1 |
commit: fef0e13499bf94e5df62bf9b4ba3b396f9a6b813 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 28 12:36:10 2017 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 28 12:36:10 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=fef0e134 |
7 |
|
8 |
grsecurity-3.1-4.9.13-201702270729 |
9 |
|
10 |
{4.9.12 => 4.9.13}/0000_README | 6 +- |
11 |
4.9.13/1012_linux-4.9.13.patch | 1079 ++++++++++++++++++++ |
12 |
.../4420_grsecurity-3.1-4.9.13-201702270729.patch | 161 ++- |
13 |
{4.9.12 => 4.9.13}/4425_grsec_remove_EI_PAX.patch | 0 |
14 |
.../4426_default_XATTR_PAX_FLAGS.patch | 0 |
15 |
.../4427_force_XATTR_PAX_tmpfs.patch | 0 |
16 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
17 |
{4.9.12 => 4.9.13}/4435_grsec-mute-warnings.patch | 0 |
18 |
.../4440_grsec-remove-protected-paths.patch | 0 |
19 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
20 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
21 |
{4.9.12 => 4.9.13}/4470_disable-compat_vdso.patch | 0 |
22 |
{4.9.12 => 4.9.13}/4475_emutramp_default_on.patch | 0 |
23 |
13 files changed, 1158 insertions(+), 88 deletions(-) |
24 |
|
25 |
diff --git a/4.9.12/0000_README b/4.9.13/0000_README |
26 |
similarity index 93% |
27 |
rename from 4.9.12/0000_README |
28 |
rename to 4.9.13/0000_README |
29 |
index fde5541..733ff59 100644 |
30 |
--- a/4.9.12/0000_README |
31 |
+++ b/4.9.13/0000_README |
32 |
@@ -2,7 +2,11 @@ README |
33 |
----------------------------------------------------------------------------- |
34 |
Individual Patch Descriptions: |
35 |
----------------------------------------------------------------------------- |
36 |
-Patch: 4420_grsecurity-3.1-4.9.12-201702231830.patch |
37 |
+Patch: 1012_linux-4.9.13.patch |
38 |
+From: http://www.kernel.org |
39 |
+Desc: Linux 4.9.13 |
40 |
+ |
41 |
+Patch: 4420_grsecurity-3.1-4.9.13-201702270729.patch |
42 |
From: http://www.grsecurity.net |
43 |
Desc: hardened-sources base patch from upstream grsecurity |
44 |
|
45 |
|
46 |
diff --git a/4.9.13/1012_linux-4.9.13.patch b/4.9.13/1012_linux-4.9.13.patch |
47 |
new file mode 100644 |
48 |
index 0000000..8a48815 |
49 |
--- /dev/null |
50 |
+++ b/4.9.13/1012_linux-4.9.13.patch |
51 |
@@ -0,0 +1,1079 @@ |
52 |
+diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt |
53 |
+index 922dec8..65b05ba 100644 |
54 |
+--- a/Documentation/kernel-parameters.txt |
55 |
++++ b/Documentation/kernel-parameters.txt |
56 |
+@@ -1391,6 +1391,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
57 |
+ When zero, profiling data is discarded and associated |
58 |
+ debugfs files are removed at module unload time. |
59 |
+ |
60 |
++ goldfish [X86] Enable the goldfish android emulator platform. |
61 |
++ Don't use this when you are not running on the |
62 |
++ android emulator |
63 |
++ |
64 |
+ gpt [EFI] Forces disk with valid GPT signature but |
65 |
+ invalid Protective MBR to be treated as GPT. If the |
66 |
+ primary GPT is corrupted, it enables the backup/alternate |
67 |
+diff --git a/Makefile b/Makefile |
68 |
+index 3cd6f6f..14dc275 100644 |
69 |
+--- a/Makefile |
70 |
++++ b/Makefile |
71 |
+@@ -1,6 +1,6 @@ |
72 |
+ VERSION = 4 |
73 |
+ PATCHLEVEL = 9 |
74 |
+-SUBLEVEL = 12 |
75 |
++SUBLEVEL = 13 |
76 |
+ EXTRAVERSION = |
77 |
+ NAME = Roaring Lionus |
78 |
+ |
79 |
+diff --git a/arch/x86/platform/goldfish/goldfish.c b/arch/x86/platform/goldfish/goldfish.c |
80 |
+index 1693107..0d17c0a 100644 |
81 |
+--- a/arch/x86/platform/goldfish/goldfish.c |
82 |
++++ b/arch/x86/platform/goldfish/goldfish.c |
83 |
+@@ -42,10 +42,22 @@ static struct resource goldfish_pdev_bus_resources[] = { |
84 |
+ } |
85 |
+ }; |
86 |
+ |
87 |
++static bool goldfish_enable __initdata; |
88 |
++ |
89 |
++static int __init goldfish_setup(char *str) |
90 |
++{ |
91 |
++ goldfish_enable = true; |
92 |
++ return 0; |
93 |
++} |
94 |
++__setup("goldfish", goldfish_setup); |
95 |
++ |
96 |
+ static int __init goldfish_init(void) |
97 |
+ { |
98 |
++ if (!goldfish_enable) |
99 |
++ return -ENODEV; |
100 |
++ |
101 |
+ platform_device_register_simple("goldfish_pdev_bus", -1, |
102 |
+- goldfish_pdev_bus_resources, 2); |
103 |
++ goldfish_pdev_bus_resources, 2); |
104 |
+ return 0; |
105 |
+ } |
106 |
+ device_initcall(goldfish_init); |
107 |
+diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c |
108 |
+index 6bb21b3..a543ea6 100644 |
109 |
+--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c |
110 |
++++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c |
111 |
+@@ -567,10 +567,14 @@ int mlx5e_stats_flower(struct mlx5e_priv *priv, |
112 |
+ |
113 |
+ mlx5_fc_query_cached(counter, &bytes, &packets, &lastuse); |
114 |
+ |
115 |
++ preempt_disable(); |
116 |
++ |
117 |
+ tcf_exts_to_list(f->exts, &actions); |
118 |
+ list_for_each_entry(a, &actions, list) |
119 |
+ tcf_action_stats_update(a, bytes, packets, lastuse); |
120 |
+ |
121 |
++ preempt_enable(); |
122 |
++ |
123 |
+ return 0; |
124 |
+ } |
125 |
+ |
126 |
+diff --git a/drivers/net/ethernet/ti/cpsw.c b/drivers/net/ethernet/ti/cpsw.c |
127 |
+index b9087b8..3f1971d 100644 |
128 |
+--- a/drivers/net/ethernet/ti/cpsw.c |
129 |
++++ b/drivers/net/ethernet/ti/cpsw.c |
130 |
+@@ -2925,7 +2925,7 @@ static int cpsw_resume(struct device *dev) |
131 |
+ { |
132 |
+ struct platform_device *pdev = to_platform_device(dev); |
133 |
+ struct net_device *ndev = platform_get_drvdata(pdev); |
134 |
+- struct cpsw_common *cpsw = netdev_priv(ndev); |
135 |
++ struct cpsw_common *cpsw = ndev_to_cpsw(ndev); |
136 |
+ |
137 |
+ /* Select default pin state */ |
138 |
+ pinctrl_pm_select_default_state(dev); |
139 |
+diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
140 |
+index 0fafaa9..d4f495b 100644 |
141 |
+--- a/drivers/net/vxlan.c |
142 |
++++ b/drivers/net/vxlan.c |
143 |
+@@ -2449,7 +2449,8 @@ static int vxlan_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb) |
144 |
+ return -EINVAL; |
145 |
+ rt = vxlan_get_route(vxlan, skb, 0, info->key.tos, |
146 |
+ info->key.u.ipv4.dst, |
147 |
+- &info->key.u.ipv4.src, NULL, info); |
148 |
++ &info->key.u.ipv4.src, |
149 |
++ &info->dst_cache, info); |
150 |
+ if (IS_ERR(rt)) |
151 |
+ return PTR_ERR(rt); |
152 |
+ ip_rt_put(rt); |
153 |
+@@ -2459,7 +2460,8 @@ static int vxlan_fill_metadata_dst(struct net_device *dev, struct sk_buff *skb) |
154 |
+ |
155 |
+ ndst = vxlan6_get_route(vxlan, skb, 0, info->key.tos, |
156 |
+ info->key.label, &info->key.u.ipv6.dst, |
157 |
+- &info->key.u.ipv6.src, NULL, info); |
158 |
++ &info->key.u.ipv6.src, |
159 |
++ &info->dst_cache, info); |
160 |
+ if (IS_ERR(ndst)) |
161 |
+ return PTR_ERR(ndst); |
162 |
+ dst_release(ndst); |
163 |
+diff --git a/drivers/net/wireless/realtek/rtlwifi/usb.c b/drivers/net/wireless/realtek/rtlwifi/usb.c |
164 |
+index 3837bbd..ae0c48f 100644 |
165 |
+--- a/drivers/net/wireless/realtek/rtlwifi/usb.c |
166 |
++++ b/drivers/net/wireless/realtek/rtlwifi/usb.c |
167 |
+@@ -831,12 +831,30 @@ static void rtl_usb_stop(struct ieee80211_hw *hw) |
168 |
+ struct rtl_priv *rtlpriv = rtl_priv(hw); |
169 |
+ struct rtl_hal *rtlhal = rtl_hal(rtl_priv(hw)); |
170 |
+ struct rtl_usb *rtlusb = rtl_usbdev(rtl_usbpriv(hw)); |
171 |
++ struct urb *urb; |
172 |
+ |
173 |
+ /* should after adapter start and interrupt enable. */ |
174 |
+ set_hal_stop(rtlhal); |
175 |
+ cancel_work_sync(&rtlpriv->works.fill_h2c_cmd); |
176 |
+ /* Enable software */ |
177 |
+ SET_USB_STOP(rtlusb); |
178 |
++ |
179 |
++ /* free pre-allocated URBs from rtl_usb_start() */ |
180 |
++ usb_kill_anchored_urbs(&rtlusb->rx_submitted); |
181 |
++ |
182 |
++ tasklet_kill(&rtlusb->rx_work_tasklet); |
183 |
++ cancel_work_sync(&rtlpriv->works.lps_change_work); |
184 |
++ |
185 |
++ flush_workqueue(rtlpriv->works.rtl_wq); |
186 |
++ |
187 |
++ skb_queue_purge(&rtlusb->rx_queue); |
188 |
++ |
189 |
++ while ((urb = usb_get_from_anchor(&rtlusb->rx_cleanup_urbs))) { |
190 |
++ usb_free_coherent(urb->dev, urb->transfer_buffer_length, |
191 |
++ urb->transfer_buffer, urb->transfer_dma); |
192 |
++ usb_free_urb(urb); |
193 |
++ } |
194 |
++ |
195 |
+ rtlpriv->cfg->ops->hw_disable(hw); |
196 |
+ } |
197 |
+ |
198 |
+diff --git a/drivers/platform/goldfish/pdev_bus.c b/drivers/platform/goldfish/pdev_bus.c |
199 |
+index 1f52462..dd9ea46 100644 |
200 |
+--- a/drivers/platform/goldfish/pdev_bus.c |
201 |
++++ b/drivers/platform/goldfish/pdev_bus.c |
202 |
+@@ -157,23 +157,26 @@ static int goldfish_new_pdev(void) |
203 |
+ static irqreturn_t goldfish_pdev_bus_interrupt(int irq, void *dev_id) |
204 |
+ { |
205 |
+ irqreturn_t ret = IRQ_NONE; |
206 |
++ |
207 |
+ while (1) { |
208 |
+ u32 op = readl(pdev_bus_base + PDEV_BUS_OP); |
209 |
+- switch (op) { |
210 |
+- case PDEV_BUS_OP_DONE: |
211 |
+- return IRQ_NONE; |
212 |
+ |
213 |
++ switch (op) { |
214 |
+ case PDEV_BUS_OP_REMOVE_DEV: |
215 |
+ goldfish_pdev_remove(); |
216 |
++ ret = IRQ_HANDLED; |
217 |
+ break; |
218 |
+ |
219 |
+ case PDEV_BUS_OP_ADD_DEV: |
220 |
+ goldfish_new_pdev(); |
221 |
++ ret = IRQ_HANDLED; |
222 |
+ break; |
223 |
++ |
224 |
++ case PDEV_BUS_OP_DONE: |
225 |
++ default: |
226 |
++ return ret; |
227 |
+ } |
228 |
+- ret = IRQ_HANDLED; |
229 |
+ } |
230 |
+- return ret; |
231 |
+ } |
232 |
+ |
233 |
+ static int goldfish_pdev_bus_probe(struct platform_device *pdev) |
234 |
+diff --git a/drivers/tty/serial/msm_serial.c b/drivers/tty/serial/msm_serial.c |
235 |
+index 7312e7e..6788e75 100644 |
236 |
+--- a/drivers/tty/serial/msm_serial.c |
237 |
++++ b/drivers/tty/serial/msm_serial.c |
238 |
+@@ -1809,6 +1809,7 @@ static const struct of_device_id msm_match_table[] = { |
239 |
+ { .compatible = "qcom,msm-uartdm" }, |
240 |
+ {} |
241 |
+ }; |
242 |
++MODULE_DEVICE_TABLE(of, msm_match_table); |
243 |
+ |
244 |
+ static struct platform_driver msm_platform_driver = { |
245 |
+ .remove = msm_serial_remove, |
246 |
+diff --git a/drivers/usb/serial/ark3116.c b/drivers/usb/serial/ark3116.c |
247 |
+index 1532cde..7812052 100644 |
248 |
+--- a/drivers/usb/serial/ark3116.c |
249 |
++++ b/drivers/usb/serial/ark3116.c |
250 |
+@@ -99,10 +99,17 @@ static int ark3116_read_reg(struct usb_serial *serial, |
251 |
+ usb_rcvctrlpipe(serial->dev, 0), |
252 |
+ 0xfe, 0xc0, 0, reg, |
253 |
+ buf, 1, ARK_TIMEOUT); |
254 |
+- if (result < 0) |
255 |
++ if (result < 1) { |
256 |
++ dev_err(&serial->interface->dev, |
257 |
++ "failed to read register %u: %d\n", |
258 |
++ reg, result); |
259 |
++ if (result >= 0) |
260 |
++ result = -EIO; |
261 |
++ |
262 |
+ return result; |
263 |
+- else |
264 |
+- return buf[0]; |
265 |
++ } |
266 |
++ |
267 |
++ return buf[0]; |
268 |
+ } |
269 |
+ |
270 |
+ static inline int calc_divisor(int bps) |
271 |
+diff --git a/drivers/usb/serial/console.c b/drivers/usb/serial/console.c |
272 |
+index 8967715..b6f1ade 100644 |
273 |
+--- a/drivers/usb/serial/console.c |
274 |
++++ b/drivers/usb/serial/console.c |
275 |
+@@ -143,6 +143,7 @@ static int usb_console_setup(struct console *co, char *options) |
276 |
+ tty->driver = usb_serial_tty_driver; |
277 |
+ tty->index = co->index; |
278 |
+ init_ldsem(&tty->ldisc_sem); |
279 |
++ spin_lock_init(&tty->files_lock); |
280 |
+ INIT_LIST_HEAD(&tty->tty_files); |
281 |
+ kref_get(&tty->driver->kref); |
282 |
+ __module_get(tty->driver->owner); |
283 |
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c |
284 |
+index 243ac5e..8bb4875 100644 |
285 |
+--- a/drivers/usb/serial/cp210x.c |
286 |
++++ b/drivers/usb/serial/cp210x.c |
287 |
+@@ -172,6 +172,8 @@ static const struct usb_device_id id_table[] = { |
288 |
+ { USB_DEVICE(0x1901, 0x0190) }, /* GE B850 CP2105 Recorder interface */ |
289 |
+ { USB_DEVICE(0x1901, 0x0193) }, /* GE B650 CP2104 PMC interface */ |
290 |
+ { USB_DEVICE(0x1901, 0x0194) }, /* GE Healthcare Remote Alarm Box */ |
291 |
++ { USB_DEVICE(0x1901, 0x0195) }, /* GE B850/B650/B450 CP2104 DP UART interface */ |
292 |
++ { USB_DEVICE(0x1901, 0x0196) }, /* GE B850 CP2105 DP UART interface */ |
293 |
+ { USB_DEVICE(0x19CF, 0x3000) }, /* Parrot NMEA GPS Flight Recorder */ |
294 |
+ { USB_DEVICE(0x1ADB, 0x0001) }, /* Schweitzer Engineering C662 Cable */ |
295 |
+ { USB_DEVICE(0x1B1C, 0x1C00) }, /* Corsair USB Dongle */ |
296 |
+diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
297 |
+index 6e9fc8b..99a0a5f 100644 |
298 |
+--- a/drivers/usb/serial/ftdi_sio.c |
299 |
++++ b/drivers/usb/serial/ftdi_sio.c |
300 |
+@@ -1807,8 +1807,6 @@ static int ftdi_sio_port_probe(struct usb_serial_port *port) |
301 |
+ |
302 |
+ mutex_init(&priv->cfg_lock); |
303 |
+ |
304 |
+- priv->flags = ASYNC_LOW_LATENCY; |
305 |
+- |
306 |
+ if (quirk && quirk->port_probe) |
307 |
+ quirk->port_probe(priv); |
308 |
+ |
309 |
+@@ -2072,6 +2070,20 @@ static int ftdi_process_packet(struct usb_serial_port *port, |
310 |
+ priv->prev_status = status; |
311 |
+ } |
312 |
+ |
313 |
++ /* save if the transmitter is empty or not */ |
314 |
++ if (packet[1] & FTDI_RS_TEMT) |
315 |
++ priv->transmit_empty = 1; |
316 |
++ else |
317 |
++ priv->transmit_empty = 0; |
318 |
++ |
319 |
++ len -= 2; |
320 |
++ if (!len) |
321 |
++ return 0; /* status only */ |
322 |
++ |
323 |
++ /* |
324 |
++ * Break and error status must only be processed for packets with |
325 |
++ * data payload to avoid over-reporting. |
326 |
++ */ |
327 |
+ flag = TTY_NORMAL; |
328 |
+ if (packet[1] & FTDI_RS_ERR_MASK) { |
329 |
+ /* Break takes precedence over parity, which takes precedence |
330 |
+@@ -2094,15 +2106,6 @@ static int ftdi_process_packet(struct usb_serial_port *port, |
331 |
+ } |
332 |
+ } |
333 |
+ |
334 |
+- /* save if the transmitter is empty or not */ |
335 |
+- if (packet[1] & FTDI_RS_TEMT) |
336 |
+- priv->transmit_empty = 1; |
337 |
+- else |
338 |
+- priv->transmit_empty = 0; |
339 |
+- |
340 |
+- len -= 2; |
341 |
+- if (!len) |
342 |
+- return 0; /* status only */ |
343 |
+ port->icount.rx += len; |
344 |
+ ch = packet + 2; |
345 |
+ |
346 |
+@@ -2433,8 +2436,12 @@ static int ftdi_get_modem_status(struct usb_serial_port *port, |
347 |
+ FTDI_SIO_GET_MODEM_STATUS_REQUEST_TYPE, |
348 |
+ 0, priv->interface, |
349 |
+ buf, len, WDR_TIMEOUT); |
350 |
+- if (ret < 0) { |
351 |
++ |
352 |
++ /* NOTE: We allow short responses and handle that below. */ |
353 |
++ if (ret < 1) { |
354 |
+ dev_err(&port->dev, "failed to get modem status: %d\n", ret); |
355 |
++ if (ret >= 0) |
356 |
++ ret = -EIO; |
357 |
+ ret = usb_translate_errors(ret); |
358 |
+ goto out; |
359 |
+ } |
360 |
+diff --git a/drivers/usb/serial/mos7840.c b/drivers/usb/serial/mos7840.c |
361 |
+index 4f9af47..5c4fc3a 100644 |
362 |
+--- a/drivers/usb/serial/mos7840.c |
363 |
++++ b/drivers/usb/serial/mos7840.c |
364 |
+@@ -1024,6 +1024,7 @@ static int mos7840_open(struct tty_struct *tty, struct usb_serial_port *port) |
365 |
+ * (can't set it up in mos7840_startup as the structures * |
366 |
+ * were not set up at that time.) */ |
367 |
+ if (port0->open_ports == 1) { |
368 |
++ /* FIXME: Buffer never NULL, so URB is not submitted. */ |
369 |
+ if (serial->port[0]->interrupt_in_buffer == NULL) { |
370 |
+ /* set up interrupt urb */ |
371 |
+ usb_fill_int_urb(serial->port[0]->interrupt_in_urb, |
372 |
+@@ -2119,7 +2120,8 @@ static int mos7840_calc_num_ports(struct usb_serial *serial) |
373 |
+ static int mos7840_attach(struct usb_serial *serial) |
374 |
+ { |
375 |
+ if (serial->num_bulk_in < serial->num_ports || |
376 |
+- serial->num_bulk_out < serial->num_ports) { |
377 |
++ serial->num_bulk_out < serial->num_ports || |
378 |
++ serial->num_interrupt_in < 1) { |
379 |
+ dev_err(&serial->interface->dev, "missing endpoints\n"); |
380 |
+ return -ENODEV; |
381 |
+ } |
382 |
+diff --git a/drivers/usb/serial/opticon.c b/drivers/usb/serial/opticon.c |
383 |
+index 4b7bfb3..64bf258 100644 |
384 |
+--- a/drivers/usb/serial/opticon.c |
385 |
++++ b/drivers/usb/serial/opticon.c |
386 |
+@@ -142,7 +142,7 @@ static int opticon_open(struct tty_struct *tty, struct usb_serial_port *port) |
387 |
+ usb_clear_halt(port->serial->dev, port->read_urb->pipe); |
388 |
+ |
389 |
+ res = usb_serial_generic_open(tty, port); |
390 |
+- if (!res) |
391 |
++ if (res) |
392 |
+ return res; |
393 |
+ |
394 |
+ /* Request CTS line state, sometimes during opening the current |
395 |
+diff --git a/drivers/usb/serial/spcp8x5.c b/drivers/usb/serial/spcp8x5.c |
396 |
+index 475e6c3..ddfd787 100644 |
397 |
+--- a/drivers/usb/serial/spcp8x5.c |
398 |
++++ b/drivers/usb/serial/spcp8x5.c |
399 |
+@@ -232,11 +232,17 @@ static int spcp8x5_get_msr(struct usb_serial_port *port, u8 *status) |
400 |
+ ret = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), |
401 |
+ GET_UART_STATUS, GET_UART_STATUS_TYPE, |
402 |
+ 0, GET_UART_STATUS_MSR, buf, 1, 100); |
403 |
+- if (ret < 0) |
404 |
++ if (ret < 1) { |
405 |
+ dev_err(&port->dev, "failed to get modem status: %d\n", ret); |
406 |
++ if (ret >= 0) |
407 |
++ ret = -EIO; |
408 |
++ goto out; |
409 |
++ } |
410 |
+ |
411 |
+ dev_dbg(&port->dev, "0xc0:0x22:0:6 %d - 0x02%x\n", ret, *buf); |
412 |
+ *status = *buf; |
413 |
++ ret = 0; |
414 |
++out: |
415 |
+ kfree(buf); |
416 |
+ |
417 |
+ return ret; |
418 |
+diff --git a/fs/xfs/xfs_iomap.c b/fs/xfs/xfs_iomap.c |
419 |
+index cdc6bdd..e888961 100644 |
420 |
+--- a/fs/xfs/xfs_iomap.c |
421 |
++++ b/fs/xfs/xfs_iomap.c |
422 |
+@@ -1068,7 +1068,15 @@ xfs_file_iomap_end_delalloc( |
423 |
+ xfs_fileoff_t end_fsb; |
424 |
+ int error = 0; |
425 |
+ |
426 |
+- start_fsb = XFS_B_TO_FSB(mp, offset + written); |
427 |
++ /* |
428 |
++ * start_fsb refers to the first unused block after a short write. If |
429 |
++ * nothing was written, round offset down to point at the first block in |
430 |
++ * the range. |
431 |
++ */ |
432 |
++ if (unlikely(!written)) |
433 |
++ start_fsb = XFS_B_TO_FSBT(mp, offset); |
434 |
++ else |
435 |
++ start_fsb = XFS_B_TO_FSB(mp, offset + written); |
436 |
+ end_fsb = XFS_B_TO_FSB(mp, offset + length); |
437 |
+ |
438 |
+ /* |
439 |
+@@ -1080,6 +1088,9 @@ xfs_file_iomap_end_delalloc( |
440 |
+ * blocks in the range, they are ours. |
441 |
+ */ |
442 |
+ if (start_fsb < end_fsb) { |
443 |
++ truncate_pagecache_range(VFS_I(ip), XFS_FSB_TO_B(mp, start_fsb), |
444 |
++ XFS_FSB_TO_B(mp, end_fsb) - 1); |
445 |
++ |
446 |
+ xfs_ilock(ip, XFS_ILOCK_EXCL); |
447 |
+ error = xfs_bmap_punch_delalloc_range(ip, start_fsb, |
448 |
+ end_fsb - start_fsb); |
449 |
+diff --git a/include/acpi/platform/acenv.h b/include/acpi/platform/acenv.h |
450 |
+index 34cce72..fca1539 100644 |
451 |
+--- a/include/acpi/platform/acenv.h |
452 |
++++ b/include/acpi/platform/acenv.h |
453 |
+@@ -177,7 +177,7 @@ |
454 |
+ #include "acmsvc.h" |
455 |
+ |
456 |
+ #elif defined(__INTEL_COMPILER) |
457 |
+-#include "acintel.h" |
458 |
++#include <acpi/platform/acintel.h> |
459 |
+ |
460 |
+ #endif |
461 |
+ |
462 |
+diff --git a/include/acpi/platform/acintel.h b/include/acpi/platform/acintel.h |
463 |
+new file mode 100644 |
464 |
+index 0000000..17bd3b7 |
465 |
+--- /dev/null |
466 |
++++ b/include/acpi/platform/acintel.h |
467 |
+@@ -0,0 +1,87 @@ |
468 |
++/****************************************************************************** |
469 |
++ * |
470 |
++ * Name: acintel.h - VC specific defines, etc. |
471 |
++ * |
472 |
++ *****************************************************************************/ |
473 |
++ |
474 |
++/* |
475 |
++ * Copyright (C) 2000 - 2017, Intel Corp. |
476 |
++ * All rights reserved. |
477 |
++ * |
478 |
++ * Redistribution and use in source and binary forms, with or without |
479 |
++ * modification, are permitted provided that the following conditions |
480 |
++ * are met: |
481 |
++ * 1. Redistributions of source code must retain the above copyright |
482 |
++ * notice, this list of conditions, and the following disclaimer, |
483 |
++ * without modification. |
484 |
++ * 2. Redistributions in binary form must reproduce at minimum a disclaimer |
485 |
++ * substantially similar to the "NO WARRANTY" disclaimer below |
486 |
++ * ("Disclaimer") and any redistribution must be conditioned upon |
487 |
++ * including a substantially similar Disclaimer requirement for further |
488 |
++ * binary redistribution. |
489 |
++ * 3. Neither the names of the above-listed copyright holders nor the names |
490 |
++ * of any contributors may be used to endorse or promote products derived |
491 |
++ * from this software without specific prior written permission. |
492 |
++ * |
493 |
++ * Alternatively, this software may be distributed under the terms of the |
494 |
++ * GNU General Public License ("GPL") version 2 as published by the Free |
495 |
++ * Software Foundation. |
496 |
++ * |
497 |
++ * NO WARRANTY |
498 |
++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
499 |
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
500 |
++ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR |
501 |
++ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
502 |
++ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
503 |
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
504 |
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
505 |
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
506 |
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING |
507 |
++ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
508 |
++ * POSSIBILITY OF SUCH DAMAGES. |
509 |
++ */ |
510 |
++ |
511 |
++#ifndef __ACINTEL_H__ |
512 |
++#define __ACINTEL_H__ |
513 |
++ |
514 |
++/* |
515 |
++ * Use compiler specific <stdarg.h> is a good practice for even when |
516 |
++ * -nostdinc is specified (i.e., ACPI_USE_STANDARD_HEADERS undefined. |
517 |
++ */ |
518 |
++#include <stdarg.h> |
519 |
++ |
520 |
++/* Configuration specific to Intel 64-bit C compiler */ |
521 |
++ |
522 |
++#define COMPILER_DEPENDENT_INT64 __int64 |
523 |
++#define COMPILER_DEPENDENT_UINT64 unsigned __int64 |
524 |
++#define ACPI_INLINE __inline |
525 |
++ |
526 |
++/* |
527 |
++ * Calling conventions: |
528 |
++ * |
529 |
++ * ACPI_SYSTEM_XFACE - Interfaces to host OS (handlers, threads) |
530 |
++ * ACPI_EXTERNAL_XFACE - External ACPI interfaces |
531 |
++ * ACPI_INTERNAL_XFACE - Internal ACPI interfaces |
532 |
++ * ACPI_INTERNAL_VAR_XFACE - Internal variable-parameter list interfaces |
533 |
++ */ |
534 |
++#define ACPI_SYSTEM_XFACE |
535 |
++#define ACPI_EXTERNAL_XFACE |
536 |
++#define ACPI_INTERNAL_XFACE |
537 |
++#define ACPI_INTERNAL_VAR_XFACE |
538 |
++ |
539 |
++/* remark 981 - operands evaluated in no particular order */ |
540 |
++#pragma warning(disable:981) |
541 |
++ |
542 |
++/* warn C4100: unreferenced formal parameter */ |
543 |
++#pragma warning(disable:4100) |
544 |
++ |
545 |
++/* warn C4127: conditional expression is constant */ |
546 |
++#pragma warning(disable:4127) |
547 |
++ |
548 |
++/* warn C4706: assignment within conditional expression */ |
549 |
++#pragma warning(disable:4706) |
550 |
++ |
551 |
++/* warn C4214: bit field types other than int */ |
552 |
++#pragma warning(disable:4214) |
553 |
++ |
554 |
++#endif /* __ACINTEL_H__ */ |
555 |
+diff --git a/include/linux/ptr_ring.h b/include/linux/ptr_ring.h |
556 |
+index 2052011..6c70444 100644 |
557 |
+--- a/include/linux/ptr_ring.h |
558 |
++++ b/include/linux/ptr_ring.h |
559 |
+@@ -111,6 +111,11 @@ static inline int __ptr_ring_produce(struct ptr_ring *r, void *ptr) |
560 |
+ return 0; |
561 |
+ } |
562 |
+ |
563 |
++/* |
564 |
++ * Note: resize (below) nests producer lock within consumer lock, so if you |
565 |
++ * consume in interrupt or BH context, you must disable interrupts/BH when |
566 |
++ * calling this. |
567 |
++ */ |
568 |
+ static inline int ptr_ring_produce(struct ptr_ring *r, void *ptr) |
569 |
+ { |
570 |
+ int ret; |
571 |
+@@ -242,6 +247,11 @@ static inline void *__ptr_ring_consume(struct ptr_ring *r) |
572 |
+ return ptr; |
573 |
+ } |
574 |
+ |
575 |
++/* |
576 |
++ * Note: resize (below) nests producer lock within consumer lock, so if you |
577 |
++ * call this in interrupt or BH context, you must disable interrupts/BH when |
578 |
++ * producing. |
579 |
++ */ |
580 |
+ static inline void *ptr_ring_consume(struct ptr_ring *r) |
581 |
+ { |
582 |
+ void *ptr; |
583 |
+@@ -357,7 +367,7 @@ static inline void **__ptr_ring_swap_queue(struct ptr_ring *r, void **queue, |
584 |
+ void **old; |
585 |
+ void *ptr; |
586 |
+ |
587 |
+- while ((ptr = ptr_ring_consume(r))) |
588 |
++ while ((ptr = __ptr_ring_consume(r))) |
589 |
+ if (producer < size) |
590 |
+ queue[producer++] = ptr; |
591 |
+ else if (destroy) |
592 |
+@@ -372,6 +382,12 @@ static inline void **__ptr_ring_swap_queue(struct ptr_ring *r, void **queue, |
593 |
+ return old; |
594 |
+ } |
595 |
+ |
596 |
++/* |
597 |
++ * Note: producer lock is nested within consumer lock, so if you |
598 |
++ * resize you must make sure all uses nest correctly. |
599 |
++ * In particular if you consume ring in interrupt or BH context, you must |
600 |
++ * disable interrupts/BH when doing so. |
601 |
++ */ |
602 |
+ static inline int ptr_ring_resize(struct ptr_ring *r, int size, gfp_t gfp, |
603 |
+ void (*destroy)(void *)) |
604 |
+ { |
605 |
+@@ -382,17 +398,25 @@ static inline int ptr_ring_resize(struct ptr_ring *r, int size, gfp_t gfp, |
606 |
+ if (!queue) |
607 |
+ return -ENOMEM; |
608 |
+ |
609 |
+- spin_lock_irqsave(&(r)->producer_lock, flags); |
610 |
++ spin_lock_irqsave(&(r)->consumer_lock, flags); |
611 |
++ spin_lock(&(r)->producer_lock); |
612 |
+ |
613 |
+ old = __ptr_ring_swap_queue(r, queue, size, gfp, destroy); |
614 |
+ |
615 |
+- spin_unlock_irqrestore(&(r)->producer_lock, flags); |
616 |
++ spin_unlock(&(r)->producer_lock); |
617 |
++ spin_unlock_irqrestore(&(r)->consumer_lock, flags); |
618 |
+ |
619 |
+ kfree(old); |
620 |
+ |
621 |
+ return 0; |
622 |
+ } |
623 |
+ |
624 |
++/* |
625 |
++ * Note: producer lock is nested within consumer lock, so if you |
626 |
++ * resize you must make sure all uses nest correctly. |
627 |
++ * In particular if you consume ring in interrupt or BH context, you must |
628 |
++ * disable interrupts/BH when doing so. |
629 |
++ */ |
630 |
+ static inline int ptr_ring_resize_multiple(struct ptr_ring **rings, int nrings, |
631 |
+ int size, |
632 |
+ gfp_t gfp, void (*destroy)(void *)) |
633 |
+@@ -412,10 +436,12 @@ static inline int ptr_ring_resize_multiple(struct ptr_ring **rings, int nrings, |
634 |
+ } |
635 |
+ |
636 |
+ for (i = 0; i < nrings; ++i) { |
637 |
+- spin_lock_irqsave(&(rings[i])->producer_lock, flags); |
638 |
++ spin_lock_irqsave(&(rings[i])->consumer_lock, flags); |
639 |
++ spin_lock(&(rings[i])->producer_lock); |
640 |
+ queues[i] = __ptr_ring_swap_queue(rings[i], queues[i], |
641 |
+ size, gfp, destroy); |
642 |
+- spin_unlock_irqrestore(&(rings[i])->producer_lock, flags); |
643 |
++ spin_unlock(&(rings[i])->producer_lock); |
644 |
++ spin_unlock_irqrestore(&(rings[i])->consumer_lock, flags); |
645 |
+ } |
646 |
+ |
647 |
+ for (i = 0; i < nrings; ++i) |
648 |
+diff --git a/mm/backing-dev.c b/mm/backing-dev.c |
649 |
+index 8fde443..6ff2d77 100644 |
650 |
+--- a/mm/backing-dev.c |
651 |
++++ b/mm/backing-dev.c |
652 |
+@@ -757,15 +757,20 @@ static int cgwb_bdi_init(struct backing_dev_info *bdi) |
653 |
+ if (!bdi->wb_congested) |
654 |
+ return -ENOMEM; |
655 |
+ |
656 |
++ atomic_set(&bdi->wb_congested->refcnt, 1); |
657 |
++ |
658 |
+ err = wb_init(&bdi->wb, bdi, 1, GFP_KERNEL); |
659 |
+ if (err) { |
660 |
+- kfree(bdi->wb_congested); |
661 |
++ wb_congested_put(bdi->wb_congested); |
662 |
+ return err; |
663 |
+ } |
664 |
+ return 0; |
665 |
+ } |
666 |
+ |
667 |
+-static void cgwb_bdi_destroy(struct backing_dev_info *bdi) { } |
668 |
++static void cgwb_bdi_destroy(struct backing_dev_info *bdi) |
669 |
++{ |
670 |
++ wb_congested_put(bdi->wb_congested); |
671 |
++} |
672 |
+ |
673 |
+ #endif /* CONFIG_CGROUP_WRITEBACK */ |
674 |
+ |
675 |
+diff --git a/net/core/neighbour.c b/net/core/neighbour.c |
676 |
+index 2ae929f..9901e5b 100644 |
677 |
+--- a/net/core/neighbour.c |
678 |
++++ b/net/core/neighbour.c |
679 |
+@@ -2927,7 +2927,8 @@ static void neigh_proc_update(struct ctl_table *ctl, int write) |
680 |
+ return; |
681 |
+ |
682 |
+ set_bit(index, p->data_state); |
683 |
+- call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); |
684 |
++ if (index == NEIGH_VAR_DELAY_PROBE_TIME) |
685 |
++ call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p); |
686 |
+ if (!dev) /* NULL dev means this is default value */ |
687 |
+ neigh_copy_dflt_parms(net, p, index); |
688 |
+ } |
689 |
+diff --git a/net/dccp/input.c b/net/dccp/input.c |
690 |
+index ba34718..8fedc2d 100644 |
691 |
+--- a/net/dccp/input.c |
692 |
++++ b/net/dccp/input.c |
693 |
+@@ -606,7 +606,8 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
694 |
+ if (inet_csk(sk)->icsk_af_ops->conn_request(sk, |
695 |
+ skb) < 0) |
696 |
+ return 1; |
697 |
+- goto discard; |
698 |
++ consume_skb(skb); |
699 |
++ return 0; |
700 |
+ } |
701 |
+ if (dh->dccph_type == DCCP_PKT_RESET) |
702 |
+ goto discard; |
703 |
+diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c |
704 |
+index 65336f3..9826695 100644 |
705 |
+--- a/net/ipv4/ip_sockglue.c |
706 |
++++ b/net/ipv4/ip_sockglue.c |
707 |
+@@ -105,10 +105,10 @@ static void ip_cmsg_recv_checksum(struct msghdr *msg, struct sk_buff *skb, |
708 |
+ if (skb->ip_summed != CHECKSUM_COMPLETE) |
709 |
+ return; |
710 |
+ |
711 |
+- if (offset != 0) |
712 |
+- csum = csum_sub(csum, |
713 |
+- csum_partial(skb_transport_header(skb) + tlen, |
714 |
+- offset, 0)); |
715 |
++ if (offset != 0) { |
716 |
++ int tend_off = skb_transport_offset(skb) + tlen; |
717 |
++ csum = csum_sub(csum, skb_checksum(skb, tend_off, offset, 0)); |
718 |
++ } |
719 |
+ |
720 |
+ put_cmsg(msg, SOL_IP, IP_CHECKSUM, sizeof(__wsum), &csum); |
721 |
+ } |
722 |
+diff --git a/net/irda/irqueue.c b/net/irda/irqueue.c |
723 |
+index acbe61c..160dc89 100644 |
724 |
+--- a/net/irda/irqueue.c |
725 |
++++ b/net/irda/irqueue.c |
726 |
+@@ -383,9 +383,6 @@ EXPORT_SYMBOL(hashbin_new); |
727 |
+ * for deallocating this structure if it's complex. If not the user can |
728 |
+ * just supply kfree, which should take care of the job. |
729 |
+ */ |
730 |
+-#ifdef CONFIG_LOCKDEP |
731 |
+-static int hashbin_lock_depth = 0; |
732 |
+-#endif |
733 |
+ int hashbin_delete( hashbin_t* hashbin, FREE_FUNC free_func) |
734 |
+ { |
735 |
+ irda_queue_t* queue; |
736 |
+@@ -396,22 +393,27 @@ int hashbin_delete( hashbin_t* hashbin, FREE_FUNC free_func) |
737 |
+ IRDA_ASSERT(hashbin->magic == HB_MAGIC, return -1;); |
738 |
+ |
739 |
+ /* Synchronize */ |
740 |
+- if ( hashbin->hb_type & HB_LOCK ) { |
741 |
+- spin_lock_irqsave_nested(&hashbin->hb_spinlock, flags, |
742 |
+- hashbin_lock_depth++); |
743 |
+- } |
744 |
++ if (hashbin->hb_type & HB_LOCK) |
745 |
++ spin_lock_irqsave(&hashbin->hb_spinlock, flags); |
746 |
+ |
747 |
+ /* |
748 |
+ * Free the entries in the hashbin, TODO: use hashbin_clear when |
749 |
+ * it has been shown to work |
750 |
+ */ |
751 |
+ for (i = 0; i < HASHBIN_SIZE; i ++ ) { |
752 |
+- queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]); |
753 |
+- while (queue ) { |
754 |
+- if (free_func) |
755 |
+- (*free_func)(queue); |
756 |
+- queue = dequeue_first( |
757 |
+- (irda_queue_t**) &hashbin->hb_queue[i]); |
758 |
++ while (1) { |
759 |
++ queue = dequeue_first((irda_queue_t**) &hashbin->hb_queue[i]); |
760 |
++ |
761 |
++ if (!queue) |
762 |
++ break; |
763 |
++ |
764 |
++ if (free_func) { |
765 |
++ if (hashbin->hb_type & HB_LOCK) |
766 |
++ spin_unlock_irqrestore(&hashbin->hb_spinlock, flags); |
767 |
++ free_func(queue); |
768 |
++ if (hashbin->hb_type & HB_LOCK) |
769 |
++ spin_lock_irqsave(&hashbin->hb_spinlock, flags); |
770 |
++ } |
771 |
+ } |
772 |
+ } |
773 |
+ |
774 |
+@@ -420,12 +422,8 @@ int hashbin_delete( hashbin_t* hashbin, FREE_FUNC free_func) |
775 |
+ hashbin->magic = ~HB_MAGIC; |
776 |
+ |
777 |
+ /* Release lock */ |
778 |
+- if ( hashbin->hb_type & HB_LOCK) { |
779 |
++ if (hashbin->hb_type & HB_LOCK) |
780 |
+ spin_unlock_irqrestore(&hashbin->hb_spinlock, flags); |
781 |
+-#ifdef CONFIG_LOCKDEP |
782 |
+- hashbin_lock_depth--; |
783 |
+-#endif |
784 |
+- } |
785 |
+ |
786 |
+ /* |
787 |
+ * Free the hashbin structure |
788 |
+diff --git a/net/kcm/kcmsock.c b/net/kcm/kcmsock.c |
789 |
+index 7e08a4d..a646f34 100644 |
790 |
+--- a/net/kcm/kcmsock.c |
791 |
++++ b/net/kcm/kcmsock.c |
792 |
+@@ -929,23 +929,25 @@ static int kcm_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) |
793 |
+ goto out_error; |
794 |
+ } |
795 |
+ |
796 |
+- /* New message, alloc head skb */ |
797 |
+- head = alloc_skb(0, sk->sk_allocation); |
798 |
+- while (!head) { |
799 |
+- kcm_push(kcm); |
800 |
+- err = sk_stream_wait_memory(sk, &timeo); |
801 |
+- if (err) |
802 |
+- goto out_error; |
803 |
+- |
804 |
++ if (msg_data_left(msg)) { |
805 |
++ /* New message, alloc head skb */ |
806 |
+ head = alloc_skb(0, sk->sk_allocation); |
807 |
+- } |
808 |
++ while (!head) { |
809 |
++ kcm_push(kcm); |
810 |
++ err = sk_stream_wait_memory(sk, &timeo); |
811 |
++ if (err) |
812 |
++ goto out_error; |
813 |
+ |
814 |
+- skb = head; |
815 |
++ head = alloc_skb(0, sk->sk_allocation); |
816 |
++ } |
817 |
+ |
818 |
+- /* Set ip_summed to CHECKSUM_UNNECESSARY to avoid calling |
819 |
+- * csum_and_copy_from_iter from skb_do_copy_data_nocache. |
820 |
+- */ |
821 |
+- skb->ip_summed = CHECKSUM_UNNECESSARY; |
822 |
++ skb = head; |
823 |
++ |
824 |
++ /* Set ip_summed to CHECKSUM_UNNECESSARY to avoid calling |
825 |
++ * csum_and_copy_from_iter from skb_do_copy_data_nocache. |
826 |
++ */ |
827 |
++ skb->ip_summed = CHECKSUM_UNNECESSARY; |
828 |
++ } |
829 |
+ |
830 |
+ start: |
831 |
+ while (msg_data_left(msg)) { |
832 |
+@@ -1018,10 +1020,12 @@ static int kcm_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) |
833 |
+ if (eor) { |
834 |
+ bool not_busy = skb_queue_empty(&sk->sk_write_queue); |
835 |
+ |
836 |
+- /* Message complete, queue it on send buffer */ |
837 |
+- __skb_queue_tail(&sk->sk_write_queue, head); |
838 |
+- kcm->seq_skb = NULL; |
839 |
+- KCM_STATS_INCR(kcm->stats.tx_msgs); |
840 |
++ if (head) { |
841 |
++ /* Message complete, queue it on send buffer */ |
842 |
++ __skb_queue_tail(&sk->sk_write_queue, head); |
843 |
++ kcm->seq_skb = NULL; |
844 |
++ KCM_STATS_INCR(kcm->stats.tx_msgs); |
845 |
++ } |
846 |
+ |
847 |
+ if (msg->msg_flags & MSG_BATCH) { |
848 |
+ kcm->tx_wait_more = true; |
849 |
+@@ -1040,8 +1044,10 @@ static int kcm_sendmsg(struct socket *sock, struct msghdr *msg, size_t len) |
850 |
+ } else { |
851 |
+ /* Message not complete, save state */ |
852 |
+ partial_message: |
853 |
+- kcm->seq_skb = head; |
854 |
+- kcm_tx_msg(head)->last_skb = skb; |
855 |
++ if (head) { |
856 |
++ kcm->seq_skb = head; |
857 |
++ kcm_tx_msg(head)->last_skb = skb; |
858 |
++ } |
859 |
+ } |
860 |
+ |
861 |
+ KCM_STATS_ADD(kcm->stats.tx_bytes, copied); |
862 |
+diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c |
863 |
+index 3e821da..8bc5a1b 100644 |
864 |
+--- a/net/llc/llc_conn.c |
865 |
++++ b/net/llc/llc_conn.c |
866 |
+@@ -821,7 +821,10 @@ void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb) |
867 |
+ * another trick required to cope with how the PROCOM state |
868 |
+ * machine works. -acme |
869 |
+ */ |
870 |
++ skb_orphan(skb); |
871 |
++ sock_hold(sk); |
872 |
+ skb->sk = sk; |
873 |
++ skb->destructor = sock_efree; |
874 |
+ } |
875 |
+ if (!sock_owned_by_user(sk)) |
876 |
+ llc_conn_rcv(sk, skb); |
877 |
+diff --git a/net/llc/llc_sap.c b/net/llc/llc_sap.c |
878 |
+index d0e1e80..5404d0d 100644 |
879 |
+--- a/net/llc/llc_sap.c |
880 |
++++ b/net/llc/llc_sap.c |
881 |
+@@ -290,7 +290,10 @@ static void llc_sap_rcv(struct llc_sap *sap, struct sk_buff *skb, |
882 |
+ |
883 |
+ ev->type = LLC_SAP_EV_TYPE_PDU; |
884 |
+ ev->reason = 0; |
885 |
++ skb_orphan(skb); |
886 |
++ sock_hold(sk); |
887 |
+ skb->sk = sk; |
888 |
++ skb->destructor = sock_efree; |
889 |
+ llc_sap_state_process(sap, skb); |
890 |
+ } |
891 |
+ |
892 |
+diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c |
893 |
+index 7341adf..6dc44d9 100644 |
894 |
+--- a/net/netfilter/nf_conntrack_helper.c |
895 |
++++ b/net/netfilter/nf_conntrack_helper.c |
896 |
+@@ -188,6 +188,26 @@ nf_ct_helper_ext_add(struct nf_conn *ct, |
897 |
+ } |
898 |
+ EXPORT_SYMBOL_GPL(nf_ct_helper_ext_add); |
899 |
+ |
900 |
++static struct nf_conntrack_helper * |
901 |
++nf_ct_lookup_helper(struct nf_conn *ct, struct net *net) |
902 |
++{ |
903 |
++ if (!net->ct.sysctl_auto_assign_helper) { |
904 |
++ if (net->ct.auto_assign_helper_warned) |
905 |
++ return NULL; |
906 |
++ if (!__nf_ct_helper_find(&ct->tuplehash[IP_CT_DIR_REPLY].tuple)) |
907 |
++ return NULL; |
908 |
++ pr_info("nf_conntrack: default automatic helper assignment " |
909 |
++ "has been turned off for security reasons and CT-based " |
910 |
++ " firewall rule not found. Use the iptables CT target " |
911 |
++ "to attach helpers instead.\n"); |
912 |
++ net->ct.auto_assign_helper_warned = 1; |
913 |
++ return NULL; |
914 |
++ } |
915 |
++ |
916 |
++ return __nf_ct_helper_find(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); |
917 |
++} |
918 |
++ |
919 |
++ |
920 |
+ int __nf_ct_try_assign_helper(struct nf_conn *ct, struct nf_conn *tmpl, |
921 |
+ gfp_t flags) |
922 |
+ { |
923 |
+@@ -213,21 +233,14 @@ int __nf_ct_try_assign_helper(struct nf_conn *ct, struct nf_conn *tmpl, |
924 |
+ } |
925 |
+ |
926 |
+ help = nfct_help(ct); |
927 |
+- if (net->ct.sysctl_auto_assign_helper && helper == NULL) { |
928 |
+- helper = __nf_ct_helper_find(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); |
929 |
+- if (unlikely(!net->ct.auto_assign_helper_warned && helper)) { |
930 |
+- pr_info("nf_conntrack: automatic helper " |
931 |
+- "assignment is deprecated and it will " |
932 |
+- "be removed soon. Use the iptables CT target " |
933 |
+- "to attach helpers instead.\n"); |
934 |
+- net->ct.auto_assign_helper_warned = true; |
935 |
+- } |
936 |
+- } |
937 |
+ |
938 |
+ if (helper == NULL) { |
939 |
+- if (help) |
940 |
+- RCU_INIT_POINTER(help->helper, NULL); |
941 |
+- return 0; |
942 |
++ helper = nf_ct_lookup_helper(ct, net); |
943 |
++ if (helper == NULL) { |
944 |
++ if (help) |
945 |
++ RCU_INIT_POINTER(help->helper, NULL); |
946 |
++ return 0; |
947 |
++ } |
948 |
+ } |
949 |
+ |
950 |
+ if (help == NULL) { |
951 |
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c |
952 |
+index 458722b..34de326 100644 |
953 |
+--- a/net/packet/af_packet.c |
954 |
++++ b/net/packet/af_packet.c |
955 |
+@@ -1497,6 +1497,8 @@ static void __fanout_link(struct sock *sk, struct packet_sock *po) |
956 |
+ f->arr[f->num_members] = sk; |
957 |
+ smp_wmb(); |
958 |
+ f->num_members++; |
959 |
++ if (f->num_members == 1) |
960 |
++ dev_add_pack(&f->prot_hook); |
961 |
+ spin_unlock(&f->lock); |
962 |
+ } |
963 |
+ |
964 |
+@@ -1513,6 +1515,8 @@ static void __fanout_unlink(struct sock *sk, struct packet_sock *po) |
965 |
+ BUG_ON(i >= f->num_members); |
966 |
+ f->arr[i] = f->arr[f->num_members - 1]; |
967 |
+ f->num_members--; |
968 |
++ if (f->num_members == 0) |
969 |
++ __dev_remove_pack(&f->prot_hook); |
970 |
+ spin_unlock(&f->lock); |
971 |
+ } |
972 |
+ |
973 |
+@@ -1619,6 +1623,7 @@ static void fanout_release_data(struct packet_fanout *f) |
974 |
+ |
975 |
+ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
976 |
+ { |
977 |
++ struct packet_rollover *rollover = NULL; |
978 |
+ struct packet_sock *po = pkt_sk(sk); |
979 |
+ struct packet_fanout *f, *match; |
980 |
+ u8 type = type_flags & 0xff; |
981 |
+@@ -1641,23 +1646,28 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
982 |
+ return -EINVAL; |
983 |
+ } |
984 |
+ |
985 |
++ mutex_lock(&fanout_mutex); |
986 |
++ |
987 |
++ err = -EINVAL; |
988 |
+ if (!po->running) |
989 |
+- return -EINVAL; |
990 |
++ goto out; |
991 |
+ |
992 |
++ err = -EALREADY; |
993 |
+ if (po->fanout) |
994 |
+- return -EALREADY; |
995 |
++ goto out; |
996 |
+ |
997 |
+ if (type == PACKET_FANOUT_ROLLOVER || |
998 |
+ (type_flags & PACKET_FANOUT_FLAG_ROLLOVER)) { |
999 |
+- po->rollover = kzalloc(sizeof(*po->rollover), GFP_KERNEL); |
1000 |
+- if (!po->rollover) |
1001 |
+- return -ENOMEM; |
1002 |
+- atomic_long_set(&po->rollover->num, 0); |
1003 |
+- atomic_long_set(&po->rollover->num_huge, 0); |
1004 |
+- atomic_long_set(&po->rollover->num_failed, 0); |
1005 |
++ err = -ENOMEM; |
1006 |
++ rollover = kzalloc(sizeof(*rollover), GFP_KERNEL); |
1007 |
++ if (!rollover) |
1008 |
++ goto out; |
1009 |
++ atomic_long_set(&rollover->num, 0); |
1010 |
++ atomic_long_set(&rollover->num_huge, 0); |
1011 |
++ atomic_long_set(&rollover->num_failed, 0); |
1012 |
++ po->rollover = rollover; |
1013 |
+ } |
1014 |
+ |
1015 |
+- mutex_lock(&fanout_mutex); |
1016 |
+ match = NULL; |
1017 |
+ list_for_each_entry(f, &fanout_list, list) { |
1018 |
+ if (f->id == id && |
1019 |
+@@ -1687,7 +1697,6 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
1020 |
+ match->prot_hook.func = packet_rcv_fanout; |
1021 |
+ match->prot_hook.af_packet_priv = match; |
1022 |
+ match->prot_hook.id_match = match_fanout_group; |
1023 |
+- dev_add_pack(&match->prot_hook); |
1024 |
+ list_add(&match->list, &fanout_list); |
1025 |
+ } |
1026 |
+ err = -EINVAL; |
1027 |
+@@ -1704,36 +1713,40 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
1028 |
+ } |
1029 |
+ } |
1030 |
+ out: |
1031 |
+- mutex_unlock(&fanout_mutex); |
1032 |
+- if (err) { |
1033 |
+- kfree(po->rollover); |
1034 |
++ if (err && rollover) { |
1035 |
++ kfree(rollover); |
1036 |
+ po->rollover = NULL; |
1037 |
+ } |
1038 |
++ mutex_unlock(&fanout_mutex); |
1039 |
+ return err; |
1040 |
+ } |
1041 |
+ |
1042 |
+-static void fanout_release(struct sock *sk) |
1043 |
++/* If pkt_sk(sk)->fanout->sk_ref is zero, this function removes |
1044 |
++ * pkt_sk(sk)->fanout from fanout_list and returns pkt_sk(sk)->fanout. |
1045 |
++ * It is the responsibility of the caller to call fanout_release_data() and |
1046 |
++ * free the returned packet_fanout (after synchronize_net()) |
1047 |
++ */ |
1048 |
++static struct packet_fanout *fanout_release(struct sock *sk) |
1049 |
+ { |
1050 |
+ struct packet_sock *po = pkt_sk(sk); |
1051 |
+ struct packet_fanout *f; |
1052 |
+ |
1053 |
++ mutex_lock(&fanout_mutex); |
1054 |
+ f = po->fanout; |
1055 |
+- if (!f) |
1056 |
+- return; |
1057 |
++ if (f) { |
1058 |
++ po->fanout = NULL; |
1059 |
+ |
1060 |
+- mutex_lock(&fanout_mutex); |
1061 |
+- po->fanout = NULL; |
1062 |
++ if (atomic_dec_and_test(&f->sk_ref)) |
1063 |
++ list_del(&f->list); |
1064 |
++ else |
1065 |
++ f = NULL; |
1066 |
+ |
1067 |
+- if (atomic_dec_and_test(&f->sk_ref)) { |
1068 |
+- list_del(&f->list); |
1069 |
+- dev_remove_pack(&f->prot_hook); |
1070 |
+- fanout_release_data(f); |
1071 |
+- kfree(f); |
1072 |
++ if (po->rollover) |
1073 |
++ kfree_rcu(po->rollover, rcu); |
1074 |
+ } |
1075 |
+ mutex_unlock(&fanout_mutex); |
1076 |
+ |
1077 |
+- if (po->rollover) |
1078 |
+- kfree_rcu(po->rollover, rcu); |
1079 |
++ return f; |
1080 |
+ } |
1081 |
+ |
1082 |
+ static bool packet_extra_vlan_len_allowed(const struct net_device *dev, |
1083 |
+@@ -2965,6 +2978,7 @@ static int packet_release(struct socket *sock) |
1084 |
+ { |
1085 |
+ struct sock *sk = sock->sk; |
1086 |
+ struct packet_sock *po; |
1087 |
++ struct packet_fanout *f; |
1088 |
+ struct net *net; |
1089 |
+ union tpacket_req_u req_u; |
1090 |
+ |
1091 |
+@@ -3004,9 +3018,14 @@ static int packet_release(struct socket *sock) |
1092 |
+ packet_set_ring(sk, &req_u, 1, 1); |
1093 |
+ } |
1094 |
+ |
1095 |
+- fanout_release(sk); |
1096 |
++ f = fanout_release(sk); |
1097 |
+ |
1098 |
+ synchronize_net(); |
1099 |
++ |
1100 |
++ if (f) { |
1101 |
++ fanout_release_data(f); |
1102 |
++ kfree(f); |
1103 |
++ } |
1104 |
+ /* |
1105 |
+ * Now the socket is dead. No more input will appear. |
1106 |
+ */ |
1107 |
+@@ -3958,7 +3977,6 @@ static int packet_notifier(struct notifier_block *this, |
1108 |
+ } |
1109 |
+ if (msg == NETDEV_UNREGISTER) { |
1110 |
+ packet_cached_dev_reset(po); |
1111 |
+- fanout_release(sk); |
1112 |
+ po->ifindex = -1; |
1113 |
+ if (po->prot_hook.dev) |
1114 |
+ dev_put(po->prot_hook.dev); |
1115 |
+diff --git a/net/socket.c b/net/socket.c |
1116 |
+index 73dc69f..6bbccf0 100644 |
1117 |
+--- a/net/socket.c |
1118 |
++++ b/net/socket.c |
1119 |
+@@ -2197,8 +2197,10 @@ int __sys_recvmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen, |
1120 |
+ return err; |
1121 |
+ |
1122 |
+ err = sock_error(sock->sk); |
1123 |
+- if (err) |
1124 |
++ if (err) { |
1125 |
++ datagrams = err; |
1126 |
+ goto out_put; |
1127 |
++ } |
1128 |
+ |
1129 |
+ entry = mmsg; |
1130 |
+ compat_entry = (struct compat_mmsghdr __user *)mmsg; |
1131 |
|
1132 |
diff --git a/4.9.12/4420_grsecurity-3.1-4.9.12-201702231830.patch b/4.9.13/4420_grsecurity-3.1-4.9.13-201702270729.patch |
1133 |
similarity index 99% |
1134 |
rename from 4.9.12/4420_grsecurity-3.1-4.9.12-201702231830.patch |
1135 |
rename to 4.9.13/4420_grsecurity-3.1-4.9.13-201702270729.patch |
1136 |
index ce908bf..c9d116e 100644 |
1137 |
--- a/4.9.12/4420_grsecurity-3.1-4.9.12-201702231830.patch |
1138 |
+++ b/4.9.13/4420_grsecurity-3.1-4.9.13-201702270729.patch |
1139 |
@@ -310,10 +310,10 @@ index 9b9c479..5a635ff 100644 |
1140 |
A typical pattern in a Kbuild file looks like this: |
1141 |
|
1142 |
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt |
1143 |
-index 922dec8..a45d4a2 100644 |
1144 |
+index 65b05ba..725a42a 100644 |
1145 |
--- a/Documentation/kernel-parameters.txt |
1146 |
+++ b/Documentation/kernel-parameters.txt |
1147 |
-@@ -1422,6 +1422,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1148 |
+@@ -1426,6 +1426,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1149 |
[KNL] Should the hard-lockup detector generate |
1150 |
backtraces on all cpus. |
1151 |
Format: <integer> |
1152 |
@@ -326,7 +326,7 @@ index 922dec8..a45d4a2 100644 |
1153 |
|
1154 |
hashdist= [KNL,NUMA] Large hashes allocated during boot |
1155 |
are distributed across NUMA nodes. Defaults on |
1156 |
-@@ -2651,6 +2657,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1157 |
+@@ -2655,6 +2661,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1158 |
noexec=on: enable non-executable mappings (default) |
1159 |
noexec=off: disable non-executable mappings |
1160 |
|
1161 |
@@ -337,7 +337,7 @@ index 922dec8..a45d4a2 100644 |
1162 |
nosmap [X86] |
1163 |
Disable SMAP (Supervisor Mode Access Prevention) |
1164 |
even if it is supported by processor. |
1165 |
-@@ -2959,6 +2969,35 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1166 |
+@@ -2963,6 +2973,35 @@ bytes respectively. Such letter suffixes can also be entirely omitted. |
1167 |
the specified number of seconds. This is to be used if |
1168 |
your oopses keep scrolling off the screen. |
1169 |
|
1170 |
@@ -419,7 +419,7 @@ index 3d0ae15..84e5412 100644 |
1171 |
cmd_syscalls = $(CONFIG_SHELL) $< $(CC) $(c_flags) $(missing_syscalls_flags) |
1172 |
|
1173 |
diff --git a/Makefile b/Makefile |
1174 |
-index 3cd6f6f..43e4233 100644 |
1175 |
+index 14dc275..3ff2e6b 100644 |
1176 |
--- a/Makefile |
1177 |
+++ b/Makefile |
1178 |
@@ -302,7 +302,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
1179 |
@@ -30243,10 +30243,10 @@ index 06eb322..ca545b8 100644 |
1180 |
+EXPORT_SYMBOL(pax_check_alloca); |
1181 |
+#endif |
1182 |
diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c |
1183 |
-index 36cf1a4..046b56f 100644 |
1184 |
+index 36cf1a4..f3362b0 100644 |
1185 |
--- a/arch/x86/kernel/dumpstack_64.c |
1186 |
+++ b/arch/x86/kernel/dumpstack_64.c |
1187 |
-@@ -237,8 +237,42 @@ int is_valid_bugaddr(unsigned long ip) |
1188 |
+@@ -237,8 +237,41 @@ int is_valid_bugaddr(unsigned long ip) |
1189 |
{ |
1190 |
unsigned short ud2; |
1191 |
|
1192 |
@@ -30274,7 +30274,6 @@ index 36cf1a4..046b56f 100644 |
1193 |
+ |
1194 |
+ case STACK_TYPE_IRQ: |
1195 |
+ stack_left = sp & (IRQ_STACK_SIZE - 1); |
1196 |
-+ put_cpu(); |
1197 |
+ break; |
1198 |
+ |
1199 |
+ case STACK_TYPE_EXCEPTION ... STACK_TYPE_EXCEPTION_LAST: |
1200 |
@@ -70084,10 +70083,10 @@ index 95cf1d8..b2a00f6 100644 |
1201 |
}; |
1202 |
|
1203 |
diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
1204 |
-index 0fafaa9..0227536 100644 |
1205 |
+index d4f495b..9b39d92 100644 |
1206 |
--- a/drivers/net/vxlan.c |
1207 |
+++ b/drivers/net/vxlan.c |
1208 |
-@@ -3193,7 +3193,7 @@ static struct net *vxlan_get_link_net(const struct net_device *dev) |
1209 |
+@@ -3195,7 +3195,7 @@ static struct net *vxlan_get_link_net(const struct net_device *dev) |
1210 |
return vxlan->net; |
1211 |
} |
1212 |
|
1213 |
@@ -70096,7 +70095,7 @@ index 0fafaa9..0227536 100644 |
1214 |
.kind = "vxlan", |
1215 |
.maxtype = IFLA_VXLAN_MAX, |
1216 |
.policy = vxlan_policy, |
1217 |
-@@ -3277,7 +3277,7 @@ static int vxlan_netdevice_event(struct notifier_block *unused, |
1218 |
+@@ -3279,7 +3279,7 @@ static int vxlan_netdevice_event(struct notifier_block *unused, |
1219 |
return NOTIFY_DONE; |
1220 |
} |
1221 |
|
1222 |
@@ -85235,7 +85234,7 @@ index a260cde..c395165 100644 |
1223 |
/* This is only available if kgdboc is a built in for early debugging */ |
1224 |
static int __init kgdboc_early_init(char *opt) |
1225 |
diff --git a/drivers/tty/serial/msm_serial.c b/drivers/tty/serial/msm_serial.c |
1226 |
-index 7312e7e..0a0f8b6 100644 |
1227 |
+index 6788e75..16f20c5 100644 |
1228 |
--- a/drivers/tty/serial/msm_serial.c |
1229 |
+++ b/drivers/tty/serial/msm_serial.c |
1230 |
@@ -1726,7 +1726,7 @@ static struct uart_driver msm_uart_driver = { |
1231 |
@@ -86804,7 +86803,7 @@ index 460cebf..eb16bb4 100644 |
1232 |
|
1233 |
int |
1234 |
diff --git a/drivers/usb/serial/console.c b/drivers/usb/serial/console.c |
1235 |
-index 8967715..4a3791b 100644 |
1236 |
+index b6f1ade..fb83f15 100644 |
1237 |
--- a/drivers/usb/serial/console.c |
1238 |
+++ b/drivers/usb/serial/console.c |
1239 |
@@ -126,7 +126,7 @@ static int usb_console_setup(struct console *co, char *options) |
1240 |
@@ -86816,7 +86815,7 @@ index 8967715..4a3791b 100644 |
1241 |
if (!tty_port_initialized(&port->port)) { |
1242 |
if (serial->type->set_termios) { |
1243 |
/* |
1244 |
-@@ -172,7 +172,7 @@ static int usb_console_setup(struct console *co, char *options) |
1245 |
+@@ -173,7 +173,7 @@ static int usb_console_setup(struct console *co, char *options) |
1246 |
} |
1247 |
/* Now that any required fake tty operations are completed restore |
1248 |
* the tty port count */ |
1249 |
@@ -86825,7 +86824,7 @@ index 8967715..4a3791b 100644 |
1250 |
/* The console is special in terms of closing the device so |
1251 |
* indicate this port is now acting as a system console. */ |
1252 |
port->port.console = 1; |
1253 |
-@@ -184,7 +184,7 @@ static int usb_console_setup(struct console *co, char *options) |
1254 |
+@@ -185,7 +185,7 @@ static int usb_console_setup(struct console *co, char *options) |
1255 |
tty_port_tty_set(&port->port, NULL); |
1256 |
tty_kref_put(tty); |
1257 |
reset_open_count: |
1258 |
@@ -86834,7 +86833,7 @@ index 8967715..4a3791b 100644 |
1259 |
usb_autopm_put_interface(serial->interface); |
1260 |
error_get_interface: |
1261 |
usb_serial_put(serial); |
1262 |
-@@ -195,7 +195,7 @@ static int usb_console_setup(struct console *co, char *options) |
1263 |
+@@ -196,7 +196,7 @@ static int usb_console_setup(struct console *co, char *options) |
1264 |
static void usb_console_write(struct console *co, |
1265 |
const char *buf, unsigned count) |
1266 |
{ |
1267 |
@@ -156652,7 +156651,7 @@ index afcc550..ed3f097 100644 |
1268 |
depends on !KMEMCHECK |
1269 |
select PAGE_EXTENSION |
1270 |
diff --git a/mm/backing-dev.c b/mm/backing-dev.c |
1271 |
-index 8fde443..a8cc381 100644 |
1272 |
+index 6ff2d77..0452af3 100644 |
1273 |
--- a/mm/backing-dev.c |
1274 |
+++ b/mm/backing-dev.c |
1275 |
@@ -12,7 +12,7 @@ |
1276 |
@@ -156664,7 +156663,7 @@ index 8fde443..a8cc381 100644 |
1277 |
|
1278 |
struct backing_dev_info noop_backing_dev_info = { |
1279 |
.name = "noop", |
1280 |
-@@ -898,7 +898,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name) |
1281 |
+@@ -903,7 +903,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name) |
1282 |
return err; |
1283 |
|
1284 |
err = bdi_register(bdi, NULL, "%.28s-%ld", name, |
1285 |
@@ -164068,7 +164067,7 @@ index 18e8893..82936b2 100644 |
1286 |
fle->object = flo; |
1287 |
else |
1288 |
diff --git a/net/core/neighbour.c b/net/core/neighbour.c |
1289 |
-index 2ae929f..fc8150d 100644 |
1290 |
+index 9901e5b..0b38f5b 100644 |
1291 |
--- a/net/core/neighbour.c |
1292 |
+++ b/net/core/neighbour.c |
1293 |
@@ -860,7 +860,7 @@ static void neigh_probe(struct neighbour *neigh) |
1294 |
@@ -164143,7 +164142,7 @@ index 2ae929f..fc8150d 100644 |
1295 |
|
1296 |
tmp.extra1 = &zero; |
1297 |
tmp.extra2 = &unres_qlen_max; |
1298 |
-@@ -2936,7 +2936,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, |
1299 |
+@@ -2937,7 +2937,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, |
1300 |
void __user *buffer, |
1301 |
size_t *lenp, loff_t *ppos) |
1302 |
{ |
1303 |
@@ -164825,20 +164824,6 @@ index 0df2aa6..7db59f7 100644 |
1304 |
.init = sysctl_core_net_init, |
1305 |
.exit = sysctl_core_net_exit, |
1306 |
}; |
1307 |
-diff --git a/net/dccp/input.c b/net/dccp/input.c |
1308 |
-index ba34718..8fedc2d 100644 |
1309 |
---- a/net/dccp/input.c |
1310 |
-+++ b/net/dccp/input.c |
1311 |
-@@ -606,7 +606,8 @@ int dccp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
1312 |
- if (inet_csk(sk)->icsk_af_ops->conn_request(sk, |
1313 |
- skb) < 0) |
1314 |
- return 1; |
1315 |
-- goto discard; |
1316 |
-+ consume_skb(skb); |
1317 |
-+ return 0; |
1318 |
- } |
1319 |
- if (dh->dccph_type == DCCP_PKT_RESET) |
1320 |
- goto discard; |
1321 |
diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c |
1322 |
index 13d6b1a..eaa0cee 100644 |
1323 |
--- a/net/decnet/af_decnet.c |
1324 |
@@ -165513,7 +165498,7 @@ index d6feabb..9cb3988 100644 |
1325 |
ICMP_PROT_UNREACH, 0); |
1326 |
} |
1327 |
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c |
1328 |
-index 65336f3..3c7e4b7 100644 |
1329 |
+index 9826695..84ffcbb 100644 |
1330 |
--- a/net/ipv4/ip_sockglue.c |
1331 |
+++ b/net/ipv4/ip_sockglue.c |
1332 |
@@ -1342,7 +1342,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, |
1333 |
@@ -169057,7 +169042,7 @@ index da9df2d..d8f3df4 100644 |
1334 |
table = kmemdup(event_sysctl_table, sizeof(event_sysctl_table), |
1335 |
GFP_KERNEL); |
1336 |
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c |
1337 |
-index 7341adf..0c5cfd3 100644 |
1338 |
+index 6dc44d9..6ccf1a3 100644 |
1339 |
--- a/net/netfilter/nf_conntrack_helper.c |
1340 |
+++ b/net/netfilter/nf_conntrack_helper.c |
1341 |
@@ -57,7 +57,7 @@ static struct ctl_table helper_sysctl_table[] = { |
1342 |
@@ -169942,7 +169927,7 @@ index 7eb955e..479c9a6 100644 |
1343 |
|
1344 |
static int __init ovs_vxlan_tnl_init(void) |
1345 |
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c |
1346 |
-index 458722b..5852eae 100644 |
1347 |
+index 34de326..071ac96 100644 |
1348 |
--- a/net/packet/af_packet.c |
1349 |
+++ b/net/packet/af_packet.c |
1350 |
@@ -278,7 +278,7 @@ static int packet_direct_xmit(struct sk_buff *skb) |
1351 |
@@ -169975,20 +169960,20 @@ index 458722b..5852eae 100644 |
1352 |
return idx; |
1353 |
} |
1354 |
|
1355 |
-@@ -1652,9 +1652,9 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
1356 |
- po->rollover = kzalloc(sizeof(*po->rollover), GFP_KERNEL); |
1357 |
- if (!po->rollover) |
1358 |
- return -ENOMEM; |
1359 |
-- atomic_long_set(&po->rollover->num, 0); |
1360 |
-- atomic_long_set(&po->rollover->num_huge, 0); |
1361 |
-- atomic_long_set(&po->rollover->num_failed, 0); |
1362 |
-+ atomic_long_set_unchecked(&po->rollover->num, 0); |
1363 |
-+ atomic_long_set_unchecked(&po->rollover->num_huge, 0); |
1364 |
-+ atomic_long_set_unchecked(&po->rollover->num_failed, 0); |
1365 |
+@@ -1662,9 +1662,9 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags) |
1366 |
+ rollover = kzalloc(sizeof(*rollover), GFP_KERNEL); |
1367 |
+ if (!rollover) |
1368 |
+ goto out; |
1369 |
+- atomic_long_set(&rollover->num, 0); |
1370 |
+- atomic_long_set(&rollover->num_huge, 0); |
1371 |
+- atomic_long_set(&rollover->num_failed, 0); |
1372 |
++ atomic_long_set_unchecked(&rollover->num, 0); |
1373 |
++ atomic_long_set_unchecked(&rollover->num_huge, 0); |
1374 |
++ atomic_long_set_unchecked(&rollover->num_failed, 0); |
1375 |
+ po->rollover = rollover; |
1376 |
} |
1377 |
|
1378 |
- mutex_lock(&fanout_mutex); |
1379 |
-@@ -2106,7 +2106,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, |
1380 |
+@@ -2119,7 +2119,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, |
1381 |
is_drop_n_account = true; |
1382 |
spin_lock(&sk->sk_receive_queue.lock); |
1383 |
po->stats.stats1.tp_drops++; |
1384 |
@@ -169997,7 +169982,7 @@ index 458722b..5852eae 100644 |
1385 |
spin_unlock(&sk->sk_receive_queue.lock); |
1386 |
|
1387 |
drop_n_restore: |
1388 |
-@@ -3848,7 +3848,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1389 |
+@@ -3867,7 +3867,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1390 |
case PACKET_HDRLEN: |
1391 |
if (len > sizeof(int)) |
1392 |
len = sizeof(int); |
1393 |
@@ -170006,7 +169991,7 @@ index 458722b..5852eae 100644 |
1394 |
return -EFAULT; |
1395 |
switch (val) { |
1396 |
case TPACKET_V1: |
1397 |
-@@ -3883,9 +3883,9 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1398 |
+@@ -3902,9 +3902,9 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1399 |
case PACKET_ROLLOVER_STATS: |
1400 |
if (!po->rollover) |
1401 |
return -EINVAL; |
1402 |
@@ -170019,7 +170004,7 @@ index 458722b..5852eae 100644 |
1403 |
data = &rstats; |
1404 |
lv = sizeof(rstats); |
1405 |
break; |
1406 |
-@@ -3903,7 +3903,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1407 |
+@@ -3922,7 +3922,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, |
1408 |
len = lv; |
1409 |
if (put_user(len, optlen)) |
1410 |
return -EFAULT; |
1411 |
@@ -170648,7 +170633,7 @@ index daf8554..4ab495b 100644 |
1412 |
|
1413 |
table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); |
1414 |
diff --git a/net/socket.c b/net/socket.c |
1415 |
-index 73dc69f..ca77f2f 100644 |
1416 |
+index 6bbccf0..1991a22 100644 |
1417 |
--- a/net/socket.c |
1418 |
+++ b/net/socket.c |
1419 |
@@ -89,6 +89,7 @@ |
1420 |
@@ -170867,7 +170852,7 @@ index 73dc69f..ca77f2f 100644 |
1421 |
|
1422 |
/* user mode address pointers */ |
1423 |
struct sockaddr __user *uaddr; |
1424 |
-@@ -2733,7 +2798,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) |
1425 |
+@@ -2735,7 +2800,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) |
1426 |
ifr = compat_alloc_user_space(buf_size); |
1427 |
rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8); |
1428 |
|
1429 |
@@ -170876,7 +170861,7 @@ index 73dc69f..ca77f2f 100644 |
1430 |
return -EFAULT; |
1431 |
|
1432 |
if (put_user(convert_in ? rxnfc : compat_ptr(data), |
1433 |
-@@ -2844,7 +2909,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, |
1434 |
+@@ -2846,7 +2911,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, |
1435 |
old_fs = get_fs(); |
1436 |
set_fs(KERNEL_DS); |
1437 |
err = dev_ioctl(net, cmd, |
1438 |
@@ -170885,7 +170870,7 @@ index 73dc69f..ca77f2f 100644 |
1439 |
set_fs(old_fs); |
1440 |
|
1441 |
return err; |
1442 |
-@@ -2937,7 +3002,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, |
1443 |
+@@ -2939,7 +3004,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, |
1444 |
|
1445 |
old_fs = get_fs(); |
1446 |
set_fs(KERNEL_DS); |
1447 |
@@ -170894,7 +170879,7 @@ index 73dc69f..ca77f2f 100644 |
1448 |
set_fs(old_fs); |
1449 |
|
1450 |
if (cmd == SIOCGIFMAP && !err) { |
1451 |
-@@ -3021,7 +3086,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, |
1452 |
+@@ -3023,7 +3088,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, |
1453 |
ret |= get_user(rtdev, &(ur4->rt_dev)); |
1454 |
if (rtdev) { |
1455 |
ret |= copy_from_user(devname, compat_ptr(rtdev), 15); |
1456 |
@@ -170903,7 +170888,7 @@ index 73dc69f..ca77f2f 100644 |
1457 |
devname[15] = 0; |
1458 |
} else |
1459 |
r4.rt_dev = NULL; |
1460 |
-@@ -3248,8 +3313,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, |
1461 |
+@@ -3250,8 +3315,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, |
1462 |
int __user *uoptlen; |
1463 |
int err; |
1464 |
|
1465 |
@@ -170914,7 +170899,7 @@ index 73dc69f..ca77f2f 100644 |
1466 |
|
1467 |
set_fs(KERNEL_DS); |
1468 |
if (level == SOL_SOCKET) |
1469 |
-@@ -3269,7 +3334,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, |
1470 |
+@@ -3271,7 +3336,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, |
1471 |
char __user *uoptval; |
1472 |
int err; |
1473 |
|
1474 |
@@ -193078,10 +193063,10 @@ index 0000000..74e91b2 |
1475 |
+enable_so_zpios_read_fndecl_64734 zpios_read fndecl 3 64734 NULL |
1476 |
diff --git a/scripts/gcc-plugins/size_overflow_plugin/e_fields.data b/scripts/gcc-plugins/size_overflow_plugin/e_fields.data |
1477 |
new file mode 100644 |
1478 |
-index 0000000..1181e93 |
1479 |
+index 0000000..0928e48 |
1480 |
--- /dev/null |
1481 |
+++ b/scripts/gcc-plugins/size_overflow_plugin/e_fields.data |
1482 |
-@@ -0,0 +1,16321 @@ |
1483 |
+@@ -0,0 +1,16326 @@ |
1484 |
+recv_ctrl_pipe_us_data_0_fields recv_ctrl_pipe us_data 0 0 NULL |
1485 |
+__earlyonly_bootmem_alloc_fndecl_3_fields __earlyonly_bootmem_alloc fndecl 2-3-4 3 NULL |
1486 |
+size_ttm_mem_reg_8_fields size ttm_mem_reg 0 8 NULL |
1487 |
@@ -193956,6 +193941,7 @@ index 0000000..1181e93 |
1488 |
+xfer_len_nvme_trans_io_cdb_3486_fields xfer_len nvme_trans_io_cdb 0 3486 NULL |
1489 |
+from_dio_submit_3494_fields from dio_submit 0 3494 NULL |
1490 |
+hs_bkt_bits_cfs_hash_3509_fields hs_bkt_bits cfs_hash 0 3509 NULL |
1491 |
++statesize_hash_alg_common_3517_fields statesize hash_alg_common 0 3517 NULL |
1492 |
+gru_vtop_fndecl_3522_fields gru_vtop fndecl 2 3522 NULL |
1493 |
+cipso_v4_gentag_rng_fndecl_3532_fields cipso_v4_gentag_rng fndecl 0 3532 NULL |
1494 |
+cl_out_max_entry_size_mvumi_hs_page1_3540_fields cl_out_max_entry_size mvumi_hs_page1 0 3540 NULL |
1495 |
@@ -194562,6 +194548,7 @@ index 0000000..1181e93 |
1496 |
+dmi_len_vardecl_dmi_scan_c_6054_fields dmi_len vardecl_dmi_scan.c 0 6054 NULL nohasharray |
1497 |
+ext4_inode_table_fndecl_6054_fields ext4_inode_table fndecl 0 6054 &dmi_len_vardecl_dmi_scan_c_6054_fields |
1498 |
+map_base_tpm_inf_dev_6056_fields map_base tpm_inf_dev 0 6056 NULL |
1499 |
++reqsize_kpp_alg_6064_fields reqsize kpp_alg 0 6064 NULL |
1500 |
+length_hci_ev_le_advertising_info_6074_fields length hci_ev_le_advertising_info 0 6074 NULL |
1501 |
+elog_len_extlog_l1_head_6075_fields elog_len extlog_l1_head 0 6075 NULL |
1502 |
+ioctx_alloc_fndecl_6081_fields ioctx_alloc fndecl 1 6081 NULL |
1503 |
@@ -195113,7 +195100,8 @@ index 0000000..1181e93 |
1504 |
+datablklen_capi_register_params_8275_fields datablklen capi_register_params 0 8275 NULL |
1505 |
+cdc_ncm_check_tx_max_fndecl_8278_fields cdc_ncm_check_tx_max fndecl 0-2 8278 NULL |
1506 |
+msg_len_rndis_message_8281_fields msg_len rndis_message 0 8281 NULL |
1507 |
-+__sg_free_table_fndecl_8283_fields __sg_free_table fndecl 2 8283 NULL |
1508 |
++__sg_free_table_fndecl_8283_fields __sg_free_table fndecl 2 8283 NULL nohasharray |
1509 |
++expectedlen_drbg_testvec_8283_fields expectedlen drbg_testvec 0 8283 &__sg_free_table_fndecl_8283_fields |
1510 |
+rxrpc_kernel_recv_data_fndecl_8286_fields rxrpc_kernel_recv_data fndecl 4 8286 NULL |
1511 |
+tail_len_cfg80211_beacon_data_8293_fields tail_len cfg80211_beacon_data 0 8293 NULL |
1512 |
+ns_blocks_per_segment_the_nilfs_8295_fields ns_blocks_per_segment the_nilfs 0 8295 NULL nohasharray |
1513 |
@@ -204534,6 +204522,7 @@ index 0000000..1181e93 |
1514 |
+ecc_strength_ds_nand_chip_45651_fields ecc_strength_ds nand_chip 0 45651 NULL |
1515 |
+inftl_writeblock_fndecl_45653_fields inftl_writeblock fndecl 2 45653 NULL |
1516 |
+size_core_name_45656_fields size core_name 0 45656 NULL |
1517 |
++b_public_size_kpp_testvec_45660_fields b_public_size kpp_testvec 0 45660 NULL |
1518 |
+blockmask_alauda_media_info_45662_fields blockmask alauda_media_info 0 45662 NULL |
1519 |
+dmi_base_vardecl_dmi_scan_c_45673_fields dmi_base vardecl_dmi_scan.c 0 45673 NULL |
1520 |
+_snd_pcm_hw_param_min_fndecl_45677_fields _snd_pcm_hw_param_min fndecl 3 45677 NULL |
1521 |
@@ -207995,6 +207984,7 @@ index 0000000..1181e93 |
1522 |
+fq_resize_fndecl_59744_fields fq_resize fndecl 2 59744 &ocfs2_read_dx_leaves_fndecl_59744_fields |
1523 |
+nx_fw_cmd_set_phy_fndecl_59745_fields nx_fw_cmd_set_phy fndecl 3 59745 NULL |
1524 |
+mt_count_mtop_59746_fields mt_count mtop 0 59746 NULL |
1525 |
++seedsize_rng_alg_59748_fields seedsize rng_alg 0 59748 NULL |
1526 |
+xlog_write_calc_vec_length_fndecl_59749_fields xlog_write_calc_vec_length fndecl 0 59749 NULL |
1527 |
+request_size_afs_call_59750_fields request_size afs_call 0 59750 NULL |
1528 |
+addr_phys_netup_dma_59759_fields addr_phys netup_dma 0 59759 NULL |
1529 |
@@ -225700,7 +225690,7 @@ index 0a578fe..b81f62d 100644 |
1530 |
}) |
1531 |
|
1532 |
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
1533 |
-index 7f9ee29..39268bd 100644 |
1534 |
+index 7f9ee29..1dccca1 100644 |
1535 |
--- a/virt/kvm/kvm_main.c |
1536 |
+++ b/virt/kvm/kvm_main.c |
1537 |
@@ -93,12 +93,17 @@ LIST_HEAD(vm_list); |
1538 |
@@ -225723,7 +225713,18 @@ index 7f9ee29..39268bd 100644 |
1539 |
|
1540 |
struct dentry *kvm_debugfs_dir; |
1541 |
EXPORT_SYMBOL_GPL(kvm_debugfs_dir); |
1542 |
-@@ -911,7 +916,7 @@ int __kvm_set_memory_region(struct kvm *kvm, |
1543 |
+@@ -572,6 +577,10 @@ static int kvm_create_vm_debugfs(struct kvm *kvm, int fd) |
1544 |
+ struct kvm_stat_data *stat_data; |
1545 |
+ struct kvm_stats_debugfs_item *p; |
1546 |
+ |
1547 |
++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
1548 |
++ return 0; |
1549 |
++#endif |
1550 |
++ |
1551 |
+ if (!debugfs_initialized()) |
1552 |
+ return 0; |
1553 |
+ |
1554 |
+@@ -911,7 +920,7 @@ int __kvm_set_memory_region(struct kvm *kvm, |
1555 |
/* We can read the guest memory with __xxx_user() later on. */ |
1556 |
if ((id < KVM_USER_MEM_SLOTS) && |
1557 |
((mem->userspace_addr & (PAGE_SIZE - 1)) || |
1558 |
@@ -225732,7 +225733,7 @@ index 7f9ee29..39268bd 100644 |
1559 |
(void __user *)(unsigned long)mem->userspace_addr, |
1560 |
mem->memory_size))) |
1561 |
goto out; |
1562 |
-@@ -2025,9 +2030,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); |
1563 |
+@@ -2025,9 +2034,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); |
1564 |
|
1565 |
int kvm_clear_guest_page(struct kvm *kvm, gfn_t gfn, int offset, int len) |
1566 |
{ |
1567 |
@@ -225752,7 +225753,7 @@ index 7f9ee29..39268bd 100644 |
1568 |
} |
1569 |
EXPORT_SYMBOL_GPL(kvm_clear_guest_page); |
1570 |
|
1571 |
-@@ -2379,7 +2392,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) |
1572 |
+@@ -2379,7 +2396,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) |
1573 |
return 0; |
1574 |
} |
1575 |
|
1576 |
@@ -225761,7 +225762,7 @@ index 7f9ee29..39268bd 100644 |
1577 |
.release = kvm_vcpu_release, |
1578 |
.unlocked_ioctl = kvm_vcpu_ioctl, |
1579 |
#ifdef CONFIG_KVM_COMPAT |
1580 |
-@@ -3144,7 +3157,7 @@ static long kvm_vm_compat_ioctl(struct file *filp, |
1581 |
+@@ -3144,7 +3161,7 @@ static long kvm_vm_compat_ioctl(struct file *filp, |
1582 |
} |
1583 |
#endif |
1584 |
|
1585 |
@@ -225770,21 +225771,7 @@ index 7f9ee29..39268bd 100644 |
1586 |
.release = kvm_vm_release, |
1587 |
.unlocked_ioctl = kvm_vm_ioctl, |
1588 |
#ifdef CONFIG_KVM_COMPAT |
1589 |
-@@ -3181,11 +3194,13 @@ static int kvm_dev_ioctl_create_vm(unsigned long type) |
1590 |
- return PTR_ERR(file); |
1591 |
- } |
1592 |
- |
1593 |
-+#ifndef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
1594 |
- if (kvm_create_vm_debugfs(kvm, r) < 0) { |
1595 |
- put_unused_fd(r); |
1596 |
- fput(file); |
1597 |
- return -ENOMEM; |
1598 |
- } |
1599 |
-+#endif |
1600 |
- |
1601 |
- fd_install(r, file); |
1602 |
- return r; |
1603 |
-@@ -3231,7 +3246,7 @@ static long kvm_dev_ioctl(struct file *filp, |
1604 |
+@@ -3231,7 +3248,7 @@ static long kvm_dev_ioctl(struct file *filp, |
1605 |
return r; |
1606 |
} |
1607 |
|
1608 |
@@ -225793,7 +225780,7 @@ index 7f9ee29..39268bd 100644 |
1609 |
.unlocked_ioctl = kvm_dev_ioctl, |
1610 |
.compat_ioctl = kvm_dev_ioctl, |
1611 |
.llseek = noop_llseek, |
1612 |
-@@ -3257,7 +3272,7 @@ static void hardware_enable_nolock(void *junk) |
1613 |
+@@ -3257,7 +3274,7 @@ static void hardware_enable_nolock(void *junk) |
1614 |
|
1615 |
if (r) { |
1616 |
cpumask_clear_cpu(cpu, cpus_hardware_enabled); |
1617 |
@@ -225802,7 +225789,7 @@ index 7f9ee29..39268bd 100644 |
1618 |
pr_info("kvm: enabling virtualization on CPU%d failed\n", cpu); |
1619 |
} |
1620 |
} |
1621 |
-@@ -3314,10 +3329,10 @@ static int hardware_enable_all(void) |
1622 |
+@@ -3314,10 +3331,10 @@ static int hardware_enable_all(void) |
1623 |
|
1624 |
kvm_usage_count++; |
1625 |
if (kvm_usage_count == 1) { |
1626 |
@@ -225815,7 +225802,7 @@ index 7f9ee29..39268bd 100644 |
1627 |
hardware_disable_all_nolock(); |
1628 |
r = -EBUSY; |
1629 |
} |
1630 |
-@@ -3877,8 +3892,9 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1631 |
+@@ -3877,8 +3894,9 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1632 |
/* A kmem cache lets us meet the alignment requirements of fx_save. */ |
1633 |
if (!vcpu_align) |
1634 |
vcpu_align = __alignof__(struct kvm_vcpu); |
1635 |
@@ -225827,7 +225814,7 @@ index 7f9ee29..39268bd 100644 |
1636 |
if (!kvm_vcpu_cache) { |
1637 |
r = -ENOMEM; |
1638 |
goto out_free_3; |
1639 |
-@@ -3888,9 +3904,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1640 |
+@@ -3888,9 +3906,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1641 |
if (r) |
1642 |
goto out_free; |
1643 |
|
1644 |
@@ -225839,7 +225826,7 @@ index 7f9ee29..39268bd 100644 |
1645 |
|
1646 |
r = misc_register(&kvm_dev); |
1647 |
if (r) { |
1648 |
-@@ -3900,9 +3918,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1649 |
+@@ -3900,9 +3920,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, |
1650 |
|
1651 |
register_syscore_ops(&kvm_syscore_ops); |
1652 |
|
1653 |
|
1654 |
diff --git a/4.9.12/4425_grsec_remove_EI_PAX.patch b/4.9.13/4425_grsec_remove_EI_PAX.patch |
1655 |
similarity index 100% |
1656 |
rename from 4.9.12/4425_grsec_remove_EI_PAX.patch |
1657 |
rename to 4.9.13/4425_grsec_remove_EI_PAX.patch |
1658 |
|
1659 |
diff --git a/4.9.12/4426_default_XATTR_PAX_FLAGS.patch b/4.9.13/4426_default_XATTR_PAX_FLAGS.patch |
1660 |
similarity index 100% |
1661 |
rename from 4.9.12/4426_default_XATTR_PAX_FLAGS.patch |
1662 |
rename to 4.9.13/4426_default_XATTR_PAX_FLAGS.patch |
1663 |
|
1664 |
diff --git a/4.9.12/4427_force_XATTR_PAX_tmpfs.patch b/4.9.13/4427_force_XATTR_PAX_tmpfs.patch |
1665 |
similarity index 100% |
1666 |
rename from 4.9.12/4427_force_XATTR_PAX_tmpfs.patch |
1667 |
rename to 4.9.13/4427_force_XATTR_PAX_tmpfs.patch |
1668 |
|
1669 |
diff --git a/4.9.12/4430_grsec-remove-localversion-grsec.patch b/4.9.13/4430_grsec-remove-localversion-grsec.patch |
1670 |
similarity index 100% |
1671 |
rename from 4.9.12/4430_grsec-remove-localversion-grsec.patch |
1672 |
rename to 4.9.13/4430_grsec-remove-localversion-grsec.patch |
1673 |
|
1674 |
diff --git a/4.9.12/4435_grsec-mute-warnings.patch b/4.9.13/4435_grsec-mute-warnings.patch |
1675 |
similarity index 100% |
1676 |
rename from 4.9.12/4435_grsec-mute-warnings.patch |
1677 |
rename to 4.9.13/4435_grsec-mute-warnings.patch |
1678 |
|
1679 |
diff --git a/4.9.12/4440_grsec-remove-protected-paths.patch b/4.9.13/4440_grsec-remove-protected-paths.patch |
1680 |
similarity index 100% |
1681 |
rename from 4.9.12/4440_grsec-remove-protected-paths.patch |
1682 |
rename to 4.9.13/4440_grsec-remove-protected-paths.patch |
1683 |
|
1684 |
diff --git a/4.9.12/4450_grsec-kconfig-default-gids.patch b/4.9.13/4450_grsec-kconfig-default-gids.patch |
1685 |
similarity index 100% |
1686 |
rename from 4.9.12/4450_grsec-kconfig-default-gids.patch |
1687 |
rename to 4.9.13/4450_grsec-kconfig-default-gids.patch |
1688 |
|
1689 |
diff --git a/4.9.12/4465_selinux-avc_audit-log-curr_ip.patch b/4.9.13/4465_selinux-avc_audit-log-curr_ip.patch |
1690 |
similarity index 100% |
1691 |
rename from 4.9.12/4465_selinux-avc_audit-log-curr_ip.patch |
1692 |
rename to 4.9.13/4465_selinux-avc_audit-log-curr_ip.patch |
1693 |
|
1694 |
diff --git a/4.9.12/4470_disable-compat_vdso.patch b/4.9.13/4470_disable-compat_vdso.patch |
1695 |
similarity index 100% |
1696 |
rename from 4.9.12/4470_disable-compat_vdso.patch |
1697 |
rename to 4.9.13/4470_disable-compat_vdso.patch |
1698 |
|
1699 |
diff --git a/4.9.12/4475_emutramp_default_on.patch b/4.9.13/4475_emutramp_default_on.patch |
1700 |
similarity index 100% |
1701 |
rename from 4.9.12/4475_emutramp_default_on.patch |
1702 |
rename to 4.9.13/4475_emutramp_default_on.patch |