1 |
commit: ec8c51cd545a43fca3d89468b7c69872cac8f076 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Mar 4 14:49:46 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Mar 4 14:49:46 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=ec8c51cd |
7 |
|
8 |
Grsec/PaX: 2.9-2.6.32.57-201203022148 + 2.9-3.2.9-201203022148 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
...20_grsecurity-2.9-2.6.32.57-201203022148.patch} | 566 ++++++++++-- |
13 |
2.6.32/4440_grsec-remove-protected-paths.patch | 2 +- |
14 |
2.6.32/4445_grsec-pax-without-grsec.patch | 6 +- |
15 |
2.6.32/4450_grsec-kconfig-default-gids.patch | 14 +- |
16 |
2.6.32/4460-grsec-kconfig-proc-user.patch | 4 +- |
17 |
2.6.32/4465_selinux-avc_audit-log-curr_ip.patch | 2 +- |
18 |
3.2.7/1006_linux-3.2.7.patch | 994 -------------------- |
19 |
{3.2.7 => 3.2.9}/0000_README | 6 +- |
20 |
.../4420_grsecurity-2.9-3.2.9-201203022148.patch | 427 +++++---- |
21 |
{3.2.7 => 3.2.9}/4425_grsec_enable_xtpax.patch | 0 |
22 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
23 |
{3.2.7 => 3.2.9}/4435_grsec-mute-warnings.patch | 0 |
24 |
.../4440_grsec-remove-protected-paths.patch | 2 +- |
25 |
.../4445_grsec-pax-without-grsec.patch | 6 +- |
26 |
.../4450_grsec-kconfig-default-gids.patch | 14 +- |
27 |
{3.2.7 => 3.2.9}/4455_grsec-kconfig-gentoo.patch | 0 |
28 |
.../4460-grsec-kconfig-proc-user.patch | 4 +- |
29 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 2 +- |
30 |
{3.2.7 => 3.2.9}/4470_disable-compat_vdso.patch | 0 |
31 |
20 files changed, 754 insertions(+), 1297 deletions(-) |
32 |
|
33 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
34 |
index d4a9997..b14a3bc 100644 |
35 |
--- a/2.6.32/0000_README |
36 |
+++ b/2.6.32/0000_README |
37 |
@@ -22,7 +22,7 @@ Patch: 1056_linux-2.6.32.57.patch |
38 |
From: http://www.kernel.org |
39 |
Desc: Linux 2.6.32.57 |
40 |
|
41 |
-Patch: 4420_grsecurity-2.9-2.6.32.57-201202251202.patch |
42 |
+Patch: 4420_grsecurity-2.9-2.6.32.57-201203022148.patch |
43 |
From: http://www.grsecurity.net |
44 |
Desc: hardened-sources base patch from upstream grsecurity |
45 |
|
46 |
|
47 |
diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch |
48 |
similarity index 99% |
49 |
rename from 2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch |
50 |
rename to 2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch |
51 |
index 59a7ef3..f2893fd 100644 |
52 |
--- a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch |
53 |
+++ b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch |
54 |
@@ -185,7 +185,7 @@ index c840e7d..f4c451c 100644 |
55 |
|
56 |
pcd. [PARIDE] |
57 |
diff --git a/Makefile b/Makefile |
58 |
-index 3377650..76aacb3 100644 |
59 |
+index 3377650..095e46d 100644 |
60 |
--- a/Makefile |
61 |
+++ b/Makefile |
62 |
@@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
63 |
@@ -220,32 +220,34 @@ index 3377650..76aacb3 100644 |
64 |
include/linux/version.h headers_% \ |
65 |
kernelrelease kernelversion |
66 |
|
67 |
-@@ -526,6 +527,46 @@ else |
68 |
+@@ -526,6 +527,48 @@ else |
69 |
KBUILD_CFLAGS += -O2 |
70 |
endif |
71 |
|
72 |
+ifndef DISABLE_PAX_PLUGINS |
73 |
+ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y) |
74 |
+ifndef DISABLE_PAX_CONSTIFY_PLUGIN |
75 |
-+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN |
76 |
++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN |
77 |
+endif |
78 |
+ifdef CONFIG_PAX_MEMORY_STACKLEAK |
79 |
-+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN |
80 |
-+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 |
81 |
++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN |
82 |
++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 |
83 |
+endif |
84 |
+ifdef CONFIG_KALLOCSTAT_PLUGIN |
85 |
-+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so |
86 |
++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so |
87 |
+endif |
88 |
+ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
89 |
-+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so |
90 |
-+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) |
91 |
++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so |
92 |
++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN |
93 |
++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN |
94 |
+endif |
95 |
+ifdef CONFIG_CHECKER_PLUGIN |
96 |
+ifeq ($(call cc-ifversion, -ge, 0406, y), y) |
97 |
-+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN |
98 |
++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN |
99 |
+endif |
100 |
+endif |
101 |
-+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN) |
102 |
++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) |
103 |
++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) |
104 |
+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN |
105 |
+ifeq ($(KBUILD_EXTMOD),) |
106 |
+gcc-plugins: |
107 |
@@ -267,7 +269,7 @@ index 3377650..76aacb3 100644 |
108 |
include $(srctree)/arch/$(SRCARCH)/Makefile |
109 |
|
110 |
ifneq ($(CONFIG_FRAME_WARN),0) |
111 |
-@@ -647,7 +688,7 @@ export mod_strip_cmd |
112 |
+@@ -647,7 +690,7 @@ export mod_strip_cmd |
113 |
|
114 |
|
115 |
ifeq ($(KBUILD_EXTMOD),) |
116 |
@@ -276,15 +278,16 @@ index 3377650..76aacb3 100644 |
117 |
|
118 |
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ |
119 |
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \ |
120 |
-@@ -868,6 +909,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
121 |
+@@ -868,6 +911,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
122 |
|
123 |
# The actual objects are generated when descending, |
124 |
# make sure no implicit rule kicks in |
125 |
-+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS) |
126 |
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
127 |
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
128 |
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
129 |
|
130 |
# Handle descending into subdirectories listed in $(vmlinux-dirs) |
131 |
-@@ -877,7 +919,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
132 |
+@@ -877,7 +922,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
133 |
# Error messages still appears in the original language |
134 |
|
135 |
PHONY += $(vmlinux-dirs) |
136 |
@@ -293,23 +296,24 @@ index 3377650..76aacb3 100644 |
137 |
$(Q)$(MAKE) $(build)=$@ |
138 |
|
139 |
# Build the kernel release string |
140 |
-@@ -986,6 +1028,7 @@ prepare0: archprepare FORCE |
141 |
+@@ -986,6 +1031,7 @@ prepare0: archprepare FORCE |
142 |
$(Q)$(MAKE) $(build)=. missing-syscalls |
143 |
|
144 |
# All the preparing.. |
145 |
-+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS)) |
146 |
++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS)) |
147 |
prepare: prepare0 |
148 |
|
149 |
# The asm symlink changes when $(ARCH) changes. |
150 |
-@@ -1127,6 +1170,7 @@ all: modules |
151 |
+@@ -1127,6 +1173,8 @@ all: modules |
152 |
# using awk while concatenating to the final file. |
153 |
|
154 |
PHONY += modules |
155 |
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS) |
156 |
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
157 |
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
158 |
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
159 |
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order |
160 |
@$(kecho) ' Building modules, stage 2.'; |
161 |
-@@ -1136,7 +1180,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
162 |
+@@ -1136,7 +1184,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
163 |
|
164 |
# Target to prepare building external modules |
165 |
PHONY += modules_prepare |
166 |
@@ -318,7 +322,7 @@ index 3377650..76aacb3 100644 |
167 |
|
168 |
# Target to install modules |
169 |
PHONY += modules_install |
170 |
-@@ -1201,7 +1245,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \ |
171 |
+@@ -1201,7 +1249,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \ |
172 |
include/linux/autoconf.h include/linux/version.h \ |
173 |
include/linux/utsrelease.h \ |
174 |
include/linux/bounds.h include/asm*/asm-offsets.h \ |
175 |
@@ -327,7 +331,7 @@ index 3377650..76aacb3 100644 |
176 |
|
177 |
# clean - Delete most, but leave enough to build external modules |
178 |
# |
179 |
-@@ -1245,7 +1289,7 @@ distclean: mrproper |
180 |
+@@ -1245,7 +1293,7 @@ distclean: mrproper |
181 |
@find $(srctree) $(RCS_FIND_IGNORE) \ |
182 |
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \ |
183 |
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ |
184 |
@@ -336,7 +340,7 @@ index 3377650..76aacb3 100644 |
185 |
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ |
186 |
-type f -print | xargs rm -f |
187 |
|
188 |
-@@ -1292,6 +1336,7 @@ help: |
189 |
+@@ -1292,6 +1340,7 @@ help: |
190 |
@echo ' modules_prepare - Set up for building external modules' |
191 |
@echo ' tags/TAGS - Generate tags file for editors' |
192 |
@echo ' cscope - Generate cscope index' |
193 |
@@ -344,15 +348,16 @@ index 3377650..76aacb3 100644 |
194 |
@echo ' kernelrelease - Output the release version string' |
195 |
@echo ' kernelversion - Output the version stored in Makefile' |
196 |
@echo ' headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH'; \ |
197 |
-@@ -1393,6 +1438,7 @@ PHONY += $(module-dirs) modules |
198 |
+@@ -1393,6 +1442,8 @@ PHONY += $(module-dirs) modules |
199 |
$(module-dirs): crmodverdir $(objtree)/Module.symvers |
200 |
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) |
201 |
|
202 |
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS) |
203 |
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
204 |
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
205 |
modules: $(module-dirs) |
206 |
@$(kecho) ' Building modules, stage 2.'; |
207 |
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost |
208 |
-@@ -1448,7 +1494,7 @@ endif # KBUILD_EXTMOD |
209 |
+@@ -1448,7 +1499,7 @@ endif # KBUILD_EXTMOD |
210 |
quiet_cmd_tags = GEN $@ |
211 |
cmd_tags = $(CONFIG_SHELL) $(srctree)/scripts/tags.sh $@ |
212 |
|
213 |
@@ -361,18 +366,20 @@ index 3377650..76aacb3 100644 |
214 |
$(call cmd,tags) |
215 |
|
216 |
# Scripts to check various things for consistency |
217 |
-@@ -1513,17 +1559,19 @@ else |
218 |
+@@ -1513,17 +1564,21 @@ else |
219 |
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) |
220 |
endif |
221 |
|
222 |
-%.s: %.c prepare scripts FORCE |
223 |
-+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS) |
224 |
++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
225 |
++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
226 |
+%.s: %.c gcc-plugins prepare scripts FORCE |
227 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
228 |
%.i: %.c prepare scripts FORCE |
229 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
230 |
-%.o: %.c prepare scripts FORCE |
231 |
-+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS) |
232 |
++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
233 |
++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
234 |
+%.o: %.c gcc-plugins prepare scripts FORCE |
235 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
236 |
%.lst: %.c prepare scripts FORCE |
237 |
@@ -385,18 +392,20 @@ index 3377650..76aacb3 100644 |
238 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
239 |
%.symtypes: %.c prepare scripts FORCE |
240 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
241 |
-@@ -1533,11 +1581,13 @@ endif |
242 |
+@@ -1533,11 +1588,15 @@ endif |
243 |
$(cmd_crmodverdir) |
244 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
245 |
$(build)=$(build-dir) |
246 |
-%/: prepare scripts FORCE |
247 |
-+%/: KBUILD_CFLAGS += $(GCC_PLUGINS) |
248 |
++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
249 |
++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
250 |
+%/: gcc-plugins prepare scripts FORCE |
251 |
$(cmd_crmodverdir) |
252 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
253 |
$(build)=$(build-dir) |
254 |
-%.ko: prepare scripts FORCE |
255 |
-+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS) |
256 |
++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
257 |
++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
258 |
+%.ko: gcc-plugins prepare scripts FORCE |
259 |
$(cmd_crmodverdir) |
260 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
261 |
@@ -2881,7 +2890,7 @@ index 3f17b83..1f9e766 100644 |
262 |
#include <asm-generic/getorder.h> |
263 |
|
264 |
diff --git a/arch/powerpc/include/asm/pci.h b/arch/powerpc/include/asm/pci.h |
265 |
-index b5ea626..4030822 100644 |
266 |
+index b5ea626..40308222 100644 |
267 |
--- a/arch/powerpc/include/asm/pci.h |
268 |
+++ b/arch/powerpc/include/asm/pci.h |
269 |
@@ -65,8 +65,8 @@ static inline int pci_get_legacy_ide_irq(struct pci_dev *dev, int channel) |
270 |
@@ -8436,7 +8445,7 @@ index 016218c..47ccbdd 100644 |
271 |
set_fs(old_fs); |
272 |
|
273 |
diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h |
274 |
-index e2077d3..b7a8919 100644 |
275 |
+index e2077d3..17d07ad 100644 |
276 |
--- a/arch/x86/include/asm/alternative-asm.h |
277 |
+++ b/arch/x86/include/asm/alternative-asm.h |
278 |
@@ -8,10 +8,10 @@ |
279 |
@@ -8456,7 +8465,7 @@ index e2077d3..b7a8919 100644 |
280 |
.endm |
281 |
#endif |
282 |
|
283 |
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
284 |
++#ifdef KERNEXEC_PLUGIN |
285 |
+ .macro pax_force_retaddr_bts rip=0 |
286 |
+ btsq $63,\rip(%rsp) |
287 |
+ .endm |
288 |
@@ -18113,7 +18122,7 @@ index 8d82a77..0baf312 100644 |
289 |
.gdb_bpt_instr = { 0xcc }, |
290 |
.flags = KGDB_HW_BREAKPOINT, |
291 |
diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c |
292 |
-index 7a67820..8d15b75 100644 |
293 |
+index 7a67820..70ea187 100644 |
294 |
--- a/arch/x86/kernel/kprobes.c |
295 |
+++ b/arch/x86/kernel/kprobes.c |
296 |
@@ -168,9 +168,13 @@ static void __kprobes set_jmp_op(void *from, void *to) |
297 |
@@ -18203,7 +18212,7 @@ index 7a67820..8d15b75 100644 |
298 |
/* Skip orig_ax, ip, cs */ |
299 |
" addq $24, %rsp\n" |
300 |
" popfq\n" |
301 |
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
302 |
++#ifdef KERNEXEC_PLUGIN |
303 |
+ " btsq $63,(%rsp)\n" |
304 |
+#endif |
305 |
#else |
306 |
@@ -24839,7 +24848,7 @@ index 63a6ba6..79abd7a 100644 |
307 |
return (void *)vaddr; |
308 |
} |
309 |
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c |
310 |
-index f46c340..6ff9a26 100644 |
311 |
+index f46c3407..6ff9a26 100644 |
312 |
--- a/arch/x86/mm/hugetlbpage.c |
313 |
+++ b/arch/x86/mm/hugetlbpage.c |
314 |
@@ -267,13 +267,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file, |
315 |
@@ -30944,6 +30953,39 @@ index a5d585d..d087be3 100644 |
316 |
.show = kobj_pkt_show, |
317 |
.store = kobj_pkt_store |
318 |
}; |
319 |
+diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c |
320 |
+index 59cccc9..a4592ec 100644 |
321 |
+--- a/drivers/cdrom/cdrom.c |
322 |
++++ b/drivers/cdrom/cdrom.c |
323 |
+@@ -2057,11 +2057,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf, |
324 |
+ if (!nr) |
325 |
+ return -ENOMEM; |
326 |
+ |
327 |
+- if (!access_ok(VERIFY_WRITE, ubuf, nframes * CD_FRAMESIZE_RAW)) { |
328 |
+- ret = -EFAULT; |
329 |
+- goto out; |
330 |
+- } |
331 |
+- |
332 |
+ cgc.data_direction = CGC_DATA_READ; |
333 |
+ while (nframes > 0) { |
334 |
+ if (nr > nframes) |
335 |
+@@ -2070,7 +2065,7 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf, |
336 |
+ ret = cdrom_read_block(cdi, &cgc, lba, nr, 1, CD_FRAMESIZE_RAW); |
337 |
+ if (ret) |
338 |
+ break; |
339 |
+- if (__copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) { |
340 |
++ if (copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) { |
341 |
+ ret = -EFAULT; |
342 |
+ break; |
343 |
+ } |
344 |
+@@ -2078,7 +2073,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf, |
345 |
+ nframes -= nr; |
346 |
+ lba += nr; |
347 |
+ } |
348 |
+-out: |
349 |
+ kfree(cgc.buffer); |
350 |
+ return ret; |
351 |
+ } |
352 |
diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig |
353 |
index 6aad99e..89cd142 100644 |
354 |
--- a/drivers/char/Kconfig |
355 |
@@ -46529,7 +46571,7 @@ index 0133b5a..b3baa9f 100644 |
356 |
fd_offset + ex.a_text); |
357 |
up_write(¤t->mm->mmap_sem); |
358 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
359 |
-index 1ed37ba..de82ab7 100644 |
360 |
+index 1ed37ba..308a022 100644 |
361 |
--- a/fs/binfmt_elf.c |
362 |
+++ b/fs/binfmt_elf.c |
363 |
@@ -31,6 +31,7 @@ |
364 |
@@ -46666,6 +46708,7 @@ index 1ed37ba..de82ab7 100644 |
365 |
return error; |
366 |
} |
367 |
|
368 |
++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
369 |
+static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata) |
370 |
+{ |
371 |
+ unsigned long pax_flags = 0UL; |
372 |
@@ -46811,7 +46854,7 @@ index 1ed37ba..de82ab7 100644 |
373 |
+#endif |
374 |
+ |
375 |
+#ifdef CONFIG_PAX_SEGMEXEC |
376 |
-+ if (!(__supported_pte_mask & _PAGE_NX)) { |
377 |
++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) { |
378 |
+ pax_flags &= ~MF_PAX_PAGEEXEC; |
379 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
380 |
+ } |
381 |
@@ -46985,7 +47028,6 @@ index 1ed37ba..de82ab7 100644 |
382 |
+ |
383 |
+} |
384 |
+ |
385 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
386 |
+static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file) |
387 |
+{ |
388 |
+ unsigned long pax_flags, pt_pax_flags, xattr_pax_flags; |
389 |
@@ -48627,10 +48669,38 @@ index 7a5f1ac..205b034 100644 |
390 |
out: |
391 |
return rc; |
392 |
} |
393 |
+diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c |
394 |
+index 4e25328..3015389 100644 |
395 |
+--- a/fs/ecryptfs/file.c |
396 |
++++ b/fs/ecryptfs/file.c |
397 |
+@@ -323,11 +323,11 @@ ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) |
398 |
+ |
399 |
+ const struct file_operations ecryptfs_dir_fops = { |
400 |
+ .readdir = ecryptfs_readdir, |
401 |
++ .read = generic_read_dir, |
402 |
+ .unlocked_ioctl = ecryptfs_unlocked_ioctl, |
403 |
+ #ifdef CONFIG_COMPAT |
404 |
+ .compat_ioctl = ecryptfs_compat_ioctl, |
405 |
+ #endif |
406 |
+- .mmap = generic_file_mmap, |
407 |
+ .open = ecryptfs_open, |
408 |
+ .flush = ecryptfs_flush, |
409 |
+ .release = ecryptfs_release, |
410 |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
411 |
-index 88ba4d4..073f003 100644 |
412 |
+index 88ba4d4..55639ca 100644 |
413 |
--- a/fs/ecryptfs/inode.c |
414 |
+++ b/fs/ecryptfs/inode.c |
415 |
+@@ -575,8 +575,8 @@ static int ecryptfs_rmdir(struct inode *dir, struct dentry *dentry) |
416 |
+ dget(lower_dentry); |
417 |
+ rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry); |
418 |
+ dput(lower_dentry); |
419 |
+- if (!rc) |
420 |
+- d_delete(lower_dentry); |
421 |
++ if (!rc && dentry->d_inode) |
422 |
++ clear_nlink(dentry->d_inode); |
423 |
+ fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); |
424 |
+ dir->i_nlink = lower_dir_dentry->d_inode->i_nlink; |
425 |
+ unlock_dir(lower_dir_dentry); |
426 |
@@ -660,7 +660,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf, |
427 |
old_fs = get_fs(); |
428 |
set_fs(get_ds()); |
429 |
@@ -48649,6 +48719,235 @@ index 88ba4d4..073f003 100644 |
430 |
set_fs(old_fs); |
431 |
if (rc < 0) |
432 |
goto out_free; |
433 |
+@@ -758,18 +758,23 @@ upper_size_to_lower_size(struct ecryptfs_crypt_stat *crypt_stat, |
434 |
+ } |
435 |
+ |
436 |
+ /** |
437 |
+- * ecryptfs_truncate |
438 |
++ * truncate_upper |
439 |
+ * @dentry: The ecryptfs layer dentry |
440 |
+- * @new_length: The length to expand the file to |
441 |
++ * @ia: Address of the ecryptfs inode's attributes |
442 |
++ * @lower_ia: Address of the lower inode's attributes |
443 |
+ * |
444 |
+ * Function to handle truncations modifying the size of the file. Note |
445 |
+ * that the file sizes are interpolated. When expanding, we are simply |
446 |
+- * writing strings of 0's out. When truncating, we need to modify the |
447 |
+- * underlying file size according to the page index interpolations. |
448 |
++ * writing strings of 0's out. When truncating, we truncate the upper |
449 |
++ * inode and update the lower_ia according to the page index |
450 |
++ * interpolations. If ATTR_SIZE is set in lower_ia->ia_valid upon return, |
451 |
++ * the caller must use lower_ia in a call to notify_change() to perform |
452 |
++ * the truncation of the lower inode. |
453 |
+ * |
454 |
+ * Returns zero on success; non-zero otherwise |
455 |
+ */ |
456 |
+-int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
457 |
++static int truncate_upper(struct dentry *dentry, struct iattr *ia, |
458 |
++ struct iattr *lower_ia) |
459 |
+ { |
460 |
+ int rc = 0; |
461 |
+ struct inode *inode = dentry->d_inode; |
462 |
+@@ -780,8 +785,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
463 |
+ loff_t lower_size_before_truncate; |
464 |
+ loff_t lower_size_after_truncate; |
465 |
+ |
466 |
+- if (unlikely((new_length == i_size))) |
467 |
++ if (unlikely((ia->ia_size == i_size))) { |
468 |
++ lower_ia->ia_valid &= ~ATTR_SIZE; |
469 |
+ goto out; |
470 |
++ } |
471 |
+ crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat; |
472 |
+ /* Set up a fake ecryptfs file, this is used to interface with |
473 |
+ * the file in the underlying filesystem so that the |
474 |
+@@ -801,28 +808,30 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
475 |
+ &fake_ecryptfs_file, |
476 |
+ ecryptfs_inode_to_private(dentry->d_inode)->lower_file); |
477 |
+ /* Switch on growing or shrinking file */ |
478 |
+- if (new_length > i_size) { |
479 |
++ if (ia->ia_size > i_size) { |
480 |
+ char zero[] = { 0x00 }; |
481 |
+ |
482 |
++ lower_ia->ia_valid &= ~ATTR_SIZE; |
483 |
+ /* Write a single 0 at the last position of the file; |
484 |
+ * this triggers code that will fill in 0's throughout |
485 |
+ * the intermediate portion of the previous end of the |
486 |
+ * file and the new and of the file */ |
487 |
+ rc = ecryptfs_write(&fake_ecryptfs_file, zero, |
488 |
+- (new_length - 1), 1); |
489 |
+- } else { /* new_length < i_size_read(inode) */ |
490 |
+- /* We're chopping off all the pages down do the page |
491 |
+- * in which new_length is located. Fill in the end of |
492 |
+- * that page from (new_length & ~PAGE_CACHE_MASK) to |
493 |
++ (ia->ia_size - 1), 1); |
494 |
++ } else { /* ia->ia_size < i_size_read(inode) */ |
495 |
++ /* We're chopping off all the pages down to the page |
496 |
++ * in which ia->ia_size is located. Fill in the end of |
497 |
++ * that page from (ia->ia_size & ~PAGE_CACHE_MASK) to |
498 |
+ * PAGE_CACHE_SIZE with zeros. */ |
499 |
+ size_t num_zeros = (PAGE_CACHE_SIZE |
500 |
+- - (new_length & ~PAGE_CACHE_MASK)); |
501 |
++ - (ia->ia_size & ~PAGE_CACHE_MASK)); |
502 |
+ |
503 |
+ if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
504 |
+- rc = vmtruncate(inode, new_length); |
505 |
++ rc = vmtruncate(inode, ia->ia_size); |
506 |
+ if (rc) |
507 |
+ goto out_free; |
508 |
+- rc = vmtruncate(lower_dentry->d_inode, new_length); |
509 |
++ lower_ia->ia_size = ia->ia_size; |
510 |
++ lower_ia->ia_valid |= ATTR_SIZE; |
511 |
+ goto out_free; |
512 |
+ } |
513 |
+ if (num_zeros) { |
514 |
+@@ -834,7 +843,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
515 |
+ goto out_free; |
516 |
+ } |
517 |
+ rc = ecryptfs_write(&fake_ecryptfs_file, zeros_virt, |
518 |
+- new_length, num_zeros); |
519 |
++ ia->ia_size, num_zeros); |
520 |
+ kfree(zeros_virt); |
521 |
+ if (rc) { |
522 |
+ printk(KERN_ERR "Error attempting to zero out " |
523 |
+@@ -843,7 +852,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
524 |
+ goto out_free; |
525 |
+ } |
526 |
+ } |
527 |
+- vmtruncate(inode, new_length); |
528 |
++ vmtruncate(inode, ia->ia_size); |
529 |
+ rc = ecryptfs_write_inode_size_to_metadata(inode); |
530 |
+ if (rc) { |
531 |
+ printk(KERN_ERR "Problem with " |
532 |
+@@ -856,10 +865,12 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
533 |
+ lower_size_before_truncate = |
534 |
+ upper_size_to_lower_size(crypt_stat, i_size); |
535 |
+ lower_size_after_truncate = |
536 |
+- upper_size_to_lower_size(crypt_stat, new_length); |
537 |
+- if (lower_size_after_truncate < lower_size_before_truncate) |
538 |
+- vmtruncate(lower_dentry->d_inode, |
539 |
+- lower_size_after_truncate); |
540 |
++ upper_size_to_lower_size(crypt_stat, ia->ia_size); |
541 |
++ if (lower_size_after_truncate < lower_size_before_truncate) { |
542 |
++ lower_ia->ia_size = lower_size_after_truncate; |
543 |
++ lower_ia->ia_valid |= ATTR_SIZE; |
544 |
++ } else |
545 |
++ lower_ia->ia_valid &= ~ATTR_SIZE; |
546 |
+ } |
547 |
+ out_free: |
548 |
+ if (ecryptfs_file_to_private(&fake_ecryptfs_file)) |
549 |
+@@ -869,6 +880,33 @@ out: |
550 |
+ return rc; |
551 |
+ } |
552 |
+ |
553 |
++/** |
554 |
++ * ecryptfs_truncate |
555 |
++ * @dentry: The ecryptfs layer dentry |
556 |
++ * @new_length: The length to expand the file to |
557 |
++ * |
558 |
++ * Simple function that handles the truncation of an eCryptfs inode and |
559 |
++ * its corresponding lower inode. |
560 |
++ * |
561 |
++ * Returns zero on success; non-zero otherwise |
562 |
++ */ |
563 |
++int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
564 |
++{ |
565 |
++ struct iattr ia = { .ia_valid = ATTR_SIZE, .ia_size = new_length }; |
566 |
++ struct iattr lower_ia = { .ia_valid = 0 }; |
567 |
++ int rc; |
568 |
++ |
569 |
++ rc = truncate_upper(dentry, &ia, &lower_ia); |
570 |
++ if (!rc && lower_ia.ia_valid & ATTR_SIZE) { |
571 |
++ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry); |
572 |
++ |
573 |
++ mutex_lock(&lower_dentry->d_inode->i_mutex); |
574 |
++ rc = notify_change(lower_dentry, &lower_ia); |
575 |
++ mutex_unlock(&lower_dentry->d_inode->i_mutex); |
576 |
++ } |
577 |
++ return rc; |
578 |
++} |
579 |
++ |
580 |
+ static int |
581 |
+ ecryptfs_permission(struct inode *inode, int mask) |
582 |
+ { |
583 |
+@@ -891,6 +929,7 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
584 |
+ { |
585 |
+ int rc = 0; |
586 |
+ struct dentry *lower_dentry; |
587 |
++ struct iattr lower_ia; |
588 |
+ struct inode *inode; |
589 |
+ struct inode *lower_inode; |
590 |
+ struct ecryptfs_crypt_stat *crypt_stat; |
591 |
+@@ -929,15 +968,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
592 |
+ } |
593 |
+ } |
594 |
+ mutex_unlock(&crypt_stat->cs_mutex); |
595 |
++ memcpy(&lower_ia, ia, sizeof(lower_ia)); |
596 |
++ if (ia->ia_valid & ATTR_FILE) |
597 |
++ lower_ia.ia_file = ecryptfs_file_to_lower(ia->ia_file); |
598 |
+ if (ia->ia_valid & ATTR_SIZE) { |
599 |
+- ecryptfs_printk(KERN_DEBUG, |
600 |
+- "ia->ia_valid = [0x%x] ATTR_SIZE" " = [0x%x]\n", |
601 |
+- ia->ia_valid, ATTR_SIZE); |
602 |
+- rc = ecryptfs_truncate(dentry, ia->ia_size); |
603 |
+- /* ecryptfs_truncate handles resizing of the lower file */ |
604 |
+- ia->ia_valid &= ~ATTR_SIZE; |
605 |
+- ecryptfs_printk(KERN_DEBUG, "ia->ia_valid = [%x]\n", |
606 |
+- ia->ia_valid); |
607 |
++ rc = truncate_upper(dentry, ia, &lower_ia); |
608 |
+ if (rc < 0) |
609 |
+ goto out; |
610 |
+ } |
611 |
+@@ -946,11 +981,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
612 |
+ * mode change is for clearing setuid/setgid bits. Allow lower fs |
613 |
+ * to interpret this in its own way. |
614 |
+ */ |
615 |
+- if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) |
616 |
+- ia->ia_valid &= ~ATTR_MODE; |
617 |
++ if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) |
618 |
++ lower_ia.ia_valid &= ~ATTR_MODE; |
619 |
+ |
620 |
+ mutex_lock(&lower_dentry->d_inode->i_mutex); |
621 |
+- rc = notify_change(lower_dentry, ia); |
622 |
++ rc = notify_change(lower_dentry, &lower_ia); |
623 |
+ mutex_unlock(&lower_dentry->d_inode->i_mutex); |
624 |
+ out: |
625 |
+ fsstack_copy_attr_all(inode, lower_inode, NULL); |
626 |
+diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c |
627 |
+index c6ac85d..c52df75 100644 |
628 |
+--- a/fs/ecryptfs/main.c |
629 |
++++ b/fs/ecryptfs/main.c |
630 |
+@@ -487,6 +487,7 @@ out: |
631 |
+ } |
632 |
+ |
633 |
+ struct kmem_cache *ecryptfs_sb_info_cache; |
634 |
++static struct file_system_type ecryptfs_fs_type; |
635 |
+ |
636 |
+ /** |
637 |
+ * ecryptfs_fill_super |
638 |
+@@ -561,6 +562,23 @@ static int ecryptfs_read_super(struct super_block *sb, const char *dev_name) |
639 |
+ ecryptfs_printk(KERN_WARNING, "path_lookup() failed\n"); |
640 |
+ goto out; |
641 |
+ } |
642 |
++ |
643 |
++ if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) { |
644 |
++ rc = -EINVAL; |
645 |
++ printk(KERN_ERR "Mount on filesystem of type " |
646 |
++ "eCryptfs explicitly disallowed due to " |
647 |
++ "known incompatibilities\n"); |
648 |
++ goto out_free; |
649 |
++ } |
650 |
++ |
651 |
++ if (check_ruid && path.dentry->d_inode->i_uid != current_uid()) { |
652 |
++ rc = -EPERM; |
653 |
++ printk(KERN_ERR "Mount of device (uid: %d) not owned by " |
654 |
++ "requested user (uid: %d)\n", |
655 |
++ path.dentry->d_inode->i_uid, current_uid()); |
656 |
++ goto out_free; |
657 |
++ } |
658 |
++ |
659 |
+ ecryptfs_set_superblock_lower(sb, path.dentry->d_sb); |
660 |
+ sb->s_maxbytes = path.dentry->d_sb->s_maxbytes; |
661 |
+ sb->s_blocksize = path.dentry->d_sb->s_blocksize; |
662 |
diff --git a/fs/exec.c b/fs/exec.c |
663 |
index 86fafc6..6272c0e 100644 |
664 |
--- a/fs/exec.c |
665 |
@@ -53021,7 +53320,7 @@ index 50f8f06..c5755df 100644 |
666 |
help |
667 |
Various /proc files exist to monitor process memory utilization: |
668 |
diff --git a/fs/proc/array.c b/fs/proc/array.c |
669 |
-index c5ef152..24a1b87 100644 |
670 |
+index c5ef152..28c94f7 100644 |
671 |
--- a/fs/proc/array.c |
672 |
+++ b/fs/proc/array.c |
673 |
@@ -60,6 +60,7 @@ |
674 |
@@ -53135,9 +53434,12 @@ index c5ef152..24a1b87 100644 |
675 |
esp, |
676 |
eip, |
677 |
/* The signal information here is obsolete. |
678 |
-@@ -519,6 +578,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
679 |
+@@ -517,8 +576,16 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
680 |
+ struct pid *pid, struct task_struct *task) |
681 |
+ { |
682 |
int size = 0, resident = 0, shared = 0, text = 0, lib = 0, data = 0; |
683 |
- struct mm_struct *mm = get_task_mm(task); |
684 |
+- struct mm_struct *mm = get_task_mm(task); |
685 |
++ struct mm_struct *mm; |
686 |
|
687 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
688 |
+ if (current->exec_id != m->exec_id) { |
689 |
@@ -53146,10 +53448,11 @@ index c5ef152..24a1b87 100644 |
690 |
+ } |
691 |
+#endif |
692 |
+ |
693 |
++ mm = get_task_mm(task); |
694 |
if (mm) { |
695 |
size = task_statm(mm, &shared, &text, &data, &resident); |
696 |
mmput(mm); |
697 |
-@@ -528,3 +594,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
698 |
+@@ -528,3 +595,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
699 |
|
700 |
return 0; |
701 |
} |
702 |
@@ -88073,10 +88376,10 @@ index 0000000..008f159 |
703 |
+} |
704 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
705 |
new file mode 100644 |
706 |
-index 0000000..8b61031 |
707 |
+index 0000000..4a9b187 |
708 |
--- /dev/null |
709 |
+++ b/tools/gcc/stackleak_plugin.c |
710 |
-@@ -0,0 +1,295 @@ |
711 |
+@@ -0,0 +1,326 @@ |
712 |
+/* |
713 |
+ * Copyright 2011 by the PaX Team <pageexec@××××××××.hu> |
714 |
+ * Licensed under the GPL v2 |
715 |
@@ -88123,10 +88426,12 @@ index 0000000..8b61031 |
716 |
+static int track_frame_size = -1; |
717 |
+static const char track_function[] = "pax_track_stack"; |
718 |
+static const char check_function[] = "pax_check_alloca"; |
719 |
++static tree pax_check_alloca_decl; |
720 |
++static tree pax_track_stack_decl; |
721 |
+static bool init_locals; |
722 |
+ |
723 |
+static struct plugin_info stackleak_plugin_info = { |
724 |
-+ .version = "201111150100", |
725 |
++ .version = "201203021600", |
726 |
+ .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n" |
727 |
+// "initialize-locals\t\tforcibly initialize all stack frames\n" |
728 |
+}; |
729 |
@@ -88179,27 +88484,20 @@ index 0000000..8b61031 |
730 |
+static void stackleak_check_alloca(gimple_stmt_iterator *gsi) |
731 |
+{ |
732 |
+ gimple check_alloca; |
733 |
-+ tree fndecl, fntype, alloca_size; |
734 |
++ tree alloca_size; |
735 |
+ |
736 |
+ // insert call to void pax_check_alloca(unsigned long size) |
737 |
-+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE); |
738 |
-+ fndecl = build_fn_decl(check_function, fntype); |
739 |
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO |
740 |
+ alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0); |
741 |
-+ check_alloca = gimple_build_call(fndecl, 1, alloca_size); |
742 |
++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size); |
743 |
+ gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT); |
744 |
+} |
745 |
+ |
746 |
+static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi) |
747 |
+{ |
748 |
+ gimple track_stack; |
749 |
-+ tree fndecl, fntype; |
750 |
+ |
751 |
+ // insert call to void pax_track_stack(void) |
752 |
-+ fntype = build_function_type_list(void_type_node, NULL_TREE); |
753 |
-+ fndecl = build_fn_decl(track_function, fntype); |
754 |
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO |
755 |
-+ track_stack = gimple_build_call(fndecl, 0); |
756 |
++ track_stack = gimple_build_call(pax_track_stack_decl, 0); |
757 |
+ gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING); |
758 |
+} |
759 |
+ |
760 |
@@ -88236,7 +88534,7 @@ index 0000000..8b61031 |
761 |
+static unsigned int execute_stackleak_tree_instrument(void) |
762 |
+{ |
763 |
+ basic_block bb, entry_bb; |
764 |
-+ bool prologue_instrumented = false; |
765 |
++ bool prologue_instrumented = false, is_leaf = true; |
766 |
+ |
767 |
+ entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb; |
768 |
+ |
769 |
@@ -88245,8 +88543,15 @@ index 0000000..8b61031 |
770 |
+ gimple_stmt_iterator gsi; |
771 |
+ |
772 |
+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { |
773 |
++ gimple stmt; |
774 |
++ |
775 |
++ stmt = gsi_stmt(gsi); |
776 |
++ |
777 |
++ if (is_gimple_call(stmt)) |
778 |
++ is_leaf = false; |
779 |
++ |
780 |
+ // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450> |
781 |
-+ if (!is_alloca(gsi_stmt(gsi))) |
782 |
++ if (!is_alloca(stmt)) |
783 |
+ continue; |
784 |
+ |
785 |
+ // 2. insert stack overflow check before each __builtin_alloca call |
786 |
@@ -88259,6 +88564,13 @@ index 0000000..8b61031 |
787 |
+ } |
788 |
+ } |
789 |
+ |
790 |
++ // special case for some bad linux code: taking the address of static inline functions will materialize them |
791 |
++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI |
792 |
++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI. |
793 |
++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here. |
794 |
++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl)) |
795 |
++ return 0; |
796 |
++ |
797 |
+ // 4. insert track call at the beginning |
798 |
+ if (!prologue_instrumented) { |
799 |
+ gimple_stmt_iterator gsi; |
800 |
@@ -88318,6 +88630,27 @@ index 0000000..8b61031 |
801 |
+ return 0; |
802 |
+} |
803 |
+ |
804 |
++static void stackleak_start_unit(void *gcc_data, void *user_dat) |
805 |
++{ |
806 |
++ tree fntype; |
807 |
++ |
808 |
++ // declare void pax_check_alloca(unsigned long size) |
809 |
++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE); |
810 |
++ pax_check_alloca_decl = build_fn_decl(check_function, fntype); |
811 |
++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO |
812 |
++ TREE_PUBLIC(pax_check_alloca_decl) = 1; |
813 |
++ DECL_EXTERNAL(pax_check_alloca_decl) = 1; |
814 |
++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1; |
815 |
++ |
816 |
++ // declare void pax_track_stack(void) |
817 |
++ fntype = build_function_type_list(void_type_node, NULL_TREE); |
818 |
++ pax_track_stack_decl = build_fn_decl(track_function, fntype); |
819 |
++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO |
820 |
++ TREE_PUBLIC(pax_track_stack_decl) = 1; |
821 |
++ DECL_EXTERNAL(pax_track_stack_decl) = 1; |
822 |
++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1; |
823 |
++} |
824 |
++ |
825 |
+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) |
826 |
+{ |
827 |
+ const char * const plugin_name = plugin_info->base_name; |
828 |
@@ -88329,7 +88662,7 @@ index 0000000..8b61031 |
829 |
+// .reference_pass_name = "tree_profile", |
830 |
+ .reference_pass_name = "optimized", |
831 |
+ .ref_pass_instance_number = 0, |
832 |
-+ .pos_op = PASS_POS_INSERT_AFTER |
833 |
++ .pos_op = PASS_POS_INSERT_BEFORE |
834 |
+ }; |
835 |
+ struct register_pass_info stackleak_final_pass_info = { |
836 |
+ .pass = &stackleak_final_rtl_opt_pass.pass, |
837 |
@@ -88367,6 +88700,7 @@ index 0000000..8b61031 |
838 |
+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); |
839 |
+ } |
840 |
+ |
841 |
++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL); |
842 |
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info); |
843 |
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info); |
844 |
+ |
845 |
@@ -88399,10 +88733,112 @@ index 83b3dde..835bee7 100644 |
846 |
break; |
847 |
} |
848 |
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
849 |
-index 4f3434f..159bc3e 100644 |
850 |
+index 4f3434f..fc63040 100644 |
851 |
--- a/virt/kvm/kvm_main.c |
852 |
+++ b/virt/kvm/kvm_main.c |
853 |
-@@ -2494,7 +2494,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void) |
854 |
+@@ -43,6 +43,8 @@ |
855 |
+ #include <linux/swap.h> |
856 |
+ #include <linux/bitops.h> |
857 |
+ #include <linux/spinlock.h> |
858 |
++#include <linux/namei.h> |
859 |
++#include <linux/fs.h> |
860 |
+ |
861 |
+ #include <asm/processor.h> |
862 |
+ #include <asm/io.h> |
863 |
+@@ -575,12 +577,73 @@ out: |
864 |
+ return r; |
865 |
+ } |
866 |
+ |
867 |
++/* |
868 |
++ * We want to test whether the caller has been granted permissions to |
869 |
++ * use this device. To be able to configure and control the device, |
870 |
++ * the user needs access to PCI configuration space and BAR resources. |
871 |
++ * These are accessed through PCI sysfs. PCI config space is often |
872 |
++ * passed to the process calling this ioctl via file descriptor, so we |
873 |
++ * can't rely on access to that file. We can check for permissions |
874 |
++ * on each of the BAR resource files, which is a pretty clear |
875 |
++ * indicator that the user has been granted access to the device. |
876 |
++ */ |
877 |
++static int probe_sysfs_permissions(struct pci_dev *dev) |
878 |
++{ |
879 |
++#ifdef CONFIG_SYSFS |
880 |
++ int i; |
881 |
++ bool bar_found = false; |
882 |
++ |
883 |
++ for (i = PCI_STD_RESOURCES; i <= PCI_STD_RESOURCE_END; i++) { |
884 |
++ char *kpath, *syspath; |
885 |
++ struct path path; |
886 |
++ struct inode *inode; |
887 |
++ int r; |
888 |
++ |
889 |
++ if (!pci_resource_len(dev, i)) |
890 |
++ continue; |
891 |
++ |
892 |
++ kpath = kobject_get_path(&dev->dev.kobj, GFP_KERNEL); |
893 |
++ if (!kpath) |
894 |
++ return -ENOMEM; |
895 |
++ |
896 |
++ /* Per sysfs-rules, sysfs is always at /sys */ |
897 |
++ syspath = kasprintf(GFP_KERNEL, "/sys%s/resource%d", kpath, i); |
898 |
++ kfree(kpath); |
899 |
++ if (!syspath) |
900 |
++ return -ENOMEM; |
901 |
++ |
902 |
++ r = kern_path(syspath, LOOKUP_FOLLOW, &path); |
903 |
++ kfree(syspath); |
904 |
++ if (r) |
905 |
++ return r; |
906 |
++ |
907 |
++ inode = path.dentry->d_inode; |
908 |
++ |
909 |
++ r = inode_permission(inode, MAY_READ | MAY_WRITE | MAY_ACCESS); |
910 |
++ path_put(&path); |
911 |
++ if (r) |
912 |
++ return r; |
913 |
++ |
914 |
++ bar_found = true; |
915 |
++ } |
916 |
++ |
917 |
++ /* If no resources, probably something special */ |
918 |
++ if (!bar_found) |
919 |
++ return -EPERM; |
920 |
++ |
921 |
++ return 0; |
922 |
++#else |
923 |
++ return -EINVAL; /* No way to control the device without sysfs */ |
924 |
++#endif |
925 |
++} |
926 |
++ |
927 |
+ static int kvm_vm_ioctl_assign_device(struct kvm *kvm, |
928 |
+ struct kvm_assigned_pci_dev *assigned_dev) |
929 |
+ { |
930 |
+ int r = 0; |
931 |
+ struct kvm_assigned_dev_kernel *match; |
932 |
+ struct pci_dev *dev; |
933 |
++ u8 header_type; |
934 |
+ |
935 |
+ down_read(&kvm->slots_lock); |
936 |
+ mutex_lock(&kvm->lock); |
937 |
+@@ -607,6 +670,18 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm, |
938 |
+ r = -EINVAL; |
939 |
+ goto out_free; |
940 |
+ } |
941 |
++ |
942 |
++ /* Don't allow bridges to be assigned */ |
943 |
++ pci_read_config_byte(dev, PCI_HEADER_TYPE, &header_type); |
944 |
++ if ((header_type & PCI_HEADER_TYPE) != PCI_HEADER_TYPE_NORMAL) { |
945 |
++ r = -EPERM; |
946 |
++ goto out_put; |
947 |
++ } |
948 |
++ |
949 |
++ r = probe_sysfs_permissions(dev); |
950 |
++ if (r) |
951 |
++ goto out_put; |
952 |
++ |
953 |
+ if (pci_enable_device(dev)) { |
954 |
+ printk(KERN_INFO "%s: Could not enable PCI device\n", __func__); |
955 |
+ r = -EBUSY; |
956 |
+@@ -2494,7 +2569,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void) |
957 |
if (kvm_rebooting) |
958 |
/* spin while reset goes on */ |
959 |
while (true) |
960 |
@@ -88411,7 +88847,7 @@ index 4f3434f..159bc3e 100644 |
961 |
/* Fault while not rebooting. We want the trace. */ |
962 |
BUG(); |
963 |
} |
964 |
-@@ -2714,7 +2714,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
965 |
+@@ -2714,7 +2789,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, |
966 |
kvm_arch_vcpu_put(vcpu); |
967 |
} |
968 |
|
969 |
@@ -88420,7 +88856,7 @@ index 4f3434f..159bc3e 100644 |
970 |
struct module *module) |
971 |
{ |
972 |
int r; |
973 |
-@@ -2767,15 +2767,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size, |
974 |
+@@ -2767,15 +2842,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size, |
975 |
/* A kmem cache lets us meet the alignment requirements of fx_save. */ |
976 |
kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, |
977 |
__alignof__(struct kvm_vcpu), |
978 |
|
979 |
diff --git a/2.6.32/4440_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch |
980 |
index 5cec66c..339cc6e 100644 |
981 |
--- a/2.6.32/4440_grsec-remove-protected-paths.patch |
982 |
+++ b/2.6.32/4440_grsec-remove-protected-paths.patch |
983 |
@@ -6,7 +6,7 @@ the filesystem. |
984 |
diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile |
985 |
--- a/grsecurity/Makefile 2011-10-19 19:48:21.000000000 -0400 |
986 |
+++ b/grsecurity/Makefile 2011-10-19 19:50:44.000000000 -0400 |
987 |
-@@ -27,10 +27,4 @@ |
988 |
+@@ -29,10 +29,4 @@ |
989 |
ifdef CONFIG_GRKERNSEC_HIDESYM |
990 |
extra-y := grsec_hidesym.o |
991 |
$(obj)/grsec_hidesym.o: |
992 |
|
993 |
diff --git a/2.6.32/4445_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch |
994 |
index 0f87dc1..591a120 100644 |
995 |
--- a/2.6.32/4445_grsec-pax-without-grsec.patch |
996 |
+++ b/2.6.32/4445_grsec-pax-without-grsec.patch |
997 |
@@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
998 |
diff -Naur a/fs/exec.c b/fs/exec.c |
999 |
--- a/fs/exec.c 2011-04-17 18:15:55.000000000 -0400 |
1000 |
+++ b/fs/exec.c 2011-04-17 18:29:40.000000000 -0400 |
1001 |
-@@ -1812,9 +1812,11 @@ |
1002 |
+@@ -1832,9 +1832,11 @@ |
1003 |
} |
1004 |
up_read(&mm->mmap_sem); |
1005 |
} |
1006 |
@@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
1007 |
printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset); |
1008 |
printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, " |
1009 |
"PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk), |
1010 |
-@@ -1829,10 +1831,12 @@ |
1011 |
+@@ -1849,10 +1851,12 @@ |
1012 |
#ifdef CONFIG_PAX_REFCOUNT |
1013 |
void pax_report_refcount_overflow(struct pt_regs *regs) |
1014 |
{ |
1015 |
@@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
1016 |
printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", |
1017 |
current->comm, task_pid_nr(current), current_uid(), current_euid()); |
1018 |
print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs)); |
1019 |
-@@ -1892,10 +1896,12 @@ |
1020 |
+@@ -1912,10 +1916,12 @@ |
1021 |
|
1022 |
NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
1023 |
{ |
1024 |
|
1025 |
diff --git a/2.6.32/4450_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch |
1026 |
index 763d845..498adb6 100644 |
1027 |
--- a/2.6.32/4450_grsec-kconfig-default-gids.patch |
1028 |
+++ b/2.6.32/4450_grsec-kconfig-default-gids.patch |
1029 |
@@ -12,7 +12,7 @@ from shooting themselves in the foot. |
1030 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1031 |
--- a/grsecurity/Kconfig 2011-12-12 15:11:47.000000000 -0500 |
1032 |
+++ b/grsecurity/Kconfig 2011-12-12 15:13:17.000000000 -0500 |
1033 |
-@@ -433,7 +433,7 @@ |
1034 |
+@@ -439,7 +439,7 @@ |
1035 |
config GRKERNSEC_PROC_GID |
1036 |
int "GID for special group" |
1037 |
depends on GRKERNSEC_PROC_USERGROUP |
1038 |
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1039 |
|
1040 |
config GRKERNSEC_PROC_ADD |
1041 |
bool "Additional restrictions" |
1042 |
-@@ -661,7 +661,7 @@ |
1043 |
+@@ -667,7 +667,7 @@ |
1044 |
config GRKERNSEC_AUDIT_GID |
1045 |
int "GID for auditing" |
1046 |
depends on GRKERNSEC_AUDIT_GROUP |
1047 |
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1048 |
|
1049 |
config GRKERNSEC_EXECLOG |
1050 |
bool "Exec logging" |
1051 |
-@@ -865,7 +865,7 @@ |
1052 |
+@@ -871,7 +871,7 @@ |
1053 |
config GRKERNSEC_TPE_GID |
1054 |
int "GID for untrusted users" |
1055 |
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
1056 |
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1057 |
help |
1058 |
Setting this GID determines what group TPE restrictions will be |
1059 |
*enabled* for. If the sysctl option is enabled, a sysctl option |
1060 |
-@@ -874,7 +874,7 @@ |
1061 |
+@@ -880,7 +880,7 @@ |
1062 |
config GRKERNSEC_TPE_GID |
1063 |
int "GID for trusted users" |
1064 |
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
1065 |
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1066 |
help |
1067 |
Setting this GID determines what group TPE restrictions will be |
1068 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
1069 |
-@@ -947,7 +947,7 @@ |
1070 |
+@@ -953,7 +953,7 @@ |
1071 |
config GRKERNSEC_SOCKET_ALL_GID |
1072 |
int "GID to deny all sockets for" |
1073 |
depends on GRKERNSEC_SOCKET_ALL |
1074 |
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1075 |
help |
1076 |
Here you can choose the GID to disable socket access for. Remember to |
1077 |
add the users you want socket access disabled for to the GID |
1078 |
-@@ -968,7 +968,7 @@ |
1079 |
+@@ -974,7 +974,7 @@ |
1080 |
config GRKERNSEC_SOCKET_CLIENT_GID |
1081 |
int "GID to deny client sockets for" |
1082 |
depends on GRKERNSEC_SOCKET_CLIENT |
1083 |
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1084 |
help |
1085 |
Here you can choose the GID to disable client socket access for. |
1086 |
Remember to add the users you want client socket access disabled for to |
1087 |
-@@ -986,7 +986,7 @@ |
1088 |
+@@ -992,7 +992,7 @@ |
1089 |
config GRKERNSEC_SOCKET_SERVER_GID |
1090 |
int "GID to deny server sockets for" |
1091 |
depends on GRKERNSEC_SOCKET_SERVER |
1092 |
|
1093 |
diff --git a/2.6.32/4460-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch |
1094 |
index ca88ef7..1e181f3 100644 |
1095 |
--- a/2.6.32/4460-grsec-kconfig-proc-user.patch |
1096 |
+++ b/2.6.32/4460-grsec-kconfig-proc-user.patch |
1097 |
@@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre |
1098 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1099 |
--- a/grsecurity/Kconfig 2011-06-29 07:46:02.000000000 -0400 |
1100 |
+++ b/grsecurity/Kconfig 2011-06-29 07:47:20.000000000 -0400 |
1101 |
-@@ -667,7 +667,7 @@ |
1102 |
+@@ -673,7 +673,7 @@ |
1103 |
|
1104 |
config GRKERNSEC_PROC_USER |
1105 |
bool "Restrict /proc to user only" |
1106 |
@@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1107 |
help |
1108 |
If you say Y here, non-root users will only be able to view their own |
1109 |
processes, and restricts them from viewing network-related information, |
1110 |
-@@ -675,7 +675,7 @@ |
1111 |
+@@ -681,7 +681,7 @@ |
1112 |
|
1113 |
config GRKERNSEC_PROC_USERGROUP |
1114 |
bool "Allow special group" |
1115 |
|
1116 |
diff --git a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch |
1117 |
index 0873c15..fe2f190 100644 |
1118 |
--- a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch |
1119 |
+++ b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch |
1120 |
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
1121 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1122 |
--- a/grsecurity/Kconfig 2011-04-17 18:47:02.000000000 -0400 |
1123 |
+++ b/grsecurity/Kconfig 2011-04-17 18:51:15.000000000 -0400 |
1124 |
-@@ -1296,6 +1296,27 @@ |
1125 |
+@@ -1302,6 +1302,27 @@ |
1126 |
menu "Logging Options" |
1127 |
depends on GRKERNSEC |
1128 |
|
1129 |
|
1130 |
diff --git a/3.2.7/1006_linux-3.2.7.patch b/3.2.7/1006_linux-3.2.7.patch |
1131 |
deleted file mode 100644 |
1132 |
index 08a6ba3..0000000 |
1133 |
--- a/3.2.7/1006_linux-3.2.7.patch |
1134 |
+++ /dev/null |
1135 |
@@ -1,994 +0,0 @@ |
1136 |
-diff --git a/Makefile b/Makefile |
1137 |
-index 47fe496..d1bdc90 100644 |
1138 |
---- a/Makefile |
1139 |
-+++ b/Makefile |
1140 |
-@@ -1,6 +1,6 @@ |
1141 |
- VERSION = 3 |
1142 |
- PATCHLEVEL = 2 |
1143 |
--SUBLEVEL = 6 |
1144 |
-+SUBLEVEL = 7 |
1145 |
- EXTRAVERSION = |
1146 |
- NAME = Saber-toothed Squirrel |
1147 |
- |
1148 |
-diff --git a/arch/x86/pci/xen.c b/arch/x86/pci/xen.c |
1149 |
-index 492ade8..d99346e 100644 |
1150 |
---- a/arch/x86/pci/xen.c |
1151 |
-+++ b/arch/x86/pci/xen.c |
1152 |
-@@ -374,7 +374,7 @@ int __init pci_xen_init(void) |
1153 |
- |
1154 |
- int __init pci_xen_hvm_init(void) |
1155 |
- { |
1156 |
-- if (!xen_feature(XENFEAT_hvm_pirqs)) |
1157 |
-+ if (!xen_have_vector_callback || !xen_feature(XENFEAT_hvm_pirqs)) |
1158 |
- return 0; |
1159 |
- |
1160 |
- #ifdef CONFIG_ACPI |
1161 |
-diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
1162 |
-index 88f160b..107f6f7 100644 |
1163 |
---- a/crypto/sha512_generic.c |
1164 |
-+++ b/crypto/sha512_generic.c |
1165 |
-@@ -31,11 +31,6 @@ static inline u64 Maj(u64 x, u64 y, u64 z) |
1166 |
- return (x & y) | (z & (x | y)); |
1167 |
- } |
1168 |
- |
1169 |
--static inline u64 RORu64(u64 x, u64 y) |
1170 |
--{ |
1171 |
-- return (x >> y) | (x << (64 - y)); |
1172 |
--} |
1173 |
-- |
1174 |
- static const u64 sha512_K[80] = { |
1175 |
- 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, |
1176 |
- 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, |
1177 |
-@@ -66,10 +61,10 @@ static const u64 sha512_K[80] = { |
1178 |
- 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL, |
1179 |
- }; |
1180 |
- |
1181 |
--#define e0(x) (RORu64(x,28) ^ RORu64(x,34) ^ RORu64(x,39)) |
1182 |
--#define e1(x) (RORu64(x,14) ^ RORu64(x,18) ^ RORu64(x,41)) |
1183 |
--#define s0(x) (RORu64(x, 1) ^ RORu64(x, 8) ^ (x >> 7)) |
1184 |
--#define s1(x) (RORu64(x,19) ^ RORu64(x,61) ^ (x >> 6)) |
1185 |
-+#define e0(x) (ror64(x,28) ^ ror64(x,34) ^ ror64(x,39)) |
1186 |
-+#define e1(x) (ror64(x,14) ^ ror64(x,18) ^ ror64(x,41)) |
1187 |
-+#define s0(x) (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7)) |
1188 |
-+#define s1(x) (ror64(x,19) ^ ror64(x,61) ^ (x >> 6)) |
1189 |
- |
1190 |
- static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
1191 |
- { |
1192 |
-@@ -78,7 +73,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
1193 |
- |
1194 |
- static inline void BLEND_OP(int I, u64 *W) |
1195 |
- { |
1196 |
-- W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
1197 |
-+ W[I & 15] += s1(W[(I-2) & 15]) + W[(I-7) & 15] + s0(W[(I-15) & 15]); |
1198 |
- } |
1199 |
- |
1200 |
- static void |
1201 |
-@@ -89,46 +84,42 @@ sha512_transform(u64 *state, const u8 *input) |
1202 |
- int i; |
1203 |
- u64 W[16]; |
1204 |
- |
1205 |
-- /* load the input */ |
1206 |
-- for (i = 0; i < 16; i++) |
1207 |
-- LOAD_OP(i, W, input); |
1208 |
-- |
1209 |
- /* load the state into our registers */ |
1210 |
- a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
1211 |
- e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
1212 |
- |
1213 |
--#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
1214 |
-- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
1215 |
-- t2 = e0(a) + Maj(a, b, c); \ |
1216 |
-- d += t1; \ |
1217 |
-- h = t1 + t2 |
1218 |
-- |
1219 |
--#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
1220 |
-- BLEND_OP(i, W); \ |
1221 |
-- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
1222 |
-- t2 = e0(a) + Maj(a, b, c); \ |
1223 |
-- d += t1; \ |
1224 |
-- h = t1 + t2 |
1225 |
-- |
1226 |
-- for (i = 0; i < 16; i += 8) { |
1227 |
-- SHA512_0_15(i, a, b, c, d, e, f, g, h); |
1228 |
-- SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
1229 |
-- SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
1230 |
-- SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
1231 |
-- SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
1232 |
-- SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
1233 |
-- SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
1234 |
-- SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
1235 |
-- } |
1236 |
-- for (i = 16; i < 80; i += 8) { |
1237 |
-- SHA512_16_79(i, a, b, c, d, e, f, g, h); |
1238 |
-- SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
1239 |
-- SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
1240 |
-- SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
1241 |
-- SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
1242 |
-- SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
1243 |
-- SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
1244 |
-- SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
1245 |
-+ /* now iterate */ |
1246 |
-+ for (i=0; i<80; i+=8) { |
1247 |
-+ if (!(i & 8)) { |
1248 |
-+ int j; |
1249 |
-+ |
1250 |
-+ if (i < 16) { |
1251 |
-+ /* load the input */ |
1252 |
-+ for (j = 0; j < 16; j++) |
1253 |
-+ LOAD_OP(i + j, W, input); |
1254 |
-+ } else { |
1255 |
-+ for (j = 0; j < 16; j++) { |
1256 |
-+ BLEND_OP(i + j, W); |
1257 |
-+ } |
1258 |
-+ } |
1259 |
-+ } |
1260 |
-+ |
1261 |
-+ t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[(i & 15)]; |
1262 |
-+ t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
1263 |
-+ t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1]; |
1264 |
-+ t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
1265 |
-+ t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[(i & 15) + 2]; |
1266 |
-+ t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
1267 |
-+ t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[(i & 15) + 3]; |
1268 |
-+ t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
1269 |
-+ t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[(i & 15) + 4]; |
1270 |
-+ t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
1271 |
-+ t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[(i & 15) + 5]; |
1272 |
-+ t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
1273 |
-+ t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6]; |
1274 |
-+ t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
1275 |
-+ t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[(i & 15) + 7]; |
1276 |
-+ t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
1277 |
- } |
1278 |
- |
1279 |
- state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
1280 |
-diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c |
1281 |
-index db3b461..94f860c 100644 |
1282 |
---- a/drivers/gpu/drm/i915/intel_dp.c |
1283 |
-+++ b/drivers/gpu/drm/i915/intel_dp.c |
1284 |
-@@ -208,17 +208,8 @@ intel_dp_link_clock(uint8_t link_bw) |
1285 |
- */ |
1286 |
- |
1287 |
- static int |
1288 |
--intel_dp_link_required(struct intel_dp *intel_dp, int pixel_clock, int check_bpp) |
1289 |
-+intel_dp_link_required(int pixel_clock, int bpp) |
1290 |
- { |
1291 |
-- struct drm_crtc *crtc = intel_dp->base.base.crtc; |
1292 |
-- struct intel_crtc *intel_crtc = to_intel_crtc(crtc); |
1293 |
-- int bpp = 24; |
1294 |
-- |
1295 |
-- if (check_bpp) |
1296 |
-- bpp = check_bpp; |
1297 |
-- else if (intel_crtc) |
1298 |
-- bpp = intel_crtc->bpp; |
1299 |
-- |
1300 |
- return (pixel_clock * bpp + 9) / 10; |
1301 |
- } |
1302 |
- |
1303 |
-@@ -245,12 +236,11 @@ intel_dp_mode_valid(struct drm_connector *connector, |
1304 |
- return MODE_PANEL; |
1305 |
- } |
1306 |
- |
1307 |
-- mode_rate = intel_dp_link_required(intel_dp, mode->clock, 0); |
1308 |
-+ mode_rate = intel_dp_link_required(mode->clock, 24); |
1309 |
- max_rate = intel_dp_max_data_rate(max_link_clock, max_lanes); |
1310 |
- |
1311 |
- if (mode_rate > max_rate) { |
1312 |
-- mode_rate = intel_dp_link_required(intel_dp, |
1313 |
-- mode->clock, 18); |
1314 |
-+ mode_rate = intel_dp_link_required(mode->clock, 18); |
1315 |
- if (mode_rate > max_rate) |
1316 |
- return MODE_CLOCK_HIGH; |
1317 |
- else |
1318 |
-@@ -683,7 +673,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode, |
1319 |
- int lane_count, clock; |
1320 |
- int max_lane_count = intel_dp_max_lane_count(intel_dp); |
1321 |
- int max_clock = intel_dp_max_link_bw(intel_dp) == DP_LINK_BW_2_7 ? 1 : 0; |
1322 |
-- int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 0; |
1323 |
-+ int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 24; |
1324 |
- static int bws[2] = { DP_LINK_BW_1_62, DP_LINK_BW_2_7 }; |
1325 |
- |
1326 |
- if (is_edp(intel_dp) && intel_dp->panel_fixed_mode) { |
1327 |
-@@ -701,7 +691,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode, |
1328 |
- for (clock = 0; clock <= max_clock; clock++) { |
1329 |
- int link_avail = intel_dp_max_data_rate(intel_dp_link_clock(bws[clock]), lane_count); |
1330 |
- |
1331 |
-- if (intel_dp_link_required(intel_dp, mode->clock, bpp) |
1332 |
-+ if (intel_dp_link_required(mode->clock, bpp) |
1333 |
- <= link_avail) { |
1334 |
- intel_dp->link_bw = bws[clock]; |
1335 |
- intel_dp->lane_count = lane_count; |
1336 |
-diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c |
1337 |
-index e441911..b83f745 100644 |
1338 |
---- a/drivers/gpu/drm/i915/intel_lvds.c |
1339 |
-+++ b/drivers/gpu/drm/i915/intel_lvds.c |
1340 |
-@@ -694,6 +694,14 @@ static const struct dmi_system_id intel_no_lvds[] = { |
1341 |
- }, |
1342 |
- { |
1343 |
- .callback = intel_no_lvds_dmi_callback, |
1344 |
-+ .ident = "AOpen i45GMx-I", |
1345 |
-+ .matches = { |
1346 |
-+ DMI_MATCH(DMI_BOARD_VENDOR, "AOpen"), |
1347 |
-+ DMI_MATCH(DMI_BOARD_NAME, "i45GMx-I"), |
1348 |
-+ }, |
1349 |
-+ }, |
1350 |
-+ { |
1351 |
-+ .callback = intel_no_lvds_dmi_callback, |
1352 |
- .ident = "Aopen i945GTt-VFA", |
1353 |
- .matches = { |
1354 |
- DMI_MATCH(DMI_PRODUCT_VERSION, "AO00001JW"), |
1355 |
-diff --git a/drivers/hwmon/f75375s.c b/drivers/hwmon/f75375s.c |
1356 |
-index 95cbfb3..e4ab491 100644 |
1357 |
---- a/drivers/hwmon/f75375s.c |
1358 |
-+++ b/drivers/hwmon/f75375s.c |
1359 |
-@@ -159,7 +159,7 @@ static inline void f75375_write8(struct i2c_client *client, u8 reg, |
1360 |
- static inline void f75375_write16(struct i2c_client *client, u8 reg, |
1361 |
- u16 value) |
1362 |
- { |
1363 |
-- int err = i2c_smbus_write_byte_data(client, reg, (value << 8)); |
1364 |
-+ int err = i2c_smbus_write_byte_data(client, reg, (value >> 8)); |
1365 |
- if (err) |
1366 |
- return; |
1367 |
- i2c_smbus_write_byte_data(client, reg + 1, (value & 0xFF)); |
1368 |
-@@ -311,7 +311,7 @@ static int set_pwm_enable_direct(struct i2c_client *client, int nr, int val) |
1369 |
- fanmode |= (3 << FAN_CTRL_MODE(nr)); |
1370 |
- break; |
1371 |
- case 2: /* AUTOMATIC*/ |
1372 |
-- fanmode |= (2 << FAN_CTRL_MODE(nr)); |
1373 |
-+ fanmode |= (1 << FAN_CTRL_MODE(nr)); |
1374 |
- break; |
1375 |
- case 3: /* fan speed */ |
1376 |
- break; |
1377 |
-diff --git a/drivers/mmc/host/atmel-mci.c b/drivers/mmc/host/atmel-mci.c |
1378 |
-index a7ee502..72bc756 100644 |
1379 |
---- a/drivers/mmc/host/atmel-mci.c |
1380 |
-+++ b/drivers/mmc/host/atmel-mci.c |
1381 |
-@@ -965,11 +965,14 @@ static void atmci_start_request(struct atmel_mci *host, |
1382 |
- host->data_status = 0; |
1383 |
- |
1384 |
- if (host->need_reset) { |
1385 |
-+ iflags = atmci_readl(host, ATMCI_IMR); |
1386 |
-+ iflags &= (ATMCI_SDIOIRQA | ATMCI_SDIOIRQB); |
1387 |
- atmci_writel(host, ATMCI_CR, ATMCI_CR_SWRST); |
1388 |
- atmci_writel(host, ATMCI_CR, ATMCI_CR_MCIEN); |
1389 |
- atmci_writel(host, ATMCI_MR, host->mode_reg); |
1390 |
- if (host->caps.has_cfg_reg) |
1391 |
- atmci_writel(host, ATMCI_CFG, host->cfg_reg); |
1392 |
-+ atmci_writel(host, ATMCI_IER, iflags); |
1393 |
- host->need_reset = false; |
1394 |
- } |
1395 |
- atmci_writel(host, ATMCI_SDCR, slot->sdc_reg); |
1396 |
-diff --git a/drivers/mmc/host/dw_mmc.c b/drivers/mmc/host/dw_mmc.c |
1397 |
-index 3aaeb08..baf3d42 100644 |
1398 |
---- a/drivers/mmc/host/dw_mmc.c |
1399 |
-+++ b/drivers/mmc/host/dw_mmc.c |
1400 |
-@@ -22,7 +22,6 @@ |
1401 |
- #include <linux/ioport.h> |
1402 |
- #include <linux/module.h> |
1403 |
- #include <linux/platform_device.h> |
1404 |
--#include <linux/scatterlist.h> |
1405 |
- #include <linux/seq_file.h> |
1406 |
- #include <linux/slab.h> |
1407 |
- #include <linux/stat.h> |
1408 |
-@@ -502,8 +501,14 @@ static void dw_mci_submit_data(struct dw_mci *host, struct mmc_data *data) |
1409 |
- host->dir_status = DW_MCI_SEND_STATUS; |
1410 |
- |
1411 |
- if (dw_mci_submit_data_dma(host, data)) { |
1412 |
-+ int flags = SG_MITER_ATOMIC; |
1413 |
-+ if (host->data->flags & MMC_DATA_READ) |
1414 |
-+ flags |= SG_MITER_TO_SG; |
1415 |
-+ else |
1416 |
-+ flags |= SG_MITER_FROM_SG; |
1417 |
-+ |
1418 |
-+ sg_miter_start(&host->sg_miter, data->sg, data->sg_len, flags); |
1419 |
- host->sg = data->sg; |
1420 |
-- host->pio_offset = 0; |
1421 |
- host->part_buf_start = 0; |
1422 |
- host->part_buf_count = 0; |
1423 |
- |
1424 |
-@@ -953,6 +958,7 @@ static void dw_mci_tasklet_func(unsigned long priv) |
1425 |
- * generates a block interrupt, hence setting |
1426 |
- * the scatter-gather pointer to NULL. |
1427 |
- */ |
1428 |
-+ sg_miter_stop(&host->sg_miter); |
1429 |
- host->sg = NULL; |
1430 |
- ctrl = mci_readl(host, CTRL); |
1431 |
- ctrl |= SDMMC_CTRL_FIFO_RESET; |
1432 |
-@@ -1286,54 +1292,44 @@ static void dw_mci_pull_data(struct dw_mci *host, void *buf, int cnt) |
1433 |
- |
1434 |
- static void dw_mci_read_data_pio(struct dw_mci *host) |
1435 |
- { |
1436 |
-- struct scatterlist *sg = host->sg; |
1437 |
-- void *buf = sg_virt(sg); |
1438 |
-- unsigned int offset = host->pio_offset; |
1439 |
-+ struct sg_mapping_iter *sg_miter = &host->sg_miter; |
1440 |
-+ void *buf; |
1441 |
-+ unsigned int offset; |
1442 |
- struct mmc_data *data = host->data; |
1443 |
- int shift = host->data_shift; |
1444 |
- u32 status; |
1445 |
- unsigned int nbytes = 0, len; |
1446 |
-+ unsigned int remain, fcnt; |
1447 |
- |
1448 |
- do { |
1449 |
-- len = host->part_buf_count + |
1450 |
-- (SDMMC_GET_FCNT(mci_readl(host, STATUS)) << shift); |
1451 |
-- if (offset + len <= sg->length) { |
1452 |
-+ if (!sg_miter_next(sg_miter)) |
1453 |
-+ goto done; |
1454 |
-+ |
1455 |
-+ host->sg = sg_miter->__sg; |
1456 |
-+ buf = sg_miter->addr; |
1457 |
-+ remain = sg_miter->length; |
1458 |
-+ offset = 0; |
1459 |
-+ |
1460 |
-+ do { |
1461 |
-+ fcnt = (SDMMC_GET_FCNT(mci_readl(host, STATUS)) |
1462 |
-+ << shift) + host->part_buf_count; |
1463 |
-+ len = min(remain, fcnt); |
1464 |
-+ if (!len) |
1465 |
-+ break; |
1466 |
- dw_mci_pull_data(host, (void *)(buf + offset), len); |
1467 |
-- |
1468 |
- offset += len; |
1469 |
- nbytes += len; |
1470 |
-- |
1471 |
-- if (offset == sg->length) { |
1472 |
-- flush_dcache_page(sg_page(sg)); |
1473 |
-- host->sg = sg = sg_next(sg); |
1474 |
-- if (!sg) |
1475 |
-- goto done; |
1476 |
-- |
1477 |
-- offset = 0; |
1478 |
-- buf = sg_virt(sg); |
1479 |
-- } |
1480 |
-- } else { |
1481 |
-- unsigned int remaining = sg->length - offset; |
1482 |
-- dw_mci_pull_data(host, (void *)(buf + offset), |
1483 |
-- remaining); |
1484 |
-- nbytes += remaining; |
1485 |
-- |
1486 |
-- flush_dcache_page(sg_page(sg)); |
1487 |
-- host->sg = sg = sg_next(sg); |
1488 |
-- if (!sg) |
1489 |
-- goto done; |
1490 |
-- |
1491 |
-- offset = len - remaining; |
1492 |
-- buf = sg_virt(sg); |
1493 |
-- dw_mci_pull_data(host, buf, offset); |
1494 |
-- nbytes += offset; |
1495 |
-- } |
1496 |
-+ remain -= len; |
1497 |
-+ } while (remain); |
1498 |
-+ sg_miter->consumed = offset; |
1499 |
- |
1500 |
- status = mci_readl(host, MINTSTS); |
1501 |
- mci_writel(host, RINTSTS, SDMMC_INT_RXDR); |
1502 |
- if (status & DW_MCI_DATA_ERROR_FLAGS) { |
1503 |
- host->data_status = status; |
1504 |
- data->bytes_xfered += nbytes; |
1505 |
-+ sg_miter_stop(sg_miter); |
1506 |
-+ host->sg = NULL; |
1507 |
- smp_wmb(); |
1508 |
- |
1509 |
- set_bit(EVENT_DATA_ERROR, &host->pending_events); |
1510 |
-@@ -1342,65 +1338,66 @@ static void dw_mci_read_data_pio(struct dw_mci *host) |
1511 |
- return; |
1512 |
- } |
1513 |
- } while (status & SDMMC_INT_RXDR); /*if the RXDR is ready read again*/ |
1514 |
-- host->pio_offset = offset; |
1515 |
- data->bytes_xfered += nbytes; |
1516 |
-+ |
1517 |
-+ if (!remain) { |
1518 |
-+ if (!sg_miter_next(sg_miter)) |
1519 |
-+ goto done; |
1520 |
-+ sg_miter->consumed = 0; |
1521 |
-+ } |
1522 |
-+ sg_miter_stop(sg_miter); |
1523 |
- return; |
1524 |
- |
1525 |
- done: |
1526 |
- data->bytes_xfered += nbytes; |
1527 |
-+ sg_miter_stop(sg_miter); |
1528 |
-+ host->sg = NULL; |
1529 |
- smp_wmb(); |
1530 |
- set_bit(EVENT_XFER_COMPLETE, &host->pending_events); |
1531 |
- } |
1532 |
- |
1533 |
- static void dw_mci_write_data_pio(struct dw_mci *host) |
1534 |
- { |
1535 |
-- struct scatterlist *sg = host->sg; |
1536 |
-- void *buf = sg_virt(sg); |
1537 |
-- unsigned int offset = host->pio_offset; |
1538 |
-+ struct sg_mapping_iter *sg_miter = &host->sg_miter; |
1539 |
-+ void *buf; |
1540 |
-+ unsigned int offset; |
1541 |
- struct mmc_data *data = host->data; |
1542 |
- int shift = host->data_shift; |
1543 |
- u32 status; |
1544 |
- unsigned int nbytes = 0, len; |
1545 |
-+ unsigned int fifo_depth = host->fifo_depth; |
1546 |
-+ unsigned int remain, fcnt; |
1547 |
- |
1548 |
- do { |
1549 |
-- len = ((host->fifo_depth - |
1550 |
-- SDMMC_GET_FCNT(mci_readl(host, STATUS))) << shift) |
1551 |
-- - host->part_buf_count; |
1552 |
-- if (offset + len <= sg->length) { |
1553 |
-+ if (!sg_miter_next(sg_miter)) |
1554 |
-+ goto done; |
1555 |
-+ |
1556 |
-+ host->sg = sg_miter->__sg; |
1557 |
-+ buf = sg_miter->addr; |
1558 |
-+ remain = sg_miter->length; |
1559 |
-+ offset = 0; |
1560 |
-+ |
1561 |
-+ do { |
1562 |
-+ fcnt = ((fifo_depth - |
1563 |
-+ SDMMC_GET_FCNT(mci_readl(host, STATUS))) |
1564 |
-+ << shift) - host->part_buf_count; |
1565 |
-+ len = min(remain, fcnt); |
1566 |
-+ if (!len) |
1567 |
-+ break; |
1568 |
- host->push_data(host, (void *)(buf + offset), len); |
1569 |
-- |
1570 |
- offset += len; |
1571 |
- nbytes += len; |
1572 |
-- if (offset == sg->length) { |
1573 |
-- host->sg = sg = sg_next(sg); |
1574 |
-- if (!sg) |
1575 |
-- goto done; |
1576 |
-- |
1577 |
-- offset = 0; |
1578 |
-- buf = sg_virt(sg); |
1579 |
-- } |
1580 |
-- } else { |
1581 |
-- unsigned int remaining = sg->length - offset; |
1582 |
-- |
1583 |
-- host->push_data(host, (void *)(buf + offset), |
1584 |
-- remaining); |
1585 |
-- nbytes += remaining; |
1586 |
-- |
1587 |
-- host->sg = sg = sg_next(sg); |
1588 |
-- if (!sg) |
1589 |
-- goto done; |
1590 |
-- |
1591 |
-- offset = len - remaining; |
1592 |
-- buf = sg_virt(sg); |
1593 |
-- host->push_data(host, (void *)buf, offset); |
1594 |
-- nbytes += offset; |
1595 |
-- } |
1596 |
-+ remain -= len; |
1597 |
-+ } while (remain); |
1598 |
-+ sg_miter->consumed = offset; |
1599 |
- |
1600 |
- status = mci_readl(host, MINTSTS); |
1601 |
- mci_writel(host, RINTSTS, SDMMC_INT_TXDR); |
1602 |
- if (status & DW_MCI_DATA_ERROR_FLAGS) { |
1603 |
- host->data_status = status; |
1604 |
- data->bytes_xfered += nbytes; |
1605 |
-+ sg_miter_stop(sg_miter); |
1606 |
-+ host->sg = NULL; |
1607 |
- |
1608 |
- smp_wmb(); |
1609 |
- |
1610 |
-@@ -1410,12 +1407,20 @@ static void dw_mci_write_data_pio(struct dw_mci *host) |
1611 |
- return; |
1612 |
- } |
1613 |
- } while (status & SDMMC_INT_TXDR); /* if TXDR write again */ |
1614 |
-- host->pio_offset = offset; |
1615 |
- data->bytes_xfered += nbytes; |
1616 |
-+ |
1617 |
-+ if (!remain) { |
1618 |
-+ if (!sg_miter_next(sg_miter)) |
1619 |
-+ goto done; |
1620 |
-+ sg_miter->consumed = 0; |
1621 |
-+ } |
1622 |
-+ sg_miter_stop(sg_miter); |
1623 |
- return; |
1624 |
- |
1625 |
- done: |
1626 |
- data->bytes_xfered += nbytes; |
1627 |
-+ sg_miter_stop(sg_miter); |
1628 |
-+ host->sg = NULL; |
1629 |
- smp_wmb(); |
1630 |
- set_bit(EVENT_XFER_COMPLETE, &host->pending_events); |
1631 |
- } |
1632 |
-@@ -1618,6 +1623,7 @@ static void dw_mci_work_routine_card(struct work_struct *work) |
1633 |
- * block interrupt, hence setting the |
1634 |
- * scatter-gather pointer to NULL. |
1635 |
- */ |
1636 |
-+ sg_miter_stop(&host->sg_miter); |
1637 |
- host->sg = NULL; |
1638 |
- |
1639 |
- ctrl = mci_readl(host, CTRL); |
1640 |
-diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c |
1641 |
-index ced5444..222954d 100644 |
1642 |
---- a/drivers/net/ethernet/intel/igb/igb_main.c |
1643 |
-+++ b/drivers/net/ethernet/intel/igb/igb_main.c |
1644 |
-@@ -4965,7 +4965,8 @@ static int igb_find_enabled_vfs(struct igb_adapter *adapter) |
1645 |
- vf_devfn = pdev->devfn + 0x80; |
1646 |
- pvfdev = pci_get_device(hw->vendor_id, device_id, NULL); |
1647 |
- while (pvfdev) { |
1648 |
-- if (pvfdev->devfn == vf_devfn) |
1649 |
-+ if (pvfdev->devfn == vf_devfn && |
1650 |
-+ (pvfdev->bus->number >= pdev->bus->number)) |
1651 |
- vfs_found++; |
1652 |
- vf_devfn += vf_stride; |
1653 |
- pvfdev = pci_get_device(hw->vendor_id, |
1654 |
-diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c |
1655 |
-index 00fcd39..e571356 100644 |
1656 |
---- a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c |
1657 |
-+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c |
1658 |
-@@ -67,7 +67,8 @@ static int ixgbe_find_enabled_vfs(struct ixgbe_adapter *adapter) |
1659 |
- vf_devfn = pdev->devfn + 0x80; |
1660 |
- pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID, device_id, NULL); |
1661 |
- while (pvfdev) { |
1662 |
-- if (pvfdev->devfn == vf_devfn) |
1663 |
-+ if (pvfdev->devfn == vf_devfn && |
1664 |
-+ (pvfdev->bus->number >= pdev->bus->number)) |
1665 |
- vfs_found++; |
1666 |
- vf_devfn += 2; |
1667 |
- pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID, |
1668 |
-diff --git a/drivers/net/ethernet/toshiba/Kconfig b/drivers/net/ethernet/toshiba/Kconfig |
1669 |
-index 0517647..74acb5c 100644 |
1670 |
---- a/drivers/net/ethernet/toshiba/Kconfig |
1671 |
-+++ b/drivers/net/ethernet/toshiba/Kconfig |
1672 |
-@@ -5,7 +5,7 @@ |
1673 |
- config NET_VENDOR_TOSHIBA |
1674 |
- bool "Toshiba devices" |
1675 |
- default y |
1676 |
-- depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB) || PPC_PS3 |
1677 |
-+ depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB || MIPS) || PPC_PS3 |
1678 |
- ---help--- |
1679 |
- If you have a network (Ethernet) card belonging to this class, say Y |
1680 |
- and read the Ethernet-HOWTO, available from |
1681 |
-diff --git a/drivers/net/wireless/ath/ath9k/hw.c b/drivers/net/wireless/ath/ath9k/hw.c |
1682 |
-index 8873c6e..8b0c2ca 100644 |
1683 |
---- a/drivers/net/wireless/ath/ath9k/hw.c |
1684 |
-+++ b/drivers/net/wireless/ath/ath9k/hw.c |
1685 |
-@@ -1034,13 +1034,16 @@ void ath9k_hw_init_global_settings(struct ath_hw *ah) |
1686 |
- |
1687 |
- /* |
1688 |
- * Workaround for early ACK timeouts, add an offset to match the |
1689 |
-- * initval's 64us ack timeout value. |
1690 |
-+ * initval's 64us ack timeout value. Use 48us for the CTS timeout. |
1691 |
- * This was initially only meant to work around an issue with delayed |
1692 |
- * BA frames in some implementations, but it has been found to fix ACK |
1693 |
- * timeout issues in other cases as well. |
1694 |
- */ |
1695 |
-- if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ) |
1696 |
-+ if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ) { |
1697 |
- acktimeout += 64 - sifstime - ah->slottime; |
1698 |
-+ ctstimeout += 48 - sifstime - ah->slottime; |
1699 |
-+ } |
1700 |
-+ |
1701 |
- |
1702 |
- ath9k_hw_set_sifs_time(ah, sifstime); |
1703 |
- ath9k_hw_setslottime(ah, slottime); |
1704 |
-diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c |
1705 |
-index d4c909f..57622e0 100644 |
1706 |
---- a/drivers/net/wireless/ath/ath9k/init.c |
1707 |
-+++ b/drivers/net/wireless/ath/ath9k/init.c |
1708 |
-@@ -775,6 +775,11 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc, |
1709 |
- ARRAY_SIZE(ath9k_tpt_blink)); |
1710 |
- #endif |
1711 |
- |
1712 |
-+ INIT_WORK(&sc->hw_reset_work, ath_reset_work); |
1713 |
-+ INIT_WORK(&sc->hw_check_work, ath_hw_check); |
1714 |
-+ INIT_WORK(&sc->paprd_work, ath_paprd_calibrate); |
1715 |
-+ INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work); |
1716 |
-+ |
1717 |
- /* Register with mac80211 */ |
1718 |
- error = ieee80211_register_hw(hw); |
1719 |
- if (error) |
1720 |
-@@ -793,10 +798,6 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc, |
1721 |
- goto error_world; |
1722 |
- } |
1723 |
- |
1724 |
-- INIT_WORK(&sc->hw_reset_work, ath_reset_work); |
1725 |
-- INIT_WORK(&sc->hw_check_work, ath_hw_check); |
1726 |
-- INIT_WORK(&sc->paprd_work, ath_paprd_calibrate); |
1727 |
-- INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work); |
1728 |
- sc->last_rssi = ATH_RSSI_DUMMY_MARKER; |
1729 |
- |
1730 |
- ath_init_leds(sc); |
1731 |
-diff --git a/drivers/net/wireless/ath/ath9k/recv.c b/drivers/net/wireless/ath/ath9k/recv.c |
1732 |
-index 67b862c..2f3aeac 100644 |
1733 |
---- a/drivers/net/wireless/ath/ath9k/recv.c |
1734 |
-+++ b/drivers/net/wireless/ath/ath9k/recv.c |
1735 |
-@@ -824,6 +824,14 @@ static bool ath9k_rx_accept(struct ath_common *common, |
1736 |
- (ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC | |
1737 |
- ATH9K_RXERR_KEYMISS)); |
1738 |
- |
1739 |
-+ /* |
1740 |
-+ * Key miss events are only relevant for pairwise keys where the |
1741 |
-+ * descriptor does contain a valid key index. This has been observed |
1742 |
-+ * mostly with CCMP encryption. |
1743 |
-+ */ |
1744 |
-+ if (rx_stats->rs_keyix == ATH9K_RXKEYIX_INVALID) |
1745 |
-+ rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS; |
1746 |
-+ |
1747 |
- if (!rx_stats->rs_datalen) |
1748 |
- return false; |
1749 |
- /* |
1750 |
-diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c |
1751 |
-index 63e4be4..720edf5 100644 |
1752 |
---- a/fs/cifs/connect.c |
1753 |
-+++ b/fs/cifs/connect.c |
1754 |
-@@ -756,10 +756,11 @@ standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid) |
1755 |
- cifs_dump_mem("Bad SMB: ", buf, |
1756 |
- min_t(unsigned int, server->total_read, 48)); |
1757 |
- |
1758 |
-- if (mid) |
1759 |
-- handle_mid(mid, server, smb_buffer, length); |
1760 |
-+ if (!mid) |
1761 |
-+ return length; |
1762 |
- |
1763 |
-- return length; |
1764 |
-+ handle_mid(mid, server, smb_buffer, length); |
1765 |
-+ return 0; |
1766 |
- } |
1767 |
- |
1768 |
- static int |
1769 |
-diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c |
1770 |
-index d7eeb9d..e4c3334 100644 |
1771 |
---- a/fs/cifs/dir.c |
1772 |
-+++ b/fs/cifs/dir.c |
1773 |
-@@ -492,7 +492,7 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry, |
1774 |
- { |
1775 |
- int xid; |
1776 |
- int rc = 0; /* to get around spurious gcc warning, set to zero here */ |
1777 |
-- __u32 oplock = 0; |
1778 |
-+ __u32 oplock = enable_oplocks ? REQ_OPLOCK : 0; |
1779 |
- __u16 fileHandle = 0; |
1780 |
- bool posix_open = false; |
1781 |
- struct cifs_sb_info *cifs_sb; |
1782 |
-diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c |
1783 |
-index 517f211..54f5786 100644 |
1784 |
---- a/fs/fs-writeback.c |
1785 |
-+++ b/fs/fs-writeback.c |
1786 |
-@@ -48,14 +48,6 @@ struct wb_writeback_work { |
1787 |
- }; |
1788 |
- |
1789 |
- /* |
1790 |
-- * Include the creation of the trace points after defining the |
1791 |
-- * wb_writeback_work structure so that the definition remains local to this |
1792 |
-- * file. |
1793 |
-- */ |
1794 |
--#define CREATE_TRACE_POINTS |
1795 |
--#include <trace/events/writeback.h> |
1796 |
-- |
1797 |
--/* |
1798 |
- * We don't actually have pdflush, but this one is exported though /proc... |
1799 |
- */ |
1800 |
- int nr_pdflush_threads; |
1801 |
-@@ -87,6 +79,14 @@ static inline struct inode *wb_inode(struct list_head *head) |
1802 |
- return list_entry(head, struct inode, i_wb_list); |
1803 |
- } |
1804 |
- |
1805 |
-+/* |
1806 |
-+ * Include the creation of the trace points after defining the |
1807 |
-+ * wb_writeback_work structure and inline functions so that the definition |
1808 |
-+ * remains local to this file. |
1809 |
-+ */ |
1810 |
-+#define CREATE_TRACE_POINTS |
1811 |
-+#include <trace/events/writeback.h> |
1812 |
-+ |
1813 |
- /* Wakeup flusher thread or forker thread to fork it. Requires bdi->wb_lock. */ |
1814 |
- static void bdi_wakeup_flusher(struct backing_dev_info *bdi) |
1815 |
- { |
1816 |
-diff --git a/include/linux/bitops.h b/include/linux/bitops.h |
1817 |
-index a3ef66a..fc8a3ff 100644 |
1818 |
---- a/include/linux/bitops.h |
1819 |
-+++ b/include/linux/bitops.h |
1820 |
-@@ -50,6 +50,26 @@ static inline unsigned long hweight_long(unsigned long w) |
1821 |
- } |
1822 |
- |
1823 |
- /** |
1824 |
-+ * rol64 - rotate a 64-bit value left |
1825 |
-+ * @word: value to rotate |
1826 |
-+ * @shift: bits to roll |
1827 |
-+ */ |
1828 |
-+static inline __u64 rol64(__u64 word, unsigned int shift) |
1829 |
-+{ |
1830 |
-+ return (word << shift) | (word >> (64 - shift)); |
1831 |
-+} |
1832 |
-+ |
1833 |
-+/** |
1834 |
-+ * ror64 - rotate a 64-bit value right |
1835 |
-+ * @word: value to rotate |
1836 |
-+ * @shift: bits to roll |
1837 |
-+ */ |
1838 |
-+static inline __u64 ror64(__u64 word, unsigned int shift) |
1839 |
-+{ |
1840 |
-+ return (word >> shift) | (word << (64 - shift)); |
1841 |
-+} |
1842 |
-+ |
1843 |
-+/** |
1844 |
- * rol32 - rotate a 32-bit value left |
1845 |
- * @word: value to rotate |
1846 |
- * @shift: bits to roll |
1847 |
-diff --git a/include/linux/mmc/dw_mmc.h b/include/linux/mmc/dw_mmc.h |
1848 |
-index 6dc9b80..107fcb3 100644 |
1849 |
---- a/include/linux/mmc/dw_mmc.h |
1850 |
-+++ b/include/linux/mmc/dw_mmc.h |
1851 |
-@@ -14,6 +14,8 @@ |
1852 |
- #ifndef LINUX_MMC_DW_MMC_H |
1853 |
- #define LINUX_MMC_DW_MMC_H |
1854 |
- |
1855 |
-+#include <linux/scatterlist.h> |
1856 |
-+ |
1857 |
- #define MAX_MCI_SLOTS 2 |
1858 |
- |
1859 |
- enum dw_mci_state { |
1860 |
-@@ -40,7 +42,7 @@ struct mmc_data; |
1861 |
- * @lock: Spinlock protecting the queue and associated data. |
1862 |
- * @regs: Pointer to MMIO registers. |
1863 |
- * @sg: Scatterlist entry currently being processed by PIO code, if any. |
1864 |
-- * @pio_offset: Offset into the current scatterlist entry. |
1865 |
-+ * @sg_miter: PIO mapping scatterlist iterator. |
1866 |
- * @cur_slot: The slot which is currently using the controller. |
1867 |
- * @mrq: The request currently being processed on @cur_slot, |
1868 |
- * or NULL if the controller is idle. |
1869 |
-@@ -115,7 +117,7 @@ struct dw_mci { |
1870 |
- void __iomem *regs; |
1871 |
- |
1872 |
- struct scatterlist *sg; |
1873 |
-- unsigned int pio_offset; |
1874 |
-+ struct sg_mapping_iter sg_miter; |
1875 |
- |
1876 |
- struct dw_mci_slot *cur_slot; |
1877 |
- struct mmc_request *mrq; |
1878 |
-diff --git a/include/linux/proportions.h b/include/linux/proportions.h |
1879 |
-index ef35bb7..26a8a4e 100644 |
1880 |
---- a/include/linux/proportions.h |
1881 |
-+++ b/include/linux/proportions.h |
1882 |
-@@ -81,7 +81,11 @@ void prop_inc_percpu(struct prop_descriptor *pd, struct prop_local_percpu *pl) |
1883 |
- * Limit the time part in order to ensure there are some bits left for the |
1884 |
- * cycle counter and fraction multiply. |
1885 |
- */ |
1886 |
-+#if BITS_PER_LONG == 32 |
1887 |
- #define PROP_MAX_SHIFT (3*BITS_PER_LONG/4) |
1888 |
-+#else |
1889 |
-+#define PROP_MAX_SHIFT (BITS_PER_LONG/2) |
1890 |
-+#endif |
1891 |
- |
1892 |
- #define PROP_FRAC_SHIFT (BITS_PER_LONG - PROP_MAX_SHIFT - 1) |
1893 |
- #define PROP_FRAC_BASE (1UL << PROP_FRAC_SHIFT) |
1894 |
-diff --git a/include/trace/events/writeback.h b/include/trace/events/writeback.h |
1895 |
-index 99d1d0d..1f48f14 100644 |
1896 |
---- a/include/trace/events/writeback.h |
1897 |
-+++ b/include/trace/events/writeback.h |
1898 |
-@@ -47,7 +47,10 @@ DECLARE_EVENT_CLASS(writeback_work_class, |
1899 |
- __field(int, reason) |
1900 |
- ), |
1901 |
- TP_fast_assign( |
1902 |
-- strncpy(__entry->name, dev_name(bdi->dev), 32); |
1903 |
-+ struct device *dev = bdi->dev; |
1904 |
-+ if (!dev) |
1905 |
-+ dev = default_backing_dev_info.dev; |
1906 |
-+ strncpy(__entry->name, dev_name(dev), 32); |
1907 |
- __entry->nr_pages = work->nr_pages; |
1908 |
- __entry->sb_dev = work->sb ? work->sb->s_dev : 0; |
1909 |
- __entry->sync_mode = work->sync_mode; |
1910 |
-@@ -418,7 +421,7 @@ DECLARE_EVENT_CLASS(writeback_single_inode_template, |
1911 |
- |
1912 |
- TP_fast_assign( |
1913 |
- strncpy(__entry->name, |
1914 |
-- dev_name(inode->i_mapping->backing_dev_info->dev), 32); |
1915 |
-+ dev_name(inode_to_bdi(inode)->dev), 32); |
1916 |
- __entry->ino = inode->i_ino; |
1917 |
- __entry->state = inode->i_state; |
1918 |
- __entry->dirtied_when = inode->dirtied_when; |
1919 |
-diff --git a/kernel/relay.c b/kernel/relay.c |
1920 |
-index 226fade..b6f803a 100644 |
1921 |
---- a/kernel/relay.c |
1922 |
-+++ b/kernel/relay.c |
1923 |
-@@ -164,10 +164,14 @@ depopulate: |
1924 |
- */ |
1925 |
- static struct rchan_buf *relay_create_buf(struct rchan *chan) |
1926 |
- { |
1927 |
-- struct rchan_buf *buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL); |
1928 |
-- if (!buf) |
1929 |
-+ struct rchan_buf *buf; |
1930 |
-+ |
1931 |
-+ if (chan->n_subbufs > UINT_MAX / sizeof(size_t *)) |
1932 |
- return NULL; |
1933 |
- |
1934 |
-+ buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL); |
1935 |
-+ if (!buf) |
1936 |
-+ return NULL; |
1937 |
- buf->padding = kmalloc(chan->n_subbufs * sizeof(size_t *), GFP_KERNEL); |
1938 |
- if (!buf->padding) |
1939 |
- goto free_buf; |
1940 |
-@@ -574,6 +578,8 @@ struct rchan *relay_open(const char *base_filename, |
1941 |
- |
1942 |
- if (!(subbuf_size && n_subbufs)) |
1943 |
- return NULL; |
1944 |
-+ if (subbuf_size > UINT_MAX / n_subbufs) |
1945 |
-+ return NULL; |
1946 |
- |
1947 |
- chan = kzalloc(sizeof(struct rchan), GFP_KERNEL); |
1948 |
- if (!chan) |
1949 |
-diff --git a/mm/backing-dev.c b/mm/backing-dev.c |
1950 |
-index 71034f4..2b49dd2 100644 |
1951 |
---- a/mm/backing-dev.c |
1952 |
-+++ b/mm/backing-dev.c |
1953 |
-@@ -318,7 +318,7 @@ static void wakeup_timer_fn(unsigned long data) |
1954 |
- if (bdi->wb.task) { |
1955 |
- trace_writeback_wake_thread(bdi); |
1956 |
- wake_up_process(bdi->wb.task); |
1957 |
-- } else { |
1958 |
-+ } else if (bdi->dev) { |
1959 |
- /* |
1960 |
- * When bdi tasks are inactive for long time, they are killed. |
1961 |
- * In this case we have to wake-up the forker thread which |
1962 |
-@@ -584,6 +584,8 @@ EXPORT_SYMBOL(bdi_register_dev); |
1963 |
- */ |
1964 |
- static void bdi_wb_shutdown(struct backing_dev_info *bdi) |
1965 |
- { |
1966 |
-+ struct task_struct *task; |
1967 |
-+ |
1968 |
- if (!bdi_cap_writeback_dirty(bdi)) |
1969 |
- return; |
1970 |
- |
1971 |
-@@ -604,9 +606,14 @@ static void bdi_wb_shutdown(struct backing_dev_info *bdi) |
1972 |
- * unfreeze of the thread before calling kthread_stop(), otherwise |
1973 |
- * it would never exet if it is currently stuck in the refrigerator. |
1974 |
- */ |
1975 |
-- if (bdi->wb.task) { |
1976 |
-- thaw_process(bdi->wb.task); |
1977 |
-- kthread_stop(bdi->wb.task); |
1978 |
-+ spin_lock_bh(&bdi->wb_lock); |
1979 |
-+ task = bdi->wb.task; |
1980 |
-+ bdi->wb.task = NULL; |
1981 |
-+ spin_unlock_bh(&bdi->wb_lock); |
1982 |
-+ |
1983 |
-+ if (task) { |
1984 |
-+ thaw_process(task); |
1985 |
-+ kthread_stop(task); |
1986 |
- } |
1987 |
- } |
1988 |
- |
1989 |
-@@ -627,7 +634,9 @@ static void bdi_prune_sb(struct backing_dev_info *bdi) |
1990 |
- |
1991 |
- void bdi_unregister(struct backing_dev_info *bdi) |
1992 |
- { |
1993 |
-- if (bdi->dev) { |
1994 |
-+ struct device *dev = bdi->dev; |
1995 |
-+ |
1996 |
-+ if (dev) { |
1997 |
- bdi_set_min_ratio(bdi, 0); |
1998 |
- trace_writeback_bdi_unregister(bdi); |
1999 |
- bdi_prune_sb(bdi); |
2000 |
-@@ -636,8 +645,12 @@ void bdi_unregister(struct backing_dev_info *bdi) |
2001 |
- if (!bdi_cap_flush_forker(bdi)) |
2002 |
- bdi_wb_shutdown(bdi); |
2003 |
- bdi_debug_unregister(bdi); |
2004 |
-- device_unregister(bdi->dev); |
2005 |
-+ |
2006 |
-+ spin_lock_bh(&bdi->wb_lock); |
2007 |
- bdi->dev = NULL; |
2008 |
-+ spin_unlock_bh(&bdi->wb_lock); |
2009 |
-+ |
2010 |
-+ device_unregister(dev); |
2011 |
- } |
2012 |
- } |
2013 |
- EXPORT_SYMBOL(bdi_unregister); |
2014 |
-diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c |
2015 |
-index 5c51607..064d20f 100644 |
2016 |
---- a/net/mac80211/rx.c |
2017 |
-+++ b/net/mac80211/rx.c |
2018 |
-@@ -616,7 +616,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw, |
2019 |
- index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) % |
2020 |
- tid_agg_rx->buf_size; |
2021 |
- if (!tid_agg_rx->reorder_buf[index] && |
2022 |
-- tid_agg_rx->stored_mpdu_num > 1) { |
2023 |
-+ tid_agg_rx->stored_mpdu_num) { |
2024 |
- /* |
2025 |
- * No buffers ready to be released, but check whether any |
2026 |
- * frames in the reorder buffer have timed out. |
2027 |
-diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
2028 |
-index 34e5fcc..9c197d4 100644 |
2029 |
---- a/sound/pci/hda/patch_realtek.c |
2030 |
-+++ b/sound/pci/hda/patch_realtek.c |
2031 |
-@@ -4213,8 +4213,26 @@ enum { |
2032 |
- PINFIX_PB_M5210, |
2033 |
- PINFIX_ACER_ASPIRE_7736, |
2034 |
- PINFIX_ASUS_W90V, |
2035 |
-+ ALC889_FIXUP_DAC_ROUTE, |
2036 |
- }; |
2037 |
- |
2038 |
-+/* Fix the connection of some pins for ALC889: |
2039 |
-+ * At least, Acer Aspire 5935 shows the connections to DAC3/4 don't |
2040 |
-+ * work correctly (bko#42740) |
2041 |
-+ */ |
2042 |
-+static void alc889_fixup_dac_route(struct hda_codec *codec, |
2043 |
-+ const struct alc_fixup *fix, int action) |
2044 |
-+{ |
2045 |
-+ if (action == ALC_FIXUP_ACT_PRE_PROBE) { |
2046 |
-+ hda_nid_t conn1[2] = { 0x0c, 0x0d }; |
2047 |
-+ hda_nid_t conn2[2] = { 0x0e, 0x0f }; |
2048 |
-+ snd_hda_override_conn_list(codec, 0x14, 2, conn1); |
2049 |
-+ snd_hda_override_conn_list(codec, 0x15, 2, conn1); |
2050 |
-+ snd_hda_override_conn_list(codec, 0x18, 2, conn2); |
2051 |
-+ snd_hda_override_conn_list(codec, 0x1a, 2, conn2); |
2052 |
-+ } |
2053 |
-+} |
2054 |
-+ |
2055 |
- static const struct alc_fixup alc882_fixups[] = { |
2056 |
- [PINFIX_ABIT_AW9D_MAX] = { |
2057 |
- .type = ALC_FIXUP_PINS, |
2058 |
-@@ -4251,10 +4269,15 @@ static const struct alc_fixup alc882_fixups[] = { |
2059 |
- { } |
2060 |
- } |
2061 |
- }, |
2062 |
-+ [ALC889_FIXUP_DAC_ROUTE] = { |
2063 |
-+ .type = ALC_FIXUP_FUNC, |
2064 |
-+ .v.func = alc889_fixup_dac_route, |
2065 |
-+ }, |
2066 |
- }; |
2067 |
- |
2068 |
- static const struct snd_pci_quirk alc882_fixup_tbl[] = { |
2069 |
- SND_PCI_QUIRK(0x1025, 0x0155, "Packard-Bell M5120", PINFIX_PB_M5210), |
2070 |
-+ SND_PCI_QUIRK(0x1025, 0x0259, "Acer Aspire 5935", ALC889_FIXUP_DAC_ROUTE), |
2071 |
- SND_PCI_QUIRK(0x1043, 0x1873, "ASUS W90V", PINFIX_ASUS_W90V), |
2072 |
- SND_PCI_QUIRK(0x17aa, 0x3a0d, "Lenovo Y530", PINFIX_LENOVO_Y530), |
2073 |
- SND_PCI_QUIRK(0x147b, 0x107a, "Abit AW9D-MAX", PINFIX_ABIT_AW9D_MAX), |
2074 |
-diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c |
2075 |
-index a0a3f50..1fe1308 100644 |
2076 |
---- a/sound/pci/hda/patch_via.c |
2077 |
-+++ b/sound/pci/hda/patch_via.c |
2078 |
-@@ -665,6 +665,9 @@ static void via_auto_init_analog_input(struct hda_codec *codec) |
2079 |
- /* init input-src */ |
2080 |
- for (i = 0; i < spec->num_adc_nids; i++) { |
2081 |
- int adc_idx = spec->inputs[spec->cur_mux[i]].adc_idx; |
2082 |
-+ /* secondary ADCs must have the unique MUX */ |
2083 |
-+ if (i > 0 && !spec->mux_nids[i]) |
2084 |
-+ break; |
2085 |
- if (spec->mux_nids[adc_idx]) { |
2086 |
- int mux_idx = spec->inputs[spec->cur_mux[i]].mux_idx; |
2087 |
- snd_hda_codec_write(codec, spec->mux_nids[adc_idx], 0, |
2088 |
-diff --git a/sound/pci/intel8x0.c b/sound/pci/intel8x0.c |
2089 |
-index 11718b49..55f48fb 100644 |
2090 |
---- a/sound/pci/intel8x0.c |
2091 |
-+++ b/sound/pci/intel8x0.c |
2092 |
-@@ -2102,6 +2102,12 @@ static struct ac97_quirk ac97_quirks[] __devinitdata = { |
2093 |
- }, |
2094 |
- { |
2095 |
- .subvendor = 0x161f, |
2096 |
-+ .subdevice = 0x202f, |
2097 |
-+ .name = "Gateway M520", |
2098 |
-+ .type = AC97_TUNE_INV_EAPD |
2099 |
-+ }, |
2100 |
-+ { |
2101 |
-+ .subvendor = 0x161f, |
2102 |
- .subdevice = 0x203a, |
2103 |
- .name = "Gateway 4525GZ", /* AD1981B */ |
2104 |
- .type = AC97_TUNE_INV_EAPD |
2105 |
-diff --git a/tools/perf/bench/mem-memcpy-x86-64-asm.S b/tools/perf/bench/mem-memcpy-x86-64-asm.S |
2106 |
-index a57b66e..185a96d 100644 |
2107 |
---- a/tools/perf/bench/mem-memcpy-x86-64-asm.S |
2108 |
-+++ b/tools/perf/bench/mem-memcpy-x86-64-asm.S |
2109 |
-@@ -1,2 +1,8 @@ |
2110 |
- |
2111 |
- #include "../../../arch/x86/lib/memcpy_64.S" |
2112 |
-+/* |
2113 |
-+ * We need to provide note.GNU-stack section, saying that we want |
2114 |
-+ * NOT executable stack. Otherwise the final linking will assume that |
2115 |
-+ * the ELF stack should not be restricted at all and set it RWX. |
2116 |
-+ */ |
2117 |
-+.section .note.GNU-stack,"",@progbits |
2118 |
-diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c |
2119 |
-index d7915d4..efca198 100644 |
2120 |
---- a/tools/perf/util/evsel.c |
2121 |
-+++ b/tools/perf/util/evsel.c |
2122 |
-@@ -390,6 +390,7 @@ int perf_event__parse_sample(const union perf_event *event, u64 type, |
2123 |
- |
2124 |
- data->cpu = data->pid = data->tid = -1; |
2125 |
- data->stream_id = data->id = data->time = -1ULL; |
2126 |
-+ data->period = 1; |
2127 |
- |
2128 |
- if (event->header.type != PERF_RECORD_SAMPLE) { |
2129 |
- if (!sample_id_all) |
2130 |
|
2131 |
diff --git a/3.2.7/0000_README b/3.2.9/0000_README |
2132 |
similarity index 94% |
2133 |
rename from 3.2.7/0000_README |
2134 |
rename to 3.2.9/0000_README |
2135 |
index 7342063..4b71aa6 100644 |
2136 |
--- a/3.2.7/0000_README |
2137 |
+++ b/3.2.9/0000_README |
2138 |
@@ -2,11 +2,7 @@ README |
2139 |
----------------------------------------------------------------------------- |
2140 |
Individual Patch Descriptions: |
2141 |
----------------------------------------------------------------------------- |
2142 |
-Patch: 1006_linux-3.2.7.patch |
2143 |
-From: http://www.kernel.org |
2144 |
-Desc: Linux 3.2.7 |
2145 |
- |
2146 |
-Patch: 4420_grsecurity-2.9-3.2.7-201202251203.patch |
2147 |
+Patch: 4420_grsecurity-2.9-3.2.9-201203022148.patch |
2148 |
From: http://www.grsecurity.net |
2149 |
Desc: hardened-sources base patch from upstream grsecurity |
2150 |
|
2151 |
|
2152 |
diff --git a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch |
2153 |
similarity index 99% |
2154 |
rename from 3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch |
2155 |
rename to 3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch |
2156 |
index be7621a..fa03b34 100644 |
2157 |
--- a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch |
2158 |
+++ b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch |
2159 |
@@ -186,7 +186,7 @@ index 81c287f..d456d02 100644 |
2160 |
|
2161 |
pcd. [PARIDE] |
2162 |
diff --git a/Makefile b/Makefile |
2163 |
-index d1bdc90..e95fe1a 100644 |
2164 |
+index 5f1739b..1831396 100644 |
2165 |
--- a/Makefile |
2166 |
+++ b/Makefile |
2167 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
2168 |
@@ -212,32 +212,34 @@ index d1bdc90..e95fe1a 100644 |
2169 |
$(Q)$(MAKE) $(build)=scripts/basic |
2170 |
$(Q)rm -f .tmp_quiet_recordmcount |
2171 |
|
2172 |
-@@ -564,6 +565,46 @@ else |
2173 |
+@@ -564,6 +565,48 @@ else |
2174 |
KBUILD_CFLAGS += -O2 |
2175 |
endif |
2176 |
|
2177 |
+ifndef DISABLE_PAX_PLUGINS |
2178 |
+ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y) |
2179 |
+ifndef DISABLE_PAX_CONSTIFY_PLUGIN |
2180 |
-+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN |
2181 |
++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN |
2182 |
+endif |
2183 |
+ifdef CONFIG_PAX_MEMORY_STACKLEAK |
2184 |
-+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN |
2185 |
-+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 |
2186 |
++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN |
2187 |
++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100 |
2188 |
+endif |
2189 |
+ifdef CONFIG_KALLOCSTAT_PLUGIN |
2190 |
-+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so |
2191 |
++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so |
2192 |
+endif |
2193 |
+ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
2194 |
-+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so |
2195 |
-+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) |
2196 |
++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so |
2197 |
++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN |
2198 |
++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN |
2199 |
+endif |
2200 |
+ifdef CONFIG_CHECKER_PLUGIN |
2201 |
+ifeq ($(call cc-ifversion, -ge, 0406, y), y) |
2202 |
-+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN |
2203 |
++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN |
2204 |
+endif |
2205 |
+endif |
2206 |
-+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN) |
2207 |
++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) |
2208 |
++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) |
2209 |
+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN |
2210 |
+ifeq ($(KBUILD_EXTMOD),) |
2211 |
+gcc-plugins: |
2212 |
@@ -259,7 +261,7 @@ index d1bdc90..e95fe1a 100644 |
2213 |
include $(srctree)/arch/$(SRCARCH)/Makefile |
2214 |
|
2215 |
ifneq ($(CONFIG_FRAME_WARN),0) |
2216 |
-@@ -708,7 +749,7 @@ export mod_strip_cmd |
2217 |
+@@ -708,7 +751,7 @@ export mod_strip_cmd |
2218 |
|
2219 |
|
2220 |
ifeq ($(KBUILD_EXTMOD),) |
2221 |
@@ -268,15 +270,16 @@ index d1bdc90..e95fe1a 100644 |
2222 |
|
2223 |
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ |
2224 |
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \ |
2225 |
-@@ -932,6 +973,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
2226 |
+@@ -932,6 +975,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
2227 |
|
2228 |
# The actual objects are generated when descending, |
2229 |
# make sure no implicit rule kicks in |
2230 |
-+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS) |
2231 |
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2232 |
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2233 |
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
2234 |
|
2235 |
# Handle descending into subdirectories listed in $(vmlinux-dirs) |
2236 |
-@@ -941,7 +983,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
2237 |
+@@ -941,7 +986,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
2238 |
# Error messages still appears in the original language |
2239 |
|
2240 |
PHONY += $(vmlinux-dirs) |
2241 |
@@ -285,23 +288,24 @@ index d1bdc90..e95fe1a 100644 |
2242 |
$(Q)$(MAKE) $(build)=$@ |
2243 |
|
2244 |
# Store (new) KERNELRELASE string in include/config/kernel.release |
2245 |
-@@ -985,6 +1027,7 @@ prepare0: archprepare FORCE |
2246 |
+@@ -985,6 +1030,7 @@ prepare0: archprepare FORCE |
2247 |
$(Q)$(MAKE) $(build)=. |
2248 |
|
2249 |
# All the preparing.. |
2250 |
-+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS)) |
2251 |
++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS)) |
2252 |
prepare: prepare0 |
2253 |
|
2254 |
# Generate some files |
2255 |
-@@ -1086,6 +1129,7 @@ all: modules |
2256 |
+@@ -1086,6 +1132,8 @@ all: modules |
2257 |
# using awk while concatenating to the final file. |
2258 |
|
2259 |
PHONY += modules |
2260 |
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2261 |
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2262 |
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2263 |
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin |
2264 |
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order |
2265 |
@$(kecho) ' Building modules, stage 2.'; |
2266 |
-@@ -1101,7 +1145,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) |
2267 |
+@@ -1101,7 +1149,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) |
2268 |
|
2269 |
# Target to prepare building external modules |
2270 |
PHONY += modules_prepare |
2271 |
@@ -310,7 +314,7 @@ index d1bdc90..e95fe1a 100644 |
2272 |
|
2273 |
# Target to install modules |
2274 |
PHONY += modules_install |
2275 |
-@@ -1198,6 +1242,7 @@ distclean: mrproper |
2276 |
+@@ -1198,6 +1246,7 @@ distclean: mrproper |
2277 |
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \ |
2278 |
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ |
2279 |
-o -name '.*.rej' \ |
2280 |
@@ -318,26 +322,29 @@ index d1bdc90..e95fe1a 100644 |
2281 |
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ |
2282 |
-type f -print | xargs rm -f |
2283 |
|
2284 |
-@@ -1358,6 +1403,7 @@ PHONY += $(module-dirs) modules |
2285 |
+@@ -1358,6 +1407,8 @@ PHONY += $(module-dirs) modules |
2286 |
$(module-dirs): crmodverdir $(objtree)/Module.symvers |
2287 |
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) |
2288 |
|
2289 |
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2290 |
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2291 |
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2292 |
modules: $(module-dirs) |
2293 |
@$(kecho) ' Building modules, stage 2.'; |
2294 |
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost |
2295 |
-@@ -1484,17 +1530,19 @@ else |
2296 |
+@@ -1484,17 +1535,21 @@ else |
2297 |
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) |
2298 |
endif |
2299 |
|
2300 |
-%.s: %.c prepare scripts FORCE |
2301 |
-+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2302 |
++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2303 |
++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2304 |
+%.s: %.c gcc-plugins prepare scripts FORCE |
2305 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
2306 |
%.i: %.c prepare scripts FORCE |
2307 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
2308 |
-%.o: %.c prepare scripts FORCE |
2309 |
-+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2310 |
++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2311 |
++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2312 |
+%.o: %.c gcc-plugins prepare scripts FORCE |
2313 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
2314 |
%.lst: %.c prepare scripts FORCE |
2315 |
@@ -350,18 +357,20 @@ index d1bdc90..e95fe1a 100644 |
2316 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
2317 |
%.symtypes: %.c prepare scripts FORCE |
2318 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
2319 |
-@@ -1504,11 +1552,13 @@ endif |
2320 |
+@@ -1504,11 +1559,15 @@ endif |
2321 |
$(cmd_crmodverdir) |
2322 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
2323 |
$(build)=$(build-dir) |
2324 |
-%/: prepare scripts FORCE |
2325 |
-+%/: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2326 |
++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2327 |
++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2328 |
+%/: gcc-plugins prepare scripts FORCE |
2329 |
$(cmd_crmodverdir) |
2330 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
2331 |
$(build)=$(build-dir) |
2332 |
-%.ko: prepare scripts FORCE |
2333 |
-+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS) |
2334 |
++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS) |
2335 |
++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS) |
2336 |
+%.ko: gcc-plugins prepare scripts FORCE |
2337 |
$(cmd_crmodverdir) |
2338 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
2339 |
@@ -7304,7 +7313,7 @@ index f6f5c53..b358b28 100644 |
2340 |
set_fs(old_fs); |
2341 |
|
2342 |
diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h |
2343 |
-index 091508b..e245ff2 100644 |
2344 |
+index 091508b..7692c6f 100644 |
2345 |
--- a/arch/x86/include/asm/alternative-asm.h |
2346 |
+++ b/arch/x86/include/asm/alternative-asm.h |
2347 |
@@ -4,10 +4,10 @@ |
2348 |
@@ -7324,7 +7333,7 @@ index 091508b..e245ff2 100644 |
2349 |
.endm |
2350 |
#endif |
2351 |
|
2352 |
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
2353 |
++#ifdef KERNEXEC_PLUGIN |
2354 |
+ .macro pax_force_retaddr_bts rip=0 |
2355 |
+ btsq $63,\rip(%rsp) |
2356 |
+ .endm |
2357 |
@@ -8821,7 +8830,7 @@ index eb92a6e..b98b2f4 100644 |
2358 |
/* EISA */ |
2359 |
extern void eisa_set_level_irq(unsigned int irq); |
2360 |
diff --git a/arch/x86/include/asm/i387.h b/arch/x86/include/asm/i387.h |
2361 |
-index c9e09ea..73888df 100644 |
2362 |
+index a850b4d..bae26dc 100644 |
2363 |
--- a/arch/x86/include/asm/i387.h |
2364 |
+++ b/arch/x86/include/asm/i387.h |
2365 |
@@ -92,6 +92,11 @@ static inline int fxrstor_checking(struct i387_fxsave_struct *fx) |
2366 |
@@ -8848,31 +8857,15 @@ index c9e09ea..73888df 100644 |
2367 |
/* |
2368 |
* Clear the bytes not touched by the fxsave and reserved |
2369 |
* for the SW usage. |
2370 |
-@@ -213,13 +223,8 @@ static inline void fpu_fxsave(struct fpu *fpu) |
2371 |
- #endif /* CONFIG_X86_64 */ |
2372 |
- |
2373 |
- /* We need a safe address that is cheap to find and that is already |
2374 |
-- in L1 during context switch. The best choices are unfortunately |
2375 |
-- different for UP and SMP */ |
2376 |
--#ifdef CONFIG_SMP |
2377 |
--#define safe_address (__per_cpu_offset[0]) |
2378 |
--#else |
2379 |
--#define safe_address (kstat_cpu(0).cpustat.user) |
2380 |
--#endif |
2381 |
-+ in L1 during context switch. */ |
2382 |
-+#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0) |
2383 |
+@@ -424,7 +434,7 @@ static inline bool interrupted_kernel_fpu_idle(void) |
2384 |
+ static inline bool interrupted_user_mode(void) |
2385 |
+ { |
2386 |
+ struct pt_regs *regs = get_irq_regs(); |
2387 |
+- return regs && user_mode_vm(regs); |
2388 |
++ return regs && user_mode(regs); |
2389 |
+ } |
2390 |
|
2391 |
/* |
2392 |
- * These must be called with preempt disabled |
2393 |
-@@ -312,7 +317,7 @@ static inline void kernel_fpu_begin(void) |
2394 |
- struct thread_info *me = current_thread_info(); |
2395 |
- preempt_disable(); |
2396 |
- if (me->status & TS_USEDFPU) |
2397 |
-- __save_init_fpu(me->task); |
2398 |
-+ __save_init_fpu(current); |
2399 |
- else |
2400 |
- clts(); |
2401 |
- } |
2402 |
diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h |
2403 |
index d8e8eef..99f81ae 100644 |
2404 |
--- a/arch/x86/include/asm/io.h |
2405 |
@@ -9976,7 +9969,7 @@ index 013286a..8b42f4f 100644 |
2406 |
#define pgprot_writecombine pgprot_writecombine |
2407 |
extern pgprot_t pgprot_writecombine(pgprot_t prot); |
2408 |
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h |
2409 |
-index b650435..eefa566 100644 |
2410 |
+index bb3ee36..781a6b8 100644 |
2411 |
--- a/arch/x86/include/asm/processor.h |
2412 |
+++ b/arch/x86/include/asm/processor.h |
2413 |
@@ -268,7 +268,7 @@ struct tss_struct { |
2414 |
@@ -9988,7 +9981,7 @@ index b650435..eefa566 100644 |
2415 |
|
2416 |
/* |
2417 |
* Save the original ist values for checking stack pointers during debugging |
2418 |
-@@ -860,11 +860,18 @@ static inline void spin_lock_prefetch(const void *x) |
2419 |
+@@ -861,11 +861,18 @@ static inline void spin_lock_prefetch(const void *x) |
2420 |
*/ |
2421 |
#define TASK_SIZE PAGE_OFFSET |
2422 |
#define TASK_SIZE_MAX TASK_SIZE |
2423 |
@@ -10009,7 +10002,7 @@ index b650435..eefa566 100644 |
2424 |
.vm86_info = NULL, \ |
2425 |
.sysenter_cs = __KERNEL_CS, \ |
2426 |
.io_bitmap_ptr = NULL, \ |
2427 |
-@@ -878,7 +885,7 @@ static inline void spin_lock_prefetch(const void *x) |
2428 |
+@@ -879,7 +886,7 @@ static inline void spin_lock_prefetch(const void *x) |
2429 |
*/ |
2430 |
#define INIT_TSS { \ |
2431 |
.x86_tss = { \ |
2432 |
@@ -10018,7 +10011,7 @@ index b650435..eefa566 100644 |
2433 |
.ss0 = __KERNEL_DS, \ |
2434 |
.ss1 = __KERNEL_CS, \ |
2435 |
.io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \ |
2436 |
-@@ -889,11 +896,7 @@ static inline void spin_lock_prefetch(const void *x) |
2437 |
+@@ -890,11 +897,7 @@ static inline void spin_lock_prefetch(const void *x) |
2438 |
extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2439 |
|
2440 |
#define THREAD_SIZE_LONGS (THREAD_SIZE/sizeof(unsigned long)) |
2441 |
@@ -10031,7 +10024,7 @@ index b650435..eefa566 100644 |
2442 |
|
2443 |
/* |
2444 |
* The below -8 is to reserve 8 bytes on top of the ring0 stack. |
2445 |
-@@ -908,7 +911,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2446 |
+@@ -909,7 +912,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2447 |
#define task_pt_regs(task) \ |
2448 |
({ \ |
2449 |
struct pt_regs *__regs__; \ |
2450 |
@@ -10040,7 +10033,7 @@ index b650435..eefa566 100644 |
2451 |
__regs__ - 1; \ |
2452 |
}) |
2453 |
|
2454 |
-@@ -918,13 +921,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2455 |
+@@ -919,13 +922,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2456 |
/* |
2457 |
* User space process size. 47bits minus one guard page. |
2458 |
*/ |
2459 |
@@ -10056,7 +10049,7 @@ index b650435..eefa566 100644 |
2460 |
|
2461 |
#define TASK_SIZE (test_thread_flag(TIF_IA32) ? \ |
2462 |
IA32_PAGE_OFFSET : TASK_SIZE_MAX) |
2463 |
-@@ -935,11 +938,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2464 |
+@@ -936,11 +939,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
2465 |
#define STACK_TOP_MAX TASK_SIZE_MAX |
2466 |
|
2467 |
#define INIT_THREAD { \ |
2468 |
@@ -10070,7 +10063,7 @@ index b650435..eefa566 100644 |
2469 |
} |
2470 |
|
2471 |
/* |
2472 |
-@@ -961,6 +964,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, |
2473 |
+@@ -962,6 +965,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip, |
2474 |
*/ |
2475 |
#define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 3)) |
2476 |
|
2477 |
@@ -10601,7 +10594,7 @@ index 2d2f01c..f985723 100644 |
2478 |
/* |
2479 |
* Force strict CPU ordering. |
2480 |
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h |
2481 |
-index a1fe5c1..ee326d8 100644 |
2482 |
+index d7ef849..6af292e 100644 |
2483 |
--- a/arch/x86/include/asm/thread_info.h |
2484 |
+++ b/arch/x86/include/asm/thread_info.h |
2485 |
@@ -10,6 +10,7 @@ |
2486 |
@@ -10745,7 +10738,7 @@ index a1fe5c1..ee326d8 100644 |
2487 |
#endif |
2488 |
|
2489 |
#endif /* !X86_32 */ |
2490 |
-@@ -266,5 +242,16 @@ extern void arch_task_cache_init(void); |
2491 |
+@@ -264,5 +240,16 @@ extern void arch_task_cache_init(void); |
2492 |
extern void free_thread_info(struct thread_info *ti); |
2493 |
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src); |
2494 |
#define arch_task_cache_init arch_task_cache_init |
2495 |
@@ -15876,7 +15869,7 @@ index faba577..93b9e71 100644 |
2496 |
return single_step_cont(regs, args); |
2497 |
break; |
2498 |
diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c |
2499 |
-index 7da647d..5d3c4c1 100644 |
2500 |
+index 7da647d..56fe348 100644 |
2501 |
--- a/arch/x86/kernel/kprobes.c |
2502 |
+++ b/arch/x86/kernel/kprobes.c |
2503 |
@@ -118,8 +118,11 @@ static void __kprobes __synthesize_relative_insn(void *from, void *to, u8 op) |
2504 |
@@ -15966,7 +15959,7 @@ index 7da647d..5d3c4c1 100644 |
2505 |
" movq %rax, 152(%rsp)\n" |
2506 |
RESTORE_REGS_STRING |
2507 |
" popfq\n" |
2508 |
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN |
2509 |
++#ifdef KERNEXEC_PLUGIN |
2510 |
+ " btsq $63,(%rsp)\n" |
2511 |
+#endif |
2512 |
#else |
2513 |
@@ -16615,7 +16608,7 @@ index ee5d4fb..426649b 100644 |
2514 |
+} |
2515 |
+#endif |
2516 |
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c |
2517 |
-index 795b79f..063767a 100644 |
2518 |
+index 8598296..bfadef0 100644 |
2519 |
--- a/arch/x86/kernel/process_32.c |
2520 |
+++ b/arch/x86/kernel/process_32.c |
2521 |
@@ -67,6 +67,7 @@ asmlinkage void ret_from_fork(void) __asm__("ret_from_fork"); |
2522 |
@@ -16666,10 +16659,10 @@ index 795b79f..063767a 100644 |
2523 |
int cpu = smp_processor_id(); |
2524 |
- struct tss_struct *tss = &per_cpu(init_tss, cpu); |
2525 |
+ struct tss_struct *tss = init_tss + cpu; |
2526 |
- bool preload_fpu; |
2527 |
+ fpu_switch_t fpu; |
2528 |
|
2529 |
/* never put a printk in __switch_to... printk() calls wake_up*() indirectly */ |
2530 |
-@@ -331,6 +332,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2531 |
+@@ -320,6 +321,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2532 |
*/ |
2533 |
lazy_save_gs(prev->gs); |
2534 |
|
2535 |
@@ -16680,32 +16673,32 @@ index 795b79f..063767a 100644 |
2536 |
/* |
2537 |
* Load the per-thread Thread-Local Storage descriptor. |
2538 |
*/ |
2539 |
-@@ -366,6 +371,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2540 |
+@@ -350,6 +355,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2541 |
*/ |
2542 |
arch_end_context_switch(next_p); |
2543 |
|
2544 |
+ percpu_write(current_task, next_p); |
2545 |
+ percpu_write(current_tinfo, &next_p->tinfo); |
2546 |
+ |
2547 |
- if (preload_fpu) |
2548 |
- __math_state_restore(); |
2549 |
+ /* |
2550 |
+ * Restore %gs if needed (which is common) |
2551 |
+ */ |
2552 |
+@@ -358,8 +366,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2553 |
|
2554 |
-@@ -375,8 +383,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2555 |
- if (prev->gs | next->gs) |
2556 |
- lazy_load_gs(next->gs); |
2557 |
+ switch_fpu_finish(next_p, fpu); |
2558 |
|
2559 |
- percpu_write(current_task, next_p); |
2560 |
- |
2561 |
return prev_p; |
2562 |
} |
2563 |
|
2564 |
-@@ -406,4 +412,3 @@ unsigned long get_wchan(struct task_struct *p) |
2565 |
+@@ -389,4 +395,3 @@ unsigned long get_wchan(struct task_struct *p) |
2566 |
} while (count++ < 16); |
2567 |
return 0; |
2568 |
} |
2569 |
- |
2570 |
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c |
2571 |
-index 3bd7e6e..90b2bcf 100644 |
2572 |
+index 6a364a6..b147d11 100644 |
2573 |
--- a/arch/x86/kernel/process_64.c |
2574 |
+++ b/arch/x86/kernel/process_64.c |
2575 |
@@ -89,7 +89,7 @@ static void __exit_idle(void) |
2576 |
@@ -16742,9 +16735,9 @@ index 3bd7e6e..90b2bcf 100644 |
2577 |
- struct tss_struct *tss = &per_cpu(init_tss, cpu); |
2578 |
+ struct tss_struct *tss = init_tss + cpu; |
2579 |
unsigned fsindex, gsindex; |
2580 |
- bool preload_fpu; |
2581 |
+ fpu_switch_t fpu; |
2582 |
|
2583 |
-@@ -475,10 +475,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2584 |
+@@ -461,10 +461,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) |
2585 |
prev->usersp = percpu_read(old_rsp); |
2586 |
percpu_write(old_rsp, next->usersp); |
2587 |
percpu_write(current_task, next_p); |
2588 |
@@ -16757,7 +16750,7 @@ index 3bd7e6e..90b2bcf 100644 |
2589 |
|
2590 |
/* |
2591 |
* Now maybe reload the debug registers and handle I/O bitmaps |
2592 |
-@@ -540,12 +539,11 @@ unsigned long get_wchan(struct task_struct *p) |
2593 |
+@@ -519,12 +518,11 @@ unsigned long get_wchan(struct task_struct *p) |
2594 |
if (!p || p == current || p->state == TASK_RUNNING) |
2595 |
return 0; |
2596 |
stack = (unsigned long)task_stack_page(p); |
2597 |
@@ -17813,7 +17806,7 @@ index 09ff517..df19fbff 100644 |
2598 |
.short 0 |
2599 |
.quad 0x00cf9b000000ffff # __KERNEL32_CS |
2600 |
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c |
2601 |
-index a8e3eb8..c9dbd7d 100644 |
2602 |
+index 31d9d0f..e244dd9 100644 |
2603 |
--- a/arch/x86/kernel/traps.c |
2604 |
+++ b/arch/x86/kernel/traps.c |
2605 |
@@ -70,12 +70,6 @@ asmlinkage int system_call(void); |
2606 |
@@ -17958,25 +17951,17 @@ index a8e3eb8..c9dbd7d 100644 |
2607 |
{ |
2608 |
if (!fixup_exception(regs)) { |
2609 |
task->thread.error_code = error_code; |
2610 |
-@@ -568,7 +597,7 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void) |
2611 |
- void __math_state_restore(void) |
2612 |
+@@ -569,8 +598,8 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void) |
2613 |
+ void __math_state_restore(struct task_struct *tsk) |
2614 |
{ |
2615 |
- struct thread_info *thread = current_thread_info(); |
2616 |
-- struct task_struct *tsk = thread->task; |
2617 |
-+ struct task_struct *tsk = current; |
2618 |
- |
2619 |
- /* |
2620 |
- * Paranoid restore. send a SIGSEGV if we fail to restore the state. |
2621 |
-@@ -595,8 +624,7 @@ void __math_state_restore(void) |
2622 |
- */ |
2623 |
- asmlinkage void math_state_restore(void) |
2624 |
- { |
2625 |
-- struct thread_info *thread = current_thread_info(); |
2626 |
-- struct task_struct *tsk = thread->task; |
2627 |
-+ struct task_struct *tsk = current; |
2628 |
+ /* We need a safe address that is cheap to find and that is already |
2629 |
+- in L1. We've just brought in "tsk->thread.has_fpu", so use that */ |
2630 |
+-#define safe_address (tsk->thread.has_fpu) |
2631 |
++ in L1. */ |
2632 |
++#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0) |
2633 |
|
2634 |
- if (!tsk_used_math(tsk)) { |
2635 |
- local_irq_enable(); |
2636 |
+ /* AMD K7/K8 CPUs don't save/restore FDP/FIP/FOP unless an exception |
2637 |
+ is pending. Clear the x87 state here by setting it to fixed |
2638 |
diff --git a/arch/x86/kernel/verify_cpu.S b/arch/x86/kernel/verify_cpu.S |
2639 |
index b9242ba..50c5edd 100644 |
2640 |
--- a/arch/x86/kernel/verify_cpu.S |
2641 |
@@ -18387,7 +18372,7 @@ index 9796c2f..f686fbf 100644 |
2642 |
EXPORT_SYMBOL(copy_page); |
2643 |
EXPORT_SYMBOL(clear_page); |
2644 |
diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c |
2645 |
-index a391134..d0b63b6e 100644 |
2646 |
+index 7110911..e8cdee5 100644 |
2647 |
--- a/arch/x86/kernel/xsave.c |
2648 |
+++ b/arch/x86/kernel/xsave.c |
2649 |
@@ -130,7 +130,7 @@ int check_for_xstate(struct i387_fxsave_struct __user *buf, |
2650 |
@@ -18399,7 +18384,7 @@ index a391134..d0b63b6e 100644 |
2651 |
fx_sw_user->extended_size - |
2652 |
FP_XSTATE_MAGIC2_SIZE)); |
2653 |
if (err) |
2654 |
-@@ -267,7 +267,7 @@ fx_only: |
2655 |
+@@ -266,7 +266,7 @@ fx_only: |
2656 |
* the other extended state. |
2657 |
*/ |
2658 |
xrstor_state(init_xstate_buf, pcntxt_mask & ~XSTATE_FPSSE); |
2659 |
@@ -18408,7 +18393,7 @@ index a391134..d0b63b6e 100644 |
2660 |
} |
2661 |
|
2662 |
/* |
2663 |
-@@ -299,7 +299,7 @@ int restore_i387_xstate(void __user *buf) |
2664 |
+@@ -295,7 +295,7 @@ int restore_i387_xstate(void __user *buf) |
2665 |
if (use_xsave()) |
2666 |
err = restore_user_xstate(buf); |
2667 |
else |
2668 |
@@ -18531,7 +18516,7 @@ index e32243e..a6e6172 100644 |
2669 |
|
2670 |
local_irq_disable(); |
2671 |
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
2672 |
-index 579a0b5..ed7bbf9 100644 |
2673 |
+index 4ea7678..b3a7084 100644 |
2674 |
--- a/arch/x86/kvm/vmx.c |
2675 |
+++ b/arch/x86/kvm/vmx.c |
2676 |
@@ -1305,7 +1305,11 @@ static void reload_tss(void) |
2677 |
@@ -33858,7 +33843,7 @@ index 1cfbf22..be96487 100644 |
2678 |
#define ASPM_STATE_ALL (ASPM_STATE_L0S | ASPM_STATE_L1) |
2679 |
|
2680 |
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c |
2681 |
-index 04e74f4..a960176 100644 |
2682 |
+index dfee1b3..a454fb6 100644 |
2683 |
--- a/drivers/pci/probe.c |
2684 |
+++ b/drivers/pci/probe.c |
2685 |
@@ -136,7 +136,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, |
2686 |
@@ -35611,7 +35596,7 @@ index 6845228..df77141 100644 |
2687 |
|
2688 |
core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count); |
2689 |
diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c |
2690 |
-index 861628e..659ae80 100644 |
2691 |
+index e4ddb93..2fc6e0f 100644 |
2692 |
--- a/drivers/target/target_core_transport.c |
2693 |
+++ b/drivers/target/target_core_transport.c |
2694 |
@@ -1343,7 +1343,7 @@ struct se_device *transport_add_device_to_core_hba( |
2695 |
@@ -35653,7 +35638,7 @@ index 861628e..659ae80 100644 |
2696 |
cmd->t_task_list_num) |
2697 |
atomic_set(&cmd->t_transport_sent, 1); |
2698 |
|
2699 |
-@@ -4273,7 +4273,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd) |
2700 |
+@@ -4296,7 +4296,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd) |
2701 |
atomic_set(&cmd->transport_lun_stop, 0); |
2702 |
} |
2703 |
if (!atomic_read(&cmd->t_transport_active) || |
2704 |
@@ -35662,7 +35647,7 @@ index 861628e..659ae80 100644 |
2705 |
spin_unlock_irqrestore(&cmd->t_state_lock, flags); |
2706 |
return false; |
2707 |
} |
2708 |
-@@ -4522,7 +4522,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status) |
2709 |
+@@ -4545,7 +4545,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status) |
2710 |
{ |
2711 |
int ret = 0; |
2712 |
|
2713 |
@@ -35671,7 +35656,7 @@ index 861628e..659ae80 100644 |
2714 |
if (!send_status || |
2715 |
(cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS)) |
2716 |
return 1; |
2717 |
-@@ -4559,7 +4559,7 @@ void transport_send_task_abort(struct se_cmd *cmd) |
2718 |
+@@ -4582,7 +4582,7 @@ void transport_send_task_abort(struct se_cmd *cmd) |
2719 |
*/ |
2720 |
if (cmd->data_direction == DMA_TO_DEVICE) { |
2721 |
if (cmd->se_tfo->write_pending_status(cmd) != 0) { |
2722 |
@@ -39865,7 +39850,7 @@ index a6395bd..a5b24c4 100644 |
2723 |
fd_offset + ex.a_text); |
2724 |
up_write(¤t->mm->mmap_sem); |
2725 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
2726 |
-index 21ac5ee..31d14e9 100644 |
2727 |
+index 21ac5ee..ca0d90f 100644 |
2728 |
--- a/fs/binfmt_elf.c |
2729 |
+++ b/fs/binfmt_elf.c |
2730 |
@@ -32,6 +32,7 @@ |
2731 |
@@ -40000,6 +39985,7 @@ index 21ac5ee..31d14e9 100644 |
2732 |
return error; |
2733 |
} |
2734 |
|
2735 |
++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
2736 |
+static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata) |
2737 |
+{ |
2738 |
+ unsigned long pax_flags = 0UL; |
2739 |
@@ -40145,7 +40131,7 @@ index 21ac5ee..31d14e9 100644 |
2740 |
+#endif |
2741 |
+ |
2742 |
+#ifdef CONFIG_PAX_SEGMEXEC |
2743 |
-+ if (!(__supported_pte_mask & _PAGE_NX)) { |
2744 |
++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) { |
2745 |
+ pax_flags &= ~MF_PAX_PAGEEXEC; |
2746 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
2747 |
+ } |
2748 |
@@ -40319,7 +40305,6 @@ index 21ac5ee..31d14e9 100644 |
2749 |
+ |
2750 |
+} |
2751 |
+ |
2752 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
2753 |
+static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file) |
2754 |
+{ |
2755 |
+ unsigned long pax_flags, pt_pax_flags, xattr_pax_flags; |
2756 |
@@ -41623,7 +41608,7 @@ index f3a257d..715ac0f 100644 |
2757 |
} |
2758 |
EXPORT_SYMBOL_GPL(debugfs_create_dir); |
2759 |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
2760 |
-index d2039ca..a766407 100644 |
2761 |
+index af11098..81e3bbe 100644 |
2762 |
--- a/fs/ecryptfs/inode.c |
2763 |
+++ b/fs/ecryptfs/inode.c |
2764 |
@@ -691,7 +691,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf, |
2765 |
@@ -44407,7 +44392,7 @@ index 637694b..f84a121 100644 |
2766 |
|
2767 |
lock_flocks(); |
2768 |
diff --git a/fs/namei.c b/fs/namei.c |
2769 |
-index 5008f01..90328a7 100644 |
2770 |
+index 744e942..24ef47f 100644 |
2771 |
--- a/fs/namei.c |
2772 |
+++ b/fs/namei.c |
2773 |
@@ -279,16 +279,32 @@ int generic_permission(struct inode *inode, int mask) |
2774 |
@@ -44482,7 +44467,7 @@ index 5008f01..90328a7 100644 |
2775 |
error = 0; |
2776 |
if (s) |
2777 |
error = __vfs_follow_link(nd, s); |
2778 |
-@@ -1622,6 +1638,21 @@ static int path_lookupat(int dfd, const char *name, |
2779 |
+@@ -1624,6 +1640,21 @@ static int path_lookupat(int dfd, const char *name, |
2780 |
if (!err) |
2781 |
err = complete_walk(nd); |
2782 |
|
2783 |
@@ -44504,7 +44489,7 @@ index 5008f01..90328a7 100644 |
2784 |
if (!err && nd->flags & LOOKUP_DIRECTORY) { |
2785 |
if (!nd->inode->i_op->lookup) { |
2786 |
path_put(&nd->path); |
2787 |
-@@ -1649,6 +1680,15 @@ static int do_path_lookup(int dfd, const char *name, |
2788 |
+@@ -1651,6 +1682,15 @@ static int do_path_lookup(int dfd, const char *name, |
2789 |
retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd); |
2790 |
|
2791 |
if (likely(!retval)) { |
2792 |
@@ -44520,7 +44505,7 @@ index 5008f01..90328a7 100644 |
2793 |
if (unlikely(!audit_dummy_context())) { |
2794 |
if (nd->path.dentry && nd->inode) |
2795 |
audit_inode(name, nd->path.dentry); |
2796 |
-@@ -2046,6 +2086,13 @@ static int may_open(struct path *path, int acc_mode, int flag) |
2797 |
+@@ -2048,6 +2088,13 @@ static int may_open(struct path *path, int acc_mode, int flag) |
2798 |
if (flag & O_NOATIME && !inode_owner_or_capable(inode)) |
2799 |
return -EPERM; |
2800 |
|
2801 |
@@ -44534,7 +44519,7 @@ index 5008f01..90328a7 100644 |
2802 |
return 0; |
2803 |
} |
2804 |
|
2805 |
-@@ -2107,6 +2154,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2806 |
+@@ -2109,6 +2156,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2807 |
error = complete_walk(nd); |
2808 |
if (error) |
2809 |
return ERR_PTR(error); |
2810 |
@@ -44551,7 +44536,7 @@ index 5008f01..90328a7 100644 |
2811 |
audit_inode(pathname, nd->path.dentry); |
2812 |
if (open_flag & O_CREAT) { |
2813 |
error = -EISDIR; |
2814 |
-@@ -2117,6 +2174,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2815 |
+@@ -2119,6 +2176,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2816 |
error = complete_walk(nd); |
2817 |
if (error) |
2818 |
return ERR_PTR(error); |
2819 |
@@ -44568,7 +44553,7 @@ index 5008f01..90328a7 100644 |
2820 |
audit_inode(pathname, dir); |
2821 |
goto ok; |
2822 |
} |
2823 |
-@@ -2138,6 +2205,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2824 |
+@@ -2140,6 +2207,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2825 |
error = complete_walk(nd); |
2826 |
if (error) |
2827 |
return ERR_PTR(-ECHILD); |
2828 |
@@ -44585,7 +44570,7 @@ index 5008f01..90328a7 100644 |
2829 |
|
2830 |
error = -ENOTDIR; |
2831 |
if (nd->flags & LOOKUP_DIRECTORY) { |
2832 |
-@@ -2178,6 +2255,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2833 |
+@@ -2180,6 +2257,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2834 |
/* Negative dentry, just create the file */ |
2835 |
if (!dentry->d_inode) { |
2836 |
int mode = op->mode; |
2837 |
@@ -44598,7 +44583,7 @@ index 5008f01..90328a7 100644 |
2838 |
if (!IS_POSIXACL(dir->d_inode)) |
2839 |
mode &= ~current_umask(); |
2840 |
/* |
2841 |
-@@ -2201,6 +2284,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2842 |
+@@ -2203,6 +2286,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2843 |
error = vfs_create(dir->d_inode, dentry, mode, nd); |
2844 |
if (error) |
2845 |
goto exit_mutex_unlock; |
2846 |
@@ -44607,7 +44592,7 @@ index 5008f01..90328a7 100644 |
2847 |
mutex_unlock(&dir->d_inode->i_mutex); |
2848 |
dput(nd->path.dentry); |
2849 |
nd->path.dentry = dentry; |
2850 |
-@@ -2210,6 +2295,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2851 |
+@@ -2212,6 +2297,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path, |
2852 |
/* |
2853 |
* It already exists. |
2854 |
*/ |
2855 |
@@ -44627,7 +44612,7 @@ index 5008f01..90328a7 100644 |
2856 |
mutex_unlock(&dir->d_inode->i_mutex); |
2857 |
audit_inode(pathname, path->dentry); |
2858 |
|
2859 |
-@@ -2422,6 +2520,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path |
2860 |
+@@ -2424,6 +2522,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path |
2861 |
*path = nd.path; |
2862 |
return dentry; |
2863 |
eexist: |
2864 |
@@ -44639,7 +44624,7 @@ index 5008f01..90328a7 100644 |
2865 |
dput(dentry); |
2866 |
dentry = ERR_PTR(-EEXIST); |
2867 |
fail: |
2868 |
-@@ -2444,6 +2547,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat |
2869 |
+@@ -2446,6 +2549,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat |
2870 |
} |
2871 |
EXPORT_SYMBOL(user_path_create); |
2872 |
|
2873 |
@@ -44660,7 +44645,7 @@ index 5008f01..90328a7 100644 |
2874 |
int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) |
2875 |
{ |
2876 |
int error = may_create(dir, dentry); |
2877 |
-@@ -2511,6 +2628,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, |
2878 |
+@@ -2513,6 +2630,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, |
2879 |
error = mnt_want_write(path.mnt); |
2880 |
if (error) |
2881 |
goto out_dput; |
2882 |
@@ -44678,7 +44663,7 @@ index 5008f01..90328a7 100644 |
2883 |
error = security_path_mknod(&path, dentry, mode, dev); |
2884 |
if (error) |
2885 |
goto out_drop_write; |
2886 |
-@@ -2528,6 +2656,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, |
2887 |
+@@ -2530,6 +2658,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode, |
2888 |
} |
2889 |
out_drop_write: |
2890 |
mnt_drop_write(path.mnt); |
2891 |
@@ -44688,7 +44673,7 @@ index 5008f01..90328a7 100644 |
2892 |
out_dput: |
2893 |
dput(dentry); |
2894 |
mutex_unlock(&path.dentry->d_inode->i_mutex); |
2895 |
-@@ -2577,12 +2708,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) |
2896 |
+@@ -2579,12 +2710,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode) |
2897 |
error = mnt_want_write(path.mnt); |
2898 |
if (error) |
2899 |
goto out_dput; |
2900 |
@@ -44710,7 +44695,7 @@ index 5008f01..90328a7 100644 |
2901 |
out_dput: |
2902 |
dput(dentry); |
2903 |
mutex_unlock(&path.dentry->d_inode->i_mutex); |
2904 |
-@@ -2662,6 +2802,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2905 |
+@@ -2664,6 +2804,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2906 |
char * name; |
2907 |
struct dentry *dentry; |
2908 |
struct nameidata nd; |
2909 |
@@ -44719,7 +44704,7 @@ index 5008f01..90328a7 100644 |
2910 |
|
2911 |
error = user_path_parent(dfd, pathname, &nd, &name); |
2912 |
if (error) |
2913 |
-@@ -2690,6 +2832,15 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2914 |
+@@ -2692,6 +2834,15 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2915 |
error = -ENOENT; |
2916 |
goto exit3; |
2917 |
} |
2918 |
@@ -44735,7 +44720,7 @@ index 5008f01..90328a7 100644 |
2919 |
error = mnt_want_write(nd.path.mnt); |
2920 |
if (error) |
2921 |
goto exit3; |
2922 |
-@@ -2697,6 +2848,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2923 |
+@@ -2699,6 +2850,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
2924 |
if (error) |
2925 |
goto exit4; |
2926 |
error = vfs_rmdir(nd.path.dentry->d_inode, dentry); |
2927 |
@@ -44744,7 +44729,7 @@ index 5008f01..90328a7 100644 |
2928 |
exit4: |
2929 |
mnt_drop_write(nd.path.mnt); |
2930 |
exit3: |
2931 |
-@@ -2759,6 +2912,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2932 |
+@@ -2761,6 +2914,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2933 |
struct dentry *dentry; |
2934 |
struct nameidata nd; |
2935 |
struct inode *inode = NULL; |
2936 |
@@ -44753,7 +44738,7 @@ index 5008f01..90328a7 100644 |
2937 |
|
2938 |
error = user_path_parent(dfd, pathname, &nd, &name); |
2939 |
if (error) |
2940 |
-@@ -2781,6 +2936,16 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2941 |
+@@ -2783,6 +2938,16 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2942 |
if (!inode) |
2943 |
goto slashes; |
2944 |
ihold(inode); |
2945 |
@@ -44770,7 +44755,7 @@ index 5008f01..90328a7 100644 |
2946 |
error = mnt_want_write(nd.path.mnt); |
2947 |
if (error) |
2948 |
goto exit2; |
2949 |
-@@ -2788,6 +2953,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2950 |
+@@ -2790,6 +2955,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
2951 |
if (error) |
2952 |
goto exit3; |
2953 |
error = vfs_unlink(nd.path.dentry->d_inode, dentry); |
2954 |
@@ -44779,7 +44764,7 @@ index 5008f01..90328a7 100644 |
2955 |
exit3: |
2956 |
mnt_drop_write(nd.path.mnt); |
2957 |
exit2: |
2958 |
-@@ -2863,10 +3030,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname, |
2959 |
+@@ -2865,10 +3032,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname, |
2960 |
error = mnt_want_write(path.mnt); |
2961 |
if (error) |
2962 |
goto out_dput; |
2963 |
@@ -44798,7 +44783,7 @@ index 5008f01..90328a7 100644 |
2964 |
out_drop_write: |
2965 |
mnt_drop_write(path.mnt); |
2966 |
out_dput: |
2967 |
-@@ -2938,6 +3113,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2968 |
+@@ -2940,6 +3115,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2969 |
{ |
2970 |
struct dentry *new_dentry; |
2971 |
struct path old_path, new_path; |
2972 |
@@ -44806,7 +44791,7 @@ index 5008f01..90328a7 100644 |
2973 |
int how = 0; |
2974 |
int error; |
2975 |
|
2976 |
-@@ -2961,7 +3137,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2977 |
+@@ -2963,7 +3139,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2978 |
if (error) |
2979 |
return error; |
2980 |
|
2981 |
@@ -44815,7 +44800,7 @@ index 5008f01..90328a7 100644 |
2982 |
error = PTR_ERR(new_dentry); |
2983 |
if (IS_ERR(new_dentry)) |
2984 |
goto out; |
2985 |
-@@ -2972,13 +3148,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2986 |
+@@ -2974,13 +3150,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
2987 |
error = mnt_want_write(new_path.mnt); |
2988 |
if (error) |
2989 |
goto out_dput; |
2990 |
@@ -44846,7 +44831,7 @@ index 5008f01..90328a7 100644 |
2991 |
dput(new_dentry); |
2992 |
mutex_unlock(&new_path.dentry->d_inode->i_mutex); |
2993 |
path_put(&new_path); |
2994 |
-@@ -3206,6 +3399,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, |
2995 |
+@@ -3208,6 +3401,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, |
2996 |
if (new_dentry == trap) |
2997 |
goto exit5; |
2998 |
|
2999 |
@@ -44859,7 +44844,7 @@ index 5008f01..90328a7 100644 |
3000 |
error = mnt_want_write(oldnd.path.mnt); |
3001 |
if (error) |
3002 |
goto exit5; |
3003 |
-@@ -3215,6 +3414,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, |
3004 |
+@@ -3217,6 +3416,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, |
3005 |
goto exit6; |
3006 |
error = vfs_rename(old_dir->d_inode, old_dentry, |
3007 |
new_dir->d_inode, new_dentry); |
3008 |
@@ -44869,7 +44854,7 @@ index 5008f01..90328a7 100644 |
3009 |
exit6: |
3010 |
mnt_drop_write(oldnd.path.mnt); |
3011 |
exit5: |
3012 |
-@@ -3240,6 +3442,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna |
3013 |
+@@ -3242,6 +3444,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna |
3014 |
|
3015 |
int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) |
3016 |
{ |
3017 |
@@ -44878,7 +44863,7 @@ index 5008f01..90328a7 100644 |
3018 |
int len; |
3019 |
|
3020 |
len = PTR_ERR(link); |
3021 |
-@@ -3249,7 +3453,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c |
3022 |
+@@ -3251,7 +3455,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c |
3023 |
len = strlen(link); |
3024 |
if (len > (unsigned) buflen) |
3025 |
len = buflen; |
3026 |
@@ -45525,7 +45510,7 @@ index 15af622..0e9f4467 100644 |
3027 |
help |
3028 |
Various /proc files exist to monitor process memory utilization: |
3029 |
diff --git a/fs/proc/array.c b/fs/proc/array.c |
3030 |
-index 3a1dafd..1456746 100644 |
3031 |
+index 3a1dafd..bf1bd84 100644 |
3032 |
--- a/fs/proc/array.c |
3033 |
+++ b/fs/proc/array.c |
3034 |
@@ -60,6 +60,7 @@ |
3035 |
@@ -45633,9 +45618,12 @@ index 3a1dafd..1456746 100644 |
3036 |
esp, |
3037 |
eip, |
3038 |
/* The signal information here is obsolete. |
3039 |
-@@ -535,6 +592,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
3040 |
+@@ -533,8 +590,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns, |
3041 |
+ struct pid *pid, struct task_struct *task) |
3042 |
+ { |
3043 |
unsigned long size = 0, resident = 0, shared = 0, text = 0, data = 0; |
3044 |
- struct mm_struct *mm = get_task_mm(task); |
3045 |
+- struct mm_struct *mm = get_task_mm(task); |
3046 |
++ struct mm_struct *mm; |
3047 |
|
3048 |
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
3049 |
+ if (current->exec_id != m->exec_id) { |
3050 |
@@ -45643,7 +45631,7 @@ index 3a1dafd..1456746 100644 |
3051 |
+ return 0; |
3052 |
+ } |
3053 |
+#endif |
3054 |
-+ |
3055 |
++ mm = get_task_mm(task); |
3056 |
if (mm) { |
3057 |
size = task_statm(mm, &shared, &text, &data, &resident); |
3058 |
mmput(mm); |
3059 |
@@ -58438,10 +58426,10 @@ index 84ccf8e..2e9b14c 100644 |
3060 |
}; |
3061 |
|
3062 |
diff --git a/include/linux/fs.h b/include/linux/fs.h |
3063 |
-index e0bc4ff..d79c2fa 100644 |
3064 |
+index 10b2288..09180e4 100644 |
3065 |
--- a/include/linux/fs.h |
3066 |
+++ b/include/linux/fs.h |
3067 |
-@@ -1608,7 +1608,8 @@ struct file_operations { |
3068 |
+@@ -1609,7 +1609,8 @@ struct file_operations { |
3069 |
int (*setlease)(struct file *, long, struct file_lock **); |
3070 |
long (*fallocate)(struct file *file, int mode, loff_t offset, |
3071 |
loff_t len); |
3072 |
@@ -59261,7 +59249,7 @@ index 0000000..da390f1 |
3073 |
+#endif |
3074 |
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h |
3075 |
new file mode 100644 |
3076 |
-index 0000000..f885406 |
3077 |
+index 0000000..ae576a1 |
3078 |
--- /dev/null |
3079 |
+++ b/include/linux/grmsg.h |
3080 |
@@ -0,0 +1,109 @@ |
3081 |
@@ -59316,7 +59304,7 @@ index 0000000..f885406 |
3082 |
+#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by " |
3083 |
+#define GR_INITF_ACL_MSG "init_variables() failed %s by " |
3084 |
+#define GR_DISABLED_ACL_MSG "Error loading %s, trying to run kernel with acls disabled. To disable acls at startup use <kernel image name> gracl=off from your boot loader" |
3085 |
-+#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbaged by " |
3086 |
++#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbage by " |
3087 |
+#define GR_SHUTS_ACL_MSG "shutdown auth success for " |
3088 |
+#define GR_SHUTF_ACL_MSG "shutdown auth failure for " |
3089 |
+#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for " |
3090 |
@@ -61270,7 +61258,7 @@ index c14fe86..393245e 100644 |
3091 |
#define RPCRDMA_VERSION 1 |
3092 |
|
3093 |
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h |
3094 |
-index 703cfa3..0b8ca72ac 100644 |
3095 |
+index 703cfa33..0b8ca72ac 100644 |
3096 |
--- a/include/linux/sysctl.h |
3097 |
+++ b/include/linux/sysctl.h |
3098 |
@@ -155,7 +155,11 @@ enum |
3099 |
@@ -61790,10 +61778,10 @@ index 9e5425b..8136ffc 100644 |
3100 |
/* Protects from simultaneous access to first_req list */ |
3101 |
spinlock_t info_list_lock; |
3102 |
diff --git a/include/net/flow.h b/include/net/flow.h |
3103 |
-index 57f15a7..0de26c6 100644 |
3104 |
+index 2a7eefd..3250f3b 100644 |
3105 |
--- a/include/net/flow.h |
3106 |
+++ b/include/net/flow.h |
3107 |
-@@ -208,6 +208,6 @@ extern struct flow_cache_object *flow_cache_lookup( |
3108 |
+@@ -218,6 +218,6 @@ extern struct flow_cache_object *flow_cache_lookup( |
3109 |
|
3110 |
extern void flow_cache_flush(void); |
3111 |
extern void flow_cache_flush_deferred(void); |
3112 |
@@ -62188,7 +62176,7 @@ index 444cd6b..3327cc5 100644 |
3113 |
const struct firmware *dsp_microcode; |
3114 |
const struct firmware *controller_microcode; |
3115 |
diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h |
3116 |
-index a79886c..b483af6 100644 |
3117 |
+index 94bbec3..3a8c6b0 100644 |
3118 |
--- a/include/target/target_core_base.h |
3119 |
+++ b/include/target/target_core_base.h |
3120 |
@@ -346,7 +346,7 @@ struct t10_reservation_ops { |
3121 |
@@ -62211,7 +62199,7 @@ index a79886c..b483af6 100644 |
3122 |
atomic_t t_transport_active; |
3123 |
atomic_t t_transport_complete; |
3124 |
atomic_t t_transport_queue_active; |
3125 |
-@@ -704,7 +704,7 @@ struct se_device { |
3126 |
+@@ -705,7 +705,7 @@ struct se_device { |
3127 |
/* Active commands on this virtual SE device */ |
3128 |
atomic_t simple_cmds; |
3129 |
atomic_t depth_left; |
3130 |
@@ -62716,7 +62704,7 @@ index 5b4293d..f179875 100644 |
3131 |
if (u->mq_bytes + mq_bytes < u->mq_bytes || |
3132 |
u->mq_bytes + mq_bytes > task_rlimit(p, RLIMIT_MSGQUEUE)) { |
3133 |
diff --git a/ipc/msg.c b/ipc/msg.c |
3134 |
-index 7385de2..a8180e0 100644 |
3135 |
+index 7385de2..a8180e08 100644 |
3136 |
--- a/ipc/msg.c |
3137 |
+++ b/ipc/msg.c |
3138 |
@@ -309,18 +309,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg) |
3139 |
@@ -63626,10 +63614,10 @@ index e6e01b9..619f837 100644 |
3140 |
|
3141 |
if (group_dead) |
3142 |
diff --git a/kernel/fork.c b/kernel/fork.c |
3143 |
-index da4a6a1..0973380 100644 |
3144 |
+index 0acf42c0..9e40e2e 100644 |
3145 |
--- a/kernel/fork.c |
3146 |
+++ b/kernel/fork.c |
3147 |
-@@ -280,7 +280,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) |
3148 |
+@@ -281,7 +281,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) |
3149 |
*stackend = STACK_END_MAGIC; /* for overflow detection */ |
3150 |
|
3151 |
#ifdef CONFIG_CC_STACKPROTECTOR |
3152 |
@@ -63638,7 +63626,7 @@ index da4a6a1..0973380 100644 |
3153 |
#endif |
3154 |
|
3155 |
/* |
3156 |
-@@ -304,13 +304,77 @@ out: |
3157 |
+@@ -305,13 +305,77 @@ out: |
3158 |
} |
3159 |
|
3160 |
#ifdef CONFIG_MMU |
3161 |
@@ -63718,7 +63706,7 @@ index da4a6a1..0973380 100644 |
3162 |
|
3163 |
down_write(&oldmm->mmap_sem); |
3164 |
flush_cache_dup_mm(oldmm); |
3165 |
-@@ -322,8 +386,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3166 |
+@@ -323,8 +387,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3167 |
mm->locked_vm = 0; |
3168 |
mm->mmap = NULL; |
3169 |
mm->mmap_cache = NULL; |
3170 |
@@ -63729,7 +63717,7 @@ index da4a6a1..0973380 100644 |
3171 |
mm->map_count = 0; |
3172 |
cpumask_clear(mm_cpumask(mm)); |
3173 |
mm->mm_rb = RB_ROOT; |
3174 |
-@@ -339,8 +403,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3175 |
+@@ -340,8 +404,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3176 |
|
3177 |
prev = NULL; |
3178 |
for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) { |
3179 |
@@ -63738,7 +63726,7 @@ index da4a6a1..0973380 100644 |
3180 |
if (mpnt->vm_flags & VM_DONTCOPY) { |
3181 |
long pages = vma_pages(mpnt); |
3182 |
mm->total_vm -= pages; |
3183 |
-@@ -348,53 +410,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3184 |
+@@ -349,53 +411,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3185 |
-pages); |
3186 |
continue; |
3187 |
} |
3188 |
@@ -63796,7 +63784,7 @@ index da4a6a1..0973380 100644 |
3189 |
|
3190 |
/* |
3191 |
* Link in the new vma and copy the page table entries. |
3192 |
-@@ -417,6 +437,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3193 |
+@@ -418,6 +438,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) |
3194 |
if (retval) |
3195 |
goto out; |
3196 |
} |
3197 |
@@ -63828,7 +63816,7 @@ index da4a6a1..0973380 100644 |
3198 |
/* a new mm has just been created */ |
3199 |
arch_dup_mmap(oldmm, mm); |
3200 |
retval = 0; |
3201 |
-@@ -425,14 +470,6 @@ out: |
3202 |
+@@ -426,14 +471,6 @@ out: |
3203 |
flush_tlb_mm(oldmm); |
3204 |
up_write(&oldmm->mmap_sem); |
3205 |
return retval; |
3206 |
@@ -63843,7 +63831,7 @@ index da4a6a1..0973380 100644 |
3207 |
} |
3208 |
|
3209 |
static inline int mm_alloc_pgd(struct mm_struct *mm) |
3210 |
-@@ -644,6 +681,26 @@ struct mm_struct *get_task_mm(struct task_struct *task) |
3211 |
+@@ -645,6 +682,26 @@ struct mm_struct *get_task_mm(struct task_struct *task) |
3212 |
} |
3213 |
EXPORT_SYMBOL_GPL(get_task_mm); |
3214 |
|
3215 |
@@ -63870,7 +63858,7 @@ index da4a6a1..0973380 100644 |
3216 |
/* Please note the differences between mmput and mm_release. |
3217 |
* mmput is called whenever we stop holding onto a mm_struct, |
3218 |
* error success whatever. |
3219 |
-@@ -829,13 +886,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) |
3220 |
+@@ -830,13 +887,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) |
3221 |
spin_unlock(&fs->lock); |
3222 |
return -EAGAIN; |
3223 |
} |
3224 |
@@ -63886,7 +63874,7 @@ index da4a6a1..0973380 100644 |
3225 |
return 0; |
3226 |
} |
3227 |
|
3228 |
-@@ -1097,6 +1155,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
3229 |
+@@ -1100,6 +1158,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
3230 |
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); |
3231 |
#endif |
3232 |
retval = -EAGAIN; |
3233 |
@@ -63896,7 +63884,7 @@ index da4a6a1..0973380 100644 |
3234 |
if (atomic_read(&p->real_cred->user->processes) >= |
3235 |
task_rlimit(p, RLIMIT_NPROC)) { |
3236 |
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) && |
3237 |
-@@ -1256,6 +1317,8 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
3238 |
+@@ -1259,6 +1320,8 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
3239 |
if (clone_flags & CLONE_THREAD) |
3240 |
p->tgid = current->tgid; |
3241 |
|
3242 |
@@ -63905,7 +63893,7 @@ index da4a6a1..0973380 100644 |
3243 |
p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL; |
3244 |
/* |
3245 |
* Clear TID on mm_release()? |
3246 |
-@@ -1418,6 +1481,8 @@ bad_fork_cleanup_count: |
3247 |
+@@ -1421,6 +1484,8 @@ bad_fork_cleanup_count: |
3248 |
bad_fork_free: |
3249 |
free_task(p); |
3250 |
fork_out: |
3251 |
@@ -63914,7 +63902,7 @@ index da4a6a1..0973380 100644 |
3252 |
return ERR_PTR(retval); |
3253 |
} |
3254 |
|
3255 |
-@@ -1518,6 +1583,8 @@ long do_fork(unsigned long clone_flags, |
3256 |
+@@ -1521,6 +1586,8 @@ long do_fork(unsigned long clone_flags, |
3257 |
if (clone_flags & CLONE_PARENT_SETTID) |
3258 |
put_user(nr, parent_tidptr); |
3259 |
|
3260 |
@@ -63923,7 +63911,7 @@ index da4a6a1..0973380 100644 |
3261 |
if (clone_flags & CLONE_VFORK) { |
3262 |
p->vfork_done = &vfork; |
3263 |
init_completion(&vfork); |
3264 |
-@@ -1627,7 +1694,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) |
3265 |
+@@ -1630,7 +1697,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) |
3266 |
return 0; |
3267 |
|
3268 |
/* don't need lock here; in the worst case we'll do useless copy */ |
3269 |
@@ -63932,7 +63920,7 @@ index da4a6a1..0973380 100644 |
3270 |
return 0; |
3271 |
|
3272 |
*new_fsp = copy_fs_struct(fs); |
3273 |
-@@ -1716,7 +1783,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
3274 |
+@@ -1719,7 +1786,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
3275 |
fs = current->fs; |
3276 |
spin_lock(&fs->lock); |
3277 |
current->fs = new_fs; |
3278 |
@@ -70622,7 +70610,7 @@ index 7fa41b4..6087460 100644 |
3279 |
return count; |
3280 |
} |
3281 |
diff --git a/mm/nommu.c b/mm/nommu.c |
3282 |
-index b982290..7d73f53 100644 |
3283 |
+index ee7e57e..cae4e40 100644 |
3284 |
--- a/mm/nommu.c |
3285 |
+++ b/mm/nommu.c |
3286 |
@@ -62,7 +62,6 @@ int sysctl_overcommit_memory = OVERCOMMIT_GUESS; /* heuristic overcommit */ |
3287 |
@@ -70633,7 +70621,7 @@ index b982290..7d73f53 100644 |
3288 |
|
3289 |
atomic_long_t mmap_pages_allocated; |
3290 |
|
3291 |
-@@ -825,15 +824,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) |
3292 |
+@@ -829,15 +828,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) |
3293 |
EXPORT_SYMBOL(find_vma); |
3294 |
|
3295 |
/* |
3296 |
@@ -70649,7 +70637,7 @@ index b982290..7d73f53 100644 |
3297 |
* expand a stack to a given address |
3298 |
* - not supported under NOMMU conditions |
3299 |
*/ |
3300 |
-@@ -1553,6 +1543,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
3301 |
+@@ -1557,6 +1547,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
3302 |
|
3303 |
/* most fields are the same, copy all, and then fixup */ |
3304 |
*new = *vma; |
3305 |
@@ -72725,7 +72713,7 @@ index 68bbf9f..5ef0d12 100644 |
3306 |
|
3307 |
return err; |
3308 |
diff --git a/net/core/dev.c b/net/core/dev.c |
3309 |
-index 5a13edf..a6f2bd2 100644 |
3310 |
+index c56cacf..b28e35f 100644 |
3311 |
--- a/net/core/dev.c |
3312 |
+++ b/net/core/dev.c |
3313 |
@@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name) |
3314 |
@@ -72797,7 +72785,7 @@ index 5a13edf..a6f2bd2 100644 |
3315 |
kfree_skb(skb); |
3316 |
/* Jamal, now you will not able to escape explaining |
3317 |
* me how you were going to use this. :-) |
3318 |
-@@ -3891,7 +3895,7 @@ void netif_napi_del(struct napi_struct *napi) |
3319 |
+@@ -3897,7 +3901,7 @@ void netif_napi_del(struct napi_struct *napi) |
3320 |
} |
3321 |
EXPORT_SYMBOL(netif_napi_del); |
3322 |
|
3323 |
@@ -72806,7 +72794,7 @@ index 5a13edf..a6f2bd2 100644 |
3324 |
{ |
3325 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
3326 |
unsigned long time_limit = jiffies + 2; |
3327 |
-@@ -5949,7 +5953,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
3328 |
+@@ -5955,7 +5959,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
3329 |
} else { |
3330 |
netdev_stats_to_stats64(storage, &dev->stats); |
3331 |
} |
3332 |
@@ -73386,7 +73374,7 @@ index 94cdbc5..0cb0063 100644 |
3333 |
ts = peer->tcp_ts; |
3334 |
tsage = get_seconds() - peer->tcp_ts_stamp; |
3335 |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
3336 |
-index c89e354..8bd55c8 100644 |
3337 |
+index eb90aa8..22bf114 100644 |
3338 |
--- a/net/ipv4/tcp_ipv4.c |
3339 |
+++ b/net/ipv4/tcp_ipv4.c |
3340 |
@@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly; |
3341 |
@@ -73399,7 +73387,7 @@ index c89e354..8bd55c8 100644 |
3342 |
|
3343 |
#ifdef CONFIG_TCP_MD5SIG |
3344 |
static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk, |
3345 |
-@@ -1627,6 +1630,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) |
3346 |
+@@ -1632,6 +1635,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) |
3347 |
return 0; |
3348 |
|
3349 |
reset: |
3350 |
@@ -73409,7 +73397,7 @@ index c89e354..8bd55c8 100644 |
3351 |
tcp_v4_send_reset(rsk, skb); |
3352 |
discard: |
3353 |
kfree_skb(skb); |
3354 |
-@@ -1689,12 +1695,19 @@ int tcp_v4_rcv(struct sk_buff *skb) |
3355 |
+@@ -1694,12 +1700,19 @@ int tcp_v4_rcv(struct sk_buff *skb) |
3356 |
TCP_SKB_CB(skb)->sacked = 0; |
3357 |
|
3358 |
sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); |
3359 |
@@ -73432,7 +73420,7 @@ index c89e354..8bd55c8 100644 |
3360 |
|
3361 |
if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { |
3362 |
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); |
3363 |
-@@ -1744,6 +1757,10 @@ no_tcp_socket: |
3364 |
+@@ -1749,6 +1762,10 @@ no_tcp_socket: |
3365 |
bad_packet: |
3366 |
TCP_INC_STATS_BH(net, TCP_MIB_INERRS); |
3367 |
} else { |
3368 |
@@ -73443,7 +73431,7 @@ index c89e354..8bd55c8 100644 |
3369 |
tcp_v4_send_reset(NULL, skb); |
3370 |
} |
3371 |
|
3372 |
-@@ -2404,7 +2421,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req, |
3373 |
+@@ -2409,7 +2426,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req, |
3374 |
0, /* non standard timer */ |
3375 |
0, /* open_requests have no inode */ |
3376 |
atomic_read(&sk->sk_refcnt), |
3377 |
@@ -73455,7 +73443,7 @@ index c89e354..8bd55c8 100644 |
3378 |
len); |
3379 |
} |
3380 |
|
3381 |
-@@ -2454,7 +2475,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len) |
3382 |
+@@ -2459,7 +2480,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len) |
3383 |
sock_i_uid(sk), |
3384 |
icsk->icsk_probes_out, |
3385 |
sock_i_ino(sk), |
3386 |
@@ -73469,7 +73457,7 @@ index c89e354..8bd55c8 100644 |
3387 |
jiffies_to_clock_t(icsk->icsk_rto), |
3388 |
jiffies_to_clock_t(icsk->icsk_ack.ato), |
3389 |
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, |
3390 |
-@@ -2482,7 +2508,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw, |
3391 |
+@@ -2487,7 +2513,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw, |
3392 |
" %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n", |
3393 |
i, src, srcp, dest, destp, tw->tw_substate, 0, 0, |
3394 |
3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, |
3395 |
@@ -74217,7 +74205,7 @@ index 30d7355..e260095 100644 |
3396 |
napi_disable(&local->napi); |
3397 |
ieee80211_clear_tx_pending(local); |
3398 |
diff --git a/net/mac80211/main.c b/net/mac80211/main.c |
3399 |
-index a7536fd..4039cc0 100644 |
3400 |
+index 7d9b21d..0687004 100644 |
3401 |
--- a/net/mac80211/main.c |
3402 |
+++ b/net/mac80211/main.c |
3403 |
@@ -163,7 +163,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) |
3404 |
@@ -74364,7 +74352,7 @@ index 29fa5ba..8debc79 100644 |
3405 |
|
3406 |
if (!todrop_rate[i]) return 0; |
3407 |
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c |
3408 |
-index 093cc32..9209ae1 100644 |
3409 |
+index 6dc7d7d..e45913a 100644 |
3410 |
--- a/net/netfilter/ipvs/ip_vs_core.c |
3411 |
+++ b/net/netfilter/ipvs/ip_vs_core.c |
3412 |
@@ -562,7 +562,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, |
3413 |
@@ -75928,7 +75916,7 @@ index 9049a5c..cfa6f5c 100644 |
3414 |
} |
3415 |
|
3416 |
diff --git a/scripts/Makefile.build b/scripts/Makefile.build |
3417 |
-index d2b366c..51ff91e 100644 |
3418 |
+index d2b366c..51ff91ebc 100644 |
3419 |
--- a/scripts/Makefile.build |
3420 |
+++ b/scripts/Makefile.build |
3421 |
@@ -109,7 +109,7 @@ endif |
3422 |
@@ -77804,7 +77792,7 @@ index a39edcc..1014050 100644 |
3423 |
}; |
3424 |
diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile |
3425 |
new file mode 100644 |
3426 |
-index 0000000..29b6b75 |
3427 |
+index 0000000..481a163 |
3428 |
--- /dev/null |
3429 |
+++ b/tools/gcc/Makefile |
3430 |
@@ -0,0 +1,21 @@ |
3431 |
@@ -77814,7 +77802,7 @@ index 0000000..29b6b75 |
3432 |
+GCCPLUGINS_DIR := $(shell $(CC) -print-file-name=plugin) |
3433 |
+#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W -std=gnu99 |
3434 |
+ |
3435 |
-+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 |
3436 |
++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 -ggdb |
3437 |
+ |
3438 |
+hostlibs-y := constify_plugin.so |
3439 |
+hostlibs-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so |
3440 |
@@ -78923,10 +78911,10 @@ index 0000000..008f159 |
3441 |
+} |
3442 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
3443 |
new file mode 100644 |
3444 |
-index 0000000..8b61031 |
3445 |
+index 0000000..4a9b187 |
3446 |
--- /dev/null |
3447 |
+++ b/tools/gcc/stackleak_plugin.c |
3448 |
-@@ -0,0 +1,295 @@ |
3449 |
+@@ -0,0 +1,326 @@ |
3450 |
+/* |
3451 |
+ * Copyright 2011 by the PaX Team <pageexec@××××××××.hu> |
3452 |
+ * Licensed under the GPL v2 |
3453 |
@@ -78973,10 +78961,12 @@ index 0000000..8b61031 |
3454 |
+static int track_frame_size = -1; |
3455 |
+static const char track_function[] = "pax_track_stack"; |
3456 |
+static const char check_function[] = "pax_check_alloca"; |
3457 |
++static tree pax_check_alloca_decl; |
3458 |
++static tree pax_track_stack_decl; |
3459 |
+static bool init_locals; |
3460 |
+ |
3461 |
+static struct plugin_info stackleak_plugin_info = { |
3462 |
-+ .version = "201111150100", |
3463 |
++ .version = "201203021600", |
3464 |
+ .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n" |
3465 |
+// "initialize-locals\t\tforcibly initialize all stack frames\n" |
3466 |
+}; |
3467 |
@@ -79029,27 +79019,20 @@ index 0000000..8b61031 |
3468 |
+static void stackleak_check_alloca(gimple_stmt_iterator *gsi) |
3469 |
+{ |
3470 |
+ gimple check_alloca; |
3471 |
-+ tree fndecl, fntype, alloca_size; |
3472 |
++ tree alloca_size; |
3473 |
+ |
3474 |
+ // insert call to void pax_check_alloca(unsigned long size) |
3475 |
-+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE); |
3476 |
-+ fndecl = build_fn_decl(check_function, fntype); |
3477 |
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO |
3478 |
+ alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0); |
3479 |
-+ check_alloca = gimple_build_call(fndecl, 1, alloca_size); |
3480 |
++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size); |
3481 |
+ gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT); |
3482 |
+} |
3483 |
+ |
3484 |
+static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi) |
3485 |
+{ |
3486 |
+ gimple track_stack; |
3487 |
-+ tree fndecl, fntype; |
3488 |
+ |
3489 |
+ // insert call to void pax_track_stack(void) |
3490 |
-+ fntype = build_function_type_list(void_type_node, NULL_TREE); |
3491 |
-+ fndecl = build_fn_decl(track_function, fntype); |
3492 |
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO |
3493 |
-+ track_stack = gimple_build_call(fndecl, 0); |
3494 |
++ track_stack = gimple_build_call(pax_track_stack_decl, 0); |
3495 |
+ gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING); |
3496 |
+} |
3497 |
+ |
3498 |
@@ -79086,7 +79069,7 @@ index 0000000..8b61031 |
3499 |
+static unsigned int execute_stackleak_tree_instrument(void) |
3500 |
+{ |
3501 |
+ basic_block bb, entry_bb; |
3502 |
-+ bool prologue_instrumented = false; |
3503 |
++ bool prologue_instrumented = false, is_leaf = true; |
3504 |
+ |
3505 |
+ entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb; |
3506 |
+ |
3507 |
@@ -79095,8 +79078,15 @@ index 0000000..8b61031 |
3508 |
+ gimple_stmt_iterator gsi; |
3509 |
+ |
3510 |
+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { |
3511 |
++ gimple stmt; |
3512 |
++ |
3513 |
++ stmt = gsi_stmt(gsi); |
3514 |
++ |
3515 |
++ if (is_gimple_call(stmt)) |
3516 |
++ is_leaf = false; |
3517 |
++ |
3518 |
+ // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450> |
3519 |
-+ if (!is_alloca(gsi_stmt(gsi))) |
3520 |
++ if (!is_alloca(stmt)) |
3521 |
+ continue; |
3522 |
+ |
3523 |
+ // 2. insert stack overflow check before each __builtin_alloca call |
3524 |
@@ -79109,6 +79099,13 @@ index 0000000..8b61031 |
3525 |
+ } |
3526 |
+ } |
3527 |
+ |
3528 |
++ // special case for some bad linux code: taking the address of static inline functions will materialize them |
3529 |
++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI |
3530 |
++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI. |
3531 |
++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here. |
3532 |
++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl)) |
3533 |
++ return 0; |
3534 |
++ |
3535 |
+ // 4. insert track call at the beginning |
3536 |
+ if (!prologue_instrumented) { |
3537 |
+ gimple_stmt_iterator gsi; |
3538 |
@@ -79168,6 +79165,27 @@ index 0000000..8b61031 |
3539 |
+ return 0; |
3540 |
+} |
3541 |
+ |
3542 |
++static void stackleak_start_unit(void *gcc_data, void *user_dat) |
3543 |
++{ |
3544 |
++ tree fntype; |
3545 |
++ |
3546 |
++ // declare void pax_check_alloca(unsigned long size) |
3547 |
++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE); |
3548 |
++ pax_check_alloca_decl = build_fn_decl(check_function, fntype); |
3549 |
++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO |
3550 |
++ TREE_PUBLIC(pax_check_alloca_decl) = 1; |
3551 |
++ DECL_EXTERNAL(pax_check_alloca_decl) = 1; |
3552 |
++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1; |
3553 |
++ |
3554 |
++ // declare void pax_track_stack(void) |
3555 |
++ fntype = build_function_type_list(void_type_node, NULL_TREE); |
3556 |
++ pax_track_stack_decl = build_fn_decl(track_function, fntype); |
3557 |
++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO |
3558 |
++ TREE_PUBLIC(pax_track_stack_decl) = 1; |
3559 |
++ DECL_EXTERNAL(pax_track_stack_decl) = 1; |
3560 |
++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1; |
3561 |
++} |
3562 |
++ |
3563 |
+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) |
3564 |
+{ |
3565 |
+ const char * const plugin_name = plugin_info->base_name; |
3566 |
@@ -79179,7 +79197,7 @@ index 0000000..8b61031 |
3567 |
+// .reference_pass_name = "tree_profile", |
3568 |
+ .reference_pass_name = "optimized", |
3569 |
+ .ref_pass_instance_number = 0, |
3570 |
-+ .pos_op = PASS_POS_INSERT_AFTER |
3571 |
++ .pos_op = PASS_POS_INSERT_BEFORE |
3572 |
+ }; |
3573 |
+ struct register_pass_info stackleak_final_pass_info = { |
3574 |
+ .pass = &stackleak_final_rtl_opt_pass.pass, |
3575 |
@@ -79217,6 +79235,7 @@ index 0000000..8b61031 |
3576 |
+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); |
3577 |
+ } |
3578 |
+ |
3579 |
++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL); |
3580 |
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info); |
3581 |
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info); |
3582 |
+ |
3583 |
|
3584 |
diff --git a/3.2.7/4425_grsec_enable_xtpax.patch b/3.2.9/4425_grsec_enable_xtpax.patch |
3585 |
similarity index 100% |
3586 |
rename from 3.2.7/4425_grsec_enable_xtpax.patch |
3587 |
rename to 3.2.9/4425_grsec_enable_xtpax.patch |
3588 |
|
3589 |
diff --git a/3.2.7/4430_grsec-remove-localversion-grsec.patch b/3.2.9/4430_grsec-remove-localversion-grsec.patch |
3590 |
similarity index 100% |
3591 |
rename from 3.2.7/4430_grsec-remove-localversion-grsec.patch |
3592 |
rename to 3.2.9/4430_grsec-remove-localversion-grsec.patch |
3593 |
|
3594 |
diff --git a/3.2.7/4435_grsec-mute-warnings.patch b/3.2.9/4435_grsec-mute-warnings.patch |
3595 |
similarity index 100% |
3596 |
rename from 3.2.7/4435_grsec-mute-warnings.patch |
3597 |
rename to 3.2.9/4435_grsec-mute-warnings.patch |
3598 |
|
3599 |
diff --git a/3.2.7/4440_grsec-remove-protected-paths.patch b/3.2.9/4440_grsec-remove-protected-paths.patch |
3600 |
similarity index 96% |
3601 |
rename from 3.2.7/4440_grsec-remove-protected-paths.patch |
3602 |
rename to 3.2.9/4440_grsec-remove-protected-paths.patch |
3603 |
index 4afb3e2..5602e8e 100644 |
3604 |
--- a/3.2.7/4440_grsec-remove-protected-paths.patch |
3605 |
+++ b/3.2.9/4440_grsec-remove-protected-paths.patch |
3606 |
@@ -6,7 +6,7 @@ the filesystem. |
3607 |
diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile |
3608 |
--- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400 |
3609 |
+++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400 |
3610 |
-@@ -27,10 +27,4 @@ |
3611 |
+@@ -31,10 +31,4 @@ |
3612 |
ifdef CONFIG_GRKERNSEC_HIDESYM |
3613 |
extra-y := grsec_hidesym.o |
3614 |
$(obj)/grsec_hidesym.o: |
3615 |
|
3616 |
diff --git a/3.2.7/4445_grsec-pax-without-grsec.patch b/3.2.9/4445_grsec-pax-without-grsec.patch |
3617 |
similarity index 98% |
3618 |
rename from 3.2.7/4445_grsec-pax-without-grsec.patch |
3619 |
rename to 3.2.9/4445_grsec-pax-without-grsec.patch |
3620 |
index 9992f51..0ef9311 100644 |
3621 |
--- a/3.2.7/4445_grsec-pax-without-grsec.patch |
3622 |
+++ b/3.2.9/4445_grsec-pax-without-grsec.patch |
3623 |
@@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
3624 |
diff -Naur a/fs/exec.c b/fs/exec.c |
3625 |
--- a/fs/exec.c 2011-04-17 19:05:03.000000000 -0400 |
3626 |
+++ b/fs/exec.c 2011-04-17 19:20:30.000000000 -0400 |
3627 |
-@@ -2004,9 +2004,11 @@ |
3628 |
+@@ -2024,9 +2024,11 @@ |
3629 |
} |
3630 |
up_read(&mm->mmap_sem); |
3631 |
} |
3632 |
@@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
3633 |
printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset); |
3634 |
printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, " |
3635 |
"PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk), |
3636 |
-@@ -2021,10 +2023,12 @@ |
3637 |
+@@ -2041,10 +2043,12 @@ |
3638 |
#ifdef CONFIG_PAX_REFCOUNT |
3639 |
void pax_report_refcount_overflow(struct pt_regs *regs) |
3640 |
{ |
3641 |
@@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
3642 |
printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", |
3643 |
current->comm, task_pid_nr(current), current_uid(), current_euid()); |
3644 |
print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs)); |
3645 |
-@@ -2083,10 +2087,12 @@ |
3646 |
+@@ -2103,10 +2107,12 @@ |
3647 |
|
3648 |
NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
3649 |
{ |
3650 |
|
3651 |
diff --git a/3.2.7/4450_grsec-kconfig-default-gids.patch b/3.2.9/4450_grsec-kconfig-default-gids.patch |
3652 |
similarity index 94% |
3653 |
rename from 3.2.7/4450_grsec-kconfig-default-gids.patch |
3654 |
rename to 3.2.9/4450_grsec-kconfig-default-gids.patch |
3655 |
index 0807a4e..71b2089 100644 |
3656 |
--- a/3.2.7/4450_grsec-kconfig-default-gids.patch |
3657 |
+++ b/3.2.9/4450_grsec-kconfig-default-gids.patch |
3658 |
@@ -12,7 +12,7 @@ from shooting themselves in the foot. |
3659 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3660 |
--- a/grsecurity/Kconfig 2011-12-12 16:54:30.000000000 -0500 |
3661 |
+++ b/grsecurity/Kconfig 2011-12-12 16:55:09.000000000 -0500 |
3662 |
-@@ -434,7 +434,7 @@ |
3663 |
+@@ -440,7 +440,7 @@ |
3664 |
config GRKERNSEC_PROC_GID |
3665 |
int "GID for special group" |
3666 |
depends on GRKERNSEC_PROC_USERGROUP |
3667 |
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3668 |
|
3669 |
config GRKERNSEC_PROC_ADD |
3670 |
bool "Additional restrictions" |
3671 |
-@@ -662,7 +662,7 @@ |
3672 |
+@@ -668,7 +668,7 @@ |
3673 |
config GRKERNSEC_AUDIT_GID |
3674 |
int "GID for auditing" |
3675 |
depends on GRKERNSEC_AUDIT_GROUP |
3676 |
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3677 |
|
3678 |
config GRKERNSEC_EXECLOG |
3679 |
bool "Exec logging" |
3680 |
-@@ -866,7 +866,7 @@ |
3681 |
+@@ -872,7 +872,7 @@ |
3682 |
config GRKERNSEC_TPE_GID |
3683 |
int "GID for untrusted users" |
3684 |
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
3685 |
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3686 |
help |
3687 |
Setting this GID determines what group TPE restrictions will be |
3688 |
*enabled* for. If the sysctl option is enabled, a sysctl option |
3689 |
-@@ -875,7 +875,7 @@ |
3690 |
+@@ -881,7 +881,7 @@ |
3691 |
config GRKERNSEC_TPE_GID |
3692 |
int "GID for trusted users" |
3693 |
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
3694 |
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3695 |
help |
3696 |
Setting this GID determines what group TPE restrictions will be |
3697 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
3698 |
-@@ -948,7 +948,7 @@ |
3699 |
+@@ -954,7 +954,7 @@ |
3700 |
config GRKERNSEC_SOCKET_ALL_GID |
3701 |
int "GID to deny all sockets for" |
3702 |
depends on GRKERNSEC_SOCKET_ALL |
3703 |
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3704 |
help |
3705 |
Here you can choose the GID to disable socket access for. Remember to |
3706 |
add the users you want socket access disabled for to the GID |
3707 |
-@@ -969,7 +969,7 @@ |
3708 |
+@@ -975,7 +975,7 @@ |
3709 |
config GRKERNSEC_SOCKET_CLIENT_GID |
3710 |
int "GID to deny client sockets for" |
3711 |
depends on GRKERNSEC_SOCKET_CLIENT |
3712 |
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3713 |
help |
3714 |
Here you can choose the GID to disable client socket access for. |
3715 |
Remember to add the users you want client socket access disabled for to |
3716 |
-@@ -987,7 +987,7 @@ |
3717 |
+@@ -993,7 +993,7 @@ |
3718 |
config GRKERNSEC_SOCKET_SERVER_GID |
3719 |
int "GID to deny server sockets for" |
3720 |
depends on GRKERNSEC_SOCKET_SERVER |
3721 |
|
3722 |
diff --git a/3.2.7/4455_grsec-kconfig-gentoo.patch b/3.2.9/4455_grsec-kconfig-gentoo.patch |
3723 |
similarity index 100% |
3724 |
rename from 3.2.7/4455_grsec-kconfig-gentoo.patch |
3725 |
rename to 3.2.9/4455_grsec-kconfig-gentoo.patch |
3726 |
|
3727 |
diff --git a/3.2.7/4460-grsec-kconfig-proc-user.patch b/3.2.9/4460-grsec-kconfig-proc-user.patch |
3728 |
similarity index 96% |
3729 |
rename from 3.2.7/4460-grsec-kconfig-proc-user.patch |
3730 |
rename to 3.2.9/4460-grsec-kconfig-proc-user.patch |
3731 |
index 72b894a..1081ed5 100644 |
3732 |
--- a/3.2.7/4460-grsec-kconfig-proc-user.patch |
3733 |
+++ b/3.2.9/4460-grsec-kconfig-proc-user.patch |
3734 |
@@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre |
3735 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3736 |
--- a/grsecurity/Kconfig 2011-06-29 10:02:56.000000000 -0400 |
3737 |
+++ b/grsecurity/Kconfig 2011-06-29 10:08:07.000000000 -0400 |
3738 |
-@@ -668,7 +668,7 @@ |
3739 |
+@@ -674,7 +674,7 @@ |
3740 |
|
3741 |
config GRKERNSEC_PROC_USER |
3742 |
bool "Restrict /proc to user only" |
3743 |
@@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3744 |
help |
3745 |
If you say Y here, non-root users will only be able to view their own |
3746 |
processes, and restricts them from viewing network-related information, |
3747 |
-@@ -676,7 +676,7 @@ |
3748 |
+@@ -682,7 +682,7 @@ |
3749 |
|
3750 |
config GRKERNSEC_PROC_USERGROUP |
3751 |
bool "Allow special group" |
3752 |
|
3753 |
diff --git a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch |
3754 |
similarity index 99% |
3755 |
rename from 3.2.7/4465_selinux-avc_audit-log-curr_ip.patch |
3756 |
rename to 3.2.9/4465_selinux-avc_audit-log-curr_ip.patch |
3757 |
index 7c9894c..cbd978d 100644 |
3758 |
--- a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch |
3759 |
+++ b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch |
3760 |
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
3761 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
3762 |
--- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 |
3763 |
+++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 |
3764 |
-@@ -1297,6 +1297,27 @@ |
3765 |
+@@ -1303,6 +1303,27 @@ |
3766 |
menu "Logging Options" |
3767 |
depends on GRKERNSEC |
3768 |
|
3769 |
|
3770 |
diff --git a/3.2.7/4470_disable-compat_vdso.patch b/3.2.9/4470_disable-compat_vdso.patch |
3771 |
similarity index 100% |
3772 |
rename from 3.2.7/4470_disable-compat_vdso.patch |
3773 |
rename to 3.2.9/4470_disable-compat_vdso.patch |