[gentoo-commits] proj/hardened-patchset:master commit in: 4.7.4/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-patchset:master commit in: 4.7.4/
Date:	Thu, 22 Sep 2016 15:30:57
Message-Id:	`1474558214.2772388a89963ed7cbc9e11c738288028110d9be.blueness@gentoo`

1

commit:     2772388a89963ed7cbc9e11c738288028110d9be

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Thu Sep 22 15:30:14 2016 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Thu Sep 22 15:30:14 2016 +0000

6

URL:        https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=2772388a

7

8

grsecurity-3.1-4.7.4-201609211951

9

10

 4.7.4/0000_README                                  |   2 +-

11

 ...> 4420_grsecurity-3.1-4.7.4-201609211951.patch} | 154 ++++++++++++---------

12

 2 files changed, 90 insertions(+), 66 deletions(-)

13

14

diff --git a/4.7.4/0000_README b/4.7.4/0000_README

15

index 6374649..a9515bb 100644

16

--- a/4.7.4/0000_README

17

+++ b/4.7.4/0000_README

18

@@ -18,7 +18,7 @@ Patch:	1003_linux-4.7.4.patch

19

 From:	http://www.kernel.org

20

 Desc:	Linux 4.7.4

21

22

-Patch:	4420_grsecurity-3.1-4.7.4-201609152234.patch

23

+Patch:	4420_grsecurity-3.1-4.7.4-201609211951.patch

24

 From:	http://www.grsecurity.net

25

 Desc:	hardened-sources base patch from upstream grsecurity

26

27

28

diff --git a/4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch b/4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch

29

similarity index 99%

30

rename from 4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch

31

rename to 4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch

32

index 84d74fa..5bddf8c 100644

33

--- a/4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch

34

+++ b/4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch

35

@@ -956,7 +956,7 @@ index d50430c..01cc53b 100644

36

  # but it is being used too early to link to meaningful stack_chk logic.

37

  nossp_flags := $(call cc-option, -fno-stack-protector)

38

 diff --git a/arch/arm/include/asm/atomic.h b/arch/arm/include/asm/atomic.h

39

-index 9e10c45..688ea8b 100644

40

+index 9e10c45..285d152 100644

41

 --- a/arch/arm/include/asm/atomic.h

42

 +++ b/arch/arm/include/asm/atomic.h

43

 @@ -18,17 +18,41 @@

44

@@ -1404,59 +1404,29 @@ index 9e10c45..688ea8b 100644

45

46

  static inline long long

47

  atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)

48

-@@ -361,6 +555,30 @@ atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)

49

+@@ -360,7 +554,14 @@ atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)

50

+

51

  	return oldval;

52

}

53

- #define atomic64_cmpxchg_relaxed	atomic64_cmpxchg_relaxed

54

-+#define atomic64_cmpxchg_unchecked_relaxed	atomic64_cmpxchg_unchecked_relaxed

55

+

56

 +static inline long long

57

 +atomic64_cmpxchg_unchecked_relaxed(atomic64_unchecked_t *ptr, long long old, long long new)

58

+{

59

-+	long long oldval;

60

-+	unsigned long res;

61

-+

62

-+	prefetchw(&ptr->counter);

63

-+

64

-+	do {

65

-+		__asm__ __volatile__("@ atomic64_cmpxchg_unchecked\n"

66

-+		"ldrexd		%1, %H1, [%3]\n"

67

-+		"mov		%0, #0\n"

68

-+		"teq		%1, %4\n"

69

-+		"teqeq		%H1, %H4\n"

70

-+		"strexdeq	%0, %5, %H5, [%3]"

71

-+		: "=&r" (res), "=&r" (oldval), "+Qo" (ptr->counter)

72

-+		: "r" (&ptr->counter), "r" (old), "r" (new)

73

-+		: "cc");

74

-+	} while (res);

75

-+

76

-+	return oldval;

77

++	return atomic64_cmpxchg_relaxed((atomic64_t *)ptr, old, new);

78

+}

79

+ #define atomic64_cmpxchg_relaxed	atomic64_cmpxchg_relaxed

80

++#define atomic64_cmpxchg_unchecked_relaxed	atomic64_cmpxchg_unchecked_relaxed

81

82

  static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)

83

{

84

-@@ -380,26 +598,60 @@ static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)

85

+@@ -380,26 +581,46 @@ static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)

86

87

  	return result;

88

}

89

+

90

 +static inline long long atomic64_xchg_unchecked_relaxed(atomic64_unchecked_t *ptr, long long new)

91

+{

92

-+	long long result;

93

-+	unsigned long tmp;

94

-+

95

-+	prefetchw(&ptr->counter);

96

-+

97

-+	__asm__ __volatile__("@ atomic64_xchg_unchecked\n"

98

-+"1:	ldrexd	%0, %H0, [%3]\n"

99

-+"	strexd	%1, %4, %H4, [%3]\n"

100

-+"	teq	%1, #0\n"

101

-+"	bne	1b"

102

-+	: "=&r" (result), "=&r" (tmp), "+Qo" (ptr->counter)

103

-+	: "r" (&ptr->counter), "r" (new)

104

-+	: "cc");

105

-+

106

-+	return result;

107

++	return atomic64_xchg_relaxed((atomic64_t *)ptr, new);

108

+}

109

  #define atomic64_xchg_relaxed		atomic64_xchg_relaxed

110

 +#define atomic64_xchg_unchecked_relaxed		atomic64_xchg_unchecked_relaxed

111

@@ -1502,7 +1472,7 @@ index 9e10c45..688ea8b 100644

112

  	: "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)

113

  	: "r" (&v->counter)

114

  	: "cc");

115

-@@ -423,13 +675,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)

116

+@@ -423,13 +644,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)

117

  "	teq	%0, %5\n"

118

  "	teqeq	%H0, %H5\n"

119

  "	moveq	%1, #0\n"

120

@@ -1531,7 +1501,7 @@ index 9e10c45..688ea8b 100644

121

  	: "=&r" (val), "+r" (ret), "=&r" (tmp), "+Qo" (v->counter)

122

  	: "r" (&v->counter), "r" (u), "r" (a)

123

  	: "cc");

124

-@@ -442,10 +706,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)

125

+@@ -442,10 +675,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)

126

127

  #define atomic64_add_negative(a, v)	(atomic64_add_return((a), (v)) < 0)

128

  #define atomic64_inc(v)			atomic64_add(1LL, (v))

129

@@ -25839,7 +25809,7 @@ index a972ac4..938c163 100644

130

131

/*

132

 diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c

133

-index 0fe6953..a253a78 100644

134

+index 0fe6953f..a253a78 100644

135

 --- a/arch/x86/kernel/cpu/common.c

136

 +++ b/arch/x86/kernel/cpu/common.c

137

 @@ -93,60 +93,6 @@ static const struct cpu_dev default_cpu = {

138

@@ -26641,7 +26611,7 @@ index ef8017c..1543ef8 100644

139

  NOKPROBE_SYMBOL(oops_end);

140

141

 diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c

142

-index fef917e..01f2cda 100644

143

+index fef917e..be394e2 100644

144

 --- a/arch/x86/kernel/dumpstack_32.c

145

 +++ b/arch/x86/kernel/dumpstack_32.c

146

 @@ -61,13 +61,14 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,

147

@@ -26702,7 +26672,7 @@ index fef917e..01f2cda 100644

148

  	return ud2 == 0x0b0f;

149

}

150

+

151

-+#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)

152

++#ifdef CONFIG_PAX_MEMORY_STACKLEAK

153

 +void __used pax_check_alloca(unsigned long size)

154

+{

155

 +	unsigned long sp = (unsigned long)&sp, stack_left;

156

@@ -26714,7 +26684,7 @@ index fef917e..01f2cda 100644

157

 +EXPORT_SYMBOL(pax_check_alloca);

158

 +#endif

159

 diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c

160

-index d558a8a..059e830 100644

161

+index d558a8a..c30e5a9 100644

162

 --- a/arch/x86/kernel/dumpstack_64.c

163

 +++ b/arch/x86/kernel/dumpstack_64.c

164

 @@ -158,6 +158,7 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs,

165

@@ -26791,7 +26761,7 @@ index d558a8a..059e830 100644

166

  	return ud2 == 0x0b0f;

167

}

168

+

169

-+#if defined(CONFIG_PAX_MEMORY_STACKLEAK) || defined(CONFIG_PAX_USERCOPY)

170

++#ifdef CONFIG_PAX_MEMORY_STACKLEAK

171

 +void __used pax_check_alloca(unsigned long size)

172

+{

173

 +	unsigned long sp = (unsigned long)&sp, stack_start, stack_end;

174

@@ -41630,7 +41600,7 @@ index ddc4ceb..36e29aa 100644

175

}

176

177

 diff --git a/drivers/atm/solos-pci.c b/drivers/atm/solos-pci.c

178

-index 6ac2b2b..6373ebd 100644

179

+index 6ac2b2b..6373ebdc 100644

180

 --- a/drivers/atm/solos-pci.c

181

 +++ b/drivers/atm/solos-pci.c

182

 @@ -849,7 +849,7 @@ static void solos_bh(unsigned long card_arg)

183

@@ -64024,9 +63994,18 @@ index fdee772..6c3ba123 100644

184

};

185

186

 diff --git a/drivers/net/tun.c b/drivers/net/tun.c

187

-index e16487c..95eee32 100644

188

+index e16487c..c0987f1 100644

189

 --- a/drivers/net/tun.c

190

 +++ b/drivers/net/tun.c

191

+@@ -960,7 +960,7 @@ static void tun_set_headroom(struct net_device *dev, int new_hr)

192

+ {

193

+ 	struct tun_struct *tun = netdev_priv(dev);

194

+

195

+-	if (new_hr < NET_SKB_PAD)

196

++	if (new_hr < 0 || new_hr < NET_SKB_PAD)

197

+ 		new_hr = NET_SKB_PAD;

198

+

199

+ 	tun->align = new_hr;

200

 @@ -1558,7 +1558,7 @@ static int tun_validate(struct nlattr *tb[], struct nlattr *data[])

201

  	return -EINVAL;

202

}

203

@@ -70839,6 +70818,32 @@ index 109e2c9..7d3c9b5 100644

204

  	u_long	s;

205

  	int	enint_coal;

206

207

+diff --git a/drivers/scsi/arcmsr/arcmsr_hba.c b/drivers/scsi/arcmsr/arcmsr_hba.c

208

+index 7640498..110eca9 100644

209

+--- a/drivers/scsi/arcmsr/arcmsr_hba.c

210

++++ b/drivers/scsi/arcmsr/arcmsr_hba.c

211

+@@ -2388,7 +2388,8 @@ static int arcmsr_iop_message_xfer(struct AdapterControlBlock *acb,

212

+ 	}

213

+ 	case ARCMSR_MESSAGE_WRITE_WQBUFFER: {

214

+ 		unsigned char *ver_addr;

215

+-		int32_t user_len, cnt2end;

216

++		uint32_t user_len;

217

++		int32_t cnt2end;

218

+ 		uint8_t *pQbuffer, *ptmpuserbuffer;

219

+ 		ver_addr = kmalloc(ARCMSR_API_DATA_BUFLEN, GFP_ATOMIC);

220

+ 		if (!ver_addr) {

221

+@@ -2397,6 +2398,11 @@ static int arcmsr_iop_message_xfer(struct AdapterControlBlock *acb,

222

+ 		}

223

+ 		ptmpuserbuffer = ver_addr;

224

+ 		user_len = pcmdmessagefld->cmdmessage.Length;

225

++		if (user_len > ARCMSR_API_DATA_BUFLEN) {

226

++			retvalue = ARCMSR_MESSAGE_FAIL;

227

++			kfree(ver_addr);

228

++			goto message_out;

229

++		}

230

+ 		memcpy(ptmpuserbuffer,

231

+ 			pcmdmessagefld->messagedatabuffer, user_len);

232

+ 		spin_lock_irqsave(&acb->wqbuffer_lock, flags);

233

 diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c

234

 index f05e773..b48c418 100644

235

 --- a/drivers/scsi/be2iscsi/be_main.c

236

@@ -129314,7 +129319,7 @@ index c1da539..1dcec55 100644

237

  struct atmphy_ops {

238

  	int (*start)(struct atm_dev *dev);

239

 diff --git a/include/linux/atomic.h b/include/linux/atomic.h

240

-index e451534..1f808cc 100644

241

+index e451534..9fc0c28 100644

242

 --- a/include/linux/atomic.h

243

 +++ b/include/linux/atomic.h

244

 @@ -91,6 +91,13 @@

245

@@ -129379,7 +129384,7 @@ index e451534..1f808cc 100644

246

  #endif /* atomic64_xchg_relaxed */

247

248

  /* atomic64_cmpxchg_relaxed */

249

-@@ -362,6 +389,12 @@

250

+@@ -362,8 +389,23 @@

251

  #define  atomic64_cmpxchg(...)						\

252

  	__atomic_op_fence(atomic64_cmpxchg, __VA_ARGS__)

253

  #endif

254

@@ -129391,8 +129396,19 @@ index e451534..1f808cc 100644

255

+

256

  #endif /* atomic64_cmpxchg_relaxed */

257

258

++#ifndef atomic64_cmpxchg_unchecked_relaxed

259

++#define  atomic64_cmpxchg_unchecked_relaxed	atomic64_cmpxchg_unchecked

260

++#else

261

++#ifndef atomic64_cmpxchg_unchecked

262

++#define  atomic64_cmpxchg_unchecked(...)				\

263

++	__atomic_op_fence(atomic64_cmpxchg_unchecked, __VA_ARGS__)

264

++#endif

265

++#endif

266

++

267

  /* cmpxchg_relaxed */

268

-@@ -431,6 +464,10 @@

269

+ #ifndef cmpxchg_relaxed

270

+ #define  cmpxchg_relaxed		cmpxchg

271

+@@ -431,6 +473,10 @@

272

  #ifndef xchg

273

  #define  xchg(...)			__atomic_op_fence(xchg, __VA_ARGS__)

274

  #endif

275

@@ -129403,7 +129419,7 @@ index e451534..1f808cc 100644

276

  #endif /* xchg_relaxed */

277

278

/**

279

-@@ -442,7 +479,7 @@

280

+@@ -442,7 +488,7 @@

281

   * Atomically adds @a to @v, so long as @v was not already @u.

282

   * Returns non-zero if @v was not @u, and zero otherwise.

283

*/

284

@@ -149321,7 +149337,7 @@ index 5b72266..dc04ce5 100644

285

  	.priority = IPC_CALLBACK_PRI, /* use lowest priority */

286

};

287

 diff --git a/mm/mmap.c b/mm/mmap.c

288

-index de2c176..d5c0b5f 100644

289

+index de2c176..57c6313 100644

290

 --- a/mm/mmap.c

291

 +++ b/mm/mmap.c

292

 @@ -43,6 +43,7 @@

293

@@ -149765,13 +149781,7 @@ index de2c176..d5c0b5f 100644

294

{

295

/*

296

  	 * We implement the search by looking for an rbtree node that

297

-@@ -1630,11 +1853,20 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info)

298

- 			}

299

- 		}

300

-

301

--		gap_start = vma->vm_prev ? vma->vm_prev->vm_end : 0;

302

-+		gap_start = vma->vm_prev ? vma->vm_prev->vm_end: 0;

303

- check_current:

304

+@@ -1635,6 +1858,15 @@ check_current:

305

  		/* Check if current node has a suitable gap */

306

  		if (gap_start > high_limit)

307

  			return -ENOMEM;

308

@@ -161810,10 +161820,23 @@ index 9d88c62..53396b6 100644

309

  #define gssx_dec_release_handle NULL

310

  #define gssx_enc_get_mic NULL

311

 diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c

312

-index e085f5a..1132fd2 100644

313

+index e085f5a..c947fa5 100644

314

 --- a/net/sunrpc/auth_gss/svcauth_gss.c

315

 +++ b/net/sunrpc/auth_gss/svcauth_gss.c

316

-@@ -1141,7 +1141,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,

317

+@@ -569,9 +569,10 @@ gss_svc_searchbyctx(struct cache_detail *cd, struct xdr_netobj *handle)

318

+ 	struct rsc *found;

319

+

320

+ 	memset(&rsci, 0, sizeof(rsci));

321

+-	rsci.handle.data = handle->data;

322

+-	rsci.handle.len = handle->len;

323

++	if (dup_to_netobj(&rsci.handle, handle->data, handle->len))

324

++		return NULL;

325

+ 	found = rsc_lookup(cd, &rsci);

326

++	rsc_free(&rsci);

327

+ 	if (!found)

328

+ 		return NULL;

329

+ 	if (cache_check(cd, &found->h, NULL))

330

+@@ -1141,7 +1142,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,

331

  				uint64_t *handle)

332

{

333

  	struct rsc rsci, *rscp = NULL;

334

@@ -161822,7 +161845,7 @@ index e085f5a..1132fd2 100644

335

  	long long ctxh;

336

  	struct gss_api_mech *gm = NULL;

337

  	time_t expiry;

338

-@@ -1152,7 +1152,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,

339

+@@ -1152,7 +1153,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,

340

  	status = -ENOMEM;

341

  	/* the handle needs to be just a unique id,

342

  	 * use a static counter */

343

@@ -213303,10 +213326,10 @@ index f72f48f..769a657 100755

344

  # Find all available archs

345

  find_all_archs()

346

 diff --git a/security/Kconfig b/security/Kconfig

347

-index 176758c..1222b4a 100644

348

+index 176758c..f682e8b 100644

349

 --- a/security/Kconfig

350

 +++ b/security/Kconfig

351

-@@ -4,6 +4,1021 @@

352

+@@ -4,6 +4,1022 @@

353

354

  menu "Security options"

355

356

@@ -214202,6 +214225,7 @@ index 176758c..1222b4a 100644

357

 +config PAX_CONSTIFY_PLUGIN

358

 +	bool "Automatically constify eligible structures"

359

 +	default y

360

++	depends on GCC_PLUGINS

361

 +	depends on !UML && PAX_KERNEXEC

362

 +	help

363

 +	  By saying Y here the compiler will automatically constify a class

364

@@ -214328,7 +214352,7 @@ index 176758c..1222b4a 100644

365

  source security/keys/Kconfig

366

367

  config SECURITY_DMESG_RESTRICT

368

-@@ -104,7 +1119,7 @@ config INTEL_TXT

369

+@@ -104,7 +1120,7 @@ config INTEL_TXT

370

  config LSM_MMAP_MIN_ADDR

371

  	int "Low address space for LSM to protect from user allocation"

372

  	depends on SECURITY && SECURITY_SELINUX

1	commit: 2772388a89963ed7cbc9e11c738288028110d9be
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Thu Sep 22 15:30:14 2016 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Thu Sep 22 15:30:14 2016 +0000
6	URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=2772388a
7
8	grsecurity-3.1-4.7.4-201609211951
9
10	4.7.4/0000_README \| 2 +-
11	...> 4420_grsecurity-3.1-4.7.4-201609211951.patch} \| 154 ++++++++++++---------
12	2 files changed, 90 insertions(+), 66 deletions(-)
13
14	diff --git a/4.7.4/0000_README b/4.7.4/0000_README
15	index 6374649..a9515bb 100644
16	--- a/4.7.4/0000_README
17	+++ b/4.7.4/0000_README
18	@@ -18,7 +18,7 @@ Patch: 1003_linux-4.7.4.patch
19	From: http://www.kernel.org
20	Desc: Linux 4.7.4
21
22	-Patch: 4420_grsecurity-3.1-4.7.4-201609152234.patch
23	+Patch: 4420_grsecurity-3.1-4.7.4-201609211951.patch
24	From: http://www.grsecurity.net
25	Desc: hardened-sources base patch from upstream grsecurity
26
27
28	diff --git a/4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch b/4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch
29	similarity index 99%
30	rename from 4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch
31	rename to 4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch
32	index 84d74fa..5bddf8c 100644
33	--- a/4.7.4/4420_grsecurity-3.1-4.7.4-201609152234.patch
34	+++ b/4.7.4/4420_grsecurity-3.1-4.7.4-201609211951.patch
35	@@ -956,7 +956,7 @@ index d50430c..01cc53b 100644
36	# but it is being used too early to link to meaningful stack_chk logic.
37	nossp_flags := $(call cc-option, -fno-stack-protector)
38	diff --git a/arch/arm/include/asm/atomic.h b/arch/arm/include/asm/atomic.h
39	-index 9e10c45..688ea8b 100644
40	+index 9e10c45..285d152 100644
41	--- a/arch/arm/include/asm/atomic.h
42	+++ b/arch/arm/include/asm/atomic.h
43	@@ -18,17 +18,41 @@
44	@@ -1404,59 +1404,29 @@ index 9e10c45..688ea8b 100644
45
46	static inline long long
47	atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)
48	-@@ -361,6 +555,30 @@ atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)
49	+@@ -360,7 +554,14 @@ atomic64_cmpxchg_relaxed(atomic64_t *ptr, long long old, long long new)
50	+
51	return oldval;
52	}
53	- #define atomic64_cmpxchg_relaxed atomic64_cmpxchg_relaxed
54	-+#define atomic64_cmpxchg_unchecked_relaxed atomic64_cmpxchg_unchecked_relaxed
55	+
56	+static inline long long
57	+atomic64_cmpxchg_unchecked_relaxed(atomic64_unchecked_t *ptr, long long old, long long new)
58	+{
59	-+ long long oldval;
60	-+ unsigned long res;
61	-+
62	-+ prefetchw(&ptr->counter);
63	-+
64	-+ do {
65	-+ __asm__ __volatile__("@ atomic64_cmpxchg_unchecked\n"
66	-+ "ldrexd %1, %H1, [%3]\n"
67	-+ "mov %0, #0\n"
68	-+ "teq %1, %4\n"
69	-+ "teqeq %H1, %H4\n"
70	-+ "strexdeq %0, %5, %H5, [%3]"
71	-+ : "=&r" (res), "=&r" (oldval), "+Qo" (ptr->counter)
72	-+ : "r" (&ptr->counter), "r" (old), "r" (new)
73	-+ : "cc");
74	-+ } while (res);
75	-+
76	-+ return oldval;
77	++ return atomic64_cmpxchg_relaxed((atomic64_t *)ptr, old, new);
78	+}
79	+ #define atomic64_cmpxchg_relaxed atomic64_cmpxchg_relaxed
80	++#define atomic64_cmpxchg_unchecked_relaxed atomic64_cmpxchg_unchecked_relaxed
81
82	static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)
83	{
84	-@@ -380,26 +598,60 @@ static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)
85	+@@ -380,26 +581,46 @@ static inline long long atomic64_xchg_relaxed(atomic64_t *ptr, long long new)
86
87	return result;
88	}
89	+
90	+static inline long long atomic64_xchg_unchecked_relaxed(atomic64_unchecked_t *ptr, long long new)
91	+{
92	-+ long long result;
93	-+ unsigned long tmp;
94	-+
95	-+ prefetchw(&ptr->counter);
96	-+
97	-+ __asm__ __volatile__("@ atomic64_xchg_unchecked\n"
98	-+"1: ldrexd %0, %H0, [%3]\n"
99	-+" strexd %1, %4, %H4, [%3]\n"
100	-+" teq %1, #0\n"
101	-+" bne 1b"
102	-+ : "=&r" (result), "=&r" (tmp), "+Qo" (ptr->counter)
103	-+ : "r" (&ptr->counter), "r" (new)
104	-+ : "cc");
105	-+
106	-+ return result;
107	++ return atomic64_xchg_relaxed((atomic64_t *)ptr, new);
108	+}
109	#define atomic64_xchg_relaxed atomic64_xchg_relaxed
110	+#define atomic64_xchg_unchecked_relaxed atomic64_xchg_unchecked_relaxed
111	@@ -1502,7 +1472,7 @@ index 9e10c45..688ea8b 100644
112	: "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
113	: "r" (&v->counter)
114	: "cc");
115	-@@ -423,13 +675,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
116	+@@ -423,13 +644,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
117	" teq %0, %5\n"
118	" teqeq %H0, %H5\n"
119	" moveq %1, #0\n"
120	@@ -1531,7 +1501,7 @@ index 9e10c45..688ea8b 100644
121	: "=&r" (val), "+r" (ret), "=&r" (tmp), "+Qo" (v->counter)
122	: "r" (&v->counter), "r" (u), "r" (a)
123	: "cc");
124	-@@ -442,10 +706,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
125	+@@ -442,10 +675,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
126
127	#define atomic64_add_negative(a, v) (atomic64_add_return((a), (v)) < 0)
128	#define atomic64_inc(v) atomic64_add(1LL, (v))
129	@@ -25839,7 +25809,7 @@ index a972ac4..938c163 100644
130
131	/*
132	diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
133	-index 0fe6953..a253a78 100644
134	+index 0fe6953f..a253a78 100644
135	--- a/arch/x86/kernel/cpu/common.c
136	+++ b/arch/x86/kernel/cpu/common.c
137	@@ -93,60 +93,6 @@ static const struct cpu_dev default_cpu = {
138	@@ -26641,7 +26611,7 @@ index ef8017c..1543ef8 100644
139	NOKPROBE_SYMBOL(oops_end);
140
141	diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
142	-index fef917e..01f2cda 100644
143	+index fef917e..be394e2 100644
144	--- a/arch/x86/kernel/dumpstack_32.c
145	+++ b/arch/x86/kernel/dumpstack_32.c
146	@@ -61,13 +61,14 @@ void dump_trace(struct task_struct task, struct pt_regs regs,
147	@@ -26702,7 +26672,7 @@ index fef917e..01f2cda 100644
148	return ud2 == 0x0b0f;
149	}
150	+
151	-+#if defined(CONFIG_PAX_MEMORY_STACKLEAK) \|\| defined(CONFIG_PAX_USERCOPY)
152	++#ifdef CONFIG_PAX_MEMORY_STACKLEAK
153	+void __used pax_check_alloca(unsigned long size)
154	+{
155	+ unsigned long sp = (unsigned long)&sp, stack_left;
156	@@ -26714,7 +26684,7 @@ index fef917e..01f2cda 100644
157	+EXPORT_SYMBOL(pax_check_alloca);
158	+#endif
159	diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c
160	-index d558a8a..059e830 100644
161	+index d558a8a..c30e5a9 100644
162	--- a/arch/x86/kernel/dumpstack_64.c
163	+++ b/arch/x86/kernel/dumpstack_64.c
164	@@ -158,6 +158,7 @@ void dump_trace(struct task_struct task, struct pt_regs regs,
165	@@ -26791,7 +26761,7 @@ index d558a8a..059e830 100644
166	return ud2 == 0x0b0f;
167	}
168	+
169	-+#if defined(CONFIG_PAX_MEMORY_STACKLEAK) \|\| defined(CONFIG_PAX_USERCOPY)
170	++#ifdef CONFIG_PAX_MEMORY_STACKLEAK
171	+void __used pax_check_alloca(unsigned long size)
172	+{
173	+ unsigned long sp = (unsigned long)&sp, stack_start, stack_end;
174	@@ -41630,7 +41600,7 @@ index ddc4ceb..36e29aa 100644
175	}
176
177	diff --git a/drivers/atm/solos-pci.c b/drivers/atm/solos-pci.c
178	-index 6ac2b2b..6373ebd 100644
179	+index 6ac2b2b..6373ebdc 100644
180	--- a/drivers/atm/solos-pci.c
181	+++ b/drivers/atm/solos-pci.c
182	@@ -849,7 +849,7 @@ static void solos_bh(unsigned long card_arg)
183	@@ -64024,9 +63994,18 @@ index fdee772..6c3ba123 100644
184	};
185
186	diff --git a/drivers/net/tun.c b/drivers/net/tun.c
187	-index e16487c..95eee32 100644
188	+index e16487c..c0987f1 100644
189	--- a/drivers/net/tun.c
190	+++ b/drivers/net/tun.c
191	+@@ -960,7 +960,7 @@ static void tun_set_headroom(struct net_device *dev, int new_hr)
192	+ {
193	+ struct tun_struct *tun = netdev_priv(dev);
194	+
195	+- if (new_hr < NET_SKB_PAD)
196	++ if (new_hr < 0 \|\| new_hr < NET_SKB_PAD)
197	+ new_hr = NET_SKB_PAD;
198	+
199	+ tun->align = new_hr;
200	@@ -1558,7 +1558,7 @@ static int tun_validate(struct nlattr tb[], struct nlattr data[])
201	return -EINVAL;
202	}
203	@@ -70839,6 +70818,32 @@ index 109e2c9..7d3c9b5 100644
204	u_long s;
205	int enint_coal;
206
207	+diff --git a/drivers/scsi/arcmsr/arcmsr_hba.c b/drivers/scsi/arcmsr/arcmsr_hba.c
208	+index 7640498..110eca9 100644
209	+--- a/drivers/scsi/arcmsr/arcmsr_hba.c
210	++++ b/drivers/scsi/arcmsr/arcmsr_hba.c
211	+@@ -2388,7 +2388,8 @@ static int arcmsr_iop_message_xfer(struct AdapterControlBlock *acb,
212	+ }
213	+ case ARCMSR_MESSAGE_WRITE_WQBUFFER: {
214	+ unsigned char *ver_addr;
215	+- int32_t user_len, cnt2end;
216	++ uint32_t user_len;
217	++ int32_t cnt2end;
218	+ uint8_t pQbuffer, ptmpuserbuffer;
219	+ ver_addr = kmalloc(ARCMSR_API_DATA_BUFLEN, GFP_ATOMIC);
220	+ if (!ver_addr) {
221	+@@ -2397,6 +2398,11 @@ static int arcmsr_iop_message_xfer(struct AdapterControlBlock *acb,
222	+ }
223	+ ptmpuserbuffer = ver_addr;
224	+ user_len = pcmdmessagefld->cmdmessage.Length;
225	++ if (user_len > ARCMSR_API_DATA_BUFLEN) {
226	++ retvalue = ARCMSR_MESSAGE_FAIL;
227	++ kfree(ver_addr);
228	++ goto message_out;
229	++ }
230	+ memcpy(ptmpuserbuffer,
231	+ pcmdmessagefld->messagedatabuffer, user_len);
232	+ spin_lock_irqsave(&acb->wqbuffer_lock, flags);
233	diff --git a/drivers/scsi/be2iscsi/be_main.c b/drivers/scsi/be2iscsi/be_main.c
234	index f05e773..b48c418 100644
235	--- a/drivers/scsi/be2iscsi/be_main.c
236	@@ -129314,7 +129319,7 @@ index c1da539..1dcec55 100644
237	struct atmphy_ops {
238	int (start)(struct atm_dev dev);
239	diff --git a/include/linux/atomic.h b/include/linux/atomic.h
240	-index e451534..1f808cc 100644
241	+index e451534..9fc0c28 100644
242	--- a/include/linux/atomic.h
243	+++ b/include/linux/atomic.h
244	@@ -91,6 +91,13 @@
245	@@ -129379,7 +129384,7 @@ index e451534..1f808cc 100644
246	#endif /* atomic64_xchg_relaxed */
247
248	/* atomic64_cmpxchg_relaxed */
249	-@@ -362,6 +389,12 @@
250	+@@ -362,8 +389,23 @@
251	#define atomic64_cmpxchg(...) \
252	__atomic_op_fence(atomic64_cmpxchg, __VA_ARGS__)
253	#endif
254	@@ -129391,8 +129396,19 @@ index e451534..1f808cc 100644
255	+
256	#endif /* atomic64_cmpxchg_relaxed */
257
258	++#ifndef atomic64_cmpxchg_unchecked_relaxed
259	++#define atomic64_cmpxchg_unchecked_relaxed atomic64_cmpxchg_unchecked
260	++#else
261	++#ifndef atomic64_cmpxchg_unchecked
262	++#define atomic64_cmpxchg_unchecked(...) \
263	++ __atomic_op_fence(atomic64_cmpxchg_unchecked, __VA_ARGS__)
264	++#endif
265	++#endif
266	++
267	/* cmpxchg_relaxed */
268	-@@ -431,6 +464,10 @@
269	+ #ifndef cmpxchg_relaxed
270	+ #define cmpxchg_relaxed cmpxchg
271	+@@ -431,6 +473,10 @@
272	#ifndef xchg
273	#define xchg(...) __atomic_op_fence(xchg, __VA_ARGS__)
274	#endif
275	@@ -129403,7 +129419,7 @@ index e451534..1f808cc 100644
276	#endif /* xchg_relaxed */
277
278	/**
279	-@@ -442,7 +479,7 @@
280	+@@ -442,7 +488,7 @@
281	* Atomically adds @a to @v, so long as @v was not already @u.
282	* Returns non-zero if @v was not @u, and zero otherwise.
283	*/
284	@@ -149321,7 +149337,7 @@ index 5b72266..dc04ce5 100644
285	.priority = IPC_CALLBACK_PRI, /* use lowest priority */
286	};
287	diff --git a/mm/mmap.c b/mm/mmap.c
288	-index de2c176..d5c0b5f 100644
289	+index de2c176..57c6313 100644
290	--- a/mm/mmap.c
291	+++ b/mm/mmap.c
292	@@ -43,6 +43,7 @@
293	@@ -149765,13 +149781,7 @@ index de2c176..d5c0b5f 100644
294	{
295	/*
296	* We implement the search by looking for an rbtree node that
297	-@@ -1630,11 +1853,20 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info)
298	- }
299	- }
300	-
301	-- gap_start = vma->vm_prev ? vma->vm_prev->vm_end : 0;
302	-+ gap_start = vma->vm_prev ? vma->vm_prev->vm_end: 0;
303	- check_current:
304	+@@ -1635,6 +1858,15 @@ check_current:
305	/* Check if current node has a suitable gap */
306	if (gap_start > high_limit)
307	return -ENOMEM;
308	@@ -161810,10 +161820,23 @@ index 9d88c62..53396b6 100644
309	#define gssx_dec_release_handle NULL
310	#define gssx_enc_get_mic NULL
311	diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
312	-index e085f5a..1132fd2 100644
313	+index e085f5a..c947fa5 100644
314	--- a/net/sunrpc/auth_gss/svcauth_gss.c
315	+++ b/net/sunrpc/auth_gss/svcauth_gss.c
316	-@@ -1141,7 +1141,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
317	+@@ -569,9 +569,10 @@ gss_svc_searchbyctx(struct cache_detail cd, struct xdr_netobj handle)
318	+ struct rsc *found;
319	+
320	+ memset(&rsci, 0, sizeof(rsci));
321	+- rsci.handle.data = handle->data;
322	+- rsci.handle.len = handle->len;
323	++ if (dup_to_netobj(&rsci.handle, handle->data, handle->len))
324	++ return NULL;
325	+ found = rsc_lookup(cd, &rsci);
326	++ rsc_free(&rsci);
327	+ if (!found)
328	+ return NULL;
329	+ if (cache_check(cd, &found->h, NULL))
330	+@@ -1141,7 +1142,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
331	uint64_t *handle)
332	{
333	struct rsc rsci, *rscp = NULL;
334	@@ -161822,7 +161845,7 @@ index e085f5a..1132fd2 100644
335	long long ctxh;
336	struct gss_api_mech *gm = NULL;
337	time_t expiry;
338	-@@ -1152,7 +1152,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
339	+@@ -1152,7 +1153,7 @@ static int gss_proxy_save_rsc(struct cache_detail *cd,
340	status = -ENOMEM;
341	/* the handle needs to be just a unique id,
342	* use a static counter */
343	@@ -213303,10 +213326,10 @@ index f72f48f..769a657 100755
344	# Find all available archs
345	find_all_archs()
346	diff --git a/security/Kconfig b/security/Kconfig
347	-index 176758c..1222b4a 100644
348	+index 176758c..f682e8b 100644
349	--- a/security/Kconfig
350	+++ b/security/Kconfig
351	-@@ -4,6 +4,1021 @@
352	+@@ -4,6 +4,1022 @@
353
354	menu "Security options"
355
356	@@ -214202,6 +214225,7 @@ index 176758c..1222b4a 100644
357	+config PAX_CONSTIFY_PLUGIN
358	+ bool "Automatically constify eligible structures"
359	+ default y
360	++ depends on GCC_PLUGINS
361	+ depends on !UML && PAX_KERNEXEC
362	+ help
363	+ By saying Y here the compiler will automatically constify a class
364	@@ -214328,7 +214352,7 @@ index 176758c..1222b4a 100644
365	source security/keys/Kconfig
366
367	config SECURITY_DMESG_RESTRICT
368	-@@ -104,7 +1119,7 @@ config INTEL_TXT
369	+@@ -104,7 +1120,7 @@ config INTEL_TXT
370	config LSM_MMAP_MIN_ADDR
371	int "Low address space for LSM to protect from user allocation"
372	depends on SECURITY && SECURITY_SELINUX

Gentoo Archives: gentoo-commits