* [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.7/, 2.6.32/, 3.2.9/
@ 2012-03-04 14:50 Anthony G. Basile
0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2012-03-04 14:50 UTC (permalink / raw
To: gentoo-commits
commit: ec8c51cd545a43fca3d89468b7c69872cac8f076
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Mar 4 14:49:46 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Mar 4 14:49:46 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=ec8c51cd
Grsec/PaX: 2.9-2.6.32.57-201203022148 + 2.9-3.2.9-201203022148
---
2.6.32/0000_README | 2 +-
...20_grsecurity-2.9-2.6.32.57-201203022148.patch} | 566 ++++++++++--
2.6.32/4440_grsec-remove-protected-paths.patch | 2 +-
2.6.32/4445_grsec-pax-without-grsec.patch | 6 +-
2.6.32/4450_grsec-kconfig-default-gids.patch | 14 +-
2.6.32/4460-grsec-kconfig-proc-user.patch | 4 +-
2.6.32/4465_selinux-avc_audit-log-curr_ip.patch | 2 +-
3.2.7/1006_linux-3.2.7.patch | 994 --------------------
{3.2.7 => 3.2.9}/0000_README | 6 +-
.../4420_grsecurity-2.9-3.2.9-201203022148.patch | 427 +++++----
{3.2.7 => 3.2.9}/4425_grsec_enable_xtpax.patch | 0
.../4430_grsec-remove-localversion-grsec.patch | 0
{3.2.7 => 3.2.9}/4435_grsec-mute-warnings.patch | 0
.../4440_grsec-remove-protected-paths.patch | 2 +-
.../4445_grsec-pax-without-grsec.patch | 6 +-
.../4450_grsec-kconfig-default-gids.patch | 14 +-
{3.2.7 => 3.2.9}/4455_grsec-kconfig-gentoo.patch | 0
.../4460-grsec-kconfig-proc-user.patch | 4 +-
.../4465_selinux-avc_audit-log-curr_ip.patch | 2 +-
{3.2.7 => 3.2.9}/4470_disable-compat_vdso.patch | 0
20 files changed, 754 insertions(+), 1297 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index d4a9997..b14a3bc 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -22,7 +22,7 @@ Patch: 1056_linux-2.6.32.57.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.57
-Patch: 4420_grsecurity-2.9-2.6.32.57-201202251202.patch
+Patch: 4420_grsecurity-2.9-2.6.32.57-201203022148.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch
rename to 2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
index 59a7ef3..f2893fd 100644
--- a/2.6.32/4420_grsecurity-2.9-2.6.32.57-201202251202.patch
+++ b/2.6.32/4420_grsecurity-2.9-2.6.32.57-201203022148.patch
@@ -185,7 +185,7 @@ index c840e7d..f4c451c 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index 3377650..76aacb3 100644
+index 3377650..095e46d 100644
--- a/Makefile
+++ b/Makefile
@@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -220,32 +220,34 @@ index 3377650..76aacb3 100644
include/linux/version.h headers_% \
kernelrelease kernelversion
-@@ -526,6 +527,46 @@ else
+@@ -526,6 +527,48 @@ else
KBUILD_CFLAGS += -O2
endif
+ifndef DISABLE_PAX_PLUGINS
+ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y)
+ifndef DISABLE_PAX_CONSTIFY_PLUGIN
-+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
+endif
+ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
-+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
+endif
+ifdef CONFIG_KALLOCSTAT_PLUGIN
-+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
+endif
+ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
-+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD)
++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN
++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN
+endif
+ifdef CONFIG_CHECKER_PLUGIN
+ifeq ($(call cc-ifversion, -ge, 0406, y), y)
-+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
+endif
+endif
-+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN)
++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS)
++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN
+ifeq ($(KBUILD_EXTMOD),)
+gcc-plugins:
@@ -267,7 +269,7 @@ index 3377650..76aacb3 100644
include $(srctree)/arch/$(SRCARCH)/Makefile
ifneq ($(CONFIG_FRAME_WARN),0)
-@@ -647,7 +688,7 @@ export mod_strip_cmd
+@@ -647,7 +690,7 @@ export mod_strip_cmd
ifeq ($(KBUILD_EXTMOD),)
@@ -276,15 +278,16 @@ index 3377650..76aacb3 100644
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-@@ -868,6 +909,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
+@@ -868,6 +911,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
# The actual objects are generated when descending,
# make sure no implicit rule kicks in
-+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS)
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Handle descending into subdirectories listed in $(vmlinux-dirs)
-@@ -877,7 +919,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
+@@ -877,7 +922,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Error messages still appears in the original language
PHONY += $(vmlinux-dirs)
@@ -293,23 +296,24 @@ index 3377650..76aacb3 100644
$(Q)$(MAKE) $(build)=$@
# Build the kernel release string
-@@ -986,6 +1028,7 @@ prepare0: archprepare FORCE
+@@ -986,6 +1031,7 @@ prepare0: archprepare FORCE
$(Q)$(MAKE) $(build)=. missing-syscalls
# All the preparing..
-+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS))
++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS))
prepare: prepare0
# The asm symlink changes when $(ARCH) changes.
-@@ -1127,6 +1170,7 @@ all: modules
+@@ -1127,6 +1173,8 @@ all: modules
# using awk while concatenating to the final file.
PHONY += modules
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
@$(kecho) ' Building modules, stage 2.';
-@@ -1136,7 +1180,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
+@@ -1136,7 +1184,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux)
# Target to prepare building external modules
PHONY += modules_prepare
@@ -318,7 +322,7 @@ index 3377650..76aacb3 100644
# Target to install modules
PHONY += modules_install
-@@ -1201,7 +1245,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \
+@@ -1201,7 +1249,7 @@ MRPROPER_FILES += .config .config.old include/asm .version .old_version \
include/linux/autoconf.h include/linux/version.h \
include/linux/utsrelease.h \
include/linux/bounds.h include/asm*/asm-offsets.h \
@@ -327,7 +331,7 @@ index 3377650..76aacb3 100644
# clean - Delete most, but leave enough to build external modules
#
-@@ -1245,7 +1289,7 @@ distclean: mrproper
+@@ -1245,7 +1293,7 @@ distclean: mrproper
@find $(srctree) $(RCS_FIND_IGNORE) \
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
@@ -336,7 +340,7 @@ index 3377650..76aacb3 100644
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
-type f -print | xargs rm -f
-@@ -1292,6 +1336,7 @@ help:
+@@ -1292,6 +1340,7 @@ help:
@echo ' modules_prepare - Set up for building external modules'
@echo ' tags/TAGS - Generate tags file for editors'
@echo ' cscope - Generate cscope index'
@@ -344,15 +348,16 @@ index 3377650..76aacb3 100644
@echo ' kernelrelease - Output the release version string'
@echo ' kernelversion - Output the version stored in Makefile'
@echo ' headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH'; \
-@@ -1393,6 +1438,7 @@ PHONY += $(module-dirs) modules
+@@ -1393,6 +1442,8 @@ PHONY += $(module-dirs) modules
$(module-dirs): crmodverdir $(objtree)/Module.symvers
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
modules: $(module-dirs)
@$(kecho) ' Building modules, stage 2.';
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
-@@ -1448,7 +1494,7 @@ endif # KBUILD_EXTMOD
+@@ -1448,7 +1499,7 @@ endif # KBUILD_EXTMOD
quiet_cmd_tags = GEN $@
cmd_tags = $(CONFIG_SHELL) $(srctree)/scripts/tags.sh $@
@@ -361,18 +366,20 @@ index 3377650..76aacb3 100644
$(call cmd,tags)
# Scripts to check various things for consistency
-@@ -1513,17 +1559,19 @@ else
+@@ -1513,17 +1564,21 @@ else
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
endif
-%.s: %.c prepare scripts FORCE
-+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.s: %.c gcc-plugins prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.i: %.c prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
-%.o: %.c prepare scripts FORCE
-+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.o: %.c gcc-plugins prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.lst: %.c prepare scripts FORCE
@@ -385,18 +392,20 @@ index 3377650..76aacb3 100644
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.symtypes: %.c prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
-@@ -1533,11 +1581,13 @@ endif
+@@ -1533,11 +1588,15 @@ endif
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
$(build)=$(build-dir)
-%/: prepare scripts FORCE
-+%/: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%/: gcc-plugins prepare scripts FORCE
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
$(build)=$(build-dir)
-%.ko: prepare scripts FORCE
-+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.ko: gcc-plugins prepare scripts FORCE
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
@@ -2881,7 +2890,7 @@ index 3f17b83..1f9e766 100644
#include <asm-generic/getorder.h>
diff --git a/arch/powerpc/include/asm/pci.h b/arch/powerpc/include/asm/pci.h
-index b5ea626..4030822 100644
+index b5ea626..40308222 100644
--- a/arch/powerpc/include/asm/pci.h
+++ b/arch/powerpc/include/asm/pci.h
@@ -65,8 +65,8 @@ static inline int pci_get_legacy_ide_irq(struct pci_dev *dev, int channel)
@@ -8436,7 +8445,7 @@ index 016218c..47ccbdd 100644
set_fs(old_fs);
diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h
-index e2077d3..b7a8919 100644
+index e2077d3..17d07ad 100644
--- a/arch/x86/include/asm/alternative-asm.h
+++ b/arch/x86/include/asm/alternative-asm.h
@@ -8,10 +8,10 @@
@@ -8456,7 +8465,7 @@ index e2077d3..b7a8919 100644
.endm
#endif
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++#ifdef KERNEXEC_PLUGIN
+ .macro pax_force_retaddr_bts rip=0
+ btsq $63,\rip(%rsp)
+ .endm
@@ -18113,7 +18122,7 @@ index 8d82a77..0baf312 100644
.gdb_bpt_instr = { 0xcc },
.flags = KGDB_HW_BREAKPOINT,
diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c
-index 7a67820..8d15b75 100644
+index 7a67820..70ea187 100644
--- a/arch/x86/kernel/kprobes.c
+++ b/arch/x86/kernel/kprobes.c
@@ -168,9 +168,13 @@ static void __kprobes set_jmp_op(void *from, void *to)
@@ -18203,7 +18212,7 @@ index 7a67820..8d15b75 100644
/* Skip orig_ax, ip, cs */
" addq $24, %rsp\n"
" popfq\n"
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++#ifdef KERNEXEC_PLUGIN
+ " btsq $63,(%rsp)\n"
+#endif
#else
@@ -24839,7 +24848,7 @@ index 63a6ba6..79abd7a 100644
return (void *)vaddr;
}
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c
-index f46c340..6ff9a26 100644
+index f46c3407..6ff9a26 100644
--- a/arch/x86/mm/hugetlbpage.c
+++ b/arch/x86/mm/hugetlbpage.c
@@ -267,13 +267,20 @@ static unsigned long hugetlb_get_unmapped_area_bottomup(struct file *file,
@@ -30944,6 +30953,39 @@ index a5d585d..d087be3 100644
.show = kobj_pkt_show,
.store = kobj_pkt_store
};
+diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
+index 59cccc9..a4592ec 100644
+--- a/drivers/cdrom/cdrom.c
++++ b/drivers/cdrom/cdrom.c
+@@ -2057,11 +2057,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
+ if (!nr)
+ return -ENOMEM;
+
+- if (!access_ok(VERIFY_WRITE, ubuf, nframes * CD_FRAMESIZE_RAW)) {
+- ret = -EFAULT;
+- goto out;
+- }
+-
+ cgc.data_direction = CGC_DATA_READ;
+ while (nframes > 0) {
+ if (nr > nframes)
+@@ -2070,7 +2065,7 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
+ ret = cdrom_read_block(cdi, &cgc, lba, nr, 1, CD_FRAMESIZE_RAW);
+ if (ret)
+ break;
+- if (__copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) {
++ if (copy_to_user(ubuf, cgc.buffer, CD_FRAMESIZE_RAW * nr)) {
+ ret = -EFAULT;
+ break;
+ }
+@@ -2078,7 +2073,6 @@ static int cdrom_read_cdda_old(struct cdrom_device_info *cdi, __u8 __user *ubuf,
+ nframes -= nr;
+ lba += nr;
+ }
+-out:
+ kfree(cgc.buffer);
+ return ret;
+ }
diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
index 6aad99e..89cd142 100644
--- a/drivers/char/Kconfig
@@ -46529,7 +46571,7 @@ index 0133b5a..b3baa9f 100644
fd_offset + ex.a_text);
up_write(¤t->mm->mmap_sem);
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 1ed37ba..de82ab7 100644
+index 1ed37ba..308a022 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -31,6 +31,7 @@
@@ -46666,6 +46708,7 @@ index 1ed37ba..de82ab7 100644
return error;
}
++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
+static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata)
+{
+ unsigned long pax_flags = 0UL;
@@ -46811,7 +46854,7 @@ index 1ed37ba..de82ab7 100644
+#endif
+
+#ifdef CONFIG_PAX_SEGMEXEC
-+ if (!(__supported_pte_mask & _PAGE_NX)) {
++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) {
+ pax_flags &= ~MF_PAX_PAGEEXEC;
+ pax_flags |= MF_PAX_SEGMEXEC;
+ }
@@ -46985,7 +47028,6 @@ index 1ed37ba..de82ab7 100644
+
+}
+
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
+static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file)
+{
+ unsigned long pax_flags, pt_pax_flags, xattr_pax_flags;
@@ -48627,10 +48669,38 @@ index 7a5f1ac..205b034 100644
out:
return rc;
}
+diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
+index 4e25328..3015389 100644
+--- a/fs/ecryptfs/file.c
++++ b/fs/ecryptfs/file.c
+@@ -323,11 +323,11 @@ ecryptfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
+
+ const struct file_operations ecryptfs_dir_fops = {
+ .readdir = ecryptfs_readdir,
++ .read = generic_read_dir,
+ .unlocked_ioctl = ecryptfs_unlocked_ioctl,
+ #ifdef CONFIG_COMPAT
+ .compat_ioctl = ecryptfs_compat_ioctl,
+ #endif
+- .mmap = generic_file_mmap,
+ .open = ecryptfs_open,
+ .flush = ecryptfs_flush,
+ .release = ecryptfs_release,
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
-index 88ba4d4..073f003 100644
+index 88ba4d4..55639ca 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
+@@ -575,8 +575,8 @@ static int ecryptfs_rmdir(struct inode *dir, struct dentry *dentry)
+ dget(lower_dentry);
+ rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry);
+ dput(lower_dentry);
+- if (!rc)
+- d_delete(lower_dentry);
++ if (!rc && dentry->d_inode)
++ clear_nlink(dentry->d_inode);
+ fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode);
+ dir->i_nlink = lower_dir_dentry->d_inode->i_nlink;
+ unlock_dir(lower_dir_dentry);
@@ -660,7 +660,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf,
old_fs = get_fs();
set_fs(get_ds());
@@ -48649,6 +48719,235 @@ index 88ba4d4..073f003 100644
set_fs(old_fs);
if (rc < 0)
goto out_free;
+@@ -758,18 +758,23 @@ upper_size_to_lower_size(struct ecryptfs_crypt_stat *crypt_stat,
+ }
+
+ /**
+- * ecryptfs_truncate
++ * truncate_upper
+ * @dentry: The ecryptfs layer dentry
+- * @new_length: The length to expand the file to
++ * @ia: Address of the ecryptfs inode's attributes
++ * @lower_ia: Address of the lower inode's attributes
+ *
+ * Function to handle truncations modifying the size of the file. Note
+ * that the file sizes are interpolated. When expanding, we are simply
+- * writing strings of 0's out. When truncating, we need to modify the
+- * underlying file size according to the page index interpolations.
++ * writing strings of 0's out. When truncating, we truncate the upper
++ * inode and update the lower_ia according to the page index
++ * interpolations. If ATTR_SIZE is set in lower_ia->ia_valid upon return,
++ * the caller must use lower_ia in a call to notify_change() to perform
++ * the truncation of the lower inode.
+ *
+ * Returns zero on success; non-zero otherwise
+ */
+-int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
++static int truncate_upper(struct dentry *dentry, struct iattr *ia,
++ struct iattr *lower_ia)
+ {
+ int rc = 0;
+ struct inode *inode = dentry->d_inode;
+@@ -780,8 +785,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
+ loff_t lower_size_before_truncate;
+ loff_t lower_size_after_truncate;
+
+- if (unlikely((new_length == i_size)))
++ if (unlikely((ia->ia_size == i_size))) {
++ lower_ia->ia_valid &= ~ATTR_SIZE;
+ goto out;
++ }
+ crypt_stat = &ecryptfs_inode_to_private(dentry->d_inode)->crypt_stat;
+ /* Set up a fake ecryptfs file, this is used to interface with
+ * the file in the underlying filesystem so that the
+@@ -801,28 +808,30 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
+ &fake_ecryptfs_file,
+ ecryptfs_inode_to_private(dentry->d_inode)->lower_file);
+ /* Switch on growing or shrinking file */
+- if (new_length > i_size) {
++ if (ia->ia_size > i_size) {
+ char zero[] = { 0x00 };
+
++ lower_ia->ia_valid &= ~ATTR_SIZE;
+ /* Write a single 0 at the last position of the file;
+ * this triggers code that will fill in 0's throughout
+ * the intermediate portion of the previous end of the
+ * file and the new and of the file */
+ rc = ecryptfs_write(&fake_ecryptfs_file, zero,
+- (new_length - 1), 1);
+- } else { /* new_length < i_size_read(inode) */
+- /* We're chopping off all the pages down do the page
+- * in which new_length is located. Fill in the end of
+- * that page from (new_length & ~PAGE_CACHE_MASK) to
++ (ia->ia_size - 1), 1);
++ } else { /* ia->ia_size < i_size_read(inode) */
++ /* We're chopping off all the pages down to the page
++ * in which ia->ia_size is located. Fill in the end of
++ * that page from (ia->ia_size & ~PAGE_CACHE_MASK) to
+ * PAGE_CACHE_SIZE with zeros. */
+ size_t num_zeros = (PAGE_CACHE_SIZE
+- - (new_length & ~PAGE_CACHE_MASK));
++ - (ia->ia_size & ~PAGE_CACHE_MASK));
+
+ if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) {
+- rc = vmtruncate(inode, new_length);
++ rc = vmtruncate(inode, ia->ia_size);
+ if (rc)
+ goto out_free;
+- rc = vmtruncate(lower_dentry->d_inode, new_length);
++ lower_ia->ia_size = ia->ia_size;
++ lower_ia->ia_valid |= ATTR_SIZE;
+ goto out_free;
+ }
+ if (num_zeros) {
+@@ -834,7 +843,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
+ goto out_free;
+ }
+ rc = ecryptfs_write(&fake_ecryptfs_file, zeros_virt,
+- new_length, num_zeros);
++ ia->ia_size, num_zeros);
+ kfree(zeros_virt);
+ if (rc) {
+ printk(KERN_ERR "Error attempting to zero out "
+@@ -843,7 +852,7 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
+ goto out_free;
+ }
+ }
+- vmtruncate(inode, new_length);
++ vmtruncate(inode, ia->ia_size);
+ rc = ecryptfs_write_inode_size_to_metadata(inode);
+ if (rc) {
+ printk(KERN_ERR "Problem with "
+@@ -856,10 +865,12 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
+ lower_size_before_truncate =
+ upper_size_to_lower_size(crypt_stat, i_size);
+ lower_size_after_truncate =
+- upper_size_to_lower_size(crypt_stat, new_length);
+- if (lower_size_after_truncate < lower_size_before_truncate)
+- vmtruncate(lower_dentry->d_inode,
+- lower_size_after_truncate);
++ upper_size_to_lower_size(crypt_stat, ia->ia_size);
++ if (lower_size_after_truncate < lower_size_before_truncate) {
++ lower_ia->ia_size = lower_size_after_truncate;
++ lower_ia->ia_valid |= ATTR_SIZE;
++ } else
++ lower_ia->ia_valid &= ~ATTR_SIZE;
+ }
+ out_free:
+ if (ecryptfs_file_to_private(&fake_ecryptfs_file))
+@@ -869,6 +880,33 @@ out:
+ return rc;
+ }
+
++/**
++ * ecryptfs_truncate
++ * @dentry: The ecryptfs layer dentry
++ * @new_length: The length to expand the file to
++ *
++ * Simple function that handles the truncation of an eCryptfs inode and
++ * its corresponding lower inode.
++ *
++ * Returns zero on success; non-zero otherwise
++ */
++int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
++{
++ struct iattr ia = { .ia_valid = ATTR_SIZE, .ia_size = new_length };
++ struct iattr lower_ia = { .ia_valid = 0 };
++ int rc;
++
++ rc = truncate_upper(dentry, &ia, &lower_ia);
++ if (!rc && lower_ia.ia_valid & ATTR_SIZE) {
++ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
++
++ mutex_lock(&lower_dentry->d_inode->i_mutex);
++ rc = notify_change(lower_dentry, &lower_ia);
++ mutex_unlock(&lower_dentry->d_inode->i_mutex);
++ }
++ return rc;
++}
++
+ static int
+ ecryptfs_permission(struct inode *inode, int mask)
+ {
+@@ -891,6 +929,7 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
+ {
+ int rc = 0;
+ struct dentry *lower_dentry;
++ struct iattr lower_ia;
+ struct inode *inode;
+ struct inode *lower_inode;
+ struct ecryptfs_crypt_stat *crypt_stat;
+@@ -929,15 +968,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
+ }
+ }
+ mutex_unlock(&crypt_stat->cs_mutex);
++ memcpy(&lower_ia, ia, sizeof(lower_ia));
++ if (ia->ia_valid & ATTR_FILE)
++ lower_ia.ia_file = ecryptfs_file_to_lower(ia->ia_file);
+ if (ia->ia_valid & ATTR_SIZE) {
+- ecryptfs_printk(KERN_DEBUG,
+- "ia->ia_valid = [0x%x] ATTR_SIZE" " = [0x%x]\n",
+- ia->ia_valid, ATTR_SIZE);
+- rc = ecryptfs_truncate(dentry, ia->ia_size);
+- /* ecryptfs_truncate handles resizing of the lower file */
+- ia->ia_valid &= ~ATTR_SIZE;
+- ecryptfs_printk(KERN_DEBUG, "ia->ia_valid = [%x]\n",
+- ia->ia_valid);
++ rc = truncate_upper(dentry, ia, &lower_ia);
+ if (rc < 0)
+ goto out;
+ }
+@@ -946,11 +981,11 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia)
+ * mode change is for clearing setuid/setgid bits. Allow lower fs
+ * to interpret this in its own way.
+ */
+- if (ia->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
+- ia->ia_valid &= ~ATTR_MODE;
++ if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
++ lower_ia.ia_valid &= ~ATTR_MODE;
+
+ mutex_lock(&lower_dentry->d_inode->i_mutex);
+- rc = notify_change(lower_dentry, ia);
++ rc = notify_change(lower_dentry, &lower_ia);
+ mutex_unlock(&lower_dentry->d_inode->i_mutex);
+ out:
+ fsstack_copy_attr_all(inode, lower_inode, NULL);
+diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
+index c6ac85d..c52df75 100644
+--- a/fs/ecryptfs/main.c
++++ b/fs/ecryptfs/main.c
+@@ -487,6 +487,7 @@ out:
+ }
+
+ struct kmem_cache *ecryptfs_sb_info_cache;
++static struct file_system_type ecryptfs_fs_type;
+
+ /**
+ * ecryptfs_fill_super
+@@ -561,6 +562,23 @@ static int ecryptfs_read_super(struct super_block *sb, const char *dev_name)
+ ecryptfs_printk(KERN_WARNING, "path_lookup() failed\n");
+ goto out;
+ }
++
++ if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) {
++ rc = -EINVAL;
++ printk(KERN_ERR "Mount on filesystem of type "
++ "eCryptfs explicitly disallowed due to "
++ "known incompatibilities\n");
++ goto out_free;
++ }
++
++ if (check_ruid && path.dentry->d_inode->i_uid != current_uid()) {
++ rc = -EPERM;
++ printk(KERN_ERR "Mount of device (uid: %d) not owned by "
++ "requested user (uid: %d)\n",
++ path.dentry->d_inode->i_uid, current_uid());
++ goto out_free;
++ }
++
+ ecryptfs_set_superblock_lower(sb, path.dentry->d_sb);
+ sb->s_maxbytes = path.dentry->d_sb->s_maxbytes;
+ sb->s_blocksize = path.dentry->d_sb->s_blocksize;
diff --git a/fs/exec.c b/fs/exec.c
index 86fafc6..6272c0e 100644
--- a/fs/exec.c
@@ -53021,7 +53320,7 @@ index 50f8f06..c5755df 100644
help
Various /proc files exist to monitor process memory utilization:
diff --git a/fs/proc/array.c b/fs/proc/array.c
-index c5ef152..24a1b87 100644
+index c5ef152..28c94f7 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -60,6 +60,7 @@
@@ -53135,9 +53434,12 @@ index c5ef152..24a1b87 100644
esp,
eip,
/* The signal information here is obsolete.
-@@ -519,6 +578,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
+@@ -517,8 +576,16 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
+ struct pid *pid, struct task_struct *task)
+ {
int size = 0, resident = 0, shared = 0, text = 0, lib = 0, data = 0;
- struct mm_struct *mm = get_task_mm(task);
+- struct mm_struct *mm = get_task_mm(task);
++ struct mm_struct *mm;
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
+ if (current->exec_id != m->exec_id) {
@@ -53146,10 +53448,11 @@ index c5ef152..24a1b87 100644
+ }
+#endif
+
++ mm = get_task_mm(task);
if (mm) {
size = task_statm(mm, &shared, &text, &data, &resident);
mmput(mm);
-@@ -528,3 +594,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
+@@ -528,3 +595,18 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
return 0;
}
@@ -88073,10 +88376,10 @@ index 0000000..008f159
+}
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
new file mode 100644
-index 0000000..8b61031
+index 0000000..4a9b187
--- /dev/null
+++ b/tools/gcc/stackleak_plugin.c
-@@ -0,0 +1,295 @@
+@@ -0,0 +1,326 @@
+/*
+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu>
+ * Licensed under the GPL v2
@@ -88123,10 +88426,12 @@ index 0000000..8b61031
+static int track_frame_size = -1;
+static const char track_function[] = "pax_track_stack";
+static const char check_function[] = "pax_check_alloca";
++static tree pax_check_alloca_decl;
++static tree pax_track_stack_decl;
+static bool init_locals;
+
+static struct plugin_info stackleak_plugin_info = {
-+ .version = "201111150100",
++ .version = "201203021600",
+ .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n"
+// "initialize-locals\t\tforcibly initialize all stack frames\n"
+};
@@ -88179,27 +88484,20 @@ index 0000000..8b61031
+static void stackleak_check_alloca(gimple_stmt_iterator *gsi)
+{
+ gimple check_alloca;
-+ tree fndecl, fntype, alloca_size;
++ tree alloca_size;
+
+ // insert call to void pax_check_alloca(unsigned long size)
-+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
-+ fndecl = build_fn_decl(check_function, fntype);
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
+ alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0);
-+ check_alloca = gimple_build_call(fndecl, 1, alloca_size);
++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size);
+ gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT);
+}
+
+static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi)
+{
+ gimple track_stack;
-+ tree fndecl, fntype;
+
+ // insert call to void pax_track_stack(void)
-+ fntype = build_function_type_list(void_type_node, NULL_TREE);
-+ fndecl = build_fn_decl(track_function, fntype);
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
-+ track_stack = gimple_build_call(fndecl, 0);
++ track_stack = gimple_build_call(pax_track_stack_decl, 0);
+ gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING);
+}
+
@@ -88236,7 +88534,7 @@ index 0000000..8b61031
+static unsigned int execute_stackleak_tree_instrument(void)
+{
+ basic_block bb, entry_bb;
-+ bool prologue_instrumented = false;
++ bool prologue_instrumented = false, is_leaf = true;
+
+ entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb;
+
@@ -88245,8 +88543,15 @@ index 0000000..8b61031
+ gimple_stmt_iterator gsi;
+
+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
++ gimple stmt;
++
++ stmt = gsi_stmt(gsi);
++
++ if (is_gimple_call(stmt))
++ is_leaf = false;
++
+ // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450>
-+ if (!is_alloca(gsi_stmt(gsi)))
++ if (!is_alloca(stmt))
+ continue;
+
+ // 2. insert stack overflow check before each __builtin_alloca call
@@ -88259,6 +88564,13 @@ index 0000000..8b61031
+ }
+ }
+
++ // special case for some bad linux code: taking the address of static inline functions will materialize them
++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI
++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI.
++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here.
++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl))
++ return 0;
++
+ // 4. insert track call at the beginning
+ if (!prologue_instrumented) {
+ gimple_stmt_iterator gsi;
@@ -88318,6 +88630,27 @@ index 0000000..8b61031
+ return 0;
+}
+
++static void stackleak_start_unit(void *gcc_data, void *user_dat)
++{
++ tree fntype;
++
++ // declare void pax_check_alloca(unsigned long size)
++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
++ pax_check_alloca_decl = build_fn_decl(check_function, fntype);
++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO
++ TREE_PUBLIC(pax_check_alloca_decl) = 1;
++ DECL_EXTERNAL(pax_check_alloca_decl) = 1;
++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1;
++
++ // declare void pax_track_stack(void)
++ fntype = build_function_type_list(void_type_node, NULL_TREE);
++ pax_track_stack_decl = build_fn_decl(track_function, fntype);
++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO
++ TREE_PUBLIC(pax_track_stack_decl) = 1;
++ DECL_EXTERNAL(pax_track_stack_decl) = 1;
++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1;
++}
++
+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version)
+{
+ const char * const plugin_name = plugin_info->base_name;
@@ -88329,7 +88662,7 @@ index 0000000..8b61031
+// .reference_pass_name = "tree_profile",
+ .reference_pass_name = "optimized",
+ .ref_pass_instance_number = 0,
-+ .pos_op = PASS_POS_INSERT_AFTER
++ .pos_op = PASS_POS_INSERT_BEFORE
+ };
+ struct register_pass_info stackleak_final_pass_info = {
+ .pass = &stackleak_final_rtl_opt_pass.pass,
@@ -88367,6 +88700,7 @@ index 0000000..8b61031
+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
+ }
+
++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL);
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info);
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info);
+
@@ -88399,10 +88733,112 @@ index 83b3dde..835bee7 100644
break;
}
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
-index 4f3434f..159bc3e 100644
+index 4f3434f..fc63040 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
-@@ -2494,7 +2494,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void)
+@@ -43,6 +43,8 @@
+ #include <linux/swap.h>
+ #include <linux/bitops.h>
+ #include <linux/spinlock.h>
++#include <linux/namei.h>
++#include <linux/fs.h>
+
+ #include <asm/processor.h>
+ #include <asm/io.h>
+@@ -575,12 +577,73 @@ out:
+ return r;
+ }
+
++/*
++ * We want to test whether the caller has been granted permissions to
++ * use this device. To be able to configure and control the device,
++ * the user needs access to PCI configuration space and BAR resources.
++ * These are accessed through PCI sysfs. PCI config space is often
++ * passed to the process calling this ioctl via file descriptor, so we
++ * can't rely on access to that file. We can check for permissions
++ * on each of the BAR resource files, which is a pretty clear
++ * indicator that the user has been granted access to the device.
++ */
++static int probe_sysfs_permissions(struct pci_dev *dev)
++{
++#ifdef CONFIG_SYSFS
++ int i;
++ bool bar_found = false;
++
++ for (i = PCI_STD_RESOURCES; i <= PCI_STD_RESOURCE_END; i++) {
++ char *kpath, *syspath;
++ struct path path;
++ struct inode *inode;
++ int r;
++
++ if (!pci_resource_len(dev, i))
++ continue;
++
++ kpath = kobject_get_path(&dev->dev.kobj, GFP_KERNEL);
++ if (!kpath)
++ return -ENOMEM;
++
++ /* Per sysfs-rules, sysfs is always at /sys */
++ syspath = kasprintf(GFP_KERNEL, "/sys%s/resource%d", kpath, i);
++ kfree(kpath);
++ if (!syspath)
++ return -ENOMEM;
++
++ r = kern_path(syspath, LOOKUP_FOLLOW, &path);
++ kfree(syspath);
++ if (r)
++ return r;
++
++ inode = path.dentry->d_inode;
++
++ r = inode_permission(inode, MAY_READ | MAY_WRITE | MAY_ACCESS);
++ path_put(&path);
++ if (r)
++ return r;
++
++ bar_found = true;
++ }
++
++ /* If no resources, probably something special */
++ if (!bar_found)
++ return -EPERM;
++
++ return 0;
++#else
++ return -EINVAL; /* No way to control the device without sysfs */
++#endif
++}
++
+ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
+ struct kvm_assigned_pci_dev *assigned_dev)
+ {
+ int r = 0;
+ struct kvm_assigned_dev_kernel *match;
+ struct pci_dev *dev;
++ u8 header_type;
+
+ down_read(&kvm->slots_lock);
+ mutex_lock(&kvm->lock);
+@@ -607,6 +670,18 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
+ r = -EINVAL;
+ goto out_free;
+ }
++
++ /* Don't allow bridges to be assigned */
++ pci_read_config_byte(dev, PCI_HEADER_TYPE, &header_type);
++ if ((header_type & PCI_HEADER_TYPE) != PCI_HEADER_TYPE_NORMAL) {
++ r = -EPERM;
++ goto out_put;
++ }
++
++ r = probe_sysfs_permissions(dev);
++ if (r)
++ goto out_put;
++
+ if (pci_enable_device(dev)) {
+ printk(KERN_INFO "%s: Could not enable PCI device\n", __func__);
+ r = -EBUSY;
+@@ -2494,7 +2569,7 @@ asmlinkage void kvm_handle_fault_on_reboot(void)
if (kvm_rebooting)
/* spin while reset goes on */
while (true)
@@ -88411,7 +88847,7 @@ index 4f3434f..159bc3e 100644
/* Fault while not rebooting. We want the trace. */
BUG();
}
-@@ -2714,7 +2714,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
+@@ -2714,7 +2789,7 @@ static void kvm_sched_out(struct preempt_notifier *pn,
kvm_arch_vcpu_put(vcpu);
}
@@ -88420,7 +88856,7 @@ index 4f3434f..159bc3e 100644
struct module *module)
{
int r;
-@@ -2767,15 +2767,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size,
+@@ -2767,15 +2842,17 @@ int kvm_init(void *opaque, unsigned int vcpu_size,
/* A kmem cache lets us meet the alignment requirements of fx_save. */
kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size,
__alignof__(struct kvm_vcpu),
diff --git a/2.6.32/4440_grsec-remove-protected-paths.patch b/2.6.32/4440_grsec-remove-protected-paths.patch
index 5cec66c..339cc6e 100644
--- a/2.6.32/4440_grsec-remove-protected-paths.patch
+++ b/2.6.32/4440_grsec-remove-protected-paths.patch
@@ -6,7 +6,7 @@ the filesystem.
diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile
--- a/grsecurity/Makefile 2011-10-19 19:48:21.000000000 -0400
+++ b/grsecurity/Makefile 2011-10-19 19:50:44.000000000 -0400
-@@ -27,10 +27,4 @@
+@@ -29,10 +29,4 @@
ifdef CONFIG_GRKERNSEC_HIDESYM
extra-y := grsec_hidesym.o
$(obj)/grsec_hidesym.o:
diff --git a/2.6.32/4445_grsec-pax-without-grsec.patch b/2.6.32/4445_grsec-pax-without-grsec.patch
index 0f87dc1..591a120 100644
--- a/2.6.32/4445_grsec-pax-without-grsec.patch
+++ b/2.6.32/4445_grsec-pax-without-grsec.patch
@@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
diff -Naur a/fs/exec.c b/fs/exec.c
--- a/fs/exec.c 2011-04-17 18:15:55.000000000 -0400
+++ b/fs/exec.c 2011-04-17 18:29:40.000000000 -0400
-@@ -1812,9 +1812,11 @@
+@@ -1832,9 +1832,11 @@
}
up_read(&mm->mmap_sem);
}
@@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset);
printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, "
"PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk),
-@@ -1829,10 +1831,12 @@
+@@ -1849,10 +1851,12 @@
#ifdef CONFIG_PAX_REFCOUNT
void pax_report_refcount_overflow(struct pt_regs *regs)
{
@@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
current->comm, task_pid_nr(current), current_uid(), current_euid());
print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
-@@ -1892,10 +1896,12 @@
+@@ -1912,10 +1916,12 @@
NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type)
{
diff --git a/2.6.32/4450_grsec-kconfig-default-gids.patch b/2.6.32/4450_grsec-kconfig-default-gids.patch
index 763d845..498adb6 100644
--- a/2.6.32/4450_grsec-kconfig-default-gids.patch
+++ b/2.6.32/4450_grsec-kconfig-default-gids.patch
@@ -12,7 +12,7 @@ from shooting themselves in the foot.
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-12-12 15:11:47.000000000 -0500
+++ b/grsecurity/Kconfig 2011-12-12 15:13:17.000000000 -0500
-@@ -433,7 +433,7 @@
+@@ -439,7 +439,7 @@
config GRKERNSEC_PROC_GID
int "GID for special group"
depends on GRKERNSEC_PROC_USERGROUP
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
config GRKERNSEC_PROC_ADD
bool "Additional restrictions"
-@@ -661,7 +661,7 @@
+@@ -667,7 +667,7 @@
config GRKERNSEC_AUDIT_GID
int "GID for auditing"
depends on GRKERNSEC_AUDIT_GROUP
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
config GRKERNSEC_EXECLOG
bool "Exec logging"
-@@ -865,7 +865,7 @@
+@@ -871,7 +871,7 @@
config GRKERNSEC_TPE_GID
int "GID for untrusted users"
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*enabled* for. If the sysctl option is enabled, a sysctl option
-@@ -874,7 +874,7 @@
+@@ -880,7 +880,7 @@
config GRKERNSEC_TPE_GID
int "GID for trusted users"
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*disabled* for. If the sysctl option is enabled, a sysctl option
-@@ -947,7 +947,7 @@
+@@ -953,7 +953,7 @@
config GRKERNSEC_SOCKET_ALL_GID
int "GID to deny all sockets for"
depends on GRKERNSEC_SOCKET_ALL
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable socket access for. Remember to
add the users you want socket access disabled for to the GID
-@@ -968,7 +968,7 @@
+@@ -974,7 +974,7 @@
config GRKERNSEC_SOCKET_CLIENT_GID
int "GID to deny client sockets for"
depends on GRKERNSEC_SOCKET_CLIENT
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable client socket access for.
Remember to add the users you want client socket access disabled for to
-@@ -986,7 +986,7 @@
+@@ -992,7 +992,7 @@
config GRKERNSEC_SOCKET_SERVER_GID
int "GID to deny server sockets for"
depends on GRKERNSEC_SOCKET_SERVER
diff --git a/2.6.32/4460-grsec-kconfig-proc-user.patch b/2.6.32/4460-grsec-kconfig-proc-user.patch
index ca88ef7..1e181f3 100644
--- a/2.6.32/4460-grsec-kconfig-proc-user.patch
+++ b/2.6.32/4460-grsec-kconfig-proc-user.patch
@@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-06-29 07:46:02.000000000 -0400
+++ b/grsecurity/Kconfig 2011-06-29 07:47:20.000000000 -0400
-@@ -667,7 +667,7 @@
+@@ -673,7 +673,7 @@
config GRKERNSEC_PROC_USER
bool "Restrict /proc to user only"
@@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
If you say Y here, non-root users will only be able to view their own
processes, and restricts them from viewing network-related information,
-@@ -675,7 +675,7 @@
+@@ -681,7 +681,7 @@
config GRKERNSEC_PROC_USERGROUP
bool "Allow special group"
diff --git a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
index 0873c15..fe2f190 100644
--- a/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
+++ b/2.6.32/4465_selinux-avc_audit-log-curr_ip.patch
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-04-17 18:47:02.000000000 -0400
+++ b/grsecurity/Kconfig 2011-04-17 18:51:15.000000000 -0400
-@@ -1296,6 +1296,27 @@
+@@ -1302,6 +1302,27 @@
menu "Logging Options"
depends on GRKERNSEC
diff --git a/3.2.7/1006_linux-3.2.7.patch b/3.2.7/1006_linux-3.2.7.patch
deleted file mode 100644
index 08a6ba3..0000000
--- a/3.2.7/1006_linux-3.2.7.patch
+++ /dev/null
@@ -1,994 +0,0 @@
-diff --git a/Makefile b/Makefile
-index 47fe496..d1bdc90 100644
---- a/Makefile
-+++ b/Makefile
-@@ -1,6 +1,6 @@
- VERSION = 3
- PATCHLEVEL = 2
--SUBLEVEL = 6
-+SUBLEVEL = 7
- EXTRAVERSION =
- NAME = Saber-toothed Squirrel
-
-diff --git a/arch/x86/pci/xen.c b/arch/x86/pci/xen.c
-index 492ade8..d99346e 100644
---- a/arch/x86/pci/xen.c
-+++ b/arch/x86/pci/xen.c
-@@ -374,7 +374,7 @@ int __init pci_xen_init(void)
-
- int __init pci_xen_hvm_init(void)
- {
-- if (!xen_feature(XENFEAT_hvm_pirqs))
-+ if (!xen_have_vector_callback || !xen_feature(XENFEAT_hvm_pirqs))
- return 0;
-
- #ifdef CONFIG_ACPI
-diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c
-index 88f160b..107f6f7 100644
---- a/crypto/sha512_generic.c
-+++ b/crypto/sha512_generic.c
-@@ -31,11 +31,6 @@ static inline u64 Maj(u64 x, u64 y, u64 z)
- return (x & y) | (z & (x | y));
- }
-
--static inline u64 RORu64(u64 x, u64 y)
--{
-- return (x >> y) | (x << (64 - y));
--}
--
- static const u64 sha512_K[80] = {
- 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
- 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
-@@ -66,10 +61,10 @@ static const u64 sha512_K[80] = {
- 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL,
- };
-
--#define e0(x) (RORu64(x,28) ^ RORu64(x,34) ^ RORu64(x,39))
--#define e1(x) (RORu64(x,14) ^ RORu64(x,18) ^ RORu64(x,41))
--#define s0(x) (RORu64(x, 1) ^ RORu64(x, 8) ^ (x >> 7))
--#define s1(x) (RORu64(x,19) ^ RORu64(x,61) ^ (x >> 6))
-+#define e0(x) (ror64(x,28) ^ ror64(x,34) ^ ror64(x,39))
-+#define e1(x) (ror64(x,14) ^ ror64(x,18) ^ ror64(x,41))
-+#define s0(x) (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7))
-+#define s1(x) (ror64(x,19) ^ ror64(x,61) ^ (x >> 6))
-
- static inline void LOAD_OP(int I, u64 *W, const u8 *input)
- {
-@@ -78,7 +73,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input)
-
- static inline void BLEND_OP(int I, u64 *W)
- {
-- W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]);
-+ W[I & 15] += s1(W[(I-2) & 15]) + W[(I-7) & 15] + s0(W[(I-15) & 15]);
- }
-
- static void
-@@ -89,46 +84,42 @@ sha512_transform(u64 *state, const u8 *input)
- int i;
- u64 W[16];
-
-- /* load the input */
-- for (i = 0; i < 16; i++)
-- LOAD_OP(i, W, input);
--
- /* load the state into our registers */
- a=state[0]; b=state[1]; c=state[2]; d=state[3];
- e=state[4]; f=state[5]; g=state[6]; h=state[7];
-
--#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \
-- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \
-- t2 = e0(a) + Maj(a, b, c); \
-- d += t1; \
-- h = t1 + t2
--
--#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \
-- BLEND_OP(i, W); \
-- t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \
-- t2 = e0(a) + Maj(a, b, c); \
-- d += t1; \
-- h = t1 + t2
--
-- for (i = 0; i < 16; i += 8) {
-- SHA512_0_15(i, a, b, c, d, e, f, g, h);
-- SHA512_0_15(i + 1, h, a, b, c, d, e, f, g);
-- SHA512_0_15(i + 2, g, h, a, b, c, d, e, f);
-- SHA512_0_15(i + 3, f, g, h, a, b, c, d, e);
-- SHA512_0_15(i + 4, e, f, g, h, a, b, c, d);
-- SHA512_0_15(i + 5, d, e, f, g, h, a, b, c);
-- SHA512_0_15(i + 6, c, d, e, f, g, h, a, b);
-- SHA512_0_15(i + 7, b, c, d, e, f, g, h, a);
-- }
-- for (i = 16; i < 80; i += 8) {
-- SHA512_16_79(i, a, b, c, d, e, f, g, h);
-- SHA512_16_79(i + 1, h, a, b, c, d, e, f, g);
-- SHA512_16_79(i + 2, g, h, a, b, c, d, e, f);
-- SHA512_16_79(i + 3, f, g, h, a, b, c, d, e);
-- SHA512_16_79(i + 4, e, f, g, h, a, b, c, d);
-- SHA512_16_79(i + 5, d, e, f, g, h, a, b, c);
-- SHA512_16_79(i + 6, c, d, e, f, g, h, a, b);
-- SHA512_16_79(i + 7, b, c, d, e, f, g, h, a);
-+ /* now iterate */
-+ for (i=0; i<80; i+=8) {
-+ if (!(i & 8)) {
-+ int j;
-+
-+ if (i < 16) {
-+ /* load the input */
-+ for (j = 0; j < 16; j++)
-+ LOAD_OP(i + j, W, input);
-+ } else {
-+ for (j = 0; j < 16; j++) {
-+ BLEND_OP(i + j, W);
-+ }
-+ }
-+ }
-+
-+ t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[(i & 15)];
-+ t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2;
-+ t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1];
-+ t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2;
-+ t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[(i & 15) + 2];
-+ t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2;
-+ t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[(i & 15) + 3];
-+ t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2;
-+ t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[(i & 15) + 4];
-+ t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2;
-+ t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[(i & 15) + 5];
-+ t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2;
-+ t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6];
-+ t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2;
-+ t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[(i & 15) + 7];
-+ t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2;
- }
-
- state[0] += a; state[1] += b; state[2] += c; state[3] += d;
-diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c
-index db3b461..94f860c 100644
---- a/drivers/gpu/drm/i915/intel_dp.c
-+++ b/drivers/gpu/drm/i915/intel_dp.c
-@@ -208,17 +208,8 @@ intel_dp_link_clock(uint8_t link_bw)
- */
-
- static int
--intel_dp_link_required(struct intel_dp *intel_dp, int pixel_clock, int check_bpp)
-+intel_dp_link_required(int pixel_clock, int bpp)
- {
-- struct drm_crtc *crtc = intel_dp->base.base.crtc;
-- struct intel_crtc *intel_crtc = to_intel_crtc(crtc);
-- int bpp = 24;
--
-- if (check_bpp)
-- bpp = check_bpp;
-- else if (intel_crtc)
-- bpp = intel_crtc->bpp;
--
- return (pixel_clock * bpp + 9) / 10;
- }
-
-@@ -245,12 +236,11 @@ intel_dp_mode_valid(struct drm_connector *connector,
- return MODE_PANEL;
- }
-
-- mode_rate = intel_dp_link_required(intel_dp, mode->clock, 0);
-+ mode_rate = intel_dp_link_required(mode->clock, 24);
- max_rate = intel_dp_max_data_rate(max_link_clock, max_lanes);
-
- if (mode_rate > max_rate) {
-- mode_rate = intel_dp_link_required(intel_dp,
-- mode->clock, 18);
-+ mode_rate = intel_dp_link_required(mode->clock, 18);
- if (mode_rate > max_rate)
- return MODE_CLOCK_HIGH;
- else
-@@ -683,7 +673,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode,
- int lane_count, clock;
- int max_lane_count = intel_dp_max_lane_count(intel_dp);
- int max_clock = intel_dp_max_link_bw(intel_dp) == DP_LINK_BW_2_7 ? 1 : 0;
-- int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 0;
-+ int bpp = mode->private_flags & INTEL_MODE_DP_FORCE_6BPC ? 18 : 24;
- static int bws[2] = { DP_LINK_BW_1_62, DP_LINK_BW_2_7 };
-
- if (is_edp(intel_dp) && intel_dp->panel_fixed_mode) {
-@@ -701,7 +691,7 @@ intel_dp_mode_fixup(struct drm_encoder *encoder, struct drm_display_mode *mode,
- for (clock = 0; clock <= max_clock; clock++) {
- int link_avail = intel_dp_max_data_rate(intel_dp_link_clock(bws[clock]), lane_count);
-
-- if (intel_dp_link_required(intel_dp, mode->clock, bpp)
-+ if (intel_dp_link_required(mode->clock, bpp)
- <= link_avail) {
- intel_dp->link_bw = bws[clock];
- intel_dp->lane_count = lane_count;
-diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c
-index e441911..b83f745 100644
---- a/drivers/gpu/drm/i915/intel_lvds.c
-+++ b/drivers/gpu/drm/i915/intel_lvds.c
-@@ -694,6 +694,14 @@ static const struct dmi_system_id intel_no_lvds[] = {
- },
- {
- .callback = intel_no_lvds_dmi_callback,
-+ .ident = "AOpen i45GMx-I",
-+ .matches = {
-+ DMI_MATCH(DMI_BOARD_VENDOR, "AOpen"),
-+ DMI_MATCH(DMI_BOARD_NAME, "i45GMx-I"),
-+ },
-+ },
-+ {
-+ .callback = intel_no_lvds_dmi_callback,
- .ident = "Aopen i945GTt-VFA",
- .matches = {
- DMI_MATCH(DMI_PRODUCT_VERSION, "AO00001JW"),
-diff --git a/drivers/hwmon/f75375s.c b/drivers/hwmon/f75375s.c
-index 95cbfb3..e4ab491 100644
---- a/drivers/hwmon/f75375s.c
-+++ b/drivers/hwmon/f75375s.c
-@@ -159,7 +159,7 @@ static inline void f75375_write8(struct i2c_client *client, u8 reg,
- static inline void f75375_write16(struct i2c_client *client, u8 reg,
- u16 value)
- {
-- int err = i2c_smbus_write_byte_data(client, reg, (value << 8));
-+ int err = i2c_smbus_write_byte_data(client, reg, (value >> 8));
- if (err)
- return;
- i2c_smbus_write_byte_data(client, reg + 1, (value & 0xFF));
-@@ -311,7 +311,7 @@ static int set_pwm_enable_direct(struct i2c_client *client, int nr, int val)
- fanmode |= (3 << FAN_CTRL_MODE(nr));
- break;
- case 2: /* AUTOMATIC*/
-- fanmode |= (2 << FAN_CTRL_MODE(nr));
-+ fanmode |= (1 << FAN_CTRL_MODE(nr));
- break;
- case 3: /* fan speed */
- break;
-diff --git a/drivers/mmc/host/atmel-mci.c b/drivers/mmc/host/atmel-mci.c
-index a7ee502..72bc756 100644
---- a/drivers/mmc/host/atmel-mci.c
-+++ b/drivers/mmc/host/atmel-mci.c
-@@ -965,11 +965,14 @@ static void atmci_start_request(struct atmel_mci *host,
- host->data_status = 0;
-
- if (host->need_reset) {
-+ iflags = atmci_readl(host, ATMCI_IMR);
-+ iflags &= (ATMCI_SDIOIRQA | ATMCI_SDIOIRQB);
- atmci_writel(host, ATMCI_CR, ATMCI_CR_SWRST);
- atmci_writel(host, ATMCI_CR, ATMCI_CR_MCIEN);
- atmci_writel(host, ATMCI_MR, host->mode_reg);
- if (host->caps.has_cfg_reg)
- atmci_writel(host, ATMCI_CFG, host->cfg_reg);
-+ atmci_writel(host, ATMCI_IER, iflags);
- host->need_reset = false;
- }
- atmci_writel(host, ATMCI_SDCR, slot->sdc_reg);
-diff --git a/drivers/mmc/host/dw_mmc.c b/drivers/mmc/host/dw_mmc.c
-index 3aaeb08..baf3d42 100644
---- a/drivers/mmc/host/dw_mmc.c
-+++ b/drivers/mmc/host/dw_mmc.c
-@@ -22,7 +22,6 @@
- #include <linux/ioport.h>
- #include <linux/module.h>
- #include <linux/platform_device.h>
--#include <linux/scatterlist.h>
- #include <linux/seq_file.h>
- #include <linux/slab.h>
- #include <linux/stat.h>
-@@ -502,8 +501,14 @@ static void dw_mci_submit_data(struct dw_mci *host, struct mmc_data *data)
- host->dir_status = DW_MCI_SEND_STATUS;
-
- if (dw_mci_submit_data_dma(host, data)) {
-+ int flags = SG_MITER_ATOMIC;
-+ if (host->data->flags & MMC_DATA_READ)
-+ flags |= SG_MITER_TO_SG;
-+ else
-+ flags |= SG_MITER_FROM_SG;
-+
-+ sg_miter_start(&host->sg_miter, data->sg, data->sg_len, flags);
- host->sg = data->sg;
-- host->pio_offset = 0;
- host->part_buf_start = 0;
- host->part_buf_count = 0;
-
-@@ -953,6 +958,7 @@ static void dw_mci_tasklet_func(unsigned long priv)
- * generates a block interrupt, hence setting
- * the scatter-gather pointer to NULL.
- */
-+ sg_miter_stop(&host->sg_miter);
- host->sg = NULL;
- ctrl = mci_readl(host, CTRL);
- ctrl |= SDMMC_CTRL_FIFO_RESET;
-@@ -1286,54 +1292,44 @@ static void dw_mci_pull_data(struct dw_mci *host, void *buf, int cnt)
-
- static void dw_mci_read_data_pio(struct dw_mci *host)
- {
-- struct scatterlist *sg = host->sg;
-- void *buf = sg_virt(sg);
-- unsigned int offset = host->pio_offset;
-+ struct sg_mapping_iter *sg_miter = &host->sg_miter;
-+ void *buf;
-+ unsigned int offset;
- struct mmc_data *data = host->data;
- int shift = host->data_shift;
- u32 status;
- unsigned int nbytes = 0, len;
-+ unsigned int remain, fcnt;
-
- do {
-- len = host->part_buf_count +
-- (SDMMC_GET_FCNT(mci_readl(host, STATUS)) << shift);
-- if (offset + len <= sg->length) {
-+ if (!sg_miter_next(sg_miter))
-+ goto done;
-+
-+ host->sg = sg_miter->__sg;
-+ buf = sg_miter->addr;
-+ remain = sg_miter->length;
-+ offset = 0;
-+
-+ do {
-+ fcnt = (SDMMC_GET_FCNT(mci_readl(host, STATUS))
-+ << shift) + host->part_buf_count;
-+ len = min(remain, fcnt);
-+ if (!len)
-+ break;
- dw_mci_pull_data(host, (void *)(buf + offset), len);
--
- offset += len;
- nbytes += len;
--
-- if (offset == sg->length) {
-- flush_dcache_page(sg_page(sg));
-- host->sg = sg = sg_next(sg);
-- if (!sg)
-- goto done;
--
-- offset = 0;
-- buf = sg_virt(sg);
-- }
-- } else {
-- unsigned int remaining = sg->length - offset;
-- dw_mci_pull_data(host, (void *)(buf + offset),
-- remaining);
-- nbytes += remaining;
--
-- flush_dcache_page(sg_page(sg));
-- host->sg = sg = sg_next(sg);
-- if (!sg)
-- goto done;
--
-- offset = len - remaining;
-- buf = sg_virt(sg);
-- dw_mci_pull_data(host, buf, offset);
-- nbytes += offset;
-- }
-+ remain -= len;
-+ } while (remain);
-+ sg_miter->consumed = offset;
-
- status = mci_readl(host, MINTSTS);
- mci_writel(host, RINTSTS, SDMMC_INT_RXDR);
- if (status & DW_MCI_DATA_ERROR_FLAGS) {
- host->data_status = status;
- data->bytes_xfered += nbytes;
-+ sg_miter_stop(sg_miter);
-+ host->sg = NULL;
- smp_wmb();
-
- set_bit(EVENT_DATA_ERROR, &host->pending_events);
-@@ -1342,65 +1338,66 @@ static void dw_mci_read_data_pio(struct dw_mci *host)
- return;
- }
- } while (status & SDMMC_INT_RXDR); /*if the RXDR is ready read again*/
-- host->pio_offset = offset;
- data->bytes_xfered += nbytes;
-+
-+ if (!remain) {
-+ if (!sg_miter_next(sg_miter))
-+ goto done;
-+ sg_miter->consumed = 0;
-+ }
-+ sg_miter_stop(sg_miter);
- return;
-
- done:
- data->bytes_xfered += nbytes;
-+ sg_miter_stop(sg_miter);
-+ host->sg = NULL;
- smp_wmb();
- set_bit(EVENT_XFER_COMPLETE, &host->pending_events);
- }
-
- static void dw_mci_write_data_pio(struct dw_mci *host)
- {
-- struct scatterlist *sg = host->sg;
-- void *buf = sg_virt(sg);
-- unsigned int offset = host->pio_offset;
-+ struct sg_mapping_iter *sg_miter = &host->sg_miter;
-+ void *buf;
-+ unsigned int offset;
- struct mmc_data *data = host->data;
- int shift = host->data_shift;
- u32 status;
- unsigned int nbytes = 0, len;
-+ unsigned int fifo_depth = host->fifo_depth;
-+ unsigned int remain, fcnt;
-
- do {
-- len = ((host->fifo_depth -
-- SDMMC_GET_FCNT(mci_readl(host, STATUS))) << shift)
-- - host->part_buf_count;
-- if (offset + len <= sg->length) {
-+ if (!sg_miter_next(sg_miter))
-+ goto done;
-+
-+ host->sg = sg_miter->__sg;
-+ buf = sg_miter->addr;
-+ remain = sg_miter->length;
-+ offset = 0;
-+
-+ do {
-+ fcnt = ((fifo_depth -
-+ SDMMC_GET_FCNT(mci_readl(host, STATUS)))
-+ << shift) - host->part_buf_count;
-+ len = min(remain, fcnt);
-+ if (!len)
-+ break;
- host->push_data(host, (void *)(buf + offset), len);
--
- offset += len;
- nbytes += len;
-- if (offset == sg->length) {
-- host->sg = sg = sg_next(sg);
-- if (!sg)
-- goto done;
--
-- offset = 0;
-- buf = sg_virt(sg);
-- }
-- } else {
-- unsigned int remaining = sg->length - offset;
--
-- host->push_data(host, (void *)(buf + offset),
-- remaining);
-- nbytes += remaining;
--
-- host->sg = sg = sg_next(sg);
-- if (!sg)
-- goto done;
--
-- offset = len - remaining;
-- buf = sg_virt(sg);
-- host->push_data(host, (void *)buf, offset);
-- nbytes += offset;
-- }
-+ remain -= len;
-+ } while (remain);
-+ sg_miter->consumed = offset;
-
- status = mci_readl(host, MINTSTS);
- mci_writel(host, RINTSTS, SDMMC_INT_TXDR);
- if (status & DW_MCI_DATA_ERROR_FLAGS) {
- host->data_status = status;
- data->bytes_xfered += nbytes;
-+ sg_miter_stop(sg_miter);
-+ host->sg = NULL;
-
- smp_wmb();
-
-@@ -1410,12 +1407,20 @@ static void dw_mci_write_data_pio(struct dw_mci *host)
- return;
- }
- } while (status & SDMMC_INT_TXDR); /* if TXDR write again */
-- host->pio_offset = offset;
- data->bytes_xfered += nbytes;
-+
-+ if (!remain) {
-+ if (!sg_miter_next(sg_miter))
-+ goto done;
-+ sg_miter->consumed = 0;
-+ }
-+ sg_miter_stop(sg_miter);
- return;
-
- done:
- data->bytes_xfered += nbytes;
-+ sg_miter_stop(sg_miter);
-+ host->sg = NULL;
- smp_wmb();
- set_bit(EVENT_XFER_COMPLETE, &host->pending_events);
- }
-@@ -1618,6 +1623,7 @@ static void dw_mci_work_routine_card(struct work_struct *work)
- * block interrupt, hence setting the
- * scatter-gather pointer to NULL.
- */
-+ sg_miter_stop(&host->sg_miter);
- host->sg = NULL;
-
- ctrl = mci_readl(host, CTRL);
-diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
-index ced5444..222954d 100644
---- a/drivers/net/ethernet/intel/igb/igb_main.c
-+++ b/drivers/net/ethernet/intel/igb/igb_main.c
-@@ -4965,7 +4965,8 @@ static int igb_find_enabled_vfs(struct igb_adapter *adapter)
- vf_devfn = pdev->devfn + 0x80;
- pvfdev = pci_get_device(hw->vendor_id, device_id, NULL);
- while (pvfdev) {
-- if (pvfdev->devfn == vf_devfn)
-+ if (pvfdev->devfn == vf_devfn &&
-+ (pvfdev->bus->number >= pdev->bus->number))
- vfs_found++;
- vf_devfn += vf_stride;
- pvfdev = pci_get_device(hw->vendor_id,
-diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
-index 00fcd39..e571356 100644
---- a/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
-+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c
-@@ -67,7 +67,8 @@ static int ixgbe_find_enabled_vfs(struct ixgbe_adapter *adapter)
- vf_devfn = pdev->devfn + 0x80;
- pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID, device_id, NULL);
- while (pvfdev) {
-- if (pvfdev->devfn == vf_devfn)
-+ if (pvfdev->devfn == vf_devfn &&
-+ (pvfdev->bus->number >= pdev->bus->number))
- vfs_found++;
- vf_devfn += 2;
- pvfdev = pci_get_device(IXGBE_INTEL_VENDOR_ID,
-diff --git a/drivers/net/ethernet/toshiba/Kconfig b/drivers/net/ethernet/toshiba/Kconfig
-index 0517647..74acb5c 100644
---- a/drivers/net/ethernet/toshiba/Kconfig
-+++ b/drivers/net/ethernet/toshiba/Kconfig
-@@ -5,7 +5,7 @@
- config NET_VENDOR_TOSHIBA
- bool "Toshiba devices"
- default y
-- depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB) || PPC_PS3
-+ depends on PCI && (PPC_IBM_CELL_BLADE || PPC_CELLEB || MIPS) || PPC_PS3
- ---help---
- If you have a network (Ethernet) card belonging to this class, say Y
- and read the Ethernet-HOWTO, available from
-diff --git a/drivers/net/wireless/ath/ath9k/hw.c b/drivers/net/wireless/ath/ath9k/hw.c
-index 8873c6e..8b0c2ca 100644
---- a/drivers/net/wireless/ath/ath9k/hw.c
-+++ b/drivers/net/wireless/ath/ath9k/hw.c
-@@ -1034,13 +1034,16 @@ void ath9k_hw_init_global_settings(struct ath_hw *ah)
-
- /*
- * Workaround for early ACK timeouts, add an offset to match the
-- * initval's 64us ack timeout value.
-+ * initval's 64us ack timeout value. Use 48us for the CTS timeout.
- * This was initially only meant to work around an issue with delayed
- * BA frames in some implementations, but it has been found to fix ACK
- * timeout issues in other cases as well.
- */
-- if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ)
-+ if (conf->channel && conf->channel->band == IEEE80211_BAND_2GHZ) {
- acktimeout += 64 - sifstime - ah->slottime;
-+ ctstimeout += 48 - sifstime - ah->slottime;
-+ }
-+
-
- ath9k_hw_set_sifs_time(ah, sifstime);
- ath9k_hw_setslottime(ah, slottime);
-diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c
-index d4c909f..57622e0 100644
---- a/drivers/net/wireless/ath/ath9k/init.c
-+++ b/drivers/net/wireless/ath/ath9k/init.c
-@@ -775,6 +775,11 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
- ARRAY_SIZE(ath9k_tpt_blink));
- #endif
-
-+ INIT_WORK(&sc->hw_reset_work, ath_reset_work);
-+ INIT_WORK(&sc->hw_check_work, ath_hw_check);
-+ INIT_WORK(&sc->paprd_work, ath_paprd_calibrate);
-+ INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work);
-+
- /* Register with mac80211 */
- error = ieee80211_register_hw(hw);
- if (error)
-@@ -793,10 +798,6 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc,
- goto error_world;
- }
-
-- INIT_WORK(&sc->hw_reset_work, ath_reset_work);
-- INIT_WORK(&sc->hw_check_work, ath_hw_check);
-- INIT_WORK(&sc->paprd_work, ath_paprd_calibrate);
-- INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work);
- sc->last_rssi = ATH_RSSI_DUMMY_MARKER;
-
- ath_init_leds(sc);
-diff --git a/drivers/net/wireless/ath/ath9k/recv.c b/drivers/net/wireless/ath/ath9k/recv.c
-index 67b862c..2f3aeac 100644
---- a/drivers/net/wireless/ath/ath9k/recv.c
-+++ b/drivers/net/wireless/ath/ath9k/recv.c
-@@ -824,6 +824,14 @@ static bool ath9k_rx_accept(struct ath_common *common,
- (ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC |
- ATH9K_RXERR_KEYMISS));
-
-+ /*
-+ * Key miss events are only relevant for pairwise keys where the
-+ * descriptor does contain a valid key index. This has been observed
-+ * mostly with CCMP encryption.
-+ */
-+ if (rx_stats->rs_keyix == ATH9K_RXKEYIX_INVALID)
-+ rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS;
-+
- if (!rx_stats->rs_datalen)
- return false;
- /*
-diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
-index 63e4be4..720edf5 100644
---- a/fs/cifs/connect.c
-+++ b/fs/cifs/connect.c
-@@ -756,10 +756,11 @@ standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
- cifs_dump_mem("Bad SMB: ", buf,
- min_t(unsigned int, server->total_read, 48));
-
-- if (mid)
-- handle_mid(mid, server, smb_buffer, length);
-+ if (!mid)
-+ return length;
-
-- return length;
-+ handle_mid(mid, server, smb_buffer, length);
-+ return 0;
- }
-
- static int
-diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
-index d7eeb9d..e4c3334 100644
---- a/fs/cifs/dir.c
-+++ b/fs/cifs/dir.c
-@@ -492,7 +492,7 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry,
- {
- int xid;
- int rc = 0; /* to get around spurious gcc warning, set to zero here */
-- __u32 oplock = 0;
-+ __u32 oplock = enable_oplocks ? REQ_OPLOCK : 0;
- __u16 fileHandle = 0;
- bool posix_open = false;
- struct cifs_sb_info *cifs_sb;
-diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c
-index 517f211..54f5786 100644
---- a/fs/fs-writeback.c
-+++ b/fs/fs-writeback.c
-@@ -48,14 +48,6 @@ struct wb_writeback_work {
- };
-
- /*
-- * Include the creation of the trace points after defining the
-- * wb_writeback_work structure so that the definition remains local to this
-- * file.
-- */
--#define CREATE_TRACE_POINTS
--#include <trace/events/writeback.h>
--
--/*
- * We don't actually have pdflush, but this one is exported though /proc...
- */
- int nr_pdflush_threads;
-@@ -87,6 +79,14 @@ static inline struct inode *wb_inode(struct list_head *head)
- return list_entry(head, struct inode, i_wb_list);
- }
-
-+/*
-+ * Include the creation of the trace points after defining the
-+ * wb_writeback_work structure and inline functions so that the definition
-+ * remains local to this file.
-+ */
-+#define CREATE_TRACE_POINTS
-+#include <trace/events/writeback.h>
-+
- /* Wakeup flusher thread or forker thread to fork it. Requires bdi->wb_lock. */
- static void bdi_wakeup_flusher(struct backing_dev_info *bdi)
- {
-diff --git a/include/linux/bitops.h b/include/linux/bitops.h
-index a3ef66a..fc8a3ff 100644
---- a/include/linux/bitops.h
-+++ b/include/linux/bitops.h
-@@ -50,6 +50,26 @@ static inline unsigned long hweight_long(unsigned long w)
- }
-
- /**
-+ * rol64 - rotate a 64-bit value left
-+ * @word: value to rotate
-+ * @shift: bits to roll
-+ */
-+static inline __u64 rol64(__u64 word, unsigned int shift)
-+{
-+ return (word << shift) | (word >> (64 - shift));
-+}
-+
-+/**
-+ * ror64 - rotate a 64-bit value right
-+ * @word: value to rotate
-+ * @shift: bits to roll
-+ */
-+static inline __u64 ror64(__u64 word, unsigned int shift)
-+{
-+ return (word >> shift) | (word << (64 - shift));
-+}
-+
-+/**
- * rol32 - rotate a 32-bit value left
- * @word: value to rotate
- * @shift: bits to roll
-diff --git a/include/linux/mmc/dw_mmc.h b/include/linux/mmc/dw_mmc.h
-index 6dc9b80..107fcb3 100644
---- a/include/linux/mmc/dw_mmc.h
-+++ b/include/linux/mmc/dw_mmc.h
-@@ -14,6 +14,8 @@
- #ifndef LINUX_MMC_DW_MMC_H
- #define LINUX_MMC_DW_MMC_H
-
-+#include <linux/scatterlist.h>
-+
- #define MAX_MCI_SLOTS 2
-
- enum dw_mci_state {
-@@ -40,7 +42,7 @@ struct mmc_data;
- * @lock: Spinlock protecting the queue and associated data.
- * @regs: Pointer to MMIO registers.
- * @sg: Scatterlist entry currently being processed by PIO code, if any.
-- * @pio_offset: Offset into the current scatterlist entry.
-+ * @sg_miter: PIO mapping scatterlist iterator.
- * @cur_slot: The slot which is currently using the controller.
- * @mrq: The request currently being processed on @cur_slot,
- * or NULL if the controller is idle.
-@@ -115,7 +117,7 @@ struct dw_mci {
- void __iomem *regs;
-
- struct scatterlist *sg;
-- unsigned int pio_offset;
-+ struct sg_mapping_iter sg_miter;
-
- struct dw_mci_slot *cur_slot;
- struct mmc_request *mrq;
-diff --git a/include/linux/proportions.h b/include/linux/proportions.h
-index ef35bb7..26a8a4e 100644
---- a/include/linux/proportions.h
-+++ b/include/linux/proportions.h
-@@ -81,7 +81,11 @@ void prop_inc_percpu(struct prop_descriptor *pd, struct prop_local_percpu *pl)
- * Limit the time part in order to ensure there are some bits left for the
- * cycle counter and fraction multiply.
- */
-+#if BITS_PER_LONG == 32
- #define PROP_MAX_SHIFT (3*BITS_PER_LONG/4)
-+#else
-+#define PROP_MAX_SHIFT (BITS_PER_LONG/2)
-+#endif
-
- #define PROP_FRAC_SHIFT (BITS_PER_LONG - PROP_MAX_SHIFT - 1)
- #define PROP_FRAC_BASE (1UL << PROP_FRAC_SHIFT)
-diff --git a/include/trace/events/writeback.h b/include/trace/events/writeback.h
-index 99d1d0d..1f48f14 100644
---- a/include/trace/events/writeback.h
-+++ b/include/trace/events/writeback.h
-@@ -47,7 +47,10 @@ DECLARE_EVENT_CLASS(writeback_work_class,
- __field(int, reason)
- ),
- TP_fast_assign(
-- strncpy(__entry->name, dev_name(bdi->dev), 32);
-+ struct device *dev = bdi->dev;
-+ if (!dev)
-+ dev = default_backing_dev_info.dev;
-+ strncpy(__entry->name, dev_name(dev), 32);
- __entry->nr_pages = work->nr_pages;
- __entry->sb_dev = work->sb ? work->sb->s_dev : 0;
- __entry->sync_mode = work->sync_mode;
-@@ -418,7 +421,7 @@ DECLARE_EVENT_CLASS(writeback_single_inode_template,
-
- TP_fast_assign(
- strncpy(__entry->name,
-- dev_name(inode->i_mapping->backing_dev_info->dev), 32);
-+ dev_name(inode_to_bdi(inode)->dev), 32);
- __entry->ino = inode->i_ino;
- __entry->state = inode->i_state;
- __entry->dirtied_when = inode->dirtied_when;
-diff --git a/kernel/relay.c b/kernel/relay.c
-index 226fade..b6f803a 100644
---- a/kernel/relay.c
-+++ b/kernel/relay.c
-@@ -164,10 +164,14 @@ depopulate:
- */
- static struct rchan_buf *relay_create_buf(struct rchan *chan)
- {
-- struct rchan_buf *buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
-- if (!buf)
-+ struct rchan_buf *buf;
-+
-+ if (chan->n_subbufs > UINT_MAX / sizeof(size_t *))
- return NULL;
-
-+ buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
-+ if (!buf)
-+ return NULL;
- buf->padding = kmalloc(chan->n_subbufs * sizeof(size_t *), GFP_KERNEL);
- if (!buf->padding)
- goto free_buf;
-@@ -574,6 +578,8 @@ struct rchan *relay_open(const char *base_filename,
-
- if (!(subbuf_size && n_subbufs))
- return NULL;
-+ if (subbuf_size > UINT_MAX / n_subbufs)
-+ return NULL;
-
- chan = kzalloc(sizeof(struct rchan), GFP_KERNEL);
- if (!chan)
-diff --git a/mm/backing-dev.c b/mm/backing-dev.c
-index 71034f4..2b49dd2 100644
---- a/mm/backing-dev.c
-+++ b/mm/backing-dev.c
-@@ -318,7 +318,7 @@ static void wakeup_timer_fn(unsigned long data)
- if (bdi->wb.task) {
- trace_writeback_wake_thread(bdi);
- wake_up_process(bdi->wb.task);
-- } else {
-+ } else if (bdi->dev) {
- /*
- * When bdi tasks are inactive for long time, they are killed.
- * In this case we have to wake-up the forker thread which
-@@ -584,6 +584,8 @@ EXPORT_SYMBOL(bdi_register_dev);
- */
- static void bdi_wb_shutdown(struct backing_dev_info *bdi)
- {
-+ struct task_struct *task;
-+
- if (!bdi_cap_writeback_dirty(bdi))
- return;
-
-@@ -604,9 +606,14 @@ static void bdi_wb_shutdown(struct backing_dev_info *bdi)
- * unfreeze of the thread before calling kthread_stop(), otherwise
- * it would never exet if it is currently stuck in the refrigerator.
- */
-- if (bdi->wb.task) {
-- thaw_process(bdi->wb.task);
-- kthread_stop(bdi->wb.task);
-+ spin_lock_bh(&bdi->wb_lock);
-+ task = bdi->wb.task;
-+ bdi->wb.task = NULL;
-+ spin_unlock_bh(&bdi->wb_lock);
-+
-+ if (task) {
-+ thaw_process(task);
-+ kthread_stop(task);
- }
- }
-
-@@ -627,7 +634,9 @@ static void bdi_prune_sb(struct backing_dev_info *bdi)
-
- void bdi_unregister(struct backing_dev_info *bdi)
- {
-- if (bdi->dev) {
-+ struct device *dev = bdi->dev;
-+
-+ if (dev) {
- bdi_set_min_ratio(bdi, 0);
- trace_writeback_bdi_unregister(bdi);
- bdi_prune_sb(bdi);
-@@ -636,8 +645,12 @@ void bdi_unregister(struct backing_dev_info *bdi)
- if (!bdi_cap_flush_forker(bdi))
- bdi_wb_shutdown(bdi);
- bdi_debug_unregister(bdi);
-- device_unregister(bdi->dev);
-+
-+ spin_lock_bh(&bdi->wb_lock);
- bdi->dev = NULL;
-+ spin_unlock_bh(&bdi->wb_lock);
-+
-+ device_unregister(dev);
- }
- }
- EXPORT_SYMBOL(bdi_unregister);
-diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
-index 5c51607..064d20f 100644
---- a/net/mac80211/rx.c
-+++ b/net/mac80211/rx.c
-@@ -616,7 +616,7 @@ static void ieee80211_sta_reorder_release(struct ieee80211_hw *hw,
- index = seq_sub(tid_agg_rx->head_seq_num, tid_agg_rx->ssn) %
- tid_agg_rx->buf_size;
- if (!tid_agg_rx->reorder_buf[index] &&
-- tid_agg_rx->stored_mpdu_num > 1) {
-+ tid_agg_rx->stored_mpdu_num) {
- /*
- * No buffers ready to be released, but check whether any
- * frames in the reorder buffer have timed out.
-diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c
-index 34e5fcc..9c197d4 100644
---- a/sound/pci/hda/patch_realtek.c
-+++ b/sound/pci/hda/patch_realtek.c
-@@ -4213,8 +4213,26 @@ enum {
- PINFIX_PB_M5210,
- PINFIX_ACER_ASPIRE_7736,
- PINFIX_ASUS_W90V,
-+ ALC889_FIXUP_DAC_ROUTE,
- };
-
-+/* Fix the connection of some pins for ALC889:
-+ * At least, Acer Aspire 5935 shows the connections to DAC3/4 don't
-+ * work correctly (bko#42740)
-+ */
-+static void alc889_fixup_dac_route(struct hda_codec *codec,
-+ const struct alc_fixup *fix, int action)
-+{
-+ if (action == ALC_FIXUP_ACT_PRE_PROBE) {
-+ hda_nid_t conn1[2] = { 0x0c, 0x0d };
-+ hda_nid_t conn2[2] = { 0x0e, 0x0f };
-+ snd_hda_override_conn_list(codec, 0x14, 2, conn1);
-+ snd_hda_override_conn_list(codec, 0x15, 2, conn1);
-+ snd_hda_override_conn_list(codec, 0x18, 2, conn2);
-+ snd_hda_override_conn_list(codec, 0x1a, 2, conn2);
-+ }
-+}
-+
- static const struct alc_fixup alc882_fixups[] = {
- [PINFIX_ABIT_AW9D_MAX] = {
- .type = ALC_FIXUP_PINS,
-@@ -4251,10 +4269,15 @@ static const struct alc_fixup alc882_fixups[] = {
- { }
- }
- },
-+ [ALC889_FIXUP_DAC_ROUTE] = {
-+ .type = ALC_FIXUP_FUNC,
-+ .v.func = alc889_fixup_dac_route,
-+ },
- };
-
- static const struct snd_pci_quirk alc882_fixup_tbl[] = {
- SND_PCI_QUIRK(0x1025, 0x0155, "Packard-Bell M5120", PINFIX_PB_M5210),
-+ SND_PCI_QUIRK(0x1025, 0x0259, "Acer Aspire 5935", ALC889_FIXUP_DAC_ROUTE),
- SND_PCI_QUIRK(0x1043, 0x1873, "ASUS W90V", PINFIX_ASUS_W90V),
- SND_PCI_QUIRK(0x17aa, 0x3a0d, "Lenovo Y530", PINFIX_LENOVO_Y530),
- SND_PCI_QUIRK(0x147b, 0x107a, "Abit AW9D-MAX", PINFIX_ABIT_AW9D_MAX),
-diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c
-index a0a3f50..1fe1308 100644
---- a/sound/pci/hda/patch_via.c
-+++ b/sound/pci/hda/patch_via.c
-@@ -665,6 +665,9 @@ static void via_auto_init_analog_input(struct hda_codec *codec)
- /* init input-src */
- for (i = 0; i < spec->num_adc_nids; i++) {
- int adc_idx = spec->inputs[spec->cur_mux[i]].adc_idx;
-+ /* secondary ADCs must have the unique MUX */
-+ if (i > 0 && !spec->mux_nids[i])
-+ break;
- if (spec->mux_nids[adc_idx]) {
- int mux_idx = spec->inputs[spec->cur_mux[i]].mux_idx;
- snd_hda_codec_write(codec, spec->mux_nids[adc_idx], 0,
-diff --git a/sound/pci/intel8x0.c b/sound/pci/intel8x0.c
-index 11718b49..55f48fb 100644
---- a/sound/pci/intel8x0.c
-+++ b/sound/pci/intel8x0.c
-@@ -2102,6 +2102,12 @@ static struct ac97_quirk ac97_quirks[] __devinitdata = {
- },
- {
- .subvendor = 0x161f,
-+ .subdevice = 0x202f,
-+ .name = "Gateway M520",
-+ .type = AC97_TUNE_INV_EAPD
-+ },
-+ {
-+ .subvendor = 0x161f,
- .subdevice = 0x203a,
- .name = "Gateway 4525GZ", /* AD1981B */
- .type = AC97_TUNE_INV_EAPD
-diff --git a/tools/perf/bench/mem-memcpy-x86-64-asm.S b/tools/perf/bench/mem-memcpy-x86-64-asm.S
-index a57b66e..185a96d 100644
---- a/tools/perf/bench/mem-memcpy-x86-64-asm.S
-+++ b/tools/perf/bench/mem-memcpy-x86-64-asm.S
-@@ -1,2 +1,8 @@
-
- #include "../../../arch/x86/lib/memcpy_64.S"
-+/*
-+ * We need to provide note.GNU-stack section, saying that we want
-+ * NOT executable stack. Otherwise the final linking will assume that
-+ * the ELF stack should not be restricted at all and set it RWX.
-+ */
-+.section .note.GNU-stack,"",@progbits
-diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
-index d7915d4..efca198 100644
---- a/tools/perf/util/evsel.c
-+++ b/tools/perf/util/evsel.c
-@@ -390,6 +390,7 @@ int perf_event__parse_sample(const union perf_event *event, u64 type,
-
- data->cpu = data->pid = data->tid = -1;
- data->stream_id = data->id = data->time = -1ULL;
-+ data->period = 1;
-
- if (event->header.type != PERF_RECORD_SAMPLE) {
- if (!sample_id_all)
diff --git a/3.2.7/0000_README b/3.2.9/0000_README
similarity index 94%
rename from 3.2.7/0000_README
rename to 3.2.9/0000_README
index 7342063..4b71aa6 100644
--- a/3.2.7/0000_README
+++ b/3.2.9/0000_README
@@ -2,11 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 1006_linux-3.2.7.patch
-From: http://www.kernel.org
-Desc: Linux 3.2.7
-
-Patch: 4420_grsecurity-2.9-3.2.7-201202251203.patch
+Patch: 4420_grsecurity-2.9-3.2.9-201203022148.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
similarity index 99%
rename from 3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch
rename to 3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
index be7621a..fa03b34 100644
--- a/3.2.7/4420_grsecurity-2.9-3.2.7-201202251203.patch
+++ b/3.2.9/4420_grsecurity-2.9-3.2.9-201203022148.patch
@@ -186,7 +186,7 @@ index 81c287f..d456d02 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index d1bdc90..e95fe1a 100644
+index 5f1739b..1831396 100644
--- a/Makefile
+++ b/Makefile
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -212,32 +212,34 @@ index d1bdc90..e95fe1a 100644
$(Q)$(MAKE) $(build)=scripts/basic
$(Q)rm -f .tmp_quiet_recordmcount
-@@ -564,6 +565,46 @@ else
+@@ -564,6 +565,48 @@ else
KBUILD_CFLAGS += -O2
endif
+ifndef DISABLE_PAX_PLUGINS
+ifeq ($(shell $(CONFIG_SHELL) $(srctree)/scripts/gcc-plugin.sh "$(HOSTCC)" "$(CC)"), y)
+ifndef DISABLE_PAX_CONSTIFY_PLUGIN
-+CONSTIFY_PLUGIN := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
++CONSTIFY_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/constify_plugin.so -DCONSTIFY_PLUGIN
+endif
+ifdef CONFIG_PAX_MEMORY_STACKLEAK
-+STACKLEAK_PLUGIN := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
-+STACKLEAK_PLUGIN += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
++STACKLEAK_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/stackleak_plugin.so -DSTACKLEAK_PLUGIN
++STACKLEAK_PLUGIN_CFLAGS += -fplugin-arg-stackleak_plugin-track-lowest-sp=100
+endif
+ifdef CONFIG_KALLOCSTAT_PLUGIN
-+KALLOCSTAT_PLUGIN := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
++KALLOCSTAT_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kallocstat_plugin.so
+endif
+ifdef CONFIG_PAX_KERNEXEC_PLUGIN
-+KERNEXEC_PLUGIN := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
-+KERNEXEC_PLUGIN += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD)
++KERNEXEC_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/kernexec_plugin.so
++KERNEXEC_PLUGIN_CFLAGS += -fplugin-arg-kernexec_plugin-method=$(CONFIG_PAX_KERNEXEC_PLUGIN_METHOD) -DKERNEXEC_PLUGIN
++KERNEXEC_PLUGIN_AFLAGS := -DKERNEXEC_PLUGIN
+endif
+ifdef CONFIG_CHECKER_PLUGIN
+ifeq ($(call cc-ifversion, -ge, 0406, y), y)
-+CHECKER_PLUGIN := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
++CHECKER_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/checker_plugin.so -DCHECKER_PLUGIN
+endif
+endif
-+GCC_PLUGINS := $(CONSTIFY_PLUGIN) $(STACKLEAK_PLUGIN) $(KALLOCSTAT_PLUGIN) $(KERNEXEC_PLUGIN) $(CHECKER_PLUGIN)
++GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS)
++GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN
+ifeq ($(KBUILD_EXTMOD),)
+gcc-plugins:
@@ -259,7 +261,7 @@ index d1bdc90..e95fe1a 100644
include $(srctree)/arch/$(SRCARCH)/Makefile
ifneq ($(CONFIG_FRAME_WARN),0)
-@@ -708,7 +749,7 @@ export mod_strip_cmd
+@@ -708,7 +751,7 @@ export mod_strip_cmd
ifeq ($(KBUILD_EXTMOD),)
@@ -268,15 +270,16 @@ index d1bdc90..e95fe1a 100644
vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
$(core-y) $(core-m) $(drivers-y) $(drivers-m) \
-@@ -932,6 +973,7 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
+@@ -932,6 +975,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
# The actual objects are generated when descending,
# make sure no implicit rule kicks in
-+$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS)
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
$(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Handle descending into subdirectories listed in $(vmlinux-dirs)
-@@ -941,7 +983,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
+@@ -941,7 +986,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
# Error messages still appears in the original language
PHONY += $(vmlinux-dirs)
@@ -285,23 +288,24 @@ index d1bdc90..e95fe1a 100644
$(Q)$(MAKE) $(build)=$@
# Store (new) KERNELRELASE string in include/config/kernel.release
-@@ -985,6 +1027,7 @@ prepare0: archprepare FORCE
+@@ -985,6 +1030,7 @@ prepare0: archprepare FORCE
$(Q)$(MAKE) $(build)=.
# All the preparing..
-+prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS),$(KBUILD_CFLAGS))
++prepare: KBUILD_CFLAGS := $(filter-out $(GCC_PLUGINS_CFLAGS),$(KBUILD_CFLAGS))
prepare: prepare0
# Generate some files
-@@ -1086,6 +1129,7 @@ all: modules
+@@ -1086,6 +1132,8 @@ all: modules
# using awk while concatenating to the final file.
PHONY += modules
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
$(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
@$(kecho) ' Building modules, stage 2.';
-@@ -1101,7 +1145,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
+@@ -1101,7 +1149,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
# Target to prepare building external modules
PHONY += modules_prepare
@@ -310,7 +314,7 @@ index d1bdc90..e95fe1a 100644
# Target to install modules
PHONY += modules_install
-@@ -1198,6 +1242,7 @@ distclean: mrproper
+@@ -1198,6 +1246,7 @@ distclean: mrproper
\( -name '*.orig' -o -name '*.rej' -o -name '*~' \
-o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
-o -name '.*.rej' \
@@ -318,26 +322,29 @@ index d1bdc90..e95fe1a 100644
-o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
-type f -print | xargs rm -f
-@@ -1358,6 +1403,7 @@ PHONY += $(module-dirs) modules
+@@ -1358,6 +1407,8 @@ PHONY += $(module-dirs) modules
$(module-dirs): crmodverdir $(objtree)/Module.symvers
$(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
-+modules: KBUILD_CFLAGS += $(GCC_PLUGINS)
++modules: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++modules: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
modules: $(module-dirs)
@$(kecho) ' Building modules, stage 2.';
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
-@@ -1484,17 +1530,19 @@ else
+@@ -1484,17 +1535,21 @@ else
target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
endif
-%.s: %.c prepare scripts FORCE
-+%.s: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.s: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.s: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.s: %.c gcc-plugins prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.i: %.c prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
-%.o: %.c prepare scripts FORCE
-+%.o: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.o: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.o: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.o: %.c gcc-plugins prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.lst: %.c prepare scripts FORCE
@@ -350,18 +357,20 @@ index d1bdc90..e95fe1a 100644
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
%.symtypes: %.c prepare scripts FORCE
$(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
-@@ -1504,11 +1552,13 @@ endif
+@@ -1504,11 +1559,15 @@ endif
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
$(build)=$(build-dir)
-%/: prepare scripts FORCE
-+%/: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%/: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%/: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%/: gcc-plugins prepare scripts FORCE
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
$(build)=$(build-dir)
-%.ko: prepare scripts FORCE
-+%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS)
++%.ko: KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
++%.ko: KBUILD_AFLAGS += $(GCC_PLUGINS_AFLAGS)
+%.ko: gcc-plugins prepare scripts FORCE
$(cmd_crmodverdir)
$(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
@@ -7304,7 +7313,7 @@ index f6f5c53..b358b28 100644
set_fs(old_fs);
diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h
-index 091508b..e245ff2 100644
+index 091508b..7692c6f 100644
--- a/arch/x86/include/asm/alternative-asm.h
+++ b/arch/x86/include/asm/alternative-asm.h
@@ -4,10 +4,10 @@
@@ -7324,7 +7333,7 @@ index 091508b..e245ff2 100644
.endm
#endif
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++#ifdef KERNEXEC_PLUGIN
+ .macro pax_force_retaddr_bts rip=0
+ btsq $63,\rip(%rsp)
+ .endm
@@ -8821,7 +8830,7 @@ index eb92a6e..b98b2f4 100644
/* EISA */
extern void eisa_set_level_irq(unsigned int irq);
diff --git a/arch/x86/include/asm/i387.h b/arch/x86/include/asm/i387.h
-index c9e09ea..73888df 100644
+index a850b4d..bae26dc 100644
--- a/arch/x86/include/asm/i387.h
+++ b/arch/x86/include/asm/i387.h
@@ -92,6 +92,11 @@ static inline int fxrstor_checking(struct i387_fxsave_struct *fx)
@@ -8848,31 +8857,15 @@ index c9e09ea..73888df 100644
/*
* Clear the bytes not touched by the fxsave and reserved
* for the SW usage.
-@@ -213,13 +223,8 @@ static inline void fpu_fxsave(struct fpu *fpu)
- #endif /* CONFIG_X86_64 */
-
- /* We need a safe address that is cheap to find and that is already
-- in L1 during context switch. The best choices are unfortunately
-- different for UP and SMP */
--#ifdef CONFIG_SMP
--#define safe_address (__per_cpu_offset[0])
--#else
--#define safe_address (kstat_cpu(0).cpustat.user)
--#endif
-+ in L1 during context switch. */
-+#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0)
+@@ -424,7 +434,7 @@ static inline bool interrupted_kernel_fpu_idle(void)
+ static inline bool interrupted_user_mode(void)
+ {
+ struct pt_regs *regs = get_irq_regs();
+- return regs && user_mode_vm(regs);
++ return regs && user_mode(regs);
+ }
/*
- * These must be called with preempt disabled
-@@ -312,7 +317,7 @@ static inline void kernel_fpu_begin(void)
- struct thread_info *me = current_thread_info();
- preempt_disable();
- if (me->status & TS_USEDFPU)
-- __save_init_fpu(me->task);
-+ __save_init_fpu(current);
- else
- clts();
- }
diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h
index d8e8eef..99f81ae 100644
--- a/arch/x86/include/asm/io.h
@@ -9976,7 +9969,7 @@ index 013286a..8b42f4f 100644
#define pgprot_writecombine pgprot_writecombine
extern pgprot_t pgprot_writecombine(pgprot_t prot);
diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
-index b650435..eefa566 100644
+index bb3ee36..781a6b8 100644
--- a/arch/x86/include/asm/processor.h
+++ b/arch/x86/include/asm/processor.h
@@ -268,7 +268,7 @@ struct tss_struct {
@@ -9988,7 +9981,7 @@ index b650435..eefa566 100644
/*
* Save the original ist values for checking stack pointers during debugging
-@@ -860,11 +860,18 @@ static inline void spin_lock_prefetch(const void *x)
+@@ -861,11 +861,18 @@ static inline void spin_lock_prefetch(const void *x)
*/
#define TASK_SIZE PAGE_OFFSET
#define TASK_SIZE_MAX TASK_SIZE
@@ -10009,7 +10002,7 @@ index b650435..eefa566 100644
.vm86_info = NULL, \
.sysenter_cs = __KERNEL_CS, \
.io_bitmap_ptr = NULL, \
-@@ -878,7 +885,7 @@ static inline void spin_lock_prefetch(const void *x)
+@@ -879,7 +886,7 @@ static inline void spin_lock_prefetch(const void *x)
*/
#define INIT_TSS { \
.x86_tss = { \
@@ -10018,7 +10011,7 @@ index b650435..eefa566 100644
.ss0 = __KERNEL_DS, \
.ss1 = __KERNEL_CS, \
.io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \
-@@ -889,11 +896,7 @@ static inline void spin_lock_prefetch(const void *x)
+@@ -890,11 +897,7 @@ static inline void spin_lock_prefetch(const void *x)
extern unsigned long thread_saved_pc(struct task_struct *tsk);
#define THREAD_SIZE_LONGS (THREAD_SIZE/sizeof(unsigned long))
@@ -10031,7 +10024,7 @@ index b650435..eefa566 100644
/*
* The below -8 is to reserve 8 bytes on top of the ring0 stack.
-@@ -908,7 +911,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
+@@ -909,7 +912,7 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
#define task_pt_regs(task) \
({ \
struct pt_regs *__regs__; \
@@ -10040,7 +10033,7 @@ index b650435..eefa566 100644
__regs__ - 1; \
})
-@@ -918,13 +921,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
+@@ -919,13 +922,13 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
/*
* User space process size. 47bits minus one guard page.
*/
@@ -10056,7 +10049,7 @@ index b650435..eefa566 100644
#define TASK_SIZE (test_thread_flag(TIF_IA32) ? \
IA32_PAGE_OFFSET : TASK_SIZE_MAX)
-@@ -935,11 +938,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
+@@ -936,11 +939,11 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk);
#define STACK_TOP_MAX TASK_SIZE_MAX
#define INIT_THREAD { \
@@ -10070,7 +10063,7 @@ index b650435..eefa566 100644
}
/*
-@@ -961,6 +964,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip,
+@@ -962,6 +965,10 @@ extern void start_thread(struct pt_regs *regs, unsigned long new_ip,
*/
#define TASK_UNMAPPED_BASE (PAGE_ALIGN(TASK_SIZE / 3))
@@ -10601,7 +10594,7 @@ index 2d2f01c..f985723 100644
/*
* Force strict CPU ordering.
diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h
-index a1fe5c1..ee326d8 100644
+index d7ef849..6af292e 100644
--- a/arch/x86/include/asm/thread_info.h
+++ b/arch/x86/include/asm/thread_info.h
@@ -10,6 +10,7 @@
@@ -10745,7 +10738,7 @@ index a1fe5c1..ee326d8 100644
#endif
#endif /* !X86_32 */
-@@ -266,5 +242,16 @@ extern void arch_task_cache_init(void);
+@@ -264,5 +240,16 @@ extern void arch_task_cache_init(void);
extern void free_thread_info(struct thread_info *ti);
extern int arch_dup_task_struct(struct task_struct *dst, struct task_struct *src);
#define arch_task_cache_init arch_task_cache_init
@@ -15876,7 +15869,7 @@ index faba577..93b9e71 100644
return single_step_cont(regs, args);
break;
diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c
-index 7da647d..5d3c4c1 100644
+index 7da647d..56fe348 100644
--- a/arch/x86/kernel/kprobes.c
+++ b/arch/x86/kernel/kprobes.c
@@ -118,8 +118,11 @@ static void __kprobes __synthesize_relative_insn(void *from, void *to, u8 op)
@@ -15966,7 +15959,7 @@ index 7da647d..5d3c4c1 100644
" movq %rax, 152(%rsp)\n"
RESTORE_REGS_STRING
" popfq\n"
-+#ifdef CONFIG_PAX_KERNEXEC_PLUGIN
++#ifdef KERNEXEC_PLUGIN
+ " btsq $63,(%rsp)\n"
+#endif
#else
@@ -16615,7 +16608,7 @@ index ee5d4fb..426649b 100644
+}
+#endif
diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
-index 795b79f..063767a 100644
+index 8598296..bfadef0 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -67,6 +67,7 @@ asmlinkage void ret_from_fork(void) __asm__("ret_from_fork");
@@ -16666,10 +16659,10 @@ index 795b79f..063767a 100644
int cpu = smp_processor_id();
- struct tss_struct *tss = &per_cpu(init_tss, cpu);
+ struct tss_struct *tss = init_tss + cpu;
- bool preload_fpu;
+ fpu_switch_t fpu;
/* never put a printk in __switch_to... printk() calls wake_up*() indirectly */
-@@ -331,6 +332,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
+@@ -320,6 +321,10 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
*/
lazy_save_gs(prev->gs);
@@ -16680,32 +16673,32 @@ index 795b79f..063767a 100644
/*
* Load the per-thread Thread-Local Storage descriptor.
*/
-@@ -366,6 +371,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
+@@ -350,6 +355,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
*/
arch_end_context_switch(next_p);
+ percpu_write(current_task, next_p);
+ percpu_write(current_tinfo, &next_p->tinfo);
+
- if (preload_fpu)
- __math_state_restore();
+ /*
+ * Restore %gs if needed (which is common)
+ */
+@@ -358,8 +366,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
-@@ -375,8 +383,6 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
- if (prev->gs | next->gs)
- lazy_load_gs(next->gs);
+ switch_fpu_finish(next_p, fpu);
- percpu_write(current_task, next_p);
-
return prev_p;
}
-@@ -406,4 +412,3 @@ unsigned long get_wchan(struct task_struct *p)
+@@ -389,4 +395,3 @@ unsigned long get_wchan(struct task_struct *p)
} while (count++ < 16);
return 0;
}
-
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
-index 3bd7e6e..90b2bcf 100644
+index 6a364a6..b147d11 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -89,7 +89,7 @@ static void __exit_idle(void)
@@ -16742,9 +16735,9 @@ index 3bd7e6e..90b2bcf 100644
- struct tss_struct *tss = &per_cpu(init_tss, cpu);
+ struct tss_struct *tss = init_tss + cpu;
unsigned fsindex, gsindex;
- bool preload_fpu;
+ fpu_switch_t fpu;
-@@ -475,10 +475,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
+@@ -461,10 +461,9 @@ __switch_to(struct task_struct *prev_p, struct task_struct *next_p)
prev->usersp = percpu_read(old_rsp);
percpu_write(old_rsp, next->usersp);
percpu_write(current_task, next_p);
@@ -16757,7 +16750,7 @@ index 3bd7e6e..90b2bcf 100644
/*
* Now maybe reload the debug registers and handle I/O bitmaps
-@@ -540,12 +539,11 @@ unsigned long get_wchan(struct task_struct *p)
+@@ -519,12 +518,11 @@ unsigned long get_wchan(struct task_struct *p)
if (!p || p == current || p->state == TASK_RUNNING)
return 0;
stack = (unsigned long)task_stack_page(p);
@@ -17813,7 +17806,7 @@ index 09ff517..df19fbff 100644
.short 0
.quad 0x00cf9b000000ffff # __KERNEL32_CS
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
-index a8e3eb8..c9dbd7d 100644
+index 31d9d0f..e244dd9 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -70,12 +70,6 @@ asmlinkage int system_call(void);
@@ -17958,25 +17951,17 @@ index a8e3eb8..c9dbd7d 100644
{
if (!fixup_exception(regs)) {
task->thread.error_code = error_code;
-@@ -568,7 +597,7 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void)
- void __math_state_restore(void)
+@@ -569,8 +598,8 @@ asmlinkage void __attribute__((weak)) smp_threshold_interrupt(void)
+ void __math_state_restore(struct task_struct *tsk)
{
- struct thread_info *thread = current_thread_info();
-- struct task_struct *tsk = thread->task;
-+ struct task_struct *tsk = current;
-
- /*
- * Paranoid restore. send a SIGSEGV if we fail to restore the state.
-@@ -595,8 +624,7 @@ void __math_state_restore(void)
- */
- asmlinkage void math_state_restore(void)
- {
-- struct thread_info *thread = current_thread_info();
-- struct task_struct *tsk = thread->task;
-+ struct task_struct *tsk = current;
+ /* We need a safe address that is cheap to find and that is already
+- in L1. We've just brought in "tsk->thread.has_fpu", so use that */
+-#define safe_address (tsk->thread.has_fpu)
++ in L1. */
++#define safe_address (init_tss[smp_processor_id()].x86_tss.sp0)
- if (!tsk_used_math(tsk)) {
- local_irq_enable();
+ /* AMD K7/K8 CPUs don't save/restore FDP/FIP/FOP unless an exception
+ is pending. Clear the x87 state here by setting it to fixed
diff --git a/arch/x86/kernel/verify_cpu.S b/arch/x86/kernel/verify_cpu.S
index b9242ba..50c5edd 100644
--- a/arch/x86/kernel/verify_cpu.S
@@ -18387,7 +18372,7 @@ index 9796c2f..f686fbf 100644
EXPORT_SYMBOL(copy_page);
EXPORT_SYMBOL(clear_page);
diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c
-index a391134..d0b63b6e 100644
+index 7110911..e8cdee5 100644
--- a/arch/x86/kernel/xsave.c
+++ b/arch/x86/kernel/xsave.c
@@ -130,7 +130,7 @@ int check_for_xstate(struct i387_fxsave_struct __user *buf,
@@ -18399,7 +18384,7 @@ index a391134..d0b63b6e 100644
fx_sw_user->extended_size -
FP_XSTATE_MAGIC2_SIZE));
if (err)
-@@ -267,7 +267,7 @@ fx_only:
+@@ -266,7 +266,7 @@ fx_only:
* the other extended state.
*/
xrstor_state(init_xstate_buf, pcntxt_mask & ~XSTATE_FPSSE);
@@ -18408,7 +18393,7 @@ index a391134..d0b63b6e 100644
}
/*
-@@ -299,7 +299,7 @@ int restore_i387_xstate(void __user *buf)
+@@ -295,7 +295,7 @@ int restore_i387_xstate(void __user *buf)
if (use_xsave())
err = restore_user_xstate(buf);
else
@@ -18531,7 +18516,7 @@ index e32243e..a6e6172 100644
local_irq_disable();
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
-index 579a0b5..ed7bbf9 100644
+index 4ea7678..b3a7084 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1305,7 +1305,11 @@ static void reload_tss(void)
@@ -33858,7 +33843,7 @@ index 1cfbf22..be96487 100644
#define ASPM_STATE_ALL (ASPM_STATE_L0S | ASPM_STATE_L1)
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c
-index 04e74f4..a960176 100644
+index dfee1b3..a454fb6 100644
--- a/drivers/pci/probe.c
+++ b/drivers/pci/probe.c
@@ -136,7 +136,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type,
@@ -35611,7 +35596,7 @@ index 6845228..df77141 100644
core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count);
diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c
-index 861628e..659ae80 100644
+index e4ddb93..2fc6e0f 100644
--- a/drivers/target/target_core_transport.c
+++ b/drivers/target/target_core_transport.c
@@ -1343,7 +1343,7 @@ struct se_device *transport_add_device_to_core_hba(
@@ -35653,7 +35638,7 @@ index 861628e..659ae80 100644
cmd->t_task_list_num)
atomic_set(&cmd->t_transport_sent, 1);
-@@ -4273,7 +4273,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd)
+@@ -4296,7 +4296,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd)
atomic_set(&cmd->transport_lun_stop, 0);
}
if (!atomic_read(&cmd->t_transport_active) ||
@@ -35662,7 +35647,7 @@ index 861628e..659ae80 100644
spin_unlock_irqrestore(&cmd->t_state_lock, flags);
return false;
}
-@@ -4522,7 +4522,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
+@@ -4545,7 +4545,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
{
int ret = 0;
@@ -35671,7 +35656,7 @@ index 861628e..659ae80 100644
if (!send_status ||
(cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
return 1;
-@@ -4559,7 +4559,7 @@ void transport_send_task_abort(struct se_cmd *cmd)
+@@ -4582,7 +4582,7 @@ void transport_send_task_abort(struct se_cmd *cmd)
*/
if (cmd->data_direction == DMA_TO_DEVICE) {
if (cmd->se_tfo->write_pending_status(cmd) != 0) {
@@ -39865,7 +39850,7 @@ index a6395bd..a5b24c4 100644
fd_offset + ex.a_text);
up_write(¤t->mm->mmap_sem);
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 21ac5ee..31d14e9 100644
+index 21ac5ee..ca0d90f 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -32,6 +32,7 @@
@@ -40000,6 +39985,7 @@ index 21ac5ee..31d14e9 100644
return error;
}
++#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
+static unsigned long pax_parse_pt_pax_softmode(const struct elf_phdr * const elf_phdata)
+{
+ unsigned long pax_flags = 0UL;
@@ -40145,7 +40131,7 @@ index 21ac5ee..31d14e9 100644
+#endif
+
+#ifdef CONFIG_PAX_SEGMEXEC
-+ if (!(__supported_pte_mask & _PAGE_NX)) {
++ if (!(pax_flags & MF_PAX_PAGEEXEC) || !(__supported_pte_mask & _PAGE_NX)) {
+ pax_flags &= ~MF_PAX_PAGEEXEC;
+ pax_flags |= MF_PAX_SEGMEXEC;
+ }
@@ -40319,7 +40305,6 @@ index 21ac5ee..31d14e9 100644
+
+}
+
-+#if defined(CONFIG_PAX_EI_PAX) || defined(CONFIG_PAX_PT_PAX_FLAGS) || defined(CONFIG_PAX_XATTR_PAX_FLAGS)
+static long pax_parse_pax_flags(const struct elfhdr * const elf_ex, const struct elf_phdr * const elf_phdata, struct file * const file)
+{
+ unsigned long pax_flags, pt_pax_flags, xattr_pax_flags;
@@ -41623,7 +41608,7 @@ index f3a257d..715ac0f 100644
}
EXPORT_SYMBOL_GPL(debugfs_create_dir);
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
-index d2039ca..a766407 100644
+index af11098..81e3bbe 100644
--- a/fs/ecryptfs/inode.c
+++ b/fs/ecryptfs/inode.c
@@ -691,7 +691,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf,
@@ -44407,7 +44392,7 @@ index 637694b..f84a121 100644
lock_flocks();
diff --git a/fs/namei.c b/fs/namei.c
-index 5008f01..90328a7 100644
+index 744e942..24ef47f 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -279,16 +279,32 @@ int generic_permission(struct inode *inode, int mask)
@@ -44482,7 +44467,7 @@ index 5008f01..90328a7 100644
error = 0;
if (s)
error = __vfs_follow_link(nd, s);
-@@ -1622,6 +1638,21 @@ static int path_lookupat(int dfd, const char *name,
+@@ -1624,6 +1640,21 @@ static int path_lookupat(int dfd, const char *name,
if (!err)
err = complete_walk(nd);
@@ -44504,7 +44489,7 @@ index 5008f01..90328a7 100644
if (!err && nd->flags & LOOKUP_DIRECTORY) {
if (!nd->inode->i_op->lookup) {
path_put(&nd->path);
-@@ -1649,6 +1680,15 @@ static int do_path_lookup(int dfd, const char *name,
+@@ -1651,6 +1682,15 @@ static int do_path_lookup(int dfd, const char *name,
retval = path_lookupat(dfd, name, flags | LOOKUP_REVAL, nd);
if (likely(!retval)) {
@@ -44520,7 +44505,7 @@ index 5008f01..90328a7 100644
if (unlikely(!audit_dummy_context())) {
if (nd->path.dentry && nd->inode)
audit_inode(name, nd->path.dentry);
-@@ -2046,6 +2086,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
+@@ -2048,6 +2088,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
if (flag & O_NOATIME && !inode_owner_or_capable(inode))
return -EPERM;
@@ -44534,7 +44519,7 @@ index 5008f01..90328a7 100644
return 0;
}
-@@ -2107,6 +2154,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2109,6 +2156,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
error = complete_walk(nd);
if (error)
return ERR_PTR(error);
@@ -44551,7 +44536,7 @@ index 5008f01..90328a7 100644
audit_inode(pathname, nd->path.dentry);
if (open_flag & O_CREAT) {
error = -EISDIR;
-@@ -2117,6 +2174,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2119,6 +2176,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
error = complete_walk(nd);
if (error)
return ERR_PTR(error);
@@ -44568,7 +44553,7 @@ index 5008f01..90328a7 100644
audit_inode(pathname, dir);
goto ok;
}
-@@ -2138,6 +2205,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2140,6 +2207,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
error = complete_walk(nd);
if (error)
return ERR_PTR(-ECHILD);
@@ -44585,7 +44570,7 @@ index 5008f01..90328a7 100644
error = -ENOTDIR;
if (nd->flags & LOOKUP_DIRECTORY) {
-@@ -2178,6 +2255,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2180,6 +2257,12 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
/* Negative dentry, just create the file */
if (!dentry->d_inode) {
int mode = op->mode;
@@ -44598,7 +44583,7 @@ index 5008f01..90328a7 100644
if (!IS_POSIXACL(dir->d_inode))
mode &= ~current_umask();
/*
-@@ -2201,6 +2284,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2203,6 +2286,8 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
error = vfs_create(dir->d_inode, dentry, mode, nd);
if (error)
goto exit_mutex_unlock;
@@ -44607,7 +44592,7 @@ index 5008f01..90328a7 100644
mutex_unlock(&dir->d_inode->i_mutex);
dput(nd->path.dentry);
nd->path.dentry = dentry;
-@@ -2210,6 +2295,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
+@@ -2212,6 +2297,19 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
/*
* It already exists.
*/
@@ -44627,7 +44612,7 @@ index 5008f01..90328a7 100644
mutex_unlock(&dir->d_inode->i_mutex);
audit_inode(pathname, path->dentry);
-@@ -2422,6 +2520,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path
+@@ -2424,6 +2522,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path
*path = nd.path;
return dentry;
eexist:
@@ -44639,7 +44624,7 @@ index 5008f01..90328a7 100644
dput(dentry);
dentry = ERR_PTR(-EEXIST);
fail:
-@@ -2444,6 +2547,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat
+@@ -2446,6 +2549,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, struct pat
}
EXPORT_SYMBOL(user_path_create);
@@ -44660,7 +44645,7 @@ index 5008f01..90328a7 100644
int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
{
int error = may_create(dir, dentry);
-@@ -2511,6 +2628,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
+@@ -2513,6 +2630,17 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
error = mnt_want_write(path.mnt);
if (error)
goto out_dput;
@@ -44678,7 +44663,7 @@ index 5008f01..90328a7 100644
error = security_path_mknod(&path, dentry, mode, dev);
if (error)
goto out_drop_write;
-@@ -2528,6 +2656,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
+@@ -2530,6 +2658,9 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, int, mode,
}
out_drop_write:
mnt_drop_write(path.mnt);
@@ -44688,7 +44673,7 @@ index 5008f01..90328a7 100644
out_dput:
dput(dentry);
mutex_unlock(&path.dentry->d_inode->i_mutex);
-@@ -2577,12 +2708,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode)
+@@ -2579,12 +2710,21 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, int, mode)
error = mnt_want_write(path.mnt);
if (error)
goto out_dput;
@@ -44710,7 +44695,7 @@ index 5008f01..90328a7 100644
out_dput:
dput(dentry);
mutex_unlock(&path.dentry->d_inode->i_mutex);
-@@ -2662,6 +2802,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
+@@ -2664,6 +2804,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
char * name;
struct dentry *dentry;
struct nameidata nd;
@@ -44719,7 +44704,7 @@ index 5008f01..90328a7 100644
error = user_path_parent(dfd, pathname, &nd, &name);
if (error)
-@@ -2690,6 +2832,15 @@ static long do_rmdir(int dfd, const char __user *pathname)
+@@ -2692,6 +2834,15 @@ static long do_rmdir(int dfd, const char __user *pathname)
error = -ENOENT;
goto exit3;
}
@@ -44735,7 +44720,7 @@ index 5008f01..90328a7 100644
error = mnt_want_write(nd.path.mnt);
if (error)
goto exit3;
-@@ -2697,6 +2848,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
+@@ -2699,6 +2850,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
if (error)
goto exit4;
error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
@@ -44744,7 +44729,7 @@ index 5008f01..90328a7 100644
exit4:
mnt_drop_write(nd.path.mnt);
exit3:
-@@ -2759,6 +2912,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
+@@ -2761,6 +2914,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
struct dentry *dentry;
struct nameidata nd;
struct inode *inode = NULL;
@@ -44753,7 +44738,7 @@ index 5008f01..90328a7 100644
error = user_path_parent(dfd, pathname, &nd, &name);
if (error)
-@@ -2781,6 +2936,16 @@ static long do_unlinkat(int dfd, const char __user *pathname)
+@@ -2783,6 +2938,16 @@ static long do_unlinkat(int dfd, const char __user *pathname)
if (!inode)
goto slashes;
ihold(inode);
@@ -44770,7 +44755,7 @@ index 5008f01..90328a7 100644
error = mnt_want_write(nd.path.mnt);
if (error)
goto exit2;
-@@ -2788,6 +2953,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
+@@ -2790,6 +2955,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
if (error)
goto exit3;
error = vfs_unlink(nd.path.dentry->d_inode, dentry);
@@ -44779,7 +44764,7 @@ index 5008f01..90328a7 100644
exit3:
mnt_drop_write(nd.path.mnt);
exit2:
-@@ -2863,10 +3030,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname,
+@@ -2865,10 +3032,18 @@ SYSCALL_DEFINE3(symlinkat, const char __user *, oldname,
error = mnt_want_write(path.mnt);
if (error)
goto out_dput;
@@ -44798,7 +44783,7 @@ index 5008f01..90328a7 100644
out_drop_write:
mnt_drop_write(path.mnt);
out_dput:
-@@ -2938,6 +3113,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
+@@ -2940,6 +3115,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
{
struct dentry *new_dentry;
struct path old_path, new_path;
@@ -44806,7 +44791,7 @@ index 5008f01..90328a7 100644
int how = 0;
int error;
-@@ -2961,7 +3137,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
+@@ -2963,7 +3139,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
if (error)
return error;
@@ -44815,7 +44800,7 @@ index 5008f01..90328a7 100644
error = PTR_ERR(new_dentry);
if (IS_ERR(new_dentry))
goto out;
-@@ -2972,13 +3148,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
+@@ -2974,13 +3150,30 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
error = mnt_want_write(new_path.mnt);
if (error)
goto out_dput;
@@ -44846,7 +44831,7 @@ index 5008f01..90328a7 100644
dput(new_dentry);
mutex_unlock(&new_path.dentry->d_inode->i_mutex);
path_put(&new_path);
-@@ -3206,6 +3399,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
+@@ -3208,6 +3401,12 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
if (new_dentry == trap)
goto exit5;
@@ -44859,7 +44844,7 @@ index 5008f01..90328a7 100644
error = mnt_want_write(oldnd.path.mnt);
if (error)
goto exit5;
-@@ -3215,6 +3414,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
+@@ -3217,6 +3416,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname,
goto exit6;
error = vfs_rename(old_dir->d_inode, old_dentry,
new_dir->d_inode, new_dentry);
@@ -44869,7 +44854,7 @@ index 5008f01..90328a7 100644
exit6:
mnt_drop_write(oldnd.path.mnt);
exit5:
-@@ -3240,6 +3442,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
+@@ -3242,6 +3444,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
{
@@ -44878,7 +44863,7 @@ index 5008f01..90328a7 100644
int len;
len = PTR_ERR(link);
-@@ -3249,7 +3453,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
+@@ -3251,7 +3455,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
len = strlen(link);
if (len > (unsigned) buflen)
len = buflen;
@@ -45525,7 +45510,7 @@ index 15af622..0e9f4467 100644
help
Various /proc files exist to monitor process memory utilization:
diff --git a/fs/proc/array.c b/fs/proc/array.c
-index 3a1dafd..1456746 100644
+index 3a1dafd..bf1bd84 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -60,6 +60,7 @@
@@ -45633,9 +45618,12 @@ index 3a1dafd..1456746 100644
esp,
eip,
/* The signal information here is obsolete.
-@@ -535,6 +592,13 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
+@@ -533,8 +590,15 @@ int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
+ struct pid *pid, struct task_struct *task)
+ {
unsigned long size = 0, resident = 0, shared = 0, text = 0, data = 0;
- struct mm_struct *mm = get_task_mm(task);
+- struct mm_struct *mm = get_task_mm(task);
++ struct mm_struct *mm;
+#ifdef CONFIG_GRKERNSEC_PROC_MEMMAP
+ if (current->exec_id != m->exec_id) {
@@ -45643,7 +45631,7 @@ index 3a1dafd..1456746 100644
+ return 0;
+ }
+#endif
-+
++ mm = get_task_mm(task);
if (mm) {
size = task_statm(mm, &shared, &text, &data, &resident);
mmput(mm);
@@ -58438,10 +58426,10 @@ index 84ccf8e..2e9b14c 100644
};
diff --git a/include/linux/fs.h b/include/linux/fs.h
-index e0bc4ff..d79c2fa 100644
+index 10b2288..09180e4 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
-@@ -1608,7 +1608,8 @@ struct file_operations {
+@@ -1609,7 +1609,8 @@ struct file_operations {
int (*setlease)(struct file *, long, struct file_lock **);
long (*fallocate)(struct file *file, int mode, loff_t offset,
loff_t len);
@@ -59261,7 +59249,7 @@ index 0000000..da390f1
+#endif
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h
new file mode 100644
-index 0000000..f885406
+index 0000000..ae576a1
--- /dev/null
+++ b/include/linux/grmsg.h
@@ -0,0 +1,109 @@
@@ -59316,7 +59304,7 @@ index 0000000..f885406
+#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by "
+#define GR_INITF_ACL_MSG "init_variables() failed %s by "
+#define GR_DISABLED_ACL_MSG "Error loading %s, trying to run kernel with acls disabled. To disable acls at startup use <kernel image name> gracl=off from your boot loader"
-+#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbaged by "
++#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbage by "
+#define GR_SHUTS_ACL_MSG "shutdown auth success for "
+#define GR_SHUTF_ACL_MSG "shutdown auth failure for "
+#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for "
@@ -61270,7 +61258,7 @@ index c14fe86..393245e 100644
#define RPCRDMA_VERSION 1
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
-index 703cfa3..0b8ca72ac 100644
+index 703cfa33..0b8ca72ac 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -155,7 +155,11 @@ enum
@@ -61790,10 +61778,10 @@ index 9e5425b..8136ffc 100644
/* Protects from simultaneous access to first_req list */
spinlock_t info_list_lock;
diff --git a/include/net/flow.h b/include/net/flow.h
-index 57f15a7..0de26c6 100644
+index 2a7eefd..3250f3b 100644
--- a/include/net/flow.h
+++ b/include/net/flow.h
-@@ -208,6 +208,6 @@ extern struct flow_cache_object *flow_cache_lookup(
+@@ -218,6 +218,6 @@ extern struct flow_cache_object *flow_cache_lookup(
extern void flow_cache_flush(void);
extern void flow_cache_flush_deferred(void);
@@ -62188,7 +62176,7 @@ index 444cd6b..3327cc5 100644
const struct firmware *dsp_microcode;
const struct firmware *controller_microcode;
diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h
-index a79886c..b483af6 100644
+index 94bbec3..3a8c6b0 100644
--- a/include/target/target_core_base.h
+++ b/include/target/target_core_base.h
@@ -346,7 +346,7 @@ struct t10_reservation_ops {
@@ -62211,7 +62199,7 @@ index a79886c..b483af6 100644
atomic_t t_transport_active;
atomic_t t_transport_complete;
atomic_t t_transport_queue_active;
-@@ -704,7 +704,7 @@ struct se_device {
+@@ -705,7 +705,7 @@ struct se_device {
/* Active commands on this virtual SE device */
atomic_t simple_cmds;
atomic_t depth_left;
@@ -62716,7 +62704,7 @@ index 5b4293d..f179875 100644
if (u->mq_bytes + mq_bytes < u->mq_bytes ||
u->mq_bytes + mq_bytes > task_rlimit(p, RLIMIT_MSGQUEUE)) {
diff --git a/ipc/msg.c b/ipc/msg.c
-index 7385de2..a8180e0 100644
+index 7385de2..a8180e08 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -309,18 +309,19 @@ static inline int msg_security(struct kern_ipc_perm *ipcp, int msgflg)
@@ -63626,10 +63614,10 @@ index e6e01b9..619f837 100644
if (group_dead)
diff --git a/kernel/fork.c b/kernel/fork.c
-index da4a6a1..0973380 100644
+index 0acf42c0..9e40e2e 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
-@@ -280,7 +280,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
+@@ -281,7 +281,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
*stackend = STACK_END_MAGIC; /* for overflow detection */
#ifdef CONFIG_CC_STACKPROTECTOR
@@ -63638,7 +63626,7 @@ index da4a6a1..0973380 100644
#endif
/*
-@@ -304,13 +304,77 @@ out:
+@@ -305,13 +305,77 @@ out:
}
#ifdef CONFIG_MMU
@@ -63718,7 +63706,7 @@ index da4a6a1..0973380 100644
down_write(&oldmm->mmap_sem);
flush_cache_dup_mm(oldmm);
-@@ -322,8 +386,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+@@ -323,8 +387,8 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
mm->locked_vm = 0;
mm->mmap = NULL;
mm->mmap_cache = NULL;
@@ -63729,7 +63717,7 @@ index da4a6a1..0973380 100644
mm->map_count = 0;
cpumask_clear(mm_cpumask(mm));
mm->mm_rb = RB_ROOT;
-@@ -339,8 +403,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+@@ -340,8 +404,6 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
prev = NULL;
for (mpnt = oldmm->mmap; mpnt; mpnt = mpnt->vm_next) {
@@ -63738,7 +63726,7 @@ index da4a6a1..0973380 100644
if (mpnt->vm_flags & VM_DONTCOPY) {
long pages = vma_pages(mpnt);
mm->total_vm -= pages;
-@@ -348,53 +410,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+@@ -349,53 +411,11 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
-pages);
continue;
}
@@ -63796,7 +63784,7 @@ index da4a6a1..0973380 100644
/*
* Link in the new vma and copy the page table entries.
-@@ -417,6 +437,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+@@ -418,6 +438,31 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
if (retval)
goto out;
}
@@ -63828,7 +63816,7 @@ index da4a6a1..0973380 100644
/* a new mm has just been created */
arch_dup_mmap(oldmm, mm);
retval = 0;
-@@ -425,14 +470,6 @@ out:
+@@ -426,14 +471,6 @@ out:
flush_tlb_mm(oldmm);
up_write(&oldmm->mmap_sem);
return retval;
@@ -63843,7 +63831,7 @@ index da4a6a1..0973380 100644
}
static inline int mm_alloc_pgd(struct mm_struct *mm)
-@@ -644,6 +681,26 @@ struct mm_struct *get_task_mm(struct task_struct *task)
+@@ -645,6 +682,26 @@ struct mm_struct *get_task_mm(struct task_struct *task)
}
EXPORT_SYMBOL_GPL(get_task_mm);
@@ -63870,7 +63858,7 @@ index da4a6a1..0973380 100644
/* Please note the differences between mmput and mm_release.
* mmput is called whenever we stop holding onto a mm_struct,
* error success whatever.
-@@ -829,13 +886,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
+@@ -830,13 +887,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
spin_unlock(&fs->lock);
return -EAGAIN;
}
@@ -63886,7 +63874,7 @@ index da4a6a1..0973380 100644
return 0;
}
-@@ -1097,6 +1155,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
+@@ -1100,6 +1158,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
#endif
retval = -EAGAIN;
@@ -63896,7 +63884,7 @@ index da4a6a1..0973380 100644
if (atomic_read(&p->real_cred->user->processes) >=
task_rlimit(p, RLIMIT_NPROC)) {
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
-@@ -1256,6 +1317,8 @@ static struct task_struct *copy_process(unsigned long clone_flags,
+@@ -1259,6 +1320,8 @@ static struct task_struct *copy_process(unsigned long clone_flags,
if (clone_flags & CLONE_THREAD)
p->tgid = current->tgid;
@@ -63905,7 +63893,7 @@ index da4a6a1..0973380 100644
p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL;
/*
* Clear TID on mm_release()?
-@@ -1418,6 +1481,8 @@ bad_fork_cleanup_count:
+@@ -1421,6 +1484,8 @@ bad_fork_cleanup_count:
bad_fork_free:
free_task(p);
fork_out:
@@ -63914,7 +63902,7 @@ index da4a6a1..0973380 100644
return ERR_PTR(retval);
}
-@@ -1518,6 +1583,8 @@ long do_fork(unsigned long clone_flags,
+@@ -1521,6 +1586,8 @@ long do_fork(unsigned long clone_flags,
if (clone_flags & CLONE_PARENT_SETTID)
put_user(nr, parent_tidptr);
@@ -63923,7 +63911,7 @@ index da4a6a1..0973380 100644
if (clone_flags & CLONE_VFORK) {
p->vfork_done = &vfork;
init_completion(&vfork);
-@@ -1627,7 +1694,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
+@@ -1630,7 +1697,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
return 0;
/* don't need lock here; in the worst case we'll do useless copy */
@@ -63932,7 +63920,7 @@ index da4a6a1..0973380 100644
return 0;
*new_fsp = copy_fs_struct(fs);
-@@ -1716,7 +1783,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
+@@ -1719,7 +1786,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
fs = current->fs;
spin_lock(&fs->lock);
current->fs = new_fs;
@@ -70622,7 +70610,7 @@ index 7fa41b4..6087460 100644
return count;
}
diff --git a/mm/nommu.c b/mm/nommu.c
-index b982290..7d73f53 100644
+index ee7e57e..cae4e40 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c
@@ -62,7 +62,6 @@ int sysctl_overcommit_memory = OVERCOMMIT_GUESS; /* heuristic overcommit */
@@ -70633,7 +70621,7 @@ index b982290..7d73f53 100644
atomic_long_t mmap_pages_allocated;
-@@ -825,15 +824,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
+@@ -829,15 +828,6 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
EXPORT_SYMBOL(find_vma);
/*
@@ -70649,7 +70637,7 @@ index b982290..7d73f53 100644
* expand a stack to a given address
* - not supported under NOMMU conditions
*/
-@@ -1553,6 +1543,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
+@@ -1557,6 +1547,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma,
/* most fields are the same, copy all, and then fixup */
*new = *vma;
@@ -72725,7 +72713,7 @@ index 68bbf9f..5ef0d12 100644
return err;
diff --git a/net/core/dev.c b/net/core/dev.c
-index 5a13edf..a6f2bd2 100644
+index c56cacf..b28e35f 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1139,10 +1139,14 @@ void dev_load(struct net *net, const char *name)
@@ -72797,7 +72785,7 @@ index 5a13edf..a6f2bd2 100644
kfree_skb(skb);
/* Jamal, now you will not able to escape explaining
* me how you were going to use this. :-)
-@@ -3891,7 +3895,7 @@ void netif_napi_del(struct napi_struct *napi)
+@@ -3897,7 +3901,7 @@ void netif_napi_del(struct napi_struct *napi)
}
EXPORT_SYMBOL(netif_napi_del);
@@ -72806,7 +72794,7 @@ index 5a13edf..a6f2bd2 100644
{
struct softnet_data *sd = &__get_cpu_var(softnet_data);
unsigned long time_limit = jiffies + 2;
-@@ -5949,7 +5953,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev,
+@@ -5955,7 +5959,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev,
} else {
netdev_stats_to_stats64(storage, &dev->stats);
}
@@ -73386,7 +73374,7 @@ index 94cdbc5..0cb0063 100644
ts = peer->tcp_ts;
tsage = get_seconds() - peer->tcp_ts_stamp;
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
-index c89e354..8bd55c8 100644
+index eb90aa8..22bf114 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly;
@@ -73399,7 +73387,7 @@ index c89e354..8bd55c8 100644
#ifdef CONFIG_TCP_MD5SIG
static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
-@@ -1627,6 +1630,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
+@@ -1632,6 +1635,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
return 0;
reset:
@@ -73409,7 +73397,7 @@ index c89e354..8bd55c8 100644
tcp_v4_send_reset(rsk, skb);
discard:
kfree_skb(skb);
-@@ -1689,12 +1695,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
+@@ -1694,12 +1700,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
TCP_SKB_CB(skb)->sacked = 0;
sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
@@ -73432,7 +73420,7 @@ index c89e354..8bd55c8 100644
if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
-@@ -1744,6 +1757,10 @@ no_tcp_socket:
+@@ -1749,6 +1762,10 @@ no_tcp_socket:
bad_packet:
TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
} else {
@@ -73443,7 +73431,7 @@ index c89e354..8bd55c8 100644
tcp_v4_send_reset(NULL, skb);
}
-@@ -2404,7 +2421,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
+@@ -2409,7 +2426,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
0, /* non standard timer */
0, /* open_requests have no inode */
atomic_read(&sk->sk_refcnt),
@@ -73455,7 +73443,7 @@ index c89e354..8bd55c8 100644
len);
}
-@@ -2454,7 +2475,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
+@@ -2459,7 +2480,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
sock_i_uid(sk),
icsk->icsk_probes_out,
sock_i_ino(sk),
@@ -73469,7 +73457,7 @@ index c89e354..8bd55c8 100644
jiffies_to_clock_t(icsk->icsk_rto),
jiffies_to_clock_t(icsk->icsk_ack.ato),
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
-@@ -2482,7 +2508,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
+@@ -2487,7 +2513,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
" %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n",
i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
@@ -74217,7 +74205,7 @@ index 30d7355..e260095 100644
napi_disable(&local->napi);
ieee80211_clear_tx_pending(local);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
-index a7536fd..4039cc0 100644
+index 7d9b21d..0687004 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -163,7 +163,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed)
@@ -74364,7 +74352,7 @@ index 29fa5ba..8debc79 100644
if (!todrop_rate[i]) return 0;
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
-index 093cc32..9209ae1 100644
+index 6dc7d7d..e45913a 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -562,7 +562,7 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb,
@@ -75928,7 +75916,7 @@ index 9049a5c..cfa6f5c 100644
}
diff --git a/scripts/Makefile.build b/scripts/Makefile.build
-index d2b366c..51ff91e 100644
+index d2b366c..51ff91ebc 100644
--- a/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@ -109,7 +109,7 @@ endif
@@ -77804,7 +77792,7 @@ index a39edcc..1014050 100644
};
diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile
new file mode 100644
-index 0000000..29b6b75
+index 0000000..481a163
--- /dev/null
+++ b/tools/gcc/Makefile
@@ -0,0 +1,21 @@
@@ -77814,7 +77802,7 @@ index 0000000..29b6b75
+GCCPLUGINS_DIR := $(shell $(CC) -print-file-name=plugin)
+#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W -std=gnu99
+
-+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99
++HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -std=gnu99 -ggdb
+
+hostlibs-y := constify_plugin.so
+hostlibs-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so
@@ -78923,10 +78911,10 @@ index 0000000..008f159
+}
diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
new file mode 100644
-index 0000000..8b61031
+index 0000000..4a9b187
--- /dev/null
+++ b/tools/gcc/stackleak_plugin.c
-@@ -0,0 +1,295 @@
+@@ -0,0 +1,326 @@
+/*
+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu>
+ * Licensed under the GPL v2
@@ -78973,10 +78961,12 @@ index 0000000..8b61031
+static int track_frame_size = -1;
+static const char track_function[] = "pax_track_stack";
+static const char check_function[] = "pax_check_alloca";
++static tree pax_check_alloca_decl;
++static tree pax_track_stack_decl;
+static bool init_locals;
+
+static struct plugin_info stackleak_plugin_info = {
-+ .version = "201111150100",
++ .version = "201203021600",
+ .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n"
+// "initialize-locals\t\tforcibly initialize all stack frames\n"
+};
@@ -79029,27 +79019,20 @@ index 0000000..8b61031
+static void stackleak_check_alloca(gimple_stmt_iterator *gsi)
+{
+ gimple check_alloca;
-+ tree fndecl, fntype, alloca_size;
++ tree alloca_size;
+
+ // insert call to void pax_check_alloca(unsigned long size)
-+ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
-+ fndecl = build_fn_decl(check_function, fntype);
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
+ alloca_size = gimple_call_arg(gsi_stmt(*gsi), 0);
-+ check_alloca = gimple_build_call(fndecl, 1, alloca_size);
++ check_alloca = gimple_build_call(pax_check_alloca_decl, 1, alloca_size);
+ gsi_insert_before(gsi, check_alloca, GSI_SAME_STMT);
+}
+
+static void stackleak_add_instrumentation(gimple_stmt_iterator *gsi)
+{
+ gimple track_stack;
-+ tree fndecl, fntype;
+
+ // insert call to void pax_track_stack(void)
-+ fntype = build_function_type_list(void_type_node, NULL_TREE);
-+ fndecl = build_fn_decl(track_function, fntype);
-+ DECL_ASSEMBLER_NAME(fndecl); // for LTO
-+ track_stack = gimple_build_call(fndecl, 0);
++ track_stack = gimple_build_call(pax_track_stack_decl, 0);
+ gsi_insert_after(gsi, track_stack, GSI_CONTINUE_LINKING);
+}
+
@@ -79086,7 +79069,7 @@ index 0000000..8b61031
+static unsigned int execute_stackleak_tree_instrument(void)
+{
+ basic_block bb, entry_bb;
-+ bool prologue_instrumented = false;
++ bool prologue_instrumented = false, is_leaf = true;
+
+ entry_bb = ENTRY_BLOCK_PTR_FOR_FUNCTION(cfun)->next_bb;
+
@@ -79095,8 +79078,15 @@ index 0000000..8b61031
+ gimple_stmt_iterator gsi;
+
+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
++ gimple stmt;
++
++ stmt = gsi_stmt(gsi);
++
++ if (is_gimple_call(stmt))
++ is_leaf = false;
++
+ // gimple match: align 8 built-in BUILT_IN_NORMAL:BUILT_IN_ALLOCA attributes <tree_list 0xb7576450>
-+ if (!is_alloca(gsi_stmt(gsi)))
++ if (!is_alloca(stmt))
+ continue;
+
+ // 2. insert stack overflow check before each __builtin_alloca call
@@ -79109,6 +79099,13 @@ index 0000000..8b61031
+ }
+ }
+
++ // special case for some bad linux code: taking the address of static inline functions will materialize them
++ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI
++ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI.
++ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here.
++ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl))
++ return 0;
++
+ // 4. insert track call at the beginning
+ if (!prologue_instrumented) {
+ gimple_stmt_iterator gsi;
@@ -79168,6 +79165,27 @@ index 0000000..8b61031
+ return 0;
+}
+
++static void stackleak_start_unit(void *gcc_data, void *user_dat)
++{
++ tree fntype;
++
++ // declare void pax_check_alloca(unsigned long size)
++ fntype = build_function_type_list(void_type_node, long_unsigned_type_node, NULL_TREE);
++ pax_check_alloca_decl = build_fn_decl(check_function, fntype);
++ DECL_ASSEMBLER_NAME(pax_check_alloca_decl); // for LTO
++ TREE_PUBLIC(pax_check_alloca_decl) = 1;
++ DECL_EXTERNAL(pax_check_alloca_decl) = 1;
++ DECL_ARTIFICIAL(pax_check_alloca_decl) = 1;
++
++ // declare void pax_track_stack(void)
++ fntype = build_function_type_list(void_type_node, NULL_TREE);
++ pax_track_stack_decl = build_fn_decl(track_function, fntype);
++ DECL_ASSEMBLER_NAME(pax_track_stack_decl); // for LTO
++ TREE_PUBLIC(pax_track_stack_decl) = 1;
++ DECL_EXTERNAL(pax_track_stack_decl) = 1;
++ DECL_ARTIFICIAL(pax_track_stack_decl) = 1;
++}
++
+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version)
+{
+ const char * const plugin_name = plugin_info->base_name;
@@ -79179,7 +79197,7 @@ index 0000000..8b61031
+// .reference_pass_name = "tree_profile",
+ .reference_pass_name = "optimized",
+ .ref_pass_instance_number = 0,
-+ .pos_op = PASS_POS_INSERT_AFTER
++ .pos_op = PASS_POS_INSERT_BEFORE
+ };
+ struct register_pass_info stackleak_final_pass_info = {
+ .pass = &stackleak_final_rtl_opt_pass.pass,
@@ -79217,6 +79235,7 @@ index 0000000..8b61031
+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
+ }
+
++ register_callback("start_unit", PLUGIN_START_UNIT, &stackleak_start_unit, NULL);
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_tree_instrument_pass_info);
+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &stackleak_final_pass_info);
+
diff --git a/3.2.7/4425_grsec_enable_xtpax.patch b/3.2.9/4425_grsec_enable_xtpax.patch
similarity index 100%
rename from 3.2.7/4425_grsec_enable_xtpax.patch
rename to 3.2.9/4425_grsec_enable_xtpax.patch
diff --git a/3.2.7/4430_grsec-remove-localversion-grsec.patch b/3.2.9/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 3.2.7/4430_grsec-remove-localversion-grsec.patch
rename to 3.2.9/4430_grsec-remove-localversion-grsec.patch
diff --git a/3.2.7/4435_grsec-mute-warnings.patch b/3.2.9/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 3.2.7/4435_grsec-mute-warnings.patch
rename to 3.2.9/4435_grsec-mute-warnings.patch
diff --git a/3.2.7/4440_grsec-remove-protected-paths.patch b/3.2.9/4440_grsec-remove-protected-paths.patch
similarity index 96%
rename from 3.2.7/4440_grsec-remove-protected-paths.patch
rename to 3.2.9/4440_grsec-remove-protected-paths.patch
index 4afb3e2..5602e8e 100644
--- a/3.2.7/4440_grsec-remove-protected-paths.patch
+++ b/3.2.9/4440_grsec-remove-protected-paths.patch
@@ -6,7 +6,7 @@ the filesystem.
diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile
--- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400
+++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400
-@@ -27,10 +27,4 @@
+@@ -31,10 +31,4 @@
ifdef CONFIG_GRKERNSEC_HIDESYM
extra-y := grsec_hidesym.o
$(obj)/grsec_hidesym.o:
diff --git a/3.2.7/4445_grsec-pax-without-grsec.patch b/3.2.9/4445_grsec-pax-without-grsec.patch
similarity index 98%
rename from 3.2.7/4445_grsec-pax-without-grsec.patch
rename to 3.2.9/4445_grsec-pax-without-grsec.patch
index 9992f51..0ef9311 100644
--- a/3.2.7/4445_grsec-pax-without-grsec.patch
+++ b/3.2.9/4445_grsec-pax-without-grsec.patch
@@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
diff -Naur a/fs/exec.c b/fs/exec.c
--- a/fs/exec.c 2011-04-17 19:05:03.000000000 -0400
+++ b/fs/exec.c 2011-04-17 19:20:30.000000000 -0400
-@@ -2004,9 +2004,11 @@
+@@ -2024,9 +2024,11 @@
}
up_read(&mm->mmap_sem);
}
@@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset);
printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, "
"PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk),
-@@ -2021,10 +2023,12 @@
+@@ -2041,10 +2043,12 @@
#ifdef CONFIG_PAX_REFCOUNT
void pax_report_refcount_overflow(struct pt_regs *regs)
{
@@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c
printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n",
current->comm, task_pid_nr(current), current_uid(), current_euid());
print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs));
-@@ -2083,10 +2087,12 @@
+@@ -2103,10 +2107,12 @@
NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type)
{
diff --git a/3.2.7/4450_grsec-kconfig-default-gids.patch b/3.2.9/4450_grsec-kconfig-default-gids.patch
similarity index 94%
rename from 3.2.7/4450_grsec-kconfig-default-gids.patch
rename to 3.2.9/4450_grsec-kconfig-default-gids.patch
index 0807a4e..71b2089 100644
--- a/3.2.7/4450_grsec-kconfig-default-gids.patch
+++ b/3.2.9/4450_grsec-kconfig-default-gids.patch
@@ -12,7 +12,7 @@ from shooting themselves in the foot.
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-12-12 16:54:30.000000000 -0500
+++ b/grsecurity/Kconfig 2011-12-12 16:55:09.000000000 -0500
-@@ -434,7 +434,7 @@
+@@ -440,7 +440,7 @@
config GRKERNSEC_PROC_GID
int "GID for special group"
depends on GRKERNSEC_PROC_USERGROUP
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
config GRKERNSEC_PROC_ADD
bool "Additional restrictions"
-@@ -662,7 +662,7 @@
+@@ -668,7 +668,7 @@
config GRKERNSEC_AUDIT_GID
int "GID for auditing"
depends on GRKERNSEC_AUDIT_GROUP
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
config GRKERNSEC_EXECLOG
bool "Exec logging"
-@@ -866,7 +866,7 @@
+@@ -872,7 +872,7 @@
config GRKERNSEC_TPE_GID
int "GID for untrusted users"
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*enabled* for. If the sysctl option is enabled, a sysctl option
-@@ -875,7 +875,7 @@
+@@ -881,7 +881,7 @@
config GRKERNSEC_TPE_GID
int "GID for trusted users"
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*disabled* for. If the sysctl option is enabled, a sysctl option
-@@ -948,7 +948,7 @@
+@@ -954,7 +954,7 @@
config GRKERNSEC_SOCKET_ALL_GID
int "GID to deny all sockets for"
depends on GRKERNSEC_SOCKET_ALL
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable socket access for. Remember to
add the users you want socket access disabled for to the GID
-@@ -969,7 +969,7 @@
+@@ -975,7 +975,7 @@
config GRKERNSEC_SOCKET_CLIENT_GID
int "GID to deny client sockets for"
depends on GRKERNSEC_SOCKET_CLIENT
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable client socket access for.
Remember to add the users you want client socket access disabled for to
-@@ -987,7 +987,7 @@
+@@ -993,7 +993,7 @@
config GRKERNSEC_SOCKET_SERVER_GID
int "GID to deny server sockets for"
depends on GRKERNSEC_SOCKET_SERVER
diff --git a/3.2.7/4455_grsec-kconfig-gentoo.patch b/3.2.9/4455_grsec-kconfig-gentoo.patch
similarity index 100%
rename from 3.2.7/4455_grsec-kconfig-gentoo.patch
rename to 3.2.9/4455_grsec-kconfig-gentoo.patch
diff --git a/3.2.7/4460-grsec-kconfig-proc-user.patch b/3.2.9/4460-grsec-kconfig-proc-user.patch
similarity index 96%
rename from 3.2.7/4460-grsec-kconfig-proc-user.patch
rename to 3.2.9/4460-grsec-kconfig-proc-user.patch
index 72b894a..1081ed5 100644
--- a/3.2.7/4460-grsec-kconfig-proc-user.patch
+++ b/3.2.9/4460-grsec-kconfig-proc-user.patch
@@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-06-29 10:02:56.000000000 -0400
+++ b/grsecurity/Kconfig 2011-06-29 10:08:07.000000000 -0400
-@@ -668,7 +668,7 @@
+@@ -674,7 +674,7 @@
config GRKERNSEC_PROC_USER
bool "Restrict /proc to user only"
@@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
If you say Y here, non-root users will only be able to view their own
processes, and restricts them from viewing network-related information,
-@@ -676,7 +676,7 @@
+@@ -682,7 +682,7 @@
config GRKERNSEC_PROC_USERGROUP
bool "Allow special group"
diff --git a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 99%
rename from 3.2.7/4465_selinux-avc_audit-log-curr_ip.patch
rename to 3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
index 7c9894c..cbd978d 100644
--- a/3.2.7/4465_selinux-avc_audit-log-curr_ip.patch
+++ b/3.2.9/4465_selinux-avc_audit-log-curr_ip.patch
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400
+++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400
-@@ -1297,6 +1297,27 @@
+@@ -1303,6 +1303,27 @@
menu "Logging Options"
depends on GRKERNSEC
diff --git a/3.2.7/4470_disable-compat_vdso.patch b/3.2.9/4470_disable-compat_vdso.patch
similarity index 100%
rename from 3.2.7/4470_disable-compat_vdso.patch
rename to 3.2.9/4470_disable-compat_vdso.patch
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-03-04 14:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-03-04 14:50 [gentoo-commits] proj/hardened-patchset:master commit in: 3.2.7/, 2.6.32/, 3.2.9/ Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox