[gentoo-commits] proj/hardened-patchset:master commit in: 3.2.57/, 3.13.10/

[gentoo-commits] proj/hardened-patchset:master commit in: 3.2.57/, 3.13.10/

[Anthony G. Basile]

commit:     2794628c193b7390bac0ecb502ba56b73786c71c
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sat Apr 19 12:26:40 2014 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Apr 19 12:26:40 2014 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=2794628c

Grsec/PaX: 3.0-{3.2.57,3.13.10}-201404182111

---
 3.13.10/0000_README                                |   2 +-
 ...4420_grsecurity-3.0-3.13.10-201404182111.patch} | 112 ++++++++++++++++++---
 3.2.57/0000_README                                 |   2 +-
 ... 4420_grsecurity-3.0-3.2.57-201404182109.patch} |  93 ++++++++++++++---
 4 files changed, 180 insertions(+), 29 deletions(-)

diff --git a/3.13.10/0000_README b/3.13.10/0000_README
index 02b8064..6937874 100644
--- a/3.13.10/0000_README
+++ b/3.13.10/0000_README
@@ -2,7 +2,7 @@ README
 -----------------------------------------------------------------------------
 Individual Patch Descriptions:
 -----------------------------------------------------------------------------
-Patch:	4420_grsecurity-3.0-3.13.9-201404062127.patch
+Patch:	4420_grsecurity-3.0-3.13.10-201404182111.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 

diff --git a/3.13.10/4420_grsecurity-3.0-3.13.10-201404141717.patch b/3.13.10/4420_grsecurity-3.0-3.13.10-201404182111.patch
similarity index 99%
rename from 3.13.10/4420_grsecurity-3.0-3.13.10-201404141717.patch
rename to 3.13.10/4420_grsecurity-3.0-3.13.10-201404182111.patch
index 10e9b5b..67863a9 100644
--- a/3.13.10/4420_grsecurity-3.0-3.13.10-201404141717.patch
+++ b/3.13.10/4420_grsecurity-3.0-3.13.10-201404182111.patch
@@ -32292,7 +32292,7 @@ index f971306..e83e0f6 100644
  			(unsigned long)(&__init_begin),
  			(unsigned long)(&__init_end));
 diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
-index 4287f1f..3b99c71 100644
+index 4287f1f..1a4e8e9 100644
 --- a/arch/x86/mm/init_32.c
 +++ b/arch/x86/mm/init_32.c
 @@ -62,33 +62,6 @@ static noinline int do_test_wp_bit(void);
@@ -32392,13 +32392,13 @@ index 4287f1f..3b99c71 100644
 -	if (addr >= (unsigned long)_text && addr <= (unsigned long)__init_end)
 -		return 1;
 -	return 0;
-+	if ((start > ktla_ktva((unsigned long)_etext) ||
++	if ((start >= ktla_ktva((unsigned long)_etext) ||
 +	     end <= ktla_ktva((unsigned long)_stext)) &&
-+	    (start > ktla_ktva((unsigned long)_einittext) ||
++	    (start >= ktla_ktva((unsigned long)_einittext) ||
 +	     end <= ktla_ktva((unsigned long)_sinittext)) &&
 +
 +#ifdef CONFIG_ACPI_SLEEP
-+	    (start > (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) &&
++	    (start >= (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) &&
 +#endif
 +
 +	    (start > (unsigned long)__va(0xfffff) || end <= (unsigned long)__va(0xc0000)))
@@ -58155,7 +58155,7 @@ index e4141f2..d8263e8 100644
  		i += packet_length_size;
  		if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
 diff --git a/fs/exec.c b/fs/exec.c
-index 7ea097f..0158d8a 100644
+index 7ea097f..5862cb5 100644
 --- a/fs/exec.c
 +++ b/fs/exec.c
 @@ -55,8 +55,20 @@
@@ -58872,13 +58872,13 @@ index 7ea097f..0158d8a 100644
 +#ifdef CONFIG_X86_64
 +	/* check against linear mapping as well */
 +	if (high > (unsigned long)__va(__pa(textlow)) &&
-+	    low <= (unsigned long)__va(__pa(texthigh)))
++	    low < (unsigned long)__va(__pa(texthigh)))
 +		return true;
 +#endif
 +
 +#endif
 +
-+	if (high <= textlow || low > texthigh)
++	if (high <= textlow || low >= texthigh)
 +		return false;
 +	else
 +		return true;
@@ -83504,6 +83504,29 @@ index 7caf44c..23c6f27 100644
  #if !defined (N_MAGIC)
  #define N_MAGIC(exec) ((exec).a_info & 0xffff)
  #endif
+diff --git a/include/uapi/linux/bcache.h b/include/uapi/linux/bcache.h
+index 164a7e2..0f581a7 100644
+--- a/include/uapi/linux/bcache.h
++++ b/include/uapi/linux/bcache.h
+@@ -5,6 +5,7 @@
+  * Bcache on disk data structures
+  */
+ 
++#include <linux/compiler.h>
+ #include <asm/types.h>
+ 
+ #define BITMASK(name, type, field, offset, size)		\
+@@ -20,8 +21,8 @@ static inline void SET_##name(type *k, __u64 v)			\
+ /* Btree keys - all units are in sectors */
+ 
+ struct bkey {
+-	__u64	high;
+-	__u64	low;
++	__u64	high __intentional_overflow(-1);
++	__u64	low __intentional_overflow(-1);
+ 	__u64	ptr[];
+ };
+ 
 diff --git a/include/uapi/linux/byteorder/little_endian.h b/include/uapi/linux/byteorder/little_endian.h
 index d876736..ccce5c0 100644
 --- a/include/uapi/linux/byteorder/little_endian.h
@@ -114377,11 +114400,12 @@ index 0000000..9529806
 +tree_mod_log_eb_copy_65535 tree_mod_log_eb_copy 6 65535 NULL
 diff --git a/tools/gcc/size_overflow_hash_aux.data b/tools/gcc/size_overflow_hash_aux.data
 new file mode 100644
-index 0000000..5dd8a8f
+index 0000000..560cd7b
 --- /dev/null
 +++ b/tools/gcc/size_overflow_hash_aux.data
-@@ -0,0 +1,83 @@
+@@ -0,0 +1,92 @@
 +spa_set_aux_vdevs_746 spa_set_aux_vdevs 3 746 NULL
++zfs_lookup_2144 zfs_lookup 0 2144 NULL
 +mappedread_2627 mappedread 2 2627 NULL
 +vdev_disk_dio_alloc_2957 vdev_disk_dio_alloc 1 2957 NULL
 +nv_alloc_pushpage_spl_4286 nv_alloc_pushpage_spl 2 4286 NULL
@@ -114397,6 +114421,7 @@ index 0000000..5dd8a8f
 +avl_numnodes_12384 avl_numnodes 0 12384 NULL
 +dmu_write_uio_dnode_12473 dmu_write_uio_dnode 3 12473 NULL
 +dmu_xuio_init_12866 dmu_xuio_init 2 12866 NULL
++zpl_read_common_14389 zpl_read_common 0 14389 NULL
 +dmu_snapshot_realname_14632 dmu_snapshot_realname 4 14632 NULL
 +kmem_alloc_debug_14852 kmem_alloc_debug 1 14852 NULL
 +kmalloc_node_nofail_15151 kmalloc_node_nofail 1 15151 NULL
@@ -114404,12 +114429,14 @@ index 0000000..5dd8a8f
 +zfs_log_write_16524 zfs_log_write 6-5 16524 NULL
 +sa_build_layouts_16910 sa_build_layouts 3 16910 NULL
 +dsl_dir_namelen_17053 dsl_dir_namelen 0 17053 NULL
++kcopy_copy_to_user_17336 kcopy_copy_to_user 5 17336 NULL
 +sa_add_layout_entry_17507 sa_add_layout_entry 3 17507 NULL
 +sa_attr_table_setup_18029 sa_attr_table_setup 3 18029 NULL
 +uiocopy_18680 uiocopy 2 18680 NULL
 +dmu_buf_hold_array_by_dnode_19125 dmu_buf_hold_array_by_dnode 2-3 19125 NULL
 +zpl_acl_from_xattr_21141 zpl_acl_from_xattr 2 21141 NULL
 +dsl_pool_tx_assign_init_22518 dsl_pool_tx_assign_init 2 22518 NULL
++nvlist_lookup_byte_array_22527 nvlist_lookup_byte_array 0 22527 NULL
 +sa_replace_all_by_template_locked_22533 sa_replace_all_by_template_locked 3 22533 NULL
 +tsd_hash_table_init_22559 tsd_hash_table_init 1 22559 NULL
 +spa_vdev_remove_aux_23966 spa_vdev_remove_aux 4 23966 NULL
@@ -114441,16 +114468,21 @@ index 0000000..5dd8a8f
 +vdev_raidz_matrix_reconstruct_40852 vdev_raidz_matrix_reconstruct 2-3 40852 NULL
 +sa_find_layout_40892 sa_find_layout 4 40892 NULL
 +zpl_xattr_get_dir_41918 zpl_xattr_get_dir 0 41918 NULL
++zfs_sa_get_xattr_42600 zfs_sa_get_xattr 0 42600 NULL
 +zpl_xattr_acl_set_42808 zpl_xattr_acl_set 4 42808 NULL
 +xdr_dec_array_43091 xdr_dec_array 5 43091 NULL
 +dsl_dataset_namelen_43136 dsl_dataset_namelen 0 43136 NULL
++kcopy_write_43683 kcopy_write 3 43683 NULL
 +uiomove_44355 uiomove 2 44355 NULL
 +dmu_read_44418 dmu_read 4-3 44418 NULL
 +ddi_copyin_44846 ddi_copyin 3 44846 NULL
++kcopy_do_get_45061 kcopy_do_get 5 45061 NULL
 +copyin_45945 copyin 3 45945 NULL
 +zil_itx_create_46555 zil_itx_create 2 46555 NULL
 +dmu_write_uio_dbuf_48064 dmu_write_uio_dbuf 3 48064 NULL
++blk_rq_pos_48233 blk_rq_pos 0 48233 NULL
 +spa_history_write_49650 spa_history_write 3 49650 NULL
++kcopy_copy_pages_to_user_49823 kcopy_copy_pages_to_user 3-4 49823 NULL
 +zfs_log_write_50162 zfs_log_write 6-5 50162 NULL
 +i_fm_alloc_51038 i_fm_alloc 2 51038 NULL
 +copyout_51409 copyout 3 51409 NULL
@@ -114466,10 +114498,10 @@ index 0000000..5dd8a8f
 +zpios_read_64734 zpios_read 3 64734 NULL
 diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c
 new file mode 100644
-index 0000000..0a9dd22
+index 0000000..ed21b21
 --- /dev/null
 +++ b/tools/gcc/size_overflow_plugin.c
-@@ -0,0 +1,4110 @@
+@@ -0,0 +1,4166 @@
 +/*
 + * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com>
 + * Licensed under the GPL v2, or (at your option) v3
@@ -114498,7 +114530,7 @@ index 0000000..0a9dd22
 +int plugin_is_GPL_compatible;
 +
 +static struct plugin_info size_overflow_plugin_info = {
-+	.version	= "20140402",
++	.version	= "20140407",
 +	.help		= "no-size-overflow\tturn off size overflow checking\n",
 +};
 +
@@ -115828,12 +115860,62 @@ index 0000000..0a9dd22
 +	insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK);
 +}
 +
++static bool is_lt_signed_type_max(const_tree rhs)
++{
++	const_tree new_type, type_max, type = TREE_TYPE(rhs);
++
++	if (!TYPE_UNSIGNED(type))
++		return true;
++
++	switch (TYPE_MODE(type)) {
++	case QImode:
++		new_type = intQI_type_node;
++		break;
++	case HImode:
++		new_type = intHI_type_node;
++		break;
++	case SImode:
++		new_type = intSI_type_node;
++		break;
++	case DImode:
++		new_type = intDI_type_node;
++		break;
++	default:
++		debug_tree((tree)type);
++		gcc_unreachable();
++	}
++
++	type_max = TYPE_MAX_VALUE(new_type);
++	if (!tree_int_cst_lt(type_max, rhs))
++		return true;
++
++	return false;
++}
++
++static bool is_gt_zero(const_tree rhs)
++{
++	const_tree type = TREE_TYPE(rhs);
++
++	if (TYPE_UNSIGNED(type))
++		return true;
++
++	if (!tree_int_cst_lt(rhs, integer_zero_node))
++		return true;
++
++	return false;
++}
++
 +static bool is_a_constant_overflow(const_gimple stmt, const_tree rhs)
 +{
 +	if (gimple_assign_rhs_code(stmt) == MIN_EXPR)
 +		return false;
 +	if (!is_gimple_constant(rhs))
 +		return false;
++
++	// If the const is between 0 and the max value of the signed type of the same bitsize then there is no intentional overflow
++//	if (is_lt_signed_type_max(rhs) && is_gt_zero(rhs))
++//		return false;
++
 +	return true;
 +}
 +
@@ -116037,6 +116119,12 @@ index 0000000..0a9dd22
 +	if (is_a_constant_overflow(def_stmt, rhs1))
 +		return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs2), def_stmt, new_rhs2, new_rhs2);
 +
++	// the const is between 0 and (signed) MAX
++	if (is_gimple_constant(rhs1))
++		new_rhs1 = create_assign(visited, def_stmt, rhs1, BEFORE_STMT);
++	if (is_gimple_constant(rhs2))
++		new_rhs2 = create_assign(visited, def_stmt, rhs2, BEFORE_STMT);
++
 +	return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE);
 +}
 +

diff --git a/3.2.57/0000_README b/3.2.57/0000_README
index fa70e2f..44dacca 100644
--- a/3.2.57/0000_README
+++ b/3.2.57/0000_README
@@ -146,7 +146,7 @@ Patch:	1056_linux-3.2.57.patch
 From:	http://www.kernel.org
 Desc:	Linux 3.2.57
 
-Patch:	4420_grsecurity-3.0-3.2.57-201404131252.patch
+Patch:	4420_grsecurity-3.0-3.2.57-201404182109.patch
 From:	http://www.grsecurity.net
 Desc:	hardened-sources base patch from upstream grsecurity
 

diff --git a/3.2.57/4420_grsecurity-3.0-3.2.57-201404131252.patch b/3.2.57/4420_grsecurity-3.0-3.2.57-201404182109.patch
similarity index 99%
rename from 3.2.57/4420_grsecurity-3.0-3.2.57-201404131252.patch
rename to 3.2.57/4420_grsecurity-3.0-3.2.57-201404182109.patch
index d27fdf9..08bad77 100644
--- a/3.2.57/4420_grsecurity-3.0-3.2.57-201404131252.patch
+++ b/3.2.57/4420_grsecurity-3.0-3.2.57-201404182109.patch
@@ -28706,7 +28706,7 @@ index a4cca06..9e00106 100644
  			(unsigned long)(&__init_begin),
  			(unsigned long)(&__init_end));
 diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
-index 29f7c6d..7500c2f 100644
+index 29f7c6d..5122941 100644
 --- a/arch/x86/mm/init_32.c
 +++ b/arch/x86/mm/init_32.c
 @@ -74,36 +74,6 @@ static __init void *alloc_low_page(void)
@@ -28809,13 +28809,13 @@ index 29f7c6d..7500c2f 100644
 -	if (addr >= (unsigned long)_text && addr <= (unsigned long)__init_end)
 -		return 1;
 -	return 0;
-+	if ((start > ktla_ktva((unsigned long)_etext) ||
++	if ((start >= ktla_ktva((unsigned long)_etext) ||
 +	     end <= ktla_ktva((unsigned long)_stext)) &&
-+	    (start > ktla_ktva((unsigned long)_einittext) ||
++	    (start >= ktla_ktva((unsigned long)_einittext) ||
 +	     end <= ktla_ktva((unsigned long)_sinittext)) &&
 +
 +#ifdef CONFIG_ACPI_SLEEP
-+	    (start > (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) &&
++	    (start >= (unsigned long)__va(acpi_wakeup_address) + 0x4000 || end <= (unsigned long)__va(acpi_wakeup_address)) &&
 +#endif
 +
 +	    (start > (unsigned long)__va(0xfffff) || end <= (unsigned long)__va(0xc0000)))
@@ -55664,7 +55664,7 @@ index 451b9b8..12e5a03 100644
  
  out_free_fd:
 diff --git a/fs/exec.c b/fs/exec.c
-index 78199eb..793dc44 100644
+index 78199eb..1781a561 100644
 --- a/fs/exec.c
 +++ b/fs/exec.c
 @@ -55,12 +55,35 @@
@@ -56504,13 +56504,13 @@ index 78199eb..793dc44 100644
 +#ifdef CONFIG_X86_64
 +	/* check against linear mapping as well */
 +	if (high > (unsigned long)__va(__pa(textlow)) &&
-+	    low <= (unsigned long)__va(__pa(texthigh)))
++	    low < (unsigned long)__va(__pa(texthigh)))
 +		return true;
 +#endif
 +
 +#endif
 +
-+	if (high <= textlow || low > texthigh)
++	if (high <= textlow || low >= texthigh)
 +		return false;
 +	else
 +		return true;
@@ -111853,10 +111853,10 @@ index 0000000..8dafb22
 +}
 diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data
 new file mode 100644
-index 0000000..6111b9b
+index 0000000..6bf14a6
 --- /dev/null
 +++ b/tools/gcc/size_overflow_hash.data
-@@ -0,0 +1,6002 @@
+@@ -0,0 +1,6001 @@
 +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL
 +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL
 +storvsc_connect_to_vsp_22 storvsc_connect_to_vsp 2 22 NULL
@@ -113167,7 +113167,6 @@ index 0000000..6111b9b
 +dma_declare_coherent_memory_14244 dma_declare_coherent_memory 4 14244 NULL
 +snd_soc_hw_bulk_write_raw_14245 snd_soc_hw_bulk_write_raw 4 14245 NULL
 +ext4_journal_restart_14251 ext4_journal_restart 0 14251 NULL
-+radix_tree_prev_hole_14252 radix_tree_prev_hole 0-2 14252 NULL
 +ath6kl_connect_event_14267 ath6kl_connect_event 7-8-9 14267 NULL
 +add_numbered_child_14273 add_numbered_child 5 14273 NULL
 +OS_mem_token_alloc_14276 OS_mem_token_alloc 1 14276 NULL
@@ -117861,11 +117860,12 @@ index 0000000..6111b9b
 +selnl_msglen_65499 selnl_msglen 0 65499 NULL
 diff --git a/tools/gcc/size_overflow_hash_aux.data b/tools/gcc/size_overflow_hash_aux.data
 new file mode 100644
-index 0000000..5dd8a8f
+index 0000000..4ad4525
 --- /dev/null
 +++ b/tools/gcc/size_overflow_hash_aux.data
-@@ -0,0 +1,83 @@
+@@ -0,0 +1,91 @@
 +spa_set_aux_vdevs_746 spa_set_aux_vdevs 3 746 NULL
++zfs_lookup_2144 zfs_lookup 0 2144 NULL
 +mappedread_2627 mappedread 2 2627 NULL
 +vdev_disk_dio_alloc_2957 vdev_disk_dio_alloc 1 2957 NULL
 +nv_alloc_pushpage_spl_4286 nv_alloc_pushpage_spl 2 4286 NULL
@@ -117881,6 +117881,7 @@ index 0000000..5dd8a8f
 +avl_numnodes_12384 avl_numnodes 0 12384 NULL
 +dmu_write_uio_dnode_12473 dmu_write_uio_dnode 3 12473 NULL
 +dmu_xuio_init_12866 dmu_xuio_init 2 12866 NULL
++zpl_read_common_14389 zpl_read_common 0 14389 NULL
 +dmu_snapshot_realname_14632 dmu_snapshot_realname 4 14632 NULL
 +kmem_alloc_debug_14852 kmem_alloc_debug 1 14852 NULL
 +kmalloc_node_nofail_15151 kmalloc_node_nofail 1 15151 NULL
@@ -117888,12 +117889,14 @@ index 0000000..5dd8a8f
 +zfs_log_write_16524 zfs_log_write 6-5 16524 NULL
 +sa_build_layouts_16910 sa_build_layouts 3 16910 NULL
 +dsl_dir_namelen_17053 dsl_dir_namelen 0 17053 NULL
++kcopy_copy_to_user_17336 kcopy_copy_to_user 5 17336 NULL
 +sa_add_layout_entry_17507 sa_add_layout_entry 3 17507 NULL
 +sa_attr_table_setup_18029 sa_attr_table_setup 3 18029 NULL
 +uiocopy_18680 uiocopy 2 18680 NULL
 +dmu_buf_hold_array_by_dnode_19125 dmu_buf_hold_array_by_dnode 2-3 19125 NULL
 +zpl_acl_from_xattr_21141 zpl_acl_from_xattr 2 21141 NULL
 +dsl_pool_tx_assign_init_22518 dsl_pool_tx_assign_init 2 22518 NULL
++nvlist_lookup_byte_array_22527 nvlist_lookup_byte_array 0 22527 NULL
 +sa_replace_all_by_template_locked_22533 sa_replace_all_by_template_locked 3 22533 NULL
 +tsd_hash_table_init_22559 tsd_hash_table_init 1 22559 NULL
 +spa_vdev_remove_aux_23966 spa_vdev_remove_aux 4 23966 NULL
@@ -117925,16 +117928,20 @@ index 0000000..5dd8a8f
 +vdev_raidz_matrix_reconstruct_40852 vdev_raidz_matrix_reconstruct 2-3 40852 NULL
 +sa_find_layout_40892 sa_find_layout 4 40892 NULL
 +zpl_xattr_get_dir_41918 zpl_xattr_get_dir 0 41918 NULL
++zfs_sa_get_xattr_42600 zfs_sa_get_xattr 0 42600 NULL
 +zpl_xattr_acl_set_42808 zpl_xattr_acl_set 4 42808 NULL
 +xdr_dec_array_43091 xdr_dec_array 5 43091 NULL
 +dsl_dataset_namelen_43136 dsl_dataset_namelen 0 43136 NULL
++kcopy_write_43683 kcopy_write 3 43683 NULL
 +uiomove_44355 uiomove 2 44355 NULL
 +dmu_read_44418 dmu_read 4-3 44418 NULL
 +ddi_copyin_44846 ddi_copyin 3 44846 NULL
++kcopy_do_get_45061 kcopy_do_get 5 45061 NULL
 +copyin_45945 copyin 3 45945 NULL
 +zil_itx_create_46555 zil_itx_create 2 46555 NULL
 +dmu_write_uio_dbuf_48064 dmu_write_uio_dbuf 3 48064 NULL
 +spa_history_write_49650 spa_history_write 3 49650 NULL
++kcopy_copy_pages_to_user_49823 kcopy_copy_pages_to_user 3-4 49823 NULL
 +zfs_log_write_50162 zfs_log_write 6-5 50162 NULL
 +i_fm_alloc_51038 i_fm_alloc 2 51038 NULL
 +copyout_51409 copyout 3 51409 NULL
@@ -117950,10 +117957,10 @@ index 0000000..5dd8a8f
 +zpios_read_64734 zpios_read 3 64734 NULL
 diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c
 new file mode 100644
-index 0000000..0a9dd22
+index 0000000..ed21b21
 --- /dev/null
 +++ b/tools/gcc/size_overflow_plugin.c
-@@ -0,0 +1,4110 @@
+@@ -0,0 +1,4166 @@
 +/*
 + * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com>
 + * Licensed under the GPL v2, or (at your option) v3
@@ -117982,7 +117989,7 @@ index 0000000..0a9dd22
 +int plugin_is_GPL_compatible;
 +
 +static struct plugin_info size_overflow_plugin_info = {
-+	.version	= "20140402",
++	.version	= "20140407",
 +	.help		= "no-size-overflow\tturn off size overflow checking\n",
 +};
 +
@@ -119312,12 +119319,62 @@ index 0000000..0a9dd22
 +	insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK);
 +}
 +
++static bool is_lt_signed_type_max(const_tree rhs)
++{
++	const_tree new_type, type_max, type = TREE_TYPE(rhs);
++
++	if (!TYPE_UNSIGNED(type))
++		return true;
++
++	switch (TYPE_MODE(type)) {
++	case QImode:
++		new_type = intQI_type_node;
++		break;
++	case HImode:
++		new_type = intHI_type_node;
++		break;
++	case SImode:
++		new_type = intSI_type_node;
++		break;
++	case DImode:
++		new_type = intDI_type_node;
++		break;
++	default:
++		debug_tree((tree)type);
++		gcc_unreachable();
++	}
++
++	type_max = TYPE_MAX_VALUE(new_type);
++	if (!tree_int_cst_lt(type_max, rhs))
++		return true;
++
++	return false;
++}
++
++static bool is_gt_zero(const_tree rhs)
++{
++	const_tree type = TREE_TYPE(rhs);
++
++	if (TYPE_UNSIGNED(type))
++		return true;
++
++	if (!tree_int_cst_lt(rhs, integer_zero_node))
++		return true;
++
++	return false;
++}
++
 +static bool is_a_constant_overflow(const_gimple stmt, const_tree rhs)
 +{
 +	if (gimple_assign_rhs_code(stmt) == MIN_EXPR)
 +		return false;
 +	if (!is_gimple_constant(rhs))
 +		return false;
++
++	// If the const is between 0 and the max value of the signed type of the same bitsize then there is no intentional overflow
++//	if (is_lt_signed_type_max(rhs) && is_gt_zero(rhs))
++//		return false;
++
 +	return true;
 +}
 +
@@ -119521,6 +119578,12 @@ index 0000000..0a9dd22
 +	if (is_a_constant_overflow(def_stmt, rhs1))
 +		return handle_intentional_overflow(visited, caller_node, !is_a_cast_and_const_overflow(rhs2), def_stmt, new_rhs2, new_rhs2);
 +
++	// the const is between 0 and (signed) MAX
++	if (is_gimple_constant(rhs1))
++		new_rhs1 = create_assign(visited, def_stmt, rhs1, BEFORE_STMT);
++	if (is_gimple_constant(rhs2))
++		new_rhs2 = create_assign(visited, def_stmt, rhs2, BEFORE_STMT);
++
 +	return dup_assign(visited, def_stmt, lhs, new_rhs1, new_rhs2, NULL_TREE);
 +}
 +