diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-04-15 06:39:01 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-04-15 06:51:10 +0000 |
commit | 73e47de159b631f9e3a0553a7a12523d4a40e7a2 (patch) | |
tree | 50d6a3ccf7002d6319d044be286ad1b6805c3499 | |
parent | 589cf8744233946b999555914e2fe738d0952959 (diff) | |
download | alpine_aports-73e47de159b631f9e3a0553a7a12523d4a40e7a2.tar.bz2 alpine_aports-73e47de159b631f9e3a0553a7a12523d4a40e7a2.tar.xz alpine_aports-73e47de159b631f9e3a0553a7a12523d4a40e7a2.zip |
main/linux-grsec: upgrade to 3.13.10
-rw-r--r-- | main/linux-grsec/APKBUILD | 20 | ||||
-rw-r--r-- | main/linux-grsec/ccache.patch | 10 | ||||
-rw-r--r-- | main/linux-grsec/grsecurity-3.0-3.13.10-201404141717.patch (renamed from main/linux-grsec/grsecurity-3.0-3.13.8-201404011912.patch) | 1443 |
3 files changed, 889 insertions, 584 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 669a058fe0..daf9543aa5 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD | |||
@@ -2,7 +2,7 @@ | |||
2 | 2 | ||
3 | _flavor=grsec | 3 | _flavor=grsec |
4 | pkgname=linux-${_flavor} | 4 | pkgname=linux-${_flavor} |
5 | pkgver=3.13.8 | 5 | pkgver=3.13.10 |
6 | case $pkgver in | 6 | case $pkgver in |
7 | *.*.*) _kernver=${pkgver%.*};; | 7 | *.*.*) _kernver=${pkgver%.*};; |
8 | *.*) _kernver=${pkgver};; | 8 | *.*) _kernver=${pkgver};; |
@@ -17,8 +17,7 @@ _config=${config:-kernelconfig.${CARCH}} | |||
17 | install= | 17 | install= |
18 | source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz | 18 | source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz |
19 | http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz | 19 | http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz |
20 | grsecurity-3.0-3.13.8-201404011912.patch | 20 | grsecurity-3.0-3.13.10-201404141717.patch |
21 | ccache.patch | ||
22 | 21 | ||
23 | fix-memory-map-for-PIE-applications.patch | 22 | fix-memory-map-for-PIE-applications.patch |
24 | platform-introduce-OF-style-modalias-support-for-pla.patch | 23 | platform-introduce-OF-style-modalias-support-for-pla.patch |
@@ -167,9 +166,8 @@ dev() { | |||
167 | } | 166 | } |
168 | 167 | ||
169 | md5sums="0ecbaf65c00374eb4a826c2f9f37606f linux-3.13.tar.xz | 168 | md5sums="0ecbaf65c00374eb4a826c2f9f37606f linux-3.13.tar.xz |
170 | 72b911bfc50de88c67bd0e8732978deb patch-3.13.8.xz | 169 | dcf42b5013a7831d02168fd3eda5cce2 patch-3.13.10.xz |
171 | 8d342a525405ccd167eb95a20c0e1062 grsecurity-3.0-3.13.8-201404011912.patch | 170 | da1f46883adb65bc5282565ed6ade3ef grsecurity-3.0-3.13.10-201404141717.patch |
172 | 2a1bac5f61da1962dfa90dfb16895eef ccache.patch | ||
173 | c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch | 171 | c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch |
174 | f5c7e4f1dc67f8560e4b9bbe75726d13 platform-introduce-OF-style-modalias-support-for-pla.patch | 172 | f5c7e4f1dc67f8560e4b9bbe75726d13 platform-introduce-OF-style-modalias-support-for-pla.patch |
175 | 1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch | 173 | 1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch |
@@ -177,9 +175,8 @@ f5c7e4f1dc67f8560e4b9bbe75726d13 platform-introduce-OF-style-modalias-support-f | |||
177 | 3949ef829d102d36255ff92ff76936d2 kernelconfig.x86_64 | 175 | 3949ef829d102d36255ff92ff76936d2 kernelconfig.x86_64 |
178 | 6ea461c60077b09aa75040f7672c7250 kernelconfig.armhf" | 176 | 6ea461c60077b09aa75040f7672c7250 kernelconfig.armhf" |
179 | sha256sums="4d5e5eee5f276424c32e9591f1b6c971baedc7b49f28ce03d1f48b1e5d6226a2 linux-3.13.tar.xz | 177 | sha256sums="4d5e5eee5f276424c32e9591f1b6c971baedc7b49f28ce03d1f48b1e5d6226a2 linux-3.13.tar.xz |
180 | 073a392f4d156955df26a09c3236faf375da0afc49077e6b805f5788b8fffb10 patch-3.13.8.xz | 178 | c323d141f02b349ac5b37c744e0689c98dc698be81c7c974b182983b8073b03d patch-3.13.10.xz |
181 | 9121632468387fa458326d1e05a62f855ba8c8ab49998500f56dca7768208bbb grsecurity-3.0-3.13.8-201404011912.patch | 179 | dd622dc23662c40d747efb1a7fb5ac8975f5e6d133f4c04af71aa87f5e722aef grsecurity-3.0-3.13.10-201404141717.patch |
182 | b6abce04f005314f768707a54f85d150cfde1a738f20c569ffa0d11770ff70dc ccache.patch | ||
183 | 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch | 180 | 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch |
184 | e90bb651da4ff16df25565e44ca70e26367bbcbf9d27962c796c6afd5eecea96 platform-introduce-OF-style-modalias-support-for-pla.patch | 181 | e90bb651da4ff16df25565e44ca70e26367bbcbf9d27962c796c6afd5eecea96 platform-introduce-OF-style-modalias-support-for-pla.patch |
185 | 21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch | 182 | 21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch |
@@ -187,9 +184,8 @@ f8297eb16cfbe48d5202072e21fa16ebac95de26c8cfa8ec5a66610504af2f81 kernelconfig.x | |||
187 | fd55e28d9baf330d6593453da592bcc03779694e7c3fb496fec47cdad1d7bcaa kernelconfig.x86_64 | 184 | fd55e28d9baf330d6593453da592bcc03779694e7c3fb496fec47cdad1d7bcaa kernelconfig.x86_64 |
188 | c1e583baa6694643f85b8df0924cc7c4fac0f6eef963969615e6e642db0f969a kernelconfig.armhf" | 185 | c1e583baa6694643f85b8df0924cc7c4fac0f6eef963969615e6e642db0f969a kernelconfig.armhf" |
189 | sha512sums="1ba223bb4b885d691a67196d86a8aaf7b4a1c351bf2a762f50f1b0c32da00dd0c28895872a66b49e8d244498d996876609268e64861d28ac4048886ef9f79b87 linux-3.13.tar.xz | 186 | sha512sums="1ba223bb4b885d691a67196d86a8aaf7b4a1c351bf2a762f50f1b0c32da00dd0c28895872a66b49e8d244498d996876609268e64861d28ac4048886ef9f79b87 linux-3.13.tar.xz |
190 | d61fc7e95e461b8f0f09ac6e3456eea160f64555bd0c78449d98a6a06e14929915dd6f739f7c7ee34512fbf9eb44ed17e2d262830f86194cb66a4760d019f8f0 patch-3.13.8.xz | 187 | 74d45d35db23915c3a0b3cb73a42e002e84d8c23f1415114004d5315ab8f25d9432882a5b4c2e59ed8b99035045cae9ad972e328d0b46495ebd7c333c831d9cc patch-3.13.10.xz |
191 | 0dcb393b94a36fea3698856031e165bc665b5a5f4a080dadcf6f4928e4776780fb16b23c5de8a0446c9a3766afa42f36df67f000b0b020e13c025b474fb68531 grsecurity-3.0-3.13.8-201404011912.patch | 188 | f79fcce8adf4720fde752cbfceddf8e7cd8a00e985b94d99d168a1dd3788a349a3948c123e28feb51bc7a876d9f038475c6f00d7c37996b373e19ce7a21e8ce4 grsecurity-3.0-3.13.10-201404141717.patch |
192 | f6e36cc94cb0c06ba181362f6de6c9fd431e571fbb35acad78d8790ae107531add54f6cb87d78180dd604076d2326885d16127fc4176ed07277ea89c151ce4e0 ccache.patch | ||
193 | 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch | 189 | 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch |
194 | 2ef795ebd70939be346cba824e6af2ca3d8220cdbc54b9fe3a6861cf44bc0df954ca91b7f6e68dcecebdb8a6a1651c12869588cea8c191f9054fe7a8db02f2a4 platform-introduce-OF-style-modalias-support-for-pla.patch | 190 | 2ef795ebd70939be346cba824e6af2ca3d8220cdbc54b9fe3a6861cf44bc0df954ca91b7f6e68dcecebdb8a6a1651c12869588cea8c191f9054fe7a8db02f2a4 platform-introduce-OF-style-modalias-support-for-pla.patch |
195 | 87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch | 191 | 87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch |
diff --git a/main/linux-grsec/ccache.patch b/main/linux-grsec/ccache.patch deleted file mode 100644 index b6c7090b74..0000000000 --- a/main/linux-grsec/ccache.patch +++ /dev/null | |||
@@ -1,10 +0,0 @@ | |||
1 | --- ./scripts/gcc-plugin.sh.orig 2014-04-02 11:25:17.447803082 +0000 | ||
2 | +++ ./scripts/gcc-plugin.sh 2014-04-02 11:25:35.211351328 +0000 | ||
3 | @@ -1,6 +1,6 @@ | ||
4 | #!/bin/bash | ||
5 | srctree=$(dirname "$0") | ||
6 | -gccplugins_dir=$("$3" -print-file-name=plugin) | ||
7 | +gccplugins_dir=$($3 -print-file-name=plugin) | ||
8 | plugincc=$("$1" -E -shared - -o /dev/null -I${srctree}/../tools/gcc -I${gccplugins_dir}/include 2>&1 <<EOF | ||
9 | #include "gcc-common.h" | ||
10 | #if BUILDING_GCC_VERSION >= 4008 || defined(ENABLE_BUILD_WITH_CXX) | ||
diff --git a/main/linux-grsec/grsecurity-3.0-3.13.8-201404011912.patch b/main/linux-grsec/grsecurity-3.0-3.13.10-201404141717.patch index 9c4aaacd2f..10e9b5bfb5 100644 --- a/main/linux-grsec/grsecurity-3.0-3.13.8-201404011912.patch +++ b/main/linux-grsec/grsecurity-3.0-3.13.10-201404141717.patch | |||
@@ -287,7 +287,7 @@ index b9e9bd8..bf49b92 100644 | |||
287 | 287 | ||
288 | pcd. [PARIDE] | 288 | pcd. [PARIDE] |
289 | diff --git a/Makefile b/Makefile | 289 | diff --git a/Makefile b/Makefile |
290 | index 4cab13b..b7d5e41 100644 | 290 | index 982ade0..f9cdd67 100644 |
291 | --- a/Makefile | 291 | --- a/Makefile |
292 | +++ b/Makefile | 292 | +++ b/Makefile |
293 | @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ | 293 | @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
@@ -12500,9 +12500,18 @@ index c337422..2c5be72 100644 | |||
12500 | .quad 0x0000000000000000 /* TS continued */ | 12500 | .quad 0x0000000000000000 /* TS continued */ |
12501 | gdt_end: | 12501 | gdt_end: |
12502 | diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c | 12502 | diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c |
12503 | index 434f077..b6b4b38 100644 | 12503 | index 434f077..f20f3ff 100644 |
12504 | --- a/arch/x86/boot/compressed/misc.c | 12504 | --- a/arch/x86/boot/compressed/misc.c |
12505 | +++ b/arch/x86/boot/compressed/misc.c | 12505 | +++ b/arch/x86/boot/compressed/misc.c |
12506 | @@ -224,7 +224,7 @@ void __putstr(const char *s) | ||
12507 | |||
12508 | void *memset(void *s, int c, size_t n) | ||
12509 | { | ||
12510 | - int i; | ||
12511 | + size_t i; | ||
12512 | char *ss = s; | ||
12513 | |||
12514 | for (i = 0; i < n; i++) | ||
12506 | @@ -283,7 +283,7 @@ static void handle_relocations(void *output, unsigned long output_len) | 12515 | @@ -283,7 +283,7 @@ static void handle_relocations(void *output, unsigned long output_len) |
12507 | * Calculate the delta between where vmlinux was linked to load | 12516 | * Calculate the delta between where vmlinux was linked to load |
12508 | * and where it was actually loaded. | 12517 | * and where it was actually loaded. |
@@ -12512,7 +12521,16 @@ index 434f077..b6b4b38 100644 | |||
12512 | if (!delta) { | 12521 | if (!delta) { |
12513 | debug_putstr("No relocation needed... "); | 12522 | debug_putstr("No relocation needed... "); |
12514 | return; | 12523 | return; |
12515 | @@ -380,7 +380,7 @@ static void parse_elf(void *output) | 12524 | @@ -353,7 +353,7 @@ static void parse_elf(void *output) |
12525 | Elf32_Ehdr ehdr; | ||
12526 | Elf32_Phdr *phdrs, *phdr; | ||
12527 | #endif | ||
12528 | - void *dest; | ||
12529 | + void *dest, *prev; | ||
12530 | int i; | ||
12531 | |||
12532 | memcpy(&ehdr, output, sizeof(ehdr)); | ||
12533 | @@ -380,13 +380,16 @@ static void parse_elf(void *output) | ||
12516 | case PT_LOAD: | 12534 | case PT_LOAD: |
12517 | #ifdef CONFIG_RELOCATABLE | 12535 | #ifdef CONFIG_RELOCATABLE |
12518 | dest = output; | 12536 | dest = output; |
@@ -12521,7 +12539,16 @@ index 434f077..b6b4b38 100644 | |||
12521 | #else | 12539 | #else |
12522 | dest = (void *)(phdr->p_paddr); | 12540 | dest = (void *)(phdr->p_paddr); |
12523 | #endif | 12541 | #endif |
12524 | @@ -432,7 +432,7 @@ asmlinkage void decompress_kernel(void *rmode, memptr heap, | 12542 | memcpy(dest, |
12543 | output + phdr->p_offset, | ||
12544 | phdr->p_filesz); | ||
12545 | + if (i) | ||
12546 | + memset(prev, 0xff, dest - prev); | ||
12547 | + prev = dest + phdr->p_filesz; | ||
12548 | break; | ||
12549 | default: /* Ignore other PT_* */ break; | ||
12550 | } | ||
12551 | @@ -432,7 +435,7 @@ asmlinkage void decompress_kernel(void *rmode, memptr heap, | ||
12525 | error("Destination address too large"); | 12552 | error("Destination address too large"); |
12526 | #endif | 12553 | #endif |
12527 | #ifndef CONFIG_RELOCATABLE | 12554 | #ifndef CONFIG_RELOCATABLE |
@@ -13661,7 +13688,7 @@ index dbc4339..de6e120 100644 | |||
13661 | 13688 | ||
13662 | ################################################################ | 13689 | ################################################################ |
13663 | diff --git a/arch/x86/crypto/ghash-clmulni-intel_asm.S b/arch/x86/crypto/ghash-clmulni-intel_asm.S | 13690 | diff --git a/arch/x86/crypto/ghash-clmulni-intel_asm.S b/arch/x86/crypto/ghash-clmulni-intel_asm.S |
13664 | index 586f41a..d02851e 100644 | 13691 | index 185fad4..ff4cd36 100644 |
13665 | --- a/arch/x86/crypto/ghash-clmulni-intel_asm.S | 13692 | --- a/arch/x86/crypto/ghash-clmulni-intel_asm.S |
13666 | +++ b/arch/x86/crypto/ghash-clmulni-intel_asm.S | 13693 | +++ b/arch/x86/crypto/ghash-clmulni-intel_asm.S |
13667 | @@ -18,6 +18,7 @@ | 13694 | @@ -18,6 +18,7 @@ |
@@ -13672,7 +13699,7 @@ index 586f41a..d02851e 100644 | |||
13672 | 13699 | ||
13673 | .data | 13700 | .data |
13674 | 13701 | ||
13675 | @@ -93,6 +94,7 @@ __clmul_gf128mul_ble: | 13702 | @@ -89,6 +90,7 @@ __clmul_gf128mul_ble: |
13676 | psrlq $1, T2 | 13703 | psrlq $1, T2 |
13677 | pxor T2, T1 | 13704 | pxor T2, T1 |
13678 | pxor T1, DATA | 13705 | pxor T1, DATA |
@@ -13680,7 +13707,7 @@ index 586f41a..d02851e 100644 | |||
13680 | ret | 13707 | ret |
13681 | ENDPROC(__clmul_gf128mul_ble) | 13708 | ENDPROC(__clmul_gf128mul_ble) |
13682 | 13709 | ||
13683 | @@ -105,6 +107,7 @@ ENTRY(clmul_ghash_mul) | 13710 | @@ -101,6 +103,7 @@ ENTRY(clmul_ghash_mul) |
13684 | call __clmul_gf128mul_ble | 13711 | call __clmul_gf128mul_ble |
13685 | PSHUFB_XMM BSWAP DATA | 13712 | PSHUFB_XMM BSWAP DATA |
13686 | movups DATA, (%rdi) | 13713 | movups DATA, (%rdi) |
@@ -13688,21 +13715,13 @@ index 586f41a..d02851e 100644 | |||
13688 | ret | 13715 | ret |
13689 | ENDPROC(clmul_ghash_mul) | 13716 | ENDPROC(clmul_ghash_mul) |
13690 | 13717 | ||
13691 | @@ -132,6 +135,7 @@ ENTRY(clmul_ghash_update) | 13718 | @@ -128,5 +131,6 @@ ENTRY(clmul_ghash_update) |
13692 | PSHUFB_XMM BSWAP DATA | 13719 | PSHUFB_XMM BSWAP DATA |
13693 | movups DATA, (%rdi) | 13720 | movups DATA, (%rdi) |
13694 | .Lupdate_just_ret: | 13721 | .Lupdate_just_ret: |
13695 | + pax_force_retaddr | 13722 | + pax_force_retaddr |
13696 | ret | 13723 | ret |
13697 | ENDPROC(clmul_ghash_update) | 13724 | ENDPROC(clmul_ghash_update) |
13698 | |||
13699 | @@ -157,5 +161,6 @@ ENTRY(clmul_ghash_setkey) | ||
13700 | pand .Lpoly, %xmm1 | ||
13701 | pxor %xmm1, %xmm0 | ||
13702 | movups %xmm0, (%rdi) | ||
13703 | + pax_force_retaddr | ||
13704 | ret | ||
13705 | ENDPROC(clmul_ghash_setkey) | ||
13706 | diff --git a/arch/x86/crypto/salsa20-x86_64-asm_64.S b/arch/x86/crypto/salsa20-x86_64-asm_64.S | 13725 | diff --git a/arch/x86/crypto/salsa20-x86_64-asm_64.S b/arch/x86/crypto/salsa20-x86_64-asm_64.S |
13707 | index 9279e0b..c4b3d2c 100644 | 13726 | index 9279e0b..c4b3d2c 100644 |
13708 | --- a/arch/x86/crypto/salsa20-x86_64-asm_64.S | 13727 | --- a/arch/x86/crypto/salsa20-x86_64-asm_64.S |
@@ -17549,7 +17568,7 @@ index 81bb91b..9392125 100644 | |||
17549 | 17568 | ||
17550 | /* | 17569 | /* |
17551 | diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h | 17570 | diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h |
17552 | index 5ad38ad..f228861 100644 | 17571 | index bbc8b12..f228861 100644 |
17553 | --- a/arch/x86/include/asm/pgtable.h | 17572 | --- a/arch/x86/include/asm/pgtable.h |
17554 | +++ b/arch/x86/include/asm/pgtable.h | 17573 | +++ b/arch/x86/include/asm/pgtable.h |
17555 | @@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); | 17574 | @@ -45,6 +45,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); |
@@ -17672,30 +17691,7 @@ index 5ad38ad..f228861 100644 | |||
17672 | #include <linux/mm_types.h> | 17691 | #include <linux/mm_types.h> |
17673 | #include <linux/mmdebug.h> | 17692 | #include <linux/mmdebug.h> |
17674 | #include <linux/log2.h> | 17693 | #include <linux/log2.h> |
17675 | @@ -445,20 +520,10 @@ static inline int pte_same(pte_t a, pte_t b) | 17694 | @@ -570,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) |
17676 | return a.pte == b.pte; | ||
17677 | } | ||
17678 | |||
17679 | -static inline int pteval_present(pteval_t pteval) | ||
17680 | -{ | ||
17681 | - /* | ||
17682 | - * Yes Linus, _PAGE_PROTNONE == _PAGE_NUMA. Expressing it this | ||
17683 | - * way clearly states that the intent is that protnone and numa | ||
17684 | - * hinting ptes are considered present for the purposes of | ||
17685 | - * pagetable operations like zapping, protection changes, gup etc. | ||
17686 | - */ | ||
17687 | - return pteval & (_PAGE_PRESENT | _PAGE_PROTNONE | _PAGE_NUMA); | ||
17688 | -} | ||
17689 | - | ||
17690 | static inline int pte_present(pte_t a) | ||
17691 | { | ||
17692 | - return pteval_present(pte_flags(a)); | ||
17693 | + return pte_flags(a) & (_PAGE_PRESENT | _PAGE_PROTNONE | | ||
17694 | + _PAGE_NUMA); | ||
17695 | } | ||
17696 | |||
17697 | #define pte_accessible pte_accessible | ||
17698 | @@ -580,7 +645,7 @@ static inline unsigned long pud_page_vaddr(pud_t pud) | ||
17699 | * Currently stuck as a macro due to indirect forward reference to | 17695 | * Currently stuck as a macro due to indirect forward reference to |
17700 | * linux/mmzone.h's __section_mem_map_addr() definition: | 17696 | * linux/mmzone.h's __section_mem_map_addr() definition: |
17701 | */ | 17697 | */ |
@@ -17704,7 +17700,7 @@ index 5ad38ad..f228861 100644 | |||
17704 | 17700 | ||
17705 | /* Find an entry in the second-level page table.. */ | 17701 | /* Find an entry in the second-level page table.. */ |
17706 | static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address) | 17702 | static inline pmd_t *pmd_offset(pud_t *pud, unsigned long address) |
17707 | @@ -620,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) | 17703 | @@ -610,7 +685,7 @@ static inline unsigned long pgd_page_vaddr(pgd_t pgd) |
17708 | * Currently stuck as a macro due to indirect forward reference to | 17704 | * Currently stuck as a macro due to indirect forward reference to |
17709 | * linux/mmzone.h's __section_mem_map_addr() definition: | 17705 | * linux/mmzone.h's __section_mem_map_addr() definition: |
17710 | */ | 17706 | */ |
@@ -17713,7 +17709,7 @@ index 5ad38ad..f228861 100644 | |||
17713 | 17709 | ||
17714 | /* to find an entry in a page-table-directory. */ | 17710 | /* to find an entry in a page-table-directory. */ |
17715 | static inline unsigned long pud_index(unsigned long address) | 17711 | static inline unsigned long pud_index(unsigned long address) |
17716 | @@ -635,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) | 17712 | @@ -625,7 +700,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) |
17717 | 17713 | ||
17718 | static inline int pgd_bad(pgd_t pgd) | 17714 | static inline int pgd_bad(pgd_t pgd) |
17719 | { | 17715 | { |
@@ -17722,7 +17718,7 @@ index 5ad38ad..f228861 100644 | |||
17722 | } | 17718 | } |
17723 | 17719 | ||
17724 | static inline int pgd_none(pgd_t pgd) | 17720 | static inline int pgd_none(pgd_t pgd) |
17725 | @@ -658,7 +723,12 @@ static inline int pgd_none(pgd_t pgd) | 17721 | @@ -648,7 +723,12 @@ static inline int pgd_none(pgd_t pgd) |
17726 | * pgd_offset() returns a (pgd_t *) | 17722 | * pgd_offset() returns a (pgd_t *) |
17727 | * pgd_index() is used get the offset into the pgd page's array of pgd_t's; | 17723 | * pgd_index() is used get the offset into the pgd page's array of pgd_t's; |
17728 | */ | 17724 | */ |
@@ -17736,7 +17732,7 @@ index 5ad38ad..f228861 100644 | |||
17736 | /* | 17732 | /* |
17737 | * a shortcut which implies the use of the kernel's pgd, instead | 17733 | * a shortcut which implies the use of the kernel's pgd, instead |
17738 | * of a process's | 17734 | * of a process's |
17739 | @@ -669,6 +739,23 @@ static inline int pgd_none(pgd_t pgd) | 17735 | @@ -659,6 +739,23 @@ static inline int pgd_none(pgd_t pgd) |
17740 | #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) | 17736 | #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) |
17741 | #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) | 17737 | #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) |
17742 | 17738 | ||
@@ -17760,7 +17756,7 @@ index 5ad38ad..f228861 100644 | |||
17760 | #ifndef __ASSEMBLY__ | 17756 | #ifndef __ASSEMBLY__ |
17761 | 17757 | ||
17762 | extern int direct_gbpages; | 17758 | extern int direct_gbpages; |
17763 | @@ -835,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, | 17759 | @@ -825,11 +922,24 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, |
17764 | * dst and src can be on the same page, but the range must not overlap, | 17760 | * dst and src can be on the same page, but the range must not overlap, |
17765 | * and must not cross a page boundary. | 17761 | * and must not cross a page boundary. |
17766 | */ | 17762 | */ |
@@ -25363,7 +25359,7 @@ index 898160b..758cde8 100644 | |||
25363 | reset_current_kprobe(); | 25359 | reset_current_kprobe(); |
25364 | preempt_enable_no_resched(); | 25360 | preempt_enable_no_resched(); |
25365 | diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c | 25361 | diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c |
25366 | index ebc9873..1b9724b 100644 | 25362 | index ebc9873..37b8776 100644 |
25367 | --- a/arch/x86/kernel/ldt.c | 25363 | --- a/arch/x86/kernel/ldt.c |
25368 | +++ b/arch/x86/kernel/ldt.c | 25364 | +++ b/arch/x86/kernel/ldt.c |
25369 | @@ -66,13 +66,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) | 25365 | @@ -66,13 +66,13 @@ static int alloc_ldt(mm_context_t *pc, int mincount, int reload) |
@@ -25416,7 +25412,7 @@ index ebc9873..1b9724b 100644 | |||
25416 | return retval; | 25412 | return retval; |
25417 | } | 25413 | } |
25418 | 25414 | ||
25419 | @@ -229,6 +247,13 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) | 25415 | @@ -229,6 +247,24 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode) |
25420 | } | 25416 | } |
25421 | } | 25417 | } |
25422 | 25418 | ||
@@ -25427,6 +25423,17 @@ index ebc9873..1b9724b 100644 | |||
25427 | + } | 25423 | + } |
25428 | +#endif | 25424 | +#endif |
25429 | + | 25425 | + |
25426 | + /* | ||
25427 | + * On x86-64 we do not support 16-bit segments due to | ||
25428 | + * IRET leaking the high bits of the kernel stack address. | ||
25429 | + */ | ||
25430 | +#ifdef CONFIG_X86_64 | ||
25431 | + if (!ldt_info.seg_32bit) { | ||
25432 | + error = -EINVAL; | ||
25433 | + goto out_unlock; | ||
25434 | + } | ||
25435 | +#endif | ||
25436 | + | ||
25430 | fill_ldt(&ldt, &ldt_info); | 25437 | fill_ldt(&ldt, &ldt_info); |
25431 | if (oldmode) | 25438 | if (oldmode) |
25432 | ldt.avl = 0; | 25439 | ldt.avl = 0; |
@@ -35432,30 +35439,18 @@ index fa6ade7..73da73a5 100644 | |||
35432 | 35439 | ||
35433 | #ifdef CONFIG_ACPI_NUMA | 35440 | #ifdef CONFIG_ACPI_NUMA |
35434 | diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c | 35441 | diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
35435 | index 3c76c3d..7327d91 100644 | 35442 | index ce563be..7327d91 100644 |
35436 | --- a/arch/x86/xen/mmu.c | 35443 | --- a/arch/x86/xen/mmu.c |
35437 | +++ b/arch/x86/xen/mmu.c | 35444 | +++ b/arch/x86/xen/mmu.c |
35438 | @@ -365,7 +365,7 @@ void xen_ptep_modify_prot_commit(struct mm_struct *mm, unsigned long addr, | 35445 | @@ -379,7 +379,7 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) |
35439 | /* Assume pteval_t is equivalent to all the other *val_t types. */ | ||
35440 | static pteval_t pte_mfn_to_pfn(pteval_t val) | ||
35441 | { | ||
35442 | - if (pteval_present(val)) { | ||
35443 | + if (val & _PAGE_PRESENT) { | ||
35444 | unsigned long mfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; | ||
35445 | unsigned long pfn = mfn_to_pfn(mfn); | ||
35446 | |||
35447 | @@ -379,9 +379,9 @@ static pteval_t pte_mfn_to_pfn(pteval_t val) | ||
35448 | return val; | 35446 | return val; |
35449 | } | 35447 | } |
35450 | 35448 | ||
35451 | -static pteval_t pte_pfn_to_mfn(pteval_t val) | 35449 | -static pteval_t pte_pfn_to_mfn(pteval_t val) |
35452 | +static pteval_t __intentional_overflow(-1) pte_pfn_to_mfn(pteval_t val) | 35450 | +static pteval_t __intentional_overflow(-1) pte_pfn_to_mfn(pteval_t val) |
35453 | { | 35451 | { |
35454 | - if (pteval_present(val)) { | 35452 | if (val & _PAGE_PRESENT) { |
35455 | + if (val & _PAGE_PRESENT) { | ||
35456 | unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; | 35453 | unsigned long pfn = (val & PTE_PFN_MASK) >> PAGE_SHIFT; |
35457 | pteval_t flags = val & PTE_FLAGS_MASK; | ||
35458 | unsigned long mfn; | ||
35459 | @@ -1894,6 +1894,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) | 35454 | @@ -1894,6 +1894,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) |
35460 | /* L3_k[510] -> level2_kernel_pgt | 35455 | /* L3_k[510] -> level2_kernel_pgt |
35461 | * L3_i[511] -> level2_fixmap_pgt */ | 35456 | * L3_i[511] -> level2_fixmap_pgt */ |
@@ -40067,19 +40062,6 @@ index a3ba9a8..ee52ddd 100644 | |||
40067 | unsigned relocs_total = 0; | 40062 | unsigned relocs_total = 0; |
40068 | unsigned relocs_max = UINT_MAX / sizeof(struct drm_i915_gem_relocation_entry); | 40063 | unsigned relocs_max = UINT_MAX / sizeof(struct drm_i915_gem_relocation_entry); |
40069 | 40064 | ||
40070 | diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c b/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
40071 | index d3c3b5b..e79720d 100644 | ||
40072 | --- a/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
40073 | +++ b/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
40074 | @@ -828,7 +828,7 @@ void i915_gem_suspend_gtt_mappings(struct drm_device *dev) | ||
40075 | dev_priv->gtt.base.clear_range(&dev_priv->gtt.base, | ||
40076 | dev_priv->gtt.base.start / PAGE_SIZE, | ||
40077 | dev_priv->gtt.base.total / PAGE_SIZE, | ||
40078 | - false); | ||
40079 | + true); | ||
40080 | } | ||
40081 | |||
40082 | void i915_gem_restore_gtt_mappings(struct drm_device *dev) | ||
40083 | diff --git a/drivers/gpu/drm/i915/i915_ioc32.c b/drivers/gpu/drm/i915/i915_ioc32.c | 40065 | diff --git a/drivers/gpu/drm/i915/i915_ioc32.c b/drivers/gpu/drm/i915/i915_ioc32.c |
40084 | index 3c59584..500f2e9 100644 | 40066 | index 3c59584..500f2e9 100644 |
40085 | --- a/drivers/gpu/drm/i915/i915_ioc32.c | 40067 | --- a/drivers/gpu/drm/i915/i915_ioc32.c |
@@ -42930,10 +42912,10 @@ index 2f0b39d..7370f13 100644 | |||
42930 | 42912 | ||
42931 | ssize_t psmouse_attr_show_helper(struct device *dev, struct device_attribute *attr, | 42913 | ssize_t psmouse_attr_show_helper(struct device *dev, struct device_attribute *attr, |
42932 | diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c | 42914 | diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c |
42933 | index 4c842c3..590b0bf 100644 | 42915 | index b604564..3f14ae4 100644 |
42934 | --- a/drivers/input/mousedev.c | 42916 | --- a/drivers/input/mousedev.c |
42935 | +++ b/drivers/input/mousedev.c | 42917 | +++ b/drivers/input/mousedev.c |
42936 | @@ -738,7 +738,7 @@ static ssize_t mousedev_read(struct file *file, char __user *buffer, | 42918 | @@ -744,7 +744,7 @@ static ssize_t mousedev_read(struct file *file, char __user *buffer, |
42937 | 42919 | ||
42938 | spin_unlock_irq(&client->packet_lock); | 42920 | spin_unlock_irq(&client->packet_lock); |
42939 | 42921 | ||
@@ -44026,6 +44008,28 @@ index 0095ec8..c89277a 100644 | |||
44026 | } | 44008 | } |
44027 | 44009 | ||
44028 | struct md_personality | 44010 | struct md_personality |
44011 | diff --git a/drivers/md/persistent-data/dm-space-map-metadata.c b/drivers/md/persistent-data/dm-space-map-metadata.c | ||
44012 | index 579b582..9fb6185 100644 | ||
44013 | --- a/drivers/md/persistent-data/dm-space-map-metadata.c | ||
44014 | +++ b/drivers/md/persistent-data/dm-space-map-metadata.c | ||
44015 | @@ -679,7 +679,7 @@ static int sm_metadata_extend(struct dm_space_map *sm, dm_block_t extra_blocks) | ||
44016 | * Flick into a mode where all blocks get allocated in the new area. | ||
44017 | */ | ||
44018 | smm->begin = old_len; | ||
44019 | - memcpy(sm, &bootstrap_ops, sizeof(*sm)); | ||
44020 | + memcpy((void *)sm, &bootstrap_ops, sizeof(*sm)); | ||
44021 | |||
44022 | /* | ||
44023 | * Extend. | ||
44024 | @@ -710,7 +710,7 @@ out: | ||
44025 | /* | ||
44026 | * Switch back to normal behaviour. | ||
44027 | */ | ||
44028 | - memcpy(sm, &ops, sizeof(*sm)); | ||
44029 | + memcpy((void *)sm, &ops, sizeof(*sm)); | ||
44030 | return r; | ||
44031 | } | ||
44032 | |||
44029 | diff --git a/drivers/md/persistent-data/dm-space-map.h b/drivers/md/persistent-data/dm-space-map.h | 44033 | diff --git a/drivers/md/persistent-data/dm-space-map.h b/drivers/md/persistent-data/dm-space-map.h |
44030 | index 3e6d115..ffecdeb 100644 | 44034 | index 3e6d115..ffecdeb 100644 |
44031 | --- a/drivers/md/persistent-data/dm-space-map.h | 44035 | --- a/drivers/md/persistent-data/dm-space-map.h |
@@ -46322,10 +46326,10 @@ index a79e9d3..78cd4fa 100644 | |||
46322 | 46326 | ||
46323 | /* we will have to manufacture ethernet headers, prepare template */ | 46327 | /* we will have to manufacture ethernet headers, prepare template */ |
46324 | diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c | 46328 | diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
46325 | index 0247973..088193a 100644 | 46329 | index fc5d2b7..48e2984 100644 |
46326 | --- a/drivers/net/vxlan.c | 46330 | --- a/drivers/net/vxlan.c |
46327 | +++ b/drivers/net/vxlan.c | 46331 | +++ b/drivers/net/vxlan.c |
46328 | @@ -2615,7 +2615,7 @@ nla_put_failure: | 46332 | @@ -2721,7 +2721,7 @@ nla_put_failure: |
46329 | return -EMSGSIZE; | 46333 | return -EMSGSIZE; |
46330 | } | 46334 | } |
46331 | 46335 | ||
@@ -52105,38 +52109,6 @@ index 1eab4ac..e21efc9 100644 | |||
52105 | iommu_group_id(group->iommu_group)); | 52109 | iommu_group_id(group->iommu_group)); |
52106 | 52110 | ||
52107 | return 0; | 52111 | return 0; |
52108 | diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c | ||
52109 | index b12176f..e5522d9 100644 | ||
52110 | --- a/drivers/vhost/net.c | ||
52111 | +++ b/drivers/vhost/net.c | ||
52112 | @@ -528,6 +528,12 @@ static int get_rx_bufs(struct vhost_virtqueue *vq, | ||
52113 | *iovcount = seg; | ||
52114 | if (unlikely(log)) | ||
52115 | *log_num = nlogs; | ||
52116 | + | ||
52117 | + /* Detect overrun */ | ||
52118 | + if (unlikely(datalen > 0)) { | ||
52119 | + r = UIO_MAXIOV + 1; | ||
52120 | + goto err; | ||
52121 | + } | ||
52122 | return headcount; | ||
52123 | err: | ||
52124 | vhost_discard_vq_desc(vq, headcount); | ||
52125 | @@ -583,6 +589,14 @@ static void handle_rx(struct vhost_net *net) | ||
52126 | /* On error, stop handling until the next kick. */ | ||
52127 | if (unlikely(headcount < 0)) | ||
52128 | break; | ||
52129 | + /* On overrun, truncate and discard */ | ||
52130 | + if (unlikely(headcount > UIO_MAXIOV)) { | ||
52131 | + msg.msg_iovlen = 1; | ||
52132 | + err = sock->ops->recvmsg(NULL, sock, &msg, | ||
52133 | + 1, MSG_DONTWAIT | MSG_TRUNC); | ||
52134 | + pr_debug("Discarded rx packet: len %zd\n", sock_len); | ||
52135 | + continue; | ||
52136 | + } | ||
52137 | /* OK, now we need to know about added descriptors. */ | ||
52138 | if (!headcount) { | ||
52139 | if (unlikely(vhost_enable_notify(&net->dev, vq))) { | ||
52140 | diff --git a/drivers/vhost/vringh.c b/drivers/vhost/vringh.c | 52112 | diff --git a/drivers/vhost/vringh.c b/drivers/vhost/vringh.c |
52141 | index 5174eba..451e6bc 100644 | 52113 | index 5174eba..451e6bc 100644 |
52142 | --- a/drivers/vhost/vringh.c | 52114 | --- a/drivers/vhost/vringh.c |
@@ -55638,54 +55610,6 @@ index 88714ae..16c2e11 100644 | |||
55638 | 55610 | ||
55639 | 55611 | ||
55640 | static inline u32 get_pll_internal_frequency(u32 ref_freq, | 55612 | static inline u32 get_pll_internal_frequency(u32 ref_freq, |
55641 | diff --git a/drivers/xen/balloon.c b/drivers/xen/balloon.c | ||
55642 | index 4c02e2b..2c85267 100644 | ||
55643 | --- a/drivers/xen/balloon.c | ||
55644 | +++ b/drivers/xen/balloon.c | ||
55645 | @@ -406,12 +406,26 @@ static enum bp_state decrease_reservation(unsigned long nr_pages, gfp_t gfp) | ||
55646 | state = BP_EAGAIN; | ||
55647 | break; | ||
55648 | } | ||
55649 | - | ||
55650 | - pfn = page_to_pfn(page); | ||
55651 | - frame_list[i] = pfn_to_mfn(pfn); | ||
55652 | - | ||
55653 | scrub_page(page); | ||
55654 | |||
55655 | + frame_list[i] = page_to_pfn(page); | ||
55656 | + } | ||
55657 | + | ||
55658 | + /* | ||
55659 | + * Ensure that ballooned highmem pages don't have kmaps. | ||
55660 | + * | ||
55661 | + * Do this before changing the p2m as kmap_flush_unused() | ||
55662 | + * reads PTEs to obtain pages (and hence needs the original | ||
55663 | + * p2m entry). | ||
55664 | + */ | ||
55665 | + kmap_flush_unused(); | ||
55666 | + | ||
55667 | + /* Update direct mapping, invalidate P2M, and add to balloon. */ | ||
55668 | + for (i = 0; i < nr_pages; i++) { | ||
55669 | + pfn = frame_list[i]; | ||
55670 | + frame_list[i] = pfn_to_mfn(pfn); | ||
55671 | + page = pfn_to_page(pfn); | ||
55672 | + | ||
55673 | #ifdef CONFIG_XEN_HAVE_PVMMU | ||
55674 | /* | ||
55675 | * Ballooned out frames are effectively replaced with | ||
55676 | @@ -436,11 +450,9 @@ static enum bp_state decrease_reservation(unsigned long nr_pages, gfp_t gfp) | ||
55677 | } | ||
55678 | #endif | ||
55679 | |||
55680 | - balloon_append(pfn_to_page(pfn)); | ||
55681 | + balloon_append(page); | ||
55682 | } | ||
55683 | |||
55684 | - /* Ensure that ballooned highmem pages don't have kmaps. */ | ||
55685 | - kmap_flush_unused(); | ||
55686 | flush_tlb_all(); | ||
55687 | |||
55688 | set_xen_guest_handle(reservation.extent_start, frame_list); | ||
55689 | diff --git a/drivers/xen/xenfs/xenstored.c b/drivers/xen/xenfs/xenstored.c | 55613 | diff --git a/drivers/xen/xenfs/xenstored.c b/drivers/xen/xenfs/xenstored.c |
55690 | index fef20db..d28b1ab 100644 | 55614 | index fef20db..d28b1ab 100644 |
55691 | --- a/drivers/xen/xenfs/xenstored.c | 55615 | --- a/drivers/xen/xenfs/xenstored.c |
@@ -58166,7 +58090,7 @@ index bc3fbcd..6031650 100644 | |||
58166 | return 0; | 58090 | return 0; |
58167 | while (nr) { | 58091 | while (nr) { |
58168 | diff --git a/fs/dcache.c b/fs/dcache.c | 58092 | diff --git a/fs/dcache.c b/fs/dcache.c |
58169 | index fdbe230..d852932 100644 | 58093 | index f7ad6d7..d852932 100644 |
58170 | --- a/fs/dcache.c | 58094 | --- a/fs/dcache.c |
58171 | +++ b/fs/dcache.c | 58095 | +++ b/fs/dcache.c |
58172 | @@ -1495,7 +1495,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) | 58096 | @@ -1495,7 +1495,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) |
@@ -58178,18 +58102,6 @@ index fdbe230..d852932 100644 | |||
58178 | if (!dname) { | 58102 | if (!dname) { |
58179 | kmem_cache_free(dentry_cache, dentry); | 58103 | kmem_cache_free(dentry_cache, dentry); |
58180 | return NULL; | 58104 | return NULL; |
58181 | @@ -2833,9 +2833,9 @@ static int prepend_name(char **buffer, int *buflen, struct qstr *name) | ||
58182 | u32 dlen = ACCESS_ONCE(name->len); | ||
58183 | char *p; | ||
58184 | |||
58185 | - if (*buflen < dlen + 1) | ||
58186 | - return -ENAMETOOLONG; | ||
58187 | *buflen -= dlen + 1; | ||
58188 | + if (*buflen < 0) | ||
58189 | + return -ENAMETOOLONG; | ||
58190 | p = *buffer -= dlen + 1; | ||
58191 | *p++ = '/'; | ||
58192 | while (dlen--) { | ||
58193 | @@ -3428,7 +3428,8 @@ void __init vfs_caches_init(unsigned long mempages) | 58105 | @@ -3428,7 +3428,8 @@ void __init vfs_caches_init(unsigned long mempages) |
58194 | mempages -= reserve; | 58106 | mempages -= reserve; |
58195 | 58107 | ||
@@ -61162,7 +61074,7 @@ index 92a0f0a..45a48f0 100644 | |||
61162 | 61074 | ||
61163 | spin_lock(&inode->i_lock); | 61075 | spin_lock(&inode->i_lock); |
61164 | diff --git a/fs/mount.h b/fs/mount.h | 61076 | diff --git a/fs/mount.h b/fs/mount.h |
61165 | index a17458c..e69fb5b 100644 | 61077 | index b29e42f..5ea7fdf 100644 |
61166 | --- a/fs/mount.h | 61078 | --- a/fs/mount.h |
61167 | +++ b/fs/mount.h | 61079 | +++ b/fs/mount.h |
61168 | @@ -11,7 +11,7 @@ struct mnt_namespace { | 61080 | @@ -11,7 +11,7 @@ struct mnt_namespace { |
@@ -61184,7 +61096,7 @@ index a17458c..e69fb5b 100644 | |||
61184 | #define MNT_NS_INTERNAL ERR_PTR(-EINVAL) /* distinct from any mnt_namespace */ | 61096 | #define MNT_NS_INTERNAL ERR_PTR(-EINVAL) /* distinct from any mnt_namespace */ |
61185 | 61097 | ||
61186 | diff --git a/fs/namei.c b/fs/namei.c | 61098 | diff --git a/fs/namei.c b/fs/namei.c |
61187 | index cfe6608..a24748c 100644 | 61099 | index 399f637..a24748c 100644 |
61188 | --- a/fs/namei.c | 61100 | --- a/fs/namei.c |
61189 | +++ b/fs/namei.c | 61101 | +++ b/fs/namei.c |
61190 | @@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) | 61102 | @@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) |
@@ -61260,57 +61172,7 @@ index cfe6608..a24748c 100644 | |||
61260 | nd->last_type = LAST_BIND; | 61172 | nd->last_type = LAST_BIND; |
61261 | *p = dentry->d_inode->i_op->follow_link(dentry, nd); | 61173 | *p = dentry->d_inode->i_op->follow_link(dentry, nd); |
61262 | error = PTR_ERR(*p); | 61174 | error = PTR_ERR(*p); |
61263 | @@ -1098,7 +1112,7 @@ static bool __follow_mount_rcu(struct nameidata *nd, struct path *path, | 61175 | @@ -1579,6 +1593,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) |
61264 | return false; | ||
61265 | |||
61266 | if (!d_mountpoint(path->dentry)) | ||
61267 | - break; | ||
61268 | + return true; | ||
61269 | |||
61270 | mounted = __lookup_mnt(path->mnt, path->dentry); | ||
61271 | if (!mounted) | ||
61272 | @@ -1114,20 +1128,7 @@ static bool __follow_mount_rcu(struct nameidata *nd, struct path *path, | ||
61273 | */ | ||
61274 | *inode = path->dentry->d_inode; | ||
61275 | } | ||
61276 | - return true; | ||
61277 | -} | ||
61278 | - | ||
61279 | -static void follow_mount_rcu(struct nameidata *nd) | ||
61280 | -{ | ||
61281 | - while (d_mountpoint(nd->path.dentry)) { | ||
61282 | - struct mount *mounted; | ||
61283 | - mounted = __lookup_mnt(nd->path.mnt, nd->path.dentry); | ||
61284 | - if (!mounted) | ||
61285 | - break; | ||
61286 | - nd->path.mnt = &mounted->mnt; | ||
61287 | - nd->path.dentry = mounted->mnt.mnt_root; | ||
61288 | - nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); | ||
61289 | - } | ||
61290 | + return read_seqretry(&mount_lock, nd->m_seq); | ||
61291 | } | ||
61292 | |||
61293 | static int follow_dotdot_rcu(struct nameidata *nd) | ||
61294 | @@ -1155,7 +1156,17 @@ static int follow_dotdot_rcu(struct nameidata *nd) | ||
61295 | break; | ||
61296 | nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); | ||
61297 | } | ||
61298 | - follow_mount_rcu(nd); | ||
61299 | + while (d_mountpoint(nd->path.dentry)) { | ||
61300 | + struct mount *mounted; | ||
61301 | + mounted = __lookup_mnt(nd->path.mnt, nd->path.dentry); | ||
61302 | + if (!mounted) | ||
61303 | + break; | ||
61304 | + nd->path.mnt = &mounted->mnt; | ||
61305 | + nd->path.dentry = mounted->mnt.mnt_root; | ||
61306 | + nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); | ||
61307 | + if (!read_seqretry(&mount_lock, nd->m_seq)) | ||
61308 | + goto failed; | ||
61309 | + } | ||
61310 | nd->inode = nd->path.dentry->d_inode; | ||
61311 | return 0; | ||
61312 | |||
61313 | @@ -1582,6 +1593,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) | ||
61314 | if (res) | 61176 | if (res) |
61315 | break; | 61177 | break; |
61316 | res = walk_component(nd, path, LOOKUP_FOLLOW); | 61178 | res = walk_component(nd, path, LOOKUP_FOLLOW); |
@@ -61319,7 +61181,7 @@ index cfe6608..a24748c 100644 | |||
61319 | put_link(nd, &link, cookie); | 61181 | put_link(nd, &link, cookie); |
61320 | } while (res > 0); | 61182 | } while (res > 0); |
61321 | 61183 | ||
61322 | @@ -1655,7 +1668,7 @@ EXPORT_SYMBOL(full_name_hash); | 61184 | @@ -1652,7 +1668,7 @@ EXPORT_SYMBOL(full_name_hash); |
61323 | static inline unsigned long hash_name(const char *name, unsigned int *hashp) | 61185 | static inline unsigned long hash_name(const char *name, unsigned int *hashp) |
61324 | { | 61186 | { |
61325 | unsigned long a, b, adata, bdata, mask, hash, len; | 61187 | unsigned long a, b, adata, bdata, mask, hash, len; |
@@ -61328,7 +61190,7 @@ index cfe6608..a24748c 100644 | |||
61328 | 61190 | ||
61329 | hash = a = 0; | 61191 | hash = a = 0; |
61330 | len = -sizeof(unsigned long); | 61192 | len = -sizeof(unsigned long); |
61331 | @@ -1939,6 +1952,8 @@ static int path_lookupat(int dfd, const char *name, | 61193 | @@ -1936,6 +1952,8 @@ static int path_lookupat(int dfd, const char *name, |
61332 | if (err) | 61194 | if (err) |
61333 | break; | 61195 | break; |
61334 | err = lookup_last(nd, &path); | 61196 | err = lookup_last(nd, &path); |
@@ -61337,7 +61199,7 @@ index cfe6608..a24748c 100644 | |||
61337 | put_link(nd, &link, cookie); | 61199 | put_link(nd, &link, cookie); |
61338 | } | 61200 | } |
61339 | } | 61201 | } |
61340 | @@ -1946,6 +1961,13 @@ static int path_lookupat(int dfd, const char *name, | 61202 | @@ -1943,6 +1961,13 @@ static int path_lookupat(int dfd, const char *name, |
61341 | if (!err) | 61203 | if (!err) |
61342 | err = complete_walk(nd); | 61204 | err = complete_walk(nd); |
61343 | 61205 | ||
@@ -61351,7 +61213,7 @@ index cfe6608..a24748c 100644 | |||
61351 | if (!err && nd->flags & LOOKUP_DIRECTORY) { | 61213 | if (!err && nd->flags & LOOKUP_DIRECTORY) { |
61352 | if (!d_is_directory(nd->path.dentry)) { | 61214 | if (!d_is_directory(nd->path.dentry)) { |
61353 | path_put(&nd->path); | 61215 | path_put(&nd->path); |
61354 | @@ -1973,8 +1995,15 @@ static int filename_lookup(int dfd, struct filename *name, | 61216 | @@ -1970,8 +1995,15 @@ static int filename_lookup(int dfd, struct filename *name, |
61355 | retval = path_lookupat(dfd, name->name, | 61217 | retval = path_lookupat(dfd, name->name, |
61356 | flags | LOOKUP_REVAL, nd); | 61218 | flags | LOOKUP_REVAL, nd); |
61357 | 61219 | ||
@@ -61368,7 +61230,7 @@ index cfe6608..a24748c 100644 | |||
61368 | return retval; | 61230 | return retval; |
61369 | } | 61231 | } |
61370 | 61232 | ||
61371 | @@ -2548,6 +2577,13 @@ static int may_open(struct path *path, int acc_mode, int flag) | 61233 | @@ -2545,6 +2577,13 @@ static int may_open(struct path *path, int acc_mode, int flag) |
61372 | if (flag & O_NOATIME && !inode_owner_or_capable(inode)) | 61234 | if (flag & O_NOATIME && !inode_owner_or_capable(inode)) |
61373 | return -EPERM; | 61235 | return -EPERM; |
61374 | 61236 | ||
@@ -61382,7 +61244,7 @@ index cfe6608..a24748c 100644 | |||
61382 | return 0; | 61244 | return 0; |
61383 | } | 61245 | } |
61384 | 61246 | ||
61385 | @@ -2779,7 +2815,7 @@ looked_up: | 61247 | @@ -2776,7 +2815,7 @@ looked_up: |
61386 | * cleared otherwise prior to returning. | 61248 | * cleared otherwise prior to returning. |
61387 | */ | 61249 | */ |
61388 | static int lookup_open(struct nameidata *nd, struct path *path, | 61250 | static int lookup_open(struct nameidata *nd, struct path *path, |
@@ -61391,7 +61253,7 @@ index cfe6608..a24748c 100644 | |||
61391 | const struct open_flags *op, | 61253 | const struct open_flags *op, |
61392 | bool got_write, int *opened) | 61254 | bool got_write, int *opened) |
61393 | { | 61255 | { |
61394 | @@ -2814,6 +2850,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, | 61256 | @@ -2811,6 +2850,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, |
61395 | /* Negative dentry, just create the file */ | 61257 | /* Negative dentry, just create the file */ |
61396 | if (!dentry->d_inode && (op->open_flag & O_CREAT)) { | 61258 | if (!dentry->d_inode && (op->open_flag & O_CREAT)) { |
61397 | umode_t mode = op->mode; | 61259 | umode_t mode = op->mode; |
@@ -61409,7 +61271,7 @@ index cfe6608..a24748c 100644 | |||
61409 | if (!IS_POSIXACL(dir->d_inode)) | 61271 | if (!IS_POSIXACL(dir->d_inode)) |
61410 | mode &= ~current_umask(); | 61272 | mode &= ~current_umask(); |
61411 | /* | 61273 | /* |
61412 | @@ -2835,6 +2882,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, | 61274 | @@ -2832,6 +2882,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, |
61413 | nd->flags & LOOKUP_EXCL); | 61275 | nd->flags & LOOKUP_EXCL); |
61414 | if (error) | 61276 | if (error) |
61415 | goto out_dput; | 61277 | goto out_dput; |
@@ -61418,7 +61280,7 @@ index cfe6608..a24748c 100644 | |||
61418 | } | 61280 | } |
61419 | out_no_open: | 61281 | out_no_open: |
61420 | path->dentry = dentry; | 61282 | path->dentry = dentry; |
61421 | @@ -2849,7 +2898,7 @@ out_dput: | 61283 | @@ -2846,7 +2898,7 @@ out_dput: |
61422 | /* | 61284 | /* |
61423 | * Handle the last step of open() | 61285 | * Handle the last step of open() |
61424 | */ | 61286 | */ |
@@ -61427,7 +61289,7 @@ index cfe6608..a24748c 100644 | |||
61427 | struct file *file, const struct open_flags *op, | 61289 | struct file *file, const struct open_flags *op, |
61428 | int *opened, struct filename *name) | 61290 | int *opened, struct filename *name) |
61429 | { | 61291 | { |
61430 | @@ -2899,6 +2948,15 @@ static int do_last(struct nameidata *nd, struct path *path, | 61292 | @@ -2896,6 +2948,15 @@ static int do_last(struct nameidata *nd, struct path *path, |
61431 | if (error) | 61293 | if (error) |
61432 | return error; | 61294 | return error; |
61433 | 61295 | ||
@@ -61443,7 +61305,7 @@ index cfe6608..a24748c 100644 | |||
61443 | audit_inode(name, dir, LOOKUP_PARENT); | 61305 | audit_inode(name, dir, LOOKUP_PARENT); |
61444 | error = -EISDIR; | 61306 | error = -EISDIR; |
61445 | /* trailing slashes? */ | 61307 | /* trailing slashes? */ |
61446 | @@ -2918,7 +2976,7 @@ retry_lookup: | 61308 | @@ -2915,7 +2976,7 @@ retry_lookup: |
61447 | */ | 61309 | */ |
61448 | } | 61310 | } |
61449 | mutex_lock(&dir->d_inode->i_mutex); | 61311 | mutex_lock(&dir->d_inode->i_mutex); |
@@ -61452,7 +61314,7 @@ index cfe6608..a24748c 100644 | |||
61452 | mutex_unlock(&dir->d_inode->i_mutex); | 61314 | mutex_unlock(&dir->d_inode->i_mutex); |
61453 | 61315 | ||
61454 | if (error <= 0) { | 61316 | if (error <= 0) { |
61455 | @@ -2942,11 +3000,28 @@ retry_lookup: | 61317 | @@ -2939,11 +3000,28 @@ retry_lookup: |
61456 | goto finish_open_created; | 61318 | goto finish_open_created; |
61457 | } | 61319 | } |
61458 | 61320 | ||
@@ -61482,7 +61344,7 @@ index cfe6608..a24748c 100644 | |||
61482 | 61344 | ||
61483 | /* | 61345 | /* |
61484 | * If atomic_open() acquired write access it is dropped now due to | 61346 | * If atomic_open() acquired write access it is dropped now due to |
61485 | @@ -2987,6 +3062,11 @@ finish_lookup: | 61347 | @@ -2984,6 +3062,11 @@ finish_lookup: |
61486 | } | 61348 | } |
61487 | } | 61349 | } |
61488 | BUG_ON(inode != path->dentry->d_inode); | 61350 | BUG_ON(inode != path->dentry->d_inode); |
@@ -61494,7 +61356,7 @@ index cfe6608..a24748c 100644 | |||
61494 | return 1; | 61356 | return 1; |
61495 | } | 61357 | } |
61496 | 61358 | ||
61497 | @@ -2996,7 +3076,6 @@ finish_lookup: | 61359 | @@ -2993,7 +3076,6 @@ finish_lookup: |
61498 | save_parent.dentry = nd->path.dentry; | 61360 | save_parent.dentry = nd->path.dentry; |
61499 | save_parent.mnt = mntget(path->mnt); | 61361 | save_parent.mnt = mntget(path->mnt); |
61500 | nd->path.dentry = path->dentry; | 61362 | nd->path.dentry = path->dentry; |
@@ -61502,7 +61364,7 @@ index cfe6608..a24748c 100644 | |||
61502 | } | 61364 | } |
61503 | nd->inode = inode; | 61365 | nd->inode = inode; |
61504 | /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ | 61366 | /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ |
61505 | @@ -3006,7 +3085,18 @@ finish_open: | 61367 | @@ -3003,7 +3085,18 @@ finish_open: |
61506 | path_put(&save_parent); | 61368 | path_put(&save_parent); |
61507 | return error; | 61369 | return error; |
61508 | } | 61370 | } |
@@ -61521,7 +61383,7 @@ index cfe6608..a24748c 100644 | |||
61521 | error = -EISDIR; | 61383 | error = -EISDIR; |
61522 | if ((open_flag & O_CREAT) && | 61384 | if ((open_flag & O_CREAT) && |
61523 | (d_is_directory(nd->path.dentry) || d_is_autodir(nd->path.dentry))) | 61385 | (d_is_directory(nd->path.dentry) || d_is_autodir(nd->path.dentry))) |
61524 | @@ -3170,7 +3260,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, | 61386 | @@ -3167,7 +3260,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, |
61525 | if (unlikely(error)) | 61387 | if (unlikely(error)) |
61526 | goto out; | 61388 | goto out; |
61527 | 61389 | ||
@@ -61530,7 +61392,7 @@ index cfe6608..a24748c 100644 | |||
61530 | while (unlikely(error > 0)) { /* trailing symlink */ | 61392 | while (unlikely(error > 0)) { /* trailing symlink */ |
61531 | struct path link = path; | 61393 | struct path link = path; |
61532 | void *cookie; | 61394 | void *cookie; |
61533 | @@ -3188,7 +3278,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, | 61395 | @@ -3185,7 +3278,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, |
61534 | error = follow_link(&link, nd, &cookie); | 61396 | error = follow_link(&link, nd, &cookie); |
61535 | if (unlikely(error)) | 61397 | if (unlikely(error)) |
61536 | break; | 61398 | break; |
@@ -61539,7 +61401,7 @@ index cfe6608..a24748c 100644 | |||
61539 | put_link(nd, &link, cookie); | 61401 | put_link(nd, &link, cookie); |
61540 | } | 61402 | } |
61541 | out: | 61403 | out: |
61542 | @@ -3288,9 +3378,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, | 61404 | @@ -3285,9 +3378,11 @@ struct dentry *kern_path_create(int dfd, const char *pathname, |
61543 | goto unlock; | 61405 | goto unlock; |
61544 | 61406 | ||
61545 | error = -EEXIST; | 61407 | error = -EEXIST; |
@@ -61553,7 +61415,7 @@ index cfe6608..a24748c 100644 | |||
61553 | /* | 61415 | /* |
61554 | * Special case - lookup gave negative, but... we had foo/bar/ | 61416 | * Special case - lookup gave negative, but... we had foo/bar/ |
61555 | * From the vfs_mknod() POV we just have a negative dentry - | 61417 | * From the vfs_mknod() POV we just have a negative dentry - |
61556 | @@ -3342,6 +3434,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, | 61418 | @@ -3339,6 +3434,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, |
61557 | } | 61419 | } |
61558 | EXPORT_SYMBOL(user_path_create); | 61420 | EXPORT_SYMBOL(user_path_create); |
61559 | 61421 | ||
@@ -61574,7 +61436,7 @@ index cfe6608..a24748c 100644 | |||
61574 | int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) | 61436 | int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) |
61575 | { | 61437 | { |
61576 | int error = may_create(dir, dentry); | 61438 | int error = may_create(dir, dentry); |
61577 | @@ -3404,6 +3510,17 @@ retry: | 61439 | @@ -3401,6 +3510,17 @@ retry: |
61578 | 61440 | ||
61579 | if (!IS_POSIXACL(path.dentry->d_inode)) | 61441 | if (!IS_POSIXACL(path.dentry->d_inode)) |
61580 | mode &= ~current_umask(); | 61442 | mode &= ~current_umask(); |
@@ -61592,7 +61454,7 @@ index cfe6608..a24748c 100644 | |||
61592 | error = security_path_mknod(&path, dentry, mode, dev); | 61454 | error = security_path_mknod(&path, dentry, mode, dev); |
61593 | if (error) | 61455 | if (error) |
61594 | goto out; | 61456 | goto out; |
61595 | @@ -3420,6 +3537,8 @@ retry: | 61457 | @@ -3417,6 +3537,8 @@ retry: |
61596 | break; | 61458 | break; |
61597 | } | 61459 | } |
61598 | out: | 61460 | out: |
@@ -61601,7 +61463,7 @@ index cfe6608..a24748c 100644 | |||
61601 | done_path_create(&path, dentry); | 61463 | done_path_create(&path, dentry); |
61602 | if (retry_estale(error, lookup_flags)) { | 61464 | if (retry_estale(error, lookup_flags)) { |
61603 | lookup_flags |= LOOKUP_REVAL; | 61465 | lookup_flags |= LOOKUP_REVAL; |
61604 | @@ -3472,9 +3591,16 @@ retry: | 61466 | @@ -3469,9 +3591,16 @@ retry: |
61605 | 61467 | ||
61606 | if (!IS_POSIXACL(path.dentry->d_inode)) | 61468 | if (!IS_POSIXACL(path.dentry->d_inode)) |
61607 | mode &= ~current_umask(); | 61469 | mode &= ~current_umask(); |
@@ -61618,7 +61480,7 @@ index cfe6608..a24748c 100644 | |||
61618 | done_path_create(&path, dentry); | 61480 | done_path_create(&path, dentry); |
61619 | if (retry_estale(error, lookup_flags)) { | 61481 | if (retry_estale(error, lookup_flags)) { |
61620 | lookup_flags |= LOOKUP_REVAL; | 61482 | lookup_flags |= LOOKUP_REVAL; |
61621 | @@ -3555,6 +3681,8 @@ static long do_rmdir(int dfd, const char __user *pathname) | 61483 | @@ -3552,6 +3681,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
61622 | struct filename *name; | 61484 | struct filename *name; |
61623 | struct dentry *dentry; | 61485 | struct dentry *dentry; |
61624 | struct nameidata nd; | 61486 | struct nameidata nd; |
@@ -61627,7 +61489,7 @@ index cfe6608..a24748c 100644 | |||
61627 | unsigned int lookup_flags = 0; | 61489 | unsigned int lookup_flags = 0; |
61628 | retry: | 61490 | retry: |
61629 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); | 61491 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); |
61630 | @@ -3587,10 +3715,21 @@ retry: | 61492 | @@ -3584,10 +3715,21 @@ retry: |
61631 | error = -ENOENT; | 61493 | error = -ENOENT; |
61632 | goto exit3; | 61494 | goto exit3; |
61633 | } | 61495 | } |
@@ -61649,7 +61511,7 @@ index cfe6608..a24748c 100644 | |||
61649 | exit3: | 61511 | exit3: |
61650 | dput(dentry); | 61512 | dput(dentry); |
61651 | exit2: | 61513 | exit2: |
61652 | @@ -3680,6 +3819,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) | 61514 | @@ -3677,6 +3819,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
61653 | struct nameidata nd; | 61515 | struct nameidata nd; |
61654 | struct inode *inode = NULL; | 61516 | struct inode *inode = NULL; |
61655 | struct inode *delegated_inode = NULL; | 61517 | struct inode *delegated_inode = NULL; |
@@ -61658,7 +61520,7 @@ index cfe6608..a24748c 100644 | |||
61658 | unsigned int lookup_flags = 0; | 61520 | unsigned int lookup_flags = 0; |
61659 | retry: | 61521 | retry: |
61660 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); | 61522 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); |
61661 | @@ -3706,10 +3847,22 @@ retry_deleg: | 61523 | @@ -3703,10 +3847,22 @@ retry_deleg: |
61662 | if (d_is_negative(dentry)) | 61524 | if (d_is_negative(dentry)) |
61663 | goto slashes; | 61525 | goto slashes; |
61664 | ihold(inode); | 61526 | ihold(inode); |
@@ -61681,7 +61543,7 @@ index cfe6608..a24748c 100644 | |||
61681 | exit2: | 61543 | exit2: |
61682 | dput(dentry); | 61544 | dput(dentry); |
61683 | } | 61545 | } |
61684 | @@ -3797,9 +3950,17 @@ retry: | 61546 | @@ -3794,9 +3950,17 @@ retry: |
61685 | if (IS_ERR(dentry)) | 61547 | if (IS_ERR(dentry)) |
61686 | goto out_putname; | 61548 | goto out_putname; |
61687 | 61549 | ||
@@ -61699,7 +61561,7 @@ index cfe6608..a24748c 100644 | |||
61699 | done_path_create(&path, dentry); | 61561 | done_path_create(&path, dentry); |
61700 | if (retry_estale(error, lookup_flags)) { | 61562 | if (retry_estale(error, lookup_flags)) { |
61701 | lookup_flags |= LOOKUP_REVAL; | 61563 | lookup_flags |= LOOKUP_REVAL; |
61702 | @@ -3902,6 +4063,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, | 61564 | @@ -3899,6 +4063,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
61703 | struct dentry *new_dentry; | 61565 | struct dentry *new_dentry; |
61704 | struct path old_path, new_path; | 61566 | struct path old_path, new_path; |
61705 | struct inode *delegated_inode = NULL; | 61567 | struct inode *delegated_inode = NULL; |
@@ -61707,7 +61569,7 @@ index cfe6608..a24748c 100644 | |||
61707 | int how = 0; | 61569 | int how = 0; |
61708 | int error; | 61570 | int error; |
61709 | 61571 | ||
61710 | @@ -3925,7 +4087,7 @@ retry: | 61572 | @@ -3922,7 +4087,7 @@ retry: |
61711 | if (error) | 61573 | if (error) |
61712 | return error; | 61574 | return error; |
61713 | 61575 | ||
@@ -61716,7 +61578,7 @@ index cfe6608..a24748c 100644 | |||
61716 | (how & LOOKUP_REVAL)); | 61578 | (how & LOOKUP_REVAL)); |
61717 | error = PTR_ERR(new_dentry); | 61579 | error = PTR_ERR(new_dentry); |
61718 | if (IS_ERR(new_dentry)) | 61580 | if (IS_ERR(new_dentry)) |
61719 | @@ -3937,11 +4099,28 @@ retry: | 61581 | @@ -3934,11 +4099,28 @@ retry: |
61720 | error = may_linkat(&old_path); | 61582 | error = may_linkat(&old_path); |
61721 | if (unlikely(error)) | 61583 | if (unlikely(error)) |
61722 | goto out_dput; | 61584 | goto out_dput; |
@@ -61745,7 +61607,7 @@ index cfe6608..a24748c 100644 | |||
61745 | done_path_create(&new_path, new_dentry); | 61607 | done_path_create(&new_path, new_dentry); |
61746 | if (delegated_inode) { | 61608 | if (delegated_inode) { |
61747 | error = break_deleg_wait(&delegated_inode); | 61609 | error = break_deleg_wait(&delegated_inode); |
61748 | @@ -4228,6 +4407,12 @@ retry_deleg: | 61610 | @@ -4225,6 +4407,12 @@ retry_deleg: |
61749 | if (new_dentry == trap) | 61611 | if (new_dentry == trap) |
61750 | goto exit5; | 61612 | goto exit5; |
61751 | 61613 | ||
@@ -61758,7 +61620,7 @@ index cfe6608..a24748c 100644 | |||
61758 | error = security_path_rename(&oldnd.path, old_dentry, | 61620 | error = security_path_rename(&oldnd.path, old_dentry, |
61759 | &newnd.path, new_dentry); | 61621 | &newnd.path, new_dentry); |
61760 | if (error) | 61622 | if (error) |
61761 | @@ -4235,6 +4420,9 @@ retry_deleg: | 61623 | @@ -4232,6 +4420,9 @@ retry_deleg: |
61762 | error = vfs_rename(old_dir->d_inode, old_dentry, | 61624 | error = vfs_rename(old_dir->d_inode, old_dentry, |
61763 | new_dir->d_inode, new_dentry, | 61625 | new_dir->d_inode, new_dentry, |
61764 | &delegated_inode); | 61626 | &delegated_inode); |
@@ -61768,7 +61630,7 @@ index cfe6608..a24748c 100644 | |||
61768 | exit5: | 61630 | exit5: |
61769 | dput(new_dentry); | 61631 | dput(new_dentry); |
61770 | exit4: | 61632 | exit4: |
61771 | @@ -4271,6 +4459,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna | 61633 | @@ -4268,6 +4459,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna |
61772 | 61634 | ||
61773 | int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) | 61635 | int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) |
61774 | { | 61636 | { |
@@ -61777,7 +61639,7 @@ index cfe6608..a24748c 100644 | |||
61777 | int len; | 61639 | int len; |
61778 | 61640 | ||
61779 | len = PTR_ERR(link); | 61641 | len = PTR_ERR(link); |
61780 | @@ -4280,7 +4470,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c | 61642 | @@ -4277,7 +4470,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c |
61781 | len = strlen(link); | 61643 | len = strlen(link); |
61782 | if (len > (unsigned) buflen) | 61644 | if (len > (unsigned) buflen) |
61783 | len = buflen; | 61645 | len = buflen; |
@@ -61794,10 +61656,10 @@ index cfe6608..a24748c 100644 | |||
61794 | out: | 61656 | out: |
61795 | return len; | 61657 | return len; |
61796 | diff --git a/fs/namespace.c b/fs/namespace.c | 61658 | diff --git a/fs/namespace.c b/fs/namespace.c |
61797 | index be32ebc..c595734 100644 | 61659 | index 6d0e54e..4c1f85e 100644 |
61798 | --- a/fs/namespace.c | 61660 | --- a/fs/namespace.c |
61799 | +++ b/fs/namespace.c | 61661 | +++ b/fs/namespace.c |
61800 | @@ -1293,6 +1293,9 @@ static int do_umount(struct mount *mnt, int flags) | 61662 | @@ -1339,6 +1339,9 @@ static int do_umount(struct mount *mnt, int flags) |
61801 | if (!(sb->s_flags & MS_RDONLY)) | 61663 | if (!(sb->s_flags & MS_RDONLY)) |
61802 | retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); | 61664 | retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); |
61803 | up_write(&sb->s_umount); | 61665 | up_write(&sb->s_umount); |
@@ -61807,7 +61669,7 @@ index be32ebc..c595734 100644 | |||
61807 | return retval; | 61669 | return retval; |
61808 | } | 61670 | } |
61809 | 61671 | ||
61810 | @@ -1315,6 +1318,9 @@ static int do_umount(struct mount *mnt, int flags) | 61672 | @@ -1361,6 +1364,9 @@ static int do_umount(struct mount *mnt, int flags) |
61811 | } | 61673 | } |
61812 | unlock_mount_hash(); | 61674 | unlock_mount_hash(); |
61813 | namespace_unlock(); | 61675 | namespace_unlock(); |
@@ -61817,7 +61679,7 @@ index be32ebc..c595734 100644 | |||
61817 | return retval; | 61679 | return retval; |
61818 | } | 61680 | } |
61819 | 61681 | ||
61820 | @@ -1334,7 +1340,7 @@ static inline bool may_mount(void) | 61682 | @@ -1380,7 +1386,7 @@ static inline bool may_mount(void) |
61821 | * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD | 61683 | * unixes. Our API is identical to OSF/1 to avoid making a mess of AMD |
61822 | */ | 61684 | */ |
61823 | 61685 | ||
@@ -61826,7 +61688,7 @@ index be32ebc..c595734 100644 | |||
61826 | { | 61688 | { |
61827 | struct path path; | 61689 | struct path path; |
61828 | struct mount *mnt; | 61690 | struct mount *mnt; |
61829 | @@ -1376,7 +1382,7 @@ out: | 61691 | @@ -1422,7 +1428,7 @@ out: |
61830 | /* | 61692 | /* |
61831 | * The 2.0 compatible umount. No flags. | 61693 | * The 2.0 compatible umount. No flags. |
61832 | */ | 61694 | */ |
@@ -61835,7 +61697,7 @@ index be32ebc..c595734 100644 | |||
61835 | { | 61697 | { |
61836 | return sys_umount(name, 0); | 61698 | return sys_umount(name, 0); |
61837 | } | 61699 | } |
61838 | @@ -2379,6 +2385,16 @@ long do_mount(const char *dev_name, const char *dir_name, | 61700 | @@ -2426,6 +2432,16 @@ long do_mount(const char *dev_name, const char *dir_name, |
61839 | MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | | 61701 | MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT | |
61840 | MS_STRICTATIME); | 61702 | MS_STRICTATIME); |
61841 | 61703 | ||
@@ -61852,7 +61714,7 @@ index be32ebc..c595734 100644 | |||
61852 | if (flags & MS_REMOUNT) | 61714 | if (flags & MS_REMOUNT) |
61853 | retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, | 61715 | retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, |
61854 | data_page); | 61716 | data_page); |
61855 | @@ -2393,6 +2409,9 @@ long do_mount(const char *dev_name, const char *dir_name, | 61717 | @@ -2440,6 +2456,9 @@ long do_mount(const char *dev_name, const char *dir_name, |
61856 | dev_name, data_page); | 61718 | dev_name, data_page); |
61857 | dput_out: | 61719 | dput_out: |
61858 | path_put(&path); | 61720 | path_put(&path); |
@@ -61862,7 +61724,7 @@ index be32ebc..c595734 100644 | |||
61862 | return retval; | 61724 | return retval; |
61863 | } | 61725 | } |
61864 | 61726 | ||
61865 | @@ -2410,7 +2429,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) | 61727 | @@ -2457,7 +2476,7 @@ static void free_mnt_ns(struct mnt_namespace *ns) |
61866 | * number incrementing at 10Ghz will take 12,427 years to wrap which | 61728 | * number incrementing at 10Ghz will take 12,427 years to wrap which |
61867 | * is effectively never, so we can ignore the possibility. | 61729 | * is effectively never, so we can ignore the possibility. |
61868 | */ | 61730 | */ |
@@ -61871,7 +61733,7 @@ index be32ebc..c595734 100644 | |||
61871 | 61733 | ||
61872 | static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) | 61734 | static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) |
61873 | { | 61735 | { |
61874 | @@ -2425,7 +2444,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) | 61736 | @@ -2472,7 +2491,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) |
61875 | kfree(new_ns); | 61737 | kfree(new_ns); |
61876 | return ERR_PTR(ret); | 61738 | return ERR_PTR(ret); |
61877 | } | 61739 | } |
@@ -61880,7 +61742,7 @@ index be32ebc..c595734 100644 | |||
61880 | atomic_set(&new_ns->count, 1); | 61742 | atomic_set(&new_ns->count, 1); |
61881 | new_ns->root = NULL; | 61743 | new_ns->root = NULL; |
61882 | INIT_LIST_HEAD(&new_ns->list); | 61744 | INIT_LIST_HEAD(&new_ns->list); |
61883 | @@ -2435,7 +2454,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) | 61745 | @@ -2482,7 +2501,7 @@ static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns) |
61884 | return new_ns; | 61746 | return new_ns; |
61885 | } | 61747 | } |
61886 | 61748 | ||
@@ -61889,7 +61751,7 @@ index be32ebc..c595734 100644 | |||
61889 | struct user_namespace *user_ns, struct fs_struct *new_fs) | 61751 | struct user_namespace *user_ns, struct fs_struct *new_fs) |
61890 | { | 61752 | { |
61891 | struct mnt_namespace *new_ns; | 61753 | struct mnt_namespace *new_ns; |
61892 | @@ -2556,8 +2575,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) | 61754 | @@ -2603,8 +2622,8 @@ struct dentry *mount_subtree(struct vfsmount *mnt, const char *name) |
61893 | } | 61755 | } |
61894 | EXPORT_SYMBOL(mount_subtree); | 61756 | EXPORT_SYMBOL(mount_subtree); |
61895 | 61757 | ||
@@ -61900,7 +61762,7 @@ index be32ebc..c595734 100644 | |||
61900 | { | 61762 | { |
61901 | int ret; | 61763 | int ret; |
61902 | char *kernel_type; | 61764 | char *kernel_type; |
61903 | @@ -2670,6 +2689,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, | 61765 | @@ -2717,6 +2736,11 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, |
61904 | if (error) | 61766 | if (error) |
61905 | goto out2; | 61767 | goto out2; |
61906 | 61768 | ||
@@ -61912,7 +61774,7 @@ index be32ebc..c595734 100644 | |||
61912 | get_fs_root(current->fs, &root); | 61774 | get_fs_root(current->fs, &root); |
61913 | old_mp = lock_mount(&old); | 61775 | old_mp = lock_mount(&old); |
61914 | error = PTR_ERR(old_mp); | 61776 | error = PTR_ERR(old_mp); |
61915 | @@ -2930,7 +2954,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns) | 61777 | @@ -2983,7 +3007,7 @@ static int mntns_install(struct nsproxy *nsproxy, void *ns) |
61916 | !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) | 61778 | !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) |
61917 | return -EPERM; | 61779 | return -EPERM; |
61918 | 61780 | ||
@@ -61958,6 +61820,58 @@ index 5d94c02..630214f 100644 | |||
61958 | } | 61820 | } |
61959 | 61821 | ||
61960 | void nfs_fattr_init(struct nfs_fattr *fattr) | 61822 | void nfs_fattr_init(struct nfs_fattr *fattr) |
61823 | diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c | ||
61824 | index 0e90bf0..134691e 100644 | ||
61825 | --- a/fs/nfs/nfs4proc.c | ||
61826 | +++ b/fs/nfs/nfs4proc.c | ||
61827 | @@ -1070,6 +1070,7 @@ static void nfs4_opendata_free(struct kref *kref) | ||
61828 | dput(p->dentry); | ||
61829 | nfs_sb_deactive(sb); | ||
61830 | nfs_fattr_free_names(&p->f_attr); | ||
61831 | + kfree(p->f_attr.mdsthreshold); | ||
61832 | kfree(p); | ||
61833 | } | ||
61834 | |||
61835 | @@ -2246,10 +2247,12 @@ static int _nfs4_do_open(struct inode *dir, | ||
61836 | } | ||
61837 | } | ||
61838 | |||
61839 | - if (ctx_th && server->attr_bitmask[2] & FATTR4_WORD2_MDSTHRESHOLD) { | ||
61840 | - opendata->f_attr.mdsthreshold = pnfs_mdsthreshold_alloc(); | ||
61841 | - if (!opendata->f_attr.mdsthreshold) | ||
61842 | - goto err_free_label; | ||
61843 | + if (server->attr_bitmask[2] & FATTR4_WORD2_MDSTHRESHOLD) { | ||
61844 | + if (!opendata->f_attr.mdsthreshold) { | ||
61845 | + opendata->f_attr.mdsthreshold = pnfs_mdsthreshold_alloc(); | ||
61846 | + if (!opendata->f_attr.mdsthreshold) | ||
61847 | + goto err_free_label; | ||
61848 | + } | ||
61849 | opendata->o_arg.open_bitmap = &nfs4_pnfs_open_bitmap[0]; | ||
61850 | } | ||
61851 | if (dentry->d_inode != NULL) | ||
61852 | @@ -2277,11 +2280,10 @@ static int _nfs4_do_open(struct inode *dir, | ||
61853 | if (opendata->file_created) | ||
61854 | *opened |= FILE_CREATED; | ||
61855 | |||
61856 | - if (pnfs_use_threshold(ctx_th, opendata->f_attr.mdsthreshold, server)) | ||
61857 | + if (pnfs_use_threshold(ctx_th, opendata->f_attr.mdsthreshold, server)) { | ||
61858 | *ctx_th = opendata->f_attr.mdsthreshold; | ||
61859 | - else | ||
61860 | - kfree(opendata->f_attr.mdsthreshold); | ||
61861 | - opendata->f_attr.mdsthreshold = NULL; | ||
61862 | + opendata->f_attr.mdsthreshold = NULL; | ||
61863 | + } | ||
61864 | |||
61865 | nfs4_label_free(olabel); | ||
61866 | |||
61867 | @@ -2291,7 +2293,6 @@ static int _nfs4_do_open(struct inode *dir, | ||
61868 | err_free_label: | ||
61869 | nfs4_label_free(olabel); | ||
61870 | err_opendata_put: | ||
61871 | - kfree(opendata->f_attr.mdsthreshold); | ||
61872 | nfs4_opendata_put(opendata); | ||
61873 | err_put_state_owner: | ||
61874 | nfs4_put_state_owner(sp); | ||
61961 | diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c | 61875 | diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c |
61962 | index 419572f..5414a23 100644 | 61876 | index 419572f..5414a23 100644 |
61963 | --- a/fs/nfsd/nfs4proc.c | 61877 | --- a/fs/nfsd/nfs4proc.c |
@@ -65163,10 +65077,10 @@ index 104455b..764c512 100644 | |||
65163 | kfree(s); | 65077 | kfree(s); |
65164 | diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig | 65078 | diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
65165 | new file mode 100644 | 65079 | new file mode 100644 |
65166 | index 0000000..13b7885 | 65080 | index 0000000..3abaf02 |
65167 | --- /dev/null | 65081 | --- /dev/null |
65168 | +++ b/grsecurity/Kconfig | 65082 | +++ b/grsecurity/Kconfig |
65169 | @@ -0,0 +1,1155 @@ | 65083 | @@ -0,0 +1,1161 @@ |
65170 | +# | 65084 | +# |
65171 | +# grecurity configuration | 65085 | +# grecurity configuration |
65172 | +# | 65086 | +# |
@@ -65222,7 +65136,8 @@ index 0000000..13b7885 | |||
65222 | + the most notable of which are XFree86 and hwclock. hwclock can be | 65136 | + the most notable of which are XFree86 and hwclock. hwclock can be |
65223 | + remedied by having RTC support in the kernel, so real-time | 65137 | + remedied by having RTC support in the kernel, so real-time |
65224 | + clock support is enabled if this option is enabled, to ensure | 65138 | + clock support is enabled if this option is enabled, to ensure |
65225 | + that hwclock operates correctly. | 65139 | + that hwclock operates correctly. If hwclock still does not work, |
65140 | + either update udev or symlink /dev/rtc to /dev/rtc0. | ||
65226 | + | 65141 | + |
65227 | + If you're using XFree86 or a version of Xorg from 2012 or earlier, | 65142 | + If you're using XFree86 or a version of Xorg from 2012 or earlier, |
65228 | + you may not be able to boot into a graphical environment with this | 65143 | + you may not be able to boot into a graphical environment with this |
@@ -65647,6 +65562,11 @@ index 0000000..13b7885 | |||
65647 | + encounter no software incompatibilities with the following options, it | 65562 | + encounter no software incompatibilities with the following options, it |
65648 | + is recommended that you enable each one. | 65563 | + is recommended that you enable each one. |
65649 | + | 65564 | + |
65565 | + Note that the chroot restrictions are not intended to apply to "chroots" | ||
65566 | + to directories that are simple bind mounts of the global root filesystem. | ||
65567 | + For several other reasons, a user shouldn't expect any significant | ||
65568 | + security by performing such a chroot. | ||
65569 | + | ||
65650 | +config GRKERNSEC_CHROOT_MOUNT | 65570 | +config GRKERNSEC_CHROOT_MOUNT |
65651 | + bool "Deny mounts" | 65571 | + bool "Deny mounts" |
65652 | + default y if GRKERNSEC_CONFIG_AUTO | 65572 | + default y if GRKERNSEC_CONFIG_AUTO |
@@ -76941,9 +76861,18 @@ index bf1ef22..2a55e1b 100644 | |||
76941 | static inline kuid_t audit_get_loginuid(struct task_struct *tsk) | 76861 | static inline kuid_t audit_get_loginuid(struct task_struct *tsk) |
76942 | { | 76862 | { |
76943 | diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h | 76863 | diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h |
76944 | index fd8bf32..2cccd5a 100644 | 76864 | index fd8bf32..49a5f5c 100644 |
76945 | --- a/include/linux/binfmts.h | 76865 | --- a/include/linux/binfmts.h |
76946 | +++ b/include/linux/binfmts.h | 76866 | +++ b/include/linux/binfmts.h |
76867 | @@ -45,7 +45,7 @@ struct linux_binprm { | ||
76868 | unsigned interp_data; | ||
76869 | unsigned long loader, exec; | ||
76870 | char tcomm[TASK_COMM_LEN]; | ||
76871 | -}; | ||
76872 | +} __randomize_layout; | ||
76873 | |||
76874 | #define BINPRM_FLAGS_ENFORCE_NONDUMP_BIT 0 | ||
76875 | #define BINPRM_FLAGS_ENFORCE_NONDUMP (1 << BINPRM_FLAGS_ENFORCE_NONDUMP_BIT) | ||
76947 | @@ -74,8 +74,10 @@ struct linux_binfmt { | 76876 | @@ -74,8 +74,10 @@ struct linux_binfmt { |
76948 | int (*load_binary)(struct linux_binprm *); | 76877 | int (*load_binary)(struct linux_binprm *); |
76949 | int (*load_shlib)(struct file *); | 76878 | int (*load_shlib)(struct file *); |
@@ -76952,12 +76881,12 @@ index fd8bf32..2cccd5a 100644 | |||
76952 | + void (*handle_mmap)(struct file *); | 76881 | + void (*handle_mmap)(struct file *); |
76953 | unsigned long min_coredump; /* minimal dump size */ | 76882 | unsigned long min_coredump; /* minimal dump size */ |
76954 | -}; | 76883 | -}; |
76955 | +} __do_const; | 76884 | +} __do_const __randomize_layout; |
76956 | 76885 | ||
76957 | extern void __register_binfmt(struct linux_binfmt *fmt, int insert); | 76886 | extern void __register_binfmt(struct linux_binfmt *fmt, int insert); |
76958 | 76887 | ||
76959 | diff --git a/include/linux/bitops.h b/include/linux/bitops.h | 76888 | diff --git a/include/linux/bitops.h b/include/linux/bitops.h |
76960 | index abc9ca7..e54ee27 100644 | 76889 | index be5fd38..d71192a 100644 |
76961 | --- a/include/linux/bitops.h | 76890 | --- a/include/linux/bitops.h |
76962 | +++ b/include/linux/bitops.h | 76891 | +++ b/include/linux/bitops.h |
76963 | @@ -102,7 +102,7 @@ static inline __u64 ror64(__u64 word, unsigned int shift) | 76892 | @@ -102,7 +102,7 @@ static inline __u64 ror64(__u64 word, unsigned int shift) |
@@ -79839,7 +79768,7 @@ index 9fe426b..8148be6 100644 | |||
79839 | static inline int | 79768 | static inline int |
79840 | vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst) | 79769 | vma_dup_policy(struct vm_area_struct *src, struct vm_area_struct *dst) |
79841 | diff --git a/include/linux/mm.h b/include/linux/mm.h | 79770 | diff --git a/include/linux/mm.h b/include/linux/mm.h |
79842 | index 0ab5439..2859c61 100644 | 79771 | index 5360b82..4eedf45 100644 |
79843 | --- a/include/linux/mm.h | 79772 | --- a/include/linux/mm.h |
79844 | +++ b/include/linux/mm.h | 79773 | +++ b/include/linux/mm.h |
79845 | @@ -117,6 +117,11 @@ extern unsigned int kobjsize(const void *objp); | 79774 | @@ -117,6 +117,11 @@ extern unsigned int kobjsize(const void *objp); |
@@ -79873,7 +79802,7 @@ index 0ab5439..2859c61 100644 | |||
79873 | 79802 | ||
79874 | struct mmu_gather; | 79803 | struct mmu_gather; |
79875 | struct inode; | 79804 | struct inode; |
79876 | @@ -1064,8 +1070,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, | 79805 | @@ -1074,8 +1080,8 @@ int follow_pfn(struct vm_area_struct *vma, unsigned long address, |
79877 | unsigned long *pfn); | 79806 | unsigned long *pfn); |
79878 | int follow_phys(struct vm_area_struct *vma, unsigned long address, | 79807 | int follow_phys(struct vm_area_struct *vma, unsigned long address, |
79879 | unsigned int flags, unsigned long *prot, resource_size_t *phys); | 79808 | unsigned int flags, unsigned long *prot, resource_size_t *phys); |
@@ -79884,7 +79813,7 @@ index 0ab5439..2859c61 100644 | |||
79884 | 79813 | ||
79885 | static inline void unmap_shared_mapping_range(struct address_space *mapping, | 79814 | static inline void unmap_shared_mapping_range(struct address_space *mapping, |
79886 | loff_t const holebegin, loff_t const holelen) | 79815 | loff_t const holebegin, loff_t const holelen) |
79887 | @@ -1104,9 +1110,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, | 79816 | @@ -1114,9 +1120,9 @@ static inline int fixup_user_fault(struct task_struct *tsk, |
79888 | } | 79817 | } |
79889 | #endif | 79818 | #endif |
79890 | 79819 | ||
@@ -79897,7 +79826,7 @@ index 0ab5439..2859c61 100644 | |||
79897 | 79826 | ||
79898 | long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, | 79827 | long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm, |
79899 | unsigned long start, unsigned long nr_pages, | 79828 | unsigned long start, unsigned long nr_pages, |
79900 | @@ -1138,34 +1144,6 @@ int set_page_dirty(struct page *page); | 79829 | @@ -1148,34 +1154,6 @@ int set_page_dirty(struct page *page); |
79901 | int set_page_dirty_lock(struct page *page); | 79830 | int set_page_dirty_lock(struct page *page); |
79902 | int clear_page_dirty_for_io(struct page *page); | 79831 | int clear_page_dirty_for_io(struct page *page); |
79903 | 79832 | ||
@@ -79932,7 +79861,7 @@ index 0ab5439..2859c61 100644 | |||
79932 | extern pid_t | 79861 | extern pid_t |
79933 | vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group); | 79862 | vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group); |
79934 | 79863 | ||
79935 | @@ -1265,6 +1243,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) | 79864 | @@ -1275,6 +1253,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) |
79936 | } | 79865 | } |
79937 | #endif | 79866 | #endif |
79938 | 79867 | ||
@@ -79948,7 +79877,7 @@ index 0ab5439..2859c61 100644 | |||
79948 | int vma_wants_writenotify(struct vm_area_struct *vma); | 79877 | int vma_wants_writenotify(struct vm_area_struct *vma); |
79949 | 79878 | ||
79950 | extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr, | 79879 | extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr, |
79951 | @@ -1283,8 +1270,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, | 79880 | @@ -1293,8 +1280,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, |
79952 | { | 79881 | { |
79953 | return 0; | 79882 | return 0; |
79954 | } | 79883 | } |
@@ -79964,7 +79893,7 @@ index 0ab5439..2859c61 100644 | |||
79964 | #endif | 79893 | #endif |
79965 | 79894 | ||
79966 | #ifdef __PAGETABLE_PMD_FOLDED | 79895 | #ifdef __PAGETABLE_PMD_FOLDED |
79967 | @@ -1293,8 +1287,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, | 79896 | @@ -1303,8 +1297,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, |
79968 | { | 79897 | { |
79969 | return 0; | 79898 | return 0; |
79970 | } | 79899 | } |
@@ -79980,7 +79909,7 @@ index 0ab5439..2859c61 100644 | |||
79980 | #endif | 79909 | #endif |
79981 | 79910 | ||
79982 | int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma, | 79911 | int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma, |
79983 | @@ -1312,11 +1313,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a | 79912 | @@ -1322,11 +1323,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a |
79984 | NULL: pud_offset(pgd, address); | 79913 | NULL: pud_offset(pgd, address); |
79985 | } | 79914 | } |
79986 | 79915 | ||
@@ -80004,7 +79933,7 @@ index 0ab5439..2859c61 100644 | |||
80004 | #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ | 79933 | #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ |
80005 | 79934 | ||
80006 | #if USE_SPLIT_PTE_PTLOCKS | 79935 | #if USE_SPLIT_PTE_PTLOCKS |
80007 | @@ -1694,7 +1707,7 @@ extern int install_special_mapping(struct mm_struct *mm, | 79936 | @@ -1704,7 +1717,7 @@ extern int install_special_mapping(struct mm_struct *mm, |
80008 | unsigned long addr, unsigned long len, | 79937 | unsigned long addr, unsigned long len, |
80009 | unsigned long flags, struct page **pages); | 79938 | unsigned long flags, struct page **pages); |
80010 | 79939 | ||
@@ -80013,7 +79942,7 @@ index 0ab5439..2859c61 100644 | |||
80013 | 79942 | ||
80014 | extern unsigned long mmap_region(struct file *file, unsigned long addr, | 79943 | extern unsigned long mmap_region(struct file *file, unsigned long addr, |
80015 | unsigned long len, vm_flags_t vm_flags, unsigned long pgoff); | 79944 | unsigned long len, vm_flags_t vm_flags, unsigned long pgoff); |
80016 | @@ -1702,6 +1715,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, | 79945 | @@ -1712,6 +1725,7 @@ extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, |
80017 | unsigned long len, unsigned long prot, unsigned long flags, | 79946 | unsigned long len, unsigned long prot, unsigned long flags, |
80018 | unsigned long pgoff, unsigned long *populate); | 79947 | unsigned long pgoff, unsigned long *populate); |
80019 | extern int do_munmap(struct mm_struct *, unsigned long, size_t); | 79948 | extern int do_munmap(struct mm_struct *, unsigned long, size_t); |
@@ -80021,7 +79950,7 @@ index 0ab5439..2859c61 100644 | |||
80021 | 79950 | ||
80022 | #ifdef CONFIG_MMU | 79951 | #ifdef CONFIG_MMU |
80023 | extern int __mm_populate(unsigned long addr, unsigned long len, | 79952 | extern int __mm_populate(unsigned long addr, unsigned long len, |
80024 | @@ -1730,10 +1744,11 @@ struct vm_unmapped_area_info { | 79953 | @@ -1740,10 +1754,11 @@ struct vm_unmapped_area_info { |
80025 | unsigned long high_limit; | 79954 | unsigned long high_limit; |
80026 | unsigned long align_mask; | 79955 | unsigned long align_mask; |
80027 | unsigned long align_offset; | 79956 | unsigned long align_offset; |
@@ -80035,7 +79964,7 @@ index 0ab5439..2859c61 100644 | |||
80035 | 79964 | ||
80036 | /* | 79965 | /* |
80037 | * Search for an unmapped address range. | 79966 | * Search for an unmapped address range. |
80038 | @@ -1745,7 +1760,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); | 79967 | @@ -1755,7 +1770,7 @@ extern unsigned long unmapped_area_topdown(struct vm_unmapped_area_info *info); |
80039 | * - satisfies (begin_addr & align_mask) == (align_offset & align_mask) | 79968 | * - satisfies (begin_addr & align_mask) == (align_offset & align_mask) |
80040 | */ | 79969 | */ |
80041 | static inline unsigned long | 79970 | static inline unsigned long |
@@ -80044,7 +79973,7 @@ index 0ab5439..2859c61 100644 | |||
80044 | { | 79973 | { |
80045 | if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN)) | 79974 | if (!(info->flags & VM_UNMAPPED_AREA_TOPDOWN)) |
80046 | return unmapped_area(info); | 79975 | return unmapped_area(info); |
80047 | @@ -1808,6 +1823,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add | 79976 | @@ -1818,6 +1833,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add |
80048 | extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, | 79977 | extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, |
80049 | struct vm_area_struct **pprev); | 79978 | struct vm_area_struct **pprev); |
80050 | 79979 | ||
@@ -80055,7 +79984,7 @@ index 0ab5439..2859c61 100644 | |||
80055 | /* Look up the first VMA which intersects the interval start_addr..end_addr-1, | 79984 | /* Look up the first VMA which intersects the interval start_addr..end_addr-1, |
80056 | NULL if none. Assume start_addr < end_addr. */ | 79985 | NULL if none. Assume start_addr < end_addr. */ |
80057 | static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) | 79986 | static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) |
80058 | @@ -1836,15 +1855,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, | 79987 | @@ -1846,15 +1865,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, |
80059 | return vma; | 79988 | return vma; |
80060 | } | 79989 | } |
80061 | 79990 | ||
@@ -80071,7 +80000,7 @@ index 0ab5439..2859c61 100644 | |||
80071 | #ifdef CONFIG_ARCH_USES_NUMA_PROT_NONE | 80000 | #ifdef CONFIG_ARCH_USES_NUMA_PROT_NONE |
80072 | unsigned long change_prot_numa(struct vm_area_struct *vma, | 80001 | unsigned long change_prot_numa(struct vm_area_struct *vma, |
80073 | unsigned long start, unsigned long end); | 80002 | unsigned long start, unsigned long end); |
80074 | @@ -1896,6 +1906,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); | 80003 | @@ -1906,6 +1916,11 @@ void vm_stat_account(struct mm_struct *, unsigned long, struct file *, long); |
80075 | static inline void vm_stat_account(struct mm_struct *mm, | 80004 | static inline void vm_stat_account(struct mm_struct *mm, |
80076 | unsigned long flags, struct file *file, long pages) | 80005 | unsigned long flags, struct file *file, long pages) |
80077 | { | 80006 | { |
@@ -80083,7 +80012,7 @@ index 0ab5439..2859c61 100644 | |||
80083 | mm->total_vm += pages; | 80012 | mm->total_vm += pages; |
80084 | } | 80013 | } |
80085 | #endif /* CONFIG_PROC_FS */ | 80014 | #endif /* CONFIG_PROC_FS */ |
80086 | @@ -1977,7 +1992,7 @@ extern int unpoison_memory(unsigned long pfn); | 80015 | @@ -1987,7 +2002,7 @@ extern int unpoison_memory(unsigned long pfn); |
80087 | extern int sysctl_memory_failure_early_kill; | 80016 | extern int sysctl_memory_failure_early_kill; |
80088 | extern int sysctl_memory_failure_recovery; | 80017 | extern int sysctl_memory_failure_recovery; |
80089 | extern void shake_page(struct page *p, int access); | 80018 | extern void shake_page(struct page *p, int access); |
@@ -80092,7 +80021,7 @@ index 0ab5439..2859c61 100644 | |||
80092 | extern int soft_offline_page(struct page *page, int flags); | 80021 | extern int soft_offline_page(struct page *page, int flags); |
80093 | 80022 | ||
80094 | extern void dump_page(struct page *page); | 80023 | extern void dump_page(struct page *page); |
80095 | @@ -2014,5 +2029,11 @@ void __init setup_nr_node_ids(void); | 80024 | @@ -2024,5 +2039,11 @@ void __init setup_nr_node_ids(void); |
80096 | static inline void setup_nr_node_ids(void) {} | 80025 | static inline void setup_nr_node_ids(void) {} |
80097 | #endif | 80026 | #endif |
80098 | 80027 | ||
@@ -80596,6 +80525,27 @@ index 4386946..f50c615 100644 | |||
80596 | struct padata_cpumask cpumask; | 80525 | struct padata_cpumask cpumask; |
80597 | spinlock_t lock ____cacheline_aligned; | 80526 | spinlock_t lock ____cacheline_aligned; |
80598 | unsigned int processed; | 80527 | unsigned int processed; |
80528 | diff --git a/include/linux/path.h b/include/linux/path.h | ||
80529 | index d137218..be0c176 100644 | ||
80530 | --- a/include/linux/path.h | ||
80531 | +++ b/include/linux/path.h | ||
80532 | @@ -1,13 +1,15 @@ | ||
80533 | #ifndef _LINUX_PATH_H | ||
80534 | #define _LINUX_PATH_H | ||
80535 | |||
80536 | +#include <linux/compiler.h> | ||
80537 | + | ||
80538 | struct dentry; | ||
80539 | struct vfsmount; | ||
80540 | |||
80541 | struct path { | ||
80542 | struct vfsmount *mnt; | ||
80543 | struct dentry *dentry; | ||
80544 | -}; | ||
80545 | +} __randomize_layout; | ||
80546 | |||
80547 | extern void path_get(const struct path *); | ||
80548 | extern void path_put(const struct path *); | ||
80599 | diff --git a/include/linux/pci_hotplug.h b/include/linux/pci_hotplug.h | 80549 | diff --git a/include/linux/pci_hotplug.h b/include/linux/pci_hotplug.h |
80600 | index a2e2f1d..8a391d2 100644 | 80550 | index a2e2f1d..8a391d2 100644 |
80601 | --- a/include/linux/pci_hotplug.h | 80551 | --- a/include/linux/pci_hotplug.h |
@@ -81448,7 +81398,7 @@ index e3347c5..f682891 100644 | |||
81448 | extern unsigned int sysctl_sched_latency; | 81398 | extern unsigned int sysctl_sched_latency; |
81449 | extern unsigned int sysctl_sched_min_granularity; | 81399 | extern unsigned int sysctl_sched_min_granularity; |
81450 | diff --git a/include/linux/security.h b/include/linux/security.h | 81400 | diff --git a/include/linux/security.h b/include/linux/security.h |
81451 | index 5623a7f..b352409 100644 | 81401 | index 5623a7f..7ae77be 100644 |
81452 | --- a/include/linux/security.h | 81402 | --- a/include/linux/security.h |
81453 | +++ b/include/linux/security.h | 81403 | +++ b/include/linux/security.h |
81454 | @@ -27,6 +27,7 @@ | 81404 | @@ -27,6 +27,7 @@ |
@@ -81468,6 +81418,15 @@ index 5623a7f..b352409 100644 | |||
81468 | #ifdef CONFIG_MMU | 81418 | #ifdef CONFIG_MMU |
81469 | extern unsigned long mmap_min_addr; | 81419 | extern unsigned long mmap_min_addr; |
81470 | extern unsigned long dac_mmap_min_addr; | 81420 | extern unsigned long dac_mmap_min_addr; |
81421 | @@ -1718,7 +1717,7 @@ struct security_operations { | ||
81422 | struct audit_context *actx); | ||
81423 | void (*audit_rule_free) (void *lsmrule); | ||
81424 | #endif /* CONFIG_AUDIT */ | ||
81425 | -}; | ||
81426 | +} __randomize_layout; | ||
81427 | |||
81428 | /* prototypes */ | ||
81429 | extern int security_init(void); | ||
81471 | diff --git a/include/linux/semaphore.h b/include/linux/semaphore.h | 81430 | diff --git a/include/linux/semaphore.h b/include/linux/semaphore.h |
81472 | index dc368b8..e895209 100644 | 81431 | index dc368b8..e895209 100644 |
81473 | --- a/include/linux/semaphore.h | 81432 | --- a/include/linux/semaphore.h |
@@ -82096,7 +82055,7 @@ index 97d660e..6356755 100644 | |||
82096 | 82055 | ||
82097 | extern int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc); | 82056 | extern int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc); |
82098 | diff --git a/include/linux/tty_driver.h b/include/linux/tty_driver.h | 82057 | diff --git a/include/linux/tty_driver.h b/include/linux/tty_driver.h |
82099 | index 756a609..f61242d 100644 | 82058 | index 756a609..89db85e 100644 |
82100 | --- a/include/linux/tty_driver.h | 82059 | --- a/include/linux/tty_driver.h |
82101 | +++ b/include/linux/tty_driver.h | 82060 | +++ b/include/linux/tty_driver.h |
82102 | @@ -285,7 +285,7 @@ struct tty_operations { | 82061 | @@ -285,7 +285,7 @@ struct tty_operations { |
@@ -82104,7 +82063,7 @@ index 756a609..f61242d 100644 | |||
82104 | #endif | 82063 | #endif |
82105 | const struct file_operations *proc_fops; | 82064 | const struct file_operations *proc_fops; |
82106 | -}; | 82065 | -}; |
82107 | +} __do_const; | 82066 | +} __do_const __randomize_layout; |
82108 | 82067 | ||
82109 | struct tty_driver { | 82068 | struct tty_driver { |
82110 | int magic; /* magic number for this structure */ | 82069 | int magic; /* magic number for this structure */ |
@@ -82560,6 +82519,19 @@ index 9a36d92..0aafe2a 100644 | |||
82560 | 82519 | ||
82561 | void v9fs_register_trans(struct p9_trans_module *m); | 82520 | void v9fs_register_trans(struct p9_trans_module *m); |
82562 | void v9fs_unregister_trans(struct p9_trans_module *m); | 82521 | void v9fs_unregister_trans(struct p9_trans_module *m); |
82522 | diff --git a/include/net/af_unix.h b/include/net/af_unix.h | ||
82523 | index a175ba4..196eb82 100644 | ||
82524 | --- a/include/net/af_unix.h | ||
82525 | +++ b/include/net/af_unix.h | ||
82526 | @@ -36,7 +36,7 @@ struct unix_skb_parms { | ||
82527 | u32 secid; /* Security ID */ | ||
82528 | #endif | ||
82529 | u32 consumed; | ||
82530 | -}; | ||
82531 | +} __randomize_layout; | ||
82532 | |||
82533 | #define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb)) | ||
82534 | #define UNIXSID(skb) (&UNIXCB((skb)).secid) | ||
82563 | diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h | 82535 | diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h |
82564 | index c853b16d..37fccb7 100644 | 82536 | index c853b16d..37fccb7 100644 |
82565 | --- a/include/net/bluetooth/l2cap.h | 82537 | --- a/include/net/bluetooth/l2cap.h |
@@ -82974,6 +82946,21 @@ index 8ba8ce2..99b7fff 100644 | |||
82974 | struct sk_buff *skb, int offset, struct iovec *to, | 82946 | struct sk_buff *skb, int offset, struct iovec *to, |
82975 | size_t len, struct dma_pinned_list *pinned_list); | 82947 | size_t len, struct dma_pinned_list *pinned_list); |
82976 | 82948 | ||
82949 | diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h | ||
82950 | index 956b175..55d1504 100644 | ||
82951 | --- a/include/net/netfilter/nf_conntrack_extend.h | ||
82952 | +++ b/include/net/netfilter/nf_conntrack_extend.h | ||
82953 | @@ -47,8 +47,8 @@ enum nf_ct_ext_id { | ||
82954 | /* Extensions: optional stuff which isn't permanently in struct. */ | ||
82955 | struct nf_ct_ext { | ||
82956 | struct rcu_head rcu; | ||
82957 | - u8 offset[NF_CT_EXT_NUM]; | ||
82958 | - u8 len; | ||
82959 | + u16 offset[NF_CT_EXT_NUM]; | ||
82960 | + u16 len; | ||
82961 | char data[0]; | ||
82962 | }; | ||
82963 | |||
82977 | diff --git a/include/net/netlink.h b/include/net/netlink.h | 82964 | diff --git a/include/net/netlink.h b/include/net/netlink.h |
82978 | index 2b47eaa..6d5bcc2 100644 | 82965 | index 2b47eaa..6d5bcc2 100644 |
82979 | --- a/include/net/netlink.h | 82966 | --- a/include/net/netlink.h |
@@ -83148,7 +83135,7 @@ index 0a248b3..4dcbe5c 100644 | |||
83148 | 83135 | ||
83149 | /* Structure to track chunk fragments that have been acked, but peer | 83136 | /* Structure to track chunk fragments that have been acked, but peer |
83150 | diff --git a/include/net/sock.h b/include/net/sock.h | 83137 | diff --git a/include/net/sock.h b/include/net/sock.h |
83151 | index 2ef3c3e..e02013e 100644 | 83138 | index a2b3d4e..466983f 100644 |
83152 | --- a/include/net/sock.h | 83139 | --- a/include/net/sock.h |
83153 | +++ b/include/net/sock.h | 83140 | +++ b/include/net/sock.h |
83154 | @@ -348,7 +348,7 @@ struct sock { | 83141 | @@ -348,7 +348,7 @@ struct sock { |
@@ -83160,6 +83147,15 @@ index 2ef3c3e..e02013e 100644 | |||
83160 | int sk_rcvbuf; | 83147 | int sk_rcvbuf; |
83161 | 83148 | ||
83162 | struct sk_filter __rcu *sk_filter; | 83149 | struct sk_filter __rcu *sk_filter; |
83150 | @@ -1022,7 +1022,7 @@ struct proto { | ||
83151 | void (*destroy_cgroup)(struct mem_cgroup *memcg); | ||
83152 | struct cg_proto *(*proto_cgroup)(struct mem_cgroup *memcg); | ||
83153 | #endif | ||
83154 | -}; | ||
83155 | +} __randomize_layout; | ||
83156 | |||
83157 | /* | ||
83158 | * Bits in struct cg_proto.flags | ||
83163 | @@ -1209,7 +1209,7 @@ static inline u64 memcg_memory_allocated_read(struct cg_proto *prot) | 83159 | @@ -1209,7 +1209,7 @@ static inline u64 memcg_memory_allocated_read(struct cg_proto *prot) |
83164 | return ret >> PAGE_SHIFT; | 83160 | return ret >> PAGE_SHIFT; |
83165 | } | 83161 | } |
@@ -83169,7 +83165,16 @@ index 2ef3c3e..e02013e 100644 | |||
83169 | sk_memory_allocated(const struct sock *sk) | 83165 | sk_memory_allocated(const struct sock *sk) |
83170 | { | 83166 | { |
83171 | struct proto *prot = sk->sk_prot; | 83167 | struct proto *prot = sk->sk_prot; |
83172 | @@ -1813,7 +1813,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) | 83168 | @@ -1354,7 +1354,7 @@ struct sock_iocb { |
83169 | struct scm_cookie *scm; | ||
83170 | struct msghdr *msg, async_msg; | ||
83171 | struct kiocb *kiocb; | ||
83172 | -}; | ||
83173 | +} __randomize_layout; | ||
83174 | |||
83175 | static inline struct sock_iocb *kiocb_to_siocb(struct kiocb *iocb) | ||
83176 | { | ||
83177 | @@ -1818,7 +1818,7 @@ static inline void sk_nocaps_add(struct sock *sk, netdev_features_t flags) | ||
83173 | } | 83178 | } |
83174 | 83179 | ||
83175 | static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, | 83180 | static inline int skb_do_copy_data_nocache(struct sock *sk, struct sk_buff *skb, |
@@ -83178,7 +83183,7 @@ index 2ef3c3e..e02013e 100644 | |||
83178 | int copy, int offset) | 83183 | int copy, int offset) |
83179 | { | 83184 | { |
83180 | if (skb->ip_summed == CHECKSUM_NONE) { | 83185 | if (skb->ip_summed == CHECKSUM_NONE) { |
83181 | @@ -2075,7 +2075,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) | 83186 | @@ -2080,7 +2080,7 @@ static inline void sk_stream_moderate_sndbuf(struct sock *sk) |
83182 | } | 83187 | } |
83183 | } | 83188 | } |
83184 | 83189 | ||
@@ -83188,37 +83193,10 @@ index 2ef3c3e..e02013e 100644 | |||
83188 | /** | 83193 | /** |
83189 | * sk_page_frag - return an appropriate page_frag | 83194 | * sk_page_frag - return an appropriate page_frag |
83190 | diff --git a/include/net/tcp.h b/include/net/tcp.h | 83195 | diff --git a/include/net/tcp.h b/include/net/tcp.h |
83191 | index 9250d62..10a7f03 100644 | 83196 | index 197b020..10a7f03 100644 |
83192 | --- a/include/net/tcp.h | 83197 | --- a/include/net/tcp.h |
83193 | +++ b/include/net/tcp.h | 83198 | +++ b/include/net/tcp.h |
83194 | @@ -480,20 +480,21 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | 83199 | @@ -541,7 +541,7 @@ void tcp_retransmit_timer(struct sock *sk); |
83195 | #ifdef CONFIG_SYN_COOKIES | ||
83196 | #include <linux/ktime.h> | ||
83197 | |||
83198 | -/* Syncookies use a monotonic timer which increments every 64 seconds. | ||
83199 | +/* Syncookies use a monotonic timer which increments every 60 seconds. | ||
83200 | * This counter is used both as a hash input and partially encoded into | ||
83201 | * the cookie value. A cookie is only validated further if the delta | ||
83202 | * between the current counter value and the encoded one is less than this, | ||
83203 | - * i.e. a sent cookie is valid only at most for 128 seconds (or less if | ||
83204 | + * i.e. a sent cookie is valid only at most for 2*60 seconds (or less if | ||
83205 | * the counter advances immediately after a cookie is generated). | ||
83206 | */ | ||
83207 | #define MAX_SYNCOOKIE_AGE 2 | ||
83208 | |||
83209 | static inline u32 tcp_cookie_time(void) | ||
83210 | { | ||
83211 | - struct timespec now; | ||
83212 | - getnstimeofday(&now); | ||
83213 | - return now.tv_sec >> 6; /* 64 seconds granularity */ | ||
83214 | + u64 val = get_jiffies_64(); | ||
83215 | + | ||
83216 | + do_div(val, 60 * HZ); | ||
83217 | + return val; | ||
83218 | } | ||
83219 | |||
83220 | u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, | ||
83221 | @@ -540,7 +541,7 @@ void tcp_retransmit_timer(struct sock *sk); | ||
83222 | void tcp_xmit_retransmit_queue(struct sock *); | 83200 | void tcp_xmit_retransmit_queue(struct sock *); |
83223 | void tcp_simple_retransmit(struct sock *); | 83201 | void tcp_simple_retransmit(struct sock *); |
83224 | int tcp_trim_head(struct sock *, struct sk_buff *, u32); | 83202 | int tcp_trim_head(struct sock *, struct sk_buff *, u32); |
@@ -83227,7 +83205,7 @@ index 9250d62..10a7f03 100644 | |||
83227 | 83205 | ||
83228 | void tcp_send_probe0(struct sock *); | 83206 | void tcp_send_probe0(struct sock *); |
83229 | void tcp_send_partial(struct sock *); | 83207 | void tcp_send_partial(struct sock *); |
83230 | @@ -711,8 +712,8 @@ struct tcp_skb_cb { | 83208 | @@ -712,8 +712,8 @@ struct tcp_skb_cb { |
83231 | struct inet6_skb_parm h6; | 83209 | struct inet6_skb_parm h6; |
83232 | #endif | 83210 | #endif |
83233 | } header; /* For incoming frames */ | 83211 | } header; /* For incoming frames */ |
@@ -83238,7 +83216,7 @@ index 9250d62..10a7f03 100644 | |||
83238 | __u32 when; /* used to compute rtt's */ | 83216 | __u32 when; /* used to compute rtt's */ |
83239 | __u8 tcp_flags; /* TCP header flags. (tcp[13]) */ | 83217 | __u8 tcp_flags; /* TCP header flags. (tcp[13]) */ |
83240 | 83218 | ||
83241 | @@ -726,7 +727,7 @@ struct tcp_skb_cb { | 83219 | @@ -727,7 +727,7 @@ struct tcp_skb_cb { |
83242 | 83220 | ||
83243 | __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ | 83221 | __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ |
83244 | /* 1 byte hole */ | 83222 | /* 1 byte hole */ |
@@ -83785,7 +83763,7 @@ index 30f5362..8ed8ac9 100644 | |||
83785 | void *pmi_pal; | 83763 | void *pmi_pal; |
83786 | u8 *vbe_state_orig; /* | 83764 | u8 *vbe_state_orig; /* |
83787 | diff --git a/init/Kconfig b/init/Kconfig | 83765 | diff --git a/init/Kconfig b/init/Kconfig |
83788 | index 4e5d96a..93cd8a1 100644 | 83766 | index 66e6759..1333b01 100644 |
83789 | --- a/init/Kconfig | 83767 | --- a/init/Kconfig |
83790 | +++ b/init/Kconfig | 83768 | +++ b/init/Kconfig |
83791 | @@ -1079,6 +1079,7 @@ endif # CGROUPS | 83769 | @@ -1079,6 +1079,7 @@ endif # CGROUPS |
@@ -83796,7 +83774,7 @@ index 4e5d96a..93cd8a1 100644 | |||
83796 | default n | 83774 | default n |
83797 | help | 83775 | help |
83798 | Enables additional kernel features in a sake of checkpoint/restore. | 83776 | Enables additional kernel features in a sake of checkpoint/restore. |
83799 | @@ -1550,7 +1551,7 @@ config SLUB_DEBUG | 83777 | @@ -1557,7 +1558,7 @@ config SLUB_DEBUG |
83800 | 83778 | ||
83801 | config COMPAT_BRK | 83779 | config COMPAT_BRK |
83802 | bool "Disable heap randomization" | 83780 | bool "Disable heap randomization" |
@@ -83805,7 +83783,7 @@ index 4e5d96a..93cd8a1 100644 | |||
83805 | help | 83783 | help |
83806 | Randomizing heap placement makes heap exploits harder, but it | 83784 | Randomizing heap placement makes heap exploits harder, but it |
83807 | also breaks ancient binaries (including anything libc5 based). | 83785 | also breaks ancient binaries (including anything libc5 based). |
83808 | @@ -1838,7 +1839,7 @@ config INIT_ALL_POSSIBLE | 83786 | @@ -1845,7 +1846,7 @@ config INIT_ALL_POSSIBLE |
83809 | config STOP_MACHINE | 83787 | config STOP_MACHINE |
83810 | bool | 83788 | bool |
83811 | default y | 83789 | default y |
@@ -84802,7 +84780,7 @@ index 4e66bf9..cdccecf 100644 | |||
84802 | +} | 84780 | +} |
84803 | +EXPORT_SYMBOL(inode_capable_nolog); | 84781 | +EXPORT_SYMBOL(inode_capable_nolog); |
84804 | diff --git a/kernel/cgroup.c b/kernel/cgroup.c | 84782 | diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
84805 | index 271acd8..54b70fe 100644 | 84783 | index b44dd49..94c2826 100644 |
84806 | --- a/kernel/cgroup.c | 84784 | --- a/kernel/cgroup.c |
84807 | +++ b/kernel/cgroup.c | 84785 | +++ b/kernel/cgroup.c |
84808 | @@ -5609,7 +5609,7 @@ static int cgroup_css_links_read(struct cgroup_subsys_state *css, | 84786 | @@ -5609,7 +5609,7 @@ static int cgroup_css_links_read(struct cgroup_subsys_state *css, |
@@ -85794,7 +85772,7 @@ index dfa736c..d170f9b 100644 | |||
85794 | else | 85772 | else |
85795 | new_fs = fs; | 85773 | new_fs = fs; |
85796 | diff --git a/kernel/futex.c b/kernel/futex.c | 85774 | diff --git a/kernel/futex.c b/kernel/futex.c |
85797 | index f6ff019..ac53307 100644 | 85775 | index 0d74e3a..59bea40 100644 |
85798 | --- a/kernel/futex.c | 85776 | --- a/kernel/futex.c |
85799 | +++ b/kernel/futex.c | 85777 | +++ b/kernel/futex.c |
85800 | @@ -54,6 +54,7 @@ | 85778 | @@ -54,6 +54,7 @@ |
@@ -85805,7 +85783,7 @@ index f6ff019..ac53307 100644 | |||
85805 | #include <linux/signal.h> | 85783 | #include <linux/signal.h> |
85806 | #include <linux/export.h> | 85784 | #include <linux/export.h> |
85807 | #include <linux/magic.h> | 85785 | #include <linux/magic.h> |
85808 | @@ -243,6 +244,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw) | 85786 | @@ -245,6 +246,11 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw) |
85809 | struct page *page, *page_head; | 85787 | struct page *page, *page_head; |
85810 | int err, ro = 0; | 85788 | int err, ro = 0; |
85811 | 85789 | ||
@@ -85817,7 +85795,7 @@ index f6ff019..ac53307 100644 | |||
85817 | /* | 85795 | /* |
85818 | * The futex address must be "naturally" aligned. | 85796 | * The futex address must be "naturally" aligned. |
85819 | */ | 85797 | */ |
85820 | @@ -442,7 +448,7 @@ static int cmpxchg_futex_value_locked(u32 *curval, u32 __user *uaddr, | 85798 | @@ -444,7 +450,7 @@ static int cmpxchg_futex_value_locked(u32 *curval, u32 __user *uaddr, |
85821 | 85799 | ||
85822 | static int get_futex_value_locked(u32 *dest, u32 __user *from) | 85800 | static int get_futex_value_locked(u32 *dest, u32 __user *from) |
85823 | { | 85801 | { |
@@ -85826,15 +85804,15 @@ index f6ff019..ac53307 100644 | |||
85826 | 85804 | ||
85827 | pagefault_disable(); | 85805 | pagefault_disable(); |
85828 | ret = __copy_from_user_inatomic(dest, from, sizeof(u32)); | 85806 | ret = __copy_from_user_inatomic(dest, from, sizeof(u32)); |
85829 | @@ -2735,6 +2741,7 @@ static int __init futex_init(void) | 85807 | @@ -2737,6 +2743,7 @@ static void __init futex_detect_cmpxchg(void) |
85830 | { | 85808 | { |
85809 | #ifndef CONFIG_HAVE_FUTEX_CMPXCHG | ||
85831 | u32 curval; | 85810 | u32 curval; |
85832 | int i; | ||
85833 | + mm_segment_t oldfs; | 85811 | + mm_segment_t oldfs; |
85834 | 85812 | ||
85835 | /* | 85813 | /* |
85836 | * This will fail and we want it. Some arch implementations do | 85814 | * This will fail and we want it. Some arch implementations do |
85837 | @@ -2746,8 +2753,11 @@ static int __init futex_init(void) | 85815 | @@ -2748,8 +2755,11 @@ static void __init futex_detect_cmpxchg(void) |
85838 | * implementation, the non-functional ones will return | 85816 | * implementation, the non-functional ones will return |
85839 | * -ENOSYS. | 85817 | * -ENOSYS. |
85840 | */ | 85818 | */ |
@@ -85843,9 +85821,9 @@ index f6ff019..ac53307 100644 | |||
85843 | if (cmpxchg_futex_value_locked(&curval, NULL, 0, 0) == -EFAULT) | 85821 | if (cmpxchg_futex_value_locked(&curval, NULL, 0, 0) == -EFAULT) |
85844 | futex_cmpxchg_enabled = 1; | 85822 | futex_cmpxchg_enabled = 1; |
85845 | + set_fs(oldfs); | 85823 | + set_fs(oldfs); |
85824 | #endif | ||
85825 | } | ||
85846 | 85826 | ||
85847 | for (i = 0; i < ARRAY_SIZE(futex_queues); i++) { | ||
85848 | plist_head_init(&futex_queues[i].chain); | ||
85849 | diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c | 85827 | diff --git a/kernel/futex_compat.c b/kernel/futex_compat.c |
85850 | index f9f44fd..29885e4 100644 | 85828 | index f9f44fd..29885e4 100644 |
85851 | --- a/kernel/futex_compat.c | 85829 | --- a/kernel/futex_compat.c |
@@ -87650,7 +87628,7 @@ index 9b9a266..c20ef80 100644 | |||
87650 | { | 87628 | { |
87651 | struct pid *pid; | 87629 | struct pid *pid; |
87652 | diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c | 87630 | diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c |
87653 | index 06c62de..b08cc6c 100644 | 87631 | index 06c62de..a0ca23f 100644 |
87654 | --- a/kernel/pid_namespace.c | 87632 | --- a/kernel/pid_namespace.c |
87655 | +++ b/kernel/pid_namespace.c | 87633 | +++ b/kernel/pid_namespace.c |
87656 | @@ -253,7 +253,7 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write, | 87634 | @@ -253,7 +253,7 @@ static int pid_ns_ctl_handler(struct ctl_table *table, int write, |
@@ -87662,6 +87640,17 @@ index 06c62de..b08cc6c 100644 | |||
87662 | 87640 | ||
87663 | if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) | 87641 | if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) |
87664 | return -EPERM; | 87642 | return -EPERM; |
87643 | @@ -318,7 +318,9 @@ static void *pidns_get(struct task_struct *task) | ||
87644 | struct pid_namespace *ns; | ||
87645 | |||
87646 | rcu_read_lock(); | ||
87647 | - ns = get_pid_ns(task_active_pid_ns(task)); | ||
87648 | + ns = task_active_pid_ns(task); | ||
87649 | + if (ns) | ||
87650 | + get_pid_ns(ns); | ||
87651 | rcu_read_unlock(); | ||
87652 | |||
87653 | return ns; | ||
87665 | diff --git a/kernel/posix-cpu-timers.c b/kernel/posix-cpu-timers.c | 87654 | diff --git a/kernel/posix-cpu-timers.c b/kernel/posix-cpu-timers.c |
87666 | index c7f31aa..2b44977 100644 | 87655 | index c7f31aa..2b44977 100644 |
87667 | --- a/kernel/posix-cpu-timers.c | 87656 | --- a/kernel/posix-cpu-timers.c |
@@ -91001,7 +90990,7 @@ index 7811ed3..f80ca19 100644 | |||
91001 | static inline void *ptr_to_indirect(void *ptr) | 90990 | static inline void *ptr_to_indirect(void *ptr) |
91002 | { | 90991 | { |
91003 | diff --git a/lib/random32.c b/lib/random32.c | 90992 | diff --git a/lib/random32.c b/lib/random32.c |
91004 | index 1e5b2df..009bfe8 100644 | 90993 | index 6148967..009bfe8 100644 |
91005 | --- a/lib/random32.c | 90994 | --- a/lib/random32.c |
91006 | +++ b/lib/random32.c | 90995 | +++ b/lib/random32.c |
91007 | @@ -44,7 +44,7 @@ | 90996 | @@ -44,7 +44,7 @@ |
@@ -91013,27 +91002,6 @@ index 1e5b2df..009bfe8 100644 | |||
91013 | 91002 | ||
91014 | /** | 91003 | /** |
91015 | * prandom_u32_state - seeded pseudo-random number generator. | 91004 | * prandom_u32_state - seeded pseudo-random number generator. |
91016 | @@ -244,8 +244,19 @@ static void __prandom_reseed(bool late) | ||
91017 | static bool latch = false; | ||
91018 | static DEFINE_SPINLOCK(lock); | ||
91019 | |||
91020 | + /* Asking for random bytes might result in bytes getting | ||
91021 | + * moved into the nonblocking pool and thus marking it | ||
91022 | + * as initialized. In this case we would double back into | ||
91023 | + * this function and attempt to do a late reseed. | ||
91024 | + * Ignore the pointless attempt to reseed again if we're | ||
91025 | + * already waiting for bytes when the nonblocking pool | ||
91026 | + * got initialized. | ||
91027 | + */ | ||
91028 | + | ||
91029 | /* only allow initial seeding (late == false) once */ | ||
91030 | - spin_lock_irqsave(&lock, flags); | ||
91031 | + if (!spin_trylock_irqsave(&lock, flags)) | ||
91032 | + return; | ||
91033 | + | ||
91034 | if (latch && !late) | ||
91035 | goto out; | ||
91036 | latch = true; | ||
91037 | diff --git a/lib/rbtree.c b/lib/rbtree.c | 91005 | diff --git a/lib/rbtree.c b/lib/rbtree.c |
91038 | index 65f4eff..2cfa167 100644 | 91006 | index 65f4eff..2cfa167 100644 |
91039 | --- a/lib/rbtree.c | 91007 | --- a/lib/rbtree.c |
@@ -91658,7 +91626,7 @@ index 539eeb9..e24a987 100644 | |||
91658 | if (end == start) | 91626 | if (end == start) |
91659 | return error; | 91627 | return error; |
91660 | diff --git a/mm/memory-failure.c b/mm/memory-failure.c | 91628 | diff --git a/mm/memory-failure.c b/mm/memory-failure.c |
91661 | index 90977ac..487ab84 100644 | 91629 | index 4566e8f..46be98c 100644 |
91662 | --- a/mm/memory-failure.c | 91630 | --- a/mm/memory-failure.c |
91663 | +++ b/mm/memory-failure.c | 91631 | +++ b/mm/memory-failure.c |
91664 | @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; | 91632 | @@ -61,7 +61,7 @@ int sysctl_memory_failure_early_kill __read_mostly = 0; |
@@ -94309,7 +94277,7 @@ index 7106cb1..0805f48 100644 | |||
94309 | unsigned long bg_thresh, | 94277 | unsigned long bg_thresh, |
94310 | unsigned long dirty, | 94278 | unsigned long dirty, |
94311 | diff --git a/mm/page_alloc.c b/mm/page_alloc.c | 94279 | diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
94312 | index 56f268d..4d35ec4 100644 | 94280 | index 589521d..314053a 100644 |
94313 | --- a/mm/page_alloc.c | 94281 | --- a/mm/page_alloc.c |
94314 | +++ b/mm/page_alloc.c | 94282 | +++ b/mm/page_alloc.c |
94315 | @@ -61,6 +61,7 @@ | 94283 | @@ -61,6 +61,7 @@ |
@@ -94329,7 +94297,7 @@ index 56f268d..4d35ec4 100644 | |||
94329 | { | 94297 | { |
94330 | __free_pages_ok(page, compound_order(page)); | 94298 | __free_pages_ok(page, compound_order(page)); |
94331 | } | 94299 | } |
94332 | @@ -712,6 +713,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) | 94300 | @@ -714,6 +715,10 @@ static bool free_pages_prepare(struct page *page, unsigned int order) |
94333 | int i; | 94301 | int i; |
94334 | int bad = 0; | 94302 | int bad = 0; |
94335 | 94303 | ||
@@ -94340,7 +94308,7 @@ index 56f268d..4d35ec4 100644 | |||
94340 | trace_mm_page_free(page, order); | 94308 | trace_mm_page_free(page, order); |
94341 | kmemcheck_free_shadow(page, order); | 94309 | kmemcheck_free_shadow(page, order); |
94342 | 94310 | ||
94343 | @@ -728,6 +733,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) | 94311 | @@ -730,6 +735,12 @@ static bool free_pages_prepare(struct page *page, unsigned int order) |
94344 | debug_check_no_obj_freed(page_address(page), | 94312 | debug_check_no_obj_freed(page_address(page), |
94345 | PAGE_SIZE << order); | 94313 | PAGE_SIZE << order); |
94346 | } | 94314 | } |
@@ -94353,7 +94321,7 @@ index 56f268d..4d35ec4 100644 | |||
94353 | arch_free_page(page, order); | 94321 | arch_free_page(page, order); |
94354 | kernel_map_pages(page, 1 << order, 0); | 94322 | kernel_map_pages(page, 1 << order, 0); |
94355 | 94323 | ||
94356 | @@ -750,6 +761,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) | 94324 | @@ -752,6 +763,20 @@ static void __free_pages_ok(struct page *page, unsigned int order) |
94357 | local_irq_restore(flags); | 94325 | local_irq_restore(flags); |
94358 | } | 94326 | } |
94359 | 94327 | ||
@@ -94374,7 +94342,7 @@ index 56f268d..4d35ec4 100644 | |||
94374 | void __init __free_pages_bootmem(struct page *page, unsigned int order) | 94342 | void __init __free_pages_bootmem(struct page *page, unsigned int order) |
94375 | { | 94343 | { |
94376 | unsigned int nr_pages = 1 << order; | 94344 | unsigned int nr_pages = 1 << order; |
94377 | @@ -765,6 +790,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order) | 94345 | @@ -767,6 +792,19 @@ void __init __free_pages_bootmem(struct page *page, unsigned int order) |
94378 | __ClearPageReserved(p); | 94346 | __ClearPageReserved(p); |
94379 | set_page_count(p, 0); | 94347 | set_page_count(p, 0); |
94380 | 94348 | ||
@@ -94394,7 +94362,7 @@ index 56f268d..4d35ec4 100644 | |||
94394 | page_zone(page)->managed_pages += nr_pages; | 94362 | page_zone(page)->managed_pages += nr_pages; |
94395 | set_page_refcounted(page); | 94363 | set_page_refcounted(page); |
94396 | __free_pages(page, order); | 94364 | __free_pages(page, order); |
94397 | @@ -870,8 +908,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) | 94365 | @@ -872,8 +910,10 @@ static int prep_new_page(struct page *page, int order, gfp_t gfp_flags) |
94398 | arch_alloc_page(page, order); | 94366 | arch_alloc_page(page, order); |
94399 | kernel_map_pages(page, 1 << order, 1); | 94367 | kernel_map_pages(page, 1 << order, 1); |
94400 | 94368 | ||
@@ -95671,7 +95639,7 @@ index 8cc7be0..d0f7d7a 100644 | |||
95671 | } | 95639 | } |
95672 | } | 95640 | } |
95673 | diff --git a/mm/swap.c b/mm/swap.c | 95641 | diff --git a/mm/swap.c b/mm/swap.c |
95674 | index 84b26aa..ce39899 100644 | 95642 | index 7010cf4..f0a56a4 100644 |
95675 | --- a/mm/swap.c | 95643 | --- a/mm/swap.c |
95676 | +++ b/mm/swap.c | 95644 | +++ b/mm/swap.c |
95677 | @@ -77,6 +77,8 @@ static void __put_compound_page(struct page *page) | 95645 | @@ -77,6 +77,8 @@ static void __put_compound_page(struct page *page) |
@@ -96036,10 +96004,10 @@ index 7249614..2639fc7 100644 | |||
96036 | return 0; | 96004 | return 0; |
96037 | } | 96005 | } |
96038 | diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c | 96006 | diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c |
96039 | index b3d17d1..e8e4cdd 100644 | 96007 | index 9a87f5a..67aeeb2 100644 |
96040 | --- a/net/8021q/vlan.c | 96008 | --- a/net/8021q/vlan.c |
96041 | +++ b/net/8021q/vlan.c | 96009 | +++ b/net/8021q/vlan.c |
96042 | @@ -472,7 +472,7 @@ out: | 96010 | @@ -474,7 +474,7 @@ out: |
96043 | return NOTIFY_DONE; | 96011 | return NOTIFY_DONE; |
96044 | } | 96012 | } |
96045 | 96013 | ||
@@ -96048,7 +96016,7 @@ index b3d17d1..e8e4cdd 100644 | |||
96048 | .notifier_call = vlan_device_event, | 96016 | .notifier_call = vlan_device_event, |
96049 | }; | 96017 | }; |
96050 | 96018 | ||
96051 | @@ -547,8 +547,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) | 96019 | @@ -549,8 +549,7 @@ static int vlan_ioctl_handler(struct net *net, void __user *arg) |
96052 | err = -EPERM; | 96020 | err = -EPERM; |
96053 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) | 96021 | if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) |
96054 | break; | 96022 | break; |
@@ -96923,10 +96891,94 @@ index 5b7d0e1..cb960fc 100644 | |||
96923 | } | 96891 | } |
96924 | EXPORT_SYMBOL(dev_load); | 96892 | EXPORT_SYMBOL(dev_load); |
96925 | diff --git a/net/core/filter.c b/net/core/filter.c | 96893 | diff --git a/net/core/filter.c b/net/core/filter.c |
96926 | index ad30d62..c2757df 100644 | 96894 | index ad30d62..21c0743 100644 |
96927 | --- a/net/core/filter.c | 96895 | --- a/net/core/filter.c |
96928 | +++ b/net/core/filter.c | 96896 | +++ b/net/core/filter.c |
96929 | @@ -679,7 +679,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, | 96897 | @@ -126,7 +126,7 @@ unsigned int sk_run_filter(const struct sk_buff *skb, |
96898 | void *ptr; | ||
96899 | u32 A = 0; /* Accumulator */ | ||
96900 | u32 X = 0; /* Index Register */ | ||
96901 | - u32 mem[BPF_MEMWORDS]; /* Scratch Memory Store */ | ||
96902 | + u32 mem[BPF_MEMWORDS] = {}; /* Scratch Memory Store */ | ||
96903 | u32 tmp; | ||
96904 | int k; | ||
96905 | |||
96906 | @@ -292,10 +292,10 @@ load_b: | ||
96907 | X = K; | ||
96908 | continue; | ||
96909 | case BPF_S_LD_MEM: | ||
96910 | - A = mem[K]; | ||
96911 | + A = mem[K&15]; | ||
96912 | continue; | ||
96913 | case BPF_S_LDX_MEM: | ||
96914 | - X = mem[K]; | ||
96915 | + X = mem[K&15]; | ||
96916 | continue; | ||
96917 | case BPF_S_MISC_TAX: | ||
96918 | X = A; | ||
96919 | @@ -308,10 +308,10 @@ load_b: | ||
96920 | case BPF_S_RET_A: | ||
96921 | return A; | ||
96922 | case BPF_S_ST: | ||
96923 | - mem[K] = A; | ||
96924 | + mem[K&15] = A; | ||
96925 | continue; | ||
96926 | case BPF_S_STX: | ||
96927 | - mem[K] = X; | ||
96928 | + mem[K&15] = X; | ||
96929 | continue; | ||
96930 | case BPF_S_ANC_PROTOCOL: | ||
96931 | A = ntohs(skb->protocol); | ||
96932 | @@ -355,6 +355,10 @@ load_b: | ||
96933 | |||
96934 | if (skb_is_nonlinear(skb)) | ||
96935 | return 0; | ||
96936 | + | ||
96937 | + if (skb->len < sizeof(struct nlattr)) | ||
96938 | + return 0; | ||
96939 | + | ||
96940 | if (A > skb->len - sizeof(struct nlattr)) | ||
96941 | return 0; | ||
96942 | |||
96943 | @@ -371,11 +375,15 @@ load_b: | ||
96944 | |||
96945 | if (skb_is_nonlinear(skb)) | ||
96946 | return 0; | ||
96947 | + | ||
96948 | + if (skb->len < sizeof(struct nlattr)) | ||
96949 | + return 0; | ||
96950 | + | ||
96951 | if (A > skb->len - sizeof(struct nlattr)) | ||
96952 | return 0; | ||
96953 | |||
96954 | nla = (struct nlattr *)&skb->data[A]; | ||
96955 | - if (nla->nla_len > A - skb->len) | ||
96956 | + if (nla->nla_len > skb->len - A) | ||
96957 | return 0; | ||
96958 | |||
96959 | nla = nla_find_nested(nla, X); | ||
96960 | @@ -391,9 +399,10 @@ load_b: | ||
96961 | continue; | ||
96962 | #endif | ||
96963 | default: | ||
96964 | - WARN_RATELIMIT(1, "Unknown code:%u jt:%u tf:%u k:%u\n", | ||
96965 | + WARN(1, KERN_ALERT "Unknown sock filter code:%u jt:%u tf:%u k:%u\n", | ||
96966 | fentry->code, fentry->jt, | ||
96967 | fentry->jf, fentry->k); | ||
96968 | + BUG(); | ||
96969 | return 0; | ||
96970 | } | ||
96971 | } | ||
96972 | @@ -416,7 +425,7 @@ static int check_load_and_stores(struct sock_filter *filter, int flen) | ||
96973 | u16 *masks, memvalid = 0; /* one bit per cell, 16 cells */ | ||
96974 | int pc, ret = 0; | ||
96975 | |||
96976 | - BUILD_BUG_ON(BPF_MEMWORDS > 16); | ||
96977 | + BUILD_BUG_ON(BPF_MEMWORDS != 16); | ||
96978 | masks = kmalloc(flen * sizeof(*masks), GFP_KERNEL); | ||
96979 | if (!masks) | ||
96980 | return -ENOMEM; | ||
96981 | @@ -679,7 +688,7 @@ int sk_unattached_filter_create(struct sk_filter **pfp, | ||
96930 | fp = kmalloc(sk_filter_size(fprog->len), GFP_KERNEL); | 96982 | fp = kmalloc(sk_filter_size(fprog->len), GFP_KERNEL); |
96931 | if (!fp) | 96983 | if (!fp) |
96932 | return -ENOMEM; | 96984 | return -ENOMEM; |
@@ -97099,7 +97151,7 @@ index 81d3a9a..a0bd7a8 100644 | |||
97099 | return error; | 97151 | return error; |
97100 | } | 97152 | } |
97101 | diff --git a/net/core/netpoll.c b/net/core/netpoll.c | 97153 | diff --git a/net/core/netpoll.c b/net/core/netpoll.c |
97102 | index 81975f2..9ef3531 100644 | 97154 | index 9a46671..6b8cb72 100644 |
97103 | --- a/net/core/netpoll.c | 97155 | --- a/net/core/netpoll.c |
97104 | +++ b/net/core/netpoll.c | 97156 | +++ b/net/core/netpoll.c |
97105 | @@ -435,7 +435,7 @@ void netpoll_send_udp(struct netpoll *np, const char *msg, int len) | 97157 | @@ -435,7 +435,7 @@ void netpoll_send_udp(struct netpoll *np, const char *msg, int len) |
@@ -97121,7 +97173,7 @@ index 81975f2..9ef3531 100644 | |||
97121 | iph->ttl = 64; | 97173 | iph->ttl = 64; |
97122 | iph->protocol = IPPROTO_UDP; | 97174 | iph->protocol = IPPROTO_UDP; |
97123 | diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c | 97175 | diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c |
97124 | index cf67144..12bf94c 100644 | 97176 | index cc706c9..21fcd84 100644 |
97125 | --- a/net/core/rtnetlink.c | 97177 | --- a/net/core/rtnetlink.c |
97126 | +++ b/net/core/rtnetlink.c | 97178 | +++ b/net/core/rtnetlink.c |
97127 | @@ -58,7 +58,7 @@ struct rtnl_link { | 97179 | @@ -58,7 +58,7 @@ struct rtnl_link { |
@@ -97200,7 +97252,7 @@ index b442e7e..6f5b5a2 100644 | |||
97200 | { | 97252 | { |
97201 | struct socket *sock; | 97253 | struct socket *sock; |
97202 | diff --git a/net/core/skbuff.c b/net/core/skbuff.c | 97254 | diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
97203 | index deffb37..213db0a 100644 | 97255 | index 9a9898e..38cc3e3 100644 |
97204 | --- a/net/core/skbuff.c | 97256 | --- a/net/core/skbuff.c |
97205 | +++ b/net/core/skbuff.c | 97257 | +++ b/net/core/skbuff.c |
97206 | @@ -2006,7 +2006,7 @@ EXPORT_SYMBOL(__skb_checksum); | 97258 | @@ -2006,7 +2006,7 @@ EXPORT_SYMBOL(__skb_checksum); |
@@ -97212,7 +97264,7 @@ index deffb37..213db0a 100644 | |||
97212 | .update = csum_partial_ext, | 97264 | .update = csum_partial_ext, |
97213 | .combine = csum_block_add_ext, | 97265 | .combine = csum_block_add_ext, |
97214 | }; | 97266 | }; |
97215 | @@ -3119,13 +3119,15 @@ void __init skb_init(void) | 97267 | @@ -3124,13 +3124,15 @@ void __init skb_init(void) |
97216 | skbuff_head_cache = kmem_cache_create("skbuff_head_cache", | 97268 | skbuff_head_cache = kmem_cache_create("skbuff_head_cache", |
97217 | sizeof(struct sk_buff), | 97269 | sizeof(struct sk_buff), |
97218 | 0, | 97270 | 0, |
@@ -97231,7 +97283,7 @@ index deffb37..213db0a 100644 | |||
97231 | } | 97283 | } |
97232 | 97284 | ||
97233 | diff --git a/net/core/sock.c b/net/core/sock.c | 97285 | diff --git a/net/core/sock.c b/net/core/sock.c |
97234 | index fbc5cfb..6d7e8c3 100644 | 97286 | index 50db733..8e4aeb4 100644 |
97235 | --- a/net/core/sock.c | 97287 | --- a/net/core/sock.c |
97236 | +++ b/net/core/sock.c | 97288 | +++ b/net/core/sock.c |
97237 | @@ -393,7 +393,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) | 97289 | @@ -393,7 +393,7 @@ int sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) |
@@ -97327,7 +97379,7 @@ index fbc5cfb..6d7e8c3 100644 | |||
97327 | } | 97379 | } |
97328 | EXPORT_SYMBOL(sock_init_data); | 97380 | EXPORT_SYMBOL(sock_init_data); |
97329 | 97381 | ||
97330 | @@ -2478,6 +2478,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) | 97382 | @@ -2481,6 +2481,7 @@ void sock_enable_timestamp(struct sock *sk, int flag) |
97331 | int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, | 97383 | int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
97332 | int level, int type) | 97384 | int level, int type) |
97333 | { | 97385 | { |
@@ -97335,7 +97387,7 @@ index fbc5cfb..6d7e8c3 100644 | |||
97335 | struct sock_exterr_skb *serr; | 97387 | struct sock_exterr_skb *serr; |
97336 | struct sk_buff *skb, *skb2; | 97388 | struct sk_buff *skb, *skb2; |
97337 | int copied, err; | 97389 | int copied, err; |
97338 | @@ -2499,7 +2500,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, | 97390 | @@ -2502,7 +2503,8 @@ int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, |
97339 | sock_recv_timestamp(msg, sk, skb); | 97391 | sock_recv_timestamp(msg, sk, skb); |
97340 | 97392 | ||
97341 | serr = SKB_EXT_ERR(skb); | 97393 | serr = SKB_EXT_ERR(skb); |
@@ -97691,23 +97743,6 @@ index fc0e649..febfa65 100644 | |||
97691 | EXPORT_SYMBOL(sysctl_local_reserved_ports); | 97743 | EXPORT_SYMBOL(sysctl_local_reserved_ports); |
97692 | 97744 | ||
97693 | void inet_get_local_port_range(struct net *net, int *low, int *high) | 97745 | void inet_get_local_port_range(struct net *net, int *low, int *high) |
97694 | diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c | ||
97695 | index bb075fc..322dceb 100644 | ||
97696 | --- a/net/ipv4/inet_fragment.c | ||
97697 | +++ b/net/ipv4/inet_fragment.c | ||
97698 | @@ -278,9 +278,10 @@ static struct inet_frag_queue *inet_frag_intern(struct netns_frags *nf, | ||
97699 | |||
97700 | atomic_inc(&qp->refcnt); | ||
97701 | hlist_add_head(&qp->list, &hb->chain); | ||
97702 | - spin_unlock(&hb->chain_lock); | ||
97703 | - read_unlock(&f->lock); | ||
97704 | inet_frag_lru_add(nf, qp); | ||
97705 | + spin_unlock(&hb->chain_lock); | ||
97706 | + read_unlock(&f->lock); | ||
97707 | + | ||
97708 | return qp; | ||
97709 | } | ||
97710 | |||
97711 | diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c | 97746 | diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c |
97712 | index 8b9cf27..0d8d592 100644 | 97747 | index 8b9cf27..0d8d592 100644 |
97713 | --- a/net/ipv4/inet_hashtables.c | 97748 | --- a/net/ipv4/inet_hashtables.c |
@@ -98032,7 +98067,7 @@ index 718dfbd..cef4152 100644 | |||
98032 | 98067 | ||
98033 | case IPT_SO_GET_ENTRIES: | 98068 | case IPT_SO_GET_ENTRIES: |
98034 | diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c | 98069 | diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c |
98035 | index 242e7f4..a084e95 100644 | 98070 | index 242e7f4..76cc7ee 100644 |
98036 | --- a/net/ipv4/ping.c | 98071 | --- a/net/ipv4/ping.c |
98037 | +++ b/net/ipv4/ping.c | 98072 | +++ b/net/ipv4/ping.c |
98038 | @@ -55,7 +55,7 @@ | 98073 | @@ -55,7 +55,7 @@ |
@@ -98044,7 +98079,39 @@ index 242e7f4..a084e95 100644 | |||
98044 | EXPORT_SYMBOL_GPL(pingv6_ops); | 98079 | EXPORT_SYMBOL_GPL(pingv6_ops); |
98045 | 98080 | ||
98046 | static u16 ping_port_rover; | 98081 | static u16 ping_port_rover; |
98047 | @@ -334,7 +334,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, | 98082 | @@ -251,23 +251,28 @@ int ping_init_sock(struct sock *sk) |
98083 | struct group_info *group_info = get_current_groups(); | ||
98084 | int i, j, count = group_info->ngroups; | ||
98085 | kgid_t low, high; | ||
98086 | + int ret = 0; | ||
98087 | |||
98088 | inet_get_ping_group_range_net(net, &low, &high); | ||
98089 | if (gid_lte(low, group) && gid_lte(group, high)) | ||
98090 | - return 0; | ||
98091 | + goto out_release_group; | ||
98092 | |||
98093 | for (i = 0; i < group_info->nblocks; i++) { | ||
98094 | int cp_count = min_t(int, NGROUPS_PER_BLOCK, count); | ||
98095 | for (j = 0; j < cp_count; j++) { | ||
98096 | kgid_t gid = group_info->blocks[i][j]; | ||
98097 | if (gid_lte(low, gid) && gid_lte(gid, high)) | ||
98098 | - return 0; | ||
98099 | + goto out_release_group; | ||
98100 | } | ||
98101 | |||
98102 | count -= cp_count; | ||
98103 | } | ||
98104 | |||
98105 | - return -EACCES; | ||
98106 | + ret = -EACCES; | ||
98107 | + | ||
98108 | +out_release_group: | ||
98109 | + put_group_info(group_info); | ||
98110 | + return ret; | ||
98111 | } | ||
98112 | EXPORT_SYMBOL_GPL(ping_init_sock); | ||
98113 | |||
98114 | @@ -334,7 +339,7 @@ static int ping_check_bind_addr(struct sock *sk, struct inet_sock *isk, | ||
98048 | return -ENODEV; | 98115 | return -ENODEV; |
98049 | } | 98116 | } |
98050 | } | 98117 | } |
@@ -98053,7 +98120,7 @@ index 242e7f4..a084e95 100644 | |||
98053 | scoped); | 98120 | scoped); |
98054 | rcu_read_unlock(); | 98121 | rcu_read_unlock(); |
98055 | 98122 | ||
98056 | @@ -542,7 +542,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) | 98123 | @@ -542,7 +547,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) |
98057 | } | 98124 | } |
98058 | #if IS_ENABLED(CONFIG_IPV6) | 98125 | #if IS_ENABLED(CONFIG_IPV6) |
98059 | } else if (skb->protocol == htons(ETH_P_IPV6)) { | 98126 | } else if (skb->protocol == htons(ETH_P_IPV6)) { |
@@ -98062,7 +98129,7 @@ index 242e7f4..a084e95 100644 | |||
98062 | #endif | 98129 | #endif |
98063 | } | 98130 | } |
98064 | 98131 | ||
98065 | @@ -560,7 +560,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) | 98132 | @@ -560,7 +565,7 @@ void ping_err(struct sk_buff *skb, int offset, u32 info) |
98066 | info, (u8 *)icmph); | 98133 | info, (u8 *)icmph); |
98067 | #if IS_ENABLED(CONFIG_IPV6) | 98134 | #if IS_ENABLED(CONFIG_IPV6) |
98068 | } else if (family == AF_INET6) { | 98135 | } else if (family == AF_INET6) { |
@@ -98071,7 +98138,7 @@ index 242e7f4..a084e95 100644 | |||
98071 | info, (u8 *)icmph); | 98138 | info, (u8 *)icmph); |
98072 | #endif | 98139 | #endif |
98073 | } | 98140 | } |
98074 | @@ -830,6 +830,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | 98141 | @@ -830,6 +835,8 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, |
98075 | { | 98142 | { |
98076 | struct inet_sock *isk = inet_sk(sk); | 98143 | struct inet_sock *isk = inet_sk(sk); |
98077 | int family = sk->sk_family; | 98144 | int family = sk->sk_family; |
@@ -98080,7 +98147,7 @@ index 242e7f4..a084e95 100644 | |||
98080 | struct sk_buff *skb; | 98147 | struct sk_buff *skb; |
98081 | int copied, err; | 98148 | int copied, err; |
98082 | 98149 | ||
98083 | @@ -839,12 +841,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | 98150 | @@ -839,12 +846,19 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, |
98084 | if (flags & MSG_OOB) | 98151 | if (flags & MSG_OOB) |
98085 | goto out; | 98152 | goto out; |
98086 | 98153 | ||
@@ -98101,7 +98168,7 @@ index 242e7f4..a084e95 100644 | |||
98101 | addr_len); | 98168 | addr_len); |
98102 | #endif | 98169 | #endif |
98103 | } | 98170 | } |
98104 | @@ -876,7 +885,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | 98171 | @@ -876,7 +890,6 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, |
98105 | sin->sin_port = 0 /* skb->h.uh->source */; | 98172 | sin->sin_port = 0 /* skb->h.uh->source */; |
98106 | sin->sin_addr.s_addr = ip_hdr(skb)->saddr; | 98173 | sin->sin_addr.s_addr = ip_hdr(skb)->saddr; |
98107 | memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); | 98174 | memset(sin->sin_zero, 0, sizeof(sin->sin_zero)); |
@@ -98109,7 +98176,7 @@ index 242e7f4..a084e95 100644 | |||
98109 | } | 98176 | } |
98110 | 98177 | ||
98111 | if (isk->cmsg_flags) | 98178 | if (isk->cmsg_flags) |
98112 | @@ -899,11 +907,10 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, | 98179 | @@ -899,11 +912,10 @@ int ping_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, |
98113 | sin6->sin6_scope_id = | 98180 | sin6->sin6_scope_id = |
98114 | ipv6_iface_scope_id(&sin6->sin6_addr, | 98181 | ipv6_iface_scope_id(&sin6->sin6_addr, |
98115 | IP6CB(skb)->iif); | 98182 | IP6CB(skb)->iif); |
@@ -98122,7 +98189,7 @@ index 242e7f4..a084e95 100644 | |||
98122 | #endif | 98189 | #endif |
98123 | } else { | 98190 | } else { |
98124 | BUG(); | 98191 | BUG(); |
98125 | @@ -1093,7 +1100,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, | 98192 | @@ -1093,7 +1105,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f, |
98126 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), | 98193 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), |
98127 | 0, sock_i_ino(sp), | 98194 | 0, sock_i_ino(sp), |
98128 | atomic_read(&sp->sk_refcnt), sp, | 98195 | atomic_read(&sp->sk_refcnt), sp, |
@@ -98431,7 +98498,7 @@ index c53b7f3..a89aadd 100644 | |||
98431 | if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) | 98498 | if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) |
98432 | return 1; | 98499 | return 1; |
98433 | diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c | 98500 | diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
98434 | index 0672139..cacc17d 100644 | 98501 | index 1d7b9dd..66749f8 100644 |
98435 | --- a/net/ipv4/tcp_ipv4.c | 98502 | --- a/net/ipv4/tcp_ipv4.c |
98436 | +++ b/net/ipv4/tcp_ipv4.c | 98503 | +++ b/net/ipv4/tcp_ipv4.c |
98437 | @@ -91,6 +91,10 @@ int sysctl_tcp_low_latency __read_mostly; | 98504 | @@ -91,6 +91,10 @@ int sysctl_tcp_low_latency __read_mostly; |
@@ -98751,7 +98818,7 @@ index e1a6393..f634ce5 100644 | |||
98751 | return -ENOMEM; | 98818 | return -ENOMEM; |
98752 | } | 98819 | } |
98753 | diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c | 98820 | diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c |
98754 | index 9c05d77..9cfa714 100644 | 98821 | index 0e8ae69..0fc7350 100644 |
98755 | --- a/net/ipv6/addrconf.c | 98822 | --- a/net/ipv6/addrconf.c |
98756 | +++ b/net/ipv6/addrconf.c | 98823 | +++ b/net/ipv6/addrconf.c |
98757 | @@ -589,7 +589,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, | 98824 | @@ -589,7 +589,7 @@ static int inet6_netconf_dump_devconf(struct sk_buff *skb, |
@@ -98763,7 +98830,7 @@ index 9c05d77..9cfa714 100644 | |||
98763 | net->dev_base_seq; | 98830 | net->dev_base_seq; |
98764 | hlist_for_each_entry_rcu(dev, head, index_hlist) { | 98831 | hlist_for_each_entry_rcu(dev, head, index_hlist) { |
98765 | if (idx < s_idx) | 98832 | if (idx < s_idx) |
98766 | @@ -2334,7 +2334,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) | 98833 | @@ -2337,7 +2337,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) |
98767 | p.iph.ihl = 5; | 98834 | p.iph.ihl = 5; |
98768 | p.iph.protocol = IPPROTO_IPV6; | 98835 | p.iph.protocol = IPPROTO_IPV6; |
98769 | p.iph.ttl = 64; | 98836 | p.iph.ttl = 64; |
@@ -98772,7 +98839,7 @@ index 9c05d77..9cfa714 100644 | |||
98772 | 98839 | ||
98773 | if (ops->ndo_do_ioctl) { | 98840 | if (ops->ndo_do_ioctl) { |
98774 | mm_segment_t oldfs = get_fs(); | 98841 | mm_segment_t oldfs = get_fs(); |
98775 | @@ -3964,7 +3964,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, | 98842 | @@ -3967,7 +3967,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, |
98776 | s_ip_idx = ip_idx = cb->args[2]; | 98843 | s_ip_idx = ip_idx = cb->args[2]; |
98777 | 98844 | ||
98778 | rcu_read_lock(); | 98845 | rcu_read_lock(); |
@@ -98781,7 +98848,7 @@ index 9c05d77..9cfa714 100644 | |||
98781 | for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { | 98848 | for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { |
98782 | idx = 0; | 98849 | idx = 0; |
98783 | head = &net->dev_index_head[h]; | 98850 | head = &net->dev_index_head[h]; |
98784 | @@ -4571,7 +4571,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) | 98851 | @@ -4574,7 +4574,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) |
98785 | dst_free(&ifp->rt->dst); | 98852 | dst_free(&ifp->rt->dst); |
98786 | break; | 98853 | break; |
98787 | } | 98854 | } |
@@ -98790,7 +98857,7 @@ index 9c05d77..9cfa714 100644 | |||
98790 | rt_genid_bump_ipv6(net); | 98857 | rt_genid_bump_ipv6(net); |
98791 | } | 98858 | } |
98792 | 98859 | ||
98793 | @@ -4592,7 +4592,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, | 98860 | @@ -4595,7 +4595,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, |
98794 | int *valp = ctl->data; | 98861 | int *valp = ctl->data; |
98795 | int val = *valp; | 98862 | int val = *valp; |
98796 | loff_t pos = *ppos; | 98863 | loff_t pos = *ppos; |
@@ -98799,7 +98866,7 @@ index 9c05d77..9cfa714 100644 | |||
98799 | int ret; | 98866 | int ret; |
98800 | 98867 | ||
98801 | /* | 98868 | /* |
98802 | @@ -4677,7 +4677,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, | 98869 | @@ -4680,7 +4680,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, |
98803 | int *valp = ctl->data; | 98870 | int *valp = ctl->data; |
98804 | int val = *valp; | 98871 | int val = *valp; |
98805 | loff_t pos = *ppos; | 98872 | loff_t pos = *ppos; |
@@ -98833,7 +98900,7 @@ index 93b1aa3..e902855 100644 | |||
98833 | + atomic_read_unchecked(&sp->sk_drops)); | 98900 | + atomic_read_unchecked(&sp->sk_drops)); |
98834 | } | 98901 | } |
98835 | diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c | 98902 | diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c |
98836 | index eef8d94..cfa1852 100644 | 98903 | index e2c9ff8..1e40285 100644 |
98837 | --- a/net/ipv6/icmp.c | 98904 | --- a/net/ipv6/icmp.c |
98838 | +++ b/net/ipv6/icmp.c | 98905 | +++ b/net/ipv6/icmp.c |
98839 | @@ -997,7 +997,7 @@ struct ctl_table ipv6_icmp_table_template[] = { | 98906 | @@ -997,7 +997,7 @@ struct ctl_table ipv6_icmp_table_template[] = { |
@@ -99067,7 +99134,7 @@ index 827f795..7e28e82 100644 | |||
99067 | EXPORT_SYMBOL(ipv6_select_ident); | 99134 | EXPORT_SYMBOL(ipv6_select_ident); |
99068 | 99135 | ||
99069 | diff --git a/net/ipv6/ping.c b/net/ipv6/ping.c | 99136 | diff --git a/net/ipv6/ping.c b/net/ipv6/ping.c |
99070 | index a83243c..a1ca589 100644 | 99137 | index 3a1f1f3..11d95bf 100644 |
99071 | --- a/net/ipv6/ping.c | 99138 | --- a/net/ipv6/ping.c |
99072 | +++ b/net/ipv6/ping.c | 99139 | +++ b/net/ipv6/ping.c |
99073 | @@ -246,6 +246,22 @@ static struct pernet_operations ping_v6_net_ops = { | 99140 | @@ -246,6 +246,22 @@ static struct pernet_operations ping_v6_net_ops = { |
@@ -99255,18 +99322,9 @@ index cc85a9b..526a133 100644 | |||
99255 | return -ENOMEM; | 99322 | return -ENOMEM; |
99256 | } | 99323 | } |
99257 | diff --git a/net/ipv6/route.c b/net/ipv6/route.c | 99324 | diff --git a/net/ipv6/route.c b/net/ipv6/route.c |
99258 | index 4b4944c..d346b14 100644 | 99325 | index 40b6e69..d346b14 100644 |
99259 | --- a/net/ipv6/route.c | 99326 | --- a/net/ipv6/route.c |
99260 | +++ b/net/ipv6/route.c | 99327 | +++ b/net/ipv6/route.c |
99261 | @@ -1495,7 +1495,7 @@ int ip6_route_add(struct fib6_config *cfg) | ||
99262 | if (!table) | ||
99263 | goto out; | ||
99264 | |||
99265 | - rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table); | ||
99266 | + rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table); | ||
99267 | |||
99268 | if (!rt) { | ||
99269 | err = -ENOMEM; | ||
99270 | @@ -2954,7 +2954,7 @@ struct ctl_table ipv6_route_table_template[] = { | 99328 | @@ -2954,7 +2954,7 @@ struct ctl_table ipv6_route_table_template[] = { |
99271 | 99329 | ||
99272 | struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) | 99330 | struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net) |
@@ -100194,18 +100252,9 @@ index ce30041..3861b5d 100644 | |||
100194 | { | 100252 | { |
100195 | if (users > 0) | 100253 | if (users > 0) |
100196 | diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c | 100254 | diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c |
100197 | index a99b6c3..cb372f9 100644 | 100255 | index 59359be..cb372f9 100644 |
100198 | --- a/net/netfilter/nf_conntrack_proto_dccp.c | 100256 | --- a/net/netfilter/nf_conntrack_proto_dccp.c |
100199 | +++ b/net/netfilter/nf_conntrack_proto_dccp.c | 100257 | +++ b/net/netfilter/nf_conntrack_proto_dccp.c |
100200 | @@ -428,7 +428,7 @@ static bool dccp_new(struct nf_conn *ct, const struct sk_buff *skb, | ||
100201 | const char *msg; | ||
100202 | u_int8_t state; | ||
100203 | |||
100204 | - dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); | ||
100205 | + dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); | ||
100206 | BUG_ON(dh == NULL); | ||
100207 | |||
100208 | state = dccp_state_table[CT_DCCP_ROLE_CLIENT][dh->dccph_type][CT_DCCP_NONE]; | ||
100209 | @@ -457,7 +457,7 @@ static bool dccp_new(struct nf_conn *ct, const struct sk_buff *skb, | 100258 | @@ -457,7 +457,7 @@ static bool dccp_new(struct nf_conn *ct, const struct sk_buff *skb, |
100210 | out_invalid: | 100259 | out_invalid: |
100211 | if (LOG_INVALID(net, IPPROTO_DCCP)) | 100260 | if (LOG_INVALID(net, IPPROTO_DCCP)) |
@@ -100215,24 +100264,6 @@ index a99b6c3..cb372f9 100644 | |||
100215 | return false; | 100264 | return false; |
100216 | } | 100265 | } |
100217 | 100266 | ||
100218 | @@ -486,7 +486,7 @@ static int dccp_packet(struct nf_conn *ct, const struct sk_buff *skb, | ||
100219 | u_int8_t type, old_state, new_state; | ||
100220 | enum ct_dccp_roles role; | ||
100221 | |||
100222 | - dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); | ||
100223 | + dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); | ||
100224 | BUG_ON(dh == NULL); | ||
100225 | type = dh->dccph_type; | ||
100226 | |||
100227 | @@ -577,7 +577,7 @@ static int dccp_error(struct net *net, struct nf_conn *tmpl, | ||
100228 | unsigned int cscov; | ||
100229 | const char *msg; | ||
100230 | |||
100231 | - dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &dh); | ||
100232 | + dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh); | ||
100233 | if (dh == NULL) { | ||
100234 | msg = "nf_ct_dccp: short packet "; | ||
100235 | goto out_invalid; | ||
100236 | @@ -614,7 +614,7 @@ static int dccp_error(struct net *net, struct nf_conn *tmpl, | 100267 | @@ -614,7 +614,7 @@ static int dccp_error(struct net *net, struct nf_conn *tmpl, |
100237 | 100268 | ||
100238 | out_invalid: | 100269 | out_invalid: |
@@ -100323,6 +100354,31 @@ index f042ae5..30ea486 100644 | |||
100323 | mutex_unlock(&nf_sockopt_mutex); | 100354 | mutex_unlock(&nf_sockopt_mutex); |
100324 | } | 100355 | } |
100325 | EXPORT_SYMBOL(nf_unregister_sockopt); | 100356 | EXPORT_SYMBOL(nf_unregister_sockopt); |
100357 | diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c | ||
100358 | index 71a9f49..c09b60c 100644 | ||
100359 | --- a/net/netfilter/nf_tables_api.c | ||
100360 | +++ b/net/netfilter/nf_tables_api.c | ||
100361 | @@ -148,8 +148,8 @@ static int nf_tables_chain_type_lookup(const struct nft_af_info *afi, | ||
100362 | #ifdef CONFIG_MODULES | ||
100363 | if (type < 0 && autoload) { | ||
100364 | nfnl_unlock(NFNL_SUBSYS_NFTABLES); | ||
100365 | - request_module("nft-chain-%u-%*.s", afi->family, | ||
100366 | - nla_len(nla)-1, (const char *)nla_data(nla)); | ||
100367 | + request_module("nft-chain-%u-%.*s", afi->family, | ||
100368 | + nla_len(nla), (const char *)nla_data(nla)); | ||
100369 | nfnl_lock(NFNL_SUBSYS_NFTABLES); | ||
100370 | type = __nf_tables_chain_type_lookup(afi->family, nla); | ||
100371 | } | ||
100372 | @@ -1916,7 +1916,8 @@ static const struct nft_set_ops *nft_select_set_ops(const struct nlattr * const | ||
100373 | |||
100374 | static const struct nla_policy nft_set_policy[NFTA_SET_MAX + 1] = { | ||
100375 | [NFTA_SET_TABLE] = { .type = NLA_STRING }, | ||
100376 | - [NFTA_SET_NAME] = { .type = NLA_STRING }, | ||
100377 | + [NFTA_SET_NAME] = { .type = NLA_STRING, | ||
100378 | + .len = IFNAMSIZ - 1 }, | ||
100379 | [NFTA_SET_FLAGS] = { .type = NLA_U32 }, | ||
100380 | [NFTA_SET_KEY_TYPE] = { .type = NLA_U32 }, | ||
100381 | [NFTA_SET_KEY_LEN] = { .type = NLA_U32 }, | ||
100326 | diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c | 100382 | diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c |
100327 | index a155d19..726b0f2 100644 | 100383 | index a155d19..726b0f2 100644 |
100328 | --- a/net/netfilter/nfnetlink_log.c | 100384 | --- a/net/netfilter/nfnetlink_log.c |
@@ -101263,7 +101319,7 @@ index b0565af..d135e6e 100644 | |||
101263 | 101319 | ||
101264 | table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); | 101320 | table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); |
101265 | diff --git a/net/socket.c b/net/socket.c | 101321 | diff --git a/net/socket.c b/net/socket.c |
101266 | index e83c416..f87df4c 100644 | 101322 | index dc57dae..5b883e0 100644 |
101267 | --- a/net/socket.c | 101323 | --- a/net/socket.c |
101268 | +++ b/net/socket.c | 101324 | +++ b/net/socket.c |
101269 | @@ -88,6 +88,7 @@ | 101325 | @@ -88,6 +88,7 @@ |
@@ -101438,18 +101494,16 @@ index e83c416..f87df4c 100644 | |||
101438 | SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, | 101494 | SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, |
101439 | unsigned int, flags, struct sockaddr __user *, addr, | 101495 | unsigned int, flags, struct sockaddr __user *, addr, |
101440 | int, addr_len) | 101496 | int, addr_len) |
101441 | @@ -1972,6 +2038,10 @@ static int copy_msghdr_from_user(struct msghdr *kmsg, | 101497 | @@ -1825,7 +1891,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, |
101442 | { | 101498 | struct socket *sock; |
101443 | if (copy_from_user(kmsg, umsg, sizeof(struct msghdr))) | 101499 | struct iovec iov; |
101444 | return -EFAULT; | 101500 | struct msghdr msg; |
101445 | + | 101501 | - struct sockaddr_storage address; |
101446 | + if (kmsg->msg_namelen < 0) | 101502 | + struct sockaddr_storage address = { }; |
101447 | + return -EINVAL; | 101503 | int err, err2; |
101448 | + | 101504 | int fput_needed; |
101449 | if (kmsg->msg_namelen > sizeof(struct sockaddr_storage)) | 101505 | |
101450 | kmsg->msg_namelen = sizeof(struct sockaddr_storage); | 101506 | @@ -2051,7 +2117,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, |
101451 | return 0; | ||
101452 | @@ -2047,7 +2117,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg, | ||
101453 | * checking falls down on this. | 101507 | * checking falls down on this. |
101454 | */ | 101508 | */ |
101455 | if (copy_from_user(ctl_buf, | 101509 | if (copy_from_user(ctl_buf, |
@@ -101458,7 +101512,16 @@ index e83c416..f87df4c 100644 | |||
101458 | ctl_len)) | 101512 | ctl_len)) |
101459 | goto out_freectl; | 101513 | goto out_freectl; |
101460 | msg_sys->msg_control = ctl_buf; | 101514 | msg_sys->msg_control = ctl_buf; |
101461 | @@ -2227,7 +2297,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, | 101515 | @@ -2202,7 +2268,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, |
101516 | int err, total_len, len; | ||
101517 | |||
101518 | /* kernel mode address */ | ||
101519 | - struct sockaddr_storage addr; | ||
101520 | + struct sockaddr_storage addr = { }; | ||
101521 | |||
101522 | /* user mode address pointers */ | ||
101523 | struct sockaddr __user *uaddr; | ||
101524 | @@ -2231,7 +2297,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, | ||
101462 | /* Save the user-mode address (verify_iovec will change the | 101525 | /* Save the user-mode address (verify_iovec will change the |
101463 | * kernel msghdr to use the kernel address space) | 101526 | * kernel msghdr to use the kernel address space) |
101464 | */ | 101527 | */ |
@@ -101467,7 +101530,7 @@ index e83c416..f87df4c 100644 | |||
101467 | uaddr_len = COMPAT_NAMELEN(msg); | 101530 | uaddr_len = COMPAT_NAMELEN(msg); |
101468 | if (MSG_CMSG_COMPAT & flags) | 101531 | if (MSG_CMSG_COMPAT & flags) |
101469 | err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); | 101532 | err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); |
101470 | @@ -2871,7 +2941,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) | 101533 | @@ -2875,7 +2941,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32) |
101471 | ifr = compat_alloc_user_space(buf_size); | 101534 | ifr = compat_alloc_user_space(buf_size); |
101472 | rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8); | 101535 | rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8); |
101473 | 101536 | ||
@@ -101476,7 +101539,7 @@ index e83c416..f87df4c 100644 | |||
101476 | return -EFAULT; | 101539 | return -EFAULT; |
101477 | 101540 | ||
101478 | if (put_user(convert_in ? rxnfc : compat_ptr(data), | 101541 | if (put_user(convert_in ? rxnfc : compat_ptr(data), |
101479 | @@ -2985,14 +3055,14 @@ static int bond_ioctl(struct net *net, unsigned int cmd, | 101542 | @@ -2989,14 +3055,14 @@ static int bond_ioctl(struct net *net, unsigned int cmd, |
101480 | old_fs = get_fs(); | 101543 | old_fs = get_fs(); |
101481 | set_fs(KERNEL_DS); | 101544 | set_fs(KERNEL_DS); |
101482 | err = dev_ioctl(net, cmd, | 101545 | err = dev_ioctl(net, cmd, |
@@ -101493,7 +101556,7 @@ index e83c416..f87df4c 100644 | |||
101493 | return -EFAULT; | 101556 | return -EFAULT; |
101494 | 101557 | ||
101495 | if (get_user(data, &ifr32->ifr_ifru.ifru_data)) | 101558 | if (get_user(data, &ifr32->ifr_ifru.ifru_data)) |
101496 | @@ -3094,7 +3164,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, | 101559 | @@ -3098,7 +3164,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd, |
101497 | 101560 | ||
101498 | old_fs = get_fs(); | 101561 | old_fs = get_fs(); |
101499 | set_fs(KERNEL_DS); | 101562 | set_fs(KERNEL_DS); |
@@ -101502,7 +101565,7 @@ index e83c416..f87df4c 100644 | |||
101502 | set_fs(old_fs); | 101565 | set_fs(old_fs); |
101503 | 101566 | ||
101504 | if (cmd == SIOCGIFMAP && !err) { | 101567 | if (cmd == SIOCGIFMAP && !err) { |
101505 | @@ -3199,7 +3269,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, | 101568 | @@ -3203,7 +3269,7 @@ static int routing_ioctl(struct net *net, struct socket *sock, |
101506 | ret |= get_user(rtdev, &(ur4->rt_dev)); | 101569 | ret |= get_user(rtdev, &(ur4->rt_dev)); |
101507 | if (rtdev) { | 101570 | if (rtdev) { |
101508 | ret |= copy_from_user(devname, compat_ptr(rtdev), 15); | 101571 | ret |= copy_from_user(devname, compat_ptr(rtdev), 15); |
@@ -101511,7 +101574,7 @@ index e83c416..f87df4c 100644 | |||
101511 | devname[15] = 0; | 101574 | devname[15] = 0; |
101512 | } else | 101575 | } else |
101513 | r4.rt_dev = NULL; | 101576 | r4.rt_dev = NULL; |
101514 | @@ -3425,8 +3495,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, | 101577 | @@ -3429,8 +3495,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, |
101515 | int __user *uoptlen; | 101578 | int __user *uoptlen; |
101516 | int err; | 101579 | int err; |
101517 | 101580 | ||
@@ -101522,7 +101585,7 @@ index e83c416..f87df4c 100644 | |||
101522 | 101585 | ||
101523 | set_fs(KERNEL_DS); | 101586 | set_fs(KERNEL_DS); |
101524 | if (level == SOL_SOCKET) | 101587 | if (level == SOL_SOCKET) |
101525 | @@ -3446,7 +3516,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, | 101588 | @@ -3450,7 +3516,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, |
101526 | char __user *uoptval; | 101589 | char __user *uoptval; |
101527 | int err; | 101590 | int err; |
101528 | 101591 | ||
@@ -101871,20 +101934,20 @@ index e7000be..e3b0ba7 100644 | |||
101871 | int mode = (table->mode >> 6) & 7; | 101934 | int mode = (table->mode >> 6) & 7; |
101872 | return (mode << 6) | (mode << 3) | mode; | 101935 | return (mode << 6) | (mode << 3) | mode; |
101873 | diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c | 101936 | diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c |
101874 | index d38bb45..38d5df5 100644 | 101937 | index c2a37aa..c195fef 100644 |
101875 | --- a/net/tipc/subscr.c | 101938 | --- a/net/tipc/subscr.c |
101876 | +++ b/net/tipc/subscr.c | 101939 | +++ b/net/tipc/subscr.c |
101877 | @@ -98,7 +98,7 @@ static void subscr_send_event(struct tipc_subscription *sub, u32 found_lower, | 101940 | @@ -97,7 +97,7 @@ static void subscr_send_event(struct tipc_subscription *sub, u32 found_lower, |
101941 | struct tipc_subscriber *subscriber = sub->subscriber; | ||
101878 | struct kvec msg_sect; | 101942 | struct kvec msg_sect; |
101879 | int ret; | ||
101880 | 101943 | ||
101881 | - msg_sect.iov_base = (void *)&sub->evt; | 101944 | - msg_sect.iov_base = (void *)&sub->evt; |
101882 | + msg_sect.iov_base = &sub->evt; | 101945 | + msg_sect.iov_base = &sub->evt; |
101883 | msg_sect.iov_len = sizeof(struct tipc_event); | 101946 | msg_sect.iov_len = sizeof(struct tipc_event); |
101884 | |||
101885 | sub->evt.event = htohl(event, sub->swap); | 101947 | sub->evt.event = htohl(event, sub->swap); |
101948 | sub->evt.found_lower = htohl(found_lower, sub->swap); | ||
101886 | diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c | 101949 | diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
101887 | index d7c1ac6..b0fc322 100644 | 101950 | index c3975bc..b0fc322 100644 |
101888 | --- a/net/unix/af_unix.c | 101951 | --- a/net/unix/af_unix.c |
101889 | +++ b/net/unix/af_unix.c | 101952 | +++ b/net/unix/af_unix.c |
101890 | @@ -789,6 +789,12 @@ static struct sock *unix_find_other(struct net *net, | 101953 | @@ -789,6 +789,12 @@ static struct sock *unix_find_other(struct net *net, |
@@ -101933,52 +101996,7 @@ index d7c1ac6..b0fc322 100644 | |||
101933 | done_path_create(&path, dentry); | 101996 | done_path_create(&path, dentry); |
101934 | return err; | 101997 | return err; |
101935 | } | 101998 | } |
101936 | @@ -1785,8 +1804,11 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, | 101999 | @@ -2342,9 +2361,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
101937 | goto out; | ||
101938 | |||
101939 | err = mutex_lock_interruptible(&u->readlock); | ||
101940 | - if (err) { | ||
101941 | - err = sock_intr_errno(sock_rcvtimeo(sk, noblock)); | ||
101942 | + if (unlikely(err)) { | ||
101943 | + /* recvmsg() in non blocking mode is supposed to return -EAGAIN | ||
101944 | + * sk_rcvtimeo is not honored by mutex_lock_interruptible() | ||
101945 | + */ | ||
101946 | + err = noblock ? -EAGAIN : -ERESTARTSYS; | ||
101947 | goto out; | ||
101948 | } | ||
101949 | |||
101950 | @@ -1911,6 +1933,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
101951 | struct unix_sock *u = unix_sk(sk); | ||
101952 | struct sockaddr_un *sunaddr = msg->msg_name; | ||
101953 | int copied = 0; | ||
101954 | + int noblock = flags & MSG_DONTWAIT; | ||
101955 | int check_creds = 0; | ||
101956 | int target; | ||
101957 | int err = 0; | ||
101958 | @@ -1926,7 +1949,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
101959 | goto out; | ||
101960 | |||
101961 | target = sock_rcvlowat(sk, flags&MSG_WAITALL, size); | ||
101962 | - timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT); | ||
101963 | + timeo = sock_rcvtimeo(sk, noblock); | ||
101964 | |||
101965 | /* Lock the socket to prevent queue disordering | ||
101966 | * while sleeps in memcpy_tomsg | ||
101967 | @@ -1938,8 +1961,11 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, | ||
101968 | } | ||
101969 | |||
101970 | err = mutex_lock_interruptible(&u->readlock); | ||
101971 | - if (err) { | ||
101972 | - err = sock_intr_errno(timeo); | ||
101973 | + if (unlikely(err)) { | ||
101974 | + /* recvmsg() in non blocking mode is supposed to return -EAGAIN | ||
101975 | + * sk_rcvtimeo is not honored by mutex_lock_interruptible() | ||
101976 | + */ | ||
101977 | + err = noblock ? -EAGAIN : -ERESTARTSYS; | ||
101978 | goto out; | ||
101979 | } | ||
101980 | |||
101981 | @@ -2335,9 +2361,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) | ||
101982 | seq_puts(seq, "Num RefCount Protocol Flags Type St " | 102000 | seq_puts(seq, "Num RefCount Protocol Flags Type St " |
101983 | "Inode Path\n"); | 102001 | "Inode Path\n"); |
101984 | else { | 102002 | else { |
@@ -101993,7 +102011,7 @@ index d7c1ac6..b0fc322 100644 | |||
101993 | 102011 | ||
101994 | seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", | 102012 | seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", |
101995 | s, | 102013 | s, |
101996 | @@ -2364,8 +2394,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) | 102014 | @@ -2371,8 +2394,10 @@ static int unix_seq_show(struct seq_file *seq, void *v) |
101997 | } | 102015 | } |
101998 | for ( ; i < len; i++) | 102016 | for ( ; i < len; i++) |
101999 | seq_putc(seq, u->addr->name->sun_path[i]); | 102017 | seq_putc(seq, u->addr->name->sun_path[i]); |
@@ -102532,14 +102550,14 @@ index 078fe1d..fbdb363 100644 | |||
102532 | fprintf(stderr, "fixdep: sizeof(int) != 4 or wrong endianness? %#x\n", | 102550 | fprintf(stderr, "fixdep: sizeof(int) != 4 or wrong endianness? %#x\n", |
102533 | diff --git a/scripts/gcc-plugin.sh b/scripts/gcc-plugin.sh | 102551 | diff --git a/scripts/gcc-plugin.sh b/scripts/gcc-plugin.sh |
102534 | new file mode 100644 | 102552 | new file mode 100644 |
102535 | index 0000000..3c23999 | 102553 | index 0000000..edcbc3a |
102536 | --- /dev/null | 102554 | --- /dev/null |
102537 | +++ b/scripts/gcc-plugin.sh | 102555 | +++ b/scripts/gcc-plugin.sh |
102538 | @@ -0,0 +1,16 @@ | 102556 | @@ -0,0 +1,16 @@ |
102539 | +#!/bin/bash | 102557 | +#!/bin/bash |
102540 | +srctree=$(dirname "$0") | 102558 | +srctree=$(dirname "$0") |
102541 | +gccplugins_dir=$("$3" -print-file-name=plugin) | 102559 | +gccplugins_dir=$($3 -print-file-name=plugin) |
102542 | +plugincc=$("$1" -E -shared - -o /dev/null -I${srctree}/../tools/gcc -I${gccplugins_dir}/include 2>&1 <<EOF | 102560 | +plugincc=$($1 -E -shared - -o /dev/null -I${srctree}/../tools/gcc -I${gccplugins_dir}/include 2>&1 <<EOF |
102543 | +#include "gcc-common.h" | 102561 | +#include "gcc-common.h" |
102544 | +#if BUILDING_GCC_VERSION >= 4008 || defined(ENABLE_BUILD_WITH_CXX) | 102562 | +#if BUILDING_GCC_VERSION >= 4008 || defined(ENABLE_BUILD_WITH_CXX) |
102545 | +#warning $2 | 102563 | +#warning $2 |
@@ -103808,10 +103826,54 @@ index e9c6ac7..75578c4 100644 | |||
103808 | default 65536 | 103826 | default 65536 |
103809 | help | 103827 | help |
103810 | This is the portion of low virtual memory which should be protected | 103828 | This is the portion of low virtual memory which should be protected |
103829 | diff --git a/security/apparmor/file.c b/security/apparmor/file.c | ||
103830 | index fdaa50c..2761dcb 100644 | ||
103831 | --- a/security/apparmor/file.c | ||
103832 | +++ b/security/apparmor/file.c | ||
103833 | @@ -348,8 +348,8 @@ static inline bool xindex_is_subset(u32 link, u32 target) | ||
103834 | int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry, | ||
103835 | struct path *new_dir, struct dentry *new_dentry) | ||
103836 | { | ||
103837 | - struct path link = { new_dir->mnt, new_dentry }; | ||
103838 | - struct path target = { new_dir->mnt, old_dentry }; | ||
103839 | + struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry }; | ||
103840 | + struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; | ||
103841 | struct path_cond cond = { | ||
103842 | old_dentry->d_inode->i_uid, | ||
103843 | old_dentry->d_inode->i_mode | ||
103811 | diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c | 103844 | diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c |
103812 | index 4257b7e..f0c9438 100644 | 103845 | index 4257b7e..2d0732d 100644 |
103813 | --- a/security/apparmor/lsm.c | 103846 | --- a/security/apparmor/lsm.c |
103814 | +++ b/security/apparmor/lsm.c | 103847 | +++ b/security/apparmor/lsm.c |
103848 | @@ -186,7 +186,7 @@ static int common_perm_dir_dentry(int op, struct path *dir, | ||
103849 | struct dentry *dentry, u32 mask, | ||
103850 | struct path_cond *cond) | ||
103851 | { | ||
103852 | - struct path path = { dir->mnt, dentry }; | ||
103853 | + struct path path = { .mnt = dir->mnt, .dentry = dentry }; | ||
103854 | |||
103855 | return common_perm(op, &path, mask, cond); | ||
103856 | } | ||
103857 | @@ -203,7 +203,7 @@ static int common_perm_dir_dentry(int op, struct path *dir, | ||
103858 | static int common_perm_mnt_dentry(int op, struct vfsmount *mnt, | ||
103859 | struct dentry *dentry, u32 mask) | ||
103860 | { | ||
103861 | - struct path path = { mnt, dentry }; | ||
103862 | + struct path path = { .mnt = mnt, .dentry = dentry }; | ||
103863 | struct path_cond cond = { dentry->d_inode->i_uid, | ||
103864 | dentry->d_inode->i_mode | ||
103865 | }; | ||
103866 | @@ -325,8 +325,8 @@ static int apparmor_path_rename(struct path *old_dir, struct dentry *old_dentry, | ||
103867 | |||
103868 | profile = aa_current_profile(); | ||
103869 | if (!unconfined(profile)) { | ||
103870 | - struct path old_path = { old_dir->mnt, old_dentry }; | ||
103871 | - struct path new_path = { new_dir->mnt, new_dentry }; | ||
103872 | + struct path old_path = { .mnt = old_dir->mnt, .dentry = old_dentry }; | ||
103873 | + struct path new_path = { .mnt = new_dir->mnt, .dentry = new_dentry }; | ||
103874 | struct path_cond cond = { old_dentry->d_inode->i_uid, | ||
103875 | old_dentry->d_inode->i_mode | ||
103876 | }; | ||
103815 | @@ -615,7 +615,7 @@ static int apparmor_task_setrlimit(struct task_struct *task, | 103877 | @@ -615,7 +615,7 @@ static int apparmor_task_setrlimit(struct task_struct *task, |
103816 | return error; | 103878 | return error; |
103817 | } | 103879 | } |
@@ -104147,7 +104209,7 @@ index fc3e662..7844c60 100644 | |||
104147 | lock = &avc_cache.slots_lock[hvalue]; | 104209 | lock = &avc_cache.slots_lock[hvalue]; |
104148 | 104210 | ||
104149 | diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c | 104211 | diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c |
104150 | index 57b0b49..402063e 100644 | 104212 | index 019749c..0648215 100644 |
104151 | --- a/security/selinux/hooks.c | 104213 | --- a/security/selinux/hooks.c |
104152 | +++ b/security/selinux/hooks.c | 104214 | +++ b/security/selinux/hooks.c |
104153 | @@ -96,8 +96,6 @@ | 104215 | @@ -96,8 +96,6 @@ |
@@ -104159,7 +104221,7 @@ index 57b0b49..402063e 100644 | |||
104159 | /* SECMARK reference count */ | 104221 | /* SECMARK reference count */ |
104160 | static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); | 104222 | static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); |
104161 | 104223 | ||
104162 | @@ -5745,7 +5743,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) | 104224 | @@ -5763,7 +5761,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) |
104163 | 104225 | ||
104164 | #endif | 104226 | #endif |
104165 | 104227 | ||
@@ -104168,7 +104230,7 @@ index 57b0b49..402063e 100644 | |||
104168 | .name = "selinux", | 104230 | .name = "selinux", |
104169 | 104231 | ||
104170 | .ptrace_access_check = selinux_ptrace_access_check, | 104232 | .ptrace_access_check = selinux_ptrace_access_check, |
104171 | @@ -6098,6 +6096,9 @@ static void selinux_nf_ip_exit(void) | 104233 | @@ -6116,6 +6114,9 @@ static void selinux_nf_ip_exit(void) |
104172 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 104234 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
104173 | static int selinux_disabled; | 104235 | static int selinux_disabled; |
104174 | 104236 | ||
@@ -104178,7 +104240,7 @@ index 57b0b49..402063e 100644 | |||
104178 | int selinux_disable(void) | 104240 | int selinux_disable(void) |
104179 | { | 104241 | { |
104180 | if (ss_initialized) { | 104242 | if (ss_initialized) { |
104181 | @@ -6115,7 +6116,9 @@ int selinux_disable(void) | 104243 | @@ -6133,7 +6134,9 @@ int selinux_disable(void) |
104182 | selinux_disabled = 1; | 104244 | selinux_disabled = 1; |
104183 | selinux_enabled = 0; | 104245 | selinux_enabled = 0; |
104184 | 104246 | ||
@@ -104215,6 +104277,57 @@ index b0be893..646bd94 100644 | |||
104215 | .name = "smack", | 104277 | .name = "smack", |
104216 | 104278 | ||
104217 | .ptrace_access_check = smack_ptrace_access_check, | 104279 | .ptrace_access_check = smack_ptrace_access_check, |
104280 | diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c | ||
104281 | index 4003907..13a2b55 100644 | ||
104282 | --- a/security/tomoyo/file.c | ||
104283 | +++ b/security/tomoyo/file.c | ||
104284 | @@ -692,7 +692,7 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, | ||
104285 | { | ||
104286 | struct tomoyo_request_info r; | ||
104287 | struct tomoyo_obj_info obj = { | ||
104288 | - .path1 = *path, | ||
104289 | + .path1 = { .mnt = path->mnt, .dentry = path->dentry }, | ||
104290 | }; | ||
104291 | int error = -ENOMEM; | ||
104292 | struct tomoyo_path_info buf; | ||
104293 | @@ -740,7 +740,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | ||
104294 | struct tomoyo_path_info buf; | ||
104295 | struct tomoyo_request_info r; | ||
104296 | struct tomoyo_obj_info obj = { | ||
104297 | - .path1 = *path, | ||
104298 | + .path1 = { .mnt = path->mnt, .dentry = path->dentry }, | ||
104299 | }; | ||
104300 | int idx; | ||
104301 | |||
104302 | @@ -786,7 +786,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path, const char *target) | ||
104303 | { | ||
104304 | struct tomoyo_request_info r; | ||
104305 | struct tomoyo_obj_info obj = { | ||
104306 | - .path1 = *path, | ||
104307 | + .path1 = { .mnt = path->mnt, .dentry = path->dentry }, | ||
104308 | }; | ||
104309 | int error; | ||
104310 | struct tomoyo_path_info buf; | ||
104311 | @@ -843,7 +843,7 @@ int tomoyo_mkdev_perm(const u8 operation, struct path *path, | ||
104312 | { | ||
104313 | struct tomoyo_request_info r; | ||
104314 | struct tomoyo_obj_info obj = { | ||
104315 | - .path1 = *path, | ||
104316 | + .path1 = { .mnt = path->mnt, .dentry = path->dentry }, | ||
104317 | }; | ||
104318 | int error = -ENOMEM; | ||
104319 | struct tomoyo_path_info buf; | ||
104320 | @@ -890,8 +890,8 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, | ||
104321 | struct tomoyo_path_info buf2; | ||
104322 | struct tomoyo_request_info r; | ||
104323 | struct tomoyo_obj_info obj = { | ||
104324 | - .path1 = *path1, | ||
104325 | - .path2 = *path2, | ||
104326 | + .path1 = { .mnt = path1->mnt, .dentry = path1->dentry }, | ||
104327 | + .path2 = { .mnt = path2->mnt, .dentry = path2->dentry } | ||
104328 | }; | ||
104329 | int idx; | ||
104330 | |||
104218 | diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c | 104331 | diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c |
104219 | index 390c646..f2f8db3 100644 | 104332 | index 390c646..f2f8db3 100644 |
104220 | --- a/security/tomoyo/mount.c | 104333 | --- a/security/tomoyo/mount.c |
@@ -104231,9 +104344,94 @@ index 390c646..f2f8db3 100644 | |||
104231 | if (!fstype) { | 104344 | if (!fstype) { |
104232 | error = -ENODEV; | 104345 | error = -ENODEV; |
104233 | diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c | 104346 | diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c |
104234 | index f0b756e..b129202 100644 | 104347 | index f0b756e..8aa497b 100644 |
104235 | --- a/security/tomoyo/tomoyo.c | 104348 | --- a/security/tomoyo/tomoyo.c |
104236 | +++ b/security/tomoyo/tomoyo.c | 104349 | +++ b/security/tomoyo/tomoyo.c |
104350 | @@ -146,7 +146,7 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) | ||
104351 | */ | ||
104352 | static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | ||
104353 | { | ||
104354 | - struct path path = { mnt, dentry }; | ||
104355 | + struct path path = { .mnt = mnt, .dentry = dentry }; | ||
104356 | return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL); | ||
104357 | } | ||
104358 | |||
104359 | @@ -172,7 +172,7 @@ static int tomoyo_path_truncate(struct path *path) | ||
104360 | */ | ||
104361 | static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) | ||
104362 | { | ||
104363 | - struct path path = { parent->mnt, dentry }; | ||
104364 | + struct path path = { .mnt = parent->mnt, .dentry = dentry }; | ||
104365 | return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL); | ||
104366 | } | ||
104367 | |||
104368 | @@ -188,7 +188,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) | ||
104369 | static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, | ||
104370 | umode_t mode) | ||
104371 | { | ||
104372 | - struct path path = { parent->mnt, dentry }; | ||
104373 | + struct path path = { .mnt = parent->mnt, .dentry = dentry }; | ||
104374 | return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, | ||
104375 | mode & S_IALLUGO); | ||
104376 | } | ||
104377 | @@ -203,7 +203,7 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, | ||
104378 | */ | ||
104379 | static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) | ||
104380 | { | ||
104381 | - struct path path = { parent->mnt, dentry }; | ||
104382 | + struct path path = { .mnt = parent->mnt, .dentry = dentry }; | ||
104383 | return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL); | ||
104384 | } | ||
104385 | |||
104386 | @@ -219,7 +219,7 @@ static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) | ||
104387 | static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, | ||
104388 | const char *old_name) | ||
104389 | { | ||
104390 | - struct path path = { parent->mnt, dentry }; | ||
104391 | + struct path path = { .mnt = parent->mnt, .dentry = dentry }; | ||
104392 | return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name); | ||
104393 | } | ||
104394 | |||
104395 | @@ -236,7 +236,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, | ||
104396 | static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, | ||
104397 | umode_t mode, unsigned int dev) | ||
104398 | { | ||
104399 | - struct path path = { parent->mnt, dentry }; | ||
104400 | + struct path path = { .mnt = parent->mnt, .dentry = dentry }; | ||
104401 | int type = TOMOYO_TYPE_CREATE; | ||
104402 | const unsigned int perm = mode & S_IALLUGO; | ||
104403 | |||
104404 | @@ -275,8 +275,8 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, | ||
104405 | static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir, | ||
104406 | struct dentry *new_dentry) | ||
104407 | { | ||
104408 | - struct path path1 = { new_dir->mnt, old_dentry }; | ||
104409 | - struct path path2 = { new_dir->mnt, new_dentry }; | ||
104410 | + struct path path1 = { .mnt = new_dir->mnt, .dentry = old_dentry }; | ||
104411 | + struct path path2 = { .mnt = new_dir->mnt, .dentry = new_dentry }; | ||
104412 | return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2); | ||
104413 | } | ||
104414 | |||
104415 | @@ -295,8 +295,8 @@ static int tomoyo_path_rename(struct path *old_parent, | ||
104416 | struct path *new_parent, | ||
104417 | struct dentry *new_dentry) | ||
104418 | { | ||
104419 | - struct path path1 = { old_parent->mnt, old_dentry }; | ||
104420 | - struct path path2 = { new_parent->mnt, new_dentry }; | ||
104421 | + struct path path1 = { .mnt = old_parent->mnt, .dentry = old_dentry }; | ||
104422 | + struct path path2 = { .mnt = new_parent->mnt, .dentry = new_dentry }; | ||
104423 | return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2); | ||
104424 | } | ||
104425 | |||
104426 | @@ -424,7 +424,7 @@ static int tomoyo_sb_mount(const char *dev_name, struct path *path, | ||
104427 | */ | ||
104428 | static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) | ||
104429 | { | ||
104430 | - struct path path = { mnt, mnt->mnt_root }; | ||
104431 | + struct path path = { .mnt = mnt, .dentry = mnt->mnt_root }; | ||
104432 | return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL); | ||
104433 | } | ||
104434 | |||
104237 | @@ -503,7 +503,7 @@ static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, | 104435 | @@ -503,7 +503,7 @@ static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, |
104238 | * tomoyo_security_ops is a "struct security_operations" which is used for | 104436 | * tomoyo_security_ops is a "struct security_operations" which is used for |
104239 | * registering TOMOYO. | 104437 | * registering TOMOYO. |
@@ -105007,10 +105205,10 @@ index 0000000..4c2c45c | |||
105007 | +size_overflow_hash.h | 105205 | +size_overflow_hash.h |
105008 | diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile | 105206 | diff --git a/tools/gcc/Makefile b/tools/gcc/Makefile |
105009 | new file mode 100644 | 105207 | new file mode 100644 |
105010 | index 0000000..b198b6d | 105208 | index 0000000..d25d472 |
105011 | --- /dev/null | 105209 | --- /dev/null |
105012 | +++ b/tools/gcc/Makefile | 105210 | +++ b/tools/gcc/Makefile |
105013 | @@ -0,0 +1,54 @@ | 105211 | @@ -0,0 +1,60 @@ |
105014 | +#CC := gcc | 105212 | +#CC := gcc |
105015 | +#PLUGIN_SOURCE_FILES := pax_plugin.c | 105213 | +#PLUGIN_SOURCE_FILES := pax_plugin.c |
105016 | +#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) | 105214 | +#PLUGIN_OBJECT_FILES := $(patsubst %.c,%.o,$(PLUGIN_SOURCE_FILES)) |
@@ -105049,22 +105247,28 @@ index 0000000..b198b6d | |||
105049 | +structleak_plugin-objs := structleak_plugin.o | 105247 | +structleak_plugin-objs := structleak_plugin.o |
105050 | +randomize_layout_plugin-objs := randomize_layout_plugin.o | 105248 | +randomize_layout_plugin-objs := randomize_layout_plugin.o |
105051 | + | 105249 | + |
105052 | +$(obj)/size_overflow_plugin.o: $(objtree)/$(obj)/size_overflow_hash.h | 105250 | +$(obj)/size_overflow_plugin.o: $(objtree)/$(obj)/size_overflow_hash.h $(objtree)/$(obj)/size_overflow_hash_aux.h |
105053 | +$(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h | 105251 | +$(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h |
105054 | + | 105252 | + |
105055 | +quiet_cmd_build_size_overflow_hash = GENHASH $@ | 105253 | +quiet_cmd_build_size_overflow_hash = GENHASH $@ |
105056 | + cmd_build_size_overflow_hash = \ | 105254 | + cmd_build_size_overflow_hash = \ |
105057 | + $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -d $< -o $@ | 105255 | + $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -s size_overflow_hash -d $< -o $@ |
105058 | +$(objtree)/$(obj)/size_overflow_hash.h: $(src)/size_overflow_hash.data FORCE | 105256 | +$(objtree)/$(obj)/size_overflow_hash.h: $(src)/size_overflow_hash.data FORCE |
105059 | + $(call if_changed,build_size_overflow_hash) | 105257 | + $(call if_changed,build_size_overflow_hash) |
105060 | + | 105258 | + |
105259 | +quiet_cmd_build_size_overflow_hash_aux = GENHASH $@ | ||
105260 | + cmd_build_size_overflow_hash_aux = \ | ||
105261 | + $(CONFIG_SHELL) $(srctree)/$(src)/generate_size_overflow_hash.sh -s size_overflow_hash_aux -d $< -o $@ | ||
105262 | +$(objtree)/$(obj)/size_overflow_hash_aux.h: $(src)/size_overflow_hash_aux.data FORCE | ||
105263 | + $(call if_changed,build_size_overflow_hash_aux) | ||
105264 | + | ||
105061 | +quiet_cmd_create_randomize_layout_seed = GENSEED $@ | 105265 | +quiet_cmd_create_randomize_layout_seed = GENSEED $@ |
105062 | + cmd_create_randomize_layout_seed = \ | 105266 | + cmd_create_randomize_layout_seed = \ |
105063 | + $(CONFIG_SHELL) $(srctree)/$(src)/gen-random-seed.sh $@ $(objtree)/include/generated/randomize_layout_hash.h | 105267 | + $(CONFIG_SHELL) $(srctree)/$(src)/gen-random-seed.sh $@ $(objtree)/include/generated/randomize_layout_hash.h |
105064 | +$(objtree)/$(obj)/randomize_layout_seed.h: FORCE | 105268 | +$(objtree)/$(obj)/randomize_layout_seed.h: FORCE |
105065 | + $(call if_changed,create_randomize_layout_seed) | 105269 | + $(call if_changed,create_randomize_layout_seed) |
105066 | + | 105270 | + |
105067 | +targets += size_overflow_hash.h randomize_layout_seed.h randomize_layout_hash.h | 105271 | +targets += size_overflow_hash.h size_overflow_hash_aux.h randomize_layout_seed.h randomize_layout_hash.h |
105068 | diff --git a/tools/gcc/checker_plugin.c b/tools/gcc/checker_plugin.c | 105272 | diff --git a/tools/gcc/checker_plugin.c b/tools/gcc/checker_plugin.c |
105069 | new file mode 100644 | 105273 | new file mode 100644 |
105070 | index 0000000..5452feea | 105274 | index 0000000..5452feea |
@@ -105956,10 +106160,10 @@ index 0000000..4f67ac1 | |||
105956 | +} | 106160 | +} |
105957 | diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h | 106161 | diff --git a/tools/gcc/gcc-common.h b/tools/gcc/gcc-common.h |
105958 | new file mode 100644 | 106162 | new file mode 100644 |
105959 | index 0000000..6dbb502 | 106163 | index 0000000..8af3693 |
105960 | --- /dev/null | 106164 | --- /dev/null |
105961 | +++ b/tools/gcc/gcc-common.h | 106165 | +++ b/tools/gcc/gcc-common.h |
105962 | @@ -0,0 +1,286 @@ | 106166 | @@ -0,0 +1,287 @@ |
105963 | +#ifndef GCC_COMMON_H_INCLUDED | 106167 | +#ifndef GCC_COMMON_H_INCLUDED |
105964 | +#define GCC_COMMON_H_INCLUDED | 106168 | +#define GCC_COMMON_H_INCLUDED |
105965 | + | 106169 | + |
@@ -106074,6 +106278,7 @@ index 0000000..6dbb502 | |||
106074 | +#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I) | 106278 | +#define FOR_EACH_LOCAL_DECL(FUN, I, D) for (tree vars = (FUN)->local_decls; vars && (D = TREE_VALUE(vars)); vars = TREE_CHAIN(vars), I) |
106075 | +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE))) | 106279 | +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE))) |
106076 | +#define FOR_EACH_VEC_ELT(T, V, I, P) for (I = 0; VEC_iterate(T, (V), (I), (P)); ++(I)) | 106280 | +#define FOR_EACH_VEC_ELT(T, V, I, P) for (I = 0; VEC_iterate(T, (V), (I), (P)); ++(I)) |
106281 | +#define TODO_rebuild_cgraph_edges 0 | ||
106077 | + | 106282 | + |
106078 | +static inline bool gimple_call_builtin_p(gimple stmt, enum built_in_function code) | 106283 | +static inline bool gimple_call_builtin_p(gimple stmt, enum built_in_function code) |
106079 | +{ | 106284 | +{ |
@@ -106262,10 +106467,10 @@ index 0000000..7514850 | |||
106262 | +fi | 106467 | +fi |
106263 | diff --git a/tools/gcc/generate_size_overflow_hash.sh b/tools/gcc/generate_size_overflow_hash.sh | 106468 | diff --git a/tools/gcc/generate_size_overflow_hash.sh b/tools/gcc/generate_size_overflow_hash.sh |
106264 | new file mode 100644 | 106469 | new file mode 100644 |
106265 | index 0000000..e518932 | 106470 | index 0000000..791ca76 |
106266 | --- /dev/null | 106471 | --- /dev/null |
106267 | +++ b/tools/gcc/generate_size_overflow_hash.sh | 106472 | +++ b/tools/gcc/generate_size_overflow_hash.sh |
106268 | @@ -0,0 +1,94 @@ | 106473 | @@ -0,0 +1,97 @@ |
106269 | +#!/bin/bash | 106474 | +#!/bin/bash |
106270 | + | 106475 | + |
106271 | +# This script generates the hash table (size_overflow_hash.h) for the size_overflow gcc plugin (size_overflow_plugin.c). | 106476 | +# This script generates the hash table (size_overflow_hash.h) for the size_overflow gcc plugin (size_overflow_plugin.c). |
@@ -106273,6 +106478,7 @@ index 0000000..e518932 | |||
106273 | +header1="size_overflow_hash.h" | 106478 | +header1="size_overflow_hash.h" |
106274 | +database="size_overflow_hash.data" | 106479 | +database="size_overflow_hash.data" |
106275 | +n=65536 | 106480 | +n=65536 |
106481 | +hashtable_name="size_overflow_hash" | ||
106276 | + | 106482 | + |
106277 | +usage() { | 106483 | +usage() { |
106278 | +cat <<EOF | 106484 | +cat <<EOF |
@@ -106282,6 +106488,7 @@ index 0000000..e518932 | |||
106282 | + -o header file | 106488 | + -o header file |
106283 | + -d database file | 106489 | + -d database file |
106284 | + -n hash array size | 106490 | + -n hash array size |
106491 | + -s name of the hash table | ||
106285 | +EOF | 106492 | +EOF |
106286 | + return 0 | 106493 | + return 0 |
106287 | +} | 106494 | +} |
@@ -106293,6 +106500,7 @@ index 0000000..e518932 | |||
106293 | + -n) n=$2; shift 2;; | 106500 | + -n) n=$2; shift 2;; |
106294 | + -o) header1="$2"; shift 2;; | 106501 | + -o) header1="$2"; shift 2;; |
106295 | + -d) database="$2"; shift 2;; | 106502 | + -d) database="$2"; shift 2;; |
106503 | + -s) hashtable_name="$2"; shift 2;; | ||
106296 | + --) shift 1; break ;; | 106504 | + --) shift 1; break ;; |
106297 | + *) break ;; | 106505 | + *) break ;; |
106298 | + esac | 106506 | + esac |
@@ -106334,7 +106542,7 @@ index 0000000..e518932 | |||
106334 | +} | 106542 | +} |
106335 | + | 106543 | + |
106336 | +create_headers() { | 106544 | +create_headers() { |
106337 | + echo "const struct size_overflow_hash * const size_overflow_hash[$n] = {" >> "$header1" | 106545 | + echo "const struct size_overflow_hash * const $hashtable_name[$n] = {" >> "$header1" |
106338 | +} | 106546 | +} |
106339 | + | 106547 | + |
106340 | +create_array_elements() { | 106548 | +create_array_elements() { |
@@ -114167,12 +114375,101 @@ index 0000000..9529806 | |||
114167 | +lookup_inline_extent_backref_65493 lookup_inline_extent_backref 9 65493 NULL | 114375 | +lookup_inline_extent_backref_65493 lookup_inline_extent_backref 9 65493 NULL |
114168 | +nvme_trans_standard_inquiry_page_65526 nvme_trans_standard_inquiry_page 4 65526 NULL | 114376 | +nvme_trans_standard_inquiry_page_65526 nvme_trans_standard_inquiry_page 4 65526 NULL |
114169 | +tree_mod_log_eb_copy_65535 tree_mod_log_eb_copy 6 65535 NULL | 114377 | +tree_mod_log_eb_copy_65535 tree_mod_log_eb_copy 6 65535 NULL |
114378 | diff --git a/tools/gcc/size_overflow_hash_aux.data b/tools/gcc/size_overflow_hash_aux.data | ||
114379 | new file mode 100644 | ||
114380 | index 0000000..5dd8a8f | ||
114381 | --- /dev/null | ||
114382 | +++ b/tools/gcc/size_overflow_hash_aux.data | ||
114383 | @@ -0,0 +1,83 @@ | ||
114384 | +spa_set_aux_vdevs_746 spa_set_aux_vdevs 3 746 NULL | ||
114385 | +mappedread_2627 mappedread 2 2627 NULL | ||
114386 | +vdev_disk_dio_alloc_2957 vdev_disk_dio_alloc 1 2957 NULL | ||
114387 | +nv_alloc_pushpage_spl_4286 nv_alloc_pushpage_spl 2 4286 NULL | ||
114388 | +zpl_xattr_get_4574 zpl_xattr_get 0 4574 NULL | ||
114389 | +sa_replace_all_by_template_5699 sa_replace_all_by_template 3 5699 NULL | ||
114390 | +dmu_write_6048 dmu_write 4-3 6048 NULL | ||
114391 | +dmu_buf_hold_array_6095 dmu_buf_hold_array 4-3 6095 NULL | ||
114392 | +update_pages_6225 update_pages 2-3 6225 NULL | ||
114393 | +bio_nr_pages_7117 bio_nr_pages 0-2 7117 NULL | ||
114394 | +dmu_buf_hold_array_by_bonus_8562 dmu_buf_hold_array_by_bonus 3-2 8562 NULL | ||
114395 | +zpios_dmu_write_8858 zpios_dmu_write 4-5 8858 NULL | ||
114396 | +ddi_copyout_9401 ddi_copyout 3 9401 NULL | ||
114397 | +avl_numnodes_12384 avl_numnodes 0 12384 NULL | ||
114398 | +dmu_write_uio_dnode_12473 dmu_write_uio_dnode 3 12473 NULL | ||
114399 | +dmu_xuio_init_12866 dmu_xuio_init 2 12866 NULL | ||
114400 | +dmu_snapshot_realname_14632 dmu_snapshot_realname 4 14632 NULL | ||
114401 | +kmem_alloc_debug_14852 kmem_alloc_debug 1 14852 NULL | ||
114402 | +kmalloc_node_nofail_15151 kmalloc_node_nofail 1 15151 NULL | ||
114403 | +dmu_write_uio_16351 dmu_write_uio 4 16351 NULL | ||
114404 | +zfs_log_write_16524 zfs_log_write 6-5 16524 NULL | ||
114405 | +sa_build_layouts_16910 sa_build_layouts 3 16910 NULL | ||
114406 | +dsl_dir_namelen_17053 dsl_dir_namelen 0 17053 NULL | ||
114407 | +sa_add_layout_entry_17507 sa_add_layout_entry 3 17507 NULL | ||
114408 | +sa_attr_table_setup_18029 sa_attr_table_setup 3 18029 NULL | ||
114409 | +uiocopy_18680 uiocopy 2 18680 NULL | ||
114410 | +dmu_buf_hold_array_by_dnode_19125 dmu_buf_hold_array_by_dnode 2-3 19125 NULL | ||
114411 | +zpl_acl_from_xattr_21141 zpl_acl_from_xattr 2 21141 NULL | ||
114412 | +dsl_pool_tx_assign_init_22518 dsl_pool_tx_assign_init 2 22518 NULL | ||
114413 | +sa_replace_all_by_template_locked_22533 sa_replace_all_by_template_locked 3 22533 NULL | ||
114414 | +tsd_hash_table_init_22559 tsd_hash_table_init 1 22559 NULL | ||
114415 | +spa_vdev_remove_aux_23966 spa_vdev_remove_aux 4 23966 NULL | ||
114416 | +zpl_xattr_acl_set_access_24129 zpl_xattr_acl_set_access 4 24129 NULL | ||
114417 | +dmu_assign_arcbuf_24622 dmu_assign_arcbuf 2 24622 NULL | ||
114418 | +zap_lookup_norm_25166 zap_lookup_norm 9 25166 NULL | ||
114419 | +dmu_prealloc_25456 dmu_prealloc 4-3 25456 NULL | ||
114420 | +kmalloc_nofail_26347 kmalloc_nofail 1 26347 NULL | ||
114421 | +zfsctl_snapshot_zpath_27578 zfsctl_snapshot_zpath 2 27578 NULL | ||
114422 | +zpios_dmu_read_30015 zpios_dmu_read 4-5 30015 NULL | ||
114423 | +splat_write_30943 splat_write 3 30943 NULL | ||
114424 | +zpl_xattr_get_sa_31183 zpl_xattr_get_sa 0 31183 NULL | ||
114425 | +dmu_read_uio_31467 dmu_read_uio 4 31467 NULL | ||
114426 | +zfs_replay_fuids_31479 zfs_replay_fuids 4 31479 NULL | ||
114427 | +spa_history_log_to_phys_31632 spa_history_log_to_phys 0-1 31632 NULL | ||
114428 | +__zpl_xattr_get_32601 __zpl_xattr_get 0 32601 NULL | ||
114429 | +proc_copyout_string_34049 proc_copyout_string 2 34049 NULL | ||
114430 | +nv_alloc_sleep_spl_34544 nv_alloc_sleep_spl 2 34544 NULL | ||
114431 | +nv_alloc_nosleep_spl_34761 nv_alloc_nosleep_spl 2 34761 NULL | ||
114432 | +zap_leaf_array_match_36922 zap_leaf_array_match 4 36922 NULL | ||
114433 | +copyinstr_36980 copyinstr 3 36980 NULL | ||
114434 | +zpl_xattr_acl_set_default_37864 zpl_xattr_acl_set_default 4 37864 NULL | ||
114435 | +splat_read_38116 splat_read 3 38116 NULL | ||
114436 | +sa_setup_38756 sa_setup 4 38756 NULL | ||
114437 | +vdev_disk_physio_39898 vdev_disk_physio 3 39898 NULL | ||
114438 | +arc_buf_size_39982 arc_buf_size 0 39982 NULL | ||
114439 | +kzalloc_nofail_40719 kzalloc_nofail 1 40719 NULL | ||
114440 | +fuidstr_to_sid_40777 fuidstr_to_sid 4 40777 NULL | ||
114441 | +vdev_raidz_matrix_reconstruct_40852 vdev_raidz_matrix_reconstruct 2-3 40852 NULL | ||
114442 | +sa_find_layout_40892 sa_find_layout 4 40892 NULL | ||
114443 | +zpl_xattr_get_dir_41918 zpl_xattr_get_dir 0 41918 NULL | ||
114444 | +zpl_xattr_acl_set_42808 zpl_xattr_acl_set 4 42808 NULL | ||
114445 | +xdr_dec_array_43091 xdr_dec_array 5 43091 NULL | ||
114446 | +dsl_dataset_namelen_43136 dsl_dataset_namelen 0 43136 NULL | ||
114447 | +uiomove_44355 uiomove 2 44355 NULL | ||
114448 | +dmu_read_44418 dmu_read 4-3 44418 NULL | ||
114449 | +ddi_copyin_44846 ddi_copyin 3 44846 NULL | ||
114450 | +copyin_45945 copyin 3 45945 NULL | ||
114451 | +zil_itx_create_46555 zil_itx_create 2 46555 NULL | ||
114452 | +dmu_write_uio_dbuf_48064 dmu_write_uio_dbuf 3 48064 NULL | ||
114453 | +spa_history_write_49650 spa_history_write 3 49650 NULL | ||
114454 | +zfs_log_write_50162 zfs_log_write 6-5 50162 NULL | ||
114455 | +i_fm_alloc_51038 i_fm_alloc 2 51038 NULL | ||
114456 | +copyout_51409 copyout 3 51409 NULL | ||
114457 | +zvol_log_write_54898 zvol_log_write 4-3 54898 NULL | ||
114458 | +zfs_acl_node_alloc_55641 zfs_acl_node_alloc 1 55641 NULL | ||
114459 | +get_nvlist_56685 get_nvlist 2 56685 NULL | ||
114460 | +zprop_get_numprops_56820 zprop_get_numprops 0 56820 NULL | ||
114461 | +splat_taskq_test4_common_59829 splat_taskq_test4_common 5 59829 NULL | ||
114462 | +zfs_replay_domain_cnt_61399 zfs_replay_domain_cnt 0 61399 NULL | ||
114463 | +zpios_write_61823 zpios_write 3 61823 NULL | ||
114464 | +proc_copyin_string_62019 proc_copyin_string 4 62019 NULL | ||
114465 | +random_get_pseudo_bytes_64611 random_get_pseudo_bytes 2 64611 NULL | ||
114466 | +zpios_read_64734 zpios_read 3 64734 NULL | ||
114170 | diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c | 114467 | diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c |
114171 | new file mode 100644 | 114468 | new file mode 100644 |
114172 | index 0000000..fa0524c | 114469 | index 0000000..0a9dd22 |
114173 | --- /dev/null | 114470 | --- /dev/null |
114174 | +++ b/tools/gcc/size_overflow_plugin.c | 114471 | +++ b/tools/gcc/size_overflow_plugin.c |
114175 | @@ -0,0 +1,4101 @@ | 114472 | @@ -0,0 +1,4110 @@ |
114176 | +/* | 114473 | +/* |
114177 | + * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> | 114474 | + * Copyright 2011-2014 by Emese Revfy <re.emese@gmail.com> |
114178 | + * Licensed under the GPL v2, or (at your option) v3 | 114475 | + * Licensed under the GPL v2, or (at your option) v3 |
@@ -114201,7 +114498,7 @@ index 0000000..fa0524c | |||
114201 | +int plugin_is_GPL_compatible; | 114498 | +int plugin_is_GPL_compatible; |
114202 | + | 114499 | + |
114203 | +static struct plugin_info size_overflow_plugin_info = { | 114500 | +static struct plugin_info size_overflow_plugin_info = { |
114204 | + .version = "20140317", | 114501 | + .version = "20140402", |
114205 | + .help = "no-size-overflow\tturn off size overflow checking\n", | 114502 | + .help = "no-size-overflow\tturn off size overflow checking\n", |
114206 | +}; | 114503 | +}; |
114207 | + | 114504 | + |
@@ -114229,6 +114526,7 @@ index 0000000..fa0524c | |||
114229 | +}; | 114526 | +}; |
114230 | + | 114527 | + |
114231 | +#include "size_overflow_hash.h" | 114528 | +#include "size_overflow_hash.h" |
114529 | +#include "size_overflow_hash_aux.h" | ||
114232 | + | 114530 | + |
114233 | +enum mark { | 114531 | +enum mark { |
114234 | + MARK_NO, MARK_YES, MARK_NOT_INTENTIONAL, MARK_TURN_OFF | 114532 | + MARK_NO, MARK_YES, MARK_NOT_INTENTIONAL, MARK_TURN_OFF |
@@ -114620,6 +114918,16 @@ index 0000000..fa0524c | |||
114620 | + set_node_codes(TREE_VALUE(arg), fn_hash_data); | 114918 | + set_node_codes(TREE_VALUE(arg), fn_hash_data); |
114621 | +} | 114919 | +} |
114622 | + | 114920 | + |
114921 | +static const struct size_overflow_hash *get_proper_hash_chain(const struct size_overflow_hash *entry, const char *func_name) | ||
114922 | +{ | ||
114923 | + while (entry) { | ||
114924 | + if (!strcmp(entry->name, func_name)) | ||
114925 | + return entry; | ||
114926 | + entry = entry->next; | ||
114927 | + } | ||
114928 | + return NULL; | ||
114929 | +} | ||
114930 | + | ||
114623 | +static const struct size_overflow_hash *get_function_hash(const_tree fndecl) | 114931 | +static const struct size_overflow_hash *get_function_hash(const_tree fndecl) |
114624 | +{ | 114932 | +{ |
114625 | + const struct size_overflow_hash *entry; | 114933 | + const struct size_overflow_hash *entry; |
@@ -114640,13 +114948,11 @@ index 0000000..fa0524c | |||
114640 | + set_hash(func_name, &fn_hash_data); | 114948 | + set_hash(func_name, &fn_hash_data); |
114641 | + | 114949 | + |
114642 | + entry = size_overflow_hash[fn_hash_data.hash]; | 114950 | + entry = size_overflow_hash[fn_hash_data.hash]; |
114643 | + | 114951 | + entry = get_proper_hash_chain(entry, func_name); |
114644 | + while (entry) { | 114952 | + if (entry) |
114645 | + if (!strcmp(entry->name, func_name)) | 114953 | + return entry; |
114646 | + return entry; | 114954 | + entry = size_overflow_hash_aux[fn_hash_data.hash]; |
114647 | + entry = entry->next; | 114955 | + return get_proper_hash_chain(entry, func_name); |
114648 | + } | ||
114649 | + return NULL; | ||
114650 | +} | 114956 | +} |
114651 | + | 114957 | + |
114652 | +static void print_missing_msg(const_tree func, unsigned int argnum) | 114958 | +static void print_missing_msg(const_tree func, unsigned int argnum) |
@@ -118975,6 +119281,19 @@ index b003ad7..c0a02f8 100644 | |||
118975 | +#endif | 119281 | +#endif |
118976 | + | 119282 | + |
118977 | #endif | 119283 | #endif |
119284 | diff --git a/virt/kvm/ioapic.c b/virt/kvm/ioapic.c | ||
119285 | index 2d68297..39dc5bc 100644 | ||
119286 | --- a/virt/kvm/ioapic.c | ||
119287 | +++ b/virt/kvm/ioapic.c | ||
119288 | @@ -306,7 +306,7 @@ static int ioapic_deliver(struct kvm_ioapic *ioapic, int irq, bool line_status) | ||
119289 | BUG_ON(ioapic->rtc_status.pending_eoi != 0); | ||
119290 | ret = kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe, | ||
119291 | ioapic->rtc_status.dest_map); | ||
119292 | - ioapic->rtc_status.pending_eoi = ret; | ||
119293 | + ioapic->rtc_status.pending_eoi = (ret < 0 ? 0 : ret); | ||
119294 | } else | ||
119295 | ret = kvm_irq_delivery_to_apic(ioapic->kvm, NULL, &irqe, NULL); | ||
119296 | |||
118978 | diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c | 119297 | diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
118979 | index 4f588bc..a543c97 100644 | 119298 | index 4f588bc..a543c97 100644 |
118980 | --- a/virt/kvm/kvm_main.c | 119299 | --- a/virt/kvm/kvm_main.c |