Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 4.0.6/, 3.2.69/, 3.14.45/
Date: Sat, 27 Jun 2015 20:57:47
Message-Id: 1435438742.64f3a8be94f41fda576330ff3523e035c3c0ebbd.blueness@gentoo
1 commit: 64f3a8be94f41fda576330ff3523e035c3c0ebbd
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Sat Jun 27 20:59:02 2015 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Sat Jun 27 20:59:02 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=64f3a8be
7
8 Grsec/PaX: 3.1-{3.2.69,3.14.45,4.0.6}-201506262047
9
10 3.14.45/0000_README | 2 +-
11 ...4420_grsecurity-3.1-3.14.45-201506262046.patch} | 222 +++++++++++++++------
12 3.14.45/4435_grsec-mute-warnings.patch | 9 +-
13 3.2.69/0000_README | 2 +-
14 ... 4420_grsecurity-3.1-3.2.69-201506262041.patch} | 138 +++++++++++--
15 4.0.6/0000_README | 2 +-
16 ...> 4420_grsecurity-3.1-4.0.6-201506262047.patch} | 85 +++++++-
17 7 files changed, 366 insertions(+), 94 deletions(-)
18
19 diff --git a/3.14.45/0000_README b/3.14.45/0000_README
20 index 53a1411..b4be2cb 100644
21 --- a/3.14.45/0000_README
22 +++ b/3.14.45/0000_README
23 @@ -2,7 +2,7 @@ README
24 -----------------------------------------------------------------------------
25 Individual Patch Descriptions:
26 -----------------------------------------------------------------------------
27 -Patch: 4420_grsecurity-3.1-3.14.45-201506232103.patch
28 +Patch: 4420_grsecurity-3.1-3.14.45-201506262046.patch
29 From: http://www.grsecurity.net
30 Desc: hardened-sources base patch from upstream grsecurity
31
32
33 diff --git a/3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch b/3.14.45/4420_grsecurity-3.1-3.14.45-201506262046.patch
34 similarity index 99%
35 rename from 3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch
36 rename to 3.14.45/4420_grsecurity-3.1-3.14.45-201506262046.patch
37 index fe15fa1..47c91dd 100644
38 --- a/3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch
39 +++ b/3.14.45/4420_grsecurity-3.1-3.14.45-201506262046.patch
40 @@ -295,7 +295,7 @@ index 5d91ba1..ef1d374 100644
41
42 pcd. [PARIDE]
43 diff --git a/Makefile b/Makefile
44 -index c92186c..a387fb0 100644
45 +index c92186c..34822ca 100644
46 --- a/Makefile
47 +++ b/Makefile
48 @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
49 @@ -304,7 +304,7 @@ index c92186c..a387fb0 100644
50 HOSTCXX = g++
51 -HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89
52 -HOSTCXXFLAGS = -O2
53 -+HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks -std=gnu89
54 ++HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -std=gnu89 -fno-delete-null-pointer-checks
55 +HOSTCFLAGS += $(call cc-option, -Wno-empty-body)
56 +HOSTCXXFLAGS = -O2 -Wall -W -Wno-array-bounds
57
58 @@ -3947,7 +3947,7 @@ index 4370933..e77848e 100644
59 atomic64_set(&mm->context.id, asid);
60 }
61 diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
62 -index eb8830a..e8ff52e 100644
63 +index eb8830a..e39c4bd 100644
64 --- a/arch/arm/mm/fault.c
65 +++ b/arch/arm/mm/fault.c
66 @@ -25,6 +25,7 @@
67 @@ -3965,10 +3965,10 @@ index eb8830a..e8ff52e 100644
68 +#ifdef CONFIG_PAX_MEMORY_UDEREF
69 + if (addr < TASK_SIZE) {
70 + if (current->signal->curr_ip)
71 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
72 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
73 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()), addr);
74 + else
75 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", current->comm, task_pid_nr(current),
76 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", current->comm, task_pid_nr(current),
77 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()), addr);
78 + }
79 +#endif
80 @@ -3979,10 +3979,10 @@ index eb8830a..e8ff52e 100644
81 + (MODULES_VADDR <= addr && addr < MODULES_END)))
82 + {
83 + if (current->signal->curr_ip)
84 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
85 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
86 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
87 + else
88 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", current->comm, task_pid_nr(current),
89 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", current->comm, task_pid_nr(current),
90 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
91 + }
92 +#endif
93 @@ -4045,10 +4045,10 @@ index eb8830a..e8ff52e 100644
94 +#ifdef CONFIG_PAX_MEMORY_UDEREF
95 + if (addr < TASK_SIZE && is_domain_fault(fsr)) {
96 + if (current->signal->curr_ip)
97 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
98 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
99 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()), addr);
100 + else
101 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", current->comm, task_pid_nr(current),
102 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to access userland memory at %08lx\n", current->comm, task_pid_nr(current),
103 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()), addr);
104 + goto die;
105 + }
106 @@ -4128,11 +4128,11 @@ index eb8830a..e8ff52e 100644
107 +#if defined(CONFIG_PAX_KERNEXEC) || defined(CONFIG_PAX_MEMORY_UDEREF)
108 + else if (is_domain_fault(ifsr) || is_xn_fault(ifsr)) {
109 + if (current->signal->curr_ip)
110 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
111 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n", &current->signal->curr_ip, current->comm, task_pid_nr(current),
112 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()),
113 + pc >= TASK_SIZE ? "non-executable kernel" : "userland", pc);
114 + else
115 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n", current->comm, task_pid_nr(current),
116 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n", current->comm, task_pid_nr(current),
117 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()),
118 + pc >= TASK_SIZE ? "non-executable kernel" : "userland", pc);
119 + goto die;
120 @@ -9450,10 +9450,23 @@ index dd14532..1dfc145 100644
121 - return (ret > base) ? ret : base;
122 -}
123 diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c
124 -index 9b436c2..54fbf0a 100644
125 +index 9b436c2..5c64ae8 100644
126 --- a/arch/s390/mm/mmap.c
127 +++ b/arch/s390/mm/mmap.c
128 -@@ -95,9 +95,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
129 +@@ -58,6 +58,12 @@ static inline int mmap_is_legacy(void)
130 +
131 + static unsigned long mmap_rnd(void)
132 + {
133 ++
134 ++#ifdef CONFIG_PAX_RANDMMAP
135 ++ if (current->mm->pax_flags & MF_PAX_RANDMMAP)
136 ++ return 0;
137 ++#endif
138 ++
139 + if (!(current->flags & PF_RANDOMIZE))
140 + return 0;
141 + /* 8MB randomization for mmap_base */
142 +@@ -95,9 +101,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
143 */
144 if (mmap_is_legacy()) {
145 mm->mmap_base = mmap_base_legacy();
146 @@ -9475,7 +9488,7 @@ index 9b436c2..54fbf0a 100644
147 mm->get_unmapped_area = arch_get_unmapped_area_topdown;
148 }
149 }
150 -@@ -170,9 +182,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
151 +@@ -170,9 +188,21 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
152 */
153 if (mmap_is_legacy()) {
154 mm->mmap_base = mmap_base_legacy();
155 @@ -31970,7 +31983,7 @@ index 903ec1e..c4166b2 100644
156 }
157
158 diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
159 -index ebc551c..b8ee77e 100644
160 +index ebc551c..40d1269 100644
161 --- a/arch/x86/mm/fault.c
162 +++ b/arch/x86/mm/fault.c
163 @@ -14,11 +14,18 @@
164 @@ -32180,11 +32193,11 @@ index ebc551c..b8ee77e 100644
165 +#ifdef CONFIG_PAX_KERNEXEC
166 + if (init_mm.start_code <= address && address < init_mm.end_code) {
167 + if (current->signal->curr_ip)
168 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
169 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
170 + &current->signal->curr_ip, current->comm, task_pid_nr(current),
171 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
172 + else
173 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", current->comm, task_pid_nr(current),
174 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n", current->comm, task_pid_nr(current),
175 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
176 + }
177 +#endif
178 @@ -32350,13 +32363,13 @@ index ebc551c..b8ee77e 100644
179 +#if defined(CONFIG_X86_64) && defined(CONFIG_PAX_MEMORY_UDEREF)
180 + if (!user_mode(regs) && address < 2 * pax_user_shadow_base) {
181 + if (!search_exception_tables(regs->ip)) {
182 -+ printk(KERN_ERR "PAX: please report this to pageexec@××××××××.hu\n");
183 ++ printk(KERN_EMERG "PAX: please report this to pageexec@××××××××.hu\n");
184 + bad_area_nosemaphore(regs, error_code, address);
185 + return;
186 + }
187 + if (address < pax_user_shadow_base) {
188 -+ printk(KERN_ERR "PAX: please report this to pageexec@××××××××.hu\n");
189 -+ printk(KERN_ERR "PAX: faulting IP: %pS\n", (void *)regs->ip);
190 ++ printk(KERN_EMERG "PAX: please report this to pageexec@××××××××.hu\n");
191 ++ printk(KERN_EMERG "PAX: faulting IP: %pS\n", (void *)regs->ip);
192 + show_trace_log_lvl(NULL, NULL, (void *)regs->sp, regs->bp, KERN_ERR);
193 + } else
194 + address -= pax_user_shadow_base;
195 @@ -52343,7 +52356,7 @@ index c21adc3..1b4155f 100644
196 ddb_entry->default_relogin_timeout =
197 (def_timeout > LOGIN_TOV) && (def_timeout < LOGIN_TOV * 10) ?
198 diff --git a/drivers/scsi/scsi.c b/drivers/scsi/scsi.c
199 -index d8afec8..3ec7152 100644
200 +index d8afec8..fffafb8 100644
201 --- a/drivers/scsi/scsi.c
202 +++ b/drivers/scsi/scsi.c
203 @@ -658,7 +658,7 @@ int scsi_dispatch_cmd(struct scsi_cmnd *cmd)
204 @@ -52355,6 +52368,15 @@ index d8afec8..3ec7152 100644
205
206 /* check if the device is still usable */
207 if (unlikely(cmd->device->sdev_state == SDEV_DEL)) {
208 +@@ -804,7 +804,7 @@ void scsi_finish_command(struct scsi_cmnd *cmd)
209 +
210 + good_bytes = scsi_bufflen(cmd);
211 + if (cmd->request->cmd_type != REQ_TYPE_BLOCK_PC) {
212 +- int old_good_bytes = good_bytes;
213 ++ unsigned int old_good_bytes = good_bytes;
214 + drv = scsi_cmd_to_driver(cmd);
215 + if (drv->done)
216 + good_bytes = drv->done(cmd);
217 diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c
218 index 719bd82..c996ebc 100644
219 --- a/drivers/scsi/scsi_lib.c
220 @@ -52509,9 +52531,27 @@ index e3e794e..f72f20c 100644
221
222 transport_setup_device(&rport->dev);
223 diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
224 -index a107064..a14c333 100644
225 +index a107064..30775cf 100644
226 --- a/drivers/scsi/sd.c
227 +++ b/drivers/scsi/sd.c
228 +@@ -109,7 +109,7 @@ static int sd_suspend_system(struct device *);
229 + static int sd_suspend_runtime(struct device *);
230 + static int sd_resume(struct device *);
231 + static void sd_rescan(struct device *);
232 +-static int sd_done(struct scsi_cmnd *);
233 ++static unsigned int sd_done(struct scsi_cmnd *);
234 + static int sd_eh_action(struct scsi_cmnd *, int);
235 + static void sd_read_capacity(struct scsi_disk *sdkp, unsigned char *buffer);
236 + static void scsi_disk_release(struct device *cdev);
237 +@@ -1645,7 +1645,7 @@ static unsigned int sd_completed_bytes(struct scsi_cmnd *scmd)
238 + *
239 + * Note: potentially run from within an ISR. Must not block.
240 + **/
241 +-static int sd_done(struct scsi_cmnd *SCpnt)
242 ++static unsigned int sd_done(struct scsi_cmnd *SCpnt)
243 + {
244 + int result = SCpnt->result;
245 + unsigned int good_bytes = result ? 0 : scsi_bufflen(SCpnt);
246 @@ -2958,7 +2958,7 @@ static int sd_probe(struct device *dev)
247 sdkp->disk = gd;
248 sdkp->index = index;
249 @@ -52534,6 +52574,34 @@ index eb81c98..e6716ae 100644
250 case BLKTRACESTART:
251 return blk_trace_startstop(sdp->device->request_queue, 1);
252 case BLKTRACESTOP:
253 +diff --git a/drivers/scsi/sr.c b/drivers/scsi/sr.c
254 +index 40d8592..8e89146 100644
255 +--- a/drivers/scsi/sr.c
256 ++++ b/drivers/scsi/sr.c
257 +@@ -79,7 +79,7 @@ MODULE_ALIAS_SCSI_DEVICE(TYPE_WORM);
258 + static DEFINE_MUTEX(sr_mutex);
259 + static int sr_probe(struct device *);
260 + static int sr_remove(struct device *);
261 +-static int sr_done(struct scsi_cmnd *);
262 ++static unsigned int sr_done(struct scsi_cmnd *);
263 + static int sr_runtime_suspend(struct device *dev);
264 +
265 + static struct dev_pm_ops sr_pm_ops = {
266 +@@ -310,11 +310,11 @@ do_tur:
267 + * It will be notified on the end of a SCSI read / write, and will take one
268 + * of several actions based on success or failure.
269 + */
270 +-static int sr_done(struct scsi_cmnd *SCpnt)
271 ++static unsigned int sr_done(struct scsi_cmnd *SCpnt)
272 + {
273 + int result = SCpnt->result;
274 +- int this_count = scsi_bufflen(SCpnt);
275 +- int good_bytes = (result == 0 ? this_count : 0);
276 ++ unsigned int this_count = scsi_bufflen(SCpnt);
277 ++ unsigned int good_bytes = (result == 0 ? this_count : 0);
278 + int block_sectors = 0;
279 + long error_sector;
280 + struct scsi_cd *cd = scsi_cd(SCpnt->request->rq_disk);
281 diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c
282 index d6563ec..a1c5da2 100644
283 --- a/drivers/spi/spi.c
284 @@ -65832,7 +65900,7 @@ index ca0ba15..0fa3257 100644
285 fd_offset + ex.a_text);
286 if (error != N_DATADDR(ex)) {
287 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
288 -index 35240a7..96dd7cf 100644
289 +index 35240a7..a5edf69 100644
290 --- a/fs/binfmt_elf.c
291 +++ b/fs/binfmt_elf.c
292 @@ -34,6 +34,7 @@
293 @@ -66466,10 +66534,12 @@ index 35240a7..96dd7cf 100644
294 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
295 current->personality |= READ_IMPLIES_EXEC;
296
297 -@@ -816,6 +1253,20 @@ static int load_elf_binary(struct linux_binprm *bprm)
298 +@@ -816,8 +1253,21 @@ static int load_elf_binary(struct linux_binprm *bprm)
299 #else
300 load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
301 #endif
302 +- total_size = total_mapping_size(elf_phdata,
303 +- loc->elf_ex.e_phnum);
304 +
305 +#ifdef CONFIG_PAX_RANDMMAP
306 + /* PaX: randomize base address at the default exe base if requested */
307 @@ -66484,10 +66554,11 @@ index 35240a7..96dd7cf 100644
308 + }
309 +#endif
310 +
311 - total_size = total_mapping_size(elf_phdata,
312 - loc->elf_ex.e_phnum);
313 ++ total_size = total_mapping_size(elf_phdata, loc->elf_ex.e_phnum);
314 if (!total_size) {
315 -@@ -854,9 +1305,9 @@ static int load_elf_binary(struct linux_binprm *bprm)
316 + retval = -EINVAL;
317 + goto out_free_dentry;
318 +@@ -854,9 +1304,9 @@ static int load_elf_binary(struct linux_binprm *bprm)
319 * allowed task size. Note that p_filesz must always be
320 * <= p_memsz so it is only necessary to check p_memsz.
321 */
322 @@ -66500,7 +66571,7 @@ index 35240a7..96dd7cf 100644
323 /* set_brk can never work. Avoid overflows. */
324 send_sig(SIGKILL, current, 0);
325 retval = -EINVAL;
326 -@@ -895,17 +1346,45 @@ static int load_elf_binary(struct linux_binprm *bprm)
327 +@@ -895,17 +1345,45 @@ static int load_elf_binary(struct linux_binprm *bprm)
328 goto out_free_dentry;
329 }
330 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
331 @@ -66552,7 +66623,7 @@ index 35240a7..96dd7cf 100644
332 load_bias);
333 if (!IS_ERR((void *)elf_entry)) {
334 /*
335 -@@ -1127,7 +1606,7 @@ static bool always_dump_vma(struct vm_area_struct *vma)
336 +@@ -1127,7 +1605,7 @@ static bool always_dump_vma(struct vm_area_struct *vma)
337 * Decide what to dump of a segment, part, all or none.
338 */
339 static unsigned long vma_dump_size(struct vm_area_struct *vma,
340 @@ -66561,7 +66632,7 @@ index 35240a7..96dd7cf 100644
341 {
342 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
343
344 -@@ -1165,7 +1644,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
345 +@@ -1165,7 +1643,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
346 if (vma->vm_file == NULL)
347 return 0;
348
349 @@ -66570,7 +66641,7 @@ index 35240a7..96dd7cf 100644
350 goto whole;
351
352 /*
353 -@@ -1372,9 +1851,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
354 +@@ -1372,9 +1850,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
355 {
356 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
357 int i = 0;
358 @@ -66582,7 +66653,7 @@ index 35240a7..96dd7cf 100644
359 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
360 }
361
362 -@@ -1383,7 +1862,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
363 +@@ -1383,7 +1861,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
364 {
365 mm_segment_t old_fs = get_fs();
366 set_fs(KERNEL_DS);
367 @@ -66591,7 +66662,7 @@ index 35240a7..96dd7cf 100644
368 set_fs(old_fs);
369 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
370 }
371 -@@ -2007,14 +2486,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
372 +@@ -2007,14 +2485,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
373 }
374
375 static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
376 @@ -66608,7 +66679,7 @@ index 35240a7..96dd7cf 100644
377 return size;
378 }
379
380 -@@ -2105,7 +2584,7 @@ static int elf_core_dump(struct coredump_params *cprm)
381 +@@ -2105,7 +2583,7 @@ static int elf_core_dump(struct coredump_params *cprm)
382
383 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
384
385 @@ -66617,7 +66688,7 @@ index 35240a7..96dd7cf 100644
386 offset += elf_core_extra_data_size();
387 e_shoff = offset;
388
389 -@@ -2133,7 +2612,7 @@ static int elf_core_dump(struct coredump_params *cprm)
390 +@@ -2133,7 +2611,7 @@ static int elf_core_dump(struct coredump_params *cprm)
391 phdr.p_offset = offset;
392 phdr.p_vaddr = vma->vm_start;
393 phdr.p_paddr = 0;
394 @@ -66626,7 +66697,7 @@ index 35240a7..96dd7cf 100644
395 phdr.p_memsz = vma->vm_end - vma->vm_start;
396 offset += phdr.p_filesz;
397 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
398 -@@ -2166,7 +2645,7 @@ static int elf_core_dump(struct coredump_params *cprm)
399 +@@ -2166,7 +2644,7 @@ static int elf_core_dump(struct coredump_params *cprm)
400 unsigned long addr;
401 unsigned long end;
402
403 @@ -66635,7 +66706,7 @@ index 35240a7..96dd7cf 100644
404
405 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
406 struct page *page;
407 -@@ -2207,6 +2686,167 @@ out:
408 +@@ -2207,6 +2685,167 @@ out:
409
410 #endif /* CONFIG_ELF_CORE */
411
412 @@ -68245,7 +68316,7 @@ index e4141f2..d8263e8 100644
413 i += packet_length_size;
414 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
415 diff --git a/fs/exec.c b/fs/exec.c
416 -index 05f1942..747fc21 100644
417 +index 05f1942..5ea95e4 100644
418 --- a/fs/exec.c
419 +++ b/fs/exec.c
420 @@ -56,8 +56,20 @@
421 @@ -68892,13 +68963,13 @@ index 05f1942..747fc21 100644
422 +void pax_report_refcount_overflow(struct pt_regs *regs)
423 +{
424 + if (current->signal->curr_ip)
425 -+ printk(KERN_ERR "PAX: From %pI4: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
426 ++ printk(KERN_EMERG "PAX: From %pI4: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
427 + &current->signal->curr_ip, current->comm, task_pid_nr(current),
428 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
429 + else
430 -+ printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", current->comm, task_pid_nr(current),
431 ++ printk(KERN_EMERG "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", current->comm, task_pid_nr(current),
432 + from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid()));
433 -+ print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
434 ++ print_symbol(KERN_EMERG "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
435 + preempt_disable();
436 + show_regs(regs);
437 + preempt_enable();
438 @@ -68957,10 +69028,10 @@ index 05f1942..747fc21 100644
439 +static __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to_user, const char *type)
440 +{
441 + if (current->signal->curr_ip)
442 -+ printk(KERN_ERR "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
443 ++ printk(KERN_EMERG "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
444 + &current->signal->curr_ip, to_user ? "leak" : "overwrite", to_user ? "from" : "to", ptr, type ? : "unknown", len);
445 + else
446 -+ printk(KERN_ERR "PAX: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
447 ++ printk(KERN_EMERG "PAX: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
448 + to_user ? "leak" : "overwrite", to_user ? "from" : "to", ptr, type ? : "unknown", len);
449 + dump_stack();
450 + gr_handle_kernel_exploit();
451 @@ -69059,7 +69130,7 @@ index 05f1942..747fc21 100644
452 +#ifdef CONFIG_PAX_SIZE_OVERFLOW
453 +void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name)
454 +{
455 -+ printk(KERN_ERR "PAX: size overflow detected in function %s %s:%u %s", func, file, line, ssa_name);
456 ++ printk(KERN_EMERG "PAX: size overflow detected in function %s %s:%u %s", func, file, line, ssa_name);
457 + dump_stack();
458 + do_group_exit(SIGKILL);
459 +}
460 @@ -93527,7 +93598,7 @@ index b66c211..13d2915 100644
461 static inline void anon_vma_merge(struct vm_area_struct *vma,
462 struct vm_area_struct *next)
463 diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
464 -index a964f72..b475afb 100644
465 +index a964f72..a6d40b4 100644
466 --- a/include/linux/scatterlist.h
467 +++ b/include/linux/scatterlist.h
468 @@ -1,6 +1,7 @@
469 @@ -93538,19 +93609,26 @@ index a964f72..b475afb 100644
470 #include <linux/string.h>
471 #include <linux/bug.h>
472 #include <linux/mm.h>
473 -@@ -114,6 +115,12 @@ static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
474 - #ifdef CONFIG_DEBUG_SG
475 - BUG_ON(!virt_addr_valid(buf));
476 - #endif
477 +@@ -111,10 +112,17 @@ static inline struct page *sg_page(struct scatterlist *sg)
478 + static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
479 + unsigned int buflen)
480 + {
481 ++ const void *realbuf = buf;
482 ++
483 +#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW
484 -+ if (object_starts_on_stack(buf)) {
485 -+ void *adjbuf = buf - current->stack + current->lowmem_stack;
486 -+ sg_set_page(sg, virt_to_page(adjbuf), buflen, offset_in_page(adjbuf));
487 -+ } else
488 ++ if (object_starts_on_stack(buf))
489 ++ realbuf = buf - current->stack + current->lowmem_stack;
490 +#endif
491 - sg_set_page(sg, virt_to_page(buf), buflen, offset_in_page(buf));
492 ++
493 + #ifdef CONFIG_DEBUG_SG
494 +- BUG_ON(!virt_addr_valid(buf));
495 ++ BUG_ON(!virt_addr_valid(realbuf));
496 + #endif
497 +- sg_set_page(sg, virt_to_page(buf), buflen, offset_in_page(buf));
498 ++ sg_set_page(sg, virt_to_page(realbuf), buflen, offset_in_page(realbuf));
499 }
500
501 + /*
502 diff --git a/include/linux/sched.h b/include/linux/sched.h
503 index 91fe6a3..30088db 100644
504 --- a/include/linux/sched.h
505 @@ -95849,6 +95927,19 @@ index 409fafb..efc53b0 100644
506
507 struct device sdev_gendev,
508 sdev_dev;
509 +diff --git a/include/scsi/scsi_driver.h b/include/scsi/scsi_driver.h
510 +index 20fdfc2..5745712 100644
511 +--- a/include/scsi/scsi_driver.h
512 ++++ b/include/scsi/scsi_driver.h
513 +@@ -15,7 +15,7 @@ struct scsi_driver {
514 + struct device_driver gendrv;
515 +
516 + void (*rescan)(struct device *);
517 +- int (*done)(struct scsi_cmnd *);
518 ++ unsigned int (*done)(struct scsi_cmnd *);
519 + int (*eh_action)(struct scsi_cmnd *, int);
520 + };
521 + #define to_scsi_driver(drv) \
522 diff --git a/include/scsi/scsi_transport_fc.h b/include/scsi/scsi_transport_fc.h
523 index b797e8f..8e2c3aa 100644
524 --- a/include/scsi/scsi_transport_fc.h
525 @@ -103667,6 +103758,23 @@ index f504027..97a15c0 100644
526
527 bd->dbuf = large_malloc(bd->dbufSize * sizeof(int));
528 if (!bd->dbuf)
529 +diff --git a/lib/decompress_unlzma.c b/lib/decompress_unlzma.c
530 +index 32adb73..ccbd787 100644
531 +--- a/lib/decompress_unlzma.c
532 ++++ b/lib/decompress_unlzma.c
533 +@@ -39,10 +39,10 @@
534 +
535 + #define MIN(a, b) (((a) < (b)) ? (a) : (b))
536 +
537 +-static long long INIT read_int(unsigned char *ptr, int size)
538 ++static unsigned long long INIT read_int(unsigned char *ptr, int size)
539 + {
540 + int i;
541 +- long long ret = 0;
542 ++ unsigned long long ret = 0;
543 +
544 + for (i = 0; i < size; i++)
545 + ret = (ret << 8) | ptr[size-i-1];
546 diff --git a/lib/devres.c b/lib/devres.c
547 index 8235331..5881053 100644
548 --- a/lib/devres.c
549 @@ -121055,7 +121163,7 @@ index 0000000..da184c5
550 +}
551 diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h
552 new file mode 100644
553 -index 0000000..77f8462
554 +index 0000000..1d20e32
555 --- /dev/null
556 +++ b/tools/gcc/gcc-common.h
557 @@ -0,0 +1,689 @@
558 @@ -121219,7 +121327,7 @@ index 0000000..77f8462
559 +#define C_TYPE_FIELDS_READONLY(TYPE) TREE_LANG_FLAG_1(TYPE)
560 +
561 +#if BUILDING_GCC_VERSION == 4005
562 -+#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I)
563 ++#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls, (I) = 0; vars && ((D) = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), (I)++)
564 +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE)))
565 +#define FOR_EACH_VEC_ELT(T, V, I, P) for (I = 0; VEC_iterate(T, (V), (I), (P)); ++(I))
566 +#define TODO_rebuild_cgraph_edges 0
567 @@ -121459,6 +121567,7 @@ index 0000000..77f8462
568 +}
569 +
570 +#define ipa_remove_stmt_references(cnode, stmt)
571 ++
572 +typedef union gimple_statement_d gasm;
573 +typedef union gimple_statement_d gassign;
574 +typedef union gimple_statement_d gcall;
575 @@ -121480,7 +121589,6 @@ index 0000000..77f8462
576 +#define create_var_ann(var)
577 +#define TODO_dump_func 0
578 +#define TODO_dump_cgraph 0
579 -+
580 +#endif
581 +
582 +#if BUILDING_GCC_VERSION <= 4009
583
584 diff --git a/3.14.45/4435_grsec-mute-warnings.patch b/3.14.45/4435_grsec-mute-warnings.patch
585 index 558c435..2c2d463 100644
586 --- a/3.14.45/4435_grsec-mute-warnings.patch
587 +++ b/3.14.45/4435_grsec-mute-warnings.patch
588 @@ -29,14 +29,15 @@ warning flags of vanilla kernel versions.
589 Acked-by: Christian Heim <phreak@g.o>
590 ---
591
592 ---- a/Makefile 2011-11-18 17:50:11.000000000 -0500
593 -+++ b/Makefile 2011-11-18 17:50:48.000000000 -0500
594 +diff -Naur a/Makefile b/Makefile
595 +--- a/Makefile 2015-06-27 15:35:56.363504156 -0400
596 ++++ b/Makefile 2015-06-27 16:41:08.552598625 -0400
597 @@ -244,7 +244,7 @@
598
599 HOSTCC = gcc
600 HOSTCXX = g++
601 --HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks -std=gnu89
602 -+HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -fno-delete-null-pointer-checks -std=gnu89
603 +-HOSTCFLAGS = -Wall -W -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -std=gnu89 -fno-delete-null-pointer-checks
604 ++HOSTCFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -Wno-unused-parameter -Wno-missing-field-initializers -O2 -fomit-frame-pointer -std=gnu89 -fno-delete-null-pointer-checks
605 HOSTCFLAGS += $(call cc-option, -Wno-empty-body)
606 HOSTCXXFLAGS = -O2 -Wall -W -Wno-array-bounds
607
608
609 diff --git a/3.2.69/0000_README b/3.2.69/0000_README
610 index 1521b73..05b7791 100644
611 --- a/3.2.69/0000_README
612 +++ b/3.2.69/0000_README
613 @@ -194,7 +194,7 @@ Patch: 1068_linux-3.2.69.patch
614 From: http://www.kernel.org
615 Desc: Linux 3.2.69
616
617 -Patch: 4420_grsecurity-3.1-3.2.69-201506232100.patch
618 +Patch: 4420_grsecurity-3.1-3.2.69-201506262041.patch
619 From: http://www.grsecurity.net
620 Desc: hardened-sources base patch from upstream grsecurity
621
622
623 diff --git a/3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch b/3.2.69/4420_grsecurity-3.1-3.2.69-201506262041.patch
624 similarity index 99%
625 rename from 3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch
626 rename to 3.2.69/4420_grsecurity-3.1-3.2.69-201506262041.patch
627 index 873b401..ce279a5 100644
628 --- a/3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch
629 +++ b/3.2.69/4420_grsecurity-3.1-3.2.69-201506262041.patch
630 @@ -6836,10 +6836,23 @@ index 1df64a8..aea2a39 100644
631 };
632
633 diff --git a/arch/s390/mm/mmap.c b/arch/s390/mm/mmap.c
634 -index c70b3d8..d01c6b3 100644
635 +index c70b3d8..d7d5b01 100644
636 --- a/arch/s390/mm/mmap.c
637 +++ b/arch/s390/mm/mmap.c
638 -@@ -92,10 +92,22 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
639 +@@ -60,6 +60,12 @@ static inline int mmap_is_legacy(void)
640 +
641 + static unsigned long mmap_rnd(void)
642 + {
643 ++
644 ++#ifdef CONFIG_PAX_RANDMMAP
645 ++ if (current->mm->pax_flags & MF_PAX_RANDMMAP)
646 ++ return 0;
647 ++#endif
648 ++
649 + if (!(current->flags & PF_RANDOMIZE))
650 + return 0;
651 + /* 8MB randomization for mmap_base */
652 +@@ -92,10 +98,22 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
653 */
654 if (mmap_is_legacy()) {
655 mm->mmap_base = TASK_UNMAPPED_BASE;
656 @@ -6862,7 +6875,7 @@ index c70b3d8..d01c6b3 100644
657 mm->get_unmapped_area = arch_get_unmapped_area_topdown;
658 mm->unmap_area = arch_unmap_area_topdown;
659 }
660 -@@ -175,10 +187,22 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
661 +@@ -175,10 +193,22 @@ void arch_pick_mmap_layout(struct mm_struct *mm)
662 */
663 if (mmap_is_legacy()) {
664 mm->mmap_base = TASK_UNMAPPED_BASE;
665 @@ -28417,7 +28430,7 @@ index d0474ad..36e9257 100644
666 extern u32 pnp_bios_is_utter_crap;
667 pnp_bios_is_utter_crap = 1;
668 diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
669 -index 351590e..a1132fb 100644
670 +index 351590e..825bba9 100644
671 --- a/arch/x86/mm/fault.c
672 +++ b/arch/x86/mm/fault.c
673 @@ -13,11 +13,18 @@
674 @@ -28609,10 +28622,10 @@ index 351590e..a1132fb 100644
675 +#ifdef CONFIG_PAX_KERNEXEC
676 + if (init_mm.start_code <= address && address < init_mm.end_code) {
677 + if (current->signal->curr_ip)
678 -+ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
679 ++ printk(KERN_EMERG "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
680 + &current->signal->curr_ip, current->comm, task_pid_nr(current), current_uid(), current_euid());
681 + else
682 -+ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
683 ++ printk(KERN_EMERG "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
684 + current->comm, task_pid_nr(current), current_uid(), current_euid());
685 + }
686 +#endif
687 @@ -28787,8 +28800,8 @@ index 351590e..a1132fb 100644
688 + return;
689 + }
690 + if (address < pax_user_shadow_base) {
691 -+ printk(KERN_ERR "PAX: please report this to pageexec@××××××××.hu\n");
692 -+ printk(KERN_ERR "PAX: faulting IP: %pS\n", (void *)regs->ip);
693 ++ printk(KERN_EMERG "PAX: please report this to pageexec@××××××××.hu\n");
694 ++ printk(KERN_EMERG "PAX: faulting IP: %pS\n", (void *)regs->ip);
695 + show_trace_log_lvl(NULL, NULL, (void *)regs->sp, regs->bp, KERN_ERR);
696 + } else
697 + address -= pax_user_shadow_base;
698 @@ -49651,7 +49664,7 @@ index 4169c8b..a8b896b 100644
699 ddb_entry->default_relogin_timeout =
700 le16_to_cpu(ddb_entry->fw_ddb_entry.def_timeout);
701 diff --git a/drivers/scsi/scsi.c b/drivers/scsi/scsi.c
702 -index 831db24..aef1598 100644
703 +index 831db24..1b88f70 100644
704 --- a/drivers/scsi/scsi.c
705 +++ b/drivers/scsi/scsi.c
706 @@ -655,7 +655,7 @@ int scsi_dispatch_cmd(struct scsi_cmnd *cmd)
707 @@ -49663,6 +49676,15 @@ index 831db24..aef1598 100644
708
709 /* check if the device is still usable */
710 if (unlikely(cmd->device->sdev_state == SDEV_DEL)) {
711 +@@ -837,7 +837,7 @@ void scsi_finish_command(struct scsi_cmnd *cmd)
712 +
713 + good_bytes = scsi_bufflen(cmd);
714 + if (cmd->request->cmd_type != REQ_TYPE_BLOCK_PC) {
715 +- int old_good_bytes = good_bytes;
716 ++ unsigned int old_good_bytes = good_bytes;
717 + drv = scsi_cmd_to_driver(cmd);
718 + if (drv->done)
719 + good_bytes = drv->done(cmd);
720 diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c
721 index f6a464a..797b84d 100644
722 --- a/drivers/scsi/scsi_lib.c
723 @@ -49817,9 +49839,27 @@ index 21a045e..ec89e03 100644
724
725 transport_setup_device(&rport->dev);
726 diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
727 -index 5c6b5f5..475317d 100644
728 +index 5c6b5f5..015ec9d 100644
729 --- a/drivers/scsi/sd.c
730 +++ b/drivers/scsi/sd.c
731 +@@ -105,7 +105,7 @@ static void sd_shutdown(struct device *);
732 + static int sd_suspend(struct device *, pm_message_t state);
733 + static int sd_resume(struct device *);
734 + static void sd_rescan(struct device *);
735 +-static int sd_done(struct scsi_cmnd *);
736 ++static unsigned int sd_done(struct scsi_cmnd *);
737 + static void sd_read_capacity(struct scsi_disk *sdkp, unsigned char *buffer);
738 + static void scsi_disk_release(struct device *cdev);
739 + static void sd_print_sense_hdr(struct scsi_disk *, struct scsi_sense_hdr *);
740 +@@ -1390,7 +1390,7 @@ static unsigned int sd_completed_bytes(struct scsi_cmnd *scmd)
741 + *
742 + * Note: potentially run from within an ISR. Must not block.
743 + **/
744 +-static int sd_done(struct scsi_cmnd *SCpnt)
745 ++static unsigned int sd_done(struct scsi_cmnd *SCpnt)
746 + {
747 + int result = SCpnt->result;
748 + unsigned int good_bytes = result ? 0 : scsi_bufflen(SCpnt);
749 @@ -2635,7 +2635,7 @@ static int sd_probe(struct device *dev)
750 device_initialize(&sdkp->dev);
751 sdkp->dev.parent = dev;
752 @@ -49860,6 +49900,34 @@ index 2d25616..7502cde 100644
753
754 sg_proc_sgp = proc_mkdir(sg_proc_sg_dirname, NULL);
755 if (!sg_proc_sgp)
756 +diff --git a/drivers/scsi/sr.c b/drivers/scsi/sr.c
757 +index 5fc97d2..5f26ccd 100644
758 +--- a/drivers/scsi/sr.c
759 ++++ b/drivers/scsi/sr.c
760 +@@ -78,7 +78,7 @@ MODULE_ALIAS_SCSI_DEVICE(TYPE_WORM);
761 + static DEFINE_MUTEX(sr_mutex);
762 + static int sr_probe(struct device *);
763 + static int sr_remove(struct device *);
764 +-static int sr_done(struct scsi_cmnd *);
765 ++static unsigned int sr_done(struct scsi_cmnd *);
766 +
767 + static struct scsi_driver sr_template = {
768 + .owner = THIS_MODULE,
769 +@@ -296,11 +296,11 @@ do_tur:
770 + * It will be notified on the end of a SCSI read / write, and will take one
771 + * of several actions based on success or failure.
772 + */
773 +-static int sr_done(struct scsi_cmnd *SCpnt)
774 ++static unsigned int sr_done(struct scsi_cmnd *SCpnt)
775 + {
776 + int result = SCpnt->result;
777 +- int this_count = scsi_bufflen(SCpnt);
778 +- int good_bytes = (result == 0 ? this_count : 0);
779 ++ unsigned int this_count = scsi_bufflen(SCpnt);
780 ++ unsigned int good_bytes = (result == 0 ? this_count : 0);
781 + int block_sectors = 0;
782 + long error_sector;
783 + struct scsi_cd *cd = scsi_cd(SCpnt->request->rq_disk);
784 diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c
785 new file mode 100644
786 index 0000000..06c9d30
787 @@ -59288,7 +59356,7 @@ index 451b9b8..12e5a03 100644
788
789 out_free_fd:
790 diff --git a/fs/exec.c b/fs/exec.c
791 -index 7adb43f..9b2005c 100644
792 +index 7adb43f..be703f8 100644
793 --- a/fs/exec.c
794 +++ b/fs/exec.c
795 @@ -55,12 +55,35 @@
796 @@ -60069,12 +60137,12 @@ index 7adb43f..9b2005c 100644
797 +void pax_report_refcount_overflow(struct pt_regs *regs)
798 +{
799 + if (current->signal->curr_ip)
800 -+ printk(KERN_ERR "PAX: From %pI4: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
801 ++ printk(KERN_EMERG "PAX: From %pI4: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
802 + &current->signal->curr_ip, current->comm, task_pid_nr(current), current_uid(), current_euid());
803 + else
804 -+ printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
805 ++ printk(KERN_EMERG "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
806 + current->comm, task_pid_nr(current), current_uid(), current_euid());
807 -+ print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
808 ++ print_symbol(KERN_EMERG "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
809 + preempt_disable();
810 + show_regs(regs);
811 + preempt_enable();
812 @@ -60133,10 +60201,10 @@ index 7adb43f..9b2005c 100644
813 +static __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type)
814 +{
815 + if (current->signal->curr_ip)
816 -+ printk(KERN_ERR "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
817 ++ printk(KERN_EMERG "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
818 + &current->signal->curr_ip, to ? "leak" : "overwrite", to ? "from" : "to", ptr, type ? : "unknown", len);
819 + else
820 -+ printk(KERN_ERR "PAX: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
821 ++ printk(KERN_EMERG "PAX: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n",
822 + to ? "leak" : "overwrite", to ? "from" : "to", ptr, type ? : "unknown", len);
823 + dump_stack();
824 + gr_handle_kernel_exploit();
825 @@ -60235,7 +60303,7 @@ index 7adb43f..9b2005c 100644
826 +#ifdef CONFIG_PAX_SIZE_OVERFLOW
827 +void report_size_overflow(const char *file, unsigned int line, const char *func, const char *ssa_name)
828 +{
829 -+ printk(KERN_ERR "PAX: size overflow detected in function %s %s:%u %s", func, file, line, ssa_name);
830 ++ printk(KERN_EMERG "PAX: size overflow detected in function %s %s:%u %s", func, file, line, ssa_name);
831 + dump_stack();
832 + do_group_exit(SIGKILL);
833 +}
834 @@ -87940,6 +88008,19 @@ index 377ba61..1b6890c 100644
835
836 struct device sdev_gendev,
837 sdev_dev;
838 +diff --git a/include/scsi/scsi_driver.h b/include/scsi/scsi_driver.h
839 +index 9fd6702..52e04b7 100644
840 +--- a/include/scsi/scsi_driver.h
841 ++++ b/include/scsi/scsi_driver.h
842 +@@ -15,7 +15,7 @@ struct scsi_driver {
843 + struct device_driver gendrv;
844 +
845 + void (*rescan)(struct device *);
846 +- int (*done)(struct scsi_cmnd *);
847 ++ unsigned int (*done)(struct scsi_cmnd *);
848 + };
849 + #define to_scsi_driver(drv) \
850 + container_of((drv), struct scsi_driver, gendrv)
851 diff --git a/include/scsi/scsi_transport_fc.h b/include/scsi/scsi_transport_fc.h
852 index 2a65167..91e01f8 100644
853 --- a/include/scsi/scsi_transport_fc.h
854 @@ -96477,6 +96558,23 @@ index 6a110e2..799667a 100644
855
856 bd->dbuf = large_malloc(bd->dbufSize * sizeof(int));
857 if (!bd->dbuf)
858 +diff --git a/lib/decompress_unlzma.c b/lib/decompress_unlzma.c
859 +index 476c65a..b4c50e8 100644
860 +--- a/lib/decompress_unlzma.c
861 ++++ b/lib/decompress_unlzma.c
862 +@@ -39,10 +39,10 @@
863 +
864 + #define MIN(a, b) (((a) < (b)) ? (a) : (b))
865 +
866 +-static long long INIT read_int(unsigned char *ptr, int size)
867 ++static unsigned long long INIT read_int(unsigned char *ptr, int size)
868 + {
869 + int i;
870 +- long long ret = 0;
871 ++ unsigned long long ret = 0;
872 +
873 + for (i = 0; i < size; i++)
874 + ret = (ret << 8) | ptr[size-i-1];
875 diff --git a/lib/devres.c b/lib/devres.c
876 index 7c0e953..f642b5c 100644
877 --- a/lib/devres.c
878 @@ -116469,7 +116567,7 @@ index 0000000..da184c5
879 +}
880 diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h
881 new file mode 100644
882 -index 0000000..77f8462
883 +index 0000000..1d20e32
884 --- /dev/null
885 +++ b/tools/gcc/gcc-common.h
886 @@ -0,0 +1,689 @@
887 @@ -116633,7 +116731,7 @@ index 0000000..77f8462
888 +#define C_TYPE_FIELDS_READONLY(TYPE) TREE_LANG_FLAG_1(TYPE)
889 +
890 +#if BUILDING_GCC_VERSION == 4005
891 -+#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I)
892 ++#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls, (I) = 0; vars && ((D) = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), (I)++)
893 +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE)))
894 +#define FOR_EACH_VEC_ELT(T, V, I, P) for (I = 0; VEC_iterate(T, (V), (I), (P)); ++(I))
895 +#define TODO_rebuild_cgraph_edges 0
896 @@ -116873,6 +116971,7 @@ index 0000000..77f8462
897 +}
898 +
899 +#define ipa_remove_stmt_references(cnode, stmt)
900 ++
901 +typedef union gimple_statement_d gasm;
902 +typedef union gimple_statement_d gassign;
903 +typedef union gimple_statement_d gcall;
904 @@ -116894,7 +116993,6 @@ index 0000000..77f8462
905 +#define create_var_ann(var)
906 +#define TODO_dump_func 0
907 +#define TODO_dump_cgraph 0
908 -+
909 +#endif
910 +
911 +#if BUILDING_GCC_VERSION <= 4009
912
913 diff --git a/4.0.6/0000_README b/4.0.6/0000_README
914 index 62fb720..00d5c29 100644
915 --- a/4.0.6/0000_README
916 +++ b/4.0.6/0000_README
917 @@ -2,7 +2,7 @@ README
918 -----------------------------------------------------------------------------
919 Individual Patch Descriptions:
920 -----------------------------------------------------------------------------
921 -Patch: 4420_grsecurity-3.1-4.0.6-201506232104.patch
922 +Patch: 4420_grsecurity-3.1-4.0.6-201506262047.patch
923 From: http://www.grsecurity.net
924 Desc: hardened-sources base patch from upstream grsecurity
925
926
927 diff --git a/4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch b/4.0.6/4420_grsecurity-3.1-4.0.6-201506262047.patch
928 similarity index 99%
929 rename from 4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch
930 rename to 4.0.6/4420_grsecurity-3.1-4.0.6-201506262047.patch
931 index 91512cb..797b7c1 100644
932 --- a/4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch
933 +++ b/4.0.6/4420_grsecurity-3.1-4.0.6-201506262047.patch
934 @@ -53187,6 +53187,34 @@ index 2270bd5..98408a5 100644
935 case BLKTRACESTART:
936 return blk_trace_startstop(sdp->device->request_queue, 1);
937 case BLKTRACESTOP:
938 +diff --git a/drivers/scsi/sr.c b/drivers/scsi/sr.c
939 +index 8bd54a6..dd037a5 100644
940 +--- a/drivers/scsi/sr.c
941 ++++ b/drivers/scsi/sr.c
942 +@@ -80,7 +80,7 @@ static DEFINE_MUTEX(sr_mutex);
943 + static int sr_probe(struct device *);
944 + static int sr_remove(struct device *);
945 + static int sr_init_command(struct scsi_cmnd *SCpnt);
946 +-static int sr_done(struct scsi_cmnd *);
947 ++static unsigned int sr_done(struct scsi_cmnd *);
948 + static int sr_runtime_suspend(struct device *dev);
949 +
950 + static struct dev_pm_ops sr_pm_ops = {
951 +@@ -312,11 +312,11 @@ do_tur:
952 + * It will be notified on the end of a SCSI read / write, and will take one
953 + * of several actions based on success or failure.
954 + */
955 +-static int sr_done(struct scsi_cmnd *SCpnt)
956 ++static unsigned int sr_done(struct scsi_cmnd *SCpnt)
957 + {
958 + int result = SCpnt->result;
959 +- int this_count = scsi_bufflen(SCpnt);
960 +- int good_bytes = (result == 0 ? this_count : 0);
961 ++ unsigned int this_count = scsi_bufflen(SCpnt);
962 ++ unsigned int good_bytes = (result == 0 ? this_count : 0);
963 + int block_sectors = 0;
964 + long error_sector;
965 + struct scsi_cd *cd = scsi_cd(SCpnt->request->rq_disk);
966 diff --git a/drivers/soc/tegra/fuse/fuse-tegra.c b/drivers/soc/tegra/fuse/fuse-tegra.c
967 index c0d660f..24a5854 100644
968 --- a/drivers/soc/tegra/fuse/fuse-tegra.c
969 @@ -93167,7 +93195,7 @@ index c4c559a..6ba9a26 100644
970 static inline void anon_vma_merge(struct vm_area_struct *vma,
971 struct vm_area_struct *next)
972 diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
973 -index ed8f9e70..999bc96 100644
974 +index ed8f9e70..2e627f2 100644
975 --- a/include/linux/scatterlist.h
976 +++ b/include/linux/scatterlist.h
977 @@ -1,6 +1,7 @@
978 @@ -93178,19 +93206,26 @@ index ed8f9e70..999bc96 100644
979 #include <linux/string.h>
980 #include <linux/bug.h>
981 #include <linux/mm.h>
982 -@@ -114,6 +115,12 @@ static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
983 - #ifdef CONFIG_DEBUG_SG
984 - BUG_ON(!virt_addr_valid(buf));
985 - #endif
986 +@@ -111,10 +112,17 @@ static inline struct page *sg_page(struct scatterlist *sg)
987 + static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
988 + unsigned int buflen)
989 + {
990 ++ const void *realbuf = buf;
991 ++
992 +#ifdef CONFIG_GRKERNSEC_KSTACKOVERFLOW
993 -+ if (object_starts_on_stack(buf)) {
994 -+ void *adjbuf = buf - current->stack + current->lowmem_stack;
995 -+ sg_set_page(sg, virt_to_page(adjbuf), buflen, offset_in_page(adjbuf));
996 -+ } else
997 ++ if (object_starts_on_stack(buf))
998 ++ realbuf = buf - current->stack + current->lowmem_stack;
999 +#endif
1000 - sg_set_page(sg, virt_to_page(buf), buflen, offset_in_page(buf));
1001 ++
1002 + #ifdef CONFIG_DEBUG_SG
1003 +- BUG_ON(!virt_addr_valid(buf));
1004 ++ BUG_ON(!virt_addr_valid(realbuf));
1005 + #endif
1006 +- sg_set_page(sg, virt_to_page(buf), buflen, offset_in_page(buf));
1007 ++ sg_set_page(sg, virt_to_page(realbuf), buflen, offset_in_page(realbuf));
1008 }
1009
1010 + /*
1011 diff --git a/include/linux/sched.h b/include/linux/sched.h
1012 index 51348f7..8c8b0ba 100644
1013 --- a/include/linux/sched.h
1014 @@ -95438,6 +95473,19 @@ index a4c9336..d6f8f34 100644
1015
1016 struct device sdev_gendev,
1017 sdev_dev;
1018 +diff --git a/include/scsi/scsi_driver.h b/include/scsi/scsi_driver.h
1019 +index 891a658..fcd68df 100644
1020 +--- a/include/scsi/scsi_driver.h
1021 ++++ b/include/scsi/scsi_driver.h
1022 +@@ -14,7 +14,7 @@ struct scsi_driver {
1023 + void (*rescan)(struct device *);
1024 + int (*init_command)(struct scsi_cmnd *);
1025 + void (*uninit_command)(struct scsi_cmnd *);
1026 +- int (*done)(struct scsi_cmnd *);
1027 ++ unsigned int (*done)(struct scsi_cmnd *);
1028 + int (*eh_action)(struct scsi_cmnd *, int);
1029 + };
1030 + #define to_scsi_driver(drv) \
1031 diff --git a/include/scsi/scsi_transport_fc.h b/include/scsi/scsi_transport_fc.h
1032 index 007a0bc..7188db8 100644
1033 --- a/include/scsi/scsi_transport_fc.h
1034 @@ -103458,6 +103506,23 @@ index 6dd0335..1e9c239 100644
1035
1036 bd->dbuf = large_malloc(bd->dbufSize * sizeof(int));
1037 if (!bd->dbuf)
1038 +diff --git a/lib/decompress_unlzma.c b/lib/decompress_unlzma.c
1039 +index 0be83af..4605e93 100644
1040 +--- a/lib/decompress_unlzma.c
1041 ++++ b/lib/decompress_unlzma.c
1042 +@@ -39,10 +39,10 @@
1043 +
1044 + #define MIN(a, b) (((a) < (b)) ? (a) : (b))
1045 +
1046 +-static long long INIT read_int(unsigned char *ptr, int size)
1047 ++static unsigned long long INIT read_int(unsigned char *ptr, int size)
1048 + {
1049 + int i;
1050 +- long long ret = 0;
1051 ++ unsigned long long ret = 0;
1052 +
1053 + for (i = 0; i < size; i++)
1054 + ret = (ret << 8) | ptr[size-i-1];
1055 diff --git a/lib/div64.c b/lib/div64.c
1056 index 4382ad7..08aa558 100644
1057 --- a/lib/div64.c
Report Message
Find on MARC Find on Google Groups