 |
++ val = ((pteval_t)pfn << PAGE_SHIFT) | flags; |
13229 |
+ } |
13230 |
+ |
13231 |
+ return val; |
13232 |
+diff --git a/drivers/block/mtip32xx/Kconfig b/drivers/block/mtip32xx/Kconfig |
13233 |
+index b5dd14e..0ba837f 100644 |
13234 |
+--- a/drivers/block/mtip32xx/Kconfig |
13235 |
++++ b/drivers/block/mtip32xx/Kconfig |
13236 |
+@@ -4,6 +4,6 @@ |
13237 |
+ |
13238 |
+ config BLK_DEV_PCIESSD_MTIP32XX |
13239 |
+ tristate "Block Device Driver for Micron PCIe SSDs" |
13240 |
+- depends on HOTPLUG_PCI_PCIE |
13241 |
++ depends on PCI |
13242 |
+ help |
13243 |
+ This enables the block driver for Micron PCIe SSDs. |
13244 |
+diff --git a/drivers/block/mtip32xx/mtip32xx.c b/drivers/block/mtip32xx/mtip32xx.c |
13245 |
+index 8eb81c9..c37073d 100644 |
13246 |
+--- a/drivers/block/mtip32xx/mtip32xx.c |
13247 |
++++ b/drivers/block/mtip32xx/mtip32xx.c |
13248 |
+@@ -422,6 +422,10 @@ static void mtip_init_port(struct mtip_port *port) |
13249 |
+ /* Clear any pending interrupts for this port */ |
13250 |
+ writel(readl(port->mmio + PORT_IRQ_STAT), port->mmio + PORT_IRQ_STAT); |
13251 |
+ |
13252 |
++ /* Clear any pending interrupts on the HBA. */ |
13253 |
++ writel(readl(port->dd->mmio + HOST_IRQ_STAT), |
13254 |
++ port->dd->mmio + HOST_IRQ_STAT); |
13255 |
++ |
13256 |
+ /* Enable port interrupts */ |
13257 |
+ writel(DEF_PORT_IRQ, port->mmio + PORT_IRQ_MASK); |
13258 |
+ } |
13259 |
+@@ -490,11 +494,9 @@ static void mtip_restart_port(struct mtip_port *port) |
13260 |
+ dev_warn(&port->dd->pdev->dev, |
13261 |
+ "COM reset failed\n"); |
13262 |
+ |
13263 |
+- /* Clear SError, the PxSERR.DIAG.x should be set so clear it */ |
13264 |
+- writel(readl(port->mmio + PORT_SCR_ERR), port->mmio + PORT_SCR_ERR); |
13265 |
++ mtip_init_port(port); |
13266 |
++ mtip_start_port(port); |
13267 |
+ |
13268 |
+- /* Enable the DMA engine */ |
13269 |
+- mtip_enable_engine(port, 1); |
13270 |
+ } |
13271 |
+ |
13272 |
+ /* |
13273 |
+@@ -3359,9 +3361,6 @@ static int mtip_pci_probe(struct pci_dev *pdev, |
13274 |
+ return -ENOMEM; |
13275 |
+ } |
13276 |
+ |
13277 |
+- /* Set the atomic variable as 1 in case of SRSI */ |
13278 |
+- atomic_set(&dd->drv_cleanup_done, true); |
13279 |
+- |
13280 |
+ atomic_set(&dd->resumeflag, false); |
13281 |
+ |
13282 |
+ /* Attach the private data to this PCI device. */ |
13283 |
+@@ -3434,8 +3433,8 @@ iomap_err: |
13284 |
+ pci_set_drvdata(pdev, NULL); |
13285 |
+ return rv; |
13286 |
+ done: |
13287 |
+- /* Set the atomic variable as 0 in case of SRSI */ |
13288 |
+- atomic_set(&dd->drv_cleanup_done, true); |
13289 |
++ /* Set the atomic variable as 0 */ |
13290 |
++ atomic_set(&dd->drv_cleanup_done, false); |
13291 |
+ |
13292 |
+ return rv; |
13293 |
+ } |
13294 |
+@@ -3463,8 +3462,6 @@ static void mtip_pci_remove(struct pci_dev *pdev) |
13295 |
+ } |
13296 |
+ } |
13297 |
+ } |
13298 |
+- /* Set the atomic variable as 1 in case of SRSI */ |
13299 |
+- atomic_set(&dd->drv_cleanup_done, true); |
13300 |
+ |
13301 |
+ /* Clean up the block layer. */ |
13302 |
+ mtip_block_remove(dd); |
13303 |
+@@ -3608,18 +3605,25 @@ MODULE_DEVICE_TABLE(pci, mtip_pci_tbl); |
13304 |
+ */ |
13305 |
+ static int __init mtip_init(void) |
13306 |
+ { |
13307 |
++ int error; |
13308 |
++ |
13309 |
+ printk(KERN_INFO MTIP_DRV_NAME " Version " MTIP_DRV_VERSION "\n"); |
13310 |
+ |
13311 |
+ /* Allocate a major block device number to use with this driver. */ |
13312 |
+- mtip_major = register_blkdev(0, MTIP_DRV_NAME); |
13313 |
+- if (mtip_major < 0) { |
13314 |
++ error = register_blkdev(0, MTIP_DRV_NAME); |
13315 |
++ if (error <= 0) { |
13316 |
+ printk(KERN_ERR "Unable to register block device (%d)\n", |
13317 |
+- mtip_major); |
13318 |
++ error); |
13319 |
+ return -EBUSY; |
13320 |
+ } |
13321 |
++ mtip_major = error; |
13322 |
+ |
13323 |
+ /* Register our PCI operations. */ |
13324 |
+- return pci_register_driver(&mtip_pci_driver); |
13325 |
++ error = pci_register_driver(&mtip_pci_driver); |
13326 |
++ if (error) |
13327 |
++ unregister_blkdev(mtip_major, MTIP_DRV_NAME); |
13328 |
++ |
13329 |
++ return error; |
13330 |
+ } |
13331 |
+ |
13332 |
+ /* |
13333 |
+diff --git a/drivers/gpu/drm/i915/intel_hdmi.c b/drivers/gpu/drm/i915/intel_hdmi.c |
13334 |
+index 64541f7..9cd81ba 100644 |
13335 |
+--- a/drivers/gpu/drm/i915/intel_hdmi.c |
13336 |
++++ b/drivers/gpu/drm/i915/intel_hdmi.c |
13337 |
+@@ -136,7 +136,7 @@ static void i9xx_write_infoframe(struct drm_encoder *encoder, |
13338 |
+ |
13339 |
+ val &= ~VIDEO_DIP_SELECT_MASK; |
13340 |
+ |
13341 |
+- I915_WRITE(VIDEO_DIP_CTL, val | port | flags); |
13342 |
++ I915_WRITE(VIDEO_DIP_CTL, VIDEO_DIP_ENABLE | val | port | flags); |
13343 |
+ |
13344 |
+ for (i = 0; i < len; i += 4) { |
13345 |
+ I915_WRITE(VIDEO_DIP_DATA, *data); |
13346 |
+diff --git a/drivers/gpu/drm/i915/intel_ringbuffer.c b/drivers/gpu/drm/i915/intel_ringbuffer.c |
13347 |
+index 99f71af..6753f59 100644 |
13348 |
+--- a/drivers/gpu/drm/i915/intel_ringbuffer.c |
13349 |
++++ b/drivers/gpu/drm/i915/intel_ringbuffer.c |
13350 |
+@@ -414,10 +414,8 @@ static int init_render_ring(struct intel_ring_buffer *ring) |
13351 |
+ return ret; |
13352 |
+ } |
13353 |
+ |
13354 |
+- if (INTEL_INFO(dev)->gen >= 6) { |
13355 |
+- I915_WRITE(INSTPM, |
13356 |
+- INSTPM_FORCE_ORDERING << 16 | INSTPM_FORCE_ORDERING); |
13357 |
+ |
13358 |
++ if (IS_GEN6(dev)) { |
13359 |
+ /* From the Sandybridge PRM, volume 1 part 3, page 24: |
13360 |
+ * "If this bit is set, STCunit will have LRA as replacement |
13361 |
+ * policy. [...] This bit must be reset. LRA replacement |
13362 |
+@@ -427,6 +425,11 @@ static int init_render_ring(struct intel_ring_buffer *ring) |
13363 |
+ CM0_STC_EVICT_DISABLE_LRA_SNB << CM0_MASK_SHIFT); |
13364 |
+ } |
13365 |
+ |
13366 |
++ if (INTEL_INFO(dev)->gen >= 6) { |
13367 |
++ I915_WRITE(INSTPM, |
13368 |
++ INSTPM_FORCE_ORDERING << 16 | INSTPM_FORCE_ORDERING); |
13369 |
++ } |
13370 |
++ |
13371 |
+ return ret; |
13372 |
+ } |
13373 |
+ |
13374 |
+diff --git a/drivers/gpu/drm/i915/intel_sdvo.c b/drivers/gpu/drm/i915/intel_sdvo.c |
13375 |
+index 0a877dd..8eddcca 100644 |
13376 |
+--- a/drivers/gpu/drm/i915/intel_sdvo.c |
13377 |
++++ b/drivers/gpu/drm/i915/intel_sdvo.c |
13378 |
+@@ -1221,8 +1221,14 @@ static bool intel_sdvo_get_capabilities(struct intel_sdvo *intel_sdvo, struct in |
13379 |
+ |
13380 |
+ static int intel_sdvo_supports_hotplug(struct intel_sdvo *intel_sdvo) |
13381 |
+ { |
13382 |
++ struct drm_device *dev = intel_sdvo->base.base.dev; |
13383 |
+ u8 response[2]; |
13384 |
+ |
13385 |
++ /* HW Erratum: SDVO Hotplug is broken on all i945G chips, there's noise |
13386 |
++ * on the line. */ |
13387 |
++ if (IS_I945G(dev) || IS_I945GM(dev)) |
13388 |
++ return false; |
13389 |
++ |
13390 |
+ return intel_sdvo_get_value(intel_sdvo, SDVO_CMD_GET_HOT_PLUG_SUPPORT, |
13391 |
+ &response, 2) && response[0]; |
13392 |
+ } |
13393 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
13394 |
+index 83047783..ecbd765 100644 |
13395 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
13396 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
13397 |
+@@ -879,8 +879,13 @@ static inline unsigned int tg3_has_work(struct tg3_napi *tnapi) |
13398 |
+ if (sblk->status & SD_STATUS_LINK_CHG) |
13399 |
+ work_exists = 1; |
13400 |
+ } |
13401 |
+- /* check for RX/TX work to do */ |
13402 |
+- if (sblk->idx[0].tx_consumer != tnapi->tx_cons || |
13403 |
++ |
13404 |
++ /* check for TX work to do */ |
13405 |
++ if (sblk->idx[0].tx_consumer != tnapi->tx_cons) |
13406 |
++ work_exists = 1; |
13407 |
++ |
13408 |
++ /* check for RX work to do */ |
13409 |
++ if (tnapi->rx_rcb_prod_idx && |
13410 |
+ *(tnapi->rx_rcb_prod_idx) != tnapi->rx_rcb_ptr) |
13411 |
+ work_exists = 1; |
13412 |
+ |
13413 |
+@@ -5877,6 +5882,9 @@ static int tg3_poll_work(struct tg3_napi *tnapi, int work_done, int budget) |
13414 |
+ return work_done; |
13415 |
+ } |
13416 |
+ |
13417 |
++ if (!tnapi->rx_rcb_prod_idx) |
13418 |
++ return work_done; |
13419 |
++ |
13420 |
+ /* run RX thread, within the bounds set by NAPI. |
13421 |
+ * All RX "locking" is done by ensuring outside |
13422 |
+ * code synchronizes with tg3->napi.poll() |
13423 |
+@@ -7428,6 +7436,12 @@ static int tg3_alloc_consistent(struct tg3 *tp) |
13424 |
+ */ |
13425 |
+ switch (i) { |
13426 |
+ default: |
13427 |
++ if (tg3_flag(tp, ENABLE_RSS)) { |
13428 |
++ tnapi->rx_rcb_prod_idx = NULL; |
13429 |
++ break; |
13430 |
++ } |
13431 |
++ /* Fall through */ |
13432 |
++ case 1: |
13433 |
+ tnapi->rx_rcb_prod_idx = &sblk->idx[0].rx_producer; |
13434 |
+ break; |
13435 |
+ case 2: |
13436 |
+diff --git a/drivers/net/ethernet/intel/e1000/e1000_main.c b/drivers/net/ethernet/intel/e1000/e1000_main.c |
13437 |
+index d94d64b..b444f21 100644 |
13438 |
+--- a/drivers/net/ethernet/intel/e1000/e1000_main.c |
13439 |
++++ b/drivers/net/ethernet/intel/e1000/e1000_main.c |
13440 |
+@@ -164,6 +164,8 @@ static int e1000_82547_fifo_workaround(struct e1000_adapter *adapter, |
13441 |
+ static bool e1000_vlan_used(struct e1000_adapter *adapter); |
13442 |
+ static void e1000_vlan_mode(struct net_device *netdev, |
13443 |
+ netdev_features_t features); |
13444 |
++static void e1000_vlan_filter_on_off(struct e1000_adapter *adapter, |
13445 |
++ bool filter_on); |
13446 |
+ static int e1000_vlan_rx_add_vid(struct net_device *netdev, u16 vid); |
13447 |
+ static int e1000_vlan_rx_kill_vid(struct net_device *netdev, u16 vid); |
13448 |
+ static void e1000_restore_vlan(struct e1000_adapter *adapter); |
13449 |
+@@ -1213,7 +1215,7 @@ static int __devinit e1000_probe(struct pci_dev *pdev, |
13450 |
+ if (err) |
13451 |
+ goto err_register; |
13452 |
+ |
13453 |
+- e1000_vlan_mode(netdev, netdev->features); |
13454 |
++ e1000_vlan_filter_on_off(adapter, false); |
13455 |
+ |
13456 |
+ /* print bus type/speed/width info */ |
13457 |
+ e_info(probe, "(PCI%s:%dMHz:%d-bit) %pM\n", |
13458 |
+@@ -4549,6 +4551,22 @@ static bool e1000_vlan_used(struct e1000_adapter *adapter) |
13459 |
+ return false; |
13460 |
+ } |
13461 |
+ |
13462 |
++static void __e1000_vlan_mode(struct e1000_adapter *adapter, |
13463 |
++ netdev_features_t features) |
13464 |
++{ |
13465 |
++ struct e1000_hw *hw = &adapter->hw; |
13466 |
++ u32 ctrl; |
13467 |
++ |
13468 |
++ ctrl = er32(CTRL); |
13469 |
++ if (features & NETIF_F_HW_VLAN_RX) { |
13470 |
++ /* enable VLAN tag insert/strip */ |
13471 |
++ ctrl |= E1000_CTRL_VME; |
13472 |
++ } else { |
13473 |
++ /* disable VLAN tag insert/strip */ |
13474 |
++ ctrl &= ~E1000_CTRL_VME; |
13475 |
++ } |
13476 |
++ ew32(CTRL, ctrl); |
13477 |
++} |
13478 |
+ static void e1000_vlan_filter_on_off(struct e1000_adapter *adapter, |
13479 |
+ bool filter_on) |
13480 |
+ { |
13481 |
+@@ -4558,6 +4576,7 @@ static void e1000_vlan_filter_on_off(struct e1000_adapter *adapter, |
13482 |
+ if (!test_bit(__E1000_DOWN, &adapter->flags)) |
13483 |
+ e1000_irq_disable(adapter); |
13484 |
+ |
13485 |
++ __e1000_vlan_mode(adapter, adapter->netdev->features); |
13486 |
+ if (filter_on) { |
13487 |
+ /* enable VLAN receive filtering */ |
13488 |
+ rctl = er32(RCTL); |
13489 |
+@@ -4578,24 +4597,14 @@ static void e1000_vlan_filter_on_off(struct e1000_adapter *adapter, |
13490 |
+ } |
13491 |
+ |
13492 |
+ static void e1000_vlan_mode(struct net_device *netdev, |
13493 |
+- netdev_features_t features) |
13494 |
++ netdev_features_t features) |
13495 |
+ { |
13496 |
+ struct e1000_adapter *adapter = netdev_priv(netdev); |
13497 |
+- struct e1000_hw *hw = &adapter->hw; |
13498 |
+- u32 ctrl; |
13499 |
+ |
13500 |
+ if (!test_bit(__E1000_DOWN, &adapter->flags)) |
13501 |
+ e1000_irq_disable(adapter); |
13502 |
+ |
13503 |
+- ctrl = er32(CTRL); |
13504 |
+- if (features & NETIF_F_HW_VLAN_RX) { |
13505 |
+- /* enable VLAN tag insert/strip */ |
13506 |
+- ctrl |= E1000_CTRL_VME; |
13507 |
+- } else { |
13508 |
+- /* disable VLAN tag insert/strip */ |
13509 |
+- ctrl &= ~E1000_CTRL_VME; |
13510 |
+- } |
13511 |
+- ew32(CTRL, ctrl); |
13512 |
++ __e1000_vlan_mode(adapter, features); |
13513 |
+ |
13514 |
+ if (!test_bit(__E1000_DOWN, &adapter->flags)) |
13515 |
+ e1000_irq_enable(adapter); |
13516 |
+diff --git a/drivers/net/ethernet/marvell/sky2.c b/drivers/net/ethernet/marvell/sky2.c |
13517 |
+index ec6136f..1d04182 100644 |
13518 |
+--- a/drivers/net/ethernet/marvell/sky2.c |
13519 |
++++ b/drivers/net/ethernet/marvell/sky2.c |
13520 |
+@@ -2483,8 +2483,13 @@ static struct sk_buff *receive_copy(struct sky2_port *sky2, |
13521 |
+ skb_copy_from_linear_data(re->skb, skb->data, length); |
13522 |
+ skb->ip_summed = re->skb->ip_summed; |
13523 |
+ skb->csum = re->skb->csum; |
13524 |
++ skb->rxhash = re->skb->rxhash; |
13525 |
++ skb->vlan_tci = re->skb->vlan_tci; |
13526 |
++ |
13527 |
+ pci_dma_sync_single_for_device(sky2->hw->pdev, re->data_addr, |
13528 |
+ length, PCI_DMA_FROMDEVICE); |
13529 |
++ re->skb->vlan_tci = 0; |
13530 |
++ re->skb->rxhash = 0; |
13531 |
+ re->skb->ip_summed = CHECKSUM_NONE; |
13532 |
+ skb_put(skb, length); |
13533 |
+ } |
13534 |
+@@ -2569,9 +2574,6 @@ static struct sk_buff *sky2_receive(struct net_device *dev, |
13535 |
+ struct sk_buff *skb = NULL; |
13536 |
+ u16 count = (status & GMR_FS_LEN) >> 16; |
13537 |
+ |
13538 |
+- if (status & GMR_FS_VLAN) |
13539 |
+- count -= VLAN_HLEN; /* Account for vlan tag */ |
13540 |
+- |
13541 |
+ netif_printk(sky2, rx_status, KERN_DEBUG, dev, |
13542 |
+ "rx slot %u status 0x%x len %d\n", |
13543 |
+ sky2->rx_next, status, length); |
13544 |
+@@ -2579,6 +2581,9 @@ static struct sk_buff *sky2_receive(struct net_device *dev, |
13545 |
+ sky2->rx_next = (sky2->rx_next + 1) % sky2->rx_pending; |
13546 |
+ prefetch(sky2->rx_ring + sky2->rx_next); |
13547 |
+ |
13548 |
++ if (vlan_tx_tag_present(re->skb)) |
13549 |
++ count -= VLAN_HLEN; /* Account for vlan tag */ |
13550 |
++ |
13551 |
+ /* This chip has hardware problems that generates bogus status. |
13552 |
+ * So do only marginal checking and expect higher level protocols |
13553 |
+ * to handle crap frames. |
13554 |
+@@ -2636,11 +2641,8 @@ static inline void sky2_tx_done(struct net_device *dev, u16 last) |
13555 |
+ } |
13556 |
+ |
13557 |
+ static inline void sky2_skb_rx(const struct sky2_port *sky2, |
13558 |
+- u32 status, struct sk_buff *skb) |
13559 |
++ struct sk_buff *skb) |
13560 |
+ { |
13561 |
+- if (status & GMR_FS_VLAN) |
13562 |
+- __vlan_hwaccel_put_tag(skb, be16_to_cpu(sky2->rx_tag)); |
13563 |
+- |
13564 |
+ if (skb->ip_summed == CHECKSUM_NONE) |
13565 |
+ netif_receive_skb(skb); |
13566 |
+ else |
13567 |
+@@ -2694,6 +2696,14 @@ static void sky2_rx_checksum(struct sky2_port *sky2, u32 status) |
13568 |
+ } |
13569 |
+ } |
13570 |
+ |
13571 |
++static void sky2_rx_tag(struct sky2_port *sky2, u16 length) |
13572 |
++{ |
13573 |
++ struct sk_buff *skb; |
13574 |
++ |
13575 |
++ skb = sky2->rx_ring[sky2->rx_next].skb; |
13576 |
++ __vlan_hwaccel_put_tag(skb, be16_to_cpu(length)); |
13577 |
++} |
13578 |
++ |
13579 |
+ static void sky2_rx_hash(struct sky2_port *sky2, u32 status) |
13580 |
+ { |
13581 |
+ struct sk_buff *skb; |
13582 |
+@@ -2752,8 +2762,7 @@ static int sky2_status_intr(struct sky2_hw *hw, int to_do, u16 idx) |
13583 |
+ } |
13584 |
+ |
13585 |
+ skb->protocol = eth_type_trans(skb, dev); |
13586 |
+- |
13587 |
+- sky2_skb_rx(sky2, status, skb); |
13588 |
++ sky2_skb_rx(sky2, skb); |
13589 |
+ |
13590 |
+ /* Stop after net poll weight */ |
13591 |
+ if (++work_done >= to_do) |
13592 |
+@@ -2761,11 +2770,11 @@ static int sky2_status_intr(struct sky2_hw *hw, int to_do, u16 idx) |
13593 |
+ break; |
13594 |
+ |
13595 |
+ case OP_RXVLAN: |
13596 |
+- sky2->rx_tag = length; |
13597 |
++ sky2_rx_tag(sky2, length); |
13598 |
+ break; |
13599 |
+ |
13600 |
+ case OP_RXCHKSVLAN: |
13601 |
+- sky2->rx_tag = length; |
13602 |
++ sky2_rx_tag(sky2, length); |
13603 |
+ /* fall through */ |
13604 |
+ case OP_RXCHKS: |
13605 |
+ if (likely(dev->features & NETIF_F_RXCSUM)) |
13606 |
+diff --git a/drivers/net/ethernet/marvell/sky2.h b/drivers/net/ethernet/marvell/sky2.h |
13607 |
+index ff6f58b..3c896ce 100644 |
13608 |
+--- a/drivers/net/ethernet/marvell/sky2.h |
13609 |
++++ b/drivers/net/ethernet/marvell/sky2.h |
13610 |
+@@ -2241,7 +2241,6 @@ struct sky2_port { |
13611 |
+ u16 rx_pending; |
13612 |
+ u16 rx_data_size; |
13613 |
+ u16 rx_nfrags; |
13614 |
+- u16 rx_tag; |
13615 |
+ |
13616 |
+ struct { |
13617 |
+ unsigned long last; |
13618 |
+diff --git a/drivers/net/ethernet/sun/sungem.c b/drivers/net/ethernet/sun/sungem.c |
13619 |
+index 31441a8..d14a011 100644 |
13620 |
+--- a/drivers/net/ethernet/sun/sungem.c |
13621 |
++++ b/drivers/net/ethernet/sun/sungem.c |
13622 |
+@@ -2340,7 +2340,7 @@ static int gem_suspend(struct pci_dev *pdev, pm_message_t state) |
13623 |
+ netif_device_detach(dev); |
13624 |
+ |
13625 |
+ /* Switch off chip, remember WOL setting */ |
13626 |
+- gp->asleep_wol = gp->wake_on_lan; |
13627 |
++ gp->asleep_wol = !!gp->wake_on_lan; |
13628 |
+ gem_do_stop(dev, gp->asleep_wol); |
13629 |
+ |
13630 |
+ /* Unlock the network stack */ |
13631 |
+diff --git a/drivers/net/usb/asix.c b/drivers/net/usb/asix.c |
13632 |
+index d6da5ee..c7ada22 100644 |
13633 |
+--- a/drivers/net/usb/asix.c |
13634 |
++++ b/drivers/net/usb/asix.c |
13635 |
+@@ -403,7 +403,7 @@ static struct sk_buff *asix_tx_fixup(struct usbnet *dev, struct sk_buff *skb, |
13636 |
+ u32 packet_len; |
13637 |
+ u32 padbytes = 0xffff0000; |
13638 |
+ |
13639 |
+- padlen = ((skb->len + 4) % 512) ? 0 : 4; |
13640 |
++ padlen = ((skb->len + 4) & (dev->maxpacket - 1)) ? 0 : 4; |
13641 |
+ |
13642 |
+ if ((!skb_cloned(skb)) && |
13643 |
+ ((headroom + tailroom) >= (4 + padlen))) { |
13644 |
+@@ -425,7 +425,7 @@ static struct sk_buff *asix_tx_fixup(struct usbnet *dev, struct sk_buff *skb, |
13645 |
+ cpu_to_le32s(&packet_len); |
13646 |
+ skb_copy_to_linear_data(skb, &packet_len, sizeof(packet_len)); |
13647 |
+ |
13648 |
+- if ((skb->len % 512) == 0) { |
13649 |
++ if (padlen) { |
13650 |
+ cpu_to_le32s(&padbytes); |
13651 |
+ memcpy(skb_tail_pointer(skb), &padbytes, sizeof(padbytes)); |
13652 |
+ skb_put(skb, sizeof(padbytes)); |
13653 |
+diff --git a/drivers/net/usb/smsc95xx.c b/drivers/net/usb/smsc95xx.c |
13654 |
+index d45520e..f1e77b1 100644 |
13655 |
+--- a/drivers/net/usb/smsc95xx.c |
13656 |
++++ b/drivers/net/usb/smsc95xx.c |
13657 |
+@@ -1191,7 +1191,7 @@ static const struct driver_info smsc95xx_info = { |
13658 |
+ .rx_fixup = smsc95xx_rx_fixup, |
13659 |
+ .tx_fixup = smsc95xx_tx_fixup, |
13660 |
+ .status = smsc95xx_status, |
13661 |
+- .flags = FLAG_ETHER | FLAG_SEND_ZLP, |
13662 |
++ .flags = FLAG_ETHER | FLAG_SEND_ZLP | FLAG_LINK_INTR, |
13663 |
+ }; |
13664 |
+ |
13665 |
+ static const struct usb_device_id products[] = { |
13666 |
+diff --git a/drivers/platform/x86/sony-laptop.c b/drivers/platform/x86/sony-laptop.c |
13667 |
+index c006dee..40c4705 100644 |
13668 |
+--- a/drivers/platform/x86/sony-laptop.c |
13669 |
++++ b/drivers/platform/x86/sony-laptop.c |
13670 |
+@@ -127,7 +127,7 @@ MODULE_PARM_DESC(minor, |
13671 |
+ "default is -1 (automatic)"); |
13672 |
+ #endif |
13673 |
+ |
13674 |
+-static int kbd_backlight; /* = 1 */ |
13675 |
++static int kbd_backlight = 1; |
13676 |
+ module_param(kbd_backlight, int, 0444); |
13677 |
+ MODULE_PARM_DESC(kbd_backlight, |
13678 |
+ "set this to 0 to disable keyboard backlight, " |
13679 |
+diff --git a/drivers/regulator/max8997.c b/drivers/regulator/max8997.c |
13680 |
+index d26e864..cf73ab2 100644 |
13681 |
+--- a/drivers/regulator/max8997.c |
13682 |
++++ b/drivers/regulator/max8997.c |
13683 |
+@@ -689,7 +689,7 @@ static int max8997_set_voltage_buck(struct regulator_dev *rdev, |
13684 |
+ } |
13685 |
+ |
13686 |
+ new_val++; |
13687 |
+- } while (desc->min + desc->step + new_val <= desc->max); |
13688 |
++ } while (desc->min + desc->step * new_val <= desc->max); |
13689 |
+ |
13690 |
+ new_idx = tmp_idx; |
13691 |
+ new_val = tmp_val; |
13692 |
+diff --git a/drivers/usb/gadget/udc-core.c b/drivers/usb/gadget/udc-core.c |
13693 |
+index ec02ed0..4e2e13e 100644 |
13694 |
+--- a/drivers/usb/gadget/udc-core.c |
13695 |
++++ b/drivers/usb/gadget/udc-core.c |
13696 |
+@@ -211,8 +211,8 @@ static void usb_gadget_remove_driver(struct usb_udc *udc) |
13697 |
+ |
13698 |
+ if (udc_is_newstyle(udc)) { |
13699 |
+ udc->driver->disconnect(udc->gadget); |
13700 |
+- udc->driver->unbind(udc->gadget); |
13701 |
+ usb_gadget_disconnect(udc->gadget); |
13702 |
++ udc->driver->unbind(udc->gadget); |
13703 |
+ usb_gadget_udc_stop(udc->gadget, udc->driver); |
13704 |
+ } else { |
13705 |
+ usb_gadget_stop(udc->gadget, udc->driver); |
13706 |
+@@ -363,9 +363,9 @@ static ssize_t usb_udc_softconn_store(struct device *dev, |
13707 |
+ usb_gadget_udc_start(udc->gadget, udc->driver); |
13708 |
+ usb_gadget_connect(udc->gadget); |
13709 |
+ } else if (sysfs_streq(buf, "disconnect")) { |
13710 |
++ usb_gadget_disconnect(udc->gadget); |
13711 |
+ if (udc_is_newstyle(udc)) |
13712 |
+ usb_gadget_udc_stop(udc->gadget, udc->driver); |
13713 |
+- usb_gadget_disconnect(udc->gadget); |
13714 |
+ } else { |
13715 |
+ dev_err(dev, "unsupported command '%s'\n", buf); |
13716 |
+ return -EINVAL; |
13717 |
+diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c |
13718 |
+index cd66b76..1250bba 100644 |
13719 |
+--- a/fs/cifs/cifssmb.c |
13720 |
++++ b/fs/cifs/cifssmb.c |
13721 |
+@@ -4831,8 +4831,12 @@ parse_DFS_referrals(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr, |
13722 |
+ max_len = data_end - temp; |
13723 |
+ node->node_name = cifs_strndup_from_utf16(temp, max_len, |
13724 |
+ is_unicode, nls_codepage); |
13725 |
+- if (!node->node_name) |
13726 |
++ if (!node->node_name) { |
13727 |
+ rc = -ENOMEM; |
13728 |
++ goto parse_DFS_referrals_exit; |
13729 |
++ } |
13730 |
++ |
13731 |
++ ref++; |
13732 |
+ } |
13733 |
+ |
13734 |
+ parse_DFS_referrals_exit: |
13735 |
+diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c |
13736 |
+index 3645cd3..c60267e 100644 |
13737 |
+--- a/fs/hugetlbfs/inode.c |
13738 |
++++ b/fs/hugetlbfs/inode.c |
13739 |
+@@ -600,9 +600,15 @@ static int hugetlbfs_statfs(struct dentry *dentry, struct kstatfs *buf) |
13740 |
+ spin_lock(&sbinfo->stat_lock); |
13741 |
+ /* If no limits set, just report 0 for max/free/used |
13742 |
+ * blocks, like simple_statfs() */ |
13743 |
+- if (sbinfo->max_blocks >= 0) { |
13744 |
+- buf->f_blocks = sbinfo->max_blocks; |
13745 |
+- buf->f_bavail = buf->f_bfree = sbinfo->free_blocks; |
13746 |
++ if (sbinfo->spool) { |
13747 |
++ long free_pages; |
13748 |
++ |
13749 |
++ spin_lock(&sbinfo->spool->lock); |
13750 |
++ buf->f_blocks = sbinfo->spool->max_hpages; |
13751 |
++ free_pages = sbinfo->spool->max_hpages |
13752 |
++ - sbinfo->spool->used_hpages; |
13753 |
++ buf->f_bavail = buf->f_bfree = free_pages; |
13754 |
++ spin_unlock(&sbinfo->spool->lock); |
13755 |
+ buf->f_files = sbinfo->max_inodes; |
13756 |
+ buf->f_ffree = sbinfo->free_inodes; |
13757 |
+ } |
13758 |
+@@ -618,6 +624,10 @@ static void hugetlbfs_put_super(struct super_block *sb) |
13759 |
+ |
13760 |
+ if (sbi) { |
13761 |
+ sb->s_fs_info = NULL; |
13762 |
++ |
13763 |
++ if (sbi->spool) |
13764 |
++ hugepage_put_subpool(sbi->spool); |
13765 |
++ |
13766 |
+ kfree(sbi); |
13767 |
+ } |
13768 |
+ } |
13769 |
+@@ -848,10 +858,14 @@ hugetlbfs_fill_super(struct super_block *sb, void *data, int silent) |
13770 |
+ sb->s_fs_info = sbinfo; |
13771 |
+ sbinfo->hstate = config.hstate; |
13772 |
+ spin_lock_init(&sbinfo->stat_lock); |
13773 |
+- sbinfo->max_blocks = config.nr_blocks; |
13774 |
+- sbinfo->free_blocks = config.nr_blocks; |
13775 |
+ sbinfo->max_inodes = config.nr_inodes; |
13776 |
+ sbinfo->free_inodes = config.nr_inodes; |
13777 |
++ sbinfo->spool = NULL; |
13778 |
++ if (config.nr_blocks != -1) { |
13779 |
++ sbinfo->spool = hugepage_new_subpool(config.nr_blocks); |
13780 |
++ if (!sbinfo->spool) |
13781 |
++ goto out_free; |
13782 |
++ } |
13783 |
+ sb->s_maxbytes = MAX_LFS_FILESIZE; |
13784 |
+ sb->s_blocksize = huge_page_size(config.hstate); |
13785 |
+ sb->s_blocksize_bits = huge_page_shift(config.hstate); |
13786 |
+@@ -870,38 +884,12 @@ hugetlbfs_fill_super(struct super_block *sb, void *data, int silent) |
13787 |
+ sb->s_root = root; |
13788 |
+ return 0; |
13789 |
+ out_free: |
13790 |
++ if (sbinfo->spool) |
13791 |
++ kfree(sbinfo->spool); |
13792 |
+ kfree(sbinfo); |
13793 |
+ return -ENOMEM; |
13794 |
+ } |
13795 |
+ |
13796 |
+-int hugetlb_get_quota(struct address_space *mapping, long delta) |
13797 |
+-{ |
13798 |
+- int ret = 0; |
13799 |
+- struct hugetlbfs_sb_info *sbinfo = HUGETLBFS_SB(mapping->host->i_sb); |
13800 |
+- |
13801 |
+- if (sbinfo->free_blocks > -1) { |
13802 |
+- spin_lock(&sbinfo->stat_lock); |
13803 |
+- if (sbinfo->free_blocks - delta >= 0) |
13804 |
+- sbinfo->free_blocks -= delta; |
13805 |
+- else |
13806 |
+- ret = -ENOMEM; |
13807 |
+- spin_unlock(&sbinfo->stat_lock); |
13808 |
+- } |
13809 |
+- |
13810 |
+- return ret; |
13811 |
+-} |
13812 |
+- |
13813 |
+-void hugetlb_put_quota(struct address_space *mapping, long delta) |
13814 |
+-{ |
13815 |
+- struct hugetlbfs_sb_info *sbinfo = HUGETLBFS_SB(mapping->host->i_sb); |
13816 |
+- |
13817 |
+- if (sbinfo->free_blocks > -1) { |
13818 |
+- spin_lock(&sbinfo->stat_lock); |
13819 |
+- sbinfo->free_blocks += delta; |
13820 |
+- spin_unlock(&sbinfo->stat_lock); |
13821 |
+- } |
13822 |
+-} |
13823 |
+- |
13824 |
+ static struct dentry *hugetlbfs_mount(struct file_system_type *fs_type, |
13825 |
+ int flags, const char *dev_name, void *data) |
13826 |
+ { |
13827 |
+diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c |
13828 |
+index de3fa1a..2c1244b 100644 |
13829 |
+--- a/fs/nfsd/nfs4proc.c |
13830 |
++++ b/fs/nfsd/nfs4proc.c |
13831 |
+@@ -231,17 +231,17 @@ do_open_lookup(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_o |
13832 |
+ */ |
13833 |
+ if (open->op_createmode == NFS4_CREATE_EXCLUSIVE && status == 0) |
13834 |
+ open->op_bmval[1] = (FATTR4_WORD1_TIME_ACCESS | |
13835 |
+- FATTR4_WORD1_TIME_MODIFY); |
13836 |
++ FATTR4_WORD1_TIME_MODIFY); |
13837 |
+ } else { |
13838 |
+ status = nfsd_lookup(rqstp, current_fh, |
13839 |
+ open->op_fname.data, open->op_fname.len, &resfh); |
13840 |
+ fh_unlock(current_fh); |
13841 |
+- if (status) |
13842 |
+- goto out; |
13843 |
+- status = nfsd_check_obj_isreg(&resfh); |
13844 |
+ } |
13845 |
+ if (status) |
13846 |
+ goto out; |
13847 |
++ status = nfsd_check_obj_isreg(&resfh); |
13848 |
++ if (status) |
13849 |
++ goto out; |
13850 |
+ |
13851 |
+ if (is_create_with_attrs(open) && open->op_acl != NULL) |
13852 |
+ do_set_nfs4_acl(rqstp, &resfh, open->op_acl, open->op_bmval); |
13853 |
+diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c |
13854 |
+index edf6d3e..b96fe94 100644 |
13855 |
+--- a/fs/nfsd/vfs.c |
13856 |
++++ b/fs/nfsd/vfs.c |
13857 |
+@@ -1450,7 +1450,7 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp, |
13858 |
+ switch (createmode) { |
13859 |
+ case NFS3_CREATE_UNCHECKED: |
13860 |
+ if (! S_ISREG(dchild->d_inode->i_mode)) |
13861 |
+- err = nfserr_exist; |
13862 |
++ goto out; |
13863 |
+ else if (truncp) { |
13864 |
+ /* in nfsv4, we need to treat this case a little |
13865 |
+ * differently. we don't want to truncate the |
13866 |
+diff --git a/include/asm-generic/statfs.h b/include/asm-generic/statfs.h |
13867 |
+index 0fd28e0..c749af9 100644 |
13868 |
+--- a/include/asm-generic/statfs.h |
13869 |
++++ b/include/asm-generic/statfs.h |
13870 |
+@@ -15,7 +15,7 @@ typedef __kernel_fsid_t fsid_t; |
13871 |
+ * with a 10' pole. |
13872 |
+ */ |
13873 |
+ #ifndef __statfs_word |
13874 |
+-#if BITS_PER_LONG == 64 |
13875 |
++#if __BITS_PER_LONG == 64 |
13876 |
+ #define __statfs_word long |
13877 |
+ #else |
13878 |
+ #define __statfs_word __u32 |
13879 |
+diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h |
13880 |
+index d9d6c86..c5ed2f1 100644 |
13881 |
+--- a/include/linux/hugetlb.h |
13882 |
++++ b/include/linux/hugetlb.h |
13883 |
+@@ -14,6 +14,15 @@ struct user_struct; |
13884 |
+ #include <linux/shm.h> |
13885 |
+ #include <asm/tlbflush.h> |
13886 |
+ |
13887 |
++struct hugepage_subpool { |
13888 |
++ spinlock_t lock; |
13889 |
++ long count; |
13890 |
++ long max_hpages, used_hpages; |
13891 |
++}; |
13892 |
++ |
13893 |
++struct hugepage_subpool *hugepage_new_subpool(long nr_blocks); |
13894 |
++void hugepage_put_subpool(struct hugepage_subpool *spool); |
13895 |
++ |
13896 |
+ int PageHuge(struct page *page); |
13897 |
+ |
13898 |
+ void reset_vma_resv_huge_pages(struct vm_area_struct *vma); |
13899 |
+@@ -138,12 +147,11 @@ struct hugetlbfs_config { |
13900 |
+ }; |
13901 |
+ |
13902 |
+ struct hugetlbfs_sb_info { |
13903 |
+- long max_blocks; /* blocks allowed */ |
13904 |
+- long free_blocks; /* blocks free */ |
13905 |
+ long max_inodes; /* inodes allowed */ |
13906 |
+ long free_inodes; /* inodes free */ |
13907 |
+ spinlock_t stat_lock; |
13908 |
+ struct hstate *hstate; |
13909 |
++ struct hugepage_subpool *spool; |
13910 |
+ }; |
13911 |
+ |
13912 |
+ |
13913 |
+@@ -166,8 +174,6 @@ extern const struct file_operations hugetlbfs_file_operations; |
13914 |
+ extern const struct vm_operations_struct hugetlb_vm_ops; |
13915 |
+ struct file *hugetlb_file_setup(const char *name, size_t size, vm_flags_t acct, |
13916 |
+ struct user_struct **user, int creat_flags); |
13917 |
+-int hugetlb_get_quota(struct address_space *mapping, long delta); |
13918 |
+-void hugetlb_put_quota(struct address_space *mapping, long delta); |
13919 |
+ |
13920 |
+ static inline int is_file_hugepages(struct file *file) |
13921 |
+ { |
13922 |
+diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h |
13923 |
+index bc21720..4c4e83d 100644 |
13924 |
+--- a/include/linux/kvm_host.h |
13925 |
++++ b/include/linux/kvm_host.h |
13926 |
+@@ -775,6 +775,13 @@ static inline bool kvm_vcpu_is_bsp(struct kvm_vcpu *vcpu) |
13927 |
+ { |
13928 |
+ return vcpu->kvm->bsp_vcpu_id == vcpu->vcpu_id; |
13929 |
+ } |
13930 |
++ |
13931 |
++bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu); |
13932 |
++ |
13933 |
++#else |
13934 |
++ |
13935 |
++static inline bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) { return true; } |
13936 |
++ |
13937 |
+ #endif |
13938 |
+ |
13939 |
+ #ifdef __KVM_HAVE_DEVICE_ASSIGNMENT |
13940 |
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
13941 |
+index 4f3b01a..7e472b7 100644 |
13942 |
+--- a/include/linux/netdevice.h |
13943 |
++++ b/include/linux/netdevice.h |
13944 |
+@@ -1898,12 +1898,22 @@ static inline void netdev_tx_sent_queue(struct netdev_queue *dev_queue, |
13945 |
+ { |
13946 |
+ #ifdef CONFIG_BQL |
13947 |
+ dql_queued(&dev_queue->dql, bytes); |
13948 |
+- if (unlikely(dql_avail(&dev_queue->dql) < 0)) { |
13949 |
+- set_bit(__QUEUE_STATE_STACK_XOFF, &dev_queue->state); |
13950 |
+- if (unlikely(dql_avail(&dev_queue->dql) >= 0)) |
13951 |
+- clear_bit(__QUEUE_STATE_STACK_XOFF, |
13952 |
+- &dev_queue->state); |
13953 |
+- } |
13954 |
++ |
13955 |
++ if (likely(dql_avail(&dev_queue->dql) >= 0)) |
13956 |
++ return; |
13957 |
++ |
13958 |
++ set_bit(__QUEUE_STATE_STACK_XOFF, &dev_queue->state); |
13959 |
++ |
13960 |
++ /* |
13961 |
++ * The XOFF flag must be set before checking the dql_avail below, |
13962 |
++ * because in netdev_tx_completed_queue we update the dql_completed |
13963 |
++ * before checking the XOFF flag. |
13964 |
++ */ |
13965 |
++ smp_mb(); |
13966 |
++ |
13967 |
++ /* check again in case another CPU has just made room avail */ |
13968 |
++ if (unlikely(dql_avail(&dev_queue->dql) >= 0)) |
13969 |
++ clear_bit(__QUEUE_STATE_STACK_XOFF, &dev_queue->state); |
13970 |
+ #endif |
13971 |
+ } |
13972 |
+ |
13973 |
+@@ -1916,16 +1926,23 @@ static inline void netdev_tx_completed_queue(struct netdev_queue *dev_queue, |
13974 |
+ unsigned pkts, unsigned bytes) |
13975 |
+ { |
13976 |
+ #ifdef CONFIG_BQL |
13977 |
+- if (likely(bytes)) { |
13978 |
+- dql_completed(&dev_queue->dql, bytes); |
13979 |
+- if (unlikely(test_bit(__QUEUE_STATE_STACK_XOFF, |
13980 |
+- &dev_queue->state) && |
13981 |
+- dql_avail(&dev_queue->dql) >= 0)) { |
13982 |
+- if (test_and_clear_bit(__QUEUE_STATE_STACK_XOFF, |
13983 |
+- &dev_queue->state)) |
13984 |
+- netif_schedule_queue(dev_queue); |
13985 |
+- } |
13986 |
+- } |
13987 |
++ if (unlikely(!bytes)) |
13988 |
++ return; |
13989 |
++ |
13990 |
++ dql_completed(&dev_queue->dql, bytes); |
13991 |
++ |
13992 |
++ /* |
13993 |
++ * Without the memory barrier there is a small possiblity that |
13994 |
++ * netdev_tx_sent_queue will miss the update and cause the queue to |
13995 |
++ * be stopped forever |
13996 |
++ */ |
13997 |
++ smp_mb(); |
13998 |
++ |
13999 |
++ if (dql_avail(&dev_queue->dql) < 0) |
14000 |
++ return; |
14001 |
++ |
14002 |
++ if (test_and_clear_bit(__QUEUE_STATE_STACK_XOFF, &dev_queue->state)) |
14003 |
++ netif_schedule_queue(dev_queue); |
14004 |
+ #endif |
14005 |
+ } |
14006 |
+ |
14007 |
+@@ -1938,6 +1955,7 @@ static inline void netdev_completed_queue(struct net_device *dev, |
14008 |
+ static inline void netdev_tx_reset_queue(struct netdev_queue *q) |
14009 |
+ { |
14010 |
+ #ifdef CONFIG_BQL |
14011 |
++ clear_bit(__QUEUE_STATE_STACK_XOFF, &q->state); |
14012 |
+ dql_reset(&q->dql); |
14013 |
+ #endif |
14014 |
+ } |
14015 |
+diff --git a/include/linux/seqlock.h b/include/linux/seqlock.h |
14016 |
+index c6db9fb..bb1fac5 100644 |
14017 |
+--- a/include/linux/seqlock.h |
14018 |
++++ b/include/linux/seqlock.h |
14019 |
+@@ -141,7 +141,7 @@ static inline unsigned __read_seqcount_begin(const seqcount_t *s) |
14020 |
+ unsigned ret; |
14021 |
+ |
14022 |
+ repeat: |
14023 |
+- ret = s->sequence; |
14024 |
++ ret = ACCESS_ONCE(s->sequence); |
14025 |
+ if (unlikely(ret & 1)) { |
14026 |
+ cpu_relax(); |
14027 |
+ goto repeat; |
14028 |
+diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
14029 |
+index a7cf829..24b1787 100644 |
14030 |
+--- a/mm/hugetlb.c |
14031 |
++++ b/mm/hugetlb.c |
14032 |
+@@ -53,6 +53,84 @@ static unsigned long __initdata default_hstate_size; |
14033 |
+ */ |
14034 |
+ static DEFINE_SPINLOCK(hugetlb_lock); |
14035 |
+ |
14036 |
++static inline void unlock_or_release_subpool(struct hugepage_subpool *spool) |
14037 |
++{ |
14038 |
++ bool free = (spool->count == 0) && (spool->used_hpages == 0); |
14039 |
++ |
14040 |
++ spin_unlock(&spool->lock); |
14041 |
++ |
14042 |
++ /* If no pages are used, and no other handles to the subpool |
14043 |
++ * remain, free the subpool the subpool remain */ |
14044 |
++ if (free) |
14045 |
++ kfree(spool); |
14046 |
++} |
14047 |
++ |
14048 |
++struct hugepage_subpool *hugepage_new_subpool(long nr_blocks) |
14049 |
++{ |
14050 |
++ struct hugepage_subpool *spool; |
14051 |
++ |
14052 |
++ spool = kmalloc(sizeof(*spool), GFP_KERNEL); |
14053 |
++ if (!spool) |
14054 |
++ return NULL; |
14055 |
++ |
14056 |
++ spin_lock_init(&spool->lock); |
14057 |
++ spool->count = 1; |
14058 |
++ spool->max_hpages = nr_blocks; |
14059 |
++ spool->used_hpages = 0; |
14060 |
++ |
14061 |
++ return spool; |
14062 |
++} |
14063 |
++ |
14064 |
++void hugepage_put_subpool(struct hugepage_subpool *spool) |
14065 |
++{ |
14066 |
++ spin_lock(&spool->lock); |
14067 |
++ BUG_ON(!spool->count); |
14068 |
++ spool->count--; |
14069 |
++ unlock_or_release_subpool(spool); |
14070 |
++} |
14071 |
++ |
14072 |
++static int hugepage_subpool_get_pages(struct hugepage_subpool *spool, |
14073 |
++ long delta) |
14074 |
++{ |
14075 |
++ int ret = 0; |
14076 |
++ |
14077 |
++ if (!spool) |
14078 |
++ return 0; |
14079 |
++ |
14080 |
++ spin_lock(&spool->lock); |
14081 |
++ if ((spool->used_hpages + delta) <= spool->max_hpages) { |
14082 |
++ spool->used_hpages += delta; |
14083 |
++ } else { |
14084 |
++ ret = -ENOMEM; |
14085 |
++ } |
14086 |
++ spin_unlock(&spool->lock); |
14087 |
++ |
14088 |
++ return ret; |
14089 |
++} |
14090 |
++ |
14091 |
++static void hugepage_subpool_put_pages(struct hugepage_subpool *spool, |
14092 |
++ long delta) |
14093 |
++{ |
14094 |
++ if (!spool) |
14095 |
++ return; |
14096 |
++ |
14097 |
++ spin_lock(&spool->lock); |
14098 |
++ spool->used_hpages -= delta; |
14099 |
++ /* If hugetlbfs_put_super couldn't free spool due to |
14100 |
++ * an outstanding quota reference, free it now. */ |
14101 |
++ unlock_or_release_subpool(spool); |
14102 |
++} |
14103 |
++ |
14104 |
++static inline struct hugepage_subpool *subpool_inode(struct inode *inode) |
14105 |
++{ |
14106 |
++ return HUGETLBFS_SB(inode->i_sb)->spool; |
14107 |
++} |
14108 |
++ |
14109 |
++static inline struct hugepage_subpool *subpool_vma(struct vm_area_struct *vma) |
14110 |
++{ |
14111 |
++ return subpool_inode(vma->vm_file->f_dentry->d_inode); |
14112 |
++} |
14113 |
++ |
14114 |
+ /* |
14115 |
+ * Region tracking -- allows tracking of reservations and instantiated pages |
14116 |
+ * across the pages in a mapping. |
14117 |
+@@ -533,9 +611,9 @@ static void free_huge_page(struct page *page) |
14118 |
+ */ |
14119 |
+ struct hstate *h = page_hstate(page); |
14120 |
+ int nid = page_to_nid(page); |
14121 |
+- struct address_space *mapping; |
14122 |
++ struct hugepage_subpool *spool = |
14123 |
++ (struct hugepage_subpool *)page_private(page); |
14124 |
+ |
14125 |
+- mapping = (struct address_space *) page_private(page); |
14126 |
+ set_page_private(page, 0); |
14127 |
+ page->mapping = NULL; |
14128 |
+ BUG_ON(page_count(page)); |
14129 |
+@@ -551,8 +629,7 @@ static void free_huge_page(struct page *page) |
14130 |
+ enqueue_huge_page(h, page); |
14131 |
+ } |
14132 |
+ spin_unlock(&hugetlb_lock); |
14133 |
+- if (mapping) |
14134 |
+- hugetlb_put_quota(mapping, 1); |
14135 |
++ hugepage_subpool_put_pages(spool, 1); |
14136 |
+ } |
14137 |
+ |
14138 |
+ static void prep_new_huge_page(struct hstate *h, struct page *page, int nid) |
14139 |
+@@ -966,11 +1043,12 @@ static void return_unused_surplus_pages(struct hstate *h, |
14140 |
+ /* |
14141 |
+ * Determine if the huge page at addr within the vma has an associated |
14142 |
+ * reservation. Where it does not we will need to logically increase |
14143 |
+- * reservation and actually increase quota before an allocation can occur. |
14144 |
+- * Where any new reservation would be required the reservation change is |
14145 |
+- * prepared, but not committed. Once the page has been quota'd allocated |
14146 |
+- * an instantiated the change should be committed via vma_commit_reservation. |
14147 |
+- * No action is required on failure. |
14148 |
++ * reservation and actually increase subpool usage before an allocation |
14149 |
++ * can occur. Where any new reservation would be required the |
14150 |
++ * reservation change is prepared, but not committed. Once the page |
14151 |
++ * has been allocated from the subpool and instantiated the change should |
14152 |
++ * be committed via vma_commit_reservation. No action is required on |
14153 |
++ * failure. |
14154 |
+ */ |
14155 |
+ static long vma_needs_reservation(struct hstate *h, |
14156 |
+ struct vm_area_struct *vma, unsigned long addr) |
14157 |
+@@ -1019,24 +1097,24 @@ static void vma_commit_reservation(struct hstate *h, |
14158 |
+ static struct page *alloc_huge_page(struct vm_area_struct *vma, |
14159 |
+ unsigned long addr, int avoid_reserve) |
14160 |
+ { |
14161 |
++ struct hugepage_subpool *spool = subpool_vma(vma); |
14162 |
+ struct hstate *h = hstate_vma(vma); |
14163 |
+ struct page *page; |
14164 |
+- struct address_space *mapping = vma->vm_file->f_mapping; |
14165 |
+- struct inode *inode = mapping->host; |
14166 |
+ long chg; |
14167 |
+ |
14168 |
+ /* |
14169 |
+- * Processes that did not create the mapping will have no reserves and |
14170 |
+- * will not have accounted against quota. Check that the quota can be |
14171 |
+- * made before satisfying the allocation |
14172 |
+- * MAP_NORESERVE mappings may also need pages and quota allocated |
14173 |
+- * if no reserve mapping overlaps. |
14174 |
++ * Processes that did not create the mapping will have no |
14175 |
++ * reserves and will not have accounted against subpool |
14176 |
++ * limit. Check that the subpool limit can be made before |
14177 |
++ * satisfying the allocation MAP_NORESERVE mappings may also |
14178 |
++ * need pages and subpool limit allocated allocated if no reserve |
14179 |
++ * mapping overlaps. |
14180 |
+ */ |
14181 |
+ chg = vma_needs_reservation(h, vma, addr); |
14182 |
+ if (chg < 0) |
14183 |
+ return ERR_PTR(-VM_FAULT_OOM); |
14184 |
+ if (chg) |
14185 |
+- if (hugetlb_get_quota(inode->i_mapping, chg)) |
14186 |
++ if (hugepage_subpool_get_pages(spool, chg)) |
14187 |
+ return ERR_PTR(-VM_FAULT_SIGBUS); |
14188 |
+ |
14189 |
+ spin_lock(&hugetlb_lock); |
14190 |
+@@ -1046,12 +1124,12 @@ static struct page *alloc_huge_page(struct vm_area_struct *vma, |
14191 |
+ if (!page) { |
14192 |
+ page = alloc_buddy_huge_page(h, NUMA_NO_NODE); |
14193 |
+ if (!page) { |
14194 |
+- hugetlb_put_quota(inode->i_mapping, chg); |
14195 |
++ hugepage_subpool_put_pages(spool, chg); |
14196 |
+ return ERR_PTR(-VM_FAULT_SIGBUS); |
14197 |
+ } |
14198 |
+ } |
14199 |
+ |
14200 |
+- set_page_private(page, (unsigned long) mapping); |
14201 |
++ set_page_private(page, (unsigned long)spool); |
14202 |
+ |
14203 |
+ vma_commit_reservation(h, vma, addr); |
14204 |
+ |
14205 |
+@@ -2072,6 +2150,7 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma) |
14206 |
+ { |
14207 |
+ struct hstate *h = hstate_vma(vma); |
14208 |
+ struct resv_map *reservations = vma_resv_map(vma); |
14209 |
++ struct hugepage_subpool *spool = subpool_vma(vma); |
14210 |
+ unsigned long reserve; |
14211 |
+ unsigned long start; |
14212 |
+ unsigned long end; |
14213 |
+@@ -2087,7 +2166,7 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma) |
14214 |
+ |
14215 |
+ if (reserve) { |
14216 |
+ hugetlb_acct_memory(h, -reserve); |
14217 |
+- hugetlb_put_quota(vma->vm_file->f_mapping, reserve); |
14218 |
++ hugepage_subpool_put_pages(spool, reserve); |
14219 |
+ } |
14220 |
+ } |
14221 |
+ } |
14222 |
+@@ -2316,7 +2395,7 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
14223 |
+ */ |
14224 |
+ address = address & huge_page_mask(h); |
14225 |
+ pgoff = vma_hugecache_offset(h, vma, address); |
14226 |
+- mapping = (struct address_space *)page_private(page); |
14227 |
++ mapping = vma->vm_file->f_dentry->d_inode->i_mapping; |
14228 |
+ |
14229 |
+ /* |
14230 |
+ * Take the mapping lock for the duration of the table walk. As |
14231 |
+@@ -2871,11 +2950,12 @@ int hugetlb_reserve_pages(struct inode *inode, |
14232 |
+ { |
14233 |
+ long ret, chg; |
14234 |
+ struct hstate *h = hstate_inode(inode); |
14235 |
++ struct hugepage_subpool *spool = subpool_inode(inode); |
14236 |
+ |
14237 |
+ /* |
14238 |
+ * Only apply hugepage reservation if asked. At fault time, an |
14239 |
+ * attempt will be made for VM_NORESERVE to allocate a page |
14240 |
+- * and filesystem quota without using reserves |
14241 |
++ * without using reserves |
14242 |
+ */ |
14243 |
+ if (vm_flags & VM_NORESERVE) |
14244 |
+ return 0; |
14245 |
+@@ -2902,17 +2982,17 @@ int hugetlb_reserve_pages(struct inode *inode, |
14246 |
+ if (chg < 0) |
14247 |
+ return chg; |
14248 |
+ |
14249 |
+- /* There must be enough filesystem quota for the mapping */ |
14250 |
+- if (hugetlb_get_quota(inode->i_mapping, chg)) |
14251 |
++ /* There must be enough pages in the subpool for the mapping */ |
14252 |
++ if (hugepage_subpool_get_pages(spool, chg)) |
14253 |
+ return -ENOSPC; |
14254 |
+ |
14255 |
+ /* |
14256 |
+ * Check enough hugepages are available for the reservation. |
14257 |
+- * Hand back the quota if there are not |
14258 |
++ * Hand the pages back to the subpool if there are not |
14259 |
+ */ |
14260 |
+ ret = hugetlb_acct_memory(h, chg); |
14261 |
+ if (ret < 0) { |
14262 |
+- hugetlb_put_quota(inode->i_mapping, chg); |
14263 |
++ hugepage_subpool_put_pages(spool, chg); |
14264 |
+ return ret; |
14265 |
+ } |
14266 |
+ |
14267 |
+@@ -2936,12 +3016,13 @@ void hugetlb_unreserve_pages(struct inode *inode, long offset, long freed) |
14268 |
+ { |
14269 |
+ struct hstate *h = hstate_inode(inode); |
14270 |
+ long chg = region_truncate(&inode->i_mapping->private_list, offset); |
14271 |
++ struct hugepage_subpool *spool = subpool_inode(inode); |
14272 |
+ |
14273 |
+ spin_lock(&inode->i_lock); |
14274 |
+ inode->i_blocks -= (blocks_per_huge_page(h) * freed); |
14275 |
+ spin_unlock(&inode->i_lock); |
14276 |
+ |
14277 |
+- hugetlb_put_quota(inode->i_mapping, (chg - freed)); |
14278 |
++ hugepage_subpool_put_pages(spool, (chg - freed)); |
14279 |
+ hugetlb_acct_memory(h, -(chg - freed)); |
14280 |
+ } |
14281 |
+ |
14282 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
14283 |
+index 7f72c9c..0336374 100644 |
14284 |
+--- a/net/core/dev.c |
14285 |
++++ b/net/core/dev.c |
14286 |
+@@ -1412,14 +1412,34 @@ EXPORT_SYMBOL(register_netdevice_notifier); |
14287 |
+ * register_netdevice_notifier(). The notifier is unlinked into the |
14288 |
+ * kernel structures and may then be reused. A negative errno code |
14289 |
+ * is returned on a failure. |
14290 |
++ * |
14291 |
++ * After unregistering unregister and down device events are synthesized |
14292 |
++ * for all devices on the device list to the removed notifier to remove |
14293 |
++ * the need for special case cleanup code. |
14294 |
+ */ |
14295 |
+ |
14296 |
+ int unregister_netdevice_notifier(struct notifier_block *nb) |
14297 |
+ { |
14298 |
++ struct net_device *dev; |
14299 |
++ struct net *net; |
14300 |
+ int err; |
14301 |
+ |
14302 |
+ rtnl_lock(); |
14303 |
+ err = raw_notifier_chain_unregister(&netdev_chain, nb); |
14304 |
++ if (err) |
14305 |
++ goto unlock; |
14306 |
++ |
14307 |
++ for_each_net(net) { |
14308 |
++ for_each_netdev(net, dev) { |
14309 |
++ if (dev->flags & IFF_UP) { |
14310 |
++ nb->notifier_call(nb, NETDEV_GOING_DOWN, dev); |
14311 |
++ nb->notifier_call(nb, NETDEV_DOWN, dev); |
14312 |
++ } |
14313 |
++ nb->notifier_call(nb, NETDEV_UNREGISTER, dev); |
14314 |
++ nb->notifier_call(nb, NETDEV_UNREGISTER_BATCH, dev); |
14315 |
++ } |
14316 |
++ } |
14317 |
++unlock: |
14318 |
+ rtnl_unlock(); |
14319 |
+ return err; |
14320 |
+ } |
14321 |
+diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c |
14322 |
+index 8c85021..e2327db 100644 |
14323 |
+--- a/net/ipv4/tcp.c |
14324 |
++++ b/net/ipv4/tcp.c |
14325 |
+@@ -3240,7 +3240,7 @@ void __init tcp_init(void) |
14326 |
+ { |
14327 |
+ struct sk_buff *skb = NULL; |
14328 |
+ unsigned long limit; |
14329 |
+- int max_share, cnt; |
14330 |
++ int max_rshare, max_wshare, cnt; |
14331 |
+ unsigned int i; |
14332 |
+ unsigned long jiffy = jiffies; |
14333 |
+ |
14334 |
+@@ -3300,15 +3300,16 @@ void __init tcp_init(void) |
14335 |
+ tcp_init_mem(&init_net); |
14336 |
+ /* Set per-socket limits to no more than 1/128 the pressure threshold */ |
14337 |
+ limit = nr_free_buffer_pages() << (PAGE_SHIFT - 7); |
14338 |
+- max_share = min(4UL*1024*1024, limit); |
14339 |
++ max_wshare = min(4UL*1024*1024, limit); |
14340 |
++ max_rshare = min(6UL*1024*1024, limit); |
14341 |
+ |
14342 |
+ sysctl_tcp_wmem[0] = SK_MEM_QUANTUM; |
14343 |
+ sysctl_tcp_wmem[1] = 16*1024; |
14344 |
+- sysctl_tcp_wmem[2] = max(64*1024, max_share); |
14345 |
++ sysctl_tcp_wmem[2] = max(64*1024, max_wshare); |
14346 |
+ |
14347 |
+ sysctl_tcp_rmem[0] = SK_MEM_QUANTUM; |
14348 |
+ sysctl_tcp_rmem[1] = 87380; |
14349 |
+- sysctl_tcp_rmem[2] = max(87380, max_share); |
14350 |
++ sysctl_tcp_rmem[2] = max(87380, max_rshare); |
14351 |
+ |
14352 |
+ printk(KERN_INFO "TCP: Hash tables configured " |
14353 |
+ "(established %u bind %u)\n", |
14354 |
+diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
14355 |
+index 1c30511..169f3a6 100644 |
14356 |
+--- a/net/ipv4/tcp_input.c |
14357 |
++++ b/net/ipv4/tcp_input.c |
14358 |
+@@ -83,7 +83,7 @@ int sysctl_tcp_ecn __read_mostly = 2; |
14359 |
+ EXPORT_SYMBOL(sysctl_tcp_ecn); |
14360 |
+ int sysctl_tcp_dsack __read_mostly = 1; |
14361 |
+ int sysctl_tcp_app_win __read_mostly = 31; |
14362 |
+-int sysctl_tcp_adv_win_scale __read_mostly = 2; |
14363 |
++int sysctl_tcp_adv_win_scale __read_mostly = 1; |
14364 |
+ EXPORT_SYMBOL(sysctl_tcp_adv_win_scale); |
14365 |
+ |
14366 |
+ int sysctl_tcp_stdurg __read_mostly; |
14367 |
+@@ -2866,11 +2866,14 @@ static inline void tcp_complete_cwr(struct sock *sk) |
14368 |
+ |
14369 |
+ /* Do not moderate cwnd if it's already undone in cwr or recovery. */ |
14370 |
+ if (tp->undo_marker) { |
14371 |
+- if (inet_csk(sk)->icsk_ca_state == TCP_CA_CWR) |
14372 |
++ if (inet_csk(sk)->icsk_ca_state == TCP_CA_CWR) { |
14373 |
+ tp->snd_cwnd = min(tp->snd_cwnd, tp->snd_ssthresh); |
14374 |
+- else /* PRR */ |
14375 |
++ tp->snd_cwnd_stamp = tcp_time_stamp; |
14376 |
++ } else if (tp->snd_ssthresh < TCP_INFINITE_SSTHRESH) { |
14377 |
++ /* PRR algorithm. */ |
14378 |
+ tp->snd_cwnd = tp->snd_ssthresh; |
14379 |
+- tp->snd_cwnd_stamp = tcp_time_stamp; |
14380 |
++ tp->snd_cwnd_stamp = tcp_time_stamp; |
14381 |
++ } |
14382 |
+ } |
14383 |
+ tcp_ca_event(sk, CA_EVENT_COMPLETE_CWR); |
14384 |
+ } |
14385 |
+diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c |
14386 |
+index 55670ec..2a2a3e7 100644 |
14387 |
+--- a/net/l2tp/l2tp_ip.c |
14388 |
++++ b/net/l2tp/l2tp_ip.c |
14389 |
+@@ -441,8 +441,9 @@ static int l2tp_ip_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *m |
14390 |
+ |
14391 |
+ daddr = lip->l2tp_addr.s_addr; |
14392 |
+ } else { |
14393 |
++ rc = -EDESTADDRREQ; |
14394 |
+ if (sk->sk_state != TCP_ESTABLISHED) |
14395 |
+- return -EDESTADDRREQ; |
14396 |
++ goto out; |
14397 |
+ |
14398 |
+ daddr = inet->inet_daddr; |
14399 |
+ connected = 1; |
14400 |
+diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c |
14401 |
+index 5da548f..ebd2296 100644 |
14402 |
+--- a/net/sched/sch_netem.c |
14403 |
++++ b/net/sched/sch_netem.c |
14404 |
+@@ -408,10 +408,8 @@ static int netem_enqueue(struct sk_buff *skb, struct Qdisc *sch) |
14405 |
+ if (q->corrupt && q->corrupt >= get_crandom(&q->corrupt_cor)) { |
14406 |
+ if (!(skb = skb_unshare(skb, GFP_ATOMIC)) || |
14407 |
+ (skb->ip_summed == CHECKSUM_PARTIAL && |
14408 |
+- skb_checksum_help(skb))) { |
14409 |
+- sch->qstats.drops++; |
14410 |
+- return NET_XMIT_DROP; |
14411 |
+- } |
14412 |
++ skb_checksum_help(skb))) |
14413 |
++ return qdisc_drop(skb, sch); |
14414 |
+ |
14415 |
+ skb->data[net_random() % skb_headlen(skb)] ^= 1<<(net_random() % 8); |
14416 |
+ } |
14417 |
+diff --git a/sound/soc/codecs/tlv320aic23.c b/sound/soc/codecs/tlv320aic23.c |
14418 |
+index dfa41a9..e7de911 100644 |
14419 |
+--- a/sound/soc/codecs/tlv320aic23.c |
14420 |
++++ b/sound/soc/codecs/tlv320aic23.c |
14421 |
+@@ -472,7 +472,7 @@ static int tlv320aic23_set_dai_sysclk(struct snd_soc_dai *codec_dai, |
14422 |
+ static int tlv320aic23_set_bias_level(struct snd_soc_codec *codec, |
14423 |
+ enum snd_soc_bias_level level) |
14424 |
+ { |
14425 |
+- u16 reg = snd_soc_read(codec, TLV320AIC23_PWR) & 0xff7f; |
14426 |
++ u16 reg = snd_soc_read(codec, TLV320AIC23_PWR) & 0x17f; |
14427 |
+ |
14428 |
+ switch (level) { |
14429 |
+ case SND_SOC_BIAS_ON: |
14430 |
+@@ -491,7 +491,7 @@ static int tlv320aic23_set_bias_level(struct snd_soc_codec *codec, |
14431 |
+ case SND_SOC_BIAS_OFF: |
14432 |
+ /* everything off, dac mute, inactive */ |
14433 |
+ snd_soc_write(codec, TLV320AIC23_ACTIVE, 0x0); |
14434 |
+- snd_soc_write(codec, TLV320AIC23_PWR, 0xffff); |
14435 |
++ snd_soc_write(codec, TLV320AIC23_PWR, 0x1ff); |
14436 |
+ break; |
14437 |
+ } |
14438 |
+ codec->dapm.bias_level = level; |
14439 |
+diff --git a/sound/soc/soc-core.c b/sound/soc/soc-core.c |
14440 |
+index 92cee24..48e91cd 100644 |
14441 |
+--- a/sound/soc/soc-core.c |
14442 |
++++ b/sound/soc/soc-core.c |
14443 |
+@@ -3420,10 +3420,10 @@ int snd_soc_of_parse_audio_routing(struct snd_soc_card *card, |
14444 |
+ int i, ret; |
14445 |
+ |
14446 |
+ num_routes = of_property_count_strings(np, propname); |
14447 |
+- if (num_routes & 1) { |
14448 |
++ if (num_routes < 0 || num_routes & 1) { |
14449 |
+ dev_err(card->dev, |
14450 |
+- "Property '%s's length is not even\n", |
14451 |
+- propname); |
14452 |
++ "Property '%s' does not exist or its length is not even\n", |
14453 |
++ propname); |
14454 |
+ return -EINVAL; |
14455 |
+ } |
14456 |
+ num_routes /= 2; |
14457 |
+diff --git a/virt/kvm/iommu.c b/virt/kvm/iommu.c |
14458 |
+index fec1723..e9fff98 100644 |
14459 |
+--- a/virt/kvm/iommu.c |
14460 |
++++ b/virt/kvm/iommu.c |
14461 |
+@@ -240,9 +240,13 @@ int kvm_iommu_map_guest(struct kvm *kvm) |
14462 |
+ return -ENODEV; |
14463 |
+ } |
14464 |
+ |
14465 |
++ mutex_lock(&kvm->slots_lock); |
14466 |
++ |
14467 |
+ kvm->arch.iommu_domain = iommu_domain_alloc(&pci_bus_type); |
14468 |
+- if (!kvm->arch.iommu_domain) |
14469 |
+- return -ENOMEM; |
14470 |
++ if (!kvm->arch.iommu_domain) { |
14471 |
++ r = -ENOMEM; |
14472 |
++ goto out_unlock; |
14473 |
++ } |
14474 |
+ |
14475 |
+ if (!allow_unsafe_assigned_interrupts && |
14476 |
+ !iommu_domain_has_cap(kvm->arch.iommu_domain, |
14477 |
+@@ -253,17 +257,16 @@ int kvm_iommu_map_guest(struct kvm *kvm) |
14478 |
+ " module option.\n", __func__); |
14479 |
+ iommu_domain_free(kvm->arch.iommu_domain); |
14480 |
+ kvm->arch.iommu_domain = NULL; |
14481 |
+- return -EPERM; |
14482 |
++ r = -EPERM; |
14483 |
++ goto out_unlock; |
14484 |
+ } |
14485 |
+ |
14486 |
+ r = kvm_iommu_map_memslots(kvm); |
14487 |
+ if (r) |
14488 |
+- goto out_unmap; |
14489 |
+- |
14490 |
+- return 0; |
14491 |
++ kvm_iommu_unmap_memslots(kvm); |
14492 |
+ |
14493 |
+-out_unmap: |
14494 |
+- kvm_iommu_unmap_memslots(kvm); |
14495 |
++out_unlock: |
14496 |
++ mutex_unlock(&kvm->slots_lock); |
14497 |
+ return r; |
14498 |
+ } |
14499 |
+ |
14500 |
+@@ -340,7 +343,11 @@ int kvm_iommu_unmap_guest(struct kvm *kvm) |
14501 |
+ if (!domain) |
14502 |
+ return 0; |
14503 |
+ |
14504 |
++ mutex_lock(&kvm->slots_lock); |
14505 |
+ kvm_iommu_unmap_memslots(kvm); |
14506 |
++ kvm->arch.iommu_domain = NULL; |
14507 |
++ mutex_unlock(&kvm->slots_lock); |
14508 |
++ |
14509 |
+ iommu_domain_free(domain); |
14510 |
+ return 0; |
14511 |
+ } |
14512 |
+diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
14513 |
+index c4ac57e..7858228 100644 |
14514 |
+--- a/virt/kvm/kvm_main.c |
14515 |
++++ b/virt/kvm/kvm_main.c |
14516 |
+@@ -289,15 +289,15 @@ static void kvm_mmu_notifier_invalidate_page(struct mmu_notifier *mn, |
14517 |
+ */ |
14518 |
+ idx = srcu_read_lock(&kvm->srcu); |
14519 |
+ spin_lock(&kvm->mmu_lock); |
14520 |
++ |
14521 |
+ kvm->mmu_notifier_seq++; |
14522 |
+ need_tlb_flush = kvm_unmap_hva(kvm, address) | kvm->tlbs_dirty; |
14523 |
+- spin_unlock(&kvm->mmu_lock); |
14524 |
+- srcu_read_unlock(&kvm->srcu, idx); |
14525 |
+- |
14526 |
+ /* we've to flush the tlb before the pages can be freed */ |
14527 |
+ if (need_tlb_flush) |
14528 |
+ kvm_flush_remote_tlbs(kvm); |
14529 |
+ |
14530 |
++ spin_unlock(&kvm->mmu_lock); |
14531 |
++ srcu_read_unlock(&kvm->srcu, idx); |
14532 |
+ } |
14533 |
+ |
14534 |
+ static void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn, |
14535 |
+@@ -335,12 +335,12 @@ static void kvm_mmu_notifier_invalidate_range_start(struct mmu_notifier *mn, |
14536 |
+ for (; start < end; start += PAGE_SIZE) |
14537 |
+ need_tlb_flush |= kvm_unmap_hva(kvm, start); |
14538 |
+ need_tlb_flush |= kvm->tlbs_dirty; |
14539 |
+- spin_unlock(&kvm->mmu_lock); |
14540 |
+- srcu_read_unlock(&kvm->srcu, idx); |
14541 |
+- |
14542 |
+ /* we've to flush the tlb before the pages can be freed */ |
14543 |
+ if (need_tlb_flush) |
14544 |
+ kvm_flush_remote_tlbs(kvm); |
14545 |
++ |
14546 |
++ spin_unlock(&kvm->mmu_lock); |
14547 |
++ srcu_read_unlock(&kvm->srcu, idx); |
14548 |
+ } |
14549 |
+ |
14550 |
+ static void kvm_mmu_notifier_invalidate_range_end(struct mmu_notifier *mn, |
14551 |
+@@ -378,13 +378,14 @@ static int kvm_mmu_notifier_clear_flush_young(struct mmu_notifier *mn, |
14552 |
+ |
14553 |
+ idx = srcu_read_lock(&kvm->srcu); |
14554 |
+ spin_lock(&kvm->mmu_lock); |
14555 |
+- young = kvm_age_hva(kvm, address); |
14556 |
+- spin_unlock(&kvm->mmu_lock); |
14557 |
+- srcu_read_unlock(&kvm->srcu, idx); |
14558 |
+ |
14559 |
++ young = kvm_age_hva(kvm, address); |
14560 |
+ if (young) |
14561 |
+ kvm_flush_remote_tlbs(kvm); |
14562 |
+ |
14563 |
++ spin_unlock(&kvm->mmu_lock); |
14564 |
++ srcu_read_unlock(&kvm->srcu, idx); |
14565 |
++ |
14566 |
+ return young; |
14567 |
+ } |
14568 |
+ |
14569 |
+@@ -1719,6 +1720,10 @@ static int kvm_vm_ioctl_create_vcpu(struct kvm *kvm, u32 id) |
14570 |
+ goto vcpu_destroy; |
14571 |
+ |
14572 |
+ mutex_lock(&kvm->lock); |
14573 |
++ if (!kvm_vcpu_compatible(vcpu)) { |
14574 |
++ r = -EINVAL; |
14575 |
++ goto unlock_vcpu_destroy; |
14576 |
++ } |
14577 |
+ if (atomic_read(&kvm->online_vcpus) == KVM_MAX_VCPUS) { |
14578 |
+ r = -EINVAL; |
14579 |
+ goto unlock_vcpu_destroy; |
14580 |
|
14581 |
diff --git a/3.3.5/4420_grsecurity-2.9-3.3.5-201205071839.patch b/3.3.6/4420_grsecurity-2.9-3.3.6-201205131658.patch |
14582 |
similarity index 99% |
14583 |
rename from 3.3.5/4420_grsecurity-2.9-3.3.5-201205071839.patch |
14584 |
rename to 3.3.6/4420_grsecurity-2.9-3.3.6-201205131658.patch |
14585 |
index 222eccd..0bad506 100644 |
14586 |
--- a/3.3.5/4420_grsecurity-2.9-3.3.5-201205071839.patch |
14587 |
+++ b/3.3.6/4420_grsecurity-2.9-3.3.6-201205131658.patch |
14588 |
@@ -195,7 +195,7 @@ index d99fd9c..8689fef 100644 |
14589 |
|
14590 |
pcd. [PARIDE] |
14591 |
diff --git a/Makefile b/Makefile |
14592 |
-index 64615e9..64d72ce 100644 |
14593 |
+index 9cd6941..92e68ff 100644 |
14594 |
--- a/Makefile |
14595 |
+++ b/Makefile |
14596 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
14597 |
@@ -1457,6 +1457,36 @@ index e4c96cc..1145653 100644 |
14598 |
#endif /* __ASSEMBLY__ */ |
14599 |
|
14600 |
#define arch_align_stack(x) (x) |
14601 |
+diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h |
14602 |
+index d4c24d4..4ac53e8 100644 |
14603 |
+--- a/arch/arm/include/asm/thread_info.h |
14604 |
++++ b/arch/arm/include/asm/thread_info.h |
14605 |
+@@ -141,6 +141,12 @@ extern void vfp_flush_hwstate(struct thread_info *); |
14606 |
+ #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ |
14607 |
+ #define TIF_SYSCALL_TRACE 8 |
14608 |
+ #define TIF_SYSCALL_AUDIT 9 |
14609 |
++ |
14610 |
++/* within 8 bits of TIF_SYSCALL_TRACE |
14611 |
++ to meet flexible second operand requirements |
14612 |
++*/ |
14613 |
++#define TIF_GRSEC_SETXID 10 |
14614 |
++ |
14615 |
+ #define TIF_POLLING_NRFLAG 16 |
14616 |
+ #define TIF_USING_IWMMXT 17 |
14617 |
+ #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ |
14618 |
+@@ -156,9 +162,11 @@ extern void vfp_flush_hwstate(struct thread_info *); |
14619 |
+ #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) |
14620 |
+ #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) |
14621 |
+ #define _TIF_SECCOMP (1 << TIF_SECCOMP) |
14622 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
14623 |
+ |
14624 |
+ /* Checks for any syscall work in entry-common.S */ |
14625 |
+-#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT) |
14626 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ |
14627 |
++ _TIF_GRSEC_SETXID) |
14628 |
+ |
14629 |
+ /* |
14630 |
+ * Change these and you break ASM code in entry-common.S |
14631 |
diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h |
14632 |
index 2958976..12ccac4 100644 |
14633 |
--- a/arch/arm/include/asm/uaccess.h |
14634 |
@@ -1568,6 +1598,30 @@ index 971d65c..cc936fb 100644 |
14635 |
#ifdef CONFIG_MMU |
14636 |
/* |
14637 |
* The vectors page is always readable from user space for the |
14638 |
+diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c |
14639 |
+index f5ce8ab..4b73893 100644 |
14640 |
+--- a/arch/arm/kernel/ptrace.c |
14641 |
++++ b/arch/arm/kernel/ptrace.c |
14642 |
+@@ -905,10 +905,19 @@ long arch_ptrace(struct task_struct *child, long request, |
14643 |
+ return ret; |
14644 |
+ } |
14645 |
+ |
14646 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14647 |
++extern void gr_delayed_cred_worker(void); |
14648 |
++#endif |
14649 |
++ |
14650 |
+ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) |
14651 |
+ { |
14652 |
+ unsigned long ip; |
14653 |
+ |
14654 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14655 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14656 |
++ gr_delayed_cred_worker(); |
14657 |
++#endif |
14658 |
++ |
14659 |
+ if (why) |
14660 |
+ audit_syscall_exit(regs); |
14661 |
+ else |
14662 |
diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c |
14663 |
index a255c39..4a19b25 100644 |
14664 |
--- a/arch/arm/kernel/setup.c |
14665 |
@@ -2791,6 +2845,40 @@ index 6018c80..7c37203 100644 |
14666 |
+#define arch_align_stack(x) ((x) & ~0xfUL) |
14667 |
|
14668 |
#endif /* _ASM_SYSTEM_H */ |
14669 |
+diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h |
14670 |
+index 0d85d8e..ec71487 100644 |
14671 |
+--- a/arch/mips/include/asm/thread_info.h |
14672 |
++++ b/arch/mips/include/asm/thread_info.h |
14673 |
+@@ -123,6 +123,8 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
14674 |
+ #define TIF_32BIT_ADDR 23 /* 32-bit address space (o32/n32) */ |
14675 |
+ #define TIF_FPUBOUND 24 /* thread bound to FPU-full CPU set */ |
14676 |
+ #define TIF_LOAD_WATCH 25 /* If set, load watch registers */ |
14677 |
++/* li takes a 32bit immediate */ |
14678 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
14679 |
+ #define TIF_SYSCALL_TRACE 31 /* syscall trace active */ |
14680 |
+ |
14681 |
+ #ifdef CONFIG_MIPS32_O32 |
14682 |
+@@ -146,15 +148,18 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
14683 |
+ #define _TIF_32BIT_ADDR (1<<TIF_32BIT_ADDR) |
14684 |
+ #define _TIF_FPUBOUND (1<<TIF_FPUBOUND) |
14685 |
+ #define _TIF_LOAD_WATCH (1<<TIF_LOAD_WATCH) |
14686 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
14687 |
++ |
14688 |
++#define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_GRSEC_SETXID) |
14689 |
+ |
14690 |
+ /* work to do in syscall_trace_leave() */ |
14691 |
+-#define _TIF_WORK_SYSCALL_EXIT (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT) |
14692 |
++#define _TIF_WORK_SYSCALL_EXIT (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_GRSEC_SETXID) |
14693 |
+ |
14694 |
+ /* work to do on interrupt/exception return */ |
14695 |
+ #define _TIF_WORK_MASK (0x0000ffef & \ |
14696 |
+ ~(_TIF_SECCOMP | _TIF_SYSCALL_AUDIT)) |
14697 |
+ /* work to do on any return to u-space */ |
14698 |
+-#define _TIF_ALLWORK_MASK (0x8000ffff & ~_TIF_SECCOMP) |
14699 |
++#define _TIF_ALLWORK_MASK ((0x8000ffff & ~_TIF_SECCOMP) | _TIF_GRSEC_SETXID) |
14700 |
+ |
14701 |
+ #endif /* __KERNEL__ */ |
14702 |
+ |
14703 |
diff --git a/arch/mips/kernel/binfmt_elfn32.c b/arch/mips/kernel/binfmt_elfn32.c |
14704 |
index 9fdd8bc..4bd7f1a 100644 |
14705 |
--- a/arch/mips/kernel/binfmt_elfn32.c |
14706 |
@@ -2847,6 +2935,85 @@ index 7955409..ceaea7c 100644 |
14707 |
- |
14708 |
- return sp & ALMASK; |
14709 |
-} |
14710 |
+diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c |
14711 |
+index 7786b60..3e38c72 100644 |
14712 |
+--- a/arch/mips/kernel/ptrace.c |
14713 |
++++ b/arch/mips/kernel/ptrace.c |
14714 |
+@@ -529,6 +529,10 @@ static inline int audit_arch(void) |
14715 |
+ return arch; |
14716 |
+ } |
14717 |
+ |
14718 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14719 |
++extern void gr_delayed_cred_worker(void); |
14720 |
++#endif |
14721 |
++ |
14722 |
+ /* |
14723 |
+ * Notification of system call entry/exit |
14724 |
+ * - triggered by current->work.syscall_trace |
14725 |
+@@ -538,6 +542,11 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) |
14726 |
+ /* do the secure computing check first */ |
14727 |
+ secure_computing(regs->regs[2]); |
14728 |
+ |
14729 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14730 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14731 |
++ gr_delayed_cred_worker(); |
14732 |
++#endif |
14733 |
++ |
14734 |
+ if (!(current->ptrace & PT_PTRACED)) |
14735 |
+ goto out; |
14736 |
+ |
14737 |
+diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S |
14738 |
+index a632bc1..0b77c7c 100644 |
14739 |
+--- a/arch/mips/kernel/scall32-o32.S |
14740 |
++++ b/arch/mips/kernel/scall32-o32.S |
14741 |
+@@ -52,7 +52,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
14742 |
+ |
14743 |
+ stack_done: |
14744 |
+ lw t0, TI_FLAGS($28) # syscall tracing enabled? |
14745 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
14746 |
++ li t1, _TIF_SYSCALL_WORK |
14747 |
+ and t0, t1 |
14748 |
+ bnez t0, syscall_trace_entry # -> yes |
14749 |
+ |
14750 |
+diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S |
14751 |
+index 3b5a5e9..e1ee86d 100644 |
14752 |
+--- a/arch/mips/kernel/scall64-64.S |
14753 |
++++ b/arch/mips/kernel/scall64-64.S |
14754 |
+@@ -54,7 +54,7 @@ NESTED(handle_sys64, PT_SIZE, sp) |
14755 |
+ |
14756 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
14757 |
+ |
14758 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
14759 |
++ li t1, _TIF_SYSCALL_WORK |
14760 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
14761 |
+ and t0, t1, t0 |
14762 |
+ bnez t0, syscall_trace_entry |
14763 |
+diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S |
14764 |
+index 6be6f70..1859577 100644 |
14765 |
+--- a/arch/mips/kernel/scall64-n32.S |
14766 |
++++ b/arch/mips/kernel/scall64-n32.S |
14767 |
+@@ -53,7 +53,7 @@ NESTED(handle_sysn32, PT_SIZE, sp) |
14768 |
+ |
14769 |
+ sd a3, PT_R26(sp) # save a3 for syscall restarting |
14770 |
+ |
14771 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
14772 |
++ li t1, _TIF_SYSCALL_WORK |
14773 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
14774 |
+ and t0, t1, t0 |
14775 |
+ bnez t0, n32_syscall_trace_entry |
14776 |
+diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S |
14777 |
+index 5422855..74e63a3 100644 |
14778 |
+--- a/arch/mips/kernel/scall64-o32.S |
14779 |
++++ b/arch/mips/kernel/scall64-o32.S |
14780 |
+@@ -81,7 +81,7 @@ NESTED(handle_sys, PT_SIZE, sp) |
14781 |
+ PTR 4b, bad_stack |
14782 |
+ .previous |
14783 |
+ |
14784 |
+- li t1, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT |
14785 |
++ li t1, _TIF_SYSCALL_WORK |
14786 |
+ LONG_L t0, TI_FLAGS($28) # syscall tracing enabled? |
14787 |
+ and t0, t1, t0 |
14788 |
+ bnez t0, trace_a_syscall |
14789 |
diff --git a/arch/mips/mm/fault.c b/arch/mips/mm/fault.c |
14790 |
index 69ebd58..e4bff83 100644 |
14791 |
--- a/arch/mips/mm/fault.c |
14792 |
@@ -3689,6 +3856,40 @@ index c377457..3c69fbc 100644 |
14793 |
|
14794 |
/* Used in very early kernel initialization. */ |
14795 |
extern unsigned long reloc_offset(void); |
14796 |
+diff --git a/arch/powerpc/include/asm/thread_info.h b/arch/powerpc/include/asm/thread_info.h |
14797 |
+index 96471494..60ed5a2 100644 |
14798 |
+--- a/arch/powerpc/include/asm/thread_info.h |
14799 |
++++ b/arch/powerpc/include/asm/thread_info.h |
14800 |
+@@ -104,13 +104,15 @@ static inline struct thread_info *current_thread_info(void) |
14801 |
+ #define TIF_PERFMON_CTXSW 6 /* perfmon needs ctxsw calls */ |
14802 |
+ #define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */ |
14803 |
+ #define TIF_SINGLESTEP 8 /* singlestepping active */ |
14804 |
+-#define TIF_MEMDIE 9 /* is terminating due to OOM killer */ |
14805 |
+ #define TIF_SECCOMP 10 /* secure computing */ |
14806 |
+ #define TIF_RESTOREALL 11 /* Restore all regs (implies NOERROR) */ |
14807 |
+ #define TIF_NOERROR 12 /* Force successful syscall return */ |
14808 |
+ #define TIF_NOTIFY_RESUME 13 /* callback before returning to user */ |
14809 |
+ #define TIF_SYSCALL_TRACEPOINT 15 /* syscall tracepoint instrumentation */ |
14810 |
+ #define TIF_RUNLATCH 16 /* Is the runlatch enabled? */ |
14811 |
++#define TIF_MEMDIE 17 /* is terminating due to OOM killer */ |
14812 |
++/* mask must be expressable within 16 bits to satisfy 'andi' instruction reqs */ |
14813 |
++#define TIF_GRSEC_SETXID 9 /* update credentials on syscall entry/exit */ |
14814 |
+ |
14815 |
+ /* as above, but as bit values */ |
14816 |
+ #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) |
14817 |
+@@ -128,8 +130,11 @@ static inline struct thread_info *current_thread_info(void) |
14818 |
+ #define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME) |
14819 |
+ #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) |
14820 |
+ #define _TIF_RUNLATCH (1<<TIF_RUNLATCH) |
14821 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
14822 |
++ |
14823 |
+ #define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | \ |
14824 |
+- _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT) |
14825 |
++ _TIF_SECCOMP | _TIF_SYSCALL_TRACEPOINT \ |
14826 |
++ _TIF_GRSEC_SETXID) |
14827 |
+ |
14828 |
+ #define _TIF_USER_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \ |
14829 |
+ _TIF_NOTIFY_RESUME) |
14830 |
diff --git a/arch/powerpc/include/asm/uaccess.h b/arch/powerpc/include/asm/uaccess.h |
14831 |
index bd0fb84..a42a14b 100644 |
14832 |
--- a/arch/powerpc/include/asm/uaccess.h |
14833 |
@@ -4065,6 +4266,45 @@ index d817ab0..b23b18e 100644 |
14834 |
- |
14835 |
- return ret; |
14836 |
-} |
14837 |
+diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c |
14838 |
+index 5b43325..94a5bb4 100644 |
14839 |
+--- a/arch/powerpc/kernel/ptrace.c |
14840 |
++++ b/arch/powerpc/kernel/ptrace.c |
14841 |
+@@ -1702,6 +1702,10 @@ long arch_ptrace(struct task_struct *child, long request, |
14842 |
+ return ret; |
14843 |
+ } |
14844 |
+ |
14845 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14846 |
++extern void gr_delayed_cred_worker(void); |
14847 |
++#endif |
14848 |
++ |
14849 |
+ /* |
14850 |
+ * We must return the syscall number to actually look up in the table. |
14851 |
+ * This can be -1L to skip running any syscall at all. |
14852 |
+@@ -1712,6 +1716,11 @@ long do_syscall_trace_enter(struct pt_regs *regs) |
14853 |
+ |
14854 |
+ secure_computing(regs->gpr[0]); |
14855 |
+ |
14856 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14857 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14858 |
++ gr_delayed_cred_worker(); |
14859 |
++#endif |
14860 |
++ |
14861 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE) && |
14862 |
+ tracehook_report_syscall_entry(regs)) |
14863 |
+ /* |
14864 |
+@@ -1746,6 +1755,11 @@ void do_syscall_trace_leave(struct pt_regs *regs) |
14865 |
+ { |
14866 |
+ int step; |
14867 |
+ |
14868 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14869 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14870 |
++ gr_delayed_cred_worker(); |
14871 |
++#endif |
14872 |
++ |
14873 |
+ audit_syscall_exit(regs); |
14874 |
+ |
14875 |
+ if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
14876 |
diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c |
14877 |
index 836a5a1..27289a3 100644 |
14878 |
--- a/arch/powerpc/kernel/signal_32.c |
14879 |
@@ -5253,7 +5493,7 @@ index c2a1080..21ed218 100644 |
14880 |
|
14881 |
/* |
14882 |
diff --git a/arch/sparc/include/asm/thread_info_64.h b/arch/sparc/include/asm/thread_info_64.h |
14883 |
-index 01d057f..0a02f7e 100644 |
14884 |
+index 01d057f..13a7d2f 100644 |
14885 |
--- a/arch/sparc/include/asm/thread_info_64.h |
14886 |
+++ b/arch/sparc/include/asm/thread_info_64.h |
14887 |
@@ -63,6 +63,8 @@ struct thread_info { |
14888 |
@@ -5265,6 +5505,38 @@ index 01d057f..0a02f7e 100644 |
14889 |
unsigned long fpregs[0] __attribute__ ((aligned(64))); |
14890 |
}; |
14891 |
|
14892 |
+@@ -214,10 +216,11 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
14893 |
+ #define TIF_UNALIGNED 5 /* allowed to do unaligned accesses */ |
14894 |
+ /* flag bit 6 is available */ |
14895 |
+ #define TIF_32BIT 7 /* 32-bit binary */ |
14896 |
+-/* flag bit 8 is available */ |
14897 |
++#define TIF_GRSEC_SETXID 8 /* update credentials on syscall entry/exit */ |
14898 |
+ #define TIF_SECCOMP 9 /* secure computing */ |
14899 |
+ #define TIF_SYSCALL_AUDIT 10 /* syscall auditing active */ |
14900 |
+ #define TIF_SYSCALL_TRACEPOINT 11 /* syscall tracepoint instrumentation */ |
14901 |
++ |
14902 |
+ /* NOTE: Thread flags >= 12 should be ones we have no interest |
14903 |
+ * in using in assembly, else we can't use the mask as |
14904 |
+ * an immediate value in instructions such as andcc. |
14905 |
+@@ -236,12 +239,18 @@ register struct thread_info *current_thread_info_reg asm("g6"); |
14906 |
+ #define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT) |
14907 |
+ #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) |
14908 |
+ #define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) |
14909 |
++#define _TIF_GRSEC_SETXID (1<<TIF_GRSEC_SETXID) |
14910 |
+ |
14911 |
+ #define _TIF_USER_WORK_MASK ((0xff << TI_FLAG_WSAVED_SHIFT) | \ |
14912 |
+ _TIF_DO_NOTIFY_RESUME_MASK | \ |
14913 |
+ _TIF_NEED_RESCHED) |
14914 |
+ #define _TIF_DO_NOTIFY_RESUME_MASK (_TIF_NOTIFY_RESUME | _TIF_SIGPENDING) |
14915 |
+ |
14916 |
++#define _TIF_WORK_SYSCALL \ |
14917 |
++ (_TIF_SYSCALL_TRACE | _TIF_SECCOMP | _TIF_SYSCALL_AUDIT | \ |
14918 |
++ _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
14919 |
++ |
14920 |
++ |
14921 |
+ /* |
14922 |
+ * Thread-synchronous status. |
14923 |
+ * |
14924 |
diff --git a/arch/sparc/include/asm/uaccess.h b/arch/sparc/include/asm/uaccess.h |
14925 |
index e88fbe5..96b0ce5 100644 |
14926 |
--- a/arch/sparc/include/asm/uaccess.h |
14927 |
@@ -5475,6 +5747,45 @@ index 39d8b05..d1a7d90 100644 |
14928 |
(void *) gp->tpc, |
14929 |
(void *) gp->o7, |
14930 |
(void *) gp->i7, |
14931 |
+diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c |
14932 |
+index 9388844..0075fd2 100644 |
14933 |
+--- a/arch/sparc/kernel/ptrace_64.c |
14934 |
++++ b/arch/sparc/kernel/ptrace_64.c |
14935 |
+@@ -1058,6 +1058,10 @@ long arch_ptrace(struct task_struct *child, long request, |
14936 |
+ return ret; |
14937 |
+ } |
14938 |
+ |
14939 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14940 |
++extern void gr_delayed_cred_worker(void); |
14941 |
++#endif |
14942 |
++ |
14943 |
+ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
14944 |
+ { |
14945 |
+ int ret = 0; |
14946 |
+@@ -1065,6 +1069,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
14947 |
+ /* do the secure computing check first */ |
14948 |
+ secure_computing(regs->u_regs[UREG_G1]); |
14949 |
+ |
14950 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14951 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14952 |
++ gr_delayed_cred_worker(); |
14953 |
++#endif |
14954 |
++ |
14955 |
+ if (test_thread_flag(TIF_SYSCALL_TRACE)) |
14956 |
+ ret = tracehook_report_syscall_entry(regs); |
14957 |
+ |
14958 |
+@@ -1085,6 +1094,11 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) |
14959 |
+ |
14960 |
+ asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
14961 |
+ { |
14962 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
14963 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
14964 |
++ gr_delayed_cred_worker(); |
14965 |
++#endif |
14966 |
++ |
14967 |
+ audit_syscall_exit(regs); |
14968 |
+ |
14969 |
+ if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
14970 |
diff --git a/arch/sparc/kernel/sys_sparc_32.c b/arch/sparc/kernel/sys_sparc_32.c |
14971 |
index 42b282f..28ce9f2 100644 |
14972 |
--- a/arch/sparc/kernel/sys_sparc_32.c |
14973 |
@@ -5648,6 +5959,55 @@ index 232df99..cee1f9c 100644 |
14974 |
mm->get_unmapped_area = arch_get_unmapped_area_topdown; |
14975 |
mm->unmap_area = arch_unmap_area_topdown; |
14976 |
} |
14977 |
+diff --git a/arch/sparc/kernel/syscalls.S b/arch/sparc/kernel/syscalls.S |
14978 |
+index 1d7e274..b39c527 100644 |
14979 |
+--- a/arch/sparc/kernel/syscalls.S |
14980 |
++++ b/arch/sparc/kernel/syscalls.S |
14981 |
+@@ -62,7 +62,7 @@ sys32_rt_sigreturn: |
14982 |
+ #endif |
14983 |
+ .align 32 |
14984 |
+ 1: ldx [%g6 + TI_FLAGS], %l5 |
14985 |
+- andcc %l5, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
14986 |
++ andcc %l5, _TIF_WORK_SYSCALL, %g0 |
14987 |
+ be,pt %icc, rtrap |
14988 |
+ nop |
14989 |
+ call syscall_trace_leave |
14990 |
+@@ -179,7 +179,7 @@ linux_sparc_syscall32: |
14991 |
+ |
14992 |
+ srl %i5, 0, %o5 ! IEU1 |
14993 |
+ srl %i2, 0, %o2 ! IEU0 Group |
14994 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
14995 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
14996 |
+ bne,pn %icc, linux_syscall_trace32 ! CTI |
14997 |
+ mov %i0, %l5 ! IEU1 |
14998 |
+ call %l7 ! CTI Group brk forced |
14999 |
+@@ -202,7 +202,7 @@ linux_sparc_syscall: |
15000 |
+ |
15001 |
+ mov %i3, %o3 ! IEU1 |
15002 |
+ mov %i4, %o4 ! IEU0 Group |
15003 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %g0 |
15004 |
++ andcc %l0, _TIF_WORK_SYSCALL, %g0 |
15005 |
+ bne,pn %icc, linux_syscall_trace ! CTI Group |
15006 |
+ mov %i0, %l5 ! IEU0 |
15007 |
+ 2: call %l7 ! CTI Group brk forced |
15008 |
+@@ -226,7 +226,7 @@ ret_sys_call: |
15009 |
+ |
15010 |
+ cmp %o0, -ERESTART_RESTARTBLOCK |
15011 |
+ bgeu,pn %xcc, 1f |
15012 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %l6 |
15013 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
15014 |
+ 80: |
15015 |
+ /* System call success, clear Carry condition code. */ |
15016 |
+ andn %g3, %g2, %g3 |
15017 |
+@@ -241,7 +241,7 @@ ret_sys_call: |
15018 |
+ /* System call failure, set Carry condition code. |
15019 |
+ * Also, get abs(errno) to return to the process. |
15020 |
+ */ |
15021 |
+- andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT|_TIF_SYSCALL_TRACEPOINT), %l6 |
15022 |
++ andcc %l0, _TIF_WORK_SYSCALL, %l6 |
15023 |
+ sub %g0, %o0, %o0 |
15024 |
+ or %g3, %g2, %g3 |
15025 |
+ stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] |
15026 |
diff --git a/arch/sparc/kernel/traps_32.c b/arch/sparc/kernel/traps_32.c |
15027 |
index 591f20c..0f1b925 100644 |
15028 |
--- a/arch/sparc/kernel/traps_32.c |
15029 |
@@ -7519,7 +7879,7 @@ index 7116dcb..d9ae1d7 100644 |
15030 |
#endif |
15031 |
|
15032 |
diff --git a/arch/x86/boot/compressed/relocs.c b/arch/x86/boot/compressed/relocs.c |
15033 |
-index 89bbf4e..869908e 100644 |
15034 |
+index e77f4e4..17e511f 100644 |
15035 |
--- a/arch/x86/boot/compressed/relocs.c |
15036 |
+++ b/arch/x86/boot/compressed/relocs.c |
15037 |
@@ -13,8 +13,11 @@ |
15038 |
@@ -7624,7 +7984,7 @@ index 89bbf4e..869908e 100644 |
15039 |
rel->r_info = elf32_to_cpu(rel->r_info); |
15040 |
} |
15041 |
} |
15042 |
-@@ -396,14 +440,14 @@ static void read_relocs(FILE *fp) |
15043 |
+@@ -396,13 +440,13 @@ static void read_relocs(FILE *fp) |
15044 |
|
15045 |
static void print_absolute_symbols(void) |
15046 |
{ |
15047 |
@@ -7635,13 +7995,12 @@ index 89bbf4e..869908e 100644 |
15048 |
for (i = 0; i < ehdr.e_shnum; i++) { |
15049 |
struct section *sec = &secs[i]; |
15050 |
char *sym_strtab; |
15051 |
- Elf32_Sym *sh_symtab; |
15052 |
- int j; |
15053 |
+ unsigned int j; |
15054 |
|
15055 |
if (sec->shdr.sh_type != SHT_SYMTAB) { |
15056 |
continue; |
15057 |
-@@ -431,14 +475,14 @@ static void print_absolute_symbols(void) |
15058 |
+@@ -429,14 +473,14 @@ static void print_absolute_symbols(void) |
15059 |
|
15060 |
static void print_absolute_relocs(void) |
15061 |
{ |
15062 |
@@ -7658,7 +8017,7 @@ index 89bbf4e..869908e 100644 |
15063 |
if (sec->shdr.sh_type != SHT_REL) { |
15064 |
continue; |
15065 |
} |
15066 |
-@@ -499,13 +543,13 @@ static void print_absolute_relocs(void) |
15067 |
+@@ -497,13 +541,13 @@ static void print_absolute_relocs(void) |
15068 |
|
15069 |
static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
15070 |
{ |
15071 |
@@ -7674,7 +8033,7 @@ index 89bbf4e..869908e 100644 |
15072 |
struct section *sec = &secs[i]; |
15073 |
|
15074 |
if (sec->shdr.sh_type != SHT_REL) { |
15075 |
-@@ -530,6 +574,22 @@ static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
15076 |
+@@ -528,6 +572,22 @@ static void walk_relocs(void (*visit)(Elf32_Rel *rel, Elf32_Sym *sym)) |
15077 |
!is_rel_reloc(sym_name(sym_strtab, sym))) { |
15078 |
continue; |
15079 |
} |
15080 |
@@ -7697,7 +8056,7 @@ index 89bbf4e..869908e 100644 |
15081 |
switch (r_type) { |
15082 |
case R_386_NONE: |
15083 |
case R_386_PC32: |
15084 |
-@@ -571,7 +631,7 @@ static int cmp_relocs(const void *va, const void *vb) |
15085 |
+@@ -569,7 +629,7 @@ static int cmp_relocs(const void *va, const void *vb) |
15086 |
|
15087 |
static void emit_relocs(int as_text) |
15088 |
{ |
15089 |
@@ -7706,7 +8065,7 @@ index 89bbf4e..869908e 100644 |
15090 |
/* Count how many relocations I have and allocate space for them. */ |
15091 |
reloc_count = 0; |
15092 |
walk_relocs(count_reloc); |
15093 |
-@@ -665,6 +725,7 @@ int main(int argc, char **argv) |
15094 |
+@@ -663,6 +723,7 @@ int main(int argc, char **argv) |
15095 |
fname, strerror(errno)); |
15096 |
} |
15097 |
read_ehdr(fp); |
15098 |
@@ -12132,7 +12491,7 @@ index 2d2f01c..f985723 100644 |
15099 |
/* |
15100 |
* Force strict CPU ordering. |
15101 |
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h |
15102 |
-index cfd8144..1b1127d 100644 |
15103 |
+index cfd8144..664ac89 100644 |
15104 |
--- a/arch/x86/include/asm/thread_info.h |
15105 |
+++ b/arch/x86/include/asm/thread_info.h |
15106 |
@@ -10,6 +10,7 @@ |
15107 |
@@ -12182,7 +12541,45 @@ index cfd8144..1b1127d 100644 |
15108 |
#define init_stack (init_thread_union.stack) |
15109 |
|
15110 |
#else /* !__ASSEMBLY__ */ |
15111 |
-@@ -169,45 +163,40 @@ struct thread_info { |
15112 |
+@@ -95,6 +89,7 @@ struct thread_info { |
15113 |
+ #define TIF_BLOCKSTEP 25 /* set when we want DEBUGCTLMSR_BTF */ |
15114 |
+ #define TIF_LAZY_MMU_UPDATES 27 /* task is updating the mmu lazily */ |
15115 |
+ #define TIF_SYSCALL_TRACEPOINT 28 /* syscall tracepoint instrumentation */ |
15116 |
++#define TIF_GRSEC_SETXID 29 /* update credentials on syscall entry/exit */ |
15117 |
+ |
15118 |
+ #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) |
15119 |
+ #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) |
15120 |
+@@ -116,16 +111,17 @@ struct thread_info { |
15121 |
+ #define _TIF_BLOCKSTEP (1 << TIF_BLOCKSTEP) |
15122 |
+ #define _TIF_LAZY_MMU_UPDATES (1 << TIF_LAZY_MMU_UPDATES) |
15123 |
+ #define _TIF_SYSCALL_TRACEPOINT (1 << TIF_SYSCALL_TRACEPOINT) |
15124 |
++#define _TIF_GRSEC_SETXID (1 << TIF_GRSEC_SETXID) |
15125 |
+ |
15126 |
+ /* work to do in syscall_trace_enter() */ |
15127 |
+ #define _TIF_WORK_SYSCALL_ENTRY \ |
15128 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_EMU | _TIF_SYSCALL_AUDIT | \ |
15129 |
+- _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT) |
15130 |
++ _TIF_SECCOMP | _TIF_SINGLESTEP | _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
15131 |
+ |
15132 |
+ /* work to do in syscall_trace_leave() */ |
15133 |
+ #define _TIF_WORK_SYSCALL_EXIT \ |
15134 |
+ (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT | _TIF_SINGLESTEP | \ |
15135 |
+- _TIF_SYSCALL_TRACEPOINT) |
15136 |
++ _TIF_SYSCALL_TRACEPOINT | _TIF_GRSEC_SETXID) |
15137 |
+ |
15138 |
+ /* work to do on interrupt/exception return */ |
15139 |
+ #define _TIF_WORK_MASK \ |
15140 |
+@@ -135,7 +131,8 @@ struct thread_info { |
15141 |
+ |
15142 |
+ /* work to do on any return to user space */ |
15143 |
+ #define _TIF_ALLWORK_MASK \ |
15144 |
+- ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT) |
15145 |
++ ((0x0000FFFF & ~_TIF_SECCOMP) | _TIF_SYSCALL_TRACEPOINT | \ |
15146 |
++ _TIF_GRSEC_SETXID) |
15147 |
+ |
15148 |
+ /* Only used for 64 bit */ |
15149 |
+ #define _TIF_DO_NOTIFY_MASK \ |
15150 |
+@@ -169,45 +166,40 @@ struct thread_info { |
15151 |
ret; \ |
15152 |
}) |
15153 |
|
15154 |
@@ -12253,7 +12650,7 @@ index cfd8144..1b1127d 100644 |
15155 |
/* |
15156 |
* macros/functions for gaining access to the thread information structure |
15157 |
* preempt_count needs to be 1 initially, until the scheduler is functional. |
15158 |
-@@ -215,27 +204,8 @@ static inline struct thread_info *current_thread_info(void) |
15159 |
+@@ -215,27 +207,8 @@ static inline struct thread_info *current_thread_info(void) |
15160 |
#ifndef __ASSEMBLY__ |
15161 |
DECLARE_PER_CPU(unsigned long, kernel_stack); |
15162 |
|
15163 |
@@ -12283,7 +12680,7 @@ index cfd8144..1b1127d 100644 |
15164 |
#endif |
15165 |
|
15166 |
#endif /* !X86_32 */ |
15167 |
-@@ -269,5 +239,16 @@ extern void arch_task_cache_init(void); |
15168 |
+@@ -269,5 +242,16 @@ extern void arch_task_cache_init(void); |
15169 |
extern void free_thread_info(struct thread_info *ti); |
15170 |
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); |
15171 |
#define arch_task_cache_init arch_task_cache_init |
15172 |
@@ -14606,7 +15003,7 @@ index 9b9f18b..9fcaa04 100644 |
15173 |
#include <asm/processor.h> |
15174 |
#include <asm/fcntl.h> |
15175 |
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S |
15176 |
-index 7b784f4..76aaad7 100644 |
15177 |
+index 7b784f4..db6b628 100644 |
15178 |
--- a/arch/x86/kernel/entry_32.S |
15179 |
+++ b/arch/x86/kernel/entry_32.S |
15180 |
@@ -179,13 +179,146 @@ |
15181 |
@@ -14799,7 +15196,7 @@ index 7b784f4..76aaad7 100644 |
15182 |
+#ifdef CONFIG_PAX_KERNEXEC |
15183 |
+ jae resume_userspace |
15184 |
+ |
15185 |
-+ PAX_EXIT_KERNEL |
15186 |
++ pax_exit_kernel |
15187 |
+ jmp resume_kernel |
15188 |
+#else |
15189 |
jb resume_kernel # not returning to v8086 or userspace |
15190 |
@@ -18533,7 +18930,7 @@ index cfa5c90..4facd28 100644 |
15191 |
ip = *(u64 *)(fp+8); |
15192 |
if (!in_sched_functions(ip)) |
15193 |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c |
15194 |
-index 5026738..e1b5aa8 100644 |
15195 |
+index 5026738..574f70a 100644 |
15196 |
--- a/arch/x86/kernel/ptrace.c |
15197 |
+++ b/arch/x86/kernel/ptrace.c |
15198 |
@@ -792,6 +792,10 @@ static int ioperm_active(struct task_struct *target, |
15199 |
@@ -18582,6 +18979,41 @@ index 5026738..e1b5aa8 100644 |
15200 |
} |
15201 |
|
15202 |
void user_single_step_siginfo(struct task_struct *tsk, |
15203 |
+@@ -1361,6 +1365,10 @@ void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs, |
15204 |
+ # define IS_IA32 0 |
15205 |
+ #endif |
15206 |
+ |
15207 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
15208 |
++extern void gr_delayed_cred_worker(void); |
15209 |
++#endif |
15210 |
++ |
15211 |
+ /* |
15212 |
+ * We must return the syscall number to actually look up in the table. |
15213 |
+ * This can be -1L to skip running any syscall at all. |
15214 |
+@@ -1369,6 +1377,11 @@ long syscall_trace_enter(struct pt_regs *regs) |
15215 |
+ { |
15216 |
+ long ret = 0; |
15217 |
+ |
15218 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
15219 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
15220 |
++ gr_delayed_cred_worker(); |
15221 |
++#endif |
15222 |
++ |
15223 |
+ /* |
15224 |
+ * If we stepped into a sysenter/syscall insn, it trapped in |
15225 |
+ * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP. |
15226 |
+@@ -1412,6 +1425,11 @@ void syscall_trace_leave(struct pt_regs *regs) |
15227 |
+ { |
15228 |
+ bool step; |
15229 |
+ |
15230 |
++#ifdef CONFIG_GRKERNSEC_SETXID |
15231 |
++ if (unlikely(test_and_clear_thread_flag(TIF_GRSEC_SETXID))) |
15232 |
++ gr_delayed_cred_worker(); |
15233 |
++#endif |
15234 |
++ |
15235 |
+ audit_syscall_exit(regs); |
15236 |
+ |
15237 |
+ if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
15238 |
diff --git a/arch/x86/kernel/pvclock.c b/arch/x86/kernel/pvclock.c |
15239 |
index 42eb330..139955c 100644 |
15240 |
--- a/arch/x86/kernel/pvclock.c |
15241 |
@@ -18820,7 +19252,7 @@ index d7d5099..28555d0 100644 |
15242 |
bss_resource.start = virt_to_phys(&__bss_start); |
15243 |
bss_resource.end = virt_to_phys(&__bss_stop)-1; |
15244 |
diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c |
15245 |
-index 71f4727..217419b 100644 |
15246 |
+index 5a98aa2..848d2be 100644 |
15247 |
--- a/arch/x86/kernel/setup_percpu.c |
15248 |
+++ b/arch/x86/kernel/setup_percpu.c |
15249 |
@@ -21,19 +21,17 @@ |
15250 |
@@ -18879,7 +19311,7 @@ index 71f4727..217419b 100644 |
15251 |
write_gdt_entry(get_cpu_gdt_table(cpu), |
15252 |
GDT_ENTRY_PERCPU, &gdt, DESCTYPE_S); |
15253 |
#endif |
15254 |
-@@ -207,6 +209,11 @@ void __init setup_per_cpu_areas(void) |
15255 |
+@@ -219,6 +221,11 @@ void __init setup_per_cpu_areas(void) |
15256 |
/* alrighty, percpu areas up and running */ |
15257 |
delta = (unsigned long)pcpu_base_addr - (unsigned long)__per_cpu_start; |
15258 |
for_each_possible_cpu(cpu) { |
15259 |
@@ -18891,7 +19323,7 @@ index 71f4727..217419b 100644 |
15260 |
per_cpu_offset(cpu) = delta + pcpu_unit_offsets[cpu]; |
15261 |
per_cpu(this_cpu_off, cpu) = per_cpu_offset(cpu); |
15262 |
per_cpu(cpu_number, cpu) = cpu; |
15263 |
-@@ -247,6 +254,12 @@ void __init setup_per_cpu_areas(void) |
15264 |
+@@ -259,6 +266,12 @@ void __init setup_per_cpu_areas(void) |
15265 |
*/ |
15266 |
set_cpu_numa_node(cpu, early_cpu_to_node(cpu)); |
15267 |
#endif |
15268 |
@@ -20334,7 +20766,7 @@ index e385214..f8df033 100644 |
15269 |
|
15270 |
local_irq_disable(); |
15271 |
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
15272 |
-index 3b4c8d8..f457b63 100644 |
15273 |
+index a7a6f60..04b745a 100644 |
15274 |
--- a/arch/x86/kvm/vmx.c |
15275 |
+++ b/arch/x86/kvm/vmx.c |
15276 |
@@ -1306,7 +1306,11 @@ static void reload_tss(void) |
15277 |
@@ -20349,7 +20781,7 @@ index 3b4c8d8..f457b63 100644 |
15278 |
load_TR_desc(); |
15279 |
} |
15280 |
|
15281 |
-@@ -2631,8 +2635,11 @@ static __init int hardware_setup(void) |
15282 |
+@@ -2637,8 +2641,11 @@ static __init int hardware_setup(void) |
15283 |
if (!cpu_has_vmx_flexpriority()) |
15284 |
flexpriority_enabled = 0; |
15285 |
|
15286 |
@@ -20363,7 +20795,7 @@ index 3b4c8d8..f457b63 100644 |
15287 |
|
15288 |
if (enable_ept && !cpu_has_vmx_ept_2m_page()) |
15289 |
kvm_disable_largepages(); |
15290 |
-@@ -3648,7 +3655,7 @@ static void vmx_set_constant_host_state(void) |
15291 |
+@@ -3654,7 +3661,7 @@ static void vmx_set_constant_host_state(void) |
15292 |
vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ |
15293 |
|
15294 |
asm("mov $.Lkvm_vmx_return, %0" : "=r"(tmpl)); |
15295 |
@@ -20372,7 +20804,7 @@ index 3b4c8d8..f457b63 100644 |
15296 |
|
15297 |
rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); |
15298 |
vmcs_write32(HOST_IA32_SYSENTER_CS, low32); |
15299 |
-@@ -6184,6 +6191,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15300 |
+@@ -6192,6 +6199,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15301 |
"jmp .Lkvm_vmx_return \n\t" |
15302 |
".Llaunched: " __ex(ASM_VMX_VMRESUME) "\n\t" |
15303 |
".Lkvm_vmx_return: " |
15304 |
@@ -20385,7 +20817,7 @@ index 3b4c8d8..f457b63 100644 |
15305 |
/* Save guest registers, load host registers, keep flags */ |
15306 |
"mov %0, %c[wordsize](%%"R"sp) \n\t" |
15307 |
"pop %0 \n\t" |
15308 |
-@@ -6232,6 +6245,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15309 |
+@@ -6240,6 +6253,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15310 |
#endif |
15311 |
[cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), |
15312 |
[wordsize]"i"(sizeof(ulong)) |
15313 |
@@ -20397,7 +20829,7 @@ index 3b4c8d8..f457b63 100644 |
15314 |
: "cc", "memory" |
15315 |
, R"ax", R"bx", R"di", R"si" |
15316 |
#ifdef CONFIG_X86_64 |
15317 |
-@@ -6260,7 +6278,16 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15318 |
+@@ -6268,7 +6286,16 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
15319 |
} |
15320 |
} |
15321 |
|
15322 |
@@ -20416,7 +20848,7 @@ index 3b4c8d8..f457b63 100644 |
15323 |
|
15324 |
vmx->exit_reason = vmcs_read32(VM_EXIT_REASON); |
15325 |
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
15326 |
-index 9cbfc06..943ffa6 100644 |
15327 |
+index 8d1c6c6..6e6d611 100644 |
15328 |
--- a/arch/x86/kvm/x86.c |
15329 |
+++ b/arch/x86/kvm/x86.c |
15330 |
@@ -873,6 +873,7 @@ static int do_set_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *data) |
15331 |
@@ -20461,7 +20893,7 @@ index 9cbfc06..943ffa6 100644 |
15332 |
return -EINVAL; |
15333 |
if (irqchip_in_kernel(vcpu->kvm)) |
15334 |
return -ENXIO; |
15335 |
-@@ -3497,6 +3501,9 @@ gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva, |
15336 |
+@@ -3499,6 +3503,9 @@ gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva, |
15337 |
|
15338 |
static int kvm_read_guest_virt_helper(gva_t addr, void *val, unsigned int bytes, |
15339 |
struct kvm_vcpu *vcpu, u32 access, |
15340 |
@@ -20471,7 +20903,7 @@ index 9cbfc06..943ffa6 100644 |
15341 |
struct x86_exception *exception) |
15342 |
{ |
15343 |
void *data = val; |
15344 |
-@@ -3528,6 +3535,9 @@ out: |
15345 |
+@@ -3530,6 +3537,9 @@ out: |
15346 |
/* used for instruction fetching */ |
15347 |
static int kvm_fetch_guest_virt(struct x86_emulate_ctxt *ctxt, |
15348 |
gva_t addr, void *val, unsigned int bytes, |
15349 |
@@ -20481,7 +20913,7 @@ index 9cbfc06..943ffa6 100644 |
15350 |
struct x86_exception *exception) |
15351 |
{ |
15352 |
struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); |
15353 |
-@@ -3552,6 +3562,9 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_virt); |
15354 |
+@@ -3554,6 +3564,9 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_virt); |
15355 |
|
15356 |
static int kvm_read_guest_virt_system(struct x86_emulate_ctxt *ctxt, |
15357 |
gva_t addr, void *val, unsigned int bytes, |
15358 |
@@ -20491,7 +20923,7 @@ index 9cbfc06..943ffa6 100644 |
15359 |
struct x86_exception *exception) |
15360 |
{ |
15361 |
struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); |
15362 |
-@@ -3665,12 +3678,16 @@ static int read_prepare(struct kvm_vcpu *vcpu, void *val, int bytes) |
15363 |
+@@ -3667,12 +3680,16 @@ static int read_prepare(struct kvm_vcpu *vcpu, void *val, int bytes) |
15364 |
} |
15365 |
|
15366 |
static int read_emulate(struct kvm_vcpu *vcpu, gpa_t gpa, |
15367 |
@@ -20508,7 +20940,7 @@ index 9cbfc06..943ffa6 100644 |
15368 |
void *val, int bytes) |
15369 |
{ |
15370 |
return emulator_write_phys(vcpu, gpa, val, bytes); |
15371 |
-@@ -3821,6 +3838,12 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt, |
15372 |
+@@ -3823,6 +3840,12 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt, |
15373 |
const void *old, |
15374 |
const void *new, |
15375 |
unsigned int bytes, |
15376 |
@@ -20521,7 +20953,7 @@ index 9cbfc06..943ffa6 100644 |
15377 |
struct x86_exception *exception) |
15378 |
{ |
15379 |
struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt); |
15380 |
-@@ -4780,7 +4803,7 @@ static void kvm_set_mmio_spte_mask(void) |
15381 |
+@@ -4782,7 +4805,7 @@ static void kvm_set_mmio_spte_mask(void) |
15382 |
kvm_mmu_set_mmio_spte_mask(mask); |
15383 |
} |
15384 |
|
15385 |
@@ -20906,7 +21338,7 @@ index e8e7e0d..56fd1b0 100644 |
15386 |
movl %eax, (v) |
15387 |
movl %edx, 4(v) |
15388 |
diff --git a/arch/x86/lib/atomic64_cx8_32.S b/arch/x86/lib/atomic64_cx8_32.S |
15389 |
-index 391a083..d658e9f 100644 |
15390 |
+index 391a083..3a2cf39 100644 |
15391 |
--- a/arch/x86/lib/atomic64_cx8_32.S |
15392 |
+++ b/arch/x86/lib/atomic64_cx8_32.S |
15393 |
@@ -35,10 +35,20 @@ ENTRY(atomic64_read_cx8) |
15394 |
@@ -21017,7 +21449,7 @@ index 391a083..d658e9f 100644 |
15395 |
|
15396 |
-.macro incdec_return func ins insc |
15397 |
-ENTRY(atomic64_\func\()_return_cx8) |
15398 |
-+.macro incdec_return func ins insc unchecked |
15399 |
++.macro incdec_return func ins insc unchecked="" |
15400 |
+ENTRY(atomic64_\func\()_return\unchecked\()_cx8) |
15401 |
CFI_STARTPROC |
15402 |
SAVE ebx |
15403 |
@@ -24310,7 +24742,7 @@ index f4f29b1..5cac4fb 100644 |
15404 |
|
15405 |
return (void *)vaddr; |
15406 |
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
15407 |
-index 8ecbb4b..29efd37 100644 |
15408 |
+index 8ecbb4b..a269cab 100644 |
15409 |
--- a/arch/x86/mm/hugetlbpage.c |
15410 |
+++ b/arch/x86/mm/hugetlbpage.c |
15411 |
@@ -266,13 +266,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
15412 |
@@ -24386,7 +24818,7 @@ index 8ecbb4b..29efd37 100644 |
15413 |
|
15414 |
/* don't allow allocations above current base */ |
15415 |
if (mm->free_area_cache > base) |
15416 |
-@@ -321,66 +328,63 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
15417 |
+@@ -321,14 +328,15 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
15418 |
largest_hole = 0; |
15419 |
mm->free_area_cache = base; |
15420 |
} |
15421 |
@@ -24401,16 +24833,10 @@ index 8ecbb4b..29efd37 100644 |
15422 |
+ addr = (mm->free_area_cache - len); |
15423 |
do { |
15424 |
+ addr &= huge_page_mask(h); |
15425 |
-+ vma = find_vma(mm, addr); |
15426 |
/* |
15427 |
* Lookup failure means no vma is above this address, |
15428 |
* i.e. return with success: |
15429 |
-- */ |
15430 |
-- vma = find_vma(mm, addr); |
15431 |
-- if (!vma) |
15432 |
-- return addr; |
15433 |
-- |
15434 |
-- /* |
15435 |
+@@ -341,46 +349,47 @@ try_again: |
15436 |
* new region fits between prev_vma->vm_end and |
15437 |
* vma->vm_start, use it: |
15438 |
*/ |
15439 |
@@ -24483,7 +24909,7 @@ index 8ecbb4b..29efd37 100644 |
15440 |
mm->cached_hole_size = ~0UL; |
15441 |
addr = hugetlb_get_unmapped_area_bottomup(file, addr0, |
15442 |
len, pgoff, flags); |
15443 |
-@@ -388,6 +392,7 @@ fail: |
15444 |
+@@ -388,6 +397,7 @@ fail: |
15445 |
/* |
15446 |
* Restore the topdown base: |
15447 |
*/ |
15448 |
@@ -24491,7 +24917,7 @@ index 8ecbb4b..29efd37 100644 |
15449 |
mm->free_area_cache = base; |
15450 |
mm->cached_hole_size = ~0UL; |
15451 |
|
15452 |
-@@ -401,10 +406,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
15453 |
+@@ -401,10 +411,19 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
15454 |
struct hstate *h = hstate_file(file); |
15455 |
struct mm_struct *mm = current->mm; |
15456 |
struct vm_area_struct *vma; |
15457 |
@@ -24512,7 +24938,7 @@ index 8ecbb4b..29efd37 100644 |
15458 |
return -ENOMEM; |
15459 |
|
15460 |
if (flags & MAP_FIXED) { |
15461 |
-@@ -416,8 +430,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
15462 |
+@@ -416,8 +435,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
15463 |
if (addr) { |
15464 |
addr = ALIGN(addr, huge_page_size(h)); |
15465 |
vma = find_vma(mm, addr); |
15466 |
@@ -24940,7 +25366,7 @@ index 8663f6c..829ae76 100644 |
15467 |
printk(KERN_INFO "Write protecting the kernel text: %luk\n", |
15468 |
size >> 10); |
15469 |
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c |
15470 |
-index 436a030..2b60088 100644 |
15471 |
+index 436a030..4f97ffc 100644 |
15472 |
--- a/arch/x86/mm/init_64.c |
15473 |
+++ b/arch/x86/mm/init_64.c |
15474 |
@@ -75,7 +75,7 @@ early_param("gbpages", parse_direct_gbpages_on); |
15475 |
@@ -25057,6 +25483,15 @@ index 436a030..2b60088 100644 |
15476 |
adr = (void *)(((unsigned long)adr) | left); |
15477 |
|
15478 |
return adr; |
15479 |
+@@ -546,7 +560,7 @@ phys_pud_init(pud_t *pud_page, unsigned long addr, unsigned long end, |
15480 |
+ unmap_low_page(pmd); |
15481 |
+ |
15482 |
+ spin_lock(&init_mm.page_table_lock); |
15483 |
+- pud_populate(&init_mm, pud, __va(pmd_phys)); |
15484 |
++ pud_populate_kernel(&init_mm, pud, __va(pmd_phys)); |
15485 |
+ spin_unlock(&init_mm.page_table_lock); |
15486 |
+ } |
15487 |
+ __flush_tlb_all(); |
15488 |
@@ -592,7 +606,7 @@ kernel_physical_mapping_init(unsigned long start, |
15489 |
unmap_low_page(pud); |
15490 |
|
15491 |
@@ -26837,10 +27272,10 @@ index 153407c..611cba9 100644 |
15492 |
-} |
15493 |
-__setup("vdso=", vdso_setup); |
15494 |
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
15495 |
-index 4172af8..2c8ed7f 100644 |
15496 |
+index 4e517d4..68a48f5 100644 |
15497 |
--- a/arch/x86/xen/enlighten.c |
15498 |
+++ b/arch/x86/xen/enlighten.c |
15499 |
-@@ -85,8 +85,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); |
15500 |
+@@ -86,8 +86,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); |
15501 |
|
15502 |
struct shared_info xen_dummy_shared_info; |
15503 |
|
15504 |
@@ -26849,7 +27284,7 @@ index 4172af8..2c8ed7f 100644 |
15505 |
RESERVE_BRK(shared_info_page_brk, PAGE_SIZE); |
15506 |
__read_mostly int xen_have_vector_callback; |
15507 |
EXPORT_SYMBOL_GPL(xen_have_vector_callback); |
15508 |
-@@ -1029,30 +1027,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
15509 |
+@@ -1030,30 +1028,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
15510 |
#endif |
15511 |
}; |
15512 |
|
15513 |
@@ -26887,7 +27322,7 @@ index 4172af8..2c8ed7f 100644 |
15514 |
{ |
15515 |
if (pm_power_off) |
15516 |
pm_power_off(); |
15517 |
-@@ -1155,7 +1153,17 @@ asmlinkage void __init xen_start_kernel(void) |
15518 |
+@@ -1156,7 +1154,17 @@ asmlinkage void __init xen_start_kernel(void) |
15519 |
__userpte_alloc_gfp &= ~__GFP_HIGHMEM; |
15520 |
|
15521 |
/* Work out if we support NX */ |
15522 |
@@ -26906,7 +27341,7 @@ index 4172af8..2c8ed7f 100644 |
15523 |
|
15524 |
xen_setup_features(); |
15525 |
|
15526 |
-@@ -1186,13 +1194,6 @@ asmlinkage void __init xen_start_kernel(void) |
15527 |
+@@ -1187,13 +1195,6 @@ asmlinkage void __init xen_start_kernel(void) |
15528 |
|
15529 |
machine_ops = xen_machine_ops; |
15530 |
|
15531 |
@@ -26921,10 +27356,10 @@ index 4172af8..2c8ed7f 100644 |
15532 |
|
15533 |
#ifdef CONFIG_ACPI_NUMA |
15534 |
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
15535 |
-index 95c1cf6..4bfa5be 100644 |
15536 |
+index dc19347..1b07a2c 100644 |
15537 |
--- a/arch/x86/xen/mmu.c |
15538 |
+++ b/arch/x86/xen/mmu.c |
15539 |
-@@ -1733,6 +1733,9 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
15540 |
+@@ -1738,6 +1738,9 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
15541 |
convert_pfn_mfn(init_level4_pgt); |
15542 |
convert_pfn_mfn(level3_ident_pgt); |
15543 |
convert_pfn_mfn(level3_kernel_pgt); |
15544 |
@@ -26934,7 +27369,7 @@ index 95c1cf6..4bfa5be 100644 |
15545 |
|
15546 |
l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd); |
15547 |
l2 = m2v(l3[pud_index(__START_KERNEL_map)].pud); |
15548 |
-@@ -1751,7 +1754,11 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
15549 |
+@@ -1756,7 +1759,11 @@ pgd_t * __init xen_setup_kernel_pagetable(pgd_t *pgd, |
15550 |
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); |
15551 |
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); |
15552 |
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); |
15553 |
@@ -26946,7 +27381,7 @@ index 95c1cf6..4bfa5be 100644 |
15554 |
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); |
15555 |
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); |
15556 |
|
15557 |
-@@ -1958,6 +1965,7 @@ static void __init xen_post_allocator_init(void) |
15558 |
+@@ -1963,6 +1970,7 @@ static void __init xen_post_allocator_init(void) |
15559 |
pv_mmu_ops.set_pud = xen_set_pud; |
15560 |
#if PAGETABLE_LEVELS == 4 |
15561 |
pv_mmu_ops.set_pgd = xen_set_pgd; |
15562 |
@@ -26954,7 +27389,7 @@ index 95c1cf6..4bfa5be 100644 |
15563 |
#endif |
15564 |
|
15565 |
/* This will work as long as patching hasn't happened yet |
15566 |
-@@ -2039,6 +2047,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { |
15567 |
+@@ -2044,6 +2052,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { |
15568 |
.pud_val = PV_CALLEE_SAVE(xen_pud_val), |
15569 |
.make_pud = PV_CALLEE_SAVE(xen_make_pud), |
15570 |
.set_pgd = xen_set_pgd_hyper, |
15571 |
@@ -46851,10 +47286,10 @@ index 5698746..6086012 100644 |
15572 |
kfree(s); |
15573 |
} |
15574 |
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c |
15575 |
-index 3645cd3..786809c 100644 |
15576 |
+index c60267e..193d9e4 100644 |
15577 |
--- a/fs/hugetlbfs/inode.c |
15578 |
+++ b/fs/hugetlbfs/inode.c |
15579 |
-@@ -914,7 +914,7 @@ static struct file_system_type hugetlbfs_fs_type = { |
15580 |
+@@ -902,7 +902,7 @@ static struct file_system_type hugetlbfs_fs_type = { |
15581 |
.kill_sb = kill_litter_super, |
15582 |
}; |
15583 |
|
15584 |
@@ -47597,7 +48032,7 @@ index f649fba..236bf92 100644 |
15585 |
|
15586 |
void nfs_fattr_init(struct nfs_fattr *fattr) |
15587 |
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c |
15588 |
-index edf6d3e..bdd1da7 100644 |
15589 |
+index b96fe94..a4dbece 100644 |
15590 |
--- a/fs/nfsd/vfs.c |
15591 |
+++ b/fs/nfsd/vfs.c |
15592 |
@@ -925,7 +925,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file, |
15593 |
@@ -49831,10 +50266,10 @@ index ab30253..4d86958 100644 |
15594 |
kfree(s); |
15595 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
15596 |
new file mode 100644 |
15597 |
-index 0000000..4089e05 |
15598 |
+index 0000000..2645296 |
15599 |
--- /dev/null |
15600 |
+++ b/grsecurity/Kconfig |
15601 |
-@@ -0,0 +1,1078 @@ |
15602 |
+@@ -0,0 +1,1079 @@ |
15603 |
+# |
15604 |
+# grecurity configuration |
15605 |
+# |
15606 |
@@ -49969,7 +50404,7 @@ index 0000000..4089e05 |
15607 |
+ select GRKERNSEC_PROC_ADD |
15608 |
+ select GRKERNSEC_CHROOT_CHMOD |
15609 |
+ select GRKERNSEC_CHROOT_NICE |
15610 |
-+ select GRKERNSEC_SETXID |
15611 |
++ select GRKERNSEC_SETXID if (X86 || SPARC64 || PPC || ARM || MIPS) |
15612 |
+ select GRKERNSEC_AUDIT_MOUNT |
15613 |
+ select GRKERNSEC_MODHARDEN if (MODULES) |
15614 |
+ select GRKERNSEC_HARDEN_PTRACE |
15615 |
@@ -50664,6 +51099,7 @@ index 0000000..4089e05 |
15616 |
+ |
15617 |
+config GRKERNSEC_SETXID |
15618 |
+ bool "Enforce consistent multithreaded privileges" |
15619 |
++ depends on (X86 || SPARC64 || PPC || ARM || MIPS) |
15620 |
+ help |
15621 |
+ If you say Y here, a change from a root uid to a non-root uid |
15622 |
+ in a multithreaded application will cause the resulting uids, |
15623 |
@@ -50959,10 +51395,10 @@ index 0000000..1b9afa9 |
15624 |
+endif |
15625 |
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c |
15626 |
new file mode 100644 |
15627 |
-index 0000000..42813ac |
15628 |
+index 0000000..a6d83f0 |
15629 |
--- /dev/null |
15630 |
+++ b/grsecurity/gracl.c |
15631 |
-@@ -0,0 +1,4192 @@ |
15632 |
+@@ -0,0 +1,4193 @@ |
15633 |
+#include <linux/kernel.h> |
15634 |
+#include <linux/module.h> |
15635 |
+#include <linux/sched.h> |
15636 |
@@ -54820,21 +55256,22 @@ index 0000000..42813ac |
15637 |
+ if (unlikely(!(gr_status & GR_READY))) |
15638 |
+ return 0; |
15639 |
+#endif |
15640 |
++ if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) { |
15641 |
++ read_lock(&tasklist_lock); |
15642 |
++ while (tmp->pid > 0) { |
15643 |
++ if (tmp == curtemp) |
15644 |
++ break; |
15645 |
++ tmp = tmp->real_parent; |
15646 |
++ } |
15647 |
+ |
15648 |
-+ read_lock(&tasklist_lock); |
15649 |
-+ while (tmp->pid > 0) { |
15650 |
-+ if (tmp == curtemp) |
15651 |
-+ break; |
15652 |
-+ tmp = tmp->real_parent; |
15653 |
-+ } |
15654 |
-+ |
15655 |
-+ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
15656 |
-+ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
15657 |
++ if (tmp->pid == 0 && ((grsec_enable_harden_ptrace && current_uid() && !(gr_status & GR_READY)) || |
15658 |
++ ((gr_status & GR_READY) && !(current->acl->mode & GR_RELAXPTRACE)))) { |
15659 |
++ read_unlock(&tasklist_lock); |
15660 |
++ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
15661 |
++ return 1; |
15662 |
++ } |
15663 |
+ read_unlock(&tasklist_lock); |
15664 |
-+ gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task); |
15665 |
-+ return 1; |
15666 |
+ } |
15667 |
-+ read_unlock(&tasklist_lock); |
15668 |
+ |
15669 |
+#ifdef CONFIG_GRKERNSEC_HARDEN_PTRACE |
15670 |
+ if (!(gr_status & GR_READY)) |
15671 |
@@ -62544,7 +62981,7 @@ index 9c07dce..a92fa71 100644 |
15672 |
if (atomic_sub_and_test((int) count, &kref->refcount)) { |
15673 |
release(kref); |
15674 |
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h |
15675 |
-index bc21720..098aefa 100644 |
15676 |
+index 4c4e83d..5f16617 100644 |
15677 |
--- a/include/linux/kvm_host.h |
15678 |
+++ b/include/linux/kvm_host.h |
15679 |
@@ -326,7 +326,7 @@ void kvm_vcpu_uninit(struct kvm_vcpu *vcpu); |
15680 |
@@ -63114,7 +63551,7 @@ index ffc0213..2c1f2cb 100644 |
15681 |
return nd->saved_names[nd->depth]; |
15682 |
} |
15683 |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
15684 |
-index 4f3b01a..8256d1a 100644 |
15685 |
+index 7e472b7..212d381 100644 |
15686 |
--- a/include/linux/netdevice.h |
15687 |
+++ b/include/linux/netdevice.h |
15688 |
@@ -1002,6 +1002,7 @@ struct net_device_ops { |
15689 |
@@ -66076,7 +66513,7 @@ index 42e8fa0..9e7406b 100644 |
15690 |
return -ENOMEM; |
15691 |
|
15692 |
diff --git a/kernel/cred.c b/kernel/cred.c |
15693 |
-index 48c6fd3..3342f00 100644 |
15694 |
+index 48c6fd3..8398912 100644 |
15695 |
--- a/kernel/cred.c |
15696 |
+++ b/kernel/cred.c |
15697 |
@@ -204,6 +204,15 @@ void exit_creds(struct task_struct *tsk) |
15698 |
@@ -66113,7 +66550,7 @@ index 48c6fd3..3342f00 100644 |
15699 |
/* dumpability changes */ |
15700 |
if (old->euid != new->euid || |
15701 |
old->egid != new->egid || |
15702 |
-@@ -540,6 +551,92 @@ int commit_creds(struct cred *new) |
15703 |
+@@ -540,6 +551,101 @@ int commit_creds(struct cred *new) |
15704 |
put_cred(old); |
15705 |
return 0; |
15706 |
} |
15707 |
@@ -66179,6 +66616,8 @@ index 48c6fd3..3342f00 100644 |
15708 |
+int commit_creds(struct cred *new) |
15709 |
+{ |
15710 |
+#ifdef CONFIG_GRKERNSEC_SETXID |
15711 |
++ int ret; |
15712 |
++ int schedule_it = 0; |
15713 |
+ struct task_struct *t; |
15714 |
+ |
15715 |
+ /* we won't get called with tasklist_lock held for writing |
15716 |
@@ -66187,20 +66626,27 @@ index 48c6fd3..3342f00 100644 |
15717 |
+ */ |
15718 |
+ if (grsec_enable_setxid && !current_is_single_threaded() && |
15719 |
+ !current_uid() && new->uid) { |
15720 |
++ schedule_it = 1; |
15721 |
++ } |
15722 |
++ ret = __commit_creds(new); |
15723 |
++ if (schedule_it) { |
15724 |
+ rcu_read_lock(); |
15725 |
+ read_lock(&tasklist_lock); |
15726 |
+ for (t = next_thread(current); t != current; |
15727 |
+ t = next_thread(t)) { |
15728 |
+ if (t->delayed_cred == NULL) { |
15729 |
+ t->delayed_cred = get_cred(new); |
15730 |
++ set_tsk_thread_flag(t, TIF_GRSEC_SETXID); |
15731 |
+ set_tsk_need_resched(t); |
15732 |
+ } |
15733 |
+ } |
15734 |
+ read_unlock(&tasklist_lock); |
15735 |
+ rcu_read_unlock(); |
15736 |
+ } |
15737 |
-+#endif |
15738 |
++ return ret; |
15739 |
++#else |
15740 |
+ return __commit_creds(new); |
15741 |
++#endif |
15742 |
+} |
15743 |
+ |
15744 |
EXPORT_SYMBOL(commit_creds); |
15745 |
@@ -69073,39 +69519,10 @@ index e8a1f83..363d17d 100644 |
15746 |
#ifdef CONFIG_RT_GROUP_SCHED |
15747 |
/* |
15748 |
diff --git a/kernel/sched/core.c b/kernel/sched/core.c |
15749 |
-index 478a04c..6970d99 100644 |
15750 |
+index 478a04c..e16339a 100644 |
15751 |
--- a/kernel/sched/core.c |
15752 |
+++ b/kernel/sched/core.c |
15753 |
-@@ -3142,6 +3142,19 @@ pick_next_task(struct rq *rq) |
15754 |
- BUG(); /* the idle class will always have a runnable task */ |
15755 |
- } |
15756 |
- |
15757 |
-+#ifdef CONFIG_GRKERNSEC_SETXID |
15758 |
-+extern void gr_delayed_cred_worker(void); |
15759 |
-+static inline void gr_cred_schedule(void) |
15760 |
-+{ |
15761 |
-+ if (unlikely(current->delayed_cred)) |
15762 |
-+ gr_delayed_cred_worker(); |
15763 |
-+} |
15764 |
-+#else |
15765 |
-+static inline void gr_cred_schedule(void) |
15766 |
-+{ |
15767 |
-+} |
15768 |
-+#endif |
15769 |
-+ |
15770 |
- /* |
15771 |
- * __schedule() is the main scheduler function. |
15772 |
- */ |
15773 |
-@@ -3161,6 +3174,8 @@ need_resched: |
15774 |
- |
15775 |
- schedule_debug(prev); |
15776 |
- |
15777 |
-+ gr_cred_schedule(); |
15778 |
-+ |
15779 |
- if (sched_feat(HRTICK)) |
15780 |
- hrtick_clear(rq); |
15781 |
- |
15782 |
-@@ -3851,6 +3866,8 @@ int can_nice(const struct task_struct *p, const int nice) |
15783 |
+@@ -3851,6 +3851,8 @@ int can_nice(const struct task_struct *p, const int nice) |
15784 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
15785 |
int nice_rlim = 20 - nice; |
15786 |
|
15787 |
@@ -69114,7 +69531,7 @@ index 478a04c..6970d99 100644 |
15788 |
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || |
15789 |
capable(CAP_SYS_NICE)); |
15790 |
} |
15791 |
-@@ -3884,7 +3901,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
15792 |
+@@ -3884,7 +3886,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
15793 |
if (nice > 19) |
15794 |
nice = 19; |
15795 |
|
15796 |
@@ -69124,7 +69541,7 @@ index 478a04c..6970d99 100644 |
15797 |
return -EPERM; |
15798 |
|
15799 |
retval = security_task_setnice(current, nice); |
15800 |
-@@ -4041,6 +4059,7 @@ recheck: |
15801 |
+@@ -4041,6 +4044,7 @@ recheck: |
15802 |
unsigned long rlim_rtprio = |
15803 |
task_rlimit(p, RLIMIT_RTPRIO); |
15804 |
|
15805 |
@@ -70448,6 +70865,28 @@ index 013a761..c28f3fc 100644 |
15806 |
#define free(a) kfree(a) |
15807 |
#endif |
15808 |
|
15809 |
+diff --git a/lib/ioremap.c b/lib/ioremap.c |
15810 |
+index da4e2ad..6373b5f 100644 |
15811 |
+--- a/lib/ioremap.c |
15812 |
++++ b/lib/ioremap.c |
15813 |
+@@ -38,7 +38,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, |
15814 |
+ unsigned long next; |
15815 |
+ |
15816 |
+ phys_addr -= addr; |
15817 |
+- pmd = pmd_alloc(&init_mm, pud, addr); |
15818 |
++ pmd = pmd_alloc_kernel(&init_mm, pud, addr); |
15819 |
+ if (!pmd) |
15820 |
+ return -ENOMEM; |
15821 |
+ do { |
15822 |
+@@ -56,7 +56,7 @@ static inline int ioremap_pud_range(pgd_t *pgd, unsigned long addr, |
15823 |
+ unsigned long next; |
15824 |
+ |
15825 |
+ phys_addr -= addr; |
15826 |
+- pud = pud_alloc(&init_mm, pgd, addr); |
15827 |
++ pud = pud_alloc_kernel(&init_mm, pgd, addr); |
15828 |
+ if (!pud) |
15829 |
+ return -ENOMEM; |
15830 |
+ do { |
15831 |
diff --git a/lib/is_single_threaded.c b/lib/is_single_threaded.c |
15832 |
index bd2bea9..6b3c95e 100644 |
15833 |
--- a/lib/is_single_threaded.c |
15834 |
@@ -70677,10 +71116,10 @@ index 8f7fc39..69bf1e9 100644 |
15835 |
/* if an huge pmd materialized from under us just retry later */ |
15836 |
if (unlikely(pmd_trans_huge(*pmd))) |
15837 |
diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
15838 |
-index a7cf829..d60e0e1 100644 |
15839 |
+index 24b1787..e0fbc01 100644 |
15840 |
--- a/mm/hugetlb.c |
15841 |
+++ b/mm/hugetlb.c |
15842 |
-@@ -2346,6 +2346,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
15843 |
+@@ -2425,6 +2425,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
15844 |
return 1; |
15845 |
} |
15846 |
|
15847 |
@@ -70708,7 +71147,7 @@ index a7cf829..d60e0e1 100644 |
15848 |
/* |
15849 |
* Hugetlb_cow() should be called with page lock of the original hugepage held. |
15850 |
* Called with hugetlb_instantiation_mutex held and pte_page locked so we |
15851 |
-@@ -2459,6 +2480,11 @@ retry_avoidcopy: |
15852 |
+@@ -2538,6 +2559,11 @@ retry_avoidcopy: |
15853 |
make_huge_pte(vma, new_page, 1)); |
15854 |
page_remove_rmap(old_page); |
15855 |
hugepage_add_new_anon_rmap(new_page, vma, address); |
15856 |
@@ -70720,7 +71159,7 @@ index a7cf829..d60e0e1 100644 |
15857 |
/* Make the old page be freed below */ |
15858 |
new_page = old_page; |
15859 |
mmu_notifier_invalidate_range_end(mm, |
15860 |
-@@ -2613,6 +2639,10 @@ retry: |
15861 |
+@@ -2692,6 +2718,10 @@ retry: |
15862 |
&& (vma->vm_flags & VM_SHARED))); |
15863 |
set_huge_pte_at(mm, address, ptep, new_pte); |
15864 |
|
15865 |
@@ -70731,7 +71170,7 @@ index a7cf829..d60e0e1 100644 |
15866 |
if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { |
15867 |
/* Optimization, do the COW without a second fault */ |
15868 |
ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page); |
15869 |
-@@ -2642,6 +2672,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
15870 |
+@@ -2721,6 +2751,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
15871 |
static DEFINE_MUTEX(hugetlb_instantiation_mutex); |
15872 |
struct hstate *h = hstate_vma(vma); |
15873 |
|
15874 |
@@ -70742,7 +71181,7 @@ index a7cf829..d60e0e1 100644 |
15875 |
address &= huge_page_mask(h); |
15876 |
|
15877 |
ptep = huge_pte_offset(mm, address); |
15878 |
-@@ -2655,6 +2689,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
15879 |
+@@ -2734,6 +2768,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
15880 |
VM_FAULT_SET_HINDEX(h - hstates); |
15881 |
} |
15882 |
|
15883 |
@@ -70982,7 +71421,7 @@ index 56080ea..115071e 100644 |
15884 |
/* keep elevated page count for bad page */ |
15885 |
return ret; |
15886 |
diff --git a/mm/memory.c b/mm/memory.c |
15887 |
-index 10b4dda..b1f60ad 100644 |
15888 |
+index 10b4dda..06857f3 100644 |
15889 |
--- a/mm/memory.c |
15890 |
+++ b/mm/memory.c |
15891 |
@@ -457,8 +457,12 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, |
15892 |
@@ -71109,7 +71548,29 @@ index 10b4dda..b1f60ad 100644 |
15893 |
|
15894 |
if (addr < vma->vm_start || addr >= vma->vm_end) |
15895 |
return -EFAULT; |
15896 |
-@@ -2472,6 +2485,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
15897 |
+@@ -2364,7 +2377,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
15898 |
+ |
15899 |
+ BUG_ON(pud_huge(*pud)); |
15900 |
+ |
15901 |
+- pmd = pmd_alloc(mm, pud, addr); |
15902 |
++ pmd = (mm == &init_mm) ? |
15903 |
++ pmd_alloc_kernel(mm, pud, addr) : |
15904 |
++ pmd_alloc(mm, pud, addr); |
15905 |
+ if (!pmd) |
15906 |
+ return -ENOMEM; |
15907 |
+ do { |
15908 |
+@@ -2384,7 +2399,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
15909 |
+ unsigned long next; |
15910 |
+ int err; |
15911 |
+ |
15912 |
+- pud = pud_alloc(mm, pgd, addr); |
15913 |
++ pud = (mm == &init_mm) ? |
15914 |
++ pud_alloc_kernel(mm, pgd, addr) : |
15915 |
++ pud_alloc(mm, pgd, addr); |
15916 |
+ if (!pud) |
15917 |
+ return -ENOMEM; |
15918 |
+ do { |
15919 |
+@@ -2472,6 +2489,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
15920 |
copy_user_highpage(dst, src, va, vma); |
15921 |
} |
15922 |
|
15923 |
@@ -71296,7 +71757,7 @@ index 10b4dda..b1f60ad 100644 |
15924 |
/* |
15925 |
* This routine handles present pages, when users try to write |
15926 |
* to a shared page. It is done by copying the page to a new address |
15927 |
-@@ -2683,6 +2876,12 @@ gotten: |
15928 |
+@@ -2683,6 +2880,12 @@ gotten: |
15929 |
*/ |
15930 |
page_table = pte_offset_map_lock(mm, pmd, address, &ptl); |
15931 |
if (likely(pte_same(*page_table, orig_pte))) { |
15932 |
@@ -71309,7 +71770,7 @@ index 10b4dda..b1f60ad 100644 |
15933 |
if (old_page) { |
15934 |
if (!PageAnon(old_page)) { |
15935 |
dec_mm_counter_fast(mm, MM_FILEPAGES); |
15936 |
-@@ -2734,6 +2933,10 @@ gotten: |
15937 |
+@@ -2734,6 +2937,10 @@ gotten: |
15938 |
page_remove_rmap(old_page); |
15939 |
} |
15940 |
|
15941 |
@@ -71320,7 +71781,7 @@ index 10b4dda..b1f60ad 100644 |
15942 |
/* Free the old page.. */ |
15943 |
new_page = old_page; |
15944 |
ret |= VM_FAULT_WRITE; |
15945 |
-@@ -3013,6 +3216,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15946 |
+@@ -3013,6 +3220,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15947 |
swap_free(entry); |
15948 |
if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) |
15949 |
try_to_free_swap(page); |
15950 |
@@ -71332,7 +71793,7 @@ index 10b4dda..b1f60ad 100644 |
15951 |
unlock_page(page); |
15952 |
if (swapcache) { |
15953 |
/* |
15954 |
-@@ -3036,6 +3244,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15955 |
+@@ -3036,6 +3248,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15956 |
|
15957 |
/* No need to invalidate - it was non-present before */ |
15958 |
update_mmu_cache(vma, address, page_table); |
15959 |
@@ -71344,7 +71805,7 @@ index 10b4dda..b1f60ad 100644 |
15960 |
unlock: |
15961 |
pte_unmap_unlock(page_table, ptl); |
15962 |
out: |
15963 |
-@@ -3055,40 +3268,6 @@ out_release: |
15964 |
+@@ -3055,40 +3272,6 @@ out_release: |
15965 |
} |
15966 |
|
15967 |
/* |
15968 |
@@ -71385,7 +71846,7 @@ index 10b4dda..b1f60ad 100644 |
15969 |
* We enter with non-exclusive mmap_sem (to exclude vma changes, |
15970 |
* but allow concurrent faults), and pte mapped but not yet locked. |
15971 |
* We return with mmap_sem still held, but pte unmapped and unlocked. |
15972 |
-@@ -3097,27 +3276,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15973 |
+@@ -3097,27 +3280,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15974 |
unsigned long address, pte_t *page_table, pmd_t *pmd, |
15975 |
unsigned int flags) |
15976 |
{ |
15977 |
@@ -71418,7 +71879,7 @@ index 10b4dda..b1f60ad 100644 |
15978 |
if (unlikely(anon_vma_prepare(vma))) |
15979 |
goto oom; |
15980 |
page = alloc_zeroed_user_highpage_movable(vma, address); |
15981 |
-@@ -3136,6 +3311,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15982 |
+@@ -3136,6 +3315,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
15983 |
if (!pte_none(*page_table)) |
15984 |
goto release; |
15985 |
|
15986 |
@@ -71430,7 +71891,7 @@ index 10b4dda..b1f60ad 100644 |
15987 |
inc_mm_counter_fast(mm, MM_ANONPAGES); |
15988 |
page_add_new_anon_rmap(page, vma, address); |
15989 |
setpte: |
15990 |
-@@ -3143,6 +3323,12 @@ setpte: |
15991 |
+@@ -3143,6 +3327,12 @@ setpte: |
15992 |
|
15993 |
/* No need to invalidate - it was non-present before */ |
15994 |
update_mmu_cache(vma, address, page_table); |
15995 |
@@ -71443,7 +71904,7 @@ index 10b4dda..b1f60ad 100644 |
15996 |
unlock: |
15997 |
pte_unmap_unlock(page_table, ptl); |
15998 |
return 0; |
15999 |
-@@ -3286,6 +3472,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16000 |
+@@ -3286,6 +3476,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16001 |
*/ |
16002 |
/* Only go through if we didn't race with anybody else... */ |
16003 |
if (likely(pte_same(*page_table, orig_pte))) { |
16004 |
@@ -71456,7 +71917,7 @@ index 10b4dda..b1f60ad 100644 |
16005 |
flush_icache_page(vma, page); |
16006 |
entry = mk_pte(page, vma->vm_page_prot); |
16007 |
if (flags & FAULT_FLAG_WRITE) |
16008 |
-@@ -3305,6 +3497,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16009 |
+@@ -3305,6 +3501,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16010 |
|
16011 |
/* no need to invalidate: a not-present page won't be cached */ |
16012 |
update_mmu_cache(vma, address, page_table); |
16013 |
@@ -71471,7 +71932,7 @@ index 10b4dda..b1f60ad 100644 |
16014 |
} else { |
16015 |
if (cow_page) |
16016 |
mem_cgroup_uncharge_page(cow_page); |
16017 |
-@@ -3458,6 +3658,12 @@ int handle_pte_fault(struct mm_struct *mm, |
16018 |
+@@ -3458,6 +3662,12 @@ int handle_pte_fault(struct mm_struct *mm, |
16019 |
if (flags & FAULT_FLAG_WRITE) |
16020 |
flush_tlb_fix_spurious_fault(vma, address); |
16021 |
} |
16022 |
@@ -71484,7 +71945,7 @@ index 10b4dda..b1f60ad 100644 |
16023 |
unlock: |
16024 |
pte_unmap_unlock(pte, ptl); |
16025 |
return 0; |
16026 |
-@@ -3474,6 +3680,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16027 |
+@@ -3474,6 +3684,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16028 |
pmd_t *pmd; |
16029 |
pte_t *pte; |
16030 |
|
16031 |
@@ -71495,7 +71956,7 @@ index 10b4dda..b1f60ad 100644 |
16032 |
__set_current_state(TASK_RUNNING); |
16033 |
|
16034 |
count_vm_event(PGFAULT); |
16035 |
-@@ -3485,6 +3695,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16036 |
+@@ -3485,6 +3699,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16037 |
if (unlikely(is_vm_hugetlb_page(vma))) |
16038 |
return hugetlb_fault(mm, vma, address, flags); |
16039 |
|
16040 |
@@ -71530,7 +71991,7 @@ index 10b4dda..b1f60ad 100644 |
16041 |
pgd = pgd_offset(mm, address); |
16042 |
pud = pud_alloc(mm, pgd, address); |
16043 |
if (!pud) |
16044 |
-@@ -3514,7 +3752,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16045 |
+@@ -3514,7 +3756,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
16046 |
* run pte_offset_map on the pmd, if an huge pmd could |
16047 |
* materialize from under us from a different thread. |
16048 |
*/ |
16049 |
@@ -71539,7 +72000,7 @@ index 10b4dda..b1f60ad 100644 |
16050 |
return VM_FAULT_OOM; |
16051 |
/* if an huge pmd materialized from under us just retry later */ |
16052 |
if (unlikely(pmd_trans_huge(*pmd))) |
16053 |
-@@ -3551,6 +3789,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
16054 |
+@@ -3551,6 +3793,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
16055 |
spin_unlock(&mm->page_table_lock); |
16056 |
return 0; |
16057 |
} |
16058 |
@@ -71563,7 +72024,7 @@ index 10b4dda..b1f60ad 100644 |
16059 |
#endif /* __PAGETABLE_PUD_FOLDED */ |
16060 |
|
16061 |
#ifndef __PAGETABLE_PMD_FOLDED |
16062 |
-@@ -3581,6 +3836,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
16063 |
+@@ -3581,6 +3840,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
16064 |
spin_unlock(&mm->page_table_lock); |
16065 |
return 0; |
16066 |
} |
16067 |
@@ -71594,7 +72055,7 @@ index 10b4dda..b1f60ad 100644 |
16068 |
#endif /* __PAGETABLE_PMD_FOLDED */ |
16069 |
|
16070 |
int make_pages_present(unsigned long addr, unsigned long end) |
16071 |
-@@ -3618,7 +3897,7 @@ static int __init gate_vma_init(void) |
16072 |
+@@ -3618,7 +3901,7 @@ static int __init gate_vma_init(void) |
16073 |
gate_vma.vm_start = FIXADDR_USER_START; |
16074 |
gate_vma.vm_end = FIXADDR_USER_END; |
16075 |
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; |
16076 |
@@ -75428,7 +75889,7 @@ index 68bbf9f..5ef0d12 100644 |
16077 |
|
16078 |
return err; |
16079 |
diff --git a/net/core/dev.c b/net/core/dev.c |
16080 |
-index 7f72c9c..e29943b 100644 |
16081 |
+index 0336374..659088a 100644 |
16082 |
--- a/net/core/dev.c |
16083 |
+++ b/net/core/dev.c |
16084 |
@@ -1138,10 +1138,14 @@ void dev_load(struct net *net, const char *name) |
16085 |
@@ -75446,7 +75907,7 @@ index 7f72c9c..e29943b 100644 |
16086 |
} |
16087 |
} |
16088 |
EXPORT_SYMBOL(dev_load); |
16089 |
-@@ -1585,7 +1589,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
16090 |
+@@ -1605,7 +1609,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
16091 |
{ |
16092 |
if (skb_shinfo(skb)->tx_flags & SKBTX_DEV_ZEROCOPY) { |
16093 |
if (skb_copy_ubufs(skb, GFP_ATOMIC)) { |
16094 |
@@ -75455,7 +75916,7 @@ index 7f72c9c..e29943b 100644 |
16095 |
kfree_skb(skb); |
16096 |
return NET_RX_DROP; |
16097 |
} |
16098 |
-@@ -1595,7 +1599,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
16099 |
+@@ -1615,7 +1619,7 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
16100 |
nf_reset(skb); |
16101 |
|
16102 |
if (unlikely(!is_skb_forwardable(dev, skb))) { |
16103 |
@@ -75464,7 +75925,7 @@ index 7f72c9c..e29943b 100644 |
16104 |
kfree_skb(skb); |
16105 |
return NET_RX_DROP; |
16106 |
} |
16107 |
-@@ -2057,7 +2061,7 @@ static int illegal_highdma(struct net_device *dev, struct sk_buff *skb) |
16108 |
+@@ -2077,7 +2081,7 @@ static int illegal_highdma(struct net_device *dev, struct sk_buff *skb) |
16109 |
|
16110 |
struct dev_gso_cb { |
16111 |
void (*destructor)(struct sk_buff *skb); |
16112 |
@@ -75473,7 +75934,7 @@ index 7f72c9c..e29943b 100644 |
16113 |
|
16114 |
#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) |
16115 |
|
16116 |
-@@ -2913,7 +2917,7 @@ enqueue: |
16117 |
+@@ -2933,7 +2937,7 @@ enqueue: |
16118 |
|
16119 |
local_irq_restore(flags); |
16120 |
|
16121 |
@@ -75482,7 +75943,7 @@ index 7f72c9c..e29943b 100644 |
16122 |
kfree_skb(skb); |
16123 |
return NET_RX_DROP; |
16124 |
} |
16125 |
-@@ -2985,7 +2989,7 @@ int netif_rx_ni(struct sk_buff *skb) |
16126 |
+@@ -3005,7 +3009,7 @@ int netif_rx_ni(struct sk_buff *skb) |
16127 |
} |
16128 |
EXPORT_SYMBOL(netif_rx_ni); |
16129 |
|
16130 |
@@ -75491,7 +75952,7 @@ index 7f72c9c..e29943b 100644 |
16131 |
{ |
16132 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
16133 |
|
16134 |
-@@ -3273,7 +3277,7 @@ ncls: |
16135 |
+@@ -3293,7 +3297,7 @@ ncls: |
16136 |
if (pt_prev) { |
16137 |
ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
16138 |
} else { |
16139 |
@@ -75500,7 +75961,7 @@ index 7f72c9c..e29943b 100644 |
16140 |
kfree_skb(skb); |
16141 |
/* Jamal, now you will not able to escape explaining |
16142 |
* me how you were going to use this. :-) |
16143 |
-@@ -3833,7 +3837,7 @@ void netif_napi_del(struct napi_struct *napi) |
16144 |
+@@ -3853,7 +3857,7 @@ void netif_napi_del(struct napi_struct *napi) |
16145 |
} |
16146 |
EXPORT_SYMBOL(netif_napi_del); |
16147 |
|
16148 |
@@ -75509,7 +75970,7 @@ index 7f72c9c..e29943b 100644 |
16149 |
{ |
16150 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
16151 |
unsigned long time_limit = jiffies + 2; |
16152 |
-@@ -5858,7 +5862,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
16153 |
+@@ -5878,7 +5882,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
16154 |
} else { |
16155 |
netdev_stats_to_stats64(storage, &dev->stats); |
16156 |
} |
16157 |
@@ -86454,7 +86915,7 @@ index af0f22f..9a7d479 100644 |
16158 |
break; |
16159 |
} |
16160 |
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
16161 |
-index c4ac57e..527711d 100644 |
16162 |
+index 7858228..2919715 100644 |
16163 |
--- a/virt/kvm/kvm_main.c |
16164 |
+++ b/virt/kvm/kvm_main.c |
16165 |
@@ -75,7 +75,7 @@ LIST_HEAD(vm_list); |
16166 |
@@ -86466,7 +86927,7 @@ index c4ac57e..527711d 100644 |
16167 |
|
16168 |
struct kmem_cache *kvm_vcpu_cache; |
16169 |
EXPORT_SYMBOL_GPL(kvm_vcpu_cache); |
16170 |
-@@ -2313,7 +2313,7 @@ static void hardware_enable_nolock(void *junk) |
16171 |
+@@ -2318,7 +2318,7 @@ static void hardware_enable_nolock(void *junk) |
16172 |
|
16173 |
if (r) { |
16174 |
cpumask_clear_cpu(cpu, cpus_hardware_enabled); |
16175 |
@@ -86475,7 +86936,7 @@ index c4ac57e..527711d 100644 |
16176 |
printk(KERN_INFO "kvm: enabling virtualization on " |
16177 |
"CPU%d failed\n", cpu); |
16178 |
} |
16179 |
-@@ -2367,10 +2367,10 @@ static int hardware_enable_all(void) |
16180 |
+@@ -2372,10 +2372,10 @@ static int hardware_enable_all(void) |
16181 |
|
16182 |
kvm_usage_count++; |
16183 |
if (kvm_usage_count == 1) { |
16184 |
@@ -86488,7 +86949,7 @@ index c4ac57e..527711d 100644 |
16185 |
hardware_disable_all_nolock(); |
16186 |
r = -EBUSY; |
16187 |
} |
16188 |
-@@ -2733,7 +2733,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
16189 |
+@@ -2738,7 +2738,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
16190 |
kvm_arch_vcpu_put(vcpu); |
16191 |
} |
16192 |
|
16193 |
@@ -86497,7 +86958,7 @@ index c4ac57e..527711d 100644 |
16194 |
struct module *module) |
16195 |
{ |
16196 |
int r; |
16197 |
-@@ -2796,7 +2796,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
16198 |
+@@ -2801,7 +2801,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
16199 |
if (!vcpu_align) |
16200 |
vcpu_align = __alignof__(struct kvm_vcpu); |
16201 |
kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, |
16202 |
@@ -86506,7 +86967,7 @@ index c4ac57e..527711d 100644 |
16203 |
if (!kvm_vcpu_cache) { |
16204 |
r = -ENOMEM; |
16205 |
goto out_free_3; |
16206 |
-@@ -2806,9 +2806,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
16207 |
+@@ -2811,9 +2811,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
16208 |
if (r) |
16209 |
goto out_free; |
16210 |
|
16211 |
|
16212 |
diff --git a/3.3.5/4430_grsec-remove-localversion-grsec.patch b/3.3.6/4430_grsec-remove-localversion-grsec.patch |
16213 |
similarity index 100% |
16214 |
rename from 3.3.5/4430_grsec-remove-localversion-grsec.patch |
16215 |
rename to 3.3.6/4430_grsec-remove-localversion-grsec.patch |
16216 |
|
16217 |
diff --git a/3.3.5/4435_grsec-mute-warnings.patch b/3.3.6/4435_grsec-mute-warnings.patch |
16218 |
similarity index 100% |
16219 |
rename from 3.3.5/4435_grsec-mute-warnings.patch |
16220 |
rename to 3.3.6/4435_grsec-mute-warnings.patch |
16221 |
|
16222 |
diff --git a/3.3.5/4440_grsec-remove-protected-paths.patch b/3.3.6/4440_grsec-remove-protected-paths.patch |
16223 |
similarity index 100% |
16224 |
rename from 3.3.5/4440_grsec-remove-protected-paths.patch |
16225 |
rename to 3.3.6/4440_grsec-remove-protected-paths.patch |
16226 |
|
16227 |
diff --git a/3.3.5/4445_grsec-pax-without-grsec.patch b/3.3.6/4445_grsec-pax-without-grsec.patch |
16228 |
similarity index 100% |
16229 |
rename from 3.3.5/4445_grsec-pax-without-grsec.patch |
16230 |
rename to 3.3.6/4445_grsec-pax-without-grsec.patch |
16231 |
|
16232 |
diff --git a/3.3.5/4450_grsec-kconfig-default-gids.patch b/3.3.6/4450_grsec-kconfig-default-gids.patch |
16233 |
similarity index 100% |
16234 |
rename from 3.3.5/4450_grsec-kconfig-default-gids.patch |
16235 |
rename to 3.3.6/4450_grsec-kconfig-default-gids.patch |
16236 |
|
16237 |
diff --git a/3.3.5/4455_grsec-kconfig-gentoo.patch b/3.3.6/4455_grsec-kconfig-gentoo.patch |
16238 |
similarity index 100% |
16239 |
rename from 3.3.5/4455_grsec-kconfig-gentoo.patch |
16240 |
rename to 3.3.6/4455_grsec-kconfig-gentoo.patch |
16241 |
|
16242 |
diff --git a/3.3.5/4460-grsec-kconfig-proc-user.patch b/3.3.6/4460-grsec-kconfig-proc-user.patch |
16243 |
similarity index 100% |
16244 |
rename from 3.3.5/4460-grsec-kconfig-proc-user.patch |
16245 |
rename to 3.3.6/4460-grsec-kconfig-proc-user.patch |
16246 |
|
16247 |
diff --git a/3.3.5/4465_selinux-avc_audit-log-curr_ip.patch b/3.3.6/4465_selinux-avc_audit-log-curr_ip.patch |
16248 |
similarity index 100% |
16249 |
rename from 3.3.5/4465_selinux-avc_audit-log-curr_ip.patch |
16250 |
rename to 3.3.6/4465_selinux-avc_audit-log-curr_ip.patch |
16251 |
|
16252 |
diff --git a/3.3.5/4470_disable-compat_vdso.patch b/3.3.6/4470_disable-compat_vdso.patch |
16253 |
similarity index 100% |
16254 |
rename from 3.3.5/4470_disable-compat_vdso.patch |
16255 |
rename to 3.3.6/4470_disable-compat_vdso.patch |