Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.55/, 3.13.3/
Date: Tue, 25 Feb 2014 14:33:31
Message-Id: 1393338881.dc5a4e9bf9471a2e93a27d65a0d6877fb05d3065.blueness@gentoo
1 commit: dc5a4e9bf9471a2e93a27d65a0d6877fb05d3065
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Tue Feb 25 14:34:41 2014 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Tue Feb 25 14:34:41 2014 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=dc5a4e9b
7
8 Grsec/PaX: 3.0-{3.2.55,3.13.4}-201402221308
9
10 ---
11 3.13.3/0000_README | 2 +-
12 ... 4420_grsecurity-3.0-3.13.4-201402221308.patch} | 242 +++++++++++++++------
13 3.2.55/0000_README | 2 +-
14 ... 4420_grsecurity-3.0-3.2.55-201402221305.patch} | 196 ++++++++++++++---
15 4 files changed, 338 insertions(+), 104 deletions(-)
16
17 diff --git a/3.13.3/0000_README b/3.13.3/0000_README
18 index 398b4fa..dc48ad4 100644
19 --- a/3.13.3/0000_README
20 +++ b/3.13.3/0000_README
21 @@ -2,7 +2,7 @@ README
22 -----------------------------------------------------------------------------
23 Individual Patch Descriptions:
24 -----------------------------------------------------------------------------
25 -Patch: 4420_grsecurity-3.0-3.13.3-201402192252.patch
26 +Patch: 4420_grsecurity-3.0-3.13.4-201402221308.patch
27 From: http://www.grsecurity.net
28 Desc: hardened-sources base patch from upstream grsecurity
29
30
31 diff --git a/3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch b/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch
32 similarity index 99%
33 rename from 3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch
34 rename to 3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch
35 index 26f9252..0cb3174 100644
36 --- a/3.13.3/4420_grsecurity-3.0-3.13.3-201402192252.patch
37 +++ b/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch
38 @@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644
39
40 pcd. [PARIDE]
41 diff --git a/Makefile b/Makefile
42 -index 704b508..4a788c4 100644
43 +index 2236ed8..89d7bf0 100644
44 --- a/Makefile
45 +++ b/Makefile
46 @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
47 @@ -895,7 +895,7 @@ index c1f1a7e..554b0cd 100644
48 kexec is a system call that implements the ability to shutdown your
49 current kernel, and to start another kernel. It is like a reboot
50 diff --git a/arch/arm/include/asm/atomic.h b/arch/arm/include/asm/atomic.h
51 -index 62d2cb5..7a13651 100644
52 +index 62d2cb5..09d45e3 100644
53 --- a/arch/arm/include/asm/atomic.h
54 +++ b/arch/arm/include/asm/atomic.h
55 @@ -18,17 +18,35 @@
56 @@ -1398,7 +1398,7 @@ index 62d2cb5..7a13651 100644
57 " sbc %R0, %R0, %R4\n"
58 " strexd %1, %0, %H0, [%3]\n"
59 " teq %1, #0\n"
60 -@@ -344,17 +691,28 @@ static inline long long atomic64_sub_return(long long i, atomic64_t *v)
61 +@@ -344,16 +691,29 @@ static inline long long atomic64_sub_return(long long i, atomic64_t *v)
62 __asm__ __volatile__("@ atomic64_sub_return\n"
63 "1: ldrexd %0, %H0, [%3]\n"
64 " subs %Q0, %Q0, %Q4\n"
65 @@ -1425,14 +1425,13 @@ index 62d2cb5..7a13651 100644
66 : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
67 : "r" (&v->counter), "r" (i)
68 : "cc");
69 --
70 +
71 - smp_mb();
72 -
73 -- return result;
74 + return result;
75 }
76
77 - static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old,
78 -@@ -382,6 +740,31 @@ static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old,
79 +@@ -382,6 +742,31 @@ static inline long long atomic64_cmpxchg(atomic64_t *ptr, long long old,
80 return oldval;
81 }
82
83 @@ -1464,7 +1463,7 @@ index 62d2cb5..7a13651 100644
84 static inline long long atomic64_xchg(atomic64_t *ptr, long long new)
85 {
86 long long result;
87 -@@ -406,20 +789,34 @@ static inline long long atomic64_xchg(atomic64_t *ptr, long long new)
88 +@@ -406,20 +791,34 @@ static inline long long atomic64_xchg(atomic64_t *ptr, long long new)
89 static inline long long atomic64_dec_if_positive(atomic64_t *v)
90 {
91 long long result;
92 @@ -1505,7 +1504,7 @@ index 62d2cb5..7a13651 100644
93 : "=&r" (result), "=&r" (tmp), "+Qo" (v->counter)
94 : "r" (&v->counter)
95 : "cc");
96 -@@ -442,13 +839,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
97 +@@ -442,13 +841,25 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
98 " teq %0, %5\n"
99 " teqeq %H0, %H5\n"
100 " moveq %1, #0\n"
101 @@ -1534,7 +1533,7 @@ index 62d2cb5..7a13651 100644
102 : "=&r" (val), "+r" (ret), "=&r" (tmp), "+Qo" (v->counter)
103 : "r" (&v->counter), "r" (u), "r" (a)
104 : "cc");
105 -@@ -461,10 +870,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
106 +@@ -461,10 +872,13 @@ static inline int atomic64_add_unless(atomic64_t *v, long long a, long long u)
107
108 #define atomic64_add_negative(a, v) (atomic64_add_return((a), (v)) < 0)
109 #define atomic64_inc(v) atomic64_add(1LL, (v))
110 @@ -38160,7 +38159,7 @@ index d39cca6..8c1e269 100644
111
112 if (cmd != SIOCWANDEV)
113 diff --git a/drivers/char/random.c b/drivers/char/random.c
114 -index 429b75b..a4f540d 100644
115 +index 429b75b..a7f4145 100644
116 --- a/drivers/char/random.c
117 +++ b/drivers/char/random.c
118 @@ -270,10 +270,17 @@
119 @@ -38211,6 +38210,19 @@ index 429b75b..a4f540d 100644
120 #if 0
121 /* x^2048 + x^1638 + x^1231 + x^819 + x^411 + x + 1 -- 115 */
122 { S(2048), 1638, 1231, 819, 411, 1 },
123 +@@ -433,9 +444,9 @@ struct entropy_store {
124 + };
125 +
126 + static void push_to_pool(struct work_struct *work);
127 +-static __u32 input_pool_data[INPUT_POOL_WORDS];
128 +-static __u32 blocking_pool_data[OUTPUT_POOL_WORDS];
129 +-static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS];
130 ++static __u32 input_pool_data[INPUT_POOL_WORDS] __latent_entropy;
131 ++static __u32 blocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy;
132 ++static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy;
133 +
134 + static struct entropy_store input_pool = {
135 + .poolinfo = &poolinfo_table[0],
136 @@ -524,8 +535,8 @@ static void _mix_pool_bytes(struct entropy_store *r, const void *in,
137 input_rotate = (input_rotate + (i ? 7 : 14)) & 31;
138 }
139 @@ -47785,10 +47797,10 @@ index 84419af..268ede8 100644
140 &dev_attr_energy_uj.attr;
141 }
142 diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
143 -index d85f313..ae857d0 100644
144 +index 0186c1b..6491409 100644
145 --- a/drivers/regulator/core.c
146 +++ b/drivers/regulator/core.c
147 -@@ -3362,7 +3362,7 @@ regulator_register(const struct regulator_desc *regulator_desc,
148 +@@ -3369,7 +3369,7 @@ regulator_register(const struct regulator_desc *regulator_desc,
149 {
150 const struct regulation_constraints *constraints = NULL;
151 const struct regulator_init_data *init_data;
152 @@ -47797,7 +47809,7 @@ index d85f313..ae857d0 100644
153 struct regulator_dev *rdev;
154 struct device *dev;
155 int ret, i;
156 -@@ -3432,7 +3432,7 @@ regulator_register(const struct regulator_desc *regulator_desc,
157 +@@ -3439,7 +3439,7 @@ regulator_register(const struct regulator_desc *regulator_desc,
158 rdev->dev.of_node = config->of_node;
159 rdev->dev.parent = dev;
160 dev_set_name(&rdev->dev, "regulator.%d",
161 @@ -55371,7 +55383,7 @@ index ca0ba15..0fa3257 100644
162 fd_offset + ex.a_text);
163 if (error != N_DATADDR(ex)) {
164 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
165 -index 571a423..dbb9c6c 100644
166 +index 571a423..eed5754 100644
167 --- a/fs/binfmt_elf.c
168 +++ b/fs/binfmt_elf.c
169 @@ -34,6 +34,7 @@
170 @@ -55382,6 +55394,15 @@ index 571a423..dbb9c6c 100644
171 #include <asm/uaccess.h>
172 #include <asm/param.h>
173 #include <asm/page.h>
174 +@@ -48,7 +49,7 @@
175 + static int load_elf_binary(struct linux_binprm *bprm);
176 + static int load_elf_library(struct file *);
177 + static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
178 +- int, int, unsigned long);
179 ++ int, int, unsigned long) __intentional_overflow(-1);
180 +
181 + /*
182 + * If we don't support core dumping, then supply a NULL so we
183 @@ -60,6 +61,14 @@ static int elf_core_dump(struct coredump_params *cprm);
184 #define elf_core_dump NULL
185 #endif
186 @@ -56528,10 +56549,10 @@ index d71a11d..384e2c4 100644
187 wake_up(&root->fs_info->transaction_wait);
188 wake_up(&root->fs_info->transaction_blocked_wait);
189 diff --git a/fs/buffer.c b/fs/buffer.c
190 -index 6024877..7bd000a 100644
191 +index aeeea65..7651d590 100644
192 --- a/fs/buffer.c
193 +++ b/fs/buffer.c
194 -@@ -3426,7 +3426,7 @@ void __init buffer_init(void)
195 +@@ -3428,7 +3428,7 @@ void __init buffer_init(void)
196 bh_cachep = kmem_cache_create("buffer_head",
197 sizeof(struct buffer_head), 0,
198 (SLAB_RECLAIM_ACCOUNT|SLAB_PANIC|
199 @@ -82340,7 +82361,7 @@ index 7ceed99..d3ffaa2 100644
200 static inline int rate_supported(struct ieee80211_sta *sta,
201 enum ieee80211_band band,
202 diff --git a/include/net/neighbour.h b/include/net/neighbour.h
203 -index 536501a..74ad02bc 100644
204 +index 536501a..47b7982 100644
205 --- a/include/net/neighbour.h
206 +++ b/include/net/neighbour.h
207 @@ -123,7 +123,7 @@ struct neigh_ops {
208 @@ -82352,7 +82373,15 @@ index 536501a..74ad02bc 100644
209
210 struct pneigh_entry {
211 struct pneigh_entry *next;
212 -@@ -178,7 +178,7 @@ struct neigh_table {
213 +@@ -163,7 +163,6 @@ struct neigh_table {
214 + void (*proxy_redo)(struct sk_buff *skb);
215 + char *id;
216 + struct neigh_parms parms;
217 +- /* HACK. gc_* should follow parms without a gap! */
218 + int gc_interval;
219 + int gc_thresh1;
220 + int gc_thresh2;
221 +@@ -178,7 +177,7 @@ struct neigh_table {
222 struct neigh_statistics __percpu *stats;
223 struct neigh_hash_table __rcu *nht;
224 struct pneigh_entry **phash_buckets;
225 @@ -89993,10 +90022,10 @@ index db25707..8b16430 100644
226 This option lets you use the FireWire bus for remote debugging
227 with help of the firewire-ohci driver. It enables unfiltered
228 diff --git a/lib/Makefile b/lib/Makefile
229 -index a459c31..3320e82 100644
230 +index 04944e9..f43eabe 100644
231 --- a/lib/Makefile
232 +++ b/lib/Makefile
233 -@@ -49,7 +49,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o
234 +@@ -50,7 +50,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o
235 obj-$(CONFIG_BTREE) += btree.o
236 obj-$(CONFIG_ASSOCIATIVE_ARRAY) += assoc_array.o
237 obj-$(CONFIG_DEBUG_PREEMPT) += smp_processor_id.o
238 @@ -93711,7 +93740,7 @@ index fec093a..8162f74 100644
239 struct mm_struct *mm;
240
241 diff --git a/mm/page-writeback.c b/mm/page-writeback.c
242 -index 2d30e2c..8b3d14c 100644
243 +index 7106cb1..0805f48 100644
244 --- a/mm/page-writeback.c
245 +++ b/mm/page-writeback.c
246 @@ -685,7 +685,7 @@ static inline long long pos_ratio_polynom(unsigned long setpoint,
247 @@ -95099,7 +95128,7 @@ index 84b26aa..ce39899 100644
248 }
249
250 diff --git a/mm/swapfile.c b/mm/swapfile.c
251 -index 612a7c9..66b0f5a 100644
252 +index 461fce2..363ae44 100644
253 --- a/mm/swapfile.c
254 +++ b/mm/swapfile.c
255 @@ -66,7 +66,7 @@ static DEFINE_MUTEX(swapon_mutex);
256 @@ -95111,16 +95140,16 @@ index 612a7c9..66b0f5a 100644
257
258 static inline unsigned char swap_count(unsigned char ent)
259 {
260 -@@ -1949,7 +1949,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
261 - }
262 - filp_close(swap_file, NULL);
263 +@@ -1958,7 +1958,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
264 + spin_unlock(&swap_lock);
265 +
266 err = 0;
267 - atomic_inc(&proc_poll_event);
268 + atomic_inc_unchecked(&proc_poll_event);
269 wake_up_interruptible(&proc_poll_wait);
270
271 out_dput:
272 -@@ -1966,8 +1966,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait)
273 +@@ -1975,8 +1975,8 @@ static unsigned swaps_poll(struct file *file, poll_table *wait)
274
275 poll_wait(file, &proc_poll_wait, wait);
276
277 @@ -95131,7 +95160,7 @@ index 612a7c9..66b0f5a 100644
278 return POLLIN | POLLRDNORM | POLLERR | POLLPRI;
279 }
280
281 -@@ -2065,7 +2065,7 @@ static int swaps_open(struct inode *inode, struct file *file)
282 +@@ -2074,7 +2074,7 @@ static int swaps_open(struct inode *inode, struct file *file)
283 return ret;
284
285 seq = file->private_data;
286 @@ -95140,7 +95169,7 @@ index 612a7c9..66b0f5a 100644
287 return 0;
288 }
289
290 -@@ -2524,7 +2524,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
291 +@@ -2533,7 +2533,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
292 (frontswap_map) ? "FS" : "");
293
294 mutex_unlock(&swapon_mutex);
295 @@ -96429,7 +96458,7 @@ index b618694..192bbba 100644
296
297 m->msg_iov = iov;
298 diff --git a/net/core/neighbour.c b/net/core/neighbour.c
299 -index 932c6d7..7c7aa10 100644
300 +index 932c6d7..71fd94a 100644
301 --- a/net/core/neighbour.c
302 +++ b/net/core/neighbour.c
303 @@ -2775,7 +2775,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write,
304 @@ -96441,6 +96470,23 @@ index 932c6d7..7c7aa10 100644
305
306 tmp.extra1 = &zero;
307 tmp.extra2 = &unres_qlen_max;
308 +@@ -2983,11 +2983,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
309 + memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
310 + sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
311 + } else {
312 ++ struct neigh_table *ntable = container_of(p, struct neigh_table, parms);
313 + dev_name_source = "default";
314 +- t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = (int *)(p + 1);
315 +- t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = (int *)(p + 1) + 1;
316 +- t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = (int *)(p + 1) + 2;
317 +- t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = (int *)(p + 1) + 3;
318 ++ t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = &ntable->gc_interval;
319 ++ t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = &ntable->gc_thresh1;
320 ++ t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = &ntable->gc_thresh2;
321 ++ t->neigh_vars[NEIGH_VAR_GC_THRESH3].data = &ntable->gc_thresh3;
322 + }
323 +
324 +
325 diff --git a/net/core/net-procfs.c b/net/core/net-procfs.c
326 index 2bf8329..7960607 100644
327 --- a/net/core/net-procfs.c
328 @@ -103593,21 +103639,6 @@ index 48c3cc9..8022cf7 100644
329 rtnl_lock();
330 for_each_net(net)
331 rt_genid_bump_all(net);
332 -diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
333 -index d106733..539aadd 100644
334 ---- a/security/selinux/ss/services.c
335 -+++ b/security/selinux/ss/services.c
336 -@@ -1232,6 +1232,10 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
337 - struct context context;
338 - int rc = 0;
339 -
340 -+ /* An empty security context is never valid. */
341 -+ if (!scontext_len)
342 -+ return -EINVAL;
343 -+
344 - if (!ss_initialized) {
345 - int i;
346 -
347 diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
348 index b0be893..646bd94 100644
349 --- a/security/smack/smack_lsm.c
350 @@ -105362,10 +105393,10 @@ index 0000000..4f67ac1
351 +}
352 diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h
353 new file mode 100644
354 -index 0000000..312d3b6
355 +index 0000000..af12645
356 --- /dev/null
357 +++ b/tools/gcc/gcc-common.h
358 -@@ -0,0 +1,268 @@
359 +@@ -0,0 +1,274 @@
360 +#ifndef GCC_COMMON_H_INCLUDED
361 +#define GCC_COMMON_H_INCLUDED
362 +
363 @@ -105603,8 +105634,14 @@ index 0000000..312d3b6
364 +#endif
365 +
366 +#if BUILDING_GCC_VERSION <= 4008
367 -+#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN)
368 -+#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN)
369 ++#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN)
370 ++#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN)
371 ++#define basic_block_info_for_fn(FN) ((FN)->cfg->x_basic_block_info)
372 ++#define n_basic_blocks_for_fn(FN) ((FN)->cfg->x_n_basic_blocks)
373 ++#define n_edges_for_fn(FN) ((FN)->cfg->x_n_edges)
374 ++#define last_basic_block_for_fn(FN) ((FN)->cfg->x_last_basic_block)
375 ++#define label_to_block_map_for_fn(FN) ((FN)->cfg->x_label_to_block_map)
376 ++#define profile_status_for_fn(FN) ((FN)->cfg->x_profile_status)
377 +
378 +static inline const char *get_tree_code_name(enum tree_code code)
379 +{
380 @@ -106463,10 +106500,10 @@ index 0000000..dd73713
381 +}
382 diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c
383 new file mode 100644
384 -index 0000000..515d689
385 +index 0000000..7e39d81
386 --- /dev/null
387 +++ b/tools/gcc/latent_entropy_plugin.c
388 -@@ -0,0 +1,337 @@
389 +@@ -0,0 +1,403 @@
390 +/*
391 + * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu>
392 + * Licensed under the GPL v2
393 @@ -106477,7 +106514,7 @@ index 0000000..515d689
394 + * any of the gcc libraries
395 + *
396 + * gcc plugin to help generate a little bit of entropy from program state,
397 -+ * used during boot in the kernel
398 ++ * used throughout the uptime of the kernel
399 + *
400 + * TODO:
401 + * - add ipa pass to identify not explicitly marked candidate functions
402 @@ -106495,19 +106532,30 @@ index 0000000..515d689
403 +static tree latent_entropy_decl;
404 +
405 +static struct plugin_info latent_entropy_plugin_info = {
406 -+ .version = "201402131900",
407 ++ .version = "201402210120",
408 + .help = NULL
409 +};
410 +
411 +static unsigned HOST_WIDE_INT seed;
412 +static unsigned HOST_WIDE_INT get_random_const(void)
413 +{
414 -+ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL);
415 -+ return seed;
416 ++ unsigned int i;
417 ++ unsigned HOST_WIDE_INT ret = 0;
418 ++
419 ++ for (i = 0; i < 8 * sizeof ret; i++) {
420 ++ ret = (ret << 1) | (seed & 1);
421 ++ seed >>= 1;
422 ++ if (ret & 1)
423 ++ seed ^= 0xD800000000000000ULL;
424 ++ }
425 ++
426 ++ return ret;
427 +}
428 +
429 +static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs)
430 +{
431 ++ tree type;
432 ++
433 + switch (TREE_CODE(*node)) {
434 + default:
435 + *no_add_attrs = true;
436 @@ -106520,7 +106568,65 @@ index 0000000..515d689
437 + error("variable %qD with %qE attribute must not be initialized", *node, name);
438 + break;
439 + }
440 -+ DECL_INITIAL(*node) = build_int_cstu(long_long_unsigned_type_node, get_random_const());
441 ++
442 ++ if (!TREE_STATIC(*node)) {
443 ++ *no_add_attrs = true;
444 ++ error("variable %qD with %qE attribute must not be local", *node, name);
445 ++ break;
446 ++ }
447 ++
448 ++ type = TREE_TYPE(*node);
449 ++ switch (TREE_CODE(type)) {
450 ++ default:
451 ++ *no_add_attrs = true;
452 ++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name);
453 ++ break;
454 ++
455 ++ case INTEGER_TYPE:
456 ++ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const());
457 ++ break;
458 ++
459 ++ case ARRAY_TYPE: {
460 ++ tree elt_type, array_size, elt_size;
461 ++ unsigned long long mask;
462 ++ unsigned int i, nelt;
463 ++#if BUILDING_GCC_VERSION <= 4007
464 ++ VEC(constructor_elt, gc) *vals;
465 ++#else
466 ++ vec<constructor_elt, va_gc> *vals;
467 ++#endif
468 ++
469 ++ elt_type = TREE_TYPE(type);
470 ++ elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type));
471 ++ array_size = TYPE_SIZE_UNIT(type);
472 ++
473 ++ if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) {
474 ++ *no_add_attrs = true;
475 ++ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name);
476 ++ break;
477 ++ }
478 ++
479 ++ nelt = TREE_INT_CST_LOW(array_size) / TREE_INT_CST_LOW(elt_size);
480 ++#if BUILDING_GCC_VERSION <= 4007
481 ++ vals = VEC_alloc(constructor_elt, gc, nelt);
482 ++#else
483 ++ vec_alloc(vals, nelt);
484 ++#endif
485 ++
486 ++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(elt_type)) - 1);
487 ++ mask = 2 * (mask - 1) + 1;
488 ++
489 ++ for (i = 0; i < nelt; i++)
490 ++ if (TYPE_UNSIGNED(elt_type))
491 ++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cstu(elt_type, mask & get_random_const()));
492 ++ else
493 ++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cst(elt_type, mask & get_random_const()));
494 ++
495 ++ DECL_INITIAL(*node) = build_constructor(type, vals);
496 ++//debug_tree(DECL_INITIAL(*node));
497 ++ break;
498 ++ }
499 ++ }
500 + break;
501 +
502 + case FUNCTION_DECL:
503 @@ -106550,10 +106656,7 @@ index 0000000..515d689
504 +
505 +static bool gate_latent_entropy(void)
506 +{
507 -+ tree latent_entropy_attr;
508 -+
509 -+ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl));
510 -+ return latent_entropy_attr != NULL_TREE;
511 ++ return lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)) != NULL_TREE;
512 +}
513 +
514 +static enum tree_code get_op(tree *rhs)
515 @@ -106806,10 +106909,10 @@ index 0000000..515d689
516 +}
517 diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c
518 new file mode 100644
519 -index 0000000..bc490ca
520 +index 0000000..8dafb22
521 --- /dev/null
522 +++ b/tools/gcc/randomize_layout_plugin.c
523 -@@ -0,0 +1,906 @@
524 +@@ -0,0 +1,910 @@
525 +/*
526 + * Copyright 2014 by Open Source Security, Inc., Brad Spengler <spender@××××××××××.net>
527 + * and PaX Team <pageexec@××××××××.hu>
528 @@ -106838,7 +106941,7 @@ index 0000000..bc490ca
529 +static int performance_mode;
530 +
531 +static struct plugin_info randomize_layout_plugin_info = {
532 -+ .version = "201402061950",
533 ++ .version = "201402201816",
534 + .help = "disable\t\t\tdo not activate plugin\n"
535 + "performance-mode\tenable cacheline-aware layout randomization\n"
536 +};
537 @@ -107375,6 +107478,10 @@ index 0000000..bc490ca
538 + continue;
539 + }
540 +
541 ++ /* pipacs' plugin creates franken-arrays that differ from those produced by
542 ++ normal code which all have valid 'field' trees. work around this */
543 ++ if (field == NULL_TREE)
544 ++ continue;
545 + field_type = TREE_TYPE(field);
546 + val_type = TREE_TYPE(val);
547 +
548 @@ -117484,10 +117591,10 @@ index 0000000..4aab36f
549 +}
550 diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
551 new file mode 100644
552 -index 0000000..e684c74
553 +index 0000000..5c0b937
554 --- /dev/null
555 +++ b/tools/gcc/stackleak_plugin.c
556 -@@ -0,0 +1,373 @@
557 +@@ -0,0 +1,374 @@
558 +/*
559 + * Copyright 2011-2014 by the PaX Team <pageexec@××××××××.hu>
560 + * Licensed under the GPL v2
561 @@ -117641,7 +117748,8 @@ index 0000000..e684c74
562 + body = XEXP(body, 0);
563 + if (GET_CODE(body) != SYMBOL_REF)
564 + continue;
565 -+ if (strcmp(XSTR(body, 0), track_function))
566 ++// if (strcmp(XSTR(body, 0), track_function))
567 ++ if (SYMBOL_REF_DECL(body) != track_function_decl)
568 + continue;
569 +// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size);
570 + // 2. delete call
571 @@ -117714,7 +117822,7 @@ index 0000000..e684c74
572 + .properties_provided = 0,
573 + .properties_destroyed = 0,
574 + .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts,
575 -+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa
576 ++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa | TODO_rebuild_cgraph_edges
577 +#if BUILDING_GCC_VERSION < 4009
578 + }
579 +#endif
580
581 diff --git a/3.2.55/0000_README b/3.2.55/0000_README
582 index 943c944..f58c905 100644
583 --- a/3.2.55/0000_README
584 +++ b/3.2.55/0000_README
585 @@ -138,7 +138,7 @@ Patch: 1054_linux-3.2.55.patch
586 From: http://www.kernel.org
587 Desc: Linux 3.2.55
588
589 -Patch: 4420_grsecurity-3.0-3.2.55-201402192249.patch
590 +Patch: 4420_grsecurity-3.0-3.2.55-201402221305.patch
591 From: http://www.grsecurity.net
592 Desc: hardened-sources base patch from upstream grsecurity
593
594
595 diff --git a/3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch b/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch
596 similarity index 99%
597 rename from 3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch
598 rename to 3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch
599 index 598b438..8c95615 100644
600 --- a/3.2.55/4420_grsecurity-3.0-3.2.55-201402192249.patch
601 +++ b/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch
602 @@ -34290,7 +34290,7 @@ index da3cfee..a5a6606 100644
603
604 *ppos = i;
605 diff --git a/drivers/char/random.c b/drivers/char/random.c
606 -index c244f0e..2080073 100644
607 +index c244f0e..05e9c5e 100644
608 --- a/drivers/char/random.c
609 +++ b/drivers/char/random.c
610 @@ -255,10 +255,8 @@
611 @@ -34557,7 +34557,7 @@ index c244f0e..2080073 100644
612 /**********************************************************************
613 *
614 * OS independent entropy store. Here are the functions which handle
615 -@@ -421,22 +425,26 @@ module_param(debug, bool, 0644);
616 +@@ -421,31 +425,35 @@ module_param(debug, bool, 0644);
617 struct entropy_store;
618 struct entropy_store {
619 /* read-only data: */
620 @@ -34584,11 +34584,15 @@ index c244f0e..2080073 100644
621 __u8 last_data[EXTRACT_SIZE];
622 };
623
624 +-static __u32 input_pool_data[INPUT_POOL_WORDS];
625 +-static __u32 blocking_pool_data[OUTPUT_POOL_WORDS];
626 +-static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS];
627 +static void push_to_pool(struct work_struct *work);
628 - static __u32 input_pool_data[INPUT_POOL_WORDS];
629 - static __u32 blocking_pool_data[OUTPUT_POOL_WORDS];
630 - static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS];
631 -@@ -445,7 +453,7 @@ static struct entropy_store input_pool = {
632 ++static __u32 input_pool_data[INPUT_POOL_WORDS] __latent_entropy;
633 ++static __u32 blocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy;
634 ++static __u32 nonblocking_pool_data[OUTPUT_POOL_WORDS] __latent_entropy;
635 +
636 + static struct entropy_store input_pool = {
637 .poolinfo = &poolinfo_table[0],
638 .name = "input",
639 .limit = 1,
640 @@ -52713,7 +52717,7 @@ index a6395bd..f1e376a 100644
641 (unsigned long) create_aout_tables((char __user *) bprm->p, bprm);
642 #ifdef __alpha__
643 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
644 -index 8dd615c..52ad259 100644
645 +index 8dd615c..3ecdf113 100644
646 --- a/fs/binfmt_elf.c
647 +++ b/fs/binfmt_elf.c
648 @@ -32,6 +32,7 @@
649 @@ -52724,6 +52728,15 @@ index 8dd615c..52ad259 100644
650 #include <asm/uaccess.h>
651 #include <asm/param.h>
652 #include <asm/page.h>
653 +@@ -39,7 +40,7 @@
654 + static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs);
655 + static int load_elf_library(struct file *);
656 + static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
657 +- int, int, unsigned long);
658 ++ int, int, unsigned long) __intentional_overflow(-1);
659 +
660 + /*
661 + * If we don't support core dumping, then supply a NULL so we
662 @@ -51,6 +52,14 @@ static int elf_core_dump(struct coredump_params *cprm);
663 #define elf_core_dump NULL
664 #endif
665 @@ -74957,11 +74970,18 @@ index d42bd48..554dcd5 100644
666 /*
667 * epoll (fs/eventpoll.c) compat bits follow ...
668 diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h
669 -index 643d6c4..289dbb3 100644
670 +index 643d6c4..3c5171b 100644
671 --- a/include/linux/compiler-gcc4.h
672 +++ b/include/linux/compiler-gcc4.h
673 -@@ -46,6 +46,26 @@
674 - #endif
675 +@@ -39,13 +39,29 @@
676 + *
677 + * (asm goto is automatically volatile - the naming reflects this.)
678 + */
679 +-#if GCC_VERSION <= 40801
680 + # define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0)
681 +-#else
682 +-# define asm_volatile_goto(x...) do { asm goto(x); } while (0)
683 +-#endif
684
685 #if __GNUC_MINOR__ >= 5
686 +
687 @@ -74987,7 +75007,7 @@ index 643d6c4..289dbb3 100644
688 /*
689 * Mark a position in code as unreachable. This can be used to
690 * suppress control flow warnings after asm blocks that transfer
691 -@@ -61,6 +81,11 @@
692 +@@ -61,6 +77,11 @@
693 #define __noclone __attribute__((__noclone__))
694
695 #endif
696 @@ -81223,7 +81243,7 @@ index 1a6201a..66d9531 100644
697 static inline int rate_supported(struct ieee80211_sta *sta,
698 enum ieee80211_band band,
699 diff --git a/include/net/neighbour.h b/include/net/neighbour.h
700 -index 2720884..bbc0141 100644
701 +index 2720884..0dc13cd 100644
702 --- a/include/net/neighbour.h
703 +++ b/include/net/neighbour.h
704 @@ -122,7 +122,7 @@ struct neigh_ops {
705 @@ -81235,7 +81255,15 @@ index 2720884..bbc0141 100644
706
707 struct pneigh_entry {
708 struct pneigh_entry *next;
709 -@@ -176,7 +176,7 @@ struct neigh_table {
710 +@@ -160,7 +160,6 @@ struct neigh_table {
711 + void (*proxy_redo)(struct sk_buff *skb);
712 + char *id;
713 + struct neigh_parms parms;
714 +- /* HACK. gc_* should follow parms without a gap! */
715 + int gc_interval;
716 + int gc_thresh1;
717 + int gc_thresh2;
718 +@@ -176,7 +175,7 @@ struct neigh_table {
719 struct neigh_statistics __percpu *stats;
720 struct neigh_hash_table __rcu *nht;
721 struct pneigh_entry **phash_buckets;
722 @@ -97243,6 +97271,27 @@ index 139ef93..7afaa2f 100644
723 return -EFAULT;
724
725 m->msg_iov = iov;
726 +diff --git a/net/core/neighbour.c b/net/core/neighbour.c
727 +index 0ea3fd3..d87fef1 100644
728 +--- a/net/core/neighbour.c
729 ++++ b/net/core/neighbour.c
730 +@@ -2803,11 +2803,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
731 + /* Terminate the table early */
732 + memset(&t->neigh_vars[14], 0, sizeof(t->neigh_vars[14]));
733 + } else {
734 ++ struct neigh_table *ntable = container_of(p, struct neigh_table, parms);
735 + dev_name_source = neigh_path[NEIGH_CTL_PATH_DEV].procname;
736 +- t->neigh_vars[14].data = (int *)(p + 1);
737 +- t->neigh_vars[15].data = (int *)(p + 1) + 1;
738 +- t->neigh_vars[16].data = (int *)(p + 1) + 2;
739 +- t->neigh_vars[17].data = (int *)(p + 1) + 3;
740 ++ t->neigh_vars[14].data = &ntable->gc_interval;
741 ++ t->neigh_vars[15].data = &ntable->gc_thresh1;
742 ++ t->neigh_vars[16].data = &ntable->gc_thresh2;
743 ++ t->neigh_vars[17].data = &ntable->gc_thresh3;
744 + }
745 +
746 +
747 diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c
748 index 0329404..ab4e13a 100644
749 --- a/net/core/net-sysfs.c
750 @@ -107829,10 +107878,10 @@ index 0000000..4f67ac1
751 +}
752 diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h
753 new file mode 100644
754 -index 0000000..312d3b6
755 +index 0000000..af12645
756 --- /dev/null
757 +++ b/tools/gcc/gcc-common.h
758 -@@ -0,0 +1,268 @@
759 +@@ -0,0 +1,274 @@
760 +#ifndef GCC_COMMON_H_INCLUDED
761 +#define GCC_COMMON_H_INCLUDED
762 +
763 @@ -108070,8 +108119,14 @@ index 0000000..312d3b6
764 +#endif
765 +
766 +#if BUILDING_GCC_VERSION <= 4008
767 -+#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN)
768 -+#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN)
769 ++#define ENTRY_BLOCK_PTR_FOR_FN(FN) ENTRY_BLOCK_PTR_FOR_FUNCTION(FN)
770 ++#define EXIT_BLOCK_PTR_FOR_FN(FN) EXIT_BLOCK_PTR_FOR_FUNCTION(FN)
771 ++#define basic_block_info_for_fn(FN) ((FN)->cfg->x_basic_block_info)
772 ++#define n_basic_blocks_for_fn(FN) ((FN)->cfg->x_n_basic_blocks)
773 ++#define n_edges_for_fn(FN) ((FN)->cfg->x_n_edges)
774 ++#define last_basic_block_for_fn(FN) ((FN)->cfg->x_last_basic_block)
775 ++#define label_to_block_map_for_fn(FN) ((FN)->cfg->x_label_to_block_map)
776 ++#define profile_status_for_fn(FN) ((FN)->cfg->x_profile_status)
777 +
778 +static inline const char *get_tree_code_name(enum tree_code code)
779 +{
780 @@ -108930,10 +108985,10 @@ index 0000000..dd73713
781 +}
782 diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c
783 new file mode 100644
784 -index 0000000..515d689
785 +index 0000000..7e39d81
786 --- /dev/null
787 +++ b/tools/gcc/latent_entropy_plugin.c
788 -@@ -0,0 +1,337 @@
789 +@@ -0,0 +1,403 @@
790 +/*
791 + * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu>
792 + * Licensed under the GPL v2
793 @@ -108944,7 +108999,7 @@ index 0000000..515d689
794 + * any of the gcc libraries
795 + *
796 + * gcc plugin to help generate a little bit of entropy from program state,
797 -+ * used during boot in the kernel
798 ++ * used throughout the uptime of the kernel
799 + *
800 + * TODO:
801 + * - add ipa pass to identify not explicitly marked candidate functions
802 @@ -108962,19 +109017,30 @@ index 0000000..515d689
803 +static tree latent_entropy_decl;
804 +
805 +static struct plugin_info latent_entropy_plugin_info = {
806 -+ .version = "201402131900",
807 ++ .version = "201402210120",
808 + .help = NULL
809 +};
810 +
811 +static unsigned HOST_WIDE_INT seed;
812 +static unsigned HOST_WIDE_INT get_random_const(void)
813 +{
814 -+ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL);
815 -+ return seed;
816 ++ unsigned int i;
817 ++ unsigned HOST_WIDE_INT ret = 0;
818 ++
819 ++ for (i = 0; i < 8 * sizeof ret; i++) {
820 ++ ret = (ret << 1) | (seed & 1);
821 ++ seed >>= 1;
822 ++ if (ret & 1)
823 ++ seed ^= 0xD800000000000000ULL;
824 ++ }
825 ++
826 ++ return ret;
827 +}
828 +
829 +static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs)
830 +{
831 ++ tree type;
832 ++
833 + switch (TREE_CODE(*node)) {
834 + default:
835 + *no_add_attrs = true;
836 @@ -108987,7 +109053,65 @@ index 0000000..515d689
837 + error("variable %qD with %qE attribute must not be initialized", *node, name);
838 + break;
839 + }
840 -+ DECL_INITIAL(*node) = build_int_cstu(long_long_unsigned_type_node, get_random_const());
841 ++
842 ++ if (!TREE_STATIC(*node)) {
843 ++ *no_add_attrs = true;
844 ++ error("variable %qD with %qE attribute must not be local", *node, name);
845 ++ break;
846 ++ }
847 ++
848 ++ type = TREE_TYPE(*node);
849 ++ switch (TREE_CODE(type)) {
850 ++ default:
851 ++ *no_add_attrs = true;
852 ++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name);
853 ++ break;
854 ++
855 ++ case INTEGER_TYPE:
856 ++ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const());
857 ++ break;
858 ++
859 ++ case ARRAY_TYPE: {
860 ++ tree elt_type, array_size, elt_size;
861 ++ unsigned long long mask;
862 ++ unsigned int i, nelt;
863 ++#if BUILDING_GCC_VERSION <= 4007
864 ++ VEC(constructor_elt, gc) *vals;
865 ++#else
866 ++ vec<constructor_elt, va_gc> *vals;
867 ++#endif
868 ++
869 ++ elt_type = TREE_TYPE(type);
870 ++ elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type));
871 ++ array_size = TYPE_SIZE_UNIT(type);
872 ++
873 ++ if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) {
874 ++ *no_add_attrs = true;
875 ++ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name);
876 ++ break;
877 ++ }
878 ++
879 ++ nelt = TREE_INT_CST_LOW(array_size) / TREE_INT_CST_LOW(elt_size);
880 ++#if BUILDING_GCC_VERSION <= 4007
881 ++ vals = VEC_alloc(constructor_elt, gc, nelt);
882 ++#else
883 ++ vec_alloc(vals, nelt);
884 ++#endif
885 ++
886 ++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(elt_type)) - 1);
887 ++ mask = 2 * (mask - 1) + 1;
888 ++
889 ++ for (i = 0; i < nelt; i++)
890 ++ if (TYPE_UNSIGNED(elt_type))
891 ++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cstu(elt_type, mask & get_random_const()));
892 ++ else
893 ++ CONSTRUCTOR_APPEND_ELT(vals, size_int(i), build_int_cst(elt_type, mask & get_random_const()));
894 ++
895 ++ DECL_INITIAL(*node) = build_constructor(type, vals);
896 ++//debug_tree(DECL_INITIAL(*node));
897 ++ break;
898 ++ }
899 ++ }
900 + break;
901 +
902 + case FUNCTION_DECL:
903 @@ -109017,10 +109141,7 @@ index 0000000..515d689
904 +
905 +static bool gate_latent_entropy(void)
906 +{
907 -+ tree latent_entropy_attr;
908 -+
909 -+ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl));
910 -+ return latent_entropy_attr != NULL_TREE;
911 ++ return lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)) != NULL_TREE;
912 +}
913 +
914 +static enum tree_code get_op(tree *rhs)
915 @@ -109273,10 +109394,10 @@ index 0000000..515d689
916 +}
917 diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c
918 new file mode 100644
919 -index 0000000..bc490ca
920 +index 0000000..8dafb22
921 --- /dev/null
922 +++ b/tools/gcc/randomize_layout_plugin.c
923 -@@ -0,0 +1,906 @@
924 +@@ -0,0 +1,910 @@
925 +/*
926 + * Copyright 2014 by Open Source Security, Inc., Brad Spengler <spender@××××××××××.net>
927 + * and PaX Team <pageexec@××××××××.hu>
928 @@ -109305,7 +109426,7 @@ index 0000000..bc490ca
929 +static int performance_mode;
930 +
931 +static struct plugin_info randomize_layout_plugin_info = {
932 -+ .version = "201402061950",
933 ++ .version = "201402201816",
934 + .help = "disable\t\t\tdo not activate plugin\n"
935 + "performance-mode\tenable cacheline-aware layout randomization\n"
936 +};
937 @@ -109842,6 +109963,10 @@ index 0000000..bc490ca
938 + continue;
939 + }
940 +
941 ++ /* pipacs' plugin creates franken-arrays that differ from those produced by
942 ++ normal code which all have valid 'field' trees. work around this */
943 ++ if (field == NULL_TREE)
944 ++ continue;
945 + field_type = TREE_TYPE(field);
946 + val_type = TREE_TYPE(val);
947 +
948 @@ -120249,10 +120374,10 @@ index 0000000..4aab36f
949 +}
950 diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
951 new file mode 100644
952 -index 0000000..e684c74
953 +index 0000000..5c0b937
954 --- /dev/null
955 +++ b/tools/gcc/stackleak_plugin.c
956 -@@ -0,0 +1,373 @@
957 +@@ -0,0 +1,374 @@
958 +/*
959 + * Copyright 2011-2014 by the PaX Team <pageexec@××××××××.hu>
960 + * Licensed under the GPL v2
961 @@ -120406,7 +120531,8 @@ index 0000000..e684c74
962 + body = XEXP(body, 0);
963 + if (GET_CODE(body) != SYMBOL_REF)
964 + continue;
965 -+ if (strcmp(XSTR(body, 0), track_function))
966 ++// if (strcmp(XSTR(body, 0), track_function))
967 ++ if (SYMBOL_REF_DECL(body) != track_function_decl)
968 + continue;
969 +// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size);
970 + // 2. delete call
971 @@ -120479,7 +120605,7 @@ index 0000000..e684c74
972 + .properties_provided = 0,
973 + .properties_destroyed = 0,
974 + .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts,
975 -+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa
976 ++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa | TODO_rebuild_cgraph_edges
977 +#if BUILDING_GCC_VERSION < 4009
978 + }
979 +#endif
Report Message
Find on MARC Find on Google Groups