1 |
commit: dedbb02500624b2c5ddd456afd9fd9b6441a10eb |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Apr 30 18:00:49 2015 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Apr 30 18:00:49 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=dedbb025 |
7 |
|
8 |
Grsec/PaX: 3.1-{3.14.40,3.19.6}-201504290821 |
9 |
|
10 |
{3.14.39 => 3.14.40}/0000_README | 6 +- |
11 |
3.14.40/1039_linux-3.14.40.patch | 2462 ++++++++++++++++++++ |
12 |
.../4420_grsecurity-3.1-3.14.40-201504290821.patch | 336 ++- |
13 |
{3.19.5 => 3.14.40}/4425_grsec_remove_EI_PAX.patch | 0 |
14 |
.../4427_force_XATTR_PAX_tmpfs.patch | 0 |
15 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
16 |
.../4435_grsec-mute-warnings.patch | 0 |
17 |
.../4440_grsec-remove-protected-paths.patch | 0 |
18 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
19 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
20 |
.../4470_disable-compat_vdso.patch | 0 |
21 |
{3.19.5 => 3.14.40}/4475_emutramp_default_on.patch | 0 |
22 |
{3.19.5 => 3.19.6}/0000_README | 6 +- |
23 |
3.19.6/1005_linux-3.19.6.patch | 1674 +++++++++++++ |
24 |
.../4420_grsecurity-3.1-3.19.6-201504290821.patch | 303 +-- |
25 |
{3.14.39 => 3.19.6}/4425_grsec_remove_EI_PAX.patch | 0 |
26 |
.../4427_force_XATTR_PAX_tmpfs.patch | 0 |
27 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
28 |
{3.19.5 => 3.19.6}/4435_grsec-mute-warnings.patch | 0 |
29 |
.../4440_grsec-remove-protected-paths.patch | 0 |
30 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
31 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
32 |
{3.19.5 => 3.19.6}/4470_disable-compat_vdso.patch | 0 |
33 |
{3.14.39 => 3.19.6}/4475_emutramp_default_on.patch | 0 |
34 |
24 files changed, 4363 insertions(+), 424 deletions(-) |
35 |
|
36 |
diff --git a/3.14.39/0000_README b/3.14.40/0000_README |
37 |
similarity index 92% |
38 |
rename from 3.14.39/0000_README |
39 |
rename to 3.14.40/0000_README |
40 |
index 7ed8450..79dc6c4 100644 |
41 |
--- a/3.14.39/0000_README |
42 |
+++ b/3.14.40/0000_README |
43 |
@@ -2,7 +2,11 @@ README |
44 |
----------------------------------------------------------------------------- |
45 |
Individual Patch Descriptions: |
46 |
----------------------------------------------------------------------------- |
47 |
-Patch: 4420_grsecurity-3.1-3.14.39-201504270826.patch |
48 |
+Patch: 1039_linux-3.14.40.patch |
49 |
+From: http://www.kernel.org |
50 |
+Desc: Linux 3.14.40 |
51 |
+ |
52 |
+Patch: 4420_grsecurity-3.1-3.14.40-201504290821.patch |
53 |
From: http://www.grsecurity.net |
54 |
Desc: hardened-sources base patch from upstream grsecurity |
55 |
|
56 |
|
57 |
diff --git a/3.14.40/1039_linux-3.14.40.patch b/3.14.40/1039_linux-3.14.40.patch |
58 |
new file mode 100644 |
59 |
index 0000000..6afa4bd |
60 |
--- /dev/null |
61 |
+++ b/3.14.40/1039_linux-3.14.40.patch |
62 |
@@ -0,0 +1,2462 @@ |
63 |
+diff --git a/Makefile b/Makefile |
64 |
+index b40845e..070e0eb 100644 |
65 |
+--- a/Makefile |
66 |
++++ b/Makefile |
67 |
+@@ -1,6 +1,6 @@ |
68 |
+ VERSION = 3 |
69 |
+ PATCHLEVEL = 14 |
70 |
+-SUBLEVEL = 39 |
71 |
++SUBLEVEL = 40 |
72 |
+ EXTRAVERSION = |
73 |
+ NAME = Remembering Coco |
74 |
+ |
75 |
+diff --git a/arch/alpha/mm/fault.c b/arch/alpha/mm/fault.c |
76 |
+index 98838a0..9d0ac09 100644 |
77 |
+--- a/arch/alpha/mm/fault.c |
78 |
++++ b/arch/alpha/mm/fault.c |
79 |
+@@ -156,6 +156,8 @@ retry: |
80 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
81 |
+ if (fault & VM_FAULT_OOM) |
82 |
+ goto out_of_memory; |
83 |
++ else if (fault & VM_FAULT_SIGSEGV) |
84 |
++ goto bad_area; |
85 |
+ else if (fault & VM_FAULT_SIGBUS) |
86 |
+ goto do_sigbus; |
87 |
+ BUG(); |
88 |
+diff --git a/arch/arc/mm/fault.c b/arch/arc/mm/fault.c |
89 |
+index 9c69552..01e18b5 100644 |
90 |
+--- a/arch/arc/mm/fault.c |
91 |
++++ b/arch/arc/mm/fault.c |
92 |
+@@ -162,6 +162,8 @@ good_area: |
93 |
+ /* TBD: switch to pagefault_out_of_memory() */ |
94 |
+ if (fault & VM_FAULT_OOM) |
95 |
+ goto out_of_memory; |
96 |
++ else if (fault & VM_FAULT_SIGSEGV) |
97 |
++ goto bad_area; |
98 |
+ else if (fault & VM_FAULT_SIGBUS) |
99 |
+ goto do_sigbus; |
100 |
+ |
101 |
+diff --git a/arch/arm/include/asm/pgtable-3level-hwdef.h b/arch/arm/include/asm/pgtable-3level-hwdef.h |
102 |
+index 626989f..9fd61c7 100644 |
103 |
+--- a/arch/arm/include/asm/pgtable-3level-hwdef.h |
104 |
++++ b/arch/arm/include/asm/pgtable-3level-hwdef.h |
105 |
+@@ -43,7 +43,7 @@ |
106 |
+ #define PMD_SECT_BUFFERABLE (_AT(pmdval_t, 1) << 2) |
107 |
+ #define PMD_SECT_CACHEABLE (_AT(pmdval_t, 1) << 3) |
108 |
+ #define PMD_SECT_USER (_AT(pmdval_t, 1) << 6) /* AP[1] */ |
109 |
+-#define PMD_SECT_RDONLY (_AT(pmdval_t, 1) << 7) /* AP[2] */ |
110 |
++#define PMD_SECT_AP2 (_AT(pmdval_t, 1) << 7) /* read only */ |
111 |
+ #define PMD_SECT_S (_AT(pmdval_t, 3) << 8) |
112 |
+ #define PMD_SECT_AF (_AT(pmdval_t, 1) << 10) |
113 |
+ #define PMD_SECT_nG (_AT(pmdval_t, 1) << 11) |
114 |
+@@ -72,6 +72,7 @@ |
115 |
+ #define PTE_TABLE_BIT (_AT(pteval_t, 1) << 1) |
116 |
+ #define PTE_BUFFERABLE (_AT(pteval_t, 1) << 2) /* AttrIndx[0] */ |
117 |
+ #define PTE_CACHEABLE (_AT(pteval_t, 1) << 3) /* AttrIndx[1] */ |
118 |
++#define PTE_AP2 (_AT(pteval_t, 1) << 7) /* AP[2] */ |
119 |
+ #define PTE_EXT_SHARED (_AT(pteval_t, 3) << 8) /* SH[1:0], inner shareable */ |
120 |
+ #define PTE_EXT_AF (_AT(pteval_t, 1) << 10) /* Access Flag */ |
121 |
+ #define PTE_EXT_NG (_AT(pteval_t, 1) << 11) /* nG */ |
122 |
+diff --git a/arch/arm/include/asm/pgtable-3level.h b/arch/arm/include/asm/pgtable-3level.h |
123 |
+index 85c60ad..06e0bc0 100644 |
124 |
+--- a/arch/arm/include/asm/pgtable-3level.h |
125 |
++++ b/arch/arm/include/asm/pgtable-3level.h |
126 |
+@@ -79,18 +79,19 @@ |
127 |
+ #define L_PTE_PRESENT (_AT(pteval_t, 3) << 0) /* Present */ |
128 |
+ #define L_PTE_FILE (_AT(pteval_t, 1) << 2) /* only when !PRESENT */ |
129 |
+ #define L_PTE_USER (_AT(pteval_t, 1) << 6) /* AP[1] */ |
130 |
+-#define L_PTE_RDONLY (_AT(pteval_t, 1) << 7) /* AP[2] */ |
131 |
+ #define L_PTE_SHARED (_AT(pteval_t, 3) << 8) /* SH[1:0], inner shareable */ |
132 |
+ #define L_PTE_YOUNG (_AT(pteval_t, 1) << 10) /* AF */ |
133 |
+ #define L_PTE_XN (_AT(pteval_t, 1) << 54) /* XN */ |
134 |
+-#define L_PTE_DIRTY (_AT(pteval_t, 1) << 55) /* unused */ |
135 |
+-#define L_PTE_SPECIAL (_AT(pteval_t, 1) << 56) /* unused */ |
136 |
++#define L_PTE_DIRTY (_AT(pteval_t, 1) << 55) |
137 |
++#define L_PTE_SPECIAL (_AT(pteval_t, 1) << 56) |
138 |
+ #define L_PTE_NONE (_AT(pteval_t, 1) << 57) /* PROT_NONE */ |
139 |
++#define L_PTE_RDONLY (_AT(pteval_t, 1) << 58) /* READ ONLY */ |
140 |
+ |
141 |
+-#define PMD_SECT_VALID (_AT(pmdval_t, 1) << 0) |
142 |
+-#define PMD_SECT_DIRTY (_AT(pmdval_t, 1) << 55) |
143 |
+-#define PMD_SECT_SPLITTING (_AT(pmdval_t, 1) << 56) |
144 |
+-#define PMD_SECT_NONE (_AT(pmdval_t, 1) << 57) |
145 |
++#define L_PMD_SECT_VALID (_AT(pmdval_t, 1) << 0) |
146 |
++#define L_PMD_SECT_DIRTY (_AT(pmdval_t, 1) << 55) |
147 |
++#define L_PMD_SECT_SPLITTING (_AT(pmdval_t, 1) << 56) |
148 |
++#define L_PMD_SECT_NONE (_AT(pmdval_t, 1) << 57) |
149 |
++#define L_PMD_SECT_RDONLY (_AT(pteval_t, 1) << 58) |
150 |
+ |
151 |
+ /* |
152 |
+ * To be used in assembly code with the upper page attributes. |
153 |
+@@ -207,27 +208,32 @@ static inline pmd_t *pmd_offset(pud_t *pud, unsigned long addr) |
154 |
+ #define pte_huge(pte) (pte_val(pte) && !(pte_val(pte) & PTE_TABLE_BIT)) |
155 |
+ #define pte_mkhuge(pte) (__pte(pte_val(pte) & ~PTE_TABLE_BIT)) |
156 |
+ |
157 |
+-#define pmd_young(pmd) (pmd_val(pmd) & PMD_SECT_AF) |
158 |
++#define pmd_isset(pmd, val) ((u32)(val) == (val) ? pmd_val(pmd) & (val) \ |
159 |
++ : !!(pmd_val(pmd) & (val))) |
160 |
++#define pmd_isclear(pmd, val) (!(pmd_val(pmd) & (val))) |
161 |
++ |
162 |
++#define pmd_young(pmd) (pmd_isset((pmd), PMD_SECT_AF)) |
163 |
+ |
164 |
+ #define __HAVE_ARCH_PMD_WRITE |
165 |
+-#define pmd_write(pmd) (!(pmd_val(pmd) & PMD_SECT_RDONLY)) |
166 |
++#define pmd_write(pmd) (pmd_isclear((pmd), L_PMD_SECT_RDONLY)) |
167 |
++#define pmd_dirty(pmd) (pmd_isset((pmd), L_PMD_SECT_DIRTY)) |
168 |
+ |
169 |
+ #define pmd_hugewillfault(pmd) (!pmd_young(pmd) || !pmd_write(pmd)) |
170 |
+ #define pmd_thp_or_huge(pmd) (pmd_huge(pmd) || pmd_trans_huge(pmd)) |
171 |
+ |
172 |
+ #ifdef CONFIG_TRANSPARENT_HUGEPAGE |
173 |
+-#define pmd_trans_huge(pmd) (pmd_val(pmd) && !(pmd_val(pmd) & PMD_TABLE_BIT)) |
174 |
+-#define pmd_trans_splitting(pmd) (pmd_val(pmd) & PMD_SECT_SPLITTING) |
175 |
++#define pmd_trans_huge(pmd) (pmd_val(pmd) && !pmd_table(pmd)) |
176 |
++#define pmd_trans_splitting(pmd) (pmd_isset((pmd), L_PMD_SECT_SPLITTING)) |
177 |
+ #endif |
178 |
+ |
179 |
+ #define PMD_BIT_FUNC(fn,op) \ |
180 |
+ static inline pmd_t pmd_##fn(pmd_t pmd) { pmd_val(pmd) op; return pmd; } |
181 |
+ |
182 |
+-PMD_BIT_FUNC(wrprotect, |= PMD_SECT_RDONLY); |
183 |
++PMD_BIT_FUNC(wrprotect, |= L_PMD_SECT_RDONLY); |
184 |
+ PMD_BIT_FUNC(mkold, &= ~PMD_SECT_AF); |
185 |
+-PMD_BIT_FUNC(mksplitting, |= PMD_SECT_SPLITTING); |
186 |
+-PMD_BIT_FUNC(mkwrite, &= ~PMD_SECT_RDONLY); |
187 |
+-PMD_BIT_FUNC(mkdirty, |= PMD_SECT_DIRTY); |
188 |
++PMD_BIT_FUNC(mksplitting, |= L_PMD_SECT_SPLITTING); |
189 |
++PMD_BIT_FUNC(mkwrite, &= ~L_PMD_SECT_RDONLY); |
190 |
++PMD_BIT_FUNC(mkdirty, |= L_PMD_SECT_DIRTY); |
191 |
+ PMD_BIT_FUNC(mkyoung, |= PMD_SECT_AF); |
192 |
+ |
193 |
+ #define pmd_mkhuge(pmd) (__pmd(pmd_val(pmd) & ~PMD_TABLE_BIT)) |
194 |
+@@ -241,8 +247,8 @@ PMD_BIT_FUNC(mkyoung, |= PMD_SECT_AF); |
195 |
+ |
196 |
+ static inline pmd_t pmd_modify(pmd_t pmd, pgprot_t newprot) |
197 |
+ { |
198 |
+- const pmdval_t mask = PMD_SECT_USER | PMD_SECT_XN | PMD_SECT_RDONLY | |
199 |
+- PMD_SECT_VALID | PMD_SECT_NONE; |
200 |
++ const pmdval_t mask = PMD_SECT_USER | PMD_SECT_XN | L_PMD_SECT_RDONLY | |
201 |
++ L_PMD_SECT_VALID | L_PMD_SECT_NONE; |
202 |
+ pmd_val(pmd) = (pmd_val(pmd) & ~mask) | (pgprot_val(newprot) & mask); |
203 |
+ return pmd; |
204 |
+ } |
205 |
+@@ -253,8 +259,13 @@ static inline void set_pmd_at(struct mm_struct *mm, unsigned long addr, |
206 |
+ BUG_ON(addr >= TASK_SIZE); |
207 |
+ |
208 |
+ /* create a faulting entry if PROT_NONE protected */ |
209 |
+- if (pmd_val(pmd) & PMD_SECT_NONE) |
210 |
+- pmd_val(pmd) &= ~PMD_SECT_VALID; |
211 |
++ if (pmd_val(pmd) & L_PMD_SECT_NONE) |
212 |
++ pmd_val(pmd) &= ~L_PMD_SECT_VALID; |
213 |
++ |
214 |
++ if (pmd_write(pmd) && pmd_dirty(pmd)) |
215 |
++ pmd_val(pmd) &= ~PMD_SECT_AP2; |
216 |
++ else |
217 |
++ pmd_val(pmd) |= PMD_SECT_AP2; |
218 |
+ |
219 |
+ *pmdp = __pmd(pmd_val(pmd) | PMD_SECT_nG); |
220 |
+ flush_pmd_entry(pmdp); |
221 |
+diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h |
222 |
+index 7d59b52..89dba13 100644 |
223 |
+--- a/arch/arm/include/asm/pgtable.h |
224 |
++++ b/arch/arm/include/asm/pgtable.h |
225 |
+@@ -214,12 +214,16 @@ static inline pte_t *pmd_page_vaddr(pmd_t pmd) |
226 |
+ |
227 |
+ #define pte_clear(mm,addr,ptep) set_pte_ext(ptep, __pte(0), 0) |
228 |
+ |
229 |
++#define pte_isset(pte, val) ((u32)(val) == (val) ? pte_val(pte) & (val) \ |
230 |
++ : !!(pte_val(pte) & (val))) |
231 |
++#define pte_isclear(pte, val) (!(pte_val(pte) & (val))) |
232 |
++ |
233 |
+ #define pte_none(pte) (!pte_val(pte)) |
234 |
+-#define pte_present(pte) (pte_val(pte) & L_PTE_PRESENT) |
235 |
+-#define pte_write(pte) (!(pte_val(pte) & L_PTE_RDONLY)) |
236 |
+-#define pte_dirty(pte) (pte_val(pte) & L_PTE_DIRTY) |
237 |
+-#define pte_young(pte) (pte_val(pte) & L_PTE_YOUNG) |
238 |
+-#define pte_exec(pte) (!(pte_val(pte) & L_PTE_XN)) |
239 |
++#define pte_present(pte) (pte_isset((pte), L_PTE_PRESENT)) |
240 |
++#define pte_write(pte) (pte_isclear((pte), L_PTE_RDONLY)) |
241 |
++#define pte_dirty(pte) (pte_isset((pte), L_PTE_DIRTY)) |
242 |
++#define pte_young(pte) (pte_isset((pte), L_PTE_YOUNG)) |
243 |
++#define pte_exec(pte) (pte_isclear((pte), L_PTE_XN)) |
244 |
+ #define pte_special(pte) (0) |
245 |
+ |
246 |
+ #define pte_present_user(pte) (pte_present(pte) && (pte_val(pte) & L_PTE_USER)) |
247 |
+diff --git a/arch/arm/mm/proc-v7-3level.S b/arch/arm/mm/proc-v7-3level.S |
248 |
+index 22e3ad6..eb81123 100644 |
249 |
+--- a/arch/arm/mm/proc-v7-3level.S |
250 |
++++ b/arch/arm/mm/proc-v7-3level.S |
251 |
+@@ -86,8 +86,13 @@ ENTRY(cpu_v7_set_pte_ext) |
252 |
+ tst rh, #1 << (57 - 32) @ L_PTE_NONE |
253 |
+ bicne rl, #L_PTE_VALID |
254 |
+ bne 1f |
255 |
+- tst rh, #1 << (55 - 32) @ L_PTE_DIRTY |
256 |
+- orreq rl, #L_PTE_RDONLY |
257 |
++ |
258 |
++ eor ip, rh, #1 << (55 - 32) @ toggle L_PTE_DIRTY in temp reg to |
259 |
++ @ test for !L_PTE_DIRTY || L_PTE_RDONLY |
260 |
++ tst ip, #1 << (55 - 32) | 1 << (58 - 32) |
261 |
++ orrne rl, #PTE_AP2 |
262 |
++ biceq rl, #PTE_AP2 |
263 |
++ |
264 |
+ 1: strd r2, r3, [r0] |
265 |
+ ALT_SMP(W(nop)) |
266 |
+ ALT_UP (mcr p15, 0, r0, c7, c10, 1) @ flush_pte |
267 |
+diff --git a/arch/avr32/mm/fault.c b/arch/avr32/mm/fault.c |
268 |
+index 0eca933..d223a8b 100644 |
269 |
+--- a/arch/avr32/mm/fault.c |
270 |
++++ b/arch/avr32/mm/fault.c |
271 |
+@@ -142,6 +142,8 @@ good_area: |
272 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
273 |
+ if (fault & VM_FAULT_OOM) |
274 |
+ goto out_of_memory; |
275 |
++ else if (fault & VM_FAULT_SIGSEGV) |
276 |
++ goto bad_area; |
277 |
+ else if (fault & VM_FAULT_SIGBUS) |
278 |
+ goto do_sigbus; |
279 |
+ BUG(); |
280 |
+diff --git a/arch/cris/mm/fault.c b/arch/cris/mm/fault.c |
281 |
+index 1790f22..2686a7a 100644 |
282 |
+--- a/arch/cris/mm/fault.c |
283 |
++++ b/arch/cris/mm/fault.c |
284 |
+@@ -176,6 +176,8 @@ retry: |
285 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
286 |
+ if (fault & VM_FAULT_OOM) |
287 |
+ goto out_of_memory; |
288 |
++ else if (fault & VM_FAULT_SIGSEGV) |
289 |
++ goto bad_area; |
290 |
+ else if (fault & VM_FAULT_SIGBUS) |
291 |
+ goto do_sigbus; |
292 |
+ BUG(); |
293 |
+diff --git a/arch/frv/mm/fault.c b/arch/frv/mm/fault.c |
294 |
+index 9a66372..ec4917d 100644 |
295 |
+--- a/arch/frv/mm/fault.c |
296 |
++++ b/arch/frv/mm/fault.c |
297 |
+@@ -168,6 +168,8 @@ asmlinkage void do_page_fault(int datammu, unsigned long esr0, unsigned long ear |
298 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
299 |
+ if (fault & VM_FAULT_OOM) |
300 |
+ goto out_of_memory; |
301 |
++ else if (fault & VM_FAULT_SIGSEGV) |
302 |
++ goto bad_area; |
303 |
+ else if (fault & VM_FAULT_SIGBUS) |
304 |
+ goto do_sigbus; |
305 |
+ BUG(); |
306 |
+diff --git a/arch/ia64/mm/fault.c b/arch/ia64/mm/fault.c |
307 |
+index 7225dad..ba5ba7a 100644 |
308 |
+--- a/arch/ia64/mm/fault.c |
309 |
++++ b/arch/ia64/mm/fault.c |
310 |
+@@ -172,6 +172,8 @@ retry: |
311 |
+ */ |
312 |
+ if (fault & VM_FAULT_OOM) { |
313 |
+ goto out_of_memory; |
314 |
++ } else if (fault & VM_FAULT_SIGSEGV) { |
315 |
++ goto bad_area; |
316 |
+ } else if (fault & VM_FAULT_SIGBUS) { |
317 |
+ signal = SIGBUS; |
318 |
+ goto bad_area; |
319 |
+diff --git a/arch/m32r/mm/fault.c b/arch/m32r/mm/fault.c |
320 |
+index e9c6a80..e3d4d48901 100644 |
321 |
+--- a/arch/m32r/mm/fault.c |
322 |
++++ b/arch/m32r/mm/fault.c |
323 |
+@@ -200,6 +200,8 @@ good_area: |
324 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
325 |
+ if (fault & VM_FAULT_OOM) |
326 |
+ goto out_of_memory; |
327 |
++ else if (fault & VM_FAULT_SIGSEGV) |
328 |
++ goto bad_area; |
329 |
+ else if (fault & VM_FAULT_SIGBUS) |
330 |
+ goto do_sigbus; |
331 |
+ BUG(); |
332 |
+diff --git a/arch/m68k/mm/fault.c b/arch/m68k/mm/fault.c |
333 |
+index 2bd7487..b2f04ae 100644 |
334 |
+--- a/arch/m68k/mm/fault.c |
335 |
++++ b/arch/m68k/mm/fault.c |
336 |
+@@ -145,6 +145,8 @@ good_area: |
337 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
338 |
+ if (fault & VM_FAULT_OOM) |
339 |
+ goto out_of_memory; |
340 |
++ else if (fault & VM_FAULT_SIGSEGV) |
341 |
++ goto map_err; |
342 |
+ else if (fault & VM_FAULT_SIGBUS) |
343 |
+ goto bus_err; |
344 |
+ BUG(); |
345 |
+diff --git a/arch/metag/mm/fault.c b/arch/metag/mm/fault.c |
346 |
+index 332680e..2de5dc6 100644 |
347 |
+--- a/arch/metag/mm/fault.c |
348 |
++++ b/arch/metag/mm/fault.c |
349 |
+@@ -141,6 +141,8 @@ good_area: |
350 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
351 |
+ if (fault & VM_FAULT_OOM) |
352 |
+ goto out_of_memory; |
353 |
++ else if (fault & VM_FAULT_SIGSEGV) |
354 |
++ goto bad_area; |
355 |
+ else if (fault & VM_FAULT_SIGBUS) |
356 |
+ goto do_sigbus; |
357 |
+ BUG(); |
358 |
+diff --git a/arch/microblaze/mm/fault.c b/arch/microblaze/mm/fault.c |
359 |
+index fa4cf52..d46a5eb 100644 |
360 |
+--- a/arch/microblaze/mm/fault.c |
361 |
++++ b/arch/microblaze/mm/fault.c |
362 |
+@@ -224,6 +224,8 @@ good_area: |
363 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
364 |
+ if (fault & VM_FAULT_OOM) |
365 |
+ goto out_of_memory; |
366 |
++ else if (fault & VM_FAULT_SIGSEGV) |
367 |
++ goto bad_area; |
368 |
+ else if (fault & VM_FAULT_SIGBUS) |
369 |
+ goto do_sigbus; |
370 |
+ BUG(); |
371 |
+diff --git a/arch/mips/mm/fault.c b/arch/mips/mm/fault.c |
372 |
+index becc42b..70ab5d6 100644 |
373 |
+--- a/arch/mips/mm/fault.c |
374 |
++++ b/arch/mips/mm/fault.c |
375 |
+@@ -158,6 +158,8 @@ good_area: |
376 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
377 |
+ if (fault & VM_FAULT_OOM) |
378 |
+ goto out_of_memory; |
379 |
++ else if (fault & VM_FAULT_SIGSEGV) |
380 |
++ goto bad_area; |
381 |
+ else if (fault & VM_FAULT_SIGBUS) |
382 |
+ goto do_sigbus; |
383 |
+ BUG(); |
384 |
+diff --git a/arch/mn10300/mm/fault.c b/arch/mn10300/mm/fault.c |
385 |
+index 3516cbd..0c2cc5d 100644 |
386 |
+--- a/arch/mn10300/mm/fault.c |
387 |
++++ b/arch/mn10300/mm/fault.c |
388 |
+@@ -262,6 +262,8 @@ good_area: |
389 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
390 |
+ if (fault & VM_FAULT_OOM) |
391 |
+ goto out_of_memory; |
392 |
++ else if (fault & VM_FAULT_SIGSEGV) |
393 |
++ goto bad_area; |
394 |
+ else if (fault & VM_FAULT_SIGBUS) |
395 |
+ goto do_sigbus; |
396 |
+ BUG(); |
397 |
+diff --git a/arch/openrisc/mm/fault.c b/arch/openrisc/mm/fault.c |
398 |
+index 0703acf..230ac20 100644 |
399 |
+--- a/arch/openrisc/mm/fault.c |
400 |
++++ b/arch/openrisc/mm/fault.c |
401 |
+@@ -171,6 +171,8 @@ good_area: |
402 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
403 |
+ if (fault & VM_FAULT_OOM) |
404 |
+ goto out_of_memory; |
405 |
++ else if (fault & VM_FAULT_SIGSEGV) |
406 |
++ goto bad_area; |
407 |
+ else if (fault & VM_FAULT_SIGBUS) |
408 |
+ goto do_sigbus; |
409 |
+ BUG(); |
410 |
+diff --git a/arch/parisc/mm/fault.c b/arch/parisc/mm/fault.c |
411 |
+index d72197f..d27e388 100644 |
412 |
+--- a/arch/parisc/mm/fault.c |
413 |
++++ b/arch/parisc/mm/fault.c |
414 |
+@@ -256,6 +256,8 @@ good_area: |
415 |
+ */ |
416 |
+ if (fault & VM_FAULT_OOM) |
417 |
+ goto out_of_memory; |
418 |
++ else if (fault & VM_FAULT_SIGSEGV) |
419 |
++ goto bad_area; |
420 |
+ else if (fault & VM_FAULT_SIGBUS) |
421 |
+ goto bad_area; |
422 |
+ BUG(); |
423 |
+diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c |
424 |
+index 51ab9e7..010fabf 100644 |
425 |
+--- a/arch/powerpc/mm/fault.c |
426 |
++++ b/arch/powerpc/mm/fault.c |
427 |
+@@ -432,6 +432,8 @@ good_area: |
428 |
+ */ |
429 |
+ fault = handle_mm_fault(mm, vma, address, flags); |
430 |
+ if (unlikely(fault & (VM_FAULT_RETRY|VM_FAULT_ERROR))) { |
431 |
++ if (fault & VM_FAULT_SIGSEGV) |
432 |
++ goto bad_area; |
433 |
+ rc = mm_fault_error(regs, address, fault); |
434 |
+ if (rc >= MM_FAULT_RETURN) |
435 |
+ goto bail; |
436 |
+diff --git a/arch/powerpc/platforms/cell/spu_fault.c b/arch/powerpc/platforms/cell/spu_fault.c |
437 |
+index 641e727..62f3e4e 100644 |
438 |
+--- a/arch/powerpc/platforms/cell/spu_fault.c |
439 |
++++ b/arch/powerpc/platforms/cell/spu_fault.c |
440 |
+@@ -75,7 +75,7 @@ int spu_handle_mm_fault(struct mm_struct *mm, unsigned long ea, |
441 |
+ if (*flt & VM_FAULT_OOM) { |
442 |
+ ret = -ENOMEM; |
443 |
+ goto out_unlock; |
444 |
+- } else if (*flt & VM_FAULT_SIGBUS) { |
445 |
++ } else if (*flt & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV)) { |
446 |
+ ret = -EFAULT; |
447 |
+ goto out_unlock; |
448 |
+ } |
449 |
+diff --git a/arch/powerpc/platforms/cell/spufs/inode.c b/arch/powerpc/platforms/cell/spufs/inode.c |
450 |
+index 87ba7cf..65d633f 100644 |
451 |
+--- a/arch/powerpc/platforms/cell/spufs/inode.c |
452 |
++++ b/arch/powerpc/platforms/cell/spufs/inode.c |
453 |
+@@ -164,7 +164,7 @@ static void spufs_prune_dir(struct dentry *dir) |
454 |
+ struct dentry *dentry, *tmp; |
455 |
+ |
456 |
+ mutex_lock(&dir->d_inode->i_mutex); |
457 |
+- list_for_each_entry_safe(dentry, tmp, &dir->d_subdirs, d_u.d_child) { |
458 |
++ list_for_each_entry_safe(dentry, tmp, &dir->d_subdirs, d_child) { |
459 |
+ spin_lock(&dentry->d_lock); |
460 |
+ if (!(d_unhashed(dentry)) && dentry->d_inode) { |
461 |
+ dget_dlock(dentry); |
462 |
+diff --git a/arch/s390/mm/fault.c b/arch/s390/mm/fault.c |
463 |
+index d95265b2..8e95432 100644 |
464 |
+--- a/arch/s390/mm/fault.c |
465 |
++++ b/arch/s390/mm/fault.c |
466 |
+@@ -239,6 +239,12 @@ static noinline void do_fault_error(struct pt_regs *regs, int fault) |
467 |
+ do_no_context(regs); |
468 |
+ else |
469 |
+ pagefault_out_of_memory(); |
470 |
++ } else if (fault & VM_FAULT_SIGSEGV) { |
471 |
++ /* Kernel mode? Handle exceptions or die */ |
472 |
++ if (!user_mode(regs)) |
473 |
++ do_no_context(regs); |
474 |
++ else |
475 |
++ do_sigsegv(regs, SEGV_MAPERR); |
476 |
+ } else if (fault & VM_FAULT_SIGBUS) { |
477 |
+ /* Kernel mode? Handle exceptions or die */ |
478 |
+ if (!user_mode(regs)) |
479 |
+diff --git a/arch/score/mm/fault.c b/arch/score/mm/fault.c |
480 |
+index 52238983..6860beb 100644 |
481 |
+--- a/arch/score/mm/fault.c |
482 |
++++ b/arch/score/mm/fault.c |
483 |
+@@ -114,6 +114,8 @@ good_area: |
484 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
485 |
+ if (fault & VM_FAULT_OOM) |
486 |
+ goto out_of_memory; |
487 |
++ else if (fault & VM_FAULT_SIGSEGV) |
488 |
++ goto bad_area; |
489 |
+ else if (fault & VM_FAULT_SIGBUS) |
490 |
+ goto do_sigbus; |
491 |
+ BUG(); |
492 |
+diff --git a/arch/sh/mm/fault.c b/arch/sh/mm/fault.c |
493 |
+index 541dc61..a58fec9 100644 |
494 |
+--- a/arch/sh/mm/fault.c |
495 |
++++ b/arch/sh/mm/fault.c |
496 |
+@@ -353,6 +353,8 @@ mm_fault_error(struct pt_regs *regs, unsigned long error_code, |
497 |
+ } else { |
498 |
+ if (fault & VM_FAULT_SIGBUS) |
499 |
+ do_sigbus(regs, error_code, address); |
500 |
++ else if (fault & VM_FAULT_SIGSEGV) |
501 |
++ bad_area(regs, error_code, address); |
502 |
+ else |
503 |
+ BUG(); |
504 |
+ } |
505 |
+diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c |
506 |
+index 59dbd46..163c787 100644 |
507 |
+--- a/arch/sparc/mm/fault_32.c |
508 |
++++ b/arch/sparc/mm/fault_32.c |
509 |
+@@ -252,6 +252,8 @@ good_area: |
510 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
511 |
+ if (fault & VM_FAULT_OOM) |
512 |
+ goto out_of_memory; |
513 |
++ else if (fault & VM_FAULT_SIGSEGV) |
514 |
++ goto bad_area; |
515 |
+ else if (fault & VM_FAULT_SIGBUS) |
516 |
+ goto do_sigbus; |
517 |
+ BUG(); |
518 |
+diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c |
519 |
+index 45a413e..0d6de79 100644 |
520 |
+--- a/arch/sparc/mm/fault_64.c |
521 |
++++ b/arch/sparc/mm/fault_64.c |
522 |
+@@ -448,6 +448,8 @@ good_area: |
523 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
524 |
+ if (fault & VM_FAULT_OOM) |
525 |
+ goto out_of_memory; |
526 |
++ else if (fault & VM_FAULT_SIGSEGV) |
527 |
++ goto bad_area; |
528 |
+ else if (fault & VM_FAULT_SIGBUS) |
529 |
+ goto do_sigbus; |
530 |
+ BUG(); |
531 |
+diff --git a/arch/tile/mm/fault.c b/arch/tile/mm/fault.c |
532 |
+index 6c05712..c6d2a76 100644 |
533 |
+--- a/arch/tile/mm/fault.c |
534 |
++++ b/arch/tile/mm/fault.c |
535 |
+@@ -444,6 +444,8 @@ good_area: |
536 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
537 |
+ if (fault & VM_FAULT_OOM) |
538 |
+ goto out_of_memory; |
539 |
++ else if (fault & VM_FAULT_SIGSEGV) |
540 |
++ goto bad_area; |
541 |
+ else if (fault & VM_FAULT_SIGBUS) |
542 |
+ goto do_sigbus; |
543 |
+ BUG(); |
544 |
+diff --git a/arch/um/kernel/trap.c b/arch/um/kernel/trap.c |
545 |
+index 974b874..53b8320 100644 |
546 |
+--- a/arch/um/kernel/trap.c |
547 |
++++ b/arch/um/kernel/trap.c |
548 |
+@@ -80,6 +80,8 @@ good_area: |
549 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
550 |
+ if (fault & VM_FAULT_OOM) { |
551 |
+ goto out_of_memory; |
552 |
++ } else if (fault & VM_FAULT_SIGSEGV) { |
553 |
++ goto out; |
554 |
+ } else if (fault & VM_FAULT_SIGBUS) { |
555 |
+ err = -EACCES; |
556 |
+ goto out; |
557 |
+diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c |
558 |
+index 09651d4..cf1eeea 100644 |
559 |
+--- a/arch/x86/kvm/emulate.c |
560 |
++++ b/arch/x86/kvm/emulate.c |
561 |
+@@ -2258,7 +2258,7 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
562 |
+ * Not recognized on AMD in compat mode (but is recognized in legacy |
563 |
+ * mode). |
564 |
+ */ |
565 |
+- if ((ctxt->mode == X86EMUL_MODE_PROT32) && (efer & EFER_LMA) |
566 |
++ if ((ctxt->mode != X86EMUL_MODE_PROT64) && (efer & EFER_LMA) |
567 |
+ && !vendor_intel(ctxt)) |
568 |
+ return emulate_ud(ctxt); |
569 |
+ |
570 |
+@@ -2271,25 +2271,13 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
571 |
+ setup_syscalls_segments(ctxt, &cs, &ss); |
572 |
+ |
573 |
+ ops->get_msr(ctxt, MSR_IA32_SYSENTER_CS, &msr_data); |
574 |
+- switch (ctxt->mode) { |
575 |
+- case X86EMUL_MODE_PROT32: |
576 |
+- if ((msr_data & 0xfffc) == 0x0) |
577 |
+- return emulate_gp(ctxt, 0); |
578 |
+- break; |
579 |
+- case X86EMUL_MODE_PROT64: |
580 |
+- if (msr_data == 0x0) |
581 |
+- return emulate_gp(ctxt, 0); |
582 |
+- break; |
583 |
+- default: |
584 |
+- break; |
585 |
+- } |
586 |
++ if ((msr_data & 0xfffc) == 0x0) |
587 |
++ return emulate_gp(ctxt, 0); |
588 |
+ |
589 |
+ ctxt->eflags &= ~(EFLG_VM | EFLG_IF | EFLG_RF); |
590 |
+- cs_sel = (u16)msr_data; |
591 |
+- cs_sel &= ~SELECTOR_RPL_MASK; |
592 |
++ cs_sel = (u16)msr_data & ~SELECTOR_RPL_MASK; |
593 |
+ ss_sel = cs_sel + 8; |
594 |
+- ss_sel &= ~SELECTOR_RPL_MASK; |
595 |
+- if (ctxt->mode == X86EMUL_MODE_PROT64 || (efer & EFER_LMA)) { |
596 |
++ if (efer & EFER_LMA) { |
597 |
+ cs.d = 0; |
598 |
+ cs.l = 1; |
599 |
+ } |
600 |
+@@ -2298,10 +2286,11 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
601 |
+ ops->set_segment(ctxt, ss_sel, &ss, 0, VCPU_SREG_SS); |
602 |
+ |
603 |
+ ops->get_msr(ctxt, MSR_IA32_SYSENTER_EIP, &msr_data); |
604 |
+- ctxt->_eip = msr_data; |
605 |
++ ctxt->_eip = (efer & EFER_LMA) ? msr_data : (u32)msr_data; |
606 |
+ |
607 |
+ ops->get_msr(ctxt, MSR_IA32_SYSENTER_ESP, &msr_data); |
608 |
+- *reg_write(ctxt, VCPU_REGS_RSP) = msr_data; |
609 |
++ *reg_write(ctxt, VCPU_REGS_RSP) = (efer & EFER_LMA) ? msr_data : |
610 |
++ (u32)msr_data; |
611 |
+ |
612 |
+ return X86EMUL_CONTINUE; |
613 |
+ } |
614 |
+diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
615 |
+index a10c8c7..ebc551c 100644 |
616 |
+--- a/arch/x86/mm/fault.c |
617 |
++++ b/arch/x86/mm/fault.c |
618 |
+@@ -833,11 +833,8 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address, |
619 |
+ unsigned int fault) |
620 |
+ { |
621 |
+ struct task_struct *tsk = current; |
622 |
+- struct mm_struct *mm = tsk->mm; |
623 |
+ int code = BUS_ADRERR; |
624 |
+ |
625 |
+- up_read(&mm->mmap_sem); |
626 |
+- |
627 |
+ /* Kernel mode? Handle exceptions or die: */ |
628 |
+ if (!(error_code & PF_USER)) { |
629 |
+ no_context(regs, error_code, address, SIGBUS, BUS_ADRERR); |
630 |
+@@ -868,7 +865,6 @@ mm_fault_error(struct pt_regs *regs, unsigned long error_code, |
631 |
+ unsigned long address, unsigned int fault) |
632 |
+ { |
633 |
+ if (fatal_signal_pending(current) && !(error_code & PF_USER)) { |
634 |
+- up_read(¤t->mm->mmap_sem); |
635 |
+ no_context(regs, error_code, address, 0, 0); |
636 |
+ return; |
637 |
+ } |
638 |
+@@ -876,14 +872,11 @@ mm_fault_error(struct pt_regs *regs, unsigned long error_code, |
639 |
+ if (fault & VM_FAULT_OOM) { |
640 |
+ /* Kernel mode? Handle exceptions or die: */ |
641 |
+ if (!(error_code & PF_USER)) { |
642 |
+- up_read(¤t->mm->mmap_sem); |
643 |
+ no_context(regs, error_code, address, |
644 |
+ SIGSEGV, SEGV_MAPERR); |
645 |
+ return; |
646 |
+ } |
647 |
+ |
648 |
+- up_read(¤t->mm->mmap_sem); |
649 |
+- |
650 |
+ /* |
651 |
+ * We ran out of memory, call the OOM killer, and return the |
652 |
+ * userspace (which will retry the fault, or kill us if we got |
653 |
+@@ -894,6 +887,8 @@ mm_fault_error(struct pt_regs *regs, unsigned long error_code, |
654 |
+ if (fault & (VM_FAULT_SIGBUS|VM_FAULT_HWPOISON| |
655 |
+ VM_FAULT_HWPOISON_LARGE)) |
656 |
+ do_sigbus(regs, error_code, address, fault); |
657 |
++ else if (fault & VM_FAULT_SIGSEGV) |
658 |
++ bad_area_nosemaphore(regs, error_code, address); |
659 |
+ else |
660 |
+ BUG(); |
661 |
+ } |
662 |
+@@ -1216,6 +1211,7 @@ good_area: |
663 |
+ return; |
664 |
+ |
665 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
666 |
++ up_read(&mm->mmap_sem); |
667 |
+ mm_fault_error(regs, error_code, address, fault); |
668 |
+ return; |
669 |
+ } |
670 |
+diff --git a/arch/xtensa/mm/fault.c b/arch/xtensa/mm/fault.c |
671 |
+index b57c4f9..9e3571a 100644 |
672 |
+--- a/arch/xtensa/mm/fault.c |
673 |
++++ b/arch/xtensa/mm/fault.c |
674 |
+@@ -117,6 +117,8 @@ good_area: |
675 |
+ if (unlikely(fault & VM_FAULT_ERROR)) { |
676 |
+ if (fault & VM_FAULT_OOM) |
677 |
+ goto out_of_memory; |
678 |
++ else if (fault & VM_FAULT_SIGSEGV) |
679 |
++ goto bad_area; |
680 |
+ else if (fault & VM_FAULT_SIGBUS) |
681 |
+ goto do_sigbus; |
682 |
+ BUG(); |
683 |
+diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c |
684 |
+index f667e37..5afe556 100644 |
685 |
+--- a/drivers/bluetooth/ath3k.c |
686 |
++++ b/drivers/bluetooth/ath3k.c |
687 |
+@@ -62,51 +62,59 @@ static const struct usb_device_id ath3k_table[] = { |
688 |
+ { USB_DEVICE(0x0CF3, 0x3000) }, |
689 |
+ |
690 |
+ /* Atheros AR3011 with sflash firmware*/ |
691 |
++ { USB_DEVICE(0x0489, 0xE027) }, |
692 |
++ { USB_DEVICE(0x0489, 0xE03D) }, |
693 |
++ { USB_DEVICE(0x0930, 0x0215) }, |
694 |
+ { USB_DEVICE(0x0CF3, 0x3002) }, |
695 |
+ { USB_DEVICE(0x0CF3, 0xE019) }, |
696 |
+ { USB_DEVICE(0x13d3, 0x3304) }, |
697 |
+- { USB_DEVICE(0x0930, 0x0215) }, |
698 |
+- { USB_DEVICE(0x0489, 0xE03D) }, |
699 |
+- { USB_DEVICE(0x0489, 0xE027) }, |
700 |
+ |
701 |
+ /* Atheros AR9285 Malbec with sflash firmware */ |
702 |
+ { USB_DEVICE(0x03F0, 0x311D) }, |
703 |
+ |
704 |
+ /* Atheros AR3012 with sflash firmware*/ |
705 |
+- { USB_DEVICE(0x0CF3, 0x0036) }, |
706 |
+- { USB_DEVICE(0x0CF3, 0x3004) }, |
707 |
+- { USB_DEVICE(0x0CF3, 0x3008) }, |
708 |
+- { USB_DEVICE(0x0CF3, 0x311D) }, |
709 |
+- { USB_DEVICE(0x0CF3, 0x817a) }, |
710 |
+- { USB_DEVICE(0x13d3, 0x3375) }, |
711 |
++ { USB_DEVICE(0x0489, 0xe04d) }, |
712 |
++ { USB_DEVICE(0x0489, 0xe04e) }, |
713 |
++ { USB_DEVICE(0x0489, 0xe057) }, |
714 |
++ { USB_DEVICE(0x0489, 0xe056) }, |
715 |
++ { USB_DEVICE(0x0489, 0xe05f) }, |
716 |
++ { USB_DEVICE(0x0489, 0xe078) }, |
717 |
++ { USB_DEVICE(0x04c5, 0x1330) }, |
718 |
+ { USB_DEVICE(0x04CA, 0x3004) }, |
719 |
+ { USB_DEVICE(0x04CA, 0x3005) }, |
720 |
+ { USB_DEVICE(0x04CA, 0x3006) }, |
721 |
+ { USB_DEVICE(0x04CA, 0x3007) }, |
722 |
+ { USB_DEVICE(0x04CA, 0x3008) }, |
723 |
+ { USB_DEVICE(0x04CA, 0x300b) }, |
724 |
+- { USB_DEVICE(0x13d3, 0x3362) }, |
725 |
+- { USB_DEVICE(0x0CF3, 0xE004) }, |
726 |
+- { USB_DEVICE(0x0CF3, 0xE005) }, |
727 |
++ { USB_DEVICE(0x04CA, 0x3010) }, |
728 |
+ { USB_DEVICE(0x0930, 0x0219) }, |
729 |
+ { USB_DEVICE(0x0930, 0x0220) }, |
730 |
+- { USB_DEVICE(0x0489, 0xe057) }, |
731 |
+- { USB_DEVICE(0x13d3, 0x3393) }, |
732 |
+- { USB_DEVICE(0x0489, 0xe04e) }, |
733 |
+- { USB_DEVICE(0x0489, 0xe056) }, |
734 |
+- { USB_DEVICE(0x0489, 0xe04d) }, |
735 |
+- { USB_DEVICE(0x04c5, 0x1330) }, |
736 |
+- { USB_DEVICE(0x13d3, 0x3402) }, |
737 |
++ { USB_DEVICE(0x0930, 0x0227) }, |
738 |
++ { USB_DEVICE(0x0b05, 0x17d0) }, |
739 |
++ { USB_DEVICE(0x0CF3, 0x0036) }, |
740 |
++ { USB_DEVICE(0x0CF3, 0x3004) }, |
741 |
++ { USB_DEVICE(0x0CF3, 0x3008) }, |
742 |
++ { USB_DEVICE(0x0CF3, 0x311D) }, |
743 |
++ { USB_DEVICE(0x0CF3, 0x311E) }, |
744 |
++ { USB_DEVICE(0x0CF3, 0x311F) }, |
745 |
+ { USB_DEVICE(0x0cf3, 0x3121) }, |
746 |
++ { USB_DEVICE(0x0CF3, 0x817a) }, |
747 |
+ { USB_DEVICE(0x0cf3, 0xe003) }, |
748 |
+- { USB_DEVICE(0x0489, 0xe05f) }, |
749 |
++ { USB_DEVICE(0x0CF3, 0xE004) }, |
750 |
++ { USB_DEVICE(0x0CF3, 0xE005) }, |
751 |
++ { USB_DEVICE(0x13d3, 0x3362) }, |
752 |
++ { USB_DEVICE(0x13d3, 0x3375) }, |
753 |
++ { USB_DEVICE(0x13d3, 0x3393) }, |
754 |
++ { USB_DEVICE(0x13d3, 0x3402) }, |
755 |
++ { USB_DEVICE(0x13d3, 0x3408) }, |
756 |
++ { USB_DEVICE(0x13d3, 0x3432) }, |
757 |
+ |
758 |
+ /* Atheros AR5BBU12 with sflash firmware */ |
759 |
+ { USB_DEVICE(0x0489, 0xE02C) }, |
760 |
+ |
761 |
+ /* Atheros AR5BBU22 with sflash firmware */ |
762 |
+- { USB_DEVICE(0x0489, 0xE03C) }, |
763 |
+ { USB_DEVICE(0x0489, 0xE036) }, |
764 |
++ { USB_DEVICE(0x0489, 0xE03C) }, |
765 |
+ |
766 |
+ { } /* Terminating entry */ |
767 |
+ }; |
768 |
+@@ -119,37 +127,45 @@ MODULE_DEVICE_TABLE(usb, ath3k_table); |
769 |
+ static const struct usb_device_id ath3k_blist_tbl[] = { |
770 |
+ |
771 |
+ /* Atheros AR3012 with sflash firmware*/ |
772 |
+- { USB_DEVICE(0x0CF3, 0x0036), .driver_info = BTUSB_ATH3012 }, |
773 |
+- { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
774 |
+- { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 }, |
775 |
+- { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 }, |
776 |
+- { USB_DEVICE(0x0CF3, 0x817a), .driver_info = BTUSB_ATH3012 }, |
777 |
+- { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
778 |
++ { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, |
779 |
++ { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, |
780 |
++ { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 }, |
781 |
++ { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, |
782 |
++ { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 }, |
783 |
++ { USB_DEVICE(0x0489, 0xe078), .driver_info = BTUSB_ATH3012 }, |
784 |
++ { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 }, |
785 |
+ { USB_DEVICE(0x04ca, 0x3004), .driver_info = BTUSB_ATH3012 }, |
786 |
+ { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, |
787 |
+ { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 }, |
788 |
+ { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, |
789 |
+ { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, |
790 |
+ { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, |
791 |
+- { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, |
792 |
+- { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, |
793 |
+- { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 }, |
794 |
++ { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 }, |
795 |
+ { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, |
796 |
+ { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, |
797 |
+- { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, |
798 |
+- { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 }, |
799 |
+- { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, |
800 |
+- { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 }, |
801 |
+- { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, |
802 |
+- { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 }, |
803 |
+- { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 }, |
804 |
++ { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, |
805 |
++ { USB_DEVICE(0x0b05, 0x17d0), .driver_info = BTUSB_ATH3012 }, |
806 |
++ { USB_DEVICE(0x0CF3, 0x0036), .driver_info = BTUSB_ATH3012 }, |
807 |
++ { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
808 |
++ { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 }, |
809 |
++ { USB_DEVICE(0x0cf3, 0x311D), .driver_info = BTUSB_ATH3012 }, |
810 |
++ { USB_DEVICE(0x0cf3, 0x311E), .driver_info = BTUSB_ATH3012 }, |
811 |
++ { USB_DEVICE(0x0cf3, 0x311F), .driver_info = BTUSB_ATH3012 }, |
812 |
+ { USB_DEVICE(0x0cf3, 0x3121), .driver_info = BTUSB_ATH3012 }, |
813 |
++ { USB_DEVICE(0x0CF3, 0x817a), .driver_info = BTUSB_ATH3012 }, |
814 |
++ { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, |
815 |
++ { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 }, |
816 |
+ { USB_DEVICE(0x0cf3, 0xe003), .driver_info = BTUSB_ATH3012 }, |
817 |
+- { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 }, |
818 |
++ { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, |
819 |
++ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
820 |
++ { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 }, |
821 |
++ { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 }, |
822 |
++ { USB_DEVICE(0x13d3, 0x3408), .driver_info = BTUSB_ATH3012 }, |
823 |
++ { USB_DEVICE(0x13d3, 0x3432), .driver_info = BTUSB_ATH3012 }, |
824 |
+ |
825 |
+ /* Atheros AR5BBU22 with sflash firmware */ |
826 |
+- { USB_DEVICE(0x0489, 0xE03C), .driver_info = BTUSB_ATH3012 }, |
827 |
+ { USB_DEVICE(0x0489, 0xE036), .driver_info = BTUSB_ATH3012 }, |
828 |
++ { USB_DEVICE(0x0489, 0xE03C), .driver_info = BTUSB_ATH3012 }, |
829 |
+ |
830 |
+ { } /* Terminating entry */ |
831 |
+ }; |
832 |
+diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c |
833 |
+index e00c3f8..03b3317 100644 |
834 |
+--- a/drivers/bluetooth/btusb.c |
835 |
++++ b/drivers/bluetooth/btusb.c |
836 |
+@@ -49,6 +49,7 @@ static struct usb_driver btusb_driver; |
837 |
+ #define BTUSB_WRONG_SCO_MTU 0x40 |
838 |
+ #define BTUSB_ATH3012 0x80 |
839 |
+ #define BTUSB_INTEL 0x100 |
840 |
++#define BTUSB_INTEL_BOOT 0x200 |
841 |
+ |
842 |
+ static const struct usb_device_id btusb_table[] = { |
843 |
+ /* Generic Bluetooth USB device */ |
844 |
+@@ -101,21 +102,31 @@ static const struct usb_device_id btusb_table[] = { |
845 |
+ { USB_DEVICE(0x0c10, 0x0000) }, |
846 |
+ |
847 |
+ /* Broadcom BCM20702A0 */ |
848 |
++ { USB_DEVICE(0x0489, 0xe042) }, |
849 |
++ { USB_DEVICE(0x04ca, 0x2003) }, |
850 |
+ { USB_DEVICE(0x0b05, 0x17b5) }, |
851 |
+ { USB_DEVICE(0x0b05, 0x17cb) }, |
852 |
+- { USB_DEVICE(0x04ca, 0x2003) }, |
853 |
+- { USB_DEVICE(0x0489, 0xe042) }, |
854 |
+ { USB_DEVICE(0x413c, 0x8197) }, |
855 |
+ |
856 |
+ /* Foxconn - Hon Hai */ |
857 |
+ { USB_VENDOR_AND_INTERFACE_INFO(0x0489, 0xff, 0x01, 0x01) }, |
858 |
+ |
859 |
+- /*Broadcom devices with vendor specific id */ |
860 |
++ /* Broadcom devices with vendor specific id */ |
861 |
+ { USB_VENDOR_AND_INTERFACE_INFO(0x0a5c, 0xff, 0x01, 0x01) }, |
862 |
+ |
863 |
++ /* ASUSTek Computer - Broadcom based */ |
864 |
++ { USB_VENDOR_AND_INTERFACE_INFO(0x0b05, 0xff, 0x01, 0x01) }, |
865 |
++ |
866 |
+ /* Belkin F8065bf - Broadcom based */ |
867 |
+ { USB_VENDOR_AND_INTERFACE_INFO(0x050d, 0xff, 0x01, 0x01) }, |
868 |
+ |
869 |
++ /* IMC Networks - Broadcom based */ |
870 |
++ { USB_VENDOR_AND_INTERFACE_INFO(0x13d3, 0xff, 0x01, 0x01) }, |
871 |
++ |
872 |
++ /* Intel Bluetooth USB Bootloader (RAM module) */ |
873 |
++ { USB_DEVICE(0x8087, 0x0a5a), |
874 |
++ .driver_info = BTUSB_INTEL_BOOT | BTUSB_BROKEN_ISOC }, |
875 |
++ |
876 |
+ { } /* Terminating entry */ |
877 |
+ }; |
878 |
+ |
879 |
+@@ -129,56 +140,64 @@ static const struct usb_device_id blacklist_table[] = { |
880 |
+ { USB_DEVICE(0x0a5c, 0x2033), .driver_info = BTUSB_IGNORE }, |
881 |
+ |
882 |
+ /* Atheros 3011 with sflash firmware */ |
883 |
++ { USB_DEVICE(0x0489, 0xe027), .driver_info = BTUSB_IGNORE }, |
884 |
++ { USB_DEVICE(0x0489, 0xe03d), .driver_info = BTUSB_IGNORE }, |
885 |
++ { USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE }, |
886 |
+ { USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE }, |
887 |
+ { USB_DEVICE(0x0cf3, 0xe019), .driver_info = BTUSB_IGNORE }, |
888 |
+ { USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE }, |
889 |
+- { USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE }, |
890 |
+- { USB_DEVICE(0x0489, 0xe03d), .driver_info = BTUSB_IGNORE }, |
891 |
+- { USB_DEVICE(0x0489, 0xe027), .driver_info = BTUSB_IGNORE }, |
892 |
+ |
893 |
+ /* Atheros AR9285 Malbec with sflash firmware */ |
894 |
+ { USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE }, |
895 |
+ |
896 |
+ /* Atheros 3012 with sflash firmware */ |
897 |
+- { USB_DEVICE(0x0cf3, 0x0036), .driver_info = BTUSB_ATH3012 }, |
898 |
+- { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
899 |
+- { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 }, |
900 |
+- { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 }, |
901 |
+- { USB_DEVICE(0x0cf3, 0x817a), .driver_info = BTUSB_ATH3012 }, |
902 |
+- { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
903 |
++ { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, |
904 |
++ { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, |
905 |
++ { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 }, |
906 |
++ { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, |
907 |
++ { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 }, |
908 |
++ { USB_DEVICE(0x0489, 0xe078), .driver_info = BTUSB_ATH3012 }, |
909 |
++ { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 }, |
910 |
+ { USB_DEVICE(0x04ca, 0x3004), .driver_info = BTUSB_ATH3012 }, |
911 |
+ { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 }, |
912 |
+ { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 }, |
913 |
+ { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 }, |
914 |
+ { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 }, |
915 |
+ { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 }, |
916 |
+- { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, |
917 |
+- { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, |
918 |
+- { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 }, |
919 |
++ { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 }, |
920 |
+ { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 }, |
921 |
+ { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 }, |
922 |
+- { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 }, |
923 |
+- { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 }, |
924 |
+- { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, |
925 |
+- { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 }, |
926 |
+- { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, |
927 |
+- { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 }, |
928 |
+- { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 }, |
929 |
++ { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 }, |
930 |
++ { USB_DEVICE(0x0b05, 0x17d0), .driver_info = BTUSB_ATH3012 }, |
931 |
++ { USB_DEVICE(0x0cf3, 0x0036), .driver_info = BTUSB_ATH3012 }, |
932 |
++ { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 }, |
933 |
++ { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 }, |
934 |
++ { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 }, |
935 |
++ { USB_DEVICE(0x0cf3, 0x311e), .driver_info = BTUSB_ATH3012 }, |
936 |
++ { USB_DEVICE(0x0cf3, 0x311f), .driver_info = BTUSB_ATH3012 }, |
937 |
+ { USB_DEVICE(0x0cf3, 0x3121), .driver_info = BTUSB_ATH3012 }, |
938 |
++ { USB_DEVICE(0x0cf3, 0x817a), .driver_info = BTUSB_ATH3012 }, |
939 |
+ { USB_DEVICE(0x0cf3, 0xe003), .driver_info = BTUSB_ATH3012 }, |
940 |
+- { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 }, |
941 |
++ { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 }, |
942 |
++ { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 }, |
943 |
++ { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 }, |
944 |
++ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 }, |
945 |
++ { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 }, |
946 |
++ { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 }, |
947 |
++ { USB_DEVICE(0x13d3, 0x3408), .driver_info = BTUSB_ATH3012 }, |
948 |
++ { USB_DEVICE(0x13d3, 0x3432), .driver_info = BTUSB_ATH3012 }, |
949 |
+ |
950 |
+ /* Atheros AR5BBU12 with sflash firmware */ |
951 |
+ { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE }, |
952 |
+ |
953 |
+ /* Atheros AR5BBU12 with sflash firmware */ |
954 |
+- { USB_DEVICE(0x0489, 0xe03c), .driver_info = BTUSB_ATH3012 }, |
955 |
+ { USB_DEVICE(0x0489, 0xe036), .driver_info = BTUSB_ATH3012 }, |
956 |
++ { USB_DEVICE(0x0489, 0xe03c), .driver_info = BTUSB_ATH3012 }, |
957 |
+ |
958 |
+ /* Broadcom BCM2035 */ |
959 |
+- { USB_DEVICE(0x0a5c, 0x2035), .driver_info = BTUSB_WRONG_SCO_MTU }, |
960 |
+- { USB_DEVICE(0x0a5c, 0x200a), .driver_info = BTUSB_WRONG_SCO_MTU }, |
961 |
+ { USB_DEVICE(0x0a5c, 0x2009), .driver_info = BTUSB_BCM92035 }, |
962 |
++ { USB_DEVICE(0x0a5c, 0x200a), .driver_info = BTUSB_WRONG_SCO_MTU }, |
963 |
++ { USB_DEVICE(0x0a5c, 0x2035), .driver_info = BTUSB_WRONG_SCO_MTU }, |
964 |
+ |
965 |
+ /* Broadcom BCM2045 */ |
966 |
+ { USB_DEVICE(0x0a5c, 0x2039), .driver_info = BTUSB_WRONG_SCO_MTU }, |
967 |
+@@ -1491,6 +1510,9 @@ static int btusb_probe(struct usb_interface *intf, |
968 |
+ if (id->driver_info & BTUSB_INTEL) |
969 |
+ hdev->setup = btusb_setup_intel; |
970 |
+ |
971 |
++ if (id->driver_info & BTUSB_INTEL_BOOT) |
972 |
++ set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks); |
973 |
++ |
974 |
+ /* Interface numbers are hardcoded in the specification */ |
975 |
+ data->isoc = usb_ifnum_to_if(data->udev, 1); |
976 |
+ |
977 |
+diff --git a/drivers/edac/sb_edac.c b/drivers/edac/sb_edac.c |
978 |
+index 54e2abe..c611bcc 100644 |
979 |
+--- a/drivers/edac/sb_edac.c |
980 |
++++ b/drivers/edac/sb_edac.c |
981 |
+@@ -285,8 +285,9 @@ static const u32 correrrthrsld[] = { |
982 |
+ * sbridge structs |
983 |
+ */ |
984 |
+ |
985 |
+-#define NUM_CHANNELS 4 |
986 |
+-#define MAX_DIMMS 3 /* Max DIMMS per channel */ |
987 |
++#define NUM_CHANNELS 4 |
988 |
++#define MAX_DIMMS 3 /* Max DIMMS per channel */ |
989 |
++#define CHANNEL_UNSPECIFIED 0xf /* Intel IA32 SDM 15-14 */ |
990 |
+ |
991 |
+ enum type { |
992 |
+ SANDY_BRIDGE, |
993 |
+@@ -1750,6 +1751,9 @@ static void sbridge_mce_output_error(struct mem_ctl_info *mci, |
994 |
+ |
995 |
+ /* FIXME: need support for channel mask */ |
996 |
+ |
997 |
++ if (channel == CHANNEL_UNSPECIFIED) |
998 |
++ channel = -1; |
999 |
++ |
1000 |
+ /* Call the helper to output message */ |
1001 |
+ edac_mc_handle_error(tp_event, mci, core_err_cnt, |
1002 |
+ m->addr >> PAGE_SHIFT, m->addr & ~PAGE_MASK, 0, |
1003 |
+diff --git a/drivers/net/bonding/bond_3ad.c b/drivers/net/bonding/bond_3ad.c |
1004 |
+index dcde5605..3177498 100644 |
1005 |
+--- a/drivers/net/bonding/bond_3ad.c |
1006 |
++++ b/drivers/net/bonding/bond_3ad.c |
1007 |
+@@ -2479,7 +2479,7 @@ out: |
1008 |
+ return NETDEV_TX_OK; |
1009 |
+ err_free: |
1010 |
+ /* no suitable interface, frame not sent */ |
1011 |
+- kfree_skb(skb); |
1012 |
++ dev_kfree_skb_any(skb); |
1013 |
+ goto out; |
1014 |
+ } |
1015 |
+ |
1016 |
+diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c |
1017 |
+index e8f133e..c67bbc9 100644 |
1018 |
+--- a/drivers/net/bonding/bond_alb.c |
1019 |
++++ b/drivers/net/bonding/bond_alb.c |
1020 |
+@@ -1479,7 +1479,7 @@ int bond_alb_xmit(struct sk_buff *skb, struct net_device *bond_dev) |
1021 |
+ } |
1022 |
+ |
1023 |
+ /* no suitable interface, frame not sent */ |
1024 |
+- kfree_skb(skb); |
1025 |
++ dev_kfree_skb_any(skb); |
1026 |
+ out: |
1027 |
+ return NETDEV_TX_OK; |
1028 |
+ } |
1029 |
+diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
1030 |
+index 1537982..32b0e705 100644 |
1031 |
+--- a/drivers/net/bonding/bond_main.c |
1032 |
++++ b/drivers/net/bonding/bond_main.c |
1033 |
+@@ -3568,7 +3568,7 @@ static void bond_xmit_slave_id(struct bonding *bond, struct sk_buff *skb, int sl |
1034 |
+ } |
1035 |
+ } |
1036 |
+ /* no slave that can tx has been found */ |
1037 |
+- kfree_skb(skb); |
1038 |
++ dev_kfree_skb_any(skb); |
1039 |
+ } |
1040 |
+ |
1041 |
+ /** |
1042 |
+@@ -3650,7 +3650,7 @@ static int bond_xmit_activebackup(struct sk_buff *skb, struct net_device *bond_d |
1043 |
+ if (slave) |
1044 |
+ bond_dev_queue_xmit(bond, skb, slave->dev); |
1045 |
+ else |
1046 |
+- kfree_skb(skb); |
1047 |
++ dev_kfree_skb_any(skb); |
1048 |
+ |
1049 |
+ return NETDEV_TX_OK; |
1050 |
+ } |
1051 |
+@@ -3698,7 +3698,7 @@ static int bond_xmit_broadcast(struct sk_buff *skb, struct net_device *bond_dev) |
1052 |
+ if (slave && IS_UP(slave->dev) && slave->link == BOND_LINK_UP) |
1053 |
+ bond_dev_queue_xmit(bond, skb, slave->dev); |
1054 |
+ else |
1055 |
+- kfree_skb(skb); |
1056 |
++ dev_kfree_skb_any(skb); |
1057 |
+ |
1058 |
+ return NETDEV_TX_OK; |
1059 |
+ } |
1060 |
+@@ -3785,7 +3785,7 @@ static netdev_tx_t __bond_start_xmit(struct sk_buff *skb, struct net_device *dev |
1061 |
+ pr_err("%s: Error: Unknown bonding mode %d\n", |
1062 |
+ dev->name, bond->params.mode); |
1063 |
+ WARN_ON_ONCE(1); |
1064 |
+- kfree_skb(skb); |
1065 |
++ dev_kfree_skb_any(skb); |
1066 |
+ return NETDEV_TX_OK; |
1067 |
+ } |
1068 |
+ } |
1069 |
+@@ -3806,7 +3806,7 @@ static netdev_tx_t bond_start_xmit(struct sk_buff *skb, struct net_device *dev) |
1070 |
+ if (bond_has_slaves(bond)) |
1071 |
+ ret = __bond_start_xmit(skb, dev); |
1072 |
+ else |
1073 |
+- kfree_skb(skb); |
1074 |
++ dev_kfree_skb_any(skb); |
1075 |
+ rcu_read_unlock(); |
1076 |
+ |
1077 |
+ return ret; |
1078 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2.c b/drivers/net/ethernet/broadcom/bnx2.c |
1079 |
+index 6c9e1c9..0c8a168 100644 |
1080 |
+--- a/drivers/net/ethernet/broadcom/bnx2.c |
1081 |
++++ b/drivers/net/ethernet/broadcom/bnx2.c |
1082 |
+@@ -2886,7 +2886,7 @@ bnx2_tx_int(struct bnx2 *bp, struct bnx2_napi *bnapi, int budget) |
1083 |
+ sw_cons = BNX2_NEXT_TX_BD(sw_cons); |
1084 |
+ |
1085 |
+ tx_bytes += skb->len; |
1086 |
+- dev_kfree_skb(skb); |
1087 |
++ dev_kfree_skb_any(skb); |
1088 |
+ tx_pkt++; |
1089 |
+ if (tx_pkt == budget) |
1090 |
+ break; |
1091 |
+@@ -6640,7 +6640,7 @@ bnx2_start_xmit(struct sk_buff *skb, struct net_device *dev) |
1092 |
+ |
1093 |
+ mapping = dma_map_single(&bp->pdev->dev, skb->data, len, PCI_DMA_TODEVICE); |
1094 |
+ if (dma_mapping_error(&bp->pdev->dev, mapping)) { |
1095 |
+- dev_kfree_skb(skb); |
1096 |
++ dev_kfree_skb_any(skb); |
1097 |
+ return NETDEV_TX_OK; |
1098 |
+ } |
1099 |
+ |
1100 |
+@@ -6733,7 +6733,7 @@ dma_error: |
1101 |
+ PCI_DMA_TODEVICE); |
1102 |
+ } |
1103 |
+ |
1104 |
+- dev_kfree_skb(skb); |
1105 |
++ dev_kfree_skb_any(skb); |
1106 |
+ return NETDEV_TX_OK; |
1107 |
+ } |
1108 |
+ |
1109 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
1110 |
+index 8206113..bc65dc8 100644 |
1111 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
1112 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
1113 |
+@@ -6593,7 +6593,7 @@ static void tg3_tx(struct tg3_napi *tnapi) |
1114 |
+ pkts_compl++; |
1115 |
+ bytes_compl += skb->len; |
1116 |
+ |
1117 |
+- dev_kfree_skb(skb); |
1118 |
++ dev_kfree_skb_any(skb); |
1119 |
+ |
1120 |
+ if (unlikely(tx_bug)) { |
1121 |
+ tg3_tx_recover(tp); |
1122 |
+@@ -6925,7 +6925,7 @@ static int tg3_rx(struct tg3_napi *tnapi, int budget) |
1123 |
+ if (len > (tp->dev->mtu + ETH_HLEN) && |
1124 |
+ skb->protocol != htons(ETH_P_8021Q) && |
1125 |
+ skb->protocol != htons(ETH_P_8021AD)) { |
1126 |
+- dev_kfree_skb(skb); |
1127 |
++ dev_kfree_skb_any(skb); |
1128 |
+ goto drop_it_no_recycle; |
1129 |
+ } |
1130 |
+ |
1131 |
+@@ -7808,7 +7808,7 @@ static int tigon3_dma_hwbug_workaround(struct tg3_napi *tnapi, |
1132 |
+ PCI_DMA_TODEVICE); |
1133 |
+ /* Make sure the mapping succeeded */ |
1134 |
+ if (pci_dma_mapping_error(tp->pdev, new_addr)) { |
1135 |
+- dev_kfree_skb(new_skb); |
1136 |
++ dev_kfree_skb_any(new_skb); |
1137 |
+ ret = -1; |
1138 |
+ } else { |
1139 |
+ u32 save_entry = *entry; |
1140 |
+@@ -7823,13 +7823,13 @@ static int tigon3_dma_hwbug_workaround(struct tg3_napi *tnapi, |
1141 |
+ new_skb->len, base_flags, |
1142 |
+ mss, vlan)) { |
1143 |
+ tg3_tx_skb_unmap(tnapi, save_entry, -1); |
1144 |
+- dev_kfree_skb(new_skb); |
1145 |
++ dev_kfree_skb_any(new_skb); |
1146 |
+ ret = -1; |
1147 |
+ } |
1148 |
+ } |
1149 |
+ } |
1150 |
+ |
1151 |
+- dev_kfree_skb(skb); |
1152 |
++ dev_kfree_skb_any(skb); |
1153 |
+ *pskb = new_skb; |
1154 |
+ return ret; |
1155 |
+ } |
1156 |
+@@ -7872,7 +7872,7 @@ static int tg3_tso_bug(struct tg3 *tp, struct sk_buff *skb) |
1157 |
+ } while (segs); |
1158 |
+ |
1159 |
+ tg3_tso_bug_end: |
1160 |
+- dev_kfree_skb(skb); |
1161 |
++ dev_kfree_skb_any(skb); |
1162 |
+ |
1163 |
+ return NETDEV_TX_OK; |
1164 |
+ } |
1165 |
+@@ -8110,7 +8110,7 @@ dma_error: |
1166 |
+ tg3_tx_skb_unmap(tnapi, tnapi->tx_prod, --i); |
1167 |
+ tnapi->tx_buffers[tnapi->tx_prod].skb = NULL; |
1168 |
+ drop: |
1169 |
+- dev_kfree_skb(skb); |
1170 |
++ dev_kfree_skb_any(skb); |
1171 |
+ drop_nofree: |
1172 |
+ tp->tx_dropped++; |
1173 |
+ return NETDEV_TX_OK; |
1174 |
+diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c |
1175 |
+index 80bfa03..075e7e7 100644 |
1176 |
+--- a/drivers/net/ethernet/emulex/benet/be_main.c |
1177 |
++++ b/drivers/net/ethernet/emulex/benet/be_main.c |
1178 |
+@@ -1883,7 +1883,7 @@ static u16 be_tx_compl_process(struct be_adapter *adapter, |
1179 |
+ queue_tail_inc(txq); |
1180 |
+ } while (cur_index != last_index); |
1181 |
+ |
1182 |
+- kfree_skb(sent_skb); |
1183 |
++ dev_kfree_skb_any(sent_skb); |
1184 |
+ return num_wrbs; |
1185 |
+ } |
1186 |
+ |
1187 |
+diff --git a/drivers/net/ethernet/freescale/gianfar.c b/drivers/net/ethernet/freescale/gianfar.c |
1188 |
+index ad5a5aa..70eb4d2 100644 |
1189 |
+--- a/drivers/net/ethernet/freescale/gianfar.c |
1190 |
++++ b/drivers/net/ethernet/freescale/gianfar.c |
1191 |
+@@ -2152,13 +2152,13 @@ static int gfar_start_xmit(struct sk_buff *skb, struct net_device *dev) |
1192 |
+ skb_new = skb_realloc_headroom(skb, fcb_len); |
1193 |
+ if (!skb_new) { |
1194 |
+ dev->stats.tx_errors++; |
1195 |
+- kfree_skb(skb); |
1196 |
++ dev_kfree_skb_any(skb); |
1197 |
+ return NETDEV_TX_OK; |
1198 |
+ } |
1199 |
+ |
1200 |
+ if (skb->sk) |
1201 |
+ skb_set_owner_w(skb_new, skb->sk); |
1202 |
+- consume_skb(skb); |
1203 |
++ dev_consume_skb_any(skb); |
1204 |
+ skb = skb_new; |
1205 |
+ } |
1206 |
+ |
1207 |
+diff --git a/drivers/net/ethernet/intel/ixgb/ixgb_main.c b/drivers/net/ethernet/intel/ixgb/ixgb_main.c |
1208 |
+index 57e390c..f42c201 100644 |
1209 |
+--- a/drivers/net/ethernet/intel/ixgb/ixgb_main.c |
1210 |
++++ b/drivers/net/ethernet/intel/ixgb/ixgb_main.c |
1211 |
+@@ -1521,12 +1521,12 @@ ixgb_xmit_frame(struct sk_buff *skb, struct net_device *netdev) |
1212 |
+ int tso; |
1213 |
+ |
1214 |
+ if (test_bit(__IXGB_DOWN, &adapter->flags)) { |
1215 |
+- dev_kfree_skb(skb); |
1216 |
++ dev_kfree_skb_any(skb); |
1217 |
+ return NETDEV_TX_OK; |
1218 |
+ } |
1219 |
+ |
1220 |
+ if (skb->len <= 0) { |
1221 |
+- dev_kfree_skb(skb); |
1222 |
++ dev_kfree_skb_any(skb); |
1223 |
+ return NETDEV_TX_OK; |
1224 |
+ } |
1225 |
+ |
1226 |
+@@ -1543,7 +1543,7 @@ ixgb_xmit_frame(struct sk_buff *skb, struct net_device *netdev) |
1227 |
+ |
1228 |
+ tso = ixgb_tso(adapter, skb); |
1229 |
+ if (tso < 0) { |
1230 |
+- dev_kfree_skb(skb); |
1231 |
++ dev_kfree_skb_any(skb); |
1232 |
+ return NETDEV_TX_OK; |
1233 |
+ } |
1234 |
+ |
1235 |
+diff --git a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
1236 |
+index 2f83f34..8be0f3e 100644 |
1237 |
+--- a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
1238 |
++++ b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
1239 |
+@@ -2497,13 +2497,6 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, |
1240 |
+ netif_carrier_off(dev); |
1241 |
+ mlx4_en_set_default_moderation(priv); |
1242 |
+ |
1243 |
+- err = register_netdev(dev); |
1244 |
+- if (err) { |
1245 |
+- en_err(priv, "Netdev registration failed for port %d\n", port); |
1246 |
+- goto out; |
1247 |
+- } |
1248 |
+- priv->registered = 1; |
1249 |
+- |
1250 |
+ en_warn(priv, "Using %d TX rings\n", prof->tx_ring_num); |
1251 |
+ en_warn(priv, "Using %d RX rings\n", prof->rx_ring_num); |
1252 |
+ |
1253 |
+@@ -2543,6 +2536,14 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, |
1254 |
+ queue_delayed_work(mdev->workqueue, &priv->service_task, |
1255 |
+ SERVICE_TASK_DELAY); |
1256 |
+ |
1257 |
++ err = register_netdev(dev); |
1258 |
++ if (err) { |
1259 |
++ en_err(priv, "Netdev registration failed for port %d\n", port); |
1260 |
++ goto out; |
1261 |
++ } |
1262 |
++ |
1263 |
++ priv->registered = 1; |
1264 |
++ |
1265 |
+ return 0; |
1266 |
+ |
1267 |
+ out: |
1268 |
+diff --git a/drivers/net/ethernet/mellanox/mlx4/en_tx.c b/drivers/net/ethernet/mellanox/mlx4/en_tx.c |
1269 |
+index 1345703..019a04a 100644 |
1270 |
+--- a/drivers/net/ethernet/mellanox/mlx4/en_tx.c |
1271 |
++++ b/drivers/net/ethernet/mellanox/mlx4/en_tx.c |
1272 |
+@@ -325,7 +325,7 @@ static u32 mlx4_en_free_tx_desc(struct mlx4_en_priv *priv, |
1273 |
+ } |
1274 |
+ } |
1275 |
+ } |
1276 |
+- dev_kfree_skb(skb); |
1277 |
++ dev_kfree_skb_any(skb); |
1278 |
+ return tx_info->nr_txbb; |
1279 |
+ } |
1280 |
+ |
1281 |
+diff --git a/drivers/net/ethernet/realtek/8139cp.c b/drivers/net/ethernet/realtek/8139cp.c |
1282 |
+index 737c1a8..a3c1daa 100644 |
1283 |
+--- a/drivers/net/ethernet/realtek/8139cp.c |
1284 |
++++ b/drivers/net/ethernet/realtek/8139cp.c |
1285 |
+@@ -899,7 +899,7 @@ out_unlock: |
1286 |
+ |
1287 |
+ return NETDEV_TX_OK; |
1288 |
+ out_dma_error: |
1289 |
+- kfree_skb(skb); |
1290 |
++ dev_kfree_skb_any(skb); |
1291 |
+ cp->dev->stats.tx_dropped++; |
1292 |
+ goto out_unlock; |
1293 |
+ } |
1294 |
+diff --git a/drivers/net/ethernet/realtek/8139too.c b/drivers/net/ethernet/realtek/8139too.c |
1295 |
+index da5972e..8cb2f35 100644 |
1296 |
+--- a/drivers/net/ethernet/realtek/8139too.c |
1297 |
++++ b/drivers/net/ethernet/realtek/8139too.c |
1298 |
+@@ -1717,9 +1717,9 @@ static netdev_tx_t rtl8139_start_xmit (struct sk_buff *skb, |
1299 |
+ if (len < ETH_ZLEN) |
1300 |
+ memset(tp->tx_buf[entry], 0, ETH_ZLEN); |
1301 |
+ skb_copy_and_csum_dev(skb, tp->tx_buf[entry]); |
1302 |
+- dev_kfree_skb(skb); |
1303 |
++ dev_kfree_skb_any(skb); |
1304 |
+ } else { |
1305 |
+- dev_kfree_skb(skb); |
1306 |
++ dev_kfree_skb_any(skb); |
1307 |
+ dev->stats.tx_dropped++; |
1308 |
+ return NETDEV_TX_OK; |
1309 |
+ } |
1310 |
+diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c |
1311 |
+index 3ff7bc3..90c14d1 100644 |
1312 |
+--- a/drivers/net/ethernet/realtek/r8169.c |
1313 |
++++ b/drivers/net/ethernet/realtek/r8169.c |
1314 |
+@@ -5834,7 +5834,7 @@ static void rtl8169_tx_clear_range(struct rtl8169_private *tp, u32 start, |
1315 |
+ tp->TxDescArray + entry); |
1316 |
+ if (skb) { |
1317 |
+ tp->dev->stats.tx_dropped++; |
1318 |
+- dev_kfree_skb(skb); |
1319 |
++ dev_kfree_skb_any(skb); |
1320 |
+ tx_skb->skb = NULL; |
1321 |
+ } |
1322 |
+ } |
1323 |
+@@ -6059,7 +6059,7 @@ static netdev_tx_t rtl8169_start_xmit(struct sk_buff *skb, |
1324 |
+ err_dma_1: |
1325 |
+ rtl8169_unmap_tx_skb(d, tp->tx_skb + entry, txd); |
1326 |
+ err_dma_0: |
1327 |
+- dev_kfree_skb(skb); |
1328 |
++ dev_kfree_skb_any(skb); |
1329 |
+ err_update_stats: |
1330 |
+ dev->stats.tx_dropped++; |
1331 |
+ return NETDEV_TX_OK; |
1332 |
+@@ -6142,7 +6142,7 @@ static void rtl_tx(struct net_device *dev, struct rtl8169_private *tp) |
1333 |
+ tp->tx_stats.packets++; |
1334 |
+ tp->tx_stats.bytes += tx_skb->skb->len; |
1335 |
+ u64_stats_update_end(&tp->tx_stats.syncp); |
1336 |
+- dev_kfree_skb(tx_skb->skb); |
1337 |
++ dev_kfree_skb_any(tx_skb->skb); |
1338 |
+ tx_skb->skb = NULL; |
1339 |
+ } |
1340 |
+ dirty_tx++; |
1341 |
+diff --git a/drivers/staging/lustre/lustre/llite/dcache.c b/drivers/staging/lustre/lustre/llite/dcache.c |
1342 |
+index cbd663e..19405ed 100644 |
1343 |
+--- a/drivers/staging/lustre/lustre/llite/dcache.c |
1344 |
++++ b/drivers/staging/lustre/lustre/llite/dcache.c |
1345 |
+@@ -278,7 +278,7 @@ void ll_invalidate_aliases(struct inode *inode) |
1346 |
+ inode->i_ino, inode->i_generation, inode); |
1347 |
+ |
1348 |
+ ll_lock_dcache(inode); |
1349 |
+- ll_d_hlist_for_each_entry(dentry, p, &inode->i_dentry, d_alias) { |
1350 |
++ ll_d_hlist_for_each_entry(dentry, p, &inode->i_dentry, d_u.d_alias) { |
1351 |
+ CDEBUG(D_DENTRY, "dentry in drop %.*s (%p) parent %p " |
1352 |
+ "inode %p flags %d\n", dentry->d_name.len, |
1353 |
+ dentry->d_name.name, dentry, dentry->d_parent, |
1354 |
+diff --git a/drivers/staging/lustre/lustre/llite/llite_lib.c b/drivers/staging/lustre/lustre/llite/llite_lib.c |
1355 |
+index 6cfdb9e..5ae562e 100644 |
1356 |
+--- a/drivers/staging/lustre/lustre/llite/llite_lib.c |
1357 |
++++ b/drivers/staging/lustre/lustre/llite/llite_lib.c |
1358 |
+@@ -678,7 +678,7 @@ void lustre_dump_dentry(struct dentry *dentry, int recur) |
1359 |
+ return; |
1360 |
+ |
1361 |
+ list_for_each(tmp, &dentry->d_subdirs) { |
1362 |
+- struct dentry *d = list_entry(tmp, struct dentry, d_u.d_child); |
1363 |
++ struct dentry *d = list_entry(tmp, struct dentry, d_child); |
1364 |
+ lustre_dump_dentry(d, recur - 1); |
1365 |
+ } |
1366 |
+ } |
1367 |
+diff --git a/drivers/staging/lustre/lustre/llite/namei.c b/drivers/staging/lustre/lustre/llite/namei.c |
1368 |
+index fc8d264..8e9a9e9 100644 |
1369 |
+--- a/drivers/staging/lustre/lustre/llite/namei.c |
1370 |
++++ b/drivers/staging/lustre/lustre/llite/namei.c |
1371 |
+@@ -175,14 +175,14 @@ static void ll_invalidate_negative_children(struct inode *dir) |
1372 |
+ struct ll_d_hlist_node *p; |
1373 |
+ |
1374 |
+ ll_lock_dcache(dir); |
1375 |
+- ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry, d_alias) { |
1376 |
++ ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry, d_u.d_alias) { |
1377 |
+ spin_lock(&dentry->d_lock); |
1378 |
+ if (!list_empty(&dentry->d_subdirs)) { |
1379 |
+ struct dentry *child; |
1380 |
+ |
1381 |
+ list_for_each_entry_safe(child, tmp_subdir, |
1382 |
+ &dentry->d_subdirs, |
1383 |
+- d_u.d_child) { |
1384 |
++ d_child) { |
1385 |
+ if (child->d_inode == NULL) |
1386 |
+ d_lustre_invalidate(child, 1); |
1387 |
+ } |
1388 |
+@@ -364,7 +364,7 @@ static struct dentry *ll_find_alias(struct inode *inode, struct dentry *dentry) |
1389 |
+ discon_alias = invalid_alias = NULL; |
1390 |
+ |
1391 |
+ ll_lock_dcache(inode); |
1392 |
+- ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry, d_alias) { |
1393 |
++ ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry, d_u.d_alias) { |
1394 |
+ LASSERT(alias != dentry); |
1395 |
+ |
1396 |
+ spin_lock(&alias->d_lock); |
1397 |
+@@ -953,7 +953,7 @@ static void ll_get_child_fid(struct inode * dir, struct qstr *name, |
1398 |
+ { |
1399 |
+ struct dentry *parent, *child; |
1400 |
+ |
1401 |
+- parent = ll_d_hlist_entry(dir->i_dentry, struct dentry, d_alias); |
1402 |
++ parent = ll_d_hlist_entry(dir->i_dentry, struct dentry, d_u.d_alias); |
1403 |
+ child = d_lookup(parent, name); |
1404 |
+ if (child) { |
1405 |
+ if (child->d_inode) |
1406 |
+diff --git a/drivers/staging/lustre/lustre/llite/vvp_io.c b/drivers/staging/lustre/lustre/llite/vvp_io.c |
1407 |
+index 93cbfbb..6096771 100644 |
1408 |
+--- a/drivers/staging/lustre/lustre/llite/vvp_io.c |
1409 |
++++ b/drivers/staging/lustre/lustre/llite/vvp_io.c |
1410 |
+@@ -642,7 +642,7 @@ static int vvp_io_kernel_fault(struct vvp_fault_io *cfio) |
1411 |
+ return 0; |
1412 |
+ } |
1413 |
+ |
1414 |
+- if (cfio->fault.ft_flags & VM_FAULT_SIGBUS) { |
1415 |
++ if (cfio->fault.ft_flags & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV)) { |
1416 |
+ CDEBUG(D_PAGE, "got addr %p - SIGBUS\n", vmf->virtual_address); |
1417 |
+ return -EFAULT; |
1418 |
+ } |
1419 |
+diff --git a/fs/affs/amigaffs.c b/fs/affs/amigaffs.c |
1420 |
+index d9a4367..9cca0ea 100644 |
1421 |
+--- a/fs/affs/amigaffs.c |
1422 |
++++ b/fs/affs/amigaffs.c |
1423 |
+@@ -126,7 +126,7 @@ affs_fix_dcache(struct inode *inode, u32 entry_ino) |
1424 |
+ { |
1425 |
+ struct dentry *dentry; |
1426 |
+ spin_lock(&inode->i_lock); |
1427 |
+- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
1428 |
++ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
1429 |
+ if (entry_ino == (u32)(long)dentry->d_fsdata) { |
1430 |
+ dentry->d_fsdata = (void *)inode->i_ino; |
1431 |
+ break; |
1432 |
+diff --git a/fs/autofs4/expire.c b/fs/autofs4/expire.c |
1433 |
+index 394e90b..edb46e6 100644 |
1434 |
+--- a/fs/autofs4/expire.c |
1435 |
++++ b/fs/autofs4/expire.c |
1436 |
+@@ -91,7 +91,7 @@ static struct dentry *get_next_positive_subdir(struct dentry *prev, |
1437 |
+ spin_lock(&root->d_lock); |
1438 |
+ |
1439 |
+ if (prev) |
1440 |
+- next = prev->d_u.d_child.next; |
1441 |
++ next = prev->d_child.next; |
1442 |
+ else { |
1443 |
+ prev = dget_dlock(root); |
1444 |
+ next = prev->d_subdirs.next; |
1445 |
+@@ -105,13 +105,13 @@ cont: |
1446 |
+ return NULL; |
1447 |
+ } |
1448 |
+ |
1449 |
+- q = list_entry(next, struct dentry, d_u.d_child); |
1450 |
++ q = list_entry(next, struct dentry, d_child); |
1451 |
+ |
1452 |
+ spin_lock_nested(&q->d_lock, DENTRY_D_LOCK_NESTED); |
1453 |
+ /* Already gone or negative dentry (under construction) - try next */ |
1454 |
+ if (!d_count(q) || !simple_positive(q)) { |
1455 |
+ spin_unlock(&q->d_lock); |
1456 |
+- next = q->d_u.d_child.next; |
1457 |
++ next = q->d_child.next; |
1458 |
+ goto cont; |
1459 |
+ } |
1460 |
+ dget_dlock(q); |
1461 |
+@@ -161,13 +161,13 @@ again: |
1462 |
+ goto relock; |
1463 |
+ } |
1464 |
+ spin_unlock(&p->d_lock); |
1465 |
+- next = p->d_u.d_child.next; |
1466 |
++ next = p->d_child.next; |
1467 |
+ p = parent; |
1468 |
+ if (next != &parent->d_subdirs) |
1469 |
+ break; |
1470 |
+ } |
1471 |
+ } |
1472 |
+- ret = list_entry(next, struct dentry, d_u.d_child); |
1473 |
++ ret = list_entry(next, struct dentry, d_child); |
1474 |
+ |
1475 |
+ spin_lock_nested(&ret->d_lock, DENTRY_D_LOCK_NESTED); |
1476 |
+ /* Negative dentry - try next */ |
1477 |
+@@ -461,7 +461,7 @@ found: |
1478 |
+ spin_lock(&sbi->lookup_lock); |
1479 |
+ spin_lock(&expired->d_parent->d_lock); |
1480 |
+ spin_lock_nested(&expired->d_lock, DENTRY_D_LOCK_NESTED); |
1481 |
+- list_move(&expired->d_parent->d_subdirs, &expired->d_u.d_child); |
1482 |
++ list_move(&expired->d_parent->d_subdirs, &expired->d_child); |
1483 |
+ spin_unlock(&expired->d_lock); |
1484 |
+ spin_unlock(&expired->d_parent->d_lock); |
1485 |
+ spin_unlock(&sbi->lookup_lock); |
1486 |
+diff --git a/fs/autofs4/root.c b/fs/autofs4/root.c |
1487 |
+index cc87c1a..9e016e6 100644 |
1488 |
+--- a/fs/autofs4/root.c |
1489 |
++++ b/fs/autofs4/root.c |
1490 |
+@@ -655,7 +655,7 @@ static void autofs_clear_leaf_automount_flags(struct dentry *dentry) |
1491 |
+ /* only consider parents below dentrys in the root */ |
1492 |
+ if (IS_ROOT(parent->d_parent)) |
1493 |
+ return; |
1494 |
+- d_child = &dentry->d_u.d_child; |
1495 |
++ d_child = &dentry->d_child; |
1496 |
+ /* Set parent managed if it's becoming empty */ |
1497 |
+ if (d_child->next == &parent->d_subdirs && |
1498 |
+ d_child->prev == &parent->d_subdirs) |
1499 |
+diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c |
1500 |
+index 5e0982a..18e14cf 100644 |
1501 |
+--- a/fs/ceph/dir.c |
1502 |
++++ b/fs/ceph/dir.c |
1503 |
+@@ -111,7 +111,7 @@ static int fpos_cmp(loff_t l, loff_t r) |
1504 |
+ /* |
1505 |
+ * When possible, we try to satisfy a readdir by peeking at the |
1506 |
+ * dcache. We make this work by carefully ordering dentries on |
1507 |
+- * d_u.d_child when we initially get results back from the MDS, and |
1508 |
++ * d_child when we initially get results back from the MDS, and |
1509 |
+ * falling back to a "normal" sync readdir if any dentries in the dir |
1510 |
+ * are dropped. |
1511 |
+ * |
1512 |
+@@ -146,11 +146,11 @@ static int __dcache_readdir(struct file *file, struct dir_context *ctx) |
1513 |
+ p = parent->d_subdirs.prev; |
1514 |
+ dout(" initial p %p/%p\n", p->prev, p->next); |
1515 |
+ } else { |
1516 |
+- p = last->d_u.d_child.prev; |
1517 |
++ p = last->d_child.prev; |
1518 |
+ } |
1519 |
+ |
1520 |
+ more: |
1521 |
+- dentry = list_entry(p, struct dentry, d_u.d_child); |
1522 |
++ dentry = list_entry(p, struct dentry, d_child); |
1523 |
+ di = ceph_dentry(dentry); |
1524 |
+ while (1) { |
1525 |
+ dout(" p %p/%p %s d_subdirs %p/%p\n", p->prev, p->next, |
1526 |
+@@ -172,7 +172,7 @@ more: |
1527 |
+ !dentry->d_inode ? " null" : ""); |
1528 |
+ spin_unlock(&dentry->d_lock); |
1529 |
+ p = p->prev; |
1530 |
+- dentry = list_entry(p, struct dentry, d_u.d_child); |
1531 |
++ dentry = list_entry(p, struct dentry, d_child); |
1532 |
+ di = ceph_dentry(dentry); |
1533 |
+ } |
1534 |
+ |
1535 |
+diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c |
1536 |
+index 6471f9c..ee24490 100644 |
1537 |
+--- a/fs/ceph/inode.c |
1538 |
++++ b/fs/ceph/inode.c |
1539 |
+@@ -1289,7 +1289,7 @@ retry_lookup: |
1540 |
+ /* reorder parent's d_subdirs */ |
1541 |
+ spin_lock(&parent->d_lock); |
1542 |
+ spin_lock_nested(&dn->d_lock, DENTRY_D_LOCK_NESTED); |
1543 |
+- list_move(&dn->d_u.d_child, &parent->d_subdirs); |
1544 |
++ list_move(&dn->d_child, &parent->d_subdirs); |
1545 |
+ spin_unlock(&dn->d_lock); |
1546 |
+ spin_unlock(&parent->d_lock); |
1547 |
+ } |
1548 |
+diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c |
1549 |
+index f2ddcf7..7ee427e 100644 |
1550 |
+--- a/fs/cifs/inode.c |
1551 |
++++ b/fs/cifs/inode.c |
1552 |
+@@ -883,7 +883,7 @@ inode_has_hashed_dentries(struct inode *inode) |
1553 |
+ struct dentry *dentry; |
1554 |
+ |
1555 |
+ spin_lock(&inode->i_lock); |
1556 |
+- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
1557 |
++ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
1558 |
+ if (!d_unhashed(dentry) || IS_ROOT(dentry)) { |
1559 |
+ spin_unlock(&inode->i_lock); |
1560 |
+ return true; |
1561 |
+diff --git a/fs/coda/cache.c b/fs/coda/cache.c |
1562 |
+index 1da168c..9bc1147 100644 |
1563 |
+--- a/fs/coda/cache.c |
1564 |
++++ b/fs/coda/cache.c |
1565 |
+@@ -92,7 +92,7 @@ static void coda_flag_children(struct dentry *parent, int flag) |
1566 |
+ struct dentry *de; |
1567 |
+ |
1568 |
+ spin_lock(&parent->d_lock); |
1569 |
+- list_for_each_entry(de, &parent->d_subdirs, d_u.d_child) { |
1570 |
++ list_for_each_entry(de, &parent->d_subdirs, d_child) { |
1571 |
+ /* don't know what to do with negative dentries */ |
1572 |
+ if (de->d_inode ) |
1573 |
+ coda_flag_inode(de->d_inode, flag); |
1574 |
+diff --git a/fs/dcache.c b/fs/dcache.c |
1575 |
+index 4366127..c345f5f 100644 |
1576 |
+--- a/fs/dcache.c |
1577 |
++++ b/fs/dcache.c |
1578 |
+@@ -44,7 +44,7 @@ |
1579 |
+ /* |
1580 |
+ * Usage: |
1581 |
+ * dcache->d_inode->i_lock protects: |
1582 |
+- * - i_dentry, d_alias, d_inode of aliases |
1583 |
++ * - i_dentry, d_u.d_alias, d_inode of aliases |
1584 |
+ * dcache_hash_bucket lock protects: |
1585 |
+ * - the dcache hash table |
1586 |
+ * s_anon bl list spinlock protects: |
1587 |
+@@ -59,7 +59,7 @@ |
1588 |
+ * - d_unhashed() |
1589 |
+ * - d_parent and d_subdirs |
1590 |
+ * - childrens' d_child and d_parent |
1591 |
+- * - d_alias, d_inode |
1592 |
++ * - d_u.d_alias, d_inode |
1593 |
+ * |
1594 |
+ * Ordering: |
1595 |
+ * dentry->d_inode->i_lock |
1596 |
+@@ -239,7 +239,6 @@ static void __d_free(struct rcu_head *head) |
1597 |
+ { |
1598 |
+ struct dentry *dentry = container_of(head, struct dentry, d_u.d_rcu); |
1599 |
+ |
1600 |
+- WARN_ON(!hlist_unhashed(&dentry->d_alias)); |
1601 |
+ if (dname_external(dentry)) |
1602 |
+ kfree(dentry->d_name.name); |
1603 |
+ kmem_cache_free(dentry_cache, dentry); |
1604 |
+@@ -250,6 +249,7 @@ static void __d_free(struct rcu_head *head) |
1605 |
+ */ |
1606 |
+ static void d_free(struct dentry *dentry) |
1607 |
+ { |
1608 |
++ WARN_ON(!hlist_unhashed(&dentry->d_u.d_alias)); |
1609 |
+ BUG_ON((int)dentry->d_lockref.count > 0); |
1610 |
+ this_cpu_dec(nr_dentry); |
1611 |
+ if (dentry->d_op && dentry->d_op->d_release) |
1612 |
+@@ -288,7 +288,7 @@ static void dentry_iput(struct dentry * dentry) |
1613 |
+ struct inode *inode = dentry->d_inode; |
1614 |
+ if (inode) { |
1615 |
+ dentry->d_inode = NULL; |
1616 |
+- hlist_del_init(&dentry->d_alias); |
1617 |
++ hlist_del_init(&dentry->d_u.d_alias); |
1618 |
+ spin_unlock(&dentry->d_lock); |
1619 |
+ spin_unlock(&inode->i_lock); |
1620 |
+ if (!inode->i_nlink) |
1621 |
+@@ -313,7 +313,7 @@ static void dentry_unlink_inode(struct dentry * dentry) |
1622 |
+ struct inode *inode = dentry->d_inode; |
1623 |
+ __d_clear_type(dentry); |
1624 |
+ dentry->d_inode = NULL; |
1625 |
+- hlist_del_init(&dentry->d_alias); |
1626 |
++ hlist_del_init(&dentry->d_u.d_alias); |
1627 |
+ dentry_rcuwalk_barrier(dentry); |
1628 |
+ spin_unlock(&dentry->d_lock); |
1629 |
+ spin_unlock(&inode->i_lock); |
1630 |
+@@ -435,7 +435,7 @@ static struct dentry *d_kill(struct dentry *dentry, struct dentry *parent) |
1631 |
+ __releases(parent->d_lock) |
1632 |
+ __releases(dentry->d_inode->i_lock) |
1633 |
+ { |
1634 |
+- list_del(&dentry->d_u.d_child); |
1635 |
++ list_del(&dentry->d_child); |
1636 |
+ /* |
1637 |
+ * Inform d_walk() that we are no longer attached to the |
1638 |
+ * dentry tree |
1639 |
+@@ -737,7 +737,7 @@ static struct dentry *__d_find_alias(struct inode *inode, int want_discon) |
1640 |
+ |
1641 |
+ again: |
1642 |
+ discon_alias = NULL; |
1643 |
+- hlist_for_each_entry(alias, &inode->i_dentry, d_alias) { |
1644 |
++ hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) { |
1645 |
+ spin_lock(&alias->d_lock); |
1646 |
+ if (S_ISDIR(inode->i_mode) || !d_unhashed(alias)) { |
1647 |
+ if (IS_ROOT(alias) && |
1648 |
+@@ -790,7 +790,7 @@ void d_prune_aliases(struct inode *inode) |
1649 |
+ struct dentry *dentry; |
1650 |
+ restart: |
1651 |
+ spin_lock(&inode->i_lock); |
1652 |
+- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
1653 |
++ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
1654 |
+ spin_lock(&dentry->d_lock); |
1655 |
+ if (!dentry->d_lockref.count) { |
1656 |
+ /* |
1657 |
+@@ -1091,7 +1091,7 @@ repeat: |
1658 |
+ resume: |
1659 |
+ while (next != &this_parent->d_subdirs) { |
1660 |
+ struct list_head *tmp = next; |
1661 |
+- struct dentry *dentry = list_entry(tmp, struct dentry, d_u.d_child); |
1662 |
++ struct dentry *dentry = list_entry(tmp, struct dentry, d_child); |
1663 |
+ next = tmp->next; |
1664 |
+ |
1665 |
+ spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); |
1666 |
+@@ -1143,7 +1143,7 @@ resume: |
1667 |
+ goto rename_retry; |
1668 |
+ } |
1669 |
+ rcu_read_unlock(); |
1670 |
+- next = child->d_u.d_child.next; |
1671 |
++ next = child->d_child.next; |
1672 |
+ goto resume; |
1673 |
+ } |
1674 |
+ if (need_seqretry(&rename_lock, seq)) { |
1675 |
+@@ -1524,8 +1524,8 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) |
1676 |
+ INIT_HLIST_BL_NODE(&dentry->d_hash); |
1677 |
+ INIT_LIST_HEAD(&dentry->d_lru); |
1678 |
+ INIT_LIST_HEAD(&dentry->d_subdirs); |
1679 |
+- INIT_HLIST_NODE(&dentry->d_alias); |
1680 |
+- INIT_LIST_HEAD(&dentry->d_u.d_child); |
1681 |
++ INIT_HLIST_NODE(&dentry->d_u.d_alias); |
1682 |
++ INIT_LIST_HEAD(&dentry->d_child); |
1683 |
+ d_set_d_op(dentry, dentry->d_sb->s_d_op); |
1684 |
+ |
1685 |
+ this_cpu_inc(nr_dentry); |
1686 |
+@@ -1555,7 +1555,7 @@ struct dentry *d_alloc(struct dentry * parent, const struct qstr *name) |
1687 |
+ */ |
1688 |
+ __dget_dlock(parent); |
1689 |
+ dentry->d_parent = parent; |
1690 |
+- list_add(&dentry->d_u.d_child, &parent->d_subdirs); |
1691 |
++ list_add(&dentry->d_child, &parent->d_subdirs); |
1692 |
+ spin_unlock(&parent->d_lock); |
1693 |
+ |
1694 |
+ return dentry; |
1695 |
+@@ -1648,7 +1648,7 @@ static void __d_instantiate(struct dentry *dentry, struct inode *inode) |
1696 |
+ spin_lock(&dentry->d_lock); |
1697 |
+ __d_set_type(dentry, add_flags); |
1698 |
+ if (inode) |
1699 |
+- hlist_add_head(&dentry->d_alias, &inode->i_dentry); |
1700 |
++ hlist_add_head(&dentry->d_u.d_alias, &inode->i_dentry); |
1701 |
+ dentry->d_inode = inode; |
1702 |
+ dentry_rcuwalk_barrier(dentry); |
1703 |
+ spin_unlock(&dentry->d_lock); |
1704 |
+@@ -1672,7 +1672,7 @@ static void __d_instantiate(struct dentry *dentry, struct inode *inode) |
1705 |
+ |
1706 |
+ void d_instantiate(struct dentry *entry, struct inode * inode) |
1707 |
+ { |
1708 |
+- BUG_ON(!hlist_unhashed(&entry->d_alias)); |
1709 |
++ BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); |
1710 |
+ if (inode) |
1711 |
+ spin_lock(&inode->i_lock); |
1712 |
+ __d_instantiate(entry, inode); |
1713 |
+@@ -1711,7 +1711,7 @@ static struct dentry *__d_instantiate_unique(struct dentry *entry, |
1714 |
+ return NULL; |
1715 |
+ } |
1716 |
+ |
1717 |
+- hlist_for_each_entry(alias, &inode->i_dentry, d_alias) { |
1718 |
++ hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) { |
1719 |
+ /* |
1720 |
+ * Don't need alias->d_lock here, because aliases with |
1721 |
+ * d_parent == entry->d_parent are not subject to name or |
1722 |
+@@ -1737,7 +1737,7 @@ struct dentry *d_instantiate_unique(struct dentry *entry, struct inode *inode) |
1723 |
+ { |
1724 |
+ struct dentry *result; |
1725 |
+ |
1726 |
+- BUG_ON(!hlist_unhashed(&entry->d_alias)); |
1727 |
++ BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); |
1728 |
+ |
1729 |
+ if (inode) |
1730 |
+ spin_lock(&inode->i_lock); |
1731 |
+@@ -1768,7 +1768,7 @@ EXPORT_SYMBOL(d_instantiate_unique); |
1732 |
+ */ |
1733 |
+ int d_instantiate_no_diralias(struct dentry *entry, struct inode *inode) |
1734 |
+ { |
1735 |
+- BUG_ON(!hlist_unhashed(&entry->d_alias)); |
1736 |
++ BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); |
1737 |
+ |
1738 |
+ spin_lock(&inode->i_lock); |
1739 |
+ if (S_ISDIR(inode->i_mode) && !hlist_empty(&inode->i_dentry)) { |
1740 |
+@@ -1807,7 +1807,7 @@ static struct dentry * __d_find_any_alias(struct inode *inode) |
1741 |
+ |
1742 |
+ if (hlist_empty(&inode->i_dentry)) |
1743 |
+ return NULL; |
1744 |
+- alias = hlist_entry(inode->i_dentry.first, struct dentry, d_alias); |
1745 |
++ alias = hlist_entry(inode->i_dentry.first, struct dentry, d_u.d_alias); |
1746 |
+ __dget(alias); |
1747 |
+ return alias; |
1748 |
+ } |
1749 |
+@@ -1884,7 +1884,7 @@ struct dentry *d_obtain_alias(struct inode *inode) |
1750 |
+ spin_lock(&tmp->d_lock); |
1751 |
+ tmp->d_inode = inode; |
1752 |
+ tmp->d_flags |= add_flags; |
1753 |
+- hlist_add_head(&tmp->d_alias, &inode->i_dentry); |
1754 |
++ hlist_add_head(&tmp->d_u.d_alias, &inode->i_dentry); |
1755 |
+ hlist_bl_lock(&tmp->d_sb->s_anon); |
1756 |
+ hlist_bl_add_head(&tmp->d_hash, &tmp->d_sb->s_anon); |
1757 |
+ hlist_bl_unlock(&tmp->d_sb->s_anon); |
1758 |
+@@ -2327,7 +2327,7 @@ int d_validate(struct dentry *dentry, struct dentry *dparent) |
1759 |
+ struct dentry *child; |
1760 |
+ |
1761 |
+ spin_lock(&dparent->d_lock); |
1762 |
+- list_for_each_entry(child, &dparent->d_subdirs, d_u.d_child) { |
1763 |
++ list_for_each_entry(child, &dparent->d_subdirs, d_child) { |
1764 |
+ if (dentry == child) { |
1765 |
+ spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); |
1766 |
+ __dget_dlock(dentry); |
1767 |
+@@ -2574,8 +2574,8 @@ static void __d_move(struct dentry * dentry, struct dentry * target) |
1768 |
+ /* Unhash the target: dput() will then get rid of it */ |
1769 |
+ __d_drop(target); |
1770 |
+ |
1771 |
+- list_del(&dentry->d_u.d_child); |
1772 |
+- list_del(&target->d_u.d_child); |
1773 |
++ list_del(&dentry->d_child); |
1774 |
++ list_del(&target->d_child); |
1775 |
+ |
1776 |
+ /* Switch the names.. */ |
1777 |
+ switch_names(dentry, target); |
1778 |
+@@ -2585,15 +2585,15 @@ static void __d_move(struct dentry * dentry, struct dentry * target) |
1779 |
+ if (IS_ROOT(dentry)) { |
1780 |
+ dentry->d_parent = target->d_parent; |
1781 |
+ target->d_parent = target; |
1782 |
+- INIT_LIST_HEAD(&target->d_u.d_child); |
1783 |
++ INIT_LIST_HEAD(&target->d_child); |
1784 |
+ } else { |
1785 |
+ swap(dentry->d_parent, target->d_parent); |
1786 |
+ |
1787 |
+ /* And add them back to the (new) parent lists */ |
1788 |
+- list_add(&target->d_u.d_child, &target->d_parent->d_subdirs); |
1789 |
++ list_add(&target->d_child, &target->d_parent->d_subdirs); |
1790 |
+ } |
1791 |
+ |
1792 |
+- list_add(&dentry->d_u.d_child, &dentry->d_parent->d_subdirs); |
1793 |
++ list_add(&dentry->d_child, &dentry->d_parent->d_subdirs); |
1794 |
+ |
1795 |
+ write_seqcount_end(&target->d_seq); |
1796 |
+ write_seqcount_end(&dentry->d_seq); |
1797 |
+@@ -2700,9 +2700,9 @@ static void __d_materialise_dentry(struct dentry *dentry, struct dentry *anon) |
1798 |
+ swap(dentry->d_name.hash, anon->d_name.hash); |
1799 |
+ |
1800 |
+ dentry->d_parent = dentry; |
1801 |
+- list_del_init(&dentry->d_u.d_child); |
1802 |
++ list_del_init(&dentry->d_child); |
1803 |
+ anon->d_parent = dparent; |
1804 |
+- list_move(&anon->d_u.d_child, &dparent->d_subdirs); |
1805 |
++ list_move(&anon->d_child, &dparent->d_subdirs); |
1806 |
+ |
1807 |
+ write_seqcount_end(&dentry->d_seq); |
1808 |
+ write_seqcount_end(&anon->d_seq); |
1809 |
+@@ -3333,7 +3333,7 @@ void d_tmpfile(struct dentry *dentry, struct inode *inode) |
1810 |
+ { |
1811 |
+ inode_dec_link_count(inode); |
1812 |
+ BUG_ON(dentry->d_name.name != dentry->d_iname || |
1813 |
+- !hlist_unhashed(&dentry->d_alias) || |
1814 |
++ !hlist_unhashed(&dentry->d_u.d_alias) || |
1815 |
+ !d_unlinked(dentry)); |
1816 |
+ spin_lock(&dentry->d_parent->d_lock); |
1817 |
+ spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); |
1818 |
+diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c |
1819 |
+index 1ff8fe5..4a9f0e0 100644 |
1820 |
+--- a/fs/debugfs/inode.c |
1821 |
++++ b/fs/debugfs/inode.c |
1822 |
+@@ -552,7 +552,7 @@ void debugfs_remove_recursive(struct dentry *dentry) |
1823 |
+ * use the d_u.d_child as the rcu head and corrupt this list. |
1824 |
+ */ |
1825 |
+ spin_lock(&parent->d_lock); |
1826 |
+- list_for_each_entry(child, &parent->d_subdirs, d_u.d_child) { |
1827 |
++ list_for_each_entry(child, &parent->d_subdirs, d_child) { |
1828 |
+ if (!debugfs_positive(child)) |
1829 |
+ continue; |
1830 |
+ |
1831 |
+diff --git a/fs/exportfs/expfs.c b/fs/exportfs/expfs.c |
1832 |
+index 48a359d..831d4f0 100644 |
1833 |
+--- a/fs/exportfs/expfs.c |
1834 |
++++ b/fs/exportfs/expfs.c |
1835 |
+@@ -50,7 +50,7 @@ find_acceptable_alias(struct dentry *result, |
1836 |
+ |
1837 |
+ inode = result->d_inode; |
1838 |
+ spin_lock(&inode->i_lock); |
1839 |
+- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
1840 |
++ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
1841 |
+ dget(dentry); |
1842 |
+ spin_unlock(&inode->i_lock); |
1843 |
+ if (toput) |
1844 |
+diff --git a/fs/libfs.c b/fs/libfs.c |
1845 |
+index a184424..868c0b7 100644 |
1846 |
+--- a/fs/libfs.c |
1847 |
++++ b/fs/libfs.c |
1848 |
+@@ -113,18 +113,18 @@ loff_t dcache_dir_lseek(struct file *file, loff_t offset, int whence) |
1849 |
+ |
1850 |
+ spin_lock(&dentry->d_lock); |
1851 |
+ /* d_lock not required for cursor */ |
1852 |
+- list_del(&cursor->d_u.d_child); |
1853 |
++ list_del(&cursor->d_child); |
1854 |
+ p = dentry->d_subdirs.next; |
1855 |
+ while (n && p != &dentry->d_subdirs) { |
1856 |
+ struct dentry *next; |
1857 |
+- next = list_entry(p, struct dentry, d_u.d_child); |
1858 |
++ next = list_entry(p, struct dentry, d_child); |
1859 |
+ spin_lock_nested(&next->d_lock, DENTRY_D_LOCK_NESTED); |
1860 |
+ if (simple_positive(next)) |
1861 |
+ n--; |
1862 |
+ spin_unlock(&next->d_lock); |
1863 |
+ p = p->next; |
1864 |
+ } |
1865 |
+- list_add_tail(&cursor->d_u.d_child, p); |
1866 |
++ list_add_tail(&cursor->d_child, p); |
1867 |
+ spin_unlock(&dentry->d_lock); |
1868 |
+ } |
1869 |
+ } |
1870 |
+@@ -149,7 +149,7 @@ int dcache_readdir(struct file *file, struct dir_context *ctx) |
1871 |
+ { |
1872 |
+ struct dentry *dentry = file->f_path.dentry; |
1873 |
+ struct dentry *cursor = file->private_data; |
1874 |
+- struct list_head *p, *q = &cursor->d_u.d_child; |
1875 |
++ struct list_head *p, *q = &cursor->d_child; |
1876 |
+ |
1877 |
+ if (!dir_emit_dots(file, ctx)) |
1878 |
+ return 0; |
1879 |
+@@ -158,7 +158,7 @@ int dcache_readdir(struct file *file, struct dir_context *ctx) |
1880 |
+ list_move(q, &dentry->d_subdirs); |
1881 |
+ |
1882 |
+ for (p = q->next; p != &dentry->d_subdirs; p = p->next) { |
1883 |
+- struct dentry *next = list_entry(p, struct dentry, d_u.d_child); |
1884 |
++ struct dentry *next = list_entry(p, struct dentry, d_child); |
1885 |
+ spin_lock_nested(&next->d_lock, DENTRY_D_LOCK_NESTED); |
1886 |
+ if (!simple_positive(next)) { |
1887 |
+ spin_unlock(&next->d_lock); |
1888 |
+@@ -286,7 +286,7 @@ int simple_empty(struct dentry *dentry) |
1889 |
+ int ret = 0; |
1890 |
+ |
1891 |
+ spin_lock(&dentry->d_lock); |
1892 |
+- list_for_each_entry(child, &dentry->d_subdirs, d_u.d_child) { |
1893 |
++ list_for_each_entry(child, &dentry->d_subdirs, d_child) { |
1894 |
+ spin_lock_nested(&child->d_lock, DENTRY_D_LOCK_NESTED); |
1895 |
+ if (simple_positive(child)) { |
1896 |
+ spin_unlock(&child->d_lock); |
1897 |
+diff --git a/fs/ncpfs/dir.c b/fs/ncpfs/dir.c |
1898 |
+index c320ac5..dc9747d 100644 |
1899 |
+--- a/fs/ncpfs/dir.c |
1900 |
++++ b/fs/ncpfs/dir.c |
1901 |
+@@ -406,7 +406,7 @@ ncp_dget_fpos(struct dentry *dentry, struct dentry *parent, unsigned long fpos) |
1902 |
+ spin_lock(&parent->d_lock); |
1903 |
+ next = parent->d_subdirs.next; |
1904 |
+ while (next != &parent->d_subdirs) { |
1905 |
+- dent = list_entry(next, struct dentry, d_u.d_child); |
1906 |
++ dent = list_entry(next, struct dentry, d_child); |
1907 |
+ if ((unsigned long)dent->d_fsdata == fpos) { |
1908 |
+ if (dent->d_inode) |
1909 |
+ dget(dent); |
1910 |
+diff --git a/fs/ncpfs/ncplib_kernel.h b/fs/ncpfs/ncplib_kernel.h |
1911 |
+index 32c0658..6d5e7c5 100644 |
1912 |
+--- a/fs/ncpfs/ncplib_kernel.h |
1913 |
++++ b/fs/ncpfs/ncplib_kernel.h |
1914 |
+@@ -194,7 +194,7 @@ ncp_renew_dentries(struct dentry *parent) |
1915 |
+ spin_lock(&parent->d_lock); |
1916 |
+ next = parent->d_subdirs.next; |
1917 |
+ while (next != &parent->d_subdirs) { |
1918 |
+- dentry = list_entry(next, struct dentry, d_u.d_child); |
1919 |
++ dentry = list_entry(next, struct dentry, d_child); |
1920 |
+ |
1921 |
+ if (dentry->d_fsdata == NULL) |
1922 |
+ ncp_age_dentry(server, dentry); |
1923 |
+@@ -216,7 +216,7 @@ ncp_invalidate_dircache_entries(struct dentry *parent) |
1924 |
+ spin_lock(&parent->d_lock); |
1925 |
+ next = parent->d_subdirs.next; |
1926 |
+ while (next != &parent->d_subdirs) { |
1927 |
+- dentry = list_entry(next, struct dentry, d_u.d_child); |
1928 |
++ dentry = list_entry(next, struct dentry, d_child); |
1929 |
+ dentry->d_fsdata = NULL; |
1930 |
+ ncp_age_dentry(server, dentry); |
1931 |
+ next = next->next; |
1932 |
+diff --git a/fs/nfs/getroot.c b/fs/nfs/getroot.c |
1933 |
+index 66984a9..5b8ab0e 100644 |
1934 |
+--- a/fs/nfs/getroot.c |
1935 |
++++ b/fs/nfs/getroot.c |
1936 |
+@@ -58,7 +58,7 @@ static int nfs_superblock_set_dummy_root(struct super_block *sb, struct inode *i |
1937 |
+ */ |
1938 |
+ spin_lock(&sb->s_root->d_inode->i_lock); |
1939 |
+ spin_lock(&sb->s_root->d_lock); |
1940 |
+- hlist_del_init(&sb->s_root->d_alias); |
1941 |
++ hlist_del_init(&sb->s_root->d_u.d_alias); |
1942 |
+ spin_unlock(&sb->s_root->d_lock); |
1943 |
+ spin_unlock(&sb->s_root->d_inode->i_lock); |
1944 |
+ } |
1945 |
+diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c |
1946 |
+index 9d3e9c5..7001299 100644 |
1947 |
+--- a/fs/notify/fsnotify.c |
1948 |
++++ b/fs/notify/fsnotify.c |
1949 |
+@@ -63,14 +63,14 @@ void __fsnotify_update_child_dentry_flags(struct inode *inode) |
1950 |
+ spin_lock(&inode->i_lock); |
1951 |
+ /* run all of the dentries associated with this inode. Since this is a |
1952 |
+ * directory, there damn well better only be one item on this list */ |
1953 |
+- hlist_for_each_entry(alias, &inode->i_dentry, d_alias) { |
1954 |
++ hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) { |
1955 |
+ struct dentry *child; |
1956 |
+ |
1957 |
+ /* run all of the children of the original inode and fix their |
1958 |
+ * d_flags to indicate parental interest (their parent is the |
1959 |
+ * original inode) */ |
1960 |
+ spin_lock(&alias->d_lock); |
1961 |
+- list_for_each_entry(child, &alias->d_subdirs, d_u.d_child) { |
1962 |
++ list_for_each_entry(child, &alias->d_subdirs, d_child) { |
1963 |
+ if (!child->d_inode) |
1964 |
+ continue; |
1965 |
+ |
1966 |
+diff --git a/fs/ocfs2/dcache.c b/fs/ocfs2/dcache.c |
1967 |
+index 0d3a97d..1167485 100644 |
1968 |
+--- a/fs/ocfs2/dcache.c |
1969 |
++++ b/fs/ocfs2/dcache.c |
1970 |
+@@ -173,7 +173,7 @@ struct dentry *ocfs2_find_local_alias(struct inode *inode, |
1971 |
+ struct dentry *dentry; |
1972 |
+ |
1973 |
+ spin_lock(&inode->i_lock); |
1974 |
+- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
1975 |
++ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
1976 |
+ spin_lock(&dentry->d_lock); |
1977 |
+ if (ocfs2_match_dentry(dentry, parent_blkno, skip_unhashed)) { |
1978 |
+ trace_ocfs2_find_local_alias(dentry->d_name.len, |
1979 |
+diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c |
1980 |
+index c254671..eaa7374 100644 |
1981 |
+--- a/fs/proc/task_mmu.c |
1982 |
++++ b/fs/proc/task_mmu.c |
1983 |
+@@ -993,9 +993,8 @@ static int pagemap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
1984 |
+ struct vm_area_struct *vma; |
1985 |
+ struct pagemapread *pm = walk->private; |
1986 |
+ spinlock_t *ptl; |
1987 |
+- pte_t *pte; |
1988 |
++ pte_t *pte, *orig_pte; |
1989 |
+ int err = 0; |
1990 |
+- pagemap_entry_t pme = make_pme(PM_NOT_PRESENT(pm->v2)); |
1991 |
+ |
1992 |
+ /* find the first VMA at or above 'addr' */ |
1993 |
+ vma = find_vma(walk->mm, addr); |
1994 |
+@@ -1009,6 +1008,7 @@ static int pagemap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
1995 |
+ |
1996 |
+ for (; addr != end; addr += PAGE_SIZE) { |
1997 |
+ unsigned long offset; |
1998 |
++ pagemap_entry_t pme; |
1999 |
+ |
2000 |
+ offset = (addr & ~PAGEMAP_WALK_MASK) >> |
2001 |
+ PAGE_SHIFT; |
2002 |
+@@ -1023,32 +1023,55 @@ static int pagemap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
2003 |
+ |
2004 |
+ if (pmd_trans_unstable(pmd)) |
2005 |
+ return 0; |
2006 |
+- for (; addr != end; addr += PAGE_SIZE) { |
2007 |
+- int flags2; |
2008 |
+- |
2009 |
+- /* check to see if we've left 'vma' behind |
2010 |
+- * and need a new, higher one */ |
2011 |
+- if (vma && (addr >= vma->vm_end)) { |
2012 |
+- vma = find_vma(walk->mm, addr); |
2013 |
+- if (vma && (vma->vm_flags & VM_SOFTDIRTY)) |
2014 |
+- flags2 = __PM_SOFT_DIRTY; |
2015 |
+- else |
2016 |
+- flags2 = 0; |
2017 |
+- pme = make_pme(PM_NOT_PRESENT(pm->v2) | PM_STATUS2(pm->v2, flags2)); |
2018 |
++ |
2019 |
++ while (1) { |
2020 |
++ /* End of address space hole, which we mark as non-present. */ |
2021 |
++ unsigned long hole_end; |
2022 |
++ |
2023 |
++ if (vma) |
2024 |
++ hole_end = min(end, vma->vm_start); |
2025 |
++ else |
2026 |
++ hole_end = end; |
2027 |
++ |
2028 |
++ for (; addr < hole_end; addr += PAGE_SIZE) { |
2029 |
++ pagemap_entry_t pme = make_pme(PM_NOT_PRESENT(pm->v2)); |
2030 |
++ |
2031 |
++ err = add_to_pagemap(addr, &pme, pm); |
2032 |
++ if (err) |
2033 |
++ return err; |
2034 |
+ } |
2035 |
+ |
2036 |
+- /* check that 'vma' actually covers this address, |
2037 |
+- * and that it isn't a huge page vma */ |
2038 |
+- if (vma && (vma->vm_start <= addr) && |
2039 |
+- !is_vm_hugetlb_page(vma)) { |
2040 |
+- pte = pte_offset_map(pmd, addr); |
2041 |
++ if (!vma || vma->vm_start >= end) |
2042 |
++ break; |
2043 |
++ /* |
2044 |
++ * We can't possibly be in a hugetlb VMA. In general, |
2045 |
++ * for a mm_walk with a pmd_entry and a hugetlb_entry, |
2046 |
++ * the pmd_entry can only be called on addresses in a |
2047 |
++ * hugetlb if the walk starts in a non-hugetlb VMA and |
2048 |
++ * spans a hugepage VMA. Since pagemap_read walks are |
2049 |
++ * PMD-sized and PMD-aligned, this will never be true. |
2050 |
++ */ |
2051 |
++ BUG_ON(is_vm_hugetlb_page(vma)); |
2052 |
++ |
2053 |
++ /* Addresses in the VMA. */ |
2054 |
++ orig_pte = pte = pte_offset_map_lock(walk->mm, pmd, addr, &ptl); |
2055 |
++ for (; addr < min(end, vma->vm_end); pte++, addr += PAGE_SIZE) { |
2056 |
++ pagemap_entry_t pme; |
2057 |
++ |
2058 |
+ pte_to_pagemap_entry(&pme, pm, vma, addr, *pte); |
2059 |
+- /* unmap before userspace copy */ |
2060 |
+- pte_unmap(pte); |
2061 |
++ err = add_to_pagemap(addr, &pme, pm); |
2062 |
++ if (err) |
2063 |
++ break; |
2064 |
+ } |
2065 |
+- err = add_to_pagemap(addr, &pme, pm); |
2066 |
++ pte_unmap_unlock(orig_pte, ptl); |
2067 |
++ |
2068 |
+ if (err) |
2069 |
+ return err; |
2070 |
++ |
2071 |
++ if (addr == end) |
2072 |
++ break; |
2073 |
++ |
2074 |
++ vma = find_vma(walk->mm, addr); |
2075 |
+ } |
2076 |
+ |
2077 |
+ cond_resched(); |
2078 |
+diff --git a/include/linux/dcache.h b/include/linux/dcache.h |
2079 |
+index 3b50cac..0f0eb1c 100644 |
2080 |
+--- a/include/linux/dcache.h |
2081 |
++++ b/include/linux/dcache.h |
2082 |
+@@ -124,15 +124,15 @@ struct dentry { |
2083 |
+ void *d_fsdata; /* fs-specific data */ |
2084 |
+ |
2085 |
+ struct list_head d_lru; /* LRU list */ |
2086 |
++ struct list_head d_child; /* child of parent list */ |
2087 |
++ struct list_head d_subdirs; /* our children */ |
2088 |
+ /* |
2089 |
+- * d_child and d_rcu can share memory |
2090 |
++ * d_alias and d_rcu can share memory |
2091 |
+ */ |
2092 |
+ union { |
2093 |
+- struct list_head d_child; /* child of parent list */ |
2094 |
++ struct hlist_node d_alias; /* inode alias list */ |
2095 |
+ struct rcu_head d_rcu; |
2096 |
+ } d_u; |
2097 |
+- struct list_head d_subdirs; /* our children */ |
2098 |
+- struct hlist_node d_alias; /* inode alias list */ |
2099 |
+ }; |
2100 |
+ |
2101 |
+ /* |
2102 |
+diff --git a/include/linux/mm.h b/include/linux/mm.h |
2103 |
+index 46b8ab5..a7b311d 100644 |
2104 |
+--- a/include/linux/mm.h |
2105 |
++++ b/include/linux/mm.h |
2106 |
+@@ -1009,6 +1009,7 @@ static inline int page_mapped(struct page *page) |
2107 |
+ #define VM_FAULT_WRITE 0x0008 /* Special case for get_user_pages */ |
2108 |
+ #define VM_FAULT_HWPOISON 0x0010 /* Hit poisoned small page */ |
2109 |
+ #define VM_FAULT_HWPOISON_LARGE 0x0020 /* Hit poisoned large page. Index encoded in upper bits */ |
2110 |
++#define VM_FAULT_SIGSEGV 0x0040 |
2111 |
+ |
2112 |
+ #define VM_FAULT_NOPAGE 0x0100 /* ->fault installed the pte, not return page */ |
2113 |
+ #define VM_FAULT_LOCKED 0x0200 /* ->fault locked the returned page */ |
2114 |
+@@ -1017,8 +1018,9 @@ static inline int page_mapped(struct page *page) |
2115 |
+ |
2116 |
+ #define VM_FAULT_HWPOISON_LARGE_MASK 0xf000 /* encodes hpage index for large hwpoison */ |
2117 |
+ |
2118 |
+-#define VM_FAULT_ERROR (VM_FAULT_OOM | VM_FAULT_SIGBUS | VM_FAULT_HWPOISON | \ |
2119 |
+- VM_FAULT_FALLBACK | VM_FAULT_HWPOISON_LARGE) |
2120 |
++#define VM_FAULT_ERROR (VM_FAULT_OOM | VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV | \ |
2121 |
++ VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE | \ |
2122 |
++ VM_FAULT_FALLBACK) |
2123 |
+ |
2124 |
+ /* Encode hstate index for a hwpoisoned large page */ |
2125 |
+ #define VM_FAULT_SET_HINDEX(x) ((x) << 12) |
2126 |
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
2127 |
+index 911718f..bf46cc8 100644 |
2128 |
+--- a/include/linux/netdevice.h |
2129 |
++++ b/include/linux/netdevice.h |
2130 |
+@@ -1880,6 +1880,12 @@ void netdev_freemem(struct net_device *dev); |
2131 |
+ void synchronize_net(void); |
2132 |
+ int init_dummy_netdev(struct net_device *dev); |
2133 |
+ |
2134 |
++DECLARE_PER_CPU(int, xmit_recursion); |
2135 |
++static inline int dev_recursion_level(void) |
2136 |
++{ |
2137 |
++ return this_cpu_read(xmit_recursion); |
2138 |
++} |
2139 |
++ |
2140 |
+ struct net_device *dev_get_by_index(struct net *net, int ifindex); |
2141 |
+ struct net_device *__dev_get_by_index(struct net *net, int ifindex); |
2142 |
+ struct net_device *dev_get_by_index_rcu(struct net *net, int ifindex); |
2143 |
+diff --git a/include/linux/sched.h b/include/linux/sched.h |
2144 |
+index 218b058..91fe6a3 100644 |
2145 |
+--- a/include/linux/sched.h |
2146 |
++++ b/include/linux/sched.h |
2147 |
+@@ -1695,7 +1695,7 @@ static inline pid_t task_tgid_vnr(struct task_struct *tsk) |
2148 |
+ } |
2149 |
+ |
2150 |
+ |
2151 |
+-static int pid_alive(const struct task_struct *p); |
2152 |
++static inline int pid_alive(const struct task_struct *p); |
2153 |
+ static inline pid_t task_ppid_nr_ns(const struct task_struct *tsk, struct pid_namespace *ns) |
2154 |
+ { |
2155 |
+ pid_t pid = 0; |
2156 |
+diff --git a/include/net/ip.h b/include/net/ip.h |
2157 |
+index 3446cdd..5128fa7 100644 |
2158 |
+--- a/include/net/ip.h |
2159 |
++++ b/include/net/ip.h |
2160 |
+@@ -407,22 +407,6 @@ static __inline__ void inet_reset_saddr(struct sock *sk) |
2161 |
+ |
2162 |
+ #endif |
2163 |
+ |
2164 |
+-static inline int sk_mc_loop(struct sock *sk) |
2165 |
+-{ |
2166 |
+- if (!sk) |
2167 |
+- return 1; |
2168 |
+- switch (sk->sk_family) { |
2169 |
+- case AF_INET: |
2170 |
+- return inet_sk(sk)->mc_loop; |
2171 |
+-#if IS_ENABLED(CONFIG_IPV6) |
2172 |
+- case AF_INET6: |
2173 |
+- return inet6_sk(sk)->mc_loop; |
2174 |
+-#endif |
2175 |
+- } |
2176 |
+- WARN_ON(1); |
2177 |
+- return 1; |
2178 |
+-} |
2179 |
+- |
2180 |
+ bool ip_call_ra_chain(struct sk_buff *skb); |
2181 |
+ |
2182 |
+ /* |
2183 |
+diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h |
2184 |
+index 2e74c6c..ee2d53a 100644 |
2185 |
+--- a/include/net/ip6_route.h |
2186 |
++++ b/include/net/ip6_route.h |
2187 |
+@@ -168,7 +168,8 @@ int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); |
2188 |
+ |
2189 |
+ static inline int ip6_skb_dst_mtu(struct sk_buff *skb) |
2190 |
+ { |
2191 |
+- struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL; |
2192 |
++ struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ? |
2193 |
++ inet6_sk(skb->sk) : NULL; |
2194 |
+ |
2195 |
+ return (np && np->pmtudisc >= IPV6_PMTUDISC_PROBE) ? |
2196 |
+ skb_dst(skb)->dev->mtu : dst_mtu(skb_dst(skb)); |
2197 |
+diff --git a/include/net/sock.h b/include/net/sock.h |
2198 |
+index f66b2b1..0c79a74 100644 |
2199 |
+--- a/include/net/sock.h |
2200 |
++++ b/include/net/sock.h |
2201 |
+@@ -1815,6 +1815,8 @@ struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie); |
2202 |
+ |
2203 |
+ struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie); |
2204 |
+ |
2205 |
++bool sk_mc_loop(struct sock *sk); |
2206 |
++ |
2207 |
+ static inline bool sk_can_gso(const struct sock *sk) |
2208 |
+ { |
2209 |
+ return net_gso_ok(sk->sk_route_caps, sk->sk_gso_type); |
2210 |
+diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
2211 |
+index 550e205..18711f3 100644 |
2212 |
+--- a/kernel/cgroup.c |
2213 |
++++ b/kernel/cgroup.c |
2214 |
+@@ -971,7 +971,7 @@ static void cgroup_d_remove_dir(struct dentry *dentry) |
2215 |
+ parent = dentry->d_parent; |
2216 |
+ spin_lock(&parent->d_lock); |
2217 |
+ spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); |
2218 |
+- list_del_init(&dentry->d_u.d_child); |
2219 |
++ list_del_init(&dentry->d_child); |
2220 |
+ spin_unlock(&dentry->d_lock); |
2221 |
+ spin_unlock(&parent->d_lock); |
2222 |
+ remove_dir(dentry); |
2223 |
+diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c |
2224 |
+index 813b021..a2d62b3 100644 |
2225 |
+--- a/kernel/trace/trace.c |
2226 |
++++ b/kernel/trace/trace.c |
2227 |
+@@ -6158,7 +6158,7 @@ static int instance_mkdir (struct inode *inode, struct dentry *dentry, umode_t m |
2228 |
+ int ret; |
2229 |
+ |
2230 |
+ /* Paranoid: Make sure the parent is the "instances" directory */ |
2231 |
+- parent = hlist_entry(inode->i_dentry.first, struct dentry, d_alias); |
2232 |
++ parent = hlist_entry(inode->i_dentry.first, struct dentry, d_u.d_alias); |
2233 |
+ if (WARN_ON_ONCE(parent != trace_instance_dir)) |
2234 |
+ return -ENOENT; |
2235 |
+ |
2236 |
+@@ -6185,7 +6185,7 @@ static int instance_rmdir(struct inode *inode, struct dentry *dentry) |
2237 |
+ int ret; |
2238 |
+ |
2239 |
+ /* Paranoid: Make sure the parent is the "instances" directory */ |
2240 |
+- parent = hlist_entry(inode->i_dentry.first, struct dentry, d_alias); |
2241 |
++ parent = hlist_entry(inode->i_dentry.first, struct dentry, d_u.d_alias); |
2242 |
+ if (WARN_ON_ONCE(parent != trace_instance_dir)) |
2243 |
+ return -ENOENT; |
2244 |
+ |
2245 |
+diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c |
2246 |
+index e4c4efc..c6646a5 100644 |
2247 |
+--- a/kernel/trace/trace_events.c |
2248 |
++++ b/kernel/trace/trace_events.c |
2249 |
+@@ -428,7 +428,7 @@ static void remove_event_file_dir(struct ftrace_event_file *file) |
2250 |
+ |
2251 |
+ if (dir) { |
2252 |
+ spin_lock(&dir->d_lock); /* probably unneeded */ |
2253 |
+- list_for_each_entry(child, &dir->d_subdirs, d_u.d_child) { |
2254 |
++ list_for_each_entry(child, &dir->d_subdirs, d_child) { |
2255 |
+ if (child->d_inode) /* probably unneeded */ |
2256 |
+ child->d_inode->i_private = NULL; |
2257 |
+ } |
2258 |
+diff --git a/mm/ksm.c b/mm/ksm.c |
2259 |
+index 68710e8..5e706e3 100644 |
2260 |
+--- a/mm/ksm.c |
2261 |
++++ b/mm/ksm.c |
2262 |
+@@ -376,7 +376,7 @@ static int break_ksm(struct vm_area_struct *vma, unsigned long addr) |
2263 |
+ else |
2264 |
+ ret = VM_FAULT_WRITE; |
2265 |
+ put_page(page); |
2266 |
+- } while (!(ret & (VM_FAULT_WRITE | VM_FAULT_SIGBUS | VM_FAULT_OOM))); |
2267 |
++ } while (!(ret & (VM_FAULT_WRITE | VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV | VM_FAULT_OOM))); |
2268 |
+ /* |
2269 |
+ * We must loop because handle_mm_fault() may back out if there's |
2270 |
+ * any difficulty e.g. if pte accessed bit gets updated concurrently. |
2271 |
+diff --git a/mm/memory-failure.c b/mm/memory-failure.c |
2272 |
+index a98c7fc..ffc7bf0 100644 |
2273 |
+--- a/mm/memory-failure.c |
2274 |
++++ b/mm/memory-failure.c |
2275 |
+@@ -1645,8 +1645,6 @@ static int __soft_offline_page(struct page *page, int flags) |
2276 |
+ * setting PG_hwpoison. |
2277 |
+ */ |
2278 |
+ if (!is_free_buddy_page(page)) |
2279 |
+- lru_add_drain_all(); |
2280 |
+- if (!is_free_buddy_page(page)) |
2281 |
+ drain_all_pages(); |
2282 |
+ SetPageHWPoison(page); |
2283 |
+ if (!is_free_buddy_page(page)) |
2284 |
+diff --git a/mm/memory.c b/mm/memory.c |
2285 |
+index 102af09..749e1c6 100644 |
2286 |
+--- a/mm/memory.c |
2287 |
++++ b/mm/memory.c |
2288 |
+@@ -1836,7 +1836,8 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
2289 |
+ else |
2290 |
+ return -EFAULT; |
2291 |
+ } |
2292 |
+- if (ret & VM_FAULT_SIGBUS) |
2293 |
++ if (ret & (VM_FAULT_SIGBUS | |
2294 |
++ VM_FAULT_SIGSEGV)) |
2295 |
+ return i ? i : -EFAULT; |
2296 |
+ BUG(); |
2297 |
+ } |
2298 |
+@@ -1946,7 +1947,7 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm, |
2299 |
+ return -ENOMEM; |
2300 |
+ if (ret & (VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE)) |
2301 |
+ return -EHWPOISON; |
2302 |
+- if (ret & VM_FAULT_SIGBUS) |
2303 |
++ if (ret & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV)) |
2304 |
+ return -EFAULT; |
2305 |
+ BUG(); |
2306 |
+ } |
2307 |
+@@ -3235,7 +3236,7 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
2308 |
+ |
2309 |
+ /* Check if we need to add a guard page to the stack */ |
2310 |
+ if (check_stack_guard_page(vma, address) < 0) |
2311 |
+- return VM_FAULT_SIGBUS; |
2312 |
++ return VM_FAULT_SIGSEGV; |
2313 |
+ |
2314 |
+ /* Use the zero-page for reads */ |
2315 |
+ if (!(flags & FAULT_FLAG_WRITE)) { |
2316 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
2317 |
+index f6d8d7f..73abbd7 100644 |
2318 |
+--- a/net/core/dev.c |
2319 |
++++ b/net/core/dev.c |
2320 |
+@@ -2775,7 +2775,9 @@ static void skb_update_prio(struct sk_buff *skb) |
2321 |
+ #define skb_update_prio(skb) |
2322 |
+ #endif |
2323 |
+ |
2324 |
+-static DEFINE_PER_CPU(int, xmit_recursion); |
2325 |
++DEFINE_PER_CPU(int, xmit_recursion); |
2326 |
++EXPORT_SYMBOL(xmit_recursion); |
2327 |
++ |
2328 |
+ #define RECURSION_LIMIT 10 |
2329 |
+ |
2330 |
+ /** |
2331 |
+diff --git a/net/core/sock.c b/net/core/sock.c |
2332 |
+index c806956..650dd58 100644 |
2333 |
+--- a/net/core/sock.c |
2334 |
++++ b/net/core/sock.c |
2335 |
+@@ -659,6 +659,25 @@ static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool) |
2336 |
+ sock_reset_flag(sk, bit); |
2337 |
+ } |
2338 |
+ |
2339 |
++bool sk_mc_loop(struct sock *sk) |
2340 |
++{ |
2341 |
++ if (dev_recursion_level()) |
2342 |
++ return false; |
2343 |
++ if (!sk) |
2344 |
++ return true; |
2345 |
++ switch (sk->sk_family) { |
2346 |
++ case AF_INET: |
2347 |
++ return inet_sk(sk)->mc_loop; |
2348 |
++#if IS_ENABLED(CONFIG_IPV6) |
2349 |
++ case AF_INET6: |
2350 |
++ return inet6_sk(sk)->mc_loop; |
2351 |
++#endif |
2352 |
++ } |
2353 |
++ WARN_ON(1); |
2354 |
++ return true; |
2355 |
++} |
2356 |
++EXPORT_SYMBOL(sk_mc_loop); |
2357 |
++ |
2358 |
+ /* |
2359 |
+ * This is meant for all protocols to use and covers goings on |
2360 |
+ * at the socket level. Everything here is generic. |
2361 |
+diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
2362 |
+index 2291791..9fbd69e 100644 |
2363 |
+--- a/net/ipv4/tcp_input.c |
2364 |
++++ b/net/ipv4/tcp_input.c |
2365 |
+@@ -3064,10 +3064,11 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, |
2366 |
+ if (seq_rtt < 0) { |
2367 |
+ seq_rtt = ca_seq_rtt; |
2368 |
+ } |
2369 |
+- if (!(sacked & TCPCB_SACKED_ACKED)) |
2370 |
++ if (!(sacked & TCPCB_SACKED_ACKED)) { |
2371 |
+ reord = min(pkts_acked, reord); |
2372 |
+- if (!after(scb->end_seq, tp->high_seq)) |
2373 |
+- flag |= FLAG_ORIG_SACK_ACKED; |
2374 |
++ if (!after(scb->end_seq, tp->high_seq)) |
2375 |
++ flag |= FLAG_ORIG_SACK_ACKED; |
2376 |
++ } |
2377 |
+ } |
2378 |
+ |
2379 |
+ if (sacked & TCPCB_SACKED_ACKED) |
2380 |
+diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
2381 |
+index b7effad..e2f8bd0 100644 |
2382 |
+--- a/net/ipv4/tcp_ipv4.c |
2383 |
++++ b/net/ipv4/tcp_ipv4.c |
2384 |
+@@ -1875,7 +1875,7 @@ void tcp_v4_early_demux(struct sk_buff *skb) |
2385 |
+ skb->sk = sk; |
2386 |
+ skb->destructor = sock_edemux; |
2387 |
+ if (sk->sk_state != TCP_TIME_WAIT) { |
2388 |
+- struct dst_entry *dst = sk->sk_rx_dst; |
2389 |
++ struct dst_entry *dst = ACCESS_ONCE(sk->sk_rx_dst); |
2390 |
+ |
2391 |
+ if (dst) |
2392 |
+ dst = dst_check(dst, 0); |
2393 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
2394 |
+index 96f64e5..8c70c73 100644 |
2395 |
+--- a/net/ipv4/tcp_output.c |
2396 |
++++ b/net/ipv4/tcp_output.c |
2397 |
+@@ -2796,6 +2796,8 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, |
2398 |
+ } |
2399 |
+ #endif |
2400 |
+ |
2401 |
++ /* Do not fool tcpdump (if any), clean our debris */ |
2402 |
++ skb->tstamp.tv64 = 0; |
2403 |
+ return skb; |
2404 |
+ } |
2405 |
+ EXPORT_SYMBOL(tcp_make_synack); |
2406 |
+diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c |
2407 |
+index d7907ec..066d0b0 100644 |
2408 |
+--- a/net/ipv6/ip6_output.c |
2409 |
++++ b/net/ipv6/ip6_output.c |
2410 |
+@@ -555,7 +555,8 @@ int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)) |
2411 |
+ { |
2412 |
+ struct sk_buff *frag; |
2413 |
+ struct rt6_info *rt = (struct rt6_info*)skb_dst(skb); |
2414 |
+- struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL; |
2415 |
++ struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ? |
2416 |
++ inet6_sk(skb->sk) : NULL; |
2417 |
+ struct ipv6hdr *tmp_hdr; |
2418 |
+ struct frag_hdr *fh; |
2419 |
+ unsigned int mtu, hlen, left, len; |
2420 |
+diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c |
2421 |
+index 09a22f4..bcd6518 100644 |
2422 |
+--- a/net/ipv6/ndisc.c |
2423 |
++++ b/net/ipv6/ndisc.c |
2424 |
+@@ -1193,7 +1193,14 @@ static void ndisc_router_discovery(struct sk_buff *skb) |
2425 |
+ if (rt) |
2426 |
+ rt6_set_expires(rt, jiffies + (HZ * lifetime)); |
2427 |
+ if (ra_msg->icmph.icmp6_hop_limit) { |
2428 |
+- in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; |
2429 |
++ /* Only set hop_limit on the interface if it is higher than |
2430 |
++ * the current hop_limit. |
2431 |
++ */ |
2432 |
++ if (in6_dev->cnf.hop_limit < ra_msg->icmph.icmp6_hop_limit) { |
2433 |
++ in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; |
2434 |
++ } else { |
2435 |
++ ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than current\n"); |
2436 |
++ } |
2437 |
+ if (rt) |
2438 |
+ dst_metric_set(&rt->dst, RTAX_HOPLIMIT, |
2439 |
+ ra_msg->icmph.icmp6_hop_limit); |
2440 |
+diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
2441 |
+index a4f890d..9d4332d 100644 |
2442 |
+--- a/net/ipv6/tcp_ipv6.c |
2443 |
++++ b/net/ipv6/tcp_ipv6.c |
2444 |
+@@ -1633,7 +1633,7 @@ static void tcp_v6_early_demux(struct sk_buff *skb) |
2445 |
+ skb->sk = sk; |
2446 |
+ skb->destructor = sock_edemux; |
2447 |
+ if (sk->sk_state != TCP_TIME_WAIT) { |
2448 |
+- struct dst_entry *dst = sk->sk_rx_dst; |
2449 |
++ struct dst_entry *dst = ACCESS_ONCE(sk->sk_rx_dst); |
2450 |
+ |
2451 |
+ if (dst) |
2452 |
+ dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie); |
2453 |
+diff --git a/net/netfilter/nf_conntrack_proto_generic.c b/net/netfilter/nf_conntrack_proto_generic.c |
2454 |
+index d25f293..957c1db 100644 |
2455 |
+--- a/net/netfilter/nf_conntrack_proto_generic.c |
2456 |
++++ b/net/netfilter/nf_conntrack_proto_generic.c |
2457 |
+@@ -14,6 +14,30 @@ |
2458 |
+ |
2459 |
+ static unsigned int nf_ct_generic_timeout __read_mostly = 600*HZ; |
2460 |
+ |
2461 |
++static bool nf_generic_should_process(u8 proto) |
2462 |
++{ |
2463 |
++ switch (proto) { |
2464 |
++#ifdef CONFIG_NF_CT_PROTO_SCTP_MODULE |
2465 |
++ case IPPROTO_SCTP: |
2466 |
++ return false; |
2467 |
++#endif |
2468 |
++#ifdef CONFIG_NF_CT_PROTO_DCCP_MODULE |
2469 |
++ case IPPROTO_DCCP: |
2470 |
++ return false; |
2471 |
++#endif |
2472 |
++#ifdef CONFIG_NF_CT_PROTO_GRE_MODULE |
2473 |
++ case IPPROTO_GRE: |
2474 |
++ return false; |
2475 |
++#endif |
2476 |
++#ifdef CONFIG_NF_CT_PROTO_UDPLITE_MODULE |
2477 |
++ case IPPROTO_UDPLITE: |
2478 |
++ return false; |
2479 |
++#endif |
2480 |
++ default: |
2481 |
++ return true; |
2482 |
++ } |
2483 |
++} |
2484 |
++ |
2485 |
+ static inline struct nf_generic_net *generic_pernet(struct net *net) |
2486 |
+ { |
2487 |
+ return &net->ct.nf_ct_proto.generic; |
2488 |
+@@ -67,7 +91,7 @@ static int generic_packet(struct nf_conn *ct, |
2489 |
+ static bool generic_new(struct nf_conn *ct, const struct sk_buff *skb, |
2490 |
+ unsigned int dataoff, unsigned int *timeouts) |
2491 |
+ { |
2492 |
+- return true; |
2493 |
++ return nf_generic_should_process(nf_ct_protonum(ct)); |
2494 |
+ } |
2495 |
+ |
2496 |
+ #if IS_ENABLED(CONFIG_NF_CT_NETLINK_TIMEOUT) |
2497 |
+diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c |
2498 |
+index 6c4cbd9..fc68bf6 100644 |
2499 |
+--- a/security/selinux/selinuxfs.c |
2500 |
++++ b/security/selinux/selinuxfs.c |
2501 |
+@@ -1200,7 +1200,7 @@ static void sel_remove_entries(struct dentry *de) |
2502 |
+ spin_lock(&de->d_lock); |
2503 |
+ node = de->d_subdirs.next; |
2504 |
+ while (node != &de->d_subdirs) { |
2505 |
+- struct dentry *d = list_entry(node, struct dentry, d_u.d_child); |
2506 |
++ struct dentry *d = list_entry(node, struct dentry, d_child); |
2507 |
+ |
2508 |
+ spin_lock_nested(&d->d_lock, DENTRY_D_LOCK_NESTED); |
2509 |
+ list_del_init(node); |
2510 |
+@@ -1674,12 +1674,12 @@ static void sel_remove_classes(void) |
2511 |
+ |
2512 |
+ list_for_each(class_node, &class_dir->d_subdirs) { |
2513 |
+ struct dentry *class_subdir = list_entry(class_node, |
2514 |
+- struct dentry, d_u.d_child); |
2515 |
++ struct dentry, d_child); |
2516 |
+ struct list_head *class_subdir_node; |
2517 |
+ |
2518 |
+ list_for_each(class_subdir_node, &class_subdir->d_subdirs) { |
2519 |
+ struct dentry *d = list_entry(class_subdir_node, |
2520 |
+- struct dentry, d_u.d_child); |
2521 |
++ struct dentry, d_child); |
2522 |
+ |
2523 |
+ if (d->d_inode) |
2524 |
+ if (d->d_inode->i_mode & S_IFDIR) |
2525 |
|
2526 |
diff --git a/3.14.39/4420_grsecurity-3.1-3.14.39-201504270826.patch b/3.14.40/4420_grsecurity-3.1-3.14.40-201504290821.patch |
2527 |
similarity index 99% |
2528 |
rename from 3.14.39/4420_grsecurity-3.1-3.14.39-201504270826.patch |
2529 |
rename to 3.14.40/4420_grsecurity-3.1-3.14.40-201504290821.patch |
2530 |
index 3fbeaa8..47246da 100644 |
2531 |
--- a/3.14.39/4420_grsecurity-3.1-3.14.39-201504270826.patch |
2532 |
+++ b/3.14.40/4420_grsecurity-3.1-3.14.40-201504290821.patch |
2533 |
@@ -295,7 +295,7 @@ index 5d91ba1..ef1d374 100644 |
2534 |
|
2535 |
pcd. [PARIDE] |
2536 |
diff --git a/Makefile b/Makefile |
2537 |
-index b40845e..c9b79e2 100644 |
2538 |
+index 070e0eb..e3359b0 100644 |
2539 |
--- a/Makefile |
2540 |
+++ b/Makefile |
2541 |
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
2542 |
@@ -703,7 +703,7 @@ index 1402fcc..0b1abd2 100644 |
2543 |
return addr; |
2544 |
} |
2545 |
diff --git a/arch/alpha/mm/fault.c b/arch/alpha/mm/fault.c |
2546 |
-index 98838a0..b304fb4 100644 |
2547 |
+index 9d0ac09..479a962 100644 |
2548 |
--- a/arch/alpha/mm/fault.c |
2549 |
+++ b/arch/alpha/mm/fault.c |
2550 |
@@ -53,6 +53,124 @@ __load_new_mm_context(struct mm_struct *next_mm) |
2551 |
@@ -2003,10 +2003,10 @@ index 219ac88..73ec32a 100644 |
2552 |
* These are the memory types, defined to be compatible with |
2553 |
* pre-ARMv6 CPUs cacheable and bufferable bits: XXCB |
2554 |
diff --git a/arch/arm/include/asm/pgtable-3level-hwdef.h b/arch/arm/include/asm/pgtable-3level-hwdef.h |
2555 |
-index 626989f..9d67a33 100644 |
2556 |
+index 9fd61c7..f8f1cff 100644 |
2557 |
--- a/arch/arm/include/asm/pgtable-3level-hwdef.h |
2558 |
+++ b/arch/arm/include/asm/pgtable-3level-hwdef.h |
2559 |
-@@ -75,6 +75,7 @@ |
2560 |
+@@ -76,6 +76,7 @@ |
2561 |
#define PTE_EXT_SHARED (_AT(pteval_t, 3) << 8) /* SH[1:0], inner shareable */ |
2562 |
#define PTE_EXT_AF (_AT(pteval_t, 1) << 10) /* Access Flag */ |
2563 |
#define PTE_EXT_NG (_AT(pteval_t, 1) << 11) /* nG */ |
2564 |
@@ -2015,18 +2015,18 @@ index 626989f..9d67a33 100644 |
2565 |
|
2566 |
/* |
2567 |
diff --git a/arch/arm/include/asm/pgtable-3level.h b/arch/arm/include/asm/pgtable-3level.h |
2568 |
-index 85c60ad..b0bbd7e 100644 |
2569 |
+index 06e0bc0..e60c2d3 100644 |
2570 |
--- a/arch/arm/include/asm/pgtable-3level.h |
2571 |
+++ b/arch/arm/include/asm/pgtable-3level.h |
2572 |
-@@ -82,6 +82,7 @@ |
2573 |
- #define L_PTE_RDONLY (_AT(pteval_t, 1) << 7) /* AP[2] */ |
2574 |
+@@ -81,6 +81,7 @@ |
2575 |
+ #define L_PTE_USER (_AT(pteval_t, 1) << 6) /* AP[1] */ |
2576 |
#define L_PTE_SHARED (_AT(pteval_t, 3) << 8) /* SH[1:0], inner shareable */ |
2577 |
#define L_PTE_YOUNG (_AT(pteval_t, 1) << 10) /* AF */ |
2578 |
+#define L_PTE_PXN (_AT(pteval_t, 1) << 53) /* PXN */ |
2579 |
#define L_PTE_XN (_AT(pteval_t, 1) << 54) /* XN */ |
2580 |
- #define L_PTE_DIRTY (_AT(pteval_t, 1) << 55) /* unused */ |
2581 |
- #define L_PTE_SPECIAL (_AT(pteval_t, 1) << 56) /* unused */ |
2582 |
-@@ -95,6 +96,7 @@ |
2583 |
+ #define L_PTE_DIRTY (_AT(pteval_t, 1) << 55) |
2584 |
+ #define L_PTE_SPECIAL (_AT(pteval_t, 1) << 56) |
2585 |
+@@ -96,6 +97,7 @@ |
2586 |
/* |
2587 |
* To be used in assembly code with the upper page attributes. |
2588 |
*/ |
2589 |
@@ -2035,7 +2035,7 @@ index 85c60ad..b0bbd7e 100644 |
2590 |
#define L_PTE_DIRTY_HIGH (1 << (55 - 32)) |
2591 |
|
2592 |
diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h |
2593 |
-index 7d59b52..27a12f8 100644 |
2594 |
+index 89dba13..ca1cf20 100644 |
2595 |
--- a/arch/arm/include/asm/pgtable.h |
2596 |
+++ b/arch/arm/include/asm/pgtable.h |
2597 |
@@ -33,6 +33,9 @@ |
2598 |
@@ -2118,7 +2118,7 @@ index 7d59b52..27a12f8 100644 |
2599 |
*/ |
2600 |
#define _L_PTE_DEFAULT L_PTE_PRESENT | L_PTE_YOUNG |
2601 |
|
2602 |
-@@ -262,7 +310,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } |
2603 |
+@@ -266,7 +314,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; } |
2604 |
static inline pte_t pte_modify(pte_t pte, pgprot_t newprot) |
2605 |
{ |
2606 |
const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER | |
2607 |
@@ -4884,7 +4884,7 @@ index 479330b..53717a8 100644 |
2608 |
|
2609 |
#endif /* __ASM_AVR32_KMAP_TYPES_H */ |
2610 |
diff --git a/arch/avr32/mm/fault.c b/arch/avr32/mm/fault.c |
2611 |
-index 0eca933..eb78c7b 100644 |
2612 |
+index d223a8b..69c5210 100644 |
2613 |
--- a/arch/avr32/mm/fault.c |
2614 |
+++ b/arch/avr32/mm/fault.c |
2615 |
@@ -41,6 +41,23 @@ static inline int notify_page_fault(struct pt_regs *regs, int trap) |
2616 |
@@ -4911,7 +4911,7 @@ index 0eca933..eb78c7b 100644 |
2617 |
/* |
2618 |
* This routine handles page faults. It determines the address and the |
2619 |
* problem, and then passes it off to one of the appropriate routines. |
2620 |
-@@ -176,6 +193,16 @@ bad_area: |
2621 |
+@@ -178,6 +195,16 @@ bad_area: |
2622 |
up_read(&mm->mmap_sem); |
2623 |
|
2624 |
if (user_mode(regs)) { |
2625 |
@@ -5473,7 +5473,7 @@ index 84f8a52..7c76178 100644 |
2626 |
* ensure percpu data fits |
2627 |
* into percpu page size |
2628 |
diff --git a/arch/ia64/mm/fault.c b/arch/ia64/mm/fault.c |
2629 |
-index 7225dad..2a7c8256 100644 |
2630 |
+index ba5ba7a..36e9d3a 100644 |
2631 |
--- a/arch/ia64/mm/fault.c |
2632 |
+++ b/arch/ia64/mm/fault.c |
2633 |
@@ -72,6 +72,23 @@ mapped_kernel_page_is_present (unsigned long address) |
2634 |
@@ -7213,7 +7213,7 @@ index 897c605..c421760 100644 |
2635 |
int ret; |
2636 |
|
2637 |
diff --git a/arch/mips/mm/fault.c b/arch/mips/mm/fault.c |
2638 |
-index becc42b..9e43d4b 100644 |
2639 |
+index 70ab5d6..62940fe 100644 |
2640 |
--- a/arch/mips/mm/fault.c |
2641 |
+++ b/arch/mips/mm/fault.c |
2642 |
@@ -28,6 +28,23 @@ |
2643 |
@@ -7240,7 +7240,7 @@ index becc42b..9e43d4b 100644 |
2644 |
/* |
2645 |
* This routine handles page faults. It determines the address, |
2646 |
* and the problem, and then passes it off to one of the appropriate |
2647 |
-@@ -199,6 +216,14 @@ bad_area: |
2648 |
+@@ -201,6 +218,14 @@ bad_area: |
2649 |
bad_area_nosemaphore: |
2650 |
/* User mode accesses just cause a SIGSEGV */ |
2651 |
if (user_mode(regs)) { |
2652 |
@@ -7866,7 +7866,7 @@ index 47ee620..1107387 100644 |
2653 |
fault_space = regs->iasq[0]; |
2654 |
|
2655 |
diff --git a/arch/parisc/mm/fault.c b/arch/parisc/mm/fault.c |
2656 |
-index d72197f..c017c84 100644 |
2657 |
+index d27e388..addd2dc 100644 |
2658 |
--- a/arch/parisc/mm/fault.c |
2659 |
+++ b/arch/parisc/mm/fault.c |
2660 |
@@ -15,6 +15,7 @@ |
2661 |
@@ -8962,7 +8962,7 @@ index 5eea6f3..5d10396 100644 |
2662 |
EXPORT_SYMBOL(copy_in_user); |
2663 |
|
2664 |
diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c |
2665 |
-index 51ab9e7..7d3c78b 100644 |
2666 |
+index 010fabf..e5c18a4 100644 |
2667 |
--- a/arch/powerpc/mm/fault.c |
2668 |
+++ b/arch/powerpc/mm/fault.c |
2669 |
@@ -33,6 +33,10 @@ |
2670 |
@@ -9037,7 +9037,7 @@ index 51ab9e7..7d3c78b 100644 |
2671 |
goto bad_area; |
2672 |
#endif /* CONFIG_PPC_STD_MMU */ |
2673 |
|
2674 |
-@@ -483,6 +514,23 @@ bad_area: |
2675 |
+@@ -485,6 +516,23 @@ bad_area: |
2676 |
bad_area_nosemaphore: |
2677 |
/* User mode accesses cause a SIGSEGV */ |
2678 |
if (user_mode(regs)) { |
2679 |
@@ -11200,7 +11200,7 @@ index 30c3ecc..736f015 100644 |
2680 |
obj-$(CONFIG_SPARC64) += ultra.o tlb.o tsb.o gup.o |
2681 |
obj-y += fault_$(BITS).o |
2682 |
diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c |
2683 |
-index 59dbd46..1dd7f5e 100644 |
2684 |
+index 163c787..6f9ee6c 100644 |
2685 |
--- a/arch/sparc/mm/fault_32.c |
2686 |
+++ b/arch/sparc/mm/fault_32.c |
2687 |
@@ -21,6 +21,9 @@ |
2688 |
@@ -11517,7 +11517,7 @@ index 59dbd46..1dd7f5e 100644 |
2689 |
if (!(vma->vm_flags & (VM_READ | VM_EXEC))) |
2690 |
goto bad_area; |
2691 |
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c |
2692 |
-index 45a413e..fff0231 100644 |
2693 |
+index 0d6de79..32851cb 100644 |
2694 |
--- a/arch/sparc/mm/fault_64.c |
2695 |
+++ b/arch/sparc/mm/fault_64.c |
2696 |
@@ -22,6 +22,9 @@ |
2697 |
@@ -28725,63 +28725,10 @@ index c697625..a032162 100644 |
2698 |
|
2699 |
out: |
2700 |
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c |
2701 |
-index 09651d4..cdb8f22 100644 |
2702 |
+index cf1eeea..cdb8f22 100644 |
2703 |
--- a/arch/x86/kvm/emulate.c |
2704 |
+++ b/arch/x86/kvm/emulate.c |
2705 |
-@@ -2258,7 +2258,7 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
2706 |
- * Not recognized on AMD in compat mode (but is recognized in legacy |
2707 |
- * mode). |
2708 |
- */ |
2709 |
-- if ((ctxt->mode == X86EMUL_MODE_PROT32) && (efer & EFER_LMA) |
2710 |
-+ if ((ctxt->mode != X86EMUL_MODE_PROT64) && (efer & EFER_LMA) |
2711 |
- && !vendor_intel(ctxt)) |
2712 |
- return emulate_ud(ctxt); |
2713 |
- |
2714 |
-@@ -2271,25 +2271,13 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
2715 |
- setup_syscalls_segments(ctxt, &cs, &ss); |
2716 |
- |
2717 |
- ops->get_msr(ctxt, MSR_IA32_SYSENTER_CS, &msr_data); |
2718 |
-- switch (ctxt->mode) { |
2719 |
-- case X86EMUL_MODE_PROT32: |
2720 |
-- if ((msr_data & 0xfffc) == 0x0) |
2721 |
-- return emulate_gp(ctxt, 0); |
2722 |
-- break; |
2723 |
-- case X86EMUL_MODE_PROT64: |
2724 |
-- if (msr_data == 0x0) |
2725 |
-- return emulate_gp(ctxt, 0); |
2726 |
-- break; |
2727 |
-- default: |
2728 |
-- break; |
2729 |
-- } |
2730 |
-+ if ((msr_data & 0xfffc) == 0x0) |
2731 |
-+ return emulate_gp(ctxt, 0); |
2732 |
- |
2733 |
- ctxt->eflags &= ~(EFLG_VM | EFLG_IF | EFLG_RF); |
2734 |
-- cs_sel = (u16)msr_data; |
2735 |
-- cs_sel &= ~SELECTOR_RPL_MASK; |
2736 |
-+ cs_sel = (u16)msr_data & ~SELECTOR_RPL_MASK; |
2737 |
- ss_sel = cs_sel + 8; |
2738 |
-- ss_sel &= ~SELECTOR_RPL_MASK; |
2739 |
-- if (ctxt->mode == X86EMUL_MODE_PROT64 || (efer & EFER_LMA)) { |
2740 |
-+ if (efer & EFER_LMA) { |
2741 |
- cs.d = 0; |
2742 |
- cs.l = 1; |
2743 |
- } |
2744 |
-@@ -2298,10 +2286,11 @@ static int em_sysenter(struct x86_emulate_ctxt *ctxt) |
2745 |
- ops->set_segment(ctxt, ss_sel, &ss, 0, VCPU_SREG_SS); |
2746 |
- |
2747 |
- ops->get_msr(ctxt, MSR_IA32_SYSENTER_EIP, &msr_data); |
2748 |
-- ctxt->_eip = msr_data; |
2749 |
-+ ctxt->_eip = (efer & EFER_LMA) ? msr_data : (u32)msr_data; |
2750 |
- |
2751 |
- ops->get_msr(ctxt, MSR_IA32_SYSENTER_ESP, &msr_data); |
2752 |
-- *reg_write(ctxt, VCPU_REGS_RSP) = msr_data; |
2753 |
-+ *reg_write(ctxt, VCPU_REGS_RSP) = (efer & EFER_LMA) ? msr_data : |
2754 |
-+ (u32)msr_data; |
2755 |
- |
2756 |
- return X86EMUL_CONTINUE; |
2757 |
- } |
2758 |
-@@ -3401,7 +3390,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) |
2759 |
+@@ -3390,7 +3390,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) |
2760 |
int cr = ctxt->modrm_reg; |
2761 |
u64 efer = 0; |
2762 |
|
2763 |
@@ -28790,7 +28737,7 @@ index 09651d4..cdb8f22 100644 |
2764 |
0xffffffff00000000ULL, |
2765 |
0, 0, 0, /* CR3 checked later */ |
2766 |
CR4_RESERVED_BITS, |
2767 |
-@@ -3436,7 +3425,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) |
2768 |
+@@ -3425,7 +3425,7 @@ static int check_cr_write(struct x86_emulate_ctxt *ctxt) |
2769 |
|
2770 |
ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); |
2771 |
if (efer & EFER_LMA) |
2772 |
@@ -28799,7 +28746,7 @@ index 09651d4..cdb8f22 100644 |
2773 |
else if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PAE) |
2774 |
rsvd = CR3_PAE_RESERVED_BITS; |
2775 |
else if (ctxt->ops->get_cr(ctxt, 0) & X86_CR0_PG) |
2776 |
-@@ -3668,8 +3657,8 @@ static const struct opcode group5[] = { |
2777 |
+@@ -3657,8 +3657,8 @@ static const struct opcode group5[] = { |
2778 |
}; |
2779 |
|
2780 |
static const struct opcode group6[] = { |
2781 |
@@ -31927,7 +31874,7 @@ index 903ec1e..c4166b2 100644 |
2782 |
} |
2783 |
|
2784 |
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
2785 |
-index a10c8c7..35a5abb 100644 |
2786 |
+index ebc551c..b8ee77e 100644 |
2787 |
--- a/arch/x86/mm/fault.c |
2788 |
+++ b/arch/x86/mm/fault.c |
2789 |
@@ -14,11 +14,18 @@ |
2790 |
@@ -32172,7 +32119,7 @@ index a10c8c7..35a5abb 100644 |
2791 |
/* Kernel addresses are always protection faults: */ |
2792 |
if (address >= TASK_SIZE) |
2793 |
error_code |= PF_PROT; |
2794 |
-@@ -856,7 +968,7 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address, |
2795 |
+@@ -853,7 +965,7 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address, |
2796 |
if (fault & (VM_FAULT_HWPOISON|VM_FAULT_HWPOISON_LARGE)) { |
2797 |
printk(KERN_ERR |
2798 |
"MCE: Killing %s:%d due to hardware memory corruption fault at %lx\n", |
2799 |
@@ -32181,7 +32128,7 @@ index a10c8c7..35a5abb 100644 |
2800 |
code = BUS_MCEERR_AR; |
2801 |
} |
2802 |
#endif |
2803 |
-@@ -910,6 +1022,99 @@ static int spurious_fault_check(unsigned long error_code, pte_t *pte) |
2804 |
+@@ -905,6 +1017,99 @@ static int spurious_fault_check(unsigned long error_code, pte_t *pte) |
2805 |
return 1; |
2806 |
} |
2807 |
|
2808 |
@@ -32281,7 +32228,7 @@ index a10c8c7..35a5abb 100644 |
2809 |
/* |
2810 |
* Handle a spurious fault caused by a stale TLB entry. |
2811 |
* |
2812 |
-@@ -976,6 +1181,9 @@ int show_unhandled_signals = 1; |
2813 |
+@@ -971,6 +1176,9 @@ int show_unhandled_signals = 1; |
2814 |
static inline int |
2815 |
access_error(unsigned long error_code, struct vm_area_struct *vma) |
2816 |
{ |
2817 |
@@ -32291,7 +32238,7 @@ index a10c8c7..35a5abb 100644 |
2818 |
if (error_code & PF_WRITE) { |
2819 |
/* write, present and write, not present: */ |
2820 |
if (unlikely(!(vma->vm_flags & VM_WRITE))) |
2821 |
-@@ -1010,7 +1218,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs) |
2822 |
+@@ -1005,7 +1213,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs) |
2823 |
if (error_code & PF_USER) |
2824 |
return false; |
2825 |
|
2826 |
@@ -32300,7 +32247,7 @@ index a10c8c7..35a5abb 100644 |
2827 |
return false; |
2828 |
|
2829 |
return true; |
2830 |
-@@ -1038,6 +1246,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, |
2831 |
+@@ -1033,6 +1241,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, |
2832 |
tsk = current; |
2833 |
mm = tsk->mm; |
2834 |
|
2835 |
@@ -32323,7 +32270,7 @@ index a10c8c7..35a5abb 100644 |
2836 |
/* |
2837 |
* Detect and handle instructions that would cause a page fault for |
2838 |
* both a tracked kernel page and a userspace page. |
2839 |
-@@ -1115,7 +1339,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, |
2840 |
+@@ -1110,7 +1334,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, |
2841 |
* User-mode registers count as a user access even for any |
2842 |
* potential system fault or CPU buglet: |
2843 |
*/ |
2844 |
@@ -32332,7 +32279,7 @@ index a10c8c7..35a5abb 100644 |
2845 |
local_irq_enable(); |
2846 |
error_code |= PF_USER; |
2847 |
flags |= FAULT_FLAG_USER; |
2848 |
-@@ -1162,6 +1386,11 @@ retry: |
2849 |
+@@ -1157,6 +1381,11 @@ retry: |
2850 |
might_sleep(); |
2851 |
} |
2852 |
|
2853 |
@@ -32344,7 +32291,7 @@ index a10c8c7..35a5abb 100644 |
2854 |
vma = find_vma(mm, address); |
2855 |
if (unlikely(!vma)) { |
2856 |
bad_area(regs, error_code, address); |
2857 |
-@@ -1173,18 +1402,24 @@ retry: |
2858 |
+@@ -1168,18 +1397,24 @@ retry: |
2859 |
bad_area(regs, error_code, address); |
2860 |
return; |
2861 |
} |
2862 |
@@ -32380,7 +32327,7 @@ index a10c8c7..35a5abb 100644 |
2863 |
if (unlikely(expand_stack(vma, address))) { |
2864 |
bad_area(regs, error_code, address); |
2865 |
return; |
2866 |
-@@ -1296,3 +1531,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) |
2867 |
+@@ -1292,3 +1527,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) |
2868 |
exception_exit(prev_state); |
2869 |
} |
2870 |
#endif /* CONFIG_TRACING */ |
2871 |
@@ -48025,7 +47972,7 @@ index c05b66d..ed69872 100644 |
2872 |
break; |
2873 |
} |
2874 |
diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c |
2875 |
-index 80bfa03..1114364 100644 |
2876 |
+index 075e7e7..1dbbe03 100644 |
2877 |
--- a/drivers/net/ethernet/emulex/benet/be_main.c |
2878 |
+++ b/drivers/net/ethernet/emulex/benet/be_main.c |
2879 |
@@ -534,7 +534,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) |
2880 |
@@ -48261,7 +48208,7 @@ index 7763962..c3499a7 100644 |
2881 |
struct qlcnic_hardware_context *ahw; |
2882 |
void *temp_buffer; |
2883 |
diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c |
2884 |
-index 3ff7bc3..366091b 100644 |
2885 |
+index 90c14d1..3bd4467 100644 |
2886 |
--- a/drivers/net/ethernet/realtek/r8169.c |
2887 |
+++ b/drivers/net/ethernet/realtek/r8169.c |
2888 |
@@ -758,22 +758,22 @@ struct rtl8169_private { |
2889 |
@@ -52400,7 +52347,7 @@ index 52b7731..d604da0 100644 |
2890 |
strlen(filename), mode, LUSTRE_OPC_MKDIR, |
2891 |
lump); |
2892 |
diff --git a/drivers/staging/lustre/lustre/llite/llite_lib.c b/drivers/staging/lustre/lustre/llite/llite_lib.c |
2893 |
-index 6cfdb9e..1ddab59 100644 |
2894 |
+index 5ae562e..6b661ff 100644 |
2895 |
--- a/drivers/staging/lustre/lustre/llite/llite_lib.c |
2896 |
+++ b/drivers/staging/lustre/lustre/llite/llite_lib.c |
2897 |
@@ -576,7 +576,7 @@ static int client_common_fill_super(struct super_block *sb, char *md, char *dt, |
2898 |
@@ -59982,7 +59929,7 @@ index ebaff36..7e3ea26 100644 |
2899 |
kunmap(page); |
2900 |
file_end_write(file); |
2901 |
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c |
2902 |
-index 5e0982a..ca18377 100644 |
2903 |
+index 18e14cf..9ca3e26 100644 |
2904 |
--- a/fs/ceph/dir.c |
2905 |
+++ b/fs/ceph/dir.c |
2906 |
@@ -128,6 +128,8 @@ static int __dcache_readdir(struct file *file, struct dir_context *ctx) |
2907 |
@@ -60529,7 +60476,7 @@ index 43eb136..f17e718 100644 |
2908 |
return rc; |
2909 |
} |
2910 |
diff --git a/fs/coda/cache.c b/fs/coda/cache.c |
2911 |
-index 1da168c..8bc7ff6 100644 |
2912 |
+index 9bc1147..fd15753 100644 |
2913 |
--- a/fs/coda/cache.c |
2914 |
+++ b/fs/coda/cache.c |
2915 |
@@ -24,7 +24,7 @@ |
2916 |
@@ -60885,13 +60832,13 @@ index a93f7e6..d58bcbe 100644 |
2917 |
return 0; |
2918 |
while (nr) { |
2919 |
diff --git a/fs/dcache.c b/fs/dcache.c |
2920 |
-index 4366127..b8c2cf9 100644 |
2921 |
+index c345f5f..abbda68 100644 |
2922 |
--- a/fs/dcache.c |
2923 |
+++ b/fs/dcache.c |
2924 |
@@ -250,7 +250,7 @@ static void __d_free(struct rcu_head *head) |
2925 |
- */ |
2926 |
static void d_free(struct dentry *dentry) |
2927 |
{ |
2928 |
+ WARN_ON(!hlist_unhashed(&dentry->d_u.d_alias)); |
2929 |
- BUG_ON((int)dentry->d_lockref.count > 0); |
2930 |
+ BUG_ON((int)__lockref_read(&dentry->d_lockref) > 0); |
2931 |
this_cpu_dec(nr_dentry); |
2932 |
@@ -60937,7 +60884,7 @@ index 4366127..b8c2cf9 100644 |
2933 |
} |
2934 |
@@ -792,7 +792,7 @@ restart: |
2935 |
spin_lock(&inode->i_lock); |
2936 |
- hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
2937 |
+ hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) { |
2938 |
spin_lock(&dentry->d_lock); |
2939 |
- if (!dentry->d_lockref.count) { |
2940 |
+ if (!__lockref_read(&dentry->d_lockref)) { |
2941 |
@@ -61068,7 +61015,7 @@ index 4366127..b8c2cf9 100644 |
2942 |
dcache_init(); |
2943 |
inode_init(); |
2944 |
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c |
2945 |
-index 1ff8fe5..31407fe 100644 |
2946 |
+index 4a9f0e0..54ea0cc 100644 |
2947 |
--- a/fs/debugfs/inode.c |
2948 |
+++ b/fs/debugfs/inode.c |
2949 |
@@ -422,10 +422,20 @@ EXPORT_SYMBOL_GPL(debugfs_create_file); |
2950 |
@@ -64443,13 +64390,13 @@ index 4d45705..b35e0bd 100644 |
2951 |
free_page((unsigned long)page); |
2952 |
} |
2953 |
diff --git a/fs/libfs.c b/fs/libfs.c |
2954 |
-index a184424..944ddce 100644 |
2955 |
+index 868c0b7..1831f93 100644 |
2956 |
--- a/fs/libfs.c |
2957 |
+++ b/fs/libfs.c |
2958 |
@@ -159,6 +159,9 @@ int dcache_readdir(struct file *file, struct dir_context *ctx) |
2959 |
|
2960 |
for (p = q->next; p != &dentry->d_subdirs; p = p->next) { |
2961 |
- struct dentry *next = list_entry(p, struct dentry, d_u.d_child); |
2962 |
+ struct dentry *next = list_entry(p, struct dentry, d_child); |
2963 |
+ char d_name[sizeof(next->d_iname)]; |
2964 |
+ const unsigned char *name; |
2965 |
+ |
2966 |
@@ -67616,7 +67563,7 @@ index dbd0272..3cd5915 100644 |
2967 |
seq_printf(p, "softirq %llu", (unsigned long long)sum_softirq); |
2968 |
|
2969 |
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c |
2970 |
-index c254671..c09368e 100644 |
2971 |
+index eaa7374..c531bc5 100644 |
2972 |
--- a/fs/proc/task_mmu.c |
2973 |
+++ b/fs/proc/task_mmu.c |
2974 |
@@ -13,12 +13,19 @@ |
2975 |
@@ -67783,7 +67730,7 @@ index c254671..c09368e 100644 |
2976 |
mss.resident >> 10, |
2977 |
(unsigned long)(mss.pss >> (10 + PSS_SHIFT)), |
2978 |
mss.shared_clean >> 10, |
2979 |
-@@ -1391,6 +1442,13 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid) |
2980 |
+@@ -1414,6 +1465,13 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid) |
2981 |
char buffer[64]; |
2982 |
int nid; |
2983 |
|
2984 |
@@ -67797,7 +67744,7 @@ index c254671..c09368e 100644 |
2985 |
if (!mm) |
2986 |
return 0; |
2987 |
|
2988 |
-@@ -1408,11 +1466,15 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid) |
2989 |
+@@ -1431,11 +1489,15 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid) |
2990 |
mpol_to_str(buffer, sizeof(buffer), pol); |
2991 |
mpol_cond_put(pol); |
2992 |
|
2993 |
@@ -82261,7 +82208,7 @@ index 653589e..4ef254a 100644 |
2994 |
return c | 0x20; |
2995 |
} |
2996 |
diff --git a/include/linux/dcache.h b/include/linux/dcache.h |
2997 |
-index 3b50cac..a3b0c8a 100644 |
2998 |
+index 0f0eb1c..776283e 100644 |
2999 |
--- a/include/linux/dcache.h |
3000 |
+++ b/include/linux/dcache.h |
3001 |
@@ -123,6 +123,9 @@ struct dentry { |
3002 |
@@ -82272,12 +82219,12 @@ index 3b50cac..a3b0c8a 100644 |
3003 |
+ atomic_t chroot_refcnt; /* tracks use of directory in chroot */ |
3004 |
+#endif |
3005 |
struct list_head d_lru; /* LRU list */ |
3006 |
- /* |
3007 |
- * d_child and d_rcu can share memory |
3008 |
+ struct list_head d_child; /* child of parent list */ |
3009 |
+ struct list_head d_subdirs; /* our children */ |
3010 |
@@ -133,7 +136,7 @@ struct dentry { |
3011 |
+ struct hlist_node d_alias; /* inode alias list */ |
3012 |
+ struct rcu_head d_rcu; |
3013 |
} d_u; |
3014 |
- struct list_head d_subdirs; /* our children */ |
3015 |
- struct hlist_node d_alias; /* inode alias list */ |
3016 |
-}; |
3017 |
+} __randomize_layout; |
3018 |
|
3019 |
@@ -84751,7 +84698,7 @@ index 5bba088..7ad4ae7 100644 |
3020 |
static inline int |
3021 |
vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst) |
3022 |
diff --git a/include/linux/mm.h b/include/linux/mm.h |
3023 |
-index 46b8ab5..6823be2 100644 |
3024 |
+index a7b311d..5aef73c 100644 |
3025 |
--- a/include/linux/mm.h |
3026 |
+++ b/include/linux/mm.h |
3027 |
@@ -127,6 +127,11 @@ extern unsigned int kobjsize(const void *objp); |
3028 |
@@ -84794,7 +84741,7 @@ index 46b8ab5..6823be2 100644 |
3029 |
static inline void compound_lock(struct page *page) |
3030 |
{ |
3031 |
#ifdef CONFIG_TRANSPARENT_HUGEPAGE |
3032 |
-@@ -1120,8 +1128,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, |
3033 |
+@@ -1122,8 +1130,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, |
3034 |
unsigned long *pfn); |
3035 |
int follow_phys(struct vm_area_struct *vma, unsigned long address, |
3036 |
unsigned int flags, unsigned long *prot, resource_size_t *phys); |
3037 |
@@ -84805,7 +84752,7 @@ index 46b8ab5..6823be2 100644 |
3038 |
|
3039 |
static inline void unmap_shared_mapping_range(struct address_space *mapping, |
3040 |
loff_t const holebegin, loff_t const holelen) |
3041 |
-@@ -1161,9 +1169,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, |
3042 |
+@@ -1163,9 +1171,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, |
3043 |
} |
3044 |
#endif |
3045 |
|
3046 |
@@ -84818,7 +84765,7 @@ index 46b8ab5..6823be2 100644 |
3047 |
|
3048 |
long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
3049 |
unsigned long start, unsigned long nr_pages, |
3050 |
-@@ -1195,34 +1203,6 @@ int set_page_dirty(struct page *page); |
3051 |
+@@ -1197,34 +1205,6 @@ int set_page_dirty(struct page *page); |
3052 |
int set_page_dirty_lock(struct page *page); |
3053 |
int clear_page_dirty_for_io(struct page *page); |
3054 |
|
3055 |
@@ -84853,7 +84800,7 @@ index 46b8ab5..6823be2 100644 |
3056 |
extern pid_t |
3057 |
vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group); |
3058 |
|
3059 |
-@@ -1322,6 +1302,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) |
3060 |
+@@ -1324,6 +1304,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) |
3061 |
} |
3062 |
#endif |
3063 |
|
3064 |
@@ -84869,7 +84816,7 @@ index 46b8ab5..6823be2 100644 |
3065 |
int vma_wants_writenotify(struct vm_area_struct *vma); |
3066 |
|
3067 |
extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr, |
3068 |
-@@ -1340,8 +1329,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, |
3069 |
+@@ -1342,8 +1331,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, |
3070 |
{ |
3071 |
return 0; |
3072 |
} |
3073 |
@@ -84885,7 +84832,7 @@ index 46b8ab5..6823be2 100644 |
3074 |
#endif |
3075 |
|
3076 |
#ifdef __PAGETABLE_PMD_FOLDED |
3077 |
-@@ -1350,8 +1346,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, |
3078 |
+@@ -1352,8 +1348,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, |
3079 |
{ |
3080 |
return 0; |
3081 |
} |
3082 |
@@ -84901,7 +84848,7 @@ index 46b8ab5..6823be2 100644 |
3083 |
#endif |
3084 |
|
3085 |
int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma, |
3086 |
-@@ -1369,11 +1372,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a |
3087 |
+@@ -1371,11 +1374,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a |
3088 |
NULL: pud_offset(pgd, address); |
3089 |
} |
3090 |
|
3091 |
@@ -84925,7 +84872,7 @@ index 46b8ab5..6823be2 100644 |
3092 |
#endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ |
3093 |
|
3094 |
#if USE_SPLIT_PTE_PTLOCKS |
3095 |
-@@ -1763,7 +1778,7 @@ extern int install_special_mapping(struct mm_struct *mm, |
3096 |
+@@ -1765,7 +1780,7 @@ extern int install_special_mapping(struct mm_struct *mm, |
3097 |
unsigned long addr, unsigned long len, |
3098 |
unsigned long flags, struct page **pages); |
3099 |
|
3100 |
@@ -84934,7 +84881,7 @@ index 46b8ab5..6823be2 100644 |
3101 |
|
3102 |
extern unsigned long mmap_region(struct file *file, unsigned long addr, |
3103 |
unsigned long len, vm_flags_t vm_flags, unsigned long pgoff); |
3104 |
-@@ -1771,6 +1786,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
3105 |
+@@ -1773,6 +1788,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
3106 |
unsigned long len, unsigned long prot, unsigned long flags, |
3107 |
unsigned long pgoff, unsigned long *populate); |
3108 |
extern int do_munmap(struct mm_struct *, unsigned long, size_t); |
3109 |
@@ -84942,7 +84889,7 @@ index 46b8ab5..6823be2 100644 |
3110 |
|
3111 |
#ifdef CONFIG_MMU |
3112 |
extern int __mm_populate(unsigned long addr, unsigned long len, |
3113 |
-@@ -1799,10 +1815,11 @@ struct vm_unmapped_area_info { |
3114 |
+@@ -1801,10 +1817,11 @@ struct vm_unmapped_area_info { |
3115 |
unsigned long high_limit; |
3116 |
unsigned long align_mask; |
3117 |
unsigned long align_offset; |
3118 |
@@ -84956,7 +84903,7 @@ index 46b8ab5..6823be2 100644 |
3119 |
|
3120 |
/* |
3121 |
* Search for an unmapped address range. |
3122 |
-@@ -1814,7 +1831,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); |
3123 |
+@@ -1816,7 +1833,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); |
3124 |
* - satisfies (begin_addr & align_mask) == (align_offset & align_mask) |
3125 |
*/ |
3126 |
static inline unsigned long |
3127 |
@@ -84965,7 +84912,7 @@ index 46b8ab5..6823be2 100644 |
3128 |
{ |
3129 |
if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN)) |
3130 |
return unmapped_area(info); |
3131 |
-@@ -1874,6 +1891,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add |
3132 |
+@@ -1876,6 +1893,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add |
3133 |
extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, |
3134 |
struct vm_area_struct **pprev); |
3135 |
|
3136 |
@@ -84976,7 +84923,7 @@ index 46b8ab5..6823be2 100644 |
3137 |
/* Look up the first VMA which intersects the interval start_addr..end_addr-1, |
3138 |
NULL if none. Assume start_addr < end_addr. */ |
3139 |
static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) |
3140 |
-@@ -1902,15 +1923,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, |
3141 |
+@@ -1904,15 +1925,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, |
3142 |
return vma; |
3143 |
} |
3144 |
|
3145 |
@@ -84992,7 +84939,7 @@ index 46b8ab5..6823be2 100644 |
3146 |
#ifdef CONFIG_NUMA_BALANCING |
3147 |
unsigned long change_prot_numa(struct vm_area_struct *vma, |
3148 |
unsigned long start, unsigned long end); |
3149 |
-@@ -1962,6 +1974,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); |
3150 |
+@@ -1964,6 +1976,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); |
3151 |
static inline void vm_stat_account(struct mm_struct *mm, |
3152 |
unsigned long flags, struct file *file, long pages) |
3153 |
{ |
3154 |
@@ -85004,7 +84951,7 @@ index 46b8ab5..6823be2 100644 |
3155 |
mm->total_vm += pages; |
3156 |
} |
3157 |
#endif /* CONFIG_PROC_FS */ |
3158 |
-@@ -2043,7 +2060,7 @@ extern int unpoison_memory(unsigned long pfn); |
3159 |
+@@ -2045,7 +2062,7 @@ extern int unpoison_memory(unsigned long pfn); |
3160 |
extern int sysctl_memory_failure_early_kill; |
3161 |
extern int sysctl_memory_failure_recovery; |
3162 |
extern void shake_page(struct page *p, int access); |
3163 |
@@ -85013,7 +84960,7 @@ index 46b8ab5..6823be2 100644 |
3164 |
extern int soft_offline_page(struct page *page, int flags); |
3165 |
|
3166 |
#if defined(CONFIG_TRANSPARENT_HUGEPAGE) || defined(CONFIG_HUGETLBFS) |
3167 |
-@@ -2078,5 +2095,11 @@ void __init setup_nr_node_ids(void); |
3168 |
+@@ -2080,5 +2097,11 @@ void __init setup_nr_node_ids(void); |
3169 |
static inline void setup_nr_node_ids(void) {} |
3170 |
#endif |
3171 |
|
3172 |
@@ -85391,7 +85338,7 @@ index 17d8339..81656c0 100644 |
3173 |
struct iovec; |
3174 |
struct kvec; |
3175 |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
3176 |
-index 911718f..f673407 100644 |
3177 |
+index bf46cc8..2af7ba8 100644 |
3178 |
--- a/include/linux/netdevice.h |
3179 |
+++ b/include/linux/netdevice.h |
3180 |
@@ -1147,6 +1147,7 @@ struct net_device_ops { |
3181 |
@@ -86197,7 +86144,7 @@ index a964f72..b475afb 100644 |
3182 |
} |
3183 |
|
3184 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
3185 |
-index 218b058..30088db 100644 |
3186 |
+index 91fe6a3..30088db 100644 |
3187 |
--- a/include/linux/sched.h |
3188 |
+++ b/include/linux/sched.h |
3189 |
@@ -133,6 +133,7 @@ struct fs_struct; |
3190 |
@@ -86452,15 +86399,6 @@ index 218b058..30088db 100644 |
3191 |
{ |
3192 |
return tsk->pid; |
3193 |
} |
3194 |
-@@ -1695,7 +1809,7 @@ static inline pid_t task_tgid_vnr(struct task_struct *tsk) |
3195 |
- } |
3196 |
- |
3197 |
- |
3198 |
--static int pid_alive(const struct task_struct *p); |
3199 |
-+static inline int pid_alive(const struct task_struct *p); |
3200 |
- static inline pid_t task_ppid_nr_ns(const struct task_struct *tsk, struct pid_namespace *ns) |
3201 |
- { |
3202 |
- pid_t pid = 0; |
3203 |
@@ -2015,6 +2129,25 @@ extern u64 sched_clock_cpu(int cpu); |
3204 |
|
3205 |
extern void sched_clock_init(void); |
3206 |
@@ -87796,7 +87734,7 @@ index 823ec7b..44c938c 100644 |
3207 |
struct rcu_head rcu; |
3208 |
struct inet_peer *gc_next; |
3209 |
diff --git a/include/net/ip.h b/include/net/ip.h |
3210 |
-index 3446cdd..e3d86f4 100644 |
3211 |
+index 5128fa7..8814c81 100644 |
3212 |
--- a/include/net/ip.h |
3213 |
+++ b/include/net/ip.h |
3214 |
@@ -215,7 +215,7 @@ static inline void snmp_mib_free(void __percpu *ptr[SNMP_ARRAY_SZ]) |
3215 |
@@ -88267,7 +88205,7 @@ index 0dfcc92..7967849 100644 |
3216 |
|
3217 |
/* Structure to track chunk fragments that have been acked, but peer |
3218 |
diff --git a/include/net/sock.h b/include/net/sock.h |
3219 |
-index f66b2b1..b05a13e 100644 |
3220 |
+index 0c79a74..862699f 100644 |
3221 |
--- a/include/net/sock.h |
3222 |
+++ b/include/net/sock.h |
3223 |
@@ -181,7 +181,8 @@ struct sock_common { |
3224 |
@@ -88324,7 +88262,7 @@ index f66b2b1..b05a13e 100644 |
3225 |
|
3226 |
static inline struct sock_iocb *kiocb_to_siocb(struct kiocb *iocb) |
3227 |
{ |
3228 |
-@@ -1829,7 +1831,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
3229 |
+@@ -1831,7 +1833,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
3230 |
} |
3231 |
|
3232 |
static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, |
3233 |
@@ -88333,7 +88271,7 @@ index f66b2b1..b05a13e 100644 |
3234 |
int copy, int offset) |
3235 |
{ |
3236 |
if (skb->ip_summed == CHECKSUM_NONE) { |
3237 |
-@@ -2091,7 +2093,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
3238 |
+@@ -2093,7 +2095,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
3239 |
} |
3240 |
} |
3241 |
|
3242 |
@@ -89966,7 +89904,7 @@ index 00adb21..d5954a8 100644 |
3243 |
+} |
3244 |
+EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog); |
3245 |
diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
3246 |
-index 550e205..b0a7f7d 100644 |
3247 |
+index 18711f3..a8e4c7b 100644 |
3248 |
--- a/kernel/cgroup.c |
3249 |
+++ b/kernel/cgroup.c |
3250 |
@@ -5189,6 +5189,14 @@ static void cgroup_release_agent(struct work_struct *work) |
3251 |
@@ -95763,7 +95701,7 @@ index 774a080..d09b170 100644 |
3252 |
*data_page = bpage; |
3253 |
|
3254 |
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c |
3255 |
-index 813b021..cdd1400 100644 |
3256 |
+index a2d62b3..1997260 100644 |
3257 |
--- a/kernel/trace/trace.c |
3258 |
+++ b/kernel/trace/trace.c |
3259 |
@@ -3412,7 +3412,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) |
3260 |
@@ -95809,7 +95747,7 @@ index 57b67b1..66082a9 100644 |
3261 |
+ return atomic64_inc_return_unchecked(&trace_counter); |
3262 |
} |
3263 |
diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c |
3264 |
-index e4c4efc..ef4e975 100644 |
3265 |
+index c6646a5..574b47c 100644 |
3266 |
--- a/kernel/trace/trace_events.c |
3267 |
+++ b/kernel/trace/trace_events.c |
3268 |
@@ -1682,7 +1682,6 @@ __trace_early_add_new_event(struct ftrace_event_call *call, |
3269 |
@@ -97415,7 +97353,7 @@ index a402f8f..f5e5daa 100644 |
3270 |
if (end == start) |
3271 |
return error; |
3272 |
diff --git a/mm/memory-failure.c b/mm/memory-failure.c |
3273 |
-index a98c7fc..393f8f1 100644 |
3274 |
+index ffc7bf0..b9105bd 100644 |
3275 |
--- a/mm/memory-failure.c |
3276 |
+++ b/mm/memory-failure.c |
3277 |
@@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; |
3278 |
@@ -97521,7 +97459,7 @@ index a98c7fc..393f8f1 100644 |
3279 |
return 0; |
3280 |
} |
3281 |
|
3282 |
-@@ -1652,7 +1652,7 @@ static int __soft_offline_page(struct page *page, int flags) |
3283 |
+@@ -1650,7 +1650,7 @@ static int __soft_offline_page(struct page *page, int flags) |
3284 |
if (!is_free_buddy_page(page)) |
3285 |
pr_info("soft offline: %#lx: page leaked\n", |
3286 |
pfn); |
3287 |
@@ -97530,7 +97468,7 @@ index a98c7fc..393f8f1 100644 |
3288 |
} |
3289 |
} else { |
3290 |
pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", |
3291 |
-@@ -1726,11 +1726,11 @@ int soft_offline_page(struct page *page, int flags) |
3292 |
+@@ -1724,11 +1724,11 @@ int soft_offline_page(struct page *page, int flags) |
3293 |
if (PageHuge(page)) { |
3294 |
set_page_hwpoison_huge_page(hpage); |
3295 |
dequeue_hwpoisoned_huge_page(hpage); |
3296 |
@@ -97545,7 +97483,7 @@ index a98c7fc..393f8f1 100644 |
3297 |
} |
3298 |
unset_migratetype_isolate(page, MIGRATE_MOVABLE); |
3299 |
diff --git a/mm/memory.c b/mm/memory.c |
3300 |
-index 102af09..4118c57 100644 |
3301 |
+index 749e1c6..f7fbc29 100644 |
3302 |
--- a/mm/memory.c |
3303 |
+++ b/mm/memory.c |
3304 |
@@ -403,6 +403,7 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, |
3305 |
@@ -97654,7 +97592,7 @@ index 102af09..4118c57 100644 |
3306 |
if (foll_flags & FOLL_WRITE) |
3307 |
fault_flags |= FAULT_FLAG_WRITE; |
3308 |
if (nonblocking) |
3309 |
-@@ -1893,7 +1890,7 @@ next_page: |
3310 |
+@@ -1894,7 +1891,7 @@ next_page: |
3311 |
start += page_increm * PAGE_SIZE; |
3312 |
nr_pages -= page_increm; |
3313 |
} while (nr_pages && start < vma->vm_end); |
3314 |
@@ -97663,7 +97601,7 @@ index 102af09..4118c57 100644 |
3315 |
return i; |
3316 |
} |
3317 |
EXPORT_SYMBOL(__get_user_pages); |
3318 |
-@@ -2105,6 +2102,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, |
3319 |
+@@ -2106,6 +2103,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, |
3320 |
page_add_file_rmap(page); |
3321 |
set_pte_at(mm, addr, pte, mk_pte(page, prot)); |
3322 |
|
3323 |
@@ -97674,7 +97612,7 @@ index 102af09..4118c57 100644 |
3324 |
retval = 0; |
3325 |
pte_unmap_unlock(pte, ptl); |
3326 |
return retval; |
3327 |
-@@ -2149,9 +2150,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, |
3328 |
+@@ -2150,9 +2151,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, |
3329 |
if (!page_count(page)) |
3330 |
return -EINVAL; |
3331 |
if (!(vma->vm_flags & VM_MIXEDMAP)) { |
3332 |
@@ -97696,7 +97634,7 @@ index 102af09..4118c57 100644 |
3333 |
} |
3334 |
return insert_page(vma, addr, page, vma->vm_page_prot); |
3335 |
} |
3336 |
-@@ -2234,6 +2247,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, |
3337 |
+@@ -2235,6 +2248,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, |
3338 |
unsigned long pfn) |
3339 |
{ |
3340 |
BUG_ON(!(vma->vm_flags & VM_MIXEDMAP)); |
3341 |
@@ -97704,7 +97642,7 @@ index 102af09..4118c57 100644 |
3342 |
|
3343 |
if (addr < vma->vm_start || addr >= vma->vm_end) |
3344 |
return -EFAULT; |
3345 |
-@@ -2481,7 +2495,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
3346 |
+@@ -2482,7 +2496,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
3347 |
|
3348 |
BUG_ON(pud_huge(*pud)); |
3349 |
|
3350 |
@@ -97715,7 +97653,7 @@ index 102af09..4118c57 100644 |
3351 |
if (!pmd) |
3352 |
return -ENOMEM; |
3353 |
do { |
3354 |
-@@ -2501,7 +2517,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
3355 |
+@@ -2502,7 +2518,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
3356 |
unsigned long next; |
3357 |
int err; |
3358 |
|
3359 |
@@ -97726,7 +97664,7 @@ index 102af09..4118c57 100644 |
3360 |
if (!pud) |
3361 |
return -ENOMEM; |
3362 |
do { |
3363 |
-@@ -2591,6 +2609,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
3364 |
+@@ -2592,6 +2610,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
3365 |
copy_user_highpage(dst, src, va, vma); |
3366 |
} |
3367 |
|
3368 |
@@ -97913,7 +97851,7 @@ index 102af09..4118c57 100644 |
3369 |
/* |
3370 |
* This routine handles present pages, when users try to write |
3371 |
* to a shared page. It is done by copying the page to a new address |
3372 |
-@@ -2815,6 +3013,12 @@ gotten: |
3373 |
+@@ -2816,6 +3014,12 @@ gotten: |
3374 |
*/ |
3375 |
page_table = pte_offset_map_lock(mm, pmd, address, &ptl); |
3376 |
if (likely(pte_same(*page_table, orig_pte))) { |
3377 |
@@ -97926,7 +97864,7 @@ index 102af09..4118c57 100644 |
3378 |
if (old_page) { |
3379 |
if (!PageAnon(old_page)) { |
3380 |
dec_mm_counter_fast(mm, MM_FILEPAGES); |
3381 |
-@@ -2866,6 +3070,10 @@ gotten: |
3382 |
+@@ -2867,6 +3071,10 @@ gotten: |
3383 |
page_remove_rmap(old_page); |
3384 |
} |
3385 |
|
3386 |
@@ -97937,7 +97875,7 @@ index 102af09..4118c57 100644 |
3387 |
/* Free the old page.. */ |
3388 |
new_page = old_page; |
3389 |
ret |= VM_FAULT_WRITE; |
3390 |
-@@ -3143,6 +3351,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3391 |
+@@ -3144,6 +3352,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3392 |
swap_free(entry); |
3393 |
if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) |
3394 |
try_to_free_swap(page); |
3395 |
@@ -97949,7 +97887,7 @@ index 102af09..4118c57 100644 |
3396 |
unlock_page(page); |
3397 |
if (page != swapcache) { |
3398 |
/* |
3399 |
-@@ -3166,6 +3379,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3400 |
+@@ -3167,6 +3380,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3401 |
|
3402 |
/* No need to invalidate - it was non-present before */ |
3403 |
update_mmu_cache(vma, address, page_table); |
3404 |
@@ -97961,7 +97899,7 @@ index 102af09..4118c57 100644 |
3405 |
unlock: |
3406 |
pte_unmap_unlock(page_table, ptl); |
3407 |
out: |
3408 |
-@@ -3185,40 +3403,6 @@ out_release: |
3409 |
+@@ -3186,40 +3404,6 @@ out_release: |
3410 |
} |
3411 |
|
3412 |
/* |
3413 |
@@ -98002,7 +97940,7 @@ index 102af09..4118c57 100644 |
3414 |
* We enter with non-exclusive mmap_sem (to exclude vma changes, |
3415 |
* but allow concurrent faults), and pte mapped but not yet locked. |
3416 |
* We return with mmap_sem still held, but pte unmapped and unlocked. |
3417 |
-@@ -3227,27 +3411,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3418 |
+@@ -3228,27 +3412,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3419 |
unsigned long address, pte_t *page_table, pmd_t *pmd, |
3420 |
unsigned int flags) |
3421 |
{ |
3422 |
@@ -98015,7 +97953,7 @@ index 102af09..4118c57 100644 |
3423 |
- |
3424 |
- /* Check if we need to add a guard page to the stack */ |
3425 |
- if (check_stack_guard_page(vma, address) < 0) |
3426 |
-- return VM_FAULT_SIGBUS; |
3427 |
+- return VM_FAULT_SIGSEGV; |
3428 |
- |
3429 |
- /* Use the zero-page for reads */ |
3430 |
if (!(flags & FAULT_FLAG_WRITE)) { |
3431 |
@@ -98035,7 +97973,7 @@ index 102af09..4118c57 100644 |
3432 |
if (unlikely(anon_vma_prepare(vma))) |
3433 |
goto oom; |
3434 |
page = alloc_zeroed_user_highpage_movable(vma, address); |
3435 |
-@@ -3271,6 +3451,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3436 |
+@@ -3272,6 +3452,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
3437 |
if (!pte_none(*page_table)) |
3438 |
goto release; |
3439 |
|
3440 |
@@ -98047,7 +97985,7 @@ index 102af09..4118c57 100644 |
3441 |
inc_mm_counter_fast(mm, MM_ANONPAGES); |
3442 |
page_add_new_anon_rmap(page, vma, address); |
3443 |
setpte: |
3444 |
-@@ -3278,6 +3463,12 @@ setpte: |
3445 |
+@@ -3279,6 +3464,12 @@ setpte: |
3446 |
|
3447 |
/* No need to invalidate - it was non-present before */ |
3448 |
update_mmu_cache(vma, address, page_table); |
3449 |
@@ -98060,7 +97998,7 @@ index 102af09..4118c57 100644 |
3450 |
unlock: |
3451 |
pte_unmap_unlock(page_table, ptl); |
3452 |
return 0; |
3453 |
-@@ -3422,6 +3613,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3454 |
+@@ -3423,6 +3614,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3455 |
*/ |
3456 |
/* Only go through if we didn't race with anybody else... */ |
3457 |
if (likely(pte_same(*page_table, orig_pte))) { |
3458 |
@@ -98073,7 +98011,7 @@ index 102af09..4118c57 100644 |
3459 |
flush_icache_page(vma, page); |
3460 |
entry = mk_pte(page, vma->vm_page_prot); |
3461 |
if (flags & FAULT_FLAG_WRITE) |
3462 |
-@@ -3443,6 +3640,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3463 |
+@@ -3444,6 +3641,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3464 |
|
3465 |
/* no need to invalidate: a not-present page won't be cached */ |
3466 |
update_mmu_cache(vma, address, page_table); |
3467 |
@@ -98088,7 +98026,7 @@ index 102af09..4118c57 100644 |
3468 |
} else { |
3469 |
if (cow_page) |
3470 |
mem_cgroup_uncharge_page(cow_page); |
3471 |
-@@ -3690,6 +3895,12 @@ static int handle_pte_fault(struct mm_struct *mm, |
3472 |
+@@ -3691,6 +3896,12 @@ static int handle_pte_fault(struct mm_struct *mm, |
3473 |
if (flags & FAULT_FLAG_WRITE) |
3474 |
flush_tlb_fix_spurious_fault(vma, address); |
3475 |
} |
3476 |
@@ -98101,7 +98039,7 @@ index 102af09..4118c57 100644 |
3477 |
unlock: |
3478 |
pte_unmap_unlock(pte, ptl); |
3479 |
return 0; |
3480 |
-@@ -3706,9 +3917,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3481 |
+@@ -3707,9 +3918,41 @@ static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
3482 |
pmd_t *pmd; |
3483 |
pte_t *pte; |
3484 |
|
3485 |
@@ -98143,7 +98081,7 @@ index 102af09..4118c57 100644 |
3486 |
pgd = pgd_offset(mm, address); |
3487 |
pud = pud_alloc(mm, pgd, address); |
3488 |
if (!pud) |
3489 |
-@@ -3836,6 +4079,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
3490 |
+@@ -3837,6 +4080,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
3491 |
spin_unlock(&mm->page_table_lock); |
3492 |
return 0; |
3493 |
} |
3494 |
@@ -98167,7 +98105,7 @@ index 102af09..4118c57 100644 |
3495 |
#endif /* __PAGETABLE_PUD_FOLDED */ |
3496 |
|
3497 |
#ifndef __PAGETABLE_PMD_FOLDED |
3498 |
-@@ -3866,6 +4126,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
3499 |
+@@ -3867,6 +4127,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
3500 |
spin_unlock(&mm->page_table_lock); |
3501 |
return 0; |
3502 |
} |
3503 |
@@ -98198,7 +98136,7 @@ index 102af09..4118c57 100644 |
3504 |
#endif /* __PAGETABLE_PMD_FOLDED */ |
3505 |
|
3506 |
#if !defined(__HAVE_ARCH_GATE_AREA) |
3507 |
-@@ -3879,7 +4163,7 @@ static int __init gate_vma_init(void) |
3508 |
+@@ -3880,7 +4164,7 @@ static int __init gate_vma_init(void) |
3509 |
gate_vma.vm_start = FIXADDR_USER_START; |
3510 |
gate_vma.vm_end = FIXADDR_USER_END; |
3511 |
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; |
3512 |
@@ -98207,7 +98145,7 @@ index 102af09..4118c57 100644 |
3513 |
|
3514 |
return 0; |
3515 |
} |
3516 |
-@@ -4013,8 +4297,8 @@ out: |
3517 |
+@@ -4014,8 +4298,8 @@ out: |
3518 |
return ret; |
3519 |
} |
3520 |
|
3521 |
@@ -98218,7 +98156,7 @@ index 102af09..4118c57 100644 |
3522 |
{ |
3523 |
resource_size_t phys_addr; |
3524 |
unsigned long prot = 0; |
3525 |
-@@ -4040,8 +4324,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); |
3526 |
+@@ -4041,8 +4325,8 @@ EXPORT_SYMBOL_GPL(generic_access_phys); |
3527 |
* Access another process' address space as given in mm. If non-NULL, use the |
3528 |
* given task for page fault accounting. |
3529 |
*/ |
3530 |
@@ -98229,7 +98167,7 @@ index 102af09..4118c57 100644 |
3531 |
{ |
3532 |
struct vm_area_struct *vma; |
3533 |
void *old_buf = buf; |
3534 |
-@@ -4049,7 +4333,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
3535 |
+@@ -4050,7 +4334,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
3536 |
down_read(&mm->mmap_sem); |
3537 |
/* ignore errors, just check how much was successfully transferred */ |
3538 |
while (len) { |
3539 |
@@ -98238,7 +98176,7 @@ index 102af09..4118c57 100644 |
3540 |
void *maddr; |
3541 |
struct page *page = NULL; |
3542 |
|
3543 |
-@@ -4108,8 +4392,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
3544 |
+@@ -4109,8 +4393,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
3545 |
* |
3546 |
* The caller must hold a reference on @mm. |
3547 |
*/ |
3548 |
@@ -98249,7 +98187,7 @@ index 102af09..4118c57 100644 |
3549 |
{ |
3550 |
return __access_remote_vm(NULL, mm, addr, buf, len, write); |
3551 |
} |
3552 |
-@@ -4119,11 +4403,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, |
3553 |
+@@ -4120,11 +4404,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, |
3554 |
* Source/target buffer must be kernel space, |
3555 |
* Do not walk the page table directly, use get_user_pages |
3556 |
*/ |
3557 |
@@ -103018,7 +102956,7 @@ index a16ed7b..eb44d17 100644 |
3558 |
|
3559 |
return err; |
3560 |
diff --git a/net/core/dev.c b/net/core/dev.c |
3561 |
-index f6d8d7f..846845c 100644 |
3562 |
+index 73abbd7..1bae4ad 100644 |
3563 |
--- a/net/core/dev.c |
3564 |
+++ b/net/core/dev.c |
3565 |
@@ -1695,14 +1695,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
3566 |
@@ -103047,7 +102985,7 @@ index f6d8d7f..846845c 100644 |
3567 |
|
3568 |
#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) |
3569 |
|
3570 |
-@@ -3238,7 +3238,7 @@ enqueue: |
3571 |
+@@ -3240,7 +3240,7 @@ enqueue: |
3572 |
|
3573 |
local_irq_restore(flags); |
3574 |
|
3575 |
@@ -103056,7 +102994,7 @@ index f6d8d7f..846845c 100644 |
3576 |
kfree_skb(skb); |
3577 |
return NET_RX_DROP; |
3578 |
} |
3579 |
-@@ -3319,7 +3319,7 @@ int netif_rx_ni(struct sk_buff *skb) |
3580 |
+@@ -3321,7 +3321,7 @@ int netif_rx_ni(struct sk_buff *skb) |
3581 |
} |
3582 |
EXPORT_SYMBOL(netif_rx_ni); |
3583 |
|
3584 |
@@ -103065,7 +103003,7 @@ index f6d8d7f..846845c 100644 |
3585 |
{ |
3586 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
3587 |
|
3588 |
-@@ -3656,7 +3656,7 @@ ncls: |
3589 |
+@@ -3658,7 +3658,7 @@ ncls: |
3590 |
ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
3591 |
} else { |
3592 |
drop: |
3593 |
@@ -103074,7 +103012,7 @@ index f6d8d7f..846845c 100644 |
3594 |
kfree_skb(skb); |
3595 |
/* Jamal, now you will not able to escape explaining |
3596 |
* me how you were going to use this. :-) |
3597 |
-@@ -4346,7 +4346,7 @@ void netif_napi_del(struct napi_struct *napi) |
3598 |
+@@ -4348,7 +4348,7 @@ void netif_napi_del(struct napi_struct *napi) |
3599 |
} |
3600 |
EXPORT_SYMBOL(netif_napi_del); |
3601 |
|
3602 |
@@ -103083,7 +103021,7 @@ index f6d8d7f..846845c 100644 |
3603 |
{ |
3604 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
3605 |
unsigned long time_limit = jiffies + 2; |
3606 |
-@@ -5066,7 +5066,7 @@ void netdev_upper_dev_unlink(struct net_device *dev, |
3607 |
+@@ -5068,7 +5068,7 @@ void netdev_upper_dev_unlink(struct net_device *dev, |
3608 |
} |
3609 |
EXPORT_SYMBOL(netdev_upper_dev_unlink); |
3610 |
|
3611 |
@@ -103092,7 +103030,7 @@ index f6d8d7f..846845c 100644 |
3612 |
{ |
3613 |
struct netdev_adjacent *iter; |
3614 |
|
3615 |
-@@ -5091,7 +5091,7 @@ void netdev_adjacent_add_links(struct net_device *dev) |
3616 |
+@@ -5093,7 +5093,7 @@ void netdev_adjacent_add_links(struct net_device *dev) |
3617 |
} |
3618 |
} |
3619 |
|
3620 |
@@ -103101,7 +103039,7 @@ index f6d8d7f..846845c 100644 |
3621 |
{ |
3622 |
struct netdev_adjacent *iter; |
3623 |
|
3624 |
-@@ -6376,7 +6376,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
3625 |
+@@ -6378,7 +6378,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
3626 |
} else { |
3627 |
netdev_stats_to_stats64(storage, &dev->stats); |
3628 |
} |
3629 |
@@ -103110,7 +103048,7 @@ index f6d8d7f..846845c 100644 |
3630 |
return storage; |
3631 |
} |
3632 |
EXPORT_SYMBOL(dev_get_stats); |
3633 |
-@@ -6392,7 +6392,7 @@ struct netdev_queue *dev_ingress_queue_create(struct net_device *dev) |
3634 |
+@@ -6394,7 +6394,7 @@ struct netdev_queue *dev_ingress_queue_create(struct net_device *dev) |
3635 |
if (!queue) |
3636 |
return NULL; |
3637 |
netdev_init_one_queue(dev, queue, NULL); |
3638 |
@@ -103612,7 +103550,7 @@ index e2b1bba..71bd8fe 100644 |
3639 |
} |
3640 |
|
3641 |
diff --git a/net/core/sock.c b/net/core/sock.c |
3642 |
-index c806956..b63d825 100644 |
3643 |
+index 650dd58..25162a5 100644 |
3644 |
--- a/net/core/sock.c |
3645 |
+++ b/net/core/sock.c |
3646 |
@@ -442,7 +442,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) |
3647 |
@@ -103660,7 +103598,7 @@ index c806956..b63d825 100644 |
3648 |
goto discard_and_relse; |
3649 |
} |
3650 |
|
3651 |
-@@ -998,12 +998,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3652 |
+@@ -1017,12 +1017,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3653 |
struct timeval tm; |
3654 |
} v; |
3655 |
|
3656 |
@@ -103676,7 +103614,7 @@ index c806956..b63d825 100644 |
3657 |
return -EINVAL; |
3658 |
|
3659 |
memset(&v, 0, sizeof(v)); |
3660 |
-@@ -1155,11 +1155,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3661 |
+@@ -1174,11 +1174,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3662 |
|
3663 |
case SO_PEERNAME: |
3664 |
{ |
3665 |
@@ -103690,7 +103628,7 @@ index c806956..b63d825 100644 |
3666 |
return -EINVAL; |
3667 |
if (copy_to_user(optval, address, len)) |
3668 |
return -EFAULT; |
3669 |
-@@ -1240,7 +1240,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3670 |
+@@ -1259,7 +1259,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
3671 |
|
3672 |
if (len > lv) |
3673 |
len = lv; |
3674 |
@@ -103699,7 +103637,7 @@ index c806956..b63d825 100644 |
3675 |
return -EFAULT; |
3676 |
lenout: |
3677 |
if (put_user(len, optlen)) |
3678 |
-@@ -1731,6 +1731,8 @@ EXPORT_SYMBOL(sock_kmalloc); |
3679 |
+@@ -1750,6 +1750,8 @@ EXPORT_SYMBOL(sock_kmalloc); |
3680 |
*/ |
3681 |
void sock_kfree_s(struct sock *sk, void *mem, int size) |
3682 |
{ |
3683 |
@@ -103708,7 +103646,7 @@ index c806956..b63d825 100644 |
3684 |
kfree(mem); |
3685 |
atomic_sub(size, &sk->sk_omem_alloc); |
3686 |
} |
3687 |
-@@ -2375,7 +2377,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
3688 |
+@@ -2394,7 +2396,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
3689 |
*/ |
3690 |
smp_wmb(); |
3691 |
atomic_set(&sk->sk_refcnt, 1); |
3692 |
@@ -103717,7 +103655,7 @@ index c806956..b63d825 100644 |
3693 |
} |
3694 |
EXPORT_SYMBOL(sock_init_data); |
3695 |
|
3696 |
-@@ -2503,6 +2505,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) |
3697 |
+@@ -2522,6 +2524,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) |
3698 |
int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
3699 |
int level, int type) |
3700 |
{ |
3701 |
@@ -103725,7 +103663,7 @@ index c806956..b63d825 100644 |
3702 |
struct sock_exterr_skb *serr; |
3703 |
struct sk_buff *skb, *skb2; |
3704 |
int copied, err; |
3705 |
-@@ -2524,7 +2527,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
3706 |
+@@ -2543,7 +2546,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
3707 |
sock_recv_timestamp(msg, sk, skb); |
3708 |
|
3709 |
serr = SKB_EXT_ERR(skb); |
3710 |
@@ -104904,7 +104842,7 @@ index 44eba05..b36864b 100644 |
3711 |
hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table); |
3712 |
if (hdr == NULL) |
3713 |
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
3714 |
-index 2291791..7b62d2b 100644 |
3715 |
+index 9fbd69e..285e21e 100644 |
3716 |
--- a/net/ipv4/tcp_input.c |
3717 |
+++ b/net/ipv4/tcp_input.c |
3718 |
@@ -761,7 +761,7 @@ static void tcp_update_pacing_rate(struct sock *sk) |
3719 |
@@ -104916,7 +104854,7 @@ index 2291791..7b62d2b 100644 |
3720 |
sk->sk_max_pacing_rate); |
3721 |
} |
3722 |
|
3723 |
-@@ -4482,7 +4482,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
3724 |
+@@ -4483,7 +4483,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
3725 |
* simplifies code) |
3726 |
*/ |
3727 |
static void |
3728 |
@@ -104925,7 +104863,7 @@ index 2291791..7b62d2b 100644 |
3729 |
struct sk_buff *head, struct sk_buff *tail, |
3730 |
u32 start, u32 end) |
3731 |
{ |
3732 |
-@@ -5559,6 +5559,7 @@ discard: |
3733 |
+@@ -5560,6 +5560,7 @@ discard: |
3734 |
tcp_paws_reject(&tp->rx_opt, 0)) |
3735 |
goto discard_and_undo; |
3736 |
|
3737 |
@@ -104933,7 +104871,7 @@ index 2291791..7b62d2b 100644 |
3738 |
if (th->syn) { |
3739 |
/* We see SYN without ACK. It is attempt of |
3740 |
* simultaneous connect with crossed SYNs. |
3741 |
-@@ -5609,6 +5610,7 @@ discard: |
3742 |
+@@ -5610,6 +5611,7 @@ discard: |
3743 |
goto discard; |
3744 |
#endif |
3745 |
} |
3746 |
@@ -104941,7 +104879,7 @@ index 2291791..7b62d2b 100644 |
3747 |
/* "fifth, if neither of the SYN or RST bits is set then |
3748 |
* drop the segment and return." |
3749 |
*/ |
3750 |
-@@ -5655,7 +5657,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
3751 |
+@@ -5656,7 +5658,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
3752 |
goto discard; |
3753 |
|
3754 |
if (th->syn) { |
3755 |
@@ -104951,7 +104889,7 @@ index 2291791..7b62d2b 100644 |
3756 |
if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) |
3757 |
return 1; |
3758 |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
3759 |
-index b7effad..70ddfe0 100644 |
3760 |
+index e2f8bd0..6c664ad 100644 |
3761 |
--- a/net/ipv4/tcp_ipv4.c |
3762 |
+++ b/net/ipv4/tcp_ipv4.c |
3763 |
@@ -91,6 +91,10 @@ int sysctl_tcp_low_latency __read_mostly; |
3764 |
@@ -105965,7 +105903,7 @@ index 7f405a1..eabef92 100644 |
3765 |
struct ctl_table *ipv6_icmp_table; |
3766 |
int err; |
3767 |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
3768 |
-index a4f890d..5db3708 100644 |
3769 |
+index 9d4332d..4292595 100644 |
3770 |
--- a/net/ipv6/tcp_ipv6.c |
3771 |
+++ b/net/ipv6/tcp_ipv6.c |
3772 |
@@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) |
3773 |
|
3774 |
diff --git a/3.19.5/4425_grsec_remove_EI_PAX.patch b/3.14.40/4425_grsec_remove_EI_PAX.patch |
3775 |
similarity index 100% |
3776 |
rename from 3.19.5/4425_grsec_remove_EI_PAX.patch |
3777 |
rename to 3.14.40/4425_grsec_remove_EI_PAX.patch |
3778 |
|
3779 |
diff --git a/3.14.39/4427_force_XATTR_PAX_tmpfs.patch b/3.14.40/4427_force_XATTR_PAX_tmpfs.patch |
3780 |
similarity index 100% |
3781 |
rename from 3.14.39/4427_force_XATTR_PAX_tmpfs.patch |
3782 |
rename to 3.14.40/4427_force_XATTR_PAX_tmpfs.patch |
3783 |
|
3784 |
diff --git a/3.19.5/4430_grsec-remove-localversion-grsec.patch b/3.14.40/4430_grsec-remove-localversion-grsec.patch |
3785 |
similarity index 100% |
3786 |
rename from 3.19.5/4430_grsec-remove-localversion-grsec.patch |
3787 |
rename to 3.14.40/4430_grsec-remove-localversion-grsec.patch |
3788 |
|
3789 |
diff --git a/3.14.39/4435_grsec-mute-warnings.patch b/3.14.40/4435_grsec-mute-warnings.patch |
3790 |
similarity index 100% |
3791 |
rename from 3.14.39/4435_grsec-mute-warnings.patch |
3792 |
rename to 3.14.40/4435_grsec-mute-warnings.patch |
3793 |
|
3794 |
diff --git a/3.19.5/4440_grsec-remove-protected-paths.patch b/3.14.40/4440_grsec-remove-protected-paths.patch |
3795 |
similarity index 100% |
3796 |
rename from 3.19.5/4440_grsec-remove-protected-paths.patch |
3797 |
rename to 3.14.40/4440_grsec-remove-protected-paths.patch |
3798 |
|
3799 |
diff --git a/3.14.39/4450_grsec-kconfig-default-gids.patch b/3.14.40/4450_grsec-kconfig-default-gids.patch |
3800 |
similarity index 100% |
3801 |
rename from 3.14.39/4450_grsec-kconfig-default-gids.patch |
3802 |
rename to 3.14.40/4450_grsec-kconfig-default-gids.patch |
3803 |
|
3804 |
diff --git a/3.14.39/4465_selinux-avc_audit-log-curr_ip.patch b/3.14.40/4465_selinux-avc_audit-log-curr_ip.patch |
3805 |
similarity index 100% |
3806 |
rename from 3.14.39/4465_selinux-avc_audit-log-curr_ip.patch |
3807 |
rename to 3.14.40/4465_selinux-avc_audit-log-curr_ip.patch |
3808 |
|
3809 |
diff --git a/3.14.39/4470_disable-compat_vdso.patch b/3.14.40/4470_disable-compat_vdso.patch |
3810 |
similarity index 100% |
3811 |
rename from 3.14.39/4470_disable-compat_vdso.patch |
3812 |
rename to 3.14.40/4470_disable-compat_vdso.patch |
3813 |
|
3814 |
diff --git a/3.19.5/4475_emutramp_default_on.patch b/3.14.40/4475_emutramp_default_on.patch |
3815 |
similarity index 100% |
3816 |
rename from 3.19.5/4475_emutramp_default_on.patch |
3817 |
rename to 3.14.40/4475_emutramp_default_on.patch |
3818 |
|
3819 |
diff --git a/3.19.5/0000_README b/3.19.6/0000_README |
3820 |
similarity index 92% |
3821 |
rename from 3.19.5/0000_README |
3822 |
rename to 3.19.6/0000_README |
3823 |
index 4fd49ef..725e5d4 100644 |
3824 |
--- a/3.19.5/0000_README |
3825 |
+++ b/3.19.6/0000_README |
3826 |
@@ -2,7 +2,11 @@ README |
3827 |
----------------------------------------------------------------------------- |
3828 |
Individual Patch Descriptions: |
3829 |
----------------------------------------------------------------------------- |
3830 |
-Patch: 4420_grsecurity-3.1-3.19.5-201504270827.patch |
3831 |
+Patch: 1005_linux-3.19.6.patch |
3832 |
+From: http://www.kernel.org |
3833 |
+Desc: Linux 3.19.6 |
3834 |
+ |
3835 |
+Patch: 4420_grsecurity-3.1-3.19.6-201504290821.patch |
3836 |
From: http://www.grsecurity.net |
3837 |
Desc: hardened-sources base patch from upstream grsecurity |
3838 |
|
3839 |
|
3840 |
diff --git a/3.19.6/1005_linux-3.19.6.patch b/3.19.6/1005_linux-3.19.6.patch |
3841 |
new file mode 100644 |
3842 |
index 0000000..f55bc7e |
3843 |
--- /dev/null |
3844 |
+++ b/3.19.6/1005_linux-3.19.6.patch |
3845 |
@@ -0,0 +1,1674 @@ |
3846 |
+diff --git a/Makefile b/Makefile |
3847 |
+index 633b5f0..65c7c87 100644 |
3848 |
+--- a/Makefile |
3849 |
++++ b/Makefile |
3850 |
+@@ -1,6 +1,6 @@ |
3851 |
+ VERSION = 3 |
3852 |
+ PATCHLEVEL = 19 |
3853 |
+-SUBLEVEL = 5 |
3854 |
++SUBLEVEL = 6 |
3855 |
+ EXTRAVERSION = |
3856 |
+ NAME = Diseased Newt |
3857 |
+ |
3858 |
+diff --git a/arch/arm/mm/hugetlbpage.c b/arch/arm/mm/hugetlbpage.c |
3859 |
+index 66781bf..c724124 100644 |
3860 |
+--- a/arch/arm/mm/hugetlbpage.c |
3861 |
++++ b/arch/arm/mm/hugetlbpage.c |
3862 |
+@@ -36,12 +36,6 @@ |
3863 |
+ * of type casting from pmd_t * to pte_t *. |
3864 |
+ */ |
3865 |
+ |
3866 |
+-struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address, |
3867 |
+- int write) |
3868 |
+-{ |
3869 |
+- return ERR_PTR(-EINVAL); |
3870 |
+-} |
3871 |
+- |
3872 |
+ int pud_huge(pud_t pud) |
3873 |
+ { |
3874 |
+ return 0; |
3875 |
+diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c |
3876 |
+index 023747b..2de9d2e 100644 |
3877 |
+--- a/arch/arm64/mm/hugetlbpage.c |
3878 |
++++ b/arch/arm64/mm/hugetlbpage.c |
3879 |
+@@ -38,12 +38,6 @@ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep) |
3880 |
+ } |
3881 |
+ #endif |
3882 |
+ |
3883 |
+-struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address, |
3884 |
+- int write) |
3885 |
+-{ |
3886 |
+- return ERR_PTR(-EINVAL); |
3887 |
+-} |
3888 |
+- |
3889 |
+ int pmd_huge(pmd_t pmd) |
3890 |
+ { |
3891 |
+ return !(pmd_val(pmd) & PMD_TABLE_BIT); |
3892 |
+diff --git a/arch/ia64/mm/hugetlbpage.c b/arch/ia64/mm/hugetlbpage.c |
3893 |
+index 76069c1..52b7604 100644 |
3894 |
+--- a/arch/ia64/mm/hugetlbpage.c |
3895 |
++++ b/arch/ia64/mm/hugetlbpage.c |
3896 |
+@@ -114,12 +114,6 @@ int pud_huge(pud_t pud) |
3897 |
+ return 0; |
3898 |
+ } |
3899 |
+ |
3900 |
+-struct page * |
3901 |
+-follow_huge_pmd(struct mm_struct *mm, unsigned long address, pmd_t *pmd, int write) |
3902 |
+-{ |
3903 |
+- return NULL; |
3904 |
+-} |
3905 |
+- |
3906 |
+ void hugetlb_free_pgd_range(struct mmu_gather *tlb, |
3907 |
+ unsigned long addr, unsigned long end, |
3908 |
+ unsigned long floor, unsigned long ceiling) |
3909 |
+diff --git a/arch/metag/mm/hugetlbpage.c b/arch/metag/mm/hugetlbpage.c |
3910 |
+index 3c32075..7ca80ac 100644 |
3911 |
+--- a/arch/metag/mm/hugetlbpage.c |
3912 |
++++ b/arch/metag/mm/hugetlbpage.c |
3913 |
+@@ -94,12 +94,6 @@ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep) |
3914 |
+ return 0; |
3915 |
+ } |
3916 |
+ |
3917 |
+-struct page *follow_huge_addr(struct mm_struct *mm, |
3918 |
+- unsigned long address, int write) |
3919 |
+-{ |
3920 |
+- return ERR_PTR(-EINVAL); |
3921 |
+-} |
3922 |
+- |
3923 |
+ int pmd_huge(pmd_t pmd) |
3924 |
+ { |
3925 |
+ return pmd_page_shift(pmd) > PAGE_SHIFT; |
3926 |
+diff --git a/arch/mips/mm/hugetlbpage.c b/arch/mips/mm/hugetlbpage.c |
3927 |
+index 4ec8ee1..06e0f42 100644 |
3928 |
+--- a/arch/mips/mm/hugetlbpage.c |
3929 |
++++ b/arch/mips/mm/hugetlbpage.c |
3930 |
+@@ -68,12 +68,6 @@ int is_aligned_hugepage_range(unsigned long addr, unsigned long len) |
3931 |
+ return 0; |
3932 |
+ } |
3933 |
+ |
3934 |
+-struct page * |
3935 |
+-follow_huge_addr(struct mm_struct *mm, unsigned long address, int write) |
3936 |
+-{ |
3937 |
+- return ERR_PTR(-EINVAL); |
3938 |
+-} |
3939 |
+- |
3940 |
+ int pmd_huge(pmd_t pmd) |
3941 |
+ { |
3942 |
+ return (pmd_val(pmd) & _PAGE_HUGE) != 0; |
3943 |
+@@ -83,15 +77,3 @@ int pud_huge(pud_t pud) |
3944 |
+ { |
3945 |
+ return (pud_val(pud) & _PAGE_HUGE) != 0; |
3946 |
+ } |
3947 |
+- |
3948 |
+-struct page * |
3949 |
+-follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
3950 |
+- pmd_t *pmd, int write) |
3951 |
+-{ |
3952 |
+- struct page *page; |
3953 |
+- |
3954 |
+- page = pte_page(*(pte_t *)pmd); |
3955 |
+- if (page) |
3956 |
+- page += ((address & ~HPAGE_MASK) >> PAGE_SHIFT); |
3957 |
+- return page; |
3958 |
+-} |
3959 |
+diff --git a/arch/powerpc/mm/hugetlbpage.c b/arch/powerpc/mm/hugetlbpage.c |
3960 |
+index 620d0ec..7e408bf 100644 |
3961 |
+--- a/arch/powerpc/mm/hugetlbpage.c |
3962 |
++++ b/arch/powerpc/mm/hugetlbpage.c |
3963 |
+@@ -714,6 +714,14 @@ follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
3964 |
+ return NULL; |
3965 |
+ } |
3966 |
+ |
3967 |
++struct page * |
3968 |
++follow_huge_pud(struct mm_struct *mm, unsigned long address, |
3969 |
++ pud_t *pud, int write) |
3970 |
++{ |
3971 |
++ BUG(); |
3972 |
++ return NULL; |
3973 |
++} |
3974 |
++ |
3975 |
+ static unsigned long hugepte_addr_end(unsigned long addr, unsigned long end, |
3976 |
+ unsigned long sz) |
3977 |
+ { |
3978 |
+diff --git a/arch/s390/mm/hugetlbpage.c b/arch/s390/mm/hugetlbpage.c |
3979 |
+index 3c80d2e..210ffed 100644 |
3980 |
+--- a/arch/s390/mm/hugetlbpage.c |
3981 |
++++ b/arch/s390/mm/hugetlbpage.c |
3982 |
+@@ -192,12 +192,6 @@ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep) |
3983 |
+ return 0; |
3984 |
+ } |
3985 |
+ |
3986 |
+-struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address, |
3987 |
+- int write) |
3988 |
+-{ |
3989 |
+- return ERR_PTR(-EINVAL); |
3990 |
+-} |
3991 |
+- |
3992 |
+ int pmd_huge(pmd_t pmd) |
3993 |
+ { |
3994 |
+ if (!MACHINE_HAS_HPAGE) |
3995 |
+@@ -210,17 +204,3 @@ int pud_huge(pud_t pud) |
3996 |
+ { |
3997 |
+ return 0; |
3998 |
+ } |
3999 |
+- |
4000 |
+-struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4001 |
+- pmd_t *pmdp, int write) |
4002 |
+-{ |
4003 |
+- struct page *page; |
4004 |
+- |
4005 |
+- if (!MACHINE_HAS_HPAGE) |
4006 |
+- return NULL; |
4007 |
+- |
4008 |
+- page = pmd_page(*pmdp); |
4009 |
+- if (page) |
4010 |
+- page += ((address & ~HPAGE_MASK) >> PAGE_SHIFT); |
4011 |
+- return page; |
4012 |
+-} |
4013 |
+diff --git a/arch/sh/mm/hugetlbpage.c b/arch/sh/mm/hugetlbpage.c |
4014 |
+index d776234..534bc97 100644 |
4015 |
+--- a/arch/sh/mm/hugetlbpage.c |
4016 |
++++ b/arch/sh/mm/hugetlbpage.c |
4017 |
+@@ -67,12 +67,6 @@ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep) |
4018 |
+ return 0; |
4019 |
+ } |
4020 |
+ |
4021 |
+-struct page *follow_huge_addr(struct mm_struct *mm, |
4022 |
+- unsigned long address, int write) |
4023 |
+-{ |
4024 |
+- return ERR_PTR(-EINVAL); |
4025 |
+-} |
4026 |
+- |
4027 |
+ int pmd_huge(pmd_t pmd) |
4028 |
+ { |
4029 |
+ return 0; |
4030 |
+@@ -82,9 +76,3 @@ int pud_huge(pud_t pud) |
4031 |
+ { |
4032 |
+ return 0; |
4033 |
+ } |
4034 |
+- |
4035 |
+-struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4036 |
+- pmd_t *pmd, int write) |
4037 |
+-{ |
4038 |
+- return NULL; |
4039 |
+-} |
4040 |
+diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c |
4041 |
+index d329537..4242eab 100644 |
4042 |
+--- a/arch/sparc/mm/hugetlbpage.c |
4043 |
++++ b/arch/sparc/mm/hugetlbpage.c |
4044 |
+@@ -215,12 +215,6 @@ pte_t huge_ptep_get_and_clear(struct mm_struct *mm, unsigned long addr, |
4045 |
+ return entry; |
4046 |
+ } |
4047 |
+ |
4048 |
+-struct page *follow_huge_addr(struct mm_struct *mm, |
4049 |
+- unsigned long address, int write) |
4050 |
+-{ |
4051 |
+- return ERR_PTR(-EINVAL); |
4052 |
+-} |
4053 |
+- |
4054 |
+ int pmd_huge(pmd_t pmd) |
4055 |
+ { |
4056 |
+ return 0; |
4057 |
+@@ -230,9 +224,3 @@ int pud_huge(pud_t pud) |
4058 |
+ { |
4059 |
+ return 0; |
4060 |
+ } |
4061 |
+- |
4062 |
+-struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4063 |
+- pmd_t *pmd, int write) |
4064 |
+-{ |
4065 |
+- return NULL; |
4066 |
+-} |
4067 |
+diff --git a/arch/tile/mm/hugetlbpage.c b/arch/tile/mm/hugetlbpage.c |
4068 |
+index 3270e00..8416240 100644 |
4069 |
+--- a/arch/tile/mm/hugetlbpage.c |
4070 |
++++ b/arch/tile/mm/hugetlbpage.c |
4071 |
+@@ -150,12 +150,6 @@ pte_t *huge_pte_offset(struct mm_struct *mm, unsigned long addr) |
4072 |
+ return NULL; |
4073 |
+ } |
4074 |
+ |
4075 |
+-struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address, |
4076 |
+- int write) |
4077 |
+-{ |
4078 |
+- return ERR_PTR(-EINVAL); |
4079 |
+-} |
4080 |
+- |
4081 |
+ int pmd_huge(pmd_t pmd) |
4082 |
+ { |
4083 |
+ return !!(pmd_val(pmd) & _PAGE_HUGE_PAGE); |
4084 |
+@@ -166,28 +160,6 @@ int pud_huge(pud_t pud) |
4085 |
+ return !!(pud_val(pud) & _PAGE_HUGE_PAGE); |
4086 |
+ } |
4087 |
+ |
4088 |
+-struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4089 |
+- pmd_t *pmd, int write) |
4090 |
+-{ |
4091 |
+- struct page *page; |
4092 |
+- |
4093 |
+- page = pte_page(*(pte_t *)pmd); |
4094 |
+- if (page) |
4095 |
+- page += ((address & ~PMD_MASK) >> PAGE_SHIFT); |
4096 |
+- return page; |
4097 |
+-} |
4098 |
+- |
4099 |
+-struct page *follow_huge_pud(struct mm_struct *mm, unsigned long address, |
4100 |
+- pud_t *pud, int write) |
4101 |
+-{ |
4102 |
+- struct page *page; |
4103 |
+- |
4104 |
+- page = pte_page(*(pte_t *)pud); |
4105 |
+- if (page) |
4106 |
+- page += ((address & ~PUD_MASK) >> PAGE_SHIFT); |
4107 |
+- return page; |
4108 |
+-} |
4109 |
+- |
4110 |
+ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep) |
4111 |
+ { |
4112 |
+ return 0; |
4113 |
+diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
4114 |
+index d4c58d8..3124464 100644 |
4115 |
+--- a/arch/x86/kvm/vmx.c |
4116 |
++++ b/arch/x86/kvm/vmx.c |
4117 |
+@@ -2404,8 +2404,7 @@ static __init void nested_vmx_setup_ctls_msrs(void) |
4118 |
+ |
4119 |
+ if (enable_ept) { |
4120 |
+ /* nested EPT: emulate EPT also to L1 */ |
4121 |
+- nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT | |
4122 |
+- SECONDARY_EXEC_UNRESTRICTED_GUEST; |
4123 |
++ nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT; |
4124 |
+ nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT | |
4125 |
+ VMX_EPTP_WB_BIT | VMX_EPT_2MB_PAGE_BIT | |
4126 |
+ VMX_EPT_INVEPT_BIT; |
4127 |
+@@ -2419,6 +2418,10 @@ static __init void nested_vmx_setup_ctls_msrs(void) |
4128 |
+ } else |
4129 |
+ nested_vmx_ept_caps = 0; |
4130 |
+ |
4131 |
++ if (enable_unrestricted_guest) |
4132 |
++ nested_vmx_secondary_ctls_high |= |
4133 |
++ SECONDARY_EXEC_UNRESTRICTED_GUEST; |
4134 |
++ |
4135 |
+ /* miscellaneous data */ |
4136 |
+ rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high); |
4137 |
+ nested_vmx_misc_low &= VMX_MISC_SAVE_EFER_LMA; |
4138 |
+diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
4139 |
+index 006cc91..9161f76 100644 |
4140 |
+--- a/arch/x86/mm/hugetlbpage.c |
4141 |
++++ b/arch/x86/mm/hugetlbpage.c |
4142 |
+@@ -52,20 +52,8 @@ int pud_huge(pud_t pud) |
4143 |
+ return 0; |
4144 |
+ } |
4145 |
+ |
4146 |
+-struct page * |
4147 |
+-follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4148 |
+- pmd_t *pmd, int write) |
4149 |
+-{ |
4150 |
+- return NULL; |
4151 |
+-} |
4152 |
+ #else |
4153 |
+ |
4154 |
+-struct page * |
4155 |
+-follow_huge_addr(struct mm_struct *mm, unsigned long address, int write) |
4156 |
+-{ |
4157 |
+- return ERR_PTR(-EINVAL); |
4158 |
+-} |
4159 |
+- |
4160 |
+ /* |
4161 |
+ * pmd_huge() returns 1 if @pmd is hugetlb related entry, that is normal |
4162 |
+ * hugetlb entry or non-present (migration or hwpoisoned) hugetlb entry. |
4163 |
+diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
4164 |
+index 0dceba1..68ad39a 100644 |
4165 |
+--- a/drivers/net/bonding/bond_main.c |
4166 |
++++ b/drivers/net/bonding/bond_main.c |
4167 |
+@@ -3797,7 +3797,8 @@ static inline int bond_slave_override(struct bonding *bond, |
4168 |
+ /* Find out if any slaves have the same mapping as this skb. */ |
4169 |
+ bond_for_each_slave_rcu(bond, slave, iter) { |
4170 |
+ if (slave->queue_id == skb->queue_mapping) { |
4171 |
+- if (bond_slave_can_tx(slave)) { |
4172 |
++ if (bond_slave_is_up(slave) && |
4173 |
++ slave->link == BOND_LINK_UP) { |
4174 |
+ bond_dev_queue_xmit(bond, skb, slave->dev); |
4175 |
+ return 0; |
4176 |
+ } |
4177 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4178 |
+index c3a6072..2559206 100644 |
4179 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4180 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4181 |
+@@ -531,20 +531,8 @@ struct bnx2x_fastpath { |
4182 |
+ struct napi_struct napi; |
4183 |
+ |
4184 |
+ #ifdef CONFIG_NET_RX_BUSY_POLL |
4185 |
+- unsigned int state; |
4186 |
+-#define BNX2X_FP_STATE_IDLE 0 |
4187 |
+-#define BNX2X_FP_STATE_NAPI (1 << 0) /* NAPI owns this FP */ |
4188 |
+-#define BNX2X_FP_STATE_POLL (1 << 1) /* poll owns this FP */ |
4189 |
+-#define BNX2X_FP_STATE_DISABLED (1 << 2) |
4190 |
+-#define BNX2X_FP_STATE_NAPI_YIELD (1 << 3) /* NAPI yielded this FP */ |
4191 |
+-#define BNX2X_FP_STATE_POLL_YIELD (1 << 4) /* poll yielded this FP */ |
4192 |
+-#define BNX2X_FP_OWNED (BNX2X_FP_STATE_NAPI | BNX2X_FP_STATE_POLL) |
4193 |
+-#define BNX2X_FP_YIELD (BNX2X_FP_STATE_NAPI_YIELD | BNX2X_FP_STATE_POLL_YIELD) |
4194 |
+-#define BNX2X_FP_LOCKED (BNX2X_FP_OWNED | BNX2X_FP_STATE_DISABLED) |
4195 |
+-#define BNX2X_FP_USER_PEND (BNX2X_FP_STATE_POLL | BNX2X_FP_STATE_POLL_YIELD) |
4196 |
+- /* protect state */ |
4197 |
+- spinlock_t lock; |
4198 |
+-#endif /* CONFIG_NET_RX_BUSY_POLL */ |
4199 |
++ unsigned long busy_poll_state; |
4200 |
++#endif |
4201 |
+ |
4202 |
+ union host_hc_status_block status_blk; |
4203 |
+ /* chip independent shortcuts into sb structure */ |
4204 |
+@@ -619,104 +607,83 @@ struct bnx2x_fastpath { |
4205 |
+ #define bnx2x_fp_qstats(bp, fp) (&((bp)->fp_stats[(fp)->index].eth_q_stats)) |
4206 |
+ |
4207 |
+ #ifdef CONFIG_NET_RX_BUSY_POLL |
4208 |
+-static inline void bnx2x_fp_init_lock(struct bnx2x_fastpath *fp) |
4209 |
++ |
4210 |
++enum bnx2x_fp_state { |
4211 |
++ BNX2X_STATE_FP_NAPI = BIT(0), /* NAPI handler owns the queue */ |
4212 |
++ |
4213 |
++ BNX2X_STATE_FP_NAPI_REQ_BIT = 1, /* NAPI would like to own the queue */ |
4214 |
++ BNX2X_STATE_FP_NAPI_REQ = BIT(1), |
4215 |
++ |
4216 |
++ BNX2X_STATE_FP_POLL_BIT = 2, |
4217 |
++ BNX2X_STATE_FP_POLL = BIT(2), /* busy_poll owns the queue */ |
4218 |
++ |
4219 |
++ BNX2X_STATE_FP_DISABLE_BIT = 3, /* queue is dismantled */ |
4220 |
++}; |
4221 |
++ |
4222 |
++static inline void bnx2x_fp_busy_poll_init(struct bnx2x_fastpath *fp) |
4223 |
+ { |
4224 |
+- spin_lock_init(&fp->lock); |
4225 |
+- fp->state = BNX2X_FP_STATE_IDLE; |
4226 |
++ WRITE_ONCE(fp->busy_poll_state, 0); |
4227 |
+ } |
4228 |
+ |
4229 |
+ /* called from the device poll routine to get ownership of a FP */ |
4230 |
+ static inline bool bnx2x_fp_lock_napi(struct bnx2x_fastpath *fp) |
4231 |
+ { |
4232 |
+- bool rc = true; |
4233 |
+- |
4234 |
+- spin_lock_bh(&fp->lock); |
4235 |
+- if (fp->state & BNX2X_FP_LOCKED) { |
4236 |
+- WARN_ON(fp->state & BNX2X_FP_STATE_NAPI); |
4237 |
+- fp->state |= BNX2X_FP_STATE_NAPI_YIELD; |
4238 |
+- rc = false; |
4239 |
+- } else { |
4240 |
+- /* we don't care if someone yielded */ |
4241 |
+- fp->state = BNX2X_FP_STATE_NAPI; |
4242 |
++ unsigned long prev, old = READ_ONCE(fp->busy_poll_state); |
4243 |
++ |
4244 |
++ while (1) { |
4245 |
++ switch (old) { |
4246 |
++ case BNX2X_STATE_FP_POLL: |
4247 |
++ /* make sure bnx2x_fp_lock_poll() wont starve us */ |
4248 |
++ set_bit(BNX2X_STATE_FP_NAPI_REQ_BIT, |
4249 |
++ &fp->busy_poll_state); |
4250 |
++ /* fallthrough */ |
4251 |
++ case BNX2X_STATE_FP_POLL | BNX2X_STATE_FP_NAPI_REQ: |
4252 |
++ return false; |
4253 |
++ default: |
4254 |
++ break; |
4255 |
++ } |
4256 |
++ prev = cmpxchg(&fp->busy_poll_state, old, BNX2X_STATE_FP_NAPI); |
4257 |
++ if (unlikely(prev != old)) { |
4258 |
++ old = prev; |
4259 |
++ continue; |
4260 |
++ } |
4261 |
++ return true; |
4262 |
+ } |
4263 |
+- spin_unlock_bh(&fp->lock); |
4264 |
+- return rc; |
4265 |
+ } |
4266 |
+ |
4267 |
+-/* returns true is someone tried to get the FP while napi had it */ |
4268 |
+-static inline bool bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
4269 |
++static inline void bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
4270 |
+ { |
4271 |
+- bool rc = false; |
4272 |
+- |
4273 |
+- spin_lock_bh(&fp->lock); |
4274 |
+- WARN_ON(fp->state & |
4275 |
+- (BNX2X_FP_STATE_POLL | BNX2X_FP_STATE_NAPI_YIELD)); |
4276 |
+- |
4277 |
+- if (fp->state & BNX2X_FP_STATE_POLL_YIELD) |
4278 |
+- rc = true; |
4279 |
+- |
4280 |
+- /* state ==> idle, unless currently disabled */ |
4281 |
+- fp->state &= BNX2X_FP_STATE_DISABLED; |
4282 |
+- spin_unlock_bh(&fp->lock); |
4283 |
+- return rc; |
4284 |
++ smp_wmb(); |
4285 |
++ fp->busy_poll_state = 0; |
4286 |
+ } |
4287 |
+ |
4288 |
+ /* called from bnx2x_low_latency_poll() */ |
4289 |
+ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
4290 |
+ { |
4291 |
+- bool rc = true; |
4292 |
+- |
4293 |
+- spin_lock_bh(&fp->lock); |
4294 |
+- if ((fp->state & BNX2X_FP_LOCKED)) { |
4295 |
+- fp->state |= BNX2X_FP_STATE_POLL_YIELD; |
4296 |
+- rc = false; |
4297 |
+- } else { |
4298 |
+- /* preserve yield marks */ |
4299 |
+- fp->state |= BNX2X_FP_STATE_POLL; |
4300 |
+- } |
4301 |
+- spin_unlock_bh(&fp->lock); |
4302 |
+- return rc; |
4303 |
++ return cmpxchg(&fp->busy_poll_state, 0, BNX2X_STATE_FP_POLL) == 0; |
4304 |
+ } |
4305 |
+ |
4306 |
+-/* returns true if someone tried to get the FP while it was locked */ |
4307 |
+-static inline bool bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
4308 |
++static inline void bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
4309 |
+ { |
4310 |
+- bool rc = false; |
4311 |
+- |
4312 |
+- spin_lock_bh(&fp->lock); |
4313 |
+- WARN_ON(fp->state & BNX2X_FP_STATE_NAPI); |
4314 |
+- |
4315 |
+- if (fp->state & BNX2X_FP_STATE_POLL_YIELD) |
4316 |
+- rc = true; |
4317 |
+- |
4318 |
+- /* state ==> idle, unless currently disabled */ |
4319 |
+- fp->state &= BNX2X_FP_STATE_DISABLED; |
4320 |
+- spin_unlock_bh(&fp->lock); |
4321 |
+- return rc; |
4322 |
++ smp_mb__before_atomic(); |
4323 |
++ clear_bit(BNX2X_STATE_FP_POLL_BIT, &fp->busy_poll_state); |
4324 |
+ } |
4325 |
+ |
4326 |
+-/* true if a socket is polling, even if it did not get the lock */ |
4327 |
++/* true if a socket is polling */ |
4328 |
+ static inline bool bnx2x_fp_ll_polling(struct bnx2x_fastpath *fp) |
4329 |
+ { |
4330 |
+- WARN_ON(!(fp->state & BNX2X_FP_OWNED)); |
4331 |
+- return fp->state & BNX2X_FP_USER_PEND; |
4332 |
++ return READ_ONCE(fp->busy_poll_state) & BNX2X_STATE_FP_POLL; |
4333 |
+ } |
4334 |
+ |
4335 |
+ /* false if fp is currently owned */ |
4336 |
+ static inline bool bnx2x_fp_ll_disable(struct bnx2x_fastpath *fp) |
4337 |
+ { |
4338 |
+- int rc = true; |
4339 |
+- |
4340 |
+- spin_lock_bh(&fp->lock); |
4341 |
+- if (fp->state & BNX2X_FP_OWNED) |
4342 |
+- rc = false; |
4343 |
+- fp->state |= BNX2X_FP_STATE_DISABLED; |
4344 |
+- spin_unlock_bh(&fp->lock); |
4345 |
++ set_bit(BNX2X_STATE_FP_DISABLE_BIT, &fp->busy_poll_state); |
4346 |
++ return !bnx2x_fp_ll_polling(fp); |
4347 |
+ |
4348 |
+- return rc; |
4349 |
+ } |
4350 |
+ #else |
4351 |
+-static inline void bnx2x_fp_init_lock(struct bnx2x_fastpath *fp) |
4352 |
++static inline void bnx2x_fp_busy_poll_init(struct bnx2x_fastpath *fp) |
4353 |
+ { |
4354 |
+ } |
4355 |
+ |
4356 |
+@@ -725,9 +692,8 @@ static inline bool bnx2x_fp_lock_napi(struct bnx2x_fastpath *fp) |
4357 |
+ return true; |
4358 |
+ } |
4359 |
+ |
4360 |
+-static inline bool bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
4361 |
++static inline void bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
4362 |
+ { |
4363 |
+- return false; |
4364 |
+ } |
4365 |
+ |
4366 |
+ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
4367 |
+@@ -735,9 +701,8 @@ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
4368 |
+ return false; |
4369 |
+ } |
4370 |
+ |
4371 |
+-static inline bool bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
4372 |
++static inline void bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
4373 |
+ { |
4374 |
+- return false; |
4375 |
+ } |
4376 |
+ |
4377 |
+ static inline bool bnx2x_fp_ll_polling(struct bnx2x_fastpath *fp) |
4378 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4379 |
+index e468ed3..2b8e8b2 100644 |
4380 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4381 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4382 |
+@@ -1849,7 +1849,7 @@ static void bnx2x_napi_enable_cnic(struct bnx2x *bp) |
4383 |
+ int i; |
4384 |
+ |
4385 |
+ for_each_rx_queue_cnic(bp, i) { |
4386 |
+- bnx2x_fp_init_lock(&bp->fp[i]); |
4387 |
++ bnx2x_fp_busy_poll_init(&bp->fp[i]); |
4388 |
+ napi_enable(&bnx2x_fp(bp, i, napi)); |
4389 |
+ } |
4390 |
+ } |
4391 |
+@@ -1859,7 +1859,7 @@ static void bnx2x_napi_enable(struct bnx2x *bp) |
4392 |
+ int i; |
4393 |
+ |
4394 |
+ for_each_eth_queue(bp, i) { |
4395 |
+- bnx2x_fp_init_lock(&bp->fp[i]); |
4396 |
++ bnx2x_fp_busy_poll_init(&bp->fp[i]); |
4397 |
+ napi_enable(&bnx2x_fp(bp, i, napi)); |
4398 |
+ } |
4399 |
+ } |
4400 |
+@@ -3191,9 +3191,10 @@ static int bnx2x_poll(struct napi_struct *napi, int budget) |
4401 |
+ } |
4402 |
+ } |
4403 |
+ |
4404 |
++ bnx2x_fp_unlock_napi(fp); |
4405 |
++ |
4406 |
+ /* Fall out from the NAPI loop if needed */ |
4407 |
+- if (!bnx2x_fp_unlock_napi(fp) && |
4408 |
+- !(bnx2x_has_rx_work(fp) || bnx2x_has_tx_work(fp))) { |
4409 |
++ if (!(bnx2x_has_rx_work(fp) || bnx2x_has_tx_work(fp))) { |
4410 |
+ |
4411 |
+ /* No need to update SB for FCoE L2 ring as long as |
4412 |
+ * it's connected to the default SB and the SB |
4413 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
4414 |
+index 96bf01b..05ae126 100644 |
4415 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
4416 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
4417 |
+@@ -17868,8 +17868,10 @@ static int tg3_init_one(struct pci_dev *pdev, |
4418 |
+ */ |
4419 |
+ if ((tr32(HOSTCC_MODE) & HOSTCC_MODE_ENABLE) || |
4420 |
+ (tr32(WDMAC_MODE) & WDMAC_MODE_ENABLE)) { |
4421 |
++ tg3_full_lock(tp, 0); |
4422 |
+ tw32(MEMARB_MODE, MEMARB_MODE_ENABLE); |
4423 |
+ tg3_halt(tp, RESET_KIND_SHUTDOWN, 1); |
4424 |
++ tg3_full_unlock(tp); |
4425 |
+ } |
4426 |
+ |
4427 |
+ err = tg3_test_dma(tp); |
4428 |
+diff --git a/drivers/net/ethernet/mellanox/mlx4/cmd.c b/drivers/net/ethernet/mellanox/mlx4/cmd.c |
4429 |
+index 5c93d14..9842bf9 100644 |
4430 |
+--- a/drivers/net/ethernet/mellanox/mlx4/cmd.c |
4431 |
++++ b/drivers/net/ethernet/mellanox/mlx4/cmd.c |
4432 |
+@@ -585,7 +585,8 @@ static int mlx4_cmd_wait(struct mlx4_dev *dev, u64 in_param, u64 *out_param, |
4433 |
+ * on the host, we deprecate the error message for this |
4434 |
+ * specific command/input_mod/opcode_mod/fw-status to be debug. |
4435 |
+ */ |
4436 |
+- if (op == MLX4_CMD_SET_PORT && in_modifier == 1 && |
4437 |
++ if (op == MLX4_CMD_SET_PORT && |
4438 |
++ (in_modifier == 1 || in_modifier == 2) && |
4439 |
+ op_modifier == 0 && context->fw_status == CMD_STAT_BAD_SIZE) |
4440 |
+ mlx4_dbg(dev, "command 0x%x failed: fw status = 0x%x\n", |
4441 |
+ op, context->fw_status); |
4442 |
+diff --git a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
4443 |
+index ac6a8f1..2617c9d 100644 |
4444 |
+--- a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
4445 |
++++ b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c |
4446 |
+@@ -2627,13 +2627,6 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, |
4447 |
+ netif_carrier_off(dev); |
4448 |
+ mlx4_en_set_default_moderation(priv); |
4449 |
+ |
4450 |
+- err = register_netdev(dev); |
4451 |
+- if (err) { |
4452 |
+- en_err(priv, "Netdev registration failed for port %d\n", port); |
4453 |
+- goto out; |
4454 |
+- } |
4455 |
+- priv->registered = 1; |
4456 |
+- |
4457 |
+ en_warn(priv, "Using %d TX rings\n", prof->tx_ring_num); |
4458 |
+ en_warn(priv, "Using %d RX rings\n", prof->rx_ring_num); |
4459 |
+ |
4460 |
+@@ -2673,6 +2666,14 @@ int mlx4_en_init_netdev(struct mlx4_en_dev *mdev, int port, |
4461 |
+ queue_delayed_work(mdev->workqueue, &priv->service_task, |
4462 |
+ SERVICE_TASK_DELAY); |
4463 |
+ |
4464 |
++ err = register_netdev(dev); |
4465 |
++ if (err) { |
4466 |
++ en_err(priv, "Netdev registration failed for port %d\n", port); |
4467 |
++ goto out; |
4468 |
++ } |
4469 |
++ |
4470 |
++ priv->registered = 1; |
4471 |
++ |
4472 |
+ return 0; |
4473 |
+ |
4474 |
+ out: |
4475 |
+diff --git a/drivers/net/ethernet/rocker/rocker.c b/drivers/net/ethernet/rocker/rocker.c |
4476 |
+index 2f398fa..24c0284 100644 |
4477 |
+--- a/drivers/net/ethernet/rocker/rocker.c |
4478 |
++++ b/drivers/net/ethernet/rocker/rocker.c |
4479 |
+@@ -4305,10 +4305,16 @@ static int rocker_port_master_changed(struct net_device *dev) |
4480 |
+ struct net_device *master = netdev_master_upper_dev_get(dev); |
4481 |
+ int err = 0; |
4482 |
+ |
4483 |
++ /* There are currently three cases handled here: |
4484 |
++ * 1. Joining a bridge |
4485 |
++ * 2. Leaving a previously joined bridge |
4486 |
++ * 3. Other, e.g. being added to or removed from a bond or openvswitch, |
4487 |
++ * in which case nothing is done |
4488 |
++ */ |
4489 |
+ if (master && master->rtnl_link_ops && |
4490 |
+ !strcmp(master->rtnl_link_ops->kind, "bridge")) |
4491 |
+ err = rocker_port_bridge_join(rocker_port, master); |
4492 |
+- else |
4493 |
++ else if (rocker_port_is_bridged(rocker_port)) |
4494 |
+ err = rocker_port_bridge_leave(rocker_port); |
4495 |
+ |
4496 |
+ return err; |
4497 |
+diff --git a/drivers/net/tun.c b/drivers/net/tun.c |
4498 |
+index 10f9e40..9a409a8 100644 |
4499 |
+--- a/drivers/net/tun.c |
4500 |
++++ b/drivers/net/tun.c |
4501 |
+@@ -1368,7 +1368,7 @@ static ssize_t tun_do_read(struct tun_struct *tun, struct tun_file *tfile, |
4502 |
+ skb = __skb_recv_datagram(tfile->socket.sk, noblock ? MSG_DONTWAIT : 0, |
4503 |
+ &peeked, &off, &err); |
4504 |
+ if (!skb) |
4505 |
+- return 0; |
4506 |
++ return err; |
4507 |
+ |
4508 |
+ ret = tun_put_user(tun, tfile, skb, to); |
4509 |
+ if (unlikely(ret < 0)) |
4510 |
+diff --git a/drivers/net/usb/asix_common.c b/drivers/net/usb/asix_common.c |
4511 |
+index 5c55f11..75d6f26 100644 |
4512 |
+--- a/drivers/net/usb/asix_common.c |
4513 |
++++ b/drivers/net/usb/asix_common.c |
4514 |
+@@ -188,6 +188,8 @@ struct sk_buff *asix_tx_fixup(struct usbnet *dev, struct sk_buff *skb, |
4515 |
+ memcpy(skb_tail_pointer(skb), &padbytes, sizeof(padbytes)); |
4516 |
+ skb_put(skb, sizeof(padbytes)); |
4517 |
+ } |
4518 |
++ |
4519 |
++ usbnet_set_skb_tx_stats(skb, 1, 0); |
4520 |
+ return skb; |
4521 |
+ } |
4522 |
+ |
4523 |
+diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c |
4524 |
+index 80a844e..c3e4da9 100644 |
4525 |
+--- a/drivers/net/usb/cdc_ncm.c |
4526 |
++++ b/drivers/net/usb/cdc_ncm.c |
4527 |
+@@ -1172,17 +1172,17 @@ cdc_ncm_fill_tx_frame(struct usbnet *dev, struct sk_buff *skb, __le32 sign) |
4528 |
+ |
4529 |
+ /* return skb */ |
4530 |
+ ctx->tx_curr_skb = NULL; |
4531 |
+- dev->net->stats.tx_packets += ctx->tx_curr_frame_num; |
4532 |
+ |
4533 |
+ /* keep private stats: framing overhead and number of NTBs */ |
4534 |
+ ctx->tx_overhead += skb_out->len - ctx->tx_curr_frame_payload; |
4535 |
+ ctx->tx_ntbs++; |
4536 |
+ |
4537 |
+- /* usbnet has already counted all the framing overhead. |
4538 |
++ /* usbnet will count all the framing overhead by default. |
4539 |
+ * Adjust the stats so that the tx_bytes counter show real |
4540 |
+ * payload data instead. |
4541 |
+ */ |
4542 |
+- dev->net->stats.tx_bytes -= skb_out->len - ctx->tx_curr_frame_payload; |
4543 |
++ usbnet_set_skb_tx_stats(skb_out, n, |
4544 |
++ ctx->tx_curr_frame_payload - skb_out->len); |
4545 |
+ |
4546 |
+ return skb_out; |
4547 |
+ |
4548 |
+diff --git a/drivers/net/usb/sr9800.c b/drivers/net/usb/sr9800.c |
4549 |
+index b94a0fb..953de13 100644 |
4550 |
+--- a/drivers/net/usb/sr9800.c |
4551 |
++++ b/drivers/net/usb/sr9800.c |
4552 |
+@@ -144,6 +144,7 @@ static struct sk_buff *sr_tx_fixup(struct usbnet *dev, struct sk_buff *skb, |
4553 |
+ skb_put(skb, sizeof(padbytes)); |
4554 |
+ } |
4555 |
+ |
4556 |
++ usbnet_set_skb_tx_stats(skb, 1, 0); |
4557 |
+ return skb; |
4558 |
+ } |
4559 |
+ |
4560 |
+diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c |
4561 |
+index 3a6770a..e7ed251 100644 |
4562 |
+--- a/drivers/net/usb/usbnet.c |
4563 |
++++ b/drivers/net/usb/usbnet.c |
4564 |
+@@ -1189,8 +1189,7 @@ static void tx_complete (struct urb *urb) |
4565 |
+ struct usbnet *dev = entry->dev; |
4566 |
+ |
4567 |
+ if (urb->status == 0) { |
4568 |
+- if (!(dev->driver_info->flags & FLAG_MULTI_PACKET)) |
4569 |
+- dev->net->stats.tx_packets++; |
4570 |
++ dev->net->stats.tx_packets += entry->packets; |
4571 |
+ dev->net->stats.tx_bytes += entry->length; |
4572 |
+ } else { |
4573 |
+ dev->net->stats.tx_errors++; |
4574 |
+@@ -1348,7 +1347,19 @@ netdev_tx_t usbnet_start_xmit (struct sk_buff *skb, |
4575 |
+ } else |
4576 |
+ urb->transfer_flags |= URB_ZERO_PACKET; |
4577 |
+ } |
4578 |
+- entry->length = urb->transfer_buffer_length = length; |
4579 |
++ urb->transfer_buffer_length = length; |
4580 |
++ |
4581 |
++ if (info->flags & FLAG_MULTI_PACKET) { |
4582 |
++ /* Driver has set number of packets and a length delta. |
4583 |
++ * Calculate the complete length and ensure that it's |
4584 |
++ * positive. |
4585 |
++ */ |
4586 |
++ entry->length += length; |
4587 |
++ if (WARN_ON_ONCE(entry->length <= 0)) |
4588 |
++ entry->length = length; |
4589 |
++ } else { |
4590 |
++ usbnet_set_skb_tx_stats(skb, 1, length); |
4591 |
++ } |
4592 |
+ |
4593 |
+ spin_lock_irqsave(&dev->txq.lock, flags); |
4594 |
+ retval = usb_autopm_get_interface_async(dev->intf); |
4595 |
+diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
4596 |
+index a8c755d..6c83846 100644 |
4597 |
+--- a/drivers/net/vxlan.c |
4598 |
++++ b/drivers/net/vxlan.c |
4599 |
+@@ -1578,12 +1578,6 @@ static int vxlan6_xmit_skb(struct vxlan_sock *vs, |
4600 |
+ int err; |
4601 |
+ bool udp_sum = !udp_get_no_check6_tx(vs->sock->sk); |
4602 |
+ |
4603 |
+- skb = udp_tunnel_handle_offloads(skb, udp_sum); |
4604 |
+- if (IS_ERR(skb)) { |
4605 |
+- err = -EINVAL; |
4606 |
+- goto err; |
4607 |
+- } |
4608 |
+- |
4609 |
+ skb_scrub_packet(skb, xnet); |
4610 |
+ |
4611 |
+ min_headroom = LL_RESERVED_SPACE(dst->dev) + dst->header_len |
4612 |
+@@ -1603,6 +1597,12 @@ static int vxlan6_xmit_skb(struct vxlan_sock *vs, |
4613 |
+ goto err; |
4614 |
+ } |
4615 |
+ |
4616 |
++ skb = udp_tunnel_handle_offloads(skb, udp_sum); |
4617 |
++ if (IS_ERR(skb)) { |
4618 |
++ err = -EINVAL; |
4619 |
++ goto err; |
4620 |
++ } |
4621 |
++ |
4622 |
+ vxh = (struct vxlanhdr *) __skb_push(skb, sizeof(*vxh)); |
4623 |
+ vxh->vx_flags = htonl(VXLAN_FLAGS); |
4624 |
+ vxh->vx_vni = vni; |
4625 |
+@@ -1628,10 +1628,6 @@ int vxlan_xmit_skb(struct vxlan_sock *vs, |
4626 |
+ int err; |
4627 |
+ bool udp_sum = !vs->sock->sk->sk_no_check_tx; |
4628 |
+ |
4629 |
+- skb = udp_tunnel_handle_offloads(skb, udp_sum); |
4630 |
+- if (IS_ERR(skb)) |
4631 |
+- return PTR_ERR(skb); |
4632 |
+- |
4633 |
+ min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len |
4634 |
+ + VXLAN_HLEN + sizeof(struct iphdr) |
4635 |
+ + (vlan_tx_tag_present(skb) ? VLAN_HLEN : 0); |
4636 |
+@@ -1647,6 +1643,10 @@ int vxlan_xmit_skb(struct vxlan_sock *vs, |
4637 |
+ if (WARN_ON(!skb)) |
4638 |
+ return -ENOMEM; |
4639 |
+ |
4640 |
++ skb = udp_tunnel_handle_offloads(skb, udp_sum); |
4641 |
++ if (IS_ERR(skb)) |
4642 |
++ return PTR_ERR(skb); |
4643 |
++ |
4644 |
+ vxh = (struct vxlanhdr *) __skb_push(skb, sizeof(*vxh)); |
4645 |
+ vxh->vx_flags = htonl(VXLAN_FLAGS); |
4646 |
+ vxh->vx_vni = vni; |
4647 |
+diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c |
4648 |
+index a5186bb..8c45cf4 100644 |
4649 |
+--- a/drivers/net/wireless/rtlwifi/pci.c |
4650 |
++++ b/drivers/net/wireless/rtlwifi/pci.c |
4651 |
+@@ -578,6 +578,13 @@ static void _rtl_pci_tx_isr(struct ieee80211_hw *hw, int prio) |
4652 |
+ else |
4653 |
+ entry = (u8 *)(&ring->desc[ring->idx]); |
4654 |
+ |
4655 |
++ if (rtlpriv->cfg->ops->get_available_desc && |
4656 |
++ rtlpriv->cfg->ops->get_available_desc(hw, prio) <= 1) { |
4657 |
++ RT_TRACE(rtlpriv, (COMP_INTR | COMP_SEND), DBG_DMESG, |
4658 |
++ "no available desc!\n"); |
4659 |
++ return; |
4660 |
++ } |
4661 |
++ |
4662 |
+ if (!rtlpriv->cfg->ops->is_tx_desc_closed(hw, prio, ring->idx)) |
4663 |
+ return; |
4664 |
+ ring->idx = (ring->idx + 1) % ring->entries; |
4665 |
+@@ -641,10 +648,9 @@ static void _rtl_pci_tx_isr(struct ieee80211_hw *hw, int prio) |
4666 |
+ |
4667 |
+ ieee80211_tx_status_irqsafe(hw, skb); |
4668 |
+ |
4669 |
+- if ((ring->entries - skb_queue_len(&ring->queue)) |
4670 |
+- == 2) { |
4671 |
++ if ((ring->entries - skb_queue_len(&ring->queue)) <= 4) { |
4672 |
+ |
4673 |
+- RT_TRACE(rtlpriv, COMP_ERR, DBG_LOUD, |
4674 |
++ RT_TRACE(rtlpriv, COMP_ERR, DBG_DMESG, |
4675 |
+ "more desc left, wake skb_queue@%d, ring->idx = %d, skb_queue_len = 0x%x\n", |
4676 |
+ prio, ring->idx, |
4677 |
+ skb_queue_len(&ring->queue)); |
4678 |
+@@ -793,7 +799,7 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw) |
4679 |
+ rx_remained_cnt = |
4680 |
+ rtlpriv->cfg->ops->rx_desc_buff_remained_cnt(hw, |
4681 |
+ hw_queue); |
4682 |
+- if (rx_remained_cnt < 1) |
4683 |
++ if (rx_remained_cnt == 0) |
4684 |
+ return; |
4685 |
+ |
4686 |
+ } else { /* rx descriptor */ |
4687 |
+@@ -845,18 +851,18 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw) |
4688 |
+ else |
4689 |
+ skb_reserve(skb, stats.rx_drvinfo_size + |
4690 |
+ stats.rx_bufshift); |
4691 |
+- |
4692 |
+ } else { |
4693 |
+ RT_TRACE(rtlpriv, COMP_ERR, DBG_WARNING, |
4694 |
+ "skb->end - skb->tail = %d, len is %d\n", |
4695 |
+ skb->end - skb->tail, len); |
4696 |
+- break; |
4697 |
++ dev_kfree_skb_any(skb); |
4698 |
++ goto new_trx_end; |
4699 |
+ } |
4700 |
+ /* handle command packet here */ |
4701 |
+ if (rtlpriv->cfg->ops->rx_command_packet && |
4702 |
+ rtlpriv->cfg->ops->rx_command_packet(hw, stats, skb)) { |
4703 |
+ dev_kfree_skb_any(skb); |
4704 |
+- goto end; |
4705 |
++ goto new_trx_end; |
4706 |
+ } |
4707 |
+ |
4708 |
+ /* |
4709 |
+@@ -906,6 +912,7 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw) |
4710 |
+ } else { |
4711 |
+ dev_kfree_skb_any(skb); |
4712 |
+ } |
4713 |
++new_trx_end: |
4714 |
+ if (rtlpriv->use_new_trx_flow) { |
4715 |
+ rtlpci->rx_ring[hw_queue].next_rx_rp += 1; |
4716 |
+ rtlpci->rx_ring[hw_queue].next_rx_rp %= |
4717 |
+@@ -921,7 +928,6 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw) |
4718 |
+ rtlpriv->enter_ps = false; |
4719 |
+ schedule_work(&rtlpriv->works.lps_change_work); |
4720 |
+ } |
4721 |
+-end: |
4722 |
+ skb = new_skb; |
4723 |
+ no_new: |
4724 |
+ if (rtlpriv->use_new_trx_flow) { |
4725 |
+@@ -1695,6 +1701,15 @@ static int rtl_pci_tx(struct ieee80211_hw *hw, |
4726 |
+ } |
4727 |
+ } |
4728 |
+ |
4729 |
++ if (rtlpriv->cfg->ops->get_available_desc && |
4730 |
++ rtlpriv->cfg->ops->get_available_desc(hw, hw_queue) == 0) { |
4731 |
++ RT_TRACE(rtlpriv, COMP_ERR, DBG_WARNING, |
4732 |
++ "get_available_desc fail\n"); |
4733 |
++ spin_unlock_irqrestore(&rtlpriv->locks.irq_th_lock, |
4734 |
++ flags); |
4735 |
++ return skb->len; |
4736 |
++ } |
4737 |
++ |
4738 |
+ if (ieee80211_is_data_qos(fc)) { |
4739 |
+ tid = rtl_get_tid(skb); |
4740 |
+ if (sta) { |
4741 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8192ee/sw.c b/drivers/net/wireless/rtlwifi/rtl8192ee/sw.c |
4742 |
+index 9b5a7d5..c31c6bf 100644 |
4743 |
+--- a/drivers/net/wireless/rtlwifi/rtl8192ee/sw.c |
4744 |
++++ b/drivers/net/wireless/rtlwifi/rtl8192ee/sw.c |
4745 |
+@@ -113,8 +113,6 @@ int rtl92ee_init_sw_vars(struct ieee80211_hw *hw) |
4746 |
+ RCR_HTC_LOC_CTRL | |
4747 |
+ RCR_AMF | |
4748 |
+ RCR_ACF | |
4749 |
+- RCR_ADF | |
4750 |
+- RCR_AICV | |
4751 |
+ RCR_ACRC32 | |
4752 |
+ RCR_AB | |
4753 |
+ RCR_AM | |
4754 |
+@@ -241,6 +239,7 @@ static struct rtl_hal_ops rtl8192ee_hal_ops = { |
4755 |
+ .set_desc = rtl92ee_set_desc, |
4756 |
+ .get_desc = rtl92ee_get_desc, |
4757 |
+ .is_tx_desc_closed = rtl92ee_is_tx_desc_closed, |
4758 |
++ .get_available_desc = rtl92ee_get_available_desc, |
4759 |
+ .tx_polling = rtl92ee_tx_polling, |
4760 |
+ .enable_hw_sec = rtl92ee_enable_hw_security_config, |
4761 |
+ .set_key = rtl92ee_set_key, |
4762 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8192ee/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ee/trx.c |
4763 |
+index 0069004..1f6d160 100644 |
4764 |
+--- a/drivers/net/wireless/rtlwifi/rtl8192ee/trx.c |
4765 |
++++ b/drivers/net/wireless/rtlwifi/rtl8192ee/trx.c |
4766 |
+@@ -707,7 +707,7 @@ static u16 get_desc_addr_fr_q_idx(u16 queue_index) |
4767 |
+ return desc_address; |
4768 |
+ } |
4769 |
+ |
4770 |
+-void rtl92ee_get_available_desc(struct ieee80211_hw *hw, u8 q_idx) |
4771 |
++u16 rtl92ee_get_available_desc(struct ieee80211_hw *hw, u8 q_idx) |
4772 |
+ { |
4773 |
+ struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw)); |
4774 |
+ struct rtl_priv *rtlpriv = rtl_priv(hw); |
4775 |
+@@ -721,11 +721,12 @@ void rtl92ee_get_available_desc(struct ieee80211_hw *hw, u8 q_idx) |
4776 |
+ current_tx_write_point = (u16)((tmp_4byte) & 0x0fff); |
4777 |
+ |
4778 |
+ point_diff = ((current_tx_read_point > current_tx_write_point) ? |
4779 |
+- (current_tx_read_point - current_tx_write_point) : |
4780 |
+- (TX_DESC_NUM_92E - current_tx_write_point + |
4781 |
++ (current_tx_read_point - current_tx_write_point - 1) : |
4782 |
++ (TX_DESC_NUM_92E - 1 - current_tx_write_point + |
4783 |
+ current_tx_read_point)); |
4784 |
+ |
4785 |
+ rtlpci->tx_ring[q_idx].avl_desc = point_diff; |
4786 |
++ return point_diff; |
4787 |
+ } |
4788 |
+ |
4789 |
+ void rtl92ee_pre_fill_tx_bd_desc(struct ieee80211_hw *hw, |
4790 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8192ee/trx.h b/drivers/net/wireless/rtlwifi/rtl8192ee/trx.h |
4791 |
+index 8effef9..b489dd9 100644 |
4792 |
+--- a/drivers/net/wireless/rtlwifi/rtl8192ee/trx.h |
4793 |
++++ b/drivers/net/wireless/rtlwifi/rtl8192ee/trx.h |
4794 |
+@@ -831,7 +831,7 @@ void rtl92ee_rx_check_dma_ok(struct ieee80211_hw *hw, u8 *header_desc, |
4795 |
+ u8 queue_index); |
4796 |
+ u16 rtl92ee_rx_desc_buff_remained_cnt(struct ieee80211_hw *hw, |
4797 |
+ u8 queue_index); |
4798 |
+-void rtl92ee_get_available_desc(struct ieee80211_hw *hw, u8 queue_index); |
4799 |
++u16 rtl92ee_get_available_desc(struct ieee80211_hw *hw, u8 queue_index); |
4800 |
+ void rtl92ee_pre_fill_tx_bd_desc(struct ieee80211_hw *hw, |
4801 |
+ u8 *tx_bd_desc, u8 *desc, u8 queue_index, |
4802 |
+ struct sk_buff *skb, dma_addr_t addr); |
4803 |
+diff --git a/drivers/net/wireless/rtlwifi/wifi.h b/drivers/net/wireless/rtlwifi/wifi.h |
4804 |
+index 6866dcf..27822fe 100644 |
4805 |
+--- a/drivers/net/wireless/rtlwifi/wifi.h |
4806 |
++++ b/drivers/net/wireless/rtlwifi/wifi.h |
4807 |
+@@ -2161,6 +2161,7 @@ struct rtl_hal_ops { |
4808 |
+ void (*add_wowlan_pattern)(struct ieee80211_hw *hw, |
4809 |
+ struct rtl_wow_pattern *rtl_pattern, |
4810 |
+ u8 index); |
4811 |
++ u16 (*get_available_desc)(struct ieee80211_hw *hw, u8 q_idx); |
4812 |
+ }; |
4813 |
+ |
4814 |
+ struct rtl_intf_ops { |
4815 |
+diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c |
4816 |
+index d8c1076..76ce69c 100644 |
4817 |
+--- a/drivers/net/xen-netfront.c |
4818 |
++++ b/drivers/net/xen-netfront.c |
4819 |
+@@ -1062,8 +1062,7 @@ err: |
4820 |
+ |
4821 |
+ static int xennet_change_mtu(struct net_device *dev, int mtu) |
4822 |
+ { |
4823 |
+- int max = xennet_can_sg(dev) ? |
4824 |
+- XEN_NETIF_MAX_TX_SIZE - MAX_TCP_HEADER : ETH_DATA_LEN; |
4825 |
++ int max = xennet_can_sg(dev) ? XEN_NETIF_MAX_TX_SIZE : ETH_DATA_LEN; |
4826 |
+ |
4827 |
+ if (mtu > max) |
4828 |
+ return -EINVAL; |
4829 |
+@@ -1333,8 +1332,6 @@ static struct net_device *xennet_create_dev(struct xenbus_device *dev) |
4830 |
+ netdev->ethtool_ops = &xennet_ethtool_ops; |
4831 |
+ SET_NETDEV_DEV(netdev, &dev->dev); |
4832 |
+ |
4833 |
+- netif_set_gso_max_size(netdev, XEN_NETIF_MAX_TX_SIZE - MAX_TCP_HEADER); |
4834 |
+- |
4835 |
+ np->netdev = netdev; |
4836 |
+ |
4837 |
+ netif_carrier_off(netdev); |
4838 |
+diff --git a/drivers/staging/comedi/drivers/adv_pci1710.c b/drivers/staging/comedi/drivers/adv_pci1710.c |
4839 |
+index d02df7d..57b7bc2 100644 |
4840 |
+--- a/drivers/staging/comedi/drivers/adv_pci1710.c |
4841 |
++++ b/drivers/staging/comedi/drivers/adv_pci1710.c |
4842 |
+@@ -455,7 +455,6 @@ static int pci171x_insn_read_ai(struct comedi_device *dev, |
4843 |
+ struct comedi_insn *insn, unsigned int *data) |
4844 |
+ { |
4845 |
+ struct pci1710_private *devpriv = dev->private; |
4846 |
+- unsigned int chan = CR_CHAN(insn->chanspec); |
4847 |
+ int ret = 0; |
4848 |
+ int i; |
4849 |
+ |
4850 |
+@@ -477,7 +476,7 @@ static int pci171x_insn_read_ai(struct comedi_device *dev, |
4851 |
+ break; |
4852 |
+ |
4853 |
+ val = inw(dev->iobase + PCI171x_AD_DATA); |
4854 |
+- ret = pci171x_ai_dropout(dev, s, chan, val); |
4855 |
++ ret = pci171x_ai_dropout(dev, s, 0, val); |
4856 |
+ if (ret) |
4857 |
+ break; |
4858 |
+ |
4859 |
+diff --git a/fs/exec.c b/fs/exec.c |
4860 |
+index ad8798e..4617a4e 100644 |
4861 |
+--- a/fs/exec.c |
4862 |
++++ b/fs/exec.c |
4863 |
+@@ -1259,6 +1259,53 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
4864 |
+ spin_unlock(&p->fs->lock); |
4865 |
+ } |
4866 |
+ |
4867 |
++static void bprm_fill_uid(struct linux_binprm *bprm) |
4868 |
++{ |
4869 |
++ struct inode *inode; |
4870 |
++ unsigned int mode; |
4871 |
++ kuid_t uid; |
4872 |
++ kgid_t gid; |
4873 |
++ |
4874 |
++ /* clear any previous set[ug]id data from a previous binary */ |
4875 |
++ bprm->cred->euid = current_euid(); |
4876 |
++ bprm->cred->egid = current_egid(); |
4877 |
++ |
4878 |
++ if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) |
4879 |
++ return; |
4880 |
++ |
4881 |
++ if (task_no_new_privs(current)) |
4882 |
++ return; |
4883 |
++ |
4884 |
++ inode = file_inode(bprm->file); |
4885 |
++ mode = READ_ONCE(inode->i_mode); |
4886 |
++ if (!(mode & (S_ISUID|S_ISGID))) |
4887 |
++ return; |
4888 |
++ |
4889 |
++ /* Be careful if suid/sgid is set */ |
4890 |
++ mutex_lock(&inode->i_mutex); |
4891 |
++ |
4892 |
++ /* reload atomically mode/uid/gid now that lock held */ |
4893 |
++ mode = inode->i_mode; |
4894 |
++ uid = inode->i_uid; |
4895 |
++ gid = inode->i_gid; |
4896 |
++ mutex_unlock(&inode->i_mutex); |
4897 |
++ |
4898 |
++ /* We ignore suid/sgid if there are no mappings for them in the ns */ |
4899 |
++ if (!kuid_has_mapping(bprm->cred->user_ns, uid) || |
4900 |
++ !kgid_has_mapping(bprm->cred->user_ns, gid)) |
4901 |
++ return; |
4902 |
++ |
4903 |
++ if (mode & S_ISUID) { |
4904 |
++ bprm->per_clear |= PER_CLEAR_ON_SETID; |
4905 |
++ bprm->cred->euid = uid; |
4906 |
++ } |
4907 |
++ |
4908 |
++ if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
4909 |
++ bprm->per_clear |= PER_CLEAR_ON_SETID; |
4910 |
++ bprm->cred->egid = gid; |
4911 |
++ } |
4912 |
++} |
4913 |
++ |
4914 |
+ /* |
4915 |
+ * Fill the binprm structure from the inode. |
4916 |
+ * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes |
4917 |
+@@ -1267,36 +1314,9 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
4918 |
+ */ |
4919 |
+ int prepare_binprm(struct linux_binprm *bprm) |
4920 |
+ { |
4921 |
+- struct inode *inode = file_inode(bprm->file); |
4922 |
+- umode_t mode = inode->i_mode; |
4923 |
+ int retval; |
4924 |
+ |
4925 |
+- |
4926 |
+- /* clear any previous set[ug]id data from a previous binary */ |
4927 |
+- bprm->cred->euid = current_euid(); |
4928 |
+- bprm->cred->egid = current_egid(); |
4929 |
+- |
4930 |
+- if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) && |
4931 |
+- !task_no_new_privs(current) && |
4932 |
+- kuid_has_mapping(bprm->cred->user_ns, inode->i_uid) && |
4933 |
+- kgid_has_mapping(bprm->cred->user_ns, inode->i_gid)) { |
4934 |
+- /* Set-uid? */ |
4935 |
+- if (mode & S_ISUID) { |
4936 |
+- bprm->per_clear |= PER_CLEAR_ON_SETID; |
4937 |
+- bprm->cred->euid = inode->i_uid; |
4938 |
+- } |
4939 |
+- |
4940 |
+- /* Set-gid? */ |
4941 |
+- /* |
4942 |
+- * If setgid is set but no group execute bit then this |
4943 |
+- * is a candidate for mandatory locking, not a setgid |
4944 |
+- * executable. |
4945 |
+- */ |
4946 |
+- if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
4947 |
+- bprm->per_clear |= PER_CLEAR_ON_SETID; |
4948 |
+- bprm->cred->egid = inode->i_gid; |
4949 |
+- } |
4950 |
+- } |
4951 |
++ bprm_fill_uid(bprm); |
4952 |
+ |
4953 |
+ /* fill in binprm security blob */ |
4954 |
+ retval = security_bprm_set_creds(bprm); |
4955 |
+diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h |
4956 |
+index 431b7fc..e235ec5 100644 |
4957 |
+--- a/include/linux/hugetlb.h |
4958 |
++++ b/include/linux/hugetlb.h |
4959 |
+@@ -99,9 +99,9 @@ int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep); |
4960 |
+ struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address, |
4961 |
+ int write); |
4962 |
+ struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
4963 |
+- pmd_t *pmd, int write); |
4964 |
++ pmd_t *pmd, int flags); |
4965 |
+ struct page *follow_huge_pud(struct mm_struct *mm, unsigned long address, |
4966 |
+- pud_t *pud, int write); |
4967 |
++ pud_t *pud, int flags); |
4968 |
+ int pmd_huge(pmd_t pmd); |
4969 |
+ int pud_huge(pud_t pmd); |
4970 |
+ unsigned long hugetlb_change_protection(struct vm_area_struct *vma, |
4971 |
+@@ -133,8 +133,8 @@ static inline void hugetlb_report_meminfo(struct seq_file *m) |
4972 |
+ static inline void hugetlb_show_meminfo(void) |
4973 |
+ { |
4974 |
+ } |
4975 |
+-#define follow_huge_pmd(mm, addr, pmd, write) NULL |
4976 |
+-#define follow_huge_pud(mm, addr, pud, write) NULL |
4977 |
++#define follow_huge_pmd(mm, addr, pmd, flags) NULL |
4978 |
++#define follow_huge_pud(mm, addr, pud, flags) NULL |
4979 |
+ #define prepare_hugepage_range(file, addr, len) (-EINVAL) |
4980 |
+ #define pmd_huge(x) 0 |
4981 |
+ #define pud_huge(x) 0 |
4982 |
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
4983 |
+index 52fd8e8..840fb7f 100644 |
4984 |
+--- a/include/linux/netdevice.h |
4985 |
++++ b/include/linux/netdevice.h |
4986 |
+@@ -2159,6 +2159,12 @@ void netdev_freemem(struct net_device *dev); |
4987 |
+ void synchronize_net(void); |
4988 |
+ int init_dummy_netdev(struct net_device *dev); |
4989 |
+ |
4990 |
++DECLARE_PER_CPU(int, xmit_recursion); |
4991 |
++static inline int dev_recursion_level(void) |
4992 |
++{ |
4993 |
++ return this_cpu_read(xmit_recursion); |
4994 |
++} |
4995 |
++ |
4996 |
+ struct net_device *dev_get_by_index(struct net *net, int ifindex); |
4997 |
+ struct net_device *__dev_get_by_index(struct net *net, int ifindex); |
4998 |
+ struct net_device *dev_get_by_index_rcu(struct net *net, int ifindex); |
4999 |
+diff --git a/include/linux/swapops.h b/include/linux/swapops.h |
5000 |
+index 6adfb7b..e288d5c 100644 |
5001 |
+--- a/include/linux/swapops.h |
5002 |
++++ b/include/linux/swapops.h |
5003 |
+@@ -137,6 +137,8 @@ static inline void make_migration_entry_read(swp_entry_t *entry) |
5004 |
+ *entry = swp_entry(SWP_MIGRATION_READ, swp_offset(*entry)); |
5005 |
+ } |
5006 |
+ |
5007 |
++extern void __migration_entry_wait(struct mm_struct *mm, pte_t *ptep, |
5008 |
++ spinlock_t *ptl); |
5009 |
+ extern void migration_entry_wait(struct mm_struct *mm, pmd_t *pmd, |
5010 |
+ unsigned long address); |
5011 |
+ extern void migration_entry_wait_huge(struct vm_area_struct *vma, |
5012 |
+@@ -150,6 +152,8 @@ static inline int is_migration_entry(swp_entry_t swp) |
5013 |
+ } |
5014 |
+ #define migration_entry_to_page(swp) NULL |
5015 |
+ static inline void make_migration_entry_read(swp_entry_t *entryp) { } |
5016 |
++static inline void __migration_entry_wait(struct mm_struct *mm, pte_t *ptep, |
5017 |
++ spinlock_t *ptl) { } |
5018 |
+ static inline void migration_entry_wait(struct mm_struct *mm, pmd_t *pmd, |
5019 |
+ unsigned long address) { } |
5020 |
+ static inline void migration_entry_wait_huge(struct vm_area_struct *vma, |
5021 |
+diff --git a/include/linux/usb/usbnet.h b/include/linux/usb/usbnet.h |
5022 |
+index d9a4905..6e0ce8c 100644 |
5023 |
+--- a/include/linux/usb/usbnet.h |
5024 |
++++ b/include/linux/usb/usbnet.h |
5025 |
+@@ -227,9 +227,23 @@ struct skb_data { /* skb->cb is one of these */ |
5026 |
+ struct urb *urb; |
5027 |
+ struct usbnet *dev; |
5028 |
+ enum skb_state state; |
5029 |
+- size_t length; |
5030 |
++ long length; |
5031 |
++ unsigned long packets; |
5032 |
+ }; |
5033 |
+ |
5034 |
++/* Drivers that set FLAG_MULTI_PACKET must call this in their |
5035 |
++ * tx_fixup method before returning an skb. |
5036 |
++ */ |
5037 |
++static inline void |
5038 |
++usbnet_set_skb_tx_stats(struct sk_buff *skb, |
5039 |
++ unsigned long packets, long bytes_delta) |
5040 |
++{ |
5041 |
++ struct skb_data *entry = (struct skb_data *) skb->cb; |
5042 |
++ |
5043 |
++ entry->packets = packets; |
5044 |
++ entry->length = bytes_delta; |
5045 |
++} |
5046 |
++ |
5047 |
+ extern int usbnet_open(struct net_device *net); |
5048 |
+ extern int usbnet_stop(struct net_device *net); |
5049 |
+ extern netdev_tx_t usbnet_start_xmit(struct sk_buff *skb, |
5050 |
+diff --git a/include/net/ip.h b/include/net/ip.h |
5051 |
+index 09cf5ae..c0c26c3 100644 |
5052 |
+--- a/include/net/ip.h |
5053 |
++++ b/include/net/ip.h |
5054 |
+@@ -453,22 +453,6 @@ static __inline__ void inet_reset_saddr(struct sock *sk) |
5055 |
+ |
5056 |
+ #endif |
5057 |
+ |
5058 |
+-static inline int sk_mc_loop(struct sock *sk) |
5059 |
+-{ |
5060 |
+- if (!sk) |
5061 |
+- return 1; |
5062 |
+- switch (sk->sk_family) { |
5063 |
+- case AF_INET: |
5064 |
+- return inet_sk(sk)->mc_loop; |
5065 |
+-#if IS_ENABLED(CONFIG_IPV6) |
5066 |
+- case AF_INET6: |
5067 |
+- return inet6_sk(sk)->mc_loop; |
5068 |
+-#endif |
5069 |
+- } |
5070 |
+- WARN_ON(1); |
5071 |
+- return 1; |
5072 |
+-} |
5073 |
+- |
5074 |
+ bool ip_call_ra_chain(struct sk_buff *skb); |
5075 |
+ |
5076 |
+ /* |
5077 |
+diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h |
5078 |
+index 1d09b46..eda131d 100644 |
5079 |
+--- a/include/net/ip6_route.h |
5080 |
++++ b/include/net/ip6_route.h |
5081 |
+@@ -174,7 +174,8 @@ int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); |
5082 |
+ |
5083 |
+ static inline int ip6_skb_dst_mtu(struct sk_buff *skb) |
5084 |
+ { |
5085 |
+- struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL; |
5086 |
++ struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ? |
5087 |
++ inet6_sk(skb->sk) : NULL; |
5088 |
+ |
5089 |
+ return (np && np->pmtudisc >= IPV6_PMTUDISC_PROBE) ? |
5090 |
+ skb_dst(skb)->dev->mtu : dst_mtu(skb_dst(skb)); |
5091 |
+diff --git a/include/net/sock.h b/include/net/sock.h |
5092 |
+index 2210fec..45b54d3 100644 |
5093 |
+--- a/include/net/sock.h |
5094 |
++++ b/include/net/sock.h |
5095 |
+@@ -1812,6 +1812,8 @@ struct dst_entry *__sk_dst_check(struct sock *sk, u32 cookie); |
5096 |
+ |
5097 |
+ struct dst_entry *sk_dst_check(struct sock *sk, u32 cookie); |
5098 |
+ |
5099 |
++bool sk_mc_loop(struct sock *sk); |
5100 |
++ |
5101 |
+ static inline bool sk_can_gso(const struct sock *sk) |
5102 |
+ { |
5103 |
+ return net_gso_ok(sk->sk_route_caps, sk->sk_gso_type); |
5104 |
+diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c |
5105 |
+index a28e09c..36508e6 100644 |
5106 |
+--- a/kernel/bpf/verifier.c |
5107 |
++++ b/kernel/bpf/verifier.c |
5108 |
+@@ -1380,7 +1380,8 @@ peek_stack: |
5109 |
+ /* tell verifier to check for equivalent states |
5110 |
+ * after every call and jump |
5111 |
+ */ |
5112 |
+- env->explored_states[t + 1] = STATE_LIST_MARK; |
5113 |
++ if (t + 1 < insn_cnt) |
5114 |
++ env->explored_states[t + 1] = STATE_LIST_MARK; |
5115 |
+ } else { |
5116 |
+ /* conditional jump with two edges */ |
5117 |
+ ret = push_insn(t, t + 1, FALLTHROUGH, env); |
5118 |
+diff --git a/mm/gup.c b/mm/gup.c |
5119 |
+index 9b2afbf..e29c374 100644 |
5120 |
+--- a/mm/gup.c |
5121 |
++++ b/mm/gup.c |
5122 |
+@@ -167,10 +167,10 @@ struct page *follow_page_mask(struct vm_area_struct *vma, |
5123 |
+ if (pud_none(*pud)) |
5124 |
+ return no_page_table(vma, flags); |
5125 |
+ if (pud_huge(*pud) && vma->vm_flags & VM_HUGETLB) { |
5126 |
+- if (flags & FOLL_GET) |
5127 |
+- return NULL; |
5128 |
+- page = follow_huge_pud(mm, address, pud, flags & FOLL_WRITE); |
5129 |
+- return page; |
5130 |
++ page = follow_huge_pud(mm, address, pud, flags); |
5131 |
++ if (page) |
5132 |
++ return page; |
5133 |
++ return no_page_table(vma, flags); |
5134 |
+ } |
5135 |
+ if (unlikely(pud_bad(*pud))) |
5136 |
+ return no_page_table(vma, flags); |
5137 |
+@@ -179,19 +179,10 @@ struct page *follow_page_mask(struct vm_area_struct *vma, |
5138 |
+ if (pmd_none(*pmd)) |
5139 |
+ return no_page_table(vma, flags); |
5140 |
+ if (pmd_huge(*pmd) && vma->vm_flags & VM_HUGETLB) { |
5141 |
+- page = follow_huge_pmd(mm, address, pmd, flags & FOLL_WRITE); |
5142 |
+- if (flags & FOLL_GET) { |
5143 |
+- /* |
5144 |
+- * Refcount on tail pages are not well-defined and |
5145 |
+- * shouldn't be taken. The caller should handle a NULL |
5146 |
+- * return when trying to follow tail pages. |
5147 |
+- */ |
5148 |
+- if (PageHead(page)) |
5149 |
+- get_page(page); |
5150 |
+- else |
5151 |
+- page = NULL; |
5152 |
+- } |
5153 |
+- return page; |
5154 |
++ page = follow_huge_pmd(mm, address, pmd, flags); |
5155 |
++ if (page) |
5156 |
++ return page; |
5157 |
++ return no_page_table(vma, flags); |
5158 |
+ } |
5159 |
+ if ((flags & FOLL_NUMA) && pmd_numa(*pmd)) |
5160 |
+ return no_page_table(vma, flags); |
5161 |
+diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
5162 |
+index 267e419..a2bfd02 100644 |
5163 |
+--- a/mm/hugetlb.c |
5164 |
++++ b/mm/hugetlb.c |
5165 |
+@@ -3700,44 +3700,64 @@ pte_t *huge_pte_offset(struct mm_struct *mm, unsigned long addr) |
5166 |
+ return (pte_t *) pmd; |
5167 |
+ } |
5168 |
+ |
5169 |
+-struct page * |
5170 |
+-follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
5171 |
+- pmd_t *pmd, int write) |
5172 |
+-{ |
5173 |
+- struct page *page; |
5174 |
++#endif /* CONFIG_ARCH_WANT_GENERAL_HUGETLB */ |
5175 |
+ |
5176 |
+- if (!pmd_present(*pmd)) |
5177 |
+- return NULL; |
5178 |
+- page = pte_page(*(pte_t *)pmd); |
5179 |
+- if (page) |
5180 |
+- page += ((address & ~PMD_MASK) >> PAGE_SHIFT); |
5181 |
+- return page; |
5182 |
++/* |
5183 |
++ * These functions are overwritable if your architecture needs its own |
5184 |
++ * behavior. |
5185 |
++ */ |
5186 |
++struct page * __weak |
5187 |
++follow_huge_addr(struct mm_struct *mm, unsigned long address, |
5188 |
++ int write) |
5189 |
++{ |
5190 |
++ return ERR_PTR(-EINVAL); |
5191 |
+ } |
5192 |
+ |
5193 |
+-struct page * |
5194 |
+-follow_huge_pud(struct mm_struct *mm, unsigned long address, |
5195 |
+- pud_t *pud, int write) |
5196 |
++struct page * __weak |
5197 |
++follow_huge_pmd(struct mm_struct *mm, unsigned long address, |
5198 |
++ pmd_t *pmd, int flags) |
5199 |
+ { |
5200 |
+- struct page *page; |
5201 |
+- |
5202 |
+- page = pte_page(*(pte_t *)pud); |
5203 |
+- if (page) |
5204 |
+- page += ((address & ~PUD_MASK) >> PAGE_SHIFT); |
5205 |
++ struct page *page = NULL; |
5206 |
++ spinlock_t *ptl; |
5207 |
++retry: |
5208 |
++ ptl = pmd_lockptr(mm, pmd); |
5209 |
++ spin_lock(ptl); |
5210 |
++ /* |
5211 |
++ * make sure that the address range covered by this pmd is not |
5212 |
++ * unmapped from other threads. |
5213 |
++ */ |
5214 |
++ if (!pmd_huge(*pmd)) |
5215 |
++ goto out; |
5216 |
++ if (pmd_present(*pmd)) { |
5217 |
++ page = pte_page(*(pte_t *)pmd) + |
5218 |
++ ((address & ~PMD_MASK) >> PAGE_SHIFT); |
5219 |
++ if (flags & FOLL_GET) |
5220 |
++ get_page(page); |
5221 |
++ } else { |
5222 |
++ if (is_hugetlb_entry_migration(huge_ptep_get((pte_t *)pmd))) { |
5223 |
++ spin_unlock(ptl); |
5224 |
++ __migration_entry_wait(mm, (pte_t *)pmd, ptl); |
5225 |
++ goto retry; |
5226 |
++ } |
5227 |
++ /* |
5228 |
++ * hwpoisoned entry is treated as no_page_table in |
5229 |
++ * follow_page_mask(). |
5230 |
++ */ |
5231 |
++ } |
5232 |
++out: |
5233 |
++ spin_unlock(ptl); |
5234 |
+ return page; |
5235 |
+ } |
5236 |
+ |
5237 |
+-#else /* !CONFIG_ARCH_WANT_GENERAL_HUGETLB */ |
5238 |
+- |
5239 |
+-/* Can be overriden by architectures */ |
5240 |
+ struct page * __weak |
5241 |
+ follow_huge_pud(struct mm_struct *mm, unsigned long address, |
5242 |
+- pud_t *pud, int write) |
5243 |
++ pud_t *pud, int flags) |
5244 |
+ { |
5245 |
+- BUG(); |
5246 |
+- return NULL; |
5247 |
+-} |
5248 |
++ if (flags & FOLL_GET) |
5249 |
++ return NULL; |
5250 |
+ |
5251 |
+-#endif /* CONFIG_ARCH_WANT_GENERAL_HUGETLB */ |
5252 |
++ return pte_page(*(pte_t *)pud) + ((address & ~PUD_MASK) >> PAGE_SHIFT); |
5253 |
++} |
5254 |
+ |
5255 |
+ #ifdef CONFIG_MEMORY_FAILURE |
5256 |
+ |
5257 |
+diff --git a/mm/migrate.c b/mm/migrate.c |
5258 |
+index 344cdf6..be6d1ed 100644 |
5259 |
+--- a/mm/migrate.c |
5260 |
++++ b/mm/migrate.c |
5261 |
+@@ -229,7 +229,7 @@ static void remove_migration_ptes(struct page *old, struct page *new) |
5262 |
+ * get to the page and wait until migration is finished. |
5263 |
+ * When we return from this function the fault will be retried. |
5264 |
+ */ |
5265 |
+-static void __migration_entry_wait(struct mm_struct *mm, pte_t *ptep, |
5266 |
++void __migration_entry_wait(struct mm_struct *mm, pte_t *ptep, |
5267 |
+ spinlock_t *ptl) |
5268 |
+ { |
5269 |
+ pte_t pte; |
5270 |
+@@ -1268,7 +1268,8 @@ static int do_move_page_to_node_array(struct mm_struct *mm, |
5271 |
+ goto put_and_set; |
5272 |
+ |
5273 |
+ if (PageHuge(page)) { |
5274 |
+- isolate_huge_page(page, &pagelist); |
5275 |
++ if (PageHead(page)) |
5276 |
++ isolate_huge_page(page, &pagelist); |
5277 |
+ goto put_and_set; |
5278 |
+ } |
5279 |
+ |
5280 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
5281 |
+index 4ff46f8..5dd905c 100644 |
5282 |
+--- a/net/core/dev.c |
5283 |
++++ b/net/core/dev.c |
5284 |
+@@ -2821,7 +2821,9 @@ static void skb_update_prio(struct sk_buff *skb) |
5285 |
+ #define skb_update_prio(skb) |
5286 |
+ #endif |
5287 |
+ |
5288 |
+-static DEFINE_PER_CPU(int, xmit_recursion); |
5289 |
++DEFINE_PER_CPU(int, xmit_recursion); |
5290 |
++EXPORT_SYMBOL(xmit_recursion); |
5291 |
++ |
5292 |
+ #define RECURSION_LIMIT 10 |
5293 |
+ |
5294 |
+ /** |
5295 |
+diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
5296 |
+index 62c67be..39c444c 100644 |
5297 |
+--- a/net/core/skbuff.c |
5298 |
++++ b/net/core/skbuff.c |
5299 |
+@@ -4141,18 +4141,20 @@ EXPORT_SYMBOL(skb_try_coalesce); |
5300 |
+ */ |
5301 |
+ void skb_scrub_packet(struct sk_buff *skb, bool xnet) |
5302 |
+ { |
5303 |
+- if (xnet) |
5304 |
+- skb_orphan(skb); |
5305 |
+ skb->tstamp.tv64 = 0; |
5306 |
+ skb->pkt_type = PACKET_HOST; |
5307 |
+ skb->skb_iif = 0; |
5308 |
+ skb->ignore_df = 0; |
5309 |
+ skb_dst_drop(skb); |
5310 |
+- skb->mark = 0; |
5311 |
+- skb_init_secmark(skb); |
5312 |
+ secpath_reset(skb); |
5313 |
+ nf_reset(skb); |
5314 |
+ nf_reset_trace(skb); |
5315 |
++ |
5316 |
++ if (!xnet) |
5317 |
++ return; |
5318 |
++ |
5319 |
++ skb_orphan(skb); |
5320 |
++ skb->mark = 0; |
5321 |
+ } |
5322 |
+ EXPORT_SYMBOL_GPL(skb_scrub_packet); |
5323 |
+ |
5324 |
+diff --git a/net/core/sock.c b/net/core/sock.c |
5325 |
+index 1c7a33d..a91f99f 100644 |
5326 |
+--- a/net/core/sock.c |
5327 |
++++ b/net/core/sock.c |
5328 |
+@@ -651,6 +651,25 @@ static inline void sock_valbool_flag(struct sock *sk, int bit, int valbool) |
5329 |
+ sock_reset_flag(sk, bit); |
5330 |
+ } |
5331 |
+ |
5332 |
++bool sk_mc_loop(struct sock *sk) |
5333 |
++{ |
5334 |
++ if (dev_recursion_level()) |
5335 |
++ return false; |
5336 |
++ if (!sk) |
5337 |
++ return true; |
5338 |
++ switch (sk->sk_family) { |
5339 |
++ case AF_INET: |
5340 |
++ return inet_sk(sk)->mc_loop; |
5341 |
++#if IS_ENABLED(CONFIG_IPV6) |
5342 |
++ case AF_INET6: |
5343 |
++ return inet6_sk(sk)->mc_loop; |
5344 |
++#endif |
5345 |
++ } |
5346 |
++ WARN_ON(1); |
5347 |
++ return true; |
5348 |
++} |
5349 |
++EXPORT_SYMBOL(sk_mc_loop); |
5350 |
++ |
5351 |
+ /* |
5352 |
+ * This is meant for all protocols to use and covers goings on |
5353 |
+ * at the socket level. Everything here is generic. |
5354 |
+diff --git a/net/ipv4/geneve.c b/net/ipv4/geneve.c |
5355 |
+index 394a200..69711d8 100644 |
5356 |
+--- a/net/ipv4/geneve.c |
5357 |
++++ b/net/ipv4/geneve.c |
5358 |
+@@ -121,10 +121,6 @@ int geneve_xmit_skb(struct geneve_sock *gs, struct rtable *rt, |
5359 |
+ int min_headroom; |
5360 |
+ int err; |
5361 |
+ |
5362 |
+- skb = udp_tunnel_handle_offloads(skb, !gs->sock->sk->sk_no_check_tx); |
5363 |
+- if (IS_ERR(skb)) |
5364 |
+- return PTR_ERR(skb); |
5365 |
+- |
5366 |
+ min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len |
5367 |
+ + GENEVE_BASE_HLEN + opt_len + sizeof(struct iphdr) |
5368 |
+ + (vlan_tx_tag_present(skb) ? VLAN_HLEN : 0); |
5369 |
+@@ -139,6 +135,10 @@ int geneve_xmit_skb(struct geneve_sock *gs, struct rtable *rt, |
5370 |
+ if (unlikely(!skb)) |
5371 |
+ return -ENOMEM; |
5372 |
+ |
5373 |
++ skb = udp_tunnel_handle_offloads(skb, !gs->sock->sk->sk_no_check_tx); |
5374 |
++ if (IS_ERR(skb)) |
5375 |
++ return PTR_ERR(skb); |
5376 |
++ |
5377 |
+ gnvh = (struct genevehdr *)__skb_push(skb, sizeof(*gnvh) + opt_len); |
5378 |
+ geneve_build_header(gnvh, tun_flags, vni, opt_len, opt); |
5379 |
+ |
5380 |
+diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
5381 |
+index 075ab4d..08ccca6 100644 |
5382 |
+--- a/net/ipv4/tcp_input.c |
5383 |
++++ b/net/ipv4/tcp_input.c |
5384 |
+@@ -3104,10 +3104,11 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, |
5385 |
+ if (!first_ackt.v64) |
5386 |
+ first_ackt = last_ackt; |
5387 |
+ |
5388 |
+- if (!(sacked & TCPCB_SACKED_ACKED)) |
5389 |
++ if (!(sacked & TCPCB_SACKED_ACKED)) { |
5390 |
+ reord = min(pkts_acked, reord); |
5391 |
+- if (!after(scb->end_seq, tp->high_seq)) |
5392 |
+- flag |= FLAG_ORIG_SACK_ACKED; |
5393 |
++ if (!after(scb->end_seq, tp->high_seq)) |
5394 |
++ flag |= FLAG_ORIG_SACK_ACKED; |
5395 |
++ } |
5396 |
+ } |
5397 |
+ |
5398 |
+ if (sacked & TCPCB_SACKED_ACKED) |
5399 |
+diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
5400 |
+index d22f544..982347e 100644 |
5401 |
+--- a/net/ipv4/tcp_ipv4.c |
5402 |
++++ b/net/ipv4/tcp_ipv4.c |
5403 |
+@@ -1516,7 +1516,7 @@ void tcp_v4_early_demux(struct sk_buff *skb) |
5404 |
+ skb->sk = sk; |
5405 |
+ skb->destructor = sock_edemux; |
5406 |
+ if (sk->sk_state != TCP_TIME_WAIT) { |
5407 |
+- struct dst_entry *dst = sk->sk_rx_dst; |
5408 |
++ struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst); |
5409 |
+ |
5410 |
+ if (dst) |
5411 |
+ dst = dst_check(dst, 0); |
5412 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
5413 |
+index 9790f39..9f29453 100644 |
5414 |
+--- a/net/ipv4/tcp_output.c |
5415 |
++++ b/net/ipv4/tcp_output.c |
5416 |
+@@ -2931,6 +2931,8 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, |
5417 |
+ } |
5418 |
+ #endif |
5419 |
+ |
5420 |
++ /* Do not fool tcpdump (if any), clean our debris */ |
5421 |
++ skb->tstamp.tv64 = 0; |
5422 |
+ return skb; |
5423 |
+ } |
5424 |
+ EXPORT_SYMBOL(tcp_make_synack); |
5425 |
+diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c |
5426 |
+index 3f5aa99..0bf56e5 100644 |
5427 |
+--- a/net/ipv6/ip6_output.c |
5428 |
++++ b/net/ipv6/ip6_output.c |
5429 |
+@@ -541,7 +541,8 @@ int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)) |
5430 |
+ { |
5431 |
+ struct sk_buff *frag; |
5432 |
+ struct rt6_info *rt = (struct rt6_info *)skb_dst(skb); |
5433 |
+- struct ipv6_pinfo *np = skb->sk ? inet6_sk(skb->sk) : NULL; |
5434 |
++ struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ? |
5435 |
++ inet6_sk(skb->sk) : NULL; |
5436 |
+ struct ipv6hdr *tmp_hdr; |
5437 |
+ struct frag_hdr *fh; |
5438 |
+ unsigned int mtu, hlen, left, len; |
5439 |
+diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c |
5440 |
+index 6828667..d375ce6 100644 |
5441 |
+--- a/net/ipv6/ndisc.c |
5442 |
++++ b/net/ipv6/ndisc.c |
5443 |
+@@ -1216,7 +1216,14 @@ static void ndisc_router_discovery(struct sk_buff *skb) |
5444 |
+ if (rt) |
5445 |
+ rt6_set_expires(rt, jiffies + (HZ * lifetime)); |
5446 |
+ if (ra_msg->icmph.icmp6_hop_limit) { |
5447 |
+- in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; |
5448 |
++ /* Only set hop_limit on the interface if it is higher than |
5449 |
++ * the current hop_limit. |
5450 |
++ */ |
5451 |
++ if (in6_dev->cnf.hop_limit < ra_msg->icmph.icmp6_hop_limit) { |
5452 |
++ in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit; |
5453 |
++ } else { |
5454 |
++ ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than current\n"); |
5455 |
++ } |
5456 |
+ if (rt) |
5457 |
+ dst_metric_set(&rt->dst, RTAX_HOPLIMIT, |
5458 |
+ ra_msg->icmph.icmp6_hop_limit); |
5459 |
+diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
5460 |
+index 9c0b54e..b899793 100644 |
5461 |
+--- a/net/ipv6/tcp_ipv6.c |
5462 |
++++ b/net/ipv6/tcp_ipv6.c |
5463 |
+@@ -1409,6 +1409,15 @@ static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr, |
5464 |
+ TCP_SKB_CB(skb)->sacked = 0; |
5465 |
+ } |
5466 |
+ |
5467 |
++static void tcp_v6_restore_cb(struct sk_buff *skb) |
5468 |
++{ |
5469 |
++ /* We need to move header back to the beginning if xfrm6_policy_check() |
5470 |
++ * and tcp_v6_fill_cb() are going to be called again. |
5471 |
++ */ |
5472 |
++ memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6, |
5473 |
++ sizeof(struct inet6_skb_parm)); |
5474 |
++} |
5475 |
++ |
5476 |
+ static int tcp_v6_rcv(struct sk_buff *skb) |
5477 |
+ { |
5478 |
+ const struct tcphdr *th; |
5479 |
+@@ -1541,6 +1550,7 @@ do_time_wait: |
5480 |
+ inet_twsk_deschedule(tw, &tcp_death_row); |
5481 |
+ inet_twsk_put(tw); |
5482 |
+ sk = sk2; |
5483 |
++ tcp_v6_restore_cb(skb); |
5484 |
+ goto process; |
5485 |
+ } |
5486 |
+ /* Fall through to ACK */ |
5487 |
+@@ -1549,6 +1559,7 @@ do_time_wait: |
5488 |
+ tcp_v6_timewait_ack(sk, skb); |
5489 |
+ break; |
5490 |
+ case TCP_TW_RST: |
5491 |
++ tcp_v6_restore_cb(skb); |
5492 |
+ goto no_tcp_socket; |
5493 |
+ case TCP_TW_SUCCESS: |
5494 |
+ ; |
5495 |
+@@ -1583,7 +1594,7 @@ static void tcp_v6_early_demux(struct sk_buff *skb) |
5496 |
+ skb->sk = sk; |
5497 |
+ skb->destructor = sock_edemux; |
5498 |
+ if (sk->sk_state != TCP_TIME_WAIT) { |
5499 |
+- struct dst_entry *dst = sk->sk_rx_dst; |
5500 |
++ struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst); |
5501 |
+ |
5502 |
+ if (dst) |
5503 |
+ dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie); |
5504 |
+diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c |
5505 |
+index 2034c6d..296cc24 100644 |
5506 |
+--- a/net/openvswitch/vport.c |
5507 |
++++ b/net/openvswitch/vport.c |
5508 |
+@@ -274,10 +274,8 @@ void ovs_vport_del(struct vport *vport) |
5509 |
+ ASSERT_OVSL(); |
5510 |
+ |
5511 |
+ hlist_del_rcu(&vport->hash_node); |
5512 |
+- |
5513 |
+- vport->ops->destroy(vport); |
5514 |
+- |
5515 |
+ module_put(vport->ops->owner); |
5516 |
++ vport->ops->destroy(vport); |
5517 |
+ } |
5518 |
+ |
5519 |
+ /** |
5520 |
|
5521 |
diff --git a/3.19.5/4420_grsecurity-3.1-3.19.5-201504270827.patch b/3.19.6/4420_grsecurity-3.1-3.19.6-201504290821.patch |
5522 |
similarity index 99% |
5523 |
rename from 3.19.5/4420_grsecurity-3.1-3.19.5-201504270827.patch |
5524 |
rename to 3.19.6/4420_grsecurity-3.1-3.19.6-201504290821.patch |
5525 |
index 2036ebb..68f5d26 100644 |
5526 |
--- a/3.19.5/4420_grsecurity-3.1-3.19.5-201504270827.patch |
5527 |
+++ b/3.19.6/4420_grsecurity-3.1-3.19.6-201504290821.patch |
5528 |
@@ -373,7 +373,7 @@ index 176d4fe..6eabd3c 100644 |
5529 |
|
5530 |
pcd. [PARIDE] |
5531 |
diff --git a/Makefile b/Makefile |
5532 |
-index 633b5f0..10aa54f 100644 |
5533 |
+index 65c7c87..abe7f93 100644 |
5534 |
--- a/Makefile |
5535 |
+++ b/Makefile |
5536 |
@@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
5537 |
@@ -5569,10 +5569,10 @@ index ba5ba7a..36e9d3a 100644 |
5538 |
/* |
5539 |
* If for any reason at all we couldn't handle the fault, make |
5540 |
diff --git a/arch/ia64/mm/hugetlbpage.c b/arch/ia64/mm/hugetlbpage.c |
5541 |
-index 76069c1..c2aa816 100644 |
5542 |
+index 52b7604b..455cb85 100644 |
5543 |
--- a/arch/ia64/mm/hugetlbpage.c |
5544 |
+++ b/arch/ia64/mm/hugetlbpage.c |
5545 |
-@@ -149,6 +149,7 @@ unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr, u |
5546 |
+@@ -143,6 +143,7 @@ unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr, u |
5547 |
unsigned long pgoff, unsigned long flags) |
5548 |
{ |
5549 |
struct vm_unmapped_area_info info; |
5550 |
@@ -5580,7 +5580,7 @@ index 76069c1..c2aa816 100644 |
5551 |
|
5552 |
if (len > RGN_MAP_LIMIT) |
5553 |
return -ENOMEM; |
5554 |
-@@ -172,6 +173,7 @@ unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr, u |
5555 |
+@@ -166,6 +167,7 @@ unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr, u |
5556 |
info.high_limit = HPAGE_REGION_BASE + RGN_MAP_LIMIT; |
5557 |
info.align_mask = PAGE_MASK & (HPAGE_SIZE - 1); |
5558 |
info.align_offset = 0; |
5559 |
@@ -5692,10 +5692,10 @@ index d703d8e..a8e2d70 100644 |
5560 |
|
5561 |
#define smp_load_acquire(p) \ |
5562 |
diff --git a/arch/metag/mm/hugetlbpage.c b/arch/metag/mm/hugetlbpage.c |
5563 |
-index 3c32075..ae0ae75 100644 |
5564 |
+index 7ca80ac..794ba72 100644 |
5565 |
--- a/arch/metag/mm/hugetlbpage.c |
5566 |
+++ b/arch/metag/mm/hugetlbpage.c |
5567 |
-@@ -200,6 +200,7 @@ hugetlb_get_unmapped_area_new_pmd(unsigned long len) |
5568 |
+@@ -194,6 +194,7 @@ hugetlb_get_unmapped_area_new_pmd(unsigned long len) |
5569 |
info.high_limit = TASK_SIZE; |
5570 |
info.align_mask = PAGE_MASK & HUGEPT_MASK; |
5571 |
info.align_offset = 0; |
5572 |
@@ -12237,7 +12237,7 @@ index 4798232..f76e3aa 100644 |
5573 |
* load/store/atomic was a write or not, it only says that there |
5574 |
* was no match. So in such a case we (carefully) read the |
5575 |
diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c |
5576 |
-index d329537..2c3746a 100644 |
5577 |
+index 4242eab..9ae6360 100644 |
5578 |
--- a/arch/sparc/mm/hugetlbpage.c |
5579 |
+++ b/arch/sparc/mm/hugetlbpage.c |
5580 |
@@ -25,8 +25,10 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *filp, |
5581 |
@@ -12448,10 +12448,10 @@ index b6cde32..c0cb736 100644 |
5582 |
else |
5583 |
copy_from_user_overflow(); |
5584 |
diff --git a/arch/tile/mm/hugetlbpage.c b/arch/tile/mm/hugetlbpage.c |
5585 |
-index 3270e00..a77236e 100644 |
5586 |
+index 8416240..a012fb7 100644 |
5587 |
--- a/arch/tile/mm/hugetlbpage.c |
5588 |
+++ b/arch/tile/mm/hugetlbpage.c |
5589 |
-@@ -207,6 +207,7 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
5590 |
+@@ -179,6 +179,7 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
5591 |
info.high_limit = TASK_SIZE; |
5592 |
info.align_mask = PAGE_MASK & ~huge_page_mask(h); |
5593 |
info.align_offset = 0; |
5594 |
@@ -12459,7 +12459,7 @@ index 3270e00..a77236e 100644 |
5595 |
return vm_unmapped_area(&info); |
5596 |
} |
5597 |
|
5598 |
-@@ -224,6 +225,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5599 |
+@@ -196,6 +197,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5600 |
info.high_limit = current->mm->mmap_base; |
5601 |
info.align_mask = PAGE_MASK & ~huge_page_mask(h); |
5602 |
info.align_offset = 0; |
5603 |
@@ -28842,7 +28842,7 @@ index 41dd038..de331cf 100644 |
5604 |
|
5605 |
local_irq_disable(); |
5606 |
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
5607 |
-index d4c58d8..eaf2568 100644 |
5608 |
+index 3124464..2e42ec3 100644 |
5609 |
--- a/arch/x86/kvm/vmx.c |
5610 |
+++ b/arch/x86/kvm/vmx.c |
5611 |
@@ -1380,12 +1380,12 @@ static void vmcs_write64(unsigned long field, u64 value) |
5612 |
@@ -28892,7 +28892,7 @@ index d4c58d8..eaf2568 100644 |
5613 |
{ |
5614 |
u64 host_tsc, tsc_offset; |
5615 |
|
5616 |
-@@ -4252,7 +4260,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) |
5617 |
+@@ -4255,7 +4263,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) |
5618 |
unsigned long cr4; |
5619 |
|
5620 |
vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */ |
5621 |
@@ -28903,7 +28903,7 @@ index d4c58d8..eaf2568 100644 |
5622 |
|
5623 |
/* Save the most likely value for this task's CR4 in the VMCS. */ |
5624 |
cr4 = read_cr4(); |
5625 |
-@@ -4279,7 +4290,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) |
5626 |
+@@ -4282,7 +4293,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) |
5627 |
vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ |
5628 |
vmx->host_idt_base = dt.address; |
5629 |
|
5630 |
@@ -28912,7 +28912,7 @@ index d4c58d8..eaf2568 100644 |
5631 |
|
5632 |
rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); |
5633 |
vmcs_write32(HOST_IA32_SYSENTER_CS, low32); |
5634 |
-@@ -5876,11 +5887,16 @@ static __init int hardware_setup(void) |
5635 |
+@@ -5879,11 +5890,16 @@ static __init int hardware_setup(void) |
5636 |
* page upon invalidation. No need to do anything if the |
5637 |
* processor does not have the APIC_ACCESS_ADDR VMCS field. |
5638 |
*/ |
5639 |
@@ -28932,7 +28932,7 @@ index d4c58d8..eaf2568 100644 |
5640 |
|
5641 |
if (enable_ept && !cpu_has_vmx_ept_2m_page()) |
5642 |
kvm_disable_largepages(); |
5643 |
-@@ -5891,13 +5907,15 @@ static __init int hardware_setup(void) |
5644 |
+@@ -5894,13 +5910,15 @@ static __init int hardware_setup(void) |
5645 |
if (!cpu_has_vmx_apicv()) |
5646 |
enable_apicv = 0; |
5647 |
|
5648 |
@@ -28952,7 +28952,7 @@ index d4c58d8..eaf2568 100644 |
5649 |
|
5650 |
if (nested) |
5651 |
nested_vmx_setup_ctls_msrs(); |
5652 |
-@@ -7846,6 +7864,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5653 |
+@@ -7849,6 +7867,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5654 |
"jmp 2f \n\t" |
5655 |
"1: " __ex(ASM_VMX_VMRESUME) "\n\t" |
5656 |
"2: " |
5657 |
@@ -28965,7 +28965,7 @@ index d4c58d8..eaf2568 100644 |
5658 |
/* Save guest registers, load host registers, keep flags */ |
5659 |
"mov %0, %c[wordsize](%%" _ASM_SP ") \n\t" |
5660 |
"pop %0 \n\t" |
5661 |
-@@ -7898,6 +7922,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5662 |
+@@ -7901,6 +7925,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5663 |
#endif |
5664 |
[cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), |
5665 |
[wordsize]"i"(sizeof(ulong)) |
5666 |
@@ -28977,7 +28977,7 @@ index d4c58d8..eaf2568 100644 |
5667 |
: "cc", "memory" |
5668 |
#ifdef CONFIG_X86_64 |
5669 |
, "rax", "rbx", "rdi", "rsi" |
5670 |
-@@ -7911,7 +7940,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5671 |
+@@ -7914,7 +7943,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5672 |
if (debugctlmsr) |
5673 |
update_debugctlmsr(debugctlmsr); |
5674 |
|
5675 |
@@ -28986,7 +28986,7 @@ index d4c58d8..eaf2568 100644 |
5676 |
/* |
5677 |
* The sysexit path does not restore ds/es, so we must set them to |
5678 |
* a reasonable value ourselves. |
5679 |
-@@ -7920,8 +7949,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5680 |
+@@ -7923,8 +7952,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) |
5681 |
* may be executed in interrupt context, which saves and restore segments |
5682 |
* around it, nullifying its effect. |
5683 |
*/ |
5684 |
@@ -32638,10 +32638,10 @@ index 4500142..53a363c 100644 |
5685 |
|
5686 |
return (void *)vaddr; |
5687 |
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
5688 |
-index 006cc91..bf05a83 100644 |
5689 |
+index 9161f76..cbc5124 100644 |
5690 |
--- a/arch/x86/mm/hugetlbpage.c |
5691 |
+++ b/arch/x86/mm/hugetlbpage.c |
5692 |
-@@ -86,23 +86,24 @@ int pud_huge(pud_t pud) |
5693 |
+@@ -74,23 +74,24 @@ int pud_huge(pud_t pud) |
5694 |
#ifdef CONFIG_HUGETLB_PAGE |
5695 |
static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
5696 |
unsigned long addr, unsigned long len, |
5697 |
@@ -32669,7 +32669,7 @@ index 006cc91..bf05a83 100644 |
5698 |
{ |
5699 |
struct hstate *h = hstate_file(file); |
5700 |
struct vm_unmapped_area_info info; |
5701 |
-@@ -114,6 +115,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5702 |
+@@ -102,6 +103,7 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5703 |
info.high_limit = current->mm->mmap_base; |
5704 |
info.align_mask = PAGE_MASK & ~huge_page_mask(h); |
5705 |
info.align_offset = 0; |
5706 |
@@ -32677,7 +32677,7 @@ index 006cc91..bf05a83 100644 |
5707 |
addr = vm_unmapped_area(&info); |
5708 |
|
5709 |
/* |
5710 |
-@@ -126,6 +128,12 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5711 |
+@@ -114,6 +116,12 @@ static unsigned long hugetlb_get_unmapped_area_topdown(struct file *file, |
5712 |
VM_BUG_ON(addr != -ENOMEM); |
5713 |
info.flags = 0; |
5714 |
info.low_limit = TASK_UNMAPPED_BASE; |
5715 |
@@ -32690,7 +32690,7 @@ index 006cc91..bf05a83 100644 |
5716 |
info.high_limit = TASK_SIZE; |
5717 |
addr = vm_unmapped_area(&info); |
5718 |
} |
5719 |
-@@ -140,10 +148,20 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
5720 |
+@@ -128,10 +136,20 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
5721 |
struct hstate *h = hstate_file(file); |
5722 |
struct mm_struct *mm = current->mm; |
5723 |
struct vm_area_struct *vma; |
5724 |
@@ -32712,7 +32712,7 @@ index 006cc91..bf05a83 100644 |
5725 |
return -ENOMEM; |
5726 |
|
5727 |
if (flags & MAP_FIXED) { |
5728 |
-@@ -152,19 +170,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
5729 |
+@@ -140,19 +158,22 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr, |
5730 |
return addr; |
5731 |
} |
5732 |
|
5733 |
@@ -48486,7 +48486,7 @@ index 2c087ef..4859007 100644 |
5734 |
}; |
5735 |
|
5736 |
diff --git a/drivers/net/tun.c b/drivers/net/tun.c |
5737 |
-index 10f9e40..3515e7e 100644 |
5738 |
+index 9a409a8..3d44477 100644 |
5739 |
--- a/drivers/net/tun.c |
5740 |
+++ b/drivers/net/tun.c |
5741 |
@@ -1425,7 +1425,7 @@ static int tun_validate(struct nlattr *tb[], struct nlattr *data[]) |
5742 |
@@ -48657,7 +48657,7 @@ index 0ad6c0c..4013638 100644 |
5743 |
#define VIRTNET_DRIVER_VERSION "1.0.0" |
5744 |
|
5745 |
diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
5746 |
-index a8c755d..a988b71 100644 |
5747 |
+index 6c83846..215144b 100644 |
5748 |
--- a/drivers/net/vxlan.c |
5749 |
+++ b/drivers/net/vxlan.c |
5750 |
@@ -2702,7 +2702,7 @@ nla_put_failure: |
5751 |
@@ -60692,7 +60692,7 @@ index e4141f2..d8263e8 100644 |
5752 |
i += packet_length_size; |
5753 |
if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) |
5754 |
diff --git a/fs/exec.c b/fs/exec.c |
5755 |
-index ad8798e..e3f50ec 100644 |
5756 |
+index 4617a4e..e3f50ec 100644 |
5757 |
--- a/fs/exec.c |
5758 |
+++ b/fs/exec.c |
5759 |
@@ -56,8 +56,20 @@ |
5760 |
@@ -61028,7 +61028,7 @@ index ad8798e..e3f50ec 100644 |
5761 |
if (likely(leader->exit_state)) |
5762 |
break; |
5763 |
__set_current_state(TASK_KILLABLE); |
5764 |
-@@ -1252,13 +1335,60 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
5765 |
+@@ -1252,7 +1335,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
5766 |
} |
5767 |
rcu_read_unlock(); |
5768 |
|
5769 |
@@ -61037,98 +61037,7 @@ index ad8798e..e3f50ec 100644 |
5770 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
5771 |
else |
5772 |
p->fs->in_exec = 1; |
5773 |
- spin_unlock(&p->fs->lock); |
5774 |
- } |
5775 |
- |
5776 |
-+static void bprm_fill_uid(struct linux_binprm *bprm) |
5777 |
-+{ |
5778 |
-+ struct inode *inode; |
5779 |
-+ unsigned int mode; |
5780 |
-+ kuid_t uid; |
5781 |
-+ kgid_t gid; |
5782 |
-+ |
5783 |
-+ /* clear any previous set[ug]id data from a previous binary */ |
5784 |
-+ bprm->cred->euid = current_euid(); |
5785 |
-+ bprm->cred->egid = current_egid(); |
5786 |
-+ |
5787 |
-+ if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) |
5788 |
-+ return; |
5789 |
-+ |
5790 |
-+ if (task_no_new_privs(current)) |
5791 |
-+ return; |
5792 |
-+ |
5793 |
-+ inode = file_inode(bprm->file); |
5794 |
-+ mode = READ_ONCE(inode->i_mode); |
5795 |
-+ if (!(mode & (S_ISUID|S_ISGID))) |
5796 |
-+ return; |
5797 |
-+ |
5798 |
-+ /* Be careful if suid/sgid is set */ |
5799 |
-+ mutex_lock(&inode->i_mutex); |
5800 |
-+ |
5801 |
-+ /* reload atomically mode/uid/gid now that lock held */ |
5802 |
-+ mode = inode->i_mode; |
5803 |
-+ uid = inode->i_uid; |
5804 |
-+ gid = inode->i_gid; |
5805 |
-+ mutex_unlock(&inode->i_mutex); |
5806 |
-+ |
5807 |
-+ /* We ignore suid/sgid if there are no mappings for them in the ns */ |
5808 |
-+ if (!kuid_has_mapping(bprm->cred->user_ns, uid) || |
5809 |
-+ !kgid_has_mapping(bprm->cred->user_ns, gid)) |
5810 |
-+ return; |
5811 |
-+ |
5812 |
-+ if (mode & S_ISUID) { |
5813 |
-+ bprm->per_clear |= PER_CLEAR_ON_SETID; |
5814 |
-+ bprm->cred->euid = uid; |
5815 |
-+ } |
5816 |
-+ |
5817 |
-+ if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
5818 |
-+ bprm->per_clear |= PER_CLEAR_ON_SETID; |
5819 |
-+ bprm->cred->egid = gid; |
5820 |
-+ } |
5821 |
-+} |
5822 |
-+ |
5823 |
- /* |
5824 |
- * Fill the binprm structure from the inode. |
5825 |
- * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes |
5826 |
-@@ -1267,36 +1397,9 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
5827 |
- */ |
5828 |
- int prepare_binprm(struct linux_binprm *bprm) |
5829 |
- { |
5830 |
-- struct inode *inode = file_inode(bprm->file); |
5831 |
-- umode_t mode = inode->i_mode; |
5832 |
- int retval; |
5833 |
- |
5834 |
-- |
5835 |
-- /* clear any previous set[ug]id data from a previous binary */ |
5836 |
-- bprm->cred->euid = current_euid(); |
5837 |
-- bprm->cred->egid = current_egid(); |
5838 |
-- |
5839 |
-- if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) && |
5840 |
-- !task_no_new_privs(current) && |
5841 |
-- kuid_has_mapping(bprm->cred->user_ns, inode->i_uid) && |
5842 |
-- kgid_has_mapping(bprm->cred->user_ns, inode->i_gid)) { |
5843 |
-- /* Set-uid? */ |
5844 |
-- if (mode & S_ISUID) { |
5845 |
-- bprm->per_clear |= PER_CLEAR_ON_SETID; |
5846 |
-- bprm->cred->euid = inode->i_uid; |
5847 |
-- } |
5848 |
-- |
5849 |
-- /* Set-gid? */ |
5850 |
-- /* |
5851 |
-- * If setgid is set but no group execute bit then this |
5852 |
-- * is a candidate for mandatory locking, not a setgid |
5853 |
-- * executable. |
5854 |
-- */ |
5855 |
-- if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
5856 |
-- bprm->per_clear |= PER_CLEAR_ON_SETID; |
5857 |
-- bprm->cred->egid = inode->i_gid; |
5858 |
-- } |
5859 |
-- } |
5860 |
-+ bprm_fill_uid(bprm); |
5861 |
- |
5862 |
- /* fill in binprm security blob */ |
5863 |
- retval = security_bprm_set_creds(bprm); |
5864 |
-@@ -1433,6 +1536,31 @@ static int exec_binprm(struct linux_binprm *bprm) |
5865 |
+@@ -1453,6 +1536,31 @@ static int exec_binprm(struct linux_binprm *bprm) |
5866 |
return ret; |
5867 |
} |
5868 |
|
5869 |
@@ -61160,7 +61069,7 @@ index ad8798e..e3f50ec 100644 |
5870 |
/* |
5871 |
* sys_execve() executes a new program. |
5872 |
*/ |
5873 |
-@@ -1441,6 +1569,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5874 |
+@@ -1461,6 +1569,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5875 |
struct user_arg_ptr envp, |
5876 |
int flags) |
5877 |
{ |
5878 |
@@ -61172,7 +61081,7 @@ index ad8798e..e3f50ec 100644 |
5879 |
char *pathbuf = NULL; |
5880 |
struct linux_binprm *bprm; |
5881 |
struct file *file; |
5882 |
-@@ -1450,6 +1583,8 @@ static int do_execveat_common(int fd, struct filename *filename, |
5883 |
+@@ -1470,6 +1583,8 @@ static int do_execveat_common(int fd, struct filename *filename, |
5884 |
if (IS_ERR(filename)) |
5885 |
return PTR_ERR(filename); |
5886 |
|
5887 |
@@ -61181,7 +61090,7 @@ index ad8798e..e3f50ec 100644 |
5888 |
/* |
5889 |
* We move the actual failure in case of RLIMIT_NPROC excess from |
5890 |
* set*uid() to execve() because too many poorly written programs |
5891 |
-@@ -1487,6 +1622,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5892 |
+@@ -1507,6 +1622,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5893 |
if (IS_ERR(file)) |
5894 |
goto out_unmark; |
5895 |
|
5896 |
@@ -61193,7 +61102,7 @@ index ad8798e..e3f50ec 100644 |
5897 |
sched_exec(); |
5898 |
|
5899 |
bprm->file = file; |
5900 |
-@@ -1513,6 +1653,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5901 |
+@@ -1533,6 +1653,11 @@ static int do_execveat_common(int fd, struct filename *filename, |
5902 |
} |
5903 |
bprm->interp = bprm->filename; |
5904 |
|
5905 |
@@ -61205,7 +61114,7 @@ index ad8798e..e3f50ec 100644 |
5906 |
retval = bprm_mm_init(bprm); |
5907 |
if (retval) |
5908 |
goto out_unmark; |
5909 |
-@@ -1529,24 +1674,70 @@ static int do_execveat_common(int fd, struct filename *filename, |
5910 |
+@@ -1549,24 +1674,70 @@ static int do_execveat_common(int fd, struct filename *filename, |
5911 |
if (retval < 0) |
5912 |
goto out; |
5913 |
|
5914 |
@@ -61280,7 +61189,7 @@ index ad8798e..e3f50ec 100644 |
5915 |
current->fs->in_exec = 0; |
5916 |
current->in_execve = 0; |
5917 |
acct_update_integrals(current); |
5918 |
-@@ -1558,6 +1749,14 @@ static int do_execveat_common(int fd, struct filename *filename, |
5919 |
+@@ -1578,6 +1749,14 @@ static int do_execveat_common(int fd, struct filename *filename, |
5920 |
put_files_struct(displaced); |
5921 |
return retval; |
5922 |
|
5923 |
@@ -61295,7 +61204,7 @@ index ad8798e..e3f50ec 100644 |
5924 |
out: |
5925 |
if (bprm->mm) { |
5926 |
acct_arg_size(bprm, 0); |
5927 |
-@@ -1704,3 +1903,312 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, |
5928 |
+@@ -1724,3 +1903,312 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd, |
5929 |
argv, envp, flags); |
5930 |
} |
5931 |
#endif |
5932 |
@@ -84080,7 +83989,7 @@ index 17d8339..81656c0 100644 |
5933 |
struct iovec; |
5934 |
struct kvec; |
5935 |
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
5936 |
-index 52fd8e8..19430a1 100644 |
5937 |
+index 840fb7f..547ad02 100644 |
5938 |
--- a/include/linux/netdevice.h |
5939 |
+++ b/include/linux/netdevice.h |
5940 |
@@ -1191,6 +1191,7 @@ struct net_device_ops { |
5941 |
@@ -86496,7 +86405,7 @@ index 80479ab..0c3f647 100644 |
5942 |
struct rcu_head rcu; |
5943 |
struct inet_peer *gc_next; |
5944 |
diff --git a/include/net/ip.h b/include/net/ip.h |
5945 |
-index 09cf5ae..ab62fcf 100644 |
5946 |
+index c0c26c3..29f0420 100644 |
5947 |
--- a/include/net/ip.h |
5948 |
+++ b/include/net/ip.h |
5949 |
@@ -317,7 +317,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb) |
5950 |
@@ -86937,7 +86846,7 @@ index 2bb2fcf..d17c291 100644 |
5951 |
|
5952 |
/* Structure to track chunk fragments that have been acked, but peer |
5953 |
diff --git a/include/net/sock.h b/include/net/sock.h |
5954 |
-index 2210fec..2249ad0 100644 |
5955 |
+index 45b54d3..10efeac 100644 |
5956 |
--- a/include/net/sock.h |
5957 |
+++ b/include/net/sock.h |
5958 |
@@ -362,7 +362,7 @@ struct sock { |
5959 |
@@ -86976,7 +86885,7 @@ index 2210fec..2249ad0 100644 |
5960 |
|
5961 |
static inline struct sock_iocb *kiocb_to_siocb(struct kiocb *iocb) |
5962 |
{ |
5963 |
-@@ -1826,7 +1826,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
5964 |
+@@ -1828,7 +1828,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
5965 |
} |
5966 |
|
5967 |
static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, |
5968 |
@@ -86985,7 +86894,7 @@ index 2210fec..2249ad0 100644 |
5969 |
int copy, int offset) |
5970 |
{ |
5971 |
if (skb->ip_summed == CHECKSUM_NONE) { |
5972 |
-@@ -2075,7 +2075,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
5973 |
+@@ -2077,7 +2077,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
5974 |
} |
5975 |
} |
5976 |
|
5977 |
@@ -88423,20 +88332,6 @@ index 536edc2..d28c85d 100644 |
5978 |
|
5979 |
if (!access_ok(VERIFY_READ, uattr, 1)) |
5980 |
return -EFAULT; |
5981 |
-diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c |
5982 |
-index a28e09c..36508e6 100644 |
5983 |
---- a/kernel/bpf/verifier.c |
5984 |
-+++ b/kernel/bpf/verifier.c |
5985 |
-@@ -1380,7 +1380,8 @@ peek_stack: |
5986 |
- /* tell verifier to check for equivalent states |
5987 |
- * after every call and jump |
5988 |
- */ |
5989 |
-- env->explored_states[t + 1] = STATE_LIST_MARK; |
5990 |
-+ if (t + 1 < insn_cnt) |
5991 |
-+ env->explored_states[t + 1] = STATE_LIST_MARK; |
5992 |
- } else { |
5993 |
- /* conditional jump with two edges */ |
5994 |
- ret = push_insn(t, t + 1, FALLTHROUGH, env); |
5995 |
diff --git a/kernel/capability.c b/kernel/capability.c |
5996 |
index 989f5bf..d317ca0 100644 |
5997 |
--- a/kernel/capability.c |
5998 |
@@ -95794,10 +95689,10 @@ index 2805d71..8b56e7d 100644 |
5999 |
* Make sure the vma is shared, that it supports prefaulting, |
6000 |
* and that the remapped range is valid and fully within |
6001 |
diff --git a/mm/gup.c b/mm/gup.c |
6002 |
-index 9b2afbf..647297c 100644 |
6003 |
+index e29c374..66e998f 100644 |
6004 |
--- a/mm/gup.c |
6005 |
+++ b/mm/gup.c |
6006 |
-@@ -274,11 +274,6 @@ static int faultin_page(struct task_struct *tsk, struct vm_area_struct *vma, |
6007 |
+@@ -265,11 +265,6 @@ static int faultin_page(struct task_struct *tsk, struct vm_area_struct *vma, |
6008 |
unsigned int fault_flags = 0; |
6009 |
int ret; |
6010 |
|
6011 |
@@ -95809,7 +95704,7 @@ index 9b2afbf..647297c 100644 |
6012 |
if (*flags & FOLL_WRITE) |
6013 |
fault_flags |= FAULT_FLAG_WRITE; |
6014 |
if (nonblocking) |
6015 |
-@@ -444,14 +439,14 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
6016 |
+@@ -435,14 +430,14 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
6017 |
if (!(gup_flags & FOLL_FORCE)) |
6018 |
gup_flags |= FOLL_NUMA; |
6019 |
|
6020 |
@@ -95826,7 +95721,7 @@ index 9b2afbf..647297c 100644 |
6021 |
if (!vma && in_gate_area(mm, start)) { |
6022 |
int ret; |
6023 |
ret = get_gate_page(mm, start & PAGE_MASK, |
6024 |
-@@ -463,7 +458,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
6025 |
+@@ -454,7 +449,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
6026 |
goto next_page; |
6027 |
} |
6028 |
|
6029 |
@@ -95835,7 +95730,7 @@ index 9b2afbf..647297c 100644 |
6030 |
return i ? : -EFAULT; |
6031 |
if (is_vm_hugetlb_page(vma)) { |
6032 |
i = follow_hugetlb_page(mm, vma, pages, vmas, |
6033 |
-@@ -518,7 +513,7 @@ next_page: |
6034 |
+@@ -509,7 +504,7 @@ next_page: |
6035 |
i += page_increm; |
6036 |
start += page_increm * PAGE_SIZE; |
6037 |
nr_pages -= page_increm; |
6038 |
@@ -95873,7 +95768,7 @@ index 123bcd3..0de52ba 100644 |
6039 |
set_page_address(page, (void *)vaddr); |
6040 |
|
6041 |
diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
6042 |
-index 267e419..394bed9 100644 |
6043 |
+index a2bfd02..2126298 100644 |
6044 |
--- a/mm/hugetlb.c |
6045 |
+++ b/mm/hugetlb.c |
6046 |
@@ -2258,6 +2258,7 @@ static int hugetlb_sysctl_handler_common(bool obey_mempolicy, |
6047 |
@@ -97019,10 +96914,10 @@ index 0e0961b..c9143b9 100644 |
6048 |
capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); |
6049 |
|
6050 |
diff --git a/mm/migrate.c b/mm/migrate.c |
6051 |
-index 344cdf6..07399500 100644 |
6052 |
+index be6d1ed..d778cc1 100644 |
6053 |
--- a/mm/migrate.c |
6054 |
+++ b/mm/migrate.c |
6055 |
-@@ -1503,8 +1503,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, |
6056 |
+@@ -1504,8 +1504,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, |
6057 |
*/ |
6058 |
tcred = __task_cred(task); |
6059 |
if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && |
6060 |
@@ -101731,7 +101626,7 @@ index df493d6..1145766 100644 |
6061 |
|
6062 |
return err; |
6063 |
diff --git a/net/core/dev.c b/net/core/dev.c |
6064 |
-index 4ff46f8..e877e78 100644 |
6065 |
+index 5dd905c..a95d262 100644 |
6066 |
--- a/net/core/dev.c |
6067 |
+++ b/net/core/dev.c |
6068 |
@@ -1680,14 +1680,14 @@ int __dev_forward_skb(struct net_device *dev, struct sk_buff *skb) |
6069 |
@@ -101751,7 +101646,7 @@ index 4ff46f8..e877e78 100644 |
6070 |
kfree_skb(skb); |
6071 |
return NET_RX_DROP; |
6072 |
} |
6073 |
-@@ -2958,7 +2958,7 @@ recursion_alert: |
6074 |
+@@ -2960,7 +2960,7 @@ recursion_alert: |
6075 |
drop: |
6076 |
rcu_read_unlock_bh(); |
6077 |
|
6078 |
@@ -101760,7 +101655,7 @@ index 4ff46f8..e877e78 100644 |
6079 |
kfree_skb_list(skb); |
6080 |
return rc; |
6081 |
out: |
6082 |
-@@ -3301,7 +3301,7 @@ enqueue: |
6083 |
+@@ -3303,7 +3303,7 @@ enqueue: |
6084 |
|
6085 |
local_irq_restore(flags); |
6086 |
|
6087 |
@@ -101769,7 +101664,7 @@ index 4ff46f8..e877e78 100644 |
6088 |
kfree_skb(skb); |
6089 |
return NET_RX_DROP; |
6090 |
} |
6091 |
-@@ -3378,7 +3378,7 @@ int netif_rx_ni(struct sk_buff *skb) |
6092 |
+@@ -3380,7 +3380,7 @@ int netif_rx_ni(struct sk_buff *skb) |
6093 |
} |
6094 |
EXPORT_SYMBOL(netif_rx_ni); |
6095 |
|
6096 |
@@ -101778,7 +101673,7 @@ index 4ff46f8..e877e78 100644 |
6097 |
{ |
6098 |
struct softnet_data *sd = this_cpu_ptr(&softnet_data); |
6099 |
|
6100 |
-@@ -3711,7 +3711,7 @@ ncls: |
6101 |
+@@ -3713,7 +3713,7 @@ ncls: |
6102 |
ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
6103 |
} else { |
6104 |
drop: |
6105 |
@@ -101787,7 +101682,7 @@ index 4ff46f8..e877e78 100644 |
6106 |
kfree_skb(skb); |
6107 |
/* Jamal, now you will not able to escape explaining |
6108 |
* me how you were going to use this. :-) |
6109 |
-@@ -4599,7 +4599,7 @@ out_unlock: |
6110 |
+@@ -4601,7 +4601,7 @@ out_unlock: |
6111 |
return work; |
6112 |
} |
6113 |
|
6114 |
@@ -101796,7 +101691,7 @@ index 4ff46f8..e877e78 100644 |
6115 |
{ |
6116 |
struct softnet_data *sd = this_cpu_ptr(&softnet_data); |
6117 |
unsigned long time_limit = jiffies + 2; |
6118 |
-@@ -6610,8 +6610,8 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
6119 |
+@@ -6612,8 +6612,8 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
6120 |
} else { |
6121 |
netdev_stats_to_stats64(storage, &dev->stats); |
6122 |
} |
6123 |
@@ -102153,7 +102048,7 @@ index 3b6899b..cf36238 100644 |
6124 |
{ |
6125 |
struct socket *sock; |
6126 |
diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
6127 |
-index 62c67be..361c354 100644 |
6128 |
+index 39c444c..361c354 100644 |
6129 |
--- a/net/core/skbuff.c |
6130 |
+++ b/net/core/skbuff.c |
6131 |
@@ -2123,7 +2123,7 @@ EXPORT_SYMBOL(__skb_checksum); |
6132 |
@@ -102182,33 +102077,8 @@ index 62c67be..361c354 100644 |
6133 |
NULL); |
6134 |
} |
6135 |
|
6136 |
-@@ -4141,18 +4143,20 @@ EXPORT_SYMBOL(skb_try_coalesce); |
6137 |
- */ |
6138 |
- void skb_scrub_packet(struct sk_buff *skb, bool xnet) |
6139 |
- { |
6140 |
-- if (xnet) |
6141 |
-- skb_orphan(skb); |
6142 |
- skb->tstamp.tv64 = 0; |
6143 |
- skb->pkt_type = PACKET_HOST; |
6144 |
- skb->skb_iif = 0; |
6145 |
- skb->ignore_df = 0; |
6146 |
- skb_dst_drop(skb); |
6147 |
-- skb->mark = 0; |
6148 |
-- skb_init_secmark(skb); |
6149 |
- secpath_reset(skb); |
6150 |
- nf_reset(skb); |
6151 |
- nf_reset_trace(skb); |
6152 |
-+ |
6153 |
-+ if (!xnet) |
6154 |
-+ return; |
6155 |
-+ |
6156 |
-+ skb_orphan(skb); |
6157 |
-+ skb->mark = 0; |
6158 |
- } |
6159 |
- EXPORT_SYMBOL_GPL(skb_scrub_packet); |
6160 |
- |
6161 |
diff --git a/net/core/sock.c b/net/core/sock.c |
6162 |
-index 1c7a33d..a3817e2 100644 |
6163 |
+index a91f99f..603a20c 100644 |
6164 |
--- a/net/core/sock.c |
6165 |
+++ b/net/core/sock.c |
6166 |
@@ -441,7 +441,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) |
6167 |
@@ -102256,7 +102126,7 @@ index 1c7a33d..a3817e2 100644 |
6168 |
goto discard_and_relse; |
6169 |
} |
6170 |
|
6171 |
-@@ -888,6 +888,7 @@ set_rcvbuf: |
6172 |
+@@ -907,6 +907,7 @@ set_rcvbuf: |
6173 |
} |
6174 |
break; |
6175 |
|
6176 |
@@ -102264,7 +102134,7 @@ index 1c7a33d..a3817e2 100644 |
6177 |
case SO_ATTACH_BPF: |
6178 |
ret = -EINVAL; |
6179 |
if (optlen == sizeof(u32)) { |
6180 |
-@@ -900,7 +901,7 @@ set_rcvbuf: |
6181 |
+@@ -919,7 +920,7 @@ set_rcvbuf: |
6182 |
ret = sk_attach_bpf(ufd, sk); |
6183 |
} |
6184 |
break; |
6185 |
@@ -102273,7 +102143,7 @@ index 1c7a33d..a3817e2 100644 |
6186 |
case SO_DETACH_FILTER: |
6187 |
ret = sk_detach_filter(sk); |
6188 |
break; |
6189 |
-@@ -1004,12 +1005,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6190 |
+@@ -1023,12 +1024,12 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6191 |
struct timeval tm; |
6192 |
} v; |
6193 |
|
6194 |
@@ -102289,7 +102159,7 @@ index 1c7a33d..a3817e2 100644 |
6195 |
return -EINVAL; |
6196 |
|
6197 |
memset(&v, 0, sizeof(v)); |
6198 |
-@@ -1147,11 +1148,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6199 |
+@@ -1166,11 +1167,11 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6200 |
|
6201 |
case SO_PEERNAME: |
6202 |
{ |
6203 |
@@ -102303,7 +102173,7 @@ index 1c7a33d..a3817e2 100644 |
6204 |
return -EINVAL; |
6205 |
if (copy_to_user(optval, address, len)) |
6206 |
return -EFAULT; |
6207 |
-@@ -1236,7 +1237,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6208 |
+@@ -1255,7 +1256,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, |
6209 |
|
6210 |
if (len > lv) |
6211 |
len = lv; |
6212 |
@@ -102312,7 +102182,7 @@ index 1c7a33d..a3817e2 100644 |
6213 |
return -EFAULT; |
6214 |
lenout: |
6215 |
if (put_user(len, optlen)) |
6216 |
-@@ -2349,7 +2350,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
6217 |
+@@ -2368,7 +2369,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
6218 |
*/ |
6219 |
smp_wmb(); |
6220 |
atomic_set(&sk->sk_refcnt, 1); |
6221 |
@@ -102321,7 +102191,7 @@ index 1c7a33d..a3817e2 100644 |
6222 |
} |
6223 |
EXPORT_SYMBOL(sock_init_data); |
6224 |
|
6225 |
-@@ -2477,6 +2478,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) |
6226 |
+@@ -2496,6 +2497,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) |
6227 |
int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
6228 |
int level, int type) |
6229 |
{ |
6230 |
@@ -102329,7 +102199,7 @@ index 1c7a33d..a3817e2 100644 |
6231 |
struct sock_exterr_skb *serr; |
6232 |
struct sk_buff *skb; |
6233 |
int copied, err; |
6234 |
-@@ -2498,7 +2500,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
6235 |
+@@ -2517,7 +2519,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
6236 |
sock_recv_timestamp(msg, sk, skb); |
6237 |
|
6238 |
serr = SKB_EXT_ERR(skb); |
6239 |
@@ -103469,7 +103339,7 @@ index 3075723..aa6f6e5 100644 |
6240 |
mask |= POLLOUT | POLLWRNORM; |
6241 |
} |
6242 |
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
6243 |
-index 075ab4d..8d0580a 100644 |
6244 |
+index 08ccca6..28e7ce6 100644 |
6245 |
--- a/net/ipv4/tcp_input.c |
6246 |
+++ b/net/ipv4/tcp_input.c |
6247 |
@@ -766,7 +766,7 @@ static void tcp_update_pacing_rate(struct sock *sk) |
6248 |
@@ -103481,7 +103351,7 @@ index 075ab4d..8d0580a 100644 |
6249 |
sk->sk_max_pacing_rate); |
6250 |
} |
6251 |
|
6252 |
-@@ -4528,7 +4528,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
6253 |
+@@ -4529,7 +4529,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
6254 |
* simplifies code) |
6255 |
*/ |
6256 |
static void |
6257 |
@@ -103490,7 +103360,7 @@ index 075ab4d..8d0580a 100644 |
6258 |
struct sk_buff *head, struct sk_buff *tail, |
6259 |
u32 start, u32 end) |
6260 |
{ |
6261 |
-@@ -4786,6 +4786,8 @@ static void tcp_check_space(struct sock *sk) |
6262 |
+@@ -4787,6 +4787,8 @@ static void tcp_check_space(struct sock *sk) |
6263 |
{ |
6264 |
if (sock_flag(sk, SOCK_QUEUE_SHRUNK)) { |
6265 |
sock_reset_flag(sk, SOCK_QUEUE_SHRUNK); |
6266 |
@@ -103499,7 +103369,7 @@ index 075ab4d..8d0580a 100644 |
6267 |
if (sk->sk_socket && |
6268 |
test_bit(SOCK_NOSPACE, &sk->sk_socket->flags)) |
6269 |
tcp_new_space(sk); |
6270 |
-@@ -5506,6 +5508,7 @@ discard: |
6271 |
+@@ -5507,6 +5509,7 @@ discard: |
6272 |
tcp_paws_reject(&tp->rx_opt, 0)) |
6273 |
goto discard_and_undo; |
6274 |
|
6275 |
@@ -103507,7 +103377,7 @@ index 075ab4d..8d0580a 100644 |
6276 |
if (th->syn) { |
6277 |
/* We see SYN without ACK. It is attempt of |
6278 |
* simultaneous connect with crossed SYNs. |
6279 |
-@@ -5556,6 +5559,7 @@ discard: |
6280 |
+@@ -5557,6 +5560,7 @@ discard: |
6281 |
goto discard; |
6282 |
#endif |
6283 |
} |
6284 |
@@ -103515,7 +103385,7 @@ index 075ab4d..8d0580a 100644 |
6285 |
/* "fifth, if neither of the SYN or RST bits is set then |
6286 |
* drop the segment and return." |
6287 |
*/ |
6288 |
-@@ -5602,7 +5606,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
6289 |
+@@ -5603,7 +5607,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
6290 |
goto discard; |
6291 |
|
6292 |
if (th->syn) { |
6293 |
@@ -103525,7 +103395,7 @@ index 075ab4d..8d0580a 100644 |
6294 |
if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) |
6295 |
return 1; |
6296 |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
6297 |
-index d22f544..62f6787 100644 |
6298 |
+index 982347e..aba8ca8 100644 |
6299 |
--- a/net/ipv4/tcp_ipv4.c |
6300 |
+++ b/net/ipv4/tcp_ipv4.c |
6301 |
@@ -89,6 +89,10 @@ int sysctl_tcp_tw_reuse __read_mostly; |
6302 |
@@ -103610,19 +103480,6 @@ index 63d2680..2db9d6b 100644 |
6303 |
} else if (fastopen) { /* received a valid RST pkt */ |
6304 |
reqsk_fastopen_remove(sk, req, true); |
6305 |
tcp_reset(sk); |
6306 |
-diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
6307 |
-index 9790f39..9f29453 100644 |
6308 |
---- a/net/ipv4/tcp_output.c |
6309 |
-+++ b/net/ipv4/tcp_output.c |
6310 |
-@@ -2931,6 +2931,8 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, |
6311 |
- } |
6312 |
- #endif |
6313 |
- |
6314 |
-+ /* Do not fool tcpdump (if any), clean our debris */ |
6315 |
-+ skb->tstamp.tv64 = 0; |
6316 |
- return skb; |
6317 |
- } |
6318 |
- EXPORT_SYMBOL(tcp_make_synack); |
6319 |
diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c |
6320 |
index ebf5ff5..4d1ff32 100644 |
6321 |
--- a/net/ipv4/tcp_probe.c |
6322 |
@@ -104419,7 +104276,7 @@ index c5c10fa..2577d51 100644 |
6323 |
struct ctl_table *ipv6_icmp_table; |
6324 |
int err; |
6325 |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
6326 |
-index 9c0b54e..5e7bd8f 100644 |
6327 |
+index b899793..b783604 100644 |
6328 |
--- a/net/ipv6/tcp_ipv6.c |
6329 |
+++ b/net/ipv6/tcp_ipv6.c |
6330 |
@@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) |
6331 |
@@ -104443,7 +104300,7 @@ index 9c0b54e..5e7bd8f 100644 |
6332 |
tcp_v6_send_reset(sk, skb); |
6333 |
discard: |
6334 |
if (opt_skb) |
6335 |
-@@ -1443,12 +1450,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) |
6336 |
+@@ -1452,12 +1459,20 @@ static int tcp_v6_rcv(struct sk_buff *skb) |
6337 |
|
6338 |
sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest, |
6339 |
inet6_iif(skb)); |
6340 |
@@ -104466,7 +104323,7 @@ index 9c0b54e..5e7bd8f 100644 |
6341 |
|
6342 |
if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) { |
6343 |
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); |
6344 |
-@@ -1499,6 +1514,10 @@ csum_error: |
6345 |
+@@ -1508,6 +1523,10 @@ csum_error: |
6346 |
bad_packet: |
6347 |
TCP_INC_STATS_BH(net, TCP_MIB_INERRS); |
6348 |
} else { |
6349 |
@@ -105631,10 +105488,10 @@ index 6a55f71..e88c937 100644 |
6350 |
}; |
6351 |
|
6352 |
diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c |
6353 |
-index 2034c6d..1a24f03 100644 |
6354 |
+index 296cc24..0f4115d 100644 |
6355 |
--- a/net/openvswitch/vport.c |
6356 |
+++ b/net/openvswitch/vport.c |
6357 |
-@@ -305,10 +305,10 @@ void ovs_vport_get_stats(struct vport *vport, struct ovs_vport_stats *stats) |
6358 |
+@@ -303,10 +303,10 @@ void ovs_vport_get_stats(struct vport *vport, struct ovs_vport_stats *stats) |
6359 |
* netdev-stats can be directly read over netlink-ioctl. |
6360 |
*/ |
6361 |
|
6362 |
@@ -105649,7 +105506,7 @@ index 2034c6d..1a24f03 100644 |
6363 |
|
6364 |
for_each_possible_cpu(i) { |
6365 |
const struct pcpu_sw_netstats *percpu_stats; |
6366 |
-@@ -539,19 +539,19 @@ static void ovs_vport_record_error(struct vport *vport, |
6367 |
+@@ -537,19 +537,19 @@ static void ovs_vport_record_error(struct vport *vport, |
6368 |
{ |
6369 |
switch (err_type) { |
6370 |
case VPORT_E_RX_DROPPED: |
6371 |
|
6372 |
diff --git a/3.14.39/4425_grsec_remove_EI_PAX.patch b/3.19.6/4425_grsec_remove_EI_PAX.patch |
6373 |
similarity index 100% |
6374 |
rename from 3.14.39/4425_grsec_remove_EI_PAX.patch |
6375 |
rename to 3.19.6/4425_grsec_remove_EI_PAX.patch |
6376 |
|
6377 |
diff --git a/3.19.5/4427_force_XATTR_PAX_tmpfs.patch b/3.19.6/4427_force_XATTR_PAX_tmpfs.patch |
6378 |
similarity index 100% |
6379 |
rename from 3.19.5/4427_force_XATTR_PAX_tmpfs.patch |
6380 |
rename to 3.19.6/4427_force_XATTR_PAX_tmpfs.patch |
6381 |
|
6382 |
diff --git a/3.14.39/4430_grsec-remove-localversion-grsec.patch b/3.19.6/4430_grsec-remove-localversion-grsec.patch |
6383 |
similarity index 100% |
6384 |
rename from 3.14.39/4430_grsec-remove-localversion-grsec.patch |
6385 |
rename to 3.19.6/4430_grsec-remove-localversion-grsec.patch |
6386 |
|
6387 |
diff --git a/3.19.5/4435_grsec-mute-warnings.patch b/3.19.6/4435_grsec-mute-warnings.patch |
6388 |
similarity index 100% |
6389 |
rename from 3.19.5/4435_grsec-mute-warnings.patch |
6390 |
rename to 3.19.6/4435_grsec-mute-warnings.patch |
6391 |
|
6392 |
diff --git a/3.14.39/4440_grsec-remove-protected-paths.patch b/3.19.6/4440_grsec-remove-protected-paths.patch |
6393 |
similarity index 100% |
6394 |
rename from 3.14.39/4440_grsec-remove-protected-paths.patch |
6395 |
rename to 3.19.6/4440_grsec-remove-protected-paths.patch |
6396 |
|
6397 |
diff --git a/3.19.5/4450_grsec-kconfig-default-gids.patch b/3.19.6/4450_grsec-kconfig-default-gids.patch |
6398 |
similarity index 100% |
6399 |
rename from 3.19.5/4450_grsec-kconfig-default-gids.patch |
6400 |
rename to 3.19.6/4450_grsec-kconfig-default-gids.patch |
6401 |
|
6402 |
diff --git a/3.19.5/4465_selinux-avc_audit-log-curr_ip.patch b/3.19.6/4465_selinux-avc_audit-log-curr_ip.patch |
6403 |
similarity index 100% |
6404 |
rename from 3.19.5/4465_selinux-avc_audit-log-curr_ip.patch |
6405 |
rename to 3.19.6/4465_selinux-avc_audit-log-curr_ip.patch |
6406 |
|
6407 |
diff --git a/3.19.5/4470_disable-compat_vdso.patch b/3.19.6/4470_disable-compat_vdso.patch |
6408 |
similarity index 100% |
6409 |
rename from 3.19.5/4470_disable-compat_vdso.patch |
6410 |
rename to 3.19.6/4470_disable-compat_vdso.patch |
6411 |
|
6412 |
diff --git a/3.14.39/4475_emutramp_default_on.patch b/3.19.6/4475_emutramp_default_on.patch |
6413 |
similarity index 100% |
6414 |
rename from 3.14.39/4475_emutramp_default_on.patch |
6415 |
rename to 3.19.6/4475_emutramp_default_on.patch |