diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2013-02-16 14:27:53 -0500 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2013-02-16 14:27:53 -0500 |
| commit | c73573a5981eabe77337393eba7548812bf5e811 (patch) | |
| tree | 174635e495d85dfcb5f320650d14f9f3924b5e21 | |
| parent | Fix 3.2.38/4470_disable-compat_vdso.patch (diff) | |
| download | hardened-patchset-20130216.tar.gz hardened-patchset-20130216.tar.bz2 hardened-patchset-20130216.zip | |
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.38,3.7.8}-20130216115820130216
| -rw-r--r-- | 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302161146.patch (renamed from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302092140.patch) | 420 | ||||
| -rw-r--r-- | 3.2.38/0000_README | 2 | ||||
| -rw-r--r-- | 3.2.38/4420_grsecurity-2.9.1-3.2.38-201302151927.patch (renamed from 3.2.38/4420_grsecurity-2.9.1-3.2.38-201302092140.patch) | 506 | ||||
| -rw-r--r-- | 3.7.8/0000_README (renamed from 3.7.6/0000_README) | 2 | ||||
| -rw-r--r-- | 3.7.8/4420_grsecurity-2.9.1-3.7.8-201302161158.patch (renamed from 3.7.6/4420_grsecurity-2.9.1-3.7.6-201302092141.patch) | 1795 | ||||
| -rw-r--r-- | 3.7.8/4425_grsec_remove_EI_PAX.patch (renamed from 3.7.6/4425_grsec_remove_EI_PAX.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4430_grsec-remove-localversion-grsec.patch (renamed from 3.7.6/4430_grsec-remove-localversion-grsec.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4435_grsec-mute-warnings.patch (renamed from 3.7.6/4435_grsec-mute-warnings.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4440_grsec-remove-protected-paths.patch (renamed from 3.7.6/4440_grsec-remove-protected-paths.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4450_grsec-kconfig-default-gids.patch (renamed from 3.7.6/4450_grsec-kconfig-default-gids.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4465_selinux-avc_audit-log-curr_ip.patch (renamed from 3.7.6/4465_selinux-avc_audit-log-curr_ip.patch) | 0 | ||||
| -rw-r--r-- | 3.7.8/4470_disable-compat_vdso.patch (renamed from 3.7.6/4470_disable-compat_vdso.patch) | 0 |
12 files changed, 1600 insertions, 1125 deletions
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302092140.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302161146.patch index af2ad8d..beb1e7f 100644 --- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302092140.patch +++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201302161146.patch @@ -13251,7 +13251,7 @@ index 33927d2..ccde329 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index af6fd36..da3ffbb 100644 +index af6fd36..fffaf4b 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -39,6 +39,7 @@ extern struct list_head pgd_list; @@ -13314,7 +13314,19 @@ index af6fd36..da3ffbb 100644 static inline int pte_dirty(pte_t pte) { return pte_flags(pte) & _PAGE_DIRTY; -@@ -167,9 +207,29 @@ static inline pte_t pte_wrprotect(pte_t pte) +@@ -130,6 +170,11 @@ static inline unsigned long pmd_pfn(pmd_t pmd) + return (pmd_val(pmd) & PTE_PFN_MASK) >> PAGE_SHIFT; + } + ++static inline unsigned long pud_pfn(pud_t pud) ++{ ++ return (pud_val(pud) & PTE_PFN_MASK) >> PAGE_SHIFT; ++} ++ + #define pte_page(pte) pfn_to_page(pte_pfn(pte)) + + static inline int pmd_large(pmd_t pte) +@@ -167,9 +212,29 @@ static inline pte_t pte_wrprotect(pte_t pte) return pte_clear_flags(pte, _PAGE_RW); } @@ -13345,7 +13357,7 @@ index af6fd36..da3ffbb 100644 } static inline pte_t pte_mkdirty(pte_t pte) -@@ -302,6 +362,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); +@@ -302,6 +367,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); #endif #ifndef __ASSEMBLY__ @@ -13361,7 +13373,7 @@ index af6fd36..da3ffbb 100644 #include <linux/mm_types.h> static inline int pte_none(pte_t pte) -@@ -472,7 +541,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) +@@ -472,7 +546,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) static inline int pgd_bad(pgd_t pgd) { @@ -13370,7 +13382,7 @@ index af6fd36..da3ffbb 100644 } static inline int pgd_none(pgd_t pgd) -@@ -495,7 +564,12 @@ static inline int pgd_none(pgd_t pgd) +@@ -495,7 +569,12 @@ static inline int pgd_none(pgd_t pgd) * pgd_offset() returns a (pgd_t *) * pgd_index() is used get the offset into the pgd page's array of pgd_t's; */ @@ -13384,7 +13396,7 @@ index af6fd36..da3ffbb 100644 /* * a shortcut which implies the use of the kernel's pgd, instead * of a process's -@@ -506,6 +580,20 @@ static inline int pgd_none(pgd_t pgd) +@@ -506,6 +585,20 @@ static inline int pgd_none(pgd_t pgd) #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) @@ -13405,7 +13417,7 @@ index af6fd36..da3ffbb 100644 #ifndef __ASSEMBLY__ extern int direct_gbpages; -@@ -611,11 +699,23 @@ static inline void ptep_set_wrprotect(struct mm_struct *mm, +@@ -611,11 +704,23 @@ static inline void ptep_set_wrprotect(struct mm_struct *mm, * dst and src can be on the same page, but the range must not overlap, * and must not cross a page boundary. */ @@ -28185,7 +28197,7 @@ index 30938c1..bda3d5d 100644 printk(KERN_INFO "Write protecting the kernel text: %luk\n", size >> 10); diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c -index 7d095ad..f833fa2 100644 +index 7d095ad..704b879 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -123,7 +123,7 @@ static pud_t *fill_pud(pgd_t *pgd, unsigned long vaddr) @@ -28264,7 +28276,17 @@ index 7d095ad..f833fa2 100644 /* clear_bss() already clear the empty_zero_page */ reservedpages = 0; -@@ -861,8 +867,8 @@ int kern_addr_valid(unsigned long addr) +@@ -839,6 +845,9 @@ int kern_addr_valid(unsigned long addr) + if (pud_none(*pud)) + return 0; + ++ if (pud_large(*pud)) ++ return pfn_valid(pud_pfn(*pud)); ++ + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return 0; +@@ -861,8 +870,8 @@ int kern_addr_valid(unsigned long addr) static struct vm_area_struct gate_vma = { .vm_start = VSYSCALL_START, .vm_end = VSYSCALL_START + (VSYSCALL_MAPPED_PAGES * PAGE_SIZE), @@ -28275,7 +28297,7 @@ index 7d095ad..f833fa2 100644 }; struct vm_area_struct *get_gate_vma(struct task_struct *tsk) -@@ -896,7 +902,7 @@ int in_gate_area_no_task(unsigned long addr) +@@ -896,7 +905,7 @@ int in_gate_area_no_task(unsigned long addr) const char *arch_vma_name(struct vm_area_struct *vma) { @@ -63668,6 +63690,63 @@ index f450bc9..2b747c8 100644 result = hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); +diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c +index 07f69ee..32a818f 100644 +--- a/drivers/net/usb/usbnet.c ++++ b/drivers/net/usb/usbnet.c +@@ -331,6 +331,12 @@ static void rx_submit (struct usbnet *dev, struct urb *urb, gfp_t flags) + unsigned long lockflags; + size_t size = dev->rx_urb_size; + ++ /* prevent rx skb allocation when error ratio is high */ ++ if (test_bit(EVENT_RX_KILL, &dev->flags)) { ++ usb_free_urb(urb); ++ return -ENOLINK; ++ } ++ + if ((skb = alloc_skb (size + NET_IP_ALIGN, flags)) == NULL) { + if (netif_msg_rx_err (dev)) + devdbg (dev, "no rx skb"); +@@ -481,6 +487,17 @@ block: + break; + } + ++ /* stop rx if packet error rate is high */ ++ if (++dev->pkt_cnt > 30) { ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ } else { ++ if (state == rx_cleanup) ++ dev->pkt_err++; ++ if (dev->pkt_err > 20) ++ set_bit(EVENT_RX_KILL, &dev->flags); ++ } ++ + defer_bh(dev, skb, &dev->rxq); + + if (urb) { +@@ -762,6 +779,11 @@ int usbnet_open (struct net_device *net) + framing); + } + ++ /* reset rx error state */ ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // delay posting reads until we're fully open + tasklet_schedule (&dev->bh); + return retval; +@@ -1129,6 +1151,9 @@ static void usbnet_bh (unsigned long param) + } + } + ++ /* restart RX again after disabling due to high error rate */ ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // waiting for all pending urbs to complete? + if (dev->wait) { + if ((dev->txq.qlen + dev->rxq.qlen + dev->done.qlen) == 0) { diff --git a/drivers/net/vxge/vxge-config.c b/drivers/net/vxge/vxge-config.c index 9e94c4b..316ee65 100644 --- a/drivers/net/vxge/vxge-config.c @@ -99343,9 +99422,18 @@ index 379eaed..3471a57 100644 mode_t mode, struct proc_dir_entry *base, read_proc_t *read_proc, void * data) diff --git a/include/linux/ptrace.h b/include/linux/ptrace.h -index 7456d7d..6c1cfc9 100644 +index 7456d7d..0021b34 100644 --- a/include/linux/ptrace.h +++ b/include/linux/ptrace.h +@@ -87,7 +87,7 @@ extern int ptrace_writedata(struct task_struct *tsk, char __user *src, unsigned + extern int ptrace_attach(struct task_struct *tsk); + extern int ptrace_detach(struct task_struct *, unsigned int); + extern void ptrace_disable(struct task_struct *); +-extern int ptrace_check_attach(struct task_struct *task, int kill); ++extern int ptrace_check_attach(struct task_struct *task, bool ignore_state); + extern int ptrace_request(struct task_struct *child, long request, long addr, long data); + extern void ptrace_notify(int exit_code); + extern void __ptrace_link(struct task_struct *child, @@ -96,10 +96,10 @@ extern void __ptrace_unlink(struct task_struct *child); extern void exit_ptrace(struct task_struct *tracer); #define PTRACE_MODE_READ 1 @@ -99504,7 +99592,7 @@ index 14a86bc..17d0700 100644 /* * CONFIG_RELAY kernel API, kernel/relay.c diff --git a/include/linux/sched.h b/include/linux/sched.h -index 71849bf..fb7ea50 100644 +index 71849bf..a612150 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -101,6 +101,7 @@ struct bio; @@ -99776,7 +99864,25 @@ index 71849bf..fb7ea50 100644 return (obj >= stack) && (obj < (stack + THREAD_SIZE)); } -@@ -2616,6 +2726,23 @@ static inline unsigned long rlimit_max(unsigned int limit) +@@ -2459,7 +2569,16 @@ static inline void thread_group_cputime_free(struct signal_struct *sig) + extern void recalc_sigpending_and_wake(struct task_struct *t); + extern void recalc_sigpending(void); + +-extern void signal_wake_up(struct task_struct *t, int resume_stopped); ++extern void signal_wake_up_state(struct task_struct *t, unsigned int state); ++ ++static inline void signal_wake_up(struct task_struct *t, bool resume) ++{ ++ signal_wake_up_state(t, resume ? TASK_WAKEKILL : 0); ++} ++static inline void ptrace_signal_wake_up(struct task_struct *t, bool resume) ++{ ++ signal_wake_up_state(t, resume ? __TASK_TRACED : 0); ++} + + /* + * Wrappers for p->thread_info->cpu access. No-op on UP. +@@ -2616,6 +2735,23 @@ static inline unsigned long rlimit_max(unsigned int limit) return task_rlimit_max(current, limit); } @@ -100777,6 +100883,26 @@ index a34fa89..ef176bc 100644 unsigned long active_duration; +diff --git a/include/linux/usb/usbnet.h b/include/linux/usb/usbnet.h +index f814730..61d9ec3 100644 +--- a/include/linux/usb/usbnet.h ++++ b/include/linux/usb/usbnet.h +@@ -33,6 +33,7 @@ struct usbnet { + wait_queue_head_t *wait; + struct mutex phy_mutex; + unsigned char suspend_count; ++ unsigned char pkt_cnt, pkt_err; + + /* i/o info: pipes etc */ + unsigned in, out; +@@ -65,6 +66,7 @@ struct usbnet { + # define EVENT_STS_SPLIT 3 + # define EVENT_LINK_RESET 4 + # define EVENT_RX_PAUSED 5 ++# define EVENT_RX_KILL 10 + }; + + static inline struct usb_driver *driver_of(struct usb_interface *intf) diff --git a/include/linux/vermagic.h b/include/linux/vermagic.h index 79b9837..b5a56f9 100644 --- a/include/linux/vermagic.h @@ -105817,10 +105943,114 @@ index dfadc5b..7f59404 100644 } diff --git a/kernel/ptrace.c b/kernel/ptrace.c -index 05625f6..702665c 100644 +index 05625f6..741869b 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c -@@ -117,7 +117,8 @@ int ptrace_check_attach(struct task_struct *child, int kill) +@@ -56,7 +56,7 @@ static void ptrace_untrace(struct task_struct *child) + child->signal->group_stop_count) + __set_task_state(child, TASK_STOPPED); + else +- signal_wake_up(child, 1); ++ ptrace_signal_wake_up(child, true); + } + spin_unlock(&child->sighand->siglock); + } +@@ -80,10 +80,54 @@ void __ptrace_unlink(struct task_struct *child) + ptrace_untrace(child); + } + +-/* +- * Check that we have indeed attached to the thing.. ++/* Ensure that nothing can wake it up, even SIGKILL */ ++static bool ptrace_freeze_traced(struct task_struct *task) ++{ ++ bool ret = false; ++ ++ spin_lock_irq(&task->sighand->siglock); ++ if (task_is_traced(task) && !__fatal_signal_pending(task)) { ++ task->state = __TASK_TRACED; ++ ret = true; ++ } ++ spin_unlock_irq(&task->sighand->siglock); ++ ++ return ret; ++} ++ ++static void ptrace_unfreeze_traced(struct task_struct *task) ++{ ++ if (task->state != __TASK_TRACED) ++ return; ++ ++ WARN_ON(!task->ptrace || task->parent != current); ++ ++ spin_lock_irq(&task->sighand->siglock); ++ if (__fatal_signal_pending(task)) ++ wake_up_state(task, __TASK_TRACED); ++ else ++ task->state = TASK_TRACED; ++ spin_unlock_irq(&task->sighand->siglock); ++} ++ ++/** ++ * ptrace_check_attach - check whether ptracee is ready for ptrace operation ++ * @child: ptracee to check for ++ * @ignore_state: don't check whether @child is currently %TASK_TRACED ++ * ++ * Check whether @child is being ptraced by %current and ready for further ++ * ptrace operations. If @ignore_state is %false, @child also should be in ++ * %TASK_TRACED state and on return the child is guaranteed to be traced ++ * and not executing. If @ignore_state is %true, @child can be in any ++ * state. ++ * ++ * CONTEXT: ++ * Grabs and releases tasklist_lock and @child->sighand->siglock. ++ * ++ * RETURNS: ++ * 0 on success, -ESRCH if %child is not ready. + */ +-int ptrace_check_attach(struct task_struct *child, int kill) ++int ptrace_check_attach(struct task_struct *child, bool ignore_state) + { + int ret = -ESRCH; + +@@ -95,29 +139,34 @@ int ptrace_check_attach(struct task_struct *child, int kill) + * be changed by us so it's not changing right after this. + */ + read_lock(&tasklist_lock); +- if ((child->ptrace & PT_PTRACED) && child->parent == current) { +- ret = 0; ++ if (child->ptrace && child->parent == current) { ++ WARN_ON(child->state == __TASK_TRACED); + /* + * child->sighand can't be NULL, release_task() + * does ptrace_unlink() before __exit_signal(). + */ +- spin_lock_irq(&child->sighand->siglock); +- if (task_is_stopped(child)) +- child->state = TASK_TRACED; +- else if (!task_is_traced(child) && !kill) +- ret = -ESRCH; +- spin_unlock_irq(&child->sighand->siglock); ++ if (ignore_state || ptrace_freeze_traced(child)) ++ ret = 0; + } + read_unlock(&tasklist_lock); + +- if (!ret && !kill) +- ret = wait_task_inactive(child, TASK_TRACED) ? 0 : -ESRCH; ++ if (!ret && !ignore_state) { ++ if (!wait_task_inactive(child, __TASK_TRACED)) { ++ /* ++ * This can only happen if may_ptrace_stop() fails and ++ * ptrace_stop() changes ->state back to TASK_RUNNING, ++ * so we should not worry about leaking __TASK_TRACED. ++ */ ++ WARN_ON(child->state == __TASK_TRACED); ++ ret = -ESRCH; ++ } ++ } + +- /* All systems go.. */ return ret; } @@ -105830,7 +106060,7 @@ index 05625f6..702665c 100644 { const struct cred *cred = current_cred(), *tcred; -@@ -141,7 +142,9 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) +@@ -141,7 +190,9 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) cred->gid != tcred->egid || cred->gid != tcred->sgid || cred->gid != tcred->gid) && @@ -105841,7 +106071,7 @@ index 05625f6..702665c 100644 rcu_read_unlock(); return -EPERM; } -@@ -149,7 +152,9 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) +@@ -149,7 +200,9 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) smp_rmb(); if (task->mm) dumpable = get_dumpable(task->mm); @@ -105852,7 +106082,7 @@ index 05625f6..702665c 100644 return -EPERM; return security_ptrace_access_check(task, mode); -@@ -159,7 +164,16 @@ bool ptrace_may_access(struct task_struct *task, unsigned int mode) +@@ -159,7 +212,16 @@ bool ptrace_may_access(struct task_struct *task, unsigned int mode) { int err; task_lock(task); @@ -105870,7 +106100,7 @@ index 05625f6..702665c 100644 task_unlock(task); return !err; } -@@ -182,11 +196,11 @@ int ptrace_attach(struct task_struct *task) +@@ -182,11 +244,11 @@ int ptrace_attach(struct task_struct *task) * under ptrace. */ retval = -ERESTARTNOINTR; @@ -105884,7 +106114,7 @@ index 05625f6..702665c 100644 task_unlock(task); if (retval) goto unlock_creds; -@@ -199,7 +213,7 @@ int ptrace_attach(struct task_struct *task) +@@ -199,7 +261,7 @@ int ptrace_attach(struct task_struct *task) goto unlock_tasklist; task->ptrace = PT_PTRACED; @@ -105893,7 +106123,7 @@ index 05625f6..702665c 100644 task->ptrace |= PT_PTRACE_CAP; __ptrace_link(task, current); -@@ -209,7 +223,7 @@ int ptrace_attach(struct task_struct *task) +@@ -209,7 +271,7 @@ int ptrace_attach(struct task_struct *task) unlock_tasklist: write_unlock_irq(&tasklist_lock); unlock_creds: @@ -105902,7 +106132,7 @@ index 05625f6..702665c 100644 out: return retval; } -@@ -351,6 +365,8 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst +@@ -351,6 +413,8 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst { int copied = 0; @@ -105911,7 +106141,7 @@ index 05625f6..702665c 100644 while (len > 0) { char buf[128]; int this_len, retval; -@@ -376,6 +392,8 @@ int ptrace_writedata(struct task_struct *tsk, char __user *src, unsigned long ds +@@ -376,6 +440,8 @@ int ptrace_writedata(struct task_struct *tsk, char __user *src, unsigned long ds { int copied = 0; @@ -105920,7 +106150,16 @@ index 05625f6..702665c 100644 while (len > 0) { char buf[128]; int this_len, retval; -@@ -517,6 +535,8 @@ int ptrace_request(struct task_struct *child, long request, +@@ -506,7 +572,7 @@ static int ptrace_resume(struct task_struct *child, long request, long data) + } + + child->exit_code = data; +- wake_up_process(child); ++ wake_up_state(child, __TASK_TRACED); + + return 0; + } +@@ -517,6 +583,8 @@ int ptrace_request(struct task_struct *child, long request, int ret = -EIO; siginfo_t siginfo; @@ -105929,7 +106168,7 @@ index 05625f6..702665c 100644 switch (request) { case PTRACE_PEEKTEXT: case PTRACE_PEEKDATA: -@@ -532,18 +552,18 @@ int ptrace_request(struct task_struct *child, long request, +@@ -532,18 +600,18 @@ int ptrace_request(struct task_struct *child, long request, ret = ptrace_setoptions(child, data); break; case PTRACE_GETEVENTMSG: @@ -105951,7 +106190,7 @@ index 05625f6..702665c 100644 sizeof siginfo)) ret = -EFAULT; else -@@ -621,14 +641,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, long, addr, long, data) +@@ -621,14 +689,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, long, addr, long, data) goto out; } @@ -105974,7 +106213,16 @@ index 05625f6..702665c 100644 goto out_put_task_struct; } -@@ -653,7 +680,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, long addr, long data) +@@ -637,6 +712,8 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, long, addr, long, data) + goto out_put_task_struct; + + ret = arch_ptrace(child, request, addr, data); ++ if (ret || request != PTRACE_DETACH) ++ ptrace_unfreeze_traced(child); + + out_put_task_struct: + put_task_struct(child); +@@ -653,7 +730,7 @@ int generic_ptrace_peekdata(struct task_struct *tsk, long addr, long data) copied = access_process_vm(tsk, addr, &tmp, sizeof(tmp), 0); if (copied != sizeof(tmp)) return -EIO; @@ -105983,7 +106231,7 @@ index 05625f6..702665c 100644 } int generic_ptrace_pokedata(struct task_struct *tsk, long addr, long data) -@@ -675,6 +702,8 @@ int compat_ptrace_request(struct task_struct *child, compat_long_t request, +@@ -675,6 +752,8 @@ int compat_ptrace_request(struct task_struct *child, compat_long_t request, siginfo_t siginfo; int ret; @@ -105992,7 +106240,7 @@ index 05625f6..702665c 100644 switch (request) { case PTRACE_PEEKTEXT: case PTRACE_PEEKDATA: -@@ -740,14 +769,21 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, +@@ -740,20 +819,30 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, goto out; } @@ -106015,6 +106263,16 @@ index 05625f6..702665c 100644 goto out_put_task_struct; } + ret = ptrace_check_attach(child, request == PTRACE_KILL); +- if (!ret) ++ if (!ret) { + ret = compat_arch_ptrace(child, request, addr, data); ++ if (ret || request != PTRACE_DETACH) ++ ptrace_unfreeze_traced(child); ++ } + + out_put_task_struct: + put_task_struct(child); diff --git a/kernel/rcutorture.c b/kernel/rcutorture.c index 697c0a0..2402696 100644 --- a/kernel/rcutorture.c @@ -106448,7 +106706,7 @@ index 0591df8..dcf3f9f 100644 if (cpu != group_first_cpu(sd->groups)) return; diff --git a/kernel/signal.c b/kernel/signal.c -index 2494827..cda80a0 100644 +index 2494827..02e4288 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -41,12 +41,12 @@ @@ -106494,7 +106752,34 @@ index 2494827..cda80a0 100644 if (is_global_init(tsk)) return 1; if (handler != SIG_IGN && handler != SIG_DFL) -@@ -627,6 +630,13 @@ static int check_kill_permission(int sig, struct siginfo *info, +@@ -513,23 +516,17 @@ int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info) + * No need to set need_resched since signal event passing + * goes through ->blocked + */ +-void signal_wake_up(struct task_struct *t, int resume) ++void signal_wake_up_state(struct task_struct *t, unsigned int state) + { +- unsigned int mask; +- + set_tsk_thread_flag(t, TIF_SIGPENDING); +- + /* +- * For SIGKILL, we want to wake it up in the stopped/traced/killable ++ * TASK_WAKEKILL also means wake it up in the stopped/traced/killable + * case. We don't check t->state here because there is a race with it + * executing another processor and just now entering stopped state. + * By using wake_up_state, we ensure the process will wake up and + * handle its death signal. + */ +- mask = TASK_INTERRUPTIBLE; +- if (resume) +- mask |= TASK_WAKEKILL; +- if (!wake_up_state(t, mask)) ++ if (!wake_up_state(t, state | TASK_INTERRUPTIBLE)) + kick_process(t); + } + +@@ -627,6 +624,13 @@ static int check_kill_permission(int sig, struct siginfo *info, } } @@ -106508,7 +106793,7 @@ index 2494827..cda80a0 100644 return security_task_kill(t, info, sig, 0); } -@@ -968,7 +978,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -968,7 +972,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) return send_signal(sig, info, p, 1); } @@ -106517,7 +106802,7 @@ index 2494827..cda80a0 100644 specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) { return send_signal(sig, info, t, 0); -@@ -1005,6 +1015,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1005,6 +1009,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) unsigned long int flags; int ret, blocked, ignored; struct k_sigaction *action; @@ -106525,7 +106810,7 @@ index 2494827..cda80a0 100644 spin_lock_irqsave(&t->sighand->siglock, flags); action = &t->sighand->action[sig-1]; -@@ -1019,9 +1030,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1019,9 +1024,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) } if (action->sa.sa_handler == SIG_DFL) t->signal->flags &= ~SIGNAL_UNKILLABLE; @@ -106544,7 +106829,7 @@ index 2494827..cda80a0 100644 return ret; } -@@ -1081,8 +1101,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -1081,8 +1095,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) { int ret = check_kill_permission(sig, info, p); @@ -106557,6 +106842,26 @@ index 2494827..cda80a0 100644 return ret; } +@@ -1530,6 +1547,10 @@ static inline int may_ptrace_stop(void) + * If SIGKILL was already sent before the caller unlocked + * ->siglock we must see ->core_state != NULL. Otherwise it + * is safe to enter schedule(). ++ * ++ * This is almost outdated, a task with the pending SIGKILL can't ++ * block in TASK_TRACED. But PTRACE_EVENT_EXIT can be reported ++ * after SIGKILL was already dequeued. + */ + if (unlikely(current->mm->core_state) && + unlikely(current->mm == current->parent->mm)) +@@ -1611,6 +1632,8 @@ static void ptrace_stop(int exit_code, int clear_code, siginfo_t *info) + * By the time we got the lock, our tracer went away. + * Don't drop the lock yet, another tracer may come. + */ ++ ++ /* tasklist protects us from ptrace_freeze_traced() */ + __set_current_state(TASK_RUNNING); + if (clear_code) + current->exit_code = 0; @@ -1644,6 +1667,8 @@ void ptrace_notify(int exit_code) { siginfo_t info; @@ -116780,9 +117085,18 @@ index 713ac59..306f6ae 100644 ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); diff --git a/net/sctp/auth.c b/net/sctp/auth.c -index 914c419..7a16d2c 100644 +index 914c419..1b055b5 100644 --- a/net/sctp/auth.c +++ b/net/sctp/auth.c +@@ -70,7 +70,7 @@ void sctp_auth_key_put(struct sctp_auth_bytes *key) + return; + + if (atomic_dec_and_test(&key->refcnt)) { +- kfree(key); ++ kzfree(key); + SCTP_DBG_OBJCNT_DEC(keys); + } + } @@ -81,7 +81,7 @@ static struct sctp_auth_bytes *sctp_auth_create_key(__u32 key_len, gfp_t gfp) struct sctp_auth_bytes *key; @@ -116824,6 +117138,29 @@ index acf7c4d..b29621d 100644 errout: list_for_each_safe(pos, temp, &msg->chunks) { list_del_init(pos); +diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c +index 905fda5..ca48660 100644 +--- a/net/sctp/endpointola.c ++++ b/net/sctp/endpointola.c +@@ -249,6 +249,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep) + /* Final destructor for endpoint. */ + static void sctp_endpoint_destroy(struct sctp_endpoint *ep) + { ++ int i; ++ + SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); + + /* Free up the HMAC transform. */ +@@ -271,6 +273,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) + sctp_inq_free(&ep->base.inqueue); + sctp_bind_addr_free(&ep->base.bind_addr); + ++ for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i) ++ memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE); ++ + /* Remove and free the port */ + if (sctp_sk(ep->base.sk)->bind_hash) + sctp_put_port(ep->base.sk); diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index bb280e6..747720f 100644 --- a/net/sctp/ipv6.c @@ -116896,9 +117233,18 @@ index 619f965..bed845a 100644 static int sctp_v4_protosw_init(void) diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 1f9843e..9cd0edd 100644 +index 1f9843e..5e9fd60 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c +@@ -3271,7 +3271,7 @@ static int sctp_setsockopt_auth_key(struct sock *sk, + + ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey); + out: +- kfree(authkey); ++ kzfree(authkey); + return ret; + } + @@ -5810,7 +5810,6 @@ pp_found: */ int reuse = sk->sk_reuse; diff --git a/3.2.38/0000_README b/3.2.38/0000_README index 89389cb..2b340f4 100644 --- a/3.2.38/0000_README +++ b/3.2.38/0000_README @@ -70,7 +70,7 @@ Patch: 1037_linux-3.2.38.patch From: http://www.kernel.org Desc: Linux 3.2.38 -Patch: 4420_grsecurity-2.9.1-3.2.38-201302092140.patch +Patch: 4420_grsecurity-2.9.1-3.2.38-201302151927.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.2.38/4420_grsecurity-2.9.1-3.2.38-201302092140.patch b/3.2.38/4420_grsecurity-2.9.1-3.2.38-201302151927.patch index e28938e..dbf3f8b 100644 --- a/3.2.38/4420_grsecurity-2.9.1-3.2.38-201302092140.patch +++ b/3.2.38/4420_grsecurity-2.9.1-3.2.38-201302151927.patch @@ -11863,7 +11863,7 @@ index cb00ccc..17e9054 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index 884507e..d9137ab 100644 +index 884507e..4afeb15 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -44,6 +44,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); @@ -11926,7 +11926,19 @@ index 884507e..d9137ab 100644 static inline int pte_dirty(pte_t pte) { return pte_flags(pte) & _PAGE_DIRTY; -@@ -195,9 +235,29 @@ static inline pte_t pte_wrprotect(pte_t pte) +@@ -142,6 +182,11 @@ static inline unsigned long pmd_pfn(pmd_t pmd) + return (pmd_val(pmd) & PTE_PFN_MASK) >> PAGE_SHIFT; + } + ++static inline unsigned long pud_pfn(pud_t pud) ++{ ++ return (pud_val(pud) & PTE_PFN_MASK) >> PAGE_SHIFT; ++} ++ + #define pte_page(pte) pfn_to_page(pte_pfn(pte)) + + static inline int pmd_large(pmd_t pte) +@@ -195,9 +240,29 @@ static inline pte_t pte_wrprotect(pte_t pte) return pte_clear_flags(pte, _PAGE_RW); } @@ -11957,7 +11969,7 @@ index 884507e..d9137ab 100644 } static inline pte_t pte_mkdirty(pte_t pte) -@@ -389,6 +449,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); +@@ -389,6 +454,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); #endif #ifndef __ASSEMBLY__ @@ -11973,7 +11985,7 @@ index 884507e..d9137ab 100644 #include <linux/mm_types.h> static inline int pte_none(pte_t pte) -@@ -565,7 +634,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) +@@ -565,7 +639,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) static inline int pgd_bad(pgd_t pgd) { @@ -11982,7 +11994,7 @@ index 884507e..d9137ab 100644 } static inline int pgd_none(pgd_t pgd) -@@ -588,7 +657,12 @@ static inline int pgd_none(pgd_t pgd) +@@ -588,7 +662,12 @@ static inline int pgd_none(pgd_t pgd) * pgd_offset() returns a (pgd_t *) * pgd_index() is used get the offset into the pgd page's array of pgd_t's; */ @@ -11996,7 +12008,7 @@ index 884507e..d9137ab 100644 /* * a shortcut which implies the use of the kernel's pgd, instead * of a process's -@@ -599,6 +673,20 @@ static inline int pgd_none(pgd_t pgd) +@@ -599,6 +678,20 @@ static inline int pgd_none(pgd_t pgd) #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) @@ -12017,7 +12029,7 @@ index 884507e..d9137ab 100644 #ifndef __ASSEMBLY__ extern int direct_gbpages; -@@ -763,11 +851,23 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, +@@ -763,11 +856,23 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, * dst and src can be on the same page, but the range must not overlap, * and must not cross a page boundary. */ @@ -26046,7 +26058,7 @@ index 29f7c6d..b46b35b 100644 printk(KERN_INFO "Write protecting the kernel text: %luk\n", size >> 10); diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c -index bbaaa00..020e913 100644 +index bbaaa00..b5cb517 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -75,7 +75,7 @@ early_param("gbpages", parse_direct_gbpages_on); @@ -26194,7 +26206,17 @@ index bbaaa00..020e913 100644 /* clear_bss() already clear the empty_zero_page */ reservedpages = 0; -@@ -853,8 +873,8 @@ int kern_addr_valid(unsigned long addr) +@@ -831,6 +851,9 @@ int kern_addr_valid(unsigned long addr) + if (pud_none(*pud)) + return 0; + ++ if (pud_large(*pud)) ++ return pfn_valid(pud_pfn(*pud)); ++ + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return 0; +@@ -853,8 +876,8 @@ int kern_addr_valid(unsigned long addr) static struct vm_area_struct gate_vma = { .vm_start = VSYSCALL_START, .vm_end = VSYSCALL_START + (VSYSCALL_MAPPED_PAGES * PAGE_SIZE), @@ -26205,7 +26227,7 @@ index bbaaa00..020e913 100644 }; struct vm_area_struct *get_gate_vma(struct mm_struct *mm) -@@ -888,7 +908,7 @@ int in_gate_area_no_mm(unsigned long addr) +@@ -888,7 +911,7 @@ int in_gate_area_no_mm(unsigned long addr) const char *arch_vma_name(struct vm_area_struct *vma) { @@ -37341,6 +37363,22 @@ index 4c8e199..f7f5587 100644 if (!q_vector->rxr_count) return IRQ_HANDLED; +diff --git a/drivers/net/ethernet/mellanox/mlx4/eq.c b/drivers/net/ethernet/mellanox/mlx4/eq.c +index 24ee967..b5c9b99 100644 +--- a/drivers/net/ethernet/mellanox/mlx4/eq.c ++++ b/drivers/net/ethernet/mellanox/mlx4/eq.c +@@ -570,8 +570,9 @@ int mlx4_init_eq_table(struct mlx4_dev *dev) + int err; + int i; + +- priv->eq_table.uar_map = kcalloc(sizeof *priv->eq_table.uar_map, +- mlx4_num_eq_uar(dev), GFP_KERNEL); ++ priv->eq_table.uar_map = kcalloc(mlx4_num_eq_uar(dev), ++ sizeof *priv->eq_table.uar_map, ++ GFP_KERNEL); + if (!priv->eq_table.uar_map) { + err = -ENOMEM; + goto err_out_free; diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c index 94bbc85..78c12e6 100644 --- a/drivers/net/ethernet/mellanox/mlx4/main.c @@ -37782,6 +37820,63 @@ index 304fe78..db112fa 100644 result = hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); +diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c +index dc53a8f..2b66cc1 100644 +--- a/drivers/net/usb/usbnet.c ++++ b/drivers/net/usb/usbnet.c +@@ -344,6 +344,12 @@ static int rx_submit (struct usbnet *dev, struct urb *urb, gfp_t flags) + unsigned long lockflags; + size_t size = dev->rx_urb_size; + ++ /* prevent rx skb allocation when error ratio is high */ ++ if (test_bit(EVENT_RX_KILL, &dev->flags)) { ++ usb_free_urb(urb); ++ return -ENOLINK; ++ } ++ + if ((skb = alloc_skb (size + NET_IP_ALIGN, flags)) == NULL) { + netif_dbg(dev, rx_err, dev->net, "no rx skb\n"); + usbnet_defer_kevent (dev, EVENT_RX_MEMORY); +@@ -503,6 +509,17 @@ block: + break; + } + ++ /* stop rx if packet error rate is high */ ++ if (++dev->pkt_cnt > 30) { ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ } else { ++ if (state == rx_cleanup) ++ dev->pkt_err++; ++ if (dev->pkt_err > 20) ++ set_bit(EVENT_RX_KILL, &dev->flags); ++ } ++ + state = defer_bh(dev, skb, &dev->rxq, state); + + if (urb) { +@@ -789,6 +806,11 @@ int usbnet_open (struct net_device *net) + (dev->driver_info->flags & FLAG_FRAMING_AX) ? "ASIX" : + "simple"); + ++ /* reset rx error state */ ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // delay posting reads until we're fully open + tasklet_schedule (&dev->bh); + if (info->manage_power) { +@@ -1227,6 +1249,9 @@ static void usbnet_bh (unsigned long param) + } + } + ++ /* restart RX again after disabling due to high error rate */ ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // waiting for all pending urbs to complete? + if (dev->wait) { + if ((dev->txq.qlen + dev->rxq.qlen + dev->done.qlen) == 0) { diff --git a/drivers/net/vmxnet3/vmxnet3_ethtool.c b/drivers/net/vmxnet3/vmxnet3_ethtool.c index e662cbc..8d4a102 100644 --- a/drivers/net/vmxnet3/vmxnet3_ethtool.c @@ -66754,7 +66849,7 @@ index 2148b12..519b820 100644 static inline void anon_vma_merge(struct vm_area_struct *vma, diff --git a/include/linux/sched.h b/include/linux/sched.h -index 1e86bb4..d87a793 100644 +index 1e86bb4..bcc2c30 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -101,6 +101,7 @@ struct bio_list; @@ -67017,6 +67112,24 @@ index 1e86bb4..d87a793 100644 return (obj >= stack) && (obj < (stack + THREAD_SIZE)); } +@@ -2597,7 +2713,16 @@ static inline void thread_group_cputime_init(struct signal_struct *sig) + extern void recalc_sigpending_and_wake(struct task_struct *t); + extern void recalc_sigpending(void); + +-extern void signal_wake_up(struct task_struct *t, int resume_stopped); ++extern void signal_wake_up_state(struct task_struct *t, unsigned int state); ++ ++static inline void signal_wake_up(struct task_struct *t, bool resume) ++{ ++ signal_wake_up_state(t, resume ? TASK_WAKEKILL : 0); ++} ++static inline void ptrace_signal_wake_up(struct task_struct *t, bool resume) ++{ ++ signal_wake_up_state(t, resume ? __TASK_TRACED : 0); ++} + + /* + * Wrappers for p->thread_info->cpu access. No-op on UP. diff --git a/include/linux/screen_info.h b/include/linux/screen_info.h index 899fbb4..1cb4138 100644 --- a/include/linux/screen_info.h @@ -67757,6 +67870,27 @@ index e5a40c3..d75f068 100644 /* * callback functions for platform +diff --git a/include/linux/usb/usbnet.h b/include/linux/usb/usbnet.h +index 76f4396..3e0a4a8 100644 +--- a/include/linux/usb/usbnet.h ++++ b/include/linux/usb/usbnet.h +@@ -33,6 +33,7 @@ struct usbnet { + wait_queue_head_t *wait; + struct mutex phy_mutex; + unsigned char suspend_count; ++ unsigned char pkt_cnt, pkt_err; + + /* i/o info: pipes etc */ + unsigned in, out; +@@ -69,6 +70,8 @@ struct usbnet { + # define EVENT_DEV_WAKING 6 + # define EVENT_DEV_ASLEEP 7 + # define EVENT_DEV_OPEN 8 ++# define EVENT_NO_RUNTIME_PM 9 ++# define EVENT_RX_KILL 10 + }; + + static inline struct usb_driver *driver_of(struct usb_interface *intf) diff --git a/include/linux/vermagic.h b/include/linux/vermagic.h index 6f8fbcf..8259001 100644 --- a/include/linux/vermagic.h @@ -72144,10 +72278,16 @@ index 76b8e77..a2930e8 100644 } diff --git a/kernel/ptrace.c b/kernel/ptrace.c -index 78ab24a..f8e2cdc 100644 +index 78ab24a..5333587 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c -@@ -122,6 +122,40 @@ void __ptrace_unlink(struct task_struct *child) +@@ -117,11 +117,45 @@ void __ptrace_unlink(struct task_struct *child) + * TASK_KILLABLE sleeps. + */ + if (child->jobctl & JOBCTL_STOP_PENDING || task_is_traced(child)) +- signal_wake_up(child, task_is_traced(child)); ++ ptrace_signal_wake_up(child, true); + spin_unlock(&child->sighand->siglock); } @@ -72295,6 +72435,15 @@ index 78ab24a..f8e2cdc 100644 task->ptrace |= PT_PTRACE_CAP; __ptrace_link(task, current); +@@ -307,7 +364,7 @@ static int ptrace_attach(struct task_struct *task, long request, + */ + if (task_is_stopped(task) && + task_set_jobctl_pending(task, JOBCTL_TRAP_STOP | JOBCTL_TRAPPING)) +- signal_wake_up(task, 1); ++ signal_wake_up_state(task, __TASK_STOPPED); + + spin_unlock(&task->sighand->siglock); + @@ -483,7 +540,7 @@ int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst break; return -EIO; @@ -72313,6 +72462,24 @@ index 78ab24a..f8e2cdc 100644 unsigned long __user *datalp = datavp; unsigned long flags; +@@ -736,7 +793,7 @@ int ptrace_request(struct task_struct *child, long request, + * tracee into STOP. + */ + if (likely(task_set_jobctl_pending(child, JOBCTL_TRAP_STOP))) +- signal_wake_up(child, child->jobctl & JOBCTL_LISTENING); ++ ptrace_signal_wake_up(child, child->jobctl & JOBCTL_LISTENING); + + unlock_task_sighand(child, &flags); + ret = 0; +@@ -762,7 +819,7 @@ int ptrace_request(struct task_struct *child, long request, + * start of this trap and now. Trigger re-trap. + */ + if (child->jobctl & JOBCTL_TRAP_NOTIFY) +- signal_wake_up(child, true); ++ ptrace_signal_wake_up(child, true); + ret = 0; + } + unlock_task_sighand(child, &flags); @@ -882,14 +939,21 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, goto out; } @@ -72977,7 +73144,7 @@ index 66e4576..d05c6d5 100644 int this_cpu = smp_processor_id(); struct rq *this_rq = cpu_rq(this_cpu); diff --git a/kernel/signal.c b/kernel/signal.c -index 08e0b97..e3ad9b7 100644 +index 08e0b97..4dc47a0 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -45,12 +45,12 @@ static struct kmem_cache *sigqueue_cachep; @@ -73023,7 +73190,34 @@ index 08e0b97..e3ad9b7 100644 if (is_global_init(tsk)) return 1; if (handler != SIG_IGN && handler != SIG_DFL) -@@ -815,6 +818,13 @@ static int check_kill_permission(int sig, struct siginfo *info, +@@ -676,23 +679,17 @@ int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info) + * No need to set need_resched since signal event passing + * goes through ->blocked + */ +-void signal_wake_up(struct task_struct *t, int resume) ++void signal_wake_up_state(struct task_struct *t, unsigned int state) + { +- unsigned int mask; +- + set_tsk_thread_flag(t, TIF_SIGPENDING); +- + /* +- * For SIGKILL, we want to wake it up in the stopped/traced/killable ++ * TASK_WAKEKILL also means wake it up in the stopped/traced/killable + * case. We don't check t->state here because there is a race with it + * executing another processor and just now entering stopped state. + * By using wake_up_state, we ensure the process will wake up and + * handle its death signal. + */ +- mask = TASK_INTERRUPTIBLE; +- if (resume) +- mask |= TASK_WAKEKILL; +- if (!wake_up_state(t, mask)) ++ if (!wake_up_state(t, state | TASK_INTERRUPTIBLE)) + kick_process(t); + } + +@@ -815,6 +812,13 @@ static int check_kill_permission(int sig, struct siginfo *info, } } @@ -73037,7 +73231,16 @@ index 08e0b97..e3ad9b7 100644 return security_task_kill(t, info, sig, 0); } -@@ -1165,7 +1175,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -841,7 +845,7 @@ static void ptrace_trap_notify(struct task_struct *t) + assert_spin_locked(&t->sighand->siglock); + + task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY); +- signal_wake_up(t, t->jobctl & JOBCTL_LISTENING); ++ ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING); + } + + /* +@@ -1165,7 +1169,7 @@ __group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) return send_signal(sig, info, p, 1); } @@ -73046,7 +73249,7 @@ index 08e0b97..e3ad9b7 100644 specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t) { return send_signal(sig, info, t, 0); -@@ -1202,6 +1212,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1202,6 +1206,7 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) unsigned long int flags; int ret, blocked, ignored; struct k_sigaction *action; @@ -73054,7 +73257,7 @@ index 08e0b97..e3ad9b7 100644 spin_lock_irqsave(&t->sighand->siglock, flags); action = &t->sighand->action[sig-1]; -@@ -1216,9 +1227,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) +@@ -1216,9 +1221,18 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t) } if (action->sa.sa_handler == SIG_DFL) t->signal->flags &= ~SIGNAL_UNKILLABLE; @@ -73073,7 +73276,7 @@ index 08e0b97..e3ad9b7 100644 return ret; } -@@ -1285,8 +1305,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) +@@ -1285,8 +1299,11 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p) ret = check_kill_permission(sig, info, p); rcu_read_unlock(); @@ -73086,7 +73289,7 @@ index 08e0b97..e3ad9b7 100644 return ret; } -@@ -1765,6 +1788,10 @@ static inline int may_ptrace_stop(void) +@@ -1765,6 +1782,10 @@ static inline int may_ptrace_stop(void) * If SIGKILL was already sent before the caller unlocked * ->siglock we must see ->core_state != NULL. Otherwise it * is safe to enter schedule(). @@ -73097,7 +73300,7 @@ index 08e0b97..e3ad9b7 100644 */ if (unlikely(current->mm->core_state) && unlikely(current->mm == current->parent->mm)) -@@ -1890,6 +1917,7 @@ static void ptrace_stop(int exit_code, int why, int clear_code, siginfo_t *info) +@@ -1890,6 +1911,7 @@ static void ptrace_stop(int exit_code, int why, int clear_code, siginfo_t *info) if (gstop_done) do_notify_parent_cldstop(current, false, why); @@ -73105,7 +73308,7 @@ index 08e0b97..e3ad9b7 100644 __set_current_state(TASK_RUNNING); if (clear_code) current->exit_code = 0; -@@ -2763,7 +2791,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) +@@ -2763,7 +2785,15 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info) int error = -ESRCH; rcu_read_lock(); @@ -82892,7 +83095,7 @@ index f156382..95ce7ba 100644 *uaddr_len = sizeof(struct sockaddr_ax25); } diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index 85afc13..f8c880b 100644 +index 85afc13..d9fb2db 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -1684,7 +1684,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, @@ -82913,7 +83116,27 @@ index 85afc13..f8c880b 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -2621,6 +2621,7 @@ out: +@@ -2422,13 +2422,15 @@ static int packet_release(struct socket *sock) + + packet_flush_mclist(sk); + +- memset(&req_u, 0, sizeof(req_u)); +- +- if (po->rx_ring.pg_vec) ++ if (po->rx_ring.pg_vec) { ++ memset(&req_u, 0, sizeof(req_u)); + packet_set_ring(sk, &req_u, 1, 0); ++ } + +- if (po->tx_ring.pg_vec) ++ if (po->tx_ring.pg_vec) { ++ memset(&req_u, 0, sizeof(req_u)); + packet_set_ring(sk, &req_u, 1, 1); ++ } + + fanout_release(sk); + +@@ -2621,6 +2623,7 @@ out: static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) { @@ -82921,7 +83144,7 @@ index 85afc13..f8c880b 100644 struct sock_exterr_skb *serr; struct sk_buff *skb, *skb2; int copied, err; -@@ -2642,8 +2643,9 @@ static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) +@@ -2642,8 +2645,9 @@ static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) sock_recv_timestamp(msg, sk, skb); serr = SKB_EXT_ERR(skb); @@ -82932,7 +83155,7 @@ index 85afc13..f8c880b 100644 msg->msg_flags |= MSG_ERRQUEUE; err = copied; -@@ -3274,7 +3276,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3274,7 +3278,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -82941,7 +83164,7 @@ index 85afc13..f8c880b 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3324,7 +3326,11 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3324,7 +3328,11 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, if (put_user(len, optlen)) return -EFAULT; @@ -83462,6 +83685,42 @@ index 7635107..4670276 100644 _proto("Tx RESPONSE %%%u", ntohl(hdr->serial)); ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); +diff --git a/net/sctp/auth.c b/net/sctp/auth.c +index bf81204..333926d 100644 +--- a/net/sctp/auth.c ++++ b/net/sctp/auth.c +@@ -71,7 +71,7 @@ void sctp_auth_key_put(struct sctp_auth_bytes *key) + return; + + if (atomic_dec_and_test(&key->refcnt)) { +- kfree(key); ++ kzfree(key); + SCTP_DBG_OBJCNT_DEC(keys); + } + } +diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c +index c8cc24e..dbe5870a 100644 +--- a/net/sctp/endpointola.c ++++ b/net/sctp/endpointola.c +@@ -248,6 +248,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep) + /* Final destructor for endpoint. */ + static void sctp_endpoint_destroy(struct sctp_endpoint *ep) + { ++ int i; ++ + SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); + + /* Free up the HMAC transform. */ +@@ -270,6 +272,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) + sctp_inq_free(&ep->base.inqueue); + sctp_bind_addr_free(&ep->base.bind_addr); + ++ for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i) ++ memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE); ++ + /* Remove and free the port */ + if (sctp_sk(ep->base.sk)->bind_hash) + sctp_put_port(ep->base.sk); diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 8104278..631330b 100644 --- a/net/sctp/ipv6.c @@ -83516,9 +83775,18 @@ index 6f6ad86..f80bd85 100644 static int sctp_v4_protosw_init(void) diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index fa8333b..7382d42 100644 +index fa8333b..8633998 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c +@@ -3375,7 +3375,7 @@ static int sctp_setsockopt_auth_key(struct sock *sk, + + ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey); + out: +- kfree(authkey); ++ kzfree(authkey); + return ret; + } + @@ -4583,6 +4583,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len; if (space_left < addrlen) @@ -86821,12 +87089,12 @@ index 0000000..d41b5af +} diff --git a/tools/gcc/colorize_plugin.c b/tools/gcc/colorize_plugin.c new file mode 100644 -index 0000000..846aeb0 +index 0000000..414fe5e --- /dev/null +++ b/tools/gcc/colorize_plugin.c -@@ -0,0 +1,148 @@ +@@ -0,0 +1,151 @@ +/* -+ * Copyright 2012 by PaX Team <pageexec@freemail.hu> ++ * Copyright 2012-2013 by PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -86855,7 +87123,7 @@ index 0000000..846aeb0 +int plugin_is_GPL_compatible; + +static struct plugin_info colorize_plugin_info = { -+ .version = "201203092200", ++ .version = "201302112000", + .help = NULL, +}; + @@ -86934,6 +87202,9 @@ index 0000000..846aeb0 + .pass = { + .type = SIMPLE_IPA_PASS, + .name = "colorize_rearm", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = execute_colorize_rearm, + .sub = NULL, @@ -86975,10 +87246,10 @@ index 0000000..846aeb0 +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..1742271 +index 0000000..c415c9d --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,349 @@ +@@ -0,0 +1,359 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2013 by PaX Team <pageexec@freemail.hu> @@ -87019,7 +87290,7 @@ index 0000000..1742271 +int plugin_is_GPL_compatible; + +static struct plugin_info const_plugin_info = { -+ .version = "201301150230", ++ .version = "201302112000", + .help = "no-constify\tturn off constification\n", +}; + @@ -87241,16 +87512,23 @@ index 0000000..1742271 +{ + unsigned int ret = 0; + tree var; -+ referenced_var_iterator rvi; + +#if BUILDING_GCC_VERSION == 4005 -+ FOR_EACH_REFERENCED_VAR(var, rvi) { ++ tree vars; +#else -+ FOR_EACH_REFERENCED_VAR(cfun, var, rvi) { ++ unsigned int i; ++#endif ++ ++#if BUILDING_GCC_VERSION == 4005 ++ for (vars = cfun->local_decls; vars; vars = TREE_CHAIN(vars)) { ++ var = TREE_VALUE(vars); ++#else ++ FOR_EACH_LOCAL_DECL(cfun, i, var) { +#endif + tree type = TREE_TYPE(var); + -+ if (!DECL_P(var) || TREE_STATIC(var) || DECL_EXTERNAL(var)) ++ gcc_assert(DECL_P(var)); ++ if (is_global_var(var)) + continue; + + if (TREE_CODE(type) != RECORD_TYPE && TREE_CODE(type) != UNION_TYPE) @@ -87262,8 +87540,8 @@ index 0000000..1742271 +// if (lookup_attribute("no_const", DECL_ATTRIBUTES(var))) +// continue; + -+// if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) -+// continue; ++ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) ++ continue; + + if (walk_struct(type)) { + error_at(DECL_SOURCE_LOCATION(var), "constified variable %qE cannot be local", var); @@ -87277,6 +87555,9 @@ index 0000000..1742271 + { + .type = GIMPLE_PASS, + .name = "check_local_variables", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = check_local_variables, + .sub = NULL, @@ -87430,12 +87711,12 @@ index 0000000..e518932 +exit 0 diff --git a/tools/gcc/kallocstat_plugin.c b/tools/gcc/kallocstat_plugin.c new file mode 100644 -index 0000000..a86e422 +index 0000000..568b360 --- /dev/null +++ b/tools/gcc/kallocstat_plugin.c -@@ -0,0 +1,167 @@ +@@ -0,0 +1,170 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -87487,7 +87768,7 @@ index 0000000..a86e422 +}; + +static struct plugin_info kallocstat_plugin_info = { -+ .version = "201111150100", ++ .version = "201302112000", +}; + +static unsigned int execute_kallocstat(void); @@ -87496,6 +87777,9 @@ index 0000000..a86e422 + .pass = { + .type = GIMPLE_PASS, + .name = "kallocstat", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = execute_kallocstat, + .sub = NULL, @@ -87603,12 +87887,12 @@ index 0000000..a86e422 +} diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c new file mode 100644 -index 0000000..8856202 +index 0000000..0408e06 --- /dev/null +++ b/tools/gcc/kernexec_plugin.c -@@ -0,0 +1,432 @@ +@@ -0,0 +1,465 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -87651,10 +87935,14 @@ index 0000000..8856202 +#define ANY_RETURN_P(rtx) (GET_CODE(rtx) == RETURN) +#endif + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +int plugin_is_GPL_compatible; + +static struct plugin_info kernexec_plugin_info = { -+ .version = "201111291120", ++ .version = "201302112000", + .help = "method=[bts|or]\tinstrumentation method\n" +}; + @@ -87670,6 +87958,9 @@ index 0000000..8856202 + .pass = { + .type = GIMPLE_PASS, + .name = "kernexec_reload", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_reload, + .sub = NULL, @@ -87688,6 +87979,9 @@ index 0000000..8856202 + .pass = { + .type = GIMPLE_PASS, + .name = "kernexec_fptr", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_fptr, + .sub = NULL, @@ -87706,6 +88000,9 @@ index 0000000..8856202 + .pass = { + .type = RTL_PASS, + .name = "kernexec_retaddr", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_retaddr, + .sub = NULL, @@ -87803,8 +88100,10 @@ index 0000000..8856202 + + // create temporary unsigned long variable used for bitops and cast fptr to it + intptr = create_tmp_var(long_unsigned_type_node, "kernexec_bts"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(intptr); + mark_sym_for_renaming(intptr); ++#endif + assign_intptr = gimple_build_assign(intptr, fold_convert(long_unsigned_type_node, old_fptr)); + gsi_insert_before(gsi, assign_intptr, GSI_SAME_STMT); + update_stmt(assign_intptr); @@ -87818,8 +88117,10 @@ index 0000000..8856202 + + // cast temporary unsigned long back to a temporary fptr variable + new_fptr = create_tmp_var(TREE_TYPE(old_fptr), "kernexec_fptr"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_fptr); + mark_sym_for_renaming(new_fptr); ++#endif + assign_new_fptr = gimple_build_assign(new_fptr, fold_convert(TREE_TYPE(old_fptr), intptr)); + gsi_insert_before(gsi, assign_new_fptr, GSI_SAME_STMT); + update_stmt(assign_new_fptr); @@ -87833,24 +88134,36 @@ index 0000000..8856202 +{ + gimple asm_or_stmt, call_stmt; + tree old_fptr, new_fptr, input, output; ++#if BUILDING_GCC_VERSION <= 4007 + VEC(tree, gc) *inputs = NULL; + VEC(tree, gc) *outputs = NULL; ++#else ++ vec<tree, va_gc> *inputs = NULL; ++ vec<tree, va_gc> *outputs = NULL; ++#endif + + call_stmt = gsi_stmt(*gsi); + old_fptr = gimple_call_fn(call_stmt); + + // create temporary fptr variable + new_fptr = create_tmp_var(TREE_TYPE(old_fptr), "kernexec_or"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_fptr); + mark_sym_for_renaming(new_fptr); ++#endif + + // build asm volatile("orq %%r10, %0\n\t" : "=r"(new_fptr) : "0"(old_fptr)); + input = build_tree_list(NULL_TREE, build_string(2, "0")); + input = chainon(NULL_TREE, build_tree_list(input, old_fptr)); + output = build_tree_list(NULL_TREE, build_string(3, "=r")); + output = chainon(NULL_TREE, build_tree_list(output, new_fptr)); ++#if BUILDING_GCC_VERSION <= 4007 + VEC_safe_push(tree, gc, inputs, input); + VEC_safe_push(tree, gc, outputs, output); ++#else ++ vec_safe_push(inputs, input); ++ vec_safe_push(outputs, output); ++#endif + asm_or_stmt = gimple_build_asm_vec("orq %%r10, %0\n\t", inputs, outputs, NULL, NULL); + gimple_asm_set_volatile(asm_or_stmt, true); + gsi_insert_before(gsi, asm_or_stmt, GSI_SAME_STMT); @@ -87888,9 +88201,13 @@ index 0000000..8856202 + gcc_unreachable(); + + // ... through a function pointer -+ fn = SSA_NAME_VAR(fn); -+ if (TREE_CODE(fn) != VAR_DECL && TREE_CODE(fn) != PARM_DECL) -+ continue; ++ if (SSA_NAME_VAR(fn) != NULL_TREE) { ++ fn = SSA_NAME_VAR(fn); ++ if (TREE_CODE(fn) != VAR_DECL && TREE_CODE(fn) != PARM_DECL) { ++ debug_tree(fn); ++ gcc_unreachable(); ++ } ++ } + fn = TREE_TYPE(fn); + if (TREE_CODE(fn) != POINTER_TYPE) + continue; @@ -88041,12 +88358,12 @@ index 0000000..8856202 +} diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c new file mode 100644 -index 0000000..b8008f7 +index 0000000..1276616 --- /dev/null +++ b/tools/gcc/latent_entropy_plugin.c -@@ -0,0 +1,295 @@ +@@ -0,0 +1,321 @@ +/* -+ * Copyright 2012 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2012-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -88086,12 +88403,16 @@ index 0000000..b8008f7 +#include "emit-rtl.h" +#include "tree-flow.h" + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +int plugin_is_GPL_compatible; + +static tree latent_entropy_decl; + +static struct plugin_info latent_entropy_plugin_info = { -+ .version = "201207271820", ++ .version = "201302112000", + .help = NULL +}; + @@ -88102,6 +88423,9 @@ index 0000000..b8008f7 + .pass = { + .type = GIMPLE_PASS, + .name = "latent_entropy", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_latent_entropy, + .execute = execute_latent_entropy, + .sub = NULL, @@ -88197,7 +88521,9 @@ index 0000000..b8008f7 + op = get_op(&rhs); + addxorrol = fold_build2_loc(UNKNOWN_LOCATION, op, unsigned_intDI_type_node, local_entropy, rhs); + assign = gimple_build_assign(local_entropy, addxorrol); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif +//debug_bb(bb); + gsi = gsi_after_labels(bb); + gsi_insert_before(&gsi, assign, GSI_NEW_STMT); @@ -88212,12 +88538,16 @@ index 0000000..b8008f7 + + // 1. create temporary copy of latent_entropy + temp = create_tmp_var(unsigned_intDI_type_node, "temp_latent_entropy"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(temp); + mark_sym_for_renaming(temp); ++#endif + + // 2. read... + assign = gimple_build_assign(temp, latent_entropy_decl); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi = gsi_after_labels(bb); + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); @@ -88225,13 +88555,17 @@ index 0000000..b8008f7 + // 3. ...modify... + addxorrol = fold_build2_loc(UNKNOWN_LOCATION, get_op(NULL), unsigned_intDI_type_node, temp, rhs); + assign = gimple_build_assign(temp, addxorrol); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); + + // 4. ...write latent_entropy + assign = gimple_build_assign(latent_entropy_decl, temp); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); +} @@ -88246,8 +88580,13 @@ index 0000000..b8008f7 + if (!latent_entropy_decl) { + struct varpool_node *node; + ++#if BUILDING_GCC_VERSION <= 4007 + for (node = varpool_nodes; node; node = node->next) { + tree var = node->decl; ++#else ++ FOR_EACH_VARIABLE(node) { ++ tree var = node->symbol.decl; ++#endif + if (strcmp(IDENTIFIER_POINTER(DECL_NAME(var)), "latent_entropy")) + continue; + latent_entropy_decl = var; @@ -88264,8 +88603,10 @@ index 0000000..b8008f7 + + // 1. create local entropy variable + local_entropy = create_tmp_var(unsigned_intDI_type_node, "local_entropy"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(local_entropy); + mark_sym_for_renaming(local_entropy); ++#endif + + // 2. initialize local entropy variable + bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest; @@ -88275,7 +88616,9 @@ index 0000000..b8008f7 + + assign = gimple_build_assign(local_entropy, build_int_cstu(unsigned_intDI_type_node, get_random_const())); +// gimple_set_location(assign, loc); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); + bb = bb->next_bb; @@ -91734,10 +92077,10 @@ index 0000000..a8203dd +atyfb_setup_generic_49151 atyfb_setup_generic 3 49151 NULL diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c new file mode 100644 -index 0000000..792ee60 +index 0000000..d52f2ee --- /dev/null +++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,1930 @@ +@@ -0,0 +1,1941 @@ +/* + * Copyright 2011, 2012 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -91778,6 +92121,10 @@ index 0000000..792ee60 +#define C_DECL_IMPLICIT(EXP) DECL_LANG_FLAG_2 (EXP) +#endif + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +struct size_overflow_hash { + const struct size_overflow_hash * const next; + const char * const name; @@ -92130,8 +92477,10 @@ index 0000000..792ee60 +{ + tree new_var = create_tmp_var(type, "cicus"); + ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_var); + mark_sym_for_renaming(new_var); ++#endif + return new_var; +} + @@ -92351,11 +92700,13 @@ index 0000000..792ee60 + basic_block bb; + gimple phi; + gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); ++ gimple_seq seq; + + bb = gsi_bb(gsi); + + phi = create_phi_node(result, bb); -+ gsi = gsi_last(phi_nodes(bb)); ++ seq = phi_nodes(bb); ++ gsi = gsi_last(seq); + gsi_remove(&gsi, false); + + gsi = gsi_for_stmt(oldstmt); @@ -93595,13 +93946,16 @@ index 0000000..792ee60 + .pass = { + .type = GIMPLE_PASS, + .name = "size_overflow", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = handle_function, + .sub = NULL, + .next = NULL, + .static_pass_number = 0, + .tv_id = TV_NONE, -+ .properties_required = PROP_cfg | PROP_referenced_vars, ++ .properties_required = PROP_cfg, + .properties_provided = 0, + .properties_destroyed = 0, + .todo_flags_start = 0, @@ -93670,12 +94024,12 @@ index 0000000..792ee60 +} diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c new file mode 100644 -index 0000000..38d2014 +index 0000000..ac2901e --- /dev/null +++ b/tools/gcc/stackleak_plugin.c -@@ -0,0 +1,313 @@ +@@ -0,0 +1,327 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -93713,6 +94067,10 @@ index 0000000..38d2014 +#include "rtl.h" +#include "emit-rtl.h" + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +extern void print_gimple_stmt(FILE *, gimple, int, int); + +int plugin_is_GPL_compatible; @@ -93723,7 +94081,7 @@ index 0000000..38d2014 +static bool init_locals; + +static struct plugin_info stackleak_plugin_info = { -+ .version = "201203140940", ++ .version = "201302112000", + .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n" +// "initialize-locals\t\tforcibly initialize all stack frames\n" +}; @@ -93736,6 +94094,9 @@ index 0000000..38d2014 + .pass = { + .type = GIMPLE_PASS, + .name = "stackleak_tree_instrument", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_stackleak_track_stack, + .execute = execute_stackleak_tree_instrument, + .sub = NULL, @@ -93754,6 +94115,9 @@ index 0000000..38d2014 + .pass = { + .type = RTL_PASS, + .name = "stackleak_final", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_stackleak_track_stack, + .execute = execute_stackleak_final, + .sub = NULL, @@ -93890,7 +94254,7 @@ index 0000000..38d2014 + +static unsigned int execute_stackleak_final(void) +{ -+ rtx insn; ++ rtx insn, next; + + if (cfun->calls_alloca) + return 0; @@ -93900,10 +94264,11 @@ index 0000000..38d2014 + return 0; + + // 1. find pax_track_stack calls -+ for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { ++ for (insn = get_insns(); insn; insn = next) { + // rtl match: (call_insn 8 7 9 3 (call (mem (symbol_ref ("pax_track_stack") [flags 0x41] <function_decl 0xb7470e80 pax_track_stack>) [0 S1 A8]) (4)) -1 (nil) (nil)) + rtx body; + ++ next = NEXT_INSN(insn); + if (!CALL_P(insn)) + continue; + body = PATTERN(insn); @@ -93919,10 +94284,13 @@ index 0000000..38d2014 + continue; +// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size); + // 2. delete call -+ insn = delete_insn_and_edges(insn); ++ delete_insn_and_edges(insn); +#if BUILDING_GCC_VERSION >= 4007 -+ if (GET_CODE(insn) == NOTE && NOTE_KIND(insn) == NOTE_INSN_CALL_ARG_LOCATION) -+ insn = delete_insn_and_edges(insn); ++ if (GET_CODE(next) == NOTE && NOTE_KIND(next) == NOTE_INSN_CALL_ARG_LOCATION) { ++ insn = next; ++ next = NEXT_INSN(insn); ++ delete_insn_and_edges(insn); ++ } +#endif + } + diff --git a/3.7.6/0000_README b/3.7.8/0000_README index b813abb..c6ec76a 100644 --- a/3.7.6/0000_README +++ b/3.7.8/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-2.9.1-3.7.6-201302092141.patch +Patch: 4420_grsecurity-2.9.1-3.7.8-201302161158.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.7.6/4420_grsecurity-2.9.1-3.7.6-201302092141.patch b/3.7.8/4420_grsecurity-2.9.1-3.7.8-201302161158.patch index d770adf..652bbf8 100644 --- a/3.7.6/4420_grsecurity-2.9.1-3.7.6-201302092141.patch +++ b/3.7.8/4420_grsecurity-2.9.1-3.7.8-201302161158.patch @@ -251,7 +251,7 @@ index 9776f06..18b1856 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index b6de2ea..5ba90ee 100644 +index ad48987..d808c2d 100644 --- a/Makefile +++ b/Makefile @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -1952,7 +1952,7 @@ index 486a15a..d95523a 100644 /* diff --git a/arch/arm/kernel/module.c b/arch/arm/kernel/module.c -index 1e9be5d..ef22b26 100644 +index 1e9be5d..03edbc2 100644 --- a/arch/arm/kernel/module.c +++ b/arch/arm/kernel/module.c @@ -37,12 +37,37 @@ @@ -1962,7 +1962,7 @@ index 1e9be5d..ef22b26 100644 -void *module_alloc(unsigned long size) +static inline void *__module_alloc(unsigned long size, pgprot_t prot) { -+ if (!size || PAGE_ALIGN(size) > (MODULES_END - MODULES_VADDR)) ++ if (!size || PAGE_ALIGN(size) > MODULES_END - MODULES_VADDR) + return NULL; return __vmalloc_node_range(size, 1, MODULES_VADDR, MODULES_END, - GFP_KERNEL, PAGE_KERNEL_EXEC, -1, @@ -9880,7 +9880,7 @@ index efc6a95..95abfe2 100644 err |= copy_siginfo_to_user32(&frame->info, info); diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S -index 076745f..ae8f6cb 100644 +index e7fa545..9e6fe1a 100644 --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S @@ -15,8 +15,10 @@ @@ -10026,7 +10026,7 @@ index 076745f..ae8f6cb 100644 + testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),TI_flags(%r11) jnz ia32_ret_from_sys_call TRACE_IRQS_ON - sti + ENABLE_INTERRUPTS(CLBR_NONE) @@ -215,11 +263,12 @@ sysexit_from_sys_call: 1: setbe %al /* 1 if error, 0 if not */ movzbl %al,%edi /* zero-extend that into %edi */ @@ -10034,7 +10034,7 @@ index 076745f..ae8f6cb 100644 + GET_THREAD_INFO(%r11) movq RAX-ARGOFFSET(%rsp),%rax /* reload syscall return value */ movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi - cli + DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF - testl %edi,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET) + testl %edi,TI_flags(%r11) @@ -10315,7 +10315,7 @@ index 58ed6d9..f1cbe58 100644 ALTINSTR_REPLACEMENT(newinstr2, feature2, 2) \ ".popsection" diff --git a/arch/x86/include/asm/apic.h b/arch/x86/include/asm/apic.h -index 3388034..ba52312 100644 +index 3388034..050f0b9 100644 --- a/arch/x86/include/asm/apic.h +++ b/arch/x86/include/asm/apic.h @@ -44,7 +44,7 @@ static inline void generic_apic_probe(void) @@ -10327,15 +10327,6 @@ index 3388034..ba52312 100644 extern int local_apic_timer_c2_ok; extern int disable_apic; -@@ -391,7 +391,7 @@ struct apic { - */ - int (*x86_32_numa_cpu_node)(int cpu); - #endif --}; -+} __do_const; - - /* - * Pointer to the local APIC driver in use on this system (there's diff --git a/arch/x86/include/asm/apm.h b/arch/x86/include/asm/apm.h index 20370c6..a2eb9b0 100644 --- a/arch/x86/include/asm/apm.h @@ -11967,19 +11958,6 @@ index d3ddd17..c9fb0cc 100644 #define flush_insn_slot(p) do { } while (0) -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index b2e11f4..f293e2e 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -707,7 +707,7 @@ struct kvm_x86_ops { - int (*check_intercept)(struct kvm_vcpu *vcpu, - struct x86_instruction_info *info, - enum x86_intercept_stage stage); --}; -+} __do_const; - - struct kvm_arch_async_pf { - u32 token; diff --git a/arch/x86/include/asm/local.h b/arch/x86/include/asm/local.h index c8bed0d..85c03fd 100644 --- a/arch/x86/include/asm/local.h @@ -12525,9 +12503,45 @@ index a0facf3..c017b15 100644 #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h -index 142236e..57cf5ea 100644 +index 142236e..5446ffbc 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h +@@ -84,7 +84,7 @@ struct pv_init_ops { + */ + unsigned (*patch)(u8 type, u16 clobber, void *insnbuf, + unsigned long addr, unsigned len); +-}; ++} __no_const; + + + struct pv_lazy_ops { +@@ -97,7 +97,7 @@ struct pv_time_ops { + unsigned long long (*sched_clock)(void); + unsigned long long (*steal_clock)(int cpu); + unsigned long (*get_tsc_khz)(void); +-}; ++} __no_const; + + struct pv_cpu_ops { + /* hooks for various privileged instructions */ +@@ -191,7 +191,7 @@ struct pv_cpu_ops { + + void (*start_context_switch)(struct task_struct *prev); + void (*end_context_switch)(struct task_struct *next); +-}; ++} __no_const; + + struct pv_irq_ops { + /* +@@ -222,7 +222,7 @@ struct pv_apic_ops { + unsigned long start_eip, + unsigned long start_esp); + #endif +-}; ++} __no_const; + + struct pv_mmu_ops { + unsigned long (*read_cr2)(void); @@ -312,6 +312,7 @@ struct pv_mmu_ops { struct paravirt_callee_save make_pud; @@ -12549,6 +12563,15 @@ index 142236e..57cf5ea 100644 }; struct arch_spinlock; +@@ -333,7 +340,7 @@ struct pv_lock_ops { + void (*spin_lock_flags)(struct arch_spinlock *lock, unsigned long flags); + int (*spin_trylock)(struct arch_spinlock *lock); + void (*spin_unlock)(struct arch_spinlock *lock); +-}; ++} __no_const; + + /* This contains all the paravirt structures: we get a convenient + * number for each function using the offset which we use to indicate diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h index b4389a4..7024269 100644 --- a/arch/x86/include/asm/pgalloc.h @@ -12639,7 +12662,7 @@ index 4cc9f2b..5fd9226 100644 /* diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index a1f780d..a3eb32f 100644 +index a1f780d..9f6c8dd 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -44,6 +44,7 @@ extern struct mm_struct *pgd_page_get_mm(struct page *page); @@ -12702,7 +12725,19 @@ index a1f780d..a3eb32f 100644 static inline int pte_dirty(pte_t pte) { return pte_flags(pte) & _PAGE_DIRTY; -@@ -195,9 +235,29 @@ static inline pte_t pte_wrprotect(pte_t pte) +@@ -142,6 +182,11 @@ static inline unsigned long pmd_pfn(pmd_t pmd) + return (pmd_val(pmd) & PTE_PFN_MASK) >> PAGE_SHIFT; + } + ++static inline unsigned long pud_pfn(pud_t pud) ++{ ++ return (pud_val(pud) & PTE_PFN_MASK) >> PAGE_SHIFT; ++} ++ + #define pte_page(pte) pfn_to_page(pte_pfn(pte)) + + static inline int pmd_large(pmd_t pte) +@@ -195,9 +240,29 @@ static inline pte_t pte_wrprotect(pte_t pte) return pte_clear_flags(pte, _PAGE_RW); } @@ -12733,7 +12768,7 @@ index a1f780d..a3eb32f 100644 } static inline pte_t pte_mkdirty(pte_t pte) -@@ -389,6 +449,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); +@@ -389,6 +454,15 @@ pte_t *populate_extra_pte(unsigned long vaddr); #endif #ifndef __ASSEMBLY__ @@ -12749,7 +12784,7 @@ index a1f780d..a3eb32f 100644 #include <linux/mm_types.h> static inline int pte_none(pte_t pte) -@@ -565,7 +634,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) +@@ -565,7 +639,7 @@ static inline pud_t *pud_offset(pgd_t *pgd, unsigned long address) static inline int pgd_bad(pgd_t pgd) { @@ -12758,7 +12793,7 @@ index a1f780d..a3eb32f 100644 } static inline int pgd_none(pgd_t pgd) -@@ -588,7 +657,12 @@ static inline int pgd_none(pgd_t pgd) +@@ -588,7 +662,12 @@ static inline int pgd_none(pgd_t pgd) * pgd_offset() returns a (pgd_t *) * pgd_index() is used get the offset into the pgd page's array of pgd_t's; */ @@ -12772,7 +12807,7 @@ index a1f780d..a3eb32f 100644 /* * a shortcut which implies the use of the kernel's pgd, instead * of a process's -@@ -599,6 +673,20 @@ static inline int pgd_none(pgd_t pgd) +@@ -599,6 +678,20 @@ static inline int pgd_none(pgd_t pgd) #define KERNEL_PGD_BOUNDARY pgd_index(PAGE_OFFSET) #define KERNEL_PGD_PTRS (PTRS_PER_PGD - KERNEL_PGD_BOUNDARY) @@ -12793,7 +12828,7 @@ index a1f780d..a3eb32f 100644 #ifndef __ASSEMBLY__ extern int direct_gbpages; -@@ -763,11 +851,23 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, +@@ -763,11 +856,23 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, * dst and src can be on the same page, but the range must not overlap, * and must not cross a page boundary. */ @@ -13287,10 +13322,10 @@ index fe1ec5b..dc5c3fe 100644 u32 gdt_base; #else diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h -index a82c4f1..f9c9696 100644 +index a82c4f1..ac45053 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h -@@ -6,12 +6,12 @@ +@@ -6,13 +6,13 @@ struct pt_regs; struct machine_ops { @@ -13303,10 +13338,12 @@ index a82c4f1..f9c9696 100644 void (*shutdown)(void); void (*crash_shutdown)(struct pt_regs *); - void (*emergency_restart)(void); +-}; + void (* __noreturn emergency_restart)(void); - }; ++} __no_const; extern struct machine_ops machine_ops; + diff --git a/arch/x86/include/asm/rwsem.h b/arch/x86/include/asm/rwsem.h index 2dbe4a7..ce1db00 100644 --- a/arch/x86/include/asm/rwsem.h @@ -13507,7 +13544,7 @@ index c48a950..c6d7468 100644 #endif /* !__ASSEMBLY__ */ diff --git a/arch/x86/include/asm/smp.h b/arch/x86/include/asm/smp.h -index 4f19a15..e04d86f 100644 +index 4f19a15..9e14f27 100644 --- a/arch/x86/include/asm/smp.h +++ b/arch/x86/include/asm/smp.h @@ -36,7 +36,7 @@ DECLARE_PER_CPU_READ_MOSTLY(cpumask_var_t, cpu_core_map); @@ -13519,6 +13556,15 @@ index 4f19a15..e04d86f 100644 static inline struct cpumask *cpu_sibling_mask(int cpu) { +@@ -79,7 +79,7 @@ struct smp_ops { + + void (*send_call_func_ipi)(const struct cpumask *mask); + void (*send_call_func_single_ipi)(int cpu); +-}; ++} __no_const; + + /* Globals due to paravirt */ + extern void set_cpu_sibling_map(int cpu); @@ -190,14 +190,8 @@ extern unsigned disabled_cpus __cpuinitdata; extern int safe_smp_processor_id(void); @@ -14714,6 +14760,54 @@ index 5b238981..77fdd78 100644 }; #define WORD_AT_A_TIME_CONSTANTS { REPEAT_BYTE(0x01), REPEAT_BYTE(0x80) } +diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h +index 5769349..a3d3e2a 100644 +--- a/arch/x86/include/asm/x86_init.h ++++ b/arch/x86/include/asm/x86_init.h +@@ -141,7 +141,7 @@ struct x86_init_ops { + struct x86_init_timers timers; + struct x86_init_iommu iommu; + struct x86_init_pci pci; +-}; ++} __no_const; + + /** + * struct x86_cpuinit_ops - platform specific cpu hotplug setups +@@ -152,7 +152,7 @@ struct x86_cpuinit_ops { + void (*setup_percpu_clockev)(void); + void (*early_percpu_clock_init)(void); + void (*fixup_cpu_id)(struct cpuinfo_x86 *c, int node); +-}; ++} __no_const; + + /** + * struct x86_platform_ops - platform specific runtime functions +@@ -178,7 +178,7 @@ struct x86_platform_ops { + void (*save_sched_clock_state)(void); + void (*restore_sched_clock_state)(void); + void (*apic_post_init)(void); +-}; ++} __no_const; + + struct pci_dev; + +@@ -187,14 +187,14 @@ struct x86_msi_ops { + void (*teardown_msi_irq)(unsigned int irq); + void (*teardown_msi_irqs)(struct pci_dev *dev); + void (*restore_msi_irqs)(struct pci_dev *dev, int irq); +-}; ++} __no_const; + + struct x86_io_apic_ops { + void (*init) (void); + unsigned int (*read) (unsigned int apic, unsigned int reg); + void (*write) (unsigned int apic, unsigned int reg, unsigned int value); + void (*modify)(unsigned int apic, unsigned int reg, unsigned int value); +-}; ++} __no_const; + + extern struct x86_init_ops x86_init; + extern struct x86_cpuinit_ops x86_cpuinit; diff --git a/arch/x86/include/asm/xsave.h b/arch/x86/include/asm/xsave.h index 0415cda..b43d877 100644 --- a/arch/x86/include/asm/xsave.h @@ -14759,19 +14853,6 @@ index 91ce48f..a48ea05 100644 obj-$(CONFIG_X86_64) += sys_x86_64.o x8664_ksyms_64.o obj-y += syscall_$(BITS).o obj-$(CONFIG_X86_64) += vsyscall_64.o -diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c -index e651f7a..c995dc4 100644 ---- a/arch/x86/kernel/acpi/boot.c -+++ b/arch/x86/kernel/acpi/boot.c -@@ -1576,7 +1576,7 @@ int __init acpi_boot_init(void) - acpi_table_parse(ACPI_SIG_HPET, acpi_parse_hpet); - - if (!acpi_noirq) -- x86_init.pci.init = pci_acpi_init; -+ *(void **)&x86_init.pci.init = pci_acpi_init; - - return 0; - } diff --git a/arch/x86/kernel/acpi/sleep.c b/arch/x86/kernel/acpi/sleep.c index 11676cf..a8cf3ec 100644 --- a/arch/x86/kernel/acpi/sleep.c @@ -14946,34 +15027,8 @@ index ef5ccca..bd83949 100644 return addr; } -diff --git a/arch/x86/kernel/amd_gart_64.c b/arch/x86/kernel/amd_gart_64.c -index e663112..21938a3 100644 ---- a/arch/x86/kernel/amd_gart_64.c -+++ b/arch/x86/kernel/amd_gart_64.c -@@ -851,7 +851,7 @@ int __init gart_iommu_init(void) - - flush_gart(); - dma_ops = &gart_dma_ops; -- x86_platform.iommu_shutdown = gart_iommu_shutdown; -+ *(void **)&x86_platform.iommu_shutdown = gart_iommu_shutdown; - swiotlb = 0; - - return 0; -diff --git a/arch/x86/kernel/aperture_64.c b/arch/x86/kernel/aperture_64.c -index d5fd66f..6119b16 100644 ---- a/arch/x86/kernel/aperture_64.c -+++ b/arch/x86/kernel/aperture_64.c -@@ -390,7 +390,7 @@ int __init gart_iommu_hole_init(void) - - iommu_detected = 1; - gart_iommu_aperture = 1; -- x86_init.iommu.iommu_init = gart_iommu_init; -+ *(void **)&x86_init.iommu.iommu_init = gart_iommu_init; - - ctl = read_pci_config(bus, slot, 3, - AMD64_GARTAPERTURECTL); diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c -index b17416e..be6e5dc 100644 +index b17416e..5ed0f3e 100644 --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c @@ -185,7 +185,7 @@ int first_system_vector = 0xfe; @@ -14994,30 +15049,64 @@ index b17416e..be6e5dc 100644 apic_printk(APIC_DEBUG, KERN_DEBUG "APIC error on CPU%d: %02x(%02x)", smp_processor_id(), v0 , v1); -@@ -2155,7 +2155,9 @@ void __init apic_set_eoi_write(void (*eoi_write)(u32 reg, u32 v)) - for (drv = __apicdrivers; drv < __apicdrivers_end; drv++) { - /* Should happen once for each apic */ - WARN_ON((*drv)->eoi_write == eoi_write); -- (*drv)->eoi_write = eoi_write; -+ pax_open_kernel(); -+ *(void **)&(*drv)->eoi_write = eoi_write; -+ pax_close_kernel(); - } +diff --git a/arch/x86/kernel/apic/apic_flat_64.c b/arch/x86/kernel/apic/apic_flat_64.c +index 00c77cf..2dc6a2d 100644 +--- a/arch/x86/kernel/apic/apic_flat_64.c ++++ b/arch/x86/kernel/apic/apic_flat_64.c +@@ -157,7 +157,7 @@ static int flat_probe(void) + return 1; } -diff --git a/arch/x86/kernel/apic/apic_numachip.c b/arch/x86/kernel/apic/apic_numachip.c -index a65829a..6ddc249 100644 ---- a/arch/x86/kernel/apic/apic_numachip.c -+++ b/arch/x86/kernel/apic/apic_numachip.c -@@ -178,7 +178,7 @@ static int __init numachip_system_init(void) - if (!numachip_system) - return 0; +-static struct apic apic_flat = { ++static struct apic apic_flat __read_only = { + .name = "flat", + .probe = flat_probe, + .acpi_madt_oem_check = flat_acpi_madt_oem_check, +@@ -271,7 +271,7 @@ static int physflat_probe(void) + return 0; + } + +-static struct apic apic_physflat = { ++static struct apic apic_physflat __read_only = { -- x86_cpuinit.fixup_cpu_id = fixup_cpu_id; -+ *(void **)&x86_cpuinit.fixup_cpu_id = fixup_cpu_id; + .name = "physical flat", + .probe = physflat_probe, +diff --git a/arch/x86/kernel/apic/bigsmp_32.c b/arch/x86/kernel/apic/bigsmp_32.c +index d50e364..543bee3 100644 +--- a/arch/x86/kernel/apic/bigsmp_32.c ++++ b/arch/x86/kernel/apic/bigsmp_32.c +@@ -152,7 +152,7 @@ static int probe_bigsmp(void) + return dmi_bigsmp; + } + +-static struct apic apic_bigsmp = { ++static struct apic apic_bigsmp __read_only = { - map_csrs(); + .name = "bigsmp", + .probe = probe_bigsmp, +diff --git a/arch/x86/kernel/apic/es7000_32.c b/arch/x86/kernel/apic/es7000_32.c +index 0874799..24a836e 100644 +--- a/arch/x86/kernel/apic/es7000_32.c ++++ b/arch/x86/kernel/apic/es7000_32.c +@@ -608,8 +608,7 @@ static int es7000_mps_oem_check_cluster(struct mpc_table *mpc, char *oem, + return ret && es7000_apic_is_cluster(); + } +-/* We've been warned by a false positive warning.Use __refdata to keep calm. */ +-static struct apic __refdata apic_es7000_cluster = { ++static struct apic apic_es7000_cluster __read_only = { + + .name = "es7000", + .probe = probe_es7000, +@@ -675,7 +674,7 @@ static struct apic __refdata apic_es7000_cluster = { + .x86_32_early_logical_apicid = es7000_early_logical_apicid, + }; + +-static struct apic __refdata apic_es7000 = { ++static struct apic __refdata apic_es7000 __read_only = { + + .name = "es7000", + .probe = probe_es7000, diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c index 1817fa9..7bff097 100644 --- a/arch/x86/kernel/apic/io_apic.c @@ -15059,47 +15148,84 @@ index 1817fa9..7bff097 100644 eoi_ioapic_irq(irq, cfg); } diff --git a/arch/x86/kernel/apic/numaq_32.c b/arch/x86/kernel/apic/numaq_32.c -index d661ee9..512c0a1 100644 +index d661ee9..791fd33 100644 --- a/arch/x86/kernel/apic/numaq_32.c +++ b/arch/x86/kernel/apic/numaq_32.c -@@ -257,14 +257,14 @@ static __init void early_check_numaq(void) - early_get_smp_config(); - - if (found_numaq) { -- x86_init.mpparse.mpc_record = numaq_mpc_record; -- x86_init.mpparse.setup_ioapic_ids = x86_init_noop; -- x86_init.mpparse.mpc_apic_id = mpc_apic_id; -- x86_init.mpparse.smp_read_mpc_oem = smp_read_mpc_oem; -- x86_init.mpparse.mpc_oem_pci_bus = mpc_oem_pci_bus; -- x86_init.mpparse.mpc_oem_bus_info = mpc_oem_bus_info; -- x86_init.timers.tsc_pre_init = numaq_tsc_init; -- x86_init.pci.init = pci_numaq_init; -+ *(void **)&x86_init.mpparse.mpc_record = numaq_mpc_record; -+ *(void **)&x86_init.mpparse.setup_ioapic_ids = x86_init_noop; -+ *(void **)&x86_init.mpparse.mpc_apic_id = mpc_apic_id; -+ *(void **)&x86_init.mpparse.smp_read_mpc_oem = smp_read_mpc_oem; -+ *(void **)&x86_init.mpparse.mpc_oem_pci_bus = mpc_oem_pci_bus; -+ *(void **)&x86_init.mpparse.mpc_oem_bus_info = mpc_oem_bus_info; -+ *(void **)&x86_init.timers.tsc_pre_init = numaq_tsc_init; -+ *(void **)&x86_init.pci.init = pci_numaq_init; - } +@@ -455,8 +455,7 @@ static void numaq_setup_portio_remap(void) + (u_long) xquad_portio, (u_long) num_quads*XQUAD_PORTIO_QUAD); } +-/* Use __refdata to keep false positive warning calm. */ +-static struct apic __refdata apic_numaq = { ++static struct apic apic_numaq __read_only = { + + .name = "NUMAQ", + .probe = probe_numaq, +diff --git a/arch/x86/kernel/apic/probe_32.c b/arch/x86/kernel/apic/probe_32.c +index eb35ef9..f184a21 100644 +--- a/arch/x86/kernel/apic/probe_32.c ++++ b/arch/x86/kernel/apic/probe_32.c +@@ -72,7 +72,7 @@ static int probe_default(void) + return 1; + } + +-static struct apic apic_default = { ++static struct apic apic_default __read_only = { + + .name = "default", + .probe = probe_default, +diff --git a/arch/x86/kernel/apic/summit_32.c b/arch/x86/kernel/apic/summit_32.c +index 77c95c0..434f8a4 100644 +--- a/arch/x86/kernel/apic/summit_32.c ++++ b/arch/x86/kernel/apic/summit_32.c +@@ -486,7 +486,7 @@ void setup_summit(void) + } + #endif + +-static struct apic apic_summit = { ++static struct apic apic_summit __read_only = { + + .name = "summit", + .probe = probe_summit, +diff --git a/arch/x86/kernel/apic/x2apic_cluster.c b/arch/x86/kernel/apic/x2apic_cluster.c +index c88baa4..a89def0 100644 +--- a/arch/x86/kernel/apic/x2apic_cluster.c ++++ b/arch/x86/kernel/apic/x2apic_cluster.c +@@ -235,7 +235,7 @@ static void cluster_vector_allocation_domain(int cpu, struct cpumask *retmask, + cpumask_and(retmask, mask, per_cpu(cpus_in_cluster, cpu)); + } + +-static struct apic apic_x2apic_cluster = { ++static struct apic apic_x2apic_cluster __read_only = { + + .name = "cluster x2apic", + .probe = x2apic_cluster_probe, +diff --git a/arch/x86/kernel/apic/x2apic_phys.c b/arch/x86/kernel/apic/x2apic_phys.c +index e03a1e1..0e41d28 100644 +--- a/arch/x86/kernel/apic/x2apic_phys.c ++++ b/arch/x86/kernel/apic/x2apic_phys.c +@@ -88,7 +88,7 @@ static int x2apic_phys_probe(void) + return apic == &apic_x2apic_phys; + } + +-static struct apic apic_x2apic_phys = { ++static struct apic apic_x2apic_phys __read_only = { + + .name = "physical x2apic", + .probe = x2apic_phys_probe, diff --git a/arch/x86/kernel/apic/x2apic_uv_x.c b/arch/x86/kernel/apic/x2apic_uv_x.c -index 8cfade9..8ea7b51 100644 +index 8cfade9..b9d04fc 100644 --- a/arch/x86/kernel/apic/x2apic_uv_x.c +++ b/arch/x86/kernel/apic/x2apic_uv_x.c -@@ -139,8 +139,8 @@ static int __init uv_acpi_madt_oem_check(char *oem_id, char *oem_table_id) - is_uv1 ? UV1_HUB_REVISION_BASE : UV2_HUB_REVISION_BASE; - pnodeid = early_get_pnodeid(); - early_get_apic_pnode_shift(); -- x86_platform.is_untracked_pat_range = uv_is_untracked_pat_range; -- x86_platform.nmi_init = uv_nmi_init; -+ *(void **)&x86_platform.is_untracked_pat_range = uv_is_untracked_pat_range; -+ *(void **)&x86_platform.nmi_init = uv_nmi_init; - if (!strcmp(oem_table_id, "UVL")) - uv_system_type = UV_LEGACY_APIC; - else if (!strcmp(oem_table_id, "UVX")) +@@ -333,7 +333,7 @@ static int uv_probe(void) + return apic == &apic_x2apic_uv_x; + } + +-static struct apic __refdata apic_x2apic_uv_x = { ++static struct apic apic_x2apic_uv_x __read_only = { + + .name = "UV large system", + .probe = uv_probe, diff --git a/arch/x86/kernel/apm_32.c b/arch/x86/kernel/apm_32.c index d65464e..1035d31 100644 --- a/arch/x86/kernel/apm_32.c @@ -15756,19 +15882,6 @@ index 324bb52..1a93d85 100644 } intel_ds_init(); -diff --git a/arch/x86/kernel/cpu/vmware.c b/arch/x86/kernel/cpu/vmware.c -index d22d0c4..088eb6f 100644 ---- a/arch/x86/kernel/cpu/vmware.c -+++ b/arch/x86/kernel/cpu/vmware.c -@@ -79,7 +79,7 @@ static void __init vmware_platform_setup(void) - VMWARE_PORT(GETHZ, eax, ebx, ecx, edx); - - if (ebx != UINT_MAX) -- x86_platform.calibrate_tsc = vmware_get_tsc_khz; -+ *(void **)&x86_platform.calibrate_tsc = vmware_get_tsc_khz; - else - printk(KERN_WARNING - "Failed to get TSC freq from the hypervisor\n"); diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index 13ad899..f642b9a 100644 --- a/arch/x86/kernel/crash.c @@ -18016,10 +18129,10 @@ index 1d41402..af9a46a 100644 return -EFAULT; diff --git a/arch/x86/kernel/head32.c b/arch/x86/kernel/head32.c -index c18f59d..69ddbc4 100644 +index c18f59d..9c0c9f6 100644 --- a/arch/x86/kernel/head32.c +++ b/arch/x86/kernel/head32.c -@@ -18,20 +18,20 @@ +@@ -18,6 +18,7 @@ #include <asm/io_apic.h> #include <asm/bios_ebda.h> #include <asm/tlbflush.h> @@ -18027,14 +18140,7 @@ index c18f59d..69ddbc4 100644 static void __init i386_default_early_setup(void) { - /* Initialize 32bit specific setup functions */ -- x86_init.resources.reserve_resources = i386_reserve_resources; -- x86_init.mpparse.setup_ioapic_ids = setup_ioapic_ids_from_mpc; -+ *(void **)&x86_init.resources.reserve_resources = i386_reserve_resources; -+ *(void **)&x86_init.mpparse.setup_ioapic_ids = setup_ioapic_ids_from_mpc; - - reserve_ebda_region(); - } +@@ -30,8 +31,7 @@ static void __init i386_default_early_setup(void) void __init i386_start_kernel(void) { @@ -19346,74 +19452,6 @@ index 57916c0..9e0b9d0 100644 return ret; switch (val) { -diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c -index 4180a87..4678e4f 100644 ---- a/arch/x86/kernel/kvm.c -+++ b/arch/x86/kernel/kvm.c -@@ -267,7 +267,7 @@ static void __init paravirt_ops_setup(void) - pv_info.paravirt_enabled = 1; - - if (kvm_para_has_feature(KVM_FEATURE_NOP_IO_DELAY)) -- pv_cpu_ops.io_delay = kvm_io_delay; -+ *(void **)&pv_cpu_ops.io_delay = kvm_io_delay; - - #ifdef CONFIG_X86_IO_APIC - no_timer_check = 1; -@@ -461,18 +461,18 @@ void __init kvm_guest_init(void) - for (i = 0; i < KVM_TASK_SLEEP_HASHSIZE; i++) - spin_lock_init(&async_pf_sleepers[i].lock); - if (kvm_para_has_feature(KVM_FEATURE_ASYNC_PF)) -- x86_init.irqs.trap_init = kvm_apf_trap_init; -+ *(void **)&x86_init.irqs.trap_init = kvm_apf_trap_init; - - if (kvm_para_has_feature(KVM_FEATURE_STEAL_TIME)) { - has_steal_clock = 1; -- pv_time_ops.steal_clock = kvm_steal_clock; -+ *(void **)&pv_time_ops.steal_clock = kvm_steal_clock; - } - - if (kvm_para_has_feature(KVM_FEATURE_PV_EOI)) - apic_set_eoi_write(kvm_guest_apic_eoi_write); - - #ifdef CONFIG_SMP -- smp_ops.smp_prepare_boot_cpu = kvm_smp_prepare_boot_cpu; -+ *(void **)&smp_ops.smp_prepare_boot_cpu = kvm_smp_prepare_boot_cpu; - register_cpu_notifier(&kvm_cpu_notifier); - #else - kvm_guest_cpu_init(); -diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c -index f1b42b3..27ac4e7 100644 ---- a/arch/x86/kernel/kvmclock.c -+++ b/arch/x86/kernel/kvmclock.c -@@ -211,19 +211,19 @@ void __init kvmclock_init(void) - - if (kvm_register_clock("boot clock")) - return; -- pv_time_ops.sched_clock = kvm_clock_read; -- x86_platform.calibrate_tsc = kvm_get_tsc_khz; -- x86_platform.get_wallclock = kvm_get_wallclock; -- x86_platform.set_wallclock = kvm_set_wallclock; -+ *(void **)&pv_time_ops.sched_clock = kvm_clock_read; -+ *(void **)&x86_platform.calibrate_tsc = kvm_get_tsc_khz; -+ *(void **)&x86_platform.get_wallclock = kvm_get_wallclock; -+ *(void **)&x86_platform.set_wallclock = kvm_set_wallclock; - #ifdef CONFIG_X86_LOCAL_APIC -- x86_cpuinit.early_percpu_clock_init = -+ *(void **)&x86_cpuinit.early_percpu_clock_init = - kvm_setup_secondary_clock; - #endif -- x86_platform.save_sched_clock_state = kvm_save_sched_clock_state; -- x86_platform.restore_sched_clock_state = kvm_restore_sched_clock_state; -- machine_ops.shutdown = kvm_shutdown; -+ *(void **)&x86_platform.save_sched_clock_state = kvm_save_sched_clock_state; -+ *(void **)&x86_platform.restore_sched_clock_state = kvm_restore_sched_clock_state; -+ *(void **)&machine_ops.shutdown = kvm_shutdown; - #ifdef CONFIG_KEXEC -- machine_ops.crash_shutdown = kvm_crash_shutdown; -+ *(void **)&machine_ops.crash_shutdown = kvm_crash_shutdown; - #endif - kvm_get_preset_lpj(); - clocksource_register_hz(&kvm_clock, NSEC_PER_SEC); diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c index ebc9873..1b9724b 100644 --- a/arch/x86/kernel/ldt.c @@ -19534,7 +19572,7 @@ index 3544aed..01ddc1c 100644 static void microcode_fini_cpu(int cpu) diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c -index 216a4d7..b328f09 100644 +index 216a4d7..228255a 100644 --- a/arch/x86/kernel/module.c +++ b/arch/x86/kernel/module.c @@ -43,15 +43,60 @@ do { \ @@ -19545,7 +19583,7 @@ index 216a4d7..b328f09 100644 +static inline void *__module_alloc(unsigned long size, pgprot_t prot) { - if (PAGE_ALIGN(size) > MODULES_LEN) -+ if (size == 0 || PAGE_ALIGN(size) > MODULES_LEN) ++ if (!size || PAGE_ALIGN(size) > MODULES_LEN) return NULL; return __vmalloc_node_range(size, 1, MODULES_VADDR, MODULES_END, - GFP_KERNEL | __GFP_HIGHMEM, PAGE_KERNEL_EXEC, @@ -19706,7 +19744,7 @@ index 676b8c7..870ba04 100644 .spin_is_locked = __ticket_spin_is_locked, .spin_is_contended = __ticket_spin_is_contended, diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c -index 17fff18..0f5f957 100644 +index 17fff18..5cfa0f4 100644 --- a/arch/x86/kernel/paravirt.c +++ b/arch/x86/kernel/paravirt.c @@ -55,6 +55,9 @@ u64 _paravirt_ident_64(u64 x) @@ -19760,7 +19798,18 @@ index 17fff18..0f5f957 100644 .name = "bare hardware", .paravirt_enabled = 0, .kernel_rpl = 0, -@@ -324,7 +331,7 @@ struct pv_time_ops pv_time_ops = { +@@ -315,16 +322,16 @@ struct pv_info pv_info = { + #endif + }; + +-struct pv_init_ops pv_init_ops = { ++struct pv_init_ops pv_init_ops __read_only = { + .patch = native_patch, + }; + +-struct pv_time_ops pv_time_ops = { ++struct pv_time_ops pv_time_ops __read_only = { + .sched_clock = native_sched_clock, .steal_clock = native_steal_clock, }; @@ -19769,7 +19818,23 @@ index 17fff18..0f5f957 100644 .save_fl = __PV_IS_CALLEE_SAVE(native_save_fl), .restore_fl = __PV_IS_CALLEE_SAVE(native_restore_fl), .irq_disable = __PV_IS_CALLEE_SAVE(native_irq_disable), -@@ -401,15 +408,20 @@ struct pv_apic_ops pv_apic_ops = { +@@ -336,7 +343,7 @@ struct pv_irq_ops pv_irq_ops = { + #endif + }; + +-struct pv_cpu_ops pv_cpu_ops = { ++struct pv_cpu_ops pv_cpu_ops __read_only = { + .cpuid = native_cpuid, + .get_debugreg = native_get_debugreg, + .set_debugreg = native_set_debugreg, +@@ -395,21 +402,26 @@ struct pv_cpu_ops pv_cpu_ops = { + .end_context_switch = paravirt_nop, + }; + +-struct pv_apic_ops pv_apic_ops = { ++struct pv_apic_ops pv_apic_ops __read_only= { + #ifdef CONFIG_X86_LOCAL_APIC + .startup_ipi_hook = paravirt_nop, #endif }; @@ -19813,19 +19878,6 @@ index 17fff18..0f5f957 100644 }; EXPORT_SYMBOL_GPL(pv_time_ops); -diff --git a/arch/x86/kernel/pci-calgary_64.c b/arch/x86/kernel/pci-calgary_64.c -index 299d493..79c13dd 100644 ---- a/arch/x86/kernel/pci-calgary_64.c -+++ b/arch/x86/kernel/pci-calgary_64.c -@@ -1461,7 +1461,7 @@ int __init detect_calgary(void) - printk(KERN_INFO "PCI-DMA: Calgary TCE table spec is %d\n", - specified_table_size); - -- x86_init.iommu.iommu_init = calgary_iommu_init; -+ *(void **)&x86_init.iommu.iommu_init = calgary_iommu_init; - } - return calgary_found; - diff --git a/arch/x86/kernel/pci-iommu_table.c b/arch/x86/kernel/pci-iommu_table.c index 35ccf75..7a15747 100644 --- a/arch/x86/kernel/pci-iommu_table.c @@ -20118,7 +20170,7 @@ index 16c6365..5d32218 100644 ip = *(u64 *)(fp+8); if (!in_sched_functions(ip)) diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c -index 974b67e..12cb2b5 100644 +index 974b67e..53bdb6c 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c @@ -183,14 +183,13 @@ unsigned long kernel_stack_pointer(struct pt_regs *regs) @@ -20180,7 +20232,7 @@ index 974b67e..12cb2b5 100644 #ifdef CONFIG_X86_64 -static struct user_regset x86_64_regsets[] __read_mostly = { -+static struct user_regset x86_64_regsets[] = { ++static user_regset_no_const x86_64_regsets[] __read_only = { [REGSET_GENERAL] = { .core_note_type = NT_PRSTATUS, .n = sizeof(struct user_regs_struct) / sizeof(long), @@ -20189,11 +20241,11 @@ index 974b67e..12cb2b5 100644 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION -static struct user_regset x86_32_regsets[] __read_mostly = { -+static struct user_regset x86_32_regsets[] = { ++static user_regset_no_const x86_32_regsets[] __read_only = { [REGSET_GENERAL] = { .core_note_type = NT_PRSTATUS, .n = sizeof(struct user_regs_struct32) / sizeof(u32), -@@ -1419,13 +1418,13 @@ static const struct user_regset_view user_x86_32_view = { +@@ -1419,7 +1418,7 @@ static const struct user_regset_view user_x86_32_view = { */ u64 xstate_fx_sw_bytes[USER_XSTATE_FX_SW_WORDS]; @@ -20201,15 +20253,7 @@ index 974b67e..12cb2b5 100644 +void __init update_regset_xstate_info(unsigned int size, u64 xstate_mask) { #ifdef CONFIG_X86_64 -- x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64); -+ *(unsigned int *)&x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64); - #endif - #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION -- x86_32_regsets[REGSET_XSTATE].n = size / sizeof(u64); -+ *(unsigned int *)&x86_32_regsets[REGSET_XSTATE].n = size / sizeof(u64); - #endif - xstate_fx_sw_bytes[USER_XSTATE_XCR0_WORD] = xstate_mask; - } + x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64); @@ -1454,7 +1453,7 @@ static void fill_sigtrap_info(struct task_struct *tsk, memset(info, 0, sizeof(*info)); info->si_signo = SIGTRAP; @@ -20287,7 +20331,7 @@ index 42eb330..139955c 100644 return ret; diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c -index 76fa1e9..a93c759 100644 +index 76fa1e9..abf09ea 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -36,7 +36,7 @@ void (*pm_power_off)(void); @@ -20385,14 +20429,18 @@ index 76fa1e9..a93c759 100644 { if (pm_power_off) { if (!reboot_force) -@@ -688,6 +715,7 @@ static void native_machine_power_off(void) +@@ -688,9 +715,10 @@ static void native_machine_power_off(void) } /* A fallback in case there is no PM info available */ tboot_shutdown(TB_SHUTDOWN_HALT); + unreachable(); } - struct machine_ops machine_ops = { +-struct machine_ops machine_ops = { ++struct machine_ops machine_ops __read_only = { + .power_off = native_machine_power_off, + .shutdown = native_machine_shutdown, + .emergency_restart = native_machine_emergency_restart, diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S index 7a6f3b3..bed145d7 100644 --- a/arch/x86/kernel/relocate_kernel_64.S @@ -20585,6 +20633,19 @@ index 70b27ee..fcf827f 100644 } put_user_catch(err); err |= copy_siginfo_to_user(&frame->info, info); +diff --git a/arch/x86/kernel/smp.c b/arch/x86/kernel/smp.c +index 48d2b7d..90d328a 100644 +--- a/arch/x86/kernel/smp.c ++++ b/arch/x86/kernel/smp.c +@@ -285,7 +285,7 @@ static int __init nonmi_ipi_setup(char *str) + + __setup("nonmi_ipi", nonmi_ipi_setup); + +-struct smp_ops smp_ops = { ++struct smp_ops smp_ops __read_only = { + .smp_prepare_boot_cpu = native_smp_prepare_boot_cpu, + .smp_prepare_cpus = native_smp_prepare_cpus, + .smp_cpus_done = native_smp_cpus_done, diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index f3e2ec8..ad5287a 100644 --- a/arch/x86/kernel/smpboot.c @@ -21685,39 +21746,6 @@ index 22a1530..8fbaaad 100644 "kernel image bigger than KERNEL_IMAGE_SIZE"); #ifdef CONFIG_SMP -diff --git a/arch/x86/kernel/vsmp_64.c b/arch/x86/kernel/vsmp_64.c -index 992f890..0ab1aae 100644 ---- a/arch/x86/kernel/vsmp_64.c -+++ b/arch/x86/kernel/vsmp_64.c -@@ -114,7 +114,7 @@ static void __init set_vsmp_pv_ops(void) - pv_irq_ops.irq_enable = PV_CALLEE_SAVE(vsmp_irq_enable); - pv_irq_ops.save_fl = PV_CALLEE_SAVE(vsmp_save_fl); - pv_irq_ops.restore_fl = PV_CALLEE_SAVE(vsmp_restore_fl); -- pv_init_ops.patch = vsmp_patch; -+ *(void **)&pv_init_ops.patch = vsmp_patch; - ctl &= ~(1 << 4); - } - writel(ctl, address + 4); -@@ -217,8 +217,8 @@ static void fill_vector_allocation_domain(int cpu, struct cpumask *retmask, - static void vsmp_apic_post_init(void) - { - /* need to update phys_pkg_id */ -- apic->phys_pkg_id = apicid_phys_pkg_id; -- apic->vector_allocation_domain = fill_vector_allocation_domain; -+ *(void **)&apic->phys_pkg_id = apicid_phys_pkg_id; -+ *(void **)&apic->vector_allocation_domain = fill_vector_allocation_domain; - } - - void __init vsmp_init(void) -@@ -227,7 +227,7 @@ void __init vsmp_init(void) - if (!is_vsmp_box()) - return; - -- x86_platform.apic_post_init = vsmp_apic_post_init; -+ *(void **)&x86_platform.apic_post_init = vsmp_apic_post_init; - - vsmp_cap_cpus(); - diff --git a/arch/x86/kernel/vsyscall_64.c b/arch/x86/kernel/vsyscall_64.c index 3a3e8c9..1af9465 100644 --- a/arch/x86/kernel/vsyscall_64.c @@ -21774,6 +21802,45 @@ index 1330dd1..d220b99 100644 EXPORT_SYMBOL(copy_page); EXPORT_SYMBOL(clear_page); +diff --git a/arch/x86/kernel/x86_init.c b/arch/x86/kernel/x86_init.c +index 7a3d075..6cb373d 100644 +--- a/arch/x86/kernel/x86_init.c ++++ b/arch/x86/kernel/x86_init.c +@@ -88,7 +88,7 @@ struct x86_init_ops x86_init __initdata = { + }, + }; + +-struct x86_cpuinit_ops x86_cpuinit __cpuinitdata = { ++struct x86_cpuinit_ops x86_cpuinit __cpuinitconst = { + .early_percpu_clock_init = x86_init_noop, + .setup_percpu_clockev = setup_secondary_APIC_clock, + }; +@@ -96,7 +96,7 @@ struct x86_cpuinit_ops x86_cpuinit __cpuinitdata = { + static void default_nmi_init(void) { }; + static int default_i8042_detect(void) { return 1; }; + +-struct x86_platform_ops x86_platform = { ++struct x86_platform_ops x86_platform __read_only = { + .calibrate_tsc = native_calibrate_tsc, + .get_wallclock = mach_get_cmos_time, + .set_wallclock = mach_set_rtc_mmss, +@@ -110,14 +110,14 @@ struct x86_platform_ops x86_platform = { + }; + + EXPORT_SYMBOL_GPL(x86_platform); +-struct x86_msi_ops x86_msi = { ++struct x86_msi_ops x86_msi __read_only = { + .setup_msi_irqs = native_setup_msi_irqs, + .teardown_msi_irq = native_teardown_msi_irq, + .teardown_msi_irqs = default_teardown_msi_irqs, + .restore_msi_irqs = default_restore_msi_irqs, + }; + +-struct x86_io_apic_ops x86_io_apic_ops = { ++struct x86_io_apic_ops x86_io_apic_ops __read_only = { + .init = native_io_apic_init_mappings, + .read = native_io_apic_read, + .write = native_io_apic_write, diff --git a/arch/x86/kernel/xsave.c b/arch/x86/kernel/xsave.c index ada87a3..afea76d 100644 --- a/arch/x86/kernel/xsave.c @@ -22086,28 +22153,9 @@ index 4f76417..93429b5 100644 int r; struct kvm_x86_ops *ops = (struct kvm_x86_ops *)opaque; diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c -index 642d880..5dd034e 100644 +index 642d880..44e0f3f 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c -@@ -1116,12 +1116,12 @@ static u32 lguest_apic_safe_wait_icr_idle(void) - - static void set_lguest_basic_apic_ops(void) - { -- apic->read = lguest_apic_read; -- apic->write = lguest_apic_write; -- apic->icr_read = lguest_apic_icr_read; -- apic->icr_write = lguest_apic_icr_write; -- apic->wait_icr_idle = lguest_apic_wait_icr_idle; -- apic->safe_wait_icr_idle = lguest_apic_safe_wait_icr_idle; -+ *(void **)&apic->read = lguest_apic_read; -+ *(void **)&apic->write = lguest_apic_write; -+ *(void **)&apic->icr_read = lguest_apic_icr_read; -+ *(void **)&apic->icr_write = lguest_apic_icr_write; -+ *(void **)&apic->wait_icr_idle = lguest_apic_wait_icr_idle; -+ *(void **)&apic->safe_wait_icr_idle = lguest_apic_safe_wait_icr_idle; - }; - #endif - @@ -1200,9 +1200,10 @@ static __init int early_put_chars(u32 vtermno, const char *buf, int count) * Rebooting also tells the Host we're finished, but the RESTART flag tells the * Launcher to reboot us. @@ -22120,81 +22168,6 @@ index 642d880..5dd034e 100644 } /*G:050 -@@ -1292,28 +1293,28 @@ __init void lguest_init(void) - pv_irq_ops.safe_halt = lguest_safe_halt; - - /* Setup operations */ -- pv_init_ops.patch = lguest_patch; -+ *(void **)&pv_init_ops.patch = lguest_patch; - - /* Intercepts of various CPU instructions */ -- pv_cpu_ops.load_gdt = lguest_load_gdt; -- pv_cpu_ops.cpuid = lguest_cpuid; -- pv_cpu_ops.load_idt = lguest_load_idt; -- pv_cpu_ops.iret = lguest_iret; -- pv_cpu_ops.load_sp0 = lguest_load_sp0; -- pv_cpu_ops.load_tr_desc = lguest_load_tr_desc; -- pv_cpu_ops.set_ldt = lguest_set_ldt; -- pv_cpu_ops.load_tls = lguest_load_tls; -- pv_cpu_ops.set_debugreg = lguest_set_debugreg; -- pv_cpu_ops.clts = lguest_clts; -- pv_cpu_ops.read_cr0 = lguest_read_cr0; -- pv_cpu_ops.write_cr0 = lguest_write_cr0; -- pv_cpu_ops.read_cr4 = lguest_read_cr4; -- pv_cpu_ops.write_cr4 = lguest_write_cr4; -- pv_cpu_ops.write_gdt_entry = lguest_write_gdt_entry; -- pv_cpu_ops.write_idt_entry = lguest_write_idt_entry; -- pv_cpu_ops.wbinvd = lguest_wbinvd; -- pv_cpu_ops.start_context_switch = paravirt_start_context_switch; -- pv_cpu_ops.end_context_switch = lguest_end_context_switch; -+ *(void **)&pv_cpu_ops.load_gdt = lguest_load_gdt; -+ *(void **)&pv_cpu_ops.cpuid = lguest_cpuid; -+ *(void **)&pv_cpu_ops.load_idt = lguest_load_idt; -+ *(void **)&pv_cpu_ops.iret = lguest_iret; -+ *(void **)&pv_cpu_ops.load_sp0 = lguest_load_sp0; -+ *(void **)&pv_cpu_ops.load_tr_desc = lguest_load_tr_desc; -+ *(void **)&pv_cpu_ops.set_ldt = lguest_set_ldt; -+ *(void **)&pv_cpu_ops.load_tls = lguest_load_tls; -+ *(void **)&pv_cpu_ops.set_debugreg = lguest_set_debugreg; -+ *(void **)&pv_cpu_ops.clts = lguest_clts; -+ *(void **)&pv_cpu_ops.read_cr0 = lguest_read_cr0; -+ *(void **)&pv_cpu_ops.write_cr0 = lguest_write_cr0; -+ *(void **)&pv_cpu_ops.read_cr4 = lguest_read_cr4; -+ *(void **)&pv_cpu_ops.write_cr4 = lguest_write_cr4; -+ *(void **)&pv_cpu_ops.write_gdt_entry = lguest_write_gdt_entry; -+ *(void **)&pv_cpu_ops.write_idt_entry = lguest_write_idt_entry; -+ *(void **)&pv_cpu_ops.wbinvd = lguest_wbinvd; -+ *(void **)&pv_cpu_ops.start_context_switch = paravirt_start_context_switch; -+ *(void **)&pv_cpu_ops.end_context_switch = lguest_end_context_switch; - - /* Pagetable management */ - pv_mmu_ops.write_cr3 = lguest_write_cr3; -@@ -1341,11 +1342,11 @@ __init void lguest_init(void) - set_lguest_basic_apic_ops(); - #endif - -- x86_init.resources.memory_setup = lguest_memory_setup; -- x86_init.irqs.intr_init = lguest_init_IRQ; -- x86_init.timers.timer_init = lguest_time_init; -- x86_platform.calibrate_tsc = lguest_tsc_khz; -- x86_platform.get_wallclock = lguest_get_wallclock; -+ *(void **)&x86_init.resources.memory_setup = lguest_memory_setup; -+ *(void **)&x86_init.irqs.intr_init = lguest_init_IRQ; -+ *(void **)&x86_init.timers.timer_init = lguest_time_init; -+ *(void **)&x86_platform.calibrate_tsc = lguest_tsc_khz; -+ *(void **)&x86_platform.get_wallclock = lguest_get_wallclock; - - /* - * Now is a good time to look at the implementations of these functions -@@ -1434,7 +1435,7 @@ __init void lguest_init(void) - * routine. - */ - pm_power_off = lguest_power_off; -- machine_ops.restart = lguest_restart; -+ *(void **)&machine_ops.restart = lguest_restart; - - /* - * Now we're set up, call i386_start_kernel() in head32.c and we proceed diff --git a/arch/x86/lib/atomic64_386_32.S b/arch/x86/lib/atomic64_386_32.S index 00933d5..3a64af9 100644 --- a/arch/x86/lib/atomic64_386_32.S @@ -26579,7 +26552,7 @@ index 11a5800..4bd9977 100644 printk(KERN_INFO "Write protecting the kernel text: %luk\n", size >> 10); diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c -index 3baff25..8b37564 100644 +index 3baff25..678a54e 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -74,7 +74,7 @@ early_param("gbpages", parse_direct_gbpages_on); @@ -26727,7 +26700,17 @@ index 3baff25..8b37564 100644 /* clear_bss() already clear the empty_zero_page */ reservedpages = 0; -@@ -851,8 +871,8 @@ int kern_addr_valid(unsigned long addr) +@@ -829,6 +849,9 @@ int kern_addr_valid(unsigned long addr) + if (pud_none(*pud)) + return 0; + ++ if (pud_large(*pud)) ++ return pfn_valid(pud_pfn(*pud)); ++ + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return 0; +@@ -851,8 +874,8 @@ int kern_addr_valid(unsigned long addr) static struct vm_area_struct gate_vma = { .vm_start = VSYSCALL_START, .vm_end = VSYSCALL_START + (VSYSCALL_MAPPED_PAGES * PAGE_SIZE), @@ -26738,7 +26721,7 @@ index 3baff25..8b37564 100644 }; struct vm_area_struct *get_gate_vma(struct mm_struct *mm) -@@ -886,7 +906,7 @@ int in_gate_area_no_mm(unsigned long addr) +@@ -886,7 +909,7 @@ int in_gate_area_no_mm(unsigned long addr) const char *arch_vma_name(struct vm_area_struct *vma) { @@ -27946,19 +27929,6 @@ index d6aa6e8..266395a 100644 unsigned long stack = kernel_stack_pointer(regs); if (depth) dump_trace(NULL, regs, (unsigned long *)stack, 0, -diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c -index 192397c..5ba6f9e 100644 ---- a/arch/x86/pci/acpi.c -+++ b/arch/x86/pci/acpi.c -@@ -568,7 +568,7 @@ int __init pci_acpi_init(void) - acpi_irq_penalty_init(); - pcibios_enable_irq = acpi_pci_irq_enable; - pcibios_disable_irq = acpi_pci_irq_disable; -- x86_init.pci.init_irq = x86_init_noop; -+ *(void **)&x86_init.pci.init_irq = x86_init_noop; - - if (pci_routeirq) { - /* diff --git a/arch/x86/pci/mrst.c b/arch/x86/pci/mrst.c index e14a2ff..3fd6b58 100644 --- a/arch/x86/pci/mrst.c @@ -28282,62 +28252,6 @@ index da8fe05..7ee6704 100644 return !(ret & 0xff00); } EXPORT_SYMBOL(pcibios_set_irq_routing); -diff --git a/arch/x86/pci/xen.c b/arch/x86/pci/xen.c -index 56ab749..3cb792a 100644 ---- a/arch/x86/pci/xen.c -+++ b/arch/x86/pci/xen.c -@@ -395,9 +395,9 @@ int __init pci_xen_init(void) - #endif - - #ifdef CONFIG_PCI_MSI -- x86_msi.setup_msi_irqs = xen_setup_msi_irqs; -- x86_msi.teardown_msi_irq = xen_teardown_msi_irq; -- x86_msi.teardown_msi_irqs = xen_teardown_msi_irqs; -+ *(void **)&x86_msi.setup_msi_irqs = xen_setup_msi_irqs; -+ *(void **)&x86_msi.teardown_msi_irq = xen_teardown_msi_irq; -+ *(void **)&x86_msi.teardown_msi_irqs = xen_teardown_msi_irqs; - #endif - return 0; - } -@@ -416,8 +416,8 @@ int __init pci_xen_hvm_init(void) - #endif - - #ifdef CONFIG_PCI_MSI -- x86_msi.setup_msi_irqs = xen_hvm_setup_msi_irqs; -- x86_msi.teardown_msi_irq = xen_teardown_msi_irq; -+ *(void **)&x86_msi.setup_msi_irqs = xen_hvm_setup_msi_irqs; -+ *(void **)&x86_msi.teardown_msi_irq = xen_teardown_msi_irq; - #endif - return 0; - } -@@ -474,9 +474,9 @@ int __init pci_xen_initial_domain(void) - int irq; - - #ifdef CONFIG_PCI_MSI -- x86_msi.setup_msi_irqs = xen_initdom_setup_msi_irqs; -- x86_msi.teardown_msi_irq = xen_teardown_msi_irq; -- x86_msi.restore_msi_irqs = xen_initdom_restore_msi_irqs; -+ *(void **)&x86_msi.setup_msi_irqs = xen_initdom_setup_msi_irqs; -+ *(void **)&x86_msi.teardown_msi_irq = xen_teardown_msi_irq; -+ *(void **)&x86_msi.restore_msi_irqs = xen_initdom_restore_msi_irqs; - #endif - xen_setup_acpi_sci(); - __acpi_register_gsi = acpi_register_gsi_xen; -diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c -index 77cf009..7fe44c8 100644 ---- a/arch/x86/platform/efi/efi.c -+++ b/arch/x86/platform/efi/efi.c -@@ -746,8 +746,8 @@ void __init efi_init(void) - - #ifdef CONFIG_X86_32 - if (efi_is_native()) { -- x86_platform.get_wallclock = efi_get_time; -- x86_platform.set_wallclock = efi_set_rtc_mmss; -+ *(void **)&x86_platform.get_wallclock = efi_get_time; -+ *(void **)&x86_platform.set_wallclock = efi_set_rtc_mmss; - } - #endif - diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c index 40e4469..1ab536e 100644 --- a/arch/x86/platform/efi/efi_32.c @@ -28577,7 +28491,7 @@ index 4c07cca..2c8427d 100644 ret ENDPROC(efi_call6) diff --git a/arch/x86/platform/mrst/mrst.c b/arch/x86/platform/mrst/mrst.c -index fd41a92..bc8091d 100644 +index fd41a92..9c33628 100644 --- a/arch/x86/platform/mrst/mrst.c +++ b/arch/x86/platform/mrst/mrst.c @@ -78,13 +78,15 @@ struct sfi_rtc_table_entry sfi_mrtc_array[SFI_MRTC_MAX]; @@ -28598,105 +28512,6 @@ index fd41a92..bc8091d 100644 } /* parse all the mtimer info to a static mtimer array */ -@@ -233,14 +235,14 @@ static void __init mrst_time_init(void) - case MRST_TIMER_APBT_ONLY: - break; - case MRST_TIMER_LAPIC_APBT: -- x86_init.timers.setup_percpu_clockev = setup_boot_APIC_clock; -- x86_cpuinit.setup_percpu_clockev = setup_secondary_APIC_clock; -+ *(void **)&x86_init.timers.setup_percpu_clockev = setup_boot_APIC_clock; -+ *(void **)&x86_cpuinit.setup_percpu_clockev = setup_secondary_APIC_clock; - break; - default: - if (!boot_cpu_has(X86_FEATURE_ARAT)) - break; -- x86_init.timers.setup_percpu_clockev = setup_boot_APIC_clock; -- x86_cpuinit.setup_percpu_clockev = setup_secondary_APIC_clock; -+ *(void **)&x86_init.timers.setup_percpu_clockev = setup_boot_APIC_clock; -+ *(void **)&x86_cpuinit.setup_percpu_clockev = setup_secondary_APIC_clock; - return; - } - /* we need at least one APB timer */ -@@ -282,35 +284,35 @@ static unsigned char mrst_get_nmi_reason(void) - */ - void __init x86_mrst_early_setup(void) - { -- x86_init.resources.probe_roms = x86_init_noop; -- x86_init.resources.reserve_resources = x86_init_noop; -+ *(void **)&x86_init.resources.probe_roms = x86_init_noop; -+ *(void **)&x86_init.resources.reserve_resources = x86_init_noop; - -- x86_init.timers.timer_init = mrst_time_init; -- x86_init.timers.setup_percpu_clockev = x86_init_noop; -+ *(void **)&x86_init.timers.timer_init = mrst_time_init; -+ *(void **)&x86_init.timers.setup_percpu_clockev = x86_init_noop; - -- x86_init.irqs.pre_vector_init = x86_init_noop; -+ *(void **)&x86_init.irqs.pre_vector_init = x86_init_noop; - -- x86_init.oem.arch_setup = mrst_arch_setup; -+ *(void **)&x86_init.oem.arch_setup = mrst_arch_setup; - -- x86_cpuinit.setup_percpu_clockev = apbt_setup_secondary_clock; -+ *(void **)&x86_cpuinit.setup_percpu_clockev = apbt_setup_secondary_clock; - -- x86_platform.calibrate_tsc = mrst_calibrate_tsc; -- x86_platform.i8042_detect = mrst_i8042_detect; -- x86_init.timers.wallclock_init = mrst_rtc_init; -- x86_platform.get_nmi_reason = mrst_get_nmi_reason; -+ *(void **)&x86_platform.calibrate_tsc = mrst_calibrate_tsc; -+ *(void **)&x86_platform.i8042_detect = mrst_i8042_detect; -+ *(void **)&x86_init.timers.wallclock_init = mrst_rtc_init; -+ *(void **)&x86_platform.get_nmi_reason = mrst_get_nmi_reason; - -- x86_init.pci.init = pci_mrst_init; -- x86_init.pci.fixup_irqs = x86_init_noop; -+ *(void **)&x86_init.pci.init = pci_mrst_init; -+ *(void **)&x86_init.pci.fixup_irqs = x86_init_noop; - - legacy_pic = &null_legacy_pic; - - /* Moorestown specific power_off/restart method */ - pm_power_off = mrst_power_off; -- machine_ops.emergency_restart = mrst_reboot; -+ *(void **)&machine_ops.emergency_restart = mrst_reboot; - - /* Avoid searching for BIOS MP tables */ -- x86_init.mpparse.find_smp_config = x86_init_noop; -- x86_init.mpparse.get_smp_config = x86_init_uint_noop; -+ *(void **)&x86_init.mpparse.find_smp_config = x86_init_noop; -+ *(void **)&x86_init.mpparse.get_smp_config = x86_init_uint_noop; - set_bit(MP_BUS_ISA, mp_bus_not_pci); - } - -diff --git a/arch/x86/platform/mrst/vrtc.c b/arch/x86/platform/mrst/vrtc.c -index 225bd0f..22e8086 100644 ---- a/arch/x86/platform/mrst/vrtc.c -+++ b/arch/x86/platform/mrst/vrtc.c -@@ -120,8 +120,8 @@ void __init mrst_rtc_init(void) - - vrtc_virt_base = (void __iomem *)set_fixmap_offset_nocache(FIX_LNW_VRTC, - vrtc_paddr); -- x86_platform.get_wallclock = vrtc_get_time; -- x86_platform.set_wallclock = vrtc_set_mmss; -+ *(void **)&x86_platform.get_wallclock = vrtc_get_time; -+ *(void **)&x86_platform.set_wallclock = vrtc_set_mmss; - } - - /* -diff --git a/arch/x86/platform/olpc/olpc.c b/arch/x86/platform/olpc/olpc.c -index 2737608..0d62cc2 100644 ---- a/arch/x86/platform/olpc/olpc.c -+++ b/arch/x86/platform/olpc/olpc.c -@@ -395,7 +395,7 @@ static int __init olpc_init(void) - * XO-1 only. */ - if (olpc_platform_info.boardrev < olpc_board_pre(0xd0) && - !cs5535_has_vsa2()) -- x86_init.pci.arch_init = pci_olpc_init; -+ *(void **)&x86_init.pci.arch_init = pci_olpc_init; - #endif - - if (olpc_platform_info.boardrev < olpc_board_pre(0xd0)) { /* XO-1 */ diff --git a/arch/x86/platform/olpc/olpc_dt.c b/arch/x86/platform/olpc/olpc_dt.c index d6ee929..3637cb5 100644 --- a/arch/x86/platform/olpc/olpc_dt.c @@ -29219,19 +29034,8 @@ index 00aaf04..4a26505 100644 - return 0; -} -__setup("vdso=", vdso_setup); -diff --git a/arch/x86/xen/apic.c b/arch/x86/xen/apic.c -index 7005ced..530d6eb 100644 ---- a/arch/x86/xen/apic.c -+++ b/arch/x86/xen/apic.c -@@ -30,5 +30,5 @@ static unsigned int xen_io_apic_read(unsigned apic, unsigned reg) - - void __init xen_init_apic(void) - { -- x86_io_apic_ops.read = xen_io_apic_read; -+ *(void **)&x86_io_apic_ops.read = xen_io_apic_read; - } diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c -index 586d838..9181904 100644 +index 586d838..e883209 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c @@ -99,8 +99,6 @@ EXPORT_SYMBOL_GPL(xen_start_info); @@ -29263,41 +29067,15 @@ index 586d838..9181904 100644 int f; /* -@@ -918,21 +914,21 @@ static u32 xen_safe_apic_wait_icr_idle(void) - - static void set_xen_basic_apic_ops(void) - { -- apic->read = xen_apic_read; -- apic->write = xen_apic_write; -- apic->icr_read = xen_apic_icr_read; -- apic->icr_write = xen_apic_icr_write; -- apic->wait_icr_idle = xen_apic_wait_icr_idle; -- apic->safe_wait_icr_idle = xen_safe_apic_wait_icr_idle; -- apic->set_apic_id = xen_set_apic_id; -- apic->get_apic_id = xen_get_apic_id; -+ *(void **)&apic->read = xen_apic_read; -+ *(void **)&apic->write = xen_apic_write; -+ *(void **)&apic->icr_read = xen_apic_icr_read; -+ *(void **)&apic->icr_write = xen_apic_icr_write; -+ *(void **)&apic->wait_icr_idle = xen_apic_wait_icr_idle; -+ *(void **)&apic->safe_wait_icr_idle = xen_safe_apic_wait_icr_idle; -+ *(void **)&apic->set_apic_id = xen_set_apic_id; -+ *(void **)&apic->get_apic_id = xen_get_apic_id; - - #ifdef CONFIG_SMP -- apic->send_IPI_allbutself = xen_send_IPI_allbutself; -- apic->send_IPI_mask_allbutself = xen_send_IPI_mask_allbutself; -- apic->send_IPI_mask = xen_send_IPI_mask; -- apic->send_IPI_all = xen_send_IPI_all; -- apic->send_IPI_self = xen_send_IPI_self; -+ *(void **)&apic->send_IPI_allbutself = xen_send_IPI_allbutself; -+ *(void **)&apic->send_IPI_mask_allbutself = xen_send_IPI_mask_allbutself; -+ *(void **)&apic->send_IPI_mask = xen_send_IPI_mask; -+ *(void **)&apic->send_IPI_all = xen_send_IPI_all; -+ *(void **)&apic->send_IPI_self = xen_send_IPI_self; - #endif +@@ -916,7 +912,7 @@ static u32 xen_safe_apic_wait_icr_idle(void) + return 0; } +-static void set_xen_basic_apic_ops(void) ++static void __init set_xen_basic_apic_ops(void) + { + apic->read = xen_apic_read; + apic->write = xen_apic_write; @@ -1222,30 +1218,30 @@ static const struct pv_apic_ops xen_apic_ops __initconst = { #endif }; @@ -29336,45 +29114,6 @@ index 586d838..9181904 100644 { if (pm_power_off) pm_power_off(); -@@ -1290,14 +1286,14 @@ static const struct machine_ops xen_machine_ops __initconst = { - */ - static void __init xen_setup_stackprotector(void) - { -- pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry_boot; -- pv_cpu_ops.load_gdt = xen_load_gdt_boot; -+ *(void **)&pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry_boot; -+ *(void **)&pv_cpu_ops.load_gdt = xen_load_gdt_boot; - - setup_stack_canary_segment(0); - switch_to_new_gdt(0); - -- pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry; -- pv_cpu_ops.load_gdt = xen_load_gdt; -+ *(void **)&pv_cpu_ops.write_gdt_entry = xen_write_gdt_entry; -+ *(void **)&pv_cpu_ops.load_gdt = xen_load_gdt; - } - - /* First C function to be called on Xen boot */ -@@ -1315,13 +1311,13 @@ asmlinkage void __init xen_start_kernel(void) - - /* Install Xen paravirt ops */ - pv_info = xen_info; -- pv_init_ops = xen_init_ops; -- pv_cpu_ops = xen_cpu_ops; -- pv_apic_ops = xen_apic_ops; -+ memcpy((void *)&pv_init_ops, &xen_init_ops, sizeof pv_init_ops); -+ memcpy((void *)&pv_cpu_ops, &xen_cpu_ops, sizeof pv_cpu_ops); -+ memcpy((void *)&pv_apic_ops, &xen_apic_ops, sizeof pv_apic_ops); - -- x86_init.resources.memory_setup = xen_memory_setup; -- x86_init.oem.arch_setup = xen_arch_setup; -- x86_init.oem.banner = xen_banner; -+ *(void **)&x86_init.resources.memory_setup = xen_memory_setup; -+ *(void **)&x86_init.oem.arch_setup = xen_arch_setup; -+ *(void **)&x86_init.oem.banner = xen_banner; - - xen_init_time_ops(); - @@ -1347,7 +1343,17 @@ asmlinkage void __init xen_start_kernel(void) __userpte_alloc_gfp &= ~__GFP_HIGHMEM; @@ -29410,48 +29149,8 @@ index 586d838..9181904 100644 xen_smp_init(); -@@ -1450,7 +1449,7 @@ asmlinkage void __init xen_start_kernel(void) - add_preferred_console("tty", 0, NULL); - add_preferred_console("hvc", 0, NULL); - if (pci_xen) -- x86_init.pci.arch_init = pci_xen_init; -+ *(void **)&x86_init.pci.arch_init = pci_xen_init; - } else { - const struct dom0_vga_console_info *info = - (void *)((char *)xen_start_info + -@@ -1476,8 +1475,8 @@ asmlinkage void __init xen_start_kernel(void) - xen_acpi_sleep_register(); - - /* Avoid searching for BIOS MP tables */ -- x86_init.mpparse.find_smp_config = x86_init_noop; -- x86_init.mpparse.get_smp_config = x86_init_uint_noop; -+ *(void **)&x86_init.mpparse.find_smp_config = x86_init_noop; -+ *(void **)&x86_init.mpparse.get_smp_config = x86_init_uint_noop; - } - #ifdef CONFIG_PCI - /* PCI BIOS service won't work from a PV guest. */ -@@ -1583,7 +1582,7 @@ static void __init xen_hvm_guest_init(void) - xen_hvm_smp_init(); - register_cpu_notifier(&xen_hvm_cpu_notifier); - xen_unplug_emulated_devices(); -- x86_init.irqs.intr_init = xen_init_IRQ; -+ *(void **)&x86_init.irqs.intr_init = xen_init_IRQ; - xen_hvm_init_time_ops(); - xen_hvm_init_mmu_ops(); - } -diff --git a/arch/x86/xen/irq.c b/arch/x86/xen/irq.c -index 01a4dc0..3ca0cc9 100644 ---- a/arch/x86/xen/irq.c -+++ b/arch/x86/xen/irq.c -@@ -130,5 +130,5 @@ static const struct pv_irq_ops xen_irq_ops __initconst = { - void __init xen_init_irq_ops(void) - { - pv_irq_ops = xen_irq_ops; -- x86_init.irqs.intr_init = xen_init_IRQ; -+ *(void **)&x86_init.irqs.intr_init = xen_init_IRQ; - } diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c -index dcf5f2d..5f72fe7 100644 +index dcf5f2d..d804c25 100644 --- a/arch/x86/xen/mmu.c +++ b/arch/x86/xen/mmu.c @@ -1881,6 +1881,9 @@ void __init xen_setup_kernel_pagetable(pgd_t *pgd, unsigned long max_pfn) @@ -29493,19 +29192,8 @@ index dcf5f2d..5f72fe7 100644 .alloc_pud = xen_alloc_pmd_init, .release_pud = xen_release_pmd_init, -@@ -2197,8 +2206,8 @@ static const struct pv_mmu_ops xen_mmu_ops __initconst = { - - void __init xen_init_mmu_ops(void) - { -- x86_init.mapping.pagetable_reserve = xen_mapping_pagetable_reserve; -- x86_init.paging.pagetable_init = xen_pagetable_init; -+ *(void **)&x86_init.mapping.pagetable_reserve = xen_mapping_pagetable_reserve; -+ *(void **)&x86_init.paging.pagetable_init = xen_pagetable_init; - pv_mmu_ops = xen_mmu_ops; - - memset(dummy_mapping, 0xff, PAGE_SIZE); diff --git a/arch/x86/xen/smp.c b/arch/x86/xen/smp.c -index 353c50f..a0b9b0d 100644 +index 353c50f..8f3c179 100644 --- a/arch/x86/xen/smp.c +++ b/arch/x86/xen/smp.c @@ -229,11 +229,6 @@ static void __init xen_smp_prepare_boot_cpu(void) @@ -29561,92 +29249,6 @@ index 353c50f..a0b9b0d 100644 xen_fill_possible_map(); xen_init_spinlocks(); } -@@ -672,10 +666,10 @@ void __init xen_hvm_smp_init(void) - { - if (!xen_have_vector_callback) - return; -- smp_ops.smp_prepare_cpus = xen_hvm_smp_prepare_cpus; -- smp_ops.smp_send_reschedule = xen_smp_send_reschedule; -- smp_ops.cpu_up = xen_hvm_cpu_up; -- smp_ops.cpu_die = xen_hvm_cpu_die; -- smp_ops.send_call_func_ipi = xen_smp_send_call_function_ipi; -- smp_ops.send_call_func_single_ipi = xen_smp_send_call_function_single_ipi; -+ *(void **)&smp_ops.smp_prepare_cpus = xen_hvm_smp_prepare_cpus; -+ *(void **)&smp_ops.smp_send_reschedule = xen_smp_send_reschedule; -+ *(void **)&smp_ops.cpu_up = xen_hvm_cpu_up; -+ *(void **)&smp_ops.cpu_die = xen_hvm_cpu_die; -+ *(void **)&smp_ops.send_call_func_ipi = xen_smp_send_call_function_ipi; -+ *(void **)&smp_ops.send_call_func_single_ipi = xen_smp_send_call_function_single_ipi; - } -diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c -index 83e866d..ef60385 100644 ---- a/arch/x86/xen/spinlock.c -+++ b/arch/x86/xen/spinlock.c -@@ -390,12 +390,12 @@ void __init xen_init_spinlocks(void) - { - BUILD_BUG_ON(sizeof(struct xen_spinlock) > sizeof(arch_spinlock_t)); - -- pv_lock_ops.spin_is_locked = xen_spin_is_locked; -- pv_lock_ops.spin_is_contended = xen_spin_is_contended; -- pv_lock_ops.spin_lock = xen_spin_lock; -- pv_lock_ops.spin_lock_flags = xen_spin_lock_flags; -- pv_lock_ops.spin_trylock = xen_spin_trylock; -- pv_lock_ops.spin_unlock = xen_spin_unlock; -+ *(void **)&pv_lock_ops.spin_is_locked = xen_spin_is_locked; -+ *(void **)&pv_lock_ops.spin_is_contended = xen_spin_is_contended; -+ *(void **)&pv_lock_ops.spin_lock = xen_spin_lock; -+ *(void **)&pv_lock_ops.spin_lock_flags = xen_spin_lock_flags; -+ *(void **)&pv_lock_ops.spin_trylock = xen_spin_trylock; -+ *(void **)&pv_lock_ops.spin_unlock = xen_spin_unlock; - } - - #ifdef CONFIG_XEN_DEBUG_FS -diff --git a/arch/x86/xen/time.c b/arch/x86/xen/time.c -index 0296a95..3c51a2d 100644 ---- a/arch/x86/xen/time.c -+++ b/arch/x86/xen/time.c -@@ -481,15 +481,15 @@ static void __init xen_time_init(void) - - void __init xen_init_time_ops(void) - { -- pv_time_ops = xen_time_ops; -+ memcpy((void *)&pv_time_ops, &xen_time_ops, sizeof pv_time_ops); - -- x86_init.timers.timer_init = xen_time_init; -- x86_init.timers.setup_percpu_clockev = x86_init_noop; -- x86_cpuinit.setup_percpu_clockev = x86_init_noop; -+ *(void **)&x86_init.timers.timer_init = xen_time_init; -+ *(void **)&x86_init.timers.setup_percpu_clockev = x86_init_noop; -+ *(void **)&x86_cpuinit.setup_percpu_clockev = x86_init_noop; - -- x86_platform.calibrate_tsc = xen_tsc_khz; -- x86_platform.get_wallclock = xen_get_wallclock; -- x86_platform.set_wallclock = xen_set_wallclock; -+ *(void **)&x86_platform.calibrate_tsc = xen_tsc_khz; -+ *(void **)&x86_platform.get_wallclock = xen_get_wallclock; -+ *(void **)&x86_platform.set_wallclock = xen_set_wallclock; - } - - #ifdef CONFIG_XEN_PVHVM -@@ -514,12 +514,12 @@ void __init xen_hvm_init_time_ops(void) - return; - } - -- pv_time_ops = xen_time_ops; -- x86_init.timers.setup_percpu_clockev = xen_time_init; -- x86_cpuinit.setup_percpu_clockev = xen_hvm_setup_cpu_clockevents; -+ memcpy((void *)&pv_time_ops, &xen_time_ops, sizeof pv_time_ops); -+ *(void **)&x86_init.timers.setup_percpu_clockev = xen_time_init; -+ *(void **)&x86_cpuinit.setup_percpu_clockev = xen_hvm_setup_cpu_clockevents; - -- x86_platform.calibrate_tsc = xen_tsc_khz; -- x86_platform.get_wallclock = xen_get_wallclock; -- x86_platform.set_wallclock = xen_set_wallclock; -+ *(void **)&x86_platform.calibrate_tsc = xen_tsc_khz; -+ *(void **)&x86_platform.get_wallclock = xen_get_wallclock; -+ *(void **)&x86_platform.set_wallclock = xen_set_wallclock; - } - #endif diff --git a/arch/x86/xen/xen-asm_32.S b/arch/x86/xen/xen-asm_32.S index f9643fc..602e8af 100644 --- a/arch/x86/xen/xen-asm_32.S @@ -32310,7 +31912,7 @@ index 84ddc55..1d32f1e 100644 return 0; } diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c -index 8ab9c3d..c3e65d3 100644 +index 088c8fd..774c5a5 100644 --- a/drivers/char/virtio_console.c +++ b/drivers/char/virtio_console.c @@ -622,7 +622,7 @@ static ssize_t fill_readbuf(struct port *port, char *out_buf, size_t out_count, @@ -32539,22 +32141,18 @@ index 982f1f5..d21e5da 100644 iounmap(buf); return 0; diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c -index bfd8f43..133189c 100644 +index bfd8f43..b1fe1f8 100644 --- a/drivers/firmware/efivars.c +++ b/drivers/firmware/efivars.c -@@ -1234,9 +1234,9 @@ efivars_init(void) - return -ENOMEM; - } +@@ -1206,7 +1206,7 @@ out: + EXPORT_SYMBOL_GPL(register_efivars); -- ops.get_variable = efi.get_variable; -- ops.set_variable = efi.set_variable; -- ops.get_next_variable = efi.get_next_variable; -+ *(void **)&ops.get_variable = efi.get_variable; -+ *(void **)&ops.set_variable = efi.set_variable; -+ *(void **)&ops.get_next_variable = efi.get_next_variable; - error = register_efivars(&__efivars, &ops, efi_kobj); - if (error) - goto err_put; + static struct efivars __efivars; +-static struct efivar_operations ops; ++static efivar_operations_no_const ops __read_only; + + /* + * For now we register the efi subsystem with the firmware subsystem diff --git a/drivers/gpio/gpio-vr41xx.c b/drivers/gpio/gpio-vr41xx.c index 82d5c20..44a7177 100644 --- a/drivers/gpio/gpio-vr41xx.c @@ -33462,22 +33060,18 @@ index 8e9057b..af6dacb 100644 DRM_DEBUG("pid=%d\n", DRM_CURRENTPID); diff --git a/drivers/gpu/drm/radeon/radeon_ttm.c b/drivers/gpu/drm/radeon/radeon_ttm.c -index 5ebe1b3..1ed9426 100644 +index 5ebe1b3..44209ea 100644 --- a/drivers/gpu/drm/radeon/radeon_ttm.c +++ b/drivers/gpu/drm/radeon/radeon_ttm.c -@@ -822,8 +822,10 @@ int radeon_mmap(struct file *filp, struct vm_area_struct *vma) - } - if (unlikely(ttm_vm_ops == NULL)) { - ttm_vm_ops = vma->vm_ops; -- radeon_ttm_vm_ops = *ttm_vm_ops; -- radeon_ttm_vm_ops.fault = &radeon_ttm_fault; -+ pax_open_kernel(); -+ memcpy((void *)&radeon_ttm_vm_ops, ttm_vm_ops, sizeof(radeon_ttm_vm_ops)); -+ *(void **)&radeon_ttm_vm_ops.fault = &radeon_ttm_fault; -+ pax_close_kernel(); - } - vma->vm_ops = &radeon_ttm_vm_ops; - return 0; +@@ -781,7 +781,7 @@ void radeon_ttm_set_active_vram_size(struct radeon_device *rdev, u64 size) + man->size = size >> PAGE_SHIFT; + } + +-static struct vm_operations_struct radeon_ttm_vm_ops; ++static vm_operations_struct_no_const radeon_ttm_vm_ops __read_only; + static const struct vm_operations_struct *ttm_vm_ops = NULL; + + static int radeon_ttm_fault(struct vm_area_struct *vma, struct vm_fault *vmf) diff --git a/drivers/gpu/drm/radeon/rs690.c b/drivers/gpu/drm/radeon/rs690.c index 5706d2a..17aedaa 100644 --- a/drivers/gpu/drm/radeon/rs690.c @@ -34719,41 +34313,6 @@ index d0f7533..fb8215b 100644 serio->dev.bus = &serio_bus; serio->dev.release = serio_release_port; serio->dev.groups = serio_device_attr_groups; -diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c -index faf10ba..7cfaba9 100644 ---- a/drivers/iommu/amd_iommu_init.c -+++ b/drivers/iommu/amd_iommu_init.c -@@ -1922,7 +1922,7 @@ static int __init state_next(void) - case IOMMU_ACPI_FINISHED: - early_enable_iommus(); - register_syscore_ops(&amd_iommu_syscore_ops); -- x86_platform.iommu_shutdown = disable_iommus; -+ *(void **)&x86_platform.iommu_shutdown = disable_iommus; - init_state = IOMMU_ENABLED; - break; - case IOMMU_ENABLED: -@@ -2064,7 +2064,7 @@ int __init amd_iommu_detect(void) - - amd_iommu_detected = true; - iommu_detected = 1; -- x86_init.iommu.iommu_init = amd_iommu_init; -+ *(void **)&x86_init.iommu.iommu_init = amd_iommu_init; - - return 0; - } -diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c -index 86e2f4a..d1cec5d 100644 ---- a/drivers/iommu/dmar.c -+++ b/drivers/iommu/dmar.c -@@ -555,7 +555,7 @@ int __init detect_intel_iommu(void) - - #ifdef CONFIG_X86 - if (ret) -- x86_init.iommu.iommu_init = intel_iommu_init; -+ *(void **)&x86_init.iommu.iommu_init = intel_iommu_init; - #endif - } - early_acpi_os_unmap_memory(dmar_tbl, dmar_tbl_size); diff --git a/drivers/isdn/capi/capi.c b/drivers/isdn/capi/capi.c index c679867..6e2e34d 100644 --- a/drivers/isdn/capi/capi.c @@ -36793,7 +36352,7 @@ index c2e420a..26a75e0 100644 __vxge_hw_mempool_create(vpath->hldev, fifo->config->memblock_size, diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c -index 927aa33..a6c2518 100644 +index 6afe74e..2e2950f 100644 --- a/drivers/net/ethernet/realtek/r8169.c +++ b/drivers/net/ethernet/realtek/r8169.c @@ -747,22 +747,22 @@ struct rtl8169_private { @@ -37073,6 +36632,63 @@ index 605a4ba..a883dd1 100644 result = hso_start_serial_device(serial_table[i], GFP_NOIO); hso_kick_transmit(dev2ser(serial_table[i])); +diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c +index edb81ed..ab8931c 100644 +--- a/drivers/net/usb/usbnet.c ++++ b/drivers/net/usb/usbnet.c +@@ -380,6 +380,12 @@ static int rx_submit (struct usbnet *dev, struct urb *urb, gfp_t flags) + unsigned long lockflags; + size_t size = dev->rx_urb_size; + ++ /* prevent rx skb allocation when error ratio is high */ ++ if (test_bit(EVENT_RX_KILL, &dev->flags)) { ++ usb_free_urb(urb); ++ return -ENOLINK; ++ } ++ + skb = __netdev_alloc_skb_ip_align(dev->net, size, flags); + if (!skb) { + netif_dbg(dev, rx_err, dev->net, "no rx skb\n"); +@@ -539,6 +545,17 @@ block: + break; + } + ++ /* stop rx if packet error rate is high */ ++ if (++dev->pkt_cnt > 30) { ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ } else { ++ if (state == rx_cleanup) ++ dev->pkt_err++; ++ if (dev->pkt_err > 20) ++ set_bit(EVENT_RX_KILL, &dev->flags); ++ } ++ + state = defer_bh(dev, skb, &dev->rxq, state); + + if (urb) { +@@ -790,6 +807,11 @@ int usbnet_open (struct net_device *net) + (dev->driver_info->flags & FLAG_FRAMING_AX) ? "ASIX" : + "simple"); + ++ /* reset rx error state */ ++ dev->pkt_cnt = 0; ++ dev->pkt_err = 0; ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // delay posting reads until we're fully open + tasklet_schedule (&dev->bh); + if (info->manage_power) { +@@ -1253,6 +1275,9 @@ static void usbnet_bh (unsigned long param) + } + } + ++ /* restart RX again after disabling due to high error rate */ ++ clear_bit(EVENT_RX_KILL, &dev->flags); ++ + // waiting for all pending urbs to complete? + if (dev->wait) { + if ((dev->txq.qlen + dev->rxq.qlen + dev->done.qlen) == 0) { diff --git a/drivers/net/wireless/ath/ath9k/ar9002_mac.c b/drivers/net/wireless/ath/ath9k/ar9002_mac.c index 8d78253..bebbb68 100644 --- a/drivers/net/wireless/ath/ath9k/ar9002_mac.c @@ -37279,7 +36895,7 @@ index 301bf72..3f5654f 100644 static u16 ar9003_calc_ptr_chksum(struct ar9003_txc *ads) diff --git a/drivers/net/wireless/ath/ath9k/hw.h b/drivers/net/wireless/ath/ath9k/hw.h -index dbc1b7a..67e2ca2 100644 +index b68aaf5..fb20845 100644 --- a/drivers/net/wireless/ath/ath9k/hw.h +++ b/drivers/net/wireless/ath/ath9k/hw.h @@ -657,7 +657,7 @@ struct ath_hw_private_ops { @@ -63449,6 +63065,18 @@ index d3201e4..8281e63 100644 struct dma_pinned_list *pinned_list, struct page *page, unsigned int offset, size_t len); +diff --git a/include/linux/efi.h b/include/linux/efi.h +index b424f64..fd36c1b 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -656,6 +656,7 @@ struct efivar_operations { + efi_get_next_variable_t *get_next_variable; + efi_set_variable_t *set_variable; + }; ++typedef struct efivar_operations __no_const efivar_operations_no_const; + + struct efivars { + /* diff --git a/include/linux/elf.h b/include/linux/elf.h index 8c9048e..16a4665 100644 --- a/include/linux/elf.h @@ -64938,7 +64566,7 @@ index 6d087c5..401cab8 100644 .files = &init_files, \ .signal = &init_signals, \ diff --git a/include/linux/interrupt.h b/include/linux/interrupt.h -index 5e4e617..eee383d 100644 +index 5e4e617..073b866 100644 --- a/include/linux/interrupt.h +++ b/include/linux/interrupt.h @@ -435,7 +435,7 @@ enum @@ -64955,8 +64583,9 @@ index 5e4e617..eee383d 100644 struct softirq_action { - void (*action)(struct softirq_action *); +-}; + void (*action)(void); - }; ++} __no_const; asmlinkage void do_softirq(void); asmlinkage void __do_softirq(void); @@ -65117,7 +64746,7 @@ index cc6d2aa..71febca 100644 * list_replace - replace old entry by new one * @old : the element to be replaced diff --git a/include/linux/mm.h b/include/linux/mm.h -index 280dae5..39046ec 100644 +index 280dae5..baea6c8 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -101,6 +101,11 @@ extern unsigned int kobjsize(const void *objp); @@ -65132,7 +64761,15 @@ index 280dae5..39046ec 100644 #define VM_DONTDUMP 0x04000000 /* Do not include in the core dump */ #define VM_MIXEDMAP 0x10000000 /* Can contain "struct page" and pure PFN pages */ -@@ -1039,34 +1044,6 @@ int set_page_dirty(struct page *page); +@@ -231,6 +236,7 @@ struct vm_operations_struct { + int (*remap_pages)(struct vm_area_struct *vma, unsigned long addr, + unsigned long size, pgoff_t pgoff); + }; ++typedef struct vm_operations_struct __no_const vm_operations_struct_no_const; + + struct mmu_gather; + struct inode; +@@ -1039,34 +1045,6 @@ int set_page_dirty(struct page *page); int set_page_dirty_lock(struct page *page); int clear_page_dirty_for_io(struct page *page); @@ -65167,7 +64804,7 @@ index 280dae5..39046ec 100644 extern pid_t vm_is_stack(struct task_struct *task, struct vm_area_struct *vma, int in_group); -@@ -1166,6 +1143,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) +@@ -1166,6 +1144,15 @@ static inline void sync_mm_rss(struct mm_struct *mm) } #endif @@ -65183,7 +64820,7 @@ index 280dae5..39046ec 100644 int vma_wants_writenotify(struct vm_area_struct *vma); extern pte_t *__get_locked_pte(struct mm_struct *mm, unsigned long addr, -@@ -1184,8 +1170,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, +@@ -1184,8 +1171,15 @@ static inline int __pud_alloc(struct mm_struct *mm, pgd_t *pgd, { return 0; } @@ -65199,7 +64836,7 @@ index 280dae5..39046ec 100644 #endif #ifdef __PAGETABLE_PMD_FOLDED -@@ -1194,8 +1187,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, +@@ -1194,8 +1188,15 @@ static inline int __pmd_alloc(struct mm_struct *mm, pud_t *pud, { return 0; } @@ -65215,7 +64852,7 @@ index 280dae5..39046ec 100644 #endif int __pte_alloc(struct mm_struct *mm, struct vm_area_struct *vma, -@@ -1213,11 +1213,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a +@@ -1213,11 +1214,23 @@ static inline pud_t *pud_alloc(struct mm_struct *mm, pgd_t *pgd, unsigned long a NULL: pud_offset(pgd, address); } @@ -65239,7 +64876,7 @@ index 280dae5..39046ec 100644 #endif /* CONFIG_MMU && !__ARCH_HAS_4LEVEL_HACK */ #if USE_SPLIT_PTLOCKS -@@ -1447,6 +1459,7 @@ extern unsigned long do_mmap_pgoff(struct file *, unsigned long, +@@ -1447,6 +1460,7 @@ extern unsigned long do_mmap_pgoff(struct file *, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long); extern int do_munmap(struct mm_struct *, unsigned long, size_t); @@ -65247,7 +64884,7 @@ index 280dae5..39046ec 100644 /* These take the mm semaphore themselves */ extern unsigned long vm_brk(unsigned long, unsigned long); -@@ -1510,6 +1523,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add +@@ -1510,6 +1524,10 @@ extern struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long add extern struct vm_area_struct * find_vma_prev(struct mm_struct * mm, unsigned long addr, struct vm_area_struct **pprev); @@ -65258,7 +64895,7 @@ index 280dae5..39046ec 100644 /* Look up the first VMA which intersects the interval start_addr..end_addr-1, NULL if none. Assume start_addr < end_addr. */ static inline struct vm_area_struct * find_vma_intersection(struct mm_struct * mm, unsigned long start_addr, unsigned long end_addr) -@@ -1538,15 +1555,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, +@@ -1538,15 +1556,6 @@ static inline struct vm_area_struct *find_exact_vma(struct mm_struct *mm, return vma; } @@ -65274,7 +64911,7 @@ index 280dae5..39046ec 100644 struct vm_area_struct *find_extend_vma(struct mm_struct *, unsigned long addr); int remap_pfn_range(struct vm_area_struct *, unsigned long addr, unsigned long pfn, unsigned long size, pgprot_t); -@@ -1652,7 +1660,7 @@ extern int unpoison_memory(unsigned long pfn); +@@ -1652,7 +1661,7 @@ extern int unpoison_memory(unsigned long pfn); extern int sysctl_memory_failure_early_kill; extern int sysctl_memory_failure_recovery; extern void shake_page(struct page *p, int access); @@ -65283,7 +64920,7 @@ index 280dae5..39046ec 100644 extern int soft_offline_page(struct page *page, int flags); extern void dump_page(struct page *page); -@@ -1683,5 +1691,11 @@ static inline unsigned int debug_guardpage_minorder(void) { return 0; } +@@ -1683,5 +1692,11 @@ static inline unsigned int debug_guardpage_minorder(void) { return 0; } static inline bool page_is_guard(struct page *page) { return false; } #endif /* CONFIG_DEBUG_PAGEALLOC */ @@ -65601,10 +65238,10 @@ index 4bf19d8..5268cea 100644 return nd->saved_names[nd->depth]; } diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h -index a848ffc..3bbbaee 100644 +index 825fb7e..24cdd41 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h -@@ -999,6 +999,7 @@ struct net_device_ops { +@@ -1002,6 +1002,7 @@ struct net_device_ops { struct net_device *dev, int idx); }; @@ -65612,7 +65249,7 @@ index a848ffc..3bbbaee 100644 /* * The DEVICE structure. -@@ -1059,7 +1060,7 @@ struct net_device { +@@ -1062,7 +1063,7 @@ struct net_device { int iflink; struct net_device_stats stats; @@ -65896,15 +65533,16 @@ index 23b3630..e1bc12b 100644 #endif /* _LINUX_REBOOT_H */ diff --git a/include/linux/regset.h b/include/linux/regset.h -index 8e0c9fe..fdb64bc 100644 +index 8e0c9fe..ac4d221 100644 --- a/include/linux/regset.h +++ b/include/linux/regset.h -@@ -161,7 +161,7 @@ struct user_regset { +@@ -161,7 +161,8 @@ struct user_regset { unsigned int align; unsigned int bias; unsigned int core_note_type; -}; +} __do_const; ++typedef struct user_regset __no_const user_regset_no_const; /** * struct user_regset_view - available regsets @@ -66832,6 +66470,27 @@ index c5d36c6..108f4f9 100644 /* * callback functions for platform +diff --git a/include/linux/usb/usbnet.h b/include/linux/usb/usbnet.h +index ddbbb7d..9134611 100644 +--- a/include/linux/usb/usbnet.h ++++ b/include/linux/usb/usbnet.h +@@ -33,6 +33,7 @@ struct usbnet { + wait_queue_head_t *wait; + struct mutex phy_mutex; + unsigned char suspend_count; ++ unsigned char pkt_cnt, pkt_err; + + /* i/o info: pipes etc */ + unsigned in, out; +@@ -69,6 +70,8 @@ struct usbnet { + # define EVENT_DEV_ASLEEP 6 + # define EVENT_DEV_OPEN 7 + # define EVENT_DEVICE_REPORT_IDLE 8 ++# define EVENT_NO_RUNTIME_PM 9 ++# define EVENT_RX_KILL 10 + }; + + static inline struct usb_driver *driver_of(struct usb_interface *intf) diff --git a/include/linux/vermagic.h b/include/linux/vermagic.h index 6f8fbcf..8259001 100644 --- a/include/linux/vermagic.h @@ -72266,10 +71925,15 @@ index 57dde52..2c561f0 100644 error = check_kill_permission(sig, info, p); /* diff --git a/kernel/softirq.c b/kernel/softirq.c -index cc96bdc..8bb9750 100644 +index cc96bdc..6a96894 100644 --- a/kernel/softirq.c +++ b/kernel/softirq.c -@@ -57,7 +57,7 @@ static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp +@@ -53,11 +53,11 @@ irq_cpustat_t irq_stat[NR_CPUS] ____cacheline_aligned; + EXPORT_SYMBOL(irq_stat); + #endif + +-static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp; ++static struct softirq_action softirq_vec[NR_SOFTIRQS] __read_only __aligned(PAGE_SIZE); DEFINE_PER_CPU(struct task_struct *, ksoftirqd); @@ -72287,21 +71951,16 @@ index cc96bdc..8bb9750 100644 trace_softirq_exit(vec_nr); if (unlikely(prev_count != preempt_count())) { printk(KERN_ERR "huh, entered softirq %u %s %p" -@@ -391,9 +391,11 @@ void __raise_softirq_irqoff(unsigned int nr) +@@ -391,7 +391,7 @@ void __raise_softirq_irqoff(unsigned int nr) or_softirq_pending(1UL << nr); } -void open_softirq(int nr, void (*action)(struct softirq_action *)) -+void open_softirq(int nr, void (*action)(void)) ++void __init open_softirq(int nr, void (*action)(void)) { -- softirq_vec[nr].action = action; -+ pax_open_kernel(); -+ *(void **)&softirq_vec[nr].action = action; -+ pax_close_kernel(); + softirq_vec[nr].action = action; } - - /* -@@ -447,7 +449,7 @@ void __tasklet_hi_schedule_first(struct tasklet_struct *t) +@@ -447,7 +447,7 @@ void __tasklet_hi_schedule_first(struct tasklet_struct *t) EXPORT_SYMBOL(__tasklet_hi_schedule_first); @@ -72310,7 +71969,7 @@ index cc96bdc..8bb9750 100644 { struct tasklet_struct *list; -@@ -482,7 +484,7 @@ static void tasklet_action(struct softirq_action *a) +@@ -482,7 +482,7 @@ static void tasklet_action(struct softirq_action *a) } } @@ -73406,7 +73065,7 @@ index 31e4f55..62da00f 100644 struct dentry *d_tracer; diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c -index d608d09..7eddcb1 100644 +index d608d09..bd3801f 100644 --- a/kernel/trace/trace_events.c +++ b/kernel/trace/trace_events.c @@ -1320,10 +1320,6 @@ static LIST_HEAD(ftrace_module_file_list); @@ -73436,10 +73095,10 @@ index d608d09..7eddcb1 100644 - file_ops->format = ftrace_event_format_fops; - file_ops->format.owner = mod; + pax_open_kernel(); -+ *(void **)&mod->trace_id.owner = mod; -+ *(void **)&mod->trace_enable.owner = mod; -+ *(void **)&mod->trace_filter.owner = mod; -+ *(void **)&mod->trace_format.owner = mod; ++ mod->trace_id.owner = mod; ++ mod->trace_enable.owner = mod; ++ mod->trace_filter.owner = mod; ++ mod->trace_format.owner = mod; + pax_close_kernel(); list_add(&file_ops->list, &ftrace_module_file_list); @@ -74167,7 +73826,7 @@ index 40f17c3..c1cc011 100644 /* if an huge pmd materialized from under us just retry later */ if (unlikely(pmd_trans_huge(*pmd))) diff --git a/mm/hugetlb.c b/mm/hugetlb.c -index f198aca..10e3e37 100644 +index b969ed4..10e3e37 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -2509,6 +2509,27 @@ static int unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, @@ -74259,14 +73918,6 @@ index f198aca..10e3e37 100644 ptep = huge_pte_alloc(mm, address, huge_page_size(h)); if (!ptep) return VM_FAULT_OOM; -@@ -3028,6 +3082,7 @@ void hugetlb_change_protection(struct vm_area_struct *vma, - if (!huge_pte_none(huge_ptep_get(ptep))) { - pte = huge_ptep_get_and_clear(mm, address, ptep); - pte = pte_mkhuge(pte_modify(pte, newprot)); -+ pte = arch_make_huge_pte(pte, vma, NULL, 0); - set_huge_pte_at(mm, address, ptep, pte); - } - } diff --git a/mm/internal.h b/mm/internal.h index 3c5197d..08d0065 100644 --- a/mm/internal.h @@ -75220,22 +74871,10 @@ index 002c281..9429765 100644 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); diff --git a/mm/migrate.c b/mm/migrate.c -index 77ed2d7..d7adff2 100644 +index 346d32d..d7adff2 100644 --- a/mm/migrate.c +++ b/mm/migrate.c -@@ -143,8 +143,10 @@ static int remove_migration_pte(struct page *new, struct vm_area_struct *vma, - if (is_write_migration_entry(entry)) - pte = pte_mkwrite(pte); - #ifdef CONFIG_HUGETLB_PAGE -- if (PageHuge(new)) -+ if (PageHuge(new)) { - pte = pte_mkhuge(pte); -+ pte = arch_make_huge_pte(pte, vma, new, 0); -+ } - #endif - flush_cache_page(vma, addr, pte_pfn(pte)); - set_pte_at(mm, addr, ptep, pte); -@@ -1350,8 +1352,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, +@@ -1352,8 +1352,7 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, */ tcred = __task_cred(task); if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && @@ -79145,9 +78784,18 @@ index 79ae884..17c5c09 100644 a0 = a[0]; a1 = a[1]; diff --git a/net/core/datagram.c b/net/core/datagram.c -index 0337e2b..47914a0 100644 +index 0337e2b..f82d4a3 100644 --- a/net/core/datagram.c +++ b/net/core/datagram.c +@@ -187,7 +187,7 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, + skb_queue_walk(queue, skb) { + *peeked = skb->peeked; + if (flags & MSG_PEEK) { +- if (*off >= skb->len) { ++ if (*off >= skb->len && skb->len) { + *off -= skb->len; + continue; + } @@ -289,7 +289,7 @@ int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags) } @@ -79158,7 +78806,7 @@ index 0337e2b..47914a0 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index e5942bf..25998c3 100644 +index 3470794..eb5008c 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1162,9 +1162,13 @@ void dev_load(struct net *net, const char *name) @@ -79324,42 +78972,18 @@ index 7e7aeb0..2a998cb 100644 m->msg_iov = iov; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index fad649a..f2fdac4 100644 +index fad649a..df5891e 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c -@@ -198,14 +198,16 @@ int __rtnl_register(int protocol, int msgtype, - rtnl_msg_handlers[protocol] = tab; - } - -+ pax_open_kernel(); - if (doit) -- tab[msgindex].doit = doit; -+ *(void **)&tab[msgindex].doit = doit; - - if (dumpit) -- tab[msgindex].dumpit = dumpit; -+ *(void **)&tab[msgindex].dumpit = dumpit; - - if (calcit) -- tab[msgindex].calcit = calcit; -+ *(void **)&tab[msgindex].calcit = calcit; -+ pax_close_kernel(); - - return 0; - } -@@ -248,8 +250,10 @@ int rtnl_unregister(int protocol, int msgtype) - if (rtnl_msg_handlers[protocol] == NULL) - return -ENOENT; +@@ -58,7 +58,7 @@ struct rtnl_link { + rtnl_doit_func doit; + rtnl_dumpit_func dumpit; + rtnl_calcit_func calcit; +-}; ++} __no_const; -- rtnl_msg_handlers[protocol][msgindex].doit = NULL; -- rtnl_msg_handlers[protocol][msgindex].dumpit = NULL; -+ pax_open_kernel(); -+ *(void **)&rtnl_msg_handlers[protocol][msgindex].doit = NULL; -+ *(void **)&rtnl_msg_handlers[protocol][msgindex].dumpit = NULL; -+ pax_close_kernel(); + static DEFINE_MUTEX(rtnl_mutex); - return 0; - } diff --git a/net/core/scm.c b/net/core/scm.c index ab57084..0190c8f 100644 --- a/net/core/scm.c @@ -79666,7 +79290,7 @@ index 8d5cc75..821fd11 100644 rc = qp->q.fragments && (end - start) > max; diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c -index 14bbfcf..644f472 100644 +index e95d72b..5268ac0 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -1151,7 +1151,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, @@ -79818,10 +79442,10 @@ index 170b1fd..6105b91 100644 case IPT_SO_GET_ENTRIES: diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c -index 8f3d054..c58d05d 100644 +index 6f9c072..38ea6c6 100644 --- a/net/ipv4/ping.c +++ b/net/ipv4/ping.c -@@ -843,7 +843,7 @@ static void ping_format_sock(struct sock *sp, struct seq_file *f, +@@ -844,7 +844,7 @@ static void ping_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -79831,7 +79455,7 @@ index 8f3d054..c58d05d 100644 static int ping_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c -index 73d1e4d..3af0e8f 100644 +index 6f08991..55867ad 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c @@ -311,7 +311,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff *skb) @@ -79876,7 +79500,7 @@ index 73d1e4d..3af0e8f 100644 goto out; ret = 0; out: return ret; -@@ -997,7 +1001,7 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) +@@ -998,7 +1002,7 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) 0, 0L, 0, from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 0, sock_i_ino(sp), @@ -79886,10 +79510,10 @@ index 73d1e4d..3af0e8f 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index df25142..e92a82a 100644 +index 0fdfe4c..e7ea542 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c -@@ -2529,7 +2529,7 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { +@@ -2579,7 +2579,7 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) { @@ -79899,10 +79523,10 @@ index df25142..e92a82a 100644 sizeof(net->ipv4.dev_addr_genid)); return 0; diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c -index 181fc82..cc95f8c 100644 +index beabc80..48a6a10 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c -@@ -4704,7 +4704,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, +@@ -4709,7 +4709,7 @@ static struct sk_buff *tcp_collapse_one(struct sock *sk, struct sk_buff *skb, * simplifies code) */ static void @@ -79911,7 +79535,7 @@ index 181fc82..cc95f8c 100644 struct sk_buff *head, struct sk_buff *tail, u32 start, u32 end) { -@@ -5536,6 +5536,9 @@ slow_path: +@@ -5541,6 +5541,9 @@ slow_path: if (len < (th->doff << 2) || tcp_checksum_complete_user(sk, skb)) goto csum_error; @@ -79921,7 +79545,7 @@ index 181fc82..cc95f8c 100644 /* * Standard slow path. */ -@@ -5544,7 +5547,7 @@ slow_path: +@@ -5549,7 +5552,7 @@ slow_path: return 0; step5: @@ -79930,7 +79554,7 @@ index 181fc82..cc95f8c 100644 goto discard; /* ts_recent update must be made after we are sure that the packet -@@ -5836,6 +5839,7 @@ discard: +@@ -5840,6 +5843,7 @@ discard: tcp_paws_reject(&tp->rx_opt, 0)) goto discard_and_undo; @@ -79938,7 +79562,7 @@ index 181fc82..cc95f8c 100644 if (th->syn) { /* We see SYN without ACK. It is attempt of * simultaneous connect with crossed SYNs. -@@ -5886,6 +5890,7 @@ discard: +@@ -5890,6 +5894,7 @@ discard: goto discard; #endif } @@ -79946,7 +79570,7 @@ index 181fc82..cc95f8c 100644 /* "fifth, if neither of the SYN or RST bits is set then * drop the segment and return." */ -@@ -5930,7 +5935,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, +@@ -5934,7 +5939,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, goto discard; if (th->syn) { @@ -79955,7 +79579,7 @@ index 181fc82..cc95f8c 100644 goto discard; if (icsk->icsk_af_ops->conn_request(sk, skb) < 0) return 1; -@@ -5977,11 +5982,15 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, +@@ -5981,11 +5986,15 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, if (tcp_check_req(sk, skb, req, NULL, true) == NULL) goto discard; } @@ -79972,7 +79596,7 @@ index 181fc82..cc95f8c 100644 int acceptable = tcp_ack(sk, skb, FLAG_SLOWPATH) > 0; switch (sk->sk_state) { -@@ -6131,8 +6140,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, +@@ -6135,8 +6144,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, } break; } @@ -79983,7 +79607,7 @@ index 181fc82..cc95f8c 100644 /* ts_recent update must be made after we are sure that the packet * is in window. diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c -index bc3cb46..815ccd6 100644 +index e637770..364ff02 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -90,6 +90,10 @@ int sysctl_tcp_low_latency __read_mostly; @@ -79997,7 +79621,7 @@ index bc3cb46..815ccd6 100644 #ifdef CONFIG_TCP_MD5SIG static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key, __be32 daddr, __be32 saddr, const struct tcphdr *th); -@@ -1899,6 +1903,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) +@@ -1898,6 +1902,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; reset: @@ -80007,7 +79631,7 @@ index bc3cb46..815ccd6 100644 tcp_v4_send_reset(rsk, skb); discard: kfree_skb(skb); -@@ -1999,12 +2006,19 @@ int tcp_v4_rcv(struct sk_buff *skb) +@@ -1998,12 +2005,19 @@ int tcp_v4_rcv(struct sk_buff *skb) TCP_SKB_CB(skb)->sacked = 0; sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest); @@ -80030,7 +79654,7 @@ index bc3cb46..815ccd6 100644 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) { NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP); -@@ -2055,6 +2069,10 @@ no_tcp_socket: +@@ -2054,6 +2068,10 @@ no_tcp_socket: bad_packet: TCP_INC_STATS_BH(net, TCP_MIB_INERRS); } else { @@ -80111,7 +79735,7 @@ index d47c1b4..b0584de 100644 syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) { /* Has it gone just too far? */ diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c -index 79c8dbe..aceb1b6 100644 +index 1f4d405..3524677 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -87,6 +87,7 @@ @@ -80219,7 +79843,7 @@ index 79c8dbe..aceb1b6 100644 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); /* -@@ -2119,7 +2143,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, +@@ -2120,7 +2144,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -80229,7 +79853,7 @@ index 79c8dbe..aceb1b6 100644 int udp4_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index 0424e4e..308dd43 100644 +index a468a36..b50ffde 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -2121,7 +2121,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) @@ -80242,7 +79866,7 @@ index 0424e4e..308dd43 100644 if (ops->ndo_do_ioctl) { mm_segment_t oldfs = get_fs(); diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index d5cb3c4..b3e38d0 100644 +index a23350c..899c62c 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -1353,7 +1353,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) @@ -81186,7 +80810,7 @@ index 7261eb8..44e8ac6 100644 *uaddr_len = sizeof(struct sockaddr_ax25); } diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index 94060ed..9c066f3 100644 +index 5db6316..c9bf90e 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -1578,7 +1578,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, @@ -81207,7 +80831,7 @@ index 94060ed..9c066f3 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -2537,6 +2537,7 @@ out: +@@ -2539,6 +2539,7 @@ out: static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) { @@ -81215,7 +80839,7 @@ index 94060ed..9c066f3 100644 struct sock_exterr_skb *serr; struct sk_buff *skb, *skb2; int copied, err; -@@ -2558,8 +2559,9 @@ static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) +@@ -2560,8 +2561,9 @@ static int packet_recv_error(struct sock *sk, struct msghdr *msg, int len) sock_recv_timestamp(msg, sk, skb); serr = SKB_EXT_ERR(skb); @@ -81226,7 +80850,7 @@ index 94060ed..9c066f3 100644 msg->msg_flags |= MSG_ERRQUEUE; err = copied; -@@ -3171,7 +3173,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3173,7 +3175,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -81235,7 +80859,7 @@ index 94060ed..9c066f3 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3210,7 +3212,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3212,7 +3214,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, len = lv; if (put_user(len, optlen)) return -EFAULT; @@ -81723,6 +81347,19 @@ index f226709..0e735a8 100644 _proto("Tx RESPONSE %%%u", ntohl(hdr->serial)); ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); +diff --git a/net/sctp/auth.c b/net/sctp/auth.c +index 159b9bc..d8420ae 100644 +--- a/net/sctp/auth.c ++++ b/net/sctp/auth.c +@@ -71,7 +71,7 @@ void sctp_auth_key_put(struct sctp_auth_bytes *key) + return; + + if (atomic_dec_and_test(&key->refcnt)) { +- kfree(key); ++ kzfree(key); + SCTP_DBG_OBJCNT_DEC(keys); + } + } diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index ea14cb4..834e8e4 100644 --- a/net/sctp/ipv6.c @@ -81777,7 +81414,7 @@ index 2d51842..150ba5c 100644 static int sctp_v4_protosw_init(void) diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 406d957..543c737 100644 +index 9261d9a..0a6ae623 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4661,6 +4661,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, @@ -84858,12 +84495,12 @@ index 0000000..d41b5af +} diff --git a/tools/gcc/colorize_plugin.c b/tools/gcc/colorize_plugin.c new file mode 100644 -index 0000000..846aeb0 +index 0000000..414fe5e --- /dev/null +++ b/tools/gcc/colorize_plugin.c -@@ -0,0 +1,148 @@ +@@ -0,0 +1,151 @@ +/* -+ * Copyright 2012 by PaX Team <pageexec@freemail.hu> ++ * Copyright 2012-2013 by PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -84892,7 +84529,7 @@ index 0000000..846aeb0 +int plugin_is_GPL_compatible; + +static struct plugin_info colorize_plugin_info = { -+ .version = "201203092200", ++ .version = "201302112000", + .help = NULL, +}; + @@ -84971,6 +84608,9 @@ index 0000000..846aeb0 + .pass = { + .type = SIMPLE_IPA_PASS, + .name = "colorize_rearm", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = execute_colorize_rearm, + .sub = NULL, @@ -85012,10 +84652,10 @@ index 0000000..846aeb0 +} diff --git a/tools/gcc/constify_plugin.c b/tools/gcc/constify_plugin.c new file mode 100644 -index 0000000..1742271 +index 0000000..c415c9d --- /dev/null +++ b/tools/gcc/constify_plugin.c -@@ -0,0 +1,349 @@ +@@ -0,0 +1,359 @@ +/* + * Copyright 2011 by Emese Revfy <re.emese@gmail.com> + * Copyright 2011-2013 by PaX Team <pageexec@freemail.hu> @@ -85056,7 +84696,7 @@ index 0000000..1742271 +int plugin_is_GPL_compatible; + +static struct plugin_info const_plugin_info = { -+ .version = "201301150230", ++ .version = "201302112000", + .help = "no-constify\tturn off constification\n", +}; + @@ -85278,16 +84918,23 @@ index 0000000..1742271 +{ + unsigned int ret = 0; + tree var; -+ referenced_var_iterator rvi; + +#if BUILDING_GCC_VERSION == 4005 -+ FOR_EACH_REFERENCED_VAR(var, rvi) { ++ tree vars; +#else -+ FOR_EACH_REFERENCED_VAR(cfun, var, rvi) { ++ unsigned int i; ++#endif ++ ++#if BUILDING_GCC_VERSION == 4005 ++ for (vars = cfun->local_decls; vars; vars = TREE_CHAIN(vars)) { ++ var = TREE_VALUE(vars); ++#else ++ FOR_EACH_LOCAL_DECL(cfun, i, var) { +#endif + tree type = TREE_TYPE(var); + -+ if (!DECL_P(var) || TREE_STATIC(var) || DECL_EXTERNAL(var)) ++ gcc_assert(DECL_P(var)); ++ if (is_global_var(var)) + continue; + + if (TREE_CODE(type) != RECORD_TYPE && TREE_CODE(type) != UNION_TYPE) @@ -85299,8 +84946,8 @@ index 0000000..1742271 +// if (lookup_attribute("no_const", DECL_ATTRIBUTES(var))) +// continue; + -+// if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) -+// continue; ++ if (lookup_attribute("no_const", TYPE_ATTRIBUTES(type))) ++ continue; + + if (walk_struct(type)) { + error_at(DECL_SOURCE_LOCATION(var), "constified variable %qE cannot be local", var); @@ -85314,6 +84961,9 @@ index 0000000..1742271 + { + .type = GIMPLE_PASS, + .name = "check_local_variables", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = check_local_variables, + .sub = NULL, @@ -85467,12 +85117,12 @@ index 0000000..e518932 +exit 0 diff --git a/tools/gcc/kallocstat_plugin.c b/tools/gcc/kallocstat_plugin.c new file mode 100644 -index 0000000..a86e422 +index 0000000..568b360 --- /dev/null +++ b/tools/gcc/kallocstat_plugin.c -@@ -0,0 +1,167 @@ +@@ -0,0 +1,170 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -85524,7 +85174,7 @@ index 0000000..a86e422 +}; + +static struct plugin_info kallocstat_plugin_info = { -+ .version = "201111150100", ++ .version = "201302112000", +}; + +static unsigned int execute_kallocstat(void); @@ -85533,6 +85183,9 @@ index 0000000..a86e422 + .pass = { + .type = GIMPLE_PASS, + .name = "kallocstat", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = execute_kallocstat, + .sub = NULL, @@ -85640,12 +85293,12 @@ index 0000000..a86e422 +} diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c new file mode 100644 -index 0000000..8856202 +index 0000000..0408e06 --- /dev/null +++ b/tools/gcc/kernexec_plugin.c -@@ -0,0 +1,432 @@ +@@ -0,0 +1,465 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -85688,10 +85341,14 @@ index 0000000..8856202 +#define ANY_RETURN_P(rtx) (GET_CODE(rtx) == RETURN) +#endif + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +int plugin_is_GPL_compatible; + +static struct plugin_info kernexec_plugin_info = { -+ .version = "201111291120", ++ .version = "201302112000", + .help = "method=[bts|or]\tinstrumentation method\n" +}; + @@ -85707,6 +85364,9 @@ index 0000000..8856202 + .pass = { + .type = GIMPLE_PASS, + .name = "kernexec_reload", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_reload, + .sub = NULL, @@ -85725,6 +85385,9 @@ index 0000000..8856202 + .pass = { + .type = GIMPLE_PASS, + .name = "kernexec_fptr", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_fptr, + .sub = NULL, @@ -85743,6 +85406,9 @@ index 0000000..8856202 + .pass = { + .type = RTL_PASS, + .name = "kernexec_retaddr", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = kernexec_cmodel_check, + .execute = execute_kernexec_retaddr, + .sub = NULL, @@ -85840,8 +85506,10 @@ index 0000000..8856202 + + // create temporary unsigned long variable used for bitops and cast fptr to it + intptr = create_tmp_var(long_unsigned_type_node, "kernexec_bts"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(intptr); + mark_sym_for_renaming(intptr); ++#endif + assign_intptr = gimple_build_assign(intptr, fold_convert(long_unsigned_type_node, old_fptr)); + gsi_insert_before(gsi, assign_intptr, GSI_SAME_STMT); + update_stmt(assign_intptr); @@ -85855,8 +85523,10 @@ index 0000000..8856202 + + // cast temporary unsigned long back to a temporary fptr variable + new_fptr = create_tmp_var(TREE_TYPE(old_fptr), "kernexec_fptr"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_fptr); + mark_sym_for_renaming(new_fptr); ++#endif + assign_new_fptr = gimple_build_assign(new_fptr, fold_convert(TREE_TYPE(old_fptr), intptr)); + gsi_insert_before(gsi, assign_new_fptr, GSI_SAME_STMT); + update_stmt(assign_new_fptr); @@ -85870,24 +85540,36 @@ index 0000000..8856202 +{ + gimple asm_or_stmt, call_stmt; + tree old_fptr, new_fptr, input, output; ++#if BUILDING_GCC_VERSION <= 4007 + VEC(tree, gc) *inputs = NULL; + VEC(tree, gc) *outputs = NULL; ++#else ++ vec<tree, va_gc> *inputs = NULL; ++ vec<tree, va_gc> *outputs = NULL; ++#endif + + call_stmt = gsi_stmt(*gsi); + old_fptr = gimple_call_fn(call_stmt); + + // create temporary fptr variable + new_fptr = create_tmp_var(TREE_TYPE(old_fptr), "kernexec_or"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_fptr); + mark_sym_for_renaming(new_fptr); ++#endif + + // build asm volatile("orq %%r10, %0\n\t" : "=r"(new_fptr) : "0"(old_fptr)); + input = build_tree_list(NULL_TREE, build_string(2, "0")); + input = chainon(NULL_TREE, build_tree_list(input, old_fptr)); + output = build_tree_list(NULL_TREE, build_string(3, "=r")); + output = chainon(NULL_TREE, build_tree_list(output, new_fptr)); ++#if BUILDING_GCC_VERSION <= 4007 + VEC_safe_push(tree, gc, inputs, input); + VEC_safe_push(tree, gc, outputs, output); ++#else ++ vec_safe_push(inputs, input); ++ vec_safe_push(outputs, output); ++#endif + asm_or_stmt = gimple_build_asm_vec("orq %%r10, %0\n\t", inputs, outputs, NULL, NULL); + gimple_asm_set_volatile(asm_or_stmt, true); + gsi_insert_before(gsi, asm_or_stmt, GSI_SAME_STMT); @@ -85925,9 +85607,13 @@ index 0000000..8856202 + gcc_unreachable(); + + // ... through a function pointer -+ fn = SSA_NAME_VAR(fn); -+ if (TREE_CODE(fn) != VAR_DECL && TREE_CODE(fn) != PARM_DECL) -+ continue; ++ if (SSA_NAME_VAR(fn) != NULL_TREE) { ++ fn = SSA_NAME_VAR(fn); ++ if (TREE_CODE(fn) != VAR_DECL && TREE_CODE(fn) != PARM_DECL) { ++ debug_tree(fn); ++ gcc_unreachable(); ++ } ++ } + fn = TREE_TYPE(fn); + if (TREE_CODE(fn) != POINTER_TYPE) + continue; @@ -86078,12 +85764,12 @@ index 0000000..8856202 +} diff --git a/tools/gcc/latent_entropy_plugin.c b/tools/gcc/latent_entropy_plugin.c new file mode 100644 -index 0000000..b8008f7 +index 0000000..1276616 --- /dev/null +++ b/tools/gcc/latent_entropy_plugin.c -@@ -0,0 +1,295 @@ +@@ -0,0 +1,321 @@ +/* -+ * Copyright 2012 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2012-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -86123,12 +85809,16 @@ index 0000000..b8008f7 +#include "emit-rtl.h" +#include "tree-flow.h" + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +int plugin_is_GPL_compatible; + +static tree latent_entropy_decl; + +static struct plugin_info latent_entropy_plugin_info = { -+ .version = "201207271820", ++ .version = "201302112000", + .help = NULL +}; + @@ -86139,6 +85829,9 @@ index 0000000..b8008f7 + .pass = { + .type = GIMPLE_PASS, + .name = "latent_entropy", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_latent_entropy, + .execute = execute_latent_entropy, + .sub = NULL, @@ -86234,7 +85927,9 @@ index 0000000..b8008f7 + op = get_op(&rhs); + addxorrol = fold_build2_loc(UNKNOWN_LOCATION, op, unsigned_intDI_type_node, local_entropy, rhs); + assign = gimple_build_assign(local_entropy, addxorrol); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif +//debug_bb(bb); + gsi = gsi_after_labels(bb); + gsi_insert_before(&gsi, assign, GSI_NEW_STMT); @@ -86249,12 +85944,16 @@ index 0000000..b8008f7 + + // 1. create temporary copy of latent_entropy + temp = create_tmp_var(unsigned_intDI_type_node, "temp_latent_entropy"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(temp); + mark_sym_for_renaming(temp); ++#endif + + // 2. read... + assign = gimple_build_assign(temp, latent_entropy_decl); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi = gsi_after_labels(bb); + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); @@ -86262,13 +85961,17 @@ index 0000000..b8008f7 + // 3. ...modify... + addxorrol = fold_build2_loc(UNKNOWN_LOCATION, get_op(NULL), unsigned_intDI_type_node, temp, rhs); + assign = gimple_build_assign(temp, addxorrol); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); + + // 4. ...write latent_entropy + assign = gimple_build_assign(latent_entropy_decl, temp); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); +} @@ -86283,8 +85986,13 @@ index 0000000..b8008f7 + if (!latent_entropy_decl) { + struct varpool_node *node; + ++#if BUILDING_GCC_VERSION <= 4007 + for (node = varpool_nodes; node; node = node->next) { + tree var = node->decl; ++#else ++ FOR_EACH_VARIABLE(node) { ++ tree var = node->symbol.decl; ++#endif + if (strcmp(IDENTIFIER_POINTER(DECL_NAME(var)), "latent_entropy")) + continue; + latent_entropy_decl = var; @@ -86301,8 +86009,10 @@ index 0000000..b8008f7 + + // 1. create local entropy variable + local_entropy = create_tmp_var(unsigned_intDI_type_node, "local_entropy"); ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(local_entropy); + mark_sym_for_renaming(local_entropy); ++#endif + + // 2. initialize local entropy variable + bb = split_block_after_labels(ENTRY_BLOCK_PTR)->dest; @@ -86312,7 +86022,9 @@ index 0000000..b8008f7 + + assign = gimple_build_assign(local_entropy, build_int_cstu(unsigned_intDI_type_node, get_random_const())); +// gimple_set_location(assign, loc); ++#if BUILDING_GCC_VERSION <= 4007 + find_referenced_vars_in(assign); ++#endif + gsi_insert_after(&gsi, assign, GSI_NEW_STMT); + update_stmt(assign); + bb = bb->next_bb; @@ -90098,10 +89810,10 @@ index 0000000..5921fd7 +atyfb_setup_generic_49151 atyfb_setup_generic 3 49151 NULL diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c new file mode 100644 -index 0000000..792ee60 +index 0000000..d52f2ee --- /dev/null +++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,1930 @@ +@@ -0,0 +1,1941 @@ +/* + * Copyright 2011, 2012 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -90142,6 +89854,10 @@ index 0000000..792ee60 +#define C_DECL_IMPLICIT(EXP) DECL_LANG_FLAG_2 (EXP) +#endif + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +struct size_overflow_hash { + const struct size_overflow_hash * const next; + const char * const name; @@ -90494,8 +90210,10 @@ index 0000000..792ee60 +{ + tree new_var = create_tmp_var(type, "cicus"); + ++#if BUILDING_GCC_VERSION <= 4007 + add_referenced_var(new_var); + mark_sym_for_renaming(new_var); ++#endif + return new_var; +} + @@ -90715,11 +90433,13 @@ index 0000000..792ee60 + basic_block bb; + gimple phi; + gimple_stmt_iterator gsi = gsi_for_stmt(oldstmt); ++ gimple_seq seq; + + bb = gsi_bb(gsi); + + phi = create_phi_node(result, bb); -+ gsi = gsi_last(phi_nodes(bb)); ++ seq = phi_nodes(bb); ++ gsi = gsi_last(seq); + gsi_remove(&gsi, false); + + gsi = gsi_for_stmt(oldstmt); @@ -91959,13 +91679,16 @@ index 0000000..792ee60 + .pass = { + .type = GIMPLE_PASS, + .name = "size_overflow", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = NULL, + .execute = handle_function, + .sub = NULL, + .next = NULL, + .static_pass_number = 0, + .tv_id = TV_NONE, -+ .properties_required = PROP_cfg | PROP_referenced_vars, ++ .properties_required = PROP_cfg, + .properties_provided = 0, + .properties_destroyed = 0, + .todo_flags_start = 0, @@ -92034,12 +91757,12 @@ index 0000000..792ee60 +} diff --git a/tools/gcc/stackleak_plugin.c b/tools/gcc/stackleak_plugin.c new file mode 100644 -index 0000000..38d2014 +index 0000000..ac2901e --- /dev/null +++ b/tools/gcc/stackleak_plugin.c -@@ -0,0 +1,313 @@ +@@ -0,0 +1,327 @@ +/* -+ * Copyright 2011 by the PaX Team <pageexec@freemail.hu> ++ * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is @@ -92077,6 +91800,10 @@ index 0000000..38d2014 +#include "rtl.h" +#include "emit-rtl.h" + ++#if BUILDING_GCC_VERSION >= 4008 ++#define TODO_dump_func 0 ++#endif ++ +extern void print_gimple_stmt(FILE *, gimple, int, int); + +int plugin_is_GPL_compatible; @@ -92087,7 +91814,7 @@ index 0000000..38d2014 +static bool init_locals; + +static struct plugin_info stackleak_plugin_info = { -+ .version = "201203140940", ++ .version = "201302112000", + .help = "track-lowest-sp=nn\ttrack sp in functions whose frame size is at least nn bytes\n" +// "initialize-locals\t\tforcibly initialize all stack frames\n" +}; @@ -92100,6 +91827,9 @@ index 0000000..38d2014 + .pass = { + .type = GIMPLE_PASS, + .name = "stackleak_tree_instrument", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_stackleak_track_stack, + .execute = execute_stackleak_tree_instrument, + .sub = NULL, @@ -92118,6 +91848,9 @@ index 0000000..38d2014 + .pass = { + .type = RTL_PASS, + .name = "stackleak_final", ++#if BUILDING_GCC_VERSION >= 4008 ++ .optinfo_flags = OPTGROUP_NONE, ++#endif + .gate = gate_stackleak_track_stack, + .execute = execute_stackleak_final, + .sub = NULL, @@ -92254,7 +91987,7 @@ index 0000000..38d2014 + +static unsigned int execute_stackleak_final(void) +{ -+ rtx insn; ++ rtx insn, next; + + if (cfun->calls_alloca) + return 0; @@ -92264,10 +91997,11 @@ index 0000000..38d2014 + return 0; + + // 1. find pax_track_stack calls -+ for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { ++ for (insn = get_insns(); insn; insn = next) { + // rtl match: (call_insn 8 7 9 3 (call (mem (symbol_ref ("pax_track_stack") [flags 0x41] <function_decl 0xb7470e80 pax_track_stack>) [0 S1 A8]) (4)) -1 (nil) (nil)) + rtx body; + ++ next = NEXT_INSN(insn); + if (!CALL_P(insn)) + continue; + body = PATTERN(insn); @@ -92283,10 +92017,13 @@ index 0000000..38d2014 + continue; +// warning(0, "track_frame_size: %d %ld %d", cfun->calls_alloca, get_frame_size(), track_frame_size); + // 2. delete call -+ insn = delete_insn_and_edges(insn); ++ delete_insn_and_edges(insn); +#if BUILDING_GCC_VERSION >= 4007 -+ if (GET_CODE(insn) == NOTE && NOTE_KIND(insn) == NOTE_INSN_CALL_ARG_LOCATION) -+ insn = delete_insn_and_edges(insn); ++ if (GET_CODE(next) == NOTE && NOTE_KIND(next) == NOTE_INSN_CALL_ARG_LOCATION) { ++ insn = next; ++ next = NEXT_INSN(insn); ++ delete_insn_and_edges(insn); ++ } +#endif + } + @@ -92364,7 +92101,7 @@ index 6789d78..4afd019e 100644 + #endif diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 6e8fa7e..37f02a5 100644 +index 6e8fa7e..f0ec393 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -75,12 +75,17 @@ LIST_HEAD(vm_list); @@ -92396,6 +92133,33 @@ index 6e8fa7e..37f02a5 100644 (void __user *)(unsigned long)mem->userspace_addr, mem->memory_size))) goto out; +@@ -1778,7 +1783,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) + return 0; + } + +-static struct file_operations kvm_vcpu_fops = { ++static file_operations_no_const kvm_vcpu_fops __read_only = { + .release = kvm_vcpu_release, + .unlocked_ioctl = kvm_vcpu_ioctl, + #ifdef CONFIG_COMPAT +@@ -2326,7 +2331,7 @@ static int kvm_vm_mmap(struct file *file, struct vm_area_struct *vma) + return 0; + } + +-static struct file_operations kvm_vm_fops = { ++static file_operations_no_const kvm_vm_fops __read_only = { + .release = kvm_vm_release, + .unlocked_ioctl = kvm_vm_ioctl, + #ifdef CONFIG_COMPAT +@@ -2424,7 +2429,7 @@ out: + return r; + } + +-static struct file_operations kvm_chardev_ops = { ++static file_operations_no_const kvm_chardev_ops __read_only = { + .unlocked_ioctl = kvm_dev_ioctl, + .compat_ioctl = kvm_dev_ioctl, + .llseek = noop_llseek, @@ -2450,7 +2455,7 @@ static void hardware_enable_nolock(void *junk) if (r) { @@ -92440,13 +92204,10 @@ index 6e8fa7e..37f02a5 100644 if (r) goto out_free; -- kvm_chardev_ops.owner = module; -- kvm_vm_fops.owner = module; -- kvm_vcpu_fops.owner = module; + pax_open_kernel(); -+ *(void **)&kvm_chardev_ops.owner = module; -+ *(void **)&kvm_vm_fops.owner = module; -+ *(void **)&kvm_vcpu_fops.owner = module; + kvm_chardev_ops.owner = module; + kvm_vm_fops.owner = module; + kvm_vcpu_fops.owner = module; + pax_close_kernel(); r = misc_register(&kvm_dev); diff --git a/3.7.6/4425_grsec_remove_EI_PAX.patch b/3.7.8/4425_grsec_remove_EI_PAX.patch index 97e6951..97e6951 100644 --- a/3.7.6/4425_grsec_remove_EI_PAX.patch +++ b/3.7.8/4425_grsec_remove_EI_PAX.patch diff --git a/3.7.6/4430_grsec-remove-localversion-grsec.patch b/3.7.8/4430_grsec-remove-localversion-grsec.patch index 31cf878..31cf878 100644 --- a/3.7.6/4430_grsec-remove-localversion-grsec.patch +++ b/3.7.8/4430_grsec-remove-localversion-grsec.patch diff --git a/3.7.6/4435_grsec-mute-warnings.patch b/3.7.8/4435_grsec-mute-warnings.patch index e1a7a3c..e1a7a3c 100644 --- a/3.7.6/4435_grsec-mute-warnings.patch +++ b/3.7.8/4435_grsec-mute-warnings.patch diff --git a/3.7.6/4440_grsec-remove-protected-paths.patch b/3.7.8/4440_grsec-remove-protected-paths.patch index 637934a..637934a 100644 --- a/3.7.6/4440_grsec-remove-protected-paths.patch +++ b/3.7.8/4440_grsec-remove-protected-paths.patch diff --git a/3.7.6/4450_grsec-kconfig-default-gids.patch b/3.7.8/4450_grsec-kconfig-default-gids.patch index 3dfdc8f..3dfdc8f 100644 --- a/3.7.6/4450_grsec-kconfig-default-gids.patch +++ b/3.7.8/4450_grsec-kconfig-default-gids.patch diff --git a/3.7.6/4465_selinux-avc_audit-log-curr_ip.patch b/3.7.8/4465_selinux-avc_audit-log-curr_ip.patch index 5b614b1..5b614b1 100644 --- a/3.7.6/4465_selinux-avc_audit-log-curr_ip.patch +++ b/3.7.8/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/3.7.6/4470_disable-compat_vdso.patch b/3.7.8/4470_disable-compat_vdso.patch index 1037ba9..1037ba9 100644 --- a/3.7.6/4470_disable-compat_vdso.patch +++ b/3.7.8/4470_disable-compat_vdso.patch |