1 |
commit: 186635ac6f72fb55b072ad23c93c102dd65e50d6 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jul 30 00:14:42 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jul 30 00:14:42 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=186635ac |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.59,3.2.24,3.4.6}-201207281946 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.9.1-2.6.32.59-201207281944.patch} | 1612 +++++-- |
13 |
2.6.32/4450_grsec-kconfig-default-gids.patch | 2 +- |
14 |
{3.2.23 => 3.2.24}/0000_README | 6 +- |
15 |
{3.2.23 => 3.2.24}/1021_linux-3.2.22.patch | 0 |
16 |
{3.2.23 => 3.2.24}/1022_linux-3.2.23.patch | 0 |
17 |
3.2.24/1023_linux-3.2.24.patch | 4684 ++++++++++++++++++++ |
18 |
...4420_grsecurity-2.9.1-3.2.24-201207281946.patch | 1872 +++++---- |
19 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
20 |
{3.2.23 => 3.2.24}/4435_grsec-mute-warnings.patch | 0 |
21 |
.../4440_grsec-remove-protected-paths.patch | 0 |
22 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
23 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
24 |
{3.2.23 => 3.2.24}/4470_disable-compat_vdso.patch | 0 |
25 |
3.4.6/0000_README | 2 +- |
26 |
...4420_grsecurity-2.9.1-3.4.6-201207281946.patch} | 294 +- |
27 |
16 files changed, 7212 insertions(+), 1262 deletions(-) |
28 |
|
29 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
30 |
index 9b8dd9a..d4f6601 100644 |
31 |
--- a/2.6.32/0000_README |
32 |
+++ b/2.6.32/0000_README |
33 |
@@ -30,7 +30,7 @@ Patch: 1058_linux-2.6.32.59.patch |
34 |
From: http://www.kernel.org |
35 |
Desc: Linux 2.6.32.59 |
36 |
|
37 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.59-201207242236.patch |
38 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch |
39 |
From: http://www.grsecurity.net |
40 |
Desc: hardened-sources base patch from upstream grsecurity |
41 |
|
42 |
|
43 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207242236.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch |
44 |
similarity index 98% |
45 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207242236.patch |
46 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch |
47 |
index adbc4d5..227df5e 100644 |
48 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207242236.patch |
49 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.59-201207281944.patch |
50 |
@@ -1,5 +1,5 @@ |
51 |
diff --git a/Documentation/dontdiff b/Documentation/dontdiff |
52 |
-index e1efc40..e7a5667 100644 |
53 |
+index e1efc40..3569a2f 100644 |
54 |
--- a/Documentation/dontdiff |
55 |
+++ b/Documentation/dontdiff |
56 |
@@ -1,15 +1,20 @@ |
57 |
@@ -23,7 +23,7 @@ index e1efc40..e7a5667 100644 |
58 |
*.grep |
59 |
*.grp |
60 |
*.gz |
61 |
-@@ -38,8 +43,10 @@ |
62 |
+@@ -38,22 +43,30 @@ |
63 |
*.tab.h |
64 |
*.tex |
65 |
*.ver |
66 |
@@ -34,7 +34,11 @@ index e1efc40..e7a5667 100644 |
67 |
*_vga16.c |
68 |
*~ |
69 |
*.9 |
70 |
-@@ -49,11 +56,16 @@ |
71 |
+ *.9.gz |
72 |
+-.* |
73 |
++.[^g]* |
74 |
++.gen* |
75 |
+ .mm |
76 |
53c700_d.h |
77 |
CVS |
78 |
ChangeSet |
79 |
@@ -51,7 +55,7 @@ index e1efc40..e7a5667 100644 |
80 |
SCCS |
81 |
System.map* |
82 |
TAGS |
83 |
-@@ -62,6 +74,7 @@ aic7*reg_print.c* |
84 |
+@@ -62,6 +75,7 @@ aic7*reg_print.c* |
85 |
aic7*seq.h* |
86 |
aicasm |
87 |
aicdb.h* |
88 |
@@ -59,7 +63,7 @@ index e1efc40..e7a5667 100644 |
89 |
asm-offsets.h |
90 |
asm_offsets.h |
91 |
autoconf.h* |
92 |
-@@ -76,7 +89,11 @@ btfixupprep |
93 |
+@@ -76,7 +90,11 @@ btfixupprep |
94 |
build |
95 |
bvmlinux |
96 |
bzImage* |
97 |
@@ -71,7 +75,7 @@ index e1efc40..e7a5667 100644 |
98 |
comp*.log |
99 |
compile.h* |
100 |
conf |
101 |
-@@ -84,6 +101,8 @@ config |
102 |
+@@ -84,6 +102,8 @@ config |
103 |
config-* |
104 |
config_data.h* |
105 |
config_data.gz* |
106 |
@@ -80,7 +84,7 @@ index e1efc40..e7a5667 100644 |
107 |
conmakehash |
108 |
consolemap_deftbl.c* |
109 |
cpustr.h |
110 |
-@@ -97,19 +116,23 @@ elfconfig.h* |
111 |
+@@ -97,19 +117,23 @@ elfconfig.h* |
112 |
fixdep |
113 |
fore200e_mkfirm |
114 |
fore200e_pca_fw.c* |
115 |
@@ -105,7 +109,7 @@ index e1efc40..e7a5667 100644 |
116 |
keywords.c |
117 |
ksym.c* |
118 |
ksym.h* |
119 |
-@@ -117,6 +140,7 @@ kxgettext |
120 |
+@@ -117,6 +141,7 @@ kxgettext |
121 |
lkc_defs.h |
122 |
lex.c |
123 |
lex.*.c |
124 |
@@ -113,7 +117,7 @@ index e1efc40..e7a5667 100644 |
125 |
logo_*.c |
126 |
logo_*_clut224.c |
127 |
logo_*_mono.c |
128 |
-@@ -127,13 +151,16 @@ machtypes.h |
129 |
+@@ -127,13 +152,16 @@ machtypes.h |
130 |
map |
131 |
maui_boot.h |
132 |
mconf |
133 |
@@ -130,7 +134,7 @@ index e1efc40..e7a5667 100644 |
134 |
mktables |
135 |
mktree |
136 |
modpost |
137 |
-@@ -149,6 +176,7 @@ patches* |
138 |
+@@ -149,6 +177,7 @@ patches* |
139 |
pca200e.bin |
140 |
pca200e_ecd.bin2 |
141 |
piggy.gz |
142 |
@@ -138,7 +142,7 @@ index e1efc40..e7a5667 100644 |
143 |
piggyback |
144 |
pnmtologo |
145 |
ppc_defs.h* |
146 |
-@@ -157,12 +185,16 @@ qconf |
147 |
+@@ -157,12 +186,16 @@ qconf |
148 |
raid6altivec*.c |
149 |
raid6int*.c |
150 |
raid6tables.c |
151 |
@@ -155,7 +159,7 @@ index e1efc40..e7a5667 100644 |
152 |
sm_tbl* |
153 |
split-include |
154 |
syscalltab.h |
155 |
-@@ -171,6 +203,7 @@ tftpboot.img |
156 |
+@@ -171,6 +204,7 @@ tftpboot.img |
157 |
timeconst.h |
158 |
times.h* |
159 |
trix_boot.h |
160 |
@@ -163,7 +167,7 @@ index e1efc40..e7a5667 100644 |
161 |
utsrelease.h* |
162 |
vdso-syms.lds |
163 |
vdso.lds |
164 |
-@@ -186,14 +219,20 @@ version.h* |
165 |
+@@ -186,14 +220,20 @@ version.h* |
166 |
vmlinux |
167 |
vmlinux-* |
168 |
vmlinux.aout |
169 |
@@ -185,10 +189,23 @@ index e1efc40..e7a5667 100644 |
170 |
zconf.hash.c |
171 |
+zoffset.h |
172 |
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt |
173 |
-index c840e7d..ad11cac 100644 |
174 |
+index c840e7d..30f0efe 100644 |
175 |
--- a/Documentation/kernel-parameters.txt |
176 |
+++ b/Documentation/kernel-parameters.txt |
177 |
-@@ -1725,6 +1725,11 @@ and is between 256 and 4096 characters. It is defined in the file |
178 |
+@@ -856,6 +856,12 @@ and is between 256 and 4096 characters. It is defined in the file |
179 |
+ If specified, z/VM IUCV HVC accepts connections |
180 |
+ from listed z/VM user IDs only. |
181 |
+ |
182 |
++ keep_bootcon [KNL] |
183 |
++ Do not unregister boot console at start. This is only |
184 |
++ useful for debugging when something happens in the window |
185 |
++ between unregistering the boot console and initializing |
186 |
++ the real console. |
187 |
++ |
188 |
+ i2c_bus= [HW] Override the default board specific I2C bus speed |
189 |
+ or register an additional I2C bus that is not |
190 |
+ registered from board initialization code. |
191 |
+@@ -1725,6 +1731,11 @@ and is between 256 and 4096 characters. It is defined in the file |
192 |
|
193 |
noresidual [PPC] Don't use residual data on PReP machines. |
194 |
|
195 |
@@ -200,7 +217,7 @@ index c840e7d..ad11cac 100644 |
196 |
noresume [SWSUSP] Disables resume and restores original swap |
197 |
space. |
198 |
|
199 |
-@@ -1837,6 +1842,13 @@ and is between 256 and 4096 characters. It is defined in the file |
200 |
+@@ -1837,6 +1848,13 @@ and is between 256 and 4096 characters. It is defined in the file |
201 |
the specified number of seconds. This is to be used if |
202 |
your oopses keep scrolling off the screen. |
203 |
|
204 |
@@ -234,7 +251,7 @@ index 613da5d..4fe3eda 100644 |
205 |
M: Liam Girdwood <lrg@××××××××××××.uk> |
206 |
M: Mark Brown <broonie@×××××××××××××××××××××××.com> |
207 |
diff --git a/Makefile b/Makefile |
208 |
-index 3a9a721..b81a4d5 100644 |
209 |
+index 3a9a721..20e2d81 100644 |
210 |
--- a/Makefile |
211 |
+++ b/Makefile |
212 |
@@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
213 |
@@ -269,7 +286,7 @@ index 3a9a721..b81a4d5 100644 |
214 |
include/linux/version.h headers_% \ |
215 |
kernelrelease kernelversion |
216 |
|
217 |
-@@ -526,6 +527,56 @@ else |
218 |
+@@ -526,6 +527,60 @@ else |
219 |
KBUILD_CFLAGS += -O2 |
220 |
endif |
221 |
|
222 |
@@ -302,10 +319,14 @@ index 3a9a721..b81a4d5 100644 |
223 |
+ifdef CONFIG_PAX_SIZE_OVERFLOW |
224 |
+SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN |
225 |
+endif |
226 |
++ifdef CONFIG_PAX_LATENT_ENTROPY |
227 |
++LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN |
228 |
++endif |
229 |
+GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) |
230 |
-+GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) $(SIZE_OVERFLOW_PLUGIN_CFLAGS) |
231 |
++GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) |
232 |
++GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY_PLUGIN_CFLAGS) |
233 |
+GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) |
234 |
-+export PLUGINCC CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN SIZE_OVERFLOW_PLUGIN |
235 |
++export PLUGINCC CONSTIFY_PLUGIN |
236 |
+ifeq ($(KBUILD_EXTMOD),) |
237 |
+gcc-plugins: |
238 |
+ $(Q)$(MAKE) $(build)=tools/gcc |
239 |
@@ -326,7 +347,7 @@ index 3a9a721..b81a4d5 100644 |
240 |
include $(srctree)/arch/$(SRCARCH)/Makefile |
241 |
|
242 |
ifneq ($(CONFIG_FRAME_WARN),0) |
243 |
-@@ -647,7 +698,7 @@ export mod_strip_cmd |
244 |
+@@ -647,7 +702,7 @@ export mod_strip_cmd |
245 |
|
246 |
|
247 |
ifeq ($(KBUILD_EXTMOD),) |
248 |
@@ -335,7 +356,7 @@ index 3a9a721..b81a4d5 100644 |
249 |
|
250 |
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ |
251 |
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \ |
252 |
-@@ -868,6 +919,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
253 |
+@@ -868,6 +923,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
254 |
|
255 |
# The actual objects are generated when descending, |
256 |
# make sure no implicit rule kicks in |
257 |
@@ -344,7 +365,7 @@ index 3a9a721..b81a4d5 100644 |
258 |
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
259 |
|
260 |
# Handle descending into subdirectories listed in $(vmlinux-dirs) |
261 |
-@@ -877,7 +930,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
262 |
+@@ -877,7 +934,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
263 |
# Error messages still appears in the original language |
264 |
|
265 |
PHONY += $(vmlinux-dirs) |
266 |
@@ -353,7 +374,7 @@ index 3a9a721..b81a4d5 100644 |
267 |
$(Q)$(MAKE) $(build)=$@ |
268 |
|
269 |
# Build the kernel release string |
270 |
-@@ -986,6 +1039,7 @@ prepare0: archprepare FORCE |
271 |
+@@ -986,6 +1043,7 @@ prepare0: archprepare FORCE |
272 |
$(Q)$(MAKE) $(build)=. missing-syscalls |
273 |
|
274 |
# All the preparing.. |
275 |
@@ -361,7 +382,7 @@ index 3a9a721..b81a4d5 100644 |
276 |
prepare: prepare0 |
277 |
|
278 |
# The asm symlink changes when $(ARCH) changes. |
279 |
-@@ -1127,6 +1181,8 @@ all: modules |
280 |
+@@ -1127,6 +1185,8 @@ all: modules |
281 |
# using awk while concatenating to the final file. |
282 |
|
283 |
PHONY += modules |
284 |
@@ -370,7 +391,7 @@ index 3a9a721..b81a4d5 100644 |
285 |
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
286 |
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order |
287 |
@$(kecho) ' Building modules, stage 2.'; |
288 |
-@@ -1136,7 +1192,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
289 |
+@@ -1136,7 +1196,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) |
290 |
|
291 |
# Target to prepare building external modules |
292 |
PHONY += modules_prepare |
293 |
@@ -379,7 +400,7 @@ index 3a9a721..b81a4d5 100644 |
294 |
|
295 |
# Target to install modules |
296 |
PHONY += modules_install |
297 |
-@@ -1199,9 +1255,9 @@ CLEAN_FILES += vmlinux System.map \ |
298 |
+@@ -1199,9 +1259,9 @@ CLEAN_FILES += vmlinux System.map \ |
299 |
MRPROPER_DIRS += include/config include2 usr/include include/generated |
300 |
MRPROPER_FILES += .config .config.old include/asm .version .old_version \ |
301 |
include/linux/autoconf.h include/linux/version.h \ |
302 |
@@ -391,7 +412,7 @@ index 3a9a721..b81a4d5 100644 |
303 |
|
304 |
# clean - Delete most, but leave enough to build external modules |
305 |
# |
306 |
-@@ -1245,7 +1301,7 @@ distclean: mrproper |
307 |
+@@ -1245,7 +1305,7 @@ distclean: mrproper |
308 |
@find $(srctree) $(RCS_FIND_IGNORE) \ |
309 |
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \ |
310 |
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ |
311 |
@@ -400,7 +421,7 @@ index 3a9a721..b81a4d5 100644 |
312 |
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ |
313 |
-type f -print | xargs rm -f |
314 |
|
315 |
-@@ -1292,6 +1348,7 @@ help: |
316 |
+@@ -1292,6 +1352,7 @@ help: |
317 |
@echo ' modules_prepare - Set up for building external modules' |
318 |
@echo ' tags/TAGS - Generate tags file for editors' |
319 |
@echo ' cscope - Generate cscope index' |
320 |
@@ -408,7 +429,7 @@ index 3a9a721..b81a4d5 100644 |
321 |
@echo ' kernelrelease - Output the release version string' |
322 |
@echo ' kernelversion - Output the version stored in Makefile' |
323 |
@echo ' headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH'; \ |
324 |
-@@ -1393,6 +1450,8 @@ PHONY += $(module-dirs) modules |
325 |
+@@ -1393,6 +1454,8 @@ PHONY += $(module-dirs) modules |
326 |
$(module-dirs): crmodverdir $(objtree)/Module.symvers |
327 |
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) |
328 |
|
329 |
@@ -417,7 +438,7 @@ index 3a9a721..b81a4d5 100644 |
330 |
modules: $(module-dirs) |
331 |
@$(kecho) ' Building modules, stage 2.'; |
332 |
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost |
333 |
-@@ -1448,7 +1507,7 @@ endif # KBUILD_EXTMOD |
334 |
+@@ -1448,7 +1511,7 @@ endif # KBUILD_EXTMOD |
335 |
quiet_cmd_tags = GEN $@ |
336 |
cmd_tags = $(CONFIG_SHELL) $(srctree)/scripts/tags.sh $@ |
337 |
|
338 |
@@ -426,7 +447,7 @@ index 3a9a721..b81a4d5 100644 |
339 |
$(call cmd,tags) |
340 |
|
341 |
# Scripts to check various things for consistency |
342 |
-@@ -1513,17 +1572,21 @@ else |
343 |
+@@ -1513,17 +1576,21 @@ else |
344 |
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) |
345 |
endif |
346 |
|
347 |
@@ -452,7 +473,7 @@ index 3a9a721..b81a4d5 100644 |
348 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
349 |
%.symtypes: %.c prepare scripts FORCE |
350 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
351 |
-@@ -1533,11 +1596,15 @@ endif |
352 |
+@@ -1533,11 +1600,15 @@ endif |
353 |
$(cmd_crmodverdir) |
354 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
355 |
$(build)=$(build-dir) |
356 |
@@ -7481,7 +7502,7 @@ index 79836a7..62f47a2 100644 |
357 |
obj-$(CONFIG_SPARC64) += ultra.o tlb.o tsb.o |
358 |
obj-y += fault_$(BITS).o |
359 |
diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c |
360 |
-index b99f81c..3453e93 100644 |
361 |
+index b99f81c..16c0132 100644 |
362 |
--- a/arch/sparc/mm/fault_32.c |
363 |
+++ b/arch/sparc/mm/fault_32.c |
364 |
@@ -21,6 +21,9 @@ |
365 |
@@ -7494,7 +7515,7 @@ index b99f81c..3453e93 100644 |
366 |
|
367 |
#include <asm/system.h> |
368 |
#include <asm/page.h> |
369 |
-@@ -167,6 +170,267 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
370 |
+@@ -167,6 +170,276 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
371 |
return safe_compute_effective_address(regs, insn); |
372 |
} |
373 |
|
374 |
@@ -7584,40 +7605,49 @@ index b99f81c..3453e93 100644 |
375 |
+ } |
376 |
+ } while (0); |
377 |
+ |
378 |
-+ { /* PaX: patched PLT emulation #2 */ |
379 |
++ do { /* PaX: patched PLT emulation #2 */ |
380 |
+ unsigned int ba; |
381 |
+ |
382 |
+ err = get_user(ba, (unsigned int *)regs->pc); |
383 |
+ |
384 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
385 |
++ if (err) |
386 |
++ break; |
387 |
++ |
388 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
389 |
+ unsigned int addr; |
390 |
+ |
391 |
-+ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
392 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
393 |
++ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
394 |
++ else |
395 |
++ addr = regs->pc + ((((ba | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
396 |
+ regs->pc = addr; |
397 |
+ regs->npc = addr+4; |
398 |
+ return 2; |
399 |
+ } |
400 |
-+ } |
401 |
++ } while (0); |
402 |
+ |
403 |
+ do { /* PaX: patched PLT emulation #3 */ |
404 |
-+ unsigned int sethi, jmpl, nop; |
405 |
++ unsigned int sethi, bajmpl, nop; |
406 |
+ |
407 |
+ err = get_user(sethi, (unsigned int *)regs->pc); |
408 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->pc+4)); |
409 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->pc+4)); |
410 |
+ err |= get_user(nop, (unsigned int *)(regs->pc+8)); |
411 |
+ |
412 |
+ if (err) |
413 |
+ break; |
414 |
+ |
415 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
416 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
417 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
418 |
+ nop == 0x01000000U) |
419 |
+ { |
420 |
+ unsigned int addr; |
421 |
+ |
422 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
423 |
+ regs->u_regs[UREG_G1] = addr; |
424 |
-+ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
425 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
426 |
++ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
427 |
++ else |
428 |
++ addr = regs->pc + ((((bajmpl | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
429 |
+ regs->pc = addr; |
430 |
+ regs->npc = addr+4; |
431 |
+ return 2; |
432 |
@@ -7762,7 +7792,7 @@ index b99f81c..3453e93 100644 |
433 |
asmlinkage void do_sparc_fault(struct pt_regs *regs, int text_fault, int write, |
434 |
unsigned long address) |
435 |
{ |
436 |
-@@ -231,6 +495,24 @@ good_area: |
437 |
+@@ -231,6 +504,24 @@ good_area: |
438 |
if(!(vma->vm_flags & VM_WRITE)) |
439 |
goto bad_area; |
440 |
} else { |
441 |
@@ -7788,7 +7818,7 @@ index b99f81c..3453e93 100644 |
442 |
if(!(vma->vm_flags & (VM_READ | VM_EXEC))) |
443 |
goto bad_area; |
444 |
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c |
445 |
-index 43b0da9..a0b78f9 100644 |
446 |
+index 43b0da9..f9f9985 100644 |
447 |
--- a/arch/sparc/mm/fault_64.c |
448 |
+++ b/arch/sparc/mm/fault_64.c |
449 |
@@ -20,6 +20,9 @@ |
450 |
@@ -7810,7 +7840,7 @@ index 43b0da9..a0b78f9 100644 |
451 |
printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr); |
452 |
dump_stack(); |
453 |
unhandled_fault(regs->tpc, current, regs); |
454 |
-@@ -249,6 +252,456 @@ static void noinline bogus_32bit_fault_address(struct pt_regs *regs, |
455 |
+@@ -249,6 +252,465 @@ static void noinline bogus_32bit_fault_address(struct pt_regs *regs, |
456 |
show_regs(regs); |
457 |
} |
458 |
|
459 |
@@ -7904,15 +7934,21 @@ index 43b0da9..a0b78f9 100644 |
460 |
+ } |
461 |
+ } while (0); |
462 |
+ |
463 |
-+ { /* PaX: patched PLT emulation #2 */ |
464 |
++ do { /* PaX: patched PLT emulation #2 */ |
465 |
+ unsigned int ba; |
466 |
+ |
467 |
+ err = get_user(ba, (unsigned int *)regs->tpc); |
468 |
+ |
469 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
470 |
++ if (err) |
471 |
++ break; |
472 |
++ |
473 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
474 |
+ unsigned long addr; |
475 |
+ |
476 |
-+ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
477 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
478 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
479 |
++ else |
480 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
481 |
+ |
482 |
+ if (test_thread_flag(TIF_32BIT)) |
483 |
+ addr &= 0xFFFFFFFFUL; |
484 |
@@ -7921,27 +7957,30 @@ index 43b0da9..a0b78f9 100644 |
485 |
+ regs->tnpc = addr+4; |
486 |
+ return 2; |
487 |
+ } |
488 |
-+ } |
489 |
++ } while (0); |
490 |
+ |
491 |
+ do { /* PaX: patched PLT emulation #3 */ |
492 |
-+ unsigned int sethi, jmpl, nop; |
493 |
++ unsigned int sethi, bajmpl, nop; |
494 |
+ |
495 |
+ err = get_user(sethi, (unsigned int *)regs->tpc); |
496 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->tpc+4)); |
497 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->tpc+4)); |
498 |
+ err |= get_user(nop, (unsigned int *)(regs->tpc+8)); |
499 |
+ |
500 |
+ if (err) |
501 |
+ break; |
502 |
+ |
503 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
504 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
505 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
506 |
+ nop == 0x01000000U) |
507 |
+ { |
508 |
+ unsigned long addr; |
509 |
+ |
510 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
511 |
+ regs->u_regs[UREG_G1] = addr; |
512 |
-+ addr += (((jmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
513 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
514 |
++ addr += (((bajmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
515 |
++ else |
516 |
++ addr = regs->tpc + ((((bajmpl | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
517 |
+ |
518 |
+ if (test_thread_flag(TIF_32BIT)) |
519 |
+ addr &= 0xFFFFFFFFUL; |
520 |
@@ -8267,7 +8306,7 @@ index 43b0da9..a0b78f9 100644 |
521 |
asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
522 |
{ |
523 |
struct mm_struct *mm = current->mm; |
524 |
-@@ -315,6 +768,29 @@ asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
525 |
+@@ -315,6 +777,29 @@ asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
526 |
if (!vma) |
527 |
goto bad_area; |
528 |
|
529 |
@@ -10177,7 +10216,7 @@ index 0000000..0d9ec77 |
530 |
+ |
531 |
+#endif /* ASM_X86_ARCHRANDOM_H */ |
532 |
diff --git a/arch/x86/include/asm/atomic_32.h b/arch/x86/include/asm/atomic_32.h |
533 |
-index dc5a667..939040c 100644 |
534 |
+index dc5a667..7a2470f 100644 |
535 |
--- a/arch/x86/include/asm/atomic_32.h |
536 |
+++ b/arch/x86/include/asm/atomic_32.h |
537 |
@@ -25,6 +25,17 @@ static inline int atomic_read(const atomic_t *v) |
538 |
@@ -10506,7 +10545,7 @@ index dc5a667..939040c 100644 |
539 |
/** |
540 |
* atomic_add_unless - add unless the number is already a given value |
541 |
* @v: pointer of type atomic_t |
542 |
-@@ -227,22 +439,39 @@ static inline int atomic_xchg(atomic_t *v, int new) |
543 |
+@@ -227,32 +439,73 @@ static inline int atomic_xchg(atomic_t *v, int new) |
544 |
*/ |
545 |
static inline int atomic_add_unless(atomic_t *v, int a, int u) |
546 |
{ |
547 |
@@ -10550,7 +10589,47 @@ index dc5a667..939040c 100644 |
548 |
#define atomic_dec_return(v) (atomic_sub_return(1, v)) |
549 |
|
550 |
/* These are x86-specific, used by some header files */ |
551 |
-@@ -266,9 +495,18 @@ typedef struct { |
552 |
+-#define atomic_clear_mask(mask, addr) \ |
553 |
+- asm volatile(LOCK_PREFIX "andl %0,%1" \ |
554 |
+- : : "r" (~(mask)), "m" (*(addr)) : "memory") |
555 |
++static inline void atomic_clear_mask(unsigned int mask, atomic_t *v) |
556 |
++{ |
557 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
558 |
++ : "+m" (v->counter) |
559 |
++ : "r" (~(mask)) |
560 |
++ : "memory"); |
561 |
++} |
562 |
+ |
563 |
+-#define atomic_set_mask(mask, addr) \ |
564 |
+- asm volatile(LOCK_PREFIX "orl %0,%1" \ |
565 |
+- : : "r" (mask), "m" (*(addr)) : "memory") |
566 |
++static inline void atomic_clear_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
567 |
++{ |
568 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
569 |
++ : "+m" (v->counter) |
570 |
++ : "r" (~(mask)) |
571 |
++ : "memory"); |
572 |
++} |
573 |
++ |
574 |
++static inline void atomic_set_mask(unsigned int mask, atomic_t *v) |
575 |
++{ |
576 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
577 |
++ : "+m" (v->counter) |
578 |
++ : "r" (mask) |
579 |
++ : "memory"); |
580 |
++} |
581 |
++ |
582 |
++static inline void atomic_set_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
583 |
++{ |
584 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
585 |
++ : "+m" (v->counter) |
586 |
++ : "r" (mask) |
587 |
++ : "memory"); |
588 |
++} |
589 |
+ |
590 |
+ /* Atomic operations are already serializing on x86 */ |
591 |
+ #define smp_mb__before_atomic_dec() barrier() |
592 |
+@@ -266,9 +519,18 @@ typedef struct { |
593 |
u64 __aligned(8) counter; |
594 |
} atomic64_t; |
595 |
|
596 |
@@ -10569,7 +10648,7 @@ index dc5a667..939040c 100644 |
597 |
|
598 |
/** |
599 |
* atomic64_xchg - xchg atomic64 variable |
600 |
-@@ -279,6 +517,7 @@ extern u64 atomic64_cmpxchg(atomic64_t *ptr, u64 old_val, u64 new_val); |
601 |
+@@ -279,6 +541,7 @@ extern u64 atomic64_cmpxchg(atomic64_t *ptr, u64 old_val, u64 new_val); |
602 |
* the old value. |
603 |
*/ |
604 |
extern u64 atomic64_xchg(atomic64_t *ptr, u64 new_val); |
605 |
@@ -10577,7 +10656,7 @@ index dc5a667..939040c 100644 |
606 |
|
607 |
/** |
608 |
* atomic64_set - set atomic64 variable |
609 |
-@@ -290,6 +529,15 @@ extern u64 atomic64_xchg(atomic64_t *ptr, u64 new_val); |
610 |
+@@ -290,6 +553,15 @@ extern u64 atomic64_xchg(atomic64_t *ptr, u64 new_val); |
611 |
extern void atomic64_set(atomic64_t *ptr, u64 new_val); |
612 |
|
613 |
/** |
614 |
@@ -10593,7 +10672,7 @@ index dc5a667..939040c 100644 |
615 |
* atomic64_read - read atomic64 variable |
616 |
* @ptr: pointer to type atomic64_t |
617 |
* |
618 |
-@@ -317,7 +565,33 @@ static inline u64 atomic64_read(atomic64_t *ptr) |
619 |
+@@ -317,7 +589,33 @@ static inline u64 atomic64_read(atomic64_t *ptr) |
620 |
return res; |
621 |
} |
622 |
|
623 |
@@ -10628,7 +10707,7 @@ index dc5a667..939040c 100644 |
624 |
|
625 |
/** |
626 |
* atomic64_add_return - add and return |
627 |
-@@ -332,8 +606,11 @@ extern u64 atomic64_add_return(u64 delta, atomic64_t *ptr); |
628 |
+@@ -332,8 +630,11 @@ extern u64 atomic64_add_return(u64 delta, atomic64_t *ptr); |
629 |
* Other variants with different arithmetic operators: |
630 |
*/ |
631 |
extern u64 atomic64_sub_return(u64 delta, atomic64_t *ptr); |
632 |
@@ -10640,7 +10719,7 @@ index dc5a667..939040c 100644 |
633 |
|
634 |
/** |
635 |
* atomic64_add - add integer to atomic64 variable |
636 |
-@@ -345,6 +622,15 @@ extern u64 atomic64_dec_return(atomic64_t *ptr); |
637 |
+@@ -345,6 +646,15 @@ extern u64 atomic64_dec_return(atomic64_t *ptr); |
638 |
extern void atomic64_add(u64 delta, atomic64_t *ptr); |
639 |
|
640 |
/** |
641 |
@@ -10656,7 +10735,7 @@ index dc5a667..939040c 100644 |
642 |
* atomic64_sub - subtract the atomic64 variable |
643 |
* @delta: integer value to subtract |
644 |
* @ptr: pointer to type atomic64_t |
645 |
-@@ -354,6 +640,15 @@ extern void atomic64_add(u64 delta, atomic64_t *ptr); |
646 |
+@@ -354,6 +664,15 @@ extern void atomic64_add(u64 delta, atomic64_t *ptr); |
647 |
extern void atomic64_sub(u64 delta, atomic64_t *ptr); |
648 |
|
649 |
/** |
650 |
@@ -10672,7 +10751,7 @@ index dc5a667..939040c 100644 |
651 |
* atomic64_sub_and_test - subtract value from variable and test result |
652 |
* @delta: integer value to subtract |
653 |
* @ptr: pointer to type atomic64_t |
654 |
-@@ -373,6 +668,14 @@ extern int atomic64_sub_and_test(u64 delta, atomic64_t *ptr); |
655 |
+@@ -373,6 +692,14 @@ extern int atomic64_sub_and_test(u64 delta, atomic64_t *ptr); |
656 |
extern void atomic64_inc(atomic64_t *ptr); |
657 |
|
658 |
/** |
659 |
@@ -10687,7 +10766,7 @@ index dc5a667..939040c 100644 |
660 |
* atomic64_dec - decrement atomic64 variable |
661 |
* @ptr: pointer to type atomic64_t |
662 |
* |
663 |
-@@ -381,6 +684,14 @@ extern void atomic64_inc(atomic64_t *ptr); |
664 |
+@@ -381,6 +708,14 @@ extern void atomic64_inc(atomic64_t *ptr); |
665 |
extern void atomic64_dec(atomic64_t *ptr); |
666 |
|
667 |
/** |
668 |
@@ -10703,7 +10782,7 @@ index dc5a667..939040c 100644 |
669 |
* @ptr: pointer to type atomic64_t |
670 |
* |
671 |
diff --git a/arch/x86/include/asm/atomic_64.h b/arch/x86/include/asm/atomic_64.h |
672 |
-index d605dc2..fafd7bd 100644 |
673 |
+index d605dc2..72cb5cd 100644 |
674 |
--- a/arch/x86/include/asm/atomic_64.h |
675 |
+++ b/arch/x86/include/asm/atomic_64.h |
676 |
@@ -24,6 +24,17 @@ static inline int atomic_read(const atomic_t *v) |
677 |
@@ -11370,6 +11449,51 @@ index d605dc2..fafd7bd 100644 |
678 |
} |
679 |
|
680 |
/** |
681 |
+@@ -466,14 +864,37 @@ static inline void atomic_or_long(unsigned long *v1, unsigned long v2) |
682 |
+ #define atomic64_inc_not_zero(v) atomic64_add_unless((v), 1, 0) |
683 |
+ |
684 |
+ /* These are x86-specific, used by some header files */ |
685 |
+-#define atomic_clear_mask(mask, addr) \ |
686 |
+- asm volatile(LOCK_PREFIX "andl %0,%1" \ |
687 |
+- : : "r" (~(mask)), "m" (*(addr)) : "memory") |
688 |
++static inline void atomic_clear_mask(unsigned int mask, atomic_t *v) |
689 |
++{ |
690 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
691 |
++ : "+m" (v->counter) |
692 |
++ : "r" (~(mask)) |
693 |
++ : "memory"); |
694 |
++} |
695 |
+ |
696 |
+-#define atomic_set_mask(mask, addr) \ |
697 |
+- asm volatile(LOCK_PREFIX "orl %0,%1" \ |
698 |
+- : : "r" ((unsigned)(mask)), "m" (*(addr)) \ |
699 |
+- : "memory") |
700 |
++static inline void atomic_clear_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
701 |
++{ |
702 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
703 |
++ : "+m" (v->counter) |
704 |
++ : "r" (~(mask)) |
705 |
++ : "memory"); |
706 |
++} |
707 |
++ |
708 |
++static inline void atomic_set_mask(unsigned int mask, atomic_t *v) |
709 |
++{ |
710 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
711 |
++ : "+m" (v->counter) |
712 |
++ : "r" (mask) |
713 |
++ : "memory"); |
714 |
++} |
715 |
++ |
716 |
++static inline void atomic_set_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
717 |
++{ |
718 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
719 |
++ : "+m" (v->counter) |
720 |
++ : "r" (mask) |
721 |
++ : "memory"); |
722 |
++} |
723 |
+ |
724 |
+ /* Atomic operations are already serializing on x86 */ |
725 |
+ #define smp_mb__before_atomic_dec() barrier() |
726 |
diff --git a/arch/x86/include/asm/bitops.h b/arch/x86/include/asm/bitops.h |
727 |
index 02b47a6..d5c4b15 100644 |
728 |
--- a/arch/x86/include/asm/bitops.h |
729 |
@@ -33762,7 +33886,7 @@ index 87c67b4..230527a 100644 |
730 |
.part_num = MBCS_PART_NUM, |
731 |
.mfg_num = MBCS_MFG_NUM, |
732 |
diff --git a/drivers/char/mem.c b/drivers/char/mem.c |
733 |
-index 1270f64..8495f49 100644 |
734 |
+index 1270f64..3b87405 100644 |
735 |
--- a/drivers/char/mem.c |
736 |
+++ b/drivers/char/mem.c |
737 |
@@ -18,6 +18,7 @@ |
738 |
@@ -33825,7 +33949,7 @@ index 1270f64..8495f49 100644 |
739 |
|
740 |
- if (copy_to_user(buf, ptr, sz)) { |
741 |
+#ifdef CONFIG_PAX_USERCOPY |
742 |
-+ temp = kmalloc(sz, GFP_KERNEL); |
743 |
++ temp = kmalloc(sz, GFP_KERNEL|GFP_USERCOPY); |
744 |
+ if (!temp) { |
745 |
+ unxlate_dev_mem_ptr(p, ptr); |
746 |
+ return -ENOMEM; |
747 |
@@ -33878,7 +34002,7 @@ index 1270f64..8495f49 100644 |
748 |
|
749 |
- if (copy_to_user(buf, kbuf, sz)) |
750 |
+#ifdef CONFIG_PAX_USERCOPY |
751 |
-+ temp = kmalloc(sz, GFP_KERNEL); |
752 |
++ temp = kmalloc(sz, GFP_KERNEL|GFP_USERCOPY); |
753 |
+ if (!temp) |
754 |
+ return -ENOMEM; |
755 |
+ memcpy(temp, kbuf, sz); |
756 |
@@ -34062,7 +34186,7 @@ index 62f282e..e45c45c 100644 |
757 |
cdev_init(&ptmx_cdev, &ptmx_fops); |
758 |
if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || |
759 |
diff --git a/drivers/char/random.c b/drivers/char/random.c |
760 |
-index 3a19e2d..8eb80fc 100644 |
761 |
+index 3a19e2d..7d9aaad 100644 |
762 |
--- a/drivers/char/random.c |
763 |
+++ b/drivers/char/random.c |
764 |
@@ -125,20 +125,32 @@ |
765 |
@@ -34114,7 +34238,7 @@ index 3a19e2d..8eb80fc 100644 |
766 |
|
767 |
#ifdef CONFIG_GENERIC_HARDIRQS |
768 |
# include <linux/irq.h> |
769 |
-@@ -249,14 +262,21 @@ |
770 |
+@@ -249,14 +262,23 @@ |
771 |
#include <asm/processor.h> |
772 |
#include <asm/uaccess.h> |
773 |
#include <asm/irq.h> |
774 |
@@ -34133,10 +34257,12 @@ index 3a19e2d..8eb80fc 100644 |
775 |
+#endif |
776 |
#define SEC_XFER_SIZE 512 |
777 |
+#define EXTRACT_SIZE 10 |
778 |
++ |
779 |
++#define LONGS(x) (((x) + sizeof(unsigned long) - 1)/sizeof(unsigned long)) |
780 |
|
781 |
/* |
782 |
* The minimum number of bits of entropy before we wake up a read on |
783 |
-@@ -292,10 +312,17 @@ static struct poolinfo { |
784 |
+@@ -292,10 +314,17 @@ static struct poolinfo { |
785 |
int poolwords; |
786 |
int tap1, tap2, tap3, tap4, tap5; |
787 |
} poolinfo_table[] = { |
788 |
@@ -34154,7 +34280,7 @@ index 3a19e2d..8eb80fc 100644 |
789 |
#if 0 |
790 |
/* x^2048 + x^1638 + x^1231 + x^819 + x^411 + x + 1 -- 115 */ |
791 |
{ 2048, 1638, 1231, 819, 411, 1 }, |
792 |
-@@ -412,9 +439,11 @@ struct entropy_store { |
793 |
+@@ -412,9 +441,11 @@ struct entropy_store { |
794 |
/* read-write data: */ |
795 |
spinlock_t lock; |
796 |
unsigned add_ptr; |
797 |
@@ -34168,7 +34294,7 @@ index 3a19e2d..8eb80fc 100644 |
798 |
}; |
799 |
|
800 |
static __u32 input_pool_data[INPUT_POOL_WORDS]; |
801 |
-@@ -446,6 +475,10 @@ static struct entropy_store nonblocking_pool = { |
802 |
+@@ -446,6 +477,10 @@ static struct entropy_store nonblocking_pool = { |
803 |
.pool = nonblocking_pool_data |
804 |
}; |
805 |
|
806 |
@@ -34179,7 +34305,7 @@ index 3a19e2d..8eb80fc 100644 |
807 |
/* |
808 |
* This function adds bytes into the entropy "pool". It does not |
809 |
* update the entropy estimate. The caller should call |
810 |
-@@ -456,29 +489,24 @@ static struct entropy_store nonblocking_pool = { |
811 |
+@@ -456,29 +491,24 @@ static struct entropy_store nonblocking_pool = { |
812 |
* it's cheap to do so and helps slightly in the expected case where |
813 |
* the entropy is concentrated in the low-order bits. |
814 |
*/ |
815 |
@@ -34214,7 +34340,7 @@ index 3a19e2d..8eb80fc 100644 |
816 |
|
817 |
/* mix one byte at a time to simplify size handling and churn faster */ |
818 |
while (nbytes--) { |
819 |
-@@ -505,19 +533,53 @@ static void mix_pool_bytes_extract(struct entropy_store *r, const void *in, |
820 |
+@@ -505,19 +535,53 @@ static void mix_pool_bytes_extract(struct entropy_store *r, const void *in, |
821 |
input_rotate += i ? 7 : 14; |
822 |
} |
823 |
|
824 |
@@ -34272,7 +34398,7 @@ index 3a19e2d..8eb80fc 100644 |
825 |
} |
826 |
|
827 |
/* |
828 |
-@@ -525,30 +587,34 @@ static void mix_pool_bytes(struct entropy_store *r, const void *in, int bytes) |
829 |
+@@ -525,30 +589,34 @@ static void mix_pool_bytes(struct entropy_store *r, const void *in, int bytes) |
830 |
*/ |
831 |
static void credit_entropy_bits(struct entropy_store *r, int nbits) |
832 |
{ |
833 |
@@ -34314,7 +34440,7 @@ index 3a19e2d..8eb80fc 100644 |
834 |
} |
835 |
|
836 |
/********************************************************************* |
837 |
-@@ -601,6 +667,25 @@ static void set_timer_rand_state(unsigned int irq, |
838 |
+@@ -601,6 +669,25 @@ static void set_timer_rand_state(unsigned int irq, |
839 |
} |
840 |
#endif |
841 |
|
842 |
@@ -34340,7 +34466,7 @@ index 3a19e2d..8eb80fc 100644 |
843 |
static struct timer_rand_state input_timer_state; |
844 |
|
845 |
/* |
846 |
-@@ -631,7 +716,7 @@ static void add_timer_randomness(struct timer_rand_state *state, unsigned num) |
847 |
+@@ -631,7 +718,7 @@ static void add_timer_randomness(struct timer_rand_state *state, unsigned num) |
848 |
sample.jiffies = jiffies; |
849 |
sample.cycles = get_cycles(); |
850 |
sample.num = num; |
851 |
@@ -34349,7 +34475,7 @@ index 3a19e2d..8eb80fc 100644 |
852 |
|
853 |
/* |
854 |
* Calculate number of bits of randomness we probably added. |
855 |
-@@ -688,17 +773,48 @@ void add_input_randomness(unsigned int type, unsigned int code, |
856 |
+@@ -688,17 +775,48 @@ void add_input_randomness(unsigned int type, unsigned int code, |
857 |
} |
858 |
EXPORT_SYMBOL_GPL(add_input_randomness); |
859 |
|
860 |
@@ -34404,77 +34530,108 @@ index 3a19e2d..8eb80fc 100644 |
861 |
} |
862 |
|
863 |
#ifdef CONFIG_BLOCK |
864 |
-@@ -714,8 +830,6 @@ void add_disk_randomness(struct gendisk *disk) |
865 |
+@@ -714,7 +832,16 @@ void add_disk_randomness(struct gendisk *disk) |
866 |
} |
867 |
#endif |
868 |
|
869 |
-#define EXTRACT_SIZE 10 |
870 |
-- |
871 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
872 |
++u64 latent_entropy; |
873 |
++ |
874 |
++__init void transfer_latent_entropy(void) |
875 |
++{ |
876 |
++ mix_pool_bytes(&input_pool, &latent_entropy, sizeof(latent_entropy), NULL); |
877 |
++ mix_pool_bytes(&nonblocking_pool, &latent_entropy, sizeof(latent_entropy), NULL); |
878 |
++// printk(KERN_INFO "PAX: transferring latent entropy: %16llx\n", latent_entropy); |
879 |
++} |
880 |
++#endif |
881 |
+ |
882 |
/********************************************************************* |
883 |
* |
884 |
- * Entropy extraction routines |
885 |
-@@ -732,7 +846,11 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
886 |
+@@ -732,7 +859,7 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
887 |
*/ |
888 |
static void xfer_secondary_pool(struct entropy_store *r, size_t nbytes) |
889 |
{ |
890 |
- __u32 tmp[OUTPUT_POOL_WORDS]; |
891 |
-+ union { |
892 |
-+ __u32 tmp[OUTPUT_POOL_WORDS]; |
893 |
-+ long hwrand[4]; |
894 |
-+ } u; |
895 |
-+ int i; |
896 |
++ __u32 tmp[OUTPUT_POOL_WORDS]; |
897 |
|
898 |
if (r->pull && r->entropy_count < nbytes * 8 && |
899 |
r->entropy_count < r->poolinfo->POOLBITS) { |
900 |
-@@ -743,17 +861,22 @@ static void xfer_secondary_pool(struct entropy_store *r, size_t nbytes) |
901 |
- /* pull at least as many as BYTES as wakeup BITS */ |
902 |
- bytes = max_t(int, bytes, random_read_wakeup_thresh / 8); |
903 |
- /* but never more than the buffer size */ |
904 |
-- bytes = min_t(int, bytes, sizeof(tmp)); |
905 |
-+ bytes = min_t(int, bytes, sizeof(u.tmp)); |
906 |
- |
907 |
- DEBUG_ENT("going to reseed %s with %d bits " |
908 |
- "(%d of %d requested)\n", |
909 |
- r->name, bytes * 8, nbytes * 8, r->entropy_count); |
910 |
- |
911 |
-- bytes = extract_entropy(r->pull, tmp, bytes, |
912 |
-+ bytes = extract_entropy(r->pull, u.tmp, bytes, |
913 |
+@@ -751,7 +878,7 @@ static void xfer_secondary_pool(struct entropy_store *r, size_t nbytes) |
914 |
+ |
915 |
+ bytes = extract_entropy(r->pull, tmp, bytes, |
916 |
random_read_wakeup_thresh / 8, rsvd); |
917 |
- mix_pool_bytes(r, tmp, bytes); |
918 |
-+ mix_pool_bytes(r, u.tmp, bytes, NULL); |
919 |
++ mix_pool_bytes(r, tmp, bytes, NULL); |
920 |
credit_entropy_bits(r, bytes*8); |
921 |
} |
922 |
-+ for (i = 0; i < 4; i++) |
923 |
-+ if (arch_get_random_long(&u.hwrand[i])) |
924 |
-+ break; |
925 |
-+ if (i) |
926 |
-+ mix_pool_bytes(r, &u.hwrand, sizeof(u.hwrand), 0); |
927 |
} |
928 |
- |
929 |
- /* |
930 |
-@@ -812,9 +935,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out) |
931 |
+@@ -810,13 +937,19 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min, |
932 |
+ static void extract_buf(struct entropy_store *r, __u8 *out) |
933 |
+ { |
934 |
int i; |
935 |
- __u32 hash[5], workspace[SHA_WORKSPACE_WORDS]; |
936 |
+- __u32 hash[5], workspace[SHA_WORKSPACE_WORDS]; |
937 |
++ union { |
938 |
++ __u32 w[5]; |
939 |
++ unsigned long l[LONGS(EXTRACT_SIZE)]; |
940 |
++ } hash; |
941 |
++ __u32 workspace[SHA_WORKSPACE_WORDS]; |
942 |
__u8 extract[64]; |
943 |
+ unsigned long flags; |
944 |
|
945 |
/* Generate a hash across the pool, 16 words (512 bits) at a time */ |
946 |
- sha_init(hash); |
947 |
+- sha_init(hash); |
948 |
++ sha_init(hash.w); |
949 |
+ spin_lock_irqsave(&r->lock, flags); |
950 |
for (i = 0; i < r->poolinfo->poolwords; i += 16) |
951 |
- sha_transform(hash, (__u8 *)(r->pool + i), workspace); |
952 |
+- sha_transform(hash, (__u8 *)(r->pool + i), workspace); |
953 |
++ sha_transform(hash.w, (__u8 *)(r->pool + i), workspace); |
954 |
|
955 |
-@@ -827,7 +952,8 @@ static void extract_buf(struct entropy_store *r, __u8 *out) |
956 |
+ /* |
957 |
+ * We mix the hash back into the pool to prevent backtracking |
958 |
+@@ -827,13 +960,14 @@ static void extract_buf(struct entropy_store *r, __u8 *out) |
959 |
* brute-forcing the feedback as hard as brute-forcing the |
960 |
* hash. |
961 |
*/ |
962 |
- mix_pool_bytes_extract(r, hash, sizeof(hash), extract); |
963 |
-+ __mix_pool_bytes(r, hash, sizeof(hash), extract); |
964 |
++ __mix_pool_bytes(r, hash.w, sizeof(hash.w), extract); |
965 |
+ spin_unlock_irqrestore(&r->lock, flags); |
966 |
|
967 |
/* |
968 |
* To avoid duplicates, we atomically extract a portion of the |
969 |
-@@ -850,11 +976,10 @@ static void extract_buf(struct entropy_store *r, __u8 *out) |
970 |
+ * pool while mixing, and hash one final time. |
971 |
+ */ |
972 |
+- sha_transform(hash, extract, workspace); |
973 |
++ sha_transform(hash.w, extract, workspace); |
974 |
+ memset(extract, 0, sizeof(extract)); |
975 |
+ memset(workspace, 0, sizeof(workspace)); |
976 |
+ |
977 |
+@@ -842,19 +976,30 @@ static void extract_buf(struct entropy_store *r, __u8 *out) |
978 |
+ * pattern, we fold it in half. Thus, we always feed back |
979 |
+ * twice as much data as we output. |
980 |
+ */ |
981 |
+- hash[0] ^= hash[3]; |
982 |
+- hash[1] ^= hash[4]; |
983 |
+- hash[2] ^= rol32(hash[2], 16); |
984 |
+- memcpy(out, hash, EXTRACT_SIZE); |
985 |
+- memset(hash, 0, sizeof(hash)); |
986 |
++ hash.w[0] ^= hash.w[3]; |
987 |
++ hash.w[1] ^= hash.w[4]; |
988 |
++ hash.w[2] ^= rol32(hash.w[2], 16); |
989 |
++ |
990 |
++ /* |
991 |
++ * If we have a architectural hardware random number |
992 |
++ * generator, mix that in, too. |
993 |
++ */ |
994 |
++ for (i = 0; i < LONGS(EXTRACT_SIZE); i++) { |
995 |
++ unsigned long v; |
996 |
++ if (!arch_get_random_long(&v)) |
997 |
++ break; |
998 |
++ hash.l[i] ^= v; |
999 |
++ } |
1000 |
++ |
1001 |
++ memcpy(out, &hash, EXTRACT_SIZE); |
1002 |
++ memset(&hash, 0, sizeof(hash)); |
1003 |
} |
1004 |
|
1005 |
static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
1006 |
@@ -34487,7 +34644,7 @@ index 3a19e2d..8eb80fc 100644 |
1007 |
|
1008 |
xfer_secondary_pool(r, nbytes); |
1009 |
nbytes = account(r, nbytes, min, reserved); |
1010 |
-@@ -862,7 +987,9 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
1011 |
+@@ -862,7 +1007,9 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
1012 |
while (nbytes) { |
1013 |
extract_buf(r, tmp); |
1014 |
|
1015 |
@@ -34498,7 +34655,7 @@ index 3a19e2d..8eb80fc 100644 |
1016 |
spin_lock_irqsave(&r->lock, flags); |
1017 |
if (!memcmp(tmp, r->last_data, EXTRACT_SIZE)) |
1018 |
panic("Hardware RNG duplicated output!\n"); |
1019 |
-@@ -926,7 +1053,21 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, |
1020 |
+@@ -926,7 +1073,21 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, |
1021 |
*/ |
1022 |
void get_random_bytes(void *buf, int nbytes) |
1023 |
{ |
1024 |
@@ -34521,7 +34678,7 @@ index 3a19e2d..8eb80fc 100644 |
1025 |
} |
1026 |
EXPORT_SYMBOL(get_random_bytes); |
1027 |
|
1028 |
-@@ -941,19 +1082,19 @@ EXPORT_SYMBOL(get_random_bytes); |
1029 |
+@@ -941,19 +1102,19 @@ EXPORT_SYMBOL(get_random_bytes); |
1030 |
*/ |
1031 |
static void init_std_data(struct entropy_store *r) |
1032 |
{ |
1033 |
@@ -34552,7 +34709,7 @@ index 3a19e2d..8eb80fc 100644 |
1034 |
} |
1035 |
|
1036 |
static int rand_initialize(void) |
1037 |
-@@ -1090,7 +1231,7 @@ write_pool(struct entropy_store *r, const char __user *buffer, size_t count) |
1038 |
+@@ -1090,7 +1251,7 @@ write_pool(struct entropy_store *r, const char __user *buffer, size_t count) |
1039 |
count -= bytes; |
1040 |
p += bytes; |
1041 |
|
1042 |
@@ -34561,7 +34718,7 @@ index 3a19e2d..8eb80fc 100644 |
1043 |
cond_resched(); |
1044 |
} |
1045 |
|
1046 |
-@@ -1209,7 +1350,7 @@ EXPORT_SYMBOL(generate_random_uuid); |
1047 |
+@@ -1209,7 +1370,7 @@ EXPORT_SYMBOL(generate_random_uuid); |
1048 |
#include <linux/sysctl.h> |
1049 |
|
1050 |
static int min_read_thresh = 8, min_write_thresh; |
1051 |
@@ -34570,7 +34727,7 @@ index 3a19e2d..8eb80fc 100644 |
1052 |
static int max_write_thresh = INPUT_POOL_WORDS * 32; |
1053 |
static char sysctl_bootid[16]; |
1054 |
|
1055 |
-@@ -1231,10 +1372,15 @@ static int proc_do_uuid(ctl_table *table, int write, |
1056 |
+@@ -1231,10 +1392,15 @@ static int proc_do_uuid(ctl_table *table, int write, |
1057 |
uuid = table->data; |
1058 |
if (!uuid) { |
1059 |
uuid = tmp_uuid; |
1060 |
@@ -34589,7 +34746,7 @@ index 3a19e2d..8eb80fc 100644 |
1061 |
|
1062 |
sprintf(buf, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-" |
1063 |
"%02x%02x%02x%02x%02x%02x", |
1064 |
-@@ -1279,6 +1425,7 @@ static int uuid_strategy(ctl_table *table, |
1065 |
+@@ -1279,6 +1445,7 @@ static int uuid_strategy(ctl_table *table, |
1066 |
} |
1067 |
|
1068 |
static int sysctl_poolsize = INPUT_POOL_WORDS * 32; |
1069 |
@@ -34597,7 +34754,7 @@ index 3a19e2d..8eb80fc 100644 |
1070 |
ctl_table random_table[] = { |
1071 |
{ |
1072 |
.ctl_name = RANDOM_POOLSIZE, |
1073 |
-@@ -1354,12 +1501,17 @@ late_initcall(random_int_secret_init); |
1074 |
+@@ -1354,12 +1521,17 @@ late_initcall(random_int_secret_init); |
1075 |
* value is not cryptographically secure but for several uses the cost of |
1076 |
* depleting entropy is too high |
1077 |
*/ |
1078 |
@@ -35490,10 +35647,27 @@ index 7ff6e75..a2965d9 100644 |
1079 |
void fw_card_initialize(struct fw_card *card, |
1080 |
const struct fw_card_driver *driver, struct device *device); |
1081 |
diff --git a/drivers/firmware/dmi_scan.c b/drivers/firmware/dmi_scan.c |
1082 |
-index 3a2ccb0..82fd7c4 100644 |
1083 |
+index 3a2ccb0..8365cd1 100644 |
1084 |
--- a/drivers/firmware/dmi_scan.c |
1085 |
+++ b/drivers/firmware/dmi_scan.c |
1086 |
-@@ -391,11 +391,6 @@ void __init dmi_scan_machine(void) |
1087 |
+@@ -6,6 +6,7 @@ |
1088 |
+ #include <linux/efi.h> |
1089 |
+ #include <linux/bootmem.h> |
1090 |
+ #include <linux/slab.h> |
1091 |
++#include <linux/random.h> |
1092 |
+ #include <asm/dmi.h> |
1093 |
+ |
1094 |
+ /* |
1095 |
+@@ -111,6 +112,8 @@ static int __init dmi_walk_early(void (*decode)(const struct dmi_header *, |
1096 |
+ |
1097 |
+ dmi_table(buf, dmi_len, dmi_num, decode, NULL); |
1098 |
+ |
1099 |
++ add_device_randomness(buf, dmi_len); |
1100 |
++ |
1101 |
+ dmi_iounmap(buf, dmi_len); |
1102 |
+ return 0; |
1103 |
+ } |
1104 |
+@@ -391,11 +394,6 @@ void __init dmi_scan_machine(void) |
1105 |
} |
1106 |
} |
1107 |
else { |
1108 |
@@ -35505,7 +35679,7 @@ index 3a2ccb0..82fd7c4 100644 |
1109 |
p = dmi_ioremap(0xF0000, 0x10000); |
1110 |
if (p == NULL) |
1111 |
goto error; |
1112 |
-@@ -667,7 +662,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), |
1113 |
+@@ -667,7 +665,7 @@ int dmi_walk(void (*decode)(const struct dmi_header *, void *), |
1114 |
if (buf == NULL) |
1115 |
return -1; |
1116 |
|
1117 |
@@ -62700,7 +62874,7 @@ index e4e4d43..66bcbcc 100644 |
1118 |
.update_status = aty128_bl_update_status, |
1119 |
}; |
1120 |
diff --git a/drivers/video/aty/atyfb_base.c b/drivers/video/aty/atyfb_base.c |
1121 |
-index 913b4a4..9295a38 100644 |
1122 |
+index 913b4a4..4de325a9 100644 |
1123 |
--- a/drivers/video/aty/atyfb_base.c |
1124 |
+++ b/drivers/video/aty/atyfb_base.c |
1125 |
@@ -2225,7 +2225,7 @@ static int aty_bl_get_brightness(struct backlight_device *bd) |
1126 |
@@ -62712,6 +62886,55 @@ index 913b4a4..9295a38 100644 |
1127 |
.get_brightness = aty_bl_get_brightness, |
1128 |
.update_status = aty_bl_update_status, |
1129 |
}; |
1130 |
+@@ -2970,9 +2970,8 @@ static int __devinit atyfb_setup_sparc(struct pci_dev *pdev, |
1131 |
+ { |
1132 |
+ struct atyfb_par *par = info->par; |
1133 |
+ struct device_node *dp; |
1134 |
+- char prop[128]; |
1135 |
+- int node, len, i, j, ret; |
1136 |
+ u32 mem, chip_id; |
1137 |
++ int i, j, ret; |
1138 |
+ |
1139 |
+ /* |
1140 |
+ * Map memory-mapped registers. |
1141 |
+@@ -3088,23 +3087,8 @@ static int __devinit atyfb_setup_sparc(struct pci_dev *pdev, |
1142 |
+ aty_st_le32(MEM_CNTL, mem, par); |
1143 |
+ } |
1144 |
+ |
1145 |
+- /* |
1146 |
+- * If this is the console device, we will set default video |
1147 |
+- * settings to what the PROM left us with. |
1148 |
+- */ |
1149 |
+- node = prom_getchild(prom_root_node); |
1150 |
+- node = prom_searchsiblings(node, "aliases"); |
1151 |
+- if (node) { |
1152 |
+- len = prom_getproperty(node, "screen", prop, sizeof(prop)); |
1153 |
+- if (len > 0) { |
1154 |
+- prop[len] = '\0'; |
1155 |
+- node = prom_finddevice(prop); |
1156 |
+- } else |
1157 |
+- node = 0; |
1158 |
+- } |
1159 |
+- |
1160 |
+ dp = pci_device_to_OF_node(pdev); |
1161 |
+- if (node == dp->node) { |
1162 |
++ if (dp == of_console_device) { |
1163 |
+ struct fb_var_screeninfo *var = &default_var; |
1164 |
+ unsigned int N, P, Q, M, T, R; |
1165 |
+ u32 v_total, h_total; |
1166 |
+@@ -3112,9 +3096,9 @@ static int __devinit atyfb_setup_sparc(struct pci_dev *pdev, |
1167 |
+ u8 pll_regs[16]; |
1168 |
+ u8 clock_cntl; |
1169 |
+ |
1170 |
+- crtc.vxres = prom_getintdefault(node, "width", 1024); |
1171 |
+- crtc.vyres = prom_getintdefault(node, "height", 768); |
1172 |
+- var->bits_per_pixel = prom_getintdefault(node, "depth", 8); |
1173 |
++ crtc.vxres = of_getintprop_default(dp, "width", 1024); |
1174 |
++ crtc.vyres = of_getintprop_default(dp, "height", 768); |
1175 |
++ var->bits_per_pixel = of_getintprop_default(dp, "depth", 8); |
1176 |
+ var->xoffset = var->yoffset = 0; |
1177 |
+ crtc.h_tot_disp = aty_ld_le32(CRTC_H_TOTAL_DISP, par); |
1178 |
+ crtc.h_sync_strt_wid = aty_ld_le32(CRTC_H_SYNC_STRT_WID, par); |
1179 |
diff --git a/drivers/video/aty/radeon_backlight.c b/drivers/video/aty/radeon_backlight.c |
1180 |
index 1a056ad..221bd6a 100644 |
1181 |
--- a/drivers/video/aty/radeon_backlight.c |
1182 |
@@ -66305,7 +66528,7 @@ index 0133b5a..3710d09 100644 |
1183 |
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm); |
1184 |
#ifdef __alpha__ |
1185 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
1186 |
-index a64fde6..36d9464 100644 |
1187 |
+index a64fde6..6583da2 100644 |
1188 |
--- a/fs/binfmt_elf.c |
1189 |
+++ b/fs/binfmt_elf.c |
1190 |
@@ -31,6 +31,7 @@ |
1191 |
@@ -66438,7 +66661,7 @@ index a64fde6..36d9464 100644 |
1192 |
error = -ENOMEM; |
1193 |
goto out_close; |
1194 |
} |
1195 |
-@@ -532,6 +558,349 @@ out: |
1196 |
+@@ -532,6 +558,311 @@ out: |
1197 |
return error; |
1198 |
} |
1199 |
|
1200 |
@@ -66458,15 +66681,6 @@ index a64fde6..36d9464 100644 |
1201 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
1202 |
+#endif |
1203 |
+ |
1204 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1205 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1206 |
-+ if (nx_enabled) |
1207 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
1208 |
-+ else |
1209 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1210 |
-+ } |
1211 |
-+#endif |
1212 |
-+ |
1213 |
+#ifdef CONFIG_PAX_EMUTRAMP |
1214 |
+ if (elf_phdata->p_flags & PF_EMUTRAMP) |
1215 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
1216 |
@@ -66500,15 +66714,6 @@ index a64fde6..36d9464 100644 |
1217 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
1218 |
+#endif |
1219 |
+ |
1220 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1221 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1222 |
-+ if (nx_enabled) |
1223 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
1224 |
-+ else |
1225 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1226 |
-+ } |
1227 |
-+#endif |
1228 |
-+ |
1229 |
+#ifdef CONFIG_PAX_EMUTRAMP |
1230 |
+ if (!(elf_phdata->p_flags & PF_NOEMUTRAMP)) |
1231 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
1232 |
@@ -66544,15 +66749,6 @@ index a64fde6..36d9464 100644 |
1233 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
1234 |
+#endif |
1235 |
+ |
1236 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1237 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1238 |
-+ if (nx_enabled) |
1239 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
1240 |
-+ else |
1241 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1242 |
-+ } |
1243 |
-+#endif |
1244 |
-+ |
1245 |
+#ifdef CONFIG_PAX_EMUTRAMP |
1246 |
+ if (pax_flags_softmode & MF_PAX_EMUTRAMP) |
1247 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
1248 |
@@ -66586,15 +66782,6 @@ index a64fde6..36d9464 100644 |
1249 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
1250 |
+#endif |
1251 |
+ |
1252 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1253 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1254 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
1255 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
1256 |
-+ else |
1257 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1258 |
-+ } |
1259 |
-+#endif |
1260 |
-+ |
1261 |
+#ifdef CONFIG_PAX_EMUTRAMP |
1262 |
+ if (!(pax_flags_hardmode & MF_PAX_EMUTRAMP)) |
1263 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
1264 |
@@ -66614,7 +66801,7 @@ index a64fde6..36d9464 100644 |
1265 |
+} |
1266 |
+#endif |
1267 |
+ |
1268 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
1269 |
++#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) |
1270 |
+static unsigned long pax_parse_ei_pax(const struct elfhdr * const elf_ex) |
1271 |
+{ |
1272 |
+ unsigned long pax_flags = 0UL; |
1273 |
@@ -66631,15 +66818,6 @@ index a64fde6..36d9464 100644 |
1274 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
1275 |
+#endif |
1276 |
+ |
1277 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1278 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1279 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
1280 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
1281 |
-+ else |
1282 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1283 |
-+ } |
1284 |
-+#endif |
1285 |
-+ |
1286 |
+#ifdef CONFIG_PAX_EMUTRAMP |
1287 |
+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) && (elf_ex->e_ident[EI_PAX] & EF_PAX_EMUTRAMP)) |
1288 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
1289 |
@@ -66661,19 +66839,17 @@ index a64fde6..36d9464 100644 |
1290 |
+ pax_flags |= MF_PAX_PAGEEXEC; |
1291 |
+#endif |
1292 |
+ |
1293 |
++#ifdef CONFIG_PAX_SEGMEXEC |
1294 |
++ pax_flags |= MF_PAX_SEGMEXEC; |
1295 |
++#endif |
1296 |
++ |
1297 |
+#ifdef CONFIG_PAX_MPROTECT |
1298 |
+ pax_flags |= MF_PAX_MPROTECT; |
1299 |
+#endif |
1300 |
+ |
1301 |
+#ifdef CONFIG_PAX_RANDMMAP |
1302 |
-+ pax_flags |= MF_PAX_RANDMMAP; |
1303 |
-+#endif |
1304 |
-+ |
1305 |
-+#ifdef CONFIG_PAX_SEGMEXEC |
1306 |
-+ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) { |
1307 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
1308 |
-+ pax_flags |= MF_PAX_SEGMEXEC; |
1309 |
-+ } |
1310 |
++ if (randomize_va_space) |
1311 |
++ pax_flags |= MF_PAX_RANDMMAP; |
1312 |
+#endif |
1313 |
+ |
1314 |
+#endif |
1315 |
@@ -66777,6 +66953,15 @@ index a64fde6..36d9464 100644 |
1316 |
+ if (pt_pax_flags != ~0UL) |
1317 |
+ pax_flags = pt_pax_flags; |
1318 |
+ |
1319 |
++#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
1320 |
++ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
1321 |
++ if ((__supported_pte_mask & _PAGE_NX)) |
1322 |
++ pax_flags &= ~MF_PAX_SEGMEXEC; |
1323 |
++ else |
1324 |
++ pax_flags &= ~MF_PAX_PAGEEXEC; |
1325 |
++ } |
1326 |
++#endif |
1327 |
++ |
1328 |
+ if (0 > pax_check_flags(&pax_flags)) |
1329 |
+ return -EINVAL; |
1330 |
+ |
1331 |
@@ -66788,7 +66973,7 @@ index a64fde6..36d9464 100644 |
1332 |
/* |
1333 |
* These are the functions used to load ELF style executables and shared |
1334 |
* libraries. There is no binary dependent code anywhere else. |
1335 |
-@@ -548,6 +917,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) |
1336 |
+@@ -548,6 +879,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) |
1337 |
{ |
1338 |
unsigned int random_variable = 0; |
1339 |
|
1340 |
@@ -66800,7 +66985,7 @@ index a64fde6..36d9464 100644 |
1341 |
if ((current->flags & PF_RANDOMIZE) && |
1342 |
!(current->personality & ADDR_NO_RANDOMIZE)) { |
1343 |
random_variable = get_random_int() & STACK_RND_MASK; |
1344 |
-@@ -566,7 +940,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1345 |
+@@ -566,7 +902,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1346 |
unsigned long load_addr = 0, load_bias = 0; |
1347 |
int load_addr_set = 0; |
1348 |
char * elf_interpreter = NULL; |
1349 |
@@ -66809,7 +66994,7 @@ index a64fde6..36d9464 100644 |
1350 |
struct elf_phdr *elf_ppnt, *elf_phdata; |
1351 |
unsigned long elf_bss, elf_brk; |
1352 |
int retval, i; |
1353 |
-@@ -576,11 +950,11 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1354 |
+@@ -576,11 +912,11 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1355 |
unsigned long start_code, end_code, start_data, end_data; |
1356 |
unsigned long reloc_func_desc = 0; |
1357 |
int executable_stack = EXSTACK_DEFAULT; |
1358 |
@@ -66822,7 +67007,7 @@ index a64fde6..36d9464 100644 |
1359 |
|
1360 |
loc = kmalloc(sizeof(*loc), GFP_KERNEL); |
1361 |
if (!loc) { |
1362 |
-@@ -718,11 +1092,80 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1363 |
+@@ -718,11 +1054,80 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1364 |
|
1365 |
/* OK, This is the point of no return */ |
1366 |
current->flags &= ~PF_FORKNOEXEC; |
1367 |
@@ -66847,7 +67032,7 @@ index a64fde6..36d9464 100644 |
1368 |
+ |
1369 |
+ current->mm->def_flags = 0; |
1370 |
+ |
1371 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
1372 |
++#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) |
1373 |
+ if (0 > pax_parse_pax_flags(&loc->elf_ex, elf_phdata, bprm->file)) { |
1374 |
+ send_sig(SIGKILL, current, 0); |
1375 |
+ goto out_free_dentry; |
1376 |
@@ -66904,7 +67089,7 @@ index a64fde6..36d9464 100644 |
1377 |
if (elf_read_implies_exec(loc->elf_ex, executable_stack)) |
1378 |
current->personality |= READ_IMPLIES_EXEC; |
1379 |
|
1380 |
-@@ -800,10 +1243,27 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1381 |
+@@ -800,10 +1205,27 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1382 |
* might try to exec. This is because the brk will |
1383 |
* follow the loader, and is not movable. */ |
1384 |
#ifdef CONFIG_X86 |
1385 |
@@ -66933,7 +67118,7 @@ index a64fde6..36d9464 100644 |
1386 |
} |
1387 |
|
1388 |
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, |
1389 |
-@@ -836,9 +1296,9 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1390 |
+@@ -836,9 +1258,9 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1391 |
* allowed task size. Note that p_filesz must always be |
1392 |
* <= p_memsz so it is only necessary to check p_memsz. |
1393 |
*/ |
1394 |
@@ -66946,7 +67131,7 @@ index a64fde6..36d9464 100644 |
1395 |
/* set_brk can never work. Avoid overflows. */ |
1396 |
send_sig(SIGKILL, current, 0); |
1397 |
retval = -EINVAL; |
1398 |
-@@ -877,11 +1337,40 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1399 |
+@@ -877,11 +1299,40 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
1400 |
goto out_free_dentry; |
1401 |
} |
1402 |
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { |
1403 |
@@ -66990,7 +67175,7 @@ index a64fde6..36d9464 100644 |
1404 |
if (elf_interpreter) { |
1405 |
unsigned long uninitialized_var(interp_map_addr); |
1406 |
|
1407 |
-@@ -1112,8 +1601,10 @@ static int dump_seek(struct file *file, loff_t off) |
1408 |
+@@ -1112,8 +1563,10 @@ static int dump_seek(struct file *file, loff_t off) |
1409 |
unsigned long n = off; |
1410 |
if (n > PAGE_SIZE) |
1411 |
n = PAGE_SIZE; |
1412 |
@@ -67002,7 +67187,7 @@ index a64fde6..36d9464 100644 |
1413 |
off -= n; |
1414 |
} |
1415 |
free_page((unsigned long)buf); |
1416 |
-@@ -1125,7 +1616,7 @@ static int dump_seek(struct file *file, loff_t off) |
1417 |
+@@ -1125,7 +1578,7 @@ static int dump_seek(struct file *file, loff_t off) |
1418 |
* Decide what to dump of a segment, part, all or none. |
1419 |
*/ |
1420 |
static unsigned long vma_dump_size(struct vm_area_struct *vma, |
1421 |
@@ -67011,7 +67196,7 @@ index a64fde6..36d9464 100644 |
1422 |
{ |
1423 |
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) |
1424 |
|
1425 |
-@@ -1159,7 +1650,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, |
1426 |
+@@ -1159,7 +1612,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, |
1427 |
if (vma->vm_file == NULL) |
1428 |
return 0; |
1429 |
|
1430 |
@@ -67020,7 +67205,7 @@ index a64fde6..36d9464 100644 |
1431 |
goto whole; |
1432 |
|
1433 |
/* |
1434 |
-@@ -1255,8 +1746,11 @@ static int writenote(struct memelfnote *men, struct file *file, |
1435 |
+@@ -1255,8 +1708,11 @@ static int writenote(struct memelfnote *men, struct file *file, |
1436 |
#undef DUMP_WRITE |
1437 |
|
1438 |
#define DUMP_WRITE(addr, nr) \ |
1439 |
@@ -67033,7 +67218,7 @@ index a64fde6..36d9464 100644 |
1440 |
|
1441 |
static void fill_elf_header(struct elfhdr *elf, int segs, |
1442 |
u16 machine, u32 flags, u8 osabi) |
1443 |
-@@ -1385,9 +1879,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) |
1444 |
+@@ -1385,9 +1841,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) |
1445 |
{ |
1446 |
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; |
1447 |
int i = 0; |
1448 |
@@ -67045,7 +67230,7 @@ index a64fde6..36d9464 100644 |
1449 |
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); |
1450 |
} |
1451 |
|
1452 |
-@@ -1973,7 +2467,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1453 |
+@@ -1973,7 +2429,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1454 |
phdr.p_offset = offset; |
1455 |
phdr.p_vaddr = vma->vm_start; |
1456 |
phdr.p_paddr = 0; |
1457 |
@@ -67054,7 +67239,7 @@ index a64fde6..36d9464 100644 |
1458 |
phdr.p_memsz = vma->vm_end - vma->vm_start; |
1459 |
offset += phdr.p_filesz; |
1460 |
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; |
1461 |
-@@ -2006,7 +2500,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1462 |
+@@ -2006,7 +2462,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1463 |
unsigned long addr; |
1464 |
unsigned long end; |
1465 |
|
1466 |
@@ -67063,7 +67248,7 @@ index a64fde6..36d9464 100644 |
1467 |
|
1468 |
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { |
1469 |
struct page *page; |
1470 |
-@@ -2015,6 +2509,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1471 |
+@@ -2015,6 +2471,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, un |
1472 |
page = get_dump_page(addr); |
1473 |
if (page) { |
1474 |
void *kaddr = kmap(page); |
1475 |
@@ -67071,7 +67256,7 @@ index a64fde6..36d9464 100644 |
1476 |
stop = ((size += PAGE_SIZE) > limit) || |
1477 |
!dump_write(file, kaddr, PAGE_SIZE); |
1478 |
kunmap(page); |
1479 |
-@@ -2042,6 +2537,97 @@ out: |
1480 |
+@@ -2042,6 +2499,97 @@ out: |
1481 |
|
1482 |
#endif /* USE_ELF_CORE_DUMP */ |
1483 |
|
1484 |
@@ -68898,7 +69083,7 @@ index f539204..068db1f 100644 |
1485 |
|
1486 |
fput(tfile); |
1487 |
diff --git a/fs/exec.c b/fs/exec.c |
1488 |
-index 86fafc6..d54d849 100644 |
1489 |
+index 86fafc6..a9275f4 100644 |
1490 |
--- a/fs/exec.c |
1491 |
+++ b/fs/exec.c |
1492 |
@@ -56,12 +56,33 @@ |
1493 |
@@ -69390,7 +69575,7 @@ index 86fafc6..d54d849 100644 |
1494 |
out: |
1495 |
if (bprm->mm) { |
1496 |
acct_arg_size(bprm, 0); |
1497 |
-@@ -1591,6 +1746,229 @@ out: |
1498 |
+@@ -1591,6 +1746,251 @@ out: |
1499 |
return ispipe; |
1500 |
} |
1501 |
|
1502 |
@@ -69535,7 +69720,7 @@ index 86fafc6..d54d849 100644 |
1503 |
+ |
1504 |
+#ifdef CONFIG_PAX_USERCOPY |
1505 |
+/* 0: not at all, 1: fully, 2: fully inside frame, -1: partially (implies an error) */ |
1506 |
-+int object_is_on_stack(const void *obj, unsigned long len) |
1507 |
++static noinline int check_stack_object(const void *obj, unsigned long len) |
1508 |
+{ |
1509 |
+ const void * const stack = task_stack_page(current); |
1510 |
+ const void * const stackend = stack + THREAD_SIZE; |
1511 |
@@ -69581,7 +69766,7 @@ index 86fafc6..d54d849 100644 |
1512 |
+#endif |
1513 |
+} |
1514 |
+ |
1515 |
-+__noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
1516 |
++static __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
1517 |
+{ |
1518 |
+ if (current->signal->curr_ip) |
1519 |
+ printk(KERN_ERR "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n", |
1520 |
@@ -69596,6 +69781,28 @@ index 86fafc6..d54d849 100644 |
1521 |
+} |
1522 |
+#endif |
1523 |
+ |
1524 |
++void check_object_size(const void *ptr, unsigned long n, bool to) |
1525 |
++{ |
1526 |
++ |
1527 |
++#ifdef CONFIG_PAX_USERCOPY |
1528 |
++ const char *type; |
1529 |
++ |
1530 |
++ if (!n) |
1531 |
++ return; |
1532 |
++ |
1533 |
++ type = check_heap_object(ptr, n, to); |
1534 |
++ if (!type) { |
1535 |
++ if (check_stack_object(ptr, n) != -1) |
1536 |
++ return; |
1537 |
++ type = "<process stack>"; |
1538 |
++ } |
1539 |
++ |
1540 |
++ pax_report_usercopy(ptr, n, to, type); |
1541 |
++#endif |
1542 |
++ |
1543 |
++} |
1544 |
++EXPORT_SYMBOL(check_object_size); |
1545 |
++ |
1546 |
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK |
1547 |
+void pax_track_stack(void) |
1548 |
+{ |
1549 |
@@ -69620,7 +69827,7 @@ index 86fafc6..d54d849 100644 |
1550 |
static int zap_process(struct task_struct *start) |
1551 |
{ |
1552 |
struct task_struct *t; |
1553 |
-@@ -1793,17 +2171,17 @@ static void wait_for_dump_helpers(struct file *file) |
1554 |
+@@ -1793,17 +2193,17 @@ static void wait_for_dump_helpers(struct file *file) |
1555 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
1556 |
|
1557 |
pipe_lock(pipe); |
1558 |
@@ -69643,7 +69850,7 @@ index 86fafc6..d54d849 100644 |
1559 |
pipe_unlock(pipe); |
1560 |
|
1561 |
} |
1562 |
-@@ -1826,10 +2204,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1563 |
+@@ -1826,10 +2226,13 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1564 |
char **helper_argv = NULL; |
1565 |
int helper_argc = 0; |
1566 |
int dump_count = 0; |
1567 |
@@ -69658,7 +69865,7 @@ index 86fafc6..d54d849 100644 |
1568 |
binfmt = mm->binfmt; |
1569 |
if (!binfmt || !binfmt->core_dump) |
1570 |
goto fail; |
1571 |
-@@ -1874,6 +2255,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1572 |
+@@ -1874,6 +2277,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1573 |
*/ |
1574 |
clear_thread_flag(TIF_SIGPENDING); |
1575 |
|
1576 |
@@ -69667,7 +69874,7 @@ index 86fafc6..d54d849 100644 |
1577 |
/* |
1578 |
* lock_kernel() because format_corename() is controlled by sysctl, which |
1579 |
* uses lock_kernel() |
1580 |
-@@ -1908,7 +2291,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1581 |
+@@ -1908,7 +2313,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
1582 |
goto fail_unlock; |
1583 |
} |
1584 |
|
1585 |
@@ -69676,7 +69883,7 @@ index 86fafc6..d54d849 100644 |
1586 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
1587 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
1588 |
task_tgid_vnr(current), current->comm); |
1589 |
-@@ -1972,7 +2355,7 @@ close_fail: |
1590 |
+@@ -1972,7 +2377,7 @@ close_fail: |
1591 |
filp_close(file, NULL); |
1592 |
fail_dropcount: |
1593 |
if (dump_count) |
1594 |
@@ -86059,7 +86266,7 @@ index f4906f6..71feb73 100644 |
1595 |
{ |
1596 |
return -ENODEV; |
1597 |
diff --git a/include/asm-generic/atomic-long.h b/include/asm-generic/atomic-long.h |
1598 |
-index b7babf0..a9ac9fc 100644 |
1599 |
+index b7babf0..1df7140 100644 |
1600 |
--- a/include/asm-generic/atomic-long.h |
1601 |
+++ b/include/asm-generic/atomic-long.h |
1602 |
@@ -22,6 +22,12 @@ |
1603 |
@@ -86280,7 +86487,7 @@ index b7babf0..a9ac9fc 100644 |
1604 |
static inline long atomic_long_dec_return(atomic_long_t *l) |
1605 |
{ |
1606 |
atomic_t *v = (atomic_t *)l; |
1607 |
-@@ -255,4 +375,47 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
1608 |
+@@ -255,4 +375,53 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
1609 |
|
1610 |
#endif /* BITS_PER_LONG == 64 */ |
1611 |
|
1612 |
@@ -86298,6 +86505,10 @@ index b7babf0..a9ac9fc 100644 |
1613 |
+ atomic_dec_unchecked((atomic_unchecked_t *)NULL); |
1614 |
+ atomic_cmpxchg_unchecked((atomic_unchecked_t *)NULL, 0, 0); |
1615 |
+ (void)atomic_xchg_unchecked((atomic_unchecked_t *)NULL, 0); |
1616 |
++#ifdef CONFIG_X86 |
1617 |
++ atomic_clear_mask_unchecked(0, NULL); |
1618 |
++ atomic_set_mask_unchecked(0, NULL); |
1619 |
++#endif |
1620 |
+ |
1621 |
+ atomic_long_read_unchecked((atomic_long_unchecked_t *)NULL); |
1622 |
+ atomic_long_set_unchecked((atomic_long_unchecked_t *)NULL, 0); |
1623 |
@@ -86318,6 +86529,8 @@ index b7babf0..a9ac9fc 100644 |
1624 |
+#define atomic_dec_unchecked(v) atomic_dec(v) |
1625 |
+#define atomic_cmpxchg_unchecked(v, o, n) atomic_cmpxchg((v), (o), (n)) |
1626 |
+#define atomic_xchg_unchecked(v, i) atomic_xchg((v), (i)) |
1627 |
++#define atomic_clear_mask_unchecked(mask, v) atomic_clear_mask((mask), (v)) |
1628 |
++#define atomic_set_mask_unchecked(mask, v) atomic_set_mask((mask), (v)) |
1629 |
+ |
1630 |
+#define atomic_long_read_unchecked(v) atomic_long_read(v) |
1631 |
+#define atomic_long_set_unchecked(v, i) atomic_long_set((v), (i)) |
1632 |
@@ -86328,6 +86541,19 @@ index b7babf0..a9ac9fc 100644 |
1633 |
+#endif |
1634 |
+ |
1635 |
#endif /* _ASM_GENERIC_ATOMIC_LONG_H */ |
1636 |
+diff --git a/include/asm-generic/atomic.h b/include/asm-generic/atomic.h |
1637 |
+index c99c64d..f173e40 100644 |
1638 |
+--- a/include/asm-generic/atomic.h |
1639 |
++++ b/include/asm-generic/atomic.h |
1640 |
+@@ -134,7 +134,7 @@ static inline void atomic_dec(atomic_t *v) |
1641 |
+ |
1642 |
+ #define atomic_inc_not_zero(v) atomic_add_unless((v), 1, 0) |
1643 |
+ |
1644 |
+-static inline void atomic_clear_mask(unsigned long mask, unsigned long *addr) |
1645 |
++static inline void atomic_clear_mask(unsigned int mask, atomic_t *v) |
1646 |
+ { |
1647 |
+ unsigned long flags; |
1648 |
+ |
1649 |
diff --git a/include/asm-generic/atomic64.h b/include/asm-generic/atomic64.h |
1650 |
index b18ce4f..2ee2843 100644 |
1651 |
--- a/include/asm-generic/atomic64.h |
1652 |
@@ -87030,20 +87256,25 @@ index c8f2a5f7..1618a5c 100644 |
1653 |
/* audit system wants to get cap info from files as well */ |
1654 |
struct dentry; |
1655 |
diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h |
1656 |
-index 450fa59..7c875cb 100644 |
1657 |
+index 450fa59..b658078 100644 |
1658 |
--- a/include/linux/compiler-gcc4.h |
1659 |
+++ b/include/linux/compiler-gcc4.h |
1660 |
-@@ -14,6 +14,9 @@ |
1661 |
+@@ -14,6 +14,14 @@ |
1662 |
#define __compiler_offsetof(a,b) __builtin_offsetof(a,b) |
1663 |
#define __always_inline inline __attribute__((always_inline)) |
1664 |
|
1665 |
+#ifdef SIZE_OVERFLOW_PLUGIN |
1666 |
+#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__))) |
1667 |
+#endif |
1668 |
++ |
1669 |
++#ifdef LATENT_ENTROPY_PLUGIN |
1670 |
++#define __latent_entropy __attribute__((latent_entropy)) |
1671 |
++#endif |
1672 |
++ |
1673 |
/* |
1674 |
* A trick to suppress uninitialized variable warning without generating any |
1675 |
* code |
1676 |
-@@ -36,4 +39,23 @@ |
1677 |
+@@ -36,4 +44,23 @@ |
1678 |
the kernel context */ |
1679 |
#define __cold __attribute__((__cold__)) |
1680 |
|
1681 |
@@ -87068,7 +87299,7 @@ index 450fa59..7c875cb 100644 |
1682 |
+#define __compiletime_error(message) __attribute__((error(message))) |
1683 |
#endif |
1684 |
diff --git a/include/linux/compiler.h b/include/linux/compiler.h |
1685 |
-index 04fb513..edaeada 100644 |
1686 |
+index 04fb513..7ab44ac 100644 |
1687 |
--- a/include/linux/compiler.h |
1688 |
+++ b/include/linux/compiler.h |
1689 |
@@ -5,11 +5,14 @@ |
1690 |
@@ -87121,7 +87352,7 @@ index 04fb513..edaeada 100644 |
1691 |
# define __chk_user_ptr(x) (void)0 |
1692 |
# define __chk_io_ptr(x) (void)0 |
1693 |
# define __builtin_warning(x, y...) (1) |
1694 |
-@@ -247,6 +271,17 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1695 |
+@@ -247,6 +271,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1696 |
# define __attribute_const__ /* unimplemented */ |
1697 |
#endif |
1698 |
|
1699 |
@@ -87136,10 +87367,15 @@ index 04fb513..edaeada 100644 |
1700 |
+#ifndef __size_overflow |
1701 |
+# define __size_overflow(...) |
1702 |
+#endif |
1703 |
++ |
1704 |
++#ifndef __latent_entropy |
1705 |
++# define __latent_entropy |
1706 |
++#endif |
1707 |
++ |
1708 |
/* |
1709 |
* Tell gcc if a function is cold. The compiler will assume any path |
1710 |
* directly leading to the call is unlikely. |
1711 |
-@@ -256,6 +291,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1712 |
+@@ -256,6 +296,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1713 |
#define __cold |
1714 |
#endif |
1715 |
|
1716 |
@@ -87162,7 +87398,7 @@ index 04fb513..edaeada 100644 |
1717 |
/* Simple shorthand for a section definition */ |
1718 |
#ifndef __section |
1719 |
# define __section(S) __attribute__ ((__section__(#S))) |
1720 |
-@@ -266,6 +317,19 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1721 |
+@@ -266,6 +322,19 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1722 |
# define __same_type(a, b) __builtin_types_compatible_p(typeof(a), typeof(b)) |
1723 |
#endif |
1724 |
|
1725 |
@@ -87182,7 +87418,7 @@ index 04fb513..edaeada 100644 |
1726 |
/* |
1727 |
* Prevent the compiler from merging or refetching accesses. The compiler |
1728 |
* is also forbidden from reordering successive instances of ACCESS_ONCE(), |
1729 |
-@@ -278,6 +342,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1730 |
+@@ -278,6 +347,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
1731 |
* use is to mediate communication between process-level code and irq/NMI |
1732 |
* handlers, all running on the same CPU. |
1733 |
*/ |
1734 |
@@ -87662,6 +87898,41 @@ index 297df45..b6a74ff 100644 |
1735 |
struct work_struct async_notify; |
1736 |
#ifdef CONFIG_BLK_DEV_INTEGRITY |
1737 |
struct blk_integrity *integrity; |
1738 |
+diff --git a/include/linux/gfp.h b/include/linux/gfp.h |
1739 |
+index 557bdad..b5e8c98 100644 |
1740 |
+--- a/include/linux/gfp.h |
1741 |
++++ b/include/linux/gfp.h |
1742 |
+@@ -53,6 +53,12 @@ struct vm_area_struct; |
1743 |
+ #define __GFP_THISNODE ((__force gfp_t)0x40000u)/* No fallback, no policies */ |
1744 |
+ #define __GFP_RECLAIMABLE ((__force gfp_t)0x80000u) /* Page is reclaimable */ |
1745 |
+ |
1746 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
1747 |
++#define __GFP_USERCOPY ((__force gfp_t)0x1000000u) |
1748 |
++#else |
1749 |
++#define __GFP_USERCOPY ((__force gfp_t)0) |
1750 |
++#endif |
1751 |
++ |
1752 |
+ #ifdef CONFIG_KMEMCHECK |
1753 |
+ #define __GFP_NOTRACK ((__force gfp_t)0x200000u) /* Don't track with kmemcheck */ |
1754 |
+ #else |
1755 |
+@@ -65,7 +71,7 @@ struct vm_area_struct; |
1756 |
+ */ |
1757 |
+ #define __GFP_NOTRACK_FALSE_POSITIVE (__GFP_NOTRACK) |
1758 |
+ |
1759 |
+-#define __GFP_BITS_SHIFT 22 /* Room for 22 __GFP_FOO bits */ |
1760 |
++#define __GFP_BITS_SHIFT 26 /* Room for 26 __GFP_FOO bits */ |
1761 |
+ #define __GFP_BITS_MASK ((__force gfp_t)((1 << __GFP_BITS_SHIFT) - 1)) |
1762 |
+ |
1763 |
+ /* This equals 0, but use constants in case they ever change */ |
1764 |
+@@ -115,6 +121,8 @@ struct vm_area_struct; |
1765 |
+ /* 4GB DMA on some platforms */ |
1766 |
+ #define GFP_DMA32 __GFP_DMA32 |
1767 |
+ |
1768 |
++#define GFP_USERCOPY __GFP_USERCOPY |
1769 |
++ |
1770 |
+ /* Convert GFP flags to their corresponding migrate type */ |
1771 |
+ static inline int allocflags_to_migratetype(gfp_t gfp_flags) |
1772 |
+ { |
1773 |
diff --git a/include/linux/gracl.h b/include/linux/gracl.h |
1774 |
new file mode 100644 |
1775 |
index 0000000..fc80ba3 |
1776 |
@@ -88779,6 +89050,54 @@ index 4c4e57d..f3c5303 100644 |
1777 |
struct list_head context_list; /* list of context id's |
1778 |
and pointers */ |
1779 |
#endif |
1780 |
+diff --git a/include/linux/init.h b/include/linux/init.h |
1781 |
+index ff8bde5..0296174 100644 |
1782 |
+--- a/include/linux/init.h |
1783 |
++++ b/include/linux/init.h |
1784 |
+@@ -38,9 +38,15 @@ |
1785 |
+ * Also note, that this data cannot be "const". |
1786 |
+ */ |
1787 |
+ |
1788 |
++#ifdef MODULE |
1789 |
++#define add_latent_entropy |
1790 |
++#else |
1791 |
++#define add_latent_entropy __latent_entropy |
1792 |
++#endif |
1793 |
++ |
1794 |
+ /* These are for everybody (although not all archs will actually |
1795 |
+ discard it in modules) */ |
1796 |
+-#define __init __section(.init.text) __cold notrace |
1797 |
++#define __init __section(.init.text) __cold notrace add_latent_entropy |
1798 |
+ #define __initdata __section(.init.data) |
1799 |
+ #define __initconst __section(.init.rodata) |
1800 |
+ #define __exitdata __section(.exit.data) |
1801 |
+@@ -75,7 +81,7 @@ |
1802 |
+ #define __exit __section(.exit.text) __exitused __cold |
1803 |
+ |
1804 |
+ /* Used for HOTPLUG */ |
1805 |
+-#define __devinit __section(.devinit.text) __cold |
1806 |
++#define __devinit __section(.devinit.text) __cold add_latent_entropy |
1807 |
+ #define __devinitdata __section(.devinit.data) |
1808 |
+ #define __devinitconst __section(.devinit.rodata) |
1809 |
+ #define __devexit __section(.devexit.text) __exitused __cold |
1810 |
+@@ -83,7 +89,7 @@ |
1811 |
+ #define __devexitconst __section(.devexit.rodata) |
1812 |
+ |
1813 |
+ /* Used for HOTPLUG_CPU */ |
1814 |
+-#define __cpuinit __section(.cpuinit.text) __cold |
1815 |
++#define __cpuinit __section(.cpuinit.text) __cold add_latent_entropy |
1816 |
+ #define __cpuinitdata __section(.cpuinit.data) |
1817 |
+ #define __cpuinitconst __section(.cpuinit.rodata) |
1818 |
+ #define __cpuexit __section(.cpuexit.text) __exitused __cold |
1819 |
+@@ -91,7 +97,7 @@ |
1820 |
+ #define __cpuexitconst __section(.cpuexit.rodata) |
1821 |
+ |
1822 |
+ /* Used for MEMORY_HOTPLUG */ |
1823 |
+-#define __meminit __section(.meminit.text) __cold |
1824 |
++#define __meminit __section(.meminit.text) __cold add_latent_entropy |
1825 |
+ #define __meminitdata __section(.meminit.data) |
1826 |
+ #define __meminitconst __section(.meminit.rodata) |
1827 |
+ #define __memexit __section(.memexit.text) __exitused __cold |
1828 |
diff --git a/include/linux/init_task.h b/include/linux/init_task.h |
1829 |
index 21a6f5d..7c7d19f 100644 |
1830 |
--- a/include/linux/init_task.h |
1831 |
@@ -89837,10 +90156,10 @@ index 7456d7d..6c1cfc9 100644 |
1832 |
static inline int ptrace_reparented(struct task_struct *child) |
1833 |
{ |
1834 |
diff --git a/include/linux/random.h b/include/linux/random.h |
1835 |
-index 2948046..6fe7065 100644 |
1836 |
+index 2948046..16bad29 100644 |
1837 |
--- a/include/linux/random.h |
1838 |
+++ b/include/linux/random.h |
1839 |
-@@ -46,9 +46,10 @@ struct rand_pool_info { |
1840 |
+@@ -46,9 +46,14 @@ struct rand_pool_info { |
1841 |
|
1842 |
extern void rand_initialize_irq(int irq); |
1843 |
|
1844 |
@@ -89849,10 +90168,14 @@ index 2948046..6fe7065 100644 |
1845 |
unsigned int value); |
1846 |
-extern void add_interrupt_randomness(int irq); |
1847 |
+extern void add_interrupt_randomness(int irq, int irq_flags); |
1848 |
++ |
1849 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
1850 |
++extern void transfer_latent_entropy(void); |
1851 |
++#endif |
1852 |
|
1853 |
extern void get_random_bytes(void *buf, int nbytes); |
1854 |
void generate_random_uuid(unsigned char uuid_out[16]); |
1855 |
-@@ -63,6 +64,24 @@ unsigned long randomize_range(unsigned long start, unsigned long end, unsigned l |
1856 |
+@@ -63,6 +68,24 @@ unsigned long randomize_range(unsigned long start, unsigned long end, unsigned l |
1857 |
u32 random32(void); |
1858 |
void srandom32(u32 seed); |
1859 |
|
1860 |
@@ -90005,7 +90328,7 @@ index 3392c59..a746428 100644 |
1861 |
#if defined(CONFIG_RFKILL) || defined(CONFIG_RFKILL_MODULE) |
1862 |
/** |
1863 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
1864 |
-index 71849bf..90ac063 100644 |
1865 |
+index 71849bf..903514a 100644 |
1866 |
--- a/include/linux/sched.h |
1867 |
+++ b/include/linux/sched.h |
1868 |
@@ -101,6 +101,7 @@ struct bio; |
1869 |
@@ -90208,7 +90531,7 @@ index 71849bf..90ac063 100644 |
1870 |
+extern void pax_report_fault(struct pt_regs *regs, void *pc, void *sp); |
1871 |
+extern void pax_report_insns(struct pt_regs *regs, void *pc, void *sp); |
1872 |
+extern void pax_report_refcount_overflow(struct pt_regs *regs); |
1873 |
-+extern __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type); |
1874 |
++extern void check_object_size(const void *ptr, unsigned long n, bool to); |
1875 |
+ |
1876 |
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK |
1877 |
+extern void pax_track_stack(void); |
1878 |
@@ -90255,7 +90578,7 @@ index 71849bf..90ac063 100644 |
1879 |
|
1880 |
extern void daemonize(const char *, ...); |
1881 |
extern int allow_signal(int); |
1882 |
-@@ -2284,13 +2384,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
1883 |
+@@ -2284,9 +2384,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
1884 |
|
1885 |
#endif |
1886 |
|
1887 |
@@ -90267,15 +90590,7 @@ index 71849bf..90ac063 100644 |
1888 |
|
1889 |
return (obj >= stack) && (obj < (stack + THREAD_SIZE)); |
1890 |
} |
1891 |
- |
1892 |
-+#ifdef CONFIG_PAX_USERCOPY |
1893 |
-+extern int object_is_on_stack(const void *obj, unsigned long len); |
1894 |
-+#endif |
1895 |
-+ |
1896 |
- extern void thread_info_cache_init(void); |
1897 |
- |
1898 |
- #ifdef CONFIG_DEBUG_STACK_USAGE |
1899 |
-@@ -2616,6 +2720,23 @@ static inline unsigned long rlimit_max(unsigned int limit) |
1900 |
+@@ -2616,6 +2716,23 @@ static inline unsigned long rlimit_max(unsigned int limit) |
1901 |
return task_rlimit_max(current, limit); |
1902 |
} |
1903 |
|
1904 |
@@ -90481,7 +90796,7 @@ index bcdd660..fd2e332 100644 |
1905 |
|
1906 |
/** |
1907 |
diff --git a/include/linux/slab.h b/include/linux/slab.h |
1908 |
-index 2da8372..96b37db 100644 |
1909 |
+index 2da8372..a462292 100644 |
1910 |
--- a/include/linux/slab.h |
1911 |
+++ b/include/linux/slab.h |
1912 |
@@ -11,12 +11,20 @@ |
1913 |
@@ -90496,7 +90811,7 @@ index 2da8372..96b37db 100644 |
1914 |
*/ |
1915 |
#define SLAB_DEBUG_FREE 0x00000100UL /* DEBUG: Perform (expensive) checks on free */ |
1916 |
+ |
1917 |
-+#ifdef CONFIG_PAX_USERCOPY |
1918 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
1919 |
+#define SLAB_USERCOPY 0x00000200UL /* PaX: Allow copying objs to/from userland */ |
1920 |
+#else |
1921 |
+#define SLAB_USERCOPY 0x00000000UL |
1922 |
@@ -90522,15 +90837,16 @@ index 2da8372..96b37db 100644 |
1923 |
|
1924 |
/* |
1925 |
* struct kmem_cache related prototypes |
1926 |
-@@ -138,6 +149,7 @@ void * __must_check krealloc(const void *, size_t, gfp_t); |
1927 |
+@@ -138,6 +149,8 @@ void * __must_check krealloc(const void *, size_t, gfp_t); |
1928 |
void kfree(const void *); |
1929 |
void kzfree(const void *); |
1930 |
size_t ksize(const void *); |
1931 |
-+void check_object_size(const void *ptr, unsigned long n, bool to); |
1932 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to); |
1933 |
++bool is_usercopy_object(const void *ptr); |
1934 |
|
1935 |
/* |
1936 |
* Allocator specific definitions. These are mainly used to establish optimized |
1937 |
-@@ -263,7 +275,7 @@ static inline void *kmem_cache_alloc_node(struct kmem_cache *cachep, |
1938 |
+@@ -263,7 +276,7 @@ static inline void *kmem_cache_alloc_node(struct kmem_cache *cachep, |
1939 |
* request comes from. |
1940 |
*/ |
1941 |
#if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) |
1942 |
@@ -90539,7 +90855,7 @@ index 2da8372..96b37db 100644 |
1943 |
#define kmalloc_track_caller(size, flags) \ |
1944 |
__kmalloc_track_caller(size, flags, _RET_IP_) |
1945 |
#else |
1946 |
-@@ -281,7 +293,7 @@ extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long); |
1947 |
+@@ -281,7 +294,7 @@ extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long); |
1948 |
* allocation request comes from. |
1949 |
*/ |
1950 |
#if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) |
1951 |
@@ -90549,7 +90865,7 @@ index 2da8372..96b37db 100644 |
1952 |
__kmalloc_node_track_caller(size, flags, node, \ |
1953 |
_RET_IP_) |
1954 |
diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h |
1955 |
-index 850d057..6de7888 100644 |
1956 |
+index 850d057..aa58075 100644 |
1957 |
--- a/include/linux/slab_def.h |
1958 |
+++ b/include/linux/slab_def.h |
1959 |
@@ -69,10 +69,10 @@ struct kmem_cache { |
1960 |
@@ -90567,7 +90883,16 @@ index 850d057..6de7888 100644 |
1961 |
|
1962 |
/* |
1963 |
* If debugging is enabled, then the allocator can add additional |
1964 |
-@@ -108,7 +108,7 @@ struct cache_sizes { |
1965 |
+@@ -104,11 +104,16 @@ struct cache_sizes { |
1966 |
+ #ifdef CONFIG_ZONE_DMA |
1967 |
+ struct kmem_cache *cs_dmacachep; |
1968 |
+ #endif |
1969 |
++ |
1970 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
1971 |
++ struct kmem_cache *cs_usercopycachep; |
1972 |
++#endif |
1973 |
++ |
1974 |
+ }; |
1975 |
extern struct cache_sizes malloc_sizes[]; |
1976 |
|
1977 |
void *kmem_cache_alloc(struct kmem_cache *, gfp_t); |
1978 |
@@ -90576,7 +90901,21 @@ index 850d057..6de7888 100644 |
1979 |
|
1980 |
#ifdef CONFIG_KMEMTRACE |
1981 |
extern void *kmem_cache_alloc_notrace(struct kmem_cache *cachep, gfp_t flags); |
1982 |
-@@ -163,7 +163,7 @@ found: |
1983 |
+@@ -150,6 +155,13 @@ found: |
1984 |
+ cachep = malloc_sizes[i].cs_dmacachep; |
1985 |
+ else |
1986 |
+ #endif |
1987 |
++ |
1988 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
1989 |
++ if (flags & GFP_USERCOPY) |
1990 |
++ cachep = malloc_sizes[i].cs_usercopycachep; |
1991 |
++ else |
1992 |
++#endif |
1993 |
++ |
1994 |
+ cachep = malloc_sizes[i].cs_cachep; |
1995 |
+ |
1996 |
+ ret = kmem_cache_alloc_notrace(cachep, flags); |
1997 |
+@@ -163,7 +175,7 @@ found: |
1998 |
} |
1999 |
|
2000 |
#ifdef CONFIG_NUMA |
2001 |
@@ -90585,6 +90924,20 @@ index 850d057..6de7888 100644 |
2002 |
extern void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node); |
2003 |
|
2004 |
#ifdef CONFIG_KMEMTRACE |
2005 |
+@@ -205,6 +217,13 @@ found: |
2006 |
+ cachep = malloc_sizes[i].cs_dmacachep; |
2007 |
+ else |
2008 |
+ #endif |
2009 |
++ |
2010 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2011 |
++ if (flags & GFP_USERCOPY) |
2012 |
++ cachep = malloc_sizes[i].cs_usercopycachep; |
2013 |
++ else |
2014 |
++#endif |
2015 |
++ |
2016 |
+ cachep = malloc_sizes[i].cs_cachep; |
2017 |
+ |
2018 |
+ ret = kmem_cache_alloc_node_notrace(cachep, flags, node); |
2019 |
diff --git a/include/linux/slob_def.h b/include/linux/slob_def.h |
2020 |
index 0ec00b3..39cb7fc 100644 |
2021 |
--- a/include/linux/slob_def.h |
2022 |
@@ -92254,7 +92607,7 @@ index 1fd59b8..a01b079 100644 |
2023 |
next_state = Reset; |
2024 |
return 0; |
2025 |
diff --git a/init/main.c b/init/main.c |
2026 |
-index 1eb4bd5..fea5bbe 100644 |
2027 |
+index 1eb4bd5..7bc6316 100644 |
2028 |
--- a/init/main.c |
2029 |
+++ b/init/main.c |
2030 |
@@ -97,6 +97,7 @@ static inline void mark_rodata_ro(void) { } |
2031 |
@@ -92385,7 +92738,40 @@ index 1eb4bd5..fea5bbe 100644 |
2032 |
} |
2033 |
|
2034 |
|
2035 |
-@@ -893,11 +938,13 @@ static int __init kernel_init(void * unused) |
2036 |
+@@ -760,9 +805,15 @@ static void __init do_initcalls(void) |
2037 |
+ { |
2038 |
+ initcall_t *call; |
2039 |
+ |
2040 |
+- for (call = __early_initcall_end; call < __initcall_end; call++) |
2041 |
++ for (call = __early_initcall_end; call < __initcall_end; call++) { |
2042 |
+ do_one_initcall(*call); |
2043 |
+ |
2044 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
2045 |
++ transfer_latent_entropy(); |
2046 |
++#endif |
2047 |
++ |
2048 |
++ } |
2049 |
++ |
2050 |
+ /* Make sure there is no pending stuff from the initcall sequence */ |
2051 |
+ flush_scheduled_work(); |
2052 |
+ } |
2053 |
+@@ -790,8 +841,14 @@ static void __init do_pre_smp_initcalls(void) |
2054 |
+ { |
2055 |
+ initcall_t *call; |
2056 |
+ |
2057 |
+- for (call = __initcall_start; call < __early_initcall_end; call++) |
2058 |
++ for (call = __initcall_start; call < __early_initcall_end; call++) { |
2059 |
+ do_one_initcall(*call); |
2060 |
++ |
2061 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
2062 |
++ transfer_latent_entropy(); |
2063 |
++#endif |
2064 |
++ |
2065 |
++ } |
2066 |
+ } |
2067 |
+ |
2068 |
+ static void run_init_process(char *init_filename) |
2069 |
+@@ -893,11 +950,13 @@ static int __init kernel_init(void * unused) |
2070 |
if (!ramdisk_execute_command) |
2071 |
ramdisk_execute_command = "/init"; |
2072 |
|
2073 |
@@ -95662,7 +96048,7 @@ index 40dd021..fb30ceb 100644 |
2074 |
mutex_lock(&pm_mutex); |
2075 |
suspend_ops = ops; |
2076 |
diff --git a/kernel/printk.c b/kernel/printk.c |
2077 |
-index 4cade47..4d17900 100644 |
2078 |
+index 4cade47..4ddd097 100644 |
2079 |
--- a/kernel/printk.c |
2080 |
+++ b/kernel/printk.c |
2081 |
@@ -33,6 +33,7 @@ |
2082 |
@@ -95793,6 +96179,36 @@ index 4cade47..4d17900 100644 |
2083 |
} |
2084 |
|
2085 |
/* |
2086 |
+@@ -1153,6 +1154,18 @@ void console_start(struct console *console) |
2087 |
+ } |
2088 |
+ EXPORT_SYMBOL(console_start); |
2089 |
+ |
2090 |
++static int __read_mostly keep_bootcon = 0; |
2091 |
++ |
2092 |
++static int __init keep_bootcon_setup(char *str) |
2093 |
++{ |
2094 |
++ keep_bootcon = 1; |
2095 |
++ printk(KERN_INFO "debug: skip boot console de-registration.\n"); |
2096 |
++ |
2097 |
++ return 0; |
2098 |
++} |
2099 |
++ |
2100 |
++early_param("keep_bootcon", keep_bootcon_setup); |
2101 |
++ |
2102 |
+ /* |
2103 |
+ * The console driver calls this routine during kernel initialization |
2104 |
+ * to register the console printing procedure with printk() and to |
2105 |
+@@ -1299,7 +1312,9 @@ void register_console(struct console *newcon) |
2106 |
+ * users know there might be something in the kernel's log buffer that |
2107 |
+ * went to the bootconsole (that they do not see on the real console) |
2108 |
+ */ |
2109 |
+- if (bcon && ((newcon->flags & (CON_CONSDEV | CON_BOOT)) == CON_CONSDEV)) { |
2110 |
++ if (bcon && |
2111 |
++ ((newcon->flags & (CON_CONSDEV | CON_BOOT)) == CON_CONSDEV) && |
2112 |
++ !keep_bootcon) { |
2113 |
+ /* we need to iterate through twice, to make sure we print |
2114 |
+ * everything out, before we unregister the console(s) |
2115 |
+ */ |
2116 |
diff --git a/kernel/profile.c b/kernel/profile.c |
2117 |
index dfadc5b..7f59404 100644 |
2118 |
--- a/kernel/profile.c |
2119 |
@@ -99244,7 +99660,7 @@ index aaca868..2ebecdc 100644 |
2120 |
err = -EPERM; |
2121 |
goto out; |
2122 |
diff --git a/mm/mlock.c b/mm/mlock.c |
2123 |
-index 2d846cf..98134d2 100644 |
2124 |
+index 2d846cf..8d5cdd8 100644 |
2125 |
--- a/mm/mlock.c |
2126 |
+++ b/mm/mlock.c |
2127 |
@@ -13,6 +13,7 @@ |
2128 |
@@ -99287,7 +99703,7 @@ index 2d846cf..98134d2 100644 |
2129 |
unsigned long nstart, end, tmp; |
2130 |
struct vm_area_struct * vma, * prev; |
2131 |
- int error; |
2132 |
-+ int error = -EINVAL; |
2133 |
++ int error = 0; |
2134 |
|
2135 |
len = PAGE_ALIGN(len); |
2136 |
end = start + len; |
2137 |
@@ -101176,7 +101592,7 @@ index 3e0005b..1d659a8 100644 |
2138 |
return -ENOMEM; |
2139 |
|
2140 |
diff --git a/mm/slab.c b/mm/slab.c |
2141 |
-index c8d466a..909e01e 100644 |
2142 |
+index c8d466a..60546da 100644 |
2143 |
--- a/mm/slab.c |
2144 |
+++ b/mm/slab.c |
2145 |
@@ -174,7 +174,7 @@ |
2146 |
@@ -101230,7 +101646,33 @@ index c8d466a..909e01e 100644 |
2147 |
{ |
2148 |
u32 offset = (obj - slab->s_mem); |
2149 |
return reciprocal_divide(offset, cache->reciprocal_buffer_size); |
2150 |
-@@ -1453,7 +1453,7 @@ void __init kmem_cache_init(void) |
2151 |
+@@ -579,10 +579,11 @@ EXPORT_SYMBOL(malloc_sizes); |
2152 |
+ struct cache_names { |
2153 |
+ char *name; |
2154 |
+ char *name_dma; |
2155 |
++ char *name_usercopy; |
2156 |
+ }; |
2157 |
+ |
2158 |
+ static struct cache_names __initdata cache_names[] = { |
2159 |
+-#define CACHE(x) { .name = "size-" #x, .name_dma = "size-" #x "(DMA)" }, |
2160 |
++#define CACHE(x) { .name = "size-" #x, .name_dma = "size-" #x "(DMA)", .name_usercopy = "size-" #x "(USERCOPY)" }, |
2161 |
+ #include <linux/kmalloc_sizes.h> |
2162 |
+ {NULL,} |
2163 |
+ #undef CACHE |
2164 |
+@@ -719,6 +720,12 @@ static inline struct kmem_cache *__find_general_cachep(size_t size, |
2165 |
+ if (unlikely(gfpflags & GFP_DMA)) |
2166 |
+ return csizep->cs_dmacachep; |
2167 |
+ #endif |
2168 |
++ |
2169 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2170 |
++ if (unlikely(gfpflags & GFP_USERCOPY)) |
2171 |
++ return csizep->cs_usercopycachep; |
2172 |
++#endif |
2173 |
++ |
2174 |
+ return csizep->cs_cachep; |
2175 |
+ } |
2176 |
+ |
2177 |
+@@ -1453,7 +1460,7 @@ void __init kmem_cache_init(void) |
2178 |
sizes[INDEX_AC].cs_cachep = kmem_cache_create(names[INDEX_AC].name, |
2179 |
sizes[INDEX_AC].cs_size, |
2180 |
ARCH_KMALLOC_MINALIGN, |
2181 |
@@ -101239,7 +101681,7 @@ index c8d466a..909e01e 100644 |
2182 |
NULL); |
2183 |
|
2184 |
if (INDEX_AC != INDEX_L3) { |
2185 |
-@@ -1461,7 +1461,7 @@ void __init kmem_cache_init(void) |
2186 |
+@@ -1461,7 +1468,7 @@ void __init kmem_cache_init(void) |
2187 |
kmem_cache_create(names[INDEX_L3].name, |
2188 |
sizes[INDEX_L3].cs_size, |
2189 |
ARCH_KMALLOC_MINALIGN, |
2190 |
@@ -101248,7 +101690,7 @@ index c8d466a..909e01e 100644 |
2191 |
NULL); |
2192 |
} |
2193 |
|
2194 |
-@@ -1479,7 +1479,7 @@ void __init kmem_cache_init(void) |
2195 |
+@@ -1479,7 +1486,7 @@ void __init kmem_cache_init(void) |
2196 |
sizes->cs_cachep = kmem_cache_create(names->name, |
2197 |
sizes->cs_size, |
2198 |
ARCH_KMALLOC_MINALIGN, |
2199 |
@@ -101257,7 +101699,24 @@ index c8d466a..909e01e 100644 |
2200 |
NULL); |
2201 |
} |
2202 |
#ifdef CONFIG_ZONE_DMA |
2203 |
-@@ -4211,10 +4211,10 @@ static int s_show(struct seq_file *m, void *p) |
2204 |
+@@ -1491,6 +1498,16 @@ void __init kmem_cache_init(void) |
2205 |
+ SLAB_PANIC, |
2206 |
+ NULL); |
2207 |
+ #endif |
2208 |
++ |
2209 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2210 |
++ sizes->cs_usercopycachep = kmem_cache_create( |
2211 |
++ names->name_usercopy, |
2212 |
++ sizes->cs_size, |
2213 |
++ ARCH_KMALLOC_MINALIGN, |
2214 |
++ ARCH_KMALLOC_FLAGS|SLAB_PANIC|SLAB_USERCOPY, |
2215 |
++ NULL); |
2216 |
++#endif |
2217 |
++ |
2218 |
+ sizes++; |
2219 |
+ names++; |
2220 |
+ } |
2221 |
+@@ -4211,10 +4228,10 @@ static int s_show(struct seq_file *m, void *p) |
2222 |
} |
2223 |
/* cpu stats */ |
2224 |
{ |
2225 |
@@ -101272,7 +101731,7 @@ index c8d466a..909e01e 100644 |
2226 |
|
2227 |
seq_printf(m, " : cpustat %6lu %6lu %6lu %6lu", |
2228 |
allochit, allocmiss, freehit, freemiss); |
2229 |
-@@ -4471,15 +4471,70 @@ static const struct file_operations proc_slabstats_operations = { |
2230 |
+@@ -4471,15 +4488,76 @@ static const struct file_operations proc_slabstats_operations = { |
2231 |
|
2232 |
static int __init slab_proc_init(void) |
2233 |
{ |
2234 |
@@ -101293,60 +101752,66 @@ index c8d466a..909e01e 100644 |
2235 |
module_init(slab_proc_init); |
2236 |
#endif |
2237 |
|
2238 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
2239 |
++bool is_usercopy_object(const void *ptr) |
2240 |
+{ |
2241 |
++ struct page *page; |
2242 |
++ struct kmem_cache *cachep; |
2243 |
++ |
2244 |
++ if (ZERO_OR_NULL_PTR(ptr)) |
2245 |
++ return false; |
2246 |
++ |
2247 |
++ if (!virt_addr_valid(ptr)) |
2248 |
++ return false; |
2249 |
++ |
2250 |
++ page = virt_to_head_page(ptr); |
2251 |
++ |
2252 |
++ if (!PageSlab(page)) |
2253 |
++ return false; |
2254 |
++ |
2255 |
++ cachep = page_get_cache(page); |
2256 |
++ return cachep->flags & SLAB_USERCOPY; |
2257 |
++} |
2258 |
+ |
2259 |
+#ifdef CONFIG_PAX_USERCOPY |
2260 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
2261 |
++{ |
2262 |
+ struct page *page; |
2263 |
-+ struct kmem_cache *cachep = NULL; |
2264 |
++ struct kmem_cache *cachep; |
2265 |
+ struct slab *slabp; |
2266 |
+ unsigned int objnr; |
2267 |
+ unsigned long offset; |
2268 |
-+ const char *type; |
2269 |
-+ |
2270 |
-+ if (!n) |
2271 |
-+ return; |
2272 |
+ |
2273 |
-+ type = "<null>"; |
2274 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
2275 |
-+ goto report; |
2276 |
++ return "<null>"; |
2277 |
+ |
2278 |
+ if (!virt_addr_valid(ptr)) |
2279 |
-+ return; |
2280 |
++ return NULL; |
2281 |
+ |
2282 |
+ page = virt_to_head_page(ptr); |
2283 |
+ |
2284 |
-+ type = "<process stack>"; |
2285 |
-+ if (!PageSlab(page)) { |
2286 |
-+ if (object_is_on_stack(ptr, n) == -1) |
2287 |
-+ goto report; |
2288 |
-+ return; |
2289 |
-+ } |
2290 |
++ if (!PageSlab(page)) |
2291 |
++ return NULL; |
2292 |
+ |
2293 |
+ cachep = page_get_cache(page); |
2294 |
-+ type = cachep->name; |
2295 |
+ if (!(cachep->flags & SLAB_USERCOPY)) |
2296 |
-+ goto report; |
2297 |
++ return cachep->name; |
2298 |
+ |
2299 |
+ slabp = page_get_slab(page); |
2300 |
+ objnr = obj_to_index(cachep, slabp, ptr); |
2301 |
+ BUG_ON(objnr >= cachep->num); |
2302 |
+ offset = ptr - index_to_obj(cachep, slabp, objnr) - obj_offset(cachep); |
2303 |
+ if (offset <= obj_size(cachep) && n <= obj_size(cachep) - offset) |
2304 |
-+ return; |
2305 |
-+ |
2306 |
-+report: |
2307 |
-+ pax_report_usercopy(ptr, n, to, type); |
2308 |
-+#endif |
2309 |
++ return NULL; |
2310 |
+ |
2311 |
++ return cachep->name; |
2312 |
+} |
2313 |
-+EXPORT_SYMBOL(check_object_size); |
2314 |
++#endif |
2315 |
+ |
2316 |
/** |
2317 |
* ksize - get the actual amount of memory allocated for a given object |
2318 |
* @objp: Pointer to the object |
2319 |
diff --git a/mm/slob.c b/mm/slob.c |
2320 |
-index 837ebd6..0bd23bc 100644 |
2321 |
+index 837ebd6..d24d63b 100644 |
2322 |
--- a/mm/slob.c |
2323 |
+++ b/mm/slob.c |
2324 |
@@ -29,7 +29,7 @@ |
2325 |
@@ -101497,7 +101962,7 @@ index 837ebd6..0bd23bc 100644 |
2326 |
return ret; |
2327 |
} |
2328 |
EXPORT_SYMBOL(__kmalloc_node); |
2329 |
-@@ -528,13 +542,92 @@ void kfree(const void *block) |
2330 |
+@@ -528,13 +542,83 @@ void kfree(const void *block) |
2331 |
sp = slob_page(block); |
2332 |
if (is_slob_page(sp)) { |
2333 |
int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); |
2334 |
@@ -101515,40 +101980,34 @@ index 837ebd6..0bd23bc 100644 |
2335 |
} |
2336 |
EXPORT_SYMBOL(kfree); |
2337 |
|
2338 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
2339 |
++bool is_usercopy_object(const void *ptr) |
2340 |
+{ |
2341 |
++ return false; |
2342 |
++} |
2343 |
+ |
2344 |
+#ifdef CONFIG_PAX_USERCOPY |
2345 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
2346 |
++{ |
2347 |
+ struct slob_page *sp; |
2348 |
+ const slob_t *free; |
2349 |
+ const void *base; |
2350 |
+ unsigned long flags; |
2351 |
-+ const char *type; |
2352 |
+ |
2353 |
-+ if (!n) |
2354 |
-+ return; |
2355 |
-+ |
2356 |
-+ type = "<null>"; |
2357 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
2358 |
-+ goto report; |
2359 |
++ return "<null>"; |
2360 |
+ |
2361 |
+ if (!virt_addr_valid(ptr)) |
2362 |
-+ return; |
2363 |
++ return NULL; |
2364 |
+ |
2365 |
-+ type = "<process stack>"; |
2366 |
+ sp = slob_page(ptr); |
2367 |
-+ if (!PageSlab((struct page *)sp)) { |
2368 |
-+ if (object_is_on_stack(ptr, n) == -1) |
2369 |
-+ goto report; |
2370 |
-+ return; |
2371 |
-+ } |
2372 |
++ if (!PageSlab((struct page *)sp)) |
2373 |
++ return NULL; |
2374 |
+ |
2375 |
-+ type = "<slob>"; |
2376 |
+ if (sp->size) { |
2377 |
+ base = page_address(&sp->page); |
2378 |
+ if (base <= ptr && n <= sp->size - (ptr - base)) |
2379 |
-+ return; |
2380 |
-+ goto report; |
2381 |
++ return NULL; |
2382 |
++ return "<slob>"; |
2383 |
+ } |
2384 |
+ |
2385 |
+ /* some tricky double walking to find the chunk */ |
2386 |
@@ -101579,21 +102038,18 @@ index 837ebd6..0bd23bc 100644 |
2387 |
+ break; |
2388 |
+ |
2389 |
+ spin_unlock_irqrestore(&slob_lock, flags); |
2390 |
-+ return; |
2391 |
++ return NULL; |
2392 |
+ } |
2393 |
+ |
2394 |
+ spin_unlock_irqrestore(&slob_lock, flags); |
2395 |
-+report: |
2396 |
-+ pax_report_usercopy(ptr, n, to, type); |
2397 |
-+#endif |
2398 |
-+ |
2399 |
++ return "<slob>"; |
2400 |
+} |
2401 |
-+EXPORT_SYMBOL(check_object_size); |
2402 |
++#endif |
2403 |
+ |
2404 |
/* can't use ksize for kmem_cache_alloc memory, only kmalloc */ |
2405 |
size_t ksize(const void *block) |
2406 |
{ |
2407 |
-@@ -547,10 +640,10 @@ size_t ksize(const void *block) |
2408 |
+@@ -547,10 +631,10 @@ size_t ksize(const void *block) |
2409 |
sp = slob_page(block); |
2410 |
if (is_slob_page(sp)) { |
2411 |
int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); |
2412 |
@@ -101607,11 +102063,11 @@ index 837ebd6..0bd23bc 100644 |
2413 |
} |
2414 |
EXPORT_SYMBOL(ksize); |
2415 |
|
2416 |
-@@ -566,8 +659,13 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2417 |
+@@ -566,8 +650,13 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2418 |
{ |
2419 |
struct kmem_cache *c; |
2420 |
|
2421 |
-+#ifdef CONFIG_PAX_USERCOPY |
2422 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2423 |
+ c = __kmalloc_node_align(sizeof(struct kmem_cache), |
2424 |
+ GFP_KERNEL, -1, ARCH_KMALLOC_MINALIGN); |
2425 |
+#else |
2426 |
@@ -101621,11 +102077,11 @@ index 837ebd6..0bd23bc 100644 |
2427 |
|
2428 |
if (c) { |
2429 |
c->name = name; |
2430 |
-@@ -605,17 +703,25 @@ void *kmem_cache_alloc_node(struct kmem_cache *c, gfp_t flags, int node) |
2431 |
+@@ -605,17 +694,25 @@ void *kmem_cache_alloc_node(struct kmem_cache *c, gfp_t flags, int node) |
2432 |
{ |
2433 |
void *b; |
2434 |
|
2435 |
-+#ifdef CONFIG_PAX_USERCOPY |
2436 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2437 |
+ b = __kmalloc_node_align(c->size, flags, node, c->align); |
2438 |
+#else |
2439 |
if (c->size < PAGE_SIZE) { |
2440 |
@@ -101647,7 +102103,7 @@ index 837ebd6..0bd23bc 100644 |
2441 |
|
2442 |
if (c->ctor) |
2443 |
c->ctor(b); |
2444 |
-@@ -627,10 +733,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); |
2445 |
+@@ -627,10 +724,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); |
2446 |
|
2447 |
static void __kmem_cache_free(void *b, int size) |
2448 |
{ |
2449 |
@@ -101666,13 +102122,13 @@ index 837ebd6..0bd23bc 100644 |
2450 |
} |
2451 |
|
2452 |
static void kmem_rcu_free(struct rcu_head *head) |
2453 |
-@@ -643,18 +755,32 @@ static void kmem_rcu_free(struct rcu_head *head) |
2454 |
+@@ -643,18 +746,32 @@ static void kmem_rcu_free(struct rcu_head *head) |
2455 |
|
2456 |
void kmem_cache_free(struct kmem_cache *c, void *b) |
2457 |
{ |
2458 |
+ int size = c->size; |
2459 |
+ |
2460 |
-+#ifdef CONFIG_PAX_USERCOPY |
2461 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2462 |
+ if (size + c->align < PAGE_SIZE) { |
2463 |
+ size += c->align; |
2464 |
+ b -= c->align; |
2465 |
@@ -101693,7 +102149,7 @@ index 837ebd6..0bd23bc 100644 |
2466 |
+ __kmem_cache_free(b, size); |
2467 |
} |
2468 |
|
2469 |
-+#ifdef CONFIG_PAX_USERCOPY |
2470 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2471 |
+ trace_kfree(_RET_IP_, b); |
2472 |
+#else |
2473 |
trace_kmem_cache_free(_RET_IP_, b); |
2474 |
@@ -101703,7 +102159,7 @@ index 837ebd6..0bd23bc 100644 |
2475 |
EXPORT_SYMBOL(kmem_cache_free); |
2476 |
|
2477 |
diff --git a/mm/slub.c b/mm/slub.c |
2478 |
-index 4996fc7..87e01d0 100644 |
2479 |
+index 4996fc7..38850dd 100644 |
2480 |
--- a/mm/slub.c |
2481 |
+++ b/mm/slub.c |
2482 |
@@ -201,7 +201,7 @@ struct track { |
2483 |
@@ -101776,58 +102232,89 @@ index 4996fc7..87e01d0 100644 |
2484 |
|
2485 |
/* |
2486 |
* This function is called with IRQs disabled during early-boot on |
2487 |
-@@ -2915,6 +2914,50 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) |
2488 |
+@@ -2792,6 +2791,10 @@ out: |
2489 |
+ } |
2490 |
+ #endif |
2491 |
+ |
2492 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2493 |
++static struct kmem_cache kmalloc_caches_usercopy[SLUB_PAGE_SHIFT]; |
2494 |
++#endif |
2495 |
++ |
2496 |
+ /* |
2497 |
+ * Conversion table for small slabs sizes / 8 to the index in the |
2498 |
+ * kmalloc array. This is necessary for slabs < 192 since we have non power |
2499 |
+@@ -2847,6 +2850,13 @@ static struct kmem_cache *get_slab(size_t size, gfp_t flags) |
2500 |
+ return dma_kmalloc_cache(index, flags); |
2501 |
+ |
2502 |
+ #endif |
2503 |
++ |
2504 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2505 |
++ if (flags & SLAB_USERCOPY) |
2506 |
++ return &kmalloc_caches_usercopy[index]; |
2507 |
++ |
2508 |
++#endif |
2509 |
++ |
2510 |
+ return &kmalloc_caches[index]; |
2511 |
+ } |
2512 |
+ |
2513 |
+@@ -2915,6 +2925,56 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) |
2514 |
EXPORT_SYMBOL(__kmalloc_node); |
2515 |
#endif |
2516 |
|
2517 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
2518 |
++bool is_usercopy_object(const void *ptr) |
2519 |
+{ |
2520 |
++ struct page *page; |
2521 |
++ struct kmem_cache *s; |
2522 |
++ |
2523 |
++ if (ZERO_OR_NULL_PTR(ptr)) |
2524 |
++ return false; |
2525 |
++ |
2526 |
++ if (!virt_addr_valid(ptr)) |
2527 |
++ return false; |
2528 |
++ |
2529 |
++ page = virt_to_head_page(ptr); |
2530 |
++ |
2531 |
++ if (!PageSlab(page)) |
2532 |
++ return false; |
2533 |
++ |
2534 |
++ s = page->slab; |
2535 |
++ return s->flags & SLAB_USERCOPY; |
2536 |
++} |
2537 |
+ |
2538 |
+#ifdef CONFIG_PAX_USERCOPY |
2539 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
2540 |
++{ |
2541 |
+ struct page *page; |
2542 |
-+ struct kmem_cache *s = NULL; |
2543 |
++ struct kmem_cache *s; |
2544 |
+ unsigned long offset; |
2545 |
-+ const char *type; |
2546 |
+ |
2547 |
-+ if (!n) |
2548 |
-+ return; |
2549 |
-+ |
2550 |
-+ type = "<null>"; |
2551 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
2552 |
-+ goto report; |
2553 |
++ return "<null>"; |
2554 |
+ |
2555 |
+ if (!virt_addr_valid(ptr)) |
2556 |
-+ return; |
2557 |
++ return NULL; |
2558 |
+ |
2559 |
+ page = get_object_page(ptr); |
2560 |
+ |
2561 |
-+ type = "<process stack>"; |
2562 |
-+ if (!page) { |
2563 |
-+ if (object_is_on_stack(ptr, n) == -1) |
2564 |
-+ goto report; |
2565 |
-+ return; |
2566 |
-+ } |
2567 |
++ if (!page) |
2568 |
++ return NULL; |
2569 |
+ |
2570 |
+ s = page->slab; |
2571 |
-+ type = s->name; |
2572 |
+ if (!(s->flags & SLAB_USERCOPY)) |
2573 |
-+ goto report; |
2574 |
++ return s->name; |
2575 |
+ |
2576 |
+ offset = (ptr - page_address(page)) % s->size; |
2577 |
+ if (offset <= s->objsize && n <= s->objsize - offset) |
2578 |
-+ return; |
2579 |
-+ |
2580 |
-+report: |
2581 |
-+ pax_report_usercopy(ptr, n, to, type); |
2582 |
-+#endif |
2583 |
++ return NULL; |
2584 |
+ |
2585 |
++ return s->name; |
2586 |
+} |
2587 |
-+EXPORT_SYMBOL(check_object_size); |
2588 |
++#endif |
2589 |
+ |
2590 |
size_t ksize(const void *object) |
2591 |
{ |
2592 |
struct page *page; |
2593 |
-@@ -3185,8 +3228,8 @@ void __init kmem_cache_init(void) |
2594 |
+@@ -3185,8 +3245,8 @@ void __init kmem_cache_init(void) |
2595 |
* kmem_cache_open for slab_state == DOWN. |
2596 |
*/ |
2597 |
create_kmalloc_cache(&kmalloc_caches[0], "kmem_cache_node", |
2598 |
@@ -101838,7 +102325,7 @@ index 4996fc7..87e01d0 100644 |
2599 |
caches++; |
2600 |
|
2601 |
hotplug_memory_notifier(slab_memory_callback, SLAB_CALLBACK_PRI); |
2602 |
-@@ -3198,18 +3241,18 @@ void __init kmem_cache_init(void) |
2603 |
+@@ -3198,18 +3258,18 @@ void __init kmem_cache_init(void) |
2604 |
/* Caches that are not of the two-to-the-power-of size */ |
2605 |
if (KMALLOC_MIN_SIZE <= 32) { |
2606 |
create_kmalloc_cache(&kmalloc_caches[1], |
2607 |
@@ -101860,7 +102347,28 @@ index 4996fc7..87e01d0 100644 |
2608 |
caches++; |
2609 |
} |
2610 |
|
2611 |
-@@ -3293,7 +3336,7 @@ static int slab_unmergeable(struct kmem_cache *s) |
2612 |
+@@ -3267,6 +3327,20 @@ void __init kmem_cache_init(void) |
2613 |
+ kmem_size = sizeof(struct kmem_cache); |
2614 |
+ #endif |
2615 |
+ |
2616 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
2617 |
++ for (i = 0; i < SLUB_PAGE_SHIFT; i++) { |
2618 |
++ struct kmem_cache *s = &kmalloc_caches[i]; |
2619 |
++ |
2620 |
++ if (s->size) { |
2621 |
++ char *name = kasprintf(GFP_NOWAIT, "kmalloc-usercopy-%d", s->objsize); |
2622 |
++ |
2623 |
++ BUG_ON(!name); |
2624 |
++ create_kmalloc_cache(&kmalloc_caches_usercopy[i], name, |
2625 |
++ s->objsize, GFP_NOWAIT, SLAB_USERCOPY); |
2626 |
++ } |
2627 |
++ } |
2628 |
++#endif |
2629 |
++ |
2630 |
+ printk(KERN_INFO |
2631 |
+ "SLUB: Genslabs=%d, HWalign=%d, Order=%d-%d, MinObjects=%d," |
2632 |
+ " CPUs=%d, Nodes=%d\n", |
2633 |
+@@ -3293,7 +3367,7 @@ static int slab_unmergeable(struct kmem_cache *s) |
2634 |
/* |
2635 |
* We may have set a slab to be unmergeable during bootstrap. |
2636 |
*/ |
2637 |
@@ -101869,7 +102377,7 @@ index 4996fc7..87e01d0 100644 |
2638 |
return 1; |
2639 |
|
2640 |
return 0; |
2641 |
-@@ -3353,7 +3396,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2642 |
+@@ -3353,7 +3427,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2643 |
if (s) { |
2644 |
int cpu; |
2645 |
|
2646 |
@@ -101878,7 +102386,7 @@ index 4996fc7..87e01d0 100644 |
2647 |
/* |
2648 |
* Adjust the object sizes so that we clear |
2649 |
* the complete object on kzalloc. |
2650 |
-@@ -3372,7 +3415,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2651 |
+@@ -3372,7 +3446,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
2652 |
|
2653 |
if (sysfs_slab_alias(s, name)) { |
2654 |
down_write(&slub_lock); |
2655 |
@@ -101887,7 +102395,7 @@ index 4996fc7..87e01d0 100644 |
2656 |
up_write(&slub_lock); |
2657 |
goto err; |
2658 |
} |
2659 |
-@@ -4101,7 +4144,7 @@ SLAB_ATTR_RO(ctor); |
2660 |
+@@ -4101,7 +4175,7 @@ SLAB_ATTR_RO(ctor); |
2661 |
|
2662 |
static ssize_t aliases_show(struct kmem_cache *s, char *buf) |
2663 |
{ |
2664 |
@@ -101896,7 +102404,7 @@ index 4996fc7..87e01d0 100644 |
2665 |
} |
2666 |
SLAB_ATTR_RO(aliases); |
2667 |
|
2668 |
-@@ -4503,7 +4546,7 @@ static void kmem_cache_release(struct kobject *kobj) |
2669 |
+@@ -4503,7 +4577,7 @@ static void kmem_cache_release(struct kobject *kobj) |
2670 |
kfree(s); |
2671 |
} |
2672 |
|
2673 |
@@ -101905,7 +102413,7 @@ index 4996fc7..87e01d0 100644 |
2674 |
.show = slab_attr_show, |
2675 |
.store = slab_attr_store, |
2676 |
}; |
2677 |
-@@ -4522,7 +4565,7 @@ static int uevent_filter(struct kset *kset, struct kobject *kobj) |
2678 |
+@@ -4522,7 +4596,7 @@ static int uevent_filter(struct kset *kset, struct kobject *kobj) |
2679 |
return 0; |
2680 |
} |
2681 |
|
2682 |
@@ -101914,7 +102422,7 @@ index 4996fc7..87e01d0 100644 |
2683 |
.filter = uevent_filter, |
2684 |
}; |
2685 |
|
2686 |
-@@ -4564,6 +4607,7 @@ static char *create_unique_id(struct kmem_cache *s) |
2687 |
+@@ -4564,6 +4638,7 @@ static char *create_unique_id(struct kmem_cache *s) |
2688 |
return name; |
2689 |
} |
2690 |
|
2691 |
@@ -101922,7 +102430,7 @@ index 4996fc7..87e01d0 100644 |
2692 |
static int sysfs_slab_add(struct kmem_cache *s) |
2693 |
{ |
2694 |
int err; |
2695 |
-@@ -4619,6 +4663,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) |
2696 |
+@@ -4619,6 +4694,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) |
2697 |
kobject_del(&s->kobj); |
2698 |
kobject_put(&s->kobj); |
2699 |
} |
2700 |
@@ -101930,7 +102438,7 @@ index 4996fc7..87e01d0 100644 |
2701 |
|
2702 |
/* |
2703 |
* Need to buffer aliases during bootup until sysfs becomes |
2704 |
-@@ -4632,6 +4677,7 @@ struct saved_alias { |
2705 |
+@@ -4632,6 +4708,7 @@ struct saved_alias { |
2706 |
|
2707 |
static struct saved_alias *alias_list; |
2708 |
|
2709 |
@@ -101938,7 +102446,7 @@ index 4996fc7..87e01d0 100644 |
2710 |
static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
2711 |
{ |
2712 |
struct saved_alias *al; |
2713 |
-@@ -4654,6 +4700,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
2714 |
+@@ -4654,6 +4731,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
2715 |
alias_list = al; |
2716 |
return 0; |
2717 |
} |
2718 |
@@ -101946,7 +102454,7 @@ index 4996fc7..87e01d0 100644 |
2719 |
|
2720 |
static int __init slab_sysfs_init(void) |
2721 |
{ |
2722 |
-@@ -4785,7 +4832,13 @@ static const struct file_operations proc_slabinfo_operations = { |
2723 |
+@@ -4785,7 +4863,13 @@ static const struct file_operations proc_slabinfo_operations = { |
2724 |
|
2725 |
static int __init slab_proc_init(void) |
2726 |
{ |
2727 |
@@ -106452,7 +106960,7 @@ index 62a9025..65b82ad 100644 |
2728 |
sprintf(alias, "dmi*"); |
2729 |
|
2730 |
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c |
2731 |
-index 03efeab..f65608f 100644 |
2732 |
+index 03efeab..35e35ff 100644 |
2733 |
--- a/scripts/mod/modpost.c |
2734 |
+++ b/scripts/mod/modpost.c |
2735 |
@@ -764,7 +764,7 @@ static void check_section(const char *modname, struct elf_info *elf, |
2736 |
@@ -106503,12 +107011,12 @@ index 03efeab..f65608f 100644 |
2737 |
"or drop the export.\n", |
2738 |
tosym, sec2annotation(tosec), sec2annotation(tosec), tosym); |
2739 |
+ case DATA_TO_TEXT: |
2740 |
-+/* |
2741 |
++#if 0 |
2742 |
+ fprintf(stderr, |
2743 |
-+ "The variable %s references\n" |
2744 |
-+ "the %s %s%s%s\n", |
2745 |
-+ fromsym, to, sec2annotation(tosec), tosym, to_p); |
2746 |
-+*/ |
2747 |
++ "The %s %s:%s references\n" |
2748 |
++ "the %s %s:%s%s\n", |
2749 |
++ from, fromsec, fromsym, to, tosec, tosym, to_p); |
2750 |
++#endif |
2751 |
+ break; |
2752 |
case NO_MISMATCH: |
2753 |
/* To get warnings on missing members */ |
2754 |
@@ -106647,10 +107155,10 @@ index d52f7a0..b66cdd9 100755 |
2755 |
rm -f tags |
2756 |
xtags ctags |
2757 |
diff --git a/security/Kconfig b/security/Kconfig |
2758 |
-index fb363cd..b6ce7c6 100644 |
2759 |
+index fb363cd..6426142 100644 |
2760 |
--- a/security/Kconfig |
2761 |
+++ b/security/Kconfig |
2762 |
-@@ -4,6 +4,855 @@ |
2763 |
+@@ -4,6 +4,869 @@ |
2764 |
|
2765 |
menu "Security options" |
2766 |
|
2767 |
@@ -106675,6 +107183,9 @@ index fb363cd..b6ce7c6 100644 |
2768 |
+ bool |
2769 |
+ default y if (X86_32 && (MPENTIUM4 || MK8 || MPSC || MCORE2 || MATOM)) |
2770 |
+ |
2771 |
++ config PAX_USERCOPY_SLABS |
2772 |
++ bool |
2773 |
++ |
2774 |
+config GRKERNSEC |
2775 |
+ bool "Grsecurity" |
2776 |
+ select CRYPTO |
2777 |
@@ -106909,13 +107420,12 @@ index fb363cd..b6ce7c6 100644 |
2778 |
+ has been deprecated in favour of PT_PAX_FLAGS and XATTR_PAX_FLAGS |
2779 |
+ support. |
2780 |
+ |
2781 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
2782 |
-+ header and you cannot use XATTR_PAX_FLAGS then you MUST enable this |
2783 |
-+ option otherwise they will not get any protection. |
2784 |
-+ |
2785 |
+ Note that if you enable PT_PAX_FLAGS or XATTR_PAX_FLAGS marking |
2786 |
+ support as well, they will override the legacy EI_PAX marks. |
2787 |
+ |
2788 |
++ If you enable none of the marking options then all applications |
2789 |
++ will run with PaX enabled on them by default. |
2790 |
++ |
2791 |
+config PAX_PT_PAX_FLAGS |
2792 |
+ bool 'Use ELF program header marking' |
2793 |
+ default y if GRKERNSEC_CONFIG_AUTO |
2794 |
@@ -106928,15 +107438,14 @@ index fb363cd..b6ce7c6 100644 |
2795 |
+ integrated into the toolchain (the binutils patch is available |
2796 |
+ from http://pax.grsecurity.net). |
2797 |
+ |
2798 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
2799 |
-+ header then you MUST enable either XATTR_PAX_FLAGS or EI_PAX marking |
2800 |
-+ support otherwise they will not get any protection. |
2801 |
++ Note that if you enable the legacy EI_PAX marking support as well, |
2802 |
++ the EI_PAX marks will be overridden by the PT_PAX_FLAGS marks. |
2803 |
+ |
2804 |
+ If you enable both PT_PAX_FLAGS and XATTR_PAX_FLAGS support then you |
2805 |
+ must make sure that the marks are the same if a binary has both marks. |
2806 |
+ |
2807 |
-+ Note that if you enable the legacy EI_PAX marking support as well, |
2808 |
-+ the EI_PAX marks will be overridden by the PT_PAX_FLAGS marks. |
2809 |
++ If you enable none of the marking options then all applications |
2810 |
++ will run with PaX enabled on them by default. |
2811 |
+ |
2812 |
+config PAX_XATTR_PAX_FLAGS |
2813 |
+ bool 'Use filesystem extended attributes marking' |
2814 |
@@ -106959,15 +107468,14 @@ index fb363cd..b6ce7c6 100644 |
2815 |
+ isofs, squashfs, tmpfs, udf, vfat) so copying files through such |
2816 |
+ filesystems will lose the extended attributes and these PaX markings. |
2817 |
+ |
2818 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
2819 |
-+ header then you MUST enable either XATTR_PAX_FLAGS or EI_PAX marking |
2820 |
-+ support otherwise they will not get any protection. |
2821 |
++ Note that if you enable the legacy EI_PAX marking support as well, |
2822 |
++ the EI_PAX marks will be overridden by the XATTR_PAX_FLAGS marks. |
2823 |
+ |
2824 |
+ If you enable both PT_PAX_FLAGS and XATTR_PAX_FLAGS support then you |
2825 |
+ must make sure that the marks are the same if a binary has both marks. |
2826 |
+ |
2827 |
-+ Note that if you enable the legacy EI_PAX marking support as well, |
2828 |
-+ the EI_PAX marks will be overridden by the XATTR_PAX_FLAGS marks. |
2829 |
++ If you enable none of the marking options then all applications |
2830 |
++ will run with PaX enabled on them by default. |
2831 |
+ |
2832 |
+choice |
2833 |
+ prompt 'MAC system integration' |
2834 |
@@ -107457,6 +107965,7 @@ index fb363cd..b6ce7c6 100644 |
2835 |
+ default y if GRKERNSEC_CONFIG_AUTO |
2836 |
+ depends on X86 || PPC || SPARC || ARM |
2837 |
+ depends on GRKERNSEC && (SLAB || SLUB || SLOB) |
2838 |
++ select PAX_USERCOPY_SLABS |
2839 |
+ help |
2840 |
+ By saying Y here the kernel will enforce the size of heap objects |
2841 |
+ when they are copied in either direction between the kernel and |
2842 |
@@ -107493,6 +108002,19 @@ index fb363cd..b6ce7c6 100644 |
2843 |
+ Homepage: |
2844 |
+ http://www.grsecurity.net/~ephox/overflow_plugin/ |
2845 |
+ |
2846 |
++config PAX_LATENT_ENTROPY |
2847 |
++ bool "Generate some entropy during boot" |
2848 |
++ default y if GRKERNSEC_CONFIG_AUTO |
2849 |
++ help |
2850 |
++ By saying Y here the kernel will instrument early boot code to |
2851 |
++ extract some entropy from both original and artificially created |
2852 |
++ program state. This will help especially embedded systems where |
2853 |
++ there is little 'natural' source of entropy normally. The cost |
2854 |
++ is some slowdown of the boot process. |
2855 |
++ |
2856 |
++ Note that entropy extracted this way is not cryptographically |
2857 |
++ secure! |
2858 |
++ |
2859 |
+endmenu |
2860 |
+ |
2861 |
+endmenu |
2862 |
@@ -107506,7 +108028,7 @@ index fb363cd..b6ce7c6 100644 |
2863 |
config KEYS |
2864 |
bool "Enable access key retention support" |
2865 |
help |
2866 |
-@@ -146,7 +995,7 @@ config INTEL_TXT |
2867 |
+@@ -146,7 +1009,7 @@ config INTEL_TXT |
2868 |
config LSM_MMAP_MIN_ADDR |
2869 |
int "Low address space for LSM to protect from user allocation" |
2870 |
depends on SECURITY && SECURITY_SELINUX |
2871 |
@@ -108798,12 +109320,19 @@ index 79633ea..9732e90 100644 |
2872 |
break; |
2873 |
} |
2874 |
} |
2875 |
+diff --git a/tools/gcc/.gitignore b/tools/gcc/.gitignore |
2876 |
+new file mode 100644 |
2877 |
+index 0000000..50f2f2f |
2878 |
+--- /dev/null |
2879 |
++++ b/tools/gcc/.gitignore |
2880 |
+@@ -0,0 +1 @@ |
2881 |
++size_overflow_hash.h |
2882 |
diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile |
2883 |
new file mode 100644 |
2884 |
-index 0000000..f4f9986 |
2885 |
+index 0000000..1d09b7e |
2886 |
--- /dev/null |
2887 |
+++ b/tools/gcc/Makefile |
2888 |
-@@ -0,0 +1,41 @@ |
2889 |
+@@ -0,0 +1,43 @@ |
2890 |
+#CC := gcc |
2891 |
+#PLUGIN_SOURCE_FILES := pax_plugin.c |
2892 |
+#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) |
2893 |
@@ -108825,6 +109354,7 @@ index 0000000..f4f9986 |
2894 |
+$(HOSTLIBS)-$(CONFIG_CHECKER_PLUGIN) += checker_plugin.so |
2895 |
+$(HOSTLIBS)-y += colorize_plugin.so |
2896 |
+$(HOSTLIBS)-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so |
2897 |
++$(HOSTLIBS)-$(CONFIG_PAX_LATENT_ENTROPY) += latent_entropy_plugin.so |
2898 |
+ |
2899 |
+always := $($(HOSTLIBS)-y) |
2900 |
+ |
2901 |
@@ -108835,6 +109365,7 @@ index 0000000..f4f9986 |
2902 |
+checker_plugin-objs := checker_plugin.o |
2903 |
+colorize_plugin-objs := colorize_plugin.o |
2904 |
+size_overflow_plugin-objs := size_overflow_plugin.o |
2905 |
++latent_entropy_plugin-objs := latent_entropy_plugin.o |
2906 |
+ |
2907 |
+$(obj)/size_overflow_plugin.o: $(objtree)/$(obj)/size_overflow_hash.h |
2908 |
+ |
2909 |
@@ -109024,7 +109555,7 @@ index 0000000..d41b5af |
2910 |
+} |
2911 |
diff --git a/tools/gcc/colorize_plugin.c b/tools/gcc/colorize_plugin.c |
2912 |
new file mode 100644 |
2913 |
-index 0000000..7a5e311 |
2914 |
+index 0000000..846aeb0 |
2915 |
--- /dev/null |
2916 |
+++ b/tools/gcc/colorize_plugin.c |
2917 |
@@ -0,0 +1,148 @@ |
2918 |
@@ -109162,7 +109693,7 @@ index 0000000..7a5e311 |
2919 |
+ struct register_pass_info colorize_rearm_pass_info = { |
2920 |
+ .pass = &pass_ipa_colorize_rearm.pass, |
2921 |
+ .reference_pass_name = "*free_lang_data", |
2922 |
-+ .ref_pass_instance_number = 0, |
2923 |
++ .ref_pass_instance_number = 1, |
2924 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2925 |
+ }; |
2926 |
+ |
2927 |
@@ -109178,7 +109709,7 @@ index 0000000..7a5e311 |
2928 |
+} |
2929 |
diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c |
2930 |
new file mode 100644 |
2931 |
-index 0000000..89b7f56 |
2932 |
+index 0000000..048d4ff |
2933 |
--- /dev/null |
2934 |
+++ b/tools/gcc/constify_plugin.c |
2935 |
@@ -0,0 +1,328 @@ |
2936 |
@@ -109484,7 +110015,7 @@ index 0000000..89b7f56 |
2937 |
+ struct register_pass_info local_variable_pass_info = { |
2938 |
+ .pass = &pass_local_variable.pass, |
2939 |
+ .reference_pass_name = "*referenced_vars", |
2940 |
-+ .ref_pass_instance_number = 0, |
2941 |
++ .ref_pass_instance_number = 1, |
2942 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2943 |
+ }; |
2944 |
+ |
2945 |
@@ -109612,7 +110143,7 @@ index 0000000..a0fe8b2 |
2946 |
+exit 0 |
2947 |
diff --git a/tools/gcc/kallocstat_plugin.c b/tools/gcc/kallocstat_plugin.c |
2948 |
new file mode 100644 |
2949 |
-index 0000000..a5eabce |
2950 |
+index 0000000..a86e422 |
2951 |
--- /dev/null |
2952 |
+++ b/tools/gcc/kallocstat_plugin.c |
2953 |
@@ -0,0 +1,167 @@ |
2954 |
@@ -109769,7 +110300,7 @@ index 0000000..a5eabce |
2955 |
+ struct register_pass_info kallocstat_pass_info = { |
2956 |
+ .pass = &kallocstat_pass.pass, |
2957 |
+ .reference_pass_name = "ssa", |
2958 |
-+ .ref_pass_instance_number = 0, |
2959 |
++ .ref_pass_instance_number = 1, |
2960 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2961 |
+ }; |
2962 |
+ |
2963 |
@@ -109785,7 +110316,7 @@ index 0000000..a5eabce |
2964 |
+} |
2965 |
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c |
2966 |
new file mode 100644 |
2967 |
-index 0000000..d8a8da2 |
2968 |
+index 0000000..98011fa |
2969 |
--- /dev/null |
2970 |
+++ b/tools/gcc/kernexec_plugin.c |
2971 |
@@ -0,0 +1,427 @@ |
2972 |
@@ -110161,19 +110692,19 @@ index 0000000..d8a8da2 |
2973 |
+ struct register_pass_info kernexec_reload_pass_info = { |
2974 |
+ .pass = &kernexec_reload_pass.pass, |
2975 |
+ .reference_pass_name = "ssa", |
2976 |
-+ .ref_pass_instance_number = 0, |
2977 |
++ .ref_pass_instance_number = 1, |
2978 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2979 |
+ }; |
2980 |
+ struct register_pass_info kernexec_fptr_pass_info = { |
2981 |
+ .pass = &kernexec_fptr_pass.pass, |
2982 |
+ .reference_pass_name = "ssa", |
2983 |
-+ .ref_pass_instance_number = 0, |
2984 |
++ .ref_pass_instance_number = 1, |
2985 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2986 |
+ }; |
2987 |
+ struct register_pass_info kernexec_retaddr_pass_info = { |
2988 |
+ .pass = &kernexec_retaddr_pass.pass, |
2989 |
+ .reference_pass_name = "pro_and_epilogue", |
2990 |
-+ .ref_pass_instance_number = 0, |
2991 |
++ .ref_pass_instance_number = 1, |
2992 |
+ .pos_op = PASS_POS_INSERT_AFTER |
2993 |
+ }; |
2994 |
+ |
2995 |
@@ -110216,6 +110747,307 @@ index 0000000..d8a8da2 |
2996 |
+ |
2997 |
+ return 0; |
2998 |
+} |
2999 |
+diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
3000 |
+new file mode 100644 |
3001 |
+index 0000000..b8008f7 |
3002 |
+--- /dev/null |
3003 |
++++ b/tools/gcc/latent_entropy_plugin.c |
3004 |
+@@ -0,0 +1,295 @@ |
3005 |
++/* |
3006 |
++ * Copyright 2012 by the PaX Team <pageexec@××××××××.hu> |
3007 |
++ * Licensed under the GPL v2 |
3008 |
++ * |
3009 |
++ * Note: the choice of the license means that the compilation process is |
3010 |
++ * NOT 'eligible' as defined by gcc's library exception to the GPL v3, |
3011 |
++ * but for the kernel it doesn't matter since it doesn't link against |
3012 |
++ * any of the gcc libraries |
3013 |
++ * |
3014 |
++ * gcc plugin to help generate a little bit of entropy from program state, |
3015 |
++ * used during boot in the kernel |
3016 |
++ * |
3017 |
++ * TODO: |
3018 |
++ * - add ipa pass to identify not explicitly marked candidate functions |
3019 |
++ * - mix in more program state (function arguments/return values, loop variables, etc) |
3020 |
++ * - more instrumentation control via attribute parameters |
3021 |
++ * |
3022 |
++ * BUGS: |
3023 |
++ * - LTO needs -flto-partition=none for now |
3024 |
++ */ |
3025 |
++#include "gcc-plugin.h" |
3026 |
++#include "config.h" |
3027 |
++#include "system.h" |
3028 |
++#include "coretypes.h" |
3029 |
++#include "tree.h" |
3030 |
++#include "tree-pass.h" |
3031 |
++#include "flags.h" |
3032 |
++#include "intl.h" |
3033 |
++#include "toplev.h" |
3034 |
++#include "plugin.h" |
3035 |
++//#include "expr.h" where are you... |
3036 |
++#include "diagnostic.h" |
3037 |
++#include "plugin-version.h" |
3038 |
++#include "tm.h" |
3039 |
++#include "function.h" |
3040 |
++#include "basic-block.h" |
3041 |
++#include "gimple.h" |
3042 |
++#include "rtl.h" |
3043 |
++#include "emit-rtl.h" |
3044 |
++#include "tree-flow.h" |
3045 |
++ |
3046 |
++int plugin_is_GPL_compatible; |
3047 |
++ |
3048 |
++static tree latent_entropy_decl; |
3049 |
++ |
3050 |
++static struct plugin_info latent_entropy_plugin_info = { |
3051 |
++ .version = "201207271820", |
3052 |
++ .help = NULL |
3053 |
++}; |
3054 |
++ |
3055 |
++static unsigned int execute_latent_entropy(void); |
3056 |
++static bool gate_latent_entropy(void); |
3057 |
++ |
3058 |
++static struct gimple_opt_pass latent_entropy_pass = { |
3059 |
++ .pass = { |
3060 |
++ .type = GIMPLE_PASS, |
3061 |
++ .name = "latent_entropy", |
3062 |
++ .gate = gate_latent_entropy, |
3063 |
++ .execute = execute_latent_entropy, |
3064 |
++ .sub = NULL, |
3065 |
++ .next = NULL, |
3066 |
++ .static_pass_number = 0, |
3067 |
++ .tv_id = TV_NONE, |
3068 |
++ .properties_required = PROP_gimple_leh | PROP_cfg, |
3069 |
++ .properties_provided = 0, |
3070 |
++ .properties_destroyed = 0, |
3071 |
++ .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts, |
3072 |
++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa |
3073 |
++ } |
3074 |
++}; |
3075 |
++ |
3076 |
++static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
3077 |
++{ |
3078 |
++ if (TREE_CODE(*node) != FUNCTION_DECL) { |
3079 |
++ *no_add_attrs = true; |
3080 |
++ error("%qE attribute only applies to functions", name); |
3081 |
++ } |
3082 |
++ return NULL_TREE; |
3083 |
++} |
3084 |
++ |
3085 |
++static struct attribute_spec latent_entropy_attr = { |
3086 |
++ .name = "latent_entropy", |
3087 |
++ .min_length = 0, |
3088 |
++ .max_length = 0, |
3089 |
++ .decl_required = true, |
3090 |
++ .type_required = false, |
3091 |
++ .function_type_required = false, |
3092 |
++ .handler = handle_latent_entropy_attribute, |
3093 |
++#if BUILDING_GCC_VERSION >= 4007 |
3094 |
++ .affects_type_identity = false |
3095 |
++#endif |
3096 |
++}; |
3097 |
++ |
3098 |
++static void register_attributes(void *event_data, void *data) |
3099 |
++{ |
3100 |
++ register_attribute(&latent_entropy_attr); |
3101 |
++} |
3102 |
++ |
3103 |
++static bool gate_latent_entropy(void) |
3104 |
++{ |
3105 |
++ tree latent_entropy_attr; |
3106 |
++ |
3107 |
++ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)); |
3108 |
++ return latent_entropy_attr != NULL_TREE; |
3109 |
++} |
3110 |
++ |
3111 |
++static unsigned HOST_WIDE_INT seed; |
3112 |
++static unsigned HOST_WIDE_INT get_random_const(void) |
3113 |
++{ |
3114 |
++ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL); |
3115 |
++ return seed; |
3116 |
++} |
3117 |
++ |
3118 |
++static enum tree_code get_op(tree *rhs) |
3119 |
++{ |
3120 |
++ static enum tree_code op; |
3121 |
++ unsigned HOST_WIDE_INT random_const; |
3122 |
++ |
3123 |
++ random_const = get_random_const(); |
3124 |
++ |
3125 |
++ switch (op) { |
3126 |
++ case BIT_XOR_EXPR: |
3127 |
++ op = PLUS_EXPR; |
3128 |
++ break; |
3129 |
++ |
3130 |
++ case PLUS_EXPR: |
3131 |
++ if (rhs) { |
3132 |
++ op = LROTATE_EXPR; |
3133 |
++ random_const &= HOST_BITS_PER_WIDE_INT - 1; |
3134 |
++ break; |
3135 |
++ } |
3136 |
++ |
3137 |
++ case LROTATE_EXPR: |
3138 |
++ default: |
3139 |
++ op = BIT_XOR_EXPR; |
3140 |
++ break; |
3141 |
++ } |
3142 |
++ if (rhs) |
3143 |
++ *rhs = build_int_cstu(unsigned_intDI_type_node, random_const); |
3144 |
++ return op; |
3145 |
++} |
3146 |
++ |
3147 |
++static void perturb_local_entropy(basic_block bb, tree local_entropy) |
3148 |
++{ |
3149 |
++ gimple_stmt_iterator gsi; |
3150 |
++ gimple assign; |
3151 |
++ tree addxorrol, rhs; |
3152 |
++ enum tree_code op; |
3153 |
++ |
3154 |
++ op = get_op(&rhs); |
3155 |
++ addxorrol = fold_build2_loc(UNKNOWN_LOCATION, op, unsigned_intDI_type_node, local_entropy, rhs); |
3156 |
++ assign = gimple_build_assign(local_entropy, addxorrol); |
3157 |
++ find_referenced_vars_in(assign); |
3158 |
++//debug_bb(bb); |
3159 |
++ gsi = gsi_after_labels(bb); |
3160 |
++ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); |
3161 |
++ update_stmt(assign); |
3162 |
++} |
3163 |
++ |
3164 |
++static void perturb_latent_entropy(basic_block bb, tree rhs) |
3165 |
++{ |
3166 |
++ gimple_stmt_iterator gsi; |
3167 |
++ gimple assign; |
3168 |
++ tree addxorrol, temp; |
3169 |
++ |
3170 |
++ // 1. create temporary copy of latent_entropy |
3171 |
++ temp = create_tmp_var(unsigned_intDI_type_node, "temp_latent_entropy"); |
3172 |
++ add_referenced_var(temp); |
3173 |
++ mark_sym_for_renaming(temp); |
3174 |
++ |
3175 |
++ // 2. read... |
3176 |
++ assign = gimple_build_assign(temp, latent_entropy_decl); |
3177 |
++ find_referenced_vars_in(assign); |
3178 |
++ gsi = gsi_after_labels(bb); |
3179 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
3180 |
++ update_stmt(assign); |
3181 |
++ |
3182 |
++ // 3. ...modify... |
3183 |
++ addxorrol = fold_build2_loc(UNKNOWN_LOCATION, get_op(NULL), unsigned_intDI_type_node, temp, rhs); |
3184 |
++ assign = gimple_build_assign(temp, addxorrol); |
3185 |
++ find_referenced_vars_in(assign); |
3186 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
3187 |
++ update_stmt(assign); |
3188 |
++ |
3189 |
++ // 4. ...write latent_entropy |
3190 |
++ assign = gimple_build_assign(latent_entropy_decl, temp); |
3191 |
++ find_referenced_vars_in(assign); |
3192 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
3193 |
++ update_stmt(assign); |
3194 |
++} |
3195 |
++ |
3196 |
++static unsigned int execute_latent_entropy(void) |
3197 |
++{ |
3198 |
++ basic_block bb; |
3199 |
++ gimple assign; |
3200 |
++ gimple_stmt_iterator gsi; |
3201 |
++ tree local_entropy; |
3202 |
++ |
3203 |
++ if (!latent_entropy_decl) { |
3204 |
++ struct varpool_node *node; |
3205 |
++ |
3206 |
++ for (node = varpool_nodes; node; node = node->next) { |
3207 |
++ tree var = node->decl; |
3208 |
++ if (strcmp(IDENTIFIER_POINTER(DECL_NAME(var)), "latent_entropy")) |
3209 |
++ continue; |
3210 |
++ latent_entropy_decl = var; |
3211 |
++// debug_tree(var); |
3212 |
++ break; |
3213 |
++ } |
3214 |
++ if (!latent_entropy_decl) { |
3215 |
++// debug_tree(current_function_decl); |
3216 |
++ return 0; |
3217 |
++ } |
3218 |
++ } |
3219 |
++ |
3220 |
++//fprintf(stderr, "latent_entropy: %s\n", IDENTIFIER_POINTER(DECL_NAME(current_function_decl))); |
3221 |
++ |
3222 |
++ // 1. create local entropy variable |
3223 |
++ local_entropy = create_tmp_var(unsigned_intDI_type_node, "local_entropy"); |
3224 |
++ add_referenced_var(local_entropy); |
3225 |
++ mark_sym_for_renaming(local_entropy); |
3226 |
++ |
3227 |
++ // 2. initialize local entropy variable |
3228 |
++ bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest; |
3229 |
++ if (dom_info_available_p(CDI_DOMINATORS)) |
3230 |
++ set_immediate_dominator(CDI_DOMINATORS, bb, ENTRY_BLOCK_PTR); |
3231 |
++ gsi = gsi_start_bb(bb); |
3232 |
++ |
3233 |
++ assign = gimple_build_assign(local_entropy, build_int_cstu(unsigned_intDI_type_node, get_random_const())); |
3234 |
++// gimple_set_location(assign, loc); |
3235 |
++ find_referenced_vars_in(assign); |
3236 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
3237 |
++ update_stmt(assign); |
3238 |
++ bb = bb->next_bb; |
3239 |
++ |
3240 |
++ // 3. instrument each BB with an operation on the local entropy variable |
3241 |
++ while (bb != EXIT_BLOCK_PTR) { |
3242 |
++ perturb_local_entropy(bb, local_entropy); |
3243 |
++ bb = bb->next_bb; |
3244 |
++ }; |
3245 |
++ |
3246 |
++ // 4. mix local entropy into the global entropy variable |
3247 |
++ perturb_latent_entropy(EXIT_BLOCK_PTR->prev_bb, local_entropy); |
3248 |
++ return 0; |
3249 |
++} |
3250 |
++ |
3251 |
++static void start_unit_callback(void *gcc_data, void *user_data) |
3252 |
++{ |
3253 |
++#if BUILDING_GCC_VERSION >= 4007 |
3254 |
++ seed = get_random_seed(false); |
3255 |
++#else |
3256 |
++ sscanf(get_random_seed(false), "%" HOST_WIDE_INT_PRINT "x", &seed); |
3257 |
++ seed *= seed; |
3258 |
++#endif |
3259 |
++ |
3260 |
++ if (in_lto_p) |
3261 |
++ return; |
3262 |
++ |
3263 |
++ // extern u64 latent_entropy |
3264 |
++ latent_entropy_decl = build_decl(UNKNOWN_LOCATION, VAR_DECL, get_identifier("latent_entropy"), unsigned_intDI_type_node); |
3265 |
++ |
3266 |
++ TREE_STATIC(latent_entropy_decl) = 1; |
3267 |
++ TREE_PUBLIC(latent_entropy_decl) = 1; |
3268 |
++ TREE_USED(latent_entropy_decl) = 1; |
3269 |
++ TREE_THIS_VOLATILE(latent_entropy_decl) = 1; |
3270 |
++ DECL_EXTERNAL(latent_entropy_decl) = 1; |
3271 |
++ DECL_ARTIFICIAL(latent_entropy_decl) = 0; |
3272 |
++ DECL_INITIAL(latent_entropy_decl) = NULL; |
3273 |
++// DECL_ASSEMBLER_NAME(latent_entropy_decl); |
3274 |
++// varpool_finalize_decl(latent_entropy_decl); |
3275 |
++// varpool_mark_needed_node(latent_entropy_decl); |
3276 |
++} |
3277 |
++ |
3278 |
++int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) |
3279 |
++{ |
3280 |
++ const char * const plugin_name = plugin_info->base_name; |
3281 |
++ struct register_pass_info latent_entropy_pass_info = { |
3282 |
++ .pass = &latent_entropy_pass.pass, |
3283 |
++ .reference_pass_name = "optimized", |
3284 |
++ .ref_pass_instance_number = 1, |
3285 |
++ .pos_op = PASS_POS_INSERT_BEFORE |
3286 |
++ }; |
3287 |
++ |
3288 |
++ if (!plugin_default_version_check(version, &gcc_version)) { |
3289 |
++ error(G_("incompatible gcc/plugin versions")); |
3290 |
++ return 1; |
3291 |
++ } |
3292 |
++ |
3293 |
++ register_callback(plugin_name, PLUGIN_INFO, NULL, &latent_entropy_plugin_info); |
3294 |
++ register_callback ("start_unit", PLUGIN_START_UNIT, &start_unit_callback, NULL); |
3295 |
++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &latent_entropy_pass_info); |
3296 |
++ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); |
3297 |
++ |
3298 |
++ return 0; |
3299 |
++} |
3300 |
diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data |
3301 |
new file mode 100644 |
3302 |
index 0000000..eb35e4a |
3303 |
@@ -113285,7 +114117,7 @@ index 0000000..cc96254 |
3304 |
+} |
3305 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
3306 |
new file mode 100644 |
3307 |
-index 0000000..b87ec9d |
3308 |
+index 0000000..38d2014 |
3309 |
--- /dev/null |
3310 |
+++ b/tools/gcc/stackleak_plugin.c |
3311 |
@@ -0,0 +1,313 @@ |
3312 |
@@ -113558,13 +114390,13 @@ index 0000000..b87ec9d |
3313 |
+ .pass = &stackleak_tree_instrument_pass.pass, |
3314 |
+// .reference_pass_name = "tree_profile", |
3315 |
+ .reference_pass_name = "optimized", |
3316 |
-+ .ref_pass_instance_number = 0, |
3317 |
++ .ref_pass_instance_number = 1, |
3318 |
+ .pos_op = PASS_POS_INSERT_BEFORE |
3319 |
+ }; |
3320 |
+ struct register_pass_info stackleak_final_pass_info = { |
3321 |
+ .pass = &stackleak_final_rtl_opt_pass.pass, |
3322 |
+ .reference_pass_name = "final", |
3323 |
-+ .ref_pass_instance_number = 0, |
3324 |
++ .ref_pass_instance_number = 1, |
3325 |
+ .pos_op = PASS_POS_INSERT_BEFORE |
3326 |
+ }; |
3327 |
+ |
3328 |
|
3329 |
diff --git a/2.6.32/4450_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch |
3330 |
index 3bf6bd2..e7b920b 100644 |
3331 |
--- a/2.6.32/4450_grsec-kconfig-default-gids.patch |
3332 |
+++ b/2.6.32/4450_grsec-kconfig-default-gids.patch |
3333 |
@@ -73,7 +73,7 @@ diff -Nuar a/grsecurity/Kconfig b/Kconfig |
3334 |
diff -Nuar a/security/Kconfig b/security/Kconfig |
3335 |
--- a/security/Kconfig 2012-07-01 12:51:41.000000000 -0400 |
3336 |
+++ b/security/Kconfig 2012-07-01 13:00:23.000000000 -0400 |
3337 |
-@@ -187,7 +187,7 @@ |
3338 |
+@@ -190,7 +190,7 @@ |
3339 |
|
3340 |
config GRKERNSEC_PROC_GID |
3341 |
int "GID exempted from /proc restrictions" |
3342 |
|
3343 |
diff --git a/3.2.23/0000_README b/3.2.24/0000_README |
3344 |
similarity index 91% |
3345 |
rename from 3.2.23/0000_README |
3346 |
rename to 3.2.24/0000_README |
3347 |
index 998a3bc..51bc4a5 100644 |
3348 |
--- a/3.2.23/0000_README |
3349 |
+++ b/3.2.24/0000_README |
3350 |
@@ -10,7 +10,11 @@ Patch: 1022_linux-3.2.23.patch |
3351 |
From: http://www.kernel.org |
3352 |
Desc: Linux 3.2.23 |
3353 |
|
3354 |
-Patch: 4420_grsecurity-2.9.1-3.2.23-201207242236.patch |
3355 |
+Patch: 1023_linux-3.2.24.patch |
3356 |
+From: http://www.kernel.org |
3357 |
+Desc: Linux 3.2.24 |
3358 |
+ |
3359 |
+Patch: 4420_grsecurity-2.9.1-3.2.24-201207281946.patch |
3360 |
From: http://www.grsecurity.net |
3361 |
Desc: hardened-sources base patch from upstream grsecurity |
3362 |
|
3363 |
|
3364 |
diff --git a/3.2.23/1021_linux-3.2.22.patch b/3.2.24/1021_linux-3.2.22.patch |
3365 |
similarity index 100% |
3366 |
rename from 3.2.23/1021_linux-3.2.22.patch |
3367 |
rename to 3.2.24/1021_linux-3.2.22.patch |
3368 |
|
3369 |
diff --git a/3.2.23/1022_linux-3.2.23.patch b/3.2.24/1022_linux-3.2.23.patch |
3370 |
similarity index 100% |
3371 |
rename from 3.2.23/1022_linux-3.2.23.patch |
3372 |
rename to 3.2.24/1022_linux-3.2.23.patch |
3373 |
|
3374 |
diff --git a/3.2.24/1023_linux-3.2.24.patch b/3.2.24/1023_linux-3.2.24.patch |
3375 |
new file mode 100644 |
3376 |
index 0000000..4692eb4 |
3377 |
--- /dev/null |
3378 |
+++ b/3.2.24/1023_linux-3.2.24.patch |
3379 |
@@ -0,0 +1,4684 @@ |
3380 |
+diff --git a/Makefile b/Makefile |
3381 |
+index 40d1e3b..80bb4fd 100644 |
3382 |
+--- a/Makefile |
3383 |
++++ b/Makefile |
3384 |
+@@ -1,6 +1,6 @@ |
3385 |
+ VERSION = 3 |
3386 |
+ PATCHLEVEL = 2 |
3387 |
+-SUBLEVEL = 23 |
3388 |
++SUBLEVEL = 24 |
3389 |
+ EXTRAVERSION = |
3390 |
+ NAME = Saber-toothed Squirrel |
3391 |
+ |
3392 |
+diff --git a/arch/arm/plat-samsung/adc.c b/arch/arm/plat-samsung/adc.c |
3393 |
+index 33ecd0c..b1e05cc 100644 |
3394 |
+--- a/arch/arm/plat-samsung/adc.c |
3395 |
++++ b/arch/arm/plat-samsung/adc.c |
3396 |
+@@ -157,11 +157,13 @@ int s3c_adc_start(struct s3c_adc_client *client, |
3397 |
+ return -EINVAL; |
3398 |
+ } |
3399 |
+ |
3400 |
+- if (client->is_ts && adc->ts_pend) |
3401 |
+- return -EAGAIN; |
3402 |
+- |
3403 |
+ spin_lock_irqsave(&adc->lock, flags); |
3404 |
+ |
3405 |
++ if (client->is_ts && adc->ts_pend) { |
3406 |
++ spin_unlock_irqrestore(&adc->lock, flags); |
3407 |
++ return -EAGAIN; |
3408 |
++ } |
3409 |
++ |
3410 |
+ client->channel = channel; |
3411 |
+ client->nr_samples = nr_samples; |
3412 |
+ |
3413 |
+diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h |
3414 |
+index 97f8bf6..adda036 100644 |
3415 |
+--- a/arch/mips/include/asm/thread_info.h |
3416 |
++++ b/arch/mips/include/asm/thread_info.h |
3417 |
+@@ -60,6 +60,8 @@ struct thread_info { |
3418 |
+ register struct thread_info *__current_thread_info __asm__("$28"); |
3419 |
+ #define current_thread_info() __current_thread_info |
3420 |
+ |
3421 |
++#endif /* !__ASSEMBLY__ */ |
3422 |
++ |
3423 |
+ /* thread information allocation */ |
3424 |
+ #if defined(CONFIG_PAGE_SIZE_4KB) && defined(CONFIG_32BIT) |
3425 |
+ #define THREAD_SIZE_ORDER (1) |
3426 |
+@@ -97,8 +99,6 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
3427 |
+ |
3428 |
+ #define free_thread_info(info) kfree(info) |
3429 |
+ |
3430 |
+-#endif /* !__ASSEMBLY__ */ |
3431 |
+- |
3432 |
+ #define PREEMPT_ACTIVE 0x10000000 |
3433 |
+ |
3434 |
+ /* |
3435 |
+diff --git a/arch/mips/kernel/vmlinux.lds.S b/arch/mips/kernel/vmlinux.lds.S |
3436 |
+index a81176f..be281c6 100644 |
3437 |
+--- a/arch/mips/kernel/vmlinux.lds.S |
3438 |
++++ b/arch/mips/kernel/vmlinux.lds.S |
3439 |
+@@ -1,5 +1,6 @@ |
3440 |
+ #include <asm/asm-offsets.h> |
3441 |
+ #include <asm/page.h> |
3442 |
++#include <asm/thread_info.h> |
3443 |
+ #include <asm-generic/vmlinux.lds.h> |
3444 |
+ |
3445 |
+ #undef mips |
3446 |
+@@ -73,7 +74,7 @@ SECTIONS |
3447 |
+ .data : { /* Data */ |
3448 |
+ . = . + DATAOFFSET; /* for CONFIG_MAPPED_KERNEL */ |
3449 |
+ |
3450 |
+- INIT_TASK_DATA(PAGE_SIZE) |
3451 |
++ INIT_TASK_DATA(THREAD_SIZE) |
3452 |
+ NOSAVE_DATA |
3453 |
+ CACHELINE_ALIGNED_DATA(1 << CONFIG_MIPS_L1_CACHE_SHIFT) |
3454 |
+ READ_MOSTLY_DATA(1 << CONFIG_MIPS_L1_CACHE_SHIFT) |
3455 |
+diff --git a/arch/powerpc/include/asm/cputime.h b/arch/powerpc/include/asm/cputime.h |
3456 |
+index 98b7c4b..fa3f921 100644 |
3457 |
+--- a/arch/powerpc/include/asm/cputime.h |
3458 |
++++ b/arch/powerpc/include/asm/cputime.h |
3459 |
+@@ -126,11 +126,11 @@ static inline u64 cputime64_to_jiffies64(const cputime_t ct) |
3460 |
+ /* |
3461 |
+ * Convert cputime <-> microseconds |
3462 |
+ */ |
3463 |
+-extern u64 __cputime_msec_factor; |
3464 |
++extern u64 __cputime_usec_factor; |
3465 |
+ |
3466 |
+ static inline unsigned long cputime_to_usecs(const cputime_t ct) |
3467 |
+ { |
3468 |
+- return mulhdu(ct, __cputime_msec_factor) * USEC_PER_MSEC; |
3469 |
++ return mulhdu(ct, __cputime_usec_factor); |
3470 |
+ } |
3471 |
+ |
3472 |
+ static inline cputime_t usecs_to_cputime(const unsigned long us) |
3473 |
+@@ -143,7 +143,7 @@ static inline cputime_t usecs_to_cputime(const unsigned long us) |
3474 |
+ sec = us / 1000000; |
3475 |
+ if (ct) { |
3476 |
+ ct *= tb_ticks_per_sec; |
3477 |
+- do_div(ct, 1000); |
3478 |
++ do_div(ct, 1000000); |
3479 |
+ } |
3480 |
+ if (sec) |
3481 |
+ ct += (cputime_t) sec * tb_ticks_per_sec; |
3482 |
+diff --git a/arch/powerpc/kernel/time.c b/arch/powerpc/kernel/time.c |
3483 |
+index 5db163c..ec8affe 100644 |
3484 |
+--- a/arch/powerpc/kernel/time.c |
3485 |
++++ b/arch/powerpc/kernel/time.c |
3486 |
+@@ -168,13 +168,13 @@ EXPORT_SYMBOL_GPL(ppc_tb_freq); |
3487 |
+ #ifdef CONFIG_VIRT_CPU_ACCOUNTING |
3488 |
+ /* |
3489 |
+ * Factors for converting from cputime_t (timebase ticks) to |
3490 |
+- * jiffies, milliseconds, seconds, and clock_t (1/USER_HZ seconds). |
3491 |
++ * jiffies, microseconds, seconds, and clock_t (1/USER_HZ seconds). |
3492 |
+ * These are all stored as 0.64 fixed-point binary fractions. |
3493 |
+ */ |
3494 |
+ u64 __cputime_jiffies_factor; |
3495 |
+ EXPORT_SYMBOL(__cputime_jiffies_factor); |
3496 |
+-u64 __cputime_msec_factor; |
3497 |
+-EXPORT_SYMBOL(__cputime_msec_factor); |
3498 |
++u64 __cputime_usec_factor; |
3499 |
++EXPORT_SYMBOL(__cputime_usec_factor); |
3500 |
+ u64 __cputime_sec_factor; |
3501 |
+ EXPORT_SYMBOL(__cputime_sec_factor); |
3502 |
+ u64 __cputime_clockt_factor; |
3503 |
+@@ -192,8 +192,8 @@ static void calc_cputime_factors(void) |
3504 |
+ |
3505 |
+ div128_by_32(HZ, 0, tb_ticks_per_sec, &res); |
3506 |
+ __cputime_jiffies_factor = res.result_low; |
3507 |
+- div128_by_32(1000, 0, tb_ticks_per_sec, &res); |
3508 |
+- __cputime_msec_factor = res.result_low; |
3509 |
++ div128_by_32(1000000, 0, tb_ticks_per_sec, &res); |
3510 |
++ __cputime_usec_factor = res.result_low; |
3511 |
+ div128_by_32(1, 0, tb_ticks_per_sec, &res); |
3512 |
+ __cputime_sec_factor = res.result_low; |
3513 |
+ div128_by_32(USER_HZ, 0, tb_ticks_per_sec, &res); |
3514 |
+diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c |
3515 |
+index 4558f0d..479d03c 100644 |
3516 |
+--- a/arch/x86/kernel/acpi/boot.c |
3517 |
++++ b/arch/x86/kernel/acpi/boot.c |
3518 |
+@@ -416,12 +416,14 @@ acpi_parse_int_src_ovr(struct acpi_subtable_header * header, |
3519 |
+ return 0; |
3520 |
+ } |
3521 |
+ |
3522 |
+- if (intsrc->source_irq == 0 && intsrc->global_irq == 2) { |
3523 |
++ if (intsrc->source_irq == 0) { |
3524 |
+ if (acpi_skip_timer_override) { |
3525 |
+- printk(PREFIX "BIOS IRQ0 pin2 override ignored.\n"); |
3526 |
++ printk(PREFIX "BIOS IRQ0 override ignored.\n"); |
3527 |
+ return 0; |
3528 |
+ } |
3529 |
+- if (acpi_fix_pin2_polarity && (intsrc->inti_flags & ACPI_MADT_POLARITY_MASK)) { |
3530 |
++ |
3531 |
++ if ((intsrc->global_irq == 2) && acpi_fix_pin2_polarity |
3532 |
++ && (intsrc->inti_flags & ACPI_MADT_POLARITY_MASK)) { |
3533 |
+ intsrc->inti_flags &= ~ACPI_MADT_POLARITY_MASK; |
3534 |
+ printk(PREFIX "BIOS IRQ0 pin2 override: forcing polarity to high active.\n"); |
3535 |
+ } |
3536 |
+@@ -1327,17 +1329,12 @@ static int __init dmi_disable_acpi(const struct dmi_system_id *d) |
3537 |
+ } |
3538 |
+ |
3539 |
+ /* |
3540 |
+- * Force ignoring BIOS IRQ0 pin2 override |
3541 |
++ * Force ignoring BIOS IRQ0 override |
3542 |
+ */ |
3543 |
+ static int __init dmi_ignore_irq0_timer_override(const struct dmi_system_id *d) |
3544 |
+ { |
3545 |
+- /* |
3546 |
+- * The ati_ixp4x0_rev() early PCI quirk should have set |
3547 |
+- * the acpi_skip_timer_override flag already: |
3548 |
+- */ |
3549 |
+ if (!acpi_skip_timer_override) { |
3550 |
+- WARN(1, KERN_ERR "ati_ixp4x0 quirk not complete.\n"); |
3551 |
+- pr_notice("%s detected: Ignoring BIOS IRQ0 pin2 override\n", |
3552 |
++ pr_notice("%s detected: Ignoring BIOS IRQ0 override\n", |
3553 |
+ d->ident); |
3554 |
+ acpi_skip_timer_override = 1; |
3555 |
+ } |
3556 |
+@@ -1431,7 +1428,7 @@ static struct dmi_system_id __initdata acpi_dmi_table_late[] = { |
3557 |
+ * is enabled. This input is incorrectly designated the |
3558 |
+ * ISA IRQ 0 via an interrupt source override even though |
3559 |
+ * it is wired to the output of the master 8259A and INTIN0 |
3560 |
+- * is not connected at all. Force ignoring BIOS IRQ0 pin2 |
3561 |
++ * is not connected at all. Force ignoring BIOS IRQ0 |
3562 |
+ * override in that cases. |
3563 |
+ */ |
3564 |
+ { |
3565 |
+@@ -1466,6 +1463,14 @@ static struct dmi_system_id __initdata acpi_dmi_table_late[] = { |
3566 |
+ DMI_MATCH(DMI_PRODUCT_NAME, "HP Compaq 6715b"), |
3567 |
+ }, |
3568 |
+ }, |
3569 |
++ { |
3570 |
++ .callback = dmi_ignore_irq0_timer_override, |
3571 |
++ .ident = "FUJITSU SIEMENS", |
3572 |
++ .matches = { |
3573 |
++ DMI_MATCH(DMI_SYS_VENDOR, "FUJITSU SIEMENS"), |
3574 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "AMILO PRO V2030"), |
3575 |
++ }, |
3576 |
++ }, |
3577 |
+ {} |
3578 |
+ }; |
3579 |
+ |
3580 |
+diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c |
3581 |
+index 37a458b..e61f79c 100644 |
3582 |
+--- a/arch/x86/kernel/reboot.c |
3583 |
++++ b/arch/x86/kernel/reboot.c |
3584 |
+@@ -460,6 +460,14 @@ static struct dmi_system_id __initdata pci_reboot_dmi_table[] = { |
3585 |
+ DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 990"), |
3586 |
+ }, |
3587 |
+ }, |
3588 |
++ { /* Handle problems with rebooting on the Precision M6600. */ |
3589 |
++ .callback = set_pci_reboot, |
3590 |
++ .ident = "Dell OptiPlex 990", |
3591 |
++ .matches = { |
3592 |
++ DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."), |
3593 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "Precision M6600"), |
3594 |
++ }, |
3595 |
++ }, |
3596 |
+ { } |
3597 |
+ }; |
3598 |
+ |
3599 |
+diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c |
3600 |
+index 688be8a..9e76a32 100644 |
3601 |
+--- a/block/scsi_ioctl.c |
3602 |
++++ b/block/scsi_ioctl.c |
3603 |
+@@ -721,11 +721,14 @@ int scsi_verify_blk_ioctl(struct block_device *bd, unsigned int cmd) |
3604 |
+ break; |
3605 |
+ } |
3606 |
+ |
3607 |
++ if (capable(CAP_SYS_RAWIO)) |
3608 |
++ return 0; |
3609 |
++ |
3610 |
+ /* In particular, rule out all resets and host-specific ioctls. */ |
3611 |
+ printk_ratelimited(KERN_WARNING |
3612 |
+ "%s: sending ioctl %x to a partition!\n", current->comm, cmd); |
3613 |
+ |
3614 |
+- return capable(CAP_SYS_RAWIO) ? 0 : -ENOTTY; |
3615 |
++ return -ENOTTY; |
3616 |
+ } |
3617 |
+ EXPORT_SYMBOL(scsi_verify_blk_ioctl); |
3618 |
+ |
3619 |
+diff --git a/drivers/acpi/processor_core.c b/drivers/acpi/processor_core.c |
3620 |
+index c850de4..eff7222 100644 |
3621 |
+--- a/drivers/acpi/processor_core.c |
3622 |
++++ b/drivers/acpi/processor_core.c |
3623 |
+@@ -189,10 +189,12 @@ int acpi_get_cpuid(acpi_handle handle, int type, u32 acpi_id) |
3624 |
+ * Processor (CPU3, 0x03, 0x00000410, 0x06) {} |
3625 |
+ * } |
3626 |
+ * |
3627 |
+- * Ignores apic_id and always return 0 for CPU0's handle. |
3628 |
++ * Ignores apic_id and always returns 0 for the processor |
3629 |
++ * handle with acpi id 0 if nr_cpu_ids is 1. |
3630 |
++ * This should be the case if SMP tables are not found. |
3631 |
+ * Return -1 for other CPU's handle. |
3632 |
+ */ |
3633 |
+- if (acpi_id == 0) |
3634 |
++ if (nr_cpu_ids <= 1 && acpi_id == 0) |
3635 |
+ return acpi_id; |
3636 |
+ else |
3637 |
+ return apic_id; |
3638 |
+diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c |
3639 |
+index ca191ff..ed6bc52 100644 |
3640 |
+--- a/drivers/acpi/sleep.c |
3641 |
++++ b/drivers/acpi/sleep.c |
3642 |
+@@ -702,8 +702,8 @@ int acpi_pm_device_sleep_state(struct device *dev, int *d_min_p) |
3643 |
+ * can wake the system. _S0W may be valid, too. |
3644 |
+ */ |
3645 |
+ if (acpi_target_sleep_state == ACPI_STATE_S0 || |
3646 |
+- (device_may_wakeup(dev) && |
3647 |
+- adev->wakeup.sleep_state <= acpi_target_sleep_state)) { |
3648 |
++ (device_may_wakeup(dev) && adev->wakeup.flags.valid && |
3649 |
++ adev->wakeup.sleep_state >= acpi_target_sleep_state)) { |
3650 |
+ acpi_status status; |
3651 |
+ |
3652 |
+ acpi_method[3] = 'W'; |
3653 |
+diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c |
3654 |
+index 9f66181..240a244 100644 |
3655 |
+--- a/drivers/acpi/sysfs.c |
3656 |
++++ b/drivers/acpi/sysfs.c |
3657 |
+@@ -173,7 +173,7 @@ static int param_set_trace_state(const char *val, struct kernel_param *kp) |
3658 |
+ { |
3659 |
+ int result = 0; |
3660 |
+ |
3661 |
+- if (!strncmp(val, "enable", strlen("enable") - 1)) { |
3662 |
++ if (!strncmp(val, "enable", strlen("enable"))) { |
3663 |
+ result = acpi_debug_trace(trace_method_name, trace_debug_level, |
3664 |
+ trace_debug_layer, 0); |
3665 |
+ if (result) |
3666 |
+@@ -181,7 +181,7 @@ static int param_set_trace_state(const char *val, struct kernel_param *kp) |
3667 |
+ goto exit; |
3668 |
+ } |
3669 |
+ |
3670 |
+- if (!strncmp(val, "disable", strlen("disable") - 1)) { |
3671 |
++ if (!strncmp(val, "disable", strlen("disable"))) { |
3672 |
+ int name = 0; |
3673 |
+ result = acpi_debug_trace((char *)&name, trace_debug_level, |
3674 |
+ trace_debug_layer, 0); |
3675 |
+diff --git a/drivers/gpio/gpio-wm8994.c b/drivers/gpio/gpio-wm8994.c |
3676 |
+index 96198f3..a2da8f2 100644 |
3677 |
+--- a/drivers/gpio/gpio-wm8994.c |
3678 |
++++ b/drivers/gpio/gpio-wm8994.c |
3679 |
+@@ -89,8 +89,11 @@ static int wm8994_gpio_direction_out(struct gpio_chip *chip, |
3680 |
+ struct wm8994_gpio *wm8994_gpio = to_wm8994_gpio(chip); |
3681 |
+ struct wm8994 *wm8994 = wm8994_gpio->wm8994; |
3682 |
+ |
3683 |
++ if (value) |
3684 |
++ value = WM8994_GPN_LVL; |
3685 |
++ |
3686 |
+ return wm8994_set_bits(wm8994, WM8994_GPIO_1 + offset, |
3687 |
+- WM8994_GPN_DIR, 0); |
3688 |
++ WM8994_GPN_DIR | WM8994_GPN_LVL, value); |
3689 |
+ } |
3690 |
+ |
3691 |
+ static void wm8994_gpio_set(struct gpio_chip *chip, unsigned offset, int value) |
3692 |
+diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c |
3693 |
+index 6aa7716..cc75c4b 100644 |
3694 |
+--- a/drivers/gpu/drm/i915/intel_display.c |
3695 |
++++ b/drivers/gpu/drm/i915/intel_display.c |
3696 |
+@@ -8043,8 +8043,8 @@ void gen6_enable_rps(struct drm_i915_private *dev_priv) |
3697 |
+ I915_WRITE(GEN6_RC6pp_THRESHOLD, 64000); /* unused */ |
3698 |
+ |
3699 |
+ if (intel_enable_rc6(dev_priv->dev)) |
3700 |
+- rc6_mask = GEN6_RC_CTL_RC6p_ENABLE | |
3701 |
+- GEN6_RC_CTL_RC6_ENABLE; |
3702 |
++ rc6_mask = GEN6_RC_CTL_RC6_ENABLE | |
3703 |
++ ((IS_GEN7(dev_priv->dev)) ? GEN6_RC_CTL_RC6p_ENABLE : 0); |
3704 |
+ |
3705 |
+ I915_WRITE(GEN6_RC_CONTROL, |
3706 |
+ rc6_mask | |
3707 |
+diff --git a/drivers/hid/hid-apple.c b/drivers/hid/hid-apple.c |
3708 |
+index 299d238..899c712 100644 |
3709 |
+--- a/drivers/hid/hid-apple.c |
3710 |
++++ b/drivers/hid/hid-apple.c |
3711 |
+@@ -514,6 +514,12 @@ static const struct hid_device_id apple_devices[] = { |
3712 |
+ .driver_data = APPLE_HAS_FN | APPLE_ISO_KEYBOARD }, |
3713 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING5A_JIS), |
3714 |
+ .driver_data = APPLE_HAS_FN | APPLE_RDESC_JIS }, |
3715 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI), |
3716 |
++ .driver_data = APPLE_HAS_FN }, |
3717 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ISO), |
3718 |
++ .driver_data = APPLE_HAS_FN | APPLE_ISO_KEYBOARD }, |
3719 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_JIS), |
3720 |
++ .driver_data = APPLE_HAS_FN | APPLE_RDESC_JIS }, |
3721 |
+ { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ANSI), |
3722 |
+ .driver_data = APPLE_NUMLOCK_EMULATION | APPLE_HAS_FN }, |
3723 |
+ { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ISO), |
3724 |
+diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c |
3725 |
+index c27b402..95430a0 100644 |
3726 |
+--- a/drivers/hid/hid-core.c |
3727 |
++++ b/drivers/hid/hid-core.c |
3728 |
+@@ -1374,6 +1374,9 @@ static const struct hid_device_id hid_have_special_driver[] = { |
3729 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_ANSI) }, |
3730 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_ISO) }, |
3731 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_JIS) }, |
3732 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI) }, |
3733 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ISO) }, |
3734 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_JIS) }, |
3735 |
+ { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ANSI) }, |
3736 |
+ { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ISO) }, |
3737 |
+ { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_JIS) }, |
3738 |
+@@ -1884,6 +1887,7 @@ static const struct hid_device_id hid_ignore_list[] = { |
3739 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_LD, USB_DEVICE_ID_LD_MCT) }, |
3740 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_LD, USB_DEVICE_ID_LD_HYBRID) }, |
3741 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_LD, USB_DEVICE_ID_LD_HEATCONTROL) }, |
3742 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_MADCATZ, USB_DEVICE_ID_MADCATZ_BEATPAD) }, |
3743 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_MCC, USB_DEVICE_ID_MCC_PMD1024LS) }, |
3744 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_MCC, USB_DEVICE_ID_MCC_PMD1208LS) }, |
3745 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_MICROCHIP, USB_DEVICE_ID_PICKIT1) }, |
3746 |
+@@ -1968,6 +1972,9 @@ static const struct hid_device_id hid_mouse_ignore_list[] = { |
3747 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_ANSI) }, |
3748 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_ISO) }, |
3749 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING6A_JIS) }, |
3750 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI) }, |
3751 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_ISO) }, |
3752 |
++ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING7_JIS) }, |
3753 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_FOUNTAIN_TP_ONLY) }, |
3754 |
+ { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_GEYSER1_TP_ONLY) }, |
3755 |
+ { } |
3756 |
+diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h |
3757 |
+index fba3fc4..7db934d 100644 |
3758 |
+--- a/drivers/hid/hid-ids.h |
3759 |
++++ b/drivers/hid/hid-ids.h |
3760 |
+@@ -125,6 +125,9 @@ |
3761 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING6_ANSI 0x024c |
3762 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING6_ISO 0x024d |
3763 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING6_JIS 0x024e |
3764 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI 0x0262 |
3765 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_ISO 0x0263 |
3766 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_JIS 0x0264 |
3767 |
+ #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ANSI 0x0239 |
3768 |
+ #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_ISO 0x023a |
3769 |
+ #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2009_JIS 0x023b |
3770 |
+@@ -491,6 +494,9 @@ |
3771 |
+ #define USB_DEVICE_ID_CRYSTALTOUCH 0x0006 |
3772 |
+ #define USB_DEVICE_ID_CRYSTALTOUCH_DUAL 0x0007 |
3773 |
+ |
3774 |
++#define USB_VENDOR_ID_MADCATZ 0x0738 |
3775 |
++#define USB_DEVICE_ID_MADCATZ_BEATPAD 0x4540 |
3776 |
++ |
3777 |
+ #define USB_VENDOR_ID_MCC 0x09db |
3778 |
+ #define USB_DEVICE_ID_MCC_PMD1024LS 0x0076 |
3779 |
+ #define USB_DEVICE_ID_MCC_PMD1208LS 0x007a |
3780 |
+diff --git a/drivers/hwmon/it87.c b/drivers/hwmon/it87.c |
3781 |
+index d912649..1ba7af2 100644 |
3782 |
+--- a/drivers/hwmon/it87.c |
3783 |
++++ b/drivers/hwmon/it87.c |
3784 |
+@@ -2086,7 +2086,7 @@ static void __devinit it87_init_device(struct platform_device *pdev) |
3785 |
+ |
3786 |
+ /* Start monitoring */ |
3787 |
+ it87_write_value(data, IT87_REG_CONFIG, |
3788 |
+- (it87_read_value(data, IT87_REG_CONFIG) & 0x36) |
3789 |
++ (it87_read_value(data, IT87_REG_CONFIG) & 0x3e) |
3790 |
+ | (update_vbat ? 0x41 : 0x01)); |
3791 |
+ } |
3792 |
+ |
3793 |
+diff --git a/drivers/hwspinlock/hwspinlock_core.c b/drivers/hwspinlock/hwspinlock_core.c |
3794 |
+index 61c9cf1..1201a15 100644 |
3795 |
+--- a/drivers/hwspinlock/hwspinlock_core.c |
3796 |
++++ b/drivers/hwspinlock/hwspinlock_core.c |
3797 |
+@@ -345,7 +345,7 @@ int hwspin_lock_register(struct hwspinlock_device *bank, struct device *dev, |
3798 |
+ spin_lock_init(&hwlock->lock); |
3799 |
+ hwlock->bank = bank; |
3800 |
+ |
3801 |
+- ret = hwspin_lock_register_single(hwlock, i); |
3802 |
++ ret = hwspin_lock_register_single(hwlock, base_id + i); |
3803 |
+ if (ret) |
3804 |
+ goto reg_failed; |
3805 |
+ } |
3806 |
+@@ -354,7 +354,7 @@ int hwspin_lock_register(struct hwspinlock_device *bank, struct device *dev, |
3807 |
+ |
3808 |
+ reg_failed: |
3809 |
+ while (--i >= 0) |
3810 |
+- hwspin_lock_unregister_single(i); |
3811 |
++ hwspin_lock_unregister_single(base_id + i); |
3812 |
+ return ret; |
3813 |
+ } |
3814 |
+ EXPORT_SYMBOL_GPL(hwspin_lock_register); |
3815 |
+diff --git a/drivers/input/joystick/xpad.c b/drivers/input/joystick/xpad.c |
3816 |
+index d728875..2189cbf 100644 |
3817 |
+--- a/drivers/input/joystick/xpad.c |
3818 |
++++ b/drivers/input/joystick/xpad.c |
3819 |
+@@ -142,6 +142,7 @@ static const struct xpad_device { |
3820 |
+ { 0x0c12, 0x880a, "Pelican Eclipse PL-2023", 0, XTYPE_XBOX }, |
3821 |
+ { 0x0c12, 0x8810, "Zeroplus Xbox Controller", 0, XTYPE_XBOX }, |
3822 |
+ { 0x0c12, 0x9902, "HAMA VibraX - *FAULTY HARDWARE*", 0, XTYPE_XBOX }, |
3823 |
++ { 0x0d2f, 0x0002, "Andamiro Pump It Up pad", MAP_DPAD_TO_BUTTONS, XTYPE_XBOX }, |
3824 |
+ { 0x0e4c, 0x1097, "Radica Gamester Controller", 0, XTYPE_XBOX }, |
3825 |
+ { 0x0e4c, 0x2390, "Radica Games Jtech Controller", 0, XTYPE_XBOX }, |
3826 |
+ { 0x0e6f, 0x0003, "Logic3 Freebird wireless Controller", 0, XTYPE_XBOX }, |
3827 |
+@@ -164,6 +165,7 @@ static const struct xpad_device { |
3828 |
+ { 0x1bad, 0x0003, "Harmonix Rock Band Drumkit", MAP_DPAD_TO_BUTTONS, XTYPE_XBOX360 }, |
3829 |
+ { 0x0f0d, 0x0016, "Hori Real Arcade Pro.EX", MAP_TRIGGERS_TO_BUTTONS, XTYPE_XBOX360 }, |
3830 |
+ { 0x0f0d, 0x000d, "Hori Fighting Stick EX2", MAP_TRIGGERS_TO_BUTTONS, XTYPE_XBOX360 }, |
3831 |
++ { 0x1689, 0xfd00, "Razer Onza Tournament Edition", MAP_DPAD_TO_BUTTONS, XTYPE_XBOX360 }, |
3832 |
+ { 0xffff, 0xffff, "Chinese-made Xbox Controller", 0, XTYPE_XBOX }, |
3833 |
+ { 0x0000, 0x0000, "Generic X-Box pad", 0, XTYPE_UNKNOWN } |
3834 |
+ }; |
3835 |
+@@ -238,12 +240,14 @@ static struct usb_device_id xpad_table [] = { |
3836 |
+ XPAD_XBOX360_VENDOR(0x045e), /* Microsoft X-Box 360 controllers */ |
3837 |
+ XPAD_XBOX360_VENDOR(0x046d), /* Logitech X-Box 360 style controllers */ |
3838 |
+ XPAD_XBOX360_VENDOR(0x0738), /* Mad Catz X-Box 360 controllers */ |
3839 |
++ { USB_DEVICE(0x0738, 0x4540) }, /* Mad Catz Beat Pad */ |
3840 |
+ XPAD_XBOX360_VENDOR(0x0e6f), /* 0x0e6f X-Box 360 controllers */ |
3841 |
+ XPAD_XBOX360_VENDOR(0x12ab), /* X-Box 360 dance pads */ |
3842 |
+ XPAD_XBOX360_VENDOR(0x1430), /* RedOctane X-Box 360 controllers */ |
3843 |
+ XPAD_XBOX360_VENDOR(0x146b), /* BigBen Interactive Controllers */ |
3844 |
+ XPAD_XBOX360_VENDOR(0x1bad), /* Harminix Rock Band Guitar and Drums */ |
3845 |
+- XPAD_XBOX360_VENDOR(0x0f0d), /* Hori Controllers */ |
3846 |
++ XPAD_XBOX360_VENDOR(0x0f0d), /* Hori Controllers */ |
3847 |
++ XPAD_XBOX360_VENDOR(0x1689), /* Razer Onza */ |
3848 |
+ { } |
3849 |
+ }; |
3850 |
+ |
3851 |
+diff --git a/drivers/input/mouse/bcm5974.c b/drivers/input/mouse/bcm5974.c |
3852 |
+index 5ec617e..ec58f48 100644 |
3853 |
+--- a/drivers/input/mouse/bcm5974.c |
3854 |
++++ b/drivers/input/mouse/bcm5974.c |
3855 |
+@@ -79,6 +79,10 @@ |
3856 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING5A_ANSI 0x0252 |
3857 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING5A_ISO 0x0253 |
3858 |
+ #define USB_DEVICE_ID_APPLE_WELLSPRING5A_JIS 0x0254 |
3859 |
++/* MacbookPro10,1 (unibody, June 2012) */ |
3860 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI 0x0262 |
3861 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_ISO 0x0263 |
3862 |
++#define USB_DEVICE_ID_APPLE_WELLSPRING7_JIS 0x0264 |
3863 |
+ |
3864 |
+ #define BCM5974_DEVICE(prod) { \ |
3865 |
+ .match_flags = (USB_DEVICE_ID_MATCH_DEVICE | \ |
3866 |
+@@ -128,6 +132,10 @@ static const struct usb_device_id bcm5974_table[] = { |
3867 |
+ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING5A_ANSI), |
3868 |
+ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING5A_ISO), |
3869 |
+ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING5A_JIS), |
3870 |
++ /* MacbookPro10,1 */ |
3871 |
++ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI), |
3872 |
++ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING7_ISO), |
3873 |
++ BCM5974_DEVICE(USB_DEVICE_ID_APPLE_WELLSPRING7_JIS), |
3874 |
+ /* Terminating entry */ |
3875 |
+ {} |
3876 |
+ }; |
3877 |
+@@ -354,6 +362,18 @@ static const struct bcm5974_config bcm5974_config_table[] = { |
3878 |
+ { DIM_X, DIM_X / SN_COORD, -4620, 5140 }, |
3879 |
+ { DIM_Y, DIM_Y / SN_COORD, -150, 6600 } |
3880 |
+ }, |
3881 |
++ { |
3882 |
++ USB_DEVICE_ID_APPLE_WELLSPRING7_ANSI, |
3883 |
++ USB_DEVICE_ID_APPLE_WELLSPRING7_ISO, |
3884 |
++ USB_DEVICE_ID_APPLE_WELLSPRING7_JIS, |
3885 |
++ HAS_INTEGRATED_BUTTON, |
3886 |
++ 0x84, sizeof(struct bt_data), |
3887 |
++ 0x81, TYPE2, FINGER_TYPE2, FINGER_TYPE2 + SIZEOF_ALL_FINGERS, |
3888 |
++ { DIM_PRESSURE, DIM_PRESSURE / SN_PRESSURE, 0, 300 }, |
3889 |
++ { DIM_WIDTH, DIM_WIDTH / SN_WIDTH, 0, 2048 }, |
3890 |
++ { DIM_X, DIM_X / SN_COORD, -4750, 5280 }, |
3891 |
++ { DIM_Y, DIM_Y / SN_COORD, -150, 6730 } |
3892 |
++ }, |
3893 |
+ {} |
3894 |
+ }; |
3895 |
+ |
3896 |
+diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c |
3897 |
+index f1d5408..a1b8caa 100644 |
3898 |
+--- a/drivers/iommu/amd_iommu.c |
3899 |
++++ b/drivers/iommu/amd_iommu.c |
3900 |
+@@ -59,6 +59,8 @@ static struct protection_domain *pt_domain; |
3901 |
+ |
3902 |
+ static struct iommu_ops amd_iommu_ops; |
3903 |
+ |
3904 |
++static struct dma_map_ops amd_iommu_dma_ops; |
3905 |
++ |
3906 |
+ /* |
3907 |
+ * general struct to manage commands send to an IOMMU |
3908 |
+ */ |
3909 |
+@@ -1878,6 +1880,11 @@ static int device_change_notifier(struct notifier_block *nb, |
3910 |
+ list_add_tail(&dma_domain->list, &iommu_pd_list); |
3911 |
+ spin_unlock_irqrestore(&iommu_pd_list_lock, flags); |
3912 |
+ |
3913 |
++ if (!iommu_pass_through) |
3914 |
++ dev->archdata.dma_ops = &amd_iommu_dma_ops; |
3915 |
++ else |
3916 |
++ dev->archdata.dma_ops = &nommu_dma_ops; |
3917 |
++ |
3918 |
+ break; |
3919 |
+ case BUS_NOTIFY_DEL_DEVICE: |
3920 |
+ |
3921 |
+diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c |
3922 |
+index 6269eb0..ef2d493 100644 |
3923 |
+--- a/drivers/iommu/amd_iommu_init.c |
3924 |
++++ b/drivers/iommu/amd_iommu_init.c |
3925 |
+@@ -1468,6 +1468,8 @@ static int __init amd_iommu_init(void) |
3926 |
+ |
3927 |
+ register_syscore_ops(&amd_iommu_syscore_ops); |
3928 |
+ |
3929 |
++ x86_platform.iommu_shutdown = disable_iommus; |
3930 |
++ |
3931 |
+ if (iommu_pass_through) |
3932 |
+ goto out; |
3933 |
+ |
3934 |
+@@ -1476,7 +1478,6 @@ static int __init amd_iommu_init(void) |
3935 |
+ else |
3936 |
+ printk(KERN_INFO "AMD-Vi: Lazy IO/TLB flushing enabled\n"); |
3937 |
+ |
3938 |
+- x86_platform.iommu_shutdown = disable_iommus; |
3939 |
+ out: |
3940 |
+ return ret; |
3941 |
+ |
3942 |
+diff --git a/drivers/md/dm-raid1.c b/drivers/md/dm-raid1.c |
3943 |
+index 9bfd057..dae2b7a 100644 |
3944 |
+--- a/drivers/md/dm-raid1.c |
3945 |
++++ b/drivers/md/dm-raid1.c |
3946 |
+@@ -1080,6 +1080,7 @@ static int mirror_ctr(struct dm_target *ti, unsigned int argc, char **argv) |
3947 |
+ ti->split_io = dm_rh_get_region_size(ms->rh); |
3948 |
+ ti->num_flush_requests = 1; |
3949 |
+ ti->num_discard_requests = 1; |
3950 |
++ ti->discard_zeroes_data_unsupported = 1; |
3951 |
+ |
3952 |
+ ms->kmirrord_wq = alloc_workqueue("kmirrord", |
3953 |
+ WQ_NON_REENTRANT | WQ_MEM_RECLAIM, 0); |
3954 |
+@@ -1210,7 +1211,7 @@ static int mirror_end_io(struct dm_target *ti, struct bio *bio, |
3955 |
+ * We need to dec pending if this was a write. |
3956 |
+ */ |
3957 |
+ if (rw == WRITE) { |
3958 |
+- if (!(bio->bi_rw & REQ_FLUSH)) |
3959 |
++ if (!(bio->bi_rw & (REQ_FLUSH | REQ_DISCARD))) |
3960 |
+ dm_rh_dec(ms->rh, map_context->ll); |
3961 |
+ return error; |
3962 |
+ } |
3963 |
+diff --git a/drivers/md/dm-region-hash.c b/drivers/md/dm-region-hash.c |
3964 |
+index 7771ed2..69732e0 100644 |
3965 |
+--- a/drivers/md/dm-region-hash.c |
3966 |
++++ b/drivers/md/dm-region-hash.c |
3967 |
+@@ -404,6 +404,9 @@ void dm_rh_mark_nosync(struct dm_region_hash *rh, struct bio *bio) |
3968 |
+ return; |
3969 |
+ } |
3970 |
+ |
3971 |
++ if (bio->bi_rw & REQ_DISCARD) |
3972 |
++ return; |
3973 |
++ |
3974 |
+ /* We must inform the log that the sync count has changed. */ |
3975 |
+ log->type->set_region_sync(log, region, 0); |
3976 |
+ |
3977 |
+@@ -524,7 +527,7 @@ void dm_rh_inc_pending(struct dm_region_hash *rh, struct bio_list *bios) |
3978 |
+ struct bio *bio; |
3979 |
+ |
3980 |
+ for (bio = bios->head; bio; bio = bio->bi_next) { |
3981 |
+- if (bio->bi_rw & REQ_FLUSH) |
3982 |
++ if (bio->bi_rw & (REQ_FLUSH | REQ_DISCARD)) |
3983 |
+ continue; |
3984 |
+ rh_inc(rh, dm_rh_bio_to_region(rh, bio)); |
3985 |
+ } |
3986 |
+diff --git a/drivers/md/md.c b/drivers/md/md.c |
3987 |
+index 700ecae..d8646d7 100644 |
3988 |
+--- a/drivers/md/md.c |
3989 |
++++ b/drivers/md/md.c |
3990 |
+@@ -3700,8 +3700,8 @@ array_state_show(struct mddev *mddev, char *page) |
3991 |
+ return sprintf(page, "%s\n", array_states[st]); |
3992 |
+ } |
3993 |
+ |
3994 |
+-static int do_md_stop(struct mddev * mddev, int ro, int is_open); |
3995 |
+-static int md_set_readonly(struct mddev * mddev, int is_open); |
3996 |
++static int do_md_stop(struct mddev * mddev, int ro, struct block_device *bdev); |
3997 |
++static int md_set_readonly(struct mddev * mddev, struct block_device *bdev); |
3998 |
+ static int do_md_run(struct mddev * mddev); |
3999 |
+ static int restart_array(struct mddev *mddev); |
4000 |
+ |
4001 |
+@@ -3717,14 +3717,14 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
4002 |
+ /* stopping an active array */ |
4003 |
+ if (atomic_read(&mddev->openers) > 0) |
4004 |
+ return -EBUSY; |
4005 |
+- err = do_md_stop(mddev, 0, 0); |
4006 |
++ err = do_md_stop(mddev, 0, NULL); |
4007 |
+ break; |
4008 |
+ case inactive: |
4009 |
+ /* stopping an active array */ |
4010 |
+ if (mddev->pers) { |
4011 |
+ if (atomic_read(&mddev->openers) > 0) |
4012 |
+ return -EBUSY; |
4013 |
+- err = do_md_stop(mddev, 2, 0); |
4014 |
++ err = do_md_stop(mddev, 2, NULL); |
4015 |
+ } else |
4016 |
+ err = 0; /* already inactive */ |
4017 |
+ break; |
4018 |
+@@ -3732,7 +3732,7 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
4019 |
+ break; /* not supported yet */ |
4020 |
+ case readonly: |
4021 |
+ if (mddev->pers) |
4022 |
+- err = md_set_readonly(mddev, 0); |
4023 |
++ err = md_set_readonly(mddev, NULL); |
4024 |
+ else { |
4025 |
+ mddev->ro = 1; |
4026 |
+ set_disk_ro(mddev->gendisk, 1); |
4027 |
+@@ -3742,7 +3742,7 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
4028 |
+ case read_auto: |
4029 |
+ if (mddev->pers) { |
4030 |
+ if (mddev->ro == 0) |
4031 |
+- err = md_set_readonly(mddev, 0); |
4032 |
++ err = md_set_readonly(mddev, NULL); |
4033 |
+ else if (mddev->ro == 1) |
4034 |
+ err = restart_array(mddev); |
4035 |
+ if (err == 0) { |
4036 |
+@@ -5078,15 +5078,17 @@ void md_stop(struct mddev *mddev) |
4037 |
+ } |
4038 |
+ EXPORT_SYMBOL_GPL(md_stop); |
4039 |
+ |
4040 |
+-static int md_set_readonly(struct mddev *mddev, int is_open) |
4041 |
++static int md_set_readonly(struct mddev *mddev, struct block_device *bdev) |
4042 |
+ { |
4043 |
+ int err = 0; |
4044 |
+ mutex_lock(&mddev->open_mutex); |
4045 |
+- if (atomic_read(&mddev->openers) > is_open) { |
4046 |
++ if (atomic_read(&mddev->openers) > !!bdev) { |
4047 |
+ printk("md: %s still in use.\n",mdname(mddev)); |
4048 |
+ err = -EBUSY; |
4049 |
+ goto out; |
4050 |
+ } |
4051 |
++ if (bdev) |
4052 |
++ sync_blockdev(bdev); |
4053 |
+ if (mddev->pers) { |
4054 |
+ __md_stop_writes(mddev); |
4055 |
+ |
4056 |
+@@ -5108,18 +5110,26 @@ out: |
4057 |
+ * 0 - completely stop and dis-assemble array |
4058 |
+ * 2 - stop but do not disassemble array |
4059 |
+ */ |
4060 |
+-static int do_md_stop(struct mddev * mddev, int mode, int is_open) |
4061 |
++static int do_md_stop(struct mddev * mddev, int mode, |
4062 |
++ struct block_device *bdev) |
4063 |
+ { |
4064 |
+ struct gendisk *disk = mddev->gendisk; |
4065 |
+ struct md_rdev *rdev; |
4066 |
+ |
4067 |
+ mutex_lock(&mddev->open_mutex); |
4068 |
+- if (atomic_read(&mddev->openers) > is_open || |
4069 |
++ if (atomic_read(&mddev->openers) > !!bdev || |
4070 |
+ mddev->sysfs_active) { |
4071 |
+ printk("md: %s still in use.\n",mdname(mddev)); |
4072 |
+ mutex_unlock(&mddev->open_mutex); |
4073 |
+ return -EBUSY; |
4074 |
+ } |
4075 |
++ if (bdev) |
4076 |
++ /* It is possible IO was issued on some other |
4077 |
++ * open file which was closed before we took ->open_mutex. |
4078 |
++ * As that was not the last close __blkdev_put will not |
4079 |
++ * have called sync_blockdev, so we must. |
4080 |
++ */ |
4081 |
++ sync_blockdev(bdev); |
4082 |
+ |
4083 |
+ if (mddev->pers) { |
4084 |
+ if (mddev->ro) |
4085 |
+@@ -5193,7 +5203,7 @@ static void autorun_array(struct mddev *mddev) |
4086 |
+ err = do_md_run(mddev); |
4087 |
+ if (err) { |
4088 |
+ printk(KERN_WARNING "md: do_md_run() returned %d\n", err); |
4089 |
+- do_md_stop(mddev, 0, 0); |
4090 |
++ do_md_stop(mddev, 0, NULL); |
4091 |
+ } |
4092 |
+ } |
4093 |
+ |
4094 |
+@@ -6184,11 +6194,11 @@ static int md_ioctl(struct block_device *bdev, fmode_t mode, |
4095 |
+ goto done_unlock; |
4096 |
+ |
4097 |
+ case STOP_ARRAY: |
4098 |
+- err = do_md_stop(mddev, 0, 1); |
4099 |
++ err = do_md_stop(mddev, 0, bdev); |
4100 |
+ goto done_unlock; |
4101 |
+ |
4102 |
+ case STOP_ARRAY_RO: |
4103 |
+- err = md_set_readonly(mddev, 1); |
4104 |
++ err = md_set_readonly(mddev, bdev); |
4105 |
+ goto done_unlock; |
4106 |
+ |
4107 |
+ case BLKROSET: |
4108 |
+diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c |
4109 |
+index 7af60ec..2d97bf0 100644 |
4110 |
+--- a/drivers/md/raid1.c |
4111 |
++++ b/drivers/md/raid1.c |
4112 |
+@@ -1713,8 +1713,14 @@ static void sync_request_write(struct mddev *mddev, struct r1bio *r1_bio) |
4113 |
+ |
4114 |
+ if (atomic_dec_and_test(&r1_bio->remaining)) { |
4115 |
+ /* if we're here, all write(s) have completed, so clean up */ |
4116 |
+- md_done_sync(mddev, r1_bio->sectors, 1); |
4117 |
+- put_buf(r1_bio); |
4118 |
++ int s = r1_bio->sectors; |
4119 |
++ if (test_bit(R1BIO_MadeGood, &r1_bio->state) || |
4120 |
++ test_bit(R1BIO_WriteError, &r1_bio->state)) |
4121 |
++ reschedule_retry(r1_bio); |
4122 |
++ else { |
4123 |
++ put_buf(r1_bio); |
4124 |
++ md_done_sync(mddev, s, 1); |
4125 |
++ } |
4126 |
+ } |
4127 |
+ } |
4128 |
+ |
4129 |
+@@ -2378,9 +2384,10 @@ static sector_t sync_request(struct mddev *mddev, sector_t sector_nr, int *skipp |
4130 |
+ */ |
4131 |
+ if (test_bit(MD_RECOVERY_REQUESTED, &mddev->recovery)) { |
4132 |
+ atomic_set(&r1_bio->remaining, read_targets); |
4133 |
+- for (i=0; i<conf->raid_disks; i++) { |
4134 |
++ for (i = 0; i < conf->raid_disks && read_targets; i++) { |
4135 |
+ bio = r1_bio->bios[i]; |
4136 |
+ if (bio->bi_end_io == end_sync_read) { |
4137 |
++ read_targets--; |
4138 |
+ md_sync_acct(bio->bi_bdev, nr_sectors); |
4139 |
+ generic_make_request(bio); |
4140 |
+ } |
4141 |
+diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c |
4142 |
+index 6ba4954..26ef63a 100644 |
4143 |
+--- a/drivers/md/raid5.c |
4144 |
++++ b/drivers/md/raid5.c |
4145 |
+@@ -196,12 +196,14 @@ static void __release_stripe(struct r5conf *conf, struct stripe_head *sh) |
4146 |
+ BUG_ON(!list_empty(&sh->lru)); |
4147 |
+ BUG_ON(atomic_read(&conf->active_stripes)==0); |
4148 |
+ if (test_bit(STRIPE_HANDLE, &sh->state)) { |
4149 |
+- if (test_bit(STRIPE_DELAYED, &sh->state)) |
4150 |
++ if (test_bit(STRIPE_DELAYED, &sh->state) && |
4151 |
++ !test_bit(STRIPE_PREREAD_ACTIVE, &sh->state)) |
4152 |
+ list_add_tail(&sh->lru, &conf->delayed_list); |
4153 |
+ else if (test_bit(STRIPE_BIT_DELAY, &sh->state) && |
4154 |
+ sh->bm_seq - conf->seq_write > 0) |
4155 |
+ list_add_tail(&sh->lru, &conf->bitmap_list); |
4156 |
+ else { |
4157 |
++ clear_bit(STRIPE_DELAYED, &sh->state); |
4158 |
+ clear_bit(STRIPE_BIT_DELAY, &sh->state); |
4159 |
+ list_add_tail(&sh->lru, &conf->handle_list); |
4160 |
+ } |
4161 |
+diff --git a/drivers/media/dvb/dvb-core/dvbdev.c b/drivers/media/dvb/dvb-core/dvbdev.c |
4162 |
+index f732877..d5cda35 100644 |
4163 |
+--- a/drivers/media/dvb/dvb-core/dvbdev.c |
4164 |
++++ b/drivers/media/dvb/dvb-core/dvbdev.c |
4165 |
+@@ -243,6 +243,7 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, |
4166 |
+ if (minor == MAX_DVB_MINORS) { |
4167 |
+ kfree(dvbdevfops); |
4168 |
+ kfree(dvbdev); |
4169 |
++ up_write(&minor_rwsem); |
4170 |
+ mutex_unlock(&dvbdev_register_lock); |
4171 |
+ return -EINVAL; |
4172 |
+ } |
4173 |
+diff --git a/drivers/mtd/nand/nandsim.c b/drivers/mtd/nand/nandsim.c |
4174 |
+index 34c03be..83e8e1b 100644 |
4175 |
+--- a/drivers/mtd/nand/nandsim.c |
4176 |
++++ b/drivers/mtd/nand/nandsim.c |
4177 |
+@@ -28,7 +28,7 @@ |
4178 |
+ #include <linux/module.h> |
4179 |
+ #include <linux/moduleparam.h> |
4180 |
+ #include <linux/vmalloc.h> |
4181 |
+-#include <asm/div64.h> |
4182 |
++#include <linux/math64.h> |
4183 |
+ #include <linux/slab.h> |
4184 |
+ #include <linux/errno.h> |
4185 |
+ #include <linux/string.h> |
4186 |
+@@ -547,12 +547,6 @@ static char *get_partition_name(int i) |
4187 |
+ return kstrdup(buf, GFP_KERNEL); |
4188 |
+ } |
4189 |
+ |
4190 |
+-static uint64_t divide(uint64_t n, uint32_t d) |
4191 |
+-{ |
4192 |
+- do_div(n, d); |
4193 |
+- return n; |
4194 |
+-} |
4195 |
+- |
4196 |
+ /* |
4197 |
+ * Initialize the nandsim structure. |
4198 |
+ * |
4199 |
+@@ -581,7 +575,7 @@ static int init_nandsim(struct mtd_info *mtd) |
4200 |
+ ns->geom.oobsz = mtd->oobsize; |
4201 |
+ ns->geom.secsz = mtd->erasesize; |
4202 |
+ ns->geom.pgszoob = ns->geom.pgsz + ns->geom.oobsz; |
4203 |
+- ns->geom.pgnum = divide(ns->geom.totsz, ns->geom.pgsz); |
4204 |
++ ns->geom.pgnum = div_u64(ns->geom.totsz, ns->geom.pgsz); |
4205 |
+ ns->geom.totszoob = ns->geom.totsz + (uint64_t)ns->geom.pgnum * ns->geom.oobsz; |
4206 |
+ ns->geom.secshift = ffs(ns->geom.secsz) - 1; |
4207 |
+ ns->geom.pgshift = chip->page_shift; |
4208 |
+@@ -924,7 +918,7 @@ static int setup_wear_reporting(struct mtd_info *mtd) |
4209 |
+ |
4210 |
+ if (!rptwear) |
4211 |
+ return 0; |
4212 |
+- wear_eb_count = divide(mtd->size, mtd->erasesize); |
4213 |
++ wear_eb_count = div_u64(mtd->size, mtd->erasesize); |
4214 |
+ mem = wear_eb_count * sizeof(unsigned long); |
4215 |
+ if (mem / sizeof(unsigned long) != wear_eb_count) { |
4216 |
+ NS_ERR("Too many erase blocks for wear reporting\n"); |
4217 |
+diff --git a/drivers/net/bonding/bond_debugfs.c b/drivers/net/bonding/bond_debugfs.c |
4218 |
+index 3680aa2..2cf084e 100644 |
4219 |
+--- a/drivers/net/bonding/bond_debugfs.c |
4220 |
++++ b/drivers/net/bonding/bond_debugfs.c |
4221 |
+@@ -6,7 +6,7 @@ |
4222 |
+ #include "bonding.h" |
4223 |
+ #include "bond_alb.h" |
4224 |
+ |
4225 |
+-#ifdef CONFIG_DEBUG_FS |
4226 |
++#if defined(CONFIG_DEBUG_FS) && !defined(CONFIG_NET_NS) |
4227 |
+ |
4228 |
+ #include <linux/debugfs.h> |
4229 |
+ #include <linux/seq_file.h> |
4230 |
+diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
4231 |
+index 1a88e38..6c284d1 100644 |
4232 |
+--- a/drivers/net/bonding/bond_main.c |
4233 |
++++ b/drivers/net/bonding/bond_main.c |
4234 |
+@@ -3184,6 +3184,12 @@ static int bond_master_netdev_event(unsigned long event, |
4235 |
+ switch (event) { |
4236 |
+ case NETDEV_CHANGENAME: |
4237 |
+ return bond_event_changename(event_bond); |
4238 |
++ case NETDEV_UNREGISTER: |
4239 |
++ bond_remove_proc_entry(event_bond); |
4240 |
++ break; |
4241 |
++ case NETDEV_REGISTER: |
4242 |
++ bond_create_proc_entry(event_bond); |
4243 |
++ break; |
4244 |
+ default: |
4245 |
+ break; |
4246 |
+ } |
4247 |
+@@ -4391,8 +4397,6 @@ static void bond_uninit(struct net_device *bond_dev) |
4248 |
+ |
4249 |
+ bond_work_cancel_all(bond); |
4250 |
+ |
4251 |
+- bond_remove_proc_entry(bond); |
4252 |
+- |
4253 |
+ bond_debug_unregister(bond); |
4254 |
+ |
4255 |
+ __hw_addr_flush(&bond->mc_list); |
4256 |
+@@ -4794,7 +4798,6 @@ static int bond_init(struct net_device *bond_dev) |
4257 |
+ |
4258 |
+ bond_set_lockdep_class(bond_dev); |
4259 |
+ |
4260 |
+- bond_create_proc_entry(bond); |
4261 |
+ list_add_tail(&bond->bond_list, &bn->dev_list); |
4262 |
+ |
4263 |
+ bond_prepare_sysfs_group(bond); |
4264 |
+diff --git a/drivers/net/ethernet/atheros/atl1c/atl1c_main.c b/drivers/net/ethernet/atheros/atl1c/atl1c_main.c |
4265 |
+index eccdcff..5ae7df7 100644 |
4266 |
+--- a/drivers/net/ethernet/atheros/atl1c/atl1c_main.c |
4267 |
++++ b/drivers/net/ethernet/atheros/atl1c/atl1c_main.c |
4268 |
+@@ -267,7 +267,6 @@ static void atl1c_check_link_status(struct atl1c_adapter *adapter) |
4269 |
+ dev_warn(&pdev->dev, "stop mac failed\n"); |
4270 |
+ atl1c_set_aspm(hw, false); |
4271 |
+ netif_carrier_off(netdev); |
4272 |
+- netif_stop_queue(netdev); |
4273 |
+ atl1c_phy_reset(hw); |
4274 |
+ atl1c_phy_init(&adapter->hw); |
4275 |
+ } else { |
4276 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4277 |
+index aec7212..8dda46a 100644 |
4278 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4279 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
4280 |
+@@ -723,21 +723,6 @@ struct bnx2x_fastpath { |
4281 |
+ |
4282 |
+ #define ETH_RX_ERROR_FALGS ETH_FAST_PATH_RX_CQE_PHY_DECODE_ERR_FLG |
4283 |
+ |
4284 |
+-#define BNX2X_IP_CSUM_ERR(cqe) \ |
4285 |
+- (!((cqe)->fast_path_cqe.status_flags & \ |
4286 |
+- ETH_FAST_PATH_RX_CQE_IP_XSUM_NO_VALIDATION_FLG) && \ |
4287 |
+- ((cqe)->fast_path_cqe.type_error_flags & \ |
4288 |
+- ETH_FAST_PATH_RX_CQE_IP_BAD_XSUM_FLG)) |
4289 |
+- |
4290 |
+-#define BNX2X_L4_CSUM_ERR(cqe) \ |
4291 |
+- (!((cqe)->fast_path_cqe.status_flags & \ |
4292 |
+- ETH_FAST_PATH_RX_CQE_L4_XSUM_NO_VALIDATION_FLG) && \ |
4293 |
+- ((cqe)->fast_path_cqe.type_error_flags & \ |
4294 |
+- ETH_FAST_PATH_RX_CQE_L4_BAD_XSUM_FLG)) |
4295 |
+- |
4296 |
+-#define BNX2X_RX_CSUM_OK(cqe) \ |
4297 |
+- (!(BNX2X_L4_CSUM_ERR(cqe) || BNX2X_IP_CSUM_ERR(cqe))) |
4298 |
+- |
4299 |
+ #define BNX2X_PRS_FLAG_OVERETH_IPV4(flags) \ |
4300 |
+ (((le16_to_cpu(flags) & \ |
4301 |
+ PARSING_FLAGS_OVER_ETHERNET_PROTOCOL) >> \ |
4302 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4303 |
+index 580b44e..2c1a5c0 100644 |
4304 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4305 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
4306 |
+@@ -220,7 +220,7 @@ int bnx2x_tx_int(struct bnx2x *bp, struct bnx2x_fp_txdata *txdata) |
4307 |
+ |
4308 |
+ if ((netif_tx_queue_stopped(txq)) && |
4309 |
+ (bp->state == BNX2X_STATE_OPEN) && |
4310 |
+- (bnx2x_tx_avail(bp, txdata) >= MAX_SKB_FRAGS + 3)) |
4311 |
++ (bnx2x_tx_avail(bp, txdata) >= MAX_SKB_FRAGS + 4)) |
4312 |
+ netif_tx_wake_queue(txq); |
4313 |
+ |
4314 |
+ __netif_tx_unlock(txq); |
4315 |
+@@ -551,6 +551,26 @@ static inline void bnx2x_set_skb_rxhash(struct bnx2x *bp, union eth_rx_cqe *cqe, |
4316 |
+ le32_to_cpu(cqe->fast_path_cqe.rss_hash_result); |
4317 |
+ } |
4318 |
+ |
4319 |
++static void bnx2x_csum_validate(struct sk_buff *skb, union eth_rx_cqe *cqe, |
4320 |
++ struct bnx2x_fastpath *fp) |
4321 |
++{ |
4322 |
++ /* Do nothing if no IP/L4 csum validation was done */ |
4323 |
++ |
4324 |
++ if (cqe->fast_path_cqe.status_flags & |
4325 |
++ (ETH_FAST_PATH_RX_CQE_IP_XSUM_NO_VALIDATION_FLG | |
4326 |
++ ETH_FAST_PATH_RX_CQE_L4_XSUM_NO_VALIDATION_FLG)) |
4327 |
++ return; |
4328 |
++ |
4329 |
++ /* If both IP/L4 validation were done, check if an error was found. */ |
4330 |
++ |
4331 |
++ if (cqe->fast_path_cqe.type_error_flags & |
4332 |
++ (ETH_FAST_PATH_RX_CQE_IP_BAD_XSUM_FLG | |
4333 |
++ ETH_FAST_PATH_RX_CQE_L4_BAD_XSUM_FLG)) |
4334 |
++ fp->eth_q_stats.hw_csum_err++; |
4335 |
++ else |
4336 |
++ skb->ip_summed = CHECKSUM_UNNECESSARY; |
4337 |
++} |
4338 |
++ |
4339 |
+ int bnx2x_rx_int(struct bnx2x_fastpath *fp, int budget) |
4340 |
+ { |
4341 |
+ struct bnx2x *bp = fp->bp; |
4342 |
+@@ -746,13 +766,9 @@ reuse_rx: |
4343 |
+ |
4344 |
+ skb_checksum_none_assert(skb); |
4345 |
+ |
4346 |
+- if (bp->dev->features & NETIF_F_RXCSUM) { |
4347 |
++ if (bp->dev->features & NETIF_F_RXCSUM) |
4348 |
++ bnx2x_csum_validate(skb, cqe, fp); |
4349 |
+ |
4350 |
+- if (likely(BNX2X_RX_CSUM_OK(cqe))) |
4351 |
+- skb->ip_summed = CHECKSUM_UNNECESSARY; |
4352 |
+- else |
4353 |
+- fp->eth_q_stats.hw_csum_err++; |
4354 |
+- } |
4355 |
+ } |
4356 |
+ |
4357 |
+ skb_record_rx_queue(skb, fp->index); |
4358 |
+@@ -2238,8 +2254,6 @@ int bnx2x_poll(struct napi_struct *napi, int budget) |
4359 |
+ /* we split the first BD into headers and data BDs |
4360 |
+ * to ease the pain of our fellow microcode engineers |
4361 |
+ * we use one mapping for both BDs |
4362 |
+- * So far this has only been observed to happen |
4363 |
+- * in Other Operating Systems(TM) |
4364 |
+ */ |
4365 |
+ static noinline u16 bnx2x_tx_split(struct bnx2x *bp, |
4366 |
+ struct bnx2x_fp_txdata *txdata, |
4367 |
+@@ -2890,7 +2904,7 @@ netdev_tx_t bnx2x_start_xmit(struct sk_buff *skb, struct net_device *dev) |
4368 |
+ |
4369 |
+ txdata->tx_bd_prod += nbd; |
4370 |
+ |
4371 |
+- if (unlikely(bnx2x_tx_avail(bp, txdata) < MAX_SKB_FRAGS + 3)) { |
4372 |
++ if (unlikely(bnx2x_tx_avail(bp, txdata) < MAX_SKB_FRAGS + 4)) { |
4373 |
+ netif_tx_stop_queue(txq); |
4374 |
+ |
4375 |
+ /* paired memory barrier is in bnx2x_tx_int(), we have to keep |
4376 |
+@@ -2899,7 +2913,7 @@ netdev_tx_t bnx2x_start_xmit(struct sk_buff *skb, struct net_device *dev) |
4377 |
+ smp_mb(); |
4378 |
+ |
4379 |
+ fp->eth_q_stats.driver_xoff++; |
4380 |
+- if (bnx2x_tx_avail(bp, txdata) >= MAX_SKB_FRAGS + 3) |
4381 |
++ if (bnx2x_tx_avail(bp, txdata) >= MAX_SKB_FRAGS + 4) |
4382 |
+ netif_tx_wake_queue(txq); |
4383 |
+ } |
4384 |
+ txdata->tx_pkt++; |
4385 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
4386 |
+index 2dcac28..6b258d9 100644 |
4387 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
4388 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
4389 |
+@@ -14046,7 +14046,8 @@ static int __devinit tg3_get_invariants(struct tg3 *tp) |
4390 |
+ } |
4391 |
+ } |
4392 |
+ |
4393 |
+- if (tg3_flag(tp, 5755_PLUS)) |
4394 |
++ if (tg3_flag(tp, 5755_PLUS) || |
4395 |
++ GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5906) |
4396 |
+ tg3_flag_set(tp, SHORT_DMA_BUG); |
4397 |
+ |
4398 |
+ if (GET_ASIC_REV(tp->pci_chip_rev_id) == ASIC_REV_5719) |
4399 |
+diff --git a/drivers/net/ethernet/intel/e1000e/82571.c b/drivers/net/ethernet/intel/e1000e/82571.c |
4400 |
+index e556fc3..3072d35 100644 |
4401 |
+--- a/drivers/net/ethernet/intel/e1000e/82571.c |
4402 |
++++ b/drivers/net/ethernet/intel/e1000e/82571.c |
4403 |
+@@ -1571,6 +1571,9 @@ static s32 e1000_check_for_serdes_link_82571(struct e1000_hw *hw) |
4404 |
+ ctrl = er32(CTRL); |
4405 |
+ status = er32(STATUS); |
4406 |
+ rxcw = er32(RXCW); |
4407 |
++ /* SYNCH bit and IV bit are sticky */ |
4408 |
++ udelay(10); |
4409 |
++ rxcw = er32(RXCW); |
4410 |
+ |
4411 |
+ if ((rxcw & E1000_RXCW_SYNCH) && !(rxcw & E1000_RXCW_IV)) { |
4412 |
+ |
4413 |
+diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c |
4414 |
+index cc2565c..9e61d6b 100644 |
4415 |
+--- a/drivers/net/ethernet/realtek/r8169.c |
4416 |
++++ b/drivers/net/ethernet/realtek/r8169.c |
4417 |
+@@ -4185,6 +4185,7 @@ out: |
4418 |
+ return rc; |
4419 |
+ |
4420 |
+ err_out_msi_4: |
4421 |
++ netif_napi_del(&tp->napi); |
4422 |
+ rtl_disable_msi(pdev, tp); |
4423 |
+ iounmap(ioaddr); |
4424 |
+ err_out_free_res_3: |
4425 |
+@@ -4210,6 +4211,8 @@ static void __devexit rtl8169_remove_one(struct pci_dev *pdev) |
4426 |
+ |
4427 |
+ cancel_delayed_work_sync(&tp->task); |
4428 |
+ |
4429 |
++ netif_napi_del(&tp->napi); |
4430 |
++ |
4431 |
+ unregister_netdev(dev); |
4432 |
+ |
4433 |
+ rtl_release_firmware(tp); |
4434 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
4435 |
+index 72cd190..d4d2bc1 100644 |
4436 |
+--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
4437 |
++++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
4438 |
+@@ -1174,6 +1174,7 @@ static netdev_tx_t stmmac_xmit(struct sk_buff *skb, struct net_device *dev) |
4439 |
+ priv->hw->desc->prepare_tx_desc(desc, 0, len, csum_insertion); |
4440 |
+ wmb(); |
4441 |
+ priv->hw->desc->set_tx_owner(desc); |
4442 |
++ wmb(); |
4443 |
+ } |
4444 |
+ |
4445 |
+ /* Interrupt on completition only for the latest segment */ |
4446 |
+@@ -1189,6 +1190,7 @@ static netdev_tx_t stmmac_xmit(struct sk_buff *skb, struct net_device *dev) |
4447 |
+ |
4448 |
+ /* To avoid raise condition */ |
4449 |
+ priv->hw->desc->set_tx_owner(first); |
4450 |
++ wmb(); |
4451 |
+ |
4452 |
+ priv->cur_tx++; |
4453 |
+ |
4454 |
+@@ -1252,6 +1254,7 @@ static inline void stmmac_rx_refill(struct stmmac_priv *priv) |
4455 |
+ } |
4456 |
+ wmb(); |
4457 |
+ priv->hw->desc->set_rx_owner(p + entry); |
4458 |
++ wmb(); |
4459 |
+ } |
4460 |
+ } |
4461 |
+ |
4462 |
+diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c |
4463 |
+index 1b7082d..26106c0 100644 |
4464 |
+--- a/drivers/net/macvtap.c |
4465 |
++++ b/drivers/net/macvtap.c |
4466 |
+@@ -504,10 +504,11 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, |
4467 |
+ if (copy > size) { |
4468 |
+ ++from; |
4469 |
+ --count; |
4470 |
+- } |
4471 |
++ offset = 0; |
4472 |
++ } else |
4473 |
++ offset += size; |
4474 |
+ copy -= size; |
4475 |
+ offset1 += size; |
4476 |
+- offset = 0; |
4477 |
+ } |
4478 |
+ |
4479 |
+ if (len == offset1) |
4480 |
+@@ -517,24 +518,29 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, |
4481 |
+ struct page *page[MAX_SKB_FRAGS]; |
4482 |
+ int num_pages; |
4483 |
+ unsigned long base; |
4484 |
++ unsigned long truesize; |
4485 |
+ |
4486 |
+- len = from->iov_len - offset1; |
4487 |
++ len = from->iov_len - offset; |
4488 |
+ if (!len) { |
4489 |
+- offset1 = 0; |
4490 |
++ offset = 0; |
4491 |
+ ++from; |
4492 |
+ continue; |
4493 |
+ } |
4494 |
+- base = (unsigned long)from->iov_base + offset1; |
4495 |
++ base = (unsigned long)from->iov_base + offset; |
4496 |
+ size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT; |
4497 |
++ if (i + size > MAX_SKB_FRAGS) |
4498 |
++ return -EMSGSIZE; |
4499 |
+ num_pages = get_user_pages_fast(base, size, 0, &page[i]); |
4500 |
+- if ((num_pages != size) || |
4501 |
+- (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) |
4502 |
+- /* put_page is in skb free */ |
4503 |
++ if (num_pages != size) { |
4504 |
++ for (i = 0; i < num_pages; i++) |
4505 |
++ put_page(page[i]); |
4506 |
+ return -EFAULT; |
4507 |
++ } |
4508 |
++ truesize = size * PAGE_SIZE; |
4509 |
+ skb->data_len += len; |
4510 |
+ skb->len += len; |
4511 |
+- skb->truesize += len; |
4512 |
+- atomic_add(len, &skb->sk->sk_wmem_alloc); |
4513 |
++ skb->truesize += truesize; |
4514 |
++ atomic_add(truesize, &skb->sk->sk_wmem_alloc); |
4515 |
+ while (len) { |
4516 |
+ int off = base & ~PAGE_MASK; |
4517 |
+ int size = min_t(int, len, PAGE_SIZE - off); |
4518 |
+@@ -545,7 +551,7 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, |
4519 |
+ len -= size; |
4520 |
+ i++; |
4521 |
+ } |
4522 |
+- offset1 = 0; |
4523 |
++ offset = 0; |
4524 |
+ ++from; |
4525 |
+ } |
4526 |
+ return 0; |
4527 |
+@@ -645,7 +651,7 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, |
4528 |
+ int err; |
4529 |
+ struct virtio_net_hdr vnet_hdr = { 0 }; |
4530 |
+ int vnet_hdr_len = 0; |
4531 |
+- int copylen; |
4532 |
++ int copylen = 0; |
4533 |
+ bool zerocopy = false; |
4534 |
+ |
4535 |
+ if (q->flags & IFF_VNET_HDR) { |
4536 |
+@@ -674,15 +680,31 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, |
4537 |
+ if (unlikely(len < ETH_HLEN)) |
4538 |
+ goto err; |
4539 |
+ |
4540 |
++ err = -EMSGSIZE; |
4541 |
++ if (unlikely(count > UIO_MAXIOV)) |
4542 |
++ goto err; |
4543 |
++ |
4544 |
+ if (m && m->msg_control && sock_flag(&q->sk, SOCK_ZEROCOPY)) |
4545 |
+ zerocopy = true; |
4546 |
+ |
4547 |
+ if (zerocopy) { |
4548 |
++ /* Userspace may produce vectors with count greater than |
4549 |
++ * MAX_SKB_FRAGS, so we need to linearize parts of the skb |
4550 |
++ * to let the rest of data to be fit in the frags. |
4551 |
++ */ |
4552 |
++ if (count > MAX_SKB_FRAGS) { |
4553 |
++ copylen = iov_length(iv, count - MAX_SKB_FRAGS); |
4554 |
++ if (copylen < vnet_hdr_len) |
4555 |
++ copylen = 0; |
4556 |
++ else |
4557 |
++ copylen -= vnet_hdr_len; |
4558 |
++ } |
4559 |
+ /* There are 256 bytes to be copied in skb, so there is enough |
4560 |
+ * room for skb expand head in case it is used. |
4561 |
+ * The rest buffer is mapped from userspace. |
4562 |
+ */ |
4563 |
+- copylen = vnet_hdr.hdr_len; |
4564 |
++ if (copylen < vnet_hdr.hdr_len) |
4565 |
++ copylen = vnet_hdr.hdr_len; |
4566 |
+ if (!copylen) |
4567 |
+ copylen = GOODCOPY_LEN; |
4568 |
+ } else |
4569 |
+@@ -693,10 +715,9 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, |
4570 |
+ if (!skb) |
4571 |
+ goto err; |
4572 |
+ |
4573 |
+- if (zerocopy) { |
4574 |
++ if (zerocopy) |
4575 |
+ err = zerocopy_sg_from_iovec(skb, iv, vnet_hdr_len, count); |
4576 |
+- skb_shinfo(skb)->tx_flags |= SKBTX_DEV_ZEROCOPY; |
4577 |
+- } else |
4578 |
++ else |
4579 |
+ err = skb_copy_datagram_from_iovec(skb, 0, iv, vnet_hdr_len, |
4580 |
+ len); |
4581 |
+ if (err) |
4582 |
+@@ -715,8 +736,10 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, |
4583 |
+ rcu_read_lock_bh(); |
4584 |
+ vlan = rcu_dereference_bh(q->vlan); |
4585 |
+ /* copy skb_ubuf_info for callback when skb has no error */ |
4586 |
+- if (zerocopy) |
4587 |
++ if (zerocopy) { |
4588 |
+ skb_shinfo(skb)->destructor_arg = m->msg_control; |
4589 |
++ skb_shinfo(skb)->tx_flags |= SKBTX_DEV_ZEROCOPY; |
4590 |
++ } |
4591 |
+ if (vlan) |
4592 |
+ macvlan_start_xmit(skb, vlan->dev); |
4593 |
+ else |
4594 |
+diff --git a/drivers/net/usb/ipheth.c b/drivers/net/usb/ipheth.c |
4595 |
+index ad96164..00ed9c1 100644 |
4596 |
+--- a/drivers/net/usb/ipheth.c |
4597 |
++++ b/drivers/net/usb/ipheth.c |
4598 |
+@@ -59,6 +59,7 @@ |
4599 |
+ #define USB_PRODUCT_IPHONE_3G 0x1292 |
4600 |
+ #define USB_PRODUCT_IPHONE_3GS 0x1294 |
4601 |
+ #define USB_PRODUCT_IPHONE_4 0x1297 |
4602 |
++#define USB_PRODUCT_IPAD 0x129a |
4603 |
+ #define USB_PRODUCT_IPHONE_4_VZW 0x129c |
4604 |
+ #define USB_PRODUCT_IPHONE_4S 0x12a0 |
4605 |
+ |
4606 |
+@@ -101,6 +102,10 @@ static struct usb_device_id ipheth_table[] = { |
4607 |
+ IPHETH_USBINTF_CLASS, IPHETH_USBINTF_SUBCLASS, |
4608 |
+ IPHETH_USBINTF_PROTO) }, |
4609 |
+ { USB_DEVICE_AND_INTERFACE_INFO( |
4610 |
++ USB_VENDOR_APPLE, USB_PRODUCT_IPAD, |
4611 |
++ IPHETH_USBINTF_CLASS, IPHETH_USBINTF_SUBCLASS, |
4612 |
++ IPHETH_USBINTF_PROTO) }, |
4613 |
++ { USB_DEVICE_AND_INTERFACE_INFO( |
4614 |
+ USB_VENDOR_APPLE, USB_PRODUCT_IPHONE_4_VZW, |
4615 |
+ IPHETH_USBINTF_CLASS, IPHETH_USBINTF_SUBCLASS, |
4616 |
+ IPHETH_USBINTF_PROTO) }, |
4617 |
+diff --git a/drivers/net/wireless/brcm80211/brcmsmac/main.c b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
4618 |
+index 833cbef..8a40ff9 100644 |
4619 |
+--- a/drivers/net/wireless/brcm80211/brcmsmac/main.c |
4620 |
++++ b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
4621 |
+@@ -900,8 +900,7 @@ brcms_c_dotxstatus(struct brcms_c_info *wlc, struct tx_status *txs) |
4622 |
+ */ |
4623 |
+ if (!(txs->status & TX_STATUS_AMPDU) |
4624 |
+ && (txs->status & TX_STATUS_INTERMEDIATE)) { |
4625 |
+- wiphy_err(wlc->wiphy, "%s: INTERMEDIATE but not AMPDU\n", |
4626 |
+- __func__); |
4627 |
++ BCMMSG(wlc->wiphy, "INTERMEDIATE but not AMPDU\n"); |
4628 |
+ return false; |
4629 |
+ } |
4630 |
+ |
4631 |
+diff --git a/drivers/net/wireless/ipw2x00/ipw.h b/drivers/net/wireless/ipw2x00/ipw.h |
4632 |
+new file mode 100644 |
4633 |
+index 0000000..4007bf5 |
4634 |
+--- /dev/null |
4635 |
++++ b/drivers/net/wireless/ipw2x00/ipw.h |
4636 |
+@@ -0,0 +1,23 @@ |
4637 |
++/* |
4638 |
++ * Intel Pro/Wireless 2100, 2200BG, 2915ABG network connection driver |
4639 |
++ * |
4640 |
++ * Copyright 2012 Stanislav Yakovlev <stas.yakovlev@×××××.com> |
4641 |
++ * |
4642 |
++ * This program is free software; you can redistribute it and/or modify |
4643 |
++ * it under the terms of the GNU General Public License version 2 as |
4644 |
++ * published by the Free Software Foundation. |
4645 |
++ */ |
4646 |
++ |
4647 |
++#ifndef __IPW_H__ |
4648 |
++#define __IPW_H__ |
4649 |
++ |
4650 |
++#include <linux/ieee80211.h> |
4651 |
++ |
4652 |
++static const u32 ipw_cipher_suites[] = { |
4653 |
++ WLAN_CIPHER_SUITE_WEP40, |
4654 |
++ WLAN_CIPHER_SUITE_WEP104, |
4655 |
++ WLAN_CIPHER_SUITE_TKIP, |
4656 |
++ WLAN_CIPHER_SUITE_CCMP, |
4657 |
++}; |
4658 |
++ |
4659 |
++#endif |
4660 |
+diff --git a/drivers/net/wireless/ipw2x00/ipw2100.c b/drivers/net/wireless/ipw2x00/ipw2100.c |
4661 |
+index 127e9c6..10862d4 100644 |
4662 |
+--- a/drivers/net/wireless/ipw2x00/ipw2100.c |
4663 |
++++ b/drivers/net/wireless/ipw2x00/ipw2100.c |
4664 |
+@@ -166,6 +166,7 @@ that only one external action is invoked at a time. |
4665 |
+ #include <net/lib80211.h> |
4666 |
+ |
4667 |
+ #include "ipw2100.h" |
4668 |
++#include "ipw.h" |
4669 |
+ |
4670 |
+ #define IPW2100_VERSION "git-1.2.2" |
4671 |
+ |
4672 |
+@@ -1955,6 +1956,9 @@ static int ipw2100_wdev_init(struct net_device *dev) |
4673 |
+ wdev->wiphy->bands[IEEE80211_BAND_2GHZ] = bg_band; |
4674 |
+ } |
4675 |
+ |
4676 |
++ wdev->wiphy->cipher_suites = ipw_cipher_suites; |
4677 |
++ wdev->wiphy->n_cipher_suites = ARRAY_SIZE(ipw_cipher_suites); |
4678 |
++ |
4679 |
+ set_wiphy_dev(wdev->wiphy, &priv->pci_dev->dev); |
4680 |
+ if (wiphy_register(wdev->wiphy)) { |
4681 |
+ ipw2100_down(priv); |
4682 |
+diff --git a/drivers/net/wireless/ipw2x00/ipw2200.c b/drivers/net/wireless/ipw2x00/ipw2200.c |
4683 |
+index 827889b..56bd370 100644 |
4684 |
+--- a/drivers/net/wireless/ipw2x00/ipw2200.c |
4685 |
++++ b/drivers/net/wireless/ipw2x00/ipw2200.c |
4686 |
+@@ -34,6 +34,7 @@ |
4687 |
+ #include <linux/slab.h> |
4688 |
+ #include <net/cfg80211-wext.h> |
4689 |
+ #include "ipw2200.h" |
4690 |
++#include "ipw.h" |
4691 |
+ |
4692 |
+ |
4693 |
+ #ifndef KBUILD_EXTMOD |
4694 |
+@@ -11535,6 +11536,9 @@ static int ipw_wdev_init(struct net_device *dev) |
4695 |
+ wdev->wiphy->bands[IEEE80211_BAND_5GHZ] = a_band; |
4696 |
+ } |
4697 |
+ |
4698 |
++ wdev->wiphy->cipher_suites = ipw_cipher_suites; |
4699 |
++ wdev->wiphy->n_cipher_suites = ARRAY_SIZE(ipw_cipher_suites); |
4700 |
++ |
4701 |
+ set_wiphy_dev(wdev->wiphy, &priv->pci_dev->dev); |
4702 |
+ |
4703 |
+ /* With that information in place, we can now register the wiphy... */ |
4704 |
+diff --git a/drivers/net/wireless/iwlegacy/iwl-4965-sta.c b/drivers/net/wireless/iwlegacy/iwl-4965-sta.c |
4705 |
+index a262c23..0116ca8 100644 |
4706 |
+--- a/drivers/net/wireless/iwlegacy/iwl-4965-sta.c |
4707 |
++++ b/drivers/net/wireless/iwlegacy/iwl-4965-sta.c |
4708 |
+@@ -466,7 +466,7 @@ int iwl4965_remove_dynamic_key(struct iwl_priv *priv, |
4709 |
+ return 0; |
4710 |
+ } |
4711 |
+ |
4712 |
+- if (priv->stations[sta_id].sta.key.key_offset == WEP_INVALID_OFFSET) { |
4713 |
++ if (priv->stations[sta_id].sta.key.key_flags & STA_KEY_FLG_INVALID) { |
4714 |
+ IWL_WARN(priv, "Removing wrong key %d 0x%x\n", |
4715 |
+ keyconf->keyidx, key_flags); |
4716 |
+ spin_unlock_irqrestore(&priv->sta_lock, flags); |
4717 |
+@@ -483,7 +483,7 @@ int iwl4965_remove_dynamic_key(struct iwl_priv *priv, |
4718 |
+ sizeof(struct iwl4965_keyinfo)); |
4719 |
+ priv->stations[sta_id].sta.key.key_flags = |
4720 |
+ STA_KEY_FLG_NO_ENC | STA_KEY_FLG_INVALID; |
4721 |
+- priv->stations[sta_id].sta.key.key_offset = WEP_INVALID_OFFSET; |
4722 |
++ priv->stations[sta_id].sta.key.key_offset = keyconf->hw_key_idx; |
4723 |
+ priv->stations[sta_id].sta.sta.modify_mask = STA_MODIFY_KEY_MASK; |
4724 |
+ priv->stations[sta_id].sta.mode = STA_CONTROL_MODIFY_MSK; |
4725 |
+ |
4726 |
+diff --git a/drivers/net/wireless/iwlegacy/iwl-core.c b/drivers/net/wireless/iwlegacy/iwl-core.c |
4727 |
+index 2bd5659..1bb64c9 100644 |
4728 |
+--- a/drivers/net/wireless/iwlegacy/iwl-core.c |
4729 |
++++ b/drivers/net/wireless/iwlegacy/iwl-core.c |
4730 |
+@@ -1884,14 +1884,12 @@ void iwl_legacy_bg_watchdog(unsigned long data) |
4731 |
+ return; |
4732 |
+ |
4733 |
+ /* monitor and check for other stuck queues */ |
4734 |
+- if (iwl_legacy_is_any_associated(priv)) { |
4735 |
+- for (cnt = 0; cnt < priv->hw_params.max_txq_num; cnt++) { |
4736 |
+- /* skip as we already checked the command queue */ |
4737 |
+- if (cnt == priv->cmd_queue) |
4738 |
+- continue; |
4739 |
+- if (iwl_legacy_check_stuck_queue(priv, cnt)) |
4740 |
+- return; |
4741 |
+- } |
4742 |
++ for (cnt = 0; cnt < priv->hw_params.max_txq_num; cnt++) { |
4743 |
++ /* skip as we already checked the command queue */ |
4744 |
++ if (cnt == priv->cmd_queue) |
4745 |
++ continue; |
4746 |
++ if (iwl_legacy_check_stuck_queue(priv, cnt)) |
4747 |
++ return; |
4748 |
+ } |
4749 |
+ |
4750 |
+ mod_timer(&priv->watchdog, jiffies + |
4751 |
+diff --git a/drivers/net/wireless/rt2x00/rt2x00usb.c b/drivers/net/wireless/rt2x00/rt2x00usb.c |
4752 |
+index 1e31050..ba28807 100644 |
4753 |
+--- a/drivers/net/wireless/rt2x00/rt2x00usb.c |
4754 |
++++ b/drivers/net/wireless/rt2x00/rt2x00usb.c |
4755 |
+@@ -426,8 +426,8 @@ void rt2x00usb_kick_queue(struct data_queue *queue) |
4756 |
+ case QID_RX: |
4757 |
+ if (!rt2x00queue_full(queue)) |
4758 |
+ rt2x00queue_for_each_entry(queue, |
4759 |
+- Q_INDEX_DONE, |
4760 |
+ Q_INDEX, |
4761 |
++ Q_INDEX_DONE, |
4762 |
+ NULL, |
4763 |
+ rt2x00usb_kick_rx_entry); |
4764 |
+ break; |
4765 |
+diff --git a/drivers/net/wireless/rtl818x/rtl8187/leds.c b/drivers/net/wireless/rtl818x/rtl8187/leds.c |
4766 |
+index 2e0de2f..c2d5b49 100644 |
4767 |
+--- a/drivers/net/wireless/rtl818x/rtl8187/leds.c |
4768 |
++++ b/drivers/net/wireless/rtl818x/rtl8187/leds.c |
4769 |
+@@ -117,7 +117,7 @@ static void rtl8187_led_brightness_set(struct led_classdev *led_dev, |
4770 |
+ radio_on = true; |
4771 |
+ } else if (radio_on) { |
4772 |
+ radio_on = false; |
4773 |
+- cancel_delayed_work_sync(&priv->led_on); |
4774 |
++ cancel_delayed_work(&priv->led_on); |
4775 |
+ ieee80211_queue_delayed_work(hw, &priv->led_off, 0); |
4776 |
+ } |
4777 |
+ } else if (radio_on) { |
4778 |
+diff --git a/drivers/pci/pci-driver.c b/drivers/pci/pci-driver.c |
4779 |
+index 12d1e81..d024f83 100644 |
4780 |
+--- a/drivers/pci/pci-driver.c |
4781 |
++++ b/drivers/pci/pci-driver.c |
4782 |
+@@ -742,6 +742,18 @@ static int pci_pm_suspend_noirq(struct device *dev) |
4783 |
+ |
4784 |
+ pci_pm_set_unknown_state(pci_dev); |
4785 |
+ |
4786 |
++ /* |
4787 |
++ * Some BIOSes from ASUS have a bug: If a USB EHCI host controller's |
4788 |
++ * PCI COMMAND register isn't 0, the BIOS assumes that the controller |
4789 |
++ * hasn't been quiesced and tries to turn it off. If the controller |
4790 |
++ * is already in D3, this can hang or cause memory corruption. |
4791 |
++ * |
4792 |
++ * Since the value of the COMMAND register doesn't matter once the |
4793 |
++ * device has been suspended, we can safely set it to 0 here. |
4794 |
++ */ |
4795 |
++ if (pci_dev->class == PCI_CLASS_SERIAL_USB_EHCI) |
4796 |
++ pci_write_config_word(pci_dev, PCI_COMMAND, 0); |
4797 |
++ |
4798 |
+ return 0; |
4799 |
+ } |
4800 |
+ |
4801 |
+diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c |
4802 |
+index e5b75eb..6d4a531 100644 |
4803 |
+--- a/drivers/pci/pci.c |
4804 |
++++ b/drivers/pci/pci.c |
4805 |
+@@ -1689,11 +1689,6 @@ int pci_prepare_to_sleep(struct pci_dev *dev) |
4806 |
+ if (target_state == PCI_POWER_ERROR) |
4807 |
+ return -EIO; |
4808 |
+ |
4809 |
+- /* Some devices mustn't be in D3 during system sleep */ |
4810 |
+- if (target_state == PCI_D3hot && |
4811 |
+- (dev->dev_flags & PCI_DEV_FLAGS_NO_D3_DURING_SLEEP)) |
4812 |
+- return 0; |
4813 |
+- |
4814 |
+ pci_enable_wake(dev, target_state, device_may_wakeup(&dev->dev)); |
4815 |
+ |
4816 |
+ error = pci_set_power_state(dev, target_state); |
4817 |
+diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c |
4818 |
+index 3c56fec..78fda9c 100644 |
4819 |
+--- a/drivers/pci/quirks.c |
4820 |
++++ b/drivers/pci/quirks.c |
4821 |
+@@ -2940,32 +2940,6 @@ static void __devinit disable_igfx_irq(struct pci_dev *dev) |
4822 |
+ DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x0102, disable_igfx_irq); |
4823 |
+ DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x010a, disable_igfx_irq); |
4824 |
+ |
4825 |
+-/* |
4826 |
+- * The Intel 6 Series/C200 Series chipset's EHCI controllers on many |
4827 |
+- * ASUS motherboards will cause memory corruption or a system crash |
4828 |
+- * if they are in D3 while the system is put into S3 sleep. |
4829 |
+- */ |
4830 |
+-static void __devinit asus_ehci_no_d3(struct pci_dev *dev) |
4831 |
+-{ |
4832 |
+- const char *sys_info; |
4833 |
+- static const char good_Asus_board[] = "P8Z68-V"; |
4834 |
+- |
4835 |
+- if (dev->dev_flags & PCI_DEV_FLAGS_NO_D3_DURING_SLEEP) |
4836 |
+- return; |
4837 |
+- if (dev->subsystem_vendor != PCI_VENDOR_ID_ASUSTEK) |
4838 |
+- return; |
4839 |
+- sys_info = dmi_get_system_info(DMI_BOARD_NAME); |
4840 |
+- if (sys_info && memcmp(sys_info, good_Asus_board, |
4841 |
+- sizeof(good_Asus_board) - 1) == 0) |
4842 |
+- return; |
4843 |
+- |
4844 |
+- dev_info(&dev->dev, "broken D3 during system sleep on ASUS\n"); |
4845 |
+- dev->dev_flags |= PCI_DEV_FLAGS_NO_D3_DURING_SLEEP; |
4846 |
+- device_set_wakeup_capable(&dev->dev, false); |
4847 |
+-} |
4848 |
+-DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x1c26, asus_ehci_no_d3); |
4849 |
+-DECLARE_PCI_FIXUP_FINAL(PCI_VENDOR_ID_INTEL, 0x1c2d, asus_ehci_no_d3); |
4850 |
+- |
4851 |
+ static void pci_do_fixups(struct pci_dev *dev, struct pci_fixup *f, |
4852 |
+ struct pci_fixup *end) |
4853 |
+ { |
4854 |
+diff --git a/drivers/platform/x86/intel_ips.c b/drivers/platform/x86/intel_ips.c |
4855 |
+index 809a3ae..b46ec11 100644 |
4856 |
+--- a/drivers/platform/x86/intel_ips.c |
4857 |
++++ b/drivers/platform/x86/intel_ips.c |
4858 |
+@@ -72,6 +72,7 @@ |
4859 |
+ #include <linux/string.h> |
4860 |
+ #include <linux/tick.h> |
4861 |
+ #include <linux/timer.h> |
4862 |
++#include <linux/dmi.h> |
4863 |
+ #include <drm/i915_drm.h> |
4864 |
+ #include <asm/msr.h> |
4865 |
+ #include <asm/processor.h> |
4866 |
+@@ -1505,6 +1506,24 @@ static DEFINE_PCI_DEVICE_TABLE(ips_id_table) = { |
4867 |
+ |
4868 |
+ MODULE_DEVICE_TABLE(pci, ips_id_table); |
4869 |
+ |
4870 |
++static int ips_blacklist_callback(const struct dmi_system_id *id) |
4871 |
++{ |
4872 |
++ pr_info("Blacklisted intel_ips for %s\n", id->ident); |
4873 |
++ return 1; |
4874 |
++} |
4875 |
++ |
4876 |
++static const struct dmi_system_id ips_blacklist[] = { |
4877 |
++ { |
4878 |
++ .callback = ips_blacklist_callback, |
4879 |
++ .ident = "HP ProBook", |
4880 |
++ .matches = { |
4881 |
++ DMI_MATCH(DMI_SYS_VENDOR, "Hewlett-Packard"), |
4882 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "HP ProBook"), |
4883 |
++ }, |
4884 |
++ }, |
4885 |
++ { } /* terminating entry */ |
4886 |
++}; |
4887 |
++ |
4888 |
+ static int ips_probe(struct pci_dev *dev, const struct pci_device_id *id) |
4889 |
+ { |
4890 |
+ u64 platform_info; |
4891 |
+@@ -1514,6 +1533,9 @@ static int ips_probe(struct pci_dev *dev, const struct pci_device_id *id) |
4892 |
+ u16 htshi, trc, trc_required_mask; |
4893 |
+ u8 tse; |
4894 |
+ |
4895 |
++ if (dmi_check_system(ips_blacklist)) |
4896 |
++ return -ENODEV; |
4897 |
++ |
4898 |
+ ips = kzalloc(sizeof(struct ips_driver), GFP_KERNEL); |
4899 |
+ if (!ips) |
4900 |
+ return -ENOMEM; |
4901 |
+diff --git a/drivers/platform/x86/samsung-laptop.c b/drivers/platform/x86/samsung-laptop.c |
4902 |
+index 09e26bf..af1e296 100644 |
4903 |
+--- a/drivers/platform/x86/samsung-laptop.c |
4904 |
++++ b/drivers/platform/x86/samsung-laptop.c |
4905 |
+@@ -540,245 +540,34 @@ static DEVICE_ATTR(performance_level, S_IWUSR | S_IRUGO, |
4906 |
+ get_performance_level, set_performance_level); |
4907 |
+ |
4908 |
+ |
4909 |
+-static int __init dmi_check_cb(const struct dmi_system_id *id) |
4910 |
+-{ |
4911 |
+- pr_info("found laptop model '%s'\n", |
4912 |
+- id->ident); |
4913 |
+- return 1; |
4914 |
+-} |
4915 |
+- |
4916 |
+ static struct dmi_system_id __initdata samsung_dmi_table[] = { |
4917 |
+ { |
4918 |
+- .ident = "N128", |
4919 |
+- .matches = { |
4920 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
4921 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
4922 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N128"), |
4923 |
+- DMI_MATCH(DMI_BOARD_NAME, "N128"), |
4924 |
+- }, |
4925 |
+- .callback = dmi_check_cb, |
4926 |
+- }, |
4927 |
+- { |
4928 |
+- .ident = "N130", |
4929 |
+ .matches = { |
4930 |
+ DMI_MATCH(DMI_SYS_VENDOR, |
4931 |
+ "SAMSUNG ELECTRONICS CO., LTD."), |
4932 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N130"), |
4933 |
+- DMI_MATCH(DMI_BOARD_NAME, "N130"), |
4934 |
++ DMI_MATCH(DMI_CHASSIS_TYPE, "8"), /* Portable */ |
4935 |
+ }, |
4936 |
+- .callback = dmi_check_cb, |
4937 |
+ }, |
4938 |
+ { |
4939 |
+- .ident = "N510", |
4940 |
+ .matches = { |
4941 |
+ DMI_MATCH(DMI_SYS_VENDOR, |
4942 |
+ "SAMSUNG ELECTRONICS CO., LTD."), |
4943 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N510"), |
4944 |
+- DMI_MATCH(DMI_BOARD_NAME, "N510"), |
4945 |
++ DMI_MATCH(DMI_CHASSIS_TYPE, "9"), /* Laptop */ |
4946 |
+ }, |
4947 |
+- .callback = dmi_check_cb, |
4948 |
+ }, |
4949 |
+ { |
4950 |
+- .ident = "X125", |
4951 |
+ .matches = { |
4952 |
+ DMI_MATCH(DMI_SYS_VENDOR, |
4953 |
+ "SAMSUNG ELECTRONICS CO., LTD."), |
4954 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "X125"), |
4955 |
+- DMI_MATCH(DMI_BOARD_NAME, "X125"), |
4956 |
++ DMI_MATCH(DMI_CHASSIS_TYPE, "10"), /* Notebook */ |
4957 |
+ }, |
4958 |
+- .callback = dmi_check_cb, |
4959 |
+ }, |
4960 |
+ { |
4961 |
+- .ident = "X120/X170", |
4962 |
+ .matches = { |
4963 |
+ DMI_MATCH(DMI_SYS_VENDOR, |
4964 |
+ "SAMSUNG ELECTRONICS CO., LTD."), |
4965 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "X120/X170"), |
4966 |
+- DMI_MATCH(DMI_BOARD_NAME, "X120/X170"), |
4967 |
+- }, |
4968 |
+- .callback = dmi_check_cb, |
4969 |
+- }, |
4970 |
+- { |
4971 |
+- .ident = "NC10", |
4972 |
+- .matches = { |
4973 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
4974 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
4975 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "NC10"), |
4976 |
+- DMI_MATCH(DMI_BOARD_NAME, "NC10"), |
4977 |
+- }, |
4978 |
+- .callback = dmi_check_cb, |
4979 |
+- }, |
4980 |
+- { |
4981 |
+- .ident = "NP-Q45", |
4982 |
+- .matches = { |
4983 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
4984 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
4985 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "SQ45S70S"), |
4986 |
+- DMI_MATCH(DMI_BOARD_NAME, "SQ45S70S"), |
4987 |
+- }, |
4988 |
+- .callback = dmi_check_cb, |
4989 |
+- }, |
4990 |
+- { |
4991 |
+- .ident = "X360", |
4992 |
+- .matches = { |
4993 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
4994 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
4995 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "X360"), |
4996 |
+- DMI_MATCH(DMI_BOARD_NAME, "X360"), |
4997 |
+- }, |
4998 |
+- .callback = dmi_check_cb, |
4999 |
+- }, |
5000 |
+- { |
5001 |
+- .ident = "R410 Plus", |
5002 |
+- .matches = { |
5003 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5004 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5005 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R410P"), |
5006 |
+- DMI_MATCH(DMI_BOARD_NAME, "R460"), |
5007 |
+- }, |
5008 |
+- .callback = dmi_check_cb, |
5009 |
+- }, |
5010 |
+- { |
5011 |
+- .ident = "R518", |
5012 |
+- .matches = { |
5013 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5014 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5015 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R518"), |
5016 |
+- DMI_MATCH(DMI_BOARD_NAME, "R518"), |
5017 |
+- }, |
5018 |
+- .callback = dmi_check_cb, |
5019 |
+- }, |
5020 |
+- { |
5021 |
+- .ident = "R519/R719", |
5022 |
+- .matches = { |
5023 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5024 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5025 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R519/R719"), |
5026 |
+- DMI_MATCH(DMI_BOARD_NAME, "R519/R719"), |
5027 |
+- }, |
5028 |
+- .callback = dmi_check_cb, |
5029 |
+- }, |
5030 |
+- { |
5031 |
+- .ident = "N150/N210/N220", |
5032 |
+- .matches = { |
5033 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5034 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5035 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N150/N210/N220"), |
5036 |
+- DMI_MATCH(DMI_BOARD_NAME, "N150/N210/N220"), |
5037 |
+- }, |
5038 |
+- .callback = dmi_check_cb, |
5039 |
+- }, |
5040 |
+- { |
5041 |
+- .ident = "N220", |
5042 |
+- .matches = { |
5043 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5044 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5045 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N220"), |
5046 |
+- DMI_MATCH(DMI_BOARD_NAME, "N220"), |
5047 |
+- }, |
5048 |
+- .callback = dmi_check_cb, |
5049 |
+- }, |
5050 |
+- { |
5051 |
+- .ident = "N150/N210/N220/N230", |
5052 |
+- .matches = { |
5053 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5054 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5055 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N150/N210/N220/N230"), |
5056 |
+- DMI_MATCH(DMI_BOARD_NAME, "N150/N210/N220/N230"), |
5057 |
+- }, |
5058 |
+- .callback = dmi_check_cb, |
5059 |
+- }, |
5060 |
+- { |
5061 |
+- .ident = "N150P/N210P/N220P", |
5062 |
+- .matches = { |
5063 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5064 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5065 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N150P/N210P/N220P"), |
5066 |
+- DMI_MATCH(DMI_BOARD_NAME, "N150P/N210P/N220P"), |
5067 |
+- }, |
5068 |
+- .callback = dmi_check_cb, |
5069 |
+- }, |
5070 |
+- { |
5071 |
+- .ident = "R700", |
5072 |
+- .matches = { |
5073 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5074 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "SR700"), |
5075 |
+- DMI_MATCH(DMI_BOARD_NAME, "SR700"), |
5076 |
+- }, |
5077 |
+- .callback = dmi_check_cb, |
5078 |
+- }, |
5079 |
+- { |
5080 |
+- .ident = "R530/R730", |
5081 |
+- .matches = { |
5082 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5083 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R530/R730"), |
5084 |
+- DMI_MATCH(DMI_BOARD_NAME, "R530/R730"), |
5085 |
+- }, |
5086 |
+- .callback = dmi_check_cb, |
5087 |
+- }, |
5088 |
+- { |
5089 |
+- .ident = "NF110/NF210/NF310", |
5090 |
+- .matches = { |
5091 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5092 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "NF110/NF210/NF310"), |
5093 |
+- DMI_MATCH(DMI_BOARD_NAME, "NF110/NF210/NF310"), |
5094 |
+- }, |
5095 |
+- .callback = dmi_check_cb, |
5096 |
+- }, |
5097 |
+- { |
5098 |
+- .ident = "N145P/N250P/N260P", |
5099 |
+- .matches = { |
5100 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5101 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "N145P/N250P/N260P"), |
5102 |
+- DMI_MATCH(DMI_BOARD_NAME, "N145P/N250P/N260P"), |
5103 |
+- }, |
5104 |
+- .callback = dmi_check_cb, |
5105 |
+- }, |
5106 |
+- { |
5107 |
+- .ident = "R70/R71", |
5108 |
+- .matches = { |
5109 |
+- DMI_MATCH(DMI_SYS_VENDOR, |
5110 |
+- "SAMSUNG ELECTRONICS CO., LTD."), |
5111 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R70/R71"), |
5112 |
+- DMI_MATCH(DMI_BOARD_NAME, "R70/R71"), |
5113 |
+- }, |
5114 |
+- .callback = dmi_check_cb, |
5115 |
+- }, |
5116 |
+- { |
5117 |
+- .ident = "P460", |
5118 |
+- .matches = { |
5119 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5120 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "P460"), |
5121 |
+- DMI_MATCH(DMI_BOARD_NAME, "P460"), |
5122 |
+- }, |
5123 |
+- .callback = dmi_check_cb, |
5124 |
+- }, |
5125 |
+- { |
5126 |
+- .ident = "R528/R728", |
5127 |
+- .matches = { |
5128 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5129 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "R528/R728"), |
5130 |
+- DMI_MATCH(DMI_BOARD_NAME, "R528/R728"), |
5131 |
+- }, |
5132 |
+- .callback = dmi_check_cb, |
5133 |
+- }, |
5134 |
+- { |
5135 |
+- .ident = "NC210/NC110", |
5136 |
+- .matches = { |
5137 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5138 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "NC210/NC110"), |
5139 |
+- DMI_MATCH(DMI_BOARD_NAME, "NC210/NC110"), |
5140 |
+- }, |
5141 |
+- .callback = dmi_check_cb, |
5142 |
+- }, |
5143 |
+- { |
5144 |
+- .ident = "X520", |
5145 |
+- .matches = { |
5146 |
+- DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD."), |
5147 |
+- DMI_MATCH(DMI_PRODUCT_NAME, "X520"), |
5148 |
+- DMI_MATCH(DMI_BOARD_NAME, "X520"), |
5149 |
++ DMI_MATCH(DMI_CHASSIS_TYPE, "14"), /* Sub-Notebook */ |
5150 |
+ }, |
5151 |
+- .callback = dmi_check_cb, |
5152 |
+ }, |
5153 |
+ { }, |
5154 |
+ }; |
5155 |
+@@ -819,7 +608,8 @@ static int __init samsung_init(void) |
5156 |
+ |
5157 |
+ f0000_segment = ioremap_nocache(0xf0000, 0xffff); |
5158 |
+ if (!f0000_segment) { |
5159 |
+- pr_err("Can't map the segment at 0xf0000\n"); |
5160 |
++ if (debug || force) |
5161 |
++ pr_err("Can't map the segment at 0xf0000\n"); |
5162 |
+ return -EINVAL; |
5163 |
+ } |
5164 |
+ |
5165 |
+@@ -832,7 +622,8 @@ static int __init samsung_init(void) |
5166 |
+ } |
5167 |
+ |
5168 |
+ if (loca == 0xffff) { |
5169 |
+- pr_err("This computer does not support SABI\n"); |
5170 |
++ if (debug || force) |
5171 |
++ pr_err("This computer does not support SABI\n"); |
5172 |
+ goto error_no_signature; |
5173 |
+ } |
5174 |
+ |
5175 |
+diff --git a/drivers/rtc/rtc-mxc.c b/drivers/rtc/rtc-mxc.c |
5176 |
+index 39e41fb..5160354 100644 |
5177 |
+--- a/drivers/rtc/rtc-mxc.c |
5178 |
++++ b/drivers/rtc/rtc-mxc.c |
5179 |
+@@ -191,10 +191,11 @@ static irqreturn_t mxc_rtc_interrupt(int irq, void *dev_id) |
5180 |
+ struct platform_device *pdev = dev_id; |
5181 |
+ struct rtc_plat_data *pdata = platform_get_drvdata(pdev); |
5182 |
+ void __iomem *ioaddr = pdata->ioaddr; |
5183 |
++ unsigned long flags; |
5184 |
+ u32 status; |
5185 |
+ u32 events = 0; |
5186 |
+ |
5187 |
+- spin_lock_irq(&pdata->rtc->irq_lock); |
5188 |
++ spin_lock_irqsave(&pdata->rtc->irq_lock, flags); |
5189 |
+ status = readw(ioaddr + RTC_RTCISR) & readw(ioaddr + RTC_RTCIENR); |
5190 |
+ /* clear interrupt sources */ |
5191 |
+ writew(status, ioaddr + RTC_RTCISR); |
5192 |
+@@ -217,7 +218,7 @@ static irqreturn_t mxc_rtc_interrupt(int irq, void *dev_id) |
5193 |
+ rtc_update_alarm(&pdev->dev, &pdata->g_rtc_alarm); |
5194 |
+ |
5195 |
+ rtc_update_irq(pdata->rtc, 1, events); |
5196 |
+- spin_unlock_irq(&pdata->rtc->irq_lock); |
5197 |
++ spin_unlock_irqrestore(&pdata->rtc->irq_lock, flags); |
5198 |
+ |
5199 |
+ return IRQ_HANDLED; |
5200 |
+ } |
5201 |
+diff --git a/drivers/scsi/aic94xx/aic94xx_task.c b/drivers/scsi/aic94xx/aic94xx_task.c |
5202 |
+index 532d212..393e7ce 100644 |
5203 |
+--- a/drivers/scsi/aic94xx/aic94xx_task.c |
5204 |
++++ b/drivers/scsi/aic94xx/aic94xx_task.c |
5205 |
+@@ -201,7 +201,7 @@ static void asd_get_response_tasklet(struct asd_ascb *ascb, |
5206 |
+ |
5207 |
+ if (SAS_STATUS_BUF_SIZE >= sizeof(*resp)) { |
5208 |
+ resp->frame_len = le16_to_cpu(*(__le16 *)(r+6)); |
5209 |
+- memcpy(&resp->ending_fis[0], r+16, 24); |
5210 |
++ memcpy(&resp->ending_fis[0], r+16, ATA_RESP_FIS_SIZE); |
5211 |
+ ts->buf_valid_size = sizeof(*resp); |
5212 |
+ } |
5213 |
+ } |
5214 |
+diff --git a/drivers/scsi/libsas/sas_ata.c b/drivers/scsi/libsas/sas_ata.c |
5215 |
+index db9238f..4868fc9 100644 |
5216 |
+--- a/drivers/scsi/libsas/sas_ata.c |
5217 |
++++ b/drivers/scsi/libsas/sas_ata.c |
5218 |
+@@ -112,12 +112,12 @@ static void sas_ata_task_done(struct sas_task *task) |
5219 |
+ if (stat->stat == SAS_PROTO_RESPONSE || stat->stat == SAM_STAT_GOOD || |
5220 |
+ ((stat->stat == SAM_STAT_CHECK_CONDITION && |
5221 |
+ dev->sata_dev.command_set == ATAPI_COMMAND_SET))) { |
5222 |
+- ata_tf_from_fis(resp->ending_fis, &dev->sata_dev.tf); |
5223 |
++ memcpy(dev->sata_dev.fis, resp->ending_fis, ATA_RESP_FIS_SIZE); |
5224 |
+ |
5225 |
+ if (!link->sactive) { |
5226 |
+- qc->err_mask |= ac_err_mask(dev->sata_dev.tf.command); |
5227 |
++ qc->err_mask |= ac_err_mask(dev->sata_dev.fis[2]); |
5228 |
+ } else { |
5229 |
+- link->eh_info.err_mask |= ac_err_mask(dev->sata_dev.tf.command); |
5230 |
++ link->eh_info.err_mask |= ac_err_mask(dev->sata_dev.fis[2]); |
5231 |
+ if (unlikely(link->eh_info.err_mask)) |
5232 |
+ qc->flags |= ATA_QCFLAG_FAILED; |
5233 |
+ } |
5234 |
+@@ -138,8 +138,8 @@ static void sas_ata_task_done(struct sas_task *task) |
5235 |
+ qc->flags |= ATA_QCFLAG_FAILED; |
5236 |
+ } |
5237 |
+ |
5238 |
+- dev->sata_dev.tf.feature = 0x04; /* status err */ |
5239 |
+- dev->sata_dev.tf.command = ATA_ERR; |
5240 |
++ dev->sata_dev.fis[3] = 0x04; /* status err */ |
5241 |
++ dev->sata_dev.fis[2] = ATA_ERR; |
5242 |
+ } |
5243 |
+ } |
5244 |
+ |
5245 |
+@@ -252,7 +252,7 @@ static bool sas_ata_qc_fill_rtf(struct ata_queued_cmd *qc) |
5246 |
+ { |
5247 |
+ struct domain_device *dev = qc->ap->private_data; |
5248 |
+ |
5249 |
+- memcpy(&qc->result_tf, &dev->sata_dev.tf, sizeof(qc->result_tf)); |
5250 |
++ ata_tf_from_fis(dev->sata_dev.fis, &qc->result_tf); |
5251 |
+ return true; |
5252 |
+ } |
5253 |
+ |
5254 |
+diff --git a/drivers/target/target_core_cdb.c b/drivers/target/target_core_cdb.c |
5255 |
+index 65ea65a..93b9406 100644 |
5256 |
+--- a/drivers/target/target_core_cdb.c |
5257 |
++++ b/drivers/target/target_core_cdb.c |
5258 |
+@@ -1199,7 +1199,7 @@ int target_emulate_write_same(struct se_task *task) |
5259 |
+ if (num_blocks != 0) |
5260 |
+ range = num_blocks; |
5261 |
+ else |
5262 |
+- range = (dev->transport->get_blocks(dev) - lba); |
5263 |
++ range = (dev->transport->get_blocks(dev) - lba) + 1; |
5264 |
+ |
5265 |
+ pr_debug("WRITE_SAME UNMAP: LBA: %llu Range: %llu\n", |
5266 |
+ (unsigned long long)lba, (unsigned long long)range); |
5267 |
+diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c |
5268 |
+index b75bc92..9145141 100644 |
5269 |
+--- a/drivers/target/target_core_pr.c |
5270 |
++++ b/drivers/target/target_core_pr.c |
5271 |
+@@ -2042,7 +2042,7 @@ static int __core_scsi3_write_aptpl_to_file( |
5272 |
+ if (IS_ERR(file) || !file || !file->f_dentry) { |
5273 |
+ pr_err("filp_open(%s) for APTPL metadata" |
5274 |
+ " failed\n", path); |
5275 |
+- return (PTR_ERR(file) < 0 ? PTR_ERR(file) : -ENOENT); |
5276 |
++ return IS_ERR(file) ? PTR_ERR(file) : -ENOENT; |
5277 |
+ } |
5278 |
+ |
5279 |
+ iov[0].iov_base = &buf[0]; |
5280 |
+@@ -3853,7 +3853,7 @@ int target_scsi3_emulate_pr_out(struct se_task *task) |
5281 |
+ " SPC-2 reservation is held, returning" |
5282 |
+ " RESERVATION_CONFLICT\n"); |
5283 |
+ cmd->scsi_sense_reason = TCM_RESERVATION_CONFLICT; |
5284 |
+- ret = EINVAL; |
5285 |
++ ret = -EINVAL; |
5286 |
+ goto out; |
5287 |
+ } |
5288 |
+ |
5289 |
+@@ -3863,7 +3863,8 @@ int target_scsi3_emulate_pr_out(struct se_task *task) |
5290 |
+ */ |
5291 |
+ if (!cmd->se_sess) { |
5292 |
+ cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; |
5293 |
+- return -EINVAL; |
5294 |
++ ret = -EINVAL; |
5295 |
++ goto out; |
5296 |
+ } |
5297 |
+ |
5298 |
+ if (cmd->data_length < 24) { |
5299 |
+diff --git a/drivers/target/tcm_fc/tfc_cmd.c b/drivers/target/tcm_fc/tfc_cmd.c |
5300 |
+index d95cfe2..278819c 100644 |
5301 |
+--- a/drivers/target/tcm_fc/tfc_cmd.c |
5302 |
++++ b/drivers/target/tcm_fc/tfc_cmd.c |
5303 |
+@@ -249,6 +249,8 @@ u32 ft_get_task_tag(struct se_cmd *se_cmd) |
5304 |
+ { |
5305 |
+ struct ft_cmd *cmd = container_of(se_cmd, struct ft_cmd, se_cmd); |
5306 |
+ |
5307 |
++ if (cmd->aborted) |
5308 |
++ return ~0; |
5309 |
+ return fc_seq_exch(cmd->seq)->rxid; |
5310 |
+ } |
5311 |
+ |
5312 |
+diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c |
5313 |
+index 19fb5fa..9aaed0d 100644 |
5314 |
+--- a/drivers/usb/class/cdc-wdm.c |
5315 |
++++ b/drivers/usb/class/cdc-wdm.c |
5316 |
+@@ -473,6 +473,8 @@ retry: |
5317 |
+ goto retry; |
5318 |
+ } |
5319 |
+ if (!desc->reslength) { /* zero length read */ |
5320 |
++ dev_dbg(&desc->intf->dev, "%s: zero length - clearing WDM_READ\n", __func__); |
5321 |
++ clear_bit(WDM_READ, &desc->flags); |
5322 |
+ spin_unlock_irq(&desc->iuspin); |
5323 |
+ goto retry; |
5324 |
+ } |
5325 |
+diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c |
5326 |
+index 52d27ed..175b6bb 100644 |
5327 |
+--- a/drivers/usb/core/hub.c |
5328 |
++++ b/drivers/usb/core/hub.c |
5329 |
+@@ -2039,12 +2039,16 @@ static unsigned hub_is_wusb(struct usb_hub *hub) |
5330 |
+ static int hub_port_reset(struct usb_hub *hub, int port1, |
5331 |
+ struct usb_device *udev, unsigned int delay, bool warm); |
5332 |
+ |
5333 |
+-/* Is a USB 3.0 port in the Inactive state? */ |
5334 |
+-static bool hub_port_inactive(struct usb_hub *hub, u16 portstatus) |
5335 |
++/* Is a USB 3.0 port in the Inactive or Complinance Mode state? |
5336 |
++ * Port worm reset is required to recover |
5337 |
++ */ |
5338 |
++static bool hub_port_warm_reset_required(struct usb_hub *hub, u16 portstatus) |
5339 |
+ { |
5340 |
+ return hub_is_superspeed(hub->hdev) && |
5341 |
+- (portstatus & USB_PORT_STAT_LINK_STATE) == |
5342 |
+- USB_SS_PORT_LS_SS_INACTIVE; |
5343 |
++ (((portstatus & USB_PORT_STAT_LINK_STATE) == |
5344 |
++ USB_SS_PORT_LS_SS_INACTIVE) || |
5345 |
++ ((portstatus & USB_PORT_STAT_LINK_STATE) == |
5346 |
++ USB_SS_PORT_LS_COMP_MOD)) ; |
5347 |
+ } |
5348 |
+ |
5349 |
+ static int hub_port_wait_reset(struct usb_hub *hub, int port1, |
5350 |
+@@ -2080,7 +2084,7 @@ static int hub_port_wait_reset(struct usb_hub *hub, int port1, |
5351 |
+ * |
5352 |
+ * See https://bugzilla.kernel.org/show_bug.cgi?id=41752 |
5353 |
+ */ |
5354 |
+- if (hub_port_inactive(hub, portstatus)) { |
5355 |
++ if (hub_port_warm_reset_required(hub, portstatus)) { |
5356 |
+ int ret; |
5357 |
+ |
5358 |
+ if ((portchange & USB_PORT_STAT_C_CONNECTION)) |
5359 |
+@@ -3646,9 +3650,7 @@ static void hub_events(void) |
5360 |
+ /* Warm reset a USB3 protocol port if it's in |
5361 |
+ * SS.Inactive state. |
5362 |
+ */ |
5363 |
+- if (hub_is_superspeed(hub->hdev) && |
5364 |
+- (portstatus & USB_PORT_STAT_LINK_STATE) |
5365 |
+- == USB_SS_PORT_LS_SS_INACTIVE) { |
5366 |
++ if (hub_port_warm_reset_required(hub, portstatus)) { |
5367 |
+ dev_dbg(hub_dev, "warm reset port %d\n", i); |
5368 |
+ hub_port_reset(hub, i, NULL, |
5369 |
+ HUB_BH_RESET_TIME, true); |
5370 |
+diff --git a/drivers/usb/host/xhci-hub.c b/drivers/usb/host/xhci-hub.c |
5371 |
+index a8b2980..fd8a2c2 100644 |
5372 |
+--- a/drivers/usb/host/xhci-hub.c |
5373 |
++++ b/drivers/usb/host/xhci-hub.c |
5374 |
+@@ -438,6 +438,42 @@ void xhci_test_and_clear_bit(struct xhci_hcd *xhci, __le32 __iomem **port_array, |
5375 |
+ } |
5376 |
+ } |
5377 |
+ |
5378 |
++/* Updates Link Status for super Speed port */ |
5379 |
++static void xhci_hub_report_link_state(u32 *status, u32 status_reg) |
5380 |
++{ |
5381 |
++ u32 pls = status_reg & PORT_PLS_MASK; |
5382 |
++ |
5383 |
++ /* resume state is a xHCI internal state. |
5384 |
++ * Do not report it to usb core. |
5385 |
++ */ |
5386 |
++ if (pls == XDEV_RESUME) |
5387 |
++ return; |
5388 |
++ |
5389 |
++ /* When the CAS bit is set then warm reset |
5390 |
++ * should be performed on port |
5391 |
++ */ |
5392 |
++ if (status_reg & PORT_CAS) { |
5393 |
++ /* The CAS bit can be set while the port is |
5394 |
++ * in any link state. |
5395 |
++ * Only roothubs have CAS bit, so we |
5396 |
++ * pretend to be in compliance mode |
5397 |
++ * unless we're already in compliance |
5398 |
++ * or the inactive state. |
5399 |
++ */ |
5400 |
++ if (pls != USB_SS_PORT_LS_COMP_MOD && |
5401 |
++ pls != USB_SS_PORT_LS_SS_INACTIVE) { |
5402 |
++ pls = USB_SS_PORT_LS_COMP_MOD; |
5403 |
++ } |
5404 |
++ /* Return also connection bit - |
5405 |
++ * hub state machine resets port |
5406 |
++ * when this bit is set. |
5407 |
++ */ |
5408 |
++ pls |= USB_PORT_STAT_CONNECTION; |
5409 |
++ } |
5410 |
++ /* update status field */ |
5411 |
++ *status |= pls; |
5412 |
++} |
5413 |
++ |
5414 |
+ int xhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
5415 |
+ u16 wIndex, char *buf, u16 wLength) |
5416 |
+ { |
5417 |
+@@ -579,13 +615,9 @@ int xhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
5418 |
+ else |
5419 |
+ status |= USB_PORT_STAT_POWER; |
5420 |
+ } |
5421 |
+- /* Port Link State */ |
5422 |
++ /* Update Port Link State for super speed ports*/ |
5423 |
+ if (hcd->speed == HCD_USB3) { |
5424 |
+- /* resume state is a xHCI internal state. |
5425 |
+- * Do not report it to usb core. |
5426 |
+- */ |
5427 |
+- if ((temp & PORT_PLS_MASK) != XDEV_RESUME) |
5428 |
+- status |= (temp & PORT_PLS_MASK); |
5429 |
++ xhci_hub_report_link_state(&status, temp); |
5430 |
+ } |
5431 |
+ if (bus_state->port_c_suspend & (1 << wIndex)) |
5432 |
+ status |= 1 << USB_PORT_FEAT_C_SUSPEND; |
5433 |
+diff --git a/drivers/usb/host/xhci.h b/drivers/usb/host/xhci.h |
5434 |
+index 363b141..7a56805 100644 |
5435 |
+--- a/drivers/usb/host/xhci.h |
5436 |
++++ b/drivers/usb/host/xhci.h |
5437 |
+@@ -341,7 +341,11 @@ struct xhci_op_regs { |
5438 |
+ #define PORT_PLC (1 << 22) |
5439 |
+ /* port configure error change - port failed to configure its link partner */ |
5440 |
+ #define PORT_CEC (1 << 23) |
5441 |
+-/* bit 24 reserved */ |
5442 |
++/* Cold Attach Status - xHC can set this bit to report device attached during |
5443 |
++ * Sx state. Warm port reset should be perfomed to clear this bit and move port |
5444 |
++ * to connected state. |
5445 |
++ */ |
5446 |
++#define PORT_CAS (1 << 24) |
5447 |
+ /* wake on connect (enable) */ |
5448 |
+ #define PORT_WKCONN_E (1 << 25) |
5449 |
+ /* wake on disconnect (enable) */ |
5450 |
+diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
5451 |
+index 21a4734..5971c95 100644 |
5452 |
+--- a/drivers/usb/serial/option.c |
5453 |
++++ b/drivers/usb/serial/option.c |
5454 |
+@@ -496,6 +496,15 @@ static void option_instat_callback(struct urb *urb); |
5455 |
+ |
5456 |
+ /* MediaTek products */ |
5457 |
+ #define MEDIATEK_VENDOR_ID 0x0e8d |
5458 |
++#define MEDIATEK_PRODUCT_DC_1COM 0x00a0 |
5459 |
++#define MEDIATEK_PRODUCT_DC_4COM 0x00a5 |
5460 |
++#define MEDIATEK_PRODUCT_DC_5COM 0x00a4 |
5461 |
++#define MEDIATEK_PRODUCT_7208_1COM 0x7101 |
5462 |
++#define MEDIATEK_PRODUCT_7208_2COM 0x7102 |
5463 |
++#define MEDIATEK_PRODUCT_FP_1COM 0x0003 |
5464 |
++#define MEDIATEK_PRODUCT_FP_2COM 0x0023 |
5465 |
++#define MEDIATEK_PRODUCT_FPDC_1COM 0x0043 |
5466 |
++#define MEDIATEK_PRODUCT_FPDC_2COM 0x0033 |
5467 |
+ |
5468 |
+ /* Cellient products */ |
5469 |
+ #define CELLIENT_VENDOR_ID 0x2692 |
5470 |
+@@ -553,6 +562,10 @@ static const struct option_blacklist_info net_intf1_blacklist = { |
5471 |
+ .reserved = BIT(1), |
5472 |
+ }; |
5473 |
+ |
5474 |
++static const struct option_blacklist_info net_intf2_blacklist = { |
5475 |
++ .reserved = BIT(2), |
5476 |
++}; |
5477 |
++ |
5478 |
+ static const struct option_blacklist_info net_intf3_blacklist = { |
5479 |
+ .reserved = BIT(3), |
5480 |
+ }; |
5481 |
+@@ -1093,6 +1106,8 @@ static const struct usb_device_id option_ids[] = { |
5482 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1298, 0xff, 0xff, 0xff) }, |
5483 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1299, 0xff, 0xff, 0xff) }, |
5484 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1300, 0xff, 0xff, 0xff) }, |
5485 |
++ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1402, 0xff, 0xff, 0xff), |
5486 |
++ .driver_info = (kernel_ulong_t)&net_intf2_blacklist }, |
5487 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x2002, 0xff, |
5488 |
+ 0xff, 0xff), .driver_info = (kernel_ulong_t)&zte_k3765_z_blacklist }, |
5489 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x2003, 0xff, 0xff, 0xff) }, |
5490 |
+@@ -1234,6 +1249,17 @@ static const struct usb_device_id option_ids[] = { |
5491 |
+ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, 0x00a1, 0xff, 0x02, 0x01) }, |
5492 |
+ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, 0x00a2, 0xff, 0x00, 0x00) }, |
5493 |
+ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, 0x00a2, 0xff, 0x02, 0x01) }, /* MediaTek MT6276M modem & app port */ |
5494 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_1COM, 0x0a, 0x00, 0x00) }, |
5495 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_5COM, 0xff, 0x02, 0x01) }, |
5496 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_5COM, 0xff, 0x00, 0x00) }, |
5497 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_4COM, 0xff, 0x02, 0x01) }, |
5498 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_DC_4COM, 0xff, 0x00, 0x00) }, |
5499 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_7208_1COM, 0x02, 0x00, 0x00) }, |
5500 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_7208_2COM, 0x02, 0x02, 0x01) }, |
5501 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_FP_1COM, 0x0a, 0x00, 0x00) }, |
5502 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_FP_2COM, 0x0a, 0x00, 0x00) }, |
5503 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_FPDC_1COM, 0x0a, 0x00, 0x00) }, |
5504 |
++ { USB_DEVICE_AND_INTERFACE_INFO(MEDIATEK_VENDOR_ID, MEDIATEK_PRODUCT_FPDC_2COM, 0x0a, 0x00, 0x00) }, |
5505 |
+ { USB_DEVICE(CELLIENT_VENDOR_ID, CELLIENT_PRODUCT_MEN200) }, |
5506 |
+ { } /* Terminating entry */ |
5507 |
+ }; |
5508 |
+diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c |
5509 |
+index c14c42b..ae66278 100644 |
5510 |
+--- a/drivers/vhost/vhost.c |
5511 |
++++ b/drivers/vhost/vhost.c |
5512 |
+@@ -222,6 +222,8 @@ static int vhost_worker(void *data) |
5513 |
+ if (work) { |
5514 |
+ __set_current_state(TASK_RUNNING); |
5515 |
+ work->fn(work); |
5516 |
++ if (need_resched()) |
5517 |
++ schedule(); |
5518 |
+ } else |
5519 |
+ schedule(); |
5520 |
+ |
5521 |
+diff --git a/fs/buffer.c b/fs/buffer.c |
5522 |
+index c807931..4115eca 100644 |
5523 |
+--- a/fs/buffer.c |
5524 |
++++ b/fs/buffer.c |
5525 |
+@@ -1087,6 +1087,9 @@ grow_buffers(struct block_device *bdev, sector_t block, int size) |
5526 |
+ static struct buffer_head * |
5527 |
+ __getblk_slow(struct block_device *bdev, sector_t block, int size) |
5528 |
+ { |
5529 |
++ int ret; |
5530 |
++ struct buffer_head *bh; |
5531 |
++ |
5532 |
+ /* Size must be multiple of hard sectorsize */ |
5533 |
+ if (unlikely(size & (bdev_logical_block_size(bdev)-1) || |
5534 |
+ (size < 512 || size > PAGE_SIZE))) { |
5535 |
+@@ -1099,20 +1102,21 @@ __getblk_slow(struct block_device *bdev, sector_t block, int size) |
5536 |
+ return NULL; |
5537 |
+ } |
5538 |
+ |
5539 |
+- for (;;) { |
5540 |
+- struct buffer_head * bh; |
5541 |
+- int ret; |
5542 |
++retry: |
5543 |
++ bh = __find_get_block(bdev, block, size); |
5544 |
++ if (bh) |
5545 |
++ return bh; |
5546 |
+ |
5547 |
++ ret = grow_buffers(bdev, block, size); |
5548 |
++ if (ret == 0) { |
5549 |
++ free_more_memory(); |
5550 |
++ goto retry; |
5551 |
++ } else if (ret > 0) { |
5552 |
+ bh = __find_get_block(bdev, block, size); |
5553 |
+ if (bh) |
5554 |
+ return bh; |
5555 |
+- |
5556 |
+- ret = grow_buffers(bdev, block, size); |
5557 |
+- if (ret < 0) |
5558 |
+- return NULL; |
5559 |
+- if (ret == 0) |
5560 |
+- free_more_memory(); |
5561 |
+ } |
5562 |
++ return NULL; |
5563 |
+ } |
5564 |
+ |
5565 |
+ /* |
5566 |
+diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c |
5567 |
+index b21670c..56c152d 100644 |
5568 |
+--- a/fs/cifs/connect.c |
5569 |
++++ b/fs/cifs/connect.c |
5570 |
+@@ -2925,6 +2925,18 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info, |
5571 |
+ #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024) |
5572 |
+ #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536) |
5573 |
+ |
5574 |
++/* |
5575 |
++ * On hosts with high memory, we can't currently support wsize/rsize that are |
5576 |
++ * larger than we can kmap at once. Cap the rsize/wsize at |
5577 |
++ * LAST_PKMAP * PAGE_SIZE. We'll never be able to fill a read or write request |
5578 |
++ * larger than that anyway. |
5579 |
++ */ |
5580 |
++#ifdef CONFIG_HIGHMEM |
5581 |
++#define CIFS_KMAP_SIZE_LIMIT (LAST_PKMAP * PAGE_CACHE_SIZE) |
5582 |
++#else /* CONFIG_HIGHMEM */ |
5583 |
++#define CIFS_KMAP_SIZE_LIMIT (1<<24) |
5584 |
++#endif /* CONFIG_HIGHMEM */ |
5585 |
++ |
5586 |
+ static unsigned int |
5587 |
+ cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info) |
5588 |
+ { |
5589 |
+@@ -2955,6 +2967,9 @@ cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info) |
5590 |
+ wsize = min_t(unsigned int, wsize, |
5591 |
+ server->maxBuf - sizeof(WRITE_REQ) + 4); |
5592 |
+ |
5593 |
++ /* limit to the amount that we can kmap at once */ |
5594 |
++ wsize = min_t(unsigned int, wsize, CIFS_KMAP_SIZE_LIMIT); |
5595 |
++ |
5596 |
+ /* hard limit of CIFS_MAX_WSIZE */ |
5597 |
+ wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE); |
5598 |
+ |
5599 |
+@@ -2996,6 +3011,9 @@ cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info) |
5600 |
+ if (!(server->capabilities & CAP_LARGE_READ_X)) |
5601 |
+ rsize = min_t(unsigned int, CIFSMaxBufSize, rsize); |
5602 |
+ |
5603 |
++ /* limit to the amount that we can kmap at once */ |
5604 |
++ rsize = min_t(unsigned int, rsize, CIFS_KMAP_SIZE_LIMIT); |
5605 |
++ |
5606 |
+ /* hard limit of CIFS_MAX_RSIZE */ |
5607 |
+ rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE); |
5608 |
+ |
5609 |
+diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c |
5610 |
+index db4a138..4c37ed4 100644 |
5611 |
+--- a/fs/cifs/readdir.c |
5612 |
++++ b/fs/cifs/readdir.c |
5613 |
+@@ -86,9 +86,12 @@ cifs_readdir_lookup(struct dentry *parent, struct qstr *name, |
5614 |
+ |
5615 |
+ dentry = d_lookup(parent, name); |
5616 |
+ if (dentry) { |
5617 |
+- /* FIXME: check for inode number changes? */ |
5618 |
+- if (dentry->d_inode != NULL) |
5619 |
++ inode = dentry->d_inode; |
5620 |
++ /* update inode in place if i_ino didn't change */ |
5621 |
++ if (inode && CIFS_I(inode)->uniqueid == fattr->cf_uniqueid) { |
5622 |
++ cifs_fattr_to_inode(inode, fattr); |
5623 |
+ return dentry; |
5624 |
++ } |
5625 |
+ d_drop(dentry); |
5626 |
+ dput(dentry); |
5627 |
+ } |
5628 |
+diff --git a/fs/ecryptfs/kthread.c b/fs/ecryptfs/kthread.c |
5629 |
+index 69f994a..0dbe58a 100644 |
5630 |
+--- a/fs/ecryptfs/kthread.c |
5631 |
++++ b/fs/ecryptfs/kthread.c |
5632 |
+@@ -149,7 +149,7 @@ int ecryptfs_privileged_open(struct file **lower_file, |
5633 |
+ (*lower_file) = dentry_open(lower_dentry, lower_mnt, flags, cred); |
5634 |
+ if (!IS_ERR(*lower_file)) |
5635 |
+ goto out; |
5636 |
+- if (flags & O_RDONLY) { |
5637 |
++ if ((flags & O_ACCMODE) == O_RDONLY) { |
5638 |
+ rc = PTR_ERR((*lower_file)); |
5639 |
+ goto out; |
5640 |
+ } |
5641 |
+diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
5642 |
+index 0dc5a3d..de42310 100644 |
5643 |
+--- a/fs/ecryptfs/miscdev.c |
5644 |
++++ b/fs/ecryptfs/miscdev.c |
5645 |
+@@ -49,7 +49,10 @@ ecryptfs_miscdev_poll(struct file *file, poll_table *pt) |
5646 |
+ mutex_lock(&ecryptfs_daemon_hash_mux); |
5647 |
+ /* TODO: Just use file->private_data? */ |
5648 |
+ rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); |
5649 |
+- BUG_ON(rc || !daemon); |
5650 |
++ if (rc || !daemon) { |
5651 |
++ mutex_unlock(&ecryptfs_daemon_hash_mux); |
5652 |
++ return -EINVAL; |
5653 |
++ } |
5654 |
+ mutex_lock(&daemon->mux); |
5655 |
+ mutex_unlock(&ecryptfs_daemon_hash_mux); |
5656 |
+ if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { |
5657 |
+@@ -122,6 +125,7 @@ ecryptfs_miscdev_open(struct inode *inode, struct file *file) |
5658 |
+ goto out_unlock_daemon; |
5659 |
+ } |
5660 |
+ daemon->flags |= ECRYPTFS_DAEMON_MISCDEV_OPEN; |
5661 |
++ file->private_data = daemon; |
5662 |
+ atomic_inc(&ecryptfs_num_miscdev_opens); |
5663 |
+ out_unlock_daemon: |
5664 |
+ mutex_unlock(&daemon->mux); |
5665 |
+@@ -152,9 +156,9 @@ ecryptfs_miscdev_release(struct inode *inode, struct file *file) |
5666 |
+ |
5667 |
+ mutex_lock(&ecryptfs_daemon_hash_mux); |
5668 |
+ rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); |
5669 |
+- BUG_ON(rc || !daemon); |
5670 |
++ if (rc || !daemon) |
5671 |
++ daemon = file->private_data; |
5672 |
+ mutex_lock(&daemon->mux); |
5673 |
+- BUG_ON(daemon->pid != task_pid(current)); |
5674 |
+ BUG_ON(!(daemon->flags & ECRYPTFS_DAEMON_MISCDEV_OPEN)); |
5675 |
+ daemon->flags &= ~ECRYPTFS_DAEMON_MISCDEV_OPEN; |
5676 |
+ atomic_dec(&ecryptfs_num_miscdev_opens); |
5677 |
+@@ -191,31 +195,32 @@ int ecryptfs_send_miscdev(char *data, size_t data_size, |
5678 |
+ struct ecryptfs_msg_ctx *msg_ctx, u8 msg_type, |
5679 |
+ u16 msg_flags, struct ecryptfs_daemon *daemon) |
5680 |
+ { |
5681 |
+- int rc = 0; |
5682 |
++ struct ecryptfs_message *msg; |
5683 |
+ |
5684 |
+- mutex_lock(&msg_ctx->mux); |
5685 |
+- msg_ctx->msg = kmalloc((sizeof(*msg_ctx->msg) + data_size), |
5686 |
+- GFP_KERNEL); |
5687 |
+- if (!msg_ctx->msg) { |
5688 |
+- rc = -ENOMEM; |
5689 |
++ msg = kmalloc((sizeof(*msg) + data_size), GFP_KERNEL); |
5690 |
++ if (!msg) { |
5691 |
+ printk(KERN_ERR "%s: Out of memory whilst attempting " |
5692 |
+ "to kmalloc(%zd, GFP_KERNEL)\n", __func__, |
5693 |
+- (sizeof(*msg_ctx->msg) + data_size)); |
5694 |
+- goto out_unlock; |
5695 |
++ (sizeof(*msg) + data_size)); |
5696 |
++ return -ENOMEM; |
5697 |
+ } |
5698 |
++ |
5699 |
++ mutex_lock(&msg_ctx->mux); |
5700 |
++ msg_ctx->msg = msg; |
5701 |
+ msg_ctx->msg->index = msg_ctx->index; |
5702 |
+ msg_ctx->msg->data_len = data_size; |
5703 |
+ msg_ctx->type = msg_type; |
5704 |
+ memcpy(msg_ctx->msg->data, data, data_size); |
5705 |
+ msg_ctx->msg_size = (sizeof(*msg_ctx->msg) + data_size); |
5706 |
+- mutex_lock(&daemon->mux); |
5707 |
+ list_add_tail(&msg_ctx->daemon_out_list, &daemon->msg_ctx_out_queue); |
5708 |
++ mutex_unlock(&msg_ctx->mux); |
5709 |
++ |
5710 |
++ mutex_lock(&daemon->mux); |
5711 |
+ daemon->num_queued_msg_ctx++; |
5712 |
+ wake_up_interruptible(&daemon->wait); |
5713 |
+ mutex_unlock(&daemon->mux); |
5714 |
+-out_unlock: |
5715 |
+- mutex_unlock(&msg_ctx->mux); |
5716 |
+- return rc; |
5717 |
++ |
5718 |
++ return 0; |
5719 |
+ } |
5720 |
+ |
5721 |
+ /** |
5722 |
+@@ -246,8 +251,16 @@ ecryptfs_miscdev_read(struct file *file, char __user *buf, size_t count, |
5723 |
+ mutex_lock(&ecryptfs_daemon_hash_mux); |
5724 |
+ /* TODO: Just use file->private_data? */ |
5725 |
+ rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); |
5726 |
+- BUG_ON(rc || !daemon); |
5727 |
++ if (rc || !daemon) { |
5728 |
++ mutex_unlock(&ecryptfs_daemon_hash_mux); |
5729 |
++ return -EINVAL; |
5730 |
++ } |
5731 |
+ mutex_lock(&daemon->mux); |
5732 |
++ if (task_pid(current) != daemon->pid) { |
5733 |
++ mutex_unlock(&daemon->mux); |
5734 |
++ mutex_unlock(&ecryptfs_daemon_hash_mux); |
5735 |
++ return -EPERM; |
5736 |
++ } |
5737 |
+ if (daemon->flags & ECRYPTFS_DAEMON_ZOMBIE) { |
5738 |
+ rc = 0; |
5739 |
+ mutex_unlock(&ecryptfs_daemon_hash_mux); |
5740 |
+@@ -284,9 +297,6 @@ check_list: |
5741 |
+ * message from the queue; try again */ |
5742 |
+ goto check_list; |
5743 |
+ } |
5744 |
+- BUG_ON(euid != daemon->euid); |
5745 |
+- BUG_ON(current_user_ns() != daemon->user_ns); |
5746 |
+- BUG_ON(task_pid(current) != daemon->pid); |
5747 |
+ msg_ctx = list_first_entry(&daemon->msg_ctx_out_queue, |
5748 |
+ struct ecryptfs_msg_ctx, daemon_out_list); |
5749 |
+ BUG_ON(!msg_ctx); |
5750 |
+diff --git a/fs/eventpoll.c b/fs/eventpoll.c |
5751 |
+index 4d9d3a4..a6f3763 100644 |
5752 |
+--- a/fs/eventpoll.c |
5753 |
++++ b/fs/eventpoll.c |
5754 |
+@@ -1629,8 +1629,10 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd, |
5755 |
+ if (op == EPOLL_CTL_ADD) { |
5756 |
+ if (is_file_epoll(tfile)) { |
5757 |
+ error = -ELOOP; |
5758 |
+- if (ep_loop_check(ep, tfile) != 0) |
5759 |
++ if (ep_loop_check(ep, tfile) != 0) { |
5760 |
++ clear_tfile_check_list(); |
5761 |
+ goto error_tgt_fput; |
5762 |
++ } |
5763 |
+ } else |
5764 |
+ list_add(&tfile->f_tfile_llink, &tfile_check_list); |
5765 |
+ } |
5766 |
+diff --git a/fs/exofs/ore.c b/fs/exofs/ore.c |
5767 |
+index 49cf230..24a49d4 100644 |
5768 |
+--- a/fs/exofs/ore.c |
5769 |
++++ b/fs/exofs/ore.c |
5770 |
+@@ -735,13 +735,7 @@ static int _prepare_for_striping(struct ore_io_state *ios) |
5771 |
+ out: |
5772 |
+ ios->numdevs = devs_in_group; |
5773 |
+ ios->pages_consumed = cur_pg; |
5774 |
+- if (unlikely(ret)) { |
5775 |
+- if (length == ios->length) |
5776 |
+- return ret; |
5777 |
+- else |
5778 |
+- ios->length -= length; |
5779 |
+- } |
5780 |
+- return 0; |
5781 |
++ return ret; |
5782 |
+ } |
5783 |
+ |
5784 |
+ int ore_create(struct ore_io_state *ios) |
5785 |
+diff --git a/fs/exofs/ore_raid.c b/fs/exofs/ore_raid.c |
5786 |
+index d222c77..fff2070 100644 |
5787 |
+--- a/fs/exofs/ore_raid.c |
5788 |
++++ b/fs/exofs/ore_raid.c |
5789 |
+@@ -461,16 +461,12 @@ static void _mark_read4write_pages_uptodate(struct ore_io_state *ios, int ret) |
5790 |
+ * ios->sp2d[p][*], xor is calculated the same way. These pages are |
5791 |
+ * allocated/freed and don't go through cache |
5792 |
+ */ |
5793 |
+-static int _read_4_write(struct ore_io_state *ios) |
5794 |
++static int _read_4_write_first_stripe(struct ore_io_state *ios) |
5795 |
+ { |
5796 |
+- struct ore_io_state *ios_read; |
5797 |
+ struct ore_striping_info read_si; |
5798 |
+ struct __stripe_pages_2d *sp2d = ios->sp2d; |
5799 |
+ u64 offset = ios->si.first_stripe_start; |
5800 |
+- u64 last_stripe_end; |
5801 |
+- unsigned bytes_in_stripe = ios->si.bytes_in_stripe; |
5802 |
+- unsigned i, c, p, min_p = sp2d->pages_in_unit, max_p = -1; |
5803 |
+- int ret; |
5804 |
++ unsigned c, p, min_p = sp2d->pages_in_unit, max_p = -1; |
5805 |
+ |
5806 |
+ if (offset == ios->offset) /* Go to start collect $200 */ |
5807 |
+ goto read_last_stripe; |
5808 |
+@@ -478,6 +474,9 @@ static int _read_4_write(struct ore_io_state *ios) |
5809 |
+ min_p = _sp2d_min_pg(sp2d); |
5810 |
+ max_p = _sp2d_max_pg(sp2d); |
5811 |
+ |
5812 |
++ ORE_DBGMSG("stripe_start=0x%llx ios->offset=0x%llx min_p=%d max_p=%d\n", |
5813 |
++ offset, ios->offset, min_p, max_p); |
5814 |
++ |
5815 |
+ for (c = 0; ; c++) { |
5816 |
+ ore_calc_stripe_info(ios->layout, offset, 0, &read_si); |
5817 |
+ read_si.obj_offset += min_p * PAGE_SIZE; |
5818 |
+@@ -512,6 +511,18 @@ static int _read_4_write(struct ore_io_state *ios) |
5819 |
+ } |
5820 |
+ |
5821 |
+ read_last_stripe: |
5822 |
++ return 0; |
5823 |
++} |
5824 |
++ |
5825 |
++static int _read_4_write_last_stripe(struct ore_io_state *ios) |
5826 |
++{ |
5827 |
++ struct ore_striping_info read_si; |
5828 |
++ struct __stripe_pages_2d *sp2d = ios->sp2d; |
5829 |
++ u64 offset; |
5830 |
++ u64 last_stripe_end; |
5831 |
++ unsigned bytes_in_stripe = ios->si.bytes_in_stripe; |
5832 |
++ unsigned c, p, min_p = sp2d->pages_in_unit, max_p = -1; |
5833 |
++ |
5834 |
+ offset = ios->offset + ios->length; |
5835 |
+ if (offset % PAGE_SIZE) |
5836 |
+ _add_to_r4w_last_page(ios, &offset); |
5837 |
+@@ -527,15 +538,15 @@ read_last_stripe: |
5838 |
+ c = _dev_order(ios->layout->group_width * ios->layout->mirrors_p1, |
5839 |
+ ios->layout->mirrors_p1, read_si.par_dev, read_si.dev); |
5840 |
+ |
5841 |
+- BUG_ON(ios->si.first_stripe_start + bytes_in_stripe != last_stripe_end); |
5842 |
+- /* unaligned IO must be within a single stripe */ |
5843 |
+- |
5844 |
+ if (min_p == sp2d->pages_in_unit) { |
5845 |
+ /* Didn't do it yet */ |
5846 |
+ min_p = _sp2d_min_pg(sp2d); |
5847 |
+ max_p = _sp2d_max_pg(sp2d); |
5848 |
+ } |
5849 |
+ |
5850 |
++ ORE_DBGMSG("offset=0x%llx stripe_end=0x%llx min_p=%d max_p=%d\n", |
5851 |
++ offset, last_stripe_end, min_p, max_p); |
5852 |
++ |
5853 |
+ while (offset < last_stripe_end) { |
5854 |
+ struct __1_page_stripe *_1ps = &sp2d->_1p_stripes[p]; |
5855 |
+ |
5856 |
+@@ -568,6 +579,15 @@ read_last_stripe: |
5857 |
+ } |
5858 |
+ |
5859 |
+ read_it: |
5860 |
++ return 0; |
5861 |
++} |
5862 |
++ |
5863 |
++static int _read_4_write_execute(struct ore_io_state *ios) |
5864 |
++{ |
5865 |
++ struct ore_io_state *ios_read; |
5866 |
++ unsigned i; |
5867 |
++ int ret; |
5868 |
++ |
5869 |
+ ios_read = ios->ios_read_4_write; |
5870 |
+ if (!ios_read) |
5871 |
+ return 0; |
5872 |
+@@ -591,6 +611,8 @@ read_it: |
5873 |
+ } |
5874 |
+ |
5875 |
+ _mark_read4write_pages_uptodate(ios_read, ret); |
5876 |
++ ore_put_io_state(ios_read); |
5877 |
++ ios->ios_read_4_write = NULL; /* Might need a reuse at last stripe */ |
5878 |
+ return 0; |
5879 |
+ } |
5880 |
+ |
5881 |
+@@ -626,8 +648,11 @@ int _ore_add_parity_unit(struct ore_io_state *ios, |
5882 |
+ /* If first stripe, Read in all read4write pages |
5883 |
+ * (if needed) before we calculate the first parity. |
5884 |
+ */ |
5885 |
+- _read_4_write(ios); |
5886 |
++ _read_4_write_first_stripe(ios); |
5887 |
+ } |
5888 |
++ if (!cur_len) /* If last stripe r4w pages of last stripe */ |
5889 |
++ _read_4_write_last_stripe(ios); |
5890 |
++ _read_4_write_execute(ios); |
5891 |
+ |
5892 |
+ for (i = 0; i < num_pages; i++) { |
5893 |
+ pages[i] = _raid_page_alloc(); |
5894 |
+@@ -654,34 +679,14 @@ int _ore_add_parity_unit(struct ore_io_state *ios, |
5895 |
+ |
5896 |
+ int _ore_post_alloc_raid_stuff(struct ore_io_state *ios) |
5897 |
+ { |
5898 |
+- struct ore_layout *layout = ios->layout; |
5899 |
+- |
5900 |
+ if (ios->parity_pages) { |
5901 |
++ struct ore_layout *layout = ios->layout; |
5902 |
+ unsigned pages_in_unit = layout->stripe_unit / PAGE_SIZE; |
5903 |
+- unsigned stripe_size = ios->si.bytes_in_stripe; |
5904 |
+- u64 last_stripe, first_stripe; |
5905 |
+ |
5906 |
+ if (_sp2d_alloc(pages_in_unit, layout->group_width, |
5907 |
+ layout->parity, &ios->sp2d)) { |
5908 |
+ return -ENOMEM; |
5909 |
+ } |
5910 |
+- |
5911 |
+- /* Round io down to last full strip */ |
5912 |
+- first_stripe = div_u64(ios->offset, stripe_size); |
5913 |
+- last_stripe = div_u64(ios->offset + ios->length, stripe_size); |
5914 |
+- |
5915 |
+- /* If an IO spans more then a single stripe it must end at |
5916 |
+- * a stripe boundary. The reminder at the end is pushed into the |
5917 |
+- * next IO. |
5918 |
+- */ |
5919 |
+- if (last_stripe != first_stripe) { |
5920 |
+- ios->length = last_stripe * stripe_size - ios->offset; |
5921 |
+- |
5922 |
+- BUG_ON(!ios->length); |
5923 |
+- ios->nr_pages = (ios->length + PAGE_SIZE - 1) / |
5924 |
+- PAGE_SIZE; |
5925 |
+- ios->si.length = ios->length; /*make it consistent */ |
5926 |
+- } |
5927 |
+ } |
5928 |
+ return 0; |
5929 |
+ } |
5930 |
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c |
5931 |
+index ab7aa3f..a93486e 100644 |
5932 |
+--- a/fs/ext4/super.c |
5933 |
++++ b/fs/ext4/super.c |
5934 |
+@@ -1097,7 +1097,7 @@ static int ext4_show_options(struct seq_file *seq, struct vfsmount *vfs) |
5935 |
+ } |
5936 |
+ if (sbi->s_max_batch_time != EXT4_DEF_MAX_BATCH_TIME) { |
5937 |
+ seq_printf(seq, ",max_batch_time=%u", |
5938 |
+- (unsigned) sbi->s_min_batch_time); |
5939 |
++ (unsigned) sbi->s_max_batch_time); |
5940 |
+ } |
5941 |
+ |
5942 |
+ /* |
5943 |
+diff --git a/fs/fifo.c b/fs/fifo.c |
5944 |
+index b1a524d..cf6f434 100644 |
5945 |
+--- a/fs/fifo.c |
5946 |
++++ b/fs/fifo.c |
5947 |
+@@ -14,7 +14,7 @@ |
5948 |
+ #include <linux/sched.h> |
5949 |
+ #include <linux/pipe_fs_i.h> |
5950 |
+ |
5951 |
+-static void wait_for_partner(struct inode* inode, unsigned int *cnt) |
5952 |
++static int wait_for_partner(struct inode* inode, unsigned int *cnt) |
5953 |
+ { |
5954 |
+ int cur = *cnt; |
5955 |
+ |
5956 |
+@@ -23,6 +23,7 @@ static void wait_for_partner(struct inode* inode, unsigned int *cnt) |
5957 |
+ if (signal_pending(current)) |
5958 |
+ break; |
5959 |
+ } |
5960 |
++ return cur == *cnt ? -ERESTARTSYS : 0; |
5961 |
+ } |
5962 |
+ |
5963 |
+ static void wake_up_partner(struct inode* inode) |
5964 |
+@@ -67,8 +68,7 @@ static int fifo_open(struct inode *inode, struct file *filp) |
5965 |
+ * seen a writer */ |
5966 |
+ filp->f_version = pipe->w_counter; |
5967 |
+ } else { |
5968 |
+- wait_for_partner(inode, &pipe->w_counter); |
5969 |
+- if(signal_pending(current)) |
5970 |
++ if (wait_for_partner(inode, &pipe->w_counter)) |
5971 |
+ goto err_rd; |
5972 |
+ } |
5973 |
+ } |
5974 |
+@@ -90,8 +90,7 @@ static int fifo_open(struct inode *inode, struct file *filp) |
5975 |
+ wake_up_partner(inode); |
5976 |
+ |
5977 |
+ if (!pipe->readers) { |
5978 |
+- wait_for_partner(inode, &pipe->r_counter); |
5979 |
+- if (signal_pending(current)) |
5980 |
++ if (wait_for_partner(inode, &pipe->r_counter)) |
5981 |
+ goto err_wr; |
5982 |
+ } |
5983 |
+ break; |
5984 |
+diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c |
5985 |
+index 2d0ca24..ebc2f4d 100644 |
5986 |
+--- a/fs/hugetlbfs/inode.c |
5987 |
++++ b/fs/hugetlbfs/inode.c |
5988 |
+@@ -592,9 +592,15 @@ static int hugetlbfs_statfs(struct dentry *dentry, struct kstatfs *buf) |
5989 |
+ spin_lock(&sbinfo->stat_lock); |
5990 |
+ /* If no limits set, just report 0 for max/free/used |
5991 |
+ * blocks, like simple_statfs() */ |
5992 |
+- if (sbinfo->max_blocks >= 0) { |
5993 |
+- buf->f_blocks = sbinfo->max_blocks; |
5994 |
+- buf->f_bavail = buf->f_bfree = sbinfo->free_blocks; |
5995 |
++ if (sbinfo->spool) { |
5996 |
++ long free_pages; |
5997 |
++ |
5998 |
++ spin_lock(&sbinfo->spool->lock); |
5999 |
++ buf->f_blocks = sbinfo->spool->max_hpages; |
6000 |
++ free_pages = sbinfo->spool->max_hpages |
6001 |
++ - sbinfo->spool->used_hpages; |
6002 |
++ buf->f_bavail = buf->f_bfree = free_pages; |
6003 |
++ spin_unlock(&sbinfo->spool->lock); |
6004 |
+ buf->f_files = sbinfo->max_inodes; |
6005 |
+ buf->f_ffree = sbinfo->free_inodes; |
6006 |
+ } |
6007 |
+@@ -610,6 +616,10 @@ static void hugetlbfs_put_super(struct super_block *sb) |
6008 |
+ |
6009 |
+ if (sbi) { |
6010 |
+ sb->s_fs_info = NULL; |
6011 |
++ |
6012 |
++ if (sbi->spool) |
6013 |
++ hugepage_put_subpool(sbi->spool); |
6014 |
++ |
6015 |
+ kfree(sbi); |
6016 |
+ } |
6017 |
+ } |
6018 |
+@@ -841,10 +851,14 @@ hugetlbfs_fill_super(struct super_block *sb, void *data, int silent) |
6019 |
+ sb->s_fs_info = sbinfo; |
6020 |
+ sbinfo->hstate = config.hstate; |
6021 |
+ spin_lock_init(&sbinfo->stat_lock); |
6022 |
+- sbinfo->max_blocks = config.nr_blocks; |
6023 |
+- sbinfo->free_blocks = config.nr_blocks; |
6024 |
+ sbinfo->max_inodes = config.nr_inodes; |
6025 |
+ sbinfo->free_inodes = config.nr_inodes; |
6026 |
++ sbinfo->spool = NULL; |
6027 |
++ if (config.nr_blocks != -1) { |
6028 |
++ sbinfo->spool = hugepage_new_subpool(config.nr_blocks); |
6029 |
++ if (!sbinfo->spool) |
6030 |
++ goto out_free; |
6031 |
++ } |
6032 |
+ sb->s_maxbytes = MAX_LFS_FILESIZE; |
6033 |
+ sb->s_blocksize = huge_page_size(config.hstate); |
6034 |
+ sb->s_blocksize_bits = huge_page_shift(config.hstate); |
6035 |
+@@ -864,38 +878,12 @@ hugetlbfs_fill_super(struct super_block *sb, void *data, int silent) |
6036 |
+ sb->s_root = root; |
6037 |
+ return 0; |
6038 |
+ out_free: |
6039 |
++ if (sbinfo->spool) |
6040 |
++ kfree(sbinfo->spool); |
6041 |
+ kfree(sbinfo); |
6042 |
+ return -ENOMEM; |
6043 |
+ } |
6044 |
+ |
6045 |
+-int hugetlb_get_quota(struct address_space *mapping, long delta) |
6046 |
+-{ |
6047 |
+- int ret = 0; |
6048 |
+- struct hugetlbfs_sb_info *sbinfo = HUGETLBFS_SB(mapping->host->i_sb); |
6049 |
+- |
6050 |
+- if (sbinfo->free_blocks > -1) { |
6051 |
+- spin_lock(&sbinfo->stat_lock); |
6052 |
+- if (sbinfo->free_blocks - delta >= 0) |
6053 |
+- sbinfo->free_blocks -= delta; |
6054 |
+- else |
6055 |
+- ret = -ENOMEM; |
6056 |
+- spin_unlock(&sbinfo->stat_lock); |
6057 |
+- } |
6058 |
+- |
6059 |
+- return ret; |
6060 |
+-} |
6061 |
+- |
6062 |
+-void hugetlb_put_quota(struct address_space *mapping, long delta) |
6063 |
+-{ |
6064 |
+- struct hugetlbfs_sb_info *sbinfo = HUGETLBFS_SB(mapping->host->i_sb); |
6065 |
+- |
6066 |
+- if (sbinfo->free_blocks > -1) { |
6067 |
+- spin_lock(&sbinfo->stat_lock); |
6068 |
+- sbinfo->free_blocks += delta; |
6069 |
+- spin_unlock(&sbinfo->stat_lock); |
6070 |
+- } |
6071 |
+-} |
6072 |
+- |
6073 |
+ static struct dentry *hugetlbfs_mount(struct file_system_type *fs_type, |
6074 |
+ int flags, const char *dev_name, void *data) |
6075 |
+ { |
6076 |
+diff --git a/fs/locks.c b/fs/locks.c |
6077 |
+index 0d68f1f..6a64f15 100644 |
6078 |
+--- a/fs/locks.c |
6079 |
++++ b/fs/locks.c |
6080 |
+@@ -1465,7 +1465,7 @@ int generic_setlease(struct file *filp, long arg, struct file_lock **flp) |
6081 |
+ case F_WRLCK: |
6082 |
+ return generic_add_lease(filp, arg, flp); |
6083 |
+ default: |
6084 |
+- BUG(); |
6085 |
++ return -EINVAL; |
6086 |
+ } |
6087 |
+ } |
6088 |
+ EXPORT_SYMBOL(generic_setlease); |
6089 |
+diff --git a/fs/nfs/idmap.c b/fs/nfs/idmap.c |
6090 |
+index 47d1c6f..b122af8 100644 |
6091 |
+--- a/fs/nfs/idmap.c |
6092 |
++++ b/fs/nfs/idmap.c |
6093 |
+@@ -318,12 +318,12 @@ struct idmap_hashent { |
6094 |
+ unsigned long ih_expires; |
6095 |
+ __u32 ih_id; |
6096 |
+ size_t ih_namelen; |
6097 |
+- char ih_name[IDMAP_NAMESZ]; |
6098 |
++ const char *ih_name; |
6099 |
+ }; |
6100 |
+ |
6101 |
+ struct idmap_hashtable { |
6102 |
+ __u8 h_type; |
6103 |
+- struct idmap_hashent h_entries[IDMAP_HASH_SZ]; |
6104 |
++ struct idmap_hashent *h_entries; |
6105 |
+ }; |
6106 |
+ |
6107 |
+ struct idmap { |
6108 |
+@@ -378,6 +378,28 @@ nfs_idmap_new(struct nfs_client *clp) |
6109 |
+ return 0; |
6110 |
+ } |
6111 |
+ |
6112 |
++static void |
6113 |
++idmap_alloc_hashtable(struct idmap_hashtable *h) |
6114 |
++{ |
6115 |
++ if (h->h_entries != NULL) |
6116 |
++ return; |
6117 |
++ h->h_entries = kcalloc(IDMAP_HASH_SZ, |
6118 |
++ sizeof(*h->h_entries), |
6119 |
++ GFP_KERNEL); |
6120 |
++} |
6121 |
++ |
6122 |
++static void |
6123 |
++idmap_free_hashtable(struct idmap_hashtable *h) |
6124 |
++{ |
6125 |
++ int i; |
6126 |
++ |
6127 |
++ if (h->h_entries == NULL) |
6128 |
++ return; |
6129 |
++ for (i = 0; i < IDMAP_HASH_SZ; i++) |
6130 |
++ kfree(h->h_entries[i].ih_name); |
6131 |
++ kfree(h->h_entries); |
6132 |
++} |
6133 |
++ |
6134 |
+ void |
6135 |
+ nfs_idmap_delete(struct nfs_client *clp) |
6136 |
+ { |
6137 |
+@@ -387,6 +409,8 @@ nfs_idmap_delete(struct nfs_client *clp) |
6138 |
+ return; |
6139 |
+ rpc_unlink(idmap->idmap_dentry); |
6140 |
+ clp->cl_idmap = NULL; |
6141 |
++ idmap_free_hashtable(&idmap->idmap_user_hash); |
6142 |
++ idmap_free_hashtable(&idmap->idmap_group_hash); |
6143 |
+ kfree(idmap); |
6144 |
+ } |
6145 |
+ |
6146 |
+@@ -396,6 +420,8 @@ nfs_idmap_delete(struct nfs_client *clp) |
6147 |
+ static inline struct idmap_hashent * |
6148 |
+ idmap_name_hash(struct idmap_hashtable* h, const char *name, size_t len) |
6149 |
+ { |
6150 |
++ if (h->h_entries == NULL) |
6151 |
++ return NULL; |
6152 |
+ return &h->h_entries[fnvhash32(name, len) % IDMAP_HASH_SZ]; |
6153 |
+ } |
6154 |
+ |
6155 |
+@@ -404,6 +430,8 @@ idmap_lookup_name(struct idmap_hashtable *h, const char *name, size_t len) |
6156 |
+ { |
6157 |
+ struct idmap_hashent *he = idmap_name_hash(h, name, len); |
6158 |
+ |
6159 |
++ if (he == NULL) |
6160 |
++ return NULL; |
6161 |
+ if (he->ih_namelen != len || memcmp(he->ih_name, name, len) != 0) |
6162 |
+ return NULL; |
6163 |
+ if (time_after(jiffies, he->ih_expires)) |
6164 |
+@@ -414,6 +442,8 @@ idmap_lookup_name(struct idmap_hashtable *h, const char *name, size_t len) |
6165 |
+ static inline struct idmap_hashent * |
6166 |
+ idmap_id_hash(struct idmap_hashtable* h, __u32 id) |
6167 |
+ { |
6168 |
++ if (h->h_entries == NULL) |
6169 |
++ return NULL; |
6170 |
+ return &h->h_entries[fnvhash32(&id, sizeof(id)) % IDMAP_HASH_SZ]; |
6171 |
+ } |
6172 |
+ |
6173 |
+@@ -421,6 +451,9 @@ static struct idmap_hashent * |
6174 |
+ idmap_lookup_id(struct idmap_hashtable *h, __u32 id) |
6175 |
+ { |
6176 |
+ struct idmap_hashent *he = idmap_id_hash(h, id); |
6177 |
++ |
6178 |
++ if (he == NULL) |
6179 |
++ return NULL; |
6180 |
+ if (he->ih_id != id || he->ih_namelen == 0) |
6181 |
+ return NULL; |
6182 |
+ if (time_after(jiffies, he->ih_expires)) |
6183 |
+@@ -436,12 +469,14 @@ idmap_lookup_id(struct idmap_hashtable *h, __u32 id) |
6184 |
+ static inline struct idmap_hashent * |
6185 |
+ idmap_alloc_name(struct idmap_hashtable *h, char *name, size_t len) |
6186 |
+ { |
6187 |
++ idmap_alloc_hashtable(h); |
6188 |
+ return idmap_name_hash(h, name, len); |
6189 |
+ } |
6190 |
+ |
6191 |
+ static inline struct idmap_hashent * |
6192 |
+ idmap_alloc_id(struct idmap_hashtable *h, __u32 id) |
6193 |
+ { |
6194 |
++ idmap_alloc_hashtable(h); |
6195 |
+ return idmap_id_hash(h, id); |
6196 |
+ } |
6197 |
+ |
6198 |
+@@ -449,9 +484,14 @@ static void |
6199 |
+ idmap_update_entry(struct idmap_hashent *he, const char *name, |
6200 |
+ size_t namelen, __u32 id) |
6201 |
+ { |
6202 |
++ char *str = kmalloc(namelen + 1, GFP_KERNEL); |
6203 |
++ if (str == NULL) |
6204 |
++ return; |
6205 |
++ kfree(he->ih_name); |
6206 |
+ he->ih_id = id; |
6207 |
+- memcpy(he->ih_name, name, namelen); |
6208 |
+- he->ih_name[namelen] = '\0'; |
6209 |
++ memcpy(str, name, namelen); |
6210 |
++ str[namelen] = '\0'; |
6211 |
++ he->ih_name = str; |
6212 |
+ he->ih_namelen = namelen; |
6213 |
+ he->ih_expires = jiffies + nfs_idmap_cache_timeout; |
6214 |
+ } |
6215 |
+diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c |
6216 |
+index 66020ac..07354b7 100644 |
6217 |
+--- a/fs/nfs/nfs4state.c |
6218 |
++++ b/fs/nfs/nfs4state.c |
6219 |
+@@ -1186,8 +1186,9 @@ restart: |
6220 |
+ spin_lock(&state->state_lock); |
6221 |
+ list_for_each_entry(lock, &state->lock_states, ls_locks) { |
6222 |
+ if (!(lock->ls_flags & NFS_LOCK_INITIALIZED)) |
6223 |
+- printk("%s: Lock reclaim failed!\n", |
6224 |
+- __func__); |
6225 |
++ pr_warn_ratelimited("NFS: " |
6226 |
++ "%s: Lock reclaim " |
6227 |
++ "failed!\n", __func__); |
6228 |
+ } |
6229 |
+ spin_unlock(&state->state_lock); |
6230 |
+ nfs4_put_open_state(state); |
6231 |
+diff --git a/fs/nfs/objlayout/objio_osd.c b/fs/nfs/objlayout/objio_osd.c |
6232 |
+index 55d0128..a03ee52 100644 |
6233 |
+--- a/fs/nfs/objlayout/objio_osd.c |
6234 |
++++ b/fs/nfs/objlayout/objio_osd.c |
6235 |
+@@ -433,7 +433,10 @@ int objio_read_pagelist(struct nfs_read_data *rdata) |
6236 |
+ objios->ios->done = _read_done; |
6237 |
+ dprintk("%s: offset=0x%llx length=0x%x\n", __func__, |
6238 |
+ rdata->args.offset, rdata->args.count); |
6239 |
+- return ore_read(objios->ios); |
6240 |
++ ret = ore_read(objios->ios); |
6241 |
++ if (unlikely(ret)) |
6242 |
++ objio_free_result(&objios->oir); |
6243 |
++ return ret; |
6244 |
+ } |
6245 |
+ |
6246 |
+ /* |
6247 |
+@@ -464,8 +467,16 @@ static struct page *__r4w_get_page(void *priv, u64 offset, bool *uptodate) |
6248 |
+ struct objio_state *objios = priv; |
6249 |
+ struct nfs_write_data *wdata = objios->oir.rpcdata; |
6250 |
+ pgoff_t index = offset / PAGE_SIZE; |
6251 |
+- struct page *page = find_get_page(wdata->inode->i_mapping, index); |
6252 |
++ struct page *page; |
6253 |
++ loff_t i_size = i_size_read(wdata->inode); |
6254 |
++ |
6255 |
++ if (offset >= i_size) { |
6256 |
++ *uptodate = true; |
6257 |
++ dprintk("%s: g_zero_page index=0x%lx\n", __func__, index); |
6258 |
++ return ZERO_PAGE(0); |
6259 |
++ } |
6260 |
+ |
6261 |
++ page = find_get_page(wdata->inode->i_mapping, index); |
6262 |
+ if (!page) { |
6263 |
+ page = find_or_create_page(wdata->inode->i_mapping, |
6264 |
+ index, GFP_NOFS); |
6265 |
+@@ -486,8 +497,10 @@ static struct page *__r4w_get_page(void *priv, u64 offset, bool *uptodate) |
6266 |
+ |
6267 |
+ static void __r4w_put_page(void *priv, struct page *page) |
6268 |
+ { |
6269 |
+- dprintk("%s: index=0x%lx\n", __func__, page->index); |
6270 |
+- page_cache_release(page); |
6271 |
++ dprintk("%s: index=0x%lx\n", __func__, |
6272 |
++ (page == ZERO_PAGE(0)) ? -1UL : page->index); |
6273 |
++ if (ZERO_PAGE(0) != page) |
6274 |
++ page_cache_release(page); |
6275 |
+ return; |
6276 |
+ } |
6277 |
+ |
6278 |
+@@ -517,8 +530,10 @@ int objio_write_pagelist(struct nfs_write_data *wdata, int how) |
6279 |
+ dprintk("%s: offset=0x%llx length=0x%x\n", __func__, |
6280 |
+ wdata->args.offset, wdata->args.count); |
6281 |
+ ret = ore_write(objios->ios); |
6282 |
+- if (unlikely(ret)) |
6283 |
++ if (unlikely(ret)) { |
6284 |
++ objio_free_result(&objios->oir); |
6285 |
+ return ret; |
6286 |
++ } |
6287 |
+ |
6288 |
+ if (objios->sync) |
6289 |
+ _write_done(objios->ios, objios); |
6290 |
+diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c |
6291 |
+index 07ee5b4..1c7d45e 100644 |
6292 |
+--- a/fs/ocfs2/file.c |
6293 |
++++ b/fs/ocfs2/file.c |
6294 |
+@@ -1950,7 +1950,7 @@ static int __ocfs2_change_file_space(struct file *file, struct inode *inode, |
6295 |
+ if (ret < 0) |
6296 |
+ mlog_errno(ret); |
6297 |
+ |
6298 |
+- if (file->f_flags & O_SYNC) |
6299 |
++ if (file && (file->f_flags & O_SYNC)) |
6300 |
+ handle->h_sync = 1; |
6301 |
+ |
6302 |
+ ocfs2_commit_trans(osb, handle); |
6303 |
+diff --git a/fs/ramfs/file-nommu.c b/fs/ramfs/file-nommu.c |
6304 |
+index fbb0b47..d5378d0 100644 |
6305 |
+--- a/fs/ramfs/file-nommu.c |
6306 |
++++ b/fs/ramfs/file-nommu.c |
6307 |
+@@ -110,6 +110,7 @@ int ramfs_nommu_expand_for_mapping(struct inode *inode, size_t newsize) |
6308 |
+ |
6309 |
+ /* prevent the page from being discarded on memory pressure */ |
6310 |
+ SetPageDirty(page); |
6311 |
++ SetPageUptodate(page); |
6312 |
+ |
6313 |
+ unlock_page(page); |
6314 |
+ put_page(page); |
6315 |
+diff --git a/fs/ubifs/sb.c b/fs/ubifs/sb.c |
6316 |
+index 6094c5a..b73ecd8 100644 |
6317 |
+--- a/fs/ubifs/sb.c |
6318 |
++++ b/fs/ubifs/sb.c |
6319 |
+@@ -715,8 +715,12 @@ static int fixup_free_space(struct ubifs_info *c) |
6320 |
+ lnum = ubifs_next_log_lnum(c, lnum); |
6321 |
+ } |
6322 |
+ |
6323 |
+- /* Fixup the current log head */ |
6324 |
+- err = fixup_leb(c, c->lhead_lnum, c->lhead_offs); |
6325 |
++ /* |
6326 |
++ * Fixup the log head which contains the only a CS node at the |
6327 |
++ * beginning. |
6328 |
++ */ |
6329 |
++ err = fixup_leb(c, c->lhead_lnum, |
6330 |
++ ALIGN(UBIFS_CS_NODE_SZ, c->min_io_size)); |
6331 |
+ if (err) |
6332 |
+ goto out; |
6333 |
+ |
6334 |
+diff --git a/include/linux/Kbuild b/include/linux/Kbuild |
6335 |
+index bd21ecd..a3ce901 100644 |
6336 |
+--- a/include/linux/Kbuild |
6337 |
++++ b/include/linux/Kbuild |
6338 |
+@@ -268,6 +268,7 @@ header-y += netfilter_ipv4.h |
6339 |
+ header-y += netfilter_ipv6.h |
6340 |
+ header-y += netlink.h |
6341 |
+ header-y += netrom.h |
6342 |
++header-y += nfc.h |
6343 |
+ header-y += nfs.h |
6344 |
+ header-y += nfs2.h |
6345 |
+ header-y += nfs3.h |
6346 |
+diff --git a/include/linux/hrtimer.h b/include/linux/hrtimer.h |
6347 |
+index fd0dc30..cc07d27 100644 |
6348 |
+--- a/include/linux/hrtimer.h |
6349 |
++++ b/include/linux/hrtimer.h |
6350 |
+@@ -165,6 +165,7 @@ enum hrtimer_base_type { |
6351 |
+ * @lock: lock protecting the base and associated clock bases |
6352 |
+ * and timers |
6353 |
+ * @active_bases: Bitfield to mark bases with active timers |
6354 |
++ * @clock_was_set: Indicates that clock was set from irq context. |
6355 |
+ * @expires_next: absolute time of the next event which was scheduled |
6356 |
+ * via clock_set_next_event() |
6357 |
+ * @hres_active: State of high resolution mode |
6358 |
+@@ -177,7 +178,8 @@ enum hrtimer_base_type { |
6359 |
+ */ |
6360 |
+ struct hrtimer_cpu_base { |
6361 |
+ raw_spinlock_t lock; |
6362 |
+- unsigned long active_bases; |
6363 |
++ unsigned int active_bases; |
6364 |
++ unsigned int clock_was_set; |
6365 |
+ #ifdef CONFIG_HIGH_RES_TIMERS |
6366 |
+ ktime_t expires_next; |
6367 |
+ int hres_active; |
6368 |
+@@ -286,6 +288,8 @@ extern void hrtimer_peek_ahead_timers(void); |
6369 |
+ # define MONOTONIC_RES_NSEC HIGH_RES_NSEC |
6370 |
+ # define KTIME_MONOTONIC_RES KTIME_HIGH_RES |
6371 |
+ |
6372 |
++extern void clock_was_set_delayed(void); |
6373 |
++ |
6374 |
+ #else |
6375 |
+ |
6376 |
+ # define MONOTONIC_RES_NSEC LOW_RES_NSEC |
6377 |
+@@ -306,6 +310,9 @@ static inline int hrtimer_is_hres_active(struct hrtimer *timer) |
6378 |
+ { |
6379 |
+ return 0; |
6380 |
+ } |
6381 |
++ |
6382 |
++static inline void clock_was_set_delayed(void) { } |
6383 |
++ |
6384 |
+ #endif |
6385 |
+ |
6386 |
+ extern void clock_was_set(void); |
6387 |
+@@ -320,6 +327,7 @@ extern ktime_t ktime_get(void); |
6388 |
+ extern ktime_t ktime_get_real(void); |
6389 |
+ extern ktime_t ktime_get_boottime(void); |
6390 |
+ extern ktime_t ktime_get_monotonic_offset(void); |
6391 |
++extern ktime_t ktime_get_update_offsets(ktime_t *offs_real, ktime_t *offs_boot); |
6392 |
+ |
6393 |
+ DECLARE_PER_CPU(struct tick_device, tick_cpu_device); |
6394 |
+ |
6395 |
+diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h |
6396 |
+index d9d6c86..c5ed2f1 100644 |
6397 |
+--- a/include/linux/hugetlb.h |
6398 |
++++ b/include/linux/hugetlb.h |
6399 |
+@@ -14,6 +14,15 @@ struct user_struct; |
6400 |
+ #include <linux/shm.h> |
6401 |
+ #include <asm/tlbflush.h> |
6402 |
+ |
6403 |
++struct hugepage_subpool { |
6404 |
++ spinlock_t lock; |
6405 |
++ long count; |
6406 |
++ long max_hpages, used_hpages; |
6407 |
++}; |
6408 |
++ |
6409 |
++struct hugepage_subpool *hugepage_new_subpool(long nr_blocks); |
6410 |
++void hugepage_put_subpool(struct hugepage_subpool *spool); |
6411 |
++ |
6412 |
+ int PageHuge(struct page *page); |
6413 |
+ |
6414 |
+ void reset_vma_resv_huge_pages(struct vm_area_struct *vma); |
6415 |
+@@ -138,12 +147,11 @@ struct hugetlbfs_config { |
6416 |
+ }; |
6417 |
+ |
6418 |
+ struct hugetlbfs_sb_info { |
6419 |
+- long max_blocks; /* blocks allowed */ |
6420 |
+- long free_blocks; /* blocks free */ |
6421 |
+ long max_inodes; /* inodes allowed */ |
6422 |
+ long free_inodes; /* inodes free */ |
6423 |
+ spinlock_t stat_lock; |
6424 |
+ struct hstate *hstate; |
6425 |
++ struct hugepage_subpool *spool; |
6426 |
+ }; |
6427 |
+ |
6428 |
+ |
6429 |
+@@ -166,8 +174,6 @@ extern const struct file_operations hugetlbfs_file_operations; |
6430 |
+ extern const struct vm_operations_struct hugetlb_vm_ops; |
6431 |
+ struct file *hugetlb_file_setup(const char *name, size_t size, vm_flags_t acct, |
6432 |
+ struct user_struct **user, int creat_flags); |
6433 |
+-int hugetlb_get_quota(struct address_space *mapping, long delta); |
6434 |
+-void hugetlb_put_quota(struct address_space *mapping, long delta); |
6435 |
+ |
6436 |
+ static inline int is_file_hugepages(struct file *file) |
6437 |
+ { |
6438 |
+diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h |
6439 |
+index 188cb2f..905b1e1 100644 |
6440 |
+--- a/include/linux/mmzone.h |
6441 |
++++ b/include/linux/mmzone.h |
6442 |
+@@ -652,7 +652,7 @@ typedef struct pglist_data { |
6443 |
+ range, including holes */ |
6444 |
+ int node_id; |
6445 |
+ wait_queue_head_t kswapd_wait; |
6446 |
+- struct task_struct *kswapd; |
6447 |
++ struct task_struct *kswapd; /* Protected by lock_memory_hotplug() */ |
6448 |
+ int kswapd_max_order; |
6449 |
+ enum zone_type classzone_idx; |
6450 |
+ } pg_data_t; |
6451 |
+diff --git a/include/linux/pci.h b/include/linux/pci.h |
6452 |
+index c0cfa0d..7cda65b 100644 |
6453 |
+--- a/include/linux/pci.h |
6454 |
++++ b/include/linux/pci.h |
6455 |
+@@ -176,8 +176,6 @@ enum pci_dev_flags { |
6456 |
+ PCI_DEV_FLAGS_NO_D3 = (__force pci_dev_flags_t) 2, |
6457 |
+ /* Provide indication device is assigned by a Virtual Machine Manager */ |
6458 |
+ PCI_DEV_FLAGS_ASSIGNED = (__force pci_dev_flags_t) 4, |
6459 |
+- /* Device causes system crash if in D3 during S3 sleep */ |
6460 |
+- PCI_DEV_FLAGS_NO_D3_DURING_SLEEP = (__force pci_dev_flags_t) 8, |
6461 |
+ }; |
6462 |
+ |
6463 |
+ enum pci_irq_reroute_variant { |
6464 |
+diff --git a/include/linux/sched.h b/include/linux/sched.h |
6465 |
+index 1c4f3e9..5afa2a3 100644 |
6466 |
+--- a/include/linux/sched.h |
6467 |
++++ b/include/linux/sched.h |
6468 |
+@@ -1892,6 +1892,14 @@ static inline int set_cpus_allowed_ptr(struct task_struct *p, |
6469 |
+ } |
6470 |
+ #endif |
6471 |
+ |
6472 |
++#ifdef CONFIG_NO_HZ |
6473 |
++void calc_load_enter_idle(void); |
6474 |
++void calc_load_exit_idle(void); |
6475 |
++#else |
6476 |
++static inline void calc_load_enter_idle(void) { } |
6477 |
++static inline void calc_load_exit_idle(void) { } |
6478 |
++#endif /* CONFIG_NO_HZ */ |
6479 |
++ |
6480 |
+ #ifndef CONFIG_CPUMASK_OFFSTACK |
6481 |
+ static inline int set_cpus_allowed(struct task_struct *p, cpumask_t new_mask) |
6482 |
+ { |
6483 |
+diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
6484 |
+index bdb4590..53dc7e7 100644 |
6485 |
+--- a/include/linux/skbuff.h |
6486 |
++++ b/include/linux/skbuff.h |
6487 |
+@@ -213,11 +213,8 @@ enum { |
6488 |
+ /* device driver is going to provide hardware time stamp */ |
6489 |
+ SKBTX_IN_PROGRESS = 1 << 2, |
6490 |
+ |
6491 |
+- /* ensure the originating sk reference is available on driver level */ |
6492 |
+- SKBTX_DRV_NEEDS_SK_REF = 1 << 3, |
6493 |
+- |
6494 |
+ /* device driver supports TX zero-copy buffers */ |
6495 |
+- SKBTX_DEV_ZEROCOPY = 1 << 4, |
6496 |
++ SKBTX_DEV_ZEROCOPY = 1 << 3, |
6497 |
+ }; |
6498 |
+ |
6499 |
+ /* |
6500 |
+diff --git a/include/linux/timex.h b/include/linux/timex.h |
6501 |
+index aa60fe7..08e90fb 100644 |
6502 |
+--- a/include/linux/timex.h |
6503 |
++++ b/include/linux/timex.h |
6504 |
+@@ -266,7 +266,7 @@ static inline int ntp_synced(void) |
6505 |
+ /* Returns how long ticks are at present, in ns / 2^NTP_SCALE_SHIFT. */ |
6506 |
+ extern u64 tick_length; |
6507 |
+ |
6508 |
+-extern void second_overflow(void); |
6509 |
++extern int second_overflow(unsigned long secs); |
6510 |
+ extern void update_ntp_one_tick(void); |
6511 |
+ extern int do_adjtimex(struct timex *); |
6512 |
+ extern void hardpps(const struct timespec *, const struct timespec *); |
6513 |
+diff --git a/include/scsi/libsas.h b/include/scsi/libsas.h |
6514 |
+index 6a308d4..1e100c6 100644 |
6515 |
+--- a/include/scsi/libsas.h |
6516 |
++++ b/include/scsi/libsas.h |
6517 |
+@@ -159,6 +159,8 @@ enum ata_command_set { |
6518 |
+ ATAPI_COMMAND_SET = 1, |
6519 |
+ }; |
6520 |
+ |
6521 |
++#define ATA_RESP_FIS_SIZE 24 |
6522 |
++ |
6523 |
+ struct sata_device { |
6524 |
+ enum ata_command_set command_set; |
6525 |
+ struct smp_resp rps_resp; /* report_phy_sata_resp */ |
6526 |
+@@ -170,7 +172,7 @@ struct sata_device { |
6527 |
+ |
6528 |
+ struct ata_port *ap; |
6529 |
+ struct ata_host ata_host; |
6530 |
+- struct ata_taskfile tf; |
6531 |
++ u8 fis[ATA_RESP_FIS_SIZE]; |
6532 |
+ u32 sstatus; |
6533 |
+ u32 serror; |
6534 |
+ u32 scontrol; |
6535 |
+@@ -486,7 +488,7 @@ enum exec_status { |
6536 |
+ */ |
6537 |
+ struct ata_task_resp { |
6538 |
+ u16 frame_len; |
6539 |
+- u8 ending_fis[24]; /* dev to host or data-in */ |
6540 |
++ u8 ending_fis[ATA_RESP_FIS_SIZE]; /* dev to host or data-in */ |
6541 |
+ u32 sstatus; |
6542 |
+ u32 serror; |
6543 |
+ u32 scontrol; |
6544 |
+diff --git a/kernel/hrtimer.c b/kernel/hrtimer.c |
6545 |
+index ae34bf5..6db7a5e 100644 |
6546 |
+--- a/kernel/hrtimer.c |
6547 |
++++ b/kernel/hrtimer.c |
6548 |
+@@ -657,6 +657,14 @@ static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer, |
6549 |
+ return 0; |
6550 |
+ } |
6551 |
+ |
6552 |
++static inline ktime_t hrtimer_update_base(struct hrtimer_cpu_base *base) |
6553 |
++{ |
6554 |
++ ktime_t *offs_real = &base->clock_base[HRTIMER_BASE_REALTIME].offset; |
6555 |
++ ktime_t *offs_boot = &base->clock_base[HRTIMER_BASE_BOOTTIME].offset; |
6556 |
++ |
6557 |
++ return ktime_get_update_offsets(offs_real, offs_boot); |
6558 |
++} |
6559 |
++ |
6560 |
+ /* |
6561 |
+ * Retrigger next event is called after clock was set |
6562 |
+ * |
6563 |
+@@ -665,22 +673,12 @@ static inline int hrtimer_enqueue_reprogram(struct hrtimer *timer, |
6564 |
+ static void retrigger_next_event(void *arg) |
6565 |
+ { |
6566 |
+ struct hrtimer_cpu_base *base = &__get_cpu_var(hrtimer_bases); |
6567 |
+- struct timespec realtime_offset, xtim, wtm, sleep; |
6568 |
+ |
6569 |
+ if (!hrtimer_hres_active()) |
6570 |
+ return; |
6571 |
+ |
6572 |
+- /* Optimized out for !HIGH_RES */ |
6573 |
+- get_xtime_and_monotonic_and_sleep_offset(&xtim, &wtm, &sleep); |
6574 |
+- set_normalized_timespec(&realtime_offset, -wtm.tv_sec, -wtm.tv_nsec); |
6575 |
+- |
6576 |
+- /* Adjust CLOCK_REALTIME offset */ |
6577 |
+ raw_spin_lock(&base->lock); |
6578 |
+- base->clock_base[HRTIMER_BASE_REALTIME].offset = |
6579 |
+- timespec_to_ktime(realtime_offset); |
6580 |
+- base->clock_base[HRTIMER_BASE_BOOTTIME].offset = |
6581 |
+- timespec_to_ktime(sleep); |
6582 |
+- |
6583 |
++ hrtimer_update_base(base); |
6584 |
+ hrtimer_force_reprogram(base, 0); |
6585 |
+ raw_spin_unlock(&base->lock); |
6586 |
+ } |
6587 |
+@@ -710,13 +708,25 @@ static int hrtimer_switch_to_hres(void) |
6588 |
+ base->clock_base[i].resolution = KTIME_HIGH_RES; |
6589 |
+ |
6590 |
+ tick_setup_sched_timer(); |
6591 |
+- |
6592 |
+ /* "Retrigger" the interrupt to get things going */ |
6593 |
+ retrigger_next_event(NULL); |
6594 |
+ local_irq_restore(flags); |
6595 |
+ return 1; |
6596 |
+ } |
6597 |
+ |
6598 |
++/* |
6599 |
++ * Called from timekeeping code to reprogramm the hrtimer interrupt |
6600 |
++ * device. If called from the timer interrupt context we defer it to |
6601 |
++ * softirq context. |
6602 |
++ */ |
6603 |
++void clock_was_set_delayed(void) |
6604 |
++{ |
6605 |
++ struct hrtimer_cpu_base *cpu_base = &__get_cpu_var(hrtimer_bases); |
6606 |
++ |
6607 |
++ cpu_base->clock_was_set = 1; |
6608 |
++ __raise_softirq_irqoff(HRTIMER_SOFTIRQ); |
6609 |
++} |
6610 |
++ |
6611 |
+ #else |
6612 |
+ |
6613 |
+ static inline int hrtimer_hres_active(void) { return 0; } |
6614 |
+@@ -1250,11 +1260,10 @@ void hrtimer_interrupt(struct clock_event_device *dev) |
6615 |
+ cpu_base->nr_events++; |
6616 |
+ dev->next_event.tv64 = KTIME_MAX; |
6617 |
+ |
6618 |
+- entry_time = now = ktime_get(); |
6619 |
++ raw_spin_lock(&cpu_base->lock); |
6620 |
++ entry_time = now = hrtimer_update_base(cpu_base); |
6621 |
+ retry: |
6622 |
+ expires_next.tv64 = KTIME_MAX; |
6623 |
+- |
6624 |
+- raw_spin_lock(&cpu_base->lock); |
6625 |
+ /* |
6626 |
+ * We set expires_next to KTIME_MAX here with cpu_base->lock |
6627 |
+ * held to prevent that a timer is enqueued in our queue via |
6628 |
+@@ -1330,8 +1339,12 @@ retry: |
6629 |
+ * We need to prevent that we loop forever in the hrtimer |
6630 |
+ * interrupt routine. We give it 3 attempts to avoid |
6631 |
+ * overreacting on some spurious event. |
6632 |
++ * |
6633 |
++ * Acquire base lock for updating the offsets and retrieving |
6634 |
++ * the current time. |
6635 |
+ */ |
6636 |
+- now = ktime_get(); |
6637 |
++ raw_spin_lock(&cpu_base->lock); |
6638 |
++ now = hrtimer_update_base(cpu_base); |
6639 |
+ cpu_base->nr_retries++; |
6640 |
+ if (++retries < 3) |
6641 |
+ goto retry; |
6642 |
+@@ -1343,6 +1356,7 @@ retry: |
6643 |
+ */ |
6644 |
+ cpu_base->nr_hangs++; |
6645 |
+ cpu_base->hang_detected = 1; |
6646 |
++ raw_spin_unlock(&cpu_base->lock); |
6647 |
+ delta = ktime_sub(now, entry_time); |
6648 |
+ if (delta.tv64 > cpu_base->max_hang_time.tv64) |
6649 |
+ cpu_base->max_hang_time = delta; |
6650 |
+@@ -1395,6 +1409,13 @@ void hrtimer_peek_ahead_timers(void) |
6651 |
+ |
6652 |
+ static void run_hrtimer_softirq(struct softirq_action *h) |
6653 |
+ { |
6654 |
++ struct hrtimer_cpu_base *cpu_base = &__get_cpu_var(hrtimer_bases); |
6655 |
++ |
6656 |
++ if (cpu_base->clock_was_set) { |
6657 |
++ cpu_base->clock_was_set = 0; |
6658 |
++ clock_was_set(); |
6659 |
++ } |
6660 |
++ |
6661 |
+ hrtimer_peek_ahead_timers(); |
6662 |
+ } |
6663 |
+ |
6664 |
+diff --git a/kernel/power/swap.c b/kernel/power/swap.c |
6665 |
+index b313086..64f8f97 100644 |
6666 |
+--- a/kernel/power/swap.c |
6667 |
++++ b/kernel/power/swap.c |
6668 |
+@@ -6,7 +6,7 @@ |
6669 |
+ * |
6670 |
+ * Copyright (C) 1998,2001-2005 Pavel Machek <pavel@×××.cz> |
6671 |
+ * Copyright (C) 2006 Rafael J. Wysocki <rjw@××××.pl> |
6672 |
+- * Copyright (C) 2010 Bojan Smojver <bojan@×××××××××.com> |
6673 |
++ * Copyright (C) 2010-2012 Bojan Smojver <bojan@×××××××××.com> |
6674 |
+ * |
6675 |
+ * This file is released under the GPLv2. |
6676 |
+ * |
6677 |
+@@ -283,14 +283,17 @@ static int write_page(void *buf, sector_t offset, struct bio **bio_chain) |
6678 |
+ return -ENOSPC; |
6679 |
+ |
6680 |
+ if (bio_chain) { |
6681 |
+- src = (void *)__get_free_page(__GFP_WAIT | __GFP_HIGH); |
6682 |
++ src = (void *)__get_free_page(__GFP_WAIT | __GFP_NOWARN | |
6683 |
++ __GFP_NORETRY); |
6684 |
+ if (src) { |
6685 |
+ copy_page(src, buf); |
6686 |
+ } else { |
6687 |
+ ret = hib_wait_on_bio_chain(bio_chain); /* Free pages */ |
6688 |
+ if (ret) |
6689 |
+ return ret; |
6690 |
+- src = (void *)__get_free_page(__GFP_WAIT | __GFP_HIGH); |
6691 |
++ src = (void *)__get_free_page(__GFP_WAIT | |
6692 |
++ __GFP_NOWARN | |
6693 |
++ __GFP_NORETRY); |
6694 |
+ if (src) { |
6695 |
+ copy_page(src, buf); |
6696 |
+ } else { |
6697 |
+@@ -368,12 +371,17 @@ static int swap_write_page(struct swap_map_handle *handle, void *buf, |
6698 |
+ clear_page(handle->cur); |
6699 |
+ handle->cur_swap = offset; |
6700 |
+ handle->k = 0; |
6701 |
+- } |
6702 |
+- if (bio_chain && low_free_pages() <= handle->reqd_free_pages) { |
6703 |
+- error = hib_wait_on_bio_chain(bio_chain); |
6704 |
+- if (error) |
6705 |
+- goto out; |
6706 |
+- handle->reqd_free_pages = reqd_free_pages(); |
6707 |
++ |
6708 |
++ if (bio_chain && low_free_pages() <= handle->reqd_free_pages) { |
6709 |
++ error = hib_wait_on_bio_chain(bio_chain); |
6710 |
++ if (error) |
6711 |
++ goto out; |
6712 |
++ /* |
6713 |
++ * Recalculate the number of required free pages, to |
6714 |
++ * make sure we never take more than half. |
6715 |
++ */ |
6716 |
++ handle->reqd_free_pages = reqd_free_pages(); |
6717 |
++ } |
6718 |
+ } |
6719 |
+ out: |
6720 |
+ return error; |
6721 |
+@@ -420,8 +428,9 @@ static int swap_writer_finish(struct swap_map_handle *handle, |
6722 |
+ /* Maximum number of threads for compression/decompression. */ |
6723 |
+ #define LZO_THREADS 3 |
6724 |
+ |
6725 |
+-/* Maximum number of pages for read buffering. */ |
6726 |
+-#define LZO_READ_PAGES (MAP_PAGE_ENTRIES * 8) |
6727 |
++/* Minimum/maximum number of pages for read buffering. */ |
6728 |
++#define LZO_MIN_RD_PAGES 1024 |
6729 |
++#define LZO_MAX_RD_PAGES 8192 |
6730 |
+ |
6731 |
+ |
6732 |
+ /** |
6733 |
+@@ -632,12 +641,6 @@ static int save_image_lzo(struct swap_map_handle *handle, |
6734 |
+ } |
6735 |
+ |
6736 |
+ /* |
6737 |
+- * Adjust number of free pages after all allocations have been done. |
6738 |
+- * We don't want to run out of pages when writing. |
6739 |
+- */ |
6740 |
+- handle->reqd_free_pages = reqd_free_pages(); |
6741 |
+- |
6742 |
+- /* |
6743 |
+ * Start the CRC32 thread. |
6744 |
+ */ |
6745 |
+ init_waitqueue_head(&crc->go); |
6746 |
+@@ -658,6 +661,12 @@ static int save_image_lzo(struct swap_map_handle *handle, |
6747 |
+ goto out_clean; |
6748 |
+ } |
6749 |
+ |
6750 |
++ /* |
6751 |
++ * Adjust the number of required free pages after all allocations have |
6752 |
++ * been done. We don't want to run out of pages when writing. |
6753 |
++ */ |
6754 |
++ handle->reqd_free_pages = reqd_free_pages(); |
6755 |
++ |
6756 |
+ printk(KERN_INFO |
6757 |
+ "PM: Using %u thread(s) for compression.\n" |
6758 |
+ "PM: Compressing and saving image data (%u pages) ... ", |
6759 |
+@@ -1067,7 +1076,7 @@ static int load_image_lzo(struct swap_map_handle *handle, |
6760 |
+ unsigned i, thr, run_threads, nr_threads; |
6761 |
+ unsigned ring = 0, pg = 0, ring_size = 0, |
6762 |
+ have = 0, want, need, asked = 0; |
6763 |
+- unsigned long read_pages; |
6764 |
++ unsigned long read_pages = 0; |
6765 |
+ unsigned char **page = NULL; |
6766 |
+ struct dec_data *data = NULL; |
6767 |
+ struct crc_data *crc = NULL; |
6768 |
+@@ -1079,7 +1088,7 @@ static int load_image_lzo(struct swap_map_handle *handle, |
6769 |
+ nr_threads = num_online_cpus() - 1; |
6770 |
+ nr_threads = clamp_val(nr_threads, 1, LZO_THREADS); |
6771 |
+ |
6772 |
+- page = vmalloc(sizeof(*page) * LZO_READ_PAGES); |
6773 |
++ page = vmalloc(sizeof(*page) * LZO_MAX_RD_PAGES); |
6774 |
+ if (!page) { |
6775 |
+ printk(KERN_ERR "PM: Failed to allocate LZO page\n"); |
6776 |
+ ret = -ENOMEM; |
6777 |
+@@ -1144,15 +1153,22 @@ static int load_image_lzo(struct swap_map_handle *handle, |
6778 |
+ } |
6779 |
+ |
6780 |
+ /* |
6781 |
+- * Adjust number of pages for read buffering, in case we are short. |
6782 |
++ * Set the number of pages for read buffering. |
6783 |
++ * This is complete guesswork, because we'll only know the real |
6784 |
++ * picture once prepare_image() is called, which is much later on |
6785 |
++ * during the image load phase. We'll assume the worst case and |
6786 |
++ * say that none of the image pages are from high memory. |
6787 |
+ */ |
6788 |
+- read_pages = (nr_free_pages() - snapshot_get_image_size()) >> 1; |
6789 |
+- read_pages = clamp_val(read_pages, LZO_CMP_PAGES, LZO_READ_PAGES); |
6790 |
++ if (low_free_pages() > snapshot_get_image_size()) |
6791 |
++ read_pages = (low_free_pages() - snapshot_get_image_size()) / 2; |
6792 |
++ read_pages = clamp_val(read_pages, LZO_MIN_RD_PAGES, LZO_MAX_RD_PAGES); |
6793 |
+ |
6794 |
+ for (i = 0; i < read_pages; i++) { |
6795 |
+ page[i] = (void *)__get_free_page(i < LZO_CMP_PAGES ? |
6796 |
+ __GFP_WAIT | __GFP_HIGH : |
6797 |
+- __GFP_WAIT); |
6798 |
++ __GFP_WAIT | __GFP_NOWARN | |
6799 |
++ __GFP_NORETRY); |
6800 |
++ |
6801 |
+ if (!page[i]) { |
6802 |
+ if (i < LZO_CMP_PAGES) { |
6803 |
+ ring_size = i; |
6804 |
+diff --git a/kernel/sched.c b/kernel/sched.c |
6805 |
+index 576a27f..52ac69b 100644 |
6806 |
+--- a/kernel/sched.c |
6807 |
++++ b/kernel/sched.c |
6808 |
+@@ -1885,7 +1885,6 @@ static void double_rq_unlock(struct rq *rq1, struct rq *rq2) |
6809 |
+ |
6810 |
+ #endif |
6811 |
+ |
6812 |
+-static void calc_load_account_idle(struct rq *this_rq); |
6813 |
+ static void update_sysctl(void); |
6814 |
+ static int get_update_sysctl_factor(void); |
6815 |
+ static void update_cpu_load(struct rq *this_rq); |
6816 |
+@@ -3401,11 +3400,73 @@ unsigned long this_cpu_load(void) |
6817 |
+ } |
6818 |
+ |
6819 |
+ |
6820 |
++/* |
6821 |
++ * Global load-average calculations |
6822 |
++ * |
6823 |
++ * We take a distributed and async approach to calculating the global load-avg |
6824 |
++ * in order to minimize overhead. |
6825 |
++ * |
6826 |
++ * The global load average is an exponentially decaying average of nr_running + |
6827 |
++ * nr_uninterruptible. |
6828 |
++ * |
6829 |
++ * Once every LOAD_FREQ: |
6830 |
++ * |
6831 |
++ * nr_active = 0; |
6832 |
++ * for_each_possible_cpu(cpu) |
6833 |
++ * nr_active += cpu_of(cpu)->nr_running + cpu_of(cpu)->nr_uninterruptible; |
6834 |
++ * |
6835 |
++ * avenrun[n] = avenrun[0] * exp_n + nr_active * (1 - exp_n) |
6836 |
++ * |
6837 |
++ * Due to a number of reasons the above turns in the mess below: |
6838 |
++ * |
6839 |
++ * - for_each_possible_cpu() is prohibitively expensive on machines with |
6840 |
++ * serious number of cpus, therefore we need to take a distributed approach |
6841 |
++ * to calculating nr_active. |
6842 |
++ * |
6843 |
++ * \Sum_i x_i(t) = \Sum_i x_i(t) - x_i(t_0) | x_i(t_0) := 0 |
6844 |
++ * = \Sum_i { \Sum_j=1 x_i(t_j) - x_i(t_j-1) } |
6845 |
++ * |
6846 |
++ * So assuming nr_active := 0 when we start out -- true per definition, we |
6847 |
++ * can simply take per-cpu deltas and fold those into a global accumulate |
6848 |
++ * to obtain the same result. See calc_load_fold_active(). |
6849 |
++ * |
6850 |
++ * Furthermore, in order to avoid synchronizing all per-cpu delta folding |
6851 |
++ * across the machine, we assume 10 ticks is sufficient time for every |
6852 |
++ * cpu to have completed this task. |
6853 |
++ * |
6854 |
++ * This places an upper-bound on the IRQ-off latency of the machine. Then |
6855 |
++ * again, being late doesn't loose the delta, just wrecks the sample. |
6856 |
++ * |
6857 |
++ * - cpu_rq()->nr_uninterruptible isn't accurately tracked per-cpu because |
6858 |
++ * this would add another cross-cpu cacheline miss and atomic operation |
6859 |
++ * to the wakeup path. Instead we increment on whatever cpu the task ran |
6860 |
++ * when it went into uninterruptible state and decrement on whatever cpu |
6861 |
++ * did the wakeup. This means that only the sum of nr_uninterruptible over |
6862 |
++ * all cpus yields the correct result. |
6863 |
++ * |
6864 |
++ * This covers the NO_HZ=n code, for extra head-aches, see the comment below. |
6865 |
++ */ |
6866 |
++ |
6867 |
+ /* Variables and functions for calc_load */ |
6868 |
+ static atomic_long_t calc_load_tasks; |
6869 |
+ static unsigned long calc_load_update; |
6870 |
+ unsigned long avenrun[3]; |
6871 |
+-EXPORT_SYMBOL(avenrun); |
6872 |
++EXPORT_SYMBOL(avenrun); /* should be removed */ |
6873 |
++ |
6874 |
++/** |
6875 |
++ * get_avenrun - get the load average array |
6876 |
++ * @loads: pointer to dest load array |
6877 |
++ * @offset: offset to add |
6878 |
++ * @shift: shift count to shift the result left |
6879 |
++ * |
6880 |
++ * These values are estimates at best, so no need for locking. |
6881 |
++ */ |
6882 |
++void get_avenrun(unsigned long *loads, unsigned long offset, int shift) |
6883 |
++{ |
6884 |
++ loads[0] = (avenrun[0] + offset) << shift; |
6885 |
++ loads[1] = (avenrun[1] + offset) << shift; |
6886 |
++ loads[2] = (avenrun[2] + offset) << shift; |
6887 |
++} |
6888 |
+ |
6889 |
+ static long calc_load_fold_active(struct rq *this_rq) |
6890 |
+ { |
6891 |
+@@ -3422,6 +3483,9 @@ static long calc_load_fold_active(struct rq *this_rq) |
6892 |
+ return delta; |
6893 |
+ } |
6894 |
+ |
6895 |
++/* |
6896 |
++ * a1 = a0 * e + a * (1 - e) |
6897 |
++ */ |
6898 |
+ static unsigned long |
6899 |
+ calc_load(unsigned long load, unsigned long exp, unsigned long active) |
6900 |
+ { |
6901 |
+@@ -3433,30 +3497,118 @@ calc_load(unsigned long load, unsigned long exp, unsigned long active) |
6902 |
+ |
6903 |
+ #ifdef CONFIG_NO_HZ |
6904 |
+ /* |
6905 |
+- * For NO_HZ we delay the active fold to the next LOAD_FREQ update. |
6906 |
++ * Handle NO_HZ for the global load-average. |
6907 |
++ * |
6908 |
++ * Since the above described distributed algorithm to compute the global |
6909 |
++ * load-average relies on per-cpu sampling from the tick, it is affected by |
6910 |
++ * NO_HZ. |
6911 |
++ * |
6912 |
++ * The basic idea is to fold the nr_active delta into a global idle-delta upon |
6913 |
++ * entering NO_HZ state such that we can include this as an 'extra' cpu delta |
6914 |
++ * when we read the global state. |
6915 |
++ * |
6916 |
++ * Obviously reality has to ruin such a delightfully simple scheme: |
6917 |
++ * |
6918 |
++ * - When we go NO_HZ idle during the window, we can negate our sample |
6919 |
++ * contribution, causing under-accounting. |
6920 |
++ * |
6921 |
++ * We avoid this by keeping two idle-delta counters and flipping them |
6922 |
++ * when the window starts, thus separating old and new NO_HZ load. |
6923 |
++ * |
6924 |
++ * The only trick is the slight shift in index flip for read vs write. |
6925 |
++ * |
6926 |
++ * 0s 5s 10s 15s |
6927 |
++ * +10 +10 +10 +10 |
6928 |
++ * |-|-----------|-|-----------|-|-----------|-| |
6929 |
++ * r:0 0 1 1 0 0 1 1 0 |
6930 |
++ * w:0 1 1 0 0 1 1 0 0 |
6931 |
++ * |
6932 |
++ * This ensures we'll fold the old idle contribution in this window while |
6933 |
++ * accumlating the new one. |
6934 |
++ * |
6935 |
++ * - When we wake up from NO_HZ idle during the window, we push up our |
6936 |
++ * contribution, since we effectively move our sample point to a known |
6937 |
++ * busy state. |
6938 |
++ * |
6939 |
++ * This is solved by pushing the window forward, and thus skipping the |
6940 |
++ * sample, for this cpu (effectively using the idle-delta for this cpu which |
6941 |
++ * was in effect at the time the window opened). This also solves the issue |
6942 |
++ * of having to deal with a cpu having been in NOHZ idle for multiple |
6943 |
++ * LOAD_FREQ intervals. |
6944 |
+ * |
6945 |
+ * When making the ILB scale, we should try to pull this in as well. |
6946 |
+ */ |
6947 |
+-static atomic_long_t calc_load_tasks_idle; |
6948 |
++static atomic_long_t calc_load_idle[2]; |
6949 |
++static int calc_load_idx; |
6950 |
+ |
6951 |
+-static void calc_load_account_idle(struct rq *this_rq) |
6952 |
++static inline int calc_load_write_idx(void) |
6953 |
+ { |
6954 |
++ int idx = calc_load_idx; |
6955 |
++ |
6956 |
++ /* |
6957 |
++ * See calc_global_nohz(), if we observe the new index, we also |
6958 |
++ * need to observe the new update time. |
6959 |
++ */ |
6960 |
++ smp_rmb(); |
6961 |
++ |
6962 |
++ /* |
6963 |
++ * If the folding window started, make sure we start writing in the |
6964 |
++ * next idle-delta. |
6965 |
++ */ |
6966 |
++ if (!time_before(jiffies, calc_load_update)) |
6967 |
++ idx++; |
6968 |
++ |
6969 |
++ return idx & 1; |
6970 |
++} |
6971 |
++ |
6972 |
++static inline int calc_load_read_idx(void) |
6973 |
++{ |
6974 |
++ return calc_load_idx & 1; |
6975 |
++} |
6976 |
++ |
6977 |
++void calc_load_enter_idle(void) |
6978 |
++{ |
6979 |
++ struct rq *this_rq = this_rq(); |
6980 |
+ long delta; |
6981 |
+ |
6982 |
++ /* |
6983 |
++ * We're going into NOHZ mode, if there's any pending delta, fold it |
6984 |
++ * into the pending idle delta. |
6985 |
++ */ |
6986 |
+ delta = calc_load_fold_active(this_rq); |
6987 |
+- if (delta) |
6988 |
+- atomic_long_add(delta, &calc_load_tasks_idle); |
6989 |
++ if (delta) { |
6990 |
++ int idx = calc_load_write_idx(); |
6991 |
++ atomic_long_add(delta, &calc_load_idle[idx]); |
6992 |
++ } |
6993 |
+ } |
6994 |
+ |
6995 |
+-static long calc_load_fold_idle(void) |
6996 |
++void calc_load_exit_idle(void) |
6997 |
+ { |
6998 |
+- long delta = 0; |
6999 |
++ struct rq *this_rq = this_rq(); |
7000 |
++ |
7001 |
++ /* |
7002 |
++ * If we're still before the sample window, we're done. |
7003 |
++ */ |
7004 |
++ if (time_before(jiffies, this_rq->calc_load_update)) |
7005 |
++ return; |
7006 |
+ |
7007 |
+ /* |
7008 |
+- * Its got a race, we don't care... |
7009 |
++ * We woke inside or after the sample window, this means we're already |
7010 |
++ * accounted through the nohz accounting, so skip the entire deal and |
7011 |
++ * sync up for the next window. |
7012 |
+ */ |
7013 |
+- if (atomic_long_read(&calc_load_tasks_idle)) |
7014 |
+- delta = atomic_long_xchg(&calc_load_tasks_idle, 0); |
7015 |
++ this_rq->calc_load_update = calc_load_update; |
7016 |
++ if (time_before(jiffies, this_rq->calc_load_update + 10)) |
7017 |
++ this_rq->calc_load_update += LOAD_FREQ; |
7018 |
++} |
7019 |
++ |
7020 |
++static long calc_load_fold_idle(void) |
7021 |
++{ |
7022 |
++ int idx = calc_load_read_idx(); |
7023 |
++ long delta = 0; |
7024 |
++ |
7025 |
++ if (atomic_long_read(&calc_load_idle[idx])) |
7026 |
++ delta = atomic_long_xchg(&calc_load_idle[idx], 0); |
7027 |
+ |
7028 |
+ return delta; |
7029 |
+ } |
7030 |
+@@ -3542,66 +3694,39 @@ static void calc_global_nohz(void) |
7031 |
+ { |
7032 |
+ long delta, active, n; |
7033 |
+ |
7034 |
+- /* |
7035 |
+- * If we crossed a calc_load_update boundary, make sure to fold |
7036 |
+- * any pending idle changes, the respective CPUs might have |
7037 |
+- * missed the tick driven calc_load_account_active() update |
7038 |
+- * due to NO_HZ. |
7039 |
+- */ |
7040 |
+- delta = calc_load_fold_idle(); |
7041 |
+- if (delta) |
7042 |
+- atomic_long_add(delta, &calc_load_tasks); |
7043 |
+- |
7044 |
+- /* |
7045 |
+- * It could be the one fold was all it took, we done! |
7046 |
+- */ |
7047 |
+- if (time_before(jiffies, calc_load_update + 10)) |
7048 |
+- return; |
7049 |
+- |
7050 |
+- /* |
7051 |
+- * Catch-up, fold however many we are behind still |
7052 |
+- */ |
7053 |
+- delta = jiffies - calc_load_update - 10; |
7054 |
+- n = 1 + (delta / LOAD_FREQ); |
7055 |
++ if (!time_before(jiffies, calc_load_update + 10)) { |
7056 |
++ /* |
7057 |
++ * Catch-up, fold however many we are behind still |
7058 |
++ */ |
7059 |
++ delta = jiffies - calc_load_update - 10; |
7060 |
++ n = 1 + (delta / LOAD_FREQ); |
7061 |
+ |
7062 |
+- active = atomic_long_read(&calc_load_tasks); |
7063 |
+- active = active > 0 ? active * FIXED_1 : 0; |
7064 |
++ active = atomic_long_read(&calc_load_tasks); |
7065 |
++ active = active > 0 ? active * FIXED_1 : 0; |
7066 |
+ |
7067 |
+- avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
7068 |
+- avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
7069 |
+- avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
7070 |
++ avenrun[0] = calc_load_n(avenrun[0], EXP_1, active, n); |
7071 |
++ avenrun[1] = calc_load_n(avenrun[1], EXP_5, active, n); |
7072 |
++ avenrun[2] = calc_load_n(avenrun[2], EXP_15, active, n); |
7073 |
+ |
7074 |
+- calc_load_update += n * LOAD_FREQ; |
7075 |
+-} |
7076 |
+-#else |
7077 |
+-static void calc_load_account_idle(struct rq *this_rq) |
7078 |
+-{ |
7079 |
+-} |
7080 |
++ calc_load_update += n * LOAD_FREQ; |
7081 |
++ } |
7082 |
+ |
7083 |
+-static inline long calc_load_fold_idle(void) |
7084 |
+-{ |
7085 |
+- return 0; |
7086 |
++ /* |
7087 |
++ * Flip the idle index... |
7088 |
++ * |
7089 |
++ * Make sure we first write the new time then flip the index, so that |
7090 |
++ * calc_load_write_idx() will see the new time when it reads the new |
7091 |
++ * index, this avoids a double flip messing things up. |
7092 |
++ */ |
7093 |
++ smp_wmb(); |
7094 |
++ calc_load_idx++; |
7095 |
+ } |
7096 |
++#else /* !CONFIG_NO_HZ */ |
7097 |
+ |
7098 |
+-static void calc_global_nohz(void) |
7099 |
+-{ |
7100 |
+-} |
7101 |
+-#endif |
7102 |
++static inline long calc_load_fold_idle(void) { return 0; } |
7103 |
++static inline void calc_global_nohz(void) { } |
7104 |
+ |
7105 |
+-/** |
7106 |
+- * get_avenrun - get the load average array |
7107 |
+- * @loads: pointer to dest load array |
7108 |
+- * @offset: offset to add |
7109 |
+- * @shift: shift count to shift the result left |
7110 |
+- * |
7111 |
+- * These values are estimates at best, so no need for locking. |
7112 |
+- */ |
7113 |
+-void get_avenrun(unsigned long *loads, unsigned long offset, int shift) |
7114 |
+-{ |
7115 |
+- loads[0] = (avenrun[0] + offset) << shift; |
7116 |
+- loads[1] = (avenrun[1] + offset) << shift; |
7117 |
+- loads[2] = (avenrun[2] + offset) << shift; |
7118 |
+-} |
7119 |
++#endif /* CONFIG_NO_HZ */ |
7120 |
+ |
7121 |
+ /* |
7122 |
+ * calc_load - update the avenrun load estimates 10 ticks after the |
7123 |
+@@ -3609,11 +3734,18 @@ void get_avenrun(unsigned long *loads, unsigned long offset, int shift) |
7124 |
+ */ |
7125 |
+ void calc_global_load(unsigned long ticks) |
7126 |
+ { |
7127 |
+- long active; |
7128 |
++ long active, delta; |
7129 |
+ |
7130 |
+ if (time_before(jiffies, calc_load_update + 10)) |
7131 |
+ return; |
7132 |
+ |
7133 |
++ /* |
7134 |
++ * Fold the 'old' idle-delta to include all NO_HZ cpus. |
7135 |
++ */ |
7136 |
++ delta = calc_load_fold_idle(); |
7137 |
++ if (delta) |
7138 |
++ atomic_long_add(delta, &calc_load_tasks); |
7139 |
++ |
7140 |
+ active = atomic_long_read(&calc_load_tasks); |
7141 |
+ active = active > 0 ? active * FIXED_1 : 0; |
7142 |
+ |
7143 |
+@@ -3624,12 +3756,7 @@ void calc_global_load(unsigned long ticks) |
7144 |
+ calc_load_update += LOAD_FREQ; |
7145 |
+ |
7146 |
+ /* |
7147 |
+- * Account one period with whatever state we found before |
7148 |
+- * folding in the nohz state and ageing the entire idle period. |
7149 |
+- * |
7150 |
+- * This avoids loosing a sample when we go idle between |
7151 |
+- * calc_load_account_active() (10 ticks ago) and now and thus |
7152 |
+- * under-accounting. |
7153 |
++ * In case we idled for multiple LOAD_FREQ intervals, catch up in bulk. |
7154 |
+ */ |
7155 |
+ calc_global_nohz(); |
7156 |
+ } |
7157 |
+@@ -3646,7 +3773,6 @@ static void calc_load_account_active(struct rq *this_rq) |
7158 |
+ return; |
7159 |
+ |
7160 |
+ delta = calc_load_fold_active(this_rq); |
7161 |
+- delta += calc_load_fold_idle(); |
7162 |
+ if (delta) |
7163 |
+ atomic_long_add(delta, &calc_load_tasks); |
7164 |
+ |
7165 |
+@@ -3654,6 +3780,10 @@ static void calc_load_account_active(struct rq *this_rq) |
7166 |
+ } |
7167 |
+ |
7168 |
+ /* |
7169 |
++ * End of global load-average stuff |
7170 |
++ */ |
7171 |
++ |
7172 |
++/* |
7173 |
+ * The exact cpuload at various idx values, calculated at every tick would be |
7174 |
+ * load = (2^idx - 1) / 2^idx * load + 1 / 2^idx * cur_load |
7175 |
+ * |
7176 |
+diff --git a/kernel/sched_idletask.c b/kernel/sched_idletask.c |
7177 |
+index 0a51882..be92bfe 100644 |
7178 |
+--- a/kernel/sched_idletask.c |
7179 |
++++ b/kernel/sched_idletask.c |
7180 |
+@@ -23,7 +23,6 @@ static void check_preempt_curr_idle(struct rq *rq, struct task_struct *p, int fl |
7181 |
+ static struct task_struct *pick_next_task_idle(struct rq *rq) |
7182 |
+ { |
7183 |
+ schedstat_inc(rq, sched_goidle); |
7184 |
+- calc_load_account_idle(rq); |
7185 |
+ return rq->idle; |
7186 |
+ } |
7187 |
+ |
7188 |
+diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c |
7189 |
+index 4b85a7a..f1eb182 100644 |
7190 |
+--- a/kernel/time/ntp.c |
7191 |
++++ b/kernel/time/ntp.c |
7192 |
+@@ -31,8 +31,6 @@ unsigned long tick_nsec; |
7193 |
+ u64 tick_length; |
7194 |
+ static u64 tick_length_base; |
7195 |
+ |
7196 |
+-static struct hrtimer leap_timer; |
7197 |
+- |
7198 |
+ #define MAX_TICKADJ 500LL /* usecs */ |
7199 |
+ #define MAX_TICKADJ_SCALED \ |
7200 |
+ (((MAX_TICKADJ * NSEC_PER_USEC) << NTP_SCALE_SHIFT) / NTP_INTERVAL_FREQ) |
7201 |
+@@ -350,60 +348,60 @@ void ntp_clear(void) |
7202 |
+ } |
7203 |
+ |
7204 |
+ /* |
7205 |
+- * Leap second processing. If in leap-insert state at the end of the |
7206 |
+- * day, the system clock is set back one second; if in leap-delete |
7207 |
+- * state, the system clock is set ahead one second. |
7208 |
++ * this routine handles the overflow of the microsecond field |
7209 |
++ * |
7210 |
++ * The tricky bits of code to handle the accurate clock support |
7211 |
++ * were provided by Dave Mills (Mills@××××.EDU) of NTP fame. |
7212 |
++ * They were originally developed for SUN and DEC kernels. |
7213 |
++ * All the kudos should go to Dave for this stuff. |
7214 |
++ * |
7215 |
++ * Also handles leap second processing, and returns leap offset |
7216 |
+ */ |
7217 |
+-static enum hrtimer_restart ntp_leap_second(struct hrtimer *timer) |
7218 |
++int second_overflow(unsigned long secs) |
7219 |
+ { |
7220 |
+- enum hrtimer_restart res = HRTIMER_NORESTART; |
7221 |
+- |
7222 |
+- write_seqlock(&xtime_lock); |
7223 |
++ int leap = 0; |
7224 |
++ s64 delta; |
7225 |
+ |
7226 |
++ /* |
7227 |
++ * Leap second processing. If in leap-insert state at the end of the |
7228 |
++ * day, the system clock is set back one second; if in leap-delete |
7229 |
++ * state, the system clock is set ahead one second. |
7230 |
++ */ |
7231 |
+ switch (time_state) { |
7232 |
+ case TIME_OK: |
7233 |
++ if (time_status & STA_INS) |
7234 |
++ time_state = TIME_INS; |
7235 |
++ else if (time_status & STA_DEL) |
7236 |
++ time_state = TIME_DEL; |
7237 |
+ break; |
7238 |
+ case TIME_INS: |
7239 |
+- timekeeping_leap_insert(-1); |
7240 |
+- time_state = TIME_OOP; |
7241 |
+- printk(KERN_NOTICE |
7242 |
+- "Clock: inserting leap second 23:59:60 UTC\n"); |
7243 |
+- hrtimer_add_expires_ns(&leap_timer, NSEC_PER_SEC); |
7244 |
+- res = HRTIMER_RESTART; |
7245 |
++ if (secs % 86400 == 0) { |
7246 |
++ leap = -1; |
7247 |
++ time_state = TIME_OOP; |
7248 |
++ time_tai++; |
7249 |
++ printk(KERN_NOTICE |
7250 |
++ "Clock: inserting leap second 23:59:60 UTC\n"); |
7251 |
++ } |
7252 |
+ break; |
7253 |
+ case TIME_DEL: |
7254 |
+- timekeeping_leap_insert(1); |
7255 |
+- time_tai--; |
7256 |
+- time_state = TIME_WAIT; |
7257 |
+- printk(KERN_NOTICE |
7258 |
+- "Clock: deleting leap second 23:59:59 UTC\n"); |
7259 |
++ if ((secs + 1) % 86400 == 0) { |
7260 |
++ leap = 1; |
7261 |
++ time_tai--; |
7262 |
++ time_state = TIME_WAIT; |
7263 |
++ printk(KERN_NOTICE |
7264 |
++ "Clock: deleting leap second 23:59:59 UTC\n"); |
7265 |
++ } |
7266 |
+ break; |
7267 |
+ case TIME_OOP: |
7268 |
+- time_tai++; |
7269 |
+ time_state = TIME_WAIT; |
7270 |
+- /* fall through */ |
7271 |
++ break; |
7272 |
++ |
7273 |
+ case TIME_WAIT: |
7274 |
+ if (!(time_status & (STA_INS | STA_DEL))) |
7275 |
+ time_state = TIME_OK; |
7276 |
+ break; |
7277 |
+ } |
7278 |
+ |
7279 |
+- write_sequnlock(&xtime_lock); |
7280 |
+- |
7281 |
+- return res; |
7282 |
+-} |
7283 |
+- |
7284 |
+-/* |
7285 |
+- * this routine handles the overflow of the microsecond field |
7286 |
+- * |
7287 |
+- * The tricky bits of code to handle the accurate clock support |
7288 |
+- * were provided by Dave Mills (Mills@××××.EDU) of NTP fame. |
7289 |
+- * They were originally developed for SUN and DEC kernels. |
7290 |
+- * All the kudos should go to Dave for this stuff. |
7291 |
+- */ |
7292 |
+-void second_overflow(void) |
7293 |
+-{ |
7294 |
+- s64 delta; |
7295 |
+ |
7296 |
+ /* Bump the maxerror field */ |
7297 |
+ time_maxerror += MAXFREQ / NSEC_PER_USEC; |
7298 |
+@@ -423,23 +421,25 @@ void second_overflow(void) |
7299 |
+ pps_dec_valid(); |
7300 |
+ |
7301 |
+ if (!time_adjust) |
7302 |
+- return; |
7303 |
++ goto out; |
7304 |
+ |
7305 |
+ if (time_adjust > MAX_TICKADJ) { |
7306 |
+ time_adjust -= MAX_TICKADJ; |
7307 |
+ tick_length += MAX_TICKADJ_SCALED; |
7308 |
+- return; |
7309 |
++ goto out; |
7310 |
+ } |
7311 |
+ |
7312 |
+ if (time_adjust < -MAX_TICKADJ) { |
7313 |
+ time_adjust += MAX_TICKADJ; |
7314 |
+ tick_length -= MAX_TICKADJ_SCALED; |
7315 |
+- return; |
7316 |
++ goto out; |
7317 |
+ } |
7318 |
+ |
7319 |
+ tick_length += (s64)(time_adjust * NSEC_PER_USEC / NTP_INTERVAL_FREQ) |
7320 |
+ << NTP_SCALE_SHIFT; |
7321 |
+ time_adjust = 0; |
7322 |
++out: |
7323 |
++ return leap; |
7324 |
+ } |
7325 |
+ |
7326 |
+ #ifdef CONFIG_GENERIC_CMOS_UPDATE |
7327 |
+@@ -501,27 +501,6 @@ static void notify_cmos_timer(void) |
7328 |
+ static inline void notify_cmos_timer(void) { } |
7329 |
+ #endif |
7330 |
+ |
7331 |
+-/* |
7332 |
+- * Start the leap seconds timer: |
7333 |
+- */ |
7334 |
+-static inline void ntp_start_leap_timer(struct timespec *ts) |
7335 |
+-{ |
7336 |
+- long now = ts->tv_sec; |
7337 |
+- |
7338 |
+- if (time_status & STA_INS) { |
7339 |
+- time_state = TIME_INS; |
7340 |
+- now += 86400 - now % 86400; |
7341 |
+- hrtimer_start(&leap_timer, ktime_set(now, 0), HRTIMER_MODE_ABS); |
7342 |
+- |
7343 |
+- return; |
7344 |
+- } |
7345 |
+- |
7346 |
+- if (time_status & STA_DEL) { |
7347 |
+- time_state = TIME_DEL; |
7348 |
+- now += 86400 - (now + 1) % 86400; |
7349 |
+- hrtimer_start(&leap_timer, ktime_set(now, 0), HRTIMER_MODE_ABS); |
7350 |
+- } |
7351 |
+-} |
7352 |
+ |
7353 |
+ /* |
7354 |
+ * Propagate a new txc->status value into the NTP state: |
7355 |
+@@ -546,22 +525,6 @@ static inline void process_adj_status(struct timex *txc, struct timespec *ts) |
7356 |
+ time_status &= STA_RONLY; |
7357 |
+ time_status |= txc->status & ~STA_RONLY; |
7358 |
+ |
7359 |
+- switch (time_state) { |
7360 |
+- case TIME_OK: |
7361 |
+- ntp_start_leap_timer(ts); |
7362 |
+- break; |
7363 |
+- case TIME_INS: |
7364 |
+- case TIME_DEL: |
7365 |
+- time_state = TIME_OK; |
7366 |
+- ntp_start_leap_timer(ts); |
7367 |
+- case TIME_WAIT: |
7368 |
+- if (!(time_status & (STA_INS | STA_DEL))) |
7369 |
+- time_state = TIME_OK; |
7370 |
+- break; |
7371 |
+- case TIME_OOP: |
7372 |
+- hrtimer_restart(&leap_timer); |
7373 |
+- break; |
7374 |
+- } |
7375 |
+ } |
7376 |
+ /* |
7377 |
+ * Called with the xtime lock held, so we can access and modify |
7378 |
+@@ -643,9 +606,6 @@ int do_adjtimex(struct timex *txc) |
7379 |
+ (txc->tick < 900000/USER_HZ || |
7380 |
+ txc->tick > 1100000/USER_HZ)) |
7381 |
+ return -EINVAL; |
7382 |
+- |
7383 |
+- if (txc->modes & ADJ_STATUS && time_state != TIME_OK) |
7384 |
+- hrtimer_cancel(&leap_timer); |
7385 |
+ } |
7386 |
+ |
7387 |
+ if (txc->modes & ADJ_SETOFFSET) { |
7388 |
+@@ -967,6 +927,4 @@ __setup("ntp_tick_adj=", ntp_tick_adj_setup); |
7389 |
+ void __init ntp_init(void) |
7390 |
+ { |
7391 |
+ ntp_clear(); |
7392 |
+- hrtimer_init(&leap_timer, CLOCK_REALTIME, HRTIMER_MODE_ABS); |
7393 |
+- leap_timer.function = ntp_leap_second; |
7394 |
+ } |
7395 |
+diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c |
7396 |
+index c923640..9955ebd 100644 |
7397 |
+--- a/kernel/time/tick-sched.c |
7398 |
++++ b/kernel/time/tick-sched.c |
7399 |
+@@ -430,6 +430,7 @@ void tick_nohz_stop_sched_tick(int inidle) |
7400 |
+ */ |
7401 |
+ if (!ts->tick_stopped) { |
7402 |
+ select_nohz_load_balancer(1); |
7403 |
++ calc_load_enter_idle(); |
7404 |
+ |
7405 |
+ ts->idle_tick = hrtimer_get_expires(&ts->sched_timer); |
7406 |
+ ts->tick_stopped = 1; |
7407 |
+@@ -563,6 +564,7 @@ void tick_nohz_restart_sched_tick(void) |
7408 |
+ account_idle_ticks(ticks); |
7409 |
+ #endif |
7410 |
+ |
7411 |
++ calc_load_exit_idle(); |
7412 |
+ touch_softlockup_watchdog(); |
7413 |
+ /* |
7414 |
+ * Cancel the scheduled timer and restore the tick |
7415 |
+diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c |
7416 |
+index 2378413..03e67d4 100644 |
7417 |
+--- a/kernel/time/timekeeping.c |
7418 |
++++ b/kernel/time/timekeeping.c |
7419 |
+@@ -161,23 +161,43 @@ static struct timespec xtime __attribute__ ((aligned (16))); |
7420 |
+ static struct timespec wall_to_monotonic __attribute__ ((aligned (16))); |
7421 |
+ static struct timespec total_sleep_time; |
7422 |
+ |
7423 |
++/* Offset clock monotonic -> clock realtime */ |
7424 |
++static ktime_t offs_real; |
7425 |
++ |
7426 |
++/* Offset clock monotonic -> clock boottime */ |
7427 |
++static ktime_t offs_boot; |
7428 |
++ |
7429 |
+ /* |
7430 |
+ * The raw monotonic time for the CLOCK_MONOTONIC_RAW posix clock. |
7431 |
+ */ |
7432 |
+ static struct timespec raw_time; |
7433 |
+ |
7434 |
+-/* flag for if timekeeping is suspended */ |
7435 |
+-int __read_mostly timekeeping_suspended; |
7436 |
++/* must hold write on xtime_lock */ |
7437 |
++static void update_rt_offset(void) |
7438 |
++{ |
7439 |
++ struct timespec tmp, *wtm = &wall_to_monotonic; |
7440 |
+ |
7441 |
+-/* must hold xtime_lock */ |
7442 |
+-void timekeeping_leap_insert(int leapsecond) |
7443 |
++ set_normalized_timespec(&tmp, -wtm->tv_sec, -wtm->tv_nsec); |
7444 |
++ offs_real = timespec_to_ktime(tmp); |
7445 |
++} |
7446 |
++ |
7447 |
++/* must hold write on xtime_lock */ |
7448 |
++static void timekeeping_update(bool clearntp) |
7449 |
+ { |
7450 |
+- xtime.tv_sec += leapsecond; |
7451 |
+- wall_to_monotonic.tv_sec -= leapsecond; |
7452 |
+- update_vsyscall(&xtime, &wall_to_monotonic, timekeeper.clock, |
7453 |
+- timekeeper.mult); |
7454 |
++ if (clearntp) { |
7455 |
++ timekeeper.ntp_error = 0; |
7456 |
++ ntp_clear(); |
7457 |
++ } |
7458 |
++ update_rt_offset(); |
7459 |
++ update_vsyscall(&xtime, &wall_to_monotonic, |
7460 |
++ timekeeper.clock, timekeeper.mult); |
7461 |
+ } |
7462 |
+ |
7463 |
++ |
7464 |
++ |
7465 |
++/* flag for if timekeeping is suspended */ |
7466 |
++int __read_mostly timekeeping_suspended; |
7467 |
++ |
7468 |
+ /** |
7469 |
+ * timekeeping_forward_now - update clock to the current time |
7470 |
+ * |
7471 |
+@@ -375,11 +395,7 @@ int do_settimeofday(const struct timespec *tv) |
7472 |
+ |
7473 |
+ xtime = *tv; |
7474 |
+ |
7475 |
+- timekeeper.ntp_error = 0; |
7476 |
+- ntp_clear(); |
7477 |
+- |
7478 |
+- update_vsyscall(&xtime, &wall_to_monotonic, timekeeper.clock, |
7479 |
+- timekeeper.mult); |
7480 |
++ timekeeping_update(true); |
7481 |
+ |
7482 |
+ write_sequnlock_irqrestore(&xtime_lock, flags); |
7483 |
+ |
7484 |
+@@ -412,11 +428,7 @@ int timekeeping_inject_offset(struct timespec *ts) |
7485 |
+ xtime = timespec_add(xtime, *ts); |
7486 |
+ wall_to_monotonic = timespec_sub(wall_to_monotonic, *ts); |
7487 |
+ |
7488 |
+- timekeeper.ntp_error = 0; |
7489 |
+- ntp_clear(); |
7490 |
+- |
7491 |
+- update_vsyscall(&xtime, &wall_to_monotonic, timekeeper.clock, |
7492 |
+- timekeeper.mult); |
7493 |
++ timekeeping_update(true); |
7494 |
+ |
7495 |
+ write_sequnlock_irqrestore(&xtime_lock, flags); |
7496 |
+ |
7497 |
+@@ -591,6 +603,7 @@ void __init timekeeping_init(void) |
7498 |
+ } |
7499 |
+ set_normalized_timespec(&wall_to_monotonic, |
7500 |
+ -boot.tv_sec, -boot.tv_nsec); |
7501 |
++ update_rt_offset(); |
7502 |
+ total_sleep_time.tv_sec = 0; |
7503 |
+ total_sleep_time.tv_nsec = 0; |
7504 |
+ write_sequnlock_irqrestore(&xtime_lock, flags); |
7505 |
+@@ -599,6 +612,12 @@ void __init timekeeping_init(void) |
7506 |
+ /* time in seconds when suspend began */ |
7507 |
+ static struct timespec timekeeping_suspend_time; |
7508 |
+ |
7509 |
++static void update_sleep_time(struct timespec t) |
7510 |
++{ |
7511 |
++ total_sleep_time = t; |
7512 |
++ offs_boot = timespec_to_ktime(t); |
7513 |
++} |
7514 |
++ |
7515 |
+ /** |
7516 |
+ * __timekeeping_inject_sleeptime - Internal function to add sleep interval |
7517 |
+ * @delta: pointer to a timespec delta value |
7518 |
+@@ -616,7 +635,7 @@ static void __timekeeping_inject_sleeptime(struct timespec *delta) |
7519 |
+ |
7520 |
+ xtime = timespec_add(xtime, *delta); |
7521 |
+ wall_to_monotonic = timespec_sub(wall_to_monotonic, *delta); |
7522 |
+- total_sleep_time = timespec_add(total_sleep_time, *delta); |
7523 |
++ update_sleep_time(timespec_add(total_sleep_time, *delta)); |
7524 |
+ } |
7525 |
+ |
7526 |
+ |
7527 |
+@@ -645,10 +664,7 @@ void timekeeping_inject_sleeptime(struct timespec *delta) |
7528 |
+ |
7529 |
+ __timekeeping_inject_sleeptime(delta); |
7530 |
+ |
7531 |
+- timekeeper.ntp_error = 0; |
7532 |
+- ntp_clear(); |
7533 |
+- update_vsyscall(&xtime, &wall_to_monotonic, timekeeper.clock, |
7534 |
+- timekeeper.mult); |
7535 |
++ timekeeping_update(true); |
7536 |
+ |
7537 |
+ write_sequnlock_irqrestore(&xtime_lock, flags); |
7538 |
+ |
7539 |
+@@ -683,6 +699,7 @@ static void timekeeping_resume(void) |
7540 |
+ timekeeper.clock->cycle_last = timekeeper.clock->read(timekeeper.clock); |
7541 |
+ timekeeper.ntp_error = 0; |
7542 |
+ timekeeping_suspended = 0; |
7543 |
++ timekeeping_update(false); |
7544 |
+ write_sequnlock_irqrestore(&xtime_lock, flags); |
7545 |
+ |
7546 |
+ touch_softlockup_watchdog(); |
7547 |
+@@ -942,9 +959,14 @@ static cycle_t logarithmic_accumulation(cycle_t offset, int shift) |
7548 |
+ |
7549 |
+ timekeeper.xtime_nsec += timekeeper.xtime_interval << shift; |
7550 |
+ while (timekeeper.xtime_nsec >= nsecps) { |
7551 |
++ int leap; |
7552 |
+ timekeeper.xtime_nsec -= nsecps; |
7553 |
+ xtime.tv_sec++; |
7554 |
+- second_overflow(); |
7555 |
++ leap = second_overflow(xtime.tv_sec); |
7556 |
++ xtime.tv_sec += leap; |
7557 |
++ wall_to_monotonic.tv_sec -= leap; |
7558 |
++ if (leap) |
7559 |
++ clock_was_set_delayed(); |
7560 |
+ } |
7561 |
+ |
7562 |
+ /* Accumulate raw time */ |
7563 |
+@@ -1050,14 +1072,17 @@ static void update_wall_time(void) |
7564 |
+ * xtime.tv_nsec isn't larger then NSEC_PER_SEC |
7565 |
+ */ |
7566 |
+ if (unlikely(xtime.tv_nsec >= NSEC_PER_SEC)) { |
7567 |
++ int leap; |
7568 |
+ xtime.tv_nsec -= NSEC_PER_SEC; |
7569 |
+ xtime.tv_sec++; |
7570 |
+- second_overflow(); |
7571 |
++ leap = second_overflow(xtime.tv_sec); |
7572 |
++ xtime.tv_sec += leap; |
7573 |
++ wall_to_monotonic.tv_sec -= leap; |
7574 |
++ if (leap) |
7575 |
++ clock_was_set_delayed(); |
7576 |
+ } |
7577 |
+ |
7578 |
+- /* check to see if there is a new clocksource to use */ |
7579 |
+- update_vsyscall(&xtime, &wall_to_monotonic, timekeeper.clock, |
7580 |
+- timekeeper.mult); |
7581 |
++ timekeeping_update(false); |
7582 |
+ } |
7583 |
+ |
7584 |
+ /** |
7585 |
+@@ -1216,6 +1241,40 @@ void get_xtime_and_monotonic_and_sleep_offset(struct timespec *xtim, |
7586 |
+ } while (read_seqretry(&xtime_lock, seq)); |
7587 |
+ } |
7588 |
+ |
7589 |
++#ifdef CONFIG_HIGH_RES_TIMERS |
7590 |
++/** |
7591 |
++ * ktime_get_update_offsets - hrtimer helper |
7592 |
++ * @real: pointer to storage for monotonic -> realtime offset |
7593 |
++ * @_boot: pointer to storage for monotonic -> boottime offset |
7594 |
++ * |
7595 |
++ * Returns current monotonic time and updates the offsets |
7596 |
++ * Called from hrtimer_interupt() or retrigger_next_event() |
7597 |
++ */ |
7598 |
++ktime_t ktime_get_update_offsets(ktime_t *real, ktime_t *boot) |
7599 |
++{ |
7600 |
++ ktime_t now; |
7601 |
++ unsigned int seq; |
7602 |
++ u64 secs, nsecs; |
7603 |
++ |
7604 |
++ do { |
7605 |
++ seq = read_seqbegin(&xtime_lock); |
7606 |
++ |
7607 |
++ secs = xtime.tv_sec; |
7608 |
++ nsecs = xtime.tv_nsec; |
7609 |
++ nsecs += timekeeping_get_ns(); |
7610 |
++ /* If arch requires, add in gettimeoffset() */ |
7611 |
++ nsecs += arch_gettimeoffset(); |
7612 |
++ |
7613 |
++ *real = offs_real; |
7614 |
++ *boot = offs_boot; |
7615 |
++ } while (read_seqretry(&xtime_lock, seq)); |
7616 |
++ |
7617 |
++ now = ktime_add_ns(ktime_set(secs, 0), nsecs); |
7618 |
++ now = ktime_sub(now, *real); |
7619 |
++ return now; |
7620 |
++} |
7621 |
++#endif |
7622 |
++ |
7623 |
+ /** |
7624 |
+ * ktime_get_monotonic_offset() - get wall_to_monotonic in ktime_t format |
7625 |
+ */ |
7626 |
+diff --git a/mm/compaction.c b/mm/compaction.c |
7627 |
+index 8fb8a40..50f1c60 100644 |
7628 |
+--- a/mm/compaction.c |
7629 |
++++ b/mm/compaction.c |
7630 |
+@@ -592,8 +592,11 @@ static int compact_zone(struct zone *zone, struct compact_control *cc) |
7631 |
+ if (err) { |
7632 |
+ putback_lru_pages(&cc->migratepages); |
7633 |
+ cc->nr_migratepages = 0; |
7634 |
++ if (err == -ENOMEM) { |
7635 |
++ ret = COMPACT_PARTIAL; |
7636 |
++ goto out; |
7637 |
++ } |
7638 |
+ } |
7639 |
+- |
7640 |
+ } |
7641 |
+ |
7642 |
+ out: |
7643 |
+diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
7644 |
+index 5f5c545..7c535b0 100644 |
7645 |
+--- a/mm/hugetlb.c |
7646 |
++++ b/mm/hugetlb.c |
7647 |
+@@ -53,6 +53,84 @@ static unsigned long __initdata default_hstate_size; |
7648 |
+ */ |
7649 |
+ static DEFINE_SPINLOCK(hugetlb_lock); |
7650 |
+ |
7651 |
++static inline void unlock_or_release_subpool(struct hugepage_subpool *spool) |
7652 |
++{ |
7653 |
++ bool free = (spool->count == 0) && (spool->used_hpages == 0); |
7654 |
++ |
7655 |
++ spin_unlock(&spool->lock); |
7656 |
++ |
7657 |
++ /* If no pages are used, and no other handles to the subpool |
7658 |
++ * remain, free the subpool the subpool remain */ |
7659 |
++ if (free) |
7660 |
++ kfree(spool); |
7661 |
++} |
7662 |
++ |
7663 |
++struct hugepage_subpool *hugepage_new_subpool(long nr_blocks) |
7664 |
++{ |
7665 |
++ struct hugepage_subpool *spool; |
7666 |
++ |
7667 |
++ spool = kmalloc(sizeof(*spool), GFP_KERNEL); |
7668 |
++ if (!spool) |
7669 |
++ return NULL; |
7670 |
++ |
7671 |
++ spin_lock_init(&spool->lock); |
7672 |
++ spool->count = 1; |
7673 |
++ spool->max_hpages = nr_blocks; |
7674 |
++ spool->used_hpages = 0; |
7675 |
++ |
7676 |
++ return spool; |
7677 |
++} |
7678 |
++ |
7679 |
++void hugepage_put_subpool(struct hugepage_subpool *spool) |
7680 |
++{ |
7681 |
++ spin_lock(&spool->lock); |
7682 |
++ BUG_ON(!spool->count); |
7683 |
++ spool->count--; |
7684 |
++ unlock_or_release_subpool(spool); |
7685 |
++} |
7686 |
++ |
7687 |
++static int hugepage_subpool_get_pages(struct hugepage_subpool *spool, |
7688 |
++ long delta) |
7689 |
++{ |
7690 |
++ int ret = 0; |
7691 |
++ |
7692 |
++ if (!spool) |
7693 |
++ return 0; |
7694 |
++ |
7695 |
++ spin_lock(&spool->lock); |
7696 |
++ if ((spool->used_hpages + delta) <= spool->max_hpages) { |
7697 |
++ spool->used_hpages += delta; |
7698 |
++ } else { |
7699 |
++ ret = -ENOMEM; |
7700 |
++ } |
7701 |
++ spin_unlock(&spool->lock); |
7702 |
++ |
7703 |
++ return ret; |
7704 |
++} |
7705 |
++ |
7706 |
++static void hugepage_subpool_put_pages(struct hugepage_subpool *spool, |
7707 |
++ long delta) |
7708 |
++{ |
7709 |
++ if (!spool) |
7710 |
++ return; |
7711 |
++ |
7712 |
++ spin_lock(&spool->lock); |
7713 |
++ spool->used_hpages -= delta; |
7714 |
++ /* If hugetlbfs_put_super couldn't free spool due to |
7715 |
++ * an outstanding quota reference, free it now. */ |
7716 |
++ unlock_or_release_subpool(spool); |
7717 |
++} |
7718 |
++ |
7719 |
++static inline struct hugepage_subpool *subpool_inode(struct inode *inode) |
7720 |
++{ |
7721 |
++ return HUGETLBFS_SB(inode->i_sb)->spool; |
7722 |
++} |
7723 |
++ |
7724 |
++static inline struct hugepage_subpool *subpool_vma(struct vm_area_struct *vma) |
7725 |
++{ |
7726 |
++ return subpool_inode(vma->vm_file->f_dentry->d_inode); |
7727 |
++} |
7728 |
++ |
7729 |
+ /* |
7730 |
+ * Region tracking -- allows tracking of reservations and instantiated pages |
7731 |
+ * across the pages in a mapping. |
7732 |
+@@ -533,9 +611,9 @@ static void free_huge_page(struct page *page) |
7733 |
+ */ |
7734 |
+ struct hstate *h = page_hstate(page); |
7735 |
+ int nid = page_to_nid(page); |
7736 |
+- struct address_space *mapping; |
7737 |
++ struct hugepage_subpool *spool = |
7738 |
++ (struct hugepage_subpool *)page_private(page); |
7739 |
+ |
7740 |
+- mapping = (struct address_space *) page_private(page); |
7741 |
+ set_page_private(page, 0); |
7742 |
+ page->mapping = NULL; |
7743 |
+ BUG_ON(page_count(page)); |
7744 |
+@@ -551,8 +629,7 @@ static void free_huge_page(struct page *page) |
7745 |
+ enqueue_huge_page(h, page); |
7746 |
+ } |
7747 |
+ spin_unlock(&hugetlb_lock); |
7748 |
+- if (mapping) |
7749 |
+- hugetlb_put_quota(mapping, 1); |
7750 |
++ hugepage_subpool_put_pages(spool, 1); |
7751 |
+ } |
7752 |
+ |
7753 |
+ static void prep_new_huge_page(struct hstate *h, struct page *page, int nid) |
7754 |
+@@ -966,11 +1043,12 @@ static void return_unused_surplus_pages(struct hstate *h, |
7755 |
+ /* |
7756 |
+ * Determine if the huge page at addr within the vma has an associated |
7757 |
+ * reservation. Where it does not we will need to logically increase |
7758 |
+- * reservation and actually increase quota before an allocation can occur. |
7759 |
+- * Where any new reservation would be required the reservation change is |
7760 |
+- * prepared, but not committed. Once the page has been quota'd allocated |
7761 |
+- * an instantiated the change should be committed via vma_commit_reservation. |
7762 |
+- * No action is required on failure. |
7763 |
++ * reservation and actually increase subpool usage before an allocation |
7764 |
++ * can occur. Where any new reservation would be required the |
7765 |
++ * reservation change is prepared, but not committed. Once the page |
7766 |
++ * has been allocated from the subpool and instantiated the change should |
7767 |
++ * be committed via vma_commit_reservation. No action is required on |
7768 |
++ * failure. |
7769 |
+ */ |
7770 |
+ static long vma_needs_reservation(struct hstate *h, |
7771 |
+ struct vm_area_struct *vma, unsigned long addr) |
7772 |
+@@ -1019,24 +1097,24 @@ static void vma_commit_reservation(struct hstate *h, |
7773 |
+ static struct page *alloc_huge_page(struct vm_area_struct *vma, |
7774 |
+ unsigned long addr, int avoid_reserve) |
7775 |
+ { |
7776 |
++ struct hugepage_subpool *spool = subpool_vma(vma); |
7777 |
+ struct hstate *h = hstate_vma(vma); |
7778 |
+ struct page *page; |
7779 |
+- struct address_space *mapping = vma->vm_file->f_mapping; |
7780 |
+- struct inode *inode = mapping->host; |
7781 |
+ long chg; |
7782 |
+ |
7783 |
+ /* |
7784 |
+- * Processes that did not create the mapping will have no reserves and |
7785 |
+- * will not have accounted against quota. Check that the quota can be |
7786 |
+- * made before satisfying the allocation |
7787 |
+- * MAP_NORESERVE mappings may also need pages and quota allocated |
7788 |
+- * if no reserve mapping overlaps. |
7789 |
++ * Processes that did not create the mapping will have no |
7790 |
++ * reserves and will not have accounted against subpool |
7791 |
++ * limit. Check that the subpool limit can be made before |
7792 |
++ * satisfying the allocation MAP_NORESERVE mappings may also |
7793 |
++ * need pages and subpool limit allocated allocated if no reserve |
7794 |
++ * mapping overlaps. |
7795 |
+ */ |
7796 |
+ chg = vma_needs_reservation(h, vma, addr); |
7797 |
+ if (chg < 0) |
7798 |
+ return ERR_PTR(-VM_FAULT_OOM); |
7799 |
+ if (chg) |
7800 |
+- if (hugetlb_get_quota(inode->i_mapping, chg)) |
7801 |
++ if (hugepage_subpool_get_pages(spool, chg)) |
7802 |
+ return ERR_PTR(-VM_FAULT_SIGBUS); |
7803 |
+ |
7804 |
+ spin_lock(&hugetlb_lock); |
7805 |
+@@ -1046,12 +1124,12 @@ static struct page *alloc_huge_page(struct vm_area_struct *vma, |
7806 |
+ if (!page) { |
7807 |
+ page = alloc_buddy_huge_page(h, NUMA_NO_NODE); |
7808 |
+ if (!page) { |
7809 |
+- hugetlb_put_quota(inode->i_mapping, chg); |
7810 |
++ hugepage_subpool_put_pages(spool, chg); |
7811 |
+ return ERR_PTR(-VM_FAULT_SIGBUS); |
7812 |
+ } |
7813 |
+ } |
7814 |
+ |
7815 |
+- set_page_private(page, (unsigned long) mapping); |
7816 |
++ set_page_private(page, (unsigned long)spool); |
7817 |
+ |
7818 |
+ vma_commit_reservation(h, vma, addr); |
7819 |
+ |
7820 |
+@@ -2081,6 +2159,7 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma) |
7821 |
+ { |
7822 |
+ struct hstate *h = hstate_vma(vma); |
7823 |
+ struct resv_map *reservations = vma_resv_map(vma); |
7824 |
++ struct hugepage_subpool *spool = subpool_vma(vma); |
7825 |
+ unsigned long reserve; |
7826 |
+ unsigned long start; |
7827 |
+ unsigned long end; |
7828 |
+@@ -2096,7 +2175,7 @@ static void hugetlb_vm_op_close(struct vm_area_struct *vma) |
7829 |
+ |
7830 |
+ if (reserve) { |
7831 |
+ hugetlb_acct_memory(h, -reserve); |
7832 |
+- hugetlb_put_quota(vma->vm_file->f_mapping, reserve); |
7833 |
++ hugepage_subpool_put_pages(spool, reserve); |
7834 |
+ } |
7835 |
+ } |
7836 |
+ } |
7837 |
+@@ -2326,7 +2405,7 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
7838 |
+ address = address & huge_page_mask(h); |
7839 |
+ pgoff = ((address - vma->vm_start) >> PAGE_SHIFT) |
7840 |
+ + (vma->vm_pgoff >> PAGE_SHIFT); |
7841 |
+- mapping = (struct address_space *)page_private(page); |
7842 |
++ mapping = vma->vm_file->f_dentry->d_inode->i_mapping; |
7843 |
+ |
7844 |
+ /* |
7845 |
+ * Take the mapping lock for the duration of the table walk. As |
7846 |
+@@ -2865,11 +2944,12 @@ int hugetlb_reserve_pages(struct inode *inode, |
7847 |
+ { |
7848 |
+ long ret, chg; |
7849 |
+ struct hstate *h = hstate_inode(inode); |
7850 |
++ struct hugepage_subpool *spool = subpool_inode(inode); |
7851 |
+ |
7852 |
+ /* |
7853 |
+ * Only apply hugepage reservation if asked. At fault time, an |
7854 |
+ * attempt will be made for VM_NORESERVE to allocate a page |
7855 |
+- * and filesystem quota without using reserves |
7856 |
++ * without using reserves |
7857 |
+ */ |
7858 |
+ if (vm_flags & VM_NORESERVE) |
7859 |
+ return 0; |
7860 |
+@@ -2898,19 +2978,19 @@ int hugetlb_reserve_pages(struct inode *inode, |
7861 |
+ goto out_err; |
7862 |
+ } |
7863 |
+ |
7864 |
+- /* There must be enough filesystem quota for the mapping */ |
7865 |
+- if (hugetlb_get_quota(inode->i_mapping, chg)) { |
7866 |
++ /* There must be enough pages in the subpool for the mapping */ |
7867 |
++ if (hugepage_subpool_get_pages(spool, chg)) { |
7868 |
+ ret = -ENOSPC; |
7869 |
+ goto out_err; |
7870 |
+ } |
7871 |
+ |
7872 |
+ /* |
7873 |
+ * Check enough hugepages are available for the reservation. |
7874 |
+- * Hand back the quota if there are not |
7875 |
++ * Hand the pages back to the subpool if there are not |
7876 |
+ */ |
7877 |
+ ret = hugetlb_acct_memory(h, chg); |
7878 |
+ if (ret < 0) { |
7879 |
+- hugetlb_put_quota(inode->i_mapping, chg); |
7880 |
++ hugepage_subpool_put_pages(spool, chg); |
7881 |
+ goto out_err; |
7882 |
+ } |
7883 |
+ |
7884 |
+@@ -2938,12 +3018,13 @@ void hugetlb_unreserve_pages(struct inode *inode, long offset, long freed) |
7885 |
+ { |
7886 |
+ struct hstate *h = hstate_inode(inode); |
7887 |
+ long chg = region_truncate(&inode->i_mapping->private_list, offset); |
7888 |
++ struct hugepage_subpool *spool = subpool_inode(inode); |
7889 |
+ |
7890 |
+ spin_lock(&inode->i_lock); |
7891 |
+ inode->i_blocks -= (blocks_per_huge_page(h) * freed); |
7892 |
+ spin_unlock(&inode->i_lock); |
7893 |
+ |
7894 |
+- hugetlb_put_quota(inode->i_mapping, (chg - freed)); |
7895 |
++ hugepage_subpool_put_pages(spool, (chg - freed)); |
7896 |
+ hugetlb_acct_memory(h, -(chg - freed)); |
7897 |
+ } |
7898 |
+ |
7899 |
+diff --git a/mm/vmscan.c b/mm/vmscan.c |
7900 |
+index fbe2d2c..8342119 100644 |
7901 |
+--- a/mm/vmscan.c |
7902 |
++++ b/mm/vmscan.c |
7903 |
+@@ -2824,7 +2824,10 @@ static void kswapd_try_to_sleep(pg_data_t *pgdat, int order, int classzone_idx) |
7904 |
+ * them before going back to sleep. |
7905 |
+ */ |
7906 |
+ set_pgdat_percpu_threshold(pgdat, calculate_normal_threshold); |
7907 |
+- schedule(); |
7908 |
++ |
7909 |
++ if (!kthread_should_stop()) |
7910 |
++ schedule(); |
7911 |
++ |
7912 |
+ set_pgdat_percpu_threshold(pgdat, calculate_pressure_threshold); |
7913 |
+ } else { |
7914 |
+ if (remaining) |
7915 |
+@@ -3090,14 +3093,17 @@ int kswapd_run(int nid) |
7916 |
+ } |
7917 |
+ |
7918 |
+ /* |
7919 |
+- * Called by memory hotplug when all memory in a node is offlined. |
7920 |
++ * Called by memory hotplug when all memory in a node is offlined. Caller must |
7921 |
++ * hold lock_memory_hotplug(). |
7922 |
+ */ |
7923 |
+ void kswapd_stop(int nid) |
7924 |
+ { |
7925 |
+ struct task_struct *kswapd = NODE_DATA(nid)->kswapd; |
7926 |
+ |
7927 |
+- if (kswapd) |
7928 |
++ if (kswapd) { |
7929 |
+ kthread_stop(kswapd); |
7930 |
++ NODE_DATA(nid)->kswapd = NULL; |
7931 |
++ } |
7932 |
+ } |
7933 |
+ |
7934 |
+ static int __init kswapd_init(void) |
7935 |
+diff --git a/net/can/raw.c b/net/can/raw.c |
7936 |
+index cde1b4a..46cca3a 100644 |
7937 |
+--- a/net/can/raw.c |
7938 |
++++ b/net/can/raw.c |
7939 |
+@@ -681,9 +681,6 @@ static int raw_sendmsg(struct kiocb *iocb, struct socket *sock, |
7940 |
+ if (err < 0) |
7941 |
+ goto free_skb; |
7942 |
+ |
7943 |
+- /* to be able to check the received tx sock reference in raw_rcv() */ |
7944 |
+- skb_shinfo(skb)->tx_flags |= SKBTX_DRV_NEEDS_SK_REF; |
7945 |
+- |
7946 |
+ skb->dev = dev; |
7947 |
+ skb->sk = sk; |
7948 |
+ |
7949 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
7950 |
+index 1cbddc9..5738654 100644 |
7951 |
+--- a/net/core/dev.c |
7952 |
++++ b/net/core/dev.c |
7953 |
+@@ -2079,25 +2079,6 @@ static int dev_gso_segment(struct sk_buff *skb, int features) |
7954 |
+ return 0; |
7955 |
+ } |
7956 |
+ |
7957 |
+-/* |
7958 |
+- * Try to orphan skb early, right before transmission by the device. |
7959 |
+- * We cannot orphan skb if tx timestamp is requested or the sk-reference |
7960 |
+- * is needed on driver level for other reasons, e.g. see net/can/raw.c |
7961 |
+- */ |
7962 |
+-static inline void skb_orphan_try(struct sk_buff *skb) |
7963 |
+-{ |
7964 |
+- struct sock *sk = skb->sk; |
7965 |
+- |
7966 |
+- if (sk && !skb_shinfo(skb)->tx_flags) { |
7967 |
+- /* skb_tx_hash() wont be able to get sk. |
7968 |
+- * We copy sk_hash into skb->rxhash |
7969 |
+- */ |
7970 |
+- if (!skb->rxhash) |
7971 |
+- skb->rxhash = sk->sk_hash; |
7972 |
+- skb_orphan(skb); |
7973 |
+- } |
7974 |
+-} |
7975 |
+- |
7976 |
+ static bool can_checksum_protocol(unsigned long features, __be16 protocol) |
7977 |
+ { |
7978 |
+ return ((features & NETIF_F_GEN_CSUM) || |
7979 |
+@@ -2182,8 +2163,6 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev, |
7980 |
+ if (!list_empty(&ptype_all)) |
7981 |
+ dev_queue_xmit_nit(skb, dev); |
7982 |
+ |
7983 |
+- skb_orphan_try(skb); |
7984 |
+- |
7985 |
+ features = netif_skb_features(skb); |
7986 |
+ |
7987 |
+ if (vlan_tx_tag_present(skb) && |
7988 |
+@@ -2293,7 +2272,7 @@ u16 __skb_tx_hash(const struct net_device *dev, const struct sk_buff *skb, |
7989 |
+ if (skb->sk && skb->sk->sk_hash) |
7990 |
+ hash = skb->sk->sk_hash; |
7991 |
+ else |
7992 |
+- hash = (__force u16) skb->protocol ^ skb->rxhash; |
7993 |
++ hash = (__force u16) skb->protocol; |
7994 |
+ hash = jhash_1word(hash, hashrnd); |
7995 |
+ |
7996 |
+ return (u16) (((u64) hash * qcount) >> 32) + qoffset; |
7997 |
+diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
7998 |
+index 9726927..32e6ca2 100644 |
7999 |
+--- a/net/ipv4/tcp_input.c |
8000 |
++++ b/net/ipv4/tcp_input.c |
8001 |
+@@ -5836,6 +5836,8 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
8002 |
+ goto discard; |
8003 |
+ |
8004 |
+ if (th->syn) { |
8005 |
++ if (th->fin) |
8006 |
++ goto discard; |
8007 |
+ if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) |
8008 |
+ return 1; |
8009 |
+ |
8010 |
+diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c |
8011 |
+index 274d150..cf98d62 100644 |
8012 |
+--- a/net/iucv/af_iucv.c |
8013 |
++++ b/net/iucv/af_iucv.c |
8014 |
+@@ -380,7 +380,6 @@ static int afiucv_hs_send(struct iucv_message *imsg, struct sock *sock, |
8015 |
+ skb_trim(skb, skb->dev->mtu); |
8016 |
+ } |
8017 |
+ skb->protocol = ETH_P_AF_IUCV; |
8018 |
+- skb_shinfo(skb)->tx_flags |= SKBTX_DRV_NEEDS_SK_REF; |
8019 |
+ nskb = skb_clone(skb, GFP_ATOMIC); |
8020 |
+ if (!nskb) |
8021 |
+ return -ENOMEM; |
8022 |
+diff --git a/net/wireless/util.c b/net/wireless/util.c |
8023 |
+index d38815d..74d5292 100644 |
8024 |
+--- a/net/wireless/util.c |
8025 |
++++ b/net/wireless/util.c |
8026 |
+@@ -813,7 +813,7 @@ int cfg80211_change_iface(struct cfg80211_registered_device *rdev, |
8027 |
+ ntype == NL80211_IFTYPE_P2P_CLIENT)) |
8028 |
+ return -EBUSY; |
8029 |
+ |
8030 |
+- if (ntype != otype) { |
8031 |
++ if (ntype != otype && netif_running(dev)) { |
8032 |
+ err = cfg80211_can_change_interface(rdev, dev->ieee80211_ptr, |
8033 |
+ ntype); |
8034 |
+ if (err) |
8035 |
+diff --git a/scripts/depmod.sh b/scripts/depmod.sh |
8036 |
+index a272356..2ae4817 100755 |
8037 |
+--- a/scripts/depmod.sh |
8038 |
++++ b/scripts/depmod.sh |
8039 |
+@@ -9,12 +9,6 @@ fi |
8040 |
+ DEPMOD=$1 |
8041 |
+ KERNELRELEASE=$2 |
8042 |
+ |
8043 |
+-if ! "$DEPMOD" -V 2>/dev/null | grep -q module-init-tools; then |
8044 |
+- echo "Warning: you may need to install module-init-tools" >&2 |
8045 |
+- echo "See http://www.codemonkey.org.uk/docs/post-halloween-2.6.txt" >&2 |
8046 |
+- sleep 1 |
8047 |
+-fi |
8048 |
+- |
8049 |
+ if ! test -r System.map -a -x "$DEPMOD"; then |
8050 |
+ exit 0 |
8051 |
+ fi |
8052 |
+diff --git a/virt/kvm/irq_comm.c b/virt/kvm/irq_comm.c |
8053 |
+index 9f614b4..272407c 100644 |
8054 |
+--- a/virt/kvm/irq_comm.c |
8055 |
++++ b/virt/kvm/irq_comm.c |
8056 |
+@@ -318,6 +318,7 @@ static int setup_routing_entry(struct kvm_irq_routing_table *rt, |
8057 |
+ */ |
8058 |
+ hlist_for_each_entry(ei, n, &rt->map[ue->gsi], link) |
8059 |
+ if (ei->type == KVM_IRQ_ROUTING_MSI || |
8060 |
++ ue->type == KVM_IRQ_ROUTING_MSI || |
8061 |
+ ue->u.irqchip.irqchip == ei->irqchip.irqchip) |
8062 |
+ return r; |
8063 |
+ |
8064 |
|
8065 |
diff --git a/3.2.23/4420_grsecurity-2.9.1-3.2.23-201207242236.patch b/3.2.24/4420_grsecurity-2.9.1-3.2.24-201207281946.patch |
8066 |
similarity index 98% |
8067 |
rename from 3.2.23/4420_grsecurity-2.9.1-3.2.23-201207242236.patch |
8068 |
rename to 3.2.24/4420_grsecurity-2.9.1-3.2.24-201207281946.patch |
8069 |
index acc5089..d960312 100644 |
8070 |
--- a/3.2.23/4420_grsecurity-2.9.1-3.2.23-201207242236.patch |
8071 |
+++ b/3.2.24/4420_grsecurity-2.9.1-3.2.24-201207281946.patch |
8072 |
@@ -1,5 +1,5 @@ |
8073 |
diff --git a/Documentation/dontdiff b/Documentation/dontdiff |
8074 |
-index dfa6fc6..7afd8a1 100644 |
8075 |
+index dfa6fc6..65f7dbe 100644 |
8076 |
--- a/Documentation/dontdiff |
8077 |
+++ b/Documentation/dontdiff |
8078 |
@@ -2,9 +2,11 @@ |
8079 |
@@ -22,7 +22,7 @@ index dfa6fc6..7afd8a1 100644 |
8080 |
*.grep |
8081 |
*.grp |
8082 |
*.gz |
8083 |
-@@ -48,9 +51,11 @@ |
8084 |
+@@ -48,14 +51,17 @@ |
8085 |
*.tab.h |
8086 |
*.tex |
8087 |
*.ver |
8088 |
@@ -34,7 +34,14 @@ index dfa6fc6..7afd8a1 100644 |
8089 |
*_vga16.c |
8090 |
*~ |
8091 |
\#*# |
8092 |
-@@ -70,6 +75,7 @@ Kerntypes |
8093 |
+ *.9 |
8094 |
+-.* |
8095 |
++.[^g]* |
8096 |
++.gen* |
8097 |
+ .*.d |
8098 |
+ .mm |
8099 |
+ 53c700_d.h |
8100 |
+@@ -70,6 +76,7 @@ Kerntypes |
8101 |
Module.markers |
8102 |
Module.symvers |
8103 |
PENDING |
8104 |
@@ -42,7 +49,7 @@ index dfa6fc6..7afd8a1 100644 |
8105 |
SCCS |
8106 |
System.map* |
8107 |
TAGS |
8108 |
-@@ -81,6 +87,7 @@ aic7*seq.h* |
8109 |
+@@ -81,6 +88,7 @@ aic7*seq.h* |
8110 |
aicasm |
8111 |
aicdb.h* |
8112 |
altivec*.c |
8113 |
@@ -50,7 +57,7 @@ index dfa6fc6..7afd8a1 100644 |
8114 |
asm-offsets.h |
8115 |
asm_offsets.h |
8116 |
autoconf.h* |
8117 |
-@@ -93,19 +100,24 @@ bounds.h |
8118 |
+@@ -93,19 +101,24 @@ bounds.h |
8119 |
bsetup |
8120 |
btfixupprep |
8121 |
build |
8122 |
@@ -75,7 +82,7 @@ index dfa6fc6..7afd8a1 100644 |
8123 |
conmakehash |
8124 |
consolemap_deftbl.c* |
8125 |
cpustr.h |
8126 |
-@@ -116,9 +128,11 @@ devlist.h* |
8127 |
+@@ -116,9 +129,11 @@ devlist.h* |
8128 |
dnotify_test |
8129 |
docproc |
8130 |
dslm |
8131 |
@@ -87,7 +94,7 @@ index dfa6fc6..7afd8a1 100644 |
8132 |
fixdep |
8133 |
flask.h |
8134 |
fore200e_mkfirm |
8135 |
-@@ -126,12 +140,15 @@ fore200e_pca_fw.c* |
8136 |
+@@ -126,12 +141,15 @@ fore200e_pca_fw.c* |
8137 |
gconf |
8138 |
gconf.glade.h |
8139 |
gen-devlist |
8140 |
@@ -103,7 +110,7 @@ index dfa6fc6..7afd8a1 100644 |
8141 |
hpet_example |
8142 |
hugepage-mmap |
8143 |
hugepage-shm |
8144 |
-@@ -146,7 +163,7 @@ int32.c |
8145 |
+@@ -146,7 +164,7 @@ int32.c |
8146 |
int4.c |
8147 |
int8.c |
8148 |
kallsyms |
8149 |
@@ -112,7 +119,7 @@ index dfa6fc6..7afd8a1 100644 |
8150 |
keywords.c |
8151 |
ksym.c* |
8152 |
ksym.h* |
8153 |
-@@ -154,7 +171,7 @@ kxgettext |
8154 |
+@@ -154,7 +172,7 @@ kxgettext |
8155 |
lkc_defs.h |
8156 |
lex.c |
8157 |
lex.*.c |
8158 |
@@ -121,7 +128,7 @@ index dfa6fc6..7afd8a1 100644 |
8159 |
logo_*.c |
8160 |
logo_*_clut224.c |
8161 |
logo_*_mono.c |
8162 |
-@@ -166,14 +183,15 @@ machtypes.h |
8163 |
+@@ -166,14 +184,15 @@ machtypes.h |
8164 |
map |
8165 |
map_hugetlb |
8166 |
maui_boot.h |
8167 |
@@ -138,7 +145,7 @@ index dfa6fc6..7afd8a1 100644 |
8168 |
mkprep |
8169 |
mkregtable |
8170 |
mktables |
8171 |
-@@ -209,6 +227,7 @@ r300_reg_safe.h |
8172 |
+@@ -209,6 +228,7 @@ r300_reg_safe.h |
8173 |
r420_reg_safe.h |
8174 |
r600_reg_safe.h |
8175 |
recordmcount |
8176 |
@@ -146,7 +153,7 @@ index dfa6fc6..7afd8a1 100644 |
8177 |
relocs |
8178 |
rlim_names.h |
8179 |
rn50_reg_safe.h |
8180 |
-@@ -218,7 +237,9 @@ series |
8181 |
+@@ -218,7 +238,9 @@ series |
8182 |
setup |
8183 |
setup.bin |
8184 |
setup.elf |
8185 |
@@ -156,7 +163,7 @@ index dfa6fc6..7afd8a1 100644 |
8186 |
sm_tbl* |
8187 |
split-include |
8188 |
syscalltab.h |
8189 |
-@@ -229,6 +250,7 @@ tftpboot.img |
8190 |
+@@ -229,6 +251,7 @@ tftpboot.img |
8191 |
timeconst.h |
8192 |
times.h* |
8193 |
trix_boot.h |
8194 |
@@ -164,7 +171,7 @@ index dfa6fc6..7afd8a1 100644 |
8195 |
utsrelease.h* |
8196 |
vdso-syms.lds |
8197 |
vdso.lds |
8198 |
-@@ -246,7 +268,9 @@ vmlinux |
8199 |
+@@ -246,7 +269,9 @@ vmlinux |
8200 |
vmlinux-* |
8201 |
vmlinux.aout |
8202 |
vmlinux.bin.all |
8203 |
@@ -174,7 +181,7 @@ index dfa6fc6..7afd8a1 100644 |
8204 |
vmlinuz |
8205 |
voffset.h |
8206 |
vsyscall.lds |
8207 |
-@@ -254,9 +278,11 @@ vsyscall_32.lds |
8208 |
+@@ -254,9 +279,11 @@ vsyscall_32.lds |
8209 |
wanxlfw.inc |
8210 |
uImage |
8211 |
unifdef |
8212 |
@@ -205,7 +212,7 @@ index 81c287f..d456d02 100644 |
8213 |
|
8214 |
pcd. [PARIDE] |
8215 |
diff --git a/Makefile b/Makefile |
8216 |
-index 40d1e3b..bf02dfb 100644 |
8217 |
+index 80bb4fd..964ea28 100644 |
8218 |
--- a/Makefile |
8219 |
+++ b/Makefile |
8220 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
8221 |
@@ -231,7 +238,7 @@ index 40d1e3b..bf02dfb 100644 |
8222 |
$(Q)$(MAKE) $(build)=scripts/basic |
8223 |
$(Q)rm -f .tmp_quiet_recordmcount |
8224 |
|
8225 |
-@@ -564,6 +565,56 @@ else |
8226 |
+@@ -564,6 +565,60 @@ else |
8227 |
KBUILD_CFLAGS += -O2 |
8228 |
endif |
8229 |
|
8230 |
@@ -264,10 +271,14 @@ index 40d1e3b..bf02dfb 100644 |
8231 |
+ifdef CONFIG_PAX_SIZE_OVERFLOW |
8232 |
+SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN |
8233 |
+endif |
8234 |
++ifdef CONFIG_PAX_LATENT_ENTROPY |
8235 |
++LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN |
8236 |
++endif |
8237 |
+GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) |
8238 |
-+GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) $(SIZE_OVERFLOW_PLUGIN_CFLAGS) |
8239 |
++GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) |
8240 |
++GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY_PLUGIN_CFLAGS) |
8241 |
+GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) |
8242 |
-+export PLUGINCC CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN SIZE_OVERFLOW_PLUGIN |
8243 |
++export PLUGINCC CONSTIFY_PLUGIN |
8244 |
+ifeq ($(KBUILD_EXTMOD),) |
8245 |
+gcc-plugins: |
8246 |
+ $(Q)$(MAKE) $(build)=tools/gcc |
8247 |
@@ -288,7 +299,7 @@ index 40d1e3b..bf02dfb 100644 |
8248 |
include $(srctree)/arch/$(SRCARCH)/Makefile |
8249 |
|
8250 |
ifneq ($(CONFIG_FRAME_WARN),0) |
8251 |
-@@ -708,7 +759,7 @@ export mod_strip_cmd |
8252 |
+@@ -708,7 +763,7 @@ export mod_strip_cmd |
8253 |
|
8254 |
|
8255 |
ifeq ($(KBUILD_EXTMOD),) |
8256 |
@@ -297,7 +308,7 @@ index 40d1e3b..bf02dfb 100644 |
8257 |
|
8258 |
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ |
8259 |
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \ |
8260 |
-@@ -932,6 +983,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
8261 |
+@@ -932,6 +987,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE |
8262 |
|
8263 |
# The actual objects are generated when descending, |
8264 |
# make sure no implicit rule kicks in |
8265 |
@@ -306,7 +317,7 @@ index 40d1e3b..bf02dfb 100644 |
8266 |
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
8267 |
|
8268 |
# Handle descending into subdirectories listed in $(vmlinux-dirs) |
8269 |
-@@ -941,7 +994,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
8270 |
+@@ -941,7 +998,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; |
8271 |
# Error messages still appears in the original language |
8272 |
|
8273 |
PHONY += $(vmlinux-dirs) |
8274 |
@@ -315,7 +326,7 @@ index 40d1e3b..bf02dfb 100644 |
8275 |
$(Q)$(MAKE) $(build)=$@ |
8276 |
|
8277 |
# Store (new) KERNELRELASE string in include/config/kernel.release |
8278 |
-@@ -985,6 +1038,7 @@ prepare0: archprepare FORCE |
8279 |
+@@ -985,6 +1042,7 @@ prepare0: archprepare FORCE |
8280 |
$(Q)$(MAKE) $(build)=. |
8281 |
|
8282 |
# All the preparing.. |
8283 |
@@ -323,7 +334,7 @@ index 40d1e3b..bf02dfb 100644 |
8284 |
prepare: prepare0 |
8285 |
|
8286 |
# Generate some files |
8287 |
-@@ -1089,6 +1143,8 @@ all: modules |
8288 |
+@@ -1089,6 +1147,8 @@ all: modules |
8289 |
# using awk while concatenating to the final file. |
8290 |
|
8291 |
PHONY += modules |
8292 |
@@ -332,7 +343,7 @@ index 40d1e3b..bf02dfb 100644 |
8293 |
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin |
8294 |
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order |
8295 |
@$(kecho) ' Building modules, stage 2.'; |
8296 |
-@@ -1104,7 +1160,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) |
8297 |
+@@ -1104,7 +1164,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) |
8298 |
|
8299 |
# Target to prepare building external modules |
8300 |
PHONY += modules_prepare |
8301 |
@@ -341,7 +352,7 @@ index 40d1e3b..bf02dfb 100644 |
8302 |
|
8303 |
# Target to install modules |
8304 |
PHONY += modules_install |
8305 |
-@@ -1163,7 +1219,7 @@ CLEAN_FILES += vmlinux System.map \ |
8306 |
+@@ -1163,7 +1223,7 @@ CLEAN_FILES += vmlinux System.map \ |
8307 |
MRPROPER_DIRS += include/config usr/include include/generated \ |
8308 |
arch/*/include/generated |
8309 |
MRPROPER_FILES += .config .config.old .version .old_version \ |
8310 |
@@ -350,7 +361,7 @@ index 40d1e3b..bf02dfb 100644 |
8311 |
Module.symvers tags TAGS cscope* GPATH GTAGS GRTAGS GSYMS |
8312 |
|
8313 |
# clean - Delete most, but leave enough to build external modules |
8314 |
-@@ -1201,6 +1257,7 @@ distclean: mrproper |
8315 |
+@@ -1201,6 +1261,7 @@ distclean: mrproper |
8316 |
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \ |
8317 |
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ |
8318 |
-o -name '.*.rej' \ |
8319 |
@@ -358,7 +369,7 @@ index 40d1e3b..bf02dfb 100644 |
8320 |
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ |
8321 |
-type f -print | xargs rm -f |
8322 |
|
8323 |
-@@ -1361,6 +1418,8 @@ PHONY += $(module-dirs) modules |
8324 |
+@@ -1361,6 +1422,8 @@ PHONY += $(module-dirs) modules |
8325 |
$(module-dirs): crmodverdir $(objtree)/Module.symvers |
8326 |
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) |
8327 |
|
8328 |
@@ -367,7 +378,7 @@ index 40d1e3b..bf02dfb 100644 |
8329 |
modules: $(module-dirs) |
8330 |
@$(kecho) ' Building modules, stage 2.'; |
8331 |
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost |
8332 |
-@@ -1487,17 +1546,21 @@ else |
8333 |
+@@ -1487,17 +1550,21 @@ else |
8334 |
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) |
8335 |
endif |
8336 |
|
8337 |
@@ -393,7 +404,7 @@ index 40d1e3b..bf02dfb 100644 |
8338 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
8339 |
%.symtypes: %.c prepare scripts FORCE |
8340 |
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) |
8341 |
-@@ -1507,11 +1570,15 @@ endif |
8342 |
+@@ -1507,11 +1574,15 @@ endif |
8343 |
$(cmd_crmodverdir) |
8344 |
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ |
8345 |
$(build)=$(build-dir) |
8346 |
@@ -2887,7 +2898,7 @@ index 6018c80..7c37203 100644 |
8347 |
|
8348 |
#endif /* _ASM_SYSTEM_H */ |
8349 |
diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h |
8350 |
-index 97f8bf6..3986751 100644 |
8351 |
+index adda036..e0f33bb 100644 |
8352 |
--- a/arch/mips/include/asm/thread_info.h |
8353 |
+++ b/arch/mips/include/asm/thread_info.h |
8354 |
@@ -124,6 +124,8 @@ register struct thread_info *__current_thread_info __asm__("$28"); |
8355 |
@@ -6585,7 +6596,7 @@ index 301421c..e2535d1 100644 |
8356 |
obj-$(CONFIG_SPARC64) += ultra.o tlb.o tsb.o gup.o |
8357 |
obj-y += fault_$(BITS).o |
8358 |
diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c |
8359 |
-index 8023fd7..c8e89e9 100644 |
8360 |
+index 8023fd7..bb71401 100644 |
8361 |
--- a/arch/sparc/mm/fault_32.c |
8362 |
+++ b/arch/sparc/mm/fault_32.c |
8363 |
@@ -21,6 +21,9 @@ |
8364 |
@@ -6598,7 +6609,7 @@ index 8023fd7..c8e89e9 100644 |
8365 |
|
8366 |
#include <asm/system.h> |
8367 |
#include <asm/page.h> |
8368 |
-@@ -208,6 +211,268 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
8369 |
+@@ -208,6 +211,277 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
8370 |
return safe_compute_effective_address(regs, insn); |
8371 |
} |
8372 |
|
8373 |
@@ -6689,40 +6700,49 @@ index 8023fd7..c8e89e9 100644 |
8374 |
+ } |
8375 |
+ } while (0); |
8376 |
+ |
8377 |
-+ { /* PaX: patched PLT emulation #2 */ |
8378 |
++ do { /* PaX: patched PLT emulation #2 */ |
8379 |
+ unsigned int ba; |
8380 |
+ |
8381 |
+ err = get_user(ba, (unsigned int *)regs->pc); |
8382 |
+ |
8383 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
8384 |
++ if (err) |
8385 |
++ break; |
8386 |
++ |
8387 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
8388 |
+ unsigned int addr; |
8389 |
+ |
8390 |
-+ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
8391 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
8392 |
++ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
8393 |
++ else |
8394 |
++ addr = regs->pc + ((((ba | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
8395 |
+ regs->pc = addr; |
8396 |
+ regs->npc = addr+4; |
8397 |
+ return 2; |
8398 |
+ } |
8399 |
-+ } |
8400 |
++ } while (0); |
8401 |
+ |
8402 |
+ do { /* PaX: patched PLT emulation #3 */ |
8403 |
-+ unsigned int sethi, jmpl, nop; |
8404 |
++ unsigned int sethi, bajmpl, nop; |
8405 |
+ |
8406 |
+ err = get_user(sethi, (unsigned int *)regs->pc); |
8407 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->pc+4)); |
8408 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->pc+4)); |
8409 |
+ err |= get_user(nop, (unsigned int *)(regs->pc+8)); |
8410 |
+ |
8411 |
+ if (err) |
8412 |
+ break; |
8413 |
+ |
8414 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
8415 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
8416 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
8417 |
+ nop == 0x01000000U) |
8418 |
+ { |
8419 |
+ unsigned int addr; |
8420 |
+ |
8421 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
8422 |
+ regs->u_regs[UREG_G1] = addr; |
8423 |
-+ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
8424 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
8425 |
++ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
8426 |
++ else |
8427 |
++ addr = regs->pc + ((((bajmpl | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
8428 |
+ regs->pc = addr; |
8429 |
+ regs->npc = addr+4; |
8430 |
+ return 2; |
8431 |
@@ -6867,7 +6887,7 @@ index 8023fd7..c8e89e9 100644 |
8432 |
static noinline void do_fault_siginfo(int code, int sig, struct pt_regs *regs, |
8433 |
int text_fault) |
8434 |
{ |
8435 |
-@@ -280,6 +545,24 @@ good_area: |
8436 |
+@@ -280,6 +554,24 @@ good_area: |
8437 |
if(!(vma->vm_flags & VM_WRITE)) |
8438 |
goto bad_area; |
8439 |
} else { |
8440 |
@@ -6893,7 +6913,7 @@ index 8023fd7..c8e89e9 100644 |
8441 |
if(!(vma->vm_flags & (VM_READ | VM_EXEC))) |
8442 |
goto bad_area; |
8443 |
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c |
8444 |
-index 504c062..6fcb9c6 100644 |
8445 |
+index 504c062..a383267 100644 |
8446 |
--- a/arch/sparc/mm/fault_64.c |
8447 |
+++ b/arch/sparc/mm/fault_64.c |
8448 |
@@ -21,6 +21,9 @@ |
8449 |
@@ -6915,7 +6935,7 @@ index 504c062..6fcb9c6 100644 |
8450 |
printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr); |
8451 |
dump_stack(); |
8452 |
unhandled_fault(regs->tpc, current, regs); |
8453 |
-@@ -272,6 +275,457 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, |
8454 |
+@@ -272,6 +275,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, |
8455 |
show_regs(regs); |
8456 |
} |
8457 |
|
8458 |
@@ -7010,15 +7030,21 @@ index 504c062..6fcb9c6 100644 |
8459 |
+ } |
8460 |
+ } while (0); |
8461 |
+ |
8462 |
-+ { /* PaX: patched PLT emulation #2 */ |
8463 |
++ do { /* PaX: patched PLT emulation #2 */ |
8464 |
+ unsigned int ba; |
8465 |
+ |
8466 |
+ err = get_user(ba, (unsigned int *)regs->tpc); |
8467 |
+ |
8468 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
8469 |
++ if (err) |
8470 |
++ break; |
8471 |
++ |
8472 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
8473 |
+ unsigned long addr; |
8474 |
+ |
8475 |
-+ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
8476 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
8477 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
8478 |
++ else |
8479 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
8480 |
+ |
8481 |
+ if (test_thread_flag(TIF_32BIT)) |
8482 |
+ addr &= 0xFFFFFFFFUL; |
8483 |
@@ -7027,27 +7053,30 @@ index 504c062..6fcb9c6 100644 |
8484 |
+ regs->tnpc = addr+4; |
8485 |
+ return 2; |
8486 |
+ } |
8487 |
-+ } |
8488 |
++ } while (0); |
8489 |
+ |
8490 |
+ do { /* PaX: patched PLT emulation #3 */ |
8491 |
-+ unsigned int sethi, jmpl, nop; |
8492 |
++ unsigned int sethi, bajmpl, nop; |
8493 |
+ |
8494 |
+ err = get_user(sethi, (unsigned int *)regs->tpc); |
8495 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->tpc+4)); |
8496 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->tpc+4)); |
8497 |
+ err |= get_user(nop, (unsigned int *)(regs->tpc+8)); |
8498 |
+ |
8499 |
+ if (err) |
8500 |
+ break; |
8501 |
+ |
8502 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
8503 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
8504 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
8505 |
+ nop == 0x01000000U) |
8506 |
+ { |
8507 |
+ unsigned long addr; |
8508 |
+ |
8509 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
8510 |
+ regs->u_regs[UREG_G1] = addr; |
8511 |
-+ addr += (((jmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
8512 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
8513 |
++ addr += (((bajmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
8514 |
++ else |
8515 |
++ addr = regs->tpc + ((((bajmpl | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
8516 |
+ |
8517 |
+ if (test_thread_flag(TIF_32BIT)) |
8518 |
+ addr &= 0xFFFFFFFFUL; |
8519 |
@@ -7373,7 +7402,7 @@ index 504c062..6fcb9c6 100644 |
8520 |
asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
8521 |
{ |
8522 |
struct mm_struct *mm = current->mm; |
8523 |
-@@ -340,6 +794,29 @@ asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
8524 |
+@@ -340,6 +803,29 @@ asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
8525 |
if (!vma) |
8526 |
goto bad_area; |
8527 |
|
8528 |
@@ -9152,7 +9181,7 @@ index 20370c6..a2eb9b0 100644 |
8529 |
"popl %%ebp\n\t" |
8530 |
"popl %%edi\n\t" |
8531 |
diff --git a/arch/x86/include/asm/atomic.h b/arch/x86/include/asm/atomic.h |
8532 |
-index 58cb6d4..ca9010d 100644 |
8533 |
+index 58cb6d4..a4b806c 100644 |
8534 |
--- a/arch/x86/include/asm/atomic.h |
8535 |
+++ b/arch/x86/include/asm/atomic.h |
8536 |
@@ -22,7 +22,18 @@ |
8537 |
@@ -9560,6 +9589,51 @@ index 58cb6d4..ca9010d 100644 |
8538 |
|
8539 |
/* |
8540 |
* atomic_dec_if_positive - decrement by 1 if old value positive |
8541 |
+@@ -293,14 +552,37 @@ static inline void atomic_or_long(unsigned long *v1, unsigned long v2) |
8542 |
+ #endif |
8543 |
+ |
8544 |
+ /* These are x86-specific, used by some header files */ |
8545 |
+-#define atomic_clear_mask(mask, addr) \ |
8546 |
+- asm volatile(LOCK_PREFIX "andl %0,%1" \ |
8547 |
+- : : "r" (~(mask)), "m" (*(addr)) : "memory") |
8548 |
++static inline void atomic_clear_mask(unsigned int mask, atomic_t *v) |
8549 |
++{ |
8550 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
8551 |
++ : "+m" (v->counter) |
8552 |
++ : "r" (~(mask)) |
8553 |
++ : "memory"); |
8554 |
++} |
8555 |
+ |
8556 |
+-#define atomic_set_mask(mask, addr) \ |
8557 |
+- asm volatile(LOCK_PREFIX "orl %0,%1" \ |
8558 |
+- : : "r" ((unsigned)(mask)), "m" (*(addr)) \ |
8559 |
+- : "memory") |
8560 |
++static inline void atomic_clear_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
8561 |
++{ |
8562 |
++ asm volatile(LOCK_PREFIX "andl %1,%0" |
8563 |
++ : "+m" (v->counter) |
8564 |
++ : "r" (~(mask)) |
8565 |
++ : "memory"); |
8566 |
++} |
8567 |
++ |
8568 |
++static inline void atomic_set_mask(unsigned int mask, atomic_t *v) |
8569 |
++{ |
8570 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
8571 |
++ : "+m" (v->counter) |
8572 |
++ : "r" (mask) |
8573 |
++ : "memory"); |
8574 |
++} |
8575 |
++ |
8576 |
++static inline void atomic_set_mask_unchecked(unsigned int mask, atomic_unchecked_t *v) |
8577 |
++{ |
8578 |
++ asm volatile(LOCK_PREFIX "orl %1,%0" |
8579 |
++ : "+m" (v->counter) |
8580 |
++ : "r" (mask) |
8581 |
++ : "memory"); |
8582 |
++} |
8583 |
+ |
8584 |
+ /* Atomic operations are already serializing on x86 */ |
8585 |
+ #define smp_mb__before_atomic_dec() barrier() |
8586 |
diff --git a/arch/x86/include/asm/atomic64_32.h b/arch/x86/include/asm/atomic64_32.h |
8587 |
index 24098aa..1e37723 100644 |
8588 |
--- a/arch/x86/include/asm/atomic64_32.h |
8589 |
@@ -18752,7 +18826,7 @@ index 42eb330..139955c 100644 |
8590 |
|
8591 |
return ret; |
8592 |
diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c |
8593 |
-index 37a458b..e63d183 100644 |
8594 |
+index e61f79c..bbbaa4d 100644 |
8595 |
--- a/arch/x86/kernel/reboot.c |
8596 |
+++ b/arch/x86/kernel/reboot.c |
8597 |
@@ -35,7 +35,7 @@ void (*pm_power_off)(void); |
8598 |
@@ -18835,7 +18909,7 @@ index 37a458b..e63d183 100644 |
8599 |
} |
8600 |
#ifdef CONFIG_APM_MODULE |
8601 |
EXPORT_SYMBOL(machine_real_restart); |
8602 |
-@@ -540,7 +570,7 @@ void __attribute__((weak)) mach_reboot_fixups(void) |
8603 |
+@@ -548,7 +578,7 @@ void __attribute__((weak)) mach_reboot_fixups(void) |
8604 |
* try to force a triple fault and then cycle between hitting the keyboard |
8605 |
* controller and doing that |
8606 |
*/ |
8607 |
@@ -18844,7 +18918,7 @@ index 37a458b..e63d183 100644 |
8608 |
{ |
8609 |
int i; |
8610 |
int attempt = 0; |
8611 |
-@@ -664,13 +694,13 @@ void native_machine_shutdown(void) |
8612 |
+@@ -672,13 +702,13 @@ void native_machine_shutdown(void) |
8613 |
#endif |
8614 |
} |
8615 |
|
8616 |
@@ -18860,7 +18934,7 @@ index 37a458b..e63d183 100644 |
8617 |
{ |
8618 |
printk("machine restart\n"); |
8619 |
|
8620 |
-@@ -679,7 +709,7 @@ static void native_machine_restart(char *__unused) |
8621 |
+@@ -687,7 +717,7 @@ static void native_machine_restart(char *__unused) |
8622 |
__machine_emergency_restart(0); |
8623 |
} |
8624 |
|
8625 |
@@ -18869,7 +18943,7 @@ index 37a458b..e63d183 100644 |
8626 |
{ |
8627 |
/* stop other cpus and apics */ |
8628 |
machine_shutdown(); |
8629 |
-@@ -690,7 +720,7 @@ static void native_machine_halt(void) |
8630 |
+@@ -698,7 +728,7 @@ static void native_machine_halt(void) |
8631 |
stop_this_cpu(NULL); |
8632 |
} |
8633 |
|
8634 |
@@ -18878,7 +18952,7 @@ index 37a458b..e63d183 100644 |
8635 |
{ |
8636 |
if (pm_power_off) { |
8637 |
if (!reboot_force) |
8638 |
-@@ -699,6 +729,7 @@ static void native_machine_power_off(void) |
8639 |
+@@ -707,6 +737,7 @@ static void native_machine_power_off(void) |
8640 |
} |
8641 |
/* a fallback in case there is no PM info available */ |
8642 |
tboot_shutdown(TB_SHUTDOWN_HALT); |
8643 |
@@ -27506,7 +27580,7 @@ index 7b72502..646105c 100644 |
8644 |
err = -EFAULT; |
8645 |
goto out; |
8646 |
diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c |
8647 |
-index 688be8a..8a37d98 100644 |
8648 |
+index 9e76a32..48d7145 100644 |
8649 |
--- a/block/scsi_ioctl.c |
8650 |
+++ b/block/scsi_ioctl.c |
8651 |
@@ -223,8 +223,20 @@ EXPORT_SYMBOL(blk_verify_command); |
8652 |
@@ -29562,7 +29636,7 @@ index 1aeaaba..e018570 100644 |
8653 |
.part_num = MBCS_PART_NUM, |
8654 |
.mfg_num = MBCS_MFG_NUM, |
8655 |
diff --git a/drivers/char/mem.c b/drivers/char/mem.c |
8656 |
-index 1451790..f705c30 100644 |
8657 |
+index 1451790..3c7dfbb 100644 |
8658 |
--- a/drivers/char/mem.c |
8659 |
+++ b/drivers/char/mem.c |
8660 |
@@ -18,6 +18,7 @@ |
8661 |
@@ -29624,7 +29698,7 @@ index 1451790..f705c30 100644 |
8662 |
|
8663 |
- remaining = copy_to_user(buf, ptr, sz); |
8664 |
+#ifdef CONFIG_PAX_USERCOPY |
8665 |
-+ temp = kmalloc(sz, GFP_KERNEL); |
8666 |
++ temp = kmalloc(sz, GFP_KERNEL|GFP_USERCOPY); |
8667 |
+ if (!temp) { |
8668 |
+ unxlate_dev_mem_ptr(p, ptr); |
8669 |
+ return -ENOMEM; |
8670 |
@@ -29669,7 +29743,7 @@ index 1451790..f705c30 100644 |
8671 |
|
8672 |
- if (copy_to_user(buf, kbuf, sz)) |
8673 |
+#ifdef CONFIG_PAX_USERCOPY |
8674 |
-+ temp = kmalloc(sz, GFP_KERNEL); |
8675 |
++ temp = kmalloc(sz, GFP_KERNEL|GFP_USERCOPY); |
8676 |
+ if (!temp) |
8677 |
+ return -ENOMEM; |
8678 |
+ memcpy(temp, kbuf, sz); |
8679 |
@@ -29711,7 +29785,7 @@ index da3cfee..a5a6606 100644 |
8680 |
|
8681 |
*ppos = i; |
8682 |
diff --git a/drivers/char/random.c b/drivers/char/random.c |
8683 |
-index 6035ab8..d45e4d4 100644 |
8684 |
+index 6035ab8..c7e4a44 100644 |
8685 |
--- a/drivers/char/random.c |
8686 |
+++ b/drivers/char/random.c |
8687 |
@@ -261,8 +261,13 @@ |
8688 |
@@ -29746,7 +29820,25 @@ index 6035ab8..d45e4d4 100644 |
8689 |
#if 0 |
8690 |
/* x^2048 + x^1638 + x^1231 + x^819 + x^411 + x + 1 -- 115 */ |
8691 |
{ 2048, 1638, 1231, 819, 411, 1 }, |
8692 |
-@@ -909,7 +921,7 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, |
8693 |
+@@ -722,6 +734,17 @@ void add_disk_randomness(struct gendisk *disk) |
8694 |
+ } |
8695 |
+ #endif |
8696 |
+ |
8697 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
8698 |
++u64 latent_entropy; |
8699 |
++ |
8700 |
++__init void transfer_latent_entropy(void) |
8701 |
++{ |
8702 |
++ mix_pool_bytes(&input_pool, &latent_entropy, sizeof(latent_entropy)); |
8703 |
++ mix_pool_bytes(&nonblocking_pool, &latent_entropy, sizeof(latent_entropy)); |
8704 |
++// printk(KERN_INFO "PAX: transferring latent entropy: %16llx\n", latent_entropy); |
8705 |
++} |
8706 |
++#endif |
8707 |
++ |
8708 |
+ /********************************************************************* |
8709 |
+ * |
8710 |
+ * Entropy extraction routines |
8711 |
+@@ -909,7 +932,7 @@ static ssize_t extract_entropy_user(struct entropy_store *r, void __user *buf, |
8712 |
|
8713 |
extract_buf(r, tmp); |
8714 |
i = min_t(int, nbytes, EXTRACT_SIZE); |
8715 |
@@ -29755,7 +29847,7 @@ index 6035ab8..d45e4d4 100644 |
8716 |
ret = -EFAULT; |
8717 |
break; |
8718 |
} |
8719 |
-@@ -1228,7 +1240,7 @@ EXPORT_SYMBOL(generate_random_uuid); |
8720 |
+@@ -1228,7 +1251,7 @@ EXPORT_SYMBOL(generate_random_uuid); |
8721 |
#include <linux/sysctl.h> |
8722 |
|
8723 |
static int min_read_thresh = 8, min_write_thresh; |
8724 |
@@ -29764,7 +29856,7 @@ index 6035ab8..d45e4d4 100644 |
8725 |
static int max_write_thresh = INPUT_POOL_WORDS * 32; |
8726 |
static char sysctl_bootid[16]; |
8727 |
|
8728 |
-@@ -1250,10 +1262,15 @@ static int proc_do_uuid(ctl_table *table, int write, |
8729 |
+@@ -1250,10 +1273,15 @@ static int proc_do_uuid(ctl_table *table, int write, |
8730 |
uuid = table->data; |
8731 |
if (!uuid) { |
8732 |
uuid = tmp_uuid; |
8733 |
@@ -30880,7 +30972,7 @@ index 578ddfc..86ac0d0 100644 |
8734 |
INIT_WORK(&dev_priv->hotplug_work, i915_hotplug_work_func); |
8735 |
INIT_WORK(&dev_priv->error_work, i915_error_work_func); |
8736 |
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c |
8737 |
-index 6aa7716..8e5a304 100644 |
8738 |
+index cc75c4b..4542065 100644 |
8739 |
--- a/drivers/gpu/drm/i915/intel_display.c |
8740 |
+++ b/drivers/gpu/drm/i915/intel_display.c |
8741 |
@@ -2196,7 +2196,7 @@ intel_finish_fb(struct drm_framebuffer *old_fb) |
8742 |
@@ -30901,16 +30993,19 @@ index 6aa7716..8e5a304 100644 |
8743 |
} |
8744 |
|
8745 |
static bool intel_crtc_driving_pch(struct drm_crtc *crtc) |
8746 |
-@@ -6982,7 +6982,7 @@ static void do_intel_finish_page_flip(struct drm_device *dev, |
8747 |
+@@ -6980,9 +6980,8 @@ static void do_intel_finish_page_flip(struct drm_device *dev, |
8748 |
|
8749 |
- atomic_clear_mask(1 << intel_crtc->plane, |
8750 |
- &obj->pending_flip.counter); |
8751 |
+ obj = work->old_fb_obj; |
8752 |
+ |
8753 |
+- atomic_clear_mask(1 << intel_crtc->plane, |
8754 |
+- &obj->pending_flip.counter); |
8755 |
- if (atomic_read(&obj->pending_flip) == 0) |
8756 |
++ atomic_clear_mask_unchecked(1 << intel_crtc->plane, &obj->pending_flip); |
8757 |
+ if (atomic_read_unchecked(&obj->pending_flip) == 0) |
8758 |
wake_up(&dev_priv->pending_flip_queue); |
8759 |
|
8760 |
schedule_work(&work->work); |
8761 |
-@@ -7177,7 +7177,13 @@ static int intel_gen6_queue_flip(struct drm_device *dev, |
8762 |
+@@ -7177,7 +7176,13 @@ static int intel_gen6_queue_flip(struct drm_device *dev, |
8763 |
OUT_RING(fb->pitch | obj->tiling_mode); |
8764 |
OUT_RING(obj->gtt_offset); |
8765 |
|
8766 |
@@ -30925,7 +31020,7 @@ index 6aa7716..8e5a304 100644 |
8767 |
pipesrc = I915_READ(PIPESRC(intel_crtc->pipe)) & 0x0fff0fff; |
8768 |
OUT_RING(pf | pipesrc); |
8769 |
ADVANCE_LP_RING(); |
8770 |
-@@ -7309,7 +7315,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc, |
8771 |
+@@ -7309,7 +7314,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc, |
8772 |
/* Block clients from rendering to the new back buffer until |
8773 |
* the flip occurs and the object is no longer visible. |
8774 |
*/ |
8775 |
@@ -30934,7 +31029,7 @@ index 6aa7716..8e5a304 100644 |
8776 |
|
8777 |
ret = dev_priv->display.queue_flip(dev, crtc, fb, obj); |
8778 |
if (ret) |
8779 |
-@@ -7323,7 +7329,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc, |
8780 |
+@@ -7323,7 +7328,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc, |
8781 |
return 0; |
8782 |
|
8783 |
cleanup_pending: |
8784 |
@@ -31617,10 +31712,10 @@ index 8a8725c..afed796 100644 |
8785 |
marker = list_first_entry(&queue->head, |
8786 |
struct vmw_marker, head); |
8787 |
diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c |
8788 |
-index c27b402..353115a 100644 |
8789 |
+index 95430a0..1a65ca9 100644 |
8790 |
--- a/drivers/hid/hid-core.c |
8791 |
+++ b/drivers/hid/hid-core.c |
8792 |
-@@ -2013,7 +2013,7 @@ static bool hid_ignore(struct hid_device *hdev) |
8793 |
+@@ -2020,7 +2020,7 @@ static bool hid_ignore(struct hid_device *hdev) |
8794 |
|
8795 |
int hid_add_device(struct hid_device *hdev) |
8796 |
{ |
8797 |
@@ -31629,7 +31724,7 @@ index c27b402..353115a 100644 |
8798 |
int ret; |
8799 |
|
8800 |
if (WARN_ON(hdev->status & HID_STAT_ADDED)) |
8801 |
-@@ -2028,7 +2028,7 @@ int hid_add_device(struct hid_device *hdev) |
8802 |
+@@ -2035,7 +2035,7 @@ int hid_add_device(struct hid_device *hdev) |
8803 |
/* XXX hack, any other cleaner solution after the driver core |
8804 |
* is converted to allow more than 20 bytes as the device name? */ |
8805 |
dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, |
8806 |
@@ -33125,10 +33220,10 @@ index b8d8611..7a4a04b 100644 |
8807 |
#include <linux/input.h> |
8808 |
#include <linux/gameport.h> |
8809 |
diff --git a/drivers/input/joystick/xpad.c b/drivers/input/joystick/xpad.c |
8810 |
-index d728875..844c89b 100644 |
8811 |
+index 2189cbf..05ad609 100644 |
8812 |
--- a/drivers/input/joystick/xpad.c |
8813 |
+++ b/drivers/input/joystick/xpad.c |
8814 |
-@@ -710,7 +710,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, |
8815 |
+@@ -714,7 +714,7 @@ static void xpad_led_set(struct led_classdev *led_cdev, |
8816 |
|
8817 |
static int xpad_led_probe(struct usb_xpad *xpad) |
8818 |
{ |
8819 |
@@ -33137,7 +33232,7 @@ index d728875..844c89b 100644 |
8820 |
long led_no; |
8821 |
struct xpad_led *led; |
8822 |
struct led_classdev *led_cdev; |
8823 |
-@@ -723,7 +723,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) |
8824 |
+@@ -727,7 +727,7 @@ static int xpad_led_probe(struct usb_xpad *xpad) |
8825 |
if (!led) |
8826 |
return -ENOMEM; |
8827 |
|
8828 |
@@ -33612,7 +33707,7 @@ index 1f23e04..08d9a20 100644 |
8829 |
|
8830 |
spin_lock(&receiving_list_lock); |
8831 |
diff --git a/drivers/md/dm-raid1.c b/drivers/md/dm-raid1.c |
8832 |
-index 9bfd057..01180bc 100644 |
8833 |
+index dae2b7a..5c50c7e 100644 |
8834 |
--- a/drivers/md/dm-raid1.c |
8835 |
+++ b/drivers/md/dm-raid1.c |
8836 |
@@ -40,7 +40,7 @@ enum dm_raid1_error { |
8837 |
@@ -33678,7 +33773,7 @@ index 9bfd057..01180bc 100644 |
8838 |
ms->mirror[mirror].error_type = 0; |
8839 |
ms->mirror[mirror].offset = offset; |
8840 |
|
8841 |
-@@ -1347,7 +1347,7 @@ static void mirror_resume(struct dm_target *ti) |
8842 |
+@@ -1348,7 +1348,7 @@ static void mirror_resume(struct dm_target *ti) |
8843 |
*/ |
8844 |
static char device_status_char(struct mirror *m) |
8845 |
{ |
8846 |
@@ -33823,7 +33918,7 @@ index 4720f68..78d1df7 100644 |
8847 |
|
8848 |
void dm_uevent_add(struct mapped_device *md, struct list_head *elist) |
8849 |
diff --git a/drivers/md/md.c b/drivers/md/md.c |
8850 |
-index 700ecae..8122a9c 100644 |
8851 |
+index d8646d7..8122a9c 100644 |
8852 |
--- a/drivers/md/md.c |
8853 |
+++ b/drivers/md/md.c |
8854 |
@@ -278,10 +278,10 @@ EXPORT_SYMBOL_GPL(md_trim_bio); |
8855 |
@@ -33895,125 +33990,7 @@ index 700ecae..8122a9c 100644 |
8856 |
|
8857 |
INIT_LIST_HEAD(&rdev->same_set); |
8858 |
init_waitqueue_head(&rdev->blocked_wait); |
8859 |
-@@ -3700,8 +3700,8 @@ array_state_show(struct mddev *mddev, char *page) |
8860 |
- return sprintf(page, "%s\n", array_states[st]); |
8861 |
- } |
8862 |
- |
8863 |
--static int do_md_stop(struct mddev * mddev, int ro, int is_open); |
8864 |
--static int md_set_readonly(struct mddev * mddev, int is_open); |
8865 |
-+static int do_md_stop(struct mddev * mddev, int ro, struct block_device *bdev); |
8866 |
-+static int md_set_readonly(struct mddev * mddev, struct block_device *bdev); |
8867 |
- static int do_md_run(struct mddev * mddev); |
8868 |
- static int restart_array(struct mddev *mddev); |
8869 |
- |
8870 |
-@@ -3717,14 +3717,14 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
8871 |
- /* stopping an active array */ |
8872 |
- if (atomic_read(&mddev->openers) > 0) |
8873 |
- return -EBUSY; |
8874 |
-- err = do_md_stop(mddev, 0, 0); |
8875 |
-+ err = do_md_stop(mddev, 0, NULL); |
8876 |
- break; |
8877 |
- case inactive: |
8878 |
- /* stopping an active array */ |
8879 |
- if (mddev->pers) { |
8880 |
- if (atomic_read(&mddev->openers) > 0) |
8881 |
- return -EBUSY; |
8882 |
-- err = do_md_stop(mddev, 2, 0); |
8883 |
-+ err = do_md_stop(mddev, 2, NULL); |
8884 |
- } else |
8885 |
- err = 0; /* already inactive */ |
8886 |
- break; |
8887 |
-@@ -3732,7 +3732,7 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
8888 |
- break; /* not supported yet */ |
8889 |
- case readonly: |
8890 |
- if (mddev->pers) |
8891 |
-- err = md_set_readonly(mddev, 0); |
8892 |
-+ err = md_set_readonly(mddev, NULL); |
8893 |
- else { |
8894 |
- mddev->ro = 1; |
8895 |
- set_disk_ro(mddev->gendisk, 1); |
8896 |
-@@ -3742,7 +3742,7 @@ array_state_store(struct mddev *mddev, const char *buf, size_t len) |
8897 |
- case read_auto: |
8898 |
- if (mddev->pers) { |
8899 |
- if (mddev->ro == 0) |
8900 |
-- err = md_set_readonly(mddev, 0); |
8901 |
-+ err = md_set_readonly(mddev, NULL); |
8902 |
- else if (mddev->ro == 1) |
8903 |
- err = restart_array(mddev); |
8904 |
- if (err == 0) { |
8905 |
-@@ -5078,15 +5078,17 @@ void md_stop(struct mddev *mddev) |
8906 |
- } |
8907 |
- EXPORT_SYMBOL_GPL(md_stop); |
8908 |
- |
8909 |
--static int md_set_readonly(struct mddev *mddev, int is_open) |
8910 |
-+static int md_set_readonly(struct mddev *mddev, struct block_device *bdev) |
8911 |
- { |
8912 |
- int err = 0; |
8913 |
- mutex_lock(&mddev->open_mutex); |
8914 |
-- if (atomic_read(&mddev->openers) > is_open) { |
8915 |
-+ if (atomic_read(&mddev->openers) > !!bdev) { |
8916 |
- printk("md: %s still in use.\n",mdname(mddev)); |
8917 |
- err = -EBUSY; |
8918 |
- goto out; |
8919 |
- } |
8920 |
-+ if (bdev) |
8921 |
-+ sync_blockdev(bdev); |
8922 |
- if (mddev->pers) { |
8923 |
- __md_stop_writes(mddev); |
8924 |
- |
8925 |
-@@ -5108,18 +5110,26 @@ out: |
8926 |
- * 0 - completely stop and dis-assemble array |
8927 |
- * 2 - stop but do not disassemble array |
8928 |
- */ |
8929 |
--static int do_md_stop(struct mddev * mddev, int mode, int is_open) |
8930 |
-+static int do_md_stop(struct mddev * mddev, int mode, |
8931 |
-+ struct block_device *bdev) |
8932 |
- { |
8933 |
- struct gendisk *disk = mddev->gendisk; |
8934 |
- struct md_rdev *rdev; |
8935 |
- |
8936 |
- mutex_lock(&mddev->open_mutex); |
8937 |
-- if (atomic_read(&mddev->openers) > is_open || |
8938 |
-+ if (atomic_read(&mddev->openers) > !!bdev || |
8939 |
- mddev->sysfs_active) { |
8940 |
- printk("md: %s still in use.\n",mdname(mddev)); |
8941 |
- mutex_unlock(&mddev->open_mutex); |
8942 |
- return -EBUSY; |
8943 |
- } |
8944 |
-+ if (bdev) |
8945 |
-+ /* It is possible IO was issued on some other |
8946 |
-+ * open file which was closed before we took ->open_mutex. |
8947 |
-+ * As that was not the last close __blkdev_put will not |
8948 |
-+ * have called sync_blockdev, so we must. |
8949 |
-+ */ |
8950 |
-+ sync_blockdev(bdev); |
8951 |
- |
8952 |
- if (mddev->pers) { |
8953 |
- if (mddev->ro) |
8954 |
-@@ -5193,7 +5203,7 @@ static void autorun_array(struct mddev *mddev) |
8955 |
- err = do_md_run(mddev); |
8956 |
- if (err) { |
8957 |
- printk(KERN_WARNING "md: do_md_run() returned %d\n", err); |
8958 |
-- do_md_stop(mddev, 0, 0); |
8959 |
-+ do_md_stop(mddev, 0, NULL); |
8960 |
- } |
8961 |
- } |
8962 |
- |
8963 |
-@@ -6184,11 +6194,11 @@ static int md_ioctl(struct block_device *bdev, fmode_t mode, |
8964 |
- goto done_unlock; |
8965 |
- |
8966 |
- case STOP_ARRAY: |
8967 |
-- err = do_md_stop(mddev, 0, 1); |
8968 |
-+ err = do_md_stop(mddev, 0, bdev); |
8969 |
- goto done_unlock; |
8970 |
- |
8971 |
- case STOP_ARRAY_RO: |
8972 |
-- err = md_set_readonly(mddev, 1); |
8973 |
-+ err = md_set_readonly(mddev, bdev); |
8974 |
- goto done_unlock; |
8975 |
- |
8976 |
- case BLKROSET: |
8977 |
-@@ -6686,7 +6696,7 @@ static int md_seq_show(struct seq_file *seq, void *v) |
8978 |
+@@ -6696,7 +6696,7 @@ static int md_seq_show(struct seq_file *seq, void *v) |
8979 |
|
8980 |
spin_unlock(&pers_lock); |
8981 |
seq_printf(seq, "\n"); |
8982 |
@@ -34022,7 +33999,7 @@ index 700ecae..8122a9c 100644 |
8983 |
return 0; |
8984 |
} |
8985 |
if (v == (void*)2) { |
8986 |
-@@ -6775,7 +6785,7 @@ static int md_seq_show(struct seq_file *seq, void *v) |
8987 |
+@@ -6785,7 +6785,7 @@ static int md_seq_show(struct seq_file *seq, void *v) |
8988 |
chunk_kb ? "KB" : "B"); |
8989 |
if (bitmap->file) { |
8990 |
seq_printf(seq, ", file: "); |
8991 |
@@ -34031,7 +34008,7 @@ index 700ecae..8122a9c 100644 |
8992 |
} |
8993 |
|
8994 |
seq_printf(seq, "\n"); |
8995 |
-@@ -6806,7 +6816,7 @@ static int md_seq_open(struct inode *inode, struct file *file) |
8996 |
+@@ -6816,7 +6816,7 @@ static int md_seq_open(struct inode *inode, struct file *file) |
8997 |
return error; |
8998 |
|
8999 |
seq = file->private_data; |
9000 |
@@ -34040,7 +34017,7 @@ index 700ecae..8122a9c 100644 |
9001 |
return error; |
9002 |
} |
9003 |
|
9004 |
-@@ -6820,7 +6830,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) |
9005 |
+@@ -6830,7 +6830,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) |
9006 |
/* always allow read */ |
9007 |
mask = POLLIN | POLLRDNORM; |
9008 |
|
9009 |
@@ -34049,7 +34026,7 @@ index 700ecae..8122a9c 100644 |
9010 |
mask |= POLLERR | POLLPRI; |
9011 |
return mask; |
9012 |
} |
9013 |
-@@ -6864,7 +6874,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) |
9014 |
+@@ -6874,7 +6874,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) |
9015 |
struct gendisk *disk = rdev->bdev->bd_contains->bd_disk; |
9016 |
curr_events = (int)part_stat_read(&disk->part0, sectors[0]) + |
9017 |
(int)part_stat_read(&disk->part0, sectors[1]) - |
9018 |
@@ -34139,7 +34116,7 @@ index 1cbfc6b..56e1dbb 100644 |
9019 |
/*----------------------------------------------------------------*/ |
9020 |
|
9021 |
diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c |
9022 |
-index 7af60ec..10a4a5d 100644 |
9023 |
+index 2d97bf0..5caa9cf 100644 |
9024 |
--- a/drivers/md/raid1.c |
9025 |
+++ b/drivers/md/raid1.c |
9026 |
@@ -1581,7 +1581,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) |
9027 |
@@ -34151,7 +34128,7 @@ index 7af60ec..10a4a5d 100644 |
9028 |
} |
9029 |
sectors -= s; |
9030 |
sect += s; |
9031 |
-@@ -1794,7 +1794,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, |
9032 |
+@@ -1800,7 +1800,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, |
9033 |
test_bit(In_sync, &rdev->flags)) { |
9034 |
if (r1_sync_page_io(rdev, sect, s, |
9035 |
conf->tmppage, READ)) { |
9036 |
@@ -34224,10 +34201,10 @@ index 7a9eef6..707cb03 100644 |
9037 |
|
9038 |
rdev_dec_pending(rdev, mddev); |
9039 |
diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c |
9040 |
-index 6ba4954..5ce122a 100644 |
9041 |
+index 26ef63a..bd587cd 100644 |
9042 |
--- a/drivers/md/raid5.c |
9043 |
+++ b/drivers/md/raid5.c |
9044 |
-@@ -1616,19 +1616,19 @@ static void raid5_end_read_request(struct bio * bi, int error) |
9045 |
+@@ -1618,19 +1618,19 @@ static void raid5_end_read_request(struct bio * bi, int error) |
9046 |
(unsigned long long)(sh->sector |
9047 |
+ rdev->data_offset), |
9048 |
bdevname(rdev->bdev, b)); |
9049 |
@@ -34251,7 +34228,7 @@ index 6ba4954..5ce122a 100644 |
9050 |
if (conf->mddev->degraded >= conf->max_degraded) |
9051 |
printk_ratelimited( |
9052 |
KERN_WARNING |
9053 |
-@@ -1648,7 +1648,7 @@ static void raid5_end_read_request(struct bio * bi, int error) |
9054 |
+@@ -1650,7 +1650,7 @@ static void raid5_end_read_request(struct bio * bi, int error) |
9055 |
(unsigned long long)(sh->sector |
9056 |
+ rdev->data_offset), |
9057 |
bdn); |
9058 |
@@ -34287,7 +34264,7 @@ index a7d876f..8c21b61 100644 |
9059 |
struct dvb_demux *demux; |
9060 |
void *priv; |
9061 |
diff --git a/drivers/media/dvb/dvb-core/dvbdev.c b/drivers/media/dvb/dvb-core/dvbdev.c |
9062 |
-index f732877..d38c35a 100644 |
9063 |
+index d5cda35..017af46 100644 |
9064 |
--- a/drivers/media/dvb/dvb-core/dvbdev.c |
9065 |
+++ b/drivers/media/dvb/dvb-core/dvbdev.c |
9066 |
@@ -192,7 +192,7 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, |
9067 |
@@ -35354,7 +35331,7 @@ index e1159e5..e18684d 100644 |
9068 |
/* Set media type */ |
9069 |
switch (adapter->pdev->device) { |
9070 |
diff --git a/drivers/net/ethernet/intel/e1000e/82571.c b/drivers/net/ethernet/intel/e1000e/82571.c |
9071 |
-index e556fc3..fa9199d 100644 |
9072 |
+index 3072d35..a0f4827 100644 |
9073 |
--- a/drivers/net/ethernet/intel/e1000e/82571.c |
9074 |
+++ b/drivers/net/ethernet/intel/e1000e/82571.c |
9075 |
@@ -239,7 +239,7 @@ static s32 e1000_init_mac_params_82571(struct e1000_adapter *adapter) |
9076 |
@@ -35708,7 +35685,7 @@ index 4a518a3..936b334 100644 |
9077 |
#define VXGE_HW_VIRTUAL_PATH_HANDLE(vpath) \ |
9078 |
((struct __vxge_hw_vpath_handle *)(vpath)->vpath_handles.next) |
9079 |
diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c |
9080 |
-index cc2565c..7325c3c 100644 |
9081 |
+index 9e61d6b..852f305 100644 |
9082 |
--- a/drivers/net/ethernet/realtek/r8169.c |
9083 |
+++ b/drivers/net/ethernet/realtek/r8169.c |
9084 |
@@ -702,17 +702,17 @@ struct rtl8169_private { |
9085 |
@@ -35761,10 +35738,10 @@ index c07cfe9..81cbf7e 100644 |
9086 |
|
9087 |
/* To mask all all interrupts.*/ |
9088 |
diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
9089 |
-index 72cd190..fcf7fb3 100644 |
9090 |
+index d4d2bc1..14b8672 100644 |
9091 |
--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
9092 |
+++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
9093 |
-@@ -1599,7 +1599,7 @@ static const struct file_operations stmmac_rings_status_fops = { |
9094 |
+@@ -1602,7 +1602,7 @@ static const struct file_operations stmmac_rings_status_fops = { |
9095 |
.open = stmmac_sysfs_ring_open, |
9096 |
.read = seq_read, |
9097 |
.llseek = seq_lseek, |
9098 |
@@ -35773,7 +35750,7 @@ index 72cd190..fcf7fb3 100644 |
9099 |
}; |
9100 |
|
9101 |
static int stmmac_sysfs_dma_cap_read(struct seq_file *seq, void *v) |
9102 |
-@@ -1671,7 +1671,7 @@ static const struct file_operations stmmac_dma_cap_fops = { |
9103 |
+@@ -1674,7 +1674,7 @@ static const struct file_operations stmmac_dma_cap_fops = { |
9104 |
.open = stmmac_sysfs_dma_cap_open, |
9105 |
.read = seq_read, |
9106 |
.llseek = seq_lseek, |
9107 |
@@ -35782,19 +35759,6 @@ index 72cd190..fcf7fb3 100644 |
9108 |
}; |
9109 |
|
9110 |
static int stmmac_init_fs(struct net_device *dev) |
9111 |
-diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c |
9112 |
-index 1b7082d..c786773 100644 |
9113 |
---- a/drivers/net/macvtap.c |
9114 |
-+++ b/drivers/net/macvtap.c |
9115 |
-@@ -526,6 +526,8 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, |
9116 |
- } |
9117 |
- base = (unsigned long)from->iov_base + offset1; |
9118 |
- size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT; |
9119 |
-+ if (i + size >= MAX_SKB_FRAGS) |
9120 |
-+ return -EFAULT; |
9121 |
- num_pages = get_user_pages_fast(base, size, 0, &page[i]); |
9122 |
- if ((num_pages != size) || |
9123 |
- (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) |
9124 |
diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c |
9125 |
index 3ed983c..a1bb418 100644 |
9126 |
--- a/drivers/net/ppp/ppp_generic.c |
9127 |
@@ -37337,7 +37301,7 @@ index 9de9db2..1e09660 100644 |
9128 |
fc_frame_free(fp); |
9129 |
} |
9130 |
diff --git a/drivers/scsi/libsas/sas_ata.c b/drivers/scsi/libsas/sas_ata.c |
9131 |
-index db9238f..4378ed2 100644 |
9132 |
+index 4868fc9..7f2e028 100644 |
9133 |
--- a/drivers/scsi/libsas/sas_ata.c |
9134 |
+++ b/drivers/scsi/libsas/sas_ata.c |
9135 |
@@ -368,7 +368,7 @@ static struct ata_port_operations sas_sata_ops = { |
9136 |
@@ -38323,51 +38287,6 @@ index 0842cc7..61d886d 100644 |
9137 |
if (hdr->flags & ISCSI_FLAG_CMD_FINAL) |
9138 |
if (--cmd->outstanding_r2ts < 1) { |
9139 |
iscsit_stop_dataout_timer(cmd); |
9140 |
-diff --git a/drivers/target/target_core_cdb.c b/drivers/target/target_core_cdb.c |
9141 |
-index 65ea65a..93b9406 100644 |
9142 |
---- a/drivers/target/target_core_cdb.c |
9143 |
-+++ b/drivers/target/target_core_cdb.c |
9144 |
-@@ -1199,7 +1199,7 @@ int target_emulate_write_same(struct se_task *task) |
9145 |
- if (num_blocks != 0) |
9146 |
- range = num_blocks; |
9147 |
- else |
9148 |
-- range = (dev->transport->get_blocks(dev) - lba); |
9149 |
-+ range = (dev->transport->get_blocks(dev) - lba) + 1; |
9150 |
- |
9151 |
- pr_debug("WRITE_SAME UNMAP: LBA: %llu Range: %llu\n", |
9152 |
- (unsigned long long)lba, (unsigned long long)range); |
9153 |
-diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c |
9154 |
-index b75bc92..9145141 100644 |
9155 |
---- a/drivers/target/target_core_pr.c |
9156 |
-+++ b/drivers/target/target_core_pr.c |
9157 |
-@@ -2042,7 +2042,7 @@ static int __core_scsi3_write_aptpl_to_file( |
9158 |
- if (IS_ERR(file) || !file || !file->f_dentry) { |
9159 |
- pr_err("filp_open(%s) for APTPL metadata" |
9160 |
- " failed\n", path); |
9161 |
-- return (PTR_ERR(file) < 0 ? PTR_ERR(file) : -ENOENT); |
9162 |
-+ return IS_ERR(file) ? PTR_ERR(file) : -ENOENT; |
9163 |
- } |
9164 |
- |
9165 |
- iov[0].iov_base = &buf[0]; |
9166 |
-@@ -3853,7 +3853,7 @@ int target_scsi3_emulate_pr_out(struct se_task *task) |
9167 |
- " SPC-2 reservation is held, returning" |
9168 |
- " RESERVATION_CONFLICT\n"); |
9169 |
- cmd->scsi_sense_reason = TCM_RESERVATION_CONFLICT; |
9170 |
-- ret = EINVAL; |
9171 |
-+ ret = -EINVAL; |
9172 |
- goto out; |
9173 |
- } |
9174 |
- |
9175 |
-@@ -3863,7 +3863,8 @@ int target_scsi3_emulate_pr_out(struct se_task *task) |
9176 |
- */ |
9177 |
- if (!cmd->se_sess) { |
9178 |
- cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; |
9179 |
-- return -EINVAL; |
9180 |
-+ ret = -EINVAL; |
9181 |
-+ goto out; |
9182 |
- } |
9183 |
- |
9184 |
- if (cmd->data_length < 24) { |
9185 |
diff --git a/drivers/target/target_core_tmr.c b/drivers/target/target_core_tmr.c |
9186 |
index 6845228..df77141 100644 |
9187 |
--- a/drivers/target/target_core_tmr.c |
9188 |
@@ -38469,19 +38388,6 @@ index 5660916..f6dab21 100644 |
9189 |
smp_mb__after_atomic_inc(); |
9190 |
} |
9191 |
} |
9192 |
-diff --git a/drivers/target/tcm_fc/tfc_cmd.c b/drivers/target/tcm_fc/tfc_cmd.c |
9193 |
-index d95cfe2..278819c 100644 |
9194 |
---- a/drivers/target/tcm_fc/tfc_cmd.c |
9195 |
-+++ b/drivers/target/tcm_fc/tfc_cmd.c |
9196 |
-@@ -249,6 +249,8 @@ u32 ft_get_task_tag(struct se_cmd *se_cmd) |
9197 |
- { |
9198 |
- struct ft_cmd *cmd = container_of(se_cmd, struct ft_cmd, se_cmd); |
9199 |
- |
9200 |
-+ if (cmd->aborted) |
9201 |
-+ return ~0; |
9202 |
- return fc_seq_exch(cmd->seq)->rxid; |
9203 |
- } |
9204 |
- |
9205 |
diff --git a/drivers/tty/hvc/hvcs.c b/drivers/tty/hvc/hvcs.c |
9206 |
index b9040be..e3f5aab 100644 |
9207 |
--- a/drivers/tty/hvc/hvcs.c |
9208 |
@@ -39297,10 +39203,10 @@ index 57c01ab..8a05959 100644 |
9209 |
|
9210 |
/* |
9211 |
diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c |
9212 |
-index c14c42b..f955cc2 100644 |
9213 |
+index ae66278..579de88b 100644 |
9214 |
--- a/drivers/vhost/vhost.c |
9215 |
+++ b/drivers/vhost/vhost.c |
9216 |
-@@ -629,7 +629,7 @@ static long vhost_set_memory(struct vhost_dev *d, struct vhost_memory __user *m) |
9217 |
+@@ -631,7 +631,7 @@ static long vhost_set_memory(struct vhost_dev *d, struct vhost_memory __user *m) |
9218 |
return 0; |
9219 |
} |
9220 |
|
9221 |
@@ -42731,7 +42637,7 @@ index a6395bd..f1e376a 100644 |
9222 |
(unsigned long) create_aout_tables((char __user *) bprm->p, bprm); |
9223 |
#ifdef __alpha__ |
9224 |
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c |
9225 |
-index 6ff96c6..3020df9 100644 |
9226 |
+index 6ff96c6..566204e 100644 |
9227 |
--- a/fs/binfmt_elf.c |
9228 |
+++ b/fs/binfmt_elf.c |
9229 |
@@ -32,6 +32,7 @@ |
9230 |
@@ -42862,7 +42768,7 @@ index 6ff96c6..3020df9 100644 |
9231 |
error = -ENOMEM; |
9232 |
goto out_close; |
9233 |
} |
9234 |
-@@ -528,6 +552,349 @@ out: |
9235 |
+@@ -528,6 +552,311 @@ out: |
9236 |
return error; |
9237 |
} |
9238 |
|
9239 |
@@ -42882,15 +42788,6 @@ index 6ff96c6..3020df9 100644 |
9240 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
9241 |
+#endif |
9242 |
+ |
9243 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9244 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9245 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
9246 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
9247 |
-+ else |
9248 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9249 |
-+ } |
9250 |
-+#endif |
9251 |
-+ |
9252 |
+#ifdef CONFIG_PAX_EMUTRAMP |
9253 |
+ if (elf_phdata->p_flags & PF_EMUTRAMP) |
9254 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
9255 |
@@ -42924,15 +42821,6 @@ index 6ff96c6..3020df9 100644 |
9256 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
9257 |
+#endif |
9258 |
+ |
9259 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9260 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9261 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
9262 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
9263 |
-+ else |
9264 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9265 |
-+ } |
9266 |
-+#endif |
9267 |
-+ |
9268 |
+#ifdef CONFIG_PAX_EMUTRAMP |
9269 |
+ if (!(elf_phdata->p_flags & PF_NOEMUTRAMP)) |
9270 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
9271 |
@@ -42968,15 +42856,6 @@ index 6ff96c6..3020df9 100644 |
9272 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
9273 |
+#endif |
9274 |
+ |
9275 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9276 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9277 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
9278 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
9279 |
-+ else |
9280 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9281 |
-+ } |
9282 |
-+#endif |
9283 |
-+ |
9284 |
+#ifdef CONFIG_PAX_EMUTRAMP |
9285 |
+ if (pax_flags_softmode & MF_PAX_EMUTRAMP) |
9286 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
9287 |
@@ -43010,15 +42889,6 @@ index 6ff96c6..3020df9 100644 |
9288 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
9289 |
+#endif |
9290 |
+ |
9291 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9292 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9293 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
9294 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
9295 |
-+ else |
9296 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9297 |
-+ } |
9298 |
-+#endif |
9299 |
-+ |
9300 |
+#ifdef CONFIG_PAX_EMUTRAMP |
9301 |
+ if (!(pax_flags_hardmode & MF_PAX_EMUTRAMP)) |
9302 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
9303 |
@@ -43038,7 +42908,7 @@ index 6ff96c6..3020df9 100644 |
9304 |
+} |
9305 |
+#endif |
9306 |
+ |
9307 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
9308 |
++#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) |
9309 |
+static unsigned long pax_parse_ei_pax(const struct elfhdr * const elf_ex) |
9310 |
+{ |
9311 |
+ unsigned long pax_flags = 0UL; |
9312 |
@@ -43055,15 +42925,6 @@ index 6ff96c6..3020df9 100644 |
9313 |
+ pax_flags |= MF_PAX_SEGMEXEC; |
9314 |
+#endif |
9315 |
+ |
9316 |
-+#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9317 |
-+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9318 |
-+ if ((__supported_pte_mask & _PAGE_NX)) |
9319 |
-+ pax_flags &= ~MF_PAX_SEGMEXEC; |
9320 |
-+ else |
9321 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9322 |
-+ } |
9323 |
-+#endif |
9324 |
-+ |
9325 |
+#ifdef CONFIG_PAX_EMUTRAMP |
9326 |
+ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) && (elf_ex->e_ident[EI_PAX] & EF_PAX_EMUTRAMP)) |
9327 |
+ pax_flags |= MF_PAX_EMUTRAMP; |
9328 |
@@ -43085,19 +42946,17 @@ index 6ff96c6..3020df9 100644 |
9329 |
+ pax_flags |= MF_PAX_PAGEEXEC; |
9330 |
+#endif |
9331 |
+ |
9332 |
++#ifdef CONFIG_PAX_SEGMEXEC |
9333 |
++ pax_flags |= MF_PAX_SEGMEXEC; |
9334 |
++#endif |
9335 |
++ |
9336 |
+#ifdef CONFIG_PAX_MPROTECT |
9337 |
+ pax_flags |= MF_PAX_MPROTECT; |
9338 |
+#endif |
9339 |
+ |
9340 |
+#ifdef CONFIG_PAX_RANDMMAP |
9341 |
-+ pax_flags |= MF_PAX_RANDMMAP; |
9342 |
-+#endif |
9343 |
-+ |
9344 |
-+#ifdef CONFIG_PAX_SEGMEXEC |
9345 |
-+ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) { |
9346 |
-+ pax_flags &= ~MF_PAX_PAGEEXEC; |
9347 |
-+ pax_flags |= MF_PAX_SEGMEXEC; |
9348 |
-+ } |
9349 |
++ if (randomize_va_space) |
9350 |
++ pax_flags |= MF_PAX_RANDMMAP; |
9351 |
+#endif |
9352 |
+ |
9353 |
+#endif |
9354 |
@@ -43201,6 +43060,15 @@ index 6ff96c6..3020df9 100644 |
9355 |
+ if (pt_pax_flags != ~0UL) |
9356 |
+ pax_flags = pt_pax_flags; |
9357 |
+ |
9358 |
++#if defined(CONFIG_PAX_PAGEEXEC) && defined(CONFIG_PAX_SEGMEXEC) |
9359 |
++ if ((pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) == (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { |
9360 |
++ if ((__supported_pte_mask & _PAGE_NX)) |
9361 |
++ pax_flags &= ~MF_PAX_SEGMEXEC; |
9362 |
++ else |
9363 |
++ pax_flags &= ~MF_PAX_PAGEEXEC; |
9364 |
++ } |
9365 |
++#endif |
9366 |
++ |
9367 |
+ if (0 > pax_check_flags(&pax_flags)) |
9368 |
+ return -EINVAL; |
9369 |
+ |
9370 |
@@ -43212,7 +43080,7 @@ index 6ff96c6..3020df9 100644 |
9371 |
/* |
9372 |
* These are the functions used to load ELF style executables and shared |
9373 |
* libraries. There is no binary dependent code anywhere else. |
9374 |
-@@ -544,6 +911,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) |
9375 |
+@@ -544,6 +873,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) |
9376 |
{ |
9377 |
unsigned int random_variable = 0; |
9378 |
|
9379 |
@@ -43224,7 +43092,7 @@ index 6ff96c6..3020df9 100644 |
9380 |
if ((current->flags & PF_RANDOMIZE) && |
9381 |
!(current->personality & ADDR_NO_RANDOMIZE)) { |
9382 |
random_variable = get_random_int() & STACK_RND_MASK; |
9383 |
-@@ -562,7 +934,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9384 |
+@@ -562,7 +896,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9385 |
unsigned long load_addr = 0, load_bias = 0; |
9386 |
int load_addr_set = 0; |
9387 |
char * elf_interpreter = NULL; |
9388 |
@@ -43233,7 +43101,7 @@ index 6ff96c6..3020df9 100644 |
9389 |
struct elf_phdr *elf_ppnt, *elf_phdata; |
9390 |
unsigned long elf_bss, elf_brk; |
9391 |
int retval, i; |
9392 |
-@@ -572,11 +944,11 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9393 |
+@@ -572,11 +906,11 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9394 |
unsigned long start_code, end_code, start_data, end_data; |
9395 |
unsigned long reloc_func_desc __maybe_unused = 0; |
9396 |
int executable_stack = EXSTACK_DEFAULT; |
9397 |
@@ -43246,7 +43114,7 @@ index 6ff96c6..3020df9 100644 |
9398 |
|
9399 |
loc = kmalloc(sizeof(*loc), GFP_KERNEL); |
9400 |
if (!loc) { |
9401 |
-@@ -713,11 +1085,81 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9402 |
+@@ -713,11 +1047,81 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9403 |
|
9404 |
/* OK, This is the point of no return */ |
9405 |
current->flags &= ~PF_FORKNOEXEC; |
9406 |
@@ -43271,7 +43139,7 @@ index 6ff96c6..3020df9 100644 |
9407 |
+ |
9408 |
+ current->mm->def_flags = 0; |
9409 |
+ |
9410 |
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS) |
9411 |
++#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) |
9412 |
+ if (0 > pax_parse_pax_flags(&loc->elf_ex, elf_phdata, bprm->file)) { |
9413 |
+ send_sig(SIGKILL, current, 0); |
9414 |
+ goto out_free_dentry; |
9415 |
@@ -43329,7 +43197,7 @@ index 6ff96c6..3020df9 100644 |
9416 |
if (elf_read_implies_exec(loc->elf_ex, executable_stack)) |
9417 |
current->personality |= READ_IMPLIES_EXEC; |
9418 |
|
9419 |
-@@ -808,6 +1250,20 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9420 |
+@@ -808,6 +1212,20 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9421 |
#else |
9422 |
load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); |
9423 |
#endif |
9424 |
@@ -43350,7 +43218,7 @@ index 6ff96c6..3020df9 100644 |
9425 |
} |
9426 |
|
9427 |
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, |
9428 |
-@@ -840,9 +1296,9 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9429 |
+@@ -840,9 +1258,9 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9430 |
* allowed task size. Note that p_filesz must always be |
9431 |
* <= p_memsz so it is only necessary to check p_memsz. |
9432 |
*/ |
9433 |
@@ -43363,7 +43231,7 @@ index 6ff96c6..3020df9 100644 |
9434 |
/* set_brk can never work. Avoid overflows. */ |
9435 |
send_sig(SIGKILL, current, 0); |
9436 |
retval = -EINVAL; |
9437 |
-@@ -881,11 +1337,40 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9438 |
+@@ -881,11 +1299,40 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) |
9439 |
goto out_free_dentry; |
9440 |
} |
9441 |
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { |
9442 |
@@ -43407,7 +43275,7 @@ index 6ff96c6..3020df9 100644 |
9443 |
if (elf_interpreter) { |
9444 |
unsigned long uninitialized_var(interp_map_addr); |
9445 |
|
9446 |
-@@ -1098,7 +1583,7 @@ out: |
9447 |
+@@ -1098,7 +1545,7 @@ out: |
9448 |
* Decide what to dump of a segment, part, all or none. |
9449 |
*/ |
9450 |
static unsigned long vma_dump_size(struct vm_area_struct *vma, |
9451 |
@@ -43416,7 +43284,7 @@ index 6ff96c6..3020df9 100644 |
9452 |
{ |
9453 |
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) |
9454 |
|
9455 |
-@@ -1132,7 +1617,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, |
9456 |
+@@ -1132,7 +1579,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, |
9457 |
if (vma->vm_file == NULL) |
9458 |
return 0; |
9459 |
|
9460 |
@@ -43425,7 +43293,7 @@ index 6ff96c6..3020df9 100644 |
9461 |
goto whole; |
9462 |
|
9463 |
/* |
9464 |
-@@ -1354,9 +1839,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) |
9465 |
+@@ -1354,9 +1801,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) |
9466 |
{ |
9467 |
elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; |
9468 |
int i = 0; |
9469 |
@@ -43437,7 +43305,7 @@ index 6ff96c6..3020df9 100644 |
9470 |
fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); |
9471 |
} |
9472 |
|
9473 |
-@@ -1862,14 +2347,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, |
9474 |
+@@ -1862,14 +2309,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, |
9475 |
} |
9476 |
|
9477 |
static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma, |
9478 |
@@ -43454,7 +43322,7 @@ index 6ff96c6..3020df9 100644 |
9479 |
return size; |
9480 |
} |
9481 |
|
9482 |
-@@ -1963,7 +2448,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9483 |
+@@ -1963,7 +2410,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9484 |
|
9485 |
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); |
9486 |
|
9487 |
@@ -43463,7 +43331,7 @@ index 6ff96c6..3020df9 100644 |
9488 |
offset += elf_core_extra_data_size(); |
9489 |
e_shoff = offset; |
9490 |
|
9491 |
-@@ -1977,10 +2462,12 @@ static int elf_core_dump(struct coredump_params *cprm) |
9492 |
+@@ -1977,10 +2424,12 @@ static int elf_core_dump(struct coredump_params *cprm) |
9493 |
offset = dataoff; |
9494 |
|
9495 |
size += sizeof(*elf); |
9496 |
@@ -43476,7 +43344,7 @@ index 6ff96c6..3020df9 100644 |
9497 |
if (size > cprm->limit |
9498 |
|| !dump_write(cprm->file, phdr4note, sizeof(*phdr4note))) |
9499 |
goto end_coredump; |
9500 |
-@@ -1994,7 +2481,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9501 |
+@@ -1994,7 +2443,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9502 |
phdr.p_offset = offset; |
9503 |
phdr.p_vaddr = vma->vm_start; |
9504 |
phdr.p_paddr = 0; |
9505 |
@@ -43485,7 +43353,7 @@ index 6ff96c6..3020df9 100644 |
9506 |
phdr.p_memsz = vma->vm_end - vma->vm_start; |
9507 |
offset += phdr.p_filesz; |
9508 |
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; |
9509 |
-@@ -2005,6 +2492,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9510 |
+@@ -2005,6 +2454,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9511 |
phdr.p_align = ELF_EXEC_PAGESIZE; |
9512 |
|
9513 |
size += sizeof(phdr); |
9514 |
@@ -43493,7 +43361,7 @@ index 6ff96c6..3020df9 100644 |
9515 |
if (size > cprm->limit |
9516 |
|| !dump_write(cprm->file, &phdr, sizeof(phdr))) |
9517 |
goto end_coredump; |
9518 |
-@@ -2029,7 +2517,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9519 |
+@@ -2029,7 +2479,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9520 |
unsigned long addr; |
9521 |
unsigned long end; |
9522 |
|
9523 |
@@ -43502,7 +43370,7 @@ index 6ff96c6..3020df9 100644 |
9524 |
|
9525 |
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { |
9526 |
struct page *page; |
9527 |
-@@ -2038,6 +2526,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9528 |
+@@ -2038,6 +2488,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9529 |
page = get_dump_page(addr); |
9530 |
if (page) { |
9531 |
void *kaddr = kmap(page); |
9532 |
@@ -43510,7 +43378,7 @@ index 6ff96c6..3020df9 100644 |
9533 |
stop = ((size += PAGE_SIZE) > cprm->limit) || |
9534 |
!dump_write(cprm->file, kaddr, |
9535 |
PAGE_SIZE); |
9536 |
-@@ -2055,6 +2544,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9537 |
+@@ -2055,6 +2506,7 @@ static int elf_core_dump(struct coredump_params *cprm) |
9538 |
|
9539 |
if (e_phnum == PN_XNUM) { |
9540 |
size += sizeof(*shdr4extnum); |
9541 |
@@ -43518,7 +43386,7 @@ index 6ff96c6..3020df9 100644 |
9542 |
if (size > cprm->limit |
9543 |
|| !dump_write(cprm->file, shdr4extnum, |
9544 |
sizeof(*shdr4extnum))) |
9545 |
-@@ -2075,6 +2565,97 @@ out: |
9546 |
+@@ -2075,6 +2527,97 @@ out: |
9547 |
|
9548 |
#endif /* CONFIG_ELF_CORE */ |
9549 |
|
9550 |
@@ -43791,51 +43659,6 @@ index cfb5543..1ae7347 100644 |
9551 |
|
9552 |
if (!del) { |
9553 |
spin_lock(&rc->reloc_root_tree.lock); |
9554 |
-diff --git a/fs/buffer.c b/fs/buffer.c |
9555 |
-index c807931..4115eca 100644 |
9556 |
---- a/fs/buffer.c |
9557 |
-+++ b/fs/buffer.c |
9558 |
-@@ -1087,6 +1087,9 @@ grow_buffers(struct block_device *bdev, sector_t block, int size) |
9559 |
- static struct buffer_head * |
9560 |
- __getblk_slow(struct block_device *bdev, sector_t block, int size) |
9561 |
- { |
9562 |
-+ int ret; |
9563 |
-+ struct buffer_head *bh; |
9564 |
-+ |
9565 |
- /* Size must be multiple of hard sectorsize */ |
9566 |
- if (unlikely(size & (bdev_logical_block_size(bdev)-1) || |
9567 |
- (size < 512 || size > PAGE_SIZE))) { |
9568 |
-@@ -1099,20 +1102,21 @@ __getblk_slow(struct block_device *bdev, sector_t block, int size) |
9569 |
- return NULL; |
9570 |
- } |
9571 |
- |
9572 |
-- for (;;) { |
9573 |
-- struct buffer_head * bh; |
9574 |
-- int ret; |
9575 |
-+retry: |
9576 |
-+ bh = __find_get_block(bdev, block, size); |
9577 |
-+ if (bh) |
9578 |
-+ return bh; |
9579 |
- |
9580 |
-+ ret = grow_buffers(bdev, block, size); |
9581 |
-+ if (ret == 0) { |
9582 |
-+ free_more_memory(); |
9583 |
-+ goto retry; |
9584 |
-+ } else if (ret > 0) { |
9585 |
- bh = __find_get_block(bdev, block, size); |
9586 |
- if (bh) |
9587 |
- return bh; |
9588 |
-- |
9589 |
-- ret = grow_buffers(bdev, block, size); |
9590 |
-- if (ret < 0) |
9591 |
-- return NULL; |
9592 |
-- if (ret == 0) |
9593 |
-- free_more_memory(); |
9594 |
- } |
9595 |
-+ return NULL; |
9596 |
- } |
9597 |
- |
9598 |
- /* |
9599 |
diff --git a/fs/cachefiles/bind.c b/fs/cachefiles/bind.c |
9600 |
index 622f469..e8d2d55 100644 |
9601 |
--- a/fs/cachefiles/bind.c |
9602 |
@@ -44623,10 +44446,10 @@ index af11098..81e3bbe 100644 |
9603 |
/* Free the char* */ |
9604 |
kfree(buf); |
9605 |
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
9606 |
-index 0dc5a3d..d3cdeea 100644 |
9607 |
+index de42310..867dddd 100644 |
9608 |
--- a/fs/ecryptfs/miscdev.c |
9609 |
+++ b/fs/ecryptfs/miscdev.c |
9610 |
-@@ -328,7 +328,7 @@ check_list: |
9611 |
+@@ -338,7 +338,7 @@ check_list: |
9612 |
goto out_unlock_msg_ctx; |
9613 |
i = 5; |
9614 |
if (msg_ctx->msg) { |
9615 |
@@ -44657,24 +44480,8 @@ index 608c1c3..7d040a8 100644 |
9616 |
set_fs(fs_save); |
9617 |
return rc; |
9618 |
} |
9619 |
-diff --git a/fs/eventpoll.c b/fs/eventpoll.c |
9620 |
-index 4d9d3a4..a6f3763 100644 |
9621 |
---- a/fs/eventpoll.c |
9622 |
-+++ b/fs/eventpoll.c |
9623 |
-@@ -1629,8 +1629,10 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd, |
9624 |
- if (op == EPOLL_CTL_ADD) { |
9625 |
- if (is_file_epoll(tfile)) { |
9626 |
- error = -ELOOP; |
9627 |
-- if (ep_loop_check(ep, tfile) != 0) |
9628 |
-+ if (ep_loop_check(ep, tfile) != 0) { |
9629 |
-+ clear_tfile_check_list(); |
9630 |
- goto error_tgt_fput; |
9631 |
-+ } |
9632 |
- } else |
9633 |
- list_add(&tfile->f_tfile_llink, &tfile_check_list); |
9634 |
- } |
9635 |
diff --git a/fs/exec.c b/fs/exec.c |
9636 |
-index 160cd2f..52c1678 100644 |
9637 |
+index 160cd2f..5cc2091 100644 |
9638 |
--- a/fs/exec.c |
9639 |
+++ b/fs/exec.c |
9640 |
@@ -55,12 +55,33 @@ |
9641 |
@@ -45194,7 +45001,7 @@ index 160cd2f..52c1678 100644 |
9642 |
cn->corename = kmalloc(cn->size, GFP_KERNEL); |
9643 |
cn->used = 0; |
9644 |
|
9645 |
-@@ -1815,6 +1948,228 @@ out: |
9646 |
+@@ -1815,6 +1948,250 @@ out: |
9647 |
return ispipe; |
9648 |
} |
9649 |
|
9650 |
@@ -45339,7 +45146,7 @@ index 160cd2f..52c1678 100644 |
9651 |
+ |
9652 |
+#ifdef CONFIG_PAX_USERCOPY |
9653 |
+/* 0: not at all, 1: fully, 2: fully inside frame, -1: partially (implies an error) */ |
9654 |
-+int object_is_on_stack(const void *obj, unsigned long len) |
9655 |
++static noinline int check_stack_object(const void *obj, unsigned long len) |
9656 |
+{ |
9657 |
+ const void * const stack = task_stack_page(current); |
9658 |
+ const void * const stackend = stack + THREAD_SIZE; |
9659 |
@@ -45385,7 +45192,7 @@ index 160cd2f..52c1678 100644 |
9660 |
+#endif |
9661 |
+} |
9662 |
+ |
9663 |
-+__noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
9664 |
++static __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
9665 |
+{ |
9666 |
+ if (current->signal->curr_ip) |
9667 |
+ printk(KERN_ERR "PAX: From %pI4: kernel memory %s attempt detected %s %p (%s) (%lu bytes)\n", |
9668 |
@@ -45399,6 +45206,28 @@ index 160cd2f..52c1678 100644 |
9669 |
+} |
9670 |
+#endif |
9671 |
+ |
9672 |
++void check_object_size(const void *ptr, unsigned long n, bool to) |
9673 |
++{ |
9674 |
++ |
9675 |
++#ifdef CONFIG_PAX_USERCOPY |
9676 |
++ const char *type; |
9677 |
++ |
9678 |
++ if (!n) |
9679 |
++ return; |
9680 |
++ |
9681 |
++ type = check_heap_object(ptr, n, to); |
9682 |
++ if (!type) { |
9683 |
++ if (check_stack_object(ptr, n) != -1) |
9684 |
++ return; |
9685 |
++ type = "<process stack>"; |
9686 |
++ } |
9687 |
++ |
9688 |
++ pax_report_usercopy(ptr, n, to, type); |
9689 |
++#endif |
9690 |
++ |
9691 |
++} |
9692 |
++EXPORT_SYMBOL(check_object_size); |
9693 |
++ |
9694 |
+#ifdef CONFIG_PAX_MEMORY_STACKLEAK |
9695 |
+void pax_track_stack(void) |
9696 |
+{ |
9697 |
@@ -45423,7 +45252,7 @@ index 160cd2f..52c1678 100644 |
9698 |
static int zap_process(struct task_struct *start, int exit_code) |
9699 |
{ |
9700 |
struct task_struct *t; |
9701 |
-@@ -2026,17 +2381,17 @@ static void wait_for_dump_helpers(struct file *file) |
9702 |
+@@ -2026,17 +2403,17 @@ static void wait_for_dump_helpers(struct file *file) |
9703 |
pipe = file->f_path.dentry->d_inode->i_pipe; |
9704 |
|
9705 |
pipe_lock(pipe); |
9706 |
@@ -45446,7 +45275,7 @@ index 160cd2f..52c1678 100644 |
9707 |
pipe_unlock(pipe); |
9708 |
|
9709 |
} |
9710 |
-@@ -2097,7 +2452,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9711 |
+@@ -2097,7 +2474,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9712 |
int retval = 0; |
9713 |
int flag = 0; |
9714 |
int ispipe; |
9715 |
@@ -45455,7 +45284,7 @@ index 160cd2f..52c1678 100644 |
9716 |
struct coredump_params cprm = { |
9717 |
.signr = signr, |
9718 |
.regs = regs, |
9719 |
-@@ -2112,6 +2467,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9720 |
+@@ -2112,6 +2489,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9721 |
|
9722 |
audit_core_dumps(signr); |
9723 |
|
9724 |
@@ -45465,7 +45294,7 @@ index 160cd2f..52c1678 100644 |
9725 |
binfmt = mm->binfmt; |
9726 |
if (!binfmt || !binfmt->core_dump) |
9727 |
goto fail; |
9728 |
-@@ -2179,7 +2537,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9729 |
+@@ -2179,7 +2559,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9730 |
} |
9731 |
cprm.limit = RLIM_INFINITY; |
9732 |
|
9733 |
@@ -45474,7 +45303,7 @@ index 160cd2f..52c1678 100644 |
9734 |
if (core_pipe_limit && (core_pipe_limit < dump_count)) { |
9735 |
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", |
9736 |
task_tgid_vnr(current), current->comm); |
9737 |
-@@ -2206,6 +2564,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9738 |
+@@ -2206,6 +2586,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) |
9739 |
} else { |
9740 |
struct inode *inode; |
9741 |
|
9742 |
@@ -45483,7 +45312,7 @@ index 160cd2f..52c1678 100644 |
9743 |
if (cprm.limit < binfmt->min_coredump) |
9744 |
goto fail_unlock; |
9745 |
|
9746 |
-@@ -2249,7 +2609,7 @@ close_fail: |
9747 |
+@@ -2249,7 +2631,7 @@ close_fail: |
9748 |
filp_close(cprm.file, NULL); |
9749 |
fail_dropcount: |
9750 |
if (ispipe) |
9751 |
@@ -45492,7 +45321,7 @@ index 160cd2f..52c1678 100644 |
9752 |
fail_unlock: |
9753 |
kfree(cn.corename); |
9754 |
fail_corename: |
9755 |
-@@ -2268,7 +2628,7 @@ fail: |
9756 |
+@@ -2268,7 +2650,7 @@ fail: |
9757 |
*/ |
9758 |
int dump_write(struct file *file, const void *addr, int nr) |
9759 |
{ |
9760 |
@@ -45740,27 +45569,10 @@ index 22764c7..86372c9 100644 |
9761 |
break; |
9762 |
err = alloc_fd(arg, cmd == F_DUPFD_CLOEXEC ? O_CLOEXEC : 0); |
9763 |
diff --git a/fs/fifo.c b/fs/fifo.c |
9764 |
-index b1a524d..3d7942c 100644 |
9765 |
+index cf6f434..3d7942c 100644 |
9766 |
--- a/fs/fifo.c |
9767 |
+++ b/fs/fifo.c |
9768 |
-@@ -14,7 +14,7 @@ |
9769 |
- #include <linux/sched.h> |
9770 |
- #include <linux/pipe_fs_i.h> |
9771 |
- |
9772 |
--static void wait_for_partner(struct inode* inode, unsigned int *cnt) |
9773 |
-+static int wait_for_partner(struct inode* inode, unsigned int *cnt) |
9774 |
- { |
9775 |
- int cur = *cnt; |
9776 |
- |
9777 |
-@@ -23,6 +23,7 @@ static void wait_for_partner(struct inode* inode, unsigned int *cnt) |
9778 |
- if (signal_pending(current)) |
9779 |
- break; |
9780 |
- } |
9781 |
-+ return cur == *cnt ? -ERESTARTSYS : 0; |
9782 |
- } |
9783 |
- |
9784 |
- static void wake_up_partner(struct inode* inode) |
9785 |
-@@ -58,17 +59,16 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9786 |
+@@ -59,10 +59,10 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9787 |
*/ |
9788 |
filp->f_op = &read_pipefifo_fops; |
9789 |
pipe->r_counter++; |
9790 |
@@ -45773,15 +45585,7 @@ index b1a524d..3d7942c 100644 |
9791 |
if ((filp->f_flags & O_NONBLOCK)) { |
9792 |
/* suppress POLLHUP until we have |
9793 |
* seen a writer */ |
9794 |
- filp->f_version = pipe->w_counter; |
9795 |
- } else { |
9796 |
-- wait_for_partner(inode, &pipe->w_counter); |
9797 |
-- if(signal_pending(current)) |
9798 |
-+ if (wait_for_partner(inode, &pipe->w_counter)) |
9799 |
- goto err_rd; |
9800 |
- } |
9801 |
- } |
9802 |
-@@ -81,17 +81,16 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9803 |
+@@ -81,15 +81,15 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9804 |
* errno=ENXIO when there is no process reading the FIFO. |
9805 |
*/ |
9806 |
ret = -ENXIO; |
9807 |
@@ -45796,14 +45600,11 @@ index b1a524d..3d7942c 100644 |
9808 |
wake_up_partner(inode); |
9809 |
|
9810 |
- if (!pipe->readers) { |
9811 |
-- wait_for_partner(inode, &pipe->r_counter); |
9812 |
-- if (signal_pending(current)) |
9813 |
+ if (!atomic_read(&pipe->readers)) { |
9814 |
-+ if (wait_for_partner(inode, &pipe->r_counter)) |
9815 |
+ if (wait_for_partner(inode, &pipe->r_counter)) |
9816 |
goto err_wr; |
9817 |
} |
9818 |
- break; |
9819 |
-@@ -105,11 +104,11 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9820 |
+@@ -104,11 +104,11 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9821 |
*/ |
9822 |
filp->f_op = &rdwr_pipefifo_fops; |
9823 |
|
9824 |
@@ -45818,7 +45619,7 @@ index b1a524d..3d7942c 100644 |
9825 |
wake_up_partner(inode); |
9826 |
break; |
9827 |
|
9828 |
-@@ -123,19 +122,19 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9829 |
+@@ -122,19 +122,19 @@ static int fifo_open(struct inode *inode, struct file *filp) |
9830 |
return 0; |
9831 |
|
9832 |
err_rd: |
9833 |
@@ -47344,10 +47145,10 @@ index cfd4959..a780959 100644 |
9834 |
kfree(s); |
9835 |
} |
9836 |
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c |
9837 |
-index 2d0ca24..c4b8676511 100644 |
9838 |
+index ebc2f4d..eb1c5cd 100644 |
9839 |
--- a/fs/hugetlbfs/inode.c |
9840 |
+++ b/fs/hugetlbfs/inode.c |
9841 |
-@@ -908,7 +908,7 @@ static struct file_system_type hugetlbfs_fs_type = { |
9842 |
+@@ -896,7 +896,7 @@ static struct file_system_type hugetlbfs_fs_type = { |
9843 |
.kill_sb = kill_litter_super, |
9844 |
}; |
9845 |
|
9846 |
@@ -47418,7 +47219,7 @@ index b09e51d..e482afa 100644 |
9847 |
|
9848 |
/* |
9849 |
diff --git a/fs/jfs/super.c b/fs/jfs/super.c |
9850 |
-index a44eff0..462e07d 100644 |
9851 |
+index a44eff076..462e07d 100644 |
9852 |
--- a/fs/jfs/super.c |
9853 |
+++ b/fs/jfs/super.c |
9854 |
@@ -802,7 +802,7 @@ static int __init init_jfs_fs(void) |
9855 |
@@ -47477,7 +47278,7 @@ index 8392cb8..80d6193 100644 |
9856 |
memcpy(c->data, &cookie, 4); |
9857 |
c->len=4; |
9858 |
diff --git a/fs/locks.c b/fs/locks.c |
9859 |
-index 0d68f1f..c3dacf2 100644 |
9860 |
+index 6a64f15..c3dacf2 100644 |
9861 |
--- a/fs/locks.c |
9862 |
+++ b/fs/locks.c |
9863 |
@@ -308,7 +308,7 @@ static int flock_make_lock(struct file *filp, struct file_lock **lock, |
9864 |
@@ -47507,15 +47308,6 @@ index 0d68f1f..c3dacf2 100644 |
9865 |
{ |
9866 |
struct file_lock *fl = locks_alloc_lock(); |
9867 |
int error = -ENOMEM; |
9868 |
-@@ -1465,7 +1465,7 @@ int generic_setlease(struct file *filp, long arg, struct file_lock **flp) |
9869 |
- case F_WRLCK: |
9870 |
- return generic_add_lease(filp, arg, flp); |
9871 |
- default: |
9872 |
-- BUG(); |
9873 |
-+ return -EINVAL; |
9874 |
- } |
9875 |
- } |
9876 |
- EXPORT_SYMBOL(generic_setlease); |
9877 |
@@ -2075,16 +2075,16 @@ void locks_remove_flock(struct file *filp) |
9878 |
return; |
9879 |
|
9880 |
@@ -48280,19 +48072,6 @@ index c587e2d..3641eaa 100644 |
9881 |
|
9882 |
-const struct inode_operations ntfs_empty_inode_ops = {}; |
9883 |
+const struct inode_operations ntfs_empty_inode_ops __read_only; |
9884 |
-diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c |
9885 |
-index 07ee5b4..1c7d45e 100644 |
9886 |
---- a/fs/ocfs2/file.c |
9887 |
-+++ b/fs/ocfs2/file.c |
9888 |
-@@ -1950,7 +1950,7 @@ static int __ocfs2_change_file_space(struct file *file, struct inode *inode, |
9889 |
- if (ret < 0) |
9890 |
- mlog_errno(ret); |
9891 |
- |
9892 |
-- if (file->f_flags & O_SYNC) |
9893 |
-+ if (file && (file->f_flags & O_SYNC)) |
9894 |
- handle->h_sync = 1; |
9895 |
- |
9896 |
- ocfs2_commit_trans(osb, handle); |
9897 |
diff --git a/fs/ocfs2/localalloc.c b/fs/ocfs2/localalloc.c |
9898 |
index 210c352..a174f83 100644 |
9899 |
--- a/fs/ocfs2/localalloc.c |
9900 |
@@ -60572,7 +60351,7 @@ index 6cd5b64..f620d2d 100644 |
9901 |
#define ACPI_DRIVER_ALL_NOTIFY_EVENTS 0x1 /* system AND device events */ |
9902 |
|
9903 |
diff --git a/include/asm-generic/atomic-long.h b/include/asm-generic/atomic-long.h |
9904 |
-index b7babf0..71e4e74 100644 |
9905 |
+index b7babf0..3ba8aee 100644 |
9906 |
--- a/include/asm-generic/atomic-long.h |
9907 |
+++ b/include/asm-generic/atomic-long.h |
9908 |
@@ -22,6 +22,12 @@ |
9909 |
@@ -60825,7 +60604,7 @@ index b7babf0..71e4e74 100644 |
9910 |
static inline long atomic_long_dec_return(atomic_long_t *l) |
9911 |
{ |
9912 |
atomic_t *v = (atomic_t *)l; |
9913 |
-@@ -255,4 +393,49 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
9914 |
+@@ -255,4 +393,55 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
9915 |
|
9916 |
#endif /* BITS_PER_LONG == 64 */ |
9917 |
|
9918 |
@@ -60843,6 +60622,10 @@ index b7babf0..71e4e74 100644 |
9919 |
+ atomic_dec_unchecked((atomic_unchecked_t *)NULL); |
9920 |
+ atomic_cmpxchg_unchecked((atomic_unchecked_t *)NULL, 0, 0); |
9921 |
+ (void)atomic_xchg_unchecked((atomic_unchecked_t *)NULL, 0); |
9922 |
++#ifdef CONFIG_X86 |
9923 |
++ atomic_clear_mask_unchecked(0, NULL); |
9924 |
++ atomic_set_mask_unchecked(0, NULL); |
9925 |
++#endif |
9926 |
+ |
9927 |
+ atomic_long_read_unchecked((atomic_long_unchecked_t *)NULL); |
9928 |
+ atomic_long_set_unchecked((atomic_long_unchecked_t *)NULL, 0); |
9929 |
@@ -60864,6 +60647,8 @@ index b7babf0..71e4e74 100644 |
9930 |
+#define atomic_dec_unchecked(v) atomic_dec(v) |
9931 |
+#define atomic_cmpxchg_unchecked(v, o, n) atomic_cmpxchg((v), (o), (n)) |
9932 |
+#define atomic_xchg_unchecked(v, i) atomic_xchg((v), (i)) |
9933 |
++#define atomic_clear_mask_unchecked(mask, v) atomic_clear_mask((mask), (v)) |
9934 |
++#define atomic_set_mask_unchecked(mask, v) atomic_set_mask((mask), (v)) |
9935 |
+ |
9936 |
+#define atomic_long_read_unchecked(v) atomic_long_read(v) |
9937 |
+#define atomic_long_set_unchecked(v, i) atomic_long_set((v), (i)) |
9938 |
@@ -60875,6 +60660,19 @@ index b7babf0..71e4e74 100644 |
9939 |
+#endif |
9940 |
+ |
9941 |
#endif /* _ASM_GENERIC_ATOMIC_LONG_H */ |
9942 |
+diff --git a/include/asm-generic/atomic.h b/include/asm-generic/atomic.h |
9943 |
+index e37963c..6f5b60b 100644 |
9944 |
+--- a/include/asm-generic/atomic.h |
9945 |
++++ b/include/asm-generic/atomic.h |
9946 |
+@@ -158,7 +158,7 @@ static inline int __atomic_add_unless(atomic_t *v, int a, int u) |
9947 |
+ * Atomically clears the bits set in @mask from @v |
9948 |
+ */ |
9949 |
+ #ifndef atomic_clear_mask |
9950 |
+-static inline void atomic_clear_mask(unsigned long mask, atomic_t *v) |
9951 |
++static inline void atomic_clear_mask(unsigned int mask, atomic_t *v) |
9952 |
+ { |
9953 |
+ unsigned long flags; |
9954 |
+ |
9955 |
diff --git a/include/asm-generic/atomic64.h b/include/asm-generic/atomic64.h |
9956 |
index b18ce4f..2ee2843 100644 |
9957 |
--- a/include/asm-generic/atomic64.h |
9958 |
@@ -61358,10 +61156,10 @@ index 04ffb2e..6799180 100644 |
9959 |
extern struct cleancache_ops |
9960 |
cleancache_register_ops(struct cleancache_ops *ops); |
9961 |
diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h |
9962 |
-index dfadc96..d90deca 100644 |
9963 |
+index dfadc96..441a641 100644 |
9964 |
--- a/include/linux/compiler-gcc4.h |
9965 |
+++ b/include/linux/compiler-gcc4.h |
9966 |
-@@ -31,6 +31,15 @@ |
9967 |
+@@ -31,6 +31,20 @@ |
9968 |
|
9969 |
|
9970 |
#if __GNUC_MINOR__ >= 5 |
9971 |
@@ -61374,10 +61172,15 @@ index dfadc96..d90deca 100644 |
9972 |
+#ifdef SIZE_OVERFLOW_PLUGIN |
9973 |
+#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__))) |
9974 |
+#endif |
9975 |
++ |
9976 |
++#ifdef LATENT_ENTROPY_PLUGIN |
9977 |
++#define __latent_entropy __attribute__((latent_entropy)) |
9978 |
++#endif |
9979 |
++ |
9980 |
/* |
9981 |
* Mark a position in code as unreachable. This can be used to |
9982 |
* suppress control flow warnings after asm blocks that transfer |
9983 |
-@@ -46,6 +55,11 @@ |
9984 |
+@@ -46,6 +60,11 @@ |
9985 |
#define __noclone __attribute__((__noclone__)) |
9986 |
|
9987 |
#endif |
9988 |
@@ -61390,7 +61193,7 @@ index dfadc96..d90deca 100644 |
9989 |
|
9990 |
#if __GNUC_MINOR__ > 0 |
9991 |
diff --git a/include/linux/compiler.h b/include/linux/compiler.h |
9992 |
-index 320d6c9..1221a6b 100644 |
9993 |
+index 320d6c9..066b6d5 100644 |
9994 |
--- a/include/linux/compiler.h |
9995 |
+++ b/include/linux/compiler.h |
9996 |
@@ -5,31 +5,62 @@ |
9997 |
@@ -61466,7 +61269,7 @@ index 320d6c9..1221a6b 100644 |
9998 |
#endif |
9999 |
|
10000 |
#ifdef __KERNEL__ |
10001 |
-@@ -264,6 +297,17 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10002 |
+@@ -264,6 +297,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10003 |
# define __attribute_const__ /* unimplemented */ |
10004 |
#endif |
10005 |
|
10006 |
@@ -61481,10 +61284,15 @@ index 320d6c9..1221a6b 100644 |
10007 |
+#ifndef __size_overflow |
10008 |
+# define __size_overflow(...) |
10009 |
+#endif |
10010 |
++ |
10011 |
++#ifndef __latent_entropy |
10012 |
++# define __latent_entropy |
10013 |
++#endif |
10014 |
++ |
10015 |
/* |
10016 |
* Tell gcc if a function is cold. The compiler will assume any path |
10017 |
* directly leading to the call is unlikely. |
10018 |
-@@ -273,6 +317,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10019 |
+@@ -273,6 +322,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10020 |
#define __cold |
10021 |
#endif |
10022 |
|
10023 |
@@ -61507,7 +61315,7 @@ index 320d6c9..1221a6b 100644 |
10024 |
/* Simple shorthand for a section definition */ |
10025 |
#ifndef __section |
10026 |
# define __section(S) __attribute__ ((__section__(#S))) |
10027 |
-@@ -306,6 +366,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10028 |
+@@ -306,6 +371,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
10029 |
* use is to mediate communication between process-level code and irq/NMI |
10030 |
* handlers, all running on the same CPU. |
10031 |
*/ |
10032 |
@@ -61844,6 +61652,49 @@ index 4eec461..84c73cf 100644 |
10033 |
struct disk_events *ev; |
10034 |
#ifdef CONFIG_BLK_DEV_INTEGRITY |
10035 |
struct blk_integrity *integrity; |
10036 |
+diff --git a/include/linux/gfp.h b/include/linux/gfp.h |
10037 |
+index 3a76faf..c0592c7 100644 |
10038 |
+--- a/include/linux/gfp.h |
10039 |
++++ b/include/linux/gfp.h |
10040 |
+@@ -37,6 +37,12 @@ struct vm_area_struct; |
10041 |
+ #define ___GFP_NO_KSWAPD 0x400000u |
10042 |
+ #define ___GFP_OTHER_NODE 0x800000u |
10043 |
+ |
10044 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10045 |
++#define ___GFP_USERCOPY 0x1000000u |
10046 |
++#else |
10047 |
++#define ___GFP_USERCOPY 0 |
10048 |
++#endif |
10049 |
++ |
10050 |
+ /* |
10051 |
+ * GFP bitmasks.. |
10052 |
+ * |
10053 |
+@@ -85,6 +91,7 @@ struct vm_area_struct; |
10054 |
+ |
10055 |
+ #define __GFP_NO_KSWAPD ((__force gfp_t)___GFP_NO_KSWAPD) |
10056 |
+ #define __GFP_OTHER_NODE ((__force gfp_t)___GFP_OTHER_NODE) /* On behalf of other node */ |
10057 |
++#define __GFP_USERCOPY ((__force gfp_t)___GFP_USERCOPY)/* Allocator intends to copy page to/from userland */ |
10058 |
+ |
10059 |
+ /* |
10060 |
+ * This may seem redundant, but it's a way of annotating false positives vs. |
10061 |
+@@ -92,7 +99,7 @@ struct vm_area_struct; |
10062 |
+ */ |
10063 |
+ #define __GFP_NOTRACK_FALSE_POSITIVE (__GFP_NOTRACK) |
10064 |
+ |
10065 |
+-#define __GFP_BITS_SHIFT 24 /* Room for N __GFP_FOO bits */ |
10066 |
++#define __GFP_BITS_SHIFT 25 /* Room for N __GFP_FOO bits */ |
10067 |
+ #define __GFP_BITS_MASK ((__force gfp_t)((1 << __GFP_BITS_SHIFT) - 1)) |
10068 |
+ |
10069 |
+ /* This equals 0, but use constants in case they ever change */ |
10070 |
+@@ -146,6 +153,8 @@ struct vm_area_struct; |
10071 |
+ /* 4GB DMA on some platforms */ |
10072 |
+ #define GFP_DMA32 __GFP_DMA32 |
10073 |
+ |
10074 |
++#define GFP_USERCOPY __GFP_USERCOPY |
10075 |
++ |
10076 |
+ /* Convert GFP flags to their corresponding migrate type */ |
10077 |
+ static inline int allocflags_to_migratetype(gfp_t gfp_flags) |
10078 |
+ { |
10079 |
diff --git a/include/linux/gracl.h b/include/linux/gracl.h |
10080 |
new file mode 100644 |
10081 |
index 0000000..c938b1f |
10082 |
@@ -62998,10 +62849,54 @@ index a6deef4..c56a7f2 100644 |
10083 |
and pointers */ |
10084 |
#endif |
10085 |
diff --git a/include/linux/init.h b/include/linux/init.h |
10086 |
-index 9146f39..885354d 100644 |
10087 |
+index 9146f39..e19693b 100644 |
10088 |
--- a/include/linux/init.h |
10089 |
+++ b/include/linux/init.h |
10090 |
-@@ -293,13 +293,13 @@ void __init parse_early_options(char *cmdline); |
10091 |
+@@ -38,9 +38,15 @@ |
10092 |
+ * Also note, that this data cannot be "const". |
10093 |
+ */ |
10094 |
+ |
10095 |
++#ifdef MODULE |
10096 |
++#define add_latent_entropy |
10097 |
++#else |
10098 |
++#define add_latent_entropy __latent_entropy |
10099 |
++#endif |
10100 |
++ |
10101 |
+ /* These are for everybody (although not all archs will actually |
10102 |
+ discard it in modules) */ |
10103 |
+-#define __init __section(.init.text) __cold notrace |
10104 |
++#define __init __section(.init.text) __cold notrace add_latent_entropy |
10105 |
+ #define __initdata __section(.init.data) |
10106 |
+ #define __initconst __section(.init.rodata) |
10107 |
+ #define __exitdata __section(.exit.data) |
10108 |
+@@ -82,7 +88,7 @@ |
10109 |
+ #define __exit __section(.exit.text) __exitused __cold notrace |
10110 |
+ |
10111 |
+ /* Used for HOTPLUG */ |
10112 |
+-#define __devinit __section(.devinit.text) __cold notrace |
10113 |
++#define __devinit __section(.devinit.text) __cold notrace add_latent_entropy |
10114 |
+ #define __devinitdata __section(.devinit.data) |
10115 |
+ #define __devinitconst __section(.devinit.rodata) |
10116 |
+ #define __devexit __section(.devexit.text) __exitused __cold notrace |
10117 |
+@@ -90,7 +96,7 @@ |
10118 |
+ #define __devexitconst __section(.devexit.rodata) |
10119 |
+ |
10120 |
+ /* Used for HOTPLUG_CPU */ |
10121 |
+-#define __cpuinit __section(.cpuinit.text) __cold notrace |
10122 |
++#define __cpuinit __section(.cpuinit.text) __cold notrace add_latent_entropy |
10123 |
+ #define __cpuinitdata __section(.cpuinit.data) |
10124 |
+ #define __cpuinitconst __section(.cpuinit.rodata) |
10125 |
+ #define __cpuexit __section(.cpuexit.text) __exitused __cold notrace |
10126 |
+@@ -98,7 +104,7 @@ |
10127 |
+ #define __cpuexitconst __section(.cpuexit.rodata) |
10128 |
+ |
10129 |
+ /* Used for MEMORY_HOTPLUG */ |
10130 |
+-#define __meminit __section(.meminit.text) __cold notrace |
10131 |
++#define __meminit __section(.meminit.text) __cold notrace add_latent_entropy |
10132 |
+ #define __meminitdata __section(.meminit.data) |
10133 |
+ #define __meminitconst __section(.meminit.rodata) |
10134 |
+ #define __memexit __section(.memexit.text) __exitused __cold notrace |
10135 |
+@@ -293,13 +299,13 @@ void __init parse_early_options(char *cmdline); |
10136 |
|
10137 |
/* Each module must use one module_init(). */ |
10138 |
#define module_init(initfn) \ |
10139 |
@@ -63517,7 +63412,7 @@ index 1d1b1e1..2a13c78 100644 |
10140 |
|
10141 |
#define pmdp_clear_flush_notify(__vma, __address, __pmdp) \ |
10142 |
diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h |
10143 |
-index 188cb2f..d401c76 100644 |
10144 |
+index 905b1e1..d401c76 100644 |
10145 |
--- a/include/linux/mmzone.h |
10146 |
+++ b/include/linux/mmzone.h |
10147 |
@@ -369,7 +369,7 @@ struct zone { |
10148 |
@@ -63529,15 +63424,6 @@ index 188cb2f..d401c76 100644 |
10149 |
|
10150 |
/* |
10151 |
* The target ratio of ACTIVE_ANON to INACTIVE_ANON pages on |
10152 |
-@@ -652,7 +652,7 @@ typedef struct pglist_data { |
10153 |
- range, including holes */ |
10154 |
- int node_id; |
10155 |
- wait_queue_head_t kswapd_wait; |
10156 |
-- struct task_struct *kswapd; |
10157 |
-+ struct task_struct *kswapd; /* Protected by lock_memory_hotplug() */ |
10158 |
- int kswapd_max_order; |
10159 |
- enum zone_type classzone_idx; |
10160 |
- } pg_data_t; |
10161 |
diff --git a/include/linux/mod_devicetable.h b/include/linux/mod_devicetable.h |
10162 |
index 468819c..17b9db3 100644 |
10163 |
--- a/include/linux/mod_devicetable.h |
10164 |
@@ -64007,10 +63893,21 @@ index 800f113..12c82ec 100644 |
10165 |
} |
10166 |
|
10167 |
diff --git a/include/linux/random.h b/include/linux/random.h |
10168 |
-index 8f74538..02a1012 100644 |
10169 |
+index 8f74538..de61694 100644 |
10170 |
--- a/include/linux/random.h |
10171 |
+++ b/include/linux/random.h |
10172 |
-@@ -69,12 +69,17 @@ void srandom32(u32 seed); |
10173 |
+@@ -54,6 +54,10 @@ extern void add_input_randomness(unsigned int type, unsigned int code, |
10174 |
+ unsigned int value); |
10175 |
+ extern void add_interrupt_randomness(int irq); |
10176 |
+ |
10177 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
10178 |
++extern void transfer_latent_entropy(void); |
10179 |
++#endif |
10180 |
++ |
10181 |
+ extern void get_random_bytes(void *buf, int nbytes); |
10182 |
+ void generate_random_uuid(unsigned char uuid_out[16]); |
10183 |
+ |
10184 |
+@@ -69,12 +73,17 @@ void srandom32(u32 seed); |
10185 |
|
10186 |
u32 prandom32(struct rnd_state *); |
10187 |
|
10188 |
@@ -64148,7 +64045,7 @@ index 2148b12..519b820 100644 |
10189 |
|
10190 |
static inline void anon_vma_merge(struct vm_area_struct *vma, |
10191 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
10192 |
-index 1c4f3e9..342eb1f 100644 |
10193 |
+index 5afa2a3..98df553 100644 |
10194 |
--- a/include/linux/sched.h |
10195 |
+++ b/include/linux/sched.h |
10196 |
@@ -101,6 +101,7 @@ struct bio_list; |
10197 |
@@ -64332,12 +64229,12 @@ index 1c4f3e9..342eb1f 100644 |
10198 |
+extern void pax_report_fault(struct pt_regs *regs, void *pc, void *sp); |
10199 |
+extern void pax_report_insns(struct pt_regs *regs, void *pc, void *sp); |
10200 |
+extern void pax_report_refcount_overflow(struct pt_regs *regs); |
10201 |
-+extern __noreturn void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type); |
10202 |
++extern void check_object_size(const void *ptr, unsigned long n, bool to); |
10203 |
+ |
10204 |
/* Future-safe accessor for struct task_struct's cpus_allowed. */ |
10205 |
#define tsk_cpus_allowed(tsk) (&(tsk)->cpus_allowed) |
10206 |
|
10207 |
-@@ -2081,7 +2173,9 @@ void yield(void); |
10208 |
+@@ -2089,7 +2181,9 @@ void yield(void); |
10209 |
extern struct exec_domain default_exec_domain; |
10210 |
|
10211 |
union thread_union { |
10212 |
@@ -64347,7 +64244,7 @@ index 1c4f3e9..342eb1f 100644 |
10213 |
unsigned long stack[THREAD_SIZE/sizeof(long)]; |
10214 |
}; |
10215 |
|
10216 |
-@@ -2114,6 +2208,7 @@ extern struct pid_namespace init_pid_ns; |
10217 |
+@@ -2122,6 +2216,7 @@ extern struct pid_namespace init_pid_ns; |
10218 |
*/ |
10219 |
|
10220 |
extern struct task_struct *find_task_by_vpid(pid_t nr); |
10221 |
@@ -64355,7 +64252,7 @@ index 1c4f3e9..342eb1f 100644 |
10222 |
extern struct task_struct *find_task_by_pid_ns(pid_t nr, |
10223 |
struct pid_namespace *ns); |
10224 |
|
10225 |
-@@ -2235,6 +2330,12 @@ static inline void mmdrop(struct mm_struct * mm) |
10226 |
+@@ -2243,6 +2338,12 @@ static inline void mmdrop(struct mm_struct * mm) |
10227 |
extern void mmput(struct mm_struct *); |
10228 |
/* Grab a reference to a task's mm, if it is not already going away */ |
10229 |
extern struct mm_struct *get_task_mm(struct task_struct *task); |
10230 |
@@ -64368,7 +64265,7 @@ index 1c4f3e9..342eb1f 100644 |
10231 |
/* Remove the current tasks stale references to the old mm_struct */ |
10232 |
extern void mm_release(struct task_struct *, struct mm_struct *); |
10233 |
/* Allocate a new mm structure and copy contents from tsk->mm */ |
10234 |
-@@ -2251,7 +2352,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
10235 |
+@@ -2259,7 +2360,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
10236 |
extern void exit_itimers(struct signal_struct *); |
10237 |
extern void flush_itimer_signals(void); |
10238 |
|
10239 |
@@ -64377,7 +64274,7 @@ index 1c4f3e9..342eb1f 100644 |
10240 |
|
10241 |
extern void daemonize(const char *, ...); |
10242 |
extern int allow_signal(int); |
10243 |
-@@ -2416,13 +2517,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
10244 |
+@@ -2424,9 +2525,9 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
10245 |
|
10246 |
#endif |
10247 |
|
10248 |
@@ -64389,14 +64286,6 @@ index 1c4f3e9..342eb1f 100644 |
10249 |
|
10250 |
return (obj >= stack) && (obj < (stack + THREAD_SIZE)); |
10251 |
} |
10252 |
- |
10253 |
-+#ifdef CONFIG_PAX_USERCOPY |
10254 |
-+extern int object_is_on_stack(const void *obj, unsigned long len); |
10255 |
-+#endif |
10256 |
-+ |
10257 |
- extern void thread_info_cache_init(void); |
10258 |
- |
10259 |
- #ifdef CONFIG_DEBUG_STACK_USAGE |
10260 |
diff --git a/include/linux/screen_info.h b/include/linux/screen_info.h |
10261 |
index 899fbb4..1cb4138 100644 |
10262 |
--- a/include/linux/screen_info.h |
10263 |
@@ -64461,10 +64350,10 @@ index 92808b8..c28cac4 100644 |
10264 |
|
10265 |
/* shm_mode upper byte flags */ |
10266 |
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
10267 |
-index bdb4590..961638c 100644 |
10268 |
+index 53dc7e7..bb5915f 100644 |
10269 |
--- a/include/linux/skbuff.h |
10270 |
+++ b/include/linux/skbuff.h |
10271 |
-@@ -643,7 +643,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) |
10272 |
+@@ -640,7 +640,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) |
10273 |
*/ |
10274 |
static inline int skb_queue_empty(const struct sk_buff_head *list) |
10275 |
{ |
10276 |
@@ -64473,7 +64362,7 @@ index bdb4590..961638c 100644 |
10277 |
} |
10278 |
|
10279 |
/** |
10280 |
-@@ -656,7 +656,7 @@ static inline int skb_queue_empty(const struct sk_buff_head *list) |
10281 |
+@@ -653,7 +653,7 @@ static inline int skb_queue_empty(const struct sk_buff_head *list) |
10282 |
static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
10283 |
const struct sk_buff *skb) |
10284 |
{ |
10285 |
@@ -64482,7 +64371,7 @@ index bdb4590..961638c 100644 |
10286 |
} |
10287 |
|
10288 |
/** |
10289 |
-@@ -669,7 +669,7 @@ static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
10290 |
+@@ -666,7 +666,7 @@ static inline bool skb_queue_is_last(const struct sk_buff_head *list, |
10291 |
static inline bool skb_queue_is_first(const struct sk_buff_head *list, |
10292 |
const struct sk_buff *skb) |
10293 |
{ |
10294 |
@@ -64491,7 +64380,7 @@ index bdb4590..961638c 100644 |
10295 |
} |
10296 |
|
10297 |
/** |
10298 |
-@@ -1546,7 +1546,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
10299 |
+@@ -1543,7 +1543,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
10300 |
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) |
10301 |
*/ |
10302 |
#ifndef NET_SKB_PAD |
10303 |
@@ -64501,7 +64390,7 @@ index bdb4590..961638c 100644 |
10304 |
|
10305 |
extern int ___pskb_trim(struct sk_buff *skb, unsigned int len); |
10306 |
diff --git a/include/linux/slab.h b/include/linux/slab.h |
10307 |
-index 573c809..07e1f43 100644 |
10308 |
+index 573c809..a6e62c9 100644 |
10309 |
--- a/include/linux/slab.h |
10310 |
+++ b/include/linux/slab.h |
10311 |
@@ -11,12 +11,20 @@ |
10312 |
@@ -64516,7 +64405,7 @@ index 573c809..07e1f43 100644 |
10313 |
*/ |
10314 |
#define SLAB_DEBUG_FREE 0x00000100UL /* DEBUG: Perform (expensive) checks on free */ |
10315 |
+ |
10316 |
-+#ifdef CONFIG_PAX_USERCOPY |
10317 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10318 |
+#define SLAB_USERCOPY 0x00000200UL /* PaX: Allow copying objs to/from userland */ |
10319 |
+#else |
10320 |
+#define SLAB_USERCOPY 0x00000000UL |
10321 |
@@ -64542,7 +64431,7 @@ index 573c809..07e1f43 100644 |
10322 |
|
10323 |
/* |
10324 |
* struct kmem_cache related prototypes |
10325 |
-@@ -156,11 +167,12 @@ unsigned int kmem_cache_size(struct kmem_cache *); |
10326 |
+@@ -156,11 +167,13 @@ unsigned int kmem_cache_size(struct kmem_cache *); |
10327 |
/* |
10328 |
* Common kmalloc functions provided by all allocators |
10329 |
*/ |
10330 |
@@ -64553,11 +64442,12 @@ index 573c809..07e1f43 100644 |
10331 |
void kfree(const void *); |
10332 |
void kzfree(const void *); |
10333 |
size_t ksize(const void *); |
10334 |
-+void check_object_size(const void *ptr, unsigned long n, bool to); |
10335 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to); |
10336 |
++bool is_usercopy_object(const void *ptr); |
10337 |
|
10338 |
/* |
10339 |
* Allocator specific definitions. These are mainly used to establish optimized |
10340 |
-@@ -287,7 +299,7 @@ static inline void *kmem_cache_alloc_node(struct kmem_cache *cachep, |
10341 |
+@@ -287,7 +300,7 @@ static inline void *kmem_cache_alloc_node(struct kmem_cache *cachep, |
10342 |
*/ |
10343 |
#if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) || \ |
10344 |
(defined(CONFIG_SLAB) && defined(CONFIG_TRACING)) |
10345 |
@@ -64566,7 +64456,7 @@ index 573c809..07e1f43 100644 |
10346 |
#define kmalloc_track_caller(size, flags) \ |
10347 |
__kmalloc_track_caller(size, flags, _RET_IP_) |
10348 |
#else |
10349 |
-@@ -306,7 +318,7 @@ extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long); |
10350 |
+@@ -306,7 +319,7 @@ extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long); |
10351 |
*/ |
10352 |
#if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) || \ |
10353 |
(defined(CONFIG_SLAB) && defined(CONFIG_TRACING)) |
10354 |
@@ -64576,7 +64466,7 @@ index 573c809..07e1f43 100644 |
10355 |
__kmalloc_node_track_caller(size, flags, node, \ |
10356 |
_RET_IP_) |
10357 |
diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h |
10358 |
-index d00e0ba..d61fb1f 100644 |
10359 |
+index d00e0ba..f75c968 100644 |
10360 |
--- a/include/linux/slab_def.h |
10361 |
+++ b/include/linux/slab_def.h |
10362 |
@@ -68,10 +68,10 @@ struct kmem_cache { |
10363 |
@@ -64594,7 +64484,16 @@ index d00e0ba..d61fb1f 100644 |
10364 |
|
10365 |
/* |
10366 |
* If debugging is enabled, then the allocator can add additional |
10367 |
-@@ -109,7 +109,7 @@ struct cache_sizes { |
10368 |
+@@ -105,11 +105,16 @@ struct cache_sizes { |
10369 |
+ #ifdef CONFIG_ZONE_DMA |
10370 |
+ struct kmem_cache *cs_dmacachep; |
10371 |
+ #endif |
10372 |
++ |
10373 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10374 |
++ struct kmem_cache *cs_usercopycachep; |
10375 |
++#endif |
10376 |
++ |
10377 |
+ }; |
10378 |
extern struct cache_sizes malloc_sizes[]; |
10379 |
|
10380 |
void *kmem_cache_alloc(struct kmem_cache *, gfp_t); |
10381 |
@@ -64603,7 +64502,7 @@ index d00e0ba..d61fb1f 100644 |
10382 |
|
10383 |
#ifdef CONFIG_TRACING |
10384 |
extern void *kmem_cache_alloc_trace(size_t size, |
10385 |
-@@ -127,6 +127,7 @@ static inline size_t slab_buffer_size(struct kmem_cache *cachep) |
10386 |
+@@ -127,6 +132,7 @@ static inline size_t slab_buffer_size(struct kmem_cache *cachep) |
10387 |
} |
10388 |
#endif |
10389 |
|
10390 |
@@ -64611,7 +64510,21 @@ index d00e0ba..d61fb1f 100644 |
10391 |
static __always_inline void *kmalloc(size_t size, gfp_t flags) |
10392 |
{ |
10393 |
struct kmem_cache *cachep; |
10394 |
-@@ -162,7 +163,7 @@ found: |
10395 |
+@@ -152,6 +158,13 @@ found: |
10396 |
+ cachep = malloc_sizes[i].cs_dmacachep; |
10397 |
+ else |
10398 |
+ #endif |
10399 |
++ |
10400 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10401 |
++ if (flags & GFP_USERCOPY) |
10402 |
++ cachep = malloc_sizes[i].cs_usercopycachep; |
10403 |
++ else |
10404 |
++#endif |
10405 |
++ |
10406 |
+ cachep = malloc_sizes[i].cs_cachep; |
10407 |
+ |
10408 |
+ ret = kmem_cache_alloc_trace(size, cachep, flags); |
10409 |
+@@ -162,7 +175,7 @@ found: |
10410 |
} |
10411 |
|
10412 |
#ifdef CONFIG_NUMA |
10413 |
@@ -64620,7 +64533,7 @@ index d00e0ba..d61fb1f 100644 |
10414 |
extern void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node); |
10415 |
|
10416 |
#ifdef CONFIG_TRACING |
10417 |
-@@ -181,6 +182,7 @@ kmem_cache_alloc_node_trace(size_t size, |
10418 |
+@@ -181,6 +194,7 @@ kmem_cache_alloc_node_trace(size_t size, |
10419 |
} |
10420 |
#endif |
10421 |
|
10422 |
@@ -64628,6 +64541,20 @@ index d00e0ba..d61fb1f 100644 |
10423 |
static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node) |
10424 |
{ |
10425 |
struct kmem_cache *cachep; |
10426 |
+@@ -205,6 +219,13 @@ found: |
10427 |
+ cachep = malloc_sizes[i].cs_dmacachep; |
10428 |
+ else |
10429 |
+ #endif |
10430 |
++ |
10431 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10432 |
++ if (flags & GFP_USERCOPY) |
10433 |
++ cachep = malloc_sizes[i].cs_usercopycachep; |
10434 |
++ else |
10435 |
++#endif |
10436 |
++ |
10437 |
+ cachep = malloc_sizes[i].cs_cachep; |
10438 |
+ |
10439 |
+ return kmem_cache_alloc_node_trace(size, cachep, flags, node); |
10440 |
diff --git a/include/linux/slob_def.h b/include/linux/slob_def.h |
10441 |
index 0ec00b3..65e7e0e 100644 |
10442 |
--- a/include/linux/slob_def.h |
10443 |
@@ -66182,7 +66109,7 @@ index 2531811..040d4d4 100644 |
10444 |
next_state = Reset; |
10445 |
return 0; |
10446 |
diff --git a/init/main.c b/init/main.c |
10447 |
-index cb08fea2..f5b850d 100644 |
10448 |
+index cb08fea2..e9a9598 100644 |
10449 |
--- a/init/main.c |
10450 |
+++ b/init/main.c |
10451 |
@@ -96,6 +96,8 @@ static inline void mark_rodata_ro(void) { } |
10452 |
@@ -66272,7 +66199,39 @@ index cb08fea2..f5b850d 100644 |
10453 |
} |
10454 |
|
10455 |
return ret; |
10456 |
-@@ -821,7 +867,7 @@ static int __init kernel_init(void * unused) |
10457 |
+@@ -711,8 +757,14 @@ static void __init do_initcalls(void) |
10458 |
+ { |
10459 |
+ initcall_t *fn; |
10460 |
+ |
10461 |
+- for (fn = __early_initcall_end; fn < __initcall_end; fn++) |
10462 |
++ for (fn = __early_initcall_end; fn < __initcall_end; fn++) { |
10463 |
+ do_one_initcall(*fn); |
10464 |
++ |
10465 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
10466 |
++ transfer_latent_entropy(); |
10467 |
++#endif |
10468 |
++ |
10469 |
++ } |
10470 |
+ } |
10471 |
+ |
10472 |
+ /* |
10473 |
+@@ -738,8 +790,14 @@ static void __init do_pre_smp_initcalls(void) |
10474 |
+ { |
10475 |
+ initcall_t *fn; |
10476 |
+ |
10477 |
+- for (fn = __initcall_start; fn < __early_initcall_end; fn++) |
10478 |
++ for (fn = __initcall_start; fn < __early_initcall_end; fn++) { |
10479 |
+ do_one_initcall(*fn); |
10480 |
++ |
10481 |
++#ifdef CONFIG_PAX_LATENT_ENTROPY |
10482 |
++ transfer_latent_entropy(); |
10483 |
++#endif |
10484 |
++ |
10485 |
++ } |
10486 |
+ } |
10487 |
+ |
10488 |
+ static void run_init_process(const char *init_filename) |
10489 |
+@@ -821,7 +879,7 @@ static int __init kernel_init(void * unused) |
10490 |
do_basic_setup(); |
10491 |
|
10492 |
/* Open the /dev/console on the rootfs, this should never fail */ |
10493 |
@@ -66281,7 +66240,7 @@ index cb08fea2..f5b850d 100644 |
10494 |
printk(KERN_WARNING "Warning: unable to open an initial console.\n"); |
10495 |
|
10496 |
(void) sys_dup(0); |
10497 |
-@@ -834,11 +880,13 @@ static int __init kernel_init(void * unused) |
10498 |
+@@ -834,11 +892,13 @@ static int __init kernel_init(void * unused) |
10499 |
if (!ramdisk_execute_command) |
10500 |
ramdisk_execute_command = "/init"; |
10501 |
|
10502 |
@@ -67635,18 +67594,18 @@ index 9b22d03..6295b62 100644 |
10503 |
prev->next = info->next; |
10504 |
else |
10505 |
diff --git a/kernel/hrtimer.c b/kernel/hrtimer.c |
10506 |
-index ae34bf5..4e2f3d0 100644 |
10507 |
+index 6db7a5e..25b6648 100644 |
10508 |
--- a/kernel/hrtimer.c |
10509 |
+++ b/kernel/hrtimer.c |
10510 |
-@@ -1393,7 +1393,7 @@ void hrtimer_peek_ahead_timers(void) |
10511 |
+@@ -1407,7 +1407,7 @@ void hrtimer_peek_ahead_timers(void) |
10512 |
local_irq_restore(flags); |
10513 |
} |
10514 |
|
10515 |
-static void run_hrtimer_softirq(struct softirq_action *h) |
10516 |
+static void run_hrtimer_softirq(void) |
10517 |
{ |
10518 |
- hrtimer_peek_ahead_timers(); |
10519 |
- } |
10520 |
+ struct hrtimer_cpu_base *cpu_base = &__get_cpu_var(hrtimer_bases); |
10521 |
+ |
10522 |
diff --git a/kernel/jump_label.c b/kernel/jump_label.c |
10523 |
index 66ff710..794bc5a 100644 |
10524 |
--- a/kernel/jump_label.c |
10525 |
@@ -69889,10 +69848,10 @@ index 3d9f31c..7fefc9e 100644 |
10526 |
|
10527 |
default: |
10528 |
diff --git a/kernel/sched.c b/kernel/sched.c |
10529 |
-index 576a27f..b8f518c 100644 |
10530 |
+index 52ac69b..b102f7f 100644 |
10531 |
--- a/kernel/sched.c |
10532 |
+++ b/kernel/sched.c |
10533 |
-@@ -5097,6 +5097,8 @@ int can_nice(const struct task_struct *p, const int nice) |
10534 |
+@@ -5227,6 +5227,8 @@ int can_nice(const struct task_struct *p, const int nice) |
10535 |
/* convert nice value [19,-20] to rlimit style value [1,40] */ |
10536 |
int nice_rlim = 20 - nice; |
10537 |
|
10538 |
@@ -69901,7 +69860,7 @@ index 576a27f..b8f518c 100644 |
10539 |
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) || |
10540 |
capable(CAP_SYS_NICE)); |
10541 |
} |
10542 |
-@@ -5130,7 +5132,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
10543 |
+@@ -5260,7 +5262,8 @@ SYSCALL_DEFINE1(nice, int, increment) |
10544 |
if (nice > 19) |
10545 |
nice = 19; |
10546 |
|
10547 |
@@ -69911,7 +69870,7 @@ index 576a27f..b8f518c 100644 |
10548 |
return -EPERM; |
10549 |
|
10550 |
retval = security_task_setnice(current, nice); |
10551 |
-@@ -5287,6 +5290,7 @@ recheck: |
10552 |
+@@ -5417,6 +5420,7 @@ recheck: |
10553 |
unsigned long rlim_rtprio = |
10554 |
task_rlimit(p, RLIMIT_RTPRIO); |
10555 |
|
10556 |
@@ -70706,7 +70665,7 @@ index fd4a7b1..fae5c2a 100644 |
10557 |
cpumask_clear_cpu(cpu, tick_get_broadcast_mask()); |
10558 |
tick_broadcast_clear_oneshot(cpu); |
10559 |
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c |
10560 |
-index 2378413..be455fd 100644 |
10561 |
+index 03e67d4..21ae77b 100644 |
10562 |
--- a/kernel/time/timekeeping.c |
10563 |
+++ b/kernel/time/timekeeping.c |
10564 |
@@ -14,6 +14,7 @@ |
10565 |
@@ -70717,7 +70676,7 @@ index 2378413..be455fd 100644 |
10566 |
#include <linux/syscore_ops.h> |
10567 |
#include <linux/clocksource.h> |
10568 |
#include <linux/jiffies.h> |
10569 |
-@@ -365,6 +366,8 @@ int do_settimeofday(const struct timespec *tv) |
10570 |
+@@ -385,6 +386,8 @@ int do_settimeofday(const struct timespec *tv) |
10571 |
if ((unsigned long)tv->tv_nsec >= NSEC_PER_SEC) |
10572 |
return -EINVAL; |
10573 |
|
10574 |
@@ -71576,10 +71535,10 @@ index 8f005e9..1cb1036 100644 |
10575 |
/* if an huge pmd materialized from under us just retry later */ |
10576 |
if (unlikely(pmd_trans_huge(*pmd))) |
10577 |
diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
10578 |
-index 5f5c545..c8312c8 100644 |
10579 |
+index 7c535b0..1a2d14f 100644 |
10580 |
--- a/mm/hugetlb.c |
10581 |
+++ b/mm/hugetlb.c |
10582 |
-@@ -2356,6 +2356,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
10583 |
+@@ -2435,6 +2435,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
10584 |
return 1; |
10585 |
} |
10586 |
|
10587 |
@@ -71607,7 +71566,7 @@ index 5f5c545..c8312c8 100644 |
10588 |
/* |
10589 |
* Hugetlb_cow() should be called with page lock of the original hugepage held. |
10590 |
*/ |
10591 |
-@@ -2458,6 +2479,11 @@ retry_avoidcopy: |
10592 |
+@@ -2537,6 +2558,11 @@ retry_avoidcopy: |
10593 |
make_huge_pte(vma, new_page, 1)); |
10594 |
page_remove_rmap(old_page); |
10595 |
hugepage_add_new_anon_rmap(new_page, vma, address); |
10596 |
@@ -71619,7 +71578,7 @@ index 5f5c545..c8312c8 100644 |
10597 |
/* Make the old page be freed below */ |
10598 |
new_page = old_page; |
10599 |
mmu_notifier_invalidate_range_end(mm, |
10600 |
-@@ -2609,6 +2635,10 @@ retry: |
10601 |
+@@ -2688,6 +2714,10 @@ retry: |
10602 |
&& (vma->vm_flags & VM_SHARED))); |
10603 |
set_huge_pte_at(mm, address, ptep, new_pte); |
10604 |
|
10605 |
@@ -71630,7 +71589,7 @@ index 5f5c545..c8312c8 100644 |
10606 |
if ((flags & FAULT_FLAG_WRITE) && !(vma->vm_flags & VM_SHARED)) { |
10607 |
/* Optimization, do the COW without a second fault */ |
10608 |
ret = hugetlb_cow(mm, vma, address, ptep, new_pte, page); |
10609 |
-@@ -2638,6 +2668,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
10610 |
+@@ -2717,6 +2747,10 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
10611 |
static DEFINE_MUTEX(hugetlb_instantiation_mutex); |
10612 |
struct hstate *h = hstate_vma(vma); |
10613 |
|
10614 |
@@ -71641,7 +71600,7 @@ index 5f5c545..c8312c8 100644 |
10615 |
ptep = huge_pte_offset(mm, address); |
10616 |
if (ptep) { |
10617 |
entry = huge_ptep_get(ptep); |
10618 |
-@@ -2649,6 +2683,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
10619 |
+@@ -2728,6 +2762,26 @@ int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
10620 |
VM_FAULT_SET_HINDEX(h - hstates); |
10621 |
} |
10622 |
|
10623 |
@@ -72629,7 +72588,7 @@ index 177aca4..ab3a744 100644 |
10624 |
err = -EPERM; |
10625 |
goto out; |
10626 |
diff --git a/mm/mlock.c b/mm/mlock.c |
10627 |
-index 4f4f53b..9511904 100644 |
10628 |
+index 4f4f53b..de8e432 100644 |
10629 |
--- a/mm/mlock.c |
10630 |
+++ b/mm/mlock.c |
10631 |
@@ -13,6 +13,7 @@ |
10632 |
@@ -72640,6 +72599,15 @@ index 4f4f53b..9511904 100644 |
10633 |
#include <linux/sched.h> |
10634 |
#include <linux/export.h> |
10635 |
#include <linux/rmap.h> |
10636 |
+@@ -376,7 +377,7 @@ static int do_mlock(unsigned long start, size_t len, int on) |
10637 |
+ { |
10638 |
+ unsigned long nstart, end, tmp; |
10639 |
+ struct vm_area_struct * vma, * prev; |
10640 |
+- int error; |
10641 |
++ int error = 0; |
10642 |
+ |
10643 |
+ VM_BUG_ON(start & ~PAGE_MASK); |
10644 |
+ VM_BUG_ON(len != PAGE_ALIGN(len)); |
10645 |
@@ -385,6 +386,9 @@ static int do_mlock(unsigned long start, size_t len, int on) |
10646 |
return -EINVAL; |
10647 |
if (end == start) |
10648 |
@@ -74723,7 +74691,7 @@ index 7a82174..75d1c8b 100644 |
10649 |
return -ENOMEM; |
10650 |
|
10651 |
diff --git a/mm/slab.c b/mm/slab.c |
10652 |
-index 83311c9a..fcf8f86 100644 |
10653 |
+index 83311c9a..2449631 100644 |
10654 |
--- a/mm/slab.c |
10655 |
+++ b/mm/slab.c |
10656 |
@@ -151,7 +151,7 @@ |
10657 |
@@ -74777,16 +74745,36 @@ index 83311c9a..fcf8f86 100644 |
10658 |
{ |
10659 |
u32 offset = (obj - slab->s_mem); |
10660 |
return reciprocal_divide(offset, cache->reciprocal_buffer_size); |
10661 |
-@@ -564,7 +564,7 @@ struct cache_names { |
10662 |
+@@ -559,12 +559,13 @@ EXPORT_SYMBOL(malloc_sizes); |
10663 |
+ struct cache_names { |
10664 |
+ char *name; |
10665 |
+ char *name_dma; |
10666 |
++ char *name_usercopy; |
10667 |
+ }; |
10668 |
+ |
10669 |
static struct cache_names __initdata cache_names[] = { |
10670 |
- #define CACHE(x) { .name = "size-" #x, .name_dma = "size-" #x "(DMA)" }, |
10671 |
+-#define CACHE(x) { .name = "size-" #x, .name_dma = "size-" #x "(DMA)" }, |
10672 |
++#define CACHE(x) { .name = "size-" #x, .name_dma = "size-" #x "(DMA)", .name_usercopy = "size-" #x "(USERCOPY)" }, |
10673 |
#include <linux/kmalloc_sizes.h> |
10674 |
- {NULL,} |
10675 |
+ {NULL} |
10676 |
#undef CACHE |
10677 |
}; |
10678 |
|
10679 |
-@@ -1572,7 +1572,7 @@ void __init kmem_cache_init(void) |
10680 |
+@@ -752,6 +753,12 @@ static inline struct kmem_cache *__find_general_cachep(size_t size, |
10681 |
+ if (unlikely(gfpflags & GFP_DMA)) |
10682 |
+ return csizep->cs_dmacachep; |
10683 |
+ #endif |
10684 |
++ |
10685 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10686 |
++ if (unlikely(gfpflags & GFP_USERCOPY)) |
10687 |
++ return csizep->cs_usercopycachep; |
10688 |
++#endif |
10689 |
++ |
10690 |
+ return csizep->cs_cachep; |
10691 |
+ } |
10692 |
+ |
10693 |
+@@ -1572,7 +1579,7 @@ void __init kmem_cache_init(void) |
10694 |
sizes[INDEX_AC].cs_cachep = kmem_cache_create(names[INDEX_AC].name, |
10695 |
sizes[INDEX_AC].cs_size, |
10696 |
ARCH_KMALLOC_MINALIGN, |
10697 |
@@ -74795,7 +74783,7 @@ index 83311c9a..fcf8f86 100644 |
10698 |
NULL); |
10699 |
|
10700 |
if (INDEX_AC != INDEX_L3) { |
10701 |
-@@ -1580,7 +1580,7 @@ void __init kmem_cache_init(void) |
10702 |
+@@ -1580,7 +1587,7 @@ void __init kmem_cache_init(void) |
10703 |
kmem_cache_create(names[INDEX_L3].name, |
10704 |
sizes[INDEX_L3].cs_size, |
10705 |
ARCH_KMALLOC_MINALIGN, |
10706 |
@@ -74804,7 +74792,7 @@ index 83311c9a..fcf8f86 100644 |
10707 |
NULL); |
10708 |
} |
10709 |
|
10710 |
-@@ -1598,7 +1598,7 @@ void __init kmem_cache_init(void) |
10711 |
+@@ -1598,7 +1605,7 @@ void __init kmem_cache_init(void) |
10712 |
sizes->cs_cachep = kmem_cache_create(names->name, |
10713 |
sizes->cs_size, |
10714 |
ARCH_KMALLOC_MINALIGN, |
10715 |
@@ -74813,7 +74801,24 @@ index 83311c9a..fcf8f86 100644 |
10716 |
NULL); |
10717 |
} |
10718 |
#ifdef CONFIG_ZONE_DMA |
10719 |
-@@ -4322,10 +4322,10 @@ static int s_show(struct seq_file *m, void *p) |
10720 |
+@@ -1610,6 +1617,16 @@ void __init kmem_cache_init(void) |
10721 |
+ SLAB_PANIC, |
10722 |
+ NULL); |
10723 |
+ #endif |
10724 |
++ |
10725 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10726 |
++ sizes->cs_usercopycachep = kmem_cache_create( |
10727 |
++ names->name_usercopy, |
10728 |
++ sizes->cs_size, |
10729 |
++ ARCH_KMALLOC_MINALIGN, |
10730 |
++ ARCH_KMALLOC_FLAGS|SLAB_PANIC|SLAB_USERCOPY, |
10731 |
++ NULL); |
10732 |
++#endif |
10733 |
++ |
10734 |
+ sizes++; |
10735 |
+ names++; |
10736 |
+ } |
10737 |
+@@ -4322,10 +4339,10 @@ static int s_show(struct seq_file *m, void *p) |
10738 |
} |
10739 |
/* cpu stats */ |
10740 |
{ |
10741 |
@@ -74828,7 +74833,7 @@ index 83311c9a..fcf8f86 100644 |
10742 |
|
10743 |
seq_printf(m, " : cpustat %6lu %6lu %6lu %6lu", |
10744 |
allochit, allocmiss, freehit, freemiss); |
10745 |
-@@ -4584,13 +4584,62 @@ static int __init slab_proc_init(void) |
10746 |
+@@ -4584,13 +4601,68 @@ static int __init slab_proc_init(void) |
10747 |
{ |
10748 |
proc_create("slabinfo",S_IWUSR|S_IRUSR,NULL,&proc_slabinfo_operations); |
10749 |
#ifdef CONFIG_DEBUG_SLAB_LEAK |
10750 |
@@ -74840,60 +74845,66 @@ index 83311c9a..fcf8f86 100644 |
10751 |
module_init(slab_proc_init); |
10752 |
#endif |
10753 |
|
10754 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
10755 |
++bool is_usercopy_object(const void *ptr) |
10756 |
+{ |
10757 |
++ struct page *page; |
10758 |
++ struct kmem_cache *cachep; |
10759 |
++ |
10760 |
++ if (ZERO_OR_NULL_PTR(ptr)) |
10761 |
++ return false; |
10762 |
++ |
10763 |
++ if (!virt_addr_valid(ptr)) |
10764 |
++ return false; |
10765 |
++ |
10766 |
++ page = virt_to_head_page(ptr); |
10767 |
++ |
10768 |
++ if (!PageSlab(page)) |
10769 |
++ return false; |
10770 |
++ |
10771 |
++ cachep = page_get_cache(page); |
10772 |
++ return cachep->flags & SLAB_USERCOPY; |
10773 |
++} |
10774 |
+ |
10775 |
+#ifdef CONFIG_PAX_USERCOPY |
10776 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
10777 |
++{ |
10778 |
+ struct page *page; |
10779 |
-+ struct kmem_cache *cachep = NULL; |
10780 |
++ struct kmem_cache *cachep; |
10781 |
+ struct slab *slabp; |
10782 |
+ unsigned int objnr; |
10783 |
+ unsigned long offset; |
10784 |
-+ const char *type; |
10785 |
-+ |
10786 |
-+ if (!n) |
10787 |
-+ return; |
10788 |
+ |
10789 |
-+ type = "<null>"; |
10790 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
10791 |
-+ goto report; |
10792 |
++ return "<null>"; |
10793 |
+ |
10794 |
+ if (!virt_addr_valid(ptr)) |
10795 |
-+ return; |
10796 |
++ return NULL; |
10797 |
+ |
10798 |
+ page = virt_to_head_page(ptr); |
10799 |
+ |
10800 |
-+ type = "<process stack>"; |
10801 |
-+ if (!PageSlab(page)) { |
10802 |
-+ if (object_is_on_stack(ptr, n) == -1) |
10803 |
-+ goto report; |
10804 |
-+ return; |
10805 |
-+ } |
10806 |
++ if (!PageSlab(page)) |
10807 |
++ return NULL; |
10808 |
+ |
10809 |
+ cachep = page_get_cache(page); |
10810 |
-+ type = cachep->name; |
10811 |
+ if (!(cachep->flags & SLAB_USERCOPY)) |
10812 |
-+ goto report; |
10813 |
++ return cachep->name; |
10814 |
+ |
10815 |
+ slabp = page_get_slab(page); |
10816 |
+ objnr = obj_to_index(cachep, slabp, ptr); |
10817 |
+ BUG_ON(objnr >= cachep->num); |
10818 |
+ offset = ptr - index_to_obj(cachep, slabp, objnr) - obj_offset(cachep); |
10819 |
+ if (offset <= obj_size(cachep) && n <= obj_size(cachep) - offset) |
10820 |
-+ return; |
10821 |
-+ |
10822 |
-+report: |
10823 |
-+ pax_report_usercopy(ptr, n, to, type); |
10824 |
-+#endif |
10825 |
++ return NULL; |
10826 |
+ |
10827 |
++ return cachep->name; |
10828 |
+} |
10829 |
-+EXPORT_SYMBOL(check_object_size); |
10830 |
++#endif |
10831 |
+ |
10832 |
/** |
10833 |
* ksize - get the actual amount of memory allocated for a given object |
10834 |
* @objp: Pointer to the object |
10835 |
diff --git a/mm/slob.c b/mm/slob.c |
10836 |
-index 8105be4..e045f96 100644 |
10837 |
+index 8105be4..3c15e57 100644 |
10838 |
--- a/mm/slob.c |
10839 |
+++ b/mm/slob.c |
10840 |
@@ -29,7 +29,7 @@ |
10841 |
@@ -75044,7 +75055,7 @@ index 8105be4..e045f96 100644 |
10842 |
return ret; |
10843 |
} |
10844 |
EXPORT_SYMBOL(__kmalloc_node); |
10845 |
-@@ -533,13 +547,92 @@ void kfree(const void *block) |
10846 |
+@@ -533,13 +547,83 @@ void kfree(const void *block) |
10847 |
sp = slob_page(block); |
10848 |
if (is_slob_page(sp)) { |
10849 |
int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); |
10850 |
@@ -75062,40 +75073,34 @@ index 8105be4..e045f96 100644 |
10851 |
} |
10852 |
EXPORT_SYMBOL(kfree); |
10853 |
|
10854 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
10855 |
++bool is_usercopy_object(const void *ptr) |
10856 |
+{ |
10857 |
++ return false; |
10858 |
++} |
10859 |
+ |
10860 |
+#ifdef CONFIG_PAX_USERCOPY |
10861 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
10862 |
++{ |
10863 |
+ struct slob_page *sp; |
10864 |
+ const slob_t *free; |
10865 |
+ const void *base; |
10866 |
+ unsigned long flags; |
10867 |
-+ const char *type; |
10868 |
-+ |
10869 |
-+ if (!n) |
10870 |
-+ return; |
10871 |
+ |
10872 |
-+ type = "<null>"; |
10873 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
10874 |
-+ goto report; |
10875 |
++ return "<null>"; |
10876 |
+ |
10877 |
+ if (!virt_addr_valid(ptr)) |
10878 |
-+ return; |
10879 |
++ return NULL; |
10880 |
+ |
10881 |
-+ type = "<process stack>"; |
10882 |
+ sp = slob_page(ptr); |
10883 |
-+ if (!PageSlab((struct page *)sp)) { |
10884 |
-+ if (object_is_on_stack(ptr, n) == -1) |
10885 |
-+ goto report; |
10886 |
-+ return; |
10887 |
-+ } |
10888 |
++ if (!PageSlab((struct page *)sp)) |
10889 |
++ return NULL; |
10890 |
+ |
10891 |
-+ type = "<slob>"; |
10892 |
+ if (sp->size) { |
10893 |
+ base = page_address(&sp->page); |
10894 |
+ if (base <= ptr && n <= sp->size - (ptr - base)) |
10895 |
-+ return; |
10896 |
-+ goto report; |
10897 |
++ return NULL; |
10898 |
++ return "<slob>"; |
10899 |
+ } |
10900 |
+ |
10901 |
+ /* some tricky double walking to find the chunk */ |
10902 |
@@ -75126,21 +75131,18 @@ index 8105be4..e045f96 100644 |
10903 |
+ break; |
10904 |
+ |
10905 |
+ spin_unlock_irqrestore(&slob_lock, flags); |
10906 |
-+ return; |
10907 |
++ return NULL; |
10908 |
+ } |
10909 |
+ |
10910 |
+ spin_unlock_irqrestore(&slob_lock, flags); |
10911 |
-+report: |
10912 |
-+ pax_report_usercopy(ptr, n, to, type); |
10913 |
-+#endif |
10914 |
-+ |
10915 |
++ return "<slob>"; |
10916 |
+} |
10917 |
-+EXPORT_SYMBOL(check_object_size); |
10918 |
++#endif |
10919 |
+ |
10920 |
/* can't use ksize for kmem_cache_alloc memory, only kmalloc */ |
10921 |
size_t ksize(const void *block) |
10922 |
{ |
10923 |
-@@ -552,10 +645,10 @@ size_t ksize(const void *block) |
10924 |
+@@ -552,10 +636,10 @@ size_t ksize(const void *block) |
10925 |
sp = slob_page(block); |
10926 |
if (is_slob_page(sp)) { |
10927 |
int align = max(ARCH_KMALLOC_MINALIGN, ARCH_SLAB_MINALIGN); |
10928 |
@@ -75154,11 +75156,11 @@ index 8105be4..e045f96 100644 |
10929 |
} |
10930 |
EXPORT_SYMBOL(ksize); |
10931 |
|
10932 |
-@@ -571,8 +664,13 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
10933 |
+@@ -571,8 +655,13 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
10934 |
{ |
10935 |
struct kmem_cache *c; |
10936 |
|
10937 |
-+#ifdef CONFIG_PAX_USERCOPY |
10938 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10939 |
+ c = __kmalloc_node_align(sizeof(struct kmem_cache), |
10940 |
+ GFP_KERNEL, -1, ARCH_KMALLOC_MINALIGN); |
10941 |
+#else |
10942 |
@@ -75168,11 +75170,11 @@ index 8105be4..e045f96 100644 |
10943 |
|
10944 |
if (c) { |
10945 |
c->name = name; |
10946 |
-@@ -614,17 +712,25 @@ void *kmem_cache_alloc_node(struct kmem_cache *c, gfp_t flags, int node) |
10947 |
+@@ -614,17 +703,25 @@ void *kmem_cache_alloc_node(struct kmem_cache *c, gfp_t flags, int node) |
10948 |
|
10949 |
lockdep_trace_alloc(flags); |
10950 |
|
10951 |
-+#ifdef CONFIG_PAX_USERCOPY |
10952 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10953 |
+ b = __kmalloc_node_align(c->size, flags, node, c->align); |
10954 |
+#else |
10955 |
if (c->size < PAGE_SIZE) { |
10956 |
@@ -75194,7 +75196,7 @@ index 8105be4..e045f96 100644 |
10957 |
|
10958 |
if (c->ctor) |
10959 |
c->ctor(b); |
10960 |
-@@ -636,10 +742,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); |
10961 |
+@@ -636,10 +733,16 @@ EXPORT_SYMBOL(kmem_cache_alloc_node); |
10962 |
|
10963 |
static void __kmem_cache_free(void *b, int size) |
10964 |
{ |
10965 |
@@ -75213,13 +75215,13 @@ index 8105be4..e045f96 100644 |
10966 |
} |
10967 |
|
10968 |
static void kmem_rcu_free(struct rcu_head *head) |
10969 |
-@@ -652,17 +764,31 @@ static void kmem_rcu_free(struct rcu_head *head) |
10970 |
+@@ -652,17 +755,31 @@ static void kmem_rcu_free(struct rcu_head *head) |
10971 |
|
10972 |
void kmem_cache_free(struct kmem_cache *c, void *b) |
10973 |
{ |
10974 |
+ int size = c->size; |
10975 |
+ |
10976 |
-+#ifdef CONFIG_PAX_USERCOPY |
10977 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10978 |
+ if (size + c->align < PAGE_SIZE) { |
10979 |
+ size += c->align; |
10980 |
+ b -= c->align; |
10981 |
@@ -75239,7 +75241,7 @@ index 8105be4..e045f96 100644 |
10982 |
+ __kmem_cache_free(b, size); |
10983 |
} |
10984 |
|
10985 |
-+#ifdef CONFIG_PAX_USERCOPY |
10986 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
10987 |
+ trace_kfree(_RET_IP_, b); |
10988 |
+#else |
10989 |
trace_kmem_cache_free(_RET_IP_, b); |
10990 |
@@ -75249,7 +75251,7 @@ index 8105be4..e045f96 100644 |
10991 |
EXPORT_SYMBOL(kmem_cache_free); |
10992 |
|
10993 |
diff --git a/mm/slub.c b/mm/slub.c |
10994 |
-index af47188..ff84aee 100644 |
10995 |
+index af47188..9c2d9c0 100644 |
10996 |
--- a/mm/slub.c |
10997 |
+++ b/mm/slub.c |
10998 |
@@ -208,7 +208,7 @@ struct track { |
10999 |
@@ -75307,58 +75309,89 @@ index af47188..ff84aee 100644 |
11000 |
list_del(&s->list); |
11001 |
up_write(&slub_lock); |
11002 |
if (kmem_cache_close(s)) { |
11003 |
-@@ -3361,6 +3362,50 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) |
11004 |
+@@ -3179,6 +3180,10 @@ static struct kmem_cache *kmem_cache; |
11005 |
+ static struct kmem_cache *kmalloc_dma_caches[SLUB_PAGE_SHIFT]; |
11006 |
+ #endif |
11007 |
+ |
11008 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
11009 |
++static struct kmem_cache *kmalloc_usercopy_caches[SLUB_PAGE_SHIFT]; |
11010 |
++#endif |
11011 |
++ |
11012 |
+ static int __init setup_slub_min_order(char *str) |
11013 |
+ { |
11014 |
+ get_option(&str, &slub_min_order); |
11015 |
+@@ -3293,6 +3298,13 @@ static struct kmem_cache *get_slab(size_t size, gfp_t flags) |
11016 |
+ return kmalloc_dma_caches[index]; |
11017 |
+ |
11018 |
+ #endif |
11019 |
++ |
11020 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
11021 |
++ if (flags & SLAB_USERCOPY) |
11022 |
++ return kmalloc_usercopy_caches[index]; |
11023 |
++ |
11024 |
++#endif |
11025 |
++ |
11026 |
+ return kmalloc_caches[index]; |
11027 |
+ } |
11028 |
+ |
11029 |
+@@ -3361,6 +3373,56 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) |
11030 |
EXPORT_SYMBOL(__kmalloc_node); |
11031 |
#endif |
11032 |
|
11033 |
-+void check_object_size(const void *ptr, unsigned long n, bool to) |
11034 |
++bool is_usercopy_object(const void *ptr) |
11035 |
+{ |
11036 |
++ struct page *page; |
11037 |
++ struct kmem_cache *s; |
11038 |
++ |
11039 |
++ if (ZERO_OR_NULL_PTR(ptr)) |
11040 |
++ return false; |
11041 |
++ |
11042 |
++ if (!virt_addr_valid(ptr)) |
11043 |
++ return false; |
11044 |
++ |
11045 |
++ page = virt_to_head_page(ptr); |
11046 |
++ |
11047 |
++ if (!PageSlab(page)) |
11048 |
++ return false; |
11049 |
++ |
11050 |
++ s = page->slab; |
11051 |
++ return s->flags & SLAB_USERCOPY; |
11052 |
++} |
11053 |
+ |
11054 |
+#ifdef CONFIG_PAX_USERCOPY |
11055 |
++const char *check_heap_object(const void *ptr, unsigned long n, bool to) |
11056 |
++{ |
11057 |
+ struct page *page; |
11058 |
-+ struct kmem_cache *s = NULL; |
11059 |
++ struct kmem_cache *s; |
11060 |
+ unsigned long offset; |
11061 |
-+ const char *type; |
11062 |
+ |
11063 |
-+ if (!n) |
11064 |
-+ return; |
11065 |
-+ |
11066 |
-+ type = "<null>"; |
11067 |
+ if (ZERO_OR_NULL_PTR(ptr)) |
11068 |
-+ goto report; |
11069 |
++ return "<null>"; |
11070 |
+ |
11071 |
+ if (!virt_addr_valid(ptr)) |
11072 |
-+ return; |
11073 |
++ return NULL; |
11074 |
+ |
11075 |
+ page = virt_to_head_page(ptr); |
11076 |
+ |
11077 |
-+ type = "<process stack>"; |
11078 |
-+ if (!PageSlab(page)) { |
11079 |
-+ if (object_is_on_stack(ptr, n) == -1) |
11080 |
-+ goto report; |
11081 |
-+ return; |
11082 |
-+ } |
11083 |
++ if (!PageSlab(page)) |
11084 |
++ return NULL; |
11085 |
+ |
11086 |
+ s = page->slab; |
11087 |
-+ type = s->name; |
11088 |
+ if (!(s->flags & SLAB_USERCOPY)) |
11089 |
-+ goto report; |
11090 |
++ return s->name; |
11091 |
+ |
11092 |
+ offset = (ptr - page_address(page)) % s->size; |
11093 |
+ if (offset <= s->objsize && n <= s->objsize - offset) |
11094 |
-+ return; |
11095 |
-+ |
11096 |
-+report: |
11097 |
-+ pax_report_usercopy(ptr, n, to, type); |
11098 |
-+#endif |
11099 |
++ return NULL; |
11100 |
+ |
11101 |
++ return s->name; |
11102 |
+} |
11103 |
-+EXPORT_SYMBOL(check_object_size); |
11104 |
++#endif |
11105 |
+ |
11106 |
size_t ksize(const void *object) |
11107 |
{ |
11108 |
struct page *page; |
11109 |
-@@ -3635,7 +3680,7 @@ static void __init kmem_cache_bootstrap_fixup(struct kmem_cache *s) |
11110 |
+@@ -3635,7 +3697,7 @@ static void __init kmem_cache_bootstrap_fixup(struct kmem_cache *s) |
11111 |
int node; |
11112 |
|
11113 |
list_add(&s->list, &slab_caches); |
11114 |
@@ -75367,7 +75400,7 @@ index af47188..ff84aee 100644 |
11115 |
|
11116 |
for_each_node_state(node, N_NORMAL_MEMORY) { |
11117 |
struct kmem_cache_node *n = get_node(s, node); |
11118 |
-@@ -3752,17 +3797,17 @@ void __init kmem_cache_init(void) |
11119 |
+@@ -3752,17 +3814,17 @@ void __init kmem_cache_init(void) |
11120 |
|
11121 |
/* Caches that are not of the two-to-the-power-of size */ |
11122 |
if (KMALLOC_MIN_SIZE <= 32) { |
11123 |
@@ -75388,7 +75421,30 @@ index af47188..ff84aee 100644 |
11124 |
caches++; |
11125 |
} |
11126 |
|
11127 |
-@@ -3830,7 +3875,7 @@ static int slab_unmergeable(struct kmem_cache *s) |
11128 |
+@@ -3804,6 +3866,22 @@ void __init kmem_cache_init(void) |
11129 |
+ } |
11130 |
+ } |
11131 |
+ #endif |
11132 |
++ |
11133 |
++#ifdef CONFIG_PAX_USERCOPY_SLABS |
11134 |
++ for (i = 0; i < SLUB_PAGE_SHIFT; i++) { |
11135 |
++ struct kmem_cache *s = kmalloc_caches[i]; |
11136 |
++ |
11137 |
++ if (s && s->size) { |
11138 |
++ char *name = kasprintf(GFP_NOWAIT, |
11139 |
++ "usercopy-kmalloc-%d", s->objsize); |
11140 |
++ |
11141 |
++ BUG_ON(!name); |
11142 |
++ kmalloc_usercopy_caches[i] = create_kmalloc_cache(name, |
11143 |
++ s->objsize, SLAB_USERCOPY); |
11144 |
++ } |
11145 |
++ } |
11146 |
++#endif |
11147 |
++ |
11148 |
+ printk(KERN_INFO |
11149 |
+ "SLUB: Genslabs=%d, HWalign=%d, Order=%d-%d, MinObjects=%d," |
11150 |
+ " CPUs=%d, Nodes=%d\n", |
11151 |
+@@ -3830,7 +3908,7 @@ static int slab_unmergeable(struct kmem_cache *s) |
11152 |
/* |
11153 |
* We may have set a slab to be unmergeable during bootstrap. |
11154 |
*/ |
11155 |
@@ -75397,7 +75453,7 @@ index af47188..ff84aee 100644 |
11156 |
return 1; |
11157 |
|
11158 |
return 0; |
11159 |
-@@ -3889,7 +3934,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
11160 |
+@@ -3889,7 +3967,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
11161 |
down_write(&slub_lock); |
11162 |
s = find_mergeable(size, align, flags, name, ctor); |
11163 |
if (s) { |
11164 |
@@ -75406,7 +75462,7 @@ index af47188..ff84aee 100644 |
11165 |
/* |
11166 |
* Adjust the object sizes so that we clear |
11167 |
* the complete object on kzalloc. |
11168 |
-@@ -3898,7 +3943,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
11169 |
+@@ -3898,7 +3976,7 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size, |
11170 |
s->inuse = max_t(int, s->inuse, ALIGN(size, sizeof(void *))); |
11171 |
|
11172 |
if (sysfs_slab_alias(s, name)) { |
11173 |
@@ -75415,7 +75471,7 @@ index af47188..ff84aee 100644 |
11174 |
goto err; |
11175 |
} |
11176 |
up_write(&slub_lock); |
11177 |
-@@ -4027,7 +4072,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, |
11178 |
+@@ -4027,7 +4105,7 @@ void *__kmalloc_node_track_caller(size_t size, gfp_t gfpflags, |
11179 |
} |
11180 |
#endif |
11181 |
|
11182 |
@@ -75424,7 +75480,7 @@ index af47188..ff84aee 100644 |
11183 |
static int count_inuse(struct page *page) |
11184 |
{ |
11185 |
return page->inuse; |
11186 |
-@@ -4414,12 +4459,12 @@ static void resiliency_test(void) |
11187 |
+@@ -4414,12 +4492,12 @@ static void resiliency_test(void) |
11188 |
validate_slab_cache(kmalloc_caches[9]); |
11189 |
} |
11190 |
#else |
11191 |
@@ -75439,7 +75495,7 @@ index af47188..ff84aee 100644 |
11192 |
enum slab_stat_type { |
11193 |
SL_ALL, /* All slabs */ |
11194 |
SL_PARTIAL, /* Only partially allocated slabs */ |
11195 |
-@@ -4660,7 +4705,7 @@ SLAB_ATTR_RO(ctor); |
11196 |
+@@ -4660,7 +4738,7 @@ SLAB_ATTR_RO(ctor); |
11197 |
|
11198 |
static ssize_t aliases_show(struct kmem_cache *s, char *buf) |
11199 |
{ |
11200 |
@@ -75448,7 +75504,7 @@ index af47188..ff84aee 100644 |
11201 |
} |
11202 |
SLAB_ATTR_RO(aliases); |
11203 |
|
11204 |
-@@ -5227,6 +5272,7 @@ static char *create_unique_id(struct kmem_cache *s) |
11205 |
+@@ -5227,6 +5305,7 @@ static char *create_unique_id(struct kmem_cache *s) |
11206 |
return name; |
11207 |
} |
11208 |
|
11209 |
@@ -75456,7 +75512,7 @@ index af47188..ff84aee 100644 |
11210 |
static int sysfs_slab_add(struct kmem_cache *s) |
11211 |
{ |
11212 |
int err; |
11213 |
-@@ -5289,6 +5335,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) |
11214 |
+@@ -5289,6 +5368,7 @@ static void sysfs_slab_remove(struct kmem_cache *s) |
11215 |
kobject_del(&s->kobj); |
11216 |
kobject_put(&s->kobj); |
11217 |
} |
11218 |
@@ -75464,7 +75520,7 @@ index af47188..ff84aee 100644 |
11219 |
|
11220 |
/* |
11221 |
* Need to buffer aliases during bootup until sysfs becomes |
11222 |
-@@ -5302,6 +5349,7 @@ struct saved_alias { |
11223 |
+@@ -5302,6 +5382,7 @@ struct saved_alias { |
11224 |
|
11225 |
static struct saved_alias *alias_list; |
11226 |
|
11227 |
@@ -75472,7 +75528,7 @@ index af47188..ff84aee 100644 |
11228 |
static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
11229 |
{ |
11230 |
struct saved_alias *al; |
11231 |
-@@ -5324,6 +5372,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
11232 |
+@@ -5324,6 +5405,7 @@ static int sysfs_slab_alias(struct kmem_cache *s, const char *name) |
11233 |
alias_list = al; |
11234 |
return 0; |
11235 |
} |
11236 |
@@ -75791,42 +75847,6 @@ index eeba3bb..820e22e 100644 |
11237 |
if (!vas || !vms) |
11238 |
goto err_free; |
11239 |
|
11240 |
-diff --git a/mm/vmscan.c b/mm/vmscan.c |
11241 |
-index fbe2d2c..8342119 100644 |
11242 |
---- a/mm/vmscan.c |
11243 |
-+++ b/mm/vmscan.c |
11244 |
-@@ -2824,7 +2824,10 @@ static void kswapd_try_to_sleep(pg_data_t *pgdat, int order, int classzone_idx) |
11245 |
- * them before going back to sleep. |
11246 |
- */ |
11247 |
- set_pgdat_percpu_threshold(pgdat, calculate_normal_threshold); |
11248 |
-- schedule(); |
11249 |
-+ |
11250 |
-+ if (!kthread_should_stop()) |
11251 |
-+ schedule(); |
11252 |
-+ |
11253 |
- set_pgdat_percpu_threshold(pgdat, calculate_pressure_threshold); |
11254 |
- } else { |
11255 |
- if (remaining) |
11256 |
-@@ -3090,14 +3093,17 @@ int kswapd_run(int nid) |
11257 |
- } |
11258 |
- |
11259 |
- /* |
11260 |
-- * Called by memory hotplug when all memory in a node is offlined. |
11261 |
-+ * Called by memory hotplug when all memory in a node is offlined. Caller must |
11262 |
-+ * hold lock_memory_hotplug(). |
11263 |
- */ |
11264 |
- void kswapd_stop(int nid) |
11265 |
- { |
11266 |
- struct task_struct *kswapd = NODE_DATA(nid)->kswapd; |
11267 |
- |
11268 |
-- if (kswapd) |
11269 |
-+ if (kswapd) { |
11270 |
- kthread_stop(kswapd); |
11271 |
-+ NODE_DATA(nid)->kswapd = NULL; |
11272 |
-+ } |
11273 |
- } |
11274 |
- |
11275 |
- static int __init kswapd_init(void) |
11276 |
diff --git a/mm/vmstat.c b/mm/vmstat.c |
11277 |
index 8fd603b..cf0d930 100644 |
11278 |
--- a/mm/vmstat.c |
11279 |
@@ -76538,7 +76558,7 @@ index 68bbf9f..5ef0d12 100644 |
11280 |
|
11281 |
return err; |
11282 |
diff --git a/net/core/dev.c b/net/core/dev.c |
11283 |
-index 1cbddc9..e52e698 100644 |
11284 |
+index 5738654..2078746 100644 |
11285 |
--- a/net/core/dev.c |
11286 |
+++ b/net/core/dev.c |
11287 |
@@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name) |
11288 |
@@ -76583,7 +76603,7 @@ index 1cbddc9..e52e698 100644 |
11289 |
|
11290 |
#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) |
11291 |
|
11292 |
-@@ -2964,7 +2968,7 @@ enqueue: |
11293 |
+@@ -2943,7 +2947,7 @@ enqueue: |
11294 |
|
11295 |
local_irq_restore(flags); |
11296 |
|
11297 |
@@ -76592,7 +76612,7 @@ index 1cbddc9..e52e698 100644 |
11298 |
kfree_skb(skb); |
11299 |
return NET_RX_DROP; |
11300 |
} |
11301 |
-@@ -3038,7 +3042,7 @@ int netif_rx_ni(struct sk_buff *skb) |
11302 |
+@@ -3017,7 +3021,7 @@ int netif_rx_ni(struct sk_buff *skb) |
11303 |
} |
11304 |
EXPORT_SYMBOL(netif_rx_ni); |
11305 |
|
11306 |
@@ -76601,7 +76621,7 @@ index 1cbddc9..e52e698 100644 |
11307 |
{ |
11308 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
11309 |
|
11310 |
-@@ -3327,7 +3331,7 @@ ncls: |
11311 |
+@@ -3306,7 +3310,7 @@ ncls: |
11312 |
if (pt_prev) { |
11313 |
ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
11314 |
} else { |
11315 |
@@ -76610,7 +76630,7 @@ index 1cbddc9..e52e698 100644 |
11316 |
kfree_skb(skb); |
11317 |
/* Jamal, now you will not able to escape explaining |
11318 |
* me how you were going to use this. :-) |
11319 |
-@@ -3892,7 +3896,7 @@ void netif_napi_del(struct napi_struct *napi) |
11320 |
+@@ -3871,7 +3875,7 @@ void netif_napi_del(struct napi_struct *napi) |
11321 |
} |
11322 |
EXPORT_SYMBOL(netif_napi_del); |
11323 |
|
11324 |
@@ -76619,7 +76639,7 @@ index 1cbddc9..e52e698 100644 |
11325 |
{ |
11326 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
11327 |
unsigned long time_limit = jiffies + 2; |
11328 |
-@@ -5918,7 +5922,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
11329 |
+@@ -5897,7 +5901,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
11330 |
} else { |
11331 |
netdev_stats_to_stats64(storage, &dev->stats); |
11332 |
} |
11333 |
@@ -77203,18 +77223,18 @@ index 94cdbc5..0cb0063 100644 |
11334 |
ts = peer->tcp_ts; |
11335 |
tsage = get_seconds() - peer->tcp_ts_stamp; |
11336 |
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
11337 |
-index 9726927..436489e 100644 |
11338 |
+index 32e6ca2..436489e 100644 |
11339 |
--- a/net/ipv4/tcp_input.c |
11340 |
+++ b/net/ipv4/tcp_input.c |
11341 |
-@@ -5836,6 +5836,8 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
11342 |
+@@ -5836,7 +5836,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
11343 |
goto discard; |
11344 |
|
11345 |
if (th->syn) { |
11346 |
+- if (th->fin) |
11347 |
+ if (th->fin || th->urg || th->psh) |
11348 |
-+ goto discard; |
11349 |
+ goto discard; |
11350 |
if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) |
11351 |
return 1; |
11352 |
- |
11353 |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
11354 |
index de69cec..74908e1 100644 |
11355 |
--- a/net/ipv4/tcp_ipv4.c |
11356 |
@@ -77934,10 +77954,10 @@ index 253695d..9481ce8 100644 |
11357 |
seq_printf(m, "Max header size: %d\n", self->max_header_size); |
11358 |
|
11359 |
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c |
11360 |
-index 274d150..656a144 100644 |
11361 |
+index cf98d62..7bf2972 100644 |
11362 |
--- a/net/iucv/af_iucv.c |
11363 |
+++ b/net/iucv/af_iucv.c |
11364 |
-@@ -787,10 +787,10 @@ static int iucv_sock_autobind(struct sock *sk) |
11365 |
+@@ -786,10 +786,10 @@ static int iucv_sock_autobind(struct sock *sk) |
11366 |
|
11367 |
write_lock_bh(&iucv_sk_list.lock); |
11368 |
|
11369 |
@@ -80097,7 +80117,7 @@ index d1d0ae8..6b73b2a 100644 |
11370 |
sprintf(alias, "dmi*"); |
11371 |
|
11372 |
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c |
11373 |
-index 619228d..274ce0e 100644 |
11374 |
+index 619228d..bf61bbb 100644 |
11375 |
--- a/scripts/mod/modpost.c |
11376 |
+++ b/scripts/mod/modpost.c |
11377 |
@@ -922,6 +922,7 @@ enum mismatch { |
11378 |
@@ -80139,12 +80159,12 @@ index 619228d..274ce0e 100644 |
11379 |
free(prl_to); |
11380 |
break; |
11381 |
+ case DATA_TO_TEXT: |
11382 |
-+/* |
11383 |
++#if 0 |
11384 |
+ fprintf(stderr, |
11385 |
-+ "The variable %s references\n" |
11386 |
-+ "the %s %s%s%s\n", |
11387 |
-+ fromsym, to, sec2annotation(tosec), tosym, to_p); |
11388 |
-+*/ |
11389 |
++ "The %s %s:%s references\n" |
11390 |
++ "the %s %s:%s%s\n", |
11391 |
++ from, fromsec, fromsym, to, tosec, tosym, to_p); |
11392 |
++#endif |
11393 |
+ break; |
11394 |
} |
11395 |
fprintf(stderr, "\n"); |
11396 |
@@ -80256,10 +80276,10 @@ index 38f6617..e70b72b 100755 |
11397 |
|
11398 |
exuberant() |
11399 |
diff --git a/security/Kconfig b/security/Kconfig |
11400 |
-index 51bd5a0..d660068 100644 |
11401 |
+index 51bd5a0..f94ba7f 100644 |
11402 |
--- a/security/Kconfig |
11403 |
+++ b/security/Kconfig |
11404 |
-@@ -4,6 +4,861 @@ |
11405 |
+@@ -4,6 +4,875 @@ |
11406 |
|
11407 |
menu "Security options" |
11408 |
|
11409 |
@@ -80284,6 +80304,9 @@ index 51bd5a0..d660068 100644 |
11410 |
+ bool |
11411 |
+ default y if (X86_32 && (MPENTIUM4 || MK8 || MPSC || MCORE2 || MATOM)) |
11412 |
+ |
11413 |
++ config PAX_USERCOPY_SLABS |
11414 |
++ bool |
11415 |
++ |
11416 |
+config GRKERNSEC |
11417 |
+ bool "Grsecurity" |
11418 |
+ select CRYPTO |
11419 |
@@ -80518,13 +80541,12 @@ index 51bd5a0..d660068 100644 |
11420 |
+ has been deprecated in favour of PT_PAX_FLAGS and XATTR_PAX_FLAGS |
11421 |
+ support. |
11422 |
+ |
11423 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
11424 |
-+ header and you cannot use XATTR_PAX_FLAGS then you MUST enable this |
11425 |
-+ option otherwise they will not get any protection. |
11426 |
-+ |
11427 |
+ Note that if you enable PT_PAX_FLAGS or XATTR_PAX_FLAGS marking |
11428 |
+ support as well, they will override the legacy EI_PAX marks. |
11429 |
+ |
11430 |
++ If you enable none of the marking options then all applications |
11431 |
++ will run with PaX enabled on them by default. |
11432 |
++ |
11433 |
+config PAX_PT_PAX_FLAGS |
11434 |
+ bool 'Use ELF program header marking' |
11435 |
+ default y if GRKERNSEC_CONFIG_AUTO |
11436 |
@@ -80537,15 +80559,14 @@ index 51bd5a0..d660068 100644 |
11437 |
+ integrated into the toolchain (the binutils patch is available |
11438 |
+ from http://pax.grsecurity.net). |
11439 |
+ |
11440 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
11441 |
-+ header then you MUST enable either XATTR_PAX_FLAGS or EI_PAX marking |
11442 |
-+ support otherwise they will not get any protection. |
11443 |
++ Note that if you enable the legacy EI_PAX marking support as well, |
11444 |
++ the EI_PAX marks will be overridden by the PT_PAX_FLAGS marks. |
11445 |
+ |
11446 |
+ If you enable both PT_PAX_FLAGS and XATTR_PAX_FLAGS support then you |
11447 |
+ must make sure that the marks are the same if a binary has both marks. |
11448 |
+ |
11449 |
-+ Note that if you enable the legacy EI_PAX marking support as well, |
11450 |
-+ the EI_PAX marks will be overridden by the PT_PAX_FLAGS marks. |
11451 |
++ If you enable none of the marking options then all applications |
11452 |
++ will run with PaX enabled on them by default. |
11453 |
+ |
11454 |
+config PAX_XATTR_PAX_FLAGS |
11455 |
+ bool 'Use filesystem extended attributes marking' |
11456 |
@@ -80570,15 +80591,14 @@ index 51bd5a0..d660068 100644 |
11457 |
+ isofs, udf, vfat) so copying files through such filesystems will |
11458 |
+ lose the extended attributes and these PaX markings. |
11459 |
+ |
11460 |
-+ If you have applications not marked by the PT_PAX_FLAGS ELF program |
11461 |
-+ header then you MUST enable either XATTR_PAX_FLAGS or EI_PAX marking |
11462 |
-+ support otherwise they will not get any protection. |
11463 |
++ Note that if you enable the legacy EI_PAX marking support as well, |
11464 |
++ the EI_PAX marks will be overridden by the XATTR_PAX_FLAGS marks. |
11465 |
+ |
11466 |
+ If you enable both PT_PAX_FLAGS and XATTR_PAX_FLAGS support then you |
11467 |
+ must make sure that the marks are the same if a binary has both marks. |
11468 |
+ |
11469 |
-+ Note that if you enable the legacy EI_PAX marking support as well, |
11470 |
-+ the EI_PAX marks will be overridden by the XATTR_PAX_FLAGS marks. |
11471 |
++ If you enable none of the marking options then all applications |
11472 |
++ will run with PaX enabled on them by default. |
11473 |
+ |
11474 |
+choice |
11475 |
+ prompt 'MAC system integration' |
11476 |
@@ -81068,6 +81088,7 @@ index 51bd5a0..d660068 100644 |
11477 |
+ default y if GRKERNSEC_CONFIG_AUTO |
11478 |
+ depends on X86 || PPC || SPARC || ARM |
11479 |
+ depends on GRKERNSEC && (SLAB || SLUB || SLOB) |
11480 |
++ select PAX_USERCOPY_SLABS |
11481 |
+ help |
11482 |
+ By saying Y here the kernel will enforce the size of heap objects |
11483 |
+ when they are copied in either direction between the kernel and |
11484 |
@@ -81108,6 +81129,19 @@ index 51bd5a0..d660068 100644 |
11485 |
+ Homepage: |
11486 |
+ http://www.grsecurity.net/~ephox/overflow_plugin/ |
11487 |
+ |
11488 |
++config PAX_LATENT_ENTROPY |
11489 |
++ bool "Generate some entropy during boot" |
11490 |
++ default y if GRKERNSEC_CONFIG_AUTO |
11491 |
++ help |
11492 |
++ By saying Y here the kernel will instrument early boot code to |
11493 |
++ extract some entropy from both original and artificially created |
11494 |
++ program state. This will help especially embedded systems where |
11495 |
++ there is little 'natural' source of entropy normally. The cost |
11496 |
++ is some slowdown of the boot process. |
11497 |
++ |
11498 |
++ Note that entropy extracted this way is not cryptographically |
11499 |
++ secure! |
11500 |
++ |
11501 |
+endmenu |
11502 |
+ |
11503 |
+endmenu |
11504 |
@@ -81121,7 +81155,7 @@ index 51bd5a0..d660068 100644 |
11505 |
config KEYS |
11506 |
bool "Enable access key retention support" |
11507 |
help |
11508 |
-@@ -169,7 +1024,7 @@ config INTEL_TXT |
11509 |
+@@ -169,7 +1038,7 @@ config INTEL_TXT |
11510 |
config LSM_MMAP_MIN_ADDR |
11511 |
int "Low address space for LSM to protect from user allocation" |
11512 |
depends on SECURITY && SECURITY_SELINUX |
11513 |
@@ -82049,12 +82083,19 @@ index a39edcc..1014050 100644 |
11514 |
int last_frame_number; /* stored frame number */ |
11515 |
int last_delay; /* stored delay */ |
11516 |
}; |
11517 |
+diff --git a/tools/gcc/.gitignore b/tools/gcc/.gitignore |
11518 |
+new file mode 100644 |
11519 |
+index 0000000..50f2f2f |
11520 |
+--- /dev/null |
11521 |
++++ b/tools/gcc/.gitignore |
11522 |
+@@ -0,0 +1 @@ |
11523 |
++size_overflow_hash.h |
11524 |
diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile |
11525 |
new file mode 100644 |
11526 |
-index 0000000..f4f9986 |
11527 |
+index 0000000..1d09b7e |
11528 |
--- /dev/null |
11529 |
+++ b/tools/gcc/Makefile |
11530 |
-@@ -0,0 +1,41 @@ |
11531 |
+@@ -0,0 +1,43 @@ |
11532 |
+#CC := gcc |
11533 |
+#PLUGIN_SOURCE_FILES := pax_plugin.c |
11534 |
+#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) |
11535 |
@@ -82076,6 +82117,7 @@ index 0000000..f4f9986 |
11536 |
+$(HOSTLIBS)-$(CONFIG_CHECKER_PLUGIN) += checker_plugin.so |
11537 |
+$(HOSTLIBS)-y += colorize_plugin.so |
11538 |
+$(HOSTLIBS)-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so |
11539 |
++$(HOSTLIBS)-$(CONFIG_PAX_LATENT_ENTROPY) += latent_entropy_plugin.so |
11540 |
+ |
11541 |
+always := $($(HOSTLIBS)-y) |
11542 |
+ |
11543 |
@@ -82086,6 +82128,7 @@ index 0000000..f4f9986 |
11544 |
+checker_plugin-objs := checker_plugin.o |
11545 |
+colorize_plugin-objs := colorize_plugin.o |
11546 |
+size_overflow_plugin-objs := size_overflow_plugin.o |
11547 |
++latent_entropy_plugin-objs := latent_entropy_plugin.o |
11548 |
+ |
11549 |
+$(obj)/size_overflow_plugin.o: $(objtree)/$(obj)/size_overflow_hash.h |
11550 |
+ |
11551 |
@@ -82275,7 +82318,7 @@ index 0000000..d41b5af |
11552 |
+} |
11553 |
diff --git a/tools/gcc/colorize_plugin.c b/tools/gcc/colorize_plugin.c |
11554 |
new file mode 100644 |
11555 |
-index 0000000..7a5e311 |
11556 |
+index 0000000..846aeb0 |
11557 |
--- /dev/null |
11558 |
+++ b/tools/gcc/colorize_plugin.c |
11559 |
@@ -0,0 +1,148 @@ |
11560 |
@@ -82413,7 +82456,7 @@ index 0000000..7a5e311 |
11561 |
+ struct register_pass_info colorize_rearm_pass_info = { |
11562 |
+ .pass = &pass_ipa_colorize_rearm.pass, |
11563 |
+ .reference_pass_name = "*free_lang_data", |
11564 |
-+ .ref_pass_instance_number = 0, |
11565 |
++ .ref_pass_instance_number = 1, |
11566 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11567 |
+ }; |
11568 |
+ |
11569 |
@@ -82429,7 +82472,7 @@ index 0000000..7a5e311 |
11570 |
+} |
11571 |
diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c |
11572 |
new file mode 100644 |
11573 |
-index 0000000..89b7f56 |
11574 |
+index 0000000..048d4ff |
11575 |
--- /dev/null |
11576 |
+++ b/tools/gcc/constify_plugin.c |
11577 |
@@ -0,0 +1,328 @@ |
11578 |
@@ -82735,7 +82778,7 @@ index 0000000..89b7f56 |
11579 |
+ struct register_pass_info local_variable_pass_info = { |
11580 |
+ .pass = &pass_local_variable.pass, |
11581 |
+ .reference_pass_name = "*referenced_vars", |
11582 |
-+ .ref_pass_instance_number = 0, |
11583 |
++ .ref_pass_instance_number = 1, |
11584 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11585 |
+ }; |
11586 |
+ |
11587 |
@@ -82863,7 +82906,7 @@ index 0000000..a0fe8b2 |
11588 |
+exit 0 |
11589 |
diff --git a/tools/gcc/kallocstat_plugin.c b/tools/gcc/kallocstat_plugin.c |
11590 |
new file mode 100644 |
11591 |
-index 0000000..a5eabce |
11592 |
+index 0000000..a86e422 |
11593 |
--- /dev/null |
11594 |
+++ b/tools/gcc/kallocstat_plugin.c |
11595 |
@@ -0,0 +1,167 @@ |
11596 |
@@ -83020,7 +83063,7 @@ index 0000000..a5eabce |
11597 |
+ struct register_pass_info kallocstat_pass_info = { |
11598 |
+ .pass = &kallocstat_pass.pass, |
11599 |
+ .reference_pass_name = "ssa", |
11600 |
-+ .ref_pass_instance_number = 0, |
11601 |
++ .ref_pass_instance_number = 1, |
11602 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11603 |
+ }; |
11604 |
+ |
11605 |
@@ -83036,7 +83079,7 @@ index 0000000..a5eabce |
11606 |
+} |
11607 |
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c |
11608 |
new file mode 100644 |
11609 |
-index 0000000..d8a8da2 |
11610 |
+index 0000000..98011fa |
11611 |
--- /dev/null |
11612 |
+++ b/tools/gcc/kernexec_plugin.c |
11613 |
@@ -0,0 +1,427 @@ |
11614 |
@@ -83412,19 +83455,19 @@ index 0000000..d8a8da2 |
11615 |
+ struct register_pass_info kernexec_reload_pass_info = { |
11616 |
+ .pass = &kernexec_reload_pass.pass, |
11617 |
+ .reference_pass_name = "ssa", |
11618 |
-+ .ref_pass_instance_number = 0, |
11619 |
++ .ref_pass_instance_number = 1, |
11620 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11621 |
+ }; |
11622 |
+ struct register_pass_info kernexec_fptr_pass_info = { |
11623 |
+ .pass = &kernexec_fptr_pass.pass, |
11624 |
+ .reference_pass_name = "ssa", |
11625 |
-+ .ref_pass_instance_number = 0, |
11626 |
++ .ref_pass_instance_number = 1, |
11627 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11628 |
+ }; |
11629 |
+ struct register_pass_info kernexec_retaddr_pass_info = { |
11630 |
+ .pass = &kernexec_retaddr_pass.pass, |
11631 |
+ .reference_pass_name = "pro_and_epilogue", |
11632 |
-+ .ref_pass_instance_number = 0, |
11633 |
++ .ref_pass_instance_number = 1, |
11634 |
+ .pos_op = PASS_POS_INSERT_AFTER |
11635 |
+ }; |
11636 |
+ |
11637 |
@@ -83467,6 +83510,307 @@ index 0000000..d8a8da2 |
11638 |
+ |
11639 |
+ return 0; |
11640 |
+} |
11641 |
+diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
11642 |
+new file mode 100644 |
11643 |
+index 0000000..b8008f7 |
11644 |
+--- /dev/null |
11645 |
++++ b/tools/gcc/latent_entropy_plugin.c |
11646 |
+@@ -0,0 +1,295 @@ |
11647 |
++/* |
11648 |
++ * Copyright 2012 by the PaX Team <pageexec@××××××××.hu> |
11649 |
++ * Licensed under the GPL v2 |
11650 |
++ * |
11651 |
++ * Note: the choice of the license means that the compilation process is |
11652 |
++ * NOT 'eligible' as defined by gcc's library exception to the GPL v3, |
11653 |
++ * but for the kernel it doesn't matter since it doesn't link against |
11654 |
++ * any of the gcc libraries |
11655 |
++ * |
11656 |
++ * gcc plugin to help generate a little bit of entropy from program state, |
11657 |
++ * used during boot in the kernel |
11658 |
++ * |
11659 |
++ * TODO: |
11660 |
++ * - add ipa pass to identify not explicitly marked candidate functions |
11661 |
++ * - mix in more program state (function arguments/return values, loop variables, etc) |
11662 |
++ * - more instrumentation control via attribute parameters |
11663 |
++ * |
11664 |
++ * BUGS: |
11665 |
++ * - LTO needs -flto-partition=none for now |
11666 |
++ */ |
11667 |
++#include "gcc-plugin.h" |
11668 |
++#include "config.h" |
11669 |
++#include "system.h" |
11670 |
++#include "coretypes.h" |
11671 |
++#include "tree.h" |
11672 |
++#include "tree-pass.h" |
11673 |
++#include "flags.h" |
11674 |
++#include "intl.h" |
11675 |
++#include "toplev.h" |
11676 |
++#include "plugin.h" |
11677 |
++//#include "expr.h" where are you... |
11678 |
++#include "diagnostic.h" |
11679 |
++#include "plugin-version.h" |
11680 |
++#include "tm.h" |
11681 |
++#include "function.h" |
11682 |
++#include "basic-block.h" |
11683 |
++#include "gimple.h" |
11684 |
++#include "rtl.h" |
11685 |
++#include "emit-rtl.h" |
11686 |
++#include "tree-flow.h" |
11687 |
++ |
11688 |
++int plugin_is_GPL_compatible; |
11689 |
++ |
11690 |
++static tree latent_entropy_decl; |
11691 |
++ |
11692 |
++static struct plugin_info latent_entropy_plugin_info = { |
11693 |
++ .version = "201207271820", |
11694 |
++ .help = NULL |
11695 |
++}; |
11696 |
++ |
11697 |
++static unsigned int execute_latent_entropy(void); |
11698 |
++static bool gate_latent_entropy(void); |
11699 |
++ |
11700 |
++static struct gimple_opt_pass latent_entropy_pass = { |
11701 |
++ .pass = { |
11702 |
++ .type = GIMPLE_PASS, |
11703 |
++ .name = "latent_entropy", |
11704 |
++ .gate = gate_latent_entropy, |
11705 |
++ .execute = execute_latent_entropy, |
11706 |
++ .sub = NULL, |
11707 |
++ .next = NULL, |
11708 |
++ .static_pass_number = 0, |
11709 |
++ .tv_id = TV_NONE, |
11710 |
++ .properties_required = PROP_gimple_leh | PROP_cfg, |
11711 |
++ .properties_provided = 0, |
11712 |
++ .properties_destroyed = 0, |
11713 |
++ .todo_flags_start = 0, //TODO_verify_ssa | TODO_verify_flow | TODO_verify_stmts, |
11714 |
++ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_update_ssa |
11715 |
++ } |
11716 |
++}; |
11717 |
++ |
11718 |
++static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
11719 |
++{ |
11720 |
++ if (TREE_CODE(*node) != FUNCTION_DECL) { |
11721 |
++ *no_add_attrs = true; |
11722 |
++ error("%qE attribute only applies to functions", name); |
11723 |
++ } |
11724 |
++ return NULL_TREE; |
11725 |
++} |
11726 |
++ |
11727 |
++static struct attribute_spec latent_entropy_attr = { |
11728 |
++ .name = "latent_entropy", |
11729 |
++ .min_length = 0, |
11730 |
++ .max_length = 0, |
11731 |
++ .decl_required = true, |
11732 |
++ .type_required = false, |
11733 |
++ .function_type_required = false, |
11734 |
++ .handler = handle_latent_entropy_attribute, |
11735 |
++#if BUILDING_GCC_VERSION >= 4007 |
11736 |
++ .affects_type_identity = false |
11737 |
++#endif |
11738 |
++}; |
11739 |
++ |
11740 |
++static void register_attributes(void *event_data, void *data) |
11741 |
++{ |
11742 |
++ register_attribute(&latent_entropy_attr); |
11743 |
++} |
11744 |
++ |
11745 |
++static bool gate_latent_entropy(void) |
11746 |
++{ |
11747 |
++ tree latent_entropy_attr; |
11748 |
++ |
11749 |
++ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)); |
11750 |
++ return latent_entropy_attr != NULL_TREE; |
11751 |
++} |
11752 |
++ |
11753 |
++static unsigned HOST_WIDE_INT seed; |
11754 |
++static unsigned HOST_WIDE_INT get_random_const(void) |
11755 |
++{ |
11756 |
++ seed = (seed >> 1U) ^ (-(seed & 1ULL) & 0xD800000000000000ULL); |
11757 |
++ return seed; |
11758 |
++} |
11759 |
++ |
11760 |
++static enum tree_code get_op(tree *rhs) |
11761 |
++{ |
11762 |
++ static enum tree_code op; |
11763 |
++ unsigned HOST_WIDE_INT random_const; |
11764 |
++ |
11765 |
++ random_const = get_random_const(); |
11766 |
++ |
11767 |
++ switch (op) { |
11768 |
++ case BIT_XOR_EXPR: |
11769 |
++ op = PLUS_EXPR; |
11770 |
++ break; |
11771 |
++ |
11772 |
++ case PLUS_EXPR: |
11773 |
++ if (rhs) { |
11774 |
++ op = LROTATE_EXPR; |
11775 |
++ random_const &= HOST_BITS_PER_WIDE_INT - 1; |
11776 |
++ break; |
11777 |
++ } |
11778 |
++ |
11779 |
++ case LROTATE_EXPR: |
11780 |
++ default: |
11781 |
++ op = BIT_XOR_EXPR; |
11782 |
++ break; |
11783 |
++ } |
11784 |
++ if (rhs) |
11785 |
++ *rhs = build_int_cstu(unsigned_intDI_type_node, random_const); |
11786 |
++ return op; |
11787 |
++} |
11788 |
++ |
11789 |
++static void perturb_local_entropy(basic_block bb, tree local_entropy) |
11790 |
++{ |
11791 |
++ gimple_stmt_iterator gsi; |
11792 |
++ gimple assign; |
11793 |
++ tree addxorrol, rhs; |
11794 |
++ enum tree_code op; |
11795 |
++ |
11796 |
++ op = get_op(&rhs); |
11797 |
++ addxorrol = fold_build2_loc(UNKNOWN_LOCATION, op, unsigned_intDI_type_node, local_entropy, rhs); |
11798 |
++ assign = gimple_build_assign(local_entropy, addxorrol); |
11799 |
++ find_referenced_vars_in(assign); |
11800 |
++//debug_bb(bb); |
11801 |
++ gsi = gsi_after_labels(bb); |
11802 |
++ gsi_insert_before(&gsi, assign, GSI_NEW_STMT); |
11803 |
++ update_stmt(assign); |
11804 |
++} |
11805 |
++ |
11806 |
++static void perturb_latent_entropy(basic_block bb, tree rhs) |
11807 |
++{ |
11808 |
++ gimple_stmt_iterator gsi; |
11809 |
++ gimple assign; |
11810 |
++ tree addxorrol, temp; |
11811 |
++ |
11812 |
++ // 1. create temporary copy of latent_entropy |
11813 |
++ temp = create_tmp_var(unsigned_intDI_type_node, "temp_latent_entropy"); |
11814 |
++ add_referenced_var(temp); |
11815 |
++ mark_sym_for_renaming(temp); |
11816 |
++ |
11817 |
++ // 2. read... |
11818 |
++ assign = gimple_build_assign(temp, latent_entropy_decl); |
11819 |
++ find_referenced_vars_in(assign); |
11820 |
++ gsi = gsi_after_labels(bb); |
11821 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
11822 |
++ update_stmt(assign); |
11823 |
++ |
11824 |
++ // 3. ...modify... |
11825 |
++ addxorrol = fold_build2_loc(UNKNOWN_LOCATION, get_op(NULL), unsigned_intDI_type_node, temp, rhs); |
11826 |
++ assign = gimple_build_assign(temp, addxorrol); |
11827 |
++ find_referenced_vars_in(assign); |
11828 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
11829 |
++ update_stmt(assign); |
11830 |
++ |
11831 |
++ // 4. ...write latent_entropy |
11832 |
++ assign = gimple_build_assign(latent_entropy_decl, temp); |
11833 |
++ find_referenced_vars_in(assign); |
11834 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
11835 |
++ update_stmt(assign); |
11836 |
++} |
11837 |
++ |
11838 |
++static unsigned int execute_latent_entropy(void) |
11839 |
++{ |
11840 |
++ basic_block bb; |
11841 |
++ gimple assign; |
11842 |
++ gimple_stmt_iterator gsi; |
11843 |
++ tree local_entropy; |
11844 |
++ |
11845 |
++ if (!latent_entropy_decl) { |
11846 |
++ struct varpool_node *node; |
11847 |
++ |
11848 |
++ for (node = varpool_nodes; node; node = node->next) { |
11849 |
++ tree var = node->decl; |
11850 |
++ if (strcmp(IDENTIFIER_POINTER(DECL_NAME(var)), "latent_entropy")) |
11851 |
++ continue; |
11852 |
++ latent_entropy_decl = var; |
11853 |
++// debug_tree(var); |
11854 |
++ break; |
11855 |
++ } |
11856 |
++ if (!latent_entropy_decl) { |
11857 |
++// debug_tree(current_function_decl); |
11858 |
++ return 0; |
11859 |
++ } |
11860 |
++ } |
11861 |
++ |
11862 |
++//fprintf(stderr, "latent_entropy: %s\n", IDENTIFIER_POINTER(DECL_NAME(current_function_decl))); |
11863 |
++ |
11864 |
++ // 1. create local entropy variable |
11865 |
++ local_entropy = create_tmp_var(unsigned_intDI_type_node, "local_entropy"); |
11866 |
++ add_referenced_var(local_entropy); |
11867 |
++ mark_sym_for_renaming(local_entropy); |
11868 |
++ |
11869 |
++ // 2. initialize local entropy variable |
11870 |
++ bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest; |
11871 |
++ if (dom_info_available_p(CDI_DOMINATORS)) |
11872 |
++ set_immediate_dominator(CDI_DOMINATORS, bb, ENTRY_BLOCK_PTR); |
11873 |
++ gsi = gsi_start_bb(bb); |
11874 |
++ |
11875 |
++ assign = gimple_build_assign(local_entropy, build_int_cstu(unsigned_intDI_type_node, get_random_const())); |
11876 |
++// gimple_set_location(assign, loc); |
11877 |
++ find_referenced_vars_in(assign); |
11878 |
++ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
11879 |
++ update_stmt(assign); |
11880 |
++ bb = bb->next_bb; |
11881 |
++ |
11882 |
++ // 3. instrument each BB with an operation on the local entropy variable |
11883 |
++ while (bb != EXIT_BLOCK_PTR) { |
11884 |
++ perturb_local_entropy(bb, local_entropy); |
11885 |
++ bb = bb->next_bb; |
11886 |
++ }; |
11887 |
++ |
11888 |
++ // 4. mix local entropy into the global entropy variable |
11889 |
++ perturb_latent_entropy(EXIT_BLOCK_PTR->prev_bb, local_entropy); |
11890 |
++ return 0; |
11891 |
++} |
11892 |
++ |
11893 |
++static void start_unit_callback(void *gcc_data, void *user_data) |
11894 |
++{ |
11895 |
++#if BUILDING_GCC_VERSION >= 4007 |
11896 |
++ seed = get_random_seed(false); |
11897 |
++#else |
11898 |
++ sscanf(get_random_seed(false), "%" HOST_WIDE_INT_PRINT "x", &seed); |
11899 |
++ seed *= seed; |
11900 |
++#endif |
11901 |
++ |
11902 |
++ if (in_lto_p) |
11903 |
++ return; |
11904 |
++ |
11905 |
++ // extern u64 latent_entropy |
11906 |
++ latent_entropy_decl = build_decl(UNKNOWN_LOCATION, VAR_DECL, get_identifier("latent_entropy"), unsigned_intDI_type_node); |
11907 |
++ |
11908 |
++ TREE_STATIC(latent_entropy_decl) = 1; |
11909 |
++ TREE_PUBLIC(latent_entropy_decl) = 1; |
11910 |
++ TREE_USED(latent_entropy_decl) = 1; |
11911 |
++ TREE_THIS_VOLATILE(latent_entropy_decl) = 1; |
11912 |
++ DECL_EXTERNAL(latent_entropy_decl) = 1; |
11913 |
++ DECL_ARTIFICIAL(latent_entropy_decl) = 0; |
11914 |
++ DECL_INITIAL(latent_entropy_decl) = NULL; |
11915 |
++// DECL_ASSEMBLER_NAME(latent_entropy_decl); |
11916 |
++// varpool_finalize_decl(latent_entropy_decl); |
11917 |
++// varpool_mark_needed_node(latent_entropy_decl); |
11918 |
++} |
11919 |
++ |
11920 |
++int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) |
11921 |
++{ |
11922 |
++ const char * const plugin_name = plugin_info->base_name; |
11923 |
++ struct register_pass_info latent_entropy_pass_info = { |
11924 |
++ .pass = &latent_entropy_pass.pass, |
11925 |
++ .reference_pass_name = "optimized", |
11926 |
++ .ref_pass_instance_number = 1, |
11927 |
++ .pos_op = PASS_POS_INSERT_BEFORE |
11928 |
++ }; |
11929 |
++ |
11930 |
++ if (!plugin_default_version_check(version, &gcc_version)) { |
11931 |
++ error(G_("incompatible gcc/plugin versions")); |
11932 |
++ return 1; |
11933 |
++ } |
11934 |
++ |
11935 |
++ register_callback(plugin_name, PLUGIN_INFO, NULL, &latent_entropy_plugin_info); |
11936 |
++ register_callback ("start_unit", PLUGIN_START_UNIT, &start_unit_callback, NULL); |
11937 |
++ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &latent_entropy_pass_info); |
11938 |
++ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); |
11939 |
++ |
11940 |
++ return 0; |
11941 |
++} |
11942 |
diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data |
11943 |
new file mode 100644 |
11944 |
index 0000000..54a12fe |
11945 |
@@ -87077,7 +87421,7 @@ index 0000000..cc96254 |
11946 |
+} |
11947 |
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c |
11948 |
new file mode 100644 |
11949 |
-index 0000000..b87ec9d |
11950 |
+index 0000000..38d2014 |
11951 |
--- /dev/null |
11952 |
+++ b/tools/gcc/stackleak_plugin.c |
11953 |
@@ -0,0 +1,313 @@ |
11954 |
@@ -87350,13 +87694,13 @@ index 0000000..b87ec9d |
11955 |
+ .pass = &stackleak_tree_instrument_pass.pass, |
11956 |
+// .reference_pass_name = "tree_profile", |
11957 |
+ .reference_pass_name = "optimized", |
11958 |
-+ .ref_pass_instance_number = 0, |
11959 |
++ .ref_pass_instance_number = 1, |
11960 |
+ .pos_op = PASS_POS_INSERT_BEFORE |
11961 |
+ }; |
11962 |
+ struct register_pass_info stackleak_final_pass_info = { |
11963 |
+ .pass = &stackleak_final_rtl_opt_pass.pass, |
11964 |
+ .reference_pass_name = "final", |
11965 |
-+ .ref_pass_instance_number = 0, |
11966 |
++ .ref_pass_instance_number = 1, |
11967 |
+ .pos_op = PASS_POS_INSERT_BEFORE |
11968 |
+ }; |
11969 |
+ |
11970 |
|
11971 |
diff --git a/3.2.23/4430_grsec-remove-localversion-grsec.patch b/3.2.24/4430_grsec-remove-localversion-grsec.patch |
11972 |
similarity index 100% |
11973 |
rename from 3.2.23/4430_grsec-remove-localversion-grsec.patch |
11974 |
rename to 3.2.24/4430_grsec-remove-localversion-grsec.patch |
11975 |
|
11976 |
diff --git a/3.2.23/4435_grsec-mute-warnings.patch b/3.2.24/4435_grsec-mute-warnings.patch |
11977 |
similarity index 100% |
11978 |
rename from 3.2.23/4435_grsec-mute-warnings.patch |
11979 |
rename to 3.2.24/4435_grsec-mute-warnings.patch |
11980 |
|
11981 |
diff --git a/3.2.23/4440_grsec-remove-protected-paths.patch b/3.2.24/4440_grsec-remove-protected-paths.patch |
11982 |
similarity index 100% |
11983 |
rename from 3.2.23/4440_grsec-remove-protected-paths.patch |
11984 |
rename to 3.2.24/4440_grsec-remove-protected-paths.patch |
11985 |
|
11986 |
diff --git a/3.2.23/4450_grsec-kconfig-default-gids.patch b/3.2.24/4450_grsec-kconfig-default-gids.patch |
11987 |
similarity index 100% |
11988 |
rename from 3.2.23/4450_grsec-kconfig-default-gids.patch |
11989 |
rename to 3.2.24/4450_grsec-kconfig-default-gids.patch |
11990 |
|
11991 |
diff --git a/3.2.23/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.24/4465_selinux-avc_audit-log-curr_ip.patch |
11992 |
similarity index 100% |
11993 |
rename from 3.2.23/4465_selinux-avc_audit-log-curr_ip.patch |
11994 |
rename to 3.2.24/4465_selinux-avc_audit-log-curr_ip.patch |
11995 |
|
11996 |
diff --git a/3.2.23/4470_disable-compat_vdso.patch b/3.2.24/4470_disable-compat_vdso.patch |
11997 |
similarity index 100% |
11998 |
rename from 3.2.23/4470_disable-compat_vdso.patch |
11999 |
rename to 3.2.24/4470_disable-compat_vdso.patch |
12000 |
|
12001 |
diff --git a/3.4.6/0000_README b/3.4.6/0000_README |
12002 |
index 9b230b9..0a9e8d9 100644 |
12003 |
--- a/3.4.6/0000_README |
12004 |
+++ b/3.4.6/0000_README |
12005 |
@@ -6,7 +6,7 @@ Patch: 1005_linux-3.4.6.patch |
12006 |
From: http://www.kernel.org |
12007 |
Desc: Linux 3.4.6 |
12008 |
|
12009 |
-Patch: 4420_grsecurity-2.9.1-3.4.6-201207242237.patch |
12010 |
+Patch: 4420_grsecurity-2.9.1-3.4.6-201207281946.patch |
12011 |
From: http://www.grsecurity.net |
12012 |
Desc: hardened-sources base patch from upstream grsecurity |
12013 |
|
12014 |
|
12015 |
diff --git a/3.4.6/4420_grsecurity-2.9.1-3.4.6-201207242237.patch b/3.4.6/4420_grsecurity-2.9.1-3.4.6-201207281946.patch |
12016 |
similarity index 99% |
12017 |
rename from 3.4.6/4420_grsecurity-2.9.1-3.4.6-201207242237.patch |
12018 |
rename to 3.4.6/4420_grsecurity-2.9.1-3.4.6-201207281946.patch |
12019 |
index 0f5d8af..357f472 100644 |
12020 |
--- a/3.4.6/4420_grsecurity-2.9.1-3.4.6-201207242237.patch |
12021 |
+++ b/3.4.6/4420_grsecurity-2.9.1-3.4.6-201207281946.patch |
12022 |
@@ -236,7 +236,7 @@ index c1601e5..08557ce 100644 |
12023 |
|
12024 |
pcd. [PARIDE] |
12025 |
diff --git a/Makefile b/Makefile |
12026 |
-index 5d0edcb..121c424 100644 |
12027 |
+index 5d0edcb..f69ee4c 100644 |
12028 |
--- a/Makefile |
12029 |
+++ b/Makefile |
12030 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
12031 |
@@ -296,11 +296,11 @@ index 5d0edcb..121c424 100644 |
12032 |
+SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN |
12033 |
+endif |
12034 |
+ifdef CONFIG_PAX_LATENT_ENTROPY |
12035 |
-+LATENT_ENTROPY := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so |
12036 |
++LATENT_ENTROPY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/latent_entropy_plugin.so -DLATENT_ENTROPY_PLUGIN |
12037 |
+endif |
12038 |
+GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) |
12039 |
+GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) |
12040 |
-+GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY) |
12041 |
++GCC_PLUGINS_CFLAGS += $(SIZE_OVERFLOW_PLUGIN_CFLAGS) $(LATENT_ENTROPY_PLUGIN_CFLAGS) |
12042 |
+GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) |
12043 |
+export PLUGINCC CONSTIFY_PLUGIN |
12044 |
+ifeq ($(KBUILD_EXTMOD),) |
12045 |
@@ -6527,7 +6527,7 @@ index 301421c..e2535d1 100644 |
12046 |
obj-$(CONFIG_SPARC64) += ultra.o tlb.o tsb.o gup.o |
12047 |
obj-y += fault_$(BITS).o |
12048 |
diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c |
12049 |
-index df3155a..eb708b8 100644 |
12050 |
+index df3155a..b6e32fa 100644 |
12051 |
--- a/arch/sparc/mm/fault_32.c |
12052 |
+++ b/arch/sparc/mm/fault_32.c |
12053 |
@@ -21,6 +21,9 @@ |
12054 |
@@ -6540,7 +6540,7 @@ index df3155a..eb708b8 100644 |
12055 |
|
12056 |
#include <asm/page.h> |
12057 |
#include <asm/pgtable.h> |
12058 |
-@@ -207,6 +210,268 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
12059 |
+@@ -207,6 +210,277 @@ static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault) |
12060 |
return safe_compute_effective_address(regs, insn); |
12061 |
} |
12062 |
|
12063 |
@@ -6631,40 +6631,49 @@ index df3155a..eb708b8 100644 |
12064 |
+ } |
12065 |
+ } while (0); |
12066 |
+ |
12067 |
-+ { /* PaX: patched PLT emulation #2 */ |
12068 |
++ do { /* PaX: patched PLT emulation #2 */ |
12069 |
+ unsigned int ba; |
12070 |
+ |
12071 |
+ err = get_user(ba, (unsigned int *)regs->pc); |
12072 |
+ |
12073 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
12074 |
++ if (err) |
12075 |
++ break; |
12076 |
++ |
12077 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
12078 |
+ unsigned int addr; |
12079 |
+ |
12080 |
-+ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
12081 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
12082 |
++ addr = regs->pc + ((((ba | 0xFFC00000U) ^ 0x00200000U) + 0x00200000U) << 2); |
12083 |
++ else |
12084 |
++ addr = regs->pc + ((((ba | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
12085 |
+ regs->pc = addr; |
12086 |
+ regs->npc = addr+4; |
12087 |
+ return 2; |
12088 |
+ } |
12089 |
-+ } |
12090 |
++ } while (0); |
12091 |
+ |
12092 |
+ do { /* PaX: patched PLT emulation #3 */ |
12093 |
-+ unsigned int sethi, jmpl, nop; |
12094 |
++ unsigned int sethi, bajmpl, nop; |
12095 |
+ |
12096 |
+ err = get_user(sethi, (unsigned int *)regs->pc); |
12097 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->pc+4)); |
12098 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->pc+4)); |
12099 |
+ err |= get_user(nop, (unsigned int *)(regs->pc+8)); |
12100 |
+ |
12101 |
+ if (err) |
12102 |
+ break; |
12103 |
+ |
12104 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
12105 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
12106 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
12107 |
+ nop == 0x01000000U) |
12108 |
+ { |
12109 |
+ unsigned int addr; |
12110 |
+ |
12111 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
12112 |
+ regs->u_regs[UREG_G1] = addr; |
12113 |
-+ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
12114 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
12115 |
++ addr += (((jmpl | 0xFFFFE000U) ^ 0x00001000U) + 0x00001000U); |
12116 |
++ else |
12117 |
++ addr = regs->pc + ((((bajmpl | 0xFFF80000U) ^ 0x00040000U) + 0x00040000U) << 2); |
12118 |
+ regs->pc = addr; |
12119 |
+ regs->npc = addr+4; |
12120 |
+ return 2; |
12121 |
@@ -6809,7 +6818,7 @@ index df3155a..eb708b8 100644 |
12122 |
static noinline void do_fault_siginfo(int code, int sig, struct pt_regs *regs, |
12123 |
int text_fault) |
12124 |
{ |
12125 |
-@@ -282,6 +547,24 @@ good_area: |
12126 |
+@@ -282,6 +556,24 @@ good_area: |
12127 |
if(!(vma->vm_flags & VM_WRITE)) |
12128 |
goto bad_area; |
12129 |
} else { |
12130 |
@@ -6835,7 +6844,7 @@ index df3155a..eb708b8 100644 |
12131 |
if(!(vma->vm_flags & (VM_READ | VM_EXEC))) |
12132 |
goto bad_area; |
12133 |
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c |
12134 |
-index 1fe0429..aee2e87 100644 |
12135 |
+index 1fe0429..8dd5dd5 100644 |
12136 |
--- a/arch/sparc/mm/fault_64.c |
12137 |
+++ b/arch/sparc/mm/fault_64.c |
12138 |
@@ -21,6 +21,9 @@ |
12139 |
@@ -6857,7 +6866,7 @@ index 1fe0429..aee2e87 100644 |
12140 |
printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr); |
12141 |
dump_stack(); |
12142 |
unhandled_fault(regs->tpc, current, regs); |
12143 |
-@@ -272,6 +275,457 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, |
12144 |
+@@ -272,6 +275,466 @@ static void noinline __kprobes bogus_32bit_fault_address(struct pt_regs *regs, |
12145 |
show_regs(regs); |
12146 |
} |
12147 |
|
12148 |
@@ -6952,15 +6961,21 @@ index 1fe0429..aee2e87 100644 |
12149 |
+ } |
12150 |
+ } while (0); |
12151 |
+ |
12152 |
-+ { /* PaX: patched PLT emulation #2 */ |
12153 |
++ do { /* PaX: patched PLT emulation #2 */ |
12154 |
+ unsigned int ba; |
12155 |
+ |
12156 |
+ err = get_user(ba, (unsigned int *)regs->tpc); |
12157 |
+ |
12158 |
-+ if (!err && (ba & 0xFFC00000U) == 0x30800000U) { |
12159 |
++ if (err) |
12160 |
++ break; |
12161 |
++ |
12162 |
++ if ((ba & 0xFFC00000U) == 0x30800000U || (ba & 0xFFF80000U) == 0x30480000U) { |
12163 |
+ unsigned long addr; |
12164 |
+ |
12165 |
-+ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
12166 |
++ if ((ba & 0xFFC00000U) == 0x30800000U) |
12167 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFC00000UL) ^ 0x00200000UL) + 0x00200000UL) << 2); |
12168 |
++ else |
12169 |
++ addr = regs->tpc + ((((ba | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
12170 |
+ |
12171 |
+ if (test_thread_flag(TIF_32BIT)) |
12172 |
+ addr &= 0xFFFFFFFFUL; |
12173 |
@@ -6969,27 +6984,30 @@ index 1fe0429..aee2e87 100644 |
12174 |
+ regs->tnpc = addr+4; |
12175 |
+ return 2; |
12176 |
+ } |
12177 |
-+ } |
12178 |
++ } while (0); |
12179 |
+ |
12180 |
+ do { /* PaX: patched PLT emulation #3 */ |
12181 |
-+ unsigned int sethi, jmpl, nop; |
12182 |
++ unsigned int sethi, bajmpl, nop; |
12183 |
+ |
12184 |
+ err = get_user(sethi, (unsigned int *)regs->tpc); |
12185 |
-+ err |= get_user(jmpl, (unsigned int *)(regs->tpc+4)); |
12186 |
++ err |= get_user(bajmpl, (unsigned int *)(regs->tpc+4)); |
12187 |
+ err |= get_user(nop, (unsigned int *)(regs->tpc+8)); |
12188 |
+ |
12189 |
+ if (err) |
12190 |
+ break; |
12191 |
+ |
12192 |
+ if ((sethi & 0xFFC00000U) == 0x03000000U && |
12193 |
-+ (jmpl & 0xFFFFE000U) == 0x81C06000U && |
12194 |
++ ((bajmpl & 0xFFFFE000U) == 0x81C06000U || (bajmpl & 0xFFF80000U) == 0x30480000U) && |
12195 |
+ nop == 0x01000000U) |
12196 |
+ { |
12197 |
+ unsigned long addr; |
12198 |
+ |
12199 |
+ addr = (sethi & 0x003FFFFFU) << 10; |
12200 |
+ regs->u_regs[UREG_G1] = addr; |
12201 |
-+ addr += (((jmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
12202 |
++ if ((bajmpl & 0xFFFFE000U) == 0x81C06000U) |
12203 |
++ addr += (((bajmpl | 0xFFFFFFFFFFFFE000UL) ^ 0x00001000UL) + 0x00001000UL); |
12204 |
++ else |
12205 |
++ addr = regs->tpc + ((((bajmpl | 0xFFFFFFFFFFF80000UL) ^ 0x00040000UL) + 0x00040000UL) << 2); |
12206 |
+ |
12207 |
+ if (test_thread_flag(TIF_32BIT)) |
12208 |
+ addr &= 0xFFFFFFFFUL; |
12209 |
@@ -7315,7 +7333,7 @@ index 1fe0429..aee2e87 100644 |
12210 |
asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs) |
12211 |
{ |
12212 |
struct mm_struct *mm = current->mm; |
12213 |
-@@ -343,6 +797,29 @@ retry: |
12214 |
+@@ -343,6 +806,29 @@ retry: |
12215 |
if (!vma) |
12216 |
goto bad_area; |
12217 |
|
12218 |
@@ -59419,7 +59437,7 @@ index f1c8ca6..b5c1cc7 100644 |
12219 |
#define ACPI_DRIVER_ALL_NOTIFY_EVENTS 0x1 /* system AND device events */ |
12220 |
|
12221 |
diff --git a/include/asm-generic/atomic-long.h b/include/asm-generic/atomic-long.h |
12222 |
-index b7babf0..c1e2d45 100644 |
12223 |
+index b7babf0..3ba8aee 100644 |
12224 |
--- a/include/asm-generic/atomic-long.h |
12225 |
+++ b/include/asm-generic/atomic-long.h |
12226 |
@@ -22,6 +22,12 @@ |
12227 |
@@ -59672,7 +59690,7 @@ index b7babf0..c1e2d45 100644 |
12228 |
static inline long atomic_long_dec_return(atomic_long_t *l) |
12229 |
{ |
12230 |
atomic_t *v = (atomic_t *)l; |
12231 |
-@@ -255,4 +393,53 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
12232 |
+@@ -255,4 +393,55 @@ static inline long atomic_long_add_unless(atomic_long_t *l, long a, long u) |
12233 |
|
12234 |
#endif /* BITS_PER_LONG == 64 */ |
12235 |
|
12236 |
@@ -59690,8 +59708,10 @@ index b7babf0..c1e2d45 100644 |
12237 |
+ atomic_dec_unchecked((atomic_unchecked_t *)NULL); |
12238 |
+ atomic_cmpxchg_unchecked((atomic_unchecked_t *)NULL, 0, 0); |
12239 |
+ (void)atomic_xchg_unchecked((atomic_unchecked_t *)NULL, 0); |
12240 |
++#ifdef CONFIG_X86 |
12241 |
+ atomic_clear_mask_unchecked(0, NULL); |
12242 |
+ atomic_set_mask_unchecked(0, NULL); |
12243 |
++#endif |
12244 |
+ |
12245 |
+ atomic_long_read_unchecked((atomic_long_unchecked_t *)NULL); |
12246 |
+ atomic_long_set_unchecked((atomic_long_unchecked_t *)NULL, 0); |
12247 |
@@ -60204,10 +60224,10 @@ index 42e55de..1cd0e66 100644 |
12248 |
extern struct cleancache_ops |
12249 |
cleancache_register_ops(struct cleancache_ops *ops); |
12250 |
diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h |
12251 |
-index 2f40791..a62d196 100644 |
12252 |
+index 2f40791..9c9e13c 100644 |
12253 |
--- a/include/linux/compiler-gcc4.h |
12254 |
+++ b/include/linux/compiler-gcc4.h |
12255 |
-@@ -32,6 +32,16 @@ |
12256 |
+@@ -32,6 +32,20 @@ |
12257 |
#define __linktime_error(message) __attribute__((__error__(message))) |
12258 |
|
12259 |
#if __GNUC_MINOR__ >= 5 |
12260 |
@@ -60221,10 +60241,14 @@ index 2f40791..a62d196 100644 |
12261 |
+#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__))) |
12262 |
+#endif |
12263 |
+ |
12264 |
++#ifdef LATENT_ENTROPY_PLUGIN |
12265 |
++#define __latent_entropy __attribute__((latent_entropy)) |
12266 |
++#endif |
12267 |
++ |
12268 |
/* |
12269 |
* Mark a position in code as unreachable. This can be used to |
12270 |
* suppress control flow warnings after asm blocks that transfer |
12271 |
-@@ -47,6 +57,11 @@ |
12272 |
+@@ -47,6 +61,11 @@ |
12273 |
#define __noclone __attribute__((__noclone__)) |
12274 |
|
12275 |
#endif |
12276 |
@@ -60237,7 +60261,7 @@ index 2f40791..a62d196 100644 |
12277 |
|
12278 |
#if __GNUC_MINOR__ > 0 |
12279 |
diff --git a/include/linux/compiler.h b/include/linux/compiler.h |
12280 |
-index 923d093..726c17f 100644 |
12281 |
+index 923d093..1fef491 100644 |
12282 |
--- a/include/linux/compiler.h |
12283 |
+++ b/include/linux/compiler.h |
12284 |
@@ -5,31 +5,62 @@ |
12285 |
@@ -60313,7 +60337,7 @@ index 923d093..726c17f 100644 |
12286 |
#endif |
12287 |
|
12288 |
#ifdef __KERNEL__ |
12289 |
-@@ -264,6 +297,18 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12290 |
+@@ -264,6 +297,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12291 |
# define __attribute_const__ /* unimplemented */ |
12292 |
#endif |
12293 |
|
12294 |
@@ -60329,10 +60353,14 @@ index 923d093..726c17f 100644 |
12295 |
+# define __size_overflow(...) |
12296 |
+#endif |
12297 |
+ |
12298 |
++#ifndef __latent_entropy |
12299 |
++# define __latent_entropy |
12300 |
++#endif |
12301 |
++ |
12302 |
/* |
12303 |
* Tell gcc if a function is cold. The compiler will assume any path |
12304 |
* directly leading to the call is unlikely. |
12305 |
-@@ -273,6 +318,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12306 |
+@@ -273,6 +322,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12307 |
#define __cold |
12308 |
#endif |
12309 |
|
12310 |
@@ -60355,7 +60383,7 @@ index 923d093..726c17f 100644 |
12311 |
/* Simple shorthand for a section definition */ |
12312 |
#ifndef __section |
12313 |
# define __section(S) __attribute__ ((__section__(#S))) |
12314 |
-@@ -308,6 +369,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12315 |
+@@ -308,6 +373,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); |
12316 |
* use is to mediate communication between process-level code and irq/NMI |
12317 |
* handlers, all running on the same CPU. |
12318 |
*/ |
12319 |
@@ -61887,10 +61915,54 @@ index 58404b0..439ed95 100644 |
12320 |
}; |
12321 |
|
12322 |
diff --git a/include/linux/init.h b/include/linux/init.h |
12323 |
-index 6b95109..4aca62c 100644 |
12324 |
+index 6b95109..bcbdd68 100644 |
12325 |
--- a/include/linux/init.h |
12326 |
+++ b/include/linux/init.h |
12327 |
-@@ -294,13 +294,13 @@ void __init parse_early_options(char *cmdline); |
12328 |
+@@ -39,9 +39,15 @@ |
12329 |
+ * Also note, that this data cannot be "const". |
12330 |
+ */ |
12331 |
+ |
12332 |
++#ifdef MODULE |
12333 |
++#define add_latent_entropy |
12334 |
++#else |
12335 |
++#define add_latent_entropy __latent_entropy |
12336 |
++#endif |
12337 |
++ |
12338 |
+ /* These are for everybody (although not all archs will actually |
12339 |
+ discard it in modules) */ |
12340 |
+-#define __init __section(.init.text) __cold notrace |
12341 |
++#define __init __section(.init.text) __cold notrace add_latent_entropy |
12342 |
+ #define __initdata __section(.init.data) |
12343 |
+ #define __initconst __section(.init.rodata) |
12344 |
+ #define __exitdata __section(.exit.data) |
12345 |
+@@ -83,7 +89,7 @@ |
12346 |
+ #define __exit __section(.exit.text) __exitused __cold notrace |
12347 |
+ |
12348 |
+ /* Used for HOTPLUG */ |
12349 |
+-#define __devinit __section(.devinit.text) __cold notrace |
12350 |
++#define __devinit __section(.devinit.text) __cold notrace add_latent_entropy |
12351 |
+ #define __devinitdata __section(.devinit.data) |
12352 |
+ #define __devinitconst __section(.devinit.rodata) |
12353 |
+ #define __devexit __section(.devexit.text) __exitused __cold notrace |
12354 |
+@@ -91,7 +97,7 @@ |
12355 |
+ #define __devexitconst __section(.devexit.rodata) |
12356 |
+ |
12357 |
+ /* Used for HOTPLUG_CPU */ |
12358 |
+-#define __cpuinit __section(.cpuinit.text) __cold notrace |
12359 |
++#define __cpuinit __section(.cpuinit.text) __cold notrace add_latent_entropy |
12360 |
+ #define __cpuinitdata __section(.cpuinit.data) |
12361 |
+ #define __cpuinitconst __section(.cpuinit.rodata) |
12362 |
+ #define __cpuexit __section(.cpuexit.text) __exitused __cold notrace |
12363 |
+@@ -99,7 +105,7 @@ |
12364 |
+ #define __cpuexitconst __section(.cpuexit.rodata) |
12365 |
+ |
12366 |
+ /* Used for MEMORY_HOTPLUG */ |
12367 |
+-#define __meminit __section(.meminit.text) __cold notrace |
12368 |
++#define __meminit __section(.meminit.text) __cold notrace add_latent_entropy |
12369 |
+ #define __meminitdata __section(.meminit.data) |
12370 |
+ #define __meminitconst __section(.meminit.rodata) |
12371 |
+ #define __memexit __section(.memexit.text) __exitused __cold notrace |
12372 |
+@@ -294,13 +300,13 @@ void __init parse_early_options(char *cmdline); |
12373 |
|
12374 |
/* Each module must use one module_init(). */ |
12375 |
#define module_init(initfn) \ |
12376 |
@@ -71262,7 +71334,7 @@ index bf5b485..e44c2cb 100644 |
12377 |
capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); |
12378 |
|
12379 |
diff --git a/mm/mlock.c b/mm/mlock.c |
12380 |
-index ef726e8..13e0901 100644 |
12381 |
+index ef726e8..cd7f1ec 100644 |
12382 |
--- a/mm/mlock.c |
12383 |
+++ b/mm/mlock.c |
12384 |
@@ -13,6 +13,7 @@ |
12385 |
@@ -71273,6 +71345,15 @@ index ef726e8..13e0901 100644 |
12386 |
#include <linux/sched.h> |
12387 |
#include <linux/export.h> |
12388 |
#include <linux/rmap.h> |
12389 |
+@@ -376,7 +377,7 @@ static int do_mlock(unsigned long start, size_t len, int on) |
12390 |
+ { |
12391 |
+ unsigned long nstart, end, tmp; |
12392 |
+ struct vm_area_struct * vma, * prev; |
12393 |
+- int error; |
12394 |
++ int error = 0; |
12395 |
+ |
12396 |
+ VM_BUG_ON(start & ~PAGE_MASK); |
12397 |
+ VM_BUG_ON(len != PAGE_ALIGN(len)); |
12398 |
@@ -385,6 +386,9 @@ static int do_mlock(unsigned long start, size_t len, int on) |
12399 |
return -EINVAL; |
12400 |
if (end == start) |
12401 |
@@ -78607,10 +78688,10 @@ index 5c11312..72742b5 100644 |
12402 |
write_hex_cnt = 0; |
12403 |
for (i = 0; i < logo_clutsize; i++) { |
12404 |
diff --git a/security/Kconfig b/security/Kconfig |
12405 |
-index ccc61f8..a2bd35c 100644 |
12406 |
+index ccc61f8..5e68d73 100644 |
12407 |
--- a/security/Kconfig |
12408 |
+++ b/security/Kconfig |
12409 |
-@@ -4,6 +4,874 @@ |
12410 |
+@@ -4,6 +4,875 @@ |
12411 |
|
12412 |
menu "Security options" |
12413 |
|
12414 |
@@ -79462,6 +79543,7 @@ index ccc61f8..a2bd35c 100644 |
12415 |
+ |
12416 |
+config PAX_LATENT_ENTROPY |
12417 |
+ bool "Generate some entropy during boot" |
12418 |
++ default y if GRKERNSEC_CONFIG_AUTO |
12419 |
+ help |
12420 |
+ By saying Y here the kernel will instrument early boot code to |
12421 |
+ extract some entropy from both original and artificially created |
12422 |
@@ -79485,7 +79567,7 @@ index ccc61f8..a2bd35c 100644 |
12423 |
config KEYS |
12424 |
bool "Enable access key retention support" |
12425 |
help |
12426 |
-@@ -169,7 +1037,7 @@ config INTEL_TXT |
12427 |
+@@ -169,7 +1038,7 @@ config INTEL_TXT |
12428 |
config LSM_MMAP_MIN_ADDR |
12429 |
int "Low address space for LSM to protect from user allocation" |
12430 |
depends on SECURITY && SECURITY_SELINUX |
12431 |
@@ -80358,7 +80440,7 @@ index 0000000..50f2f2f |
12432 |
+size_overflow_hash.h |
12433 |
diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile |
12434 |
new file mode 100644 |
12435 |
-index 0000000..e9d4079 |
12436 |
+index 0000000..1d09b7e |
12437 |
--- /dev/null |
12438 |
+++ b/tools/gcc/Makefile |
12439 |
@@ -0,0 +1,43 @@ |
12440 |
@@ -80370,10 +80452,10 @@ index 0000000..e9d4079 |
12441 |
+ |
12442 |
+ifeq ($(PLUGINCC),$(HOSTCC)) |
12443 |
+HOSTLIBS := hostlibs |
12444 |
-+HOST_EXTRACFLAGS += -Iinclude -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu99 -ggdb |
12445 |
++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu99 -ggdb |
12446 |
+else |
12447 |
+HOSTLIBS := hostcxxlibs |
12448 |
-+HOST_EXTRACXXFLAGS += -Iinclude -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu++98 -ggdb -Wno-unused-parameter |
12449 |
++HOST_EXTRACXXFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu++98 -ggdb -Wno-unused-parameter |
12450 |
+endif |
12451 |
+ |
12452 |
+$(HOSTLIBS)-y := constify_plugin.so |
12453 |
@@ -81778,10 +81860,10 @@ index 0000000..98011fa |
12454 |
+} |
12455 |
diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
12456 |
new file mode 100644 |
12457 |
-index 0000000..9788bfe |
12458 |
+index 0000000..b8008f7 |
12459 |
--- /dev/null |
12460 |
+++ b/tools/gcc/latent_entropy_plugin.c |
12461 |
-@@ -0,0 +1,291 @@ |
12462 |
+@@ -0,0 +1,295 @@ |
12463 |
+/* |
12464 |
+ * Copyright 2012 by the PaX Team <pageexec@××××××××.hu> |
12465 |
+ * Licensed under the GPL v2 |
12466 |
@@ -81795,10 +81877,12 @@ index 0000000..9788bfe |
12467 |
+ * used during boot in the kernel |
12468 |
+ * |
12469 |
+ * TODO: |
12470 |
-+ * - quite a few, see the comments :) |
12471 |
++ * - add ipa pass to identify not explicitly marked candidate functions |
12472 |
++ * - mix in more program state (function arguments/return values, loop variables, etc) |
12473 |
++ * - more instrumentation control via attribute parameters |
12474 |
+ * |
12475 |
+ * BUGS: |
12476 |
-+ * - none known |
12477 |
++ * - LTO needs -flto-partition=none for now |
12478 |
+ */ |
12479 |
+#include "gcc-plugin.h" |
12480 |
+#include "config.h" |
12481 |
@@ -81820,17 +81904,13 @@ index 0000000..9788bfe |
12482 |
+#include "rtl.h" |
12483 |
+#include "emit-rtl.h" |
12484 |
+#include "tree-flow.h" |
12485 |
-+#include "cpplib.h" |
12486 |
-+#include "c-pragma.h" |
12487 |
-+ |
12488 |
-+#include "linux/kconfig.h" |
12489 |
+ |
12490 |
+int plugin_is_GPL_compatible; |
12491 |
+ |
12492 |
+static tree latent_entropy_decl; |
12493 |
+ |
12494 |
+static struct plugin_info latent_entropy_plugin_info = { |
12495 |
-+ .version = "201207202140", |
12496 |
++ .version = "201207271820", |
12497 |
+ .help = NULL |
12498 |
+}; |
12499 |
+ |
12500 |
@@ -81855,54 +81935,39 @@ index 0000000..9788bfe |
12501 |
+ } |
12502 |
+}; |
12503 |
+ |
12504 |
-+// for kernel use we just want to instrument some of the boot code |
12505 |
-+// for userland use this would need changes |
12506 |
-+static bool gate_latent_entropy(void) |
12507 |
++static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
12508 |
+{ |
12509 |
-+ tree section_attr; |
12510 |
-+ const char *section_name; |
12511 |
-+ |
12512 |
-+ // don't instrument modules |
12513 |
-+ if (cpp_defined(parse_in, (const unsigned char *)"MODULE", 6)) |
12514 |
-+ return false; |
12515 |
-+ |
12516 |
-+ // don't instrument normal code |
12517 |
-+ section_attr = lookup_attribute("section", DECL_ATTRIBUTES(current_function_decl)); |
12518 |
-+ if (!section_attr || !TREE_VALUE(section_attr)) |
12519 |
-+ return false; |
12520 |
-+ |
12521 |
-+ section_name = TREE_STRING_POINTER(TREE_VALUE(TREE_VALUE(section_attr))); |
12522 |
-+ |
12523 |
-+ // instrument code in boot related sections |
12524 |
-+ if (!strncmp(section_name, ".init.text", 10)) |
12525 |
-+ return true; |
12526 |
-+ |
12527 |
-+ if (!strncmp(section_name, ".initcall", 9)) |
12528 |
-+ return true; |
12529 |
-+ |
12530 |
-+ if (!strncmp(section_name, ".con_initcall", 13)) |
12531 |
-+ return true; |
12532 |
-+ |
12533 |
-+ if (!strncmp(section_name, ".security_initcall", 18)) |
12534 |
-+ return true; |
12535 |
++ if (TREE_CODE(*node) != FUNCTION_DECL) { |
12536 |
++ *no_add_attrs = true; |
12537 |
++ error("%qE attribute only applies to functions", name); |
12538 |
++ } |
12539 |
++ return NULL_TREE; |
12540 |
++} |
12541 |
+ |
12542 |
-+#ifndef CONFIG_HOTPLUG |
12543 |
-+ if (!strncmp(section_name, ".devinit.text", 13)) |
12544 |
-+ return true; |
12545 |
++static struct attribute_spec latent_entropy_attr = { |
12546 |
++ .name = "latent_entropy", |
12547 |
++ .min_length = 0, |
12548 |
++ .max_length = 0, |
12549 |
++ .decl_required = true, |
12550 |
++ .type_required = false, |
12551 |
++ .function_type_required = false, |
12552 |
++ .handler = handle_latent_entropy_attribute, |
12553 |
++#if BUILDING_GCC_VERSION >= 4007 |
12554 |
++ .affects_type_identity = false |
12555 |
+#endif |
12556 |
++}; |
12557 |
+ |
12558 |
-+#ifndef CONFIG_HOTPLUG_CPU |
12559 |
-+ if (!strncmp(section_name, ".cpuinit.text", 13)) |
12560 |
-+ return true; |
12561 |
-+#endif |
12562 |
++static void register_attributes(void *event_data, void *data) |
12563 |
++{ |
12564 |
++ register_attribute(&latent_entropy_attr); |
12565 |
++} |
12566 |
+ |
12567 |
-+#ifndef CONFIG_HOTPLUG_MEMORY |
12568 |
-+ if (!strncmp(section_name, ".meminit.text", 13)) |
12569 |
-+ return true; |
12570 |
-+#endif |
12571 |
++static bool gate_latent_entropy(void) |
12572 |
++{ |
12573 |
++ tree latent_entropy_attr; |
12574 |
+ |
12575 |
-+ // TODO check whether cfun is static and all its callers meet the above criteria |
12576 |
-+ return false; |
12577 |
++ latent_entropy_attr = lookup_attribute("latent_entropy", DECL_ATTRIBUTES(current_function_decl)); |
12578 |
++ return latent_entropy_attr != NULL_TREE; |
12579 |
+} |
12580 |
+ |
12581 |
+static unsigned HOST_WIDE_INT seed; |
12582 |
@@ -81988,8 +82053,6 @@ index 0000000..9788bfe |
12583 |
+ find_referenced_vars_in(assign); |
12584 |
+ gsi_insert_after(&gsi, assign, GSI_NEW_STMT); |
12585 |
+ update_stmt(assign); |
12586 |
-+ |
12587 |
-+ // TODO we could mix in more local state such as function return values, etc |
12588 |
+} |
12589 |
+ |
12590 |
+static unsigned int execute_latent_entropy(void) |
12591 |
@@ -81999,6 +82062,23 @@ index 0000000..9788bfe |
12592 |
+ gimple_stmt_iterator gsi; |
12593 |
+ tree local_entropy; |
12594 |
+ |
12595 |
++ if (!latent_entropy_decl) { |
12596 |
++ struct varpool_node *node; |
12597 |
++ |
12598 |
++ for (node = varpool_nodes; node; node = node->next) { |
12599 |
++ tree var = node->decl; |
12600 |
++ if (strcmp(IDENTIFIER_POINTER(DECL_NAME(var)), "latent_entropy")) |
12601 |
++ continue; |
12602 |
++ latent_entropy_decl = var; |
12603 |
++// debug_tree(var); |
12604 |
++ break; |
12605 |
++ } |
12606 |
++ if (!latent_entropy_decl) { |
12607 |
++// debug_tree(current_function_decl); |
12608 |
++ return 0; |
12609 |
++ } |
12610 |
++ } |
12611 |
++ |
12612 |
+//fprintf(stderr, "latent_entropy: %s\n", IDENTIFIER_POINTER(DECL_NAME(current_function_decl))); |
12613 |
+ |
12614 |
+ // 1. create local entropy variable |
12615 |
@@ -82032,24 +82112,29 @@ index 0000000..9788bfe |
12616 |
+ |
12617 |
+static void start_unit_callback(void *gcc_data, void *user_data) |
12618 |
+{ |
12619 |
++#if BUILDING_GCC_VERSION >= 4007 |
12620 |
++ seed = get_random_seed(false); |
12621 |
++#else |
12622 |
++ sscanf(get_random_seed(false), "%" HOST_WIDE_INT_PRINT "x", &seed); |
12623 |
++ seed *= seed; |
12624 |
++#endif |
12625 |
++ |
12626 |
++ if (in_lto_p) |
12627 |
++ return; |
12628 |
++ |
12629 |
+ // extern u64 latent_entropy |
12630 |
+ latent_entropy_decl = build_decl(UNKNOWN_LOCATION, VAR_DECL, get_identifier("latent_entropy"), unsigned_intDI_type_node); |
12631 |
+ |
12632 |
+ TREE_STATIC(latent_entropy_decl) = 1; |
12633 |
+ TREE_PUBLIC(latent_entropy_decl) = 1; |
12634 |
++ TREE_USED(latent_entropy_decl) = 1; |
12635 |
++ TREE_THIS_VOLATILE(latent_entropy_decl) = 1; |
12636 |
+ DECL_EXTERNAL(latent_entropy_decl) = 1; |
12637 |
-+ DECL_ARTIFICIAL(latent_entropy_decl) = 1; |
12638 |
++ DECL_ARTIFICIAL(latent_entropy_decl) = 0; |
12639 |
+ DECL_INITIAL(latent_entropy_decl) = NULL; |
12640 |
+// DECL_ASSEMBLER_NAME(latent_entropy_decl); |
12641 |
+// varpool_finalize_decl(latent_entropy_decl); |
12642 |
+// varpool_mark_needed_node(latent_entropy_decl); |
12643 |
-+ |
12644 |
-+#if BUILDING_GCC_VERSION >= 4007 |
12645 |
-+ seed = get_random_seed(false); |
12646 |
-+#else |
12647 |
-+ sscanf(get_random_seed(false), "%" HOST_WIDE_INT_PRINT "x", &seed); |
12648 |
-+ seed *= seed; |
12649 |
-+#endif |
12650 |
+} |
12651 |
+ |
12652 |
+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version) |
12653 |
@@ -82070,6 +82155,7 @@ index 0000000..9788bfe |
12654 |
+ register_callback(plugin_name, PLUGIN_INFO, NULL, &latent_entropy_plugin_info); |
12655 |
+ register_callback ("start_unit", PLUGIN_START_UNIT, &start_unit_callback, NULL); |
12656 |
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &latent_entropy_pass_info); |
12657 |
++ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL); |
12658 |
+ |
12659 |
+ return 0; |
12660 |
+} |