aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrancesco Colista <francesco.colista@gmail.com>2012-03-21 14:43:25 +0000
committerFrancesco Colista <francesco.colista@gmail.com>2012-03-21 14:43:25 +0000
commit6f7a92508194657aefa5dbd1187e61c11674dad2 (patch)
tree46923ea037016e9dd28e38bf8177f5860aa042a7
parent58e9c8a6a09015dd8098d3daff25e3b482a98810 (diff)
parent5d9620463b748f38927b1080a39093cdfb929254 (diff)
downloadalpine_aports-6f7a92508194657aefa5dbd1187e61c11674dad2.tar.bz2
alpine_aports-6f7a92508194657aefa5dbd1187e61c11674dad2.tar.xz
alpine_aports-6f7a92508194657aefa5dbd1187e61c11674dad2.zip
Merge git://dev.alpinelinux.org/aports
Diffstat
-rw-r--r--main/bash/APKBUILD8
-rw-r--r--main/boost/APKBUILD4
-rw-r--r--main/dahdi-linux-grsec/APKBUILD2
-rw-r--r--main/gparted/APKBUILD2
-rw-r--r--main/gtk+2.0/APKBUILD8
-rw-r--r--main/libdrm/APKBUILD4
-rw-r--r--main/libmtp/APKBUILD6
-rw-r--r--main/libtasn1/APKBUILD6
-rw-r--r--main/libvirt/APKBUILD2
-rw-r--r--main/linux-grsec/APKBUILD12
-rw-r--r--main/linux-grsec/grsecurity-2.9-3.2.12-201203191822.patch (renamed from main/linux-grsec/grsecurity-2.9-3.2.11-201203141956.patch)6316
-rw-r--r--main/linux-grsec/kernelconfig.x863
-rw-r--r--main/linux-grsec/kernelconfig.x86_643
-rw-r--r--main/lm_sensors/APKBUILD4
-rw-r--r--main/mc/APKBUILD4
-rw-r--r--main/mpg123/APKBUILD4
-rw-r--r--main/nasm/APKBUILD4
-rw-r--r--main/open-vm-tools-grsec/APKBUILD2
-rw-r--r--main/parted/APKBUILD8
-rw-r--r--main/sqlite/APKBUILD4
-rw-r--r--main/udisks/APKBUILD4
-rw-r--r--main/util-vserver/APKBUILD4
-rw-r--r--main/util-vserver/setup-vs-guest21
-rw-r--r--main/xtables-addons-grsec/APKBUILD2
-rw-r--r--testing/gnash/APKBUILD2
-rw-r--r--testing/pdns/APKBUILD2
-rw-r--r--testing/rrdcollect/APKBUILD35
-rw-r--r--testing/rrdcollect/rrdcollect.conf.patch46
-rwxr-xr-xtesting/rrdcollect/rrdcollect.initd6
-rw-r--r--testing/wanpipe-grsec/APKBUILD2
30 files changed, 5893 insertions, 637 deletions
diff --git a/main/bash/APKBUILD b/main/bash/APKBUILD
index e26b386408..d49b5f6c2c 100644
--- a/main/bash/APKBUILD
+++ b/main/bash/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2 2
3pkgname=bash 3pkgname=bash
4pkgver=4.2.020 4pkgver=4.2.024
5_patchlevel=${pkgver##*.} 5_patchlevel=${pkgver##*.}
6_myver=${pkgver%.*} 6_myver=${pkgver%.*}
7_patchbase=${_myver%.*}${_myver#*.} 7_patchbase=${_myver%.*}${_myver#*.}
@@ -87,4 +87,8 @@ ed19da878e3f630834c62b9d9dcc6fce bash42-014
87304fd129a58fee2d8a34f8b4704db0aa bash42-017 87304fd129a58fee2d8a34f8b4704db0aa bash42-017
886921a0b4228fe89b6537a5c29f027c89 bash42-018 886921a0b4228fe89b6537a5c29f027c89 bash42-018
891195d85447f3d048d2c9bcd075fa765c bash42-019 891195d85447f3d048d2c9bcd075fa765c bash42-019
90b09000bba08da6ac753124593850cdf7 bash42-020" 90b09000bba08da6ac753124593850cdf7 bash42-020
9109d3f96a16b881334cfaee0cf320b47e bash42-021
92597bf71a2aac6feb510b7505cdd3d4f7 bash42-022
933fab459b4e09daea529cacad025b13b3 bash42-023
944ad8d11e72afc6090e701073ff034cf4 bash42-024"
diff --git a/main/boost/APKBUILD b/main/boost/APKBUILD
index a8bb926bf0..b3c66e8ea9 100644
--- a/main/boost/APKBUILD
+++ b/main/boost/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=boost 2pkgname=boost
3pkgver=1.48.0 3pkgver=1.49.0
4 4
5_x=${pkgver%%.*} # strip .y.z 5_x=${pkgver%%.*} # strip .y.z
6_y=${pkgver%.*} # strip .z 6_y=${pkgver%.*} # strip .z
@@ -133,4 +133,4 @@ wave() { _mvlib wave; }
133wserialization() { _mvlib wserialization; } 133wserialization() { _mvlib wserialization; }
134 134
135 135
136md5sums="313a11e97eb56eb7efd18325354631be boost_1_48_0.tar.gz" 136md5sums="e0defc8c818e4f1c5bbb29d0292b76ca boost_1_49_0.tar.gz"
diff --git a/main/dahdi-linux-grsec/APKBUILD b/main/dahdi-linux-grsec/APKBUILD
index b7edb5aa02..c5fd5d674c 100644
--- a/main/dahdi-linux-grsec/APKBUILD
+++ b/main/dahdi-linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
2# Maintainer: Timo Teras <timo.teras@iki.fi> 2# Maintainer: Timo Teras <timo.teras@iki.fi>
3 3
4_flavor=grsec 4_flavor=grsec
5_kver=3.2.11 5_kver=3.2.12
6_kpkgrel=0 6_kpkgrel=0
7_mypkgrel=0 7_mypkgrel=0
8 8
diff --git a/main/gparted/APKBUILD b/main/gparted/APKBUILD
index 166f47b2ff..f1b1ae857f 100644
--- a/main/gparted/APKBUILD
+++ b/main/gparted/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=gparted 2pkgname=gparted
3pkgver=0.12.0 3pkgver=0.12.0
4pkgrel=0 4pkgrel=1
5pkgdesc="a graphical partition editor for creating, reorganizing, and deleting disk partitions" 5pkgdesc="a graphical partition editor for creating, reorganizing, and deleting disk partitions"
6url="http://gparted.sourceforge.net/" 6url="http://gparted.sourceforge.net/"
7arch="all" 7arch="all"
diff --git a/main/gtk+2.0/APKBUILD b/main/gtk+2.0/APKBUILD
index 08aea1040f..ccb15f211d 100644
--- a/main/gtk+2.0/APKBUILD
+++ b/main/gtk+2.0/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=gtk+2.0 2pkgname=gtk+2.0
3pkgver=2.24.6 3pkgver=2.24.10
4pkgrel=1 4pkgrel=0
5pkgdesc="The GTK+ Toolkit (v2)" 5pkgdesc="The GTK+ Toolkit (v2)"
6url="http://www.gtk.org/" 6url="http://www.gtk.org/"
7install="$pkgname.post-install $pkgname.post-upgrade $pkgname.post-deinstall" 7install="$pkgname.post-install $pkgname.post-upgrade $pkgname.post-deinstall"
@@ -43,7 +43,7 @@ makedepends="pkgconfig
43 libxi-dev 43 libxi-dev
44 tiff-dev 44 tiff-dev
45 zlib-dev" 45 zlib-dev"
46source="http://ftp.gnome.org/pub/gnome/sources/gtk+/${pkgver%.*}/gtk+-$pkgver.tar.bz2" 46source="http://ftp.gnome.org/pub/gnome/sources/gtk+/${pkgver%.*}/gtk+-$pkgver.tar.xz"
47 47
48 48
49_builddir="$srcdir"/gtk+-$pkgver 49_builddir="$srcdir"/gtk+-$pkgver
@@ -74,4 +74,4 @@ dev() {
74 "$subpkgdir"/usr/bin || return 1 74 "$subpkgdir"/usr/bin || return 1
75} 75}
76 76
77md5sums="421100f6597e613234f8dead6091a9fe gtk+-2.24.6.tar.bz2" 77md5sums="7fdcb407dd174010a695b555bf9b65e2 gtk+-2.24.10.tar.xz"
diff --git a/main/libdrm/APKBUILD b/main/libdrm/APKBUILD
index ea58af0287..b30581b4bb 100644
--- a/main/libdrm/APKBUILD
+++ b/main/libdrm/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=libdrm 2pkgname=libdrm
3pkgver=2.4.31 3pkgver=2.4.32
4pkgrel=0 4pkgrel=0
5pkgdesc="Userspace interface to kernel DRM services" 5pkgdesc="Userspace interface to kernel DRM services"
6url="http://dri.freedesktop.org/" 6url="http://dri.freedesktop.org/"
@@ -39,4 +39,4 @@ package() {
39 rm "$pkgdir"/usr/lib/*.la || return 1 39 rm "$pkgdir"/usr/lib/*.la || return 1
40} 40}
41 41
42md5sums="b8cf744ec113c6028fe0975b1133b649 libdrm-2.4.31.tar.bz2" 42md5sums="b731faf4a49f89c318d84378cb563cf8 libdrm-2.4.32.tar.bz2"
diff --git a/main/libmtp/APKBUILD b/main/libmtp/APKBUILD
index af6165b964..05b607550c 100644
--- a/main/libmtp/APKBUILD
+++ b/main/libmtp/APKBUILD
@@ -1,8 +1,8 @@
1# Contributor: Natanael Copa <ncopa@alpinelinux.org> 1# Contributor: Natanael Copa <ncopa@alpinelinux.org>
2# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 2# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
3pkgname=libmtp 3pkgname=libmtp
4pkgver=1.1.1 4pkgver=1.1.2
5pkgrel=1 5pkgrel=0
6pkgdesc="A software library for MTP media players" 6pkgdesc="A software library for MTP media players"
7url="http://libmtp.sourceforge.net/" 7url="http://libmtp.sourceforge.net/"
8arch="all" 8arch="all"
@@ -48,4 +48,4 @@ examples() {
48 mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ 48 mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
49} 49}
50 50
51md5sums="073e1c2a00ba377f68dce47727e185ae libmtp-1.1.1.tar.gz" 51md5sums="6dc708757e3fd3ccce7445b4f2171263 libmtp-1.1.2.tar.gz"
diff --git a/main/libtasn1/APKBUILD b/main/libtasn1/APKBUILD
index 8fb900a6b3..61069dfd4d 100644
--- a/main/libtasn1/APKBUILD
+++ b/main/libtasn1/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=libtasn1 2pkgname=libtasn1
3pkgver=2.9 3pkgver=2.12
4pkgrel=1 4pkgrel=0
5pkgdesc="The ASN.1 library used in GNUTLS" 5pkgdesc="The ASN.1 library used in GNUTLS"
6url="http://www.gnu.org/software/gnutls/" 6url="http://www.gnu.org/software/gnutls/"
7arch="all" 7arch="all"
@@ -24,4 +24,4 @@ package() {
24 make DESTDIR="$pkgdir" install || return 1 24 make DESTDIR="$pkgdir" install || return 1
25 rm "$pkgdir"/usr/lib/*.la || return 1 25 rm "$pkgdir"/usr/lib/*.la || return 1
26} 26}
27md5sums="f4f4035b84550100ffeb8ad4b261dea9 libtasn1-2.9.tar.gz" 27md5sums="4eba39fb962d6cf5a370267eae8ff52b libtasn1-2.12.tar.gz"
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 13c98463f3..026851c8eb 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> 1# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
2pkgname=libvirt 2pkgname=libvirt
3pkgver=0.9.10 3pkgver=0.9.10
4pkgrel=2 4pkgrel=3
5pkgdesc="A virtualization API for several hypervisor and container systems" 5pkgdesc="A virtualization API for several hypervisor and container systems"
6url="http://libvirt.org/" 6url="http://libvirt.org/"
7arch="all" 7arch="all"
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 6af77c90f0..cc177f6673 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
2 2
3_flavor=grsec 3_flavor=grsec
4pkgname=linux-${_flavor} 4pkgname=linux-${_flavor}
5pkgver=3.2.11 5pkgver=3.2.12
6_kernver=3.2 6_kernver=3.2
7pkgrel=0 7pkgrel=0
8pkgdesc="Linux kernel with grsecurity" 8pkgdesc="Linux kernel with grsecurity"
@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH}}
14install= 14install=
15source="http://ftp.kernel.org/pub/linux/kernel/v3.0/linux-$_kernver.tar.bz2 15source="http://ftp.kernel.org/pub/linux/kernel/v3.0/linux-$_kernver.tar.bz2
16 http://ftp.kernel.org/pub/linux/kernel/v3.0/patch-$pkgver.bz2 16 http://ftp.kernel.org/pub/linux/kernel/v3.0/patch-$pkgver.bz2
17 grsecurity-2.9-3.2.11-201203141956.patch 17 grsecurity-2.9-3.2.12-201203191822.patch
18 18
19 0004-arp-flush-arp-cache-on-device-change.patch 19 0004-arp-flush-arp-cache-on-device-change.patch
20 20
@@ -141,11 +141,11 @@ dev() {
141} 141}
142 142
143md5sums="7ceb61f87c097fc17509844b71268935 linux-3.2.tar.bz2 143md5sums="7ceb61f87c097fc17509844b71268935 linux-3.2.tar.bz2
144a4c2531ee383dfd429e105816b4d2ccc patch-3.2.11.bz2 144377a6d731cd246aaa0c0f6a432b7aece patch-3.2.12.bz2
145b7d1619cad370ec520c9184cba785df0 grsecurity-2.9-3.2.11-201203141956.patch 1453dc3551af038565f35bf0169942bf0ba grsecurity-2.9-3.2.12-201203191822.patch
146776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch 146776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch
147f3eda7112ef074a4121ec6de943c63ee x86-centaur-enable-cx8-for-via-eden-too.patch 147f3eda7112ef074a4121ec6de943c63ee x86-centaur-enable-cx8-for-via-eden-too.patch
1480e57daa3b43acadd82ae66fa9e3f7da1 inetpeer-invalidate-the-inetpeer-tree-along-with-the-routing-cache.patch 1480e57daa3b43acadd82ae66fa9e3f7da1 inetpeer-invalidate-the-inetpeer-tree-along-with-the-routing-cache.patch
14906061e5de624849e082c3c8dbe37c908 route-remove-redirect-genid.patch 14906061e5de624849e082c3c8dbe37c908 route-remove-redirect-genid.patch
1505dd06dffb7f90828e0dc00d884321845 kernelconfig.x86 150a7d9961d4118514989499cf2da3c6801 kernelconfig.x86
151fcdfcf0701a053957653a5e26fd33783 kernelconfig.x86_64" 1519120cc34f987b0fa1f74ba5df9f0aa40 kernelconfig.x86_64"
diff --git a/main/linux-grsec/grsecurity-2.9-3.2.11-201203141956.patch b/main/linux-grsec/grsecurity-2.9-3.2.12-201203191822.patch
index ba37ae48fb..54fa297bca 100644
--- a/main/linux-grsec/grsecurity-2.9-3.2.11-201203141956.patch
+++ b/main/linux-grsec/grsecurity-2.9-3.2.12-201203191822.patch
@@ -1,8 +1,12 @@
1diff --git a/Documentation/dontdiff b/Documentation/dontdiff 1diff --git a/Documentation/dontdiff b/Documentation/dontdiff
2index dfa6fc6..6af9546 100644 2index dfa6fc6..df93044 100644
3--- a/Documentation/dontdiff 3--- a/Documentation/dontdiff
4+++ b/Documentation/dontdiff 4+++ b/Documentation/dontdiff
5@@ -5,6 +5,7 @@ 5@@ -2,9 +2,11 @@
6 *.aux
7 *.bin
8 *.bz2
9+*.c.[012]*.*
6 *.cis 10 *.cis
7 *.cpio 11 *.cpio
8 *.csp 12 *.csp
@@ -10,7 +14,7 @@ index dfa6fc6..6af9546 100644
10 *.dsp 14 *.dsp
11 *.dvi 15 *.dvi
12 *.elf 16 *.elf
13@@ -14,6 +15,7 @@ 17@@ -14,6 +16,7 @@
14 *.gcov 18 *.gcov
15 *.gen.S 19 *.gen.S
16 *.gif 20 *.gif
@@ -18,7 +22,7 @@ index dfa6fc6..6af9546 100644
18 *.grep 22 *.grep
19 *.grp 23 *.grp
20 *.gz 24 *.gz
21@@ -48,9 +50,11 @@ 25@@ -48,9 +51,11 @@
22 *.tab.h 26 *.tab.h
23 *.tex 27 *.tex
24 *.ver 28 *.ver
@@ -30,7 +34,7 @@ index dfa6fc6..6af9546 100644
30 *_vga16.c 34 *_vga16.c
31 *~ 35 *~
32 \#*# 36 \#*#
33@@ -70,6 +74,7 @@ Kerntypes 37@@ -70,6 +75,7 @@ Kerntypes
34 Module.markers 38 Module.markers
35 Module.symvers 39 Module.symvers
36 PENDING 40 PENDING
@@ -38,7 +42,7 @@ index dfa6fc6..6af9546 100644
38 SCCS 42 SCCS
39 System.map* 43 System.map*
40 TAGS 44 TAGS
41@@ -93,19 +98,24 @@ bounds.h 45@@ -93,19 +99,24 @@ bounds.h
42 bsetup 46 bsetup
43 btfixupprep 47 btfixupprep
44 build 48 build
@@ -63,7 +67,7 @@ index dfa6fc6..6af9546 100644
63 conmakehash 67 conmakehash
64 consolemap_deftbl.c* 68 consolemap_deftbl.c*
65 cpustr.h 69 cpustr.h
66@@ -116,9 +126,11 @@ devlist.h* 70@@ -116,9 +127,11 @@ devlist.h*
67 dnotify_test 71 dnotify_test
68 docproc 72 docproc
69 dslm 73 dslm
@@ -75,7 +79,7 @@ index dfa6fc6..6af9546 100644
75 fixdep 79 fixdep
76 flask.h 80 flask.h
77 fore200e_mkfirm 81 fore200e_mkfirm
78@@ -126,12 +138,15 @@ fore200e_pca_fw.c* 82@@ -126,12 +139,15 @@ fore200e_pca_fw.c*
79 gconf 83 gconf
80 gconf.glade.h 84 gconf.glade.h
81 gen-devlist 85 gen-devlist
@@ -91,7 +95,7 @@ index dfa6fc6..6af9546 100644
91 hpet_example 95 hpet_example
92 hugepage-mmap 96 hugepage-mmap
93 hugepage-shm 97 hugepage-shm
94@@ -146,7 +161,7 @@ int32.c 98@@ -146,7 +162,7 @@ int32.c
95 int4.c 99 int4.c
96 int8.c 100 int8.c
97 kallsyms 101 kallsyms
@@ -100,7 +104,7 @@ index dfa6fc6..6af9546 100644
100 keywords.c 104 keywords.c
101 ksym.c* 105 ksym.c*
102 ksym.h* 106 ksym.h*
103@@ -154,7 +169,7 @@ kxgettext 107@@ -154,7 +170,7 @@ kxgettext
104 lkc_defs.h 108 lkc_defs.h
105 lex.c 109 lex.c
106 lex.*.c 110 lex.*.c
@@ -109,7 +113,7 @@ index dfa6fc6..6af9546 100644
109 logo_*.c 113 logo_*.c
110 logo_*_clut224.c 114 logo_*_clut224.c
111 logo_*_mono.c 115 logo_*_mono.c
112@@ -166,14 +181,15 @@ machtypes.h 116@@ -166,14 +182,15 @@ machtypes.h
113 map 117 map
114 map_hugetlb 118 map_hugetlb
115 maui_boot.h 119 maui_boot.h
@@ -126,7 +130,7 @@ index dfa6fc6..6af9546 100644
126 mkprep 130 mkprep
127 mkregtable 131 mkregtable
128 mktables 132 mktables
129@@ -209,6 +225,7 @@ r300_reg_safe.h 133@@ -209,6 +226,7 @@ r300_reg_safe.h
130 r420_reg_safe.h 134 r420_reg_safe.h
131 r600_reg_safe.h 135 r600_reg_safe.h
132 recordmcount 136 recordmcount
@@ -134,7 +138,7 @@ index dfa6fc6..6af9546 100644
134 relocs 138 relocs
135 rlim_names.h 139 rlim_names.h
136 rn50_reg_safe.h 140 rn50_reg_safe.h
137@@ -219,6 +236,7 @@ setup 141@@ -219,6 +237,7 @@ setup
138 setup.bin 142 setup.bin
139 setup.elf 143 setup.elf
140 sImage 144 sImage
@@ -142,7 +146,7 @@ index dfa6fc6..6af9546 100644
142 sm_tbl* 146 sm_tbl*
143 split-include 147 split-include
144 syscalltab.h 148 syscalltab.h
145@@ -229,6 +247,7 @@ tftpboot.img 149@@ -229,6 +248,7 @@ tftpboot.img
146 timeconst.h 150 timeconst.h
147 times.h* 151 times.h*
148 trix_boot.h 152 trix_boot.h
@@ -150,7 +154,7 @@ index dfa6fc6..6af9546 100644
150 utsrelease.h* 154 utsrelease.h*
151 vdso-syms.lds 155 vdso-syms.lds
152 vdso.lds 156 vdso.lds
153@@ -246,7 +265,9 @@ vmlinux 157@@ -246,7 +266,9 @@ vmlinux
154 vmlinux-* 158 vmlinux-*
155 vmlinux.aout 159 vmlinux.aout
156 vmlinux.bin.all 160 vmlinux.bin.all
@@ -160,7 +164,7 @@ index dfa6fc6..6af9546 100644
160 vmlinuz 164 vmlinuz
161 voffset.h 165 voffset.h
162 vsyscall.lds 166 vsyscall.lds
163@@ -254,9 +275,11 @@ vsyscall_32.lds 167@@ -254,9 +276,11 @@ vsyscall_32.lds
164 wanxlfw.inc 168 wanxlfw.inc
165 uImage 169 uImage
166 unifdef 170 unifdef
@@ -191,7 +195,7 @@ index 81c287f..d456d02 100644
191 195
192 pcd. [PARIDE] 196 pcd. [PARIDE]
193diff --git a/Makefile b/Makefile 197diff --git a/Makefile b/Makefile
194index 4b76371..53aa79c 100644 198index 15e80f1..4fb87db 100644
195--- a/Makefile 199--- a/Makefile
196+++ b/Makefile 200+++ b/Makefile
197@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ 201@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -217,7 +221,7 @@ index 4b76371..53aa79c 100644
217 $(Q)$(MAKE) $(build)=scripts/basic 221 $(Q)$(MAKE) $(build)=scripts/basic
218 $(Q)rm -f .tmp_quiet_recordmcount 222 $(Q)rm -f .tmp_quiet_recordmcount
219 223
220@@ -564,6 +565,50 @@ else 224@@ -564,6 +565,53 @@ else
221 KBUILD_CFLAGS += -O2 225 KBUILD_CFLAGS += -O2
222 endif 226 endif
223 227
@@ -244,10 +248,13 @@ index 4b76371..53aa79c 100644
244+endif 248+endif
245+endif 249+endif
246+COLORIZE_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/colorize_plugin.so 250+COLORIZE_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/colorize_plugin.so
251+ifdef CONFIG_PAX_SIZE_OVERFLOW
252+SIZE_OVERFLOW_PLUGIN_CFLAGS := -fplugin=$(objtree)/tools/gcc/size_overflow_plugin.so -DSIZE_OVERFLOW_PLUGIN
253+endif
247+GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS) 254+GCC_PLUGINS_CFLAGS := $(CONSTIFY_PLUGIN_CFLAGS) $(STACKLEAK_PLUGIN_CFLAGS) $(KALLOCSTAT_PLUGIN_CFLAGS)
248+GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) 255+GCC_PLUGINS_CFLAGS += $(KERNEXEC_PLUGIN_CFLAGS) $(CHECKER_PLUGIN_CFLAGS) $(COLORIZE_PLUGIN_CFLAGS) $(SIZE_OVERFLOW_PLUGIN_CFLAGS)
249+GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS) 256+GCC_PLUGINS_AFLAGS := $(KERNEXEC_PLUGIN_AFLAGS)
250+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN 257+export CONSTIFY_PLUGIN STACKLEAK_PLUGIN KERNEXEC_PLUGIN CHECKER_PLUGIN SIZE_OVERFLOW_PLUGIN
251+ifeq ($(KBUILD_EXTMOD),) 258+ifeq ($(KBUILD_EXTMOD),)
252+gcc-plugins: 259+gcc-plugins:
253+ $(Q)$(MAKE) $(build)=tools/gcc 260+ $(Q)$(MAKE) $(build)=tools/gcc
@@ -268,7 +275,7 @@ index 4b76371..53aa79c 100644
268 include $(srctree)/arch/$(SRCARCH)/Makefile 275 include $(srctree)/arch/$(SRCARCH)/Makefile
269 276
270 ifneq ($(CONFIG_FRAME_WARN),0) 277 ifneq ($(CONFIG_FRAME_WARN),0)
271@@ -708,7 +753,7 @@ export mod_strip_cmd 278@@ -708,7 +756,7 @@ export mod_strip_cmd
272 279
273 280
274 ifeq ($(KBUILD_EXTMOD),) 281 ifeq ($(KBUILD_EXTMOD),)
@@ -277,7 +284,7 @@ index 4b76371..53aa79c 100644
277 284
278 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \ 285 vmlinux-dirs := $(patsubst %/,%,$(filter %/, $(init-y) $(init-m) \
279 $(core-y) $(core-m) $(drivers-y) $(drivers-m) \ 286 $(core-y) $(core-m) $(drivers-y) $(drivers-m) \
280@@ -932,6 +977,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE 287@@ -932,6 +980,8 @@ vmlinux.o: $(modpost-init) $(vmlinux-main) FORCE
281 288
282 # The actual objects are generated when descending, 289 # The actual objects are generated when descending,
283 # make sure no implicit rule kicks in 290 # make sure no implicit rule kicks in
@@ -286,7 +293,7 @@ index 4b76371..53aa79c 100644
286 $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; 293 $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
287 294
288 # Handle descending into subdirectories listed in $(vmlinux-dirs) 295 # Handle descending into subdirectories listed in $(vmlinux-dirs)
289@@ -941,7 +988,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ; 296@@ -941,7 +991,7 @@ $(sort $(vmlinux-init) $(vmlinux-main)) $(vmlinux-lds): $(vmlinux-dirs) ;
290 # Error messages still appears in the original language 297 # Error messages still appears in the original language
291 298
292 PHONY += $(vmlinux-dirs) 299 PHONY += $(vmlinux-dirs)
@@ -295,7 +302,7 @@ index 4b76371..53aa79c 100644
295 $(Q)$(MAKE) $(build)=$@ 302 $(Q)$(MAKE) $(build)=$@
296 303
297 # Store (new) KERNELRELASE string in include/config/kernel.release 304 # Store (new) KERNELRELASE string in include/config/kernel.release
298@@ -985,6 +1032,7 @@ prepare0: archprepare FORCE 305@@ -985,6 +1035,7 @@ prepare0: archprepare FORCE
299 $(Q)$(MAKE) $(build)=. 306 $(Q)$(MAKE) $(build)=.
300 307
301 # All the preparing.. 308 # All the preparing..
@@ -303,7 +310,7 @@ index 4b76371..53aa79c 100644
303 prepare: prepare0 310 prepare: prepare0
304 311
305 # Generate some files 312 # Generate some files
306@@ -1086,6 +1134,8 @@ all: modules 313@@ -1086,6 +1137,8 @@ all: modules
307 # using awk while concatenating to the final file. 314 # using awk while concatenating to the final file.
308 315
309 PHONY += modules 316 PHONY += modules
@@ -312,7 +319,7 @@ index 4b76371..53aa79c 100644
312 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin 319 modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
313 $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order 320 $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order
314 @$(kecho) ' Building modules, stage 2.'; 321 @$(kecho) ' Building modules, stage 2.';
315@@ -1101,7 +1151,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) 322@@ -1101,7 +1154,7 @@ modules.builtin: $(vmlinux-dirs:%=%/modules.builtin)
316 323
317 # Target to prepare building external modules 324 # Target to prepare building external modules
318 PHONY += modules_prepare 325 PHONY += modules_prepare
@@ -321,7 +328,7 @@ index 4b76371..53aa79c 100644
321 328
322 # Target to install modules 329 # Target to install modules
323 PHONY += modules_install 330 PHONY += modules_install
324@@ -1198,6 +1248,7 @@ distclean: mrproper 331@@ -1198,6 +1251,7 @@ distclean: mrproper
325 \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ 332 \( -name '*.orig' -o -name '*.rej' -o -name '*~' \
326 -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ 333 -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \
327 -o -name '.*.rej' \ 334 -o -name '.*.rej' \
@@ -329,7 +336,7 @@ index 4b76371..53aa79c 100644
329 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \ 336 -o -name '*%' -o -name '.*.cmd' -o -name 'core' \) \
330 -type f -print | xargs rm -f 337 -type f -print | xargs rm -f
331 338
332@@ -1358,6 +1409,8 @@ PHONY += $(module-dirs) modules 339@@ -1358,6 +1412,8 @@ PHONY += $(module-dirs) modules
333 $(module-dirs): crmodverdir $(objtree)/Module.symvers 340 $(module-dirs): crmodverdir $(objtree)/Module.symvers
334 $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@) 341 $(Q)$(MAKE) $(build)=$(patsubst _module_%,%,$@)
335 342
@@ -338,7 +345,7 @@ index 4b76371..53aa79c 100644
338 modules: $(module-dirs) 345 modules: $(module-dirs)
339 @$(kecho) ' Building modules, stage 2.'; 346 @$(kecho) ' Building modules, stage 2.';
340 $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost 347 $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
341@@ -1484,17 +1537,21 @@ else 348@@ -1484,17 +1540,21 @@ else
342 target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@)) 349 target-dir = $(if $(KBUILD_EXTMOD),$(dir $<),$(dir $@))
343 endif 350 endif
344 351
@@ -364,7 +371,7 @@ index 4b76371..53aa79c 100644
364 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) 371 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
365 %.symtypes: %.c prepare scripts FORCE 372 %.symtypes: %.c prepare scripts FORCE
366 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@) 373 $(Q)$(MAKE) $(build)=$(build-dir) $(target-dir)$(notdir $@)
367@@ -1504,11 +1561,15 @@ endif 374@@ -1504,11 +1564,15 @@ endif
368 $(cmd_crmodverdir) 375 $(cmd_crmodverdir)
369 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \ 376 $(Q)$(MAKE) KBUILD_MODULES=$(if $(CONFIG_MODULES),1) \
370 $(build)=$(build-dir) 377 $(build)=$(build-dir)
@@ -4636,7 +4643,7 @@ index f92602e..27060b2 100644
4636 config SPARC64 4643 config SPARC64
4637 def_bool 64BIT 4644 def_bool 64BIT
4638diff --git a/arch/sparc/Makefile b/arch/sparc/Makefile 4645diff --git a/arch/sparc/Makefile b/arch/sparc/Makefile
4639index ad1fb5d..fc5315b 100644 4646index eddcfb3..b117d90 100644
4640--- a/arch/sparc/Makefile 4647--- a/arch/sparc/Makefile
4641+++ b/arch/sparc/Makefile 4648+++ b/arch/sparc/Makefile
4642@@ -75,7 +75,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc/oprofile/ 4649@@ -75,7 +75,7 @@ drivers-$(CONFIG_OPROFILE) += arch/sparc/oprofile/
@@ -10010,6 +10017,18 @@ index cc70c1c..d96d011 100644
10010+extern void machine_emergency_restart(void) __noreturn; 10017+extern void machine_emergency_restart(void) __noreturn;
10011 10018
10012 #endif /* _ASM_X86_EMERGENCY_RESTART_H */ 10019 #endif /* _ASM_X86_EMERGENCY_RESTART_H */
10020diff --git a/arch/x86/include/asm/floppy.h b/arch/x86/include/asm/floppy.h
10021index dbe82a5..c6d8a00 100644
10022--- a/arch/x86/include/asm/floppy.h
10023+++ b/arch/x86/include/asm/floppy.h
10024@@ -157,6 +157,7 @@ static unsigned long dma_mem_alloc(unsigned long size)
10025 }
10026
10027
10028+static unsigned long vdma_mem_alloc(unsigned long size) __size_overflow(1);
10029 static unsigned long vdma_mem_alloc(unsigned long size)
10030 {
10031 return (unsigned long)vmalloc(size);
10013diff --git a/arch/x86/include/asm/futex.h b/arch/x86/include/asm/futex.h 10032diff --git a/arch/x86/include/asm/futex.h b/arch/x86/include/asm/futex.h
10014index d09bb03..4ea4194 100644 10033index d09bb03..4ea4194 100644
10015--- a/arch/x86/include/asm/futex.h 10034--- a/arch/x86/include/asm/futex.h
@@ -10183,7 +10202,7 @@ index 5478825..839e88c 100644
10183 #define flush_insn_slot(p) do { } while (0) 10202 #define flush_insn_slot(p) do { } while (0)
10184 10203
10185diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h 10204diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
10186index b4973f4..7c4d3fc 100644 10205index b4973f4..a42170a 100644
10187--- a/arch/x86/include/asm/kvm_host.h 10206--- a/arch/x86/include/asm/kvm_host.h
10188+++ b/arch/x86/include/asm/kvm_host.h 10207+++ b/arch/x86/include/asm/kvm_host.h
10189@@ -459,7 +459,7 @@ struct kvm_arch { 10208@@ -459,7 +459,7 @@ struct kvm_arch {
@@ -10204,6 +10223,36 @@ index b4973f4..7c4d3fc 100644
10204 10223
10205 struct kvm_arch_async_pf { 10224 struct kvm_arch_async_pf {
10206 u32 token; 10225 u32 token;
10226@@ -667,9 +667,9 @@ void kvm_mmu_change_mmu_pages(struct kvm *kvm, unsigned int kvm_nr_mmu_pages);
10227 int load_pdptrs(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, unsigned long cr3);
10228
10229 int emulator_write_phys(struct kvm_vcpu *vcpu, gpa_t gpa,
10230- const void *val, int bytes);
10231+ const void *val, int bytes) __size_overflow(2);
10232 int kvm_pv_mmu_op(struct kvm_vcpu *vcpu, unsigned long bytes,
10233- gpa_t addr, unsigned long *ret);
10234+ gpa_t addr, unsigned long *ret) __size_overflow(2,3);
10235 u8 kvm_get_guest_memory_type(struct kvm_vcpu *vcpu, gfn_t gfn);
10236
10237 extern bool tdp_enabled;
10238@@ -730,7 +730,7 @@ void kvm_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l);
10239 int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr);
10240
10241 int kvm_get_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata);
10242-int kvm_set_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 data);
10243+int kvm_set_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 data) __size_overflow(3);
10244
10245 unsigned long kvm_get_rflags(struct kvm_vcpu *vcpu);
10246 void kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags);
10247@@ -755,7 +755,7 @@ int fx_init(struct kvm_vcpu *vcpu);
10248 void kvm_mmu_flush_tlb(struct kvm_vcpu *vcpu);
10249 void kvm_mmu_pte_write(struct kvm_vcpu *vcpu, gpa_t gpa,
10250 const u8 *new, int bytes,
10251- bool guest_initiated);
10252+ bool guest_initiated) __size_overflow(2);
10253 int kvm_mmu_unprotect_page_virt(struct kvm_vcpu *vcpu, gva_t gva);
10254 void __kvm_mmu_free_some_pages(struct kvm_vcpu *vcpu);
10255 int kvm_mmu_load(struct kvm_vcpu *vcpu);
10207diff --git a/arch/x86/include/asm/local.h b/arch/x86/include/asm/local.h 10256diff --git a/arch/x86/include/asm/local.h b/arch/x86/include/asm/local.h
10208index 9cdae5d..300d20f 100644 10257index 9cdae5d..300d20f 100644
10209--- a/arch/x86/include/asm/local.h 10258--- a/arch/x86/include/asm/local.h
@@ -11804,6 +11853,19 @@ index cb23852..2dde194 100644
11804 asmlinkage long sys32_sysfs(int, u32, u32); 11853 asmlinkage long sys32_sysfs(int, u32, u32);
11805 11854
11806 asmlinkage long sys32_sched_rr_get_interval(compat_pid_t, 11855 asmlinkage long sys32_sched_rr_get_interval(compat_pid_t,
11856diff --git a/arch/x86/include/asm/syscalls.h b/arch/x86/include/asm/syscalls.h
11857index f1d8b44..a4de8b7 100644
11858--- a/arch/x86/include/asm/syscalls.h
11859+++ b/arch/x86/include/asm/syscalls.h
11860@@ -30,7 +30,7 @@ long sys_clone(unsigned long, unsigned long, void __user *,
11861 void __user *, struct pt_regs *);
11862
11863 /* kernel/ldt.c */
11864-asmlinkage int sys_modify_ldt(int, void __user *, unsigned long);
11865+asmlinkage int sys_modify_ldt(int, void __user *, unsigned long) __size_overflow(3);
11866
11867 /* kernel/signal.c */
11868 long sys_rt_sigreturn(struct pt_regs *);
11807diff --git a/arch/x86/include/asm/system.h b/arch/x86/include/asm/system.h 11869diff --git a/arch/x86/include/asm/system.h b/arch/x86/include/asm/system.h
11808index 2d2f01c..f985723 100644 11870index 2d2f01c..f985723 100644
11809--- a/arch/x86/include/asm/system.h 11871--- a/arch/x86/include/asm/system.h
@@ -12237,11 +12299,36 @@ index 36361bf..324f262 100644
12237 12299
12238 #ifdef CONFIG_X86_WP_WORKS_OK 12300 #ifdef CONFIG_X86_WP_WORKS_OK
12239diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h 12301diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h
12240index 566e803..b9521e9 100644 12302index 566e803..4414921 100644
12241--- a/arch/x86/include/asm/uaccess_32.h 12303--- a/arch/x86/include/asm/uaccess_32.h
12242+++ b/arch/x86/include/asm/uaccess_32.h 12304+++ b/arch/x86/include/asm/uaccess_32.h
12243@@ -43,6 +43,9 @@ unsigned long __must_check __copy_from_user_ll_nocache_nozero 12305@@ -11,15 +11,15 @@
12306 #include <asm/page.h>
12307
12308 unsigned long __must_check __copy_to_user_ll
12309- (void __user *to, const void *from, unsigned long n);
12310+ (void __user *to, const void *from, unsigned long n) __size_overflow(3);
12311 unsigned long __must_check __copy_from_user_ll
12312- (void *to, const void __user *from, unsigned long n);
12313+ (void *to, const void __user *from, unsigned long n) __size_overflow(3);
12314 unsigned long __must_check __copy_from_user_ll_nozero
12315- (void *to, const void __user *from, unsigned long n);
12316+ (void *to, const void __user *from, unsigned long n) __size_overflow(3);
12317 unsigned long __must_check __copy_from_user_ll_nocache
12318- (void *to, const void __user *from, unsigned long n);
12319+ (void *to, const void __user *from, unsigned long n) __size_overflow(3);
12320 unsigned long __must_check __copy_from_user_ll_nocache_nozero
12321- (void *to, const void __user *from, unsigned long n);
12322+ (void *to, const void __user *from, unsigned long n) __size_overflow(3);
12323
12324 /**
12325 * __copy_to_user_inatomic: - Copy a block of data into user space, with less checking.
12326@@ -41,8 +41,13 @@ unsigned long __must_check __copy_from_user_ll_nocache_nozero
12327 */
12328
12244 static __always_inline unsigned long __must_check 12329 static __always_inline unsigned long __must_check
12330+__copy_to_user_inatomic(void __user *to, const void *from, unsigned long n) __size_overflow(3);
12331+static __always_inline unsigned long __must_check
12245 __copy_to_user_inatomic(void __user *to, const void *from, unsigned long n) 12332 __copy_to_user_inatomic(void __user *to, const void *from, unsigned long n)
12246 { 12333 {
12247+ if ((long)n < 0) 12334+ if ((long)n < 0)
@@ -12250,7 +12337,7 @@ index 566e803..b9521e9 100644
12250 if (__builtin_constant_p(n)) { 12337 if (__builtin_constant_p(n)) {
12251 unsigned long ret; 12338 unsigned long ret;
12252 12339
12253@@ -61,6 +64,8 @@ __copy_to_user_inatomic(void __user *to, const void *from, unsigned long n) 12340@@ -61,6 +66,8 @@ __copy_to_user_inatomic(void __user *to, const void *from, unsigned long n)
12254 return ret; 12341 return ret;
12255 } 12342 }
12256 } 12343 }
@@ -12259,7 +12346,12 @@ index 566e803..b9521e9 100644
12259 return __copy_to_user_ll(to, from, n); 12346 return __copy_to_user_ll(to, from, n);
12260 } 12347 }
12261 12348
12262@@ -82,12 +87,16 @@ static __always_inline unsigned long __must_check 12349@@ -79,15 +86,23 @@ __copy_to_user_inatomic(void __user *to, const void *from, unsigned long n)
12350 * On success, this will be zero.
12351 */
12352 static __always_inline unsigned long __must_check
12353+__copy_to_user(void __user *to, const void *from, unsigned long n) __size_overflow(3);
12354+static __always_inline unsigned long __must_check
12263 __copy_to_user(void __user *to, const void *from, unsigned long n) 12355 __copy_to_user(void __user *to, const void *from, unsigned long n)
12264 { 12356 {
12265 might_fault(); 12357 might_fault();
@@ -12268,6 +12360,8 @@ index 566e803..b9521e9 100644
12268 } 12360 }
12269 12361
12270 static __always_inline unsigned long 12362 static __always_inline unsigned long
12363+__copy_from_user_inatomic(void *to, const void __user *from, unsigned long n) __size_overflow(3);
12364+static __always_inline unsigned long
12271 __copy_from_user_inatomic(void *to, const void __user *from, unsigned long n) 12365 __copy_from_user_inatomic(void *to, const void __user *from, unsigned long n)
12272 { 12366 {
12273+ if ((long)n < 0) 12367+ if ((long)n < 0)
@@ -12276,7 +12370,12 @@ index 566e803..b9521e9 100644
12276 /* Avoid zeroing the tail if the copy fails.. 12370 /* Avoid zeroing the tail if the copy fails..
12277 * If 'n' is constant and 1, 2, or 4, we do still zero on a failure, 12371 * If 'n' is constant and 1, 2, or 4, we do still zero on a failure,
12278 * but as the zeroing behaviour is only significant when n is not 12372 * but as the zeroing behaviour is only significant when n is not
12279@@ -137,6 +146,10 @@ static __always_inline unsigned long 12373@@ -134,9 +149,15 @@ __copy_from_user_inatomic(void *to, const void __user *from, unsigned long n)
12374 * for explanation of why this is needed.
12375 */
12376 static __always_inline unsigned long
12377+__copy_from_user(void *to, const void __user *from, unsigned long n) __size_overflow(3);
12378+static __always_inline unsigned long
12280 __copy_from_user(void *to, const void __user *from, unsigned long n) 12379 __copy_from_user(void *to, const void __user *from, unsigned long n)
12281 { 12380 {
12282 might_fault(); 12381 might_fault();
@@ -12287,7 +12386,7 @@ index 566e803..b9521e9 100644
12287 if (__builtin_constant_p(n)) { 12386 if (__builtin_constant_p(n)) {
12288 unsigned long ret; 12387 unsigned long ret;
12289 12388
12290@@ -152,6 +165,8 @@ __copy_from_user(void *to, const void __user *from, unsigned long n) 12389@@ -152,13 +173,21 @@ __copy_from_user(void *to, const void __user *from, unsigned long n)
12291 return ret; 12390 return ret;
12292 } 12391 }
12293 } 12392 }
@@ -12296,7 +12395,9 @@ index 566e803..b9521e9 100644
12296 return __copy_from_user_ll(to, from, n); 12395 return __copy_from_user_ll(to, from, n);
12297 } 12396 }
12298 12397
12299@@ -159,6 +174,10 @@ static __always_inline unsigned long __copy_from_user_nocache(void *to, 12398 static __always_inline unsigned long __copy_from_user_nocache(void *to,
12399+ const void __user *from, unsigned long n) __size_overflow(3);
12400+static __always_inline unsigned long __copy_from_user_nocache(void *to,
12300 const void __user *from, unsigned long n) 12401 const void __user *from, unsigned long n)
12301 { 12402 {
12302 might_fault(); 12403 might_fault();
@@ -12307,8 +12408,13 @@ index 566e803..b9521e9 100644
12307 if (__builtin_constant_p(n)) { 12408 if (__builtin_constant_p(n)) {
12308 unsigned long ret; 12409 unsigned long ret;
12309 12410
12310@@ -181,15 +200,19 @@ static __always_inline unsigned long 12411@@ -179,17 +208,24 @@ static __always_inline unsigned long __copy_from_user_nocache(void *to,
12412
12413 static __always_inline unsigned long
12311 __copy_from_user_inatomic_nocache(void *to, const void __user *from, 12414 __copy_from_user_inatomic_nocache(void *to, const void __user *from,
12415+ unsigned long n) __size_overflow(3);
12416+static __always_inline unsigned long
12417+__copy_from_user_inatomic_nocache(void *to, const void __user *from,
12312 unsigned long n) 12418 unsigned long n)
12313 { 12419 {
12314- return __copy_from_user_ll_nocache_nozero(to, from, n); 12420- return __copy_from_user_ll_nocache_nozero(to, from, n);
@@ -12334,7 +12440,7 @@ index 566e803..b9521e9 100644
12334 12440
12335 extern void copy_from_user_overflow(void) 12441 extern void copy_from_user_overflow(void)
12336 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS 12442 #ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
12337@@ -199,17 +222,61 @@ extern void copy_from_user_overflow(void) 12443@@ -199,24 +235,72 @@ extern void copy_from_user_overflow(void)
12338 #endif 12444 #endif
12339 ; 12445 ;
12340 12446
@@ -12355,6 +12461,8 @@ index 566e803..b9521e9 100644
12355+ * On success, this will be zero. 12461+ * On success, this will be zero.
12356+ */ 12462+ */
12357+static inline unsigned long __must_check 12463+static inline unsigned long __must_check
12464+copy_to_user(void __user *to, const void *from, unsigned long n) __size_overflow(3);
12465+static inline unsigned long __must_check
12358+copy_to_user(void __user *to, const void *from, unsigned long n) 12466+copy_to_user(void __user *to, const void *from, unsigned long n)
12359+{ 12467+{
12360+ int sz = __compiletime_object_size(from); 12468+ int sz = __compiletime_object_size(from);
@@ -12383,6 +12491,8 @@ index 566e803..b9521e9 100644
12383+ * data to the requested size using zero bytes. 12491+ * data to the requested size using zero bytes.
12384+ */ 12492+ */
12385+static inline unsigned long __must_check 12493+static inline unsigned long __must_check
12494+copy_from_user(void *to, const void __user *from, unsigned long n) __size_overflow(3);
12495+static inline unsigned long __must_check
12386+copy_from_user(void *to, const void __user *from, unsigned long n) 12496+copy_from_user(void *to, const void __user *from, unsigned long n)
12387 { 12497 {
12388 int sz = __compiletime_object_size(to); 12498 int sz = __compiletime_object_size(to);
@@ -12403,8 +12513,29 @@ index 566e803..b9521e9 100644
12403 return n; 12513 return n;
12404 } 12514 }
12405 12515
12516 long __must_check strncpy_from_user(char *dst, const char __user *src,
12517- long count);
12518+ unsigned long count) __size_overflow(3);
12519 long __must_check __strncpy_from_user(char *dst,
12520- const char __user *src, long count);
12521+ const char __user *src, unsigned long count) __size_overflow(3);
12522
12523 /**
12524 * strlen_user: - Get the size of a string in user space.
12525@@ -234,8 +318,8 @@ long __must_check __strncpy_from_user(char *dst,
12526 */
12527 #define strlen_user(str) strnlen_user(str, LONG_MAX)
12528
12529-long strnlen_user(const char __user *str, long n);
12530-unsigned long __must_check clear_user(void __user *mem, unsigned long len);
12531-unsigned long __must_check __clear_user(void __user *mem, unsigned long len);
12532+long strnlen_user(const char __user *str, unsigned long n);
12533+unsigned long __must_check clear_user(void __user *mem, unsigned long len) __size_overflow(2);
12534+unsigned long __must_check __clear_user(void __user *mem, unsigned long len) __size_overflow(2);
12535
12536 #endif /* _ASM_X86_UACCESS_32_H */
12406diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h 12537diff --git a/arch/x86/include/asm/uaccess_64.h b/arch/x86/include/asm/uaccess_64.h
12407index 1c66d30..e66922c 100644 12538index 1c66d30..2582764 100644
12408--- a/arch/x86/include/asm/uaccess_64.h 12539--- a/arch/x86/include/asm/uaccess_64.h
12409+++ b/arch/x86/include/asm/uaccess_64.h 12540+++ b/arch/x86/include/asm/uaccess_64.h
12410@@ -10,6 +10,9 @@ 12541@@ -10,6 +10,9 @@
@@ -12417,23 +12548,25 @@ index 1c66d30..e66922c 100644
12417 12548
12418 /* 12549 /*
12419 * Copy To/From Userspace 12550 * Copy To/From Userspace
12420@@ -17,12 +20,12 @@ 12551@@ -17,12 +20,14 @@
12421 12552
12422 /* Handles exceptions in both to and from, but doesn't do access_ok */ 12553 /* Handles exceptions in both to and from, but doesn't do access_ok */
12423 __must_check unsigned long 12554 __must_check unsigned long
12424-copy_user_generic_string(void *to, const void *from, unsigned len); 12555-copy_user_generic_string(void *to, const void *from, unsigned len);
12425+copy_user_generic_string(void *to, const void *from, unsigned long len); 12556+copy_user_generic_string(void *to, const void *from, unsigned long len) __size_overflow(3);
12426 __must_check unsigned long 12557 __must_check unsigned long
12427-copy_user_generic_unrolled(void *to, const void *from, unsigned len); 12558-copy_user_generic_unrolled(void *to, const void *from, unsigned len);
12428+copy_user_generic_unrolled(void *to, const void *from, unsigned long len); 12559+copy_user_generic_unrolled(void *to, const void *from, unsigned long len) __size_overflow(3);
12429 12560
12430 static __always_inline __must_check unsigned long 12561 static __always_inline __must_check unsigned long
12431-copy_user_generic(void *to, const void *from, unsigned len) 12562-copy_user_generic(void *to, const void *from, unsigned len)
12563+copy_user_generic(void *to, const void *from, unsigned long len) __size_overflow(3);
12564+static __always_inline __must_check unsigned long
12432+copy_user_generic(void *to, const void *from, unsigned long len) 12565+copy_user_generic(void *to, const void *from, unsigned long len)
12433 { 12566 {
12434 unsigned ret; 12567 unsigned ret;
12435 12568
12436@@ -32,142 +35,226 @@ copy_user_generic(void *to, const void *from, unsigned len) 12569@@ -32,142 +37,237 @@ copy_user_generic(void *to, const void *from, unsigned len)
12437 ASM_OUTPUT2("=a" (ret), "=D" (to), "=S" (from), 12570 ASM_OUTPUT2("=a" (ret), "=D" (to), "=S" (from),
12438 "=d" (len)), 12571 "=d" (len)),
12439 "1" (to), "2" (from), "3" (len) 12572 "1" (to), "2" (from), "3" (len)
@@ -12443,19 +12576,22 @@ index 1c66d30..e66922c 100644
12443 } 12576 }
12444 12577
12445+static __always_inline __must_check unsigned long 12578+static __always_inline __must_check unsigned long
12446+__copy_to_user(void __user *to, const void *from, unsigned long len); 12579+__copy_to_user(void __user *to, const void *from, unsigned long len) __size_overflow(3);
12447+static __always_inline __must_check unsigned long 12580+static __always_inline __must_check unsigned long
12448+__copy_from_user(void *to, const void __user *from, unsigned long len); 12581+__copy_from_user(void *to, const void __user *from, unsigned long len) __size_overflow(3);
12449 __must_check unsigned long 12582 __must_check unsigned long
12450-_copy_to_user(void __user *to, const void *from, unsigned len); 12583-_copy_to_user(void __user *to, const void *from, unsigned len);
12451-__must_check unsigned long 12584-__must_check unsigned long
12452-_copy_from_user(void *to, const void __user *from, unsigned len); 12585-_copy_from_user(void *to, const void __user *from, unsigned len);
12453-__must_check unsigned long 12586-__must_check unsigned long
12454-copy_in_user(void __user *to, const void __user *from, unsigned len); 12587-copy_in_user(void __user *to, const void __user *from, unsigned len);
12455+copy_in_user(void __user *to, const void __user *from, unsigned long len); 12588+copy_in_user(void __user *to, const void __user *from, unsigned long len) __size_overflow(3);
12456 12589
12457 static inline unsigned long __must_check copy_from_user(void *to, 12590 static inline unsigned long __must_check copy_from_user(void *to,
12458 const void __user *from, 12591 const void __user *from,
12592+ unsigned long n) __size_overflow(3);
12593+static inline unsigned long __must_check copy_from_user(void *to,
12594+ const void __user *from,
12459 unsigned long n) 12595 unsigned long n)
12460 { 12596 {
12461- int sz = __compiletime_object_size(to); 12597- int sz = __compiletime_object_size(to);
@@ -12480,6 +12616,8 @@ index 1c66d30..e66922c 100644
12480 12616
12481 static __always_inline __must_check 12617 static __always_inline __must_check
12482-int copy_to_user(void __user *dst, const void *src, unsigned size) 12618-int copy_to_user(void __user *dst, const void *src, unsigned size)
12619+int copy_to_user(void __user *dst, const void *src, unsigned long size) __size_overflow(3);
12620+static __always_inline __must_check
12483+int copy_to_user(void __user *dst, const void *src, unsigned long size) 12621+int copy_to_user(void __user *dst, const void *src, unsigned long size)
12484 { 12622 {
12485 might_fault(); 12623 might_fault();
@@ -12492,6 +12630,8 @@ index 1c66d30..e66922c 100644
12492 12630
12493 static __always_inline __must_check 12631 static __always_inline __must_check
12494-int __copy_from_user(void *dst, const void __user *src, unsigned size) 12632-int __copy_from_user(void *dst, const void __user *src, unsigned size)
12633+unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long size) __size_overflow(3);
12634+static __always_inline __must_check
12495+unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long size) 12635+unsigned long __copy_from_user(void *dst, const void __user *src, unsigned long size)
12496 { 12636 {
12497- int ret = 0; 12637- int ret = 0;
@@ -12580,6 +12720,8 @@ index 1c66d30..e66922c 100644
12580 12720
12581 static __always_inline __must_check 12721 static __always_inline __must_check
12582-int __copy_to_user(void __user *dst, const void *src, unsigned size) 12722-int __copy_to_user(void __user *dst, const void *src, unsigned size)
12723+unsigned long __copy_to_user(void __user *dst, const void *src, unsigned long size) __size_overflow(3);
12724+static __always_inline __must_check
12583+unsigned long __copy_to_user(void __user *dst, const void *src, unsigned long size) 12725+unsigned long __copy_to_user(void __user *dst, const void *src, unsigned long size)
12584 { 12726 {
12585- int ret = 0; 12727- int ret = 0;
@@ -12668,6 +12810,8 @@ index 1c66d30..e66922c 100644
12668 12810
12669 static __always_inline __must_check 12811 static __always_inline __must_check
12670-int __copy_in_user(void __user *dst, const void __user *src, unsigned size) 12812-int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
12813+unsigned long __copy_in_user(void __user *dst, const void __user *src, unsigned long size) __size_overflow(3);
12814+static __always_inline __must_check
12671+unsigned long __copy_in_user(void __user *dst, const void __user *src, unsigned long size) 12815+unsigned long __copy_in_user(void __user *dst, const void __user *src, unsigned long size)
12672 { 12816 {
12673- int ret = 0; 12817- int ret = 0;
@@ -12708,7 +12852,7 @@ index 1c66d30..e66922c 100644
12708 ret, "b", "b", "=q", 1); 12852 ret, "b", "b", "=q", 1);
12709 if (likely(!ret)) 12853 if (likely(!ret))
12710 __put_user_asm(tmp, (u8 __user *)dst, 12854 __put_user_asm(tmp, (u8 __user *)dst,
12711@@ -176,7 +263,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size) 12855@@ -176,7 +276,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
12712 } 12856 }
12713 case 2: { 12857 case 2: {
12714 u16 tmp; 12858 u16 tmp;
@@ -12717,7 +12861,7 @@ index 1c66d30..e66922c 100644
12717 ret, "w", "w", "=r", 2); 12861 ret, "w", "w", "=r", 2);
12718 if (likely(!ret)) 12862 if (likely(!ret))
12719 __put_user_asm(tmp, (u16 __user *)dst, 12863 __put_user_asm(tmp, (u16 __user *)dst,
12720@@ -186,7 +273,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size) 12864@@ -186,7 +286,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
12721 12865
12722 case 4: { 12866 case 4: {
12723 u32 tmp; 12867 u32 tmp;
@@ -12726,7 +12870,7 @@ index 1c66d30..e66922c 100644
12726 ret, "l", "k", "=r", 4); 12870 ret, "l", "k", "=r", 4);
12727 if (likely(!ret)) 12871 if (likely(!ret))
12728 __put_user_asm(tmp, (u32 __user *)dst, 12872 __put_user_asm(tmp, (u32 __user *)dst,
12729@@ -195,7 +282,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size) 12873@@ -195,7 +295,7 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
12730 } 12874 }
12731 case 8: { 12875 case 8: {
12732 u64 tmp; 12876 u64 tmp;
@@ -12735,7 +12879,7 @@ index 1c66d30..e66922c 100644
12735 ret, "q", "", "=r", 8); 12879 ret, "q", "", "=r", 8);
12736 if (likely(!ret)) 12880 if (likely(!ret))
12737 __put_user_asm(tmp, (u64 __user *)dst, 12881 __put_user_asm(tmp, (u64 __user *)dst,
12738@@ -203,8 +290,16 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size) 12882@@ -203,51 +303,103 @@ int __copy_in_user(void __user *dst, const void __user *src, unsigned size)
12739 return ret; 12883 return ret;
12740 } 12884 }
12741 default: 12885 default:
@@ -12754,11 +12898,26 @@ index 1c66d30..e66922c 100644
12754 } 12898 }
12755 } 12899 }
12756 12900
12757@@ -219,35 +314,72 @@ __must_check unsigned long clear_user(void __user *mem, unsigned long len); 12901 __must_check long
12758 __must_check unsigned long __clear_user(void __user *mem, unsigned long len); 12902-strncpy_from_user(char *dst, const char __user *src, long count);
12903+strncpy_from_user(char *dst, const char __user *src, unsigned long count) __size_overflow(3);
12904 __must_check long
12905-__strncpy_from_user(char *dst, const char __user *src, long count);
12906-__must_check long strnlen_user(const char __user *str, long n);
12907-__must_check long __strnlen_user(const char __user *str, long n);
12908+__strncpy_from_user(char *dst, const char __user *src, unsigned long count) __size_overflow(3);
12909+__must_check long strnlen_user(const char __user *str, unsigned long n);
12910+__must_check long __strnlen_user(const char __user *str, unsigned long n);
12911 __must_check long strlen_user(const char __user *str);
12912-__must_check unsigned long clear_user(void __user *mem, unsigned long len);
12913-__must_check unsigned long __clear_user(void __user *mem, unsigned long len);
12914+__must_check unsigned long clear_user(void __user *mem, unsigned long len) __size_overflow(2);
12915+__must_check unsigned long __clear_user(void __user *mem, unsigned long len) __size_overflow(2);
12759 12916
12760 static __must_check __always_inline int 12917 static __must_check __always_inline int
12761-__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size) 12918-__copy_from_user_inatomic(void *dst, const void __user *src, unsigned size)
12919+__copy_from_user_inatomic(void *dst, const void __user *src, unsigned long size) __size_overflow(3);
12920+static __must_check __always_inline int
12762+__copy_from_user_inatomic(void *dst, const void __user *src, unsigned long size) 12921+__copy_from_user_inatomic(void *dst, const void __user *src, unsigned long size)
12763 { 12922 {
12764- return copy_user_generic(dst, (__force const void *)src, size); 12923- return copy_user_generic(dst, (__force const void *)src, size);
@@ -12779,6 +12938,8 @@ index 1c66d30..e66922c 100644
12779-static __must_check __always_inline int 12938-static __must_check __always_inline int
12780-__copy_to_user_inatomic(void __user *dst, const void *src, unsigned size) 12939-__copy_to_user_inatomic(void __user *dst, const void *src, unsigned size)
12781+static __must_check __always_inline unsigned long 12940+static __must_check __always_inline unsigned long
12941+__copy_to_user_inatomic(void __user *dst, const void *src, unsigned long size) __size_overflow(3);
12942+static __must_check __always_inline unsigned long
12782+__copy_to_user_inatomic(void __user *dst, const void *src, unsigned long size) 12943+__copy_to_user_inatomic(void __user *dst, const void *src, unsigned long size)
12783 { 12944 {
12784- return copy_user_generic((__force void *)dst, src, size); 12945- return copy_user_generic((__force void *)dst, src, size);
@@ -12799,10 +12960,11 @@ index 1c66d30..e66922c 100644
12799-extern long __copy_user_nocache(void *dst, const void __user *src, 12960-extern long __copy_user_nocache(void *dst, const void __user *src,
12800- unsigned size, int zerorest); 12961- unsigned size, int zerorest);
12801+extern unsigned long __copy_user_nocache(void *dst, const void __user *src, 12962+extern unsigned long __copy_user_nocache(void *dst, const void __user *src,
12802+ unsigned long size, int zerorest); 12963+ unsigned long size, int zerorest) __size_overflow(3);
12803 12964
12804-static inline int 12965-static inline int
12805-__copy_from_user_nocache(void *dst, const void __user *src, unsigned size) 12966-__copy_from_user_nocache(void *dst, const void __user *src, unsigned size)
12967+static inline unsigned long __copy_from_user_nocache(void *dst, const void __user *src, unsigned long size) __size_overflow(3);
12806+static inline unsigned long __copy_from_user_nocache(void *dst, const void __user *src, unsigned long size) 12968+static inline unsigned long __copy_from_user_nocache(void *dst, const void __user *src, unsigned long size)
12807 { 12969 {
12808 might_sleep(); 12970 might_sleep();
@@ -12822,6 +12984,8 @@ index 1c66d30..e66922c 100644
12822-__copy_from_user_inatomic_nocache(void *dst, const void __user *src, 12984-__copy_from_user_inatomic_nocache(void *dst, const void __user *src,
12823- unsigned size) 12985- unsigned size)
12824+static inline unsigned long __copy_from_user_inatomic_nocache(void *dst, const void __user *src, 12986+static inline unsigned long __copy_from_user_inatomic_nocache(void *dst, const void __user *src,
12987+ unsigned long size) __size_overflow(3);
12988+static inline unsigned long __copy_from_user_inatomic_nocache(void *dst, const void __user *src,
12825+ unsigned long size) 12989+ unsigned long size)
12826 { 12990 {
12827+ if (size > INT_MAX) 12991+ if (size > INT_MAX)
@@ -12838,7 +13002,7 @@ index 1c66d30..e66922c 100644
12838-unsigned long 13002-unsigned long
12839-copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest); 13003-copy_user_handle_tail(char *to, char *from, unsigned len, unsigned zerorest);
12840+extern unsigned long 13004+extern unsigned long
12841+copy_user_handle_tail(char __user *to, char __user *from, unsigned long len, unsigned zerorest); 13005+copy_user_handle_tail(char __user *to, char __user *from, unsigned long len, unsigned zerorest) __size_overflow(3);
12842 13006
12843 #endif /* _ASM_X86_UACCESS_64_H */ 13007 #endif /* _ASM_X86_UACCESS_64_H */
12844diff --git a/arch/x86/include/asm/vdso.h b/arch/x86/include/asm/vdso.h 13008diff --git a/arch/x86/include/asm/vdso.h b/arch/x86/include/asm/vdso.h
@@ -13596,6 +13760,19 @@ index 5231312..a78a987 100644
13596 load_idt(&idt_descr); 13760 load_idt(&idt_descr);
13597 } 13761 }
13598 #endif 13762 #endif
13763diff --git a/arch/x86/kernel/cpu/mcheck/mce-inject.c b/arch/x86/kernel/cpu/mcheck/mce-inject.c
13764index 319882e..993534e 100644
13765--- a/arch/x86/kernel/cpu/mcheck/mce-inject.c
13766+++ b/arch/x86/kernel/cpu/mcheck/mce-inject.c
13767@@ -173,6 +173,8 @@ static void raise_mce(struct mce *m)
13768
13769 /* Error injection interface */
13770 static ssize_t mce_write(struct file *filp, const char __user *ubuf,
13771+ size_t usize, loff_t *off) __size_overflow(3);
13772+static ssize_t mce_write(struct file *filp, const char __user *ubuf,
13773 size_t usize, loff_t *off)
13774 {
13775 struct mce m;
13599diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c 13776diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c
13600index 2af127d..8ff7ac0 100644 13777index 2af127d..8ff7ac0 100644
13601--- a/arch/x86/kernel/cpu/mcheck/mce.c 13778--- a/arch/x86/kernel/cpu/mcheck/mce.c
@@ -13765,6 +13942,19 @@ index 54060f5..c1a7577 100644
13765 /* Make sure the vector pointer is visible before we enable MCEs: */ 13942 /* Make sure the vector pointer is visible before we enable MCEs: */
13766 wmb(); 13943 wmb();
13767 13944
13945diff --git a/arch/x86/kernel/cpu/mtrr/if.c b/arch/x86/kernel/cpu/mtrr/if.c
13946index 7928963..1b16001 100644
13947--- a/arch/x86/kernel/cpu/mtrr/if.c
13948+++ b/arch/x86/kernel/cpu/mtrr/if.c
13949@@ -91,6 +91,8 @@ mtrr_file_del(unsigned long base, unsigned long size,
13950 * "base=%Lx size=%Lx type=%s" or "disable=%d"
13951 */
13952 static ssize_t
13953+mtrr_write(struct file *file, const char __user *buf, size_t len, loff_t * ppos) __size_overflow(3);
13954+static ssize_t
13955 mtrr_write(struct file *file, const char __user *buf, size_t len, loff_t * ppos)
13956 {
13957 int i, err;
13768diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c 13958diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c
13769index 6b96110..0da73eb 100644 13959index 6b96110..0da73eb 100644
13770--- a/arch/x86/kernel/cpu/mtrr/main.c 13960--- a/arch/x86/kernel/cpu/mtrr/main.c
@@ -16808,6 +16998,79 @@ index 9c3bd4a..e1d9b35 100644
16808+#ifdef CONFIG_PAX_KERNEXEC 16998+#ifdef CONFIG_PAX_KERNEXEC
16809+EXPORT_SYMBOL(__LOAD_PHYSICAL_ADDR); 16999+EXPORT_SYMBOL(__LOAD_PHYSICAL_ADDR);
16810+#endif 17000+#endif
17001diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c
17002index 739d859..d1d6be7 100644
17003--- a/arch/x86/kernel/i387.c
17004+++ b/arch/x86/kernel/i387.c
17005@@ -188,6 +188,9 @@ int xfpregs_active(struct task_struct *target, const struct user_regset *regset)
17006
17007 int xfpregs_get(struct task_struct *target, const struct user_regset *regset,
17008 unsigned int pos, unsigned int count,
17009+ void *kbuf, void __user *ubuf) __size_overflow(4);
17010+int xfpregs_get(struct task_struct *target, const struct user_regset *regset,
17011+ unsigned int pos, unsigned int count,
17012 void *kbuf, void __user *ubuf)
17013 {
17014 int ret;
17015@@ -207,6 +210,9 @@ int xfpregs_get(struct task_struct *target, const struct user_regset *regset,
17016
17017 int xfpregs_set(struct task_struct *target, const struct user_regset *regset,
17018 unsigned int pos, unsigned int count,
17019+ const void *kbuf, const void __user *ubuf) __size_overflow(4);
17020+int xfpregs_set(struct task_struct *target, const struct user_regset *regset,
17021+ unsigned int pos, unsigned int count,
17022 const void *kbuf, const void __user *ubuf)
17023 {
17024 int ret;
17025@@ -240,6 +246,9 @@ int xfpregs_set(struct task_struct *target, const struct user_regset *regset,
17026
17027 int xstateregs_get(struct task_struct *target, const struct user_regset *regset,
17028 unsigned int pos, unsigned int count,
17029+ void *kbuf, void __user *ubuf) __size_overflow(4);
17030+int xstateregs_get(struct task_struct *target, const struct user_regset *regset,
17031+ unsigned int pos, unsigned int count,
17032 void *kbuf, void __user *ubuf)
17033 {
17034 int ret;
17035@@ -269,6 +278,9 @@ int xstateregs_get(struct task_struct *target, const struct user_regset *regset,
17036
17037 int xstateregs_set(struct task_struct *target, const struct user_regset *regset,
17038 unsigned int pos, unsigned int count,
17039+ const void *kbuf, const void __user *ubuf) __size_overflow(4);
17040+int xstateregs_set(struct task_struct *target, const struct user_regset *regset,
17041+ unsigned int pos, unsigned int count,
17042 const void *kbuf, const void __user *ubuf)
17043 {
17044 int ret;
17045@@ -439,6 +451,9 @@ static void convert_to_fxsr(struct task_struct *tsk,
17046
17047 int fpregs_get(struct task_struct *target, const struct user_regset *regset,
17048 unsigned int pos, unsigned int count,
17049+ void *kbuf, void __user *ubuf) __size_overflow(3,4);
17050+int fpregs_get(struct task_struct *target, const struct user_regset *regset,
17051+ unsigned int pos, unsigned int count,
17052 void *kbuf, void __user *ubuf)
17053 {
17054 struct user_i387_ia32_struct env;
17055@@ -471,6 +486,9 @@ int fpregs_get(struct task_struct *target, const struct user_regset *regset,
17056
17057 int fpregs_set(struct task_struct *target, const struct user_regset *regset,
17058 unsigned int pos, unsigned int count,
17059+ const void *kbuf, const void __user *ubuf) __size_overflow(3,4);
17060+int fpregs_set(struct task_struct *target, const struct user_regset *regset,
17061+ unsigned int pos, unsigned int count,
17062 const void *kbuf, const void __user *ubuf)
17063 {
17064 struct user_i387_ia32_struct env;
17065@@ -619,6 +637,8 @@ static inline int restore_i387_fsave(struct _fpstate_ia32 __user *buf)
17066 }
17067
17068 static int restore_i387_fxsave(struct _fpstate_ia32 __user *buf,
17069+ unsigned int size) __size_overflow(2);
17070+static int restore_i387_fxsave(struct _fpstate_ia32 __user *buf,
17071 unsigned int size)
17072 {
17073 struct task_struct *tsk = current;
16811diff --git a/arch/x86/kernel/i8259.c b/arch/x86/kernel/i8259.c 17074diff --git a/arch/x86/kernel/i8259.c b/arch/x86/kernel/i8259.c
16812index 6104852..6114160 100644 17075index 6104852..6114160 100644
16813--- a/arch/x86/kernel/i8259.c 17076--- a/arch/x86/kernel/i8259.c
@@ -17286,7 +17549,7 @@ index a9c2116..a52d4fc 100644
17286 #endif 17549 #endif
17287 pv_mmu_ops.flush_tlb_user = kvm_flush_tlb; 17550 pv_mmu_ops.flush_tlb_user = kvm_flush_tlb;
17288diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c 17551diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c
17289index ea69726..604d066 100644 17552index ea69726..8b497c9 100644
17290--- a/arch/x86/kernel/ldt.c 17553--- a/arch/x86/kernel/ldt.c
17291+++ b/arch/x86/kernel/ldt.c 17554+++ b/arch/x86/kernel/ldt.c
17292@@ -67,13 +67,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) 17555@@ -67,13 +67,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload)
@@ -17339,7 +17602,15 @@ index ea69726..604d066 100644
17339 return retval; 17602 return retval;
17340 } 17603 }
17341 17604
17342@@ -230,6 +248,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) 17605@@ -141,6 +159,7 @@ void destroy_context(struct mm_struct *mm)
17606 }
17607 }
17608
17609+static int read_ldt(void __user *ptr, unsigned long bytecount) __size_overflow(2);
17610 static int read_ldt(void __user *ptr, unsigned long bytecount)
17611 {
17612 int err;
17613@@ -230,6 +249,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode)
17343 } 17614 }
17344 } 17615 }
17345 17616
@@ -17385,11 +17656,14 @@ index a3fa43b..8966f4c 100644
17385 relocate_kernel_ptr = control_page; 17656 relocate_kernel_ptr = control_page;
17386 page_list[PA_CONTROL_PAGE] = __pa(control_page); 17657 page_list[PA_CONTROL_PAGE] = __pa(control_page);
17387diff --git a/arch/x86/kernel/microcode_intel.c b/arch/x86/kernel/microcode_intel.c 17658diff --git a/arch/x86/kernel/microcode_intel.c b/arch/x86/kernel/microcode_intel.c
17388index 3ca42d0..7cff8cc 100644 17659index 3ca42d0..79d24cd 100644
17389--- a/arch/x86/kernel/microcode_intel.c 17660--- a/arch/x86/kernel/microcode_intel.c
17390+++ b/arch/x86/kernel/microcode_intel.c 17661+++ b/arch/x86/kernel/microcode_intel.c
17391@@ -436,13 +436,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device) 17662@@ -434,15 +434,16 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device)
17663 return ret;
17664 }
17392 17665
17666+static int get_ucode_user(void *to, const void *from, size_t n) __size_overflow(3);
17393 static int get_ucode_user(void *to, const void *from, size_t n) 17667 static int get_ucode_user(void *to, const void *from, size_t n)
17394 { 17668 {
17395- return copy_from_user(to, from, n); 17669- return copy_from_user(to, from, n);
@@ -18024,10 +18298,21 @@ index 6a364a6..b147d11 100644
18024 ip = *(u64 *)(fp+8); 18298 ip = *(u64 *)(fp+8);
18025 if (!in_sched_functions(ip)) 18299 if (!in_sched_functions(ip))
18026diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c 18300diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
18027index 8252879..d3219e0 100644 18301index 8252879..f367ec9 100644
18028--- a/arch/x86/kernel/ptrace.c 18302--- a/arch/x86/kernel/ptrace.c
18029+++ b/arch/x86/kernel/ptrace.c 18303+++ b/arch/x86/kernel/ptrace.c
18030@@ -822,7 +822,7 @@ long arch_ptrace(struct task_struct *child, long request, 18304@@ -791,6 +791,10 @@ static int ioperm_active(struct task_struct *target,
18305 static int ioperm_get(struct task_struct *target,
18306 const struct user_regset *regset,
18307 unsigned int pos, unsigned int count,
18308+ void *kbuf, void __user *ubuf) __size_overflow(3,4);
18309+static int ioperm_get(struct task_struct *target,
18310+ const struct user_regset *regset,
18311+ unsigned int pos, unsigned int count,
18312 void *kbuf, void __user *ubuf)
18313 {
18314 if (!target->thread.io_bitmap_ptr)
18315@@ -822,7 +826,7 @@ long arch_ptrace(struct task_struct *child, long request,
18031 unsigned long addr, unsigned long data) 18316 unsigned long addr, unsigned long data)
18032 { 18317 {
18033 int ret; 18318 int ret;
@@ -18036,7 +18321,7 @@ index 8252879..d3219e0 100644
18036 18321
18037 switch (request) { 18322 switch (request) {
18038 /* read the word at location addr in the USER area. */ 18323 /* read the word at location addr in the USER area. */
18039@@ -907,14 +907,14 @@ long arch_ptrace(struct task_struct *child, long request, 18324@@ -907,14 +911,14 @@ long arch_ptrace(struct task_struct *child, long request,
18040 if ((int) addr < 0) 18325 if ((int) addr < 0)
18041 return -EIO; 18326 return -EIO;
18042 ret = do_get_thread_area(child, addr, 18327 ret = do_get_thread_area(child, addr,
@@ -18053,7 +18338,7 @@ index 8252879..d3219e0 100644
18053 break; 18338 break;
18054 #endif 18339 #endif
18055 18340
18056@@ -1331,7 +1331,7 @@ static void fill_sigtrap_info(struct task_struct *tsk, 18341@@ -1331,7 +1335,7 @@ static void fill_sigtrap_info(struct task_struct *tsk,
18057 memset(info, 0, sizeof(*info)); 18342 memset(info, 0, sizeof(*info));
18058 info->si_signo = SIGTRAP; 18343 info->si_signo = SIGTRAP;
18059 info->si_code = si_code; 18344 info->si_code = si_code;
@@ -18300,7 +18585,7 @@ index cf0ef98..e3f780b 100644
18300 bss_resource.start = virt_to_phys(&__bss_start); 18585 bss_resource.start = virt_to_phys(&__bss_start);
18301 bss_resource.end = virt_to_phys(&__bss_stop)-1; 18586 bss_resource.end = virt_to_phys(&__bss_stop)-1;
18302diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c 18587diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c
18303index 71f4727..16dc9f7 100644 18588index 71f4727..217419b 100644
18304--- a/arch/x86/kernel/setup_percpu.c 18589--- a/arch/x86/kernel/setup_percpu.c
18305+++ b/arch/x86/kernel/setup_percpu.c 18590+++ b/arch/x86/kernel/setup_percpu.c
18306@@ -21,19 +21,17 @@ 18591@@ -21,19 +21,17 @@
@@ -18327,7 +18612,25 @@ index 71f4727..16dc9f7 100644
18327 [0 ... NR_CPUS-1] = BOOT_PERCPU_OFFSET, 18612 [0 ... NR_CPUS-1] = BOOT_PERCPU_OFFSET,
18328 }; 18613 };
18329 EXPORT_SYMBOL(__per_cpu_offset); 18614 EXPORT_SYMBOL(__per_cpu_offset);
18330@@ -155,10 +153,10 @@ static inline void setup_percpu_segment(int cpu) 18615@@ -96,6 +94,8 @@ static bool __init pcpu_need_numa(void)
18616 * Pointer to the allocated area on success, NULL on failure.
18617 */
18618 static void * __init pcpu_alloc_bootmem(unsigned int cpu, unsigned long size,
18619+ unsigned long align) __size_overflow(2);
18620+static void * __init pcpu_alloc_bootmem(unsigned int cpu, unsigned long size,
18621 unsigned long align)
18622 {
18623 const unsigned long goal = __pa(MAX_DMA_ADDRESS);
18624@@ -124,6 +124,8 @@ static void * __init pcpu_alloc_bootmem(unsigned int cpu, unsigned long size,
18625 /*
18626 * Helpers for first chunk memory allocation
18627 */
18628+static void * __init pcpu_fc_alloc(unsigned int cpu, size_t size, size_t align) __size_overflow(2);
18629+
18630 static void * __init pcpu_fc_alloc(unsigned int cpu, size_t size, size_t align)
18631 {
18632 return pcpu_alloc_bootmem(cpu, size, align);
18633@@ -155,10 +157,10 @@ static inline void setup_percpu_segment(int cpu)
18331 { 18634 {
18332 #ifdef CONFIG_X86_32 18635 #ifdef CONFIG_X86_32
18333 struct desc_struct gdt; 18636 struct desc_struct gdt;
@@ -18341,7 +18644,7 @@ index 71f4727..16dc9f7 100644
18341 write_gdt_entry(get_cpu_gdt_table(cpu), 18644 write_gdt_entry(get_cpu_gdt_table(cpu),
18342 GDT_ENTRY_PERCPU, &gdt, DESCTYPE_S); 18645 GDT_ENTRY_PERCPU, &gdt, DESCTYPE_S);
18343 #endif 18646 #endif
18344@@ -207,6 +205,11 @@ void __init setup_per_cpu_areas(void) 18647@@ -207,6 +209,11 @@ void __init setup_per_cpu_areas(void)
18345 /* alrighty, percpu areas up and running */ 18648 /* alrighty, percpu areas up and running */
18346 delta = (unsigned long)pcpu_base_addr - (unsigned long)__per_cpu_start; 18649 delta = (unsigned long)pcpu_base_addr - (unsigned long)__per_cpu_start;
18347 for_each_possible_cpu(cpu) { 18650 for_each_possible_cpu(cpu) {
@@ -18353,7 +18656,7 @@ index 71f4727..16dc9f7 100644
18353 per_cpu_offset(cpu) = delta + pcpu_unit_offsets[cpu]; 18656 per_cpu_offset(cpu) = delta + pcpu_unit_offsets[cpu];
18354 per_cpu(this_cpu_off, cpu) = per_cpu_offset(cpu); 18657 per_cpu(this_cpu_off, cpu) = per_cpu_offset(cpu);
18355 per_cpu(cpu_number, cpu) = cpu; 18658 per_cpu(cpu_number, cpu) = cpu;
18356@@ -247,6 +250,12 @@ void __init setup_per_cpu_areas(void) 18659@@ -247,6 +254,12 @@ void __init setup_per_cpu_areas(void)
18357 */ 18660 */
18358 set_cpu_numa_node(cpu, early_cpu_to_node(cpu)); 18661 set_cpu_numa_node(cpu, early_cpu_to_node(cpu));
18359 #endif 18662 #endif
@@ -19015,6 +19318,18 @@ index 6bb7b85..dd853e1 100644
19015 set_tls_desc(p, idx, &info, 1); 19318 set_tls_desc(p, idx, &info, 1);
19016 19319
19017 return 0; 19320 return 0;
19321diff --git a/arch/x86/kernel/tls.h b/arch/x86/kernel/tls.h
19322index 2f083a2..7d3fecc 100644
19323--- a/arch/x86/kernel/tls.h
19324+++ b/arch/x86/kernel/tls.h
19325@@ -16,6 +16,6 @@
19326
19327 extern user_regset_active_fn regset_tls_active;
19328 extern user_regset_get_fn regset_tls_get;
19329-extern user_regset_set_fn regset_tls_set;
19330+extern user_regset_set_fn regset_tls_set __size_overflow(4);
19331
19332 #endif /* _ARCH_X86_KERNEL_TLS_H */
19018diff --git a/arch/x86/kernel/trampoline_32.S b/arch/x86/kernel/trampoline_32.S 19333diff --git a/arch/x86/kernel/trampoline_32.S b/arch/x86/kernel/trampoline_32.S
19019index 451c0a7..e57f551 100644 19334index 451c0a7..e57f551 100644
19020--- a/arch/x86/kernel/trampoline_32.S 19335--- a/arch/x86/kernel/trampoline_32.S
@@ -19661,7 +19976,7 @@ index 7110911..e8cdee5 100644
19661 if (unlikely(err)) { 19976 if (unlikely(err)) {
19662 /* 19977 /*
19663diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c 19978diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
19664index f1e3be1..588efc8 100644 19979index f1e3be18..588efc8 100644
19665--- a/arch/x86/kvm/emulate.c 19980--- a/arch/x86/kvm/emulate.c
19666+++ b/arch/x86/kvm/emulate.c 19981+++ b/arch/x86/kvm/emulate.c
19667@@ -249,6 +249,7 @@ struct gprefix { 19982@@ -249,6 +249,7 @@ struct gprefix {
@@ -19747,10 +20062,18 @@ index 9299410..ade2f9b 100644
19747 spin_unlock(&vcpu->kvm->mmu_lock); 20062 spin_unlock(&vcpu->kvm->mmu_lock);
19748 20063
19749diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c 20064diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
19750index 94a4672..5c6b853 100644 20065index 94a4672..1700ed1 100644
19751--- a/arch/x86/kvm/svm.c 20066--- a/arch/x86/kvm/svm.c
19752+++ b/arch/x86/kvm/svm.c 20067+++ b/arch/x86/kvm/svm.c
19753@@ -3405,7 +3405,11 @@ static void reload_tss(struct kvm_vcpu *vcpu) 20068@@ -3037,6 +3037,7 @@ static int svm_set_vm_cr(struct kvm_vcpu *vcpu, u64 data)
20069 return 0;
20070 }
20071
20072+static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data) __size_overflow(3);
20073 static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data)
20074 {
20075 struct vcpu_svm *svm = to_svm(vcpu);
20076@@ -3405,7 +3406,11 @@ static void reload_tss(struct kvm_vcpu *vcpu)
19754 int cpu = raw_smp_processor_id(); 20077 int cpu = raw_smp_processor_id();
19755 20078
19756 struct svm_cpu_data *sd = per_cpu(svm_data, cpu); 20079 struct svm_cpu_data *sd = per_cpu(svm_data, cpu);
@@ -19762,7 +20085,7 @@ index 94a4672..5c6b853 100644
19762 load_TR_desc(); 20085 load_TR_desc();
19763 } 20086 }
19764 20087
19765@@ -3783,6 +3787,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) 20088@@ -3783,6 +3788,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
19766 #endif 20089 #endif
19767 #endif 20090 #endif
19768 20091
@@ -19774,7 +20097,7 @@ index 94a4672..5c6b853 100644
19774 20097
19775 local_irq_disable(); 20098 local_irq_disable();
19776diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c 20099diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
19777index 4ea7678..b3a7084 100644 20100index 4ea7678..c715f2f 100644
19778--- a/arch/x86/kvm/vmx.c 20101--- a/arch/x86/kvm/vmx.c
19779+++ b/arch/x86/kvm/vmx.c 20102+++ b/arch/x86/kvm/vmx.c
19780@@ -1305,7 +1305,11 @@ static void reload_tss(void) 20103@@ -1305,7 +1305,11 @@ static void reload_tss(void)
@@ -19789,7 +20112,15 @@ index 4ea7678..b3a7084 100644
19789 load_TR_desc(); 20112 load_TR_desc();
19790 } 20113 }
19791 20114
19792@@ -2633,8 +2637,11 @@ static __init int hardware_setup(void) 20115@@ -2163,6 +2167,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
20116 * Returns 0 on success, non-0 otherwise.
20117 * Assumes vcpu_load() was already called.
20118 */
20119+static int vmx_set_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data) __size_overflow(3);
20120 static int vmx_set_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data)
20121 {
20122 struct vcpu_vmx *vmx = to_vmx(vcpu);
20123@@ -2633,8 +2638,11 @@ static __init int hardware_setup(void)
19793 if (!cpu_has_vmx_flexpriority()) 20124 if (!cpu_has_vmx_flexpriority())
19794 flexpriority_enabled = 0; 20125 flexpriority_enabled = 0;
19795 20126
@@ -19803,7 +20134,7 @@ index 4ea7678..b3a7084 100644
19803 20134
19804 if (enable_ept && !cpu_has_vmx_ept_2m_page()) 20135 if (enable_ept && !cpu_has_vmx_ept_2m_page())
19805 kvm_disable_largepages(); 20136 kvm_disable_largepages();
19806@@ -3648,7 +3655,7 @@ static void vmx_set_constant_host_state(void) 20137@@ -3648,7 +3656,7 @@ static void vmx_set_constant_host_state(void)
19807 vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */ 20138 vmcs_writel(HOST_IDTR_BASE, dt.address); /* 22.2.4 */
19808 20139
19809 asm("mov $.Lkvm_vmx_return, %0" : "=r"(tmpl)); 20140 asm("mov $.Lkvm_vmx_return, %0" : "=r"(tmpl));
@@ -19812,7 +20143,7 @@ index 4ea7678..b3a7084 100644
19812 20143
19813 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32); 20144 rdmsr(MSR_IA32_SYSENTER_CS, low32, high32);
19814 vmcs_write32(HOST_IA32_SYSENTER_CS, low32); 20145 vmcs_write32(HOST_IA32_SYSENTER_CS, low32);
19815@@ -6169,6 +6176,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) 20146@@ -6169,6 +6177,12 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
19816 "jmp .Lkvm_vmx_return \n\t" 20147 "jmp .Lkvm_vmx_return \n\t"
19817 ".Llaunched: " __ex(ASM_VMX_VMRESUME) "\n\t" 20148 ".Llaunched: " __ex(ASM_VMX_VMRESUME) "\n\t"
19818 ".Lkvm_vmx_return: " 20149 ".Lkvm_vmx_return: "
@@ -19825,7 +20156,7 @@ index 4ea7678..b3a7084 100644
19825 /* Save guest registers, load host registers, keep flags */ 20156 /* Save guest registers, load host registers, keep flags */
19826 "mov %0, %c[wordsize](%%"R"sp) \n\t" 20157 "mov %0, %c[wordsize](%%"R"sp) \n\t"
19827 "pop %0 \n\t" 20158 "pop %0 \n\t"
19828@@ -6217,6 +6230,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) 20159@@ -6217,6 +6231,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
19829 #endif 20160 #endif
19830 [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)), 20161 [cr2]"i"(offsetof(struct vcpu_vmx, vcpu.arch.cr2)),
19831 [wordsize]"i"(sizeof(ulong)) 20162 [wordsize]"i"(sizeof(ulong))
@@ -19837,7 +20168,7 @@ index 4ea7678..b3a7084 100644
19837 : "cc", "memory" 20168 : "cc", "memory"
19838 , R"ax", R"bx", R"di", R"si" 20169 , R"ax", R"bx", R"di", R"si"
19839 #ifdef CONFIG_X86_64 20170 #ifdef CONFIG_X86_64
19840@@ -6245,7 +6263,16 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) 20171@@ -6245,7 +6264,16 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu)
19841 } 20172 }
19842 } 20173 }
19843 20174
@@ -19856,10 +20187,18 @@ index 4ea7678..b3a7084 100644
19856 20187
19857 vmx->exit_reason = vmcs_read32(VM_EXIT_REASON); 20188 vmx->exit_reason = vmcs_read32(VM_EXIT_REASON);
19858diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c 20189diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
19859index 4c938da..4ddef65 100644 20190index 4c938da..6cd8090 100644
19860--- a/arch/x86/kvm/x86.c 20191--- a/arch/x86/kvm/x86.c
19861+++ b/arch/x86/kvm/x86.c 20192+++ b/arch/x86/kvm/x86.c
19862@@ -1345,8 +1345,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) 20193@@ -907,6 +907,7 @@ static int do_set_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *data)
20194 return kvm_set_msr(vcpu, index, *data);
20195 }
20196
20197+static void kvm_write_wall_clock(struct kvm *kvm, gpa_t wall_clock) __size_overflow(2);
20198 static void kvm_write_wall_clock(struct kvm *kvm, gpa_t wall_clock)
20199 {
20200 int version;
20201@@ -1345,8 +1346,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
19863 { 20202 {
19864 struct kvm *kvm = vcpu->kvm; 20203 struct kvm *kvm = vcpu->kvm;
19865 int lm = is_long_mode(vcpu); 20204 int lm = is_long_mode(vcpu);
@@ -19870,7 +20209,7 @@ index 4c938da..4ddef65 100644
19870 u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64 20209 u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64
19871 : kvm->arch.xen_hvm_config.blob_size_32; 20210 : kvm->arch.xen_hvm_config.blob_size_32;
19872 u32 page_num = data & ~PAGE_MASK; 20211 u32 page_num = data & ~PAGE_MASK;
19873@@ -2165,6 +2165,8 @@ long kvm_arch_dev_ioctl(struct file *filp, 20212@@ -2165,6 +2166,8 @@ long kvm_arch_dev_ioctl(struct file *filp,
19874 if (n < msr_list.nmsrs) 20213 if (n < msr_list.nmsrs)
19875 goto out; 20214 goto out;
19876 r = -EFAULT; 20215 r = -EFAULT;
@@ -19879,7 +20218,7 @@ index 4c938da..4ddef65 100644
19879 if (copy_to_user(user_msr_list->indices, &msrs_to_save, 20218 if (copy_to_user(user_msr_list->indices, &msrs_to_save,
19880 num_msrs_to_save * sizeof(u32))) 20219 num_msrs_to_save * sizeof(u32)))
19881 goto out; 20220 goto out;
19882@@ -2340,15 +2342,20 @@ static int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu, 20221@@ -2340,15 +2343,20 @@ static int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
19883 struct kvm_cpuid2 *cpuid, 20222 struct kvm_cpuid2 *cpuid,
19884 struct kvm_cpuid_entry2 __user *entries) 20223 struct kvm_cpuid_entry2 __user *entries)
19885 { 20224 {
@@ -19903,7 +20242,7 @@ index 4c938da..4ddef65 100644
19903 vcpu->arch.cpuid_nent = cpuid->nent; 20242 vcpu->arch.cpuid_nent = cpuid->nent;
19904 kvm_apic_set_version(vcpu); 20243 kvm_apic_set_version(vcpu);
19905 kvm_x86_ops->cpuid_update(vcpu); 20244 kvm_x86_ops->cpuid_update(vcpu);
19906@@ -2363,15 +2370,19 @@ static int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu, 20245@@ -2363,15 +2371,19 @@ static int kvm_vcpu_ioctl_get_cpuid2(struct kvm_vcpu *vcpu,
19907 struct kvm_cpuid2 *cpuid, 20246 struct kvm_cpuid2 *cpuid,
19908 struct kvm_cpuid_entry2 __user *entries) 20247 struct kvm_cpuid_entry2 __user *entries)
19909 { 20248 {
@@ -19926,7 +20265,7 @@ index 4c938da..4ddef65 100644
19926 return 0; 20265 return 0;
19927 20266
19928 out: 20267 out:
19929@@ -2746,7 +2757,7 @@ static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu, 20268@@ -2746,7 +2758,7 @@ static int kvm_vcpu_ioctl_set_lapic(struct kvm_vcpu *vcpu,
19930 static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu, 20269 static int kvm_vcpu_ioctl_interrupt(struct kvm_vcpu *vcpu,
19931 struct kvm_interrupt *irq) 20270 struct kvm_interrupt *irq)
19932 { 20271 {
@@ -19935,7 +20274,67 @@ index 4c938da..4ddef65 100644
19935 return -EINVAL; 20274 return -EINVAL;
19936 if (irqchip_in_kernel(vcpu->kvm)) 20275 if (irqchip_in_kernel(vcpu->kvm))
19937 return -ENXIO; 20276 return -ENXIO;
19938@@ -5162,7 +5173,7 @@ static void kvm_set_mmio_spte_mask(void) 20277@@ -3949,6 +3961,9 @@ gpa_t kvm_mmu_gva_to_gpa_system(struct kvm_vcpu *vcpu, gva_t gva,
20278
20279 static int kvm_read_guest_virt_helper(gva_t addr, void *val, unsigned int bytes,
20280 struct kvm_vcpu *vcpu, u32 access,
20281+ struct x86_exception *exception) __size_overflow(1,3);
20282+static int kvm_read_guest_virt_helper(gva_t addr, void *val, unsigned int bytes,
20283+ struct kvm_vcpu *vcpu, u32 access,
20284 struct x86_exception *exception)
20285 {
20286 void *data = val;
20287@@ -3980,6 +3995,9 @@ out:
20288 /* used for instruction fetching */
20289 static int kvm_fetch_guest_virt(struct x86_emulate_ctxt *ctxt,
20290 gva_t addr, void *val, unsigned int bytes,
20291+ struct x86_exception *exception) __size_overflow(2,4);
20292+static int kvm_fetch_guest_virt(struct x86_emulate_ctxt *ctxt,
20293+ gva_t addr, void *val, unsigned int bytes,
20294 struct x86_exception *exception)
20295 {
20296 struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
20297@@ -4004,6 +4022,9 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_virt);
20298
20299 static int kvm_read_guest_virt_system(struct x86_emulate_ctxt *ctxt,
20300 gva_t addr, void *val, unsigned int bytes,
20301+ struct x86_exception *exception) __size_overflow(2,4);
20302+static int kvm_read_guest_virt_system(struct x86_emulate_ctxt *ctxt,
20303+ gva_t addr, void *val, unsigned int bytes,
20304 struct x86_exception *exception)
20305 {
20306 struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
20307@@ -4117,12 +4138,16 @@ static int read_prepare(struct kvm_vcpu *vcpu, void *val, int bytes)
20308 }
20309
20310 static int read_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
20311+ void *val, int bytes) __size_overflow(2);
20312+static int read_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
20313 void *val, int bytes)
20314 {
20315 return !kvm_read_guest(vcpu->kvm, gpa, val, bytes);
20316 }
20317
20318 static int write_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
20319+ void *val, int bytes) __size_overflow(2);
20320+static int write_emulate(struct kvm_vcpu *vcpu, gpa_t gpa,
20321 void *val, int bytes)
20322 {
20323 return emulator_write_phys(vcpu, gpa, val, bytes);
20324@@ -4273,6 +4298,12 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
20325 const void *old,
20326 const void *new,
20327 unsigned int bytes,
20328+ struct x86_exception *exception) __size_overflow(5);
20329+static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
20330+ unsigned long addr,
20331+ const void *old,
20332+ const void *new,
20333+ unsigned int bytes,
20334 struct x86_exception *exception)
20335 {
20336 struct kvm_vcpu *vcpu = emul_to_vcpu(ctxt);
20337@@ -5162,7 +5193,7 @@ static void kvm_set_mmio_spte_mask(void)
19939 kvm_mmu_set_mmio_spte_mask(mask); 20338 kvm_mmu_set_mmio_spte_mask(mask);
19940 } 20339 }
19941 20340
@@ -19944,6 +20343,23 @@ index 4c938da..4ddef65 100644
19944 { 20343 {
19945 int r; 20344 int r;
19946 struct kvm_x86_ops *ops = (struct kvm_x86_ops *)opaque; 20345 struct kvm_x86_ops *ops = (struct kvm_x86_ops *)opaque;
20346diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
20347index d36fe23..a4b189f 100644
20348--- a/arch/x86/kvm/x86.h
20349+++ b/arch/x86/kvm/x86.h
20350@@ -119,10 +119,10 @@ void kvm_write_tsc(struct kvm_vcpu *vcpu, u64 data);
20351
20352 int kvm_read_guest_virt(struct x86_emulate_ctxt *ctxt,
20353 gva_t addr, void *val, unsigned int bytes,
20354- struct x86_exception *exception);
20355+ struct x86_exception *exception) __size_overflow(2,4);
20356
20357 int kvm_write_guest_virt_system(struct x86_emulate_ctxt *ctxt,
20358 gva_t addr, void *val, unsigned int bytes,
20359- struct x86_exception *exception);
20360+ struct x86_exception *exception) __size_overflow(2,4);
20361
20362 #endif
19947diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c 20363diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c
19948index cf4603b..7cdde38 100644 20364index cf4603b..7cdde38 100644
19949--- a/arch/x86/lguest/boot.c 20365--- a/arch/x86/lguest/boot.c
@@ -22217,7 +22633,7 @@ index a63efd6..ccecad8 100644
22217 ret 22633 ret
22218 CFI_ENDPROC 22634 CFI_ENDPROC
22219diff --git a/arch/x86/lib/usercopy_32.c b/arch/x86/lib/usercopy_32.c 22635diff --git a/arch/x86/lib/usercopy_32.c b/arch/x86/lib/usercopy_32.c
22220index e218d5d..35679b4 100644 22636index e218d5d..1e01930 100644
22221--- a/arch/x86/lib/usercopy_32.c 22637--- a/arch/x86/lib/usercopy_32.c
22222+++ b/arch/x86/lib/usercopy_32.c 22638+++ b/arch/x86/lib/usercopy_32.c
22223@@ -43,7 +43,7 @@ do { \ 22639@@ -43,7 +43,7 @@ do { \
@@ -22229,6 +22645,24 @@ index e218d5d..35679b4 100644
22229 " stosb\n" \ 22645 " stosb\n" \
22230 " testb %%al,%%al\n" \ 22646 " testb %%al,%%al\n" \
22231 " jz 1f\n" \ 22647 " jz 1f\n" \
22648@@ -83,7 +83,7 @@ do { \
22649 * and returns @count.
22650 */
22651 long
22652-__strncpy_from_user(char *dst, const char __user *src, long count)
22653+__strncpy_from_user(char *dst, const char __user *src, unsigned long count)
22654 {
22655 long res;
22656 __do_strncpy_from_user(dst, src, count, res);
22657@@ -110,7 +110,7 @@ EXPORT_SYMBOL(__strncpy_from_user);
22658 * and returns @count.
22659 */
22660 long
22661-strncpy_from_user(char *dst, const char __user *src, long count)
22662+strncpy_from_user(char *dst, const char __user *src, unsigned long count)
22663 {
22664 long res = -EFAULT;
22665 if (access_ok(VERIFY_READ, src, 1))
22232@@ -128,10 +128,12 @@ do { \ 22666@@ -128,10 +128,12 @@ do { \
22233 int __d0; \ 22667 int __d0; \
22234 might_fault(); \ 22668 might_fault(); \
@@ -22242,6 +22676,15 @@ index e218d5d..35679b4 100644
22242 ".section .fixup,\"ax\"\n" \ 22676 ".section .fixup,\"ax\"\n" \
22243 "3: lea 0(%2,%0,4),%0\n" \ 22677 "3: lea 0(%2,%0,4),%0\n" \
22244 " jmp 2b\n" \ 22678 " jmp 2b\n" \
22679@@ -192,7 +194,7 @@ EXPORT_SYMBOL(__clear_user);
22680 * On exception, returns 0.
22681 * If the string is too long, returns a value greater than @n.
22682 */
22683-long strnlen_user(const char __user *s, long n)
22684+long strnlen_user(const char __user *s, unsigned long n)
22685 {
22686 unsigned long mask = -__addr_ok(s);
22687 unsigned long res, tmp;
22245@@ -200,6 +202,7 @@ long strnlen_user(const char __user *s, long n) 22688@@ -200,6 +202,7 @@ long strnlen_user(const char __user *s, long n)
22246 might_fault(); 22689 might_fault();
22247 22690
@@ -22320,7 +22763,7 @@ index e218d5d..35679b4 100644
22320 " addl $-64, %0\n" 22763 " addl $-64, %0\n"
22321 " addl $64, %4\n" 22764 " addl $64, %4\n"
22322 " addl $64, %3\n" 22765 " addl $64, %3\n"
22323@@ -278,10 +282,119 @@ __copy_user_intel(void __user *to, const void *from, unsigned long size) 22766@@ -278,10 +282,12 @@ __copy_user_intel(void __user *to, const void *from, unsigned long size)
22324 " shrl $2, %0\n" 22767 " shrl $2, %0\n"
22325 " andl $3, %%eax\n" 22768 " andl $3, %%eax\n"
22326 " cld\n" 22769 " cld\n"
@@ -22330,58 +22773,13 @@ index e218d5d..35679b4 100644
22330 "37: rep; movsb\n" 22773 "37: rep; movsb\n"
22331 "100:\n" 22774 "100:\n"
22332+ __COPYUSER_RESTORE_ES 22775+ __COPYUSER_RESTORE_ES
22333+ ".section .fixup,\"ax\"\n" 22776 ".section .fixup,\"ax\"\n"
22334+ "101: lea 0(%%eax,%0,4),%0\n" 22777 "101: lea 0(%%eax,%0,4),%0\n"
22335+ " jmp 100b\n" 22778 " jmp 100b\n"
22336+ ".previous\n" 22779@@ -334,46 +340,155 @@ __copy_user_intel(void __user *to, const void *from, unsigned long size)
22337+ ".section __ex_table,\"a\"\n" 22780 }
22338+ " .align 4\n" 22781
22339+ " .long 1b,100b\n" 22782 static unsigned long
22340+ " .long 2b,100b\n"
22341+ " .long 3b,100b\n"
22342+ " .long 4b,100b\n"
22343+ " .long 5b,100b\n"
22344+ " .long 6b,100b\n"
22345+ " .long 7b,100b\n"
22346+ " .long 8b,100b\n"
22347+ " .long 9b,100b\n"
22348+ " .long 10b,100b\n"
22349+ " .long 11b,100b\n"
22350+ " .long 12b,100b\n"
22351+ " .long 13b,100b\n"
22352+ " .long 14b,100b\n"
22353+ " .long 15b,100b\n"
22354+ " .long 16b,100b\n"
22355+ " .long 17b,100b\n"
22356+ " .long 18b,100b\n"
22357+ " .long 19b,100b\n"
22358+ " .long 20b,100b\n"
22359+ " .long 21b,100b\n"
22360+ " .long 22b,100b\n"
22361+ " .long 23b,100b\n"
22362+ " .long 24b,100b\n"
22363+ " .long 25b,100b\n"
22364+ " .long 26b,100b\n"
22365+ " .long 27b,100b\n"
22366+ " .long 28b,100b\n"
22367+ " .long 29b,100b\n"
22368+ " .long 30b,100b\n"
22369+ " .long 31b,100b\n"
22370+ " .long 32b,100b\n"
22371+ " .long 33b,100b\n"
22372+ " .long 34b,100b\n"
22373+ " .long 35b,100b\n"
22374+ " .long 36b,100b\n"
22375+ " .long 37b,100b\n"
22376+ " .long 99b,101b\n"
22377+ ".previous"
22378+ : "=&c"(size), "=&D" (d0), "=&S" (d1)
22379+ : "1"(to), "2"(from), "0"(size)
22380+ : "eax", "edx", "memory");
22381+ return size;
22382+}
22383+
22384+static unsigned long
22385+__generic_copy_from_user_intel(void *to, const void __user *from, unsigned long size) 22783+__generic_copy_from_user_intel(void *to, const void __user *from, unsigned long size)
22386+{ 22784+{
22387+ int d0, d1; 22785+ int d0, d1;
@@ -22437,10 +22835,62 @@ index e218d5d..35679b4 100644
22437+ "36: movl %%eax, %0\n" 22835+ "36: movl %%eax, %0\n"
22438+ "37: rep; "__copyuser_seg" movsb\n" 22836+ "37: rep; "__copyuser_seg" movsb\n"
22439+ "100:\n" 22837+ "100:\n"
22440 ".section .fixup,\"ax\"\n" 22838+ ".section .fixup,\"ax\"\n"
22441 "101: lea 0(%%eax,%0,4),%0\n" 22839+ "101: lea 0(%%eax,%0,4),%0\n"
22442 " jmp 100b\n" 22840+ " jmp 100b\n"
22443@@ -339,41 +452,41 @@ __copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size) 22841+ ".previous\n"
22842+ ".section __ex_table,\"a\"\n"
22843+ " .align 4\n"
22844+ " .long 1b,100b\n"
22845+ " .long 2b,100b\n"
22846+ " .long 3b,100b\n"
22847+ " .long 4b,100b\n"
22848+ " .long 5b,100b\n"
22849+ " .long 6b,100b\n"
22850+ " .long 7b,100b\n"
22851+ " .long 8b,100b\n"
22852+ " .long 9b,100b\n"
22853+ " .long 10b,100b\n"
22854+ " .long 11b,100b\n"
22855+ " .long 12b,100b\n"
22856+ " .long 13b,100b\n"
22857+ " .long 14b,100b\n"
22858+ " .long 15b,100b\n"
22859+ " .long 16b,100b\n"
22860+ " .long 17b,100b\n"
22861+ " .long 18b,100b\n"
22862+ " .long 19b,100b\n"
22863+ " .long 20b,100b\n"
22864+ " .long 21b,100b\n"
22865+ " .long 22b,100b\n"
22866+ " .long 23b,100b\n"
22867+ " .long 24b,100b\n"
22868+ " .long 25b,100b\n"
22869+ " .long 26b,100b\n"
22870+ " .long 27b,100b\n"
22871+ " .long 28b,100b\n"
22872+ " .long 29b,100b\n"
22873+ " .long 30b,100b\n"
22874+ " .long 31b,100b\n"
22875+ " .long 32b,100b\n"
22876+ " .long 33b,100b\n"
22877+ " .long 34b,100b\n"
22878+ " .long 35b,100b\n"
22879+ " .long 36b,100b\n"
22880+ " .long 37b,100b\n"
22881+ " .long 99b,101b\n"
22882+ ".previous"
22883+ : "=&c"(size), "=&D" (d0), "=&S" (d1)
22884+ : "1"(to), "2"(from), "0"(size)
22885+ : "eax", "edx", "memory");
22886+ return size;
22887+}
22888+
22889+static unsigned long
22890+__copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size) __size_overflow(3);
22891+static unsigned long
22892 __copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size)
22893 {
22444 int d0, d1; 22894 int d0, d1;
22445 __asm__ __volatile__( 22895 __asm__ __volatile__(
22446 " .align 2,0x90\n" 22896 " .align 2,0x90\n"
@@ -22500,7 +22950,7 @@ index e218d5d..35679b4 100644
22500 " movl %%eax, 56(%3)\n" 22950 " movl %%eax, 56(%3)\n"
22501 " movl %%edx, 60(%3)\n" 22951 " movl %%edx, 60(%3)\n"
22502 " addl $-64, %0\n" 22952 " addl $-64, %0\n"
22503@@ -385,9 +498,9 @@ __copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size) 22953@@ -385,9 +500,9 @@ __copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size)
22504 " shrl $2, %0\n" 22954 " shrl $2, %0\n"
22505 " andl $3, %%eax\n" 22955 " andl $3, %%eax\n"
22506 " cld\n" 22956 " cld\n"
@@ -22512,7 +22962,15 @@ index e218d5d..35679b4 100644
22512 "8:\n" 22962 "8:\n"
22513 ".section .fixup,\"ax\"\n" 22963 ".section .fixup,\"ax\"\n"
22514 "9: lea 0(%%eax,%0,4),%0\n" 22964 "9: lea 0(%%eax,%0,4),%0\n"
22515@@ -440,41 +553,41 @@ static unsigned long __copy_user_zeroing_intel_nocache(void *to, 22965@@ -434,47 +549,49 @@ __copy_user_zeroing_intel(void *to, const void __user *from, unsigned long size)
22966 */
22967
22968 static unsigned long __copy_user_zeroing_intel_nocache(void *to,
22969+ const void __user *from, unsigned long size) __size_overflow(3);
22970+static unsigned long __copy_user_zeroing_intel_nocache(void *to,
22971 const void __user *from, unsigned long size)
22972 {
22973 int d0, d1;
22516 22974
22517 __asm__ __volatile__( 22975 __asm__ __volatile__(
22518 " .align 2,0x90\n" 22976 " .align 2,0x90\n"
@@ -22572,7 +23030,7 @@ index e218d5d..35679b4 100644
22572 " movnti %%eax, 56(%3)\n" 23030 " movnti %%eax, 56(%3)\n"
22573 " movnti %%edx, 60(%3)\n" 23031 " movnti %%edx, 60(%3)\n"
22574 " addl $-64, %0\n" 23032 " addl $-64, %0\n"
22575@@ -487,9 +600,9 @@ static unsigned long __copy_user_zeroing_intel_nocache(void *to, 23033@@ -487,9 +604,9 @@ static unsigned long __copy_user_zeroing_intel_nocache(void *to,
22576 " shrl $2, %0\n" 23034 " shrl $2, %0\n"
22577 " andl $3, %%eax\n" 23035 " andl $3, %%eax\n"
22578 " cld\n" 23036 " cld\n"
@@ -22584,7 +23042,15 @@ index e218d5d..35679b4 100644
22584 "8:\n" 23042 "8:\n"
22585 ".section .fixup,\"ax\"\n" 23043 ".section .fixup,\"ax\"\n"
22586 "9: lea 0(%%eax,%0,4),%0\n" 23044 "9: lea 0(%%eax,%0,4),%0\n"
22587@@ -537,41 +650,41 @@ static unsigned long __copy_user_intel_nocache(void *to, 23045@@ -531,47 +648,49 @@ static unsigned long __copy_user_zeroing_intel_nocache(void *to,
23046 }
23047
23048 static unsigned long __copy_user_intel_nocache(void *to,
23049+ const void __user *from, unsigned long size) __size_overflow(3);
23050+static unsigned long __copy_user_intel_nocache(void *to,
23051 const void __user *from, unsigned long size)
23052 {
23053 int d0, d1;
22588 23054
22589 __asm__ __volatile__( 23055 __asm__ __volatile__(
22590 " .align 2,0x90\n" 23056 " .align 2,0x90\n"
@@ -22644,7 +23110,7 @@ index e218d5d..35679b4 100644
22644 " movnti %%eax, 56(%3)\n" 23110 " movnti %%eax, 56(%3)\n"
22645 " movnti %%edx, 60(%3)\n" 23111 " movnti %%edx, 60(%3)\n"
22646 " addl $-64, %0\n" 23112 " addl $-64, %0\n"
22647@@ -584,9 +697,9 @@ static unsigned long __copy_user_intel_nocache(void *to, 23113@@ -584,9 +703,9 @@ static unsigned long __copy_user_intel_nocache(void *to,
22648 " shrl $2, %0\n" 23114 " shrl $2, %0\n"
22649 " andl $3, %%eax\n" 23115 " andl $3, %%eax\n"
22650 " cld\n" 23116 " cld\n"
@@ -22656,7 +23122,7 @@ index e218d5d..35679b4 100644
22656 "8:\n" 23122 "8:\n"
22657 ".section .fixup,\"ax\"\n" 23123 ".section .fixup,\"ax\"\n"
22658 "9: lea 0(%%eax,%0,4),%0\n" 23124 "9: lea 0(%%eax,%0,4),%0\n"
22659@@ -629,32 +742,36 @@ static unsigned long __copy_user_intel_nocache(void *to, 23125@@ -629,32 +748,36 @@ static unsigned long __copy_user_intel_nocache(void *to,
22660 */ 23126 */
22661 unsigned long __copy_user_zeroing_intel(void *to, const void __user *from, 23127 unsigned long __copy_user_zeroing_intel(void *to, const void __user *from,
22662 unsigned long size); 23128 unsigned long size);
@@ -22698,7 +23164,7 @@ index e218d5d..35679b4 100644
22698 ".section .fixup,\"ax\"\n" \ 23164 ".section .fixup,\"ax\"\n" \
22699 "5: addl %3,%0\n" \ 23165 "5: addl %3,%0\n" \
22700 " jmp 2b\n" \ 23166 " jmp 2b\n" \
22701@@ -682,14 +799,14 @@ do { \ 23167@@ -682,14 +805,14 @@ do { \
22702 " negl %0\n" \ 23168 " negl %0\n" \
22703 " andl $7,%0\n" \ 23169 " andl $7,%0\n" \
22704 " subl %0,%3\n" \ 23170 " subl %0,%3\n" \
@@ -22716,7 +23182,7 @@ index e218d5d..35679b4 100644
22716 "2:\n" \ 23182 "2:\n" \
22717 ".section .fixup,\"ax\"\n" \ 23183 ".section .fixup,\"ax\"\n" \
22718 "5: addl %3,%0\n" \ 23184 "5: addl %3,%0\n" \
22719@@ -775,9 +892,9 @@ survive: 23185@@ -775,9 +898,9 @@ survive:
22720 } 23186 }
22721 #endif 23187 #endif
22722 if (movsl_is_ok(to, from, n)) 23188 if (movsl_is_ok(to, from, n))
@@ -22728,7 +23194,7 @@ index e218d5d..35679b4 100644
22728 return n; 23194 return n;
22729 } 23195 }
22730 EXPORT_SYMBOL(__copy_to_user_ll); 23196 EXPORT_SYMBOL(__copy_to_user_ll);
22731@@ -797,10 +914,9 @@ unsigned long __copy_from_user_ll_nozero(void *to, const void __user *from, 23197@@ -797,10 +920,9 @@ unsigned long __copy_from_user_ll_nozero(void *to, const void __user *from,
22732 unsigned long n) 23198 unsigned long n)
22733 { 23199 {
22734 if (movsl_is_ok(to, from, n)) 23200 if (movsl_is_ok(to, from, n))
@@ -22741,7 +23207,7 @@ index e218d5d..35679b4 100644
22741 return n; 23207 return n;
22742 } 23208 }
22743 EXPORT_SYMBOL(__copy_from_user_ll_nozero); 23209 EXPORT_SYMBOL(__copy_from_user_ll_nozero);
22744@@ -827,65 +943,50 @@ unsigned long __copy_from_user_ll_nocache_nozero(void *to, const void __user *fr 23210@@ -827,65 +949,50 @@ unsigned long __copy_from_user_ll_nocache_nozero(void *to, const void __user *fr
22745 if (n > 64 && cpu_has_xmm2) 23211 if (n > 64 && cpu_has_xmm2)
22746 n = __copy_user_intel_nocache(to, from, n); 23212 n = __copy_user_intel_nocache(to, from, n);
22747 else 23213 else
@@ -22844,11 +23310,15 @@ index e218d5d..35679b4 100644
22844+EXPORT_SYMBOL(set_fs); 23310+EXPORT_SYMBOL(set_fs);
22845+#endif 23311+#endif
22846diff --git a/arch/x86/lib/usercopy_64.c b/arch/x86/lib/usercopy_64.c 23312diff --git a/arch/x86/lib/usercopy_64.c b/arch/x86/lib/usercopy_64.c
22847index b7c2849..8633ad8 100644 23313index b7c2849..bab76d3 100644
22848--- a/arch/x86/lib/usercopy_64.c 23314--- a/arch/x86/lib/usercopy_64.c
22849+++ b/arch/x86/lib/usercopy_64.c 23315+++ b/arch/x86/lib/usercopy_64.c
22850@@ -42,6 +42,12 @@ long 23316@@ -39,16 +39,22 @@ do { \
22851 __strncpy_from_user(char *dst, const char __user *src, long count) 23317 } while (0)
23318
23319 long
23320-__strncpy_from_user(char *dst, const char __user *src, long count)
23321+__strncpy_from_user(char *dst, const char __user *src, unsigned long count)
22852 { 23322 {
22853 long res; 23323 long res;
22854+ 23324+
@@ -22860,6 +23330,14 @@ index b7c2849..8633ad8 100644
22860 __do_strncpy_from_user(dst, src, count, res); 23330 __do_strncpy_from_user(dst, src, count, res);
22861 return res; 23331 return res;
22862 } 23332 }
23333 EXPORT_SYMBOL(__strncpy_from_user);
23334
23335 long
23336-strncpy_from_user(char *dst, const char __user *src, long count)
23337+strncpy_from_user(char *dst, const char __user *src, unsigned long count)
23338 {
23339 long res = -EFAULT;
23340 if (access_ok(VERIFY_READ, src, 1))
22863@@ -65,6 +71,12 @@ unsigned long __clear_user(void __user *addr, unsigned long size) 23341@@ -65,6 +71,12 @@ unsigned long __clear_user(void __user *addr, unsigned long size)
22864 { 23342 {
22865 long __d0; 23343 long __d0;
@@ -22873,6 +23351,24 @@ index b7c2849..8633ad8 100644
22873 /* no memory constraint because it doesn't change any memory gcc knows 23351 /* no memory constraint because it doesn't change any memory gcc knows
22874 about */ 23352 about */
22875 asm volatile( 23353 asm volatile(
23354@@ -107,7 +119,7 @@ EXPORT_SYMBOL(clear_user);
23355 * Return 0 on exception, a value greater than N if too long
23356 */
23357
23358-long __strnlen_user(const char __user *s, long n)
23359+long __strnlen_user(const char __user *s, unsigned long n)
23360 {
23361 long res = 0;
23362 char c;
23363@@ -125,7 +137,7 @@ long __strnlen_user(const char __user *s, long n)
23364 }
23365 EXPORT_SYMBOL(__strnlen_user);
23366
23367-long strnlen_user(const char __user *s, long n)
23368+long strnlen_user(const char __user *s, unsigned long n)
23369 {
23370 if (!access_ok(VERIFY_READ, s, 1))
23371 return 0;
22876@@ -149,12 +161,20 @@ long strlen_user(const char __user *s) 23372@@ -149,12 +161,20 @@ long strlen_user(const char __user *s)
22877 } 23373 }
22878 EXPORT_SYMBOL(strlen_user); 23374 EXPORT_SYMBOL(strlen_user);
@@ -25946,6 +26442,28 @@ index ad4ec1c..686479e 100644
25946 } 26442 }
25947 26443
25948 /* parse all the mtimer info to a static mtimer array */ 26444 /* parse all the mtimer info to a static mtimer array */
26445diff --git a/arch/x86/platform/uv/tlb_uv.c b/arch/x86/platform/uv/tlb_uv.c
26446index 81aee5a..9ad9aae 100644
26447--- a/arch/x86/platform/uv/tlb_uv.c
26448+++ b/arch/x86/platform/uv/tlb_uv.c
26449@@ -1433,6 +1433,8 @@ static ssize_t tunables_read(struct file *file, char __user *userbuf,
26450 * 0: display meaning of the statistics
26451 */
26452 static ssize_t ptc_proc_write(struct file *file, const char __user *user,
26453+ size_t count, loff_t *data) __size_overflow(3);
26454+static ssize_t ptc_proc_write(struct file *file, const char __user *user,
26455 size_t count, loff_t *data)
26456 {
26457 int cpu;
26458@@ -1548,6 +1550,8 @@ static int parse_tunables_write(struct bau_control *bcp, char *instr,
26459 * Handle a write to debugfs. (/sys/kernel/debug/sgi_uv/bau_tunables)
26460 */
26461 static ssize_t tunables_write(struct file *file, const char __user *user,
26462+ size_t count, loff_t *data) __size_overflow(3);
26463+static ssize_t tunables_write(struct file *file, const char __user *user,
26464 size_t count, loff_t *data)
26465 {
26466 int cpu;
25949diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c 26467diff --git a/arch/x86/power/cpu.c b/arch/x86/power/cpu.c
25950index f10c0af..3ec1f95 100644 26468index f10c0af..3ec1f95 100644
25951--- a/arch/x86/power/cpu.c 26469--- a/arch/x86/power/cpu.c
@@ -26566,6 +27084,91 @@ index 688be8a..8a37d98 100644
26566 if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len)) 27084 if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len))
26567 goto error; 27085 goto error;
26568 27086
27087diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
27088index a0f768c..1da9c73 100644
27089--- a/crypto/ablkcipher.c
27090+++ b/crypto/ablkcipher.c
27091@@ -307,6 +307,8 @@ int ablkcipher_walk_phys(struct ablkcipher_request *req,
27092 EXPORT_SYMBOL_GPL(ablkcipher_walk_phys);
27093
27094 static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key,
27095+ unsigned int keylen) __size_overflow(3);
27096+static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key,
27097 unsigned int keylen)
27098 {
27099 struct ablkcipher_alg *cipher = crypto_ablkcipher_alg(tfm);
27100@@ -329,6 +331,8 @@ static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key,
27101 }
27102
27103 static int setkey(struct crypto_ablkcipher *tfm, const u8 *key,
27104+ unsigned int keylen) __size_overflow(3);
27105+static int setkey(struct crypto_ablkcipher *tfm, const u8 *key,
27106 unsigned int keylen)
27107 {
27108 struct ablkcipher_alg *cipher = crypto_ablkcipher_alg(tfm);
27109diff --git a/crypto/aead.c b/crypto/aead.c
27110index 04add3dc..983032f 100644
27111--- a/crypto/aead.c
27112+++ b/crypto/aead.c
27113@@ -27,6 +27,8 @@
27114 #include "internal.h"
27115
27116 static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key,
27117+ unsigned int keylen) __size_overflow(3);
27118+static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key,
27119 unsigned int keylen)
27120 {
27121 struct aead_alg *aead = crypto_aead_alg(tfm);
27122@@ -48,6 +50,7 @@ static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key,
27123 return ret;
27124 }
27125
27126+static int setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) __size_overflow(3);
27127 static int setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen)
27128 {
27129 struct aead_alg *aead = crypto_aead_alg(tfm);
27130diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
27131index 1e61d1a..cf06b86 100644
27132--- a/crypto/blkcipher.c
27133+++ b/crypto/blkcipher.c
27134@@ -359,6 +359,8 @@ int blkcipher_walk_virt_block(struct blkcipher_desc *desc,
27135 EXPORT_SYMBOL_GPL(blkcipher_walk_virt_block);
27136
27137 static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27138+ unsigned int keylen) __size_overflow(3);
27139+static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27140 unsigned int keylen)
27141 {
27142 struct blkcipher_alg *cipher = &tfm->__crt_alg->cra_blkcipher;
27143@@ -380,6 +382,7 @@ static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27144 return ret;
27145 }
27146
27147+static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) __size_overflow(3);
27148 static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
27149 {
27150 struct blkcipher_alg *cipher = &tfm->__crt_alg->cra_blkcipher;
27151diff --git a/crypto/cipher.c b/crypto/cipher.c
27152index 39541e0..802d956 100644
27153--- a/crypto/cipher.c
27154+++ b/crypto/cipher.c
27155@@ -21,6 +21,8 @@
27156 #include "internal.h"
27157
27158 static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27159+ unsigned int keylen) __size_overflow(3);
27160+static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27161 unsigned int keylen)
27162 {
27163 struct cipher_alg *cia = &tfm->__crt_alg->cra_cipher;
27164@@ -43,6 +45,7 @@ static int setkey_unaligned(struct crypto_tfm *tfm, const u8 *key,
27165
27166 }
27167
27168+static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) __size_overflow(3);
27169 static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
27170 {
27171 struct cipher_alg *cia = &tfm->__crt_alg->cra_cipher;
26569diff --git a/crypto/cryptd.c b/crypto/cryptd.c 27172diff --git a/crypto/cryptd.c b/crypto/cryptd.c
26570index 671d4d6..5f24030 100644 27173index 671d4d6..5f24030 100644
26571--- a/crypto/cryptd.c 27174--- a/crypto/cryptd.c
@@ -26609,6 +27212,20 @@ index 5d41894..22021e4 100644
26609 } 27212 }
26610 EXPORT_SYMBOL_GPL(cper_next_record_id); 27213 EXPORT_SYMBOL_GPL(cper_next_record_id);
26611 27214
27215diff --git a/drivers/acpi/battery.c b/drivers/acpi/battery.c
27216index 7711d94..8622811 100644
27217--- a/drivers/acpi/battery.c
27218+++ b/drivers/acpi/battery.c
27219@@ -787,6 +787,9 @@ static int acpi_battery_print_alarm(struct seq_file *seq, int result)
27220
27221 static ssize_t acpi_battery_write_alarm(struct file *file,
27222 const char __user * buffer,
27223+ size_t count, loff_t * ppos) __size_overflow(3);
27224+static ssize_t acpi_battery_write_alarm(struct file *file,
27225+ const char __user * buffer,
27226 size_t count, loff_t * ppos)
27227 {
27228 int result = 0;
26612diff --git a/drivers/acpi/ec_sys.c b/drivers/acpi/ec_sys.c 27229diff --git a/drivers/acpi/ec_sys.c b/drivers/acpi/ec_sys.c
26613index 6c47ae9..abfdd63 100644 27230index 6c47ae9..abfdd63 100644
26614--- a/drivers/acpi/ec_sys.c 27231--- a/drivers/acpi/ec_sys.c
@@ -26713,6 +27330,20 @@ index 9d7bc9f..a6fc091 100644
26713 27330
26714 /* 27331 /*
26715 * Buggy BIOS check 27332 * Buggy BIOS check
27333diff --git a/drivers/acpi/sbs.c b/drivers/acpi/sbs.c
27334index 6e36d0c..f319944 100644
27335--- a/drivers/acpi/sbs.c
27336+++ b/drivers/acpi/sbs.c
27337@@ -655,6 +655,9 @@ static int acpi_battery_read_alarm(struct seq_file *seq, void *offset)
27338
27339 static ssize_t
27340 acpi_battery_write_alarm(struct file *file, const char __user * buffer,
27341+ size_t count, loff_t * ppos) __size_overflow(3);
27342+static ssize_t
27343+acpi_battery_write_alarm(struct file *file, const char __user * buffer,
27344 size_t count, loff_t * ppos)
27345 {
27346 struct seq_file *seq = file->private_data;
26716diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c 27347diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
26717index c04ad68..0b99473 100644 27348index c04ad68..0b99473 100644
26718--- a/drivers/ata/libata-core.c 27349--- a/drivers/ata/libata-core.c
@@ -31534,6 +32165,19 @@ index 40c8353..946b0e4 100644
31534 } 32165 }
31535 PDBG("%s stag_state 0x%0x type 0x%0x pdid 0x%0x, stag_idx 0x%x\n", 32166 PDBG("%s stag_state 0x%0x type 0x%0x pdid 0x%0x, stag_idx 0x%x\n",
31536 __func__, stag_state, type, pdid, stag_idx); 32167 __func__, stag_state, type, pdid, stag_idx);
32168diff --git a/drivers/infiniband/hw/ipath/ipath_fs.c b/drivers/infiniband/hw/ipath/ipath_fs.c
32169index 31ae1b1..641d285 100644
32170--- a/drivers/infiniband/hw/ipath/ipath_fs.c
32171+++ b/drivers/infiniband/hw/ipath/ipath_fs.c
32172@@ -126,6 +126,8 @@ static const struct file_operations atomic_counters_ops = {
32173 };
32174
32175 static ssize_t flash_read(struct file *file, char __user *buf,
32176+ size_t count, loff_t *ppos) __size_overflow(3);
32177+static ssize_t flash_read(struct file *file, char __user *buf,
32178 size_t count, loff_t *ppos)
32179 {
32180 struct ipath_devdata *dd;
31537diff --git a/drivers/infiniband/hw/ipath/ipath_rc.c b/drivers/infiniband/hw/ipath/ipath_rc.c 32181diff --git a/drivers/infiniband/hw/ipath/ipath_rc.c b/drivers/infiniband/hw/ipath/ipath_rc.c
31538index 79b3dbc..96e5fcc 100644 32182index 79b3dbc..96e5fcc 100644
31539--- a/drivers/infiniband/hw/ipath/ipath_rc.c 32183--- a/drivers/infiniband/hw/ipath/ipath_rc.c
@@ -32013,6 +32657,19 @@ index b881bdc..c2e360c 100644
32013 32657
32014 #include "qib_common.h" 32658 #include "qib_common.h"
32015 #include "qib_verbs.h" 32659 #include "qib_verbs.h"
32660diff --git a/drivers/infiniband/hw/qib/qib_fs.c b/drivers/infiniband/hw/qib/qib_fs.c
32661index df7fa25..0c854f0 100644
32662--- a/drivers/infiniband/hw/qib/qib_fs.c
32663+++ b/drivers/infiniband/hw/qib/qib_fs.c
32664@@ -267,6 +267,8 @@ static const struct file_operations qsfp_ops[] = {
32665 };
32666
32667 static ssize_t flash_read(struct file *file, char __user *buf,
32668+ size_t count, loff_t *ppos) __size_overflow(3);
32669+static ssize_t flash_read(struct file *file, char __user *buf,
32670 size_t count, loff_t *ppos)
32671 {
32672 struct qib_devdata *dd;
32016diff --git a/drivers/input/gameport/gameport.c b/drivers/input/gameport/gameport.c 32673diff --git a/drivers/input/gameport/gameport.c b/drivers/input/gameport/gameport.c
32017index c351aa4..e6967c2 100644 32674index c351aa4..e6967c2 100644
32018--- a/drivers/input/gameport/gameport.c 32675--- a/drivers/input/gameport/gameport.c
@@ -32340,7 +32997,7 @@ index a3bd163..8956575 100644
32340 typedef struct _diva_os_xdi_adapter { 32997 typedef struct _diva_os_xdi_adapter {
32341 struct list_head link; 32998 struct list_head link;
32342diff --git a/drivers/isdn/i4l/isdn_net.c b/drivers/isdn/i4l/isdn_net.c 32999diff --git a/drivers/isdn/i4l/isdn_net.c b/drivers/isdn/i4l/isdn_net.c
32343index 2339d73..802ab87 100644 33000index 2339d73..802ab87a 100644
32344--- a/drivers/isdn/i4l/isdn_net.c 33001--- a/drivers/isdn/i4l/isdn_net.c
32345+++ b/drivers/isdn/i4l/isdn_net.c 33002+++ b/drivers/isdn/i4l/isdn_net.c
32346@@ -1901,7 +1901,7 @@ static int isdn_net_header(struct sk_buff *skb, struct net_device *dev, 33003@@ -1901,7 +1901,7 @@ static int isdn_net_header(struct sk_buff *skb, struct net_device *dev,
@@ -32396,6 +33053,18 @@ index b5fdcb7..5b6c59f 100644
32396 end_switcher_text - start_switcher_text); 33053 end_switcher_text - start_switcher_text);
32397 33054
32398 printk(KERN_INFO "lguest: mapped switcher at %p\n", 33055 printk(KERN_INFO "lguest: mapped switcher at %p\n",
33056diff --git a/drivers/lguest/lguest_user.c b/drivers/lguest/lguest_user.c
33057index ff4a0bc..f5fdd9c 100644
33058--- a/drivers/lguest/lguest_user.c
33059+++ b/drivers/lguest/lguest_user.c
33060@@ -198,6 +198,7 @@ static int user_send_irq(struct lg_cpu *cpu, const unsigned long __user *input)
33061 * Once our Guest is initialized, the Launcher makes it run by reading
33062 * from /dev/lguest.
33063 */
33064+static ssize_t read(struct file *file, char __user *user, size_t size,loff_t*o) __size_overflow(3);
33065 static ssize_t read(struct file *file, char __user *user, size_t size,loff_t*o)
33066 {
33067 struct lguest *lg = file->private_data;
32399diff --git a/drivers/lguest/x86/core.c b/drivers/lguest/x86/core.c 33068diff --git a/drivers/lguest/x86/core.c b/drivers/lguest/x86/core.c
32400index 65af42f..530c87a 100644 33069index 65af42f..530c87a 100644
32401--- a/drivers/lguest/x86/core.c 33070--- a/drivers/lguest/x86/core.c
@@ -33217,23 +33886,30 @@ index 68d1240..46b32eb 100644
33217 {0x14f1,0x8811,PCI_ANY_ID,PCI_ANY_ID,0,0,0}, 33886 {0x14f1,0x8811,PCI_ANY_ID,PCI_ANY_ID,0,0,0},
33218 {0, } 33887 {0, }
33219diff --git a/drivers/media/video/omap/omap_vout.c b/drivers/media/video/omap/omap_vout.c 33888diff --git a/drivers/media/video/omap/omap_vout.c b/drivers/media/video/omap/omap_vout.c
33220index ee0d0b3..7db1a4f 100644 33889index ee0d0b3..63f6b78 100644
33221--- a/drivers/media/video/omap/omap_vout.c 33890--- a/drivers/media/video/omap/omap_vout.c
33222+++ b/drivers/media/video/omap/omap_vout.c 33891+++ b/drivers/media/video/omap/omap_vout.c
33223@@ -64,7 +64,12 @@ enum omap_vout_channels { 33892@@ -64,7 +64,6 @@ enum omap_vout_channels {
33224 OMAP_VIDEO2, 33893 OMAP_VIDEO2,
33225 }; 33894 };
33226 33895
33227-static struct videobuf_queue_ops video_vbq_ops; 33896-static struct videobuf_queue_ops video_vbq_ops;
33228+static struct videobuf_queue_ops video_vbq_ops = {
33229+ .buf_setup = omap_vout_buffer_setup,
33230+ .buf_prepare = omap_vout_buffer_prepare,
33231+ .buf_release = omap_vout_buffer_release,
33232+ .buf_queue = omap_vout_buffer_queue,
33233+};
33234 /* Variables configurable through module params*/ 33897 /* Variables configurable through module params*/
33235 static u32 video1_numbuffers = 3; 33898 static u32 video1_numbuffers = 3;
33236 static u32 video2_numbuffers = 3; 33899 static u32 video2_numbuffers = 3;
33900@@ -999,6 +998,12 @@ static int omap_vout_open(struct file *file)
33901 {
33902 struct videobuf_queue *q;
33903 struct omap_vout_device *vout = NULL;
33904+ static struct videobuf_queue_ops video_vbq_ops = {
33905+ .buf_setup = omap_vout_buffer_setup,
33906+ .buf_prepare = omap_vout_buffer_prepare,
33907+ .buf_release = omap_vout_buffer_release,
33908+ .buf_queue = omap_vout_buffer_queue,
33909+ };
33910
33911 vout = video_drvdata(file);
33912 v4l2_dbg(1, debug, &vout->vid_dev->v4l2_dev, "Entering %s\n", __func__);
33237@@ -1016,10 +1021,6 @@ static int omap_vout_open(struct file *file) 33913@@ -1016,10 +1021,6 @@ static int omap_vout_open(struct file *file)
33238 vout->type = V4L2_BUF_TYPE_VIDEO_OUTPUT; 33914 vout->type = V4L2_BUF_TYPE_VIDEO_OUTPUT;
33239 33915
@@ -33258,6 +33934,32 @@ index 305e6aa..0143317 100644
33258 pvr2_i2c_func i2c_func[PVR2_I2C_FUNC_CNT]; 33934 pvr2_i2c_func i2c_func[PVR2_I2C_FUNC_CNT];
33259 int i2c_cx25840_hack_state; 33935 int i2c_cx25840_hack_state;
33260 int i2c_linked; 33936 int i2c_linked;
33937diff --git a/drivers/media/video/saa7164/saa7164-encoder.c b/drivers/media/video/saa7164/saa7164-encoder.c
33938index 2fd38a0..ddec3c4 100644
33939--- a/drivers/media/video/saa7164/saa7164-encoder.c
33940+++ b/drivers/media/video/saa7164/saa7164-encoder.c
33941@@ -1136,6 +1136,8 @@ struct saa7164_user_buffer *saa7164_enc_next_buf(struct saa7164_port *port)
33942 }
33943
33944 static ssize_t fops_read(struct file *file, char __user *buffer,
33945+ size_t count, loff_t *pos) __size_overflow(3);
33946+static ssize_t fops_read(struct file *file, char __user *buffer,
33947 size_t count, loff_t *pos)
33948 {
33949 struct saa7164_encoder_fh *fh = file->private_data;
33950diff --git a/drivers/media/video/saa7164/saa7164-vbi.c b/drivers/media/video/saa7164/saa7164-vbi.c
33951index e2e0341..b80056c 100644
33952--- a/drivers/media/video/saa7164/saa7164-vbi.c
33953+++ b/drivers/media/video/saa7164/saa7164-vbi.c
33954@@ -1081,6 +1081,8 @@ struct saa7164_user_buffer *saa7164_vbi_next_buf(struct saa7164_port *port)
33955 }
33956
33957 static ssize_t fops_read(struct file *file, char __user *buffer,
33958+ size_t count, loff_t *pos) __size_overflow(3);
33959+static ssize_t fops_read(struct file *file, char __user *buffer,
33960 size_t count, loff_t *pos)
33961 {
33962 struct saa7164_vbi_fh *fh = file->private_data;
33261diff --git a/drivers/media/video/timblogiw.c b/drivers/media/video/timblogiw.c 33963diff --git a/drivers/media/video/timblogiw.c b/drivers/media/video/timblogiw.c
33262index a0895bf..b7ebb1b 100644 33964index a0895bf..b7ebb1b 100644
33263--- a/drivers/media/video/timblogiw.c 33965--- a/drivers/media/video/timblogiw.c
@@ -33908,7 +34610,7 @@ index ac40925..483b753 100644
33908 #include <linux/mtd/nand.h> 34610 #include <linux/mtd/nand.h>
33909 #include <linux/mtd/nftl.h> 34611 #include <linux/mtd/nftl.h>
33910diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c 34612diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c
33911index 6c3fb5a..c542a81 100644 34613index 6c3fb5a..5b2eeb0 100644
33912--- a/drivers/mtd/ubi/build.c 34614--- a/drivers/mtd/ubi/build.c
33913+++ b/drivers/mtd/ubi/build.c 34615+++ b/drivers/mtd/ubi/build.c
33914@@ -1311,7 +1311,7 @@ module_exit(ubi_exit); 34616@@ -1311,7 +1311,7 @@ module_exit(ubi_exit);
@@ -33940,7 +34642,7 @@ index 6c3fb5a..c542a81 100644
33940 } 34642 }
33941 34643
33942- return result; 34644- return result;
33943+ if ((intoverflow_t)result*scale >= INT_MAX) { 34645+ if (result*scale >= INT_MAX) {
33944+ printk(KERN_ERR "UBI error: incorrect bytes count: \"%s\"\n", 34646+ printk(KERN_ERR "UBI error: incorrect bytes count: \"%s\"\n",
33945+ str); 34647+ str);
33946+ return -EINVAL; 34648+ return -EINVAL;
@@ -33950,6 +34652,19 @@ index 6c3fb5a..c542a81 100644
33950 } 34652 }
33951 34653
33952 /** 34654 /**
34655diff --git a/drivers/mtd/ubi/debug.c b/drivers/mtd/ubi/debug.c
34656index ab80c0d..aec8580 100644
34657--- a/drivers/mtd/ubi/debug.c
34658+++ b/drivers/mtd/ubi/debug.c
34659@@ -338,6 +338,8 @@ out:
34660
34661 /* Write an UBI debugfs file */
34662 static ssize_t dfs_file_write(struct file *file, const char __user *user_buf,
34663+ size_t count, loff_t *ppos) __size_overflow(3);
34664+static ssize_t dfs_file_write(struct file *file, const char __user *user_buf,
34665 size_t count, loff_t *ppos)
34666 {
34667 unsigned long ubi_num = (unsigned long)file->private_data;
33953diff --git a/drivers/net/ethernet/atheros/atlx/atl2.c b/drivers/net/ethernet/atheros/atlx/atl2.c 34668diff --git a/drivers/net/ethernet/atheros/atlx/atl2.c b/drivers/net/ethernet/atheros/atlx/atl2.c
33954index 1feae59..c2a61d2 100644 34669index 1feae59..c2a61d2 100644
33955--- a/drivers/net/ethernet/atheros/atlx/atl2.c 34670--- a/drivers/net/ethernet/atheros/atlx/atl2.c
@@ -34001,6 +34716,47 @@ index c5f5479..2e8c260 100644
34001 34716
34002 #define L2T_SKB_CB(skb) ((struct l2t_skb_cb *)(skb)->cb) 34717 #define L2T_SKB_CB(skb) ((struct l2t_skb_cb *)(skb)->cb)
34003 34718
34719diff --git a/drivers/net/ethernet/chelsio/cxgb3/sge.c b/drivers/net/ethernet/chelsio/cxgb3/sge.c
34720index cfb60e1..9c76da7 100644
34721--- a/drivers/net/ethernet/chelsio/cxgb3/sge.c
34722+++ b/drivers/net/ethernet/chelsio/cxgb3/sge.c
34723@@ -611,6 +611,8 @@ static void recycle_rx_buf(struct adapter *adap, struct sge_fl *q,
34724 * of the SW ring.
34725 */
34726 static void *alloc_ring(struct pci_dev *pdev, size_t nelem, size_t elem_size,
34727+ size_t sw_size, dma_addr_t * phys, void *metadata) __size_overflow(2,4);
34728+static void *alloc_ring(struct pci_dev *pdev, size_t nelem, size_t elem_size,
34729 size_t sw_size, dma_addr_t * phys, void *metadata)
34730 {
34731 size_t len = nelem * elem_size;
34732diff --git a/drivers/net/ethernet/chelsio/cxgb4/sge.c b/drivers/net/ethernet/chelsio/cxgb4/sge.c
34733index 140254c..5b8a0a6 100644
34734--- a/drivers/net/ethernet/chelsio/cxgb4/sge.c
34735+++ b/drivers/net/ethernet/chelsio/cxgb4/sge.c
34736@@ -593,6 +593,9 @@ static inline void __refill_fl(struct adapter *adap, struct sge_fl *fl)
34737 */
34738 static void *alloc_ring(struct device *dev, size_t nelem, size_t elem_size,
34739 size_t sw_size, dma_addr_t *phys, void *metadata,
34740+ size_t stat_size, int node) __size_overflow(2,4);
34741+static void *alloc_ring(struct device *dev, size_t nelem, size_t elem_size,
34742+ size_t sw_size, dma_addr_t *phys, void *metadata,
34743 size_t stat_size, int node)
34744 {
34745 size_t len = nelem * elem_size + stat_size;
34746diff --git a/drivers/net/ethernet/chelsio/cxgb4vf/sge.c b/drivers/net/ethernet/chelsio/cxgb4vf/sge.c
34747index 8d5d55a..a3c3474 100644
34748--- a/drivers/net/ethernet/chelsio/cxgb4vf/sge.c
34749+++ b/drivers/net/ethernet/chelsio/cxgb4vf/sge.c
34750@@ -730,6 +730,9 @@ static inline void __refill_fl(struct adapter *adapter, struct sge_fl *fl)
34751 */
34752 static void *alloc_ring(struct device *dev, size_t nelem, size_t hwsize,
34753 size_t swsize, dma_addr_t *busaddrp, void *swringp,
34754+ size_t stat_size) __size_overflow(2,4);
34755+static void *alloc_ring(struct device *dev, size_t nelem, size_t hwsize,
34756+ size_t swsize, dma_addr_t *busaddrp, void *swringp,
34757 size_t stat_size)
34758 {
34759 /*
34004diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c 34760diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c
34005index 871bcaa..4043505 100644 34761index 871bcaa..4043505 100644
34006--- a/drivers/net/ethernet/dec/tulip/de4x5.c 34762--- a/drivers/net/ethernet/dec/tulip/de4x5.c
@@ -34439,7 +35195,7 @@ index 4a518a3..936b334 100644
34439 #define VXGE_HW_VIRTUAL_PATH_HANDLE(vpath) \ 35195 #define VXGE_HW_VIRTUAL_PATH_HANDLE(vpath) \
34440 ((struct __vxge_hw_vpath_handle *)(vpath)->vpath_handles.next) 35196 ((struct __vxge_hw_vpath_handle *)(vpath)->vpath_handles.next)
34441diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c 35197diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c
34442index c8f47f1..5da9840 100644 35198index 0cf2351..56c4cef 100644
34443--- a/drivers/net/ethernet/realtek/r8169.c 35199--- a/drivers/net/ethernet/realtek/r8169.c
34444+++ b/drivers/net/ethernet/realtek/r8169.c 35200+++ b/drivers/net/ethernet/realtek/r8169.c
34445@@ -698,17 +698,17 @@ struct rtl8169_private { 35201@@ -698,17 +698,17 @@ struct rtl8169_private {
@@ -34492,7 +35248,7 @@ index 41e6b33..8e89b0f 100644
34492 35248
34493 /* To mask all all interrupts.*/ 35249 /* To mask all all interrupts.*/
34494diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c 35250diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c
34495index edfa15d..002bfa9 100644 35251index 486b404..0d6677d 100644
34496--- a/drivers/net/ppp/ppp_generic.c 35252--- a/drivers/net/ppp/ppp_generic.c
34497+++ b/drivers/net/ppp/ppp_generic.c 35253+++ b/drivers/net/ppp/ppp_generic.c
34498@@ -987,7 +987,6 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) 35254@@ -987,7 +987,6 @@ ppp_net_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
@@ -34590,6 +35346,60 @@ index 46db5c5..37c1536 100644
34590 35346
34591 err = platform_driver_register(&sk_isa_driver); 35347 err = platform_driver_register(&sk_isa_driver);
34592 if (err) 35348 if (err)
35349diff --git a/drivers/net/tun.c b/drivers/net/tun.c
35350index 7bea9c6..7ef073c 100644
35351--- a/drivers/net/tun.c
35352+++ b/drivers/net/tun.c
35353@@ -359,7 +359,7 @@ static void tun_free_netdev(struct net_device *dev)
35354 {
35355 struct tun_struct *tun = netdev_priv(dev);
35356
35357- sock_put(tun->socket.sk);
35358+ sk_release_kernel(tun->socket.sk);
35359 }
35360
35361 /* Net device open. */
35362@@ -979,10 +979,18 @@ static int tun_recvmsg(struct kiocb *iocb, struct socket *sock,
35363 return ret;
35364 }
35365
35366+static int tun_release(struct socket *sock)
35367+{
35368+ if (sock->sk)
35369+ sock_put(sock->sk);
35370+ return 0;
35371+}
35372+
35373 /* Ops structure to mimic raw sockets with tun */
35374 static const struct proto_ops tun_socket_ops = {
35375 .sendmsg = tun_sendmsg,
35376 .recvmsg = tun_recvmsg,
35377+ .release = tun_release,
35378 };
35379
35380 static struct proto tun_proto = {
35381@@ -1109,10 +1117,11 @@ static int tun_set_iff(struct net *net, struct file *file, struct ifreq *ifr)
35382 tun->vnet_hdr_sz = sizeof(struct virtio_net_hdr);
35383
35384 err = -ENOMEM;
35385- sk = sk_alloc(net, AF_UNSPEC, GFP_KERNEL, &tun_proto);
35386+ sk = sk_alloc(&init_net, AF_UNSPEC, GFP_KERNEL, &tun_proto);
35387 if (!sk)
35388 goto err_free_dev;
35389
35390+ sk_change_net(sk, net);
35391 tun->socket.wq = &tun->wq;
35392 init_waitqueue_head(&tun->wq.wait);
35393 tun->socket.ops = &tun_socket_ops;
35394@@ -1173,7 +1182,7 @@ static int tun_set_iff(struct net *net, struct file *file, struct ifreq *ifr)
35395 return 0;
35396
35397 err_free_sk:
35398- sock_put(sk);
35399+ tun_free_netdev(dev);
35400 err_free_dev:
35401 free_netdev(dev);
35402 failed:
34593diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c 35403diff --git a/drivers/net/usb/hso.c b/drivers/net/usb/hso.c
34594index 304fe78..db112fa 100644 35404index 304fe78..db112fa 100644
34595--- a/drivers/net/usb/hso.c 35405--- a/drivers/net/usb/hso.c
@@ -34716,6 +35526,20 @@ index 0f9ee46..e2d6e65 100644
34716 35526
34717 struct ath_common; 35527 struct ath_common;
34718 struct ath_bus_ops; 35528 struct ath_bus_ops;
35529diff --git a/drivers/net/wireless/ath/ath5k/debug.c b/drivers/net/wireless/ath/ath5k/debug.c
35530index 8c5ce8b..abf101b 100644
35531--- a/drivers/net/wireless/ath/ath5k/debug.c
35532+++ b/drivers/net/wireless/ath/ath5k/debug.c
35533@@ -343,6 +343,9 @@ static ssize_t read_file_debug(struct file *file, char __user *user_buf,
35534
35535 static ssize_t write_file_debug(struct file *file,
35536 const char __user *userbuf,
35537+ size_t count, loff_t *ppos) __size_overflow(3);
35538+static ssize_t write_file_debug(struct file *file,
35539+ const char __user *userbuf,
35540 size_t count, loff_t *ppos)
35541 {
35542 struct ath5k_hw *ah = file->private_data;
34719diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c 35543diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c
34720index b592016..fe47870 100644 35544index b592016..fe47870 100644
34721--- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c 35545--- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c
@@ -34921,6 +35745,32 @@ index f5ae3c6..7936af3 100644
34921 } 35745 }
34922 35746
34923 static u16 ar9003_calc_ptr_chksum(struct ar9003_txc *ads) 35747 static u16 ar9003_calc_ptr_chksum(struct ar9003_txc *ads)
35748diff --git a/drivers/net/wireless/ath/ath9k/debug.c b/drivers/net/wireless/ath/ath9k/debug.c
35749index 2741203..837a960 100644
35750--- a/drivers/net/wireless/ath/ath9k/debug.c
35751+++ b/drivers/net/wireless/ath/ath9k/debug.c
35752@@ -60,6 +60,8 @@ static ssize_t read_file_debug(struct file *file, char __user *user_buf,
35753 }
35754
35755 static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
35756+ size_t count, loff_t *ppos) __size_overflow(3);
35757+static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
35758 size_t count, loff_t *ppos)
35759 {
35760 struct ath_softc *sc = file->private_data;
35761diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_debug.c b/drivers/net/wireless/ath/ath9k/htc_drv_debug.c
35762index d3ff33c..c98bcda 100644
35763--- a/drivers/net/wireless/ath/ath9k/htc_drv_debug.c
35764+++ b/drivers/net/wireless/ath/ath9k/htc_drv_debug.c
35765@@ -464,6 +464,8 @@ static ssize_t read_file_debug(struct file *file, char __user *user_buf,
35766 }
35767
35768 static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
35769+ size_t count, loff_t *ppos) __size_overflow(3);
35770+static ssize_t write_file_debug(struct file *file, const char __user *user_buf,
35771 size_t count, loff_t *ppos)
35772 {
35773 struct ath9k_htc_priv *priv = file->private_data;
34924diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h 35774diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h
34925index 1bd8edf..10c6d30 100644 35775index 1bd8edf..10c6d30 100644
34926--- a/drivers/net/wireless/ath/ath9k/hw.h 35776--- a/drivers/net/wireless/ath/ath9k/hw.h
@@ -35118,6 +35968,42 @@ index f8c752e..28bf4fc 100644
35118 start_switch_worker(); 35968 start_switch_worker();
35119 } 35969 }
35120 35970
35971diff --git a/drivers/oprofile/oprofile_files.c b/drivers/oprofile/oprofile_files.c
35972index 84a208d..f07d177 100644
35973--- a/drivers/oprofile/oprofile_files.c
35974+++ b/drivers/oprofile/oprofile_files.c
35975@@ -36,6 +36,8 @@ static ssize_t timeout_read(struct file *file, char __user *buf,
35976
35977
35978 static ssize_t timeout_write(struct file *file, char const __user *buf,
35979+ size_t count, loff_t *offset) __size_overflow(3);
35980+static ssize_t timeout_write(struct file *file, char const __user *buf,
35981 size_t count, loff_t *offset)
35982 {
35983 unsigned long val;
35984@@ -72,6 +74,7 @@ static ssize_t depth_read(struct file *file, char __user *buf, size_t count, lof
35985 }
35986
35987
35988+static ssize_t depth_write(struct file *file, char const __user *buf, size_t count, loff_t *offset) __size_overflow(3);
35989 static ssize_t depth_write(struct file *file, char const __user *buf, size_t count, loff_t *offset)
35990 {
35991 unsigned long val;
35992@@ -126,12 +129,14 @@ static const struct file_operations cpu_type_fops = {
35993 };
35994
35995
35996+static ssize_t enable_read(struct file *file, char __user *buf, size_t count, loff_t *offset) __size_overflow(3);
35997 static ssize_t enable_read(struct file *file, char __user *buf, size_t count, loff_t *offset)
35998 {
35999 return oprofilefs_ulong_to_user(oprofile_started, buf, count, offset);
36000 }
36001
36002
36003+static ssize_t enable_write(struct file *file, char const __user *buf, size_t count, loff_t *offset) __size_overflow(3);
36004 static ssize_t enable_write(struct file *file, char const __user *buf, size_t count, loff_t *offset)
36005 {
36006 unsigned long val;
35121diff --git a/drivers/oprofile/oprofile_stats.c b/drivers/oprofile/oprofile_stats.c 36007diff --git a/drivers/oprofile/oprofile_stats.c b/drivers/oprofile/oprofile_stats.c
35122index 917d28e..d62d981 100644 36008index 917d28e..d62d981 100644
35123--- a/drivers/oprofile/oprofile_stats.c 36009--- a/drivers/oprofile/oprofile_stats.c
@@ -35161,10 +36047,18 @@ index 38b6fc0..b5cbfce 100644
35161 36047
35162 extern struct oprofile_stat_struct oprofile_stats; 36048 extern struct oprofile_stat_struct oprofile_stats;
35163diff --git a/drivers/oprofile/oprofilefs.c b/drivers/oprofile/oprofilefs.c 36049diff --git a/drivers/oprofile/oprofilefs.c b/drivers/oprofile/oprofilefs.c
35164index 2f0aa0f..90fab02 100644 36050index 2f0aa0f..d5246c3 100644
35165--- a/drivers/oprofile/oprofilefs.c 36051--- a/drivers/oprofile/oprofilefs.c
35166+++ b/drivers/oprofile/oprofilefs.c 36052+++ b/drivers/oprofile/oprofilefs.c
35167@@ -193,7 +193,7 @@ static const struct file_operations atomic_ro_fops = { 36053@@ -97,6 +97,7 @@ static ssize_t ulong_read_file(struct file *file, char __user *buf, size_t count
36054 }
36055
36056
36057+static ssize_t ulong_write_file(struct file *file, char const __user *buf, size_t count, loff_t *offset) __size_overflow(3);
36058 static ssize_t ulong_write_file(struct file *file, char const __user *buf, size_t count, loff_t *offset)
36059 {
36060 unsigned long value;
36061@@ -193,7 +194,7 @@ static const struct file_operations atomic_ro_fops = {
35168 36062
35169 36063
35170 int oprofilefs_create_ro_atomic(struct super_block *sb, struct dentry *root, 36064 int oprofilefs_create_ro_atomic(struct super_block *sb, struct dentry *root,
@@ -35227,7 +36121,7 @@ index 76ba8a1..20ca857 100644
35227 36121
35228 /* initialize our int15 lock */ 36122 /* initialize our int15 lock */
35229diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c 36123diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c
35230index 1cfbf22..be96487 100644 36124index 24f049e..051f66e 100644
35231--- a/drivers/pci/pcie/aspm.c 36125--- a/drivers/pci/pcie/aspm.c
35232+++ b/drivers/pci/pcie/aspm.c 36126+++ b/drivers/pci/pcie/aspm.c
35233@@ -27,9 +27,9 @@ 36127@@ -27,9 +27,9 @@
@@ -35277,6 +36171,19 @@ index 27911b5..5b6db88 100644
35277 proc_create("devices", 0, proc_bus_pci_dir, 36171 proc_create("devices", 0, proc_bus_pci_dir,
35278 &proc_bus_pci_dev_operations); 36172 &proc_bus_pci_dev_operations);
35279 proc_initialized = 1; 36173 proc_initialized = 1;
36174diff --git a/drivers/platform/x86/asus_acpi.c b/drivers/platform/x86/asus_acpi.c
36175index d9312b3..59f63f2 100644
36176--- a/drivers/platform/x86/asus_acpi.c
36177+++ b/drivers/platform/x86/asus_acpi.c
36178@@ -887,6 +887,8 @@ static int lcd_proc_open(struct inode *inode, struct file *file)
36179 }
36180
36181 static ssize_t lcd_proc_write(struct file *file, const char __user *buffer,
36182+ size_t count, loff_t *pos) __size_overflow(3);
36183+static ssize_t lcd_proc_write(struct file *file, const char __user *buffer,
36184 size_t count, loff_t *pos)
36185 {
36186 int rv, value;
35280diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c 36187diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c
35281index 7b82868..b9344c9 100644 36188index 7b82868..b9344c9 100644
35282--- a/drivers/platform/x86/thinkpad_acpi.c 36189--- a/drivers/platform/x86/thinkpad_acpi.c
@@ -35409,6 +36316,19 @@ index 7b82868..b9344c9 100644
35409 36316
35410 /* 36317 /*
35411 * Polling driver 36318 * Polling driver
36319diff --git a/drivers/platform/x86/toshiba_acpi.c b/drivers/platform/x86/toshiba_acpi.c
36320index dcdc1f4..85cee16 100644
36321--- a/drivers/platform/x86/toshiba_acpi.c
36322+++ b/drivers/platform/x86/toshiba_acpi.c
36323@@ -517,6 +517,8 @@ static int set_lcd_status(struct backlight_device *bd)
36324 }
36325
36326 static ssize_t lcd_proc_write(struct file *file, const char __user *buf,
36327+ size_t count, loff_t *pos) __size_overflow(3);
36328+static ssize_t lcd_proc_write(struct file *file, const char __user *buf,
36329 size_t count, loff_t *pos)
36330 {
36331 struct toshiba_acpi_dev *dev = PDE(file->f_path.dentry->d_inode)->data;
35412diff --git a/drivers/pnp/pnpbios/bioscalls.c b/drivers/pnp/pnpbios/bioscalls.c 36332diff --git a/drivers/pnp/pnpbios/bioscalls.c b/drivers/pnp/pnpbios/bioscalls.c
35413index b859d16..5cc6b1a 100644 36333index b859d16..5cc6b1a 100644
35414--- a/drivers/pnp/pnpbios/bioscalls.c 36334--- a/drivers/pnp/pnpbios/bioscalls.c
@@ -36741,6 +37661,32 @@ index 06c1a74..866eebc 100644
36741 37661
36742 cmd->size = t->iovec.iov_len - sizeof(struct netfs_cmd) + 37662 cmd->size = t->iovec.iov_len - sizeof(struct netfs_cmd) +
36743 t->attached_size + t->attached_pages * sizeof(struct netfs_cmd); 37663 t->attached_size + t->attached_pages * sizeof(struct netfs_cmd);
37664diff --git a/drivers/staging/rtl8192e/rtllib_module.c b/drivers/staging/rtl8192e/rtllib_module.c
37665index c36a140..dd27fda 100644
37666--- a/drivers/staging/rtl8192e/rtllib_module.c
37667+++ b/drivers/staging/rtl8192e/rtllib_module.c
37668@@ -228,6 +228,8 @@ static int show_debug_level(char *page, char **start, off_t offset,
37669 }
37670
37671 static int store_debug_level(struct file *file, const char __user *buffer,
37672+ unsigned long count, void *data) __size_overflow(3);
37673+static int store_debug_level(struct file *file, const char __user *buffer,
37674 unsigned long count, void *data)
37675 {
37676 char buf[] = "0x00000000";
37677diff --git a/drivers/staging/rtl8192u/ieee80211/ieee80211_module.c b/drivers/staging/rtl8192u/ieee80211/ieee80211_module.c
37678index e3d47bc..85f4d0d 100644
37679--- a/drivers/staging/rtl8192u/ieee80211/ieee80211_module.c
37680+++ b/drivers/staging/rtl8192u/ieee80211/ieee80211_module.c
37681@@ -250,6 +250,8 @@ static int show_debug_level(char *page, char **start, off_t offset,
37682 }
37683
37684 static int store_debug_level(struct file *file, const char *buffer,
37685+ unsigned long count, void *data) __size_overflow(3);
37686+static int store_debug_level(struct file *file, const char *buffer,
37687 unsigned long count, void *data)
37688 {
37689 char buf[] = "0x00000000";
36744diff --git a/drivers/staging/rtl8712/rtl871x_io.h b/drivers/staging/rtl8712/rtl871x_io.h 37690diff --git a/drivers/staging/rtl8712/rtl871x_io.h b/drivers/staging/rtl8712/rtl871x_io.h
36745index 86308a0..feaa925 100644 37691index 86308a0..feaa925 100644
36746--- a/drivers/staging/rtl8712/rtl871x_io.h 37692--- a/drivers/staging/rtl8712/rtl871x_io.h
@@ -36953,7 +37899,7 @@ index ed147c4..94fc3c6 100644
36953 37899
36954 /* core tmem accessor functions */ 37900 /* core tmem accessor functions */
36955diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c 37901diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c
36956index 0c1d5c73..88e90a8 100644 37902index 03d3528..6bbe82f 100644
36957--- a/drivers/target/iscsi/iscsi_target.c 37903--- a/drivers/target/iscsi/iscsi_target.c
36958+++ b/drivers/target/iscsi/iscsi_target.c 37904+++ b/drivers/target/iscsi/iscsi_target.c
36959@@ -1364,7 +1364,7 @@ static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf) 37905@@ -1364,7 +1364,7 @@ static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf)
@@ -36997,7 +37943,7 @@ index 6845228..df77141 100644
36997 37943
36998 core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count); 37944 core_tmr_handle_tas_abort(tmr_nacl, cmd, tas, fe_count);
36999diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c 37945diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c
37000index e4ddb93..2fc6e0f 100644 37946index cdb774b..8753593 100644
37001--- a/drivers/target/target_core_transport.c 37947--- a/drivers/target/target_core_transport.c
37002+++ b/drivers/target/target_core_transport.c 37948+++ b/drivers/target/target_core_transport.c
37003@@ -1343,7 +1343,7 @@ struct se_device *transport_add_device_to_core_hba( 37949@@ -1343,7 +1343,7 @@ struct se_device *transport_add_device_to_core_hba(
@@ -37039,7 +37985,7 @@ index e4ddb93..2fc6e0f 100644
37039 cmd->t_task_list_num) 37985 cmd->t_task_list_num)
37040 atomic_set(&cmd->t_transport_sent, 1); 37986 atomic_set(&cmd->t_transport_sent, 1);
37041 37987
37042@@ -4296,7 +4296,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd) 37988@@ -4297,7 +4297,7 @@ bool transport_wait_for_tasks(struct se_cmd *cmd)
37043 atomic_set(&cmd->transport_lun_stop, 0); 37989 atomic_set(&cmd->transport_lun_stop, 0);
37044 } 37990 }
37045 if (!atomic_read(&cmd->t_transport_active) || 37991 if (!atomic_read(&cmd->t_transport_active) ||
@@ -37048,7 +37994,7 @@ index e4ddb93..2fc6e0f 100644
37048 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 37994 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
37049 return false; 37995 return false;
37050 } 37996 }
37051@@ -4545,7 +4545,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status) 37997@@ -4546,7 +4546,7 @@ int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
37052 { 37998 {
37053 int ret = 0; 37999 int ret = 0;
37054 38000
@@ -37057,7 +38003,7 @@ index e4ddb93..2fc6e0f 100644
37057 if (!send_status || 38003 if (!send_status ||
37058 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS)) 38004 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
37059 return 1; 38005 return 1;
37060@@ -4582,7 +4582,7 @@ void transport_send_task_abort(struct se_cmd *cmd) 38006@@ -4583,7 +4583,7 @@ void transport_send_task_abort(struct se_cmd *cmd)
37061 */ 38007 */
37062 if (cmd->data_direction == DMA_TO_DEVICE) { 38008 if (cmd->data_direction == DMA_TO_DEVICE) {
37063 if (cmd->se_tfo->write_pending_status(cmd) != 0) { 38009 if (cmd->se_tfo->write_pending_status(cmd) != 0) {
@@ -37791,21 +38737,6 @@ index d956965..4179a77 100644
37791 if (file->f_version != event_count) { 38737 if (file->f_version != event_count) {
37792 file->f_version = event_count; 38738 file->f_version = event_count;
37793 return POLLIN | POLLRDNORM; 38739 return POLLIN | POLLRDNORM;
37794diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c
37795index b3bdfed..a9460e0 100644
37796--- a/drivers/usb/core/message.c
37797+++ b/drivers/usb/core/message.c
37798@@ -869,8 +869,8 @@ char *usb_cache_string(struct usb_device *udev, int index)
37799 buf = kmalloc(MAX_USB_STRING_SIZE, GFP_NOIO);
37800 if (buf) {
37801 len = usb_string(udev, index, buf, MAX_USB_STRING_SIZE);
37802- if (len > 0) {
37803- smallbuf = kmalloc(++len, GFP_NOIO);
37804+ if (len++ > 0) {
37805+ smallbuf = kmalloc(len, GFP_NOIO);
37806 if (!smallbuf)
37807 return buf;
37808 memcpy(smallbuf, buf, len);
37809diff --git a/drivers/usb/early/ehci-dbgp.c b/drivers/usb/early/ehci-dbgp.c 38740diff --git a/drivers/usb/early/ehci-dbgp.c b/drivers/usb/early/ehci-dbgp.c
37810index 1fc8f12..20647c1 100644 38741index 1fc8f12..20647c1 100644
37811--- a/drivers/usb/early/ehci-dbgp.c 38742--- a/drivers/usb/early/ehci-dbgp.c
@@ -37908,6 +38839,19 @@ index b0b2ac3..89a4399 100644
37908 "AGP", 38839 "AGP",
37909 "PCI", 38840 "PCI",
37910 "PRO AGP", 38841 "PRO AGP",
38842diff --git a/drivers/video/backlight/s6e63m0.c b/drivers/video/backlight/s6e63m0.c
38843index e132157..516db70 100644
38844--- a/drivers/video/backlight/s6e63m0.c
38845+++ b/drivers/video/backlight/s6e63m0.c
38846@@ -690,7 +690,7 @@ static ssize_t s6e63m0_sysfs_store_gamma_mode(struct device *dev,
38847 struct backlight_device *bd = NULL;
38848 int brightness, rc;
38849
38850- rc = strict_strtoul(buf, 0, (unsigned long *)&lcd->gamma_mode);
38851+ rc = kstrtouint(buf, 0, &lcd->gamma_mode);
38852 if (rc < 0)
38853 return rc;
38854
37911diff --git a/drivers/video/fbcmap.c b/drivers/video/fbcmap.c 38855diff --git a/drivers/video/fbcmap.c b/drivers/video/fbcmap.c
37912index 5c3960d..15cf8fc 100644 38856index 5c3960d..15cf8fc 100644
37913--- a/drivers/video/fbcmap.c 38857--- a/drivers/video/fbcmap.c
@@ -41090,7 +42034,7 @@ index 79e2ca7..5828ad1 100644
41090 A.out (Assembler.OUTput) is a set of formats for libraries and 42034 A.out (Assembler.OUTput) is a set of formats for libraries and
41091 executables used in the earliest versions of UNIX. Linux used 42035 executables used in the earliest versions of UNIX. Linux used
41092diff --git a/fs/aio.c b/fs/aio.c 42036diff --git a/fs/aio.c b/fs/aio.c
41093index 67e4b90..fbb09dc 100644 42037index b9d64d8..86cb1d5 100644
41094--- a/fs/aio.c 42038--- a/fs/aio.c
41095+++ b/fs/aio.c 42039+++ b/fs/aio.c
41096@@ -119,7 +119,7 @@ static int aio_setup_ring(struct kioctx *ctx) 42040@@ -119,7 +119,7 @@ static int aio_setup_ring(struct kioctx *ctx)
@@ -41102,7 +42046,7 @@ index 67e4b90..fbb09dc 100644
41102 return -EINVAL; 42046 return -EINVAL;
41103 42047
41104 nr_events = (PAGE_SIZE * nr_pages - sizeof(struct aio_ring)) / sizeof(struct io_event); 42048 nr_events = (PAGE_SIZE * nr_pages - sizeof(struct aio_ring)) / sizeof(struct io_event);
41105@@ -1463,22 +1463,27 @@ static ssize_t aio_fsync(struct kiocb *iocb) 42049@@ -1461,22 +1461,27 @@ static ssize_t aio_fsync(struct kiocb *iocb)
41106 static ssize_t aio_setup_vectored_rw(int type, struct kiocb *kiocb, bool compat) 42050 static ssize_t aio_setup_vectored_rw(int type, struct kiocb *kiocb, bool compat)
41107 { 42051 {
41108 ssize_t ret; 42052 ssize_t ret;
@@ -42195,7 +43139,7 @@ index b1fe82c..84da0a9 100644
42195 __bio_for_each_segment(bvec, bio, i, 0) { 43139 __bio_for_each_segment(bvec, bio, i, 0) {
42196 char *addr = page_address(bvec->bv_page); 43140 char *addr = page_address(bvec->bv_page);
42197diff --git a/fs/block_dev.c b/fs/block_dev.c 43141diff --git a/fs/block_dev.c b/fs/block_dev.c
42198index b07f1da..9efcb92 100644 43142index abe9b48..5df59e8 100644
42199--- a/fs/block_dev.c 43143--- a/fs/block_dev.c
42200+++ b/fs/block_dev.c 43144+++ b/fs/block_dev.c
42201@@ -681,7 +681,7 @@ static bool bd_may_claim(struct block_device *bdev, struct block_device *whole, 43145@@ -681,7 +681,7 @@ static bool bd_may_claim(struct block_device *bdev, struct block_device *whole,
@@ -42469,6 +43413,20 @@ index 9895400..fa40a7d 100644
42469 int err; 43413 int err;
42470 u32 ftype; 43414 u32 ftype;
42471 struct ceph_mds_reply_info_parsed *rinfo; 43415 struct ceph_mds_reply_info_parsed *rinfo;
43416diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
43417index cfd1ce3..6b13a74 100644
43418--- a/fs/cifs/asn1.c
43419+++ b/fs/cifs/asn1.c
43420@@ -416,6 +416,9 @@ asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid)
43421
43422 static int
43423 asn1_oid_decode(struct asn1_ctx *ctx,
43424+ unsigned char *eoc, unsigned long **oid, unsigned int *len) __size_overflow(2);
43425+static int
43426+asn1_oid_decode(struct asn1_ctx *ctx,
43427 unsigned char *eoc, unsigned long **oid, unsigned int *len)
43428 {
43429 unsigned long subid;
42472diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c 43430diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
42473index 84e8c07..6170d31 100644 43431index 84e8c07..6170d31 100644
42474--- a/fs/cifs/cifs_debug.c 43432--- a/fs/cifs/cifs_debug.c
@@ -43099,7 +44057,7 @@ index 608c1c3..7d040a8 100644
43099 return rc; 44057 return rc;
43100 } 44058 }
43101diff --git a/fs/exec.c b/fs/exec.c 44059diff --git a/fs/exec.c b/fs/exec.c
43102index 3625464..cdeecdb 100644 44060index 3625464..ff895b9 100644
43103--- a/fs/exec.c 44061--- a/fs/exec.c
43104+++ b/fs/exec.c 44062+++ b/fs/exec.c
43105@@ -55,12 +55,28 @@ 44063@@ -55,12 +55,28 @@
@@ -43605,7 +44563,7 @@ index 3625464..cdeecdb 100644
43605 cn->corename = kmalloc(cn->size, GFP_KERNEL); 44563 cn->corename = kmalloc(cn->size, GFP_KERNEL);
43606 cn->used = 0; 44564 cn->used = 0;
43607 44565
43608@@ -1812,6 +1938,218 @@ out: 44566@@ -1812,6 +1938,228 @@ out:
43609 return ispipe; 44567 return ispipe;
43610 } 44568 }
43611 44569
@@ -43821,10 +44779,20 @@ index 3625464..cdeecdb 100644
43821+EXPORT_SYMBOL(pax_track_stack); 44779+EXPORT_SYMBOL(pax_track_stack);
43822+#endif 44780+#endif
43823+ 44781+
44782+#ifdef CONFIG_PAX_SIZE_OVERFLOW
44783+void report_size_overflow(const char *file, unsigned int line, const char *func)
44784+{
44785+ printk(KERN_ERR "PAX: size overflow detected in function %s %s:%u\n", func, file, line);
44786+ dump_stack();
44787+ do_group_exit(SIGKILL);
44788+}
44789+EXPORT_SYMBOL(report_size_overflow);
44790+#endif
44791+
43824 static int zap_process(struct task_struct *start, int exit_code) 44792 static int zap_process(struct task_struct *start, int exit_code)
43825 { 44793 {
43826 struct task_struct *t; 44794 struct task_struct *t;
43827@@ -2023,17 +2361,17 @@ static void wait_for_dump_helpers(struct file *file) 44795@@ -2023,17 +2371,17 @@ static void wait_for_dump_helpers(struct file *file)
43828 pipe = file->f_path.dentry->d_inode->i_pipe; 44796 pipe = file->f_path.dentry->d_inode->i_pipe;
43829 44797
43830 pipe_lock(pipe); 44798 pipe_lock(pipe);
@@ -43847,7 +44815,7 @@ index 3625464..cdeecdb 100644
43847 pipe_unlock(pipe); 44815 pipe_unlock(pipe);
43848 44816
43849 } 44817 }
43850@@ -2094,7 +2432,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) 44818@@ -2094,7 +2442,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
43851 int retval = 0; 44819 int retval = 0;
43852 int flag = 0; 44820 int flag = 0;
43853 int ispipe; 44821 int ispipe;
@@ -43856,7 +44824,7 @@ index 3625464..cdeecdb 100644
43856 struct coredump_params cprm = { 44824 struct coredump_params cprm = {
43857 .signr = signr, 44825 .signr = signr,
43858 .regs = regs, 44826 .regs = regs,
43859@@ -2109,6 +2447,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) 44827@@ -2109,6 +2457,9 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
43860 44828
43861 audit_core_dumps(signr); 44829 audit_core_dumps(signr);
43862 44830
@@ -43866,7 +44834,7 @@ index 3625464..cdeecdb 100644
43866 binfmt = mm->binfmt; 44834 binfmt = mm->binfmt;
43867 if (!binfmt || !binfmt->core_dump) 44835 if (!binfmt || !binfmt->core_dump)
43868 goto fail; 44836 goto fail;
43869@@ -2176,7 +2517,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) 44837@@ -2176,7 +2527,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
43870 } 44838 }
43871 cprm.limit = RLIM_INFINITY; 44839 cprm.limit = RLIM_INFINITY;
43872 44840
@@ -43875,7 +44843,7 @@ index 3625464..cdeecdb 100644
43875 if (core_pipe_limit && (core_pipe_limit < dump_count)) { 44843 if (core_pipe_limit && (core_pipe_limit < dump_count)) {
43876 printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n", 44844 printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n",
43877 task_tgid_vnr(current), current->comm); 44845 task_tgid_vnr(current), current->comm);
43878@@ -2203,6 +2544,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) 44846@@ -2203,6 +2554,8 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs)
43879 } else { 44847 } else {
43880 struct inode *inode; 44848 struct inode *inode;
43881 44849
@@ -43884,7 +44852,7 @@ index 3625464..cdeecdb 100644
43884 if (cprm.limit < binfmt->min_coredump) 44852 if (cprm.limit < binfmt->min_coredump)
43885 goto fail_unlock; 44853 goto fail_unlock;
43886 44854
43887@@ -2246,7 +2589,7 @@ close_fail: 44855@@ -2246,7 +2599,7 @@ close_fail:
43888 filp_close(cprm.file, NULL); 44856 filp_close(cprm.file, NULL);
43889 fail_dropcount: 44857 fail_dropcount:
43890 if (ispipe) 44858 if (ispipe)
@@ -43893,7 +44861,7 @@ index 3625464..cdeecdb 100644
43893 fail_unlock: 44861 fail_unlock:
43894 kfree(cn.corename); 44862 kfree(cn.corename);
43895 fail_corename: 44863 fail_corename:
43896@@ -2265,7 +2608,7 @@ fail: 44864@@ -2265,7 +2618,7 @@ fail:
43897 */ 44865 */
43898 int dump_write(struct file *file, const void *addr, int nr) 44866 int dump_write(struct file *file, const void *addr, int nr)
43899 { 44867 {
@@ -45730,7 +46698,7 @@ index 0be5a78..9cfb853 100644
45730 static int can_do_hugetlb_shm(void) 46698 static int can_do_hugetlb_shm(void)
45731 { 46699 {
45732diff --git a/fs/inode.c b/fs/inode.c 46700diff --git a/fs/inode.c b/fs/inode.c
45733index ee4e66b..0451521 100644 46701index ee4e66b..9a39f9c 100644
45734--- a/fs/inode.c 46702--- a/fs/inode.c
45735+++ b/fs/inode.c 46703+++ b/fs/inode.c
45736@@ -787,8 +787,8 @@ unsigned int get_next_ino(void) 46704@@ -787,8 +787,8 @@ unsigned int get_next_ino(void)
@@ -45744,6 +46712,24 @@ index ee4e66b..0451521 100644
45744 46712
45745 res = next - LAST_INO_BATCH; 46713 res = next - LAST_INO_BATCH;
45746 } 46714 }
46715@@ -855,8 +855,7 @@ void lockdep_annotate_inode_mutex_key(struct inode *inode)
46716 struct file_system_type *type = inode->i_sb->s_type;
46717
46718 /* Set new key only if filesystem hasn't already changed it */
46719- if (!lockdep_match_class(&inode->i_mutex,
46720- &type->i_mutex_key)) {
46721+ if (lockdep_match_class(&inode->i_mutex, &type->i_mutex_key)) {
46722 /*
46723 * ensure nobody is actually holding i_mutex
46724 */
46725@@ -883,6 +882,7 @@ void unlock_new_inode(struct inode *inode)
46726 spin_lock(&inode->i_lock);
46727 WARN_ON(!(inode->i_state & I_NEW));
46728 inode->i_state &= ~I_NEW;
46729+ smp_mb();
46730 wake_up_bit(&inode->i_state, __I_NEW);
46731 spin_unlock(&inode->i_lock);
46732 }
45747diff --git a/fs/jffs2/erase.c b/fs/jffs2/erase.c 46733diff --git a/fs/jffs2/erase.c b/fs/jffs2/erase.c
45748index e513f19..2ab1351 100644 46734index e513f19..2ab1351 100644
45749--- a/fs/jffs2/erase.c 46735--- a/fs/jffs2/erase.c
@@ -45857,7 +46843,7 @@ index 637694b..f84a121 100644
45857 46843
45858 lock_flocks(); 46844 lock_flocks();
45859diff --git a/fs/namei.c b/fs/namei.c 46845diff --git a/fs/namei.c b/fs/namei.c
45860index 744e942..24ef47f 100644 46846index 9680cef..a19f203 100644
45861--- a/fs/namei.c 46847--- a/fs/namei.c
45862+++ b/fs/namei.c 46848+++ b/fs/namei.c
45863@@ -279,16 +279,32 @@ int generic_permission(struct inode *inode, int mask) 46849@@ -279,16 +279,32 @@ int generic_permission(struct inode *inode, int mask)
@@ -46021,7 +47007,7 @@ index 744e942..24ef47f 100644
46021@@ -2140,6 +2207,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path, 47007@@ -2140,6 +2207,16 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
46022 error = complete_walk(nd); 47008 error = complete_walk(nd);
46023 if (error) 47009 if (error)
46024 return ERR_PTR(-ECHILD); 47010 return ERR_PTR(error);
46025+#ifdef CONFIG_GRKERNSEC 47011+#ifdef CONFIG_GRKERNSEC
46026+ if (nd->flags & LOOKUP_RCU) { 47012+ if (nd->flags & LOOKUP_RCU) {
46027+ error = -ECHILD; 47013+ error = -ECHILD;
@@ -46407,6 +47393,28 @@ index cfc6d44..b4632a5 100644
46407 get_fs_root(current->fs, &root); 47393 get_fs_root(current->fs, &root);
46408 error = lock_mount(&old); 47394 error = lock_mount(&old);
46409 if (error) 47395 if (error)
47396diff --git a/fs/ncpfs/ncplib_kernel.h b/fs/ncpfs/ncplib_kernel.h
47397index 09881e6..308ff20 100644
47398--- a/fs/ncpfs/ncplib_kernel.h
47399+++ b/fs/ncpfs/ncplib_kernel.h
47400@@ -130,7 +130,7 @@ static inline int ncp_is_nfs_extras(struct ncp_server* server, unsigned int voln
47401 int ncp__io2vol(struct ncp_server *, unsigned char *, unsigned int *,
47402 const unsigned char *, unsigned int, int);
47403 int ncp__vol2io(struct ncp_server *, unsigned char *, unsigned int *,
47404- const unsigned char *, unsigned int, int);
47405+ const unsigned char *, unsigned int, int) __size_overflow(5);
47406
47407 #define NCP_ESC ':'
47408 #define NCP_IO_TABLE(sb) (NCP_SBP(sb)->nls_io)
47409@@ -146,7 +146,7 @@ int ncp__vol2io(struct ncp_server *, unsigned char *, unsigned int *,
47410 int ncp__io2vol(unsigned char *, unsigned int *,
47411 const unsigned char *, unsigned int, int);
47412 int ncp__vol2io(unsigned char *, unsigned int *,
47413- const unsigned char *, unsigned int, int);
47414+ const unsigned char *, unsigned int, int) __size_overflow(5);
47415
47416 #define NCP_IO_TABLE(sb) NULL
47417 #define ncp_tolower(t, c) tolower(c)
46410diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c 47418diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c
46411index 3db6b82..a57597e 100644 47419index 3db6b82..a57597e 100644
46412--- a/fs/nfs/blocklayout/blocklayout.c 47420--- a/fs/nfs/blocklayout/blocklayout.c
@@ -46484,6 +47492,31 @@ index 7a2e442..8e544cc 100644
46484 set_fs(oldfs); 47492 set_fs(oldfs);
46485 47493
46486 if (host_err < 0) 47494 if (host_err < 0)
47495diff --git a/fs/nilfs2/the_nilfs.c b/fs/nilfs2/the_nilfs.c
47496index d327140..501b7f8 100644
47497--- a/fs/nilfs2/the_nilfs.c
47498+++ b/fs/nilfs2/the_nilfs.c
47499@@ -409,6 +409,12 @@ static int nilfs_store_disk_layout(struct the_nilfs *nilfs,
47500 nilfs->ns_first_data_block = le64_to_cpu(sbp->s_first_data_block);
47501 nilfs->ns_r_segments_percentage =
47502 le32_to_cpu(sbp->s_r_segments_percentage);
47503+ if (nilfs->ns_r_segments_percentage < 1 ||
47504+ nilfs->ns_r_segments_percentage > 99) {
47505+ printk(KERN_ERR "NILFS: invalid reserved segments percentage.\n");
47506+ return -EINVAL;
47507+ }
47508+
47509 nilfs_set_nsegments(nilfs, le64_to_cpu(sbp->s_nsegments));
47510 nilfs->ns_crc_seed = le32_to_cpu(sbp->s_crc_seed);
47511 return 0;
47512@@ -515,6 +521,7 @@ static int nilfs_load_super_block(struct the_nilfs *nilfs,
47513 brelse(sbh[1]);
47514 sbh[1] = NULL;
47515 sbp[1] = NULL;
47516+ valid[1] = 0;
47517 swp = 0;
47518 }
47519 if (!valid[swp]) {
46487diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c 47520diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
46488index 9fde1c0..14e8827 100644 47521index 9fde1c0..14e8827 100644
46489--- a/fs/notify/fanotify/fanotify_user.c 47522--- a/fs/notify/fanotify/fanotify_user.c
@@ -48306,7 +49339,7 @@ index d33418f..2a5345e 100644
48306 return -EINVAL; 49339 return -EINVAL;
48307 49340
48308diff --git a/fs/seq_file.c b/fs/seq_file.c 49341diff --git a/fs/seq_file.c b/fs/seq_file.c
48309index dba43c3..9fb8511 100644 49342index dba43c3..4b3f701 100644
48310--- a/fs/seq_file.c 49343--- a/fs/seq_file.c
48311+++ b/fs/seq_file.c 49344+++ b/fs/seq_file.c
48312@@ -9,6 +9,7 @@ 49345@@ -9,6 +9,7 @@
@@ -48327,47 +49360,7 @@ index dba43c3..9fb8511 100644
48327 49360
48328 /* 49361 /*
48329 * Wrappers around seq_open(e.g. swaps_open) need to be 49362 * Wrappers around seq_open(e.g. swaps_open) need to be
48330@@ -76,7 +80,8 @@ static int traverse(struct seq_file *m, loff_t offset) 49363@@ -549,7 +553,7 @@ static void single_stop(struct seq_file *p, void *v)
48331 return 0;
48332 }
48333 if (!m->buf) {
48334- m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL);
48335+ m->size = PAGE_SIZE;
48336+ m->buf = kmalloc(PAGE_SIZE, GFP_KERNEL);
48337 if (!m->buf)
48338 return -ENOMEM;
48339 }
48340@@ -116,7 +121,8 @@ static int traverse(struct seq_file *m, loff_t offset)
48341 Eoverflow:
48342 m->op->stop(m, p);
48343 kfree(m->buf);
48344- m->buf = kmalloc(m->size <<= 1, GFP_KERNEL);
48345+ m->size <<= 1;
48346+ m->buf = kmalloc(m->size, GFP_KERNEL);
48347 return !m->buf ? -ENOMEM : -EAGAIN;
48348 }
48349
48350@@ -169,7 +175,8 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos)
48351 m->version = file->f_version;
48352 /* grab buffer if we didn't have one */
48353 if (!m->buf) {
48354- m->buf = kmalloc(m->size = PAGE_SIZE, GFP_KERNEL);
48355+ m->size = PAGE_SIZE;
48356+ m->buf = kmalloc(PAGE_SIZE, GFP_KERNEL);
48357 if (!m->buf)
48358 goto Enomem;
48359 }
48360@@ -210,7 +217,8 @@ ssize_t seq_read(struct file *file, char __user *buf, size_t size, loff_t *ppos)
48361 goto Fill;
48362 m->op->stop(m, p);
48363 kfree(m->buf);
48364- m->buf = kmalloc(m->size <<= 1, GFP_KERNEL);
48365+ m->size <<= 1;
48366+ m->buf = kmalloc(m->size, GFP_KERNEL);
48367 if (!m->buf)
48368 goto Enomem;
48369 m->count = 0;
48370@@ -549,7 +557,7 @@ static void single_stop(struct seq_file *p, void *v)
48371 int single_open(struct file *file, int (*show)(struct seq_file *, void *), 49364 int single_open(struct file *file, int (*show)(struct seq_file *, void *),
48372 void *data) 49365 void *data)
48373 { 49366 {
@@ -48518,6 +49511,19 @@ index fa2defa..8601650 100644
48518 ret = -EAGAIN; 49511 ret = -EAGAIN;
48519 49512
48520 pipe_unlock(ipipe); 49513 pipe_unlock(ipipe);
49514diff --git a/fs/sysfs/bin.c b/fs/sysfs/bin.c
49515index a475983..9c6a1f0 100644
49516--- a/fs/sysfs/bin.c
49517+++ b/fs/sysfs/bin.c
49518@@ -67,6 +67,8 @@ fill_read(struct file *file, char *buffer, loff_t off, size_t count)
49519 }
49520
49521 static ssize_t
49522+read(struct file *file, char __user *userbuf, size_t bytes, loff_t *off) __size_overflow(3);
49523+static ssize_t
49524 read(struct file *file, char __user *userbuf, size_t bytes, loff_t *off)
49525 {
49526 struct bin_buffer *bb = file->private_data;
48521diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c 49527diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
48522index 7fdf6a7..e6cd8ad 100644 49528index 7fdf6a7..e6cd8ad 100644
48523--- a/fs/sysfs/dir.c 49529--- a/fs/sysfs/dir.c
@@ -48603,6 +49609,44 @@ index a7ac78f..02158e1 100644
48603 if (!IS_ERR(page)) 49609 if (!IS_ERR(page))
48604 free_page((unsigned long)page); 49610 free_page((unsigned long)page);
48605 } 49611 }
49612diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
49613index b09ba2d..1cad1a8 100644
49614--- a/fs/ubifs/debug.c
49615+++ b/fs/ubifs/debug.c
49616@@ -2817,6 +2817,7 @@ static ssize_t dfs_file_read(struct file *file, char __user *u, size_t count,
49617 * debugfs file. Returns %0 or %1 in case of success and a negative error code
49618 * in case of failure.
49619 */
49620+static int interpret_user_input(const char __user *u, size_t count) __size_overflow(2);
49621 static int interpret_user_input(const char __user *u, size_t count)
49622 {
49623 size_t buf_size;
49624@@ -2835,6 +2836,8 @@ static int interpret_user_input(const char __user *u, size_t count)
49625 }
49626
49627 static ssize_t dfs_file_write(struct file *file, const char __user *u,
49628+ size_t count, loff_t *ppos) __size_overflow(3);
49629+static ssize_t dfs_file_write(struct file *file, const char __user *u,
49630 size_t count, loff_t *ppos)
49631 {
49632 struct ubifs_info *c = file->private_data;
49633diff --git a/fs/udf/file.c b/fs/udf/file.c
49634index dca0c38..d567b84 100644
49635--- a/fs/udf/file.c
49636+++ b/fs/udf/file.c
49637@@ -201,12 +201,10 @@ out:
49638 static int udf_release_file(struct inode *inode, struct file *filp)
49639 {
49640 if (filp->f_mode & FMODE_WRITE) {
49641- mutex_lock(&inode->i_mutex);
49642 down_write(&UDF_I(inode)->i_data_sem);
49643 udf_discard_prealloc(inode);
49644 udf_truncate_tail_extent(inode);
49645 up_write(&UDF_I(inode)->i_data_sem);
49646- mutex_unlock(&inode->i_mutex);
49647 }
49648 return 0;
49649 }
48606diff --git a/fs/udf/misc.c b/fs/udf/misc.c 49650diff --git a/fs/udf/misc.c b/fs/udf/misc.c
48607index c175b4d..8f36a16 100644 49651index c175b4d..8f36a16 100644
48608--- a/fs/udf/misc.c 49652--- a/fs/udf/misc.c
@@ -59111,32 +60155,6 @@ index 0d68a1e..b74a761 100644
59111 { 60155 {
59112 machine_restart(NULL); 60156 machine_restart(NULL);
59113 } 60157 }
59114diff --git a/include/asm-generic/int-l64.h b/include/asm-generic/int-l64.h
59115index 1ca3efc..e3dc852 100644
59116--- a/include/asm-generic/int-l64.h
59117+++ b/include/asm-generic/int-l64.h
59118@@ -46,6 +46,8 @@ typedef unsigned int u32;
59119 typedef signed long s64;
59120 typedef unsigned long u64;
59121
59122+typedef unsigned int intoverflow_t __attribute__ ((mode(TI)));
59123+
59124 #define S8_C(x) x
59125 #define U8_C(x) x ## U
59126 #define S16_C(x) x
59127diff --git a/include/asm-generic/int-ll64.h b/include/asm-generic/int-ll64.h
59128index f394147..b6152b9 100644
59129--- a/include/asm-generic/int-ll64.h
59130+++ b/include/asm-generic/int-ll64.h
59131@@ -51,6 +51,8 @@ typedef unsigned int u32;
59132 typedef signed long long s64;
59133 typedef unsigned long long u64;
59134
59135+typedef unsigned long long intoverflow_t;
59136+
59137 #define S8_C(x) x
59138 #define U8_C(x) x ## U
59139 #define S16_C(x) x
59140diff --git a/include/asm-generic/kmap_types.h b/include/asm-generic/kmap_types.h 60158diff --git a/include/asm-generic/kmap_types.h b/include/asm-generic/kmap_types.h
59141index 0232ccb..13d9165 100644 60159index 0232ccb..13d9165 100644
59142--- a/include/asm-generic/kmap_types.h 60160--- a/include/asm-generic/kmap_types.h
@@ -59259,6 +60277,88 @@ index 76bff2b..c7a14e2 100644
59259 #endif /* !__ASSEMBLY__ */ 60277 #endif /* !__ASSEMBLY__ */
59260 60278
59261 #endif /* _ASM_GENERIC_PGTABLE_H */ 60279 #endif /* _ASM_GENERIC_PGTABLE_H */
60280diff --git a/include/asm-generic/uaccess.h b/include/asm-generic/uaccess.h
60281index ac68c99..b495b0a 100644
60282--- a/include/asm-generic/uaccess.h
60283+++ b/include/asm-generic/uaccess.h
60284@@ -76,6 +76,8 @@ extern unsigned long search_exception_table(unsigned long);
60285 */
60286 #ifndef __copy_from_user
60287 static inline __must_check long __copy_from_user(void *to,
60288+ const void __user * from, unsigned long n) __size_overflow(3);
60289+static inline __must_check long __copy_from_user(void *to,
60290 const void __user * from, unsigned long n)
60291 {
60292 if (__builtin_constant_p(n)) {
60293@@ -106,6 +108,8 @@ static inline __must_check long __copy_from_user(void *to,
60294
60295 #ifndef __copy_to_user
60296 static inline __must_check long __copy_to_user(void __user *to,
60297+ const void *from, unsigned long n) __size_overflow(3);
60298+static inline __must_check long __copy_to_user(void __user *to,
60299 const void *from, unsigned long n)
60300 {
60301 if (__builtin_constant_p(n)) {
60302@@ -224,6 +228,7 @@ extern int __put_user_bad(void) __attribute__((noreturn));
60303 -EFAULT; \
60304 })
60305
60306+static inline int __get_user_fn(size_t size, const void __user *ptr, void *x) __size_overflow(1);
60307 static inline int __get_user_fn(size_t size, const void __user *ptr, void *x)
60308 {
60309 size = __copy_from_user(x, ptr, size);
60310@@ -240,6 +245,7 @@ extern int __get_user_bad(void) __attribute__((noreturn));
60311 #define __copy_to_user_inatomic __copy_to_user
60312 #endif
60313
60314+static inline long copy_from_user(void *to, const void __user * from, unsigned long n) __size_overflow(3);
60315 static inline long copy_from_user(void *to,
60316 const void __user * from, unsigned long n)
60317 {
60318@@ -250,6 +256,7 @@ static inline long copy_from_user(void *to,
60319 return n;
60320 }
60321
60322+static inline long copy_to_user(void __user *to, const void *from, unsigned long n) __size_overflow(3);
60323 static inline long copy_to_user(void __user *to,
60324 const void *from, unsigned long n)
60325 {
60326@@ -265,6 +272,8 @@ static inline long copy_to_user(void __user *to,
60327 */
60328 #ifndef __strncpy_from_user
60329 static inline long
60330+__strncpy_from_user(char *dst, const char __user *src, unsigned long count) __size_overflow(3);
60331+static inline long
60332 __strncpy_from_user(char *dst, const char __user *src, long count)
60333 {
60334 char *tmp;
60335@@ -276,6 +285,8 @@ __strncpy_from_user(char *dst, const char __user *src, long count)
60336 #endif
60337
60338 static inline long
60339+strncpy_from_user(char *dst, const char __user *src, unsigned long count) __size_overflow(3);
60340+static inline long
60341 strncpy_from_user(char *dst, const char __user *src, long count)
60342 {
60343 if (!access_ok(VERIFY_READ, src, 1))
60344@@ -309,6 +320,8 @@ static inline long strlen_user(const char __user *src)
60345 */
60346 #ifndef __clear_user
60347 static inline __must_check unsigned long
60348+__clear_user(void __user *to, unsigned long n) __size_overflow(2);
60349+static inline __must_check unsigned long
60350 __clear_user(void __user *to, unsigned long n)
60351 {
60352 memset((void __force *)to, 0, n);
60353@@ -317,6 +330,8 @@ __clear_user(void __user *to, unsigned long n)
60354 #endif
60355
60356 static inline __must_check unsigned long
60357+clear_user(void __user *to, unsigned long n) __size_overflow(2);
60358+static inline __must_check unsigned long
60359 clear_user(void __user *to, unsigned long n)
60360 {
60361 might_sleep();
59262diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h 60362diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
59263index b5e2e4c..6a5373e 100644 60363index b5e2e4c..6a5373e 100644
59264--- a/include/asm-generic/vmlinux.lds.h 60364--- a/include/asm-generic/vmlinux.lds.h
@@ -59557,10 +60657,10 @@ index 04ffb2e..6799180 100644
59557 extern struct cleancache_ops 60657 extern struct cleancache_ops
59558 cleancache_register_ops(struct cleancache_ops *ops); 60658 cleancache_register_ops(struct cleancache_ops *ops);
59559diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h 60659diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h
59560index dfadc96..c0e70c1 100644 60660index dfadc96..d90deca 100644
59561--- a/include/linux/compiler-gcc4.h 60661--- a/include/linux/compiler-gcc4.h
59562+++ b/include/linux/compiler-gcc4.h 60662+++ b/include/linux/compiler-gcc4.h
59563@@ -31,6 +31,12 @@ 60663@@ -31,6 +31,15 @@
59564 60664
59565 60665
59566 #if __GNUC_MINOR__ >= 5 60666 #if __GNUC_MINOR__ >= 5
@@ -59570,10 +60670,13 @@ index dfadc96..c0e70c1 100644
59570+#define __do_const __attribute__((do_const)) 60670+#define __do_const __attribute__((do_const))
59571+#endif 60671+#endif
59572+ 60672+
60673+#ifdef SIZE_OVERFLOW_PLUGIN
60674+#define __size_overflow(...) __attribute__((size_overflow(__VA_ARGS__)))
60675+#endif
59573 /* 60676 /*
59574 * Mark a position in code as unreachable. This can be used to 60677 * Mark a position in code as unreachable. This can be used to
59575 * suppress control flow warnings after asm blocks that transfer 60678 * suppress control flow warnings after asm blocks that transfer
59576@@ -46,6 +52,11 @@ 60679@@ -46,6 +55,11 @@
59577 #define __noclone __attribute__((__noclone__)) 60680 #define __noclone __attribute__((__noclone__))
59578 60681
59579 #endif 60682 #endif
@@ -59586,7 +60689,7 @@ index dfadc96..c0e70c1 100644
59586 60689
59587 #if __GNUC_MINOR__ > 0 60690 #if __GNUC_MINOR__ > 0
59588diff --git a/include/linux/compiler.h b/include/linux/compiler.h 60691diff --git a/include/linux/compiler.h b/include/linux/compiler.h
59589index 320d6c9..8573a1c 100644 60692index 320d6c9..1221a6b 100644
59590--- a/include/linux/compiler.h 60693--- a/include/linux/compiler.h
59591+++ b/include/linux/compiler.h 60694+++ b/include/linux/compiler.h
59592@@ -5,31 +5,62 @@ 60695@@ -5,31 +5,62 @@
@@ -59662,7 +60765,7 @@ index 320d6c9..8573a1c 100644
59662 #endif 60765 #endif
59663 60766
59664 #ifdef __KERNEL__ 60767 #ifdef __KERNEL__
59665@@ -264,6 +297,14 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); 60768@@ -264,6 +297,17 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect);
59666 # define __attribute_const__ /* unimplemented */ 60769 # define __attribute_const__ /* unimplemented */
59667 #endif 60770 #endif
59668 60771
@@ -59674,10 +60777,13 @@ index 320d6c9..8573a1c 100644
59674+# define __do_const 60777+# define __do_const
59675+#endif 60778+#endif
59676+ 60779+
60780+#ifndef __size_overflow
60781+# define __size_overflow(...)
60782+#endif
59677 /* 60783 /*
59678 * Tell gcc if a function is cold. The compiler will assume any path 60784 * Tell gcc if a function is cold. The compiler will assume any path
59679 * directly leading to the call is unlikely. 60785 * directly leading to the call is unlikely.
59680@@ -273,6 +314,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); 60786@@ -273,6 +317,22 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect);
59681 #define __cold 60787 #define __cold
59682 #endif 60788 #endif
59683 60789
@@ -59700,7 +60806,7 @@ index 320d6c9..8573a1c 100644
59700 /* Simple shorthand for a section definition */ 60806 /* Simple shorthand for a section definition */
59701 #ifndef __section 60807 #ifndef __section
59702 # define __section(S) __attribute__ ((__section__(#S))) 60808 # define __section(S) __attribute__ ((__section__(#S)))
59703@@ -306,6 +363,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); 60809@@ -306,6 +366,7 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect);
59704 * use is to mediate communication between process-level code and irq/NMI 60810 * use is to mediate communication between process-level code and irq/NMI
59705 * handlers, all running on the same CPU. 60811 * handlers, all running on the same CPU.
59706 */ 60812 */
@@ -59722,6 +60828,19 @@ index e9eaec5..bfeb9bb 100644
59722 } 60828 }
59723 60829
59724 static inline void set_mems_allowed(nodemask_t nodemask) 60830 static inline void set_mems_allowed(nodemask_t nodemask)
60831diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h
60832index b936763..48685ee 100644
60833--- a/include/linux/crash_dump.h
60834+++ b/include/linux/crash_dump.h
60835@@ -14,7 +14,7 @@ extern unsigned long long elfcorehdr_addr;
60836 extern unsigned long long elfcorehdr_size;
60837
60838 extern ssize_t copy_oldmem_page(unsigned long, char *, size_t,
60839- unsigned long, int);
60840+ unsigned long, int) __size_overflow(3);
60841
60842 /* Architecture code defines this if there are other possible ELF
60843 * machine types, e.g. on bi-arch capable hardware. */
59725diff --git a/include/linux/cred.h b/include/linux/cred.h 60844diff --git a/include/linux/cred.h b/include/linux/cred.h
59726index 4030896..8d6f342 100644 60845index 4030896..8d6f342 100644
59727--- a/include/linux/cred.h 60846--- a/include/linux/cred.h
@@ -60012,7 +61131,7 @@ index c3da42d..c70e0df 100644
60012 int trace_set_clr_event(const char *system, const char *event, int set); 61131 int trace_set_clr_event(const char *system, const char *event, int set);
60013 61132
60014diff --git a/include/linux/genhd.h b/include/linux/genhd.h 61133diff --git a/include/linux/genhd.h b/include/linux/genhd.h
60015index 6d18f35..ab71e2c 100644 61134index c6f7f6a..aa0f7d3 100644
60016--- a/include/linux/genhd.h 61135--- a/include/linux/genhd.h
60017+++ b/include/linux/genhd.h 61136+++ b/include/linux/genhd.h
60018@@ -185,7 +185,7 @@ struct gendisk { 61137@@ -185,7 +185,7 @@ struct gendisk {
@@ -61335,7 +62454,7 @@ index b16f653..eb908f4 100644
61335 #define request_module_nowait(mod...) __request_module(false, mod) 62454 #define request_module_nowait(mod...) __request_module(false, mod)
61336 #define try_then_request_module(x, mod...) \ 62455 #define try_then_request_module(x, mod...) \
61337diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h 62456diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
61338index d526231..086e89b 100644 62457index d526231..c9599fc 100644
61339--- a/include/linux/kvm_host.h 62458--- a/include/linux/kvm_host.h
61340+++ b/include/linux/kvm_host.h 62459+++ b/include/linux/kvm_host.h
61341@@ -308,7 +308,7 @@ void kvm_vcpu_uninit(struct kvm_vcpu *vcpu); 62460@@ -308,7 +308,7 @@ void kvm_vcpu_uninit(struct kvm_vcpu *vcpu);
@@ -61347,6 +62466,33 @@ index d526231..086e89b 100644
61347 struct module *module); 62466 struct module *module);
61348 void kvm_exit(void); 62467 void kvm_exit(void);
61349 62468
62469@@ -385,20 +385,20 @@ void kvm_get_pfn(pfn_t pfn);
62470 int kvm_read_guest_page(struct kvm *kvm, gfn_t gfn, void *data, int offset,
62471 int len);
62472 int kvm_read_guest_atomic(struct kvm *kvm, gpa_t gpa, void *data,
62473- unsigned long len);
62474-int kvm_read_guest(struct kvm *kvm, gpa_t gpa, void *data, unsigned long len);
62475+ unsigned long len) __size_overflow(4);
62476+int kvm_read_guest(struct kvm *kvm, gpa_t gpa, void *data, unsigned long len) __size_overflow(2,4);
62477 int kvm_read_guest_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
62478- void *data, unsigned long len);
62479+ void *data, unsigned long len) __size_overflow(4);
62480 int kvm_write_guest_page(struct kvm *kvm, gfn_t gfn, const void *data,
62481 int offset, int len);
62482 int kvm_write_guest(struct kvm *kvm, gpa_t gpa, const void *data,
62483- unsigned long len);
62484+ unsigned long len) __size_overflow(2,4);
62485 int kvm_write_guest_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
62486- void *data, unsigned long len);
62487+ void *data, unsigned long len) __size_overflow(4);
62488 int kvm_gfn_to_hva_cache_init(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
62489 gpa_t gpa);
62490 int kvm_clear_guest_page(struct kvm *kvm, gfn_t gfn, int offset, int len);
62491-int kvm_clear_guest(struct kvm *kvm, gpa_t gpa, unsigned long len);
62492+int kvm_clear_guest(struct kvm *kvm, gpa_t gpa, unsigned long len) __size_overflow(2,3);
62493 struct kvm_memory_slot *gfn_to_memslot(struct kvm *kvm, gfn_t gfn);
62494 int kvm_is_visible_gfn(struct kvm *kvm, gfn_t gfn);
62495 unsigned long kvm_host_page_size(struct kvm *kvm, gfn_t gfn);
61350@@ -454,7 +454,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu, 62496@@ -454,7 +454,7 @@ int kvm_arch_vcpu_ioctl_set_guest_debug(struct kvm_vcpu *vcpu,
61351 struct kvm_guest_debug *dbg); 62497 struct kvm_guest_debug *dbg);
61352 int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run); 62498 int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run);
@@ -61356,6 +62502,15 @@ index d526231..086e89b 100644
61356 void kvm_arch_exit(void); 62502 void kvm_arch_exit(void);
61357 62503
61358 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu); 62504 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu);
62505@@ -690,7 +690,7 @@ int kvm_setup_default_irq_routing(struct kvm *kvm);
62506 int kvm_set_irq_routing(struct kvm *kvm,
62507 const struct kvm_irq_routing_entry *entries,
62508 unsigned nr,
62509- unsigned flags);
62510+ unsigned flags) __size_overflow(3);
62511 void kvm_free_irq_routing(struct kvm *kvm);
62512
62513 #else
61359diff --git a/include/linux/libata.h b/include/linux/libata.h 62514diff --git a/include/linux/libata.h b/include/linux/libata.h
61360index cafc09a..d7e7829 100644 62515index cafc09a..d7e7829 100644
61361--- a/include/linux/libata.h 62516--- a/include/linux/libata.h
@@ -61725,19 +62880,22 @@ index 3cb7839..511cb87 100644
61725 62880
61726 /* Search for module by name: must hold module_mutex. */ 62881 /* Search for module by name: must hold module_mutex. */
61727diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h 62882diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h
61728index b2be02e..6a9fdb1 100644 62883index b2be02e..edb10c9 100644
61729--- a/include/linux/moduleloader.h 62884--- a/include/linux/moduleloader.h
61730+++ b/include/linux/moduleloader.h 62885+++ b/include/linux/moduleloader.h
61731@@ -25,9 +25,21 @@ unsigned int arch_mod_section_prepend(struct module *mod, unsigned int section); 62886@@ -23,11 +23,23 @@ unsigned int arch_mod_section_prepend(struct module *mod, unsigned int section);
61732 sections. Returns NULL on failure. */
61733 void *module_alloc(unsigned long size);
61734 62887
62888 /* Allocator used for allocating struct module, core sections and init
62889 sections. Returns NULL on failure. */
62890-void *module_alloc(unsigned long size);
62891+void *module_alloc(unsigned long size) __size_overflow(1);
62892+
61735+#ifdef CONFIG_PAX_KERNEXEC 62893+#ifdef CONFIG_PAX_KERNEXEC
61736+void *module_alloc_exec(unsigned long size); 62894+void *module_alloc_exec(unsigned long size);
61737+#else 62895+#else
61738+#define module_alloc_exec(x) module_alloc(x) 62896+#define module_alloc_exec(x) module_alloc(x)
61739+#endif 62897+#endif
61740+ 62898
61741 /* Free memory returned from module_alloc. */ 62899 /* Free memory returned from module_alloc. */
61742 void module_free(struct module *mod, void *module_region); 62900 void module_free(struct module *mod, void *module_region);
61743 62901
@@ -61862,7 +63020,7 @@ index c65a18a..0c05f3a 100644
61862 extern void *prom_early_alloc(unsigned long size); 63020 extern void *prom_early_alloc(unsigned long size);
61863 63021
61864diff --git a/include/linux/oprofile.h b/include/linux/oprofile.h 63022diff --git a/include/linux/oprofile.h b/include/linux/oprofile.h
61865index a4c5624..79d6d88 100644 63023index a4c5624..2dabfb7 100644
61866--- a/include/linux/oprofile.h 63024--- a/include/linux/oprofile.h
61867+++ b/include/linux/oprofile.h 63025+++ b/include/linux/oprofile.h
61868@@ -139,9 +139,9 @@ int oprofilefs_create_ulong(struct super_block * sb, struct dentry * root, 63026@@ -139,9 +139,9 @@ int oprofilefs_create_ulong(struct super_block * sb, struct dentry * root,
@@ -61877,6 +63035,15 @@ index a4c5624..79d6d88 100644
61877 63035
61878 /** create a directory */ 63036 /** create a directory */
61879 struct dentry * oprofilefs_mkdir(struct super_block * sb, struct dentry * root, 63037 struct dentry * oprofilefs_mkdir(struct super_block * sb, struct dentry * root,
63038@@ -163,7 +163,7 @@ ssize_t oprofilefs_ulong_to_user(unsigned long val, char __user * buf, size_t co
63039 * Read an ASCII string for a number from a userspace buffer and fill *val on success.
63040 * Returns 0 on success, < 0 on error.
63041 */
63042-int oprofilefs_ulong_from_user(unsigned long * val, char const __user * buf, size_t count);
63043+int oprofilefs_ulong_from_user(unsigned long * val, char const __user * buf, size_t count) __size_overflow(3);
63044
63045 /** lock for read/write safety */
63046 extern raw_spinlock_t oprofilefs_lock;
61880diff --git a/include/linux/padata.h b/include/linux/padata.h 63047diff --git a/include/linux/padata.h b/include/linux/padata.h
61881index 4633b2f..988bc08 100644 63048index 4633b2f..988bc08 100644
61882--- a/include/linux/padata.h 63049--- a/include/linux/padata.h
@@ -62493,7 +63660,7 @@ index 92808b8..c28cac4 100644
62493 63660
62494 /* shm_mode upper byte flags */ 63661 /* shm_mode upper byte flags */
62495diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h 63662diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
62496index fe86488..1563c1c 100644 63663index 6cf8b53..bcce844 100644
62497--- a/include/linux/skbuff.h 63664--- a/include/linux/skbuff.h
62498+++ b/include/linux/skbuff.h 63665+++ b/include/linux/skbuff.h
62499@@ -642,7 +642,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb) 63666@@ -642,7 +642,7 @@ static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb)
@@ -62523,7 +63690,7 @@ index fe86488..1563c1c 100644
62523 } 63690 }
62524 63691
62525 /** 63692 /**
62526@@ -1523,7 +1523,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len) 63693@@ -1533,7 +1533,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
62527 * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) 63694 * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
62528 */ 63695 */
62529 #ifndef NET_SKB_PAD 63696 #ifndef NET_SKB_PAD
@@ -62533,7 +63700,7 @@ index fe86488..1563c1c 100644
62533 63700
62534 extern int ___pskb_trim(struct sk_buff *skb, unsigned int len); 63701 extern int ___pskb_trim(struct sk_buff *skb, unsigned int len);
62535diff --git a/include/linux/slab.h b/include/linux/slab.h 63702diff --git a/include/linux/slab.h b/include/linux/slab.h
62536index 573c809..e84c132 100644 63703index 573c809..07e1f43 100644
62537--- a/include/linux/slab.h 63704--- a/include/linux/slab.h
62538+++ b/include/linux/slab.h 63705+++ b/include/linux/slab.h
62539@@ -11,12 +11,20 @@ 63706@@ -11,12 +11,20 @@
@@ -62574,7 +63741,14 @@ index 573c809..e84c132 100644
62574 63741
62575 /* 63742 /*
62576 * struct kmem_cache related prototypes 63743 * struct kmem_cache related prototypes
62577@@ -161,6 +172,7 @@ void * __must_check krealloc(const void *, size_t, gfp_t); 63744@@ -156,11 +167,12 @@ unsigned int kmem_cache_size(struct kmem_cache *);
63745 /*
63746 * Common kmalloc functions provided by all allocators
63747 */
63748-void * __must_check __krealloc(const void *, size_t, gfp_t);
63749-void * __must_check krealloc(const void *, size_t, gfp_t);
63750+void * __must_check __krealloc(const void *, size_t, gfp_t) __size_overflow(2);
63751+void * __must_check krealloc(const void *, size_t, gfp_t) __size_overflow(2);
62578 void kfree(const void *); 63752 void kfree(const void *);
62579 void kzfree(const void *); 63753 void kzfree(const void *);
62580 size_t ksize(const void *); 63754 size_t ksize(const void *);
@@ -62582,68 +63756,26 @@ index 573c809..e84c132 100644
62582 63756
62583 /* 63757 /*
62584 * Allocator specific definitions. These are mainly used to establish optimized 63758 * Allocator specific definitions. These are mainly used to establish optimized
62585@@ -353,4 +365,59 @@ static inline void *kzalloc_node(size_t size, gfp_t flags, int node) 63759@@ -287,7 +299,7 @@ static inline void *kmem_cache_alloc_node(struct kmem_cache *cachep,
62586 63760 */
62587 void __init kmem_cache_init_late(void); 63761 #if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) || \
62588 63762 (defined(CONFIG_SLAB) && defined(CONFIG_TRACING))
62589+#define kmalloc(x, y) \ 63763-extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long);
62590+({ \ 63764+extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long) __size_overflow(1);
62591+ void *___retval; \ 63765 #define kmalloc_track_caller(size, flags) \
62592+ intoverflow_t ___x = (intoverflow_t)x; \ 63766 __kmalloc_track_caller(size, flags, _RET_IP_)
62593+ if (WARN(___x > ULONG_MAX, "kmalloc size overflow\n")) \ 63767 #else
62594+ ___retval = NULL; \ 63768@@ -306,7 +318,7 @@ extern void *__kmalloc_track_caller(size_t, gfp_t, unsigned long);
62595+ else \ 63769 */
62596+ ___retval = kmalloc((size_t)___x, (y)); \ 63770 #if defined(CONFIG_DEBUG_SLAB) || defined(CONFIG_SLUB) || \
62597+ ___retval; \ 63771 (defined(CONFIG_SLAB) && defined(CONFIG_TRACING))
62598+}) 63772-extern void *__kmalloc_node_track_caller(size_t, gfp_t, int, unsigned long);
62599+ 63773+extern void *__kmalloc_node_track_caller(size_t, gfp_t, int, unsigned long) __size_overflow(1);
62600+#define kmalloc_node(x, y, z) \ 63774 #define kmalloc_node_track_caller(size, flags, node) \
62601+({ \ 63775 __kmalloc_node_track_caller(size, flags, node, \
62602+ void *___retval; \ 63776 _RET_IP_)
62603+ intoverflow_t ___x = (intoverflow_t)x; \
62604+ if (WARN(___x > ULONG_MAX, "kmalloc_node size overflow\n"))\
62605+ ___retval = NULL; \
62606+ else \
62607+ ___retval = kmalloc_node((size_t)___x, (y), (z));\
62608+ ___retval; \
62609+})
62610+
62611+#define kzalloc(x, y) \
62612+({ \
62613+ void *___retval; \
62614+ intoverflow_t ___x = (intoverflow_t)x; \
62615+ if (WARN(___x > ULONG_MAX, "kzalloc size overflow\n")) \
62616+ ___retval = NULL; \
62617+ else \
62618+ ___retval = kzalloc((size_t)___x, (y)); \
62619+ ___retval; \
62620+})
62621+
62622+#define __krealloc(x, y, z) \
62623+({ \
62624+ void *___retval; \
62625+ intoverflow_t ___y = (intoverflow_t)y; \
62626+ if (WARN(___y > ULONG_MAX, "__krealloc size overflow\n"))\
62627+ ___retval = NULL; \
62628+ else \
62629+ ___retval = __krealloc((x), (size_t)___y, (z)); \
62630+ ___retval; \
62631+})
62632+
62633+#define krealloc(x, y, z) \
62634+({ \
62635+ void *___retval; \
62636+ intoverflow_t ___y = (intoverflow_t)y; \
62637+ if (WARN(___y > ULONG_MAX, "krealloc size overflow\n")) \
62638+ ___retval = NULL; \
62639+ else \
62640+ ___retval = krealloc((x), (size_t)___y, (z)); \
62641+ ___retval; \
62642+})
62643+
62644 #endif /* _LINUX_SLAB_H */
62645diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h 63777diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h
62646index d00e0ba..1b3bf7b 100644 63778index d00e0ba..d61fb1f 100644
62647--- a/include/linux/slab_def.h 63779--- a/include/linux/slab_def.h
62648+++ b/include/linux/slab_def.h 63780+++ b/include/linux/slab_def.h
62649@@ -68,10 +68,10 @@ struct kmem_cache { 63781@@ -68,10 +68,10 @@ struct kmem_cache {
@@ -62661,8 +63793,71 @@ index d00e0ba..1b3bf7b 100644
62661 63793
62662 /* 63794 /*
62663 * If debugging is enabled, then the allocator can add additional 63795 * If debugging is enabled, then the allocator can add additional
63796@@ -109,7 +109,7 @@ struct cache_sizes {
63797 extern struct cache_sizes malloc_sizes[];
63798
63799 void *kmem_cache_alloc(struct kmem_cache *, gfp_t);
63800-void *__kmalloc(size_t size, gfp_t flags);
63801+void *__kmalloc(size_t size, gfp_t flags) __size_overflow(1);
63802
63803 #ifdef CONFIG_TRACING
63804 extern void *kmem_cache_alloc_trace(size_t size,
63805@@ -127,6 +127,7 @@ static inline size_t slab_buffer_size(struct kmem_cache *cachep)
63806 }
63807 #endif
63808
63809+static __always_inline void *kmalloc(size_t size, gfp_t flags) __size_overflow(1);
63810 static __always_inline void *kmalloc(size_t size, gfp_t flags)
63811 {
63812 struct kmem_cache *cachep;
63813@@ -162,7 +163,7 @@ found:
63814 }
63815
63816 #ifdef CONFIG_NUMA
63817-extern void *__kmalloc_node(size_t size, gfp_t flags, int node);
63818+extern void *__kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63819 extern void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node);
63820
63821 #ifdef CONFIG_TRACING
63822@@ -181,6 +182,7 @@ kmem_cache_alloc_node_trace(size_t size,
63823 }
63824 #endif
63825
63826+static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63827 static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node)
63828 {
63829 struct kmem_cache *cachep;
63830diff --git a/include/linux/slob_def.h b/include/linux/slob_def.h
63831index 0ec00b3..65e7e0e 100644
63832--- a/include/linux/slob_def.h
63833+++ b/include/linux/slob_def.h
63834@@ -9,8 +9,9 @@ static __always_inline void *kmem_cache_alloc(struct kmem_cache *cachep,
63835 return kmem_cache_alloc_node(cachep, flags, -1);
63836 }
63837
63838-void *__kmalloc_node(size_t size, gfp_t flags, int node);
63839+void *__kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63840
63841+static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63842 static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node)
63843 {
63844 return __kmalloc_node(size, flags, node);
63845@@ -24,11 +25,13 @@ static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node)
63846 * kmalloc is the normal method of allocating memory
63847 * in the kernel.
63848 */
63849+static __always_inline void *kmalloc(size_t size, gfp_t flags) __size_overflow(1);
63850 static __always_inline void *kmalloc(size_t size, gfp_t flags)
63851 {
63852 return __kmalloc_node(size, flags, -1);
63853 }
63854
63855+static __always_inline void *__kmalloc(size_t size, gfp_t flags) __size_overflow(1);
63856 static __always_inline void *__kmalloc(size_t size, gfp_t flags)
63857 {
63858 return kmalloc(size, flags);
62664diff --git a/include/linux/slub_def.h b/include/linux/slub_def.h 63859diff --git a/include/linux/slub_def.h b/include/linux/slub_def.h
62665index a32bcfd..53b71f4 100644 63860index a32bcfd..d26bd6e 100644
62666--- a/include/linux/slub_def.h 63861--- a/include/linux/slub_def.h
62667+++ b/include/linux/slub_def.h 63862+++ b/include/linux/slub_def.h
62668@@ -89,7 +89,7 @@ struct kmem_cache { 63863@@ -89,7 +89,7 @@ struct kmem_cache {
@@ -62674,15 +63869,59 @@ index a32bcfd..53b71f4 100644
62674 void (*ctor)(void *); 63869 void (*ctor)(void *);
62675 int inuse; /* Offset to metadata */ 63870 int inuse; /* Offset to metadata */
62676 int align; /* Alignment */ 63871 int align; /* Alignment */
62677@@ -215,7 +215,7 @@ static __always_inline struct kmem_cache *kmalloc_slab(size_t size) 63872@@ -204,6 +204,7 @@ static __always_inline int kmalloc_index(size_t size)
63873 * This ought to end up with a global pointer to the right cache
63874 * in kmalloc_caches.
63875 */
63876+static __always_inline struct kmem_cache *kmalloc_slab(size_t size) __size_overflow(1);
63877 static __always_inline struct kmem_cache *kmalloc_slab(size_t size)
63878 {
63879 int index = kmalloc_index(size);
63880@@ -215,9 +216,11 @@ static __always_inline struct kmem_cache *kmalloc_slab(size_t size)
62678 } 63881 }
62679 63882
62680 void *kmem_cache_alloc(struct kmem_cache *, gfp_t); 63883 void *kmem_cache_alloc(struct kmem_cache *, gfp_t);
62681-void *__kmalloc(size_t size, gfp_t flags); 63884-void *__kmalloc(size_t size, gfp_t flags);
62682+void *__kmalloc(size_t size, gfp_t flags) __alloc_size(1); 63885+void *__kmalloc(size_t size, gfp_t flags) __alloc_size(1) __size_overflow(1);
62683 63886
62684 static __always_inline void * 63887 static __always_inline void *
63888+kmalloc_order(size_t size, gfp_t flags, unsigned int order) __size_overflow(1);
63889+static __always_inline void *
62685 kmalloc_order(size_t size, gfp_t flags, unsigned int order) 63890 kmalloc_order(size_t size, gfp_t flags, unsigned int order)
63891 {
63892 void *ret = (void *) __get_free_pages(flags | __GFP_COMP, order);
63893@@ -256,12 +259,14 @@ kmalloc_order_trace(size_t size, gfp_t flags, unsigned int order)
63894 }
63895 #endif
63896
63897+static __always_inline void *kmalloc_large(size_t size, gfp_t flags) __size_overflow(1);
63898 static __always_inline void *kmalloc_large(size_t size, gfp_t flags)
63899 {
63900 unsigned int order = get_order(size);
63901 return kmalloc_order_trace(size, flags, order);
63902 }
63903
63904+static __always_inline void *kmalloc(size_t size, gfp_t flags) __size_overflow(1);
63905 static __always_inline void *kmalloc(size_t size, gfp_t flags)
63906 {
63907 if (__builtin_constant_p(size)) {
63908@@ -281,7 +286,7 @@ static __always_inline void *kmalloc(size_t size, gfp_t flags)
63909 }
63910
63911 #ifdef CONFIG_NUMA
63912-void *__kmalloc_node(size_t size, gfp_t flags, int node);
63913+void *__kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63914 void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node);
63915
63916 #ifdef CONFIG_TRACING
63917@@ -298,6 +303,7 @@ kmem_cache_alloc_node_trace(struct kmem_cache *s,
63918 }
63919 #endif
63920
63921+static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node) __size_overflow(1);
63922 static __always_inline void *kmalloc_node(size_t size, gfp_t flags, int node)
63923 {
63924 if (__builtin_constant_p(size) &&
62686diff --git a/include/linux/sonet.h b/include/linux/sonet.h 63925diff --git a/include/linux/sonet.h b/include/linux/sonet.h
62687index de8832d..0147b46 100644 63926index de8832d..0147b46 100644
62688--- a/include/linux/sonet.h 63927--- a/include/linux/sonet.h
@@ -62880,7 +64119,7 @@ index 57a9723..dbe234a 100644
62880 64119
62881 struct list_head { 64120 struct list_head {
62882diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h 64121diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h
62883index 5ca0951..ab496a5 100644 64122index 5ca0951..53a2fff 100644
62884--- a/include/linux/uaccess.h 64123--- a/include/linux/uaccess.h
62885+++ b/include/linux/uaccess.h 64124+++ b/include/linux/uaccess.h
62886@@ -76,11 +76,11 @@ static inline unsigned long __copy_from_user_nocache(void *to, 64125@@ -76,11 +76,11 @@ static inline unsigned long __copy_from_user_nocache(void *to,
@@ -62898,6 +64137,15 @@ index 5ca0951..ab496a5 100644
62898 ret; \ 64137 ret; \
62899 }) 64138 })
62900 64139
64140@@ -105,7 +105,7 @@ extern long __probe_kernel_read(void *dst, const void *src, size_t size);
64141 * Safely write to address @dst from the buffer at @src. If a kernel fault
64142 * happens, handle that and return -EFAULT.
64143 */
64144-extern long notrace probe_kernel_write(void *dst, const void *src, size_t size);
64145+extern long notrace probe_kernel_write(void *dst, const void *src, size_t size) __size_overflow(3);
64146 extern long notrace __probe_kernel_write(void *dst, const void *src, size_t size);
64147
64148 #endif /* __LINUX_UACCESS_H__ */
62901diff --git a/include/linux/unaligned/access_ok.h b/include/linux/unaligned/access_ok.h 64149diff --git a/include/linux/unaligned/access_ok.h b/include/linux/unaligned/access_ok.h
62902index 99c1b4d..bb94261 100644 64150index 99c1b4d..bb94261 100644
62903--- a/include/linux/unaligned/access_ok.h 64151--- a/include/linux/unaligned/access_ok.h
@@ -63005,7 +64253,7 @@ index 6f8fbcf..8259001 100644
63005+ MODULE_GRSEC 64253+ MODULE_GRSEC
63006 64254
63007diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h 64255diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h
63008index 4bde182..aec92c1 100644 64256index 4bde182..c42a656 100644
63009--- a/include/linux/vmalloc.h 64257--- a/include/linux/vmalloc.h
63010+++ b/include/linux/vmalloc.h 64258+++ b/include/linux/vmalloc.h
63011@@ -14,6 +14,11 @@ struct vm_area_struct; /* vma defining user mapping in mm_types.h */ 64259@@ -14,6 +14,11 @@ struct vm_area_struct; /* vma defining user mapping in mm_types.h */
@@ -63020,110 +64268,46 @@ index 4bde182..aec92c1 100644
63020 /* bits [20..32] reserved for arch specific ioremap internals */ 64268 /* bits [20..32] reserved for arch specific ioremap internals */
63021 64269
63022 /* 64270 /*
63023@@ -156,4 +161,103 @@ pcpu_free_vm_areas(struct vm_struct **vms, int nr_vms) 64271@@ -51,18 +56,18 @@ static inline void vmalloc_init(void)
63024 # endif 64272 }
63025 #endif 64273 #endif
63026 64274
63027+#define vmalloc(x) \ 64275-extern void *vmalloc(unsigned long size);
63028+({ \ 64276-extern void *vzalloc(unsigned long size);
63029+ void *___retval; \ 64277-extern void *vmalloc_user(unsigned long size);
63030+ intoverflow_t ___x = (intoverflow_t)x; \ 64278-extern void *vmalloc_node(unsigned long size, int node);
63031+ if (WARN(___x > ULONG_MAX, "vmalloc size overflow\n")) \ 64279-extern void *vzalloc_node(unsigned long size, int node);
63032+ ___retval = NULL; \ 64280-extern void *vmalloc_exec(unsigned long size);
63033+ else \ 64281-extern void *vmalloc_32(unsigned long size);
63034+ ___retval = vmalloc((unsigned long)___x); \ 64282-extern void *vmalloc_32_user(unsigned long size);
63035+ ___retval; \ 64283-extern void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot);
63036+}) 64284+extern void *vmalloc(unsigned long size) __size_overflow(1);
63037+ 64285+extern void *vzalloc(unsigned long size) __size_overflow(1);
63038+#define vzalloc(x) \ 64286+extern void *vmalloc_user(unsigned long size) __size_overflow(1);
63039+({ \ 64287+extern void *vmalloc_node(unsigned long size, int node) __size_overflow(1);
63040+ void *___retval; \ 64288+extern void *vzalloc_node(unsigned long size, int node) __size_overflow(1);
63041+ intoverflow_t ___x = (intoverflow_t)x; \ 64289+extern void *vmalloc_exec(unsigned long size) __size_overflow(1);
63042+ if (WARN(___x > ULONG_MAX, "vzalloc size overflow\n")) \ 64290+extern void *vmalloc_32(unsigned long size) __size_overflow(1);
63043+ ___retval = NULL; \ 64291+extern void *vmalloc_32_user(unsigned long size) __size_overflow(1);
63044+ else \ 64292+extern void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot) __size_overflow(1);
63045+ ___retval = vzalloc((unsigned long)___x); \ 64293 extern void *__vmalloc_node_range(unsigned long size, unsigned long align,
63046+ ___retval; \ 64294 unsigned long start, unsigned long end, gfp_t gfp_mask,
63047+}) 64295- pgprot_t prot, int node, void *caller);
63048+ 64296+ pgprot_t prot, int node, void *caller) __size_overflow(1);
63049+#define __vmalloc(x, y, z) \ 64297 extern void vfree(const void *addr);
63050+({ \ 64298
63051+ void *___retval; \ 64299 extern void *vmap(struct page **pages, unsigned int count,
63052+ intoverflow_t ___x = (intoverflow_t)x; \ 64300@@ -123,8 +128,8 @@ extern struct vm_struct *alloc_vm_area(size_t size, pte_t **ptes);
63053+ if (WARN(___x > ULONG_MAX, "__vmalloc size overflow\n"))\ 64301 extern void free_vm_area(struct vm_struct *area);
63054+ ___retval = NULL; \ 64302
63055+ else \ 64303 /* for /dev/kmem */
63056+ ___retval = __vmalloc((unsigned long)___x, (y), (z));\ 64304-extern long vread(char *buf, char *addr, unsigned long count);
63057+ ___retval; \ 64305-extern long vwrite(char *buf, char *addr, unsigned long count);
63058+}) 64306+extern long vread(char *buf, char *addr, unsigned long count) __size_overflow(3);
63059+ 64307+extern long vwrite(char *buf, char *addr, unsigned long count) __size_overflow(3);
63060+#define vmalloc_user(x) \ 64308
63061+({ \ 64309 /*
63062+ void *___retval; \ 64310 * Internals. Dont't use..
63063+ intoverflow_t ___x = (intoverflow_t)x; \
63064+ if (WARN(___x > ULONG_MAX, "vmalloc_user size overflow\n"))\
63065+ ___retval = NULL; \
63066+ else \
63067+ ___retval = vmalloc_user((unsigned long)___x); \
63068+ ___retval; \
63069+})
63070+
63071+#define vmalloc_exec(x) \
63072+({ \
63073+ void *___retval; \
63074+ intoverflow_t ___x = (intoverflow_t)x; \
63075+ if (WARN(___x > ULONG_MAX, "vmalloc_exec size overflow\n"))\
63076+ ___retval = NULL; \
63077+ else \
63078+ ___retval = vmalloc_exec((unsigned long)___x); \
63079+ ___retval; \
63080+})
63081+
63082+#define vmalloc_node(x, y) \
63083+({ \
63084+ void *___retval; \
63085+ intoverflow_t ___x = (intoverflow_t)x; \
63086+ if (WARN(___x > ULONG_MAX, "vmalloc_node size overflow\n"))\
63087+ ___retval = NULL; \
63088+ else \
63089+ ___retval = vmalloc_node((unsigned long)___x, (y));\
63090+ ___retval; \
63091+})
63092+
63093+#define vzalloc_node(x, y) \
63094+({ \
63095+ void *___retval; \
63096+ intoverflow_t ___x = (intoverflow_t)x; \
63097+ if (WARN(___x > ULONG_MAX, "vzalloc_node size overflow\n"))\
63098+ ___retval = NULL; \
63099+ else \
63100+ ___retval = vzalloc_node((unsigned long)___x, (y));\
63101+ ___retval; \
63102+})
63103+
63104+#define vmalloc_32(x) \
63105+({ \
63106+ void *___retval; \
63107+ intoverflow_t ___x = (intoverflow_t)x; \
63108+ if (WARN(___x > ULONG_MAX, "vmalloc_32 size overflow\n"))\
63109+ ___retval = NULL; \
63110+ else \
63111+ ___retval = vmalloc_32((unsigned long)___x); \
63112+ ___retval; \
63113+})
63114+
63115+#define vmalloc_32_user(x) \
63116+({ \
63117+void *___retval; \
63118+ intoverflow_t ___x = (intoverflow_t)x; \
63119+ if (WARN(___x > ULONG_MAX, "vmalloc_32_user size overflow\n"))\
63120+ ___retval = NULL; \
63121+ else \
63122+ ___retval = vmalloc_32_user((unsigned long)___x);\
63123+ ___retval; \
63124+})
63125+
63126 #endif /* _LINUX_VMALLOC_H */
63127diff --git a/include/linux/vmstat.h b/include/linux/vmstat.h 64311diff --git a/include/linux/vmstat.h b/include/linux/vmstat.h
63128index 65efb92..137adbb 100644 64312index 65efb92..137adbb 100644
63129--- a/include/linux/vmstat.h 64313--- a/include/linux/vmstat.h
@@ -73341,26 +74525,10 @@ index b1cd120..aaae885 100644
73341 74525
73342 if (S_ISREG(inode->i_mode)) 74526 if (S_ISREG(inode->i_mode))
73343diff --git a/mm/util.c b/mm/util.c 74527diff --git a/mm/util.c b/mm/util.c
73344index 136ac4f..5117eef 100644 74528index 136ac4f..f917fa9 100644
73345--- a/mm/util.c 74529--- a/mm/util.c
73346+++ b/mm/util.c 74530+++ b/mm/util.c
73347@@ -114,6 +114,7 @@ EXPORT_SYMBOL(memdup_user); 74531@@ -243,6 +243,12 @@ void __vma_link_list(struct mm_struct *mm, struct vm_area_struct *vma,
73348 * allocated buffer. Use this if you don't want to free the buffer immediately
73349 * like, for example, with RCU.
73350 */
73351+#undef __krealloc
73352 void *__krealloc(const void *p, size_t new_size, gfp_t flags)
73353 {
73354 void *ret;
73355@@ -147,6 +148,7 @@ EXPORT_SYMBOL(__krealloc);
73356 * behaves exactly like kmalloc(). If @size is 0 and @p is not a
73357 * %NULL pointer, the object pointed to is freed.
73358 */
73359+#undef krealloc
73360 void *krealloc(const void *p, size_t new_size, gfp_t flags)
73361 {
73362 void *ret;
73363@@ -243,6 +245,12 @@ void __vma_link_list(struct mm_struct *mm, struct vm_area_struct *vma,
73364 void arch_pick_mmap_layout(struct mm_struct *mm) 74532 void arch_pick_mmap_layout(struct mm_struct *mm)
73365 { 74533 {
73366 mm->mmap_base = TASK_UNMAPPED_BASE; 74534 mm->mmap_base = TASK_UNMAPPED_BASE;
@@ -73374,7 +74542,7 @@ index 136ac4f..5117eef 100644
73374 mm->unmap_area = arch_unmap_area; 74542 mm->unmap_area = arch_unmap_area;
73375 } 74543 }
73376diff --git a/mm/vmalloc.c b/mm/vmalloc.c 74544diff --git a/mm/vmalloc.c b/mm/vmalloc.c
73377index 27be2f0..0aef2c2 100644 74545index 27be2f0..633e5cc 100644
73378--- a/mm/vmalloc.c 74546--- a/mm/vmalloc.c
73379+++ b/mm/vmalloc.c 74547+++ b/mm/vmalloc.c
73380@@ -39,8 +39,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end) 74548@@ -39,8 +39,19 @@ static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end)
@@ -73523,60 +74691,11 @@ index 27be2f0..0aef2c2 100644
73523 area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNLIST, 74691 area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNLIST,
73524 start, end, node, gfp_mask, caller); 74692 start, end, node, gfp_mask, caller);
73525 if (!area) 74693 if (!area)
73526@@ -1679,6 +1741,7 @@ static void *__vmalloc_node(unsigned long size, unsigned long align, 74694@@ -1800,10 +1862,9 @@ EXPORT_SYMBOL(vzalloc_node);
73527 gfp_mask, prot, node, caller);
73528 }
73529
73530+#undef __vmalloc
73531 void *__vmalloc(unsigned long size, gfp_t gfp_mask, pgprot_t prot)
73532 {
73533 return __vmalloc_node(size, 1, gfp_mask, prot, -1,
73534@@ -1702,6 +1765,7 @@ static inline void *__vmalloc_node_flags(unsigned long size,
73535 * For tight control over page level allocator and protection flags
73536 * use __vmalloc() instead.
73537 */
73538+#undef vmalloc
73539 void *vmalloc(unsigned long size)
73540 {
73541 return __vmalloc_node_flags(size, -1, GFP_KERNEL | __GFP_HIGHMEM);
73542@@ -1718,6 +1782,7 @@ EXPORT_SYMBOL(vmalloc);
73543 * For tight control over page level allocator and protection flags
73544 * use __vmalloc() instead.
73545 */
73546+#undef vzalloc
73547 void *vzalloc(unsigned long size)
73548 {
73549 return __vmalloc_node_flags(size, -1,
73550@@ -1732,6 +1797,7 @@ EXPORT_SYMBOL(vzalloc);
73551 * The resulting memory area is zeroed so it can be mapped to userspace
73552 * without leaking data.
73553 */
73554+#undef vmalloc_user
73555 void *vmalloc_user(unsigned long size)
73556 {
73557 struct vm_struct *area;
73558@@ -1759,6 +1825,7 @@ EXPORT_SYMBOL(vmalloc_user);
73559 * For tight control over page level allocator and protection flags
73560 * use __vmalloc() instead.
73561 */
73562+#undef vmalloc_node
73563 void *vmalloc_node(unsigned long size, int node)
73564 {
73565 return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL,
73566@@ -1778,6 +1845,7 @@ EXPORT_SYMBOL(vmalloc_node);
73567 * For tight control over page level allocator and protection flags
73568 * use __vmalloc_node() instead.
73569 */
73570+#undef vzalloc_node
73571 void *vzalloc_node(unsigned long size, int node)
73572 {
73573 return __vmalloc_node_flags(size, node,
73574@@ -1800,10 +1868,10 @@ EXPORT_SYMBOL(vzalloc_node);
73575 * For tight control over page level allocator and protection flags 74695 * For tight control over page level allocator and protection flags
73576 * use __vmalloc() instead. 74696 * use __vmalloc() instead.
73577 */ 74697 */
73578- 74698-
73579+#undef vmalloc_exec
73580 void *vmalloc_exec(unsigned long size) 74699 void *vmalloc_exec(unsigned long size)
73581 { 74700 {
73582- return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL_EXEC, 74701- return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL_EXEC,
@@ -73584,23 +74703,7 @@ index 27be2f0..0aef2c2 100644
73584 -1, __builtin_return_address(0)); 74703 -1, __builtin_return_address(0));
73585 } 74704 }
73586 74705
73587@@ -1822,6 +1890,7 @@ void *vmalloc_exec(unsigned long size) 74706@@ -2098,6 +2159,8 @@ int remap_vmalloc_range(struct vm_area_struct *vma, void *addr,
73588 * Allocate enough 32bit PA addressable pages to cover @size from the
73589 * page level allocator and map them into contiguous kernel virtual space.
73590 */
73591+#undef vmalloc_32
73592 void *vmalloc_32(unsigned long size)
73593 {
73594 return __vmalloc_node(size, 1, GFP_VMALLOC32, PAGE_KERNEL,
73595@@ -1836,6 +1905,7 @@ EXPORT_SYMBOL(vmalloc_32);
73596 * The resulting memory area is 32bit addressable and zeroed so it can be
73597 * mapped to userspace without leaking data.
73598 */
73599+#undef vmalloc_32_user
73600 void *vmalloc_32_user(unsigned long size)
73601 {
73602 struct vm_struct *area;
73603@@ -2098,6 +2168,8 @@ int remap_vmalloc_range(struct vm_area_struct *vma, void *addr,
73604 unsigned long uaddr = vma->vm_start; 74707 unsigned long uaddr = vma->vm_start;
73605 unsigned long usize = vma->vm_end - vma->vm_start; 74708 unsigned long usize = vma->vm_end - vma->vm_start;
73606 74709
@@ -73946,10 +75049,10 @@ index 17b5b1c..826d872 100644
73946 } 75049 }
73947 } 75050 }
73948diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c 75051diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
73949index a5f4e57..910ee6d 100644 75052index 8eb6b15..e3db7ab 100644
73950--- a/net/bridge/br_multicast.c 75053--- a/net/bridge/br_multicast.c
73951+++ b/net/bridge/br_multicast.c 75054+++ b/net/bridge/br_multicast.c
73952@@ -1485,7 +1485,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br, 75055@@ -1488,7 +1488,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
73953 nexthdr = ip6h->nexthdr; 75056 nexthdr = ip6h->nexthdr;
73954 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr); 75057 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr);
73955 75058
@@ -74630,6 +75733,19 @@ index 39a2d29..f39c0fe 100644
74630 ---help--- 75733 ---help---
74631 Econet is a fairly old and slow networking protocol mainly used by 75734 Econet is a fairly old and slow networking protocol mainly used by
74632 Acorn computers to access file and print servers. It uses native 75735 Acorn computers to access file and print servers. It uses native
75736diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
75737index 36d1440..44ff28b 100644
75738--- a/net/ipv4/ah4.c
75739+++ b/net/ipv4/ah4.c
75740@@ -19,6 +19,8 @@ struct ah_skb_cb {
75741 #define AH_SKB_CB(__skb) ((struct ah_skb_cb *)&((__skb)->cb[0]))
75742
75743 static void *ah_alloc_tmp(struct crypto_ahash *ahash, int nfrags,
75744+ unsigned int size) __size_overflow(3);
75745+static void *ah_alloc_tmp(struct crypto_ahash *ahash, int nfrags,
75746 unsigned int size)
75747 {
75748 unsigned int len;
74633diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c 75749diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
74634index 92fc5f6..b790d91 100644 75750index 92fc5f6..b790d91 100644
74635--- a/net/ipv4/fib_frontend.c 75751--- a/net/ipv4/fib_frontend.c
@@ -74847,19 +75963,71 @@ index 99ec116..c5628fe 100644
74847 set_fs(oldfs); 75963 set_fs(oldfs);
74848 return res; 75964 return res;
74849 } 75965 }
75966diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
75967index fd7a3f6..e5be655 100644
75968--- a/net/ipv4/netfilter/arp_tables.c
75969+++ b/net/ipv4/netfilter/arp_tables.c
75970@@ -984,6 +984,11 @@ static int __do_replace(struct net *net, const char *name,
75971 unsigned int valid_hooks,
75972 struct xt_table_info *newinfo,
75973 unsigned int num_counters,
75974+ void __user *counters_ptr) __size_overflow(5);
75975+static int __do_replace(struct net *net, const char *name,
75976+ unsigned int valid_hooks,
75977+ struct xt_table_info *newinfo,
75978+ unsigned int num_counters,
75979 void __user *counters_ptr)
75980 {
75981 int ret;
75982@@ -1104,6 +1109,8 @@ static int do_replace(struct net *net, const void __user *user,
75983 }
75984
75985 static int do_add_counters(struct net *net, const void __user *user,
75986+ unsigned int len, int compat) __size_overflow(3);
75987+static int do_add_counters(struct net *net, const void __user *user,
75988 unsigned int len, int compat)
75989 {
75990 unsigned int i, curcpu;
75991diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
75992index 24e556e..a8daf7a 100644
75993--- a/net/ipv4/netfilter/ip_tables.c
75994+++ b/net/ipv4/netfilter/ip_tables.c
75995@@ -1172,6 +1172,10 @@ get_entries(struct net *net, struct ipt_get_entries __user *uptr,
75996 static int
75997 __do_replace(struct net *net, const char *name, unsigned int valid_hooks,
75998 struct xt_table_info *newinfo, unsigned int num_counters,
75999+ void __user *counters_ptr) __size_overflow(5);
76000+static int
76001+__do_replace(struct net *net, const char *name, unsigned int valid_hooks,
76002+ struct xt_table_info *newinfo, unsigned int num_counters,
76003 void __user *counters_ptr)
76004 {
76005 int ret;
76006@@ -1293,6 +1297,9 @@ do_replace(struct net *net, const void __user *user, unsigned int len)
76007
76008 static int
76009 do_add_counters(struct net *net, const void __user *user,
76010+ unsigned int len, int compat) __size_overflow(3);
76011+static int
76012+do_add_counters(struct net *net, const void __user *user,
76013 unsigned int len, int compat)
76014 {
76015 unsigned int i, curcpu;
74850diff --git a/net/ipv4/netfilter/nf_nat_snmp_basic.c b/net/ipv4/netfilter/nf_nat_snmp_basic.c 76016diff --git a/net/ipv4/netfilter/nf_nat_snmp_basic.c b/net/ipv4/netfilter/nf_nat_snmp_basic.c
74851index 2133c30..5c4b40b 100644 76017index 2133c30..0e8047e 100644
74852--- a/net/ipv4/netfilter/nf_nat_snmp_basic.c 76018--- a/net/ipv4/netfilter/nf_nat_snmp_basic.c
74853+++ b/net/ipv4/netfilter/nf_nat_snmp_basic.c 76019+++ b/net/ipv4/netfilter/nf_nat_snmp_basic.c
74854@@ -399,7 +399,7 @@ static unsigned char asn1_octets_decode(struct asn1_ctx *ctx, 76020@@ -435,6 +435,10 @@ static unsigned char asn1_subid_decode(struct asn1_ctx *ctx,
74855 76021 static unsigned char asn1_oid_decode(struct asn1_ctx *ctx,
74856 *len = 0; 76022 unsigned char *eoc,
74857 76023 unsigned long **oid,
74858- *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC); 76024+ unsigned int *len) __size_overflow(2);
74859+ *octets = kmalloc((eoc - ctx->pointer), GFP_ATOMIC); 76025+static unsigned char asn1_oid_decode(struct asn1_ctx *ctx,
74860 if (*octets == NULL) 76026+ unsigned char *eoc,
74861 return 0; 76027+ unsigned long **oid,
74862 76028 unsigned int *len)
76029 {
76030 unsigned long subid;
74863diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c 76031diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
74864index 43d4c3b..1914409 100644 76032index 43d4c3b..1914409 100644
74865--- a/net/ipv4/ping.c 76033--- a/net/ipv4/ping.c
@@ -74965,8 +76133,62 @@ index 94cdbc5..0cb0063 100644
74965 if (peer->tcp_ts_stamp) { 76133 if (peer->tcp_ts_stamp) {
74966 ts = peer->tcp_ts; 76134 ts = peer->tcp_ts;
74967 tsage = get_seconds() - peer->tcp_ts_stamp; 76135 tsage = get_seconds() - peer->tcp_ts_stamp;
76136diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
76137index 90f6544..769c0e9 100644
76138--- a/net/ipv4/syncookies.c
76139+++ b/net/ipv4/syncookies.c
76140@@ -278,6 +278,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
76141 struct rtable *rt;
76142 __u8 rcv_wscale;
76143 bool ecn_ok = false;
76144+ struct flowi4 fl4;
76145
76146 if (!sysctl_tcp_syncookies || !th->ack || th->rst)
76147 goto out;
76148@@ -346,20 +347,16 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
76149 * hasn't changed since we received the original syn, but I see
76150 * no easy way to do this.
76151 */
76152- {
76153- struct flowi4 fl4;
76154-
76155- flowi4_init_output(&fl4, 0, sk->sk_mark, RT_CONN_FLAGS(sk),
76156- RT_SCOPE_UNIVERSE, IPPROTO_TCP,
76157- inet_sk_flowi_flags(sk),
76158- (opt && opt->srr) ? opt->faddr : ireq->rmt_addr,
76159- ireq->loc_addr, th->source, th->dest);
76160- security_req_classify_flow(req, flowi4_to_flowi(&fl4));
76161- rt = ip_route_output_key(sock_net(sk), &fl4);
76162- if (IS_ERR(rt)) {
76163- reqsk_free(req);
76164- goto out;
76165- }
76166+ flowi4_init_output(&fl4, 0, sk->sk_mark, RT_CONN_FLAGS(sk),
76167+ RT_SCOPE_UNIVERSE, IPPROTO_TCP,
76168+ inet_sk_flowi_flags(sk),
76169+ (opt && opt->srr) ? opt->faddr : ireq->rmt_addr,
76170+ ireq->loc_addr, th->source, th->dest);
76171+ security_req_classify_flow(req, flowi4_to_flowi(&fl4));
76172+ rt = ip_route_output_key(sock_net(sk), &fl4);
76173+ if (IS_ERR(rt)) {
76174+ reqsk_free(req);
76175+ goto out;
76176 }
76177
76178 /* Try to redo what tcp_v4_send_synack did. */
76179@@ -373,5 +370,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
76180 ireq->rcv_wscale = rcv_wscale;
76181
76182 ret = get_cookie_sock(sk, skb, req, &rt->dst);
76183+ /* ip_queue_xmit() depends on our flow being setup
76184+ * Normal sockets get it right from inet_csk_route_child_sock()
76185+ */
76186+ if (ret)
76187+ inet_sk(ret)->cork.fl.u.ip4 = fl4;
76188 out: return ret;
76189 }
74968diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c 76190diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
74969index eb90aa8..22bf114 100644 76191index eb90aa8..74908e1 100644
74970--- a/net/ipv4/tcp_ipv4.c 76192--- a/net/ipv4/tcp_ipv4.c
74971+++ b/net/ipv4/tcp_ipv4.c 76193+++ b/net/ipv4/tcp_ipv4.c
74972@@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly; 76194@@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly;
@@ -74979,7 +76201,24 @@ index eb90aa8..22bf114 100644
74979 76201
74980 #ifdef CONFIG_TCP_MD5SIG 76202 #ifdef CONFIG_TCP_MD5SIG
74981 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk, 76203 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
74982@@ -1632,6 +1635,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) 76204@@ -1465,9 +1468,13 @@ struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
76205 inet_csk(newsk)->icsk_ext_hdr_len = inet_opt->opt.optlen;
76206 newinet->inet_id = newtp->write_seq ^ jiffies;
76207
76208- if (!dst && (dst = inet_csk_route_child_sock(sk, newsk, req)) == NULL)
76209- goto put_and_exit;
76210-
76211+ if (!dst) {
76212+ dst = inet_csk_route_child_sock(sk, newsk, req);
76213+ if (!dst)
76214+ goto put_and_exit;
76215+ } else {
76216+ /* syncookie case : see end of cookie_v4_check() */
76217+ }
76218 sk_setup_caps(newsk, dst);
76219
76220 tcp_mtup_init(newsk);
76221@@ -1632,6 +1639,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
74983 return 0; 76222 return 0;
74984 76223
74985 reset: 76224 reset:
@@ -74989,7 +76228,7 @@ index eb90aa8..22bf114 100644
74989 tcp_v4_send_reset(rsk, skb); 76228 tcp_v4_send_reset(rsk, skb);
74990 discard: 76229 discard:
74991 kfree_skb(skb); 76230 kfree_skb(skb);
74992@@ -1694,12 +1700,19 @@ int tcp_v4_rcv(struct sk_buff *skb) 76231@@ -1694,12 +1704,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
74993 TCP_SKB_CB(skb)->sacked = 0; 76232 TCP_SKB_CB(skb)->sacked = 0;
74994 76233
74995 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); 76234 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
@@ -75012,7 +76251,7 @@ index eb90aa8..22bf114 100644
75012 76251
75013 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { 76252 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
75014 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); 76253 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
75015@@ -1749,6 +1762,10 @@ no_tcp_socket: 76254@@ -1749,6 +1766,10 @@ no_tcp_socket:
75016 bad_packet: 76255 bad_packet:
75017 TCP_INC_STATS_BH(net, TCP_MIB_INERRS); 76256 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
75018 } else { 76257 } else {
@@ -75023,7 +76262,7 @@ index eb90aa8..22bf114 100644
75023 tcp_v4_send_reset(NULL, skb); 76262 tcp_v4_send_reset(NULL, skb);
75024 } 76263 }
75025 76264
75026@@ -2409,7 +2426,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req, 76265@@ -2409,7 +2430,11 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
75027 0, /* non standard timer */ 76266 0, /* non standard timer */
75028 0, /* open_requests have no inode */ 76267 0, /* open_requests have no inode */
75029 atomic_read(&sk->sk_refcnt), 76268 atomic_read(&sk->sk_refcnt),
@@ -75035,7 +76274,7 @@ index eb90aa8..22bf114 100644
75035 len); 76274 len);
75036 } 76275 }
75037 76276
75038@@ -2459,7 +2480,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len) 76277@@ -2459,7 +2484,12 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
75039 sock_i_uid(sk), 76278 sock_i_uid(sk),
75040 icsk->icsk_probes_out, 76279 icsk->icsk_probes_out,
75041 sock_i_ino(sk), 76280 sock_i_ino(sk),
@@ -75049,7 +76288,7 @@ index eb90aa8..22bf114 100644
75049 jiffies_to_clock_t(icsk->icsk_rto), 76288 jiffies_to_clock_t(icsk->icsk_rto),
75050 jiffies_to_clock_t(icsk->icsk_ack.ato), 76289 jiffies_to_clock_t(icsk->icsk_ack.ato),
75051 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong, 76290 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
75052@@ -2487,7 +2513,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw, 76291@@ -2487,7 +2517,13 @@ static void get_timewait4_sock(const struct inet_timewait_sock *tw,
75053 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n", 76292 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK%n",
75054 i, src, srcp, dest, destp, tw->tw_substate, 0, 0, 76293 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
75055 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 76294 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
@@ -75249,10 +76488,10 @@ index 5a65eea..bd913a1 100644
75249 76488
75250 int udp4_seq_show(struct seq_file *seq, void *v) 76489 int udp4_seq_show(struct seq_file *seq, void *v)
75251diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c 76490diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
75252index 836c4ea..cbb74dc 100644 76491index a5521c5..984a2f4 100644
75253--- a/net/ipv6/addrconf.c 76492--- a/net/ipv6/addrconf.c
75254+++ b/net/ipv6/addrconf.c 76493+++ b/net/ipv6/addrconf.c
75255@@ -2149,7 +2149,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) 76494@@ -2153,7 +2153,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg)
75256 p.iph.ihl = 5; 76495 p.iph.ihl = 5;
75257 p.iph.protocol = IPPROTO_IPV6; 76496 p.iph.protocol = IPPROTO_IPV6;
75258 p.iph.ttl = 64; 76497 p.iph.ttl = 64;
@@ -75261,6 +76500,19 @@ index 836c4ea..cbb74dc 100644
75261 76500
75262 if (ops->ndo_do_ioctl) { 76501 if (ops->ndo_do_ioctl) {
75263 mm_segment_t oldfs = get_fs(); 76502 mm_segment_t oldfs = get_fs();
76503diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
76504index 4c0f894..fca5d15 100644
76505--- a/net/ipv6/ah6.c
76506+++ b/net/ipv6/ah6.c
76507@@ -56,6 +56,8 @@ struct ah_skb_cb {
76508 #define AH_SKB_CB(__skb) ((struct ah_skb_cb *)&((__skb)->cb[0]))
76509
76510 static void *ah_alloc_tmp(struct crypto_ahash *ahash, int nfrags,
76511+ unsigned int size) __size_overflow(3);
76512+static void *ah_alloc_tmp(struct crypto_ahash *ahash, int nfrags,
76513 unsigned int size)
76514 {
76515 unsigned int len;
75264diff --git a/net/ipv6/inet6_connection_sock.c b/net/ipv6/inet6_connection_sock.c 76516diff --git a/net/ipv6/inet6_connection_sock.c b/net/ipv6/inet6_connection_sock.c
75265index 1567fb1..29af910 100644 76517index 1567fb1..29af910 100644
75266--- a/net/ipv6/inet6_connection_sock.c 76518--- a/net/ipv6/inet6_connection_sock.c
@@ -75296,6 +76548,31 @@ index 26cb08c..8af9877 100644
75296 msg.msg_controllen = len; 76548 msg.msg_controllen = len;
75297 msg.msg_flags = flags; 76549 msg.msg_flags = flags;
75298 76550
76551diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
76552index 94874b0..dc413fa 100644
76553--- a/net/ipv6/netfilter/ip6_tables.c
76554+++ b/net/ipv6/netfilter/ip6_tables.c
76555@@ -1194,6 +1194,10 @@ get_entries(struct net *net, struct ip6t_get_entries __user *uptr,
76556 static int
76557 __do_replace(struct net *net, const char *name, unsigned int valid_hooks,
76558 struct xt_table_info *newinfo, unsigned int num_counters,
76559+ void __user *counters_ptr) __size_overflow(5);
76560+static int
76561+__do_replace(struct net *net, const char *name, unsigned int valid_hooks,
76562+ struct xt_table_info *newinfo, unsigned int num_counters,
76563 void __user *counters_ptr)
76564 {
76565 int ret;
76566@@ -1315,6 +1319,9 @@ do_replace(struct net *net, const void __user *user, unsigned int len)
76567
76568 static int
76569 do_add_counters(struct net *net, const void __user *user, unsigned int len,
76570+ int compat) __size_overflow(3);
76571+static int
76572+do_add_counters(struct net *net, const void __user *user, unsigned int len,
76573 int compat)
76574 {
76575 unsigned int i, curcpu;
75299diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c 76576diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
75300index 361ebf3..d5628fb 100644 76577index 361ebf3..d5628fb 100644
75301--- a/net/ipv6/raw.c 76578--- a/net/ipv6/raw.c
@@ -77823,10 +79100,10 @@ index 5c11312..72742b5 100644
77823 write_hex_cnt = 0; 79100 write_hex_cnt = 0;
77824 for (i = 0; i < logo_clutsize; i++) { 79101 for (i = 0; i < logo_clutsize; i++) {
77825diff --git a/security/Kconfig b/security/Kconfig 79102diff --git a/security/Kconfig b/security/Kconfig
77826index 51bd5a0..3a4ebd0 100644 79103index 51bd5a0..58c5b70 100644
77827--- a/security/Kconfig 79104--- a/security/Kconfig
77828+++ b/security/Kconfig 79105+++ b/security/Kconfig
77829@@ -4,6 +4,627 @@ 79106@@ -4,6 +4,639 @@
77830 79107
77831 menu "Security options" 79108 menu "Security options"
77832 79109
@@ -77918,7 +79195,6 @@ index 51bd5a0..3a4ebd0 100644
77918+ 79195+
77919+config PAX_XATTR_PAX_FLAGS 79196+config PAX_XATTR_PAX_FLAGS
77920+ bool 'Use filesystem extended attributes marking' 79197+ bool 'Use filesystem extended attributes marking'
77921+ depends on EXPERT
77922+ select CIFS_XATTR if CIFS 79198+ select CIFS_XATTR if CIFS
77923+ select EXT2_FS_XATTR if EXT2_FS 79199+ select EXT2_FS_XATTR if EXT2_FS
77924+ select EXT3_FS_XATTR if EXT3_FS 79200+ select EXT3_FS_XATTR if EXT3_FS
@@ -78447,6 +79723,19 @@ index 51bd5a0..3a4ebd0 100644
78447+ Since this has a negligible performance impact, you should enable 79723+ Since this has a negligible performance impact, you should enable
78448+ this feature. 79724+ this feature.
78449+ 79725+
79726+config PAX_SIZE_OVERFLOW
79727+ bool "Prevent various integer overflows in function size parameters"
79728+ help
79729+ By saying Y here the kernel recomputes expressions of function
79730+ arguments marked by a size_overflow attribute with double integer
79731+ precision (DImode/TImode for 32/64 bit integer types).
79732+
79733+ The recomputed argument is checked against INT_MAX and an event
79734+ is logged on overflow and the triggering process is killed.
79735+
79736+ Homepage:
79737+ http://www.grsecurity.net/~ephox/overflow_plugin/
79738+
78450+endmenu 79739+endmenu
78451+ 79740+
78452+endmenu 79741+endmenu
@@ -78454,7 +79743,7 @@ index 51bd5a0..3a4ebd0 100644
78454 config KEYS 79743 config KEYS
78455 bool "Enable access key retention support" 79744 bool "Enable access key retention support"
78456 help 79745 help
78457@@ -169,7 +790,7 @@ config INTEL_TXT 79746@@ -169,7 +802,7 @@ config INTEL_TXT
78458 config LSM_MMAP_MIN_ADDR 79747 config LSM_MMAP_MIN_ADDR
78459 int "Low address space for LSM to protect from user allocation" 79748 int "Low address space for LSM to protect from user allocation"
78460 depends on SECURITY && SECURITY_SELINUX 79749 depends on SECURITY && SECURITY_SELINUX
@@ -79384,10 +80673,10 @@ index a39edcc..1014050 100644
79384 }; 80673 };
79385diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile 80674diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile
79386new file mode 100644 80675new file mode 100644
79387index 0000000..894c8bf 80676index 0000000..ca64170
79388--- /dev/null 80677--- /dev/null
79389+++ b/tools/gcc/Makefile 80678+++ b/tools/gcc/Makefile
79390@@ -0,0 +1,23 @@ 80679@@ -0,0 +1,26 @@
79391+#CC := gcc 80680+#CC := gcc
79392+#PLUGIN_SOURCE_FILES := pax_plugin.c 80681+#PLUGIN_SOURCE_FILES := pax_plugin.c
79393+#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) 80682+#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES))
@@ -79395,6 +80684,7 @@ index 0000000..894c8bf
79395+#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W -std=gnu99 80684+#CFLAGS += -I$(GCCPLUGINS_DIR)/include -fPIC -O2 -Wall -W -std=gnu99
79396+ 80685+
79397+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu99 -ggdb 80686+HOST_EXTRACFLAGS += -I$(GCCPLUGINS_DIR)/include -I$(GCCPLUGINS_DIR)/include/c-family -std=gnu99 -ggdb
80687+CFLAGS_size_overflow_plugin.o := -Wno-missing-initializer
79398+ 80688+
79399+hostlibs-y := constify_plugin.so 80689+hostlibs-y := constify_plugin.so
79400+hostlibs-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so 80690+hostlibs-$(CONFIG_PAX_MEMORY_STACKLEAK) += stackleak_plugin.so
@@ -79402,6 +80692,7 @@ index 0000000..894c8bf
79402+hostlibs-$(CONFIG_PAX_KERNEXEC_PLUGIN) += kernexec_plugin.so 80692+hostlibs-$(CONFIG_PAX_KERNEXEC_PLUGIN) += kernexec_plugin.so
79403+hostlibs-$(CONFIG_CHECKER_PLUGIN) += checker_plugin.so 80693+hostlibs-$(CONFIG_CHECKER_PLUGIN) += checker_plugin.so
79404+hostlibs-y += colorize_plugin.so 80694+hostlibs-y += colorize_plugin.so
80695+hostlibs-$(CONFIG_PAX_SIZE_OVERFLOW) += size_overflow_plugin.so
79405+ 80696+
79406+always := $(hostlibs-y) 80697+always := $(hostlibs-y)
79407+ 80698+
@@ -79411,6 +80702,7 @@ index 0000000..894c8bf
79411+kernexec_plugin-objs := kernexec_plugin.o 80702+kernexec_plugin-objs := kernexec_plugin.o
79412+checker_plugin-objs := checker_plugin.o 80703+checker_plugin-objs := checker_plugin.o
79413+colorize_plugin-objs := colorize_plugin.o 80704+colorize_plugin-objs := colorize_plugin.o
80705+size_overflow_plugin-objs := size_overflow_plugin.o
79414diff --git a/tools/gcc/checker_plugin.c b/tools/gcc/checker_plugin.c 80706diff --git a/tools/gcc/checker_plugin.c b/tools/gcc/checker_plugin.c
79415new file mode 100644 80707new file mode 100644
79416index 0000000..d41b5af 80708index 0000000..d41b5af
@@ -80656,12 +81948,3876 @@ index 0000000..008f159
80656+ 81948+
80657+ return 0; 81949+ return 0;
80658+} 81950+}
81951diff --git a/tools/gcc/size_overflow_hash1.h b/tools/gcc/size_overflow_hash1.h
81952new file mode 100644
81953index 0000000..55a1292
81954--- /dev/null
81955+++ b/tools/gcc/size_overflow_hash1.h
81956@@ -0,0 +1,2760 @@
81957+struct size_overflow_hash size_overflow_hash1[65536] = {
81958+ [10013].file = "security/smack/smackfs.c",
81959+ [10013].name = "smk_write_direct",
81960+ [10013].param3 = 1,
81961+ [10167].file = "sound/core/oss/pcm_plugin.c",
81962+ [10167].name = "snd_pcm_plugin_build",
81963+ [10167].param5 = 1,
81964+ [1020].file = "drivers/usb/misc/usbtest.c",
81965+ [1020].name = "test_unaligned_bulk",
81966+ [1020].param3 = 1,
81967+ [1022].file = "sound/pci/rme9652/rme9652.c",
81968+ [1022].name = "snd_rme9652_playback_copy",
81969+ [1022].param5 = 1,
81970+ [10341].file = "fs/nfsd/nfs4xdr.c",
81971+ [10341].name = "read_buf",
81972+ [10341].param2 = 1,
81973+ [10357].file = "net/sunrpc/cache.c",
81974+ [10357].name = "cache_read",
81975+ [10357].param3 = 1,
81976+ [10397].file = "drivers/gpu/drm/i915/i915_debugfs.c",
81977+ [10397].name = "i915_wedged_write",
81978+ [10397].param3 = 1,
81979+ [10414].file = "drivers/tty/vt/vt.c",
81980+ [10414].name = "vc_do_resize",
81981+ [10414].param3 = 1,
81982+ [10414].param4 = 1,
81983+ [10496].file = "drivers/bluetooth/hci_vhci.c",
81984+ [10496].name = "vhci_read",
81985+ [10496].param3 = 1,
81986+ [10565].file = "drivers/input/touchscreen/ad7879-spi.c",
81987+ [10565].name = "ad7879_spi_multi_read",
81988+ [10565].param3 = 1,
81989+ [10623].file = "drivers/infiniband/core/user_mad.c",
81990+ [10623].name = "ib_umad_write",
81991+ [10623].param3 = 1,
81992+ [10707].file = "fs/nfs/idmap.c",
81993+ [10707].name = "nfs_idmap_request_key",
81994+ [10707].param2 = 1,
81995+ [10773].file = "drivers/input/mousedev.c",
81996+ [10773].name = "mousedev_read",
81997+ [10773].param3 = 1,
81998+ [10777].file = "fs/ntfs/file.c",
81999+ [10777].name = "ntfs_file_buffered_write",
82000+ [10777].param6 = 1,
82001+ [10919].file = "net/ipv4/netfilter/arp_tables.c",
82002+ [10919].name = "do_arpt_set_ctl",
82003+ [10919].param4 = 1,
82004+ [11054].file = "drivers/net/wireless/libertas/debugfs.c",
82005+ [11054].name = "lbs_wrmac_write",
82006+ [11054].param3 = 1,
82007+ [11068].file = "drivers/net/wireless/libertas/debugfs.c",
82008+ [11068].name = "lbs_wrrf_write",
82009+ [11068].param3 = 1,
82010+ [11364].file = "fs/ext4/super.c",
82011+ [11364].name = "ext4_kvzalloc",
82012+ [11364].param1 = 1,
82013+ [11402].file = "drivers/net/wireless/libertas/debugfs.c",
82014+ [11402].name = "lbs_threshold_write",
82015+ [11402].param5 = 1,
82016+ [11494].file = "drivers/video/via/viafbdev.c",
82017+ [11494].name = "viafb_dvp1_proc_write",
82018+ [11494].param3 = 1,
82019+ [11616].file = "security/selinux/selinuxfs.c",
82020+ [11616].name = "sel_write_enforce",
82021+ [11616].param3 = 1,
82022+ [11699].file = "drivers/net/ethernet/neterion/vxge/vxge-config.h",
82023+ [11699].name = "vxge_os_dma_malloc",
82024+ [11699].param2 = 1,
82025+ [11766].file = "drivers/block/paride/pt.c",
82026+ [11766].name = "pt_read",
82027+ [11766].param3 = 1,
82028+ [11784].file = "fs/bio.c",
82029+ [11784].name = "bio_kmalloc",
82030+ [11784].param2 = 1,
82031+ [11814].file = "drivers/staging/speakup/kobjects.c",
82032+ [11814].name = "keymap_store",
82033+ [11814].param4 = 1,
82034+ [11912].file = "net/sunrpc/cache.c",
82035+ [11912].name = "cache_write_pipefs",
82036+ [11912].param3 = 1,
82037+ [11919].file = "drivers/lguest/core.c",
82038+ [11919].name = "__lgread",
82039+ [11919].param4 = 1,
82040+ [11986].file = "drivers/net/usb/asix.c",
82041+ [11986].name = "asix_read_cmd",
82042+ [11986].param5 = 1,
82043+ [12059].file = "drivers/net/wireless/libertas/debugfs.c",
82044+ [12059].name = "lbs_debugfs_write",
82045+ [12059].param3 = 1,
82046+ [12071].file = "lib/kstrtox.c",
82047+ [12071].name = "kstrtou8_from_user",
82048+ [12071].param2 = 1,
82049+ [12151].file = "fs/compat.c",
82050+ [12151].name = "compat_rw_copy_check_uvector",
82051+ [12151].param3 = 1,
82052+ [12205].file = "fs/reiserfs/journal.c",
82053+ [12205].name = "reiserfs_allocate_list_bitmaps",
82054+ [12205].param3 = 1,
82055+ [12234].file = "include/acpi/platform/aclinux.h",
82056+ [12234].name = "acpi_os_allocate",
82057+ [12234].param1 = 1,
82058+ [1227].file = "lib/cpu_rmap.c",
82059+ [1227].name = "alloc_cpu_rmap",
82060+ [1227].param1 = 1,
82061+ [12395].file = "drivers/char/hw_random/core.c",
82062+ [12395].name = "rng_dev_read",
82063+ [12395].param3 = 1,
82064+ [1248].file = "kernel/kprobes.c",
82065+ [1248].name = "write_enabled_file_bool",
82066+ [1248].param3 = 1,
82067+ [12501].file = "net/mac80211/debugfs.c",
82068+ [12501].name = "uapsd_max_sp_len_write",
82069+ [12501].param3 = 1,
82070+ [12591].file = "sound/core/pcm_lib.c",
82071+ [12591].name = "snd_pcm_lib_writev_transfer",
82072+ [12591].param5 = 1,
82073+ [12602].file = "net/sunrpc/cache.c",
82074+ [12602].name = "cache_downcall",
82075+ [12602].param3 = 1,
82076+ [12712].file = "drivers/net/wimax/i2400m/fw.c",
82077+ [12712].name = "i2400m_zrealloc_2x",
82078+ [12712].param3 = 1,
82079+ [12755].file = "sound/drivers/opl4/opl4_proc.c",
82080+ [12755].name = "snd_opl4_mem_proc_read",
82081+ [12755].param5 = 1,
82082+ [12833].file = "net/sctp/auth.c",
82083+ [12833].name = "sctp_auth_create_key",
82084+ [12833].param1 = 1,
82085+ [12840].file = "net/sctp/tsnmap.c",
82086+ [12840].name = "sctp_tsnmap_mark",
82087+ [12840].param2 = 1,
82088+ [12896].file = "drivers/net/wireless/wl12xx/debugfs.c",
82089+ [12896].name = "beacon_filtering_write",
82090+ [12896].param3 = 1,
82091+ [12931].file = "drivers/hid/hid-roccat.c",
82092+ [12931].name = "roccat_read",
82093+ [12931].param3 = 1,
82094+ [12954].file = "fs/proc/base.c",
82095+ [12954].name = "oom_adjust_write",
82096+ [12954].param3 = 1,
82097+ [13013].file = "drivers/media/dvb/ttpci/av7110_ca.c",
82098+ [13013].name = "dvb_ca_write",
82099+ [13013].param3 = 1,
82100+ [13103].file = "drivers/acpi/acpica/utobject.c",
82101+ [13103].name = "acpi_ut_create_string_object",
82102+ [13103].param1 = 1,
82103+ [13121].file = "net/ipv4/ip_sockglue.c",
82104+ [13121].name = "do_ip_setsockopt",
82105+ [13121].param5 = 1,
82106+ [13337].file = "net/core/iovec.c",
82107+ [13337].name = "csum_partial_copy_fromiovecend",
82108+ [13337].param4 = 1,
82109+ [13339].file = "security/smack/smackfs.c",
82110+ [13339].name = "smk_write_netlbladdr",
82111+ [13339].param3 = 1,
82112+ [13342].file = "fs/jbd2/journal.c",
82113+ [13342].name = "jbd2_alloc",
82114+ [13342].param1 = 1,
82115+ [13412].file = "fs/proc/base.c",
82116+ [13412].name = "oom_score_adj_write",
82117+ [13412].param3 = 1,
82118+ [13659].file = "drivers/net/wan/hdlc.c",
82119+ [13659].name = "attach_hdlc_protocol",
82120+ [13659].param3 = 1,
82121+ [13708].file = "drivers/usb/misc/usbtest.c",
82122+ [13708].name = "simple_alloc_urb",
82123+ [13708].param3 = 1,
82124+ [13863].file = "drivers/net/wireless/iwlwifi/iwl-agn-rs.c",
82125+ [13863].name = "rs_sta_dbgfs_scale_table_write",
82126+ [13863].param3 = 1,
82127+ [13924].file = "net/ipv4/netfilter/ip_tables.c",
82128+ [13924].name = "do_ipt_set_ctl",
82129+ [13924].param4 = 1,
82130+ [14019].file = "net/dns_resolver/dns_key.c",
82131+ [14019].name = "dns_resolver_instantiate",
82132+ [14019].param2 = 1,
82133+ [14019].param3 = 1,
82134+ [14025].file = "net/ax25/af_ax25.c",
82135+ [14025].name = "ax25_setsockopt",
82136+ [14025].param5 = 1,
82137+ [14029].file = "drivers/spi/spidev.c",
82138+ [14029].name = "spidev_compat_ioctl",
82139+ [14029].param2 = 1,
82140+ [14031].file = "drivers/net/wireless/ath/ath5k/debug.c",
82141+ [14031].name = "write_file_beacon",
82142+ [14031].param3 = 1,
82143+ [14086].file = "fs/nfs/nfs4proc.c",
82144+ [14086].name = "nfs4_reset_slot_table",
82145+ [14086].param2 = 1,
82146+ [14090].file = "drivers/bluetooth/btmrvl_debugfs.c",
82147+ [14090].name = "btmrvl_hsmode_write",
82148+ [14090].param3 = 1,
82149+ [14125].file = "kernel/module.c",
82150+ [14125].name = "load_module",
82151+ [14125].param2 = 1,
82152+ [14149].file = "drivers/hid/hidraw.c",
82153+ [14149].name = "hidraw_ioctl",
82154+ [14149].param2 = 1,
82155+ [14153].file = "drivers/staging/bcm/led_control.c",
82156+ [14153].name = "ValidateDSDParamsChecksum",
82157+ [14153].param3 = 1,
82158+ [14174].file = "sound/pci/es1938.c",
82159+ [14174].name = "snd_es1938_capture_copy",
82160+ [14174].param5 = 1,
82161+ [14207].file = "drivers/media/video/v4l2-event.c",
82162+ [14207].name = "v4l2_event_subscribe",
82163+ [14207].param3 = 1,
82164+ [14241].file = "drivers/platform/x86/asus_acpi.c",
82165+ [14241].name = "brn_proc_write",
82166+ [14241].param3 = 1,
82167+ [14299].file = "sound/core/oss/pcm_plugin.c",
82168+ [14299].name = "snd_pcm_plugin_alloc",
82169+ [14299].param2 = 1,
82170+ [14345].file = "fs/cachefiles/daemon.c",
82171+ [14345].name = "cachefiles_daemon_write",
82172+ [14345].param3 = 1,
82173+ [14347].file = "drivers/media/dvb/dvb-core/dvb_ca_en50221.c",
82174+ [14347].name = "dvb_ca_en50221_io_write",
82175+ [14347].param3 = 1,
82176+ [14462].file = "fs/namei.c",
82177+ [14462].name = "sys_rmdir",
82178+ [14462].param1 = 1,
82179+ [14478].file = "drivers/char/random.c",
82180+ [14478].name = "random_write",
82181+ [14478].param3 = 1,
82182+ [1458].file = "drivers/misc/lkdtm.c",
82183+ [1458].name = "direct_entry",
82184+ [1458].param3 = 1,
82185+ [145].file = "lib/xz/xz_dec_test.c",
82186+ [145].name = "xz_dec_test_write",
82187+ [145].param3 = 1,
82188+ [14646].file = "fs/compat.c",
82189+ [14646].name = "compat_writev",
82190+ [14646].param3 = 1,
82191+ [14736].file = "drivers/usb/misc/usbtest.c",
82192+ [14736].name = "unlink_queued",
82193+ [14736].param3 = 1,
82194+ [14842].file = "fs/namei.c",
82195+ [14842].name = "sys_renameat",
82196+ [14842].param2 = 1,
82197+ [14842].param4 = 1,
82198+ [15017].file = "drivers/edac/edac_device.c",
82199+ [15017].name = "edac_device_alloc_ctl_info",
82200+ [15017].param1 = 1,
82201+ [15087].file = "fs/bio.c",
82202+ [15087].name = "bio_map_kern",
82203+ [15087].param2 = 1,
82204+ [15087].param3 = 1,
82205+ [15112].file = "drivers/xen/evtchn.c",
82206+ [15112].name = "evtchn_write",
82207+ [15112].param3 = 1,
82208+ [15274].file = "crypto/shash.c",
82209+ [15274].name = "crypto_shash_setkey",
82210+ [15274].param3 = 1,
82211+ [15361].file = "drivers/char/agp/generic.c",
82212+ [15361].name = "agp_allocate_memory",
82213+ [15361].param2 = 1,
82214+ [15497].file = "drivers/media/dvb/ddbridge/ddbridge-core.c",
82215+ [15497].name = "ts_read",
82216+ [15497].param3 = 1,
82217+ [15551].file = "net/ipv4/netfilter/ipt_CLUSTERIP.c",
82218+ [15551].name = "clusterip_proc_write",
82219+ [15551].param3 = 1,
82220+ [15701].file = "drivers/hid/hid-roccat-common.c",
82221+ [15701].name = "roccat_common_receive",
82222+ [15701].param4 = 1,
82223+ [1572].file = "net/ceph/pagevec.c",
82224+ [1572].name = "ceph_copy_page_vector_to_user",
82225+ [1572].param4 = 1,
82226+ [15814].file = "net/mac80211/debugfs_netdev.c",
82227+ [15814].name = "ieee80211_if_write",
82228+ [15814].param3 = 1,
82229+ [15883].file = "security/keys/keyctl.c",
82230+ [15883].name = "sys_add_key",
82231+ [15883].param4 = 1,
82232+ [15884].file = "fs/exofs/super.c",
82233+ [15884].name = "exofs_read_lookup_dev_table",
82234+ [15884].param3 = 1,
82235+ [1603].file = "fs/debugfs/file.c",
82236+ [1603].name = "write_file_bool",
82237+ [1603].param3 = 1,
82238+ [16073].file = "net/sctp/socket.c",
82239+ [16073].name = "sctp_setsockopt",
82240+ [16073].param5 = 1,
82241+ [16138].file = "security/selinux/ss/services.c",
82242+ [16138].name = "security_context_to_sid_force",
82243+ [16138].param2 = 1,
82244+ [16166].file = "drivers/platform/x86/thinkpad_acpi.c",
82245+ [16166].name = "dispatch_proc_write",
82246+ [16166].param3 = 1,
82247+ [16229].file = "drivers/scsi/scsi_transport_iscsi.c",
82248+ [16229].name = "iscsi_offload_mesg",
82249+ [16229].param5 = 1,
82250+ [16353].file = "drivers/base/regmap/regmap.c",
82251+ [16353].name = "regmap_raw_write",
82252+ [16353].param4 = 1,
82253+ [16383].file = "fs/proc/base.c",
82254+ [16383].name = "comm_write",
82255+ [16383].param3 = 1,
82256+ [16447].file = "drivers/hid/usbhid/hiddev.c",
82257+ [16447].name = "hiddev_ioctl",
82258+ [16447].param2 = 1,
82259+ [16453].file = "include/linux/slab.h",
82260+ [16453].name = "kzalloc",
82261+ [16453].param1 = 1,
82262+ [16535].file = "fs/proc/generic.c",
82263+ [16535].name = "proc_file_read",
82264+ [16535].param3 = 1,
82265+ [16605].file = "fs/ecryptfs/miscdev.c",
82266+ [16605].name = "ecryptfs_send_miscdev",
82267+ [16605].param2 = 1,
82268+ [16606].file = "drivers/ide/ide-tape.c",
82269+ [16606].name = "idetape_chrdev_write",
82270+ [16606].param3 = 1,
82271+ [16741].file = "fs/namei.c",
82272+ [16741].name = "sys_unlinkat",
82273+ [16741].param2 = 1,
82274+ [16911].file = "drivers/media/dvb/ttpci/av7110_hw.c",
82275+ [16911].name = "LoadBitmap",
82276+ [16911].param2 = 1,
82277+ [17075].file = "sound/isa/gus/gus_dram.c",
82278+ [17075].name = "snd_gus_dram_write",
82279+ [17075].param4 = 1,
82280+ [17133].file = "drivers/usb/misc/iowarrior.c",
82281+ [17133].name = "iowarrior_read",
82282+ [17133].param3 = 1,
82283+ [17139].file = "fs/ubifs/xattr.c",
82284+ [17139].name = "ubifs_setxattr",
82285+ [17139].param4 = 1,
82286+ [17185].file = "net/wireless/scan.c",
82287+ [17185].name = "cfg80211_inform_bss",
82288+ [17185].param8 = 1,
82289+ [17349].file = "net/tipc/link.c",
82290+ [17349].name = "tipc_link_send_sections_fast",
82291+ [17349].param4 = 1,
82292+ [17377].file = "drivers/usb/class/cdc-wdm.c",
82293+ [17377].name = "wdm_write",
82294+ [17377].param3 = 1,
82295+ [17459].file = "drivers/usb/misc/rio500.c",
82296+ [17459].name = "write_rio",
82297+ [17459].param3 = 1,
82298+ [17460].file = "fs/nfsd/nfscache.c",
82299+ [17460].name = "nfsd_cache_update",
82300+ [17460].param3 = 1,
82301+ [17492].file = "net/dccp/proto.c",
82302+ [17492].name = "do_dccp_setsockopt",
82303+ [17492].param5 = 1,
82304+ [1754].file = "sound/core/oss/pcm_oss.c",
82305+ [1754].name = "snd_pcm_oss_write",
82306+ [1754].param3 = 1,
82307+ [17571].file = "drivers/ptp/ptp_chardev.c",
82308+ [17571].name = "ptp_read",
82309+ [17571].param4 = 1,
82310+ [17684].file = "fs/namei.c",
82311+ [17684].name = "sys_mknod",
82312+ [17684].param1 = 1,
82313+ [17718].file = "net/caif/caif_socket.c",
82314+ [17718].name = "setsockopt",
82315+ [17718].param5 = 1,
82316+ [17875].file = "fs/namei.c",
82317+ [17875].name = "sys_linkat",
82318+ [17875].param2 = 1,
82319+ [17875].param4 = 1,
82320+ [17946].file = "drivers/net/wireless/libertas/if_spi.c",
82321+ [17946].name = "if_spi_host_to_card",
82322+ [17946].param4 = 1,
82323+ [1800].file = "drivers/media/dvb/dvb-core/dmxdev.c",
82324+ [1800].name = "dvb_dvr_do_ioctl",
82325+ [1800].param3 = 1,
82326+ [18102].file = "net/netlink/af_netlink.c",
82327+ [18102].name = "netlink_change_ngroups",
82328+ [18102].param2 = 1,
82329+ [18183].file = "drivers/tty/tty_buffer.c",
82330+ [18183].name = "tty_insert_flip_string_fixed_flag",
82331+ [18183].param4 = 1,
82332+ [18224].file = "drivers/xen/grant-table.c",
82333+ [18224].name = "gnttab_map",
82334+ [18224].param2 = 1,
82335+ [18232].file = "fs/nfs/write.c",
82336+ [18232].name = "nfs_writedata_alloc",
82337+ [18232].param1 = 1,
82338+ [18277].file = "drivers/char/virtio_console.c",
82339+ [18277].name = "port_fops_write",
82340+ [18277].param3 = 1,
82341+ [18303].file = "fs/xattr.c",
82342+ [18303].name = "getxattr",
82343+ [18303].param4 = 1,
82344+ [18353].file = "net/rfkill/core.c",
82345+ [18353].name = "rfkill_fop_read",
82346+ [18353].param3 = 1,
82347+ [18386].file = "fs/read_write.c",
82348+ [18386].name = "vfs_readv",
82349+ [18386].param3 = 1,
82350+ [18391].file = "fs/ocfs2/stack_user.c",
82351+ [18391].name = "ocfs2_control_write",
82352+ [18391].param3 = 1,
82353+ [183].file = "crypto/ahash.c",
82354+ [183].name = "crypto_ahash_setkey",
82355+ [183].param3 = 1,
82356+ [18406].file = "drivers/media/video/tm6000/tm6000-core.c",
82357+ [18406].name = "tm6000_read_write_usb",
82358+ [18406].param7 = 1,
82359+ [1845].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
82360+ [1845].name = "rt2x00debug_write_rf",
82361+ [1845].param3 = 1,
82362+ [18465].file = "drivers/net/ethernet/chelsio/cxgb3/cxgb3_offload.c",
82363+ [18465].name = "cxgb_alloc_mem",
82364+ [18465].param1 = 1,
82365+ [1858].file = "net/ipv6/netfilter/ip6_tables.c",
82366+ [1858].name = "do_ip6t_set_ctl",
82367+ [1858].param4 = 1,
82368+ [18659].file = "drivers/media/dvb/dvb-core/dvbdev.c",
82369+ [18659].name = "dvb_usercopy",
82370+ [18659].param2 = 1,
82371+ [18775].file = "drivers/net/wireless/ath/ath5k/debug.c",
82372+ [18775].name = "write_file_frameerrors",
82373+ [18775].param3 = 1,
82374+ [18928].file = "drivers/staging/speakup/devsynth.c",
82375+ [18928].name = "speakup_file_write",
82376+ [18928].param3 = 1,
82377+ [18988].file = "drivers/staging/vme/devices/vme_user.c",
82378+ [18988].name = "vme_user_read",
82379+ [18988].param3 = 1,
82380+ [19012].file = "drivers/acpi/event.c",
82381+ [19012].name = "acpi_system_read_event",
82382+ [19012].param3 = 1,
82383+ [19028].file = "mm/filemap.c",
82384+ [19028].name = "iov_iter_copy_from_user_atomic",
82385+ [19028].param4 = 1,
82386+ [19107].file = "security/smack/smackfs.c",
82387+ [19107].name = "smk_write_load_list",
82388+ [19107].param3 = 1,
82389+ [19261].file = "net/netlabel/netlabel_domainhash.c",
82390+ [19261].name = "netlbl_domhsh_init",
82391+ [19261].param1 = 1,
82392+ [19274].file = "net/core/pktgen.c",
82393+ [19274].name = "pktgen_if_write",
82394+ [19274].param3 = 1,
82395+ [19286].file = "drivers/base/regmap/regmap.c",
82396+ [19286].name = "_regmap_raw_write",
82397+ [19286].param4 = 1,
82398+ [19288].file = "net/ipv6/raw.c",
82399+ [19288].name = "rawv6_setsockopt",
82400+ [19288].param5 = 1,
82401+ [19308].file = "drivers/char/mem.c",
82402+ [19308].name = "read_oldmem",
82403+ [19308].param3 = 1,
82404+ [19332].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
82405+ [19332].name = "iwl_dbgfs_plcp_delta_write",
82406+ [19332].param3 = 1,
82407+ [19349].file = "drivers/acpi/acpica/utobject.c",
82408+ [19349].name = "acpi_ut_create_package_object",
82409+ [19349].param1 = 1,
82410+ [19504].file = "drivers/usb/serial/garmin_gps.c",
82411+ [19504].name = "pkt_add",
82412+ [19504].param3 = 1,
82413+ [19522].file = "mm/percpu.c",
82414+ [19522].name = "pcpu_mem_zalloc",
82415+ [19522].param1 = 1,
82416+ [19548].file = "drivers/scsi/qla2xxx/qla_init.c",
82417+ [19548].name = "qla2x00_get_ctx_sp",
82418+ [19548].param3 = 1,
82419+ [19738].file = "fs/sysfs/file.c",
82420+ [19738].name = "sysfs_write_file",
82421+ [19738].param3 = 1,
82422+ [19833].file = "drivers/xen/xenfs/privcmd.c",
82423+ [19833].name = "gather_array",
82424+ [19833].param3 = 1,
82425+ [19909].file = "drivers/net/wireless/libertas/debugfs.c",
82426+ [19909].name = "lbs_sleepparams_write",
82427+ [19909].param3 = 1,
82428+ [19920].file = "drivers/input/joydev.c",
82429+ [19920].name = "joydev_ioctl",
82430+ [19920].param2 = 1,
82431+ [19931].file = "drivers/usb/misc/ftdi-elan.c",
82432+ [19931].name = "ftdi_elan_write",
82433+ [19931].param3 = 1,
82434+ [19943].file = "drivers/net/wireless/ath/ath9k/debug.c",
82435+ [19943].name = "write_file_regval",
82436+ [19943].param3 = 1,
82437+ [19960].file = "drivers/usb/class/usblp.c",
82438+ [19960].name = "usblp_read",
82439+ [19960].param3 = 1,
82440+ [20023].file = "drivers/media/video/gspca/gspca.c",
82441+ [20023].name = "dev_read",
82442+ [20023].param3 = 1,
82443+ [20113].file = "drivers/net/wireless/libertas/debugfs.c",
82444+ [20113].name = "lbs_rdmac_write",
82445+ [20113].param3 = 1,
82446+ [20314].file = "drivers/gpu/drm/drm_hashtab.c",
82447+ [20314].name = "drm_ht_create",
82448+ [20314].param2 = 1,
82449+ [20376].file = "mm/nobootmem.c",
82450+ [20376].name = "__alloc_bootmem_nopanic",
82451+ [20376].param1 = 1,
82452+ [20606].file = "fs/nilfs2/mdt.c",
82453+ [20606].name = "nilfs_mdt_init",
82454+ [20606].param3 = 1,
82455+ [20611].file = "net/netfilter/x_tables.c",
82456+ [20611].name = "xt_alloc_table_info",
82457+ [20611].param1 = 1,
82458+ [20713].file = "drivers/gpu/drm/ttm/ttm_bo_vm.c",
82459+ [20713].name = "ttm_bo_io",
82460+ [20713].param5 = 1,
82461+ [20730].file = "drivers/media/video/videobuf2-vmalloc.c",
82462+ [20730].name = "vb2_vmalloc_alloc",
82463+ [20730].param2 = 1,
82464+ [20801].file = "drivers/vhost/vhost.c",
82465+ [20801].name = "vhost_add_used_n",
82466+ [20801].param3 = 1,
82467+ [20835].file = "drivers/isdn/i4l/isdn_common.c",
82468+ [20835].name = "isdn_read",
82469+ [20835].param3 = 1,
82470+ [20951].file = "crypto/rng.c",
82471+ [20951].name = "rngapi_reset",
82472+ [20951].param3 = 1,
82473+ [21134].file = "drivers/video/via/viafbdev.c",
82474+ [21134].name = "viafb_dfph_proc_write",
82475+ [21134].param3 = 1,
82476+ [21193].file = "net/wireless/sme.c",
82477+ [21193].name = "cfg80211_disconnected",
82478+ [21193].param4 = 1,
82479+ [21277].file = "drivers/usb/storage/shuttle_usbat.c",
82480+ [21277].name = "usbat_flash_write_data",
82481+ [21277].param4 = 1,
82482+ [21312].file = "lib/ts_kmp.c",
82483+ [21312].name = "kmp_init",
82484+ [21312].param2 = 1,
82485+ [21335].file = "net/econet/af_econet.c",
82486+ [21335].name = "econet_sendmsg",
82487+ [21335].param4 = 1,
82488+ [21397].file = "net/core/sock.c",
82489+ [21397].name = "sock_setsockopt",
82490+ [21397].param5 = 1,
82491+ [21406].file = "fs/libfs.c",
82492+ [21406].name = "simple_write_to_buffer",
82493+ [21406].param2 = 1,
82494+ [21406].param5 = 1,
82495+ [21451].file = "net/netfilter/ipvs/ip_vs_ctl.c",
82496+ [21451].name = "do_ip_vs_set_ctl",
82497+ [21451].param4 = 1,
82498+ [21459].file = "security/smack/smackfs.c",
82499+ [21459].name = "smk_write_doi",
82500+ [21459].param3 = 1,
82501+ [21468].file = "drivers/char/virtio_console.c",
82502+ [21468].name = "port_fops_read",
82503+ [21468].param3 = 1,
82504+ [21511].file = "drivers/input/ff-core.c",
82505+ [21511].name = "input_ff_create",
82506+ [21511].param2 = 1,
82507+ [21538].file = "net/bluetooth/l2cap_sock.c",
82508+ [21538].name = "l2cap_sock_setsockopt",
82509+ [21538].param5 = 1,
82510+ [21608].file = "drivers/char/tpm/tpm.c",
82511+ [21608].name = "tpm_write",
82512+ [21608].param3 = 1,
82513+ [2160].file = "drivers/net/wireless/ray_cs.c",
82514+ [2160].name = "int_proc_write",
82515+ [2160].param3 = 1,
82516+ [21632].file = "fs/afs/cell.c",
82517+ [21632].name = "afs_cell_create",
82518+ [21632].param2 = 1,
82519+ [21679].file = "drivers/net/wireless/ath/carl9170/debug.c",
82520+ [21679].name = "carl9170_debugfs_write",
82521+ [21679].param3 = 1,
82522+ [21712].file = "net/rxrpc/ar-output.c",
82523+ [21712].name = "rxrpc_send_data",
82524+ [21712].param5 = 1,
82525+ [2180].file = "drivers/char/ppdev.c",
82526+ [2180].name = "pp_write",
82527+ [2180].param3 = 1,
82528+ [21946].file = "fs/nfs/idmap.c",
82529+ [21946].name = "nfs_map_name_to_uid",
82530+ [21946].param3 = 1,
82531+ [22085].file = "drivers/staging/sep/sep_driver.c",
82532+ [22085].name = "sep_lock_user_pages",
82533+ [22085].param2 = 1,
82534+ [22085].param3 = 1,
82535+ [22187].file = "fs/namei.c",
82536+ [22187].name = "user_path_at_empty",
82537+ [22187].param2 = 1,
82538+ [22190].file = "drivers/char/tpm/tpm.c",
82539+ [22190].name = "tpm_read",
82540+ [22190].param3 = 1,
82541+ [22204].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
82542+ [22204].name = "iwl_dbgfs_echo_test_write",
82543+ [22204].param3 = 1,
82544+ [22291].file = "net/core/pktgen.c",
82545+ [22291].name = "pgctrl_write",
82546+ [22291].param3 = 1,
82547+ [22439].file = "fs/afs/rxrpc.c",
82548+ [22439].name = "afs_alloc_flat_call",
82549+ [22439].param2 = 1,
82550+ [22439].param3 = 1,
82551+ [2243].file = "drivers/scsi/scsi_tgt_lib.c",
82552+ [2243].name = "scsi_tgt_kspace_exec",
82553+ [2243].param8 = 1,
82554+ [22546].file = "drivers/char/pcmcia/cm4040_cs.c",
82555+ [22546].name = "cm4040_read",
82556+ [22546].param3 = 1,
82557+ [22742].file = "drivers/tty/tty_buffer.c",
82558+ [22742].name = "tty_insert_flip_string_flags",
82559+ [22742].param4 = 1,
82560+ [22772].file = "drivers/target/iscsi/iscsi_target_erl1.c",
82561+ [22772].name = "iscsit_dump_data_payload",
82562+ [22772].param2 = 1,
82563+ [2286].file = "drivers/scsi/mvumi.c",
82564+ [2286].name = "mvumi_alloc_mem_resource",
82565+ [2286].param3 = 1,
82566+ [22904].file = "security/selinux/ss/services.c",
82567+ [22904].name = "security_context_to_sid_default",
82568+ [22904].param2 = 1,
82569+ [22932].file = "fs/compat.c",
82570+ [22932].name = "compat_sys_writev",
82571+ [22932].param3 = 1,
82572+ [2302].file = "drivers/media/video/stk-webcam.c",
82573+ [2302].name = "v4l_stk_read",
82574+ [2302].param3 = 1,
82575+ [23037].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
82576+ [23037].name = "iwl_dbgfs_wd_timeout_write",
82577+ [23037].param3 = 1,
82578+ [2307].file = "drivers/pcmcia/cistpl.c",
82579+ [2307].name = "pcmcia_replace_cis",
82580+ [2307].param3 = 1,
82581+ [23093].file = "drivers/scsi/st.c",
82582+ [23093].name = "st_read",
82583+ [23093].param3 = 1,
82584+ [23117].file = "drivers/media/dvb/ttpci/av7110_av.c",
82585+ [23117].name = "dvb_audio_write",
82586+ [23117].param3 = 1,
82587+ [2324].file = "net/ieee802154/wpan-class.c",
82588+ [2324].name = "wpan_phy_alloc",
82589+ [2324].param1 = 1,
82590+ [23535].file = "ipc/sem.c",
82591+ [23535].name = "sys_semtimedop",
82592+ [23535].param3 = 1,
82593+ [2357].file = "drivers/usb/serial/garmin_gps.c",
82594+ [2357].name = "garmin_read_process",
82595+ [2357].param3 = 1,
82596+ [23589].file = "kernel/relay.c",
82597+ [23589].name = "subbuf_read_actor",
82598+ [23589].param3 = 1,
82599+ [23619].file = "drivers/tty/tty_buffer.c",
82600+ [23619].name = "tty_buffer_request_room",
82601+ [23619].param2 = 1,
82602+ [23640].file = "drivers/usb/host/ehci-dbg.c",
82603+ [23640].name = "debug_lpm_write",
82604+ [23640].param3 = 1,
82605+ [23684].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
82606+ [23684].name = "iwl_legacy_dbgfs_clear_traffic_statistics_write",
82607+ [23684].param3 = 1,
82608+ [23848].file = "crypto/blkcipher.c",
82609+ [23848].name = "async_setkey",
82610+ [23848].param3 = 1,
82611+ [2386].file = "drivers/acpi/acpica/exnames.c",
82612+ [2386].name = "acpi_ex_allocate_name_string",
82613+ [2386].param2 = 1,
82614+ [23883].file = "drivers/net/wireless/iwlwifi/iwl-trans-pcie.c",
82615+ [23883].name = "iwl_dbgfs_interrupt_write",
82616+ [23883].param3 = 1,
82617+ [23999].file = "sound/pci/rme9652/hdsp.c",
82618+ [23999].name = "snd_hdsp_capture_copy",
82619+ [23999].param5 = 1,
82620+ [24072].file = "drivers/staging/pohmelfs/inode.c",
82621+ [24072].name = "pohmelfs_send_readpages",
82622+ [24072].param3 = 1,
82623+ [24233].file = "drivers/pci/pcie/aer/aer_inject.c",
82624+ [24233].name = "aer_inject_write",
82625+ [24233].param3 = 1,
82626+ [24263].file = "kernel/cgroup.c",
82627+ [24263].name = "cgroup_file_write",
82628+ [24263].param3 = 1,
82629+ [24313].file = "drivers/staging/frontier/tranzport.c",
82630+ [24313].name = "usb_tranzport_write",
82631+ [24313].param3 = 1,
82632+ [24359].file = "kernel/power/qos.c",
82633+ [24359].name = "pm_qos_power_write",
82634+ [24359].param3 = 1,
82635+ [24410].file = "drivers/net/wireless/ipw2x00/libipw_module.c",
82636+ [24410].name = "debug_level_proc_write",
82637+ [24410].param3 = 1,
82638+ [24457].file = "fs/btrfs/backref.c",
82639+ [24457].name = "init_data_container",
82640+ [24457].param1 = 1,
82641+ [24539].file = "drivers/gpu/drm/vmwgfx/vmwgfx_kms.c",
82642+ [24539].name = "vmw_framebuffer_dmabuf_dirty",
82643+ [24539].param6 = 1,
82644+ [24719].file = "drivers/input/evdev.c",
82645+ [24719].name = "bits_to_user",
82646+ [24719].param2 = 1,
82647+ [24719].param3 = 1,
82648+ [2472].file = "net/ipv4/netfilter/ip_tables.c",
82649+ [2472].name = "compat_do_ipt_set_ctl",
82650+ [2472].param4 = 1,
82651+ [24755].file = "drivers/infiniband/hw/qib/qib_diag.c",
82652+ [24755].name = "qib_diag_write",
82653+ [24755].param3 = 1,
82654+ [24805].file = "security/keys/user_defined.c",
82655+ [24805].name = "user_update",
82656+ [24805].param3 = 1,
82657+ [25036].file = "fs/pipe.c",
82658+ [25036].name = "pipe_iov_copy_from_user",
82659+ [25036].param3 = 1,
82660+ [25127].file = "drivers/scsi/device_handler/scsi_dh_alua.c",
82661+ [25127].name = "realloc_buffer",
82662+ [25127].param2 = 1,
82663+ [25157].file = "security/keys/request_key_auth.c",
82664+ [25157].name = "request_key_auth_new",
82665+ [25157].param3 = 1,
82666+ [25158].file = "drivers/net/ethernet/mellanox/mlx4/en_rx.c",
82667+ [25158].name = "mlx4_en_create_rx_ring",
82668+ [25158].param3 = 1,
82669+ [25223].file = "drivers/platform/x86/toshiba_acpi.c",
82670+ [25223].name = "fan_proc_write",
82671+ [25223].param3 = 1,
82672+ [25267].file = "fs/configfs/file.c",
82673+ [25267].name = "configfs_write_file",
82674+ [25267].param3 = 1,
82675+ [25356].file = "net/core/dev.c",
82676+ [25356].name = "alloc_netdev_mqs",
82677+ [25356].param4 = 1,
82678+ [25356].param5 = 1,
82679+ [25495].file = "drivers/scsi/bfa/bfad_debugfs.c",
82680+ [25495].name = "bfad_debugfs_write_regwr",
82681+ [25495].param3 = 1,
82682+ [25558].file = "fs/proc/task_mmu.c",
82683+ [25558].name = "clear_refs_write",
82684+ [25558].param3 = 1,
82685+ [25692].file = "drivers/net/wireless/ath/ath6kl/wmi.c",
82686+ [25692].name = "ath6kl_wmi_send_action_cmd",
82687+ [25692].param6 = 1,
82688+ [2609].file = "lib/kstrtox.c",
82689+ [2609].name = "kstrtoul_from_user",
82690+ [2609].param2 = 1,
82691+ [26100].file = "sound/core/info.c",
82692+ [26100].name = "snd_info_entry_write",
82693+ [26100].param3 = 1,
82694+ [26215].file = "drivers/md/dm-table.c",
82695+ [26215].name = "dm_table_create",
82696+ [26215].param3 = 1,
82697+ [26256].file = "fs/hpfs/name.c",
82698+ [26256].name = "hpfs_translate_name",
82699+ [26256].param3 = 1,
82700+ [26404].file = "drivers/net/wireless/mwifiex/debugfs.c",
82701+ [26404].name = "mwifiex_rdeeprom_write",
82702+ [26404].param3 = 1,
82703+ [26494].file = "kernel/signal.c",
82704+ [26494].name = "sys_rt_sigpending",
82705+ [26494].param2 = 1,
82706+ [26497].file = "security/keys/keyctl.c",
82707+ [26497].name = "sys_keyctl",
82708+ [26497].param4 = 1,
82709+ [26533].file = "drivers/block/aoe/aoechr.c",
82710+ [26533].name = "aoechr_write",
82711+ [26533].param3 = 1,
82712+ [26560].file = "crypto/algapi.c",
82713+ [26560].name = "crypto_alloc_instance2",
82714+ [26560].param3 = 1,
82715+ [26620].file = "net/bluetooth/mgmt.c",
82716+ [26620].name = "mgmt_control",
82717+ [26620].param3 = 1,
82718+ [26701].file = "drivers/mtd/chips/cfi_util.c",
82719+ [26701].name = "cfi_read_pri",
82720+ [26701].param3 = 1,
82721+ [26757].file = "fs/xattr.c",
82722+ [26757].name = "sys_fgetxattr",
82723+ [26757].param4 = 1,
82724+ [2678].file = "drivers/platform/x86/asus_acpi.c",
82725+ [2678].name = "disp_proc_write",
82726+ [2678].param3 = 1,
82727+ [26834].file = "drivers/gpu/drm/drm_drv.c",
82728+ [26834].name = "drm_ioctl",
82729+ [26834].param2 = 1,
82730+ [26843].file = "drivers/firewire/core-cdev.c",
82731+ [26843].name = "fw_device_op_compat_ioctl",
82732+ [26843].param2 = 1,
82733+ [26845].file = "drivers/scsi/qla2xxx/qla_bsg.c",
82734+ [26845].name = "qla2x00_get_ctx_bsg_sp",
82735+ [26845].param3 = 1,
82736+ [26962].file = "drivers/usb/class/usbtmc.c",
82737+ [26962].name = "usbtmc_write",
82738+ [26962].param3 = 1,
82739+ [26966].file = "drivers/media/dvb/ddbridge/ddbridge-core.c",
82740+ [26966].name = "ts_write",
82741+ [26966].param3 = 1,
82742+ [27004].file = "drivers/misc/hpilo.c",
82743+ [27004].name = "ilo_write",
82744+ [27004].param3 = 1,
82745+ [27025].file = "fs/ntfs/file.c",
82746+ [27025].name = "__ntfs_copy_from_user_iovec_inatomic",
82747+ [27025].param3 = 1,
82748+ [27025].param4 = 1,
82749+ [27061].file = "drivers/firewire/core-cdev.c",
82750+ [27061].name = "iso_callback",
82751+ [27061].param3 = 1,
82752+ [2711].file = "drivers/media/dvb/dvb-core/dvb_ringbuffer.c",
82753+ [2711].name = "dvb_ringbuffer_read_user",
82754+ [2711].param3 = 1,
82755+ [27129].file = "fs/lockd/mon.c",
82756+ [27129].name = "nsm_get_handle",
82757+ [27129].param4 = 1,
82758+ [27142].file = "fs/proc/kcore.c",
82759+ [27142].name = "read_kcore",
82760+ [27142].param3 = 1,
82761+ [27164].file = "include/drm/drm_mem_util.h",
82762+ [27164].name = "drm_calloc_large",
82763+ [27164].param1 = 1,
82764+ [2722].file = "drivers/gpu/drm/ttm/ttm_page_alloc.c",
82765+ [2722].name = "ttm_alloc_new_pages",
82766+ [2722].param5 = 1,
82767+ [27232].file = "security/apparmor/lib.c",
82768+ [27232].name = "kvmalloc",
82769+ [27232].param1 = 1,
82770+ [27275].file = "drivers/scsi/cxgbi/libcxgbi.c",
82771+ [27275].name = "cxgbi_ddp_reserve",
82772+ [27275].param4 = 1,
82773+ [27280].file = "drivers/net/ethernet/mellanox/mlx4/en_tx.c",
82774+ [27280].name = "mlx4_en_create_tx_ring",
82775+ [27280].param4 = 1,
82776+ [27290].file = "security/selinux/ss/services.c",
82777+ [27290].name = "security_context_to_sid_core",
82778+ [27290].param2 = 1,
82779+ [27302].file = "fs/proc/base.c",
82780+ [27302].name = "proc_loginuid_write",
82781+ [27302].param3 = 1,
82782+ [27472].file = "security/selinux/selinuxfs.c",
82783+ [27472].name = "sel_write_load",
82784+ [27472].param3 = 1,
82785+ [27491].file = "fs/proc/base.c",
82786+ [27491].name = "proc_pid_attr_write",
82787+ [27491].param3 = 1,
82788+ [27568].file = "drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c",
82789+ [27568].name = "t4_alloc_mem",
82790+ [27568].param1 = 1,
82791+ [27582].file = "drivers/platform/x86/asus_acpi.c",
82792+ [27582].name = "ledd_proc_write",
82793+ [27582].param3 = 1,
82794+ [27695].file = "fs/namei.c",
82795+ [27695].name = "sys_link",
82796+ [27695].param1 = 1,
82797+ [27695].param2 = 1,
82798+ [27697].file = "drivers/staging/mei/iorw.c",
82799+ [27697].name = "amthi_read",
82800+ [27697].param4 = 1,
82801+ [27927].file = "drivers/tty/tty_io.c",
82802+ [27927].name = "redirected_tty_write",
82803+ [27927].param3 = 1,
82804+ [28040].file = "kernel/kfifo.c",
82805+ [28040].name = "__kfifo_alloc",
82806+ [28040].param2 = 1,
82807+ [28040].param3 = 1,
82808+ [28092].file = "fs/select.c",
82809+ [28092].name = "do_sys_poll",
82810+ [28092].param2 = 1,
82811+ [28170].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
82812+ [28170].name = "iwl_dbgfs_ucode_tracing_write",
82813+ [28170].param3 = 1,
82814+ [28247].file = "net/sctp/tsnmap.c",
82815+ [28247].name = "sctp_tsnmap_init",
82816+ [28247].param2 = 1,
82817+ [28265].file = "fs/notify/fanotify/fanotify_user.c",
82818+ [28265].name = "fanotify_write",
82819+ [28265].param3 = 1,
82820+ [28316].file = "drivers/input/joydev.c",
82821+ [28316].name = "joydev_ioctl_common",
82822+ [28316].param2 = 1,
82823+ [28360].file = "drivers/hid/usbhid/hiddev.c",
82824+ [28360].name = "hiddev_compat_ioctl",
82825+ [28360].param2 = 1,
82826+ [28407].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
82827+ [28407].name = "rt2x00debug_write_csr",
82828+ [28407].param3 = 1,
82829+ [28462].file = "net/rfkill/core.c",
82830+ [28462].name = "rfkill_fop_write",
82831+ [28462].param3 = 1,
82832+ [28635].file = "drivers/gpu/drm/drm_sman.c",
82833+ [28635].name = "drm_sman_init",
82834+ [28635].param2 = 1,
82835+ [28655].file = "drivers/infiniband/hw/mthca/mthca_allocator.c",
82836+ [28655].name = "mthca_alloc_init",
82837+ [28655].param2 = 1,
82838+ [28688].file = "mm/mempolicy.c",
82839+ [28688].name = "compat_sys_get_mempolicy",
82840+ [28688].param3 = 1,
82841+ [28783].file = "drivers/gpu/drm/i915/i915_debugfs.c",
82842+ [28783].name = "i915_cache_sharing_write",
82843+ [28783].param3 = 1,
82844+ [28787].file = "drivers/media/video/videobuf2-core.c",
82845+ [28787].name = "vb2_write",
82846+ [28787].param3 = 1,
82847+ [28879].file = "drivers/base/map.c",
82848+ [28879].name = "kobj_map",
82849+ [28879].param2 = 1,
82850+ [28879].param3 = 1,
82851+ [28889].file = "drivers/char/pcmcia/cm4040_cs.c",
82852+ [28889].name = "cm4040_write",
82853+ [28889].param3 = 1,
82854+ [29073].file = "drivers/gpu/drm/vmwgfx/vmwgfx_kms.c",
82855+ [29073].name = "vmw_kms_readback",
82856+ [29073].param6 = 1,
82857+ [29085].file = "security/apparmor/apparmorfs.c",
82858+ [29085].name = "profile_load",
82859+ [29085].param3 = 1,
82860+ [29092].file = "lib/lru_cache.c",
82861+ [29092].name = "lc_create",
82862+ [29092].param3 = 1,
82863+ [29189].file = "drivers/gpu/drm/ttm/ttm_page_alloc.c",
82864+ [29189].name = "ttm_put_pages",
82865+ [29189].param2 = 1,
82866+ [29257].file = "drivers/vhost/vhost.c",
82867+ [29257].name = "vhost_add_used_and_signal_n",
82868+ [29257].param4 = 1,
82869+ [29366].file = "drivers/char/pcmcia/cm4000_cs.c",
82870+ [29366].name = "cmm_read",
82871+ [29366].param3 = 1,
82872+ [29405].file = "drivers/media/dvb/dvb-usb/dw2102.c",
82873+ [29405].name = "dw210x_op_rw",
82874+ [29405].param6 = 1,
82875+ [29437].file = "drivers/net/wireless/iwlegacy/iwl-4965-rs.c",
82876+ [29437].name = "iwl4965_rs_sta_dbgfs_scale_table_write",
82877+ [29437].param3 = 1,
82878+ [29465].file = "drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c",
82879+ [29465].name = "mem_read",
82880+ [29465].param3 = 1,
82881+ [29714].file = "drivers/scsi/cxgbi/libcxgbi.c",
82882+ [29714].name = "cxgbi_device_register",
82883+ [29714].param1 = 1,
82884+ [29714].param2 = 1,
82885+ [29859].file = "net/rds/page.c",
82886+ [29859].name = "rds_page_copy_user",
82887+ [29859].param4 = 1,
82888+ [29875].file = "sound/isa/gus/gus_pcm.c",
82889+ [29875].name = "snd_gf1_pcm_playback_copy",
82890+ [29875].param5 = 1,
82891+ [29905].file = "mm/nobootmem.c",
82892+ [29905].name = "___alloc_bootmem",
82893+ [29905].param1 = 1,
82894+ [2995].file = "mm/page_alloc.c",
82895+ [2995].name = "alloc_large_system_hash",
82896+ [2995].param2 = 1,
82897+ [30242].file = "fs/cifs/cifssmb.c",
82898+ [30242].name = "cifs_readdata_alloc",
82899+ [30242].param1 = 1,
82900+ [30341].file = "drivers/infiniband/hw/qib/qib_verbs.c",
82901+ [30341].name = "qib_verbs_send",
82902+ [30341].param3 = 1,
82903+ [30341].param5 = 1,
82904+ [30438].file = "mm/filemap_xip.c",
82905+ [30438].name = "xip_file_read",
82906+ [30438].param3 = 1,
82907+ [30449].file = "drivers/telephony/ixj.c",
82908+ [30449].name = "ixj_read",
82909+ [30449].param3 = 1,
82910+ [30489].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
82911+ [30489].name = "iwl_dbgfs_rx_handlers_write",
82912+ [30489].param3 = 1,
82913+ [30693].file = "fs/namei.c",
82914+ [30693].name = "sys_rename",
82915+ [30693].param1 = 1,
82916+ [30693].param2 = 1,
82917+ [307].file = "drivers/base/regmap/regmap-debugfs.c",
82918+ [307].name = "regmap_map_read_file",
82919+ [307].param3 = 1,
82920+ [30970].file = "drivers/usb/misc/ldusb.c",
82921+ [30970].name = "ld_usb_read",
82922+ [30970].param3 = 1,
82923+ [31155].file = "drivers/staging/frontier/alphatrack.c",
82924+ [31155].name = "usb_alphatrack_write",
82925+ [31155].param3 = 1,
82926+ [31207].file = "drivers/platform/x86/asus_acpi.c",
82927+ [31207].name = "parse_arg",
82928+ [31207].param2 = 1,
82929+ [31348].file = "kernel/sched.c",
82930+ [31348].name = "sys_sched_getaffinity",
82931+ [31348].param2 = 1,
82932+ [31465].file = "net/rds/message.c",
82933+ [31465].name = "rds_message_map_pages",
82934+ [31465].param2 = 1,
82935+ [31492].file = "drivers/hid/hidraw.c",
82936+ [31492].name = "hidraw_read",
82937+ [31492].param3 = 1,
82938+ [31649].file = "fs/ecryptfs/crypto.c",
82939+ [31649].name = "ecryptfs_decode_and_decrypt_filename",
82940+ [31649].param5 = 1,
82941+ [3170].file = "security/integrity/ima/ima_fs.c",
82942+ [3170].name = "ima_write_policy",
82943+ [3170].param3 = 1,
82944+ [31730].file = "net/dccp/proto.c",
82945+ [31730].name = "dccp_setsockopt",
82946+ [31730].param5 = 1,
82947+ [31782].file = "drivers/misc/pti.c",
82948+ [31782].name = "pti_char_write",
82949+ [31782].param3 = 1,
82950+ [31789].file = "fs/file.c",
82951+ [31789].name = "alloc_fdmem",
82952+ [31789].param1 = 1,
82953+ [31957].file = "fs/afs/proc.c",
82954+ [31957].name = "afs_proc_cells_write",
82955+ [31957].param3 = 1,
82956+ [32025].file = "drivers/nfc/pn544.c",
82957+ [32025].name = "pn544_write",
82958+ [32025].param3 = 1,
82959+ [32182].file = "net/sunrpc/cache.c",
82960+ [32182].name = "cache_write",
82961+ [32182].param3 = 1,
82962+ [32326].file = "drivers/tty/n_r3964.c",
82963+ [32326].name = "r3964_write",
82964+ [32326].param4 = 1,
82965+ [32402].file = "net/ceph/pagevec.c",
82966+ [32402].name = "ceph_copy_user_to_page_vector",
82967+ [32402].param4 = 1,
82968+ [3241].file = "drivers/usb/wusbcore/crypto.c",
82969+ [3241].name = "wusb_prf",
82970+ [3241].param7 = 1,
82971+ [32459].file = "drivers/media/radio/radio-wl1273.c",
82972+ [32459].name = "wl1273_fm_fops_write",
82973+ [32459].param3 = 1,
82974+ [32560].file = "drivers/input/input-mt.c",
82975+ [32560].name = "input_mt_init_slots",
82976+ [32560].param2 = 1,
82977+ [32574].file = "mm/mempolicy.c",
82978+ [32574].name = "sys_get_mempolicy",
82979+ [32574].param3 = 1,
82980+ [32608].file = "security/selinux/selinuxfs.c",
82981+ [32608].name = "sel_write_checkreqprot",
82982+ [32608].param3 = 1,
82983+ [32950].file = "fs/reiserfs/resize.c",
82984+ [32950].name = "reiserfs_resize",
82985+ [32950].param2 = 1,
82986+ [33010].file = "drivers/media/dvb/dvb-core/dvb_ringbuffer.c",
82987+ [33010].name = "dvb_ringbuffer_pkt_read_user",
82988+ [33010].param5 = 1,
82989+ [33268].file = "mm/maccess.c",
82990+ [33268].name = "__probe_kernel_write",
82991+ [33268].param3 = 1,
82992+ [33280].file = "fs/xfs/kmem.c",
82993+ [33280].name = "kmem_realloc",
82994+ [33280].param2 = 1,
82995+ [33375].file = "drivers/staging/rtl8712/osdep_service.h",
82996+ [33375].name = "_malloc",
82997+ [33375].param1 = 1,
82998+ [33637].file = "net/9p/client.c",
82999+ [33637].name = "p9_client_read",
83000+ [33637].param5 = 1,
83001+ [33669].file = "fs/gfs2/glock.c",
83002+ [33669].name = "gfs2_glock_nq_m",
83003+ [33669].param1 = 1,
83004+ [33810].file = "net/mac80211/util.c",
83005+ [33810].name = "ieee80211_send_probe_req",
83006+ [33810].param6 = 1,
83007+ [3384].file = "drivers/block/paride/pg.c",
83008+ [3384].name = "pg_write",
83009+ [3384].param3 = 1,
83010+ [34016].file = "drivers/tty/tty_buffer.c",
83011+ [34016].name = "tty_prepare_flip_string_flags",
83012+ [34016].param4 = 1,
83013+ [34105].file = "fs/libfs.c",
83014+ [34105].name = "simple_read_from_buffer",
83015+ [34105].param2 = 1,
83016+ [34105].param5 = 1,
83017+ [34120].file = "drivers/media/video/pvrusb2/pvrusb2-io.c",
83018+ [34120].name = "pvr2_stream_buffer_count",
83019+ [34120].param2 = 1,
83020+ [34226].file = "mm/shmem.c",
83021+ [34226].name = "shmem_xattr_set",
83022+ [34226].param4 = 1,
83023+ [34251].file = "drivers/staging/cxt1e1/sbecom_inline_linux.h",
83024+ [34251].name = "OS_kmalloc",
83025+ [34251].param1 = 1,
83026+ [34276].file = "drivers/media/video/videobuf2-core.c",
83027+ [34276].name = "__vb2_perform_fileio",
83028+ [34276].param3 = 1,
83029+ [34278].file = "fs/ubifs/debug.c",
83030+ [34278].name = "dfs_global_file_write",
83031+ [34278].param3 = 1,
83032+ [34432].file = "drivers/edac/edac_pci.c",
83033+ [34432].name = "edac_pci_alloc_ctl_info",
83034+ [34432].param1 = 1,
83035+ [34551].file = "fs/ocfs2/stack_user.c",
83036+ [34551].name = "ocfs2_control_cfu",
83037+ [34551].param2 = 1,
83038+ [34666].file = "fs/cifs/cifs_debug.c",
83039+ [34666].name = "cifs_security_flags_proc_write",
83040+ [34666].param3 = 1,
83041+ [34672].file = "drivers/tty/tty_io.c",
83042+ [34672].name = "tty_write",
83043+ [34672].param3 = 1,
83044+ [34760].file = "include/acpi/platform/aclinux.h",
83045+ [34760].name = "acpi_os_allocate_zeroed",
83046+ [34760].param1 = 1,
83047+ [34802].file = "drivers/scsi/cxgbi/libcxgbi.h",
83048+ [34802].name = "cxgbi_alloc_big_mem",
83049+ [34802].param1 = 1,
83050+ [34847].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83051+ [34847].name = "iwl_dbgfs_clear_traffic_statistics_write",
83052+ [34847].param3 = 1,
83053+ [34863].file = "drivers/video/fbsysfs.c",
83054+ [34863].name = "framebuffer_alloc",
83055+ [34863].param1 = 1,
83056+ [34882].file = "drivers/platform/x86/toshiba_acpi.c",
83057+ [34882].name = "video_proc_write",
83058+ [34882].param3 = 1,
83059+ [34988].file = "drivers/net/wireless/libertas/debugfs.c",
83060+ [34988].name = "lbs_rdrf_write",
83061+ [34988].param3 = 1,
83062+ [35007].file = "drivers/usb/mon/mon_bin.c",
83063+ [35007].name = "mon_bin_read",
83064+ [35007].param3 = 1,
83065+ [35050].file = "fs/ocfs2/dlmfs/dlmfs.c",
83066+ [35050].name = "dlmfs_file_write",
83067+ [35050].param3 = 1,
83068+ [35119].file = "fs/xattr.c",
83069+ [35119].name = "sys_llistxattr",
83070+ [35119].param3 = 1,
83071+ [35129].file = "mm/nobootmem.c",
83072+ [35129].name = "___alloc_bootmem_nopanic",
83073+ [35129].param1 = 1,
83074+ [35176].file = "drivers/usb/misc/ldusb.c",
83075+ [35176].name = "ld_usb_write",
83076+ [35176].param3 = 1,
83077+ [35234].file = "net/irda/irnet/irnet_ppp.c",
83078+ [35234].name = "irnet_ctrl_write",
83079+ [35234].param3 = 1,
83080+ [35256].file = "sound/core/memory.c",
83081+ [35256].name = "copy_from_user_toio",
83082+ [35256].param3 = 1,
83083+ [35268].file = "security/keys/request_key_auth.c",
83084+ [35268].name = "request_key_auth_read",
83085+ [35268].param3 = 1,
83086+ [3541].file = "drivers/mtd/ubi/cdev.c",
83087+ [3541].name = "vol_cdev_write",
83088+ [3541].param3 = 1,
83089+ [35443].file = "sound/core/pcm_memory.c",
83090+ [35443].name = "_snd_pcm_lib_alloc_vmalloc_buffer",
83091+ [35443].param2 = 1,
83092+ [35449].file = "fs/namei.c",
83093+ [35449].name = "sys_mkdir",
83094+ [35449].param1 = 1,
83095+ [35542].file = "drivers/tty/ipwireless/hardware.c",
83096+ [35542].name = "ipwireless_send_packet",
83097+ [35542].param4 = 1,
83098+ [35556].file = "fs/read_write.c",
83099+ [35556].name = "sys_readv",
83100+ [35556].param3 = 1,
83101+ [35610].file = "net/batman-adv/translation-table.c",
83102+ [35610].name = "tt_save_orig_buffer",
83103+ [35610].param4 = 1,
83104+ [35693].file = "drivers/staging/mei/main.c",
83105+ [35693].name = "mei_read",
83106+ [35693].param3 = 1,
83107+ [35729].file = "include/linux/skbuff.h",
83108+ [35729].name = "__dev_alloc_skb",
83109+ [35729].param1 = 1,
83110+ [35731].file = "drivers/usb/class/cdc-wdm.c",
83111+ [35731].name = "wdm_read",
83112+ [35731].param3 = 1,
83113+ [35796].file = "drivers/mtd/nand/nand_bch.c",
83114+ [35796].name = "nand_bch_init",
83115+ [35796].param2 = 1,
83116+ [35796].param3 = 1,
83117+ [35880].file = "fs/ecryptfs/crypto.c",
83118+ [35880].name = "ecryptfs_encrypt_and_encode_filename",
83119+ [35880].param6 = 1,
83120+ [3604].file = "net/batman-adv/translation-table.c",
83121+ [3604].name = "tt_update_orig",
83122+ [3604].param4 = 1,
83123+ [36080].file = "drivers/media/video/v4l2-ioctl.c",
83124+ [36080].name = "video_usercopy",
83125+ [36080].param2 = 1,
83126+ [36149].file = "fs/udf/inode.c",
83127+ [36149].name = "udf_alloc_i_data",
83128+ [36149].param2 = 1,
83129+ [36183].file = "drivers/tty/vt/vc_screen.c",
83130+ [36183].name = "vcs_read",
83131+ [36183].param3 = 1,
83132+ [36199].file = "net/sunrpc/auth_gss/auth_gss.c",
83133+ [36199].name = "gss_pipe_downcall",
83134+ [36199].param3 = 1,
83135+ [3630].file = "drivers/video/broadsheetfb.c",
83136+ [3630].name = "broadsheetfb_write",
83137+ [3630].param3 = 1,
83138+ [3632].file = "drivers/firewire/core-cdev.c",
83139+ [3632].name = "fw_device_op_read",
83140+ [3632].param3 = 1,
83141+ [36490].file = "drivers/net/wireless/ath/ath6kl/cfg80211.c",
83142+ [36490].name = "ath6kl_cfg80211_connect_event",
83143+ [36490].param7 = 1,
83144+ [36522].file = "drivers/hid/hidraw.c",
83145+ [36522].name = "hidraw_send_report",
83146+ [36522].param3 = 1,
83147+ [36560].file = "net/sunrpc/cache.c",
83148+ [36560].name = "write_flush",
83149+ [36560].param3 = 1,
83150+ [36633].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
83151+ [36633].name = "rt2x00debug_read_queue_stats",
83152+ [36633].param3 = 1,
83153+ [3665].file = "drivers/media/video/ivtv/ivtvfb.c",
83154+ [3665].name = "ivtvfb_write",
83155+ [3665].param3 = 1,
83156+ [36981].file = "drivers/video/via/viafbdev.c",
83157+ [36981].name = "viafb_dfpl_proc_write",
83158+ [36981].param3 = 1,
83159+ [37034].file = "fs/cifs/cifssmb.c",
83160+ [37034].name = "cifs_writedata_alloc",
83161+ [37034].param1 = 1,
83162+ [37044].file = "sound/firewire/packets-buffer.c",
83163+ [37044].name = "iso_packets_buffer_init",
83164+ [37044].param3 = 1,
83165+ [37115].file = "drivers/tty/tty_buffer.c",
83166+ [37115].name = "tty_prepare_flip_string",
83167+ [37115].param3 = 1,
83168+ [37163].file = "net/core/skbuff.c",
83169+ [37163].name = "__netdev_alloc_skb",
83170+ [37163].param2 = 1,
83171+ [37204].file = "drivers/isdn/hardware/eicon/divasi.c",
83172+ [37204].name = "um_idi_read",
83173+ [37204].param3 = 1,
83174+ [37233].file = "fs/ocfs2/cluster/tcp.c",
83175+ [37233].name = "o2net_send_message_vec",
83176+ [37233].param4 = 1,
83177+ [37309].file = "drivers/mtd/mtdchar.c",
83178+ [37309].name = "mtd_do_readoob",
83179+ [37309].param4 = 1,
83180+ [37382].file = "drivers/staging/pohmelfs/inode.c",
83181+ [37382].name = "pohmelfs_readpages_trans_complete",
83182+ [37382].param2 = 1,
83183+ [37384].file = "drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c",
83184+ [37384].name = "vmw_fifo_reserve",
83185+ [37384].param2 = 1,
83186+ [37497].file = "net/mac80211/util.c",
83187+ [37497].name = "ieee80211_build_probe_req",
83188+ [37497].param7 = 1,
83189+ [37594].file = "include/linux/poll.h",
83190+ [37594].name = "get_fd_set",
83191+ [37594].param1 = 1,
83192+ [37611].file = "drivers/xen/xenbus/xenbus_xs.c",
83193+ [37611].name = "split",
83194+ [37611].param2 = 1,
83195+ [37661].file = "mm/filemap.c",
83196+ [37661].name = "file_read_actor",
83197+ [37661].param4 = 1,
83198+ [37872].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83199+ [37872].name = "iwl_dbgfs_protection_mode_write",
83200+ [37872].param3 = 1,
83201+ [37976].file = "drivers/platform/x86/asus_acpi.c",
83202+ [37976].name = "bluetooth_proc_write",
83203+ [37976].param3 = 1,
83204+ [3797].file = "sound/pci/asihpi/hpicmn.c",
83205+ [3797].name = "hpi_alloc_control_cache",
83206+ [3797].param1 = 1,
83207+ [3801].file = "drivers/block/paride/pt.c",
83208+ [3801].name = "pt_write",
83209+ [3801].param3 = 1,
83210+ [38057].file = "fs/coda/psdev.c",
83211+ [38057].name = "coda_psdev_write",
83212+ [38057].param3 = 1,
83213+ [38186].file = "kernel/signal.c",
83214+ [38186].name = "do_sigpending",
83215+ [38186].param2 = 1,
83216+ [38401].file = "drivers/xen/xenfs/xenbus.c",
83217+ [38401].name = "queue_reply",
83218+ [38401].param3 = 1,
83219+ [3841].file = "drivers/platform/x86/asus_acpi.c",
83220+ [3841].name = "write_led",
83221+ [3841].param2 = 1,
83222+ [38532].file = "fs/afs/cell.c",
83223+ [38532].name = "afs_cell_lookup",
83224+ [38532].param2 = 1,
83225+ [38576].file = "drivers/i2c/i2c-dev.c",
83226+ [38576].name = "i2cdev_read",
83227+ [38576].param3 = 1,
83228+ [38747].file = "fs/xattr.c",
83229+ [38747].name = "sys_lgetxattr",
83230+ [38747].param4 = 1,
83231+ [38972].file = "security/smack/smackfs.c",
83232+ [38972].name = "smk_write_logging",
83233+ [38972].param3 = 1,
83234+ [39001].file = "net/xfrm/xfrm_hash.c",
83235+ [39001].name = "xfrm_hash_alloc",
83236+ [39001].param1 = 1,
83237+ [39044].file = "lib/kstrtox.c",
83238+ [39044].name = "kstrtos16_from_user",
83239+ [39044].param2 = 1,
83240+ [39052].file = "drivers/input/evdev.c",
83241+ [39052].name = "evdev_ioctl",
83242+ [39052].param2 = 1,
83243+ [39154].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83244+ [39154].name = "iwl_dbgfs_clear_ucode_statistics_write",
83245+ [39154].param3 = 1,
83246+ [39155].file = "drivers/xen/grant-table.c",
83247+ [39155].name = "get_free_entries",
83248+ [39155].param1 = 1,
83249+ [39254].file = "drivers/char/pcmcia/cm4000_cs.c",
83250+ [39254].name = "cmm_write",
83251+ [39254].param3 = 1,
83252+ [39415].file = "fs/pstore/inode.c",
83253+ [39415].name = "pstore_mkfile",
83254+ [39415].param5 = 1,
83255+ [39417].file = "drivers/block/DAC960.c",
83256+ [39417].name = "dac960_user_command_proc_write",
83257+ [39417].param3 = 1,
83258+ [39479].file = "drivers/ide/ide-tape.c",
83259+ [39479].name = "idetape_chrdev_read",
83260+ [39479].param3 = 1,
83261+ [39573].file = "drivers/hid/hid-picolcd.c",
83262+ [39573].name = "picolcd_debug_reset_write",
83263+ [39573].param3 = 1,
83264+ [39583].file = "drivers/net/ethernet/broadcom/cnic.c",
83265+ [39583].name = "cnic_init_id_tbl",
83266+ [39583].param2 = 1,
83267+ [39606].file = "drivers/bluetooth/hci_vhci.c",
83268+ [39606].name = "vhci_write",
83269+ [39606].param3 = 1,
83270+ [39638].file = "security/selinux/selinuxfs.c",
83271+ [39638].name = "sel_write_avc_cache_threshold",
83272+ [39638].param3 = 1,
83273+ [39645].file = "drivers/media/dvb/dvb-core/dvbdev.c",
83274+ [39645].name = "dvb_generic_ioctl",
83275+ [39645].param2 = 1,
83276+ [39741].file = "drivers/video/via/viafbdev.c",
83277+ [39741].name = "viafb_iga2_odev_proc_write",
83278+ [39741].param3 = 1,
83279+ [39888].file = "net/core/skbuff.c",
83280+ [39888].name = "__alloc_skb",
83281+ [39888].param1 = 1,
83282+ [40043].file = "drivers/media/video/v4l2-ioctl.c",
83283+ [40043].name = "video_ioctl2",
83284+ [40043].param2 = 1,
83285+ [40049].file = "drivers/bluetooth/btmrvl_debugfs.c",
83286+ [40049].name = "btmrvl_psmode_write",
83287+ [40049].param3 = 1,
83288+ [40075].file = "drivers/media/video/c-qcam.c",
83289+ [40075].name = "qc_capture",
83290+ [40075].param3 = 1,
83291+ [40163].file = "fs/ncpfs/file.c",
83292+ [40163].name = "ncp_file_write",
83293+ [40163].param3 = 1,
83294+ [40240].file = "drivers/char/nvram.c",
83295+ [40240].name = "nvram_write",
83296+ [40240].param3 = 1,
83297+ [40256].file = "drivers/tty/vt/vc_screen.c",
83298+ [40256].name = "vcs_write",
83299+ [40256].param3 = 1,
83300+ [40302].file = "sound/isa/gus/gus_dram.c",
83301+ [40302].name = "snd_gus_dram_poke",
83302+ [40302].param4 = 1,
83303+ [40355].file = "drivers/staging/mei/main.c",
83304+ [40355].name = "mei_write",
83305+ [40355].param3 = 1,
83306+ [40373].file = "fs/cifs/cifs_spnego.c",
83307+ [40373].name = "cifs_spnego_key_instantiate",
83308+ [40373].param3 = 1,
83309+ [40412].file = "fs/namei.c",
83310+ [40412].name = "user_path_at",
83311+ [40412].param2 = 1,
83312+ [40578].file = "sound/soc/soc-core.c",
83313+ [40578].name = "codec_reg_write_file",
83314+ [40578].param3 = 1,
83315+ [40678].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83316+ [40678].name = "iwl_legacy_dbgfs_traffic_log_write",
83317+ [40678].param3 = 1,
83318+ [40713].file = "net/mac80211/debugfs.c",
83319+ [40713].name = "noack_write",
83320+ [40713].param3 = 1,
83321+ [40754].file = "fs/btrfs/delayed-inode.c",
83322+ [40754].name = "btrfs_alloc_delayed_item",
83323+ [40754].param1 = 1,
83324+ [40786].file = "net/ipv4/netfilter/nf_nat_snmp_basic.c",
83325+ [40786].name = "asn1_octets_decode",
83326+ [40786].param2 = 1,
83327+ [40901].file = "drivers/block/drbd/drbd_bitmap.c",
83328+ [40901].name = "drbd_bm_resize",
83329+ [40901].param2 = 1,
83330+ [40952].file = "drivers/misc/sgi-xp/xpc_partition.c",
83331+ [40952].name = "xpc_kmalloc_cacheline_aligned",
83332+ [40952].param1 = 1,
83333+ [41000].file = "sound/core/pcm_native.c",
83334+ [41000].name = "snd_pcm_aio_read",
83335+ [41000].param3 = 1,
83336+ [41003].file = "fs/namei.c",
83337+ [41003].name = "user_path_parent",
83338+ [41003].param2 = 1,
83339+ [41005].file = "net/bridge/netfilter/ebtables.c",
83340+ [41005].name = "copy_counters_to_user",
83341+ [41005].param5 = 1,
83342+ [41090].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83343+ [41090].name = "iwl_legacy_dbgfs_sram_write",
83344+ [41090].param3 = 1,
83345+ [41122].file = "fs/binfmt_misc.c",
83346+ [41122].name = "bm_status_write",
83347+ [41122].param3 = 1,
83348+ [41230].file = "drivers/usb/storage/datafab.c",
83349+ [41230].name = "datafab_read_data",
83350+ [41230].param4 = 1,
83351+ [41249].file = "drivers/media/video/zr364xx.c",
83352+ [41249].name = "send_control_msg",
83353+ [41249].param6 = 1,
83354+ [41302].file = "net/dns_resolver/dns_query.c",
83355+ [41302].name = "dns_query",
83356+ [41302].param3 = 1,
83357+ [41418].file = "fs/libfs.c",
83358+ [41418].name = "simple_attr_write",
83359+ [41418].param3 = 1,
83360+ [4155].file = "kernel/kexec.c",
83361+ [4155].name = "do_kimage_alloc",
83362+ [4155].param3 = 1,
83363+ [41592].file = "net/sctp/ssnmap.c",
83364+ [41592].name = "sctp_ssnmap_new",
83365+ [41592].param1 = 1,
83366+ [41592].param2 = 1,
83367+ [41616].file = "net/core/filter.c",
83368+ [41616].name = "sk_chk_filter",
83369+ [41616].param2 = 1,
83370+ [41676].file = "fs/compat.c",
83371+ [41676].name = "compat_sys_preadv",
83372+ [41676].param3 = 1,
83373+ [41727].file = "drivers/media/video/meye.c",
83374+ [41727].name = "rvmalloc",
83375+ [41727].param1 = 1,
83376+ [41884].file = "sound/core/oss/pcm_plugin.c",
83377+ [41884].name = "snd_pcm_plug_alloc",
83378+ [41884].param2 = 1,
83379+ [41924].file = "security/keys/keyctl.c",
83380+ [41924].name = "keyctl_get_security",
83381+ [41924].param3 = 1,
83382+ [4202].file = "drivers/edac/edac_mc.c",
83383+ [4202].name = "edac_mc_alloc",
83384+ [4202].param1 = 1,
83385+ [42143].file = "drivers/media/video/c-qcam.c",
83386+ [42143].name = "qcam_read",
83387+ [42143].param3 = 1,
83388+ [42206].file = "fs/quota/quota_tree.c",
83389+ [42206].name = "getdqbuf",
83390+ [42206].param1 = 1,
83391+ [42270].file = "net/wireless/scan.c",
83392+ [42270].name = "cfg80211_inform_bss_frame",
83393+ [42270].param4 = 1,
83394+ [4233].file = "fs/select.c",
83395+ [4233].name = "sys_poll",
83396+ [4233].param2 = 1,
83397+ [42378].file = "drivers/net/wireless/ath/ath6kl/debug.c",
83398+ [42378].name = "ath6kl_regread_write",
83399+ [42378].param3 = 1,
83400+ [42420].file = "drivers/net/wireless/hostap/hostap_ioctl.c",
83401+ [42420].name = "prism2_set_genericelement",
83402+ [42420].param3 = 1,
83403+ [42466].file = "drivers/scsi/lpfc/lpfc_debugfs.c",
83404+ [42466].name = "lpfc_idiag_cmd_get",
83405+ [42466].param2 = 1,
83406+ [42472].file = "fs/compat.c",
83407+ [42472].name = "compat_readv",
83408+ [42472].param3 = 1,
83409+ [42483].file = "drivers/media/video/videobuf-dma-sg.c",
83410+ [42483].name = "videobuf_dma_init_user_locked",
83411+ [42483].param3 = 1,
83412+ [42483].param4 = 1,
83413+ [42562].file = "kernel/kfifo.c",
83414+ [42562].name = "__kfifo_to_user_r",
83415+ [42562].param3 = 1,
83416+ [42666].file = "drivers/pcmcia/cistpl.c",
83417+ [42666].name = "read_cis_cache",
83418+ [42666].param4 = 1,
83419+ [42882].file = "security/keys/user_defined.c",
83420+ [42882].name = "user_instantiate",
83421+ [42882].param3 = 1,
83422+ [42964].file = "drivers/video/fb_sys_fops.c",
83423+ [42964].name = "fb_sys_read",
83424+ [42964].param3 = 1,
83425+ [43023].file = "drivers/usb/misc/usblcd.c",
83426+ [43023].name = "lcd_write",
83427+ [43023].param3 = 1,
83428+ [4324].file = "drivers/video/fbmem.c",
83429+ [4324].name = "fb_read",
83430+ [4324].param3 = 1,
83431+ [43380].file = "drivers/scsi/bfa/bfad_debugfs.c",
83432+ [43380].name = "bfad_debugfs_write_regrd",
83433+ [43380].param3 = 1,
83434+ [43393].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83435+ [43393].name = "iwl_dbgfs_sram_write",
83436+ [43393].param3 = 1,
83437+ [4344].file = "fs/namei.c",
83438+ [4344].name = "sys_mkdirat",
83439+ [4344].param2 = 1,
83440+ [43510].file = "kernel/kexec.c",
83441+ [43510].name = "compat_sys_kexec_load",
83442+ [43510].param2 = 1,
83443+ [43515].file = "drivers/usb/storage/jumpshot.c",
83444+ [43515].name = "jumpshot_read_data",
83445+ [43515].param4 = 1,
83446+ [43540].file = "include/rdma/ib_verbs.h",
83447+ [43540].name = "ib_copy_to_udata",
83448+ [43540].param3 = 1,
83449+ [4357].file = "security/tomoyo/securityfs_if.c",
83450+ [4357].name = "tomoyo_read_self",
83451+ [4357].param3 = 1,
83452+ [43590].file = "security/smack/smackfs.c",
83453+ [43590].name = "smk_write_onlycap",
83454+ [43590].param3 = 1,
83455+ [43596].file = "drivers/usb/core/buffer.c",
83456+ [43596].name = "hcd_buffer_alloc",
83457+ [43596].param2 = 1,
83458+ [43632].file = "drivers/media/video/videobuf2-core.c",
83459+ [43632].name = "vb2_read",
83460+ [43632].param3 = 1,
83461+ [43731].file = "drivers/hid/hid-picolcd.c",
83462+ [43731].name = "picolcd_debug_eeprom_read",
83463+ [43731].param3 = 1,
83464+ [43777].file = "drivers/acpi/acpica/utobject.c",
83465+ [43777].name = "acpi_ut_create_buffer_object",
83466+ [43777].param1 = 1,
83467+ [43834].file = "security/apparmor/apparmorfs.c",
83468+ [43834].name = "profile_replace",
83469+ [43834].param3 = 1,
83470+ [43899].file = "drivers/media/rc/imon.c",
83471+ [43899].name = "vfd_write",
83472+ [43899].param3 = 1,
83473+ [43982].file = "drivers/platform/x86/toshiba_acpi.c",
83474+ [43982].name = "keys_proc_write",
83475+ [43982].param3 = 1,
83476+ [44039].file = "drivers/video/via/viafbdev.c",
83477+ [44039].name = "odev_update",
83478+ [44039].param2 = 1,
83479+ [44050].file = "fs/nfs/idmap.c",
83480+ [44050].name = "nfs_map_group_to_gid",
83481+ [44050].param3 = 1,
83482+ [44125].file = "fs/ext4/super.c",
83483+ [44125].name = "ext4_kvmalloc",
83484+ [44125].param1 = 1,
83485+ [44180].file = "drivers/video/via/viafbdev.c",
83486+ [44180].name = "viafb_vt1636_proc_write",
83487+ [44180].param3 = 1,
83488+ [44290].file = "drivers/net/usb/dm9601.c",
83489+ [44290].name = "dm_read",
83490+ [44290].param3 = 1,
83491+ [44298].file = "drivers/scsi/pmcraid.c",
83492+ [44298].name = "pmcraid_copy_sglist",
83493+ [44298].param3 = 1,
83494+ [44365].file = "fs/namei.c",
83495+ [44365].name = "do_rmdir",
83496+ [44365].param2 = 1,
83497+ [44640].file = "fs/select.c",
83498+ [44640].name = "sys_ppoll",
83499+ [44640].param2 = 1,
83500+ [44649].file = "mm/page_cgroup.c",
83501+ [44649].name = "swap_cgroup_swapon",
83502+ [44649].param2 = 1,
83503+ [44656].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83504+ [44656].name = "iwl_legacy_dbgfs_wd_timeout_write",
83505+ [44656].param3 = 1,
83506+ [4471].file = "fs/ntfs/malloc.h",
83507+ [4471].name = "__ntfs_malloc",
83508+ [4471].param1 = 1,
83509+ [44773].file = "drivers/staging/vme/devices/vme_user.c",
83510+ [44773].name = "vme_user_write",
83511+ [44773].param3 = 1,
83512+ [44825].file = "drivers/scsi/osd/osd_initiator.c",
83513+ [44825].name = "_osd_realloc_seg",
83514+ [44825].param3 = 1,
83515+ [44943].file = "mm/util.c",
83516+ [44943].name = "kmemdup",
83517+ [44943].param2 = 1,
83518+ [44990].file = "drivers/media/video/pvrusb2/pvrusb2-ioread.c",
83519+ [44990].name = "pvr2_ioread_set_sync_key",
83520+ [44990].param3 = 1,
83521+ [45000].file = "fs/afs/proc.c",
83522+ [45000].name = "afs_proc_rootcell_write",
83523+ [45000].param3 = 1,
83524+ [45119].file = "drivers/usb/misc/yurex.c",
83525+ [45119].name = "yurex_write",
83526+ [45119].param3 = 1,
83527+ [45169].file = "drivers/video/metronomefb.c",
83528+ [45169].name = "metronomefb_write",
83529+ [45169].param3 = 1,
83530+ [45200].file = "drivers/scsi/scsi_proc.c",
83531+ [45200].name = "proc_scsi_write_proc",
83532+ [45200].param3 = 1,
83533+ [45217].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83534+ [45217].name = "iwl_dbgfs_debug_level_write",
83535+ [45217].param3 = 1,
83536+ [45231].file = "fs/ecryptfs/crypto.c",
83537+ [45231].name = "ecryptfs_copy_filename",
83538+ [45231].param4 = 1,
83539+ [45233].file = "net/rds/info.c",
83540+ [45233].name = "rds_info_getsockopt",
83541+ [45233].param3 = 1,
83542+ [45244].file = "drivers/mfd/ab3100-core.c",
83543+ [45244].name = "ab3100_get_set_reg",
83544+ [45244].param3 = 1,
83545+ [45264].file = "drivers/net/wireless/ath/ath5k/debug.c",
83546+ [45264].name = "write_file_ani",
83547+ [45264].param3 = 1,
83548+ [45326].file = "drivers/mtd/ubi/cdev.c",
83549+ [45326].name = "vol_cdev_read",
83550+ [45326].param3 = 1,
83551+ [45335].file = "fs/read_write.c",
83552+ [45335].name = "vfs_writev",
83553+ [45335].param3 = 1,
83554+ [45421].file = "drivers/message/fusion/mptctl.c",
83555+ [45421].name = "mptctl_do_mpt_command",
83556+ [45421].param3 = 1,
83557+ [45534].file = "drivers/net/wireless/ath/carl9170/cmd.c",
83558+ [45534].name = "carl9170_cmd_buf",
83559+ [45534].param3 = 1,
83560+ [45576].file = "net/netfilter/xt_recent.c",
83561+ [45576].name = "recent_mt_proc_write",
83562+ [45576].param3 = 1,
83563+ [45586].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
83564+ [45586].name = "rt2x00debug_write_bbp",
83565+ [45586].param3 = 1,
83566+ [45629].file = "lib/bch.c",
83567+ [45629].name = "bch_alloc",
83568+ [45629].param1 = 1,
83569+ [45633].file = "drivers/input/evdev.c",
83570+ [45633].name = "evdev_do_ioctl",
83571+ [45633].param2 = 1,
83572+ [45740].file = "drivers/net/wireless/ath/ath6kl/debug.c",
83573+ [45740].name = "ath6kl_lrssi_roam_write",
83574+ [45740].param3 = 1,
83575+ [45747].file = "net/netlink/af_netlink.c",
83576+ [45747].name = "__netlink_change_ngroups",
83577+ [45747].param2 = 1,
83578+ [45930].file = "security/apparmor/apparmorfs.c",
83579+ [45930].name = "profile_remove",
83580+ [45930].param3 = 1,
83581+ [45954].file = "drivers/usb/misc/legousbtower.c",
83582+ [45954].name = "tower_write",
83583+ [45954].param3 = 1,
83584+ [45995].file = "fs/namei.c",
83585+ [45995].name = "sys_mknodat",
83586+ [45995].param2 = 1,
83587+ [46072].file = "drivers/video/arcfb.c",
83588+ [46072].name = "arcfb_write",
83589+ [46072].param3 = 1,
83590+ [46140].file = "sound/core/memalloc.c",
83591+ [46140].name = "snd_mem_proc_write",
83592+ [46140].param3 = 1,
83593+ [4614].file = "sound/core/pcm_lib.c",
83594+ [4614].name = "snd_pcm_lib_write_transfer",
83595+ [4614].param5 = 1,
83596+ [4616].file = "net/sunrpc/cache.c",
83597+ [4616].name = "cache_do_downcall",
83598+ [4616].param3 = 1,
83599+ [46243].file = "fs/binfmt_misc.c",
83600+ [46243].name = "bm_register_write",
83601+ [46243].param3 = 1,
83602+ [46250].file = "fs/xattr.c",
83603+ [46250].name = "sys_getxattr",
83604+ [46250].param4 = 1,
83605+ [46343].file = "fs/compat.c",
83606+ [46343].name = "compat_do_readv_writev",
83607+ [46343].param4 = 1,
83608+ [4644].file = "drivers/net/usb/mcs7830.c",
83609+ [4644].name = "mcs7830_get_reg",
83610+ [4644].param3 = 1,
83611+ [46605].file = "sound/core/oss/pcm_oss.c",
83612+ [46605].name = "snd_pcm_oss_sync1",
83613+ [46605].param2 = 1,
83614+ [46630].file = "net/decnet/af_decnet.c",
83615+ [46630].name = "__dn_setsockopt",
83616+ [46630].param5 = 1,
83617+ [46655].file = "drivers/media/video/hdpvr/hdpvr-video.c",
83618+ [46655].name = "hdpvr_read",
83619+ [46655].param3 = 1,
83620+ [46685].file = "drivers/gpu/drm/ttm/ttm_bo_vm.c",
83621+ [46685].name = "ttm_bo_fbdev_io",
83622+ [46685].param4 = 1,
83623+ [46752].file = "drivers/staging/pohmelfs/dir.c",
83624+ [46752].name = "pohmelfs_name_alloc",
83625+ [46752].param1 = 1,
83626+ [46881].file = "drivers/char/lp.c",
83627+ [46881].name = "lp_write",
83628+ [46881].param3 = 1,
83629+ [47130].file = "kernel/kfifo.c",
83630+ [47130].name = "kfifo_copy_to_user",
83631+ [47130].param3 = 1,
83632+ [47265].file = "drivers/scsi/bnx2fc/bnx2fc_io.c",
83633+ [47265].name = "bnx2fc_cmd_mgr_alloc",
83634+ [47265].param2 = 1,
83635+ [47265].param3 = 1,
83636+ [47342].file = "fs/proc/base.c",
83637+ [47342].name = "sched_autogroup_write",
83638+ [47342].param3 = 1,
83639+ [47363].file = "drivers/input/evdev.c",
83640+ [47363].name = "evdev_ioctl_handler",
83641+ [47363].param2 = 1,
83642+ [47385].file = "drivers/net/wireless/zd1211rw/zd_usb.c",
83643+ [47385].name = "zd_usb_iowrite16v",
83644+ [47385].param3 = 1,
83645+ [47463].file = "fs/xfs/kmem.c",
83646+ [47463].name = "kmem_zalloc",
83647+ [47463].param1 = 1,
83648+ [47636].file = "drivers/usb/class/usblp.c",
83649+ [47636].name = "usblp_ioctl",
83650+ [47636].param2 = 1,
83651+ [47637].file = "drivers/block/cciss.c",
83652+ [47637].name = "cciss_proc_write",
83653+ [47637].param3 = 1,
83654+ [47652].file = "lib/kstrtox.c",
83655+ [47652].name = "kstrtoll_from_user",
83656+ [47652].param2 = 1,
83657+ [47881].file = "security/selinux/selinuxfs.c",
83658+ [47881].name = "sel_write_disable",
83659+ [47881].param3 = 1,
83660+ [48010].file = "drivers/net/wireless/ath/ath9k/debug.c",
83661+ [48010].name = "write_file_rx_chainmask",
83662+ [48010].param3 = 1,
83663+ [48155].file = "net/sctp/sm_make_chunk.c",
83664+ [48155].name = "sctp_make_abort_user",
83665+ [48155].param3 = 1,
83666+ [48182].file = "crypto/cryptd.c",
83667+ [48182].name = "cryptd_alloc_instance",
83668+ [48182].param2 = 1,
83669+ [48248].file = "security/keys/keyctl.c",
83670+ [48248].name = "keyctl_instantiate_key",
83671+ [48248].param3 = 1,
83672+ [48461].file = "drivers/gpu/drm/drm_memory.c",
83673+ [48461].name = "agp_remap",
83674+ [48461].param2 = 1,
83675+ [48642].file = "fs/hugetlbfs/inode.c",
83676+ [48642].name = "hugetlbfs_read",
83677+ [48642].param3 = 1,
83678+ [48720].file = "drivers/gpu/drm/i915/i915_debugfs.c",
83679+ [48720].name = "i915_max_freq_write",
83680+ [48720].param3 = 1,
83681+ [48768].file = "net/irda/irnet/irnet_ppp.c",
83682+ [48768].name = "dev_irnet_write",
83683+ [48768].param3 = 1,
83684+ [48856].file = "drivers/acpi/acpica/utalloc.c",
83685+ [48856].name = "acpi_ut_initialize_buffer",
83686+ [48856].param2 = 1,
83687+ [48941].file = "drivers/gpu/drm/nouveau/nouveau_vm.c",
83688+ [48941].name = "nouveau_vm_new",
83689+ [48941].param2 = 1,
83690+ [48941].param3 = 1,
83691+ [49126].file = "lib/prio_heap.c",
83692+ [49126].name = "heap_init",
83693+ [49126].param2 = 1,
83694+ [49143].file = "sound/core/oss/pcm_oss.c",
83695+ [49143].name = "snd_pcm_oss_write2",
83696+ [49143].param3 = 1,
83697+ [49216].file = "fs/read_write.c",
83698+ [49216].name = "do_readv_writev",
83699+ [49216].param4 = 1,
83700+ [49354].file = "drivers/media/video/cx18/cx18-fileops.c",
83701+ [49354].name = "cx18_v4l2_read",
83702+ [49354].param3 = 1,
83703+ [49448].file = "drivers/isdn/gigaset/common.c",
83704+ [49448].name = "gigaset_initdriver",
83705+ [49448].param2 = 1,
83706+ [49494].file = "drivers/virtio/virtio_ring.c",
83707+ [49494].name = "vring_new_virtqueue",
83708+ [49494].param1 = 1,
83709+ [49507].file = "fs/namei.c",
83710+ [49507].name = "sys_symlink",
83711+ [49507].param1 = 1,
83712+ [49604].file = "crypto/af_alg.c",
83713+ [49604].name = "alg_setsockopt",
83714+ [49604].param5 = 1,
83715+ [49646].file = "drivers/tty/vt/vt.c",
83716+ [49646].name = "vc_resize",
83717+ [49646].param2 = 1,
83718+ [49646].param3 = 1,
83719+ [49663].file = "drivers/media/video/uvc/uvc_driver.c",
83720+ [49663].name = "uvc_simplify_fraction",
83721+ [49663].param3 = 1,
83722+ [49718].file = "drivers/hid/hid-roccat-common.c",
83723+ [49718].name = "roccat_common_send",
83724+ [49718].param4 = 1,
83725+ [4972].file = "drivers/video/fb_sys_fops.c",
83726+ [4972].name = "fb_sys_write",
83727+ [4972].param3 = 1,
83728+ [49746].file = "net/ipv4/netfilter/arp_tables.c",
83729+ [49746].name = "compat_do_arpt_set_ctl",
83730+ [49746].param4 = 1,
83731+ [49780].file = "net/mac80211/key.c",
83732+ [49780].name = "ieee80211_key_alloc",
83733+ [49780].param3 = 1,
83734+ [49845].file = "mm/vmalloc.c",
83735+ [49845].name = "__vmalloc_node",
83736+ [49845].param1 = 1,
83737+ [49935].file = "fs/xfs/kmem.c",
83738+ [49935].name = "kmem_zalloc_greedy",
83739+ [49935].param2 = 1,
83740+ [49935].param3 = 1,
83741+ [50001].file = "sound/pci/ctxfi/ctresource.c",
83742+ [50001].name = "rsc_mgr_init",
83743+ [50001].param3 = 1,
83744+ [50022].file = "drivers/usb/storage/shuttle_usbat.c",
83745+ [50022].name = "usbat_flash_read_data",
83746+ [50022].param4 = 1,
83747+ [50096].file = "drivers/net/wireless/libertas/debugfs.c",
83748+ [50096].name = "lbs_rdbbp_write",
83749+ [50096].param3 = 1,
83750+ [50102].file = "drivers/telephony/ixj.c",
83751+ [50102].name = "ixj_write",
83752+ [50102].param3 = 1,
83753+ [50238].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83754+ [50238].name = "iwl_legacy_dbgfs_clear_ucode_statistics_write",
83755+ [50238].param3 = 1,
83756+ [50267].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
83757+ [50267].name = "rt2x00debug_read_crypto_stats",
83758+ [50267].param3 = 1,
83759+ [50398].file = "fs/proc/base.c",
83760+ [50398].name = "mem_write",
83761+ [50398].param3 = 1,
83762+ [50518].file = "drivers/gpu/drm/nouveau/nouveau_gem.c",
83763+ [50518].name = "u_memcpya",
83764+ [50518].param2 = 1,
83765+ [50518].param3 = 1,
83766+ [5052].file = "drivers/char/ppdev.c",
83767+ [5052].name = "pp_read",
83768+ [5052].param3 = 1,
83769+ [50562].file = "drivers/media/video/zoran/zoran_procfs.c",
83770+ [50562].name = "zoran_write",
83771+ [50562].param3 = 1,
83772+ [50653].file = "net/sunrpc/cache.c",
83773+ [50653].name = "cache_write_procfs",
83774+ [50653].param3 = 1,
83775+ [50692].file = "lib/ts_bm.c",
83776+ [50692].name = "bm_init",
83777+ [50692].param2 = 1,
83778+ [50813].file = "mm/vmalloc.c",
83779+ [50813].name = "__vmalloc_node_flags",
83780+ [50813].param1 = 1,
83781+ [5087].file = "drivers/atm/solos-pci.c",
83782+ [5087].name = "console_store",
83783+ [5087].param4 = 1,
83784+ [5102].file = "drivers/usb/misc/usbtest.c",
83785+ [5102].name = "usbtest_alloc_urb",
83786+ [5102].param3 = 1,
83787+ [5102].param5 = 1,
83788+ [51052].file = "drivers/base/firmware_class.c",
83789+ [51052].name = "firmware_data_write",
83790+ [51052].param6 = 1,
83791+ [51177].file = "net/sunrpc/xprtrdma/transport.c",
83792+ [51177].name = "xprt_rdma_allocate",
83793+ [51177].param2 = 1,
83794+ [51182].file = "drivers/misc/sgi-xp/xpc_main.c",
83795+ [51182].name = "xpc_kzalloc_cacheline_aligned",
83796+ [51182].param1 = 1,
83797+ [51250].file = "fs/read_write.c",
83798+ [51250].name = "rw_copy_check_uvector",
83799+ [51250].param3 = 1,
83800+ [51253].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
83801+ [51253].name = "rt2x00debug_write_eeprom",
83802+ [51253].param3 = 1,
83803+ [51284].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83804+ [51284].name = "iwl_legacy_dbgfs_interrupt_write",
83805+ [51284].param3 = 1,
83806+ [51323].file = "sound/pci/ac97/ac97_pcm.c",
83807+ [51323].name = "snd_ac97_pcm_assign",
83808+ [51323].param2 = 1,
83809+ [51340].file = "drivers/usb/class/usblp.c",
83810+ [51340].name = "usblp_write",
83811+ [51340].param3 = 1,
83812+ [51471].file = "drivers/block/floppy.c",
83813+ [51471].name = "fd_locked_ioctl",
83814+ [51471].param3 = 1,
83815+ [5197].file = "net/core/dev.c",
83816+ [5197].name = "dev_set_alias",
83817+ [5197].param3 = 1,
83818+ [51998].file = "drivers/net/macvtap.c",
83819+ [51998].name = "macvtap_get_user",
83820+ [51998].param4 = 1,
83821+ [5204].file = "drivers/media/video/usbvision/usbvision-video.c",
83822+ [5204].name = "usbvision_v4l2_read",
83823+ [5204].param3 = 1,
83824+ [52086].file = "drivers/usb/image/mdc800.c",
83825+ [52086].name = "mdc800_device_read",
83826+ [52086].param3 = 1,
83827+ [52172].file = "drivers/pcmcia/cistpl.c",
83828+ [52172].name = "pccard_store_cis",
83829+ [52172].param6 = 1,
83830+ [52173].file = "drivers/misc/ibmasm/ibmasmfs.c",
83831+ [52173].name = "remote_settings_file_write",
83832+ [52173].param3 = 1,
83833+ [52199].file = "mm/nobootmem.c",
83834+ [52199].name = "__alloc_bootmem",
83835+ [52199].param1 = 1,
83836+ [52201].file = "drivers/video/via/viafbdev.c",
83837+ [52201].name = "viafb_dvp0_proc_write",
83838+ [52201].param3 = 1,
83839+ [5233].file = "include/linux/poll.h",
83840+ [5233].name = "set_fd_set",
83841+ [5233].param1 = 1,
83842+ [52343].file = "drivers/usb/misc/adutux.c",
83843+ [52343].name = "adu_read",
83844+ [52343].param3 = 1,
83845+ [52364].file = "sound/core/pcm_lib.c",
83846+ [52364].name = "snd_pcm_lib_readv_transfer",
83847+ [52364].param5 = 1,
83848+ [52401].file = "drivers/staging/rtl8712/rtl871x_ioctl_linux.c",
83849+ [52401].name = "r871x_set_wpa_ie",
83850+ [52401].param3 = 1,
83851+ [52699].file = "lib/ts_fsm.c",
83852+ [52699].name = "fsm_init",
83853+ [52699].param2 = 1,
83854+ [52721].file = "security/keys/encrypted-keys/encrypted.c",
83855+ [52721].name = "encrypted_instantiate",
83856+ [52721].param3 = 1,
83857+ [53041].file = "fs/libfs.c",
83858+ [53041].name = "simple_transaction_get",
83859+ [53041].param3 = 1,
83860+ [5313].file = "fs/gfs2/quota.c",
83861+ [5313].name = "do_sync",
83862+ [5313].param1 = 1,
83863+ [53209].file = "drivers/usb/host/ehci-sched.c",
83864+ [53209].name = "iso_sched_alloc",
83865+ [53209].param1 = 1,
83866+ [53302].file = "drivers/firewire/core-cdev.c",
83867+ [53302].name = "dispatch_ioctl",
83868+ [53302].param2 = 1,
83869+ [53355].file = "fs/ceph/dir.c",
83870+ [53355].name = "ceph_read_dir",
83871+ [53355].param3 = 1,
83872+ [53405].file = "drivers/media/video/videobuf-core.c",
83873+ [53405].name = "__videobuf_copy_to_user",
83874+ [53405].param4 = 1,
83875+ [53407].file = "net/wireless/sme.c",
83876+ [53407].name = "cfg80211_connect_result",
83877+ [53407].param4 = 1,
83878+ [53407].param6 = 1,
83879+ [53426].file = "fs/libfs.c",
83880+ [53426].name = "simple_transaction_read",
83881+ [53426].param3 = 1,
83882+ [5344].file = "security/selinux/ss/hashtab.c",
83883+ [5344].name = "hashtab_create",
83884+ [5344].param3 = 1,
83885+ [53468].file = "drivers/char/mem.c",
83886+ [53468].name = "write_mem",
83887+ [53468].param3 = 1,
83888+ [53513].file = "drivers/mmc/core/mmc_ops.c",
83889+ [53513].name = "mmc_send_bus_test",
83890+ [53513].param4 = 1,
83891+ [53539].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
83892+ [53539].name = "iwl_dbgfs_txfifo_flush_write",
83893+ [53539].param3 = 1,
83894+ [53626].file = "drivers/block/paride/pg.c",
83895+ [53626].name = "pg_read",
83896+ [53626].param3 = 1,
83897+ [53631].file = "mm/util.c",
83898+ [53631].name = "memdup_user",
83899+ [53631].param2 = 1,
83900+ [53680].file = "lib/kstrtox.c",
83901+ [53680].name = "kstrtol_from_user",
83902+ [53680].param2 = 1,
83903+ [5389].file = "drivers/infiniband/core/uverbs_cmd.c",
83904+ [5389].name = "ib_uverbs_unmarshall_recv",
83905+ [5389].param5 = 1,
83906+ [53901].file = "net/rds/message.c",
83907+ [53901].name = "rds_message_alloc",
83908+ [53901].param1 = 1,
83909+ [53904].file = "fs/namei.c",
83910+ [53904].name = "sys_unlink",
83911+ [53904].param1 = 1,
83912+ [5410].file = "kernel/kexec.c",
83913+ [5410].name = "sys_kexec_load",
83914+ [5410].param2 = 1,
83915+ [54182].file = "drivers/block/rbd.c",
83916+ [54182].name = "rbd_snap_add",
83917+ [54182].param4 = 1,
83918+ [5419].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
83919+ [5419].name = "iwl_legacy_dbgfs_disable_ht40_write",
83920+ [5419].param3 = 1,
83921+ [54201].file = "drivers/platform/x86/asus_acpi.c",
83922+ [54201].name = "mled_proc_write",
83923+ [54201].param3 = 1,
83924+ [5422].file = "fs/namei.c",
83925+ [5422].name = "do_unlinkat",
83926+ [5422].param2 = 1,
83927+ [54252].file = "drivers/scsi/st.c",
83928+ [54252].name = "st_write",
83929+ [54252].param3 = 1,
83930+ [54263].file = "security/keys/trusted.c",
83931+ [54263].name = "trusted_instantiate",
83932+ [54263].param3 = 1,
83933+ [54298].file = "drivers/usb/wusbcore/crypto.c",
83934+ [54298].name = "wusb_ccm_mac",
83935+ [54298].param7 = 1,
83936+ [54318].file = "include/drm/drm_mem_util.h",
83937+ [54318].name = "drm_malloc_ab",
83938+ [54318].param1 = 1,
83939+ [54318].param2 = 1,
83940+ [54335].file = "drivers/md/dm-table.c",
83941+ [54335].name = "dm_vcalloc",
83942+ [54335].param1 = 1,
83943+ [54335].param2 = 1,
83944+ [54339].file = "security/smack/smackfs.c",
83945+ [54339].name = "smk_write_cipso",
83946+ [54339].param3 = 1,
83947+ [5438].file = "sound/core/memory.c",
83948+ [5438].name = "copy_to_user_fromio",
83949+ [5438].param3 = 1,
83950+ [54401].file = "lib/dynamic_debug.c",
83951+ [54401].name = "ddebug_proc_write",
83952+ [54401].param3 = 1,
83953+ [54427].file = "drivers/usb/storage/jumpshot.c",
83954+ [54427].name = "jumpshot_write_data",
83955+ [54427].param4 = 1,
83956+ [54467].file = "net/packet/af_packet.c",
83957+ [54467].name = "packet_setsockopt",
83958+ [54467].param5 = 1,
83959+ [54573].file = "ipc/sem.c",
83960+ [54573].name = "sys_semop",
83961+ [54573].param3 = 1,
83962+ [54643].file = "drivers/isdn/hardware/eicon/divasi.c",
83963+ [54643].name = "um_idi_write",
83964+ [54643].param3 = 1,
83965+ [54657].file = "mm/migrate.c",
83966+ [54657].name = "do_pages_stat",
83967+ [54657].param2 = 1,
83968+ [54663].file = "drivers/isdn/hardware/eicon/platform.h",
83969+ [54663].name = "diva_os_malloc",
83970+ [54663].param2 = 1,
83971+ [54751].file = "drivers/infiniband/core/device.c",
83972+ [54751].name = "ib_alloc_device",
83973+ [54751].param1 = 1,
83974+ [54806].file = "drivers/scsi/lpfc/lpfc_debugfs.c",
83975+ [54806].name = "lpfc_debugfs_dif_err_write",
83976+ [54806].param3 = 1,
83977+ [5494].file = "fs/cifs/cifsacl.c",
83978+ [5494].name = "cifs_idmap_key_instantiate",
83979+ [5494].param3 = 1,
83980+ [55066].file = "net/ipv6/ipv6_sockglue.c",
83981+ [55066].name = "do_ipv6_setsockopt",
83982+ [55066].param5 = 1,
83983+ [55105].file = "drivers/base/devres.c",
83984+ [55105].name = "devres_alloc",
83985+ [55105].param2 = 1,
83986+ [55115].file = "net/sctp/probe.c",
83987+ [55115].name = "sctpprobe_read",
83988+ [55115].param3 = 1,
83989+ [55155].file = "net/bluetooth/rfcomm/sock.c",
83990+ [55155].name = "rfcomm_sock_setsockopt",
83991+ [55155].param5 = 1,
83992+ [55187].file = "security/keys/keyctl.c",
83993+ [55187].name = "keyctl_describe_key",
83994+ [55187].param3 = 1,
83995+ [5524].file = "lib/kstrtox.c",
83996+ [5524].name = "kstrtos8_from_user",
83997+ [5524].param2 = 1,
83998+ [55253].file = "drivers/net/wireless/ray_cs.c",
83999+ [55253].name = "ray_cs_essid_proc_write",
84000+ [55253].param3 = 1,
84001+ [5548].file = "drivers/media/media-entity.c",
84002+ [5548].name = "media_entity_init",
84003+ [5548].param2 = 1,
84004+ [5548].param4 = 1,
84005+ [55580].file = "drivers/usb/mon/mon_bin.c",
84006+ [55580].name = "copy_from_buf",
84007+ [55580].param2 = 1,
84008+ [55682].file = "drivers/net/wireless/libertas/debugfs.c",
84009+ [55682].name = "lbs_host_sleep_write",
84010+ [55682].param3 = 1,
84011+ [55712].file = "drivers/char/mem.c",
84012+ [55712].name = "read_zero",
84013+ [55712].param3 = 1,
84014+ [55857].file = "drivers/net/wireless/ath/ath9k/debug.c",
84015+ [55857].name = "write_file_tx_chainmask",
84016+ [55857].param3 = 1,
84017+ [55978].file = "drivers/usb/misc/iowarrior.c",
84018+ [55978].name = "iowarrior_write",
84019+ [55978].param3 = 1,
84020+ [5599].file = "drivers/char/random.c",
84021+ [5599].name = "write_pool",
84022+ [5599].param3 = 1,
84023+ [56090].file = "drivers/media/video/videobuf-dma-sg.c",
84024+ [56090].name = "__videobuf_alloc_vb",
84025+ [56090].param1 = 1,
84026+ [56199].file = "fs/binfmt_misc.c",
84027+ [56199].name = "parse_command",
84028+ [56199].param2 = 1,
84029+ [56218].file = "drivers/mmc/card/mmc_test.c",
84030+ [56218].name = "mtf_test_write",
84031+ [56218].param3 = 1,
84032+ [56416].file = "drivers/misc/lkdtm.c",
84033+ [56416].name = "do_register_entry",
84034+ [56416].param4 = 1,
84035+ [56432].file = "drivers/mfd/aat2870-core.c",
84036+ [56432].name = "aat2870_reg_write_file",
84037+ [56432].param3 = 1,
84038+ [56471].file = "include/linux/slab.h",
84039+ [56471].name = "kcalloc",
84040+ [56471].param1 = 1,
84041+ [56471].param2 = 1,
84042+ [56513].file = "fs/cifs/connect.c",
84043+ [56513].name = "cifs_readv_from_socket",
84044+ [56513].param3 = 1,
84045+ [56544].file = "drivers/block/drbd/drbd_receiver.c",
84046+ [56544].name = "receive_DataRequest",
84047+ [56544].param3 = 1,
84048+ [5661].file = "lib/dma-debug.c",
84049+ [5661].name = "filter_write",
84050+ [5661].param3 = 1,
84051+ [56672].file = "drivers/char/agp/generic.c",
84052+ [56672].name = "agp_alloc_page_array",
84053+ [56672].param1 = 1,
84054+ [56843].file = "drivers/scsi/scsi_transport_iscsi.c",
84055+ [56843].name = "iscsi_recv_pdu",
84056+ [56843].param4 = 1,
84057+ [57120].file = "lib/kstrtox.c",
84058+ [57120].name = "kstrtouint_from_user",
84059+ [57120].param2 = 1,
84060+ [57128].file = "drivers/pnp/pnpbios/proc.c",
84061+ [57128].name = "pnpbios_proc_write",
84062+ [57128].param3 = 1,
84063+ [57190].file = "drivers/char/agp/generic.c",
84064+ [57190].name = "agp_generic_alloc_user",
84065+ [57190].param1 = 1,
84066+ [57471].file = "drivers/media/video/sn9c102/sn9c102_core.c",
84067+ [57471].name = "sn9c102_read",
84068+ [57471].param3 = 1,
84069+ [57605].file = "net/netlink/af_netlink.c",
84070+ [57605].name = "netlink_kernel_create",
84071+ [57605].param3 = 1,
84072+ [57670].file = "drivers/bluetooth/btmrvl_debugfs.c",
84073+ [57670].name = "btmrvl_pscmd_write",
84074+ [57670].param3 = 1,
84075+ [57675].file = "drivers/net/wireless/ath/ath9k/debug.c",
84076+ [57675].name = "write_file_regidx",
84077+ [57675].param3 = 1,
84078+ [57724].file = "net/bluetooth/hci_sock.c",
84079+ [57724].name = "hci_sock_setsockopt",
84080+ [57724].param5 = 1,
84081+ [57748].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
84082+ [57748].name = "iwl_dbgfs_missed_beacon_write",
84083+ [57748].param3 = 1,
84084+ [57786].file = "net/ipv6/netfilter/ip6_tables.c",
84085+ [57786].name = "compat_do_ip6t_set_ctl",
84086+ [57786].param4 = 1,
84087+ [57872].file = "fs/ceph/xattr.c",
84088+ [57872].name = "ceph_setxattr",
84089+ [57872].param4 = 1,
84090+ [57927].file = "fs/read_write.c",
84091+ [57927].name = "sys_preadv",
84092+ [57927].param3 = 1,
84093+ [58020].file = "drivers/firewire/core-cdev.c",
84094+ [58020].name = "fw_device_op_ioctl",
84095+ [58020].param2 = 1,
84096+ [58043].file = "kernel/auditfilter.c",
84097+ [58043].name = "audit_unpack_string",
84098+ [58043].param3 = 1,
84099+ [5805].file = "drivers/xen/grant-table.c",
84100+ [5805].name = "gnttab_alloc_grant_references",
84101+ [5805].param1 = 1,
84102+ [58087].file = "kernel/module.c",
84103+ [58087].name = "module_alloc_update_bounds_rw",
84104+ [58087].param1 = 1,
84105+ [58107].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
84106+ [58107].name = "iwl_dbgfs_sleep_level_override_write",
84107+ [58107].param3 = 1,
84108+ [58124].file = "drivers/usb/misc/usbtest.c",
84109+ [58124].name = "ctrl_out",
84110+ [58124].param3 = 1,
84111+ [58124].param5 = 1,
84112+ [58263].file = "security/keys/keyring.c",
84113+ [58263].name = "keyring_read",
84114+ [58263].param3 = 1,
84115+ [58278].file = "drivers/net/wireless/iwlwifi/iwl-trans-pcie.c",
84116+ [58278].name = "iwl_dbgfs_log_event_write",
84117+ [58278].param3 = 1,
84118+ [5830].file = "drivers/gpu/vga/vga_switcheroo.c",
84119+ [5830].name = "vga_switcheroo_debugfs_write",
84120+ [5830].param3 = 1,
84121+ [58320].file = "drivers/scsi/scsi_proc.c",
84122+ [58320].name = "proc_scsi_write",
84123+ [58320].param3 = 1,
84124+ [58344].file = "net/sunrpc/cache.c",
84125+ [58344].name = "read_flush",
84126+ [58344].param3 = 1,
84127+ [58392].file = "fs/namei.c",
84128+ [58392].name = "getname_flags",
84129+ [58392].param1 = 1,
84130+ [58418].file = "kernel/module.c",
84131+ [58418].name = "sys_init_module",
84132+ [58418].param2 = 1,
84133+ [58502].file = "sound/core/sgbuf.c",
84134+ [58502].name = "snd_malloc_sgbuf_pages",
84135+ [58502].param2 = 1,
84136+ [58597].file = "kernel/kfifo.c",
84137+ [58597].name = "__kfifo_to_user",
84138+ [58597].param3 = 1,
84139+ [58641].file = "drivers/usb/misc/adutux.c",
84140+ [58641].name = "adu_write",
84141+ [58641].param3 = 1,
84142+ [58709].file = "fs/compat.c",
84143+ [58709].name = "compat_sys_pwritev",
84144+ [58709].param3 = 1,
84145+ [58769].file = "drivers/net/wireless/zd1211rw/zd_usb.c",
84146+ [58769].name = "zd_usb_read_fw",
84147+ [58769].param4 = 1,
84148+ [5876].file = "drivers/net/ppp/ppp_generic.c",
84149+ [5876].name = "ppp_write",
84150+ [5876].param3 = 1,
84151+ [58826].file = "net/sunrpc/xprt.c",
84152+ [58826].name = "xprt_alloc",
84153+ [58826].param2 = 1,
84154+ [58867].file = "drivers/platform/x86/asus_acpi.c",
84155+ [58867].name = "wled_proc_write",
84156+ [58867].param3 = 1,
84157+ [58878].file = "drivers/net/wireless/libertas/debugfs.c",
84158+ [58878].name = "lbs_wrbbp_write",
84159+ [58878].param3 = 1,
84160+ [58888].file = "fs/xattr.c",
84161+ [58888].name = "listxattr",
84162+ [58888].param3 = 1,
84163+ [58912].file = "drivers/lguest/core.c",
84164+ [58912].name = "__lgwrite",
84165+ [58912].param4 = 1,
84166+ [58918].file = "sound/core/pcm_native.c",
84167+ [58918].name = "snd_pcm_aio_write",
84168+ [58918].param3 = 1,
84169+ [58919].file = "net/netlabel/netlabel_unlabeled.c",
84170+ [58919].name = "netlbl_unlabel_init",
84171+ [58919].param1 = 1,
84172+ [58942].file = "drivers/block/aoe/aoedev.c",
84173+ [58942].name = "aoedev_flush",
84174+ [58942].param2 = 1,
84175+ [58958].file = "fs/fuse/control.c",
84176+ [58958].name = "fuse_conn_limit_write",
84177+ [58958].param3 = 1,
84178+ [58].file = "lib/kstrtox.c",
84179+ [58].name = "kstrtoull_from_user",
84180+ [58].param2 = 1,
84181+ [59034].file = "drivers/acpi/acpica/dsobject.c",
84182+ [59034].name = "acpi_ds_build_internal_package_obj",
84183+ [59034].param3 = 1,
84184+ [59073].file = "drivers/staging/speakup/i18n.c",
84185+ [59073].name = "msg_set",
84186+ [59073].param3 = 1,
84187+ [59108].file = "drivers/net/wireless/ath/ath5k/debug.c",
84188+ [59108].name = "write_file_queue",
84189+ [59108].param3 = 1,
84190+ [59297].file = "drivers/media/dvb/ttpci/av7110_av.c",
84191+ [59297].name = "dvb_play",
84192+ [59297].param3 = 1,
84193+ [59472].file = "drivers/misc/ibmasm/ibmasmfs.c",
84194+ [59472].name = "command_file_write",
84195+ [59472].param3 = 1,
84196+ [59505].file = "drivers/media/video/pvrusb2/pvrusb2-ioread.c",
84197+ [59505].name = "pvr2_ioread_read",
84198+ [59505].param3 = 1,
84199+ [59681].file = "fs/xfs/kmem.c",
84200+ [59681].name = "kmem_alloc",
84201+ [59681].param1 = 1,
84202+ [5968].file = "net/sunrpc/sched.c",
84203+ [5968].name = "rpc_malloc",
84204+ [5968].param2 = 1,
84205+ [59794].file = "mm/mincore.c",
84206+ [59794].name = "sys_mincore",
84207+ [59794].param1 = 1,
84208+ [59794].param2 = 1,
84209+ [59838].file = "net/netlink/af_netlink.c",
84210+ [59838].name = "nl_pid_hash_zalloc",
84211+ [59838].param1 = 1,
84212+ [59856].file = "drivers/base/devres.c",
84213+ [59856].name = "devm_kzalloc",
84214+ [59856].param2 = 1,
84215+ [59991].file = "drivers/media/video/uvc/uvc_queue.c",
84216+ [59991].name = "uvc_alloc_buffers",
84217+ [59991].param2 = 1,
84218+ [59991].param3 = 1,
84219+ [60005].file = "fs/namei.c",
84220+ [60005].name = "getname",
84221+ [60005].param1 = 1,
84222+ [60066].file = "mm/filemap.c",
84223+ [60066].name = "iov_iter_copy_from_user",
84224+ [60066].param4 = 1,
84225+ [60198].file = "fs/nfs/nfs4proc.c",
84226+ [60198].name = "nfs4_write_cached_acl",
84227+ [60198].param3 = 1,
84228+ [60330].file = "drivers/media/video/w9966.c",
84229+ [60330].name = "w9966_v4l_read",
84230+ [60330].param3 = 1,
84231+ [6041].file = "drivers/mtd/mtdchar.c",
84232+ [6041].name = "mtd_write",
84233+ [6041].param3 = 1,
84234+ [60436].file = "drivers/net/macvtap.c",
84235+ [60436].name = "macvtap_sendmsg",
84236+ [60436].param4 = 1,
84237+ [60483].file = "drivers/char/virtio_console.c",
84238+ [60483].name = "fill_readbuf",
84239+ [60483].param3 = 1,
84240+ [604].file = "drivers/staging/rtl8712/usb_ops_linux.c",
84241+ [604].name = "r8712_usbctrl_vendorreq",
84242+ [604].param6 = 1,
84243+ [60543].file = "drivers/usb/class/usbtmc.c",
84244+ [60543].name = "usbtmc_read",
84245+ [60543].param3 = 1,
84246+ [60683].file = "sound/drivers/opl4/opl4_proc.c",
84247+ [60683].name = "snd_opl4_mem_proc_write",
84248+ [60683].param5 = 1,
84249+ [60693].file = "drivers/misc/hpilo.c",
84250+ [60693].name = "ilo_read",
84251+ [60693].param3 = 1,
84252+ [60744].file = "sound/pci/emu10k1/emuproc.c",
84253+ [60744].name = "snd_emu10k1_fx8010_read",
84254+ [60744].param5 = 1,
84255+ [60833].file = "drivers/block/aoe/aoenet.c",
84256+ [60833].name = "set_aoe_iflist",
84257+ [60833].param2 = 1,
84258+ [60878].file = "drivers/net/wireless/rt2x00/rt2x00debug.c",
84259+ [60878].name = "rt2x00debug_read_queue_dump",
84260+ [60878].param3 = 1,
84261+ [60882].file = "drivers/input/joydev.c",
84262+ [60882].name = "joydev_compat_ioctl",
84263+ [60882].param2 = 1,
84264+ [60891].file = "kernel/sched.c",
84265+ [60891].name = "sys_sched_setaffinity",
84266+ [60891].param2 = 1,
84267+ [60927].file = "drivers/net/wireless/ath/ath9k/debug.c",
84268+ [60927].name = "write_file_disable_ani",
84269+ [60927].param3 = 1,
84270+ [60928].file = "drivers/staging/bcm/Bcmchar.c",
84271+ [60928].name = "bcm_char_read",
84272+ [60928].param3 = 1,
84273+ [61058].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
84274+ [61058].name = "iwl_dbgfs_disable_ht40_write",
84275+ [61058].param3 = 1,
84276+ [61120].file = "drivers/char/mem.c",
84277+ [61120].name = "read_mem",
84278+ [61120].param3 = 1,
84279+ [61222].file = "net/sunrpc/rpc_pipe.c",
84280+ [61222].name = "rpc_pipe_generic_upcall",
84281+ [61222].param4 = 1,
84282+ [61254].file = "drivers/scsi/scsi_devinfo.c",
84283+ [61254].name = "proc_scsi_devinfo_write",
84284+ [61254].param3 = 1,
84285+ [61283].file = "drivers/net/wireless/ath/ath6kl/debug.c",
84286+ [61283].name = "ath6kl_fwlog_read",
84287+ [61283].param3 = 1,
84288+ [61289].file = "security/apparmor/apparmorfs.c",
84289+ [61289].name = "aa_simple_write_to_buffer",
84290+ [61289].param4 = 1,
84291+ [61389].file = "include/linux/slab.h",
84292+ [61389].name = "kzalloc_node",
84293+ [61389].param1 = 1,
84294+ [61546].file = "mm/filemap.c",
84295+ [61546].name = "__iovec_copy_from_user_inatomic",
84296+ [61546].param3 = 1,
84297+ [61546].param4 = 1,
84298+ [61552].file = "drivers/input/evdev.c",
84299+ [61552].name = "str_to_user",
84300+ [61552].param2 = 1,
84301+ [61673].file = "security/keys/trusted.c",
84302+ [61673].name = "trusted_update",
84303+ [61673].param3 = 1,
84304+ [61676].file = "kernel/module.c",
84305+ [61676].name = "module_alloc_update_bounds_rx",
84306+ [61676].param1 = 1,
84307+ [61770].file = "drivers/media/video/et61x251/et61x251_core.c",
84308+ [61770].name = "et61x251_read",
84309+ [61770].param3 = 1,
84310+ [6186].file = "drivers/char/mem.c",
84311+ [6186].name = "read_kmem",
84312+ [6186].param3 = 1,
84313+ [61932].file = "drivers/message/fusion/mptctl.c",
84314+ [61932].name = "__mptctl_ioctl",
84315+ [61932].param2 = 1,
84316+ [62081].file = "drivers/net/irda/vlsi_ir.c",
84317+ [62081].name = "vlsi_alloc_ring",
84318+ [62081].param3 = 1,
84319+ [62116].file = "fs/libfs.c",
84320+ [62116].name = "simple_attr_read",
84321+ [62116].param3 = 1,
84322+ [6225].file = "drivers/block/floppy.c",
84323+ [6225].name = "fd_ioctl",
84324+ [6225].param3 = 1,
84325+ [62294].file = "sound/core/info.c",
84326+ [62294].name = "resize_info_buffer",
84327+ [62294].param2 = 1,
84328+ [62378].file = "net/ipv4/tcp.c",
84329+ [62378].name = "do_tcp_setsockopt",
84330+ [62378].param5 = 1,
84331+ [62387].file = "fs/nfs/idmap.c",
84332+ [62387].name = "nfs_idmap_lookup_id",
84333+ [62387].param2 = 1,
84334+ [62453].file = "fs/namei.c",
84335+ [62453].name = "user_path_create",
84336+ [62453].param2 = 1,
84337+ [62495].file = "drivers/block/floppy.c",
84338+ [62495].name = "fallback_on_nodma_alloc",
84339+ [62495].param2 = 1,
84340+ [62498].file = "fs/xattr.c",
84341+ [62498].name = "sys_listxattr",
84342+ [62498].param3 = 1,
84343+ [62583].file = "drivers/net/wireless/mwifiex/debugfs.c",
84344+ [62583].name = "mwifiex_regrdwr_write",
84345+ [62583].param3 = 1,
84346+ [625].file = "fs/read_write.c",
84347+ [625].name = "sys_pwritev",
84348+ [625].param3 = 1,
84349+ [62669].file = "drivers/platform/x86/asus_acpi.c",
84350+ [62669].name = "tled_proc_write",
84351+ [62669].param3 = 1,
84352+ [62714].file = "security/keys/keyctl.c",
84353+ [62714].name = "keyctl_update_key",
84354+ [62714].param3 = 1,
84355+ [62799].file = "fs/proc/task_mmu.c",
84356+ [62799].name = "pagemap_read",
84357+ [62799].param3 = 1,
84358+ [62811].file = "drivers/usb/misc/legousbtower.c",
84359+ [62811].name = "tower_read",
84360+ [62811].param3 = 1,
84361+ [62851].file = "fs/proc/vmcore.c",
84362+ [62851].name = "read_vmcore",
84363+ [62851].param3 = 1,
84364+ [62925].file = "include/rdma/ib_verbs.h",
84365+ [62925].name = "ib_copy_from_udata",
84366+ [62925].param3 = 1,
84367+ [62967].file = "security/keys/encrypted-keys/encrypted.c",
84368+ [62967].name = "encrypted_update",
84369+ [62967].param3 = 1,
84370+ [62970].file = "net/sched/sch_api.c",
84371+ [62970].name = "qdisc_class_hash_alloc",
84372+ [62970].param1 = 1,
84373+ [62999].file = "net/core/neighbour.c",
84374+ [62999].name = "neigh_hash_alloc",
84375+ [62999].param1 = 1,
84376+ [63004].file = "drivers/usb/storage/datafab.c",
84377+ [63004].name = "datafab_write_data",
84378+ [63004].param4 = 1,
84379+ [63007].file = "fs/proc/base.c",
84380+ [63007].name = "proc_coredump_filter_write",
84381+ [63007].param3 = 1,
84382+ [63010].file = "drivers/gpu/drm/ttm/ttm_page_alloc.c",
84383+ [63010].name = "ttm_page_pool_free",
84384+ [63010].param2 = 1,
84385+ [63076].file = "fs/cifs/xattr.c",
84386+ [63076].name = "cifs_setxattr",
84387+ [63076].param4 = 1,
84388+ [63091].file = "drivers/net/usb/pegasus.c",
84389+ [63091].name = "get_registers",
84390+ [63091].param3 = 1,
84391+ [63169].file = "drivers/scsi/sg.c",
84392+ [63169].name = "sg_read",
84393+ [63169].param3 = 1,
84394+ [6331].file = "drivers/atm/solos-pci.c",
84395+ [6331].name = "solos_param_store",
84396+ [6331].param4 = 1,
84397+ [63367].file = "net/netfilter/ipset/ip_set_core.c",
84398+ [63367].name = "ip_set_alloc",
84399+ [63367].param1 = 1,
84400+ [63473].file = "drivers/staging/pohmelfs/trans.c",
84401+ [63473].name = "netfs_trans_alloc",
84402+ [63473].param2 = 1,
84403+ [63473].param4 = 1,
84404+ [63489].file = "drivers/bluetooth/btmrvl_debugfs.c",
84405+ [63489].name = "btmrvl_hscfgcmd_write",
84406+ [63489].param3 = 1,
84407+ [63490].file = "crypto/shash.c",
84408+ [63490].name = "shash_compat_setkey",
84409+ [63490].param3 = 1,
84410+ [63583].file = "drivers/char/mem.c",
84411+ [63583].name = "write_kmem",
84412+ [63583].param3 = 1,
84413+ [63605].file = "mm/mempool.c",
84414+ [63605].name = "mempool_kmalloc",
84415+ [63605].param2 = 1,
84416+ [63717].file = "drivers/net/wireless/iwlwifi/iwl-trans-pcie.c",
84417+ [63717].name = "iwl_dbgfs_csr_write",
84418+ [63717].param3 = 1,
84419+ [63748].file = "drivers/staging/crystalhd/crystalhd_misc.c",
84420+ [63748].name = "crystalhd_map_dio",
84421+ [63748].param3 = 1,
84422+ [63765].file = "fs/seq_file.c",
84423+ [63765].name = "seq_read",
84424+ [63765].param3 = 1,
84425+ [63777].file = "drivers/virtio/virtio_ring.c",
84426+ [63777].name = "virtqueue_add_buf_gfp",
84427+ [63777].param3 = 1,
84428+ [63777].param4 = 1,
84429+ [63961].file = "fs/xattr.c",
84430+ [63961].name = "sys_flistxattr",
84431+ [63961].param3 = 1,
84432+ [63988].file = "drivers/input/evdev.c",
84433+ [63988].name = "evdev_ioctl_compat",
84434+ [63988].param2 = 1,
84435+ [64118].file = "fs/namei.c",
84436+ [64118].name = "sys_symlinkat",
84437+ [64118].param1 = 1,
84438+ [64156].file = "drivers/net/wireless/ath/ath6kl/cfg80211.c",
84439+ [64156].name = "ath6kl_mgmt_tx",
84440+ [64156].param9 = 1,
84441+ [64227].file = "mm/nobootmem.c",
84442+ [64227].name = "__alloc_bootmem_node_nopanic",
84443+ [64227].param2 = 1,
84444+ [64312].file = "drivers/video/hecubafb.c",
84445+ [64312].name = "hecubafb_write",
84446+ [64312].param3 = 1,
84447+ [64351].file = "kernel/kfifo.c",
84448+ [64351].name = "kfifo_copy_from_user",
84449+ [64351].param3 = 1,
84450+ [64392].file = "drivers/mmc/core/mmc_ops.c",
84451+ [64392].name = "mmc_send_cxd_data",
84452+ [64392].param5 = 1,
84453+ [64471].file = "drivers/bluetooth/btmrvl_debugfs.c",
84454+ [64471].name = "btmrvl_hscmd_write",
84455+ [64471].param3 = 1,
84456+ [64667].file = "sound/core/oss/pcm_oss.c",
84457+ [64667].name = "snd_pcm_oss_read",
84458+ [64667].param3 = 1,
84459+ [64689].file = "sound/isa/gus/gus_dram.c",
84460+ [64689].name = "snd_gus_dram_read",
84461+ [64689].param4 = 1,
84462+ [64692].file = "fs/binfmt_misc.c",
84463+ [64692].name = "bm_entry_write",
84464+ [64692].param3 = 1,
84465+ [64705].file = "drivers/staging/iio/accel/sca3000_ring.c",
84466+ [64705].name = "sca3000_read_first_n_hw_rb",
84467+ [64705].param2 = 1,
84468+ [64743].file = "fs/ocfs2/dlmfs/dlmfs.c",
84469+ [64743].name = "dlmfs_file_read",
84470+ [64743].param3 = 1,
84471+ [6477].file = "net/bluetooth/mgmt.c",
84472+ [6477].name = "mgmt_pending_add",
84473+ [6477].param5 = 1,
84474+ [64898].file = "drivers/media/video/videobuf-dma-sg.c",
84475+ [64898].name = "videobuf_dma_init_user",
84476+ [64898].param3 = 1,
84477+ [64898].param4 = 1,
84478+ [64906].file = "drivers/net/wireless/b43legacy/debugfs.c",
84479+ [64906].name = "b43legacy_debugfs_write",
84480+ [64906].param3 = 1,
84481+ [64961].file = "drivers/spi/spidev.c",
84482+ [64961].name = "spidev_ioctl",
84483+ [64961].param2 = 1,
84484+ [65033].file = "crypto/shash.c",
84485+ [65033].name = "shash_async_setkey",
84486+ [65033].param3 = 1,
84487+ [65093].file = "security/integrity/evm/evm_secfs.c",
84488+ [65093].name = "evm_write_key",
84489+ [65093].param3 = 1,
84490+ [65098].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
84491+ [65098].name = "iwl_dbgfs_traffic_log_write",
84492+ [65098].param3 = 1,
84493+ [6514].file = "mm/nobootmem.c",
84494+ [6514].name = "__alloc_bootmem_low",
84495+ [6514].param1 = 1,
84496+ [65169].file = "net/core/skbuff.c",
84497+ [65169].name = "dev_alloc_skb",
84498+ [65169].param1 = 1,
84499+ [6517].file = "drivers/md/dm-table.c",
84500+ [6517].name = "alloc_targets",
84501+ [6517].param2 = 1,
84502+ [65195].file = "fs/jffs2/xattr.c",
84503+ [65195].name = "do_jffs2_setxattr",
84504+ [65195].param5 = 1,
84505+ [65237].file = "kernel/profile.c",
84506+ [65237].name = "read_profile",
84507+ [65237].param3 = 1,
84508+ [65345].file = "lib/xz/xz_dec_lzma2.c",
84509+ [65345].name = "xz_dec_lzma2_create",
84510+ [65345].param2 = 1,
84511+ [65364].file = "sound/core/pcm_lib.c",
84512+ [65364].name = "snd_pcm_lib_read_transfer",
84513+ [65364].param5 = 1,
84514+ [65409].file = "net/802/garp.c",
84515+ [65409].name = "garp_request_join",
84516+ [65409].param4 = 1,
84517+ [65432].file = "drivers/hid/hid-roccat-kone.c",
84518+ [65432].name = "kone_receive",
84519+ [65432].param4 = 1,
84520+ [65452].file = "drivers/message/fusion/mptctl.c",
84521+ [65452].name = "mptctl_ioctl",
84522+ [65452].param2 = 1,
84523+ [65514].file = "drivers/media/video/gspca/t613.c",
84524+ [65514].name = "reg_w_ixbuf",
84525+ [65514].param4 = 1,
84526+ [6551].file = "drivers/usb/host/xhci-mem.c",
84527+ [6551].name = "xhci_alloc_stream_info",
84528+ [6551].param3 = 1,
84529+ [65535].file = "drivers/media/dvb/dvb-usb/opera1.c",
84530+ [65535].name = "opera1_xilinx_rw",
84531+ [65535].param5 = 1,
84532+ [6657].file = "drivers/hid/hid-roccat-kone.c",
84533+ [6657].name = "kone_send",
84534+ [6657].param4 = 1,
84535+ [6672].file = "drivers/net/wireless/b43/debugfs.c",
84536+ [6672].name = "b43_debugfs_write",
84537+ [6672].param3 = 1,
84538+ [6691].file = "drivers/acpi/proc.c",
84539+ [6691].name = "acpi_system_write_wakeup_device",
84540+ [6691].param3 = 1,
84541+ [6772].file = "drivers/net/wireless/iwlwifi/iwl-debugfs.c",
84542+ [6772].name = "iwl_dbgfs_force_reset_write",
84543+ [6772].param3 = 1,
84544+ [6780].file = "sound/core/info.c",
84545+ [6780].name = "snd_info_entry_read",
84546+ [6780].param3 = 1,
84547+ [6800].file = "drivers/net/wireless/iwlegacy/iwl-debugfs.c",
84548+ [6800].name = "iwl_legacy_dbgfs_missed_beacon_write",
84549+ [6800].param3 = 1,
84550+ [680].file = "drivers/misc/ibmasm/ibmasmfs.c",
84551+ [680].name = "command_file_read",
84552+ [680].param3 = 1,
84553+ [6865].file = "drivers/staging/iio/ring_sw.c",
84554+ [6865].name = "iio_read_first_n_sw_rb",
84555+ [6865].param2 = 1,
84556+ [6867].file = "fs/coda/psdev.c",
84557+ [6867].name = "coda_psdev_read",
84558+ [6867].param3 = 1,
84559+ [6891].file = "drivers/bluetooth/btmrvl_debugfs.c",
84560+ [6891].name = "btmrvl_gpiogap_write",
84561+ [6891].param3 = 1,
84562+ [6944].file = "drivers/ide/ide-proc.c",
84563+ [6944].name = "ide_settings_proc_write",
84564+ [6944].param3 = 1,
84565+ [6950].file = "drivers/isdn/capi/capi.c",
84566+ [6950].name = "capi_write",
84567+ [6950].param3 = 1,
84568+ [697].file = "sound/isa/gus/gus_dram.c",
84569+ [697].name = "snd_gus_dram_peek",
84570+ [697].param4 = 1,
84571+ [7066].file = "security/keys/keyctl.c",
84572+ [7066].name = "keyctl_instantiate_key_common",
84573+ [7066].param4 = 1,
84574+ [7129].file = "mm/maccess.c",
84575+ [7129].name = "__probe_kernel_read",
84576+ [7129].param3 = 1,
84577+ [720].file = "sound/pci/rme9652/hdsp.c",
84578+ [720].name = "snd_hdsp_playback_copy",
84579+ [720].param5 = 1,
84580+ [7411].file = "drivers/vhost/vhost.c",
84581+ [7411].name = "__vhost_add_used_n",
84582+ [7411].param3 = 1,
84583+ [7488].file = "security/keys/user_defined.c",
84584+ [7488].name = "user_read",
84585+ [7488].param3 = 1,
84586+ [7551].file = "drivers/input/touchscreen/ad7879-spi.c",
84587+ [7551].name = "ad7879_spi_xfer",
84588+ [7551].param3 = 1,
84589+ [7676].file = "drivers/acpi/custom_method.c",
84590+ [7676].name = "cm_write",
84591+ [7676].param3 = 1,
84592+ [7832].file = "drivers/net/wireless/ath/ath5k/debug.c",
84593+ [7832].name = "write_file_antenna",
84594+ [7832].param3 = 1,
84595+ [7843].file = "fs/compat.c",
84596+ [7843].name = "compat_sys_readv",
84597+ [7843].param3 = 1,
84598+ [7958].file = "drivers/gpu/vga/vgaarb.c",
84599+ [7958].name = "vga_arb_write",
84600+ [7958].param3 = 1,
84601+ [7976].file = "drivers/usb/gadget/rndis.c",
84602+ [7976].name = "rndis_add_response",
84603+ [7976].param2 = 1,
84604+ [8014].file = "net/netfilter/ipset/ip_set_list_set.c",
84605+ [8014].name = "init_list_set",
84606+ [8014].param2 = 1,
84607+ [8014].param3 = 1,
84608+ [8087].file = "drivers/video/via/viafbdev.c",
84609+ [8087].name = "viafb_iga1_odev_proc_write",
84610+ [8087].param3 = 1,
84611+ [8126].file = "sound/soc/soc-core.c",
84612+ [8126].name = "codec_reg_read_file",
84613+ [8126].param3 = 1,
84614+ [8185].file = "drivers/net/wireless/ath/ath6kl/debug.c",
84615+ [8185].name = "ath6kl_regwrite_write",
84616+ [8185].param3 = 1,
84617+ [8317].file = "security/smack/smackfs.c",
84618+ [8317].name = "smk_write_ambient",
84619+ [8317].param3 = 1,
84620+ [8334].file = "drivers/scsi/sg.c",
84621+ [8334].name = "sg_proc_write_adio",
84622+ [8334].param3 = 1,
84623+ [8481].file = "drivers/isdn/i4l/isdn_common.c",
84624+ [8481].name = "isdn_write",
84625+ [8481].param3 = 1,
84626+ [8536].file = "fs/cifs/dns_resolve.c",
84627+ [8536].name = "dns_resolve_server_name_to_ip",
84628+ [8536].param1 = 1,
84629+ [8650].file = "drivers/gpu/drm/vmwgfx/vmwgfx_kms.c",
84630+ [8650].name = "vmw_kms_present",
84631+ [8650].param9 = 1,
84632+ [865].file = "drivers/base/regmap/regmap-debugfs.c",
84633+ [865].name = "regmap_access_read_file",
84634+ [865].param3 = 1,
84635+ [8663].file = "net/bridge/netfilter/ebtables.c",
84636+ [8663].name = "do_update_counters",
84637+ [8663].param4 = 1,
84638+ [8684].file = "fs/read_write.c",
84639+ [8684].name = "sys_writev",
84640+ [8684].param3 = 1,
84641+ [8699].file = "security/selinux/selinuxfs.c",
84642+ [8699].name = "sel_commit_bools_write",
84643+ [8699].param3 = 1,
84644+ [8714].file = "lib/kstrtox.c",
84645+ [8714].name = "kstrtou16_from_user",
84646+ [8714].param2 = 1,
84647+ [8764].file = "drivers/usb/core/devio.c",
84648+ [8764].name = "usbdev_read",
84649+ [8764].param3 = 1,
84650+ [8802].file = "fs/dlm/user.c",
84651+ [8802].name = "device_write",
84652+ [8802].param3 = 1,
84653+ [8810].file = "net/mac80211/debugfs_sta.c",
84654+ [8810].name = "sta_agg_status_write",
84655+ [8810].param3 = 1,
84656+ [8815].file = "security/tomoyo/securityfs_if.c",
84657+ [8815].name = "tomoyo_write_self",
84658+ [8815].param3 = 1,
84659+ [8821].file = "net/wireless/sme.c",
84660+ [8821].name = "cfg80211_roamed",
84661+ [8821].param5 = 1,
84662+ [8821].param7 = 1,
84663+ [8833].file = "security/selinux/ss/services.c",
84664+ [8833].name = "security_context_to_sid",
84665+ [8833].param2 = 1,
84666+ [8851].file = "net/key/af_key.c",
84667+ [8851].name = "pfkey_sendmsg",
84668+ [8851].param4 = 1,
84669+ [8917].file = "net/ipv4/raw.c",
84670+ [8917].name = "raw_setsockopt",
84671+ [8917].param5 = 1,
84672+ [8983].file = "include/linux/skbuff.h",
84673+ [8983].name = "alloc_skb",
84674+ [8983].param1 = 1,
84675+ [9226].file = "mm/migrate.c",
84676+ [9226].name = "sys_move_pages",
84677+ [9226].param2 = 1,
84678+ [9341].file = "drivers/acpi/apei/erst-dbg.c",
84679+ [9341].name = "erst_dbg_write",
84680+ [9341].param3 = 1,
84681+ [9463].file = "drivers/infiniband/hw/ipath/ipath_verbs.c",
84682+ [9463].name = "ipath_verbs_send",
84683+ [9463].param3 = 1,
84684+ [9463].param5 = 1,
84685+ [9546].file = "drivers/video/fbmem.c",
84686+ [9546].name = "fb_write",
84687+ [9546].param3 = 1,
84688+ [9601].file = "kernel/kfifo.c",
84689+ [9601].name = "__kfifo_from_user",
84690+ [9601].param3 = 1,
84691+ [9618].file = "security/selinux/selinuxfs.c",
84692+ [9618].name = "sel_write_bool",
84693+ [9618].param3 = 1,
84694+ [9768].file = "drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c",
84695+ [9768].name = "vmw_execbuf_process",
84696+ [9768].param5 = 1,
84697+ [9828].file = "drivers/media/dvb/dvb-core/dmxdev.c",
84698+ [9828].name = "dvb_demux_do_ioctl",
84699+ [9828].param3 = 1,
84700+ [9870].file = "net/atm/addr.c",
84701+ [9870].name = "atm_get_addr",
84702+ [9870].param3 = 1,
84703+ [9962].file = "drivers/scsi/sg.c",
84704+ [9962].name = "sg_proc_write_dressz",
84705+ [9962].param3 = 1,
84706+ [9977].file = "drivers/net/wireless/zd1211rw/zd_usb.c",
84707+ [9977].name = "zd_usb_iowrite16v_async",
84708+ [9977].param3 = 1,
84709+ [16344].collision = 1,
84710+ [30494].collision = 1,
84711+ [31291].collision = 1,
84712+ [33040].collision = 1,
84713+ [38314].collision = 1,
84714+ [54338].collision = 1,
84715+ [60651].collision = 1,
84716+};
84717diff --git a/tools/gcc/size_overflow_hash2.h b/tools/gcc/size_overflow_hash2.h
84718new file mode 100644
84719index 0000000..8ed7d96
84720--- /dev/null
84721+++ b/tools/gcc/size_overflow_hash2.h
84722@@ -0,0 +1,44 @@
84723+struct size_overflow_hash size_overflow_hash2[65536] = {
84724+ [2118].file = "fs/ntfs/malloc.h",
84725+ [2118].name = "ntfs_malloc_nofs",
84726+ [2118].param1 = 1,
84727+ [22224].file = "fs/proc/vmcore.c",
84728+ [22224].name = "read_from_oldmem",
84729+ [22224].param2 = 1,
84730+ [26518].file = "drivers/gpu/vga/vgaarb.c",
84731+ [26518].name = "vga_arb_read",
84732+ [26518].param3 = 1,
84733+ [26569].file = "lib/kstrtox.c",
84734+ [26569].name = "kstrtoint_from_user",
84735+ [26569].param2 = 1,
84736+ [30632].file = "drivers/ide/ide-proc.c",
84737+ [30632].name = "ide_driver_proc_write",
84738+ [30632].param3 = 1,
84739+ [36150].file = "net/ceph/buffer.c",
84740+ [36150].name = "ceph_buffer_new",
84741+ [36150].param1 = 1,
84742+ [39024].file = "lib/scatterlist.c",
84743+ [39024].name = "sg_kmalloc",
84744+ [39024].param1 = 1,
84745+ [39105].file = "drivers/gpu/drm/ttm/ttm_tt.c",
84746+ [39105].name = "ttm_tt_create",
84747+ [39105].param2 = 1,
84748+ [43208].file = "fs/nfs/read.c",
84749+ [43208].name = "nfs_readdata_alloc",
84750+ [43208].param1 = 1,
84751+ [46911].file = "drivers/media/video/ivtv/ivtv-fileops.c",
84752+ [46911].name = "ivtv_v4l2_read",
84753+ [46911].param3 = 1,
84754+ [50359].file = "kernel/sched.c",
84755+ [50359].name = "alloc_sched_domains",
84756+ [50359].param1 = 1,
84757+ [52857].file = "sound/pci/rme9652/rme9652.c",
84758+ [52857].name = "snd_rme9652_capture_copy",
84759+ [52857].param5 = 1,
84760+ [57500].file = "drivers/spi/spidev.c",
84761+ [57500].name = "spidev_write",
84762+ [57500].param3 = 1,
84763+ [65149].file = "fs/nilfs2/ioctl.c",
84764+ [65149].name = "nilfs_ioctl_wrap_copy",
84765+ [65149].param4 = 1,
84766+};
84767diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c
84768new file mode 100644
84769index 0000000..a9ae886
84770--- /dev/null
84771+++ b/tools/gcc/size_overflow_plugin.c
84772@@ -0,0 +1,1042 @@
84773+/*
84774+ * Copyright 2011, 2012 by Emese Revfy <re.emese@gmail.com>
84775+ * Licensed under the GPL v2, or (at your option) v3
84776+ *
84777+ * Homepage:
84778+ * http://www.grsecurity.net/~ephox/overflow_plugin/
84779+ *
84780+ * This plugin recomputes expressions of function arguments marked by a size_overflow attribute
84781+ * with double integer precision (DImode/TImode for 32/64 bit integer types).
84782+ * The recomputed argument is checked against INT_MAX and an event is logged on overflow and the triggering process is killed.
84783+ *
84784+ * Usage:
84785+ * $ gcc -I`gcc -print-file-name=plugin`/include -fPIC -shared -O2 -o size_overflow_plugin.so size_overflow_plugin.c
84786+ * $ gcc -fplugin=size_overflow_plugin.so test.c -O2
84787+ */
84788+
84789+#include "gcc-plugin.h"
84790+#include "config.h"
84791+#include "system.h"
84792+#include "coretypes.h"
84793+#include "tree.h"
84794+#include "tree-pass.h"
84795+#include "intl.h"
84796+#include "plugin-version.h"
84797+#include "tm.h"
84798+#include "toplev.h"
84799+#include "function.h"
84800+#include "tree-flow.h"
84801+#include "plugin.h"
84802+#include "gimple.h"
84803+#include "c-common.h"
84804+#include "diagnostic.h"
84805+
84806+struct size_overflow_hash {
84807+ const char *name;
84808+ const char *file;
84809+ unsigned short collision:1;
84810+ unsigned short param1:1;
84811+ unsigned short param2:1;
84812+ unsigned short param3:1;
84813+ unsigned short param4:1;
84814+ unsigned short param5:1;
84815+ unsigned short param6:1;
84816+ unsigned short param7:1;
84817+ unsigned short param8:1;
84818+ unsigned short param9:1;
84819+};
84820+
84821+#include "size_overflow_hash1.h"
84822+#include "size_overflow_hash2.h"
84823+
84824+#define __unused __attribute__((__unused__))
84825+#define NAME(node) IDENTIFIER_POINTER(DECL_NAME(node))
84826+#define BEFORE_STMT true
84827+#define AFTER_STMT false
84828+#define CREATE_NEW_VAR NULL_TREE
84829+
84830+int plugin_is_GPL_compatible;
84831+void debug_gimple_stmt (gimple gs);
84832+
84833+static tree expand(struct pointer_set_t *visited, tree var);
84834+static tree signed_size_overflow_type;
84835+static tree unsigned_size_overflow_type;
84836+static tree report_size_overflow_decl;
84837+static tree const_char_ptr_type_node;
84838+static unsigned int handle_function(void);
84839+
84840+static struct plugin_info size_overflow_plugin_info = {
84841+ .version = "20120311beta",
84842+ .help = "no-size_overflow\tturn off size overflow checking\n",
84843+};
84844+
84845+static tree handle_size_overflow_attribute(tree *node, tree __unused name, tree args, int __unused flags, bool *no_add_attrs)
84846+{
84847+ unsigned int arg_count = type_num_arguments(*node);
84848+
84849+ for (; args; args = TREE_CHAIN(args)) {
84850+ tree position = TREE_VALUE(args);
84851+ if (TREE_CODE(position) != INTEGER_CST || TREE_INT_CST_HIGH(position) || TREE_INT_CST_LOW(position) < 1 || TREE_INT_CST_LOW(position) > arg_count ) {
84852+ error("handle_size_overflow_attribute: overflow parameter outside range.");
84853+ *no_add_attrs = true;
84854+ }
84855+ }
84856+ return NULL_TREE;
84857+}
84858+
84859+static struct attribute_spec no_size_overflow_attr = {
84860+ .name = "size_overflow",
84861+ .min_length = 1,
84862+ .max_length = -1,
84863+ .decl_required = false,
84864+ .type_required = true,
84865+ .function_type_required = true,
84866+ .handler = handle_size_overflow_attribute
84867+};
84868+
84869+static void register_attributes(void __unused *event_data, void __unused *data)
84870+{
84871+ register_attribute(&no_size_overflow_attr);
84872+}
84873+
84874+// http://www.team5150.com/~andrew/noncryptohashzoo2~/CrapWow.html
84875+static unsigned int CrapWow(const char *key, unsigned int len, unsigned int seed)
84876+{
84877+#define cwfold( a, b, lo, hi ) { p = (unsigned int)(a) * (unsigned long long)(b); lo ^= (unsigned int)p; hi ^= (unsigned int)(p >> 32); }
84878+#define cwmixa( in ) { cwfold( in, m, k, h ); }
84879+#define cwmixb( in ) { cwfold( in, n, h, k ); }
84880+
84881+ const unsigned int m = 0x57559429;
84882+ const unsigned int n = 0x5052acdb;
84883+ const unsigned int *key4 = (const unsigned int *)key;
84884+ unsigned int h = len;
84885+ unsigned int k = len + seed + n;
84886+ unsigned long long p;
84887+
84888+ while (len >= 8) {
84889+ cwmixb(key4[0]) cwmixa(key4[1]) key4 += 2;
84890+ len -= 8;
84891+ }
84892+ if (len >= 4) {
84893+ cwmixb(key4[0]) key4 += 1;
84894+ len -= 4;
84895+ }
84896+ if (len)
84897+ cwmixa(key4[0] & ((1 << (len * 8)) - 1 ));
84898+ cwmixb(h ^ (k + n));
84899+ return k ^ h;
84900+
84901+#undef cwfold
84902+#undef cwmixa
84903+#undef cwmixb
84904+}
84905+
84906+static inline unsigned int size_overflow_hash(const char *fndecl, unsigned int seed)
84907+{
84908+ return CrapWow(fndecl, strlen(fndecl), seed) & 0xffff;
84909+}
84910+
84911+static inline tree get_original_function_decl(tree fndecl)
84912+{
84913+ if (DECL_ABSTRACT_ORIGIN(fndecl))
84914+ return DECL_ABSTRACT_ORIGIN(fndecl);
84915+ return fndecl;
84916+}
84917+
84918+static inline gimple get_def_stmt(tree node)
84919+{
84920+ gcc_assert(TREE_CODE(node) == SSA_NAME);
84921+ return SSA_NAME_DEF_STMT(node);
84922+}
84923+
84924+static struct size_overflow_hash *get_function_hash(tree fndecl)
84925+{
84926+ unsigned int hash;
84927+ const char *func = NAME(fndecl);
84928+
84929+ hash = size_overflow_hash(func, 0);
84930+
84931+ if (size_overflow_hash1[hash].collision) {
84932+ hash = size_overflow_hash(func, 23432);
84933+ return &size_overflow_hash2[hash];
84934+ }
84935+ return &size_overflow_hash1[hash];
84936+}
84937+
84938+static void check_missing_attribute(tree arg)
84939+{
84940+ tree var, func = get_original_function_decl(current_function_decl);
84941+ const char *curfunc = NAME(func);
84942+ unsigned int new_hash, argnum = 1;
84943+ struct size_overflow_hash *hash;
84944+ location_t loc;
84945+ expanded_location xloc;
84946+ bool match = false;
84947+
84948+ loc = DECL_SOURCE_LOCATION(func);
84949+ xloc = expand_location(loc);
84950+
84951+ if (lookup_attribute("size_overflow", TYPE_ATTRIBUTES(TREE_TYPE(func))))
84952+ return;
84953+
84954+ hash = get_function_hash(func);
84955+ if (hash->name && !strcmp(hash->name, NAME(func)) && !strcmp(hash->file, xloc.file))
84956+ return;
84957+
84958+ gcc_assert(TREE_CODE(arg) != COMPONENT_REF);
84959+
84960+ if (TREE_CODE(arg) == SSA_NAME)
84961+ arg = SSA_NAME_VAR(arg);
84962+
84963+ for (var = DECL_ARGUMENTS(func); var; var = TREE_CHAIN(var)) {
84964+ if (strcmp(NAME(arg), NAME(var))) {
84965+ argnum++;
84966+ continue;
84967+ }
84968+ match = true;
84969+ if (!TYPE_UNSIGNED(TREE_TYPE(var)))
84970+ return;
84971+ break;
84972+ }
84973+ if (!match) {
84974+ warning(0, "check_missing_attribute: cannot find the %s argument in %s", NAME(arg), NAME(func));
84975+ return;
84976+ }
84977+
84978+#define check_param(num) \
84979+ if (num == argnum && hash->param##num) \
84980+ return;
84981+ check_param(1);
84982+ check_param(2);
84983+ check_param(3);
84984+ check_param(4);
84985+ check_param(5);
84986+ check_param(6);
84987+ check_param(7);
84988+ check_param(8);
84989+ check_param(9);
84990+#undef check_param
84991+
84992+ new_hash = size_overflow_hash(curfunc, 0);
84993+ inform(loc, "Function %s is missing from the size_overflow hash table +%s+%d+%u+%s", curfunc, curfunc, argnum, new_hash, xloc.file);
84994+}
84995+
84996+static tree create_new_var(tree type)
84997+{
84998+ tree new_var = create_tmp_var(type, "cicus");
84999+
85000+ add_referenced_var(new_var);
85001+ mark_sym_for_renaming(new_var);
85002+ return new_var;
85003+}
85004+
85005+static bool is_bool(tree node)
85006+{
85007+ tree type;
85008+
85009+ if (node == NULL_TREE)
85010+ return false;
85011+
85012+ type = TREE_TYPE(node);
85013+ if (!INTEGRAL_TYPE_P(type))
85014+ return false;
85015+ if (TREE_CODE(type) == BOOLEAN_TYPE)
85016+ return true;
85017+ if (TYPE_PRECISION(type) == 1)
85018+ return true;
85019+ return false;
85020+}
85021+
85022+static gimple build_cast_stmt(tree type, tree var, tree new_var, location_t loc)
85023+{
85024+ gimple assign;
85025+
85026+ if (new_var == CREATE_NEW_VAR)
85027+ new_var = create_new_var(type);
85028+
85029+ assign = gimple_build_assign(new_var, fold_convert(type, var));
85030+ gimple_set_location(assign, loc);
85031+ gimple_set_lhs(assign, make_ssa_name(new_var, assign));
85032+
85033+ return assign;
85034+}
85035+
85036+static tree create_assign(struct pointer_set_t *visited, gimple oldstmt, tree rhs1, bool before)
85037+{
85038+ tree oldstmt_rhs1;
85039+ enum tree_code code;
85040+ gimple stmt;
85041+ gimple_stmt_iterator gsi;
85042+
85043+ if (is_bool(rhs1)) {
85044+ pointer_set_insert(visited, oldstmt);
85045+ return gimple_get_lhs(oldstmt);
85046+ }
85047+
85048+ if (rhs1 == NULL_TREE) {
85049+ debug_gimple_stmt(oldstmt);
85050+ error("create_assign: rhs1 is NULL_TREE");
85051+ gcc_unreachable();
85052+ }
85053+
85054+ oldstmt_rhs1 = gimple_assign_rhs1(oldstmt);
85055+ code = TREE_CODE(oldstmt_rhs1);
85056+ if (code == PARM_DECL || (code == SSA_NAME && gimple_code(get_def_stmt(oldstmt_rhs1)) == GIMPLE_NOP))
85057+ check_missing_attribute(oldstmt_rhs1);
85058+
85059+ stmt = build_cast_stmt(signed_size_overflow_type, rhs1, CREATE_NEW_VAR, gimple_location(oldstmt));
85060+ gsi = gsi_for_stmt(oldstmt);
85061+ if (before)
85062+ gsi_insert_before(&gsi, stmt, GSI_NEW_STMT);
85063+ else
85064+ gsi_insert_after(&gsi, stmt, GSI_NEW_STMT);
85065+ update_stmt(stmt);
85066+ pointer_set_insert(visited, oldstmt);
85067+ return gimple_get_lhs(stmt);
85068+}
85069+
85070+static tree dup_assign(struct pointer_set_t *visited, gimple oldstmt, tree rhs1, tree rhs2, tree __unused rhs3)
85071+{
85072+ tree new_var, lhs = gimple_get_lhs(oldstmt);
85073+ gimple stmt;
85074+ gimple_stmt_iterator gsi;
85075+
85076+ if (gimple_num_ops(oldstmt) != 4 && rhs1 == NULL_TREE) {
85077+ rhs1 = gimple_assign_rhs1(oldstmt);
85078+ rhs1 = create_assign(visited, oldstmt, rhs1, BEFORE_STMT);
85079+ }
85080+ if (gimple_num_ops(oldstmt) == 3 && rhs2 == NULL_TREE) {
85081+ rhs2 = gimple_assign_rhs2(oldstmt);
85082+ rhs2 = create_assign(visited, oldstmt, rhs2, BEFORE_STMT);
85083+ }
85084+
85085+ stmt = gimple_copy(oldstmt);
85086+ gimple_set_location(stmt, gimple_location(oldstmt));
85087+
85088+ if (gimple_assign_rhs_code(oldstmt) == WIDEN_MULT_EXPR)
85089+ gimple_assign_set_rhs_code(stmt, MULT_EXPR);
85090+
85091+ if (is_bool(lhs))
85092+ new_var = SSA_NAME_VAR(lhs);
85093+ else
85094+ new_var = create_new_var(signed_size_overflow_type);
85095+ new_var = make_ssa_name(new_var, stmt);
85096+ gimple_set_lhs(stmt, new_var);
85097+
85098+ if (rhs1 != NULL_TREE) {
85099+ if (!gimple_assign_cast_p(oldstmt))
85100+ rhs1 = fold_convert(signed_size_overflow_type, rhs1);
85101+ gimple_assign_set_rhs1(stmt, rhs1);
85102+ }
85103+
85104+ if (rhs2 != NULL_TREE)
85105+ gimple_assign_set_rhs2(stmt, rhs2);
85106+#if BUILDING_GCC_VERSION >= 4007
85107+ if (rhs3 != NULL_TREE)
85108+ gimple_assign_set_rhs3(stmt, rhs3);
85109+#endif
85110+ gimple_set_vuse(stmt, gimple_vuse(oldstmt));
85111+ gimple_set_vdef(stmt, gimple_vdef(oldstmt));
85112+
85113+ gsi = gsi_for_stmt(oldstmt);
85114+ gsi_insert_after(&gsi, stmt, GSI_SAME_STMT);
85115+ update_stmt(stmt);
85116+ pointer_set_insert(visited, oldstmt);
85117+ return gimple_get_lhs(stmt);
85118+}
85119+
85120+static gimple overflow_create_phi_node(gimple oldstmt, tree var)
85121+{
85122+ basic_block bb;
85123+ gimple phi;
85124+ gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt);
85125+
85126+ bb = gsi_bb(gsi);
85127+ phi = make_phi_node(var, EDGE_COUNT(bb->preds));
85128+
85129+ gsi_insert_after(&gsi, phi, GSI_NEW_STMT);
85130+ gimple_set_bb(phi, bb);
85131+ return phi;
85132+}
85133+
85134+static tree signed_cast_constant(tree node)
85135+{
85136+ gcc_assert(is_gimple_constant(node));
85137+
85138+ if (TYPE_PRECISION(signed_size_overflow_type) == TYPE_PRECISION(TREE_TYPE(node)))
85139+ return build_int_cst_wide(signed_size_overflow_type, TREE_INT_CST_LOW(node), TREE_INT_CST_HIGH(node));
85140+ else
85141+ return build_int_cst(signed_size_overflow_type, int_cst_value(node));
85142+}
85143+
85144+static gimple cast_old_phi_arg(gimple oldstmt, tree arg, tree new_var)
85145+{
85146+ basic_block first_bb;
85147+ gimple newstmt;
85148+ gimple_stmt_iterator gsi;
85149+
85150+ newstmt = build_cast_stmt(signed_size_overflow_type, arg, new_var, gimple_location(oldstmt));
85151+
85152+ first_bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest;
85153+ if (dom_info_available_p(CDI_DOMINATORS))
85154+ set_immediate_dominator(CDI_DOMINATORS, first_bb, ENTRY_BLOCK_PTR);
85155+ gsi = gsi_start_bb(first_bb);
85156+
85157+ gsi_insert_before(&gsi, newstmt, GSI_NEW_STMT);
85158+ return newstmt;
85159+}
85160+
85161+static gimple handle_new_phi_arg(tree arg, tree new_var, tree new_rhs)
85162+{
85163+ gimple newstmt;
85164+ gimple_stmt_iterator gsi;
85165+ void (*gsi_insert)(gimple_stmt_iterator *, gimple, enum gsi_iterator_update);
85166+ gimple def_newstmt = get_def_stmt(new_rhs);
85167+
85168+ gsi_insert = gsi_insert_after;
85169+ gsi = gsi_for_stmt(def_newstmt);
85170+
85171+ switch (gimple_code(get_def_stmt(arg))) {
85172+ case GIMPLE_PHI:
85173+ newstmt = gimple_build_assign(new_var, new_rhs);
85174+ gsi = gsi_after_labels(gimple_bb(def_newstmt));
85175+ gsi_insert = gsi_insert_before;
85176+ break;
85177+ case GIMPLE_ASM:
85178+ case GIMPLE_CALL:
85179+ newstmt = gimple_build_assign(new_var, new_rhs);
85180+ break;
85181+ case GIMPLE_ASSIGN:
85182+ newstmt = gimple_copy(def_newstmt);
85183+ break;
85184+ default:
85185+ /* unknown gimple_code (build_new_phi_arg) */
85186+ gcc_unreachable();
85187+ }
85188+
85189+ gimple_set_lhs(newstmt, make_ssa_name(new_var, newstmt));
85190+ gsi_insert(&gsi, newstmt, GSI_NEW_STMT);
85191+ return newstmt;
85192+}
85193+
85194+static tree build_new_phi_arg(struct pointer_set_t *visited, gimple oldstmt, tree arg, tree new_var)
85195+{
85196+ gimple newstmt;
85197+ tree new_rhs;
85198+
85199+ if (is_gimple_constant(arg))
85200+ return signed_cast_constant(arg);
85201+
85202+ pointer_set_insert(visited, oldstmt);
85203+ new_rhs = expand(visited, arg);
85204+ if (new_rhs == NULL_TREE) {
85205+ gcc_assert(TREE_CODE(TREE_TYPE(arg)) != VOID_TYPE);
85206+ newstmt = cast_old_phi_arg(oldstmt, arg, new_var);
85207+ } else
85208+ newstmt = handle_new_phi_arg(arg, new_var, new_rhs);
85209+ update_stmt(newstmt);
85210+ return gimple_get_lhs(newstmt);
85211+}
85212+
85213+static tree build_new_phi(struct pointer_set_t *visited, gimple oldstmt)
85214+{
85215+ gimple phi;
85216+ tree new_var = create_new_var(signed_size_overflow_type);
85217+ unsigned int i, n = gimple_phi_num_args(oldstmt);
85218+
85219+ phi = overflow_create_phi_node(oldstmt, new_var);
85220+
85221+ for (i = 0; i < n; i++) {
85222+ tree arg, lhs;
85223+
85224+ arg = gimple_phi_arg_def(oldstmt, i);
85225+ lhs = build_new_phi_arg(visited, oldstmt, arg, new_var);
85226+ add_phi_arg(phi, lhs, gimple_phi_arg_edge(oldstmt, i), gimple_location(oldstmt));
85227+ }
85228+ update_stmt(phi);
85229+ return gimple_phi_result(phi);
85230+}
85231+
85232+static tree handle_unary_ops(struct pointer_set_t *visited, tree var)
85233+{
85234+ gimple def_stmt = get_def_stmt(var);
85235+ tree new_rhs1, rhs1 = gimple_assign_rhs1(def_stmt);
85236+
85237+ if (is_gimple_constant(rhs1))
85238+ return dup_assign(visited, def_stmt, signed_cast_constant(rhs1), NULL_TREE, NULL_TREE);
85239+
85240+ switch (TREE_CODE(rhs1)) {
85241+ case SSA_NAME:
85242+ new_rhs1 = expand(visited, rhs1);
85243+ break;
85244+ case ARRAY_REF:
85245+ case ADDR_EXPR:
85246+ case COMPONENT_REF:
85247+ case COND_EXPR:
85248+ case INDIRECT_REF:
85249+#if BUILDING_GCC_VERSION >= 4006
85250+ case MEM_REF:
85251+#endif
85252+ case PARM_DECL:
85253+ case TARGET_MEM_REF:
85254+ case VAR_DECL:
85255+ return create_assign(visited, def_stmt, var, AFTER_STMT);
85256+ default:
85257+ debug_gimple_stmt(def_stmt);
85258+ debug_tree(rhs1);
85259+ gcc_unreachable();
85260+ }
85261+
85262+ if (new_rhs1 == NULL_TREE)
85263+ return create_assign(visited, def_stmt, rhs1, AFTER_STMT);
85264+ return dup_assign(visited, def_stmt, new_rhs1, NULL_TREE, NULL_TREE);
85265+}
85266+
85267+static tree transform_mult_overflow(tree rhs, tree const_rhs, tree log2const_rhs, location_t loc)
85268+{
85269+ tree new_def_rhs;
85270+
85271+ if (!is_gimple_constant(rhs))
85272+ return NULL_TREE;
85273+
85274+ new_def_rhs = fold_build2_loc(loc, MULT_EXPR, TREE_TYPE(const_rhs), rhs, const_rhs);
85275+ new_def_rhs = signed_cast_constant(new_def_rhs);
85276+ if (int_cst_value(new_def_rhs) >= 0)
85277+ return NULL_TREE;
85278+ return fold_build2_loc(loc, RSHIFT_EXPR, TREE_TYPE(new_def_rhs), new_def_rhs, log2const_rhs);
85279+}
85280+
85281+static tree handle_intentional_mult_overflow(struct pointer_set_t *visited, tree rhs, tree const_rhs)
85282+{
85283+ gimple new_def_stmt, def_stmt;
85284+ tree def_rhs1, def_rhs2, new_def_rhs;
85285+ location_t loc;
85286+ tree log2const_rhs;
85287+ int log2 = exact_log2(TREE_INT_CST_LOW(const_rhs));
85288+
85289+ if (log2 == -1) {
85290+// warning(0, "Possibly unhandled intentional integer truncation");
85291+ return NULL_TREE;
85292+ }
85293+
85294+ def_stmt = get_def_stmt(rhs);
85295+ loc = gimple_location(def_stmt);
85296+ def_rhs1 = gimple_assign_rhs1(def_stmt);
85297+ def_rhs2 = gimple_assign_rhs2(def_stmt);
85298+ new_def_stmt = get_def_stmt(expand(visited, rhs));
85299+ log2const_rhs = build_int_cstu(TREE_TYPE(const_rhs), log2);
85300+
85301+ new_def_rhs = transform_mult_overflow(def_rhs1, const_rhs, log2const_rhs, loc);
85302+ if (new_def_rhs != NULL_TREE) {
85303+ gimple_assign_set_rhs1(new_def_stmt, new_def_rhs);
85304+ } else {
85305+ new_def_rhs = transform_mult_overflow(def_rhs2, const_rhs, log2const_rhs, loc);
85306+ if (new_def_rhs != NULL_TREE)
85307+ gimple_assign_set_rhs2(new_def_stmt, new_def_rhs);
85308+ }
85309+ if (new_def_rhs == NULL_TREE)
85310+ return NULL_TREE;
85311+
85312+ update_stmt(new_def_stmt);
85313+// warning(0, "Handle integer truncation (gcc optimization)");
85314+ return gimple_get_lhs(new_def_stmt);
85315+}
85316+
85317+static bool is_mult_overflow(gimple def_stmt, tree rhs1)
85318+{
85319+ gimple rhs1_def_stmt = get_def_stmt(rhs1);
85320+
85321+ if (gimple_assign_rhs_code(def_stmt) != MULT_EXPR)
85322+ return false;
85323+ if (gimple_code(rhs1_def_stmt) != GIMPLE_ASSIGN)
85324+ return false;
85325+ if (gimple_assign_rhs_code(rhs1_def_stmt) != PLUS_EXPR)
85326+ return false;
85327+ return true;
85328+}
85329+
85330+static tree handle_intentional_overflow(struct pointer_set_t *visited, gimple def_stmt, tree rhs1, tree rhs2)
85331+{
85332+ if (is_mult_overflow(def_stmt, rhs1))
85333+ return handle_intentional_mult_overflow(visited, rhs1, rhs2);
85334+ return NULL_TREE;
85335+}
85336+
85337+static tree handle_binary_ops(struct pointer_set_t *visited, tree var)
85338+{
85339+ tree rhs1, rhs2;
85340+ gimple def_stmt = get_def_stmt(var);
85341+ tree new_rhs1 = NULL_TREE;
85342+ tree new_rhs2 = NULL_TREE;
85343+
85344+ rhs1 = gimple_assign_rhs1(def_stmt);
85345+ rhs2 = gimple_assign_rhs2(def_stmt);
85346+
85347+ /* no DImode/TImode division in the 32/64 bit kernel */
85348+ switch (gimple_assign_rhs_code(def_stmt)) {
85349+ case RDIV_EXPR:
85350+ case TRUNC_DIV_EXPR:
85351+ case CEIL_DIV_EXPR:
85352+ case FLOOR_DIV_EXPR:
85353+ case ROUND_DIV_EXPR:
85354+ case TRUNC_MOD_EXPR:
85355+ case CEIL_MOD_EXPR:
85356+ case FLOOR_MOD_EXPR:
85357+ case ROUND_MOD_EXPR:
85358+ case EXACT_DIV_EXPR:
85359+ case POINTER_PLUS_EXPR:
85360+ /* logical AND cannot cause an overflow */
85361+ case BIT_AND_EXPR:
85362+ return create_assign(visited, def_stmt, var, AFTER_STMT);
85363+ default:
85364+ break;
85365+ }
85366+
85367+ if (is_gimple_constant(rhs2)) {
85368+ new_rhs2 = signed_cast_constant(rhs2);
85369+ new_rhs1 = handle_intentional_overflow(visited, def_stmt, rhs1, rhs2);
85370+ }
85371+
85372+ if (is_gimple_constant(rhs1)) {
85373+ new_rhs1 = signed_cast_constant(rhs1);
85374+ new_rhs2 = handle_intentional_overflow(visited, def_stmt, rhs2, rhs1);
85375+ }
85376+
85377+ if (new_rhs1 == NULL_TREE && TREE_CODE(rhs1) == SSA_NAME)
85378+ new_rhs1 = expand(visited, rhs1);
85379+ if (new_rhs2 == NULL_TREE && TREE_CODE(rhs2) == SSA_NAME)
85380+ new_rhs2 = expand(visited, rhs2);
85381+
85382+ return dup_assign(visited, def_stmt, new_rhs1, new_rhs2, NULL_TREE);
85383+}
85384+
85385+#if BUILDING_GCC_VERSION >= 4007
85386+static tree get_new_rhs(struct pointer_set_t *visited, tree rhs)
85387+{
85388+ if (is_gimple_constant(rhs))
85389+ return signed_cast_constant(rhs);
85390+ if (TREE_CODE(rhs) != SSA_NAME)
85391+ return NULL_TREE;
85392+ return expand(visited, rhs);
85393+}
85394+
85395+static tree handle_ternary_ops(struct pointer_set_t *visited, tree var)
85396+{
85397+ tree rhs1, rhs2, rhs3, new_rhs1, new_rhs2, new_rhs3;
85398+ gimple def_stmt = get_def_stmt(var);
85399+
85400+ rhs1 = gimple_assign_rhs1(def_stmt);
85401+ rhs2 = gimple_assign_rhs2(def_stmt);
85402+ rhs3 = gimple_assign_rhs3(def_stmt);
85403+ new_rhs1 = get_new_rhs(visited, rhs1);
85404+ new_rhs2 = get_new_rhs(visited, rhs2);
85405+ new_rhs3 = get_new_rhs(visited, rhs3);
85406+
85407+ if (new_rhs1 == NULL_TREE && new_rhs2 != NULL_TREE && new_rhs3 != NULL_TREE)
85408+ return dup_assign(visited, def_stmt, new_rhs1, new_rhs2, new_rhs3);
85409+ error("handle_ternary_ops: unknown rhs");
85410+ gcc_unreachable();
85411+}
85412+#endif
85413+
85414+static void set_size_overflow_type(tree node)
85415+{
85416+ switch (TYPE_MODE(TREE_TYPE(node))) {
85417+ case SImode:
85418+ signed_size_overflow_type = intDI_type_node;
85419+ unsigned_size_overflow_type = unsigned_intDI_type_node;
85420+ break;
85421+ case DImode:
85422+ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) {
85423+ signed_size_overflow_type = intDI_type_node;
85424+ unsigned_size_overflow_type = unsigned_intDI_type_node;
85425+ } else {
85426+ signed_size_overflow_type = intTI_type_node;
85427+ unsigned_size_overflow_type = unsigned_intTI_type_node;
85428+ }
85429+ break;
85430+ default:
85431+ error("set_size_overflow_type: unsupported gcc configuration.");
85432+ gcc_unreachable();
85433+ }
85434+}
85435+
85436+static tree expand_visited(gimple def_stmt)
85437+{
85438+ gimple tmp;
85439+ gimple_stmt_iterator gsi = gsi_for_stmt(def_stmt);
85440+
85441+ gsi_next(&gsi);
85442+ tmp = gsi_stmt(gsi);
85443+ switch (gimple_code(tmp)) {
85444+ case GIMPLE_ASSIGN:
85445+ return gimple_get_lhs(tmp);
85446+ case GIMPLE_PHI:
85447+ return gimple_phi_result(tmp);
85448+ case GIMPLE_CALL:
85449+ return gimple_call_lhs(tmp);
85450+ default:
85451+ return NULL_TREE;
85452+ }
85453+}
85454+
85455+static tree expand(struct pointer_set_t *visited, tree var)
85456+{
85457+ gimple def_stmt;
85458+
85459+ if (is_gimple_constant(var))
85460+ return NULL_TREE;
85461+
85462+ if (TREE_CODE(var) == ADDR_EXPR)
85463+ return NULL_TREE;
85464+
85465+ if (SSA_NAME_IS_DEFAULT_DEF(var))
85466+ return NULL_TREE;
85467+
85468+ def_stmt = get_def_stmt(var);
85469+
85470+ if (!def_stmt)
85471+ return NULL_TREE;
85472+
85473+ if (pointer_set_contains(visited, def_stmt))
85474+ return expand_visited(def_stmt);
85475+
85476+ switch (gimple_code(def_stmt)) {
85477+ case GIMPLE_NOP:
85478+ check_missing_attribute(var);
85479+ return NULL_TREE;
85480+ case GIMPLE_PHI:
85481+ return build_new_phi(visited, def_stmt);
85482+ case GIMPLE_CALL:
85483+ case GIMPLE_ASM:
85484+ gcc_assert(TREE_CODE(TREE_TYPE(var)) != VOID_TYPE);
85485+ return create_assign(visited, def_stmt, var, AFTER_STMT);
85486+ case GIMPLE_ASSIGN:
85487+ switch (gimple_num_ops(def_stmt)) {
85488+ case 2:
85489+ return handle_unary_ops(visited, var);
85490+ case 3:
85491+ return handle_binary_ops(visited, var);
85492+#if BUILDING_GCC_VERSION >= 4007
85493+ case 4:
85494+ return handle_ternary_ops(visited, var);
85495+#endif
85496+ }
85497+ default:
85498+ debug_gimple_stmt(def_stmt);
85499+ error("expand: unknown gimple code");
85500+ gcc_unreachable();
85501+ }
85502+}
85503+
85504+static void change_function_arg(gimple func_stmt, tree origarg, unsigned int argnum, tree newarg)
85505+{
85506+ gimple assign, stmt;
85507+ gimple_stmt_iterator gsi = gsi_for_stmt(func_stmt);
85508+ tree origtype = TREE_TYPE(origarg);
85509+
85510+ stmt = gsi_stmt(gsi);
85511+ gcc_assert(gimple_code(stmt) == GIMPLE_CALL);
85512+
85513+ assign = build_cast_stmt(origtype, newarg, CREATE_NEW_VAR, gimple_location(stmt));
85514+ gsi_insert_before(&gsi, assign, GSI_SAME_STMT);
85515+ update_stmt(assign);
85516+
85517+ gimple_call_set_arg(stmt, argnum, gimple_get_lhs(assign));
85518+ update_stmt(stmt);
85519+}
85520+
85521+static tree get_function_arg(unsigned int argnum, gimple stmt, tree fndecl)
85522+{
85523+ const char *origid;
85524+ tree arg, origarg;
85525+
85526+ if (!DECL_ABSTRACT_ORIGIN(fndecl)) {
85527+ gcc_assert(gimple_call_num_args(stmt) > argnum);
85528+ return gimple_call_arg(stmt, argnum);
85529+ }
85530+
85531+ origarg = DECL_ARGUMENTS(DECL_ABSTRACT_ORIGIN(fndecl));
85532+ while (origarg && argnum) {
85533+ argnum--;
85534+ origarg = TREE_CHAIN(origarg);
85535+ }
85536+
85537+ gcc_assert(argnum == 0);
85538+
85539+ gcc_assert(origarg != NULL_TREE);
85540+ origid = NAME(origarg);
85541+ for (arg = DECL_ARGUMENTS(fndecl); arg; arg = TREE_CHAIN(arg)) {
85542+ if (!strcmp(origid, NAME(arg)))
85543+ return arg;
85544+ }
85545+ return NULL_TREE;
85546+}
85547+
85548+static void insert_cond(tree arg, basic_block cond_bb)
85549+{
85550+ gimple cond_stmt;
85551+ gimple_stmt_iterator gsi = gsi_last_bb(cond_bb);
85552+
85553+ cond_stmt = gimple_build_cond(GT_EXPR, arg, build_int_cstu(signed_size_overflow_type, 0x7fffffff), NULL_TREE, NULL_TREE);
85554+ gsi_insert_after(&gsi, cond_stmt, GSI_CONTINUE_LINKING);
85555+ update_stmt(cond_stmt);
85556+}
85557+
85558+static tree create_string_param(tree string)
85559+{
85560+ tree array_ref = build4(ARRAY_REF, TREE_TYPE(string), string, integer_zero_node, NULL, NULL);
85561+
85562+ return build1(ADDR_EXPR, ptr_type_node, array_ref);
85563+}
85564+
85565+static void insert_cond_result(basic_block bb_true, gimple stmt, tree arg)
85566+{
85567+ gimple func_stmt, def_stmt;
85568+ tree current_func, loc_file, loc_line;
85569+ expanded_location xloc;
85570+ gimple_stmt_iterator gsi = gsi_start_bb(bb_true);
85571+
85572+ def_stmt = get_def_stmt(arg);
85573+ xloc = expand_location(gimple_location(def_stmt));
85574+
85575+ if (!gimple_has_location(def_stmt)) {
85576+ xloc = expand_location(gimple_location(stmt));
85577+ gcc_assert(gimple_has_location(stmt));
85578+ }
85579+
85580+ loc_line = build_int_cstu(unsigned_type_node, xloc.line);
85581+
85582+ loc_file = build_string(strlen(xloc.file), xloc.file);
85583+ TREE_TYPE(loc_file) = char_array_type_node;
85584+ loc_file = create_string_param(loc_file);
85585+
85586+ current_func = build_string(IDENTIFIER_LENGTH(DECL_NAME(current_function_decl)), NAME(current_function_decl));
85587+ TREE_TYPE(current_func) = char_array_type_node;
85588+ current_func = create_string_param(current_func);
85589+
85590+ // void report_size_overflow(const char *file, unsigned int line, const char *func)
85591+ func_stmt = gimple_build_call(report_size_overflow_decl, 3, loc_file, loc_line, current_func);
85592+
85593+ gsi_insert_after(&gsi, func_stmt, GSI_CONTINUE_LINKING);
85594+}
85595+
85596+static void insert_check_size_overflow(gimple stmt, tree arg)
85597+{
85598+ basic_block cond_bb, join_bb, bb_true;
85599+ edge e;
85600+ gimple_stmt_iterator gsi = gsi_for_stmt(stmt);
85601+
85602+ cond_bb = gimple_bb(stmt);
85603+ gsi_prev(&gsi);
85604+ if (gsi_end_p(gsi))
85605+ e = split_block_after_labels(cond_bb);
85606+ else
85607+ e = split_block(cond_bb, gsi_stmt(gsi));
85608+ cond_bb = e->src;
85609+ join_bb = e->dest;
85610+ e->flags = EDGE_FALSE_VALUE;
85611+ e->probability = REG_BR_PROB_BASE;
85612+
85613+ bb_true = create_empty_bb(cond_bb);
85614+ make_edge(cond_bb, bb_true, EDGE_TRUE_VALUE);
85615+
85616+ if (dom_info_available_p(CDI_DOMINATORS)) {
85617+ set_immediate_dominator(CDI_DOMINATORS, bb_true, cond_bb);
85618+ set_immediate_dominator(CDI_DOMINATORS, join_bb, cond_bb);
85619+ }
85620+
85621+ insert_cond(arg, cond_bb);
85622+ insert_cond_result(bb_true, stmt, arg);
85623+}
85624+
85625+static void handle_function_arg(gimple stmt, tree fndecl, unsigned int argnum)
85626+{
85627+ struct pointer_set_t *visited;
85628+ tree arg, newarg;
85629+ gimple ucast_stmt;
85630+ gimple_stmt_iterator gsi;
85631+ location_t loc = gimple_location(stmt);
85632+
85633+ arg = get_function_arg(argnum, stmt, fndecl);
85634+ if (arg == NULL_TREE)
85635+ return;
85636+
85637+ if (is_gimple_constant(arg))
85638+ return;
85639+ if (TREE_CODE(arg) != SSA_NAME)
85640+ return;
85641+
85642+ set_size_overflow_type(arg);
85643+ visited = pointer_set_create();
85644+ newarg = expand(visited, arg);
85645+ pointer_set_destroy(visited);
85646+
85647+ if (newarg == NULL_TREE)
85648+ return;
85649+
85650+ change_function_arg(stmt, arg, argnum, newarg);
85651+
85652+ ucast_stmt = build_cast_stmt(unsigned_size_overflow_type, newarg, CREATE_NEW_VAR, loc);
85653+ gsi = gsi_for_stmt(stmt);
85654+ gsi_insert_before(&gsi, ucast_stmt, GSI_SAME_STMT);
85655+
85656+ insert_check_size_overflow(stmt, gimple_get_lhs(ucast_stmt));
85657+// inform(loc, "Integer size_overflow check applied here.");
85658+}
85659+
85660+static void handle_function_by_attribute(gimple stmt, tree attr, tree fndecl)
85661+{
85662+ tree p = TREE_VALUE(attr);
85663+ do {
85664+ handle_function_arg(stmt, fndecl, TREE_INT_CST_LOW(TREE_VALUE(p))-1);
85665+ p = TREE_CHAIN(p);
85666+ } while (p);
85667+}
85668+
85669+static void handle_function_by_hash(gimple stmt, tree fndecl)
85670+{
85671+ struct size_overflow_hash *hash;
85672+ expanded_location xloc;
85673+
85674+ hash = get_function_hash(fndecl);
85675+ xloc = expand_location(DECL_SOURCE_LOCATION(fndecl));
85676+
85677+ fndecl = get_original_function_decl(fndecl);
85678+ if (!hash->name || !hash->file)
85679+ return;
85680+ if (strcmp(hash->name, NAME(fndecl)) || strcmp(hash->file, xloc.file))
85681+ return;
85682+
85683+#define search_param(argnum) \
85684+ if (hash->param##argnum) \
85685+ handle_function_arg(stmt, fndecl, argnum - 1);
85686+
85687+ search_param(1);
85688+ search_param(2);
85689+ search_param(3);
85690+ search_param(4);
85691+ search_param(5);
85692+ search_param(6);
85693+ search_param(7);
85694+ search_param(8);
85695+ search_param(9);
85696+#undef search_param
85697+}
85698+
85699+static unsigned int handle_function(void)
85700+{
85701+ basic_block bb = ENTRY_BLOCK_PTR->next_bb;
85702+ int saved_last_basic_block = last_basic_block;
85703+
85704+ do {
85705+ gimple_stmt_iterator gsi;
85706+ basic_block next = bb->next_bb;
85707+
85708+ for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) {
85709+ tree fndecl, attr;
85710+ gimple stmt = gsi_stmt(gsi);
85711+
85712+ if (!(is_gimple_call(stmt)))
85713+ continue;
85714+ fndecl = gimple_call_fndecl(stmt);
85715+ if (fndecl == NULL_TREE)
85716+ continue;
85717+ if (gimple_call_num_args(stmt) == 0)
85718+ continue;
85719+ attr = lookup_attribute("size_overflow", TYPE_ATTRIBUTES(TREE_TYPE(fndecl)));
85720+ if (!attr || !TREE_VALUE(attr))
85721+ handle_function_by_hash(stmt, fndecl);
85722+ else
85723+ handle_function_by_attribute(stmt, attr, fndecl);
85724+ gsi = gsi_for_stmt(stmt);
85725+ }
85726+ bb = next;
85727+ } while (bb && bb->index <= saved_last_basic_block);
85728+ return 0;
85729+}
85730+
85731+static struct gimple_opt_pass size_overflow_pass = {
85732+ .pass = {
85733+ .type = GIMPLE_PASS,
85734+ .name = "size_overflow",
85735+ .gate = NULL,
85736+ .execute = handle_function,
85737+ .sub = NULL,
85738+ .next = NULL,
85739+ .static_pass_number = 0,
85740+ .tv_id = TV_NONE,
85741+ .properties_required = PROP_cfg | PROP_referenced_vars,
85742+ .properties_provided = 0,
85743+ .properties_destroyed = 0,
85744+ .todo_flags_start = 0,
85745+ .todo_flags_finish = TODO_verify_ssa | TODO_verify_stmts | TODO_dump_func | TODO_remove_unused_locals | TODO_update_ssa_no_phi | TODO_cleanup_cfg | TODO_ggc_collect | TODO_verify_flow
85746+ }
85747+};
85748+
85749+static void start_unit_callback(void __unused *gcc_data, void __unused *user_data)
85750+{
85751+ tree fntype;
85752+
85753+ const_char_ptr_type_node = build_pointer_type(build_type_variant(char_type_node, 1, 0));
85754+
85755+ // void report_size_overflow(const char *loc_file, unsigned int loc_line, const char *current_func)
85756+ fntype = build_function_type_list(void_type_node,
85757+ const_char_ptr_type_node,
85758+ unsigned_type_node,
85759+ const_char_ptr_type_node,
85760+ NULL_TREE);
85761+ report_size_overflow_decl = build_fn_decl("report_size_overflow", fntype);
85762+
85763+ TREE_PUBLIC(report_size_overflow_decl) = 1;
85764+ DECL_EXTERNAL(report_size_overflow_decl) = 1;
85765+ DECL_ARTIFICIAL(report_size_overflow_decl) = 1;
85766+}
85767+
85768+extern struct gimple_opt_pass pass_dce;
85769+
85770+int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gcc_version *version)
85771+{
85772+ int i;
85773+ const char * const plugin_name = plugin_info->base_name;
85774+ const int argc = plugin_info->argc;
85775+ const struct plugin_argument * const argv = plugin_info->argv;
85776+ bool enable = true;
85777+
85778+ struct register_pass_info size_overflow_pass_info = {
85779+ .pass = &size_overflow_pass.pass,
85780+ .reference_pass_name = "mudflap2",
85781+ .ref_pass_instance_number = 1,
85782+ .pos_op = PASS_POS_INSERT_BEFORE
85783+ };
85784+
85785+ struct register_pass_info dce_pass_info = {
85786+ .pass = &pass_dce.pass,
85787+ .reference_pass_name = "mudflap2",
85788+ .ref_pass_instance_number = 1,
85789+ .pos_op = PASS_POS_INSERT_BEFORE
85790+ };
85791+
85792+ if (!plugin_default_version_check(version, &gcc_version)) {
85793+ error(G_("incompatible gcc/plugin versions"));
85794+ return 1;
85795+ }
85796+
85797+ for (i = 0; i < argc; ++i) {
85798+ if (!(strcmp(argv[i].key, "no-size_overflow"))) {
85799+ enable = false;
85800+ continue;
85801+ }
85802+ error(G_("unkown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
85803+ }
85804+
85805+ register_callback(plugin_name, PLUGIN_INFO, NULL, &size_overflow_plugin_info);
85806+ if (enable) {
85807+ register_callback ("start_unit", PLUGIN_START_UNIT, &start_unit_callback, NULL);
85808+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &size_overflow_pass_info);
85809+ register_callback(plugin_name, PLUGIN_PASS_MANAGER_SETUP, NULL, &dce_pass_info);
85810+ }
85811+ register_callback(plugin_name, PLUGIN_ATTRIBUTES, register_attributes, NULL);
85812+
85813+ return 0;
85814+}
80659diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c 85815diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c
80660new file mode 100644 85816new file mode 100644
80661index 0000000..4e82b16 85817index 0000000..b87ec9d
80662--- /dev/null 85818--- /dev/null
80663+++ b/tools/gcc/stackleak_plugin.c 85819+++ b/tools/gcc/stackleak_plugin.c
80664@@ -0,0 +1,311 @@ 85820@@ -0,0 +1,313 @@
80665+/* 85821+/*
80666+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> 85822+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu>
80667+ * Licensed under the GPL v2 85823+ * Licensed under the GPL v2
@@ -80853,12 +86009,14 @@ index 0000000..4e82b16
80853+ } 86009+ }
80854+ } 86010+ }
80855+ 86011+
80856+ // special case for some bad linux code: taking the address of static inline functions will materialize them 86012+ // special cases for some bad linux code: taking the address of static inline functions will materialize them
80857+ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI 86013+ // but we mustn't instrument some of them as the resulting stack alignment required by the function call ABI
80858+ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI. 86014+ // will break other assumptions regarding the expected (but not otherwise enforced) register clobbering ABI.
80859+ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here. 86015+ // case in point: native_save_fl on amd64 when optimized for size clobbers rdx if it were instrumented here.
80860+ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl)) 86016+ if (is_leaf && !TREE_PUBLIC(current_function_decl) && DECL_DECLARED_INLINE_P(current_function_decl))
80861+ return 0; 86017+ return 0;
86018+ if (is_leaf && !strncmp(IDENTIFIER_POINTER(DECL_NAME(current_function_decl)), "_paravirt_", 10))
86019+ return 0;
80862+ 86020+
80863+ // 4. insert track call at the beginning 86021+ // 4. insert track call at the beginning
80864+ if (!prologue_instrumented) { 86022+ if (!prologue_instrumented) {
diff --git a/main/linux-grsec/kernelconfig.x86 b/main/linux-grsec/kernelconfig.x86
index 4b2af2441d..2a1fefc198 100644
--- a/main/linux-grsec/kernelconfig.x86
+++ b/main/linux-grsec/kernelconfig.x86
@@ -1,6 +1,6 @@
1# 1#
2# Automatically generated file; DO NOT EDIT. 2# Automatically generated file; DO NOT EDIT.
3# Linux/i386 3.2.11 Kernel Configuration 3# Linux/i386 3.2.12 Kernel Configuration
4# 4#
5# CONFIG_64BIT is not set 5# CONFIG_64BIT is not set
6CONFIG_X86_32=y 6CONFIG_X86_32=y
@@ -5243,6 +5243,7 @@ CONFIG_PAX_RANDMMAP=y
5243CONFIG_PAX_MEMORY_UDEREF=y 5243CONFIG_PAX_MEMORY_UDEREF=y
5244CONFIG_PAX_REFCOUNT=y 5244CONFIG_PAX_REFCOUNT=y
5245# CONFIG_PAX_USERCOPY is not set 5245# CONFIG_PAX_USERCOPY is not set
5246# CONFIG_PAX_SIZE_OVERFLOW is not set
5246CONFIG_KEYS=y 5247CONFIG_KEYS=y
5247CONFIG_TRUSTED_KEYS=m 5248CONFIG_TRUSTED_KEYS=m
5248CONFIG_ENCRYPTED_KEYS=m 5249CONFIG_ENCRYPTED_KEYS=m
diff --git a/main/linux-grsec/kernelconfig.x86_64 b/main/linux-grsec/kernelconfig.x86_64
index 164d8ce484..3fc1a9fc33 100644
--- a/main/linux-grsec/kernelconfig.x86_64
+++ b/main/linux-grsec/kernelconfig.x86_64
@@ -1,6 +1,6 @@
1# 1#
2# Automatically generated file; DO NOT EDIT. 2# Automatically generated file; DO NOT EDIT.
3# Linux/x86_64 3.2.11 Kernel Configuration 3# Linux/x86_64 3.2.12 Kernel Configuration
4# 4#
5CONFIG_64BIT=y 5CONFIG_64BIT=y
6# CONFIG_X86_32 is not set 6# CONFIG_X86_32 is not set
@@ -5214,6 +5214,7 @@ CONFIG_PAX_RANDMMAP=y
5214# CONFIG_PAX_MEMORY_STACKLEAK is not set 5214# CONFIG_PAX_MEMORY_STACKLEAK is not set
5215CONFIG_PAX_REFCOUNT=y 5215CONFIG_PAX_REFCOUNT=y
5216# CONFIG_PAX_USERCOPY is not set 5216# CONFIG_PAX_USERCOPY is not set
5217# CONFIG_PAX_SIZE_OVERFLOW is not set
5217CONFIG_KEYS=y 5218CONFIG_KEYS=y
5218CONFIG_TRUSTED_KEYS=m 5219CONFIG_TRUSTED_KEYS=m
5219CONFIG_ENCRYPTED_KEYS=m 5220CONFIG_ENCRYPTED_KEYS=m
diff --git a/main/lm_sensors/APKBUILD b/main/lm_sensors/APKBUILD
index cffca424d2..28481102d7 100644
--- a/main/lm_sensors/APKBUILD
+++ b/main/lm_sensors/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=lm_sensors 2pkgname=lm_sensors
3pkgver=3.3.1 3pkgver=3.3.2
4pkgrel=0 4pkgrel=0
5pkgdesc="Collection of user space tools for general SMBus access and hardware monitoring." 5pkgdesc="Collection of user space tools for general SMBus access and hardware monitoring."
6url="http://www.lm-sensors.org/" 6url="http://www.lm-sensors.org/"
@@ -66,7 +66,7 @@ detect() {
66 mv usr/sbin/sensors-detect "$subpkgdir"/usr/bin/ 66 mv usr/sbin/sensors-detect "$subpkgdir"/usr/bin/
67} 67}
68 68
69md5sums="8c0eebda8524fc87da1393b4564d279b lm_sensors-3.3.1.tar.bz2 69md5sums="f357ba00b080ab102a170f7bf8bb2578 lm_sensors-3.3.2.tar.bz2
70b6e7de1a1768f7a6ea2e00c226331877 lm_sensors-3.1.0-sensors-detect-alpine.patch 70b6e7de1a1768f7a6ea2e00c226331877 lm_sensors-3.1.0-sensors-detect-alpine.patch
7158f4c9193a903711ace7fa0754693bd2 fancontrol.initd 7158f4c9193a903711ace7fa0754693bd2 fancontrol.initd
722c7e97203da2c39bc9fbfc2a4849cfd4 lm_sensors.initd 722c7e97203da2c39bc9fbfc2a4849cfd4 lm_sensors.initd
diff --git a/main/mc/APKBUILD b/main/mc/APKBUILD
index b68fb8b209..34f8431283 100644
--- a/main/mc/APKBUILD
+++ b/main/mc/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=mc 2pkgname=mc
3pkgver=4.8.1 3pkgver=4.8.2
4pkgrel=0 4pkgrel=0
5pkgdesc="A filemanager/shell that emulates Norton Commander" 5pkgdesc="A filemanager/shell that emulates Norton Commander"
6url="http://www.ibiblio.org/mc/" 6url="http://www.ibiblio.org/mc/"
@@ -41,4 +41,4 @@ package() {
41 make DESTDIR="$pkgdir" install || return 1 41 make DESTDIR="$pkgdir" install || return 1
42} 42}
43 43
44md5sums="7d60c87d87b359831d976fa28034935e mc-4.8.1.tar.bz2" 44md5sums="54eba7680f3e24fbdb8d83e2cde9eca3 mc-4.8.2.tar.bz2"
diff --git a/main/mpg123/APKBUILD b/main/mpg123/APKBUILD
index 8da495f4c8..cb134acce9 100644
--- a/main/mpg123/APKBUILD
+++ b/main/mpg123/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=mpg123 2pkgname=mpg123
3pkgver=1.13.4 3pkgver=1.13.6
4pkgrel=0 4pkgrel=0
5pkgdesc="A console based real time MPEG Audio Player for Layer 1, 2 and 3" 5pkgdesc="A console based real time MPEG Audio Player for Layer 1, 2 and 3"
6url="http://sourceforge.net/projects/mpg123" 6url="http://sourceforge.net/projects/mpg123"
@@ -29,4 +29,4 @@ package() {
29 make DESTDIR="$pkgdir" install || return 1 29 make DESTDIR="$pkgdir" install || return 1
30} 30}
31 31
32md5sums="073620b3938c4cb9c4f70e8fe3e114b8 mpg123-1.13.4.tar.bz2" 32md5sums="f42420bf023ce601e665d7910fc8563e mpg123-1.13.6.tar.bz2"
diff --git a/main/nasm/APKBUILD b/main/nasm/APKBUILD
index 0cd317cb50..587b44db81 100644
--- a/main/nasm/APKBUILD
+++ b/main/nasm/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=nasm 2pkgname=nasm
3pkgver=2.09.10 3pkgver=2.10
4pkgrel=0 4pkgrel=0
5pkgdesc="80x86 assembler designed for portability and modularity" 5pkgdesc="80x86 assembler designed for portability and modularity"
6url="http://nasm.sourceforge.net" 6url="http://nasm.sourceforge.net"
@@ -24,4 +24,4 @@ package() {
24 cd "$srcdir/$pkgname-$pkgver" 24 cd "$srcdir/$pkgname-$pkgver"
25 make INSTALLROOT="$pkgdir" install 25 make INSTALLROOT="$pkgdir" install
26} 26}
27md5sums="15c79dcb5838870a0fac15feb5fade66 nasm-2.09.10.tar.bz2" 27md5sums="f9d3bf31d5e372c9a17ad66a8968584a nasm-2.10.tar.bz2"
diff --git a/main/open-vm-tools-grsec/APKBUILD b/main/open-vm-tools-grsec/APKBUILD
index 1a5d70d894..3eb3f01039 100644
--- a/main/open-vm-tools-grsec/APKBUILD
+++ b/main/open-vm-tools-grsec/APKBUILD
@@ -2,7 +2,7 @@
2 2
3_flavor=grsec 3_flavor=grsec
4_realname=open-vm-tools 4_realname=open-vm-tools
5_kver=3.2.11 5_kver=3.2.12
6_kpkgrel=0 6_kpkgrel=0
7 7
8_realver=2011.12.20 8_realver=2011.12.20
diff --git a/main/parted/APKBUILD b/main/parted/APKBUILD
index 34fdffeaed..f06fc54ebc 100644
--- a/main/parted/APKBUILD
+++ b/main/parted/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=parted 2pkgname=parted
3pkgver=3.0 3pkgver=3.1
4pkgrel=0 4pkgrel=0
5pkgdesc="Utility to create, destroy, resize, check and copy partitions" 5pkgdesc="Utility to create, destroy, resize, check and copy partitions"
6url="http://www.gnu.org/software/parted/parted.html" 6url="http://www.gnu.org/software/parted/parted.html"
@@ -8,8 +8,8 @@ arch="all"
8license="GPL3" 8license="GPL3"
9subpackages="$pkgname-dev $pkgname-doc" 9subpackages="$pkgname-dev $pkgname-doc"
10depends= 10depends=
11makedepends="pkgconfig e2fsprogs-dev readline-dev ncurses-dev lvm2-dev" 11makedepends="pkgconfig e2fsprogs-dev readline-dev ncurses-dev lvm2-dev bash"
12source="ftp://ftp.gnu.org/pub/gnu/$pkgname/$pkgname-$pkgver.tar.gz" 12source="ftp://ftp.gnu.org/pub/gnu/$pkgname/$pkgname-$pkgver.tar.xz"
13 13
14_builddir="$srcdir"/$pkgname-$pkgver 14_builddir="$srcdir"/$pkgname-$pkgver
15build() { 15build() {
@@ -26,4 +26,4 @@ package() {
26 make DESTDIR="$pkgdir" install || return 1 26 make DESTDIR="$pkgdir" install || return 1
27 rm "$pkgdir"/usr/lib/*.la || return 1 27 rm "$pkgdir"/usr/lib/*.la || return 1
28} 28}
29md5sums="a94e84a9b9944715c4453f82ccc639bf parted-3.0.tar.gz" 29md5sums="5d89d64d94bcfefa9ce8f59f4b81bdcb parted-3.1.tar.xz"
diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD
index 38b66b48d9..923d3a091b 100644
--- a/main/sqlite/APKBUILD
+++ b/main/sqlite/APKBUILD
@@ -1,6 +1,6 @@
1# Maintainer: Carlo Landmeter <clandmeter@gmail.com> 1# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
2pkgname=sqlite 2pkgname=sqlite
3pkgver=3.7.10 3pkgver=3.7.11
4_a=${pkgver%%.*} 4_a=${pkgver%%.*}
5_b=${pkgver#${_a}.} 5_b=${pkgver#${_a}.}
6_b=${_b%%.*} 6_b=${_b%%.*}
@@ -78,5 +78,5 @@ package() {
78 install -Dm644 ${srcdir}/license.txt ${pkgdir}/usr/share/licenses/${pkgname}/license.txt 78 install -Dm644 ${srcdir}/license.txt ${pkgdir}/usr/share/licenses/${pkgname}/license.txt
79} 79}
80 80
81md5sums="9ed2ca93577b58cfa0d01f64b9312ab9 sqlite-autoconf-3071000.tar.gz 81md5sums="0552d71bda98ebdcaea305cd6058221b sqlite-autoconf-3071100.tar.gz
82c1cdbc5544034d9012e421e75a5e4890 license.txt" 82c1cdbc5544034d9012e421e75a5e4890 license.txt"
diff --git a/main/udisks/APKBUILD b/main/udisks/APKBUILD
index 4366394b74..dd1922e8b6 100644
--- a/main/udisks/APKBUILD
+++ b/main/udisks/APKBUILD
@@ -2,7 +2,7 @@
2# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 2# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
3pkgname=udisks 3pkgname=udisks
4pkgver=1.0.4 4pkgver=1.0.4
5pkgrel=1 5pkgrel=2
6pkgdesc="Disk Management Service" 6pkgdesc="Disk Management Service"
7url="http://www.freedesktop.org/wiki/Software/udisks" 7url="http://www.freedesktop.org/wiki/Software/udisks"
8arch="all" 8arch="all"
@@ -12,7 +12,7 @@ makedepends="glib-dev polkit-dev parted-dev udev-dev sg3_utils-dev
12 dbus-dev dbus-glib-dev lvm2-dev pkgconfig libatasmart-dev 12 dbus-dev dbus-glib-dev lvm2-dev pkgconfig libatasmart-dev
13 intltool eggdbus-dev expat-dev docbook-xsl libxslt" 13 intltool eggdbus-dev expat-dev docbook-xsl libxslt"
14install= 14install=
15subpackages="$pkgname-dev $pkgname-doc" 15subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
16source="http://hal.freedesktop.org/releases/$pkgname-$pkgver.tar.gz 16source="http://hal.freedesktop.org/releases/$pkgname-$pkgver.tar.gz
17 udisks-uhelper.patch 17 udisks-uhelper.patch
18 " 18 "
diff --git a/main/util-vserver/APKBUILD b/main/util-vserver/APKBUILD
index f2364f452a..59d4ec1203 100644
--- a/main/util-vserver/APKBUILD
+++ b/main/util-vserver/APKBUILD
@@ -2,7 +2,7 @@
2pkgname=util-vserver 2pkgname=util-vserver
3pkgver=0.30.216_pre3029 3pkgver=0.30.216_pre3029
4_realver=${pkgver/_/-} 4_realver=${pkgver/_/-}
5pkgrel=0 5pkgrel=1
6pkgdesc="Linux-VServer admin utilities" 6pkgdesc="Linux-VServer admin utilities"
7url="http://www.nongnu.org/util-vserver/" 7url="http://www.nongnu.org/util-vserver/"
8arch="all" 8arch="all"
@@ -58,4 +58,4 @@ package() {
58 58
59md5sums="e0775fe6ee9ce390be2be84c94eca4ab util-vserver-0.30.216-pre3029.tar.bz2 59md5sums="e0775fe6ee9ce390be2be84c94eca4ab util-vserver-0.30.216-pre3029.tar.bz2
60fae6626b724dec90a19924d68d355cd2 setup-vs-template 60fae6626b724dec90a19924d68d355cd2 setup-vs-template
614778b260b0fa8b5ce05d0a64f0b2fb39 setup-vs-guest" 61dfd0a543b6dcaeef647ceac0ae103d12 setup-vs-guest"
diff --git a/main/util-vserver/setup-vs-guest b/main/util-vserver/setup-vs-guest
index 985be9c3ad..8d33f6c081 100644
--- a/main/util-vserver/setup-vs-guest
+++ b/main/util-vserver/setup-vs-guest
@@ -182,11 +182,30 @@ ask_hostname() {
182 done 182 done
183} 183}
184 184
185available_ifaces() {
186 local iflist= ifpath= iface= i=
187 sorted_ifindexes=$(
188 for i in /sys/class/net/*/ifindex; do
189 [ -e "$i" ] || continue
190 echo -e "$(cat $i)\t$i";
191 done | sort -n | awk '{print $2}')
192 for i in $sorted_ifindexes; do
193 ifpath=${i%/*}
194 iface=${ifpath##*/}
195 # skip interfaces that are part of a bond or bridge
196 if [ -d "$ifpath"/master/bonding ] || [ -d "$ifpath"/brport ]; then
197 continue
198 fi
199 iflist="${iflist}${iflist:+ }$iface"
200 done
201 echo $iflist
202}
203
185ask_ifaceopts() { 204ask_ifaceopts() {
186 # get ip address(es) 205 # get ip address(es)
187 resp= 206 resp=
188 local ifaceopts= _def= _iface= 207 local ifaceopts= _def= _iface=
189 local ifaces=$(ip addr | awk -F: '$1 ~ /^[0-9]/ {printf "%s" $2} END {printf "\n"}') 208 local ifaces=$(available_ifaces)
190 local last_iface=$(echo $ifaces | sed 's/.* //') 209 local last_iface=$(echo $ifaces | sed 's/.* //')
191 while [ "$resp" != "done" ]; do 210 while [ "$resp" != "done" ]; do
192 if [ -z "$ifaces" ] || [ "$ifaces" = "lo " ] || [ -n "$ifaceopts" ]; then 211 if [ -z "$ifaces" ] || [ "$ifaces" = "lo " ] || [ -n "$ifaceopts" ]; then
diff --git a/main/xtables-addons-grsec/APKBUILD b/main/xtables-addons-grsec/APKBUILD
index d3d24ccc67..df4b4759c3 100644
--- a/main/xtables-addons-grsec/APKBUILD
+++ b/main/xtables-addons-grsec/APKBUILD
@@ -3,7 +3,7 @@ _flavor=${FLAVOR:-grsec}
3_realname=xtables-addons 3_realname=xtables-addons
4_name=$_realname-$_flavor 4_name=$_realname-$_flavor
5 5
6_kver=3.2.11 6_kver=3.2.12
7_kpkgrel=0 7_kpkgrel=0
8 8
9# source the kernel version 9# source the kernel version
diff --git a/testing/gnash/APKBUILD b/testing/gnash/APKBUILD
index 9f791462b3..432bbd652f 100644
--- a/testing/gnash/APKBUILD
+++ b/testing/gnash/APKBUILD
@@ -2,7 +2,7 @@
2# Maintainer: William Pitcock <nenolod@dereferenced.org> 2# Maintainer: William Pitcock <nenolod@dereferenced.org>
3pkgname=gnash 3pkgname=gnash
4pkgver=0.8.10 4pkgver=0.8.10
5pkgrel=1 5pkgrel=2
6pkgdesc="GNU flash player implementation" 6pkgdesc="GNU flash player implementation"
7url="http://www.gnashdev.org/" 7url="http://www.gnashdev.org/"
8arch="all" 8arch="all"
diff --git a/testing/pdns/APKBUILD b/testing/pdns/APKBUILD
index 04dfb62bb2..a55655e64c 100644
--- a/testing/pdns/APKBUILD
+++ b/testing/pdns/APKBUILD
@@ -4,7 +4,7 @@ pkgname=pdns
4pkgver=3.0 4pkgver=3.0
5_extver=rc1 5_extver=rc1
6_realver=$pkgver-$_extver 6_realver=$pkgver-$_extver
7pkgrel=2 7pkgrel=3
8pkgdesc="PowerDNS Authoritative Server" 8pkgdesc="PowerDNS Authoritative Server"
9url="http://www.powerdns.com/" 9url="http://www.powerdns.com/"
10arch="all" 10arch="all"
diff --git a/testing/rrdcollect/APKBUILD b/testing/rrdcollect/APKBUILD
index 36e55972bd..56e6499aa1 100644
--- a/testing/rrdcollect/APKBUILD
+++ b/testing/rrdcollect/APKBUILD
@@ -1,8 +1,8 @@
1# Contributor: Michael Mason <ms13sp@gmail.com> 1# Contributor: Michael Mason <ms13sp@gmail.com>
2# Maintainer: Michael Mason <ms13sp@gmail.com> 2# Maintainer: Michael Mason <ms13sp@gmail.com>
3pkgname=rrdcollect 3pkgname=rrdcollect
4pkgver=0.2.4 4pkgver=0.2.9
5pkgrel=1 5pkgrel=2
6pkgdesc="Read system statistical data and feed it to RRDtool" 6pkgdesc="Read system statistical data and feed it to RRDtool"
7url="http://rrdcollect.sourceforge.net/" 7url="http://rrdcollect.sourceforge.net/"
8arch="all" 8arch="all"
@@ -11,22 +11,43 @@ depends="rrdtool"
11makedepends="libpcap-dev" 11makedepends="libpcap-dev"
12install= 12install=
13subpackages="$pkgname-doc" 13subpackages="$pkgname-doc"
14source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz" 14source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz
15 rrdcollect.conf.patch
16 rrdcollect.initd"
17
18_builddir="$srcdir/$pkgname-$pkgver"
19prepare() {
20 cd "$_builddir"
21 for i in $source; do
22 case $i in
23 *.patch)
24 msg "Applying $i"
25 patch -p1 -i "$srcdir"/$i || return 1
26 ;;
27 esac;
28 done
29}
15 30
16build() { 31build() {
17 cd "$srcdir/$pkgname-$pkgver" 32 cd "$_builddir"
18 33
19 ./configure --prefix=/usr \ 34 ./configure --prefix=/usr \
20 --sysconfdir=/etc \ 35 --localstatedir=/var \
36 --sysconfdir=/etc/rrdcollect \
21 --mandir=/usr/share/man \ 37 --mandir=/usr/share/man \
22 --infodir=/usr/share/info 38 --infodir=/usr/share/info
23 make || return 1 39 make || return 1
24} 40}
25 41
26package() { 42package() {
27 cd "$srcdir/$pkgname-$pkgver" 43 cd "$_builddir"
28 make DESTDIR="$pkgdir" install 44 make DESTDIR="$pkgdir" install
29 45
46 install -m755 -D "$srcdir"/rrdcollect.initd \
47 "$pkgdir"/etc/init.d/rrdcollect || return 1
48 install -m755 -d "$pkgdir"/var/lib/rrdtool || return 1
30} 49}
31 50
32md5sums="fd7ac95195e3e5cbab0677629505d9be rrdcollect-0.2.4.tar.gz" 51md5sums="1e94eb0f8d55ebf0f042c10baebc2d3d rrdcollect-0.2.9.tar.gz
52e09d7a588e31c9ecfc44fd1747ad732b rrdcollect.conf.patch
53d5a892939ee11351f6bbbf9218694f8b rrdcollect.initd"
diff --git a/testing/rrdcollect/rrdcollect.conf.patch b/testing/rrdcollect/rrdcollect.conf.patch
new file mode 100644
index 0000000000..9b1d7b3558
--- /dev/null
+++ b/testing/rrdcollect/rrdcollect.conf.patch
@@ -0,0 +1,46 @@
1--- rrdcollect-0.2.9.org/doc/sample-rrdcollect.conf
2+++ rrdcollect-0.2.9/doc/sample-rrdcollect.conf
3@@ -4,12 +4,12 @@
4 # Configuration values:
5
6 #step = 60
7-#directory = /var/lib/rrdtool
8+directory = /var/lib/rrdtool
9 #loglevel = LOG_NOTICE
10
11 # System statistics:
12 file:///proc/stat
13-"cpu %d %d %d %d" stat.rrd:cpu_user,cpu_nice,cpu_system,cpu_idle
14+"cpu %d %d %d %d %d %d %d" stat.rrd:cpu_user,cpu_nice,cpu_system,cpu_idle,cpu_iowait,cpu_irq,cpu_softirq
15 "ctxt %u" stat.rrd:ctxt
16 "page %u %u" stat.rrd:page_in,page_out
17 "processes %u" stat.rrd:processes
18@@ -21,15 +21,15 @@
19 "Swap: %*d %d %*d" memory.rrd:swap_used
20
21 # S.M.A.R.T. HDD temperature:
22-file:///proc/ide/hda/smart_values
23-7:"%*04x %*04x %02x%*02x" temperature.rrd:hda
24-file:///proc/ide/hdb/smart_values
25-7:"%*04x %*04x %02x%*02x" temperature.rrd:hdb
26+#file:///proc/ide/hda/smart_values
27+#7:"%*04x %*04x %02x%*02x" temperature.rrd:hda
28+#file:///proc/ide/hdb/smart_values
29+#7:"%*04x %*04x %02x%*02x" temperature.rrd:hdb
30
31 # Net: statistics
32 file:///proc/net/dev
33 " eth0: %d %d %*d %*d %*d %*d %*d %*d %d %d" eth0.rrd:bytes_in,pkts_in,bytes_out,pkts_out
34-" eth1: %d %d %*d %*d %*d %*d %*d %*d %d %d" eth1.rrd:bytes_in,pkts_in,bytes_out,pkts_out
35+#" eth1: %d %d %*d %*d %*d %*d %*d %*d %d %d" eth1.rrd:bytes_in,pkts_in,bytes_out,pkts_out
36
37 # NEW!
38 # exec:/// -- instead of reading from /proc/ file data is read from
39@@ -40,5 +40,5 @@
40 #
41 # To use it, you must compile with --enable-exec
42 # Remember, programs run with root permissions. Use at your own risk.
43-exec:///bin/df
44-"/dev/hda1 %*d %d %d" hda1.rrd:used,empty
45+#exec:///bin/df
46+#"/dev/sda1 %*d %d %d" sda1.rrd:used,empty
diff --git a/testing/rrdcollect/rrdcollect.initd b/testing/rrdcollect/rrdcollect.initd
new file mode 100755
index 0000000000..883e574e11
--- /dev/null
+++ b/testing/rrdcollect/rrdcollect.initd
@@ -0,0 +1,6 @@
1#!/sbin/runscript
2
3description="rrdcollect daemon"
4pidfile="/var/run/${RC_SVCNAME}.pid"
5command="/usr/sbin/rrdcollect"
6
diff --git a/testing/wanpipe-grsec/APKBUILD b/testing/wanpipe-grsec/APKBUILD
index 2a249eb390..46232b7bbf 100644
--- a/testing/wanpipe-grsec/APKBUILD
+++ b/testing/wanpipe-grsec/APKBUILD
@@ -3,7 +3,7 @@ _flavor=${FLAVOR:-grsec}
3_realname=wanpipe 3_realname=wanpipe
4_name=$_realname-$_flavor 4_name=$_realname-$_flavor
5 5
6_kver=3.2.11 6_kver=3.2.12
7_kpkgrel=0 7_kpkgrel=0
8 8
9# source the kernel version 9# source the kernel version
© 2015 Mike Crute