1 |
commit: 9702cf7ee1699958f6aa0d934e6915ba8959ac17 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jan 28 02:35:12 2013 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jan 28 02:35:12 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=9702cf7e |
7 |
|
8 |
Grsec/PaX: 2.9.1-3.7.4-201301252226 |
9 |
|
10 |
--- |
11 |
3.7.4/0000_README | 6 +- |
12 |
3.7.4/1003_linux-3.7.4.patch | 1266 -------------------- |
13 |
...4420_grsecurity-2.9.1-3.7.4-201301252226.patch} | 164 ++- |
14 |
3 files changed, 120 insertions(+), 1316 deletions(-) |
15 |
|
16 |
diff --git a/3.7.4/0000_README b/3.7.4/0000_README |
17 |
index b3b6291..f410177 100644 |
18 |
--- a/3.7.4/0000_README |
19 |
+++ b/3.7.4/0000_README |
20 |
@@ -2,11 +2,7 @@ README |
21 |
----------------------------------------------------------------------------- |
22 |
Individual Patch Descriptions: |
23 |
----------------------------------------------------------------------------- |
24 |
-Patch: 1003_linux-3.7.4.patch |
25 |
-From: http://www.kernel.org |
26 |
-Desc: Linux 3.7.4 |
27 |
- |
28 |
-Patch: 4420_grsecurity-2.9.1-3.7.4-201301230048.patch |
29 |
+Patch: 4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
30 |
From: http://www.grsecurity.net |
31 |
Desc: hardened-sources base patch from upstream grsecurity |
32 |
|
33 |
|
34 |
diff --git a/3.7.4/1003_linux-3.7.4.patch b/3.7.4/1003_linux-3.7.4.patch |
35 |
deleted file mode 100644 |
36 |
index a0c6ff7..0000000 |
37 |
--- a/3.7.4/1003_linux-3.7.4.patch |
38 |
+++ /dev/null |
39 |
@@ -1,1266 +0,0 @@ |
40 |
-diff --git a/Makefile b/Makefile |
41 |
-index 51a9bda..f9196bc 100644 |
42 |
---- a/Makefile |
43 |
-+++ b/Makefile |
44 |
-@@ -1,6 +1,6 @@ |
45 |
- VERSION = 3 |
46 |
- PATCHLEVEL = 7 |
47 |
--SUBLEVEL = 3 |
48 |
-+SUBLEVEL = 4 |
49 |
- EXTRAVERSION = |
50 |
- NAME = Terrified Chipmunk |
51 |
- |
52 |
-diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h |
53 |
-index 64b1339..7adf414 100644 |
54 |
---- a/arch/arm64/include/asm/pgtable.h |
55 |
-+++ b/arch/arm64/include/asm/pgtable.h |
56 |
-@@ -132,9 +132,8 @@ extern struct page *empty_zero_page; |
57 |
- #define pte_write(pte) (!(pte_val(pte) & PTE_RDONLY)) |
58 |
- #define pte_exec(pte) (!(pte_val(pte) & PTE_UXN)) |
59 |
- |
60 |
--#define pte_present_exec_user(pte) \ |
61 |
-- ((pte_val(pte) & (PTE_VALID | PTE_USER | PTE_UXN)) == \ |
62 |
-- (PTE_VALID | PTE_USER)) |
63 |
-+#define pte_present_user(pte) \ |
64 |
-+ ((pte_val(pte) & (PTE_VALID | PTE_USER)) == (PTE_VALID | PTE_USER)) |
65 |
- |
66 |
- #define PTE_BIT_FUNC(fn,op) \ |
67 |
- static inline pte_t pte_##fn(pte_t pte) { pte_val(pte) op; return pte; } |
68 |
-@@ -157,10 +156,13 @@ extern void __sync_icache_dcache(pte_t pteval, unsigned long addr); |
69 |
- static inline void set_pte_at(struct mm_struct *mm, unsigned long addr, |
70 |
- pte_t *ptep, pte_t pte) |
71 |
- { |
72 |
-- if (pte_present_exec_user(pte)) |
73 |
-- __sync_icache_dcache(pte, addr); |
74 |
-- if (!pte_dirty(pte)) |
75 |
-- pte = pte_wrprotect(pte); |
76 |
-+ if (pte_present_user(pte)) { |
77 |
-+ if (pte_exec(pte)) |
78 |
-+ __sync_icache_dcache(pte, addr); |
79 |
-+ if (!pte_dirty(pte)) |
80 |
-+ pte = pte_wrprotect(pte); |
81 |
-+ } |
82 |
-+ |
83 |
- set_pte(ptep, pte); |
84 |
- } |
85 |
- |
86 |
-diff --git a/arch/s390/include/asm/timex.h b/arch/s390/include/asm/timex.h |
87 |
-index fba4d66..4c060bb 100644 |
88 |
---- a/arch/s390/include/asm/timex.h |
89 |
-+++ b/arch/s390/include/asm/timex.h |
90 |
-@@ -128,4 +128,32 @@ static inline unsigned long long get_clock_monotonic(void) |
91 |
- return get_clock_xt() - sched_clock_base_cc; |
92 |
- } |
93 |
- |
94 |
-+/** |
95 |
-+ * tod_to_ns - convert a TOD format value to nanoseconds |
96 |
-+ * @todval: to be converted TOD format value |
97 |
-+ * Returns: number of nanoseconds that correspond to the TOD format value |
98 |
-+ * |
99 |
-+ * Converting a 64 Bit TOD format value to nanoseconds means that the value |
100 |
-+ * must be divided by 4.096. In order to achieve that we multiply with 125 |
101 |
-+ * and divide by 512: |
102 |
-+ * |
103 |
-+ * ns = (todval * 125) >> 9; |
104 |
-+ * |
105 |
-+ * In order to avoid an overflow with the multiplication we can rewrite this. |
106 |
-+ * With a split todval == 2^32 * th + tl (th upper 32 bits, tl lower 32 bits) |
107 |
-+ * we end up with |
108 |
-+ * |
109 |
-+ * ns = ((2^32 * th + tl) * 125 ) >> 9; |
110 |
-+ * -> ns = (2^23 * th * 125) + ((tl * 125) >> 9); |
111 |
-+ * |
112 |
-+ */ |
113 |
-+static inline unsigned long long tod_to_ns(unsigned long long todval) |
114 |
-+{ |
115 |
-+ unsigned long long ns; |
116 |
-+ |
117 |
-+ ns = ((todval >> 32) << 23) * 125; |
118 |
-+ ns += ((todval & 0xffffffff) * 125) >> 9; |
119 |
-+ return ns; |
120 |
-+} |
121 |
-+ |
122 |
- #endif |
123 |
-diff --git a/arch/s390/kernel/time.c b/arch/s390/kernel/time.c |
124 |
-index 7fcd690..b5d8a18 100644 |
125 |
---- a/arch/s390/kernel/time.c |
126 |
-+++ b/arch/s390/kernel/time.c |
127 |
-@@ -63,7 +63,7 @@ static DEFINE_PER_CPU(struct clock_event_device, comparators); |
128 |
- */ |
129 |
- unsigned long long notrace __kprobes sched_clock(void) |
130 |
- { |
131 |
-- return (get_clock_monotonic() * 125) >> 9; |
132 |
-+ return tod_to_ns(get_clock_monotonic()); |
133 |
- } |
134 |
- |
135 |
- /* |
136 |
-diff --git a/arch/s390/kvm/interrupt.c b/arch/s390/kvm/interrupt.c |
137 |
-index ff1e2f8..d533389 100644 |
138 |
---- a/arch/s390/kvm/interrupt.c |
139 |
-+++ b/arch/s390/kvm/interrupt.c |
140 |
-@@ -408,7 +408,7 @@ int kvm_s390_handle_wait(struct kvm_vcpu *vcpu) |
141 |
- return 0; |
142 |
- } |
143 |
- |
144 |
-- sltime = ((vcpu->arch.sie_block->ckc - now)*125)>>9; |
145 |
-+ sltime = tod_to_ns(vcpu->arch.sie_block->ckc - now); |
146 |
- |
147 |
- hrtimer_start(&vcpu->arch.ckc_timer, ktime_set (0, sltime) , HRTIMER_MODE_REL); |
148 |
- VCPU_EVENT(vcpu, 5, "enabled wait via clock comparator: %llx ns", sltime); |
149 |
-diff --git a/arch/sh/include/asm/elf.h b/arch/sh/include/asm/elf.h |
150 |
-index 37924af..bf9f44f 100644 |
151 |
---- a/arch/sh/include/asm/elf.h |
152 |
-+++ b/arch/sh/include/asm/elf.h |
153 |
-@@ -203,9 +203,9 @@ extern void __kernel_vsyscall; |
154 |
- if (vdso_enabled) \ |
155 |
- NEW_AUX_ENT(AT_SYSINFO_EHDR, VDSO_BASE); \ |
156 |
- else \ |
157 |
-- NEW_AUX_ENT(AT_IGNORE, 0); |
158 |
-+ NEW_AUX_ENT(AT_IGNORE, 0) |
159 |
- #else |
160 |
--#define VSYSCALL_AUX_ENT |
161 |
-+#define VSYSCALL_AUX_ENT NEW_AUX_ENT(AT_IGNORE, 0) |
162 |
- #endif /* CONFIG_VSYSCALL */ |
163 |
- |
164 |
- #ifdef CONFIG_SH_FPU |
165 |
-diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S |
166 |
-index 88b725a..cf8639b 100644 |
167 |
---- a/arch/x86/kernel/entry_32.S |
168 |
-+++ b/arch/x86/kernel/entry_32.S |
169 |
-@@ -1084,7 +1084,6 @@ ENTRY(xen_failsafe_callback) |
170 |
- lea 16(%esp),%esp |
171 |
- CFI_ADJUST_CFA_OFFSET -16 |
172 |
- jz 5f |
173 |
-- addl $16,%esp |
174 |
- jmp iret_exc |
175 |
- 5: pushl_cfi $-1 /* orig_ax = -1 => not a system call */ |
176 |
- SAVE_ALL |
177 |
-diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c |
178 |
-index ca45696..86c524c 100644 |
179 |
---- a/arch/x86/kernel/setup.c |
180 |
-+++ b/arch/x86/kernel/setup.c |
181 |
-@@ -614,6 +614,81 @@ static __init void reserve_ibft_region(void) |
182 |
- |
183 |
- static unsigned reserve_low = CONFIG_X86_RESERVE_LOW << 10; |
184 |
- |
185 |
-+static bool __init snb_gfx_workaround_needed(void) |
186 |
-+{ |
187 |
-+ int i; |
188 |
-+ u16 vendor, devid; |
189 |
-+ static const u16 snb_ids[] = { |
190 |
-+ 0x0102, |
191 |
-+ 0x0112, |
192 |
-+ 0x0122, |
193 |
-+ 0x0106, |
194 |
-+ 0x0116, |
195 |
-+ 0x0126, |
196 |
-+ 0x010a, |
197 |
-+ }; |
198 |
-+ |
199 |
-+ /* Assume no if something weird is going on with PCI */ |
200 |
-+ if (!early_pci_allowed()) |
201 |
-+ return false; |
202 |
-+ |
203 |
-+ vendor = read_pci_config_16(0, 2, 0, PCI_VENDOR_ID); |
204 |
-+ if (vendor != 0x8086) |
205 |
-+ return false; |
206 |
-+ |
207 |
-+ devid = read_pci_config_16(0, 2, 0, PCI_DEVICE_ID); |
208 |
-+ for (i = 0; i < ARRAY_SIZE(snb_ids); i++) |
209 |
-+ if (devid == snb_ids[i]) |
210 |
-+ return true; |
211 |
-+ |
212 |
-+ return false; |
213 |
-+} |
214 |
-+ |
215 |
-+/* |
216 |
-+ * Sandy Bridge graphics has trouble with certain ranges, exclude |
217 |
-+ * them from allocation. |
218 |
-+ */ |
219 |
-+static void __init trim_snb_memory(void) |
220 |
-+{ |
221 |
-+ static const unsigned long bad_pages[] = { |
222 |
-+ 0x20050000, |
223 |
-+ 0x20110000, |
224 |
-+ 0x20130000, |
225 |
-+ 0x20138000, |
226 |
-+ 0x40004000, |
227 |
-+ }; |
228 |
-+ int i; |
229 |
-+ |
230 |
-+ if (!snb_gfx_workaround_needed()) |
231 |
-+ return; |
232 |
-+ |
233 |
-+ printk(KERN_DEBUG "reserving inaccessible SNB gfx pages\n"); |
234 |
-+ |
235 |
-+ /* |
236 |
-+ * Reserve all memory below the 1 MB mark that has not |
237 |
-+ * already been reserved. |
238 |
-+ */ |
239 |
-+ memblock_reserve(0, 1<<20); |
240 |
-+ |
241 |
-+ for (i = 0; i < ARRAY_SIZE(bad_pages); i++) { |
242 |
-+ if (memblock_reserve(bad_pages[i], PAGE_SIZE)) |
243 |
-+ printk(KERN_WARNING "failed to reserve 0x%08lx\n", |
244 |
-+ bad_pages[i]); |
245 |
-+ } |
246 |
-+} |
247 |
-+ |
248 |
-+/* |
249 |
-+ * Here we put platform-specific memory range workarounds, i.e. |
250 |
-+ * memory known to be corrupt or otherwise in need to be reserved on |
251 |
-+ * specific platforms. |
252 |
-+ * |
253 |
-+ * If this gets used more widely it could use a real dispatch mechanism. |
254 |
-+ */ |
255 |
-+static void __init trim_platform_memory_ranges(void) |
256 |
-+{ |
257 |
-+ trim_snb_memory(); |
258 |
-+} |
259 |
-+ |
260 |
- static void __init trim_bios_range(void) |
261 |
- { |
262 |
- /* |
263 |
-@@ -634,6 +709,7 @@ static void __init trim_bios_range(void) |
264 |
- * take them out. |
265 |
- */ |
266 |
- e820_remove_range(BIOS_BEGIN, BIOS_END - BIOS_BEGIN, E820_RAM, 1); |
267 |
-+ |
268 |
- sanitize_e820_map(e820.map, ARRAY_SIZE(e820.map), &e820.nr_map); |
269 |
- } |
270 |
- |
271 |
-@@ -912,6 +988,8 @@ void __init setup_arch(char **cmdline_p) |
272 |
- |
273 |
- setup_real_mode(); |
274 |
- |
275 |
-+ trim_platform_memory_ranges(); |
276 |
-+ |
277 |
- init_gbpages(); |
278 |
- |
279 |
- /* max_pfn_mapped is updated here */ |
280 |
-diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c |
281 |
-index be5f7aa..3724891 100644 |
282 |
---- a/drivers/base/firmware_class.c |
283 |
-+++ b/drivers/base/firmware_class.c |
284 |
-@@ -295,7 +295,7 @@ static bool fw_read_file_contents(struct file *file, struct firmware_buf *fw_buf |
285 |
- char *buf; |
286 |
- |
287 |
- size = fw_file_size(file); |
288 |
-- if (size < 0) |
289 |
-+ if (size <= 0) |
290 |
- return false; |
291 |
- buf = vmalloc(size); |
292 |
- if (!buf) |
293 |
-diff --git a/drivers/gpu/drm/radeon/r600_cs.c b/drivers/gpu/drm/radeon/r600_cs.c |
294 |
-index 211c402..1a8594b 100644 |
295 |
---- a/drivers/gpu/drm/radeon/r600_cs.c |
296 |
-+++ b/drivers/gpu/drm/radeon/r600_cs.c |
297 |
-@@ -2429,8 +2429,10 @@ static void r600_cs_parser_fini(struct radeon_cs_parser *parser, int error) |
298 |
- kfree(parser->relocs); |
299 |
- for (i = 0; i < parser->nchunks; i++) { |
300 |
- kfree(parser->chunks[i].kdata); |
301 |
-- kfree(parser->chunks[i].kpage[0]); |
302 |
-- kfree(parser->chunks[i].kpage[1]); |
303 |
-+ if (parser->rdev && (parser->rdev->flags & RADEON_IS_AGP)) { |
304 |
-+ kfree(parser->chunks[i].kpage[0]); |
305 |
-+ kfree(parser->chunks[i].kpage[1]); |
306 |
-+ } |
307 |
- } |
308 |
- kfree(parser->chunks); |
309 |
- kfree(parser->chunks_array); |
310 |
-diff --git a/drivers/gpu/drm/radeon/radeon_cs.c b/drivers/gpu/drm/radeon/radeon_cs.c |
311 |
-index 41672cc..dc8d15a 100644 |
312 |
---- a/drivers/gpu/drm/radeon/radeon_cs.c |
313 |
-+++ b/drivers/gpu/drm/radeon/radeon_cs.c |
314 |
-@@ -266,7 +266,7 @@ int radeon_cs_parser_init(struct radeon_cs_parser *p, void *data) |
315 |
- p->chunks[p->chunk_ib_idx].length_dw); |
316 |
- return -EINVAL; |
317 |
- } |
318 |
-- if ((p->rdev->flags & RADEON_IS_AGP)) { |
319 |
-+ if (p->rdev && (p->rdev->flags & RADEON_IS_AGP)) { |
320 |
- p->chunks[p->chunk_ib_idx].kpage[0] = kmalloc(PAGE_SIZE, GFP_KERNEL); |
321 |
- p->chunks[p->chunk_ib_idx].kpage[1] = kmalloc(PAGE_SIZE, GFP_KERNEL); |
322 |
- if (p->chunks[p->chunk_ib_idx].kpage[0] == NULL || |
323 |
-@@ -570,7 +570,8 @@ static int radeon_cs_update_pages(struct radeon_cs_parser *p, int pg_idx) |
324 |
- struct radeon_cs_chunk *ibc = &p->chunks[p->chunk_ib_idx]; |
325 |
- int i; |
326 |
- int size = PAGE_SIZE; |
327 |
-- bool copy1 = (p->rdev->flags & RADEON_IS_AGP) ? false : true; |
328 |
-+ bool copy1 = (p->rdev && (p->rdev->flags & RADEON_IS_AGP)) ? |
329 |
-+ false : true; |
330 |
- |
331 |
- for (i = ibc->last_copied_page + 1; i < pg_idx; i++) { |
332 |
- if (DRM_COPY_FROM_USER(p->ib.ptr + (i * (PAGE_SIZE/4)), |
333 |
-diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c |
334 |
-index 9476c1b..c2c07a4 100644 |
335 |
---- a/drivers/iommu/intel-iommu.c |
336 |
-+++ b/drivers/iommu/intel-iommu.c |
337 |
-@@ -2327,8 +2327,39 @@ static int domain_add_dev_info(struct dmar_domain *domain, |
338 |
- return 0; |
339 |
- } |
340 |
- |
341 |
-+static bool device_has_rmrr(struct pci_dev *dev) |
342 |
-+{ |
343 |
-+ struct dmar_rmrr_unit *rmrr; |
344 |
-+ int i; |
345 |
-+ |
346 |
-+ for_each_rmrr_units(rmrr) { |
347 |
-+ for (i = 0; i < rmrr->devices_cnt; i++) { |
348 |
-+ /* |
349 |
-+ * Return TRUE if this RMRR contains the device that |
350 |
-+ * is passed in. |
351 |
-+ */ |
352 |
-+ if (rmrr->devices[i] == dev) |
353 |
-+ return true; |
354 |
-+ } |
355 |
-+ } |
356 |
-+ return false; |
357 |
-+} |
358 |
-+ |
359 |
- static int iommu_should_identity_map(struct pci_dev *pdev, int startup) |
360 |
- { |
361 |
-+ |
362 |
-+ /* |
363 |
-+ * We want to prevent any device associated with an RMRR from |
364 |
-+ * getting placed into the SI Domain. This is done because |
365 |
-+ * problems exist when devices are moved in and out of domains |
366 |
-+ * and their respective RMRR info is lost. We exempt USB devices |
367 |
-+ * from this process due to their usage of RMRRs that are known |
368 |
-+ * to not be needed after BIOS hand-off to OS. |
369 |
-+ */ |
370 |
-+ if (device_has_rmrr(pdev) && |
371 |
-+ (pdev->class >> 8) != PCI_CLASS_SERIAL_USB) |
372 |
-+ return 0; |
373 |
-+ |
374 |
- if ((iommu_identity_mapping & IDENTMAP_AZALIA) && IS_AZALIA(pdev)) |
375 |
- return 1; |
376 |
- |
377 |
-diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c |
378 |
-index e1ceb37..9b178a3 100644 |
379 |
---- a/drivers/net/ethernet/intel/igb/igb_main.c |
380 |
-+++ b/drivers/net/ethernet/intel/igb/igb_main.c |
381 |
-@@ -909,17 +909,18 @@ static int igb_request_msix(struct igb_adapter *adapter) |
382 |
- { |
383 |
- struct net_device *netdev = adapter->netdev; |
384 |
- struct e1000_hw *hw = &adapter->hw; |
385 |
-- int i, err = 0, vector = 0; |
386 |
-+ int i, err = 0, vector = 0, free_vector = 0; |
387 |
- |
388 |
- err = request_irq(adapter->msix_entries[vector].vector, |
389 |
- igb_msix_other, 0, netdev->name, adapter); |
390 |
- if (err) |
391 |
-- goto out; |
392 |
-- vector++; |
393 |
-+ goto err_out; |
394 |
- |
395 |
- for (i = 0; i < adapter->num_q_vectors; i++) { |
396 |
- struct igb_q_vector *q_vector = adapter->q_vector[i]; |
397 |
- |
398 |
-+ vector++; |
399 |
-+ |
400 |
- q_vector->itr_register = hw->hw_addr + E1000_EITR(vector); |
401 |
- |
402 |
- if (q_vector->rx.ring && q_vector->tx.ring) |
403 |
-@@ -938,13 +939,22 @@ static int igb_request_msix(struct igb_adapter *adapter) |
404 |
- igb_msix_ring, 0, q_vector->name, |
405 |
- q_vector); |
406 |
- if (err) |
407 |
-- goto out; |
408 |
-- vector++; |
409 |
-+ goto err_free; |
410 |
- } |
411 |
- |
412 |
- igb_configure_msix(adapter); |
413 |
- return 0; |
414 |
--out: |
415 |
-+ |
416 |
-+err_free: |
417 |
-+ /* free already assigned IRQs */ |
418 |
-+ free_irq(adapter->msix_entries[free_vector++].vector, adapter); |
419 |
-+ |
420 |
-+ vector--; |
421 |
-+ for (i = 0; i < vector; i++) { |
422 |
-+ free_irq(adapter->msix_entries[free_vector++].vector, |
423 |
-+ adapter->q_vector[i]); |
424 |
-+ } |
425 |
-+err_out: |
426 |
- return err; |
427 |
- } |
428 |
- |
429 |
-diff --git a/drivers/staging/vt6656/bssdb.h b/drivers/staging/vt6656/bssdb.h |
430 |
-index 6b2ec39..806cbf7 100644 |
431 |
---- a/drivers/staging/vt6656/bssdb.h |
432 |
-+++ b/drivers/staging/vt6656/bssdb.h |
433 |
-@@ -90,7 +90,6 @@ typedef struct tagSRSNCapObject { |
434 |
- } SRSNCapObject, *PSRSNCapObject; |
435 |
- |
436 |
- // BSS info(AP) |
437 |
--#pragma pack(1) |
438 |
- typedef struct tagKnownBSS { |
439 |
- // BSS info |
440 |
- BOOL bActive; |
441 |
-diff --git a/drivers/staging/vt6656/int.h b/drivers/staging/vt6656/int.h |
442 |
-index 3734e2c..91ceb77 100644 |
443 |
---- a/drivers/staging/vt6656/int.h |
444 |
-+++ b/drivers/staging/vt6656/int.h |
445 |
-@@ -34,7 +34,6 @@ |
446 |
- #include "device.h" |
447 |
- |
448 |
- /*--------------------- Export Definitions -------------------------*/ |
449 |
--#pragma pack(1) |
450 |
- typedef struct tagSINTData { |
451 |
- BYTE byTSR0; |
452 |
- BYTE byPkt0; |
453 |
-diff --git a/drivers/staging/vt6656/iocmd.h b/drivers/staging/vt6656/iocmd.h |
454 |
-index 22710ce..ae6e2d2 100644 |
455 |
---- a/drivers/staging/vt6656/iocmd.h |
456 |
-+++ b/drivers/staging/vt6656/iocmd.h |
457 |
-@@ -95,13 +95,12 @@ typedef enum tagWZONETYPE { |
458 |
- // Ioctl interface structure |
459 |
- // Command structure |
460 |
- // |
461 |
--#pragma pack(1) |
462 |
- typedef struct tagSCmdRequest { |
463 |
- u8 name[16]; |
464 |
- void *data; |
465 |
- u16 wResult; |
466 |
- u16 wCmdCode; |
467 |
--} SCmdRequest, *PSCmdRequest; |
468 |
-+} __packed SCmdRequest, *PSCmdRequest; |
469 |
- |
470 |
- // |
471 |
- // Scan |
472 |
-@@ -111,7 +110,7 @@ typedef struct tagSCmdScan { |
473 |
- |
474 |
- u8 ssid[SSID_MAXLEN + 2]; |
475 |
- |
476 |
--} SCmdScan, *PSCmdScan; |
477 |
-+} __packed SCmdScan, *PSCmdScan; |
478 |
- |
479 |
- // |
480 |
- // BSS Join |
481 |
-@@ -126,7 +125,7 @@ typedef struct tagSCmdBSSJoin { |
482 |
- BOOL bPSEnable; |
483 |
- BOOL bShareKeyAuth; |
484 |
- |
485 |
--} SCmdBSSJoin, *PSCmdBSSJoin; |
486 |
-+} __packed SCmdBSSJoin, *PSCmdBSSJoin; |
487 |
- |
488 |
- // |
489 |
- // Zonetype Setting |
490 |
-@@ -137,7 +136,7 @@ typedef struct tagSCmdZoneTypeSet { |
491 |
- BOOL bWrite; |
492 |
- WZONETYPE ZoneType; |
493 |
- |
494 |
--} SCmdZoneTypeSet, *PSCmdZoneTypeSet; |
495 |
-+} __packed SCmdZoneTypeSet, *PSCmdZoneTypeSet; |
496 |
- |
497 |
- typedef struct tagSWPAResult { |
498 |
- char ifname[100]; |
499 |
-@@ -145,7 +144,7 @@ typedef struct tagSWPAResult { |
500 |
- u8 key_mgmt; |
501 |
- u8 eap_type; |
502 |
- BOOL authenticated; |
503 |
--} SWPAResult, *PSWPAResult; |
504 |
-+} __packed SWPAResult, *PSWPAResult; |
505 |
- |
506 |
- typedef struct tagSCmdStartAP { |
507 |
- |
508 |
-@@ -157,7 +156,7 @@ typedef struct tagSCmdStartAP { |
509 |
- BOOL bShareKeyAuth; |
510 |
- u8 byBasicRate; |
511 |
- |
512 |
--} SCmdStartAP, *PSCmdStartAP; |
513 |
-+} __packed SCmdStartAP, *PSCmdStartAP; |
514 |
- |
515 |
- typedef struct tagSCmdSetWEP { |
516 |
- |
517 |
-@@ -167,7 +166,7 @@ typedef struct tagSCmdSetWEP { |
518 |
- BOOL bWepKeyAvailable[WEP_NKEYS]; |
519 |
- u32 auWepKeyLength[WEP_NKEYS]; |
520 |
- |
521 |
--} SCmdSetWEP, *PSCmdSetWEP; |
522 |
-+} __packed SCmdSetWEP, *PSCmdSetWEP; |
523 |
- |
524 |
- typedef struct tagSBSSIDItem { |
525 |
- |
526 |
-@@ -180,14 +179,14 @@ typedef struct tagSBSSIDItem { |
527 |
- BOOL bWEPOn; |
528 |
- u32 uRSSI; |
529 |
- |
530 |
--} SBSSIDItem; |
531 |
-+} __packed SBSSIDItem; |
532 |
- |
533 |
- |
534 |
- typedef struct tagSBSSIDList { |
535 |
- |
536 |
- u32 uItem; |
537 |
- SBSSIDItem sBSSIDList[0]; |
538 |
--} SBSSIDList, *PSBSSIDList; |
539 |
-+} __packed SBSSIDList, *PSBSSIDList; |
540 |
- |
541 |
- |
542 |
- typedef struct tagSNodeItem { |
543 |
-@@ -208,7 +207,7 @@ typedef struct tagSNodeItem { |
544 |
- u32 uTxAttempts; |
545 |
- u16 wFailureRatio; |
546 |
- |
547 |
--} SNodeItem; |
548 |
-+} __packed SNodeItem; |
549 |
- |
550 |
- |
551 |
- typedef struct tagSNodeList { |
552 |
-@@ -216,7 +215,7 @@ typedef struct tagSNodeList { |
553 |
- u32 uItem; |
554 |
- SNodeItem sNodeList[0]; |
555 |
- |
556 |
--} SNodeList, *PSNodeList; |
557 |
-+} __packed SNodeList, *PSNodeList; |
558 |
- |
559 |
- |
560 |
- typedef struct tagSCmdLinkStatus { |
561 |
-@@ -229,7 +228,7 @@ typedef struct tagSCmdLinkStatus { |
562 |
- u32 uChannel; |
563 |
- u32 uLinkRate; |
564 |
- |
565 |
--} SCmdLinkStatus, *PSCmdLinkStatus; |
566 |
-+} __packed SCmdLinkStatus, *PSCmdLinkStatus; |
567 |
- |
568 |
- // |
569 |
- // 802.11 counter |
570 |
-@@ -247,7 +246,7 @@ typedef struct tagSDot11MIBCount { |
571 |
- u32 ReceivedFragmentCount; |
572 |
- u32 MulticastReceivedFrameCount; |
573 |
- u32 FCSErrorCount; |
574 |
--} SDot11MIBCount, *PSDot11MIBCount; |
575 |
-+} __packed SDot11MIBCount, *PSDot11MIBCount; |
576 |
- |
577 |
- |
578 |
- |
579 |
-@@ -355,13 +354,13 @@ typedef struct tagSStatMIBCount { |
580 |
- u32 ullTxBroadcastBytes[2]; |
581 |
- u32 ullTxMulticastBytes[2]; |
582 |
- u32 ullTxDirectedBytes[2]; |
583 |
--} SStatMIBCount, *PSStatMIBCount; |
584 |
-+} __packed SStatMIBCount, *PSStatMIBCount; |
585 |
- |
586 |
- typedef struct tagSCmdValue { |
587 |
- |
588 |
- u32 dwValue; |
589 |
- |
590 |
--} SCmdValue, *PSCmdValue; |
591 |
-+} __packed SCmdValue, *PSCmdValue; |
592 |
- |
593 |
- // |
594 |
- // hostapd & viawget ioctl related |
595 |
-@@ -431,7 +430,7 @@ struct viawget_hostapd_param { |
596 |
- u8 ssid[32]; |
597 |
- } scan_req; |
598 |
- } u; |
599 |
--}; |
600 |
-+} __packed; |
601 |
- |
602 |
- /*--------------------- Export Classes ----------------------------*/ |
603 |
- |
604 |
-diff --git a/drivers/staging/vt6656/iowpa.h b/drivers/staging/vt6656/iowpa.h |
605 |
-index 959c886..2522dde 100644 |
606 |
---- a/drivers/staging/vt6656/iowpa.h |
607 |
-+++ b/drivers/staging/vt6656/iowpa.h |
608 |
-@@ -67,12 +67,11 @@ enum { |
609 |
- |
610 |
- |
611 |
- |
612 |
--#pragma pack(1) |
613 |
- typedef struct viawget_wpa_header { |
614 |
- u8 type; |
615 |
- u16 req_ie_len; |
616 |
- u16 resp_ie_len; |
617 |
--} viawget_wpa_header; |
618 |
-+} __packed viawget_wpa_header; |
619 |
- |
620 |
- struct viawget_wpa_param { |
621 |
- u32 cmd; |
622 |
-@@ -113,9 +112,8 @@ struct viawget_wpa_param { |
623 |
- u8 *buf; |
624 |
- } scan_results; |
625 |
- } u; |
626 |
--}; |
627 |
-+} __packed; |
628 |
- |
629 |
--#pragma pack(1) |
630 |
- struct viawget_scan_result { |
631 |
- u8 bssid[6]; |
632 |
- u8 ssid[32]; |
633 |
-@@ -130,7 +128,7 @@ struct viawget_scan_result { |
634 |
- int noise; |
635 |
- int level; |
636 |
- int maxrate; |
637 |
--}; |
638 |
-+} __packed; |
639 |
- |
640 |
- /*--------------------- Export Classes ----------------------------*/ |
641 |
- |
642 |
-diff --git a/drivers/staging/wlan-ng/prism2mgmt.c b/drivers/staging/wlan-ng/prism2mgmt.c |
643 |
-index 4efa9bc..89bfd85 100644 |
644 |
---- a/drivers/staging/wlan-ng/prism2mgmt.c |
645 |
-+++ b/drivers/staging/wlan-ng/prism2mgmt.c |
646 |
-@@ -406,7 +406,7 @@ int prism2mgmt_scan_results(wlandevice_t *wlandev, void *msgp) |
647 |
- /* SSID */ |
648 |
- req->ssid.status = P80211ENUM_msgitem_status_data_ok; |
649 |
- req->ssid.data.len = le16_to_cpu(item->ssid.len); |
650 |
-- req->ssid.data.len = min_t(u16, req->ssid.data.len, WLAN_BSSID_LEN); |
651 |
-+ req->ssid.data.len = min_t(u16, req->ssid.data.len, WLAN_SSID_MAXLEN); |
652 |
- memcpy(req->ssid.data.data, item->ssid.data, req->ssid.data.len); |
653 |
- |
654 |
- /* supported rates */ |
655 |
-diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c |
656 |
-index 9abef9f..0943ff0 100644 |
657 |
---- a/drivers/target/target_core_device.c |
658 |
-+++ b/drivers/target/target_core_device.c |
659 |
-@@ -1624,6 +1624,7 @@ int core_dev_setup_virtual_lun0(void) |
660 |
- ret = PTR_ERR(dev); |
661 |
- goto out; |
662 |
- } |
663 |
-+ dev->dev_link_magic = SE_DEV_LINK_MAGIC; |
664 |
- se_dev->se_dev_ptr = dev; |
665 |
- g_lun0_dev = dev; |
666 |
- |
667 |
-diff --git a/drivers/target/target_core_fabric_configfs.c b/drivers/target/target_core_fabric_configfs.c |
668 |
-index bca737b..a55f91a 100644 |
669 |
---- a/drivers/target/target_core_fabric_configfs.c |
670 |
-+++ b/drivers/target/target_core_fabric_configfs.c |
671 |
-@@ -71,6 +71,12 @@ static int target_fabric_mappedlun_link( |
672 |
- struct se_portal_group *se_tpg; |
673 |
- struct config_item *nacl_ci, *tpg_ci, *tpg_ci_s, *wwn_ci, *wwn_ci_s; |
674 |
- int ret = 0, lun_access; |
675 |
-+ |
676 |
-+ if (lun->lun_link_magic != SE_LUN_LINK_MAGIC) { |
677 |
-+ pr_err("Bad lun->lun_link_magic, not a valid lun_ci pointer:" |
678 |
-+ " %p to struct lun: %p\n", lun_ci, lun); |
679 |
-+ return -EFAULT; |
680 |
-+ } |
681 |
- /* |
682 |
- * Ensure that the source port exists |
683 |
- */ |
684 |
-@@ -745,6 +751,12 @@ static int target_fabric_port_link( |
685 |
- struct target_fabric_configfs *tf; |
686 |
- int ret; |
687 |
- |
688 |
-+ if (dev->dev_link_magic != SE_DEV_LINK_MAGIC) { |
689 |
-+ pr_err("Bad dev->dev_link_magic, not a valid se_dev_ci pointer:" |
690 |
-+ " %p to struct se_device: %p\n", se_dev_ci, dev); |
691 |
-+ return -EFAULT; |
692 |
-+ } |
693 |
-+ |
694 |
- tpg_ci = &lun_ci->ci_parent->ci_group->cg_item; |
695 |
- se_tpg = container_of(to_config_group(tpg_ci), |
696 |
- struct se_portal_group, tpg_group); |
697 |
-diff --git a/drivers/target/target_core_tpg.c b/drivers/target/target_core_tpg.c |
698 |
-index a531fe2..4c34665 100644 |
699 |
---- a/drivers/target/target_core_tpg.c |
700 |
-+++ b/drivers/target/target_core_tpg.c |
701 |
-@@ -672,6 +672,7 @@ int core_tpg_register( |
702 |
- for (i = 0; i < TRANSPORT_MAX_LUNS_PER_TPG; i++) { |
703 |
- lun = se_tpg->tpg_lun_list[i]; |
704 |
- lun->unpacked_lun = i; |
705 |
-+ lun->lun_link_magic = SE_LUN_LINK_MAGIC; |
706 |
- lun->lun_status = TRANSPORT_LUN_STATUS_FREE; |
707 |
- atomic_set(&lun->lun_acl_count, 0); |
708 |
- init_completion(&lun->lun_shutdown_comp); |
709 |
-diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c |
710 |
-index dcecbfb..13fe16c 100644 |
711 |
---- a/drivers/target/target_core_transport.c |
712 |
-+++ b/drivers/target/target_core_transport.c |
713 |
-@@ -545,9 +545,6 @@ static void transport_lun_remove_cmd(struct se_cmd *cmd) |
714 |
- |
715 |
- void transport_cmd_finish_abort(struct se_cmd *cmd, int remove) |
716 |
- { |
717 |
-- if (!(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)) |
718 |
-- transport_lun_remove_cmd(cmd); |
719 |
-- |
720 |
- if (transport_cmd_check_stop_to_fabric(cmd)) |
721 |
- return; |
722 |
- if (remove) |
723 |
-@@ -1074,6 +1071,7 @@ struct se_device *transport_add_device_to_core_hba( |
724 |
- dev->se_hba = hba; |
725 |
- dev->se_sub_dev = se_dev; |
726 |
- dev->transport = transport; |
727 |
-+ dev->dev_link_magic = SE_DEV_LINK_MAGIC; |
728 |
- INIT_LIST_HEAD(&dev->dev_list); |
729 |
- INIT_LIST_HEAD(&dev->dev_sep_list); |
730 |
- INIT_LIST_HEAD(&dev->dev_tmr_list); |
731 |
-@@ -1616,6 +1614,8 @@ static void target_complete_tmr_failure(struct work_struct *work) |
732 |
- |
733 |
- se_cmd->se_tmr_req->response = TMR_LUN_DOES_NOT_EXIST; |
734 |
- se_cmd->se_tfo->queue_tm_rsp(se_cmd); |
735 |
-+ |
736 |
-+ transport_cmd_check_stop_to_fabric(se_cmd); |
737 |
- } |
738 |
- |
739 |
- /** |
740 |
-@@ -1853,6 +1853,7 @@ void target_execute_cmd(struct se_cmd *cmd) |
741 |
- } |
742 |
- |
743 |
- cmd->t_state = TRANSPORT_PROCESSING; |
744 |
-+ cmd->transport_state |= CMD_T_ACTIVE; |
745 |
- spin_unlock_irq(&cmd->t_state_lock); |
746 |
- |
747 |
- if (dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED) |
748 |
-@@ -3024,7 +3025,7 @@ int transport_send_check_condition_and_sense( |
749 |
- /* ILLEGAL REQUEST */ |
750 |
- buffer[SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; |
751 |
- /* LOGICAL UNIT COMMUNICATION FAILURE */ |
752 |
-- buffer[SPC_ASC_KEY_OFFSET] = 0x80; |
753 |
-+ buffer[SPC_ASC_KEY_OFFSET] = 0x08; |
754 |
- break; |
755 |
- } |
756 |
- /* |
757 |
-@@ -3089,6 +3090,8 @@ void transport_send_task_abort(struct se_cmd *cmd) |
758 |
- } |
759 |
- cmd->scsi_status = SAM_STAT_TASK_ABORTED; |
760 |
- |
761 |
-+ transport_lun_remove_cmd(cmd); |
762 |
-+ |
763 |
- pr_debug("Setting SAM_STAT_TASK_ABORTED status for CDB: 0x%02x," |
764 |
- " ITT: 0x%08x\n", cmd->t_task_cdb[0], |
765 |
- cmd->se_tfo->get_task_tag(cmd)); |
766 |
-diff --git a/drivers/target/tcm_fc/tfc_sess.c b/drivers/target/tcm_fc/tfc_sess.c |
767 |
-index 12d6fa2..6659dd3 100644 |
768 |
---- a/drivers/target/tcm_fc/tfc_sess.c |
769 |
-+++ b/drivers/target/tcm_fc/tfc_sess.c |
770 |
-@@ -355,11 +355,11 @@ static int ft_prli_locked(struct fc_rport_priv *rdata, u32 spp_len, |
771 |
- |
772 |
- tport = ft_tport_create(rdata->local_port); |
773 |
- if (!tport) |
774 |
-- return 0; /* not a target for this local port */ |
775 |
-+ goto not_target; /* not a target for this local port */ |
776 |
- |
777 |
- acl = ft_acl_get(tport->tpg, rdata); |
778 |
- if (!acl) |
779 |
-- return 0; |
780 |
-+ goto not_target; /* no target for this remote */ |
781 |
- |
782 |
- if (!rspp) |
783 |
- goto fill; |
784 |
-@@ -396,12 +396,18 @@ static int ft_prli_locked(struct fc_rport_priv *rdata, u32 spp_len, |
785 |
- |
786 |
- /* |
787 |
- * OR in our service parameters with other provider (initiator), if any. |
788 |
-- * TBD XXX - indicate RETRY capability? |
789 |
- */ |
790 |
- fill: |
791 |
- fcp_parm = ntohl(spp->spp_params); |
792 |
-+ fcp_parm &= ~FCP_SPPF_RETRY; |
793 |
- spp->spp_params = htonl(fcp_parm | FCP_SPPF_TARG_FCN); |
794 |
- return FC_SPP_RESP_ACK; |
795 |
-+ |
796 |
-+not_target: |
797 |
-+ fcp_parm = ntohl(spp->spp_params); |
798 |
-+ fcp_parm &= ~FCP_SPPF_TARG_FCN; |
799 |
-+ spp->spp_params = htonl(fcp_parm); |
800 |
-+ return 0; |
801 |
- } |
802 |
- |
803 |
- /** |
804 |
-diff --git a/drivers/tty/pty.c b/drivers/tty/pty.c |
805 |
-index a82b399..8cf8d0a 100644 |
806 |
---- a/drivers/tty/pty.c |
807 |
-+++ b/drivers/tty/pty.c |
808 |
-@@ -395,6 +395,8 @@ static int pty_bsd_ioctl(struct tty_struct *tty, |
809 |
- return pty_set_lock(tty, (int __user *) arg); |
810 |
- case TIOCSIG: /* Send signal to other side of pty */ |
811 |
- return pty_signal(tty, (int) arg); |
812 |
-+ case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ |
813 |
-+ return -EINVAL; |
814 |
- } |
815 |
- return -ENOIOCTLCMD; |
816 |
- } |
817 |
-diff --git a/drivers/tty/serial/8250/8250.c b/drivers/tty/serial/8250/8250.c |
818 |
-index 3ba4234..2c09e64 100644 |
819 |
---- a/drivers/tty/serial/8250/8250.c |
820 |
-+++ b/drivers/tty/serial/8250/8250.c |
821 |
-@@ -290,6 +290,12 @@ static const struct serial8250_config uart_config[] = { |
822 |
- UART_FCR_R_TRIG_00 | UART_FCR_T_TRIG_00, |
823 |
- .flags = UART_CAP_FIFO, |
824 |
- }, |
825 |
-+ [PORT_BRCM_TRUMANAGE] = { |
826 |
-+ .name = "TruManage", |
827 |
-+ .fifo_size = 1, |
828 |
-+ .tx_loadsz = 1024, |
829 |
-+ .flags = UART_CAP_HFIFO, |
830 |
-+ }, |
831 |
- [PORT_8250_CIR] = { |
832 |
- .name = "CIR port" |
833 |
- } |
834 |
-@@ -1441,6 +1447,11 @@ void serial8250_tx_chars(struct uart_8250_port *up) |
835 |
- port->icount.tx++; |
836 |
- if (uart_circ_empty(xmit)) |
837 |
- break; |
838 |
-+ if (up->capabilities & UART_CAP_HFIFO) { |
839 |
-+ if ((serial_port_in(port, UART_LSR) & BOTH_EMPTY) != |
840 |
-+ BOTH_EMPTY) |
841 |
-+ break; |
842 |
-+ } |
843 |
- } while (--count > 0); |
844 |
- |
845 |
- if (uart_circ_chars_pending(xmit) < WAKEUP_CHARS) |
846 |
-diff --git a/drivers/tty/serial/8250/8250.h b/drivers/tty/serial/8250/8250.h |
847 |
-index 5a76f9c..c0be2fa 100644 |
848 |
---- a/drivers/tty/serial/8250/8250.h |
849 |
-+++ b/drivers/tty/serial/8250/8250.h |
850 |
-@@ -40,6 +40,7 @@ struct serial8250_config { |
851 |
- #define UART_CAP_AFE (1 << 11) /* MCR-based hw flow control */ |
852 |
- #define UART_CAP_UUE (1 << 12) /* UART needs IER bit 6 set (Xscale) */ |
853 |
- #define UART_CAP_RTOIE (1 << 13) /* UART needs IER bit 4 set (Xscale, Tegra) */ |
854 |
-+#define UART_CAP_HFIFO (1 << 14) /* UART has a "hidden" FIFO */ |
855 |
- |
856 |
- #define UART_BUG_QUOT (1 << 0) /* UART has buggy quot LSB */ |
857 |
- #define UART_BUG_TXEN (1 << 1) /* UART has buggy TX IIR status */ |
858 |
-diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c |
859 |
-index c3b2ec0..71ce540 100644 |
860 |
---- a/drivers/tty/serial/8250/8250_dw.c |
861 |
-+++ b/drivers/tty/serial/8250/8250_dw.c |
862 |
-@@ -79,7 +79,7 @@ static int dw8250_handle_irq(struct uart_port *p) |
863 |
- } else if ((iir & UART_IIR_BUSY) == UART_IIR_BUSY) { |
864 |
- /* Clear the USR and write the LCR again. */ |
865 |
- (void)p->serial_in(p, UART_USR); |
866 |
-- p->serial_out(p, d->last_lcr, UART_LCR); |
867 |
-+ p->serial_out(p, UART_LCR, d->last_lcr); |
868 |
- |
869 |
- return 1; |
870 |
- } |
871 |
-diff --git a/drivers/tty/serial/8250/8250_pci.c b/drivers/tty/serial/8250/8250_pci.c |
872 |
-index 17b7d26..a29df69 100644 |
873 |
---- a/drivers/tty/serial/8250/8250_pci.c |
874 |
-+++ b/drivers/tty/serial/8250/8250_pci.c |
875 |
-@@ -1085,6 +1085,18 @@ pci_omegapci_setup(struct serial_private *priv, |
876 |
- return setup_port(priv, port, 2, idx * 8, 0); |
877 |
- } |
878 |
- |
879 |
-+static int |
880 |
-+pci_brcm_trumanage_setup(struct serial_private *priv, |
881 |
-+ const struct pciserial_board *board, |
882 |
-+ struct uart_8250_port *port, int idx) |
883 |
-+{ |
884 |
-+ int ret = pci_default_setup(priv, board, port, idx); |
885 |
-+ |
886 |
-+ port->port.type = PORT_BRCM_TRUMANAGE; |
887 |
-+ port->port.flags = (port->port.flags | UPF_FIXED_PORT | UPF_FIXED_TYPE); |
888 |
-+ return ret; |
889 |
-+} |
890 |
-+ |
891 |
- static int skip_tx_en_setup(struct serial_private *priv, |
892 |
- const struct pciserial_board *board, |
893 |
- struct uart_8250_port *port, int idx) |
894 |
-@@ -1213,6 +1225,7 @@ pci_wch_ch353_setup(struct serial_private *priv, |
895 |
- #define PCI_VENDOR_ID_AGESTAR 0x5372 |
896 |
- #define PCI_DEVICE_ID_AGESTAR_9375 0x6872 |
897 |
- #define PCI_VENDOR_ID_ASIX 0x9710 |
898 |
-+#define PCI_DEVICE_ID_BROADCOM_TRUMANAGE 0x160a |
899 |
- |
900 |
- /* Unknown vendors/cards - this should not be in linux/pci_ids.h */ |
901 |
- #define PCI_SUBDEVICE_ID_UNKNOWN_0x1584 0x1584 |
902 |
-@@ -1788,6 +1801,17 @@ static struct pci_serial_quirk pci_serial_quirks[] __refdata = { |
903 |
- .setup = pci_asix_setup, |
904 |
- }, |
905 |
- /* |
906 |
-+ * Broadcom TruManage (NetXtreme) |
907 |
-+ */ |
908 |
-+ { |
909 |
-+ .vendor = PCI_VENDOR_ID_BROADCOM, |
910 |
-+ .device = PCI_DEVICE_ID_BROADCOM_TRUMANAGE, |
911 |
-+ .subvendor = PCI_ANY_ID, |
912 |
-+ .subdevice = PCI_ANY_ID, |
913 |
-+ .setup = pci_brcm_trumanage_setup, |
914 |
-+ }, |
915 |
-+ |
916 |
-+ /* |
917 |
- * Default "match everything" terminator entry |
918 |
- */ |
919 |
- { |
920 |
-@@ -1975,6 +1999,7 @@ enum pci_board_num_t { |
921 |
- pbn_ce4100_1_115200, |
922 |
- pbn_omegapci, |
923 |
- pbn_NETMOS9900_2s_115200, |
924 |
-+ pbn_brcm_trumanage, |
925 |
- }; |
926 |
- |
927 |
- /* |
928 |
-@@ -2674,6 +2699,12 @@ static struct pciserial_board pci_boards[] __devinitdata = { |
929 |
- .num_ports = 2, |
930 |
- .base_baud = 115200, |
931 |
- }, |
932 |
-+ [pbn_brcm_trumanage] = { |
933 |
-+ .flags = FL_BASE0, |
934 |
-+ .num_ports = 1, |
935 |
-+ .reg_shift = 2, |
936 |
-+ .base_baud = 115200, |
937 |
-+ }, |
938 |
- }; |
939 |
- |
940 |
- static const struct pci_device_id blacklist[] = { |
941 |
-@@ -4238,6 +4269,13 @@ static struct pci_device_id serial_pci_tbl[] = { |
942 |
- pbn_omegapci }, |
943 |
- |
944 |
- /* |
945 |
-+ * Broadcom TruManage |
946 |
-+ */ |
947 |
-+ { PCI_VENDOR_ID_BROADCOM, PCI_DEVICE_ID_BROADCOM_TRUMANAGE, |
948 |
-+ PCI_ANY_ID, PCI_ANY_ID, 0, 0, |
949 |
-+ pbn_brcm_trumanage }, |
950 |
-+ |
951 |
-+ /* |
952 |
- * AgeStar as-prs2-009 |
953 |
- */ |
954 |
- { PCI_VENDOR_ID_AGESTAR, PCI_DEVICE_ID_AGESTAR_9375, |
955 |
-diff --git a/drivers/tty/serial/ifx6x60.c b/drivers/tty/serial/ifx6x60.c |
956 |
-index 5b9bc19..f5e9666 100644 |
957 |
---- a/drivers/tty/serial/ifx6x60.c |
958 |
-+++ b/drivers/tty/serial/ifx6x60.c |
959 |
-@@ -552,6 +552,7 @@ static void ifx_port_shutdown(struct tty_port *port) |
960 |
- container_of(port, struct ifx_spi_device, tty_port); |
961 |
- |
962 |
- mrdy_set_low(ifx_dev); |
963 |
-+ del_timer(&ifx_dev->spi_timer); |
964 |
- clear_bit(IFX_SPI_STATE_TIMER_PENDING, &ifx_dev->flags); |
965 |
- tasklet_kill(&ifx_dev->io_work_tasklet); |
966 |
- } |
967 |
-diff --git a/drivers/tty/serial/mxs-auart.c b/drivers/tty/serial/mxs-auart.c |
968 |
-index 6db3baa..ea513c9 100644 |
969 |
---- a/drivers/tty/serial/mxs-auart.c |
970 |
-+++ b/drivers/tty/serial/mxs-auart.c |
971 |
-@@ -260,10 +260,12 @@ static void mxs_auart_set_mctrl(struct uart_port *u, unsigned mctrl) |
972 |
- |
973 |
- u32 ctrl = readl(u->membase + AUART_CTRL2); |
974 |
- |
975 |
-- ctrl &= ~AUART_CTRL2_RTSEN; |
976 |
-+ ctrl &= ~(AUART_CTRL2_RTSEN | AUART_CTRL2_RTS); |
977 |
- if (mctrl & TIOCM_RTS) { |
978 |
- if (tty_port_cts_enabled(&u->state->port)) |
979 |
- ctrl |= AUART_CTRL2_RTSEN; |
980 |
-+ else |
981 |
-+ ctrl |= AUART_CTRL2_RTS; |
982 |
- } |
983 |
- |
984 |
- s->ctrl = mctrl; |
985 |
-diff --git a/drivers/tty/serial/vt8500_serial.c b/drivers/tty/serial/vt8500_serial.c |
986 |
-index 205d4cf..f528cc2 100644 |
987 |
---- a/drivers/tty/serial/vt8500_serial.c |
988 |
-+++ b/drivers/tty/serial/vt8500_serial.c |
989 |
-@@ -604,7 +604,7 @@ static int __devinit vt8500_serial_probe(struct platform_device *pdev) |
990 |
- vt8500_port->uart.flags = UPF_IOREMAP | UPF_BOOT_AUTOCONF; |
991 |
- |
992 |
- vt8500_port->clk = of_clk_get(pdev->dev.of_node, 0); |
993 |
-- if (vt8500_port->clk) { |
994 |
-+ if (!IS_ERR(vt8500_port->clk)) { |
995 |
- vt8500_port->uart.uartclk = clk_get_rate(vt8500_port->clk); |
996 |
- } else { |
997 |
- /* use the default of 24Mhz if not specified and warn */ |
998 |
-diff --git a/drivers/usb/chipidea/host.c b/drivers/usb/chipidea/host.c |
999 |
-index ebff9f4..7c212f5 100644 |
1000 |
---- a/drivers/usb/chipidea/host.c |
1001 |
-+++ b/drivers/usb/chipidea/host.c |
1002 |
-@@ -129,6 +129,9 @@ static int host_start(struct ci13xxx *ci) |
1003 |
- else |
1004 |
- ci->hcd = hcd; |
1005 |
- |
1006 |
-+ if (ci->platdata->flags & CI13XXX_DISABLE_STREAMING) |
1007 |
-+ hw_write(ci, OP_USBMODE, USBMODE_CI_SDIS, USBMODE_CI_SDIS); |
1008 |
-+ |
1009 |
- return ret; |
1010 |
- } |
1011 |
- |
1012 |
-diff --git a/drivers/usb/serial/io_ti.c b/drivers/usb/serial/io_ti.c |
1013 |
-index 60023c2..ed83e7a 100644 |
1014 |
---- a/drivers/usb/serial/io_ti.c |
1015 |
-+++ b/drivers/usb/serial/io_ti.c |
1016 |
-@@ -534,6 +534,9 @@ static void chase_port(struct edgeport_port *port, unsigned long timeout, |
1017 |
- wait_queue_t wait; |
1018 |
- unsigned long flags; |
1019 |
- |
1020 |
-+ if (!tty) |
1021 |
-+ return; |
1022 |
-+ |
1023 |
- if (!timeout) |
1024 |
- timeout = (HZ * EDGE_CLOSING_WAIT)/100; |
1025 |
- |
1026 |
-diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
1027 |
-index fd47369..f2727e4 100644 |
1028 |
---- a/drivers/usb/serial/option.c |
1029 |
-+++ b/drivers/usb/serial/option.c |
1030 |
-@@ -450,6 +450,10 @@ static void option_instat_callback(struct urb *urb); |
1031 |
- #define PETATEL_VENDOR_ID 0x1ff4 |
1032 |
- #define PETATEL_PRODUCT_NP10T 0x600e |
1033 |
- |
1034 |
-+/* TP-LINK Incorporated products */ |
1035 |
-+#define TPLINK_VENDOR_ID 0x2357 |
1036 |
-+#define TPLINK_PRODUCT_MA180 0x0201 |
1037 |
-+ |
1038 |
- /* some devices interfaces need special handling due to a number of reasons */ |
1039 |
- enum option_blacklist_reason { |
1040 |
- OPTION_BLACKLIST_NONE = 0, |
1041 |
-@@ -931,7 +935,8 @@ static const struct usb_device_id option_ids[] = { |
1042 |
- { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0254, 0xff, 0xff, 0xff) }, |
1043 |
- { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0257, 0xff, 0xff, 0xff), /* ZTE MF821 */ |
1044 |
- .driver_info = (kernel_ulong_t)&net_intf3_blacklist }, |
1045 |
-- { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0265, 0xff, 0xff, 0xff) }, |
1046 |
-+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0265, 0xff, 0xff, 0xff), /* ONDA MT8205 */ |
1047 |
-+ .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
1048 |
- { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0284, 0xff, 0xff, 0xff), /* ZTE MF880 */ |
1049 |
- .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
1050 |
- { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0317, 0xff, 0xff, 0xff) }, |
1051 |
-@@ -1312,6 +1317,8 @@ static const struct usb_device_id option_ids[] = { |
1052 |
- { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_4COM2, 0xff, 0x00, 0x00) }, |
1053 |
- { USB_DEVICE(CELLIENT_VENDOR_ID, CELLIENT_PRODUCT_MEN200) }, |
1054 |
- { USB_DEVICE(PETATEL_VENDOR_ID, PETATEL_PRODUCT_NP10T) }, |
1055 |
-+ { USB_DEVICE(TPLINK_VENDOR_ID, TPLINK_PRODUCT_MA180), |
1056 |
-+ .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
1057 |
- { } /* Terminating entry */ |
1058 |
- }; |
1059 |
- MODULE_DEVICE_TABLE(usb, option_ids); |
1060 |
-diff --git a/drivers/xen/grant-table.c b/drivers/xen/grant-table.c |
1061 |
-index b91f14e..95ce9d0 100644 |
1062 |
---- a/drivers/xen/grant-table.c |
1063 |
-+++ b/drivers/xen/grant-table.c |
1064 |
-@@ -56,10 +56,6 @@ |
1065 |
- /* External tools reserve first few grant table entries. */ |
1066 |
- #define NR_RESERVED_ENTRIES 8 |
1067 |
- #define GNTTAB_LIST_END 0xffffffff |
1068 |
--#define GREFS_PER_GRANT_FRAME \ |
1069 |
--(grant_table_version == 1 ? \ |
1070 |
--(PAGE_SIZE / sizeof(struct grant_entry_v1)) : \ |
1071 |
--(PAGE_SIZE / sizeof(union grant_entry_v2))) |
1072 |
- |
1073 |
- static grant_ref_t **gnttab_list; |
1074 |
- static unsigned int nr_grant_frames; |
1075 |
-@@ -154,6 +150,7 @@ static struct gnttab_ops *gnttab_interface; |
1076 |
- static grant_status_t *grstatus; |
1077 |
- |
1078 |
- static int grant_table_version; |
1079 |
-+static int grefs_per_grant_frame; |
1080 |
- |
1081 |
- static struct gnttab_free_callback *gnttab_free_callback_list; |
1082 |
- |
1083 |
-@@ -767,12 +764,14 @@ static int grow_gnttab_list(unsigned int more_frames) |
1084 |
- unsigned int new_nr_grant_frames, extra_entries, i; |
1085 |
- unsigned int nr_glist_frames, new_nr_glist_frames; |
1086 |
- |
1087 |
-+ BUG_ON(grefs_per_grant_frame == 0); |
1088 |
-+ |
1089 |
- new_nr_grant_frames = nr_grant_frames + more_frames; |
1090 |
-- extra_entries = more_frames * GREFS_PER_GRANT_FRAME; |
1091 |
-+ extra_entries = more_frames * grefs_per_grant_frame; |
1092 |
- |
1093 |
-- nr_glist_frames = (nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP; |
1094 |
-+ nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP; |
1095 |
- new_nr_glist_frames = |
1096 |
-- (new_nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP; |
1097 |
-+ (new_nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP; |
1098 |
- for (i = nr_glist_frames; i < new_nr_glist_frames; i++) { |
1099 |
- gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_ATOMIC); |
1100 |
- if (!gnttab_list[i]) |
1101 |
-@@ -780,12 +779,12 @@ static int grow_gnttab_list(unsigned int more_frames) |
1102 |
- } |
1103 |
- |
1104 |
- |
1105 |
-- for (i = GREFS_PER_GRANT_FRAME * nr_grant_frames; |
1106 |
-- i < GREFS_PER_GRANT_FRAME * new_nr_grant_frames - 1; i++) |
1107 |
-+ for (i = grefs_per_grant_frame * nr_grant_frames; |
1108 |
-+ i < grefs_per_grant_frame * new_nr_grant_frames - 1; i++) |
1109 |
- gnttab_entry(i) = i + 1; |
1110 |
- |
1111 |
- gnttab_entry(i) = gnttab_free_head; |
1112 |
-- gnttab_free_head = GREFS_PER_GRANT_FRAME * nr_grant_frames; |
1113 |
-+ gnttab_free_head = grefs_per_grant_frame * nr_grant_frames; |
1114 |
- gnttab_free_count += extra_entries; |
1115 |
- |
1116 |
- nr_grant_frames = new_nr_grant_frames; |
1117 |
-@@ -957,7 +956,8 @@ EXPORT_SYMBOL_GPL(gnttab_unmap_refs); |
1118 |
- |
1119 |
- static unsigned nr_status_frames(unsigned nr_grant_frames) |
1120 |
- { |
1121 |
-- return (nr_grant_frames * GREFS_PER_GRANT_FRAME + SPP - 1) / SPP; |
1122 |
-+ BUG_ON(grefs_per_grant_frame == 0); |
1123 |
-+ return (nr_grant_frames * grefs_per_grant_frame + SPP - 1) / SPP; |
1124 |
- } |
1125 |
- |
1126 |
- static int gnttab_map_frames_v1(xen_pfn_t *frames, unsigned int nr_gframes) |
1127 |
-@@ -1115,6 +1115,7 @@ static void gnttab_request_version(void) |
1128 |
- rc = HYPERVISOR_grant_table_op(GNTTABOP_set_version, &gsv, 1); |
1129 |
- if (rc == 0 && gsv.version == 2) { |
1130 |
- grant_table_version = 2; |
1131 |
-+ grefs_per_grant_frame = PAGE_SIZE / sizeof(union grant_entry_v2); |
1132 |
- gnttab_interface = &gnttab_v2_ops; |
1133 |
- } else if (grant_table_version == 2) { |
1134 |
- /* |
1135 |
-@@ -1127,17 +1128,17 @@ static void gnttab_request_version(void) |
1136 |
- panic("we need grant tables version 2, but only version 1 is available"); |
1137 |
- } else { |
1138 |
- grant_table_version = 1; |
1139 |
-+ grefs_per_grant_frame = PAGE_SIZE / sizeof(struct grant_entry_v1); |
1140 |
- gnttab_interface = &gnttab_v1_ops; |
1141 |
- } |
1142 |
- printk(KERN_INFO "Grant tables using version %d layout.\n", |
1143 |
- grant_table_version); |
1144 |
- } |
1145 |
- |
1146 |
--int gnttab_resume(void) |
1147 |
-+static int gnttab_setup(void) |
1148 |
- { |
1149 |
- unsigned int max_nr_gframes; |
1150 |
- |
1151 |
-- gnttab_request_version(); |
1152 |
- max_nr_gframes = gnttab_max_grant_frames(); |
1153 |
- if (max_nr_gframes < nr_grant_frames) |
1154 |
- return -ENOSYS; |
1155 |
-@@ -1160,6 +1161,12 @@ int gnttab_resume(void) |
1156 |
- return 0; |
1157 |
- } |
1158 |
- |
1159 |
-+int gnttab_resume(void) |
1160 |
-+{ |
1161 |
-+ gnttab_request_version(); |
1162 |
-+ return gnttab_setup(); |
1163 |
-+} |
1164 |
-+ |
1165 |
- int gnttab_suspend(void) |
1166 |
- { |
1167 |
- gnttab_interface->unmap_frames(); |
1168 |
-@@ -1171,9 +1178,10 @@ static int gnttab_expand(unsigned int req_entries) |
1169 |
- int rc; |
1170 |
- unsigned int cur, extra; |
1171 |
- |
1172 |
-+ BUG_ON(grefs_per_grant_frame == 0); |
1173 |
- cur = nr_grant_frames; |
1174 |
-- extra = ((req_entries + (GREFS_PER_GRANT_FRAME-1)) / |
1175 |
-- GREFS_PER_GRANT_FRAME); |
1176 |
-+ extra = ((req_entries + (grefs_per_grant_frame-1)) / |
1177 |
-+ grefs_per_grant_frame); |
1178 |
- if (cur + extra > gnttab_max_grant_frames()) |
1179 |
- return -ENOSPC; |
1180 |
- |
1181 |
-@@ -1191,21 +1199,23 @@ int gnttab_init(void) |
1182 |
- unsigned int nr_init_grefs; |
1183 |
- int ret; |
1184 |
- |
1185 |
-+ gnttab_request_version(); |
1186 |
- nr_grant_frames = 1; |
1187 |
- boot_max_nr_grant_frames = __max_nr_grant_frames(); |
1188 |
- |
1189 |
- /* Determine the maximum number of frames required for the |
1190 |
- * grant reference free list on the current hypervisor. |
1191 |
- */ |
1192 |
-+ BUG_ON(grefs_per_grant_frame == 0); |
1193 |
- max_nr_glist_frames = (boot_max_nr_grant_frames * |
1194 |
-- GREFS_PER_GRANT_FRAME / RPP); |
1195 |
-+ grefs_per_grant_frame / RPP); |
1196 |
- |
1197 |
- gnttab_list = kmalloc(max_nr_glist_frames * sizeof(grant_ref_t *), |
1198 |
- GFP_KERNEL); |
1199 |
- if (gnttab_list == NULL) |
1200 |
- return -ENOMEM; |
1201 |
- |
1202 |
-- nr_glist_frames = (nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP; |
1203 |
-+ nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP; |
1204 |
- for (i = 0; i < nr_glist_frames; i++) { |
1205 |
- gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_KERNEL); |
1206 |
- if (gnttab_list[i] == NULL) { |
1207 |
-@@ -1214,12 +1224,12 @@ int gnttab_init(void) |
1208 |
- } |
1209 |
- } |
1210 |
- |
1211 |
-- if (gnttab_resume() < 0) { |
1212 |
-+ if (gnttab_setup() < 0) { |
1213 |
- ret = -ENODEV; |
1214 |
- goto ini_nomem; |
1215 |
- } |
1216 |
- |
1217 |
-- nr_init_grefs = nr_grant_frames * GREFS_PER_GRANT_FRAME; |
1218 |
-+ nr_init_grefs = nr_grant_frames * grefs_per_grant_frame; |
1219 |
- |
1220 |
- for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++) |
1221 |
- gnttab_entry(i) = i + 1; |
1222 |
-diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c |
1223 |
-index b3c243b..f89c0e5 100644 |
1224 |
---- a/fs/ext4/inode.c |
1225 |
-+++ b/fs/ext4/inode.c |
1226 |
-@@ -1503,6 +1503,8 @@ static void ext4_da_block_invalidatepages(struct mpage_da_data *mpd) |
1227 |
- |
1228 |
- index = mpd->first_page; |
1229 |
- end = mpd->next_page - 1; |
1230 |
-+ |
1231 |
-+ pagevec_init(&pvec, 0); |
1232 |
- while (index <= end) { |
1233 |
- nr_pages = pagevec_lookup(&pvec, mapping, index, PAGEVEC_SIZE); |
1234 |
- if (nr_pages == 0) |
1235 |
-diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h |
1236 |
-index 5be8937..fca8bbe 100644 |
1237 |
---- a/include/target/target_core_base.h |
1238 |
-+++ b/include/target/target_core_base.h |
1239 |
-@@ -734,6 +734,8 @@ struct se_subsystem_dev { |
1240 |
- }; |
1241 |
- |
1242 |
- struct se_device { |
1243 |
-+#define SE_DEV_LINK_MAGIC 0xfeeddeef |
1244 |
-+ u32 dev_link_magic; |
1245 |
- /* RELATIVE TARGET PORT IDENTIFER Counter */ |
1246 |
- u16 dev_rpti_counter; |
1247 |
- /* Used for SAM Task Attribute ordering */ |
1248 |
-@@ -820,6 +822,8 @@ struct se_port_stat_grps { |
1249 |
- }; |
1250 |
- |
1251 |
- struct se_lun { |
1252 |
-+#define SE_LUN_LINK_MAGIC 0xffff7771 |
1253 |
-+ u32 lun_link_magic; |
1254 |
- /* See transport_lun_status_table */ |
1255 |
- enum transport_lun_status_table lun_status; |
1256 |
- u32 lun_access; |
1257 |
-diff --git a/include/uapi/linux/serial_core.h b/include/uapi/linux/serial_core.h |
1258 |
-index 7e1ab20..dbb95db 100644 |
1259 |
---- a/include/uapi/linux/serial_core.h |
1260 |
-+++ b/include/uapi/linux/serial_core.h |
1261 |
-@@ -49,7 +49,9 @@ |
1262 |
- #define PORT_XR17D15X 21 /* Exar XR17D15x UART */ |
1263 |
- #define PORT_LPC3220 22 /* NXP LPC32xx SoC "Standard" UART */ |
1264 |
- #define PORT_8250_CIR 23 /* CIR infrared port, has its own driver */ |
1265 |
--#define PORT_MAX_8250 23 /* max port ID */ |
1266 |
-+#define PORT_XR17V35X 24 /* Exar XR17V35x UARTs */ |
1267 |
-+#define PORT_BRCM_TRUMANAGE 24 |
1268 |
-+#define PORT_MAX_8250 25 /* max port ID */ |
1269 |
- |
1270 |
- /* |
1271 |
- * ARM specific type numbers. These are not currently guaranteed |
1272 |
-diff --git a/sound/pci/hda/patch_hdmi.c b/sound/pci/hda/patch_hdmi.c |
1273 |
-index 4642c68..a95e198 100644 |
1274 |
---- a/sound/pci/hda/patch_hdmi.c |
1275 |
-+++ b/sound/pci/hda/patch_hdmi.c |
1276 |
-@@ -1499,7 +1499,7 @@ static int hdmi_chmap_ctl_put(struct snd_kcontrol *kcontrol, |
1277 |
- ctl_idx = snd_ctl_get_ioffidx(kcontrol, &ucontrol->id); |
1278 |
- substream = snd_pcm_chmap_substream(info, ctl_idx); |
1279 |
- if (!substream || !substream->runtime) |
1280 |
-- return -EBADFD; |
1281 |
-+ return 0; /* just for avoiding error from alsactl restore */ |
1282 |
- switch (substream->runtime->status->state) { |
1283 |
- case SNDRV_PCM_STATE_OPEN: |
1284 |
- case SNDRV_PCM_STATE_SETUP: |
1285 |
-diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c |
1286 |
-index 0f58b4b..b8d1ad1 100644 |
1287 |
---- a/sound/usb/quirks.c |
1288 |
-+++ b/sound/usb/quirks.c |
1289 |
-@@ -387,11 +387,13 @@ static int snd_usb_fasttrackpro_boot_quirk(struct usb_device *dev) |
1290 |
- * rules |
1291 |
- */ |
1292 |
- err = usb_driver_set_configuration(dev, 2); |
1293 |
-- if (err < 0) { |
1294 |
-+ if (err < 0) |
1295 |
- snd_printdd("error usb_driver_set_configuration: %d\n", |
1296 |
- err); |
1297 |
-- return -ENODEV; |
1298 |
-- } |
1299 |
-+ /* Always return an error, so that we stop creating a device |
1300 |
-+ that will just be destroyed and recreated with a new |
1301 |
-+ configuration */ |
1302 |
-+ return -ENODEV; |
1303 |
- } else |
1304 |
- snd_printk(KERN_INFO "usb-audio: Fast Track Pro config OK\n"); |
1305 |
- |
1306 |
|
1307 |
diff --git a/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301230048.patch b/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1308 |
similarity index 99% |
1309 |
rename from 3.7.4/4420_grsecurity-2.9.1-3.7.4-201301230048.patch |
1310 |
rename to 3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1311 |
index 3577167..29e3b84 100644 |
1312 |
--- a/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301230048.patch |
1313 |
+++ b/3.7.4/4420_grsecurity-2.9.1-3.7.4-201301252226.patch |
1314 |
@@ -3975,7 +3975,7 @@ index ddcec1e..c7f983e 100644 |
1315 |
* This routine handles page faults. It determines the address, |
1316 |
* and the problem, and then passes it off to one of the appropriate |
1317 |
diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c |
1318 |
-index 302d779..ad1772c 100644 |
1319 |
+index 302d779..ee9ffb5 100644 |
1320 |
--- a/arch/mips/mm/mmap.c |
1321 |
+++ b/arch/mips/mm/mmap.c |
1322 |
@@ -71,6 +71,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
1323 |
@@ -4026,7 +4026,19 @@ index 302d779..ad1772c 100644 |
1324 |
/* cache the address as a hint for next time */ |
1325 |
return mm->free_area_cache = addr - len; |
1326 |
} |
1327 |
-@@ -165,7 +170,7 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
1328 |
+@@ -155,17 +160,17 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
1329 |
+ goto bottomup; |
1330 |
+ |
1331 |
+ addr = mm->mmap_base - len; |
1332 |
+- if (do_color_align) |
1333 |
+- addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
1334 |
+ |
1335 |
+ do { |
1336 |
++ if (do_color_align) |
1337 |
++ addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
1338 |
+ /* |
1339 |
+ * Lookup failure means no vma is above this address, |
1340 |
+ * else if new region fits below vma->vm_start, |
1341 |
* return with success: |
1342 |
*/ |
1343 |
vma = find_vma(mm, addr); |
1344 |
@@ -4035,7 +4047,20 @@ index 302d779..ad1772c 100644 |
1345 |
/* cache the address as a hint for next time */ |
1346 |
return mm->free_area_cache = addr; |
1347 |
} |
1348 |
-@@ -242,30 +247,3 @@ void arch_pick_mmap_layout(struct mm_struct *mm) |
1349 |
+@@ -175,10 +180,8 @@ static unsigned long arch_get_unmapped_area_common(struct file *filp, |
1350 |
+ mm->cached_hole_size = vma->vm_start - addr; |
1351 |
+ |
1352 |
+ /* try just below the current vma->vm_start */ |
1353 |
+- addr = vma->vm_start - len; |
1354 |
+- if (do_color_align) |
1355 |
+- addr = COLOUR_ALIGN_DOWN(addr, pgoff); |
1356 |
+- } while (likely(len < vma->vm_start)); |
1357 |
++ addr = skip_heap_stack_gap(vma, len); |
1358 |
++ } while (!IS_ERR_VALUE(addr)); |
1359 |
+ |
1360 |
+ bottomup: |
1361 |
+ /* |
1362 |
+@@ -242,30 +245,3 @@ void arch_pick_mmap_layout(struct mm_struct *mm) |
1363 |
mm->unmap_area = arch_unmap_area_topdown; |
1364 |
} |
1365 |
} |
1366 |
@@ -20012,7 +20037,7 @@ index 16c6365..5d32218 100644 |
1367 |
ip = *(u64 *)(fp+8); |
1368 |
if (!in_sched_functions(ip)) |
1369 |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c |
1370 |
-index 974b67e..044111b 100644 |
1371 |
+index 974b67e..12cb2b5 100644 |
1372 |
--- a/arch/x86/kernel/ptrace.c |
1373 |
+++ b/arch/x86/kernel/ptrace.c |
1374 |
@@ -183,14 +183,13 @@ unsigned long kernel_stack_pointer(struct pt_regs *regs) |
1375 |
@@ -20034,6 +20059,15 @@ index 974b67e..044111b 100644 |
1376 |
|
1377 |
return (unsigned long)regs; |
1378 |
} |
1379 |
+@@ -587,7 +586,7 @@ static void ptrace_triggered(struct perf_event *bp, |
1380 |
+ static unsigned long ptrace_get_dr7(struct perf_event *bp[]) |
1381 |
+ { |
1382 |
+ int i; |
1383 |
+- int dr7 = 0; |
1384 |
++ unsigned long dr7 = 0; |
1385 |
+ struct arch_hw_breakpoint *info; |
1386 |
+ |
1387 |
+ for (i = 0; i < HBP_NUM; i++) { |
1388 |
@@ -855,7 +854,7 @@ long arch_ptrace(struct task_struct *child, long request, |
1389 |
unsigned long addr, unsigned long data) |
1390 |
{ |
1391 |
@@ -29096,7 +29130,7 @@ index 7005ced..530d6eb 100644 |
1392 |
+ *(void **)&x86_io_apic_ops.read = xen_io_apic_read; |
1393 |
} |
1394 |
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
1395 |
-index 586d838..7082fc8 100644 |
1396 |
+index 586d838..9181904 100644 |
1397 |
--- a/arch/x86/xen/enlighten.c |
1398 |
+++ b/arch/x86/xen/enlighten.c |
1399 |
@@ -99,8 +99,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); |
1400 |
@@ -29108,16 +29142,27 @@ index 586d838..7082fc8 100644 |
1401 |
RESERVE_BRK(shared_info_page_brk, PAGE_SIZE); |
1402 |
__read_mostly int xen_have_vector_callback; |
1403 |
EXPORT_SYMBOL_GPL(xen_have_vector_callback); |
1404 |
-@@ -523,7 +521,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) |
1405 |
+@@ -473,8 +471,7 @@ static void xen_load_gdt(const struct desc_ptr *dtr) |
1406 |
+ { |
1407 |
+ unsigned long va = dtr->address; |
1408 |
+ unsigned int size = dtr->size + 1; |
1409 |
+- unsigned pages = (size + PAGE_SIZE - 1) / PAGE_SIZE; |
1410 |
+- unsigned long frames[pages]; |
1411 |
++ unsigned long frames[65536 / PAGE_SIZE]; |
1412 |
+ int f; |
1413 |
+ |
1414 |
+ /* |
1415 |
+@@ -522,8 +519,7 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) |
1416 |
+ { |
1417 |
unsigned long va = dtr->address; |
1418 |
unsigned int size = dtr->size + 1; |
1419 |
- unsigned pages = (size + PAGE_SIZE - 1) / PAGE_SIZE; |
1420 |
+- unsigned pages = (size + PAGE_SIZE - 1) / PAGE_SIZE; |
1421 |
- unsigned long frames[pages]; |
1422 |
+ unsigned long frames[65536 / PAGE_SIZE]; |
1423 |
int f; |
1424 |
|
1425 |
/* |
1426 |
-@@ -918,21 +916,21 @@ static u32 xen_safe_apic_wait_icr_idle(void) |
1427 |
+@@ -918,21 +914,21 @@ static u32 xen_safe_apic_wait_icr_idle(void) |
1428 |
|
1429 |
static void set_xen_basic_apic_ops(void) |
1430 |
{ |
1431 |
@@ -29152,7 +29197,7 @@ index 586d838..7082fc8 100644 |
1432 |
#endif |
1433 |
} |
1434 |
|
1435 |
-@@ -1222,30 +1220,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
1436 |
+@@ -1222,30 +1218,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { |
1437 |
#endif |
1438 |
}; |
1439 |
|
1440 |
@@ -29190,7 +29235,7 @@ index 586d838..7082fc8 100644 |
1441 |
{ |
1442 |
if (pm_power_off) |
1443 |
pm_power_off(); |
1444 |
-@@ -1290,14 +1288,14 @@ static const struct machine_ops xen_machine_ops __initconst = { |
1445 |
+@@ -1290,14 +1286,14 @@ static const struct machine_ops xen_machine_ops __initconst = { |
1446 |
*/ |
1447 |
static void __init xen_setup_stackprotector(void) |
1448 |
{ |
1449 |
@@ -29209,7 +29254,7 @@ index 586d838..7082fc8 100644 |
1450 |
} |
1451 |
|
1452 |
/* First C function to be called on Xen boot */ |
1453 |
-@@ -1315,13 +1313,13 @@ asmlinkage void __init xen_start_kernel(void) |
1454 |
+@@ -1315,13 +1311,13 @@ asmlinkage void __init xen_start_kernel(void) |
1455 |
|
1456 |
/* Install Xen paravirt ops */ |
1457 |
pv_info = xen_info; |
1458 |
@@ -29229,7 +29274,7 @@ index 586d838..7082fc8 100644 |
1459 |
|
1460 |
xen_init_time_ops(); |
1461 |
|
1462 |
-@@ -1347,7 +1345,17 @@ asmlinkage void __init xen_start_kernel(void) |
1463 |
+@@ -1347,7 +1343,17 @@ asmlinkage void __init xen_start_kernel(void) |
1464 |
__userpte_alloc_gfp &= ~__GFP_HIGHMEM; |
1465 |
|
1466 |
/* Work out if we support NX */ |
1467 |
@@ -29248,7 +29293,7 @@ index 586d838..7082fc8 100644 |
1468 |
|
1469 |
xen_setup_features(); |
1470 |
|
1471 |
-@@ -1376,14 +1384,7 @@ asmlinkage void __init xen_start_kernel(void) |
1472 |
+@@ -1376,14 +1382,7 @@ asmlinkage void __init xen_start_kernel(void) |
1473 |
pv_mmu_ops.ptep_modify_prot_commit = xen_ptep_modify_prot_commit; |
1474 |
} |
1475 |
|
1476 |
@@ -29264,7 +29309,7 @@ index 586d838..7082fc8 100644 |
1477 |
|
1478 |
xen_smp_init(); |
1479 |
|
1480 |
-@@ -1450,7 +1451,7 @@ asmlinkage void __init xen_start_kernel(void) |
1481 |
+@@ -1450,7 +1449,7 @@ asmlinkage void __init xen_start_kernel(void) |
1482 |
add_preferred_console("tty", 0, NULL); |
1483 |
add_preferred_console("hvc", 0, NULL); |
1484 |
if (pci_xen) |
1485 |
@@ -29273,7 +29318,7 @@ index 586d838..7082fc8 100644 |
1486 |
} else { |
1487 |
const struct dom0_vga_console_info *info = |
1488 |
(void *)((char *)xen_start_info + |
1489 |
-@@ -1476,8 +1477,8 @@ asmlinkage void __init xen_start_kernel(void) |
1490 |
+@@ -1476,8 +1475,8 @@ asmlinkage void __init xen_start_kernel(void) |
1491 |
xen_acpi_sleep_register(); |
1492 |
|
1493 |
/* Avoid searching for BIOS MP tables */ |
1494 |
@@ -29284,7 +29329,7 @@ index 586d838..7082fc8 100644 |
1495 |
} |
1496 |
#ifdef CONFIG_PCI |
1497 |
/* PCI BIOS service won't work from a PV guest. */ |
1498 |
-@@ -1583,7 +1584,7 @@ static void __init xen_hvm_guest_init(void) |
1499 |
+@@ -1583,7 +1582,7 @@ static void __init xen_hvm_guest_init(void) |
1500 |
xen_hvm_smp_init(); |
1501 |
register_cpu_notifier(&xen_hvm_cpu_notifier); |
1502 |
xen_unplug_emulated_devices(); |
1503 |
@@ -44267,7 +44312,7 @@ index 0e7a6f8..332b1ca 100644 |
1504 |
fd_offset + ex.a_text); |
1505 |
if (error != N_DATADDR(ex)) { |
1506 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
1507 |
-index fbd9f60..d4edac0 100644 |
1508 |
+index fbd9f60..0b845dd 100644 |
1509 |
--- a/fs/binfmt_elf.c |
1510 |
+++ b/fs/binfmt_elf.c |
1511 |
@@ -33,6 +33,7 @@ |
1512 |
@@ -44734,7 +44779,7 @@ index fbd9f60..d4edac0 100644 |
1513 |
unsigned int random_variable = 0; |
1514 |
|
1515 |
+#ifdef CONFIG_PAX_RANDUSTACK |
1516 |
-+ if (randomize_va_space) |
1517 |
++ if (current->mm->pax_flags & MF_PAX_RANDMMAP) |
1518 |
+ return stack_top - current->mm->delta_stack; |
1519 |
+#endif |
1520 |
+ |
1521 |
@@ -46349,16 +46394,17 @@ index b2a34a1..162fa69 100644 |
1522 |
return rc; |
1523 |
} |
1524 |
diff --git a/fs/exec.c b/fs/exec.c |
1525 |
-index c6e6de4..de6841c 100644 |
1526 |
+index c6e6de4..fb98879 100644 |
1527 |
--- a/fs/exec.c |
1528 |
+++ b/fs/exec.c |
1529 |
-@@ -55,6 +55,16 @@ |
1530 |
+@@ -55,6 +55,17 @@ |
1531 |
#include <linux/pipe_fs_i.h> |
1532 |
#include <linux/oom.h> |
1533 |
#include <linux/compat.h> |
1534 |
+#include <linux/random.h> |
1535 |
+#include <linux/seq_file.h> |
1536 |
+#include <linux/coredump.h> |
1537 |
++#include <linux/mman.h> |
1538 |
+ |
1539 |
+#ifdef CONFIG_PAX_REFCOUNT |
1540 |
+#include <linux/kallsyms.h> |
1541 |
@@ -46369,7 +46415,7 @@ index c6e6de4..de6841c 100644 |
1542 |
|
1543 |
#include <asm/uaccess.h> |
1544 |
#include <asm/mmu_context.h> |
1545 |
-@@ -66,6 +76,18 @@ |
1546 |
+@@ -66,6 +77,18 @@ |
1547 |
|
1548 |
#include <trace/events/sched.h> |
1549 |
|
1550 |
@@ -46388,7 +46434,7 @@ index c6e6de4..de6841c 100644 |
1551 |
int suid_dumpable = 0; |
1552 |
|
1553 |
static LIST_HEAD(formats); |
1554 |
-@@ -180,18 +202,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
1555 |
+@@ -180,18 +203,10 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
1556 |
int write) |
1557 |
{ |
1558 |
struct page *page; |
1559 |
@@ -46410,7 +46456,7 @@ index c6e6de4..de6841c 100644 |
1560 |
return NULL; |
1561 |
|
1562 |
if (write) { |
1563 |
-@@ -207,6 +221,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
1564 |
+@@ -207,6 +222,17 @@ static struct page *get_arg_page(struct linux_binprm *bprm, unsigned long pos, |
1565 |
if (size <= ARG_MAX) |
1566 |
return page; |
1567 |
|
1568 |
@@ -46428,7 +46474,7 @@ index c6e6de4..de6841c 100644 |
1569 |
/* |
1570 |
* Limit to 1/4-th the stack size for the argv+env strings. |
1571 |
* This ensures that: |
1572 |
-@@ -266,6 +291,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
1573 |
+@@ -266,6 +292,11 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
1574 |
vma->vm_end = STACK_TOP_MAX; |
1575 |
vma->vm_start = vma->vm_end - PAGE_SIZE; |
1576 |
vma->vm_flags = VM_STACK_FLAGS | VM_STACK_INCOMPLETE_SETUP; |
1577 |
@@ -46440,7 +46486,7 @@ index c6e6de4..de6841c 100644 |
1578 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
1579 |
INIT_LIST_HEAD(&vma->anon_vma_chain); |
1580 |
|
1581 |
-@@ -276,6 +306,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
1582 |
+@@ -276,6 +307,12 @@ static int __bprm_mm_init(struct linux_binprm *bprm) |
1583 |
mm->stack_vm = mm->total_vm = 1; |
1584 |
up_write(&mm->mmap_sem); |
1585 |
bprm->p = vma->vm_end - sizeof(void *); |
1586 |
@@ -46453,7 +46499,7 @@ index c6e6de4..de6841c 100644 |
1587 |
return 0; |
1588 |
err: |
1589 |
up_write(&mm->mmap_sem); |
1590 |
-@@ -384,19 +420,7 @@ err: |
1591 |
+@@ -384,19 +421,7 @@ err: |
1592 |
return err; |
1593 |
} |
1594 |
|
1595 |
@@ -46474,7 +46520,7 @@ index c6e6de4..de6841c 100644 |
1596 |
{ |
1597 |
const char __user *native; |
1598 |
|
1599 |
-@@ -405,14 +429,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
1600 |
+@@ -405,14 +430,14 @@ static const char __user *get_user_arg_ptr(struct user_arg_ptr argv, int nr) |
1601 |
compat_uptr_t compat; |
1602 |
|
1603 |
if (get_user(compat, argv.ptr.compat + nr)) |
1604 |
@@ -46491,7 +46537,7 @@ index c6e6de4..de6841c 100644 |
1605 |
|
1606 |
return native; |
1607 |
} |
1608 |
-@@ -431,11 +455,12 @@ static int count(struct user_arg_ptr argv, int max) |
1609 |
+@@ -431,11 +456,12 @@ static int count(struct user_arg_ptr argv, int max) |
1610 |
if (!p) |
1611 |
break; |
1612 |
|
1613 |
@@ -46506,7 +46552,7 @@ index c6e6de4..de6841c 100644 |
1614 |
|
1615 |
if (fatal_signal_pending(current)) |
1616 |
return -ERESTARTNOHAND; |
1617 |
-@@ -465,7 +490,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, |
1618 |
+@@ -465,7 +491,7 @@ static int copy_strings(int argc, struct user_arg_ptr argv, |
1619 |
|
1620 |
ret = -EFAULT; |
1621 |
str = get_user_arg_ptr(argv, argc); |
1622 |
@@ -46515,7 +46561,7 @@ index c6e6de4..de6841c 100644 |
1623 |
goto out; |
1624 |
|
1625 |
len = strnlen_user(str, MAX_ARG_STRLEN); |
1626 |
-@@ -547,7 +572,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, |
1627 |
+@@ -547,7 +573,7 @@ int copy_strings_kernel(int argc, const char *const *__argv, |
1628 |
int r; |
1629 |
mm_segment_t oldfs = get_fs(); |
1630 |
struct user_arg_ptr argv = { |
1631 |
@@ -46524,7 +46570,7 @@ index c6e6de4..de6841c 100644 |
1632 |
}; |
1633 |
|
1634 |
set_fs(KERNEL_DS); |
1635 |
-@@ -582,7 +607,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1636 |
+@@ -582,7 +608,8 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1637 |
unsigned long new_end = old_end - shift; |
1638 |
struct mmu_gather tlb; |
1639 |
|
1640 |
@@ -46534,7 +46580,7 @@ index c6e6de4..de6841c 100644 |
1641 |
|
1642 |
/* |
1643 |
* ensure there are no vmas between where we want to go |
1644 |
-@@ -591,6 +617,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1645 |
+@@ -591,6 +618,10 @@ static int shift_arg_pages(struct vm_area_struct *vma, unsigned long shift) |
1646 |
if (vma != find_vma(mm, new_start)) |
1647 |
return -EFAULT; |
1648 |
|
1649 |
@@ -46545,7 +46591,7 @@ index c6e6de4..de6841c 100644 |
1650 |
/* |
1651 |
* cover the whole range: [new_start, old_end) |
1652 |
*/ |
1653 |
-@@ -671,10 +701,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1654 |
+@@ -671,10 +702,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1655 |
stack_top = arch_align_stack(stack_top); |
1656 |
stack_top = PAGE_ALIGN(stack_top); |
1657 |
|
1658 |
@@ -46556,7 +46602,7 @@ index c6e6de4..de6841c 100644 |
1659 |
stack_shift = vma->vm_end - stack_top; |
1660 |
|
1661 |
bprm->p -= stack_shift; |
1662 |
-@@ -686,8 +712,28 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1663 |
+@@ -686,8 +713,28 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1664 |
bprm->exec -= stack_shift; |
1665 |
|
1666 |
down_write(&mm->mmap_sem); |
1667 |
@@ -46585,7 +46631,7 @@ index c6e6de4..de6841c 100644 |
1668 |
/* |
1669 |
* Adjust stack execute permissions; explicitly enable for |
1670 |
* EXSTACK_ENABLE_X, disable for EXSTACK_DISABLE_X and leave alone |
1671 |
-@@ -706,13 +752,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1672 |
+@@ -706,13 +753,6 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1673 |
goto out_unlock; |
1674 |
BUG_ON(prev != vma); |
1675 |
|
1676 |
@@ -46599,7 +46645,35 @@ index c6e6de4..de6841c 100644 |
1677 |
/* mprotect_fixup is overkill to remove the temporary stack flags */ |
1678 |
vma->vm_flags &= ~VM_STACK_INCOMPLETE_SETUP; |
1679 |
|
1680 |
-@@ -771,6 +810,8 @@ struct file *open_exec(const char *name) |
1681 |
+@@ -736,6 +776,27 @@ int setup_arg_pages(struct linux_binprm *bprm, |
1682 |
+ #endif |
1683 |
+ current->mm->start_stack = bprm->p; |
1684 |
+ ret = expand_stack(vma, stack_base); |
1685 |
++ |
1686 |
++#if !defined(CONFIG_STACK_GROWSUP) && defined(CONFIG_PAX_ASLR) |
1687 |
++ if (!ret && (mm->pax_flags & MF_PAX_RANDMMAP) && STACK_TOP <= 0xFFFFFFFFU && STACK_TOP > vma->vm_end) { |
1688 |
++ unsigned long size, flags, vm_flags; |
1689 |
++ |
1690 |
++ size = STACK_TOP - vma->vm_end; |
1691 |
++ flags = MAP_FIXED | MAP_PRIVATE; |
1692 |
++ vm_flags = VM_NONE | VM_DONTEXPAND | VM_DONTDUMP; |
1693 |
++ |
1694 |
++ ret = vma->vm_end != mmap_region(NULL, vma->vm_end, size, flags, vm_flags, 0); |
1695 |
++ |
1696 |
++#ifdef CONFIG_X86 |
1697 |
++ if (!ret) { |
1698 |
++ size = mmap_min_addr + ((mm->delta_mmap ^ mm->delta_stack) & (0xFFUL << PAGE_SHIFT)); |
1699 |
++ ret = 0 != mmap_region(NULL, 0, size, flags, vm_flags, 0); |
1700 |
++ } |
1701 |
++#endif |
1702 |
++ |
1703 |
++ } |
1704 |
++#endif |
1705 |
++ |
1706 |
+ if (ret) |
1707 |
+ ret = -EFAULT; |
1708 |
+ |
1709 |
+@@ -771,6 +832,8 @@ struct file *open_exec(const char *name) |
1710 |
|
1711 |
fsnotify_open(file); |
1712 |
|
1713 |
@@ -46608,7 +46682,7 @@ index c6e6de4..de6841c 100644 |
1714 |
err = deny_write_access(file); |
1715 |
if (err) |
1716 |
goto exit; |
1717 |
-@@ -794,7 +835,7 @@ int kernel_read(struct file *file, loff_t offset, |
1718 |
+@@ -794,7 +857,7 @@ int kernel_read(struct file *file, loff_t offset, |
1719 |
old_fs = get_fs(); |
1720 |
set_fs(get_ds()); |
1721 |
/* The cast to a user pointer is valid due to the set_fs() */ |
1722 |
@@ -46617,7 +46691,7 @@ index c6e6de4..de6841c 100644 |
1723 |
set_fs(old_fs); |
1724 |
return result; |
1725 |
} |
1726 |
-@@ -1246,7 +1287,7 @@ static int check_unsafe_exec(struct linux_binprm *bprm) |
1727 |
+@@ -1246,7 +1309,7 @@ static int check_unsafe_exec(struct linux_binprm *bprm) |
1728 |
} |
1729 |
rcu_read_unlock(); |
1730 |
|
1731 |
@@ -46626,7 +46700,7 @@ index c6e6de4..de6841c 100644 |
1732 |
bprm->unsafe |= LSM_UNSAFE_SHARE; |
1733 |
} else { |
1734 |
res = -EAGAIN; |
1735 |
-@@ -1449,6 +1490,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
1736 |
+@@ -1449,6 +1512,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs) |
1737 |
|
1738 |
EXPORT_SYMBOL(search_binary_handler); |
1739 |
|
1740 |
@@ -46655,7 +46729,7 @@ index c6e6de4..de6841c 100644 |
1741 |
/* |
1742 |
* sys_execve() executes a new program. |
1743 |
*/ |
1744 |
-@@ -1457,6 +1520,11 @@ static int do_execve_common(const char *filename, |
1745 |
+@@ -1457,6 +1542,11 @@ static int do_execve_common(const char *filename, |
1746 |
struct user_arg_ptr envp, |
1747 |
struct pt_regs *regs) |
1748 |
{ |
1749 |
@@ -46667,7 +46741,7 @@ index c6e6de4..de6841c 100644 |
1750 |
struct linux_binprm *bprm; |
1751 |
struct file *file; |
1752 |
struct files_struct *displaced; |
1753 |
-@@ -1464,6 +1532,8 @@ static int do_execve_common(const char *filename, |
1754 |
+@@ -1464,6 +1554,8 @@ static int do_execve_common(const char *filename, |
1755 |
int retval; |
1756 |
const struct cred *cred = current_cred(); |
1757 |
|
1758 |
@@ -46676,7 +46750,7 @@ index c6e6de4..de6841c 100644 |
1759 |
/* |
1760 |
* We move the actual failure in case of RLIMIT_NPROC excess from |
1761 |
* set*uid() to execve() because too many poorly written programs |
1762 |
-@@ -1504,12 +1574,27 @@ static int do_execve_common(const char *filename, |
1763 |
+@@ -1504,12 +1596,27 @@ static int do_execve_common(const char *filename, |
1764 |
if (IS_ERR(file)) |
1765 |
goto out_unmark; |
1766 |
|
1767 |
@@ -46704,7 +46778,7 @@ index c6e6de4..de6841c 100644 |
1768 |
retval = bprm_mm_init(bprm); |
1769 |
if (retval) |
1770 |
goto out_file; |
1771 |
-@@ -1526,24 +1611,65 @@ static int do_execve_common(const char *filename, |
1772 |
+@@ -1526,24 +1633,65 @@ static int do_execve_common(const char *filename, |
1773 |
if (retval < 0) |
1774 |
goto out; |
1775 |
|
1776 |
@@ -46774,7 +46848,7 @@ index c6e6de4..de6841c 100644 |
1777 |
current->fs->in_exec = 0; |
1778 |
current->in_execve = 0; |
1779 |
acct_update_integrals(current); |
1780 |
-@@ -1552,6 +1678,14 @@ static int do_execve_common(const char *filename, |
1781 |
+@@ -1552,6 +1700,14 @@ static int do_execve_common(const char *filename, |
1782 |
put_files_struct(displaced); |
1783 |
return retval; |
1784 |
|
1785 |
@@ -46789,7 +46863,7 @@ index c6e6de4..de6841c 100644 |
1786 |
out: |
1787 |
if (bprm->mm) { |
1788 |
acct_arg_size(bprm, 0); |
1789 |
-@@ -1727,3 +1861,253 @@ int kernel_execve(const char *filename, |
1790 |
+@@ -1727,3 +1883,253 @@ int kernel_execve(const char *filename, |
1791 |
ret_from_kernel_execve(p); |
1792 |
} |
1793 |
#endif |