diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2014-01-11 18:06:33 -0500 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2014-01-11 18:06:33 -0500 |
| commit | f9d957c49bf73121d7c3acf6c0e607de834344eb (patch) | |
| tree | 669dc84430a91e0d42eab4bea7452dfad6b68f2a | |
| parent | Grsec/PaX: 3.0-3.2.54-201401051649 (diff) | |
| download | hardened-patchset-20140109.tar.gz hardened-patchset-20140109.tar.bz2 hardened-patchset-20140109.zip | |
Grsec/PaX: 3.0-{3.2.54,3.12.7}-20140109183720140109
| -rw-r--r-- | 3.12.7/0000_README (renamed from 3.12.6/0000_README) | 2 | ||||
| -rw-r--r-- | 3.12.7/4420_grsecurity-3.0-3.12.7-201401091837.patch (renamed from 3.12.6/4420_grsecurity-3.0-3.12.6-201401021726.patch) | 929 | ||||
| -rw-r--r-- | 3.12.7/4425_grsec_remove_EI_PAX.patch (renamed from 3.12.6/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4427_force_XATTR_PAX_tmpfs.patch (renamed from 3.12.6/4427_force_XATTR_PAX_tmpfs.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4430_grsec-remove-localversion-grsec.patch (renamed from 3.12.6/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4435_grsec-mute-warnings.patch (renamed from 3.12.6/4435_grsec-mute-warnings.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4440_grsec-remove-protected-paths.patch (renamed from 3.12.6/4440_grsec-remove-protected-paths.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4450_grsec-kconfig-default-gids.patch (renamed from 3.12.6/4450_grsec-kconfig-default-gids.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 3.12.6/4465_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4470_disable-compat_vdso.patch (renamed from 3.12.6/4470_disable-compat_vdso.patch) | 0 | ||||
| -rw-r--r-- | 3.12.7/4475_emutramp_default_on.patch (renamed from 3.12.6/4475_emutramp_default_on.patch) | 2 | ||||
| -rw-r--r-- | 3.2.54/0000_README | 2 | ||||
| -rw-r--r-- | 3.2.54/4420_grsecurity-3.0-3.2.54-201401091839.patch (renamed from 3.2.54/4420_grsecurity-3.0-3.2.54-201401051649.patch) | 93 |
13 files changed, 496 insertions, 532 deletions
diff --git a/3.12.6/0000_README b/3.12.7/0000_README index 0c79077..298b491 100644 --- a/3.12.6/0000_README +++ b/3.12.7/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.0-3.12.6-201401021726.patch +Patch: 4420_grsecurity-3.0-3.12.7-201401091837.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.12.6/4420_grsecurity-3.0-3.12.6-201401021726.patch b/3.12.7/4420_grsecurity-3.0-3.12.7-201401091837.patch index e1b8944..923bea4 100644 --- a/3.12.6/4420_grsecurity-3.0-3.12.6-201401021726.patch +++ b/3.12.7/4420_grsecurity-3.0-3.12.7-201401091837.patch @@ -229,7 +229,7 @@ index b89a739..79768fb 100644 +zconf.lex.c zoffset.h diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt -index fcbb736..5508d8c 100644 +index 4f7c57c..a2dc685 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -1031,6 +1031,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. @@ -243,7 +243,7 @@ index fcbb736..5508d8c 100644 hashdist= [KNL,NUMA] Large hashes allocated during boot are distributed across NUMA nodes. Defaults on for 64-bit NUMA, off otherwise. -@@ -1999,6 +2003,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2001,6 +2005,10 @@ bytes respectively. Such letter suffixes can also be entirely omitted. noexec=on: enable non-executable mappings (default) noexec=off: disable non-executable mappings @@ -254,7 +254,7 @@ index fcbb736..5508d8c 100644 nosmap [X86] Disable SMAP (Supervisor Mode Access Prevention) even if it is supported by processor. -@@ -2266,6 +2274,25 @@ bytes respectively. Such letter suffixes can also be entirely omitted. +@@ -2268,6 +2276,25 @@ bytes respectively. Such letter suffixes can also be entirely omitted. the specified number of seconds. This is to be used if your oopses keep scrolling off the screen. @@ -281,7 +281,7 @@ index fcbb736..5508d8c 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 2b23383..a66cff0 100644 +index c2f0b79..2e5e090 100644 --- a/Makefile +++ b/Makefile @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -8003,7 +8003,7 @@ index 3a9ed6a..b534681 100644 addi r3,r1,STACK_FRAME_OVERHEAD lwz r4,_DAR(r1) diff --git a/arch/powerpc/kernel/module_32.c b/arch/powerpc/kernel/module_32.c -index 2e3200c..72095ce 100644 +index 2e3200c..7118986 100644 --- a/arch/powerpc/kernel/module_32.c +++ b/arch/powerpc/kernel/module_32.c @@ -162,7 +162,7 @@ int module_frob_arch_sections(Elf32_Ehdr *hdr, @@ -8035,6 +8035,15 @@ index 2e3200c..72095ce 100644 /* Find this entry, or if that fails, the next avail. entry */ while (entry->jump[0]) { +@@ -300,7 +305,7 @@ int apply_relocate_add(Elf32_Shdr *sechdrs, + } + #ifdef CONFIG_DYNAMIC_FTRACE + module->arch.tramp = +- do_plt_call(module->module_core, ++ do_plt_call(module->module_core_rx, + (unsigned long)ftrace_caller, + sechdrs, module); + #endif diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c index 96d2fdf..f6d10c8 100644 --- a/arch/powerpc/kernel/process.c @@ -16996,7 +17005,7 @@ index 81bb91b..9392125 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index 3d19994..732a48c 100644 +index bbc8b12..f228861 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); @@ -17119,7 +17128,7 @@ index 3d19994..732a48c 100644 #include <linux/mm_types.h> #include <linux/mmdebug.h> #include <linux/log2.h> -@@ -563,7 +638,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) +@@ -570,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) * Currently stuck as a macro due to indirect forward reference to * linux/mmzone.h's __section_mem_map_addr() definition: */ @@ -17128,7 +17137,7 @@ index 3d19994..732a48c 100644 /* Find an entry in the second-level page table.. */ static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address) -@@ -603,7 +678,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) +@@ -610,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) * Currently stuck as a macro due to indirect forward reference to * linux/mmzone.h's __section_mem_map_addr() definition: */ @@ -17137,7 +17146,7 @@ index 3d19994..732a48c 100644 /* to find an entry in a page-table-directory. */ static inline unsigned long pud_index(unsigned long address) -@@ -618,7 +693,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) +@@ -625,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) static inline int pgd_bad(pgd_t pgd) { @@ -17146,7 +17155,7 @@ index 3d19994..732a48c 100644 } static inline int pgd_none(pgd_t pgd) -@@ -641,7 +716,12 @@ static inline int pgd_none(pgd_t pgd) +@@ -648,7 +723,12 @@ static inline int pgd_none(pgd_t pgd) * pgd_offset() returns a (pgd_t *) * pgd_index() is used get the offset into the pgd page's array of pgd_t's; */ @@ -17160,7 +17169,7 @@ index 3d19994..732a48c 100644 /* * a shortcut which implies the use of the kernel's pgd, instead * of a process's -@@ -652,6 +732,23 @@ static inline int pgd_none(pgd_t pgd) +@@ -659,6 +739,23 @@ static inline int pgd_none(pgd_t pgd) #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) @@ -17184,7 +17193,7 @@ index 3d19994..732a48c 100644 #ifndef __ASSEMBLY__ extern int direct_gbpages; -@@ -818,11 +915,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, +@@ -825,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, * dst and src can be on the same page, but the range must not overlap, * and must not cross a page boundary. */ @@ -27338,7 +27347,7 @@ index b110fe6..d9c19f2 100644 out: diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index dec48bf..f4d21f7 100644 +index 1673940..4bce95e 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -55,7 +55,7 @@ @@ -27391,7 +27400,7 @@ index c0bc803..6837a50 100644 local_irq_disable(); diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 2b2fce1..da76be4 100644 +index 6128914..8be1dd2 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -1316,12 +1316,12 @@ static void vmcs_write64(unsigned long field, u64 value) @@ -31195,10 +31204,10 @@ index 3aaeffc..42ea9fb 100644 + return ret ? -EFAULT : 0; +} diff --git a/arch/x86/mm/gup.c b/arch/x86/mm/gup.c -index dd74e46..0970b01 100644 +index 0596e8e..9de0b1c 100644 --- a/arch/x86/mm/gup.c +++ b/arch/x86/mm/gup.c -@@ -255,7 +255,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, +@@ -268,7 +268,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, addr = start; len = (unsigned long) nr_pages << PAGE_SHIFT; end = start + len; @@ -31207,7 +31216,7 @@ index dd74e46..0970b01 100644 (void __user *)start, len))) return 0; -@@ -331,6 +331,10 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write, +@@ -344,6 +344,10 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write, goto slow_irqon; #endif @@ -35322,7 +35331,7 @@ index cfb7447..98f2149 100644 unsigned long timeout_msec) { diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c -index 81a94a3..b711c74 100644 +index 2c2780a..5ebc310 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -98,7 +98,7 @@ static unsigned int ata_dev_set_xfermode(struct ata_device *dev); @@ -35334,7 +35343,7 @@ index 81a94a3..b711c74 100644 struct ata_force_param { const char *name; -@@ -4809,7 +4809,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) +@@ -4823,7 +4823,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) struct ata_port *ap; unsigned int tag; @@ -35343,7 +35352,7 @@ index 81a94a3..b711c74 100644 ap = qc->ap; qc->flags = 0; -@@ -4825,7 +4825,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) +@@ -4839,7 +4839,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) struct ata_port *ap; struct ata_link *link; @@ -35352,7 +35361,7 @@ index 81a94a3..b711c74 100644 WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); ap = qc->ap; link = qc->dev->link; -@@ -5944,6 +5944,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -5958,6 +5958,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) return; spin_lock(&lock); @@ -35360,7 +35369,7 @@ index 81a94a3..b711c74 100644 for (cur = ops->inherits; cur; cur = cur->inherits) { void **inherit = (void **)cur; -@@ -5957,8 +5958,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) +@@ -5971,8 +5972,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops) if (IS_ERR(*pp)) *pp = NULL; @@ -35371,7 +35380,7 @@ index 81a94a3..b711c74 100644 spin_unlock(&lock); } -@@ -6151,7 +6153,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) +@@ -6165,7 +6167,7 @@ int ata_host_register(struct ata_host *host, struct scsi_host_template *sht) /* give ports names and add SCSI hosts */ for (i = 0; i < host->n_ports; i++) { @@ -35381,10 +35390,10 @@ index 81a94a3..b711c74 100644 } diff --git a/drivers/ata/libata-scsi.c b/drivers/ata/libata-scsi.c -index ab58556..ed19dd2 100644 +index 377eb88..8591b44 100644 --- a/drivers/ata/libata-scsi.c +++ b/drivers/ata/libata-scsi.c -@@ -4114,7 +4114,7 @@ int ata_sas_port_init(struct ata_port *ap) +@@ -4135,7 +4135,7 @@ int ata_sas_port_init(struct ata_port *ap) if (rc) return rc; @@ -38934,10 +38943,10 @@ index a6f4cb5..6b2beb2 100644 if (IS_GEN6(dev) || IS_GEN7(dev)) { seq_printf(m, diff --git a/drivers/gpu/drm/i915/i915_dma.c b/drivers/gpu/drm/i915/i915_dma.c -index d5c784d..06e5c36 100644 +index 5a25f24..5af2004 100644 --- a/drivers/gpu/drm/i915/i915_dma.c +++ b/drivers/gpu/drm/i915/i915_dma.c -@@ -1263,7 +1263,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) +@@ -1271,7 +1271,7 @@ static bool i915_switcheroo_can_switch(struct pci_dev *pdev) bool can_switch; spin_lock(&dev->count_lock); @@ -39105,7 +39114,7 @@ index 4b91228..590c643 100644 iir = I915_READ(IIR); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index f535670..bde09e2 100644 +index aad6f7b..dcc91447 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c @@ -10019,13 +10019,13 @@ struct intel_quirk { @@ -39815,10 +39824,10 @@ index 71245d6..94c556d 100644 return radeon_debugfs_add_files(rdev, radeon_mem_types_list, i); diff --git a/drivers/gpu/drm/radeon/rs690.c b/drivers/gpu/drm/radeon/rs690.c -index 1447d79..40b2a5b 100644 +index 3c38f0a..13816e3 100644 --- a/drivers/gpu/drm/radeon/rs690.c +++ b/drivers/gpu/drm/radeon/rs690.c -@@ -345,9 +345,11 @@ static void rs690_crtc_bandwidth_compute(struct radeon_device *rdev, +@@ -355,9 +355,11 @@ static void rs690_crtc_bandwidth_compute(struct radeon_device *rdev, if (max_bandwidth.full > rdev->pm.sideport_bandwidth.full && rdev->pm.sideport_bandwidth.full) max_bandwidth = rdev->pm.sideport_bandwidth; @@ -41516,7 +41525,7 @@ index 922a7fe..bb035db 100644 gameport->dev.release = gameport_release_port; if (gameport->parent) diff --git a/drivers/input/input.c b/drivers/input/input.c -index e75d015..57d1c28 100644 +index 74f4798..d9f7168 100644 --- a/drivers/input/input.c +++ b/drivers/input/input.c @@ -1734,7 +1734,7 @@ EXPORT_SYMBOL_GPL(input_class); @@ -44741,10 +44750,10 @@ index e1dd8c7..9f91b3f 100644 /* service connection information */ struct ath10k_htc_svc_conn_req { diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c -index 8d78253..bebbb68 100644 +index a366d6b..b6f28f8 100644 --- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c +++ b/drivers/net/wireless/ath/ath9k/ar9002_mac.c -@@ -184,8 +184,8 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -218,8 +218,8 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) ads->ds_txstatus6 = ads->ds_txstatus7 = 0; ads->ds_txstatus8 = ads->ds_txstatus9 = 0; @@ -44755,7 +44764,7 @@ index 8d78253..bebbb68 100644 ctl1 = i->buf_len[0] | (i->is_last ? 0 : AR_TxMore); ctl6 = SM(i->keytype, AR_EncrType); -@@ -199,26 +199,26 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -233,26 +233,26 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) if ((i->is_first || i->is_last) && i->aggr != AGGR_BUF_MIDDLE && i->aggr != AGGR_BUF_LAST) { @@ -44789,7 +44798,7 @@ index 8d78253..bebbb68 100644 return; } -@@ -243,7 +243,7 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -277,7 +277,7 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) break; } @@ -44798,7 +44807,7 @@ index 8d78253..bebbb68 100644 | (i->flags & ATH9K_TXDESC_VMF ? AR_VirtMoreFrag : 0) | SM(i->txpower, AR_XmitPower) | (i->flags & ATH9K_TXDESC_VEOL ? AR_VEOL : 0) -@@ -253,19 +253,19 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) +@@ -287,19 +287,19 @@ ar9002_set_txdesc(struct ath_hw *ah, void *ds, struct ath_tx_info *i) | (i->flags & ATH9K_TXDESC_RTSENA ? AR_RTSEnable : (i->flags & ATH9K_TXDESC_CTSENA ? AR_CTSEnable : 0)); @@ -45673,40 +45682,10 @@ index f4a18f5..ff2463c 100644 int retval = -ENOMEM; diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c -index 7128cfd..6fdc261 100644 +index 7128cfd..a0640d6 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c -@@ -634,6 +634,9 @@ pci_write_config(struct file* filp, struct kobject *kobj, - loff_t init_off = off; - u8 *data = (u8*) buf; - -+ if (!capable(CAP_SYS_RAWIO)) -+ return -EPERM; -+ - if (off > dev->cfg_size) - return 0; - if (off + count > dev->cfg_size) { -@@ -940,6 +943,9 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr, - resource_size_t start, end; - int i; - -+ if (!capable(CAP_SYS_RAWIO)) -+ return -EPERM; -+ - for (i = 0; i < PCI_ROM_RESOURCE; i++) - if (res == &pdev->resource[i]) - break; -@@ -997,6 +1003,9 @@ pci_resource_io(struct file *filp, struct kobject *kobj, - unsigned long port = off; - int i; - -+ if (!capable(CAP_SYS_RAWIO)) -+ return -EPERM; -+ - for (i = 0; i < PCI_ROM_RESOURCE; i++) - if (res == &pdev->resource[i]) - break; -@@ -1083,7 +1092,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) +@@ -1083,7 +1083,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) { /* allocate attribute structure, piggyback attribute name */ int name_len = write_combine ? 13 : 10; @@ -45715,7 +45694,7 @@ index 7128cfd..6fdc261 100644 int retval; res_attr = kzalloc(sizeof(*res_attr) + name_len, GFP_ATOMIC); -@@ -1268,7 +1277,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor +@@ -1268,7 +1268,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor static int pci_create_capabilities_sysfs(struct pci_dev *dev) { int retval; @@ -45724,7 +45703,7 @@ index 7128cfd..6fdc261 100644 /* If the device has VPD, try to expose it in sysfs. */ if (dev->vpd) { -@@ -1315,7 +1324,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) +@@ -1315,7 +1315,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) { int retval; int rom_size = 0; @@ -45777,20 +45756,10 @@ index 7ef0f86..17b710f 100644 /* No printks while decoding is disabled! */ if (!dev->mmio_always_on) { diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c -index cdc7836..0c964c9 100644 +index cdc7836..528635c 100644 --- a/drivers/pci/proc.c +++ b/drivers/pci/proc.c -@@ -117,6 +117,9 @@ proc_bus_pci_write(struct file *file, const char __user *buf, size_t nbytes, lof - int size = dev->cfg_size; - int cnt; - -+ if (!capable(CAP_SYS_RAWIO)) -+ return -EPERM; -+ - if (pos >= size) - return 0; - if (nbytes >= size) -@@ -434,7 +437,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { +@@ -434,7 +434,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { static int __init pci_proc_init(void) { struct pci_dev *dev = NULL; @@ -46167,7 +46136,7 @@ index cc439fd..8fa30df 100644 #endif /* CONFIG_SYSFS */ diff --git a/drivers/power/power_supply_core.c b/drivers/power/power_supply_core.c -index 00e6672..2642c08 100644 +index 557af94..84dc1fe 100644 --- a/drivers/power/power_supply_core.c +++ b/drivers/power/power_supply_core.c @@ -24,7 +24,10 @@ @@ -47893,10 +47862,10 @@ index e51b09a..5ebac31 100644 login->tgt_agt = sbp_target_agent_register(login); if (IS_ERR(login->tgt_agt)) { diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c -index d90dbb0..6cbe585 100644 +index e5e3965..a7b487c 100644 --- a/drivers/target/target_core_device.c +++ b/drivers/target/target_core_device.c -@@ -1431,7 +1431,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) +@@ -1436,7 +1436,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) spin_lock_init(&dev->se_tmr_lock); spin_lock_init(&dev->qf_cmd_lock); sema_init(&dev->caw_sem, 1); @@ -48341,10 +48310,19 @@ index c0f76da..d974c32 100644 dlci_get(dlci->gsm->dlci[0]); mux_get(dlci->gsm); diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index 4d6f430..0810fa9 100644 +index d4a89db..dbe8d8c 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c -@@ -2504,6 +2504,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -114,7 +114,7 @@ struct n_tty_data { + int minimum_to_wake; + + /* consumer-published */ +- size_t read_tail; ++ size_t read_tail __intentional_overflow(-1); + size_t line_start; + + /* protected by output lock */ +@@ -2509,6 +2509,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -49441,7 +49419,7 @@ index 2a3bbdf..91d72cf 100644 file->f_version = event_count; return POLLIN | POLLRDNORM; diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c -index 71dc5d7..300db0e 100644 +index 71dc5d7..d4c488f 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -187,7 +187,7 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, @@ -49453,7 +49431,7 @@ index 71dc5d7..300db0e 100644 loff_t pos; int i; -@@ -229,16 +229,16 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, +@@ -229,22 +229,22 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, for (i = 0; nbytes && i < dev->descriptor.bNumConfigurations; i++) { struct usb_config_descriptor *config = (struct usb_config_descriptor *)dev->rawdescriptors[i]; @@ -49473,6 +49451,13 @@ index 71dc5d7..300db0e 100644 if (len > nbytes) len = nbytes; + /* Simply don't write (skip over) unallocated parts */ + if (alloclen > (*ppos - pos)) { +- alloclen -= (*ppos - pos); ++ alloclen = alloclen + pos - *ppos; + if (copy_to_user(buf, + dev->rawdescriptors[i] + (*ppos - pos), + min(len, alloclen))) { diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c index f20a044..d1059aa 100644 --- a/drivers/usb/core/hcd.c @@ -53330,10 +53315,10 @@ index 789bc25..fafaeea 100644 &data); if (!inode) { diff --git a/fs/aio.c b/fs/aio.c -index 6efb7f6..ec354de 100644 +index 062a5f6..e5618e0 100644 --- a/fs/aio.c +++ b/fs/aio.c -@@ -338,7 +338,7 @@ static int aio_setup_ring(struct kioctx *ctx) +@@ -374,7 +374,7 @@ static int aio_setup_ring(struct kioctx *ctx) size += sizeof(struct io_event) * nr_events; nr_pages = PFN_UP(size); @@ -53342,16 +53327,6 @@ index 6efb7f6..ec354de 100644 return -EINVAL; file = aio_private_file(ctx, nr_pages); -@@ -652,7 +652,8 @@ static struct kioctx *ioctx_alloc(unsigned nr_events) - aio_nr += ctx->max_reqs; - spin_unlock(&aio_nr_lock); - -- percpu_ref_get(&ctx->users); /* io_setup() will drop this ref */ -+ percpu_ref_get(&ctx->users); /* io_setup() will drop this ref */ -+ percpu_ref_get(&ctx->reqs); /* free_ioctx_users() will drop this */ - - err = ioctx_add_table(ctx, mm); - if (err) diff --git a/fs/attr.c b/fs/attr.c index 1449adb..a2038c2 100644 --- a/fs/attr.c @@ -53526,7 +53501,7 @@ index 89dec7f..361b0d75 100644 fd_offset + ex.a_text); if (error != N_DATADDR(ex)) { diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c -index 4c94a79..2610454 100644 +index 4c94a79..228e9da 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -34,6 +34,7 @@ @@ -53695,7 +53670,7 @@ index 4c94a79..2610454 100644 } error = load_addr; -@@ -538,6 +569,315 @@ out: +@@ -538,6 +569,322 @@ out: return error; } @@ -53929,34 +53904,41 @@ index 4c94a79..2610454 100644 + unsigned long pax_flags_hardmode = 0UL, pax_flags_softmode = 0UL; + + xattr_size = pax_getxattr(file->f_path.dentry, xattr_value, sizeof xattr_value); -+ if (xattr_size <= 0 || xattr_size > sizeof xattr_value) ++ switch (xattr_size) { ++ default: + return ~0UL; + -+ for (i = 0; i < xattr_size; i++) -+ switch (xattr_value[i]) { -+ default: -+ return ~0UL; -+ -+#define parse_flag(option1, option2, flag) \ -+ case option1: \ -+ if (pax_flags_hardmode & MF_PAX_##flag) \ -+ return ~0UL; \ -+ pax_flags_hardmode |= MF_PAX_##flag; \ -+ break; \ -+ case option2: \ -+ if (pax_flags_softmode & MF_PAX_##flag) \ -+ return ~0UL; \ -+ pax_flags_softmode |= MF_PAX_##flag; \ -+ break; ++ case -ENODATA: ++ break; ++ ++ case 0 ... sizeof xattr_value: ++ for (i = 0; i < xattr_size; i++) ++ switch (xattr_value[i]) { ++ default: ++ return ~0UL; ++ ++#define parse_flag(option1, option2, flag) \ ++ case option1: \ ++ if (pax_flags_hardmode & MF_PAX_##flag) \ ++ return ~0UL; \ ++ pax_flags_hardmode |= MF_PAX_##flag; \ ++ break; \ ++ case option2: \ ++ if (pax_flags_softmode & MF_PAX_##flag) \ ++ return ~0UL; \ ++ pax_flags_softmode |= MF_PAX_##flag; \ ++ break; + -+ parse_flag('p', 'P', PAGEEXEC); -+ parse_flag('e', 'E', EMUTRAMP); -+ parse_flag('m', 'M', MPROTECT); -+ parse_flag('r', 'R', RANDMMAP); -+ parse_flag('s', 'S', SEGMEXEC); ++ parse_flag('p', 'P', PAGEEXEC); ++ parse_flag('e', 'E', EMUTRAMP); ++ parse_flag('m', 'M', MPROTECT); ++ parse_flag('r', 'R', RANDMMAP); ++ parse_flag('s', 'S', SEGMEXEC); + +#undef parse_flag -+ } ++ } ++ break; ++ } + + if (pax_flags_hardmode & pax_flags_softmode) + return ~0UL; @@ -54011,7 +53993,7 @@ index 4c94a79..2610454 100644 /* * These are the functions used to load ELF style executables and shared * libraries. There is no binary dependent code anywhere else. -@@ -554,6 +894,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) +@@ -554,6 +901,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) { unsigned int random_variable = 0; @@ -54023,7 +54005,7 @@ index 4c94a79..2610454 100644 if ((current->flags & PF_RANDOMIZE) && !(current->personality & ADDR_NO_RANDOMIZE)) { random_variable = get_random_int() & STACK_RND_MASK; -@@ -572,7 +917,7 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -572,7 +924,7 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long load_addr = 0, load_bias = 0; int load_addr_set = 0; char * elf_interpreter = NULL; @@ -54032,7 +54014,7 @@ index 4c94a79..2610454 100644 struct elf_phdr *elf_ppnt, *elf_phdata; unsigned long elf_bss, elf_brk; int retval, i; -@@ -582,12 +927,12 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -582,12 +934,12 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long start_code, end_code, start_data, end_data; unsigned long reloc_func_desc __maybe_unused = 0; int executable_stack = EXSTACK_DEFAULT; @@ -54046,7 +54028,7 @@ index 4c94a79..2610454 100644 loc = kmalloc(sizeof(*loc), GFP_KERNEL); if (!loc) { -@@ -723,11 +1068,82 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -723,11 +1075,82 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; /* OK, This is the point of no return */ @@ -54130,7 +54112,7 @@ index 4c94a79..2610454 100644 if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -817,6 +1233,20 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -817,6 +1240,20 @@ static int load_elf_binary(struct linux_binprm *bprm) #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #endif @@ -54151,7 +54133,7 @@ index 4c94a79..2610454 100644 } error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, -@@ -849,9 +1279,9 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -849,9 +1286,9 @@ static int load_elf_binary(struct linux_binprm *bprm) * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -54164,7 +54146,7 @@ index 4c94a79..2610454 100644 /* set_brk can never work. Avoid overflows. */ send_sig(SIGKILL, current, 0); retval = -EINVAL; -@@ -890,17 +1320,45 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -890,17 +1327,45 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; } if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -54216,7 +54198,7 @@ index 4c94a79..2610454 100644 load_bias); if (!IS_ERR((void *)elf_entry)) { /* -@@ -1122,7 +1580,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) +@@ -1122,7 +1587,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -54225,7 +54207,7 @@ index 4c94a79..2610454 100644 { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1160,7 +1618,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, +@@ -1160,7 +1625,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, if (vma->vm_file == NULL) return 0; @@ -54234,7 +54216,7 @@ index 4c94a79..2610454 100644 goto whole; /* -@@ -1385,9 +1843,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) +@@ -1385,9 +1850,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -54246,7 +54228,7 @@ index 4c94a79..2610454 100644 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -1396,7 +1854,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, +@@ -1396,7 +1861,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, { mm_segment_t old_fs = get_fs(); set_fs(KERNEL_DS); @@ -54255,7 +54237,7 @@ index 4c94a79..2610454 100644 set_fs(old_fs); fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata); } -@@ -2023,14 +2481,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, +@@ -2023,14 +2488,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, } static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma, @@ -54272,7 +54254,7 @@ index 4c94a79..2610454 100644 return size; } -@@ -2123,7 +2581,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2123,7 +2588,7 @@ static int elf_core_dump(struct coredump_params *cprm) dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); @@ -54281,7 +54263,7 @@ index 4c94a79..2610454 100644 offset += elf_core_extra_data_size(); e_shoff = offset; -@@ -2137,10 +2595,12 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2137,10 +2602,12 @@ static int elf_core_dump(struct coredump_params *cprm) offset = dataoff; size += sizeof(*elf); @@ -54294,7 +54276,7 @@ index 4c94a79..2610454 100644 if (size > cprm->limit || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note))) goto end_coredump; -@@ -2154,7 +2614,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2154,7 +2621,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; @@ -54303,7 +54285,7 @@ index 4c94a79..2610454 100644 phdr.p_memsz = vma->vm_end - vma->vm_start; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; -@@ -2165,6 +2625,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2165,6 +2632,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_align = ELF_EXEC_PAGESIZE; size += sizeof(phdr); @@ -54311,7 +54293,7 @@ index 4c94a79..2610454 100644 if (size > cprm->limit || !dump_write(cprm->file, &phdr, sizeof(phdr))) goto end_coredump; -@@ -2189,7 +2650,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2189,7 +2657,7 @@ static int elf_core_dump(struct coredump_params *cprm) unsigned long addr; unsigned long end; @@ -54320,7 +54302,7 @@ index 4c94a79..2610454 100644 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { struct page *page; -@@ -2198,6 +2659,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2198,6 +2666,7 @@ static int elf_core_dump(struct coredump_params *cprm) page = get_dump_page(addr); if (page) { void *kaddr = kmap(page); @@ -54328,7 +54310,7 @@ index 4c94a79..2610454 100644 stop = ((size += PAGE_SIZE) > cprm->limit) || !dump_write(cprm->file, kaddr, PAGE_SIZE); -@@ -2215,6 +2677,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2215,6 +2684,7 @@ static int elf_core_dump(struct coredump_params *cprm) if (e_phnum == PN_XNUM) { size += sizeof(*shdr4extnum); @@ -54336,7 +54318,7 @@ index 4c94a79..2610454 100644 if (size > cprm->limit || !dump_write(cprm->file, shdr4extnum, sizeof(*shdr4extnum))) -@@ -2235,6 +2698,167 @@ out: +@@ -2235,6 +2705,167 @@ out: #endif /* CONFIG_ELF_CORE */ @@ -55084,10 +55066,10 @@ index 7ddddf2..2e12dbc 100644 } retry: diff --git a/fs/cifs/link.c b/fs/cifs/link.c -index 7e36ceb..109252f 100644 +index 477e53b..7a32216 100644 --- a/fs/cifs/link.c +++ b/fs/cifs/link.c -@@ -624,7 +624,7 @@ symlink_exit: +@@ -620,7 +620,7 @@ symlink_exit: void cifs_put_link(struct dentry *direntry, struct nameidata *nd, void *cookie) { @@ -56680,10 +56662,10 @@ index dc5d572..4c21f8e 100644 if (free_clusters >= (nclusters + dirty_clusters + resv_clusters)) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h -index af815ea..99294a6 100644 +index 745faaa..a072816 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h -@@ -1256,19 +1256,19 @@ struct ext4_sb_info { +@@ -1266,19 +1266,19 @@ struct ext4_sb_info { unsigned long s_mb_last_start; /* stats for buddy allocator */ @@ -56714,7 +56696,7 @@ index af815ea..99294a6 100644 /* locality groups */ diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c -index a41e3ba..e574a00 100644 +index 04a5c75..09894fa 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1880,7 +1880,7 @@ void ext4_mb_simple_scan_group(struct ext4_allocation_context *ac, @@ -56794,7 +56776,7 @@ index a41e3ba..e574a00 100644 } if (ac->ac_op == EXT4_MB_HISTORY_ALLOC) -@@ -3578,7 +3578,7 @@ ext4_mb_new_inode_pa(struct ext4_allocation_context *ac) +@@ -3583,7 +3583,7 @@ ext4_mb_new_inode_pa(struct ext4_allocation_context *ac) trace_ext4_mb_new_inode_pa(ac, pa); ext4_mb_use_inode_pa(ac, pa); @@ -56803,7 +56785,7 @@ index a41e3ba..e574a00 100644 ei = EXT4_I(ac->ac_inode); grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group); -@@ -3638,7 +3638,7 @@ ext4_mb_new_group_pa(struct ext4_allocation_context *ac) +@@ -3643,7 +3643,7 @@ ext4_mb_new_group_pa(struct ext4_allocation_context *ac) trace_ext4_mb_new_group_pa(ac, pa); ext4_mb_use_group_pa(ac, pa); @@ -56812,7 +56794,7 @@ index a41e3ba..e574a00 100644 grp = ext4_get_group_info(sb, ac->ac_b_ex.fe_group); lg = ac->ac_lg; -@@ -3727,7 +3727,7 @@ ext4_mb_release_inode_pa(struct ext4_buddy *e4b, struct buffer_head *bitmap_bh, +@@ -3732,7 +3732,7 @@ ext4_mb_release_inode_pa(struct ext4_buddy *e4b, struct buffer_head *bitmap_bh, * from the bitmap and continue. */ } @@ -56821,7 +56803,7 @@ index a41e3ba..e574a00 100644 return err; } -@@ -3745,7 +3745,7 @@ ext4_mb_release_group_pa(struct ext4_buddy *e4b, +@@ -3750,7 +3750,7 @@ ext4_mb_release_group_pa(struct ext4_buddy *e4b, ext4_get_group_no_and_offset(sb, pa->pa_pstart, &group, &bit); BUG_ON(group != e4b->bd_group && pa->pa_len != 0); mb_free_blocks(pa->pa_inode, e4b, bit, pa->pa_len); @@ -56844,7 +56826,7 @@ index 214461e..3614c89 100644 "MMP failure info: last update time: %llu, last update " "node: %s, last update device: %s\n", diff --git a/fs/ext4/super.c b/fs/ext4/super.c -index 2c2e6cb..7c3ee62 100644 +index b947e0a..c102e3b 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -1251,7 +1251,7 @@ static ext4_fsblk_t get_sb_block(void **data) @@ -61268,7 +61250,7 @@ index 6b6a993..807cccc 100644 kfree(s); } diff --git a/fs/proc/stat.c b/fs/proc/stat.c -index 1cf86c0..f61473c 100644 +index 1cf86c0..0ee1ca5 100644 --- a/fs/proc/stat.c +++ b/fs/proc/stat.c @@ -11,6 +11,7 @@ @@ -61279,7 +61261,7 @@ index 1cf86c0..f61473c 100644 #ifndef arch_irq_stat_cpu #define arch_irq_stat_cpu(cpu) 0 -@@ -87,13 +88,28 @@ static int show_stat(struct seq_file *p, void *v) +@@ -87,6 +88,18 @@ static int show_stat(struct seq_file *p, void *v) u64 sum_softirq = 0; unsigned int per_softirq_sums[NR_SOFTIRQS] = {0}; struct timespec boottime; @@ -61298,17 +61280,15 @@ index 1cf86c0..f61473c 100644 user = nice = system = idle = iowait = irq = softirq = steal = 0; - guest = guest_nice = 0; +@@ -94,6 +107,7 @@ static int show_stat(struct seq_file *p, void *v) getboottime(&boottime); jif = boottime.tv_sec; -+ if (!unrestricted) -+ jif = 0; + if (unrestricted) { for_each_possible_cpu(i) { user += kcpustat_cpu(i).cpustat[CPUTIME_USER]; nice += kcpustat_cpu(i).cpustat[CPUTIME_NICE]; -@@ -116,6 +132,7 @@ static int show_stat(struct seq_file *p, void *v) +@@ -116,6 +130,7 @@ static int show_stat(struct seq_file *p, void *v) } } sum += arch_irq_stat(); @@ -61316,7 +61296,7 @@ index 1cf86c0..f61473c 100644 seq_puts(p, "cpu "); seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user)); -@@ -131,6 +148,7 @@ static int show_stat(struct seq_file *p, void *v) +@@ -131,6 +146,7 @@ static int show_stat(struct seq_file *p, void *v) seq_putc(p, '\n'); for_each_online_cpu(i) { @@ -61324,7 +61304,7 @@ index 1cf86c0..f61473c 100644 /* Copy values here to work around gcc-2.95.3, gcc-2.96 */ user = kcpustat_cpu(i).cpustat[CPUTIME_USER]; nice = kcpustat_cpu(i).cpustat[CPUTIME_NICE]; -@@ -142,6 +160,7 @@ static int show_stat(struct seq_file *p, void *v) +@@ -142,6 +158,7 @@ static int show_stat(struct seq_file *p, void *v) steal = kcpustat_cpu(i).cpustat[CPUTIME_STEAL]; guest = kcpustat_cpu(i).cpustat[CPUTIME_GUEST]; guest_nice = kcpustat_cpu(i).cpustat[CPUTIME_GUEST_NICE]; @@ -61332,7 +61312,7 @@ index 1cf86c0..f61473c 100644 seq_printf(p, "cpu%d", i); seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(user)); seq_put_decimal_ull(p, ' ', cputime64_to_clock_t(nice)); -@@ -159,7 +178,7 @@ static int show_stat(struct seq_file *p, void *v) +@@ -159,7 +176,7 @@ static int show_stat(struct seq_file *p, void *v) /* sum again ? it could be updated? */ for_each_irq_nr(j) @@ -61341,17 +61321,16 @@ index 1cf86c0..f61473c 100644 seq_printf(p, "\nctxt %llu\n" -@@ -167,11 +186,11 @@ static int show_stat(struct seq_file *p, void *v) +@@ -167,11 +184,11 @@ static int show_stat(struct seq_file *p, void *v) "processes %lu\n" "procs_running %lu\n" "procs_blocked %lu\n", - nr_context_switches(), -- (unsigned long)jif, ++ unrestricted ? nr_context_switches() : 0ULL, + (unsigned long)jif, - total_forks, - nr_running(), - nr_iowait()); -+ unrestricted ? nr_context_switches() : 0ULL, -+ unrestricted ? (unsigned long)jif : 0UL, + unrestricted ? total_forks : 0UL, + unrestricted ? nr_running() : 0UL, + unrestricted ? nr_iowait() : 0UL); @@ -73999,7 +73978,7 @@ index 810431d..0ec4804f 100644 * (puds are folded into pgds so this doesn't get actually called, * but the define is needed for a generic inline function.) diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h -index f330d28..d93bba9 100644 +index b12079a..86683e3 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h @@ -599,11 +599,10 @@ static inline int pmd_none_or_trans_huge_or_clear_bad(pmd_t *pmd) @@ -74266,18 +74245,6 @@ index 729a4d1..9b304ae 100644 static inline kuid_t audit_get_loginuid(struct task_struct *tsk) { -diff --git a/include/linux/auxvec.h b/include/linux/auxvec.h -index 669fef5..3e0fbe4 100644 ---- a/include/linux/auxvec.h -+++ b/include/linux/auxvec.h -@@ -3,6 +3,6 @@ - - #include <uapi/linux/auxvec.h> - --#define AT_VECTOR_SIZE_BASE 19 /* NEW_AUX_ENT entries in auxiliary table */ -+#define AT_VECTOR_SIZE_BASE 20 /* NEW_AUX_ENT entries in auxiliary table */ - /* number of "#define AT_.*" above, minus {AT_NULL, AT_IGNORE, AT_NOTELF} */ - #endif /* _LINUX_AUXVEC_H */ diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h index 7554fd4..0f86379 100644 --- a/include/linux/binfmts.h @@ -76912,10 +76879,10 @@ index 0fbbc7a..db081e3 100644 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); diff --git a/include/linux/libata.h b/include/linux/libata.h -index 0e23c26..6ad8c33 100644 +index 9b50337..712d748 100644 --- a/include/linux/libata.h +++ b/include/linux/libata.h -@@ -972,7 +972,7 @@ struct ata_port_operations { +@@ -973,7 +973,7 @@ struct ata_port_operations { * fields must be pointers. */ const struct ata_port_operations *inherits; @@ -77310,7 +77277,7 @@ index 8b6e55e..c4edf39 100644 #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */ diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h -index d9851ee..619492d 100644 +index 8e082f1..f61f576 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -289,6 +289,8 @@ struct vm_area_struct { @@ -77322,8 +77289,8 @@ index d9851ee..619492d 100644 }; struct core_thread { -@@ -436,6 +438,24 @@ struct mm_struct { - int first_nid; +@@ -444,6 +446,24 @@ struct mm_struct { + bool tlb_flush_pending; #endif struct uprobes_state uprobes_state; + @@ -78201,13 +78168,13 @@ index 4106721..132d42c 100644 * hlist_del_init_rcu - deletes entry from hash list with re-initialization * @n: the element to delete from the hash list. diff --git a/include/linux/reboot.h b/include/linux/reboot.h -index 8e00f9f..9449b55 100644 +index 9e7db9e..7d4fd72 100644 --- a/include/linux/reboot.h +++ b/include/linux/reboot.h -@@ -43,9 +43,9 @@ extern int unregister_reboot_notifier(struct notifier_block *); - * Architecture-specific implementations of sys_reboot commands. +@@ -44,9 +44,9 @@ extern int unregister_reboot_notifier(struct notifier_block *); */ + extern void migrate_to_reboot_cpu(void); -extern void machine_restart(char *cmd); -extern void machine_halt(void); -extern void machine_power_off(void); @@ -78217,7 +78184,7 @@ index 8e00f9f..9449b55 100644 extern void machine_shutdown(void); struct pt_regs; -@@ -56,9 +56,9 @@ extern void machine_crash_shutdown(struct pt_regs *); +@@ -57,9 +57,9 @@ extern void machine_crash_shutdown(struct pt_regs *); */ extern void kernel_restart_prepare(char *cmd); @@ -78230,7 +78197,7 @@ index 8e00f9f..9449b55 100644 extern int C_A_D; /* for sysctl */ void ctrl_alt_del(void); -@@ -72,7 +72,7 @@ extern int orderly_poweroff(bool force); +@@ -73,7 +73,7 @@ extern int orderly_poweroff(bool force); * Emergency restart, callable from an interrupt handler. */ @@ -80409,10 +80376,10 @@ index d22cb0a..c6ba150 100644 struct snd_soc_platform { const char *name; diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h -index 5bdb8b7..bb1096c 100644 +index 23bfd10..1ff3e35 100644 --- a/include/target/target_core_base.h +++ b/include/target/target_core_base.h -@@ -663,7 +663,7 @@ struct se_device { +@@ -664,7 +664,7 @@ struct se_device { spinlock_t stats_lock; /* Active commands on this virtual SE device */ atomic_t simple_cmds; @@ -81761,10 +81728,10 @@ index 4e66bf9..cdccecf 100644 +} +EXPORT_SYMBOL(inode_capable_nolog); diff --git a/kernel/cgroup.c b/kernel/cgroup.c -index 5c9127d..f871169 100644 +index b6fd783..7f526b7 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c -@@ -5844,7 +5844,7 @@ static int cgroup_css_links_read(struct cgroup_subsys_state *css, +@@ -5855,7 +5855,7 @@ static int cgroup_css_links_read(struct cgroup_subsys_state *css, struct css_set *cset = link->cset; struct task_struct *task; int count = 0; @@ -82424,7 +82391,7 @@ index a949819..a5f127d 100644 { struct signal_struct *sig = current->signal; diff --git a/kernel/fork.c b/kernel/fork.c -index 086fe73..72c1122 100644 +index 690cfac..3be2d98 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -319,7 +319,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) @@ -82626,7 +82593,7 @@ index 086fe73..72c1122 100644 } static inline int mm_alloc_pgd(struct mm_struct *mm) -@@ -688,8 +733,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) +@@ -689,8 +734,8 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) return ERR_PTR(err); mm = get_task_mm(task); @@ -82637,7 +82604,7 @@ index 086fe73..72c1122 100644 mmput(mm); mm = ERR_PTR(-EACCES); } -@@ -911,13 +956,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) +@@ -912,13 +957,20 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) spin_unlock(&fs->lock); return -EAGAIN; } @@ -82659,7 +82626,7 @@ index 086fe73..72c1122 100644 return 0; } -@@ -1128,7 +1180,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) +@@ -1129,7 +1181,7 @@ init_task_pid(struct task_struct *task, enum pid_type type, struct pid *pid) * parts of the process environment (as per the clone * flags). The actual kick-off is left to the caller. */ @@ -82668,7 +82635,7 @@ index 086fe73..72c1122 100644 unsigned long stack_start, unsigned long stack_size, int __user *child_tidptr, -@@ -1200,6 +1252,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1201,6 +1253,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); #endif retval = -EAGAIN; @@ -82678,7 +82645,7 @@ index 086fe73..72c1122 100644 if (atomic_read(&p->real_cred->user->processes) >= task_rlimit(p, RLIMIT_NPROC)) { if (p->real_cred->user != INIT_USER && -@@ -1449,6 +1504,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, +@@ -1450,6 +1505,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, goto bad_fork_free_pid; } @@ -82690,7 +82657,7 @@ index 086fe73..72c1122 100644 if (likely(p->pid)) { ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace); -@@ -1534,6 +1594,8 @@ bad_fork_cleanup_count: +@@ -1535,6 +1595,8 @@ bad_fork_cleanup_count: bad_fork_free: free_task(p); fork_out: @@ -82699,7 +82666,7 @@ index 086fe73..72c1122 100644 return ERR_PTR(retval); } -@@ -1595,6 +1657,7 @@ long do_fork(unsigned long clone_flags, +@@ -1596,6 +1658,7 @@ long do_fork(unsigned long clone_flags, p = copy_process(clone_flags, stack_start, stack_size, child_tidptr, NULL, trace); @@ -82707,7 +82674,7 @@ index 086fe73..72c1122 100644 /* * Do this prior waking up the new thread - the thread pointer * might get invalid after that point, if the thread exits quickly. -@@ -1609,6 +1672,8 @@ long do_fork(unsigned long clone_flags, +@@ -1610,6 +1673,8 @@ long do_fork(unsigned long clone_flags, if (clone_flags & CLONE_PARENT_SETTID) put_user(nr, parent_tidptr); @@ -82716,7 +82683,7 @@ index 086fe73..72c1122 100644 if (clone_flags & CLONE_VFORK) { p->vfork_done = &vfork; init_completion(&vfork); -@@ -1725,7 +1790,7 @@ void __init proc_caches_init(void) +@@ -1726,7 +1791,7 @@ void __init proc_caches_init(void) mm_cachep = kmem_cache_create("mm_struct", sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_NOTRACK, NULL); @@ -82725,7 +82692,7 @@ index 086fe73..72c1122 100644 mmap_init(); nsproxy_cache_init(); } -@@ -1765,7 +1830,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) +@@ -1766,7 +1831,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) return 0; /* don't need lock here; in the worst case we'll do useless copy */ @@ -82734,7 +82701,7 @@ index 086fe73..72c1122 100644 return 0; *new_fsp = copy_fs_struct(fs); -@@ -1872,7 +1937,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -1873,7 +1938,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) fs = current->fs; spin_lock(&fs->lock); current->fs = new_fs; @@ -83034,7 +83001,7 @@ index e30ac0f..3528cac 100644 /* diff --git a/kernel/kexec.c b/kernel/kexec.c -index ecd783d..9aa270c 100644 +index 355e13a..06b25d2 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c @@ -1044,7 +1044,8 @@ asmlinkage long compat_sys_kexec_load(unsigned long entry, @@ -85852,7 +85819,7 @@ index 5ac63c9..d912786 100644 #else static void register_sched_domain_sysctl(void) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c -index 513fc2f..906a851 100644 +index 7765ad8..774519f 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c @@ -869,7 +869,7 @@ void task_numa_fault(int node, int pages, bool migrated) @@ -85864,7 +85831,7 @@ index 513fc2f..906a851 100644 p->mm->numa_scan_offset = 0; } -@@ -5840,7 +5840,7 @@ static void nohz_idle_balance(int this_cpu, enum cpu_idle_type idle) { } +@@ -5847,7 +5847,7 @@ static void nohz_idle_balance(int this_cpu, enum cpu_idle_type idle) { } * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ @@ -86790,7 +86757,7 @@ index b8b8560..75b1a09 100644 ret = -EIO; bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt, diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c -index f3bd09ee..9bb9586 100644 +index 1345d9f..db46efe 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -1944,12 +1944,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec) @@ -88166,7 +88133,7 @@ index ae4846f..b0acebe 100644 send_sig(SIGXFSZ, current, 0); return -EFBIG; diff --git a/mm/fremap.c b/mm/fremap.c -index 5bff081..bfa6e93 100644 +index bbc4d66..117b798 100644 --- a/mm/fremap.c +++ b/mm/fremap.c @@ -163,6 +163,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, @@ -88181,36 +88148,6 @@ index 5bff081..bfa6e93 100644 /* * Make sure the vma is shared, that it supports prefaulting, * and that the remapped range is valid and fully within -@@ -208,9 +213,10 @@ get_write_lock: - if (mapping_cap_account_dirty(mapping)) { - unsigned long addr; - struct file *file = get_file(vma->vm_file); -+ /* mmap_region may free vma; grab the info now */ -+ vm_flags = ACCESS_ONCE(vma->vm_flags); - -- addr = mmap_region(file, start, size, -- vma->vm_flags, pgoff); -+ addr = mmap_region(file, start, size, vm_flags, pgoff); - fput(file); - if (IS_ERR_VALUE(addr)) { - err = addr; -@@ -218,7 +224,7 @@ get_write_lock: - BUG_ON(addr != start); - err = 0; - } -- goto out; -+ goto out_freed; - } - mutex_lock(&mapping->i_mmap_mutex); - flush_dcache_mmap_lock(mapping); -@@ -253,6 +259,7 @@ get_write_lock: - out: - if (vma) - vm_flags = vma->vm_flags; -+out_freed: - if (likely(!has_write_lock)) - up_read(&mm->mmap_sem); - else diff --git a/mm/highmem.c b/mm/highmem.c index b32b70c..e512eb0 100644 --- a/mm/highmem.c @@ -88520,7 +88457,7 @@ index 539eeb9..e24a987 100644 if (end == start) return error; diff --git a/mm/memory-failure.c b/mm/memory-failure.c -index bf3351b..aea800d 100644 +index 9aea53f..f239c30 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; @@ -88550,7 +88487,7 @@ index bf3351b..aea800d 100644 { reserved, reserved, "reserved kernel", me_kernel }, /* * free pages are specially detected outside this table: -@@ -1053,7 +1053,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1063,7 +1063,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) nr_pages = 1 << compound_order(hpage); else /* normal page or thp */ nr_pages = 1; @@ -88559,7 +88496,7 @@ index bf3351b..aea800d 100644 /* * We need/can do nothing about count=0 pages. -@@ -1083,7 +1083,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1093,7 +1093,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) if (!PageHWPoison(hpage) || (hwpoison_filter(p) && TestClearPageHWPoison(p)) || (p != hpage && TestSetPageHWPoison(hpage))) { @@ -88568,7 +88505,7 @@ index bf3351b..aea800d 100644 return 0; } set_page_hwpoison_huge_page(hpage); -@@ -1152,7 +1152,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) +@@ -1162,7 +1162,7 @@ int memory_failure(unsigned long pfn, int trapno, int flags) } if (hwpoison_filter(p)) { if (TestClearPageHWPoison(p)) @@ -88577,7 +88514,7 @@ index bf3351b..aea800d 100644 unlock_page(hpage); put_page(hpage); return 0; -@@ -1370,7 +1370,7 @@ int unpoison_memory(unsigned long pfn) +@@ -1380,7 +1380,7 @@ int unpoison_memory(unsigned long pfn) return 0; } if (TestClearPageHWPoison(p)) @@ -88586,7 +88523,7 @@ index bf3351b..aea800d 100644 pr_info("MCE: Software-unpoisoned free page %#lx\n", pfn); return 0; } -@@ -1384,7 +1384,7 @@ int unpoison_memory(unsigned long pfn) +@@ -1394,7 +1394,7 @@ int unpoison_memory(unsigned long pfn) */ if (TestClearPageHWPoison(page)) { pr_info("MCE: Software-unpoisoned page %#lx\n", pfn); @@ -88595,16 +88532,21 @@ index bf3351b..aea800d 100644 freeit = 1; if (PageHuge(page)) clear_page_hwpoison_huge_page(page); -@@ -1521,7 +1521,7 @@ static int soft_offline_huge_page(struct page *page, int flags) - } else { - set_page_hwpoison_huge_page(hpage); - dequeue_hwpoisoned_huge_page(hpage); -- atomic_long_add(1 << compound_order(hpage), -+ atomic_long_add_unchecked(1 << compound_order(hpage), - &num_poisoned_pages); +@@ -1533,11 +1533,11 @@ static int soft_offline_huge_page(struct page *page, int flags) + if (PageHuge(page)) { + set_page_hwpoison_huge_page(hpage); + dequeue_hwpoisoned_huge_page(hpage); +- atomic_long_add(1 << compound_order(hpage), ++ atomic_long_add_unchecked(1 << compound_order(hpage), + &num_poisoned_pages); + } else { + SetPageHWPoison(page); +- atomic_long_inc(&num_poisoned_pages); ++ atomic_long_inc_unchecked(&num_poisoned_pages); + } } return ret; -@@ -1560,7 +1560,7 @@ static int __soft_offline_page(struct page *page, int flags) +@@ -1576,7 +1576,7 @@ static int __soft_offline_page(struct page *page, int flags) put_page(page); pr_info("soft_offline: %#lx: invalidated\n", pfn); SetPageHWPoison(page); @@ -88613,7 +88555,7 @@ index bf3351b..aea800d 100644 return 0; } -@@ -1605,7 +1605,7 @@ static int __soft_offline_page(struct page *page, int flags) +@@ -1621,7 +1621,7 @@ static int __soft_offline_page(struct page *page, int flags) if (!is_free_buddy_page(page)) pr_info("soft offline: %#lx: page leaked\n", pfn); @@ -88622,7 +88564,7 @@ index bf3351b..aea800d 100644 } } else { pr_info("soft offline: %#lx: isolation failed: %d, page count %d, type %lx\n", -@@ -1666,11 +1666,11 @@ int soft_offline_page(struct page *page, int flags) +@@ -1682,11 +1682,11 @@ int soft_offline_page(struct page *page, int flags) if (PageHuge(page)) { set_page_hwpoison_huge_page(hpage); dequeue_hwpoisoned_huge_page(hpage); @@ -89332,7 +89274,7 @@ index d176154..cd1b387 100644 mm = get_task_mm(tsk); if (!mm) diff --git a/mm/mempolicy.c b/mm/mempolicy.c -index 0472964..7d5a0ea 100644 +index 6b22d8f9..8b5f6cf 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -746,6 +746,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, @@ -89408,10 +89350,10 @@ index 0472964..7d5a0ea 100644 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); diff --git a/mm/migrate.c b/mm/migrate.c -index c046927..6996b40 100644 +index e3cf71d..c94506c 100644 --- a/mm/migrate.c +++ b/mm/migrate.c -@@ -1404,8 +1404,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, +@@ -1406,8 +1406,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -89422,7 +89364,7 @@ index c046927..6996b40 100644 err = -EPERM; goto out; diff --git a/mm/mlock.c b/mm/mlock.c -index d480cd6..0f98458 100644 +index 192e6ee..b044449 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -14,6 +14,7 @@ @@ -89433,7 +89375,7 @@ index d480cd6..0f98458 100644 #include <linux/sched.h> #include <linux/export.h> #include <linux/rmap.h> -@@ -568,7 +569,7 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -588,7 +589,7 @@ static int do_mlock(unsigned long start, size_t len, int on) { unsigned long nstart, end, tmp; struct vm_area_struct * vma, * prev; @@ -89442,7 +89384,7 @@ index d480cd6..0f98458 100644 VM_BUG_ON(start & ~PAGE_MASK); VM_BUG_ON(len != PAGE_ALIGN(len)); -@@ -577,6 +578,9 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -597,6 +598,9 @@ static int do_mlock(unsigned long start, size_t len, int on) return -EINVAL; if (end == start) return 0; @@ -89452,7 +89394,7 @@ index d480cd6..0f98458 100644 vma = find_vma(current->mm, start); if (!vma || vma->vm_start > start) return -ENOMEM; -@@ -588,6 +592,11 @@ static int do_mlock(unsigned long start, size_t len, int on) +@@ -608,6 +612,11 @@ static int do_mlock(unsigned long start, size_t len, int on) for (nstart = start ; ; ) { vm_flags_t newflags; @@ -89464,7 +89406,7 @@ index d480cd6..0f98458 100644 /* Here we know that vma->vm_start <= nstart < vma->vm_end. */ newflags = vma->vm_flags & ~VM_LOCKED; -@@ -700,6 +709,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) +@@ -720,6 +729,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len) lock_limit >>= PAGE_SHIFT; /* check against resource limits */ @@ -89472,7 +89414,7 @@ index d480cd6..0f98458 100644 if ((locked <= lock_limit) || capable(CAP_IPC_LOCK)) error = do_mlock(start, len, 1); up_write(¤t->mm->mmap_sem); -@@ -734,6 +744,11 @@ static int do_mlockall(int flags) +@@ -754,6 +764,11 @@ static int do_mlockall(int flags) for (vma = current->mm->mmap; vma ; vma = prev->vm_next) { vm_flags_t newflags; @@ -89484,7 +89426,7 @@ index d480cd6..0f98458 100644 newflags = vma->vm_flags & ~VM_LOCKED; if (flags & MCL_CURRENT) newflags |= VM_LOCKED; -@@ -767,6 +782,7 @@ SYSCALL_DEFINE1(mlockall, int, flags) +@@ -787,6 +802,7 @@ SYSCALL_DEFINE1(mlockall, int, flags) lock_limit >>= PAGE_SHIFT; ret = -ENOMEM; @@ -90754,7 +90696,7 @@ index 362e5f1..8968e02 100644 vma->vm_page_prot = vm_get_page_prot(vma->vm_flags); diff --git a/mm/mprotect.c b/mm/mprotect.c -index 6c3f56f..b2340b0 100644 +index 7651a57..d761c62 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -23,10 +23,18 @@ @@ -90776,7 +90718,7 @@ index 6c3f56f..b2340b0 100644 #ifndef pgprot_modify static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot) -@@ -241,6 +249,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, +@@ -250,6 +258,48 @@ unsigned long change_protection(struct vm_area_struct *vma, unsigned long start, return pages; } @@ -90825,7 +90767,7 @@ index 6c3f56f..b2340b0 100644 int mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, unsigned long start, unsigned long end, unsigned long newflags) -@@ -253,11 +303,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, +@@ -262,11 +312,29 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, int error; int dirty_accountable = 0; @@ -90855,7 +90797,7 @@ index 6c3f56f..b2340b0 100644 /* * If we make a private mapping writable we increase our commit; * but (without finer accounting) cannot reduce our commit if we -@@ -274,6 +342,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, +@@ -283,6 +351,42 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, } } @@ -90898,7 +90840,7 @@ index 6c3f56f..b2340b0 100644 /* * First try to merge with previous and/or next vma. */ -@@ -304,9 +408,21 @@ success: +@@ -313,9 +417,21 @@ success: * vm_flags and vm_page_prot are protected by the mmap_sem * held in write mode. */ @@ -90921,7 +90863,7 @@ index 6c3f56f..b2340b0 100644 if (vma_wants_writenotify(vma)) { vma->vm_page_prot = vm_get_page_prot(newflags & ~VM_SHARED); -@@ -345,6 +461,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -354,6 +470,17 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, end = start + len; if (end <= start) return -ENOMEM; @@ -90939,7 +90881,7 @@ index 6c3f56f..b2340b0 100644 if (!arch_validate_prot(prot)) return -EINVAL; -@@ -352,7 +479,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -361,7 +488,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, /* * Does the application expect PROT_READ to imply PROT_EXEC: */ @@ -90948,7 +90890,7 @@ index 6c3f56f..b2340b0 100644 prot |= PROT_EXEC; vm_flags = calc_vm_prot_bits(prot); -@@ -384,6 +511,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -393,6 +520,11 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, if (start > vma->vm_start) prev = vma; @@ -90960,7 +90902,7 @@ index 6c3f56f..b2340b0 100644 for (nstart = start ; ; ) { unsigned long newflags; -@@ -394,6 +526,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -403,6 +535,14 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, /* newflags >> 4 shift VM_MAY% in place of VM_% */ if ((newflags & ~(newflags >> 4)) & (VM_READ | VM_WRITE | VM_EXEC)) { @@ -90975,7 +90917,7 @@ index 6c3f56f..b2340b0 100644 error = -EACCES; goto out; } -@@ -408,6 +548,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, +@@ -417,6 +557,9 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); if (error) goto out; @@ -91173,7 +91115,7 @@ index 6380758..4064aec 100644 unsigned long bg_thresh, unsigned long dirty, diff --git a/mm/page_alloc.c b/mm/page_alloc.c -index dd886fa..7686339 100644 +index 317ea74..a4a1977 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -61,6 +61,7 @@ @@ -91347,7 +91289,7 @@ index fd26d04..0cea1b0 100644 if (!mm || IS_ERR(mm)) { rc = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH; diff --git a/mm/rmap.c b/mm/rmap.c -index fd3ee7a..e4baa1f 100644 +index b9d2222..e4baa1f 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -163,6 +163,10 @@ int anon_vma_prepare(struct vm_area_struct *vma) @@ -91449,18 +91391,6 @@ index fd3ee7a..e4baa1f 100644 } /* -@@ -600,7 +636,11 @@ pte_t *__page_check_address(struct page *page, struct mm_struct *mm, - spinlock_t *ptl; - - if (unlikely(PageHuge(page))) { -+ /* when pud is not present, pte will be NULL */ - pte = huge_pte_offset(mm, address); -+ if (!pte) -+ return NULL; -+ - ptl = &mm->page_table_lock; - goto check; - } diff --git a/mm/shmem.c b/mm/shmem.c index 8297623..6b9dfe9 100644 --- a/mm/shmem.c @@ -92810,10 +92740,18 @@ index 1074543..136dbe0 100644 if (v->nr_pages) seq_printf(m, " pages=%d", v->nr_pages); diff --git a/mm/vmstat.c b/mm/vmstat.c -index 5a442a7..5eb281e 100644 +index 5a442a7..dbbda4a 100644 --- a/mm/vmstat.c +++ b/mm/vmstat.c -@@ -79,7 +79,7 @@ void vm_events_fold_cpu(int cpu) +@@ -20,6 +20,7 @@ + #include <linux/writeback.h> + #include <linux/compaction.h> + #include <linux/mm_inline.h> ++#include <linux/grsecurity.h> + + #include "internal.h" + +@@ -79,7 +80,7 @@ void vm_events_fold_cpu(int cpu) * * vm_stat contains the global counters */ @@ -92822,7 +92760,7 @@ index 5a442a7..5eb281e 100644 EXPORT_SYMBOL(vm_stat); #ifdef CONFIG_SMP -@@ -423,7 +423,7 @@ static inline void fold_diff(int *diff) +@@ -423,7 +424,7 @@ static inline void fold_diff(int *diff) for (i = 0; i < NR_VM_ZONE_STAT_ITEMS; i++) if (diff[i]) @@ -92831,7 +92769,7 @@ index 5a442a7..5eb281e 100644 } /* -@@ -455,7 +455,7 @@ static void refresh_cpu_vm_stats(void) +@@ -455,7 +456,7 @@ static void refresh_cpu_vm_stats(void) v = this_cpu_xchg(p->vm_stat_diff[i], 0); if (v) { @@ -92840,7 +92778,7 @@ index 5a442a7..5eb281e 100644 global_diff[i] += v; #ifdef CONFIG_NUMA /* 3 seconds idle till flush */ -@@ -517,7 +517,7 @@ void cpu_vm_stats_fold(int cpu) +@@ -517,7 +518,7 @@ void cpu_vm_stats_fold(int cpu) v = p->vm_stat_diff[i]; p->vm_stat_diff[i] = 0; @@ -92849,7 +92787,7 @@ index 5a442a7..5eb281e 100644 global_diff[i] += v; } } -@@ -537,8 +537,8 @@ void drain_zonestat(struct zone *zone, struct per_cpu_pageset *pset) +@@ -537,8 +538,8 @@ void drain_zonestat(struct zone *zone, struct per_cpu_pageset *pset) if (pset->vm_stat_diff[i]) { int v = pset->vm_stat_diff[i]; pset->vm_stat_diff[i] = 0; @@ -92860,7 +92798,31 @@ index 5a442a7..5eb281e 100644 } } #endif -@@ -1281,10 +1281,20 @@ static int __init setup_vmstat(void) +@@ -1148,10 +1149,22 @@ static void *vmstat_start(struct seq_file *m, loff_t *pos) + stat_items_size += sizeof(struct vm_event_state); + #endif + +- v = kmalloc(stat_items_size, GFP_KERNEL); ++ v = kzalloc(stat_items_size, GFP_KERNEL); + m->private = v; + if (!v) + return ERR_PTR(-ENOMEM); ++ ++#ifdef CONFIG_GRKERNSEC_PROC_ADD ++#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP) ++ if (!uid_eq(current_uid(), GLOBAL_ROOT_UID) ++#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP ++ && !in_group_p(grsec_proc_gid) ++#endif ++ ) ++ return (unsigned long *)m->private + *pos; ++#endif ++#endif ++ + for (i = 0; i < NR_VM_ZONE_STAT_ITEMS; i++) + v[i] = global_page_state(i); + v += NR_VM_ZONE_STAT_ITEMS; +@@ -1281,10 +1294,16 @@ static int __init setup_vmstat(void) start_cpu_timer(cpu); #endif #ifdef CONFIG_PROC_FS @@ -92875,11 +92837,7 @@ index 5a442a7..5eb281e 100644 +#endif + proc_create("buddyinfo", gr_mode, NULL, &fragmentation_file_operations); + proc_create("pagetypeinfo", gr_mode, NULL, &pagetypeinfo_file_ops); -+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP -+ proc_create("vmstat", gr_mode | S_IRGRP, NULL, &proc_vmstat_file_operations); -+#else -+ proc_create("vmstat", gr_mode, NULL, &proc_vmstat_file_operations); -+#endif ++ proc_create("vmstat", S_IRUGO, NULL, &proc_vmstat_file_operations); + proc_create("zoneinfo", gr_mode, NULL, &proc_zoneinfo_file_operations); + } #endif @@ -99026,21 +98984,10 @@ index 5de5660..d3deb89 100644 -e 's@^#include <linux/compiler.h>@@' \ -e 's/(^|[^a-zA-Z0-9])__packed([^a-zA-Z0-9_]|$)/\1__attribute__((packed))\2/g' \ diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh -index 32b10f5..64eeb30 100644 +index 2dcb377..a82c500 100644 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh -@@ -82,7 +82,9 @@ kallsyms() - kallsymopt="${kallsymopt} --all-symbols" - fi - -- kallsymopt="${kallsymopt} --page-offset=$CONFIG_PAGE_OFFSET" -+ if [ -z "${CONFIG_X86_32}" ] || [ -z "${CONFIG_PAX_KERNEXEC}" ]; then -+ kallsymopt="${kallsymopt} --page-offset=$CONFIG_PAGE_OFFSET" -+ fi - - local aflags="${KBUILD_AFLAGS} ${KBUILD_AFLAGS_KERNEL} \ - ${NOSTDINC_FLAGS} ${LINUXINCLUDE} ${KBUILD_CPPFLAGS}" -@@ -160,7 +162,7 @@ else +@@ -162,7 +162,7 @@ else fi; # final build of init/ @@ -99307,10 +99254,10 @@ index f5eb43d..1814de8 100644 shdr = (Elf_Shdr *)((char *)ehdr + _r(&ehdr->e_shoff)); shstrtab_sec = shdr + r2(&ehdr->e_shstrndx); diff --git a/security/Kconfig b/security/Kconfig -index e9c6ac7..8433964 100644 +index e9c6ac7..9551ea7 100644 --- a/security/Kconfig +++ b/security/Kconfig -@@ -4,6 +4,959 @@ +@@ -4,6 +4,958 @@ menu "Security options" @@ -99621,7 +99568,6 @@ index e9c6ac7..8433964 100644 + select CIFS_XATTR if CIFS + select EXT2_FS_XATTR if EXT2_FS + select EXT3_FS_XATTR if EXT3_FS -+ select EXT4_FS_XATTR if EXT4_FS + select JFFS2_FS_XATTR if JFFS2_FS + select REISERFS_FS_XATTR if REISERFS_FS + select SQUASHFS_XATTR if SQUASHFS @@ -100270,7 +100216,7 @@ index e9c6ac7..8433964 100644 source security/keys/Kconfig config SECURITY_DMESG_RESTRICT -@@ -103,7 +1056,7 @@ config INTEL_TXT +@@ -103,7 +1055,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX @@ -100625,36 +100571,10 @@ index fc3e662..7844c60 100644 lock = &avc_cache.slots_lock[hvalue]; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index d9a78fd..ae3ad22 100644 +index 392a044..5e931be 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c -@@ -4297,8 +4297,10 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) - } - err = avc_has_perm(sk_sid, peer_sid, SECCLASS_PEER, - PEER__RECV, &ad); -- if (err) -+ if (err) { - selinux_netlbl_err(skb, err, 0); -+ return err; -+ } - } - - if (secmark_active) { -@@ -5521,11 +5523,11 @@ static int selinux_setprocattr(struct task_struct *p, - /* Check for ptracing, and update the task SID if ok. - Otherwise, leave SID unchanged and fail. */ - ptsid = 0; -- task_lock(p); -+ rcu_read_lock(); - tracer = ptrace_parent(p); - if (tracer) - ptsid = task_sid(tracer); -- task_unlock(p); -+ rcu_read_unlock(); - - if (tracer) { - error = avc_has_perm(ptsid, sid, SECCLASS_PROCESS, -@@ -5662,7 +5664,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) +@@ -5693,7 +5693,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) #endif @@ -100663,7 +100583,7 @@ index d9a78fd..ae3ad22 100644 .name = "selinux", .ptrace_access_check = selinux_ptrace_access_check, -@@ -6014,6 +6016,9 @@ static void selinux_nf_ip_exit(void) +@@ -6045,6 +6045,9 @@ static void selinux_nf_ip_exit(void) #ifdef CONFIG_SECURITY_SELINUX_DISABLE static int selinux_disabled; @@ -100673,7 +100593,7 @@ index d9a78fd..ae3ad22 100644 int selinux_disable(void) { if (ss_initialized) { -@@ -6031,7 +6036,9 @@ int selinux_disable(void) +@@ -6062,7 +6065,9 @@ int selinux_disable(void) selinux_disabled = 1; selinux_enabled = 0; @@ -100685,10 +100605,10 @@ index d9a78fd..ae3ad22 100644 /* Try to destroy the avc node cache */ avc_disable(); diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h -index 6713f04..c57ecef 100644 +index c1af4e1..bcb003c 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h -@@ -52,7 +52,7 @@ static inline void selinux_xfrm_notify_policyload(void) +@@ -53,7 +53,7 @@ static inline void selinux_xfrm_notify_policyload(void) { struct net *net; @@ -103424,10 +103344,10 @@ index 0000000..679b9ef +} diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data new file mode 100644 -index 0000000..a0c9844 +index 0000000..afbbf8f --- /dev/null +++ b/tools/gcc/size_overflow_hash.data -@@ -0,0 +1,7723 @@ +@@ -0,0 +1,7725 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL +batadv_orig_node_del_if_4 batadv_orig_node_del_if 2 4 NULL @@ -103442,8 +103362,8 @@ index 0000000..a0c9844 +snd_korg1212_copy_to_92 snd_korg1212_copy_to 6 92 NULL +load_msg_95 load_msg 2 95 NULL +device_flush_iotlb_115 device_flush_iotlb 2-3 115 NULL -+ipath_verbs_send_117 ipath_verbs_send 5-3 117 NULL nohasharray -+write_all_supers_117 write_all_supers 0 117 &ipath_verbs_send_117 ++write_all_supers_117 write_all_supers 0 117 NULL nohasharray ++ipath_verbs_send_117 ipath_verbs_send 5-3 117 &write_all_supers_117 +init_q_132 init_q 4 132 NULL +ocfs2_local_alloc_slide_window_134 ocfs2_local_alloc_slide_window 0 134 NULL +memstick_alloc_host_142 memstick_alloc_host 1 142 NULL @@ -104442,8 +104362,8 @@ index 0000000..a0c9844 +usb_allocate_stream_buffers_8964 usb_allocate_stream_buffers 3 8964 NULL +qib_qsfp_dump_8966 qib_qsfp_dump 0-3 8966 NULL +venus_mkdir_8967 venus_mkdir 4 8967 NULL -+seq_open_net_8968 seq_open_net 4 8968 NULL nohasharray -+vol_cdev_read_8968 vol_cdev_read 3 8968 &seq_open_net_8968 ++vol_cdev_read_8968 vol_cdev_read 3 8968 NULL nohasharray ++seq_open_net_8968 seq_open_net 4 8968 &vol_cdev_read_8968 +bio_integrity_get_tag_8974 bio_integrity_get_tag 3 8974 NULL +btrfs_alloc_free_block_8986 btrfs_alloc_free_block 3-8 8986 NULL +jbd2_journal_blocks_per_page_9004 jbd2_journal_blocks_per_page 0 9004 NULL @@ -104859,8 +104779,8 @@ index 0000000..a0c9844 +shash_compat_setkey_12267 shash_compat_setkey 3 12267 NULL +add_sctp_bind_addr_12269 add_sctp_bind_addr 3 12269 NULL +note_last_dentry_12285 note_last_dentry 3 12285 NULL -+il_dbgfs_nvm_read_12288 il_dbgfs_nvm_read 3 12288 NULL nohasharray -+roundup_to_multiple_of_64_12288 roundup_to_multiple_of_64 0-1 12288 &il_dbgfs_nvm_read_12288 ++roundup_to_multiple_of_64_12288 roundup_to_multiple_of_64 0-1 12288 NULL nohasharray ++il_dbgfs_nvm_read_12288 il_dbgfs_nvm_read 3 12288 &roundup_to_multiple_of_64_12288 +wrap_min_12303 wrap_min 0-1-2 12303 NULL +bt_sock_recvmsg_12316 bt_sock_recvmsg 4 12316 NULL +pcbit_writecmd_12332 pcbit_writecmd 2 12332 NULL @@ -104978,6 +104898,7 @@ index 0000000..a0c9844 +kvm_read_nested_guest_page_13337 kvm_read_nested_guest_page 5-2 13337 NULL +get_bits_13353 get_bits 0-2 13353 NULL +hscx_empty_fifo_13360 hscx_empty_fifo 2 13360 NULL ++snd_ctl_elem_info_13363 snd_ctl_elem_info 0 13363 NULL +iso_sched_alloc_13377 iso_sched_alloc 1 13377 NULL nohasharray +wep_key_not_found_read_13377 wep_key_not_found_read 3 13377 &iso_sched_alloc_13377 +ext4_meta_trans_blocks_13380 ext4_meta_trans_blocks 0-3-2 13380 NULL @@ -105119,8 +105040,8 @@ index 0000000..a0c9844 +efx_mdio_check_mmds_14486 efx_mdio_check_mmds 2 14486 NULL nohasharray +ieee80211_if_read_dot11MeshGateAnnouncementProtocol_14486 ieee80211_if_read_dot11MeshGateAnnouncementProtocol 3 14486 &efx_mdio_check_mmds_14486 +ocfs2_debug_read_14507 ocfs2_debug_read 3 14507 NULL -+ep0_write_14536 ep0_write 3 14536 NULL nohasharray -+dataflash_read_user_otp_14536 dataflash_read_user_otp 3-2 14536 &ep0_write_14536 ++dataflash_read_user_otp_14536 dataflash_read_user_otp 3-2 14536 NULL nohasharray ++ep0_write_14536 ep0_write 3 14536 &dataflash_read_user_otp_14536 +register_trace_sched_switch_14545 register_trace_sched_switch 0 14545 NULL +picolcd_debug_eeprom_read_14549 picolcd_debug_eeprom_read 3 14549 NULL +drm_vmalloc_dma_14550 drm_vmalloc_dma 1 14550 NULL @@ -105156,8 +105077,8 @@ index 0000000..a0c9844 +keys_proc_write_14792 keys_proc_write 3 14792 NULL +ext4_kvmalloc_14796 ext4_kvmalloc 1 14796 NULL +__kfifo_in_14797 __kfifo_in 3-0 14797 NULL -+hpet_readl_14801 hpet_readl 0 14801 NULL nohasharray -+snd_als300_gcr_read_14801 snd_als300_gcr_read 0 14801 &hpet_readl_14801 ++snd_als300_gcr_read_14801 snd_als300_gcr_read 0 14801 NULL nohasharray ++hpet_readl_14801 hpet_readl 0 14801 &snd_als300_gcr_read_14801 +changed_cb_14819 changed_cb 0 14819 NULL +do_tune_cpucache_14828 do_tune_cpucache 2 14828 NULL +mrp_attr_create_14853 mrp_attr_create 3 14853 NULL @@ -105850,8 +105771,8 @@ index 0000000..a0c9844 +cpulist_scnprintf_20648 cpulist_scnprintf 2-0 20648 NULL +oz_add_farewell_20652 oz_add_farewell 5 20652 NULL +oz_cdev_read_20659 oz_cdev_read 3 20659 NULL -+snd_hdsp_playback_copy_20676 snd_hdsp_playback_copy 5 20676 NULL nohasharray -+btrfs_qgroup_reserve_20676 btrfs_qgroup_reserve 0 20676 &snd_hdsp_playback_copy_20676 ++btrfs_qgroup_reserve_20676 btrfs_qgroup_reserve 0 20676 NULL nohasharray ++snd_hdsp_playback_copy_20676 snd_hdsp_playback_copy 5 20676 &btrfs_qgroup_reserve_20676 +get_user_page_nowait_20682 get_user_page_nowait 3 20682 NULL nohasharray +dvb_dmxdev_buffer_read_20682 dvb_dmxdev_buffer_read 0-4 20682 &get_user_page_nowait_20682 +cpumask_size_20683 cpumask_size 0 20683 NULL @@ -106517,8 +106438,8 @@ index 0000000..a0c9844 +read_sb_page_26119 read_sb_page 5 26119 NULL +__fswab64_26155 __fswab64 0 26155 NULL +copy_oldmem_page_26164 copy_oldmem_page 3 26164 NULL -+gfs2_xattr_acl_get_26166 gfs2_xattr_acl_get 0 26166 NULL nohasharray -+ath6kl_roam_table_read_26166 ath6kl_roam_table_read 3 26166 &gfs2_xattr_acl_get_26166 ++ath6kl_roam_table_read_26166 ath6kl_roam_table_read 3 26166 NULL nohasharray ++gfs2_xattr_acl_get_26166 gfs2_xattr_acl_get 0 26166 &ath6kl_roam_table_read_26166 +disk_devt_26180 disk_devt 0 26180 NULL +cgroup_setxattr_26188 cgroup_setxattr 4 26188 NULL +ieee80211_if_fmt_dot11MeshTTL_26198 ieee80211_if_fmt_dot11MeshTTL 3 26198 NULL @@ -106846,8 +106767,8 @@ index 0000000..a0c9844 +xz_dec_init_29029 xz_dec_init 2 29029 NULL +i915_gem_object_bind_to_vm_29035 i915_gem_object_bind_to_vm 0 29035 NULL +ieee80211_if_read_ht_opmode_29044 ieee80211_if_read_ht_opmode 3 29044 NULL -+ProcessGetHostMibs_29049 ProcessGetHostMibs 0 29049 NULL nohasharray -+rxrpc_sendmsg_29049 rxrpc_sendmsg 4 29049 &ProcessGetHostMibs_29049 ++rxrpc_sendmsg_29049 rxrpc_sendmsg 4 29049 NULL nohasharray ++ProcessGetHostMibs_29049 ProcessGetHostMibs 0 29049 &rxrpc_sendmsg_29049 +btrfs_root_bytenr_29058 btrfs_root_bytenr 0 29058 NULL +iso_packets_buffer_init_29061 iso_packets_buffer_init 3-4 29061 NULL +roundup_64_29066 roundup_64 2-0-1 29066 NULL @@ -107079,6 +107000,7 @@ index 0000000..a0c9844 +size_inside_page_31141 size_inside_page 0-1-2 31141 NULL +w9966_v4l_read_31148 w9966_v4l_read 3 31148 NULL +ch_do_scsi_31171 ch_do_scsi 4 31171 NULL ++crypto_rng_seedsize_31196 crypto_rng_seedsize 0 31196 NULL +r592_read_fifo_pio_31198 r592_read_fifo_pio 3 31198 NULL +mtdchar_readoob_31200 mtdchar_readoob 4 31200 NULL +__btrfs_free_reserved_extent_31207 __btrfs_free_reserved_extent 2 31207 NULL @@ -107459,8 +107381,8 @@ index 0000000..a0c9844 +av7110_vbi_write_34384 av7110_vbi_write 3 34384 NULL +usbvision_v4l2_read_34386 usbvision_v4l2_read 3 34386 NULL +read_rbu_image_type_34387 read_rbu_image_type 6 34387 NULL -+iwl_calib_set_34400 iwl_calib_set 3 34400 NULL nohasharray -+ivtv_read_pos_34400 ivtv_read_pos 3 34400 &iwl_calib_set_34400 ++ivtv_read_pos_34400 ivtv_read_pos 3 34400 NULL nohasharray ++iwl_calib_set_34400 iwl_calib_set 3 34400 &ivtv_read_pos_34400 +wd_exp_mode_write_34407 wd_exp_mode_write 3 34407 NULL +nl80211_send_disassoc_34424 nl80211_send_disassoc 4 34424 NULL +security_socket_create_34439 security_socket_create 0 34439 NULL @@ -107470,13 +107392,13 @@ index 0000000..a0c9844 +i2o_parm_field_get_34477 i2o_parm_field_get 5 34477 NULL +ocfs2_block_group_clear_bits_34484 ocfs2_block_group_clear_bits 0 34484 NULL +security_inode_permission_34488 security_inode_permission 0 34488 NULL -+SyS_pwritev_34494 SyS_pwritev 3 34494 NULL nohasharray -+__ffs64_34494 __ffs64 1-0 34494 &SyS_pwritev_34494 ++__ffs64_34494 __ffs64 1-0 34494 NULL nohasharray ++SyS_pwritev_34494 SyS_pwritev 3 34494 &__ffs64_34494 +qp_alloc_res_34496 qp_alloc_res 5 34496 NULL +lu_buf_check_and_alloc_34505 lu_buf_check_and_alloc 2 34505 NULL +snd_pcm_hw_param_value_34525 snd_pcm_hw_param_value 0 34525 NULL -+ext4_fallocate_34537 ext4_fallocate 4-3 34537 NULL nohasharray -+tracing_stats_read_34537 tracing_stats_read 3 34537 &ext4_fallocate_34537 ++tracing_stats_read_34537 tracing_stats_read 3 34537 NULL nohasharray ++ext4_fallocate_34537 ext4_fallocate 4-3 34537 &tracing_stats_read_34537 +hugetlbfs_read_actor_34547 hugetlbfs_read_actor 4-5-2-0 34547 NULL +dbBackSplit_34561 dbBackSplit 0 34561 NULL +alloc_ieee80211_rsl_34564 alloc_ieee80211_rsl 1 34564 NULL nohasharray @@ -107489,8 +107411,8 @@ index 0000000..a0c9844 +cw1200_queue_init_34599 cw1200_queue_init 4 34599 &ceph_msgpool_init_34599 +__add_prelim_ref_34600 __add_prelim_ref 0 34600 NULL +brcmf_cfg80211_mgmt_tx_34608 brcmf_cfg80211_mgmt_tx 7 34608 NULL -+__jffs2_ref_totlen_34609 __jffs2_ref_totlen 0 34609 NULL nohasharray -+mtd_write_34609 mtd_write 0 34609 &__jffs2_ref_totlen_34609 ++mtd_write_34609 mtd_write 0 34609 NULL nohasharray ++__jffs2_ref_totlen_34609 __jffs2_ref_totlen 0 34609 &mtd_write_34609 +apei_get_nvs_resources_34616 apei_get_nvs_resources 0 34616 NULL +__cfg80211_disconnected_34622 __cfg80211_disconnected 3 34622 NULL +cnic_alloc_dma_34641 cnic_alloc_dma 3 34641 NULL @@ -107956,11 +107878,11 @@ index 0000000..a0c9844 +snd_pcm_playback_rewind_38249 snd_pcm_playback_rewind 0-2 38249 NULL +from_dblock_38256 from_dblock 0-1 38256 NULL +vmci_qp_broker_set_page_store_38260 vmci_qp_broker_set_page_store 3-2 38260 NULL -+SYSC_msgrcv_38268 SYSC_msgrcv 3 38268 NULL nohasharray -+ieee80211_if_read_auto_open_plinks_38268 ieee80211_if_read_auto_open_plinks 3 38268 &SYSC_msgrcv_38268 nohasharray -+mthca_alloc_icm_table_38268 mthca_alloc_icm_table 4-3 38268 &ieee80211_if_read_auto_open_plinks_38268 -+xfs_bmdr_to_bmbt_38275 xfs_bmdr_to_bmbt 5 38275 NULL nohasharray -+xfs_bmbt_to_bmdr_38275 xfs_bmbt_to_bmdr 3 38275 &xfs_bmdr_to_bmbt_38275 ++ieee80211_if_read_auto_open_plinks_38268 ieee80211_if_read_auto_open_plinks 3 38268 NULL nohasharray ++SYSC_msgrcv_38268 SYSC_msgrcv 3 38268 &ieee80211_if_read_auto_open_plinks_38268 nohasharray ++mthca_alloc_icm_table_38268 mthca_alloc_icm_table 4-3 38268 &SYSC_msgrcv_38268 ++xfs_bmbt_to_bmdr_38275 xfs_bmbt_to_bmdr 3 38275 NULL nohasharray ++xfs_bmdr_to_bmbt_38275 xfs_bmdr_to_bmbt 5 38275 &xfs_bmbt_to_bmdr_38275 +ftdi_process_packet_38281 ftdi_process_packet 4 38281 NULL +gpa_to_gfn_38291 gpa_to_gfn 0-1 38291 NULL +ucma_query_path_38305 ucma_query_path 3 38305 NULL @@ -108033,8 +107955,8 @@ index 0000000..a0c9844 +ext3_trim_all_free_38929 ext3_trim_all_free 4-3-2 38929 NULL +il_dbgfs_sram_write_38942 il_dbgfs_sram_write 3 38942 NULL +__ath6kl_wmi_send_mgmt_cmd_38971 __ath6kl_wmi_send_mgmt_cmd 7 38971 NULL -+C_SYSC_preadv64_38977 C_SYSC_preadv64 3 38977 NULL nohasharray -+usb_maxpacket_38977 usb_maxpacket 0 38977 &C_SYSC_preadv64_38977 ++usb_maxpacket_38977 usb_maxpacket 0 38977 NULL nohasharray ++C_SYSC_preadv64_38977 C_SYSC_preadv64 3 38977 &usb_maxpacket_38977 +OSDSetBlock_38986 OSDSetBlock 2-4 38986 NULL +lpfc_idiag_extacc_write_38998 lpfc_idiag_extacc_write 3 38998 NULL +udf_new_block_38999 udf_new_block 4 38999 NULL @@ -108098,8 +108020,8 @@ index 0000000..a0c9844 +ext_depth_39607 ext_depth 0 39607 NULL +nfs_idmap_get_key_39616 nfs_idmap_get_key 2 39616 NULL +sdio_readb_39618 sdio_readb 0 39618 NULL -+set_dev_class_39645 set_dev_class 4 39645 NULL nohasharray -+dm_exception_table_init_39645 dm_exception_table_init 2 39645 &set_dev_class_39645 ++dm_exception_table_init_39645 dm_exception_table_init 2 39645 NULL nohasharray ++set_dev_class_39645 set_dev_class 4 39645 &dm_exception_table_init_39645 +snd_rme32_capture_copy_39653 snd_rme32_capture_copy 5 39653 NULL +tcp_try_rmem_schedule_39657 tcp_try_rmem_schedule 3 39657 NULL +kvm_read_guest_cached_39666 kvm_read_guest_cached 4 39666 NULL @@ -108543,8 +108465,8 @@ index 0000000..a0c9844 +usb_alloc_urb_43436 usb_alloc_urb 1 43436 NULL +ath6kl_wmi_roam_tbl_event_rx_43440 ath6kl_wmi_roam_tbl_event_rx 3 43440 NULL +ocfs2_rotate_tree_left_43442 ocfs2_rotate_tree_left 0 43442 NULL -+usemap_size_43443 usemap_size 0-2-1 43443 NULL nohasharray -+usb_string_43443 usb_string 0 43443 &usemap_size_43443 ++usb_string_43443 usb_string 0 43443 NULL nohasharray ++usemap_size_43443 usemap_size 0-2-1 43443 &usb_string_43443 +get_vm_area_size_43444 get_vm_area_size 0 43444 NULL +nvme_trans_device_id_page_43466 nvme_trans_device_id_page 4 43466 NULL +calculate_discard_block_size_43480 calculate_discard_block_size 0 43480 NULL nohasharray @@ -108853,8 +108775,8 @@ index 0000000..a0c9844 +dma_tx_errors_read_46060 dma_tx_errors_read 3 46060 &__ocfs2_move_extent_46060 +sel_commit_bools_write_46077 sel_commit_bools_write 3 46077 NULL +arizona_set_irq_wake_46101 arizona_set_irq_wake 2 46101 NULL -+memcg_update_array_size_46111 memcg_update_array_size 1 46111 NULL nohasharray -+il3945_ucode_general_stats_read_46111 il3945_ucode_general_stats_read 3 46111 &memcg_update_array_size_46111 ++il3945_ucode_general_stats_read_46111 il3945_ucode_general_stats_read 3 46111 NULL nohasharray ++memcg_update_array_size_46111 memcg_update_array_size 1 46111 &il3945_ucode_general_stats_read_46111 +C_SYSC_writev_46113 C_SYSC_writev 3 46113 NULL +mlx4_ib_alloc_fast_reg_page_list_46119 mlx4_ib_alloc_fast_reg_page_list 2 46119 NULL +paging32_walk_addr_nested_46121 paging32_walk_addr_nested 3 46121 NULL @@ -108874,8 +108796,8 @@ index 0000000..a0c9844 +mpi_read_raw_data_46248 mpi_read_raw_data 2 46248 NULL +ReadReg_46277 ReadReg 0 46277 NULL +sg_proc_write_dressz_46316 sg_proc_write_dressz 3 46316 NULL -+__hwahc_dev_set_key_46328 __hwahc_dev_set_key 5 46328 NULL nohasharray -+compat_SyS_readv_46328 compat_SyS_readv 3 46328 &__hwahc_dev_set_key_46328 ++compat_SyS_readv_46328 compat_SyS_readv 3 46328 NULL nohasharray ++__hwahc_dev_set_key_46328 __hwahc_dev_set_key 5 46328 &compat_SyS_readv_46328 +iwl_dbgfs_chain_noise_read_46355 iwl_dbgfs_chain_noise_read 3 46355 NULL +smk_write_direct_46363 smk_write_direct 3 46363 NULL +__iommu_calculate_agaw_46366 __iommu_calculate_agaw 2 46366 NULL @@ -109095,8 +109017,8 @@ index 0000000..a0c9844 +set_discoverable_48141 set_discoverable 4 48141 NULL +dn_fib_count_nhs_48145 dn_fib_count_nhs 0 48145 NULL +get_cur_inode_state_48149 get_cur_inode_state 0 48149 NULL -+_add_to_r4w_48152 _add_to_r4w 4 48152 NULL nohasharray -+bitmap_onto_48152 bitmap_onto 4 48152 &_add_to_r4w_48152 ++bitmap_onto_48152 bitmap_onto 4 48152 NULL nohasharray ++_add_to_r4w_48152 _add_to_r4w 4 48152 &bitmap_onto_48152 +isr_dma1_done_read_48159 isr_dma1_done_read 3 48159 NULL +c4iw_id_table_alloc_48163 c4iw_id_table_alloc 3 48163 NULL +ocfs2_find_next_zero_bit_unaligned_48170 ocfs2_find_next_zero_bit_unaligned 2-3 48170 NULL nohasharray @@ -109178,8 +109100,8 @@ index 0000000..a0c9844 +vc_do_resize_48842 vc_do_resize 4-3 48842 NULL +comedi_buf_write_alloc_48846 comedi_buf_write_alloc 0-2 48846 NULL +suspend_dtim_interval_write_48854 suspend_dtim_interval_write 3 48854 NULL -+C_SYSC_pwritev64_48864 C_SYSC_pwritev64 3 48864 NULL nohasharray -+viafb_dvp1_proc_write_48864 viafb_dvp1_proc_write 3 48864 &C_SYSC_pwritev64_48864 ++viafb_dvp1_proc_write_48864 viafb_dvp1_proc_write 3 48864 NULL nohasharray ++C_SYSC_pwritev64_48864 C_SYSC_pwritev64 3 48864 &viafb_dvp1_proc_write_48864 +ide_port_alloc_devices_48866 ide_port_alloc_devices 2 48866 NULL +__ffs_ep0_read_events_48868 __ffs_ep0_read_events 3 48868 NULL +ext2_alloc_branch_48889 ext2_alloc_branch 4 48889 NULL @@ -109435,8 +109357,8 @@ index 0000000..a0c9844 +dpcm_show_state_50827 dpcm_show_state 0 50827 NULL +acpi_ev_install_gpe_block_50829 acpi_ev_install_gpe_block 2 50829 NULL +SetArea_50835 SetArea 4 50835 NULL nohasharray -+create_mem_extents_50835 create_mem_extents 0 50835 &SetArea_50835 nohasharray -+mask_from_50835 mask_from 0-1-2 50835 &create_mem_extents_50835 ++mask_from_50835 mask_from 0-1-2 50835 &SetArea_50835 nohasharray ++create_mem_extents_50835 create_mem_extents 0 50835 &mask_from_50835 +videobuf_dma_init_user_50839 videobuf_dma_init_user 3-4 50839 NULL +btrfs_search_slot_for_read_50843 btrfs_search_slot_for_read 0 50843 NULL +self_check_write_50856 self_check_write 0-5 50856 NULL @@ -109528,8 +109450,8 @@ index 0000000..a0c9844 +load_pdptrs_51541 load_pdptrs 3 51541 NULL +__alloc_eip_netdev_51549 __alloc_eip_netdev 1 51549 NULL +ixgb_get_eeprom_len_51586 ixgb_get_eeprom_len 0 51586 NULL -+get_cur_path_51589 get_cur_path 0 51589 NULL nohasharray -+snd_interval_refine_first_51589 snd_interval_refine_first 0 51589 &get_cur_path_51589 ++snd_interval_refine_first_51589 snd_interval_refine_first 0 51589 NULL nohasharray ++get_cur_path_51589 get_cur_path 0 51589 &snd_interval_refine_first_51589 +aac_convert_sgraw2_51598 aac_convert_sgraw2 4 51598 NULL +table_size_to_number_of_entries_51613 table_size_to_number_of_entries 0-1 51613 NULL +extent_fiemap_51621 extent_fiemap 3 51621 NULL @@ -109565,8 +109487,8 @@ index 0000000..a0c9844 +get_indirect_ea_51869 get_indirect_ea 4 51869 NULL +user_read_51881 user_read 3 51881 NULL +dbAdjCtl_51888 dbAdjCtl 0 51888 NULL -+SyS_mq_timedsend_51896 SyS_mq_timedsend 3 51896 NULL nohasharray -+virt_to_phys_51896 virt_to_phys 0 51896 &SyS_mq_timedsend_51896 ++virt_to_phys_51896 virt_to_phys 0 51896 NULL nohasharray ++SyS_mq_timedsend_51896 SyS_mq_timedsend 3 51896 &virt_to_phys_51896 +commit_fs_roots_51898 commit_fs_roots 0 51898 NULL +uvhub_to_first_node_51916 uvhub_to_first_node 0 51916 NULL +wmi_set_ie_51919 wmi_set_ie 3 51919 NULL @@ -109778,8 +109700,8 @@ index 0000000..a0c9844 +nr_sendmsg_53656 nr_sendmsg 4 53656 NULL +fuse_fill_write_pages_53682 fuse_fill_write_pages 0-4 53682 NULL +v4l2_event_subscribe_53687 v4l2_event_subscribe 3 53687 NULL -+bdev_logical_block_size_53690 bdev_logical_block_size 0 53690 NULL nohasharray -+igb_alloc_q_vector_53690 igb_alloc_q_vector 6-4 53690 &bdev_logical_block_size_53690 ++igb_alloc_q_vector_53690 igb_alloc_q_vector 6-4 53690 NULL nohasharray ++bdev_logical_block_size_53690 bdev_logical_block_size 0 53690 &igb_alloc_q_vector_53690 +find_overflow_devnum_53711 find_overflow_devnum 0 53711 NULL +bio_integrity_split_53714 bio_integrity_split 3 53714 NULL +__ocfs2_resv_find_window_53721 __ocfs2_resv_find_window 3 53721 NULL @@ -109982,8 +109904,8 @@ index 0000000..a0c9844 +lov_get_stripecnt_55297 lov_get_stripecnt 0-3 55297 NULL +gsm_control_modem_55303 gsm_control_modem 3 55303 NULL +wimax_msg_len_55304 wimax_msg_len 0 55304 NULL -+__get_vm_area_node_55305 __get_vm_area_node 6 55305 NULL nohasharray -+qp_alloc_guest_work_55305 qp_alloc_guest_work 5-3 55305 &__get_vm_area_node_55305 ++qp_alloc_guest_work_55305 qp_alloc_guest_work 5-3 55305 NULL nohasharray ++__get_vm_area_node_55305 __get_vm_area_node 6 55305 &qp_alloc_guest_work_55305 +__vxge_hw_vpath_initialize_55328 __vxge_hw_vpath_initialize 2 55328 NULL +do_shmat_55336 do_shmat 5 55336 NULL +vme_user_read_55338 vme_user_read 3 55338 NULL @@ -110167,8 +110089,8 @@ index 0000000..a0c9844 +__bitmap_clear_bits_56912 __bitmap_clear_bits 3 56912 NULL +strcspn_56913 strcspn 0 56913 NULL +__kfifo_out_56927 __kfifo_out 0-3 56927 NULL -+CopyBufferToControlPacket_56933 CopyBufferToControlPacket 0 56933 NULL nohasharray -+journal_init_revoke_56933 journal_init_revoke 2 56933 &CopyBufferToControlPacket_56933 ++journal_init_revoke_56933 journal_init_revoke 2 56933 NULL nohasharray ++CopyBufferToControlPacket_56933 CopyBufferToControlPacket 0 56933 &journal_init_revoke_56933 +nouveau_xtensa_create__56952 nouveau_xtensa_create_ 8 56952 NULL +diva_get_driver_info_56967 diva_get_driver_info 0 56967 NULL +nouveau_device_create__56984 nouveau_device_create_ 6 56984 NULL @@ -110284,8 +110206,8 @@ index 0000000..a0c9844 +kiblnd_create_tx_pool_57846 kiblnd_create_tx_pool 2 57846 NULL +process_all_new_xattrs_57881 process_all_new_xattrs 0 57881 NULL +xt_alloc_table_info_57903 xt_alloc_table_info 1 57903 NULL -+iio_read_first_n_kfifo_57910 iio_read_first_n_kfifo 2 57910 NULL nohasharray -+atomic_add_return_unchecked_57910 atomic_add_return_unchecked 0-1 57910 &iio_read_first_n_kfifo_57910 ++atomic_add_return_unchecked_57910 atomic_add_return_unchecked 0-1 57910 NULL nohasharray ++iio_read_first_n_kfifo_57910 iio_read_first_n_kfifo 2 57910 &atomic_add_return_unchecked_57910 +memcg_caches_array_size_57918 memcg_caches_array_size 0-1 57918 NULL +twl_i2c_write_57923 twl_i2c_write 3-4 57923 NULL +__snd_gf1_look16_57925 __snd_gf1_look16 0 57925 NULL @@ -110525,8 +110447,8 @@ index 0000000..a0c9844 +xlog_bread_offset_60030 xlog_bread_offset 3 60030 NULL +bio_integrity_hw_sectors_60039 bio_integrity_hw_sectors 0-2 60039 NULL +do_ip6t_set_ctl_60040 do_ip6t_set_ctl 4 60040 NULL -+vcs_size_60050 vcs_size 0 60050 NULL nohasharray -+pin_2_irq_60050 pin_2_irq 0-3 60050 &vcs_size_60050 ++pin_2_irq_60050 pin_2_irq 0-3 60050 NULL nohasharray ++vcs_size_60050 vcs_size 0 60050 &pin_2_irq_60050 +gru_alloc_gts_60056 gru_alloc_gts 3-2 60056 NULL +open_cur_inode_file_60057 open_cur_inode_file 0 60057 NULL +compat_writev_60063 compat_writev 3 60063 NULL @@ -111153,12 +111075,12 @@ index 0000000..a0c9844 +nvme_trans_standard_inquiry_page_65526 nvme_trans_standard_inquiry_page 4 65526 NULL diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c new file mode 100644 -index 0000000..5515dcb +index 0000000..62a1ae8 --- /dev/null +++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,3927 @@ +@@ -0,0 +1,4050 @@ +/* -+ * Copyright 2011, 2012, 2013 by Emese Revfy <re.emese@gmail.com> ++ * Copyright 2011, 2012, 2013, 2014 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 + * + * Homepage: @@ -111286,7 +111208,7 @@ index 0000000..5515dcb +static tree dup_assign(struct pointer_set_t *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); + +static struct plugin_info size_overflow_plugin_info = { -+ .version = "20131214beta", ++ .version = "20140102beta", + .help = "no-size-overflow\tturn off size overflow checking\n", +}; + @@ -114733,6 +114655,141 @@ index 0000000..5515dcb + create_asm_stmt(str, build_string(1, "0"), build_string(3, "=rm"), &asm_data); +} + ++// Insert an asm stmt with "MARK_TURN_OFF", "MARK_YES" or "MARK_NOT_INTENTIONAL". ++static bool create_mark_asm(gimple stmt, enum mark mark) ++{ ++ struct asm_data asm_data; ++ const char *asm_str; ++ ++ switch (mark) { ++ case MARK_TURN_OFF: ++ asm_str = TURN_OFF_ASM_STR; ++ break; ++ case MARK_NOT_INTENTIONAL: ++ case MARK_YES: ++ asm_str = YES_ASM_STR; ++ break; ++ default: ++ gcc_unreachable(); ++ } ++ ++ asm_data.def_stmt = stmt; ++ asm_data.output = gimple_call_lhs(stmt); ++ ++ if (asm_data.output == NULL_TREE) { ++ asm_data.input = gimple_call_arg(stmt, 0); ++ if (is_gimple_constant(asm_data.input)) ++ return false; ++ asm_data.output = NULL; ++ create_asm_stmt(asm_str, build_string(2, "rm"), NULL, &asm_data); ++ return true; ++ } ++ ++ create_asm_input(stmt, 0, &asm_data); ++ gcc_assert(asm_data.input != NULL_TREE); ++ ++ create_asm_stmt(asm_str, build_string(1, "0"), build_string(3, "=rm"), &asm_data); ++ return true; ++} ++ ++static bool is_from_cast(const_tree node) ++{ ++ gimple def_stmt = get_def_stmt(node); ++ ++ if (!def_stmt) ++ return false; ++ ++ if (gimple_assign_cast_p(def_stmt)) ++ return true; ++ ++ return false; ++} ++ ++// Skip duplication when there is a minus expr and the type of rhs1 or rhs2 is a pointer_type. ++static bool skip_ptr_minus(gimple stmt) ++{ ++ const_tree rhs1, rhs2, ptr1_rhs, ptr2_rhs; ++ ++ if (gimple_assign_rhs_code(stmt) != MINUS_EXPR) ++ return false; ++ ++ rhs1 = gimple_assign_rhs1(stmt); ++ if (!is_from_cast(rhs1)) ++ return false; ++ ++ rhs2 = gimple_assign_rhs2(stmt); ++ if (!is_from_cast(rhs2)) ++ return false; ++ ++ ptr1_rhs = gimple_assign_rhs1(get_def_stmt(rhs1)); ++ ptr2_rhs = gimple_assign_rhs1(get_def_stmt(rhs2)); ++ ++ if (TREE_CODE(TREE_TYPE(ptr1_rhs)) != POINTER_TYPE && TREE_CODE(TREE_TYPE(ptr2_rhs)) != POINTER_TYPE) ++ return false; ++ ++ create_mark_asm(stmt, MARK_YES); ++ return true; ++} ++ ++static void walk_use_def_ptr(struct pointer_set_t *visited, const_tree lhs) ++{ ++ gimple def_stmt; ++ ++ def_stmt = get_def_stmt(lhs); ++ if (!def_stmt) ++ return; ++ ++ if (pointer_set_insert(visited, def_stmt)) ++ return; ++ ++ switch (gimple_code(def_stmt)) { ++ case GIMPLE_NOP: ++ case GIMPLE_ASM: ++ case GIMPLE_CALL: ++ break; ++ case GIMPLE_PHI: { ++ unsigned int i, n = gimple_phi_num_args(def_stmt); ++ ++ pointer_set_insert(visited, def_stmt); ++ ++ for (i = 0; i < n; i++) { ++ tree arg = gimple_phi_arg_def(def_stmt, i); ++ ++ walk_use_def_ptr(visited, arg); ++ } ++ } ++ case GIMPLE_ASSIGN: ++ switch (gimple_num_ops(def_stmt)) { ++ case 2: ++ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ return; ++ case 3: ++ if (skip_ptr_minus(def_stmt)) ++ return; ++ ++ walk_use_def_ptr(visited, gimple_assign_rhs1(def_stmt)); ++ walk_use_def_ptr(visited, gimple_assign_rhs2(def_stmt)); ++ return; ++ default: ++ return; ++ } ++ default: ++ debug_gimple_stmt((gimple)def_stmt); ++ error("%s: unknown gimple code", __func__); ++ gcc_unreachable(); ++ } ++} ++ ++// Look for a ptr - ptr expression (e.g., cpuset_common_file_read() s - page) ++static void insert_mark_not_intentional_asm_at_ptr(const_tree arg) ++{ ++ struct pointer_set_t *visited; ++ ++ visited = pointer_set_create(); ++ walk_use_def_ptr(visited, arg); ++ pointer_set_destroy(visited); ++} ++ +// Determine the return value and insert the asm stmt to mark the return stmt. +static void insert_asm_ret(gimple stmt) +{ @@ -114755,6 +114812,10 @@ index 0000000..5515dcb + + arg = gimple_call_arg(stmt, argnum - 1); + gcc_assert(arg != NULL_TREE); ++ ++ // skip all ptr - ptr expressions ++ insert_mark_not_intentional_asm_at_ptr(arg); ++ + create_size_overflow_asm(stmt, arg, argnum); +} + @@ -114814,35 +114875,17 @@ index 0000000..5515dcb + +/* + * Look up the intentional_overflow attribute that turns off ipa based duplication -+ * on the callee function, if found insert an asm stmt with "MARK_TURN_OFF". ++ * on the callee function. + */ -+static bool create_mark_turn_off_asm(gimple stmt) ++static bool is_mark_turn_off_attribute(gimple stmt) +{ + enum mark mark; -+ struct asm_data asm_data; + const_tree fndecl = gimple_call_fndecl(stmt); + + mark = get_intentional_attr_type(DECL_ORIGIN(fndecl)); -+ if (mark != MARK_TURN_OFF) -+ return false; -+ -+ asm_data.def_stmt = stmt; -+ asm_data.output = gimple_call_lhs(stmt); -+ -+ if (asm_data.output == NULL_TREE) { -+ asm_data.input = gimple_call_arg(stmt, 0); -+ if (is_gimple_constant(asm_data.input)) -+ return false; -+ asm_data.output = NULL; -+ create_asm_stmt(TURN_OFF_ASM_STR, build_string(2, "rm"), NULL, &asm_data); ++ if (mark == MARK_TURN_OFF) + return true; -+ } -+ -+ create_asm_input(stmt, 0, &asm_data); -+ gcc_assert(asm_data.input != NULL_TREE); -+ -+ create_asm_stmt(TURN_OFF_ASM_STR, build_string(1, "0"), build_string(3, "=rm"), &asm_data); -+ return true; ++ return false; +} + +// If the argument(s) of the callee function is/are in the hash table or are marked by an attribute then mark the call stmt with an asm stmt @@ -114859,8 +114902,10 @@ index 0000000..5515dcb + return; + fndecl = DECL_ORIGIN(fndecl); + -+ if (create_mark_turn_off_asm(stmt)) ++ if (is_mark_turn_off_attribute(stmt)) { ++ create_mark_asm(stmt, MARK_TURN_OFF); + return; ++ } + + search_interesting_args(fndecl, orig_argnums); + diff --git a/3.12.6/4425_grsec_remove_EI_PAX.patch b/3.12.7/4425_grsec_remove_EI_PAX.patch index cf65d90..cf65d90 100644 --- a/3.12.6/4425_grsec_remove_EI_PAX.patch +++ b/3.12.7/4425_grsec_remove_EI_PAX.patch diff --git a/3.12.6/4427_force_XATTR_PAX_tmpfs.patch b/3.12.7/4427_force_XATTR_PAX_tmpfs.patch index 23e60cd..23e60cd 100644 --- a/3.12.6/4427_force_XATTR_PAX_tmpfs.patch +++ b/3.12.7/4427_force_XATTR_PAX_tmpfs.patch diff --git a/3.12.6/4430_grsec-remove-localversion-grsec.patch b/3.12.7/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/3.12.6/4430_grsec-remove-localversion-grsec.patch +++ b/3.12.7/4430_grsec-remove-localversion-grsec.patch diff --git a/3.12.6/4435_grsec-mute-warnings.patch b/3.12.7/4435_grsec-mute-warnings.patch index ed941d5..ed941d5 100644 --- a/3.12.6/4435_grsec-mute-warnings.patch +++ b/3.12.7/4435_grsec-mute-warnings.patch diff --git a/3.12.6/4440_grsec-remove-protected-paths.patch b/3.12.7/4440_grsec-remove-protected-paths.patch index 05710b1..05710b1 100644 --- a/3.12.6/4440_grsec-remove-protected-paths.patch +++ b/3.12.7/4440_grsec-remove-protected-paths.patch diff --git a/3.12.6/4450_grsec-kconfig-default-gids.patch b/3.12.7/4450_grsec-kconfig-default-gids.patch index cdd1703..cdd1703 100644 --- a/3.12.6/4450_grsec-kconfig-default-gids.patch +++ b/3.12.7/4450_grsec-kconfig-default-gids.patch diff --git a/3.12.6/4465_selinux-avc_audit-log-curr_ip.patch b/3.12.7/4465_selinux-avc_audit-log-curr_ip.patch index 04ec3fb..04ec3fb 100644 --- a/3.12.6/4465_selinux-avc_audit-log-curr_ip.patch +++ b/3.12.7/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/3.12.6/4470_disable-compat_vdso.patch b/3.12.7/4470_disable-compat_vdso.patch index 209dfae..209dfae 100644 --- a/3.12.6/4470_disable-compat_vdso.patch +++ b/3.12.7/4470_disable-compat_vdso.patch diff --git a/3.12.6/4475_emutramp_default_on.patch b/3.12.7/4475_emutramp_default_on.patch index 30f6978..cfde6f8 100644 --- a/3.12.6/4475_emutramp_default_on.patch +++ b/3.12.7/4475_emutramp_default_on.patch @@ -10,7 +10,7 @@ See bug: diff -Naur linux-3.9.2-hardened.orig/security/Kconfig linux-3.9.2-hardened/security/Kconfig --- linux-3.9.2-hardened.orig/security/Kconfig 2013-05-18 08:53:41.000000000 -0400 +++ linux-3.9.2-hardened/security/Kconfig 2013-05-18 09:17:57.000000000 -0400 -@@ -428,7 +428,7 @@ +@@ -427,7 +427,7 @@ config PAX_EMUTRAMP bool "Emulate trampolines" if (PAX_PAGEEXEC || PAX_SEGMEXEC) && (PARISC || X86) diff --git a/3.2.54/0000_README b/3.2.54/0000_README index ffb2597..d65044f 100644 --- a/3.2.54/0000_README +++ b/3.2.54/0000_README @@ -134,7 +134,7 @@ Patch: 1053_linux-3.2.54.patch From: http://www.kernel.org Desc: Linux 3.2.54 -Patch: 4420_grsecurity-3.0-3.2.54-201401051649.patch +Patch: 4420_grsecurity-3.0-3.2.54-201401091839.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.2.54/4420_grsecurity-3.0-3.2.54-201401051649.patch b/3.2.54/4420_grsecurity-3.0-3.2.54-201401091839.patch index 3e204e8..5e87908 100644 --- a/3.2.54/4420_grsecurity-3.0-3.2.54-201401051649.patch +++ b/3.2.54/4420_grsecurity-3.0-3.2.54-201401091839.patch @@ -44214,43 +44214,10 @@ index 9350af9..68623c4 100644 int retval = -ENOMEM; diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c -index 106be0d..4a79e67 100644 +index 106be0d..45a52b5 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c -@@ -505,6 +505,10 @@ pci_write_config(struct file* filp, struct kobject *kobj, - loff_t init_off = off; - u8 *data = (u8*) buf; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - if (off > dev->cfg_size) - return 0; - if (off + count > dev->cfg_size) { -@@ -807,6 +811,10 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr, - resource_size_t start, end; - int i; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - for (i = 0; i < PCI_ROM_RESOURCE; i++) - if (res == &pdev->resource[i]) - break; -@@ -914,6 +922,10 @@ pci_write_resource_io(struct file *filp, struct kobject *kobj, - struct bin_attribute *attr, char *buf, - loff_t off, size_t count) - { -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - return pci_resource_io(filp, kobj, attr, buf, off, count, true); - } - -@@ -950,7 +962,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) +@@ -950,7 +950,7 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine) { /* allocate attribute structure, piggyback attribute name */ int name_len = write_combine ? 13 : 10; @@ -44259,7 +44226,7 @@ index 106be0d..4a79e67 100644 int retval; res_attr = kzalloc(sizeof(*res_attr) + name_len, GFP_ATOMIC); -@@ -1135,7 +1147,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor +@@ -1135,7 +1135,7 @@ static struct device_attribute reset_attr = __ATTR(reset, 0200, NULL, reset_stor static int pci_create_capabilities_sysfs(struct pci_dev *dev) { int retval; @@ -44268,7 +44235,7 @@ index 106be0d..4a79e67 100644 /* If the device has VPD, try to expose it in sysfs. */ if (dev->vpd) { -@@ -1182,7 +1194,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) +@@ -1182,7 +1182,7 @@ int __must_check pci_create_sysfs_dev_files (struct pci_dev *pdev) { int retval; int rom_size = 0; @@ -44321,43 +44288,10 @@ index 9005380..c497080 100644 if (!dev->mmio_always_on) { pci_read_config_word(dev, PCI_COMMAND, &orig_cmd); diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c -index 27911b5..2bf4653 100644 +index 27911b5..5b6db88 100644 --- a/drivers/pci/proc.c +++ b/drivers/pci/proc.c -@@ -135,6 +135,10 @@ proc_bus_pci_write(struct file *file, const char __user *buf, size_t nbytes, lof - int size = dp->size; - int cnt; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - if (pos >= size) - return 0; - if (nbytes >= size) -@@ -211,6 +215,10 @@ static long proc_bus_pci_ioctl(struct file *file, unsigned int cmd, - #endif /* HAVE_PCI_MMAP */ - int ret = 0; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - switch (cmd) { - case PCIIOC_CONTROLLER: - ret = pci_domain_nr(dev->bus); -@@ -251,6 +259,10 @@ static int proc_bus_pci_mmap(struct file *file, struct vm_area_struct *vma) - struct pci_filp_private *fpriv = file->private_data; - int i, ret; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM; -+#endif -+ - if (!capable(CAP_SYS_RAWIO)) - return -EPERM; - -@@ -476,7 +488,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { +@@ -476,7 +476,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { static int __init pci_proc_init(void) { struct pci_dev *dev = NULL; @@ -44374,21 +44308,6 @@ index 27911b5..2bf4653 100644 proc_create("devices", 0, proc_bus_pci_dir, &proc_bus_pci_dev_operations); proc_initialized = 1; -diff --git a/drivers/pci/syscall.c b/drivers/pci/syscall.c -index e1c1ec5..bef4210 100644 ---- a/drivers/pci/syscall.c -+++ b/drivers/pci/syscall.c -@@ -92,6 +92,10 @@ SYSCALL_DEFINE5(pciconfig_write, unsigned long, bus, unsigned long, dfn, - u32 dword; - int err = 0; - -+#ifdef CONFIG_GRKERNSEC_KMEM -+ return -EPERM -+#endif -+ - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c index 26fba2d..693b4d3 100644 --- a/drivers/platform/x86/asus-wmi.c |