commit: f48ab9b7eb98c814a6a82fb5203ee7660f67a5dd Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> AuthorDate: Thu Jun 25 14:49:00 2015 +0000 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> CommitDate: Thu Jun 25 14:49:00 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=f48ab9b7
Grsec/PaX: 3.1-{3.2.69,3.14.45,4.0.6}-201506232104 {3.14.44 => 3.14.45}/0000_README | 2 +- .../4420_grsecurity-3.1-3.14.45-201506232103.patch | 364 ++++++++++----- {4.0.5 => 3.14.45}/4425_grsec_remove_EI_PAX.patch | 0 .../4427_force_XATTR_PAX_tmpfs.patch | 0 .../4430_grsec-remove-localversion-grsec.patch | 0 .../4435_grsec-mute-warnings.patch | 0 .../4440_grsec-remove-protected-paths.patch | 0 .../4450_grsec-kconfig-default-gids.patch | 0 .../4465_selinux-avc_audit-log-curr_ip.patch | 0 .../4470_disable-compat_vdso.patch | 0 {4.0.5 => 3.14.45}/4475_emutramp_default_on.patch | 0 3.2.69/0000_README | 2 +- ... 4420_grsecurity-3.1-3.2.69-201506232100.patch} | 56 ++- {4.0.5 => 4.0.6}/0000_README | 2 +- .../4420_grsecurity-3.1-4.0.6-201506232104.patch | 491 ++++++++++++++------- {3.14.44 => 4.0.6}/4425_grsec_remove_EI_PAX.patch | 0 {4.0.5 => 4.0.6}/4427_force_XATTR_PAX_tmpfs.patch | 0 .../4430_grsec-remove-localversion-grsec.patch | 0 {4.0.5 => 4.0.6}/4435_grsec-mute-warnings.patch | 0 .../4440_grsec-remove-protected-paths.patch | 0 .../4450_grsec-kconfig-default-gids.patch | 0 .../4465_selinux-avc_audit-log-curr_ip.patch | 0 {4.0.5 => 4.0.6}/4470_disable-compat_vdso.patch | 0 {3.14.44 => 4.0.6}/4475_emutramp_default_on.patch | 0 24 files changed, 639 insertions(+), 278 deletions(-) diff --git a/3.14.44/0000_README b/3.14.45/0000_README similarity index 96% rename from 3.14.44/0000_README rename to 3.14.45/0000_README index 2105f07..53a1411 100644 --- a/3.14.44/0000_README +++ b/3.14.45/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-3.14.44-201506082249.patch +Patch: 4420_grsecurity-3.1-3.14.45-201506232103.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.14.44/4420_grsecurity-3.1-3.14.44-201506082249.patch b/3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch similarity index 99% rename from 3.14.44/4420_grsecurity-3.1-3.14.44-201506082249.patch rename to 3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch index 3556faf..fe15fa1 100644 --- a/3.14.44/4420_grsecurity-3.1-3.14.44-201506082249.patch +++ b/3.14.45/4420_grsecurity-3.1-3.14.45-201506232103.patch @@ -295,7 +295,7 @@ index 5d91ba1..ef1d374 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 9f2471c..0adedd5 100644 +index c92186c..a387fb0 100644 --- a/Makefile +++ b/Makefile @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -6940,7 +6940,7 @@ index 44a1f79..2bd6aa3 100644 void __init gt641xx_irq_init(void) diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c -index d1fea7a..2e591b0 100644 +index 7479d8d..5c37e62 100644 --- a/arch/mips/kernel/irq.c +++ b/arch/mips/kernel/irq.c @@ -77,17 +77,17 @@ void ack_bad_irq(unsigned int irq) @@ -6964,18 +6964,16 @@ index d1fea7a..2e591b0 100644 } void __init init_IRQ(void) -@@ -110,7 +110,10 @@ void __init init_IRQ(void) - #endif +@@ -111,6 +111,8 @@ void __init init_IRQ(void) } + #ifdef CONFIG_DEBUG_STACKOVERFLOW + - #ifdef DEBUG_STACKOVERFLOW +extern void gr_handle_kernel_exploit(void); -+ static inline void check_stack_overflow(void) { unsigned long sp; -@@ -126,6 +129,7 @@ static inline void check_stack_overflow(void) +@@ -126,6 +128,7 @@ static inline void check_stack_overflow(void) printk("do_IRQ: stack overflow: %ld\n", sp - sizeof(struct thread_info)); dump_stack(); @@ -18901,7 +18899,7 @@ index cad82c9..2e5c5c1 100644 #endif /* __KERNEL__ */ diff --git a/arch/x86/include/asm/segment.h b/arch/x86/include/asm/segment.h -index 6f1c3a8..7744f19 100644 +index bcc9a2f..2d6e37b 100644 --- a/arch/x86/include/asm/segment.h +++ b/arch/x86/include/asm/segment.h @@ -64,10 +64,15 @@ @@ -18987,7 +18985,7 @@ index 6f1c3a8..7744f19 100644 #define __USER_DS (GDT_ENTRY_DEFAULT_USER_DS*8+3) #define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS*8+3) #ifndef CONFIG_PARAVIRT -@@ -268,7 +287,7 @@ static inline unsigned long get_limit(unsigned long segment) +@@ -279,7 +298,7 @@ static inline unsigned long get_limit(unsigned long segment) { unsigned long __limit; asm("lsll %1,%0" : "=r" (__limit) : "r" (segment)); @@ -24558,7 +24556,7 @@ index 1ffc32d..e52c745 100644 } diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c -index 85126cc..1bbce17 100644 +index 5fc4ac7..90be4e1 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -67,12 +67,12 @@ again: @@ -24611,7 +24609,7 @@ index 85126cc..1bbce17 100644 init_level4_pgt[511] = early_level4_pgt[511]; diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S -index f36bd42..0ab4474 100644 +index 30a2aa3..d62e1dd 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S @@ -26,6 +26,12 @@ @@ -24821,7 +24819,7 @@ index f36bd42..0ab4474 100644 movl %eax,%gs xorl %eax,%eax # Clear LDT -@@ -512,8 +594,11 @@ setup_once: +@@ -513,8 +595,11 @@ setup_once: * relocation. Manually set base address in stack canary * segment descriptor. */ @@ -24834,7 +24832,7 @@ index f36bd42..0ab4474 100644 movw %cx, 8 * GDT_ENTRY_STACK_CANARY + 2(%eax) shrl $16, %ecx movb %cl, 8 * GDT_ENTRY_STACK_CANARY + 4(%eax) -@@ -548,7 +633,7 @@ ENTRY(early_idt_handler) +@@ -551,7 +636,7 @@ early_idt_handler_common: cmpl $2,(%esp) # X86_TRAP_NMI je is_nmi # Ignore NMI @@ -24843,7 +24841,7 @@ index f36bd42..0ab4474 100644 je hlt_loop incl %ss:early_recursion_flag -@@ -586,8 +671,8 @@ ENTRY(early_idt_handler) +@@ -589,8 +674,8 @@ early_idt_handler_common: pushl (20+6*4)(%esp) /* trapno */ pushl $fault_msg call printk @@ -24853,7 +24851,7 @@ index f36bd42..0ab4474 100644 hlt_loop: hlt jmp hlt_loop -@@ -607,8 +692,11 @@ ENDPROC(early_idt_handler) +@@ -610,8 +695,11 @@ ENDPROC(early_idt_handler_common) /* This is the default interrupt "handler" :-) */ ALIGN ignore_int: @@ -24866,7 +24864,7 @@ index f36bd42..0ab4474 100644 pushl %eax pushl %ecx pushl %edx -@@ -617,9 +705,6 @@ ignore_int: +@@ -620,9 +708,6 @@ ignore_int: movl $(__KERNEL_DS),%eax movl %eax,%ds movl %eax,%es @@ -24876,7 +24874,7 @@ index f36bd42..0ab4474 100644 pushl 16(%esp) pushl 24(%esp) pushl 32(%esp) -@@ -653,29 +738,34 @@ ENTRY(setup_once_ref) +@@ -656,29 +741,34 @@ ENTRY(setup_once_ref) /* * BSS section */ @@ -24916,7 +24914,7 @@ index f36bd42..0ab4474 100644 ENTRY(initial_page_table) .long pa(initial_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ # if KPMDS == 3 -@@ -694,12 +784,20 @@ ENTRY(initial_page_table) +@@ -697,12 +787,20 @@ ENTRY(initial_page_table) # error "Kernel PMDs should be 1, 2 or 3" # endif .align PAGE_SIZE /* needs to be page-sized too */ @@ -24938,7 +24936,7 @@ index f36bd42..0ab4474 100644 __INITRODATA int_msg: -@@ -727,7 +825,7 @@ fault_msg: +@@ -730,7 +828,7 @@ fault_msg: * segment size, and 32-bit linear address value: */ @@ -24947,7 +24945,7 @@ index f36bd42..0ab4474 100644 .globl boot_gdt_descr .globl idt_descr -@@ -736,7 +834,7 @@ fault_msg: +@@ -739,7 +837,7 @@ fault_msg: .word 0 # 32 bit align gdt_desc.address boot_gdt_descr: .word __BOOT_DS+7 @@ -24956,7 +24954,7 @@ index f36bd42..0ab4474 100644 .word 0 # 32-bit align idt_desc.address idt_descr: -@@ -747,7 +845,7 @@ idt_descr: +@@ -750,7 +848,7 @@ idt_descr: .word 0 # 32 bit align gdt_desc.address ENTRY(early_gdt_descr) .word GDT_ENTRIES*8-1 @@ -24965,7 +24963,7 @@ index f36bd42..0ab4474 100644 /* * The boot_gdt must mirror the equivalent in setup.S and is -@@ -756,5 +854,65 @@ ENTRY(early_gdt_descr) +@@ -759,5 +857,65 @@ ENTRY(early_gdt_descr) .align L1_CACHE_BYTES ENTRY(boot_gdt) .fill GDT_ENTRY_BOOT_CS,8,0 @@ -25034,7 +25032,7 @@ index f36bd42..0ab4474 100644 + .fill PAGE_SIZE_asm - GDT_SIZE,1,0 + .endr diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S -index a468c0a..05f3865 100644 +index a2dc0ad..f3f397d 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -20,6 +20,8 @@ @@ -25143,7 +25141,7 @@ index a468c0a..05f3865 100644 .word 0 __FINITDATA -@@ -391,7 +427,7 @@ ENTRY(early_idt_handler) +@@ -393,7 +429,7 @@ early_idt_handler_common: call dump_stack #ifdef CONFIG_KALLSYMS leaq early_idt_ripmsg(%rip),%rdi @@ -25152,7 +25150,7 @@ index a468c0a..05f3865 100644 call __print_symbol #endif #endif /* EARLY_PRINTK */ -@@ -420,6 +456,7 @@ ENDPROC(early_idt_handler) +@@ -422,6 +458,7 @@ ENDPROC(early_idt_handler_common) early_recursion_flag: .long 0 @@ -25160,7 +25158,7 @@ index a468c0a..05f3865 100644 #ifdef CONFIG_EARLY_PRINTK early_idt_msg: .asciz "PANIC: early exception %02lx rip %lx:%lx error %lx cr2 %lx\n" -@@ -447,29 +484,52 @@ NEXT_PAGE(early_level4_pgt) +@@ -449,29 +486,52 @@ NEXT_PAGE(early_level4_pgt) NEXT_PAGE(early_dynamic_pgts) .fill 512*EARLY_DYNAMIC_PAGE_TABLES,8,0 @@ -25222,7 +25220,7 @@ index a468c0a..05f3865 100644 NEXT_PAGE(level3_kernel_pgt) .fill L3_START_KERNEL,8,0 -@@ -477,6 +537,9 @@ NEXT_PAGE(level3_kernel_pgt) +@@ -479,6 +539,9 @@ NEXT_PAGE(level3_kernel_pgt) .quad level2_kernel_pgt - __START_KERNEL_map + _KERNPG_TABLE .quad level2_fixmap_pgt - __START_KERNEL_map + _PAGE_TABLE @@ -25232,7 +25230,7 @@ index a468c0a..05f3865 100644 NEXT_PAGE(level2_kernel_pgt) /* * 512 MB kernel mapping. We spend a full page on this pagetable -@@ -492,30 +555,68 @@ NEXT_PAGE(level2_kernel_pgt) +@@ -494,30 +557,68 @@ NEXT_PAGE(level2_kernel_pgt) KERNEL_IMAGE_SIZE/PMD_SIZE) NEXT_PAGE(level2_fixmap_pgt) @@ -28855,6 +28853,19 @@ index 453e5fb..214168f 100644 #define APIC_LVT_NUM 6 /* 14 is the version for Xeon and Pentium 8.4.8*/ +diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h +index 6a11845..7205173 100644 +--- a/arch/x86/kvm/lapic.h ++++ b/arch/x86/kvm/lapic.h +@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr) + + static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu) + { +- return vcpu->arch.apic->pending_events; ++ return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events; + } + + bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector); diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h index cba218a..1cc1bed 100644 --- a/arch/x86/kvm/paging_tmpl.h @@ -34427,7 +34438,7 @@ index 0149575..f746de8 100644 + pax_force_retaddr ret diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c -index af2d431..c405730 100644 +index 1fed139..842a14e 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -50,13 +50,102 @@ static inline u8 *emit_code(u8 *ptr, u32 bytes, unsigned int len) @@ -34661,7 +34672,7 @@ index af2d431..c405730 100644 addrs[i] = proglen; } cleanup_addr = proglen; /* epilogue address */ -@@ -285,6 +394,10 @@ void bpf_jit_compile(struct sk_filter *fp) +@@ -290,6 +399,10 @@ void bpf_jit_compile(struct sk_filter *fp) for (i = 0; i < flen; i++) { unsigned int K = filter[i].k; @@ -34672,7 +34683,7 @@ index af2d431..c405730 100644 switch (filter[i].code) { case BPF_S_ALU_ADD_X: /* A += X; */ seen |= SEEN_XREG; -@@ -317,10 +430,8 @@ void bpf_jit_compile(struct sk_filter *fp) +@@ -322,10 +435,8 @@ void bpf_jit_compile(struct sk_filter *fp) case BPF_S_ALU_MUL_K: /* A *= K */ if (is_imm8(K)) EMIT3(0x6b, 0xc0, K); /* imul imm8,%eax,%eax */ @@ -34685,7 +34696,7 @@ index af2d431..c405730 100644 break; case BPF_S_ALU_DIV_X: /* A /= X; */ seen |= SEEN_XREG; -@@ -333,7 +444,7 @@ void bpf_jit_compile(struct sk_filter *fp) +@@ -338,7 +449,7 @@ void bpf_jit_compile(struct sk_filter *fp) EMIT_COND_JMP(X86_JE, addrs[pc_ret0 - 1] - (addrs[i] - 4)); } else { @@ -34694,7 +34705,7 @@ index af2d431..c405730 100644 CLEAR_A(); EMIT1_off32(0xe9, cleanup_addr - (addrs[i] - 4)); /* jmp .+off32 */ } -@@ -364,7 +475,11 @@ void bpf_jit_compile(struct sk_filter *fp) +@@ -369,7 +480,11 @@ void bpf_jit_compile(struct sk_filter *fp) break; } EMIT2(0x31, 0xd2); /* xor %edx,%edx */ @@ -34706,7 +34717,7 @@ index af2d431..c405730 100644 EMIT2(0xf7, 0xf1); /* div %ecx */ EMIT2(0x89, 0xd0); /* mov %edx,%eax */ break; -@@ -372,7 +487,11 @@ void bpf_jit_compile(struct sk_filter *fp) +@@ -377,7 +492,11 @@ void bpf_jit_compile(struct sk_filter *fp) if (K == 1) break; EMIT2(0x31, 0xd2); /* xor %edx,%edx */ @@ -34718,7 +34729,7 @@ index af2d431..c405730 100644 EMIT2(0xf7, 0xf1); /* div %ecx */ break; case BPF_S_ALU_AND_X: -@@ -643,8 +762,7 @@ common_load_ind: seen |= SEEN_DATAREF | SEEN_XREG; +@@ -648,8 +767,7 @@ common_load_ind: seen |= SEEN_DATAREF | SEEN_XREG; if (is_imm8(K)) { EMIT3(0x8d, 0x73, K); /* lea imm8(%rbx), %esi */ } else { @@ -34728,7 +34739,7 @@ index af2d431..c405730 100644 } } else { EMIT2(0x89,0xde); /* mov %ebx,%esi */ -@@ -717,7 +835,7 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; +@@ -722,7 +840,7 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; } if (filter[i].jt != 0) { if (filter[i].jf && f_offset) @@ -34737,7 +34748,7 @@ index af2d431..c405730 100644 EMIT_COND_JMP(t_op, t_offset); if (filter[i].jf) EMIT_JMP(f_offset); -@@ -734,10 +852,12 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; +@@ -739,10 +857,12 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; if (unlikely(proglen + ilen > oldproglen)) { pr_err("bpb_jit_compile fatal error\n"); kfree(addrs); @@ -34751,7 +34762,7 @@ index af2d431..c405730 100644 } proglen += ilen; addrs[i] = proglen; -@@ -770,7 +890,6 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; +@@ -775,7 +895,6 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; if (image) { bpf_flush_icache(header, image + proglen); @@ -34759,7 +34770,7 @@ index af2d431..c405730 100644 fp->bpf_func = (void *)image; } out: -@@ -782,10 +901,8 @@ static void bpf_jit_free_deferred(struct work_struct *work) +@@ -787,10 +906,8 @@ static void bpf_jit_free_deferred(struct work_struct *work) { struct sk_filter *fp = container_of(work, struct sk_filter, work); unsigned long addr = (unsigned long)fp->bpf_func & PAGE_MASK; @@ -36762,7 +36773,7 @@ index a0926a6..b2b14b2 100644 err = -EFAULT; goto out; diff --git a/block/genhd.c b/block/genhd.c -index a8d586a..d9910b1 100644 +index 9316f5f..16b4af2 100644 --- a/block/genhd.c +++ b/block/genhd.c @@ -469,21 +469,24 @@ static char *bdevt_str(dev_t devt, char *buf) @@ -40615,6 +40626,33 @@ index dcaae4c..80cd4dd 100644 .attrs = cpuidle_default_attrs, .name = "cpuidle", }; +diff --git a/drivers/crypto/caam/caamhash.c b/drivers/crypto/caam/caamhash.c +index d97a03d..acf64bb 100644 +--- a/drivers/crypto/caam/caamhash.c ++++ b/drivers/crypto/caam/caamhash.c +@@ -1469,6 +1469,9 @@ static int ahash_init(struct ahash_request *req) + state->final = ahash_final_no_ctx; + + state->current_buf = 0; ++ state->buf_dma = 0; ++ state->buflen_0 = 0; ++ state->buflen_1 = 0; + + return 0; + } +diff --git a/drivers/crypto/caam/caamrng.c b/drivers/crypto/caam/caamrng.c +index 28486b1..ae6dae8 100644 +--- a/drivers/crypto/caam/caamrng.c ++++ b/drivers/crypto/caam/caamrng.c +@@ -56,7 +56,7 @@ + + /* Buffer, its dma address and lock */ + struct buf_data { +- u8 buf[RN_BUF_SIZE]; ++ u8 buf[RN_BUF_SIZE] ____cacheline_aligned; + dma_addr_t addr; + struct completion filled; + u32 hw_desc[DESC_JOB_O_LEN]; diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index 12fea3e2..1e28f47 100644 --- a/drivers/crypto/hifn_795x.c @@ -42285,7 +42323,7 @@ index 4a85bb6..aaea819 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index e39026c..b32e98e 100644 +index 129915e..af52907 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c @@ -1128,7 +1128,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) @@ -53865,7 +53903,7 @@ index 5bfd807..337352af 100644 dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index 8ab46ad..b8db1e2 100644 +index 8195190..46537ed 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -115,7 +115,7 @@ struct n_tty_data { @@ -53877,7 +53915,7 @@ index 8ab46ad..b8db1e2 100644 size_t line_start; /* protected by output lock */ -@@ -2578,6 +2578,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -2589,6 +2589,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -66883,7 +66921,7 @@ index f70119f..ab5894d 100644 spin_lock_init(&delayed_root->lock); init_waitqueue_head(&delayed_root->wait); diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c -index d04db81..96e54f1 100644 +index 92cbfbf..0ca1d83 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -268,7 +268,7 @@ void __btrfs_abort_transaction(struct btrfs_trans_handle *trans, @@ -103186,6 +103224,40 @@ index c6646a5..574b47c 100644 static void __add_event_to_tracers(struct ftrace_event_call *call); /* Add an additional event_call dynamically */ +diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c +index 8a86319..32ef21b 100644 +--- a/kernel/trace/trace_events_filter.c ++++ b/kernel/trace/trace_events_filter.c +@@ -1399,19 +1399,27 @@ static int check_preds(struct filter_parse_state *ps) + { + int n_normal_preds = 0, n_logical_preds = 0; + struct postfix_elt *elt; ++ int cnt = 0; + + list_for_each_entry(elt, &ps->postfix, list) { +- if (elt->op == OP_NONE) ++ if (elt->op == OP_NONE) { ++ cnt++; + continue; ++ } + + if (elt->op == OP_AND || elt->op == OP_OR) { + n_logical_preds++; ++ cnt--; + continue; + } ++ // OP_NOT is not supported in this kernel, will get ++ // a reject here when it's backported ++ cnt--; + n_normal_preds++; ++ WARN_ON_ONCE(cnt < 0); + } + +- if (!n_normal_preds || n_logical_preds >= n_normal_preds) { ++ if (cnt != 1 || !n_normal_preds || n_logical_preds >= n_normal_preds) { + parse_error(ps, FILT_ERR_INVALID_FILTER, 0); + return -EINVAL; + } diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index 0b99120..881174f 100644 --- a/kernel/trace/trace_functions_graph.c @@ -104074,6 +104146,28 @@ index f07a40d..0a445a7 100644 retval = 1; } spin_unlock(&lockref->lock); +diff --git a/lib/mpi/longlong.h b/lib/mpi/longlong.h +index aac5114..a89d041 100644 +--- a/lib/mpi/longlong.h ++++ b/lib/mpi/longlong.h +@@ -639,7 +639,7 @@ do { \ + ************** MIPS ***************** + ***************************************/ + #if defined(__mips__) && W_TYPE_SIZE == 32 +-#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 ++#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) + #define umul_ppmm(w1, w0, u, v) \ + do { \ + UDItype __ll = (UDItype)(u) * (v); \ +@@ -671,7 +671,7 @@ do { \ + ************** MIPS/64 ************** + ***************************************/ + #if (defined(__mips) && __mips >= 3) && W_TYPE_SIZE == 64 +-#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 ++#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) + #define umul_ppmm(w1, w0, u, v) \ + do { \ + typedef unsigned int __ll_UTItype __attribute__((mode(TI))); \ diff --git a/lib/nlattr.c b/lib/nlattr.c index 10ad042d..25b47b5 100644 --- a/lib/nlattr.c @@ -110398,7 +110492,7 @@ index a16ed7b..eb44d17 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 73abbd7..1bae4ad 100644 +index 1b9e700..047273c 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1695,14 +1695,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) @@ -110649,10 +110743,51 @@ index 26dc006..89e838e 100644 m->msg_iov = iov; diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 7d95f69..a6065de 100644 +index 7d95f69..1d316b1 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c -@@ -2824,7 +2824,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, +@@ -976,6 +976,8 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) + rc = 0; + if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) + goto out_unlock_bh; ++ if (neigh->dead) ++ goto out_dead; + + if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { + if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + +@@ -1032,6 +1034,13 @@ out_unlock_bh: + write_unlock(&neigh->lock); + local_bh_enable(); + return rc; ++ ++out_dead: ++ if (neigh->nud_state & NUD_STALE) ++ goto out_unlock_bh; ++ write_unlock_bh(&neigh->lock); ++ kfree_skb(skb); ++ return 1; + } + EXPORT_SYMBOL(__neigh_event_send); + +@@ -1095,6 +1104,8 @@ int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, + if (!(flags & NEIGH_UPDATE_F_ADMIN) && + (old & (NUD_NOARP | NUD_PERMANENT))) + goto out; ++ if (neigh->dead) ++ goto out; + + if (!(new & NUD_VALID)) { + neigh_del_timer(neigh); +@@ -1244,6 +1255,8 @@ EXPORT_SYMBOL(neigh_update); + */ + void __neigh_set_probe_once(struct neighbour *neigh) + { ++ if (neigh->dead) ++ return; + neigh->updated = jiffies; + if (!(neigh->nud_state & NUD_FAILED)) + return; +@@ -2824,7 +2837,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int size, ret; @@ -110661,7 +110796,7 @@ index 7d95f69..a6065de 100644 tmp.extra1 = &zero; tmp.extra2 = &unres_qlen_max; -@@ -2886,7 +2886,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, +@@ -2886,7 +2899,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -110670,7 +110805,7 @@ index 7d95f69..a6065de 100644 int ret; tmp.extra1 = &zero; -@@ -3058,11 +3058,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, +@@ -3058,11 +3071,12 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0, sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL])); } else { @@ -112042,7 +112177,7 @@ index 11c8d81..d67116b 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index b64330f..31268ca 100644 +index 625615c..b88eefd 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -234,7 +234,7 @@ static const struct seq_operations rt_cache_seq_ops = { @@ -112095,7 +112230,7 @@ index b64330f..31268ca 100644 } EXPORT_SYMBOL(ip_idents_reserve); -@@ -2632,34 +2632,34 @@ static struct ctl_table ipv4_route_flush_table[] = { +@@ -2636,34 +2636,34 @@ static struct ctl_table ipv4_route_flush_table[] = { .maxlen = sizeof(int), .mode = 0200, .proc_handler = ipv4_sysctl_rtcache_flush, @@ -112138,7 +112273,7 @@ index b64330f..31268ca 100644 err_dup: return -ENOMEM; } -@@ -2682,8 +2682,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { +@@ -2686,8 +2686,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) { @@ -112149,7 +112284,7 @@ index b64330f..31268ca 100644 get_random_bytes(&net->ipv4.dev_addr_genid, sizeof(net->ipv4.dev_addr_genid)); return 0; -@@ -2726,11 +2726,7 @@ int __init ip_rt_init(void) +@@ -2730,11 +2730,7 @@ int __init ip_rt_init(void) { int rc = 0; @@ -112390,7 +112525,7 @@ index e2f8bd0..6c664ad 100644 } diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c -index 7a436c5..84279ef 100644 +index 9128d0a..5ea9226 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -27,6 +27,10 @@ @@ -112407,7 +112542,7 @@ index 7a436c5..84279ef 100644 @@ -298,7 +302,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo) tw->tw_v6_rcv_saddr = sk->sk_v6_rcv_saddr; tw->tw_tclass = np->tclass; - tw->tw_flowlabel = np->flow_label >> 12; + tw->tw_flowlabel = be32_to_cpu(np->flow_label & IPV6_FLOWLABEL_MASK); - tw->tw_ipv6only = np->ipv6only; + tw->tw_ipv6only = sk->sk_ipv6only; } @@ -112468,7 +112603,7 @@ index 64f0354..a81b39d 100644 syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) { /* Has it gone just too far? */ diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c -index b25e852..f578c52 100644 +index 21a3a9e..4a9ef62 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -87,6 +87,7 @@ @@ -112479,7 +112614,7 @@ index b25e852..f578c52 100644 #include <linux/socket.h> #include <linux/sockios.h> #include <linux/igmp.h> -@@ -113,6 +114,10 @@ +@@ -114,6 +115,10 @@ #include <net/busy_poll.h> #include "udp_impl.h" @@ -112490,7 +112625,7 @@ index b25e852..f578c52 100644 struct udp_table udp_table __read_mostly; EXPORT_SYMBOL(udp_table); -@@ -615,6 +620,9 @@ found: +@@ -616,6 +621,9 @@ found: return s; } @@ -112500,7 +112635,7 @@ index b25e852..f578c52 100644 /* * This routine is called by the ICMP module when it gets some * sort of error condition. If err < 0 then the socket should -@@ -914,9 +922,18 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -915,9 +923,18 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, dport = usin->sin_port; if (dport == 0) return -EINVAL; @@ -112519,7 +112654,7 @@ index b25e852..f578c52 100644 daddr = inet->inet_daddr; dport = inet->inet_dport; /* Open fast path for connected socket. -@@ -1163,7 +1180,7 @@ static unsigned int first_packet_length(struct sock *sk) +@@ -1164,7 +1181,7 @@ static unsigned int first_packet_length(struct sock *sk) IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, IS_UDPLITE(sk)); @@ -112528,7 +112663,7 @@ index b25e852..f578c52 100644 __skb_unlink(skb, rcvq); __skb_queue_tail(&list_kill, skb); } -@@ -1243,6 +1260,10 @@ try_again: +@@ -1244,6 +1261,10 @@ try_again: if (!skb) goto out; @@ -112539,7 +112674,7 @@ index b25e852..f578c52 100644 ulen = skb->len - sizeof(struct udphdr); copied = len; if (copied > ulen) -@@ -1276,7 +1297,7 @@ try_again: +@@ -1277,7 +1298,7 @@ try_again: if (unlikely(err)) { trace_kfree_skb(skb, udp_recvmsg); if (!peeked) { @@ -112548,20 +112683,7 @@ index b25e852..f578c52 100644 UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, is_udplite); } -@@ -1317,10 +1338,8 @@ csum_copy_err: - } - unlock_sock_fast(sk, slow); - -- if (noblock) -- return -EAGAIN; -- -- /* starting over for a new packet */ -+ /* starting over for a new packet, but check if we need to yield */ -+ cond_resched(); - msg->msg_flags &= ~MSG_TRUNC; - goto try_again; - } -@@ -1566,7 +1585,7 @@ csum_error: +@@ -1565,7 +1586,7 @@ csum_error: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -112570,7 +112692,7 @@ index b25e852..f578c52 100644 kfree_skb(skb); return -1; } -@@ -1585,7 +1604,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -1584,7 +1605,7 @@ static void flush_stack(struct sock **stack, unsigned int count, skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -112579,7 +112701,7 @@ index b25e852..f578c52 100644 UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -1786,6 +1805,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -1785,6 +1806,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -112589,7 +112711,7 @@ index b25e852..f578c52 100644 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); /* -@@ -2354,7 +2376,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, +@@ -2364,7 +2388,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -113386,7 +113508,7 @@ index 7f405a1..eabef92 100644 struct ctl_table *ipv6_icmp_table; int err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c -index 9d4332d..4292595 100644 +index b50ae29..568a06f 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) @@ -113445,7 +113567,7 @@ index 9d4332d..4292595 100644 } diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c -index 20b63d2..9f371ac 100644 +index 38625a9..9f371ac 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -76,10 +76,13 @@ static unsigned int udp6_ehashfn(struct net *net, @@ -113481,20 +113603,7 @@ index 20b63d2..9f371ac 100644 if (is_udp4) UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, -@@ -515,10 +518,8 @@ csum_copy_err: - } - unlock_sock_fast(sk, slow); - -- if (noblock) -- return -EAGAIN; -- -- /* starting over for a new packet */ -+ /* starting over for a new packet, but check if we need to yield */ -+ cond_resched(); - msg->msg_flags &= ~MSG_TRUNC; - goto try_again; - } -@@ -690,7 +691,7 @@ csum_error: +@@ -688,7 +691,7 @@ csum_error: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -113503,7 +113612,7 @@ index 20b63d2..9f371ac 100644 kfree_skb(skb); return -1; } -@@ -747,7 +748,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -745,7 +748,7 @@ static void flush_stack(struct sock **stack, unsigned int count, if (likely(skb1 == NULL)) skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -113512,7 +113621,7 @@ index 20b63d2..9f371ac 100644 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -886,6 +887,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -884,6 +887,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -114778,10 +114887,43 @@ index 270b77d..0a9d0981 100644 /* Queue all of the segments. */ skb = segs; diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index 48b1817..d2c096b 100644 +index 48b1817..3b2192f 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c -@@ -1846,7 +1846,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1264,16 +1264,6 @@ static void packet_sock_destruct(struct sock *sk) + sk_refcnt_debug_dec(sk); + } + +-static int fanout_rr_next(struct packet_fanout *f, unsigned int num) +-{ +- int x = atomic_read(&f->rr_cur) + 1; +- +- if (x >= num) +- x = 0; +- +- return x; +-} +- + static unsigned int fanout_demux_hash(struct packet_fanout *f, + struct sk_buff *skb, + unsigned int num) +@@ -1285,13 +1275,9 @@ static unsigned int fanout_demux_lb(struct packet_fanout *f, + struct sk_buff *skb, + unsigned int num) + { +- int cur, old; ++ unsigned int val = atomic_inc_return(&f->rr_cur); + +- cur = atomic_read(&f->rr_cur); +- while ((old = atomic_cmpxchg(&f->rr_cur, cur, +- fanout_rr_next(f, num))) != cur) +- cur = old; +- return cur; ++ return val % num; + } + + static unsigned int fanout_demux_cpu(struct packet_fanout *f, +@@ -1846,7 +1832,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_packets++; @@ -114790,7 +114932,7 @@ index 48b1817..d2c096b 100644 __skb_queue_tail(&sk->sk_receive_queue, skb); spin_unlock(&sk->sk_receive_queue.lock); sk->sk_data_ready(sk, skb->len); -@@ -1855,7 +1855,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1855,7 +1841,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, drop_n_acct: spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_drops++; @@ -114799,7 +114941,7 @@ index 48b1817..d2c096b 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -3462,7 +3462,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3462,7 +3448,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -114808,7 +114950,7 @@ index 48b1817..d2c096b 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3508,7 +3508,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3508,7 +3494,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, len = lv; if (put_user(len, optlen)) return -EFAULT; @@ -116416,7 +116558,7 @@ index 6424372..afd36e9 100644 sub->evt.event = htohl(event, sub->swap); sub->evt.found_lower = htohl(found_lower, sub->swap); diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index 94404f1..ac544a1 100644 +index 4757f1c..11b32ee 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -791,6 +791,12 @@ static struct sock *unix_find_other(struct net *net, @@ -116465,7 +116607,7 @@ index 94404f1..ac544a1 100644 done_path_create(&path, dentry); return err; } -@@ -2243,11 +2262,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, +@@ -2251,11 +2270,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, writable = unix_writable(sk); other = unix_peer_get(sk); if (other) { @@ -116482,7 +116624,7 @@ index 94404f1..ac544a1 100644 sock_put(other); } -@@ -2344,9 +2366,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2352,9 +2374,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_puts(seq, "Num RefCount Protocol Flags Type St " "Inode Path\n"); else { @@ -116497,7 +116639,7 @@ index 94404f1..ac544a1 100644 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", s, -@@ -2371,10 +2397,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2379,10 +2405,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_putc(seq, '@'); i++; } @@ -128115,10 +128257,10 @@ index 0000000..4378111 +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 -index 0000000..038e79d +index 0000000..51560ee --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data -@@ -0,0 +1,6059 @@ +@@ -0,0 +1,6061 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL +storvsc_connect_to_vsp_22 storvsc_connect_to_vsp 2 22 NULL @@ -131510,7 +131652,8 @@ index 0000000..038e79d +vxge_config_vpaths_36636 vxge_config_vpaths 0 36636 NULL +convert_extent_item_v0_36645 convert_extent_item_v0 4 36645 NULL +ced_ioctl_36647 ced_ioctl 2 36647 NULL -+lpfc_idiag_extacc_alloc_get_36648 lpfc_idiag_extacc_alloc_get 0-3 36648 NULL ++lpfc_idiag_extacc_alloc_get_36648 lpfc_idiag_extacc_alloc_get 0-3 36648 NULL nohasharray ++tty_copy_to_user_36648 tty_copy_to_user 4 36648 &lpfc_idiag_extacc_alloc_get_36648 +osd_req_list_collection_objects_36664 osd_req_list_collection_objects 5 36664 NULL +iscsi_host_alloc_36671 iscsi_host_alloc 2 36671 NULL +xillybus_read_36678 xillybus_read 3 36678 NULL @@ -131577,7 +131720,8 @@ index 0000000..038e79d +xfs_iomap_write_allocate_37336 xfs_iomap_write_allocate 0 37336 NULL +security_inode_getsecurity_37354 security_inode_getsecurity 0 37354 NULL +hci_sock_sendmsg_37420 hci_sock_sendmsg 4 37420 NULL -+acpi_os_allocate_zeroed_37422 acpi_os_allocate_zeroed 1 37422 NULL ++acpi_os_allocate_zeroed_37422 acpi_os_allocate_zeroed 1 37422 NULL nohasharray ++find_next_bit_37422 find_next_bit 0 37422 &acpi_os_allocate_zeroed_37422 +tty_insert_flip_string_fixed_flag_37428 tty_insert_flip_string_fixed_flag 4-0 37428 NULL +iwl_print_last_event_logs_37433 iwl_print_last_event_logs 0-7-9 37433 NULL +fru_alloc_37442 fru_alloc 1 37442 NULL diff --git a/4.0.5/4425_grsec_remove_EI_PAX.patch b/3.14.45/4425_grsec_remove_EI_PAX.patch similarity index 100% rename from 4.0.5/4425_grsec_remove_EI_PAX.patch rename to 3.14.45/4425_grsec_remove_EI_PAX.patch diff --git a/3.14.44/4427_force_XATTR_PAX_tmpfs.patch b/3.14.45/4427_force_XATTR_PAX_tmpfs.patch similarity index 100% rename from 3.14.44/4427_force_XATTR_PAX_tmpfs.patch rename to 3.14.45/4427_force_XATTR_PAX_tmpfs.patch diff --git a/4.0.5/4430_grsec-remove-localversion-grsec.patch b/3.14.45/4430_grsec-remove-localversion-grsec.patch similarity index 100% rename from 4.0.5/4430_grsec-remove-localversion-grsec.patch rename to 3.14.45/4430_grsec-remove-localversion-grsec.patch diff --git a/3.14.44/4435_grsec-mute-warnings.patch b/3.14.45/4435_grsec-mute-warnings.patch similarity index 100% rename from 3.14.44/4435_grsec-mute-warnings.patch rename to 3.14.45/4435_grsec-mute-warnings.patch diff --git a/4.0.5/4440_grsec-remove-protected-paths.patch b/3.14.45/4440_grsec-remove-protected-paths.patch similarity index 100% rename from 4.0.5/4440_grsec-remove-protected-paths.patch rename to 3.14.45/4440_grsec-remove-protected-paths.patch diff --git a/3.14.44/4450_grsec-kconfig-default-gids.patch b/3.14.45/4450_grsec-kconfig-default-gids.patch similarity index 100% rename from 3.14.44/4450_grsec-kconfig-default-gids.patch rename to 3.14.45/4450_grsec-kconfig-default-gids.patch diff --git a/3.14.44/4465_selinux-avc_audit-log-curr_ip.patch b/3.14.45/4465_selinux-avc_audit-log-curr_ip.patch similarity index 100% rename from 3.14.44/4465_selinux-avc_audit-log-curr_ip.patch rename to 3.14.45/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/3.14.44/4470_disable-compat_vdso.patch b/3.14.45/4470_disable-compat_vdso.patch similarity index 100% rename from 3.14.44/4470_disable-compat_vdso.patch rename to 3.14.45/4470_disable-compat_vdso.patch diff --git a/4.0.5/4475_emutramp_default_on.patch b/3.14.45/4475_emutramp_default_on.patch similarity index 100% rename from 4.0.5/4475_emutramp_default_on.patch rename to 3.14.45/4475_emutramp_default_on.patch diff --git a/3.2.69/0000_README b/3.2.69/0000_README index c5e335b..1521b73 100644 --- a/3.2.69/0000_README +++ b/3.2.69/0000_README @@ -194,7 +194,7 @@ Patch: 1068_linux-3.2.69.patch From: http://www.kernel.org Desc: Linux 3.2.69 -Patch: 4420_grsecurity-3.1-3.2.69-201506082246.patch +Patch: 4420_grsecurity-3.1-3.2.69-201506232100.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/3.2.69/4420_grsecurity-3.1-3.2.69-201506082246.patch b/3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch similarity index 99% rename from 3.2.69/4420_grsecurity-3.1-3.2.69-201506082246.patch rename to 3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch index 35a63ac..873b401 100644 --- a/3.2.69/4420_grsecurity-3.1-3.2.69-201506082246.patch +++ b/3.2.69/4420_grsecurity-3.1-3.2.69-201506232100.patch @@ -37854,7 +37854,7 @@ index e47e73b..348e0bd 100644 PCI_VEND_DEV(AMD, FE_GATE_700C), PCI_ANY_ID, PCI_ANY_ID, 0, 0, AMD762}, diff --git a/drivers/edac/e752x_edac.c b/drivers/edac/e752x_edac.c -index 1af531a..3a8ff27 100644 +index 1af531a1..3a8ff27 100644 --- a/drivers/edac/e752x_edac.c +++ b/drivers/edac/e752x_edac.c @@ -1380,7 +1380,7 @@ static void __devexit e752x_remove_one(struct pci_dev *pdev) @@ -96019,6 +96019,40 @@ index 875fed4..7a76cbb 100644 } } +diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c +index b0996c1..7e5c12f 100644 +--- a/kernel/trace/trace_events_filter.c ++++ b/kernel/trace/trace_events_filter.c +@@ -1343,19 +1343,27 @@ static int check_preds(struct filter_parse_state *ps) + { + int n_normal_preds = 0, n_logical_preds = 0; + struct postfix_elt *elt; ++ int cnt = 0; + + list_for_each_entry(elt, &ps->postfix, list) { +- if (elt->op == OP_NONE) ++ if (elt->op == OP_NONE) { ++ cnt++; + continue; ++ } + + if (elt->op == OP_AND || elt->op == OP_OR) { + n_logical_preds++; ++ cnt--; + continue; + } ++ // OP_NOT is not supported in this kernel, will get ++ // a reject here when it's backported ++ cnt--; + n_normal_preds++; ++ WARN_ON_ONCE(cnt < 0); + } + +- if (!n_normal_preds || n_logical_preds >= n_normal_preds) { ++ if (cnt != 1 || !n_normal_preds || n_logical_preds >= n_normal_preds) { + parse_error(ps, FILT_ERR_INVALID_FILTER, 0); + return -EINVAL; + } diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index a7d2a4c..b034c76 100644 --- a/kernel/trace/trace_functions_graph.c @@ -104143,7 +104177,7 @@ index 68bbf9f..5ef0d12 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 1c0d862..6117f53 100644 +index 1c0d862..d4946e6 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1142,10 +1142,14 @@ void dev_load(struct net *net, const char *name) @@ -104179,6 +104213,24 @@ index 1c0d862..6117f53 100644 kfree_skb(skb); return NET_RX_DROP; } +@@ -1961,13 +1965,13 @@ struct sk_buff *skb_gso_segment(struct sk_buff *skb, u32 features) + + if (unlikely(skb->ip_summed != CHECKSUM_PARTIAL)) { + struct net_device *dev = skb->dev; +- struct ethtool_drvinfo info = {}; ++ const char *driver = ""; + +- if (dev && dev->ethtool_ops && dev->ethtool_ops->get_drvinfo) +- dev->ethtool_ops->get_drvinfo(dev, &info); ++ if (dev && dev->dev.parent) ++ driver = dev_driver_string(dev->dev.parent); + + WARN(1, "%s: caps=(0x%lx, 0x%lx) len=%d data_len=%d ip_summed=%d\n", +- info.driver, dev ? dev->features : 0L, ++ driver, dev ? dev->features : 0L, + skb->sk ? skb->sk->sk_route_caps : 0L, + skb->len, skb->data_len, skb->ip_summed); + @@ -2048,7 +2052,7 @@ static int illegal_highdma(struct net_device *dev, struct sk_buff *skb) struct dev_gso_cb { diff --git a/4.0.5/0000_README b/4.0.6/0000_README similarity index 96% rename from 4.0.5/0000_README rename to 4.0.6/0000_README index 0e406e4..62fb720 100644 --- a/4.0.5/0000_README +++ b/4.0.6/0000_README @@ -2,7 +2,7 @@ README ----------------------------------------------------------------------------- Individual Patch Descriptions: ----------------------------------------------------------------------------- -Patch: 4420_grsecurity-3.1-4.0.5-201506171322.patch +Patch: 4420_grsecurity-3.1-4.0.6-201506232104.patch From: http://www.grsecurity.net Desc: hardened-sources base patch from upstream grsecurity diff --git a/4.0.5/4420_grsecurity-3.1-4.0.5-201506171322.patch b/4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch similarity index 99% rename from 4.0.5/4420_grsecurity-3.1-4.0.5-201506171322.patch rename to 4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch index 97c48de..91512cb 100644 --- a/4.0.5/4420_grsecurity-3.1-4.0.5-201506171322.patch +++ b/4.0.6/4420_grsecurity-3.1-4.0.6-201506232104.patch @@ -373,7 +373,7 @@ index 4d68ec8..9546b75 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 1880cf7..a141b1e 100644 +index af6da04..22820aa 100644 --- a/Makefile +++ b/Makefile @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -6660,7 +6660,7 @@ index 44a1f79..2bd6aa3 100644 void __init gt641xx_irq_init(void) diff --git a/arch/mips/kernel/irq.c b/arch/mips/kernel/irq.c -index d2bfbc2..a8eacd2 100644 +index be15e52..a089cc4 100644 --- a/arch/mips/kernel/irq.c +++ b/arch/mips/kernel/irq.c @@ -76,17 +76,17 @@ void ack_bad_irq(unsigned int irq) @@ -6684,18 +6684,16 @@ index d2bfbc2..a8eacd2 100644 } void __init init_IRQ(void) -@@ -109,7 +109,10 @@ void __init init_IRQ(void) - #endif +@@ -110,6 +110,8 @@ void __init init_IRQ(void) } + #ifdef CONFIG_DEBUG_STACKOVERFLOW + - #ifdef DEBUG_STACKOVERFLOW +extern void gr_handle_kernel_exploit(void); -+ static inline void check_stack_overflow(void) { unsigned long sp; -@@ -125,6 +128,7 @@ static inline void check_stack_overflow(void) +@@ -125,6 +127,7 @@ static inline void check_stack_overflow(void) printk("do_IRQ: stack overflow: %ld\n", sp - sizeof(struct thread_info)); dump_stack(); @@ -7186,7 +7184,7 @@ index 4ce7a01..449202a 100644 #endif /* __ASM_OPENRISC_CACHE_H */ diff --git a/arch/parisc/include/asm/atomic.h b/arch/parisc/include/asm/atomic.h -index 226f8ca..9d9b87d 100644 +index 226f8ca9..9d9b87d 100644 --- a/arch/parisc/include/asm/atomic.h +++ b/arch/parisc/include/asm/atomic.h @@ -273,6 +273,16 @@ static inline long atomic64_dec_if_positive(atomic64_t *v) @@ -18987,7 +18985,7 @@ index cad82c9..2e5c5c1 100644 #endif /* __KERNEL__ */ diff --git a/arch/x86/include/asm/segment.h b/arch/x86/include/asm/segment.h -index db257a5..b91bc77 100644 +index e657b7b..81fefb444 100644 --- a/arch/x86/include/asm/segment.h +++ b/arch/x86/include/asm/segment.h @@ -73,10 +73,15 @@ @@ -19073,7 +19071,7 @@ index db257a5..b91bc77 100644 #define __USER_DS (GDT_ENTRY_DEFAULT_USER_DS*8+3) #define __USER_CS (GDT_ENTRY_DEFAULT_USER_CS*8+3) #ifndef CONFIG_PARAVIRT -@@ -256,7 +275,7 @@ static inline unsigned long get_limit(unsigned long segment) +@@ -267,7 +286,7 @@ static inline unsigned long get_limit(unsigned long segment) { unsigned long __limit; asm("lsll %1,%0" : "=r" (__limit) : "r" (segment)); @@ -24301,7 +24299,7 @@ index 8b7b0a5..2395f29 100644 /* Make sure it is what we expect it to be */ diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c -index c4f8d46..2d63ae2 100644 +index b111ab5..3d419ea 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -68,12 +68,12 @@ again: @@ -24354,7 +24352,7 @@ index c4f8d46..2d63ae2 100644 init_level4_pgt[511] = early_level4_pgt[511]; diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S -index f36bd42..0ab4474 100644 +index 30a2aa3..d62e1dd 100644 --- a/arch/x86/kernel/head_32.S +++ b/arch/x86/kernel/head_32.S @@ -26,6 +26,12 @@ @@ -24564,7 +24562,7 @@ index f36bd42..0ab4474 100644 movl %eax,%gs xorl %eax,%eax # Clear LDT -@@ -512,8 +594,11 @@ setup_once: +@@ -513,8 +595,11 @@ setup_once: * relocation. Manually set base address in stack canary * segment descriptor. */ @@ -24577,7 +24575,7 @@ index f36bd42..0ab4474 100644 movw %cx, 8 * GDT_ENTRY_STACK_CANARY + 2(%eax) shrl $16, %ecx movb %cl, 8 * GDT_ENTRY_STACK_CANARY + 4(%eax) -@@ -548,7 +633,7 @@ ENTRY(early_idt_handler) +@@ -551,7 +636,7 @@ early_idt_handler_common: cmpl $2,(%esp) # X86_TRAP_NMI je is_nmi # Ignore NMI @@ -24586,7 +24584,7 @@ index f36bd42..0ab4474 100644 je hlt_loop incl %ss:early_recursion_flag -@@ -586,8 +671,8 @@ ENTRY(early_idt_handler) +@@ -589,8 +674,8 @@ early_idt_handler_common: pushl (20+6*4)(%esp) /* trapno */ pushl $fault_msg call printk @@ -24596,7 +24594,7 @@ index f36bd42..0ab4474 100644 hlt_loop: hlt jmp hlt_loop -@@ -607,8 +692,11 @@ ENDPROC(early_idt_handler) +@@ -610,8 +695,11 @@ ENDPROC(early_idt_handler_common) /* This is the default interrupt "handler" :-) */ ALIGN ignore_int: @@ -24609,7 +24607,7 @@ index f36bd42..0ab4474 100644 pushl %eax pushl %ecx pushl %edx -@@ -617,9 +705,6 @@ ignore_int: +@@ -620,9 +708,6 @@ ignore_int: movl $(__KERNEL_DS),%eax movl %eax,%ds movl %eax,%es @@ -24619,7 +24617,7 @@ index f36bd42..0ab4474 100644 pushl 16(%esp) pushl 24(%esp) pushl 32(%esp) -@@ -653,29 +738,34 @@ ENTRY(setup_once_ref) +@@ -656,29 +741,34 @@ ENTRY(setup_once_ref) /* * BSS section */ @@ -24659,7 +24657,7 @@ index f36bd42..0ab4474 100644 ENTRY(initial_page_table) .long pa(initial_pg_pmd+PGD_IDENT_ATTR),0 /* low identity map */ # if KPMDS == 3 -@@ -694,12 +784,20 @@ ENTRY(initial_page_table) +@@ -697,12 +787,20 @@ ENTRY(initial_page_table) # error "Kernel PMDs should be 1, 2 or 3" # endif .align PAGE_SIZE /* needs to be page-sized too */ @@ -24681,7 +24679,7 @@ index f36bd42..0ab4474 100644 __INITRODATA int_msg: -@@ -727,7 +825,7 @@ fault_msg: +@@ -730,7 +828,7 @@ fault_msg: * segment size, and 32-bit linear address value: */ @@ -24690,7 +24688,7 @@ index f36bd42..0ab4474 100644 .globl boot_gdt_descr .globl idt_descr -@@ -736,7 +834,7 @@ fault_msg: +@@ -739,7 +837,7 @@ fault_msg: .word 0 # 32 bit align gdt_desc.address boot_gdt_descr: .word __BOOT_DS+7 @@ -24699,7 +24697,7 @@ index f36bd42..0ab4474 100644 .word 0 # 32-bit align idt_desc.address idt_descr: -@@ -747,7 +845,7 @@ idt_descr: +@@ -750,7 +848,7 @@ idt_descr: .word 0 # 32 bit align gdt_desc.address ENTRY(early_gdt_descr) .word GDT_ENTRIES*8-1 @@ -24708,7 +24706,7 @@ index f36bd42..0ab4474 100644 /* * The boot_gdt must mirror the equivalent in setup.S and is -@@ -756,5 +854,65 @@ ENTRY(early_gdt_descr) +@@ -759,5 +857,65 @@ ENTRY(early_gdt_descr) .align L1_CACHE_BYTES ENTRY(boot_gdt) .fill GDT_ENTRY_BOOT_CS,8,0 @@ -24777,7 +24775,7 @@ index f36bd42..0ab4474 100644 + .fill PAGE_SIZE_asm - GDT_SIZE,1,0 + .endr diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S -index 6fd514d9..320367e 100644 +index f8a8406..ad6d014 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -20,6 +20,8 @@ @@ -24886,7 +24884,7 @@ index 6fd514d9..320367e 100644 .word 0 __FINITDATA -@@ -391,7 +427,7 @@ ENTRY(early_idt_handler) +@@ -393,7 +429,7 @@ early_idt_handler_common: call dump_stack #ifdef CONFIG_KALLSYMS leaq early_idt_ripmsg(%rip),%rdi @@ -24895,7 +24893,7 @@ index 6fd514d9..320367e 100644 call __print_symbol #endif #endif /* EARLY_PRINTK */ -@@ -420,6 +456,7 @@ ENDPROC(early_idt_handler) +@@ -422,6 +458,7 @@ ENDPROC(early_idt_handler_common) early_recursion_flag: .long 0 @@ -24903,7 +24901,7 @@ index 6fd514d9..320367e 100644 #ifdef CONFIG_EARLY_PRINTK early_idt_msg: .asciz "PANIC: early exception %02lx rip %lx:%lx error %lx cr2 %lx\n" -@@ -447,29 +484,52 @@ NEXT_PAGE(early_level4_pgt) +@@ -449,29 +486,52 @@ NEXT_PAGE(early_level4_pgt) NEXT_PAGE(early_dynamic_pgts) .fill 512*EARLY_DYNAMIC_PAGE_TABLES,8,0 @@ -24965,7 +24963,7 @@ index 6fd514d9..320367e 100644 NEXT_PAGE(level3_kernel_pgt) .fill L3_START_KERNEL,8,0 -@@ -477,6 +537,9 @@ NEXT_PAGE(level3_kernel_pgt) +@@ -479,6 +539,9 @@ NEXT_PAGE(level3_kernel_pgt) .quad level2_kernel_pgt - __START_KERNEL_map + _KERNPG_TABLE .quad level2_fixmap_pgt - __START_KERNEL_map + _PAGE_TABLE @@ -24975,7 +24973,7 @@ index 6fd514d9..320367e 100644 NEXT_PAGE(level2_kernel_pgt) /* * 512 MB kernel mapping. We spend a full page on this pagetable -@@ -492,23 +555,61 @@ NEXT_PAGE(level2_kernel_pgt) +@@ -494,23 +557,61 @@ NEXT_PAGE(level2_kernel_pgt) KERNEL_IMAGE_SIZE/PMD_SIZE) NEXT_PAGE(level2_fixmap_pgt) @@ -25043,7 +25041,7 @@ index 6fd514d9..320367e 100644 ENTRY(phys_base) /* This must match the first entry in level2_kernel_pgt */ -@@ -532,8 +633,8 @@ NEXT_PAGE(kasan_zero_pud) +@@ -534,8 +635,8 @@ NEXT_PAGE(kasan_zero_pud) #include "../../x86/xen/xen-head.S" @@ -28723,7 +28721,7 @@ index 106c015..2db7161 100644 0, 0, 0, /* CR3 checked later */ CR4_RESERVED_BITS, diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index 4ee827d..a14eff9 100644 +index 4ee827d..83c8e31 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -56,7 +56,7 @@ @@ -28735,6 +28733,85 @@ index 4ee827d..a14eff9 100644 #define APIC_LVT_NUM 6 /* 14 is the version for Xeon and Pentium 8.4.8*/ +@@ -1064,6 +1064,17 @@ static void update_divide_count(struct kvm_lapic *apic) + apic->divide_count); + } + ++static void apic_update_lvtt(struct kvm_lapic *apic) ++{ ++ u32 timer_mode = kvm_apic_get_reg(apic, APIC_LVTT) & ++ apic->lapic_timer.timer_mode_mask; ++ ++ if (apic->lapic_timer.timer_mode != timer_mode) { ++ apic->lapic_timer.timer_mode = timer_mode; ++ hrtimer_cancel(&apic->lapic_timer.timer); ++ } ++} ++ + static void apic_timer_expired(struct kvm_lapic *apic) + { + struct kvm_vcpu *vcpu = apic->vcpu; +@@ -1272,6 +1283,7 @@ static int apic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val) + apic_set_reg(apic, APIC_LVTT + 0x10 * i, + lvt_val | APIC_LVT_MASKED); + } ++ apic_update_lvtt(apic); + atomic_set(&apic->lapic_timer.pending, 0); + + } +@@ -1304,20 +1316,13 @@ static int apic_reg_write(struct kvm_lapic *apic, u32 reg, u32 val) + + break; + +- case APIC_LVTT: { +- u32 timer_mode = val & apic->lapic_timer.timer_mode_mask; +- +- if (apic->lapic_timer.timer_mode != timer_mode) { +- apic->lapic_timer.timer_mode = timer_mode; +- hrtimer_cancel(&apic->lapic_timer.timer); +- } +- ++ case APIC_LVTT: + if (!kvm_apic_sw_enabled(apic)) + val |= APIC_LVT_MASKED; + val &= (apic_lvt_mask[0] | apic->lapic_timer.timer_mode_mask); + apic_set_reg(apic, APIC_LVTT, val); ++ apic_update_lvtt(apic); + break; +- } + + case APIC_TMICT: + if (apic_lvtt_tscdeadline(apic)) +@@ -1552,7 +1557,7 @@ void kvm_lapic_reset(struct kvm_vcpu *vcpu) + + for (i = 0; i < APIC_LVT_NUM; i++) + apic_set_reg(apic, APIC_LVTT + 0x10 * i, APIC_LVT_MASKED); +- apic->lapic_timer.timer_mode = 0; ++ apic_update_lvtt(apic); + apic_set_reg(apic, APIC_LVT0, + SET_APIC_DELIVERY_MODE(0, APIC_MODE_EXTINT)); + +@@ -1778,6 +1783,7 @@ void kvm_apic_post_state_restore(struct kvm_vcpu *vcpu, + + apic_update_ppr(apic); + hrtimer_cancel(&apic->lapic_timer.timer); ++ apic_update_lvtt(apic); + update_divide_count(apic); + start_apic_timer(apic); + apic->irr_pending = true; +diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h +index 0bc6c65..ca4f92d 100644 +--- a/arch/x86/kvm/lapic.h ++++ b/arch/x86/kvm/lapic.h +@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct kvm_apic_map *map, u32 ldr) + + static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu) + { +- return vcpu->arch.apic->pending_events; ++ return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events; + } + + bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector); diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h index 6e6d115..43fecbf 100644 --- a/arch/x86/kvm/paging_tmpl.h @@ -34270,7 +34347,7 @@ index 6440221..f84b5c7 100644 + pax_force_retaddr ret diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c -index 9875143..36776ae 100644 +index ddeff48..877ead6 100644 --- a/arch/x86/net/bpf_jit_comp.c +++ b/arch/x86/net/bpf_jit_comp.c @@ -13,7 +13,11 @@ @@ -34295,49 +34372,7 @@ index 9875143..36776ae 100644 } struct jit_context { -@@ -559,6 +565,13 @@ static int do_jit(struct bpf_prog *bpf_prog, int *addrs, u8 *image, - if (is_ereg(dst_reg)) - EMIT1(0x41); - EMIT3(0xC1, add_1reg(0xC8, dst_reg), 8); -+ -+ /* emit 'movzwl eax, ax' */ -+ if (is_ereg(dst_reg)) -+ EMIT3(0x45, 0x0F, 0xB7); -+ else -+ EMIT2(0x0F, 0xB7); -+ EMIT1(add_2reg(0xC0, dst_reg, dst_reg)); - break; - case 32: - /* emit 'bswap eax' to swap lower 4 bytes */ -@@ -577,6 +590,27 @@ static int do_jit(struct bpf_prog *bpf_prog, int *addrs, u8 *image, - break; - - case BPF_ALU | BPF_END | BPF_FROM_LE: -+ switch (imm32) { -+ case 16: -+ /* emit 'movzwl eax, ax' to zero extend 16-bit -+ * into 64 bit -+ */ -+ if (is_ereg(dst_reg)) -+ EMIT3(0x45, 0x0F, 0xB7); -+ else -+ EMIT2(0x0F, 0xB7); -+ EMIT1(add_2reg(0xC0, dst_reg, dst_reg)); -+ break; -+ case 32: -+ /* emit 'mov eax, eax' to clear upper 32-bits */ -+ if (is_ereg(dst_reg)) -+ EMIT1(0x45); -+ EMIT2(0x89, add_2reg(0xC0, dst_reg, dst_reg)); -+ break; -+ case 64: -+ /* nop */ -+ break; -+ } - break; - - /* ST: *(u8*)(dst_reg + off) = imm */ -@@ -896,7 +930,9 @@ common_load: +@@ -924,7 +930,9 @@ common_load: pr_err("bpf_jit_compile fatal error\n"); return -EFAULT; } @@ -34347,7 +34382,7 @@ index 9875143..36776ae 100644 } proglen += ilen; addrs[i] = proglen; -@@ -968,7 +1004,6 @@ void bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1001,7 +1009,6 @@ void bpf_int_jit_compile(struct bpf_prog *prog) if (image) { bpf_flush_icache(header, image + proglen); @@ -34355,7 +34390,7 @@ index 9875143..36776ae 100644 prog->bpf_func = (void *)image; prog->jited = true; } -@@ -981,12 +1016,8 @@ void bpf_jit_free(struct bpf_prog *fp) +@@ -1014,12 +1021,8 @@ void bpf_jit_free(struct bpf_prog *fp) unsigned long addr = (unsigned long)fp->bpf_func & PAGE_MASK; struct bpf_binary_header *header = (void *)addr; @@ -35633,7 +35668,7 @@ index 80ffa5b..a33bd15 100644 return 0; diff --git a/arch/x86/vdso/Makefile b/arch/x86/vdso/Makefile -index 7b9be98..39bb57f 100644 +index 8533c96..ff98c52 100644 --- a/arch/x86/vdso/Makefile +++ b/arch/x86/vdso/Makefile @@ -175,7 +175,7 @@ quiet_cmd_vdso = VDSO $@ @@ -36263,7 +36298,7 @@ index f678c73..f35aa18 100644 err = -EFAULT; goto out; diff --git a/block/genhd.c b/block/genhd.c -index 0a536dc..b8f7aca 100644 +index ea982ea..86e0f9e 100644 --- a/block/genhd.c +++ b/block/genhd.c @@ -469,21 +469,24 @@ static char *bdevt_str(dev_t devt, char *buf) @@ -40163,6 +40198,32 @@ index 832a2c3..1794080 100644 .attrs = cpuidle_default_attrs, .name = "cpuidle", }; +diff --git a/drivers/crypto/caam/caamhash.c b/drivers/crypto/caam/caamhash.c +index f347ab7..08b0da2 100644 +--- a/drivers/crypto/caam/caamhash.c ++++ b/drivers/crypto/caam/caamhash.c +@@ -1543,6 +1543,8 @@ static int ahash_init(struct ahash_request *req) + + state->current_buf = 0; + state->buf_dma = 0; ++ state->buflen_0 = 0; ++ state->buflen_1 = 0; + + return 0; + } +diff --git a/drivers/crypto/caam/caamrng.c b/drivers/crypto/caam/caamrng.c +index ae31e55..a48dc25 100644 +--- a/drivers/crypto/caam/caamrng.c ++++ b/drivers/crypto/caam/caamrng.c +@@ -56,7 +56,7 @@ + + /* Buffer, its dma address and lock */ + struct buf_data { +- u8 buf[RN_BUF_SIZE]; ++ u8 buf[RN_BUF_SIZE] ____cacheline_aligned; + dma_addr_t addr; + struct completion filled; + u32 hw_desc[DESC_JOB_O_LEN]; diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index 8d2a772..33826c9 100644 --- a/drivers/crypto/hifn_795x.c @@ -41973,7 +42034,7 @@ index b928c17..e5d9400 100644 if (regcomp (&mask_rex, "(0x[0-9a-fA-F]*) *([_a-zA-Z0-9]*)", REG_EXTENDED)) { diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c -index bd7519f..e1c2cd95 100644 +index aa232fd..7e5f6e1 100644 --- a/drivers/gpu/drm/radeon/radeon_device.c +++ b/drivers/gpu/drm/radeon/radeon_device.c @@ -1247,7 +1247,7 @@ static bool radeon_switcheroo_can_switch(struct pci_dev *pdev) @@ -45671,7 +45732,7 @@ index 9b4e30a..83c927d 100644 void dm_uevent_add(struct mapped_device *md, struct list_head *elist) diff --git a/drivers/md/md.c b/drivers/md/md.c -index 907534b..8b3554e 100644 +index b7bf8ee..ee17152 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -191,10 +191,10 @@ EXPORT_SYMBOL_GPL(bio_clone_mddev); @@ -45743,7 +45804,7 @@ index 907534b..8b3554e 100644 INIT_LIST_HEAD(&rdev->same_set); init_waitqueue_head(&rdev->blocked_wait); -@@ -7085,7 +7085,7 @@ static int md_seq_show(struct seq_file *seq, void *v) +@@ -7086,7 +7086,7 @@ static int md_seq_show(struct seq_file *seq, void *v) spin_unlock(&pers_lock); seq_printf(seq, "\n"); @@ -45752,7 +45813,7 @@ index 907534b..8b3554e 100644 return 0; } if (v == (void*)2) { -@@ -7188,7 +7188,7 @@ static int md_seq_open(struct inode *inode, struct file *file) +@@ -7189,7 +7189,7 @@ static int md_seq_open(struct inode *inode, struct file *file) return error; seq = file->private_data; @@ -45761,7 +45822,7 @@ index 907534b..8b3554e 100644 return error; } -@@ -7205,7 +7205,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) +@@ -7206,7 +7206,7 @@ static unsigned int mdstat_poll(struct file *filp, poll_table *wait) /* always allow read */ mask = POLLIN | POLLRDNORM; @@ -45770,7 +45831,7 @@ index 907534b..8b3554e 100644 mask |= POLLERR | POLLPRI; return mask; } -@@ -7252,7 +7252,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) +@@ -7253,7 +7253,7 @@ static int is_mddev_idle(struct mddev *mddev, int init) struct gendisk *disk = rdev->bdev->bd_contains->bd_disk; curr_events = (int)part_stat_read(&disk->part0, sectors[0]) + (int)part_stat_read(&disk->part0, sectors[1]) - @@ -49007,7 +49068,7 @@ index badff18..e15c4ec 100644 break; } diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c -index e6b790f..051ba2d 100644 +index 893753f..3b5d790 100644 --- a/drivers/net/ethernet/emulex/benet/be_main.c +++ b/drivers/net/ethernet/emulex/benet/be_main.c @@ -536,7 +536,7 @@ static void accumulate_16bit_val(u32 *acc, u16 val) @@ -54305,7 +54366,7 @@ index bce16e4..1120a85 100644 dlci->modem_rx = 0; diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index cc57a3a..b39622b 100644 +index eee40b5..796fb03 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -116,7 +116,7 @@ struct n_tty_data { @@ -54317,7 +54378,7 @@ index cc57a3a..b39622b 100644 size_t line_start; /* protected by output lock */ -@@ -2561,6 +2561,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -2572,6 +2572,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -66081,10 +66142,10 @@ index 8a1d38e..300a14e 100644 &data); if (!inode) { diff --git a/fs/aio.c b/fs/aio.c -index a793f70..46f45af 100644 +index a1736e9..c80a8ac 100644 --- a/fs/aio.c +++ b/fs/aio.c -@@ -404,7 +404,7 @@ static int aio_setup_ring(struct kioctx *ctx) +@@ -409,7 +409,7 @@ static int aio_setup_ring(struct kioctx *ctx) size += sizeof(struct io_event) * nr_events; nr_pages = PFN_UP(size); @@ -67264,7 +67325,7 @@ index f70119f..ab5894d 100644 spin_lock_init(&delayed_root->lock); init_waitqueue_head(&delayed_root->wait); diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c -index 05fef19..f3774b8 100644 +index e477ed6..480c0db 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -271,7 +271,7 @@ void __btrfs_abort_transaction(struct btrfs_trans_handle *trans, @@ -94712,7 +94773,7 @@ index 0f712c0..cd762c4 100644 return; } diff --git a/include/net/inet_connection_sock.h b/include/net/inet_connection_sock.h -index 5976bde..3a81660 100644 +index 9fe865c..43735aa 100644 --- a/include/net/inet_connection_sock.h +++ b/include/net/inet_connection_sock.h @@ -63,7 +63,7 @@ struct inet_connection_sock_af_ops { @@ -101387,7 +101448,7 @@ index f4da2cb..e44587b 100644 #else static void register_sched_domain_sysctl(void) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c -index 241213b..6a64c91 100644 +index 486d00c..62f3f6e 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c @@ -2092,7 +2092,7 @@ void task_numa_fault(int last_cpupid, int mem_node, int pages, int flags) @@ -102956,6 +103017,39 @@ index a9c10a3..1864f6b 100644 static void __add_event_to_tracers(struct ftrace_event_call *call); /* Add an additional event_call dynamically */ +diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c +index ced69da..7f2e97c 100644 +--- a/kernel/trace/trace_events_filter.c ++++ b/kernel/trace/trace_events_filter.c +@@ -1369,19 +1369,26 @@ static int check_preds(struct filter_parse_state *ps) + { + int n_normal_preds = 0, n_logical_preds = 0; + struct postfix_elt *elt; ++ int cnt = 0; + + list_for_each_entry(elt, &ps->postfix, list) { +- if (elt->op == OP_NONE) ++ if (elt->op == OP_NONE) { ++ cnt++; + continue; ++ } + + if (elt->op == OP_AND || elt->op == OP_OR) { + n_logical_preds++; ++ cnt--; + continue; + } ++ if (elt->op != OP_NOT) ++ cnt--; + n_normal_preds++; ++ WARN_ON_ONCE(cnt < 0); + } + +- if (!n_normal_preds || n_logical_preds >= n_normal_preds) { ++ if (cnt != 1 || !n_normal_preds || n_logical_preds >= n_normal_preds) { + parse_error(ps, FILT_ERR_INVALID_FILTER, 0); + return -EINVAL; + } diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index b6fce36..d9f11a3 100644 --- a/kernel/trace/trace_functions_graph.c @@ -103826,6 +103920,28 @@ index ecb9a66..a044fc5 100644 retval = 1; } spin_unlock(&lockref->lock); +diff --git a/lib/mpi/longlong.h b/lib/mpi/longlong.h +index aac5114..a89d041 100644 +--- a/lib/mpi/longlong.h ++++ b/lib/mpi/longlong.h +@@ -639,7 +639,7 @@ do { \ + ************** MIPS ***************** + ***************************************/ + #if defined(__mips__) && W_TYPE_SIZE == 32 +-#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 ++#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) + #define umul_ppmm(w1, w0, u, v) \ + do { \ + UDItype __ll = (UDItype)(u) * (v); \ +@@ -671,7 +671,7 @@ do { \ + ************** MIPS/64 ************** + ***************************************/ + #if (defined(__mips) && __mips >= 3) && W_TYPE_SIZE == 64 +-#if __GNUC__ >= 4 && __GNUC_MINOR__ >= 4 ++#if (__GNUC__ >= 5) || (__GNUC__ >= 4 && __GNUC_MINOR__ >= 4) + #define umul_ppmm(w1, w0, u, v) \ + do { \ + typedef unsigned int __ll_UTItype __attribute__((mode(TI))); \ diff --git a/lib/nlattr.c b/lib/nlattr.c index f5907d2..36072be 100644 --- a/lib/nlattr.c @@ -104173,7 +104289,7 @@ index 957d3da..1d34e20 100644 depends on !KMEMCHECK select PAGE_EXTENSION diff --git a/mm/backing-dev.c b/mm/backing-dev.c -index 6dc4580..e031ec1 100644 +index 000e7b3..aad2605 100644 --- a/mm/backing-dev.c +++ b/mm/backing-dev.c @@ -12,7 +12,7 @@ @@ -104185,7 +104301,7 @@ index 6dc4580..e031ec1 100644 struct backing_dev_info noop_backing_dev_info = { .name = "noop", -@@ -474,7 +474,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name) +@@ -458,7 +458,7 @@ int bdi_setup_and_register(struct backing_dev_info *bdi, char *name) return err; err = bdi_register(bdi, NULL, "%.28s-%ld", name, @@ -107141,7 +107257,7 @@ index 2dc44b1..caa1819 100644 out: if (ret & ~PAGE_MASK) diff --git a/mm/nommu.c b/mm/nommu.c -index 3fba2dc..fdad748 100644 +index 3fba2dc9..fdad748 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -72,7 +72,6 @@ int sysctl_max_map_count = DEFAULT_MAX_MAP_COUNT; @@ -110160,7 +110276,7 @@ index df493d6..1145766 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 22a53ac..1d19af7 100644 +index e977e15..74b19b0 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1681,14 +1681,14 @@ int __dev_forward_skb(struct net_device *dev, struct sk_buff *skb) @@ -110322,10 +110438,51 @@ index 1033725..340f65d 100644 fle->object = flo; else diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 70fe9e1..926784c 100644 +index 70fe9e1..c55e69d 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c -@@ -2806,7 +2806,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, +@@ -971,6 +971,8 @@ int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb) + rc = 0; + if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE)) + goto out_unlock_bh; ++ if (neigh->dead) ++ goto out_dead; + + if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) { + if (NEIGH_VAR(neigh->parms, MCAST_PROBES) + +@@ -1027,6 +1029,13 @@ out_unlock_bh: + write_unlock(&neigh->lock); + local_bh_enable(); + return rc; ++ ++out_dead: ++ if (neigh->nud_state & NUD_STALE) ++ goto out_unlock_bh; ++ write_unlock_bh(&neigh->lock); ++ kfree_skb(skb); ++ return 1; + } + EXPORT_SYMBOL(__neigh_event_send); + +@@ -1090,6 +1099,8 @@ int neigh_update(struct neighbour *neigh, const u8 *lladdr, u8 new, + if (!(flags & NEIGH_UPDATE_F_ADMIN) && + (old & (NUD_NOARP | NUD_PERMANENT))) + goto out; ++ if (neigh->dead) ++ goto out; + + if (!(new & NUD_VALID)) { + neigh_del_timer(neigh); +@@ -1239,6 +1250,8 @@ EXPORT_SYMBOL(neigh_update); + */ + void __neigh_set_probe_once(struct neighbour *neigh) + { ++ if (neigh->dead) ++ return; + neigh->updated = jiffies; + if (!(neigh->nud_state & NUD_FAILED)) + return; +@@ -2806,7 +2819,7 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { int size, ret; @@ -110334,7 +110491,7 @@ index 70fe9e1..926784c 100644 tmp.extra1 = &zero; tmp.extra2 = &unres_qlen_max; -@@ -2868,7 +2868,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, +@@ -2868,7 +2881,7 @@ static int neigh_proc_dointvec_zero_intmax(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) { @@ -110483,7 +110640,7 @@ index 508155b..fad080f 100644 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR); return -ENODEV; diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c -index 7ebed55..378bf34 100644 +index a2b90e1..7882f75 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -61,7 +61,7 @@ struct rtnl_link { @@ -111639,7 +111796,7 @@ index f027a70..2e64edc 100644 static int raw_seq_show(struct seq_file *seq, void *v) diff --git a/net/ipv4/route.c b/net/ipv4/route.c -index 20fc020..3ba426f 100644 +index e262a08..d1fc3be 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -228,7 +228,7 @@ static const struct seq_operations rt_cache_seq_ops = { @@ -111692,7 +111849,7 @@ index 20fc020..3ba426f 100644 } EXPORT_SYMBOL(ip_idents_reserve); -@@ -2639,34 +2639,34 @@ static struct ctl_table ipv4_route_flush_table[] = { +@@ -2643,34 +2643,34 @@ static struct ctl_table ipv4_route_flush_table[] = { .maxlen = sizeof(int), .mode = 0200, .proc_handler = ipv4_sysctl_rtcache_flush, @@ -111735,7 +111892,7 @@ index 20fc020..3ba426f 100644 err_dup: return -ENOMEM; } -@@ -2689,8 +2689,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { +@@ -2693,8 +2693,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = { static __net_init int rt_genid_init(struct net *net) { @@ -111746,7 +111903,7 @@ index 20fc020..3ba426f 100644 get_random_bytes(&net->ipv4.dev_addr_genid, sizeof(net->ipv4.dev_addr_genid)); return 0; -@@ -2734,11 +2734,7 @@ int __init ip_rt_init(void) +@@ -2738,11 +2738,7 @@ int __init ip_rt_init(void) int rc = 0; int cpu; @@ -111977,7 +112134,7 @@ index f1756ee..8908cb0 100644 } diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c -index dd11ac7..c0872da 100644 +index 50277af..defe393 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -27,6 +27,10 @@ @@ -111991,7 +112148,7 @@ index dd11ac7..c0872da 100644 int sysctl_tcp_syncookies __read_mostly = 1; EXPORT_SYMBOL(sysctl_tcp_syncookies); -@@ -785,7 +789,10 @@ embryonic_reset: +@@ -788,7 +792,10 @@ embryonic_reset: * avoid becoming vulnerable to outside attack aiming at * resetting legit local connections. */ @@ -112046,7 +112203,7 @@ index 0732b78..a82bdc6 100644 syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) { /* Has it gone just too far? */ diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c -index 97ef1f8b..abeb965 100644 +index 51f1745..4bc0427 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -87,6 +87,7 @@ @@ -112057,7 +112214,7 @@ index 97ef1f8b..abeb965 100644 #include <linux/socket.h> #include <linux/sockios.h> #include <linux/igmp.h> -@@ -114,6 +115,10 @@ +@@ -115,6 +116,10 @@ #include <net/busy_poll.h> #include "udp_impl.h" @@ -112068,7 +112225,7 @@ index 97ef1f8b..abeb965 100644 struct udp_table udp_table __read_mostly; EXPORT_SYMBOL(udp_table); -@@ -608,6 +613,9 @@ static inline bool __udp_is_mcast_sock(struct net *net, struct sock *sk, +@@ -609,6 +614,9 @@ static inline bool __udp_is_mcast_sock(struct net *net, struct sock *sk, return true; } @@ -112078,7 +112235,7 @@ index 97ef1f8b..abeb965 100644 /* * This routine is called by the ICMP module when it gets some * sort of error condition. If err < 0 then the socket should -@@ -945,9 +953,18 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, +@@ -946,9 +954,18 @@ int udp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, dport = usin->sin_port; if (dport == 0) return -EINVAL; @@ -112097,7 +112254,7 @@ index 97ef1f8b..abeb965 100644 daddr = inet->inet_daddr; dport = inet->inet_dport; /* Open fast path for connected socket. -@@ -1195,7 +1212,7 @@ static unsigned int first_packet_length(struct sock *sk) +@@ -1196,7 +1213,7 @@ static unsigned int first_packet_length(struct sock *sk) IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, IS_UDPLITE(sk)); @@ -112106,7 +112263,7 @@ index 97ef1f8b..abeb965 100644 __skb_unlink(skb, rcvq); __skb_queue_tail(&list_kill, skb); } -@@ -1275,6 +1292,10 @@ try_again: +@@ -1276,6 +1293,10 @@ try_again: if (!skb) goto out; @@ -112117,7 +112274,7 @@ index 97ef1f8b..abeb965 100644 ulen = skb->len - sizeof(struct udphdr); copied = len; if (copied > ulen) -@@ -1307,7 +1328,7 @@ try_again: +@@ -1308,7 +1329,7 @@ try_again: if (unlikely(err)) { trace_kfree_skb(skb, udp_recvmsg); if (!peeked) { @@ -112126,20 +112283,7 @@ index 97ef1f8b..abeb965 100644 UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, is_udplite); } -@@ -1348,10 +1369,8 @@ csum_copy_err: - } - unlock_sock_fast(sk, slow); - -- if (noblock) -- return -EAGAIN; -- -- /* starting over for a new packet */ -+ /* starting over for a new packet, but check if we need to yield */ -+ cond_resched(); - msg->msg_flags &= ~MSG_TRUNC; - goto try_again; - } -@@ -1605,7 +1624,7 @@ csum_error: +@@ -1604,7 +1625,7 @@ csum_error: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -112148,7 +112292,7 @@ index 97ef1f8b..abeb965 100644 kfree_skb(skb); return -1; } -@@ -1624,7 +1643,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -1623,7 +1644,7 @@ static void flush_stack(struct sock **stack, unsigned int count, skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -112157,7 +112301,7 @@ index 97ef1f8b..abeb965 100644 UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -1830,6 +1849,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -1829,6 +1850,9 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -112167,7 +112311,7 @@ index 97ef1f8b..abeb965 100644 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0); /* -@@ -2416,7 +2438,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, +@@ -2426,7 +2450,7 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 0, sock_i_ino(sp), atomic_read(&sp->sk_refcnt), sp, @@ -112849,7 +112993,7 @@ index c5c10fa..2577d51 100644 struct ctl_table *ipv6_icmp_table; int err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c -index 1f5e622..8387d90 100644 +index 5ca3bc8..8c53c81 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -104,6 +104,10 @@ static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb) @@ -112908,7 +113052,7 @@ index 1f5e622..8387d90 100644 } diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c -index d048d46..cacb4d2 100644 +index 1c9512a..786b8d6 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -76,6 +76,10 @@ static unsigned int udp6_ehashfn(struct net *net, @@ -112931,20 +113075,7 @@ index d048d46..cacb4d2 100644 if (is_udp4) UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, -@@ -528,10 +532,8 @@ csum_copy_err: - } - unlock_sock_fast(sk, slow); - -- if (noblock) -- return -EAGAIN; -- -- /* starting over for a new packet */ -+ /* starting over for a new packet, but check if we need to yield */ -+ cond_resched(); - msg->msg_flags &= ~MSG_TRUNC; - goto try_again; - } -@@ -714,7 +716,7 @@ csum_error: +@@ -712,7 +716,7 @@ csum_error: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); drop: UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); @@ -112953,7 +113084,7 @@ index d048d46..cacb4d2 100644 kfree_skb(skb); return -1; } -@@ -753,7 +755,7 @@ static void flush_stack(struct sock **stack, unsigned int count, +@@ -753,7 +757,7 @@ static void flush_stack(struct sock **stack, unsigned int count, if (likely(skb1 == NULL)) skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); if (!skb1) { @@ -112962,7 +113093,7 @@ index d048d46..cacb4d2 100644 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, IS_UDPLITE(sk)); UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, -@@ -937,6 +939,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, +@@ -937,6 +941,9 @@ int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, goto csum_error; UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); @@ -114083,7 +114214,7 @@ index 11de55e..f25e448 100644 return 0; } diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c -index d1d7a81..b45b03d 100644 +index 0e9c28d..d99773f 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -260,7 +260,7 @@ static void netlink_overrun(struct sock *sk) @@ -114095,7 +114226,7 @@ index d1d7a81..b45b03d 100644 } static void netlink_rcv_wake(struct sock *sk) -@@ -3002,7 +3002,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) +@@ -3005,7 +3005,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v) sk_wmem_alloc_get(s), nlk->cb_running, atomic_read(&s->sk_refcnt), @@ -114180,7 +114311,7 @@ index bc85331..0d3dce0 100644 /** * struct vport_portids - array of netlink portids of a vport. diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c -index f8db706..2b4631e 100644 +index f8db706..0e29f8f 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -269,7 +269,7 @@ static int packet_direct_xmit(struct sk_buff *skb) @@ -114192,7 +114323,40 @@ index f8db706..2b4631e 100644 kfree_skb(skb); return NET_XMIT_DROP; } -@@ -1847,7 +1847,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1266,16 +1266,6 @@ static void packet_sock_destruct(struct sock *sk) + sk_refcnt_debug_dec(sk); + } + +-static int fanout_rr_next(struct packet_fanout *f, unsigned int num) +-{ +- int x = atomic_read(&f->rr_cur) + 1; +- +- if (x >= num) +- x = 0; +- +- return x; +-} +- + static unsigned int fanout_demux_hash(struct packet_fanout *f, + struct sk_buff *skb, + unsigned int num) +@@ -1287,13 +1277,9 @@ static unsigned int fanout_demux_lb(struct packet_fanout *f, + struct sk_buff *skb, + unsigned int num) + { +- int cur, old; ++ unsigned int val = atomic_inc_return(&f->rr_cur); + +- cur = atomic_read(&f->rr_cur); +- while ((old = atomic_cmpxchg(&f->rr_cur, cur, +- fanout_rr_next(f, num))) != cur) +- cur = old; +- return cur; ++ return val % num; + } + + static unsigned int fanout_demux_cpu(struct packet_fanout *f, +@@ -1847,7 +1833,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_packets++; @@ -114201,7 +114365,7 @@ index f8db706..2b4631e 100644 __skb_queue_tail(&sk->sk_receive_queue, skb); spin_unlock(&sk->sk_receive_queue.lock); sk->sk_data_ready(sk); -@@ -1856,7 +1856,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, +@@ -1856,7 +1842,7 @@ static int packet_rcv(struct sk_buff *skb, struct net_device *dev, drop_n_acct: spin_lock(&sk->sk_receive_queue.lock); po->stats.stats1.tp_drops++; @@ -114210,7 +114374,7 @@ index f8db706..2b4631e 100644 spin_unlock(&sk->sk_receive_queue.lock); drop_n_restore: -@@ -3499,7 +3499,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3499,7 +3485,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, case PACKET_HDRLEN: if (len > sizeof(int)) len = sizeof(int); @@ -114219,7 +114383,7 @@ index f8db706..2b4631e 100644 return -EFAULT; switch (val) { case TPACKET_V1: -@@ -3545,7 +3545,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, +@@ -3545,7 +3531,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname, len = lv; if (put_user(len, optlen)) return -EFAULT; @@ -115710,7 +115874,7 @@ index 72c339e..a93593a 100644 sub->evt.event = htohl(event, sub->swap); sub->evt.found_lower = htohl(found_lower, sub->swap); diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c -index 526b6ed..ec20275 100644 +index 146881f..9441ed2 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -791,6 +791,12 @@ static struct sock *unix_find_other(struct net *net, @@ -115759,7 +115923,7 @@ index 526b6ed..ec20275 100644 done_path_create(&path, dentry); return err; } -@@ -2233,11 +2252,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, +@@ -2241,11 +2260,14 @@ static unsigned int unix_dgram_poll(struct file *file, struct socket *sock, writable = unix_writable(sk); other = unix_peer_get(sk); if (other) { @@ -115776,7 +115940,7 @@ index 526b6ed..ec20275 100644 sock_put(other); } -@@ -2334,9 +2356,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2342,9 +2364,13 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_puts(seq, "Num RefCount Protocol Flags Type St " "Inode Path\n"); else { @@ -115791,7 +115955,7 @@ index 526b6ed..ec20275 100644 seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu", s, -@@ -2361,10 +2387,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) +@@ -2369,10 +2395,29 @@ static int unix_seq_show(struct seq_file *seq, void *v) seq_putc(seq, '@'); i++; } @@ -126174,10 +126338,10 @@ index 0000000..b8e7188 +} diff --git a/tools/gcc/size_overflow_plugin/size_overflow_hash.data b/tools/gcc/size_overflow_plugin/size_overflow_hash.data new file mode 100644 -index 0000000..19e2901 +index 0000000..89e8e68 --- /dev/null +++ b/tools/gcc/size_overflow_plugin/size_overflow_hash.data -@@ -0,0 +1,27981 @@ +@@ -0,0 +1,27982 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL nohasharray +iwl_set_tx_power_1 iwl_set_tx_power 0 1 &intel_fake_agp_alloc_by_type_1 +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL @@ -141936,7 +142100,8 @@ index 0000000..19e2901 +cyapa_gen5_bl_exit_36644 cyapa_gen5_bl_exit 0 36644 &ov2640_write_array_36644 +m66592_udc_start_36646 m66592_udc_start 0 36646 NULL +mem_cgroup_do_precharge_36647 mem_cgroup_do_precharge 0 36647 NULL -+lpfc_idiag_extacc_alloc_get_36648 lpfc_idiag_extacc_alloc_get 0-3 36648 NULL ++lpfc_idiag_extacc_alloc_get_36648 lpfc_idiag_extacc_alloc_get 0-3 36648 NULL nohasharray ++tty_copy_to_user_36648 tty_copy_to_user 4 36648 &lpfc_idiag_extacc_alloc_get_36648 +add_dev_support_show_36650 add_dev_support_show 0 36650 NULL +hfsplus_osx_listxattr_36654 hfsplus_osx_listxattr 0-5 36654 NULL nohasharray +interface_show_36654 interface_show 0 36654 &hfsplus_osx_listxattr_36654 diff --git a/3.14.44/4425_grsec_remove_EI_PAX.patch b/4.0.6/4425_grsec_remove_EI_PAX.patch similarity index 100% rename from 3.14.44/4425_grsec_remove_EI_PAX.patch rename to 4.0.6/4425_grsec_remove_EI_PAX.patch diff --git a/4.0.5/4427_force_XATTR_PAX_tmpfs.patch b/4.0.6/4427_force_XATTR_PAX_tmpfs.patch similarity index 100% rename from 4.0.5/4427_force_XATTR_PAX_tmpfs.patch rename to 4.0.6/4427_force_XATTR_PAX_tmpfs.patch diff --git a/3.14.44/4430_grsec-remove-localversion-grsec.patch b/4.0.6/4430_grsec-remove-localversion-grsec.patch similarity index 100% rename from 3.14.44/4430_grsec-remove-localversion-grsec.patch rename to 4.0.6/4430_grsec-remove-localversion-grsec.patch diff --git a/4.0.5/4435_grsec-mute-warnings.patch b/4.0.6/4435_grsec-mute-warnings.patch similarity index 100% rename from 4.0.5/4435_grsec-mute-warnings.patch rename to 4.0.6/4435_grsec-mute-warnings.patch diff --git a/3.14.44/4440_grsec-remove-protected-paths.patch b/4.0.6/4440_grsec-remove-protected-paths.patch similarity index 100% rename from 3.14.44/4440_grsec-remove-protected-paths.patch rename to 4.0.6/4440_grsec-remove-protected-paths.patch diff --git a/4.0.5/4450_grsec-kconfig-default-gids.patch b/4.0.6/4450_grsec-kconfig-default-gids.patch similarity index 100% rename from 4.0.5/4450_grsec-kconfig-default-gids.patch rename to 4.0.6/4450_grsec-kconfig-default-gids.patch diff --git a/4.0.5/4465_selinux-avc_audit-log-curr_ip.patch b/4.0.6/4465_selinux-avc_audit-log-curr_ip.patch similarity index 100% rename from 4.0.5/4465_selinux-avc_audit-log-curr_ip.patch rename to 4.0.6/4465_selinux-avc_audit-log-curr_ip.patch diff --git a/4.0.5/4470_disable-compat_vdso.patch b/4.0.6/4470_disable-compat_vdso.patch similarity index 100% rename from 4.0.5/4470_disable-compat_vdso.patch rename to 4.0.6/4470_disable-compat_vdso.patch diff --git a/3.14.44/4475_emutramp_default_on.patch b/4.0.6/4475_emutramp_default_on.patch similarity index 100% rename from 3.14.44/4475_emutramp_default_on.patch rename to 4.0.6/4475_emutramp_default_on.patch