1 |
commit: 8aa05d3d048b18099f62ae408847abb9c29648eb |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 25 14:58:37 2014 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 25 14:58:37 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=8aa05d3d |
7 |
|
8 |
Grsec/PaX: 3.0-{3.2.55,3.13.5}-201402241943 |
9 |
|
10 |
--- |
11 |
{3.13.3 => 3.13.5}/0000_README | 2 +- |
12 |
.../4420_grsecurity-3.0-3.13.5-201402241943.patch | 414 ++++++++++----------- |
13 |
{3.13.3 => 3.13.5}/4425_grsec_remove_EI_PAX.patch | 0 |
14 |
.../4427_force_XATTR_PAX_tmpfs.patch | 0 |
15 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
16 |
{3.13.3 => 3.13.5}/4435_grsec-mute-warnings.patch | 0 |
17 |
.../4440_grsec-remove-protected-paths.patch | 0 |
18 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
19 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
20 |
{3.13.3 => 3.13.5}/4470_disable-compat_vdso.patch | 0 |
21 |
{3.13.3 => 3.13.5}/4475_emutramp_default_on.patch | 0 |
22 |
3.2.55/0000_README | 2 +- |
23 |
... 4420_grsecurity-3.0-3.2.55-201402241936.patch} | 4 +- |
24 |
13 files changed, 201 insertions(+), 221 deletions(-) |
25 |
|
26 |
diff --git a/3.13.3/0000_README b/3.13.5/0000_README |
27 |
similarity index 96% |
28 |
rename from 3.13.3/0000_README |
29 |
rename to 3.13.5/0000_README |
30 |
index dc48ad4..7516385 100644 |
31 |
--- a/3.13.3/0000_README |
32 |
+++ b/3.13.5/0000_README |
33 |
@@ -2,7 +2,7 @@ README |
34 |
----------------------------------------------------------------------------- |
35 |
Individual Patch Descriptions: |
36 |
----------------------------------------------------------------------------- |
37 |
-Patch: 4420_grsecurity-3.0-3.13.4-201402221308.patch |
38 |
+Patch: 4420_grsecurity-3.0-3.13.5-201402241943.patch |
39 |
From: http://www.grsecurity.net |
40 |
Desc: hardened-sources base patch from upstream grsecurity |
41 |
|
42 |
|
43 |
diff --git a/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch b/3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch |
44 |
similarity index 99% |
45 |
rename from 3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch |
46 |
rename to 3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch |
47 |
index 0cb3174..0356b07 100644 |
48 |
--- a/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch |
49 |
+++ b/3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch |
50 |
@@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644 |
51 |
|
52 |
pcd. [PARIDE] |
53 |
diff --git a/Makefile b/Makefile |
54 |
-index 2236ed8..89d7bf0 100644 |
55 |
+index a03bbf9..0817ef1 100644 |
56 |
--- a/Makefile |
57 |
+++ b/Makefile |
58 |
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
59 |
@@ -17178,7 +17178,7 @@ index 81bb91b..9392125 100644 |
60 |
|
61 |
/* |
62 |
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h |
63 |
-index bbc8b12..f228861 100644 |
64 |
+index 5ad38ad..71db3f2 100644 |
65 |
--- a/arch/x86/include/asm/pgtable.h |
66 |
+++ b/arch/x86/include/asm/pgtable.h |
67 |
@@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); |
68 |
@@ -17301,7 +17301,7 @@ index bbc8b12..f228861 100644 |
69 |
#include <linux/mm_types.h> |
70 |
#include <linux/mmdebug.h> |
71 |
#include <linux/log2.h> |
72 |
-@@ -570,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) |
73 |
+@@ -580,7 +655,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) |
74 |
* Currently stuck as a macro due to indirect forward reference to |
75 |
* linux/mmzone.h's __section_mem_map_addr() definition: |
76 |
*/ |
77 |
@@ -17310,7 +17310,7 @@ index bbc8b12..f228861 100644 |
78 |
|
79 |
/* Find an entry in the second-level page table.. */ |
80 |
static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address) |
81 |
-@@ -610,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) |
82 |
+@@ -620,7 +695,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) |
83 |
* Currently stuck as a macro due to indirect forward reference to |
84 |
* linux/mmzone.h's __section_mem_map_addr() definition: |
85 |
*/ |
86 |
@@ -17319,7 +17319,7 @@ index bbc8b12..f228861 100644 |
87 |
|
88 |
/* to find an entry in a page-table-directory. */ |
89 |
static inline unsigned long pud_index(unsigned long address) |
90 |
-@@ -625,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) |
91 |
+@@ -635,7 +710,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) |
92 |
|
93 |
static inline int pgd_bad(pgd_t pgd) |
94 |
{ |
95 |
@@ -17328,7 +17328,7 @@ index bbc8b12..f228861 100644 |
96 |
} |
97 |
|
98 |
static inline int pgd_none(pgd_t pgd) |
99 |
-@@ -648,7 +723,12 @@ static inline int pgd_none(pgd_t pgd) |
100 |
+@@ -658,7 +733,12 @@ static inline int pgd_none(pgd_t pgd) |
101 |
* pgd_offset() returns a (pgd_t *) |
102 |
* pgd_index() is used get the offset into the pgd page's array of pgd_t's; |
103 |
*/ |
104 |
@@ -17342,7 +17342,7 @@ index bbc8b12..f228861 100644 |
105 |
/* |
106 |
* a shortcut which implies the use of the kernel's pgd, instead |
107 |
* of a process's |
108 |
-@@ -659,6 +739,23 @@ static inline int pgd_none(pgd_t pgd) |
109 |
+@@ -669,6 +749,23 @@ static inline int pgd_none(pgd_t pgd) |
110 |
#define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) |
111 |
#define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) |
112 |
|
113 |
@@ -17366,7 +17366,7 @@ index bbc8b12..f228861 100644 |
114 |
#ifndef __ASSEMBLY__ |
115 |
|
116 |
extern int direct_gbpages; |
117 |
-@@ -825,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, |
118 |
+@@ -835,11 +932,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, |
119 |
* dst and src can be on the same page, but the range must not overlap, |
120 |
* and must not cross a page boundary. |
121 |
*/ |
122 |
@@ -20437,7 +20437,7 @@ index 59bfebc..d8f27bd 100644 |
123 |
if (c->x86_model == 3 && c->x86_mask == 0) |
124 |
size = 64; |
125 |
diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c |
126 |
-index 6abc172..77b0d1b 100644 |
127 |
+index fe2bdd0..77b0d1b 100644 |
128 |
--- a/arch/x86/kernel/cpu/common.c |
129 |
+++ b/arch/x86/kernel/cpu/common.c |
130 |
@@ -88,60 +88,6 @@ static const struct cpu_dev default_cpu = { |
131 |
@@ -20501,18 +20501,8 @@ index 6abc172..77b0d1b 100644 |
132 |
static int __init x86_xsave_setup(char *s) |
133 |
{ |
134 |
setup_clear_cpu_cap(X86_FEATURE_XSAVE); |
135 |
-@@ -284,10 +230,68 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c) |
136 |
- raw_local_save_flags(eflags); |
137 |
- BUG_ON(eflags & X86_EFLAGS_AC); |
138 |
- |
139 |
-- if (cpu_has(c, X86_FEATURE_SMAP)) |
140 |
-+ if (cpu_has(c, X86_FEATURE_SMAP)) { |
141 |
-+#ifdef CONFIG_X86_SMAP |
142 |
- set_in_cr4(X86_CR4_SMAP); |
143 |
-+#else |
144 |
-+ clear_in_cr4(X86_CR4_SMAP); |
145 |
-+#endif |
146 |
-+ } |
147 |
+@@ -293,6 +239,59 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c) |
148 |
+ } |
149 |
} |
150 |
|
151 |
+#ifdef CONFIG_X86_64 |
152 |
@@ -20571,7 +20561,7 @@ index 6abc172..77b0d1b 100644 |
153 |
/* |
154 |
* Some CPU features depend on higher CPUID levels, which may not always |
155 |
* be available due to CPUID level capping or broken virtualization |
156 |
-@@ -388,7 +392,7 @@ void switch_to_new_gdt(int cpu) |
157 |
+@@ -393,7 +392,7 @@ void switch_to_new_gdt(int cpu) |
158 |
{ |
159 |
struct desc_ptr gdt_descr; |
160 |
|
161 |
@@ -20580,7 +20570,7 @@ index 6abc172..77b0d1b 100644 |
162 |
gdt_descr.size = GDT_SIZE - 1; |
163 |
load_gdt(&gdt_descr); |
164 |
/* Reload the per-cpu base */ |
165 |
-@@ -877,6 +881,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) |
166 |
+@@ -882,6 +881,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) |
167 |
setup_smep(c); |
168 |
setup_smap(c); |
169 |
|
170 |
@@ -20591,7 +20581,7 @@ index 6abc172..77b0d1b 100644 |
171 |
/* |
172 |
* The vendor-specific functions might have changed features. |
173 |
* Now we do "generic changes." |
174 |
-@@ -885,6 +893,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) |
175 |
+@@ -890,6 +893,10 @@ static void identify_cpu(struct cpuinfo_x86 *c) |
176 |
/* Filter out anything that depends on CPUID levels we don't have */ |
177 |
filter_cpuid_features(c, true); |
178 |
|
179 |
@@ -20602,7 +20592,7 @@ index 6abc172..77b0d1b 100644 |
180 |
/* If the model name is still unset, do table lookup. */ |
181 |
if (!c->x86_model_id[0]) { |
182 |
const char *p; |
183 |
-@@ -1072,10 +1084,12 @@ static __init int setup_disablecpuid(char *arg) |
184 |
+@@ -1077,10 +1084,12 @@ static __init int setup_disablecpuid(char *arg) |
185 |
} |
186 |
__setup("clearcpuid=", setup_disablecpuid); |
187 |
|
188 |
@@ -20618,7 +20608,7 @@ index 6abc172..77b0d1b 100644 |
189 |
|
190 |
DEFINE_PER_CPU_FIRST(union irq_stack_union, |
191 |
irq_stack_union) __aligned(PAGE_SIZE) __visible; |
192 |
-@@ -1089,7 +1103,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned = |
193 |
+@@ -1094,7 +1103,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned = |
194 |
EXPORT_PER_CPU_SYMBOL(current_task); |
195 |
|
196 |
DEFINE_PER_CPU(unsigned long, kernel_stack) = |
197 |
@@ -20627,7 +20617,7 @@ index 6abc172..77b0d1b 100644 |
198 |
EXPORT_PER_CPU_SYMBOL(kernel_stack); |
199 |
|
200 |
DEFINE_PER_CPU(char *, irq_stack_ptr) = |
201 |
-@@ -1239,7 +1253,7 @@ void cpu_init(void) |
202 |
+@@ -1244,7 +1253,7 @@ void cpu_init(void) |
203 |
load_ucode_ap(); |
204 |
|
205 |
cpu = stack_smp_processor_id(); |
206 |
@@ -20636,7 +20626,7 @@ index 6abc172..77b0d1b 100644 |
207 |
oist = &per_cpu(orig_ist, cpu); |
208 |
|
209 |
#ifdef CONFIG_NUMA |
210 |
-@@ -1274,7 +1288,6 @@ void cpu_init(void) |
211 |
+@@ -1279,7 +1288,6 @@ void cpu_init(void) |
212 |
wrmsrl(MSR_KERNEL_GS_BASE, 0); |
213 |
barrier(); |
214 |
|
215 |
@@ -20644,7 +20634,7 @@ index 6abc172..77b0d1b 100644 |
216 |
enable_x2apic(); |
217 |
|
218 |
/* |
219 |
-@@ -1326,7 +1339,7 @@ void cpu_init(void) |
220 |
+@@ -1331,7 +1339,7 @@ void cpu_init(void) |
221 |
{ |
222 |
int cpu = smp_processor_id(); |
223 |
struct task_struct *curr = current; |
224 |
@@ -23545,10 +23535,10 @@ index 1e96c36..3ff710a 100644 |
225 |
/* |
226 |
* End of kprobes section |
227 |
diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c |
228 |
-index d4bdd25..912664c 100644 |
229 |
+index e625319..b9abb9d 100644 |
230 |
--- a/arch/x86/kernel/ftrace.c |
231 |
+++ b/arch/x86/kernel/ftrace.c |
232 |
-@@ -105,6 +105,8 @@ ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code, |
233 |
+@@ -104,6 +104,8 @@ ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code, |
234 |
{ |
235 |
unsigned char replaced[MCOUNT_INSN_SIZE]; |
236 |
|
237 |
@@ -23557,25 +23547,16 @@ index d4bdd25..912664c 100644 |
238 |
/* |
239 |
* Note: Due to modules and __init, code can |
240 |
* disappear and change, we need to protect against faulting |
241 |
-@@ -227,7 +229,7 @@ int ftrace_update_ftrace_func(ftrace_func_t func) |
242 |
- unsigned char old[MCOUNT_INSN_SIZE], *new; |
243 |
+@@ -229,7 +231,7 @@ static int update_ftrace_func(unsigned long ip, void *new) |
244 |
+ unsigned char old[MCOUNT_INSN_SIZE]; |
245 |
int ret; |
246 |
|
247 |
-- memcpy(old, &ftrace_call, MCOUNT_INSN_SIZE); |
248 |
-+ memcpy(old, (void *)ktla_ktva((unsigned long)ftrace_call), MCOUNT_INSN_SIZE); |
249 |
- new = ftrace_call_replace(ip, (unsigned long)func); |
250 |
+- memcpy(old, (void *)ip, MCOUNT_INSN_SIZE); |
251 |
++ memcpy(old, (void *)ktla_ktva(ip), MCOUNT_INSN_SIZE); |
252 |
|
253 |
- /* See comment above by declaration of modifying_ftrace_code */ |
254 |
-@@ -238,7 +240,7 @@ int ftrace_update_ftrace_func(ftrace_func_t func) |
255 |
- /* Also update the regs callback function */ |
256 |
- if (!ret) { |
257 |
- ip = (unsigned long)(&ftrace_regs_call); |
258 |
-- memcpy(old, &ftrace_regs_call, MCOUNT_INSN_SIZE); |
259 |
-+ memcpy(old, ktla_ktva((void *)&ftrace_regs_call), MCOUNT_INSN_SIZE); |
260 |
- new = ftrace_call_replace(ip, (unsigned long)func); |
261 |
- ret = ftrace_modify_code(ip, old, new); |
262 |
- } |
263 |
-@@ -291,7 +293,7 @@ static int ftrace_write(unsigned long ip, const char *val, int size) |
264 |
+ ftrace_update_func = ip; |
265 |
+ /* Make sure the breakpoints see the ftrace_update_func update */ |
266 |
+@@ -306,7 +308,7 @@ static int ftrace_write(unsigned long ip, const char *val, int size) |
267 |
* kernel identity mapping to modify code. |
268 |
*/ |
269 |
if (within(ip, (unsigned long)_text, (unsigned long)_etext)) |
270 |
@@ -23584,7 +23565,7 @@ index d4bdd25..912664c 100644 |
271 |
|
272 |
return probe_kernel_write((void *)ip, val, size); |
273 |
} |
274 |
-@@ -301,7 +303,7 @@ static int add_break(unsigned long ip, const char *old) |
275 |
+@@ -316,7 +318,7 @@ static int add_break(unsigned long ip, const char *old) |
276 |
unsigned char replaced[MCOUNT_INSN_SIZE]; |
277 |
unsigned char brk = BREAKPOINT_INSTRUCTION; |
278 |
|
279 |
@@ -23593,7 +23574,7 @@ index d4bdd25..912664c 100644 |
280 |
return -EFAULT; |
281 |
|
282 |
/* Make sure it is what we expect it to be */ |
283 |
-@@ -649,7 +651,7 @@ ftrace_modify_code(unsigned long ip, unsigned const char *old_code, |
284 |
+@@ -664,7 +666,7 @@ ftrace_modify_code(unsigned long ip, unsigned const char *old_code, |
285 |
return ret; |
286 |
|
287 |
fail_update: |
288 |
@@ -23602,15 +23583,6 @@ index d4bdd25..912664c 100644 |
289 |
goto out; |
290 |
} |
291 |
|
292 |
-@@ -682,6 +684,8 @@ static int ftrace_mod_jmp(unsigned long ip, |
293 |
- { |
294 |
- unsigned char code[MCOUNT_INSN_SIZE]; |
295 |
- |
296 |
-+ ip = ktla_ktva(ip); |
297 |
-+ |
298 |
- if (probe_kernel_read(code, (void *)ip, MCOUNT_INSN_SIZE)) |
299 |
- return -EFAULT; |
300 |
- |
301 |
diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c |
302 |
index 85126cc..1bbce17 100644 |
303 |
--- a/arch/x86/kernel/head64.c |
304 |
@@ -30828,7 +30800,7 @@ index 903ec1e..c4166b2 100644 |
305 |
} |
306 |
|
307 |
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
308 |
-index 9d591c8..31e52ff 100644 |
309 |
+index 6dea040..31e52ff 100644 |
310 |
--- a/arch/x86/mm/fault.c |
311 |
+++ b/arch/x86/mm/fault.c |
312 |
@@ -14,11 +14,18 @@ |
313 |
@@ -31192,16 +31164,7 @@ index 9d591c8..31e52ff 100644 |
314 |
if (error_code & PF_WRITE) { |
315 |
/* write, present and write, not present: */ |
316 |
if (unlikely(!(vma->vm_flags & VM_WRITE))) |
317 |
-@@ -1001,10 +1209,16 @@ static int fault_in_kernel_space(unsigned long address) |
318 |
- |
319 |
- static inline bool smap_violation(int error_code, struct pt_regs *regs) |
320 |
- { |
321 |
-+ if (!IS_ENABLED(CONFIG_X86_SMAP)) |
322 |
-+ return false; |
323 |
-+ |
324 |
-+ if (!static_cpu_has(X86_FEATURE_SMAP)) |
325 |
-+ return false; |
326 |
-+ |
327 |
+@@ -1010,7 +1218,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs) |
328 |
if (error_code & PF_USER) |
329 |
return false; |
330 |
|
331 |
@@ -31210,7 +31173,7 @@ index 9d591c8..31e52ff 100644 |
332 |
return false; |
333 |
|
334 |
return true; |
335 |
-@@ -1031,6 +1245,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) |
336 |
+@@ -1037,6 +1245,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) |
337 |
/* Get the faulting address: */ |
338 |
address = read_cr2(); |
339 |
|
340 |
@@ -31233,22 +31196,7 @@ index 9d591c8..31e52ff 100644 |
341 |
/* |
342 |
* Detect and handle instructions that would cause a page fault for |
343 |
* both a tracked kernel page and a userspace page. |
344 |
-@@ -1087,11 +1317,9 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) |
345 |
- if (unlikely(error_code & PF_RSVD)) |
346 |
- pgtable_bad(regs, error_code, address); |
347 |
- |
348 |
-- if (static_cpu_has(X86_FEATURE_SMAP)) { |
349 |
-- if (unlikely(smap_violation(error_code, regs))) { |
350 |
-- bad_area_nosemaphore(regs, error_code, address); |
351 |
-- return; |
352 |
-- } |
353 |
-+ if (unlikely(smap_violation(error_code, regs))) { |
354 |
-+ bad_area_nosemaphore(regs, error_code, address); |
355 |
-+ return; |
356 |
- } |
357 |
- |
358 |
- /* |
359 |
-@@ -1110,7 +1338,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) |
360 |
+@@ -1114,7 +1338,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code) |
361 |
* User-mode registers count as a user access even for any |
362 |
* potential system fault or CPU buglet: |
363 |
*/ |
364 |
@@ -31257,7 +31205,7 @@ index 9d591c8..31e52ff 100644 |
365 |
local_irq_enable(); |
366 |
error_code |= PF_USER; |
367 |
flags |= FAULT_FLAG_USER; |
368 |
-@@ -1157,6 +1385,11 @@ retry: |
369 |
+@@ -1161,6 +1385,11 @@ retry: |
370 |
might_sleep(); |
371 |
} |
372 |
|
373 |
@@ -31269,7 +31217,7 @@ index 9d591c8..31e52ff 100644 |
374 |
vma = find_vma(mm, address); |
375 |
if (unlikely(!vma)) { |
376 |
bad_area(regs, error_code, address); |
377 |
-@@ -1168,18 +1401,24 @@ retry: |
378 |
+@@ -1172,18 +1401,24 @@ retry: |
379 |
bad_area(regs, error_code, address); |
380 |
return; |
381 |
} |
382 |
@@ -31305,7 +31253,7 @@ index 9d591c8..31e52ff 100644 |
383 |
if (unlikely(expand_stack(vma, address))) { |
384 |
bad_area(regs, error_code, address); |
385 |
return; |
386 |
-@@ -1273,3 +1512,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) |
387 |
+@@ -1277,3 +1512,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code) |
388 |
__do_page_fault(regs, error_code); |
389 |
exception_exit(prev_state); |
390 |
} |
391 |
@@ -35088,7 +35036,7 @@ index fa6ade7..73da73a5 100644 |
392 |
|
393 |
#ifdef CONFIG_ACPI_NUMA |
394 |
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
395 |
-index ce563be..7327d91 100644 |
396 |
+index 3c76c3d..7871755 100644 |
397 |
--- a/arch/x86/xen/mmu.c |
398 |
+++ b/arch/x86/xen/mmu.c |
399 |
@@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) |
400 |
@@ -35098,7 +35046,7 @@ index ce563be..7327d91 100644 |
401 |
-static pteval_t pte_pfn_to_mfn(pteval_t val) |
402 |
+static pteval_t __intentional_overflow(-1) pte_pfn_to_mfn(pteval_t val) |
403 |
{ |
404 |
- if (val & _PAGE_PRESENT) { |
405 |
+ if (pteval_present(val)) { |
406 |
unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; |
407 |
@@ -1894,6 +1894,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) |
408 |
/* L3_k[510] -> level2_kernel_pgt |
409 |
@@ -38960,10 +38908,10 @@ index 1026743..80b081c 100644 |
410 |
EXPORT_SYMBOL_GPL(edac_device_alloc_index); |
411 |
|
412 |
diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c |
413 |
-index 9f7e0e60..348c875 100644 |
414 |
+index e5bdf21..b8f9055 100644 |
415 |
--- a/drivers/edac/edac_mc_sysfs.c |
416 |
+++ b/drivers/edac/edac_mc_sysfs.c |
417 |
-@@ -150,7 +150,7 @@ static const char * const edac_caps[] = { |
418 |
+@@ -152,7 +152,7 @@ static const char * const edac_caps[] = { |
419 |
struct dev_ch_attribute { |
420 |
struct device_attribute attr; |
421 |
int channel; |
422 |
@@ -38972,7 +38920,7 @@ index 9f7e0e60..348c875 100644 |
423 |
|
424 |
#define DEVICE_CHANNEL(_name, _mode, _show, _store, _var) \ |
425 |
struct dev_ch_attribute dev_attr_legacy_##_name = \ |
426 |
-@@ -1007,14 +1007,16 @@ int edac_create_sysfs_mci_device(struct mem_ctl_info *mci) |
427 |
+@@ -1009,14 +1009,16 @@ int edac_create_sysfs_mci_device(struct mem_ctl_info *mci) |
428 |
} |
429 |
|
430 |
if (mci->set_sdram_scrub_rate || mci->get_sdram_scrub_rate) { |
431 |
@@ -39724,10 +39672,10 @@ index 3c59584..500f2e9 100644 |
432 |
|
433 |
return ret; |
434 |
diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c |
435 |
-index f13d5ed..8e6f36d 100644 |
436 |
+index a209177..842a89a 100644 |
437 |
--- a/drivers/gpu/drm/i915/i915_irq.c |
438 |
+++ b/drivers/gpu/drm/i915/i915_irq.c |
439 |
-@@ -1420,7 +1420,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) |
440 |
+@@ -1419,7 +1419,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg) |
441 |
int pipe; |
442 |
u32 pipe_stats[I915_MAX_PIPES]; |
443 |
|
444 |
@@ -39736,7 +39684,7 @@ index f13d5ed..8e6f36d 100644 |
445 |
|
446 |
while (true) { |
447 |
iir = I915_READ(VLV_IIR); |
448 |
-@@ -1730,7 +1730,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) |
449 |
+@@ -1729,7 +1729,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg) |
450 |
u32 de_iir, gt_iir, de_ier, sde_ier = 0; |
451 |
irqreturn_t ret = IRQ_NONE; |
452 |
|
453 |
@@ -39745,7 +39693,7 @@ index f13d5ed..8e6f36d 100644 |
454 |
|
455 |
/* We get interrupts on unclaimed registers, so check for this before we |
456 |
* do any I915_{READ,WRITE}. */ |
457 |
-@@ -1800,7 +1800,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg) |
458 |
+@@ -1799,7 +1799,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg) |
459 |
uint32_t tmp = 0; |
460 |
enum pipe pipe; |
461 |
|
462 |
@@ -39754,7 +39702,7 @@ index f13d5ed..8e6f36d 100644 |
463 |
|
464 |
master_ctl = I915_READ(GEN8_MASTER_IRQ); |
465 |
master_ctl &= ~GEN8_MASTER_IRQ_CONTROL; |
466 |
-@@ -2624,7 +2624,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) |
467 |
+@@ -2623,7 +2623,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev) |
468 |
{ |
469 |
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; |
470 |
|
471 |
@@ -39763,7 +39711,7 @@ index f13d5ed..8e6f36d 100644 |
472 |
|
473 |
I915_WRITE(HWSTAM, 0xeffe); |
474 |
|
475 |
-@@ -2642,7 +2642,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) |
476 |
+@@ -2641,7 +2641,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev) |
477 |
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; |
478 |
int pipe; |
479 |
|
480 |
@@ -39772,7 +39720,7 @@ index f13d5ed..8e6f36d 100644 |
481 |
|
482 |
/* VLV magic */ |
483 |
I915_WRITE(VLV_IMR, 0); |
484 |
-@@ -2673,7 +2673,7 @@ static void gen8_irq_preinstall(struct drm_device *dev) |
485 |
+@@ -2672,7 +2672,7 @@ static void gen8_irq_preinstall(struct drm_device *dev) |
486 |
struct drm_i915_private *dev_priv = dev->dev_private; |
487 |
int pipe; |
488 |
|
489 |
@@ -39781,7 +39729,7 @@ index f13d5ed..8e6f36d 100644 |
490 |
|
491 |
I915_WRITE(GEN8_MASTER_IRQ, 0); |
492 |
POSTING_READ(GEN8_MASTER_IRQ); |
493 |
-@@ -2999,7 +2999,7 @@ static void gen8_irq_uninstall(struct drm_device *dev) |
494 |
+@@ -2998,7 +2998,7 @@ static void gen8_irq_uninstall(struct drm_device *dev) |
495 |
if (!dev_priv) |
496 |
return; |
497 |
|
498 |
@@ -39790,7 +39738,7 @@ index f13d5ed..8e6f36d 100644 |
499 |
|
500 |
I915_WRITE(GEN8_MASTER_IRQ, 0); |
501 |
|
502 |
-@@ -3093,7 +3093,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) |
503 |
+@@ -3092,7 +3092,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev) |
504 |
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; |
505 |
int pipe; |
506 |
|
507 |
@@ -39799,7 +39747,7 @@ index f13d5ed..8e6f36d 100644 |
508 |
|
509 |
for_each_pipe(pipe) |
510 |
I915_WRITE(PIPESTAT(pipe), 0); |
511 |
-@@ -3179,7 +3179,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) |
512 |
+@@ -3178,7 +3178,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg) |
513 |
I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT | |
514 |
I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; |
515 |
|
516 |
@@ -39808,7 +39756,7 @@ index f13d5ed..8e6f36d 100644 |
517 |
|
518 |
iir = I915_READ16(IIR); |
519 |
if (iir == 0) |
520 |
-@@ -3254,7 +3254,7 @@ static void i915_irq_preinstall(struct drm_device * dev) |
521 |
+@@ -3253,7 +3253,7 @@ static void i915_irq_preinstall(struct drm_device * dev) |
522 |
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; |
523 |
int pipe; |
524 |
|
525 |
@@ -39817,7 +39765,7 @@ index f13d5ed..8e6f36d 100644 |
526 |
|
527 |
if (I915_HAS_HOTPLUG(dev)) { |
528 |
I915_WRITE(PORT_HOTPLUG_EN, 0); |
529 |
-@@ -3361,7 +3361,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) |
530 |
+@@ -3360,7 +3360,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg) |
531 |
I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; |
532 |
int pipe, ret = IRQ_NONE; |
533 |
|
534 |
@@ -39826,7 +39774,7 @@ index f13d5ed..8e6f36d 100644 |
535 |
|
536 |
iir = I915_READ(IIR); |
537 |
do { |
538 |
-@@ -3488,7 +3488,7 @@ static void i965_irq_preinstall(struct drm_device * dev) |
539 |
+@@ -3487,7 +3487,7 @@ static void i965_irq_preinstall(struct drm_device * dev) |
540 |
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private; |
541 |
int pipe; |
542 |
|
543 |
@@ -39835,7 +39783,7 @@ index f13d5ed..8e6f36d 100644 |
544 |
|
545 |
I915_WRITE(PORT_HOTPLUG_EN, 0); |
546 |
I915_WRITE(PORT_HOTPLUG_STAT, I915_READ(PORT_HOTPLUG_STAT)); |
547 |
-@@ -3604,7 +3604,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) |
548 |
+@@ -3603,7 +3603,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg) |
549 |
I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT | |
550 |
I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT; |
551 |
|
552 |
@@ -43638,7 +43586,7 @@ index 3e6d115..ffecdeb 100644 |
553 |
/*----------------------------------------------------------------*/ |
554 |
|
555 |
diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c |
556 |
-index a49cfcc..20b9a65 100644 |
557 |
+index 63b2e8d..225f16b 100644 |
558 |
--- a/drivers/md/raid1.c |
559 |
+++ b/drivers/md/raid1.c |
560 |
@@ -1921,7 +1921,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio) |
561 |
@@ -43650,7 +43598,7 @@ index a49cfcc..20b9a65 100644 |
562 |
} |
563 |
sectors -= s; |
564 |
sect += s; |
565 |
-@@ -2148,7 +2148,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, |
566 |
+@@ -2155,7 +2155,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk, |
567 |
test_bit(In_sync, &rdev->flags)) { |
568 |
if (r1_sync_page_io(rdev, sect, s, |
569 |
conf->tmppage, READ)) { |
570 |
@@ -43723,7 +43671,7 @@ index 06eeb99..770613e 100644 |
571 |
|
572 |
rdev_dec_pending(rdev, mddev); |
573 |
diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c |
574 |
-index 03f82ab..374bb38 100644 |
575 |
+index 48cdec8..c7726b1 100644 |
576 |
--- a/drivers/md/raid5.c |
577 |
+++ b/drivers/md/raid5.c |
578 |
@@ -1991,21 +1991,21 @@ static void raid5_end_read_request(struct bio * bi, int error) |
579 |
@@ -49132,10 +49080,10 @@ index df5e961..df6b97f 100644 |
580 |
return blk_trace_startstop(sdp->device->request_queue, 1); |
581 |
case BLKTRACESTOP: |
582 |
diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c |
583 |
-index d745f95..6bef2fc 100644 |
584 |
+index 349ebba..ff2a249 100644 |
585 |
--- a/drivers/spi/spi.c |
586 |
+++ b/drivers/spi/spi.c |
587 |
-@@ -1947,7 +1947,7 @@ int spi_bus_unlock(struct spi_master *master) |
588 |
+@@ -1945,7 +1945,7 @@ int spi_bus_unlock(struct spi_master *master) |
589 |
EXPORT_SYMBOL_GPL(spi_bus_unlock); |
590 |
|
591 |
/* portable code must never pass more than 32 bytes */ |
592 |
@@ -49357,6 +49305,19 @@ index f3108c7..cd4f9da 100644 |
593 |
}; |
594 |
|
595 |
extern int insert_proc(void); |
596 |
+diff --git a/drivers/staging/lustre/lustre/llite/dir.c b/drivers/staging/lustre/lustre/llite/dir.c |
597 |
+index a4e0472..05d854c 100644 |
598 |
+--- a/drivers/staging/lustre/lustre/llite/dir.c |
599 |
++++ b/drivers/staging/lustre/lustre/llite/dir.c |
600 |
+@@ -660,7 +660,7 @@ int ll_dir_setdirstripe(struct inode *dir, struct lmv_user_md *lump, |
601 |
+ int mode; |
602 |
+ int err; |
603 |
+ |
604 |
+- mode = (0755 & (S_IRWXUGO|S_ISVTX) & ~current->fs->umask) | S_IFDIR; |
605 |
++ mode = (0755 & (S_IRWXUGO|S_ISVTX) & ~current_umask()) | S_IFDIR; |
606 |
+ op_data = ll_prep_md_op_data(NULL, dir, NULL, filename, |
607 |
+ strlen(filename), mode, LUSTRE_OPC_MKDIR, |
608 |
+ lump); |
609 |
diff --git a/drivers/staging/media/solo6x10/solo6x10-core.c b/drivers/staging/media/solo6x10/solo6x10-core.c |
610 |
index 3675020..e80d92c 100644 |
611 |
--- a/drivers/staging/media/solo6x10/solo6x10-core.c |
612 |
@@ -50070,10 +50031,10 @@ index 1deaca4..c8582d4 100644 |
613 |
tty_port_tty_set(&ch->port, tty); |
614 |
mutex_lock(&ch->port.mutex); |
615 |
diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c |
616 |
-index c0f76da..d974c32 100644 |
617 |
+index 5056090..c80ca04 100644 |
618 |
--- a/drivers/tty/n_gsm.c |
619 |
+++ b/drivers/tty/n_gsm.c |
620 |
-@@ -1632,7 +1632,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) |
621 |
+@@ -1643,7 +1643,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) |
622 |
spin_lock_init(&dlci->lock); |
623 |
mutex_init(&dlci->mutex); |
624 |
dlci->fifo = &dlci->_fifo; |
625 |
@@ -50082,7 +50043,7 @@ index c0f76da..d974c32 100644 |
626 |
kfree(dlci); |
627 |
return NULL; |
628 |
} |
629 |
-@@ -2935,7 +2935,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) |
630 |
+@@ -2946,7 +2946,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp) |
631 |
struct gsm_dlci *dlci = tty->driver_data; |
632 |
struct tty_port *port = &dlci->port; |
633 |
|
634 |
@@ -50092,7 +50053,7 @@ index c0f76da..d974c32 100644 |
635 |
dlci_get(dlci->gsm->dlci[0]); |
636 |
mux_get(dlci->gsm); |
637 |
diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c |
638 |
-index 34aacaa..dad073b 100644 |
639 |
+index 4c10837..a40ec45 100644 |
640 |
--- a/drivers/tty/n_tty.c |
641 |
+++ b/drivers/tty/n_tty.c |
642 |
@@ -114,7 +114,7 @@ struct n_tty_data { |
643 |
@@ -50104,7 +50065,7 @@ index 34aacaa..dad073b 100644 |
644 |
size_t line_start; |
645 |
|
646 |
/* protected by output lock */ |
647 |
-@@ -2502,6 +2502,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) |
648 |
+@@ -2504,6 +2504,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) |
649 |
{ |
650 |
*ops = tty_ldisc_N_TTY; |
651 |
ops->owner = NULL; |
652 |
@@ -50974,19 +50935,6 @@ index d0e3a44..5f8b754 100644 |
653 |
if (!perm) { |
654 |
ret = -EPERM; |
655 |
goto reterr; |
656 |
-diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c |
657 |
-index 61b1137..23b5d32 100644 |
658 |
---- a/drivers/tty/vt/vt.c |
659 |
-+++ b/drivers/tty/vt/vt.c |
660 |
-@@ -1164,6 +1164,8 @@ static void csi_J(struct vc_data *vc, int vpar) |
661 |
- scr_memsetw(vc->vc_screenbuf, vc->vc_video_erase_char, |
662 |
- vc->vc_screenbuf_size >> 1); |
663 |
- set_origin(vc); |
664 |
-+ if (CON_IS_VISIBLE(vc)) |
665 |
-+ update_screen(vc); |
666 |
- /* fall through */ |
667 |
- case 2: /* erase whole display */ |
668 |
- count = vc->vc_cols * vc->vc_rows; |
669 |
diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c |
670 |
index a673e5b..36e5d32 100644 |
671 |
--- a/drivers/uio/uio.c |
672 |
@@ -51245,10 +51193,10 @@ index 967152a..16fa2e5 100644 |
673 |
dev->rawdescriptors[i] + (*ppos - pos), |
674 |
min(len, alloclen))) { |
675 |
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c |
676 |
-index 6bffb8c..b404e8b 100644 |
677 |
+index d39106c..bfe13a4 100644 |
678 |
--- a/drivers/usb/core/hcd.c |
679 |
+++ b/drivers/usb/core/hcd.c |
680 |
-@@ -1550,7 +1550,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) |
681 |
+@@ -1549,7 +1549,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) |
682 |
*/ |
683 |
usb_get_urb(urb); |
684 |
atomic_inc(&urb->use_count); |
685 |
@@ -51257,7 +51205,7 @@ index 6bffb8c..b404e8b 100644 |
686 |
usbmon_urb_submit(&hcd->self, urb); |
687 |
|
688 |
/* NOTE requirements on root-hub callers (usbfs and the hub |
689 |
-@@ -1577,7 +1577,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) |
690 |
+@@ -1576,7 +1576,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags) |
691 |
urb->hcpriv = NULL; |
692 |
INIT_LIST_HEAD(&urb->urb_list); |
693 |
atomic_dec(&urb->use_count); |
694 |
@@ -51267,7 +51215,7 @@ index 6bffb8c..b404e8b 100644 |
695 |
wake_up(&usb_kill_urb_queue); |
696 |
usb_put_urb(urb); |
697 |
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c |
698 |
-index 07e6654..6420edf 100644 |
699 |
+index ebcd3bf..be93a64 100644 |
700 |
--- a/drivers/usb/core/hub.c |
701 |
+++ b/drivers/usb/core/hub.c |
702 |
@@ -27,6 +27,7 @@ |
703 |
@@ -51278,7 +51226,7 @@ index 07e6654..6420edf 100644 |
704 |
|
705 |
#include <asm/uaccess.h> |
706 |
#include <asm/byteorder.h> |
707 |
-@@ -4442,6 +4443,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1, |
708 |
+@@ -4437,6 +4438,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1, |
709 |
goto done; |
710 |
return; |
711 |
} |
712 |
@@ -56828,10 +56776,10 @@ index 849f613..eae6dec 100644 |
713 |
|
714 |
atomic_set(&midCount, 0); |
715 |
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h |
716 |
-index f918a99..bb300d5 100644 |
717 |
+index 579c6d5..95b6d03353 100644 |
718 |
--- a/fs/cifs/cifsglob.h |
719 |
+++ b/fs/cifs/cifsglob.h |
720 |
-@@ -787,35 +787,35 @@ struct cifs_tcon { |
721 |
+@@ -797,35 +797,35 @@ struct cifs_tcon { |
722 |
__u16 Flags; /* optional support bits */ |
723 |
enum statusEnum tidStatus; |
724 |
#ifdef CONFIG_CIFS_STATS |
725 |
@@ -56891,7 +56839,7 @@ index f918a99..bb300d5 100644 |
726 |
} smb2_stats; |
727 |
#endif /* CONFIG_CIFS_SMB2 */ |
728 |
} stats; |
729 |
-@@ -1145,7 +1145,7 @@ convert_delimiter(char *path, char delim) |
730 |
+@@ -1155,7 +1155,7 @@ convert_delimiter(char *path, char delim) |
731 |
} |
732 |
|
733 |
#ifdef CONFIG_CIFS_STATS |
734 |
@@ -56900,7 +56848,7 @@ index f918a99..bb300d5 100644 |
735 |
|
736 |
static inline void cifs_stats_bytes_written(struct cifs_tcon *tcon, |
737 |
unsigned int bytes) |
738 |
-@@ -1511,8 +1511,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; |
739 |
+@@ -1521,8 +1521,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount; |
740 |
/* Various Debug counters */ |
741 |
GLOBAL_EXTERN atomic_t bufAllocCount; /* current number allocated */ |
742 |
#ifdef CONFIG_CIFS_STATS2 |
743 |
@@ -57013,7 +56961,7 @@ index 2f9f379..43f8025 100644 |
744 |
|
745 |
} |
746 |
diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c |
747 |
-index 5f5ba0d..8d6ef7d 100644 |
748 |
+index ffc9ef9..b3c992b 100644 |
749 |
--- a/fs/cifs/smb1ops.c |
750 |
+++ b/fs/cifs/smb1ops.c |
751 |
@@ -609,27 +609,27 @@ static void |
752 |
@@ -58958,7 +58906,7 @@ index 999ff5c..41f4109 100644 |
753 |
sizeof(struct file_handle) + handle_bytes)) |
754 |
retval = -EFAULT; |
755 |
diff --git a/fs/file.c b/fs/file.c |
756 |
-index 4a78f98..f9a6d25 100644 |
757 |
+index 9de2026..8e334ca 100644 |
758 |
--- a/fs/file.c |
759 |
+++ b/fs/file.c |
760 |
@@ -16,6 +16,7 @@ |
761 |
@@ -61499,22 +61447,6 @@ index f4ccfe6..a5cf064 100644 |
762 |
|
763 |
static struct callback_op callback_ops[]; |
764 |
|
765 |
-diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c |
766 |
-index 812154a..c442a74 100644 |
767 |
---- a/fs/nfs/dir.c |
768 |
-+++ b/fs/nfs/dir.c |
769 |
-@@ -1837,6 +1837,11 @@ int nfs_symlink(struct inode *dir, struct dentry *dentry, const char *symname) |
770 |
- GFP_KERNEL)) { |
771 |
- SetPageUptodate(page); |
772 |
- unlock_page(page); |
773 |
-+ /* |
774 |
-+ * add_to_page_cache_lru() grabs an extra page refcount. |
775 |
-+ * Drop it here to avoid leaking this page later. |
776 |
-+ */ |
777 |
-+ page_cache_release(page); |
778 |
- } else |
779 |
- __free_page(page); |
780 |
- |
781 |
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c |
782 |
index 00ad1c2..2fde15e 100644 |
783 |
--- a/fs/nfs/inode.c |
784 |
@@ -73717,7 +73649,7 @@ index 0000000..ae6c028 |
785 |
+} |
786 |
diff --git a/grsecurity/grsec_ipc.c b/grsecurity/grsec_ipc.c |
787 |
new file mode 100644 |
788 |
-index 0000000..78d1680 |
789 |
+index 0000000..1773300 |
790 |
--- /dev/null |
791 |
+++ b/grsecurity/grsec_ipc.c |
792 |
@@ -0,0 +1,48 @@ |
793 |
@@ -73740,7 +73672,7 @@ index 0000000..78d1680 |
794 |
+ kgid_t egid; |
795 |
+ |
796 |
+ if (!grsec_enable_harden_ipc) |
797 |
-+ return 0; |
798 |
++ return 1; |
799 |
+ |
800 |
+ euid = current_euid(); |
801 |
+ egid = current_egid(); |
802 |
@@ -76610,7 +76542,7 @@ index 19f6003..90b64f4 100644 |
803 |
asmlinkage long compat_sys_lookup_dcookie(u32, u32, char __user *, compat_size_t); |
804 |
/* |
805 |
diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h |
806 |
-index ded4299..55203f8 100644 |
807 |
+index 2507fd2..55203f8 100644 |
808 |
--- a/include/linux/compiler-gcc4.h |
809 |
+++ b/include/linux/compiler-gcc4.h |
810 |
@@ -39,9 +39,34 @@ |
811 |
@@ -76648,19 +76580,6 @@ index ded4299..55203f8 100644 |
812 |
/* |
813 |
* Mark a position in code as unreachable. This can be used to |
814 |
* suppress control flow warnings after asm blocks that transfer |
815 |
-@@ -75,11 +100,7 @@ |
816 |
- * |
817 |
- * (asm goto is automatically volatile - the naming reflects this.) |
818 |
- */ |
819 |
--#if GCC_VERSION <= 40801 |
820 |
--# define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) |
821 |
--#else |
822 |
--# define asm_volatile_goto(x...) do { asm goto(x); } while (0) |
823 |
--#endif |
824 |
-+#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) |
825 |
- |
826 |
- #ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP |
827 |
- #if GCC_VERSION >= 40400 |
828 |
diff --git a/include/linux/compiler.h b/include/linux/compiler.h |
829 |
index 92669cd..cc564c0 100644 |
830 |
--- a/include/linux/compiler.h |
831 |
@@ -81754,7 +81673,7 @@ index 99c1b4d..562e6f3 100644 |
832 |
|
833 |
static inline void put_unaligned_le16(u16 val, void *p) |
834 |
diff --git a/include/linux/usb.h b/include/linux/usb.h |
835 |
-index 512ab16..f53e1bf 100644 |
836 |
+index 7454865..29f4bfa 100644 |
837 |
--- a/include/linux/usb.h |
838 |
+++ b/include/linux/usb.h |
839 |
@@ -563,7 +563,7 @@ struct usb_device { |
840 |
@@ -81766,7 +81685,7 @@ index 512ab16..f53e1bf 100644 |
841 |
|
842 |
unsigned long active_duration; |
843 |
|
844 |
-@@ -1643,7 +1643,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, |
845 |
+@@ -1641,7 +1641,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, |
846 |
|
847 |
extern int usb_control_msg(struct usb_device *dev, unsigned int pipe, |
848 |
__u8 request, __u8 requesttype, __u16 value, __u16 index, |
849 |
@@ -89450,7 +89369,7 @@ index 38463d2..68abe92 100644 |
850 |
|
851 |
ftrace_graph_active++; |
852 |
diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c |
853 |
-index cc2f66f..05edd54 100644 |
854 |
+index 0e337ee..3370631 100644 |
855 |
--- a/kernel/trace/ring_buffer.c |
856 |
+++ b/kernel/trace/ring_buffer.c |
857 |
@@ -352,9 +352,9 @@ struct buffer_data_page { |
858 |
@@ -89585,7 +89504,7 @@ index cc2f66f..05edd54 100644 |
859 |
|
860 |
/* set write to only the index of the write */ |
861 |
write &= RB_WRITE_MASK; |
862 |
-@@ -2408,7 +2408,7 @@ __rb_reserve_next(struct ring_buffer_per_cpu *cpu_buffer, |
863 |
+@@ -2415,7 +2415,7 @@ __rb_reserve_next(struct ring_buffer_per_cpu *cpu_buffer, |
864 |
kmemcheck_annotate_bitfield(event, bitfield); |
865 |
rb_update_event(cpu_buffer, event, length, add_timestamp, delta); |
866 |
|
867 |
@@ -89594,7 +89513,7 @@ index cc2f66f..05edd54 100644 |
868 |
|
869 |
/* |
870 |
* If this is the first commit on the page, then update |
871 |
-@@ -2441,7 +2441,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer, |
872 |
+@@ -2448,7 +2448,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer, |
873 |
|
874 |
if (bpage->page == (void *)addr && rb_page_write(bpage) == old_index) { |
875 |
unsigned long write_mask = |
876 |
@@ -89603,7 +89522,7 @@ index cc2f66f..05edd54 100644 |
877 |
unsigned long event_length = rb_event_length(event); |
878 |
/* |
879 |
* This is on the tail page. It is possible that |
880 |
-@@ -2451,7 +2451,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer, |
881 |
+@@ -2458,7 +2458,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer, |
882 |
*/ |
883 |
old_index += write_mask; |
884 |
new_index += write_mask; |
885 |
@@ -89612,7 +89531,7 @@ index cc2f66f..05edd54 100644 |
886 |
if (index == old_index) { |
887 |
/* update counters */ |
888 |
local_sub(event_length, &cpu_buffer->entries_bytes); |
889 |
-@@ -2843,7 +2843,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, |
890 |
+@@ -2850,7 +2850,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, |
891 |
|
892 |
/* Do the likely case first */ |
893 |
if (likely(bpage->page == (void *)addr)) { |
894 |
@@ -89621,7 +89540,7 @@ index cc2f66f..05edd54 100644 |
895 |
return; |
896 |
} |
897 |
|
898 |
-@@ -2855,7 +2855,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, |
899 |
+@@ -2862,7 +2862,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer, |
900 |
start = bpage; |
901 |
do { |
902 |
if (bpage->page == (void *)addr) { |
903 |
@@ -89630,7 +89549,7 @@ index cc2f66f..05edd54 100644 |
904 |
return; |
905 |
} |
906 |
rb_inc_page(cpu_buffer, &bpage); |
907 |
-@@ -3139,7 +3139,7 @@ static inline unsigned long |
908 |
+@@ -3146,7 +3146,7 @@ static inline unsigned long |
909 |
rb_num_of_entries(struct ring_buffer_per_cpu *cpu_buffer) |
910 |
{ |
911 |
return local_read(&cpu_buffer->entries) - |
912 |
@@ -89639,7 +89558,7 @@ index cc2f66f..05edd54 100644 |
913 |
} |
914 |
|
915 |
/** |
916 |
-@@ -3228,7 +3228,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu) |
917 |
+@@ -3235,7 +3235,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu) |
918 |
return 0; |
919 |
|
920 |
cpu_buffer = buffer->buffers[cpu]; |
921 |
@@ -89648,7 +89567,7 @@ index cc2f66f..05edd54 100644 |
922 |
|
923 |
return ret; |
924 |
} |
925 |
-@@ -3251,7 +3251,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu) |
926 |
+@@ -3258,7 +3258,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu) |
927 |
return 0; |
928 |
|
929 |
cpu_buffer = buffer->buffers[cpu]; |
930 |
@@ -89657,7 +89576,7 @@ index cc2f66f..05edd54 100644 |
931 |
|
932 |
return ret; |
933 |
} |
934 |
-@@ -3336,7 +3336,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer) |
935 |
+@@ -3343,7 +3343,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer) |
936 |
/* if you care about this being correct, lock the buffer */ |
937 |
for_each_buffer_cpu(buffer, cpu) { |
938 |
cpu_buffer = buffer->buffers[cpu]; |
939 |
@@ -89666,7 +89585,7 @@ index cc2f66f..05edd54 100644 |
940 |
} |
941 |
|
942 |
return overruns; |
943 |
-@@ -3512,8 +3512,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) |
944 |
+@@ -3519,8 +3519,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) |
945 |
/* |
946 |
* Reset the reader page to size zero. |
947 |
*/ |
948 |
@@ -89677,7 +89596,7 @@ index cc2f66f..05edd54 100644 |
949 |
local_set(&cpu_buffer->reader_page->page->commit, 0); |
950 |
cpu_buffer->reader_page->real_end = 0; |
951 |
|
952 |
-@@ -3547,7 +3547,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) |
953 |
+@@ -3554,7 +3554,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer) |
954 |
* want to compare with the last_overrun. |
955 |
*/ |
956 |
smp_mb(); |
957 |
@@ -89686,7 +89605,7 @@ index cc2f66f..05edd54 100644 |
958 |
|
959 |
/* |
960 |
* Here's the tricky part. |
961 |
-@@ -4117,8 +4117,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) |
962 |
+@@ -4124,8 +4124,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) |
963 |
|
964 |
cpu_buffer->head_page |
965 |
= list_entry(cpu_buffer->pages, struct buffer_page, list); |
966 |
@@ -89697,7 +89616,7 @@ index cc2f66f..05edd54 100644 |
967 |
local_set(&cpu_buffer->head_page->page->commit, 0); |
968 |
|
969 |
cpu_buffer->head_page->read = 0; |
970 |
-@@ -4128,14 +4128,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) |
971 |
+@@ -4135,14 +4135,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) |
972 |
|
973 |
INIT_LIST_HEAD(&cpu_buffer->reader_page->list); |
974 |
INIT_LIST_HEAD(&cpu_buffer->new_pages); |
975 |
@@ -89716,7 +89635,7 @@ index cc2f66f..05edd54 100644 |
976 |
local_set(&cpu_buffer->dropped_events, 0); |
977 |
local_set(&cpu_buffer->entries, 0); |
978 |
local_set(&cpu_buffer->committing, 0); |
979 |
-@@ -4540,8 +4540,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer, |
980 |
+@@ -4547,8 +4547,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer, |
981 |
rb_init_page(bpage); |
982 |
bpage = reader->page; |
983 |
reader->page = *data_page; |
984 |
@@ -90478,6 +90397,19 @@ index 7811ed3..f80ca19 100644 |
985 |
|
986 |
static inline void *ptr_to_indirect(void *ptr) |
987 |
{ |
988 |
+diff --git a/lib/random32.c b/lib/random32.c |
989 |
+index 1e5b2df..fb616c7 100644 |
990 |
+--- a/lib/random32.c |
991 |
++++ b/lib/random32.c |
992 |
+@@ -44,7 +44,7 @@ |
993 |
+ static void __init prandom_state_selftest(void); |
994 |
+ #endif |
995 |
+ |
996 |
+-static DEFINE_PER_CPU(struct rnd_state, net_rand_state); |
997 |
++static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy; |
998 |
+ |
999 |
+ /** |
1000 |
+ * prandom_u32_state - seeded pseudo-random number generator. |
1001 |
diff --git a/lib/rbtree.c b/lib/rbtree.c |
1002 |
index 65f4eff..2cfa167 100644 |
1003 |
--- a/lib/rbtree.c |
1004 |
@@ -91102,7 +91034,7 @@ index 539eeb9..e24a987 100644 |
1005 |
if (end == start) |
1006 |
return error; |
1007 |
diff --git a/mm/memory-failure.c b/mm/memory-failure.c |
1008 |
-index 6420be5..b7b7c8f 100644 |
1009 |
+index 90977ac..487ab84 100644 |
1010 |
--- a/mm/memory-failure.c |
1011 |
+++ b/mm/memory-failure.c |
1012 |
@@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; |
1013 |
@@ -91132,7 +91064,7 @@ index 6420be5..b7b7c8f 100644 |
1014 |
{ reserved, reserved, "reserved kernel", me_kernel }, |
1015 |
/* |
1016 |
* free pages are specially detected outside this table: |
1017 |
-@@ -1060,7 +1060,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1018 |
+@@ -1062,7 +1062,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1019 |
nr_pages = 1 << compound_order(hpage); |
1020 |
else /* normal page or thp */ |
1021 |
nr_pages = 1; |
1022 |
@@ -91141,7 +91073,7 @@ index 6420be5..b7b7c8f 100644 |
1023 |
|
1024 |
/* |
1025 |
* We need/can do nothing about count=0 pages. |
1026 |
-@@ -1090,7 +1090,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1027 |
+@@ -1092,7 +1092,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1028 |
if (!PageHWPoison(hpage) |
1029 |
|| (hwpoison_filter(p) && TestClearPageHWPoison(p)) |
1030 |
|| (p != hpage && TestSetPageHWPoison(hpage))) { |
1031 |
@@ -91150,7 +91082,7 @@ index 6420be5..b7b7c8f 100644 |
1032 |
return 0; |
1033 |
} |
1034 |
set_page_hwpoison_huge_page(hpage); |
1035 |
-@@ -1159,7 +1159,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1036 |
+@@ -1161,7 +1161,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) |
1037 |
} |
1038 |
if (hwpoison_filter(p)) { |
1039 |
if (TestClearPageHWPoison(p)) |
1040 |
@@ -91159,7 +91091,7 @@ index 6420be5..b7b7c8f 100644 |
1041 |
unlock_page(hpage); |
1042 |
put_page(hpage); |
1043 |
return 0; |
1044 |
-@@ -1381,7 +1381,7 @@ int unpoison_memory(unsigned long pfn) |
1045 |
+@@ -1383,7 +1383,7 @@ int unpoison_memory(unsigned long pfn) |
1046 |
return 0; |
1047 |
} |
1048 |
if (TestClearPageHWPoison(p)) |
1049 |
@@ -91168,7 +91100,7 @@ index 6420be5..b7b7c8f 100644 |
1050 |
pr_info("MCE: Software-unpoisoned free page %#lx\n", pfn); |
1051 |
return 0; |
1052 |
} |
1053 |
-@@ -1395,7 +1395,7 @@ int unpoison_memory(unsigned long pfn) |
1054 |
+@@ -1397,7 +1397,7 @@ int unpoison_memory(unsigned long pfn) |
1055 |
*/ |
1056 |
if (TestClearPageHWPoison(page)) { |
1057 |
pr_info("MCE: Software-unpoisoned page %#lx\n", pfn); |
1058 |
@@ -91177,7 +91109,7 @@ index 6420be5..b7b7c8f 100644 |
1059 |
freeit = 1; |
1060 |
if (PageHuge(page)) |
1061 |
clear_page_hwpoison_huge_page(page); |
1062 |
-@@ -1520,11 +1520,11 @@ static int soft_offline_huge_page(struct page *page, int flags) |
1063 |
+@@ -1522,11 +1522,11 @@ static int soft_offline_huge_page(struct page *page, int flags) |
1064 |
if (PageHuge(page)) { |
1065 |
set_page_hwpoison_huge_page(hpage); |
1066 |
dequeue_hwpoisoned_huge_page(hpage); |
1067 |
@@ -91191,7 +91123,7 @@ index 6420be5..b7b7c8f 100644 |
1068 |
} |
1069 |
} |
1070 |
return ret; |
1071 |
-@@ -1563,7 +1563,7 @@ static int __soft_offline_page(struct page *page, int flags) |
1072 |
+@@ -1565,7 +1565,7 @@ static int __soft_offline_page(struct page *page, int flags) |
1073 |
put_page(page); |
1074 |
pr_info("soft_offline: %#lx: invalidated\n", pfn); |
1075 |
SetPageHWPoison(page); |
1076 |
@@ -91200,7 +91132,7 @@ index 6420be5..b7b7c8f 100644 |
1077 |
return 0; |
1078 |
} |
1079 |
|
1080 |
-@@ -1608,7 +1608,7 @@ static int __soft_offline_page(struct page *page, int flags) |
1081 |
+@@ -1610,7 +1610,7 @@ static int __soft_offline_page(struct page *page, int flags) |
1082 |
if (!is_free_buddy_page(page)) |
1083 |
pr_info("soft offline: %#lx: page leaked\n", |
1084 |
pfn); |
1085 |
@@ -91209,7 +91141,7 @@ index 6420be5..b7b7c8f 100644 |
1086 |
} |
1087 |
} else { |
1088 |
pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", |
1089 |
-@@ -1682,11 +1682,11 @@ int soft_offline_page(struct page *page, int flags) |
1090 |
+@@ -1684,11 +1684,11 @@ int soft_offline_page(struct page *page, int flags) |
1091 |
if (PageHuge(page)) { |
1092 |
set_page_hwpoison_huge_page(hpage); |
1093 |
dequeue_hwpoisoned_huge_page(hpage); |
1094 |
@@ -99073,7 +99005,7 @@ index da1a1ce..571db8d 100644 |
1095 |
if (inet->cmsg_flags) |
1096 |
ip_cmsg_recv(msg, skb); |
1097 |
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c |
1098 |
-index 364ce0c..3ebb5a4 100644 |
1099 |
+index b4b61b2..ac84a257 100644 |
1100 |
--- a/net/mac80211/cfg.c |
1101 |
+++ b/net/mac80211/cfg.c |
1102 |
@@ -826,7 +826,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, |
1103 |
@@ -99085,7 +99017,7 @@ index 364ce0c..3ebb5a4 100644 |
1104 |
local->_oper_chandef = *chandef; |
1105 |
ieee80211_hw_config(local, 0); |
1106 |
} |
1107 |
-@@ -3308,7 +3308,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, |
1108 |
+@@ -3311,7 +3311,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, |
1109 |
else |
1110 |
local->probe_req_reg--; |
1111 |
|
1112 |
@@ -99094,7 +99026,7 @@ index 364ce0c..3ebb5a4 100644 |
1113 |
break; |
1114 |
|
1115 |
ieee80211_queue_work(&local->hw, &local->reconfig_filter); |
1116 |
-@@ -3771,8 +3771,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, |
1117 |
+@@ -3774,8 +3774,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, |
1118 |
if (chanctx_conf) { |
1119 |
*chandef = chanctx_conf->def; |
1120 |
ret = 0; |
1121 |
@@ -102033,7 +101965,7 @@ index 2dcb377..a82c500 100644 |
1122 |
kallsymso="" |
1123 |
kallsyms_vmlinux="" |
1124 |
diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c |
1125 |
-index 2370863..212fbca 100644 |
1126 |
+index 25e5cb0..6e85821 100644 |
1127 |
--- a/scripts/mod/file2alias.c |
1128 |
+++ b/scripts/mod/file2alias.c |
1129 |
@@ -142,7 +142,7 @@ static void device_id_check(const char *modname, const char *device_id, |
1130 |
@@ -106500,10 +106432,10 @@ index 0000000..dd73713 |
1131 |
+} |
1132 |
diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c |
1133 |
new file mode 100644 |
1134 |
-index 0000000..7e39d81 |
1135 |
+index 0000000..1a98bed |
1136 |
--- /dev/null |
1137 |
+++ b/tools/gcc/latent_entropy_plugin.c |
1138 |
-@@ -0,0 +1,403 @@ |
1139 |
+@@ -0,0 +1,451 @@ |
1140 |
+/* |
1141 |
+ * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu> |
1142 |
+ * Licensed under the GPL v2 |
1143 |
@@ -106532,7 +106464,7 @@ index 0000000..7e39d81 |
1144 |
+static tree latent_entropy_decl; |
1145 |
+ |
1146 |
+static struct plugin_info latent_entropy_plugin_info = { |
1147 |
-+ .version = "201402210120", |
1148 |
++ .version = "201402240545", |
1149 |
+ .help = NULL |
1150 |
+}; |
1151 |
+ |
1152 |
@@ -106555,6 +106487,12 @@ index 0000000..7e39d81 |
1153 |
+static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) |
1154 |
+{ |
1155 |
+ tree type; |
1156 |
++ unsigned long long mask; |
1157 |
++#if BUILDING_GCC_VERSION <= 4007 |
1158 |
++ VEC(constructor_elt, gc) *vals; |
1159 |
++#else |
1160 |
++ vec<constructor_elt, va_gc> *vals; |
1161 |
++#endif |
1162 |
+ |
1163 |
+ switch (TREE_CODE(*node)) { |
1164 |
+ default: |
1165 |
@@ -106579,22 +106517,64 @@ index 0000000..7e39d81 |
1166 |
+ switch (TREE_CODE(type)) { |
1167 |
+ default: |
1168 |
+ *no_add_attrs = true; |
1169 |
-+ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name); |
1170 |
++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type or a fixed sized structure with integer fields", *node, name); |
1171 |
++ break; |
1172 |
++ |
1173 |
++ case RECORD_TYPE: { |
1174 |
++ tree field; |
1175 |
++ unsigned int nelt = 0; |
1176 |
++ |
1177 |
++ for (field = TYPE_FIELDS(type); field; nelt++, field = TREE_CHAIN(field)) { |
1178 |
++ tree fieldtype; |
1179 |
++ |
1180 |
++ fieldtype = TREE_TYPE(field); |
1181 |
++ if (TREE_CODE(fieldtype) != INTEGER_TYPE) { |
1182 |
++ *no_add_attrs = true; |
1183 |
++ error("structure variable %qD with %qE attribute has a non-integer field %qE", *node, name, field); |
1184 |
++ break; |
1185 |
++ } |
1186 |
++ } |
1187 |
++ |
1188 |
++ if (field) |
1189 |
++ break; |
1190 |
++ |
1191 |
++#if BUILDING_GCC_VERSION <= 4007 |
1192 |
++ vals = VEC_alloc(constructor_elt, gc, nelt); |
1193 |
++#else |
1194 |
++ vec_alloc(vals, nelt); |
1195 |
++#endif |
1196 |
++ |
1197 |
++ for (field = TYPE_FIELDS(type); field; field = TREE_CHAIN(field)) { |
1198 |
++ tree fieldtype; |
1199 |
++ |
1200 |
++ fieldtype = TREE_TYPE(field); |
1201 |
++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(fieldtype)) - 1); |
1202 |
++ mask = 2 * (mask - 1) + 1; |
1203 |
++ |
1204 |
++ if (TYPE_UNSIGNED(fieldtype)) |
1205 |
++ CONSTRUCTOR_APPEND_ELT(vals, field, build_int_cstu(fieldtype, mask & get_random_const())); |
1206 |
++ else |
1207 |
++ CONSTRUCTOR_APPEND_ELT(vals, field, build_int_cst(fieldtype, mask & get_random_const())); |
1208 |
++ } |
1209 |
++ |
1210 |
++ DECL_INITIAL(*node) = build_constructor(type, vals); |
1211 |
++//debug_tree(DECL_INITIAL(*node)); |
1212 |
+ break; |
1213 |
++ } |
1214 |
+ |
1215 |
+ case INTEGER_TYPE: |
1216 |
-+ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const()); |
1217 |
++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(type)) - 1); |
1218 |
++ mask = 2 * (mask - 1) + 1; |
1219 |
++ |
1220 |
++ if (TYPE_UNSIGNED(type)) |
1221 |
++ DECL_INITIAL(*node) = build_int_cstu(type, mask & get_random_const()); |
1222 |
++ else |
1223 |
++ DECL_INITIAL(*node) = build_int_cst(type, mask & get_random_const()); |
1224 |
+ break; |
1225 |
+ |
1226 |
+ case ARRAY_TYPE: { |
1227 |
+ tree elt_type, array_size, elt_size; |
1228 |
-+ unsigned long long mask; |
1229 |
+ unsigned int i, nelt; |
1230 |
-+#if BUILDING_GCC_VERSION <= 4007 |
1231 |
-+ VEC(constructor_elt, gc) *vals; |
1232 |
-+#else |
1233 |
-+ vec<constructor_elt, va_gc> *vals; |
1234 |
-+#endif |
1235 |
+ |
1236 |
+ elt_type = TREE_TYPE(type); |
1237 |
+ elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type)); |
1238 |
@@ -106602,7 +106582,7 @@ index 0000000..7e39d81 |
1239 |
+ |
1240 |
+ if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) { |
1241 |
+ *no_add_attrs = true; |
1242 |
-+ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name); |
1243 |
++ error("array variable %qD with %qE attribute must be a fixed length integer array type", *node, name); |
1244 |
+ break; |
1245 |
+ } |
1246 |
+ |
1247 |
|
1248 |
diff --git a/3.13.3/4425_grsec_remove_EI_PAX.patch b/3.13.5/4425_grsec_remove_EI_PAX.patch |
1249 |
similarity index 100% |
1250 |
rename from 3.13.3/4425_grsec_remove_EI_PAX.patch |
1251 |
rename to 3.13.5/4425_grsec_remove_EI_PAX.patch |
1252 |
|
1253 |
diff --git a/3.13.3/4427_force_XATTR_PAX_tmpfs.patch b/3.13.5/4427_force_XATTR_PAX_tmpfs.patch |
1254 |
similarity index 100% |
1255 |
rename from 3.13.3/4427_force_XATTR_PAX_tmpfs.patch |
1256 |
rename to 3.13.5/4427_force_XATTR_PAX_tmpfs.patch |
1257 |
|
1258 |
diff --git a/3.13.3/4430_grsec-remove-localversion-grsec.patch b/3.13.5/4430_grsec-remove-localversion-grsec.patch |
1259 |
similarity index 100% |
1260 |
rename from 3.13.3/4430_grsec-remove-localversion-grsec.patch |
1261 |
rename to 3.13.5/4430_grsec-remove-localversion-grsec.patch |
1262 |
|
1263 |
diff --git a/3.13.3/4435_grsec-mute-warnings.patch b/3.13.5/4435_grsec-mute-warnings.patch |
1264 |
similarity index 100% |
1265 |
rename from 3.13.3/4435_grsec-mute-warnings.patch |
1266 |
rename to 3.13.5/4435_grsec-mute-warnings.patch |
1267 |
|
1268 |
diff --git a/3.13.3/4440_grsec-remove-protected-paths.patch b/3.13.5/4440_grsec-remove-protected-paths.patch |
1269 |
similarity index 100% |
1270 |
rename from 3.13.3/4440_grsec-remove-protected-paths.patch |
1271 |
rename to 3.13.5/4440_grsec-remove-protected-paths.patch |
1272 |
|
1273 |
diff --git a/3.13.3/4450_grsec-kconfig-default-gids.patch b/3.13.5/4450_grsec-kconfig-default-gids.patch |
1274 |
similarity index 100% |
1275 |
rename from 3.13.3/4450_grsec-kconfig-default-gids.patch |
1276 |
rename to 3.13.5/4450_grsec-kconfig-default-gids.patch |
1277 |
|
1278 |
diff --git a/3.13.3/4465_selinux-avc_audit-log-curr_ip.patch b/3.13.5/4465_selinux-avc_audit-log-curr_ip.patch |
1279 |
similarity index 100% |
1280 |
rename from 3.13.3/4465_selinux-avc_audit-log-curr_ip.patch |
1281 |
rename to 3.13.5/4465_selinux-avc_audit-log-curr_ip.patch |
1282 |
|
1283 |
diff --git a/3.13.3/4470_disable-compat_vdso.patch b/3.13.5/4470_disable-compat_vdso.patch |
1284 |
similarity index 100% |
1285 |
rename from 3.13.3/4470_disable-compat_vdso.patch |
1286 |
rename to 3.13.5/4470_disable-compat_vdso.patch |
1287 |
|
1288 |
diff --git a/3.13.3/4475_emutramp_default_on.patch b/3.13.5/4475_emutramp_default_on.patch |
1289 |
similarity index 100% |
1290 |
rename from 3.13.3/4475_emutramp_default_on.patch |
1291 |
rename to 3.13.5/4475_emutramp_default_on.patch |
1292 |
|
1293 |
diff --git a/3.2.55/0000_README b/3.2.55/0000_README |
1294 |
index f58c905..0a4207c 100644 |
1295 |
--- a/3.2.55/0000_README |
1296 |
+++ b/3.2.55/0000_README |
1297 |
@@ -138,7 +138,7 @@ Patch: 1054_linux-3.2.55.patch |
1298 |
From: http://www.kernel.org |
1299 |
Desc: Linux 3.2.55 |
1300 |
|
1301 |
-Patch: 4420_grsecurity-3.0-3.2.55-201402221305.patch |
1302 |
+Patch: 4420_grsecurity-3.0-3.2.55-201402241936.patch |
1303 |
From: http://www.grsecurity.net |
1304 |
Desc: hardened-sources base patch from upstream grsecurity |
1305 |
|
1306 |
|
1307 |
diff --git a/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch b/3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch |
1308 |
similarity index 99% |
1309 |
rename from 3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch |
1310 |
rename to 3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch |
1311 |
index 8c95615..f875551 100644 |
1312 |
--- a/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch |
1313 |
+++ b/3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch |
1314 |
@@ -71890,7 +71890,7 @@ index 0000000..7bcfc7a |
1315 |
+} |
1316 |
diff --git a/grsecurity/grsec_ipc.c b/grsecurity/grsec_ipc.c |
1317 |
new file mode 100644 |
1318 |
-index 0000000..5377493 |
1319 |
+index 0000000..28dbb82 |
1320 |
--- /dev/null |
1321 |
+++ b/grsecurity/grsec_ipc.c |
1322 |
@@ -0,0 +1,48 @@ |
1323 |
@@ -71913,7 +71913,7 @@ index 0000000..5377493 |
1324 |
+ gid_t egid; |
1325 |
+ |
1326 |
+ if (!grsec_enable_harden_ipc) |
1327 |
-+ return 0; |
1328 |
++ return 1; |
1329 |
+ |
1330 |
+ euid = current_euid(); |
1331 |
+ egid = current_egid(); |