Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 4.2.6/
Date: Sun, 29 Nov 2015 23:57:15
Message-Id: 1448841806.3db7f02c577b8b6e79b5f0926beed52f7ec501e8.blueness@gentoo
1 commit: 3db7f02c577b8b6e79b5f0926beed52f7ec501e8
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Mon Nov 30 00:03:26 2015 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Mon Nov 30 00:03:26 2015 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=3db7f02c
7
8 grsecurity-3.1-4.2.6-201511282239
9
10 4.2.6/0000_README | 2 +-
11 ...> 4420_grsecurity-3.1-4.2.6-201511282239.patch} | 699 +++++++++++++++------
12 2 files changed, 500 insertions(+), 201 deletions(-)
13
14 diff --git a/4.2.6/0000_README b/4.2.6/0000_README
15 index 91bcf5d..ef0e3e5 100644
16 --- a/4.2.6/0000_README
17 +++ b/4.2.6/0000_README
18 @@ -2,7 +2,7 @@ README
19 -----------------------------------------------------------------------------
20 Individual Patch Descriptions:
21 -----------------------------------------------------------------------------
22 -Patch: 4420_grsecurity-3.1-4.2.6-201511232037.patch
23 +Patch: 4420_grsecurity-3.1-4.2.6-201511282239.patch
24 From: http://www.grsecurity.net
25 Desc: hardened-sources base patch from upstream grsecurity
26
27
28 diff --git a/4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch b/4.2.6/4420_grsecurity-3.1-4.2.6-201511282239.patch
29 similarity index 99%
30 rename from 4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch
31 rename to 4.2.6/4420_grsecurity-3.1-4.2.6-201511282239.patch
32 index 32f511d..3903e3d 100644
33 --- a/4.2.6/4420_grsecurity-3.1-4.2.6-201511232037.patch
34 +++ b/4.2.6/4420_grsecurity-3.1-4.2.6-201511282239.patch
35 @@ -3356,7 +3356,7 @@ index 8b60fde..8d986dd 100644
36 # ifdef CONFIG_ARM_KERNMEM_PERMS
37 . = ALIGN(1<<SECTION_SHIFT);
38 diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c
39 -index f9c341c..7430436 100644
40 +index f9c341c..c9cead1 100644
41 --- a/arch/arm/kvm/arm.c
42 +++ b/arch/arm/kvm/arm.c
43 @@ -57,7 +57,7 @@ static unsigned long hyp_default_vectors;
44 @@ -3395,15 +3395,6 @@ index f9c341c..7430436 100644
45 kvm->arch.vmid = kvm_next_vmid;
46 kvm_next_vmid++;
47
48 -@@ -1110,7 +1110,7 @@ struct kvm_vcpu *kvm_mpidr_to_vcpu(struct kvm *kvm, unsigned long mpidr)
49 - /**
50 - * Initialize Hyp-mode and memory mappings on all CPUs.
51 - */
52 --int kvm_arch_init(void *opaque)
53 -+int kvm_arch_init(const void *opaque)
54 - {
55 - int err;
56 - int ret, cpu;
57 diff --git a/arch/arm/lib/clear_user.S b/arch/arm/lib/clear_user.S
58 index 1710fd7..ec3e014 100644
59 --- a/arch/arm/lib/clear_user.S
60 @@ -7113,19 +7104,6 @@ index 8ea28e6..c8873d5 100644
61
62 info.si_code = FPE_INTOVF;
63 info.si_signo = SIGFPE;
64 -diff --git a/arch/mips/kvm/mips.c b/arch/mips/kvm/mips.c
65 -index cd4c129..290c518 100644
66 ---- a/arch/mips/kvm/mips.c
67 -+++ b/arch/mips/kvm/mips.c
68 -@@ -1016,7 +1016,7 @@ long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg)
69 - return r;
70 - }
71 -
72 --int kvm_arch_init(void *opaque)
73 -+int kvm_arch_init(const void *opaque)
74 - {
75 - if (kvm_mips_callbacks) {
76 - kvm_err("kvm: module already exists\n");
77 diff --git a/arch/mips/mm/fault.c b/arch/mips/mm/fault.c
78 index 852a41c..75b9d38 100644
79 --- a/arch/mips/mm/fault.c
80 @@ -9391,19 +9369,6 @@ index b457bfa..9018cde 100644
81 if (IS_ERR_VALUE(vdso_base)) {
82 rc = vdso_base;
83 goto fail_mmapsem;
84 -diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c
85 -index e5dde32..557af3d 100644
86 ---- a/arch/powerpc/kvm/powerpc.c
87 -+++ b/arch/powerpc/kvm/powerpc.c
88 -@@ -1404,7 +1404,7 @@ void kvmppc_init_lpid(unsigned long nr_lpids_param)
89 - }
90 - EXPORT_SYMBOL_GPL(kvmppc_init_lpid);
91 -
92 --int kvm_arch_init(void *opaque)
93 -+int kvm_arch_init(const void *opaque)
94 - {
95 - return 0;
96 - }
97 diff --git a/arch/powerpc/lib/usercopy_64.c b/arch/powerpc/lib/usercopy_64.c
98 index 5eea6f3..5d10396 100644
99 --- a/arch/powerpc/lib/usercopy_64.c
100 @@ -22069,7 +22034,7 @@ index cd79194..6a9956f 100644
101 }
102
103 diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
104 -index a8df874..ef0e34f 100644
105 +index a8df874..43b72d3 100644
106 --- a/arch/x86/include/asm/uaccess.h
107 +++ b/arch/x86/include/asm/uaccess.h
108 @@ -7,6 +7,7 @@
109 @@ -22117,7 +22082,7 @@ index a8df874..ef0e34f 100644
110 + _cond_resched(); \
111 + if (__get_user(__c_ao, (char __user *)__addr)) \
112 + break; \
113 -+ if (type != VERIFY_WRITE) { \
114 ++ if ((type) != VERIFY_WRITE) { \
115 + __addr = __addr_ao; \
116 + continue; \
117 + } \
118 @@ -30058,7 +30023,7 @@ index 0f67d7e..4b9fa11 100644
119 goto error;
120 walker->ptep_user[walker->level - 1] = ptep_user;
121 diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
122 -index 2d32b67..06cac10 100644
123 +index 2d32b67..976f46e 100644
124 --- a/arch/x86/kvm/svm.c
125 +++ b/arch/x86/kvm/svm.c
126 @@ -1106,6 +1106,8 @@ static void init_vmcb(struct vcpu_svm *svm, bool init_event)
127 @@ -30152,6 +30117,15 @@ index 2d32b67..06cac10 100644
128 reload_tss(vcpu);
129
130 local_irq_disable();
131 +@@ -4355,7 +4363,7 @@ static void svm_sched_in(struct kvm_vcpu *vcpu, int cpu)
132 + {
133 + }
134 +
135 +-static struct kvm_x86_ops svm_x86_ops = {
136 ++static struct kvm_x86_ops svm_x86_ops __read_only = {
137 + .cpu_has_kvm_support = has_svm,
138 + .disabled_by_bios = is_disabled,
139 + .hardware_setup = svm_hardware_setup,
140 @@ -4374,7 +4382,7 @@ static struct kvm_x86_ops svm_x86_ops = {
141 .vcpu_load = svm_vcpu_load,
142 .vcpu_put = svm_vcpu_put,
143 @@ -30162,7 +30136,7 @@ index 2d32b67..06cac10 100644
144 .set_msr = svm_set_msr,
145 .get_segment_base = svm_get_segment_base,
146 diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
147 -index aa9e8229..6223041 100644
148 +index aa9e8229..5f643bf 100644
149 --- a/arch/x86/kvm/vmx.c
150 +++ b/arch/x86/kvm/vmx.c
151 @@ -1440,12 +1440,12 @@ static void vmcs_write64(unsigned long field, u64 value)
152 @@ -30256,40 +30230,32 @@ index aa9e8229..6223041 100644
153 * using the APIC_ACCESS_ADDR VMCS field.
154 */
155 - if (!flexpriority_enabled)
156 -- kvm_x86_ops->set_apic_access_page_addr = NULL;
157 + if (!flexpriority_enabled) {
158 + pax_open_kernel();
159 -+ *(void **)&kvm_x86_ops->set_apic_access_page_addr = NULL;
160 + kvm_x86_ops->set_apic_access_page_addr = NULL;
161 + pax_close_kernel();
162 + }
163
164 - if (!cpu_has_vmx_tpr_shadow())
165 -- kvm_x86_ops->update_cr8_intercept = NULL;
166 + if (!cpu_has_vmx_tpr_shadow()) {
167 + pax_open_kernel();
168 -+ *(void **)&kvm_x86_ops->update_cr8_intercept = NULL;
169 + kvm_x86_ops->update_cr8_intercept = NULL;
170 + pax_close_kernel();
171 + }
172
173 if (enable_ept && !cpu_has_vmx_ept_2m_page())
174 kvm_disable_largepages();
175 -@@ -6112,14 +6132,16 @@ static __init int hardware_setup(void)
176 +@@ -6112,6 +6132,7 @@ static __init int hardware_setup(void)
177 if (!cpu_has_vmx_apicv())
178 enable_apicv = 0;
179
180 + pax_open_kernel();
181 if (enable_apicv)
182 -- kvm_x86_ops->update_cr8_intercept = NULL;
183 -+ *(void **)&kvm_x86_ops->update_cr8_intercept = NULL;
184 + kvm_x86_ops->update_cr8_intercept = NULL;
185 else {
186 -- kvm_x86_ops->hwapic_irr_update = NULL;
187 -- kvm_x86_ops->hwapic_isr_update = NULL;
188 -- kvm_x86_ops->deliver_posted_interrupt = NULL;
189 -- kvm_x86_ops->sync_pir_to_irr = vmx_sync_pir_to_irr_dummy;
190 -+ *(void **)&kvm_x86_ops->hwapic_irr_update = NULL;
191 -+ *(void **)&kvm_x86_ops->hwapic_isr_update = NULL;
192 -+ *(void **)&kvm_x86_ops->deliver_posted_interrupt = NULL;
193 -+ *(void **)&kvm_x86_ops->sync_pir_to_irr = vmx_sync_pir_to_irr_dummy;
194 +@@ -6120,6 +6141,7 @@ static __init int hardware_setup(void)
195 + kvm_x86_ops->deliver_posted_interrupt = NULL;
196 + kvm_x86_ops->sync_pir_to_irr = vmx_sync_pir_to_irr_dummy;
197 }
198 + pax_close_kernel();
199
200 @@ -30299,15 +30265,11 @@ index aa9e8229..6223041 100644
201 enable_pml = 0;
202
203 if (!enable_pml) {
204 -- kvm_x86_ops->slot_enable_log_dirty = NULL;
205 -- kvm_x86_ops->slot_disable_log_dirty = NULL;
206 -- kvm_x86_ops->flush_log_dirty = NULL;
207 -- kvm_x86_ops->enable_log_dirty_pt_masked = NULL;
208 + pax_open_kernel();
209 -+ *(void **)&kvm_x86_ops->slot_enable_log_dirty = NULL;
210 -+ *(void **)&kvm_x86_ops->slot_disable_log_dirty = NULL;
211 -+ *(void **)&kvm_x86_ops->flush_log_dirty = NULL;
212 -+ *(void **)&kvm_x86_ops->enable_log_dirty_pt_masked = NULL;
213 + kvm_x86_ops->slot_enable_log_dirty = NULL;
214 + kvm_x86_ops->slot_disable_log_dirty = NULL;
215 + kvm_x86_ops->flush_log_dirty = NULL;
216 + kvm_x86_ops->enable_log_dirty_pt_masked = NULL;
217 + pax_close_kernel();
218 }
219
220 @@ -30367,8 +30329,17 @@ index aa9e8229..6223041 100644
221 #endif
222
223 vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP)
224 +@@ -10309,7 +10354,7 @@ static void vmx_enable_log_dirty_pt_masked(struct kvm *kvm,
225 + kvm_mmu_clear_dirty_pt_masked(kvm, memslot, offset, mask);
226 + }
227 +
228 +-static struct kvm_x86_ops vmx_x86_ops = {
229 ++static struct kvm_x86_ops vmx_x86_ops __read_only = {
230 + .cpu_has_kvm_support = cpu_has_kvm_support,
231 + .disabled_by_bios = vmx_disabled_by_bios,
232 + .hardware_setup = hardware_setup,
233 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
234 -index 373328b7..ebd267f 100644
235 +index 373328b7..310cf2f 100644
236 --- a/arch/x86/kvm/x86.c
237 +++ b/arch/x86/kvm/x86.c
238 @@ -1842,8 +1842,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
239 @@ -30427,15 +30398,6 @@ index 373328b7..ebd267f 100644
240 guest_xsave->region, sizeof(struct fxregs_state));
241 }
242 return 0;
243 -@@ -5788,7 +5790,7 @@ static struct notifier_block pvclock_gtod_notifier = {
244 - };
245 - #endif
246 -
247 --int kvm_arch_init(void *opaque)
248 -+int kvm_arch_init(const void *opaque)
249 - {
250 - int r;
251 - struct kvm_x86_ops *ops = opaque;
252 @@ -7217,7 +7219,7 @@ int kvm_arch_vcpu_ioctl_translate(struct kvm_vcpu *vcpu,
253 int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu)
254 {
255 @@ -37754,7 +37716,7 @@ index ea5815c..5880da6 100644
256
257 scatterwalk_start(&walk, sg);
258 diff --git a/crypto/zlib.c b/crypto/zlib.c
259 -index d51a30a..fb1f8af 100644
260 +index d51a30a..b6891a3 100644
261 --- a/crypto/zlib.c
262 +++ b/crypto/zlib.c
263 @@ -95,10 +95,10 @@ static int zlib_compress_setup(struct crypto_pcomp *tfm, const void *params,
264 @@ -37770,6 +37732,34 @@ index d51a30a..fb1f8af 100644
265 : DEF_MEM_LEVEL;
266
267 workspacesize = zlib_deflate_workspacesize(window_bits, mem_level);
268 +@@ -108,15 +108,15 @@ static int zlib_compress_setup(struct crypto_pcomp *tfm, const void *params,
269 +
270 + ret = zlib_deflateInit2(stream,
271 + tb[ZLIB_COMP_LEVEL]
272 +- ? nla_get_u32(tb[ZLIB_COMP_LEVEL])
273 ++ ? nla_get_s32(tb[ZLIB_COMP_LEVEL])
274 + : Z_DEFAULT_COMPRESSION,
275 + tb[ZLIB_COMP_METHOD]
276 +- ? nla_get_u32(tb[ZLIB_COMP_METHOD])
277 ++ ? nla_get_s32(tb[ZLIB_COMP_METHOD])
278 + : Z_DEFLATED,
279 + window_bits,
280 + mem_level,
281 + tb[ZLIB_COMP_STRATEGY]
282 +- ? nla_get_u32(tb[ZLIB_COMP_STRATEGY])
283 ++ ? nla_get_s32(tb[ZLIB_COMP_STRATEGY])
284 + : Z_DEFAULT_STRATEGY);
285 + if (ret != Z_OK) {
286 + vfree(stream->workspace);
287 +@@ -224,7 +224,7 @@ static int zlib_decompress_setup(struct crypto_pcomp *tfm, const void *params,
288 + zlib_decomp_exit(ctx);
289 +
290 + ctx->decomp_windowBits = tb[ZLIB_DECOMP_WINDOWBITS]
291 +- ? nla_get_u32(tb[ZLIB_DECOMP_WINDOWBITS])
292 ++ ? nla_get_s32(tb[ZLIB_DECOMP_WINDOWBITS])
293 + : DEF_WBITS;
294 +
295 + stream->workspace = vzalloc(zlib_inflate_workspacesize());
296 diff --git a/drivers/acpi/acpi_video.c b/drivers/acpi/acpi_video.c
297 index 8c2fe2f..fc47c12 100644
298 --- a/drivers/acpi/acpi_video.c
299 @@ -47136,6 +47126,74 @@ index 4d9b195..455075c 100644
300 return -EFAULT;
301 } else {
302 memcpy(buf, dp, left);
303 +diff --git a/drivers/isdn/hisax/config.c b/drivers/isdn/hisax/config.c
304 +index b33f53b..bf04d2a 100644
305 +--- a/drivers/isdn/hisax/config.c
306 ++++ b/drivers/isdn/hisax/config.c
307 +@@ -1896,7 +1896,7 @@ static void EChannel_proc_rcv(struct hisax_d_if *d_if)
308 + ptr--;
309 + *ptr++ = '\n';
310 + *ptr = 0;
311 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
312 ++ HiSax_putstatus(cs, NULL, cs->dlog);
313 + } else
314 + HiSax_putstatus(cs, "LogEcho: ",
315 + "warning Frame too big (%d)",
316 +diff --git a/drivers/isdn/hisax/hfc_pci.c b/drivers/isdn/hisax/hfc_pci.c
317 +index 4a48255..90449e1 100644
318 +--- a/drivers/isdn/hisax/hfc_pci.c
319 ++++ b/drivers/isdn/hisax/hfc_pci.c
320 +@@ -901,7 +901,7 @@ Begin:
321 + ptr--;
322 + *ptr++ = '\n';
323 + *ptr = 0;
324 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
325 ++ HiSax_putstatus(cs, NULL, cs->dlog);
326 + } else
327 + HiSax_putstatus(cs, "LogEcho: ", "warning Frame too big (%d)", total - 3);
328 + }
329 +diff --git a/drivers/isdn/hisax/hfc_sx.c b/drivers/isdn/hisax/hfc_sx.c
330 +index b1fad81..13b2151 100644
331 +--- a/drivers/isdn/hisax/hfc_sx.c
332 ++++ b/drivers/isdn/hisax/hfc_sx.c
333 +@@ -674,7 +674,7 @@ receive_emsg(struct IsdnCardState *cs)
334 + ptr--;
335 + *ptr++ = '\n';
336 + *ptr = 0;
337 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
338 ++ HiSax_putstatus(cs, NULL, cs->dlog);
339 + } else
340 + HiSax_putstatus(cs, "LogEcho: ", "warning Frame too big (%d)", skb->len);
341 + }
342 +diff --git a/drivers/isdn/hisax/q931.c b/drivers/isdn/hisax/q931.c
343 +index b420f8b..ba4beb2 100644
344 +--- a/drivers/isdn/hisax/q931.c
345 ++++ b/drivers/isdn/hisax/q931.c
346 +@@ -1179,7 +1179,7 @@ LogFrame(struct IsdnCardState *cs, u_char *buf, int size)
347 + dp--;
348 + *dp++ = '\n';
349 + *dp = 0;
350 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
351 ++ HiSax_putstatus(cs, NULL, cs->dlog);
352 + } else
353 + HiSax_putstatus(cs, "LogFrame: ", "warning Frame too big (%d)", size);
354 + }
355 +@@ -1246,7 +1246,7 @@ dlogframe(struct IsdnCardState *cs, struct sk_buff *skb, int dir)
356 + }
357 + if (finish) {
358 + *dp = 0;
359 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
360 ++ HiSax_putstatus(cs, NULL, cs->dlog);
361 + return;
362 + }
363 + if ((0xfe & buf[0]) == PROTO_DIS_N0) { /* 1TR6 */
364 +@@ -1509,5 +1509,5 @@ dlogframe(struct IsdnCardState *cs, struct sk_buff *skb, int dir)
365 + dp += sprintf(dp, "Unknown protocol %x!", buf[0]);
366 + }
367 + *dp = 0;
368 +- HiSax_putstatus(cs, NULL, "%s", cs->dlog);
369 ++ HiSax_putstatus(cs, NULL, cs->dlog);
370 + }
371 diff --git a/drivers/isdn/i4l/isdn_common.c b/drivers/isdn/i4l/isdn_common.c
372 index 9b856e1..fa03c92 100644
373 --- a/drivers/isdn/i4l/isdn_common.c
374 @@ -47925,9 +47983,18 @@ index d10d300..6169233 100644
375 "md/raid1:%s: read error corrected "
376 "(%d sectors at %llu on %s)\n",
377 diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c
378 -index d4b70d9..3e3bbb8 100644
379 +index d4b70d9..54d3a62 100644
380 --- a/drivers/md/raid10.c
381 +++ b/drivers/md/raid10.c
382 +@@ -1157,7 +1157,7 @@ static void __make_request(struct mddev *mddev, struct bio *bio)
383 + struct md_rdev *blocked_rdev;
384 + struct blk_plug_cb *cb;
385 + struct raid10_plug_cb *plug = NULL;
386 +- int sectors_handled;
387 ++ sector_t sectors_handled;
388 + int max_sectors;
389 + int sectors;
390 +
391 @@ -1934,7 +1934,7 @@ static void end_sync_read(struct bio *bio, int error)
392 /* The write handler will notice the lack of
393 * R10BIO_Uptodate and record any errors etc
394 @@ -75933,10 +76000,113 @@ index b823fac..c5155de 100644
395 btrfs_end_transaction(trans, root);
396 goto out;
397 diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
398 -index b54e630..6ecf999 100644
399 +index b54e630..48bd25c 100644
400 --- a/fs/btrfs/inode.c
401 +++ b/fs/btrfs/inode.c
402 -@@ -5632,6 +5632,7 @@ static int btrfs_real_readdir(struct file *file, struct dir_context *ctx)
403 +@@ -4184,6 +4184,47 @@ static int truncate_space_check(struct btrfs_trans_handle *trans,
404 +
405 + }
406 +
407 ++static int truncate_inline_extent(struct inode *inode,
408 ++ struct btrfs_path *path,
409 ++ struct btrfs_key *found_key,
410 ++ const u64 item_end,
411 ++ const u64 new_size)
412 ++{
413 ++ struct extent_buffer *leaf = path->nodes[0];
414 ++ int slot = path->slots[0];
415 ++ struct btrfs_file_extent_item *fi;
416 ++ u32 size = (u32)(new_size - found_key->offset);
417 ++ struct btrfs_root *root = BTRFS_I(inode)->root;
418 ++
419 ++ fi = btrfs_item_ptr(leaf, slot, struct btrfs_file_extent_item);
420 ++
421 ++ if (btrfs_file_extent_compression(leaf, fi) != BTRFS_COMPRESS_NONE) {
422 ++ loff_t offset = new_size;
423 ++ loff_t page_end = ALIGN(offset, PAGE_CACHE_SIZE);
424 ++
425 ++ /*
426 ++ * Zero out the remaining of the last page of our inline extent,
427 ++ * instead of directly truncating our inline extent here - that
428 ++ * would be much more complex (decompressing all the data, then
429 ++ * compressing the truncated data, which might be bigger than
430 ++ * the size of the inline extent, resize the extent, etc).
431 ++ * We release the path because to get the page we might need to
432 ++ * read the extent item from disk (data not in the page cache).
433 ++ */
434 ++ btrfs_release_path(path);
435 ++ return btrfs_truncate_page(inode, offset, page_end - offset, 0);
436 ++ }
437 ++
438 ++ btrfs_set_file_extent_ram_bytes(leaf, fi, size);
439 ++ size = btrfs_file_extent_calc_inline_size(size);
440 ++ btrfs_truncate_item(root, path, size, 1);
441 ++
442 ++ if (test_bit(BTRFS_ROOT_REF_COWS, &root->state))
443 ++ inode_sub_bytes(inode, item_end + 1 - new_size);
444 ++
445 ++ return 0;
446 ++}
447 ++
448 + /*
449 + * this can truncate away extent items, csum items and directory items.
450 + * It starts at a high offset and removes keys until it can't find
451 +@@ -4378,27 +4419,40 @@ search_again:
452 + * special encodings
453 + */
454 + if (!del_item &&
455 +- btrfs_file_extent_compression(leaf, fi) == 0 &&
456 + btrfs_file_extent_encryption(leaf, fi) == 0 &&
457 + btrfs_file_extent_other_encoding(leaf, fi) == 0) {
458 +- u32 size = new_size - found_key.offset;
459 +-
460 +- if (test_bit(BTRFS_ROOT_REF_COWS, &root->state))
461 +- inode_sub_bytes(inode, item_end + 1 -
462 +- new_size);
463 +
464 + /*
465 +- * update the ram bytes to properly reflect
466 +- * the new size of our item
467 ++ * Need to release path in order to truncate a
468 ++ * compressed extent. So delete any accumulated
469 ++ * extent items so far.
470 + */
471 +- btrfs_set_file_extent_ram_bytes(leaf, fi, size);
472 +- size =
473 +- btrfs_file_extent_calc_inline_size(size);
474 +- btrfs_truncate_item(root, path, size, 1);
475 ++ if (btrfs_file_extent_compression(leaf, fi) !=
476 ++ BTRFS_COMPRESS_NONE && pending_del_nr) {
477 ++ err = btrfs_del_items(trans, root, path,
478 ++ pending_del_slot,
479 ++ pending_del_nr);
480 ++ if (err) {
481 ++ btrfs_abort_transaction(trans,
482 ++ root,
483 ++ err);
484 ++ goto error;
485 ++ }
486 ++ pending_del_nr = 0;
487 ++ }
488 ++
489 ++ err = truncate_inline_extent(inode, path,
490 ++ &found_key,
491 ++ item_end,
492 ++ new_size);
493 ++ if (err) {
494 ++ btrfs_abort_transaction(trans,
495 ++ root, err);
496 ++ goto error;
497 ++ }
498 + } else if (test_bit(BTRFS_ROOT_REF_COWS,
499 + &root->state)) {
500 +- inode_sub_bytes(inode, item_end + 1 -
501 +- found_key.offset);
502 ++ inode_sub_bytes(inode, item_end + 1 - new_size);
503 + }
504 + }
505 + delete:
506 +@@ -5632,6 +5686,7 @@ static int btrfs_real_readdir(struct file *file, struct dir_context *ctx)
507 char *name_ptr;
508 int name_len;
509 int is_curr = 0; /* ctx->pos points to the current index? */
510 @@ -75944,7 +76114,7 @@ index b54e630..6ecf999 100644
511
512 /* FIXME, use a real flag for deciding about the key type */
513 if (root->fs_info->tree_root == root)
514 -@@ -5660,6 +5661,7 @@ static int btrfs_real_readdir(struct file *file, struct dir_context *ctx)
515 +@@ -5660,6 +5715,7 @@ static int btrfs_real_readdir(struct file *file, struct dir_context *ctx)
516 if (ret < 0)
517 goto err;
518
519 @@ -75952,7 +76122,7 @@ index b54e630..6ecf999 100644
520 while (1) {
521 leaf = path->nodes[0];
522 slot = path->slots[0];
523 -@@ -5739,6 +5741,7 @@ skip:
524 +@@ -5739,6 +5795,7 @@ skip:
525
526 if (over)
527 goto nopos;
528 @@ -75960,7 +76130,7 @@ index b54e630..6ecf999 100644
529 di_len = btrfs_dir_name_len(leaf, di) +
530 btrfs_dir_data_len(leaf, di) + sizeof(*di);
531 di_cur += di_len;
532 -@@ -5751,11 +5754,20 @@ next:
533 +@@ -5751,11 +5808,20 @@ next:
534 if (key_type == BTRFS_DIR_INDEX_KEY) {
535 if (is_curr)
536 ctx->pos++;
537 @@ -84430,7 +84600,7 @@ index ce9e39f..5c5a436 100644
538 {
539 const struct seq_operations *op = ((struct seq_file *)file->private_data)->op;
540 diff --git a/fs/splice.c b/fs/splice.c
541 -index 5fc1e50..6ae8957 100644
542 +index 5fc1e50..fcc355d 100644
543 --- a/fs/splice.c
544 +++ b/fs/splice.c
545 @@ -192,7 +192,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe,
546 @@ -84499,9 +84669,17 @@ index 5fc1e50..6ae8957 100644
547 sd->need_wakeup = true;
548 }
549
550 -@@ -810,10 +810,10 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des
551 +@@ -809,11 +809,18 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des
552 + */
553 static int splice_from_pipe_next(struct pipe_inode_info *pipe, struct splice_desc *sd)
554 {
555 ++ /*
556 ++ * Check for signal early to make process killable when there are
557 ++ * always buffers available
558 ++ */
559 ++ if (signal_pending(current))
560 ++ return -ERESTARTSYS;
561 ++
562 while (!pipe->nrbufs) {
563 - if (!pipe->writers)
564 + if (!atomic_read(&pipe->writers))
565 @@ -84512,7 +84690,15 @@ index 5fc1e50..6ae8957 100644
566 return 0;
567
568 if (sd->flags & SPLICE_F_NONBLOCK)
569 -@@ -1028,7 +1028,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
570 +@@ -884,6 +891,7 @@ ssize_t __splice_from_pipe(struct pipe_inode_info *pipe, struct splice_desc *sd,
571 +
572 + splice_from_pipe_begin(sd);
573 + do {
574 ++ cond_resched();
575 + ret = splice_from_pipe_next(pipe, sd);
576 + if (ret > 0)
577 + ret = splice_from_pipe_feed(pipe, sd, actor);
578 +@@ -1028,7 +1036,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
579 ops->release(pipe, buf);
580 pipe->curbuf = (pipe->curbuf + 1) & (pipe->buffers - 1);
581 pipe->nrbufs--;
582 @@ -84521,7 +84707,7 @@ index 5fc1e50..6ae8957 100644
583 sd.need_wakeup = true;
584 } else {
585 buf->offset += ret;
586 -@@ -1188,7 +1188,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd,
587 +@@ -1188,7 +1196,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd,
588 * out of the pipe right after the splice_to_pipe(). So set
589 * PIPE_READERS appropriately.
590 */
591 @@ -84530,7 +84716,7 @@ index 5fc1e50..6ae8957 100644
592
593 current->splice_pipe = pipe;
594 }
595 -@@ -1495,6 +1495,7 @@ static int get_iovec_page_array(const struct iovec __user *iov,
596 +@@ -1495,6 +1503,7 @@ static int get_iovec_page_array(const struct iovec __user *iov,
597
598 partial[buffers].offset = off;
599 partial[buffers].len = plen;
600 @@ -84538,7 +84724,7 @@ index 5fc1e50..6ae8957 100644
601
602 off = 0;
603 len -= plen;
604 -@@ -1726,9 +1727,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
605 +@@ -1726,9 +1735,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
606 ret = -ERESTARTSYS;
607 break;
608 }
609 @@ -84550,7 +84736,7 @@ index 5fc1e50..6ae8957 100644
610 if (flags & SPLICE_F_NONBLOCK) {
611 ret = -EAGAIN;
612 break;
613 -@@ -1760,7 +1761,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
614 +@@ -1760,7 +1769,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
615 pipe_lock(pipe);
616
617 while (pipe->nrbufs >= pipe->buffers) {
618 @@ -84559,7 +84745,7 @@ index 5fc1e50..6ae8957 100644
619 send_sig(SIGPIPE, current, 0);
620 ret = -EPIPE;
621 break;
622 -@@ -1773,9 +1774,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
623 +@@ -1773,9 +1782,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
624 ret = -ERESTARTSYS;
625 break;
626 }
627 @@ -84571,7 +84757,7 @@ index 5fc1e50..6ae8957 100644
628 }
629
630 pipe_unlock(pipe);
631 -@@ -1811,14 +1812,14 @@ retry:
632 +@@ -1811,14 +1820,14 @@ retry:
633 pipe_double_lock(ipipe, opipe);
634
635 do {
636 @@ -84588,7 +84774,7 @@ index 5fc1e50..6ae8957 100644
637 break;
638
639 /*
640 -@@ -1915,7 +1916,7 @@ static int link_pipe(struct pipe_inode_info *ipipe,
641 +@@ -1915,7 +1924,7 @@ static int link_pipe(struct pipe_inode_info *ipipe,
642 pipe_double_lock(ipipe, opipe);
643
644 do {
645 @@ -84597,7 +84783,7 @@ index 5fc1e50..6ae8957 100644
646 send_sig(SIGPIPE, current, 0);
647 if (!ret)
648 ret = -EPIPE;
649 -@@ -1960,7 +1961,7 @@ static int link_pipe(struct pipe_inode_info *ipipe,
650 +@@ -1960,7 +1969,7 @@ static int link_pipe(struct pipe_inode_info *ipipe,
651 * return EAGAIN if we have the potential of some data in the
652 * future, otherwise just return 0
653 */
654 @@ -84752,6 +84938,28 @@ index 94374e4..b5da3a1 100644
655 return PTR_ERR(kn);
656 }
657
658 +diff --git a/fs/sysv/inode.c b/fs/sysv/inode.c
659 +index 590ad92..02fa1dc 100644
660 +--- a/fs/sysv/inode.c
661 ++++ b/fs/sysv/inode.c
662 +@@ -162,15 +162,8 @@ void sysv_set_inode(struct inode *inode, dev_t rdev)
663 + inode->i_fop = &sysv_dir_operations;
664 + inode->i_mapping->a_ops = &sysv_aops;
665 + } else if (S_ISLNK(inode->i_mode)) {
666 +- if (inode->i_blocks) {
667 +- inode->i_op = &sysv_symlink_inode_operations;
668 +- inode->i_mapping->a_ops = &sysv_aops;
669 +- } else {
670 +- inode->i_op = &simple_symlink_inode_operations;
671 +- inode->i_link = (char *)SYSV_I(inode)->i_data;
672 +- nd_terminate_link(inode->i_link, inode->i_size,
673 +- sizeof(SYSV_I(inode)->i_data) - 1);
674 +- }
675 ++ inode->i_op = &sysv_symlink_inode_operations;
676 ++ inode->i_mapping->a_ops = &sysv_aops;
677 + } else
678 + init_special_inode(inode, inode->i_mode, rdev);
679 + }
680 diff --git a/fs/sysv/sysv.h b/fs/sysv/sysv.h
681 index 6c21228..9afd5fe 100644
682 --- a/fs/sysv/sysv.h
683 @@ -100227,28 +100435,6 @@ index 484604d..0f6c5b6 100644
684
685 if (atomic_sub_and_test((int) count, &kref->refcount)) {
686 release(kref);
687 -diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
688 -index 05e99b8..484b1f97 100644
689 ---- a/include/linux/kvm_host.h
690 -+++ b/include/linux/kvm_host.h
691 -@@ -468,7 +468,7 @@ static inline void kvm_irqfd_exit(void)
692 - {
693 - }
694 - #endif
695 --int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
696 -+int kvm_init(const void *opaque, unsigned vcpu_size, unsigned vcpu_align,
697 - struct module *module);
698 - void kvm_exit(void);
699 -
700 -@@ -678,7 +678,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu,
701 - struct kvm_guest_debug *dbg);
702 - int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run);
703 -
704 --int kvm_arch_init(void *opaque);
705 -+int kvm_arch_init(const void *opaque);
706 - void kvm_arch_exit(void);
707 -
708 - int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu);
709 diff --git a/include/linux/libata.h b/include/linux/libata.h
710 index c9cfbcd..46986db 100644
711 --- a/include/linux/libata.h
712 @@ -108964,7 +109150,7 @@ index 04e91ff..2419384 100644
713 }
714 EXPORT_SYMBOL(__stack_chk_fail);
715 diff --git a/kernel/pid.c b/kernel/pid.c
716 -index 4fd07d5..02bce4f 100644
717 +index 4fd07d5..856f804 100644
718 --- a/kernel/pid.c
719 +++ b/kernel/pid.c
720 @@ -33,6 +33,7 @@
721 @@ -109004,7 +109190,7 @@ index 4fd07d5..02bce4f 100644
722 }
723
724 struct task_struct *find_task_by_vpid(pid_t vnr)
725 -@@ -462,6 +471,14 @@ struct task_struct *find_task_by_vpid(pid_t vnr)
726 +@@ -462,13 +471,21 @@ struct task_struct *find_task_by_vpid(pid_t vnr)
727 return find_task_by_pid_ns(vnr, task_active_pid_ns(current));
728 }
729
730 @@ -109019,6 +109205,23 @@ index 4fd07d5..02bce4f 100644
731 struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
732 {
733 struct pid *pid;
734 + rcu_read_lock();
735 + if (type != PIDTYPE_PID)
736 + task = task->group_leader;
737 +- pid = get_pid(task->pids[type].pid);
738 ++ pid = get_pid(rcu_dereference(task->pids[type].pid));
739 + rcu_read_unlock();
740 + return pid;
741 + }
742 +@@ -529,7 +546,7 @@ pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type,
743 + if (likely(pid_alive(task))) {
744 + if (type != PIDTYPE_PID)
745 + task = task->group_leader;
746 +- nr = pid_nr_ns(task->pids[type].pid, ns);
747 ++ nr = pid_nr_ns(rcu_dereference(task->pids[type].pid), ns);
748 + }
749 + rcu_read_unlock();
750 +
751 diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
752 index a65ba13..f600dbb 100644
753 --- a/kernel/pid_namespace.c
754 @@ -112151,6 +112354,19 @@ index e2894b2..23751b3 100644
755 help
756 If you want to debug problems which hang or crash the kernel early
757 on boot and the crashing machine has a FireWire port, you can use
758 +diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
759 +index 39f24d6..cf80221 100644
760 +--- a/lib/Kconfig.kasan
761 ++++ b/lib/Kconfig.kasan
762 +@@ -5,7 +5,7 @@ if HAVE_ARCH_KASAN
763 +
764 + config KASAN
765 + bool "KASan: runtime memory debugger"
766 +- depends on SLUB_DEBUG
767 ++ depends on SLUB_DEBUG && !GRKERNSEC_KSTACKOVERFLOW
768 + select CONSTRUCTORS
769 + help
770 + Enables kernel address sanitizer - runtime memory debugger,
771 diff --git a/lib/Makefile b/lib/Makefile
772 index 6897b52..466bda9 100644
773 --- a/lib/Makefile
774 @@ -117868,7 +118084,7 @@ index 68ff8a5..40c7a70 100644
775
776 if (len > buflen)
777 diff --git a/mm/vmalloc.c b/mm/vmalloc.c
778 -index 2faaa29..7ac7a6d 100644
779 +index 2faaa29..b4893f8 100644
780 --- a/mm/vmalloc.c
781 +++ b/mm/vmalloc.c
782 @@ -40,20 +40,65 @@ struct vfree_deferred {
783 @@ -118099,7 +118315,17 @@ index 2faaa29..7ac7a6d 100644
784 if (flags & VM_IOREMAP)
785 align = 1ul << clamp_t(int, fls_long(size),
786 PAGE_SHIFT, IOREMAP_MAX_ORDER);
787 -@@ -1531,13 +1638,36 @@ EXPORT_SYMBOL(vfree);
788 +@@ -1345,7 +1452,9 @@ static struct vm_struct *__get_vm_area_node(unsigned long size,
789 + if (unlikely(!area))
790 + return NULL;
791 +
792 ++#ifndef CONFIG_GRKERNSEC_KSTACKOVERFLOW
793 + if (!(flags & VM_NO_GUARD))
794 ++#endif
795 + size += PAGE_SIZE;
796 +
797 + va = alloc_vmap_area(size, align, start, end, node, gfp_mask);
798 +@@ -1531,13 +1640,36 @@ EXPORT_SYMBOL(vfree);
799 */
800 void vunmap(const void *addr)
801 {
802 @@ -118139,7 +118365,7 @@ index 2faaa29..7ac7a6d 100644
803 /**
804 * vmap - map an array of pages into virtually contiguous space
805 * @pages: array of page pointers
806 -@@ -1558,6 +1688,11 @@ void *vmap(struct page **pages, unsigned int count,
807 +@@ -1558,6 +1690,11 @@ void *vmap(struct page **pages, unsigned int count,
808 if (count > totalram_pages)
809 return NULL;
810
811 @@ -118151,7 +118377,7 @@ index 2faaa29..7ac7a6d 100644
812 area = get_vm_area_caller((count << PAGE_SHIFT), flags,
813 __builtin_return_address(0));
814 if (!area)
815 -@@ -1662,6 +1797,14 @@ void *__vmalloc_node_range(unsigned long size, unsigned long align,
816 +@@ -1662,6 +1799,14 @@ void *__vmalloc_node_range(unsigned long size, unsigned long align,
817 if (!size || (size >> PAGE_SHIFT) > totalram_pages)
818 goto fail;
819
820 @@ -118166,7 +118392,7 @@ index 2faaa29..7ac7a6d 100644
821 area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNINITIALIZED |
822 vm_flags, start, end, node, gfp_mask, caller);
823 if (!area)
824 -@@ -1715,6 +1858,14 @@ static void *__vmalloc_node(unsigned long size, unsigned long align,
825 +@@ -1715,6 +1860,14 @@ static void *__vmalloc_node(unsigned long size, unsigned long align,
826 gfp_mask, prot, 0, node, caller);
827 }
828
829 @@ -118181,7 +118407,7 @@ index 2faaa29..7ac7a6d 100644
830 void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot)
831 {
832 return __vmalloc_node(size, 1, gfp_mask, prot, NUMA_NO_NODE,
833 -@@ -1838,10 +1989,9 @@ EXPORT_SYMBOL(vzalloc_node);
834 +@@ -1838,10 +1991,9 @@ EXPORT_SYMBOL(vzalloc_node);
835 * For tight control over page level allocator and protection flags
836 * use __vmalloc() instead.
837 */
838 @@ -118193,7 +118419,7 @@ index 2faaa29..7ac7a6d 100644
839 NUMA_NO_NODE, __builtin_return_address(0));
840 }
841
842 -@@ -2148,6 +2298,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr,
843 +@@ -2148,6 +2300,8 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr,
844 {
845 struct vm_struct *area;
846
847 @@ -118202,7 +118428,7 @@ index 2faaa29..7ac7a6d 100644
848 size = PAGE_ALIGN(size);
849
850 if (!PAGE_ALIGNED(uaddr) || !PAGE_ALIGNED(kaddr))
851 -@@ -2630,7 +2782,11 @@ static int s_show(struct seq_file *m, void *p)
852 +@@ -2630,7 +2784,11 @@ static int s_show(struct seq_file *m, void *p)
853 v->addr, v->addr + v->size, v->size);
854
855 if (v->caller)
856 @@ -118214,7 +118440,7 @@ index 2faaa29..7ac7a6d 100644
857
858 if (v->nr_pages)
859 seq_printf(m, " pages=%d", v->nr_pages);
860 -@@ -2688,52 +2844,5 @@ static int __init proc_vmalloc_init(void)
861 +@@ -2688,52 +2846,5 @@ static int __init proc_vmalloc_init(void)
862 }
863 module_init(proc_vmalloc_init);
864
865 @@ -125374,10 +125600,10 @@ index 55c96cb..e4e88ab 100644
866 __clean-files := $(filter-out $(no-clean-files), $(__clean-files))
867
868 diff --git a/scripts/Makefile.host b/scripts/Makefile.host
869 -index 133edfa..c9aa07f 100644
870 +index 133edfa..4d180d9 100644
871 --- a/scripts/Makefile.host
872 +++ b/scripts/Makefile.host
873 -@@ -20,7 +20,19 @@
874 +@@ -20,7 +20,25 @@
875 # Will compile qconf as a C++ program, and menu as a C program.
876 # They are linked as C++ code to the executable qconf
877
878 @@ -125391,13 +125617,19 @@ index 133edfa..c9aa07f 100644
879 +# libkconfig.so as the executable conf.
880 +# Note: Shared libraries consisting of C++ files are not supported
881 +
882 ++# hostcc-option
883 ++# Usage: cflags-y += $(call hostcc-option,-march=winchip-c6,-march=i586)
884 ++
885 ++hostcc-option = $(call try-run,\
886 ++ $(HOSTCC) $(HOSTCFLAGS) $(HOST_EXTRACFLAGS) $(1) -c -x c /dev/null -o "$$TMP",$(1),$(2))
887 ++
888 __hostprogs := $(sort $(hostprogs-y) $(hostprogs-m))
889 +__hostlibs := $(sort $(hostlibs-y) $(hostlibs-m))
890 +__hostcxxlibs := $(sort $(hostcxxlibs-y) $(hostcxxlibs-m))
891
892 # C code
893 # Executables compiled from a single .c file
894 -@@ -42,6 +54,19 @@ host-cxxmulti := $(foreach m,$(__hostprogs),$(if $($(m)-cxxobjs),$(m)))
895 +@@ -42,6 +60,19 @@ host-cxxmulti := $(foreach m,$(__hostprogs),$(if $($(m)-cxxobjs),$(m)))
896 # C++ Object (.o) files compiled from .cc files
897 host-cxxobjs := $(sort $(foreach m,$(host-cxxmulti),$($(m)-cxxobjs)))
898
899 @@ -125417,7 +125649,7 @@ index 133edfa..c9aa07f 100644
900 # output directory for programs/.o files
901 # hostprogs-y := tools/build may have been specified.
902 # Retrieve also directory of .o files from prog-objs or prog-cxxobjs notation
903 -@@ -56,6 +81,10 @@ host-cmulti := $(addprefix $(obj)/,$(host-cmulti))
904 +@@ -56,6 +87,10 @@ host-cmulti := $(addprefix $(obj)/,$(host-cmulti))
905 host-cobjs := $(addprefix $(obj)/,$(host-cobjs))
906 host-cxxmulti := $(addprefix $(obj)/,$(host-cxxmulti))
907 host-cxxobjs := $(addprefix $(obj)/,$(host-cxxobjs))
908 @@ -125428,7 +125660,7 @@ index 133edfa..c9aa07f 100644
909 host-objdirs := $(addprefix $(obj)/,$(host-objdirs))
910
911 obj-dirs += $(host-objdirs)
912 -@@ -124,5 +153,37 @@ quiet_cmd_host-cxxobjs = HOSTCXX $@
913 +@@ -124,5 +159,37 @@ quiet_cmd_host-cxxobjs = HOSTCXX $@
914 $(host-cxxobjs): $(obj)/%.o: $(src)/%.cc FORCE
915 $(call if_changed_dep,host-cxxobjs)
916
917 @@ -128792,10 +129024,10 @@ index 0000000..0c96d8a
918 +}
919 diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c
920 new file mode 100644
921 -index 0000000..b884a56
922 +index 0000000..0b98f34
923 --- /dev/null
924 +++ b/tools/gcc/constify_plugin.c
925 -@@ -0,0 +1,564 @@
926 +@@ -0,0 +1,571 @@
927 +/*
928 + * Copyright 2011 by Emese Revfy <re.emese@×××××.com>
929 + * Copyright 2011-2015 by PaX Team <pageexec@××××××××.hu>
930 @@ -128813,13 +129045,15 @@ index 0000000..b884a56
931 +
932 +#include "gcc-common.h"
933 +
934 -+// unused C type flag in all versions 4.5-5.0
935 ++// unused C type flag in all versions 4.5-6
936 +#define TYPE_CONSTIFY_VISITED(TYPE) TYPE_LANG_FLAG_4(TYPE)
937 +
938 +int plugin_is_GPL_compatible;
939 +
940 ++static bool constify = true;
941 ++
942 +static struct plugin_info const_plugin_info = {
943 -+ .version = "201401270210",
944 ++ .version = "201511290250",
945 + .help = "no-constify\tturn off constification\n",
946 +};
947 +
948 @@ -128868,17 +129102,15 @@ index 0000000..b884a56
949 +
950 + if (is_fptr(field))
951 + cinfo->has_fptr_field = true;
952 -+ else if (!TREE_READONLY(field))
953 -+ cinfo->has_writable_field = true;
954 -+
955 -+ if (code == RECORD_TYPE || code == UNION_TYPE) {
956 ++ else if (code == RECORD_TYPE || code == UNION_TYPE) {
957 + if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type)))
958 + cinfo->has_do_const_field = true;
959 + else if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type)))
960 + cinfo->has_no_const_field = true;
961 + else
962 + constifiable(type, cinfo);
963 -+ }
964 ++ } else if (!TREE_READONLY(field))
965 ++ cinfo->has_writable_field = true;
966 + }
967 +}
968 +
969 @@ -128904,7 +129136,7 @@ index 0000000..b884a56
970 + }
971 +
972 + constifiable(node, &cinfo);
973 -+ if ((!cinfo.has_fptr_field || cinfo.has_writable_field) && !cinfo.has_do_const_field)
974 ++ if ((!cinfo.has_fptr_field || cinfo.has_writable_field || cinfo.has_no_const_field) && !cinfo.has_do_const_field)
975 + return false;
976 +
977 + return TYPE_READONLY(node);
978 @@ -129028,13 +129260,21 @@ index 0000000..b884a56
979 + }
980 +
981 + constifiable(type, &cinfo);
982 -+ if ((cinfo.has_fptr_field && !cinfo.has_writable_field) || lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) {
983 -+ deconstify_tree(*node);
984 -+ TYPE_CONSTIFY_VISITED(TREE_TYPE(*node)) = 1;
985 ++ if ((cinfo.has_fptr_field && !cinfo.has_writable_field && !cinfo.has_no_const_field) || lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) {
986 ++ if (constify) {
987 ++ if TYPE_P(*node)
988 ++ deconstify_type(*node);
989 ++ else
990 ++ deconstify_tree(*node);
991 ++ }
992 ++ if (TYPE_P(*node))
993 ++ TYPE_CONSTIFY_VISITED(*node) = 1;
994 ++ else
995 ++ TYPE_CONSTIFY_VISITED(TREE_TYPE(*node)) = 1;
996 + return NULL_TREE;
997 + }
998 +
999 -+ if (TYPE_FIELDS(type))
1000 ++ if (constify && TYPE_FIELDS(type))
1001 + error("%qE attribute used on type %qT that is not constified", name, type);
1002 + return NULL_TREE;
1003 +}
1004 @@ -129131,7 +129371,7 @@ index 0000000..b884a56
1005 + constifiable(type, &cinfo);
1006 +
1007 + if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) {
1008 -+ if ((cinfo.has_fptr_field && !cinfo.has_writable_field) || cinfo.has_do_const_field) {
1009 ++ if ((cinfo.has_fptr_field && !cinfo.has_writable_field && !cinfo.has_no_const_field) || cinfo.has_do_const_field) {
1010 + deconstify_type(type);
1011 + TYPE_CONSTIFY_VISITED(type) = 1;
1012 + } else
1013 @@ -129140,7 +129380,7 @@ index 0000000..b884a56
1014 + }
1015 +
1016 + if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) {
1017 -+ if (!cinfo.has_writable_field) {
1018 ++ if (!cinfo.has_writable_field && !cinfo.has_no_const_field) {
1019 + error("'do_const' attribute used on type %qT that is%sconstified", type, cinfo.has_fptr_field ? " " : " not ");
1020 + return;
1021 + }
1022 @@ -129148,7 +129388,7 @@ index 0000000..b884a56
1023 + return;
1024 + }
1025 +
1026 -+ if (cinfo.has_fptr_field && !cinfo.has_writable_field) {
1027 ++ if (cinfo.has_fptr_field && !cinfo.has_writable_field && !cinfo.has_no_const_field) {
1028 + if (lookup_attribute("do_const", TYPE_ATTRIBUTES(type))) {
1029 + error("'do_const' attribute used on type %qT that is constified", type);
1030 + return;
1031 @@ -129322,7 +129562,6 @@ index 0000000..b884a56
1032 + const int argc = plugin_info->argc;
1033 + const struct plugin_argument * const argv = plugin_info->argv;
1034 + int i;
1035 -+ bool constify = true;
1036 +
1037 + struct register_pass_info check_local_variables_pass_info;
1038 +
1039 @@ -130194,7 +130433,7 @@ index 0000000..7514850
1040 +fi
1041 diff --git a/tools/gcc/initify_plugin.c b/tools/gcc/initify_plugin.c
1042 new file mode 100644
1043 -index 0000000..b5684e8
1044 +index 0000000..39c0731
1045 --- /dev/null
1046 +++ b/tools/gcc/initify_plugin.c
1047 @@ -0,0 +1,552 @@
1048 @@ -130218,7 +130457,7 @@ index 0000000..b5684e8
1049 +int plugin_is_GPL_compatible;
1050 +
1051 +static struct plugin_info initify_plugin_info = {
1052 -+ .version = "20151113",
1053 ++ .version = "20151128",
1054 + .help = "initify_plugin\n",
1055 +};
1056 +
1057 @@ -130504,7 +130743,7 @@ index 0000000..b5684e8
1058 +{
1059 + basic_block bb;
1060 +
1061 -+ FOR_ALL_BB_FN(bb, cfun) {
1062 ++ FOR_EACH_BB_FN(bb, cfun) {
1063 + gimple_stmt_iterator gsi;
1064 +
1065 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1066 @@ -130618,7 +130857,7 @@ index 0000000..b5684e8
1067 +{
1068 + basic_block bb;
1069 +
1070 -+ FOR_ALL_BB_FN(bb, cfun) {
1071 ++ FOR_EACH_BB_FN(bb, cfun) {
1072 + gimple_stmt_iterator gsi;
1073 +
1074 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1075 @@ -130946,10 +131185,10 @@ index 0000000..457d54e
1076 +}
1077 diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c
1078 new file mode 100644
1079 -index 0000000..4838c8a
1080 +index 0000000..6b8ef9a
1081 --- /dev/null
1082 +++ b/tools/gcc/kernexec_plugin.c
1083 -@@ -0,0 +1,551 @@
1084 +@@ -0,0 +1,549 @@
1085 +/*
1086 + * Copyright 2011-2015 by the PaX Team <pageexec@××××××××.hu>
1087 + * Licensed under the GPL v2
1088 @@ -131150,6 +131389,8 @@ index 0000000..4838c8a
1089 + continue;
1090 + call_stmt = as_a_gcall(stmt);
1091 + fn = gimple_call_fn(call_stmt);
1092 ++ if (!fn)
1093 ++ continue;
1094 + if (TREE_CODE(fn) == ADDR_EXPR)
1095 + continue;
1096 + if (TREE_CODE(fn) != SSA_NAME)
1097 @@ -131185,14 +131426,12 @@ index 0000000..4838c8a
1098 +{
1099 + rtx btsq;
1100 + rtvec argvec, constraintvec, labelvec;
1101 -+ int line;
1102 +
1103 + // create asm volatile("btsq $63,(%%rsp)":::)
1104 + argvec = rtvec_alloc(0);
1105 + constraintvec = rtvec_alloc(0);
1106 + labelvec = rtvec_alloc(0);
1107 -+ line = expand_location(RTL_LOCATION(insn)).line;
1108 -+ btsq = gen_rtx_ASM_OPERANDS(VOIDmode, "btsq $63,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line);
1109 ++ btsq = gen_rtx_ASM_OPERANDS(VOIDmode, "btsq $63,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, RTL_LOCATION(insn));
1110 + MEM_VOLATILE_P(btsq) = 1;
1111 +// RTX_FRAME_RELATED_P(btsq) = 1; // not for ASM_OPERANDS
1112 + emit_insn_before(btsq, insn);
1113 @@ -131203,14 +131442,12 @@ index 0000000..4838c8a
1114 +{
1115 + rtx orq;
1116 + rtvec argvec, constraintvec, labelvec;
1117 -+ int line;
1118 +
1119 + // create asm volatile("orq %%r12,(%%rsp)":::)
1120 + argvec = rtvec_alloc(0);
1121 + constraintvec = rtvec_alloc(0);
1122 + labelvec = rtvec_alloc(0);
1123 -+ line = expand_location(RTL_LOCATION(insn)).line;
1124 -+ orq = gen_rtx_ASM_OPERANDS(VOIDmode, "orq %%r12,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line);
1125 ++ orq = gen_rtx_ASM_OPERANDS(VOIDmode, "orq %%r12,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, RTL_LOCATION(insn));
1126 + MEM_VOLATILE_P(orq) = 1;
1127 +// RTX_FRAME_RELATED_P(orq) = 1; // not for ASM_OPERANDS
1128 + emit_insn_before(orq, insn);
1129 @@ -131979,7 +132216,7 @@ index 0000000..f76c1c6
1130 +}
1131 diff --git a/tools/gcc/randomize_layout_plugin.c b/tools/gcc/randomize_layout_plugin.c
1132 new file mode 100644
1133 -index 0000000..06a039c
1134 +index 0000000..444b8bd
1135 --- /dev/null
1136 +++ b/tools/gcc/randomize_layout_plugin.c
1137 @@ -0,0 +1,930 @@
1138 @@ -132694,7 +132931,7 @@ index 0000000..06a039c
1139 +
1140 + handle_local_var_initializers();
1141 +
1142 -+ FOR_ALL_BB_FN(bb, cfun) {
1143 ++ FOR_EACH_BB_FN(bb, cfun) {
1144 + gimple_stmt_iterator gsi;
1145 +
1146 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1147 @@ -132924,10 +133161,12 @@ index 0000000..c4b24b9
1148 +size_overflow_hash_aux.h
1149 diff --git a/tools/gcc/size_overflow_plugin/Makefile b/tools/gcc/size_overflow_plugin/Makefile
1150 new file mode 100644
1151 -index 0000000..4c7f7c6
1152 +index 0000000..f74d85a
1153 --- /dev/null
1154 +++ b/tools/gcc/size_overflow_plugin/Makefile
1155 -@@ -0,0 +1,26 @@
1156 +@@ -0,0 +1,28 @@
1157 ++HOST_EXTRACXXFLAGS += $(call hostcc-option, -fno-ipa-icf)
1158 ++
1159 +$(HOSTLIBS)-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so
1160 +always := $($(HOSTLIBS)-y)
1161 +
1162 @@ -132956,10 +133195,10 @@ index 0000000..4c7f7c6
1163 +targets += size_overflow_hash.h size_overflow_hash_aux.h disable_size_overflow_hash.h
1164 diff --git a/tools/gcc/size_overflow_plugin/disable_size_overflow_hash.data b/tools/gcc/size_overflow_plugin/disable_size_overflow_hash.data
1165 new file mode 100644
1166 -index 0000000..b0e0cdf
1167 +index 0000000..8ce9ec1
1168 --- /dev/null
1169 +++ b/tools/gcc/size_overflow_plugin/disable_size_overflow_hash.data
1170 -@@ -0,0 +1,12419 @@
1171 +@@ -0,0 +1,12422 @@
1172 +disable_so_interrupt_pnode_gru_message_queue_desc_4 interrupt_pnode gru_message_queue_desc 0 4 NULL
1173 +disable_so_bch_btree_insert_fndecl_12 bch_btree_insert fndecl 0 12 NULL
1174 +disable_so_macvlan_sync_address_fndecl_22 macvlan_sync_address fndecl 0 22 NULL nohasharray
1175 @@ -145379,6 +145618,9 @@ index 0000000..b0e0cdf
1176 +enable_so_exit_info_1_vmcb_control_area_20200 exit_info_1 vmcb_control_area 0 20200 NULL
1177 +enable_so_event_inj_vmcb_control_area_23434 event_inj vmcb_control_area 0 23434 NULL
1178 +enable_so_iopm_base_pa_vmcb_control_area_57998 iopm_base_pa vmcb_control_area 0 57998 NULL
1179 ++enable_so_i_size_lo_ext4_inode_40153 i_size_lo ext4_inode 0 40153 NULL
1180 ++enable_so_i_size_high_ext4_inode_18545 i_size_high ext4_inode 0 18545 NULL
1181 ++enable_so_nr_kvm_queued_interrupt_34927 nr kvm_queued_interrupt 0 34927 NULL
1182 diff --git a/tools/gcc/size_overflow_plugin/generate_size_overflow_hash.sh b/tools/gcc/size_overflow_plugin/generate_size_overflow_hash.sh
1183 new file mode 100644
1184 index 0000000..be9724d
1185 @@ -145490,7 +145732,7 @@ index 0000000..be9724d
1186 +exit 0
1187 diff --git a/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c
1188 new file mode 100644
1189 -index 0000000..37e2e91
1190 +index 0000000..cc20d48
1191 --- /dev/null
1192 +++ b/tools/gcc/size_overflow_plugin/insert_size_overflow_asm.c
1193 @@ -0,0 +1,416 @@
1194 @@ -145834,7 +146076,7 @@ index 0000000..37e2e91
1195 +{
1196 + basic_block bb;
1197 +
1198 -+ FOR_ALL_BB_FN(bb, cfun) {
1199 ++ FOR_EACH_BB_FN(bb, cfun) {
1200 + gimple_stmt_iterator gsi;
1201 +
1202 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1203 @@ -145912,10 +146154,10 @@ index 0000000..37e2e91
1204 +#endif
1205 diff --git a/tools/gcc/size_overflow_plugin/intentional_overflow.c b/tools/gcc/size_overflow_plugin/intentional_overflow.c
1206 new file mode 100644
1207 -index 0000000..a662b4b
1208 +index 0000000..3bf5a4e
1209 --- /dev/null
1210 +++ b/tools/gcc/size_overflow_plugin/intentional_overflow.c
1211 -@@ -0,0 +1,947 @@
1212 +@@ -0,0 +1,1010 @@
1213 +/*
1214 + * Copyright 2011-2015 by Emese Revfy <re.emese@×××××.com>
1215 + * Licensed under the GPL v2, or (at your option) v3
1216 @@ -146291,6 +146533,9 @@ index 0000000..a662b4b
1217 + // handle MARK_TURN_OFF early on the caller
1218 + if (is_turn_off_intentional_attr(orig_cur_fndecl))
1219 + return MARK_TURN_OFF;
1220 ++ // handle MARK_END_INTENTIONAL on the caller
1221 ++ if (is_end_intentional_intentional_attr(orig_cur_fndecl))
1222 ++ return MARK_END_INTENTIONAL;
1223 +
1224 + switch (gimple_code(stmt)) {
1225 + case GIMPLE_RETURN:
1226 @@ -146863,6 +147108,66 @@ index 0000000..a662b4b
1227 + so_stmt = get_dup_stmt(visited, stmt);
1228 + create_up_and_down_cast(visited, so_stmt, lhs_type, gimple_assign_rhs1(so_stmt));
1229 +}
1230 ++
1231 ++/* gcc intentional overflow
1232 ++ * e.g., skb_set_network_header(), skb_set_mac_header()
1233 ++ * -, int offset + u16 network_header
1234 ++ * offset = -x->props.header_len
1235 ++ * skb->network_header += offset;
1236 ++ *
1237 ++ * SSA
1238 ++ * _141 = -_140;
1239 ++ * _154 = (short unsigned int) _141;
1240 ++ * _155 = (size_overflow_type_SI) _154;
1241 ++ * _156 = _154 + _155;
1242 ++ * _157 = (short unsigned int) _156;
1243 ++ */
1244 ++static bool is_short_cast_neg(const_tree rhs)
1245 ++{
1246 ++ const_tree cast_rhs;
1247 ++ const_gimple neg_stmt;
1248 ++ gimple neg_cast_stmt, cast_stmt = get_def_stmt(rhs);
1249 ++
1250 ++ if (!cast_stmt || !gimple_assign_cast_p(cast_stmt))
1251 ++ return false;
1252 ++
1253 ++ cast_rhs = gimple_assign_rhs1(cast_stmt);
1254 ++ if (GET_MODE_BITSIZE(TYPE_MODE(TREE_TYPE(cast_rhs))) >= GET_MODE_BITSIZE(TYPE_MODE(TREE_TYPE(rhs))))
1255 ++ return false;
1256 ++
1257 ++ neg_cast_stmt = get_def_stmt(cast_rhs);
1258 ++ if (!neg_cast_stmt || !gimple_assign_cast_p(neg_cast_stmt))
1259 ++ return false;
1260 ++
1261 ++ neg_stmt = get_def_stmt(gimple_assign_rhs1(neg_cast_stmt));
1262 ++ if (!neg_stmt || !is_gimple_assign(neg_stmt))
1263 ++ return false;
1264 ++ return gimple_assign_rhs_code(neg_stmt) == NEGATE_EXPR;
1265 ++}
1266 ++
1267 ++bool neg_short_add_intentional_overflow(gassign *unary_stmt)
1268 ++{
1269 ++ const_tree rhs1, add_rhs1, add_rhs2, cast_rhs;
1270 ++ const_gimple add_stmt;
1271 ++ gimple cast_stmt;
1272 ++
1273 ++ rhs1 = gimple_assign_rhs1(unary_stmt);
1274 ++
1275 ++ cast_stmt = get_def_stmt(rhs1);
1276 ++ if (!cast_stmt || !gimple_assign_cast_p(cast_stmt))
1277 ++ return false;
1278 ++ cast_rhs = gimple_assign_rhs1(cast_stmt);
1279 ++ if (GET_MODE_BITSIZE(TYPE_MODE(TREE_TYPE(cast_rhs))) <= GET_MODE_BITSIZE(TYPE_MODE(TREE_TYPE(rhs1))))
1280 ++ return false;
1281 ++
1282 ++ add_stmt = get_def_stmt(cast_rhs);
1283 ++ if (!add_stmt || !is_gimple_assign(add_stmt) || gimple_assign_rhs_code(add_stmt) != PLUS_EXPR)
1284 ++ return false;
1285 ++
1286 ++ add_rhs1 = gimple_assign_rhs1(add_stmt);
1287 ++ add_rhs2 = gimple_assign_rhs2(add_stmt);
1288 ++ return is_short_cast_neg(add_rhs1) || is_short_cast_neg(add_rhs2);
1289 ++}
1290 diff --git a/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c b/tools/gcc/size_overflow_plugin/remove_unnecessary_dup.c
1291 new file mode 100644
1292 index 0000000..5622b51
1293 @@ -147008,10 +147313,10 @@ index 0000000..5622b51
1294 +
1295 diff --git a/tools/gcc/size_overflow_plugin/size_overflow.h b/tools/gcc/size_overflow_plugin/size_overflow.h
1296 new file mode 100644
1297 -index 0000000..2d733e1
1298 +index 0000000..5fd6c28
1299 --- /dev/null
1300 +++ b/tools/gcc/size_overflow_plugin/size_overflow.h
1301 -@@ -0,0 +1,322 @@
1302 +@@ -0,0 +1,323 @@
1303 +#ifndef SIZE_OVERFLOW_H
1304 +#define SIZE_OVERFLOW_H
1305 +
1306 @@ -147215,6 +147520,7 @@ index 0000000..2d733e1
1307 +extern bool is_a_neg_overflow(const gassign *stmt, const_tree rhs);
1308 +extern enum intentional_overflow_type add_mul_intentional_overflow(const gassign *stmt);
1309 +extern void unsigned_signed_cast_intentional_overflow(struct visited *visited, gassign *stmt);
1310 ++extern bool neg_short_add_intentional_overflow(gassign *stmt);
1311 +
1312 +
1313 +// insert_size_overflow_asm.c
1314 @@ -147336,7 +147642,7 @@ index 0000000..2d733e1
1315 +#endif
1316 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_debug.c b/tools/gcc/size_overflow_plugin/size_overflow_debug.c
1317 new file mode 100644
1318 -index 0000000..ab2d25a
1319 +index 0000000..fc58e16
1320 --- /dev/null
1321 +++ b/tools/gcc/size_overflow_plugin/size_overflow_debug.c
1322 @@ -0,0 +1,194 @@
1323 @@ -147387,7 +147693,7 @@ index 0000000..ab2d25a
1324 + fprintf(file, "dump_function function_name: %s\n", cgraph_node_name(node));
1325 +
1326 + fprintf(file, "\nstmts:\n");
1327 -+ FOR_ALL_BB_FN(bb, DECL_STRUCT_FUNCTION(NODE_DECL(node))) {
1328 ++ FOR_EACH_BB_FN(bb, DECL_STRUCT_FUNCTION(NODE_DECL(node))) {
1329 + gimple_stmt_iterator si;
1330 +
1331 + fprintf(file, "<bb %u>:\n", bb->index);
1332 @@ -147536,10 +147842,10 @@ index 0000000..ab2d25a
1333 +}
1334 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
1335 new file mode 100644
1336 -index 0000000..b683d96
1337 +index 0000000..2d4a6ed
1338 --- /dev/null
1339 +++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data
1340 -@@ -0,0 +1,20738 @@
1341 +@@ -0,0 +1,20735 @@
1342 +enable_so_recv_ctrl_pipe_us_data_0 recv_ctrl_pipe us_data 0 0 NULL
1343 +enable_so___earlyonly_bootmem_alloc_fndecl_3 __earlyonly_bootmem_alloc fndecl 2-3-4 3 NULL
1344 +enable_so_size_ttm_mem_reg_8 size ttm_mem_reg 0 8 NULL
1345 @@ -153319,7 +153625,6 @@ index 0000000..b683d96
1346 +enable_so_tomoyo_update_domain_fndecl_18537 tomoyo_update_domain fndecl 2 18537 NULL
1347 +enable_so_progress_kcopyd_job_18540 progress kcopyd_job 0 18540 NULL
1348 +enable_so_sect_floppy_struct_18543 sect floppy_struct 0 18543 NULL
1349 -+enable_so_i_size_high_ext4_inode_18545 i_size_high ext4_inode 0 18545 NULL
1350 +enable_so_ubi_leb_write_fndecl_18549 ubi_leb_write fndecl 5-4 18549 NULL
1351 +enable_so_xfs_efi_init_fndecl_18551 xfs_efi_init fndecl 2 18551 NULL
1352 +enable_so_inodes_squashfs_sb_info_18553 inodes squashfs_sb_info 0 18553 NULL nohasharray
1353 @@ -158580,7 +158885,6 @@ index 0000000..b683d96
1354 +enable_so_consume_size_vmci_qp_alloc_info_34922 consume_size vmci_qp_alloc_info 0 34922 NULL
1355 +enable_so_rcc__DMABUFFERENTRY_34925 rcc _DMABUFFERENTRY 0 34925 NULL
1356 +enable_so_shared_secret_len_net_conf_34926 shared_secret_len net_conf 0 34926 NULL
1357 -+enable_so_nr_kvm_queued_interrupt_34927 nr kvm_queued_interrupt 0 34927 NULL
1358 +enable_so_port_fops_write_fndecl_34928 port_fops_write fndecl 3 34928 NULL
1359 +enable_so_len_wil6210_mbox_hdr_34930 len wil6210_mbox_hdr 0 34930 NULL
1360 +enable_so_swiotlb_init_with_tbl_fndecl_34935 swiotlb_init_with_tbl fndecl 2 34935 NULL
1361 @@ -160293,7 +160597,6 @@ index 0000000..b683d96
1362 +enable_so_port_fops_read_fndecl_40137 port_fops_read fndecl 3 40137 &enable_so_num_jumbo_rxd_netxen_adapter_40137
1363 +enable_so_off_fuse_notify_inval_inode_out_40142 off fuse_notify_inval_inode_out 0 40142 NULL
1364 +enable_so_isr_wakeups_read_fndecl_40148 isr_wakeups_read fndecl 3 40148 NULL
1365 -+enable_so_i_size_lo_ext4_inode_40153 i_size_lo ext4_inode 0 40153 NULL
1366 +enable_so_ftdi_elan_edset_single_fndecl_40157 ftdi_elan_edset_single fndecl 0 40157 NULL
1367 +enable_so_xfs_ialloc_get_rec_fndecl_40163 xfs_ialloc_get_rec fndecl 2 40163 NULL
1368 +enable_so_at24_bin_read_fndecl_40165 at24_bin_read fndecl 6 40165 NULL nohasharray
1369 @@ -168378,7 +168681,7 @@ index 0000000..17bc0d8
1370 +enable_so_zpios_read_fndecl_64734 zpios_read fndecl 3 64734 NULL
1371 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_ipa.c b/tools/gcc/size_overflow_plugin/size_overflow_ipa.c
1372 new file mode 100644
1373 -index 0000000..c8ebf92
1374 +index 0000000..d972178
1375 --- /dev/null
1376 +++ b/tools/gcc/size_overflow_plugin/size_overflow_ipa.c
1377 @@ -0,0 +1,1226 @@
1378 @@ -169092,7 +169395,7 @@ index 0000000..c8ebf92
1379 +
1380 + set_current_function_decl(cur_fndecl);
1381 +
1382 -+ FOR_ALL_BB_FN(bb, cfun) {
1383 ++ FOR_EACH_BB_FN(bb, cfun) {
1384 + gimple_stmt_iterator gsi;
1385 +
1386 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1387 @@ -170121,7 +170424,7 @@ index 0000000..6075e8f
1388 +
1389 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c
1390 new file mode 100644
1391 -index 0000000..a82cc026
1392 +index 0000000..29a5c26
1393 --- /dev/null
1394 +++ b/tools/gcc/size_overflow_plugin/size_overflow_plugin.c
1395 @@ -0,0 +1,318 @@
1396 @@ -170156,7 +170459,7 @@ index 0000000..a82cc026
1397 +tree size_overflow_type_TI;
1398 +
1399 +static struct plugin_info size_overflow_plugin_info = {
1400 -+ .version = "20151029",
1401 ++ .version = "20151128",
1402 + .help = "no-size-overflow\tturn off size overflow checking\n",
1403 +};
1404 +
1405 @@ -170803,10 +171106,10 @@ index 0000000..317cd6c
1406 +
1407 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_transform.c b/tools/gcc/size_overflow_plugin/size_overflow_transform.c
1408 new file mode 100644
1409 -index 0000000..a974b2d
1410 +index 0000000..8f42c7e
1411 --- /dev/null
1412 +++ b/tools/gcc/size_overflow_plugin/size_overflow_transform.c
1413 -@@ -0,0 +1,746 @@
1414 +@@ -0,0 +1,749 @@
1415 +/*
1416 + * Copyright 2011-2015 by Emese Revfy <re.emese@×××××.com>
1417 + * Licensed under the GPL v2, or (at your option) v3
1418 @@ -171291,6 +171594,9 @@ index 0000000..a974b2d
1419 + return decl;
1420 +
1421 + fnptr = gimple_call_fn(call_stmt);
1422 ++ if (fnptr == NULL_TREE)
1423 ++ return NULL_TREE;
1424 ++
1425 + // !!! assertot kell irni 0-ra, mert csak az lehet ott
1426 + if (is_gimple_constant(fnptr))
1427 + return NULL_TREE;
1428 @@ -171408,7 +171714,7 @@ index 0000000..a974b2d
1429 +
1430 + next_node_ret = get_interesting_function_next_node(current_function_decl, 0);
1431 +
1432 -+ FOR_ALL_BB_FN(bb, cfun) {
1433 ++ FOR_EACH_BB_FN(bb, cfun) {
1434 + gimple_stmt_iterator gsi;
1435 +
1436 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
1437 @@ -171517,7 +171823,7 @@ index 0000000..a974b2d
1438 +{
1439 + basic_block bb;
1440 +
1441 -+ FOR_ALL_BB_FN(bb, cfun) {
1442 ++ FOR_EACH_BB_FN(bb, cfun) {
1443 + gimple_stmt_iterator si;
1444 +
1445 + for (si = gsi_start_bb(bb); !gsi_end_p(si); gsi_next(&si))
1446 @@ -171555,10 +171861,10 @@ index 0000000..a974b2d
1447 +}
1448 diff --git a/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c b/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c
1449 new file mode 100644
1450 -index 0000000..460c047
1451 +index 0000000..8a30b3b
1452 --- /dev/null
1453 +++ b/tools/gcc/size_overflow_plugin/size_overflow_transform_core.c
1454 -@@ -0,0 +1,1008 @@
1455 +@@ -0,0 +1,1010 @@
1456 +/*
1457 + * Copyright 2011-2015 by Emese Revfy <re.emese@×××××.com>
1458 + * Licensed under the GPL v2, or (at your option) v3
1459 @@ -172113,6 +172419,8 @@ index 0000000..460c047
1460 +
1461 + if (is_const_plus_unsigned_signed_truncation(rhs))
1462 + return;
1463 ++ if (is_gimple_assign(stmt) && neg_short_add_intentional_overflow(as_a_gassign(stmt)))
1464 ++ return;
1465 +
1466 + type_max = cast_a_tree(size_overflow_type, TYPE_MAX_VALUE(rhs_type));
1467 + // typemax (-1) < typemin (0)
1468 @@ -173011,7 +173319,7 @@ index 0000000..155e2c5
1469 +}
1470 diff --git a/tools/gcc/structleak_plugin.c b/tools/gcc/structleak_plugin.c
1471 new file mode 100644
1472 -index 0000000..e9dbd4b
1473 +index 0000000..debe0cc
1474 --- /dev/null
1475 +++ b/tools/gcc/structleak_plugin.c
1476 @@ -0,0 +1,287 @@
1477 @@ -173043,7 +173351,7 @@ index 0000000..e9dbd4b
1478 +
1479 +#include "gcc-common.h"
1480 +
1481 -+// unused C type flag in all versions 4.5-5.0
1482 ++// unused C type flag in all versions 4.5-6
1483 +#define TYPE_USERSPACE(TYPE) TYPE_LANG_FLAG_5(TYPE)
1484 +
1485 +int plugin_is_GPL_compatible;
1486 @@ -173360,7 +173668,7 @@ index 0a578fe..b81f62d 100644
1487 })
1488
1489 diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
1490 -index 5a2a78a..4f322d3 100644
1491 +index 5a2a78a..890e7fb 100644
1492 --- a/virt/kvm/kvm_main.c
1493 +++ b/virt/kvm/kvm_main.c
1494 @@ -81,12 +81,17 @@ LIST_HEAD(vm_list);
1495 @@ -173461,15 +173769,6 @@ index 5a2a78a..4f322d3 100644
1496 hardware_disable_all_nolock();
1497 r = -EBUSY;
1498 }
1499 -@@ -3436,7 +3449,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
1500 - kvm_arch_vcpu_put(vcpu);
1501 - }
1502 -
1503 --int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
1504 -+int kvm_init(const void *opaque, unsigned vcpu_size, unsigned vcpu_align,
1505 - struct module *module)
1506 - {
1507 - int r;
1508 @@ -3483,7 +3496,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align,
1509 if (!vcpu_align)
1510 vcpu_align = __alignof__(struct kvm_vcpu);