Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.54/, 3.13.0/
Date: Wed, 29 Jan 2014 13:38:53
Message-Id: 1391002715.b20249069b74137fd484e147e3ce91898f956db4.blueness@gentoo
1 commit: b20249069b74137fd484e147e3ce91898f956db4
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jan 29 13:38:35 2014 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Wed Jan 29 13:38:35 2014 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=b2024906
7
8 Grsec/PaX: 3.0-{3.2.54,3.13.0}-201401281850
9
10 ---
11 3.13.0/0000_README | 2 +-
12 ... 4420_grsecurity-3.0-3.13.0-201401281848.patch} | 240 +++++++++++++++------
13 3.2.54/0000_README | 2 +-
14 ... 4420_grsecurity-3.0-3.2.54-201401281850.patch} | 141 +++++++-----
15 3.2.54/4475_emutramp_default_on.patch | 2 +-
16 5 files changed, 269 insertions(+), 118 deletions(-)
17
18 diff --git a/3.13.0/0000_README b/3.13.0/0000_README
19 index 5bc7414..d5c2b2c 100644
20 --- a/3.13.0/0000_README
21 +++ b/3.13.0/0000_README
22 @@ -2,7 +2,7 @@ README
23 -----------------------------------------------------------------------------
24 Individual Patch Descriptions:
25 -----------------------------------------------------------------------------
26 -Patch: 4420_grsecurity-3.0-3.13.0-201401272348.patch
27 +Patch: 4420_grsecurity-3.0-3.13.0-201401281848.patch
28 From: http://www.grsecurity.net
29 Desc: hardened-sources base patch from upstream grsecurity
30
31
32 diff --git a/3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch b/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
33 similarity index 99%
34 rename from 3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch
35 rename to 3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
36 index fd68ab8..93699a6 100644
37 --- a/3.13.0/4420_grsecurity-3.0-3.13.0-201401272348.patch
38 +++ b/3.13.0/4420_grsecurity-3.0-3.13.0-201401281848.patch
39 @@ -22109,7 +22109,7 @@ index a2a4f46..6cab058 100644
40
41 /*
42 diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
43 -index 1e96c36..86f2033 100644
44 +index 1e96c36..3ff710a 100644
45 --- a/arch/x86/kernel/entry_64.S
46 +++ b/arch/x86/kernel/entry_64.S
47 @@ -59,6 +59,8 @@
48 @@ -22704,7 +22704,26 @@ index 1e96c36..86f2033 100644
49 je 1f
50 SWAPGS
51 /*
52 -@@ -514,9 +927,52 @@ ENTRY(save_paranoid)
53 +@@ -483,6 +896,18 @@ ENDPROC(native_usergs_sysret64)
54 + 0x06 /* DW_OP_deref */, \
55 + 0x08 /* DW_OP_const1u */, SS+8-RBP, \
56 + 0x22 /* DW_OP_plus */
57 ++
58 ++#ifdef CONFIG_PAX_MEMORY_UDEREF
59 ++ testb $3, CS(%rdi)
60 ++ jnz 1f
61 ++ pax_enter_kernel
62 ++ jmp 2f
63 ++1: pax_enter_kernel_user
64 ++2:
65 ++#else
66 ++ pax_enter_kernel
67 ++#endif
68 ++
69 + /* We entered an interrupt context - irqs are off: */
70 + TRACE_IRQS_OFF
71 + .endm
72 +@@ -514,9 +939,52 @@ ENTRY(save_paranoid)
73 js 1f /* negative -> in kernel */
74 SWAPGS
75 xorl %ebx,%ebx
76 @@ -22759,7 +22778,7 @@ index 1e96c36..86f2033 100644
77 .popsection
78
79 /*
80 -@@ -538,7 +994,7 @@ ENTRY(ret_from_fork)
81 +@@ -538,7 +1006,7 @@ ENTRY(ret_from_fork)
82
83 RESTORE_REST
84
85 @@ -22768,7 +22787,7 @@ index 1e96c36..86f2033 100644
86 jz 1f
87
88 testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
89 -@@ -548,15 +1004,13 @@ ENTRY(ret_from_fork)
90 +@@ -548,15 +1016,13 @@ ENTRY(ret_from_fork)
91 jmp ret_from_sys_call # go to the SYSRET fastpath
92
93 1:
94 @@ -22785,7 +22804,7 @@ index 1e96c36..86f2033 100644
95
96 /*
97 * System call entry. Up to 6 arguments in registers are supported.
98 -@@ -593,7 +1047,7 @@ END(ret_from_fork)
99 +@@ -593,7 +1059,7 @@ END(ret_from_fork)
100 ENTRY(system_call)
101 CFI_STARTPROC simple
102 CFI_SIGNAL_FRAME
103 @@ -22794,7 +22813,7 @@ index 1e96c36..86f2033 100644
104 CFI_REGISTER rip,rcx
105 /*CFI_REGISTER rflags,r11*/
106 SWAPGS_UNSAFE_STACK
107 -@@ -606,16 +1060,23 @@ GLOBAL(system_call_after_swapgs)
108 +@@ -606,16 +1072,23 @@ GLOBAL(system_call_after_swapgs)
109
110 movq %rsp,PER_CPU_VAR(old_rsp)
111 movq PER_CPU_VAR(kernel_stack),%rsp
112 @@ -22820,7 +22839,7 @@ index 1e96c36..86f2033 100644
113 jnz tracesys
114 system_call_fastpath:
115 #if __SYSCALL_MASK == ~0
116 -@@ -639,10 +1100,13 @@ sysret_check:
117 +@@ -639,10 +1112,13 @@ sysret_check:
118 LOCKDEP_SYS_EXIT
119 DISABLE_INTERRUPTS(CLBR_NONE)
120 TRACE_IRQS_OFF
121 @@ -22835,7 +22854,7 @@ index 1e96c36..86f2033 100644
122 /*
123 * sysretq will re-enable interrupts:
124 */
125 -@@ -701,6 +1165,9 @@ auditsys:
126 +@@ -701,6 +1177,9 @@ auditsys:
127 movq %rax,%rsi /* 2nd arg: syscall number */
128 movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */
129 call __audit_syscall_entry
130 @@ -22845,7 +22864,7 @@ index 1e96c36..86f2033 100644
131 LOAD_ARGS 0 /* reload call-clobbered registers */
132 jmp system_call_fastpath
133
134 -@@ -722,7 +1189,7 @@ sysret_audit:
135 +@@ -722,7 +1201,7 @@ sysret_audit:
136 /* Do syscall tracing */
137 tracesys:
138 #ifdef CONFIG_AUDITSYSCALL
139 @@ -22854,7 +22873,7 @@ index 1e96c36..86f2033 100644
140 jz auditsys
141 #endif
142 SAVE_REST
143 -@@ -730,12 +1197,15 @@ tracesys:
144 +@@ -730,12 +1209,15 @@ tracesys:
145 FIXUP_TOP_OF_STACK %rdi
146 movq %rsp,%rdi
147 call syscall_trace_enter
148 @@ -22871,7 +22890,7 @@ index 1e96c36..86f2033 100644
149 RESTORE_REST
150 #if __SYSCALL_MASK == ~0
151 cmpq $__NR_syscall_max,%rax
152 -@@ -765,7 +1235,9 @@ GLOBAL(int_with_check)
153 +@@ -765,7 +1247,9 @@ GLOBAL(int_with_check)
154 andl %edi,%edx
155 jnz int_careful
156 andl $~TS_COMPAT,TI_status(%rcx)
157 @@ -22882,7 +22901,7 @@ index 1e96c36..86f2033 100644
158
159 /* Either reschedule or signal or syscall exit tracking needed. */
160 /* First do a reschedule test. */
161 -@@ -811,7 +1283,7 @@ int_restore_rest:
162 +@@ -811,7 +1295,7 @@ int_restore_rest:
163 TRACE_IRQS_OFF
164 jmp int_with_check
165 CFI_ENDPROC
166 @@ -22891,7 +22910,7 @@ index 1e96c36..86f2033 100644
167
168 .macro FORK_LIKE func
169 ENTRY(stub_\func)
170 -@@ -824,9 +1296,10 @@ ENTRY(stub_\func)
171 +@@ -824,9 +1308,10 @@ ENTRY(stub_\func)
172 DEFAULT_FRAME 0 8 /* offset 8: return address */
173 call sys_\func
174 RESTORE_TOP_OF_STACK %r11, 8
175 @@ -22904,7 +22923,7 @@ index 1e96c36..86f2033 100644
176 .endm
177
178 .macro FIXED_FRAME label,func
179 -@@ -836,9 +1309,10 @@ ENTRY(\label)
180 +@@ -836,9 +1321,10 @@ ENTRY(\label)
181 FIXUP_TOP_OF_STACK %r11, 8-ARGOFFSET
182 call \func
183 RESTORE_TOP_OF_STACK %r11, 8-ARGOFFSET
184 @@ -22916,7 +22935,7 @@ index 1e96c36..86f2033 100644
185 .endm
186
187 FORK_LIKE clone
188 -@@ -846,19 +1320,6 @@ END(\label)
189 +@@ -846,19 +1332,6 @@ END(\label)
190 FORK_LIKE vfork
191 FIXED_FRAME stub_iopl, sys_iopl
192
193 @@ -22936,7 +22955,7 @@ index 1e96c36..86f2033 100644
194 ENTRY(stub_execve)
195 CFI_STARTPROC
196 addq $8, %rsp
197 -@@ -870,7 +1331,7 @@ ENTRY(stub_execve)
198 +@@ -870,7 +1343,7 @@ ENTRY(stub_execve)
199 RESTORE_REST
200 jmp int_ret_from_sys_call
201 CFI_ENDPROC
202 @@ -22945,7 +22964,7 @@ index 1e96c36..86f2033 100644
203
204 /*
205 * sigreturn is special because it needs to restore all registers on return.
206 -@@ -887,7 +1348,7 @@ ENTRY(stub_rt_sigreturn)
207 +@@ -887,7 +1360,7 @@ ENTRY(stub_rt_sigreturn)
208 RESTORE_REST
209 jmp int_ret_from_sys_call
210 CFI_ENDPROC
211 @@ -22954,7 +22973,7 @@ index 1e96c36..86f2033 100644
212
213 #ifdef CONFIG_X86_X32_ABI
214 ENTRY(stub_x32_rt_sigreturn)
215 -@@ -901,7 +1362,7 @@ ENTRY(stub_x32_rt_sigreturn)
216 +@@ -901,7 +1374,7 @@ ENTRY(stub_x32_rt_sigreturn)
217 RESTORE_REST
218 jmp int_ret_from_sys_call
219 CFI_ENDPROC
220 @@ -22963,7 +22982,7 @@ index 1e96c36..86f2033 100644
221
222 ENTRY(stub_x32_execve)
223 CFI_STARTPROC
224 -@@ -915,7 +1376,7 @@ ENTRY(stub_x32_execve)
225 +@@ -915,7 +1388,7 @@ ENTRY(stub_x32_execve)
226 RESTORE_REST
227 jmp int_ret_from_sys_call
228 CFI_ENDPROC
229 @@ -22972,7 +22991,7 @@ index 1e96c36..86f2033 100644
230
231 #endif
232
233 -@@ -952,7 +1413,7 @@ vector=vector+1
234 +@@ -952,7 +1425,7 @@ vector=vector+1
235 2: jmp common_interrupt
236 .endr
237 CFI_ENDPROC
238 @@ -22981,7 +23000,7 @@ index 1e96c36..86f2033 100644
239
240 .previous
241 END(interrupt)
242 -@@ -969,9 +1430,19 @@ END(interrupt)
243 +@@ -969,8 +1442,8 @@ END(interrupt)
244 /* 0(%rsp): ~(interrupt number) */
245 .macro interrupt func
246 /* reserve pt_regs for scratch regs and rbp */
247 @@ -22990,20 +23009,9 @@ index 1e96c36..86f2033 100644
248 + subq $ORIG_RAX, %rsp
249 + CFI_ADJUST_CFA_OFFSET ORIG_RAX
250 SAVE_ARGS_IRQ
251 -+#ifdef CONFIG_PAX_MEMORY_UDEREF
252 -+ testb $3, CS(%rdi)
253 -+ jnz 1f
254 -+ pax_enter_kernel
255 -+ jmp 2f
256 -+1: pax_enter_kernel_user
257 -+2:
258 -+#else
259 -+ pax_enter_kernel
260 -+#endif
261 call \func
262 .endm
263 -
264 -@@ -997,14 +1468,14 @@ ret_from_intr:
265 +@@ -997,14 +1470,14 @@ ret_from_intr:
266
267 /* Restore saved previous stack */
268 popq %rsi
269 @@ -23022,7 +23030,7 @@ index 1e96c36..86f2033 100644
270 je retint_kernel
271
272 /* Interrupt came from user space */
273 -@@ -1026,12 +1497,16 @@ retint_swapgs: /* return to user-space */
274 +@@ -1026,12 +1499,16 @@ retint_swapgs: /* return to user-space */
275 * The iretq could re-enable interrupts:
276 */
277 DISABLE_INTERRUPTS(CLBR_ANY)
278 @@ -23039,7 +23047,7 @@ index 1e96c36..86f2033 100644
279 /*
280 * The iretq could re-enable interrupts:
281 */
282 -@@ -1112,7 +1587,7 @@ ENTRY(retint_kernel)
283 +@@ -1112,7 +1589,7 @@ ENTRY(retint_kernel)
284 #endif
285
286 CFI_ENDPROC
287 @@ -23048,7 +23056,7 @@ index 1e96c36..86f2033 100644
288 /*
289 * End of kprobes section
290 */
291 -@@ -1130,7 +1605,7 @@ ENTRY(\sym)
292 +@@ -1130,7 +1607,7 @@ ENTRY(\sym)
293 interrupt \do_sym
294 jmp ret_from_intr
295 CFI_ENDPROC
296 @@ -23057,7 +23065,7 @@ index 1e96c36..86f2033 100644
297 .endm
298
299 #ifdef CONFIG_TRACING
300 -@@ -1218,7 +1693,7 @@ ENTRY(\sym)
301 +@@ -1218,7 +1695,7 @@ ENTRY(\sym)
302 call \do_sym
303 jmp error_exit /* %ebx: no swapgs flag */
304 CFI_ENDPROC
305 @@ -23066,7 +23074,7 @@ index 1e96c36..86f2033 100644
306 .endm
307
308 .macro paranoidzeroentry sym do_sym
309 -@@ -1236,10 +1711,10 @@ ENTRY(\sym)
310 +@@ -1236,10 +1713,10 @@ ENTRY(\sym)
311 call \do_sym
312 jmp paranoid_exit /* %ebx: no swapgs flag */
313 CFI_ENDPROC
314 @@ -23079,7 +23087,7 @@ index 1e96c36..86f2033 100644
315 .macro paranoidzeroentry_ist sym do_sym ist
316 ENTRY(\sym)
317 INTR_FRAME
318 -@@ -1252,12 +1727,18 @@ ENTRY(\sym)
319 +@@ -1252,12 +1729,18 @@ ENTRY(\sym)
320 TRACE_IRQS_OFF_DEBUG
321 movq %rsp,%rdi /* pt_regs pointer */
322 xorl %esi,%esi /* no error code */
323 @@ -23099,7 +23107,7 @@ index 1e96c36..86f2033 100644
324 .endm
325
326 .macro errorentry sym do_sym
327 -@@ -1275,7 +1756,7 @@ ENTRY(\sym)
328 +@@ -1275,7 +1758,7 @@ ENTRY(\sym)
329 call \do_sym
330 jmp error_exit /* %ebx: no swapgs flag */
331 CFI_ENDPROC
332 @@ -23108,7 +23116,7 @@ index 1e96c36..86f2033 100644
333 .endm
334
335 #ifdef CONFIG_TRACING
336 -@@ -1306,7 +1787,7 @@ ENTRY(\sym)
337 +@@ -1306,7 +1789,7 @@ ENTRY(\sym)
338 call \do_sym
339 jmp paranoid_exit /* %ebx: no swapgs flag */
340 CFI_ENDPROC
341 @@ -23117,7 +23125,7 @@ index 1e96c36..86f2033 100644
342 .endm
343
344 zeroentry divide_error do_divide_error
345 -@@ -1336,9 +1817,10 @@ gs_change:
346 +@@ -1336,9 +1819,10 @@ gs_change:
347 2: mfence /* workaround */
348 SWAPGS
349 popfq_cfi
350 @@ -23129,7 +23137,7 @@ index 1e96c36..86f2033 100644
351
352 _ASM_EXTABLE(gs_change,bad_gs)
353 .section .fixup,"ax"
354 -@@ -1366,9 +1848,10 @@ ENTRY(do_softirq_own_stack)
355 +@@ -1366,9 +1850,10 @@ ENTRY(do_softirq_own_stack)
356 CFI_DEF_CFA_REGISTER rsp
357 CFI_ADJUST_CFA_OFFSET -8
358 decl PER_CPU_VAR(irq_count)
359 @@ -23141,7 +23149,7 @@ index 1e96c36..86f2033 100644
360
361 #ifdef CONFIG_XEN
362 zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
363 -@@ -1406,7 +1889,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
364 +@@ -1406,7 +1891,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
365 decl PER_CPU_VAR(irq_count)
366 jmp error_exit
367 CFI_ENDPROC
368 @@ -23150,7 +23158,7 @@ index 1e96c36..86f2033 100644
369
370 /*
371 * Hypervisor uses this for application faults while it executes.
372 -@@ -1465,7 +1948,7 @@ ENTRY(xen_failsafe_callback)
373 +@@ -1465,7 +1950,7 @@ ENTRY(xen_failsafe_callback)
374 SAVE_ALL
375 jmp error_exit
376 CFI_ENDPROC
377 @@ -23159,7 +23167,7 @@ index 1e96c36..86f2033 100644
378
379 apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \
380 xen_hvm_callback_vector xen_evtchn_do_upcall
381 -@@ -1517,18 +2000,33 @@ ENTRY(paranoid_exit)
382 +@@ -1517,18 +2002,33 @@ ENTRY(paranoid_exit)
383 DEFAULT_FRAME
384 DISABLE_INTERRUPTS(CLBR_NONE)
385 TRACE_IRQS_OFF_DEBUG
386 @@ -23195,7 +23203,7 @@ index 1e96c36..86f2033 100644
387 jmp irq_return
388 paranoid_userspace:
389 GET_THREAD_INFO(%rcx)
390 -@@ -1557,7 +2055,7 @@ paranoid_schedule:
391 +@@ -1557,7 +2057,7 @@ paranoid_schedule:
392 TRACE_IRQS_OFF
393 jmp paranoid_userspace
394 CFI_ENDPROC
395 @@ -23204,7 +23212,7 @@ index 1e96c36..86f2033 100644
396
397 /*
398 * Exception entry point. This expects an error code/orig_rax on the stack.
399 -@@ -1584,12 +2082,23 @@ ENTRY(error_entry)
400 +@@ -1584,12 +2084,23 @@ ENTRY(error_entry)
401 movq_cfi r14, R14+8
402 movq_cfi r15, R15+8
403 xorl %ebx,%ebx
404 @@ -23229,7 +23237,7 @@ index 1e96c36..86f2033 100644
405 ret
406
407 /*
408 -@@ -1616,7 +2125,7 @@ bstep_iret:
409 +@@ -1616,7 +2127,7 @@ bstep_iret:
410 movq %rcx,RIP+8(%rsp)
411 jmp error_swapgs
412 CFI_ENDPROC
413 @@ -23238,7 +23246,7 @@ index 1e96c36..86f2033 100644
414
415
416 /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
417 -@@ -1627,7 +2136,7 @@ ENTRY(error_exit)
418 +@@ -1627,7 +2138,7 @@ ENTRY(error_exit)
419 DISABLE_INTERRUPTS(CLBR_NONE)
420 TRACE_IRQS_OFF
421 GET_THREAD_INFO(%rcx)
422 @@ -23247,7 +23255,7 @@ index 1e96c36..86f2033 100644
423 jne retint_kernel
424 LOCKDEP_SYS_EXIT_IRQ
425 movl TI_flags(%rcx),%edx
426 -@@ -1636,7 +2145,7 @@ ENTRY(error_exit)
427 +@@ -1636,7 +2147,7 @@ ENTRY(error_exit)
428 jnz retint_careful
429 jmp retint_swapgs
430 CFI_ENDPROC
431 @@ -23256,7 +23264,7 @@ index 1e96c36..86f2033 100644
432
433 /*
434 * Test if a given stack is an NMI stack or not.
435 -@@ -1694,9 +2203,11 @@ ENTRY(nmi)
436 +@@ -1694,9 +2205,11 @@ ENTRY(nmi)
437 * If %cs was not the kernel segment, then the NMI triggered in user
438 * space, which means it is definitely not nested.
439 */
440 @@ -23269,7 +23277,7 @@ index 1e96c36..86f2033 100644
441 /*
442 * Check the special variable on the stack to see if NMIs are
443 * executing.
444 -@@ -1730,8 +2241,7 @@ nested_nmi:
445 +@@ -1730,8 +2243,7 @@ nested_nmi:
446
447 1:
448 /* Set up the interrupted NMIs stack to jump to repeat_nmi */
449 @@ -23279,7 +23287,7 @@ index 1e96c36..86f2033 100644
450 CFI_ADJUST_CFA_OFFSET 1*8
451 leaq -10*8(%rsp), %rdx
452 pushq_cfi $__KERNEL_DS
453 -@@ -1749,6 +2259,7 @@ nested_nmi_out:
454 +@@ -1749,6 +2261,7 @@ nested_nmi_out:
455 CFI_RESTORE rdx
456
457 /* No need to check faults here */
458 @@ -23287,7 +23295,7 @@ index 1e96c36..86f2033 100644
459 INTERRUPT_RETURN
460
461 CFI_RESTORE_STATE
462 -@@ -1845,13 +2356,13 @@ end_repeat_nmi:
463 +@@ -1845,13 +2358,13 @@ end_repeat_nmi:
464 subq $ORIG_RAX-R15, %rsp
465 CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
466 /*
467 @@ -23303,7 +23311,7 @@ index 1e96c36..86f2033 100644
468 DEFAULT_FRAME 0
469
470 /*
471 -@@ -1861,9 +2372,9 @@ end_repeat_nmi:
472 +@@ -1861,9 +2374,9 @@ end_repeat_nmi:
473 * NMI itself takes a page fault, the page fault that was preempted
474 * will read the information from the NMI page fault and not the
475 * origin fault. Save it off and restore it if it changes.
476 @@ -23315,7 +23323,7 @@ index 1e96c36..86f2033 100644
477
478 /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
479 movq %rsp,%rdi
480 -@@ -1872,31 +2383,36 @@ end_repeat_nmi:
481 +@@ -1872,31 +2385,36 @@ end_repeat_nmi:
482
483 /* Did the NMI take a page fault? Restore cr2 if it did */
484 movq %cr2, %rcx
485 @@ -60888,6 +60896,81 @@ index 00ad1c2..2fde15e 100644
486 }
487
488 void nfs_fattr_init(struct nfs_fattr *fattr)
489 +diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
490 +index b4a160a..2b9bfba 100644
491 +--- a/fs/nfs/nfs4client.c
492 ++++ b/fs/nfs/nfs4client.c
493 +@@ -409,13 +409,11 @@ struct nfs_client *nfs4_init_client(struct nfs_client *clp,
494 + error = nfs4_discover_server_trunking(clp, &old);
495 + if (error < 0)
496 + goto error;
497 +- nfs_put_client(clp);
498 +- if (clp != old) {
499 ++
500 ++ if (clp != old)
501 + clp->cl_preserve_clid = true;
502 +- clp = old;
503 +- }
504 +-
505 +- return clp;
506 ++ nfs_put_client(clp);
507 ++ return old;
508 +
509 + error:
510 + nfs_mark_client_ready(clp, error);
511 +@@ -493,9 +491,10 @@ int nfs40_walk_client_list(struct nfs_client *new,
512 + prev = pos;
513 +
514 + status = nfs_wait_client_init_complete(pos);
515 +- spin_lock(&nn->nfs_client_lock);
516 + if (status < 0)
517 +- continue;
518 ++ goto out;
519 ++ status = -NFS4ERR_STALE_CLIENTID;
520 ++ spin_lock(&nn->nfs_client_lock);
521 + }
522 + if (pos->cl_cons_state != NFS_CS_READY)
523 + continue;
524 +@@ -633,7 +632,8 @@ int nfs41_walk_client_list(struct nfs_client *new,
525 + }
526 + spin_lock(&nn->nfs_client_lock);
527 + if (status < 0)
528 +- continue;
529 ++ break;
530 ++ status = -NFS4ERR_STALE_CLIENTID;
531 + }
532 + if (pos->cl_cons_state != NFS_CS_READY)
533 + continue;
534 +diff --git a/fs/nfs/write.c b/fs/nfs/write.c
535 +index c1d5482..6a85038 100644
536 +--- a/fs/nfs/write.c
537 ++++ b/fs/nfs/write.c
538 +@@ -922,19 +922,20 @@ out:
539 + * extend the write to cover the entire page in order to avoid fragmentation
540 + * inefficiencies.
541 + *
542 +- * If the file is opened for synchronous writes or if we have a write delegation
543 +- * from the server then we can just skip the rest of the checks.
544 ++ * If the file is opened for synchronous writes then we can just skip the rest
545 ++ * of the checks.
546 + */
547 + static int nfs_can_extend_write(struct file *file, struct page *page, struct inode *inode)
548 + {
549 + if (file->f_flags & O_DSYNC)
550 + return 0;
551 ++ if (!nfs_write_pageuptodate(page, inode))
552 ++ return 0;
553 + if (NFS_PROTO(inode)->have_delegation(inode, FMODE_WRITE))
554 + return 1;
555 +- if (nfs_write_pageuptodate(page, inode) && (inode->i_flock == NULL ||
556 +- (inode->i_flock->fl_start == 0 &&
557 ++ if (inode->i_flock == NULL || (inode->i_flock->fl_start == 0 &&
558 + inode->i_flock->fl_end == OFFSET_MAX &&
559 +- inode->i_flock->fl_type != F_RDLCK)))
560 ++ inode->i_flock->fl_type != F_RDLCK))
561 + return 1;
562 + return 0;
563 + }
564 diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
565 index 419572f..5414a23 100644
566 --- a/fs/nfsd/nfs4proc.c
567 @@ -61054,7 +61137,7 @@ index e7bc1d7..06bd4bb 100644
568 }
569
570 diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
571 -index e44cb64..4807084 100644
572 +index e44cb64..7668ca4 100644
573 --- a/fs/notify/fanotify/fanotify_user.c
574 +++ b/fs/notify/fanotify/fanotify_user.c
575 @@ -253,8 +253,8 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group,
576 @@ -61068,6 +61151,18 @@ index e44cb64..4807084 100644
577 goto out_close_fd;
578
579 ret = prepare_for_access_response(group, event, fd);
580 +@@ -888,9 +888,9 @@ COMPAT_SYSCALL_DEFINE6(fanotify_mark,
581 + {
582 + return sys_fanotify_mark(fanotify_fd, flags,
583 + #ifdef __BIG_ENDIAN
584 +- ((__u64)mask1 << 32) | mask0,
585 +-#else
586 + ((__u64)mask0 << 32) | mask1,
587 ++#else
588 ++ ((__u64)mask1 << 32) | mask0,
589 + #endif
590 + dfd, pathname);
591 + }
592 diff --git a/fs/notify/notification.c b/fs/notify/notification.c
593 index 7b51b05..5ea5ef6 100644
594 --- a/fs/notify/notification.c
595 @@ -80321,7 +80416,7 @@ index 429c199..4d42e38 100644
596
597 /* shm_mode upper byte flags */
598 diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
599 -index 6f69b3f..335b9b1 100644
600 +index 6f69b3f..71ac613 100644
601 --- a/include/linux/skbuff.h
602 +++ b/include/linux/skbuff.h
603 @@ -643,7 +643,7 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from,
604 @@ -80360,6 +80455,15 @@ index 6f69b3f..335b9b1 100644
605 }
606
607 /**
608 +@@ -1686,7 +1686,7 @@ static inline u32 skb_inner_network_header_len(const struct sk_buff *skb)
609 + return skb->inner_transport_header - skb->inner_network_header;
610 + }
611 +
612 +-static inline int skb_network_offset(const struct sk_buff *skb)
613 ++static inline int __intentional_overflow(0) skb_network_offset(const struct sk_buff *skb)
614 + {
615 + return skb_network_header(skb) - skb->data;
616 + }
617 @@ -1746,7 +1746,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
618 * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
619 */
620 @@ -100164,7 +100268,7 @@ index 008cdad..6f17474 100644
621 /* make a copy for the caller */
622 *handle = ctxh;
623 diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
624 -index f09b7db..262b98a 100644
625 +index f09b7db..393c39e 100644
626 --- a/net/sunrpc/clnt.c
627 +++ b/net/sunrpc/clnt.c
628 @@ -1415,7 +1415,9 @@ call_start(struct rpc_task *task)
629 @@ -100178,6 +100282,22 @@ index f09b7db..262b98a 100644
630 clnt->cl_stats->rpccnt++;
631 task->tk_action = call_reserve;
632 }
633 +@@ -1529,9 +1531,13 @@ call_refreshresult(struct rpc_task *task)
634 + task->tk_action = call_refresh;
635 + switch (status) {
636 + case 0:
637 +- if (rpcauth_uptodatecred(task))
638 ++ if (rpcauth_uptodatecred(task)) {
639 + task->tk_action = call_allocate;
640 +- return;
641 ++ return;
642 ++ }
643 ++ /* Use rate-limiting and a max number of retries if refresh
644 ++ * had status 0 but failed to update the cred.
645 ++ */
646 + case -ETIMEDOUT:
647 + rpc_delay(task, 3*HZ);
648 + case -EAGAIN:
649 diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c
650 index ff3cc4b..7612a9e 100644
651 --- a/net/sunrpc/sched.c
652
653 diff --git a/3.2.54/0000_README b/3.2.54/0000_README
654 index 2c130eb..1673fee 100644
655 --- a/3.2.54/0000_README
656 +++ b/3.2.54/0000_README
657 @@ -134,7 +134,7 @@ Patch: 1053_linux-3.2.54.patch
658 From: http://www.kernel.org
659 Desc: Linux 3.2.54
660
661 -Patch: 4420_grsecurity-3.0-3.2.54-201401272346.patch
662 +Patch: 4420_grsecurity-3.0-3.2.54-201401281850.patch
663 From: http://www.grsecurity.net
664 Desc: hardened-sources base patch from upstream grsecurity
665
666
667 diff --git a/3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch b/3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch
668 similarity index 99%
669 rename from 3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch
670 rename to 3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch
671 index 3607efc..70f1c6f 100644
672 --- a/3.2.54/4420_grsecurity-3.0-3.2.54-201401272346.patch
673 +++ b/3.2.54/4420_grsecurity-3.0-3.2.54-201401281850.patch
674 @@ -18505,7 +18505,7 @@ index d2d488b8..a4f589f 100644
675
676 /*
677 diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S
678 -index 6274f5f..5eb09cb 100644
679 +index 6274f5f..7b23dca 100644
680 --- a/arch/x86/kernel/entry_64.S
681 +++ b/arch/x86/kernel/entry_64.S
682 @@ -55,6 +55,8 @@
683 @@ -18918,7 +18918,24 @@ index 6274f5f..5eb09cb 100644
684 je 1f
685 SWAPGS
686 /*
687 -@@ -345,19 +633,22 @@ ENDPROC(native_usergs_sysret64)
688 +@@ -340,24 +628,39 @@ ENDPROC(native_usergs_sysret64)
689 + 0x06 /* DW_OP_deref */, \
690 + 0x08 /* DW_OP_const1u */, SS+8-RBP, \
691 + 0x22 /* DW_OP_plus */
692 ++
693 ++#ifdef CONFIG_PAX_MEMORY_UDEREF
694 ++ testb $3, CS(%rdi)
695 ++ jnz 1f
696 ++ pax_enter_kernel
697 ++ jmp 2f
698 ++1: pax_enter_kernel_user
699 ++2:
700 ++#else
701 ++ pax_enter_kernel
702 ++#endif
703 ++
704 + /* We entered an interrupt context - irqs are off: */
705 + TRACE_IRQS_OFF
706 .endm
707
708 ENTRY(save_rest)
709 @@ -18945,7 +18962,7 @@ index 6274f5f..5eb09cb 100644
710
711 /* save complete stack frame */
712 .pushsection .kprobes.text, "ax"
713 -@@ -386,10 +677,21 @@ ENTRY(save_paranoid)
714 +@@ -386,10 +689,21 @@ ENTRY(save_paranoid)
715 js 1f /* negative -> in kernel */
716 SWAPGS
717 xorl %ebx,%ebx
718 @@ -18970,7 +18987,7 @@ index 6274f5f..5eb09cb 100644
719
720 /*
721 * A newly forked process directly context switches into this address.
722 -@@ -410,7 +712,7 @@ ENTRY(ret_from_fork)
723 +@@ -410,7 +724,7 @@ ENTRY(ret_from_fork)
724
725 RESTORE_REST
726
727 @@ -18979,7 +18996,7 @@ index 6274f5f..5eb09cb 100644
728 je int_ret_from_sys_call
729
730 testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET
731 -@@ -420,7 +722,7 @@ ENTRY(ret_from_fork)
732 +@@ -420,7 +734,7 @@ ENTRY(ret_from_fork)
733 jmp ret_from_sys_call # go to the SYSRET fastpath
734
735 CFI_ENDPROC
736 @@ -18988,7 +19005,7 @@ index 6274f5f..5eb09cb 100644
737
738 /*
739 * System call entry. Up to 6 arguments in registers are supported.
740 -@@ -456,7 +758,7 @@ END(ret_from_fork)
741 +@@ -456,7 +770,7 @@ END(ret_from_fork)
742 ENTRY(system_call)
743 CFI_STARTPROC simple
744 CFI_SIGNAL_FRAME
745 @@ -18997,7 +19014,7 @@ index 6274f5f..5eb09cb 100644
746 CFI_REGISTER rip,rcx
747 /*CFI_REGISTER rflags,r11*/
748 SWAPGS_UNSAFE_STACK
749 -@@ -469,12 +771,18 @@ ENTRY(system_call_after_swapgs)
750 +@@ -469,12 +783,18 @@ ENTRY(system_call_after_swapgs)
751
752 movq %rsp,PER_CPU_VAR(old_rsp)
753 movq PER_CPU_VAR(kernel_stack),%rsp
754 @@ -19017,7 +19034,7 @@ index 6274f5f..5eb09cb 100644
755 movq %rax,ORIG_RAX-ARGOFFSET(%rsp)
756 movq %rcx,RIP-ARGOFFSET(%rsp)
757 CFI_REL_OFFSET rip,RIP-ARGOFFSET
758 -@@ -503,6 +811,8 @@ sysret_check:
759 +@@ -503,6 +823,8 @@ sysret_check:
760 andl %edi,%edx
761 jnz sysret_careful
762 CFI_REMEMBER_STATE
763 @@ -19026,7 +19043,7 @@ index 6274f5f..5eb09cb 100644
764 /*
765 * sysretq will re-enable interrupts:
766 */
767 -@@ -561,6 +871,9 @@ auditsys:
768 +@@ -561,6 +883,9 @@ auditsys:
769 movq %rax,%rsi /* 2nd arg: syscall number */
770 movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */
771 call audit_syscall_entry
772 @@ -19036,7 +19053,7 @@ index 6274f5f..5eb09cb 100644
773 LOAD_ARGS 0 /* reload call-clobbered registers */
774 jmp system_call_fastpath
775
776 -@@ -591,12 +904,15 @@ tracesys:
777 +@@ -591,12 +916,15 @@ tracesys:
778 FIXUP_TOP_OF_STACK %rdi
779 movq %rsp,%rdi
780 call syscall_trace_enter
781 @@ -19053,7 +19070,7 @@ index 6274f5f..5eb09cb 100644
782 RESTORE_REST
783 cmpq $__NR_syscall_max,%rax
784 ja int_ret_from_sys_call /* RAX(%rsp) set to -ENOSYS above */
785 -@@ -612,7 +928,7 @@ tracesys:
786 +@@ -612,7 +940,7 @@ tracesys:
787 GLOBAL(int_ret_from_sys_call)
788 DISABLE_INTERRUPTS(CLBR_NONE)
789 TRACE_IRQS_OFF
790 @@ -19062,7 +19079,7 @@ index 6274f5f..5eb09cb 100644
791 je retint_restore_args
792 movl $_TIF_ALLWORK_MASK,%edi
793 /* edi: mask to check */
794 -@@ -623,7 +939,9 @@ GLOBAL(int_with_check)
795 +@@ -623,7 +951,9 @@ GLOBAL(int_with_check)
796 andl %edi,%edx
797 jnz int_careful
798 andl $~TS_COMPAT,TI_status(%rcx)
799 @@ -19073,7 +19090,7 @@ index 6274f5f..5eb09cb 100644
800
801 /* Either reschedule or signal or syscall exit tracking needed. */
802 /* First do a reschedule test. */
803 -@@ -669,7 +987,7 @@ int_restore_rest:
804 +@@ -669,7 +999,7 @@ int_restore_rest:
805 TRACE_IRQS_OFF
806 jmp int_with_check
807 CFI_ENDPROC
808 @@ -19082,7 +19099,7 @@ index 6274f5f..5eb09cb 100644
809
810 /*
811 * Certain special system calls that need to save a complete full stack frame.
812 -@@ -677,15 +995,13 @@ END(system_call)
813 +@@ -677,15 +1007,13 @@ END(system_call)
814 .macro PTREGSCALL label,func,arg
815 ENTRY(\label)
816 PARTIAL_FRAME 1 8 /* offset 8: return address */
817 @@ -19099,7 +19116,7 @@ index 6274f5f..5eb09cb 100644
818 .endm
819
820 PTREGSCALL stub_clone, sys_clone, %r8
821 -@@ -700,12 +1016,17 @@ ENTRY(ptregscall_common)
822 +@@ -700,12 +1028,17 @@ ENTRY(ptregscall_common)
823 movq_cfi_restore R15+8, r15
824 movq_cfi_restore R14+8, r14
825 movq_cfi_restore R13+8, r13
826 @@ -19119,7 +19136,7 @@ index 6274f5f..5eb09cb 100644
827
828 ENTRY(stub_execve)
829 CFI_STARTPROC
830 -@@ -720,7 +1041,7 @@ ENTRY(stub_execve)
831 +@@ -720,7 +1053,7 @@ ENTRY(stub_execve)
832 RESTORE_REST
833 jmp int_ret_from_sys_call
834 CFI_ENDPROC
835 @@ -19128,7 +19145,7 @@ index 6274f5f..5eb09cb 100644
836
837 /*
838 * sigreturn is special because it needs to restore all registers on return.
839 -@@ -738,7 +1059,7 @@ ENTRY(stub_rt_sigreturn)
840 +@@ -738,7 +1071,7 @@ ENTRY(stub_rt_sigreturn)
841 RESTORE_REST
842 jmp int_ret_from_sys_call
843 CFI_ENDPROC
844 @@ -19137,7 +19154,7 @@ index 6274f5f..5eb09cb 100644
845
846 /*
847 * Build the entry stubs and pointer table with some assembler magic.
848 -@@ -773,7 +1094,7 @@ vector=vector+1
849 +@@ -773,7 +1106,7 @@ vector=vector+1
850 2: jmp common_interrupt
851 .endr
852 CFI_ENDPROC
853 @@ -19146,7 +19163,7 @@ index 6274f5f..5eb09cb 100644
854
855 .previous
856 END(interrupt)
857 -@@ -790,9 +1111,19 @@ END(interrupt)
858 +@@ -790,8 +1123,8 @@ END(interrupt)
859 /* 0(%rsp): ~(interrupt number) */
860 .macro interrupt func
861 /* reserve pt_regs for scratch regs and rbp */
862 @@ -19155,20 +19172,9 @@ index 6274f5f..5eb09cb 100644
863 + subq $ORIG_RAX, %rsp
864 + CFI_ADJUST_CFA_OFFSET ORIG_RAX
865 SAVE_ARGS_IRQ
866 -+#ifdef CONFIG_PAX_MEMORY_UDEREF
867 -+ testb $3, CS(%rdi)
868 -+ jnz 1f
869 -+ pax_enter_kernel
870 -+ jmp 2f
871 -+1: pax_enter_kernel_user
872 -+2:
873 -+#else
874 -+ pax_enter_kernel
875 -+#endif
876 call \func
877 .endm
878 -
879 -@@ -818,13 +1149,13 @@ ret_from_intr:
880 +@@ -818,13 +1151,13 @@ ret_from_intr:
881 /* Restore saved previous stack */
882 popq %rsi
883 CFI_DEF_CFA_REGISTER rsi
884 @@ -19185,7 +19191,7 @@ index 6274f5f..5eb09cb 100644
885 je retint_kernel
886
887 /* Interrupt came from user space */
888 -@@ -846,12 +1177,16 @@ retint_swapgs: /* return to user-space */
889 +@@ -846,12 +1179,16 @@ retint_swapgs: /* return to user-space */
890 * The iretq could re-enable interrupts:
891 */
892 DISABLE_INTERRUPTS(CLBR_ANY)
893 @@ -19202,7 +19208,7 @@ index 6274f5f..5eb09cb 100644
894 /*
895 * The iretq could re-enable interrupts:
896 */
897 -@@ -940,7 +1275,7 @@ ENTRY(retint_kernel)
898 +@@ -940,7 +1277,7 @@ ENTRY(retint_kernel)
899 #endif
900
901 CFI_ENDPROC
902 @@ -19211,7 +19217,7 @@ index 6274f5f..5eb09cb 100644
903 /*
904 * End of kprobes section
905 */
906 -@@ -956,7 +1291,7 @@ ENTRY(\sym)
907 +@@ -956,7 +1293,7 @@ ENTRY(\sym)
908 interrupt \do_sym
909 jmp ret_from_intr
910 CFI_ENDPROC
911 @@ -19220,7 +19226,7 @@ index 6274f5f..5eb09cb 100644
912 .endm
913
914 #ifdef CONFIG_SMP
915 -@@ -1026,7 +1361,7 @@ ENTRY(\sym)
916 +@@ -1026,7 +1363,7 @@ ENTRY(\sym)
917 call \do_sym
918 jmp error_exit /* %ebx: no swapgs flag */
919 CFI_ENDPROC
920 @@ -19229,7 +19235,7 @@ index 6274f5f..5eb09cb 100644
921 .endm
922
923 .macro paranoidzeroentry sym do_sym
924 -@@ -1043,10 +1378,10 @@ ENTRY(\sym)
925 +@@ -1043,10 +1380,10 @@ ENTRY(\sym)
926 call \do_sym
927 jmp paranoid_exit /* %ebx: no swapgs flag */
928 CFI_ENDPROC
929 @@ -19242,7 +19248,7 @@ index 6274f5f..5eb09cb 100644
930 .macro paranoidzeroentry_ist sym do_sym ist
931 ENTRY(\sym)
932 INTR_FRAME
933 -@@ -1058,12 +1393,18 @@ ENTRY(\sym)
934 +@@ -1058,12 +1395,18 @@ ENTRY(\sym)
935 TRACE_IRQS_OFF
936 movq %rsp,%rdi /* pt_regs pointer */
937 xorl %esi,%esi /* no error code */
938 @@ -19262,7 +19268,7 @@ index 6274f5f..5eb09cb 100644
939 .endm
940
941 .macro errorentry sym do_sym
942 -@@ -1080,7 +1421,7 @@ ENTRY(\sym)
943 +@@ -1080,7 +1423,7 @@ ENTRY(\sym)
944 call \do_sym
945 jmp error_exit /* %ebx: no swapgs flag */
946 CFI_ENDPROC
947 @@ -19271,7 +19277,7 @@ index 6274f5f..5eb09cb 100644
948 .endm
949
950 /* error code is on the stack already */
951 -@@ -1099,7 +1440,7 @@ ENTRY(\sym)
952 +@@ -1099,7 +1442,7 @@ ENTRY(\sym)
953 call \do_sym
954 jmp paranoid_exit /* %ebx: no swapgs flag */
955 CFI_ENDPROC
956 @@ -19280,7 +19286,7 @@ index 6274f5f..5eb09cb 100644
957 .endm
958
959 zeroentry divide_error do_divide_error
960 -@@ -1129,9 +1470,10 @@ gs_change:
961 +@@ -1129,9 +1472,10 @@ gs_change:
962 2: mfence /* workaround */
963 SWAPGS
964 popfq_cfi
965 @@ -19292,7 +19298,7 @@ index 6274f5f..5eb09cb 100644
966
967 .section __ex_table,"a"
968 .align 8
969 -@@ -1153,13 +1495,14 @@ ENTRY(kernel_thread_helper)
970 +@@ -1153,13 +1497,14 @@ ENTRY(kernel_thread_helper)
971 * Here we are in the child and the registers are set as they were
972 * at kernel_thread() invocation in the parent.
973 */
974 @@ -19308,7 +19314,7 @@ index 6274f5f..5eb09cb 100644
975
976 /*
977 * execve(). This function needs to use IRET, not SYSRET, to set up all state properly.
978 -@@ -1186,11 +1529,11 @@ ENTRY(kernel_execve)
979 +@@ -1186,11 +1531,11 @@ ENTRY(kernel_execve)
980 RESTORE_REST
981 testq %rax,%rax
982 je int_ret_from_sys_call
983 @@ -19322,7 +19328,7 @@ index 6274f5f..5eb09cb 100644
984
985 /* Call softirq on interrupt stack. Interrupts are off. */
986 ENTRY(call_softirq)
987 -@@ -1208,9 +1551,10 @@ ENTRY(call_softirq)
988 +@@ -1208,9 +1553,10 @@ ENTRY(call_softirq)
989 CFI_DEF_CFA_REGISTER rsp
990 CFI_ADJUST_CFA_OFFSET -8
991 decl PER_CPU_VAR(irq_count)
992 @@ -19334,7 +19340,7 @@ index 6274f5f..5eb09cb 100644
993
994 #ifdef CONFIG_XEN
995 zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
996 -@@ -1248,7 +1592,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
997 +@@ -1248,7 +1594,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
998 decl PER_CPU_VAR(irq_count)
999 jmp error_exit
1000 CFI_ENDPROC
1001 @@ -19343,7 +19349,7 @@ index 6274f5f..5eb09cb 100644
1002
1003 /*
1004 * Hypervisor uses this for application faults while it executes.
1005 -@@ -1307,7 +1651,7 @@ ENTRY(xen_failsafe_callback)
1006 +@@ -1307,7 +1653,7 @@ ENTRY(xen_failsafe_callback)
1007 SAVE_ALL
1008 jmp error_exit
1009 CFI_ENDPROC
1010 @@ -19352,7 +19358,7 @@ index 6274f5f..5eb09cb 100644
1011
1012 apicinterrupt XEN_HVM_EVTCHN_CALLBACK \
1013 xen_hvm_callback_vector xen_evtchn_do_upcall
1014 -@@ -1356,16 +1700,31 @@ ENTRY(paranoid_exit)
1015 +@@ -1356,16 +1702,31 @@ ENTRY(paranoid_exit)
1016 TRACE_IRQS_OFF
1017 testl %ebx,%ebx /* swapgs needed? */
1018 jnz paranoid_restore
1019 @@ -19385,7 +19391,7 @@ index 6274f5f..5eb09cb 100644
1020 jmp irq_return
1021 paranoid_userspace:
1022 GET_THREAD_INFO(%rcx)
1023 -@@ -1394,7 +1753,7 @@ paranoid_schedule:
1024 +@@ -1394,7 +1755,7 @@ paranoid_schedule:
1025 TRACE_IRQS_OFF
1026 jmp paranoid_userspace
1027 CFI_ENDPROC
1028 @@ -19394,7 +19400,7 @@ index 6274f5f..5eb09cb 100644
1029
1030 /*
1031 * Exception entry point. This expects an error code/orig_rax on the stack.
1032 -@@ -1421,12 +1780,23 @@ ENTRY(error_entry)
1033 +@@ -1421,12 +1782,23 @@ ENTRY(error_entry)
1034 movq_cfi r14, R14+8
1035 movq_cfi r15, R15+8
1036 xorl %ebx,%ebx
1037 @@ -19419,7 +19425,7 @@ index 6274f5f..5eb09cb 100644
1038 ret
1039
1040 /*
1041 -@@ -1453,7 +1823,7 @@ bstep_iret:
1042 +@@ -1453,7 +1825,7 @@ bstep_iret:
1043 movq %rcx,RIP+8(%rsp)
1044 jmp error_swapgs
1045 CFI_ENDPROC
1046 @@ -19428,7 +19434,7 @@ index 6274f5f..5eb09cb 100644
1047
1048
1049 /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */
1050 -@@ -1473,7 +1843,7 @@ ENTRY(error_exit)
1051 +@@ -1473,7 +1845,7 @@ ENTRY(error_exit)
1052 jnz retint_careful
1053 jmp retint_swapgs
1054 CFI_ENDPROC
1055 @@ -19437,7 +19443,7 @@ index 6274f5f..5eb09cb 100644
1056
1057
1058 /* runs on exception stack */
1059 -@@ -1485,6 +1855,7 @@ ENTRY(nmi)
1060 +@@ -1485,6 +1857,7 @@ ENTRY(nmi)
1061 CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
1062 call save_paranoid
1063 DEFAULT_FRAME 0
1064 @@ -19445,7 +19451,7 @@ index 6274f5f..5eb09cb 100644
1065 /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
1066 movq %rsp,%rdi
1067 movq $-1,%rsi
1068 -@@ -1495,12 +1866,28 @@ ENTRY(nmi)
1069 +@@ -1495,12 +1868,28 @@ ENTRY(nmi)
1070 DISABLE_INTERRUPTS(CLBR_NONE)
1071 testl %ebx,%ebx /* swapgs needed? */
1072 jnz nmi_restore
1073 @@ -19475,7 +19481,7 @@ index 6274f5f..5eb09cb 100644
1074 jmp irq_return
1075 nmi_userspace:
1076 GET_THREAD_INFO(%rcx)
1077 -@@ -1529,14 +1916,14 @@ nmi_schedule:
1078 +@@ -1529,14 +1918,14 @@ nmi_schedule:
1079 jmp paranoid_exit
1080 CFI_ENDPROC
1081 #endif
1082 @@ -78391,7 +78397,7 @@ index 92808b8..c28cac4 100644
1083
1084 /* shm_mode upper byte flags */
1085 diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
1086 -index 85180bf..cc75886 100644
1087 +index 85180bf..78919aa 100644
1088 --- a/include/linux/skbuff.h
1089 +++ b/include/linux/skbuff.h
1090 @@ -538,7 +538,7 @@ extern void consume_skb(struct sk_buff *skb);
1091 @@ -78430,6 +78436,15 @@ index 85180bf..cc75886 100644
1092 }
1093
1094 /**
1095 +@@ -1506,7 +1506,7 @@ static inline u32 skb_network_header_len(const struct sk_buff *skb)
1096 + return skb->transport_header - skb->network_header;
1097 + }
1098 +
1099 +-static inline int skb_network_offset(const struct sk_buff *skb)
1100 ++static inline int __intentional_overflow(0) skb_network_offset(const struct sk_buff *skb)
1101 + {
1102 + return skb_network_header(skb) - skb->data;
1103 + }
1104 @@ -1561,7 +1561,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
1105 * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
1106 */
1107 @@ -100385,7 +100400,7 @@ index d4faade..1c51abc 100644
1108 set_fs(KERNEL_DS);
1109 if (level == SOL_SOCKET)
1110 diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
1111 -index b2250da..db374b7 100644
1112 +index b2250da..2680674 100644
1113 --- a/net/sunrpc/clnt.c
1114 +++ b/net/sunrpc/clnt.c
1115 @@ -163,10 +163,8 @@ static struct rpc_clnt * rpc_new_client(const struct rpc_create_args *args, stru
1116 @@ -100423,6 +100438,22 @@ index b2250da..db374b7 100644
1117 clnt->cl_stats->rpccnt++;
1118 task->tk_action = call_reserve;
1119 }
1120 +@@ -1002,9 +1001,13 @@ call_refreshresult(struct rpc_task *task)
1121 + task->tk_action = call_refresh;
1122 + switch (status) {
1123 + case 0:
1124 +- if (rpcauth_uptodatecred(task))
1125 ++ if (rpcauth_uptodatecred(task)) {
1126 + task->tk_action = call_allocate;
1127 +- return;
1128 ++ return;
1129 ++ }
1130 ++ /* Use rate-limiting and a max number of retries if refresh
1131 ++ * had status 0 but failed to update the cred.
1132 ++ */
1133 + case -ETIMEDOUT:
1134 + rpc_delay(task, 3*HZ);
1135 + case -EAGAIN:
1136 diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
1137 index bfddd68..567429b 100644
1138 --- a/net/sunrpc/rpc_pipe.c
1139
1140 diff --git a/3.2.54/4475_emutramp_default_on.patch b/3.2.54/4475_emutramp_default_on.patch
1141 index cfde6f8..df700e6 100644
1142 --- a/3.2.54/4475_emutramp_default_on.patch
1143 +++ b/3.2.54/4475_emutramp_default_on.patch
1144 @@ -10,7 +10,7 @@ See bug:
1145 diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig
1146 --- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400
1147 +++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400
1148 -@@ -427,7 +427,7 @@
1149 +@@ -426,7 +426,7 @@
1150
1151 config PAX_EMUTRAMP
1152 bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86)
Report Message
Find on MARC Find on Google Groups