1 |
commit: 8b190d8626dc2dd20eed2de289980bc5539492fb |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Aug 30 12:15:40 2014 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Aug 30 12:15:40 2014 +0000 |
6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=8b190d86 |
7 |
|
8 |
Grsec/PaX: 3.0-{3.2.62,3.14.17}-201408260041 |
9 |
|
10 |
--- |
11 |
3.14.17/0000_README | 2 +- |
12 |
...4420_grsecurity-3.0-3.14.17-201408260041.patch} | 281 ++++++++++++-------- |
13 |
3.14.17/4465_selinux-avc_audit-log-curr_ip.patch | 2 +- |
14 |
3.2.62/0000_README | 2 +- |
15 |
... 4420_grsecurity-3.0-3.2.62-201408260037.patch} | 288 +++++++++++++-------- |
16 |
5 files changed, 357 insertions(+), 218 deletions(-) |
17 |
|
18 |
diff --git a/3.14.17/0000_README b/3.14.17/0000_README |
19 |
index 2ab1642..4ec94f3 100644 |
20 |
--- a/3.14.17/0000_README |
21 |
+++ b/3.14.17/0000_README |
22 |
@@ -2,7 +2,7 @@ README |
23 |
----------------------------------------------------------------------------- |
24 |
Individual Patch Descriptions: |
25 |
----------------------------------------------------------------------------- |
26 |
-Patch: 4420_grsecurity-3.0-3.14.17-201408212334.patch |
27 |
+Patch: 4420_grsecurity-3.0-3.14.17-201408260041.patch |
28 |
From: http://www.grsecurity.net |
29 |
Desc: hardened-sources base patch from upstream grsecurity |
30 |
|
31 |
|
32 |
diff --git a/3.14.17/4420_grsecurity-3.0-3.14.17-201408212334.patch b/3.14.17/4420_grsecurity-3.0-3.14.17-201408260041.patch |
33 |
similarity index 99% |
34 |
rename from 3.14.17/4420_grsecurity-3.0-3.14.17-201408212334.patch |
35 |
rename to 3.14.17/4420_grsecurity-3.0-3.14.17-201408260041.patch |
36 |
index bf6a578..c27879a 100644 |
37 |
--- a/3.14.17/4420_grsecurity-3.0-3.14.17-201408212334.patch |
38 |
+++ b/3.14.17/4420_grsecurity-3.0-3.14.17-201408260041.patch |
39 |
@@ -65771,7 +65771,7 @@ index 467bb1c..cf9d65a 100644 |
40 |
return -EINVAL; |
41 |
|
42 |
diff --git a/fs/seq_file.c b/fs/seq_file.c |
43 |
-index 1d641bb..c2f4743 100644 |
44 |
+index 1d641bb..9ca7f61 100644 |
45 |
--- a/fs/seq_file.c |
46 |
+++ b/fs/seq_file.c |
47 |
@@ -10,6 +10,8 @@ |
48 |
@@ -65864,6 +65864,15 @@ index 1d641bb..c2f4743 100644 |
49 |
int res = -ENOMEM; |
50 |
|
51 |
if (op) { |
52 |
+@@ -605,7 +620,7 @@ EXPORT_SYMBOL(single_open); |
53 |
+ int single_open_size(struct file *file, int (*show)(struct seq_file *, void *), |
54 |
+ void *data, size_t size) |
55 |
+ { |
56 |
+- char *buf = kmalloc(size, GFP_KERNEL); |
57 |
++ char *buf = kmalloc(size, GFP_KERNEL | GFP_USERCOPY); |
58 |
+ int ret; |
59 |
+ if (!buf) |
60 |
+ return -ENOMEM; |
61 |
@@ -620,6 +635,17 @@ int single_open_size(struct file *file, int (*show)(struct seq_file *, void *), |
62 |
} |
63 |
EXPORT_SYMBOL(single_open_size); |
64 |
@@ -70448,10 +70457,10 @@ index 0000000..18ffbbd |
65 |
+} |
66 |
diff --git a/grsecurity/gracl_cap.c b/grsecurity/gracl_cap.c |
67 |
new file mode 100644 |
68 |
-index 0000000..bdd51ea |
69 |
+index 0000000..1a94c11 |
70 |
--- /dev/null |
71 |
+++ b/grsecurity/gracl_cap.c |
72 |
-@@ -0,0 +1,110 @@ |
73 |
+@@ -0,0 +1,127 @@ |
74 |
+#include <linux/kernel.h> |
75 |
+#include <linux/module.h> |
76 |
+#include <linux/sched.h> |
77 |
@@ -70462,6 +70471,29 @@ index 0000000..bdd51ea |
78 |
+extern const char *captab_log[]; |
79 |
+extern int captab_log_entries; |
80 |
+ |
81 |
++int gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap) |
82 |
++{ |
83 |
++ struct acl_subject_label *curracl; |
84 |
++ |
85 |
++ if (!gr_acl_is_enabled()) |
86 |
++ return 1; |
87 |
++ |
88 |
++ curracl = task->acl; |
89 |
++ |
90 |
++ if (curracl->mode & (GR_LEARN | GR_INHERITLEARN)) { |
91 |
++ security_learn(GR_LEARN_AUDIT_MSG, task->role->rolename, |
92 |
++ task->role->roletype, GR_GLOBAL_UID(cred->uid), |
93 |
++ GR_GLOBAL_GID(cred->gid), task->exec_file ? |
94 |
++ gr_to_filename(task->exec_file->f_path.dentry, |
95 |
++ task->exec_file->f_path.mnt) : curracl->filename, |
96 |
++ curracl->filename, 0UL, |
97 |
++ 0UL, "", (unsigned long) cap, &task->signal->saved_ip); |
98 |
++ return 1; |
99 |
++ } |
100 |
++ |
101 |
++ return 0; |
102 |
++} |
103 |
++ |
104 |
+int gr_task_acl_is_capable(const struct task_struct *task, const struct cred *cred, const int cap) |
105 |
+{ |
106 |
+ struct acl_subject_label *curracl; |
107 |
@@ -70498,19 +70530,13 @@ index 0000000..bdd51ea |
108 |
+ return 1; |
109 |
+ } |
110 |
+ |
111 |
-+ curracl = task->acl; |
112 |
-+ |
113 |
-+ if ((curracl->mode & (GR_LEARN | GR_INHERITLEARN)) |
114 |
-+ && cap_raised(cred->cap_effective, cap)) { |
115 |
-+ security_learn(GR_LEARN_AUDIT_MSG, task->role->rolename, |
116 |
-+ task->role->roletype, GR_GLOBAL_UID(cred->uid), |
117 |
-+ GR_GLOBAL_GID(cred->gid), task->exec_file ? |
118 |
-+ gr_to_filename(task->exec_file->f_path.dentry, |
119 |
-+ task->exec_file->f_path.mnt) : curracl->filename, |
120 |
-+ curracl->filename, 0UL, |
121 |
-+ 0UL, "", (unsigned long) cap, &task->signal->saved_ip); |
122 |
++ /* only learn the capability use if the process has the capability in the |
123 |
++ general case, the two uses in sys.c of gr_learn_cap are an exception |
124 |
++ to this rule to ensure any role transition involves what the full-learned |
125 |
++ policy believes in a privileged process |
126 |
++ */ |
127 |
++ if (cap_raised(cred->cap_effective, cap) && gr_learn_cap(task, cred, cap)) |
128 |
+ return 1; |
129 |
-+ } |
130 |
+ |
131 |
+ if ((cap >= 0) && (cap < captab_log_entries) && cap_raised(cred->cap_effective, cap) && !cap_raised(cap_audit, cap)) |
132 |
+ gr_log_cap(GR_DONT_AUDIT, GR_CAP_ACL_MSG, task, captab_log[cap]); |
133 |
@@ -74533,10 +74559,10 @@ index 0000000..baa635c |
134 |
+} |
135 |
diff --git a/grsecurity/grsec_disabled.c b/grsecurity/grsec_disabled.c |
136 |
new file mode 100644 |
137 |
-index 0000000..4d6fce8 |
138 |
+index 0000000..1e028d7 |
139 |
--- /dev/null |
140 |
+++ b/grsecurity/grsec_disabled.c |
141 |
-@@ -0,0 +1,433 @@ |
142 |
+@@ -0,0 +1,439 @@ |
143 |
+#include <linux/kernel.h> |
144 |
+#include <linux/module.h> |
145 |
+#include <linux/sched.h> |
146 |
@@ -74578,6 +74604,12 @@ index 0000000..4d6fce8 |
147 |
+ return 0; |
148 |
+} |
149 |
+ |
150 |
++int |
151 |
++gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap) |
152 |
++{ |
153 |
++ return 0; |
154 |
++} |
155 |
++ |
156 |
+void |
157 |
+gr_handle_proc_create(const struct dentry *dentry, const struct inode *inode) |
158 |
+{ |
159 |
@@ -77219,10 +77251,10 @@ index 0000000..61b514e |
160 |
+EXPORT_SYMBOL_GPL(gr_log_timechange); |
161 |
diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c |
162 |
new file mode 100644 |
163 |
-index 0000000..ee57dcf |
164 |
+index 0000000..d1953de |
165 |
--- /dev/null |
166 |
+++ b/grsecurity/grsec_tpe.c |
167 |
-@@ -0,0 +1,73 @@ |
168 |
+@@ -0,0 +1,78 @@ |
169 |
+#include <linux/kernel.h> |
170 |
+#include <linux/sched.h> |
171 |
+#include <linux/file.h> |
172 |
@@ -77236,6 +77268,7 @@ index 0000000..ee57dcf |
173 |
+{ |
174 |
+#ifdef CONFIG_GRKERNSEC |
175 |
+ struct inode *inode = file->f_path.dentry->d_parent->d_inode; |
176 |
++ struct inode *file_inode = file->f_path.dentry->d_inode; |
177 |
+ const struct cred *cred = current_cred(); |
178 |
+ char *msg = NULL; |
179 |
+ char *msg2 = NULL; |
180 |
@@ -77268,6 +77301,8 @@ index 0000000..ee57dcf |
181 |
+ msg2 = "file in world-writable directory"; |
182 |
+ else if (inode->i_mode & S_IWGRP) |
183 |
+ msg2 = "file in group-writable directory"; |
184 |
++ else if (file_inode->i_mode & S_IWOTH) |
185 |
++ msg2 = "file is world-writable"; |
186 |
+ |
187 |
+ if (msg && msg2) { |
188 |
+ char fullmsg[70] = {0}; |
189 |
@@ -77287,6 +77322,8 @@ index 0000000..ee57dcf |
190 |
+ msg = "file in world-writable directory"; |
191 |
+ else if (inode->i_mode & S_IWGRP) |
192 |
+ msg = "file in group-writable directory"; |
193 |
++ else if (file_inode->i_mode & S_IWOTH) |
194 |
++ msg = "file is world-writable"; |
195 |
+ |
196 |
+ if (msg) { |
197 |
+ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, msg, file->f_path.dentry, file->f_path.mnt); |
198 |
@@ -80340,10 +80377,10 @@ index 0000000..b02ba9d |
199 |
+#define GR_MSRWRITE_MSG "denied write to CPU MSR by " |
200 |
diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h |
201 |
new file mode 100644 |
202 |
-index 0000000..b87dd26 |
203 |
+index 0000000..acda855 |
204 |
--- /dev/null |
205 |
+++ b/include/linux/grsecurity.h |
206 |
-@@ -0,0 +1,252 @@ |
207 |
+@@ -0,0 +1,254 @@ |
208 |
+#ifndef GR_SECURITY_H |
209 |
+#define GR_SECURITY_H |
210 |
+#include <linux/fs.h> |
211 |
@@ -80383,6 +80420,8 @@ index 0000000..b87dd26 |
212 |
+int gr_check_user_change(kuid_t real, kuid_t effective, kuid_t fs); |
213 |
+int gr_check_group_change(kgid_t real, kgid_t effective, kgid_t fs); |
214 |
+ |
215 |
++int gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap); |
216 |
++ |
217 |
+void gr_del_task_from_ip_table(struct task_struct *p); |
218 |
+ |
219 |
+int gr_pid_is_chrooted(struct task_struct *p); |
220 |
@@ -86311,10 +86350,25 @@ index 1191a44..7c81292 100644 |
221 |
+} |
222 |
+EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog); |
223 |
diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
224 |
-index 0c753dd..dd7d3d6 100644 |
225 |
+index 0c753dd..3ce8cca 100644 |
226 |
--- a/kernel/cgroup.c |
227 |
+++ b/kernel/cgroup.c |
228 |
-@@ -5372,7 +5372,7 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) |
229 |
+@@ -5190,6 +5190,14 @@ static void cgroup_release_agent(struct work_struct *work) |
230 |
+ release_list); |
231 |
+ list_del_init(&cgrp->release_list); |
232 |
+ raw_spin_unlock(&release_list_lock); |
233 |
++ |
234 |
++ /* |
235 |
++ * don't bother calling call_usermodehelper if we haven't |
236 |
++ * configured a binary to execute |
237 |
++ */ |
238 |
++ if (cgrp->root->release_agent_path[0] == '\0') |
239 |
++ goto continue_free; |
240 |
++ |
241 |
+ pathbuf = kmalloc(PAGE_SIZE, GFP_KERNEL); |
242 |
+ if (!pathbuf) |
243 |
+ goto continue_free; |
244 |
+@@ -5372,7 +5380,7 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) |
245 |
struct css_set *cset = link->cset; |
246 |
struct task_struct *task; |
247 |
int count = 0; |
248 |
@@ -90941,7 +90995,7 @@ index 490fcbb..1e502c6 100644 |
249 |
.thread_should_run = ksoftirqd_should_run, |
250 |
.thread_fn = run_ksoftirqd, |
251 |
diff --git a/kernel/sys.c b/kernel/sys.c |
252 |
-index c0a58be..784c618 100644 |
253 |
+index c0a58be..95e292b 100644 |
254 |
--- a/kernel/sys.c |
255 |
+++ b/kernel/sys.c |
256 |
@@ -148,6 +148,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
257 |
@@ -90957,17 +91011,28 @@ index c0a58be..784c618 100644 |
258 |
no_nice = security_task_setnice(p, niceval); |
259 |
if (no_nice) { |
260 |
error = no_nice; |
261 |
-@@ -351,6 +357,9 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) |
262 |
+@@ -351,6 +357,20 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) |
263 |
goto error; |
264 |
} |
265 |
|
266 |
+ if (gr_check_group_change(new->gid, new->egid, INVALID_GID)) |
267 |
+ goto error; |
268 |
+ |
269 |
++ if (!gid_eq(new->gid, old->gid)) { |
270 |
++ /* make sure we generate a learn log for what will |
271 |
++ end up being a role transition after a full-learning |
272 |
++ policy is generated |
273 |
++ CAP_SETGID is required to perform a transition |
274 |
++ we may not log a CAP_SETGID check above, e.g. |
275 |
++ in the case where new rgid = old egid |
276 |
++ */ |
277 |
++ gr_learn_cap(current, new, CAP_SETGID); |
278 |
++ } |
279 |
++ |
280 |
if (rgid != (gid_t) -1 || |
281 |
(egid != (gid_t) -1 && !gid_eq(kegid, old->gid))) |
282 |
new->sgid = new->egid; |
283 |
-@@ -386,6 +395,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) |
284 |
+@@ -386,6 +406,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) |
285 |
old = current_cred(); |
286 |
|
287 |
retval = -EPERM; |
288 |
@@ -90978,7 +91043,7 @@ index c0a58be..784c618 100644 |
289 |
if (ns_capable(old->user_ns, CAP_SETGID)) |
290 |
new->gid = new->egid = new->sgid = new->fsgid = kgid; |
291 |
else if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->sgid)) |
292 |
-@@ -403,7 +416,7 @@ error: |
293 |
+@@ -403,7 +427,7 @@ error: |
294 |
/* |
295 |
* change the user struct in a credentials set to match the new UID |
296 |
*/ |
297 |
@@ -90987,7 +91052,7 @@ index c0a58be..784c618 100644 |
298 |
{ |
299 |
struct user_struct *new_user; |
300 |
|
301 |
-@@ -483,6 +496,9 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) |
302 |
+@@ -483,7 +507,18 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) |
303 |
goto error; |
304 |
} |
305 |
|
306 |
@@ -90995,9 +91060,18 @@ index c0a58be..784c618 100644 |
307 |
+ goto error; |
308 |
+ |
309 |
if (!uid_eq(new->uid, old->uid)) { |
310 |
++ /* make sure we generate a learn log for what will |
311 |
++ end up being a role transition after a full-learning |
312 |
++ policy is generated |
313 |
++ CAP_SETUID is required to perform a transition |
314 |
++ we may not log a CAP_SETUID check above, e.g. |
315 |
++ in the case where new ruid = old euid |
316 |
++ */ |
317 |
++ gr_learn_cap(current, new, CAP_SETUID); |
318 |
retval = set_user(new); |
319 |
if (retval < 0) |
320 |
-@@ -533,6 +549,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) |
321 |
+ goto error; |
322 |
+@@ -533,6 +568,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) |
323 |
old = current_cred(); |
324 |
|
325 |
retval = -EPERM; |
326 |
@@ -91010,7 +91084,7 @@ index c0a58be..784c618 100644 |
327 |
if (ns_capable(old->user_ns, CAP_SETUID)) { |
328 |
new->suid = new->uid = kuid; |
329 |
if (!uid_eq(kuid, old->uid)) { |
330 |
-@@ -602,6 +624,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
331 |
+@@ -602,6 +643,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
332 |
goto error; |
333 |
} |
334 |
|
335 |
@@ -91020,7 +91094,7 @@ index c0a58be..784c618 100644 |
336 |
if (ruid != (uid_t) -1) { |
337 |
new->uid = kruid; |
338 |
if (!uid_eq(kruid, old->uid)) { |
339 |
-@@ -684,6 +709,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
340 |
+@@ -684,6 +728,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
341 |
goto error; |
342 |
} |
343 |
|
344 |
@@ -91030,7 +91104,7 @@ index c0a58be..784c618 100644 |
345 |
if (rgid != (gid_t) -1) |
346 |
new->gid = krgid; |
347 |
if (egid != (gid_t) -1) |
348 |
-@@ -745,12 +773,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
349 |
+@@ -745,12 +792,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
350 |
uid_eq(kuid, old->suid) || uid_eq(kuid, old->fsuid) || |
351 |
ns_capable(old->user_ns, CAP_SETUID)) { |
352 |
if (!uid_eq(kuid, old->fsuid)) { |
353 |
@@ -91047,7 +91121,7 @@ index c0a58be..784c618 100644 |
354 |
abort_creds(new); |
355 |
return old_fsuid; |
356 |
|
357 |
-@@ -783,12 +815,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
358 |
+@@ -783,12 +834,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
359 |
if (gid_eq(kgid, old->gid) || gid_eq(kgid, old->egid) || |
360 |
gid_eq(kgid, old->sgid) || gid_eq(kgid, old->fsgid) || |
361 |
ns_capable(old->user_ns, CAP_SETGID)) { |
362 |
@@ -91064,7 +91138,7 @@ index c0a58be..784c618 100644 |
363 |
abort_creds(new); |
364 |
return old_fsgid; |
365 |
|
366 |
-@@ -1167,19 +1203,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
367 |
+@@ -1167,19 +1222,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
368 |
return -EFAULT; |
369 |
|
370 |
down_read(&uts_sem); |
371 |
@@ -91089,7 +91163,7 @@ index c0a58be..784c618 100644 |
372 |
__OLD_UTS_LEN); |
373 |
error |= __put_user(0, name->machine + __OLD_UTS_LEN); |
374 |
up_read(&uts_sem); |
375 |
-@@ -1381,6 +1417,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, |
376 |
+@@ -1381,6 +1436,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, |
377 |
*/ |
378 |
new_rlim->rlim_cur = 1; |
379 |
} |
380 |
@@ -94354,7 +94428,7 @@ index b1eb536..091d154 100644 |
381 |
capable(CAP_IPC_LOCK)) |
382 |
ret = do_mlockall(flags); |
383 |
diff --git a/mm/mmap.c b/mm/mmap.c |
384 |
-index 20ff0c3..a9eda98 100644 |
385 |
+index 20ff0c3..005dc47 100644 |
386 |
--- a/mm/mmap.c |
387 |
+++ b/mm/mmap.c |
388 |
@@ -36,6 +36,7 @@ |
389 |
@@ -94427,15 +94501,20 @@ index 20ff0c3..a9eda98 100644 |
390 |
if (vma->vm_ops && vma->vm_ops->close) |
391 |
vma->vm_ops->close(vma); |
392 |
if (vma->vm_file) |
393 |
-@@ -290,6 +312,7 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) |
394 |
+@@ -290,6 +312,12 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) |
395 |
* not page aligned -Ram Gupta |
396 |
*/ |
397 |
rlim = rlimit(RLIMIT_DATA); |
398 |
++#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
399 |
++ /* force a minimum 16MB brk heap on setuid/setgid binaries */ |
400 |
++ if (rlim < PAGE_SIZE && (get_dumpable(mm) != SUID_DUMP_USER) && gr_is_global_nonroot(current_uid())) |
401 |
++ rlim = 4096 * PAGE_SIZE; |
402 |
++#endif |
403 |
+ gr_learn_resource(current, RLIMIT_DATA, (brk - mm->start_brk) + (mm->end_data - mm->start_data), 1); |
404 |
if (rlim < RLIM_INFINITY && (brk - mm->start_brk) + |
405 |
(mm->end_data - mm->start_data) > rlim) |
406 |
goto out; |
407 |
-@@ -940,6 +963,12 @@ static int |
408 |
+@@ -940,6 +968,12 @@ static int |
409 |
can_vma_merge_before(struct vm_area_struct *vma, unsigned long vm_flags, |
410 |
struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) |
411 |
{ |
412 |
@@ -94448,7 +94527,7 @@ index 20ff0c3..a9eda98 100644 |
413 |
if (is_mergeable_vma(vma, file, vm_flags) && |
414 |
is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { |
415 |
if (vma->vm_pgoff == vm_pgoff) |
416 |
-@@ -959,6 +988,12 @@ static int |
417 |
+@@ -959,6 +993,12 @@ static int |
418 |
can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
419 |
struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) |
420 |
{ |
421 |
@@ -94461,7 +94540,7 @@ index 20ff0c3..a9eda98 100644 |
422 |
if (is_mergeable_vma(vma, file, vm_flags) && |
423 |
is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { |
424 |
pgoff_t vm_pglen; |
425 |
-@@ -1001,13 +1036,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
426 |
+@@ -1001,13 +1041,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
427 |
struct vm_area_struct *vma_merge(struct mm_struct *mm, |
428 |
struct vm_area_struct *prev, unsigned long addr, |
429 |
unsigned long end, unsigned long vm_flags, |
430 |
@@ -94483,7 +94562,7 @@ index 20ff0c3..a9eda98 100644 |
431 |
/* |
432 |
* We later require that vma->vm_flags == vm_flags, |
433 |
* so this tests vma->vm_flags & VM_SPECIAL, too. |
434 |
-@@ -1023,6 +1065,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
435 |
+@@ -1023,6 +1070,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
436 |
if (next && next->vm_end == end) /* cases 6, 7, 8 */ |
437 |
next = next->vm_next; |
438 |
|
439 |
@@ -94499,7 +94578,7 @@ index 20ff0c3..a9eda98 100644 |
440 |
/* |
441 |
* Can it merge with the predecessor? |
442 |
*/ |
443 |
-@@ -1042,9 +1093,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
444 |
+@@ -1042,9 +1098,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
445 |
/* cases 1, 6 */ |
446 |
err = vma_adjust(prev, prev->vm_start, |
447 |
next->vm_end, prev->vm_pgoff, NULL); |
448 |
@@ -94525,7 +94604,7 @@ index 20ff0c3..a9eda98 100644 |
449 |
if (err) |
450 |
return NULL; |
451 |
khugepaged_enter_vma_merge(prev); |
452 |
-@@ -1058,12 +1124,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
453 |
+@@ -1058,12 +1129,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
454 |
mpol_equal(policy, vma_policy(next)) && |
455 |
can_vma_merge_before(next, vm_flags, |
456 |
anon_vma, file, pgoff+pglen)) { |
457 |
@@ -94555,7 +94634,7 @@ index 20ff0c3..a9eda98 100644 |
458 |
if (err) |
459 |
return NULL; |
460 |
khugepaged_enter_vma_merge(area); |
461 |
-@@ -1172,8 +1253,10 @@ none: |
462 |
+@@ -1172,8 +1258,10 @@ none: |
463 |
void vm_stat_account(struct mm_struct *mm, unsigned long flags, |
464 |
struct file *file, long pages) |
465 |
{ |
466 |
@@ -94568,7 +94647,7 @@ index 20ff0c3..a9eda98 100644 |
467 |
|
468 |
mm->total_vm += pages; |
469 |
|
470 |
-@@ -1181,7 +1264,7 @@ void vm_stat_account(struct mm_struct *mm, unsigned long flags, |
471 |
+@@ -1181,7 +1269,7 @@ void vm_stat_account(struct mm_struct *mm, unsigned long flags, |
472 |
mm->shared_vm += pages; |
473 |
if ((flags & (VM_EXEC|VM_WRITE)) == VM_EXEC) |
474 |
mm->exec_vm += pages; |
475 |
@@ -94577,7 +94656,7 @@ index 20ff0c3..a9eda98 100644 |
476 |
mm->stack_vm += pages; |
477 |
} |
478 |
#endif /* CONFIG_PROC_FS */ |
479 |
-@@ -1211,6 +1294,7 @@ static inline int mlock_future_check(struct mm_struct *mm, |
480 |
+@@ -1211,6 +1299,7 @@ static inline int mlock_future_check(struct mm_struct *mm, |
481 |
locked += mm->locked_vm; |
482 |
lock_limit = rlimit(RLIMIT_MEMLOCK); |
483 |
lock_limit >>= PAGE_SHIFT; |
484 |
@@ -94585,7 +94664,7 @@ index 20ff0c3..a9eda98 100644 |
485 |
if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
486 |
return -EAGAIN; |
487 |
} |
488 |
-@@ -1237,7 +1321,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
489 |
+@@ -1237,7 +1326,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
490 |
* (the exception is when the underlying filesystem is noexec |
491 |
* mounted, in which case we dont add PROT_EXEC.) |
492 |
*/ |
493 |
@@ -94594,7 +94673,7 @@ index 20ff0c3..a9eda98 100644 |
494 |
if (!(file && (file->f_path.mnt->mnt_flags & MNT_NOEXEC))) |
495 |
prot |= PROT_EXEC; |
496 |
|
497 |
-@@ -1263,7 +1347,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
498 |
+@@ -1263,7 +1352,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
499 |
/* Obtain the address to map to. we verify (or select) it and ensure |
500 |
* that it represents a valid section of the address space. |
501 |
*/ |
502 |
@@ -94603,7 +94682,7 @@ index 20ff0c3..a9eda98 100644 |
503 |
if (addr & ~PAGE_MASK) |
504 |
return addr; |
505 |
|
506 |
-@@ -1274,6 +1358,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
507 |
+@@ -1274,6 +1363,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
508 |
vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | |
509 |
mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; |
510 |
|
511 |
@@ -94647,7 +94726,7 @@ index 20ff0c3..a9eda98 100644 |
512 |
if (flags & MAP_LOCKED) |
513 |
if (!can_do_mlock()) |
514 |
return -EPERM; |
515 |
-@@ -1361,6 +1482,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
516 |
+@@ -1361,6 +1487,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
517 |
vm_flags |= VM_NORESERVE; |
518 |
} |
519 |
|
520 |
@@ -94657,7 +94736,7 @@ index 20ff0c3..a9eda98 100644 |
521 |
addr = mmap_region(file, addr, len, vm_flags, pgoff); |
522 |
if (!IS_ERR_VALUE(addr) && |
523 |
((vm_flags & VM_LOCKED) || |
524 |
-@@ -1454,7 +1578,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) |
525 |
+@@ -1454,7 +1583,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) |
526 |
vm_flags_t vm_flags = vma->vm_flags; |
527 |
|
528 |
/* If it was private or non-writable, the write bit is already clear */ |
529 |
@@ -94666,7 +94745,7 @@ index 20ff0c3..a9eda98 100644 |
530 |
return 0; |
531 |
|
532 |
/* The backer wishes to know when pages are first written to? */ |
533 |
-@@ -1500,7 +1624,22 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
534 |
+@@ -1500,7 +1629,22 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
535 |
struct rb_node **rb_link, *rb_parent; |
536 |
unsigned long charged = 0; |
537 |
|
538 |
@@ -94689,7 +94768,7 @@ index 20ff0c3..a9eda98 100644 |
539 |
if (!may_expand_vm(mm, len >> PAGE_SHIFT)) { |
540 |
unsigned long nr_pages; |
541 |
|
542 |
-@@ -1519,11 +1658,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
543 |
+@@ -1519,11 +1663,10 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
544 |
|
545 |
/* Clear old maps */ |
546 |
error = -ENOMEM; |
547 |
@@ -94702,7 +94781,7 @@ index 20ff0c3..a9eda98 100644 |
548 |
} |
549 |
|
550 |
/* |
551 |
-@@ -1554,6 +1692,16 @@ munmap_back: |
552 |
+@@ -1554,6 +1697,16 @@ munmap_back: |
553 |
goto unacct_error; |
554 |
} |
555 |
|
556 |
@@ -94719,7 +94798,7 @@ index 20ff0c3..a9eda98 100644 |
557 |
vma->vm_mm = mm; |
558 |
vma->vm_start = addr; |
559 |
vma->vm_end = addr + len; |
560 |
-@@ -1573,6 +1721,13 @@ munmap_back: |
561 |
+@@ -1573,6 +1726,13 @@ munmap_back: |
562 |
if (error) |
563 |
goto unmap_and_free_vma; |
564 |
|
565 |
@@ -94733,7 +94812,7 @@ index 20ff0c3..a9eda98 100644 |
566 |
/* Can addr have changed?? |
567 |
* |
568 |
* Answer: Yes, several device drivers can do it in their |
569 |
-@@ -1606,6 +1761,12 @@ munmap_back: |
570 |
+@@ -1606,6 +1766,12 @@ munmap_back: |
571 |
} |
572 |
|
573 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
574 |
@@ -94746,7 +94825,7 @@ index 20ff0c3..a9eda98 100644 |
575 |
/* Once vma denies write, undo our temporary denial count */ |
576 |
if (vm_flags & VM_DENYWRITE) |
577 |
allow_write_access(file); |
578 |
-@@ -1614,6 +1775,7 @@ out: |
579 |
+@@ -1614,6 +1780,7 @@ out: |
580 |
perf_event_mmap(vma); |
581 |
|
582 |
vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT); |
583 |
@@ -94754,7 +94833,7 @@ index 20ff0c3..a9eda98 100644 |
584 |
if (vm_flags & VM_LOCKED) { |
585 |
if (!((vm_flags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || |
586 |
vma == get_gate_vma(current->mm))) |
587 |
-@@ -1646,6 +1808,12 @@ unmap_and_free_vma: |
588 |
+@@ -1646,6 +1813,12 @@ unmap_and_free_vma: |
589 |
unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); |
590 |
charged = 0; |
591 |
free_vma: |
592 |
@@ -94767,7 +94846,7 @@ index 20ff0c3..a9eda98 100644 |
593 |
kmem_cache_free(vm_area_cachep, vma); |
594 |
unacct_error: |
595 |
if (charged) |
596 |
-@@ -1653,7 +1821,63 @@ unacct_error: |
597 |
+@@ -1653,7 +1826,63 @@ unacct_error: |
598 |
return error; |
599 |
} |
600 |
|
601 |
@@ -94832,7 +94911,7 @@ index 20ff0c3..a9eda98 100644 |
602 |
{ |
603 |
/* |
604 |
* We implement the search by looking for an rbtree node that |
605 |
-@@ -1701,11 +1925,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) |
606 |
+@@ -1701,11 +1930,29 @@ unsigned long unmapped_area(struct vm_unmapped_area_info *info) |
607 |
} |
608 |
} |
609 |
|
610 |
@@ -94863,7 +94942,7 @@ index 20ff0c3..a9eda98 100644 |
611 |
if (gap_end >= low_limit && gap_end - gap_start >= length) |
612 |
goto found; |
613 |
|
614 |
-@@ -1755,7 +1997,7 @@ found: |
615 |
+@@ -1755,7 +2002,7 @@ found: |
616 |
return gap_start; |
617 |
} |
618 |
|
619 |
@@ -94872,7 +94951,7 @@ index 20ff0c3..a9eda98 100644 |
620 |
{ |
621 |
struct mm_struct *mm = current->mm; |
622 |
struct vm_area_struct *vma; |
623 |
-@@ -1809,6 +2051,24 @@ check_current: |
624 |
+@@ -1809,6 +2056,24 @@ check_current: |
625 |
gap_end = vma->vm_start; |
626 |
if (gap_end < low_limit) |
627 |
return -ENOMEM; |
628 |
@@ -94897,7 +94976,7 @@ index 20ff0c3..a9eda98 100644 |
629 |
if (gap_start <= high_limit && gap_end - gap_start >= length) |
630 |
goto found; |
631 |
|
632 |
-@@ -1872,6 +2132,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
633 |
+@@ -1872,6 +2137,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
634 |
struct mm_struct *mm = current->mm; |
635 |
struct vm_area_struct *vma; |
636 |
struct vm_unmapped_area_info info; |
637 |
@@ -94905,7 +94984,7 @@ index 20ff0c3..a9eda98 100644 |
638 |
|
639 |
if (len > TASK_SIZE - mmap_min_addr) |
640 |
return -ENOMEM; |
641 |
-@@ -1879,11 +2140,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
642 |
+@@ -1879,11 +2145,15 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
643 |
if (flags & MAP_FIXED) |
644 |
return addr; |
645 |
|
646 |
@@ -94922,7 +95001,7 @@ index 20ff0c3..a9eda98 100644 |
647 |
return addr; |
648 |
} |
649 |
|
650 |
-@@ -1892,6 +2157,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
651 |
+@@ -1892,6 +2162,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
652 |
info.low_limit = mm->mmap_base; |
653 |
info.high_limit = TASK_SIZE; |
654 |
info.align_mask = 0; |
655 |
@@ -94930,7 +95009,7 @@ index 20ff0c3..a9eda98 100644 |
656 |
return vm_unmapped_area(&info); |
657 |
} |
658 |
#endif |
659 |
-@@ -1910,6 +2176,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
660 |
+@@ -1910,6 +2181,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
661 |
struct mm_struct *mm = current->mm; |
662 |
unsigned long addr = addr0; |
663 |
struct vm_unmapped_area_info info; |
664 |
@@ -94938,7 +95017,7 @@ index 20ff0c3..a9eda98 100644 |
665 |
|
666 |
/* requested length too big for entire address space */ |
667 |
if (len > TASK_SIZE - mmap_min_addr) |
668 |
-@@ -1918,12 +2185,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
669 |
+@@ -1918,12 +2190,16 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
670 |
if (flags & MAP_FIXED) |
671 |
return addr; |
672 |
|
673 |
@@ -94956,7 +95035,7 @@ index 20ff0c3..a9eda98 100644 |
674 |
return addr; |
675 |
} |
676 |
|
677 |
-@@ -1932,6 +2203,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
678 |
+@@ -1932,6 +2208,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
679 |
info.low_limit = max(PAGE_SIZE, mmap_min_addr); |
680 |
info.high_limit = mm->mmap_base; |
681 |
info.align_mask = 0; |
682 |
@@ -94964,7 +95043,7 @@ index 20ff0c3..a9eda98 100644 |
683 |
addr = vm_unmapped_area(&info); |
684 |
|
685 |
/* |
686 |
-@@ -1944,6 +2216,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
687 |
+@@ -1944,6 +2221,12 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
688 |
VM_BUG_ON(addr != -ENOMEM); |
689 |
info.flags = 0; |
690 |
info.low_limit = TASK_UNMAPPED_BASE; |
691 |
@@ -94977,7 +95056,7 @@ index 20ff0c3..a9eda98 100644 |
692 |
info.high_limit = TASK_SIZE; |
693 |
addr = vm_unmapped_area(&info); |
694 |
} |
695 |
-@@ -2045,6 +2323,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, |
696 |
+@@ -2045,6 +2328,28 @@ find_vma_prev(struct mm_struct *mm, unsigned long addr, |
697 |
return vma; |
698 |
} |
699 |
|
700 |
@@ -95006,7 +95085,7 @@ index 20ff0c3..a9eda98 100644 |
701 |
/* |
702 |
* Verify that the stack growth is acceptable and |
703 |
* update accounting. This is shared with both the |
704 |
-@@ -2061,6 +2361,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
705 |
+@@ -2061,6 +2366,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
706 |
return -ENOMEM; |
707 |
|
708 |
/* Stack limit test */ |
709 |
@@ -95014,7 +95093,7 @@ index 20ff0c3..a9eda98 100644 |
710 |
if (size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) |
711 |
return -ENOMEM; |
712 |
|
713 |
-@@ -2071,6 +2372,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
714 |
+@@ -2071,6 +2377,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
715 |
locked = mm->locked_vm + grow; |
716 |
limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); |
717 |
limit >>= PAGE_SHIFT; |
718 |
@@ -95022,7 +95101,7 @@ index 20ff0c3..a9eda98 100644 |
719 |
if (locked > limit && !capable(CAP_IPC_LOCK)) |
720 |
return -ENOMEM; |
721 |
} |
722 |
-@@ -2100,37 +2402,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
723 |
+@@ -2100,37 +2407,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
724 |
* PA-RISC uses this for its stack; IA64 for its Register Backing Store. |
725 |
* vma is the last one with address > vma->vm_end. Have to extend vma. |
726 |
*/ |
727 |
@@ -95080,7 +95159,7 @@ index 20ff0c3..a9eda98 100644 |
728 |
unsigned long size, grow; |
729 |
|
730 |
size = address - vma->vm_start; |
731 |
-@@ -2165,6 +2478,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) |
732 |
+@@ -2165,6 +2483,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) |
733 |
} |
734 |
} |
735 |
} |
736 |
@@ -95089,7 +95168,7 @@ index 20ff0c3..a9eda98 100644 |
737 |
vma_unlock_anon_vma(vma); |
738 |
khugepaged_enter_vma_merge(vma); |
739 |
validate_mm(vma->vm_mm); |
740 |
-@@ -2179,6 +2494,8 @@ int expand_downwards(struct vm_area_struct *vma, |
741 |
+@@ -2179,6 +2499,8 @@ int expand_downwards(struct vm_area_struct *vma, |
742 |
unsigned long address) |
743 |
{ |
744 |
int error; |
745 |
@@ -95098,7 +95177,7 @@ index 20ff0c3..a9eda98 100644 |
746 |
|
747 |
/* |
748 |
* We must make sure the anon_vma is allocated |
749 |
-@@ -2192,6 +2509,15 @@ int expand_downwards(struct vm_area_struct *vma, |
750 |
+@@ -2192,6 +2514,15 @@ int expand_downwards(struct vm_area_struct *vma, |
751 |
if (error) |
752 |
return error; |
753 |
|
754 |
@@ -95114,7 +95193,7 @@ index 20ff0c3..a9eda98 100644 |
755 |
vma_lock_anon_vma(vma); |
756 |
|
757 |
/* |
758 |
-@@ -2201,9 +2527,17 @@ int expand_downwards(struct vm_area_struct *vma, |
759 |
+@@ -2201,9 +2532,17 @@ int expand_downwards(struct vm_area_struct *vma, |
760 |
*/ |
761 |
|
762 |
/* Somebody else might have raced and expanded it already */ |
763 |
@@ -95133,7 +95212,7 @@ index 20ff0c3..a9eda98 100644 |
764 |
size = vma->vm_end - address; |
765 |
grow = (vma->vm_start - address) >> PAGE_SHIFT; |
766 |
|
767 |
-@@ -2228,13 +2562,27 @@ int expand_downwards(struct vm_area_struct *vma, |
768 |
+@@ -2228,13 +2567,27 @@ int expand_downwards(struct vm_area_struct *vma, |
769 |
vma->vm_pgoff -= grow; |
770 |
anon_vma_interval_tree_post_update_vma(vma); |
771 |
vma_gap_update(vma); |
772 |
@@ -95161,7 +95240,7 @@ index 20ff0c3..a9eda98 100644 |
773 |
khugepaged_enter_vma_merge(vma); |
774 |
validate_mm(vma->vm_mm); |
775 |
return error; |
776 |
-@@ -2332,6 +2680,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) |
777 |
+@@ -2332,6 +2685,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) |
778 |
do { |
779 |
long nrpages = vma_pages(vma); |
780 |
|
781 |
@@ -95175,7 +95254,7 @@ index 20ff0c3..a9eda98 100644 |
782 |
if (vma->vm_flags & VM_ACCOUNT) |
783 |
nr_accounted += nrpages; |
784 |
vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); |
785 |
-@@ -2376,6 +2731,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, |
786 |
+@@ -2376,6 +2736,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, |
787 |
insertion_point = (prev ? &prev->vm_next : &mm->mmap); |
788 |
vma->vm_prev = NULL; |
789 |
do { |
790 |
@@ -95192,7 +95271,7 @@ index 20ff0c3..a9eda98 100644 |
791 |
vma_rb_erase(vma, &mm->mm_rb); |
792 |
mm->map_count--; |
793 |
tail_vma = vma; |
794 |
-@@ -2401,14 +2766,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
795 |
+@@ -2401,14 +2771,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
796 |
struct vm_area_struct *new; |
797 |
int err = -ENOMEM; |
798 |
|
799 |
@@ -95226,7 +95305,7 @@ index 20ff0c3..a9eda98 100644 |
800 |
/* most fields are the same, copy all, and then fixup */ |
801 |
*new = *vma; |
802 |
|
803 |
-@@ -2421,6 +2805,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
804 |
+@@ -2421,6 +2810,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
805 |
new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); |
806 |
} |
807 |
|
808 |
@@ -95249,7 +95328,7 @@ index 20ff0c3..a9eda98 100644 |
809 |
err = vma_dup_policy(vma, new); |
810 |
if (err) |
811 |
goto out_free_vma; |
812 |
-@@ -2440,6 +2840,38 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
813 |
+@@ -2440,6 +2845,38 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
814 |
else |
815 |
err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); |
816 |
|
817 |
@@ -95288,7 +95367,7 @@ index 20ff0c3..a9eda98 100644 |
818 |
/* Success. */ |
819 |
if (!err) |
820 |
return 0; |
821 |
-@@ -2449,10 +2881,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
822 |
+@@ -2449,10 +2886,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
823 |
new->vm_ops->close(new); |
824 |
if (new->vm_file) |
825 |
fput(new->vm_file); |
826 |
@@ -95308,7 +95387,7 @@ index 20ff0c3..a9eda98 100644 |
827 |
kmem_cache_free(vm_area_cachep, new); |
828 |
out_err: |
829 |
return err; |
830 |
-@@ -2465,6 +2905,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
831 |
+@@ -2465,6 +2910,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
832 |
int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
833 |
unsigned long addr, int new_below) |
834 |
{ |
835 |
@@ -95324,7 +95403,7 @@ index 20ff0c3..a9eda98 100644 |
836 |
if (mm->map_count >= sysctl_max_map_count) |
837 |
return -ENOMEM; |
838 |
|
839 |
-@@ -2476,11 +2925,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
840 |
+@@ -2476,11 +2930,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
841 |
* work. This now handles partial unmappings. |
842 |
* Jeremy Fitzhardinge <jeremy@××××.org> |
843 |
*/ |
844 |
@@ -95355,7 +95434,7 @@ index 20ff0c3..a9eda98 100644 |
845 |
if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) |
846 |
return -EINVAL; |
847 |
|
848 |
-@@ -2555,6 +3023,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
849 |
+@@ -2555,6 +3028,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
850 |
/* Fix up all other VM information */ |
851 |
remove_vma_list(mm, vma); |
852 |
|
853 |
@@ -95364,7 +95443,7 @@ index 20ff0c3..a9eda98 100644 |
854 |
return 0; |
855 |
} |
856 |
|
857 |
-@@ -2563,6 +3033,13 @@ int vm_munmap(unsigned long start, size_t len) |
858 |
+@@ -2563,6 +3038,13 @@ int vm_munmap(unsigned long start, size_t len) |
859 |
int ret; |
860 |
struct mm_struct *mm = current->mm; |
861 |
|
862 |
@@ -95378,7 +95457,7 @@ index 20ff0c3..a9eda98 100644 |
863 |
down_write(&mm->mmap_sem); |
864 |
ret = do_munmap(mm, start, len); |
865 |
up_write(&mm->mmap_sem); |
866 |
-@@ -2576,16 +3053,6 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) |
867 |
+@@ -2576,16 +3058,6 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) |
868 |
return vm_munmap(addr, len); |
869 |
} |
870 |
|
871 |
@@ -95395,7 +95474,7 @@ index 20ff0c3..a9eda98 100644 |
872 |
/* |
873 |
* this is really a simplified "do_mmap". it only handles |
874 |
* anonymous maps. eventually we may be able to do some |
875 |
-@@ -2599,6 +3066,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
876 |
+@@ -2599,6 +3071,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
877 |
struct rb_node ** rb_link, * rb_parent; |
878 |
pgoff_t pgoff = addr >> PAGE_SHIFT; |
879 |
int error; |
880 |
@@ -95403,7 +95482,7 @@ index 20ff0c3..a9eda98 100644 |
881 |
|
882 |
len = PAGE_ALIGN(len); |
883 |
if (!len) |
884 |
-@@ -2606,10 +3074,24 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
885 |
+@@ -2606,10 +3079,24 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
886 |
|
887 |
flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; |
888 |
|
889 |
@@ -95428,7 +95507,7 @@ index 20ff0c3..a9eda98 100644 |
890 |
error = mlock_future_check(mm, mm->def_flags, len); |
891 |
if (error) |
892 |
return error; |
893 |
-@@ -2623,21 +3105,20 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
894 |
+@@ -2623,21 +3110,20 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
895 |
/* |
896 |
* Clear old maps. this also does some error checking for us |
897 |
*/ |
898 |
@@ -95453,7 +95532,7 @@ index 20ff0c3..a9eda98 100644 |
899 |
return -ENOMEM; |
900 |
|
901 |
/* Can we just expand an old private anonymous mapping? */ |
902 |
-@@ -2651,7 +3132,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
903 |
+@@ -2651,7 +3137,7 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
904 |
*/ |
905 |
vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); |
906 |
if (!vma) { |
907 |
@@ -95462,7 +95541,7 @@ index 20ff0c3..a9eda98 100644 |
908 |
return -ENOMEM; |
909 |
} |
910 |
|
911 |
-@@ -2665,10 +3146,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
912 |
+@@ -2665,10 +3151,11 @@ static unsigned long do_brk(unsigned long addr, unsigned long len) |
913 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
914 |
out: |
915 |
perf_event_mmap(vma); |
916 |
@@ -95476,7 +95555,7 @@ index 20ff0c3..a9eda98 100644 |
917 |
return addr; |
918 |
} |
919 |
|
920 |
-@@ -2730,6 +3212,7 @@ void exit_mmap(struct mm_struct *mm) |
921 |
+@@ -2730,6 +3217,7 @@ void exit_mmap(struct mm_struct *mm) |
922 |
while (vma) { |
923 |
if (vma->vm_flags & VM_ACCOUNT) |
924 |
nr_accounted += vma_pages(vma); |
925 |
@@ -95484,7 +95563,7 @@ index 20ff0c3..a9eda98 100644 |
926 |
vma = remove_vma(vma); |
927 |
} |
928 |
vm_unacct_memory(nr_accounted); |
929 |
-@@ -2747,6 +3230,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) |
930 |
+@@ -2747,6 +3235,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) |
931 |
struct vm_area_struct *prev; |
932 |
struct rb_node **rb_link, *rb_parent; |
933 |
|
934 |
@@ -95498,7 +95577,7 @@ index 20ff0c3..a9eda98 100644 |
935 |
/* |
936 |
* The vm_pgoff of a purely anonymous vma should be irrelevant |
937 |
* until its first write fault, when page's anon_vma and index |
938 |
-@@ -2770,7 +3260,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) |
939 |
+@@ -2770,7 +3265,21 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma) |
940 |
security_vm_enough_memory_mm(mm, vma_pages(vma))) |
941 |
return -ENOMEM; |
942 |
|
943 |
@@ -95520,7 +95599,7 @@ index 20ff0c3..a9eda98 100644 |
944 |
return 0; |
945 |
} |
946 |
|
947 |
-@@ -2789,6 +3293,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
948 |
+@@ -2789,6 +3298,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
949 |
struct rb_node **rb_link, *rb_parent; |
950 |
bool faulted_in_anon_vma = true; |
951 |
|
952 |
@@ -95529,7 +95608,7 @@ index 20ff0c3..a9eda98 100644 |
953 |
/* |
954 |
* If anonymous vma has not yet been faulted, update new pgoff |
955 |
* to match new location, to increase its chance of merging. |
956 |
-@@ -2853,6 +3359,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
957 |
+@@ -2853,6 +3364,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
958 |
return NULL; |
959 |
} |
960 |
|
961 |
@@ -95569,7 +95648,7 @@ index 20ff0c3..a9eda98 100644 |
962 |
/* |
963 |
* Return true if the calling process may expand its vm space by the passed |
964 |
* number of pages |
965 |
-@@ -2864,6 +3403,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) |
966 |
+@@ -2864,6 +3408,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) |
967 |
|
968 |
lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; |
969 |
|
970 |
@@ -95577,7 +95656,7 @@ index 20ff0c3..a9eda98 100644 |
971 |
if (cur + npages > lim) |
972 |
return 0; |
973 |
return 1; |
974 |
-@@ -2934,6 +3474,22 @@ int install_special_mapping(struct mm_struct *mm, |
975 |
+@@ -2934,6 +3479,22 @@ int install_special_mapping(struct mm_struct *mm, |
976 |
vma->vm_start = addr; |
977 |
vma->vm_end = addr + len; |
978 |
|
979 |
|
980 |
diff --git a/3.14.17/4465_selinux-avc_audit-log-curr_ip.patch b/3.14.17/4465_selinux-avc_audit-log-curr_ip.patch |
981 |
index fb528d0..747ac53 100644 |
982 |
--- a/3.14.17/4465_selinux-avc_audit-log-curr_ip.patch |
983 |
+++ b/3.14.17/4465_selinux-avc_audit-log-curr_ip.patch |
984 |
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
985 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
986 |
--- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 |
987 |
+++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 |
988 |
-@@ -1147,6 +1147,27 @@ |
989 |
+@@ -1137,6 +1137,27 @@ |
990 |
menu "Logging Options" |
991 |
depends on GRKERNSEC |
992 |
|
993 |
|
994 |
diff --git a/3.2.62/0000_README b/3.2.62/0000_README |
995 |
index 67a218f..9c125a6 100644 |
996 |
--- a/3.2.62/0000_README |
997 |
+++ b/3.2.62/0000_README |
998 |
@@ -166,7 +166,7 @@ Patch: 1061_linux-3.2.62.patch |
999 |
From: http://www.kernel.org |
1000 |
Desc: Linux 3.2.62 |
1001 |
|
1002 |
-Patch: 4420_grsecurity-3.0-3.2.62-201408212331.patch |
1003 |
+Patch: 4420_grsecurity-3.0-3.2.62-201408260037.patch |
1004 |
From: http://www.grsecurity.net |
1005 |
Desc: hardened-sources base patch from upstream grsecurity |
1006 |
|
1007 |
|
1008 |
diff --git a/3.2.62/4420_grsecurity-3.0-3.2.62-201408212331.patch b/3.2.62/4420_grsecurity-3.0-3.2.62-201408260037.patch |
1009 |
similarity index 99% |
1010 |
rename from 3.2.62/4420_grsecurity-3.0-3.2.62-201408212331.patch |
1011 |
rename to 3.2.62/4420_grsecurity-3.0-3.2.62-201408260037.patch |
1012 |
index 0039dfe..a4df725 100644 |
1013 |
--- a/3.2.62/4420_grsecurity-3.0-3.2.62-201408212331.patch |
1014 |
+++ b/3.2.62/4420_grsecurity-3.0-3.2.62-201408260037.patch |
1015 |
@@ -69562,10 +69562,10 @@ index 0000000..18ffbbd |
1016 |
+} |
1017 |
diff --git a/grsecurity/gracl_cap.c b/grsecurity/gracl_cap.c |
1018 |
new file mode 100644 |
1019 |
-index 0000000..955ddfb |
1020 |
+index 0000000..b2ec14c |
1021 |
--- /dev/null |
1022 |
+++ b/grsecurity/gracl_cap.c |
1023 |
-@@ -0,0 +1,101 @@ |
1024 |
+@@ -0,0 +1,118 @@ |
1025 |
+#include <linux/kernel.h> |
1026 |
+#include <linux/module.h> |
1027 |
+#include <linux/sched.h> |
1028 |
@@ -69576,6 +69576,29 @@ index 0000000..955ddfb |
1029 |
+extern const char *captab_log[]; |
1030 |
+extern int captab_log_entries; |
1031 |
+ |
1032 |
++int gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap) |
1033 |
++{ |
1034 |
++ struct acl_subject_label *curracl; |
1035 |
++ |
1036 |
++ if (!gr_acl_is_enabled()) |
1037 |
++ return 1; |
1038 |
++ |
1039 |
++ curracl = task->acl; |
1040 |
++ |
1041 |
++ if (curracl->mode & (GR_LEARN | GR_INHERITLEARN)) { |
1042 |
++ security_learn(GR_LEARN_AUDIT_MSG, task->role->rolename, |
1043 |
++ task->role->roletype, cred->uid, |
1044 |
++ cred->gid, task->exec_file ? |
1045 |
++ gr_to_filename(task->exec_file->f_path.dentry, |
1046 |
++ task->exec_file->f_path.mnt) : curracl->filename, |
1047 |
++ curracl->filename, 0UL, |
1048 |
++ 0UL, "", (unsigned long) cap, &task->signal->saved_ip); |
1049 |
++ return 1; |
1050 |
++ } |
1051 |
++ |
1052 |
++ return 0; |
1053 |
++} |
1054 |
++ |
1055 |
+int |
1056 |
+gr_acl_is_capable(const int cap) |
1057 |
+{ |
1058 |
@@ -69615,19 +69638,13 @@ index 0000000..955ddfb |
1059 |
+ return 1; |
1060 |
+ } |
1061 |
+ |
1062 |
-+ curracl = task->acl; |
1063 |
-+ |
1064 |
-+ if ((curracl->mode & (GR_LEARN | GR_INHERITLEARN)) |
1065 |
-+ && cap_raised(cred->cap_effective, cap)) { |
1066 |
-+ security_learn(GR_LEARN_AUDIT_MSG, task->role->rolename, |
1067 |
-+ task->role->roletype, cred->uid, |
1068 |
-+ cred->gid, task->exec_file ? |
1069 |
-+ gr_to_filename(task->exec_file->f_path.dentry, |
1070 |
-+ task->exec_file->f_path.mnt) : curracl->filename, |
1071 |
-+ curracl->filename, 0UL, |
1072 |
-+ 0UL, "", (unsigned long) cap, &task->signal->saved_ip); |
1073 |
++ /* only learn the capability use if the process has the capability in the |
1074 |
++ general case, the two uses in sys.c of gr_learn_cap are an exception |
1075 |
++ to this rule to ensure any role transition involves what the full-learned |
1076 |
++ policy believes in a privileged process |
1077 |
++ */ |
1078 |
++ if (cap_raised(cred->cap_effective, cap) && gr_learn_cap(task, cred, cap)) |
1079 |
+ return 1; |
1080 |
-+ } |
1081 |
+ |
1082 |
+ if ((cap >= 0) && (cap < captab_log_entries) && cap_raised(cred->cap_effective, cap) && !cap_raised(cap_audit, cap)) |
1083 |
+ gr_log_cap(GR_DONT_AUDIT, GR_CAP_ACL_MSG, task, captab_log[cap]); |
1084 |
@@ -73616,10 +73633,10 @@ index 0000000..60b786f |
1085 |
+} |
1086 |
diff --git a/grsecurity/grsec_disabled.c b/grsecurity/grsec_disabled.c |
1087 |
new file mode 100644 |
1088 |
-index 0000000..dcc6b9f |
1089 |
+index 0000000..a9ab1fe |
1090 |
--- /dev/null |
1091 |
+++ b/grsecurity/grsec_disabled.c |
1092 |
-@@ -0,0 +1,441 @@ |
1093 |
+@@ -0,0 +1,447 @@ |
1094 |
+#include <linux/kernel.h> |
1095 |
+#include <linux/module.h> |
1096 |
+#include <linux/sched.h> |
1097 |
@@ -73661,6 +73678,12 @@ index 0000000..dcc6b9f |
1098 |
+ return 0; |
1099 |
+} |
1100 |
+ |
1101 |
++int |
1102 |
++gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap) |
1103 |
++{ |
1104 |
++ return 0; |
1105 |
++} |
1106 |
++ |
1107 |
+void |
1108 |
+gr_handle_proc_create(const struct dentry *dentry, const struct inode *inode) |
1109 |
+{ |
1110 |
@@ -76284,10 +76307,10 @@ index 0000000..61b514e |
1111 |
+EXPORT_SYMBOL_GPL(gr_log_timechange); |
1112 |
diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c |
1113 |
new file mode 100644 |
1114 |
-index 0000000..07e0dc0 |
1115 |
+index 0000000..1b915bb |
1116 |
--- /dev/null |
1117 |
+++ b/grsecurity/grsec_tpe.c |
1118 |
-@@ -0,0 +1,73 @@ |
1119 |
+@@ -0,0 +1,78 @@ |
1120 |
+#include <linux/kernel.h> |
1121 |
+#include <linux/sched.h> |
1122 |
+#include <linux/file.h> |
1123 |
@@ -76301,6 +76324,7 @@ index 0000000..07e0dc0 |
1124 |
+{ |
1125 |
+#ifdef CONFIG_GRKERNSEC |
1126 |
+ struct inode *inode = file->f_path.dentry->d_parent->d_inode; |
1127 |
++ struct inode *file_inode = file->f_path.dentry->d_inode; |
1128 |
+ const struct cred *cred = current_cred(); |
1129 |
+ char *msg = NULL; |
1130 |
+ char *msg2 = NULL; |
1131 |
@@ -76333,6 +76357,8 @@ index 0000000..07e0dc0 |
1132 |
+ msg2 = "file in world-writable directory"; |
1133 |
+ else if (inode->i_mode & S_IWGRP) |
1134 |
+ msg2 = "file in group-writable directory"; |
1135 |
++ else if (file_inode->i_mode & S_IWOTH) |
1136 |
++ msg2 = "file is world-writable"; |
1137 |
+ |
1138 |
+ if (msg && msg2) { |
1139 |
+ char fullmsg[70] = {0}; |
1140 |
@@ -76352,6 +76378,8 @@ index 0000000..07e0dc0 |
1141 |
+ msg = "file in world-writable directory"; |
1142 |
+ else if (inode->i_mode & S_IWGRP) |
1143 |
+ msg = "file in group-writable directory"; |
1144 |
++ else if (file_inode->i_mode & S_IWOTH) |
1145 |
++ msg = "file is world-writable"; |
1146 |
+ |
1147 |
+ if (msg) { |
1148 |
+ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, msg, file->f_path.dentry, file->f_path.mnt); |
1149 |
@@ -79656,10 +79684,10 @@ index 0000000..b02ba9d |
1150 |
+#define GR_MSRWRITE_MSG "denied write to CPU MSR by " |
1151 |
diff --git a/include/linux/grsecurity.h b/include/linux/grsecurity.h |
1152 |
new file mode 100644 |
1153 |
-index 0000000..bc1de4cb |
1154 |
+index 0000000..85351c8 |
1155 |
--- /dev/null |
1156 |
+++ b/include/linux/grsecurity.h |
1157 |
-@@ -0,0 +1,231 @@ |
1158 |
+@@ -0,0 +1,233 @@ |
1159 |
+#ifndef GR_SECURITY_H |
1160 |
+#define GR_SECURITY_H |
1161 |
+#include <linux/fs.h> |
1162 |
@@ -79697,6 +79725,8 @@ index 0000000..bc1de4cb |
1163 |
+int gr_check_user_change(int real, int effective, int fs); |
1164 |
+int gr_check_group_change(int real, int effective, int fs); |
1165 |
+ |
1166 |
++int gr_learn_cap(const struct task_struct *task, const struct cred *cred, const int cap); |
1167 |
++ |
1168 |
+void gr_del_task_from_ip_table(struct task_struct *p); |
1169 |
+ |
1170 |
+int gr_pid_is_chrooted(struct task_struct *p); |
1171 |
@@ -86268,10 +86298,25 @@ index b463871..59495fd 100644 |
1172 |
* nsown_capable - Check superior capability to one's own user_ns |
1173 |
* @cap: The capability in question |
1174 |
diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
1175 |
-index 93fc15e..6e62dfa 100644 |
1176 |
+index 93fc15e..94e383a 100644 |
1177 |
--- a/kernel/cgroup.c |
1178 |
+++ b/kernel/cgroup.c |
1179 |
-@@ -5169,7 +5169,7 @@ static int cgroup_css_links_read(struct cgroup *cont, |
1180 |
+@@ -4750,6 +4750,14 @@ static void cgroup_release_agent(struct work_struct *work) |
1181 |
+ release_list); |
1182 |
+ list_del_init(&cgrp->release_list); |
1183 |
+ raw_spin_unlock(&release_list_lock); |
1184 |
++ |
1185 |
++ /* |
1186 |
++ * don't bother calling call_usermodehelper if we haven't |
1187 |
++ * configured a binary to execute |
1188 |
++ */ |
1189 |
++ if (cgrp->root->release_agent_path[0] == '\0') |
1190 |
++ goto continue_free; |
1191 |
++ |
1192 |
+ pathbuf = kmalloc(PAGE_SIZE, GFP_KERNEL); |
1193 |
+ if (!pathbuf) |
1194 |
+ goto continue_free; |
1195 |
+@@ -5169,7 +5177,7 @@ static int cgroup_css_links_read(struct cgroup *cont, |
1196 |
struct css_set *cg = link->cg; |
1197 |
struct task_struct *task; |
1198 |
int count = 0; |
1199 |
@@ -91258,7 +91303,7 @@ index 2f194e9..2c05ea9 100644 |
1200 |
.priority = 10, |
1201 |
}; |
1202 |
diff --git a/kernel/sys.c b/kernel/sys.c |
1203 |
-index 9d557df..b2a5319 100644 |
1204 |
+index 9d557df..7207dae 100644 |
1205 |
--- a/kernel/sys.c |
1206 |
+++ b/kernel/sys.c |
1207 |
@@ -158,6 +158,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
1208 |
@@ -91274,17 +91319,28 @@ index 9d557df..b2a5319 100644 |
1209 |
no_nice = security_task_setnice(p, niceval); |
1210 |
if (no_nice) { |
1211 |
error = no_nice; |
1212 |
-@@ -597,6 +603,9 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) |
1213 |
+@@ -597,6 +603,20 @@ SYSCALL_DEFINE2(setregid, gid_t, rgid, gid_t, egid) |
1214 |
goto error; |
1215 |
} |
1216 |
|
1217 |
+ if (gr_check_group_change(new->gid, new->egid, -1)) |
1218 |
+ goto error; |
1219 |
+ |
1220 |
++ if (new->gid != old->gid) { |
1221 |
++ /* make sure we generate a learn log for what will |
1222 |
++ end up being a role transition after a full-learning |
1223 |
++ policy is generated |
1224 |
++ CAP_SETGID is required to perform a transition |
1225 |
++ we may not log a CAP_SETGID check above, e.g. |
1226 |
++ in the case where new rgid = old egid |
1227 |
++ */ |
1228 |
++ gr_learn_cap(current, new, CAP_SETGID); |
1229 |
++ } |
1230 |
++ |
1231 |
if (rgid != (gid_t) -1 || |
1232 |
(egid != (gid_t) -1 && egid != old->gid)) |
1233 |
new->sgid = new->egid; |
1234 |
-@@ -626,6 +635,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) |
1235 |
+@@ -626,6 +646,10 @@ SYSCALL_DEFINE1(setgid, gid_t, gid) |
1236 |
old = current_cred(); |
1237 |
|
1238 |
retval = -EPERM; |
1239 |
@@ -91295,7 +91351,7 @@ index 9d557df..b2a5319 100644 |
1240 |
if (nsown_capable(CAP_SETGID)) |
1241 |
new->gid = new->egid = new->sgid = new->fsgid = gid; |
1242 |
else if (gid == old->gid || gid == old->sgid) |
1243 |
-@@ -643,7 +656,7 @@ error: |
1244 |
+@@ -643,7 +667,7 @@ error: |
1245 |
/* |
1246 |
* change the user struct in a credentials set to match the new UID |
1247 |
*/ |
1248 |
@@ -91304,7 +91360,7 @@ index 9d557df..b2a5319 100644 |
1249 |
{ |
1250 |
struct user_struct *new_user; |
1251 |
|
1252 |
-@@ -713,6 +726,9 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) |
1253 |
+@@ -713,7 +737,18 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) |
1254 |
goto error; |
1255 |
} |
1256 |
|
1257 |
@@ -91312,9 +91368,18 @@ index 9d557df..b2a5319 100644 |
1258 |
+ goto error; |
1259 |
+ |
1260 |
if (new->uid != old->uid) { |
1261 |
++ /* make sure we generate a learn log for what will |
1262 |
++ end up being a role transition after a full-learning |
1263 |
++ policy is generated |
1264 |
++ CAP_SETUID is required to perform a transition |
1265 |
++ we may not log a CAP_SETUID check above, e.g. |
1266 |
++ in the case where new ruid = old euid |
1267 |
++ */ |
1268 |
++ gr_learn_cap(current, new, CAP_SETUID); |
1269 |
retval = set_user(new); |
1270 |
if (retval < 0) |
1271 |
-@@ -757,6 +773,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) |
1272 |
+ goto error; |
1273 |
+@@ -757,6 +792,12 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) |
1274 |
old = current_cred(); |
1275 |
|
1276 |
retval = -EPERM; |
1277 |
@@ -91327,7 +91392,7 @@ index 9d557df..b2a5319 100644 |
1278 |
if (nsown_capable(CAP_SETUID)) { |
1279 |
new->suid = new->uid = uid; |
1280 |
if (uid != old->uid) { |
1281 |
-@@ -811,6 +833,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
1282 |
+@@ -811,6 +852,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
1283 |
goto error; |
1284 |
} |
1285 |
|
1286 |
@@ -91337,7 +91402,7 @@ index 9d557df..b2a5319 100644 |
1287 |
if (ruid != (uid_t) -1) { |
1288 |
new->uid = ruid; |
1289 |
if (ruid != old->uid) { |
1290 |
-@@ -875,6 +900,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
1291 |
+@@ -875,6 +919,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
1292 |
goto error; |
1293 |
} |
1294 |
|
1295 |
@@ -91347,7 +91412,7 @@ index 9d557df..b2a5319 100644 |
1296 |
if (rgid != (gid_t) -1) |
1297 |
new->gid = rgid; |
1298 |
if (egid != (gid_t) -1) |
1299 |
-@@ -925,12 +953,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
1300 |
+@@ -925,12 +972,16 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
1301 |
uid == old->suid || uid == old->fsuid || |
1302 |
nsown_capable(CAP_SETUID)) { |
1303 |
if (uid != old_fsuid) { |
1304 |
@@ -91364,7 +91429,7 @@ index 9d557df..b2a5319 100644 |
1305 |
abort_creds(new); |
1306 |
return old_fsuid; |
1307 |
|
1308 |
-@@ -957,12 +989,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
1309 |
+@@ -957,12 +1008,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
1310 |
if (gid == old->gid || gid == old->egid || |
1311 |
gid == old->sgid || gid == old->fsgid || |
1312 |
nsown_capable(CAP_SETGID)) { |
1313 |
@@ -91381,7 +91446,7 @@ index 9d557df..b2a5319 100644 |
1314 |
abort_creds(new); |
1315 |
return old_fsgid; |
1316 |
|
1317 |
-@@ -1270,19 +1306,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
1318 |
+@@ -1270,19 +1325,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
1319 |
return -EFAULT; |
1320 |
|
1321 |
down_read(&uts_sem); |
1322 |
@@ -91406,7 +91471,7 @@ index 9d557df..b2a5319 100644 |
1323 |
__OLD_UTS_LEN); |
1324 |
error |= __put_user(0, name->machine + __OLD_UTS_LEN); |
1325 |
up_read(&uts_sem); |
1326 |
-@@ -1484,6 +1520,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, |
1327 |
+@@ -1484,6 +1539,13 @@ int do_prlimit(struct task_struct *tsk, unsigned int resource, |
1328 |
*/ |
1329 |
new_rlim->rlim_cur = 1; |
1330 |
} |
1331 |
@@ -91420,7 +91485,7 @@ index 9d557df..b2a5319 100644 |
1332 |
} |
1333 |
if (!retval) { |
1334 |
if (old_rlim) |
1335 |
-@@ -1747,7 +1790,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1336 |
+@@ -1747,7 +1809,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1337 |
error = get_dumpable(me->mm); |
1338 |
break; |
1339 |
case PR_SET_DUMPABLE: |
1340 |
@@ -91429,7 +91494,7 @@ index 9d557df..b2a5319 100644 |
1341 |
error = -EINVAL; |
1342 |
break; |
1343 |
} |
1344 |
-@@ -1808,7 +1851,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1345 |
+@@ -1808,7 +1870,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1346 |
error = prctl_get_seccomp(); |
1347 |
break; |
1348 |
case PR_SET_SECCOMP: |
1349 |
@@ -91438,7 +91503,7 @@ index 9d557df..b2a5319 100644 |
1350 |
break; |
1351 |
case PR_GET_TSC: |
1352 |
error = GET_TSC_CTL(arg2); |
1353 |
-@@ -1868,6 +1911,16 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1354 |
+@@ -1868,6 +1930,16 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1355 |
else |
1356 |
error = PR_MCE_KILL_DEFAULT; |
1357 |
break; |
1358 |
@@ -95492,7 +95557,7 @@ index 1ffd97a..240aa20 100644 |
1359 |
int mminit_loglevel; |
1360 |
|
1361 |
diff --git a/mm/mmap.c b/mm/mmap.c |
1362 |
-index 6182c8a..7d532cf 100644 |
1363 |
+index 6182c8a..9476c8e 100644 |
1364 |
--- a/mm/mmap.c |
1365 |
+++ b/mm/mmap.c |
1366 |
@@ -30,6 +30,7 @@ |
1367 |
@@ -95564,15 +95629,20 @@ index 6182c8a..7d532cf 100644 |
1368 |
if (vma->vm_ops && vma->vm_ops->close) |
1369 |
vma->vm_ops->close(vma); |
1370 |
if (vma->vm_file) { |
1371 |
-@@ -272,6 +294,7 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) |
1372 |
+@@ -272,6 +294,12 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) |
1373 |
* not page aligned -Ram Gupta |
1374 |
*/ |
1375 |
rlim = rlimit(RLIMIT_DATA); |
1376 |
++#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP |
1377 |
++ /* force a minimum 16MB brk heap on setuid/setgid binaries */ |
1378 |
++ if (rlim < PAGE_SIZE && (get_dumpable(mm) != SUID_DUMPABLE_ENABLED) && current_uid()) |
1379 |
++ rlim = 4096 * PAGE_SIZE; |
1380 |
++#endif |
1381 |
+ gr_learn_resource(current, RLIMIT_DATA, (brk - mm->start_brk) + (mm->end_data - mm->start_data), 1); |
1382 |
if (rlim < RLIM_INFINITY && (brk - mm->start_brk) + |
1383 |
(mm->end_data - mm->start_data) > rlim) |
1384 |
goto out; |
1385 |
-@@ -689,6 +712,12 @@ static int |
1386 |
+@@ -689,6 +717,12 @@ static int |
1387 |
can_vma_merge_before(struct vm_area_struct *vma, unsigned long vm_flags, |
1388 |
struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) |
1389 |
{ |
1390 |
@@ -95585,7 +95655,7 @@ index 6182c8a..7d532cf 100644 |
1391 |
if (is_mergeable_vma(vma, file, vm_flags) && |
1392 |
is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { |
1393 |
if (vma->vm_pgoff == vm_pgoff) |
1394 |
-@@ -708,6 +737,12 @@ static int |
1395 |
+@@ -708,6 +742,12 @@ static int |
1396 |
can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
1397 |
struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff) |
1398 |
{ |
1399 |
@@ -95598,7 +95668,7 @@ index 6182c8a..7d532cf 100644 |
1400 |
if (is_mergeable_vma(vma, file, vm_flags) && |
1401 |
is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { |
1402 |
pgoff_t vm_pglen; |
1403 |
-@@ -750,13 +785,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
1404 |
+@@ -750,13 +790,20 @@ can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, |
1405 |
struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1406 |
struct vm_area_struct *prev, unsigned long addr, |
1407 |
unsigned long end, unsigned long vm_flags, |
1408 |
@@ -95620,7 +95690,7 @@ index 6182c8a..7d532cf 100644 |
1409 |
/* |
1410 |
* We later require that vma->vm_flags == vm_flags, |
1411 |
* so this tests vma->vm_flags & VM_SPECIAL, too. |
1412 |
-@@ -772,6 +814,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1413 |
+@@ -772,6 +819,15 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1414 |
if (next && next->vm_end == end) /* cases 6, 7, 8 */ |
1415 |
next = next->vm_next; |
1416 |
|
1417 |
@@ -95636,7 +95706,7 @@ index 6182c8a..7d532cf 100644 |
1418 |
/* |
1419 |
* Can it merge with the predecessor? |
1420 |
*/ |
1421 |
-@@ -791,9 +842,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1422 |
+@@ -791,9 +847,24 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1423 |
/* cases 1, 6 */ |
1424 |
err = vma_adjust(prev, prev->vm_start, |
1425 |
next->vm_end, prev->vm_pgoff, NULL); |
1426 |
@@ -95662,7 +95732,7 @@ index 6182c8a..7d532cf 100644 |
1427 |
if (err) |
1428 |
return NULL; |
1429 |
khugepaged_enter_vma_merge(prev); |
1430 |
-@@ -807,12 +873,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1431 |
+@@ -807,12 +878,27 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, |
1432 |
mpol_equal(policy, vma_policy(next)) && |
1433 |
can_vma_merge_before(next, vm_flags, |
1434 |
anon_vma, file, pgoff+pglen)) { |
1435 |
@@ -95692,7 +95762,7 @@ index 6182c8a..7d532cf 100644 |
1436 |
if (err) |
1437 |
return NULL; |
1438 |
khugepaged_enter_vma_merge(area); |
1439 |
-@@ -921,15 +1002,22 @@ none: |
1440 |
+@@ -921,15 +1007,22 @@ none: |
1441 |
void vm_stat_account(struct mm_struct *mm, unsigned long flags, |
1442 |
struct file *file, long pages) |
1443 |
{ |
1444 |
@@ -95718,7 +95788,7 @@ index 6182c8a..7d532cf 100644 |
1445 |
if (flags & (VM_RESERVED|VM_IO)) |
1446 |
mm->reserved_vm += pages; |
1447 |
} |
1448 |
-@@ -955,7 +1043,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1449 |
+@@ -955,7 +1048,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1450 |
* (the exception is when the underlying filesystem is noexec |
1451 |
* mounted, in which case we dont add PROT_EXEC.) |
1452 |
*/ |
1453 |
@@ -95727,7 +95797,7 @@ index 6182c8a..7d532cf 100644 |
1454 |
if (!(file && (file->f_path.mnt->mnt_flags & MNT_NOEXEC))) |
1455 |
prot |= PROT_EXEC; |
1456 |
|
1457 |
-@@ -981,7 +1069,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1458 |
+@@ -981,7 +1074,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1459 |
/* Obtain the address to map to. we verify (or select) it and ensure |
1460 |
* that it represents a valid section of the address space. |
1461 |
*/ |
1462 |
@@ -95736,7 +95806,7 @@ index 6182c8a..7d532cf 100644 |
1463 |
if (addr & ~PAGE_MASK) |
1464 |
return addr; |
1465 |
|
1466 |
-@@ -992,6 +1080,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1467 |
+@@ -992,6 +1085,43 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1468 |
vm_flags = calc_vm_prot_bits(prot) | calc_vm_flag_bits(flags) | |
1469 |
mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; |
1470 |
|
1471 |
@@ -95780,7 +95850,7 @@ index 6182c8a..7d532cf 100644 |
1472 |
if (flags & MAP_LOCKED) |
1473 |
if (!can_do_mlock()) |
1474 |
return -EPERM; |
1475 |
-@@ -1003,6 +1128,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1476 |
+@@ -1003,6 +1133,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1477 |
locked += mm->locked_vm; |
1478 |
lock_limit = rlimit(RLIMIT_MEMLOCK); |
1479 |
lock_limit >>= PAGE_SHIFT; |
1480 |
@@ -95788,7 +95858,7 @@ index 6182c8a..7d532cf 100644 |
1481 |
if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
1482 |
return -EAGAIN; |
1483 |
} |
1484 |
-@@ -1073,6 +1199,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1485 |
+@@ -1073,6 +1204,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
1486 |
if (error) |
1487 |
return error; |
1488 |
|
1489 |
@@ -95798,7 +95868,7 @@ index 6182c8a..7d532cf 100644 |
1490 |
return mmap_region(file, addr, len, flags, vm_flags, pgoff); |
1491 |
} |
1492 |
EXPORT_SYMBOL(do_mmap_pgoff); |
1493 |
-@@ -1153,7 +1282,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) |
1494 |
+@@ -1153,7 +1287,7 @@ int vma_wants_writenotify(struct vm_area_struct *vma) |
1495 |
vm_flags_t vm_flags = vma->vm_flags; |
1496 |
|
1497 |
/* If it was private or non-writable, the write bit is already clear */ |
1498 |
@@ -95807,7 +95877,7 @@ index 6182c8a..7d532cf 100644 |
1499 |
return 0; |
1500 |
|
1501 |
/* The backer wishes to know when pages are first written to? */ |
1502 |
-@@ -1202,17 +1331,32 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
1503 |
+@@ -1202,17 +1336,32 @@ unsigned long mmap_region(struct file *file, unsigned long addr, |
1504 |
unsigned long charged = 0; |
1505 |
struct inode *inode = file ? file->f_path.dentry->d_inode : NULL; |
1506 |
|
1507 |
@@ -95842,7 +95912,7 @@ index 6182c8a..7d532cf 100644 |
1508 |
if (!may_expand_vm(mm, len >> PAGE_SHIFT)) |
1509 |
return -ENOMEM; |
1510 |
|
1511 |
-@@ -1258,6 +1402,16 @@ munmap_back: |
1512 |
+@@ -1258,6 +1407,16 @@ munmap_back: |
1513 |
goto unacct_error; |
1514 |
} |
1515 |
|
1516 |
@@ -95859,7 +95929,7 @@ index 6182c8a..7d532cf 100644 |
1517 |
vma->vm_mm = mm; |
1518 |
vma->vm_start = addr; |
1519 |
vma->vm_end = addr + len; |
1520 |
-@@ -1266,8 +1420,9 @@ munmap_back: |
1521 |
+@@ -1266,8 +1425,9 @@ munmap_back: |
1522 |
vma->vm_pgoff = pgoff; |
1523 |
INIT_LIST_HEAD(&vma->anon_vma_chain); |
1524 |
|
1525 |
@@ -95870,7 +95940,7 @@ index 6182c8a..7d532cf 100644 |
1526 |
if (vm_flags & (VM_GROWSDOWN|VM_GROWSUP)) |
1527 |
goto free_vma; |
1528 |
if (vm_flags & VM_DENYWRITE) { |
1529 |
-@@ -1281,6 +1436,19 @@ munmap_back: |
1530 |
+@@ -1281,6 +1441,19 @@ munmap_back: |
1531 |
error = file->f_op->mmap(file, vma); |
1532 |
if (error) |
1533 |
goto unmap_and_free_vma; |
1534 |
@@ -95890,7 +95960,7 @@ index 6182c8a..7d532cf 100644 |
1535 |
if (vm_flags & VM_EXECUTABLE) |
1536 |
added_exe_file_vma(mm); |
1537 |
|
1538 |
-@@ -1293,6 +1461,8 @@ munmap_back: |
1539 |
+@@ -1293,6 +1466,8 @@ munmap_back: |
1540 |
pgoff = vma->vm_pgoff; |
1541 |
vm_flags = vma->vm_flags; |
1542 |
} else if (vm_flags & VM_SHARED) { |
1543 |
@@ -95899,7 +95969,7 @@ index 6182c8a..7d532cf 100644 |
1544 |
error = shmem_zero_setup(vma); |
1545 |
if (error) |
1546 |
goto free_vma; |
1547 |
-@@ -1316,14 +1486,19 @@ munmap_back: |
1548 |
+@@ -1316,14 +1491,19 @@ munmap_back: |
1549 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
1550 |
file = vma->vm_file; |
1551 |
|
1552 |
@@ -95920,7 +95990,7 @@ index 6182c8a..7d532cf 100644 |
1553 |
if (vm_flags & VM_LOCKED) { |
1554 |
if (!mlock_vma_pages_range(vma, addr, addr + len)) |
1555 |
mm->locked_vm += (len >> PAGE_SHIFT); |
1556 |
-@@ -1341,6 +1516,12 @@ unmap_and_free_vma: |
1557 |
+@@ -1341,6 +1521,12 @@ unmap_and_free_vma: |
1558 |
unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end); |
1559 |
charged = 0; |
1560 |
free_vma: |
1561 |
@@ -95933,7 +96003,7 @@ index 6182c8a..7d532cf 100644 |
1562 |
kmem_cache_free(vm_area_cachep, vma); |
1563 |
unacct_error: |
1564 |
if (charged) |
1565 |
-@@ -1348,6 +1529,73 @@ unacct_error: |
1566 |
+@@ -1348,6 +1534,73 @@ unacct_error: |
1567 |
return error; |
1568 |
} |
1569 |
|
1570 |
@@ -96007,7 +96077,7 @@ index 6182c8a..7d532cf 100644 |
1571 |
/* Get an address range which is currently unmapped. |
1572 |
* For shmat() with addr=0. |
1573 |
* |
1574 |
-@@ -1367,6 +1615,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
1575 |
+@@ -1367,6 +1620,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
1576 |
struct mm_struct *mm = current->mm; |
1577 |
struct vm_area_struct *vma; |
1578 |
unsigned long start_addr; |
1579 |
@@ -96015,7 +96085,7 @@ index 6182c8a..7d532cf 100644 |
1580 |
|
1581 |
if (len > TASK_SIZE - mmap_min_addr) |
1582 |
return -ENOMEM; |
1583 |
-@@ -1374,18 +1623,23 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
1584 |
+@@ -1374,18 +1628,23 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
1585 |
if (flags & MAP_FIXED) |
1586 |
return addr; |
1587 |
|
1588 |
@@ -96046,7 +96116,7 @@ index 6182c8a..7d532cf 100644 |
1589 |
} |
1590 |
|
1591 |
full_search: |
1592 |
-@@ -1396,34 +1650,40 @@ full_search: |
1593 |
+@@ -1396,34 +1655,40 @@ full_search: |
1594 |
* Start a new search - just in case we missed |
1595 |
* some holes. |
1596 |
*/ |
1597 |
@@ -96098,7 +96168,7 @@ index 6182c8a..7d532cf 100644 |
1598 |
mm->free_area_cache = addr; |
1599 |
mm->cached_hole_size = ~0UL; |
1600 |
} |
1601 |
-@@ -1441,7 +1701,8 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1602 |
+@@ -1441,7 +1706,8 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1603 |
{ |
1604 |
struct vm_area_struct *vma; |
1605 |
struct mm_struct *mm = current->mm; |
1606 |
@@ -96108,7 +96178,7 @@ index 6182c8a..7d532cf 100644 |
1607 |
unsigned long low_limit = max(PAGE_SIZE, mmap_min_addr); |
1608 |
|
1609 |
/* requested length too big for entire address space */ |
1610 |
-@@ -1451,13 +1712,18 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1611 |
+@@ -1451,13 +1717,18 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1612 |
if (flags & MAP_FIXED) |
1613 |
return addr; |
1614 |
|
1615 |
@@ -96131,7 +96201,7 @@ index 6182c8a..7d532cf 100644 |
1616 |
} |
1617 |
|
1618 |
/* check if free_area_cache is useful for us */ |
1619 |
-@@ -1471,10 +1737,11 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1620 |
+@@ -1471,10 +1742,11 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1621 |
|
1622 |
/* make sure it can fit in the remaining address space */ |
1623 |
if (addr >= low_limit + len) { |
1624 |
@@ -96146,7 +96216,7 @@ index 6182c8a..7d532cf 100644 |
1625 |
} |
1626 |
|
1627 |
if (mm->mmap_base < low_limit + len) |
1628 |
-@@ -1489,7 +1756,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1629 |
+@@ -1489,7 +1761,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1630 |
* return with success: |
1631 |
*/ |
1632 |
vma = find_vma(mm, addr); |
1633 |
@@ -96155,7 +96225,7 @@ index 6182c8a..7d532cf 100644 |
1634 |
/* remember the address as a hint for next time */ |
1635 |
return (mm->free_area_cache = addr); |
1636 |
|
1637 |
-@@ -1498,8 +1765,8 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1638 |
+@@ -1498,8 +1770,8 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
1639 |
mm->cached_hole_size = vma->vm_start - addr; |
1640 |
|
1641 |
/* try just below the current vma->vm_start */ |
1642 |
@@ -96166,7 +96236,7 @@ index 6182c8a..7d532cf 100644 |
1643 |
|
1644 |
bottomup: |
1645 |
/* |
1646 |
-@@ -1508,13 +1775,21 @@ bottomup: |
1647 |
+@@ -1508,13 +1780,21 @@ bottomup: |
1648 |
* can happen with large stack limits and large mmap() |
1649 |
* allocations. |
1650 |
*/ |
1651 |
@@ -96190,7 +96260,7 @@ index 6182c8a..7d532cf 100644 |
1652 |
mm->cached_hole_size = ~0UL; |
1653 |
|
1654 |
return addr; |
1655 |
-@@ -1523,6 +1798,12 @@ bottomup: |
1656 |
+@@ -1523,6 +1803,12 @@ bottomup: |
1657 |
|
1658 |
void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) |
1659 |
{ |
1660 |
@@ -96203,7 +96273,7 @@ index 6182c8a..7d532cf 100644 |
1661 |
/* |
1662 |
* Is this a new hole at the highest possible address? |
1663 |
*/ |
1664 |
-@@ -1530,8 +1811,10 @@ void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) |
1665 |
+@@ -1530,8 +1816,10 @@ void arch_unmap_area_topdown(struct mm_struct *mm, unsigned long addr) |
1666 |
mm->free_area_cache = addr; |
1667 |
|
1668 |
/* dont allow allocations above current base */ |
1669 |
@@ -96215,7 +96285,7 @@ index 6182c8a..7d532cf 100644 |
1670 |
} |
1671 |
|
1672 |
unsigned long |
1673 |
-@@ -1604,40 +1887,50 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) |
1674 |
+@@ -1604,40 +1892,50 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr) |
1675 |
|
1676 |
EXPORT_SYMBOL(find_vma); |
1677 |
|
1678 |
@@ -96291,7 +96361,7 @@ index 6182c8a..7d532cf 100644 |
1679 |
|
1680 |
/* |
1681 |
* Verify that the stack growth is acceptable and |
1682 |
-@@ -1655,6 +1948,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1683 |
+@@ -1655,6 +1953,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1684 |
return -ENOMEM; |
1685 |
|
1686 |
/* Stack limit test */ |
1687 |
@@ -96299,7 +96369,7 @@ index 6182c8a..7d532cf 100644 |
1688 |
if (size > ACCESS_ONCE(rlim[RLIMIT_STACK].rlim_cur)) |
1689 |
return -ENOMEM; |
1690 |
|
1691 |
-@@ -1665,6 +1959,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1692 |
+@@ -1665,6 +1964,7 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1693 |
locked = mm->locked_vm + grow; |
1694 |
limit = ACCESS_ONCE(rlim[RLIMIT_MEMLOCK].rlim_cur); |
1695 |
limit >>= PAGE_SHIFT; |
1696 |
@@ -96307,7 +96377,7 @@ index 6182c8a..7d532cf 100644 |
1697 |
if (locked > limit && !capable(CAP_IPC_LOCK)) |
1698 |
return -ENOMEM; |
1699 |
} |
1700 |
-@@ -1683,7 +1978,6 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1701 |
+@@ -1683,7 +1983,6 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1702 |
return -ENOMEM; |
1703 |
|
1704 |
/* Ok, everything looks good - let it rip */ |
1705 |
@@ -96315,7 +96385,7 @@ index 6182c8a..7d532cf 100644 |
1706 |
if (vma->vm_flags & VM_LOCKED) |
1707 |
mm->locked_vm += grow; |
1708 |
vm_stat_account(mm, vma->vm_flags, vma->vm_file, grow); |
1709 |
-@@ -1695,37 +1989,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1710 |
+@@ -1695,37 +1994,48 @@ static int acct_stack_growth(struct vm_area_struct *vma, unsigned long size, uns |
1711 |
* PA-RISC uses this for its stack; IA64 for its Register Backing Store. |
1712 |
* vma is the last one with address > vma->vm_end. Have to extend vma. |
1713 |
*/ |
1714 |
@@ -96373,7 +96443,7 @@ index 6182c8a..7d532cf 100644 |
1715 |
unsigned long size, grow; |
1716 |
|
1717 |
size = address - vma->vm_start; |
1718 |
-@@ -1740,6 +2045,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) |
1719 |
+@@ -1740,6 +2050,8 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address) |
1720 |
} |
1721 |
} |
1722 |
} |
1723 |
@@ -96382,7 +96452,7 @@ index 6182c8a..7d532cf 100644 |
1724 |
vma_unlock_anon_vma(vma); |
1725 |
khugepaged_enter_vma_merge(vma); |
1726 |
return error; |
1727 |
-@@ -1753,6 +2060,8 @@ int expand_downwards(struct vm_area_struct *vma, |
1728 |
+@@ -1753,6 +2065,8 @@ int expand_downwards(struct vm_area_struct *vma, |
1729 |
unsigned long address) |
1730 |
{ |
1731 |
int error; |
1732 |
@@ -96391,7 +96461,7 @@ index 6182c8a..7d532cf 100644 |
1733 |
|
1734 |
/* |
1735 |
* We must make sure the anon_vma is allocated |
1736 |
-@@ -1766,6 +2075,15 @@ int expand_downwards(struct vm_area_struct *vma, |
1737 |
+@@ -1766,6 +2080,15 @@ int expand_downwards(struct vm_area_struct *vma, |
1738 |
if (error) |
1739 |
return error; |
1740 |
|
1741 |
@@ -96407,7 +96477,7 @@ index 6182c8a..7d532cf 100644 |
1742 |
vma_lock_anon_vma(vma); |
1743 |
|
1744 |
/* |
1745 |
-@@ -1775,9 +2093,17 @@ int expand_downwards(struct vm_area_struct *vma, |
1746 |
+@@ -1775,9 +2098,17 @@ int expand_downwards(struct vm_area_struct *vma, |
1747 |
*/ |
1748 |
|
1749 |
/* Somebody else might have raced and expanded it already */ |
1750 |
@@ -96426,7 +96496,7 @@ index 6182c8a..7d532cf 100644 |
1751 |
size = vma->vm_end - address; |
1752 |
grow = (vma->vm_start - address) >> PAGE_SHIFT; |
1753 |
|
1754 |
-@@ -1787,18 +2113,48 @@ int expand_downwards(struct vm_area_struct *vma, |
1755 |
+@@ -1787,18 +2118,48 @@ int expand_downwards(struct vm_area_struct *vma, |
1756 |
if (!error) { |
1757 |
vma->vm_start = address; |
1758 |
vma->vm_pgoff -= grow; |
1759 |
@@ -96475,7 +96545,7 @@ index 6182c8a..7d532cf 100644 |
1760 |
return expand_upwards(vma, address); |
1761 |
} |
1762 |
|
1763 |
-@@ -1821,6 +2177,14 @@ find_extend_vma(struct mm_struct *mm, unsigned long addr) |
1764 |
+@@ -1821,6 +2182,14 @@ find_extend_vma(struct mm_struct *mm, unsigned long addr) |
1765 |
#else |
1766 |
int expand_stack(struct vm_area_struct *vma, unsigned long address) |
1767 |
{ |
1768 |
@@ -96490,7 +96560,7 @@ index 6182c8a..7d532cf 100644 |
1769 |
return expand_downwards(vma, address); |
1770 |
} |
1771 |
|
1772 |
-@@ -1861,7 +2225,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) |
1773 |
+@@ -1861,7 +2230,13 @@ static void remove_vma_list(struct mm_struct *mm, struct vm_area_struct *vma) |
1774 |
do { |
1775 |
long nrpages = vma_pages(vma); |
1776 |
|
1777 |
@@ -96505,7 +96575,7 @@ index 6182c8a..7d532cf 100644 |
1778 |
vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages); |
1779 |
vma = remove_vma(vma); |
1780 |
} while (vma); |
1781 |
-@@ -1906,6 +2276,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, |
1782 |
+@@ -1906,6 +2281,16 @@ detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma, |
1783 |
insertion_point = (prev ? &prev->vm_next : &mm->mmap); |
1784 |
vma->vm_prev = NULL; |
1785 |
do { |
1786 |
@@ -96522,7 +96592,7 @@ index 6182c8a..7d532cf 100644 |
1787 |
rb_erase(&vma->vm_rb, &mm->mm_rb); |
1788 |
mm->map_count--; |
1789 |
tail_vma = vma; |
1790 |
-@@ -1934,14 +2314,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1791 |
+@@ -1934,14 +2319,33 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1792 |
struct vm_area_struct *new; |
1793 |
int err = -ENOMEM; |
1794 |
|
1795 |
@@ -96556,7 +96626,7 @@ index 6182c8a..7d532cf 100644 |
1796 |
/* most fields are the same, copy all, and then fixup */ |
1797 |
*new = *vma; |
1798 |
|
1799 |
-@@ -1954,6 +2353,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1800 |
+@@ -1954,6 +2358,22 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1801 |
new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT); |
1802 |
} |
1803 |
|
1804 |
@@ -96579,7 +96649,7 @@ index 6182c8a..7d532cf 100644 |
1805 |
pol = mpol_dup(vma_policy(vma)); |
1806 |
if (IS_ERR(pol)) { |
1807 |
err = PTR_ERR(pol); |
1808 |
-@@ -1979,6 +2394,42 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1809 |
+@@ -1979,6 +2399,42 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1810 |
else |
1811 |
err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); |
1812 |
|
1813 |
@@ -96622,7 +96692,7 @@ index 6182c8a..7d532cf 100644 |
1814 |
/* Success. */ |
1815 |
if (!err) |
1816 |
return 0; |
1817 |
-@@ -1991,10 +2442,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1818 |
+@@ -1991,10 +2447,18 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1819 |
removed_exe_file_vma(mm); |
1820 |
fput(new->vm_file); |
1821 |
} |
1822 |
@@ -96642,7 +96712,7 @@ index 6182c8a..7d532cf 100644 |
1823 |
kmem_cache_free(vm_area_cachep, new); |
1824 |
out_err: |
1825 |
return err; |
1826 |
-@@ -2007,6 +2466,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1827 |
+@@ -2007,6 +2471,15 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma, |
1828 |
int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
1829 |
unsigned long addr, int new_below) |
1830 |
{ |
1831 |
@@ -96658,7 +96728,7 @@ index 6182c8a..7d532cf 100644 |
1832 |
if (mm->map_count >= sysctl_max_map_count) |
1833 |
return -ENOMEM; |
1834 |
|
1835 |
-@@ -2018,11 +2486,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
1836 |
+@@ -2018,11 +2491,30 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, |
1837 |
* work. This now handles partial unmappings. |
1838 |
* Jeremy Fitzhardinge <jeremy@××××.org> |
1839 |
*/ |
1840 |
@@ -96689,7 +96759,7 @@ index 6182c8a..7d532cf 100644 |
1841 |
if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start) |
1842 |
return -EINVAL; |
1843 |
|
1844 |
-@@ -2097,6 +2584,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1845 |
+@@ -2097,6 +2589,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len) |
1846 |
/* Fix up all other VM information */ |
1847 |
remove_vma_list(mm, vma); |
1848 |
|
1849 |
@@ -96698,7 +96768,7 @@ index 6182c8a..7d532cf 100644 |
1850 |
return 0; |
1851 |
} |
1852 |
|
1853 |
-@@ -2109,22 +2598,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) |
1854 |
+@@ -2109,22 +2603,18 @@ SYSCALL_DEFINE2(munmap, unsigned long, addr, size_t, len) |
1855 |
|
1856 |
profile_munmap(addr); |
1857 |
|
1858 |
@@ -96727,7 +96797,7 @@ index 6182c8a..7d532cf 100644 |
1859 |
/* |
1860 |
* this is really a simplified "do_mmap". it only handles |
1861 |
* anonymous maps. eventually we may be able to do some |
1862 |
-@@ -2138,6 +2623,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1863 |
+@@ -2138,6 +2628,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1864 |
struct rb_node ** rb_link, * rb_parent; |
1865 |
pgoff_t pgoff = addr >> PAGE_SHIFT; |
1866 |
int error; |
1867 |
@@ -96735,7 +96805,7 @@ index 6182c8a..7d532cf 100644 |
1868 |
|
1869 |
len = PAGE_ALIGN(len); |
1870 |
if (!len) |
1871 |
-@@ -2149,16 +2635,30 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1872 |
+@@ -2149,16 +2640,30 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1873 |
|
1874 |
flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; |
1875 |
|
1876 |
@@ -96767,7 +96837,7 @@ index 6182c8a..7d532cf 100644 |
1877 |
locked += mm->locked_vm; |
1878 |
lock_limit = rlimit(RLIMIT_MEMLOCK); |
1879 |
lock_limit >>= PAGE_SHIFT; |
1880 |
-@@ -2175,22 +2675,22 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1881 |
+@@ -2175,22 +2680,22 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1882 |
/* |
1883 |
* Clear old maps. this also does some error checking for us |
1884 |
*/ |
1885 |
@@ -96794,7 +96864,7 @@ index 6182c8a..7d532cf 100644 |
1886 |
return -ENOMEM; |
1887 |
|
1888 |
/* Can we just expand an old private anonymous mapping? */ |
1889 |
-@@ -2204,7 +2704,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1890 |
+@@ -2204,7 +2709,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1891 |
*/ |
1892 |
vma = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); |
1893 |
if (!vma) { |
1894 |
@@ -96803,7 +96873,7 @@ index 6182c8a..7d532cf 100644 |
1895 |
return -ENOMEM; |
1896 |
} |
1897 |
|
1898 |
-@@ -2218,11 +2718,12 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1899 |
+@@ -2218,11 +2723,12 @@ unsigned long do_brk(unsigned long addr, unsigned long len) |
1900 |
vma_link(mm, vma, prev, rb_link, rb_parent); |
1901 |
out: |
1902 |
perf_event_mmap(vma); |
1903 |
@@ -96818,7 +96888,7 @@ index 6182c8a..7d532cf 100644 |
1904 |
return addr; |
1905 |
} |
1906 |
|
1907 |
-@@ -2269,8 +2770,10 @@ void exit_mmap(struct mm_struct *mm) |
1908 |
+@@ -2269,8 +2775,10 @@ void exit_mmap(struct mm_struct *mm) |
1909 |
* Walk the list again, actually closing and freeing it, |
1910 |
* with preemption enabled, without holding any MM locks. |
1911 |
*/ |
1912 |
@@ -96830,7 +96900,7 @@ index 6182c8a..7d532cf 100644 |
1913 |
|
1914 |
BUG_ON(mm->nr_ptes > (FIRST_USER_ADDRESS+PMD_SIZE-1)>>PMD_SHIFT); |
1915 |
} |
1916 |
-@@ -2284,6 +2787,13 @@ int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma) |
1917 |
+@@ -2284,6 +2792,13 @@ int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma) |
1918 |
struct vm_area_struct * __vma, * prev; |
1919 |
struct rb_node ** rb_link, * rb_parent; |
1920 |
|
1921 |
@@ -96844,7 +96914,7 @@ index 6182c8a..7d532cf 100644 |
1922 |
/* |
1923 |
* The vm_pgoff of a purely anonymous vma should be irrelevant |
1924 |
* until its first write fault, when page's anon_vma and index |
1925 |
-@@ -2306,7 +2816,22 @@ int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma) |
1926 |
+@@ -2306,7 +2821,22 @@ int insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma) |
1927 |
if ((vma->vm_flags & VM_ACCOUNT) && |
1928 |
security_vm_enough_memory_mm(mm, vma_pages(vma))) |
1929 |
return -ENOMEM; |
1930 |
@@ -96867,7 +96937,7 @@ index 6182c8a..7d532cf 100644 |
1931 |
return 0; |
1932 |
} |
1933 |
|
1934 |
-@@ -2324,6 +2849,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
1935 |
+@@ -2324,6 +2854,8 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
1936 |
struct rb_node **rb_link, *rb_parent; |
1937 |
struct mempolicy *pol; |
1938 |
|
1939 |
@@ -96876,7 +96946,7 @@ index 6182c8a..7d532cf 100644 |
1940 |
/* |
1941 |
* If anonymous vma has not yet been faulted, update new pgoff |
1942 |
* to match new location, to increase its chance of merging. |
1943 |
-@@ -2374,6 +2901,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
1944 |
+@@ -2374,6 +2906,39 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, |
1945 |
return NULL; |
1946 |
} |
1947 |
|
1948 |
@@ -96916,7 +96986,7 @@ index 6182c8a..7d532cf 100644 |
1949 |
/* |
1950 |
* Return true if the calling process may expand its vm space by the passed |
1951 |
* number of pages |
1952 |
-@@ -2385,6 +2945,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) |
1953 |
+@@ -2385,6 +2950,7 @@ int may_expand_vm(struct mm_struct *mm, unsigned long npages) |
1954 |
|
1955 |
lim = rlimit(RLIMIT_AS) >> PAGE_SHIFT; |
1956 |
|
1957 |
@@ -96924,7 +96994,7 @@ index 6182c8a..7d532cf 100644 |
1958 |
if (cur + npages > lim) |
1959 |
return 0; |
1960 |
return 1; |
1961 |
-@@ -2455,6 +3016,22 @@ int install_special_mapping(struct mm_struct *mm, |
1962 |
+@@ -2455,6 +3021,22 @@ int install_special_mapping(struct mm_struct *mm, |
1963 |
vma->vm_start = addr; |
1964 |
vma->vm_end = addr + len; |
1965 |
|
1966 |
@@ -107303,16 +107373,6 @@ index ede01a8..756e6bd 100644 |
1967 |
if (err) |
1968 |
goto out; |
1969 |
|
1970 |
-diff --git a/scripts/Makefile b/scripts/Makefile |
1971 |
-index 3626666..4d873cd 100644 |
1972 |
---- a/scripts/Makefile |
1973 |
-+++ b/scripts/Makefile |
1974 |
-@@ -35,3 +35,5 @@ subdir-$(CONFIG_DTC) += dtc |
1975 |
- |
1976 |
- # Let clean descend into subdirs |
1977 |
- subdir- += basic kconfig package selinux |
1978 |
-+ |
1979 |
-+clean-files := randstruct.seed |
1980 |
diff --git a/scripts/Makefile.build b/scripts/Makefile.build |
1981 |
index d2b366c1..2d5a6f8 100644 |
1982 |
--- a/scripts/Makefile.build |