1 |
commit: d0f5a1fd5156db1a80a90399125b39498f4b6660 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Nov 9 15:13:39 2013 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 9 15:13:39 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=d0f5a1fd |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.61,3.2.52,3.11.7}-201311071634 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.9.1-2.6.32.61-201311071632.patch} | 98 ++- |
13 |
2.6.32/4450_grsec-kconfig-default-gids.patch | 8 +- |
14 |
2.6.32/4475_emutramp_default_on.patch | 2 +- |
15 |
{3.11.6 => 3.11.7}/0000_README | 2 +- |
16 |
...4420_grsecurity-2.9.1-3.11.7-201311071634.patch | 885 ++++++--------------- |
17 |
{3.11.6 => 3.11.7}/4425_grsec_remove_EI_PAX.patch | 2 +- |
18 |
.../4427_force_XATTR_PAX_tmpfs.patch | 0 |
19 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
20 |
{3.11.6 => 3.11.7}/4435_grsec-mute-warnings.patch | 0 |
21 |
.../4440_grsec-remove-protected-paths.patch | 0 |
22 |
.../4450_grsec-kconfig-default-gids.patch | 8 +- |
23 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
24 |
{3.11.6 => 3.11.7}/4470_disable-compat_vdso.patch | 0 |
25 |
{3.11.6 => 3.11.7}/4475_emutramp_default_on.patch | 2 +- |
26 |
3.2.52/0000_README | 2 +- |
27 |
...420_grsecurity-2.9.1-3.2.52-201311071633.patch} | 127 ++- |
28 |
3.2.52/4425_grsec_remove_EI_PAX.patch | 2 +- |
29 |
3.2.52/4450_grsec-kconfig-default-gids.patch | 8 +- |
30 |
3.2.52/4470_disable-compat_vdso.patch | 2 +- |
31 |
3.2.52/4475_emutramp_default_on.patch | 2 +- |
32 |
21 files changed, 398 insertions(+), 754 deletions(-) |
33 |
|
34 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
35 |
index 2e904e0..b5c69e3 100644 |
36 |
--- a/2.6.32/0000_README |
37 |
+++ b/2.6.32/0000_README |
38 |
@@ -38,7 +38,7 @@ Patch: 1060_linux-2.6.32.61.patch |
39 |
From: http://www.kernel.org |
40 |
Desc: Linux 2.6.32.61 |
41 |
|
42 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.61-201310292048.patch |
43 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.61-201311071632.patch |
44 |
From: http://www.grsecurity.net |
45 |
Desc: hardened-sources base patch from upstream grsecurity |
46 |
|
47 |
|
48 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201310292048.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201311071632.patch |
49 |
similarity index 99% |
50 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201310292048.patch |
51 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201311071632.patch |
52 |
index 4220829..acf589b 100644 |
53 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201310292048.patch |
54 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.61-201311071632.patch |
55 |
@@ -110329,7 +110329,7 @@ index 9ecd6e8..12c94c1 100644 |
56 |
|
57 |
if (atomic_dec_and_test(&kref->refcount)) { |
58 |
diff --git a/lib/list_debug.c b/lib/list_debug.c |
59 |
-index 1a39f4e..bdc3153 100644 |
60 |
+index 1a39f4e..f5349ec 100644 |
61 |
--- a/lib/list_debug.c |
62 |
+++ b/lib/list_debug.c |
63 |
@@ -8,7 +8,9 @@ |
64 |
@@ -110342,68 +110342,85 @@ index 1a39f4e..bdc3153 100644 |
65 |
/* |
66 |
* Insert a new entry between two known consecutive entries. |
67 |
* |
68 |
-@@ -16,18 +18,31 @@ |
69 |
+@@ -16,18 +18,39 @@ |
70 |
* the prev/next entries already! |
71 |
*/ |
72 |
|
73 |
--void __list_add(struct list_head *new, |
74 |
-- struct list_head *prev, |
75 |
-- struct list_head *next) |
76 |
+static bool __list_add_debug(struct list_head *new, |
77 |
+ struct list_head *prev, |
78 |
+ struct list_head *next) |
79 |
- { |
80 |
-- WARN(next->prev != prev, |
81 |
-+ if (WARN(next->prev != prev, |
82 |
- "list_add corruption. next->prev should be " |
83 |
- "prev (%p), but was %p. (next=%p).\n", |
84 |
-- prev, next->prev, next); |
85 |
-- WARN(prev->next != next, |
86 |
-+ prev, next->prev, next) || |
87 |
-+ WARN(prev->next != next, |
88 |
- "list_add corruption. prev->next should be " |
89 |
- "next (%p), but was %p. (prev=%p).\n", |
90 |
-- next, prev->next, prev); |
91 |
-+ next, prev->next, prev) || |
92 |
-+ WARN(new == prev || new == next, |
93 |
-+ "list_add double add: new=%p, prev=%p, next=%p.\n", |
94 |
-+ new, prev, next)) |
95 |
++{ |
96 |
++ if (unlikely(next->prev != prev)) { |
97 |
++ printk(KERN_ERR "list_add corruption. next->prev should be " |
98 |
++ "prev (%p), but was %p. (next=%p).\n", |
99 |
++ prev, next->prev, next); |
100 |
++ BUG(); |
101 |
++ return false; |
102 |
++ } |
103 |
++ if (unlikely(prev->next != next)) { |
104 |
++ printk(KERN_ERR "list_add corruption. prev->next should be " |
105 |
++ "next (%p), but was %p. (prev=%p).\n", |
106 |
++ next, prev->next, prev); |
107 |
++ BUG(); |
108 |
++ return false; |
109 |
++ } |
110 |
++ if (unlikely(new == prev || new == next)) { |
111 |
++ printk(KERN_ERR "list_add double add: new=%p, prev=%p, next=%p.\n", |
112 |
++ new, prev, next); |
113 |
++ BUG(); |
114 |
+ return false; |
115 |
++ } |
116 |
+ return true; |
117 |
+} |
118 |
+ |
119 |
-+void __list_add(struct list_head *new, |
120 |
+ void __list_add(struct list_head *new, |
121 |
+- struct list_head *prev, |
122 |
+- struct list_head *next) |
123 |
+ struct list_head *prev, |
124 |
+ struct list_head *next) |
125 |
-+{ |
126 |
+ { |
127 |
+- WARN(next->prev != prev, |
128 |
+- "list_add corruption. next->prev should be " |
129 |
+- "prev (%p), but was %p. (next=%p).\n", |
130 |
+- prev, next->prev, next); |
131 |
+- WARN(prev->next != next, |
132 |
+- "list_add corruption. prev->next should be " |
133 |
+- "next (%p), but was %p. (prev=%p).\n", |
134 |
+- next, prev->next, prev); |
135 |
+ if (!__list_add_debug(new, prev, next)) |
136 |
+ return; |
137 |
next->prev = new; |
138 |
new->next = next; |
139 |
new->prev = prev; |
140 |
-@@ -41,16 +56,61 @@ EXPORT_SYMBOL(__list_add); |
141 |
+@@ -41,16 +64,66 @@ EXPORT_SYMBOL(__list_add); |
142 |
* Note: list_empty on entry does not return true after this, the entry is |
143 |
* in an undefined state. |
144 |
*/ |
145 |
--void list_del(struct list_head *entry) |
146 |
+static bool list_del_debug(struct list_head *entry) |
147 |
++{ |
148 |
++ if (unlikely(entry->prev->next != entry)) { |
149 |
++ printk(KERN_ERR "list_del corruption. prev->next should be %p, " |
150 |
++ "but was %p\n", entry, entry->prev->next); |
151 |
++ BUG(); |
152 |
++ return false; |
153 |
++ } |
154 |
++ if (unlikely(entry->next->prev != entry)) { |
155 |
++ printk(KERN_ERR "list_del corruption. next->prev should be %p, " |
156 |
++ "but was %p\n", entry, entry->next->prev); |
157 |
++ BUG(); |
158 |
++ return false; |
159 |
++ } |
160 |
++ return true; |
161 |
++} |
162 |
++ |
163 |
+ void list_del(struct list_head *entry) |
164 |
{ |
165 |
- WARN(entry->prev->next != entry, |
166 |
-+ if (WARN(entry->prev->next != entry, |
167 |
- "list_del corruption. prev->next should be %p, " |
168 |
+- "list_del corruption. prev->next should be %p, " |
169 |
- "but was %p\n", entry, entry->prev->next); |
170 |
- WARN(entry->next->prev != entry, |
171 |
-+ "but was %p\n", entry, entry->prev->next) || |
172 |
-+ WARN(entry->next->prev != entry, |
173 |
- "list_del corruption. next->prev should be %p, " |
174 |
+- "list_del corruption. next->prev should be %p, " |
175 |
- "but was %p\n", entry, entry->next->prev); |
176 |
-+ "but was %p\n", entry, entry->next->prev)) |
177 |
-+ return false; |
178 |
-+ return true; |
179 |
-+} |
180 |
-+ |
181 |
-+void list_del(struct list_head *entry) |
182 |
-+{ |
183 |
+ if (!list_del_debug(entry)) |
184 |
+ return; |
185 |
__list_del(entry->prev, entry->next); |
186 |
@@ -120586,10 +120603,10 @@ index d52f7a0..b66cdd9 100755 |
187 |
rm -f tags |
188 |
xtags ctags |
189 |
diff --git a/security/Kconfig b/security/Kconfig |
190 |
-index fb363cd..a869a1d 100644 |
191 |
+index fb363cd..1d2c23f 100644 |
192 |
--- a/security/Kconfig |
193 |
+++ b/security/Kconfig |
194 |
-@@ -4,6 +4,896 @@ |
195 |
+@@ -4,6 +4,897 @@ |
196 |
|
197 |
menu "Security options" |
198 |
|
199 |
@@ -120623,6 +120640,7 @@ index fb363cd..a869a1d 100644 |
200 |
+ select CRYPTO_SHA256 |
201 |
+ select PROC_FS |
202 |
+ select STOP_MACHINE |
203 |
++ select DEBUG_LIST |
204 |
+ help |
205 |
+ If you say Y here, you will be able to configure many features |
206 |
+ that will enhance the security of your system. It is highly |
207 |
@@ -121486,7 +121504,7 @@ index fb363cd..a869a1d 100644 |
208 |
config KEYS |
209 |
bool "Enable access key retention support" |
210 |
help |
211 |
-@@ -146,7 +1036,7 @@ config INTEL_TXT |
212 |
+@@ -146,7 +1037,7 @@ config INTEL_TXT |
213 |
config LSM_MMAP_MIN_ADDR |
214 |
int "Low address space for LSM to protect from user allocation" |
215 |
depends on SECURITY && SECURITY_SELINUX |
216 |
|
217 |
diff --git a/2.6.32/4450_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch |
218 |
index 3dfdc8f..2de7db1 100644 |
219 |
--- a/2.6.32/4450_grsec-kconfig-default-gids.patch |
220 |
+++ b/2.6.32/4450_grsec-kconfig-default-gids.patch |
221 |
@@ -73,7 +73,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
222 |
diff -Nuar a/security/Kconfig b/security/Kconfig |
223 |
--- a/security/Kconfig 2012-10-13 09:51:35.000000000 -0400 |
224 |
+++ b/security/Kconfig 2012-10-13 09:52:59.000000000 -0400 |
225 |
-@@ -191,7 +191,7 @@ |
226 |
+@@ -192,7 +192,7 @@ |
227 |
|
228 |
config GRKERNSEC_PROC_GID |
229 |
int "GID exempted from /proc restrictions" |
230 |
@@ -82,7 +82,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
231 |
help |
232 |
Setting this GID determines which group will be exempted from |
233 |
grsecurity's /proc restrictions, allowing users of the specified |
234 |
-@@ -202,7 +202,7 @@ |
235 |
+@@ -203,7 +203,7 @@ |
236 |
config GRKERNSEC_TPE_UNTRUSTED_GID |
237 |
int "GID for TPE-untrusted users" |
238 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
239 |
@@ -91,7 +91,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
240 |
help |
241 |
Setting this GID determines which group untrusted users should |
242 |
be added to. These users will be placed under grsecurity's Trusted Path |
243 |
-@@ -214,7 +214,7 @@ |
244 |
+@@ -215,7 +215,7 @@ |
245 |
config GRKERNSEC_TPE_TRUSTED_GID |
246 |
int "GID for TPE-trusted users" |
247 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
248 |
@@ -100,7 +100,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
249 |
help |
250 |
Setting this GID determines what group TPE restrictions will be |
251 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
252 |
-@@ -223,7 +223,7 @@ |
253 |
+@@ -224,7 +224,7 @@ |
254 |
config GRKERNSEC_SYMLINKOWN_GID |
255 |
int "GID for users with kernel-enforced SymlinksIfOwnerMatch" |
256 |
depends on GRKERNSEC_CONFIG_SERVER |
257 |
|
258 |
diff --git a/2.6.32/4475_emutramp_default_on.patch b/2.6.32/4475_emutramp_default_on.patch |
259 |
index 2d7124b..c7647c0 100644 |
260 |
--- a/2.6.32/4475_emutramp_default_on.patch |
261 |
+++ b/2.6.32/4475_emutramp_default_on.patch |
262 |
@@ -10,7 +10,7 @@ See bug: |
263 |
diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig |
264 |
--- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400 |
265 |
+++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400 |
266 |
-@@ -424,7 +424,7 @@ |
267 |
+@@ -425,7 +425,7 @@ |
268 |
|
269 |
config PAX_EMUTRAMP |
270 |
bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86) |
271 |
|
272 |
diff --git a/3.11.6/0000_README b/3.11.7/0000_README |
273 |
similarity index 96% |
274 |
rename from 3.11.6/0000_README |
275 |
rename to 3.11.7/0000_README |
276 |
index 358a97d..ff6ef32 100644 |
277 |
--- a/3.11.6/0000_README |
278 |
+++ b/3.11.7/0000_README |
279 |
@@ -2,7 +2,7 @@ README |
280 |
----------------------------------------------------------------------------- |
281 |
Individual Patch Descriptions: |
282 |
----------------------------------------------------------------------------- |
283 |
-Patch: 4420_grsecurity-2.9.1-3.11.6-201311021635.patch |
284 |
+Patch: 4420_grsecurity-2.9.1-3.11.7-201311071634.patch |
285 |
From: http://www.grsecurity.net |
286 |
Desc: hardened-sources base patch from upstream grsecurity |
287 |
|
288 |
|
289 |
diff --git a/3.11.6/4420_grsecurity-2.9.1-3.11.6-201311021635.patch b/3.11.7/4420_grsecurity-2.9.1-3.11.7-201311071634.patch |
290 |
similarity index 99% |
291 |
rename from 3.11.6/4420_grsecurity-2.9.1-3.11.6-201311021635.patch |
292 |
rename to 3.11.7/4420_grsecurity-2.9.1-3.11.7-201311071634.patch |
293 |
index 306363f..6499bdd 100644 |
294 |
--- a/3.11.6/4420_grsecurity-2.9.1-3.11.6-201311021635.patch |
295 |
+++ b/3.11.7/4420_grsecurity-2.9.1-3.11.7-201311071634.patch |
296 |
@@ -281,7 +281,7 @@ index 7f9d4f5..6d1afd6 100644 |
297 |
|
298 |
pcd. [PARIDE] |
299 |
diff --git a/Makefile b/Makefile |
300 |
-index e87ba83..ee3c7b7 100644 |
301 |
+index 686adf7..f2e53a7 100644 |
302 |
--- a/Makefile |
303 |
+++ b/Makefile |
304 |
@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
305 |
@@ -2091,30 +2091,6 @@ index a8cae71c..65dd797 100644 |
306 |
|
307 |
/* |
308 |
* set platform specific SMP operations |
309 |
-diff --git a/arch/arm/include/asm/syscall.h b/arch/arm/include/asm/syscall.h |
310 |
-index f1d96d4..73ddd72 100644 |
311 |
---- a/arch/arm/include/asm/syscall.h |
312 |
-+++ b/arch/arm/include/asm/syscall.h |
313 |
-@@ -57,6 +57,9 @@ static inline void syscall_get_arguments(struct task_struct *task, |
314 |
- unsigned int i, unsigned int n, |
315 |
- unsigned long *args) |
316 |
- { |
317 |
-+ if (n == 0) |
318 |
-+ return; |
319 |
-+ |
320 |
- if (i + n > SYSCALL_MAX_ARGS) { |
321 |
- unsigned long *args_bad = args + SYSCALL_MAX_ARGS - i; |
322 |
- unsigned int n_bad = n + i - SYSCALL_MAX_ARGS; |
323 |
-@@ -81,6 +84,9 @@ static inline void syscall_set_arguments(struct task_struct *task, |
324 |
- unsigned int i, unsigned int n, |
325 |
- const unsigned long *args) |
326 |
- { |
327 |
-+ if (n == 0) |
328 |
-+ return; |
329 |
-+ |
330 |
- if (i + n > SYSCALL_MAX_ARGS) { |
331 |
- pr_warning("%s called with max args %d, handling only %d\n", |
332 |
- __func__, i + n, SYSCALL_MAX_ARGS); |
333 |
diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h |
334 |
index 2b8114f..8fe9bcf 100644 |
335 |
--- a/arch/arm/include/asm/thread_info.h |
336 |
@@ -11503,6 +11479,23 @@ index 0032f92..cd151e0 100644 |
337 |
|
338 |
#ifdef CONFIG_64BIT |
339 |
#define set_pud(pudptr, pudval) set_64bit((u64 *) (pudptr), pud_val(pudval)) |
340 |
+diff --git a/arch/um/kernel/exitcode.c b/arch/um/kernel/exitcode.c |
341 |
+index 829df49..41ebbfe 100644 |
342 |
+--- a/arch/um/kernel/exitcode.c |
343 |
++++ b/arch/um/kernel/exitcode.c |
344 |
+@@ -40,9 +40,11 @@ static ssize_t exitcode_proc_write(struct file *file, |
345 |
+ const char __user *buffer, size_t count, loff_t *pos) |
346 |
+ { |
347 |
+ char *end, buf[sizeof("nnnnn\0")]; |
348 |
++ size_t size; |
349 |
+ int tmp; |
350 |
+ |
351 |
+- if (copy_from_user(buf, buffer, count)) |
352 |
++ size = min(count, sizeof(buf)); |
353 |
++ if (copy_from_user(buf, buffer, size)) |
354 |
+ return -EFAULT; |
355 |
+ |
356 |
+ tmp = simple_strtol(buf, &end, 0); |
357 |
diff --git a/arch/um/kernel/process.c b/arch/um/kernel/process.c |
358 |
index bbcef52..6a2a483 100644 |
359 |
--- a/arch/um/kernel/process.c |
360 |
@@ -37138,180 +37131,6 @@ index 5bb848c..f1d4fc9 100644 |
361 |
.recalc_rate = socfpga_clk_recalc_rate, |
362 |
.get_parent = socfpga_clk_get_parent, |
363 |
.set_parent = socfpga_clk_set_parent, |
364 |
-diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c |
365 |
-index 08ae128..c73fc2b 100644 |
366 |
---- a/drivers/connector/cn_proc.c |
367 |
-+++ b/drivers/connector/cn_proc.c |
368 |
-@@ -65,6 +65,7 @@ void proc_fork_connector(struct task_struct *task) |
369 |
- |
370 |
- msg = (struct cn_msg *)buffer; |
371 |
- ev = (struct proc_event *)msg->data; |
372 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
373 |
- get_seq(&msg->seq, &ev->cpu); |
374 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
375 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
376 |
-@@ -80,6 +81,7 @@ void proc_fork_connector(struct task_struct *task) |
377 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
378 |
- msg->ack = 0; /* not used */ |
379 |
- msg->len = sizeof(*ev); |
380 |
-+ msg->flags = 0; /* not used */ |
381 |
- /* If cn_netlink_send() failed, the data is not sent */ |
382 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
383 |
- } |
384 |
-@@ -96,6 +98,7 @@ void proc_exec_connector(struct task_struct *task) |
385 |
- |
386 |
- msg = (struct cn_msg *)buffer; |
387 |
- ev = (struct proc_event *)msg->data; |
388 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
389 |
- get_seq(&msg->seq, &ev->cpu); |
390 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
391 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
392 |
-@@ -106,6 +109,7 @@ void proc_exec_connector(struct task_struct *task) |
393 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
394 |
- msg->ack = 0; /* not used */ |
395 |
- msg->len = sizeof(*ev); |
396 |
-+ msg->flags = 0; /* not used */ |
397 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
398 |
- } |
399 |
- |
400 |
-@@ -122,6 +126,7 @@ void proc_id_connector(struct task_struct *task, int which_id) |
401 |
- |
402 |
- msg = (struct cn_msg *)buffer; |
403 |
- ev = (struct proc_event *)msg->data; |
404 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
405 |
- ev->what = which_id; |
406 |
- ev->event_data.id.process_pid = task->pid; |
407 |
- ev->event_data.id.process_tgid = task->tgid; |
408 |
-@@ -145,6 +150,7 @@ void proc_id_connector(struct task_struct *task, int which_id) |
409 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
410 |
- msg->ack = 0; /* not used */ |
411 |
- msg->len = sizeof(*ev); |
412 |
-+ msg->flags = 0; /* not used */ |
413 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
414 |
- } |
415 |
- |
416 |
-@@ -160,6 +166,7 @@ void proc_sid_connector(struct task_struct *task) |
417 |
- |
418 |
- msg = (struct cn_msg *)buffer; |
419 |
- ev = (struct proc_event *)msg->data; |
420 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
421 |
- get_seq(&msg->seq, &ev->cpu); |
422 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
423 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
424 |
-@@ -170,6 +177,7 @@ void proc_sid_connector(struct task_struct *task) |
425 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
426 |
- msg->ack = 0; /* not used */ |
427 |
- msg->len = sizeof(*ev); |
428 |
-+ msg->flags = 0; /* not used */ |
429 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
430 |
- } |
431 |
- |
432 |
-@@ -185,6 +193,7 @@ void proc_ptrace_connector(struct task_struct *task, int ptrace_id) |
433 |
- |
434 |
- msg = (struct cn_msg *)buffer; |
435 |
- ev = (struct proc_event *)msg->data; |
436 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
437 |
- get_seq(&msg->seq, &ev->cpu); |
438 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
439 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
440 |
-@@ -203,6 +212,7 @@ void proc_ptrace_connector(struct task_struct *task, int ptrace_id) |
441 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
442 |
- msg->ack = 0; /* not used */ |
443 |
- msg->len = sizeof(*ev); |
444 |
-+ msg->flags = 0; /* not used */ |
445 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
446 |
- } |
447 |
- |
448 |
-@@ -218,6 +228,7 @@ void proc_comm_connector(struct task_struct *task) |
449 |
- |
450 |
- msg = (struct cn_msg *)buffer; |
451 |
- ev = (struct proc_event *)msg->data; |
452 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
453 |
- get_seq(&msg->seq, &ev->cpu); |
454 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
455 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
456 |
-@@ -229,6 +240,7 @@ void proc_comm_connector(struct task_struct *task) |
457 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
458 |
- msg->ack = 0; /* not used */ |
459 |
- msg->len = sizeof(*ev); |
460 |
-+ msg->flags = 0; /* not used */ |
461 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
462 |
- } |
463 |
- |
464 |
-@@ -244,6 +256,7 @@ void proc_coredump_connector(struct task_struct *task) |
465 |
- |
466 |
- msg = (struct cn_msg *)buffer; |
467 |
- ev = (struct proc_event *)msg->data; |
468 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
469 |
- get_seq(&msg->seq, &ev->cpu); |
470 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
471 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
472 |
-@@ -254,6 +267,7 @@ void proc_coredump_connector(struct task_struct *task) |
473 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
474 |
- msg->ack = 0; /* not used */ |
475 |
- msg->len = sizeof(*ev); |
476 |
-+ msg->flags = 0; /* not used */ |
477 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
478 |
- } |
479 |
- |
480 |
-@@ -269,6 +283,7 @@ void proc_exit_connector(struct task_struct *task) |
481 |
- |
482 |
- msg = (struct cn_msg *)buffer; |
483 |
- ev = (struct proc_event *)msg->data; |
484 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
485 |
- get_seq(&msg->seq, &ev->cpu); |
486 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
487 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
488 |
-@@ -281,6 +296,7 @@ void proc_exit_connector(struct task_struct *task) |
489 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
490 |
- msg->ack = 0; /* not used */ |
491 |
- msg->len = sizeof(*ev); |
492 |
-+ msg->flags = 0; /* not used */ |
493 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
494 |
- } |
495 |
- |
496 |
-@@ -304,6 +320,7 @@ static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack) |
497 |
- |
498 |
- msg = (struct cn_msg *)buffer; |
499 |
- ev = (struct proc_event *)msg->data; |
500 |
-+ memset(&ev->event_data, 0, sizeof(ev->event_data)); |
501 |
- msg->seq = rcvd_seq; |
502 |
- ktime_get_ts(&ts); /* get high res monotonic timestamp */ |
503 |
- put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns); |
504 |
-@@ -313,6 +330,7 @@ static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack) |
505 |
- memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id)); |
506 |
- msg->ack = rcvd_ack + 1; |
507 |
- msg->len = sizeof(*ev); |
508 |
-+ msg->flags = 0; /* not used */ |
509 |
- cn_netlink_send(msg, CN_IDX_PROC, GFP_KERNEL); |
510 |
- } |
511 |
- |
512 |
-diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c |
513 |
-index 6ecfa75..0daa11e 100644 |
514 |
---- a/drivers/connector/connector.c |
515 |
-+++ b/drivers/connector/connector.c |
516 |
-@@ -157,17 +157,18 @@ static int cn_call_callback(struct sk_buff *skb) |
517 |
- static void cn_rx_skb(struct sk_buff *__skb) |
518 |
- { |
519 |
- struct nlmsghdr *nlh; |
520 |
-- int err; |
521 |
- struct sk_buff *skb; |
522 |
-+ int len, err; |
523 |
- |
524 |
- skb = skb_get(__skb); |
525 |
- |
526 |
- if (skb->len >= NLMSG_HDRLEN) { |
527 |
- nlh = nlmsg_hdr(skb); |
528 |
-+ len = nlmsg_len(nlh); |
529 |
- |
530 |
-- if (nlh->nlmsg_len < sizeof(struct cn_msg) || |
531 |
-+ if (len < (int)sizeof(struct cn_msg) || |
532 |
- skb->len < nlh->nlmsg_len || |
533 |
-- nlh->nlmsg_len > CONNECTOR_MAX_MSG_SIZE) { |
534 |
-+ len > CONNECTOR_MAX_MSG_SIZE) { |
535 |
- kfree_skb(skb); |
536 |
- return; |
537 |
- } |
538 |
diff --git a/drivers/cpufreq/acpi-cpufreq.c b/drivers/cpufreq/acpi-cpufreq.c |
539 |
index 3926402..37b580d 100644 |
540 |
--- a/drivers/cpufreq/acpi-cpufreq.c |
541 |
@@ -44499,30 +44318,6 @@ index 8a05d77..ba8b9c5 100644 |
542 |
.kind = "vxlan", |
543 |
.maxtype = IFLA_VXLAN_MAX, |
544 |
.policy = vxlan_policy, |
545 |
-diff --git a/drivers/net/wan/farsync.c b/drivers/net/wan/farsync.c |
546 |
-index 3f0c4f2..bcfff0d 100644 |
547 |
---- a/drivers/net/wan/farsync.c |
548 |
-+++ b/drivers/net/wan/farsync.c |
549 |
-@@ -1972,6 +1972,7 @@ fst_get_iface(struct fst_card_info *card, struct fst_port_info *port, |
550 |
- } |
551 |
- |
552 |
- i = port->index; |
553 |
-+ memset(&sync, 0, sizeof(sync)); |
554 |
- sync.clock_rate = FST_RDL(card, portConfig[i].lineSpeed); |
555 |
- /* Lucky card and linux use same encoding here */ |
556 |
- sync.clock_type = FST_RDB(card, portConfig[i].internalClock) == |
557 |
-diff --git a/drivers/net/wan/wanxl.c b/drivers/net/wan/wanxl.c |
558 |
-index 6a24a5a..4c0a697 100644 |
559 |
---- a/drivers/net/wan/wanxl.c |
560 |
-+++ b/drivers/net/wan/wanxl.c |
561 |
-@@ -355,6 +355,7 @@ static int wanxl_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) |
562 |
- ifr->ifr_settings.size = size; /* data size wanted */ |
563 |
- return -ENOBUFS; |
564 |
- } |
565 |
-+ memset(&line, 0, sizeof(line)); |
566 |
- line.clock_type = get_status(port)->clocking; |
567 |
- line.clock_rate = 0; |
568 |
- line.loopback = 0; |
569 |
diff --git a/drivers/net/wimax/i2400m/rx.c b/drivers/net/wimax/i2400m/rx.c |
570 |
index 0b60295..b8bfa5b 100644 |
571 |
--- a/drivers/net/wimax/i2400m/rx.c |
572 |
@@ -47255,6 +47050,19 @@ index dc23395..cf7e9b1 100644 |
573 |
|
574 |
struct io_req { |
575 |
struct list_head list; |
576 |
+diff --git a/drivers/staging/sb105x/sb_pci_mp.c b/drivers/staging/sb105x/sb_pci_mp.c |
577 |
+index 23db32f..a10cdb1 100644 |
578 |
+--- a/drivers/staging/sb105x/sb_pci_mp.c |
579 |
++++ b/drivers/staging/sb105x/sb_pci_mp.c |
580 |
+@@ -1063,7 +1063,7 @@ static int mp_wait_modem_status(struct sb_uart_state *state, unsigned long arg) |
581 |
+ |
582 |
+ static int mp_get_count(struct sb_uart_state *state, struct serial_icounter_struct *icnt) |
583 |
+ { |
584 |
+- struct serial_icounter_struct icount; |
585 |
++ struct serial_icounter_struct icount = {}; |
586 |
+ struct sb_uart_icount cnow; |
587 |
+ struct sb_uart_port *port = state->port; |
588 |
+ |
589 |
diff --git a/drivers/staging/sbe-2t3e3/netdev.c b/drivers/staging/sbe-2t3e3/netdev.c |
590 |
index 1f5088b..0e59820 100644 |
591 |
--- a/drivers/staging/sbe-2t3e3/netdev.c |
592 |
@@ -55552,31 +55360,6 @@ index 22548f5..41521d8 100644 |
593 |
return 0; |
594 |
} |
595 |
return 1; |
596 |
-diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c |
597 |
-index 1194b1f..f8cde46 100644 |
598 |
---- a/fs/ext3/namei.c |
599 |
-+++ b/fs/ext3/namei.c |
600 |
-@@ -1783,7 +1783,7 @@ retry: |
601 |
- d_tmpfile(dentry, inode); |
602 |
- err = ext3_orphan_add(handle, inode); |
603 |
- if (err) |
604 |
-- goto err_drop_inode; |
605 |
-+ goto err_unlock_inode; |
606 |
- mark_inode_dirty(inode); |
607 |
- unlock_new_inode(inode); |
608 |
- } |
609 |
-@@ -1791,10 +1791,9 @@ retry: |
610 |
- if (err == -ENOSPC && ext3_should_retry_alloc(dir->i_sb, &retries)) |
611 |
- goto retry; |
612 |
- return err; |
613 |
--err_drop_inode: |
614 |
-+err_unlock_inode: |
615 |
- ext3_journal_stop(handle); |
616 |
- unlock_new_inode(inode); |
617 |
-- iput(inode); |
618 |
- return err; |
619 |
- } |
620 |
- |
621 |
diff --git a/fs/ext4/balloc.c b/fs/ext4/balloc.c |
622 |
index ddd715e..c772f88 100644 |
623 |
--- a/fs/ext4/balloc.c |
624 |
@@ -55756,31 +55539,6 @@ index 214461e..3614c89 100644 |
625 |
__ext4_warning(sb, function, line, |
626 |
"MMP failure info: last update time: %llu, last update " |
627 |
"node: %s, last update device: %s\n", |
628 |
-diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c |
629 |
-index 35f55a0..b53cbc6 100644 |
630 |
---- a/fs/ext4/namei.c |
631 |
-+++ b/fs/ext4/namei.c |
632 |
-@@ -2319,7 +2319,7 @@ retry: |
633 |
- d_tmpfile(dentry, inode); |
634 |
- err = ext4_orphan_add(handle, inode); |
635 |
- if (err) |
636 |
-- goto err_drop_inode; |
637 |
-+ goto err_unlock_inode; |
638 |
- mark_inode_dirty(inode); |
639 |
- unlock_new_inode(inode); |
640 |
- } |
641 |
-@@ -2328,10 +2328,9 @@ retry: |
642 |
- if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) |
643 |
- goto retry; |
644 |
- return err; |
645 |
--err_drop_inode: |
646 |
-+err_unlock_inode: |
647 |
- ext4_journal_stop(handle); |
648 |
- unlock_new_inode(inode); |
649 |
-- iput(inode); |
650 |
- return err; |
651 |
- } |
652 |
- |
653 |
diff --git a/fs/ext4/super.c b/fs/ext4/super.c |
654 |
index b59373b..f41c2b5 100644 |
655 |
--- a/fs/ext4/super.c |
656 |
@@ -76666,7 +76424,7 @@ index 429c199..4d42e38 100644 |
657 |
|
658 |
/* shm_mode upper byte flags */ |
659 |
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
660 |
-index 3b71a4e..4823435 100644 |
661 |
+index 6bd165b..4823435 100644 |
662 |
--- a/include/linux/skbuff.h |
663 |
+++ b/include/linux/skbuff.h |
664 |
@@ -648,7 +648,7 @@ extern bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from, |
665 |
@@ -76705,19 +76463,7 @@ index 3b71a4e..4823435 100644 |
666 |
} |
667 |
|
668 |
/** |
669 |
-@@ -1316,6 +1316,11 @@ static inline int skb_pagelen(const struct sk_buff *skb) |
670 |
- return len + skb_headlen(skb); |
671 |
- } |
672 |
- |
673 |
-+static inline bool skb_has_frags(const struct sk_buff *skb) |
674 |
-+{ |
675 |
-+ return skb_shinfo(skb)->nr_frags; |
676 |
-+} |
677 |
-+ |
678 |
- /** |
679 |
- * __skb_fill_page_desc - initialise a paged fragment in an skb |
680 |
- * @skb: buffer containing fragment to be initialised |
681 |
-@@ -1750,7 +1755,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
682 |
+@@ -1755,7 +1755,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) |
683 |
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) |
684 |
*/ |
685 |
#ifndef NET_SKB_PAD |
686 |
@@ -76726,7 +76472,7 @@ index 3b71a4e..4823435 100644 |
687 |
#endif |
688 |
|
689 |
extern int ___pskb_trim(struct sk_buff *skb, unsigned int len); |
690 |
-@@ -2345,7 +2350,7 @@ extern struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, |
691 |
+@@ -2350,7 +2350,7 @@ extern struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned flags, |
692 |
int noblock, int *err); |
693 |
extern unsigned int datagram_poll(struct file *file, struct socket *sock, |
694 |
struct poll_table_struct *wait); |
695 |
@@ -76735,7 +76481,7 @@ index 3b71a4e..4823435 100644 |
696 |
int offset, struct iovec *to, |
697 |
int size); |
698 |
extern int skb_copy_and_csum_datagram_iovec(struct sk_buff *skb, |
699 |
-@@ -2636,6 +2641,9 @@ static inline void nf_reset(struct sk_buff *skb) |
700 |
+@@ -2641,6 +2641,9 @@ static inline void nf_reset(struct sk_buff *skb) |
701 |
nf_bridge_put(skb->nf_bridge); |
702 |
skb->nf_bridge = NULL; |
703 |
#endif |
704 |
@@ -78280,10 +78026,10 @@ index e745c92..3641448 100644 |
705 |
|
706 |
/* Structure to track chunk fragments that have been acked, but peer |
707 |
diff --git a/include/net/sock.h b/include/net/sock.h |
708 |
-index 31d5cfb..9ee0602 100644 |
709 |
+index 04e148f..3b1c7e0 100644 |
710 |
--- a/include/net/sock.h |
711 |
+++ b/include/net/sock.h |
712 |
-@@ -331,7 +331,7 @@ struct sock { |
713 |
+@@ -332,7 +332,7 @@ struct sock { |
714 |
unsigned int sk_napi_id; |
715 |
unsigned int sk_ll_usec; |
716 |
#endif |
717 |
@@ -78292,7 +78038,7 @@ index 31d5cfb..9ee0602 100644 |
718 |
int sk_rcvbuf; |
719 |
|
720 |
struct sk_filter __rcu *sk_filter; |
721 |
-@@ -1803,7 +1803,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
722 |
+@@ -1805,7 +1805,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) |
723 |
} |
724 |
|
725 |
static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, |
726 |
@@ -78301,7 +78047,7 @@ index 31d5cfb..9ee0602 100644 |
727 |
int copy, int offset) |
728 |
{ |
729 |
if (skb->ip_summed == CHECKSUM_NONE) { |
730 |
-@@ -2065,7 +2065,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
731 |
+@@ -2067,7 +2067,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
732 |
} |
733 |
} |
734 |
|
735 |
@@ -78311,10 +78057,10 @@ index 31d5cfb..9ee0602 100644 |
736 |
/** |
737 |
* sk_page_frag - return an appropriate page_frag |
738 |
diff --git a/include/net/tcp.h b/include/net/tcp.h |
739 |
-index d198005..c974a393 100644 |
740 |
+index 46cb8a4..32b7b4a 100644 |
741 |
--- a/include/net/tcp.h |
742 |
+++ b/include/net/tcp.h |
743 |
-@@ -521,7 +521,7 @@ extern void tcp_retransmit_timer(struct sock *sk); |
744 |
+@@ -522,7 +522,7 @@ extern void tcp_retransmit_timer(struct sock *sk); |
745 |
extern void tcp_xmit_retransmit_queue(struct sock *); |
746 |
extern void tcp_simple_retransmit(struct sock *); |
747 |
extern int tcp_trim_head(struct sock *, struct sk_buff *, u32); |
748 |
@@ -78323,7 +78069,7 @@ index d198005..c974a393 100644 |
749 |
|
750 |
extern void tcp_send_probe0(struct sock *); |
751 |
extern void tcp_send_partial(struct sock *); |
752 |
-@@ -694,8 +694,8 @@ struct tcp_skb_cb { |
753 |
+@@ -695,8 +695,8 @@ struct tcp_skb_cb { |
754 |
struct inet6_skb_parm h6; |
755 |
#endif |
756 |
} header; /* For incoming frames */ |
757 |
@@ -78334,7 +78080,7 @@ index d198005..c974a393 100644 |
758 |
__u32 when; /* used to compute rtt's */ |
759 |
__u8 tcp_flags; /* TCP header flags. (tcp[13]) */ |
760 |
|
761 |
-@@ -709,7 +709,7 @@ struct tcp_skb_cb { |
762 |
+@@ -710,7 +710,7 @@ struct tcp_skb_cb { |
763 |
|
764 |
__u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ |
765 |
/* 1 byte hole */ |
766 |
@@ -85612,7 +85358,7 @@ index 4a1f33d..2f3ca75 100644 |
767 |
enum kobj_ns_type type = ops->type; |
768 |
int error; |
769 |
diff --git a/lib/list_debug.c b/lib/list_debug.c |
770 |
-index c24c2f7..06e070b 100644 |
771 |
+index c24c2f7..f0296f4 100644 |
772 |
--- a/lib/list_debug.c |
773 |
+++ b/lib/list_debug.c |
774 |
@@ -11,7 +11,9 @@ |
775 |
@@ -85625,50 +85371,61 @@ index c24c2f7..06e070b 100644 |
776 |
/* |
777 |
* Insert a new entry between two known consecutive entries. |
778 |
* |
779 |
-@@ -19,21 +21,32 @@ |
780 |
+@@ -19,21 +21,40 @@ |
781 |
* the prev/next entries already! |
782 |
*/ |
783 |
|
784 |
--void __list_add(struct list_head *new, |
785 |
-- struct list_head *prev, |
786 |
-- struct list_head *next) |
787 |
+static bool __list_add_debug(struct list_head *new, |
788 |
+ struct list_head *prev, |
789 |
+ struct list_head *next) |
790 |
++{ |
791 |
++ if (unlikely(next->prev != prev)) { |
792 |
++ printk(KERN_ERR "list_add corruption. next->prev should be " |
793 |
++ "prev (%p), but was %p. (next=%p).\n", |
794 |
++ prev, next->prev, next); |
795 |
++ BUG(); |
796 |
++ return false; |
797 |
++ } |
798 |
++ if (unlikely(prev->next != next)) { |
799 |
++ printk(KERN_ERR "list_add corruption. prev->next should be " |
800 |
++ "next (%p), but was %p. (prev=%p).\n", |
801 |
++ next, prev->next, prev); |
802 |
++ BUG(); |
803 |
++ return false; |
804 |
++ } |
805 |
++ if (unlikely(new == prev || new == next)) { |
806 |
++ printk(KERN_ERR "list_add double add: new=%p, prev=%p, next=%p.\n", |
807 |
++ new, prev, next); |
808 |
++ BUG(); |
809 |
++ return false; |
810 |
++ } |
811 |
++ return true; |
812 |
++} |
813 |
++ |
814 |
+ void __list_add(struct list_head *new, |
815 |
+- struct list_head *prev, |
816 |
+- struct list_head *next) |
817 |
++ struct list_head *prev, |
818 |
++ struct list_head *next) |
819 |
{ |
820 |
- WARN(next->prev != prev, |
821 |
-+ if (WARN(next->prev != prev, |
822 |
- "list_add corruption. next->prev should be " |
823 |
- "prev (%p), but was %p. (next=%p).\n", |
824 |
+- "list_add corruption. next->prev should be " |
825 |
+- "prev (%p), but was %p. (next=%p).\n", |
826 |
- prev, next->prev, next); |
827 |
- WARN(prev->next != next, |
828 |
-+ prev, next->prev, next) || |
829 |
-+ WARN(prev->next != next, |
830 |
- "list_add corruption. prev->next should be " |
831 |
- "next (%p), but was %p. (prev=%p).\n", |
832 |
+- "list_add corruption. prev->next should be " |
833 |
+- "next (%p), but was %p. (prev=%p).\n", |
834 |
- next, prev->next, prev); |
835 |
- WARN(new == prev || new == next, |
836 |
- "list_add double add: new=%p, prev=%p, next=%p.\n", |
837 |
- new, prev, next); |
838 |
-+ next, prev->next, prev) || |
839 |
-+ WARN(new == prev || new == next, |
840 |
-+ "list_add double add: new=%p, prev=%p, next=%p.\n", |
841 |
-+ new, prev, next)) |
842 |
-+ return false; |
843 |
-+ return true; |
844 |
-+} |
845 |
-+ |
846 |
-+void __list_add(struct list_head *new, |
847 |
-+ struct list_head *prev, |
848 |
-+ struct list_head *next) |
849 |
-+{ |
850 |
+ if (!__list_add_debug(new, prev, next)) |
851 |
+ return; |
852 |
+ |
853 |
next->prev = new; |
854 |
new->next = next; |
855 |
new->prev = prev; |
856 |
-@@ -41,7 +54,7 @@ void __list_add(struct list_head *new, |
857 |
+@@ -41,28 +62,46 @@ void __list_add(struct list_head *new, |
858 |
} |
859 |
EXPORT_SYMBOL(__list_add); |
860 |
|
861 |
@@ -85677,11 +85434,45 @@ index c24c2f7..06e070b 100644 |
862 |
{ |
863 |
struct list_head *prev, *next; |
864 |
|
865 |
-@@ -60,9 +73,16 @@ void __list_del_entry(struct list_head *entry) |
866 |
- WARN(next->prev != entry, |
867 |
- "list_del corruption. next->prev should be %p, " |
868 |
- "but was %p\n", entry, next->prev)) |
869 |
+ prev = entry->prev; |
870 |
+ next = entry->next; |
871 |
+ |
872 |
+- if (WARN(next == LIST_POISON1, |
873 |
+- "list_del corruption, %p->next is LIST_POISON1 (%p)\n", |
874 |
+- entry, LIST_POISON1) || |
875 |
+- WARN(prev == LIST_POISON2, |
876 |
+- "list_del corruption, %p->prev is LIST_POISON2 (%p)\n", |
877 |
+- entry, LIST_POISON2) || |
878 |
+- WARN(prev->next != entry, |
879 |
+- "list_del corruption. prev->next should be %p, " |
880 |
+- "but was %p\n", entry, prev->next) || |
881 |
+- WARN(next->prev != entry, |
882 |
+- "list_del corruption. next->prev should be %p, " |
883 |
+- "but was %p\n", entry, next->prev)) |
884 |
++ if (unlikely(next == LIST_POISON1)) { |
885 |
++ printk(KERN_ERR "list_del corruption, %p->next is LIST_POISON1 (%p)\n", |
886 |
++ entry, LIST_POISON1); |
887 |
++ BUG(); |
888 |
++ return false; |
889 |
++ } |
890 |
++ if (unlikely(prev == LIST_POISON2)) { |
891 |
++ printk(KERN_ERR "list_del corruption, %p->prev is LIST_POISON2 (%p)\n", |
892 |
++ entry, LIST_POISON2); |
893 |
++ BUG(); |
894 |
+ return false; |
895 |
++ } |
896 |
++ if (unlikely(entry->prev->next != entry)) { |
897 |
++ printk(KERN_ERR "list_del corruption. prev->next should be %p, " |
898 |
++ "but was %p\n", entry, prev->next); |
899 |
++ BUG(); |
900 |
++ return false; |
901 |
++ } |
902 |
++ if (unlikely(entry->next->prev != entry)) { |
903 |
++ printk(KERN_ERR "list_del corruption. next->prev should be %p, " |
904 |
++ "but was %p\n", entry, next->prev); |
905 |
++ BUG(); |
906 |
++ return false; |
907 |
++ } |
908 |
+ return true; |
909 |
+} |
910 |
+ |
911 |
@@ -85695,7 +85486,7 @@ index c24c2f7..06e070b 100644 |
912 |
} |
913 |
EXPORT_SYMBOL(__list_del_entry); |
914 |
|
915 |
-@@ -86,15 +106,85 @@ EXPORT_SYMBOL(list_del); |
916 |
+@@ -86,15 +125,85 @@ EXPORT_SYMBOL(list_del); |
917 |
void __list_add_rcu(struct list_head *new, |
918 |
struct list_head *prev, struct list_head *next) |
919 |
{ |
920 |
@@ -86565,7 +86356,7 @@ index 2c13aa7..64cbc3f 100644 |
921 |
} else { |
922 |
pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", |
923 |
diff --git a/mm/memory.c b/mm/memory.c |
924 |
-index af84bc0..2ed0816 100644 |
925 |
+index 440986e..94b45d5 100644 |
926 |
--- a/mm/memory.c |
927 |
+++ b/mm/memory.c |
928 |
@@ -426,6 +426,7 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, |
929 |
@@ -86602,7 +86393,7 @@ index af84bc0..2ed0816 100644 |
930 |
} |
931 |
|
932 |
/* |
933 |
-@@ -1645,12 +1651,6 @@ no_page_table: |
934 |
+@@ -1647,12 +1653,6 @@ no_page_table: |
935 |
return page; |
936 |
} |
937 |
|
938 |
@@ -86615,7 +86406,7 @@ index af84bc0..2ed0816 100644 |
939 |
/** |
940 |
* __get_user_pages() - pin user pages in memory |
941 |
* @tsk: task_struct of target task |
942 |
-@@ -1737,10 +1737,10 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
943 |
+@@ -1739,10 +1739,10 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
944 |
|
945 |
i = 0; |
946 |
|
947 |
@@ -86628,7 +86419,7 @@ index af84bc0..2ed0816 100644 |
948 |
if (!vma && in_gate_area(mm, start)) { |
949 |
unsigned long pg = start & PAGE_MASK; |
950 |
pgd_t *pgd; |
951 |
-@@ -1789,7 +1789,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
952 |
+@@ -1791,7 +1791,7 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
953 |
goto next_page; |
954 |
} |
955 |
|
956 |
@@ -86637,7 +86428,7 @@ index af84bc0..2ed0816 100644 |
957 |
(vma->vm_flags & (VM_IO | VM_PFNMAP)) || |
958 |
!(vm_flags & vma->vm_flags)) |
959 |
return i ? : -EFAULT; |
960 |
-@@ -1818,11 +1818,6 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
961 |
+@@ -1820,11 +1820,6 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
962 |
int ret; |
963 |
unsigned int fault_flags = 0; |
964 |
|
965 |
@@ -86649,7 +86440,7 @@ index af84bc0..2ed0816 100644 |
966 |
if (foll_flags & FOLL_WRITE) |
967 |
fault_flags |= FAULT_FLAG_WRITE; |
968 |
if (nonblocking) |
969 |
-@@ -1902,7 +1897,7 @@ next_page: |
970 |
+@@ -1904,7 +1899,7 @@ next_page: |
971 |
start += page_increm * PAGE_SIZE; |
972 |
nr_pages -= page_increm; |
973 |
} while (nr_pages && start < vma->vm_end); |
974 |
@@ -86658,7 +86449,7 @@ index af84bc0..2ed0816 100644 |
975 |
return i; |
976 |
} |
977 |
EXPORT_SYMBOL(__get_user_pages); |
978 |
-@@ -2109,6 +2104,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, |
979 |
+@@ -2111,6 +2106,10 @@ static int insert_page(struct vm_area_struct *vma, unsigned long addr, |
980 |
page_add_file_rmap(page); |
981 |
set_pte_at(mm, addr, pte, mk_pte(page, prot)); |
982 |
|
983 |
@@ -86669,7 +86460,7 @@ index af84bc0..2ed0816 100644 |
984 |
retval = 0; |
985 |
pte_unmap_unlock(pte, ptl); |
986 |
return retval; |
987 |
-@@ -2153,9 +2152,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, |
988 |
+@@ -2155,9 +2154,21 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, |
989 |
if (!page_count(page)) |
990 |
return -EINVAL; |
991 |
if (!(vma->vm_flags & VM_MIXEDMAP)) { |
992 |
@@ -86691,7 +86482,7 @@ index af84bc0..2ed0816 100644 |
993 |
} |
994 |
return insert_page(vma, addr, page, vma->vm_page_prot); |
995 |
} |
996 |
-@@ -2238,6 +2249,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, |
997 |
+@@ -2240,6 +2251,7 @@ int vm_insert_mixed(struct vm_area_struct *vma, unsigned long addr, |
998 |
unsigned long pfn) |
999 |
{ |
1000 |
BUG_ON(!(vma->vm_flags & VM_MIXEDMAP)); |
1001 |
@@ -86699,7 +86490,7 @@ index af84bc0..2ed0816 100644 |
1002 |
|
1003 |
if (addr < vma->vm_start || addr >= vma->vm_end) |
1004 |
return -EFAULT; |
1005 |
-@@ -2485,7 +2497,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
1006 |
+@@ -2487,7 +2499,9 @@ static int apply_to_pmd_range(struct mm_struct *mm, pud_t *pud, |
1007 |
|
1008 |
BUG_ON(pud_huge(*pud)); |
1009 |
|
1010 |
@@ -86710,7 +86501,7 @@ index af84bc0..2ed0816 100644 |
1011 |
if (!pmd) |
1012 |
return -ENOMEM; |
1013 |
do { |
1014 |
-@@ -2505,7 +2519,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
1015 |
+@@ -2507,7 +2521,9 @@ static int apply_to_pud_range(struct mm_struct *mm, pgd_t *pgd, |
1016 |
unsigned long next; |
1017 |
int err; |
1018 |
|
1019 |
@@ -86721,7 +86512,7 @@ index af84bc0..2ed0816 100644 |
1020 |
if (!pud) |
1021 |
return -ENOMEM; |
1022 |
do { |
1023 |
-@@ -2593,6 +2609,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
1024 |
+@@ -2595,6 +2611,186 @@ static inline void cow_user_page(struct page *dst, struct page *src, unsigned lo |
1025 |
copy_user_highpage(dst, src, va, vma); |
1026 |
} |
1027 |
|
1028 |
@@ -86908,7 +86699,7 @@ index af84bc0..2ed0816 100644 |
1029 |
/* |
1030 |
* This routine handles present pages, when users try to write |
1031 |
* to a shared page. It is done by copying the page to a new address |
1032 |
-@@ -2809,6 +3005,12 @@ gotten: |
1033 |
+@@ -2811,6 +3007,12 @@ gotten: |
1034 |
*/ |
1035 |
page_table = pte_offset_map_lock(mm, pmd, address, &ptl); |
1036 |
if (likely(pte_same(*page_table, orig_pte))) { |
1037 |
@@ -86921,7 +86712,7 @@ index af84bc0..2ed0816 100644 |
1038 |
if (old_page) { |
1039 |
if (!PageAnon(old_page)) { |
1040 |
dec_mm_counter_fast(mm, MM_FILEPAGES); |
1041 |
-@@ -2860,6 +3062,10 @@ gotten: |
1042 |
+@@ -2862,6 +3064,10 @@ gotten: |
1043 |
page_remove_rmap(old_page); |
1044 |
} |
1045 |
|
1046 |
@@ -86932,7 +86723,7 @@ index af84bc0..2ed0816 100644 |
1047 |
/* Free the old page.. */ |
1048 |
new_page = old_page; |
1049 |
ret |= VM_FAULT_WRITE; |
1050 |
-@@ -3137,6 +3343,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1051 |
+@@ -3139,6 +3345,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1052 |
swap_free(entry); |
1053 |
if (vm_swap_full() || (vma->vm_flags & VM_LOCKED) || PageMlocked(page)) |
1054 |
try_to_free_swap(page); |
1055 |
@@ -86944,7 +86735,7 @@ index af84bc0..2ed0816 100644 |
1056 |
unlock_page(page); |
1057 |
if (page != swapcache) { |
1058 |
/* |
1059 |
-@@ -3160,6 +3371,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1060 |
+@@ -3162,6 +3373,11 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1061 |
|
1062 |
/* No need to invalidate - it was non-present before */ |
1063 |
update_mmu_cache(vma, address, page_table); |
1064 |
@@ -86956,7 +86747,7 @@ index af84bc0..2ed0816 100644 |
1065 |
unlock: |
1066 |
pte_unmap_unlock(page_table, ptl); |
1067 |
out: |
1068 |
-@@ -3179,40 +3395,6 @@ out_release: |
1069 |
+@@ -3181,40 +3397,6 @@ out_release: |
1070 |
} |
1071 |
|
1072 |
/* |
1073 |
@@ -86997,7 +86788,7 @@ index af84bc0..2ed0816 100644 |
1074 |
* We enter with non-exclusive mmap_sem (to exclude vma changes, |
1075 |
* but allow concurrent faults), and pte mapped but not yet locked. |
1076 |
* We return with mmap_sem still held, but pte unmapped and unlocked. |
1077 |
-@@ -3221,27 +3403,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1078 |
+@@ -3223,27 +3405,23 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1079 |
unsigned long address, pte_t *page_table, pmd_t *pmd, |
1080 |
unsigned int flags) |
1081 |
{ |
1082 |
@@ -87030,7 +86821,7 @@ index af84bc0..2ed0816 100644 |
1083 |
if (unlikely(anon_vma_prepare(vma))) |
1084 |
goto oom; |
1085 |
page = alloc_zeroed_user_highpage_movable(vma, address); |
1086 |
-@@ -3265,6 +3443,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1087 |
+@@ -3267,6 +3445,11 @@ static int do_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma, |
1088 |
if (!pte_none(*page_table)) |
1089 |
goto release; |
1090 |
|
1091 |
@@ -87042,7 +86833,7 @@ index af84bc0..2ed0816 100644 |
1092 |
inc_mm_counter_fast(mm, MM_ANONPAGES); |
1093 |
page_add_new_anon_rmap(page, vma, address); |
1094 |
setpte: |
1095 |
-@@ -3272,6 +3455,12 @@ setpte: |
1096 |
+@@ -3274,6 +3457,12 @@ setpte: |
1097 |
|
1098 |
/* No need to invalidate - it was non-present before */ |
1099 |
update_mmu_cache(vma, address, page_table); |
1100 |
@@ -87055,7 +86846,7 @@ index af84bc0..2ed0816 100644 |
1101 |
unlock: |
1102 |
pte_unmap_unlock(page_table, ptl); |
1103 |
return 0; |
1104 |
-@@ -3415,6 +3604,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1105 |
+@@ -3417,6 +3606,12 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1106 |
*/ |
1107 |
/* Only go through if we didn't race with anybody else... */ |
1108 |
if (likely(pte_same(*page_table, orig_pte))) { |
1109 |
@@ -87068,7 +86859,7 @@ index af84bc0..2ed0816 100644 |
1110 |
flush_icache_page(vma, page); |
1111 |
entry = mk_pte(page, vma->vm_page_prot); |
1112 |
if (flags & FAULT_FLAG_WRITE) |
1113 |
-@@ -3436,6 +3631,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1114 |
+@@ -3438,6 +3633,14 @@ static int __do_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1115 |
|
1116 |
/* no need to invalidate: a not-present page won't be cached */ |
1117 |
update_mmu_cache(vma, address, page_table); |
1118 |
@@ -87083,7 +86874,7 @@ index af84bc0..2ed0816 100644 |
1119 |
} else { |
1120 |
if (cow_page) |
1121 |
mem_cgroup_uncharge_page(cow_page); |
1122 |
-@@ -3757,6 +3960,12 @@ int handle_pte_fault(struct mm_struct *mm, |
1123 |
+@@ -3759,6 +3962,12 @@ int handle_pte_fault(struct mm_struct *mm, |
1124 |
if (flags & FAULT_FLAG_WRITE) |
1125 |
flush_tlb_fix_spurious_fault(vma, address); |
1126 |
} |
1127 |
@@ -87096,7 +86887,7 @@ index af84bc0..2ed0816 100644 |
1128 |
unlock: |
1129 |
pte_unmap_unlock(pte, ptl); |
1130 |
return 0; |
1131 |
-@@ -3773,6 +3982,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1132 |
+@@ -3775,6 +3984,10 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1133 |
pmd_t *pmd; |
1134 |
pte_t *pte; |
1135 |
|
1136 |
@@ -87107,7 +86898,7 @@ index af84bc0..2ed0816 100644 |
1137 |
__set_current_state(TASK_RUNNING); |
1138 |
|
1139 |
count_vm_event(PGFAULT); |
1140 |
-@@ -3784,6 +3997,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1141 |
+@@ -3786,6 +3999,34 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma, |
1142 |
if (unlikely(is_vm_hugetlb_page(vma))) |
1143 |
return hugetlb_fault(mm, vma, address, flags); |
1144 |
|
1145 |
@@ -87142,7 +86933,7 @@ index af84bc0..2ed0816 100644 |
1146 |
retry: |
1147 |
pgd = pgd_offset(mm, address); |
1148 |
pud = pud_alloc(mm, pgd, address); |
1149 |
-@@ -3882,6 +4123,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
1150 |
+@@ -3884,6 +4125,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address) |
1151 |
spin_unlock(&mm->page_table_lock); |
1152 |
return 0; |
1153 |
} |
1154 |
@@ -87166,7 +86957,7 @@ index af84bc0..2ed0816 100644 |
1155 |
#endif /* __PAGETABLE_PUD_FOLDED */ |
1156 |
|
1157 |
#ifndef __PAGETABLE_PMD_FOLDED |
1158 |
-@@ -3912,6 +4170,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
1159 |
+@@ -3914,6 +4172,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address) |
1160 |
spin_unlock(&mm->page_table_lock); |
1161 |
return 0; |
1162 |
} |
1163 |
@@ -87197,7 +86988,7 @@ index af84bc0..2ed0816 100644 |
1164 |
#endif /* __PAGETABLE_PMD_FOLDED */ |
1165 |
|
1166 |
#if !defined(__HAVE_ARCH_GATE_AREA) |
1167 |
-@@ -3925,7 +4207,7 @@ static int __init gate_vma_init(void) |
1168 |
+@@ -3927,7 +4209,7 @@ static int __init gate_vma_init(void) |
1169 |
gate_vma.vm_start = FIXADDR_USER_START; |
1170 |
gate_vma.vm_end = FIXADDR_USER_END; |
1171 |
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; |
1172 |
@@ -87206,7 +86997,7 @@ index af84bc0..2ed0816 100644 |
1173 |
|
1174 |
return 0; |
1175 |
} |
1176 |
-@@ -4059,8 +4341,8 @@ out: |
1177 |
+@@ -4061,8 +4343,8 @@ out: |
1178 |
return ret; |
1179 |
} |
1180 |
|
1181 |
@@ -87217,7 +87008,7 @@ index af84bc0..2ed0816 100644 |
1182 |
{ |
1183 |
resource_size_t phys_addr; |
1184 |
unsigned long prot = 0; |
1185 |
-@@ -4085,8 +4367,8 @@ int generic_access_phys(struct vm_area_struct *vma, unsigned long addr, |
1186 |
+@@ -4087,8 +4369,8 @@ int generic_access_phys(struct vm_area_struct *vma, unsigned long addr, |
1187 |
* Access another process' address space as given in mm. If non-NULL, use the |
1188 |
* given task for page fault accounting. |
1189 |
*/ |
1190 |
@@ -87228,7 +87019,7 @@ index af84bc0..2ed0816 100644 |
1191 |
{ |
1192 |
struct vm_area_struct *vma; |
1193 |
void *old_buf = buf; |
1194 |
-@@ -4094,7 +4376,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
1195 |
+@@ -4096,7 +4378,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
1196 |
down_read(&mm->mmap_sem); |
1197 |
/* ignore errors, just check how much was successfully transferred */ |
1198 |
while (len) { |
1199 |
@@ -87237,7 +87028,7 @@ index af84bc0..2ed0816 100644 |
1200 |
void *maddr; |
1201 |
struct page *page = NULL; |
1202 |
|
1203 |
-@@ -4153,8 +4435,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
1204 |
+@@ -4155,8 +4437,8 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, |
1205 |
* |
1206 |
* The caller must hold a reference on @mm. |
1207 |
*/ |
1208 |
@@ -87248,7 +87039,7 @@ index af84bc0..2ed0816 100644 |
1209 |
{ |
1210 |
return __access_remote_vm(NULL, mm, addr, buf, len, write); |
1211 |
} |
1212 |
-@@ -4164,11 +4446,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, |
1213 |
+@@ -4166,11 +4448,11 @@ int access_remote_vm(struct mm_struct *mm, unsigned long addr, |
1214 |
* Source/target buffer must be kernel space, |
1215 |
* Do not walk the page table directly, use get_user_pages |
1216 |
*/ |
1217 |
@@ -87340,10 +87131,10 @@ index 4baf12e..5497066 100644 |
1218 |
capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); |
1219 |
|
1220 |
diff --git a/mm/migrate.c b/mm/migrate.c |
1221 |
-index 25ca7ca..abe1836 100644 |
1222 |
+index 81af4e6..2285307 100644 |
1223 |
--- a/mm/migrate.c |
1224 |
+++ b/mm/migrate.c |
1225 |
-@@ -1399,8 +1399,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, |
1226 |
+@@ -1401,8 +1401,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, |
1227 |
*/ |
1228 |
tcred = __task_cred(task); |
1229 |
if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && |
1230 |
@@ -88689,7 +88480,7 @@ index f9c97d1..3468d3b 100644 |
1231 |
vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); |
1232 |
|
1233 |
diff --git a/mm/mprotect.c b/mm/mprotect.c |
1234 |
-index 94722a4..e661e29 100644 |
1235 |
+index a3af058..bc2cb14 100644 |
1236 |
--- a/mm/mprotect.c |
1237 |
+++ b/mm/mprotect.c |
1238 |
@@ -23,10 +23,18 @@ |
1239 |
@@ -88711,7 +88502,7 @@ index 94722a4..e661e29 100644 |
1240 |
|
1241 |
#ifndef pgprot_modify |
1242 |
static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot) |
1243 |
-@@ -233,6 +241,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, |
1244 |
+@@ -236,6 +244,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, |
1245 |
return pages; |
1246 |
} |
1247 |
|
1248 |
@@ -88760,7 +88551,7 @@ index 94722a4..e661e29 100644 |
1249 |
int |
1250 |
mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, |
1251 |
unsigned long start, unsigned long end, unsigned long newflags) |
1252 |
-@@ -245,11 +295,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, |
1253 |
+@@ -248,11 +298,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, |
1254 |
int error; |
1255 |
int dirty_accountable = 0; |
1256 |
|
1257 |
@@ -88790,7 +88581,7 @@ index 94722a4..e661e29 100644 |
1258 |
/* |
1259 |
* If we make a private mapping writable we increase our commit; |
1260 |
* but (without finer accounting) cannot reduce our commit if we |
1261 |
-@@ -266,6 +334,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, |
1262 |
+@@ -269,6 +337,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, |
1263 |
} |
1264 |
} |
1265 |
|
1266 |
@@ -88833,7 +88624,7 @@ index 94722a4..e661e29 100644 |
1267 |
/* |
1268 |
* First try to merge with previous and/or next vma. |
1269 |
*/ |
1270 |
-@@ -296,9 +400,21 @@ success: |
1271 |
+@@ -299,9 +403,21 @@ success: |
1272 |
* vm_flags and vm_page_prot are protected by the mmap_sem |
1273 |
* held in write mode. |
1274 |
*/ |
1275 |
@@ -88856,7 +88647,7 @@ index 94722a4..e661e29 100644 |
1276 |
|
1277 |
if (vma_wants_writenotify(vma)) { |
1278 |
vma->vm_page_prot = vm_get_page_prot(newflags & ~VM_SHARED); |
1279 |
-@@ -337,6 +453,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1280 |
+@@ -340,6 +456,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1281 |
end = start + len; |
1282 |
if (end <= start) |
1283 |
return -ENOMEM; |
1284 |
@@ -88874,7 +88665,7 @@ index 94722a4..e661e29 100644 |
1285 |
if (!arch_validate_prot(prot)) |
1286 |
return -EINVAL; |
1287 |
|
1288 |
-@@ -344,7 +471,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1289 |
+@@ -347,7 +474,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1290 |
/* |
1291 |
* Does the application expect PROT_READ to imply PROT_EXEC: |
1292 |
*/ |
1293 |
@@ -88883,7 +88674,7 @@ index 94722a4..e661e29 100644 |
1294 |
prot |= PROT_EXEC; |
1295 |
|
1296 |
vm_flags = calc_vm_prot_bits(prot); |
1297 |
-@@ -376,6 +503,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1298 |
+@@ -379,6 +506,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1299 |
if (start > vma->vm_start) |
1300 |
prev = vma; |
1301 |
|
1302 |
@@ -88895,7 +88686,7 @@ index 94722a4..e661e29 100644 |
1303 |
for (nstart = start ; ; ) { |
1304 |
unsigned long newflags; |
1305 |
|
1306 |
-@@ -386,6 +518,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1307 |
+@@ -389,6 +521,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1308 |
|
1309 |
/* newflags >> 4 shift VM_MAY% in place of VM_% */ |
1310 |
if ((newflags & ~(newflags >> 4)) & (VM_READ | VM_WRITE | VM_EXEC)) { |
1311 |
@@ -88910,7 +88701,7 @@ index 94722a4..e661e29 100644 |
1312 |
error = -EACCES; |
1313 |
goto out; |
1314 |
} |
1315 |
-@@ -400,6 +540,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1316 |
+@@ -403,6 +543,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, |
1317 |
error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); |
1318 |
if (error) |
1319 |
goto out; |
1320 |
@@ -89095,7 +88886,7 @@ index ecd1f15..77039bd 100644 |
1321 |
struct mm_struct *mm; |
1322 |
|
1323 |
diff --git a/mm/page-writeback.c b/mm/page-writeback.c |
1324 |
-index 3f0c895..60cd104 100644 |
1325 |
+index 241a746..41cd05d 100644 |
1326 |
--- a/mm/page-writeback.c |
1327 |
+++ b/mm/page-writeback.c |
1328 |
@@ -659,7 +659,7 @@ unsigned long bdi_dirty_limit(struct backing_dev_info *bdi, unsigned long dirty) |
1329 |
@@ -90831,19 +90622,6 @@ index 2fb2d88..8c06e40 100644 |
1330 |
struct vlan_net *vn; |
1331 |
|
1332 |
vn = net_generic(net, vlan_net_id); |
1333 |
-diff --git a/net/8021q/vlan_netlink.c b/net/8021q/vlan_netlink.c |
1334 |
-index 3091297..c7e634a 100644 |
1335 |
---- a/net/8021q/vlan_netlink.c |
1336 |
-+++ b/net/8021q/vlan_netlink.c |
1337 |
-@@ -171,7 +171,7 @@ static size_t vlan_get_size(const struct net_device *dev) |
1338 |
- |
1339 |
- return nla_total_size(2) + /* IFLA_VLAN_PROTOCOL */ |
1340 |
- nla_total_size(2) + /* IFLA_VLAN_ID */ |
1341 |
-- sizeof(struct ifla_vlan_flags) + /* IFLA_VLAN_FLAGS */ |
1342 |
-+ nla_total_size(sizeof(struct ifla_vlan_flags)) + /* IFLA_VLAN_FLAGS */ |
1343 |
- vlan_qos_map_size(vlan->nr_ingress_mappings) + |
1344 |
- vlan_qos_map_size(vlan->nr_egress_mappings); |
1345 |
- } |
1346 |
diff --git a/net/9p/mod.c b/net/9p/mod.c |
1347 |
index 6ab36ae..6f1841b 100644 |
1348 |
--- a/net/9p/mod.c |
1349 |
@@ -91420,25 +91198,23 @@ index eb0a46a..5f3bae8 100644 |
1350 |
|
1351 |
switch (ss->ss_family) { |
1352 |
diff --git a/net/compat.c b/net/compat.c |
1353 |
-index f0a1ba6..24e30e5 100644 |
1354 |
+index 8903258..24e30e5 100644 |
1355 |
--- a/net/compat.c |
1356 |
+++ b/net/compat.c |
1357 |
-@@ -71,9 +71,11 @@ int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr __user *umsg) |
1358 |
- __get_user(kmsg->msg_controllen, &umsg->msg_controllen) || |
1359 |
- __get_user(kmsg->msg_flags, &umsg->msg_flags)) |
1360 |
+@@ -73,9 +73,9 @@ int get_compat_msghdr(struct msghdr *kmsg, struct compat_msghdr __user *umsg) |
1361 |
return -EFAULT; |
1362 |
+ if (kmsg->msg_namelen > sizeof(struct sockaddr_storage)) |
1363 |
+ return -EINVAL; |
1364 |
- kmsg->msg_name = compat_ptr(tmp1); |
1365 |
- kmsg->msg_iov = compat_ptr(tmp2); |
1366 |
- kmsg->msg_control = compat_ptr(tmp3); |
1367 |
-+ if (kmsg->msg_namelen > sizeof(struct sockaddr_storage)) |
1368 |
-+ return -EINVAL; |
1369 |
+ kmsg->msg_name = (void __force_kernel *)compat_ptr(tmp1); |
1370 |
+ kmsg->msg_iov = (void __force_kernel *)compat_ptr(tmp2); |
1371 |
+ kmsg->msg_control = (void __force_kernel *)compat_ptr(tmp3); |
1372 |
return 0; |
1373 |
} |
1374 |
|
1375 |
-@@ -85,7 +87,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1376 |
+@@ -87,7 +87,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1377 |
|
1378 |
if (kern_msg->msg_namelen) { |
1379 |
if (mode == VERIFY_READ) { |
1380 |
@@ -91447,7 +91223,7 @@ index f0a1ba6..24e30e5 100644 |
1381 |
kern_msg->msg_namelen, |
1382 |
kern_address); |
1383 |
if (err < 0) |
1384 |
-@@ -96,7 +98,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1385 |
+@@ -98,7 +98,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1386 |
kern_msg->msg_name = NULL; |
1387 |
|
1388 |
tot_len = iov_from_user_compat_to_kern(kern_iov, |
1389 |
@@ -91456,7 +91232,7 @@ index f0a1ba6..24e30e5 100644 |
1390 |
kern_msg->msg_iovlen); |
1391 |
if (tot_len >= 0) |
1392 |
kern_msg->msg_iov = kern_iov; |
1393 |
-@@ -116,20 +118,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1394 |
+@@ -118,20 +118,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov, |
1395 |
|
1396 |
#define CMSG_COMPAT_FIRSTHDR(msg) \ |
1397 |
(((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \ |
1398 |
@@ -91480,7 +91256,7 @@ index f0a1ba6..24e30e5 100644 |
1399 |
msg->msg_controllen) |
1400 |
return NULL; |
1401 |
return (struct compat_cmsghdr __user *)ptr; |
1402 |
-@@ -219,7 +221,7 @@ Efault: |
1403 |
+@@ -221,7 +221,7 @@ Efault: |
1404 |
|
1405 |
int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *data) |
1406 |
{ |
1407 |
@@ -91489,7 +91265,7 @@ index f0a1ba6..24e30e5 100644 |
1408 |
struct compat_cmsghdr cmhdr; |
1409 |
struct compat_timeval ctv; |
1410 |
struct compat_timespec cts[3]; |
1411 |
-@@ -275,7 +277,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *dat |
1412 |
+@@ -277,7 +277,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void *dat |
1413 |
|
1414 |
void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm) |
1415 |
{ |
1416 |
@@ -91498,7 +91274,7 @@ index f0a1ba6..24e30e5 100644 |
1417 |
int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) / sizeof(int); |
1418 |
int fdnum = scm->fp->count; |
1419 |
struct file **fp = scm->fp->fp; |
1420 |
-@@ -363,7 +365,7 @@ static int do_set_sock_timeout(struct socket *sock, int level, |
1421 |
+@@ -365,7 +365,7 @@ static int do_set_sock_timeout(struct socket *sock, int level, |
1422 |
return -EFAULT; |
1423 |
old_fs = get_fs(); |
1424 |
set_fs(KERNEL_DS); |
1425 |
@@ -91507,7 +91283,7 @@ index f0a1ba6..24e30e5 100644 |
1426 |
set_fs(old_fs); |
1427 |
|
1428 |
return err; |
1429 |
-@@ -424,7 +426,7 @@ static int do_get_sock_timeout(struct socket *sock, int level, int optname, |
1430 |
+@@ -426,7 +426,7 @@ static int do_get_sock_timeout(struct socket *sock, int level, int optname, |
1431 |
len = sizeof(ktime); |
1432 |
old_fs = get_fs(); |
1433 |
set_fs(KERNEL_DS); |
1434 |
@@ -91516,7 +91292,7 @@ index f0a1ba6..24e30e5 100644 |
1435 |
set_fs(old_fs); |
1436 |
|
1437 |
if (!err) { |
1438 |
-@@ -567,7 +569,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1439 |
+@@ -569,7 +569,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1440 |
case MCAST_JOIN_GROUP: |
1441 |
case MCAST_LEAVE_GROUP: |
1442 |
{ |
1443 |
@@ -91525,7 +91301,7 @@ index f0a1ba6..24e30e5 100644 |
1444 |
struct group_req __user *kgr = |
1445 |
compat_alloc_user_space(sizeof(struct group_req)); |
1446 |
u32 interface; |
1447 |
-@@ -588,7 +590,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1448 |
+@@ -590,7 +590,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1449 |
case MCAST_BLOCK_SOURCE: |
1450 |
case MCAST_UNBLOCK_SOURCE: |
1451 |
{ |
1452 |
@@ -91534,7 +91310,7 @@ index f0a1ba6..24e30e5 100644 |
1453 |
struct group_source_req __user *kgsr = compat_alloc_user_space( |
1454 |
sizeof(struct group_source_req)); |
1455 |
u32 interface; |
1456 |
-@@ -609,7 +611,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1457 |
+@@ -611,7 +611,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int optname, |
1458 |
} |
1459 |
case MCAST_MSFILTER: |
1460 |
{ |
1461 |
@@ -91543,7 +91319,7 @@ index f0a1ba6..24e30e5 100644 |
1462 |
struct group_filter __user *kgf; |
1463 |
u32 interface, fmode, numsrc; |
1464 |
|
1465 |
-@@ -647,7 +649,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int optname, |
1466 |
+@@ -649,7 +649,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int optname, |
1467 |
char __user *optval, int __user *optlen, |
1468 |
int (*getsockopt)(struct sock *, int, int, char __user *, int __user *)) |
1469 |
{ |
1470 |
@@ -91552,7 +91328,7 @@ index f0a1ba6..24e30e5 100644 |
1471 |
struct group_filter __user *kgf; |
1472 |
int __user *koptlen; |
1473 |
u32 interface, fmode, numsrc; |
1474 |
-@@ -805,7 +807,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args) |
1475 |
+@@ -807,7 +807,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user *args) |
1476 |
|
1477 |
if (call < SYS_SOCKET || call > SYS_SENDMMSG) |
1478 |
return -EINVAL; |
1479 |
@@ -91950,7 +91726,7 @@ index 2c3d0f5..f5a326f 100644 |
1480 |
} |
1481 |
|
1482 |
diff --git a/net/core/sock.c b/net/core/sock.c |
1483 |
-index 2c097c5..bf72858 100644 |
1484 |
+index 8729d91..4a20427 100644 |
1485 |
--- a/net/core/sock.c |
1486 |
+++ b/net/core/sock.c |
1487 |
@@ -392,7 +392,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) |
1488 |
@@ -92037,7 +91813,7 @@ index 2c097c5..bf72858 100644 |
1489 |
return -EFAULT; |
1490 |
lenout: |
1491 |
if (put_user(len, optlen)) |
1492 |
-@@ -2303,7 +2303,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
1493 |
+@@ -2304,7 +2304,7 @@ void sock_init_data(struct socket *sock, struct sock *sk) |
1494 |
*/ |
1495 |
smp_wmb(); |
1496 |
atomic_set(&sk->sk_refcnt, 1); |
1497 |
@@ -92369,7 +92145,7 @@ index 6acb541..9ea617d 100644 |
1498 |
|
1499 |
void inet_get_local_port_range(int *low, int *high) |
1500 |
diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c |
1501 |
-index 7bd8983..b956690 100644 |
1502 |
+index 96da9c7..b956690 100644 |
1503 |
--- a/net/ipv4/inet_hashtables.c |
1504 |
+++ b/net/ipv4/inet_hashtables.c |
1505 |
@@ -18,12 +18,15 @@ |
1506 |
@@ -92388,15 +92164,6 @@ index 7bd8983..b956690 100644 |
1507 |
/* |
1508 |
* Allocate and initialize a new local port bind bucket. |
1509 |
* The bindhash mutex for snum's hash chain must be held here. |
1510 |
-@@ -287,7 +290,7 @@ begintw: |
1511 |
- if (unlikely(!INET_TW_MATCH(sk, net, acookie, |
1512 |
- saddr, daddr, ports, |
1513 |
- dif))) { |
1514 |
-- sock_put(sk); |
1515 |
-+ inet_twsk_put(inet_twsk(sk)); |
1516 |
- goto begintw; |
1517 |
- } |
1518 |
- goto out; |
1519 |
@@ -554,6 +557,8 @@ ok: |
1520 |
twrefcnt += inet_twsk_bind_unhash(tw, hinfo); |
1521 |
spin_unlock(&head->lock); |
1522 |
@@ -92503,19 +92270,6 @@ index 8d6939e..19d0a95 100644 |
1523 |
.kind = "gretap", |
1524 |
.maxtype = IFLA_GRE_MAX, |
1525 |
.policy = ipgre_policy, |
1526 |
-diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c |
1527 |
-index a04d872..7f4ab5d 100644 |
1528 |
---- a/net/ipv4/ip_output.c |
1529 |
-+++ b/net/ipv4/ip_output.c |
1530 |
-@@ -836,7 +836,7 @@ static int __ip_append_data(struct sock *sk, |
1531 |
- csummode = CHECKSUM_PARTIAL; |
1532 |
- |
1533 |
- cork->length += length; |
1534 |
-- if (((length > mtu) || (skb && skb_is_gso(skb))) && |
1535 |
-+ if (((length > mtu) || (skb && skb_has_frags(skb))) && |
1536 |
- (sk->sk_protocol == IPPROTO_UDP) && |
1537 |
- (rt->dst.dev->features & NETIF_F_UFO) && !rt->dst.header_len) { |
1538 |
- err = ip_ufo_append_data(sk, queue, getfrag, from, length, |
1539 |
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c |
1540 |
index d9c4f11..02b82dbc 100644 |
1541 |
--- a/net/ipv4/ip_sockglue.c |
1542 |
@@ -92540,7 +92294,7 @@ index d9c4f11..02b82dbc 100644 |
1543 |
msg.msg_flags = flags; |
1544 |
|
1545 |
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c |
1546 |
-index 17cc0ff..63856c4 100644 |
1547 |
+index 0656041..d6ecb60 100644 |
1548 |
--- a/net/ipv4/ip_vti.c |
1549 |
+++ b/net/ipv4/ip_vti.c |
1550 |
@@ -47,7 +47,7 @@ |
1551 |
@@ -92552,7 +92306,7 @@ index 17cc0ff..63856c4 100644 |
1552 |
|
1553 |
static int vti_net_id __read_mostly; |
1554 |
struct vti_net { |
1555 |
-@@ -840,7 +840,7 @@ static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = { |
1556 |
+@@ -848,7 +848,7 @@ static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = { |
1557 |
[IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) }, |
1558 |
}; |
1559 |
|
1560 |
@@ -92870,7 +92624,7 @@ index 6fb2337..9cd6b20 100644 |
1561 |
|
1562 |
static int raw_seq_show(struct seq_file *seq, void *v) |
1563 |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c |
1564 |
-index a9a54a2..647316e 100644 |
1565 |
+index 2de16d9..da558c7 100644 |
1566 |
--- a/net/ipv4/route.c |
1567 |
+++ b/net/ipv4/route.c |
1568 |
@@ -2615,34 +2615,34 @@ static struct ctl_table ipv4_route_flush_table[] = { |
1569 |
@@ -92928,10 +92682,10 @@ index a9a54a2..647316e 100644 |
1570 |
sizeof(net->ipv4.dev_addr_genid)); |
1571 |
return 0; |
1572 |
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c |
1573 |
-index 610e324..fd42e75 100644 |
1574 |
+index 6900b8b..7832c6b 100644 |
1575 |
--- a/net/ipv4/sysctl_net_ipv4.c |
1576 |
+++ b/net/ipv4/sysctl_net_ipv4.c |
1577 |
-@@ -57,7 +57,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write, |
1578 |
+@@ -58,7 +58,7 @@ static int ipv4_local_port_range(struct ctl_table *table, int write, |
1579 |
{ |
1580 |
int ret; |
1581 |
int range[2]; |
1582 |
@@ -92940,7 +92694,7 @@ index 610e324..fd42e75 100644 |
1583 |
.data = &range, |
1584 |
.maxlen = sizeof(range), |
1585 |
.mode = table->mode, |
1586 |
-@@ -110,7 +110,7 @@ static int ipv4_ping_group_range(struct ctl_table *table, int write, |
1587 |
+@@ -111,7 +111,7 @@ static int ipv4_ping_group_range(struct ctl_table *table, int write, |
1588 |
int ret; |
1589 |
gid_t urange[2]; |
1590 |
kgid_t low, high; |
1591 |
@@ -92949,7 +92703,7 @@ index 610e324..fd42e75 100644 |
1592 |
.data = &urange, |
1593 |
.maxlen = sizeof(urange), |
1594 |
.mode = table->mode, |
1595 |
-@@ -141,7 +141,7 @@ static int proc_tcp_congestion_control(struct ctl_table *ctl, int write, |
1596 |
+@@ -142,7 +142,7 @@ static int proc_tcp_congestion_control(struct ctl_table *ctl, int write, |
1597 |
void __user *buffer, size_t *lenp, loff_t *ppos) |
1598 |
{ |
1599 |
char val[TCP_CA_NAME_MAX]; |
1600 |
@@ -92958,7 +92712,7 @@ index 610e324..fd42e75 100644 |
1601 |
.data = val, |
1602 |
.maxlen = TCP_CA_NAME_MAX, |
1603 |
}; |
1604 |
-@@ -160,7 +160,7 @@ static int proc_tcp_available_congestion_control(struct ctl_table *ctl, |
1605 |
+@@ -161,7 +161,7 @@ static int proc_tcp_available_congestion_control(struct ctl_table *ctl, |
1606 |
void __user *buffer, size_t *lenp, |
1607 |
loff_t *ppos) |
1608 |
{ |
1609 |
@@ -92967,7 +92721,7 @@ index 610e324..fd42e75 100644 |
1610 |
int ret; |
1611 |
|
1612 |
tbl.data = kmalloc(tbl.maxlen, GFP_USER); |
1613 |
-@@ -177,7 +177,7 @@ static int proc_allowed_congestion_control(struct ctl_table *ctl, |
1614 |
+@@ -178,7 +178,7 @@ static int proc_allowed_congestion_control(struct ctl_table *ctl, |
1615 |
void __user *buffer, size_t *lenp, |
1616 |
loff_t *ppos) |
1617 |
{ |
1618 |
@@ -92976,7 +92730,7 @@ index 610e324..fd42e75 100644 |
1619 |
int ret; |
1620 |
|
1621 |
tbl.data = kmalloc(tbl.maxlen, GFP_USER); |
1622 |
-@@ -203,15 +203,17 @@ static int ipv4_tcp_mem(struct ctl_table *ctl, int write, |
1623 |
+@@ -204,15 +204,17 @@ static int ipv4_tcp_mem(struct ctl_table *ctl, int write, |
1624 |
struct mem_cgroup *memcg; |
1625 |
#endif |
1626 |
|
1627 |
@@ -92997,7 +92751,7 @@ index 610e324..fd42e75 100644 |
1628 |
} |
1629 |
|
1630 |
ret = proc_doulongvec_minmax(&tmp, write, buffer, lenp, ppos); |
1631 |
-@@ -239,7 +241,7 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, |
1632 |
+@@ -240,7 +242,7 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, |
1633 |
void __user *buffer, size_t *lenp, |
1634 |
loff_t *ppos) |
1635 |
{ |
1636 |
@@ -93006,7 +92760,7 @@ index 610e324..fd42e75 100644 |
1637 |
struct tcp_fastopen_context *ctxt; |
1638 |
int ret; |
1639 |
u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */ |
1640 |
-@@ -482,7 +484,7 @@ static struct ctl_table ipv4_table[] = { |
1641 |
+@@ -483,7 +485,7 @@ static struct ctl_table ipv4_table[] = { |
1642 |
}, |
1643 |
{ |
1644 |
.procname = "ip_local_reserved_ports", |
1645 |
@@ -93015,7 +92769,7 @@ index 610e324..fd42e75 100644 |
1646 |
.maxlen = 65536, |
1647 |
.mode = 0644, |
1648 |
.proc_handler = proc_do_large_bitmap, |
1649 |
-@@ -847,11 +849,10 @@ static struct ctl_table ipv4_net_table[] = { |
1650 |
+@@ -857,11 +859,10 @@ static struct ctl_table ipv4_net_table[] = { |
1651 |
|
1652 |
static __net_init int ipv4_sysctl_init_net(struct net *net) |
1653 |
{ |
1654 |
@@ -93029,7 +92783,7 @@ index 610e324..fd42e75 100644 |
1655 |
if (table == NULL) |
1656 |
goto err_alloc; |
1657 |
|
1658 |
-@@ -886,15 +887,17 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) |
1659 |
+@@ -896,15 +897,17 @@ static __net_init int ipv4_sysctl_init_net(struct net *net) |
1660 |
|
1661 |
tcp_init_mem(net); |
1662 |
|
1663 |
@@ -93050,7 +92804,7 @@ index 610e324..fd42e75 100644 |
1664 |
err_alloc: |
1665 |
return -ENOMEM; |
1666 |
} |
1667 |
-@@ -916,16 +919,6 @@ static __net_initdata struct pernet_operations ipv4_sysctl_ops = { |
1668 |
+@@ -926,16 +929,6 @@ static __net_initdata struct pernet_operations ipv4_sysctl_ops = { |
1669 |
static __init int sysctl_ipv4_init(void) |
1670 |
{ |
1671 |
struct ctl_table_header *hdr; |
1672 |
@@ -93068,10 +92822,10 @@ index 610e324..fd42e75 100644 |
1673 |
hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table); |
1674 |
if (hdr == NULL) |
1675 |
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
1676 |
-index 3ca2139..c4cc060 100644 |
1677 |
+index 723951a..61cf1cc 100644 |
1678 |
--- a/net/ipv4/tcp_input.c |
1679 |
+++ b/net/ipv4/tcp_input.c |
1680 |
-@@ -4379,7 +4379,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
1681 |
+@@ -4412,7 +4412,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, |
1682 |
* simplifies code) |
1683 |
*/ |
1684 |
static void |
1685 |
@@ -93080,7 +92834,7 @@ index 3ca2139..c4cc060 100644 |
1686 |
struct sk_buff *head, struct sk_buff *tail, |
1687 |
u32 start, u32 end) |
1688 |
{ |
1689 |
-@@ -5465,6 +5465,7 @@ discard: |
1690 |
+@@ -5498,6 +5498,7 @@ discard: |
1691 |
tcp_paws_reject(&tp->rx_opt, 0)) |
1692 |
goto discard_and_undo; |
1693 |
|
1694 |
@@ -93088,7 +92842,7 @@ index 3ca2139..c4cc060 100644 |
1695 |
if (th->syn) { |
1696 |
/* We see SYN without ACK. It is attempt of |
1697 |
* simultaneous connect with crossed SYNs. |
1698 |
-@@ -5515,6 +5516,7 @@ discard: |
1699 |
+@@ -5548,6 +5549,7 @@ discard: |
1700 |
goto discard; |
1701 |
#endif |
1702 |
} |
1703 |
@@ -93096,7 +92850,7 @@ index 3ca2139..c4cc060 100644 |
1704 |
/* "fifth, if neither of the SYN or RST bits is set then |
1705 |
* drop the segment and return." |
1706 |
*/ |
1707 |
-@@ -5560,7 +5562,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
1708 |
+@@ -5593,7 +5595,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, |
1709 |
goto discard; |
1710 |
|
1711 |
if (th->syn) { |
1712 |
@@ -93191,40 +92945,6 @@ index ab1c086..2a8d76b 100644 |
1713 |
} else if (fastopen) { /* received a valid RST pkt */ |
1714 |
reqsk_fastopen_remove(sk, req, true); |
1715 |
tcp_reset(sk); |
1716 |
-diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
1717 |
-index 170737a..75cbd26 100644 |
1718 |
---- a/net/ipv4/tcp_output.c |
1719 |
-+++ b/net/ipv4/tcp_output.c |
1720 |
-@@ -982,6 +982,9 @@ static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb) |
1721 |
- static void tcp_set_skb_tso_segs(const struct sock *sk, struct sk_buff *skb, |
1722 |
- unsigned int mss_now) |
1723 |
- { |
1724 |
-+ /* Make sure we own this skb before messing gso_size/gso_segs */ |
1725 |
-+ WARN_ON_ONCE(skb_cloned(skb)); |
1726 |
-+ |
1727 |
- if (skb->len <= mss_now || !sk_can_gso(sk) || |
1728 |
- skb->ip_summed == CHECKSUM_NONE) { |
1729 |
- /* Avoid the costly divide in the normal |
1730 |
-@@ -1063,9 +1066,7 @@ int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len, |
1731 |
- if (nsize < 0) |
1732 |
- nsize = 0; |
1733 |
- |
1734 |
-- if (skb_cloned(skb) && |
1735 |
-- skb_is_nonlinear(skb) && |
1736 |
-- pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) |
1737 |
-+ if (skb_unclone(skb, GFP_ATOMIC)) |
1738 |
- return -ENOMEM; |
1739 |
- |
1740 |
- /* Get a new skb... force flag on. */ |
1741 |
-@@ -2334,6 +2335,8 @@ int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb) |
1742 |
- int oldpcount = tcp_skb_pcount(skb); |
1743 |
- |
1744 |
- if (unlikely(oldpcount > 1)) { |
1745 |
-+ if (skb_unclone(skb, GFP_ATOMIC)) |
1746 |
-+ return -ENOMEM; |
1747 |
- tcp_init_tso_segs(sk, skb, cur_mss); |
1748 |
- tcp_adjust_pcount(sk, skb, oldpcount - tcp_skb_pcount(skb)); |
1749 |
- } |
1750 |
diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c |
1751 |
index d4943f6..e7a74a5 100644 |
1752 |
--- a/net/ipv4/tcp_probe.c |
1753 |
@@ -93520,19 +93240,6 @@ index 7cfc8d2..c5394b6 100644 |
1754 |
|
1755 |
table = kmemdup(ipv6_icmp_table_template, |
1756 |
sizeof(ipv6_icmp_table_template), |
1757 |
-diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c |
1758 |
-index 32b4a16..066640e 100644 |
1759 |
---- a/net/ipv6/inet6_hashtables.c |
1760 |
-+++ b/net/ipv6/inet6_hashtables.c |
1761 |
-@@ -116,7 +116,7 @@ begintw: |
1762 |
- } |
1763 |
- if (unlikely(!INET6_TW_MATCH(sk, net, saddr, daddr, |
1764 |
- ports, dif))) { |
1765 |
-- sock_put(sk); |
1766 |
-+ inet_twsk_put(inet_twsk(sk)); |
1767 |
- goto begintw; |
1768 |
- } |
1769 |
- goto out; |
1770 |
diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c |
1771 |
index 8bc717b..76fbb5d 100644 |
1772 |
--- a/net/ipv6/ip6_gre.c |
1773 |
@@ -93573,19 +93280,6 @@ index 8bc717b..76fbb5d 100644 |
1774 |
.kind = "ip6gretap", |
1775 |
.maxtype = IFLA_GRE_MAX, |
1776 |
.policy = ip6gre_policy, |
1777 |
-diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c |
1778 |
-index 44df1c9..2e542d0 100644 |
1779 |
---- a/net/ipv6/ip6_output.c |
1780 |
-+++ b/net/ipv6/ip6_output.c |
1781 |
-@@ -1252,7 +1252,7 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, |
1782 |
- skb = skb_peek_tail(&sk->sk_write_queue); |
1783 |
- cork->length += length; |
1784 |
- if (((length > mtu) || |
1785 |
-- (skb && skb_is_gso(skb))) && |
1786 |
-+ (skb && skb_has_frags(skb))) && |
1787 |
- (sk->sk_protocol == IPPROTO_UDP) && |
1788 |
- (rt->dst.dev->features & NETIF_F_UFO)) { |
1789 |
- err = ip6_ufo_append_data(sk, getfrag, from, length, |
1790 |
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c |
1791 |
index cf5d490..30946f0 100644 |
1792 |
--- a/net/ipv6/ip6_tunnel.c |
1793 |
@@ -93925,10 +93619,10 @@ index 1aeb473..bea761c 100644 |
1794 |
return -ENOMEM; |
1795 |
} |
1796 |
diff --git a/net/ipv6/route.c b/net/ipv6/route.c |
1797 |
-index 8d9a93ed..cd89616 100644 |
1798 |
+index 1e32d5c..cbe3b46 100644 |
1799 |
--- a/net/ipv6/route.c |
1800 |
+++ b/net/ipv6/route.c |
1801 |
-@@ -2926,7 +2926,7 @@ struct ctl_table ipv6_route_table_template[] = { |
1802 |
+@@ -2954,7 +2954,7 @@ struct ctl_table ipv6_route_table_template[] = { |
1803 |
|
1804 |
struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) |
1805 |
{ |
1806 |
@@ -93938,7 +93632,7 @@ index 8d9a93ed..cd89616 100644 |
1807 |
table = kmemdup(ipv6_route_table_template, |
1808 |
sizeof(ipv6_route_table_template), |
1809 |
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c |
1810 |
-index 86f639b..71e355e 100644 |
1811 |
+index a51ad07..a90bc19 100644 |
1812 |
--- a/net/ipv6/sit.c |
1813 |
+++ b/net/ipv6/sit.c |
1814 |
@@ -74,7 +74,7 @@ static void ipip6_tunnel_setup(struct net_device *dev); |
1815 |
@@ -94278,10 +93972,10 @@ index ab8bd2c..3a3eb81 100644 |
1816 |
return res; |
1817 |
} |
1818 |
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c |
1819 |
-index feae495..aedaa2c 100644 |
1820 |
+index b076e83..793e6ff 100644 |
1821 |
--- a/net/l2tp/l2tp_core.c |
1822 |
+++ b/net/l2tp/l2tp_core.c |
1823 |
-@@ -496,6 +496,7 @@ out: |
1824 |
+@@ -501,6 +501,7 @@ out: |
1825 |
static inline int l2tp_verify_udp_checksum(struct sock *sk, |
1826 |
struct sk_buff *skb) |
1827 |
{ |
1828 |
@@ -94289,81 +93983,6 @@ index feae495..aedaa2c 100644 |
1829 |
struct udphdr *uh = udp_hdr(skb); |
1830 |
u16 ulen = ntohs(uh->len); |
1831 |
__wsum psum; |
1832 |
-@@ -504,7 +505,7 @@ static inline int l2tp_verify_udp_checksum(struct sock *sk, |
1833 |
- return 0; |
1834 |
- |
1835 |
- #if IS_ENABLED(CONFIG_IPV6) |
1836 |
-- if (sk->sk_family == PF_INET6) { |
1837 |
-+ if (sk->sk_family == PF_INET6 && !tunnel->v4mapped) { |
1838 |
- if (!uh->check) { |
1839 |
- LIMIT_NETDEBUG(KERN_INFO "L2TP: IPv6: checksum is 0\n"); |
1840 |
- return 1; |
1841 |
-@@ -1128,7 +1129,7 @@ static int l2tp_xmit_core(struct l2tp_session *session, struct sk_buff *skb, |
1842 |
- /* Queue the packet to IP for output */ |
1843 |
- skb->local_df = 1; |
1844 |
- #if IS_ENABLED(CONFIG_IPV6) |
1845 |
-- if (skb->sk->sk_family == PF_INET6) |
1846 |
-+ if (skb->sk->sk_family == PF_INET6 && !tunnel->v4mapped) |
1847 |
- error = inet6_csk_xmit(skb, NULL); |
1848 |
- else |
1849 |
- #endif |
1850 |
-@@ -1255,7 +1256,7 @@ int l2tp_xmit_skb(struct l2tp_session *session, struct sk_buff *skb, int hdr_len |
1851 |
- |
1852 |
- /* Calculate UDP checksum if configured to do so */ |
1853 |
- #if IS_ENABLED(CONFIG_IPV6) |
1854 |
-- if (sk->sk_family == PF_INET6) |
1855 |
-+ if (sk->sk_family == PF_INET6 && !tunnel->v4mapped) |
1856 |
- l2tp_xmit_ipv6_csum(sk, skb, udp_len); |
1857 |
- else |
1858 |
- #endif |
1859 |
-@@ -1704,6 +1705,24 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32 |
1860 |
- if (cfg != NULL) |
1861 |
- tunnel->debug = cfg->debug; |
1862 |
- |
1863 |
-+#if IS_ENABLED(CONFIG_IPV6) |
1864 |
-+ if (sk->sk_family == PF_INET6) { |
1865 |
-+ struct ipv6_pinfo *np = inet6_sk(sk); |
1866 |
-+ |
1867 |
-+ if (ipv6_addr_v4mapped(&np->saddr) && |
1868 |
-+ ipv6_addr_v4mapped(&np->daddr)) { |
1869 |
-+ struct inet_sock *inet = inet_sk(sk); |
1870 |
-+ |
1871 |
-+ tunnel->v4mapped = true; |
1872 |
-+ inet->inet_saddr = np->saddr.s6_addr32[3]; |
1873 |
-+ inet->inet_rcv_saddr = np->rcv_saddr.s6_addr32[3]; |
1874 |
-+ inet->inet_daddr = np->daddr.s6_addr32[3]; |
1875 |
-+ } else { |
1876 |
-+ tunnel->v4mapped = false; |
1877 |
-+ } |
1878 |
-+ } |
1879 |
-+#endif |
1880 |
-+ |
1881 |
- /* Mark socket as an encapsulation socket. See net/ipv4/udp.c */ |
1882 |
- tunnel->encap = encap; |
1883 |
- if (encap == L2TP_ENCAPTYPE_UDP) { |
1884 |
-@@ -1712,7 +1731,7 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32 |
1885 |
- udp_sk(sk)->encap_rcv = l2tp_udp_encap_recv; |
1886 |
- udp_sk(sk)->encap_destroy = l2tp_udp_encap_destroy; |
1887 |
- #if IS_ENABLED(CONFIG_IPV6) |
1888 |
-- if (sk->sk_family == PF_INET6) |
1889 |
-+ if (sk->sk_family == PF_INET6 && !tunnel->v4mapped) |
1890 |
- udpv6_encap_enable(); |
1891 |
- else |
1892 |
- #endif |
1893 |
-diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h |
1894 |
-index 66a559b..6f251cb 100644 |
1895 |
---- a/net/l2tp/l2tp_core.h |
1896 |
-+++ b/net/l2tp/l2tp_core.h |
1897 |
-@@ -194,6 +194,9 @@ struct l2tp_tunnel { |
1898 |
- struct sock *sock; /* Parent socket */ |
1899 |
- int fd; /* Parent fd, if tunnel socket |
1900 |
- * was created by userspace */ |
1901 |
-+#if IS_ENABLED(CONFIG_IPV6) |
1902 |
-+ bool v4mapped; |
1903 |
-+#endif |
1904 |
- |
1905 |
- struct work_struct del_work; |
1906 |
- |
1907 |
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c |
1908 |
index 43dd752..63a23bc 100644 |
1909 |
--- a/net/mac80211/cfg.c |
1910 |
@@ -95977,7 +95596,7 @@ index 9a5c4c9..46e4b29 100644 |
1911 |
|
1912 |
table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); |
1913 |
diff --git a/net/socket.c b/net/socket.c |
1914 |
-index b2d7c62..f703b02 100644 |
1915 |
+index 4b94643..f703b02 100644 |
1916 |
--- a/net/socket.c |
1917 |
+++ b/net/socket.c |
1918 |
@@ -88,6 +88,7 @@ |
1919 |
@@ -96161,38 +95780,7 @@ index b2d7c62..f703b02 100644 |
1920 |
int err, err2; |
1921 |
int fput_needed; |
1922 |
|
1923 |
-@@ -1973,6 +2039,16 @@ struct used_address { |
1924 |
- unsigned int name_len; |
1925 |
- }; |
1926 |
- |
1927 |
-+static int copy_msghdr_from_user(struct msghdr *kmsg, |
1928 |
-+ struct msghdr __user *umsg) |
1929 |
-+{ |
1930 |
-+ if (copy_from_user(kmsg, umsg, sizeof(struct msghdr))) |
1931 |
-+ return -EFAULT; |
1932 |
-+ if (kmsg->msg_namelen > sizeof(struct sockaddr_storage)) |
1933 |
-+ return -EINVAL; |
1934 |
-+ return 0; |
1935 |
-+} |
1936 |
-+ |
1937 |
- static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, |
1938 |
- struct msghdr *msg_sys, unsigned int flags, |
1939 |
- struct used_address *used_address) |
1940 |
-@@ -1991,8 +2067,11 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, |
1941 |
- if (MSG_CMSG_COMPAT & flags) { |
1942 |
- if (get_compat_msghdr(msg_sys, msg_compat)) |
1943 |
- return -EFAULT; |
1944 |
-- } else if (copy_from_user(msg_sys, msg, sizeof(struct msghdr))) |
1945 |
-- return -EFAULT; |
1946 |
-+ } else { |
1947 |
-+ err = copy_msghdr_from_user(msg_sys, msg); |
1948 |
-+ if (err) |
1949 |
-+ return err; |
1950 |
-+ } |
1951 |
- |
1952 |
- if (msg_sys->msg_iovlen > UIO_FASTIOV) { |
1953 |
- err = -EMSGSIZE; |
1954 |
-@@ -2040,7 +2119,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, |
1955 |
+@@ -2053,7 +2119,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, |
1956 |
* checking falls down on this. |
1957 |
*/ |
1958 |
if (copy_from_user(ctl_buf, |
1959 |
@@ -96201,7 +95789,7 @@ index b2d7c62..f703b02 100644 |
1960 |
ctl_len)) |
1961 |
goto out_freectl; |
1962 |
msg_sys->msg_control = ctl_buf; |
1963 |
-@@ -2191,7 +2270,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
1964 |
+@@ -2204,7 +2270,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
1965 |
int err, total_len, len; |
1966 |
|
1967 |
/* kernel mode address */ |
1968 |
@@ -96210,21 +95798,7 @@ index b2d7c62..f703b02 100644 |
1969 |
|
1970 |
/* user mode address pointers */ |
1971 |
struct sockaddr __user *uaddr; |
1972 |
-@@ -2200,8 +2279,11 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
1973 |
- if (MSG_CMSG_COMPAT & flags) { |
1974 |
- if (get_compat_msghdr(msg_sys, msg_compat)) |
1975 |
- return -EFAULT; |
1976 |
-- } else if (copy_from_user(msg_sys, msg, sizeof(struct msghdr))) |
1977 |
-- return -EFAULT; |
1978 |
-+ } else { |
1979 |
-+ err = copy_msghdr_from_user(msg_sys, msg); |
1980 |
-+ if (err) |
1981 |
-+ return err; |
1982 |
-+ } |
1983 |
- |
1984 |
- if (msg_sys->msg_iovlen > UIO_FASTIOV) { |
1985 |
- err = -EMSGSIZE; |
1986 |
-@@ -2219,7 +2301,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
1987 |
+@@ -2235,7 +2301,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
1988 |
* kernel msghdr to use the kernel address space) |
1989 |
*/ |
1990 |
|
1991 |
@@ -96233,7 +95807,7 @@ index b2d7c62..f703b02 100644 |
1992 |
uaddr_len = COMPAT_NAMELEN(msg); |
1993 |
if (MSG_CMSG_COMPAT & flags) { |
1994 |
err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); |
1995 |
-@@ -2974,7 +3056,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, |
1996 |
+@@ -2990,7 +3056,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, |
1997 |
old_fs = get_fs(); |
1998 |
set_fs(KERNEL_DS); |
1999 |
err = dev_ioctl(net, cmd, |
2000 |
@@ -96242,7 +95816,7 @@ index b2d7c62..f703b02 100644 |
2001 |
set_fs(old_fs); |
2002 |
|
2003 |
return err; |
2004 |
-@@ -3083,7 +3165,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, |
2005 |
+@@ -3099,7 +3165,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, |
2006 |
|
2007 |
old_fs = get_fs(); |
2008 |
set_fs(KERNEL_DS); |
2009 |
@@ -96251,7 +95825,7 @@ index b2d7c62..f703b02 100644 |
2010 |
set_fs(old_fs); |
2011 |
|
2012 |
if (cmd == SIOCGIFMAP && !err) { |
2013 |
-@@ -3188,7 +3270,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, |
2014 |
+@@ -3204,7 +3270,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, |
2015 |
ret |= __get_user(rtdev, &(ur4->rt_dev)); |
2016 |
if (rtdev) { |
2017 |
ret |= copy_from_user(devname, compat_ptr(rtdev), 15); |
2018 |
@@ -96260,7 +95834,7 @@ index b2d7c62..f703b02 100644 |
2019 |
devname[15] = 0; |
2020 |
} else |
2021 |
r4.rt_dev = NULL; |
2022 |
-@@ -3414,8 +3496,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, |
2023 |
+@@ -3430,8 +3496,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, |
2024 |
int __user *uoptlen; |
2025 |
int err; |
2026 |
|
2027 |
@@ -96271,7 +95845,7 @@ index b2d7c62..f703b02 100644 |
2028 |
|
2029 |
set_fs(KERNEL_DS); |
2030 |
if (level == SOL_SOCKET) |
2031 |
-@@ -3435,7 +3517,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, |
2032 |
+@@ -3451,7 +3517,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, |
2033 |
char __user *uoptval; |
2034 |
int err; |
2035 |
|
2036 |
@@ -96614,7 +96188,7 @@ index d38bb45..4fd6ac6 100644 |
2037 |
|
2038 |
sub->evt.event = htohl(event, sub->swap); |
2039 |
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
2040 |
-index c4ce243..2be7c59 100644 |
2041 |
+index e64bbcf..9c3ba79 100644 |
2042 |
--- a/net/unix/af_unix.c |
2043 |
+++ b/net/unix/af_unix.c |
2044 |
@@ -784,6 +784,12 @@ static struct sock *unix_find_other(struct net *net, |
2045 |
@@ -96663,7 +96237,7 @@ index c4ce243..2be7c59 100644 |
2046 |
done_path_create(&path, dentry); |
2047 |
return err; |
2048 |
} |
2049 |
-@@ -2325,9 +2344,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
2050 |
+@@ -2335,9 +2354,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
2051 |
seq_puts(seq, "Num RefCount Protocol Flags Type St " |
2052 |
"Inode Path\n"); |
2053 |
else { |
2054 |
@@ -96678,7 +96252,7 @@ index c4ce243..2be7c59 100644 |
2055 |
|
2056 |
seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", |
2057 |
s, |
2058 |
-@@ -2354,8 +2377,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
2059 |
+@@ -2364,8 +2387,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
2060 |
} |
2061 |
for ( ; i < len; i++) |
2062 |
seq_putc(seq, u->addr->name->sun_path[i]); |
2063 |
@@ -96691,18 +96265,6 @@ index c4ce243..2be7c59 100644 |
2064 |
seq_putc(seq, '\n'); |
2065 |
} |
2066 |
|
2067 |
-diff --git a/net/unix/diag.c b/net/unix/diag.c |
2068 |
-index d591091..86fa0f3 100644 |
2069 |
---- a/net/unix/diag.c |
2070 |
-+++ b/net/unix/diag.c |
2071 |
-@@ -124,6 +124,7 @@ static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_r |
2072 |
- rep->udiag_family = AF_UNIX; |
2073 |
- rep->udiag_type = sk->sk_type; |
2074 |
- rep->udiag_state = sk->sk_state; |
2075 |
-+ rep->pad = 0; |
2076 |
- rep->udiag_ino = sk_ino; |
2077 |
- sock_diag_save_cookie(sk, rep->udiag_cookie); |
2078 |
- |
2079 |
diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c |
2080 |
index b3d5150..ff3a837 100644 |
2081 |
--- a/net/unix/sysctl_net_unix.c |
2082 |
@@ -97631,10 +97193,10 @@ index f5eb43d..1814de8 100644 |
2083 |
shdr = (Elf_Shdr *)((char *)ehdr + _r(&ehdr->e_shoff)); |
2084 |
shstrtab_sec = shdr + r2(&ehdr->e_shstrndx); |
2085 |
diff --git a/security/Kconfig b/security/Kconfig |
2086 |
-index e9c6ac7..5b9d82e 100644 |
2087 |
+index e9c6ac7..031a726 100644 |
2088 |
--- a/security/Kconfig |
2089 |
+++ b/security/Kconfig |
2090 |
-@@ -4,6 +4,959 @@ |
2091 |
+@@ -4,6 +4,960 @@ |
2092 |
|
2093 |
menu "Security options" |
2094 |
|
2095 |
@@ -97669,6 +97231,7 @@ index e9c6ac7..5b9d82e 100644 |
2096 |
+ select PROC_FS |
2097 |
+ select STOP_MACHINE |
2098 |
+ select TTY |
2099 |
++ select DEBUG_LIST |
2100 |
+ help |
2101 |
+ If you say Y here, you will be able to configure many features |
2102 |
+ that will enhance the security of your system. It is highly |
2103 |
@@ -98594,7 +98157,7 @@ index e9c6ac7..5b9d82e 100644 |
2104 |
source security/keys/Kconfig |
2105 |
|
2106 |
config SECURITY_DMESG_RESTRICT |
2107 |
-@@ -103,7 +1056,7 @@ config INTEL_TXT |
2108 |
+@@ -103,7 +1057,7 @@ config INTEL_TXT |
2109 |
config LSM_MMAP_MIN_ADDR |
2110 |
int "Low address space for LSM to protect from user allocation" |
2111 |
depends on SECURITY && SECURITY_SELINUX |
2112 |
|
2113 |
diff --git a/3.11.6/4425_grsec_remove_EI_PAX.patch b/3.11.7/4425_grsec_remove_EI_PAX.patch |
2114 |
similarity index 96% |
2115 |
rename from 3.11.6/4425_grsec_remove_EI_PAX.patch |
2116 |
rename to 3.11.7/4425_grsec_remove_EI_PAX.patch |
2117 |
index 415fda5..cf65d90 100644 |
2118 |
--- a/3.11.6/4425_grsec_remove_EI_PAX.patch |
2119 |
+++ b/3.11.7/4425_grsec_remove_EI_PAX.patch |
2120 |
@@ -8,7 +8,7 @@ X-Gentoo-Bug-URL: https://bugs.gentoo.org/445600 |
2121 |
diff -Nuar linux-3.7.1-hardened.orig/security/Kconfig linux-3.7.1-hardened/security/Kconfig |
2122 |
--- linux-3.7.1-hardened.orig/security/Kconfig 2012-12-26 08:39:29.000000000 -0500 |
2123 |
+++ linux-3.7.1-hardened/security/Kconfig 2012-12-26 09:05:44.000000000 -0500 |
2124 |
-@@ -266,7 +266,7 @@ |
2125 |
+@@ -267,7 +267,7 @@ |
2126 |
|
2127 |
config PAX_EI_PAX |
2128 |
bool 'Use legacy ELF header marking' |
2129 |
|
2130 |
diff --git a/3.11.6/4427_force_XATTR_PAX_tmpfs.patch b/3.11.7/4427_force_XATTR_PAX_tmpfs.patch |
2131 |
similarity index 100% |
2132 |
rename from 3.11.6/4427_force_XATTR_PAX_tmpfs.patch |
2133 |
rename to 3.11.7/4427_force_XATTR_PAX_tmpfs.patch |
2134 |
|
2135 |
diff --git a/3.11.6/4430_grsec-remove-localversion-grsec.patch b/3.11.7/4430_grsec-remove-localversion-grsec.patch |
2136 |
similarity index 100% |
2137 |
rename from 3.11.6/4430_grsec-remove-localversion-grsec.patch |
2138 |
rename to 3.11.7/4430_grsec-remove-localversion-grsec.patch |
2139 |
|
2140 |
diff --git a/3.11.6/4435_grsec-mute-warnings.patch b/3.11.7/4435_grsec-mute-warnings.patch |
2141 |
similarity index 100% |
2142 |
rename from 3.11.6/4435_grsec-mute-warnings.patch |
2143 |
rename to 3.11.7/4435_grsec-mute-warnings.patch |
2144 |
|
2145 |
diff --git a/3.11.6/4440_grsec-remove-protected-paths.patch b/3.11.7/4440_grsec-remove-protected-paths.patch |
2146 |
similarity index 100% |
2147 |
rename from 3.11.6/4440_grsec-remove-protected-paths.patch |
2148 |
rename to 3.11.7/4440_grsec-remove-protected-paths.patch |
2149 |
|
2150 |
diff --git a/3.11.6/4450_grsec-kconfig-default-gids.patch b/3.11.7/4450_grsec-kconfig-default-gids.patch |
2151 |
similarity index 98% |
2152 |
rename from 3.11.6/4450_grsec-kconfig-default-gids.patch |
2153 |
rename to 3.11.7/4450_grsec-kconfig-default-gids.patch |
2154 |
index 8c7b0b2..c928378 100644 |
2155 |
--- a/3.11.6/4450_grsec-kconfig-default-gids.patch |
2156 |
+++ b/3.11.7/4450_grsec-kconfig-default-gids.patch |
2157 |
@@ -73,7 +73,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
2158 |
diff -Nuar a/security/Kconfig b/security/Kconfig |
2159 |
--- a/security/Kconfig 2012-10-13 09:51:35.000000000 -0400 |
2160 |
+++ b/security/Kconfig 2012-10-13 09:52:59.000000000 -0400 |
2161 |
-@@ -194,7 +194,7 @@ |
2162 |
+@@ -195,7 +195,7 @@ |
2163 |
|
2164 |
config GRKERNSEC_PROC_GID |
2165 |
int "GID exempted from /proc restrictions" |
2166 |
@@ -82,7 +82,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2167 |
help |
2168 |
Setting this GID determines which group will be exempted from |
2169 |
grsecurity's /proc restrictions, allowing users of the specified |
2170 |
-@@ -205,7 +205,7 @@ |
2171 |
+@@ -206,7 +206,7 @@ |
2172 |
config GRKERNSEC_TPE_UNTRUSTED_GID |
2173 |
int "GID for TPE-untrusted users" |
2174 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
2175 |
@@ -91,7 +91,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2176 |
help |
2177 |
Setting this GID determines which group untrusted users should |
2178 |
be added to. These users will be placed under grsecurity's Trusted Path |
2179 |
-@@ -217,7 +217,7 @@ |
2180 |
+@@ -218,7 +218,7 @@ |
2181 |
config GRKERNSEC_TPE_TRUSTED_GID |
2182 |
int "GID for TPE-trusted users" |
2183 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
2184 |
@@ -100,7 +100,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2185 |
help |
2186 |
Setting this GID determines what group TPE restrictions will be |
2187 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
2188 |
-@@ -226,7 +226,7 @@ |
2189 |
+@@ -227,7 +227,7 @@ |
2190 |
config GRKERNSEC_SYMLINKOWN_GID |
2191 |
int "GID for users with kernel-enforced SymlinksIfOwnerMatch" |
2192 |
depends on GRKERNSEC_CONFIG_SERVER |
2193 |
|
2194 |
diff --git a/3.11.6/4465_selinux-avc_audit-log-curr_ip.patch b/3.11.7/4465_selinux-avc_audit-log-curr_ip.patch |
2195 |
similarity index 100% |
2196 |
rename from 3.11.6/4465_selinux-avc_audit-log-curr_ip.patch |
2197 |
rename to 3.11.7/4465_selinux-avc_audit-log-curr_ip.patch |
2198 |
|
2199 |
diff --git a/3.11.6/4470_disable-compat_vdso.patch b/3.11.7/4470_disable-compat_vdso.patch |
2200 |
similarity index 100% |
2201 |
rename from 3.11.6/4470_disable-compat_vdso.patch |
2202 |
rename to 3.11.7/4470_disable-compat_vdso.patch |
2203 |
|
2204 |
diff --git a/3.11.6/4475_emutramp_default_on.patch b/3.11.7/4475_emutramp_default_on.patch |
2205 |
similarity index 97% |
2206 |
rename from 3.11.6/4475_emutramp_default_on.patch |
2207 |
rename to 3.11.7/4475_emutramp_default_on.patch |
2208 |
index cfde6f8..30f6978 100644 |
2209 |
--- a/3.11.6/4475_emutramp_default_on.patch |
2210 |
+++ b/3.11.7/4475_emutramp_default_on.patch |
2211 |
@@ -10,7 +10,7 @@ See bug: |
2212 |
diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig |
2213 |
--- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400 |
2214 |
+++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400 |
2215 |
-@@ -427,7 +427,7 @@ |
2216 |
+@@ -428,7 +428,7 @@ |
2217 |
|
2218 |
config PAX_EMUTRAMP |
2219 |
bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86) |
2220 |
|
2221 |
diff --git a/3.2.52/0000_README b/3.2.52/0000_README |
2222 |
index 7ddab2f..a5b9436 100644 |
2223 |
--- a/3.2.52/0000_README |
2224 |
+++ b/3.2.52/0000_README |
2225 |
@@ -126,7 +126,7 @@ Patch: 1051_linux-3.2.52.patch |
2226 |
From: http://www.kernel.org |
2227 |
Desc: Linux 3.2.52 |
2228 |
|
2229 |
-Patch: 4420_grsecurity-2.9.1-3.2.52-201311021628.patch |
2230 |
+Patch: 4420_grsecurity-2.9.1-3.2.52-201311071633.patch |
2231 |
From: http://www.grsecurity.net |
2232 |
Desc: hardened-sources base patch from upstream grsecurity |
2233 |
|
2234 |
|
2235 |
diff --git a/3.2.52/4420_grsecurity-2.9.1-3.2.52-201311021628.patch b/3.2.52/4420_grsecurity-2.9.1-3.2.52-201311071633.patch |
2236 |
similarity index 99% |
2237 |
rename from 3.2.52/4420_grsecurity-2.9.1-3.2.52-201311021628.patch |
2238 |
rename to 3.2.52/4420_grsecurity-2.9.1-3.2.52-201311071633.patch |
2239 |
index 398b6be..c2c26e8 100644 |
2240 |
--- a/3.2.52/4420_grsecurity-2.9.1-3.2.52-201311021628.patch |
2241 |
+++ b/3.2.52/4420_grsecurity-2.9.1-3.2.52-201311071633.patch |
2242 |
@@ -8861,6 +8861,23 @@ index 0032f92..cd151e0 100644 |
2243 |
|
2244 |
#ifdef CONFIG_64BIT |
2245 |
#define set_pud(pudptr, pudval) set_64bit((u64 *) (pudptr), pud_val(pudval)) |
2246 |
+diff --git a/arch/um/kernel/exitcode.c b/arch/um/kernel/exitcode.c |
2247 |
+index 829df49..41ebbfe 100644 |
2248 |
+--- a/arch/um/kernel/exitcode.c |
2249 |
++++ b/arch/um/kernel/exitcode.c |
2250 |
+@@ -40,9 +40,11 @@ static ssize_t exitcode_proc_write(struct file *file, |
2251 |
+ const char __user *buffer, size_t count, loff_t *pos) |
2252 |
+ { |
2253 |
+ char *end, buf[sizeof("nnnnn\0")]; |
2254 |
++ size_t size; |
2255 |
+ int tmp; |
2256 |
+ |
2257 |
+- if (copy_from_user(buf, buffer, count)) |
2258 |
++ size = min(count, sizeof(buf)); |
2259 |
++ if (copy_from_user(buf, buffer, size)) |
2260 |
+ return -EFAULT; |
2261 |
+ |
2262 |
+ tmp = simple_strtol(buf, &end, 0); |
2263 |
diff --git a/arch/um/kernel/process.c b/arch/um/kernel/process.c |
2264 |
index c533835..84db18e 100644 |
2265 |
--- a/arch/um/kernel/process.c |
2266 |
@@ -84864,7 +84881,7 @@ index 3efb882..8492f4c 100644 |
2267 |
|
2268 |
if (atomic_dec_and_test(&kref->refcount)) { |
2269 |
diff --git a/lib/list_debug.c b/lib/list_debug.c |
2270 |
-index b8029a5..a72c207 100644 |
2271 |
+index b8029a5..2b120e1 100644 |
2272 |
--- a/lib/list_debug.c |
2273 |
+++ b/lib/list_debug.c |
2274 |
@@ -8,7 +8,9 @@ |
2275 |
@@ -84877,47 +84894,58 @@ index b8029a5..a72c207 100644 |
2276 |
/* |
2277 |
* Insert a new entry between two known consecutive entries. |
2278 |
* |
2279 |
-@@ -16,18 +18,32 @@ |
2280 |
+@@ -16,18 +18,40 @@ |
2281 |
* the prev/next entries already! |
2282 |
*/ |
2283 |
|
2284 |
--void __list_add(struct list_head *new, |
2285 |
-- struct list_head *prev, |
2286 |
-- struct list_head *next) |
2287 |
+static bool __list_add_debug(struct list_head *new, |
2288 |
+ struct list_head *prev, |
2289 |
+ struct list_head *next) |
2290 |
- { |
2291 |
-- WARN(next->prev != prev, |
2292 |
-+ if (WARN(next->prev != prev, |
2293 |
- "list_add corruption. next->prev should be " |
2294 |
- "prev (%p), but was %p. (next=%p).\n", |
2295 |
-- prev, next->prev, next); |
2296 |
-- WARN(prev->next != next, |
2297 |
-+ prev, next->prev, next) || |
2298 |
-+ WARN(prev->next != next, |
2299 |
- "list_add corruption. prev->next should be " |
2300 |
- "next (%p), but was %p. (prev=%p).\n", |
2301 |
-- next, prev->next, prev); |
2302 |
-+ next, prev->next, prev) || |
2303 |
-+ WARN(new == prev || new == next, |
2304 |
-+ "list_add double add: new=%p, prev=%p, next=%p.\n", |
2305 |
-+ new, prev, next)) |
2306 |
++{ |
2307 |
++ if (unlikely(next->prev != prev)) { |
2308 |
++ printk(KERN_ERR "list_add corruption. next->prev should be " |
2309 |
++ "prev (%p), but was %p. (next=%p).\n", |
2310 |
++ prev, next->prev, next); |
2311 |
++ BUG(); |
2312 |
+ return false; |
2313 |
++ } |
2314 |
++ if (unlikely(prev->next != next)) { |
2315 |
++ printk(KERN_ERR "list_add corruption. prev->next should be " |
2316 |
++ "next (%p), but was %p. (prev=%p).\n", |
2317 |
++ next, prev->next, prev); |
2318 |
++ BUG(); |
2319 |
++ return false; |
2320 |
++ } |
2321 |
++ if (unlikely(new == prev || new == next)) { |
2322 |
++ printk(KERN_ERR "list_add double add: new=%p, prev=%p, next=%p.\n", |
2323 |
++ new, prev, next); |
2324 |
++ BUG(); |
2325 |
++ return false; |
2326 |
++ } |
2327 |
+ return true; |
2328 |
+} |
2329 |
+ |
2330 |
-+void __list_add(struct list_head *new, |
2331 |
+ void __list_add(struct list_head *new, |
2332 |
+- struct list_head *prev, |
2333 |
+- struct list_head *next) |
2334 |
+ struct list_head *prev, |
2335 |
+ struct list_head *next) |
2336 |
-+{ |
2337 |
+ { |
2338 |
+- WARN(next->prev != prev, |
2339 |
+- "list_add corruption. next->prev should be " |
2340 |
+- "prev (%p), but was %p. (next=%p).\n", |
2341 |
+- prev, next->prev, next); |
2342 |
+- WARN(prev->next != next, |
2343 |
+- "list_add corruption. prev->next should be " |
2344 |
+- "next (%p), but was %p. (prev=%p).\n", |
2345 |
+- next, prev->next, prev); |
2346 |
+ if (!__list_add_debug(new, prev, next)) |
2347 |
+ return; |
2348 |
+ |
2349 |
next->prev = new; |
2350 |
new->next = next; |
2351 |
new->prev = prev; |
2352 |
-@@ -35,7 +51,7 @@ void __list_add(struct list_head *new, |
2353 |
+@@ -35,28 +59,46 @@ void __list_add(struct list_head *new, |
2354 |
} |
2355 |
EXPORT_SYMBOL(__list_add); |
2356 |
|
2357 |
@@ -84926,11 +84954,45 @@ index b8029a5..a72c207 100644 |
2358 |
{ |
2359 |
struct list_head *prev, *next; |
2360 |
|
2361 |
-@@ -54,9 +70,16 @@ void __list_del_entry(struct list_head *entry) |
2362 |
- WARN(next->prev != entry, |
2363 |
- "list_del corruption. next->prev should be %p, " |
2364 |
- "but was %p\n", entry, next->prev)) |
2365 |
+ prev = entry->prev; |
2366 |
+ next = entry->next; |
2367 |
+ |
2368 |
+- if (WARN(next == LIST_POISON1, |
2369 |
+- "list_del corruption, %p->next is LIST_POISON1 (%p)\n", |
2370 |
+- entry, LIST_POISON1) || |
2371 |
+- WARN(prev == LIST_POISON2, |
2372 |
+- "list_del corruption, %p->prev is LIST_POISON2 (%p)\n", |
2373 |
+- entry, LIST_POISON2) || |
2374 |
+- WARN(prev->next != entry, |
2375 |
+- "list_del corruption. prev->next should be %p, " |
2376 |
+- "but was %p\n", entry, prev->next) || |
2377 |
+- WARN(next->prev != entry, |
2378 |
+- "list_del corruption. next->prev should be %p, " |
2379 |
+- "but was %p\n", entry, next->prev)) |
2380 |
++ if (unlikely(next == LIST_POISON1)) { |
2381 |
++ printk(KERN_ERR "list_del corruption, %p->next is LIST_POISON1 (%p)\n", |
2382 |
++ entry, LIST_POISON1); |
2383 |
++ BUG(); |
2384 |
++ return false; |
2385 |
++ } |
2386 |
++ if (unlikely(prev == LIST_POISON2)) { |
2387 |
++ printk(KERN_ERR "list_del corruption, %p->prev is LIST_POISON2 (%p)\n", |
2388 |
++ entry, LIST_POISON2); |
2389 |
++ BUG(); |
2390 |
++ return false; |
2391 |
++ } |
2392 |
++ if (unlikely(entry->prev->next != entry)) { |
2393 |
++ printk(KERN_ERR "list_del corruption. prev->next should be %p, " |
2394 |
++ "but was %p\n", entry, prev->next); |
2395 |
++ BUG(); |
2396 |
+ return false; |
2397 |
++ } |
2398 |
++ if (unlikely(entry->next->prev != entry)) { |
2399 |
++ printk(KERN_ERR "list_del corruption. next->prev should be %p, " |
2400 |
++ "but was %p\n", entry, next->prev); |
2401 |
++ BUG(); |
2402 |
++ return false; |
2403 |
++ } |
2404 |
+ return true; |
2405 |
+} |
2406 |
+ |
2407 |
@@ -84944,7 +85006,7 @@ index b8029a5..a72c207 100644 |
2408 |
} |
2409 |
EXPORT_SYMBOL(__list_del_entry); |
2410 |
|
2411 |
-@@ -73,3 +96,76 @@ void list_del(struct list_head *entry) |
2412 |
+@@ -73,3 +115,76 @@ void list_del(struct list_head *entry) |
2413 |
entry->prev = LIST_POISON2; |
2414 |
} |
2415 |
EXPORT_SYMBOL(list_del); |
2416 |
@@ -98049,10 +98111,10 @@ index 38f6617..e70b72b 100755 |
2417 |
|
2418 |
exuberant() |
2419 |
diff --git a/security/Kconfig b/security/Kconfig |
2420 |
-index 51bd5a0..e4faa00 100644 |
2421 |
+index 51bd5a0..d0de7b0 100644 |
2422 |
--- a/security/Kconfig |
2423 |
+++ b/security/Kconfig |
2424 |
-@@ -4,6 +4,954 @@ |
2425 |
+@@ -4,6 +4,955 @@ |
2426 |
|
2427 |
menu "Security options" |
2428 |
|
2429 |
@@ -98086,6 +98148,7 @@ index 51bd5a0..e4faa00 100644 |
2430 |
+ select CRYPTO_SHA256 |
2431 |
+ select PROC_FS |
2432 |
+ select STOP_MACHINE |
2433 |
++ select DEBUG_LIST |
2434 |
+ help |
2435 |
+ If you say Y here, you will be able to configure many features |
2436 |
+ that will enhance the security of your system. It is highly |
2437 |
@@ -99007,7 +99070,7 @@ index 51bd5a0..e4faa00 100644 |
2438 |
config KEYS |
2439 |
bool "Enable access key retention support" |
2440 |
help |
2441 |
-@@ -169,7 +1117,7 @@ config INTEL_TXT |
2442 |
+@@ -169,7 +1118,7 @@ config INTEL_TXT |
2443 |
config LSM_MMAP_MIN_ADDR |
2444 |
int "Low address space for LSM to protect from user allocation" |
2445 |
depends on SECURITY && SECURITY_SELINUX |
2446 |
|
2447 |
diff --git a/3.2.52/4425_grsec_remove_EI_PAX.patch b/3.2.52/4425_grsec_remove_EI_PAX.patch |
2448 |
index 7d06ac2..415fda5 100644 |
2449 |
--- a/3.2.52/4425_grsec_remove_EI_PAX.patch |
2450 |
+++ b/3.2.52/4425_grsec_remove_EI_PAX.patch |
2451 |
@@ -8,7 +8,7 @@ X-Gentoo-Bug-URL: https://bugs.gentoo.org/445600 |
2452 |
diff -Nuar linux-3.7.1-hardened.orig/security/Kconfig linux-3.7.1-hardened/security/Kconfig |
2453 |
--- linux-3.7.1-hardened.orig/security/Kconfig 2012-12-26 08:39:29.000000000 -0500 |
2454 |
+++ linux-3.7.1-hardened/security/Kconfig 2012-12-26 09:05:44.000000000 -0500 |
2455 |
-@@ -265,7 +265,7 @@ |
2456 |
+@@ -266,7 +266,7 @@ |
2457 |
|
2458 |
config PAX_EI_PAX |
2459 |
bool 'Use legacy ELF header marking' |
2460 |
|
2461 |
diff --git a/3.2.52/4450_grsec-kconfig-default-gids.patch b/3.2.52/4450_grsec-kconfig-default-gids.patch |
2462 |
index 4de4ac0..8c7b0b2 100644 |
2463 |
--- a/3.2.52/4450_grsec-kconfig-default-gids.patch |
2464 |
+++ b/3.2.52/4450_grsec-kconfig-default-gids.patch |
2465 |
@@ -73,7 +73,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
2466 |
diff -Nuar a/security/Kconfig b/security/Kconfig |
2467 |
--- a/security/Kconfig 2012-10-13 09:51:35.000000000 -0400 |
2468 |
+++ b/security/Kconfig 2012-10-13 09:52:59.000000000 -0400 |
2469 |
-@@ -193,7 +193,7 @@ |
2470 |
+@@ -194,7 +194,7 @@ |
2471 |
|
2472 |
config GRKERNSEC_PROC_GID |
2473 |
int "GID exempted from /proc restrictions" |
2474 |
@@ -82,7 +82,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2475 |
help |
2476 |
Setting this GID determines which group will be exempted from |
2477 |
grsecurity's /proc restrictions, allowing users of the specified |
2478 |
-@@ -204,7 +204,7 @@ |
2479 |
+@@ -205,7 +205,7 @@ |
2480 |
config GRKERNSEC_TPE_UNTRUSTED_GID |
2481 |
int "GID for TPE-untrusted users" |
2482 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
2483 |
@@ -91,7 +91,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2484 |
help |
2485 |
Setting this GID determines which group untrusted users should |
2486 |
be added to. These users will be placed under grsecurity's Trusted Path |
2487 |
-@@ -216,7 +216,7 @@ |
2488 |
+@@ -217,7 +217,7 @@ |
2489 |
config GRKERNSEC_TPE_TRUSTED_GID |
2490 |
int "GID for TPE-trusted users" |
2491 |
depends on GRKERNSEC_CONFIG_SERVER && GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
2492 |
@@ -100,7 +100,7 @@ diff -Nuar a/security/Kconfig b/security/Kconfig |
2493 |
help |
2494 |
Setting this GID determines what group TPE restrictions will be |
2495 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
2496 |
-@@ -225,7 +225,7 @@ |
2497 |
+@@ -226,7 +226,7 @@ |
2498 |
config GRKERNSEC_SYMLINKOWN_GID |
2499 |
int "GID for users with kernel-enforced SymlinksIfOwnerMatch" |
2500 |
depends on GRKERNSEC_CONFIG_SERVER |
2501 |
|
2502 |
diff --git a/3.2.52/4470_disable-compat_vdso.patch b/3.2.52/4470_disable-compat_vdso.patch |
2503 |
index 99c691b..6905571 100644 |
2504 |
--- a/3.2.52/4470_disable-compat_vdso.patch |
2505 |
+++ b/3.2.52/4470_disable-compat_vdso.patch |
2506 |
@@ -26,7 +26,7 @@ Closes bug: http://bugs.gentoo.org/show_bug.cgi?id=210138 |
2507 |
diff -urp a/arch/x86/Kconfig b/arch/x86/Kconfig |
2508 |
--- a/arch/x86/Kconfig 2009-07-31 01:36:57.323857684 +0100 |
2509 |
+++ b/arch/x86/Kconfig 2009-07-31 01:51:39.395749681 +0100 |
2510 |
-@@ -1652,17 +1652,8 @@ |
2511 |
+@@ -1653,17 +1653,8 @@ |
2512 |
|
2513 |
config COMPAT_VDSO |
2514 |
def_bool n |
2515 |
|
2516 |
diff --git a/3.2.52/4475_emutramp_default_on.patch b/3.2.52/4475_emutramp_default_on.patch |
2517 |
index df700e6..cfde6f8 100644 |
2518 |
--- a/3.2.52/4475_emutramp_default_on.patch |
2519 |
+++ b/3.2.52/4475_emutramp_default_on.patch |
2520 |
@@ -10,7 +10,7 @@ See bug: |
2521 |
diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig |
2522 |
--- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400 |
2523 |
+++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400 |
2524 |
-@@ -426,7 +426,7 @@ |
2525 |
+@@ -427,7 +427,7 @@ |
2526 |
|
2527 |
config PAX_EMUTRAMP |
2528 |
bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86) |