1 |
commit: 04f05e9597748ec6c7a09636e6a910d49244c26b |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jan 30 00:37:48 2013 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jan 30 00:37:48 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=04f05e95 |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.37,3.7.5}-201301281957 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.9.1-2.6.32.60-201301281956.patch} | 157 ++++++--- |
13 |
3.2.37/0000_README | 2 +- |
14 |
...420_grsecurity-2.9.1-3.2.37-201301281956.patch} | 357 ++++++++++++++++---- |
15 |
{3.7.4 => 3.7.5}/0000_README | 2 +- |
16 |
.../4420_grsecurity-2.9.1-3.7.5-201301281957.patch | 277 +++++++++------- |
17 |
{3.7.4 => 3.7.5}/4425_grsec_remove_EI_PAX.patch | 0 |
18 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
19 |
{3.7.4 => 3.7.5}/4435_grsec-mute-warnings.patch | 0 |
20 |
.../4440_grsec-remove-protected-paths.patch | 0 |
21 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
22 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
23 |
{3.7.4 => 3.7.5}/4470_disable-compat_vdso.patch | 0 |
24 |
13 files changed, 551 insertions(+), 246 deletions(-) |
25 |
|
26 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
27 |
index e95f139..584dc17 100644 |
28 |
--- a/2.6.32/0000_README |
29 |
+++ b/2.6.32/0000_README |
30 |
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch |
31 |
From: http://www.kernel.org |
32 |
Desc: Linux 2.6.32.59 |
33 |
|
34 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201301230046.patch |
35 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201301281956.patch |
36 |
From: http://www.grsecurity.net |
37 |
Desc: hardened-sources base patch from upstream grsecurity |
38 |
|
39 |
|
40 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301230046.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301281956.patch |
41 |
similarity index 99% |
42 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301230046.patch |
43 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301281956.patch |
44 |
index 5cfce60..dd6c22f 100644 |
45 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301230046.patch |
46 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301281956.patch |
47 |
@@ -70315,7 +70315,7 @@ index b9b37ff..19dfa23 100644 |
48 |
.close = binder_vma_close, |
49 |
}; |
50 |
diff --git a/drivers/staging/b3dfg/b3dfg.c b/drivers/staging/b3dfg/b3dfg.c |
51 |
-index cda26bb..39fed3f 100644 |
52 |
+index cda26bb4..39fed3f 100644 |
53 |
--- a/drivers/staging/b3dfg/b3dfg.c |
54 |
+++ b/drivers/staging/b3dfg/b3dfg.c |
55 |
@@ -455,7 +455,7 @@ static int b3dfg_vma_fault(struct vm_area_struct *vma, |
56 |
@@ -75182,7 +75182,7 @@ index 0133b5a..3710d09 100644 |
57 |
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm); |
58 |
#ifdef __alpha__ |
59 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
60 |
-index a64fde6..0f8c4d1 100644 |
61 |
+index a64fde6..621e25d 100644 |
62 |
--- a/fs/binfmt_elf.c |
63 |
+++ b/fs/binfmt_elf.c |
64 |
@@ -31,6 +31,7 @@ |
65 |
@@ -75651,7 +75651,7 @@ index a64fde6..0f8c4d1 100644 |
66 |
unsigned int random_variable = 0; |
67 |
|
68 |
+#ifdef CONFIG_PAX_RANDUSTACK |
69 |
-+ if (randomize_va_space) |
70 |
++ if (current->mm->pax_flags & MF_PAX_RANDMMAP) |
71 |
+ return stack_top - current->mm->delta_stack; |
72 |
+#endif |
73 |
+ |
74 |
@@ -77563,15 +77563,16 @@ index ff57421..f65f88a 100644 |
75 |
|
76 |
out_free_fd: |
77 |
diff --git a/fs/exec.c b/fs/exec.c |
78 |
-index 86fafc6..509ab19 100644 |
79 |
+index 86fafc6..c1f24b5 100644 |
80 |
--- a/fs/exec.c |
81 |
+++ b/fs/exec.c |
82 |
-@@ -56,12 +56,33 @@ |
83 |
+@@ -56,12 +56,34 @@ |
84 |
#include <linux/fsnotify.h> |
85 |
#include <linux/fs_struct.h> |
86 |
#include <linux/pipe_fs_i.h> |
87 |
+#include <linux/random.h> |
88 |
+#include <linux/seq_file.h> |
89 |
++#include <linux/mman.h> |
90 |
+ |
91 |
+#ifdef CONFIG_PAX_REFCOUNT |
92 |
+#include <linux/kallsyms.h> |
93 |
@@ -77600,7 +77601,7 @@ index 86fafc6..509ab19 100644 |
94 |
int core_uses_pid; |
95 |
char core_pattern[CORENAME_MAX_SIZE] = "core"; |
96 |
unsigned int core_pipe_limit; |
97 |
-@@ -178,18 +199,10 @@ struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
98 |
+@@ -178,18 +200,10 @@ struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
99 |
int write) |
100 |
{ |
101 |
struct page *page; |
102 |
@@ -77622,7 +77623,7 @@ index 86fafc6..509ab19 100644 |
103 |
return NULL; |
104 |
|
105 |
if (write) { |
106 |
-@@ -205,6 +218,17 @@ struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
107 |
+@@ -205,6 +219,17 @@ struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
108 |
if (size <= ARG_MAX) |
109 |
return page; |
110 |
|
111 |
@@ -77640,7 +77641,7 @@ index 86fafc6..509ab19 100644 |
112 |
/* |
113 |
* Limit to 1/4-th the stack size for the argv+env strings. |
114 |
* This ensures that: |
115 |
-@@ -263,6 +287,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
116 |
+@@ -263,6 +288,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
117 |
vma->vm_end = STACK_TOP_MAX; |
118 |
vma->vm_start = vma->vm_end - PAGE_SIZE; |
119 |
vma->vm_flags = VM_STACK_FLAGS; |
120 |
@@ -77652,7 +77653,7 @@ index 86fafc6..509ab19 100644 |
121 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
122 |
|
123 |
err = security_file_mmap(NULL, 0, 0, 0, vma->vm_start, 1); |
124 |
-@@ -276,6 +305,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
125 |
+@@ -276,6 +306,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
126 |
mm->stack_vm = mm->total_vm = 1; |
127 |
up_write(&mm->mmap_sem); |
128 |
bprm->p = vma->vm_end - sizeof(void *); |
129 |
@@ -77665,7 +77666,7 @@ index 86fafc6..509ab19 100644 |
130 |
return 0; |
131 |
err: |
132 |
up_write(&mm->mmap_sem); |
133 |
-@@ -400,8 +435,9 @@ static int count(char __user * __user * argv, int max) |
134 |
+@@ -400,8 +436,9 @@ static int count(char __user * __user * argv, int max) |
135 |
if (!p) |
136 |
break; |
137 |
argv++; |
138 |
@@ -77676,7 +77677,7 @@ index 86fafc6..509ab19 100644 |
139 |
|
140 |
if (fatal_signal_pending(current)) |
141 |
return -ERESTARTNOHAND; |
142 |
-@@ -510,7 +546,7 @@ int copy_strings_kernel(int argc,char ** argv, struct linux_binprm *bprm) |
143 |
+@@ -510,7 +547,7 @@ int copy_strings_kernel(int argc,char ** argv, struct linux_binprm *bprm) |
144 |
int r; |
145 |
mm_segment_t oldfs = get_fs(); |
146 |
set_fs(KERNEL_DS); |
147 |
@@ -77685,7 +77686,7 @@ index 86fafc6..509ab19 100644 |
148 |
set_fs(oldfs); |
149 |
return r; |
150 |
} |
151 |
-@@ -540,7 +576,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
152 |
+@@ -540,7 +577,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
153 |
unsigned long new_end = old_end - shift; |
154 |
struct mmu_gather *tlb; |
155 |
|
156 |
@@ -77695,7 +77696,7 @@ index 86fafc6..509ab19 100644 |
157 |
|
158 |
/* |
159 |
* ensure there are no vmas between where we want to go |
160 |
-@@ -549,6 +586,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
161 |
+@@ -549,6 +587,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
162 |
if (vma != find_vma(mm, new_start)) |
163 |
return -EFAULT; |
164 |
|
165 |
@@ -77706,7 +77707,7 @@ index 86fafc6..509ab19 100644 |
166 |
/* |
167 |
* cover the whole range: [new_start, old_end) |
168 |
*/ |
169 |
-@@ -630,10 +671,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
170 |
+@@ -630,10 +672,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
171 |
stack_top = arch_align_stack(stack_top); |
172 |
stack_top = PAGE_ALIGN(stack_top); |
173 |
|
174 |
@@ -77717,7 +77718,7 @@ index 86fafc6..509ab19 100644 |
175 |
stack_shift = vma->vm_end - stack_top; |
176 |
|
177 |
bprm->p -= stack_shift; |
178 |
-@@ -645,6 +682,14 @@ int setup_arg_pages(struct linux_binprm *bprm, |
179 |
+@@ -645,6 +683,14 @@ int setup_arg_pages(struct linux_binprm *bprm, |
180 |
bprm->exec -= stack_shift; |
181 |
|
182 |
down_write(&mm->mmap_sem); |
183 |
@@ -77732,7 +77733,7 @@ index 86fafc6..509ab19 100644 |
184 |
vm_flags = VM_STACK_FLAGS; |
185 |
|
186 |
/* |
187 |
-@@ -658,19 +703,24 @@ int setup_arg_pages(struct linux_binprm *bprm, |
188 |
+@@ -658,19 +704,24 @@ int setup_arg_pages(struct linux_binprm *bprm, |
189 |
vm_flags &= ~VM_EXEC; |
190 |
vm_flags |= mm->def_flags; |
191 |
|
192 |
@@ -77764,7 +77765,35 @@ index 86fafc6..509ab19 100644 |
193 |
stack_expand = EXTRA_STACK_VM_PAGES * PAGE_SIZE; |
194 |
stack_size = vma->vm_end - vma->vm_start; |
195 |
/* |
196 |
-@@ -721,6 +771,8 @@ struct file *open_exec(const char *name) |
197 |
+@@ -690,6 +741,27 @@ int setup_arg_pages(struct linux_binprm *bprm, |
198 |
+ stack_base = vma->vm_start - stack_expand; |
199 |
+ #endif |
200 |
+ ret = expand_stack(vma, stack_base); |
201 |
++ |
202 |
++#if !defined(CONFIG_STACK_GROWSUP) && defined(CONFIG_PAX_ASLR) |
203 |
++ if (!ret && (mm->pax_flags & MF_PAX_RANDMMAP) && STACK_TOP <= 0xFFFFFFFFU && STACK_TOP > vma->vm_end) { |
204 |
++ unsigned long size, flags, vm_flags; |
205 |
++ |
206 |
++ size = STACK_TOP - vma->vm_end; |
207 |
++ flags = MAP_FIXED | MAP_PRIVATE; |
208 |
++ vm_flags = VM_DONTEXPAND | VM_RESERVED; |
209 |
++ |
210 |
++ ret = vma->vm_end != mmap_region(NULL, vma->vm_end, size, flags, vm_flags, 0); |
211 |
++ |
212 |
++#ifdef CONFIG_X86 |
213 |
++ if (!ret) { |
214 |
++ size = mmap_min_addr + ((mm->delta_mmap ^ mm->delta_stack) & (0xFFUL << PAGE_SHIFT)); |
215 |
++ ret = 0 != mmap_region(NULL, 0, size, flags, vm_flags, 0); |
216 |
++ } |
217 |
++#endif |
218 |
++ |
219 |
++ } |
220 |
++#endif |
221 |
++ |
222 |
+ if (ret) |
223 |
+ ret = -EFAULT; |
224 |
+ |
225 |
+@@ -721,6 +793,8 @@ struct file *open_exec(const char *name) |
226 |
|
227 |
fsnotify_open(file->f_path.dentry); |
228 |
|
229 |
@@ -77773,7 +77802,7 @@ index 86fafc6..509ab19 100644 |
230 |
err = deny_write_access(file); |
231 |
if (err) |
232 |
goto exit; |
233 |
-@@ -744,7 +796,7 @@ int kernel_read(struct file *file, loff_t offset, |
234 |
+@@ -744,7 +818,7 @@ int kernel_read(struct file *file, loff_t offset, |
235 |
old_fs = get_fs(); |
236 |
set_fs(get_ds()); |
237 |
/* The cast to a user pointer is valid due to the set_fs() */ |
238 |
@@ -77782,7 +77811,7 @@ index 86fafc6..509ab19 100644 |
239 |
set_fs(old_fs); |
240 |
return result; |
241 |
} |
242 |
-@@ -985,6 +1037,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
243 |
+@@ -985,6 +1059,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
244 |
perf_event_comm(tsk); |
245 |
} |
246 |
|
247 |
@@ -77804,7 +77833,7 @@ index 86fafc6..509ab19 100644 |
248 |
int flush_old_exec(struct linux_binprm * bprm) |
249 |
{ |
250 |
int retval; |
251 |
-@@ -999,6 +1066,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
252 |
+@@ -999,6 +1088,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
253 |
|
254 |
set_mm_exe_file(bprm->mm, bprm->file); |
255 |
|
256 |
@@ -77812,7 +77841,7 @@ index 86fafc6..509ab19 100644 |
257 |
/* |
258 |
* Release all of the old mmap stuff |
259 |
*/ |
260 |
-@@ -1023,10 +1091,6 @@ EXPORT_SYMBOL(flush_old_exec); |
261 |
+@@ -1023,10 +1113,6 @@ EXPORT_SYMBOL(flush_old_exec); |
262 |
|
263 |
void setup_new_exec(struct linux_binprm * bprm) |
264 |
{ |
265 |
@@ -77823,7 +77852,7 @@ index 86fafc6..509ab19 100644 |
266 |
arch_pick_mmap_layout(current->mm); |
267 |
|
268 |
/* This is the point of no return */ |
269 |
-@@ -1037,18 +1101,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
270 |
+@@ -1037,18 +1123,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
271 |
else |
272 |
set_dumpable(current->mm, suid_dumpable); |
273 |
|
274 |
@@ -77843,7 +77872,7 @@ index 86fafc6..509ab19 100644 |
275 |
|
276 |
/* Set the new mm task size. We have to do that late because it may |
277 |
* depend on TIF_32BIT which is only updated in flush_thread() on |
278 |
-@@ -1090,14 +1143,14 @@ EXPORT_SYMBOL(setup_new_exec); |
279 |
+@@ -1090,14 +1165,14 @@ EXPORT_SYMBOL(setup_new_exec); |
280 |
*/ |
281 |
int prepare_bprm_creds(struct linux_binprm *bprm) |
282 |
{ |
283 |
@@ -77860,7 +77889,7 @@ index 86fafc6..509ab19 100644 |
284 |
return -ENOMEM; |
285 |
} |
286 |
|
287 |
-@@ -1105,7 +1158,7 @@ void free_bprm(struct linux_binprm *bprm) |
288 |
+@@ -1105,7 +1180,7 @@ void free_bprm(struct linux_binprm *bprm) |
289 |
{ |
290 |
free_arg_pages(bprm); |
291 |
if (bprm->cred) { |
292 |
@@ -77869,7 +77898,7 @@ index 86fafc6..509ab19 100644 |
293 |
abort_creds(bprm->cred); |
294 |
} |
295 |
kfree(bprm); |
296 |
-@@ -1126,13 +1179,13 @@ void install_exec_creds(struct linux_binprm *bprm) |
297 |
+@@ -1126,13 +1201,13 @@ void install_exec_creds(struct linux_binprm *bprm) |
298 |
* credentials; any time after this it may be unlocked. |
299 |
*/ |
300 |
security_bprm_committed_creds(bprm); |
301 |
@@ -77885,7 +77914,7 @@ index 86fafc6..509ab19 100644 |
302 |
* PTRACE_ATTACH |
303 |
*/ |
304 |
int check_unsafe_exec(struct linux_binprm *bprm) |
305 |
-@@ -1152,7 +1205,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
306 |
+@@ -1152,7 +1227,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
307 |
} |
308 |
rcu_read_unlock(); |
309 |
|
310 |
@@ -77894,7 +77923,7 @@ index 86fafc6..509ab19 100644 |
311 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
312 |
} else { |
313 |
res = -EAGAIN; |
314 |
-@@ -1339,6 +1392,21 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
315 |
+@@ -1339,6 +1414,21 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
316 |
|
317 |
EXPORT_SYMBOL(search_binary_handler); |
318 |
|
319 |
@@ -77916,7 +77945,7 @@ index 86fafc6..509ab19 100644 |
320 |
/* |
321 |
* sys_execve() executes a new program. |
322 |
*/ |
323 |
-@@ -1347,11 +1415,35 @@ int do_execve(char * filename, |
324 |
+@@ -1347,11 +1437,35 @@ int do_execve(char * filename, |
325 |
char __user *__user *envp, |
326 |
struct pt_regs * regs) |
327 |
{ |
328 |
@@ -77952,7 +77981,7 @@ index 86fafc6..509ab19 100644 |
329 |
|
330 |
retval = unshare_files(&displaced); |
331 |
if (retval) |
332 |
-@@ -1377,12 +1469,27 @@ int do_execve(char * filename, |
333 |
+@@ -1377,12 +1491,27 @@ int do_execve(char * filename, |
334 |
if (IS_ERR(file)) |
335 |
goto out_unmark; |
336 |
|
337 |
@@ -77980,7 +78009,7 @@ index 86fafc6..509ab19 100644 |
338 |
retval = bprm_mm_init(bprm); |
339 |
if (retval) |
340 |
goto out_file; |
341 |
-@@ -1399,25 +1506,66 @@ int do_execve(char * filename, |
342 |
+@@ -1399,25 +1528,66 @@ int do_execve(char * filename, |
343 |
if (retval < 0) |
344 |
goto out; |
345 |
|
346 |
@@ -78051,7 +78080,7 @@ index 86fafc6..509ab19 100644 |
347 |
current->fs->in_exec = 0; |
348 |
current->in_execve = 0; |
349 |
acct_update_integrals(current); |
350 |
-@@ -1426,6 +1574,14 @@ int do_execve(char * filename, |
351 |
+@@ -1426,6 +1596,14 @@ int do_execve(char * filename, |
352 |
put_files_struct(displaced); |
353 |
return retval; |
354 |
|
355 |
@@ -78066,7 +78095,7 @@ index 86fafc6..509ab19 100644 |
356 |
out: |
357 |
if (bprm->mm) { |
358 |
acct_arg_size(bprm, 0); |
359 |
-@@ -1591,6 +1747,251 @@ out: |
360 |
+@@ -1591,6 +1769,251 @@ out: |
361 |
return ispipe; |
362 |
} |
363 |
|
364 |
@@ -78318,7 +78347,7 @@ index 86fafc6..509ab19 100644 |
365 |
static int zap_process(struct task_struct *start) |
366 |
{ |
367 |
struct task_struct *t; |
368 |
-@@ -1793,17 +2194,17 @@ static void wait_for_dump_helpers(struct file *file) |
369 |
+@@ -1793,17 +2216,17 @@ static void wait_for_dump_helpers(struct file *file) |
370 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
371 |
|
372 |
pipe_lock(pipe); |
373 |
@@ -78341,7 +78370,7 @@ index 86fafc6..509ab19 100644 |
374 |
pipe_unlock(pipe); |
375 |
|
376 |
} |
377 |
-@@ -1826,10 +2227,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
378 |
+@@ -1826,10 +2249,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
379 |
char **helper_argv = NULL; |
380 |
int helper_argc = 0; |
381 |
int dump_count = 0; |
382 |
@@ -78356,7 +78385,7 @@ index 86fafc6..509ab19 100644 |
383 |
binfmt = mm->binfmt; |
384 |
if (!binfmt || !binfmt->core_dump) |
385 |
goto fail; |
386 |
-@@ -1874,6 +2278,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
387 |
+@@ -1874,6 +2300,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
388 |
*/ |
389 |
clear_thread_flag(TIF_SIGPENDING); |
390 |
|
391 |
@@ -78365,7 +78394,7 @@ index 86fafc6..509ab19 100644 |
392 |
/* |
393 |
* lock_kernel() because format_corename() is controlled by sysctl, which |
394 |
* uses lock_kernel() |
395 |
-@@ -1908,7 +2314,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
396 |
+@@ -1908,7 +2336,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
397 |
goto fail_unlock; |
398 |
} |
399 |
|
400 |
@@ -78374,7 +78403,7 @@ index 86fafc6..509ab19 100644 |
401 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
402 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
403 |
task_tgid_vnr(current), current->comm); |
404 |
-@@ -1972,7 +2378,7 @@ close_fail: |
405 |
+@@ -1972,7 +2400,7 @@ close_fail: |
406 |
filp_close(file, NULL); |
407 |
fail_dropcount: |
408 |
if (dump_count) |
409 |
@@ -100120,7 +100149,7 @@ index 5ad70a6..108e1dc 100644 |
410 |
|
411 |
#ifdef CONFIG_KMEMTRACE |
412 |
diff --git a/include/linux/snmp.h b/include/linux/snmp.h |
413 |
-index 0f953fe..05d45da 100644 |
414 |
+index 0f953fe4..05d45da 100644 |
415 |
--- a/include/linux/snmp.h |
416 |
+++ b/include/linux/snmp.h |
417 |
@@ -208,7 +208,6 @@ enum |
418 |
@@ -106263,10 +106292,20 @@ index 29bd4ba..8c5de90 100644 |
419 |
WARN_ON(pendowner->pi_blocked_on->lock != lock); |
420 |
|
421 |
diff --git a/kernel/sched.c b/kernel/sched.c |
422 |
-index 0591df8..db35e3d 100644 |
423 |
+index 0591df8..dcf3f9f 100644 |
424 |
--- a/kernel/sched.c |
425 |
+++ b/kernel/sched.c |
426 |
-@@ -5043,7 +5043,7 @@ out: |
427 |
+@@ -2618,7 +2618,8 @@ out: |
428 |
+ */ |
429 |
+ int wake_up_process(struct task_struct *p) |
430 |
+ { |
431 |
+- return try_to_wake_up(p, TASK_ALL, 0); |
432 |
++ WARN_ON(task_is_stopped_or_traced(p)); |
433 |
++ return try_to_wake_up(p, TASK_NORMAL, 0); |
434 |
+ } |
435 |
+ EXPORT_SYMBOL(wake_up_process); |
436 |
+ |
437 |
+@@ -5043,7 +5044,7 @@ out: |
438 |
* In CONFIG_NO_HZ case, the idle load balance owner will do the |
439 |
* rebalancing for all the cpus for whom scheduler ticks are stopped. |
440 |
*/ |
441 |
@@ -106275,7 +106314,7 @@ index 0591df8..db35e3d 100644 |
442 |
{ |
443 |
int this_cpu = smp_processor_id(); |
444 |
struct rq *this_rq = cpu_rq(this_cpu); |
445 |
-@@ -5700,6 +5700,8 @@ asmlinkage void __sched schedule(void) |
446 |
+@@ -5700,6 +5701,8 @@ asmlinkage void __sched schedule(void) |
447 |
struct rq *rq; |
448 |
int cpu; |
449 |
|
450 |
@@ -106284,7 +106323,7 @@ index 0591df8..db35e3d 100644 |
451 |
need_resched: |
452 |
preempt_disable(); |
453 |
cpu = smp_processor_id(); |
454 |
-@@ -5770,7 +5772,7 @@ EXPORT_SYMBOL(schedule); |
455 |
+@@ -5770,7 +5773,7 @@ EXPORT_SYMBOL(schedule); |
456 |
* Look out! "owner" is an entirely speculative pointer |
457 |
* access and not reliable. |
458 |
*/ |
459 |
@@ -106293,7 +106332,7 @@ index 0591df8..db35e3d 100644 |
460 |
{ |
461 |
unsigned int cpu; |
462 |
struct rq *rq; |
463 |
-@@ -5784,10 +5786,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
464 |
+@@ -5784,10 +5787,10 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
465 |
* DEBUG_PAGEALLOC could have unmapped it if |
466 |
* the mutex owner just released it and exited. |
467 |
*/ |
468 |
@@ -106306,7 +106345,7 @@ index 0591df8..db35e3d 100644 |
469 |
#endif |
470 |
|
471 |
/* |
472 |
-@@ -5816,7 +5818,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
473 |
+@@ -5816,7 +5819,7 @@ int mutex_spin_on_owner(struct mutex *lock, struct thread_info *owner) |
474 |
/* |
475 |
* Is that owner really running on that cpu? |
476 |
*/ |
477 |
@@ -106315,7 +106354,7 @@ index 0591df8..db35e3d 100644 |
478 |
return 0; |
479 |
|
480 |
cpu_relax(); |
481 |
-@@ -6359,6 +6361,8 @@ int can_nice(const struct task_struct *p, const int nice) |
482 |
+@@ -6359,6 +6362,8 @@ int can_nice(const struct task_struct *p, const int nice) |
483 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
484 |
int nice_rlim = 20 - nice; |
485 |
|
486 |
@@ -106324,7 +106363,7 @@ index 0591df8..db35e3d 100644 |
487 |
return (nice_rlim <= p->signal->rlim[RLIMIT_NICE].rlim_cur || |
488 |
capable(CAP_SYS_NICE)); |
489 |
} |
490 |
-@@ -6392,7 +6396,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
491 |
+@@ -6392,7 +6397,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
492 |
if (nice > 19) |
493 |
nice = 19; |
494 |
|
495 |
@@ -106334,7 +106373,7 @@ index 0591df8..db35e3d 100644 |
496 |
return -EPERM; |
497 |
|
498 |
retval = security_task_setnice(current, nice); |
499 |
-@@ -8774,7 +8779,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
500 |
+@@ -8774,7 +8780,7 @@ static void init_sched_groups_power(int cpu, struct sched_domain *sd) |
501 |
long power; |
502 |
int weight; |
503 |
|
504 |
@@ -107273,7 +107312,7 @@ index d9d6206..f19467e 100644 |
505 |
ret = -EIO; |
506 |
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt, |
507 |
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c |
508 |
-index 4872937..ec96a13 100644 |
509 |
+index 4872937..26ba80f 100644 |
510 |
--- a/kernel/trace/ftrace.c |
511 |
+++ b/kernel/trace/ftrace.c |
512 |
@@ -1100,13 +1100,18 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) |
513 |
@@ -107297,6 +107336,15 @@ index 4872937..ec96a13 100644 |
514 |
} |
515 |
|
516 |
/* |
517 |
+@@ -2726,7 +2731,7 @@ static int ftrace_module_notify(struct notifier_block *self, |
518 |
+ |
519 |
+ struct notifier_block ftrace_module_nb = { |
520 |
+ .notifier_call = ftrace_module_notify, |
521 |
+- .priority = 0, |
522 |
++ .priority = INT_MAX, /* Run before anything that can use kprobes */ |
523 |
+ }; |
524 |
+ |
525 |
+ extern unsigned long __start_mcount_loc[]; |
526 |
@@ -3068,8 +3073,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write, |
527 |
#ifdef CONFIG_FUNCTION_GRAPH_TRACER |
528 |
|
529 |
@@ -108697,7 +108745,7 @@ index f03e8e2..7354343 100644 |
530 |
|
531 |
|
532 |
diff --git a/mm/kmemleak.c b/mm/kmemleak.c |
533 |
-index c346660..b47382f 100644 |
534 |
+index c346660..33486fe 100644 |
535 |
--- a/mm/kmemleak.c |
536 |
+++ b/mm/kmemleak.c |
537 |
@@ -358,7 +358,7 @@ static void print_unreferenced(struct seq_file *seq, |
538 |
@@ -108705,10 +108753,19 @@ index c346660..b47382f 100644 |
539 |
for (i = 0; i < object->trace_len; i++) { |
540 |
void *ptr = (void *)object->trace[i]; |
541 |
- seq_printf(seq, " [<%p>] %pS\n", ptr, ptr); |
542 |
-+ seq_printf(seq, " [<%p>] %pA\n", ptr, ptr); |
543 |
++ seq_printf(seq, " [<%pP>] %pA\n", ptr, ptr); |
544 |
} |
545 |
} |
546 |
|
547 |
+@@ -1677,7 +1677,7 @@ static int __init kmemleak_late_init(void) |
548 |
+ return -ENOMEM; |
549 |
+ } |
550 |
+ |
551 |
+- dentry = debugfs_create_file("kmemleak", S_IRUGO, NULL, NULL, |
552 |
++ dentry = debugfs_create_file("kmemleak", S_IRUSR, NULL, NULL, |
553 |
+ &kmemleak_fops); |
554 |
+ if (!dentry) |
555 |
+ pr_warning("Failed to create the debugfs kmemleak file\n"); |
556 |
diff --git a/mm/maccess.c b/mm/maccess.c |
557 |
index 9073695..1127f348 100644 |
558 |
--- a/mm/maccess.c |
559 |
|
560 |
diff --git a/3.2.37/0000_README b/3.2.37/0000_README |
561 |
index 4df42aa..f61fd16 100644 |
562 |
--- a/3.2.37/0000_README |
563 |
+++ b/3.2.37/0000_README |
564 |
@@ -66,7 +66,7 @@ Patch: 1036_linux-3.2.37.patch |
565 |
From: http://www.kernel.org |
566 |
Desc: Linux 3.2.37 |
567 |
|
568 |
-Patch: 4420_grsecurity-2.9.1-3.2.37-201301230047.patch |
569 |
+Patch: 4420_grsecurity-2.9.1-3.2.37-201301281956.patch |
570 |
From: http://www.grsecurity.net |
571 |
Desc: hardened-sources base patch from upstream grsecurity |
572 |
|
573 |
|
574 |
diff --git a/3.2.37/4420_grsecurity-2.9.1-3.2.37-201301230047.patch b/3.2.37/4420_grsecurity-2.9.1-3.2.37-201301281956.patch |
575 |
similarity index 99% |
576 |
rename from 3.2.37/4420_grsecurity-2.9.1-3.2.37-201301230047.patch |
577 |
rename to 3.2.37/4420_grsecurity-2.9.1-3.2.37-201301281956.patch |
578 |
index b33e963..c2ee615 100644 |
579 |
--- a/3.2.37/4420_grsecurity-2.9.1-3.2.37-201301230047.patch |
580 |
+++ b/3.2.37/4420_grsecurity-2.9.1-3.2.37-201301281956.patch |
581 |
@@ -3207,7 +3207,7 @@ index 937cf33..adb39bb 100644 |
582 |
* This routine handles page faults. It determines the address, |
583 |
* and the problem, and then passes it off to one of the appropriate |
584 |
diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c |
585 |
-index 302d779..ad1772c 100644 |
586 |
+index 302d779..573314a 100644 |
587 |
--- a/arch/mips/mm/mmap.c |
588 |
+++ b/arch/mips/mm/mmap.c |
589 |
@@ -71,6 +71,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
590 |
@@ -3258,7 +3258,19 @@ index 302d779..ad1772c 100644 |
591 |
/* cache the address as a hint for next time */ |
592 |
return mm->free_area_cache = addr - len; |
593 |
} |
594 |
-@@ -165,7 +170,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
595 |
+@@ -155,17 +160,17 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
596 |
+ goto bottomup; |
597 |
+ |
598 |
+ addr = mm->mmap_base - len; |
599 |
+- if (do_color_align) |
600 |
+- addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
601 |
+ |
602 |
+ do { |
603 |
++ if (do_color_align) |
604 |
++ addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
605 |
+ /* |
606 |
+ * Lookup failure means no vma is above this address, |
607 |
+ * else if new region fits below vma->vm_start, |
608 |
* return with success: |
609 |
*/ |
610 |
vma = find_vma(mm, addr); |
611 |
@@ -3267,7 +3279,20 @@ index 302d779..ad1772c 100644 |
612 |
/* cache the address as a hint for next time */ |
613 |
return mm->free_area_cache = addr; |
614 |
} |
615 |
-@@ -242,30 +247,3 @@ void arch_pick_mmap_layout(struct mm_struct *mm) |
616 |
+@@ -175,10 +180,8 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
617 |
+ mm->cached_hole_size = vma->vm_start - addr; |
618 |
+ |
619 |
+ /* try just below the current vma->vm_start */ |
620 |
+- addr = vma->vm_start - len; |
621 |
+- if (do_color_align) |
622 |
+- addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
623 |
+- } while (likely(len < vma->vm_start)); |
624 |
++ addr = skip_heap_stack_gap(vma, len, offset); |
625 |
++ } while (!IS_ERR_VALUE(addr)); |
626 |
+ |
627 |
+ bottomup: |
628 |
+ /* |
629 |
+@@ -242,30 +245,3 @@ void arch_pick_mmap_layout(struct mm_struct *mm) |
630 |
mm->unmap_area = arch_unmap_area_topdown; |
631 |
} |
632 |
} |
633 |
@@ -19327,7 +19352,7 @@ index 6a364a6..b147d11 100644 |
634 |
ip = *(u64 *)(fp+8); |
635 |
if (!in_sched_functions(ip)) |
636 |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c |
637 |
-index 2dc4121..89febda 100644 |
638 |
+index 2dc4121..5178bcc 100644 |
639 |
--- a/arch/x86/kernel/ptrace.c |
640 |
+++ b/arch/x86/kernel/ptrace.c |
641 |
@@ -181,14 +181,13 @@ unsigned long kernel_stack_pointer(struct pt_regs *regs) |
642 |
@@ -19349,6 +19374,15 @@ index 2dc4121..89febda 100644 |
643 |
|
644 |
return (unsigned long)regs; |
645 |
} |
646 |
+@@ -585,7 +584,7 @@ static void ptrace_triggered(struct perf_event *bp, |
647 |
+ static unsigned long ptrace_get_dr7(struct perf_event *bp[]) |
648 |
+ { |
649 |
+ int i; |
650 |
+- int dr7 = 0; |
651 |
++ unsigned long dr7 = 0; |
652 |
+ struct arch_hw_breakpoint *info; |
653 |
+ |
654 |
+ for (i = 0; i < HBP_NUM; i++) { |
655 |
@@ -852,7 +851,7 @@ long arch_ptrace(struct task_struct *child, long request, |
656 |
unsigned long addr, unsigned long data) |
657 |
{ |
658 |
@@ -36651,7 +36685,7 @@ index b94d5f7..7f494c5 100644 |
659 |
extern int xpc_disengage_timedout; |
660 |
extern int xpc_activate_IRQ_rcvd; |
661 |
diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c |
662 |
-index d971817..3805cce 100644 |
663 |
+index d971817..33bdca5 100644 |
664 |
--- a/drivers/misc/sgi-xp/xpc_main.c |
665 |
+++ b/drivers/misc/sgi-xp/xpc_main.c |
666 |
@@ -166,7 +166,7 @@ static struct notifier_block xpc_die_notifier = { |
667 |
@@ -36663,6 +36697,15 @@ index d971817..3805cce 100644 |
668 |
|
669 |
/* |
670 |
* Timer function to enforce the timelimit on the partition disengage. |
671 |
+@@ -1210,7 +1210,7 @@ xpc_system_die(struct notifier_block *nb, unsigned long event, void *_die_args) |
672 |
+ |
673 |
+ if (((die_args->trapnr == X86_TRAP_MF) || |
674 |
+ (die_args->trapnr == X86_TRAP_XF)) && |
675 |
+- !user_mode_vm(die_args->regs)) |
676 |
++ !user_mode(die_args->regs)) |
677 |
+ xpc_die_deactivate(); |
678 |
+ |
679 |
+ break; |
680 |
diff --git a/drivers/misc/ti-st/st_core.c b/drivers/misc/ti-st/st_core.c |
681 |
index ba168a7..399925d6 100644 |
682 |
--- a/drivers/misc/ti-st/st_core.c |
683 |
@@ -44544,7 +44587,7 @@ index a6395bd..f1e376a 100644 |
684 |
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm); |
685 |
#ifdef __alpha__ |
686 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
687 |
-index 8dd615c..e65f3cf 100644 |
688 |
+index 8dd615c..60fbfd2 100644 |
689 |
--- a/fs/binfmt_elf.c |
690 |
+++ b/fs/binfmt_elf.c |
691 |
@@ -32,6 +32,7 @@ |
692 |
@@ -45011,7 +45054,7 @@ index 8dd615c..e65f3cf 100644 |
693 |
unsigned int random_variable = 0; |
694 |
|
695 |
+#ifdef CONFIG_PAX_RANDUSTACK |
696 |
-+ if (randomize_va_space) |
697 |
++ if (current->mm->pax_flags & MF_PAX_RANDMMAP) |
698 |
+ return stack_top - current->mm->delta_stack; |
699 |
+#endif |
700 |
+ |
701 |
@@ -46441,15 +46484,16 @@ index 451b9b8..12e5a03 100644 |
702 |
|
703 |
out_free_fd: |
704 |
diff --git a/fs/exec.c b/fs/exec.c |
705 |
-index c27fa0d..02a6a78 100644 |
706 |
+index c27fa0d..fbd8ac4 100644 |
707 |
--- a/fs/exec.c |
708 |
+++ b/fs/exec.c |
709 |
-@@ -55,12 +55,33 @@ |
710 |
+@@ -55,12 +55,34 @@ |
711 |
#include <linux/pipe_fs_i.h> |
712 |
#include <linux/oom.h> |
713 |
#include <linux/compat.h> |
714 |
+#include <linux/random.h> |
715 |
+#include <linux/seq_file.h> |
716 |
++#include <linux/mman.h> |
717 |
+ |
718 |
+#ifdef CONFIG_PAX_REFCOUNT |
719 |
+#include <linux/kallsyms.h> |
720 |
@@ -46478,7 +46522,7 @@ index c27fa0d..02a6a78 100644 |
721 |
int core_uses_pid; |
722 |
char core_pattern[CORENAME_MAX_SIZE] = "core"; |
723 |
unsigned int core_pipe_limit; |
724 |
-@@ -70,7 +91,7 @@ struct core_name { |
725 |
+@@ -70,7 +92,7 @@ struct core_name { |
726 |
char *corename; |
727 |
int used, size; |
728 |
}; |
729 |
@@ -46487,7 +46531,7 @@ index c27fa0d..02a6a78 100644 |
730 |
|
731 |
/* The maximal length of core_pattern is also specified in sysctl.c */ |
732 |
|
733 |
-@@ -188,18 +209,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
734 |
+@@ -188,18 +210,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
735 |
int write) |
736 |
{ |
737 |
struct page *page; |
738 |
@@ -46509,7 +46553,7 @@ index c27fa0d..02a6a78 100644 |
739 |
return NULL; |
740 |
|
741 |
if (write) { |
742 |
-@@ -215,6 +228,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
743 |
+@@ -215,6 +229,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
744 |
if (size <= ARG_MAX) |
745 |
return page; |
746 |
|
747 |
@@ -46527,7 +46571,7 @@ index c27fa0d..02a6a78 100644 |
748 |
/* |
749 |
* Limit to 1/4-th the stack size for the argv+env strings. |
750 |
* This ensures that: |
751 |
-@@ -274,6 +298,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
752 |
+@@ -274,6 +299,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
753 |
vma->vm_end = STACK_TOP_MAX; |
754 |
vma->vm_start = vma->vm_end - PAGE_SIZE; |
755 |
vma->vm_flags = VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; |
756 |
@@ -46539,7 +46583,7 @@ index c27fa0d..02a6a78 100644 |
757 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
758 |
INIT_LIST_HEAD(&vma->anon_vma_chain); |
759 |
|
760 |
-@@ -288,6 +317,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
761 |
+@@ -288,6 +318,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
762 |
mm->stack_vm = mm->total_vm = 1; |
763 |
up_write(&mm->mmap_sem); |
764 |
bprm->p = vma->vm_end - sizeof(void *); |
765 |
@@ -46552,7 +46596,7 @@ index c27fa0d..02a6a78 100644 |
766 |
return 0; |
767 |
err: |
768 |
up_write(&mm->mmap_sem); |
769 |
-@@ -396,19 +431,7 @@ err: |
770 |
+@@ -396,19 +432,7 @@ err: |
771 |
return err; |
772 |
} |
773 |
|
774 |
@@ -46573,7 +46617,7 @@ index c27fa0d..02a6a78 100644 |
775 |
{ |
776 |
const char __user *native; |
777 |
|
778 |
-@@ -417,14 +440,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
779 |
+@@ -417,14 +441,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
780 |
compat_uptr_t compat; |
781 |
|
782 |
if (get_user(compat, argv.ptr.compat + nr)) |
783 |
@@ -46590,7 +46634,7 @@ index c27fa0d..02a6a78 100644 |
784 |
|
785 |
return native; |
786 |
} |
787 |
-@@ -443,11 +466,12 @@ static int count(struct user_arg_ptr argv, int max) |
788 |
+@@ -443,11 +467,12 @@ static int count(struct user_arg_ptr argv, int max) |
789 |
if (!p) |
790 |
break; |
791 |
|
792 |
@@ -46605,7 +46649,7 @@ index c27fa0d..02a6a78 100644 |
793 |
|
794 |
if (fatal_signal_pending(current)) |
795 |
return -ERESTARTNOHAND; |
796 |
-@@ -477,7 +501,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, |
797 |
+@@ -477,7 +502,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, |
798 |
|
799 |
ret = -EFAULT; |
800 |
str = get_user_arg_ptr(argv, argc); |
801 |
@@ -46614,7 +46658,7 @@ index c27fa0d..02a6a78 100644 |
802 |
goto out; |
803 |
|
804 |
len = strnlen_user(str, MAX_ARG_STRLEN); |
805 |
-@@ -559,7 +583,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, |
806 |
+@@ -559,7 +584,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, |
807 |
int r; |
808 |
mm_segment_t oldfs = get_fs(); |
809 |
struct user_arg_ptr argv = { |
810 |
@@ -46623,7 +46667,7 @@ index c27fa0d..02a6a78 100644 |
811 |
}; |
812 |
|
813 |
set_fs(KERNEL_DS); |
814 |
-@@ -594,7 +618,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
815 |
+@@ -594,7 +619,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
816 |
unsigned long new_end = old_end - shift; |
817 |
struct mmu_gather tlb; |
818 |
|
819 |
@@ -46633,7 +46677,7 @@ index c27fa0d..02a6a78 100644 |
820 |
|
821 |
/* |
822 |
* ensure there are no vmas between where we want to go |
823 |
-@@ -603,6 +628,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
824 |
+@@ -603,6 +629,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
825 |
if (vma != find_vma(mm, new_start)) |
826 |
return -EFAULT; |
827 |
|
828 |
@@ -46644,7 +46688,7 @@ index c27fa0d..02a6a78 100644 |
829 |
/* |
830 |
* cover the whole range: [new_start, old_end) |
831 |
*/ |
832 |
-@@ -683,10 +712,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
833 |
+@@ -683,10 +713,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
834 |
stack_top = arch_align_stack(stack_top); |
835 |
stack_top = PAGE_ALIGN(stack_top); |
836 |
|
837 |
@@ -46655,7 +46699,7 @@ index c27fa0d..02a6a78 100644 |
838 |
stack_shift = vma->vm_end - stack_top; |
839 |
|
840 |
bprm->p -= stack_shift; |
841 |
-@@ -698,8 +723,28 @@ int setup_arg_pages(struct linux_binprm *bprm, |
842 |
+@@ -698,8 +724,28 @@ int setup_arg_pages(struct linux_binprm *bprm, |
843 |
bprm->exec -= stack_shift; |
844 |
|
845 |
down_write(&mm->mmap_sem); |
846 |
@@ -46684,7 +46728,7 @@ index c27fa0d..02a6a78 100644 |
847 |
/* |
848 |
* Adjust stack execute permissions; explicitly enable for |
849 |
* EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone |
850 |
-@@ -718,13 +763,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
851 |
+@@ -718,13 +764,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
852 |
goto out_unlock; |
853 |
BUG_ON(prev != vma); |
854 |
|
855 |
@@ -46698,7 +46742,35 @@ index c27fa0d..02a6a78 100644 |
856 |
/* mprotect_fixup is overkill to remove the temporary stack flags */ |
857 |
vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; |
858 |
|
859 |
-@@ -782,6 +820,8 @@ struct file *open_exec(const char *name) |
860 |
+@@ -748,6 +787,27 @@ int setup_arg_pages(struct linux_binprm *bprm, |
861 |
+ #endif |
862 |
+ current->mm->start_stack = bprm->p; |
863 |
+ ret = expand_stack(vma, stack_base); |
864 |
++ |
865 |
++#if !defined(CONFIG_STACK_GROWSUP) && defined(CONFIG_PAX_ASLR) |
866 |
++ if (!ret && (mm->pax_flags & MF_PAX_RANDMMAP) && STACK_TOP <= 0xFFFFFFFFU && STACK_TOP > vma->vm_end) { |
867 |
++ unsigned long size, flags, vm_flags; |
868 |
++ |
869 |
++ size = STACK_TOP - vma->vm_end; |
870 |
++ flags = MAP_FIXED | MAP_PRIVATE; |
871 |
++ vm_flags = VM_DONTEXPAND | VM_RESERVED; |
872 |
++ |
873 |
++ ret = vma->vm_end != mmap_region(NULL, vma->vm_end, size, flags, vm_flags, 0); |
874 |
++ |
875 |
++#ifdef CONFIG_X86 |
876 |
++ if (!ret) { |
877 |
++ size = mmap_min_addr + ((mm->delta_mmap ^ mm->delta_stack) & (0xFFUL << PAGE_SHIFT)); |
878 |
++ ret = 0 != mmap_region(NULL, 0, size, flags, vm_flags, 0); |
879 |
++ } |
880 |
++#endif |
881 |
++ |
882 |
++ } |
883 |
++#endif |
884 |
++ |
885 |
+ if (ret) |
886 |
+ ret = -EFAULT; |
887 |
+ |
888 |
+@@ -782,6 +842,8 @@ struct file *open_exec(const char *name) |
889 |
|
890 |
fsnotify_open(file); |
891 |
|
892 |
@@ -46707,7 +46779,7 @@ index c27fa0d..02a6a78 100644 |
893 |
err = deny_write_access(file); |
894 |
if (err) |
895 |
goto exit; |
896 |
-@@ -805,7 +845,7 @@ int kernel_read(struct file *file, loff_t offset, |
897 |
+@@ -805,7 +867,7 @@ int kernel_read(struct file *file, loff_t offset, |
898 |
old_fs = get_fs(); |
899 |
set_fs(get_ds()); |
900 |
/* The cast to a user pointer is valid due to the set_fs() */ |
901 |
@@ -46716,7 +46788,7 @@ index c27fa0d..02a6a78 100644 |
902 |
set_fs(old_fs); |
903 |
return result; |
904 |
} |
905 |
-@@ -1070,6 +1110,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
906 |
+@@ -1070,6 +1132,21 @@ void set_task_comm(struct task_struct *tsk, char *buf) |
907 |
perf_event_comm(tsk); |
908 |
} |
909 |
|
910 |
@@ -46738,7 +46810,7 @@ index c27fa0d..02a6a78 100644 |
911 |
int flush_old_exec(struct linux_binprm * bprm) |
912 |
{ |
913 |
int retval; |
914 |
-@@ -1084,6 +1139,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
915 |
+@@ -1084,6 +1161,7 @@ int flush_old_exec(struct linux_binprm * bprm) |
916 |
|
917 |
set_mm_exe_file(bprm->mm, bprm->file); |
918 |
|
919 |
@@ -46746,7 +46818,7 @@ index c27fa0d..02a6a78 100644 |
920 |
/* |
921 |
* Release all of the old mmap stuff |
922 |
*/ |
923 |
-@@ -1116,10 +1172,6 @@ EXPORT_SYMBOL(would_dump); |
924 |
+@@ -1116,10 +1194,6 @@ EXPORT_SYMBOL(would_dump); |
925 |
|
926 |
void setup_new_exec(struct linux_binprm * bprm) |
927 |
{ |
928 |
@@ -46757,7 +46829,7 @@ index c27fa0d..02a6a78 100644 |
929 |
arch_pick_mmap_layout(current->mm); |
930 |
|
931 |
/* This is the point of no return */ |
932 |
-@@ -1130,18 +1182,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
933 |
+@@ -1130,18 +1204,7 @@ void setup_new_exec(struct linux_binprm * bprm) |
934 |
else |
935 |
set_dumpable(current->mm, suid_dumpable); |
936 |
|
937 |
@@ -46777,7 +46849,7 @@ index c27fa0d..02a6a78 100644 |
938 |
|
939 |
/* Set the new mm task size. We have to do that late because it may |
940 |
* depend on TIF_32BIT which is only updated in flush_thread() on |
941 |
-@@ -1266,7 +1307,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
942 |
+@@ -1266,7 +1329,7 @@ int check_unsafe_exec(struct linux_binprm *bprm) |
943 |
} |
944 |
rcu_read_unlock(); |
945 |
|
946 |
@@ -46786,7 +46858,7 @@ index c27fa0d..02a6a78 100644 |
947 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
948 |
} else { |
949 |
res = -EAGAIN; |
950 |
-@@ -1461,6 +1502,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
951 |
+@@ -1461,6 +1524,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
952 |
|
953 |
EXPORT_SYMBOL(search_binary_handler); |
954 |
|
955 |
@@ -46815,7 +46887,7 @@ index c27fa0d..02a6a78 100644 |
956 |
/* |
957 |
* sys_execve() executes a new program. |
958 |
*/ |
959 |
-@@ -1469,6 +1532,11 @@ static int do_execve_common(const char *filename, |
960 |
+@@ -1469,6 +1554,11 @@ static int do_execve_common(const char *filename, |
961 |
struct user_arg_ptr envp, |
962 |
struct pt_regs *regs) |
963 |
{ |
964 |
@@ -46827,7 +46899,7 @@ index c27fa0d..02a6a78 100644 |
965 |
struct linux_binprm *bprm; |
966 |
struct file *file; |
967 |
struct files_struct *displaced; |
968 |
-@@ -1476,6 +1544,8 @@ static int do_execve_common(const char *filename, |
969 |
+@@ -1476,6 +1566,8 @@ static int do_execve_common(const char *filename, |
970 |
int retval; |
971 |
const struct cred *cred = current_cred(); |
972 |
|
973 |
@@ -46836,7 +46908,7 @@ index c27fa0d..02a6a78 100644 |
974 |
/* |
975 |
* We move the actual failure in case of RLIMIT_NPROC excess from |
976 |
* set*uid() to execve() because too many poorly written programs |
977 |
-@@ -1516,12 +1586,27 @@ static int do_execve_common(const char *filename, |
978 |
+@@ -1516,12 +1608,27 @@ static int do_execve_common(const char *filename, |
979 |
if (IS_ERR(file)) |
980 |
goto out_unmark; |
981 |
|
982 |
@@ -46864,7 +46936,7 @@ index c27fa0d..02a6a78 100644 |
983 |
retval = bprm_mm_init(bprm); |
984 |
if (retval) |
985 |
goto out_file; |
986 |
-@@ -1538,24 +1623,65 @@ static int do_execve_common(const char *filename, |
987 |
+@@ -1538,24 +1645,65 @@ static int do_execve_common(const char *filename, |
988 |
if (retval < 0) |
989 |
goto out; |
990 |
|
991 |
@@ -46934,7 +47006,7 @@ index c27fa0d..02a6a78 100644 |
992 |
current->fs->in_exec = 0; |
993 |
current->in_execve = 0; |
994 |
acct_update_integrals(current); |
995 |
-@@ -1564,6 +1690,14 @@ static int do_execve_common(const char *filename, |
996 |
+@@ -1564,6 +1712,14 @@ static int do_execve_common(const char *filename, |
997 |
put_files_struct(displaced); |
998 |
return retval; |
999 |
|
1000 |
@@ -46949,7 +47021,7 @@ index c27fa0d..02a6a78 100644 |
1001 |
out: |
1002 |
if (bprm->mm) { |
1003 |
acct_arg_size(bprm, 0); |
1004 |
-@@ -1637,7 +1771,7 @@ static int expand_corename(struct core_name *cn) |
1005 |
+@@ -1637,7 +1793,7 @@ static int expand_corename(struct core_name *cn) |
1006 |
{ |
1007 |
char *old_corename = cn->corename; |
1008 |
|
1009 |
@@ -46958,7 +47030,7 @@ index c27fa0d..02a6a78 100644 |
1010 |
cn->corename = krealloc(old_corename, cn->size, GFP_KERNEL); |
1011 |
|
1012 |
if (!cn->corename) { |
1013 |
-@@ -1734,7 +1868,7 @@ static int format_corename(struct core_name *cn, long signr) |
1014 |
+@@ -1734,7 +1890,7 @@ static int format_corename(struct core_name *cn, long signr) |
1015 |
int pid_in_pattern = 0; |
1016 |
int err = 0; |
1017 |
|
1018 |
@@ -46967,7 +47039,7 @@ index c27fa0d..02a6a78 100644 |
1019 |
cn->corename = kmalloc(cn->size, GFP_KERNEL); |
1020 |
cn->used = 0; |
1021 |
|
1022 |
-@@ -1831,6 +1965,250 @@ out: |
1023 |
+@@ -1831,6 +1987,250 @@ out: |
1024 |
return ispipe; |
1025 |
} |
1026 |
|
1027 |
@@ -47218,7 +47290,7 @@ index c27fa0d..02a6a78 100644 |
1028 |
static int zap_process(struct task_struct *start, int exit_code) |
1029 |
{ |
1030 |
struct task_struct *t; |
1031 |
-@@ -2004,17 +2382,17 @@ static void coredump_finish(struct mm_struct *mm) |
1032 |
+@@ -2004,17 +2404,17 @@ static void coredump_finish(struct mm_struct *mm) |
1033 |
void set_dumpable(struct mm_struct *mm, int value) |
1034 |
{ |
1035 |
switch (value) { |
1036 |
@@ -47239,7 +47311,7 @@ index c27fa0d..02a6a78 100644 |
1037 |
set_bit(MMF_DUMP_SECURELY, &mm->flags); |
1038 |
smp_wmb(); |
1039 |
set_bit(MMF_DUMPABLE, &mm->flags); |
1040 |
-@@ -2027,7 +2405,7 @@ static int __get_dumpable(unsigned long mm_flags) |
1041 |
+@@ -2027,7 +2427,7 @@ static int __get_dumpable(unsigned long mm_flags) |
1042 |
int ret; |
1043 |
|
1044 |
ret = mm_flags & MMF_DUMPABLE_MASK; |
1045 |
@@ -47248,7 +47320,7 @@ index c27fa0d..02a6a78 100644 |
1046 |
} |
1047 |
|
1048 |
int get_dumpable(struct mm_struct *mm) |
1049 |
-@@ -2042,17 +2420,17 @@ static void wait_for_dump_helpers(struct file *file) |
1050 |
+@@ -2042,17 +2442,17 @@ static void wait_for_dump_helpers(struct file *file) |
1051 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
1052 |
|
1053 |
pipe_lock(pipe); |
1054 |
@@ -47271,7 +47343,7 @@ index c27fa0d..02a6a78 100644 |
1055 |
pipe_unlock(pipe); |
1056 |
|
1057 |
} |
1058 |
-@@ -2113,7 +2491,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1059 |
+@@ -2113,7 +2513,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1060 |
int retval = 0; |
1061 |
int flag = 0; |
1062 |
int ispipe; |
1063 |
@@ -47281,7 +47353,7 @@ index c27fa0d..02a6a78 100644 |
1064 |
struct coredump_params cprm = { |
1065 |
.signr = signr, |
1066 |
.regs = regs, |
1067 |
-@@ -2128,6 +2507,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1068 |
+@@ -2128,6 +2529,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1069 |
|
1070 |
audit_core_dumps(signr); |
1071 |
|
1072 |
@@ -47291,7 +47363,7 @@ index c27fa0d..02a6a78 100644 |
1073 |
binfmt = mm->binfmt; |
1074 |
if (!binfmt || !binfmt->core_dump) |
1075 |
goto fail; |
1076 |
-@@ -2138,14 +2520,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1077 |
+@@ -2138,14 +2542,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1078 |
if (!cred) |
1079 |
goto fail; |
1080 |
/* |
1081 |
@@ -47312,7 +47384,7 @@ index c27fa0d..02a6a78 100644 |
1082 |
} |
1083 |
|
1084 |
retval = coredump_wait(exit_code, &core_state); |
1085 |
-@@ -2195,7 +2579,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1086 |
+@@ -2195,7 +2601,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1087 |
} |
1088 |
cprm.limit = RLIM_INFINITY; |
1089 |
|
1090 |
@@ -47321,7 +47393,7 @@ index c27fa0d..02a6a78 100644 |
1091 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
1092 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
1093 |
task_tgid_vnr(current), current->comm); |
1094 |
-@@ -2222,9 +2606,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1095 |
+@@ -2222,9 +2628,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1096 |
} else { |
1097 |
struct inode *inode; |
1098 |
|
1099 |
@@ -47341,7 +47413,7 @@ index c27fa0d..02a6a78 100644 |
1100 |
cprm.file = filp_open(cn.corename, |
1101 |
O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, |
1102 |
0600); |
1103 |
-@@ -2265,7 +2659,7 @@ close_fail: |
1104 |
+@@ -2265,7 +2681,7 @@ close_fail: |
1105 |
filp_close(cprm.file, NULL); |
1106 |
fail_dropcount: |
1107 |
if (ispipe) |
1108 |
@@ -47350,7 +47422,7 @@ index c27fa0d..02a6a78 100644 |
1109 |
fail_unlock: |
1110 |
kfree(cn.corename); |
1111 |
fail_corename: |
1112 |
-@@ -2284,7 +2678,7 @@ fail: |
1113 |
+@@ -2284,7 +2700,7 @@ fail: |
1114 |
*/ |
1115 |
int dump_write(struct file *file, const void *addr, int nr) |
1116 |
{ |
1117 |
@@ -71904,10 +71976,86 @@ index 76b8e77..a2930e8 100644 |
1118 |
} |
1119 |
|
1120 |
diff --git a/kernel/ptrace.c b/kernel/ptrace.c |
1121 |
-index 78ab24a..332c915 100644 |
1122 |
+index 78ab24a..f8e2cdc 100644 |
1123 |
--- a/kernel/ptrace.c |
1124 |
+++ b/kernel/ptrace.c |
1125 |
-@@ -172,7 +172,8 @@ int ptrace_check_attach(struct task_struct *child, bool ignore_state) |
1126 |
+@@ -122,6 +122,40 @@ void __ptrace_unlink(struct task_struct *child) |
1127 |
+ spin_unlock(&child->sighand->siglock); |
1128 |
+ } |
1129 |
+ |
1130 |
++/* Ensure that nothing can wake it up, even SIGKILL */ |
1131 |
++static bool ptrace_freeze_traced(struct task_struct *task) |
1132 |
++{ |
1133 |
++ bool ret = false; |
1134 |
++ |
1135 |
++ /* Lockless, nobody but us can set this flag */ |
1136 |
++ if (task->jobctl & JOBCTL_LISTENING) |
1137 |
++ return ret; |
1138 |
++ |
1139 |
++ spin_lock_irq(&task->sighand->siglock); |
1140 |
++ if (task_is_traced(task) && !__fatal_signal_pending(task)) { |
1141 |
++ task->state = __TASK_TRACED; |
1142 |
++ ret = true; |
1143 |
++ } |
1144 |
++ spin_unlock_irq(&task->sighand->siglock); |
1145 |
++ |
1146 |
++ return ret; |
1147 |
++} |
1148 |
++ |
1149 |
++static void ptrace_unfreeze_traced(struct task_struct *task) |
1150 |
++{ |
1151 |
++ if (task->state != __TASK_TRACED) |
1152 |
++ return; |
1153 |
++ |
1154 |
++ WARN_ON(!task->ptrace || task->parent != current); |
1155 |
++ |
1156 |
++ spin_lock_irq(&task->sighand->siglock); |
1157 |
++ if (__fatal_signal_pending(task)) |
1158 |
++ wake_up_state(task, __TASK_TRACED); |
1159 |
++ else |
1160 |
++ task->state = TASK_TRACED; |
1161 |
++ spin_unlock_irq(&task->sighand->siglock); |
1162 |
++} |
1163 |
++ |
1164 |
+ /** |
1165 |
+ * ptrace_check_attach - check whether ptracee is ready for ptrace operation |
1166 |
+ * @child: ptracee to check for |
1167 |
+@@ -151,28 +185,34 @@ int ptrace_check_attach(struct task_struct *child, bool ignore_state) |
1168 |
+ * be changed by us so it's not changing right after this. |
1169 |
+ */ |
1170 |
+ read_lock(&tasklist_lock); |
1171 |
+- if ((child->ptrace & PT_PTRACED) && child->parent == current) { |
1172 |
++ if (child->ptrace && child->parent == current) { |
1173 |
++ WARN_ON(child->state == __TASK_TRACED); |
1174 |
+ /* |
1175 |
+ * child->sighand can't be NULL, release_task() |
1176 |
+ * does ptrace_unlink() before __exit_signal(). |
1177 |
+ */ |
1178 |
+- spin_lock_irq(&child->sighand->siglock); |
1179 |
+- WARN_ON_ONCE(task_is_stopped(child)); |
1180 |
+- if (ignore_state || (task_is_traced(child) && |
1181 |
+- !(child->jobctl & JOBCTL_LISTENING))) |
1182 |
++ if (ignore_state || ptrace_freeze_traced(child)) |
1183 |
+ ret = 0; |
1184 |
+- spin_unlock_irq(&child->sighand->siglock); |
1185 |
+ } |
1186 |
+ read_unlock(&tasklist_lock); |
1187 |
+ |
1188 |
+- if (!ret && !ignore_state) |
1189 |
+- ret = wait_task_inactive(child, TASK_TRACED) ? 0 : -ESRCH; |
1190 |
++ if (!ret && !ignore_state) { |
1191 |
++ if (!wait_task_inactive(child, __TASK_TRACED)) { |
1192 |
++ /* |
1193 |
++ * This can only happen if may_ptrace_stop() fails and |
1194 |
++ * ptrace_stop() changes ->state back to TASK_RUNNING, |
1195 |
++ * so we should not worry about leaking __TASK_TRACED. |
1196 |
++ */ |
1197 |
++ WARN_ON(child->state == __TASK_TRACED); |
1198 |
++ ret = -ESRCH; |
1199 |
++ } |
1200 |
++ } |
1201 |
+ |
1202 |
+- /* All systems go.. */ |
1203 |
return ret; |
1204 |
} |
1205 |
|
1206 |
@@ -71917,7 +72065,7 @@ index 78ab24a..332c915 100644 |
1207 |
{ |
1208 |
const struct cred *cred = current_cred(), *tcred; |
1209 |
|
1210 |
-@@ -198,7 +199,8 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) |
1211 |
+@@ -198,7 +238,8 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) |
1212 |
cred->gid == tcred->sgid && |
1213 |
cred->gid == tcred->gid)) |
1214 |
goto ok; |
1215 |
@@ -71927,7 +72075,7 @@ index 78ab24a..332c915 100644 |
1216 |
goto ok; |
1217 |
rcu_read_unlock(); |
1218 |
return -EPERM; |
1219 |
-@@ -207,7 +209,9 @@ ok: |
1220 |
+@@ -207,7 +248,9 @@ ok: |
1221 |
smp_rmb(); |
1222 |
if (task->mm) |
1223 |
dumpable = get_dumpable(task->mm); |
1224 |
@@ -71938,7 +72086,7 @@ index 78ab24a..332c915 100644 |
1225 |
return -EPERM; |
1226 |
|
1227 |
return security_ptrace_access_check(task, mode); |
1228 |
-@@ -217,7 +221,21 @@ bool ptrace_may_access(struct task_struct *task, unsigned int mode) |
1229 |
+@@ -217,7 +260,21 @@ bool ptrace_may_access(struct task_struct *task, unsigned int mode) |
1230 |
{ |
1231 |
int err; |
1232 |
task_lock(task); |
1233 |
@@ -71961,7 +72109,7 @@ index 78ab24a..332c915 100644 |
1234 |
task_unlock(task); |
1235 |
return !err; |
1236 |
} |
1237 |
-@@ -262,7 +280,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
1238 |
+@@ -262,7 +319,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
1239 |
goto out; |
1240 |
|
1241 |
task_lock(task); |
1242 |
@@ -71970,7 +72118,7 @@ index 78ab24a..332c915 100644 |
1243 |
task_unlock(task); |
1244 |
if (retval) |
1245 |
goto unlock_creds; |
1246 |
-@@ -277,7 +295,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
1247 |
+@@ -277,7 +334,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
1248 |
task->ptrace = PT_PTRACED; |
1249 |
if (seize) |
1250 |
task->ptrace |= PT_SEIZED; |
1251 |
@@ -71979,7 +72127,7 @@ index 78ab24a..332c915 100644 |
1252 |
task->ptrace |= PT_PTRACE_CAP; |
1253 |
|
1254 |
__ptrace_link(task, current); |
1255 |
-@@ -483,7 +501,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst |
1256 |
+@@ -483,7 +540,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst |
1257 |
break; |
1258 |
return -EIO; |
1259 |
} |
1260 |
@@ -71988,7 +72136,7 @@ index 78ab24a..332c915 100644 |
1261 |
return -EFAULT; |
1262 |
copied += retval; |
1263 |
src += retval; |
1264 |
-@@ -680,7 +698,7 @@ int ptrace_request(struct task_struct *child, long request, |
1265 |
+@@ -680,7 +737,7 @@ int ptrace_request(struct task_struct *child, long request, |
1266 |
bool seized = child->ptrace & PT_SEIZED; |
1267 |
int ret = -EIO; |
1268 |
siginfo_t siginfo, *si; |
1269 |
@@ -71997,7 +72145,7 @@ index 78ab24a..332c915 100644 |
1270 |
unsigned long __user *datalp = datavp; |
1271 |
unsigned long flags; |
1272 |
|
1273 |
-@@ -882,14 +900,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, |
1274 |
+@@ -882,14 +939,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, |
1275 |
goto out; |
1276 |
} |
1277 |
|
1278 |
@@ -72020,7 +72168,16 @@ index 78ab24a..332c915 100644 |
1279 |
goto out_put_task_struct; |
1280 |
} |
1281 |
|
1282 |
-@@ -915,7 +940,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, |
1283 |
+@@ -899,6 +963,8 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, |
1284 |
+ goto out_put_task_struct; |
1285 |
+ |
1286 |
+ ret = arch_ptrace(child, request, addr, data); |
1287 |
++ if (ret || request != PTRACE_DETACH) |
1288 |
++ ptrace_unfreeze_traced(child); |
1289 |
+ |
1290 |
+ out_put_task_struct: |
1291 |
+ put_task_struct(child); |
1292 |
+@@ -915,7 +981,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, |
1293 |
copied = access_process_vm(tsk, addr, &tmp, sizeof(tmp), 0); |
1294 |
if (copied != sizeof(tmp)) |
1295 |
return -EIO; |
1296 |
@@ -72029,7 +72186,7 @@ index 78ab24a..332c915 100644 |
1297 |
} |
1298 |
|
1299 |
int generic_ptrace_pokedata(struct task_struct *tsk, unsigned long addr, |
1300 |
-@@ -1025,14 +1050,21 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, |
1301 |
+@@ -1025,21 +1091,31 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, |
1302 |
goto out; |
1303 |
} |
1304 |
|
1305 |
@@ -72052,6 +72209,17 @@ index 78ab24a..332c915 100644 |
1306 |
goto out_put_task_struct; |
1307 |
} |
1308 |
|
1309 |
+ ret = ptrace_check_attach(child, request == PTRACE_KILL || |
1310 |
+ request == PTRACE_INTERRUPT); |
1311 |
+- if (!ret) |
1312 |
++ if (!ret) { |
1313 |
+ ret = compat_arch_ptrace(child, request, addr, data); |
1314 |
++ if (ret || request != PTRACE_DETACH) |
1315 |
++ ptrace_unfreeze_traced(child); |
1316 |
++ } |
1317 |
+ |
1318 |
+ out_put_task_struct: |
1319 |
+ put_task_struct(child); |
1320 |
diff --git a/kernel/rcutiny.c b/kernel/rcutiny.c |
1321 |
index 636af6d..8af70ab 100644 |
1322 |
--- a/kernel/rcutiny.c |
1323 |
@@ -72565,10 +72733,20 @@ index 3d9f31c..7fefc9e 100644 |
1324 |
|
1325 |
default: |
1326 |
diff --git a/kernel/sched.c b/kernel/sched.c |
1327 |
-index fcc893f..a628984 100644 |
1328 |
+index fcc893f..223b418 100644 |
1329 |
--- a/kernel/sched.c |
1330 |
+++ b/kernel/sched.c |
1331 |
-@@ -5290,6 +5290,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1332 |
+@@ -2924,7 +2924,8 @@ out: |
1333 |
+ */ |
1334 |
+ int wake_up_process(struct task_struct *p) |
1335 |
+ { |
1336 |
+- return try_to_wake_up(p, TASK_ALL, 0); |
1337 |
++ WARN_ON(task_is_stopped_or_traced(p)); |
1338 |
++ return try_to_wake_up(p, TASK_NORMAL, 0); |
1339 |
+ } |
1340 |
+ EXPORT_SYMBOL(wake_up_process); |
1341 |
+ |
1342 |
+@@ -5290,6 +5291,8 @@ int can_nice(const struct task_struct *p, const int nice) |
1343 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
1344 |
int nice_rlim = 20 - nice; |
1345 |
|
1346 |
@@ -72577,7 +72755,7 @@ index fcc893f..a628984 100644 |
1347 |
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || |
1348 |
capable(CAP_SYS_NICE)); |
1349 |
} |
1350 |
-@@ -5323,7 +5325,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1351 |
+@@ -5323,7 +5326,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
1352 |
if (nice > 19) |
1353 |
nice = 19; |
1354 |
|
1355 |
@@ -72587,7 +72765,7 @@ index fcc893f..a628984 100644 |
1356 |
return -EPERM; |
1357 |
|
1358 |
retval = security_task_setnice(current, nice); |
1359 |
-@@ -5480,6 +5483,7 @@ recheck: |
1360 |
+@@ -5480,6 +5484,7 @@ recheck: |
1361 |
unsigned long rlim_rtprio = |
1362 |
task_rlimit(p, RLIMIT_RTPRIO); |
1363 |
|
1364 |
@@ -72631,7 +72809,7 @@ index 66e4576..d05c6d5 100644 |
1365 |
int this_cpu = smp_processor_id(); |
1366 |
struct rq *this_rq = cpu_rq(this_cpu); |
1367 |
diff --git a/kernel/signal.c b/kernel/signal.c |
1368 |
-index 08e0b97..cdf6f49 100644 |
1369 |
+index 08e0b97..e3ad9b7 100644 |
1370 |
--- a/kernel/signal.c |
1371 |
+++ b/kernel/signal.c |
1372 |
@@ -45,12 +45,12 @@ static struct kmem_cache *sigqueue_cachep; |
1373 |
@@ -72740,7 +72918,26 @@ index 08e0b97..cdf6f49 100644 |
1374 |
|
1375 |
return ret; |
1376 |
} |
1377 |
-@@ -2763,7 +2786,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
1378 |
+@@ -1765,6 +1788,10 @@ static inline int may_ptrace_stop(void) |
1379 |
+ * If SIGKILL was already sent before the caller unlocked |
1380 |
+ * ->siglock we must see ->core_state != NULL. Otherwise it |
1381 |
+ * is safe to enter schedule(). |
1382 |
++ * |
1383 |
++ * This is almost outdated, a task with the pending SIGKILL can't |
1384 |
++ * block in TASK_TRACED. But PTRACE_EVENT_EXIT can be reported |
1385 |
++ * after SIGKILL was already dequeued. |
1386 |
+ */ |
1387 |
+ if (unlikely(current->mm->core_state) && |
1388 |
+ unlikely(current->mm == current->parent->mm)) |
1389 |
+@@ -1890,6 +1917,7 @@ static void ptrace_stop(int exit_code, int why, int clear_code, siginfo_t *info) |
1390 |
+ if (gstop_done) |
1391 |
+ do_notify_parent_cldstop(current, false, why); |
1392 |
+ |
1393 |
++ /* tasklist protects us from ptrace_freeze_traced() */ |
1394 |
+ __set_current_state(TASK_RUNNING); |
1395 |
+ if (clear_code) |
1396 |
+ current->exit_code = 0; |
1397 |
+@@ -2763,7 +2791,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
1398 |
int error = -ESRCH; |
1399 |
|
1400 |
rcu_read_lock(); |
1401 |
@@ -73620,7 +73817,7 @@ index 16fc34a..efd8bb8 100644 |
1402 |
ret = -EIO; |
1403 |
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt, |
1404 |
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c |
1405 |
-index 54dba59..5c6d44e 100644 |
1406 |
+index 54dba59..1690055 100644 |
1407 |
--- a/kernel/trace/ftrace.c |
1408 |
+++ b/kernel/trace/ftrace.c |
1409 |
@@ -1587,12 +1587,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) |
1410 |
@@ -73652,6 +73849,15 @@ index 54dba59..5c6d44e 100644 |
1411 |
{ |
1412 |
struct ftrace_func_probe *entry; |
1413 |
struct ftrace_page *pg; |
1414 |
+@@ -3482,7 +3487,7 @@ static int ftrace_module_notify(struct notifier_block *self, |
1415 |
+ |
1416 |
+ struct notifier_block ftrace_module_nb = { |
1417 |
+ .notifier_call = ftrace_module_notify, |
1418 |
+- .priority = 0, |
1419 |
++ .priority = INT_MAX, /* Run before anything that can use kprobes */ |
1420 |
+ }; |
1421 |
+ |
1422 |
+ extern unsigned long __start_mcount_loc[]; |
1423 |
@@ -3968,8 +3973,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write, |
1424 |
#ifdef CONFIG_FUNCTION_GRAPH_TRACER |
1425 |
|
1426 |
@@ -74947,7 +75153,7 @@ index 0c26b5e..1cc340f 100644 |
1427 |
#ifdef CONFIG_MEMORY_FAILURE |
1428 |
extern bool is_free_buddy_page(struct page *page); |
1429 |
diff --git a/mm/kmemleak.c b/mm/kmemleak.c |
1430 |
-index f3b2a00..61da94d 100644 |
1431 |
+index f3b2a00..5899e43 100644 |
1432 |
--- a/mm/kmemleak.c |
1433 |
+++ b/mm/kmemleak.c |
1434 |
@@ -357,7 +357,7 @@ static void print_unreferenced(struct seq_file *seq, |
1435 |
@@ -74955,10 +75161,19 @@ index f3b2a00..61da94d 100644 |
1436 |
for (i = 0; i < object->trace_len; i++) { |
1437 |
void *ptr = (void *)object->trace[i]; |
1438 |
- seq_printf(seq, " [<%p>] %pS\n", ptr, ptr); |
1439 |
-+ seq_printf(seq, " [<%p>] %pA\n", ptr, ptr); |
1440 |
++ seq_printf(seq, " [<%pP>] %pA\n", ptr, ptr); |
1441 |
} |
1442 |
} |
1443 |
|
1444 |
+@@ -1745,7 +1745,7 @@ static int __init kmemleak_late_init(void) |
1445 |
+ return -ENOMEM; |
1446 |
+ } |
1447 |
+ |
1448 |
+- dentry = debugfs_create_file("kmemleak", S_IRUGO, NULL, NULL, |
1449 |
++ dentry = debugfs_create_file("kmemleak", S_IRUSR, NULL, NULL, |
1450 |
+ &kmemleak_fops); |
1451 |
+ if (!dentry) |
1452 |
+ pr_warning("Failed to create the debugfs kmemleak file\n"); |
1453 |
diff --git a/mm/maccess.c b/mm/maccess.c |
1454 |
index d53adf9..03a24bf 100644 |
1455 |
--- a/mm/maccess.c |
1456 |
|
1457 |
diff --git a/3.7.4/0000_README b/3.7.5/0000_README |
1458 |
similarity index 96% |
1459 |
rename from 3.7.4/0000_README |
1460 |
rename to 3.7.5/0000_README |
1461 |
index f410177..71573a5 100644 |
1462 |
--- a/3.7.4/0000_README |
1463 |
+++ b/3.7.5/0000_README |
1464 |
@@ -2,7 +2,7 @@ README |
1465 |
----------------------------------------------------------------------------- |
1466 |
Individual Patch Descriptions: |
1467 |
----------------------------------------------------------------------------- |
1468 |
-Patch: 4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1469 |
+Patch: 4420_grsecurity-2.9.1-3.7.5-201301281957.patch |
1470 |
From: http://www.grsecurity.net |
1471 |
Desc: hardened-sources base patch from upstream grsecurity |
1472 |
|
1473 |
|
1474 |
diff --git a/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch b/3.7.5/4420_grsecurity-2.9.1-3.7.5-201301281957.patch |
1475 |
similarity index 99% |
1476 |
rename from 3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1477 |
rename to 3.7.5/4420_grsecurity-2.9.1-3.7.5-201301281957.patch |
1478 |
index 29e3b84..8d072d3 100644 |
1479 |
--- a/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1480 |
+++ b/3.7.5/4420_grsecurity-2.9.1-3.7.5-201301281957.patch |
1481 |
@@ -251,7 +251,7 @@ index 9776f06..18b1856 100644 |
1482 |
|
1483 |
pcd. [PARIDE] |
1484 |
diff --git a/Makefile b/Makefile |
1485 |
-index f9196bc..63b33e4 100644 |
1486 |
+index ecf87b1..f0c8483 100644 |
1487 |
--- a/Makefile |
1488 |
+++ b/Makefile |
1489 |
@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
1490 |
@@ -3478,6 +3478,19 @@ index d9439ef..d0cac6b 100644 |
1491 |
/* Remember the address where we stopped this search: */ |
1492 |
mm->free_area_cache = addr + len; |
1493 |
return addr; |
1494 |
+diff --git a/arch/ia64/kernel/topology.c b/arch/ia64/kernel/topology.c |
1495 |
+index c64460b..4d250a6 100644 |
1496 |
+--- a/arch/ia64/kernel/topology.c |
1497 |
++++ b/arch/ia64/kernel/topology.c |
1498 |
+@@ -445,7 +445,7 @@ static int __cpuinit cache_cpu_callback(struct notifier_block *nfb, |
1499 |
+ return NOTIFY_OK; |
1500 |
+ } |
1501 |
+ |
1502 |
+-static struct notifier_block __cpuinitdata cache_cpu_notifier = |
1503 |
++static struct notifier_block cache_cpu_notifier = |
1504 |
+ { |
1505 |
+ .notifier_call = cache_cpu_callback |
1506 |
+ }; |
1507 |
diff --git a/arch/ia64/kernel/vmlinux.lds.S b/arch/ia64/kernel/vmlinux.lds.S |
1508 |
index 0ccb28f..8992469 100644 |
1509 |
--- a/arch/ia64/kernel/vmlinux.lds.S |
1510 |
@@ -3975,7 +3988,7 @@ index ddcec1e..c7f983e 100644 |
1511 |
* This routine handles page faults. It determines the address, |
1512 |
* and the problem, and then passes it off to one of the appropriate |
1513 |
diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c |
1514 |
-index 302d779..ee9ffb5 100644 |
1515 |
+index 302d779..573314a 100644 |
1516 |
--- a/arch/mips/mm/mmap.c |
1517 |
+++ b/arch/mips/mm/mmap.c |
1518 |
@@ -71,6 +71,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
1519 |
@@ -4055,7 +4068,7 @@ index 302d779..ee9ffb5 100644 |
1520 |
- if (do_color_align) |
1521 |
- addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
1522 |
- } while (likely(len < vma->vm_start)); |
1523 |
-+ addr = skip_heap_stack_gap(vma, len); |
1524 |
++ addr = skip_heap_stack_gap(vma, len, offset); |
1525 |
+ } while (!IS_ERR_VALUE(addr)); |
1526 |
|
1527 |
bottomup: |
1528 |
@@ -15599,10 +15612,10 @@ index df5e41f..816c719 100644 |
1529 |
extern int generic_get_free_region(unsigned long base, unsigned long size, |
1530 |
int replace_reg); |
1531 |
diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c |
1532 |
-index 4a3374e..1ca3ecb 100644 |
1533 |
+index d18b2b8..d3b834c 100644 |
1534 |
--- a/arch/x86/kernel/cpu/perf_event.c |
1535 |
+++ b/arch/x86/kernel/cpu/perf_event.c |
1536 |
-@@ -1765,7 +1765,7 @@ static unsigned long get_segment_base(unsigned int segment) |
1537 |
+@@ -1759,7 +1759,7 @@ static unsigned long get_segment_base(unsigned int segment) |
1538 |
if (idx > GDT_ENTRIES) |
1539 |
return 0; |
1540 |
|
1541 |
@@ -15611,7 +15624,7 @@ index 4a3374e..1ca3ecb 100644 |
1542 |
} |
1543 |
|
1544 |
return get_desc_base(desc + idx); |
1545 |
-@@ -1855,7 +1855,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) |
1546 |
+@@ -1849,7 +1849,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) |
1547 |
break; |
1548 |
|
1549 |
perf_callchain_store(entry, frame.return_address); |
1550 |
@@ -20550,7 +20563,7 @@ index f3e2ec8..ad5287a 100644 |
1551 |
if (err) { |
1552 |
pr_debug("do_boot_cpu failed %d\n", err); |
1553 |
diff --git a/arch/x86/kernel/step.c b/arch/x86/kernel/step.c |
1554 |
-index cd3b243..4ba27a4 100644 |
1555 |
+index 9b4d51d..5d28b58 100644 |
1556 |
--- a/arch/x86/kernel/step.c |
1557 |
+++ b/arch/x86/kernel/step.c |
1558 |
@@ -27,10 +27,10 @@ unsigned long convert_ip_to_linear(struct task_struct *child, struct pt_regs *re |
1559 |
@@ -29978,10 +29991,10 @@ index bd4e5dc..0497b66 100644 |
1560 |
/* |
1561 |
* Buggy BIOS check |
1562 |
diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c |
1563 |
-index 586362e..ca71b9b 100644 |
1564 |
+index c8ac4fe..631818e 100644 |
1565 |
--- a/drivers/ata/libata-core.c |
1566 |
+++ b/drivers/ata/libata-core.c |
1567 |
-@@ -4775,7 +4775,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) |
1568 |
+@@ -4779,7 +4779,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) |
1569 |
struct ata_port *ap; |
1570 |
unsigned int tag; |
1571 |
|
1572 |
@@ -29990,7 +30003,7 @@ index 586362e..ca71b9b 100644 |
1573 |
ap = qc->ap; |
1574 |
|
1575 |
qc->flags = 0; |
1576 |
-@@ -4791,7 +4791,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) |
1577 |
+@@ -4795,7 +4795,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) |
1578 |
struct ata_port *ap; |
1579 |
struct ata_link *link; |
1580 |
|
1581 |
@@ -29999,7 +30012,7 @@ index 586362e..ca71b9b 100644 |
1582 |
WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); |
1583 |
ap = qc->ap; |
1584 |
link = qc->dev->link; |
1585 |
-@@ -5887,6 +5887,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) |
1586 |
+@@ -5891,6 +5891,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) |
1587 |
return; |
1588 |
|
1589 |
spin_lock(&lock); |
1590 |
@@ -30007,7 +30020,7 @@ index 586362e..ca71b9b 100644 |
1591 |
|
1592 |
for (cur = ops->inherits; cur; cur = cur->inherits) { |
1593 |
void **inherit = (void **)cur; |
1594 |
-@@ -5900,8 +5901,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) |
1595 |
+@@ -5904,8 +5905,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) |
1596 |
if (IS_ERR(*pp)) |
1597 |
*pp = NULL; |
1598 |
|
1599 |
@@ -32395,10 +32408,10 @@ index 515a42c..5ecf3ba 100644 |
1600 |
void fw_card_initialize(struct fw_card *card, |
1601 |
const struct fw_card_driver *driver, struct device *device); |
1602 |
diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c |
1603 |
-index b298158..7ed8432 100644 |
1604 |
+index fd3ae62..669efe3 100644 |
1605 |
--- a/drivers/firmware/dmi_scan.c |
1606 |
+++ b/drivers/firmware/dmi_scan.c |
1607 |
-@@ -452,11 +452,6 @@ void __init dmi_scan_machine(void) |
1608 |
+@@ -491,11 +491,6 @@ void __init dmi_scan_machine(void) |
1609 |
} |
1610 |
} |
1611 |
else { |
1612 |
@@ -32410,7 +32423,7 @@ index b298158..7ed8432 100644 |
1613 |
p = dmi_ioremap(0xF0000, 0x10000); |
1614 |
if (p == NULL) |
1615 |
goto error; |
1616 |
-@@ -726,7 +721,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), |
1617 |
+@@ -770,7 +765,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), |
1618 |
if (buf == NULL) |
1619 |
return -1; |
1620 |
|
1621 |
@@ -32831,10 +32844,10 @@ index 92f1750..3beba74 100644 |
1622 |
return container_of(adapter, struct intel_gmbus, adapter)->force_bit; |
1623 |
} |
1624 |
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
1625 |
-index 3eea143..a0b77db 100644 |
1626 |
+index 67036e9..b9f1357 100644 |
1627 |
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
1628 |
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c |
1629 |
-@@ -660,7 +660,7 @@ i915_gem_execbuffer_move_to_gpu(struct intel_ring_buffer *ring, |
1630 |
+@@ -681,7 +681,7 @@ i915_gem_execbuffer_move_to_gpu(struct intel_ring_buffer *ring, |
1631 |
i915_gem_clflush_object(obj); |
1632 |
|
1633 |
if (obj->base.pending_write_domain) |
1634 |
@@ -32843,7 +32856,7 @@ index 3eea143..a0b77db 100644 |
1635 |
|
1636 |
flush_domains |= obj->base.write_domain; |
1637 |
} |
1638 |
-@@ -691,9 +691,9 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) |
1639 |
+@@ -712,9 +712,9 @@ i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) |
1640 |
|
1641 |
static int |
1642 |
validate_exec_list(struct drm_i915_gem_exec_object2 *exec, |
1643 |
@@ -36227,7 +36240,7 @@ index b94d5f7..7f494c5 100644 |
1644 |
extern int xpc_disengage_timedout; |
1645 |
extern int xpc_activate_IRQ_rcvd; |
1646 |
diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c |
1647 |
-index d971817..3805cce 100644 |
1648 |
+index d971817..33bdca5 100644 |
1649 |
--- a/drivers/misc/sgi-xp/xpc_main.c |
1650 |
+++ b/drivers/misc/sgi-xp/xpc_main.c |
1651 |
@@ -166,7 +166,7 @@ static struct notifier_block xpc_die_notifier = { |
1652 |
@@ -36239,6 +36252,15 @@ index d971817..3805cce 100644 |
1653 |
|
1654 |
/* |
1655 |
* Timer function to enforce the timelimit on the partition disengage. |
1656 |
+@@ -1210,7 +1210,7 @@ xpc_system_die(struct notifier_block *nb, unsigned long event, void *_die_args) |
1657 |
+ |
1658 |
+ if (((die_args->trapnr == X86_TRAP_MF) || |
1659 |
+ (die_args->trapnr == X86_TRAP_XF)) && |
1660 |
+- !user_mode_vm(die_args->regs)) |
1661 |
++ !user_mode(die_args->regs)) |
1662 |
+ xpc_die_deactivate(); |
1663 |
+ |
1664 |
+ break; |
1665 |
diff --git a/drivers/mmc/core/mmc_ops.c b/drivers/mmc/core/mmc_ops.c |
1666 |
index a0e1720..ee63d0b 100644 |
1667 |
--- a/drivers/mmc/core/mmc_ops.c |
1668 |
@@ -37548,7 +37570,7 @@ index 76ba8a1..20ca857 100644 |
1669 |
|
1670 |
/* initialize our int15 lock */ |
1671 |
diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c |
1672 |
-index 213753b..b4abaac 100644 |
1673 |
+index 449f257..0731e96 100644 |
1674 |
--- a/drivers/pci/pcie/aspm.c |
1675 |
+++ b/drivers/pci/pcie/aspm.c |
1676 |
@@ -27,9 +27,9 @@ |
1677 |
@@ -38819,7 +38841,7 @@ index 21a045e..ec89e03 100644 |
1678 |
|
1679 |
transport_setup_device(&rport->dev); |
1680 |
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c |
1681 |
-index 352bc77..c049b14 100644 |
1682 |
+index a45e12a..d9120cb 100644 |
1683 |
--- a/drivers/scsi/sd.c |
1684 |
+++ b/drivers/scsi/sd.c |
1685 |
@@ -2899,7 +2899,7 @@ static int sd_probe(struct device *dev) |
1686 |
@@ -47345,6 +47367,20 @@ index 71a600a..20d87b1 100644 |
1687 |
f_modown(filp, pid, type, force); |
1688 |
return 0; |
1689 |
} |
1690 |
+diff --git a/fs/fhandle.c b/fs/fhandle.c |
1691 |
+index f775bfd..629bd4c 100644 |
1692 |
+--- a/fs/fhandle.c |
1693 |
++++ b/fs/fhandle.c |
1694 |
+@@ -67,8 +67,7 @@ static long do_sys_name_to_handle(struct path *path, |
1695 |
+ } else |
1696 |
+ retval = 0; |
1697 |
+ /* copy the mount id */ |
1698 |
+- if (copy_to_user(mnt_id, &real_mount(path->mnt)->mnt_id, |
1699 |
+- sizeof(*mnt_id)) || |
1700 |
++ if (put_user(real_mount(path->mnt)->mnt_id, mnt_id) || |
1701 |
+ copy_to_user(ufh, handle, |
1702 |
+ sizeof(struct file_handle) + handle_bytes)) |
1703 |
+ retval = -EFAULT; |
1704 |
diff --git a/fs/fifo.c b/fs/fifo.c |
1705 |
index cf6f434..3d7942c 100644 |
1706 |
--- a/fs/fifo.c |
1707 |
@@ -64757,7 +64793,7 @@ index ecc5543..0e96bcc 100644 |
1708 |
|
1709 |
int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); |
1710 |
diff --git a/include/linux/libata.h b/include/linux/libata.h |
1711 |
-index e931c9a..7aa8f6f 100644 |
1712 |
+index 1e36c63..0c5046e 100644 |
1713 |
--- a/include/linux/libata.h |
1714 |
+++ b/include/linux/libata.h |
1715 |
@@ -915,7 +915,7 @@ struct ata_port_operations { |
1716 |
@@ -65067,7 +65103,7 @@ index fed3def..7cc3f93 100644 |
1717 |
#define HID_GROUP_ANY 0x0000 |
1718 |
|
1719 |
diff --git a/include/linux/module.h b/include/linux/module.h |
1720 |
-index 7760c6d..983ee18 100644 |
1721 |
+index 1375ee3..d631af0 100644 |
1722 |
--- a/include/linux/module.h |
1723 |
+++ b/include/linux/module.h |
1724 |
@@ -17,9 +17,11 @@ |
1725 |
@@ -65617,7 +65653,7 @@ index bfe1f47..6a33ee3 100644 |
1726 |
static inline void anon_vma_merge(struct vm_area_struct *vma, |
1727 |
struct vm_area_struct *next) |
1728 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
1729 |
-index 0dd42a0..f5dc099 100644 |
1730 |
+index 3e63925..1d69dff 100644 |
1731 |
--- a/include/linux/sched.h |
1732 |
+++ b/include/linux/sched.h |
1733 |
@@ -61,6 +61,7 @@ struct bio_list; |
1734 |
@@ -67585,10 +67621,10 @@ index f5b978a..69dbfe8 100644 |
1735 |
if (!S_ISBLK(stat.st_mode)) |
1736 |
return 0; |
1737 |
diff --git a/init/do_mounts_initrd.c b/init/do_mounts_initrd.c |
1738 |
-index 5e4ded5..aa3cd7e 100644 |
1739 |
+index f9acf71..1e19144 100644 |
1740 |
--- a/init/do_mounts_initrd.c |
1741 |
+++ b/init/do_mounts_initrd.c |
1742 |
-@@ -54,8 +54,8 @@ static void __init handle_initrd(void) |
1743 |
+@@ -58,8 +58,8 @@ static void __init handle_initrd(void) |
1744 |
create_dev("/dev/root.old", Root_RAM0); |
1745 |
/* mount initrd on rootfs' /root */ |
1746 |
mount_block_root("/dev/root.old", root_mountflags & ~MS_RDONLY); |
1747 |
@@ -67599,7 +67635,7 @@ index 5e4ded5..aa3cd7e 100644 |
1748 |
|
1749 |
/* |
1750 |
* In case that a resume from disk is carried out by linuxrc or one of |
1751 |
-@@ -69,31 +69,31 @@ static void __init handle_initrd(void) |
1752 |
+@@ -73,31 +73,31 @@ static void __init handle_initrd(void) |
1753 |
current->flags &= ~PF_FREEZER_SKIP; |
1754 |
|
1755 |
/* move initrd to rootfs' /old */ |
1756 |
@@ -67638,7 +67674,7 @@ index 5e4ded5..aa3cd7e 100644 |
1757 |
printk(KERN_NOTICE "Trying to free ramdisk memory ... "); |
1758 |
if (fd < 0) { |
1759 |
error = fd; |
1760 |
-@@ -116,11 +116,11 @@ int __init initrd_load(void) |
1761 |
+@@ -120,11 +120,11 @@ int __init initrd_load(void) |
1762 |
* mounted in the normal path. |
1763 |
*/ |
1764 |
if (rd_load_image("/initrd.image") && ROOT_DEV != Root_RAM0) { |
1765 |
@@ -67810,7 +67846,7 @@ index 84c6bf1..8899338 100644 |
1766 |
next_state = Reset; |
1767 |
return 0; |
1768 |
diff --git a/init/main.c b/init/main.c |
1769 |
-index e33e09d..b699703 100644 |
1770 |
+index cd147a9..12ce8c2 100644 |
1771 |
--- a/init/main.c |
1772 |
+++ b/init/main.c |
1773 |
@@ -96,6 +96,8 @@ static inline void mark_rodata_ro(void) { } |
1774 |
@@ -67955,7 +67991,7 @@ index e33e09d..b699703 100644 |
1775 |
} |
1776 |
|
1777 |
static int run_init_process(const char *init_filename) |
1778 |
-@@ -876,7 +950,7 @@ static void __init kernel_init_freeable(void) |
1779 |
+@@ -876,7 +950,7 @@ static noinline void __init kernel_init_freeable(void) |
1780 |
do_basic_setup(); |
1781 |
|
1782 |
/* Open the /dev/console on the rootfs, this should never fail */ |
1783 |
@@ -67964,7 +68000,7 @@ index e33e09d..b699703 100644 |
1784 |
printk(KERN_WARNING "Warning: unable to open an initial console.\n"); |
1785 |
|
1786 |
(void) sys_dup(0); |
1787 |
-@@ -889,11 +963,13 @@ static void __init kernel_init_freeable(void) |
1788 |
+@@ -889,11 +963,13 @@ static noinline void __init kernel_init_freeable(void) |
1789 |
if (!ramdisk_execute_command) |
1790 |
ramdisk_execute_command = "/init"; |
1791 |
|
1792 |
@@ -68718,11 +68754,11 @@ index 9a61738..c5c8f3a 100644 |
1793 |
} |
1794 |
EXPORT_SYMBOL_GPL(kgdb_schedule_breakpoint); |
1795 |
diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c |
1796 |
-index 4d5f8d5..4743f33 100644 |
1797 |
+index 8875254..7cf4928 100644 |
1798 |
--- a/kernel/debug/kdb/kdb_main.c |
1799 |
+++ b/kernel/debug/kdb/kdb_main.c |
1800 |
-@@ -1972,7 +1972,7 @@ static int kdb_lsmod(int argc, const char **argv) |
1801 |
- list_for_each_entry(mod, kdb_modules, list) { |
1802 |
+@@ -1974,7 +1974,7 @@ static int kdb_lsmod(int argc, const char **argv) |
1803 |
+ continue; |
1804 |
|
1805 |
kdb_printf("%-20s%8u 0x%p ", mod->name, |
1806 |
- mod->core_size, (void *)mod); |
1807 |
@@ -68730,7 +68766,7 @@ index 4d5f8d5..4743f33 100644 |
1808 |
#ifdef CONFIG_MODULE_UNLOAD |
1809 |
kdb_printf("%4ld ", module_refcount(mod)); |
1810 |
#endif |
1811 |
-@@ -1982,7 +1982,7 @@ static int kdb_lsmod(int argc, const char **argv) |
1812 |
+@@ -1984,7 +1984,7 @@ static int kdb_lsmod(int argc, const char **argv) |
1813 |
kdb_printf(" (Loading)"); |
1814 |
else |
1815 |
kdb_printf(" (Live)"); |
1816 |
@@ -69773,7 +69809,7 @@ index 91c32a0..7b88d63 100644 |
1817 |
seq_printf(m, "%40s %14lu %29s %pS\n", |
1818 |
name, stats->contending_point[i], |
1819 |
diff --git a/kernel/module.c b/kernel/module.c |
1820 |
-index 6e48c3a..ac2ef5b 100644 |
1821 |
+index 3e544f4..096cb73 100644 |
1822 |
--- a/kernel/module.c |
1823 |
+++ b/kernel/module.c |
1824 |
@@ -59,6 +59,7 @@ |
1825 |
@@ -69794,7 +69830,7 @@ index 6e48c3a..ac2ef5b 100644 |
1826 |
|
1827 |
int register_module_notifier(struct notifier_block * nb) |
1828 |
{ |
1829 |
-@@ -318,7 +320,7 @@ bool each_symbol_section(bool (*fn)(const struct symsearch *arr, |
1830 |
+@@ -319,7 +321,7 @@ bool each_symbol_section(bool (*fn)(const struct symsearch *arr, |
1831 |
return true; |
1832 |
|
1833 |
list_for_each_entry_rcu(mod, &modules, list) { |
1834 |
@@ -69803,16 +69839,16 @@ index 6e48c3a..ac2ef5b 100644 |
1835 |
{ mod->syms, mod->syms + mod->num_syms, mod->crcs, |
1836 |
NOT_GPL_ONLY, false }, |
1837 |
{ mod->gpl_syms, mod->gpl_syms + mod->num_gpl_syms, |
1838 |
-@@ -340,7 +342,7 @@ bool each_symbol_section(bool (*fn)(const struct symsearch *arr, |
1839 |
- #endif |
1840 |
- }; |
1841 |
+@@ -344,7 +346,7 @@ bool each_symbol_section(bool (*fn)(const struct symsearch *arr, |
1842 |
+ if (mod->state == MODULE_STATE_UNFORMED) |
1843 |
+ continue; |
1844 |
|
1845 |
- if (each_symbol_in_section(arr, ARRAY_SIZE(arr), mod, fn, data)) |
1846 |
+ if (each_symbol_in_section(modarr, ARRAY_SIZE(modarr), mod, fn, data)) |
1847 |
return true; |
1848 |
} |
1849 |
return false; |
1850 |
-@@ -472,7 +474,7 @@ static inline void __percpu *mod_percpu(struct module *mod) |
1851 |
+@@ -484,7 +486,7 @@ static inline void __percpu *mod_percpu(struct module *mod) |
1852 |
static int percpu_modalloc(struct module *mod, |
1853 |
unsigned long size, unsigned long align) |
1854 |
{ |
1855 |
@@ -69821,7 +69857,7 @@ index 6e48c3a..ac2ef5b 100644 |
1856 |
printk(KERN_WARNING "%s: per-cpu alignment %li > %li\n", |
1857 |
mod->name, align, PAGE_SIZE); |
1858 |
align = PAGE_SIZE; |
1859 |
-@@ -1072,7 +1074,7 @@ struct module_attribute module_uevent = |
1860 |
+@@ -1088,7 +1090,7 @@ struct module_attribute module_uevent = |
1861 |
static ssize_t show_coresize(struct module_attribute *mattr, |
1862 |
struct module_kobject *mk, char *buffer) |
1863 |
{ |
1864 |
@@ -69830,7 +69866,7 @@ index 6e48c3a..ac2ef5b 100644 |
1865 |
} |
1866 |
|
1867 |
static struct module_attribute modinfo_coresize = |
1868 |
-@@ -1081,7 +1083,7 @@ static struct module_attribute modinfo_coresize = |
1869 |
+@@ -1097,7 +1099,7 @@ static struct module_attribute modinfo_coresize = |
1870 |
static ssize_t show_initsize(struct module_attribute *mattr, |
1871 |
struct module_kobject *mk, char *buffer) |
1872 |
{ |
1873 |
@@ -69839,7 +69875,7 @@ index 6e48c3a..ac2ef5b 100644 |
1874 |
} |
1875 |
|
1876 |
static struct module_attribute modinfo_initsize = |
1877 |
-@@ -1295,7 +1297,7 @@ resolve_symbol_wait(struct module *mod, |
1878 |
+@@ -1311,7 +1313,7 @@ resolve_symbol_wait(struct module *mod, |
1879 |
*/ |
1880 |
#ifdef CONFIG_SYSFS |
1881 |
|
1882 |
@@ -69848,7 +69884,7 @@ index 6e48c3a..ac2ef5b 100644 |
1883 |
static inline bool sect_empty(const Elf_Shdr *sect) |
1884 |
{ |
1885 |
return !(sect->sh_flags & SHF_ALLOC) || sect->sh_size == 0; |
1886 |
-@@ -1761,21 +1763,21 @@ static void set_section_ro_nx(void *base, |
1887 |
+@@ -1777,21 +1779,21 @@ static void set_section_ro_nx(void *base, |
1888 |
|
1889 |
static void unset_module_core_ro_nx(struct module *mod) |
1890 |
{ |
1891 |
@@ -69878,10 +69914,10 @@ index 6e48c3a..ac2ef5b 100644 |
1892 |
set_memory_rw); |
1893 |
} |
1894 |
|
1895 |
-@@ -1786,14 +1788,14 @@ void set_all_modules_text_rw(void) |
1896 |
- |
1897 |
- mutex_lock(&module_mutex); |
1898 |
+@@ -1804,14 +1806,14 @@ void set_all_modules_text_rw(void) |
1899 |
list_for_each_entry_rcu(mod, &modules, list) { |
1900 |
+ if (mod->state == MODULE_STATE_UNFORMED) |
1901 |
+ continue; |
1902 |
- if ((mod->module_core) && (mod->core_text_size)) { |
1903 |
- set_page_attributes(mod->module_core, |
1904 |
- mod->module_core + mod->core_text_size, |
1905 |
@@ -69899,10 +69935,10 @@ index 6e48c3a..ac2ef5b 100644 |
1906 |
set_memory_rw); |
1907 |
} |
1908 |
} |
1909 |
-@@ -1807,14 +1809,14 @@ void set_all_modules_text_ro(void) |
1910 |
- |
1911 |
- mutex_lock(&module_mutex); |
1912 |
+@@ -1827,14 +1829,14 @@ void set_all_modules_text_ro(void) |
1913 |
list_for_each_entry_rcu(mod, &modules, list) { |
1914 |
+ if (mod->state == MODULE_STATE_UNFORMED) |
1915 |
+ continue; |
1916 |
- if ((mod->module_core) && (mod->core_text_size)) { |
1917 |
- set_page_attributes(mod->module_core, |
1918 |
- mod->module_core + mod->core_text_size, |
1919 |
@@ -69920,7 +69956,7 @@ index 6e48c3a..ac2ef5b 100644 |
1920 |
set_memory_ro); |
1921 |
} |
1922 |
} |
1923 |
-@@ -1860,16 +1862,19 @@ static void free_module(struct module *mod) |
1924 |
+@@ -1880,16 +1882,19 @@ static void free_module(struct module *mod) |
1925 |
|
1926 |
/* This may be NULL, but that's OK */ |
1927 |
unset_module_init_ro_nx(mod); |
1928 |
@@ -69943,7 +69979,7 @@ index 6e48c3a..ac2ef5b 100644 |
1929 |
|
1930 |
#ifdef CONFIG_MPU |
1931 |
update_protections(current->mm); |
1932 |
-@@ -1939,9 +1944,31 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1933 |
+@@ -1959,9 +1964,31 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1934 |
int ret = 0; |
1935 |
const struct kernel_symbol *ksym; |
1936 |
|
1937 |
@@ -69975,7 +70011,7 @@ index 6e48c3a..ac2ef5b 100644 |
1938 |
switch (sym[i].st_shndx) { |
1939 |
case SHN_COMMON: |
1940 |
/* We compiled with -fno-common. These are not |
1941 |
-@@ -1962,7 +1989,9 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1942 |
+@@ -1982,7 +2009,9 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1943 |
ksym = resolve_symbol_wait(mod, info, name); |
1944 |
/* Ok if resolved. */ |
1945 |
if (ksym && !IS_ERR(ksym)) { |
1946 |
@@ -69985,7 +70021,7 @@ index 6e48c3a..ac2ef5b 100644 |
1947 |
break; |
1948 |
} |
1949 |
|
1950 |
-@@ -1981,11 +2010,20 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1951 |
+@@ -2001,11 +2030,20 @@ static int simplify_symbols(struct module *mod, const struct load_info *info) |
1952 |
secbase = (unsigned long)mod_percpu(mod); |
1953 |
else |
1954 |
secbase = info->sechdrs[sym[i].st_shndx].sh_addr; |
1955 |
@@ -70006,7 +70042,7 @@ index 6e48c3a..ac2ef5b 100644 |
1956 |
return ret; |
1957 |
} |
1958 |
|
1959 |
-@@ -2069,22 +2107,12 @@ static void layout_sections(struct module *mod, struct load_info *info) |
1960 |
+@@ -2089,22 +2127,12 @@ static void layout_sections(struct module *mod, struct load_info *info) |
1961 |
|| s->sh_entsize != ~0UL |
1962 |
|| strstarts(sname, ".init")) |
1963 |
continue; |
1964 |
@@ -70033,7 +70069,7 @@ index 6e48c3a..ac2ef5b 100644 |
1965 |
} |
1966 |
|
1967 |
pr_debug("Init section allocation order:\n"); |
1968 |
-@@ -2098,23 +2126,13 @@ static void layout_sections(struct module *mod, struct load_info *info) |
1969 |
+@@ -2118,23 +2146,13 @@ static void layout_sections(struct module *mod, struct load_info *info) |
1970 |
|| s->sh_entsize != ~0UL |
1971 |
|| !strstarts(sname, ".init")) |
1972 |
continue; |
1973 |
@@ -70062,7 +70098,7 @@ index 6e48c3a..ac2ef5b 100644 |
1974 |
} |
1975 |
} |
1976 |
|
1977 |
-@@ -2286,7 +2304,7 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
1978 |
+@@ -2306,7 +2324,7 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
1979 |
|
1980 |
/* Put symbol section at end of init part of module. */ |
1981 |
symsect->sh_flags |= SHF_ALLOC; |
1982 |
@@ -70071,7 +70107,7 @@ index 6e48c3a..ac2ef5b 100644 |
1983 |
info->index.sym) | INIT_OFFSET_MASK; |
1984 |
pr_debug("\t%s\n", info->secstrings + symsect->sh_name); |
1985 |
|
1986 |
-@@ -2306,13 +2324,13 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
1987 |
+@@ -2326,13 +2344,13 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
1988 |
} |
1989 |
|
1990 |
/* Append room for core symbols at end of core part. */ |
1991 |
@@ -70089,7 +70125,7 @@ index 6e48c3a..ac2ef5b 100644 |
1992 |
info->index.str) | INIT_OFFSET_MASK; |
1993 |
pr_debug("\t%s\n", info->secstrings + strsect->sh_name); |
1994 |
} |
1995 |
-@@ -2330,12 +2348,14 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
1996 |
+@@ -2350,12 +2368,14 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
1997 |
/* Make sure we get permanent strtab: don't use info->strtab. */ |
1998 |
mod->strtab = (void *)info->sechdrs[info->index.str].sh_addr; |
1999 |
|
2000 |
@@ -70106,7 +70142,7 @@ index 6e48c3a..ac2ef5b 100644 |
2001 |
src = mod->symtab; |
2002 |
*s++ = 0; |
2003 |
for (ndst = i = 0; i < mod->num_symtab; i++) { |
2004 |
-@@ -2348,6 +2368,8 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
2005 |
+@@ -2368,6 +2388,8 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
2006 |
} |
2007 |
} |
2008 |
mod->core_num_syms = ndst; |
2009 |
@@ -70115,7 +70151,7 @@ index 6e48c3a..ac2ef5b 100644 |
2010 |
} |
2011 |
#else |
2012 |
static inline void layout_symtab(struct module *mod, struct load_info *info) |
2013 |
-@@ -2381,17 +2403,33 @@ void * __weak module_alloc(unsigned long size) |
2014 |
+@@ -2401,17 +2423,33 @@ void * __weak module_alloc(unsigned long size) |
2015 |
return size == 0 ? NULL : vmalloc_exec(size); |
2016 |
} |
2017 |
|
2018 |
@@ -70154,7 +70190,7 @@ index 6e48c3a..ac2ef5b 100644 |
2019 |
mutex_unlock(&module_mutex); |
2020 |
} |
2021 |
return ret; |
2022 |
-@@ -2610,8 +2648,14 @@ static struct module *setup_load_info(struct load_info *info) |
2023 |
+@@ -2630,8 +2668,14 @@ static struct module *setup_load_info(struct load_info *info) |
2024 |
static int check_modinfo(struct module *mod, struct load_info *info) |
2025 |
{ |
2026 |
const char *modmagic = get_modinfo(info, "vermagic"); |
2027 |
@@ -70169,7 +70205,7 @@ index 6e48c3a..ac2ef5b 100644 |
2028 |
/* This is allowed: modprobe --force will invalidate it. */ |
2029 |
if (!modmagic) { |
2030 |
err = try_to_force_load(mod, "bad vermagic"); |
2031 |
-@@ -2634,7 +2678,7 @@ static int check_modinfo(struct module *mod, struct load_info *info) |
2032 |
+@@ -2654,7 +2698,7 @@ static int check_modinfo(struct module *mod, struct load_info *info) |
2033 |
} |
2034 |
|
2035 |
/* Set up license info based on the info section */ |
2036 |
@@ -70178,7 +70214,7 @@ index 6e48c3a..ac2ef5b 100644 |
2037 |
|
2038 |
return 0; |
2039 |
} |
2040 |
-@@ -2728,7 +2772,7 @@ static int move_module(struct module *mod, struct load_info *info) |
2041 |
+@@ -2748,7 +2792,7 @@ static int move_module(struct module *mod, struct load_info *info) |
2042 |
void *ptr; |
2043 |
|
2044 |
/* Do the allocs. */ |
2045 |
@@ -70187,7 +70223,7 @@ index 6e48c3a..ac2ef5b 100644 |
2046 |
/* |
2047 |
* The pointer to this block is stored in the module structure |
2048 |
* which is inside the block. Just mark it as not being a |
2049 |
-@@ -2738,23 +2782,50 @@ static int move_module(struct module *mod, struct load_info *info) |
2050 |
+@@ -2758,23 +2802,50 @@ static int move_module(struct module *mod, struct load_info *info) |
2051 |
if (!ptr) |
2052 |
return -ENOMEM; |
2053 |
|
2054 |
@@ -70246,7 +70282,7 @@ index 6e48c3a..ac2ef5b 100644 |
2055 |
|
2056 |
/* Transfer each section which specifies SHF_ALLOC */ |
2057 |
pr_debug("final section addresses:\n"); |
2058 |
-@@ -2765,16 +2836,45 @@ static int move_module(struct module *mod, struct load_info *info) |
2059 |
+@@ -2785,16 +2856,45 @@ static int move_module(struct module *mod, struct load_info *info) |
2060 |
if (!(shdr->sh_flags & SHF_ALLOC)) |
2061 |
continue; |
2062 |
|
2063 |
@@ -70299,7 +70335,7 @@ index 6e48c3a..ac2ef5b 100644 |
2064 |
pr_debug("\t0x%lx %s\n", |
2065 |
(long)shdr->sh_addr, info->secstrings + shdr->sh_name); |
2066 |
} |
2067 |
-@@ -2829,12 +2929,12 @@ static void flush_module_icache(const struct module *mod) |
2068 |
+@@ -2849,12 +2949,12 @@ static void flush_module_icache(const struct module *mod) |
2069 |
* Do it before processing of module parameters, so the module |
2070 |
* can provide parameter accessor functions of its own. |
2071 |
*/ |
2072 |
@@ -70318,7 +70354,7 @@ index 6e48c3a..ac2ef5b 100644 |
2073 |
|
2074 |
set_fs(old_fs); |
2075 |
} |
2076 |
-@@ -2904,8 +3004,10 @@ out: |
2077 |
+@@ -2924,8 +3024,10 @@ out: |
2078 |
static void module_deallocate(struct module *mod, struct load_info *info) |
2079 |
{ |
2080 |
percpu_modfree(mod); |
2081 |
@@ -70331,7 +70367,7 @@ index 6e48c3a..ac2ef5b 100644 |
2082 |
} |
2083 |
|
2084 |
int __weak module_finalize(const Elf_Ehdr *hdr, |
2085 |
-@@ -2918,7 +3020,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, |
2086 |
+@@ -2938,7 +3040,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, |
2087 |
static int post_relocation(struct module *mod, const struct load_info *info) |
2088 |
{ |
2089 |
/* Sort exception table now relocations are done. */ |
2090 |
@@ -70341,7 +70377,7 @@ index 6e48c3a..ac2ef5b 100644 |
2091 |
|
2092 |
/* Copy relocated percpu area over. */ |
2093 |
percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr, |
2094 |
-@@ -2989,9 +3093,38 @@ static struct module *load_module(void __user *umod, |
2095 |
+@@ -3036,9 +3140,38 @@ again: |
2096 |
if (err) |
2097 |
goto free_unload; |
2098 |
|
2099 |
@@ -70380,23 +70416,9 @@ index 6e48c3a..ac2ef5b 100644 |
2100 |
/* Fix up syms, so that st_value is a pointer to location. */ |
2101 |
err = simplify_symbols(mod, &info); |
2102 |
if (err < 0) |
2103 |
-@@ -3007,13 +3140,6 @@ static struct module *load_module(void __user *umod, |
2104 |
- |
2105 |
- flush_module_icache(mod); |
2106 |
- |
2107 |
-- /* Now copy in args */ |
2108 |
-- mod->args = strndup_user(uargs, ~0UL >> 1); |
2109 |
-- if (IS_ERR(mod->args)) { |
2110 |
-- err = PTR_ERR(mod->args); |
2111 |
-- goto free_arch_cleanup; |
2112 |
-- } |
2113 |
-- |
2114 |
- /* Mark state as coming so strong_try_module_get() ignores us. */ |
2115 |
- mod->state = MODULE_STATE_COMING; |
2116 |
- |
2117 |
-@@ -3081,11 +3207,11 @@ again: |
2118 |
- unlock: |
2119 |
+@@ -3104,11 +3237,11 @@ again: |
2120 |
mutex_unlock(&module_mutex); |
2121 |
+ dynamic_debug_remove(info.debug); |
2122 |
synchronize_sched(); |
2123 |
- kfree(mod->args); |
2124 |
free_arch_cleanup: |
2125 |
@@ -70406,8 +70428,8 @@ index 6e48c3a..ac2ef5b 100644 |
2126 |
+ kfree(mod->args); |
2127 |
free_unload: |
2128 |
module_unload_free(mod); |
2129 |
- free_module: |
2130 |
-@@ -3126,16 +3252,16 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
2131 |
+ unlink_mod: |
2132 |
+@@ -3155,16 +3288,16 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
2133 |
MODULE_STATE_COMING, mod); |
2134 |
|
2135 |
/* Set RO and NX regions for core */ |
2136 |
@@ -70432,7 +70454,7 @@ index 6e48c3a..ac2ef5b 100644 |
2137 |
|
2138 |
do_mod_ctors(mod); |
2139 |
/* Start the module */ |
2140 |
-@@ -3180,11 +3306,12 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
2141 |
+@@ -3209,11 +3342,12 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
2142 |
mod->strtab = mod->core_strtab; |
2143 |
#endif |
2144 |
unset_module_init_ro_nx(mod); |
2145 |
@@ -70450,7 +70472,7 @@ index 6e48c3a..ac2ef5b 100644 |
2146 |
mutex_unlock(&module_mutex); |
2147 |
wake_up_all(&module_wq); |
2148 |
|
2149 |
-@@ -3216,10 +3343,16 @@ static const char *get_ksymbol(struct module *mod, |
2150 |
+@@ -3245,10 +3379,16 @@ static const char *get_ksymbol(struct module *mod, |
2151 |
unsigned long nextval; |
2152 |
|
2153 |
/* At worse, next value is at end of module */ |
2154 |
@@ -70470,8 +70492,8 @@ index 6e48c3a..ac2ef5b 100644 |
2155 |
|
2156 |
/* Scan for closest preceding symbol, and next symbol. (ELF |
2157 |
starts real symbols at 1). */ |
2158 |
-@@ -3454,7 +3587,7 @@ static int m_show(struct seq_file *m, void *p) |
2159 |
- char buf[8]; |
2160 |
+@@ -3501,7 +3641,7 @@ static int m_show(struct seq_file *m, void *p) |
2161 |
+ return 0; |
2162 |
|
2163 |
seq_printf(m, "%s %u", |
2164 |
- mod->name, mod->init_size + mod->core_size); |
2165 |
@@ -70479,7 +70501,7 @@ index 6e48c3a..ac2ef5b 100644 |
2166 |
print_unload_info(m, mod); |
2167 |
|
2168 |
/* Informative for users. */ |
2169 |
-@@ -3463,7 +3596,7 @@ static int m_show(struct seq_file *m, void *p) |
2170 |
+@@ -3510,7 +3650,7 @@ static int m_show(struct seq_file *m, void *p) |
2171 |
mod->state == MODULE_STATE_COMING ? "Loading": |
2172 |
"Live"); |
2173 |
/* Used by oprofile and other similar tools. */ |
2174 |
@@ -70488,7 +70510,7 @@ index 6e48c3a..ac2ef5b 100644 |
2175 |
|
2176 |
/* Taints info */ |
2177 |
if (mod->taints) |
2178 |
-@@ -3499,7 +3632,17 @@ static const struct file_operations proc_modules_operations = { |
2179 |
+@@ -3546,7 +3686,17 @@ static const struct file_operations proc_modules_operations = { |
2180 |
|
2181 |
static int __init proc_modules_init(void) |
2182 |
{ |
2183 |
@@ -70506,7 +70528,7 @@ index 6e48c3a..ac2ef5b 100644 |
2184 |
return 0; |
2185 |
} |
2186 |
module_init(proc_modules_init); |
2187 |
-@@ -3558,12 +3701,12 @@ struct module *__module_address(unsigned long addr) |
2188 |
+@@ -3607,14 +3757,14 @@ struct module *__module_address(unsigned long addr) |
2189 |
{ |
2190 |
struct module *mod; |
2191 |
|
2192 |
@@ -70515,14 +70537,16 @@ index 6e48c3a..ac2ef5b 100644 |
2193 |
+ (addr < module_addr_min_rw || addr > module_addr_max_rw)) |
2194 |
return NULL; |
2195 |
|
2196 |
- list_for_each_entry_rcu(mod, &modules, list) |
2197 |
+ list_for_each_entry_rcu(mod, &modules, list) { |
2198 |
+ if (mod->state == MODULE_STATE_UNFORMED) |
2199 |
+ continue; |
2200 |
- if (within_module_core(addr, mod) |
2201 |
- || within_module_init(addr, mod)) |
2202 |
+ if (within_module_init(addr, mod) || within_module_core(addr, mod)) |
2203 |
return mod; |
2204 |
+ } |
2205 |
return NULL; |
2206 |
- } |
2207 |
-@@ -3597,11 +3740,20 @@ bool is_module_text_address(unsigned long addr) |
2208 |
+@@ -3649,11 +3799,20 @@ bool is_module_text_address(unsigned long addr) |
2209 |
*/ |
2210 |
struct module *__module_text_address(unsigned long addr) |
2211 |
{ |
2212 |
@@ -71025,10 +71049,10 @@ index 76b8e77..a2930e8 100644 |
2213 |
} |
2214 |
|
2215 |
diff --git a/kernel/ptrace.c b/kernel/ptrace.c |
2216 |
-index 1f5e55d..8b8f969 100644 |
2217 |
+index fbea91d..9bf15e8 100644 |
2218 |
--- a/kernel/ptrace.c |
2219 |
+++ b/kernel/ptrace.c |
2220 |
-@@ -280,7 +280,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
2221 |
+@@ -319,7 +319,7 @@ static int ptrace_attach(struct task_struct *task, long request, |
2222 |
|
2223 |
if (seize) |
2224 |
flags |= PT_SEIZED; |
2225 |
@@ -71037,7 +71061,7 @@ index 1f5e55d..8b8f969 100644 |
2226 |
flags |= PT_PTRACE_CAP; |
2227 |
task->ptrace = flags; |
2228 |
|
2229 |
-@@ -487,7 +487,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst |
2230 |
+@@ -526,7 +526,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst |
2231 |
break; |
2232 |
return -EIO; |
2233 |
} |
2234 |
@@ -71046,7 +71070,7 @@ index 1f5e55d..8b8f969 100644 |
2235 |
return -EFAULT; |
2236 |
copied += retval; |
2237 |
src += retval; |
2238 |
-@@ -672,7 +672,7 @@ int ptrace_request(struct task_struct *child, long request, |
2239 |
+@@ -711,7 +711,7 @@ int ptrace_request(struct task_struct *child, long request, |
2240 |
bool seized = child->ptrace & PT_SEIZED; |
2241 |
int ret = -EIO; |
2242 |
siginfo_t siginfo, *si; |
2243 |
@@ -71055,7 +71079,7 @@ index 1f5e55d..8b8f969 100644 |
2244 |
unsigned long __user *datalp = datavp; |
2245 |
unsigned long flags; |
2246 |
|
2247 |
-@@ -874,14 +874,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, |
2248 |
+@@ -913,14 +913,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, |
2249 |
goto out; |
2250 |
} |
2251 |
|
2252 |
@@ -71078,7 +71102,7 @@ index 1f5e55d..8b8f969 100644 |
2253 |
goto out_put_task_struct; |
2254 |
} |
2255 |
|
2256 |
-@@ -907,7 +914,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, |
2257 |
+@@ -948,7 +955,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr, |
2258 |
copied = access_process_vm(tsk, addr, &tmp, sizeof(tmp), 0); |
2259 |
if (copied != sizeof(tmp)) |
2260 |
return -EIO; |
2261 |
@@ -71087,7 +71111,7 @@ index 1f5e55d..8b8f969 100644 |
2262 |
} |
2263 |
|
2264 |
int generic_ptrace_pokedata(struct task_struct *tsk, unsigned long addr, |
2265 |
-@@ -1017,14 +1024,21 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, |
2266 |
+@@ -1058,14 +1065,21 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, |
2267 |
goto out; |
2268 |
} |
2269 |
|
2270 |
@@ -71739,10 +71763,10 @@ index 15f60d0..7e50319 100644 |
2271 |
#ifdef CONFIG_RT_GROUP_SCHED |
2272 |
/* |
2273 |
diff --git a/kernel/sched/core.c b/kernel/sched/core.c |
2274 |
-index 2d8927f..f617765 100644 |
2275 |
+index c529d00..d00b4f3 100644 |
2276 |
--- a/kernel/sched/core.c |
2277 |
+++ b/kernel/sched/core.c |
2278 |
-@@ -3562,6 +3562,8 @@ int can_nice(const struct task_struct *p, const int nice) |
2279 |
+@@ -3563,6 +3563,8 @@ int can_nice(const struct task_struct *p, const int nice) |
2280 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
2281 |
int nice_rlim = 20 - nice; |
2282 |
|
2283 |
@@ -71751,7 +71775,7 @@ index 2d8927f..f617765 100644 |
2284 |
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || |
2285 |
capable(CAP_SYS_NICE)); |
2286 |
} |
2287 |
-@@ -3595,7 +3597,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
2288 |
+@@ -3596,7 +3598,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
2289 |
if (nice > 19) |
2290 |
nice = 19; |
2291 |
|
2292 |
@@ -71761,7 +71785,7 @@ index 2d8927f..f617765 100644 |
2293 |
return -EPERM; |
2294 |
|
2295 |
retval = security_task_setnice(current, nice); |
2296 |
-@@ -3749,6 +3752,7 @@ recheck: |
2297 |
+@@ -3750,6 +3753,7 @@ recheck: |
2298 |
unsigned long rlim_rtprio = |
2299 |
task_rlimit(p, RLIMIT_RTPRIO); |
2300 |
|
2301 |
@@ -71783,7 +71807,7 @@ index 6b800a1..0c36227 100644 |
2302 |
int this_cpu = smp_processor_id(); |
2303 |
struct rq *this_rq = cpu_rq(this_cpu); |
2304 |
diff --git a/kernel/signal.c b/kernel/signal.c |
2305 |
-index e4d4014..76cf5dd 100644 |
2306 |
+index 57dde52..2c561f0 100644 |
2307 |
--- a/kernel/signal.c |
2308 |
+++ b/kernel/signal.c |
2309 |
@@ -49,12 +49,12 @@ static struct kmem_cache *sigqueue_cachep; |
2310 |
@@ -71829,7 +71853,7 @@ index e4d4014..76cf5dd 100644 |
2311 |
if (is_global_init(tsk)) |
2312 |
return 1; |
2313 |
if (handler != SIG_IGN && handler != SIG_DFL) |
2314 |
-@@ -817,6 +820,13 @@ static int check_kill_permission(int sig, struct siginfo *info, |
2315 |
+@@ -811,6 +814,13 @@ static int check_kill_permission(int sig, struct siginfo *info, |
2316 |
} |
2317 |
} |
2318 |
|
2319 |
@@ -71843,7 +71867,7 @@ index e4d4014..76cf5dd 100644 |
2320 |
return security_task_kill(t, info, sig, 0); |
2321 |
} |
2322 |
|
2323 |
-@@ -1198,7 +1208,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) |
2324 |
+@@ -1192,7 +1202,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) |
2325 |
return send_signal(sig, info, p, 1); |
2326 |
} |
2327 |
|
2328 |
@@ -71852,7 +71876,7 @@ index e4d4014..76cf5dd 100644 |
2329 |
specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
2330 |
{ |
2331 |
return send_signal(sig, info, t, 0); |
2332 |
-@@ -1235,6 +1245,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
2333 |
+@@ -1229,6 +1239,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
2334 |
unsigned long int flags; |
2335 |
int ret, blocked, ignored; |
2336 |
struct k_sigaction *action; |
2337 |
@@ -71860,7 +71884,7 @@ index e4d4014..76cf5dd 100644 |
2338 |
|
2339 |
spin_lock_irqsave(&t->sighand->siglock, flags); |
2340 |
action = &t->sighand->action[sig-1]; |
2341 |
-@@ -1249,9 +1260,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
2342 |
+@@ -1243,9 +1254,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) |
2343 |
} |
2344 |
if (action->sa.sa_handler == SIG_DFL) |
2345 |
t->signal->flags &= ~SIGNAL_UNKILLABLE; |
2346 |
@@ -71879,7 +71903,7 @@ index e4d4014..76cf5dd 100644 |
2347 |
return ret; |
2348 |
} |
2349 |
|
2350 |
-@@ -1318,8 +1338,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) |
2351 |
+@@ -1312,8 +1332,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) |
2352 |
ret = check_kill_permission(sig, info, p); |
2353 |
rcu_read_unlock(); |
2354 |
|
2355 |
@@ -71892,7 +71916,7 @@ index e4d4014..76cf5dd 100644 |
2356 |
|
2357 |
return ret; |
2358 |
} |
2359 |
-@@ -2864,7 +2887,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
2360 |
+@@ -2863,7 +2886,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) |
2361 |
int error = -ESRCH; |
2362 |
|
2363 |
rcu_read_lock(); |
2364 |
@@ -72672,7 +72696,7 @@ index c0bd030..62a1927 100644 |
2365 |
ret = -EIO; |
2366 |
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt, |
2367 |
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c |
2368 |
-index 51b7159..18137d6 100644 |
2369 |
+index 356bc2f..7c94fc0 100644 |
2370 |
--- a/kernel/trace/ftrace.c |
2371 |
+++ b/kernel/trace/ftrace.c |
2372 |
@@ -1874,12 +1874,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) |
2373 |
@@ -73270,10 +73294,10 @@ index 06fdfa1..97c5c7d 100644 |
2374 |
} |
2375 |
EXPORT_SYMBOL(bitmap_parselist_user); |
2376 |
diff --git a/lib/bug.c b/lib/bug.c |
2377 |
-index a28c141..2bd3d95 100644 |
2378 |
+index d0cdf14..4d07bd2 100644 |
2379 |
--- a/lib/bug.c |
2380 |
+++ b/lib/bug.c |
2381 |
-@@ -133,6 +133,8 @@ enum bug_trap_type report_bug(unsigned long bugaddr, struct pt_regs *regs) |
2382 |
+@@ -134,6 +134,8 @@ enum bug_trap_type report_bug(unsigned long bugaddr, struct pt_regs *regs) |
2383 |
return BUG_TRAP_TYPE_NONE; |
2384 |
|
2385 |
bug = find_bug(bugaddr); |
2386 |
@@ -73916,7 +73940,7 @@ index 3c5197d..08d0065 100644 |
2387 |
#ifdef CONFIG_MEMORY_FAILURE |
2388 |
extern bool is_free_buddy_page(struct page *page); |
2389 |
diff --git a/mm/kmemleak.c b/mm/kmemleak.c |
2390 |
-index a217cc5..74c9ec0 100644 |
2391 |
+index a217cc5..44b2b35 100644 |
2392 |
--- a/mm/kmemleak.c |
2393 |
+++ b/mm/kmemleak.c |
2394 |
@@ -363,7 +363,7 @@ static void print_unreferenced(struct seq_file *seq, |
2395 |
@@ -73924,10 +73948,19 @@ index a217cc5..74c9ec0 100644 |
2396 |
for (i = 0; i < object->trace_len; i++) { |
2397 |
void *ptr = (void *)object->trace[i]; |
2398 |
- seq_printf(seq, " [<%p>] %pS\n", ptr, ptr); |
2399 |
-+ seq_printf(seq, " [<%p>] %pA\n", ptr, ptr); |
2400 |
++ seq_printf(seq, " [<%pP>] %pA\n", ptr, ptr); |
2401 |
} |
2402 |
} |
2403 |
|
2404 |
+@@ -1852,7 +1852,7 @@ static int __init kmemleak_late_init(void) |
2405 |
+ return -ENOMEM; |
2406 |
+ } |
2407 |
+ |
2408 |
+- dentry = debugfs_create_file("kmemleak", S_IRUGO, NULL, NULL, |
2409 |
++ dentry = debugfs_create_file("kmemleak", S_IRUSR, NULL, NULL, |
2410 |
+ &kmemleak_fops); |
2411 |
+ if (!dentry) |
2412 |
+ pr_warning("Failed to create the debugfs kmemleak file\n"); |
2413 |
diff --git a/mm/maccess.c b/mm/maccess.c |
2414 |
index d53adf9..03a24bf 100644 |
2415 |
--- a/mm/maccess.c |
2416 |
|
2417 |
diff --git a/3.7.4/4425_grsec_remove_EI_PAX.patch b/3.7.5/4425_grsec_remove_EI_PAX.patch |
2418 |
similarity index 100% |
2419 |
rename from 3.7.4/4425_grsec_remove_EI_PAX.patch |
2420 |
rename to 3.7.5/4425_grsec_remove_EI_PAX.patch |
2421 |
|
2422 |
diff --git a/3.7.4/4430_grsec-remove-localversion-grsec.patch b/3.7.5/4430_grsec-remove-localversion-grsec.patch |
2423 |
similarity index 100% |
2424 |
rename from 3.7.4/4430_grsec-remove-localversion-grsec.patch |
2425 |
rename to 3.7.5/4430_grsec-remove-localversion-grsec.patch |
2426 |
|
2427 |
diff --git a/3.7.4/4435_grsec-mute-warnings.patch b/3.7.5/4435_grsec-mute-warnings.patch |
2428 |
similarity index 100% |
2429 |
rename from 3.7.4/4435_grsec-mute-warnings.patch |
2430 |
rename to 3.7.5/4435_grsec-mute-warnings.patch |
2431 |
|
2432 |
diff --git a/3.7.4/4440_grsec-remove-protected-paths.patch b/3.7.5/4440_grsec-remove-protected-paths.patch |
2433 |
similarity index 100% |
2434 |
rename from 3.7.4/4440_grsec-remove-protected-paths.patch |
2435 |
rename to 3.7.5/4440_grsec-remove-protected-paths.patch |
2436 |
|
2437 |
diff --git a/3.7.4/4450_grsec-kconfig-default-gids.patch b/3.7.5/4450_grsec-kconfig-default-gids.patch |
2438 |
similarity index 100% |
2439 |
rename from 3.7.4/4450_grsec-kconfig-default-gids.patch |
2440 |
rename to 3.7.5/4450_grsec-kconfig-default-gids.patch |
2441 |
|
2442 |
diff --git a/3.7.4/4465_selinux-avc_audit-log-curr_ip.patch b/3.7.5/4465_selinux-avc_audit-log-curr_ip.patch |
2443 |
similarity index 100% |
2444 |
rename from 3.7.4/4465_selinux-avc_audit-log-curr_ip.patch |
2445 |
rename to 3.7.5/4465_selinux-avc_audit-log-curr_ip.patch |
2446 |
|
2447 |
diff --git a/3.7.4/4470_disable-compat_vdso.patch b/3.7.5/4470_disable-compat_vdso.patch |
2448 |
similarity index 100% |
2449 |
rename from 3.7.4/4470_disable-compat_vdso.patch |
2450 |
rename to 3.7.5/4470_disable-compat_vdso.patch |