* [gentoo-commits] proj/hardened-patchset:master commit in: 2.6.32/, 3.7.1/, 3.2.35/, 3.2.36/
@ 2013-01-06 6:43 Anthony G. Basile
0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2013-01-06 6:43 UTC (permalink / raw
To: gentoo-commits
commit: 65f7a12023330b438febbc8d1566d540ea37f8ba
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 6 06:42:38 2013 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Jan 6 06:42:38 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=65f7a120
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.36,3.7.1}-201301041854
---
2.6.32/0000_README | 2 +-
..._grsecurity-2.9.1-2.6.32.60-201301032033.patch} | 25 +-
{3.2.35 => 3.2.36}/0000_README | 2 +-
{3.2.35 => 3.2.36}/1021_linux-3.2.22.patch | 0
{3.2.35 => 3.2.36}/1022_linux-3.2.23.patch | 0
{3.2.35 => 3.2.36}/1023_linux-3.2.24.patch | 0
{3.2.35 => 3.2.36}/1024_linux-3.2.25.patch | 0
{3.2.35 => 3.2.36}/1025_linux-3.2.26.patch | 0
{3.2.35 => 3.2.36}/1026_linux-3.2.27.patch | 0
{3.2.35 => 3.2.36}/1027_linux-3.2.28.patch | 0
{3.2.35 => 3.2.36}/1028_linux-3.2.29.patch | 0
{3.2.35 => 3.2.36}/1029_linux-3.2.30.patch | 0
{3.2.35 => 3.2.36}/1030_linux-3.2.31.patch | 0
{3.2.35 => 3.2.36}/1031_linux-3.2.32.patch | 0
{3.2.35 => 3.2.36}/1032_linux-3.2.33.patch | 0
{3.2.35 => 3.2.36}/1033_linux-3.2.34.patch | 0
{3.2.35 => 3.2.36}/1034_linux-3.2.35.patch | 0
...4420_grsecurity-2.9.1-3.2.36-201301032034.patch | 558 +++++++++-----------
{3.2.35 => 3.2.36}/4425_grsec_remove_EI_PAX.patch | 0
.../4430_grsec-remove-localversion-grsec.patch | 0
{3.2.35 => 3.2.36}/4435_grsec-mute-warnings.patch | 0
.../4440_grsec-remove-protected-paths.patch | 0
.../4450_grsec-kconfig-default-gids.patch | 0
.../4465_selinux-avc_audit-log-curr_ip.patch | 0
{3.2.35 => 3.2.36}/4470_disable-compat_vdso.patch | 0
3.7.1/0000_README | 2 +-
...4420_grsecurity-2.9.1-3.7.1-201301041854.patch} | 387 ++++++++++++--
27 files changed, 599 insertions(+), 377 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index c15435a..c0dac22 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201301021806.patch
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201301032033.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301021806.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301032033.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301021806.patch
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301032033.patch
index e250504..4ef624e 100644
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301021806.patch
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201301032033.patch
@@ -85034,10 +85034,10 @@ index 0000000..1b9afa9
+endif
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c
new file mode 100644
-index 0000000..a4c751d
+index 0000000..5b45eec
--- /dev/null
+++ b/grsecurity/gracl.c
-@@ -0,0 +1,4214 @@
+@@ -0,0 +1,4197 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -86216,14 +86216,6 @@ index 0000000..a4c751d
+ break;
+
+ userp = s_tmp.prev;
-+ /* do not count nested subjects against this count, since
-+ they are not included in the hash table, but are
-+ attached to objects. We have already counted
-+ the subjects in userspace for the allocation
-+ stack
-+ */
-+ if (!(s_tmp.mode & GR_NESTED))
-+ num++;
+ }
+
+ return num;
@@ -86501,15 +86493,6 @@ index 0000000..a4c751d
+ sizeof (struct acl_subject_label)))
+ return -EFAULT;
+
-+ /* do not add nested subjects here, add
-+ while parsing objects
-+ */
-+
-+ if (s_pre.mode & GR_NESTED) {
-+ userp = s_pre.prev;
-+ continue;
-+ }
-+
+ ret = do_copy_user_subj(userp, role, NULL);
+
+ err = PTR_ERR(ret);
@@ -96609,7 +96592,7 @@ index 0000000..323ecf2
+#endif
diff --git a/include/linux/grdefs.h b/include/linux/grdefs.h
new file mode 100644
-index 0000000..70d6cd5
+index 0000000..0b166f4
--- /dev/null
+++ b/include/linux/grdefs.h
@@ -0,0 +1,140 @@
@@ -96697,7 +96680,7 @@ index 0000000..70d6cd5
+ GR_PROTPROCFD = 0x00000400,
+ GR_PROCACCT = 0x00000800,
+ GR_RELAXPTRACE = 0x00001000,
-+ GR_NESTED = 0x00002000,
++ //GR_NESTED = 0x00002000,
+ GR_INHERITLEARN = 0x00004000,
+ GR_PROCFIND = 0x00008000,
+ GR_POVERRIDE = 0x00010000,
diff --git a/3.2.35/0000_README b/3.2.36/0000_README
similarity index 97%
rename from 3.2.35/0000_README
rename to 3.2.36/0000_README
index 4607d5e..5ef863c 100644
--- a/3.2.35/0000_README
+++ b/3.2.36/0000_README
@@ -58,7 +58,7 @@ Patch: 1034_linux-3.2.35.patch
From: http://www.kernel.org
Desc: Linux 3.2.35
-Patch: 4420_grsecurity-2.9.1-3.2.35-201301021807.patch
+Patch: 4420_grsecurity-2.9.1-3.2.36-201301032034.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.35/1021_linux-3.2.22.patch b/3.2.36/1021_linux-3.2.22.patch
similarity index 100%
rename from 3.2.35/1021_linux-3.2.22.patch
rename to 3.2.36/1021_linux-3.2.22.patch
diff --git a/3.2.35/1022_linux-3.2.23.patch b/3.2.36/1022_linux-3.2.23.patch
similarity index 100%
rename from 3.2.35/1022_linux-3.2.23.patch
rename to 3.2.36/1022_linux-3.2.23.patch
diff --git a/3.2.35/1023_linux-3.2.24.patch b/3.2.36/1023_linux-3.2.24.patch
similarity index 100%
rename from 3.2.35/1023_linux-3.2.24.patch
rename to 3.2.36/1023_linux-3.2.24.patch
diff --git a/3.2.35/1024_linux-3.2.25.patch b/3.2.36/1024_linux-3.2.25.patch
similarity index 100%
rename from 3.2.35/1024_linux-3.2.25.patch
rename to 3.2.36/1024_linux-3.2.25.patch
diff --git a/3.2.35/1025_linux-3.2.26.patch b/3.2.36/1025_linux-3.2.26.patch
similarity index 100%
rename from 3.2.35/1025_linux-3.2.26.patch
rename to 3.2.36/1025_linux-3.2.26.patch
diff --git a/3.2.35/1026_linux-3.2.27.patch b/3.2.36/1026_linux-3.2.27.patch
similarity index 100%
rename from 3.2.35/1026_linux-3.2.27.patch
rename to 3.2.36/1026_linux-3.2.27.patch
diff --git a/3.2.35/1027_linux-3.2.28.patch b/3.2.36/1027_linux-3.2.28.patch
similarity index 100%
rename from 3.2.35/1027_linux-3.2.28.patch
rename to 3.2.36/1027_linux-3.2.28.patch
diff --git a/3.2.35/1028_linux-3.2.29.patch b/3.2.36/1028_linux-3.2.29.patch
similarity index 100%
rename from 3.2.35/1028_linux-3.2.29.patch
rename to 3.2.36/1028_linux-3.2.29.patch
diff --git a/3.2.35/1029_linux-3.2.30.patch b/3.2.36/1029_linux-3.2.30.patch
similarity index 100%
rename from 3.2.35/1029_linux-3.2.30.patch
rename to 3.2.36/1029_linux-3.2.30.patch
diff --git a/3.2.35/1030_linux-3.2.31.patch b/3.2.36/1030_linux-3.2.31.patch
similarity index 100%
rename from 3.2.35/1030_linux-3.2.31.patch
rename to 3.2.36/1030_linux-3.2.31.patch
diff --git a/3.2.35/1031_linux-3.2.32.patch b/3.2.36/1031_linux-3.2.32.patch
similarity index 100%
rename from 3.2.35/1031_linux-3.2.32.patch
rename to 3.2.36/1031_linux-3.2.32.patch
diff --git a/3.2.35/1032_linux-3.2.33.patch b/3.2.36/1032_linux-3.2.33.patch
similarity index 100%
rename from 3.2.35/1032_linux-3.2.33.patch
rename to 3.2.36/1032_linux-3.2.33.patch
diff --git a/3.2.35/1033_linux-3.2.34.patch b/3.2.36/1033_linux-3.2.34.patch
similarity index 100%
rename from 3.2.35/1033_linux-3.2.34.patch
rename to 3.2.36/1033_linux-3.2.34.patch
diff --git a/3.2.35/1034_linux-3.2.35.patch b/3.2.36/1034_linux-3.2.35.patch
similarity index 100%
rename from 3.2.35/1034_linux-3.2.35.patch
rename to 3.2.36/1034_linux-3.2.35.patch
diff --git a/3.2.35/4420_grsecurity-2.9.1-3.2.35-201301021807.patch b/3.2.36/4420_grsecurity-2.9.1-3.2.36-201301032034.patch
similarity index 99%
rename from 3.2.35/4420_grsecurity-2.9.1-3.2.35-201301021807.patch
rename to 3.2.36/4420_grsecurity-2.9.1-3.2.36-201301032034.patch
index 6ada4c8..1e1956d 100644
--- a/3.2.35/4420_grsecurity-2.9.1-3.2.35-201301021807.patch
+++ b/3.2.36/4420_grsecurity-2.9.1-3.2.36-201301032034.patch
@@ -271,7 +271,7 @@ index 88fd7f5..b318a78 100644
==============================================================
diff --git a/Makefile b/Makefile
-index d985af0..163e574 100644
+index 2052c29..5ef6c21 100644
--- a/Makefile
+++ b/Makefile
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -3028,10 +3028,10 @@ index ff44823..97f8906 100644
/*
diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c
-index c47f96e..661d418 100644
+index bf128d7..bc244d6 100644
--- a/arch/mips/kernel/process.c
+++ b/arch/mips/kernel/process.c
-@@ -481,15 +481,3 @@ unsigned long get_wchan(struct task_struct *task)
+@@ -479,15 +479,3 @@ unsigned long get_wchan(struct task_struct *task)
out:
return pc;
}
@@ -21026,10 +21026,10 @@ index 407789b..5570a86 100644
vmx->exit_reason = vmcs_read32(VM_EXIT_REASON);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
-index 4fc5323..59b259b 100644
+index f4063fd..3c40814 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
-@@ -1345,8 +1345,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
+@@ -1348,8 +1348,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
{
struct kvm *kvm = vcpu->kvm;
int lm = is_long_mode(vcpu);
@@ -21040,7 +21040,7 @@ index 4fc5323..59b259b 100644
u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64
: kvm->arch.xen_hvm_config.blob_size_32;
u32 page_num = data & ~PAGE_MASK;
-@@ -2165,6 +2165,8 @@ long kvm_arch_dev_ioctl(struct file *filp,
+@@ -2168,6 +2168,8 @@ long kvm_arch_dev_ioctl(struct file *filp,
if (n < msr_list.nmsrs)
goto out;
r = -EFAULT;
@@ -21049,7 +21049,7 @@ index 4fc5323..59b259b 100644
if (copy_to_user(user_msr_list->indices, &msrs_to_save,
num_msrs_to_save * sizeof(u32)))
goto out;
-@@ -2340,15 +2342,20 @@ static int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
+@@ -2343,15 +2345,20 @@ static int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
struct kvm_cpuid2 *cpuid,
struct kvm_cpuid_entry2 __user *entries)
{
@@ -21073,7 +21073,7 @@ index 4fc5323..59b259b 100644
vcpu->arch.cpuid_nent = cpuid->nent;
kvm_apic_set_version(vcpu);
kvm_x86_ops->cpuid_update(vcpu);
-@@ -2363,15 +2370,19 @@ static int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu,
+@@ -2366,15 +2373,19 @@ static int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu,
struct kvm_cpuid2 *cpuid,
struct kvm_cpuid_entry2 __user *entries)
{
@@ -21096,7 +21096,7 @@ index 4fc5323..59b259b 100644
return 0;
out:
-@@ -2746,7 +2757,7 @@ static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu,
+@@ -2749,7 +2760,7 @@ static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu,
static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu,
struct kvm_interrupt *irq)
{
@@ -21105,7 +21105,7 @@ index 4fc5323..59b259b 100644
return -EINVAL;
if (irqchip_in_kernel(vcpu->kvm))
return -ENXIO;
-@@ -5188,7 +5199,7 @@ static void kvm_set_mmio_spte_mask(void)
+@@ -5191,7 +5202,7 @@ static void kvm_set_mmio_spte_mask(void)
kvm_mmu_set_mmio_spte_mask(mask);
}
@@ -28430,10 +28430,10 @@ index 251c7b62..000462d 100644
bool enable = !device_may_wakeup(&dev->dev);
device_set_wakeup_enable(&dev->dev, enable);
diff --git a/drivers/acpi/processor_driver.c b/drivers/acpi/processor_driver.c
-index 9d7bc9f..a6fc091 100644
+index ac28db3..0848b37 100644
--- a/drivers/acpi/processor_driver.c
+++ b/drivers/acpi/processor_driver.c
-@@ -473,7 +473,7 @@ static int __cpuinit acpi_processor_add(struct acpi_device *device)
+@@ -474,7 +474,7 @@ static int __cpuinit acpi_processor_add(struct acpi_device *device)
return 0;
#endif
@@ -28443,10 +28443,10 @@ index 9d7bc9f..a6fc091 100644
/*
* Buggy BIOS check
diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
-index 321e23e..1f2dd54 100644
+index c9540c0..963b068 100644
--- a/drivers/ata/libata-core.c
+++ b/drivers/ata/libata-core.c
-@@ -4734,7 +4734,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
+@@ -4735,7 +4735,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
struct ata_port *ap;
unsigned int tag;
@@ -28455,7 +28455,7 @@ index 321e23e..1f2dd54 100644
ap = qc->ap;
qc->flags = 0;
-@@ -4750,7 +4750,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
+@@ -4751,7 +4751,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
struct ata_port *ap;
struct ata_link *link;
@@ -28464,7 +28464,7 @@ index 321e23e..1f2dd54 100644
WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE));
ap = qc->ap;
link = qc->dev->link;
-@@ -5755,6 +5755,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops)
+@@ -5756,6 +5756,7 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops)
return;
spin_lock(&lock);
@@ -28472,7 +28472,7 @@ index 321e23e..1f2dd54 100644
for (cur = ops->inherits; cur; cur = cur->inherits) {
void **inherit = (void **)cur;
-@@ -5768,8 +5769,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops)
+@@ -5769,8 +5770,9 @@ static void ata_finalize_port_ops(struct ata_port_operations *ops)
if (IS_ERR(*pp))
*pp = NULL;
@@ -29388,7 +29388,7 @@ index 1c70c45..300718d 100644
}
diff --git a/drivers/atm/solos-pci.c b/drivers/atm/solos-pci.c
-index d452592..09c1797 100644
+index adfce9f..35501e1 100644
--- a/drivers/atm/solos-pci.c
+++ b/drivers/atm/solos-pci.c
@@ -714,7 +714,7 @@ void solos_bh(unsigned long card_arg)
@@ -29400,7 +29400,7 @@ index d452592..09c1797 100644
break;
case PKT_STATUS:
-@@ -1009,7 +1009,7 @@ static uint32_t fpga_tx(struct solos_card *card)
+@@ -1010,7 +1010,7 @@ static uint32_t fpga_tx(struct solos_card *card)
vcc = SKB_CB(oldskb)->vcc;
if (vcc) {
@@ -30915,7 +30915,7 @@ index 74d6ec34..baff517 100644
{0,} /* 0 terminated list. */
};
diff --git a/drivers/edac/i7300_edac.c b/drivers/edac/i7300_edac.c
-index 6104dba..e7ea8e1 100644
+index 2244df0..8a3b7a9 100644
--- a/drivers/edac/i7300_edac.c
+++ b/drivers/edac/i7300_edac.c
@@ -1192,7 +1192,7 @@ static void __devexit i7300_remove_one(struct pci_dev *pdev)
@@ -30980,10 +30980,10 @@ index 33864c6..01edc61 100644
PCI_VEND_DEV(INTEL, 82875_0), PCI_ANY_ID, PCI_ANY_ID, 0, 0,
I82875P},
diff --git a/drivers/edac/i82975x_edac.c b/drivers/edac/i82975x_edac.c
-index a5da732..983363b 100644
+index 01658ca..092a452 100644
--- a/drivers/edac/i82975x_edac.c
+++ b/drivers/edac/i82975x_edac.c
-@@ -604,7 +604,7 @@ static void __devexit i82975x_remove_one(struct pci_dev *pdev)
+@@ -601,7 +601,7 @@ static void __devexit i82975x_remove_one(struct pci_dev *pdev)
edac_mc_free(mci);
}
@@ -31230,7 +31230,7 @@ index 3f1799b..3a853eb 100644
ret = -EFAULT;
goto done;
diff --git a/drivers/gpu/drm/drm_crtc_helper.c b/drivers/gpu/drm/drm_crtc_helper.c
-index d2619d7..bd6bd00 100644
+index 11788f7..cd469eb 100644
--- a/drivers/gpu/drm/drm_crtc_helper.c
+++ b/drivers/gpu/drm/drm_crtc_helper.c
@@ -279,7 +279,7 @@ static bool drm_encoder_crtc_ok(struct drm_encoder *encoder,
@@ -31525,7 +31525,7 @@ index c9339f4..f5e1b9d 100644
int front_offset;
} drm_i810_private_t;
diff --git a/drivers/gpu/drm/i915/i915_debugfs.c b/drivers/gpu/drm/i915/i915_debugfs.c
-index b2e3c97..58cf079 100644
+index d00f905..c84a0d8 100644
--- a/drivers/gpu/drm/i915/i915_debugfs.c
+++ b/drivers/gpu/drm/i915/i915_debugfs.c
@@ -499,7 +499,7 @@ static int i915_interrupt_info(struct seq_file *m, void *data)
@@ -31625,7 +31625,7 @@ index 1202198..6487397 100644
for (i = 0; i < count; i++) {
char __user *ptr = (char __user *)(uintptr_t)exec[i].relocs_ptr;
diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c
-index 2812d7b..c35ade7 100644
+index 93e74fb..4a1182d 100644
--- a/drivers/gpu/drm/i915/i915_irq.c
+++ b/drivers/gpu/drm/i915/i915_irq.c
@@ -496,7 +496,7 @@ static irqreturn_t ivybridge_irq_handler(DRM_IRQ_ARGS)
@@ -31646,7 +31646,7 @@ index 2812d7b..c35ade7 100644
if (IS_GEN6(dev))
bsd_usr_interrupt = GT_GEN6_BSD_USER_INTERRUPT;
-@@ -1227,7 +1227,7 @@ static irqreturn_t i915_driver_irq_handler(DRM_IRQ_ARGS)
+@@ -1229,7 +1229,7 @@ static irqreturn_t i915_driver_irq_handler(DRM_IRQ_ARGS)
int ret = IRQ_NONE, pipe;
bool blc_event = false;
@@ -31655,7 +31655,7 @@ index 2812d7b..c35ade7 100644
iir = I915_READ(IIR);
-@@ -1746,7 +1746,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev)
+@@ -1748,7 +1748,7 @@ static void ironlake_irq_preinstall(struct drm_device *dev)
{
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
@@ -31664,7 +31664,7 @@ index 2812d7b..c35ade7 100644
INIT_WORK(&dev_priv->hotplug_work, i915_hotplug_work_func);
INIT_WORK(&dev_priv->error_work, i915_error_work_func);
-@@ -1934,7 +1934,7 @@ static void i915_driver_irq_preinstall(struct drm_device * dev)
+@@ -1936,7 +1936,7 @@ static void i915_driver_irq_preinstall(struct drm_device * dev)
drm_i915_private_t *dev_priv = (drm_i915_private_t *) dev->dev_private;
int pipe;
@@ -31674,7 +31674,7 @@ index 2812d7b..c35ade7 100644
INIT_WORK(&dev_priv->hotplug_work, i915_hotplug_work_func);
INIT_WORK(&dev_priv->error_work, i915_error_work_func);
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
-index fdae61f..6aecf8b 100644
+index 54acad3..39160c0 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -2214,7 +2214,7 @@ intel_finish_fb(struct drm_framebuffer *old_fb)
@@ -31686,7 +31686,7 @@ index fdae61f..6aecf8b 100644
/* Big Hammer, we also need to ensure that any pending
* MI_WAIT_FOR_EVENT inside a user batch buffer on the
-@@ -6989,8 +6989,7 @@ static void do_intel_finish_page_flip(struct drm_device *dev,
+@@ -6978,8 +6978,7 @@ static void do_intel_finish_page_flip(struct drm_device *dev,
obj = work->old_fb_obj;
@@ -31696,7 +31696,7 @@ index fdae61f..6aecf8b 100644
wake_up(&dev_priv->pending_flip_queue);
schedule_work(&work->work);
-@@ -7185,7 +7184,13 @@ static int intel_gen6_queue_flip(struct drm_device *dev,
+@@ -7190,7 +7189,13 @@ static int intel_gen6_queue_flip(struct drm_device *dev,
OUT_RING(fb->pitch | obj->tiling_mode);
OUT_RING(obj->gtt_offset);
@@ -31711,7 +31711,7 @@ index fdae61f..6aecf8b 100644
pipesrc = I915_READ(PIPESRC(intel_crtc->pipe)) & 0x0fff0fff;
OUT_RING(pf | pipesrc);
ADVANCE_LP_RING();
-@@ -7317,7 +7322,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
+@@ -7324,7 +7329,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
/* Block clients from rendering to the new back buffer until
* the flip occurs and the object is no longer visible.
*/
@@ -31720,7 +31720,7 @@ index fdae61f..6aecf8b 100644
ret = dev_priv->display.queue_flip(dev, crtc, fb, obj);
if (ret)
-@@ -7331,7 +7336,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
+@@ -7338,7 +7343,7 @@ static int intel_crtc_page_flip(struct drm_crtc *crtc,
return 0;
cleanup_pending:
@@ -32403,10 +32403,10 @@ index 8a8725c..afed796 100644
marker = list_first_entry(&queue->head,
struct vmw_marker, head);
diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c
-index a21e763..dfe7ce4 100644
+index 279b863d..cf4afe1 100644
--- a/drivers/hid/hid-core.c
+++ b/drivers/hid/hid-core.c
-@@ -2031,7 +2031,7 @@ static bool hid_ignore(struct hid_device *hdev)
+@@ -2032,7 +2032,7 @@ static bool hid_ignore(struct hid_device *hdev)
int hid_add_device(struct hid_device *hdev)
{
@@ -32415,7 +32415,7 @@ index a21e763..dfe7ce4 100644
int ret;
if (WARN_ON(hdev->status & HID_STAT_ADDED))
-@@ -2046,7 +2046,7 @@ int hid_add_device(struct hid_device *hdev)
+@@ -2047,7 +2047,7 @@ int hid_add_device(struct hid_device *hdev)
/* XXX hack, any other cleaner solution after the driver core
* is converted to allow more than 20 bytes as the device name? */
dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus,
@@ -34372,10 +34372,10 @@ index 4daf9e5..b8d1d0f 100644
.device = PCI_ANY_ID,
.subvendor = PCI_ANY_ID,
diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c
-index 1ce84ed..0fdd40a 100644
+index 42c873f..14d71c1 100644
--- a/drivers/md/dm-ioctl.c
+++ b/drivers/md/dm-ioctl.c
-@@ -1589,7 +1589,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param)
+@@ -1597,7 +1597,7 @@ static int validate_params(uint cmd, struct dm_ioctl *param)
cmd == DM_LIST_VERSIONS_CMD)
return 0;
@@ -35777,10 +35777,10 @@ index b94d5f7..7f494c5 100644
extern int xpc_disengage_timedout;
extern int xpc_activate_IRQ_rcvd;
diff --git a/drivers/misc/sgi-xp/xpc_main.c b/drivers/misc/sgi-xp/xpc_main.c
-index 8d082b4..aa749ae 100644
+index d971817..3805cce 100644
--- a/drivers/misc/sgi-xp/xpc_main.c
+++ b/drivers/misc/sgi-xp/xpc_main.c
-@@ -162,7 +162,7 @@ static struct notifier_block xpc_die_notifier = {
+@@ -166,7 +166,7 @@ static struct notifier_block xpc_die_notifier = {
.notifier_call = xpc_system_die,
};
@@ -35943,7 +35943,7 @@ index ac40925..483b753 100644
#include <linux/mtd/nand.h>
#include <linux/mtd/nftl.h>
diff --git a/drivers/net/bonding/bond_sysfs.c b/drivers/net/bonding/bond_sysfs.c
-index 4ef7e2f..567cf0f 100644
+index a03fde9..83254bc 100644
--- a/drivers/net/bonding/bond_sysfs.c
+++ b/drivers/net/bonding/bond_sysfs.c
@@ -1061,7 +1061,7 @@ static ssize_t bonding_store_primary(struct device *d,
@@ -38079,10 +38079,10 @@ index ee77a58..af9d518 100644
/* These three are default values which can be overridden */
diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
-index 22523aa..52f4965 100644
+index 0f48550..e3fb2d8 100644
--- a/drivers/scsi/hpsa.c
+++ b/drivers/scsi/hpsa.c
-@@ -505,7 +505,7 @@ static inline u32 next_command(struct ctlr_info *h)
+@@ -523,7 +523,7 @@ static inline u32 next_command(struct ctlr_info *h)
u32 a;
if (unlikely(!(h->transMethod & CFGTBL_Trans_Performant)))
@@ -38091,7 +38091,7 @@ index 22523aa..52f4965 100644
if ((*(h->reply_pool_head) & 1) == (h->reply_pool_wraparound)) {
a = *(h->reply_pool_head); /* Next cmd in ring buffer */
-@@ -3016,7 +3016,7 @@ static void start_io(struct ctlr_info *h)
+@@ -3034,7 +3034,7 @@ static void start_io(struct ctlr_info *h)
while (!list_empty(&h->reqQ)) {
c = list_entry(h->reqQ.next, struct CommandList, list);
/* can't do anything if fifo is full */
@@ -38100,7 +38100,7 @@ index 22523aa..52f4965 100644
dev_warn(&h->pdev->dev, "fifo full\n");
break;
}
-@@ -3026,7 +3026,7 @@ static void start_io(struct ctlr_info *h)
+@@ -3044,7 +3044,7 @@ static void start_io(struct ctlr_info *h)
h->Qdepth--;
/* Tell the controller execute command */
@@ -38109,7 +38109,7 @@ index 22523aa..52f4965 100644
/* Put job onto the completed Q */
addQ(&h->cmpQ, c);
-@@ -3035,17 +3035,17 @@ static void start_io(struct ctlr_info *h)
+@@ -3053,17 +3053,17 @@ static void start_io(struct ctlr_info *h)
static inline unsigned long get_next_completion(struct ctlr_info *h)
{
@@ -38130,7 +38130,7 @@ index 22523aa..52f4965 100644
(h->interrupts_enabled == 0);
}
-@@ -3945,7 +3945,7 @@ static int __devinit hpsa_pci_init(struct ctlr_info *h)
+@@ -3963,7 +3963,7 @@ static int __devinit hpsa_pci_init(struct ctlr_info *h)
if (prod_index < 0)
return -ENODEV;
h->product_name = products[prod_index].product_name;
@@ -38139,7 +38139,7 @@ index 22523aa..52f4965 100644
if (hpsa_board_disabled(h->pdev)) {
dev_warn(&h->pdev->dev, "controller appears to be disabled\n");
-@@ -4190,7 +4190,7 @@ static void controller_lockup_detected(struct ctlr_info *h)
+@@ -4208,7 +4208,7 @@ static void controller_lockup_detected(struct ctlr_info *h)
assert_spin_locked(&lockup_detector_lock);
remove_ctlr_from_lockup_detector_list(h);
@@ -38148,7 +38148,7 @@ index 22523aa..52f4965 100644
spin_lock_irqsave(&h->lock, flags);
h->lockup_detected = readl(h->vaddr + SA5_SCRATCHPAD_OFFSET);
spin_unlock_irqrestore(&h->lock, flags);
-@@ -4366,7 +4366,7 @@ reinit_after_soft_reset:
+@@ -4384,7 +4384,7 @@ reinit_after_soft_reset:
}
/* make sure the board interrupts are off */
@@ -38157,7 +38157,7 @@ index 22523aa..52f4965 100644
if (hpsa_request_irq(h, do_hpsa_intr_msi, do_hpsa_intr_intx))
goto clean2;
-@@ -4400,7 +4400,7 @@ reinit_after_soft_reset:
+@@ -4418,7 +4418,7 @@ reinit_after_soft_reset:
* fake ones to scoop up any residual completions.
*/
spin_lock_irqsave(&h->lock, flags);
@@ -38166,7 +38166,7 @@ index 22523aa..52f4965 100644
spin_unlock_irqrestore(&h->lock, flags);
free_irq(h->intr[h->intr_mode], h);
rc = hpsa_request_irq(h, hpsa_msix_discard_completions,
-@@ -4419,9 +4419,9 @@ reinit_after_soft_reset:
+@@ -4437,9 +4437,9 @@ reinit_after_soft_reset:
dev_info(&h->pdev->dev, "Board READY.\n");
dev_info(&h->pdev->dev,
"Waiting for stale completions to drain.\n");
@@ -38178,7 +38178,7 @@ index 22523aa..52f4965 100644
rc = controller_reset_failed(h->cfgtable);
if (rc)
-@@ -4442,7 +4442,7 @@ reinit_after_soft_reset:
+@@ -4460,7 +4460,7 @@ reinit_after_soft_reset:
}
/* Turn the interrupts on so we can service requests */
@@ -38187,7 +38187,7 @@ index 22523aa..52f4965 100644
hpsa_hba_inquiry(h);
hpsa_register_scsi(h); /* hook ourselves into SCSI subsystem */
-@@ -4494,7 +4494,7 @@ static void hpsa_shutdown(struct pci_dev *pdev)
+@@ -4512,7 +4512,7 @@ static void hpsa_shutdown(struct pci_dev *pdev)
* To write all data in the battery backed cache to disks
*/
hpsa_flush_cache(h);
@@ -38196,7 +38196,7 @@ index 22523aa..52f4965 100644
free_irq(h->intr[h->intr_mode], h);
#ifdef CONFIG_PCI_MSI
if (h->msix_vector)
-@@ -4658,7 +4658,7 @@ static __devinit void hpsa_enter_performant_mode(struct ctlr_info *h,
+@@ -4676,7 +4676,7 @@ static __devinit void hpsa_enter_performant_mode(struct ctlr_info *h,
return;
}
/* Change the access methods to the performant access methods */
@@ -38757,10 +38757,10 @@ index 6c4b620..78feefb 100644
disposition = scsi_decide_disposition(cmd);
if (disposition != SUCCESS &&
diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c
-index 08d48a3..2be990d 100644
+index 72ca515..708d627 100644
--- a/drivers/scsi/scsi_sysfs.c
+++ b/drivers/scsi/scsi_sysfs.c
-@@ -660,7 +660,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \
+@@ -657,7 +657,7 @@ show_iostat_##field(struct device *dev, struct device_attribute *attr, \
char *buf) \
{ \
struct scsi_device *sdev = to_scsi_device(dev); \
@@ -39331,7 +39331,7 @@ index ed147c4..94fc3c6 100644
/* core tmem accessor functions */
diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c
-index 6fa7222..6c7cfc2 100644
+index 3effde2..dda7d46 100644
--- a/drivers/target/iscsi/iscsi_target.c
+++ b/drivers/target/iscsi/iscsi_target.c
@@ -1351,7 +1351,7 @@ static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf)
@@ -45576,7 +45576,7 @@ index 9a37a9b..35792b6 100644
/*
* We'll have a dentry and an inode for
diff --git a/fs/dcache.c b/fs/dcache.c
-index 63c0c6b..d8f3b69 100644
+index bb7f4cc..0e0980e 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -103,11 +103,11 @@ static unsigned int d_hash_shift __read_mostly;
@@ -45701,7 +45701,7 @@ index a6f3763..f38ed00 100644
out_free_fd:
diff --git a/fs/exec.c b/fs/exec.c
-index 121ccae..c3cc8b9 100644
+index c27fa0d..00ce2eb 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -55,12 +55,33 @@
@@ -46000,7 +46000,7 @@ index 121ccae..c3cc8b9 100644
/*
* Release all of the old mmap stuff
*/
-@@ -1115,10 +1170,6 @@ EXPORT_SYMBOL(would_dump);
+@@ -1116,10 +1171,6 @@ EXPORT_SYMBOL(would_dump);
void setup_new_exec(struct linux_binprm * bprm)
{
@@ -46011,7 +46011,7 @@ index 121ccae..c3cc8b9 100644
arch_pick_mmap_layout(current->mm);
/* This is the point of no return */
-@@ -1129,18 +1180,7 @@ void setup_new_exec(struct linux_binprm * bprm)
+@@ -1130,18 +1181,7 @@ void setup_new_exec(struct linux_binprm * bprm)
else
set_dumpable(current->mm, suid_dumpable);
@@ -46031,7 +46031,7 @@ index 121ccae..c3cc8b9 100644
/* Set the new mm task size. We have to do that late because it may
* depend on TIF_32BIT which is only updated in flush_thread() on
-@@ -1250,7 +1290,7 @@ int check_unsafe_exec(struct linux_binprm *bprm)
+@@ -1266,7 +1306,7 @@ int check_unsafe_exec(struct linux_binprm *bprm)
}
rcu_read_unlock();
@@ -46040,7 +46040,7 @@ index 121ccae..c3cc8b9 100644
bprm->unsafe |= LSM_UNSAFE_SHARE;
} else {
res = -EAGAIN;
-@@ -1445,6 +1485,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
+@@ -1461,6 +1501,28 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
EXPORT_SYMBOL(search_binary_handler);
@@ -46069,7 +46069,7 @@ index 121ccae..c3cc8b9 100644
/*
* sys_execve() executes a new program.
*/
-@@ -1453,6 +1515,11 @@ static int do_execve_common(const char *filename,
+@@ -1469,6 +1531,11 @@ static int do_execve_common(const char *filename,
struct user_arg_ptr envp,
struct pt_regs *regs)
{
@@ -46081,7 +46081,7 @@ index 121ccae..c3cc8b9 100644
struct linux_binprm *bprm;
struct file *file;
struct files_struct *displaced;
-@@ -1460,6 +1527,8 @@ static int do_execve_common(const char *filename,
+@@ -1476,6 +1543,8 @@ static int do_execve_common(const char *filename,
int retval;
const struct cred *cred = current_cred();
@@ -46090,7 +46090,7 @@ index 121ccae..c3cc8b9 100644
/*
* We move the actual failure in case of RLIMIT_NPROC excess from
* set*uid() to execve() because too many poorly written programs
-@@ -1500,12 +1569,27 @@ static int do_execve_common(const char *filename,
+@@ -1516,12 +1585,27 @@ static int do_execve_common(const char *filename,
if (IS_ERR(file))
goto out_unmark;
@@ -46118,7 +46118,7 @@ index 121ccae..c3cc8b9 100644
retval = bprm_mm_init(bprm);
if (retval)
goto out_file;
-@@ -1522,24 +1606,65 @@ static int do_execve_common(const char *filename,
+@@ -1538,24 +1622,65 @@ static int do_execve_common(const char *filename,
if (retval < 0)
goto out;
@@ -46188,7 +46188,7 @@ index 121ccae..c3cc8b9 100644
current->fs->in_exec = 0;
current->in_execve = 0;
acct_update_integrals(current);
-@@ -1548,6 +1673,14 @@ static int do_execve_common(const char *filename,
+@@ -1564,6 +1689,14 @@ static int do_execve_common(const char *filename,
put_files_struct(displaced);
return retval;
@@ -46203,7 +46203,7 @@ index 121ccae..c3cc8b9 100644
out:
if (bprm->mm) {
acct_arg_size(bprm, 0);
-@@ -1621,7 +1754,7 @@ static int expand_corename(struct core_name *cn)
+@@ -1637,7 +1770,7 @@ static int expand_corename(struct core_name *cn)
{
char *old_corename = cn->corename;
@@ -46212,7 +46212,7 @@ index 121ccae..c3cc8b9 100644
cn->corename = krealloc(old_corename, cn->size, GFP_KERNEL);
if (!cn->corename) {
-@@ -1718,7 +1851,7 @@ static int format_corename(struct core_name *cn, long signr)
+@@ -1734,7 +1867,7 @@ static int format_corename(struct core_name *cn, long signr)
int pid_in_pattern = 0;
int err = 0;
@@ -46221,7 +46221,7 @@ index 121ccae..c3cc8b9 100644
cn->corename = kmalloc(cn->size, GFP_KERNEL);
cn->used = 0;
-@@ -1815,6 +1948,250 @@ out:
+@@ -1831,6 +1964,250 @@ out:
return ispipe;
}
@@ -46472,7 +46472,7 @@ index 121ccae..c3cc8b9 100644
static int zap_process(struct task_struct *start, int exit_code)
{
struct task_struct *t;
-@@ -1988,17 +2365,17 @@ static void coredump_finish(struct mm_struct *mm)
+@@ -2004,17 +2381,17 @@ static void coredump_finish(struct mm_struct *mm)
void set_dumpable(struct mm_struct *mm, int value)
{
switch (value) {
@@ -46493,7 +46493,7 @@ index 121ccae..c3cc8b9 100644
set_bit(MMF_DUMP_SECURELY, &mm->flags);
smp_wmb();
set_bit(MMF_DUMPABLE, &mm->flags);
-@@ -2011,7 +2388,7 @@ static int __get_dumpable(unsigned long mm_flags)
+@@ -2027,7 +2404,7 @@ static int __get_dumpable(unsigned long mm_flags)
int ret;
ret = mm_flags & MMF_DUMPABLE_MASK;
@@ -46502,7 +46502,7 @@ index 121ccae..c3cc8b9 100644
}
int get_dumpable(struct mm_struct *mm)
-@@ -2026,17 +2403,17 @@ static void wait_for_dump_helpers(struct file *file)
+@@ -2042,17 +2419,17 @@ static void wait_for_dump_helpers(struct file *file)
pipe = file->f_path.dentry->d_inode->i_pipe;
pipe_lock(pipe);
@@ -46525,7 +46525,7 @@ index 121ccae..c3cc8b9 100644
pipe_unlock(pipe);
}
-@@ -2097,7 +2474,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2113,7 +2490,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
int retval = 0;
int flag = 0;
int ispipe;
@@ -46535,7 +46535,7 @@ index 121ccae..c3cc8b9 100644
struct coredump_params cprm = {
.signr = signr,
.regs = regs,
-@@ -2112,6 +2490,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2128,6 +2506,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
audit_core_dumps(signr);
@@ -46545,7 +46545,7 @@ index 121ccae..c3cc8b9 100644
binfmt = mm->binfmt;
if (!binfmt || !binfmt->core_dump)
goto fail;
-@@ -2122,14 +2503,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2138,14 +2519,16 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
if (!cred)
goto fail;
/*
@@ -46566,7 +46566,7 @@ index 121ccae..c3cc8b9 100644
}
retval = coredump_wait(exit_code, &core_state);
-@@ -2179,7 +2562,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2195,7 +2578,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
}
cprm.limit = RLIM_INFINITY;
@@ -46575,7 +46575,7 @@ index 121ccae..c3cc8b9 100644
if (core_pipe_limit && (core_pipe_limit < dump_count)) {
printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n",
task_tgid_vnr(current), current->comm);
-@@ -2206,9 +2589,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
+@@ -2222,9 +2605,19 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
} else {
struct inode *inode;
@@ -46595,7 +46595,7 @@ index 121ccae..c3cc8b9 100644
cprm.file = filp_open(cn.corename,
O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
0600);
-@@ -2249,7 +2642,7 @@ close_fail:
+@@ -2265,7 +2658,7 @@ close_fail:
filp_close(cprm.file, NULL);
fail_dropcount:
if (ispipe)
@@ -46604,7 +46604,7 @@ index 121ccae..c3cc8b9 100644
fail_unlock:
kfree(cn.corename);
fail_corename:
-@@ -2268,7 +2661,7 @@ fail:
+@@ -2284,7 +2677,7 @@ fail:
*/
int dump_write(struct file *file, const void *addr, int nr)
{
@@ -46692,18 +46692,6 @@ index 8cb184c..09ff6c4 100644
atomic_t s_lock_busy;
/* locality groups */
-diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
-index bac2330..8424dda 100644
---- a/fs/ext4/inode.c
-+++ b/fs/ext4/inode.c
-@@ -1422,6 +1422,7 @@ static void ext4_da_block_invalidatepages(struct mpage_da_data *mpd)
-
- index = mpd->first_page;
- end = mpd->next_page - 1;
-+ pagevec_init(&pvec, 0);
- while (index <= end) {
- nr_pages = pagevec_lookup(&pvec, mapping, index, PAGEVEC_SIZE);
- if (nr_pages == 0)
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index 1d07c12..9965aec 100644
--- a/fs/ext4/mballoc.c
@@ -49396,7 +49384,7 @@ index b78b5b6..c64d84f 100644
void nfs_fattr_init(struct nfs_fattr *fattr)
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
-index 5c3cd82..ed535e5 100644
+index 1ec1fde..a58f201 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -914,7 +914,7 @@ nfsd_vfs_read(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file,
@@ -49417,7 +49405,7 @@ index 5c3cd82..ed535e5 100644
set_fs(oldfs);
if (host_err < 0)
goto out_nfserr;
-@@ -1553,7 +1553,7 @@ nfsd_readlink(struct svc_rqst *rqstp, struct svc_fh *fhp, char *buf, int *lenp)
+@@ -1559,7 +1559,7 @@ nfsd_readlink(struct svc_rqst *rqstp, struct svc_fh *fhp, char *buf, int *lenp)
*/
oldfs = get_fs(); set_fs(KERNEL_DS);
@@ -49951,7 +49939,7 @@ index 15af622..0e9f4467 100644
help
Various /proc files exist to monitor process memory utilization:
diff --git a/fs/proc/array.c b/fs/proc/array.c
-index 3a1dafd..dbcf51d 100644
+index 439b5a1..61db155 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -60,6 +60,7 @@
@@ -52985,10 +52973,10 @@ index 0000000..1b9afa9
+endif
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c
new file mode 100644
-index 0000000..93f15bf
+index 0000000..24d469f
--- /dev/null
+++ b/grsecurity/gracl.c
-@@ -0,0 +1,4229 @@
+@@ -0,0 +1,4212 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -54165,14 +54153,6 @@ index 0000000..93f15bf
+ break;
+
+ userp = s_tmp.prev;
-+ /* do not count nested subjects against this count, since
-+ they are not included in the hash table, but are
-+ attached to objects. We have already counted
-+ the subjects in userspace for the allocation
-+ stack
-+ */
-+ if (!(s_tmp.mode & GR_NESTED))
-+ num++;
+ }
+
+ return num;
@@ -54450,15 +54430,6 @@ index 0000000..93f15bf
+ sizeof (struct acl_subject_label)))
+ return -EFAULT;
+
-+ /* do not add nested subjects here, add
-+ while parsing objects
-+ */
-+
-+ if (s_pre.mode & GR_NESTED) {
-+ userp = s_pre.prev;
-+ continue;
-+ }
-+
+ ret = do_copy_user_subj(userp, role, NULL);
+
+ err = PTR_ERR(ret);
@@ -62672,7 +62643,7 @@ index 49a83ca..df96b54 100644
#undef __HANDLE_ITEM
};
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
-index fd88a39..8a801b4 100644
+index f606406..9c3626e 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -18,7 +18,7 @@ struct pt_regs;
@@ -63744,7 +63715,7 @@ index 0000000..323ecf2
+#endif
diff --git a/include/linux/grdefs.h b/include/linux/grdefs.h
new file mode 100644
-index 0000000..b30e9bc
+index 0000000..be66033
--- /dev/null
+++ b/include/linux/grdefs.h
@@ -0,0 +1,140 @@
@@ -63832,7 +63803,7 @@ index 0000000..b30e9bc
+ GR_PROTPROCFD = 0x00000400,
+ GR_PROCACCT = 0x00000800,
+ GR_RELAXPTRACE = 0x00001000,
-+ GR_NESTED = 0x00002000,
++ //GR_NESTED = 0x00002000,
+ GR_INHERITLEARN = 0x00004000,
+ GR_PROCFIND = 0x00008000,
+ GR_POVERRIDE = 0x00010000,
@@ -64515,10 +64486,10 @@ index 331e2ef..fcd0ee5 100644
#define PM_HINT_FULLON 1<<5
#define PM_HINT_NORMAL 1<<1
diff --git a/include/linux/highmem.h b/include/linux/highmem.h
-index 3a93f73..b19d0b3 100644
+index 52e9620..26c34b1 100644
--- a/include/linux/highmem.h
+++ b/include/linux/highmem.h
-@@ -185,6 +185,18 @@ static inline void clear_highpage(struct page *page)
+@@ -192,6 +192,18 @@ static inline void clear_highpage(struct page *page)
kunmap_atomic(kaddr, KM_USER0);
}
@@ -64869,40 +64840,6 @@ index 6bea2c2..a27245a 100644
/*
* Kernel text modification mutex, used for code patching. Users of this lock
-diff --git a/include/linux/mempolicy.h b/include/linux/mempolicy.h
-index 3e8f2f7..f85c5ab 100644
---- a/include/linux/mempolicy.h
-+++ b/include/linux/mempolicy.h
-@@ -137,16 +137,6 @@ static inline void mpol_cond_put(struct mempolicy *pol)
- __mpol_put(pol);
- }
-
--extern struct mempolicy *__mpol_cond_copy(struct mempolicy *tompol,
-- struct mempolicy *frompol);
--static inline struct mempolicy *mpol_cond_copy(struct mempolicy *tompol,
-- struct mempolicy *frompol)
--{
-- if (!frompol)
-- return frompol;
-- return __mpol_cond_copy(tompol, frompol);
--}
--
- extern struct mempolicy *__mpol_dup(struct mempolicy *pol);
- static inline struct mempolicy *mpol_dup(struct mempolicy *pol)
- {
-@@ -270,12 +260,6 @@ static inline void mpol_cond_put(struct mempolicy *pol)
- {
- }
-
--static inline struct mempolicy *mpol_cond_copy(struct mempolicy *to,
-- struct mempolicy *from)
--{
-- return from;
--}
--
- static inline void mpol_get(struct mempolicy *pol)
- {
- }
diff --git a/include/linux/mfd/abx500.h b/include/linux/mfd/abx500.h
index 9970337..9444122 100644
--- a/include/linux/mfd/abx500.h
@@ -68482,10 +68419,10 @@ index b463871..fa3ea1f 100644
* nsown_capable - Check superior capability to one's own user_ns
* @cap: The capability in question
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
-index 6337535..861ca46 100644
+index b6cacf1..811c188 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
-@@ -5155,7 +5155,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
+@@ -5145,7 +5145,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
struct css_set *cg = link->cg;
struct task_struct *task;
int count = 0;
@@ -69071,7 +69008,7 @@ index 234e152..2e3e7e1 100644
{
struct signal_struct *sig = current->signal;
diff --git a/kernel/fork.c b/kernel/fork.c
-index 222457a..de637ca 100644
+index ce0c182..ce1dbee 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -270,19 +270,24 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
@@ -69359,7 +69296,7 @@ index 222457a..de637ca 100644
return 0;
}
-@@ -1105,6 +1174,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
+@@ -1104,6 +1173,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
#endif
retval = -EAGAIN;
@@ -69369,7 +69306,7 @@ index 222457a..de637ca 100644
if (atomic_read(&p->real_cred->user->processes) >=
task_rlimit(p, RLIMIT_NPROC)) {
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
-@@ -1321,6 +1393,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
+@@ -1314,6 +1386,9 @@ static struct task_struct *copy_process(unsigned long clone_flags,
/* Need tasklist lock for parent etc handling! */
write_lock_irq(&tasklist_lock);
@@ -69379,7 +69316,7 @@ index 222457a..de637ca 100644
/* CLONE_PARENT re-uses the old parent */
if (clone_flags & (CLONE_PARENT|CLONE_THREAD)) {
p->real_parent = current->real_parent;
-@@ -1428,6 +1503,8 @@ bad_fork_cleanup_count:
+@@ -1421,6 +1496,8 @@ bad_fork_cleanup_count:
bad_fork_free:
free_task(p);
fork_out:
@@ -69388,7 +69325,7 @@ index 222457a..de637ca 100644
return ERR_PTR(retval);
}
-@@ -1528,6 +1605,8 @@ long do_fork(unsigned long clone_flags,
+@@ -1521,6 +1598,8 @@ long do_fork(unsigned long clone_flags,
if (clone_flags & CLONE_PARENT_SETTID)
put_user(nr, parent_tidptr);
@@ -69397,7 +69334,7 @@ index 222457a..de637ca 100644
if (clone_flags & CLONE_VFORK) {
p->vfork_done = &vfork;
init_completion(&vfork);
-@@ -1637,7 +1716,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
+@@ -1630,7 +1709,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
return 0;
/* don't need lock here; in the worst case we'll do useless copy */
@@ -69406,7 +69343,7 @@ index 222457a..de637ca 100644
return 0;
*new_fsp = copy_fs_struct(fs);
-@@ -1726,7 +1805,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
+@@ -1719,7 +1798,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
fs = current->fs;
spin_lock(&fs->lock);
current->fs = new_fs;
@@ -71531,7 +71468,7 @@ index 764825c..3aa6ac4 100644
for (i = 0; i < RCU_TORTURE_PIPE_LEN + 1; i++) {
per_cpu(rcu_torture_count, cpu)[i] = 0;
diff --git a/kernel/rcutree.c b/kernel/rcutree.c
-index a122196..78d44bb 100644
+index 1aa52af..f2b89e8 100644
--- a/kernel/rcutree.c
+++ b/kernel/rcutree.c
@@ -369,9 +369,9 @@ void rcu_enter_nohz(void)
@@ -71875,7 +71812,7 @@ index fcc893f..a628984 100644
if (policy != p->policy && !rlim_rtprio)
return -EPERM;
diff --git a/kernel/sched_autogroup.c b/kernel/sched_autogroup.c
-index 429242f..d7cca82 100644
+index f280df1..da1281d 100644
--- a/kernel/sched_autogroup.c
+++ b/kernel/sched_autogroup.c
@@ -7,7 +7,7 @@
@@ -72122,7 +72059,7 @@ index 2c71d91..1021f81 100644
struct tasklet_struct *list;
diff --git a/kernel/sys.c b/kernel/sys.c
-index d7c4ab0..fc14d2f 100644
+index f5939c2..110dc5d 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -158,6 +158,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error)
@@ -72890,7 +72827,7 @@ index 16fc34a..efd8bb8 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index 25b4f4d..6f4772d 100644
+index 54dba59..fb6a82f 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -1587,12 +1587,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
@@ -72923,7 +72860,7 @@ index 25b4f4d..6f4772d 100644
struct ftrace_func_probe *entry;
struct ftrace_page *pg;
diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
-index f5b7b5c..6a8ac26 100644
+index 6fdc629..55739fe 100644
--- a/kernel/trace/ring_buffer.c
+++ b/kernel/trace/ring_buffer.c
@@ -376,9 +376,9 @@ struct buffer_data_page {
@@ -73106,7 +73043,7 @@ index f5b7b5c..6a8ac26 100644
}
/**
-@@ -2757,7 +2757,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu)
+@@ -2758,7 +2758,7 @@ unsigned long ring_buffer_overrun_cpu(struct ring_buffer *buffer, int cpu)
return 0;
cpu_buffer = buffer->buffers[cpu];
@@ -73115,7 +73052,7 @@ index f5b7b5c..6a8ac26 100644
return ret;
}
-@@ -2778,7 +2778,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu)
+@@ -2779,7 +2779,7 @@ ring_buffer_commit_overrun_cpu(struct ring_buffer *buffer, int cpu)
return 0;
cpu_buffer = buffer->buffers[cpu];
@@ -73124,7 +73061,7 @@ index f5b7b5c..6a8ac26 100644
return ret;
}
-@@ -2823,7 +2823,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer)
+@@ -2824,7 +2824,7 @@ unsigned long ring_buffer_overruns(struct ring_buffer *buffer)
/* if you care about this being correct, lock the buffer */
for_each_buffer_cpu(buffer, cpu) {
cpu_buffer = buffer->buffers[cpu];
@@ -73133,7 +73070,7 @@ index f5b7b5c..6a8ac26 100644
}
return overruns;
-@@ -2995,8 +2995,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
+@@ -2996,8 +2996,8 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
/*
* Reset the reader page to size zero.
*/
@@ -73144,7 +73081,7 @@ index f5b7b5c..6a8ac26 100644
local_set(&cpu_buffer->reader_page->page->commit, 0);
cpu_buffer->reader_page->real_end = 0;
-@@ -3028,7 +3028,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
+@@ -3031,7 +3031,7 @@ rb_get_reader_page(struct ring_buffer_per_cpu *cpu_buffer)
* want to compare with the last_overrun.
*/
smp_mb();
@@ -73153,7 +73090,7 @@ index f5b7b5c..6a8ac26 100644
/*
* Here's the tricky part.
-@@ -3576,8 +3576,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
+@@ -3579,8 +3579,8 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
cpu_buffer->head_page
= list_entry(cpu_buffer->pages, struct buffer_page, list);
@@ -73164,7 +73101,7 @@ index f5b7b5c..6a8ac26 100644
local_set(&cpu_buffer->head_page->page->commit, 0);
cpu_buffer->head_page->read = 0;
-@@ -3586,14 +3586,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
+@@ -3589,14 +3589,14 @@ rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer)
cpu_buffer->commit_page = cpu_buffer->head_page;
INIT_LIST_HEAD(&cpu_buffer->reader_page->list);
@@ -73183,7 +73120,7 @@ index f5b7b5c..6a8ac26 100644
local_set(&cpu_buffer->entries, 0);
local_set(&cpu_buffer->committing, 0);
local_set(&cpu_buffer->commits, 0);
-@@ -3991,8 +3991,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer,
+@@ -3994,8 +3994,8 @@ int ring_buffer_read_page(struct ring_buffer *buffer,
rb_init_page(bpage);
bpage = reader->page;
reader->page = *data_page;
@@ -73410,7 +73347,7 @@ index 209b379..7f76423 100644
put_task_struct(tsk);
}
diff --git a/kernel/workqueue.c b/kernel/workqueue.c
-index d551d5f..a6ca577 100644
+index 7bf068a..1323074 100644
--- a/kernel/workqueue.c
+++ b/kernel/workqueue.c
@@ -3470,7 +3470,7 @@ static int __cpuinit trustee_thread(void *__gcwq)
@@ -73890,10 +73827,10 @@ index 9ed4fd4..c42648d 100644
* Make sure the vma is shared, that it supports prefaulting,
* and that the remapped range is valid and fully within
diff --git a/mm/highmem.c b/mm/highmem.c
-index 57d82c6..e9e0552 100644
+index 2a07f97..2cdc054 100644
--- a/mm/highmem.c
+++ b/mm/highmem.c
-@@ -125,9 +125,10 @@ static void flush_all_zero_pkmaps(void)
+@@ -138,9 +138,10 @@ static void flush_all_zero_pkmaps(void)
* So no dangers, even with speculative execution.
*/
page = pte_page(pkmap_page_table[i]);
@@ -73905,7 +73842,7 @@ index 57d82c6..e9e0552 100644
set_page_address(page, NULL);
need_flush = 1;
}
-@@ -186,9 +187,11 @@ start:
+@@ -199,9 +200,11 @@ start:
}
}
vaddr = PKMAP_ADDR(last_pkmap_nr);
@@ -73919,7 +73856,7 @@ index 57d82c6..e9e0552 100644
set_page_address(page, (void *)vaddr);
diff --git a/mm/huge_memory.c b/mm/huge_memory.c
-index 8f005e9..1cb1036 100644
+index 470cbb4..8d01b5a 100644
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -704,7 +704,7 @@ out:
@@ -74237,7 +74174,7 @@ index 1b03878..de5405e 100644
/* keep elevated page count for bad page */
return ret;
diff --git a/mm/memory.c b/mm/memory.c
-index 70f5daf..0964853 100644
+index 15e686a..ab78050 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -457,8 +457,12 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud,
@@ -74804,10 +74741,10 @@ index 70f5daf..0964853 100644
+ }
+#endif
+
+ retry:
pgd = pgd_offset(mm, address);
pud = pud_alloc(mm, pgd, address);
- if (!pud)
-@@ -3498,7 +3740,7 @@ int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma,
+@@ -3510,7 +3752,7 @@ retry:
* run pte_offset_map on the pmd, if an huge pmd could
* materialize from under us from a different thread.
*/
@@ -74816,7 +74753,7 @@ index 70f5daf..0964853 100644
return VM_FAULT_OOM;
/* if an huge pmd materialized from under us just retry later */
if (unlikely(pmd_trans_huge(*pmd)))
-@@ -3535,6 +3777,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address)
+@@ -3547,6 +3789,23 @@ int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long address)
spin_unlock(&mm->page_table_lock);
return 0;
}
@@ -74840,7 +74777,7 @@ index 70f5daf..0964853 100644
#endif /* __PAGETABLE_PUD_FOLDED */
#ifndef __PAGETABLE_PMD_FOLDED
-@@ -3565,6 +3824,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address)
+@@ -3577,6 +3836,30 @@ int __pmd_alloc(struct mm_struct *mm, pud_t *pud, unsigned long address)
spin_unlock(&mm->page_table_lock);
return 0;
}
@@ -74871,7 +74808,7 @@ index 70f5daf..0964853 100644
#endif /* __PAGETABLE_PMD_FOLDED */
int make_pages_present(unsigned long addr, unsigned long end)
-@@ -3602,7 +3885,7 @@ static int __init gate_vma_init(void)
+@@ -3614,7 +3897,7 @@ static int __init gate_vma_init(void)
gate_vma.vm_start = FIXADDR_USER_START;
gate_vma.vm_end = FIXADDR_USER_END;
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC;
@@ -74917,7 +74854,7 @@ index 9ad7d1e..09d87b7 100644
writeback_set_ratelimit();
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
-index 4c82c21..16ca616 100644
+index c59d44b..9e0a005 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -655,6 +655,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start,
@@ -74991,35 +74928,128 @@ index 4c82c21..16ca616 100644
rcu_read_unlock();
err = -EPERM;
goto out;
-@@ -1999,28 +2031,6 @@ struct mempolicy *__mpol_dup(struct mempolicy *old)
- return new;
- }
+@@ -2334,8 +2366,7 @@ void numa_default_policy(void)
+ */
--/*
-- * If *frompol needs [has] an extra ref, copy *frompol to *tompol ,
-- * eliminate the * MPOL_F_* flags that require conditional ref and
-- * [NOTE!!!] drop the extra ref. Not safe to reference *frompol directly
-- * after return. Use the returned value.
+ /*
+- * "local" is pseudo-policy: MPOL_PREFERRED with MPOL_F_LOCAL flag
+- * Used only for mpol_parse_str() and mpol_to_str()
++ * "local" is implemented internally by MPOL_PREFERRED with MPOL_F_LOCAL flag.
+ */
+ #define MPOL_LOCAL MPOL_MAX
+ static const char * const policy_modes[] =
+@@ -2350,28 +2381,21 @@ static const char * const policy_modes[] =
+
+ #ifdef CONFIG_TMPFS
+ /**
+- * mpol_parse_str - parse string to mempolicy
++ * mpol_parse_str - parse string to mempolicy, for tmpfs mpol mount option.
+ * @str: string containing mempolicy to parse
+ * @mpol: pointer to struct mempolicy pointer, returned on success.
+- * @no_context: flag whether to "contextualize" the mempolicy
++ * @unused: redundant argument, to be removed later.
+ *
+ * Format of input:
+ * <mode>[=<flags>][:<nodelist>]
+ *
+- * if @no_context is true, save the input nodemask in w.user_nodemask in
+- * the returned mempolicy. This will be used to "clone" the mempolicy in
+- * a specific context [cpuset] at a later time. Used to parse tmpfs mpol
+- * mount option. Note that if 'static' or 'relative' mode flags were
+- * specified, the input nodemask will already have been saved. Saving
+- * it again is redundant, but safe.
- *
-- * Allows use of a mempolicy for, e.g., multiple allocations with a single
-- * policy lookup, even if the policy needs/has extra ref on lookup.
-- * shmem_readahead needs this.
-- */
--struct mempolicy *__mpol_cond_copy(struct mempolicy *tompol,
-- struct mempolicy *frompol)
--{
-- if (!mpol_needs_cond_ref(frompol))
-- return frompol;
--
-- *tompol = *frompol;
-- tompol->flags &= ~MPOL_F_SHARED; /* copy doesn't need unref */
-- __mpol_put(frompol);
-- return tompol;
--}
--
- /* Slow path of a mempolicy comparison */
- int __mpol_equal(struct mempolicy *a, struct mempolicy *b)
- {
+ * On success, returns 0, else 1
+ */
+-int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
++int mpol_parse_str(char *str, struct mempolicy **mpol, int unused)
+ {
+ struct mempolicy *new = NULL;
+ unsigned short mode;
+- unsigned short uninitialized_var(mode_flags);
++ unsigned short mode_flags;
+ nodemask_t nodes;
+ char *nodelist = strchr(str, ':');
+ char *flags = strchr(str, '=');
+@@ -2459,24 +2483,23 @@ int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
+ if (IS_ERR(new))
+ goto out;
+
+- if (no_context) {
+- /* save for contextualization */
+- new->w.user_nodemask = nodes;
+- } else {
+- int ret;
+- NODEMASK_SCRATCH(scratch);
+- if (scratch) {
+- task_lock(current);
+- ret = mpol_set_nodemask(new, &nodes, scratch);
+- task_unlock(current);
+- } else
+- ret = -ENOMEM;
+- NODEMASK_SCRATCH_FREE(scratch);
+- if (ret) {
+- mpol_put(new);
+- goto out;
+- }
+- }
++ /*
++ * Save nodes for mpol_to_str() to show the tmpfs mount options
++ * for /proc/mounts, /proc/pid/mounts and /proc/pid/mountinfo.
++ */
++ if (mode != MPOL_PREFERRED)
++ new->v.nodes = nodes;
++ else if (nodelist)
++ new->v.preferred_node = first_node(nodes);
++ else
++ new->flags |= MPOL_F_LOCAL;
++
++ /*
++ * Save nodes for contextualization: this will be used to "clone"
++ * the mempolicy in a specific context [cpuset] at a later time.
++ */
++ new->w.user_nodemask = nodes;
++
+ err = 0;
+
+ out:
+@@ -2496,13 +2519,13 @@ out:
+ * @buffer: to contain formatted mempolicy string
+ * @maxlen: length of @buffer
+ * @pol: pointer to mempolicy to be formatted
+- * @no_context: "context free" mempolicy - use nodemask in w.user_nodemask
++ * @unused: redundant argument, to be removed later.
+ *
+ * Convert a mempolicy into a string.
+ * Returns the number of characters in buffer (if positive)
+ * or an error (negative)
+ */
+-int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
++int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int unused)
+ {
+ char *p = buffer;
+ int l;
+@@ -2528,7 +2551,7 @@ int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
+ case MPOL_PREFERRED:
+ nodes_clear(nodes);
+ if (flags & MPOL_F_LOCAL)
+- mode = MPOL_LOCAL; /* pseudo-policy */
++ mode = MPOL_LOCAL;
+ else
+ node_set(pol->v.preferred_node, nodes);
+ break;
+@@ -2536,10 +2559,7 @@ int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
+ case MPOL_BIND:
+ /* Fall through */
+ case MPOL_INTERLEAVE:
+- if (no_context)
+- nodes = pol->w.user_nodemask;
+- else
+- nodes = pol->v.nodes;
++ nodes = pol->v.nodes;
+ break;
+
+ default:
diff --git a/mm/migrate.c b/mm/migrate.c
index 180d97f..c75ef28 100644
--- a/mm/migrate.c
@@ -77121,7 +77151,7 @@ index 8685697..b490361 100644
struct anon_vma_chain *avc;
struct anon_vma *anon_vma;
diff --git a/mm/shmem.c b/mm/shmem.c
-index 2d46e23..5118865 100644
+index 12b9e80..5118865 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -31,7 +31,7 @@
@@ -77142,59 +77172,7 @@ index 2d46e23..5118865 100644
struct shmem_xattr {
struct list_head list; /* anchored by shmem_inode_info->xattr_list */
-@@ -798,24 +798,28 @@ static struct mempolicy *shmem_get_sbmpol(struct shmem_sb_info *sbinfo)
- static struct page *shmem_swapin(swp_entry_t swap, gfp_t gfp,
- struct shmem_inode_info *info, pgoff_t index)
- {
-- struct mempolicy mpol, *spol;
- struct vm_area_struct pvma;
--
-- spol = mpol_cond_copy(&mpol,
-- mpol_shared_policy_lookup(&info->policy, index));
-+ struct page *page;
-
- /* Create a pseudo vma that just contains the policy */
- pvma.vm_start = 0;
- pvma.vm_pgoff = index;
- pvma.vm_ops = NULL;
-- pvma.vm_policy = spol;
-- return swapin_readahead(swap, gfp, &pvma, 0);
-+ pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, index);
-+
-+ page = swapin_readahead(swap, gfp, &pvma, 0);
-+
-+ /* Drop reference taken by mpol_shared_policy_lookup() */
-+ mpol_cond_put(pvma.vm_policy);
-+
-+ return page;
- }
-
- static struct page *shmem_alloc_page(gfp_t gfp,
- struct shmem_inode_info *info, pgoff_t index)
- {
- struct vm_area_struct pvma;
-+ struct page *page;
-
- /* Create a pseudo vma that just contains the policy */
- pvma.vm_start = 0;
-@@ -823,10 +827,12 @@ static struct page *shmem_alloc_page(gfp_t gfp,
- pvma.vm_ops = NULL;
- pvma.vm_policy = mpol_shared_policy_lookup(&info->policy, index);
-
-- /*
-- * alloc_page_vma() will drop the shared policy reference
-- */
-- return alloc_page_vma(gfp, &pvma, 0);
-+ page = alloc_page_vma(gfp, &pvma, 0);
-+
-+ /* Drop reference taken by mpol_shared_policy_lookup() */
-+ mpol_cond_put(pvma.vm_policy);
-+
-+ return page;
- }
- #else /* !CONFIG_NUMA */
- #ifdef CONFIG_TMPFS
-@@ -1803,6 +1809,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = {
+@@ -1809,6 +1809,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = {
static int shmem_xattr_validate(const char *name)
{
struct { const char *prefix; size_t len; } arr[] = {
@@ -77206,7 +77184,7 @@ index 2d46e23..5118865 100644
{ XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN },
{ XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN }
};
-@@ -1856,6 +1867,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name,
+@@ -1862,6 +1867,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name,
if (err)
return err;
@@ -77222,7 +77200,7 @@ index 2d46e23..5118865 100644
if (size == 0)
value = ""; /* empty EA, do not remove */
-@@ -2183,8 +2203,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent)
+@@ -2189,8 +2203,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent)
int err = -ENOMEM;
/* Round up to L1_CACHE_BYTES to resist false sharing */
@@ -78816,7 +78794,7 @@ index 158887a..1b70c49 100644
err = -EFAULT;
break;
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
-index 7ee4ead..fc81180 100644
+index 14c4864..77ff888 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -684,7 +684,7 @@ static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, c
@@ -79808,7 +79786,7 @@ index 86f13c67..59a35b5 100644
secure_ip_id(daddr->addr.a4) :
secure_ipv6_id(daddr->addr.a6));
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
-index fdaabf2..0ec3205 100644
+index a4e7131..fe66a18f 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -316,7 +316,7 @@ static inline int ip_frag_too_far(struct ipq *qp)
@@ -82291,38 +82269,6 @@ index 7635107..4670276 100644
_proto("Tx RESPONSE %%%u", ntohl(hdr->serial));
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len);
-diff --git a/net/sctp/chunk.c b/net/sctp/chunk.c
-index 6c85564..9534bf9 100644
---- a/net/sctp/chunk.c
-+++ b/net/sctp/chunk.c
-@@ -284,7 +284,7 @@ struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
- goto errout;
- err = sctp_user_addto_chunk(chunk, offset, len, msgh->msg_iov);
- if (err < 0)
-- goto errout;
-+ goto errout_chunk_free;
-
- offset += len;
-
-@@ -324,7 +324,7 @@ struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
- __skb_pull(chunk->skb, (__u8 *)chunk->chunk_hdr
- - (__u8 *)chunk->skb->data);
- if (err < 0)
-- goto errout;
-+ goto errout_chunk_free;
-
- sctp_datamsg_assign(msg, chunk);
- list_add_tail(&chunk->frag_list, &msg->chunks);
-@@ -332,6 +332,9 @@ struct sctp_datamsg *sctp_datamsg_from_user(struct sctp_association *asoc,
-
- return msg;
-
-+errout_chunk_free:
-+ sctp_chunk_free(chunk);
-+
- errout:
- list_for_each_safe(pos, temp, &msg->chunks) {
- list_del_init(pos);
diff --git a/net/sctp/proc.c b/net/sctp/proc.c
index 1e2eee8..ce3967e 100644
--- a/net/sctp/proc.c
@@ -82338,7 +82284,7 @@ index 1e2eee8..ce3967e 100644
assoc->assoc_id,
assoc->sndbuf_used,
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
-index 8e49d76..52773ad 100644
+index fa8333b..7382d42 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -4583,6 +4583,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len,
diff --git a/3.2.35/4425_grsec_remove_EI_PAX.patch b/3.2.36/4425_grsec_remove_EI_PAX.patch
similarity index 100%
rename from 3.2.35/4425_grsec_remove_EI_PAX.patch
rename to 3.2.36/4425_grsec_remove_EI_PAX.patch
diff --git a/3.2.35/4430_grsec-remove-localversion-grsec.patch b/3.2.36/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 3.2.35/4430_grsec-remove-localversion-grsec.patch
rename to 3.2.36/4430_grsec-remove-localversion-grsec.patch
diff --git a/3.2.35/4435_grsec-mute-warnings.patch b/3.2.36/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 3.2.35/4435_grsec-mute-warnings.patch
rename to 3.2.36/4435_grsec-mute-warnings.patch
diff --git a/3.2.35/4440_grsec-remove-protected-paths.patch b/3.2.36/4440_grsec-remove-protected-paths.patch
similarity index 100%
rename from 3.2.35/4440_grsec-remove-protected-paths.patch
rename to 3.2.36/4440_grsec-remove-protected-paths.patch
diff --git a/3.2.35/4450_grsec-kconfig-default-gids.patch b/3.2.36/4450_grsec-kconfig-default-gids.patch
similarity index 100%
rename from 3.2.35/4450_grsec-kconfig-default-gids.patch
rename to 3.2.36/4450_grsec-kconfig-default-gids.patch
diff --git a/3.2.35/4465_selinux-avc_audit-log-curr_ip.patch b/3.2.36/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 100%
rename from 3.2.35/4465_selinux-avc_audit-log-curr_ip.patch
rename to 3.2.36/4465_selinux-avc_audit-log-curr_ip.patch
diff --git a/3.2.35/4470_disable-compat_vdso.patch b/3.2.36/4470_disable-compat_vdso.patch
similarity index 100%
rename from 3.2.35/4470_disable-compat_vdso.patch
rename to 3.2.36/4470_disable-compat_vdso.patch
diff --git a/3.7.1/0000_README b/3.7.1/0000_README
index 83049bf..f1aa352 100644
--- a/3.7.1/0000_README
+++ b/3.7.1/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9.1-3.7.1-201301021808.patch
+Patch: 4420_grsecurity-2.9.1-3.7.1-201301041854.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.7.1/4420_grsecurity-2.9.1-3.7.1-201301021808.patch b/3.7.1/4420_grsecurity-2.9.1-3.7.1-201301041854.patch
similarity index 99%
rename from 3.7.1/4420_grsecurity-2.9.1-3.7.1-201301021808.patch
rename to 3.7.1/4420_grsecurity-2.9.1-3.7.1-201301041854.patch
index 864b97b..7e9857c 100644
--- a/3.7.1/4420_grsecurity-2.9.1-3.7.1-201301021808.patch
+++ b/3.7.1/4420_grsecurity-2.9.1-3.7.1-201301041854.patch
@@ -1689,7 +1689,7 @@ index b249035..4ab204b 100644
#define L_PTE_DIRTY_HIGH (1 << (55 - 32))
diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h
-index 08c1231..2602cf2 100644
+index 08c1231..6a2d6b0 100644
--- a/arch/arm/include/asm/pgtable.h
+++ b/arch/arm/include/asm/pgtable.h
@@ -30,6 +30,9 @@
@@ -1758,6 +1758,15 @@ index 08c1231..2602cf2 100644
#define __pgprot_modify(prot,mask,bits) \
__pgprot((pgprot_val(prot) & ~(mask)) | (bits))
+@@ -242,7 +256,7 @@ static inline pte_t pte_mkspecial(pte_t pte) { return pte; }
+
+ static inline pte_t pte_modify(pte_t pte, pgprot_t newprot)
+ {
+- const pteval_t mask = L_PTE_XN | L_PTE_RDONLY | L_PTE_USER;
++ const pteval_t mask = L_PTE_XN | L_PTE_PXN | L_PTE_RDONLY | L_PTE_USER;
+ pte_val(pte) = (pte_val(pte) & ~mask) | (pgprot_val(newprot) & mask);
+ return pte;
+ }
diff --git a/arch/arm/include/asm/proc-fns.h b/arch/arm/include/asm/proc-fns.h
index f3628fb..a0672dd 100644
--- a/arch/arm/include/asm/proc-fns.h
@@ -2293,10 +2302,38 @@ index 87cc6d0..fd4f248 100644
/* omap_hwmod_list contains all registered struct omap_hwmods */
static LIST_HEAD(omap_hwmod_list);
diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
-index 5dbf13f..2a853f8 100644
+index 5dbf13f..9be36fd 100644
--- a/arch/arm/mm/fault.c
+++ b/arch/arm/mm/fault.c
-@@ -174,6 +174,13 @@ __do_user_fault(struct task_struct *tsk, unsigned long addr,
+@@ -25,6 +25,7 @@
+ #include <asm/system_misc.h>
+ #include <asm/system_info.h>
+ #include <asm/tlbflush.h>
++#include <asm/sections.h>
+
+ #include "fault.h"
+
+@@ -138,6 +139,19 @@ __do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr,
+ if (fixup_exception(regs))
+ return;
+
++#ifdef CONFIG_PAX_KERNEXEC
++ if (fsr & FSR_WRITE) {
++ if (((unsigned long)_stext <= addr && addr < init_mm.end_code) || (MODULES_VADDR <= addr && addr < MODULES_END)) {
++ if (current->signal->curr_ip)
++ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
++ ¤t->signal->curr_ip, current->comm, task_pid_nr(current), current_uid(), current_euid());
++ else
++ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to modify kernel code\n",
++ current->comm, task_pid_nr(current), current_uid(), current_euid());
++ }
++ }
++#endif
++
+ /*
+ * No handler, we'll have to terminate things with extreme prejudice.
+ */
+@@ -174,6 +188,13 @@ __do_user_fault(struct task_struct *tsk, unsigned long addr,
}
#endif
@@ -2310,7 +2347,7 @@ index 5dbf13f..2a853f8 100644
tsk->thread.address = addr;
tsk->thread.error_code = fsr;
tsk->thread.trap_no = 14;
-@@ -398,6 +405,33 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+@@ -398,6 +419,33 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
}
#endif /* CONFIG_MMU */
@@ -2344,13 +2381,20 @@ index 5dbf13f..2a853f8 100644
/*
* First Level Translation Fault Handler
*
-@@ -575,12 +609,34 @@ do_PrefetchAbort(unsigned long addr, unsigned int ifsr, struct pt_regs *regs)
+@@ -575,12 +623,41 @@ do_PrefetchAbort(unsigned long addr, unsigned int ifsr, struct pt_regs *regs)
const struct fsr_info *inf = ifsr_info + fsr_fs(ifsr);
struct siginfo info;
+#ifdef CONFIG_PAX_KERNEXEC
-+ if (is_pxn_fault(ifsr) && !user_mode(regs)) {
-+ printk(KERN_ALERT "PAX: Kernel attempted to execute userland memory at %08lx! ifsr=%08x\n", addr, ifsr);
++ if (!user_mode(regs) && is_xn_fault(ifsr)) {
++ if (current->signal->curr_ip)
++ printk(KERN_ERR "PAX: From %pI4: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n",
++ ¤t->signal->curr_ip, current->comm, task_pid_nr(current), current_uid(), current_euid(),
++ addr >= TASK_SIZE ? "non-executable kernel" : "userland", addr);
++ else
++ printk(KERN_ERR "PAX: %s:%d, uid/euid: %u/%u, attempted to execute %s memory at %08lx\n",
++ current->comm, task_pid_nr(current), current_uid(), current_euid(),
++ addr >= TASK_SIZE ? "non-executable kernel" : "userland", addr);
+ goto die;
+ }
+#endif
@@ -2380,7 +2424,7 @@ index 5dbf13f..2a853f8 100644
info.si_errno = 0;
info.si_code = inf->code;
diff --git a/arch/arm/mm/fault.h b/arch/arm/mm/fault.h
-index cf08bdf..5457296 100644
+index cf08bdf..f1a0383 100644
--- a/arch/arm/mm/fault.h
+++ b/arch/arm/mm/fault.h
@@ -3,6 +3,7 @@
@@ -2396,7 +2440,7 @@ index cf08bdf..5457296 100644
#endif
+/* valid for LPAE and !LPAE */
-+static inline int is_pxn_fault(unsigned int fsr)
++static inline int is_xn_fault(unsigned int fsr)
+{
+ return ((fsr_fs(fsr) & 0x3c) == 0xc);
+}
@@ -35750,6 +35794,17 @@ index a0e1720..ee63d0b 100644
if (is_on_stack) {
/*
* dma onto stack is unsafe/nonportable, but callers to this
+diff --git a/drivers/mmc/host/dw_mmc.h b/drivers/mmc/host/dw_mmc.h
+index 53b8fd9..615b462 100644
+--- a/drivers/mmc/host/dw_mmc.h
++++ b/drivers/mmc/host/dw_mmc.h
+@@ -205,5 +205,5 @@ struct dw_mci_drv_data {
+ int (*parse_dt)(struct dw_mci *host);
+ int (*setup_bus)(struct dw_mci *host,
+ struct device_node *slot_np, u8 bus_width);
+-};
++} __do_const;
+ #endif /* _DW_MMC_H_ */
diff --git a/drivers/mtd/devices/doc2000.c b/drivers/mtd/devices/doc2000.c
index a4eb8b5..8c0628f 100644
--- a/drivers/mtd/devices/doc2000.c
@@ -35787,6 +35842,23 @@ index 51b9d6a..52af9a7 100644
#include <linux/mtd/mtd.h>
#include <linux/mtd/nand.h>
#include <linux/mtd/nftl.h>
+diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c
+index 203ff9d..0968ca8 100644
+--- a/drivers/net/ethernet/8390/ax88796.c
++++ b/drivers/net/ethernet/8390/ax88796.c
+@@ -872,9 +872,11 @@ static int ax_probe(struct platform_device *pdev)
+ if (ax->plat->reg_offsets)
+ ei_local->reg_offset = ax->plat->reg_offsets;
+ else {
++ resource_size_t _mem_size = mem_size;
++ do_div(_mem_size, 0x18);
+ ei_local->reg_offset = ax->reg_offsets;
+ for (ret = 0; ret < 0x18; ret++)
+- ax->reg_offsets[ret] = (mem_size / 0x18) * ret;
++ ax->reg_offsets[ret] = _mem_size * ret;
+ }
+
+ if (!request_mem_region(mem->start, mem_size, pdev->name)) {
diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h
index acf2fe4..25cf8fd 100644
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.h
@@ -53070,10 +53142,10 @@ index 0000000..1b9afa9
+endif
diff --git a/grsecurity/gracl.c b/grsecurity/gracl.c
new file mode 100644
-index 0000000..b1810d9
+index 0000000..78353bd
--- /dev/null
+++ b/grsecurity/gracl.c
-@@ -0,0 +1,4056 @@
+@@ -0,0 +1,4039 @@
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sched.h>
@@ -54254,14 +54326,6 @@ index 0000000..b1810d9
+ break;
+
+ userp = s_tmp.prev;
-+ /* do not count nested subjects against this count, since
-+ they are not included in the hash table, but are
-+ attached to objects. We have already counted
-+ the subjects in userspace for the allocation
-+ stack
-+ */
-+ if (!(s_tmp.mode & GR_NESTED))
-+ num++;
+ }
+
+ return num;
@@ -54539,15 +54603,6 @@ index 0000000..b1810d9
+ sizeof (struct acl_subject_label)))
+ return -EFAULT;
+
-+ /* do not add nested subjects here, add
-+ while parsing objects
-+ */
-+
-+ if (s_pre.mode & GR_NESTED) {
-+ userp = s_pre.prev;
-+ continue;
-+ }
-+
+ ret = do_copy_user_subj(userp, role, NULL);
+
+ err = PTR_ERR(ret);
@@ -63615,7 +63670,7 @@ index 0000000..323ecf2
+#endif
diff --git a/include/linux/grdefs.h b/include/linux/grdefs.h
new file mode 100644
-index 0000000..b30e9bc
+index 0000000..be66033
--- /dev/null
+++ b/include/linux/grdefs.h
@@ -0,0 +1,140 @@
@@ -63703,7 +63758,7 @@ index 0000000..b30e9bc
+ GR_PROTPROCFD = 0x00000400,
+ GR_PROCACCT = 0x00000800,
+ GR_RELAXPTRACE = 0x00001000,
-+ GR_NESTED = 0x00002000,
++ //GR_NESTED = 0x00002000,
+ GR_INHERITLEARN = 0x00004000,
+ GR_PROCFIND = 0x00008000,
+ GR_POVERRIDE = 0x00010000,
@@ -64781,6 +64836,20 @@ index 77eeeda..062ed69c 100644
struct ata_port_info {
unsigned long flags;
+diff --git a/include/linux/list.h b/include/linux/list.h
+index cc6d2aa..71febca 100644
+--- a/include/linux/list.h
++++ b/include/linux/list.h
+@@ -112,6 +112,9 @@ extern void __list_del_entry(struct list_head *entry);
+ extern void list_del(struct list_head *entry);
+ #endif
+
++extern void pax_list_add_tail(struct list_head *new, struct list_head *head);
++extern void pax_list_del(struct list_head *entry);
++
+ /**
+ * list_replace - replace old entry by new one
+ * @old : the element to be replaced
diff --git a/include/linux/memory.h b/include/linux/memory.h
index ff9a9f8..c715deb 100644
--- a/include/linux/memory.h
@@ -73561,6 +73630,19 @@ index 28e9d6c9..50381bd 100644
help
This option lets you use the FireWire bus for remote debugging
with help of the firewire-ohci driver. It enables unfiltered
+diff --git a/lib/Makefile b/lib/Makefile
+index a08b791..a3ff1eb 100644
+--- a/lib/Makefile
++++ b/lib/Makefile
+@@ -46,7 +46,7 @@ obj-$(CONFIG_GENERIC_HWEIGHT) += hweight.o
+
+ obj-$(CONFIG_BTREE) += btree.o
+ obj-$(CONFIG_DEBUG_PREEMPT) += smp_processor_id.o
+-obj-$(CONFIG_DEBUG_LIST) += list_debug.o
++obj-y += list_debug.o
+ obj-$(CONFIG_DEBUG_OBJECTS) += debugobjects.o
+
+ ifneq ($(CONFIG_HAVE_DEC_LOCK),y)
diff --git a/lib/bitmap.c b/lib/bitmap.c
index 06fdfa1..97c5c7d 100644
--- a/lib/bitmap.c
@@ -73721,12 +73803,29 @@ index bd2bea9..6b3c95e 100644
return false;
diff --git a/lib/list_debug.c b/lib/list_debug.c
-index c24c2f7..bef49ee 100644
+index c24c2f7..3fc5da0 100644
--- a/lib/list_debug.c
+++ b/lib/list_debug.c
-@@ -23,17 +23,19 @@ void __list_add(struct list_head *new,
- struct list_head *prev,
- struct list_head *next)
+@@ -11,7 +11,9 @@
+ #include <linux/bug.h>
+ #include <linux/kernel.h>
+ #include <linux/rculist.h>
++#include <linux/mm.h>
+
++#ifdef CONFIG_DEBUG_LIST
+ /*
+ * Insert a new entry between two known consecutive entries.
+ *
+@@ -19,21 +21,32 @@
+ * the prev/next entries already!
+ */
+
+-void __list_add(struct list_head *new,
+- struct list_head *prev,
+- struct list_head *next)
++static bool __list_add_debug(struct list_head *new,
++ struct list_head *prev,
++ struct list_head *next)
{
- WARN(next->prev != prev,
+ if (WARN(next->prev != prev,
@@ -73745,12 +73844,48 @@ index c24c2f7..bef49ee 100644
"list_add double add: new=%p, prev=%p, next=%p.\n",
- new, prev, next);
+ new, prev, next))
++ return false;
++ return true;
++}
++
++void __list_add(struct list_head *new,
++ struct list_head *prev,
++ struct list_head *next)
++{
++ if (!__list_add_debug(new, prev, next))
+ return;
+
next->prev = new;
new->next = next;
new->prev = prev;
-@@ -86,12 +88,14 @@ EXPORT_SYMBOL(list_del);
+@@ -41,7 +54,7 @@ void __list_add(struct list_head *new,
+ }
+ EXPORT_SYMBOL(__list_add);
+
+-void __list_del_entry(struct list_head *entry)
++static bool __list_del_entry_debug(struct list_head *entry)
+ {
+ struct list_head *prev, *next;
+
+@@ -60,9 +73,16 @@ void __list_del_entry(struct list_head *entry)
+ WARN(next->prev != entry,
+ "list_del corruption. next->prev should be %p, "
+ "but was %p\n", entry, next->prev))
++ return false;
++ return true;
++}
++
++void __list_del_entry(struct list_head *entry)
++{
++ if (!__list_del_entry_debug(entry))
+ return;
+
+- __list_del(prev, next);
++ __list_del(entry->prev, entry->next);
+ }
+ EXPORT_SYMBOL(__list_del_entry);
+
+@@ -86,15 +106,54 @@ EXPORT_SYMBOL(list_del);
void __list_add_rcu(struct list_head *new,
struct list_head *prev, struct list_head *next)
{
@@ -73769,6 +73904,46 @@ index c24c2f7..bef49ee 100644
new->next = next;
new->prev = prev;
rcu_assign_pointer(list_next_rcu(prev), new);
+ next->prev = new;
+ }
+ EXPORT_SYMBOL(__list_add_rcu);
++#endif
++
++void pax_list_add_tail(struct list_head *new, struct list_head *head)
++{
++ struct list_head *prev, *next;
++
++ prev = head->prev;
++ next = head;
++
++#ifdef CONFIG_DEBUG_LIST
++ if (!__list_add_debug(new, prev, next))
++ return;
++#endif
++
++ pax_open_kernel();
++ next->prev = new;
++ new->next = next;
++ new->prev = prev;
++ prev->next = new;
++ pax_close_kernel();
++}
++EXPORT_SYMBOL(pax_list_add_tail);
++
++void pax_list_del(struct list_head *entry)
++{
++#ifdef CONFIG_DEBUG_LIST
++ if (!__list_del_entry_debug(entry))
++ return;
++#endif
++
++ pax_open_kernel();
++ __list_del(entry->prev, entry->next);
++ entry->next = LIST_POISON1;
++ entry->prev = LIST_POISON2;
++ pax_close_kernel();
++}
++EXPORT_SYMBOL(pax_list_del);
diff --git a/lib/radix-tree.c b/lib/radix-tree.c
index e796429..6e38f9f 100644
--- a/lib/radix-tree.c
@@ -75006,7 +75181,7 @@ index 221fc9f..d1d4db1 100644
return 0;
}
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
-index 4ea600d..1cd61c2 100644
+index 4ea600d..9429765 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -655,6 +655,10 @@ static int mbind_range(struct mm_struct *mm, unsigned long start,
@@ -75085,6 +75260,128 @@ index 4ea600d..1cd61c2 100644
err = do_migrate_pages(mm, old, new,
capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
+@@ -2372,8 +2406,7 @@ void numa_default_policy(void)
+ */
+
+ /*
+- * "local" is pseudo-policy: MPOL_PREFERRED with MPOL_F_LOCAL flag
+- * Used only for mpol_parse_str() and mpol_to_str()
++ * "local" is implemented internally by MPOL_PREFERRED with MPOL_F_LOCAL flag.
+ */
+ #define MPOL_LOCAL MPOL_MAX
+ static const char * const policy_modes[] =
+@@ -2388,28 +2421,21 @@ static const char * const policy_modes[] =
+
+ #ifdef CONFIG_TMPFS
+ /**
+- * mpol_parse_str - parse string to mempolicy
++ * mpol_parse_str - parse string to mempolicy, for tmpfs mpol mount option.
+ * @str: string containing mempolicy to parse
+ * @mpol: pointer to struct mempolicy pointer, returned on success.
+- * @no_context: flag whether to "contextualize" the mempolicy
++ * @unused: redundant argument, to be removed later.
+ *
+ * Format of input:
+ * <mode>[=<flags>][:<nodelist>]
+ *
+- * if @no_context is true, save the input nodemask in w.user_nodemask in
+- * the returned mempolicy. This will be used to "clone" the mempolicy in
+- * a specific context [cpuset] at a later time. Used to parse tmpfs mpol
+- * mount option. Note that if 'static' or 'relative' mode flags were
+- * specified, the input nodemask will already have been saved. Saving
+- * it again is redundant, but safe.
+- *
+ * On success, returns 0, else 1
+ */
+-int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
++int mpol_parse_str(char *str, struct mempolicy **mpol, int unused)
+ {
+ struct mempolicy *new = NULL;
+ unsigned short mode;
+- unsigned short uninitialized_var(mode_flags);
++ unsigned short mode_flags;
+ nodemask_t nodes;
+ char *nodelist = strchr(str, ':');
+ char *flags = strchr(str, '=');
+@@ -2497,24 +2523,23 @@ int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
+ if (IS_ERR(new))
+ goto out;
+
+- if (no_context) {
+- /* save for contextualization */
+- new->w.user_nodemask = nodes;
+- } else {
+- int ret;
+- NODEMASK_SCRATCH(scratch);
+- if (scratch) {
+- task_lock(current);
+- ret = mpol_set_nodemask(new, &nodes, scratch);
+- task_unlock(current);
+- } else
+- ret = -ENOMEM;
+- NODEMASK_SCRATCH_FREE(scratch);
+- if (ret) {
+- mpol_put(new);
+- goto out;
+- }
+- }
++ /*
++ * Save nodes for mpol_to_str() to show the tmpfs mount options
++ * for /proc/mounts, /proc/pid/mounts and /proc/pid/mountinfo.
++ */
++ if (mode != MPOL_PREFERRED)
++ new->v.nodes = nodes;
++ else if (nodelist)
++ new->v.preferred_node = first_node(nodes);
++ else
++ new->flags |= MPOL_F_LOCAL;
++
++ /*
++ * Save nodes for contextualization: this will be used to "clone"
++ * the mempolicy in a specific context [cpuset] at a later time.
++ */
++ new->w.user_nodemask = nodes;
++
+ err = 0;
+
+ out:
+@@ -2534,13 +2559,13 @@ out:
+ * @buffer: to contain formatted mempolicy string
+ * @maxlen: length of @buffer
+ * @pol: pointer to mempolicy to be formatted
+- * @no_context: "context free" mempolicy - use nodemask in w.user_nodemask
++ * @unused: redundant argument, to be removed later.
+ *
+ * Convert a mempolicy into a string.
+ * Returns the number of characters in buffer (if positive)
+ * or an error (negative)
+ */
+-int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
++int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int unused)
+ {
+ char *p = buffer;
+ int l;
+@@ -2566,7 +2591,7 @@ int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
+ case MPOL_PREFERRED:
+ nodes_clear(nodes);
+ if (flags & MPOL_F_LOCAL)
+- mode = MPOL_LOCAL; /* pseudo-policy */
++ mode = MPOL_LOCAL;
+ else
+ node_set(pol->v.preferred_node, nodes);
+ break;
+@@ -2574,10 +2599,7 @@ int mpol_to_str(char *buffer, int maxlen, struct mempolicy *pol, int no_context)
+ case MPOL_BIND:
+ /* Fall through */
+ case MPOL_INTERLEAVE:
+- if (no_context)
+- nodes = pol->w.user_nodemask;
+- else
+- nodes = pol->v.nodes;
++ nodes = pol->v.nodes;
+ break;
+
+ default:
diff --git a/mm/migrate.c b/mm/migrate.c
index 77ed2d7..317d528 100644
--- a/mm/migrate.c
@@ -81557,17 +81854,15 @@ index f226709..0e735a8 100644
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len);
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
-index ea14cb4..f27b19d 100644
+index ea14cb4..834e8e4 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
-@@ -1037,7 +1037,9 @@ void sctp_v6_pf_init(void)
+@@ -1037,7 +1037,7 @@ void sctp_v6_pf_init(void)
void sctp_v6_pf_exit(void)
{
- list_del(&sctp_af_inet6.list);
-+ pax_open_kernel();
-+ list_del((struct list_head *)&sctp_af_inet6.list);
-+ pax_close_kernel();
++ pax_list_del((struct list_head *)&sctp_af_inet6.list);
}
/* Initialize IPv6 support and register with socket layer. */
@@ -81586,7 +81881,7 @@ index 9966e7b..540c575 100644
assoc->assoc_id,
assoc->sndbuf_used,
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
-index 2d51842..ef112fb 100644
+index 2d51842..150ba5c 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -834,8 +834,10 @@ int sctp_register_af(struct sctp_af *af)
@@ -81597,19 +81892,17 @@ index 2d51842..ef112fb 100644
- list_add_tail(&af->list, &sctp_address_families);
+ pax_open_kernel();
+ INIT_LIST_HEAD((struct list_head *)&af->list);
-+ list_add_tail((struct list_head *)&af->list, &sctp_address_families);
+ pax_close_kernel();
++ pax_list_add_tail((struct list_head *)&af->list, &sctp_address_families);
return 1;
}
-@@ -1122,7 +1124,9 @@ static void sctp_v4_pf_init(void)
+@@ -1122,7 +1124,7 @@ static void sctp_v4_pf_init(void)
static void sctp_v4_pf_exit(void)
{
- list_del(&sctp_af_inet.list);
-+ pax_open_kernel();
-+ list_del((struct list_head *)&sctp_af_inet.list);
-+ pax_close_kernel();
++ pax_list_del((struct list_head *)&sctp_af_inet.list);
}
static int sctp_v4_protosw_init(void)
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2013-01-06 6:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-01-06 6:43 [gentoo-commits] proj/hardened-patchset:master commit in: 2.6.32/, 3.7.1/, 3.2.35/, 3.2.36/ Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox