Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.7/, 2.6.32/, 3.2.9/
Date: Sun, 04 Mar 2012 14:50:26
Message-Id: 1330872586.ec8c51cd545a43fca3d89468b7c69872cac8f076.blueness@gentoo
1 commit: ec8c51cd545a43fca3d89468b7c69872cac8f076
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Sun Mar 4 14:49:46 2012 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Sun Mar 4 14:49:46 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=ec8c51cd
7
8 Grsec/PaX: 2.9-2.6.32.57-201203022148 + 2.9-3.2.9-201203022148
9
10 ---
11 2.6.32/0000_README | 2 +-
12 ...20_grsecurity-2.9-2.6.32.57-201203022148.patch} | 566 ++++++++++--
13 2.6.32/4440_grsec-remove-protected-paths.patch | 2 +-
14 2.6.32/4445_grsec-pax-without-grsec.patch | 6 +-
15 2.6.32/4450_grsec-kconfig-default-gids.patch | 14 +-
16 2.6.32/4460-grsec-kconfig-proc-user.patch | 4 +-
17 2.6.32/4465_selinux-avc_audit-log-curr_ip.patch | 2 +-
18 3.2.7/1006_linux-3.2.7.patch | 994 --------------------
19 {3.2.7 => 3.2.9}/0000_README | 6 +-
20 .../4420_grsecurity-2.9-3.2.9-201203022148.patch | 427 +++++----
21 {3.2.7 => 3.2.9}/4425_grsec_enable_xtpax.patch | 0
22 .../4430_grsec-remove-localversion-grsec.patch | 0
23 {3.2.7 => 3.2.9}/4435_grsec-mute-warnings.patch | 0
24 .../4440_grsec-remove-protected-paths.patch | 2 +-
25 .../4445_grsec-pax-without-grsec.patch | 6 +-
26 .../4450_grsec-kconfig-default-gids.patch | 14 +-
27 {3.2.7 => 3.2.9}/4455_grsec-kconfig-gentoo.patch | 0
28 .../4460-grsec-kconfig-proc-user.patch | 4 +-
29 .../4465_selinux-avc_audit-log-curr_ip.patch | 2 +-
30 {3.2.7 => 3.2.9}/4470_disable-compat_vdso.patch | 0
31 20 files changed, 754 insertions(+), 1297 deletions(-)
32
33 diff --git a/2.6.32/0000_README b/2.6.32/0000_README
34 index d4a9997..b14a3bc 100644
35 --- a/2.6.32/0000_README
36 +++ b/2.6.32/0000_README
37 @@ -22,7 +22,7 @@ Patch: 1056_linux-2.6.32.57.patch
38 From: http://www.kernel.org
39 Desc: Linux 2.6.32.57
40
41 -Patch: 4420_grsecurity-2.9-2.6.32.57-201202251202.patch
42 +Patch: 4420_grsecurity-2.9-2.6.32.57-201203022148.patch
43 From: http://www.grsecurity.net
44 Desc: hardened-sources base patch from upstream grsecurity
45
46
47 diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
48 similarity index 99%
49 rename from 2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch
50 rename to 2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
51 index 59a7ef3..f2893fd 100644
52 --- a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch
53 +++ b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
54 @@ -185,7 +185,7 @@ index c840e7d..f4c451c 100644
55
56 pcd. [PARIDE]
57 diff --git a/Makefile b/Makefile
58 -index 3377650..76aacb3 100644
59 +index 3377650..095e46d 100644
60 --- a/Makefile
61 +++ b/Makefile
62 @@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
63 @@ -220,32 +220,34 @@ index 3377650..76aacb3 100644
64 include/linux/version.h headers_% \
65 kernelrelease kernelversion
66
67 -@@ -526,6 +527,46 @@ else
68 +@@ -526,6 +527,48 @@ else
69 KBUILD_CFLAGS += -O2
70 endif
71
72 +ifndef DISABLE_PAX_PLUGINS
73 +ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y)
74 +ifndef DISABLE_PAX_CONSTIFY_PLUGIN
75 -+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
76 ++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
77 +endif
78 +ifdef CONFIG_PAX_MEMORY_STACKLEAK
79 -+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
80 -+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
81 ++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
82 ++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
83 +endif
84 +ifdef CONFIG_KALLOCSTAT_PLUGIN
85 -+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
86 ++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
87 +endif
88 +ifdef CONFIG_PAX_KERNEXEC_PLUGIN
89 -+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
90 -+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD)
91 ++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
92 ++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN
93 ++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN
94 +endif
95 +ifdef CONFIG_CHECKER_PLUGIN
96 +ifeq ($(call cc-ifversion, -ge, 0406, y), y)
97 -+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
98 ++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
99 +endif
100 +endif
101 -+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN)
102 ++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS)
103 ++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
104 +export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN
105 +ifeq ($(KBUILD_EXTMOD),)
106 +gcc-plugins:
107 @@ -267,7 +269,7 @@ index 3377650..76aacb3 100644
108 include $(srctree)/arch/$(SRCARCH)/Makefile
109
110 ifneq ($(CONFIG_FRAME_WARN),0)
111 -@@ -647,7 +688,7 @@ export mod_strip_cmd
112 +@@ -647,7 +690,7 @@ export mod_strip_cmd
113
114
115 ifeq ($(KBUILD_EXTMOD),)
116 @@ -276,15 +278,16 @@ index 3377650..76aacb3 100644
117
118 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
119 $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
120 -@@ -868,6 +909,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
121 +@@ -868,6 +911,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
122
123 # The actual objects are generated when descending,
124 # make sure no implicit rule kicks in
125 -+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS)
126 ++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
127 ++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
128 $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
129
130 # Handle descending into subdirectories listed in $(vmlinux-dirs)
131 -@@ -877,7 +919,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
132 +@@ -877,7 +922,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
133 # Error messages still appears in the original language
134
135 PHONY += $(vmlinux-dirs)
136 @@ -293,23 +296,24 @@ index 3377650..76aacb3 100644
137 $(Q)$(MAKE) $(build)=$@
138
139 # Build the kernel release string
140 -@@ -986,6 +1028,7 @@ prepare0: archprepare FORCE
141 +@@ -986,6 +1031,7 @@ prepare0: archprepare FORCE
142 $(Q)$(MAKE) $(build)=. missing-syscalls
143
144 # All the preparing..
145 -+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS))
146 ++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS))
147 prepare: prepare0
148
149 # The asm symlink changes when $(ARCH) changes.
150 -@@ -1127,6 +1170,7 @@ all: modules
151 +@@ -1127,6 +1173,8 @@ all: modules
152 # using awk while concatenating to the final file.
153
154 PHONY += modules
155 -+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
156 ++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
157 ++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
158 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
159 $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
160 @$(kecho) ' Building modules, stage 2.';
161 -@@ -1136,7 +1180,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
162 +@@ -1136,7 +1184,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
163
164 # Target to prepare building external modules
165 PHONY += modules_prepare
166 @@ -318,7 +322,7 @@ index 3377650..76aacb3 100644
167
168 # Target to install modules
169 PHONY += modules_install
170 -@@ -1201,7 +1245,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \
171 +@@ -1201,7 +1249,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \
172 include/linux/autoconf.h include/linux/version.h \
173 include/linux/utsrelease.h \
174 include/linux/bounds.h include/asm*/asm-offsets.h \
175 @@ -327,7 +331,7 @@ index 3377650..76aacb3 100644
176
177 # clean - Delete most, but leave enough to build external modules
178 #
179 -@@ -1245,7 +1289,7 @@ distclean: mrproper
180 +@@ -1245,7 +1293,7 @@ distclean: mrproper
181 @find $(srctree) $(RCS_FIND_IGNORE) \
182 \( -name '*.orig' -o -name '*.rej' -o -name '*~' \
183 -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
184 @@ -336,7 +340,7 @@ index 3377650..76aacb3 100644
185 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
186 -type f -print | xargs rm -f
187
188 -@@ -1292,6 +1336,7 @@ help:
189 +@@ -1292,6 +1340,7 @@ help:
190 @echo ' modules_prepare - Set up for building external modules'
191 @echo ' tags/TAGS - Generate tags file for editors'
192 @echo ' cscope - Generate cscope index'
193 @@ -344,15 +348,16 @@ index 3377650..76aacb3 100644
194 @echo ' kernelrelease - Output the release version string'
195 @echo ' kernelversion - Output the version stored in Makefile'
196 @echo ' headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH'; \
197 -@@ -1393,6 +1438,7 @@ PHONY += $(module-dirs) modules
198 +@@ -1393,6 +1442,8 @@ PHONY += $(module-dirs) modules
199 $(module-dirs): crmodverdir $(objtree)/Module.symvers
200 $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
201
202 -+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
203 ++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
204 ++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
205 modules: $(module-dirs)
206 @$(kecho) ' Building modules, stage 2.';
207 $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
208 -@@ -1448,7 +1494,7 @@ endif # KBUILD_EXTMOD
209 +@@ -1448,7 +1499,7 @@ endif # KBUILD_EXTMOD
210 quiet_cmd_tags = GEN $@
211 cmd_tags = $(CONFIG_SHELL) $(srctree)/scripts/tags.sh $@
212
213 @@ -361,18 +366,20 @@ index 3377650..76aacb3 100644
214 $(call cmd,tags)
215
216 # Scripts to check various things for consistency
217 -@@ -1513,17 +1559,19 @@ else
218 +@@ -1513,17 +1564,21 @@ else
219 target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
220 endif
221
222 -%.s: %.c prepare scripts FORCE
223 -+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS)
224 ++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
225 ++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
226 +%.s: %.c gcc-plugins prepare scripts FORCE
227 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
228 %.i: %.c prepare scripts FORCE
229 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
230 -%.o: %.c prepare scripts FORCE
231 -+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS)
232 ++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
233 ++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
234 +%.o: %.c gcc-plugins prepare scripts FORCE
235 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
236 %.lst: %.c prepare scripts FORCE
237 @@ -385,18 +392,20 @@ index 3377650..76aacb3 100644
238 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
239 %.symtypes: %.c prepare scripts FORCE
240 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
241 -@@ -1533,11 +1581,13 @@ endif
242 +@@ -1533,11 +1588,15 @@ endif
243 $(cmd_crmodverdir)
244 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
245 $(build)=$(build-dir)
246 -%/: prepare scripts FORCE
247 -+%/: KBUILD_CFLAGS += $(GCC_PLUGINS)
248 ++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
249 ++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
250 +%/: gcc-plugins prepare scripts FORCE
251 $(cmd_crmodverdir)
252 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
253 $(build)=$(build-dir)
254 -%.ko: prepare scripts FORCE
255 -+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS)
256 ++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
257 ++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
258 +%.ko: gcc-plugins prepare scripts FORCE
259 $(cmd_crmodverdir)
260 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
261 @@ -2881,7 +2890,7 @@ index 3f17b83..1f9e766 100644
262 #include <asm-generic/getorder.h>
263
264 diff --git a/arch/powerpc/include/asm/pci.h b/arch/powerpc/include/asm/pci.h
265 -index b5ea626..4030822 100644
266 +index b5ea626..40308222 100644
267 --- a/arch/powerpc/include/asm/pci.h
268 +++ b/arch/powerpc/include/asm/pci.h
269 @@ -65,8 +65,8 @@ static inline int pci_get_legacy_ide_irq(struct pci_dev *dev, int channel)
270 @@ -8436,7 +8445,7 @@ index 016218c..47ccbdd 100644
271 set_fs(old_fs);
272
273 diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h
274 -index e2077d3..b7a8919 100644
275 +index e2077d3..17d07ad 100644
276 --- a/arch/x86/include/asm/alternative-asm.h
277 +++ b/arch/x86/include/asm/alternative-asm.h
278 @@ -8,10 +8,10 @@
279 @@ -8456,7 +8465,7 @@ index e2077d3..b7a8919 100644
280 .endm
281 #endif
282
283 -+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
284 ++#ifdef KERNEXEC_PLUGIN
285 + .macro pax_force_retaddr_bts rip=0
286 + btsq $63,\rip(%rsp)
287 + .endm
288 @@ -18113,7 +18122,7 @@ index 8d82a77..0baf312 100644
289 .gdb_bpt_instr = { 0xcc },
290 .flags = KGDB_HW_BREAKPOINT,
291 diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c
292 -index 7a67820..8d15b75 100644
293 +index 7a67820..70ea187 100644
294 --- a/arch/x86/kernel/kprobes.c
295 +++ b/arch/x86/kernel/kprobes.c
296 @@ -168,9 +168,13 @@ static void __kprobes set_jmp_op(void *from, void *to)
297 @@ -18203,7 +18212,7 @@ index 7a67820..8d15b75 100644
298 /* Skip orig_ax, ip, cs */
299 " addq $24, %rsp\n"
300 " popfq\n"
301 -+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
302 ++#ifdef KERNEXEC_PLUGIN
303 + " btsq $63,(%rsp)\n"
304 +#endif
305 #else
306 @@ -24839,7 +24848,7 @@ index 63a6ba6..79abd7a 100644
307 return (void *)vaddr;
308 }
309 diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c
310 -index f46c340..6ff9a26 100644
311 +index f46c3407..6ff9a26 100644
312 --- a/arch/x86/mm/hugetlbpage.c
313 +++ b/arch/x86/mm/hugetlbpage.c
314 @@ -267,13 +267,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file,
315 @@ -30944,6 +30953,39 @@ index a5d585d..d087be3 100644
316 .show = kobj_pkt_show,
317 .store = kobj_pkt_store
318 };
319 +diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
320 +index 59cccc9..a4592ec 100644
321 +--- a/drivers/cdrom/cdrom.c
322 ++++ b/drivers/cdrom/cdrom.c
323 +@@ -2057,11 +2057,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
324 + if (!nr)
325 + return -ENOMEM;
326 +
327 +- if (!access_ok(VERIFY_WRITE, ubuf, nframes * CD_FRAMESIZE_RAW)) {
328 +- ret = -EFAULT;
329 +- goto out;
330 +- }
331 +-
332 + cgc.data_direction = CGC_DATA_READ;
333 + while (nframes > 0) {
334 + if (nr > nframes)
335 +@@ -2070,7 +2065,7 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
336 + ret = cdrom_read_block(cdi, &cgc, lba, nr, 1, CD_FRAMESIZE_RAW);
337 + if (ret)
338 + break;
339 +- if (__copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) {
340 ++ if (copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) {
341 + ret = -EFAULT;
342 + break;
343 + }
344 +@@ -2078,7 +2073,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
345 + nframes -= nr;
346 + lba += nr;
347 + }
348 +-out:
349 + kfree(cgc.buffer);
350 + return ret;
351 + }
352 diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
353 index 6aad99e..89cd142 100644
354 --- a/drivers/char/Kconfig
355 @@ -46529,7 +46571,7 @@ index 0133b5a..b3baa9f 100644
356 fd_offset + ex.a_text);
357 up_write(&current->mm->mmap_sem);
358 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
359 -index 1ed37ba..de82ab7 100644
360 +index 1ed37ba..308a022 100644
361 --- a/fs/binfmt_elf.c
362 +++ b/fs/binfmt_elf.c
363 @@ -31,6 +31,7 @@
364 @@ -46666,6 +46708,7 @@ index 1ed37ba..de82ab7 100644
365 return error;
366 }
367
368 ++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
369 +static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata)
370 +{
371 + unsigned long pax_flags = 0UL;
372 @@ -46811,7 +46854,7 @@ index 1ed37ba..de82ab7 100644
373 +#endif
374 +
375 +#ifdef CONFIG_PAX_SEGMEXEC
376 -+ if (!(__supported_pte_mask & _PAGE_NX)) {
377 ++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) {
378 + pax_flags &= ~MF_PAX_PAGEEXEC;
379 + pax_flags |= MF_PAX_SEGMEXEC;
380 + }
381 @@ -46985,7 +47028,6 @@ index 1ed37ba..de82ab7 100644
382 +
383 +}
384 +
385 -+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
386 +static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file)
387 +{
388 + unsigned long pax_flags, pt_pax_flags, xattr_pax_flags;
389 @@ -48627,10 +48669,38 @@ index 7a5f1ac..205b034 100644
390 out:
391 return rc;
392 }
393 +diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
394 +index 4e25328..3015389 100644
395 +--- a/fs/ecryptfs/file.c
396 ++++ b/fs/ecryptfs/file.c
397 +@@ -323,11 +323,11 @@ ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
398 +
399 + const struct file_operations ecryptfs_dir_fops = {
400 + .readdir = ecryptfs_readdir,
401 ++ .read = generic_read_dir,
402 + .unlocked_ioctl = ecryptfs_unlocked_ioctl,
403 + #ifdef CONFIG_COMPAT
404 + .compat_ioctl = ecryptfs_compat_ioctl,
405 + #endif
406 +- .mmap = generic_file_mmap,
407 + .open = ecryptfs_open,
408 + .flush = ecryptfs_flush,
409 + .release = ecryptfs_release,
410 diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
411 -index 88ba4d4..073f003 100644
412 +index 88ba4d4..55639ca 100644
413 --- a/fs/ecryptfs/inode.c
414 +++ b/fs/ecryptfs/inode.c
415 +@@ -575,8 +575,8 @@ static int ecryptfs_rmdir(struct inode *dir, struct dentry *dentry)
416 + dget(lower_dentry);
417 + rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry);
418 + dput(lower_dentry);
419 +- if (!rc)
420 +- d_delete(lower_dentry);
421 ++ if (!rc && dentry->d_inode)
422 ++ clear_nlink(dentry->d_inode);
423 + fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
424 + dir->i_nlink = lower_dir_dentry->d_inode->i_nlink;
425 + unlock_dir(lower_dir_dentry);
426 @@ -660,7 +660,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf,
427 old_fs = get_fs();
428 set_fs(get_ds());
429 @@ -48649,6 +48719,235 @@ index 88ba4d4..073f003 100644
430 set_fs(old_fs);
431 if (rc < 0)
432 goto out_free;
433 +@@ -758,18 +758,23 @@ upper_size_to_lower_size(struct ecryptfs_crypt_stat *crypt_stat,
434 + }
435 +
436 + /**
437 +- * ecryptfs_truncate
438 ++ * truncate_upper
439 + * @dentry: The ecryptfs layer dentry
440 +- * @new_length: The length to expand the file to
441 ++ * @ia: Address of the ecryptfs inode's attributes
442 ++ * @lower_ia: Address of the lower inode's attributes
443 + *
444 + * Function to handle truncations modifying the size of the file. Note
445 + * that the file sizes are interpolated. When expanding, we are simply
446 +- * writing strings of 0's out. When truncating, we need to modify the
447 +- * underlying file size according to the page index interpolations.
448 ++ * writing strings of 0's out. When truncating, we truncate the upper
449 ++ * inode and update the lower_ia according to the page index
450 ++ * interpolations. If ATTR_SIZE is set in lower_ia->ia_valid upon return,
451 ++ * the caller must use lower_ia in a call to notify_change() to perform
452 ++ * the truncation of the lower inode.
453 + *
454 + * Returns zero on success; non-zero otherwise
455 + */
456 +-int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
457 ++static int truncate_upper(struct dentry *dentry, struct iattr *ia,
458 ++ struct iattr *lower_ia)
459 + {
460 + int rc = 0;
461 + struct inode *inode = dentry->d_inode;
462 +@@ -780,8 +785,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
463 + loff_t lower_size_before_truncate;
464 + loff_t lower_size_after_truncate;
465 +
466 +- if (unlikely((new_length == i_size)))
467 ++ if (unlikely((ia->ia_size == i_size))) {
468 ++ lower_ia->ia_valid &= ~ATTR_SIZE;
469 + goto out;
470 ++ }
471 + crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat;
472 + /* Set up a fake ecryptfs file, this is used to interface with
473 + * the file in the underlying filesystem so that the
474 +@@ -801,28 +808,30 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
475 + &fake_ecryptfs_file,
476 + ecryptfs_inode_to_private(dentry->d_inode)->lower_file);
477 + /* Switch on growing or shrinking file */
478 +- if (new_length > i_size) {
479 ++ if (ia->ia_size > i_size) {
480 + char zero[] = { 0x00 };
481 +
482 ++ lower_ia->ia_valid &= ~ATTR_SIZE;
483 + /* Write a single 0 at the last position of the file;
484 + * this triggers code that will fill in 0's throughout
485 + * the intermediate portion of the previous end of the
486 + * file and the new and of the file */
487 + rc = ecryptfs_write(&fake_ecryptfs_file, zero,
488 +- (new_length - 1), 1);
489 +- } else { /* new_length < i_size_read(inode) */
490 +- /* We're chopping off all the pages down do the page
491 +- * in which new_length is located. Fill in the end of
492 +- * that page from (new_length & ~PAGE_CACHE_MASK) to
493 ++ (ia->ia_size - 1), 1);
494 ++ } else { /* ia->ia_size < i_size_read(inode) */
495 ++ /* We're chopping off all the pages down to the page
496 ++ * in which ia->ia_size is located. Fill in the end of
497 ++ * that page from (ia->ia_size & ~PAGE_CACHE_MASK) to
498 + * PAGE_CACHE_SIZE with zeros. */
499 + size_t num_zeros = (PAGE_CACHE_SIZE
500 +- - (new_length & ~PAGE_CACHE_MASK));
501 ++ - (ia->ia_size & ~PAGE_CACHE_MASK));
502 +
503 + if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
504 +- rc = vmtruncate(inode, new_length);
505 ++ rc = vmtruncate(inode, ia->ia_size);
506 + if (rc)
507 + goto out_free;
508 +- rc = vmtruncate(lower_dentry->d_inode, new_length);
509 ++ lower_ia->ia_size = ia->ia_size;
510 ++ lower_ia->ia_valid |= ATTR_SIZE;
511 + goto out_free;
512 + }
513 + if (num_zeros) {
514 +@@ -834,7 +843,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
515 + goto out_free;
516 + }
517 + rc = ecryptfs_write(&fake_ecryptfs_file, zeros_virt,
518 +- new_length, num_zeros);
519 ++ ia->ia_size, num_zeros);
520 + kfree(zeros_virt);
521 + if (rc) {
522 + printk(KERN_ERR "Error attempting to zero out "
523 +@@ -843,7 +852,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
524 + goto out_free;
525 + }
526 + }
527 +- vmtruncate(inode, new_length);
528 ++ vmtruncate(inode, ia->ia_size);
529 + rc = ecryptfs_write_inode_size_to_metadata(inode);
530 + if (rc) {
531 + printk(KERN_ERR "Problem with "
532 +@@ -856,10 +865,12 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
533 + lower_size_before_truncate =
534 + upper_size_to_lower_size(crypt_stat, i_size);
535 + lower_size_after_truncate =
536 +- upper_size_to_lower_size(crypt_stat, new_length);
537 +- if (lower_size_after_truncate < lower_size_before_truncate)
538 +- vmtruncate(lower_dentry->d_inode,
539 +- lower_size_after_truncate);
540 ++ upper_size_to_lower_size(crypt_stat, ia->ia_size);
541 ++ if (lower_size_after_truncate < lower_size_before_truncate) {
542 ++ lower_ia->ia_size = lower_size_after_truncate;
543 ++ lower_ia->ia_valid |= ATTR_SIZE;
544 ++ } else
545 ++ lower_ia->ia_valid &= ~ATTR_SIZE;
546 + }
547 + out_free:
548 + if (ecryptfs_file_to_private(&fake_ecryptfs_file))
549 +@@ -869,6 +880,33 @@ out:
550 + return rc;
551 + }
552 +
553 ++/**
554 ++ * ecryptfs_truncate
555 ++ * @dentry: The ecryptfs layer dentry
556 ++ * @new_length: The length to expand the file to
557 ++ *
558 ++ * Simple function that handles the truncation of an eCryptfs inode and
559 ++ * its corresponding lower inode.
560 ++ *
561 ++ * Returns zero on success; non-zero otherwise
562 ++ */
563 ++int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
564 ++{
565 ++ struct iattr ia = { .ia_valid = ATTR_SIZE, .ia_size = new_length };
566 ++ struct iattr lower_ia = { .ia_valid = 0 };
567 ++ int rc;
568 ++
569 ++ rc = truncate_upper(dentry, &ia, &lower_ia);
570 ++ if (!rc && lower_ia.ia_valid & ATTR_SIZE) {
571 ++ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
572 ++
573 ++ mutex_lock(&lower_dentry->d_inode->i_mutex);
574 ++ rc = notify_change(lower_dentry, &lower_ia);
575 ++ mutex_unlock(&lower_dentry->d_inode->i_mutex);
576 ++ }
577 ++ return rc;
578 ++}
579 ++
580 + static int
581 + ecryptfs_permission(struct inode *inode, int mask)
582 + {
583 +@@ -891,6 +929,7 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
584 + {
585 + int rc = 0;
586 + struct dentry *lower_dentry;
587 ++ struct iattr lower_ia;
588 + struct inode *inode;
589 + struct inode *lower_inode;
590 + struct ecryptfs_crypt_stat *crypt_stat;
591 +@@ -929,15 +968,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
592 + }
593 + }
594 + mutex_unlock(&crypt_stat->cs_mutex);
595 ++ memcpy(&lower_ia, ia, sizeof(lower_ia));
596 ++ if (ia->ia_valid & ATTR_FILE)
597 ++ lower_ia.ia_file = ecryptfs_file_to_lower(ia->ia_file);
598 + if (ia->ia_valid & ATTR_SIZE) {
599 +- ecryptfs_printk(KERN_DEBUG,
600 +- "ia->ia_valid = [0x%x] ATTR_SIZE" " = [0x%x]\n",
601 +- ia->ia_valid, ATTR_SIZE);
602 +- rc = ecryptfs_truncate(dentry, ia->ia_size);
603 +- /* ecryptfs_truncate handles resizing of the lower file */
604 +- ia->ia_valid &= ~ATTR_SIZE;
605 +- ecryptfs_printk(KERN_DEBUG, "ia->ia_valid = [%x]\n",
606 +- ia->ia_valid);
607 ++ rc = truncate_upper(dentry, ia, &lower_ia);
608 + if (rc < 0)
609 + goto out;
610 + }
611 +@@ -946,11 +981,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
612 + * mode change is for clearing setuid/setgid bits. Allow lower fs
613 + * to interpret this in its own way.
614 + */
615 +- if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
616 +- ia->ia_valid &= ~ATTR_MODE;
617 ++ if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
618 ++ lower_ia.ia_valid &= ~ATTR_MODE;
619 +
620 + mutex_lock(&lower_dentry->d_inode->i_mutex);
621 +- rc = notify_change(lower_dentry, ia);
622 ++ rc = notify_change(lower_dentry, &lower_ia);
623 + mutex_unlock(&lower_dentry->d_inode->i_mutex);
624 + out:
625 + fsstack_copy_attr_all(inode, lower_inode, NULL);
626 +diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
627 +index c6ac85d..c52df75 100644
628 +--- a/fs/ecryptfs/main.c
629 ++++ b/fs/ecryptfs/main.c
630 +@@ -487,6 +487,7 @@ out:
631 + }
632 +
633 + struct kmem_cache *ecryptfs_sb_info_cache;
634 ++static struct file_system_type ecryptfs_fs_type;
635 +
636 + /**
637 + * ecryptfs_fill_super
638 +@@ -561,6 +562,23 @@ static int ecryptfs_read_super(struct super_block *sb, const char *dev_name)
639 + ecryptfs_printk(KERN_WARNING, "path_lookup() failed\n");
640 + goto out;
641 + }
642 ++
643 ++ if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) {
644 ++ rc = -EINVAL;
645 ++ printk(KERN_ERR "Mount on filesystem of type "
646 ++ "eCryptfs explicitly disallowed due to "
647 ++ "known incompatibilities\n");
648 ++ goto out_free;
649 ++ }
650 ++
651 ++ if (check_ruid && path.dentry->d_inode->i_uid != current_uid()) {
652 ++ rc = -EPERM;
653 ++ printk(KERN_ERR "Mount of device (uid: %d) not owned by "
654 ++ "requested user (uid: %d)\n",
655 ++ path.dentry->d_inode->i_uid, current_uid());
656 ++ goto out_free;
657 ++ }
658 ++
659 + ecryptfs_set_superblock_lower(sb, path.dentry->d_sb);
660 + sb->s_maxbytes = path.dentry->d_sb->s_maxbytes;
661 + sb->s_blocksize = path.dentry->d_sb->s_blocksize;
662 diff --git a/fs/exec.c b/fs/exec.c
663 index 86fafc6..6272c0e 100644
664 --- a/fs/exec.c
665 @@ -53021,7 +53320,7 @@ index 50f8f06..c5755df 100644
666 help
667 Various /proc files exist to monitor process memory utilization:
668 diff --git a/fs/proc/array.c b/fs/proc/array.c
669 -index c5ef152..24a1b87 100644
670 +index c5ef152..28c94f7 100644
671 --- a/fs/proc/array.c
672 +++ b/fs/proc/array.c
673 @@ -60,6 +60,7 @@
674 @@ -53135,9 +53434,12 @@ index c5ef152..24a1b87 100644
675 esp,
676 eip,
677 /* The signal information here is obsolete.
678 -@@ -519,6 +578,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
679 +@@ -517,8 +576,16 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
680 + struct pid *pid, struct task_struct *task)
681 + {
682 int size = 0, resident = 0, shared = 0, text = 0, lib = 0, data = 0;
683 - struct mm_struct *mm = get_task_mm(task);
684 +- struct mm_struct *mm = get_task_mm(task);
685 ++ struct mm_struct *mm;
686
687 +#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
688 + if (current->exec_id != m->exec_id) {
689 @@ -53146,10 +53448,11 @@ index c5ef152..24a1b87 100644
690 + }
691 +#endif
692 +
693 ++ mm = get_task_mm(task);
694 if (mm) {
695 size = task_statm(mm, &shared, &text, &data, &resident);
696 mmput(mm);
697 -@@ -528,3 +594,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
698 +@@ -528,3 +595,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
699
700 return 0;
701 }
702 @@ -88073,10 +88376,10 @@ index 0000000..008f159
703 +}
704 diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
705 new file mode 100644
706 -index 0000000..8b61031
707 +index 0000000..4a9b187
708 --- /dev/null
709 +++ b/tools/gcc/stackleak_plugin.c
710 -@@ -0,0 +1,295 @@
711 +@@ -0,0 +1,326 @@
712 +/*
713 + * Copyright 2011 by the PaX Team <pageexec@××××××××.hu>
714 + * Licensed under the GPL v2
715 @@ -88123,10 +88426,12 @@ index 0000000..8b61031
716 +static int track_frame_size = -1;
717 +static const char track_function[] = "pax_track_stack";
718 +static const char check_function[] = "pax_check_alloca";
719 ++static tree pax_check_alloca_decl;
720 ++static tree pax_track_stack_decl;
721 +static bool init_locals;
722 +
723 +static struct plugin_info stackleak_plugin_info = {
724 -+ .version = "201111150100",
725 ++ .version = "201203021600",
726 + .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n"
727 +// "initialize-locals\t\tforcibly initialize all stack frames\n"
728 +};
729 @@ -88179,27 +88484,20 @@ index 0000000..8b61031
730 +static void stackleak_check_alloca(gimple_stmt_iterator *gsi)
731 +{
732 + gimple check_alloca;
733 -+ tree fndecl, fntype, alloca_size;
734 ++ tree alloca_size;
735 +
736 + // insert call to void pax_check_alloca(unsigned long size)
737 -+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
738 -+ fndecl = build_fn_decl(check_function, fntype);
739 -+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
740 + alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0);
741 -+ check_alloca = gimple_build_call(fndecl, 1, alloca_size);
742 ++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size);
743 + gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT);
744 +}
745 +
746 +static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi)
747 +{
748 + gimple track_stack;
749 -+ tree fndecl, fntype;
750 +
751 + // insert call to void pax_track_stack(void)
752 -+ fntype = build_function_type_list(void_type_node, NULL_TREE);
753 -+ fndecl = build_fn_decl(track_function, fntype);
754 -+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
755 -+ track_stack = gimple_build_call(fndecl, 0);
756 ++ track_stack = gimple_build_call(pax_track_stack_decl, 0);
757 + gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING);
758 +}
759 +
760 @@ -88236,7 +88534,7 @@ index 0000000..8b61031
761 +static unsigned int execute_stackleak_tree_instrument(void)
762 +{
763 + basic_block bb, entry_bb;
764 -+ bool prologue_instrumented = false;
765 ++ bool prologue_instrumented = false, is_leaf = true;
766 +
767 + entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb;
768 +
769 @@ -88245,8 +88543,15 @@ index 0000000..8b61031
770 + gimple_stmt_iterator gsi;
771 +
772 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
773 ++ gimple stmt;
774 ++
775 ++ stmt = gsi_stmt(gsi);
776 ++
777 ++ if (is_gimple_call(stmt))
778 ++ is_leaf = false;
779 ++
780 + // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450>
781 -+ if (!is_alloca(gsi_stmt(gsi)))
782 ++ if (!is_alloca(stmt))
783 + continue;
784 +
785 + // 2. insert stack overflow check before each __builtin_alloca call
786 @@ -88259,6 +88564,13 @@ index 0000000..8b61031
787 + }
788 + }
789 +
790 ++ // special case for some bad linux code: taking the address of static inline functions will materialize them
791 ++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI
792 ++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI.
793 ++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here.
794 ++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl))
795 ++ return 0;
796 ++
797 + // 4. insert track call at the beginning
798 + if (!prologue_instrumented) {
799 + gimple_stmt_iterator gsi;
800 @@ -88318,6 +88630,27 @@ index 0000000..8b61031
801 + return 0;
802 +}
803 +
804 ++static void stackleak_start_unit(void *gcc_data, void *user_dat)
805 ++{
806 ++ tree fntype;
807 ++
808 ++ // declare void pax_check_alloca(unsigned long size)
809 ++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
810 ++ pax_check_alloca_decl = build_fn_decl(check_function, fntype);
811 ++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO
812 ++ TREE_PUBLIC(pax_check_alloca_decl) = 1;
813 ++ DECL_EXTERNAL(pax_check_alloca_decl) = 1;
814 ++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1;
815 ++
816 ++ // declare void pax_track_stack(void)
817 ++ fntype = build_function_type_list(void_type_node, NULL_TREE);
818 ++ pax_track_stack_decl = build_fn_decl(track_function, fntype);
819 ++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO
820 ++ TREE_PUBLIC(pax_track_stack_decl) = 1;
821 ++ DECL_EXTERNAL(pax_track_stack_decl) = 1;
822 ++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1;
823 ++}
824 ++
825 +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version)
826 +{
827 + const char * const plugin_name = plugin_info->base_name;
828 @@ -88329,7 +88662,7 @@ index 0000000..8b61031
829 +// .reference_pass_name = "tree_profile",
830 + .reference_pass_name = "optimized",
831 + .ref_pass_instance_number = 0,
832 -+ .pos_op = PASS_POS_INSERT_AFTER
833 ++ .pos_op = PASS_POS_INSERT_BEFORE
834 + };
835 + struct register_pass_info stackleak_final_pass_info = {
836 + .pass = &stackleak_final_rtl_opt_pass.pass,
837 @@ -88367,6 +88700,7 @@ index 0000000..8b61031
838 + error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
839 + }
840 +
841 ++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL);
842 + register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info);
843 + register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info);
844 +
845 @@ -88399,10 +88733,112 @@ index 83b3dde..835bee7 100644
846 break;
847 }
848 diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
849 -index 4f3434f..159bc3e 100644
850 +index 4f3434f..fc63040 100644
851 --- a/virt/kvm/kvm_main.c
852 +++ b/virt/kvm/kvm_main.c
853 -@@ -2494,7 +2494,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void)
854 +@@ -43,6 +43,8 @@
855 + #include <linux/swap.h>
856 + #include <linux/bitops.h>
857 + #include <linux/spinlock.h>
858 ++#include <linux/namei.h>
859 ++#include <linux/fs.h>
860 +
861 + #include <asm/processor.h>
862 + #include <asm/io.h>
863 +@@ -575,12 +577,73 @@ out:
864 + return r;
865 + }
866 +
867 ++/*
868 ++ * We want to test whether the caller has been granted permissions to
869 ++ * use this device. To be able to configure and control the device,
870 ++ * the user needs access to PCI configuration space and BAR resources.
871 ++ * These are accessed through PCI sysfs. PCI config space is often
872 ++ * passed to the process calling this ioctl via file descriptor, so we
873 ++ * can't rely on access to that file. We can check for permissions
874 ++ * on each of the BAR resource files, which is a pretty clear
875 ++ * indicator that the user has been granted access to the device.
876 ++ */
877 ++static int probe_sysfs_permissions(struct pci_dev *dev)
878 ++{
879 ++#ifdef CONFIG_SYSFS
880 ++ int i;
881 ++ bool bar_found = false;
882 ++
883 ++ for (i = PCI_STD_RESOURCES; i <= PCI_STD_RESOURCE_END; i++) {
884 ++ char *kpath, *syspath;
885 ++ struct path path;
886 ++ struct inode *inode;
887 ++ int r;
888 ++
889 ++ if (!pci_resource_len(dev, i))
890 ++ continue;
891 ++
892 ++ kpath = kobject_get_path(&dev->dev.kobj, GFP_KERNEL);
893 ++ if (!kpath)
894 ++ return -ENOMEM;
895 ++
896 ++ /* Per sysfs-rules, sysfs is always at /sys */
897 ++ syspath = kasprintf(GFP_KERNEL, "/sys%s/resource%d", kpath, i);
898 ++ kfree(kpath);
899 ++ if (!syspath)
900 ++ return -ENOMEM;
901 ++
902 ++ r = kern_path(syspath, LOOKUP_FOLLOW, &path);
903 ++ kfree(syspath);
904 ++ if (r)
905 ++ return r;
906 ++
907 ++ inode = path.dentry->d_inode;
908 ++
909 ++ r = inode_permission(inode, MAY_READ | MAY_WRITE | MAY_ACCESS);
910 ++ path_put(&path);
911 ++ if (r)
912 ++ return r;
913 ++
914 ++ bar_found = true;
915 ++ }
916 ++
917 ++ /* If no resources, probably something special */
918 ++ if (!bar_found)
919 ++ return -EPERM;
920 ++
921 ++ return 0;
922 ++#else
923 ++ return -EINVAL; /* No way to control the device without sysfs */
924 ++#endif
925 ++}
926 ++
927 + static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
928 + struct kvm_assigned_pci_dev *assigned_dev)
929 + {
930 + int r = 0;
931 + struct kvm_assigned_dev_kernel *match;
932 + struct pci_dev *dev;
933 ++ u8 header_type;
934 +
935 + down_read(&kvm->slots_lock);
936 + mutex_lock(&kvm->lock);
937 +@@ -607,6 +670,18 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
938 + r = -EINVAL;
939 + goto out_free;
940 + }
941 ++
942 ++ /* Don't allow bridges to be assigned */
943 ++ pci_read_config_byte(dev, PCI_HEADER_TYPE, &header_type);
944 ++ if ((header_type & PCI_HEADER_TYPE) != PCI_HEADER_TYPE_NORMAL) {
945 ++ r = -EPERM;
946 ++ goto out_put;
947 ++ }
948 ++
949 ++ r = probe_sysfs_permissions(dev);
950 ++ if (r)
951 ++ goto out_put;
952 ++
953 + if (pci_enable_device(dev)) {
954 + printk(KERN_INFO "%s: Could not enable PCI device\n", __func__);
955 + r = -EBUSY;
956 +@@ -2494,7 +2569,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void)
957 if (kvm_rebooting)
958 /* spin while reset goes on */
959 while (true)
960 @@ -88411,7 +88847,7 @@ index 4f3434f..159bc3e 100644
961 /* Fault while not rebooting. We want the trace. */
962 BUG();
963 }
964 -@@ -2714,7 +2714,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
965 +@@ -2714,7 +2789,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
966 kvm_arch_vcpu_put(vcpu);
967 }
968
969 @@ -88420,7 +88856,7 @@ index 4f3434f..159bc3e 100644
970 struct module *module)
971 {
972 int r;
973 -@@ -2767,15 +2767,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size,
974 +@@ -2767,15 +2842,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size,
975 /* A kmem cache lets us meet the alignment requirements of fx_save. */
976 kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size,
977 __alignof__(struct kvm_vcpu),
978
979 diff --git a/2.6.32/4440_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch
980 index 5cec66c..339cc6e 100644
981 --- a/2.6.32/4440_grsec-remove-protected-paths.patch
982 +++ b/2.6.32/4440_grsec-remove-protected-paths.patch
983 @@ -6,7 +6,7 @@ the filesystem.
984 diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile
985 --- a/grsecurity/Makefile 2011-10-19 19:48:21.000000000 -0400
986 +++ b/grsecurity/Makefile 2011-10-19 19:50:44.000000000 -0400
987 -@@ -27,10 +27,4 @@
988 +@@ -29,10 +29,4 @@
989 ifdef CONFIG_GRKERNSEC_HIDESYM
990 extra-y := grsec_hidesym.o
991 $(obj)/grsec_hidesym.o:
992
993 diff --git a/2.6.32/4445_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch
994 index 0f87dc1..591a120 100644
995 --- a/2.6.32/4445_grsec-pax-without-grsec.patch
996 +++ b/2.6.32/4445_grsec-pax-without-grsec.patch
997 @@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
998 diff -Naur a/fs/exec.c b/fs/exec.c
999 --- a/fs/exec.c 2011-04-17 18:15:55.000000000 -0400
1000 +++ b/fs/exec.c 2011-04-17 18:29:40.000000000 -0400
1001 -@@ -1812,9 +1812,11 @@
1002 +@@ -1832,9 +1832,11 @@
1003 }
1004 up_read(&mm->mmap_sem);
1005 }
1006 @@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
1007 printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset);
1008 printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, "
1009 "PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk),
1010 -@@ -1829,10 +1831,12 @@
1011 +@@ -1849,10 +1851,12 @@
1012 #ifdef CONFIG_PAX_REFCOUNT
1013 void pax_report_refcount_overflow(struct pt_regs *regs)
1014 {
1015 @@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
1016 printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
1017 current->comm, task_pid_nr(current), current_uid(), current_euid());
1018 print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
1019 -@@ -1892,10 +1896,12 @@
1020 +@@ -1912,10 +1916,12 @@
1021
1022 NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type)
1023 {
1024
1025 diff --git a/2.6.32/4450_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch
1026 index 763d845..498adb6 100644
1027 --- a/2.6.32/4450_grsec-kconfig-default-gids.patch
1028 +++ b/2.6.32/4450_grsec-kconfig-default-gids.patch
1029 @@ -12,7 +12,7 @@ from shooting themselves in the foot.
1030 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1031 --- a/grsecurity/Kconfig 2011-12-12 15:11:47.000000000 -0500
1032 +++ b/grsecurity/Kconfig 2011-12-12 15:13:17.000000000 -0500
1033 -@@ -433,7 +433,7 @@
1034 +@@ -439,7 +439,7 @@
1035 config GRKERNSEC_PROC_GID
1036 int "GID for special group"
1037 depends on GRKERNSEC_PROC_USERGROUP
1038 @@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1039
1040 config GRKERNSEC_PROC_ADD
1041 bool "Additional restrictions"
1042 -@@ -661,7 +661,7 @@
1043 +@@ -667,7 +667,7 @@
1044 config GRKERNSEC_AUDIT_GID
1045 int "GID for auditing"
1046 depends on GRKERNSEC_AUDIT_GROUP
1047 @@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1048
1049 config GRKERNSEC_EXECLOG
1050 bool "Exec logging"
1051 -@@ -865,7 +865,7 @@
1052 +@@ -871,7 +871,7 @@
1053 config GRKERNSEC_TPE_GID
1054 int "GID for untrusted users"
1055 depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT
1056 @@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1057 help
1058 Setting this GID determines what group TPE restrictions will be
1059 *enabled* for. If the sysctl option is enabled, a sysctl option
1060 -@@ -874,7 +874,7 @@
1061 +@@ -880,7 +880,7 @@
1062 config GRKERNSEC_TPE_GID
1063 int "GID for trusted users"
1064 depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT
1065 @@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1066 help
1067 Setting this GID determines what group TPE restrictions will be
1068 *disabled* for. If the sysctl option is enabled, a sysctl option
1069 -@@ -947,7 +947,7 @@
1070 +@@ -953,7 +953,7 @@
1071 config GRKERNSEC_SOCKET_ALL_GID
1072 int "GID to deny all sockets for"
1073 depends on GRKERNSEC_SOCKET_ALL
1074 @@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1075 help
1076 Here you can choose the GID to disable socket access for. Remember to
1077 add the users you want socket access disabled for to the GID
1078 -@@ -968,7 +968,7 @@
1079 +@@ -974,7 +974,7 @@
1080 config GRKERNSEC_SOCKET_CLIENT_GID
1081 int "GID to deny client sockets for"
1082 depends on GRKERNSEC_SOCKET_CLIENT
1083 @@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1084 help
1085 Here you can choose the GID to disable client socket access for.
1086 Remember to add the users you want client socket access disabled for to
1087 -@@ -986,7 +986,7 @@
1088 +@@ -992,7 +992,7 @@
1089 config GRKERNSEC_SOCKET_SERVER_GID
1090 int "GID to deny server sockets for"
1091 depends on GRKERNSEC_SOCKET_SERVER
1092
1093 diff --git a/2.6.32/4460-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch
1094 index ca88ef7..1e181f3 100644
1095 --- a/2.6.32/4460-grsec-kconfig-proc-user.patch
1096 +++ b/2.6.32/4460-grsec-kconfig-proc-user.patch
1097 @@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre
1098 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1099 --- a/grsecurity/Kconfig 2011-06-29 07:46:02.000000000 -0400
1100 +++ b/grsecurity/Kconfig 2011-06-29 07:47:20.000000000 -0400
1101 -@@ -667,7 +667,7 @@
1102 +@@ -673,7 +673,7 @@
1103
1104 config GRKERNSEC_PROC_USER
1105 bool "Restrict /proc to user only"
1106 @@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1107 help
1108 If you say Y here, non-root users will only be able to view their own
1109 processes, and restricts them from viewing network-related information,
1110 -@@ -675,7 +675,7 @@
1111 +@@ -681,7 +681,7 @@
1112
1113 config GRKERNSEC_PROC_USERGROUP
1114 bool "Allow special group"
1115
1116 diff --git a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
1117 index 0873c15..fe2f190 100644
1118 --- a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
1119 +++ b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
1120 @@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org>
1121 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
1122 --- a/grsecurity/Kconfig 2011-04-17 18:47:02.000000000 -0400
1123 +++ b/grsecurity/Kconfig 2011-04-17 18:51:15.000000000 -0400
1124 -@@ -1296,6 +1296,27 @@
1125 +@@ -1302,6 +1302,27 @@
1126 menu "Logging Options"
1127 depends on GRKERNSEC
1128
1129
1130 diff --git a/3.2.7/1006_linux-3.2.7.patch b/3.2.7/1006_linux-3.2.7.patch
1131 deleted file mode 100644
1132 index 08a6ba3..0000000
1133 --- a/3.2.7/1006_linux-3.2.7.patch
1134 +++ /dev/null
1135 @@ -1,994 +0,0 @@
1136 -diff --git a/Makefile b/Makefile
1137 -index 47fe496..d1bdc90 100644
1138 ---- a/Makefile
1139 -+++ b/Makefile
1140 -@@ -1,6 +1,6 @@
1141 - VERSION = 3
1142 - PATCHLEVEL = 2
1143 --SUBLEVEL = 6
1144 -+SUBLEVEL = 7
1145 - EXTRAVERSION =
1146 - NAME = Saber-toothed Squirrel
1147 -
1148 -diff --git a/arch/x86/pci/xen.c b/arch/x86/pci/xen.c
1149 -index 492ade8..d99346e 100644
1150 ---- a/arch/x86/pci/xen.c
1151 -+++ b/arch/x86/pci/xen.c
1152 -@@ -374,7 +374,7 @@ int __init pci_xen_init(void)
1153 -
1154 - int __init pci_xen_hvm_init(void)
1155 - {
1156 -- if (!xen_feature(XENFEAT_hvm_pirqs))
1157 -+ if (!xen_have_vector_callback || !xen_feature(XENFEAT_hvm_pirqs))
1158 - return 0;
1159 -
1160 - #ifdef CONFIG_ACPI
1161 -diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c
1162 -index 88f160b..107f6f7 100644
1163 ---- a/crypto/sha512_generic.c
1164 -+++ b/crypto/sha512_generic.c
1165 -@@ -31,11 +31,6 @@ static inline u64 Maj(u64 x, u64 y, u64 z)
1166 - return (x & y) | (z & (x | y));
1167 - }
1168 -
1169 --static inline u64 RORu64(u64 x, u64 y)
1170 --{
1171 -- return (x >> y) | (x << (64 - y));
1172 --}
1173 --
1174 - static const u64 sha512_K[80] = {
1175 - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
1176 - 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
1177 -@@ -66,10 +61,10 @@ static const u64 sha512_K[80] = {
1178 - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL,
1179 - };
1180 -
1181 --#define e0(x) (RORu64(x,28) ^ RORu64(x,34) ^ RORu64(x,39))
1182 --#define e1(x) (RORu64(x,14) ^ RORu64(x,18) ^ RORu64(x,41))
1183 --#define s0(x) (RORu64(x, 1) ^ RORu64(x, 8) ^ (x >> 7))
1184 --#define s1(x) (RORu64(x,19) ^ RORu64(x,61) ^ (x >> 6))
1185 -+#define e0(x) (ror64(x,28) ^ ror64(x,34) ^ ror64(x,39))
1186 -+#define e1(x) (ror64(x,14) ^ ror64(x,18) ^ ror64(x,41))
1187 -+#define s0(x) (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7))
1188 -+#define s1(x) (ror64(x,19) ^ ror64(x,61) ^ (x >> 6))
1189 -
1190 - static inline void LOAD_OP(int I, u64 *W, const u8 *input)
1191 - {
1192 -@@ -78,7 +73,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input)
1193 -
1194 - static inline void BLEND_OP(int I, u64 *W)
1195 - {
1196 -- W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]);
1197 -+ W[I & 15] += s1(W[(I-2) & 15]) + W[(I-7) & 15] + s0(W[(I-15) & 15]);
1198 - }
1199 -
1200 - static void
1201 -@@ -89,46 +84,42 @@ sha512_transform(u64 *state, const u8 *input)
1202 - int i;
1203 - u64 W[16];
1204 -
1205 -- /* load the input */
1206 -- for (i = 0; i < 16; i++)
1207 -- LOAD_OP(i, W, input);
1208 --
1209 - /* load the state into our registers */
1210 - a=state[0]; b=state[1]; c=state[2]; d=state[3];
1211 - e=state[4]; f=state[5]; g=state[6]; h=state[7];
1212 -
1213 --#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \
1214 -- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \
1215 -- t2 = e0(a) + Maj(a, b, c); \
1216 -- d += t1; \
1217 -- h = t1 + t2
1218 --
1219 --#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \
1220 -- BLEND_OP(i, W); \
1221 -- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \
1222 -- t2 = e0(a) + Maj(a, b, c); \
1223 -- d += t1; \
1224 -- h = t1 + t2
1225 --
1226 -- for (i = 0; i < 16; i += 8) {
1227 -- SHA512_0_15(i, a, b, c, d, e, f, g, h);
1228 -- SHA512_0_15(i + 1, h, a, b, c, d, e, f, g);
1229 -- SHA512_0_15(i + 2, g, h, a, b, c, d, e, f);
1230 -- SHA512_0_15(i + 3, f, g, h, a, b, c, d, e);
1231 -- SHA512_0_15(i + 4, e, f, g, h, a, b, c, d);
1232 -- SHA512_0_15(i + 5, d, e, f, g, h, a, b, c);
1233 -- SHA512_0_15(i + 6, c, d, e, f, g, h, a, b);
1234 -- SHA512_0_15(i + 7, b, c, d, e, f, g, h, a);
1235 -- }
1236 -- for (i = 16; i < 80; i += 8) {
1237 -- SHA512_16_79(i, a, b, c, d, e, f, g, h);
1238 -- SHA512_16_79(i + 1, h, a, b, c, d, e, f, g);
1239 -- SHA512_16_79(i + 2, g, h, a, b, c, d, e, f);
1240 -- SHA512_16_79(i + 3, f, g, h, a, b, c, d, e);
1241 -- SHA512_16_79(i + 4, e, f, g, h, a, b, c, d);
1242 -- SHA512_16_79(i + 5, d, e, f, g, h, a, b, c);
1243 -- SHA512_16_79(i + 6, c, d, e, f, g, h, a, b);
1244 -- SHA512_16_79(i + 7, b, c, d, e, f, g, h, a);
1245 -+ /* now iterate */
1246 -+ for (i=0; i<80; i+=8) {
1247 -+ if (!(i & 8)) {
1248 -+ int j;
1249 -+
1250 -+ if (i < 16) {
1251 -+ /* load the input */
1252 -+ for (j = 0; j < 16; j++)
1253 -+ LOAD_OP(i + j, W, input);
1254 -+ } else {
1255 -+ for (j = 0; j < 16; j++) {
1256 -+ BLEND_OP(i + j, W);
1257 -+ }
1258 -+ }
1259 -+ }
1260 -+
1261 -+ t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[(i & 15)];
1262 -+ t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2;
1263 -+ t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1];
1264 -+ t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2;
1265 -+ t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[(i & 15) + 2];
1266 -+ t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2;
1267 -+ t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[(i & 15) + 3];
1268 -+ t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2;
1269 -+ t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[(i & 15) + 4];
1270 -+ t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2;
1271 -+ t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[(i & 15) + 5];
1272 -+ t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2;
1273 -+ t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6];
1274 -+ t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2;
1275 -+ t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[(i & 15) + 7];
1276 -+ t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2;
1277 - }
1278 -
1279 - state[0] += a; state[1] += b; state[2] += c; state[3] += d;
1280 -diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c
1281 -index db3b461..94f860c 100644
1282 ---- a/drivers/gpu/drm/i915/intel_dp.c
1283 -+++ b/drivers/gpu/drm/i915/intel_dp.c
1284 -@@ -208,17 +208,8 @@ intel_dp_link_clock(uint8_t link_bw)
1285 - */
1286 -
1287 - static int
1288 --intel_dp_link_required(struct intel_dp *intel_dp, int pixel_clock, int check_bpp)
1289 -+intel_dp_link_required(int pixel_clock, int bpp)
1290 - {
1291 -- struct drm_crtc *crtc = intel_dp->base.base.crtc;
1292 -- struct intel_crtc *intel_crtc = to_intel_crtc(crtc);
1293 -- int bpp = 24;
1294 --
1295 -- if (check_bpp)
1296 -- bpp = check_bpp;
1297 -- else if (intel_crtc)
1298 -- bpp = intel_crtc->bpp;
1299 --
1300 - return (pixel_clock * bpp + 9) / 10;
1301 - }
1302 -
1303 -@@ -245,12 +236,11 @@ intel_dp_mode_valid(struct drm_connector *connector,
1304 - return MODE_PANEL;
1305 - }
1306 -
1307 -- mode_rate = intel_dp_link_required(intel_dp, mode->clock, 0);
1308 -+ mode_rate = intel_dp_link_required(mode->clock, 24);
1309 - max_rate = intel_dp_max_data_rate(max_link_clock, max_lanes);
1310 -
1311 - if (mode_rate > max_rate) {
1312 -- mode_rate = intel_dp_link_required(intel_dp,
1313 -- mode->clock, 18);
1314 -+ mode_rate = intel_dp_link_required(mode->clock, 18);
1315 - if (mode_rate > max_rate)
1316 - return MODE_CLOCK_HIGH;
1317 - else
1318 -@@ -683,7 +673,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode,
1319 - int lane_count, clock;
1320 - int max_lane_count = intel_dp_max_lane_count(intel_dp);
1321 - int max_clock = intel_dp_max_link_bw(intel_dp) == DP_LINK_BW_2_7 ? 1 : 0;
1322 -- int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 0;
1323 -+ int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 24;
1324 - static int bws[2] = { DP_LINK_BW_1_62, DP_LINK_BW_2_7 };
1325 -
1326 - if (is_edp(intel_dp) && intel_dp->panel_fixed_mode) {
1327 -@@ -701,7 +691,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode,
1328 - for (clock = 0; clock <= max_clock; clock++) {
1329 - int link_avail = intel_dp_max_data_rate(intel_dp_link_clock(bws[clock]), lane_count);
1330 -
1331 -- if (intel_dp_link_required(intel_dp, mode->clock, bpp)
1332 -+ if (intel_dp_link_required(mode->clock, bpp)
1333 - <= link_avail) {
1334 - intel_dp->link_bw = bws[clock];
1335 - intel_dp->lane_count = lane_count;
1336 -diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c
1337 -index e441911..b83f745 100644
1338 ---- a/drivers/gpu/drm/i915/intel_lvds.c
1339 -+++ b/drivers/gpu/drm/i915/intel_lvds.c
1340 -@@ -694,6 +694,14 @@ static const struct dmi_system_id intel_no_lvds[] = {
1341 - },
1342 - {
1343 - .callback = intel_no_lvds_dmi_callback,
1344 -+ .ident = "AOpen i45GMx-I",
1345 -+ .matches = {
1346 -+ DMI_MATCH(DMI_BOARD_VENDOR, "AOpen"),
1347 -+ DMI_MATCH(DMI_BOARD_NAME, "i45GMx-I"),
1348 -+ },
1349 -+ },
1350 -+ {
1351 -+ .callback = intel_no_lvds_dmi_callback,
1352 - .ident = "Aopen i945GTt-VFA",
1353 - .matches = {
1354 - DMI_MATCH(DMI_PRODUCT_VERSION, "AO00001JW"),
1355 -diff --git a/drivers/hwmon/f75375s.c b/drivers/hwmon/f75375s.c
1356 -index 95cbfb3..e4ab491 100644
1357 ---- a/drivers/hwmon/f75375s.c
1358 -+++ b/drivers/hwmon/f75375s.c
1359 -@@ -159,7 +159,7 @@ static inline void f75375_write8(struct i2c_client *client, u8 reg,
1360 - static inline void f75375_write16(struct i2c_client *client, u8 reg,
1361 - u16 value)
1362 - {
1363 -- int err = i2c_smbus_write_byte_data(client, reg, (value << 8));
1364 -+ int err = i2c_smbus_write_byte_data(client, reg, (value >> 8));
1365 - if (err)
1366 - return;
1367 - i2c_smbus_write_byte_data(client, reg + 1, (value & 0xFF));
1368 -@@ -311,7 +311,7 @@ static int set_pwm_enable_direct(struct i2c_client *client, int nr, int val)
1369 - fanmode |= (3 << FAN_CTRL_MODE(nr));
1370 - break;
1371 - case 2: /* AUTOMATIC*/
1372 -- fanmode |= (2 << FAN_CTRL_MODE(nr));
1373 -+ fanmode |= (1 << FAN_CTRL_MODE(nr));
1374 - break;
1375 - case 3: /* fan speed */
1376 - break;
1377 -diff --git a/drivers/mmc/host/atmel-mci.c b/drivers/mmc/host/atmel-mci.c
1378 -index a7ee502..72bc756 100644
1379 ---- a/drivers/mmc/host/atmel-mci.c
1380 -+++ b/drivers/mmc/host/atmel-mci.c
1381 -@@ -965,11 +965,14 @@ static void atmci_start_request(struct atmel_mci *host,
1382 - host->data_status = 0;
1383 -
1384 - if (host->need_reset) {
1385 -+ iflags = atmci_readl(host, ATMCI_IMR);
1386 -+ iflags &= (ATMCI_SDIOIRQA | ATMCI_SDIOIRQB);
1387 - atmci_writel(host, ATMCI_CR, ATMCI_CR_SWRST);
1388 - atmci_writel(host, ATMCI_CR, ATMCI_CR_MCIEN);
1389 - atmci_writel(host, ATMCI_MR, host->mode_reg);
1390 - if (host->caps.has_cfg_reg)
1391 - atmci_writel(host, ATMCI_CFG, host->cfg_reg);
1392 -+ atmci_writel(host, ATMCI_IER, iflags);
1393 - host->need_reset = false;
1394 - }
1395 - atmci_writel(host, ATMCI_SDCR, slot->sdc_reg);
1396 -diff --git a/drivers/mmc/host/dw_mmc.c b/drivers/mmc/host/dw_mmc.c
1397 -index 3aaeb08..baf3d42 100644
1398 ---- a/drivers/mmc/host/dw_mmc.c
1399 -+++ b/drivers/mmc/host/dw_mmc.c
1400 -@@ -22,7 +22,6 @@
1401 - #include <linux/ioport.h>
1402 - #include <linux/module.h>
1403 - #include <linux/platform_device.h>
1404 --#include <linux/scatterlist.h>
1405 - #include <linux/seq_file.h>
1406 - #include <linux/slab.h>
1407 - #include <linux/stat.h>
1408 -@@ -502,8 +501,14 @@ static void dw_mci_submit_data(struct dw_mci *host, struct mmc_data *data)
1409 - host->dir_status = DW_MCI_SEND_STATUS;
1410 -
1411 - if (dw_mci_submit_data_dma(host, data)) {
1412 -+ int flags = SG_MITER_ATOMIC;
1413 -+ if (host->data->flags & MMC_DATA_READ)
1414 -+ flags |= SG_MITER_TO_SG;
1415 -+ else
1416 -+ flags |= SG_MITER_FROM_SG;
1417 -+
1418 -+ sg_miter_start(&host->sg_miter, data->sg, data->sg_len, flags);
1419 - host->sg = data->sg;
1420 -- host->pio_offset = 0;
1421 - host->part_buf_start = 0;
1422 - host->part_buf_count = 0;
1423 -
1424 -@@ -953,6 +958,7 @@ static void dw_mci_tasklet_func(unsigned long priv)
1425 - * generates a block interrupt, hence setting
1426 - * the scatter-gather pointer to NULL.
1427 - */
1428 -+ sg_miter_stop(&host->sg_miter);
1429 - host->sg = NULL;
1430 - ctrl = mci_readl(host, CTRL);
1431 - ctrl |= SDMMC_CTRL_FIFO_RESET;
1432 -@@ -1286,54 +1292,44 @@ static void dw_mci_pull_data(struct dw_mci *host, void *buf, int cnt)
1433 -
1434 - static void dw_mci_read_data_pio(struct dw_mci *host)
1435 - {
1436 -- struct scatterlist *sg = host->sg;
1437 -- void *buf = sg_virt(sg);
1438 -- unsigned int offset = host->pio_offset;
1439 -+ struct sg_mapping_iter *sg_miter = &host->sg_miter;
1440 -+ void *buf;
1441 -+ unsigned int offset;
1442 - struct mmc_data *data = host->data;
1443 - int shift = host->data_shift;
1444 - u32 status;
1445 - unsigned int nbytes = 0, len;
1446 -+ unsigned int remain, fcnt;
1447 -
1448 - do {
1449 -- len = host->part_buf_count +
1450 -- (SDMMC_GET_FCNT(mci_readl(host, STATUS)) << shift);
1451 -- if (offset + len <= sg->length) {
1452 -+ if (!sg_miter_next(sg_miter))
1453 -+ goto done;
1454 -+
1455 -+ host->sg = sg_miter->__sg;
1456 -+ buf = sg_miter->addr;
1457 -+ remain = sg_miter->length;
1458 -+ offset = 0;
1459 -+
1460 -+ do {
1461 -+ fcnt = (SDMMC_GET_FCNT(mci_readl(host, STATUS))
1462 -+ << shift) + host->part_buf_count;
1463 -+ len = min(remain, fcnt);
1464 -+ if (!len)
1465 -+ break;
1466 - dw_mci_pull_data(host, (void *)(buf + offset), len);
1467 --
1468 - offset += len;
1469 - nbytes += len;
1470 --
1471 -- if (offset == sg->length) {
1472 -- flush_dcache_page(sg_page(sg));
1473 -- host->sg = sg = sg_next(sg);
1474 -- if (!sg)
1475 -- goto done;
1476 --
1477 -- offset = 0;
1478 -- buf = sg_virt(sg);
1479 -- }
1480 -- } else {
1481 -- unsigned int remaining = sg->length - offset;
1482 -- dw_mci_pull_data(host, (void *)(buf + offset),
1483 -- remaining);
1484 -- nbytes += remaining;
1485 --
1486 -- flush_dcache_page(sg_page(sg));
1487 -- host->sg = sg = sg_next(sg);
1488 -- if (!sg)
1489 -- goto done;
1490 --
1491 -- offset = len - remaining;
1492 -- buf = sg_virt(sg);
1493 -- dw_mci_pull_data(host, buf, offset);
1494 -- nbytes += offset;
1495 -- }
1496 -+ remain -= len;
1497 -+ } while (remain);
1498 -+ sg_miter->consumed = offset;
1499 -
1500 - status = mci_readl(host, MINTSTS);
1501 - mci_writel(host, RINTSTS, SDMMC_INT_RXDR);
1502 - if (status & DW_MCI_DATA_ERROR_FLAGS) {
1503 - host->data_status = status;
1504 - data->bytes_xfered += nbytes;
1505 -+ sg_miter_stop(sg_miter);
1506 -+ host->sg = NULL;
1507 - smp_wmb();
1508 -
1509 - set_bit(EVENT_DATA_ERROR, &host->pending_events);
1510 -@@ -1342,65 +1338,66 @@ static void dw_mci_read_data_pio(struct dw_mci *host)
1511 - return;
1512 - }
1513 - } while (status & SDMMC_INT_RXDR); /*if the RXDR is ready read again*/
1514 -- host->pio_offset = offset;
1515 - data->bytes_xfered += nbytes;
1516 -+
1517 -+ if (!remain) {
1518 -+ if (!sg_miter_next(sg_miter))
1519 -+ goto done;
1520 -+ sg_miter->consumed = 0;
1521 -+ }
1522 -+ sg_miter_stop(sg_miter);
1523 - return;
1524 -
1525 - done:
1526 - data->bytes_xfered += nbytes;
1527 -+ sg_miter_stop(sg_miter);
1528 -+ host->sg = NULL;
1529 - smp_wmb();
1530 - set_bit(EVENT_XFER_COMPLETE, &host->pending_events);
1531 - }
1532 -
1533 - static void dw_mci_write_data_pio(struct dw_mci *host)
1534 - {
1535 -- struct scatterlist *sg = host->sg;
1536 -- void *buf = sg_virt(sg);
1537 -- unsigned int offset = host->pio_offset;
1538 -+ struct sg_mapping_iter *sg_miter = &host->sg_miter;
1539 -+ void *buf;
1540 -+ unsigned int offset;
1541 - struct mmc_data *data = host->data;
1542 - int shift = host->data_shift;
1543 - u32 status;
1544 - unsigned int nbytes = 0, len;
1545 -+ unsigned int fifo_depth = host->fifo_depth;
1546 -+ unsigned int remain, fcnt;
1547 -
1548 - do {
1549 -- len = ((host->fifo_depth -
1550 -- SDMMC_GET_FCNT(mci_readl(host, STATUS))) << shift)
1551 -- - host->part_buf_count;
1552 -- if (offset + len <= sg->length) {
1553 -+ if (!sg_miter_next(sg_miter))
1554 -+ goto done;
1555 -+
1556 -+ host->sg = sg_miter->__sg;
1557 -+ buf = sg_miter->addr;
1558 -+ remain = sg_miter->length;
1559 -+ offset = 0;
1560 -+
1561 -+ do {
1562 -+ fcnt = ((fifo_depth -
1563 -+ SDMMC_GET_FCNT(mci_readl(host, STATUS)))
1564 -+ << shift) - host->part_buf_count;
1565 -+ len = min(remain, fcnt);
1566 -+ if (!len)
1567 -+ break;
1568 - host->push_data(host, (void *)(buf + offset), len);
1569 --
1570 - offset += len;
1571 - nbytes += len;
1572 -- if (offset == sg->length) {
1573 -- host->sg = sg = sg_next(sg);
1574 -- if (!sg)
1575 -- goto done;
1576 --
1577 -- offset = 0;
1578 -- buf = sg_virt(sg);
1579 -- }
1580 -- } else {
1581 -- unsigned int remaining = sg->length - offset;
1582 --
1583 -- host->push_data(host, (void *)(buf + offset),
1584 -- remaining);
1585 -- nbytes += remaining;
1586 --
1587 -- host->sg = sg = sg_next(sg);
1588 -- if (!sg)
1589 -- goto done;
1590 --
1591 -- offset = len - remaining;
1592 -- buf = sg_virt(sg);
1593 -- host->push_data(host, (void *)buf, offset);
1594 -- nbytes += offset;
1595 -- }
1596 -+ remain -= len;
1597 -+ } while (remain);
1598 -+ sg_miter->consumed = offset;
1599 -
1600 - status = mci_readl(host, MINTSTS);
1601 - mci_writel(host, RINTSTS, SDMMC_INT_TXDR);
1602 - if (status & DW_MCI_DATA_ERROR_FLAGS) {
1603 - host->data_status = status;
1604 - data->bytes_xfered += nbytes;
1605 -+ sg_miter_stop(sg_miter);
1606 -+ host->sg = NULL;
1607 -
1608 - smp_wmb();
1609 -
1610 -@@ -1410,12 +1407,20 @@ static void dw_mci_write_data_pio(struct dw_mci *host)
1611 - return;
1612 - }
1613 - } while (status & SDMMC_INT_TXDR); /* if TXDR write again */
1614 -- host->pio_offset = offset;
1615 - data->bytes_xfered += nbytes;
1616 -+
1617 -+ if (!remain) {
1618 -+ if (!sg_miter_next(sg_miter))
1619 -+ goto done;
1620 -+ sg_miter->consumed = 0;
1621 -+ }
1622 -+ sg_miter_stop(sg_miter);
1623 - return;
1624 -
1625 - done:
1626 - data->bytes_xfered += nbytes;
1627 -+ sg_miter_stop(sg_miter);
1628 -+ host->sg = NULL;
1629 - smp_wmb();
1630 - set_bit(EVENT_XFER_COMPLETE, &host->pending_events);
1631 - }
1632 -@@ -1618,6 +1623,7 @@ static void dw_mci_work_routine_card(struct work_struct *work)
1633 - * block interrupt, hence setting the
1634 - * scatter-gather pointer to NULL.
1635 - */
1636 -+ sg_miter_stop(&host->sg_miter);
1637 - host->sg = NULL;
1638 -
1639 - ctrl = mci_readl(host, CTRL);
1640 -diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
1641 -index ced5444..222954d 100644
1642 ---- a/drivers/net/ethernet/intel/igb/igb_main.c
1643 -+++ b/drivers/net/ethernet/intel/igb/igb_main.c
1644 -@@ -4965,7 +4965,8 @@ static int igb_find_enabled_vfs(struct igb_adapter *adapter)
1645 - vf_devfn = pdev->devfn + 0x80;
1646 - pvfdev = pci_get_device(hw->vendor_id, device_id, NULL);
1647 - while (pvfdev) {
1648 -- if (pvfdev->devfn == vf_devfn)
1649 -+ if (pvfdev->devfn == vf_devfn &&
1650 -+ (pvfdev->bus->number >= pdev->bus->number))
1651 - vfs_found++;
1652 - vf_devfn += vf_stride;
1653 - pvfdev = pci_get_device(hw->vendor_id,
1654 -diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
1655 -index 00fcd39..e571356 100644
1656 ---- a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
1657 -+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
1658 -@@ -67,7 +67,8 @@ static int ixgbe_find_enabled_vfs(struct ixgbe_adapter *adapter)
1659 - vf_devfn = pdev->devfn + 0x80;
1660 - pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID, device_id, NULL);
1661 - while (pvfdev) {
1662 -- if (pvfdev->devfn == vf_devfn)
1663 -+ if (pvfdev->devfn == vf_devfn &&
1664 -+ (pvfdev->bus->number >= pdev->bus->number))
1665 - vfs_found++;
1666 - vf_devfn += 2;
1667 - pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID,
1668 -diff --git a/drivers/net/ethernet/toshiba/Kconfig b/drivers/net/ethernet/toshiba/Kconfig
1669 -index 0517647..74acb5c 100644
1670 ---- a/drivers/net/ethernet/toshiba/Kconfig
1671 -+++ b/drivers/net/ethernet/toshiba/Kconfig
1672 -@@ -5,7 +5,7 @@
1673 - config NET_VENDOR_TOSHIBA
1674 - bool "Toshiba devices"
1675 - default y
1676 -- depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB) || PPC_PS3
1677 -+ depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB || MIPS) || PPC_PS3
1678 - ---help---
1679 - If you have a network (Ethernet) card belonging to this class, say Y
1680 - and read the Ethernet-HOWTO, available from
1681 -diff --git a/drivers/net/wireless/ath/ath9k/hw.c b/drivers/net/wireless/ath/ath9k/hw.c
1682 -index 8873c6e..8b0c2ca 100644
1683 ---- a/drivers/net/wireless/ath/ath9k/hw.c
1684 -+++ b/drivers/net/wireless/ath/ath9k/hw.c
1685 -@@ -1034,13 +1034,16 @@ void ath9k_hw_init_global_settings(struct ath_hw *ah)
1686 -
1687 - /*
1688 - * Workaround for early ACK timeouts, add an offset to match the
1689 -- * initval's 64us ack timeout value.
1690 -+ * initval's 64us ack timeout value. Use 48us for the CTS timeout.
1691 - * This was initially only meant to work around an issue with delayed
1692 - * BA frames in some implementations, but it has been found to fix ACK
1693 - * timeout issues in other cases as well.
1694 - */
1695 -- if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ)
1696 -+ if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ) {
1697 - acktimeout += 64 - sifstime - ah->slottime;
1698 -+ ctstimeout += 48 - sifstime - ah->slottime;
1699 -+ }
1700 -+
1701 -
1702 - ath9k_hw_set_sifs_time(ah, sifstime);
1703 - ath9k_hw_setslottime(ah, slottime);
1704 -diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c
1705 -index d4c909f..57622e0 100644
1706 ---- a/drivers/net/wireless/ath/ath9k/init.c
1707 -+++ b/drivers/net/wireless/ath/ath9k/init.c
1708 -@@ -775,6 +775,11 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
1709 - ARRAY_SIZE(ath9k_tpt_blink));
1710 - #endif
1711 -
1712 -+ INIT_WORK(&sc->hw_reset_work, ath_reset_work);
1713 -+ INIT_WORK(&sc->hw_check_work, ath_hw_check);
1714 -+ INIT_WORK(&sc->paprd_work, ath_paprd_calibrate);
1715 -+ INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work);
1716 -+
1717 - /* Register with mac80211 */
1718 - error = ieee80211_register_hw(hw);
1719 - if (error)
1720 -@@ -793,10 +798,6 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
1721 - goto error_world;
1722 - }
1723 -
1724 -- INIT_WORK(&sc->hw_reset_work, ath_reset_work);
1725 -- INIT_WORK(&sc->hw_check_work, ath_hw_check);
1726 -- INIT_WORK(&sc->paprd_work, ath_paprd_calibrate);
1727 -- INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work);
1728 - sc->last_rssi = ATH_RSSI_DUMMY_MARKER;
1729 -
1730 - ath_init_leds(sc);
1731 -diff --git a/drivers/net/wireless/ath/ath9k/recv.c b/drivers/net/wireless/ath/ath9k/recv.c
1732 -index 67b862c..2f3aeac 100644
1733 ---- a/drivers/net/wireless/ath/ath9k/recv.c
1734 -+++ b/drivers/net/wireless/ath/ath9k/recv.c
1735 -@@ -824,6 +824,14 @@ static bool ath9k_rx_accept(struct ath_common *common,
1736 - (ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC |
1737 - ATH9K_RXERR_KEYMISS));
1738 -
1739 -+ /*
1740 -+ * Key miss events are only relevant for pairwise keys where the
1741 -+ * descriptor does contain a valid key index. This has been observed
1742 -+ * mostly with CCMP encryption.
1743 -+ */
1744 -+ if (rx_stats->rs_keyix == ATH9K_RXKEYIX_INVALID)
1745 -+ rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS;
1746 -+
1747 - if (!rx_stats->rs_datalen)
1748 - return false;
1749 - /*
1750 -diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
1751 -index 63e4be4..720edf5 100644
1752 ---- a/fs/cifs/connect.c
1753 -+++ b/fs/cifs/connect.c
1754 -@@ -756,10 +756,11 @@ standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
1755 - cifs_dump_mem("Bad SMB: ", buf,
1756 - min_t(unsigned int, server->total_read, 48));
1757 -
1758 -- if (mid)
1759 -- handle_mid(mid, server, smb_buffer, length);
1760 -+ if (!mid)
1761 -+ return length;
1762 -
1763 -- return length;
1764 -+ handle_mid(mid, server, smb_buffer, length);
1765 -+ return 0;
1766 - }
1767 -
1768 - static int
1769 -diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
1770 -index d7eeb9d..e4c3334 100644
1771 ---- a/fs/cifs/dir.c
1772 -+++ b/fs/cifs/dir.c
1773 -@@ -492,7 +492,7 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
1774 - {
1775 - int xid;
1776 - int rc = 0; /* to get around spurious gcc warning, set to zero here */
1777 -- __u32 oplock = 0;
1778 -+ __u32 oplock = enable_oplocks ? REQ_OPLOCK : 0;
1779 - __u16 fileHandle = 0;
1780 - bool posix_open = false;
1781 - struct cifs_sb_info *cifs_sb;
1782 -diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c
1783 -index 517f211..54f5786 100644
1784 ---- a/fs/fs-writeback.c
1785 -+++ b/fs/fs-writeback.c
1786 -@@ -48,14 +48,6 @@ struct wb_writeback_work {
1787 - };
1788 -
1789 - /*
1790 -- * Include the creation of the trace points after defining the
1791 -- * wb_writeback_work structure so that the definition remains local to this
1792 -- * file.
1793 -- */
1794 --#define CREATE_TRACE_POINTS
1795 --#include <trace/events/writeback.h>
1796 --
1797 --/*
1798 - * We don't actually have pdflush, but this one is exported though /proc...
1799 - */
1800 - int nr_pdflush_threads;
1801 -@@ -87,6 +79,14 @@ static inline struct inode *wb_inode(struct list_head *head)
1802 - return list_entry(head, struct inode, i_wb_list);
1803 - }
1804 -
1805 -+/*
1806 -+ * Include the creation of the trace points after defining the
1807 -+ * wb_writeback_work structure and inline functions so that the definition
1808 -+ * remains local to this file.
1809 -+ */
1810 -+#define CREATE_TRACE_POINTS
1811 -+#include <trace/events/writeback.h>
1812 -+
1813 - /* Wakeup flusher thread or forker thread to fork it. Requires bdi->wb_lock. */
1814 - static void bdi_wakeup_flusher(struct backing_dev_info *bdi)
1815 - {
1816 -diff --git a/include/linux/bitops.h b/include/linux/bitops.h
1817 -index a3ef66a..fc8a3ff 100644
1818 ---- a/include/linux/bitops.h
1819 -+++ b/include/linux/bitops.h
1820 -@@ -50,6 +50,26 @@ static inline unsigned long hweight_long(unsigned long w)
1821 - }
1822 -
1823 - /**
1824 -+ * rol64 - rotate a 64-bit value left
1825 -+ * @word: value to rotate
1826 -+ * @shift: bits to roll
1827 -+ */
1828 -+static inline __u64 rol64(__u64 word, unsigned int shift)
1829 -+{
1830 -+ return (word << shift) | (word >> (64 - shift));
1831 -+}
1832 -+
1833 -+/**
1834 -+ * ror64 - rotate a 64-bit value right
1835 -+ * @word: value to rotate
1836 -+ * @shift: bits to roll
1837 -+ */
1838 -+static inline __u64 ror64(__u64 word, unsigned int shift)
1839 -+{
1840 -+ return (word >> shift) | (word << (64 - shift));
1841 -+}
1842 -+
1843 -+/**
1844 - * rol32 - rotate a 32-bit value left
1845 - * @word: value to rotate
1846 - * @shift: bits to roll
1847 -diff --git a/include/linux/mmc/dw_mmc.h b/include/linux/mmc/dw_mmc.h
1848 -index 6dc9b80..107fcb3 100644
1849 ---- a/include/linux/mmc/dw_mmc.h
1850 -+++ b/include/linux/mmc/dw_mmc.h
1851 -@@ -14,6 +14,8 @@
1852 - #ifndef LINUX_MMC_DW_MMC_H
1853 - #define LINUX_MMC_DW_MMC_H
1854 -
1855 -+#include <linux/scatterlist.h>
1856 -+
1857 - #define MAX_MCI_SLOTS 2
1858 -
1859 - enum dw_mci_state {
1860 -@@ -40,7 +42,7 @@ struct mmc_data;
1861 - * @lock: Spinlock protecting the queue and associated data.
1862 - * @regs: Pointer to MMIO registers.
1863 - * @sg: Scatterlist entry currently being processed by PIO code, if any.
1864 -- * @pio_offset: Offset into the current scatterlist entry.
1865 -+ * @sg_miter: PIO mapping scatterlist iterator.
1866 - * @cur_slot: The slot which is currently using the controller.
1867 - * @mrq: The request currently being processed on @cur_slot,
1868 - * or NULL if the controller is idle.
1869 -@@ -115,7 +117,7 @@ struct dw_mci {
1870 - void __iomem *regs;
1871 -
1872 - struct scatterlist *sg;
1873 -- unsigned int pio_offset;
1874 -+ struct sg_mapping_iter sg_miter;
1875 -
1876 - struct dw_mci_slot *cur_slot;
1877 - struct mmc_request *mrq;
1878 -diff --git a/include/linux/proportions.h b/include/linux/proportions.h
1879 -index ef35bb7..26a8a4e 100644
1880 ---- a/include/linux/proportions.h
1881 -+++ b/include/linux/proportions.h
1882 -@@ -81,7 +81,11 @@ void prop_inc_percpu(struct prop_descriptor *pd, struct prop_local_percpu *pl)
1883 - * Limit the time part in order to ensure there are some bits left for the
1884 - * cycle counter and fraction multiply.
1885 - */
1886 -+#if BITS_PER_LONG == 32
1887 - #define PROP_MAX_SHIFT (3*BITS_PER_LONG/4)
1888 -+#else
1889 -+#define PROP_MAX_SHIFT (BITS_PER_LONG/2)
1890 -+#endif
1891 -
1892 - #define PROP_FRAC_SHIFT (BITS_PER_LONG - PROP_MAX_SHIFT - 1)
1893 - #define PROP_FRAC_BASE (1UL << PROP_FRAC_SHIFT)
1894 -diff --git a/include/trace/events/writeback.h b/include/trace/events/writeback.h
1895 -index 99d1d0d..1f48f14 100644
1896 ---- a/include/trace/events/writeback.h
1897 -+++ b/include/trace/events/writeback.h
1898 -@@ -47,7 +47,10 @@ DECLARE_EVENT_CLASS(writeback_work_class,
1899 - __field(int, reason)
1900 - ),
1901 - TP_fast_assign(
1902 -- strncpy(__entry->name, dev_name(bdi->dev), 32);
1903 -+ struct device *dev = bdi->dev;
1904 -+ if (!dev)
1905 -+ dev = default_backing_dev_info.dev;
1906 -+ strncpy(__entry->name, dev_name(dev), 32);
1907 - __entry->nr_pages = work->nr_pages;
1908 - __entry->sb_dev = work->sb ? work->sb->s_dev : 0;
1909 - __entry->sync_mode = work->sync_mode;
1910 -@@ -418,7 +421,7 @@ DECLARE_EVENT_CLASS(writeback_single_inode_template,
1911 -
1912 - TP_fast_assign(
1913 - strncpy(__entry->name,
1914 -- dev_name(inode->i_mapping->backing_dev_info->dev), 32);
1915 -+ dev_name(inode_to_bdi(inode)->dev), 32);
1916 - __entry->ino = inode->i_ino;
1917 - __entry->state = inode->i_state;
1918 - __entry->dirtied_when = inode->dirtied_when;
1919 -diff --git a/kernel/relay.c b/kernel/relay.c
1920 -index 226fade..b6f803a 100644
1921 ---- a/kernel/relay.c
1922 -+++ b/kernel/relay.c
1923 -@@ -164,10 +164,14 @@ depopulate:
1924 - */
1925 - static struct rchan_buf *relay_create_buf(struct rchan *chan)
1926 - {
1927 -- struct rchan_buf *buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
1928 -- if (!buf)
1929 -+ struct rchan_buf *buf;
1930 -+
1931 -+ if (chan->n_subbufs > UINT_MAX / sizeof(size_t *))
1932 - return NULL;
1933 -
1934 -+ buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
1935 -+ if (!buf)
1936 -+ return NULL;
1937 - buf->padding = kmalloc(chan->n_subbufs * sizeof(size_t *), GFP_KERNEL);
1938 - if (!buf->padding)
1939 - goto free_buf;
1940 -@@ -574,6 +578,8 @@ struct rchan *relay_open(const char *base_filename,
1941 -
1942 - if (!(subbuf_size && n_subbufs))
1943 - return NULL;
1944 -+ if (subbuf_size > UINT_MAX / n_subbufs)
1945 -+ return NULL;
1946 -
1947 - chan = kzalloc(sizeof(struct rchan), GFP_KERNEL);
1948 - if (!chan)
1949 -diff --git a/mm/backing-dev.c b/mm/backing-dev.c
1950 -index 71034f4..2b49dd2 100644
1951 ---- a/mm/backing-dev.c
1952 -+++ b/mm/backing-dev.c
1953 -@@ -318,7 +318,7 @@ static void wakeup_timer_fn(unsigned long data)
1954 - if (bdi->wb.task) {
1955 - trace_writeback_wake_thread(bdi);
1956 - wake_up_process(bdi->wb.task);
1957 -- } else {
1958 -+ } else if (bdi->dev) {
1959 - /*
1960 - * When bdi tasks are inactive for long time, they are killed.
1961 - * In this case we have to wake-up the forker thread which
1962 -@@ -584,6 +584,8 @@ EXPORT_SYMBOL(bdi_register_dev);
1963 - */
1964 - static void bdi_wb_shutdown(struct backing_dev_info *bdi)
1965 - {
1966 -+ struct task_struct *task;
1967 -+
1968 - if (!bdi_cap_writeback_dirty(bdi))
1969 - return;
1970 -
1971 -@@ -604,9 +606,14 @@ static void bdi_wb_shutdown(struct backing_dev_info *bdi)
1972 - * unfreeze of the thread before calling kthread_stop(), otherwise
1973 - * it would never exet if it is currently stuck in the refrigerator.
1974 - */
1975 -- if (bdi->wb.task) {
1976 -- thaw_process(bdi->wb.task);
1977 -- kthread_stop(bdi->wb.task);
1978 -+ spin_lock_bh(&bdi->wb_lock);
1979 -+ task = bdi->wb.task;
1980 -+ bdi->wb.task = NULL;
1981 -+ spin_unlock_bh(&bdi->wb_lock);
1982 -+
1983 -+ if (task) {
1984 -+ thaw_process(task);
1985 -+ kthread_stop(task);
1986 - }
1987 - }
1988 -
1989 -@@ -627,7 +634,9 @@ static void bdi_prune_sb(struct backing_dev_info *bdi)
1990 -
1991 - void bdi_unregister(struct backing_dev_info *bdi)
1992 - {
1993 -- if (bdi->dev) {
1994 -+ struct device *dev = bdi->dev;
1995 -+
1996 -+ if (dev) {
1997 - bdi_set_min_ratio(bdi, 0);
1998 - trace_writeback_bdi_unregister(bdi);
1999 - bdi_prune_sb(bdi);
2000 -@@ -636,8 +645,12 @@ void bdi_unregister(struct backing_dev_info *bdi)
2001 - if (!bdi_cap_flush_forker(bdi))
2002 - bdi_wb_shutdown(bdi);
2003 - bdi_debug_unregister(bdi);
2004 -- device_unregister(bdi->dev);
2005 -+
2006 -+ spin_lock_bh(&bdi->wb_lock);
2007 - bdi->dev = NULL;
2008 -+ spin_unlock_bh(&bdi->wb_lock);
2009 -+
2010 -+ device_unregister(dev);
2011 - }
2012 - }
2013 - EXPORT_SYMBOL(bdi_unregister);
2014 -diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
2015 -index 5c51607..064d20f 100644
2016 ---- a/net/mac80211/rx.c
2017 -+++ b/net/mac80211/rx.c
2018 -@@ -616,7 +616,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
2019 - index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) %
2020 - tid_agg_rx->buf_size;
2021 - if (!tid_agg_rx->reorder_buf[index] &&
2022 -- tid_agg_rx->stored_mpdu_num > 1) {
2023 -+ tid_agg_rx->stored_mpdu_num) {
2024 - /*
2025 - * No buffers ready to be released, but check whether any
2026 - * frames in the reorder buffer have timed out.
2027 -diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c
2028 -index 34e5fcc..9c197d4 100644
2029 ---- a/sound/pci/hda/patch_realtek.c
2030 -+++ b/sound/pci/hda/patch_realtek.c
2031 -@@ -4213,8 +4213,26 @@ enum {
2032 - PINFIX_PB_M5210,
2033 - PINFIX_ACER_ASPIRE_7736,
2034 - PINFIX_ASUS_W90V,
2035 -+ ALC889_FIXUP_DAC_ROUTE,
2036 - };
2037 -
2038 -+/* Fix the connection of some pins for ALC889:
2039 -+ * At least, Acer Aspire 5935 shows the connections to DAC3/4 don't
2040 -+ * work correctly (bko#42740)
2041 -+ */
2042 -+static void alc889_fixup_dac_route(struct hda_codec *codec,
2043 -+ const struct alc_fixup *fix, int action)
2044 -+{
2045 -+ if (action == ALC_FIXUP_ACT_PRE_PROBE) {
2046 -+ hda_nid_t conn1[2] = { 0x0c, 0x0d };
2047 -+ hda_nid_t conn2[2] = { 0x0e, 0x0f };
2048 -+ snd_hda_override_conn_list(codec, 0x14, 2, conn1);
2049 -+ snd_hda_override_conn_list(codec, 0x15, 2, conn1);
2050 -+ snd_hda_override_conn_list(codec, 0x18, 2, conn2);
2051 -+ snd_hda_override_conn_list(codec, 0x1a, 2, conn2);
2052 -+ }
2053 -+}
2054 -+
2055 - static const struct alc_fixup alc882_fixups[] = {
2056 - [PINFIX_ABIT_AW9D_MAX] = {
2057 - .type = ALC_FIXUP_PINS,
2058 -@@ -4251,10 +4269,15 @@ static const struct alc_fixup alc882_fixups[] = {
2059 - { }
2060 - }
2061 - },
2062 -+ [ALC889_FIXUP_DAC_ROUTE] = {
2063 -+ .type = ALC_FIXUP_FUNC,
2064 -+ .v.func = alc889_fixup_dac_route,
2065 -+ },
2066 - };
2067 -
2068 - static const struct snd_pci_quirk alc882_fixup_tbl[] = {
2069 - SND_PCI_QUIRK(0x1025, 0x0155, "Packard-Bell M5120", PINFIX_PB_M5210),
2070 -+ SND_PCI_QUIRK(0x1025, 0x0259, "Acer Aspire 5935", ALC889_FIXUP_DAC_ROUTE),
2071 - SND_PCI_QUIRK(0x1043, 0x1873, "ASUS W90V", PINFIX_ASUS_W90V),
2072 - SND_PCI_QUIRK(0x17aa, 0x3a0d, "Lenovo Y530", PINFIX_LENOVO_Y530),
2073 - SND_PCI_QUIRK(0x147b, 0x107a, "Abit AW9D-MAX", PINFIX_ABIT_AW9D_MAX),
2074 -diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c
2075 -index a0a3f50..1fe1308 100644
2076 ---- a/sound/pci/hda/patch_via.c
2077 -+++ b/sound/pci/hda/patch_via.c
2078 -@@ -665,6 +665,9 @@ static void via_auto_init_analog_input(struct hda_codec *codec)
2079 - /* init input-src */
2080 - for (i = 0; i < spec->num_adc_nids; i++) {
2081 - int adc_idx = spec->inputs[spec->cur_mux[i]].adc_idx;
2082 -+ /* secondary ADCs must have the unique MUX */
2083 -+ if (i > 0 && !spec->mux_nids[i])
2084 -+ break;
2085 - if (spec->mux_nids[adc_idx]) {
2086 - int mux_idx = spec->inputs[spec->cur_mux[i]].mux_idx;
2087 - snd_hda_codec_write(codec, spec->mux_nids[adc_idx], 0,
2088 -diff --git a/sound/pci/intel8x0.c b/sound/pci/intel8x0.c
2089 -index 11718b49..55f48fb 100644
2090 ---- a/sound/pci/intel8x0.c
2091 -+++ b/sound/pci/intel8x0.c
2092 -@@ -2102,6 +2102,12 @@ static struct ac97_quirk ac97_quirks[] __devinitdata = {
2093 - },
2094 - {
2095 - .subvendor = 0x161f,
2096 -+ .subdevice = 0x202f,
2097 -+ .name = "Gateway M520",
2098 -+ .type = AC97_TUNE_INV_EAPD
2099 -+ },
2100 -+ {
2101 -+ .subvendor = 0x161f,
2102 - .subdevice = 0x203a,
2103 - .name = "Gateway 4525GZ", /* AD1981B */
2104 - .type = AC97_TUNE_INV_EAPD
2105 -diff --git a/tools/perf/bench/mem-memcpy-x86-64-asm.S b/tools/perf/bench/mem-memcpy-x86-64-asm.S
2106 -index a57b66e..185a96d 100644
2107 ---- a/tools/perf/bench/mem-memcpy-x86-64-asm.S
2108 -+++ b/tools/perf/bench/mem-memcpy-x86-64-asm.S
2109 -@@ -1,2 +1,8 @@
2110 -
2111 - #include "../../../arch/x86/lib/memcpy_64.S"
2112 -+/*
2113 -+ * We need to provide note.GNU-stack section, saying that we want
2114 -+ * NOT executable stack. Otherwise the final linking will assume that
2115 -+ * the ELF stack should not be restricted at all and set it RWX.
2116 -+ */
2117 -+.section .note.GNU-stack,"",@progbits
2118 -diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
2119 -index d7915d4..efca198 100644
2120 ---- a/tools/perf/util/evsel.c
2121 -+++ b/tools/perf/util/evsel.c
2122 -@@ -390,6 +390,7 @@ int perf_event__parse_sample(const union perf_event *event, u64 type,
2123 -
2124 - data->cpu = data->pid = data->tid = -1;
2125 - data->stream_id = data->id = data->time = -1ULL;
2126 -+ data->period = 1;
2127 -
2128 - if (event->header.type != PERF_RECORD_SAMPLE) {
2129 - if (!sample_id_all)
2130
2131 diff --git a/3.2.7/0000_README b/3.2.9/0000_README
2132 similarity index 94%
2133 rename from 3.2.7/0000_README
2134 rename to 3.2.9/0000_README
2135 index 7342063..4b71aa6 100644
2136 --- a/3.2.7/0000_README
2137 +++ b/3.2.9/0000_README
2138 @@ -2,11 +2,7 @@ README
2139 -----------------------------------------------------------------------------
2140 Individual Patch Descriptions:
2141 -----------------------------------------------------------------------------
2142 -Patch: 1006_linux-3.2.7.patch
2143 -From: http://www.kernel.org
2144 -Desc: Linux 3.2.7
2145 -
2146 -Patch: 4420_grsecurity-2.9-3.2.7-201202251203.patch
2147 +Patch: 4420_grsecurity-2.9-3.2.9-201203022148.patch
2148 From: http://www.grsecurity.net
2149 Desc: hardened-sources base patch from upstream grsecurity
2150
2151
2152 diff --git a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
2153 similarity index 99%
2154 rename from 3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch
2155 rename to 3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
2156 index be7621a..fa03b34 100644
2157 --- a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch
2158 +++ b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
2159 @@ -186,7 +186,7 @@ index 81c287f..d456d02 100644
2160
2161 pcd. [PARIDE]
2162 diff --git a/Makefile b/Makefile
2163 -index d1bdc90..e95fe1a 100644
2164 +index 5f1739b..1831396 100644
2165 --- a/Makefile
2166 +++ b/Makefile
2167 @@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
2168 @@ -212,32 +212,34 @@ index d1bdc90..e95fe1a 100644
2169 $(Q)$(MAKE) $(build)=scripts/basic
2170 $(Q)rm -f .tmp_quiet_recordmcount
2171
2172 -@@ -564,6 +565,46 @@ else
2173 +@@ -564,6 +565,48 @@ else
2174 KBUILD_CFLAGS += -O2
2175 endif
2176
2177 +ifndef DISABLE_PAX_PLUGINS
2178 +ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y)
2179 +ifndef DISABLE_PAX_CONSTIFY_PLUGIN
2180 -+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
2181 ++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
2182 +endif
2183 +ifdef CONFIG_PAX_MEMORY_STACKLEAK
2184 -+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
2185 -+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
2186 ++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
2187 ++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
2188 +endif
2189 +ifdef CONFIG_KALLOCSTAT_PLUGIN
2190 -+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
2191 ++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
2192 +endif
2193 +ifdef CONFIG_PAX_KERNEXEC_PLUGIN
2194 -+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
2195 -+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD)
2196 ++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
2197 ++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN
2198 ++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN
2199 +endif
2200 +ifdef CONFIG_CHECKER_PLUGIN
2201 +ifeq ($(call cc-ifversion, -ge, 0406, y), y)
2202 -+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
2203 ++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
2204 +endif
2205 +endif
2206 -+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN)
2207 ++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS)
2208 ++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
2209 +export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN
2210 +ifeq ($(KBUILD_EXTMOD),)
2211 +gcc-plugins:
2212 @@ -259,7 +261,7 @@ index d1bdc90..e95fe1a 100644
2213 include $(srctree)/arch/$(SRCARCH)/Makefile
2214
2215 ifneq ($(CONFIG_FRAME_WARN),0)
2216 -@@ -708,7 +749,7 @@ export mod_strip_cmd
2217 +@@ -708,7 +751,7 @@ export mod_strip_cmd
2218
2219
2220 ifeq ($(KBUILD_EXTMOD),)
2221 @@ -268,15 +270,16 @@ index d1bdc90..e95fe1a 100644
2222
2223 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
2224 $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
2225 -@@ -932,6 +973,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
2226 +@@ -932,6 +975,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
2227
2228 # The actual objects are generated when descending,
2229 # make sure no implicit rule kicks in
2230 -+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS)
2231 ++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2232 ++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2233 $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
2234
2235 # Handle descending into subdirectories listed in $(vmlinux-dirs)
2236 -@@ -941,7 +983,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
2237 +@@ -941,7 +986,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
2238 # Error messages still appears in the original language
2239
2240 PHONY += $(vmlinux-dirs)
2241 @@ -285,23 +288,24 @@ index d1bdc90..e95fe1a 100644
2242 $(Q)$(MAKE) $(build)=$@
2243
2244 # Store (new) KERNELRELASE string in include/config/kernel.release
2245 -@@ -985,6 +1027,7 @@ prepare0: archprepare FORCE
2246 +@@ -985,6 +1030,7 @@ prepare0: archprepare FORCE
2247 $(Q)$(MAKE) $(build)=.
2248
2249 # All the preparing..
2250 -+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS))
2251 ++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS))
2252 prepare: prepare0
2253
2254 # Generate some files
2255 -@@ -1086,6 +1129,7 @@ all: modules
2256 +@@ -1086,6 +1132,8 @@ all: modules
2257 # using awk while concatenating to the final file.
2258
2259 PHONY += modules
2260 -+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
2261 ++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2262 ++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2263 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
2264 $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
2265 @$(kecho) ' Building modules, stage 2.';
2266 -@@ -1101,7 +1145,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
2267 +@@ -1101,7 +1149,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
2268
2269 # Target to prepare building external modules
2270 PHONY += modules_prepare
2271 @@ -310,7 +314,7 @@ index d1bdc90..e95fe1a 100644
2272
2273 # Target to install modules
2274 PHONY += modules_install
2275 -@@ -1198,6 +1242,7 @@ distclean: mrproper
2276 +@@ -1198,6 +1246,7 @@ distclean: mrproper
2277 \( -name '*.orig' -o -name '*.rej' -o -name '*~' \
2278 -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
2279 -o -name '.*.rej' \
2280 @@ -318,26 +322,29 @@ index d1bdc90..e95fe1a 100644
2281 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
2282 -type f -print | xargs rm -f
2283
2284 -@@ -1358,6 +1403,7 @@ PHONY += $(module-dirs) modules
2285 +@@ -1358,6 +1407,8 @@ PHONY += $(module-dirs) modules
2286 $(module-dirs): crmodverdir $(objtree)/Module.symvers
2287 $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
2288
2289 -+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
2290 ++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2291 ++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2292 modules: $(module-dirs)
2293 @$(kecho) ' Building modules, stage 2.';
2294 $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
2295 -@@ -1484,17 +1530,19 @@ else
2296 +@@ -1484,17 +1535,21 @@ else
2297 target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
2298 endif
2299
2300 -%.s: %.c prepare scripts FORCE
2301 -+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS)
2302 ++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2303 ++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2304 +%.s: %.c gcc-plugins prepare scripts FORCE
2305 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
2306 %.i: %.c prepare scripts FORCE
2307 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
2308 -%.o: %.c prepare scripts FORCE
2309 -+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS)
2310 ++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2311 ++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2312 +%.o: %.c gcc-plugins prepare scripts FORCE
2313 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
2314 %.lst: %.c prepare scripts FORCE
2315 @@ -350,18 +357,20 @@ index d1bdc90..e95fe1a 100644
2316 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
2317 %.symtypes: %.c prepare scripts FORCE
2318 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
2319 -@@ -1504,11 +1552,13 @@ endif
2320 +@@ -1504,11 +1559,15 @@ endif
2321 $(cmd_crmodverdir)
2322 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
2323 $(build)=$(build-dir)
2324 -%/: prepare scripts FORCE
2325 -+%/: KBUILD_CFLAGS += $(GCC_PLUGINS)
2326 ++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2327 ++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2328 +%/: gcc-plugins prepare scripts FORCE
2329 $(cmd_crmodverdir)
2330 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
2331 $(build)=$(build-dir)
2332 -%.ko: prepare scripts FORCE
2333 -+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS)
2334 ++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
2335 ++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
2336 +%.ko: gcc-plugins prepare scripts FORCE
2337 $(cmd_crmodverdir)
2338 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
2339 @@ -7304,7 +7313,7 @@ index f6f5c53..b358b28 100644
2340 set_fs(old_fs);
2341
2342 diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h
2343 -index 091508b..e245ff2 100644
2344 +index 091508b..7692c6f 100644
2345 --- a/arch/x86/include/asm/alternative-asm.h
2346 +++ b/arch/x86/include/asm/alternative-asm.h
2347 @@ -4,10 +4,10 @@
2348 @@ -7324,7 +7333,7 @@ index 091508b..e245ff2 100644
2349 .endm
2350 #endif
2351
2352 -+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
2353 ++#ifdef KERNEXEC_PLUGIN
2354 + .macro pax_force_retaddr_bts rip=0
2355 + btsq $63,\rip(%rsp)
2356 + .endm
2357 @@ -8821,7 +8830,7 @@ index eb92a6e..b98b2f4 100644
2358 /* EISA */
2359 extern void eisa_set_level_irq(unsigned int irq);
2360 diff --git a/arch/x86/include/asm/i387.h b/arch/x86/include/asm/i387.h
2361 -index c9e09ea..73888df 100644
2362 +index a850b4d..bae26dc 100644
2363 --- a/arch/x86/include/asm/i387.h
2364 +++ b/arch/x86/include/asm/i387.h
2365 @@ -92,6 +92,11 @@ static inline int fxrstor_checking(struct i387_fxsave_struct *fx)
2366 @@ -8848,31 +8857,15 @@ index c9e09ea..73888df 100644
2367 /*
2368 * Clear the bytes not touched by the fxsave and reserved
2369 * for the SW usage.
2370 -@@ -213,13 +223,8 @@ static inline void fpu_fxsave(struct fpu *fpu)
2371 - #endif /* CONFIG_X86_64 */
2372 -
2373 - /* We need a safe address that is cheap to find and that is already
2374 -- in L1 during context switch. The best choices are unfortunately
2375 -- different for UP and SMP */
2376 --#ifdef CONFIG_SMP
2377 --#define safe_address (__per_cpu_offset[0])
2378 --#else
2379 --#define safe_address (kstat_cpu(0).cpustat.user)
2380 --#endif
2381 -+ in L1 during context switch. */
2382 -+#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0)
2383 +@@ -424,7 +434,7 @@ static inline bool interrupted_kernel_fpu_idle(void)
2384 + static inline bool interrupted_user_mode(void)
2385 + {
2386 + struct pt_regs *regs = get_irq_regs();
2387 +- return regs && user_mode_vm(regs);
2388 ++ return regs && user_mode(regs);
2389 + }
2390
2391 /*
2392 - * These must be called with preempt disabled
2393 -@@ -312,7 +317,7 @@ static inline void kernel_fpu_begin(void)
2394 - struct thread_info *me = current_thread_info();
2395 - preempt_disable();
2396 - if (me->status & TS_USEDFPU)
2397 -- __save_init_fpu(me->task);
2398 -+ __save_init_fpu(current);
2399 - else
2400 - clts();
2401 - }
2402 diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h
2403 index d8e8eef..99f81ae 100644
2404 --- a/arch/x86/include/asm/io.h
2405 @@ -9976,7 +9969,7 @@ index 013286a..8b42f4f 100644
2406 #define pgprot_writecombine pgprot_writecombine
2407 extern pgprot_t pgprot_writecombine(pgprot_t prot);
2408 diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
2409 -index b650435..eefa566 100644
2410 +index bb3ee36..781a6b8 100644
2411 --- a/arch/x86/include/asm/processor.h
2412 +++ b/arch/x86/include/asm/processor.h
2413 @@ -268,7 +268,7 @@ struct tss_struct {
2414 @@ -9988,7 +9981,7 @@ index b650435..eefa566 100644
2415
2416 /*
2417 * Save the original ist values for checking stack pointers during debugging
2418 -@@ -860,11 +860,18 @@ static inline void spin_lock_prefetch(const void *x)
2419 +@@ -861,11 +861,18 @@ static inline void spin_lock_prefetch(const void *x)
2420 */
2421 #define TASK_SIZE PAGE_OFFSET
2422 #define TASK_SIZE_MAX TASK_SIZE
2423 @@ -10009,7 +10002,7 @@ index b650435..eefa566 100644
2424 .vm86_info = NULL, \
2425 .sysenter_cs = __KERNEL_CS, \
2426 .io_bitmap_ptr = NULL, \
2427 -@@ -878,7 +885,7 @@ static inline void spin_lock_prefetch(const void *x)
2428 +@@ -879,7 +886,7 @@ static inline void spin_lock_prefetch(const void *x)
2429 */
2430 #define INIT_TSS { \
2431 .x86_tss = { \
2432 @@ -10018,7 +10011,7 @@ index b650435..eefa566 100644
2433 .ss0 = __KERNEL_DS, \
2434 .ss1 = __KERNEL_CS, \
2435 .io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \
2436 -@@ -889,11 +896,7 @@ static inline void spin_lock_prefetch(const void *x)
2437 +@@ -890,11 +897,7 @@ static inline void spin_lock_prefetch(const void *x)
2438 extern unsigned long thread_saved_pc(struct task_struct *tsk);
2439
2440 #define THREAD_SIZE_LONGS (THREAD_SIZE/sizeof(unsigned long))
2441 @@ -10031,7 +10024,7 @@ index b650435..eefa566 100644
2442
2443 /*
2444 * The below -8 is to reserve 8 bytes on top of the ring0 stack.
2445 -@@ -908,7 +911,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2446 +@@ -909,7 +912,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2447 #define task_pt_regs(task) \
2448 ({ \
2449 struct pt_regs *__regs__; \
2450 @@ -10040,7 +10033,7 @@ index b650435..eefa566 100644
2451 __regs__ - 1; \
2452 })
2453
2454 -@@ -918,13 +921,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2455 +@@ -919,13 +922,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2456 /*
2457 * User space process size. 47bits minus one guard page.
2458 */
2459 @@ -10056,7 +10049,7 @@ index b650435..eefa566 100644
2460
2461 #define TASK_SIZE (test_thread_flag(TIF_IA32) ? \
2462 IA32_PAGE_OFFSET : TASK_SIZE_MAX)
2463 -@@ -935,11 +938,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2464 +@@ -936,11 +939,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
2465 #define STACK_TOP_MAX TASK_SIZE_MAX
2466
2467 #define INIT_THREAD { \
2468 @@ -10070,7 +10063,7 @@ index b650435..eefa566 100644
2469 }
2470
2471 /*
2472 -@@ -961,6 +964,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip,
2473 +@@ -962,6 +965,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip,
2474 */
2475 #define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 3))
2476
2477 @@ -10601,7 +10594,7 @@ index 2d2f01c..f985723 100644
2478 /*
2479 * Force strict CPU ordering.
2480 diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h
2481 -index a1fe5c1..ee326d8 100644
2482 +index d7ef849..6af292e 100644
2483 --- a/arch/x86/include/asm/thread_info.h
2484 +++ b/arch/x86/include/asm/thread_info.h
2485 @@ -10,6 +10,7 @@
2486 @@ -10745,7 +10738,7 @@ index a1fe5c1..ee326d8 100644
2487 #endif
2488
2489 #endif /* !X86_32 */
2490 -@@ -266,5 +242,16 @@ extern void arch_task_cache_init(void);
2491 +@@ -264,5 +240,16 @@ extern void arch_task_cache_init(void);
2492 extern void free_thread_info(struct thread_info *ti);
2493 extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src);
2494 #define arch_task_cache_init arch_task_cache_init
2495 @@ -15876,7 +15869,7 @@ index faba577..93b9e71 100644
2496 return single_step_cont(regs, args);
2497 break;
2498 diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c
2499 -index 7da647d..5d3c4c1 100644
2500 +index 7da647d..56fe348 100644
2501 --- a/arch/x86/kernel/kprobes.c
2502 +++ b/arch/x86/kernel/kprobes.c
2503 @@ -118,8 +118,11 @@ static void __kprobes __synthesize_relative_insn(void *from, void *to, u8 op)
2504 @@ -15966,7 +15959,7 @@ index 7da647d..5d3c4c1 100644
2505 " movq %rax, 152(%rsp)\n"
2506 RESTORE_REGS_STRING
2507 " popfq\n"
2508 -+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
2509 ++#ifdef KERNEXEC_PLUGIN
2510 + " btsq $63,(%rsp)\n"
2511 +#endif
2512 #else
2513 @@ -16615,7 +16608,7 @@ index ee5d4fb..426649b 100644
2514 +}
2515 +#endif
2516 diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
2517 -index 795b79f..063767a 100644
2518 +index 8598296..bfadef0 100644
2519 --- a/arch/x86/kernel/process_32.c
2520 +++ b/arch/x86/kernel/process_32.c
2521 @@ -67,6 +67,7 @@ asmlinkage void ret_from_fork(void) __asm__("ret_from_fork");
2522 @@ -16666,10 +16659,10 @@ index 795b79f..063767a 100644
2523 int cpu = smp_processor_id();
2524 - struct tss_struct *tss = &per_cpu(init_tss, cpu);
2525 + struct tss_struct *tss = init_tss + cpu;
2526 - bool preload_fpu;
2527 + fpu_switch_t fpu;
2528
2529 /* never put a printk in __switch_to... printk() calls wake_up*() indirectly */
2530 -@@ -331,6 +332,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2531 +@@ -320,6 +321,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2532 */
2533 lazy_save_gs(prev->gs);
2534
2535 @@ -16680,32 +16673,32 @@ index 795b79f..063767a 100644
2536 /*
2537 * Load the per-thread Thread-Local Storage descriptor.
2538 */
2539 -@@ -366,6 +371,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2540 +@@ -350,6 +355,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2541 */
2542 arch_end_context_switch(next_p);
2543
2544 + percpu_write(current_task, next_p);
2545 + percpu_write(current_tinfo, &next_p->tinfo);
2546 +
2547 - if (preload_fpu)
2548 - __math_state_restore();
2549 + /*
2550 + * Restore %gs if needed (which is common)
2551 + */
2552 +@@ -358,8 +366,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2553
2554 -@@ -375,8 +383,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2555 - if (prev->gs | next->gs)
2556 - lazy_load_gs(next->gs);
2557 + switch_fpu_finish(next_p, fpu);
2558
2559 - percpu_write(current_task, next_p);
2560 -
2561 return prev_p;
2562 }
2563
2564 -@@ -406,4 +412,3 @@ unsigned long get_wchan(struct task_struct *p)
2565 +@@ -389,4 +395,3 @@ unsigned long get_wchan(struct task_struct *p)
2566 } while (count++ < 16);
2567 return 0;
2568 }
2569 -
2570 diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
2571 -index 3bd7e6e..90b2bcf 100644
2572 +index 6a364a6..b147d11 100644
2573 --- a/arch/x86/kernel/process_64.c
2574 +++ b/arch/x86/kernel/process_64.c
2575 @@ -89,7 +89,7 @@ static void __exit_idle(void)
2576 @@ -16742,9 +16735,9 @@ index 3bd7e6e..90b2bcf 100644
2577 - struct tss_struct *tss = &per_cpu(init_tss, cpu);
2578 + struct tss_struct *tss = init_tss + cpu;
2579 unsigned fsindex, gsindex;
2580 - bool preload_fpu;
2581 + fpu_switch_t fpu;
2582
2583 -@@ -475,10 +475,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2584 +@@ -461,10 +461,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
2585 prev->usersp = percpu_read(old_rsp);
2586 percpu_write(old_rsp, next->usersp);
2587 percpu_write(current_task, next_p);
2588 @@ -16757,7 +16750,7 @@ index 3bd7e6e..90b2bcf 100644
2589
2590 /*
2591 * Now maybe reload the debug registers and handle I/O bitmaps
2592 -@@ -540,12 +539,11 @@ unsigned long get_wchan(struct task_struct *p)
2593 +@@ -519,12 +518,11 @@ unsigned long get_wchan(struct task_struct *p)
2594 if (!p || p == current || p->state == TASK_RUNNING)
2595 return 0;
2596 stack = (unsigned long)task_stack_page(p);
2597 @@ -17813,7 +17806,7 @@ index 09ff517..df19fbff 100644
2598 .short 0
2599 .quad 0x00cf9b000000ffff # __KERNEL32_CS
2600 diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
2601 -index a8e3eb8..c9dbd7d 100644
2602 +index 31d9d0f..e244dd9 100644
2603 --- a/arch/x86/kernel/traps.c
2604 +++ b/arch/x86/kernel/traps.c
2605 @@ -70,12 +70,6 @@ asmlinkage int system_call(void);
2606 @@ -17958,25 +17951,17 @@ index a8e3eb8..c9dbd7d 100644
2607 {
2608 if (!fixup_exception(regs)) {
2609 task->thread.error_code = error_code;
2610 -@@ -568,7 +597,7 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void)
2611 - void __math_state_restore(void)
2612 +@@ -569,8 +598,8 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void)
2613 + void __math_state_restore(struct task_struct *tsk)
2614 {
2615 - struct thread_info *thread = current_thread_info();
2616 -- struct task_struct *tsk = thread->task;
2617 -+ struct task_struct *tsk = current;
2618 -
2619 - /*
2620 - * Paranoid restore. send a SIGSEGV if we fail to restore the state.
2621 -@@ -595,8 +624,7 @@ void __math_state_restore(void)
2622 - */
2623 - asmlinkage void math_state_restore(void)
2624 - {
2625 -- struct thread_info *thread = current_thread_info();
2626 -- struct task_struct *tsk = thread->task;
2627 -+ struct task_struct *tsk = current;
2628 + /* We need a safe address that is cheap to find and that is already
2629 +- in L1. We've just brought in "tsk->thread.has_fpu", so use that */
2630 +-#define safe_address (tsk->thread.has_fpu)
2631 ++ in L1. */
2632 ++#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0)
2633
2634 - if (!tsk_used_math(tsk)) {
2635 - local_irq_enable();
2636 + /* AMD K7/K8 CPUs don't save/restore FDP/FIP/FOP unless an exception
2637 + is pending. Clear the x87 state here by setting it to fixed
2638 diff --git a/arch/x86/kernel/verify_cpu.S b/arch/x86/kernel/verify_cpu.S
2639 index b9242ba..50c5edd 100644
2640 --- a/arch/x86/kernel/verify_cpu.S
2641 @@ -18387,7 +18372,7 @@ index 9796c2f..f686fbf 100644
2642 EXPORT_SYMBOL(copy_page);
2643 EXPORT_SYMBOL(clear_page);
2644 diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c
2645 -index a391134..d0b63b6e 100644
2646 +index 7110911..e8cdee5 100644
2647 --- a/arch/x86/kernel/xsave.c
2648 +++ b/arch/x86/kernel/xsave.c
2649 @@ -130,7 +130,7 @@ int check_for_xstate(struct i387_fxsave_struct __user *buf,
2650 @@ -18399,7 +18384,7 @@ index a391134..d0b63b6e 100644
2651 fx_sw_user->extended_size -
2652 FP_XSTATE_MAGIC2_SIZE));
2653 if (err)
2654 -@@ -267,7 +267,7 @@ fx_only:
2655 +@@ -266,7 +266,7 @@ fx_only:
2656 * the other extended state.
2657 */
2658 xrstor_state(init_xstate_buf, pcntxt_mask & ~XSTATE_FPSSE);
2659 @@ -18408,7 +18393,7 @@ index a391134..d0b63b6e 100644
2660 }
2661
2662 /*
2663 -@@ -299,7 +299,7 @@ int restore_i387_xstate(void __user *buf)
2664 +@@ -295,7 +295,7 @@ int restore_i387_xstate(void __user *buf)
2665 if (use_xsave())
2666 err = restore_user_xstate(buf);
2667 else
2668 @@ -18531,7 +18516,7 @@ index e32243e..a6e6172 100644
2669
2670 local_irq_disable();
2671 diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
2672 -index 579a0b5..ed7bbf9 100644
2673 +index 4ea7678..b3a7084 100644
2674 --- a/arch/x86/kvm/vmx.c
2675 +++ b/arch/x86/kvm/vmx.c
2676 @@ -1305,7 +1305,11 @@ static void reload_tss(void)
2677 @@ -33858,7 +33843,7 @@ index 1cfbf22..be96487 100644
2678 #define ASPM_STATE_ALL (ASPM_STATE_L0S | ASPM_STATE_L1)
2679
2680 diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
2681 -index 04e74f4..a960176 100644
2682 +index dfee1b3..a454fb6 100644
2683 --- a/drivers/pci/probe.c
2684 +++ b/drivers/pci/probe.c
2685 @@ -136,7 +136,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type,
2686 @@ -35611,7 +35596,7 @@ index 6845228..df77141 100644
2687
2688 core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count);
2689 diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c
2690 -index 861628e..659ae80 100644
2691 +index e4ddb93..2fc6e0f 100644
2692 --- a/drivers/target/target_core_transport.c
2693 +++ b/drivers/target/target_core_transport.c
2694 @@ -1343,7 +1343,7 @@ struct se_device *transport_add_device_to_core_hba(
2695 @@ -35653,7 +35638,7 @@ index 861628e..659ae80 100644
2696 cmd->t_task_list_num)
2697 atomic_set(&cmd->t_transport_sent, 1);
2698
2699 -@@ -4273,7 +4273,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd)
2700 +@@ -4296,7 +4296,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd)
2701 atomic_set(&cmd->transport_lun_stop, 0);
2702 }
2703 if (!atomic_read(&cmd->t_transport_active) ||
2704 @@ -35662,7 +35647,7 @@ index 861628e..659ae80 100644
2705 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2706 return false;
2707 }
2708 -@@ -4522,7 +4522,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
2709 +@@ -4545,7 +4545,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
2710 {
2711 int ret = 0;
2712
2713 @@ -35671,7 +35656,7 @@ index 861628e..659ae80 100644
2714 if (!send_status ||
2715 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
2716 return 1;
2717 -@@ -4559,7 +4559,7 @@ void transport_send_task_abort(struct se_cmd *cmd)
2718 +@@ -4582,7 +4582,7 @@ void transport_send_task_abort(struct se_cmd *cmd)
2719 */
2720 if (cmd->data_direction == DMA_TO_DEVICE) {
2721 if (cmd->se_tfo->write_pending_status(cmd) != 0) {
2722 @@ -39865,7 +39850,7 @@ index a6395bd..a5b24c4 100644
2723 fd_offset + ex.a_text);
2724 up_write(&current->mm->mmap_sem);
2725 diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
2726 -index 21ac5ee..31d14e9 100644
2727 +index 21ac5ee..ca0d90f 100644
2728 --- a/fs/binfmt_elf.c
2729 +++ b/fs/binfmt_elf.c
2730 @@ -32,6 +32,7 @@
2731 @@ -40000,6 +39985,7 @@ index 21ac5ee..31d14e9 100644
2732 return error;
2733 }
2734
2735 ++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
2736 +static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata)
2737 +{
2738 + unsigned long pax_flags = 0UL;
2739 @@ -40145,7 +40131,7 @@ index 21ac5ee..31d14e9 100644
2740 +#endif
2741 +
2742 +#ifdef CONFIG_PAX_SEGMEXEC
2743 -+ if (!(__supported_pte_mask & _PAGE_NX)) {
2744 ++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) {
2745 + pax_flags &= ~MF_PAX_PAGEEXEC;
2746 + pax_flags |= MF_PAX_SEGMEXEC;
2747 + }
2748 @@ -40319,7 +40305,6 @@ index 21ac5ee..31d14e9 100644
2749 +
2750 +}
2751 +
2752 -+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
2753 +static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file)
2754 +{
2755 + unsigned long pax_flags, pt_pax_flags, xattr_pax_flags;
2756 @@ -41623,7 +41608,7 @@ index f3a257d..715ac0f 100644
2757 }
2758 EXPORT_SYMBOL_GPL(debugfs_create_dir);
2759 diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
2760 -index d2039ca..a766407 100644
2761 +index af11098..81e3bbe 100644
2762 --- a/fs/ecryptfs/inode.c
2763 +++ b/fs/ecryptfs/inode.c
2764 @@ -691,7 +691,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf,
2765 @@ -44407,7 +44392,7 @@ index 637694b..f84a121 100644
2766
2767 lock_flocks();
2768 diff --git a/fs/namei.c b/fs/namei.c
2769 -index 5008f01..90328a7 100644
2770 +index 744e942..24ef47f 100644
2771 --- a/fs/namei.c
2772 +++ b/fs/namei.c
2773 @@ -279,16 +279,32 @@ int generic_permission(struct inode *inode, int mask)
2774 @@ -44482,7 +44467,7 @@ index 5008f01..90328a7 100644
2775 error = 0;
2776 if (s)
2777 error = __vfs_follow_link(nd, s);
2778 -@@ -1622,6 +1638,21 @@ static int path_lookupat(int dfd, const char *name,
2779 +@@ -1624,6 +1640,21 @@ static int path_lookupat(int dfd, const char *name,
2780 if (!err)
2781 err = complete_walk(nd);
2782
2783 @@ -44504,7 +44489,7 @@ index 5008f01..90328a7 100644
2784 if (!err && nd->flags & LOOKUP_DIRECTORY) {
2785 if (!nd->inode->i_op->lookup) {
2786 path_put(&nd->path);
2787 -@@ -1649,6 +1680,15 @@ static int do_path_lookup(int dfd, const char *name,
2788 +@@ -1651,6 +1682,15 @@ static int do_path_lookup(int dfd, const char *name,
2789 retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd);
2790
2791 if (likely(!retval)) {
2792 @@ -44520,7 +44505,7 @@ index 5008f01..90328a7 100644
2793 if (unlikely(!audit_dummy_context())) {
2794 if (nd->path.dentry && nd->inode)
2795 audit_inode(name, nd->path.dentry);
2796 -@@ -2046,6 +2086,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
2797 +@@ -2048,6 +2088,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
2798 if (flag & O_NOATIME && !inode_owner_or_capable(inode))
2799 return -EPERM;
2800
2801 @@ -44534,7 +44519,7 @@ index 5008f01..90328a7 100644
2802 return 0;
2803 }
2804
2805 -@@ -2107,6 +2154,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2806 +@@ -2109,6 +2156,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2807 error = complete_walk(nd);
2808 if (error)
2809 return ERR_PTR(error);
2810 @@ -44551,7 +44536,7 @@ index 5008f01..90328a7 100644
2811 audit_inode(pathname, nd->path.dentry);
2812 if (open_flag & O_CREAT) {
2813 error = -EISDIR;
2814 -@@ -2117,6 +2174,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2815 +@@ -2119,6 +2176,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2816 error = complete_walk(nd);
2817 if (error)
2818 return ERR_PTR(error);
2819 @@ -44568,7 +44553,7 @@ index 5008f01..90328a7 100644
2820 audit_inode(pathname, dir);
2821 goto ok;
2822 }
2823 -@@ -2138,6 +2205,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2824 +@@ -2140,6 +2207,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2825 error = complete_walk(nd);
2826 if (error)
2827 return ERR_PTR(-ECHILD);
2828 @@ -44585,7 +44570,7 @@ index 5008f01..90328a7 100644
2829
2830 error = -ENOTDIR;
2831 if (nd->flags & LOOKUP_DIRECTORY) {
2832 -@@ -2178,6 +2255,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2833 +@@ -2180,6 +2257,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2834 /* Negative dentry, just create the file */
2835 if (!dentry->d_inode) {
2836 int mode = op->mode;
2837 @@ -44598,7 +44583,7 @@ index 5008f01..90328a7 100644
2838 if (!IS_POSIXACL(dir->d_inode))
2839 mode &= ~current_umask();
2840 /*
2841 -@@ -2201,6 +2284,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2842 +@@ -2203,6 +2286,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2843 error = vfs_create(dir->d_inode, dentry, mode, nd);
2844 if (error)
2845 goto exit_mutex_unlock;
2846 @@ -44607,7 +44592,7 @@ index 5008f01..90328a7 100644
2847 mutex_unlock(&dir->d_inode->i_mutex);
2848 dput(nd->path.dentry);
2849 nd->path.dentry = dentry;
2850 -@@ -2210,6 +2295,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2851 +@@ -2212,6 +2297,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2852 /*
2853 * It already exists.
2854 */
2855 @@ -44627,7 +44612,7 @@ index 5008f01..90328a7 100644
2856 mutex_unlock(&dir->d_inode->i_mutex);
2857 audit_inode(pathname, path->dentry);
2858
2859 -@@ -2422,6 +2520,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path
2860 +@@ -2424,6 +2522,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path
2861 *path = nd.path;
2862 return dentry;
2863 eexist:
2864 @@ -44639,7 +44624,7 @@ index 5008f01..90328a7 100644
2865 dput(dentry);
2866 dentry = ERR_PTR(-EEXIST);
2867 fail:
2868 -@@ -2444,6 +2547,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat
2869 +@@ -2446,6 +2549,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat
2870 }
2871 EXPORT_SYMBOL(user_path_create);
2872
2873 @@ -44660,7 +44645,7 @@ index 5008f01..90328a7 100644
2874 int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
2875 {
2876 int error = may_create(dir, dentry);
2877 -@@ -2511,6 +2628,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
2878 +@@ -2513,6 +2630,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
2879 error = mnt_want_write(path.mnt);
2880 if (error)
2881 goto out_dput;
2882 @@ -44678,7 +44663,7 @@ index 5008f01..90328a7 100644
2883 error = security_path_mknod(&path, dentry, mode, dev);
2884 if (error)
2885 goto out_drop_write;
2886 -@@ -2528,6 +2656,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
2887 +@@ -2530,6 +2658,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
2888 }
2889 out_drop_write:
2890 mnt_drop_write(path.mnt);
2891 @@ -44688,7 +44673,7 @@ index 5008f01..90328a7 100644
2892 out_dput:
2893 dput(dentry);
2894 mutex_unlock(&path.dentry->d_inode->i_mutex);
2895 -@@ -2577,12 +2708,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode)
2896 +@@ -2579,12 +2710,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode)
2897 error = mnt_want_write(path.mnt);
2898 if (error)
2899 goto out_dput;
2900 @@ -44710,7 +44695,7 @@ index 5008f01..90328a7 100644
2901 out_dput:
2902 dput(dentry);
2903 mutex_unlock(&path.dentry->d_inode->i_mutex);
2904 -@@ -2662,6 +2802,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
2905 +@@ -2664,6 +2804,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
2906 char * name;
2907 struct dentry *dentry;
2908 struct nameidata nd;
2909 @@ -44719,7 +44704,7 @@ index 5008f01..90328a7 100644
2910
2911 error = user_path_parent(dfd, pathname, &nd, &name);
2912 if (error)
2913 -@@ -2690,6 +2832,15 @@ static long do_rmdir(int dfd, const char __user *pathname)
2914 +@@ -2692,6 +2834,15 @@ static long do_rmdir(int dfd, const char __user *pathname)
2915 error = -ENOENT;
2916 goto exit3;
2917 }
2918 @@ -44735,7 +44720,7 @@ index 5008f01..90328a7 100644
2919 error = mnt_want_write(nd.path.mnt);
2920 if (error)
2921 goto exit3;
2922 -@@ -2697,6 +2848,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
2923 +@@ -2699,6 +2850,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
2924 if (error)
2925 goto exit4;
2926 error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
2927 @@ -44744,7 +44729,7 @@ index 5008f01..90328a7 100644
2928 exit4:
2929 mnt_drop_write(nd.path.mnt);
2930 exit3:
2931 -@@ -2759,6 +2912,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2932 +@@ -2761,6 +2914,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2933 struct dentry *dentry;
2934 struct nameidata nd;
2935 struct inode *inode = NULL;
2936 @@ -44753,7 +44738,7 @@ index 5008f01..90328a7 100644
2937
2938 error = user_path_parent(dfd, pathname, &nd, &name);
2939 if (error)
2940 -@@ -2781,6 +2936,16 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2941 +@@ -2783,6 +2938,16 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2942 if (!inode)
2943 goto slashes;
2944 ihold(inode);
2945 @@ -44770,7 +44755,7 @@ index 5008f01..90328a7 100644
2946 error = mnt_want_write(nd.path.mnt);
2947 if (error)
2948 goto exit2;
2949 -@@ -2788,6 +2953,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2950 +@@ -2790,6 +2955,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
2951 if (error)
2952 goto exit3;
2953 error = vfs_unlink(nd.path.dentry->d_inode, dentry);
2954 @@ -44779,7 +44764,7 @@ index 5008f01..90328a7 100644
2955 exit3:
2956 mnt_drop_write(nd.path.mnt);
2957 exit2:
2958 -@@ -2863,10 +3030,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname,
2959 +@@ -2865,10 +3032,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname,
2960 error = mnt_want_write(path.mnt);
2961 if (error)
2962 goto out_dput;
2963 @@ -44798,7 +44783,7 @@ index 5008f01..90328a7 100644
2964 out_drop_write:
2965 mnt_drop_write(path.mnt);
2966 out_dput:
2967 -@@ -2938,6 +3113,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2968 +@@ -2940,6 +3115,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2969 {
2970 struct dentry *new_dentry;
2971 struct path old_path, new_path;
2972 @@ -44806,7 +44791,7 @@ index 5008f01..90328a7 100644
2973 int how = 0;
2974 int error;
2975
2976 -@@ -2961,7 +3137,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2977 +@@ -2963,7 +3139,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2978 if (error)
2979 return error;
2980
2981 @@ -44815,7 +44800,7 @@ index 5008f01..90328a7 100644
2982 error = PTR_ERR(new_dentry);
2983 if (IS_ERR(new_dentry))
2984 goto out;
2985 -@@ -2972,13 +3148,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2986 +@@ -2974,13 +3150,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
2987 error = mnt_want_write(new_path.mnt);
2988 if (error)
2989 goto out_dput;
2990 @@ -44846,7 +44831,7 @@ index 5008f01..90328a7 100644
2991 dput(new_dentry);
2992 mutex_unlock(&new_path.dentry->d_inode->i_mutex);
2993 path_put(&new_path);
2994 -@@ -3206,6 +3399,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
2995 +@@ -3208,6 +3401,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
2996 if (new_dentry == trap)
2997 goto exit5;
2998
2999 @@ -44859,7 +44844,7 @@ index 5008f01..90328a7 100644
3000 error = mnt_want_write(oldnd.path.mnt);
3001 if (error)
3002 goto exit5;
3003 -@@ -3215,6 +3414,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
3004 +@@ -3217,6 +3416,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
3005 goto exit6;
3006 error = vfs_rename(old_dir->d_inode, old_dentry,
3007 new_dir->d_inode, new_dentry);
3008 @@ -44869,7 +44854,7 @@ index 5008f01..90328a7 100644
3009 exit6:
3010 mnt_drop_write(oldnd.path.mnt);
3011 exit5:
3012 -@@ -3240,6 +3442,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
3013 +@@ -3242,6 +3444,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
3014
3015 int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
3016 {
3017 @@ -44878,7 +44863,7 @@ index 5008f01..90328a7 100644
3018 int len;
3019
3020 len = PTR_ERR(link);
3021 -@@ -3249,7 +3453,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
3022 +@@ -3251,7 +3455,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
3023 len = strlen(link);
3024 if (len > (unsigned) buflen)
3025 len = buflen;
3026 @@ -45525,7 +45510,7 @@ index 15af622..0e9f4467 100644
3027 help
3028 Various /proc files exist to monitor process memory utilization:
3029 diff --git a/fs/proc/array.c b/fs/proc/array.c
3030 -index 3a1dafd..1456746 100644
3031 +index 3a1dafd..bf1bd84 100644
3032 --- a/fs/proc/array.c
3033 +++ b/fs/proc/array.c
3034 @@ -60,6 +60,7 @@
3035 @@ -45633,9 +45618,12 @@ index 3a1dafd..1456746 100644
3036 esp,
3037 eip,
3038 /* The signal information here is obsolete.
3039 -@@ -535,6 +592,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
3040 +@@ -533,8 +590,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
3041 + struct pid *pid, struct task_struct *task)
3042 + {
3043 unsigned long size = 0, resident = 0, shared = 0, text = 0, data = 0;
3044 - struct mm_struct *mm = get_task_mm(task);
3045 +- struct mm_struct *mm = get_task_mm(task);
3046 ++ struct mm_struct *mm;
3047
3048 +#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
3049 + if (current->exec_id != m->exec_id) {
3050 @@ -45643,7 +45631,7 @@ index 3a1dafd..1456746 100644
3051 + return 0;
3052 + }
3053 +#endif
3054 -+
3055 ++ mm = get_task_mm(task);
3056 if (mm) {
3057 size = task_statm(mm, &shared, &text, &data, &resident);
3058 mmput(mm);
3059 @@ -58438,10 +58426,10 @@ index 84ccf8e..2e9b14c 100644
3060 };
3061
3062 diff --git a/include/linux/fs.h b/include/linux/fs.h
3063 -index e0bc4ff..d79c2fa 100644
3064 +index 10b2288..09180e4 100644
3065 --- a/include/linux/fs.h
3066 +++ b/include/linux/fs.h
3067 -@@ -1608,7 +1608,8 @@ struct file_operations {
3068 +@@ -1609,7 +1609,8 @@ struct file_operations {
3069 int (*setlease)(struct file *, long, struct file_lock **);
3070 long (*fallocate)(struct file *file, int mode, loff_t offset,
3071 loff_t len);
3072 @@ -59261,7 +59249,7 @@ index 0000000..da390f1
3073 +#endif
3074 diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h
3075 new file mode 100644
3076 -index 0000000..f885406
3077 +index 0000000..ae576a1
3078 --- /dev/null
3079 +++ b/include/linux/grmsg.h
3080 @@ -0,0 +1,109 @@
3081 @@ -59316,7 +59304,7 @@ index 0000000..f885406
3082 +#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by "
3083 +#define GR_INITF_ACL_MSG "init_variables() failed %s by "
3084 +#define GR_DISABLED_ACL_MSG "Error loading %s, trying to run kernel with acls disabled. To disable acls at startup use <kernel image name> gracl=off from your boot loader"
3085 -+#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbaged by "
3086 ++#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbage by "
3087 +#define GR_SHUTS_ACL_MSG "shutdown auth success for "
3088 +#define GR_SHUTF_ACL_MSG "shutdown auth failure for "
3089 +#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for "
3090 @@ -61270,7 +61258,7 @@ index c14fe86..393245e 100644
3091 #define RPCRDMA_VERSION 1
3092
3093 diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
3094 -index 703cfa3..0b8ca72ac 100644
3095 +index 703cfa33..0b8ca72ac 100644
3096 --- a/include/linux/sysctl.h
3097 +++ b/include/linux/sysctl.h
3098 @@ -155,7 +155,11 @@ enum
3099 @@ -61790,10 +61778,10 @@ index 9e5425b..8136ffc 100644
3100 /* Protects from simultaneous access to first_req list */
3101 spinlock_t info_list_lock;
3102 diff --git a/include/net/flow.h b/include/net/flow.h
3103 -index 57f15a7..0de26c6 100644
3104 +index 2a7eefd..3250f3b 100644
3105 --- a/include/net/flow.h
3106 +++ b/include/net/flow.h
3107 -@@ -208,6 +208,6 @@ extern struct flow_cache_object *flow_cache_lookup(
3108 +@@ -218,6 +218,6 @@ extern struct flow_cache_object *flow_cache_lookup(
3109
3110 extern void flow_cache_flush(void);
3111 extern void flow_cache_flush_deferred(void);
3112 @@ -62188,7 +62176,7 @@ index 444cd6b..3327cc5 100644
3113 const struct firmware *dsp_microcode;
3114 const struct firmware *controller_microcode;
3115 diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h
3116 -index a79886c..b483af6 100644
3117 +index 94bbec3..3a8c6b0 100644
3118 --- a/include/target/target_core_base.h
3119 +++ b/include/target/target_core_base.h
3120 @@ -346,7 +346,7 @@ struct t10_reservation_ops {
3121 @@ -62211,7 +62199,7 @@ index a79886c..b483af6 100644
3122 atomic_t t_transport_active;
3123 atomic_t t_transport_complete;
3124 atomic_t t_transport_queue_active;
3125 -@@ -704,7 +704,7 @@ struct se_device {
3126 +@@ -705,7 +705,7 @@ struct se_device {
3127 /* Active commands on this virtual SE device */
3128 atomic_t simple_cmds;
3129 atomic_t depth_left;
3130 @@ -62716,7 +62704,7 @@ index 5b4293d..f179875 100644
3131 if (u->mq_bytes + mq_bytes < u->mq_bytes ||
3132 u->mq_bytes + mq_bytes > task_rlimit(p, RLIMIT_MSGQUEUE)) {
3133 diff --git a/ipc/msg.c b/ipc/msg.c
3134 -index 7385de2..a8180e0 100644
3135 +index 7385de2..a8180e08 100644
3136 --- a/ipc/msg.c
3137 +++ b/ipc/msg.c
3138 @@ -309,18 +309,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg)
3139 @@ -63626,10 +63614,10 @@ index e6e01b9..619f837 100644
3140
3141 if (group_dead)
3142 diff --git a/kernel/fork.c b/kernel/fork.c
3143 -index da4a6a1..0973380 100644
3144 +index 0acf42c0..9e40e2e 100644
3145 --- a/kernel/fork.c
3146 +++ b/kernel/fork.c
3147 -@@ -280,7 +280,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
3148 +@@ -281,7 +281,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
3149 *stackend = STACK_END_MAGIC; /* for overflow detection */
3150
3151 #ifdef CONFIG_CC_STACKPROTECTOR
3152 @@ -63638,7 +63626,7 @@ index da4a6a1..0973380 100644
3153 #endif
3154
3155 /*
3156 -@@ -304,13 +304,77 @@ out:
3157 +@@ -305,13 +305,77 @@ out:
3158 }
3159
3160 #ifdef CONFIG_MMU
3161 @@ -63718,7 +63706,7 @@ index da4a6a1..0973380 100644
3162
3163 down_write(&oldmm->mmap_sem);
3164 flush_cache_dup_mm(oldmm);
3165 -@@ -322,8 +386,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3166 +@@ -323,8 +387,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3167 mm->locked_vm = 0;
3168 mm->mmap = NULL;
3169 mm->mmap_cache = NULL;
3170 @@ -63729,7 +63717,7 @@ index da4a6a1..0973380 100644
3171 mm->map_count = 0;
3172 cpumask_clear(mm_cpumask(mm));
3173 mm->mm_rb = RB_ROOT;
3174 -@@ -339,8 +403,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3175 +@@ -340,8 +404,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3176
3177 prev = NULL;
3178 for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) {
3179 @@ -63738,7 +63726,7 @@ index da4a6a1..0973380 100644
3180 if (mpnt->vm_flags & VM_DONTCOPY) {
3181 long pages = vma_pages(mpnt);
3182 mm->total_vm -= pages;
3183 -@@ -348,53 +410,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3184 +@@ -349,53 +411,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3185 -pages);
3186 continue;
3187 }
3188 @@ -63796,7 +63784,7 @@ index da4a6a1..0973380 100644
3189
3190 /*
3191 * Link in the new vma and copy the page table entries.
3192 -@@ -417,6 +437,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3193 +@@ -418,6 +438,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
3194 if (retval)
3195 goto out;
3196 }
3197 @@ -63828,7 +63816,7 @@ index da4a6a1..0973380 100644
3198 /* a new mm has just been created */
3199 arch_dup_mmap(oldmm, mm);
3200 retval = 0;
3201 -@@ -425,14 +470,6 @@ out:
3202 +@@ -426,14 +471,6 @@ out:
3203 flush_tlb_mm(oldmm);
3204 up_write(&oldmm->mmap_sem);
3205 return retval;
3206 @@ -63843,7 +63831,7 @@ index da4a6a1..0973380 100644
3207 }
3208
3209 static inline int mm_alloc_pgd(struct mm_struct *mm)
3210 -@@ -644,6 +681,26 @@ struct mm_struct *get_task_mm(struct task_struct *task)
3211 +@@ -645,6 +682,26 @@ struct mm_struct *get_task_mm(struct task_struct *task)
3212 }
3213 EXPORT_SYMBOL_GPL(get_task_mm);
3214
3215 @@ -63870,7 +63858,7 @@ index da4a6a1..0973380 100644
3216 /* Please note the differences between mmput and mm_release.
3217 * mmput is called whenever we stop holding onto a mm_struct,
3218 * error success whatever.
3219 -@@ -829,13 +886,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
3220 +@@ -830,13 +887,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
3221 spin_unlock(&fs->lock);
3222 return -EAGAIN;
3223 }
3224 @@ -63886,7 +63874,7 @@ index da4a6a1..0973380 100644
3225 return 0;
3226 }
3227
3228 -@@ -1097,6 +1155,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
3229 +@@ -1100,6 +1158,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
3230 DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
3231 #endif
3232 retval = -EAGAIN;
3233 @@ -63896,7 +63884,7 @@ index da4a6a1..0973380 100644
3234 if (atomic_read(&p->real_cred->user->processes) >=
3235 task_rlimit(p, RLIMIT_NPROC)) {
3236 if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
3237 -@@ -1256,6 +1317,8 @@ static struct task_struct *copy_process(unsigned long clone_flags,
3238 +@@ -1259,6 +1320,8 @@ static struct task_struct *copy_process(unsigned long clone_flags,
3239 if (clone_flags & CLONE_THREAD)
3240 p->tgid = current->tgid;
3241
3242 @@ -63905,7 +63893,7 @@ index da4a6a1..0973380 100644
3243 p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL;
3244 /*
3245 * Clear TID on mm_release()?
3246 -@@ -1418,6 +1481,8 @@ bad_fork_cleanup_count:
3247 +@@ -1421,6 +1484,8 @@ bad_fork_cleanup_count:
3248 bad_fork_free:
3249 free_task(p);
3250 fork_out:
3251 @@ -63914,7 +63902,7 @@ index da4a6a1..0973380 100644
3252 return ERR_PTR(retval);
3253 }
3254
3255 -@@ -1518,6 +1583,8 @@ long do_fork(unsigned long clone_flags,
3256 +@@ -1521,6 +1586,8 @@ long do_fork(unsigned long clone_flags,
3257 if (clone_flags & CLONE_PARENT_SETTID)
3258 put_user(nr, parent_tidptr);
3259
3260 @@ -63923,7 +63911,7 @@ index da4a6a1..0973380 100644
3261 if (clone_flags & CLONE_VFORK) {
3262 p->vfork_done = &vfork;
3263 init_completion(&vfork);
3264 -@@ -1627,7 +1694,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
3265 +@@ -1630,7 +1697,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
3266 return 0;
3267
3268 /* don't need lock here; in the worst case we'll do useless copy */
3269 @@ -63932,7 +63920,7 @@ index da4a6a1..0973380 100644
3270 return 0;
3271
3272 *new_fsp = copy_fs_struct(fs);
3273 -@@ -1716,7 +1783,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
3274 +@@ -1719,7 +1786,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
3275 fs = current->fs;
3276 spin_lock(&fs->lock);
3277 current->fs = new_fs;
3278 @@ -70622,7 +70610,7 @@ index 7fa41b4..6087460 100644
3279 return count;
3280 }
3281 diff --git a/mm/nommu.c b/mm/nommu.c
3282 -index b982290..7d73f53 100644
3283 +index ee7e57e..cae4e40 100644
3284 --- a/mm/nommu.c
3285 +++ b/mm/nommu.c
3286 @@ -62,7 +62,6 @@ int sysctl_overcommit_memory = OVERCOMMIT_GUESS; /* heuristic overcommit */
3287 @@ -70633,7 +70621,7 @@ index b982290..7d73f53 100644
3288
3289 atomic_long_t mmap_pages_allocated;
3290
3291 -@@ -825,15 +824,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
3292 +@@ -829,15 +828,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
3293 EXPORT_SYMBOL(find_vma);
3294
3295 /*
3296 @@ -70649,7 +70637,7 @@ index b982290..7d73f53 100644
3297 * expand a stack to a given address
3298 * - not supported under NOMMU conditions
3299 */
3300 -@@ -1553,6 +1543,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
3301 +@@ -1557,6 +1547,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
3302
3303 /* most fields are the same, copy all, and then fixup */
3304 *new = *vma;
3305 @@ -72725,7 +72713,7 @@ index 68bbf9f..5ef0d12 100644
3306
3307 return err;
3308 diff --git a/net/core/dev.c b/net/core/dev.c
3309 -index 5a13edf..a6f2bd2 100644
3310 +index c56cacf..b28e35f 100644
3311 --- a/net/core/dev.c
3312 +++ b/net/core/dev.c
3313 @@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name)
3314 @@ -72797,7 +72785,7 @@ index 5a13edf..a6f2bd2 100644
3315 kfree_skb(skb);
3316 /* Jamal, now you will not able to escape explaining
3317 * me how you were going to use this. :-)
3318 -@@ -3891,7 +3895,7 @@ void netif_napi_del(struct napi_struct *napi)
3319 +@@ -3897,7 +3901,7 @@ void netif_napi_del(struct napi_struct *napi)
3320 }
3321 EXPORT_SYMBOL(netif_napi_del);
3322
3323 @@ -72806,7 +72794,7 @@ index 5a13edf..a6f2bd2 100644
3324 {
3325 struct softnet_data *sd = &__get_cpu_var(softnet_data);
3326 unsigned long time_limit = jiffies + 2;
3327 -@@ -5949,7 +5953,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev,
3328 +@@ -5955,7 +5959,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev,
3329 } else {
3330 netdev_stats_to_stats64(storage, &dev->stats);
3331 }
3332 @@ -73386,7 +73374,7 @@ index 94cdbc5..0cb0063 100644
3333 ts = peer->tcp_ts;
3334 tsage = get_seconds() - peer->tcp_ts_stamp;
3335 diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
3336 -index c89e354..8bd55c8 100644
3337 +index eb90aa8..22bf114 100644
3338 --- a/net/ipv4/tcp_ipv4.c
3339 +++ b/net/ipv4/tcp_ipv4.c
3340 @@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly;
3341 @@ -73399,7 +73387,7 @@ index c89e354..8bd55c8 100644
3342
3343 #ifdef CONFIG_TCP_MD5SIG
3344 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
3345 -@@ -1627,6 +1630,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
3346 +@@ -1632,6 +1635,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
3347 return 0;
3348
3349 reset:
3350 @@ -73409,7 +73397,7 @@ index c89e354..8bd55c8 100644
3351 tcp_v4_send_reset(rsk, skb);
3352 discard:
3353 kfree_skb(skb);
3354 -@@ -1689,12 +1695,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
3355 +@@ -1694,12 +1700,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
3356 TCP_SKB_CB(skb)->sacked = 0;
3357
3358 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
3359 @@ -73432,7 +73420,7 @@ index c89e354..8bd55c8 100644
3360
3361 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
3362 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
3363 -@@ -1744,6 +1757,10 @@ no_tcp_socket:
3364 +@@ -1749,6 +1762,10 @@ no_tcp_socket:
3365 bad_packet:
3366 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
3367 } else {
3368 @@ -73443,7 +73431,7 @@ index c89e354..8bd55c8 100644
3369 tcp_v4_send_reset(NULL, skb);
3370 }
3371
3372 -@@ -2404,7 +2421,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
3373 +@@ -2409,7 +2426,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
3374 0, /* non standard timer */
3375 0, /* open_requests have no inode */
3376 atomic_read(&sk->sk_refcnt),
3377 @@ -73455,7 +73443,7 @@ index c89e354..8bd55c8 100644
3378 len);
3379 }
3380
3381 -@@ -2454,7 +2475,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
3382 +@@ -2459,7 +2480,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
3383 sock_i_uid(sk),
3384 icsk->icsk_probes_out,
3385 sock_i_ino(sk),
3386 @@ -73469,7 +73457,7 @@ index c89e354..8bd55c8 100644
3387 jiffies_to_clock_t(icsk->icsk_rto),
3388 jiffies_to_clock_t(icsk->icsk_ack.ato),
3389 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
3390 -@@ -2482,7 +2508,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
3391 +@@ -2487,7 +2513,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
3392 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n",
3393 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
3394 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
3395 @@ -74217,7 +74205,7 @@ index 30d7355..e260095 100644
3396 napi_disable(&local->napi);
3397 ieee80211_clear_tx_pending(local);
3398 diff --git a/net/mac80211/main.c b/net/mac80211/main.c
3399 -index a7536fd..4039cc0 100644
3400 +index 7d9b21d..0687004 100644
3401 --- a/net/mac80211/main.c
3402 +++ b/net/mac80211/main.c
3403 @@ -163,7 +163,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
3404 @@ -74364,7 +74352,7 @@ index 29fa5ba..8debc79 100644
3405
3406 if (!todrop_rate[i]) return 0;
3407 diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
3408 -index 093cc32..9209ae1 100644
3409 +index 6dc7d7d..e45913a 100644
3410 --- a/net/netfilter/ipvs/ip_vs_core.c
3411 +++ b/net/netfilter/ipvs/ip_vs_core.c
3412 @@ -562,7 +562,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
3413 @@ -75928,7 +75916,7 @@ index 9049a5c..cfa6f5c 100644
3414 }
3415
3416 diff --git a/scripts/Makefile.build b/scripts/Makefile.build
3417 -index d2b366c..51ff91e 100644
3418 +index d2b366c..51ff91ebc 100644
3419 --- a/scripts/Makefile.build
3420 +++ b/scripts/Makefile.build
3421 @@ -109,7 +109,7 @@ endif
3422 @@ -77804,7 +77792,7 @@ index a39edcc..1014050 100644
3423 };
3424 diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile
3425 new file mode 100644
3426 -index 0000000..29b6b75
3427 +index 0000000..481a163
3428 --- /dev/null
3429 +++ b/tools/gcc/Makefile
3430 @@ -0,0 +1,21 @@
3431 @@ -77814,7 +77802,7 @@ index 0000000..29b6b75
3432 +GCCPLUGINS_DIR := $(shell $(CC) -print-file-name=plugin)
3433 +#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W -std=gnu99
3434 +
3435 -+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99
3436 ++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 -ggdb
3437 +
3438 +hostlibs-y := constify_plugin.so
3439 +hostlibs-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so
3440 @@ -78923,10 +78911,10 @@ index 0000000..008f159
3441 +}
3442 diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
3443 new file mode 100644
3444 -index 0000000..8b61031
3445 +index 0000000..4a9b187
3446 --- /dev/null
3447 +++ b/tools/gcc/stackleak_plugin.c
3448 -@@ -0,0 +1,295 @@
3449 +@@ -0,0 +1,326 @@
3450 +/*
3451 + * Copyright 2011 by the PaX Team <pageexec@××××××××.hu>
3452 + * Licensed under the GPL v2
3453 @@ -78973,10 +78961,12 @@ index 0000000..8b61031
3454 +static int track_frame_size = -1;
3455 +static const char track_function[] = "pax_track_stack";
3456 +static const char check_function[] = "pax_check_alloca";
3457 ++static tree pax_check_alloca_decl;
3458 ++static tree pax_track_stack_decl;
3459 +static bool init_locals;
3460 +
3461 +static struct plugin_info stackleak_plugin_info = {
3462 -+ .version = "201111150100",
3463 ++ .version = "201203021600",
3464 + .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n"
3465 +// "initialize-locals\t\tforcibly initialize all stack frames\n"
3466 +};
3467 @@ -79029,27 +79019,20 @@ index 0000000..8b61031
3468 +static void stackleak_check_alloca(gimple_stmt_iterator *gsi)
3469 +{
3470 + gimple check_alloca;
3471 -+ tree fndecl, fntype, alloca_size;
3472 ++ tree alloca_size;
3473 +
3474 + // insert call to void pax_check_alloca(unsigned long size)
3475 -+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
3476 -+ fndecl = build_fn_decl(check_function, fntype);
3477 -+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
3478 + alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0);
3479 -+ check_alloca = gimple_build_call(fndecl, 1, alloca_size);
3480 ++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size);
3481 + gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT);
3482 +}
3483 +
3484 +static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi)
3485 +{
3486 + gimple track_stack;
3487 -+ tree fndecl, fntype;
3488 +
3489 + // insert call to void pax_track_stack(void)
3490 -+ fntype = build_function_type_list(void_type_node, NULL_TREE);
3491 -+ fndecl = build_fn_decl(track_function, fntype);
3492 -+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
3493 -+ track_stack = gimple_build_call(fndecl, 0);
3494 ++ track_stack = gimple_build_call(pax_track_stack_decl, 0);
3495 + gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING);
3496 +}
3497 +
3498 @@ -79086,7 +79069,7 @@ index 0000000..8b61031
3499 +static unsigned int execute_stackleak_tree_instrument(void)
3500 +{
3501 + basic_block bb, entry_bb;
3502 -+ bool prologue_instrumented = false;
3503 ++ bool prologue_instrumented = false, is_leaf = true;
3504 +
3505 + entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb;
3506 +
3507 @@ -79095,8 +79078,15 @@ index 0000000..8b61031
3508 + gimple_stmt_iterator gsi;
3509 +
3510 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
3511 ++ gimple stmt;
3512 ++
3513 ++ stmt = gsi_stmt(gsi);
3514 ++
3515 ++ if (is_gimple_call(stmt))
3516 ++ is_leaf = false;
3517 ++
3518 + // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450>
3519 -+ if (!is_alloca(gsi_stmt(gsi)))
3520 ++ if (!is_alloca(stmt))
3521 + continue;
3522 +
3523 + // 2. insert stack overflow check before each __builtin_alloca call
3524 @@ -79109,6 +79099,13 @@ index 0000000..8b61031
3525 + }
3526 + }
3527 +
3528 ++ // special case for some bad linux code: taking the address of static inline functions will materialize them
3529 ++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI
3530 ++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI.
3531 ++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here.
3532 ++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl))
3533 ++ return 0;
3534 ++
3535 + // 4. insert track call at the beginning
3536 + if (!prologue_instrumented) {
3537 + gimple_stmt_iterator gsi;
3538 @@ -79168,6 +79165,27 @@ index 0000000..8b61031
3539 + return 0;
3540 +}
3541 +
3542 ++static void stackleak_start_unit(void *gcc_data, void *user_dat)
3543 ++{
3544 ++ tree fntype;
3545 ++
3546 ++ // declare void pax_check_alloca(unsigned long size)
3547 ++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
3548 ++ pax_check_alloca_decl = build_fn_decl(check_function, fntype);
3549 ++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO
3550 ++ TREE_PUBLIC(pax_check_alloca_decl) = 1;
3551 ++ DECL_EXTERNAL(pax_check_alloca_decl) = 1;
3552 ++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1;
3553 ++
3554 ++ // declare void pax_track_stack(void)
3555 ++ fntype = build_function_type_list(void_type_node, NULL_TREE);
3556 ++ pax_track_stack_decl = build_fn_decl(track_function, fntype);
3557 ++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO
3558 ++ TREE_PUBLIC(pax_track_stack_decl) = 1;
3559 ++ DECL_EXTERNAL(pax_track_stack_decl) = 1;
3560 ++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1;
3561 ++}
3562 ++
3563 +int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version)
3564 +{
3565 + const char * const plugin_name = plugin_info->base_name;
3566 @@ -79179,7 +79197,7 @@ index 0000000..8b61031
3567 +// .reference_pass_name = "tree_profile",
3568 + .reference_pass_name = "optimized",
3569 + .ref_pass_instance_number = 0,
3570 -+ .pos_op = PASS_POS_INSERT_AFTER
3571 ++ .pos_op = PASS_POS_INSERT_BEFORE
3572 + };
3573 + struct register_pass_info stackleak_final_pass_info = {
3574 + .pass = &stackleak_final_rtl_opt_pass.pass,
3575 @@ -79217,6 +79235,7 @@ index 0000000..8b61031
3576 + error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
3577 + }
3578 +
3579 ++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL);
3580 + register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info);
3581 + register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info);
3582 +
3583
3584 diff --git a/3.2.7/4425_grsec_enable_xtpax.patch b/3.2.9/4425_grsec_enable_xtpax.patch
3585 similarity index 100%
3586 rename from 3.2.7/4425_grsec_enable_xtpax.patch
3587 rename to 3.2.9/4425_grsec_enable_xtpax.patch
3588
3589 diff --git a/3.2.7/4430_grsec-remove-localversion-grsec.patch b/3.2.9/4430_grsec-remove-localversion-grsec.patch
3590 similarity index 100%
3591 rename from 3.2.7/4430_grsec-remove-localversion-grsec.patch
3592 rename to 3.2.9/4430_grsec-remove-localversion-grsec.patch
3593
3594 diff --git a/3.2.7/4435_grsec-mute-warnings.patch b/3.2.9/4435_grsec-mute-warnings.patch
3595 similarity index 100%
3596 rename from 3.2.7/4435_grsec-mute-warnings.patch
3597 rename to 3.2.9/4435_grsec-mute-warnings.patch
3598
3599 diff --git a/3.2.7/4440_grsec-remove-protected-paths.patch b/3.2.9/4440_grsec-remove-protected-paths.patch
3600 similarity index 96%
3601 rename from 3.2.7/4440_grsec-remove-protected-paths.patch
3602 rename to 3.2.9/4440_grsec-remove-protected-paths.patch
3603 index 4afb3e2..5602e8e 100644
3604 --- a/3.2.7/4440_grsec-remove-protected-paths.patch
3605 +++ b/3.2.9/4440_grsec-remove-protected-paths.patch
3606 @@ -6,7 +6,7 @@ the filesystem.
3607 diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile
3608 --- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400
3609 +++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400
3610 -@@ -27,10 +27,4 @@
3611 +@@ -31,10 +31,4 @@
3612 ifdef CONFIG_GRKERNSEC_HIDESYM
3613 extra-y := grsec_hidesym.o
3614 $(obj)/grsec_hidesym.o:
3615
3616 diff --git a/3.2.7/4445_grsec-pax-without-grsec.patch b/3.2.9/4445_grsec-pax-without-grsec.patch
3617 similarity index 98%
3618 rename from 3.2.7/4445_grsec-pax-without-grsec.patch
3619 rename to 3.2.9/4445_grsec-pax-without-grsec.patch
3620 index 9992f51..0ef9311 100644
3621 --- a/3.2.7/4445_grsec-pax-without-grsec.patch
3622 +++ b/3.2.9/4445_grsec-pax-without-grsec.patch
3623 @@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
3624 diff -Naur a/fs/exec.c b/fs/exec.c
3625 --- a/fs/exec.c 2011-04-17 19:05:03.000000000 -0400
3626 +++ b/fs/exec.c 2011-04-17 19:20:30.000000000 -0400
3627 -@@ -2004,9 +2004,11 @@
3628 +@@ -2024,9 +2024,11 @@
3629 }
3630 up_read(&mm->mmap_sem);
3631 }
3632 @@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
3633 printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset);
3634 printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, "
3635 "PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk),
3636 -@@ -2021,10 +2023,12 @@
3637 +@@ -2041,10 +2043,12 @@
3638 #ifdef CONFIG_PAX_REFCOUNT
3639 void pax_report_refcount_overflow(struct pt_regs *regs)
3640 {
3641 @@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
3642 printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
3643 current->comm, task_pid_nr(current), current_uid(), current_euid());
3644 print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
3645 -@@ -2083,10 +2087,12 @@
3646 +@@ -2103,10 +2107,12 @@
3647
3648 NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type)
3649 {
3650
3651 diff --git a/3.2.7/4450_grsec-kconfig-default-gids.patch b/3.2.9/4450_grsec-kconfig-default-gids.patch
3652 similarity index 94%
3653 rename from 3.2.7/4450_grsec-kconfig-default-gids.patch
3654 rename to 3.2.9/4450_grsec-kconfig-default-gids.patch
3655 index 0807a4e..71b2089 100644
3656 --- a/3.2.7/4450_grsec-kconfig-default-gids.patch
3657 +++ b/3.2.9/4450_grsec-kconfig-default-gids.patch
3658 @@ -12,7 +12,7 @@ from shooting themselves in the foot.
3659 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3660 --- a/grsecurity/Kconfig 2011-12-12 16:54:30.000000000 -0500
3661 +++ b/grsecurity/Kconfig 2011-12-12 16:55:09.000000000 -0500
3662 -@@ -434,7 +434,7 @@
3663 +@@ -440,7 +440,7 @@
3664 config GRKERNSEC_PROC_GID
3665 int "GID for special group"
3666 depends on GRKERNSEC_PROC_USERGROUP
3667 @@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3668
3669 config GRKERNSEC_PROC_ADD
3670 bool "Additional restrictions"
3671 -@@ -662,7 +662,7 @@
3672 +@@ -668,7 +668,7 @@
3673 config GRKERNSEC_AUDIT_GID
3674 int "GID for auditing"
3675 depends on GRKERNSEC_AUDIT_GROUP
3676 @@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3677
3678 config GRKERNSEC_EXECLOG
3679 bool "Exec logging"
3680 -@@ -866,7 +866,7 @@
3681 +@@ -872,7 +872,7 @@
3682 config GRKERNSEC_TPE_GID
3683 int "GID for untrusted users"
3684 depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT
3685 @@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3686 help
3687 Setting this GID determines what group TPE restrictions will be
3688 *enabled* for. If the sysctl option is enabled, a sysctl option
3689 -@@ -875,7 +875,7 @@
3690 +@@ -881,7 +881,7 @@
3691 config GRKERNSEC_TPE_GID
3692 int "GID for trusted users"
3693 depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT
3694 @@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3695 help
3696 Setting this GID determines what group TPE restrictions will be
3697 *disabled* for. If the sysctl option is enabled, a sysctl option
3698 -@@ -948,7 +948,7 @@
3699 +@@ -954,7 +954,7 @@
3700 config GRKERNSEC_SOCKET_ALL_GID
3701 int "GID to deny all sockets for"
3702 depends on GRKERNSEC_SOCKET_ALL
3703 @@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3704 help
3705 Here you can choose the GID to disable socket access for. Remember to
3706 add the users you want socket access disabled for to the GID
3707 -@@ -969,7 +969,7 @@
3708 +@@ -975,7 +975,7 @@
3709 config GRKERNSEC_SOCKET_CLIENT_GID
3710 int "GID to deny client sockets for"
3711 depends on GRKERNSEC_SOCKET_CLIENT
3712 @@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3713 help
3714 Here you can choose the GID to disable client socket access for.
3715 Remember to add the users you want client socket access disabled for to
3716 -@@ -987,7 +987,7 @@
3717 +@@ -993,7 +993,7 @@
3718 config GRKERNSEC_SOCKET_SERVER_GID
3719 int "GID to deny server sockets for"
3720 depends on GRKERNSEC_SOCKET_SERVER
3721
3722 diff --git a/3.2.7/4455_grsec-kconfig-gentoo.patch b/3.2.9/4455_grsec-kconfig-gentoo.patch
3723 similarity index 100%
3724 rename from 3.2.7/4455_grsec-kconfig-gentoo.patch
3725 rename to 3.2.9/4455_grsec-kconfig-gentoo.patch
3726
3727 diff --git a/3.2.7/4460-grsec-kconfig-proc-user.patch b/3.2.9/4460-grsec-kconfig-proc-user.patch
3728 similarity index 96%
3729 rename from 3.2.7/4460-grsec-kconfig-proc-user.patch
3730 rename to 3.2.9/4460-grsec-kconfig-proc-user.patch
3731 index 72b894a..1081ed5 100644
3732 --- a/3.2.7/4460-grsec-kconfig-proc-user.patch
3733 +++ b/3.2.9/4460-grsec-kconfig-proc-user.patch
3734 @@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre
3735 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3736 --- a/grsecurity/Kconfig 2011-06-29 10:02:56.000000000 -0400
3737 +++ b/grsecurity/Kconfig 2011-06-29 10:08:07.000000000 -0400
3738 -@@ -668,7 +668,7 @@
3739 +@@ -674,7 +674,7 @@
3740
3741 config GRKERNSEC_PROC_USER
3742 bool "Restrict /proc to user only"
3743 @@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3744 help
3745 If you say Y here, non-root users will only be able to view their own
3746 processes, and restricts them from viewing network-related information,
3747 -@@ -676,7 +676,7 @@
3748 +@@ -682,7 +682,7 @@
3749
3750 config GRKERNSEC_PROC_USERGROUP
3751 bool "Allow special group"
3752
3753 diff --git a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
3754 similarity index 99%
3755 rename from 3.2.7/4465_selinux-avc_audit-log-curr_ip.patch
3756 rename to 3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
3757 index 7c9894c..cbd978d 100644
3758 --- a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch
3759 +++ b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
3760 @@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org>
3761 diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
3762 --- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400
3763 +++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400
3764 -@@ -1297,6 +1297,27 @@
3765 +@@ -1303,6 +1303,27 @@
3766 menu "Logging Options"
3767 depends on GRKERNSEC
3768
3769
3770 diff --git a/3.2.7/4470_disable-compat_vdso.patch b/3.2.9/4470_disable-compat_vdso.patch
3771 similarity index 100%
3772 rename from 3.2.7/4470_disable-compat_vdso.patch
3773 rename to 3.2.9/4470_disable-compat_vdso.patch
Report Message
Find on MARC Find on Google Groups