diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2016-04-16 12:17:42 -0400 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2016-04-16 12:17:42 -0400 |
| commit | a60602ca4172ca8b380e52588f7902afeb9aad57 (patch) | |
| tree | f78882313a6cb74d1cec5fb0e08239e3eed92eef | |
| parent | grsecurity-3.1-4.4.6-201604100830 (diff) | |
| download | hardened-patchset-a60602ca4172ca8b380e52588f7902afeb9aad57.tar.gz hardened-patchset-a60602ca4172ca8b380e52588f7902afeb9aad57.tar.bz2 hardened-patchset-a60602ca4172ca8b380e52588f7902afeb9aad57.zip | |
grsecurity-3.1-4.4.7-20160415220820160415
| -rw-r--r-- | 4.4.7/0000_README (renamed from 4.4.6/0000_README) | 2 | ||||
| -rw-r--r-- | 4.4.7/4420_grsecurity-3.1-4.4.7-201604152208.patch (renamed from 4.4.6/4420_grsecurity-3.1-4.4.6-201604100830.patch) | 838 | ||||
| -rw-r--r-- | 4.4.7/4425_grsec_remove_EI_PAX.patch (renamed from 4.4.6/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4427_force_XATTR_PAX_tmpfs.patch (renamed from 4.4.6/4427_force_XATTR_PAX_tmpfs.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4430_grsec-remove-localversion-grsec.patch (renamed from 4.4.6/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4435_grsec-mute-warnings.patch (renamed from 4.4.6/4435_grsec-mute-warnings.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4440_grsec-remove-protected-paths.patch (renamed from 4.4.6/4440_grsec-remove-protected-paths.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4450_grsec-kconfig-default-gids.patch (renamed from 4.4.6/4450_grsec-kconfig-default-gids.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 4.4.6/4465_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4470_disable-compat_vdso.patch (renamed from 4.4.6/4470_disable-compat_vdso.patch) | 0 | ||||
| -rw-r--r-- | 4.4.7/4475_emutramp_default_on.patch (renamed from 4.4.6/4475_emutramp_default_on.patch) | 0 |
11 files changed, 281 insertions, 559 deletions
diff --git a/4.4.6/0000_README b/4.4.7/0000_README index 938fbaa..afa79df 100644 --- a/4.4.6/0000_README +++ b/4.4.7/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-4.4.6-201604100830.patch +Patch: 4420_grsecurity-3.1-4.4.7-201604152208.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.4.6/4420_grsecurity-3.1-4.4.6-201604100830.patch b/4.4.7/4420_grsecurity-3.1-4.4.7-201604152208.patch index 62aa16c..e6ad811 100644 --- a/4.4.6/4420_grsecurity-3.1-4.4.6-201604100830.patch +++ b/4.4.7/4420_grsecurity-3.1-4.4.7-201604152208.patch @@ -449,7 +449,7 @@ index af70d15..ccd3786 100644 A toggle value indicating if modules are allowed to be loaded diff --git a/Makefile b/Makefile -index 87d12b4..b9e0477 100644 +index 5a493e7..70a9fb1 100644 --- a/Makefile +++ b/Makefile @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -12115,19 +12115,6 @@ index e3abe6f..ae224ef 100644 #This will adjust *FLAGS accordingly to the platform. include $(ARCH_DIR)/Makefile-os-$(OS) -diff --git a/arch/um/drivers/mconsole_kern.c b/arch/um/drivers/mconsole_kern.c -index 29880c9..e22e572 100644 ---- a/arch/um/drivers/mconsole_kern.c -+++ b/arch/um/drivers/mconsole_kern.c -@@ -133,7 +133,7 @@ void mconsole_proc(struct mc_request *req) - ptr += strlen("proc"); - ptr = skip_spaces(ptr); - -- file = file_open_root(mnt->mnt_root, mnt, ptr, O_RDONLY); -+ file = file_open_root(mnt->mnt_root, mnt, ptr, O_RDONLY, 0); - if (IS_ERR(file)) { - mconsole_reply(req, "Failed to open file", 1, 0); - printk(KERN_ERR "open /proc/%s: %ld\n", ptr, PTR_ERR(file)); diff --git a/arch/um/include/asm/cache.h b/arch/um/include/asm/cache.h index 19e1bdd..3665b77 100644 --- a/arch/um/include/asm/cache.h @@ -12231,7 +12218,7 @@ index ad8f795..2c7eec6 100644 /* * Memory returned by kmalloc() may be used for DMA, so we must make diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig -index db3622f..8a6202c 100644 +index 436639a..3d211bb 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -36,14 +36,13 @@ config X86 @@ -12284,7 +12271,7 @@ index db3622f..8a6202c 100644 default y depends on MODIFY_LDT_SYSCALL ---help--- -@@ -1192,6 +1193,7 @@ choice +@@ -1193,6 +1194,7 @@ choice config NOHIGHMEM bool "off" @@ -12292,7 +12279,7 @@ index db3622f..8a6202c 100644 ---help--- Linux can use up to 64 Gigabytes of physical memory on x86 systems. However, the address space of 32-bit x86 processors is only 4 -@@ -1228,6 +1230,7 @@ config NOHIGHMEM +@@ -1229,6 +1231,7 @@ config NOHIGHMEM config HIGHMEM4G bool "4GB" @@ -12300,7 +12287,7 @@ index db3622f..8a6202c 100644 ---help--- Select this if you have a 32-bit processor and between 1 and 4 gigabytes of physical RAM. -@@ -1280,7 +1283,7 @@ config PAGE_OFFSET +@@ -1281,7 +1284,7 @@ config PAGE_OFFSET hex default 0xB0000000 if VMSPLIT_3G_OPT default 0x80000000 if VMSPLIT_2G @@ -12309,7 +12296,7 @@ index db3622f..8a6202c 100644 default 0x40000000 if VMSPLIT_1G default 0xC0000000 depends on X86_32 -@@ -1301,7 +1304,6 @@ config X86_PAE +@@ -1302,7 +1305,6 @@ config X86_PAE config ARCH_PHYS_ADDR_T_64BIT def_bool y @@ -12317,7 +12304,7 @@ index db3622f..8a6202c 100644 config ARCH_DMA_ADDR_T_64BIT def_bool y -@@ -1432,7 +1434,7 @@ config ARCH_PROC_KCORE_TEXT +@@ -1433,7 +1435,7 @@ config ARCH_PROC_KCORE_TEXT config ILLEGAL_POINTER_VALUE hex @@ -12326,7 +12313,7 @@ index db3622f..8a6202c 100644 default 0xdead000000000000 if X86_64 source "mm/Kconfig" -@@ -1741,6 +1743,7 @@ source kernel/Kconfig.hz +@@ -1742,6 +1744,7 @@ source kernel/Kconfig.hz config KEXEC bool "kexec system call" select KEXEC_CORE @@ -12334,7 +12321,7 @@ index db3622f..8a6202c 100644 ---help--- kexec is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot -@@ -1923,7 +1926,9 @@ config X86_NEED_RELOCS +@@ -1924,7 +1927,9 @@ config X86_NEED_RELOCS config PHYSICAL_ALIGN hex "Alignment value to which kernel should be aligned" @@ -12345,7 +12332,7 @@ index db3622f..8a6202c 100644 range 0x2000 0x1000000 if X86_32 range 0x200000 0x1000000 if X86_64 ---help--- -@@ -2006,6 +2011,7 @@ config COMPAT_VDSO +@@ -2007,6 +2012,7 @@ config COMPAT_VDSO def_bool n prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)" depends on X86_32 || IA32_EMULATION @@ -12353,7 +12340,7 @@ index db3622f..8a6202c 100644 ---help--- Certain buggy versions of glibc will crash if they are presented with a 32-bit vDSO that is not mapped at the address -@@ -2046,15 +2052,6 @@ choice +@@ -2047,15 +2053,6 @@ choice If unsure, select "Emulate". @@ -12369,7 +12356,7 @@ index db3622f..8a6202c 100644 config LEGACY_VSYSCALL_EMULATE bool "Emulate" help -@@ -2135,6 +2132,22 @@ config MODIFY_LDT_SYSCALL +@@ -2136,6 +2133,22 @@ config MODIFY_LDT_SYSCALL Saying 'N' here may make sense for embedded or server kernels. @@ -14538,7 +14525,7 @@ index 3c71dd9..008b8db 100644 .macro REMOVE_PT_GPREGS_FROM_STACK addskip=0 diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c -index 0366374..61ed739 100644 +index 1a4477c..9bc8a3a 100644 --- a/arch/x86/entry/common.c +++ b/arch/x86/entry/common.c @@ -32,9 +32,7 @@ @@ -14608,7 +14595,7 @@ index 0366374..61ed739 100644 } #define EXIT_TO_USERMODE_LOOP_FLAGS \ -@@ -306,7 +318,7 @@ static void syscall_slow_exit_work(struct pt_regs *regs, u32 cached_flags) +@@ -317,7 +329,7 @@ static void syscall_slow_exit_work(struct pt_regs *regs, u32 cached_flags) step = unlikely( (cached_flags & (_TIF_SINGLESTEP | _TIF_SYSCALL_EMU)) == _TIF_SINGLESTEP); @@ -14617,7 +14604,7 @@ index 0366374..61ed739 100644 tracehook_report_syscall_exit(regs, step); } -@@ -325,6 +337,11 @@ __visible inline void syscall_return_slowpath(struct pt_regs *regs) +@@ -336,6 +348,11 @@ __visible inline void syscall_return_slowpath(struct pt_regs *regs) WARN(irqs_disabled(), "syscall %ld left IRQs disabled", regs->orig_ax)) local_irq_enable(); @@ -14629,7 +14616,7 @@ index 0366374..61ed739 100644 /* * First do one-time work. If these work items are enabled, we * want to run them exactly once per syscall exit with IRQs on. -@@ -412,6 +429,7 @@ __visible long do_fast_syscall_32(struct pt_regs *regs) +@@ -415,6 +432,7 @@ __visible long do_fast_syscall_32(struct pt_regs *regs) unsigned long landing_pad = (unsigned long)current->mm->context.vdso + vdso_image_32.sym_int80_landing_pad; @@ -14637,7 +14624,7 @@ index 0366374..61ed739 100644 /* * SYSENTER loses EIP, and even SYSCALL32 needs us to skip forward -@@ -432,11 +450,9 @@ __visible long do_fast_syscall_32(struct pt_regs *regs) +@@ -435,11 +453,9 @@ __visible long do_fast_syscall_32(struct pt_regs *regs) * Micro-optimization: the pointer we're following is explicitly * 32 bits, so it can't be out of range. */ @@ -17047,7 +17034,7 @@ index 7bfc85b..65d1ec4 100644 ALTINSTR_REPLACEMENT(newinstr2, feature2, 2) \ ".popsection" diff --git a/arch/x86/include/asm/apic.h b/arch/x86/include/asm/apic.h -index a30316b..db419a1 100644 +index 163769d..d41133e 100644 --- a/arch/x86/include/asm/apic.h +++ b/arch/x86/include/asm/apic.h @@ -45,7 +45,7 @@ static inline void generic_apic_probe(void) @@ -18890,10 +18877,10 @@ index b4c1f54..e290c08 100644 pagefault_enable(); diff --git a/arch/x86/include/asm/hw_irq.h b/arch/x86/include/asm/hw_irq.h -index 1e3408e..67c5ba1 100644 +index 59caa55..e4d3fec 100644 --- a/arch/x86/include/asm/hw_irq.h +++ b/arch/x86/include/asm/hw_irq.h -@@ -158,8 +158,8 @@ static inline void unlock_vector_lock(void) {} +@@ -159,8 +159,8 @@ static inline void unlock_vector_lock(void) {} #endif /* CONFIG_X86_LOCAL_APIC */ /* Statistics */ @@ -22953,7 +22940,7 @@ index 7694ae6..5abb08e 100644 static int cmdline_apic __initdata; diff --git a/arch/x86/kernel/apic/vector.c b/arch/x86/kernel/apic/vector.c -index a35f6b5..cced8817 100644 +index 7af2505..d1ea63f 100644 --- a/arch/x86/kernel/apic/vector.c +++ b/arch/x86/kernel/apic/vector.c @@ -36,6 +36,7 @@ static struct irq_chip lapic_controller; @@ -23730,10 +23717,10 @@ index 01dd870..6fd1c59 100644 wmb(); diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c -index ce47402..4a6bdf8 100644 +index ac8975a..37d9aa6 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c -@@ -1014,13 +1014,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device, +@@ -1016,13 +1016,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device, static int get_ucode_user(void *to, const void *from, size_t n) { @@ -23813,10 +23800,10 @@ index 951884d..4796b75 100644 extern int generic_get_free_region(unsigned long base, unsigned long size, int replace_reg); diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c -index 2bf79d7..c188219 100644 +index a3aeb2c..935e1d7 100644 --- a/arch/x86/kernel/cpu/perf_event.c +++ b/arch/x86/kernel/cpu/perf_event.c -@@ -1518,7 +1518,7 @@ static void __init pmu_check_apic(void) +@@ -1531,7 +1531,7 @@ static void __init pmu_check_apic(void) } @@ -23825,7 +23812,7 @@ index 2bf79d7..c188219 100644 .name = "format", .attrs = NULL, }; -@@ -1617,7 +1617,7 @@ static struct attribute *events_attr[] = { +@@ -1630,7 +1630,7 @@ static struct attribute *events_attr[] = { NULL, }; @@ -23834,7 +23821,7 @@ index 2bf79d7..c188219 100644 .name = "events", .attrs = events_attr, }; -@@ -2203,7 +2203,7 @@ valid_user_frame(const void __user *fp, unsigned long size) +@@ -2216,7 +2216,7 @@ valid_user_frame(const void __user *fp, unsigned long size) static unsigned long get_segment_base(unsigned int segment) { struct desc_struct *desc; @@ -23843,7 +23830,7 @@ index 2bf79d7..c188219 100644 if ((segment & SEGMENT_TI_MASK) == SEGMENT_LDT) { #ifdef CONFIG_MODIFY_LDT_SYSCALL -@@ -2225,7 +2225,7 @@ static unsigned long get_segment_base(unsigned int segment) +@@ -2238,7 +2238,7 @@ static unsigned long get_segment_base(unsigned int segment) if (idx > GDT_ENTRIES) return 0; @@ -23852,7 +23839,7 @@ index 2bf79d7..c188219 100644 } return get_desc_base(desc); -@@ -2315,7 +2315,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) +@@ -2328,7 +2328,7 @@ perf_callchain_user(struct perf_callchain_entry *entry, struct pt_regs *regs) break; perf_callchain_store(entry, frame.return_address); @@ -23862,10 +23849,10 @@ index 2bf79d7..c188219 100644 } diff --git a/arch/x86/kernel/cpu/perf_event.h b/arch/x86/kernel/cpu/perf_event.h -index d0e35eb..5e98530 100644 +index ee70445..7c6859c 100644 --- a/arch/x86/kernel/cpu/perf_event.h +++ b/arch/x86/kernel/cpu/perf_event.h -@@ -791,7 +791,7 @@ static inline void set_linear_ip(struct pt_regs *regs, unsigned long ip) +@@ -792,7 +792,7 @@ static inline void set_linear_ip(struct pt_regs *regs, unsigned long ip) regs->cs = kernel_ip(ip) ? __KERNEL_CS : __USER_CS; if (regs->flags & X86_VM_MASK) regs->flags ^= (PERF_EFLAGS_VM | X86_VM_MASK); @@ -23888,10 +23875,10 @@ index 97242a9..cf9c30e 100644 while (amd_iommu_v2_event_descs[i].attr.attr.name) diff --git a/arch/x86/kernel/cpu/perf_event_intel.c b/arch/x86/kernel/cpu/perf_event_intel.c -index e2a4300..1df45be 100644 +index 078de2e..7ac50e5 100644 --- a/arch/x86/kernel/cpu/perf_event_intel.c +++ b/arch/x86/kernel/cpu/perf_event_intel.c -@@ -2119,6 +2119,8 @@ __intel_get_event_constraints(struct cpu_hw_events *cpuc, int idx, +@@ -2140,6 +2140,8 @@ __intel_get_event_constraints(struct cpu_hw_events *cpuc, int idx, } static void @@ -23900,7 +23887,7 @@ index e2a4300..1df45be 100644 intel_start_scheduling(struct cpu_hw_events *cpuc) { struct intel_excl_cntrs *excl_cntrs = cpuc->excl_cntrs; -@@ -2128,14 +2130,18 @@ intel_start_scheduling(struct cpu_hw_events *cpuc) +@@ -2149,14 +2151,18 @@ intel_start_scheduling(struct cpu_hw_events *cpuc) /* * nothing needed if in group validation mode */ @@ -23921,7 +23908,7 @@ index e2a4300..1df45be 100644 xl = &excl_cntrs->states[tid]; -@@ -2175,6 +2181,8 @@ static void intel_commit_scheduling(struct cpu_hw_events *cpuc, int idx, int cnt +@@ -2196,6 +2202,8 @@ static void intel_commit_scheduling(struct cpu_hw_events *cpuc, int idx, int cnt } static void @@ -23930,7 +23917,7 @@ index e2a4300..1df45be 100644 intel_stop_scheduling(struct cpu_hw_events *cpuc) { struct intel_excl_cntrs *excl_cntrs = cpuc->excl_cntrs; -@@ -2184,13 +2192,18 @@ intel_stop_scheduling(struct cpu_hw_events *cpuc) +@@ -2205,13 +2213,18 @@ intel_stop_scheduling(struct cpu_hw_events *cpuc) /* * nothing needed if in group validation mode */ @@ -23951,7 +23938,7 @@ index e2a4300..1df45be 100644 xl = &excl_cntrs->states[tid]; -@@ -2373,19 +2386,22 @@ static void intel_put_excl_constraints(struct cpu_hw_events *cpuc, +@@ -2394,19 +2407,22 @@ static void intel_put_excl_constraints(struct cpu_hw_events *cpuc, * unused now. */ if (hwc->idx >= 0) { @@ -23976,7 +23963,7 @@ index e2a4300..1df45be 100644 raw_spin_unlock(&excl_cntrs->lock); } } -@@ -3258,10 +3274,10 @@ __init int intel_pmu_init(void) +@@ -3279,10 +3295,10 @@ __init int intel_pmu_init(void) x86_pmu.num_counters_fixed = max((int)edx.split.num_counters_fixed, 3); if (boot_cpu_has(X86_FEATURE_PDCM)) { @@ -24037,10 +24024,10 @@ index a316ca9..99344f4 100644 ret = intel_cqm_setup_rmid_cache(); if (ret) diff --git a/arch/x86/kernel/cpu/perf_event_intel_ds.c b/arch/x86/kernel/cpu/perf_event_intel_ds.c -index 5db1c77..7acef35 100644 +index 7abb2b8..ea24517 100644 --- a/arch/x86/kernel/cpu/perf_event_intel_ds.c +++ b/arch/x86/kernel/cpu/perf_event_intel_ds.c -@@ -589,7 +589,7 @@ int intel_pmu_drain_bts_buffer(void) +@@ -598,7 +598,7 @@ int intel_pmu_drain_bts_buffer(void) static inline void intel_pmu_drain_pebs_buffer(void) { @@ -24049,7 +24036,7 @@ index 5db1c77..7acef35 100644 x86_pmu.drain_pebs(®s); } -@@ -860,7 +860,7 @@ static int intel_pmu_pebs_fixup_ip(struct pt_regs *regs) +@@ -869,7 +869,7 @@ static int intel_pmu_pebs_fixup_ip(struct pt_regs *regs) struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events); unsigned long from = cpuc->lbr_entries[0].from; unsigned long old_to, to = cpuc->lbr_entries[0].to; @@ -24058,7 +24045,7 @@ index 5db1c77..7acef35 100644 int is_64bit = 0; void *kaddr; int size; -@@ -912,6 +912,7 @@ static int intel_pmu_pebs_fixup_ip(struct pt_regs *regs) +@@ -921,6 +921,7 @@ static int intel_pmu_pebs_fixup_ip(struct pt_regs *regs) } else { kaddr = (void *)to; } @@ -24066,7 +24053,7 @@ index 5db1c77..7acef35 100644 do { struct insn insn; -@@ -1060,7 +1061,7 @@ static void setup_pebs_sample_data(struct perf_event *event, +@@ -1069,7 +1070,7 @@ static void setup_pebs_sample_data(struct perf_event *event, } if (event->attr.precise_ip > 1 && x86_pmu.intel_cap.pebs_format >= 2) { @@ -26117,7 +26104,7 @@ index a979b5b..1d6db75 100644 .callback = dmi_io_delay_0xed_port, .ident = "Compaq Presario V6000", diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c -index 37dae79..620dd84 100644 +index 589b319..41d6575 100644 --- a/arch/x86/kernel/ioport.c +++ b/arch/x86/kernel/ioport.c @@ -6,6 +6,7 @@ @@ -26150,7 +26137,7 @@ index 37dae79..620dd84 100644 if (turn_on) bitmap_clear(t->io_bitmap_ptr, from, num); -@@ -105,6 +112,12 @@ SYSCALL_DEFINE1(iopl, unsigned int, level) +@@ -110,6 +117,12 @@ SYSCALL_DEFINE1(iopl, unsigned int, level) if (level > old) { if (!capable(CAP_SYS_RAWIO)) return -EPERM; @@ -26161,8 +26148,8 @@ index 37dae79..620dd84 100644 + } +#endif } - regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12); - t->iopl = level << 12; + regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | + (level << X86_EFLAGS_IOPL_BIT); diff --git a/arch/x86/kernel/irq.c b/arch/x86/kernel/irq.c index 61521dc..5ce5a37 100644 --- a/arch/x86/kernel/irq.c @@ -27791,10 +27778,10 @@ index 9f95091..6885108 100644 return prev_p; } diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c -index e835d26..65762c9 100644 +index 4cbb60f..7cc4cb4 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c -@@ -159,9 +159,10 @@ int copy_thread_tls(unsigned long clone_flags, unsigned long sp, +@@ -160,9 +160,10 @@ int copy_thread_tls(unsigned long clone_flags, unsigned long sp, struct pt_regs *childregs; struct task_struct *me = current; @@ -27806,7 +27793,7 @@ index e835d26..65762c9 100644 set_tsk_thread_flag(p, TIF_FORK); p->thread.io_bitmap_ptr = NULL; -@@ -171,6 +172,8 @@ int copy_thread_tls(unsigned long clone_flags, unsigned long sp, +@@ -172,6 +173,8 @@ int copy_thread_tls(unsigned long clone_flags, unsigned long sp, p->thread.fs = p->thread.fsindex ? 0 : me->thread.fs; savesegment(es, p->thread.es); savesegment(ds, p->thread.ds); @@ -27815,7 +27802,7 @@ index e835d26..65762c9 100644 memset(p->thread.ptrace_bps, 0, sizeof(p->thread.ptrace_bps)); if (unlikely(p->flags & PF_KTHREAD)) { -@@ -278,7 +281,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -279,7 +282,7 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) struct fpu *prev_fpu = &prev->fpu; struct fpu *next_fpu = &next->fpu; int cpu = smp_processor_id(); @@ -27824,7 +27811,7 @@ index e835d26..65762c9 100644 unsigned fsindex, gsindex; fpu_switch_t fpu_switch; -@@ -329,6 +332,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -330,6 +333,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) if (unlikely(next->ds | prev->ds)) loadsegment(ds, next->ds); @@ -27835,7 +27822,7 @@ index e835d26..65762c9 100644 /* * Switch FS and GS. * -@@ -400,10 +407,13 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) +@@ -401,10 +408,13 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p) * Switch the PDA and FPU contexts. */ this_cpu_write(current_task, next_p); @@ -29709,7 +29696,7 @@ index 899c40f..a114588 100644 .disabled_by_bios = is_disabled, .hardware_setup = svm_hardware_setup, diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 0958fa2..4d1af52 100644 +index f34ab71..049ebd8 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -1514,12 +1514,12 @@ static void vmcs_write64(unsigned long field, u64 value) @@ -29759,7 +29746,7 @@ index 0958fa2..4d1af52 100644 { u64 host_tsc, tsc_offset; -@@ -4626,7 +4634,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4633,7 +4641,10 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) unsigned long cr4; vmcs_writel(HOST_CR0, read_cr0() & ~X86_CR0_TS); /* 22.2.3 */ @@ -29770,7 +29757,7 @@ index 0958fa2..4d1af52 100644 /* Save the most likely value for this task's CR4 in the VMCS. */ cr4 = cr4_read_shadow(); -@@ -4653,7 +4664,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) +@@ -4660,7 +4671,7 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ vmx->host_idt_base = dt.address; @@ -29779,7 +29766,7 @@ index 0958fa2..4d1af52 100644 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); vmcs_write32(HOST_IA32_SYSENTER_CS, low32); -@@ -6203,11 +6214,17 @@ static __init int hardware_setup(void) +@@ -6210,11 +6221,17 @@ static __init int hardware_setup(void) * page upon invalidation. No need to do anything if not * using the APIC_ACCESS_ADDR VMCS field. */ @@ -29799,7 +29786,7 @@ index 0958fa2..4d1af52 100644 if (enable_ept && !cpu_has_vmx_ept_2m_page()) kvm_disable_largepages(); -@@ -6224,6 +6241,7 @@ static __init int hardware_setup(void) +@@ -6231,6 +6248,7 @@ static __init int hardware_setup(void) kvm_tsc_scaling_ratio_frac_bits = 48; } @@ -29807,7 +29794,7 @@ index 0958fa2..4d1af52 100644 if (enable_apicv) kvm_x86_ops->update_cr8_intercept = NULL; else { -@@ -6232,6 +6250,7 @@ static __init int hardware_setup(void) +@@ -6239,6 +6257,7 @@ static __init int hardware_setup(void) kvm_x86_ops->deliver_posted_interrupt = NULL; kvm_x86_ops->sync_pir_to_irr = vmx_sync_pir_to_irr_dummy; } @@ -29815,7 +29802,7 @@ index 0958fa2..4d1af52 100644 vmx_disable_intercept_for_msr(MSR_FS_BASE, false); vmx_disable_intercept_for_msr(MSR_GS_BASE, false); -@@ -6286,10 +6305,12 @@ static __init int hardware_setup(void) +@@ -6293,10 +6312,12 @@ static __init int hardware_setup(void) enable_pml = 0; if (!enable_pml) { @@ -29828,23 +29815,7 @@ index 0958fa2..4d1af52 100644 } kvm_set_posted_intr_wakeup_handler(wakeup_handler); -@@ -7340,6 +7361,7 @@ static int handle_invept(struct kvm_vcpu *vcpu) - if (!(types & (1UL << type))) { - nested_vmx_failValid(vcpu, - VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID); -+ skip_emulated_instruction(vcpu); - return 1; - } - -@@ -7398,6 +7420,7 @@ static int handle_invvpid(struct kvm_vcpu *vcpu) - if (!(types & (1UL << type))) { - nested_vmx_failValid(vcpu, - VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID); -+ skip_emulated_instruction(vcpu); - return 1; - } - -@@ -8601,6 +8624,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8615,6 +8636,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) "jmp 2f \n\t" "1: " __ex(ASM_VMX_VMRESUME) "\n\t" "2: " @@ -29857,7 +29828,7 @@ index 0958fa2..4d1af52 100644 /* Save guest registers, load host registers, keep flags */ "mov %0, %c[wordsize](%%" _ASM_SP ") \n\t" "pop %0 \n\t" -@@ -8653,6 +8682,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8667,6 +8694,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) #endif [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), [wordsize]"i"(sizeof(ulong)) @@ -29869,7 +29840,7 @@ index 0958fa2..4d1af52 100644 : "cc", "memory" #ifdef CONFIG_X86_64 , "rax", "rbx", "rdi", "rsi" -@@ -8666,7 +8700,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8680,7 +8712,7 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) if (debugctlmsr) update_debugctlmsr(debugctlmsr); @@ -29878,7 +29849,7 @@ index 0958fa2..4d1af52 100644 /* * The sysexit path does not restore ds/es, so we must set them to * a reasonable value ourselves. -@@ -8675,8 +8709,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -8689,8 +8721,18 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) * may be executed in interrupt context, which saves and restore segments * around it, nullifying its effect. */ @@ -29899,7 +29870,7 @@ index 0958fa2..4d1af52 100644 #endif vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) -@@ -10758,7 +10802,7 @@ out: +@@ -10772,7 +10814,7 @@ out: return ret; } @@ -29909,7 +29880,7 @@ index 0958fa2..4d1af52 100644 .disabled_by_bios = vmx_disabled_by_bios, .hardware_setup = hardware_setup, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index d294502..af80bcb 100644 +index 8bfc5fc..d94e9e3 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1937,8 +1937,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) @@ -29932,7 +29903,7 @@ index d294502..af80bcb 100644 if (copy_to_user(user_msr_list->indices, &msrs_to_save, num_msrs_to_save * sizeof(u32))) goto out; -@@ -3028,7 +3030,7 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, +@@ -3029,7 +3031,7 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu, static void fill_xsave(u8 *dest, struct kvm_vcpu *vcpu) { @@ -29941,7 +29912,7 @@ index d294502..af80bcb 100644 u64 xstate_bv = xsave->header.xfeatures; u64 valid; -@@ -3064,7 +3066,7 @@ static void fill_xsave(u8 *dest, struct kvm_vcpu *vcpu) +@@ -3065,7 +3067,7 @@ static void fill_xsave(u8 *dest, struct kvm_vcpu *vcpu) static void load_xsave(struct kvm_vcpu *vcpu, u8 *src) { @@ -29950,7 +29921,7 @@ index d294502..af80bcb 100644 u64 xstate_bv = *(u64 *)(src + XSAVE_HDR_OFFSET); u64 valid; -@@ -3108,7 +3110,7 @@ static void kvm_vcpu_ioctl_x86_get_xsave(struct kvm_vcpu *vcpu, +@@ -3109,7 +3111,7 @@ static void kvm_vcpu_ioctl_x86_get_xsave(struct kvm_vcpu *vcpu, fill_xsave((u8 *) guest_xsave->region, vcpu); } else { memcpy(guest_xsave->region, @@ -29959,7 +29930,7 @@ index d294502..af80bcb 100644 sizeof(struct fxregs_state)); *(u64 *)&guest_xsave->region[XSAVE_HDR_OFFSET / sizeof(u32)] = XFEATURE_MASK_FPSSE; -@@ -3133,7 +3135,7 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, +@@ -3134,7 +3136,7 @@ static int kvm_vcpu_ioctl_x86_set_xsave(struct kvm_vcpu *vcpu, } else { if (xstate_bv & ~XFEATURE_MASK_FPSSE) return -EINVAL; @@ -29968,7 +29939,7 @@ index d294502..af80bcb 100644 guest_xsave->region, sizeof(struct fxregs_state)); } return 0; -@@ -6363,6 +6365,7 @@ void kvm_arch_mmu_notifier_invalidate_page(struct kvm *kvm, +@@ -6364,6 +6366,7 @@ void kvm_arch_mmu_notifier_invalidate_page(struct kvm *kvm, * exiting to the userspace. Otherwise, the value will be returned to the * userspace. */ @@ -29976,7 +29947,7 @@ index d294502..af80bcb 100644 static int vcpu_enter_guest(struct kvm_vcpu *vcpu) { int r; -@@ -6611,6 +6614,7 @@ out: +@@ -6612,6 +6615,7 @@ out: return r; } @@ -29984,7 +29955,7 @@ index d294502..af80bcb 100644 static inline int vcpu_block(struct kvm *kvm, struct kvm_vcpu *vcpu) { if (!kvm_arch_vcpu_runnable(vcpu) && -@@ -7158,7 +7162,7 @@ int kvm_arch_vcpu_ioctl_translate(struct kvm_vcpu *vcpu, +@@ -7159,7 +7163,7 @@ int kvm_arch_vcpu_ioctl_translate(struct kvm_vcpu *vcpu, int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) { struct fxregs_state *fxsave = @@ -29993,7 +29964,7 @@ index d294502..af80bcb 100644 memcpy(fpu->fpr, fxsave->st_space, 128); fpu->fcw = fxsave->cwd; -@@ -7175,7 +7179,7 @@ int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) +@@ -7176,7 +7180,7 @@ int kvm_arch_vcpu_ioctl_get_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) { struct fxregs_state *fxsave = @@ -30002,7 +29973,7 @@ index d294502..af80bcb 100644 memcpy(fxsave->st_space, fpu->fpr, 128); fxsave->cwd = fpu->fcw; -@@ -7191,9 +7195,9 @@ int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) +@@ -7192,9 +7196,9 @@ int kvm_arch_vcpu_ioctl_set_fpu(struct kvm_vcpu *vcpu, struct kvm_fpu *fpu) static void fx_init(struct kvm_vcpu *vcpu) { @@ -30014,7 +29985,7 @@ index d294502..af80bcb 100644 host_xcr0 | XSTATE_COMPACTION_ENABLED; /* -@@ -7217,7 +7221,7 @@ void kvm_load_guest_fpu(struct kvm_vcpu *vcpu) +@@ -7218,7 +7222,7 @@ void kvm_load_guest_fpu(struct kvm_vcpu *vcpu) kvm_put_guest_xcr0(vcpu); vcpu->guest_fpu_loaded = 1; __kernel_fpu_begin(); @@ -30023,7 +29994,7 @@ index d294502..af80bcb 100644 trace_kvm_fpu(1); } -@@ -7520,6 +7524,8 @@ bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) +@@ -7521,6 +7525,8 @@ bool kvm_vcpu_compatible(struct kvm_vcpu *vcpu) struct static_key kvm_no_apic_vcpu __read_mostly; @@ -30032,7 +30003,7 @@ index d294502..af80bcb 100644 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) { struct page *page; -@@ -7536,11 +7542,14 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) +@@ -7537,11 +7543,14 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu) else vcpu->arch.mp_state = KVM_MP_STATE_UNINITIALIZED; @@ -30051,7 +30022,7 @@ index d294502..af80bcb 100644 vcpu->arch.pio_data = page_address(page); kvm_set_tsc_khz(vcpu, max_tsc_khz); -@@ -7596,6 +7605,9 @@ fail_mmu_destroy: +@@ -7597,6 +7606,9 @@ fail_mmu_destroy: kvm_mmu_destroy(vcpu); fail_free_pio_data: free_page((unsigned long)vcpu->arch.pio_data); @@ -30061,7 +30032,7 @@ index d294502..af80bcb 100644 fail: return r; } -@@ -7613,6 +7625,8 @@ void kvm_arch_vcpu_uninit(struct kvm_vcpu *vcpu) +@@ -7614,6 +7626,8 @@ void kvm_arch_vcpu_uninit(struct kvm_vcpu *vcpu) free_page((unsigned long)vcpu->arch.pio_data); if (!lapic_in_kernel(vcpu)) static_key_slow_dec(&kvm_no_apic_vcpu); @@ -35185,7 +35156,7 @@ index 90555bf..f5f1828 100644 } diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c -index 8f4cc3d..7143a15 100644 +index 5fb6ada..9c48b29 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -45,7 +45,11 @@ void leave_mm(int cpu) @@ -36660,7 +36631,7 @@ index c7b15f3..cc09a65 100644 This is the Linux Xen port. Enabling this will allow the kernel to boot in a paravirtualized environment under the diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index b7de78b..81f54af 100644 +index beab8c7..9a29803 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c @@ -131,8 +131,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); @@ -37677,7 +37648,7 @@ index 7cfbda4..74f738c 100644 set_no_mwait, "Extensa 5220", { DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies LTD"), diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c -index 0d94621..21686cc 100644 +index e3322ad..4a03c27 100644 --- a/drivers/acpi/sleep.c +++ b/drivers/acpi/sleep.c @@ -148,7 +148,7 @@ static int __init init_nvs_nosave(const struct dmi_system_id *d) @@ -40570,7 +40541,7 @@ index 565a947..dcdc06e 100644 acpi_os_unmap_iomem(virt, len); return 0; diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c -index bd72fb0..0212a62 100644 +index 4e6940a..fc08428 100644 --- a/drivers/char/tpm/tpm_eventlog.c +++ b/drivers/char/tpm/tpm_eventlog.c @@ -108,8 +108,7 @@ static void *tpm_bios_measurements_start(struct seq_file *m, loff_t *pos) @@ -42180,10 +42151,10 @@ index 8e99514..3d68786 100644 void *amdgpu_cgs_create_device(struct amdgpu_device *adev) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c -index c961fe0..acde4f5 100644 +index 9d88023..5fe8189 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c -@@ -1075,7 +1075,7 @@ static bool amdgpu_switcheroo_can_switch(struct pci_dev *pdev) +@@ -1081,7 +1081,7 @@ static bool amdgpu_switcheroo_can_switch(struct pci_dev *pdev) * locking inversion with the driver load path. And the access here is * completely racy anyway. So don't bother with locking for now. */ @@ -43077,6 +43048,28 @@ index d4813e0..6c1ab4d 100644 if (pipe) { pipeconf_reg = PIPECCONF; dspcntr_reg = DSPCCNTR; +diff --git a/drivers/gpu/drm/gma500/mdfld_dsi_output.c b/drivers/gpu/drm/gma500/mdfld_dsi_output.c +index 89f705c..d262d0b 100644 +--- a/drivers/gpu/drm/gma500/mdfld_dsi_output.c ++++ b/drivers/gpu/drm/gma500/mdfld_dsi_output.c +@@ -382,14 +382,14 @@ static int mdfld_dsi_connector_mode_valid(struct drm_connector *connector, + return MODE_OK; + } + +-static void mdfld_dsi_connector_dpms(struct drm_connector *connector, int mode) ++static int mdfld_dsi_connector_dpms(struct drm_connector *connector, int mode) + { + if (mode == connector->dpms) +- return; ++ return 0; + + /*first, execute dpms*/ + +- drm_helper_connector_dpms(connector, mode); ++ return drm_helper_connector_dpms(connector, mode); + } + + static struct drm_encoder *mdfld_dsi_connector_best_encoder( diff --git a/drivers/gpu/drm/gma500/psb_drv.c b/drivers/gpu/drm/gma500/psb_drv.c index 92e7e57..5d74ff5 100644 --- a/drivers/gpu/drm/gma500/psb_drv.c @@ -44243,10 +44236,10 @@ index b928c17..e5d9400 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index c566993..0bf8fae 100644 +index f78f111..3df7de6 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c -@@ -1253,7 +1253,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) +@@ -1259,7 +1259,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) * locking inversion with the driver load path. And the access here is * completely racy anyway. So don't bother with locking for now. */ @@ -45116,10 +45109,10 @@ index 41edd5a..cb008f0 100644 /* copy over all the bus versions */ if (dev->bus && dev->bus->pm) { diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c -index c6f7a69..cf26aed 100644 +index ec791e1..169a46d 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c -@@ -2583,7 +2583,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); +@@ -2584,7 +2584,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); int hid_add_device(struct hid_device *hdev) { @@ -45128,7 +45121,7 @@ index c6f7a69..cf26aed 100644 int ret; if (WARN_ON(hdev->status & HID_STAT_ADDED)) -@@ -2626,7 +2626,7 @@ int hid_add_device(struct hid_device *hdev) +@@ -2628,7 +2628,7 @@ int hid_add_device(struct hid_device *hdev) /* XXX hack, any other cleaner solution after the driver core * is converted to allow more than 20 bytes as the device name? */ dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, @@ -45684,6 +45677,23 @@ index 37a8a90..4724cbd 100644 sector_t block) { ide_hwif_t *hwif = drive->hwif; +diff --git a/drivers/idle/intel_idle.c b/drivers/idle/intel_idle.c +index 146eed70b..4e6a8d5 100644 +--- a/drivers/idle/intel_idle.c ++++ b/drivers/idle/intel_idle.c +@@ -1060,8 +1060,10 @@ static void sklh_idle_state_table_update(void) + return; + } + +- skl_cstates[5].disabled = 1; /* C8-SKL */ +- skl_cstates[6].disabled = 1; /* C9-SKL */ ++ pax_open_kernel(); ++ *(bool **)&skl_cstates[5].disabled = 1; /* C8-SKL */ ++ *(bool **)&skl_cstates[6].disabled = 1; /* C9-SKL */ ++ pax_close_kernel(); + } + /* + * intel_idle_state_table_update() diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c index 159ede6..856c0d5 100644 --- a/drivers/iio/industrialio-core.c @@ -46690,113 +46700,11 @@ index 4a95b22..874c182 100644 #include <linux/input.h> #include <linux/gameport.h> #include <linux/jiffies.h> -diff --git a/drivers/input/misc/ati_remote2.c b/drivers/input/misc/ati_remote2.c -index cfd58e8..1c5914c 100644 ---- a/drivers/input/misc/ati_remote2.c -+++ b/drivers/input/misc/ati_remote2.c -@@ -817,26 +817,49 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - ar2->udev = udev; - -+ /* Sanity check, first interface must have an endpoint */ -+ if (alt->desc.bNumEndpoints < 1 || !alt->endpoint) { -+ dev_err(&interface->dev, -+ "%s(): interface 0 must have an endpoint\n", __func__); -+ r = -ENODEV; -+ goto fail1; -+ } - ar2->intf[0] = interface; - ar2->ep[0] = &alt->endpoint[0].desc; - -+ /* Sanity check, the device must have two interfaces */ - ar2->intf[1] = usb_ifnum_to_if(udev, 1); -+ if ((udev->actconfig->desc.bNumInterfaces < 2) || !ar2->intf[1]) { -+ dev_err(&interface->dev, "%s(): need 2 interfaces, found %d\n", -+ __func__, udev->actconfig->desc.bNumInterfaces); -+ r = -ENODEV; -+ goto fail1; -+ } -+ - r = usb_driver_claim_interface(&ati_remote2_driver, ar2->intf[1], ar2); - if (r) - goto fail1; -+ -+ /* Sanity check, second interface must have an endpoint */ - alt = ar2->intf[1]->cur_altsetting; -+ if (alt->desc.bNumEndpoints < 1 || !alt->endpoint) { -+ dev_err(&interface->dev, -+ "%s(): interface 1 must have an endpoint\n", __func__); -+ r = -ENODEV; -+ goto fail2; -+ } - ar2->ep[1] = &alt->endpoint[0].desc; - - r = ati_remote2_urb_init(ar2); - if (r) -- goto fail2; -+ goto fail3; - - ar2->channel_mask = channel_mask; - ar2->mode_mask = mode_mask; - - r = ati_remote2_setup(ar2, ar2->channel_mask); - if (r) -- goto fail2; -+ goto fail3; - - usb_make_path(udev, ar2->phys, sizeof(ar2->phys)); - strlcat(ar2->phys, "/input0", sizeof(ar2->phys)); -@@ -845,11 +868,11 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - r = sysfs_create_group(&udev->dev.kobj, &ati_remote2_attr_group); - if (r) -- goto fail2; -+ goto fail3; - - r = ati_remote2_input_init(ar2); - if (r) -- goto fail3; -+ goto fail4; - - usb_set_intfdata(interface, ar2); - -@@ -857,10 +880,11 @@ static int ati_remote2_probe(struct usb_interface *interface, const struct usb_d - - return 0; - -- fail3: -+ fail4: - sysfs_remove_group(&udev->dev.kobj, &ati_remote2_attr_group); -- fail2: -+ fail3: - ati_remote2_urb_cleanup(ar2); -+ fail2: - usb_driver_release_interface(&ati_remote2_driver, ar2->intf[1]); - fail1: - kfree(ar2); diff --git a/drivers/input/misc/ims-pcu.c b/drivers/input/misc/ims-pcu.c -index ac1fa5f..1e1a411 100644 +index 9c0ea36..1e1a411 100644 --- a/drivers/input/misc/ims-pcu.c +++ b/drivers/input/misc/ims-pcu.c -@@ -1663,6 +1663,8 @@ static int ims_pcu_parse_cdc_data(struct usb_interface *intf, struct ims_pcu *pc - - pcu->ctrl_intf = usb_ifnum_to_if(pcu->udev, - union_desc->bMasterInterface0); -+ if (!pcu->ctrl_intf) -+ return -EINVAL; - - alt = pcu->ctrl_intf->cur_altsetting; - pcu->ep_ctrl = &alt->endpoint[0].desc; -@@ -1670,6 +1672,8 @@ static int ims_pcu_parse_cdc_data(struct usb_interface *intf, struct ims_pcu *pc - - pcu->data_intf = usb_ifnum_to_if(pcu->udev, - union_desc->bSlaveInterface0); -+ if (!pcu->data_intf) -+ return -EINVAL; - - alt = pcu->data_intf->cur_altsetting; - if (alt->desc.bNumEndpoints != 2) { -@@ -1851,7 +1855,7 @@ static int ims_pcu_identify_type(struct ims_pcu *pcu, u8 *device_id) +@@ -1855,7 +1855,7 @@ static int ims_pcu_identify_type(struct ims_pcu *pcu, u8 *device_id) static int ims_pcu_init_application_mode(struct ims_pcu *pcu) { @@ -46805,7 +46713,7 @@ index ac1fa5f..1e1a411 100644 const struct ims_pcu_device_info *info; int error; -@@ -1882,7 +1886,7 @@ static int ims_pcu_init_application_mode(struct ims_pcu *pcu) +@@ -1886,7 +1886,7 @@ static int ims_pcu_init_application_mode(struct ims_pcu *pcu) } /* Device appears to be operable, complete initialization */ @@ -48408,7 +48316,7 @@ index adbff14..018c2d2 100644 struct cache_stat_collector collector; diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c -index 8d0ead9..2b81525 100644 +index a296425..397607e 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -530,7 +530,7 @@ void bch_prio_write(struct cache *ca) @@ -48476,7 +48384,7 @@ index 4f22e91..5b13fde 100644 seq_printf(seq, "\n"); diff --git a/drivers/md/dm-cache-target.c b/drivers/md/dm-cache-target.c -index 2fd4c82..199bd5d 100644 +index 515f83e..56f11f0 100644 --- a/drivers/md/dm-cache-target.c +++ b/drivers/md/dm-cache-target.c @@ -185,16 +185,16 @@ struct cache_features { @@ -48556,7 +48464,7 @@ index 2fd4c82..199bd5d 100644 dm_cache_metadata_set_stats(cache->cmd, &stats); } -@@ -1322,7 +1322,7 @@ static bool bio_writes_complete_block(struct cache *cache, struct bio *bio) +@@ -1327,7 +1327,7 @@ static bool bio_writes_complete_block(struct cache *cache, struct bio *bio) static void avoid_copy(struct dm_cache_migration *mg) { @@ -48565,7 +48473,7 @@ index 2fd4c82..199bd5d 100644 migration_success_pre_commit(mg); } -@@ -1649,13 +1649,13 @@ static bool spare_migration_bandwidth(struct cache *cache) +@@ -1654,13 +1654,13 @@ static bool spare_migration_bandwidth(struct cache *cache) static void inc_hit_counter(struct cache *cache, struct bio *bio) { @@ -48581,7 +48489,7 @@ index 2fd4c82..199bd5d 100644 &cache->stats.read_miss : &cache->stats.write_miss); } -@@ -1828,7 +1828,7 @@ static void process_cell(struct cache *cache, struct prealloc *structs, +@@ -1833,7 +1833,7 @@ static void process_cell(struct cache *cache, struct prealloc *structs, */ if (bio_data_dir(bio) == WRITE) { @@ -48590,7 +48498,7 @@ index 2fd4c82..199bd5d 100644 invalidate(cache, structs, block, lookup_result.cblock, new_ocell); release_cell = false; -@@ -1861,14 +1861,14 @@ static void process_cell(struct cache *cache, struct prealloc *structs, +@@ -1866,14 +1866,14 @@ static void process_cell(struct cache *cache, struct prealloc *structs, break; case POLICY_NEW: @@ -48608,7 +48516,7 @@ index 2fd4c82..199bd5d 100644 demote_then_promote(cache, structs, lookup_result.old_oblock, block, lookup_result.cblock, ool.cell, new_ocell); -@@ -1922,7 +1922,7 @@ static int commit(struct cache *cache, bool clean_shutdown) +@@ -1927,7 +1927,7 @@ static int commit(struct cache *cache, bool clean_shutdown) if (get_cache_mode(cache) >= CM_READ_ONLY) return -EINVAL; @@ -48617,7 +48525,7 @@ index 2fd4c82..199bd5d 100644 r = dm_cache_commit(cache->cmd, clean_shutdown); if (r) metadata_operation_failed(cache, "dm_cache_commit", r); -@@ -2153,32 +2153,32 @@ static void process_invalidation_requests(struct cache *cache) +@@ -2158,32 +2158,32 @@ static void process_invalidation_requests(struct cache *cache) *--------------------------------------------------------------*/ static bool is_quiescing(struct cache *cache) { @@ -48656,7 +48564,7 @@ index 2fd4c82..199bd5d 100644 } static void wait_for_migrations(struct cache *cache) -@@ -2865,8 +2865,8 @@ static int cache_create(struct cache_args *ca, struct cache **result) +@@ -2870,8 +2870,8 @@ static int cache_create(struct cache_args *ca, struct cache **result) init_waitqueue_head(&cache->migration_wait); init_waitqueue_head(&cache->quiescing_wait); @@ -48667,7 +48575,7 @@ index 2fd4c82..199bd5d 100644 r = -ENOMEM; atomic_set(&cache->nr_dirty, 0); -@@ -2933,12 +2933,12 @@ static int cache_create(struct cache_args *ca, struct cache **result) +@@ -2938,12 +2938,12 @@ static int cache_create(struct cache_args *ca, struct cache **result) load_stats(cache); @@ -48686,7 +48594,7 @@ index 2fd4c82..199bd5d 100644 spin_lock_init(&cache->invalidation_lock); INIT_LIST_HEAD(&cache->invalidation_requests); -@@ -3548,12 +3548,12 @@ static void cache_status(struct dm_target *ti, status_type_t type, +@@ -3554,12 +3554,12 @@ static void cache_status(struct dm_target *ti, status_type_t type, cache->sectors_per_block, (unsigned long long) from_cblock(residency), (unsigned long long) from_cblock(cache->cache_size), @@ -48883,7 +48791,7 @@ index 797ddb9..9595c24 100644 schedule_work(&sc->trigger_event); } diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c -index 061152a..b033201 100644 +index cb5d0da..a06db6d 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -305,7 +305,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, @@ -48896,7 +48804,7 @@ index 061152a..b033201 100644 "start=%llu, len=%llu, dev_size=%llu", dm_device_name(ti->table->md), bdevname(bdev, b), diff --git a/drivers/md/dm-thin-metadata.c b/drivers/md/dm-thin-metadata.c -index c219a05..15a27ca 100644 +index 911ada6..85d4750 100644 --- a/drivers/md/dm-thin-metadata.c +++ b/drivers/md/dm-thin-metadata.c @@ -405,7 +405,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) @@ -48918,7 +48826,7 @@ index c219a05..15a27ca 100644 pmd->bl_info.value_type.inc = data_block_inc; pmd->bl_info.value_type.dec = data_block_dec; diff --git a/drivers/md/dm.c b/drivers/md/dm.c -index dd83492..d111dcf 100644 +index c338aeb..671c671 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -194,9 +194,9 @@ struct mapped_device { @@ -48970,7 +48878,7 @@ index dd83492..d111dcf 100644 { rcu_read_unlock(); } -@@ -2317,8 +2321,8 @@ static struct mapped_device *alloc_dev(int minor) +@@ -2316,8 +2320,8 @@ static struct mapped_device *alloc_dev(int minor) spin_lock_init(&md->deferred_lock); atomic_set(&md->holders, 1); atomic_set(&md->open_count, 0); @@ -48981,7 +48889,7 @@ index dd83492..d111dcf 100644 INIT_LIST_HEAD(&md->uevent_list); INIT_LIST_HEAD(&md->table_devices); spin_lock_init(&md->uevent_lock); -@@ -2459,7 +2463,7 @@ static void event_callback(void *context) +@@ -2458,7 +2462,7 @@ static void event_callback(void *context) dm_send_uevents(&uevents, &disk_to_dev(md->disk)->kobj); @@ -48990,7 +48898,7 @@ index dd83492..d111dcf 100644 wake_up(&md->eventq); } -@@ -3402,18 +3406,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, +@@ -3401,18 +3405,18 @@ int dm_kobject_uevent(struct mapped_device *md, enum kobject_action action, uint32_t dm_next_uevent_seq(struct mapped_device *md) { @@ -49234,7 +49142,7 @@ index 3e6d115..ffecdeb 100644 /*----------------------------------------------------------------*/ diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c -index c4b9134..6602200 100644 +index 515554c..51df664 100644 --- a/drivers/md/raid1.c +++ b/drivers/md/raid1.c @@ -1063,7 +1063,7 @@ static void make_request(struct mddev *mddev, struct bio * bio) @@ -49274,7 +49182,7 @@ index c4b9134..6602200 100644 "md/raid1:%s: read error corrected " "(%d sectors at %llu on %s)\n", diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c -index ce959b4..3dff1bc 100644 +index ebb0dd6..2be20c1 100644 --- a/drivers/md/raid10.c +++ b/drivers/md/raid10.c @@ -1068,7 +1068,7 @@ static void __make_request(struct mddev *mddev, struct bio *bio) @@ -49355,10 +49263,10 @@ index ce959b4..3dff1bc 100644 rdev_dec_pending(rdev, mddev); diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c -index 704ef7f..8799ca3 100644 +index 10ce885..b98e542 100644 --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c -@@ -1121,23 +1121,23 @@ async_copy_data(int frombio, struct bio *bio, struct page **page, +@@ -1112,23 +1112,23 @@ async_copy_data(int frombio, struct bio *bio, struct page **page, struct bio_vec bvl; struct bvec_iter iter; struct page *bio_page; @@ -49388,7 +49296,7 @@ index 704ef7f..8799ca3 100644 if (page_offset < 0) { b_offset = -page_offset; -@@ -2028,6 +2028,10 @@ static int grow_one_stripe(struct r5conf *conf, gfp_t gfp) +@@ -2019,6 +2019,10 @@ static int grow_one_stripe(struct r5conf *conf, gfp_t gfp) return 1; } @@ -49399,7 +49307,7 @@ index 704ef7f..8799ca3 100644 static int grow_stripes(struct r5conf *conf, int num) { struct kmem_cache *sc; -@@ -2038,7 +2042,11 @@ static int grow_stripes(struct r5conf *conf, int num) +@@ -2029,7 +2033,11 @@ static int grow_stripes(struct r5conf *conf, int num) "raid%d-%s", conf->level, mdname(conf->mddev)); else sprintf(conf->cache_name[0], @@ -49411,7 +49319,7 @@ index 704ef7f..8799ca3 100644 sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]); conf->active_name = 0; -@@ -2329,21 +2337,21 @@ static void raid5_end_read_request(struct bio * bi) +@@ -2332,21 +2340,21 @@ static void raid5_end_read_request(struct bio * bi) mdname(conf->mddev), STRIPE_SECTORS, (unsigned long long)s, bdevname(rdev->bdev, b)); @@ -49437,7 +49345,7 @@ index 704ef7f..8799ca3 100644 if (test_bit(R5_ReadRepl, &sh->dev[i].flags)) printk_ratelimited( KERN_WARNING -@@ -2371,7 +2379,7 @@ static void raid5_end_read_request(struct bio * bi) +@@ -2374,7 +2382,7 @@ static void raid5_end_read_request(struct bio * bi) mdname(conf->mddev), (unsigned long long)s, bdn); @@ -49446,7 +49354,7 @@ index 704ef7f..8799ca3 100644 > conf->max_nr_stripes) printk(KERN_WARNING "md/raid:%s: Too many read errors, failing device %s.\n", -@@ -3743,7 +3751,7 @@ static void handle_parity_checks5(struct r5conf *conf, struct stripe_head *sh, +@@ -3746,7 +3754,7 @@ static void handle_parity_checks5(struct r5conf *conf, struct stripe_head *sh, */ set_bit(STRIPE_INSYNC, &sh->state); else { @@ -49455,7 +49363,7 @@ index 704ef7f..8799ca3 100644 if (test_bit(MD_RECOVERY_CHECK, &conf->mddev->recovery)) /* don't try to repair!! */ set_bit(STRIPE_INSYNC, &sh->state); -@@ -3895,7 +3903,7 @@ static void handle_parity_checks6(struct r5conf *conf, struct stripe_head *sh, +@@ -3898,7 +3906,7 @@ static void handle_parity_checks6(struct r5conf *conf, struct stripe_head *sh, */ } } else { @@ -50653,10 +50561,10 @@ index 6c3c477..6c435a4 100644 } diff --git a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c -index 327e83a..b0963b7 100644 +index f38c076..072bb90 100644 --- a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c +++ b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c -@@ -450,7 +450,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user +@@ -448,7 +448,7 @@ static int get_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user * by passing a very big num_planes value */ uplane = compat_alloc_user_space(num_planes * sizeof(struct v4l2_plane)); @@ -50665,7 +50573,7 @@ index 327e83a..b0963b7 100644 while (--num_planes >= 0) { ret = get_v4l2_plane32(uplane, uplane32, kp->memory); -@@ -521,7 +521,7 @@ static int put_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user +@@ -518,7 +518,7 @@ static int put_v4l2_buffer32(struct v4l2_buffer *kp, struct v4l2_buffer32 __user if (num_planes == 0) return 0; @@ -50674,7 +50582,7 @@ index 327e83a..b0963b7 100644 if (get_user(p, &up->m.planes)) return -EFAULT; uplane32 = compat_ptr(p); -@@ -585,7 +585,7 @@ static int get_v4l2_framebuffer32(struct v4l2_framebuffer *kp, struct v4l2_frame +@@ -580,7 +580,7 @@ static int get_v4l2_framebuffer32(struct v4l2_framebuffer *kp, struct v4l2_frame get_user(kp->flags, &up->flags) || copy_from_user(&kp->fmt, &up->fmt, sizeof(up->fmt))) return -EFAULT; @@ -50683,7 +50591,7 @@ index 327e83a..b0963b7 100644 return 0; } -@@ -691,7 +691,7 @@ static int get_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext +@@ -686,7 +686,7 @@ static int get_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext n * sizeof(struct v4l2_ext_control32))) return -EFAULT; kcontrols = compat_alloc_user_space(n * sizeof(struct v4l2_ext_control)); @@ -50692,7 +50600,7 @@ index 327e83a..b0963b7 100644 while (--n >= 0) { u32 id; -@@ -718,7 +718,7 @@ static int put_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext +@@ -713,7 +713,7 @@ static int put_v4l2_ext_controls32(struct v4l2_ext_controls *kp, struct v4l2_ext { struct v4l2_ext_control32 __user *ucontrols; struct v4l2_ext_control __user *kcontrols = @@ -50701,7 +50609,7 @@ index 327e83a..b0963b7 100644 int n = kp->count; compat_caddr_t p; -@@ -803,7 +803,7 @@ static int get_v4l2_edid32(struct v4l2_edid *kp, struct v4l2_edid32 __user *up) +@@ -798,7 +798,7 @@ static int get_v4l2_edid32(struct v4l2_edid *kp, struct v4l2_edid32 __user *up) get_user(tmp, &up->edid) || copy_from_user(kp->reserved, up->reserved, sizeof(kp->reserved))) return -EFAULT; @@ -55274,12 +55182,12 @@ index be35da2..ec16cdb 100644 * Boxes that should not use MSI for PCIe PME signaling. */ diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c -index edb1984..dda9a083 100644 +index 7aafb5f..8fbfd44 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c -@@ -179,7 +179,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, - u16 orig_cmd; - struct pci_bus_region region, inverted_region; +@@ -182,7 +182,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, + if (dev->non_compliant_bars) + return 0; - mask = type ? PCI_ROM_ADDRESS_MASK : ~0; + mask = type ? (u32)PCI_ROM_ADDRESS_MASK : ~0; @@ -56028,7 +55936,7 @@ index 302e626..12579af 100644 da->attr.name = info->pin_config[i].name; da->attr.mode = 0644; diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c -index 73b7683..8ccd43b 100644 +index 7b94b8e..1b35017 100644 --- a/drivers/regulator/core.c +++ b/drivers/regulator/core.c @@ -3842,7 +3842,7 @@ regulator_register(const struct regulator_desc *regulator_desc, @@ -56717,7 +56625,7 @@ index 4d1c511..d5744cb 100644 wait_queue_head_t reset_wq; diff --git a/drivers/scsi/ipr.c b/drivers/scsi/ipr.c -index 536cd5a..86dbbf2 100644 +index 43ac626..1bf014e9 100644 --- a/drivers/scsi/ipr.c +++ b/drivers/scsi/ipr.c @@ -1057,7 +1057,7 @@ static int ipr_get_hrrq_index(struct ipr_ioa_cfg *ioa_cfg) @@ -56729,7 +56637,7 @@ index 536cd5a..86dbbf2 100644 hrrq = (hrrq % (ioa_cfg->hrrq_num - 1)) + 1; } return hrrq; -@@ -8103,9 +8103,9 @@ static void ipr_init_ioa_mem(struct ipr_ioa_cfg *ioa_cfg) +@@ -8107,9 +8107,9 @@ static void ipr_init_ioa_mem(struct ipr_ioa_cfg *ioa_cfg) ioa_cfg->identify_hrrq_index = 0; if (ioa_cfg->hrrq_num == 1) @@ -57517,7 +57425,7 @@ index e3cd3ec..00560ec 100644 transport_setup_device(&rport->dev); diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c -index bb669d3..2074023 100644 +index cc84ea7..92bb10f 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -112,7 +112,7 @@ static int sd_resume(struct device *); @@ -57548,10 +57456,10 @@ index bb669d3..2074023 100644 if (!sdp->request_queue->rq_timeout) { if (sdp->type != TYPE_MOD) diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c -index 5e82067..8f7c2cc 100644 +index ae7d9bd..77e1f04 100644 --- a/drivers/scsi/sg.c +++ b/drivers/scsi/sg.c -@@ -1089,7 +1089,7 @@ sg_ioctl(struct file *filp, unsigned int cmd_in, unsigned long arg) +@@ -1090,7 +1090,7 @@ sg_ioctl(struct file *filp, unsigned int cmd_in, unsigned long arg) sdp->disk->disk_name, MKDEV(SCSI_GENERIC_MAJOR, sdp->index), NULL, @@ -60231,20 +60139,6 @@ index db322d9..f0f4bc1 100644 if (!left--) { if (instance->disconnected) -diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c -index fa4e239..d37fdcc 100644 ---- a/drivers/usb/class/cdc-acm.c -+++ b/drivers/usb/class/cdc-acm.c -@@ -1114,6 +1114,9 @@ static int acm_probe(struct usb_interface *intf, - if (quirks == NO_UNION_NORMAL) { - data_interface = usb_ifnum_to_if(usb_dev, 1); - control_interface = usb_ifnum_to_if(usb_dev, 0); -+ /* we would crash */ -+ if (!data_interface || !control_interface) -+ return -ENODEV; - goto skip_normal_probe; - } - diff --git a/drivers/usb/class/cdc-acm.h b/drivers/usb/class/cdc-acm.h index ccfaba9..523f476 100644 --- a/drivers/usb/class/cdc-acm.h @@ -60338,27 +60232,6 @@ index 38ae877c..9bf9e7d 100644 __create_pipe(ps->dev, uurb->endpoint & 0xf) | (uurb->endpoint & USB_DIR_IN); -diff --git a/drivers/usb/core/driver.c b/drivers/usb/core/driver.c -index 56593a9..2057d91 100644 ---- a/drivers/usb/core/driver.c -+++ b/drivers/usb/core/driver.c -@@ -502,11 +502,15 @@ static int usb_unbind_interface(struct device *dev) - int usb_driver_claim_interface(struct usb_driver *driver, - struct usb_interface *iface, void *priv) - { -- struct device *dev = &iface->dev; -+ struct device *dev; - struct usb_device *udev; - int retval = 0; - int lpm_disable_error; - -+ if (!iface) -+ return -ENODEV; -+ -+ dev = &iface->dev; - if (dev->driver) - return -EBUSY; - diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c index 1c102d6..d15688e 100644 --- a/drivers/usb/core/hcd.c @@ -60382,7 +60255,7 @@ index 1c102d6..d15688e 100644 wake_up(&usb_kill_urb_queue); usb_put_urb(urb); diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c -index 1560f3f..ba76922 100644 +index 2a27488..436ee88 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -26,6 +26,7 @@ @@ -60393,7 +60266,7 @@ index 1560f3f..ba76922 100644 #include <asm/uaccess.h> #include <asm/byteorder.h> -@@ -4711,6 +4712,10 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus, +@@ -4717,6 +4718,10 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus, goto done; return; } @@ -60783,23 +60656,6 @@ index a0a3827..d7ec10b 100644 memset(&props, 0, sizeof(struct backlight_properties)); props.type = BACKLIGHT_RAW; props.max_brightness = 0xff; -diff --git a/drivers/usb/misc/iowarrior.c b/drivers/usb/misc/iowarrior.c -index c6bfd13..1950e87 100644 ---- a/drivers/usb/misc/iowarrior.c -+++ b/drivers/usb/misc/iowarrior.c -@@ -787,6 +787,12 @@ static int iowarrior_probe(struct usb_interface *interface, - iface_desc = interface->cur_altsetting; - dev->product_id = le16_to_cpu(udev->descriptor.idProduct); - -+ if (iface_desc->desc.bNumEndpoints < 1) { -+ dev_err(&interface->dev, "Invalid number of endpoints\n"); -+ retval = -EINVAL; -+ goto error; -+ } -+ - /* set up the endpoint information */ - for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) { - endpoint = &iface_desc->endpoint[i].desc; diff --git a/drivers/usb/serial/console.c b/drivers/usb/serial/console.c index 3806e70..55c508b 100644 --- a/drivers/usb/serial/console.c @@ -80180,21 +80036,10 @@ index a7a1b21..023d87a 100644 /* * We'll have a dentry and an inode for diff --git a/fs/coredump.c b/fs/coredump.c -index 1777331..400d71c 100644 +index dfc87c5..9e773ba 100644 --- a/fs/coredump.c +++ b/fs/coredump.c -@@ -32,6 +32,10 @@ - #include <linux/pipe_fs_i.h> - #include <linux/oom.h> - #include <linux/compat.h> -+#include <linux/sched.h> -+#include <linux/fs.h> -+#include <linux/path.h> -+#include <linux/timekeeping.h> - - #include <asm/uaccess.h> - #include <asm/mmu_context.h> -@@ -456,8 +460,8 @@ static void wait_for_dump_helpers(struct file *file) +@@ -459,8 +459,8 @@ static void wait_for_dump_helpers(struct file *file) struct pipe_inode_info *pipe = file->private_data; pipe_lock(pipe); @@ -80205,7 +80050,7 @@ index 1777331..400d71c 100644 wake_up_interruptible_sync(&pipe->wait); kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); pipe_unlock(pipe); -@@ -466,11 +470,11 @@ static void wait_for_dump_helpers(struct file *file) +@@ -469,11 +469,11 @@ static void wait_for_dump_helpers(struct file *file) * We actually want wait_event_freezable() but then we need * to clear TIF_SIGPENDING and improve dump_interrupted(). */ @@ -80220,7 +80065,7 @@ index 1777331..400d71c 100644 pipe_unlock(pipe); } -@@ -517,7 +521,9 @@ void do_coredump(const siginfo_t *siginfo) +@@ -520,7 +520,9 @@ void do_coredump(const siginfo_t *siginfo) /* require nonrelative corefile path and be extra careful */ bool need_suid_safe = false; bool core_dumped = false; @@ -80231,7 +80076,7 @@ index 1777331..400d71c 100644 struct coredump_params cprm = { .siginfo = siginfo, .regs = signal_pt_regs(), -@@ -530,12 +536,17 @@ void do_coredump(const siginfo_t *siginfo) +@@ -533,12 +535,17 @@ void do_coredump(const siginfo_t *siginfo) .mm_flags = mm->flags, }; @@ -80251,7 +80096,7 @@ index 1777331..400d71c 100644 goto fail; cred = prepare_creds(); -@@ -553,7 +564,7 @@ void do_coredump(const siginfo_t *siginfo) +@@ -556,7 +563,7 @@ void do_coredump(const siginfo_t *siginfo) need_suid_safe = true; } @@ -80260,7 +80105,7 @@ index 1777331..400d71c 100644 if (retval < 0) goto fail_creds; -@@ -596,7 +607,7 @@ void do_coredump(const siginfo_t *siginfo) +@@ -599,7 +606,7 @@ void do_coredump(const siginfo_t *siginfo) } cprm.limit = RLIM_INFINITY; @@ -80269,18 +80114,16 @@ index 1777331..400d71c 100644 if (core_pipe_limit && (core_pipe_limit < dump_count)) { printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", task_tgid_vnr(current), current->comm); -@@ -627,6 +638,10 @@ void do_coredump(const siginfo_t *siginfo) - } - } else { - struct inode *inode; -+ int open_flags = O_CREAT | O_RDWR | O_NOFOLLOW | -+ O_LARGEFILE | O_EXCL; -+ -+ gr_learn_resource(current, RLIMIT_CORE, binfmt->min_coredump, 1); +@@ -633,6 +640,8 @@ void do_coredump(const siginfo_t *siginfo) + int open_flags = O_CREAT | O_RDWR | O_NOFOLLOW | + O_LARGEFILE | O_EXCL; ++ gr_learn_resource(current, RLIMIT_CORE, binfmt->min_coredump, 1); ++ if (cprm.limit < binfmt->min_coredump) goto fail_unlock; -@@ -653,7 +668,7 @@ void do_coredump(const siginfo_t *siginfo) + +@@ -658,7 +667,7 @@ void do_coredump(const siginfo_t *siginfo) * If it doesn't exist, that's fine. If there's some * other problem, we'll catch it at the filp_open(). */ @@ -80289,39 +80132,7 @@ index 1777331..400d71c 100644 set_fs(old_fs); } -@@ -665,10 +680,27 @@ void do_coredump(const siginfo_t *siginfo) - * what matters is that at least one of the two processes - * writes its coredump successfully, not which one. - */ -- cprm.file = filp_open(cn.corename, -- O_CREAT | 2 | O_NOFOLLOW | -- O_LARGEFILE | O_EXCL, -- 0600); -+ if (need_suid_safe) { -+ /* -+ * Using user namespaces, normal user tasks can change -+ * their current->fs->root to point to arbitrary -+ * directories. Since the intention of the "only dump -+ * with a fully qualified path" rule is to control where -+ * coredumps may be placed using root privileges, -+ * current->fs->root must not be used. Instead, use the -+ * root directory of init_task. -+ */ -+ struct path root; -+ -+ task_lock(&init_task); -+ get_fs_root(init_task.fs, &root); -+ task_unlock(&init_task); -+ cprm.file = file_open_root(root.dentry, root.mnt, -+ cn.corename, open_flags, 0600); -+ path_put(&root); -+ } else { -+ cprm.file = filp_open(cn.corename, open_flags, 0600); -+ } - if (IS_ERR(cprm.file)) - goto fail_unlock; - -@@ -717,7 +749,7 @@ close_fail: +@@ -739,7 +748,7 @@ close_fail: filp_close(cprm.file, NULL); fail_dropcount: if (ispipe) @@ -80330,7 +80141,7 @@ index 1777331..400d71c 100644 fail_unlock: kfree(cn.corename); coredump_finish(mm, core_dumped); -@@ -738,6 +770,8 @@ int dump_emit(struct coredump_params *cprm, const void *addr, int nr) +@@ -760,6 +769,8 @@ int dump_emit(struct coredump_params *cprm, const void *addr, int nr) struct file *file = cprm->file; loff_t pos = file->f_pos; ssize_t n; @@ -82429,7 +82240,7 @@ index ee85cd4..9dd0d20 100644 } EXPORT_SYMBOL(__f_setown); diff --git a/fs/fhandle.c b/fs/fhandle.c -index d59712d..0c5456e 100644 +index ca3c3dd..0c5456e 100644 --- a/fs/fhandle.c +++ b/fs/fhandle.c @@ -8,6 +8,7 @@ @@ -82468,15 +82279,6 @@ index d59712d..0c5456e 100644 f_handle.handle_bytes)) { retval = -EFAULT; goto out_handle; -@@ -228,7 +228,7 @@ long do_handle_open(int mountdirfd, - path_put(&path); - return fd; - } -- file = file_open_root(path.dentry, path.mnt, "", open_flag); -+ file = file_open_root(path.dentry, path.mnt, "", open_flag, 0); - if (IS_ERR(file)) { - put_unused_fd(fd); - retval = PTR_ERR(file); diff --git a/fs/file.c b/fs/file.c index 39f8f15..898d887 100644 --- a/fs/file.c @@ -82569,10 +82371,10 @@ index 5797d45..7d7d79a 100644 if (dot && fs && !(fs->fs_flags & FS_HAS_SUBTYPE)) { diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c -index 7a8ea13..f7a17db 100644 +index 60d6fc2..dffa2ca 100644 --- a/fs/fs-writeback.c +++ b/fs/fs-writeback.c -@@ -880,9 +880,9 @@ fs_initcall(cgroup_writeback_init); +@@ -882,9 +882,9 @@ fs_initcall(cgroup_writeback_init); #else /* CONFIG_CGROUP_WRITEBACK */ static struct bdi_writeback * @@ -82584,7 +82386,7 @@ index 7a8ea13..f7a17db 100644 { struct bdi_writeback *wb = inode_to_wb(inode); -@@ -891,8 +891,8 @@ locked_inode_to_wb_and_lock_list(struct inode *inode) +@@ -893,8 +893,8 @@ locked_inode_to_wb_and_lock_list(struct inode *inode) return wb; } @@ -82594,7 +82396,7 @@ index 7a8ea13..f7a17db 100644 { struct bdi_writeback *wb = inode_to_wb(inode); -@@ -1136,9 +1136,8 @@ static int write_inode(struct inode *inode, struct writeback_control *wbc) +@@ -1138,9 +1138,8 @@ static int write_inode(struct inode *inode, struct writeback_control *wbc) * Wait for writeback on an inode to complete. Called with i_lock held. * Caller must make sure inode cannot go away when we drop i_lock. */ @@ -82605,7 +82407,7 @@ index 7a8ea13..f7a17db 100644 { DEFINE_WAIT_BIT(wq, &inode->i_state, __I_SYNC); wait_queue_head_t *wqh; -@@ -1167,8 +1166,8 @@ void inode_wait_for_writeback(struct inode *inode) +@@ -1169,8 +1168,8 @@ void inode_wait_for_writeback(struct inode *inode) * held and drops it. It is aimed for callers not holding any inode reference * so once i_lock is dropped, inode can go away. */ @@ -84157,7 +83959,7 @@ index 7cfa0aa..d5ef97b7 100644 seq_printf(m, "CacheOp: alo=%d luo=%d luc=%d gro=%d\n", atomic_read(&fscache_n_cop_alloc_object), diff --git a/fs/fuse/cuse.c b/fs/fuse/cuse.c -index 8e3ee19..5a0b7b2 100644 +index c5b6b71..3949af6 100644 --- a/fs/fuse/cuse.c +++ b/fs/fuse/cuse.c @@ -611,10 +611,12 @@ static int __init cuse_init(void) @@ -85502,10 +85304,10 @@ index 9dea85f..ceb98c9 100644 /* diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c -index a9f096c..fa0310f 100644 +index 7d5351c..144fc32 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c -@@ -1485,7 +1485,7 @@ struct nfsd4_operation { +@@ -1486,7 +1486,7 @@ struct nfsd4_operation { nfsd4op_rsize op_rsize_bop; stateid_getter op_get_currentstateid; stateid_setter op_set_currentstateid; @@ -85515,10 +85317,10 @@ index a9f096c..fa0310f 100644 static struct nfsd4_operation nfsd4_ops[]; diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c -index 51c9e9c..82dc067 100644 +index 1293520..4cc2062 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c -@@ -1704,7 +1704,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) +@@ -1706,7 +1706,7 @@ nfsd4_decode_notsupp(struct nfsd4_compoundargs *argp, void *p) typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); @@ -86010,7 +85812,7 @@ index 2de4c8a..a106a0d 100644 /* Copy the blockcheck stats from the superblock probe */ osb->osb_ecc_stats = *stats; diff --git a/fs/open.c b/fs/open.c -index b6f1e96..c16baf7 100644 +index 6a24f98..c16baf7 100644 --- a/fs/open.c +++ b/fs/open.c @@ -32,6 +32,8 @@ @@ -86114,24 +85916,7 @@ index b6f1e96..c16baf7 100644 retry_deleg: newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { -@@ -995,14 +1032,12 @@ struct file *filp_open(const char *filename, int flags, umode_t mode) - EXPORT_SYMBOL(filp_open); - - struct file *file_open_root(struct dentry *dentry, struct vfsmount *mnt, -- const char *filename, int flags) -+ const char *filename, int flags, umode_t mode) - { - struct open_flags op; -- int err = build_open_flags(flags, 0, &op); -+ int err = build_open_flags(flags, mode, &op); - if (err) - return ERR_PTR(err); -- if (flags & O_CREAT) -- return ERR_PTR(-EINVAL); - return do_file_open_root(dentry, mnt, filename, &op); - } - EXPORT_SYMBOL(file_open_root); -@@ -1029,6 +1064,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) +@@ -1027,6 +1064,7 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) } else { fsnotify_open(f); fd_install(fd, f); @@ -88706,10 +88491,10 @@ index e85664b..ad62e5f 100644 { const struct seq_operations *op = ((struct seq_file *)file->private_data)->op; diff --git a/fs/splice.c b/fs/splice.c -index 4cf700d..e7216fc 100644 +index 0f77e96..9dce13e 100644 --- a/fs/splice.c +++ b/fs/splice.c -@@ -192,7 +192,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -195,7 +195,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, pipe_lock(pipe); for (;;) { @@ -88718,7 +88503,7 @@ index 4cf700d..e7216fc 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -215,7 +215,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -218,7 +218,7 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, page_nr++; ret += buf->len; @@ -88727,7 +88512,7 @@ index 4cf700d..e7216fc 100644 do_wakeup = 1; if (!--spd->nr_pages) -@@ -246,9 +246,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, +@@ -249,9 +249,9 @@ ssize_t splice_to_pipe(struct pipe_inode_info *pipe, do_wakeup = 0; } @@ -88739,7 +88524,7 @@ index 4cf700d..e7216fc 100644 } pipe_unlock(pipe); -@@ -579,7 +579,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, +@@ -582,7 +582,7 @@ static ssize_t kernel_readv(struct file *file, const struct iovec *vec, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -88748,7 +88533,7 @@ index 4cf700d..e7216fc 100644 set_fs(old_fs); return res; -@@ -594,7 +594,7 @@ ssize_t kernel_write(struct file *file, const char *buf, size_t count, +@@ -597,7 +597,7 @@ ssize_t kernel_write(struct file *file, const char *buf, size_t count, old_fs = get_fs(); set_fs(get_ds()); /* The cast to a user pointer is valid due to the set_fs() */ @@ -88757,7 +88542,7 @@ index 4cf700d..e7216fc 100644 set_fs(old_fs); return res; -@@ -647,7 +647,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, +@@ -650,7 +650,7 @@ ssize_t default_file_splice_read(struct file *in, loff_t *ppos, goto err; this_len = min_t(size_t, len, PAGE_CACHE_SIZE - offset); @@ -88766,7 +88551,7 @@ index 4cf700d..e7216fc 100644 vec[i].iov_len = this_len; spd.pages[i] = page; spd.nr_pages++; -@@ -786,7 +786,7 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des +@@ -789,7 +789,7 @@ static int splice_from_pipe_feed(struct pipe_inode_info *pipe, struct splice_des ops->release(pipe, buf); pipe->curbuf = (pipe->curbuf + 1) & (pipe->buffers - 1); pipe->nrbufs--; @@ -88775,7 +88560,7 @@ index 4cf700d..e7216fc 100644 sd->need_wakeup = true; } -@@ -817,10 +817,10 @@ static int splice_from_pipe_next(struct pipe_inode_info *pipe, struct splice_des +@@ -820,10 +820,10 @@ static int splice_from_pipe_next(struct pipe_inode_info *pipe, struct splice_des return -ERESTARTSYS; while (!pipe->nrbufs) { @@ -88788,7 +88573,7 @@ index 4cf700d..e7216fc 100644 return 0; if (sd->flags & SPLICE_F_NONBLOCK) -@@ -1036,7 +1036,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out, +@@ -1039,7 +1039,7 @@ iter_file_splice_write(struct pipe_inode_info *pipe, struct file *out, ops->release(pipe, buf); pipe->curbuf = (pipe->curbuf + 1) & (pipe->buffers - 1); pipe->nrbufs--; @@ -88797,7 +88582,7 @@ index 4cf700d..e7216fc 100644 sd.need_wakeup = true; } else { buf->offset += ret; -@@ -1196,7 +1196,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, +@@ -1199,7 +1199,7 @@ ssize_t splice_direct_to_actor(struct file *in, struct splice_desc *sd, * out of the pipe right after the splice_to_pipe(). So set * PIPE_READERS appropriately. */ @@ -88806,7 +88591,7 @@ index 4cf700d..e7216fc 100644 current->splice_pipe = pipe; } -@@ -1503,6 +1503,7 @@ static int get_iovec_page_array(const struct iovec __user *iov, +@@ -1506,6 +1506,7 @@ static int get_iovec_page_array(const struct iovec __user *iov, partial[buffers].offset = off; partial[buffers].len = plen; @@ -88814,7 +88599,7 @@ index 4cf700d..e7216fc 100644 off = 0; len -= plen; -@@ -1734,9 +1735,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1737,9 +1738,9 @@ static int ipipe_prep(struct pipe_inode_info *pipe, unsigned int flags) ret = -ERESTARTSYS; break; } @@ -88826,7 +88611,7 @@ index 4cf700d..e7216fc 100644 if (flags & SPLICE_F_NONBLOCK) { ret = -EAGAIN; break; -@@ -1768,7 +1769,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1771,7 +1772,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) pipe_lock(pipe); while (pipe->nrbufs >= pipe->buffers) { @@ -88835,7 +88620,7 @@ index 4cf700d..e7216fc 100644 send_sig(SIGPIPE, current, 0); ret = -EPIPE; break; -@@ -1781,9 +1782,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) +@@ -1784,9 +1785,9 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags) ret = -ERESTARTSYS; break; } @@ -88847,7 +88632,7 @@ index 4cf700d..e7216fc 100644 } pipe_unlock(pipe); -@@ -1819,14 +1820,14 @@ retry: +@@ -1822,14 +1823,14 @@ retry: pipe_double_lock(ipipe, opipe); do { @@ -88864,7 +88649,7 @@ index 4cf700d..e7216fc 100644 break; /* -@@ -1923,7 +1924,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, +@@ -1926,7 +1927,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, pipe_double_lock(ipipe, opipe); do { @@ -88873,7 +88658,7 @@ index 4cf700d..e7216fc 100644 send_sig(SIGPIPE, current, 0); if (!ret) ret = -EPIPE; -@@ -1968,7 +1969,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, +@@ -1971,7 +1972,7 @@ static int link_pipe(struct pipe_inode_info *ipipe, * return EAGAIN if we have the potential of some data in the * future, otherwise just return 0 */ @@ -101849,10 +101634,10 @@ index 8609d57..86e4d79 100644 int (*generic_packet) (struct cdrom_device_info *, struct packet_command *); diff --git a/include/linux/cgroup-defs.h b/include/linux/cgroup-defs.h -index 8e30fae..38632f8 100644 +index a7c7f74..0f1870f 100644 --- a/include/linux/cgroup-defs.h +++ b/include/linux/cgroup-defs.h -@@ -413,7 +413,7 @@ struct cftype { +@@ -416,7 +416,7 @@ struct cftype { #ifdef CONFIG_DEBUG_LOCK_ALLOC struct lock_class_key lockdep_key; #endif @@ -102677,7 +102462,7 @@ index 5295535..9852c7e 100644 int iterate_fd(struct files_struct *, unsigned, int (*)(const void *, struct file *, unsigned), diff --git a/include/linux/fs.h b/include/linux/fs.h -index 3aa5142..264567c 100644 +index 22c5a0c..264567c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -439,7 +439,7 @@ struct address_space { @@ -102744,15 +102529,6 @@ index 3aa5142..264567c 100644 struct inode_operations { struct dentry * (*lookup) (struct inode *,struct dentry *, unsigned int); -@@ -2217,7 +2218,7 @@ extern long do_sys_open(int dfd, const char __user *filename, int flags, - extern struct file *file_open_name(struct filename *, int, umode_t); - extern struct file *filp_open(const char *, int, umode_t); - extern struct file *file_open_root(struct dentry *, struct vfsmount *, -- const char *, int); -+ const char *, int, umode_t); - extern struct file * dentry_open(const struct path *, int, const struct cred *); - extern int filp_close(struct file *, fl_owner_t id); - @@ -2336,7 +2337,7 @@ extern int register_chrdev_region(dev_t, unsigned, const char *); extern int __register_chrdev(unsigned int major, unsigned int baseminor, unsigned int count, const char *name, @@ -107964,7 +107740,7 @@ index ff307b5..f1a4468 100644 #endif /* _LINUX_THREAD_INFO_H */ diff --git a/include/linux/tty.h b/include/linux/tty.h -index 6b6e811..616acad 100644 +index 3bf03b6..340cab9 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -225,7 +225,7 @@ struct tty_port { @@ -110972,10 +110748,10 @@ index 45432b5..988f1e4 100644 +} +EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog); diff --git a/kernel/cgroup.c b/kernel/cgroup.c -index fb1ecfd..f6add73 100644 +index dc94f8b..ccd3aea 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c -@@ -3346,7 +3346,7 @@ static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp, +@@ -3354,7 +3354,7 @@ static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp, key = &cft->lockdep_key; #endif kn = __kernfs_create_file(cgrp->kn, cgroup_file_name(cgrp, cft, name), @@ -110984,7 +110760,7 @@ index fb1ecfd..f6add73 100644 NULL, key); if (IS_ERR(kn)) return PTR_ERR(kn); -@@ -3450,11 +3450,14 @@ static void cgroup_exit_cftypes(struct cftype *cfts) +@@ -3458,11 +3458,14 @@ static void cgroup_exit_cftypes(struct cftype *cfts) /* free copy for custom atomic_write_len, see init_cftypes() */ if (cft->max_write_len && cft->max_write_len != PAGE_SIZE) kfree(cft->kf_ops); @@ -111002,7 +110778,7 @@ index fb1ecfd..f6add73 100644 } } -@@ -3485,8 +3488,10 @@ static int cgroup_init_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) +@@ -3493,8 +3496,10 @@ static int cgroup_init_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) kf_ops->atomic_write_len = cft->max_write_len; } @@ -111015,7 +110791,7 @@ index fb1ecfd..f6add73 100644 } return 0; -@@ -3499,7 +3504,7 @@ static int cgroup_rm_cftypes_locked(struct cftype *cfts) +@@ -3507,7 +3512,7 @@ static int cgroup_rm_cftypes_locked(struct cftype *cfts) if (!cfts || !cfts[0].ss) return -ENOENT; @@ -111024,7 +110800,7 @@ index fb1ecfd..f6add73 100644 cgroup_apply_cftypes(cfts, false); cgroup_exit_cftypes(cfts); return 0; -@@ -3556,7 +3561,7 @@ static int cgroup_add_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) +@@ -3564,7 +3569,7 @@ static int cgroup_add_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) mutex_lock(&cgroup_mutex); @@ -111033,7 +110809,7 @@ index fb1ecfd..f6add73 100644 ret = cgroup_apply_cftypes(cfts, true); if (ret) cgroup_rm_cftypes_locked(cfts); -@@ -3577,8 +3582,10 @@ int cgroup_add_dfl_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) +@@ -3585,8 +3590,10 @@ int cgroup_add_dfl_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) { struct cftype *cft; @@ -111045,7 +110821,7 @@ index fb1ecfd..f6add73 100644 return cgroup_add_cftypes(ss, cfts); } -@@ -3594,8 +3601,10 @@ int cgroup_add_legacy_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) +@@ -3602,8 +3609,10 @@ int cgroup_add_legacy_cftypes(struct cgroup_subsys *ss, struct cftype *cfts) { struct cftype *cft; @@ -111057,7 +110833,7 @@ index fb1ecfd..f6add73 100644 return cgroup_add_cftypes(ss, cfts); } -@@ -5738,6 +5747,9 @@ static void cgroup_release_agent(struct work_struct *work) +@@ -5754,6 +5763,9 @@ static void cgroup_release_agent(struct work_struct *work) if (!pathbuf || !agentbuf) goto out; @@ -111067,7 +110843,7 @@ index fb1ecfd..f6add73 100644 path = cgroup_path(cgrp, pathbuf, PATH_MAX); if (!path) goto out; -@@ -5913,7 +5925,7 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) +@@ -5929,7 +5941,7 @@ static int cgroup_css_links_read(struct seq_file *seq, void *v) struct task_struct *task; int count = 0; @@ -111486,7 +111262,7 @@ index 41213454..861e178 100644 #ifdef CONFIG_MODULE_UNLOAD { diff --git a/kernel/events/core.c b/kernel/events/core.c -index 1087bbe..d0f51f0 100644 +index faf2067..d7d38d0 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -175,8 +175,15 @@ static struct srcu_struct pmus_srcu; @@ -111596,7 +111372,7 @@ index 1087bbe..d0f51f0 100644 event->state = PERF_EVENT_STATE_INACTIVE; -@@ -8265,6 +8272,11 @@ SYSCALL_DEFINE5(perf_event_open, +@@ -8268,6 +8275,11 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -111608,7 +111384,7 @@ index 1087bbe..d0f51f0 100644 err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -@@ -8736,10 +8748,10 @@ static void sync_child_event(struct perf_event *child_event, +@@ -8735,10 +8747,10 @@ static void sync_child_event(struct perf_event *child_event, /* * Add back the child's count to the parent's count: */ @@ -115171,7 +114947,7 @@ index 750ed60..eb01466 100644 #ifdef CONFIG_RT_GROUP_SCHED /* diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index eb70592..d5c8eb1 100644 +index 70e5e09..87f2797 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -2162,7 +2162,7 @@ void set_numabalancing_state(bool enabled) @@ -115358,7 +115134,7 @@ index cfdc0e6..71f2abd 100644 struct rq *this_rq = this_rq(); enum cpu_idle_type idle = this_rq->idle_balance ? diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h -index b242775..b497b69 100644 +index 0517abd..b185177 100644 --- a/kernel/sched/sched.h +++ b/kernel/sched/sched.h @@ -1228,7 +1228,7 @@ struct sched_class { @@ -116251,19 +116027,6 @@ index dc6858d..93aa01c 100644 +EXPORT_SYMBOL(proc_dostring_modpriv); EXPORT_SYMBOL(proc_doulongvec_minmax); EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax); -diff --git a/kernel/sysctl_binary.c b/kernel/sysctl_binary.c -index 7e7746a..10a1d7d 100644 ---- a/kernel/sysctl_binary.c -+++ b/kernel/sysctl_binary.c -@@ -1321,7 +1321,7 @@ static ssize_t binary_sysctl(const int *name, int nlen, - } - - mnt = task_active_pid_ns(current)->proc_mnt; -- file = file_open_root(mnt->mnt_root, mnt, pathname, flags); -+ file = file_open_root(mnt->mnt_root, mnt, pathname, flags, 0); - result = PTR_ERR(file); - if (IS_ERR(file)) - goto out_putname; diff --git a/kernel/taskstats.c b/kernel/taskstats.c index 21f82c2..c1984e5 100644 --- a/kernel/taskstats.c @@ -117060,7 +116823,7 @@ index 9c6045a..927be25 100644 *data_page = bpage; diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c -index d929340..e0e84ca 100644 +index 8305cbb..c0d281a 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -3546,7 +3546,7 @@ int trace_keep_overwrite(struct tracer *tracer, u32 mask, int set) @@ -117333,7 +117096,7 @@ index c8eac43..4b5f08f 100644 memcpy(&uts_table, table, sizeof(uts_table)); uts_table.data = get_uts(table, write); diff --git a/kernel/watchdog.c b/kernel/watchdog.c -index 18f34cf..e7513f2 100644 +index 198137b..cde169b 100644 --- a/kernel/watchdog.c +++ b/kernel/watchdog.c @@ -664,7 +664,7 @@ static int watchdog_nmi_enable(unsigned int cpu) { return 0; } @@ -119037,7 +118800,7 @@ index c889fcb..f181221 100644 if (end == start) return error; diff --git a/mm/memcontrol.c b/mm/memcontrol.c -index ee6acd2..e83259e 100644 +index fc0bcc4..2e9eabc 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -809,7 +809,7 @@ static void memcg_check_events(struct mem_cgroup *memcg, struct page *page) @@ -119049,7 +118812,7 @@ index ee6acd2..e83259e 100644 #endif } } -@@ -1450,7 +1450,7 @@ static void mem_cgroup_may_update_nodemask(struct mem_cgroup *memcg) +@@ -1451,7 +1451,7 @@ static void mem_cgroup_may_update_nodemask(struct mem_cgroup *memcg) * numainfo_events > 0 means there was at least NUMAINFO_EVENTS_TARGET * pagein/pageout changes since the last update. */ @@ -119058,7 +118821,7 @@ index ee6acd2..e83259e 100644 return; if (atomic_inc_return(&memcg->numainfo_updating) > 1) return; -@@ -1464,7 +1464,7 @@ static void mem_cgroup_may_update_nodemask(struct mem_cgroup *memcg) +@@ -1465,7 +1465,7 @@ static void mem_cgroup_may_update_nodemask(struct mem_cgroup *memcg) node_clear(nid, memcg->scan_nodes); } @@ -121648,7 +121411,7 @@ index d15d88c..4316955 100644 struct bdi_writeback *wb = dtc->wb; unsigned long write_bw = wb->avg_write_bandwidth; diff --git a/mm/page_alloc.c b/mm/page_alloc.c -index 9d666df..dfa2193 100644 +index c69531a..36ab4e3 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -62,6 +62,7 @@ @@ -121685,7 +121448,7 @@ index 9d666df..dfa2193 100644 static inline void set_page_guard(struct zone *zone, struct page *page, unsigned int order, int migratetype) {} static inline void clear_page_guard(struct zone *zone, struct page *page, -@@ -955,6 +955,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -975,6 +975,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) bool compound = PageCompound(page); int i, bad = 0; @@ -121696,7 +121459,7 @@ index 9d666df..dfa2193 100644 VM_BUG_ON_PAGE(PageTail(page), page); VM_BUG_ON_PAGE(compound && compound_order(page) != order, page); -@@ -981,6 +985,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) +@@ -1001,6 +1005,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) debug_check_no_obj_freed(page_address(page), PAGE_SIZE << order); } @@ -121709,7 +121472,7 @@ index 9d666df..dfa2193 100644 arch_free_page(page, order); kernel_map_pages(page, 1 << order, 0); -@@ -1003,6 +1013,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) +@@ -1023,6 +1033,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) local_irq_restore(flags); } @@ -121730,7 +121493,7 @@ index 9d666df..dfa2193 100644 static void __init __free_pages_boot_core(struct page *page, unsigned long pfn, unsigned int order) { -@@ -1019,6 +1043,19 @@ static void __init __free_pages_boot_core(struct page *page, +@@ -1039,6 +1063,19 @@ static void __init __free_pages_boot_core(struct page *page, __ClearPageReserved(p); set_page_count(p, 0); @@ -121750,7 +121513,7 @@ index 9d666df..dfa2193 100644 page_zone(page)->managed_pages += nr_pages; set_page_refcounted(page); __free_pages(page, order); -@@ -1075,7 +1112,6 @@ static inline bool __meminit meminit_pfn_in_nid(unsigned long pfn, int node, +@@ -1095,7 +1132,6 @@ static inline bool __meminit meminit_pfn_in_nid(unsigned long pfn, int node, } #endif @@ -121758,7 +121521,7 @@ index 9d666df..dfa2193 100644 void __init __free_pages_bootmem(struct page *page, unsigned long pfn, unsigned int order) { -@@ -1379,9 +1415,11 @@ static int prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags, +@@ -1399,9 +1435,11 @@ static int prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags, kernel_map_pages(page, 1 << order, 1); kasan_alloc_pages(page, order); @@ -121770,7 +121533,7 @@ index 9d666df..dfa2193 100644 if (order && (gfp_flags & __GFP_COMP)) prep_compound_page(page, order); -@@ -2250,7 +2288,7 @@ struct page *buffered_rmqueue(struct zone *preferred_zone, +@@ -2270,7 +2308,7 @@ struct page *buffered_rmqueue(struct zone *preferred_zone, } __mod_zone_page_state(zone, NR_ALLOC_BATCH, -(1 << order)); @@ -121779,7 +121542,7 @@ index 9d666df..dfa2193 100644 !test_bit(ZONE_FAIR_DEPLETED, &zone->flags)) set_bit(ZONE_FAIR_DEPLETED, &zone->flags); -@@ -2467,7 +2505,7 @@ static void reset_alloc_batches(struct zone *preferred_zone) +@@ -2487,7 +2525,7 @@ static void reset_alloc_batches(struct zone *preferred_zone) do { mod_zone_page_state(zone, NR_ALLOC_BATCH, high_wmark_pages(zone) - low_wmark_pages(zone) - @@ -121788,7 +121551,7 @@ index 9d666df..dfa2193 100644 clear_bit(ZONE_FAIR_DEPLETED, &zone->flags); } while (zone++ != preferred_zone); } -@@ -6059,7 +6097,7 @@ static void __setup_per_zone_wmarks(void) +@@ -6079,7 +6117,7 @@ static void __setup_per_zone_wmarks(void) __mod_zone_page_state(zone, NR_ALLOC_BATCH, high_wmark_pages(zone) - low_wmark_pages(zone) - @@ -133372,7 +133135,7 @@ index 6c3b038..54e0b5e 100755 mkdir -p "$destdir" (cd $srctree; tar -c -f - -T -) < "$objtree/debian/hdrsrcfiles" | (cd $destdir; tar -xf -) diff --git a/scripts/package/mkspec b/scripts/package/mkspec -index 71004da..3874acb 100755 +index fe44d68..3874acb 100755 --- a/scripts/package/mkspec +++ b/scripts/package/mkspec @@ -120,29 +120,40 @@ echo 'rm -f $RPM_BUILD_ROOT'"/lib/modules/$KERNELRELEASE/{build,source}" @@ -133406,11 +133169,11 @@ index 71004da..3874acb 100755 +echo "" echo "%post" -echo "if [ -x /sbin/installkernel -a -r /boot/vmlinuz-$KERNELRELEASE -a -r /boot/System.map-$KERNELRELEASE ]; then" --echo "cp /boot/vmlinuz-$KERNELRELEASE /boot/vmlinuz-$KERNELRELEASE-rpm" --echo "cp /boot/System.map-$KERNELRELEASE /boot/System.map-$KERNELRELEASE-rpm" +-echo "cp /boot/vmlinuz-$KERNELRELEASE /boot/.vmlinuz-$KERNELRELEASE-rpm" +-echo "cp /boot/System.map-$KERNELRELEASE /boot/.System.map-$KERNELRELEASE-rpm" -echo "rm -f /boot/vmlinuz-$KERNELRELEASE /boot/System.map-$KERNELRELEASE" --echo "/sbin/installkernel $KERNELRELEASE /boot/vmlinuz-$KERNELRELEASE-rpm /boot/System.map-$KERNELRELEASE-rpm" --echo "rm -f /boot/vmlinuz-$KERNELRELEASE-rpm /boot/System.map-$KERNELRELEASE-rpm" +-echo "/sbin/installkernel $KERNELRELEASE /boot/.vmlinuz-$KERNELRELEASE-rpm /boot/.System.map-$KERNELRELEASE-rpm" +-echo "rm -f /boot/.vmlinuz-$KERNELRELEASE-rpm /boot/.System.map-$KERNELRELEASE-rpm" +echo "if [ -x /sbin/dracut ]; then" +echo '/sbin/new-kernel-pkg --dracut --mkinitrd --depmod --install --make-default '"$KERNELRELEASE"' || exit $?' +echo "else" @@ -156160,10 +155923,10 @@ index 0000000..fc58e16 +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 -index 0000000..ca51973 +index 0000000..951b3be --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data -@@ -0,0 +1,21509 @@ +@@ -0,0 +1,21510 @@ +enable_so_recv_ctrl_pipe_us_data_0 recv_ctrl_pipe us_data 0 0 NULL +enable_so___earlyonly_bootmem_alloc_fndecl_3 __earlyonly_bootmem_alloc fndecl 2-3-4 3 NULL +enable_so_v9fs_xattr_get_acl_fndecl_4 v9fs_xattr_get_acl fndecl 5 4 NULL @@ -161841,7 +161604,8 @@ index 0000000..ca51973 +enable_so_audio_buf_size_f_uac1_opts_17353 audio_buf_size f_uac1_opts 0 17353 &enable_so_xfs_trans_get_efi_fndecl_17353 +enable_so_tipc_alloc_entry_fndecl_17360 tipc_alloc_entry fndecl 2 17360 NULL +enable_so_udf_tgetblk_fndecl_17362 udf_tgetblk fndecl 2 17362 NULL nohasharray -+enable_so_cxgb4i_max_connect_vardecl_cxgb4i_c_17362 cxgb4i_max_connect vardecl_cxgb4i.c 0 17362 &enable_so_udf_tgetblk_fndecl_17362 ++enable_so_cxgb4i_max_connect_vardecl_cxgb4i_c_17362 cxgb4i_max_connect vardecl_cxgb4i.c 0 17362 &enable_so_udf_tgetblk_fndecl_17362 nohasharray ++enable_so_pebs_buffer_size_x86_pmu_17362 pebs_buffer_size x86_pmu 0 17362 &enable_so_cxgb4i_max_connect_vardecl_cxgb4i_c_17362 +enable_so_fdt_translate_one_fndecl_17363 fdt_translate_one fndecl 2 17363 NULL +enable_so_config_desc_fndecl_17365 config_desc fndecl 0 17365 NULL +enable_so_extra_inflate_state_17367 extra inflate_state 0 17367 NULL @@ -182523,7 +182287,7 @@ index 0a578fe..b81f62d 100644 }) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 7338e30..7b0dc7f 100644 +index fefbf2d..7b0dc7f 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -90,12 +90,17 @@ LIST_HEAD(vm_list); @@ -182546,49 +182310,7 @@ index 7338e30..7b0dc7f 100644 struct dentry *kvm_debugfs_dir; EXPORT_SYMBOL_GPL(kvm_debugfs_dir); -@@ -547,6 +552,16 @@ static struct kvm *kvm_create_vm(unsigned long type) - if (!kvm) - return ERR_PTR(-ENOMEM); - -+ spin_lock_init(&kvm->mmu_lock); -+ atomic_inc(¤t->mm->mm_count); -+ kvm->mm = current->mm; -+ kvm_eventfd_init(kvm); -+ mutex_init(&kvm->lock); -+ mutex_init(&kvm->irq_lock); -+ mutex_init(&kvm->slots_lock); -+ atomic_set(&kvm->users_count, 1); -+ INIT_LIST_HEAD(&kvm->devices); -+ - r = kvm_arch_init_vm(kvm, type); - if (r) - goto out_err_no_disable; -@@ -579,16 +594,6 @@ static struct kvm *kvm_create_vm(unsigned long type) - goto out_err; - } - -- spin_lock_init(&kvm->mmu_lock); -- kvm->mm = current->mm; -- atomic_inc(&kvm->mm->mm_count); -- kvm_eventfd_init(kvm); -- mutex_init(&kvm->lock); -- mutex_init(&kvm->irq_lock); -- mutex_init(&kvm->slots_lock); -- atomic_set(&kvm->users_count, 1); -- INIT_LIST_HEAD(&kvm->devices); -- - r = kvm_init_mmu_notifier(kvm); - if (r) - goto out_err; -@@ -613,6 +618,7 @@ out_err_no_disable: - for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) - kvm_free_memslots(kvm, kvm->memslots[i]); - kvm_arch_free_vm(kvm); -+ mmdrop(current->mm); - return ERR_PTR(r); - } - -@@ -842,7 +848,7 @@ int __kvm_set_memory_region(struct kvm *kvm, +@@ -843,7 +848,7 @@ int __kvm_set_memory_region(struct kvm *kvm, /* We can read the guest memory with __xxx_user() later on. */ if ((id < KVM_USER_MEM_SLOTS) && ((mem->userspace_addr & (PAGE_SIZE - 1)) || @@ -182597,7 +182319,7 @@ index 7338e30..7b0dc7f 100644 (void __user *)(unsigned long)mem->userspace_addr, mem->memory_size))) goto out; -@@ -1897,9 +1903,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); +@@ -1898,9 +1903,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); int kvm_clear_guest_page(struct kvm *kvm, gfn_t gfn, int offset, int len) { @@ -182617,7 +182339,7 @@ index 7338e30..7b0dc7f 100644 } EXPORT_SYMBOL_GPL(kvm_clear_guest_page); -@@ -2236,7 +2250,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) +@@ -2237,7 +2250,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) return 0; } @@ -182626,7 +182348,7 @@ index 7338e30..7b0dc7f 100644 .release = kvm_vcpu_release, .unlocked_ioctl = kvm_vcpu_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -2952,7 +2966,7 @@ out: +@@ -2953,7 +2966,7 @@ out: } #endif @@ -182635,7 +182357,7 @@ index 7338e30..7b0dc7f 100644 .release = kvm_vm_release, .unlocked_ioctl = kvm_vm_ioctl, #ifdef CONFIG_KVM_COMPAT -@@ -3023,7 +3037,7 @@ out: +@@ -3024,7 +3037,7 @@ out: return r; } @@ -182644,7 +182366,7 @@ index 7338e30..7b0dc7f 100644 .unlocked_ioctl = kvm_dev_ioctl, .compat_ioctl = kvm_dev_ioctl, .llseek = noop_llseek, -@@ -3049,7 +3063,7 @@ static void hardware_enable_nolock(void *junk) +@@ -3050,7 +3063,7 @@ static void hardware_enable_nolock(void *junk) if (r) { cpumask_clear_cpu(cpu, cpus_hardware_enabled); @@ -182653,7 +182375,7 @@ index 7338e30..7b0dc7f 100644 pr_info("kvm: enabling virtualization on CPU%d failed\n", cpu); } } -@@ -3104,10 +3118,10 @@ static int hardware_enable_all(void) +@@ -3105,10 +3118,10 @@ static int hardware_enable_all(void) kvm_usage_count++; if (kvm_usage_count == 1) { @@ -182666,7 +182388,7 @@ index 7338e30..7b0dc7f 100644 hardware_disable_all_nolock(); r = -EBUSY; } -@@ -3571,7 +3585,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3572,7 +3585,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (!vcpu_align) vcpu_align = __alignof__(struct kvm_vcpu); kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, @@ -182675,7 +182397,7 @@ index 7338e30..7b0dc7f 100644 if (!kvm_vcpu_cache) { r = -ENOMEM; goto out_free_3; -@@ -3581,9 +3595,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3582,9 +3595,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (r) goto out_free; @@ -182687,7 +182409,7 @@ index 7338e30..7b0dc7f 100644 r = misc_register(&kvm_dev); if (r) { -@@ -3593,9 +3609,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3594,9 +3609,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, register_syscore_ops(&kvm_syscore_ops); diff --git a/4.4.6/4425_grsec_remove_EI_PAX.patch b/4.4.7/4425_grsec_remove_EI_PAX.patch index 2a1aa6c..2a1aa6c 100644 --- a/4.4.6/4425_grsec_remove_EI_PAX.patch +++ b/4.4.7/4425_grsec_remove_EI_PAX.patch diff --git a/4.4.6/4427_force_XATTR_PAX_tmpfs.patch b/4.4.7/4427_force_XATTR_PAX_tmpfs.patch index f6aea64..f6aea64 100644 --- a/4.4.6/4427_force_XATTR_PAX_tmpfs.patch +++ b/4.4.7/4427_force_XATTR_PAX_tmpfs.patch diff --git a/4.4.6/4430_grsec-remove-localversion-grsec.patch b/4.4.7/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/4.4.6/4430_grsec-remove-localversion-grsec.patch +++ b/4.4.7/4430_grsec-remove-localversion-grsec.patch diff --git a/4.4.6/4435_grsec-mute-warnings.patch b/4.4.7/4435_grsec-mute-warnings.patch index b7564e4..b7564e4 100644 --- a/4.4.6/4435_grsec-mute-warnings.patch +++ b/4.4.7/4435_grsec-mute-warnings.patch diff --git a/4.4.6/4440_grsec-remove-protected-paths.patch b/4.4.7/4440_grsec-remove-protected-paths.patch index 741546d..741546d 100644 --- a/4.4.6/4440_grsec-remove-protected-paths.patch +++ b/4.4.7/4440_grsec-remove-protected-paths.patch diff --git a/4.4.6/4450_grsec-kconfig-default-gids.patch b/4.4.7/4450_grsec-kconfig-default-gids.patch index 79a866b..79a866b 100644 --- a/4.4.6/4450_grsec-kconfig-default-gids.patch +++ b/4.4.7/4450_grsec-kconfig-default-gids.patch diff --git a/4.4.6/4465_selinux-avc_audit-log-curr_ip.patch b/4.4.7/4465_selinux-avc_audit-log-curr_ip.patch index 7248385..7248385 100644 --- a/4.4.6/4465_selinux-avc_audit-log-curr_ip.patch +++ b/4.4.7/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/4.4.6/4470_disable-compat_vdso.patch b/4.4.7/4470_disable-compat_vdso.patch index 281aad9..281aad9 100644 --- a/4.4.6/4470_disable-compat_vdso.patch +++ b/4.4.7/4470_disable-compat_vdso.patch diff --git a/4.4.6/4475_emutramp_default_on.patch b/4.4.7/4475_emutramp_default_on.patch index afd6019..afd6019 100644 --- a/4.4.6/4475_emutramp_default_on.patch +++ b/4.4.7/4475_emutramp_default_on.patch |