Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.55/, 3.13.5/, 3.13.3/
Date: Tue, 25 Feb 2014 14:57:28
Message-Id: 1393340317.8aa05d3d048b18099f62ae408847abb9c29648eb.blueness@gentoo
1 commit: 8aa05d3d048b18099f62ae408847abb9c29648eb
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Tue Feb 25 14:58:37 2014 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Tue Feb 25 14:58:37 2014 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=8aa05d3d
7
8 Grsec/PaX: 3.0-{3.2.55,3.13.5}-201402241943
9
10 ---
11 {3.13.3 => 3.13.5}/0000_README | 2 +-
12 .../4420_grsecurity-3.0-3.13.5-201402241943.patch | 414 ++++++++++-----------
13 {3.13.3 => 3.13.5}/4425_grsec_remove_EI_PAX.patch | 0
14 .../4427_force_XATTR_PAX_tmpfs.patch | 0
15 .../4430_grsec-remove-localversion-grsec.patch | 0
16 {3.13.3 => 3.13.5}/4435_grsec-mute-warnings.patch | 0
17 .../4440_grsec-remove-protected-paths.patch | 0
18 .../4450_grsec-kconfig-default-gids.patch | 0
19 .../4465_selinux-avc_audit-log-curr_ip.patch | 0
20 {3.13.3 => 3.13.5}/4470_disable-compat_vdso.patch | 0
21 {3.13.3 => 3.13.5}/4475_emutramp_default_on.patch | 0
22 3.2.55/0000_README | 2 +-
23 ... 4420_grsecurity-3.0-3.2.55-201402241936.patch} | 4 +-
24 13 files changed, 201 insertions(+), 221 deletions(-)
25
26 diff --git a/3.13.3/0000_README b/3.13.5/0000_README
27 similarity index 96%
28 rename from 3.13.3/0000_README
29 rename to 3.13.5/0000_README
30 index dc48ad4..7516385 100644
31 --- a/3.13.3/0000_README
32 +++ b/3.13.5/0000_README
33 @@ -2,7 +2,7 @@ README
34 -----------------------------------------------------------------------------
35 Individual Patch Descriptions:
36 -----------------------------------------------------------------------------
37 -Patch: 4420_grsecurity-3.0-3.13.4-201402221308.patch
38 +Patch: 4420_grsecurity-3.0-3.13.5-201402241943.patch
39 From: http://www.grsecurity.net
40 Desc: hardened-sources base patch from upstream grsecurity
41
42
43 diff --git a/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch b/3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch
44 similarity index 99%
45 rename from 3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch
46 rename to 3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch
47 index 0cb3174..0356b07 100644
48 --- a/3.13.3/4420_grsecurity-3.0-3.13.4-201402221308.patch
49 +++ b/3.13.5/4420_grsecurity-3.0-3.13.5-201402241943.patch
50 @@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644
51
52 pcd. [PARIDE]
53 diff --git a/Makefile b/Makefile
54 -index 2236ed8..89d7bf0 100644
55 +index a03bbf9..0817ef1 100644
56 --- a/Makefile
57 +++ b/Makefile
58 @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
59 @@ -17178,7 +17178,7 @@ index 81bb91b..9392125 100644
60
61 /*
62 diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
63 -index bbc8b12..f228861 100644
64 +index 5ad38ad..71db3f2 100644
65 --- a/arch/x86/include/asm/pgtable.h
66 +++ b/arch/x86/include/asm/pgtable.h
67 @@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page);
68 @@ -17301,7 +17301,7 @@ index bbc8b12..f228861 100644
69 #include <linux/mm_types.h>
70 #include <linux/mmdebug.h>
71 #include <linux/log2.h>
72 -@@ -570,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud)
73 +@@ -580,7 +655,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud)
74 * Currently stuck as a macro due to indirect forward reference to
75 * linux/mmzone.h's __section_mem_map_addr() definition:
76 */
77 @@ -17310,7 +17310,7 @@ index bbc8b12..f228861 100644
78
79 /* Find an entry in the second-level page table.. */
80 static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address)
81 -@@ -610,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd)
82 +@@ -620,7 +695,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd)
83 * Currently stuck as a macro due to indirect forward reference to
84 * linux/mmzone.h's __section_mem_map_addr() definition:
85 */
86 @@ -17319,7 +17319,7 @@ index bbc8b12..f228861 100644
87
88 /* to find an entry in a page-table-directory. */
89 static inline unsigned long pud_index(unsigned long address)
90 -@@ -625,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address)
91 +@@ -635,7 +710,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address)
92
93 static inline int pgd_bad(pgd_t pgd)
94 {
95 @@ -17328,7 +17328,7 @@ index bbc8b12..f228861 100644
96 }
97
98 static inline int pgd_none(pgd_t pgd)
99 -@@ -648,7 +723,12 @@ static inline int pgd_none(pgd_t pgd)
100 +@@ -658,7 +733,12 @@ static inline int pgd_none(pgd_t pgd)
101 * pgd_offset() returns a (pgd_t *)
102 * pgd_index() is used get the offset into the pgd page's array of pgd_t's;
103 */
104 @@ -17342,7 +17342,7 @@ index bbc8b12..f228861 100644
105 /*
106 * a shortcut which implies the use of the kernel's pgd, instead
107 * of a process's
108 -@@ -659,6 +739,23 @@ static inline int pgd_none(pgd_t pgd)
109 +@@ -669,6 +749,23 @@ static inline int pgd_none(pgd_t pgd)
110 #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET)
111 #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY)
112
113 @@ -17366,7 +17366,7 @@ index bbc8b12..f228861 100644
114 #ifndef __ASSEMBLY__
115
116 extern int direct_gbpages;
117 -@@ -825,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
118 +@@ -835,11 +932,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm,
119 * dst and src can be on the same page, but the range must not overlap,
120 * and must not cross a page boundary.
121 */
122 @@ -20437,7 +20437,7 @@ index 59bfebc..d8f27bd 100644
123 if (c->x86_model == 3 && c->x86_mask == 0)
124 size = 64;
125 diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
126 -index 6abc172..77b0d1b 100644
127 +index fe2bdd0..77b0d1b 100644
128 --- a/arch/x86/kernel/cpu/common.c
129 +++ b/arch/x86/kernel/cpu/common.c
130 @@ -88,60 +88,6 @@ static const struct cpu_dev default_cpu = {
131 @@ -20501,18 +20501,8 @@ index 6abc172..77b0d1b 100644
132 static int __init x86_xsave_setup(char *s)
133 {
134 setup_clear_cpu_cap(X86_FEATURE_XSAVE);
135 -@@ -284,10 +230,68 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
136 - raw_local_save_flags(eflags);
137 - BUG_ON(eflags & X86_EFLAGS_AC);
138 -
139 -- if (cpu_has(c, X86_FEATURE_SMAP))
140 -+ if (cpu_has(c, X86_FEATURE_SMAP)) {
141 -+#ifdef CONFIG_X86_SMAP
142 - set_in_cr4(X86_CR4_SMAP);
143 -+#else
144 -+ clear_in_cr4(X86_CR4_SMAP);
145 -+#endif
146 -+ }
147 +@@ -293,6 +239,59 @@ static __always_inline void setup_smap(struct cpuinfo_x86 *c)
148 + }
149 }
150
151 +#ifdef CONFIG_X86_64
152 @@ -20571,7 +20561,7 @@ index 6abc172..77b0d1b 100644
153 /*
154 * Some CPU features depend on higher CPUID levels, which may not always
155 * be available due to CPUID level capping or broken virtualization
156 -@@ -388,7 +392,7 @@ void switch_to_new_gdt(int cpu)
157 +@@ -393,7 +392,7 @@ void switch_to_new_gdt(int cpu)
158 {
159 struct desc_ptr gdt_descr;
160
161 @@ -20580,7 +20570,7 @@ index 6abc172..77b0d1b 100644
162 gdt_descr.size = GDT_SIZE - 1;
163 load_gdt(&gdt_descr);
164 /* Reload the per-cpu base */
165 -@@ -877,6 +881,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
166 +@@ -882,6 +881,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
167 setup_smep(c);
168 setup_smap(c);
169
170 @@ -20591,7 +20581,7 @@ index 6abc172..77b0d1b 100644
171 /*
172 * The vendor-specific functions might have changed features.
173 * Now we do "generic changes."
174 -@@ -885,6 +893,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
175 +@@ -890,6 +893,10 @@ static void identify_cpu(struct cpuinfo_x86 *c)
176 /* Filter out anything that depends on CPUID levels we don't have */
177 filter_cpuid_features(c, true);
178
179 @@ -20602,7 +20592,7 @@ index 6abc172..77b0d1b 100644
180 /* If the model name is still unset, do table lookup. */
181 if (!c->x86_model_id[0]) {
182 const char *p;
183 -@@ -1072,10 +1084,12 @@ static __init int setup_disablecpuid(char *arg)
184 +@@ -1077,10 +1084,12 @@ static __init int setup_disablecpuid(char *arg)
185 }
186 __setup("clearcpuid=", setup_disablecpuid);
187
188 @@ -20618,7 +20608,7 @@ index 6abc172..77b0d1b 100644
189
190 DEFINE_PER_CPU_FIRST(union irq_stack_union,
191 irq_stack_union) __aligned(PAGE_SIZE) __visible;
192 -@@ -1089,7 +1103,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned =
193 +@@ -1094,7 +1103,7 @@ DEFINE_PER_CPU(struct task_struct *, current_task) ____cacheline_aligned =
194 EXPORT_PER_CPU_SYMBOL(current_task);
195
196 DEFINE_PER_CPU(unsigned long, kernel_stack) =
197 @@ -20627,7 +20617,7 @@ index 6abc172..77b0d1b 100644
198 EXPORT_PER_CPU_SYMBOL(kernel_stack);
199
200 DEFINE_PER_CPU(char *, irq_stack_ptr) =
201 -@@ -1239,7 +1253,7 @@ void cpu_init(void)
202 +@@ -1244,7 +1253,7 @@ void cpu_init(void)
203 load_ucode_ap();
204
205 cpu = stack_smp_processor_id();
206 @@ -20636,7 +20626,7 @@ index 6abc172..77b0d1b 100644
207 oist = &per_cpu(orig_ist, cpu);
208
209 #ifdef CONFIG_NUMA
210 -@@ -1274,7 +1288,6 @@ void cpu_init(void)
211 +@@ -1279,7 +1288,6 @@ void cpu_init(void)
212 wrmsrl(MSR_KERNEL_GS_BASE, 0);
213 barrier();
214
215 @@ -20644,7 +20634,7 @@ index 6abc172..77b0d1b 100644
216 enable_x2apic();
217
218 /*
219 -@@ -1326,7 +1339,7 @@ void cpu_init(void)
220 +@@ -1331,7 +1339,7 @@ void cpu_init(void)
221 {
222 int cpu = smp_processor_id();
223 struct task_struct *curr = current;
224 @@ -23545,10 +23535,10 @@ index 1e96c36..3ff710a 100644
225 /*
226 * End of kprobes section
227 diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c
228 -index d4bdd25..912664c 100644
229 +index e625319..b9abb9d 100644
230 --- a/arch/x86/kernel/ftrace.c
231 +++ b/arch/x86/kernel/ftrace.c
232 -@@ -105,6 +105,8 @@ ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code,
233 +@@ -104,6 +104,8 @@ ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code,
234 {
235 unsigned char replaced[MCOUNT_INSN_SIZE];
236
237 @@ -23557,25 +23547,16 @@ index d4bdd25..912664c 100644
238 /*
239 * Note: Due to modules and __init, code can
240 * disappear and change, we need to protect against faulting
241 -@@ -227,7 +229,7 @@ int ftrace_update_ftrace_func(ftrace_func_t func)
242 - unsigned char old[MCOUNT_INSN_SIZE], *new;
243 +@@ -229,7 +231,7 @@ static int update_ftrace_func(unsigned long ip, void *new)
244 + unsigned char old[MCOUNT_INSN_SIZE];
245 int ret;
246
247 -- memcpy(old, &ftrace_call, MCOUNT_INSN_SIZE);
248 -+ memcpy(old, (void *)ktla_ktva((unsigned long)ftrace_call), MCOUNT_INSN_SIZE);
249 - new = ftrace_call_replace(ip, (unsigned long)func);
250 +- memcpy(old, (void *)ip, MCOUNT_INSN_SIZE);
251 ++ memcpy(old, (void *)ktla_ktva(ip), MCOUNT_INSN_SIZE);
252
253 - /* See comment above by declaration of modifying_ftrace_code */
254 -@@ -238,7 +240,7 @@ int ftrace_update_ftrace_func(ftrace_func_t func)
255 - /* Also update the regs callback function */
256 - if (!ret) {
257 - ip = (unsigned long)(&ftrace_regs_call);
258 -- memcpy(old, &ftrace_regs_call, MCOUNT_INSN_SIZE);
259 -+ memcpy(old, ktla_ktva((void *)&ftrace_regs_call), MCOUNT_INSN_SIZE);
260 - new = ftrace_call_replace(ip, (unsigned long)func);
261 - ret = ftrace_modify_code(ip, old, new);
262 - }
263 -@@ -291,7 +293,7 @@ static int ftrace_write(unsigned long ip, const char *val, int size)
264 + ftrace_update_func = ip;
265 + /* Make sure the breakpoints see the ftrace_update_func update */
266 +@@ -306,7 +308,7 @@ static int ftrace_write(unsigned long ip, const char *val, int size)
267 * kernel identity mapping to modify code.
268 */
269 if (within(ip, (unsigned long)_text, (unsigned long)_etext))
270 @@ -23584,7 +23565,7 @@ index d4bdd25..912664c 100644
271
272 return probe_kernel_write((void *)ip, val, size);
273 }
274 -@@ -301,7 +303,7 @@ static int add_break(unsigned long ip, const char *old)
275 +@@ -316,7 +318,7 @@ static int add_break(unsigned long ip, const char *old)
276 unsigned char replaced[MCOUNT_INSN_SIZE];
277 unsigned char brk = BREAKPOINT_INSTRUCTION;
278
279 @@ -23593,7 +23574,7 @@ index d4bdd25..912664c 100644
280 return -EFAULT;
281
282 /* Make sure it is what we expect it to be */
283 -@@ -649,7 +651,7 @@ ftrace_modify_code(unsigned long ip, unsigned const char *old_code,
284 +@@ -664,7 +666,7 @@ ftrace_modify_code(unsigned long ip, unsigned const char *old_code,
285 return ret;
286
287 fail_update:
288 @@ -23602,15 +23583,6 @@ index d4bdd25..912664c 100644
289 goto out;
290 }
291
292 -@@ -682,6 +684,8 @@ static int ftrace_mod_jmp(unsigned long ip,
293 - {
294 - unsigned char code[MCOUNT_INSN_SIZE];
295 -
296 -+ ip = ktla_ktva(ip);
297 -+
298 - if (probe_kernel_read(code, (void *)ip, MCOUNT_INSN_SIZE))
299 - return -EFAULT;
300 -
301 diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c
302 index 85126cc..1bbce17 100644
303 --- a/arch/x86/kernel/head64.c
304 @@ -30828,7 +30800,7 @@ index 903ec1e..c4166b2 100644
305 }
306
307 diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
308 -index 9d591c8..31e52ff 100644
309 +index 6dea040..31e52ff 100644
310 --- a/arch/x86/mm/fault.c
311 +++ b/arch/x86/mm/fault.c
312 @@ -14,11 +14,18 @@
313 @@ -31192,16 +31164,7 @@ index 9d591c8..31e52ff 100644
314 if (error_code & PF_WRITE) {
315 /* write, present and write, not present: */
316 if (unlikely(!(vma->vm_flags & VM_WRITE)))
317 -@@ -1001,10 +1209,16 @@ static int fault_in_kernel_space(unsigned long address)
318 -
319 - static inline bool smap_violation(int error_code, struct pt_regs *regs)
320 - {
321 -+ if (!IS_ENABLED(CONFIG_X86_SMAP))
322 -+ return false;
323 -+
324 -+ if (!static_cpu_has(X86_FEATURE_SMAP))
325 -+ return false;
326 -+
327 +@@ -1010,7 +1218,7 @@ static inline bool smap_violation(int error_code, struct pt_regs *regs)
328 if (error_code & PF_USER)
329 return false;
330
331 @@ -31210,7 +31173,7 @@ index 9d591c8..31e52ff 100644
332 return false;
333
334 return true;
335 -@@ -1031,6 +1245,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
336 +@@ -1037,6 +1245,22 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
337 /* Get the faulting address: */
338 address = read_cr2();
339
340 @@ -31233,22 +31196,7 @@ index 9d591c8..31e52ff 100644
341 /*
342 * Detect and handle instructions that would cause a page fault for
343 * both a tracked kernel page and a userspace page.
344 -@@ -1087,11 +1317,9 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
345 - if (unlikely(error_code & PF_RSVD))
346 - pgtable_bad(regs, error_code, address);
347 -
348 -- if (static_cpu_has(X86_FEATURE_SMAP)) {
349 -- if (unlikely(smap_violation(error_code, regs))) {
350 -- bad_area_nosemaphore(regs, error_code, address);
351 -- return;
352 -- }
353 -+ if (unlikely(smap_violation(error_code, regs))) {
354 -+ bad_area_nosemaphore(regs, error_code, address);
355 -+ return;
356 - }
357 -
358 - /*
359 -@@ -1110,7 +1338,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
360 +@@ -1114,7 +1338,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code)
361 * User-mode registers count as a user access even for any
362 * potential system fault or CPU buglet:
363 */
364 @@ -31257,7 +31205,7 @@ index 9d591c8..31e52ff 100644
365 local_irq_enable();
366 error_code |= PF_USER;
367 flags |= FAULT_FLAG_USER;
368 -@@ -1157,6 +1385,11 @@ retry:
369 +@@ -1161,6 +1385,11 @@ retry:
370 might_sleep();
371 }
372
373 @@ -31269,7 +31217,7 @@ index 9d591c8..31e52ff 100644
374 vma = find_vma(mm, address);
375 if (unlikely(!vma)) {
376 bad_area(regs, error_code, address);
377 -@@ -1168,18 +1401,24 @@ retry:
378 +@@ -1172,18 +1401,24 @@ retry:
379 bad_area(regs, error_code, address);
380 return;
381 }
382 @@ -31305,7 +31253,7 @@ index 9d591c8..31e52ff 100644
383 if (unlikely(expand_stack(vma, address))) {
384 bad_area(regs, error_code, address);
385 return;
386 -@@ -1273,3 +1512,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code)
387 +@@ -1277,3 +1512,292 @@ trace_do_page_fault(struct pt_regs *regs, unsigned long error_code)
388 __do_page_fault(regs, error_code);
389 exception_exit(prev_state);
390 }
391 @@ -35088,7 +35036,7 @@ index fa6ade7..73da73a5 100644
392
393 #ifdef CONFIG_ACPI_NUMA
394 diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
395 -index ce563be..7327d91 100644
396 +index 3c76c3d..7871755 100644
397 --- a/arch/x86/xen/mmu.c
398 +++ b/arch/x86/xen/mmu.c
399 @@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val)
400 @@ -35098,7 +35046,7 @@ index ce563be..7327d91 100644
401 -static pteval_t pte_pfn_to_mfn(pteval_t val)
402 +static pteval_t __intentional_overflow(-1) pte_pfn_to_mfn(pteval_t val)
403 {
404 - if (val & _PAGE_PRESENT) {
405 + if (pteval_present(val)) {
406 unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT;
407 @@ -1894,6 +1894,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
408 /* L3_k[510] -> level2_kernel_pgt
409 @@ -38960,10 +38908,10 @@ index 1026743..80b081c 100644
410 EXPORT_SYMBOL_GPL(edac_device_alloc_index);
411
412 diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c
413 -index 9f7e0e60..348c875 100644
414 +index e5bdf21..b8f9055 100644
415 --- a/drivers/edac/edac_mc_sysfs.c
416 +++ b/drivers/edac/edac_mc_sysfs.c
417 -@@ -150,7 +150,7 @@ static const char * const edac_caps[] = {
418 +@@ -152,7 +152,7 @@ static const char * const edac_caps[] = {
419 struct dev_ch_attribute {
420 struct device_attribute attr;
421 int channel;
422 @@ -38972,7 +38920,7 @@ index 9f7e0e60..348c875 100644
423
424 #define DEVICE_CHANNEL(_name, _mode, _show, _store, _var) \
425 struct dev_ch_attribute dev_attr_legacy_##_name = \
426 -@@ -1007,14 +1007,16 @@ int edac_create_sysfs_mci_device(struct mem_ctl_info *mci)
427 +@@ -1009,14 +1009,16 @@ int edac_create_sysfs_mci_device(struct mem_ctl_info *mci)
428 }
429
430 if (mci->set_sdram_scrub_rate || mci->get_sdram_scrub_rate) {
431 @@ -39724,10 +39672,10 @@ index 3c59584..500f2e9 100644
432
433 return ret;
434 diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c
435 -index f13d5ed..8e6f36d 100644
436 +index a209177..842a89a 100644
437 --- a/drivers/gpu/drm/i915/i915_irq.c
438 +++ b/drivers/gpu/drm/i915/i915_irq.c
439 -@@ -1420,7 +1420,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg)
440 +@@ -1419,7 +1419,7 @@ static irqreturn_t valleyview_irq_handler(int irq, void *arg)
441 int pipe;
442 u32 pipe_stats[I915_MAX_PIPES];
443
444 @@ -39736,7 +39684,7 @@ index f13d5ed..8e6f36d 100644
445
446 while (true) {
447 iir = I915_READ(VLV_IIR);
448 -@@ -1730,7 +1730,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg)
449 +@@ -1729,7 +1729,7 @@ static irqreturn_t ironlake_irq_handler(int irq, void *arg)
450 u32 de_iir, gt_iir, de_ier, sde_ier = 0;
451 irqreturn_t ret = IRQ_NONE;
452
453 @@ -39745,7 +39693,7 @@ index f13d5ed..8e6f36d 100644
454
455 /* We get interrupts on unclaimed registers, so check for this before we
456 * do any I915_{READ,WRITE}. */
457 -@@ -1800,7 +1800,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg)
458 +@@ -1799,7 +1799,7 @@ static irqreturn_t gen8_irq_handler(int irq, void *arg)
459 uint32_t tmp = 0;
460 enum pipe pipe;
461
462 @@ -39754,7 +39702,7 @@ index f13d5ed..8e6f36d 100644
463
464 master_ctl = I915_READ(GEN8_MASTER_IRQ);
465 master_ctl &= ~GEN8_MASTER_IRQ_CONTROL;
466 -@@ -2624,7 +2624,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev)
467 +@@ -2623,7 +2623,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev)
468 {
469 drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
470
471 @@ -39763,7 +39711,7 @@ index f13d5ed..8e6f36d 100644
472
473 I915_WRITE(HWSTAM, 0xeffe);
474
475 -@@ -2642,7 +2642,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev)
476 +@@ -2641,7 +2641,7 @@ static void valleyview_irq_preinstall(struct drm_device *dev)
477 drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
478 int pipe;
479
480 @@ -39772,7 +39720,7 @@ index f13d5ed..8e6f36d 100644
481
482 /* VLV magic */
483 I915_WRITE(VLV_IMR, 0);
484 -@@ -2673,7 +2673,7 @@ static void gen8_irq_preinstall(struct drm_device *dev)
485 +@@ -2672,7 +2672,7 @@ static void gen8_irq_preinstall(struct drm_device *dev)
486 struct drm_i915_private *dev_priv = dev->dev_private;
487 int pipe;
488
489 @@ -39781,7 +39729,7 @@ index f13d5ed..8e6f36d 100644
490
491 I915_WRITE(GEN8_MASTER_IRQ, 0);
492 POSTING_READ(GEN8_MASTER_IRQ);
493 -@@ -2999,7 +2999,7 @@ static void gen8_irq_uninstall(struct drm_device *dev)
494 +@@ -2998,7 +2998,7 @@ static void gen8_irq_uninstall(struct drm_device *dev)
495 if (!dev_priv)
496 return;
497
498 @@ -39790,7 +39738,7 @@ index f13d5ed..8e6f36d 100644
499
500 I915_WRITE(GEN8_MASTER_IRQ, 0);
501
502 -@@ -3093,7 +3093,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev)
503 +@@ -3092,7 +3092,7 @@ static void i8xx_irq_preinstall(struct drm_device * dev)
504 drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
505 int pipe;
506
507 @@ -39799,7 +39747,7 @@ index f13d5ed..8e6f36d 100644
508
509 for_each_pipe(pipe)
510 I915_WRITE(PIPESTAT(pipe), 0);
511 -@@ -3179,7 +3179,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg)
512 +@@ -3178,7 +3178,7 @@ static irqreturn_t i8xx_irq_handler(int irq, void *arg)
513 I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT |
514 I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT;
515
516 @@ -39808,7 +39756,7 @@ index f13d5ed..8e6f36d 100644
517
518 iir = I915_READ16(IIR);
519 if (iir == 0)
520 -@@ -3254,7 +3254,7 @@ static void i915_irq_preinstall(struct drm_device * dev)
521 +@@ -3253,7 +3253,7 @@ static void i915_irq_preinstall(struct drm_device * dev)
522 drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
523 int pipe;
524
525 @@ -39817,7 +39765,7 @@ index f13d5ed..8e6f36d 100644
526
527 if (I915_HAS_HOTPLUG(dev)) {
528 I915_WRITE(PORT_HOTPLUG_EN, 0);
529 -@@ -3361,7 +3361,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg)
530 +@@ -3360,7 +3360,7 @@ static irqreturn_t i915_irq_handler(int irq, void *arg)
531 I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT;
532 int pipe, ret = IRQ_NONE;
533
534 @@ -39826,7 +39774,7 @@ index f13d5ed..8e6f36d 100644
535
536 iir = I915_READ(IIR);
537 do {
538 -@@ -3488,7 +3488,7 @@ static void i965_irq_preinstall(struct drm_device * dev)
539 +@@ -3487,7 +3487,7 @@ static void i965_irq_preinstall(struct drm_device * dev)
540 drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
541 int pipe;
542
543 @@ -39835,7 +39783,7 @@ index f13d5ed..8e6f36d 100644
544
545 I915_WRITE(PORT_HOTPLUG_EN, 0);
546 I915_WRITE(PORT_HOTPLUG_STAT, I915_READ(PORT_HOTPLUG_STAT));
547 -@@ -3604,7 +3604,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg)
548 +@@ -3603,7 +3603,7 @@ static irqreturn_t i965_irq_handler(int irq, void *arg)
549 I915_DISPLAY_PLANE_A_FLIP_PENDING_INTERRUPT |
550 I915_DISPLAY_PLANE_B_FLIP_PENDING_INTERRUPT;
551
552 @@ -43638,7 +43586,7 @@ index 3e6d115..ffecdeb 100644
553 /*----------------------------------------------------------------*/
554
555 diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c
556 -index a49cfcc..20b9a65 100644
557 +index 63b2e8d..225f16b 100644
558 --- a/drivers/md/raid1.c
559 +++ b/drivers/md/raid1.c
560 @@ -1921,7 +1921,7 @@ static int fix_sync_read_error(struct r1bio *r1_bio)
561 @@ -43650,7 +43598,7 @@ index a49cfcc..20b9a65 100644
562 }
563 sectors -= s;
564 sect += s;
565 -@@ -2148,7 +2148,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk,
566 +@@ -2155,7 +2155,7 @@ static void fix_read_error(struct r1conf *conf, int read_disk,
567 test_bit(In_sync, &rdev->flags)) {
568 if (r1_sync_page_io(rdev, sect, s,
569 conf->tmppage, READ)) {
570 @@ -43723,7 +43671,7 @@ index 06eeb99..770613e 100644
571
572 rdev_dec_pending(rdev, mddev);
573 diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c
574 -index 03f82ab..374bb38 100644
575 +index 48cdec8..c7726b1 100644
576 --- a/drivers/md/raid5.c
577 +++ b/drivers/md/raid5.c
578 @@ -1991,21 +1991,21 @@ static void raid5_end_read_request(struct bio * bi, int error)
579 @@ -49132,10 +49080,10 @@ index df5e961..df6b97f 100644
580 return blk_trace_startstop(sdp->device->request_queue, 1);
581 case BLKTRACESTOP:
582 diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c
583 -index d745f95..6bef2fc 100644
584 +index 349ebba..ff2a249 100644
585 --- a/drivers/spi/spi.c
586 +++ b/drivers/spi/spi.c
587 -@@ -1947,7 +1947,7 @@ int spi_bus_unlock(struct spi_master *master)
588 +@@ -1945,7 +1945,7 @@ int spi_bus_unlock(struct spi_master *master)
589 EXPORT_SYMBOL_GPL(spi_bus_unlock);
590
591 /* portable code must never pass more than 32 bytes */
592 @@ -49357,6 +49305,19 @@ index f3108c7..cd4f9da 100644
593 };
594
595 extern int insert_proc(void);
596 +diff --git a/drivers/staging/lustre/lustre/llite/dir.c b/drivers/staging/lustre/lustre/llite/dir.c
597 +index a4e0472..05d854c 100644
598 +--- a/drivers/staging/lustre/lustre/llite/dir.c
599 ++++ b/drivers/staging/lustre/lustre/llite/dir.c
600 +@@ -660,7 +660,7 @@ int ll_dir_setdirstripe(struct inode *dir, struct lmv_user_md *lump,
601 + int mode;
602 + int err;
603 +
604 +- mode = (0755 & (S_IRWXUGO|S_ISVTX) & ~current->fs->umask) | S_IFDIR;
605 ++ mode = (0755 & (S_IRWXUGO|S_ISVTX) & ~current_umask()) | S_IFDIR;
606 + op_data = ll_prep_md_op_data(NULL, dir, NULL, filename,
607 + strlen(filename), mode, LUSTRE_OPC_MKDIR,
608 + lump);
609 diff --git a/drivers/staging/media/solo6x10/solo6x10-core.c b/drivers/staging/media/solo6x10/solo6x10-core.c
610 index 3675020..e80d92c 100644
611 --- a/drivers/staging/media/solo6x10/solo6x10-core.c
612 @@ -50070,10 +50031,10 @@ index 1deaca4..c8582d4 100644
613 tty_port_tty_set(&ch->port, tty);
614 mutex_lock(&ch->port.mutex);
615 diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c
616 -index c0f76da..d974c32 100644
617 +index 5056090..c80ca04 100644
618 --- a/drivers/tty/n_gsm.c
619 +++ b/drivers/tty/n_gsm.c
620 -@@ -1632,7 +1632,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
621 +@@ -1643,7 +1643,7 @@ static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
622 spin_lock_init(&dlci->lock);
623 mutex_init(&dlci->mutex);
624 dlci->fifo = &dlci->_fifo;
625 @@ -50082,7 +50043,7 @@ index c0f76da..d974c32 100644
626 kfree(dlci);
627 return NULL;
628 }
629 -@@ -2935,7 +2935,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp)
630 +@@ -2946,7 +2946,7 @@ static int gsmtty_open(struct tty_struct *tty, struct file *filp)
631 struct gsm_dlci *dlci = tty->driver_data;
632 struct tty_port *port = &dlci->port;
633
634 @@ -50092,7 +50053,7 @@ index c0f76da..d974c32 100644
635 dlci_get(dlci->gsm->dlci[0]);
636 mux_get(dlci->gsm);
637 diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c
638 -index 34aacaa..dad073b 100644
639 +index 4c10837..a40ec45 100644
640 --- a/drivers/tty/n_tty.c
641 +++ b/drivers/tty/n_tty.c
642 @@ -114,7 +114,7 @@ struct n_tty_data {
643 @@ -50104,7 +50065,7 @@ index 34aacaa..dad073b 100644
644 size_t line_start;
645
646 /* protected by output lock */
647 -@@ -2502,6 +2502,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops)
648 +@@ -2504,6 +2504,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops)
649 {
650 *ops = tty_ldisc_N_TTY;
651 ops->owner = NULL;
652 @@ -50974,19 +50935,6 @@ index d0e3a44..5f8b754 100644
653 if (!perm) {
654 ret = -EPERM;
655 goto reterr;
656 -diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c
657 -index 61b1137..23b5d32 100644
658 ---- a/drivers/tty/vt/vt.c
659 -+++ b/drivers/tty/vt/vt.c
660 -@@ -1164,6 +1164,8 @@ static void csi_J(struct vc_data *vc, int vpar)
661 - scr_memsetw(vc->vc_screenbuf, vc->vc_video_erase_char,
662 - vc->vc_screenbuf_size >> 1);
663 - set_origin(vc);
664 -+ if (CON_IS_VISIBLE(vc))
665 -+ update_screen(vc);
666 - /* fall through */
667 - case 2: /* erase whole display */
668 - count = vc->vc_cols * vc->vc_rows;
669 diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c
670 index a673e5b..36e5d32 100644
671 --- a/drivers/uio/uio.c
672 @@ -51245,10 +51193,10 @@ index 967152a..16fa2e5 100644
673 dev->rawdescriptors[i] + (*ppos - pos),
674 min(len, alloclen))) {
675 diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
676 -index 6bffb8c..b404e8b 100644
677 +index d39106c..bfe13a4 100644
678 --- a/drivers/usb/core/hcd.c
679 +++ b/drivers/usb/core/hcd.c
680 -@@ -1550,7 +1550,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
681 +@@ -1549,7 +1549,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
682 */
683 usb_get_urb(urb);
684 atomic_inc(&urb->use_count);
685 @@ -51257,7 +51205,7 @@ index 6bffb8c..b404e8b 100644
686 usbmon_urb_submit(&hcd->self, urb);
687
688 /* NOTE requirements on root-hub callers (usbfs and the hub
689 -@@ -1577,7 +1577,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
690 +@@ -1576,7 +1576,7 @@ int usb_hcd_submit_urb (struct urb *urb, gfp_t mem_flags)
691 urb->hcpriv = NULL;
692 INIT_LIST_HEAD(&urb->urb_list);
693 atomic_dec(&urb->use_count);
694 @@ -51267,7 +51215,7 @@ index 6bffb8c..b404e8b 100644
695 wake_up(&usb_kill_urb_queue);
696 usb_put_urb(urb);
697 diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
698 -index 07e6654..6420edf 100644
699 +index ebcd3bf..be93a64 100644
700 --- a/drivers/usb/core/hub.c
701 +++ b/drivers/usb/core/hub.c
702 @@ -27,6 +27,7 @@
703 @@ -51278,7 +51226,7 @@ index 07e6654..6420edf 100644
704
705 #include <asm/uaccess.h>
706 #include <asm/byteorder.h>
707 -@@ -4442,6 +4443,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1,
708 +@@ -4437,6 +4438,10 @@ static void hub_port_connect_change(struct usb_hub *hub, int port1,
709 goto done;
710 return;
711 }
712 @@ -56828,10 +56776,10 @@ index 849f613..eae6dec 100644
713
714 atomic_set(&midCount, 0);
715 diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
716 -index f918a99..bb300d5 100644
717 +index 579c6d5..95b6d03353 100644
718 --- a/fs/cifs/cifsglob.h
719 +++ b/fs/cifs/cifsglob.h
720 -@@ -787,35 +787,35 @@ struct cifs_tcon {
721 +@@ -797,35 +797,35 @@ struct cifs_tcon {
722 __u16 Flags; /* optional support bits */
723 enum statusEnum tidStatus;
724 #ifdef CONFIG_CIFS_STATS
725 @@ -56891,7 +56839,7 @@ index f918a99..bb300d5 100644
726 } smb2_stats;
727 #endif /* CONFIG_CIFS_SMB2 */
728 } stats;
729 -@@ -1145,7 +1145,7 @@ convert_delimiter(char *path, char delim)
730 +@@ -1155,7 +1155,7 @@ convert_delimiter(char *path, char delim)
731 }
732
733 #ifdef CONFIG_CIFS_STATS
734 @@ -56900,7 +56848,7 @@ index f918a99..bb300d5 100644
735
736 static inline void cifs_stats_bytes_written(struct cifs_tcon *tcon,
737 unsigned int bytes)
738 -@@ -1511,8 +1511,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount;
739 +@@ -1521,8 +1521,8 @@ GLOBAL_EXTERN atomic_t tconInfoReconnectCount;
740 /* Various Debug counters */
741 GLOBAL_EXTERN atomic_t bufAllocCount; /* current number allocated */
742 #ifdef CONFIG_CIFS_STATS2
743 @@ -57013,7 +56961,7 @@ index 2f9f379..43f8025 100644
744
745 }
746 diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c
747 -index 5f5ba0d..8d6ef7d 100644
748 +index ffc9ef9..b3c992b 100644
749 --- a/fs/cifs/smb1ops.c
750 +++ b/fs/cifs/smb1ops.c
751 @@ -609,27 +609,27 @@ static void
752 @@ -58958,7 +58906,7 @@ index 999ff5c..41f4109 100644
753 sizeof(struct file_handle) + handle_bytes))
754 retval = -EFAULT;
755 diff --git a/fs/file.c b/fs/file.c
756 -index 4a78f98..f9a6d25 100644
757 +index 9de2026..8e334ca 100644
758 --- a/fs/file.c
759 +++ b/fs/file.c
760 @@ -16,6 +16,7 @@
761 @@ -61499,22 +61447,6 @@ index f4ccfe6..a5cf064 100644
762
763 static struct callback_op callback_ops[];
764
765 -diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
766 -index 812154a..c442a74 100644
767 ---- a/fs/nfs/dir.c
768 -+++ b/fs/nfs/dir.c
769 -@@ -1837,6 +1837,11 @@ int nfs_symlink(struct inode *dir, struct dentry *dentry, const char *symname)
770 - GFP_KERNEL)) {
771 - SetPageUptodate(page);
772 - unlock_page(page);
773 -+ /*
774 -+ * add_to_page_cache_lru() grabs an extra page refcount.
775 -+ * Drop it here to avoid leaking this page later.
776 -+ */
777 -+ page_cache_release(page);
778 - } else
779 - __free_page(page);
780 -
781 diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
782 index 00ad1c2..2fde15e 100644
783 --- a/fs/nfs/inode.c
784 @@ -73717,7 +73649,7 @@ index 0000000..ae6c028
785 +}
786 diff --git a/grsecurity/grsec_ipc.c b/grsecurity/grsec_ipc.c
787 new file mode 100644
788 -index 0000000..78d1680
789 +index 0000000..1773300
790 --- /dev/null
791 +++ b/grsecurity/grsec_ipc.c
792 @@ -0,0 +1,48 @@
793 @@ -73740,7 +73672,7 @@ index 0000000..78d1680
794 + kgid_t egid;
795 +
796 + if (!grsec_enable_harden_ipc)
797 -+ return 0;
798 ++ return 1;
799 +
800 + euid = current_euid();
801 + egid = current_egid();
802 @@ -76610,7 +76542,7 @@ index 19f6003..90b64f4 100644
803 asmlinkage long compat_sys_lookup_dcookie(u32, u32, char __user *, compat_size_t);
804 /*
805 diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h
806 -index ded4299..55203f8 100644
807 +index 2507fd2..55203f8 100644
808 --- a/include/linux/compiler-gcc4.h
809 +++ b/include/linux/compiler-gcc4.h
810 @@ -39,9 +39,34 @@
811 @@ -76648,19 +76580,6 @@ index ded4299..55203f8 100644
812 /*
813 * Mark a position in code as unreachable. This can be used to
814 * suppress control flow warnings after asm blocks that transfer
815 -@@ -75,11 +100,7 @@
816 - *
817 - * (asm goto is automatically volatile - the naming reflects this.)
818 - */
819 --#if GCC_VERSION <= 40801
820 --# define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0)
821 --#else
822 --# define asm_volatile_goto(x...) do { asm goto(x); } while (0)
823 --#endif
824 -+#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0)
825 -
826 - #ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP
827 - #if GCC_VERSION >= 40400
828 diff --git a/include/linux/compiler.h b/include/linux/compiler.h
829 index 92669cd..cc564c0 100644
830 --- a/include/linux/compiler.h
831 @@ -81754,7 +81673,7 @@ index 99c1b4d..562e6f3 100644
832
833 static inline void put_unaligned_le16(u16 val, void *p)
834 diff --git a/include/linux/usb.h b/include/linux/usb.h
835 -index 512ab16..f53e1bf 100644
836 +index 7454865..29f4bfa 100644
837 --- a/include/linux/usb.h
838 +++ b/include/linux/usb.h
839 @@ -563,7 +563,7 @@ struct usb_device {
840 @@ -81766,7 +81685,7 @@ index 512ab16..f53e1bf 100644
841
842 unsigned long active_duration;
843
844 -@@ -1643,7 +1643,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in,
845 +@@ -1641,7 +1641,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in,
846
847 extern int usb_control_msg(struct usb_device *dev, unsigned int pipe,
848 __u8 request, __u8 requesttype, __u16 value, __u16 index,
849 @@ -89450,7 +89369,7 @@ index 38463d2..68abe92 100644
850
851 ftrace_graph_active++;
852 diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
853 -index cc2f66f..05edd54 100644
854 +index 0e337ee..3370631 100644
855 --- a/kernel/trace/ring_buffer.c
856 +++ b/kernel/trace/ring_buffer.c
857 @@ -352,9 +352,9 @@ struct buffer_data_page {
858 @@ -89585,7 +89504,7 @@ index cc2f66f..05edd54 100644
859
860 /* set write to only the index of the write */
861 write &= RB_WRITE_MASK;
862 -@@ -2408,7 +2408,7 @@ __rb_reserve_next(struct ring_buffer_per_cpu *cpu_buffer,
863 +@@ -2415,7 +2415,7 @@ __rb_reserve_next(struct ring_buffer_per_cpu *cpu_buffer,
864 kmemcheck_annotate_bitfield(event, bitfield);
865 rb_update_event(cpu_buffer, event, length, add_timestamp, delta);
866
867 @@ -89594,7 +89513,7 @@ index cc2f66f..05edd54 100644
868
869 /*
870 * If this is the first commit on the page, then update
871 -@@ -2441,7 +2441,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer,
872 +@@ -2448,7 +2448,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer,
873
874 if (bpage->page == (void *)addr && rb_page_write(bpage) == old_index) {
875 unsigned long write_mask =
876 @@ -89603,7 +89522,7 @@ index cc2f66f..05edd54 100644
877 unsigned long event_length = rb_event_length(event);
878 /*
879 * This is on the tail page. It is possible that
880 -@@ -2451,7 +2451,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer,
881 +@@ -2458,7 +2458,7 @@ rb_try_to_discard(struct ring_buffer_per_cpu *cpu_buffer,
882 */
883 old_index += write_mask;
884 new_index += write_mask;
885 @@ -89612,7 +89531,7 @@ index cc2f66f..05edd54 100644
886 if (index == old_index) {
887 /* update counters */
888 local_sub(event_length, &cpu_buffer->entries_bytes);
889 -@@ -2843,7 +2843,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer,
890 +@@ -2850,7 +2850,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer,
891
892 /* Do the likely case first */
893 if (likely(bpage->page == (void *)addr)) {
894 @@ -89621,7 +89540,7 @@ index cc2f66f..05edd54 100644
895 return;
896 }
897
898 -@@ -2855,7 +2855,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer,
899 +@@ -2862,7 +2862,7 @@ rb_decrement_entry(struct ring_buffer_per_cpu *cpu_buffer,
900 start = bpage;
901 do {
902 if (bpage->page == (void *)addr) {
903 @@ -89630,7 +89549,7 @@ index cc2f66f..05edd54 100644
904 return;
905 }
906 rb_inc_page(cpu_buffer, &bpage);
907 -@@ -3139,7 +3139,7 @@ static inline unsigned long
908 +@@ -3146,7 +3146,7 @@ static inline unsigned long
909 rb_num_of_entries(struct ring_buffer_per_cpu *cpu_buffer)
910 {
911 return local_read(&cpu_buffer->entries) -
912 @@ -89639,7 +89558,7 @@ index cc2f66f..05edd54 100644
913 }
914
915 /**
916 -@@ -3228,7 +3228,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu)
917 +@@ -3235,7 +3235,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu)
918 return 0;
919
920 cpu_buffer = buffer->buffers[cpu];
921 @@ -89648,7 +89567,7 @@ index cc2f66f..05edd54 100644
922
923 return ret;
924 }
925 -@@ -3251,7 +3251,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu)
926 +@@ -3258,7 +3258,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu)
927 return 0;
928
929 cpu_buffer = buffer->buffers[cpu];
930 @@ -89657,7 +89576,7 @@ index cc2f66f..05edd54 100644
931
932 return ret;
933 }
934 -@@ -3336,7 +3336,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer)
935 +@@ -3343,7 +3343,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer)
936 /* if you care about this being correct, lock the buffer */
937 for_each_buffer_cpu(buffer, cpu) {
938 cpu_buffer = buffer->buffers[cpu];
939 @@ -89666,7 +89585,7 @@ index cc2f66f..05edd54 100644
940 }
941
942 return overruns;
943 -@@ -3512,8 +3512,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
944 +@@ -3519,8 +3519,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
945 /*
946 * Reset the reader page to size zero.
947 */
948 @@ -89677,7 +89596,7 @@ index cc2f66f..05edd54 100644
949 local_set(&cpu_buffer->reader_page->page->commit, 0);
950 cpu_buffer->reader_page->real_end = 0;
951
952 -@@ -3547,7 +3547,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
953 +@@ -3554,7 +3554,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
954 * want to compare with the last_overrun.
955 */
956 smp_mb();
957 @@ -89686,7 +89605,7 @@ index cc2f66f..05edd54 100644
958
959 /*
960 * Here's the tricky part.
961 -@@ -4117,8 +4117,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
962 +@@ -4124,8 +4124,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
963
964 cpu_buffer->head_page
965 = list_entry(cpu_buffer->pages, struct buffer_page, list);
966 @@ -89697,7 +89616,7 @@ index cc2f66f..05edd54 100644
967 local_set(&cpu_buffer->head_page->page->commit, 0);
968
969 cpu_buffer->head_page->read = 0;
970 -@@ -4128,14 +4128,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
971 +@@ -4135,14 +4135,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
972
973 INIT_LIST_HEAD(&cpu_buffer->reader_page->list);
974 INIT_LIST_HEAD(&cpu_buffer->new_pages);
975 @@ -89716,7 +89635,7 @@ index cc2f66f..05edd54 100644
976 local_set(&cpu_buffer->dropped_events, 0);
977 local_set(&cpu_buffer->entries, 0);
978 local_set(&cpu_buffer->committing, 0);
979 -@@ -4540,8 +4540,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer,
980 +@@ -4547,8 +4547,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer,
981 rb_init_page(bpage);
982 bpage = reader->page;
983 reader->page = *data_page;
984 @@ -90478,6 +90397,19 @@ index 7811ed3..f80ca19 100644
985
986 static inline void *ptr_to_indirect(void *ptr)
987 {
988 +diff --git a/lib/random32.c b/lib/random32.c
989 +index 1e5b2df..fb616c7 100644
990 +--- a/lib/random32.c
991 ++++ b/lib/random32.c
992 +@@ -44,7 +44,7 @@
993 + static void __init prandom_state_selftest(void);
994 + #endif
995 +
996 +-static DEFINE_PER_CPU(struct rnd_state, net_rand_state);
997 ++static DEFINE_PER_CPU(struct rnd_state, net_rand_state) __latent_entropy;
998 +
999 + /**
1000 + * prandom_u32_state - seeded pseudo-random number generator.
1001 diff --git a/lib/rbtree.c b/lib/rbtree.c
1002 index 65f4eff..2cfa167 100644
1003 --- a/lib/rbtree.c
1004 @@ -91102,7 +91034,7 @@ index 539eeb9..e24a987 100644
1005 if (end == start)
1006 return error;
1007 diff --git a/mm/memory-failure.c b/mm/memory-failure.c
1008 -index 6420be5..b7b7c8f 100644
1009 +index 90977ac..487ab84 100644
1010 --- a/mm/memory-failure.c
1011 +++ b/mm/memory-failure.c
1012 @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0;
1013 @@ -91132,7 +91064,7 @@ index 6420be5..b7b7c8f 100644
1014 { reserved, reserved, "reserved kernel", me_kernel },
1015 /*
1016 * free pages are specially detected outside this table:
1017 -@@ -1060,7 +1060,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1018 +@@ -1062,7 +1062,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1019 nr_pages = 1 << compound_order(hpage);
1020 else /* normal page or thp */
1021 nr_pages = 1;
1022 @@ -91141,7 +91073,7 @@ index 6420be5..b7b7c8f 100644
1023
1024 /*
1025 * We need/can do nothing about count=0 pages.
1026 -@@ -1090,7 +1090,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1027 +@@ -1092,7 +1092,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1028 if (!PageHWPoison(hpage)
1029 || (hwpoison_filter(p) && TestClearPageHWPoison(p))
1030 || (p != hpage && TestSetPageHWPoison(hpage))) {
1031 @@ -91150,7 +91082,7 @@ index 6420be5..b7b7c8f 100644
1032 return 0;
1033 }
1034 set_page_hwpoison_huge_page(hpage);
1035 -@@ -1159,7 +1159,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1036 +@@ -1161,7 +1161,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags)
1037 }
1038 if (hwpoison_filter(p)) {
1039 if (TestClearPageHWPoison(p))
1040 @@ -91159,7 +91091,7 @@ index 6420be5..b7b7c8f 100644
1041 unlock_page(hpage);
1042 put_page(hpage);
1043 return 0;
1044 -@@ -1381,7 +1381,7 @@ int unpoison_memory(unsigned long pfn)
1045 +@@ -1383,7 +1383,7 @@ int unpoison_memory(unsigned long pfn)
1046 return 0;
1047 }
1048 if (TestClearPageHWPoison(p))
1049 @@ -91168,7 +91100,7 @@ index 6420be5..b7b7c8f 100644
1050 pr_info("MCE: Software-unpoisoned free page %#lx\n", pfn);
1051 return 0;
1052 }
1053 -@@ -1395,7 +1395,7 @@ int unpoison_memory(unsigned long pfn)
1054 +@@ -1397,7 +1397,7 @@ int unpoison_memory(unsigned long pfn)
1055 */
1056 if (TestClearPageHWPoison(page)) {
1057 pr_info("MCE: Software-unpoisoned page %#lx\n", pfn);
1058 @@ -91177,7 +91109,7 @@ index 6420be5..b7b7c8f 100644
1059 freeit = 1;
1060 if (PageHuge(page))
1061 clear_page_hwpoison_huge_page(page);
1062 -@@ -1520,11 +1520,11 @@ static int soft_offline_huge_page(struct page *page, int flags)
1063 +@@ -1522,11 +1522,11 @@ static int soft_offline_huge_page(struct page *page, int flags)
1064 if (PageHuge(page)) {
1065 set_page_hwpoison_huge_page(hpage);
1066 dequeue_hwpoisoned_huge_page(hpage);
1067 @@ -91191,7 +91123,7 @@ index 6420be5..b7b7c8f 100644
1068 }
1069 }
1070 return ret;
1071 -@@ -1563,7 +1563,7 @@ static int __soft_offline_page(struct page *page, int flags)
1072 +@@ -1565,7 +1565,7 @@ static int __soft_offline_page(struct page *page, int flags)
1073 put_page(page);
1074 pr_info("soft_offline: %#lx: invalidated\n", pfn);
1075 SetPageHWPoison(page);
1076 @@ -91200,7 +91132,7 @@ index 6420be5..b7b7c8f 100644
1077 return 0;
1078 }
1079
1080 -@@ -1608,7 +1608,7 @@ static int __soft_offline_page(struct page *page, int flags)
1081 +@@ -1610,7 +1610,7 @@ static int __soft_offline_page(struct page *page, int flags)
1082 if (!is_free_buddy_page(page))
1083 pr_info("soft offline: %#lx: page leaked\n",
1084 pfn);
1085 @@ -91209,7 +91141,7 @@ index 6420be5..b7b7c8f 100644
1086 }
1087 } else {
1088 pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n",
1089 -@@ -1682,11 +1682,11 @@ int soft_offline_page(struct page *page, int flags)
1090 +@@ -1684,11 +1684,11 @@ int soft_offline_page(struct page *page, int flags)
1091 if (PageHuge(page)) {
1092 set_page_hwpoison_huge_page(hpage);
1093 dequeue_hwpoisoned_huge_page(hpage);
1094 @@ -99073,7 +99005,7 @@ index da1a1ce..571db8d 100644
1095 if (inet->cmsg_flags)
1096 ip_cmsg_recv(msg, skb);
1097 diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
1098 -index 364ce0c..3ebb5a4 100644
1099 +index b4b61b2..ac84a257 100644
1100 --- a/net/mac80211/cfg.c
1101 +++ b/net/mac80211/cfg.c
1102 @@ -826,7 +826,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy,
1103 @@ -99085,7 +99017,7 @@ index 364ce0c..3ebb5a4 100644
1104 local->_oper_chandef = *chandef;
1105 ieee80211_hw_config(local, 0);
1106 }
1107 -@@ -3308,7 +3308,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy,
1108 +@@ -3311,7 +3311,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy,
1109 else
1110 local->probe_req_reg--;
1111
1112 @@ -99094,7 +99026,7 @@ index 364ce0c..3ebb5a4 100644
1113 break;
1114
1115 ieee80211_queue_work(&local->hw, &local->reconfig_filter);
1116 -@@ -3771,8 +3771,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy,
1117 +@@ -3774,8 +3774,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy,
1118 if (chanctx_conf) {
1119 *chandef = chanctx_conf->def;
1120 ret = 0;
1121 @@ -102033,7 +101965,7 @@ index 2dcb377..a82c500 100644
1122 kallsymso=""
1123 kallsyms_vmlinux=""
1124 diff --git a/scripts/mod/file2alias.c b/scripts/mod/file2alias.c
1125 -index 2370863..212fbca 100644
1126 +index 25e5cb0..6e85821 100644
1127 --- a/scripts/mod/file2alias.c
1128 +++ b/scripts/mod/file2alias.c
1129 @@ -142,7 +142,7 @@ static void device_id_check(const char *modname, const char *device_id,
1130 @@ -106500,10 +106432,10 @@ index 0000000..dd73713
1131 +}
1132 diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c
1133 new file mode 100644
1134 -index 0000000..7e39d81
1135 +index 0000000..1a98bed
1136 --- /dev/null
1137 +++ b/tools/gcc/latent_entropy_plugin.c
1138 -@@ -0,0 +1,403 @@
1139 +@@ -0,0 +1,451 @@
1140 +/*
1141 + * Copyright 2012-2014 by the PaX Team <pageexec@××××××××.hu>
1142 + * Licensed under the GPL v2
1143 @@ -106532,7 +106464,7 @@ index 0000000..7e39d81
1144 +static tree latent_entropy_decl;
1145 +
1146 +static struct plugin_info latent_entropy_plugin_info = {
1147 -+ .version = "201402210120",
1148 ++ .version = "201402240545",
1149 + .help = NULL
1150 +};
1151 +
1152 @@ -106555,6 +106487,12 @@ index 0000000..7e39d81
1153 +static tree handle_latent_entropy_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs)
1154 +{
1155 + tree type;
1156 ++ unsigned long long mask;
1157 ++#if BUILDING_GCC_VERSION <= 4007
1158 ++ VEC(constructor_elt, gc) *vals;
1159 ++#else
1160 ++ vec<constructor_elt, va_gc> *vals;
1161 ++#endif
1162 +
1163 + switch (TREE_CODE(*node)) {
1164 + default:
1165 @@ -106579,22 +106517,64 @@ index 0000000..7e39d81
1166 + switch (TREE_CODE(type)) {
1167 + default:
1168 + *no_add_attrs = true;
1169 -+ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type", *node, name);
1170 ++ error("variable %qD with %qE attribute must be an integer or a fixed length integer array type or a fixed sized structure with integer fields", *node, name);
1171 ++ break;
1172 ++
1173 ++ case RECORD_TYPE: {
1174 ++ tree field;
1175 ++ unsigned int nelt = 0;
1176 ++
1177 ++ for (field = TYPE_FIELDS(type); field; nelt++, field = TREE_CHAIN(field)) {
1178 ++ tree fieldtype;
1179 ++
1180 ++ fieldtype = TREE_TYPE(field);
1181 ++ if (TREE_CODE(fieldtype) != INTEGER_TYPE) {
1182 ++ *no_add_attrs = true;
1183 ++ error("structure variable %qD with %qE attribute has a non-integer field %qE", *node, name, field);
1184 ++ break;
1185 ++ }
1186 ++ }
1187 ++
1188 ++ if (field)
1189 ++ break;
1190 ++
1191 ++#if BUILDING_GCC_VERSION <= 4007
1192 ++ vals = VEC_alloc(constructor_elt, gc, nelt);
1193 ++#else
1194 ++ vec_alloc(vals, nelt);
1195 ++#endif
1196 ++
1197 ++ for (field = TYPE_FIELDS(type); field; field = TREE_CHAIN(field)) {
1198 ++ tree fieldtype;
1199 ++
1200 ++ fieldtype = TREE_TYPE(field);
1201 ++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(fieldtype)) - 1);
1202 ++ mask = 2 * (mask - 1) + 1;
1203 ++
1204 ++ if (TYPE_UNSIGNED(fieldtype))
1205 ++ CONSTRUCTOR_APPEND_ELT(vals, field, build_int_cstu(fieldtype, mask & get_random_const()));
1206 ++ else
1207 ++ CONSTRUCTOR_APPEND_ELT(vals, field, build_int_cst(fieldtype, mask & get_random_const()));
1208 ++ }
1209 ++
1210 ++ DECL_INITIAL(*node) = build_constructor(type, vals);
1211 ++//debug_tree(DECL_INITIAL(*node));
1212 + break;
1213 ++ }
1214 +
1215 + case INTEGER_TYPE:
1216 -+ DECL_INITIAL(*node) = build_int_cstu(type, get_random_const());
1217 ++ mask = 1ULL << (TREE_INT_CST_LOW(TYPE_SIZE(type)) - 1);
1218 ++ mask = 2 * (mask - 1) + 1;
1219 ++
1220 ++ if (TYPE_UNSIGNED(type))
1221 ++ DECL_INITIAL(*node) = build_int_cstu(type, mask & get_random_const());
1222 ++ else
1223 ++ DECL_INITIAL(*node) = build_int_cst(type, mask & get_random_const());
1224 + break;
1225 +
1226 + case ARRAY_TYPE: {
1227 + tree elt_type, array_size, elt_size;
1228 -+ unsigned long long mask;
1229 + unsigned int i, nelt;
1230 -+#if BUILDING_GCC_VERSION <= 4007
1231 -+ VEC(constructor_elt, gc) *vals;
1232 -+#else
1233 -+ vec<constructor_elt, va_gc> *vals;
1234 -+#endif
1235 +
1236 + elt_type = TREE_TYPE(type);
1237 + elt_size = TYPE_SIZE_UNIT(TREE_TYPE(type));
1238 @@ -106602,7 +106582,7 @@ index 0000000..7e39d81
1239 +
1240 + if (TREE_CODE(elt_type) != INTEGER_TYPE || !array_size || TREE_CODE(array_size) != INTEGER_CST) {
1241 + *no_add_attrs = true;
1242 -+ error("variable %qD with %qE attribute must be a fixed length integer array type", *node, name);
1243 ++ error("array variable %qD with %qE attribute must be a fixed length integer array type", *node, name);
1244 + break;
1245 + }
1246 +
1247
1248 diff --git a/3.13.3/4425_grsec_remove_EI_PAX.patch b/3.13.5/4425_grsec_remove_EI_PAX.patch
1249 similarity index 100%
1250 rename from 3.13.3/4425_grsec_remove_EI_PAX.patch
1251 rename to 3.13.5/4425_grsec_remove_EI_PAX.patch
1252
1253 diff --git a/3.13.3/4427_force_XATTR_PAX_tmpfs.patch b/3.13.5/4427_force_XATTR_PAX_tmpfs.patch
1254 similarity index 100%
1255 rename from 3.13.3/4427_force_XATTR_PAX_tmpfs.patch
1256 rename to 3.13.5/4427_force_XATTR_PAX_tmpfs.patch
1257
1258 diff --git a/3.13.3/4430_grsec-remove-localversion-grsec.patch b/3.13.5/4430_grsec-remove-localversion-grsec.patch
1259 similarity index 100%
1260 rename from 3.13.3/4430_grsec-remove-localversion-grsec.patch
1261 rename to 3.13.5/4430_grsec-remove-localversion-grsec.patch
1262
1263 diff --git a/3.13.3/4435_grsec-mute-warnings.patch b/3.13.5/4435_grsec-mute-warnings.patch
1264 similarity index 100%
1265 rename from 3.13.3/4435_grsec-mute-warnings.patch
1266 rename to 3.13.5/4435_grsec-mute-warnings.patch
1267
1268 diff --git a/3.13.3/4440_grsec-remove-protected-paths.patch b/3.13.5/4440_grsec-remove-protected-paths.patch
1269 similarity index 100%
1270 rename from 3.13.3/4440_grsec-remove-protected-paths.patch
1271 rename to 3.13.5/4440_grsec-remove-protected-paths.patch
1272
1273 diff --git a/3.13.3/4450_grsec-kconfig-default-gids.patch b/3.13.5/4450_grsec-kconfig-default-gids.patch
1274 similarity index 100%
1275 rename from 3.13.3/4450_grsec-kconfig-default-gids.patch
1276 rename to 3.13.5/4450_grsec-kconfig-default-gids.patch
1277
1278 diff --git a/3.13.3/4465_selinux-avc_audit-log-curr_ip.patch b/3.13.5/4465_selinux-avc_audit-log-curr_ip.patch
1279 similarity index 100%
1280 rename from 3.13.3/4465_selinux-avc_audit-log-curr_ip.patch
1281 rename to 3.13.5/4465_selinux-avc_audit-log-curr_ip.patch
1282
1283 diff --git a/3.13.3/4470_disable-compat_vdso.patch b/3.13.5/4470_disable-compat_vdso.patch
1284 similarity index 100%
1285 rename from 3.13.3/4470_disable-compat_vdso.patch
1286 rename to 3.13.5/4470_disable-compat_vdso.patch
1287
1288 diff --git a/3.13.3/4475_emutramp_default_on.patch b/3.13.5/4475_emutramp_default_on.patch
1289 similarity index 100%
1290 rename from 3.13.3/4475_emutramp_default_on.patch
1291 rename to 3.13.5/4475_emutramp_default_on.patch
1292
1293 diff --git a/3.2.55/0000_README b/3.2.55/0000_README
1294 index f58c905..0a4207c 100644
1295 --- a/3.2.55/0000_README
1296 +++ b/3.2.55/0000_README
1297 @@ -138,7 +138,7 @@ Patch: 1054_linux-3.2.55.patch
1298 From: http://www.kernel.org
1299 Desc: Linux 3.2.55
1300
1301 -Patch: 4420_grsecurity-3.0-3.2.55-201402221305.patch
1302 +Patch: 4420_grsecurity-3.0-3.2.55-201402241936.patch
1303 From: http://www.grsecurity.net
1304 Desc: hardened-sources base patch from upstream grsecurity
1305
1306
1307 diff --git a/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch b/3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch
1308 similarity index 99%
1309 rename from 3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch
1310 rename to 3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch
1311 index 8c95615..f875551 100644
1312 --- a/3.2.55/4420_grsecurity-3.0-3.2.55-201402221305.patch
1313 +++ b/3.2.55/4420_grsecurity-3.0-3.2.55-201402241936.patch
1314 @@ -71890,7 +71890,7 @@ index 0000000..7bcfc7a
1315 +}
1316 diff --git a/grsecurity/grsec_ipc.c b/grsecurity/grsec_ipc.c
1317 new file mode 100644
1318 -index 0000000..5377493
1319 +index 0000000..28dbb82
1320 --- /dev/null
1321 +++ b/grsecurity/grsec_ipc.c
1322 @@ -0,0 +1,48 @@
1323 @@ -71913,7 +71913,7 @@ index 0000000..5377493
1324 + gid_t egid;
1325 +
1326 + if (!grsec_enable_harden_ipc)
1327 -+ return 0;
1328 ++ return 1;
1329 +
1330 + euid = current_euid();
1331 + egid = current_egid();
Report Message
Find on MARC Find on Google Groups