Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 4.2.5/
Date: Tue, 03 Nov 2015 08:18:27
Message-Id: 1446539066.62e8f25d6636b09b18cb25cb1bb491cc026b5b08.blueness@gentoo
1 commit: 62e8f25d6636b09b18cb25cb1bb491cc026b5b08
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Tue Nov 3 08:24:26 2015 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Tue Nov 3 08:24:26 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=62e8f25d
7
8 grsecurity-3.1-4.2.5-201511021814
9
10 4.2.5/0000_README | 2 +-
11 ...> 4420_grsecurity-3.1-4.2.5-201511021814.patch} | 318 +++++++++++++++------
12 2 files changed, 232 insertions(+), 88 deletions(-)
13
14 diff --git a/4.2.5/0000_README b/4.2.5/0000_README
15 index 0d8d90f..35d5d28 100644
16 --- a/4.2.5/0000_README
17 +++ b/4.2.5/0000_README
18 @@ -2,7 +2,7 @@ README
19 -----------------------------------------------------------------------------
20 Individual Patch Descriptions:
21 -----------------------------------------------------------------------------
22 -Patch: 4420_grsecurity-3.1-4.2.5-201510290852.patch
23 +Patch: 4420_grsecurity-3.1-4.2.5-201511021814.patch
24 From: http://www.grsecurity.net
25 Desc: hardened-sources base patch from upstream grsecurity
26
27
28 diff --git a/4.2.5/4420_grsecurity-3.1-4.2.5-201510290852.patch b/4.2.5/4420_grsecurity-3.1-4.2.5-201511021814.patch
29 similarity index 99%
30 rename from 4.2.5/4420_grsecurity-3.1-4.2.5-201510290852.patch
31 rename to 4.2.5/4420_grsecurity-3.1-4.2.5-201511021814.patch
32 index db09c8a..52245c5 100644
33 --- a/4.2.5/4420_grsecurity-3.1-4.2.5-201510290852.patch
34 +++ b/4.2.5/4420_grsecurity-3.1-4.2.5-201511021814.patch
35 @@ -25173,7 +25173,7 @@ index d25097c..e2df353 100644
36 return MXCSR_DEFAULT;
37 }
38 diff --git a/arch/x86/kernel/fpu/init.c b/arch/x86/kernel/fpu/init.c
39 -index d14e9ac..f1334f8 100644
40 +index d14e9ac..13442f0 100644
41 --- a/arch/x86/kernel/fpu/init.c
42 +++ b/arch/x86/kernel/fpu/init.c
43 @@ -42,7 +42,7 @@ static void fpu__init_cpu_generic(void)
44 @@ -25229,17 +25229,7 @@ index d14e9ac..f1334f8 100644
45
46 /*
47 * Set up the xstate_size based on the legacy FPU context size.
48 -@@ -300,6 +265,9 @@ static void __init fpu__init_system_ctx_switch(void)
49 - }
50 - }
51 -
52 -+ /* XXX: Temporarily forcing eager FPU mode */
53 -+ eagerfpu = ENABLE;
54 -+
55 - if (eagerfpu == ENABLE)
56 - setup_force_cpu_cap(X86_FEATURE_EAGER_FPU);
57 -
58 -@@ -331,7 +299,6 @@ void __init fpu__init_system(struct cpuinfo_x86 *c)
59 +@@ -331,7 +296,6 @@ void __init fpu__init_system(struct cpuinfo_x86 *c)
60 fpu__init_system_generic();
61 fpu__init_system_xstate_size_legacy();
62 fpu__init_system_xstate();
63 @@ -27814,7 +27804,7 @@ index adf0392..88a7576 100644
64 dma_generic_free_coherent(dev, size, vaddr, dma_addr, attrs);
65 }
66 diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
67 -index c27cad7..47e3f47 100644
68 +index c27cad7..cc494be 100644
69 --- a/arch/x86/kernel/process.c
70 +++ b/arch/x86/kernel/process.c
71 @@ -15,6 +15,7 @@
72 @@ -27843,7 +27833,7 @@ index c27cad7..47e3f47 100644
73 };
74 EXPORT_PER_CPU_SYMBOL(cpu_tss);
75
76 -@@ -75,17 +78,35 @@ void idle_notifier_unregister(struct notifier_block *n)
77 +@@ -75,17 +78,37 @@ void idle_notifier_unregister(struct notifier_block *n)
78 EXPORT_SYMBOL_GPL(idle_notifier_unregister);
79 #endif
80
81 @@ -27866,8 +27856,10 @@ index c27cad7..47e3f47 100644
82 {
83 - memcpy(dst, src, arch_task_struct_size);
84 + *dst = *src;
85 -
86 ++
87 + dst->thread.fpu.state = kmem_cache_alloc_node(fpregs_state_cachep, GFP_KERNEL, tsk_fork_get_node(src));
88 ++ memcpy(dst->thread.fpu.state, src->thread.fpu.state, xstate_size);
89 +
90 return fpu__copy(&dst->thread.fpu, &src->thread.fpu);
91 }
92
93 @@ -27880,7 +27872,7 @@ index c27cad7..47e3f47 100644
94 /*
95 * Free current thread data structures etc..
96 */
97 -@@ -97,7 +118,7 @@ void exit_thread(void)
98 +@@ -97,7 +120,7 @@ void exit_thread(void)
99 struct fpu *fpu = &t->fpu;
100
101 if (bp) {
102 @@ -27889,7 +27881,7 @@ index c27cad7..47e3f47 100644
103
104 t->io_bitmap_ptr = NULL;
105 clear_thread_flag(TIF_IO_BITMAP);
106 -@@ -117,6 +138,9 @@ void flush_thread(void)
107 +@@ -117,6 +140,9 @@ void flush_thread(void)
108 {
109 struct task_struct *tsk = current;
110
111 @@ -27899,7 +27891,7 @@ index c27cad7..47e3f47 100644
112 flush_ptrace_hw_breakpoint(tsk);
113 memset(tsk->thread.tls_array, 0, sizeof(tsk->thread.tls_array));
114
115 -@@ -258,7 +282,7 @@ static void __exit_idle(void)
116 +@@ -258,7 +284,7 @@ static void __exit_idle(void)
117 void exit_idle(void)
118 {
119 /* idle loop has pid 0 */
120 @@ -27908,7 +27900,7 @@ index c27cad7..47e3f47 100644
121 return;
122 __exit_idle();
123 }
124 -@@ -311,7 +335,7 @@ bool xen_set_default_idle(void)
125 +@@ -311,7 +337,7 @@ bool xen_set_default_idle(void)
126 return ret;
127 }
128 #endif
129 @@ -27917,7 +27909,7 @@ index c27cad7..47e3f47 100644
130 {
131 local_irq_disable();
132 /*
133 -@@ -488,16 +512,40 @@ static int __init idle_setup(char *str)
134 +@@ -488,16 +514,40 @@ static int __init idle_setup(char *str)
135 }
136 early_param("idle", idle_setup);
137
138 @@ -49948,9 +49940,18 @@ index e8c96b8..516a96c 100644
139 Say Y here if you want to support for Freescale FlexCAN.
140
141 diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c
142 -index aede704..b516b4d 100644
143 +index aede704..ca734ed 100644
144 --- a/drivers/net/can/dev.c
145 +++ b/drivers/net/can/dev.c
146 +@@ -915,7 +915,7 @@ static int can_fill_info(struct sk_buff *skb, const struct net_device *dev)
147 + nla_put(skb, IFLA_CAN_BITTIMING_CONST,
148 + sizeof(*priv->bittiming_const), priv->bittiming_const)) ||
149 +
150 +- nla_put(skb, IFLA_CAN_CLOCK, sizeof(cm), &priv->clock) ||
151 ++ nla_put(skb, IFLA_CAN_CLOCK, sizeof(priv->clock), &priv->clock) ||
152 + nla_put_u32(skb, IFLA_CAN_STATE, state) ||
153 + nla_put(skb, IFLA_CAN_CTRLMODE, sizeof(cm), &cm) ||
154 + nla_put_u32(skb, IFLA_CAN_RESTART_MS, priv->restart_ms) ||
155 @@ -961,7 +961,7 @@ static int can_newlink(struct net *src_net, struct net_device *dev,
156 return -EOPNOTSUPP;
157 }
158 @@ -51028,6 +51029,19 @@ index e5ba040..d47531c 100644
159 smp_mb();
160
161 /* need lock to prevent incorrect read while modifying cyclecounter */
162 +diff --git a/drivers/net/ethernet/mellanox/mlx4/cmd.c b/drivers/net/ethernet/mellanox/mlx4/cmd.c
163 +index 0a32020..2177e56 100644
164 +--- a/drivers/net/ethernet/mellanox/mlx4/cmd.c
165 ++++ b/drivers/net/ethernet/mellanox/mlx4/cmd.c
166 +@@ -2398,7 +2398,7 @@ int mlx4_multi_func_init(struct mlx4_dev *dev)
167 + }
168 + }
169 +
170 +- memset(&priv->mfunc.master.cmd_eqe, 0, dev->caps.eqe_size);
171 ++ memset(&priv->mfunc.master.cmd_eqe, 0, sizeof(struct mlx4_eqe));
172 + priv->mfunc.master.cmd_eqe.type = MLX4_EVENT_TYPE_CMD;
173 + INIT_WORK(&priv->mfunc.master.comm_work,
174 + mlx4_master_comm_channel);
175 diff --git a/drivers/net/ethernet/mellanox/mlx4/en_tx.c b/drivers/net/ethernet/mellanox/mlx4/en_tx.c
176 index c10d98f..72914c6 100644
177 --- a/drivers/net/ethernet/mellanox/mlx4/en_tx.c
178 @@ -51043,6 +51057,19 @@ index c10d98f..72914c6 100644
179
180 netdev_tx_completed_queue(ring->tx_queue, packets, bytes);
181
182 +diff --git a/drivers/net/ethernet/mellanox/mlx4/eq.c b/drivers/net/ethernet/mellanox/mlx4/eq.c
183 +index 8e81e53..ad8f95d 100644
184 +--- a/drivers/net/ethernet/mellanox/mlx4/eq.c
185 ++++ b/drivers/net/ethernet/mellanox/mlx4/eq.c
186 +@@ -196,7 +196,7 @@ static void slave_event(struct mlx4_dev *dev, u8 slave, struct mlx4_eqe *eqe)
187 + return;
188 + }
189 +
190 +- memcpy(s_eqe, eqe, dev->caps.eqe_size - 1);
191 ++ memcpy(s_eqe, eqe, sizeof(struct mlx4_eqe) - 1);
192 + s_eqe->slave_id = slave;
193 + /* ensure all information is written before setting the ownersip bit */
194 + dma_wmb();
195 diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
196 index 40206da..9d94643 100644
197 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
198 @@ -53012,9 +53039,18 @@ index f66be86..6cbcabb 100644
199
200 /**
201 diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
202 -index 312f23a..d21181c 100644
203 +index 312f23a..8c8b922 100644
204 --- a/drivers/pci/pci-sysfs.c
205 +++ b/drivers/pci/pci-sysfs.c
206 +@@ -216,7 +216,7 @@ static ssize_t numa_node_store(struct device *dev,
207 + if (ret)
208 + return ret;
209 +
210 +- if (!node_online(node))
211 ++ if (node >= MAX_NUMNODES || !node_online(node))
212 + return -EINVAL;
213 +
214 + add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
215 @@ -1140,7 +1140,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine)
216 {
217 /* allocate attribute structure, piggyback attribute name */
218 @@ -74263,7 +74299,7 @@ index 0000000..43d7c4f
219 +:1095D00080000A8080000A00800009808000090065
220 +:00000001FF
221 diff --git a/fs/Kconfig.binfmt b/fs/Kconfig.binfmt
222 -index 2d0cbbd..a6d6149 100644
223 +index 2d0cbbd..a6d61492 100644
224 --- a/fs/Kconfig.binfmt
225 +++ b/fs/Kconfig.binfmt
226 @@ -103,7 +103,7 @@ config HAVE_AOUT
227 @@ -81535,8 +81571,35 @@ index e33dab2..cdbdad9 100644
228 }
229 }
230 putname(tmp);
231 +diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c
232 +index 84d693d..871fcb6 100644
233 +--- a/fs/overlayfs/copy_up.c
234 ++++ b/fs/overlayfs/copy_up.c
235 +@@ -81,11 +81,11 @@ static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len)
236 + if (len == 0)
237 + return 0;
238 +
239 +- old_file = ovl_path_open(old, O_RDONLY);
240 ++ old_file = ovl_path_open(old, O_LARGEFILE | O_RDONLY);
241 + if (IS_ERR(old_file))
242 + return PTR_ERR(old_file);
243 +
244 +- new_file = ovl_path_open(new, O_WRONLY);
245 ++ new_file = ovl_path_open(new, O_LARGEFILE | O_WRONLY);
246 + if (IS_ERR(new_file)) {
247 + error = PTR_ERR(new_file);
248 + goto out_fput;
249 +@@ -267,7 +267,7 @@ out:
250 +
251 + out_cleanup:
252 + ovl_cleanup(wdir, newdentry);
253 +- goto out;
254 ++ goto out2;
255 + }
256 +
257 + /*
258 diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
259 -index d9da5a4..7ced3c7 100644
260 +index d9da5a4..f9b5b82 100644
261 --- a/fs/overlayfs/inode.c
262 +++ b/fs/overlayfs/inode.c
263 @@ -346,6 +346,9 @@ struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags)
264 @@ -81549,8 +81612,18 @@ index d9da5a4..7ced3c7 100644
265 type = ovl_path_real(dentry, &realpath);
266 if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) {
267 err = ovl_want_write(dentry);
268 +@@ -363,6 +366,9 @@ struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags)
269 + ovl_path_upper(dentry, &realpath);
270 + }
271 +
272 ++ if (realpath.dentry->d_flags & DCACHE_OP_SELECT_INODE)
273 ++ return realpath.dentry->d_op->d_select_inode(realpath.dentry, file_flags);
274 ++
275 + return d_backing_inode(realpath.dentry);
276 + }
277 +
278 diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
279 -index 79073d6..0eb5c27 100644
280 +index 79073d6..6fc10e4 100644
281 --- a/fs/overlayfs/super.c
282 +++ b/fs/overlayfs/super.c
283 @@ -172,7 +172,7 @@ void ovl_path_lower(struct dentry *dentry, struct path *path)
284 @@ -81562,7 +81635,15 @@ index 79073d6..0eb5c27 100644
285 }
286
287 int ovl_want_write(struct dentry *dentry)
288 -@@ -879,8 +879,8 @@ static unsigned int ovl_split_lowerdirs(char *str)
289 +@@ -544,6 +544,7 @@ static void ovl_put_super(struct super_block *sb)
290 + mntput(ufs->upper_mnt);
291 + for (i = 0; i < ufs->numlower; i++)
292 + mntput(ufs->lower_mnt[i]);
293 ++ kfree(ufs->lower_mnt);
294 +
295 + kfree(ufs->config.lowerdir);
296 + kfree(ufs->config.upperdir);
297 +@@ -879,8 +880,8 @@ static unsigned int ovl_split_lowerdirs(char *str)
298
299 static int ovl_fill_super(struct super_block *sb, void *data, int silent)
300 {
301 @@ -81573,6 +81654,14 @@ index 79073d6..0eb5c27 100644
302 struct dentry *root_dentry;
303 struct ovl_entry *oe;
304 struct ovl_fs *ufs;
305 +@@ -1048,6 +1049,7 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
306 + oe->lowerstack[i].dentry = stack[i].dentry;
307 + oe->lowerstack[i].mnt = ufs->lower_mnt[i];
308 + }
309 ++ kfree(stack);
310 +
311 + root_dentry->d_fsdata = oe;
312 +
313 diff --git a/fs/pipe.c b/fs/pipe.c
314 index 8865f79..bd2c79b 100644
315 --- a/fs/pipe.c
316 @@ -82879,12 +82968,34 @@ index 92e6726..a600d4fa 100644
317 .priority = 0,
318 };
319 diff --git a/fs/proc/meminfo.c b/fs/proc/meminfo.c
320 -index d3ebf2e..6ad42d1 100644
321 +index d3ebf2e..abe1823 100644
322 --- a/fs/proc/meminfo.c
323 +++ b/fs/proc/meminfo.c
324 -@@ -194,7 +194,7 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
325 - vmi.used >> 10,
326 - vmi.largest_chunk >> 10
327 +@@ -27,7 +27,6 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
328 + {
329 + struct sysinfo i;
330 + unsigned long committed;
331 +- struct vmalloc_info vmi;
332 + long cached;
333 + long available;
334 + unsigned long pagecache;
335 +@@ -49,8 +48,6 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
336 + if (cached < 0)
337 + cached = 0;
338 +
339 +- get_vmalloc_info(&vmi);
340 +-
341 + for (lru = LRU_BASE; lru < NR_LRU_LISTS; lru++)
342 + pages[lru] = global_page_state(NR_LRU_BASE + lru);
343 +
344 +@@ -191,10 +188,10 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
345 + K(vm_commit_limit()),
346 + K(committed),
347 + (unsigned long)VMALLOC_TOTAL >> 10,
348 +- vmi.used >> 10,
349 +- vmi.largest_chunk >> 10
350 ++ 0ul, // used to be vmalloc 'used'
351 ++ 0ul // used to be vmalloc 'largest_chunk'
352 #ifdef CONFIG_MEMORY_FAILURE
353 - , atomic_long_read(&num_poisoned_pages) << (PAGE_SHIFT - 10)
354 + , atomic_long_read_unchecked(&num_poisoned_pages) << (PAGE_SHIFT - 10)
355 @@ -97005,7 +97116,7 @@ index a76c917..63b52db 100644
356 asmlinkage long compat_sys_lookup_dcookie(u32, u32, char __user *, compat_size_t);
357 /*
358 diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
359 -index dfaa7b3..d8bb2a0 100644
360 +index dfaa7b3..58cebfb 100644
361 --- a/include/linux/compiler-gcc.h
362 +++ b/include/linux/compiler-gcc.h
363 @@ -116,8 +116,8 @@
364 @@ -97058,17 +97169,6 @@ index dfaa7b3..d8bb2a0 100644
365 /*
366 * Mark a position in code as unreachable. This can be used to
367 * suppress control flow warnings after asm blocks that transfer
368 -@@ -237,6 +266,10 @@
369 - #define KASAN_ABI_VERSION 3
370 - #endif
371 -
372 -+#if GCC_VERSION >= 50000
373 -+//#define CC_HAVE_BUILTIN_OVERFLOW
374 -+#endif
375 -+
376 - #endif /* gcc version >= 40000 specific checks */
377 -
378 - #if !defined(__noclone)
379 diff --git a/include/linux/compiler.h b/include/linux/compiler.h
380 index e08a6ae..2e5e776 100644
381 --- a/include/linux/compiler.h
382 @@ -100708,30 +100808,6 @@ index b2a0f15..4d7da32 100644
383
384 /** create a directory */
385 struct dentry *oprofilefs_mkdir(struct dentry *parent, char const *name);
386 -diff --git a/include/linux/overflow-arith.h b/include/linux/overflow-arith.h
387 -new file mode 100644
388 -index 0000000..e12ccf8
389 ---- /dev/null
390 -+++ b/include/linux/overflow-arith.h
391 -@@ -0,0 +1,18 @@
392 -+#pragma once
393 -+
394 -+#include <linux/kernel.h>
395 -+
396 -+#ifdef CC_HAVE_BUILTIN_OVERFLOW
397 -+
398 -+#define overflow_usub __builtin_usub_overflow
399 -+
400 -+#else
401 -+
402 -+static inline bool overflow_usub(unsigned int a, unsigned int b,
403 -+ unsigned int *res)
404 -+{
405 -+ *res = a - b;
406 -+ return *res > a ? true : false;
407 -+}
408 -+
409 -+#endif
410 diff --git a/include/linux/padata.h b/include/linux/padata.h
411 index 4386946..f50c615 100644
412 --- a/include/linux/padata.h
413 @@ -102802,7 +102878,7 @@ index b483abd..af305ad 100644
414 #endif
415 #endif /* _LINUX_VGA_SWITCHEROO_H_ */
416 diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h
417 -index 0ec5983..d5888bb 100644
418 +index 0ec5983..66d8171 100644
419 --- a/include/linux/vmalloc.h
420 +++ b/include/linux/vmalloc.h
421 @@ -18,6 +18,14 @@ struct vm_area_struct; /* vma defining user mapping in mm_types.h */
422 @@ -102848,6 +102924,29 @@ index 0ec5983..d5888bb 100644
423
424 /*
425 * Internals. Dont't use..
426 +@@ -182,22 +195,10 @@ pcpu_free_vm_areas(struct vm_struct **vms, int nr_vms)
427 + # endif
428 + #endif
429 +
430 +-struct vmalloc_info {
431 +- unsigned long used;
432 +- unsigned long largest_chunk;
433 +-};
434 +-
435 + #ifdef CONFIG_MMU
436 + #define VMALLOC_TOTAL (VMALLOC_END - VMALLOC_START)
437 +-extern void get_vmalloc_info(struct vmalloc_info *vmi);
438 + #else
439 +-
440 + #define VMALLOC_TOTAL 0UL
441 +-#define get_vmalloc_info(vmi) \
442 +-do { \
443 +- (vmi)->used = 0; \
444 +- (vmi)->largest_chunk = 0; \
445 +-} while (0)
446 + #endif
447 +
448 + #endif /* _LINUX_VMALLOC_H */
449 diff --git a/include/linux/vmstat.h b/include/linux/vmstat.h
450 index 82e7db7..f8ce3d0 100644
451 --- a/include/linux/vmstat.h
452 @@ -117219,7 +117318,7 @@ index 68ff8a5..40c7a70 100644
453
454 if (len > buflen)
455 diff --git a/mm/vmalloc.c b/mm/vmalloc.c
456 -index 2faaa29..c816cf4 100644
457 +index 2faaa29..7ac7a6d 100644
458 --- a/mm/vmalloc.c
459 +++ b/mm/vmalloc.c
460 @@ -40,20 +40,65 @@ struct vfree_deferred {
461 @@ -117565,6 +117664,59 @@ index 2faaa29..c816cf4 100644
462
463 if (v->nr_pages)
464 seq_printf(m, " pages=%d", v->nr_pages);
465 +@@ -2688,52 +2844,5 @@ static int __init proc_vmalloc_init(void)
466 + }
467 + module_init(proc_vmalloc_init);
468 +
469 +-void get_vmalloc_info(struct vmalloc_info *vmi)
470 +-{
471 +- struct vmap_area *va;
472 +- unsigned long free_area_size;
473 +- unsigned long prev_end;
474 +-
475 +- vmi->used = 0;
476 +- vmi->largest_chunk = 0;
477 +-
478 +- prev_end = VMALLOC_START;
479 +-
480 +- rcu_read_lock();
481 +-
482 +- if (list_empty(&vmap_area_list)) {
483 +- vmi->largest_chunk = VMALLOC_TOTAL;
484 +- goto out;
485 +- }
486 +-
487 +- list_for_each_entry_rcu(va, &vmap_area_list, list) {
488 +- unsigned long addr = va->va_start;
489 +-
490 +- /*
491 +- * Some archs keep another range for modules in vmalloc space
492 +- */
493 +- if (addr < VMALLOC_START)
494 +- continue;
495 +- if (addr >= VMALLOC_END)
496 +- break;
497 +-
498 +- if (va->flags & (VM_LAZY_FREE | VM_LAZY_FREEING))
499 +- continue;
500 +-
501 +- vmi->used += (va->va_end - va->va_start);
502 +-
503 +- free_area_size = addr - prev_end;
504 +- if (vmi->largest_chunk < free_area_size)
505 +- vmi->largest_chunk = free_area_size;
506 +-
507 +- prev_end = va->va_end;
508 +- }
509 +-
510 +- if (VMALLOC_END - prev_end > vmi->largest_chunk)
511 +- vmi->largest_chunk = VMALLOC_END - prev_end;
512 +-
513 +-out:
514 +- rcu_read_unlock();
515 +-}
516 + #endif
517 +
518 diff --git a/mm/vmstat.c b/mm/vmstat.c
519 index 4f5cd97..9fb715a 100644
520 --- a/mm/vmstat.c
521 @@ -120773,29 +120925,18 @@ index 69f4f68..1f97524 100644
522 .maxtype = IFLA_GRE_MAX,
523 .policy = ip6gre_policy,
524 diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
525 -index d5f7716..b4b3821 100644
526 +index d5f7716..7da025a 100644
527 --- a/net/ipv6/ip6_output.c
528 +++ b/net/ipv6/ip6_output.c
529 -@@ -28,6 +28,7 @@
530 -
531 - #include <linux/errno.h>
532 - #include <linux/kernel.h>
533 -+#include <linux/overflow-arith.h>
534 - #include <linux/string.h>
535 - #include <linux/socket.h>
536 - #include <linux/net.h>
537 -@@ -581,7 +582,10 @@ int ip6_fragment(struct sock *sk, struct sk_buff *skb,
538 +@@ -581,6 +581,8 @@ int ip6_fragment(struct sock *sk, struct sk_buff *skb,
539 if (np->frag_size)
540 mtu = np->frag_size;
541 }
542 -- mtu -= hlen + sizeof(struct frag_hdr);
543 -+
544 -+ if (overflow_usub(mtu, hlen + sizeof(struct frag_hdr), &mtu) ||
545 -+ mtu <= 7)
546 ++ if (mtu < hlen + sizeof(struct frag_hdr) + 8)
547 + goto fail_toobig;
548 + mtu -= hlen + sizeof(struct frag_hdr);
549
550 frag_id = ipv6_select_ident(net, &ipv6_hdr(skb)->daddr,
551 - &ipv6_hdr(skb)->saddr);
552 diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
553 index 2e67b66..b816b34 100644
554 --- a/net/ipv6/ip6_tunnel.c
555 @@ -144927,10 +145068,10 @@ index 0000000..37e2e91
556 +#endif
557 diff --git a/tools/gcc/size_overflow_plugin/intentional_overflow.c b/tools/gcc/size_overflow_plugin/intentional_overflow.c
558 new file mode 100644
559 -index 0000000..f888be6
560 +index 0000000..62eb578
561 --- /dev/null
562 +++ b/tools/gcc/size_overflow_plugin/intentional_overflow.c
563 -@@ -0,0 +1,944 @@
564 +@@ -0,0 +1,947 @@
565 +/*
566 + * Copyright 2011-2015 by Emese Revfy <re.emese@×××××.com>
567 + * Licensed under the GPL v2, or (at your option) v3
568 @@ -145138,6 +145279,9 @@ index 0000000..f888be6
569 + switch (TREE_CODE(node)) {
570 + case COMPONENT_REF:
571 + cur_decl = search_field_decl(node);
572 ++ // !!! temporarily ignore bitfield types
573 ++ if (DECL_BIT_FIELD_TYPE(cur_decl))
574 ++ return MARK_YES;
575 + if (is_turn_off_intentional_attr(cur_decl))
576 + return MARK_TURN_OFF;
577 + if (is_end_intentional_intentional_attr(cur_decl))
578 @@ -169141,7 +169285,7 @@ index 0000000..6075e8f
579 +
580 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c
581 new file mode 100644
582 -index 0000000..b6d179f
583 +index 0000000..a82cc026
584 --- /dev/null
585 +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c
586 @@ -0,0 +1,318 @@
587 @@ -169176,7 +169320,7 @@ index 0000000..b6d179f
588 +tree size_overflow_type_TI;
589 +
590 +static struct plugin_info size_overflow_plugin_info = {
591 -+ .version = "20151026",
592 ++ .version = "20151029",
593 + .help = "no-size-overflow\tturn off size overflow checking\n",
594 +};
595 +
Report Message
Find on MARC Find on Google Groups