* [gentoo-commits] proj/hardened-patchset:master commit in: 3.8.6/, 2.6.32/, 3.2.43/
@ 2013-04-13 17:35 Anthony G. Basile
0 siblings, 0 replies; 2+ messages in thread
From: Anthony G. Basile @ 2013-04-13 17:35 UTC (permalink / raw
To: gentoo-commits
commit: e5ef36600ab7b3d6eabcaa36f0129908540f97ed
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Fri Apr 12 10:39:36 2013 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Fri Apr 12 10:39:36 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=e5ef3660
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.43,3.8.6}-2.9.1-3.8.6-201304111817
---
2.6.32/0000_README | 2 +-
..._grsecurity-2.9.1-2.6.32.60-201304111811.patch} | 20 +-
3.2.43/0000_README | 2 +-
...420_grsecurity-2.9.1-3.2.43-201304111813.patch} | 51 +++-
3.8.6/0000_README | 2 +-
...4420_grsecurity-2.9.1-3.8.6-201304111817.patch} | 275 ++++++++++++++++++--
6 files changed, 316 insertions(+), 36 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 3154c9f..e34859b 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
index a2bcf7d..1520bdd 100644
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
@@ -108419,10 +108419,18 @@ index d9d6206..f19467e 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index 4872937..26ba80f 100644
+index 4872937..9c613c4 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1100,13 +1100,18 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -469,7 +469,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1100,13 +1099,18 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
ip = rec->ip;
@@ -108443,7 +108451,7 @@ index 4872937..26ba80f 100644
}
/*
-@@ -2726,7 +2731,7 @@ static int ftrace_module_notify(struct notifier_block *self,
+@@ -2726,7 +2730,7 @@ static int ftrace_module_notify(struct notifier_block *self,
struct notifier_block ftrace_module_nb = {
.notifier_call = ftrace_module_notify,
@@ -108452,7 +108460,7 @@ index 4872937..26ba80f 100644
};
extern unsigned long __start_mcount_loc[];
-@@ -3068,8 +3073,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -3068,8 +3072,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -108461,7 +108469,7 @@ index 4872937..26ba80f 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -3213,6 +3216,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -3213,6 +3215,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -108472,7 +108480,7 @@ index 4872937..26ba80f 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -3226,7 +3233,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -3226,7 +3232,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
diff --git a/3.2.43/0000_README b/3.2.43/0000_README
index 6802de9..c2965ab 100644
--- a/3.2.43/0000_README
+++ b/3.2.43/0000_README
@@ -90,7 +90,7 @@ Patch: 1042_linux-3.2.43.patch
From: http://www.kernel.org
Desc: Linux 3.2.43
-Patch: 4420_grsecurity-2.9.1-3.2.43-201304102033.patch
+Patch: 4420_grsecurity-2.9.1-3.2.43-201304111813.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch b/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
similarity index 99%
rename from 3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch
rename to 3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
index a16b135..84d2f5a 100644
--- a/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch
+++ b/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
@@ -68472,7 +68472,7 @@ index a6deef4..c56a7f2 100644
and pointers */
#endif
diff --git a/include/linux/if_pppox.h b/include/linux/if_pppox.h
-index b5f927f..929b882 100644
+index b5f927f..929b882d 100644
--- a/include/linux/if_pppox.h
+++ b/include/linux/if_pppox.h
@@ -203,7 +203,7 @@ struct pppox_proto {
@@ -77936,10 +77936,18 @@ index 16fc34a..efd8bb8 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index 0943d2a..76cb5bc 100644
+index 0943d2a..f1f2d73 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1587,12 +1587,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -572,7 +572,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1587,12 +1586,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
if (unlikely(ftrace_disabled))
return 0;
@@ -77959,7 +77967,7 @@ index 0943d2a..76cb5bc 100644
}
/*
-@@ -2608,7 +2613,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
+@@ -2608,7 +2612,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
int
register_ftrace_function_probe(char *glob, struct ftrace_probe_ops *ops,
@@ -77968,7 +77976,7 @@ index 0943d2a..76cb5bc 100644
{
struct ftrace_func_probe *entry;
struct ftrace_page *pg;
-@@ -3986,8 +3991,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -3986,8 +3990,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -77977,7 +77985,7 @@ index 0943d2a..76cb5bc 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -4131,6 +4134,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -4131,6 +4133,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -77988,7 +77996,7 @@ index 0943d2a..76cb5bc 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -4144,7 +4151,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -4144,7 +4150,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
@@ -84835,7 +84843,7 @@ index 0ce2ad0..cb92a90 100644
};
diff --git a/net/can/gw.c b/net/can/gw.c
-index 3d79b12..a9f0846 100644
+index 3d79b12..d7aa843 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -67,7 +67,6 @@ MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
@@ -84846,6 +84854,33 @@ index 3d79b12..a9f0846 100644
static struct kmem_cache *cgw_cache __read_mostly;
+@@ -436,7 +435,7 @@ static int cgw_notifier(struct notifier_block *nb,
+ if (gwj->src.dev == dev || gwj->dst.dev == dev) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+ }
+@@ -850,7 +849,7 @@ static void cgw_remove_all_jobs(void)
+ hlist_for_each_entry_safe(gwj, n, nx, &cgw_list, list) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+
+@@ -903,7 +902,7 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
+
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ err = 0;
+ break;
+ }
@@ -911,6 +910,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
return err;
}
diff --git a/3.8.6/0000_README b/3.8.6/0000_README
index bf971ed..e81d7f0 100644
--- a/3.8.6/0000_README
+++ b/3.8.6/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9.1-3.8.6-201304102034.patch
+Patch: 4420_grsecurity-2.9.1-3.8.6-201304111817.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch b/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
similarity index 99%
rename from 3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch
rename to 3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
index a1f299e..a155950 100644
--- a/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch
+++ b/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
@@ -31555,10 +31555,46 @@ index 2262003..f229ced 100644
};
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
-index 01de35c..0bda07b 100644
+index 01de35c..692023f 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
-@@ -1881,6 +1881,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+@@ -1739,14 +1739,18 @@ static void *m2v(phys_addr_t maddr)
+ }
+
+ /* Set the page permissions on an identity-mapped pages */
+-static void set_page_prot(void *addr, pgprot_t prot)
++static void set_page_prot_flags(void *addr, pgprot_t prot, unsigned long flags)
+ {
+ unsigned long pfn = __pa(addr) >> PAGE_SHIFT;
+ pte_t pte = pfn_pte(pfn, prot);
+
+- if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0))
++ if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, flags))
+ BUG();
+ }
++static void set_page_prot(void *addr, pgprot_t prot)
++{
++ return set_page_prot_flags(addr, prot, UVMF_NONE);
++}
+ #ifdef CONFIG_X86_32
+ static void __init xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
+ {
+@@ -1830,12 +1834,12 @@ static void __init check_pt_base(unsigned long *pt_base, unsigned long *pt_end,
+ unsigned long addr)
+ {
+ if (*pt_base == PFN_DOWN(__pa(addr))) {
+- set_page_prot((void *)addr, PAGE_KERNEL);
++ set_page_prot_flags((void *)addr, PAGE_KERNEL, UVMF_INVLPG);
+ clear_page((void *)addr);
+ (*pt_base)++;
+ }
+ if (*pt_end == PFN_DOWN(__pa(addr))) {
+- set_page_prot((void *)addr, PAGE_KERNEL);
++ set_page_prot_flags((void *)addr, PAGE_KERNEL, UVMF_INVLPG);
+ clear_page((void *)addr);
+ (*pt_end)--;
+ }
+@@ -1881,6 +1885,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
/* L3_k[510] -> level2_kernel_pgt
* L3_i[511] -> level2_fixmap_pgt */
convert_pfn_mfn(level3_kernel_pgt);
@@ -31568,7 +31604,7 @@ index 01de35c..0bda07b 100644
/* We get [511][511] and have Xen's version of level2_kernel_pgt */
l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd);
-@@ -1910,8 +1913,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+@@ -1910,8 +1917,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
@@ -31581,7 +31617,7 @@ index 01de35c..0bda07b 100644
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
-@@ -2097,6 +2104,7 @@ static void __init xen_post_allocator_init(void)
+@@ -2097,6 +2108,7 @@ static void __init xen_post_allocator_init(void)
pv_mmu_ops.set_pud = xen_set_pud;
#if PAGETABLE_LEVELS == 4
pv_mmu_ops.set_pgd = xen_set_pgd;
@@ -31589,7 +31625,7 @@ index 01de35c..0bda07b 100644
#endif
/* This will work as long as patching hasn't happened yet
-@@ -2178,6 +2186,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = {
+@@ -2178,6 +2190,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = {
.pud_val = PV_CALLEE_SAVE(xen_pud_val),
.make_pud = PV_CALLEE_SAVE(xen_make_pud),
.set_pgd = xen_set_pgd_hyper,
@@ -39762,6 +39798,27 @@ index 10bc093..a2fb42a 100644
}
return rval;
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+index 5523da3..4fcf274 100644
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+@@ -4767,7 +4767,7 @@ static void bnx2x_after_function_update(struct bnx2x *bp)
+ q);
+ }
+
+- if (!NO_FCOE(bp)) {
++ if (!NO_FCOE(bp) && CNIC_ENABLED(bp)) {
+ fp = &bp->fp[FCOE_IDX(bp)];
+ queue_params.q_obj = &bnx2x_sp_obj(bp, fp).q_obj;
+
+@@ -13047,6 +13047,7 @@ static int bnx2x_unregister_cnic(struct net_device *dev)
+ RCU_INIT_POINTER(bp->cnic_ops, NULL);
+ mutex_unlock(&bp->cnic_mutex);
+ synchronize_rcu();
++ bp->cnic_enabled = false;
+ kfree(bp->cnic_kwq);
+ bp->cnic_kwq = NULL;
+
diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c
index 09b625e..15b16fe 100644
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c
@@ -39887,6 +39944,142 @@ index b901a01..1ff32ee 100644
#include "ftmac100.h"
+diff --git a/drivers/net/ethernet/intel/e100.c b/drivers/net/ethernet/intel/e100.c
+index a59f077..7925d77 100644
+--- a/drivers/net/ethernet/intel/e100.c
++++ b/drivers/net/ethernet/intel/e100.c
+@@ -870,7 +870,7 @@ err_unlock:
+ }
+
+ static int e100_exec_cb(struct nic *nic, struct sk_buff *skb,
+- void (*cb_prepare)(struct nic *, struct cb *, struct sk_buff *))
++ int (*cb_prepare)(struct nic *, struct cb *, struct sk_buff *))
+ {
+ struct cb *cb;
+ unsigned long flags;
+@@ -888,10 +888,13 @@ static int e100_exec_cb(struct nic *nic, struct sk_buff *skb,
+ nic->cbs_avail--;
+ cb->skb = skb;
+
++ err = cb_prepare(nic, cb, skb);
++ if (err)
++ goto err_unlock;
++
+ if (unlikely(!nic->cbs_avail))
+ err = -ENOSPC;
+
+- cb_prepare(nic, cb, skb);
+
+ /* Order is important otherwise we'll be in a race with h/w:
+ * set S-bit in current first, then clear S-bit in previous. */
+@@ -1091,7 +1094,7 @@ static void e100_get_defaults(struct nic *nic)
+ nic->mii.mdio_write = mdio_write;
+ }
+
+-static void e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ struct config *config = &cb->u.config;
+ u8 *c = (u8 *)config;
+@@ -1181,6 +1184,7 @@ static void e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ netif_printk(nic, hw, KERN_DEBUG, nic->netdev,
+ "[16-23]=%02X:%02X:%02X:%02X:%02X:%02X:%02X:%02X\n",
+ c[16], c[17], c[18], c[19], c[20], c[21], c[22], c[23]);
++ return 0;
+ }
+
+ /*************************************************************************
+@@ -1331,7 +1335,7 @@ static const struct firmware *e100_request_firmware(struct nic *nic)
+ return fw;
+ }
+
+-static void e100_setup_ucode(struct nic *nic, struct cb *cb,
++static int e100_setup_ucode(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
+ const struct firmware *fw = (void *)skb;
+@@ -1358,6 +1362,7 @@ static void e100_setup_ucode(struct nic *nic, struct cb *cb,
+ cb->u.ucode[min_size] |= cpu_to_le32((BUNDLESMALL) ? 0xFFFF : 0xFF80);
+
+ cb->command = cpu_to_le16(cb_ucode | cb_el);
++ return 0;
+ }
+
+ static inline int e100_load_ucode_wait(struct nic *nic)
+@@ -1400,18 +1405,20 @@ static inline int e100_load_ucode_wait(struct nic *nic)
+ return err;
+ }
+
+-static void e100_setup_iaaddr(struct nic *nic, struct cb *cb,
++static int e100_setup_iaaddr(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
+ cb->command = cpu_to_le16(cb_iaaddr);
+ memcpy(cb->u.iaaddr, nic->netdev->dev_addr, ETH_ALEN);
++ return 0;
+ }
+
+-static void e100_dump(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_dump(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ cb->command = cpu_to_le16(cb_dump);
+ cb->u.dump_buffer_addr = cpu_to_le32(nic->dma_addr +
+ offsetof(struct mem, dump_buf));
++ return 0;
+ }
+
+ static int e100_phy_check_without_mii(struct nic *nic)
+@@ -1581,7 +1588,7 @@ static int e100_hw_init(struct nic *nic)
+ return 0;
+ }
+
+-static void e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ struct net_device *netdev = nic->netdev;
+ struct netdev_hw_addr *ha;
+@@ -1596,6 +1603,7 @@ static void e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ memcpy(&cb->u.multi.addr[i++ * ETH_ALEN], &ha->addr,
+ ETH_ALEN);
+ }
++ return 0;
+ }
+
+ static void e100_set_multicast_list(struct net_device *netdev)
+@@ -1756,11 +1764,18 @@ static void e100_watchdog(unsigned long data)
+ round_jiffies(jiffies + E100_WATCHDOG_PERIOD));
+ }
+
+-static void e100_xmit_prepare(struct nic *nic, struct cb *cb,
++static int e100_xmit_prepare(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
++ dma_addr_t dma_addr;
+ cb->command = nic->tx_command;
+
++ dma_addr = pci_map_single(nic->pdev,
++ skb->data, skb->len, PCI_DMA_TODEVICE);
++ /* If we can't map the skb, have the upper layer try later */
++ if (pci_dma_mapping_error(nic->pdev, dma_addr))
++ return -ENOMEM;
++
+ /*
+ * Use the last 4 bytes of the SKB payload packet as the CRC, used for
+ * testing, ie sending frames with bad CRC.
+@@ -1777,11 +1792,10 @@ static void e100_xmit_prepare(struct nic *nic, struct cb *cb,
+ cb->u.tcb.tcb_byte_count = 0;
+ cb->u.tcb.threshold = nic->tx_threshold;
+ cb->u.tcb.tbd_count = 1;
+- cb->u.tcb.tbd.buf_addr = cpu_to_le32(pci_map_single(nic->pdev,
+- skb->data, skb->len, PCI_DMA_TODEVICE));
+- /* check for mapping failure? */
++ cb->u.tcb.tbd.buf_addr = cpu_to_le32(dma_addr);
+ cb->u.tcb.tbd.size = cpu_to_le16(skb->len);
+ skb_tx_timestamp(skb);
++ return 0;
+ }
+
+ static netdev_tx_t e100_xmit_frame(struct sk_buff *skb,
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c
index bb9256a..56d8752 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c
@@ -54143,7 +54336,7 @@ index ebeb94c..ff35337 100644
void nfs_fattr_init(struct nfs_fattr *fattr)
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
-index 2e9779b..5a43da0 100644
+index 2e9779b..c53189d 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -300,7 +300,7 @@ int nfs40_walk_client_list(struct nfs_client *new,
@@ -54225,12 +54418,13 @@ index 2e9779b..5a43da0 100644
if (pos->rpc_ops != new->rpc_ops)
continue;
-@@ -469,17 +481,17 @@ int nfs41_walk_client_list(struct nfs_client *new,
+@@ -469,17 +481,18 @@ int nfs41_walk_client_list(struct nfs_client *new,
continue;
atomic_inc(&pos->cl_count);
- spin_unlock(&nn->nfs_client_lock);
+ *result = pos;
++ status = 0;
dprintk("NFS: <-- %s using nfs_client = %p ({%d})\n",
__func__, pos, atomic_read(&pos->cl_count));
-
@@ -79381,10 +79575,18 @@ index c0bd030..62a1927 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index b27052c..0e1af95 100644
+index b27052c..d99d82a 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1874,12 +1874,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -668,7 +668,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1874,12 +1873,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
if (unlikely(ftrace_disabled))
return 0;
@@ -79404,7 +79606,7 @@ index b27052c..0e1af95 100644
}
/*
-@@ -2965,7 +2970,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
+@@ -2965,7 +2969,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
int
register_ftrace_function_probe(char *glob, struct ftrace_probe_ops *ops,
@@ -79413,7 +79615,7 @@ index b27052c..0e1af95 100644
{
struct ftrace_func_probe *entry;
struct ftrace_page *pg;
-@@ -3832,8 +3837,10 @@ static int ftrace_process_locs(struct module *mod,
+@@ -3832,8 +3836,10 @@ static int ftrace_process_locs(struct module *mod,
if (!count)
return 0;
@@ -79424,7 +79626,7 @@ index b27052c..0e1af95 100644
start_pg = ftrace_allocate_pages(count);
if (!start_pg)
-@@ -4559,8 +4566,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -4559,8 +4565,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -79433,7 +79635,7 @@ index b27052c..0e1af95 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -4704,6 +4709,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -4704,6 +4708,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -79444,7 +79646,7 @@ index b27052c..0e1af95 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -4717,7 +4726,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -4717,7 +4725,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
@@ -85767,7 +85969,7 @@ index ddac1ee..3ee0a78 100644
};
diff --git a/net/can/gw.c b/net/can/gw.c
-index 574dda78e..3d2b3da 100644
+index 574dda78e..d42c4cd 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -67,7 +67,6 @@ MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
@@ -85778,6 +85980,33 @@ index 574dda78e..3d2b3da 100644
static struct kmem_cache *cgw_cache __read_mostly;
+@@ -436,7 +435,7 @@ static int cgw_notifier(struct notifier_block *nb,
+ if (gwj->src.dev == dev || gwj->dst.dev == dev) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+ }
+@@ -829,7 +828,7 @@ static void cgw_remove_all_jobs(void)
+ hlist_for_each_entry_safe(gwj, n, nx, &cgw_list, list) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+
+@@ -885,7 +884,7 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
+
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ err = 0;
+ break;
+ }
@@ -893,6 +892,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
return err;
}
@@ -88013,7 +88242,7 @@ index e85c48b..b8268d3 100644
struct ctl_table *ipv6_icmp_table;
int err;
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
-index 8d19346..e47216f 100644
+index 8d19346..f122ba5 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -103,6 +103,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
@@ -88027,7 +88256,15 @@ index 8d19346..e47216f 100644
static void tcp_v6_hash(struct sock *sk)
{
if (sk->sk_state != TCP_CLOSE) {
-@@ -1440,6 +1444,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
+@@ -386,6 +390,7 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+
+ if (dst)
+ dst->ops->redirect(dst, sk, skb);
++ goto out;
+ }
+
+ if (type == ICMPV6_PKT_TOOBIG) {
+@@ -1440,6 +1445,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
return 0;
reset:
@@ -88037,7 +88274,7 @@ index 8d19346..e47216f 100644
tcp_v6_send_reset(sk, skb);
discard:
if (opt_skb)
-@@ -1521,12 +1528,20 @@ static int tcp_v6_rcv(struct sk_buff *skb)
+@@ -1521,12 +1529,20 @@ static int tcp_v6_rcv(struct sk_buff *skb)
TCP_SKB_CB(skb)->sacked = 0;
sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
@@ -88060,7 +88297,7 @@ index 8d19346..e47216f 100644
if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
-@@ -1575,6 +1590,10 @@ no_tcp_socket:
+@@ -1575,6 +1591,10 @@ no_tcp_socket:
bad_packet:
TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
} else {
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] proj/hardened-patchset:master commit in: 3.8.6/, 2.6.32/, 3.2.43/
@ 2013-04-13 18:18 Anthony G. Basile
0 siblings, 0 replies; 2+ messages in thread
From: Anthony G. Basile @ 2013-04-13 18:18 UTC (permalink / raw
To: gentoo-commits
commit: bc371fc3e6797f6a9293d8bab888f587ea79bc98
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Fri Apr 12 10:39:36 2013 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Apr 13 18:17:54 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=bc371fc3
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.43,3.8.6}-201304111817
---
2.6.32/0000_README | 2 +-
..._grsecurity-2.9.1-2.6.32.60-201304111811.patch} | 20 +-
3.2.43/0000_README | 2 +-
...420_grsecurity-2.9.1-3.2.43-201304111813.patch} | 51 +++-
3.8.6/0000_README | 2 +-
...4420_grsecurity-2.9.1-3.8.6-201304111817.patch} | 275 ++++++++++++++++++--
6 files changed, 316 insertions(+), 36 deletions(-)
diff --git a/2.6.32/0000_README b/2.6.32/0000_README
index 3154c9f..e34859b 100644
--- a/2.6.32/0000_README
+++ b/2.6.32/0000_README
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch
From: http://www.kernel.org
Desc: Linux 2.6.32.59
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
similarity index 99%
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
index a2bcf7d..1520bdd 100644
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304102018.patch
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201304111811.patch
@@ -108419,10 +108419,18 @@ index d9d6206..f19467e 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index 4872937..26ba80f 100644
+index 4872937..9c613c4 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1100,13 +1100,18 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -469,7 +469,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1100,13 +1099,18 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
ip = rec->ip;
@@ -108443,7 +108451,7 @@ index 4872937..26ba80f 100644
}
/*
-@@ -2726,7 +2731,7 @@ static int ftrace_module_notify(struct notifier_block *self,
+@@ -2726,7 +2730,7 @@ static int ftrace_module_notify(struct notifier_block *self,
struct notifier_block ftrace_module_nb = {
.notifier_call = ftrace_module_notify,
@@ -108452,7 +108460,7 @@ index 4872937..26ba80f 100644
};
extern unsigned long __start_mcount_loc[];
-@@ -3068,8 +3073,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -3068,8 +3072,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -108461,7 +108469,7 @@ index 4872937..26ba80f 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -3213,6 +3216,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -3213,6 +3215,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -108472,7 +108480,7 @@ index 4872937..26ba80f 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -3226,7 +3233,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -3226,7 +3232,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
diff --git a/3.2.43/0000_README b/3.2.43/0000_README
index 6802de9..c2965ab 100644
--- a/3.2.43/0000_README
+++ b/3.2.43/0000_README
@@ -90,7 +90,7 @@ Patch: 1042_linux-3.2.43.patch
From: http://www.kernel.org
Desc: Linux 3.2.43
-Patch: 4420_grsecurity-2.9.1-3.2.43-201304102033.patch
+Patch: 4420_grsecurity-2.9.1-3.2.43-201304111813.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch b/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
similarity index 99%
rename from 3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch
rename to 3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
index a16b135..84d2f5a 100644
--- a/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304102033.patch
+++ b/3.2.43/4420_grsecurity-2.9.1-3.2.43-201304111813.patch
@@ -68472,7 +68472,7 @@ index a6deef4..c56a7f2 100644
and pointers */
#endif
diff --git a/include/linux/if_pppox.h b/include/linux/if_pppox.h
-index b5f927f..929b882 100644
+index b5f927f..929b882d 100644
--- a/include/linux/if_pppox.h
+++ b/include/linux/if_pppox.h
@@ -203,7 +203,7 @@ struct pppox_proto {
@@ -77936,10 +77936,18 @@ index 16fc34a..efd8bb8 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index 0943d2a..76cb5bc 100644
+index 0943d2a..f1f2d73 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1587,12 +1587,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -572,7 +572,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1587,12 +1586,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
if (unlikely(ftrace_disabled))
return 0;
@@ -77959,7 +77967,7 @@ index 0943d2a..76cb5bc 100644
}
/*
-@@ -2608,7 +2613,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
+@@ -2608,7 +2612,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
int
register_ftrace_function_probe(char *glob, struct ftrace_probe_ops *ops,
@@ -77968,7 +77976,7 @@ index 0943d2a..76cb5bc 100644
{
struct ftrace_func_probe *entry;
struct ftrace_page *pg;
-@@ -3986,8 +3991,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -3986,8 +3990,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -77977,7 +77985,7 @@ index 0943d2a..76cb5bc 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -4131,6 +4134,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -4131,6 +4133,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -77988,7 +77996,7 @@ index 0943d2a..76cb5bc 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -4144,7 +4151,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -4144,7 +4150,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
@@ -84835,7 +84843,7 @@ index 0ce2ad0..cb92a90 100644
};
diff --git a/net/can/gw.c b/net/can/gw.c
-index 3d79b12..a9f0846 100644
+index 3d79b12..d7aa843 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -67,7 +67,6 @@ MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
@@ -84846,6 +84854,33 @@ index 3d79b12..a9f0846 100644
static struct kmem_cache *cgw_cache __read_mostly;
+@@ -436,7 +435,7 @@ static int cgw_notifier(struct notifier_block *nb,
+ if (gwj->src.dev == dev || gwj->dst.dev == dev) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+ }
+@@ -850,7 +849,7 @@ static void cgw_remove_all_jobs(void)
+ hlist_for_each_entry_safe(gwj, n, nx, &cgw_list, list) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+
+@@ -903,7 +902,7 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
+
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ err = 0;
+ break;
+ }
@@ -911,6 +910,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
return err;
}
diff --git a/3.8.6/0000_README b/3.8.6/0000_README
index bf971ed..e81d7f0 100644
--- a/3.8.6/0000_README
+++ b/3.8.6/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-2.9.1-3.8.6-201304102034.patch
+Patch: 4420_grsecurity-2.9.1-3.8.6-201304111817.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch b/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
similarity index 99%
rename from 3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch
rename to 3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
index a1f299e..a155950 100644
--- a/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304102034.patch
+++ b/3.8.6/4420_grsecurity-2.9.1-3.8.6-201304111817.patch
@@ -31555,10 +31555,46 @@ index 2262003..f229ced 100644
};
diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c
-index 01de35c..0bda07b 100644
+index 01de35c..692023f 100644
--- a/arch/x86/xen/mmu.c
+++ b/arch/x86/xen/mmu.c
-@@ -1881,6 +1881,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+@@ -1739,14 +1739,18 @@ static void *m2v(phys_addr_t maddr)
+ }
+
+ /* Set the page permissions on an identity-mapped pages */
+-static void set_page_prot(void *addr, pgprot_t prot)
++static void set_page_prot_flags(void *addr, pgprot_t prot, unsigned long flags)
+ {
+ unsigned long pfn = __pa(addr) >> PAGE_SHIFT;
+ pte_t pte = pfn_pte(pfn, prot);
+
+- if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0))
++ if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, flags))
+ BUG();
+ }
++static void set_page_prot(void *addr, pgprot_t prot)
++{
++ return set_page_prot_flags(addr, prot, UVMF_NONE);
++}
+ #ifdef CONFIG_X86_32
+ static void __init xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn)
+ {
+@@ -1830,12 +1834,12 @@ static void __init check_pt_base(unsigned long *pt_base, unsigned long *pt_end,
+ unsigned long addr)
+ {
+ if (*pt_base == PFN_DOWN(__pa(addr))) {
+- set_page_prot((void *)addr, PAGE_KERNEL);
++ set_page_prot_flags((void *)addr, PAGE_KERNEL, UVMF_INVLPG);
+ clear_page((void *)addr);
+ (*pt_base)++;
+ }
+ if (*pt_end == PFN_DOWN(__pa(addr))) {
+- set_page_prot((void *)addr, PAGE_KERNEL);
++ set_page_prot_flags((void *)addr, PAGE_KERNEL, UVMF_INVLPG);
+ clear_page((void *)addr);
+ (*pt_end)--;
+ }
+@@ -1881,6 +1885,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
/* L3_k[510] -> level2_kernel_pgt
* L3_i[511] -> level2_fixmap_pgt */
convert_pfn_mfn(level3_kernel_pgt);
@@ -31568,7 +31604,7 @@ index 01de35c..0bda07b 100644
/* We get [511][511] and have Xen's version of level2_kernel_pgt */
l3 = m2v(pgd[pgd_index(__START_KERNEL_map)].pgd);
-@@ -1910,8 +1913,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
+@@ -1910,8 +1917,12 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn)
set_page_prot(init_level4_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO);
set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO);
@@ -31581,7 +31617,7 @@ index 01de35c..0bda07b 100644
set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO);
set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO);
-@@ -2097,6 +2104,7 @@ static void __init xen_post_allocator_init(void)
+@@ -2097,6 +2108,7 @@ static void __init xen_post_allocator_init(void)
pv_mmu_ops.set_pud = xen_set_pud;
#if PAGETABLE_LEVELS == 4
pv_mmu_ops.set_pgd = xen_set_pgd;
@@ -31589,7 +31625,7 @@ index 01de35c..0bda07b 100644
#endif
/* This will work as long as patching hasn't happened yet
-@@ -2178,6 +2186,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = {
+@@ -2178,6 +2190,7 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = {
.pud_val = PV_CALLEE_SAVE(xen_pud_val),
.make_pud = PV_CALLEE_SAVE(xen_make_pud),
.set_pgd = xen_set_pgd_hyper,
@@ -39762,6 +39798,27 @@ index 10bc093..a2fb42a 100644
}
return rval;
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+index 5523da3..4fcf274 100644
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+@@ -4767,7 +4767,7 @@ static void bnx2x_after_function_update(struct bnx2x *bp)
+ q);
+ }
+
+- if (!NO_FCOE(bp)) {
++ if (!NO_FCOE(bp) && CNIC_ENABLED(bp)) {
+ fp = &bp->fp[FCOE_IDX(bp)];
+ queue_params.q_obj = &bnx2x_sp_obj(bp, fp).q_obj;
+
+@@ -13047,6 +13047,7 @@ static int bnx2x_unregister_cnic(struct net_device *dev)
+ RCU_INIT_POINTER(bp->cnic_ops, NULL);
+ mutex_unlock(&bp->cnic_mutex);
+ synchronize_rcu();
++ bp->cnic_enabled = false;
+ kfree(bp->cnic_kwq);
+ bp->cnic_kwq = NULL;
+
diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c
index 09b625e..15b16fe 100644
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_sp.c
@@ -39887,6 +39944,142 @@ index b901a01..1ff32ee 100644
#include "ftmac100.h"
+diff --git a/drivers/net/ethernet/intel/e100.c b/drivers/net/ethernet/intel/e100.c
+index a59f077..7925d77 100644
+--- a/drivers/net/ethernet/intel/e100.c
++++ b/drivers/net/ethernet/intel/e100.c
+@@ -870,7 +870,7 @@ err_unlock:
+ }
+
+ static int e100_exec_cb(struct nic *nic, struct sk_buff *skb,
+- void (*cb_prepare)(struct nic *, struct cb *, struct sk_buff *))
++ int (*cb_prepare)(struct nic *, struct cb *, struct sk_buff *))
+ {
+ struct cb *cb;
+ unsigned long flags;
+@@ -888,10 +888,13 @@ static int e100_exec_cb(struct nic *nic, struct sk_buff *skb,
+ nic->cbs_avail--;
+ cb->skb = skb;
+
++ err = cb_prepare(nic, cb, skb);
++ if (err)
++ goto err_unlock;
++
+ if (unlikely(!nic->cbs_avail))
+ err = -ENOSPC;
+
+- cb_prepare(nic, cb, skb);
+
+ /* Order is important otherwise we'll be in a race with h/w:
+ * set S-bit in current first, then clear S-bit in previous. */
+@@ -1091,7 +1094,7 @@ static void e100_get_defaults(struct nic *nic)
+ nic->mii.mdio_write = mdio_write;
+ }
+
+-static void e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ struct config *config = &cb->u.config;
+ u8 *c = (u8 *)config;
+@@ -1181,6 +1184,7 @@ static void e100_configure(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ netif_printk(nic, hw, KERN_DEBUG, nic->netdev,
+ "[16-23]=%02X:%02X:%02X:%02X:%02X:%02X:%02X:%02X\n",
+ c[16], c[17], c[18], c[19], c[20], c[21], c[22], c[23]);
++ return 0;
+ }
+
+ /*************************************************************************
+@@ -1331,7 +1335,7 @@ static const struct firmware *e100_request_firmware(struct nic *nic)
+ return fw;
+ }
+
+-static void e100_setup_ucode(struct nic *nic, struct cb *cb,
++static int e100_setup_ucode(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
+ const struct firmware *fw = (void *)skb;
+@@ -1358,6 +1362,7 @@ static void e100_setup_ucode(struct nic *nic, struct cb *cb,
+ cb->u.ucode[min_size] |= cpu_to_le32((BUNDLESMALL) ? 0xFFFF : 0xFF80);
+
+ cb->command = cpu_to_le16(cb_ucode | cb_el);
++ return 0;
+ }
+
+ static inline int e100_load_ucode_wait(struct nic *nic)
+@@ -1400,18 +1405,20 @@ static inline int e100_load_ucode_wait(struct nic *nic)
+ return err;
+ }
+
+-static void e100_setup_iaaddr(struct nic *nic, struct cb *cb,
++static int e100_setup_iaaddr(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
+ cb->command = cpu_to_le16(cb_iaaddr);
+ memcpy(cb->u.iaaddr, nic->netdev->dev_addr, ETH_ALEN);
++ return 0;
+ }
+
+-static void e100_dump(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_dump(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ cb->command = cpu_to_le16(cb_dump);
+ cb->u.dump_buffer_addr = cpu_to_le32(nic->dma_addr +
+ offsetof(struct mem, dump_buf));
++ return 0;
+ }
+
+ static int e100_phy_check_without_mii(struct nic *nic)
+@@ -1581,7 +1588,7 @@ static int e100_hw_init(struct nic *nic)
+ return 0;
+ }
+
+-static void e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
++static int e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ {
+ struct net_device *netdev = nic->netdev;
+ struct netdev_hw_addr *ha;
+@@ -1596,6 +1603,7 @@ static void e100_multi(struct nic *nic, struct cb *cb, struct sk_buff *skb)
+ memcpy(&cb->u.multi.addr[i++ * ETH_ALEN], &ha->addr,
+ ETH_ALEN);
+ }
++ return 0;
+ }
+
+ static void e100_set_multicast_list(struct net_device *netdev)
+@@ -1756,11 +1764,18 @@ static void e100_watchdog(unsigned long data)
+ round_jiffies(jiffies + E100_WATCHDOG_PERIOD));
+ }
+
+-static void e100_xmit_prepare(struct nic *nic, struct cb *cb,
++static int e100_xmit_prepare(struct nic *nic, struct cb *cb,
+ struct sk_buff *skb)
+ {
++ dma_addr_t dma_addr;
+ cb->command = nic->tx_command;
+
++ dma_addr = pci_map_single(nic->pdev,
++ skb->data, skb->len, PCI_DMA_TODEVICE);
++ /* If we can't map the skb, have the upper layer try later */
++ if (pci_dma_mapping_error(nic->pdev, dma_addr))
++ return -ENOMEM;
++
+ /*
+ * Use the last 4 bytes of the SKB payload packet as the CRC, used for
+ * testing, ie sending frames with bad CRC.
+@@ -1777,11 +1792,10 @@ static void e100_xmit_prepare(struct nic *nic, struct cb *cb,
+ cb->u.tcb.tcb_byte_count = 0;
+ cb->u.tcb.threshold = nic->tx_threshold;
+ cb->u.tcb.tbd_count = 1;
+- cb->u.tcb.tbd.buf_addr = cpu_to_le32(pci_map_single(nic->pdev,
+- skb->data, skb->len, PCI_DMA_TODEVICE));
+- /* check for mapping failure? */
++ cb->u.tcb.tbd.buf_addr = cpu_to_le32(dma_addr);
+ cb->u.tcb.tbd.size = cpu_to_le16(skb->len);
+ skb_tx_timestamp(skb);
++ return 0;
+ }
+
+ static netdev_tx_t e100_xmit_frame(struct sk_buff *skb,
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c
index bb9256a..56d8752 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c
@@ -54143,7 +54336,7 @@ index ebeb94c..ff35337 100644
void nfs_fattr_init(struct nfs_fattr *fattr)
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
-index 2e9779b..5a43da0 100644
+index 2e9779b..c53189d 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -300,7 +300,7 @@ int nfs40_walk_client_list(struct nfs_client *new,
@@ -54225,12 +54418,13 @@ index 2e9779b..5a43da0 100644
if (pos->rpc_ops != new->rpc_ops)
continue;
-@@ -469,17 +481,17 @@ int nfs41_walk_client_list(struct nfs_client *new,
+@@ -469,17 +481,18 @@ int nfs41_walk_client_list(struct nfs_client *new,
continue;
atomic_inc(&pos->cl_count);
- spin_unlock(&nn->nfs_client_lock);
+ *result = pos;
++ status = 0;
dprintk("NFS: <-- %s using nfs_client = %p ({%d})\n",
__func__, pos, atomic_read(&pos->cl_count));
-
@@ -79381,10 +79575,18 @@ index c0bd030..62a1927 100644
ret = -EIO;
bt->dropped_file = debugfs_create_file("dropped", 0444, dir, bt,
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
-index b27052c..0e1af95 100644
+index b27052c..d99d82a 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
-@@ -1874,12 +1874,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
+@@ -668,7 +668,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
+ free_page(tmp);
+ }
+
+- free_page((unsigned long)stat->pages);
+ stat->pages = NULL;
+ stat->start = NULL;
+
+@@ -1874,12 +1873,17 @@ ftrace_code_disable(struct module *mod, struct dyn_ftrace *rec)
if (unlikely(ftrace_disabled))
return 0;
@@ -79404,7 +79606,7 @@ index b27052c..0e1af95 100644
}
/*
-@@ -2965,7 +2970,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
+@@ -2965,7 +2969,7 @@ static void ftrace_free_entry_rcu(struct rcu_head *rhp)
int
register_ftrace_function_probe(char *glob, struct ftrace_probe_ops *ops,
@@ -79413,7 +79615,7 @@ index b27052c..0e1af95 100644
{
struct ftrace_func_probe *entry;
struct ftrace_page *pg;
-@@ -3832,8 +3837,10 @@ static int ftrace_process_locs(struct module *mod,
+@@ -3832,8 +3836,10 @@ static int ftrace_process_locs(struct module *mod,
if (!count)
return 0;
@@ -79424,7 +79626,7 @@ index b27052c..0e1af95 100644
start_pg = ftrace_allocate_pages(count);
if (!start_pg)
-@@ -4559,8 +4566,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
+@@ -4559,8 +4565,6 @@ ftrace_enable_sysctl(struct ctl_table *table, int write,
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
static int ftrace_graph_active;
@@ -79433,7 +79635,7 @@ index b27052c..0e1af95 100644
int ftrace_graph_entry_stub(struct ftrace_graph_ent *trace)
{
return 0;
-@@ -4704,6 +4709,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
+@@ -4704,6 +4708,10 @@ ftrace_suspend_notifier_call(struct notifier_block *bl, unsigned long state,
return NOTIFY_DONE;
}
@@ -79444,7 +79646,7 @@ index b27052c..0e1af95 100644
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
-@@ -4717,7 +4726,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
+@@ -4717,7 +4725,6 @@ int register_ftrace_graph(trace_func_graph_ret_t retfunc,
goto out;
}
@@ -85767,7 +85969,7 @@ index ddac1ee..3ee0a78 100644
};
diff --git a/net/can/gw.c b/net/can/gw.c
-index 574dda78e..3d2b3da 100644
+index 574dda78e..d42c4cd 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -67,7 +67,6 @@ MODULE_AUTHOR("Oliver Hartkopp <oliver.hartkopp@volkswagen.de>");
@@ -85778,6 +85980,33 @@ index 574dda78e..3d2b3da 100644
static struct kmem_cache *cgw_cache __read_mostly;
+@@ -436,7 +435,7 @@ static int cgw_notifier(struct notifier_block *nb,
+ if (gwj->src.dev == dev || gwj->dst.dev == dev) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+ }
+@@ -829,7 +828,7 @@ static void cgw_remove_all_jobs(void)
+ hlist_for_each_entry_safe(gwj, n, nx, &cgw_list, list) {
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ }
+ }
+
+@@ -885,7 +884,7 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
+
+ hlist_del(&gwj->list);
+ cgw_unregister_filter(gwj);
+- kfree(gwj);
++ kmem_cache_free(cgw_cache, gwj);
+ err = 0;
+ break;
+ }
@@ -893,6 +892,10 @@ static int cgw_remove_job(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
return err;
}
@@ -88013,7 +88242,7 @@ index e85c48b..b8268d3 100644
struct ctl_table *ipv6_icmp_table;
int err;
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
-index 8d19346..e47216f 100644
+index 8d19346..f122ba5 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -103,6 +103,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
@@ -88027,7 +88256,15 @@ index 8d19346..e47216f 100644
static void tcp_v6_hash(struct sock *sk)
{
if (sk->sk_state != TCP_CLOSE) {
-@@ -1440,6 +1444,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
+@@ -386,6 +390,7 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+
+ if (dst)
+ dst->ops->redirect(dst, sk, skb);
++ goto out;
+ }
+
+ if (type == ICMPV6_PKT_TOOBIG) {
+@@ -1440,6 +1445,9 @@ static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
return 0;
reset:
@@ -88037,7 +88274,7 @@ index 8d19346..e47216f 100644
tcp_v6_send_reset(sk, skb);
discard:
if (opt_skb)
-@@ -1521,12 +1528,20 @@ static int tcp_v6_rcv(struct sk_buff *skb)
+@@ -1521,12 +1529,20 @@ static int tcp_v6_rcv(struct sk_buff *skb)
TCP_SKB_CB(skb)->sacked = 0;
sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
@@ -88060,7 +88297,7 @@ index 8d19346..e47216f 100644
if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
-@@ -1575,6 +1590,10 @@ no_tcp_socket:
+@@ -1575,6 +1591,10 @@ no_tcp_socket:
bad_packet:
TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
} else {
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-04-13 18:18 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-13 18:18 [gentoo-commits] proj/hardened-patchset:master commit in: 3.8.6/, 2.6.32/, 3.2.43/ Anthony G. Basile
-- strict thread matches above, loose matches on Subject: below --
2013-04-13 17:35 Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox